Add various tests for d2i_PrivateKey.
Change-Id: I030022c240d17df08cf6f59eede0e94373152c40 Reviewed-on: https://boringssl-review.googlesource.com/5950 Reviewed-by: Adam Langley <agl@google.com>
This commit is contained in:
David Benjamin
Adam Langley
parent
382bc29251
commit
93d8cf557f
@ -321,6 +321,27 @@ static const uint8_t kExampleBadECKeyDER[] = {
|
||||
0xF3, 0xB9, 0xCA, 0xC2, 0xFC, 0x63, 0x25, 0x51
|
||||
};
|
||||
|
||||
// kExampleBadECKeyDER2 is a sample EC private key encoded as an ECPrivateKey
|
||||
// structure, but with the curve OID swapped out for 1.1.1.1.1.1.1.1.1. It is
|
||||
// then concatenated with an ECPrivateKey wrapped in a PrivateKeyInfo,
|
||||
// optional public key omitted, and with the private key chopped off.
|
||||
static const uint8_t kExampleBadECKeyDER2[] = {
|
||||
0x30, 0x77, 0x02, 0x01, 0x01, 0x04, 0x20, 0x07, 0x0f, 0x08, 0x72, 0x7a,
|
||||
0xd4, 0xa0, 0x4a, 0x9c, 0xdd, 0x59, 0xc9, 0x4d, 0x89, 0x68, 0x77, 0x08,
|
||||
0xb5, 0x6f, 0xc9, 0x5d, 0x30, 0x77, 0x0e, 0xe8, 0xd1, 0xc9, 0xce, 0x0a,
|
||||
0x8b, 0xb4, 0x6a, 0xa0, 0x0a, 0x06, 0x08, 0x29, 0x01, 0x01, 0x01, 0x01,
|
||||
0x01, 0x01, 0x01, 0xa1, 0x44, 0x03, 0x42, 0x00, 0x04, 0xe6, 0x2b, 0x69,
|
||||
0xe2, 0xbf, 0x65, 0x9f, 0x97, 0xbe, 0x2f, 0x1e, 0x0d, 0x94, 0x8a, 0x4c,
|
||||
0xd5, 0x97, 0x6b, 0xb7, 0xa9, 0x1e, 0x0d, 0x46, 0xfb, 0xdd, 0xa9, 0xa9,
|
||||
0x1e, 0x9d, 0xdc, 0xba, 0x5a, 0x01, 0xe7, 0xd6, 0x97, 0xa8, 0x0a, 0x18,
|
||||
0xf9, 0xc3, 0xc4, 0xa3, 0x1e, 0x56, 0xe2, 0x7c, 0x83, 0x48, 0xdb, 0x16,
|
||||
0x1a, 0x1c, 0xf5, 0x1d, 0x7e, 0xf1, 0x94, 0x2d, 0x4b, 0xcf, 0x72, 0x22,
|
||||
0xc1, 0x30, 0x41, 0x02, 0x01, 0x00, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86,
|
||||
0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d,
|
||||
0x03, 0x01, 0x07, 0x04, 0x27, 0x30, 0x25, 0x02, 0x01, 0x01, 0x04, 0x20,
|
||||
0x07,
|
||||
};
|
||||
|
||||
static ScopedEVP_PKEY LoadExampleRSAKey() {
|
||||
ScopedRSA rsa(RSA_private_key_from_bytes(kExampleRSAKeyDER,
|
||||
sizeof(kExampleRSAKeyDER)));
|
||||
@ -530,6 +551,64 @@ static bool TestEVP_PKCS82PKEY(void) {
|
||||
fprintf(stderr, "Imported invalid EC key\n");
|
||||
return false;
|
||||
}
|
||||
ERR_clear_error();
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
// Testd2i_PrivateKey tests |d2i_PrivateKey|.
|
||||
static bool Testd2i_PrivateKey(void) {
|
||||
const uint8_t *derp = kExampleRSAKeyDER;
|
||||
ScopedEVP_PKEY pkey(d2i_PrivateKey(EVP_PKEY_RSA, nullptr, &derp,
|
||||
sizeof(kExampleRSAKeyDER)));
|
||||
if (!pkey || derp != kExampleRSAKeyDER + sizeof(kExampleRSAKeyDER)) {
|
||||
fprintf(stderr, "Failed to import raw RSA key.\n");
|
||||
return false;
|
||||
}
|
||||
|
||||
derp = kExampleDSAKeyDER;
|
||||
pkey.reset(d2i_PrivateKey(EVP_PKEY_DSA, nullptr, &derp,
|
||||
sizeof(kExampleDSAKeyDER)));
|
||||
if (!pkey || derp != kExampleDSAKeyDER + sizeof(kExampleDSAKeyDER)) {
|
||||
fprintf(stderr, "Failed to import raw DSA key.\n");
|
||||
return false;
|
||||
}
|
||||
|
||||
derp = kExampleRSAKeyPKCS8;
|
||||
pkey.reset(d2i_PrivateKey(EVP_PKEY_RSA, nullptr, &derp,
|
||||
sizeof(kExampleRSAKeyPKCS8)));
|
||||
if (!pkey || derp != kExampleRSAKeyPKCS8 + sizeof(kExampleRSAKeyPKCS8)) {
|
||||
fprintf(stderr, "Failed to import PKCS#8 RSA key.\n");
|
||||
return false;
|
||||
}
|
||||
|
||||
derp = kExampleECKeyDER;
|
||||
pkey.reset(d2i_PrivateKey(EVP_PKEY_EC, nullptr, &derp,
|
||||
sizeof(kExampleECKeyDER)));
|
||||
if (!pkey || derp != kExampleECKeyDER + sizeof(kExampleECKeyDER)) {
|
||||
fprintf(stderr, "Failed to import raw EC key.\n");
|
||||
return false;
|
||||
}
|
||||
|
||||
derp = kExampleBadECKeyDER;
|
||||
pkey.reset(d2i_PrivateKey(EVP_PKEY_EC, nullptr, &derp,
|
||||
sizeof(kExampleBadECKeyDER)));
|
||||
if (pkey) {
|
||||
fprintf(stderr, "Imported invalid EC key.\n");
|
||||
return false;
|
||||
}
|
||||
ERR_clear_error();
|
||||
|
||||
// Copy the input into a |malloc|'d vector to flag memory errors.
|
||||
std::vector<uint8_t> copy(kExampleBadECKeyDER2, kExampleBadECKeyDER2 +
|
||||
sizeof(kExampleBadECKeyDER2));
|
||||
derp = bssl::vector_data(©);
|
||||
pkey.reset(d2i_PrivateKey(EVP_PKEY_EC, nullptr, &derp, copy.size()));
|
||||
if (pkey) {
|
||||
fprintf(stderr, "Imported invalid EC key #2.\n");
|
||||
return false;
|
||||
}
|
||||
ERR_clear_error();
|
||||
|
||||
return true;
|
||||
}
|
||||
@ -596,6 +675,12 @@ int main(void) {
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (!Testd2i_PrivateKey()) {
|
||||
fprintf(stderr, "Testd2i_PrivateKey failed\n");
|
||||
ERR_print_errors_fp(stderr);
|
||||
return 1;
|
||||
}
|
||||
|
||||
printf("PASS\n");
|
||||
return 0;
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user