Support generation of EC keys using P256 curve and support ECDSA certs.

webrtc/base/sslidentity_unittest.cc

 /*
  *  Copyright 2011 The WebRTC Project Authors. All rights reserved.
  *
  *  Use of this source code is governed by a BSD-style license
  *  that can be found in the LICENSE file in the root of the source
  *  tree. An additional intellectual property rights grant can be found
  *  in the file PATENTS.  All contributing project authors may
  *  be found in the AUTHORS file in the root of the source tree.
  */
 
@@ skipping 20 matching lines @@
     "-----END CERTIFICATE-----\n";
 
 const unsigned char kTestCertSha1[] = {0xA6, 0xC8, 0x59, 0xEA,
                                        0xC3, 0x7E, 0x6D, 0x33,
                                        0xCF, 0xE2, 0x69, 0x9D,
                                        0x74, 0xE6, 0xF6, 0x8A,
                                        0x9E, 0x47, 0xA7, 0xCA};
 
 class SSLIdentityTest : public testing::Test {
  public:
-  SSLIdentityTest() :
-      identity1_(), identity2_() {
-  }
+  SSLIdentityTest()
+      : identityrsa1_(),
+        identityrsa2_(),
+        identityecdsa1_(),
+        identityecdsa2_() {}
 
   ~SSLIdentityTest() {
   }
 
   virtual void SetUp() {
-    identity1_.reset(SSLIdentity::Generate("test1"));
-    identity2_.reset(SSLIdentity::Generate("test2"));
+    identityrsa1_.reset(SSLIdentity::Generate("test1", rtc::KT_RSA));
+    identityrsa2_.reset(SSLIdentity::Generate("test2", rtc::KT_RSA));
+    identityecdsa1_.reset(SSLIdentity::Generate("test3", rtc::KT_ECDSA));
+    identityecdsa2_.reset(SSLIdentity::Generate("test4", rtc::KT_ECDSA));
 
-    ASSERT_TRUE(identity1_);
-    ASSERT_TRUE(identity2_);
+    ASSERT_TRUE(identityrsa1_);
+    ASSERT_TRUE(identityrsa2_);
+    ASSERT_TRUE(identityecdsa1_);
+    ASSERT_TRUE(identityecdsa2_);
 
-    test_cert_.reset(
-        rtc::SSLCertificate::FromPEMString(kTestCertificate));
+    test_cert_.reset(rtc::SSLCertificate::FromPEMString(kTestCertificate));
     ASSERT_TRUE(test_cert_);
   }
 
   void TestGetSignatureDigestAlgorithm() {
     std::string digest_algorithm;
-    // Both NSSIdentity::Generate and OpenSSLIdentity::Generate are
-    // hard-coded to generate RSA-SHA256 certificates.
-    ASSERT_TRUE(identity1_->certificate().GetSignatureDigestAlgorithm(
-        &digest_algorithm));
-    ASSERT_EQ(rtc::DIGEST_SHA_256, digest_algorithm);
-    ASSERT_TRUE(identity2_->certificate().GetSignatureDigestAlgorithm(
+
+    ASSERT_TRUE(identityrsa1_->certificate().GetSignatureDigestAlgorithm(
         &digest_algorithm));
     ASSERT_EQ(rtc::DIGEST_SHA_256, digest_algorithm);
 
+    ASSERT_TRUE(identityrsa2_->certificate().GetSignatureDigestAlgorithm(
+        &digest_algorithm));
+    ASSERT_EQ(rtc::DIGEST_SHA_256, digest_algorithm);
+
+    ASSERT_TRUE(identityecdsa1_->certificate().GetSignatureDigestAlgorithm(
+        &digest_algorithm));
+    ASSERT_EQ(rtc::DIGEST_SHA_256, digest_algorithm);
+
+    ASSERT_TRUE(identityecdsa2_->certificate().GetSignatureDigestAlgorithm(
+        &digest_algorithm));
+    ASSERT_EQ(rtc::DIGEST_SHA_256, digest_algorithm);
+
     // The test certificate has an MD5-based signature.
     ASSERT_TRUE(test_cert_->GetSignatureDigestAlgorithm(&digest_algorithm));
     ASSERT_EQ(rtc::DIGEST_MD5, digest_algorithm);
   }
 
   void TestDigest(const std::string &algorithm, size_t expected_len,
                   const unsigned char *expected_digest = NULL) {
-    unsigned char digest1[64];
-    unsigned char digest1b[64];
-    unsigned char digest2[64];
-    size_t digest1_len;
-    size_t digest1b_len;
-    size_t digest2_len;
+    typedef unsigned char digest_type[64];  // 64 is the largest hash used here.

[juberti1, 2015/07/03 03:15:18]

proper style for this would be DigestType

[torbjorng (webrtc), 2015/07/06 10:11:55]

Done.

+    digest_type digest1;
+    digest_type digest[4];
+    size_t digest_len;
     bool rv;
 
-    rv = identity1_->certificate().ComputeDigest(algorithm,
-                                                 digest1, sizeof(digest1),
-                                                 &digest1_len);
+    ASSERT_TRUE(expected_len <= 64);
+
+    // Record digests of our 4 identities.
+    memset(digest[0], 0, expected_len);

[juberti1, 2015/07/03 03:15:18]

This seems like a lot of redundant code. Suggest extracting a helper routine
that calls ComputeDigest twice on a supplied cert and verifies it gets the right
length and same result. Then you can call that routine 5x from this function.

[torbjorng (webrtc), 2015/07/06 10:11:55]

Done.

+    rv = identityrsa1_->certificate().ComputeDigest(
+        algorithm, digest[0], sizeof(digest_type), &digest_len);
     EXPECT_TRUE(rv);
-    EXPECT_EQ(expected_len, digest1_len);
+    EXPECT_EQ(expected_len, digest_len);
 
-    rv = identity1_->certificate().ComputeDigest(algorithm,
-                                                 digest1b, sizeof(digest1b),
-                                                 &digest1b_len);
+    memset(digest[1], 0, expected_len);
+    rv = identityrsa2_->certificate().ComputeDigest(
+        algorithm, digest[1], sizeof(digest_type), &digest_len);
     EXPECT_TRUE(rv);
-    EXPECT_EQ(expected_len, digest1b_len);
-    EXPECT_EQ(0, memcmp(digest1, digest1b, expected_len));
+    EXPECT_EQ(expected_len, digest_len);
 
+    memset(digest[2], 0, expected_len);
+    rv = identityecdsa1_->certificate().ComputeDigest(
+        algorithm, digest[2], sizeof(digest_type), &digest_len);
+    EXPECT_TRUE(rv);
+    EXPECT_EQ(expected_len, digest_len);
 
-    rv = identity2_->certificate().ComputeDigest(algorithm,
-                                                 digest2, sizeof(digest2),
-                                                 &digest2_len);
+    memset(digest[3], 0, expected_len);
+    rv = identityecdsa2_->certificate().ComputeDigest(
+        algorithm, digest[3], sizeof(digest_type), &digest_len);
     EXPECT_TRUE(rv);
-    EXPECT_EQ(expected_len, digest2_len);
-    EXPECT_NE(0, memcmp(digest1, digest2, expected_len));
+    EXPECT_EQ(expected_len, digest_len);
+
+    // Repeat digest computation for one identity as a sanity check.
+    memset(digest1, 0xff, expected_len);
+    rv = identityrsa1_->certificate().ComputeDigest(
+        algorithm, digest1, sizeof(digest_type), &digest_len);
+    EXPECT_TRUE(rv);
+    EXPECT_EQ(expected_len, digest_len);
+    EXPECT_EQ(0, memcmp(digest[0], digest1, expected_len));
+
+    // Sanity check that all four digests are unique.  This could theoretically

[juberti1, 2015/07/03 03:15:18]

This seems like it might not be all that valuable (although the chance of a
failure is remarkably low).

[torbjorng (webrtc), 2015/07/06 10:11:55]

I inherited this check from the old code, I only generalised it.

It only catches seriously misbehaved functions. A real collision will
only happen if random generation is badly broken so that two keys
actually come out the same.

+    // fail, since SHA256 collisions have a non-zero probability.
+    for (int i = 0; i < 4; i++) {
+      for (int j = 0; j < 4; j++) {
+        if (i != j)
+          EXPECT_NE(0, memcmp(digest[i], digest[j], expected_len));
+      }
+    }
 
     // If we have an expected hash for the test cert, check it.
     if (expected_digest) {

[juberti1, 2015/07/03 03:15:18]

This is only used in one case, so suggest factoring this out into its own
function.

[torbjorng (webrtc), 2015/07/06 10:11:55]

Done.

-      unsigned char digest3[64];
+      digest_type digest3;
       size_t digest3_len;
 
       rv = test_cert_->ComputeDigest(algorithm, digest3, sizeof(digest3),
                                     &digest3_len);
       EXPECT_TRUE(rv);
       EXPECT_EQ(expected_len, digest3_len);
       EXPECT_EQ(0, memcmp(digest3, expected_digest, expected_len));
     }
   }
 
  private:
-  rtc::scoped_ptr<SSLIdentity> identity1_;
-  rtc::scoped_ptr<SSLIdentity> identity2_;
+  rtc::scoped_ptr<SSLIdentity> identityrsa1_;

[juberti1, 2015/07/03 03:15:18]

identiy_rsa1_, etc would be more readable

[torbjorng (webrtc), 2015/07/06 10:11:55]

Done.

+  rtc::scoped_ptr<SSLIdentity> identityrsa2_;
+  rtc::scoped_ptr<SSLIdentity> identityecdsa1_;
+  rtc::scoped_ptr<SSLIdentity> identityecdsa2_;
   rtc::scoped_ptr<rtc::SSLCertificate> test_cert_;
 };
 
 TEST_F(SSLIdentityTest, DigestSHA1) {
   TestDigest(rtc::DIGEST_SHA_1, 20, kTestCertSha1);
 }
 
 // HASH_AlgSHA224 is not supported in the chromium linux build.
 #if SSL_USE_NSS
 TEST_F(SSLIdentityTest, DISABLED_DigestSHA224) {
 #else
 TEST_F(SSLIdentityTest, DigestSHA224) {
 #endif
   TestDigest(rtc::DIGEST_SHA_224, 28);
 }
 
 TEST_F(SSLIdentityTest, DigestSHA256) {
   TestDigest(rtc::DIGEST_SHA_256, 32);
 }
 
 TEST_F(SSLIdentityTest, DigestSHA384) {
   TestDigest(rtc::DIGEST_SHA_384, 48);
 }
 
 TEST_F(SSLIdentityTest, DigestSHA512) {
   TestDigest(rtc::DIGEST_SHA_512, 64);
 }
 
-TEST_F(SSLIdentityTest, FromPEMStrings) {
+TEST_F(SSLIdentityTest, FromPEMStringsRSA) {
   static const char kRSA_PRIVATE_KEY_PEM[] =
       "-----BEGIN RSA PRIVATE KEY-----\n"
       "MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMYRkbhmI7kVA/rM\n"
       "czsZ+6JDhDvnkF+vn6yCAGuRPV03zuRqZtDy4N4to7PZu9PjqrRl7nDMXrG3YG9y\n"
       "rlIAZ72KjcKKFAJxQyAKLCIdawKRyp8RdK3LEySWEZb0AV58IadqPZDTNHHRX8dz\n"
       "5aTSMsbbkZ+C/OzTnbiMqLL/vg6jAgMBAAECgYAvgOs4FJcgvp+TuREx7YtiYVsH\n"
       "mwQPTum2z/8VzWGwR8BBHBvIpVe1MbD/Y4seyI2aco/7UaisatSgJhsU46/9Y4fq\n"
       "2TwXH9QANf4at4d9n/R6rzwpAJOpgwZgKvdQjkfrKTtgLV+/dawvpxUYkRH4JZM1\n"
       "CVGukMfKNrSVH4Ap4QJBAOJmGV1ASPnB4r4nc99at7JuIJmd7fmuVUwUgYi4XgaR\n"
       "WhScBsgYwZ/JoywdyZJgnbcrTDuVcWG56B3vXbhdpMsCQQDf9zeJrjnPZ3Cqm79y\n"
@@ skipping 17 matching lines @@
       "LJE/mGw3MyFHEqi81jh95J+ypl6xKW6Rm8jKLR87gUvCaVYn/Z4/P3AqcQTB7wOv\n"
       "UD0A8qfhfDM+LK6rPAnCsVN0NRDY3jvd6rzix9M=\n"
       "-----END CERTIFICATE-----\n";
 
   rtc::scoped_ptr<SSLIdentity> identity(
       SSLIdentity::FromPEMStrings(kRSA_PRIVATE_KEY_PEM, kCERT_PEM));
   EXPECT_TRUE(identity);
   EXPECT_EQ(kCERT_PEM, identity->certificate().ToPEMString());
 }
 
+#if SSL_USE_OPENSSL
+// This will not work on NSS as PK11_ImportDERPrivateKeyInfoAndReturnKey is not
+// ready for EC keys.  Furthermore, NSSIdentity::FromPEMStrings is currently
+// hardwired for RSA (the header matching via kPemTypeRsaPrivateKey needs
+// trivial generalization).
+TEST_F(SSLIdentityTest, FromPEMStringsEC) {
+  static const char kRSA_PRIVATE_KEY_PEM[] =
+      "-----BEGIN EC PRIVATE KEY-----\n"
+      "MHcCAQEEIKkIztWLPbs4Y2zWv7VW2Ov4is2ifleCuPgRB8fRv3IkoAoGCCqGSM49\n"
+      "AwEHoUQDQgAEDPV33NrhSdhg9cBRkUWUXnVMXc3h17i9ARbSmNgminKcBXb8/y8L\n"
+      "A76cMWQPPM0ybHO8OS7ZVg2U/m+TwE1M2g==\n"
+      "-----END EC PRIVATE KEY-----\n";
+  static const char kCERT_PEM[] =
+      "-----BEGIN CERTIFICATE-----\n"
+      "MIIB0jCCAXmgAwIBAgIJAMCjpFt9t6LMMAoGCCqGSM49BAMCMEUxCzAJBgNVBAYT\n"
+      "AkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRn\n"
+      "aXRzIFB0eSBMdGQwIBcNMTUwNjMwMTMwMTIyWhgPMjI4OTA0MTMxMzAxMjJaMEUx\n"
+      "CzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRl\n"
+      "cm5ldCBXaWRnaXRzIFB0eSBMdGQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQM\n"
+      "9Xfc2uFJ2GD1wFGRRZRedUxdzeHXuL0BFtKY2CaKcpwFdvz/LwsDvpwxZA88zTJs\n"
+      "c7w5LtlWDZT+b5PATUzao1AwTjAdBgNVHQ4EFgQUYHq6nxNNIE832ZmaHc/noODO\n"
+      "rtAwHwYDVR0jBBgwFoAUYHq6nxNNIE832ZmaHc/noODOrtAwDAYDVR0TBAUwAwEB\n"
+      "/zAKBggqhkjOPQQDAgNHADBEAiAQRojsTyZG0BlKoU7gOt5h+yAMLl2cxmDtOIQr\n"
+      "GWP/PwIgJynB4AUDsPT0DWmethOXYijB5sY5UPd9DvgmiS/Mr6s=\n"
+      "-----END CERTIFICATE-----\n";
+
+  rtc::scoped_ptr<SSLIdentity> identity(
+      SSLIdentity::FromPEMStrings(kRSA_PRIVATE_KEY_PEM, kCERT_PEM));
+  EXPECT_TRUE(identity);
+  EXPECT_EQ(kCERT_PEM, identity->certificate().ToPEMString());
+}
+#endif
+
 TEST_F(SSLIdentityTest, PemDerConversion) {
   std::string der;
   EXPECT_TRUE(SSLIdentity::PemToDer("CERTIFICATE", kTestCertificate, &der));
 
   EXPECT_EQ(kTestCertificate, SSLIdentity::DerToPem(
       "CERTIFICATE",
       reinterpret_cast<const unsigned char*>(der.data()), der.length()));
 }
 
 TEST_F(SSLIdentityTest, GetSignatureDigestAlgorithm) {
   TestGetSignatureDigestAlgorithm();
 }