1// Copyright 2020 Google LLC 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14// 15//////////////////////////////////////////////////////////////////////////////// 16 17package subtle_test 18 19import ( 20 "crypto/ecdsa" 21 "crypto/rand" 22 "fmt" 23 "testing" 24 25 subtleSignature "github.com/google/tink/go/signature/subtle" 26 "github.com/google/tink/go/subtle/random" 27 "github.com/google/tink/go/subtle" 28 "github.com/google/tink/go/testutil" 29) 30 31func TestSignVerify(t *testing.T) { 32 data := random.GetRandomBytes(20) 33 hash := "SHA256" 34 curve := "NIST_P256" 35 encodings := []string{"DER", "IEEE_P1363"} 36 for _, encoding := range encodings { 37 priv, _ := ecdsa.GenerateKey(subtle.GetCurve(curve), rand.Reader) 38 // Use the private key and public key directly to create new instances 39 signer, err := subtleSignature.NewECDSASignerFromPrivateKey(hash, encoding, priv) 40 if err != nil { 41 t.Errorf("unexpected error when creating ECDSASigner: %s", err) 42 } 43 verifier, err := subtleSignature.NewECDSAVerifierFromPublicKey(hash, encoding, &priv.PublicKey) 44 if err != nil { 45 t.Errorf("unexpected error when creating ECDSAVerifier: %s", err) 46 } 47 signature, err := signer.Sign(data) 48 if err != nil { 49 t.Errorf("unexpected error when signing: %s", err) 50 } 51 if err := verifier.Verify(signature, data); err != nil { 52 t.Errorf("unexpected error when verifying: %s", err) 53 } 54 55 // Use byte slices to create new instances 56 signer, err = subtleSignature.NewECDSASigner(hash, curve, encoding, priv.D.Bytes()) 57 if err != nil { 58 t.Errorf("unexpected error when creating ECDSASigner: %s", err) 59 } 60 verifier, err = subtleSignature.NewECDSAVerifier(hash, curve, encoding, priv.X.Bytes(), priv.Y.Bytes()) 61 if err != nil { 62 t.Errorf("unexpected error when creating ECDSAVerifier: %s", err) 63 } 64 signature, err = signer.Sign(data) 65 if err != nil { 66 t.Errorf("unexpected error when signing: %s", err) 67 } 68 if err = verifier.Verify(signature, data); err != nil { 69 t.Errorf("unexpected error when verifying: %s", err) 70 } 71 } 72} 73 74func TestECDSAInvalidPublicKey(t *testing.T) { 75 if _, err := subtleSignature.NewECDSAVerifier("SHA256", "NIST_P256", "IEEE_P1363", []byte{0, 32, 0}, []byte{0, 32}); err == nil { 76 t.Errorf("subtleSignature.NewECDSAVerifier() err = nil, want error") 77 } 78} 79 80func TestECDSAInvalidCurve(t *testing.T) { 81 priv, _ := ecdsa.GenerateKey(subtle.GetCurve("NIST_P256"), rand.Reader) 82 if _, err := subtleSignature.NewECDSAVerifier("SHA256", "INVALID", "IEEE_P1363", priv.X.Bytes(), priv.Y.Bytes()); err == nil { 83 t.Errorf("subtleSignature.NewECDSAVerifier() err = nil, want error") 84 } 85} 86 87func TestECDSAWycheproofCases(t *testing.T) { 88 testutil.SkipTestIfTestSrcDirIsNotSet(t) 89 90 vectors := []struct { 91 Filename string 92 Encoding string 93 }{ 94 {"ecdsa_test.json", "DER"}, 95 {"ecdsa_secp256r1_sha256_p1363_test.json", "IEEE_P1363"}, 96 {"ecdsa_secp384r1_sha512_p1363_test.json", "IEEE_P1363"}, 97 {"ecdsa_secp521r1_sha512_p1363_test.json", "IEEE_P1363"}, 98 } 99 100 for _, v := range vectors { 101 suite := new(ecdsaSuite) 102 if err := testutil.PopulateSuite(suite, v.Filename); err != nil { 103 t.Fatalf("failed populating suite: %s", err) 104 } 105 for _, group := range suite.TestGroups { 106 hash := subtle.ConvertHashName(group.SHA) 107 curve := subtle.ConvertCurveName(group.Key.Curve) 108 if hash == "" || curve == "" { 109 continue 110 } 111 x, err := subtle.NewBigIntFromHex(group.Key.Wx) 112 if err != nil { 113 t.Errorf("cannot decode wx: %s", err) 114 continue 115 } 116 y, err := subtle.NewBigIntFromHex(group.Key.Wy) 117 if err != nil { 118 t.Errorf("cannot decode wy: %s", err) 119 continue 120 } 121 verifier, err := subtleSignature.NewECDSAVerifier(hash, curve, v.Encoding, x.Bytes(), y.Bytes()) 122 if err != nil { 123 continue 124 } 125 for _, test := range group.Tests { 126 caseName := fmt.Sprintf("%s-%s:Case-%d", group.Type, group.SHA, test.CaseID) 127 t.Run(caseName, func(t *testing.T) { 128 err := verifier.Verify(test.Signature, test.Message) 129 switch test.Result { 130 case "valid": 131 if err != nil { 132 t.Fatalf("ECDSAVerifier.Verify() failed in a valid test case: %s", err) 133 } 134 case "invalid": 135 if err == nil { 136 t.Fatalf("ECDSAVerifier.Verify() succeeded in an invalid test case") 137 } 138 case "acceptable": 139 // TODO(ckl): Inspect flags to appropriately handle acceptable test cases. 140 default: 141 t.Fatalf("unsupported test result: %q", test.Result) 142 } 143 }) 144 } 145 } 146 } 147} 148