Google Git
Sign in
chromium / chromium / src / refs/tags/56.0.2924.20 / . / net / ssl / ssl_platform_key_android_unittest.cc
blob: 118de12050961cb44dae9118397957c799b70b10 [file] [log] [blame]
// Copyright (c) 2013 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "base/android/jni_android.h"
#include "base/android/jni_array.h"
#include "base/android/scoped_java_ref.h"
#include "base/bind.h"
#include "base/files/file_path.h"
#include "base/files/file_util.h"
#include "base/run_loop.h"
#include "base/strings/string_number_conversions.h"
#include "base/strings/string_util.h"
#include "crypto/openssl_util.h"
#include "net/android/keystore.h"
#include "net/cert/x509_certificate.h"
#include "net/ssl/ssl_platform_key_android.h"
#include "net/ssl/ssl_private_key.h"
#include "net/test/cert_test_util.h"
#include "net/test/jni/AndroidKeyStoreTestUtil_jni.h"
#include "net/test/test_data_directory.h"
#include "testing/gtest/include/gtest/gtest.h"
#include "third_party/boringssl/src/include/openssl/bytestring.h"
#include "third_party/boringssl/src/include/openssl/digest.h"
#include "third_party/boringssl/src/include/openssl/ecdsa.h"
#include "third_party/boringssl/src/include/openssl/err.h"
#include "third_party/boringssl/src/include/openssl/evp.h"
#include "third_party/boringssl/src/include/openssl/pem.h"
#include "third_party/boringssl/src/include/openssl/rsa.h"
#include "third_party/boringssl/src/include/openssl/x509.h"
namespace net {
namespace {
typedef base::android::ScopedJavaLocalRef<jobject> ScopedJava;
// Resize a string to |size| bytes of data, then return its data buffer
// address cast as an 'unsigned char*', as expected by OpenSSL functions.
// |str| the target string.
// |size| the number of bytes to write into the string.
// Return the string's new buffer in memory, as an 'unsigned char*'
// pointer.
unsigned char* OpenSSLWriteInto(std::string* str, size_t size) {
return reinterpret_cast<unsigned char*>(base::WriteInto(str, size + 1));
}
bool ReadTestFile(const char* filename, std::string* pkcs8) {
base::FilePath certs_dir = GetTestCertsDirectory();
base::FilePath file_path = certs_dir.AppendASCII(filename);
return base::ReadFileToString(file_path, pkcs8);
}
// Load a given private key file into an EVP_PKEY.
// |filename| is the key file path.
// Returns a new EVP_PKEY on success, NULL on failure.
bssl::UniquePtr<EVP_PKEY> ImportPrivateKeyFile(const char* filename) {
std::string pkcs8;
if (!ReadTestFile(filename, &pkcs8))
return nullptr;
crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
CBS cbs;
CBS_init(&cbs, reinterpret_cast<const uint8_t*>(pkcs8.data()), pkcs8.size());
bssl::UniquePtr<EVP_PKEY> pkey(EVP_parse_private_key(&cbs));
if (!pkey) {
LOG(ERROR) << "Could not load private key file: " << filename;
return nullptr;
}
return pkey;
}
// Imports the public key from the specified test certificate.
bssl::UniquePtr<EVP_PKEY> ImportPublicKeyFromCertificateFile(
const char* filename) {
crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
scoped_refptr<X509Certificate> cert =
ImportCertFromFile(GetTestCertsDirectory(), filename);
if (!cert) {
LOG(ERROR) << "Could not open certificate file: " << filename;
return nullptr;
}
bssl::UniquePtr<EVP_PKEY> pkey(X509_get_pubkey(cert->os_cert_handle()));
if (!pkey) {
LOG(ERROR) << "Could not load public key from certificate: " << filename;
return nullptr;
}
return pkey;
}
// Retrieve a JNI local ref from encoded PKCS#8 data.
ScopedJava GetPKCS8PrivateKeyJava(android::PrivateKeyType key_type,
const std::string& pkcs8_key) {
JNIEnv* env = base::android::AttachCurrentThread();
base::android::ScopedJavaLocalRef<jbyteArray> bytes(
base::android::ToJavaByteArray(
env, reinterpret_cast<const uint8_t*>(pkcs8_key.data()),
pkcs8_key.size()));
ScopedJava key(Java_AndroidKeyStoreTestUtil_createPrivateKeyFromPKCS8(
env, key_type, bytes));
return key;
}
const char kTestRsaKeyFile[] = "client_1.pk8";
const char kTestRsaCertificateFile[] = "client_1.pem";
// Retrieve a JNI local ref for our test RSA key.
ScopedJava GetRSATestKeyJava() {
std::string key;
if (!ReadTestFile(kTestRsaKeyFile, &key))
return ScopedJava();
return GetPKCS8PrivateKeyJava(android::PRIVATE_KEY_TYPE_RSA, key);
}
const char kTestEcdsaKeyFile[] = "client_4.pk8";
const char kTestEcdsaCertificateFile[] = "client_4.pem";
// Retrieve a JNI local ref for our test ECDSA key.
ScopedJava GetECDSATestKeyJava() {
std::string key;
if (!ReadTestFile(kTestEcdsaKeyFile, &key))
return ScopedJava();
return GetPKCS8PrivateKeyJava(android::PRIVATE_KEY_TYPE_ECDSA, key);
}
// Call this function to verify that one message signed with our
// test ECDSA private key is correct. Since ECDSA signing introduces
// random elements in the signature, it is not possible to compare
// signature bits directly. However, one can use the public key
// to do the check.
bool VerifyTestECDSASignature(const base::StringPiece& message,
const base::StringPiece& signature) {
crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
bssl::UniquePtr<EVP_PKEY> pkey =
ImportPublicKeyFromCertificateFile(kTestEcdsaCertificateFile);
if (!pkey)
return false;
EC_KEY* pub_key = EVP_PKEY_get0_EC_KEY(pkey.get());
if (!pub_key) {
LOG(ERROR) << "Could not get ECDSA public key";
return false;
}
const unsigned char* digest =
reinterpret_cast<const unsigned char*>(message.data());
int digest_len = static_cast<int>(message.size());
const unsigned char* sigbuf =
reinterpret_cast<const unsigned char*>(signature.data());
int siglen = static_cast<int>(signature.size());
if (!ECDSA_verify(0, digest, digest_len, sigbuf, siglen, pub_key)) {
LOG(ERROR) << "ECDSA_verify() failed";
return false;
}
return true;
}
// Sign a message with OpenSSL, return the result as a string.
// |message| is the message to be signed.
// |openssl_key| is an OpenSSL EVP_PKEY to use.
// |result| receives the result.
// Returns true on success, false otherwise.
bool SignWithOpenSSL(int hash_nid,
const base::StringPiece& message,
EVP_PKEY* openssl_key,
std::string* result) {
crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
RSA* rsa = EVP_PKEY_get0_RSA(openssl_key);
if (!rsa) {
LOG(ERROR) << "Could not get RSA from EVP_PKEY";
return false;
}
const unsigned char* digest =
reinterpret_cast<const unsigned char*>(message.data());
unsigned int digest_len = static_cast<unsigned int>(message.size());
// With RSA, the signature will always be RSA_size() bytes.
size_t max_signature_size = static_cast<size_t>(RSA_size(rsa));
std::string signature;
unsigned char* p = OpenSSLWriteInto(&signature, max_signature_size);
unsigned int p_len = 0;
if (!RSA_sign(hash_nid, digest, digest_len, p, &p_len, rsa)) {
LOG(ERROR) << "RSA_sign() failed";
return false;
}
size_t signature_size = static_cast<size_t>(p_len);
if (signature_size == 0) {
LOG(ERROR) << "Signature is empty!";
return false;
}
if (signature_size > max_signature_size) {
LOG(ERROR) << "Signature size mismatch, actual " << signature_size
<< ", expected <= " << max_signature_size;
return false;
}
signature.resize(signature_size);
result->swap(signature);
return true;
}
// Check that a generated signature for a given message matches
// OpenSSL output byte-by-byte.
// |message| is the input message.
// |signature| is the generated signature for the message.
// |openssl_key| is a raw EVP_PKEY for the same private key than the
// one which was used to generate the signature.
// Returns true on success, false otherwise.
bool CompareSignatureWithOpenSSL(int hash_nid,
const base::StringPiece& message,
const base::StringPiece& signature,
EVP_PKEY* openssl_key) {
std::string openssl_signature;
if (!SignWithOpenSSL(hash_nid, message, openssl_key, &openssl_signature))
return false;
if (signature.size() != openssl_signature.size()) {
LOG(ERROR) << "Signature size mismatch, actual " << signature.size()
<< ", expected " << openssl_signature.size();
return false;
}
for (size_t n = 0; n < signature.size(); ++n) {
if (openssl_signature[n] != signature[n]) {
LOG(ERROR) << "Signature byte mismatch at index " << n << "actual "
<< signature[n] << ", expected " << openssl_signature[n];
LOG(ERROR) << "Actual signature : "
<< base::HexEncode(signature.data(), signature.size());
LOG(ERROR) << "Expected signature: "
<< base::HexEncode(openssl_signature.data(),
openssl_signature.size());
return false;
}
}
return true;
}
void OnSignComplete(base::RunLoop* loop,
Error* out_error,
std::string* out_signature,
Error error,
const std::vector<uint8_t>& signature) {
*out_error = error;
out_signature->assign(signature.begin(), signature.end());
loop->Quit();
}
void DoKeySigningWithWrapper(SSLPrivateKey* key,
SSLPrivateKey::Hash hash,
const base::StringPiece& message,
std::string* result) {
Error error;
base::RunLoop loop;
key->SignDigest(
hash, message,
base::Bind(OnSignComplete, base::Unretained(&loop),
base::Unretained(&error), base::Unretained(result)));
loop.Run();
ASSERT_EQ(OK, error);
}
static const struct {
const char* name;
int nid;
SSLPrivateKey::Hash hash;
} kHashes[] = {
{"MD5-SHA1", NID_md5_sha1, SSLPrivateKey::Hash::MD5_SHA1},
{"SHA-1", NID_sha1, SSLPrivateKey::Hash::SHA1},
{"SHA-256", NID_sha256, SSLPrivateKey::Hash::SHA256},
{"SHA-384", NID_sha384, SSLPrivateKey::Hash::SHA384},
{"SHA-512", NID_sha512, SSLPrivateKey::Hash::SHA512},
};
} // namespace
TEST(SSLPlatformKeyAndroid, RSA) {
crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
scoped_refptr<X509Certificate> cert =
ImportCertFromFile(GetTestCertsDirectory(), kTestRsaCertificateFile);
ASSERT_TRUE(cert);
ScopedJava rsa_key = GetRSATestKeyJava();
ASSERT_FALSE(rsa_key.is_null());
scoped_refptr<SSLPrivateKey> wrapper_key =
WrapJavaPrivateKey(cert.get(), rsa_key);
ASSERT_TRUE(wrapper_key);
bssl::UniquePtr<EVP_PKEY> openssl_key = ImportPrivateKeyFile(kTestRsaKeyFile);
ASSERT_TRUE(openssl_key);
// Check that the wrapper key returns the correct length and type.
EXPECT_EQ(SSLPrivateKey::Type::RSA, wrapper_key->GetType());
EXPECT_EQ(static_cast<size_t>(EVP_PKEY_size(openssl_key.get())),
wrapper_key->GetMaxSignatureLengthInBytes());
// Test signing against each hash.
for (const auto& hash : kHashes) {
SCOPED_TRACE(hash.name);
const EVP_MD* md = EVP_get_digestbynid(hash.nid);
ASSERT_TRUE(md);
std::string digest(EVP_MD_size(md), 'a');
std::string signature;
DoKeySigningWithWrapper(wrapper_key.get(), hash.hash, digest, &signature);
ASSERT_TRUE(CompareSignatureWithOpenSSL(hash.nid, digest, signature,
openssl_key.get()));
}
}
TEST(SSLPlatformKeyAndroid, ECDSA) {
crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
scoped_refptr<X509Certificate> cert =
ImportCertFromFile(GetTestCertsDirectory(), kTestEcdsaCertificateFile);
ASSERT_TRUE(cert);
ScopedJava ecdsa_key = GetECDSATestKeyJava();
ASSERT_FALSE(ecdsa_key.is_null());
scoped_refptr<SSLPrivateKey> wrapper_key =
WrapJavaPrivateKey(cert.get(), ecdsa_key);
ASSERT_TRUE(wrapper_key);
bssl::UniquePtr<EVP_PKEY> openssl_key =
ImportPrivateKeyFile(kTestEcdsaKeyFile);
ASSERT_TRUE(openssl_key);
// Check that the wrapper key returns the correct length and type.
EXPECT_EQ(SSLPrivateKey::Type::ECDSA_P256, wrapper_key->GetType());
EXPECT_EQ(static_cast<size_t>(EVP_PKEY_size(openssl_key.get())),
wrapper_key->GetMaxSignatureLengthInBytes());
// Test signing against each hash.
for (const auto& hash : kHashes) {
// ECDSA does not sign MD5-SHA1.
if (hash.nid == NID_md5_sha1)
continue;
SCOPED_TRACE(hash.name);
const EVP_MD* md = EVP_get_digestbynid(hash.nid);
ASSERT_TRUE(md);
std::string digest(EVP_MD_size(md), 'a');
std::string signature;
DoKeySigningWithWrapper(wrapper_key.get(), hash.hash, digest, &signature);
ASSERT_TRUE(VerifyTestECDSASignature(digest, signature));
}
}
} // namespace net