net/ssl/ssl_private_key_test_util.cc - cobalt - Git at Google

 // Copyright 2016 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "net/ssl/ssl_private_key_test_util.h"

 #include <vector>

 #include "base/bind.h"
 #include "base/containers/span.h"
 #include "base/location.h"
 #include "base/run_loop.h"
 #include "crypto/openssl_util.h"
 #include "net/base/net_errors.h"
 #include "net/ssl/ssl_private_key.h"
 #include "net/test/gtest_util.h"
 #include "starboard/types.h"
 #include "testing/gtest/include/gtest/gtest.h"
 #include "third_party/boringssl/src/include/openssl/bytestring.h"
 #include "third_party/boringssl/src/include/openssl/digest.h"
 #include "third_party/boringssl/src/include/openssl/evp.h"
 #include "third_party/boringssl/src/include/openssl/rsa.h"
 #include "third_party/boringssl/src/include/openssl/ssl.h"

 using net::test::IsOk;

 namespace net {

 namespace {

 bool VerifyWithOpenSSL(uint16_t algorithm,
                        base::span<const uint8_t> input,
                        EVP_PKEY* key,
                        base::span<const uint8_t> signature) {
   bssl::ScopedEVP_MD_CTX ctx;
   EVP_PKEY_CTX* pctx;
   if (!EVP_DigestVerifyInit(ctx.get(), &pctx,
                             SSL_get_signature_algorithm_digest(algorithm),
                             nullptr, key)) {
     return false;
   }
   if (SSL_is_signature_algorithm_rsa_pss(algorithm)) {
     if (!EVP_PKEY_CTX_set_rsa_padding(pctx, RSA_PKCS1_PSS_PADDING) ||
         !EVP_PKEY_CTX_set_rsa_pss_saltlen(pctx, -1 /* hash length */)) {
       return false;
     }
   }
   return EVP_DigestVerify(ctx.get(), signature.data(), signature.size(),
                           input.data(), input.size());
 }

 void OnSignComplete(base::RunLoop* loop,
                     Error* out_error,
                     std::vector<uint8_t>* out_signature,
                     Error error,
                     const std::vector<uint8_t>& signature) {
   *out_error = error;
   *out_signature = signature;
   loop->Quit();
 }

 Error DoKeySigningWithWrapper(SSLPrivateKey* key,
                               uint16_t algorithm,
                               base::span<const uint8_t> input,
                               std::vector<uint8_t>* result) {
   Error error;
   base::RunLoop loop;
   key->Sign(algorithm, input,
             base::BindOnce(OnSignComplete, base::Unretained(&loop),
                            base::Unretained(&error), base::Unretained(result)));
   loop.Run();
   return error;
 }

 }  // namespace

 void TestSSLPrivateKeyMatches(SSLPrivateKey* key, const std::string& pkcs8) {
   crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);

   // Create the equivalent OpenSSL key.
   CBS cbs;
   CBS_init(&cbs, reinterpret_cast<const uint8_t*>(pkcs8.data()), pkcs8.size());
   bssl::UniquePtr<EVP_PKEY> openssl_key(EVP_parse_private_key(&cbs));
   ASSERT_TRUE(openssl_key);
   EXPECT_EQ(0u, CBS_len(&cbs));

   // Test all supported algorithms.
   std::vector<uint16_t> preferences = key->GetAlgorithmPreferences();

   // To support TLS 1.1 and earlier, RSA keys must implicitly support MD5-SHA1,
   // despite not being advertised.
   preferences.push_back(SSL_SIGN_RSA_PKCS1_MD5_SHA1);

   for (uint16_t algorithm : preferences) {
     SCOPED_TRACE(
         SSL_get_signature_algorithm_name(algorithm, 0 /* exclude curve */));
     // BoringSSL will skip signatures algorithms that don't match the key type.
     if (EVP_PKEY_id(openssl_key.get()) !=
         SSL_get_signature_algorithm_key_type(algorithm)) {
       continue;
     }
     // If the RSA key is too small for the hash, skip the algorithm. BoringSSL
     // will filter this algorithm out and decline using it. In particular,
     // 1024-bit RSA keys cannot sign RSA-PSS with SHA-512 and test keys are
     // often 1024 bits.
     if (SSL_is_signature_algorithm_rsa_pss(algorithm) &&
         static_cast<size_t>(EVP_PKEY_size(openssl_key.get())) <
             2 * EVP_MD_size(SSL_get_signature_algorithm_digest(algorithm)) +
                 2) {
       continue;
     }

     // Test the key generates valid signatures.
     std::vector<uint8_t> input(100, 'a');
     std::vector<uint8_t> signature;
 #ifdef STARBOARD
     base::span<const uint8_t> input_span(input.data(), input.size());
     base::span<const uint8_t> signature_span(signature.data(),
                                              signature.size());
     Error error =
         DoKeySigningWithWrapper(key, algorithm, input_span, &signature);
     EXPECT_THAT(error, IsOk());
     EXPECT_TRUE(VerifyWithOpenSSL(algorithm, input_span, openssl_key.get(),
                                   signature_span));
 #else
     Error error = DoKeySigningWithWrapper(key, algorithm, input, &signature);
     EXPECT_THAT(error, IsOk());
     EXPECT_TRUE(
         VerifyWithOpenSSL(algorithm, input, openssl_key.get(), signature));
 #endif
   }
 }

 }  // namespace net
	// Copyright 2016 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include "net/ssl/ssl_private_key_test_util.h"

	#include <vector>

	#include "base/bind.h"
	#include "base/containers/span.h"
	#include "base/location.h"
	#include "base/run_loop.h"
	#include "crypto/openssl_util.h"
	#include "net/base/net_errors.h"
	#include "net/ssl/ssl_private_key.h"
	#include "net/test/gtest_util.h"
	#include "starboard/types.h"
	#include "testing/gtest/include/gtest/gtest.h"
	#include "third_party/boringssl/src/include/openssl/bytestring.h"
	#include "third_party/boringssl/src/include/openssl/digest.h"
	#include "third_party/boringssl/src/include/openssl/evp.h"
	#include "third_party/boringssl/src/include/openssl/rsa.h"
	#include "third_party/boringssl/src/include/openssl/ssl.h"

	using net::test::IsOk;

	namespace net {

	namespace {

	bool VerifyWithOpenSSL(uint16_t algorithm,
	base::span<const uint8_t> input,
	EVP_PKEY* key,
	base::span<const uint8_t> signature) {
	bssl::ScopedEVP_MD_CTX ctx;
	EVP_PKEY_CTX* pctx;
	if (!EVP_DigestVerifyInit(ctx.get(), &pctx,
	SSL_get_signature_algorithm_digest(algorithm),
	nullptr, key)) {
	return false;
	}
	if (SSL_is_signature_algorithm_rsa_pss(algorithm)) {
	if (!EVP_PKEY_CTX_set_rsa_padding(pctx, RSA_PKCS1_PSS_PADDING) \|\|
	!EVP_PKEY_CTX_set_rsa_pss_saltlen(pctx, -1 /* hash length */)) {
	return false;
	}
	}
	return EVP_DigestVerify(ctx.get(), signature.data(), signature.size(),
	input.data(), input.size());
	}

	void OnSignComplete(base::RunLoop* loop,
	Error* out_error,
	std::vector<uint8_t>* out_signature,
	Error error,
	const std::vector<uint8_t>& signature) {
	*out_error = error;
	*out_signature = signature;
	loop->Quit();
	}

	Error DoKeySigningWithWrapper(SSLPrivateKey* key,
	uint16_t algorithm,
	base::span<const uint8_t> input,
	std::vector<uint8_t>* result) {
	Error error;
	base::RunLoop loop;
	key->Sign(algorithm, input,
	base::BindOnce(OnSignComplete, base::Unretained(&loop),
	base::Unretained(&error), base::Unretained(result)));
	loop.Run();
	return error;
	}

	} // namespace

	void TestSSLPrivateKeyMatches(SSLPrivateKey* key, const std::string& pkcs8) {
	crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);

	// Create the equivalent OpenSSL key.
	CBS cbs;
	CBS_init(&cbs, reinterpret_cast<const uint8_t*>(pkcs8.data()), pkcs8.size());
	bssl::UniquePtr<EVP_PKEY> openssl_key(EVP_parse_private_key(&cbs));
	ASSERT_TRUE(openssl_key);
	EXPECT_EQ(0u, CBS_len(&cbs));

	// Test all supported algorithms.
	std::vector<uint16_t> preferences = key->GetAlgorithmPreferences();

	// To support TLS 1.1 and earlier, RSA keys must implicitly support MD5-SHA1,
	// despite not being advertised.
	preferences.push_back(SSL_SIGN_RSA_PKCS1_MD5_SHA1);

	for (uint16_t algorithm : preferences) {
	SCOPED_TRACE(
	SSL_get_signature_algorithm_name(algorithm, 0 /* exclude curve */));
	// BoringSSL will skip signatures algorithms that don't match the key type.
	if (EVP_PKEY_id(openssl_key.get()) !=
	SSL_get_signature_algorithm_key_type(algorithm)) {
	continue;
	}
	// If the RSA key is too small for the hash, skip the algorithm. BoringSSL
	// will filter this algorithm out and decline using it. In particular,
	// 1024-bit RSA keys cannot sign RSA-PSS with SHA-512 and test keys are
	// often 1024 bits.
	if (SSL_is_signature_algorithm_rsa_pss(algorithm) &&
	static_cast<size_t>(EVP_PKEY_size(openssl_key.get())) <
	2 * EVP_MD_size(SSL_get_signature_algorithm_digest(algorithm)) +
	2) {
	continue;
	}

	// Test the key generates valid signatures.
	std::vector<uint8_t> input(100, 'a');
	std::vector<uint8_t> signature;
	#ifdef STARBOARD
	base::span<const uint8_t> input_span(input.data(), input.size());
	base::span<const uint8_t> signature_span(signature.data(),
	signature.size());
	Error error =
	DoKeySigningWithWrapper(key, algorithm, input_span, &signature);
	EXPECT_THAT(error, IsOk());
	EXPECT_TRUE(VerifyWithOpenSSL(algorithm, input_span, openssl_key.get(),
	signature_span));
	#else
	Error error = DoKeySigningWithWrapper(key, algorithm, input, &signature);
	EXPECT_THAT(error, IsOk());
	EXPECT_TRUE(
	VerifyWithOpenSSL(algorithm, input, openssl_key.get(), signature));
	#endif
	}
	}

	} // namespace net