1 // Copyright 2017 Google LLC 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 // 15 //////////////////////////////////////////////////////////////////////////////// 16 17 package com.google.crypto.tink.signature; 18 19 import static com.google.common.truth.Truth.assertThat; 20 import static org.junit.Assert.assertEquals; 21 import static org.junit.Assert.assertTrue; 22 23 import com.google.crypto.tink.TinkProtoParametersFormat; 24 import com.google.crypto.tink.proto.EcdsaKeyFormat; 25 import com.google.crypto.tink.proto.EcdsaSignatureEncoding; 26 import com.google.crypto.tink.proto.EllipticCurveType; 27 import com.google.crypto.tink.proto.HashType; 28 import com.google.crypto.tink.proto.KeyTemplate; 29 import com.google.crypto.tink.proto.OutputPrefixType; 30 import com.google.crypto.tink.proto.RsaSsaPkcs1KeyFormat; 31 import com.google.crypto.tink.proto.RsaSsaPssKeyFormat; 32 import com.google.protobuf.ExtensionRegistryLite; 33 import java.math.BigInteger; 34 import org.junit.BeforeClass; 35 import org.junit.Test; 36 import org.junit.experimental.theories.DataPoints; 37 import org.junit.experimental.theories.FromDataPoints; 38 import org.junit.experimental.theories.Theories; 39 import org.junit.experimental.theories.Theory; 40 import org.junit.runner.RunWith; 41 42 /** Tests for SignatureKeyTemplates. */ 43 @RunWith(Theories.class) 44 public class SignatureKeyTemplatesTest { 45 @BeforeClass setUp()46 public static void setUp() throws Exception { 47 SignatureConfig.register(); 48 } 49 50 @Test ecdsaP256()51 public void ecdsaP256() throws Exception { 52 KeyTemplate template = SignatureKeyTemplates.ECDSA_P256; 53 assertEquals(EcdsaSignKeyManager.getKeyType(), template.getTypeUrl()); 54 assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType()); 55 EcdsaKeyFormat format = 56 EcdsaKeyFormat.parseFrom(template.getValue(), ExtensionRegistryLite.getEmptyRegistry()); 57 58 assertTrue(format.hasParams()); 59 assertEquals(HashType.SHA256, format.getParams().getHashType()); 60 assertEquals(EllipticCurveType.NIST_P256, format.getParams().getCurve()); 61 assertEquals(EcdsaSignatureEncoding.DER, format.getParams().getEncoding()); 62 } 63 64 @Test ecdsaP256Ieee()65 public void ecdsaP256Ieee() throws Exception { 66 KeyTemplate template = SignatureKeyTemplates.ECDSA_P256_IEEE_P1363; 67 assertEquals(EcdsaSignKeyManager.getKeyType(), template.getTypeUrl()); 68 assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType()); 69 EcdsaKeyFormat format = 70 EcdsaKeyFormat.parseFrom(template.getValue(), ExtensionRegistryLite.getEmptyRegistry()); 71 72 assertTrue(format.hasParams()); 73 assertEquals(HashType.SHA256, format.getParams().getHashType()); 74 assertEquals(EllipticCurveType.NIST_P256, format.getParams().getCurve()); 75 assertEquals(EcdsaSignatureEncoding.IEEE_P1363, format.getParams().getEncoding()); 76 } 77 78 @Test ecdsaP256IeeeWithoutPrefix()79 public void ecdsaP256IeeeWithoutPrefix() throws Exception { 80 KeyTemplate template = SignatureKeyTemplates.ECDSA_P256_IEEE_P1363_WITHOUT_PREFIX; 81 assertEquals(EcdsaSignKeyManager.getKeyType(), template.getTypeUrl()); 82 assertEquals(OutputPrefixType.RAW, template.getOutputPrefixType()); 83 EcdsaKeyFormat format = 84 EcdsaKeyFormat.parseFrom(template.getValue(), ExtensionRegistryLite.getEmptyRegistry()); 85 86 assertTrue(format.hasParams()); 87 assertEquals(HashType.SHA256, format.getParams().getHashType()); 88 assertEquals(EllipticCurveType.NIST_P256, format.getParams().getCurve()); 89 assertEquals(EcdsaSignatureEncoding.IEEE_P1363, format.getParams().getEncoding()); 90 } 91 92 @Test ecdsaP384()93 public void ecdsaP384() throws Exception { 94 KeyTemplate template = SignatureKeyTemplates.ECDSA_P384; 95 assertEquals(EcdsaSignKeyManager.getKeyType(), template.getTypeUrl()); 96 assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType()); 97 EcdsaKeyFormat format = 98 EcdsaKeyFormat.parseFrom(template.getValue(), ExtensionRegistryLite.getEmptyRegistry()); 99 100 assertTrue(format.hasParams()); 101 assertEquals(HashType.SHA512, format.getParams().getHashType()); 102 assertEquals(EllipticCurveType.NIST_P384, format.getParams().getCurve()); 103 assertEquals(EcdsaSignatureEncoding.DER, format.getParams().getEncoding()); 104 } 105 106 @Test ecdsaP384Ieee()107 public void ecdsaP384Ieee() throws Exception { 108 KeyTemplate template = SignatureKeyTemplates.ECDSA_P384_IEEE_P1363; 109 assertEquals(EcdsaSignKeyManager.getKeyType(), template.getTypeUrl()); 110 assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType()); 111 EcdsaKeyFormat format = 112 EcdsaKeyFormat.parseFrom(template.getValue(), ExtensionRegistryLite.getEmptyRegistry()); 113 114 assertTrue(format.hasParams()); 115 assertEquals(HashType.SHA512, format.getParams().getHashType()); 116 assertEquals(EllipticCurveType.NIST_P384, format.getParams().getCurve()); 117 assertEquals(EcdsaSignatureEncoding.IEEE_P1363, format.getParams().getEncoding()); 118 } 119 120 @Test ecdsaP521Ieee()121 public void ecdsaP521Ieee() throws Exception { 122 KeyTemplate template = SignatureKeyTemplates.ECDSA_P521_IEEE_P1363; 123 assertEquals(EcdsaSignKeyManager.getKeyType(), template.getTypeUrl()); 124 assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType()); 125 EcdsaKeyFormat format = 126 EcdsaKeyFormat.parseFrom(template.getValue(), ExtensionRegistryLite.getEmptyRegistry()); 127 128 assertTrue(format.hasParams()); 129 assertEquals(HashType.SHA512, format.getParams().getHashType()); 130 assertEquals(EllipticCurveType.NIST_P521, format.getParams().getCurve()); 131 assertEquals(EcdsaSignatureEncoding.IEEE_P1363, format.getParams().getEncoding()); 132 } 133 134 @Test createEcdsaKeyTemplate()135 public void createEcdsaKeyTemplate() throws Exception { 136 // Intentionally using "weird" or invalid values for parameters, 137 // to test that the function correctly puts them in the resulting template. 138 HashType hashType = HashType.SHA512; 139 EllipticCurveType curve = EllipticCurveType.UNKNOWN_CURVE; 140 EcdsaSignatureEncoding encoding = EcdsaSignatureEncoding.IEEE_P1363; 141 OutputPrefixType prefixType = OutputPrefixType.TINK; 142 KeyTemplate template = 143 SignatureKeyTemplates.createEcdsaKeyTemplate(hashType, curve, encoding, prefixType); 144 assertEquals(EcdsaSignKeyManager.getKeyType(), template.getTypeUrl()); 145 assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType()); 146 147 EcdsaKeyFormat format = 148 EcdsaKeyFormat.parseFrom(template.getValue(), ExtensionRegistryLite.getEmptyRegistry()); 149 assertEquals(hashType, format.getParams().getHashType()); 150 assertEquals(curve, format.getParams().getCurve()); 151 assertEquals(encoding, format.getParams().getEncoding()); 152 } 153 154 @Test ed25519()155 public void ed25519() throws Exception { 156 KeyTemplate template = SignatureKeyTemplates.ED25519; 157 assertEquals(Ed25519PrivateKeyManager.getKeyType(), template.getTypeUrl()); 158 assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType()); 159 assertTrue(template.getValue().isEmpty()); // Empty format. 160 } 161 162 @Test ed25519WithRawOutput()163 public void ed25519WithRawOutput() throws Exception { 164 KeyTemplate template = SignatureKeyTemplates.ED25519WithRawOutput; 165 assertEquals(Ed25519PrivateKeyManager.getKeyType(), template.getTypeUrl()); 166 assertEquals(OutputPrefixType.RAW, template.getOutputPrefixType()); 167 assertTrue(template.getValue().isEmpty()); // Empty format. 168 } 169 170 @Test rsaSsaPkcs1_3072()171 public void rsaSsaPkcs1_3072() throws Exception { 172 KeyTemplate template = SignatureKeyTemplates.RSA_SSA_PKCS1_3072_SHA256_F4; 173 assertEquals(RsaSsaPkcs1SignKeyManager.getKeyType(), template.getTypeUrl()); 174 assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType()); 175 RsaSsaPkcs1KeyFormat format = 176 RsaSsaPkcs1KeyFormat.parseFrom( 177 template.getValue(), ExtensionRegistryLite.getEmptyRegistry()); 178 179 assertTrue(format.hasParams()); 180 assertEquals(HashType.SHA256, format.getParams().getHashType()); 181 assertEquals(3072, format.getModulusSizeInBits()); 182 assertEquals( 183 BigInteger.valueOf(65537), new BigInteger(1, format.getPublicExponent().toByteArray())); 184 } 185 186 @Test rsaSsaPkcs1_4096()187 public void rsaSsaPkcs1_4096() throws Exception { 188 KeyTemplate template = SignatureKeyTemplates.RSA_SSA_PKCS1_4096_SHA512_F4; 189 assertEquals(RsaSsaPkcs1SignKeyManager.getKeyType(), template.getTypeUrl()); 190 assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType()); 191 RsaSsaPkcs1KeyFormat format = 192 RsaSsaPkcs1KeyFormat.parseFrom( 193 template.getValue(), ExtensionRegistryLite.getEmptyRegistry()); 194 195 assertTrue(format.hasParams()); 196 assertEquals(HashType.SHA512, format.getParams().getHashType()); 197 assertEquals(4096, format.getModulusSizeInBits()); 198 assertEquals( 199 BigInteger.valueOf(65537), new BigInteger(1, format.getPublicExponent().toByteArray())); 200 } 201 202 @Test rsaSsaPss3072()203 public void rsaSsaPss3072() throws Exception { 204 KeyTemplate template = SignatureKeyTemplates.RSA_SSA_PSS_3072_SHA256_SHA256_32_F4; 205 assertEquals(RsaSsaPssSignKeyManager.getKeyType(), template.getTypeUrl()); 206 assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType()); 207 RsaSsaPssKeyFormat format = 208 RsaSsaPssKeyFormat.parseFrom(template.getValue(), ExtensionRegistryLite.getEmptyRegistry()); 209 210 assertTrue(format.hasParams()); 211 assertEquals(HashType.SHA256, format.getParams().getSigHash()); 212 assertEquals(HashType.SHA256, format.getParams().getMgf1Hash()); 213 assertEquals(32, format.getParams().getSaltLength()); 214 assertEquals(3072, format.getModulusSizeInBits()); 215 assertEquals( 216 BigInteger.valueOf(65537), new BigInteger(1, format.getPublicExponent().toByteArray())); 217 } 218 219 @Test rsaSsaPss4096()220 public void rsaSsaPss4096() throws Exception { 221 KeyTemplate template = SignatureKeyTemplates.RSA_SSA_PSS_4096_SHA512_SHA512_64_F4; 222 assertEquals(RsaSsaPssSignKeyManager.getKeyType(), template.getTypeUrl()); 223 assertEquals(OutputPrefixType.TINK, template.getOutputPrefixType()); 224 RsaSsaPssKeyFormat format = 225 RsaSsaPssKeyFormat.parseFrom(template.getValue(), ExtensionRegistryLite.getEmptyRegistry()); 226 227 assertTrue(format.hasParams()); 228 assertEquals(HashType.SHA512, format.getParams().getSigHash()); 229 assertEquals(HashType.SHA512, format.getParams().getMgf1Hash()); 230 assertEquals(64, format.getParams().getSaltLength()); 231 assertEquals(4096, format.getModulusSizeInBits()); 232 assertEquals( 233 BigInteger.valueOf(65537), new BigInteger(1, format.getPublicExponent().toByteArray())); 234 } 235 236 public static class Pair { Pair(KeyTemplate template, SignatureParameters parameters)237 public Pair(KeyTemplate template, SignatureParameters parameters) { 238 this.template = template; 239 this.parameters = parameters; 240 } 241 242 KeyTemplate template; 243 SignatureParameters parameters; 244 } 245 246 @DataPoints("EquivalentPairs") 247 public static final Pair[] TEMPLATES = 248 new Pair[] { 249 new Pair(SignatureKeyTemplates.ECDSA_P256, PredefinedSignatureParameters.ECDSA_P256), 250 new Pair(SignatureKeyTemplates.ECDSA_P384, PredefinedSignatureParameters.ECDSA_P384), 251 new Pair(SignatureKeyTemplates.ECDSA_P521, PredefinedSignatureParameters.ECDSA_P521), 252 new Pair( 253 SignatureKeyTemplates.ECDSA_P256_IEEE_P1363, 254 PredefinedSignatureParameters.ECDSA_P256_IEEE_P1363), 255 new Pair( 256 SignatureKeyTemplates.ECDSA_P384_IEEE_P1363, 257 PredefinedSignatureParameters.ECDSA_P384_IEEE_P1363), 258 new Pair( 259 SignatureKeyTemplates.ECDSA_P256_IEEE_P1363_WITHOUT_PREFIX, 260 PredefinedSignatureParameters.ECDSA_P256_IEEE_P1363_WITHOUT_PREFIX), 261 new Pair( 262 SignatureKeyTemplates.ECDSA_P521_IEEE_P1363, 263 PredefinedSignatureParameters.ECDSA_P521_IEEE_P1363), 264 new Pair(SignatureKeyTemplates.ED25519, PredefinedSignatureParameters.ED25519), 265 new Pair( 266 SignatureKeyTemplates.ED25519WithRawOutput, 267 PredefinedSignatureParameters.ED25519WithRawOutput), 268 new Pair( 269 SignatureKeyTemplates.RSA_SSA_PKCS1_3072_SHA256_F4, 270 PredefinedSignatureParameters.RSA_SSA_PKCS1_3072_SHA256_F4), 271 new Pair( 272 SignatureKeyTemplates.RSA_SSA_PKCS1_3072_SHA256_F4_WITHOUT_PREFIX, 273 PredefinedSignatureParameters.RSA_SSA_PKCS1_3072_SHA256_F4_WITHOUT_PREFIX), 274 new Pair( 275 SignatureKeyTemplates.RSA_SSA_PKCS1_4096_SHA512_F4, 276 PredefinedSignatureParameters.RSA_SSA_PKCS1_4096_SHA512_F4), 277 new Pair( 278 SignatureKeyTemplates.RSA_SSA_PSS_3072_SHA256_SHA256_32_F4, 279 PredefinedSignatureParameters.RSA_SSA_PSS_3072_SHA256_SHA256_32_F4), 280 new Pair( 281 SignatureKeyTemplates.RSA_SSA_PSS_4096_SHA512_SHA512_64_F4, 282 PredefinedSignatureParameters.RSA_SSA_PSS_4096_SHA512_SHA512_64_F4), 283 }; 284 285 @Theory testParametersEqualsKeyTemplate(@romDataPoints"EquivalentPairs") Pair p)286 public void testParametersEqualsKeyTemplate(@FromDataPoints("EquivalentPairs") Pair p) 287 throws Exception { 288 assertThat(TinkProtoParametersFormat.parse(p.template.toByteArray())).isEqualTo(p.parameters); 289 } 290 } 291