crypto/nss_key_util_unittest.cc

   1 // Copyright 2015 The Chromium Authors
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "crypto/nss_key_util.h"
   6
   7 #include <keyhi.h>
   8 #include <pk11pub.h>
   9 #include <stdint.h>
  10
  11 #include <vector>
  12
  13 #include "crypto/nss_util.h"
  14 #include "crypto/scoped_nss_types.h"
  15 #include "testing/gtest/include/gtest/gtest.h"
  16
  17 namespace crypto {
  18
  19 class NSSKeyUtilTest : public testing::Test {
  20  public:
  21   void SetUp() override {
  22     EnsureNSSInit();
  23
  24     internal_slot_.reset(PK11_GetInternalSlot());
  25     ASSERT_TRUE(internal_slot_);
  26   }
  27
  28   PK11SlotInfo* internal_slot() { return internal_slot_.get(); }
  29
  30  private:
  31   ScopedPK11Slot internal_slot_;
  32 };
  33
  34 TEST_F(NSSKeyUtilTest, GenerateRSAKeyPairNSS) {
  35   const int kKeySizeBits = 1024;
  36
  37   ScopedSECKEYPublicKey public_key;
  38   ScopedSECKEYPrivateKey private_key;
  39   ASSERT_TRUE(GenerateRSAKeyPairNSS(internal_slot(), kKeySizeBits,
  40                                     false /* not permanent */, &public_key,
  41                                     &private_key));
  42
  43   EXPECT_EQ(rsaKey, SECKEY_GetPublicKeyType(public_key.get()));
  44   EXPECT_EQ(rsaKey, SECKEY_GetPrivateKeyType(private_key.get()));
  45   EXPECT_EQ((kKeySizeBits + 7) / 8,
  46             PK11_GetPrivateModulusLen(private_key.get()));
  47 }
  48
  49 TEST_F(NSSKeyUtilTest, FindNSSKeyFromPublicKeyInfo) {
  50   // Create an NSS keypair, which will put the keys in the user's NSSDB.
  51   ScopedSECKEYPublicKey public_key;
  52   ScopedSECKEYPrivateKey private_key;
  53   ASSERT_TRUE(GenerateRSAKeyPairNSS(internal_slot(), 512,
  54                                     false /* not permanent */, &public_key,
  55                                     &private_key));
  56
  57   ScopedSECItem item(SECKEY_EncodeDERSubjectPublicKeyInfo(public_key.get()));
  58   ASSERT_TRUE(item);
  59   std::vector<uint8_t> public_key_der(item->data, item->data + item->len);
  60
  61   ScopedSECKEYPrivateKey private_key2 =
  62       FindNSSKeyFromPublicKeyInfo(public_key_der);
  63   ASSERT_TRUE(private_key2);
  64   EXPECT_EQ(private_key->pkcs11ID, private_key2->pkcs11ID);
  65 }
  66
  67 TEST_F(NSSKeyUtilTest, FailedFindNSSKeyFromPublicKeyInfo) {
  68   // Create an NSS keypair, which will put the keys in the user's NSSDB.
  69   ScopedSECKEYPublicKey public_key;
  70   ScopedSECKEYPrivateKey private_key;
  71   ASSERT_TRUE(GenerateRSAKeyPairNSS(internal_slot(), 512,
  72                                     false /* not permanent */, &public_key,
  73                                     &private_key));
  74
  75   ScopedSECItem item(SECKEY_EncodeDERSubjectPublicKeyInfo(public_key.get()));
  76   ASSERT_TRUE(item);
  77   std::vector<uint8_t> public_key_der(item->data, item->data + item->len);
  78
  79   // Remove the keys from the DB, and make sure we can't find them again.
  80   PK11_DestroyTokenObject(private_key->pkcs11Slot, private_key->pkcs11ID);
  81   PK11_DestroyTokenObject(public_key->pkcs11Slot, public_key->pkcs11ID);
  82
  83   EXPECT_FALSE(FindNSSKeyFromPublicKeyInfo(public_key_der));
  84 }
  85
  86 }  // namespace crypto