pk11_eddsa_unittest.cc

Enable keyboard shortcuts

/* This Source Code Form is subject to the terms of the Mozilla Public

 * License, v. 2.0. If a copy of the MPL was not distributed with this file,

 * You can obtain one at http://mozilla.org/MPL/2.0/. */

#include <memory>

#include "nss.h"

#include "pk11pub.h"

#include "sechash.h"

#include "cryptohi.h"

#include "cpputil.h"

#include "json_reader.h"

#include "nss_scoped_ptrs.h"

#include "testvectors_base/test-structs.h"

#include "pk11_eddsa_vectors.h"

#include "pk11_signature_test.h"

#include "pk11_keygen.h"

namespace nss_test {

static const Pkcs11SignatureTestParams kEddsaVectors[] = {

    {DataBuffer(kEd25519Pkcs8_1, sizeof(kEd25519Pkcs8_1)),

     DataBuffer(kEd25519Spki_1, sizeof(kEd25519Spki_1)),

     DataBuffer(kEd25519Message_1, sizeof(kEd25519Message_1)),

     DataBuffer(kEd25519Signature_1, sizeof(kEd25519Signature_1))},

    {DataBuffer(kEd25519Pkcs8_2, sizeof(kEd25519Pkcs8_2)),

     DataBuffer(kEd25519Spki_2, sizeof(kEd25519Spki_2)),

     DataBuffer(kEd25519Message_2, sizeof(kEd25519Message_2)),

     DataBuffer(kEd25519Signature_2, sizeof(kEd25519Signature_2))},

    {DataBuffer(kEd25519Pkcs8_3, sizeof(kEd25519Pkcs8_3)),

     DataBuffer(kEd25519Spki_3, sizeof(kEd25519Spki_3)),

     DataBuffer(kEd25519Message_3, sizeof(kEd25519Message_3)),

     DataBuffer(kEd25519Signature_3, sizeof(kEd25519Signature_3))}};

class Pkcs11EddsaTest

    : public Pk11SignatureTest,

      public ::testing::WithParamInterface<Pkcs11SignatureTestParams> {

 protected:

  Pkcs11EddsaTest() : Pk11SignatureTest(CKM_EDDSA) {}

};

TEST_P(Pkcs11EddsaTest, SignAndVerify) { SignAndVerifyRaw(GetParam()); }

TEST_P(Pkcs11EddsaTest, ImportExport) { ImportExport(GetParam().pkcs8_); }

TEST_P(Pkcs11EddsaTest, ImportConvertToPublic) {

  ScopedSECKEYPrivateKey privKey(ImportPrivateKey(GetParam().pkcs8_));

  ASSERT_TRUE(privKey);

  ScopedSECKEYPublicKey pubKey(SECKEY_ConvertToPublicKey(privKey.get()));

  ASSERT_TRUE(pubKey);

TEST_P(Pkcs11EddsaTest, ImportPublicCreateSubjectPKInfo) {

  ScopedSECKEYPrivateKey privKey(ImportPrivateKey(GetParam().pkcs8_));

  ASSERT_TRUE(privKey);

  ScopedSECKEYPublicKey pubKey(

      (SECKEYPublicKey*)SECKEY_ConvertToPublicKey(privKey.get()));

  ASSERT_TRUE(pubKey);

  ScopedSECItem der_spki(SECKEY_EncodeDERSubjectPublicKeyInfo(pubKey.get()));

  ASSERT_TRUE(der_spki);

  ASSERT_EQ(der_spki->len, GetParam().spki_.len());

  ASSERT_EQ(0, memcmp(der_spki->data, GetParam().spki_.data(), der_spki->len));

INSTANTIATE_TEST_SUITE_P(EddsaSignVerify, Pkcs11EddsaTest,

                         ::testing::ValuesIn(kEddsaVectors));

class Pkcs11EddsaRoundtripTest

    : public Pk11SignatureTest,

      public ::testing::WithParamInterface<Pkcs11SignatureTestParams> {

 protected:

  Pkcs11EddsaRoundtripTest() : Pk11SignatureTest(CKM_EDDSA) {}

 protected:

  void GenerateExportImportSignVerify(Pkcs11SignatureTestParams params) {

    Pkcs11KeyPairGenerator generator(CKM_EC_EDWARDS_KEY_PAIR_GEN);

    ScopedSECKEYPrivateKey priv;

    ScopedSECKEYPublicKey pub;

    generator.GenerateKey(&priv, &pub, false);

    DataBuffer exported;

    ExportPrivateKey(&priv, exported);

    ScopedSECKEYPrivateKey privKey(ImportPrivateKey(exported));

    ASSERT_NE(privKey, nullptr);

    DataBuffer sig;

    SignRaw(privKey, params.data_, &sig);

    Verify(pub, params.data_, sig);

};

TEST_P(Pkcs11EddsaRoundtripTest, GenerateExportImportSignVerify) {

  GenerateExportImportSignVerify(GetParam());

INSTANTIATE_TEST_SUITE_P(EddsaRound, Pkcs11EddsaRoundtripTest,

                         ::testing::ValuesIn(kEddsaVectors));

class Pkcs11EddsaWycheproofTest : public ::testing::Test {

 protected:

  void Run(const std::string& name) {

    WycheproofHeader(name, "EDDSA", "eddsa_verify_schema.json",

                     [this](JsonReader& r) { RunGroup(r); });

 private:

  void RunGroup(JsonReader& r) {

    std::vector<EddsaTestVector> tests;

    std::vector<uint8_t> public_key;

    while (r.NextItem()) {

      std::string n = r.ReadLabel();

      if (n == "") {

        break;

      if (n == "jwk" || n == "key" || n == "keyPem") {

        r.SkipValue();

      } else if (n == "keyDer") {

        public_key = r.ReadHex();

      } else if (n == "type") {

        ASSERT_EQ("EddsaVerify", r.ReadString());

      } else if (n == "tests") {

        WycheproofReadTests(r, &tests, ReadTestAttr);

      } else {

        FAIL() << "unknown label in group: " << n;

    for (auto& t : tests) {

      std::cout << "Running test " << t.id << std::endl;

      t.public_key = public_key;

      Derive(t);

  static void ReadTestAttr(EddsaTestVector& t, const std::string& n,

                           JsonReader& r) {

    if (n == "msg") {

      t.msg = r.ReadHex();

    } else if (n == "sig") {

      t.sig = r.ReadHex();

    } else {

      FAIL() << "unknown test key: " << n;

  void Derive(const EddsaTestVector& vec) {

    SECItem spki_item = {siBuffer, toUcharPtr(vec.public_key.data()),

                         static_cast<unsigned int>(vec.public_key.size())};

    SECItem sig_item = {siBuffer, toUcharPtr(vec.sig.data()),

                        static_cast<unsigned int>(vec.sig.size())};

    SECItem msg_item = {siBuffer, toUcharPtr(vec.msg.data()),

                        static_cast<unsigned int>(vec.msg.size())};

    ScopedCERTSubjectPublicKeyInfo cert_spki(

        SECKEY_DecodeDERSubjectPublicKeyInfo(&spki_item));

    ASSERT_TRUE(cert_spki);

    ScopedSECKEYPublicKey pub_key(SECKEY_ExtractPublicKey(cert_spki.get()));

    ASSERT_TRUE(pub_key);

    SECStatus rv = PK11_VerifyWithMechanism(pub_key.get(), CKM_EDDSA, nullptr,

                                            &sig_item, &msg_item, nullptr);

    EXPECT_EQ(rv, vec.valid ? SECSuccess : SECFailure);

};

};

TEST_F(Pkcs11EddsaWycheproofTest, Ed25519) { Run("eddsa"); }

}  // namespace nss_test