summaryrefslogtreecommitdiff
path: root/test/openssl/test_pkey_ec.rb
diff options
context:
space:
mode:
Diffstat (limited to 'test/openssl/test_pkey_ec.rb')
-rw-r--r--test/openssl/test_pkey_ec.rb419
1 files changed, 220 insertions, 199 deletions
diff --git a/test/openssl/test_pkey_ec.rb b/test/openssl/test_pkey_ec.rb
index 4498b2b8b3..53aa5a10f6 100644
--- a/test/openssl/test_pkey_ec.rb
+++ b/test/openssl/test_pkey_ec.rb
@@ -3,64 +3,46 @@ require_relative 'utils'
if defined?(OpenSSL::TestUtils) && defined?(OpenSSL::PKey::EC)
-class OpenSSL::TestEC < OpenSSL::TestCase
- def setup
- @data1 = 'foo'
- @data2 = 'bar' * 1000 # data too long for DSA sig
+class OpenSSL::TestEC < OpenSSL::PKeyTestCase
+ P256 = OpenSSL::TestUtils::TEST_KEY_EC_P256V1
- @groups = []
- @keys = []
+ def test_ec_key
+ builtin_curves = OpenSSL::PKey::EC.builtin_curves
+ assert_not_empty builtin_curves
- OpenSSL::PKey::EC.builtin_curves.each do |curve, comment|
- group = OpenSSL::PKey::EC::Group.new(curve)
+ builtin_curves.each do |curve_name, comment|
+ # Oakley curves and X25519 are not suitable for signing and causes
+ # FIPS-selftest failure on some environment, so skip for now.
+ next if ["Oakley", "X25519"].any? { |n| curve_name.start_with?(n) }
- # Oakley curves and X25519 are not suitable for signing
- next if ["Oakley", "X25519"].any? { |n| curve.start_with?(n) }
-
- key = OpenSSL::PKey::EC.new(group)
+ key = OpenSSL::PKey::EC.new(curve_name)
key.generate_key!
- @groups << group
- @keys << key
+ assert_predicate key, :private?
+ assert_predicate key, :public?
+ assert_nothing_raised { key.check_key }
end
- end
-
- def test_dup
- key = OpenSSL::PKey::EC.new("prime256v1")
- key.generate_key!
- key2 = key.dup
- assert_equal key.to_der, key2.to_der
- key_tmp = OpenSSL::PKey::EC.new("prime256v1").generate_key!
- key2.private_key = key_tmp.private_key
- key2.public_key = key_tmp.public_key
- assert_not_equal key.to_der, key2.to_der
- group = key.group
- group2 = group.dup
- assert_equal group.to_der, group2.to_der
- group2.asn1_flag ^= OpenSSL::PKey::EC::NAMED_CURVE
- assert_not_equal group.to_der, group2.to_der
+ key1 = OpenSSL::PKey::EC.new("prime256v1").generate_key!
- point = key.public_key
- point2 = point.dup
- assert_equal point.to_bn, point2.to_bn
- point2.invert!
- assert_not_equal point.to_bn, point2.to_bn
- end
+ key2 = OpenSSL::PKey::EC.new
+ key2.group = key1.group
+ key2.private_key = key1.private_key
+ key2.public_key = key1.public_key
+ assert_equal key1.to_der, key2.to_der
- def compare_keys(k1, k2)
- assert_equal(k1.to_pem, k2.to_pem)
- end
+ key3 = OpenSSL::PKey::EC.new(key1)
+ assert_equal key1.to_der, key3.to_der
- def test_builtin_curves
- assert(!OpenSSL::PKey::EC.builtin_curves.empty?)
- end
+ key4 = OpenSSL::PKey::EC.new(key1.to_der)
+ assert_equal key1.to_der, key4.to_der
- def test_curve_names
- @groups.each_with_index do |group, idx|
- key = @keys[idx]
- assert_equal(group.curve_name, key.group.curve_name)
- end
+ key5 = key1.dup
+ assert_equal key1.to_der, key5.to_der
+ key_tmp = OpenSSL::PKey::EC.new("prime256v1").generate_key!
+ key5.private_key = key_tmp.private_key
+ key5.public_key = key_tmp.public_key
+ assert_not_equal key1.to_der, key5.to_der
end
def test_generate
@@ -73,173 +55,206 @@ class OpenSSL::TestEC < OpenSSL::TestCase
end
def test_check_key
- for key in @keys
- assert_equal(true, key.check_key)
- assert_equal(true, key.private?)
- assert_equal(true, key.public?)
- key2 = OpenSSL::PKey::EC.new(key.group)
- assert_equal(false, key2.private?)
- assert_equal(false, key2.public?)
- key2.public_key = key.public_key
- assert_equal(false, key2.private?)
- assert_equal(true, key2.public?)
- key2.private_key = key.private_key
- assert_equal(true, key2.private?)
- assert_equal(true, key2.public?)
- assert_equal(true, key2.check_key)
- key2.private_key += 1
- assert_raise(OpenSSL::PKey::ECError) { key2.check_key }
- end
- end
-
- def test_group_encoding
- for group in @groups
- for meth in [:to_der, :to_pem]
- txt = group.send(meth)
- gr = OpenSSL::PKey::EC::Group.new(txt)
-
- assert_equal(txt, gr.send(meth))
-
- assert_equal(group.generator.to_bn, gr.generator.to_bn)
- assert_equal(group.cofactor, gr.cofactor)
- assert_equal(group.order, gr.order)
- assert_equal(group.seed, gr.seed)
- assert_equal(group.degree, gr.degree)
- end
- end
- end
-
- def test_key_encoding
- for key in @keys
- group = key.group
-
- for meth in [:to_der, :to_pem]
- txt = key.send(meth)
- assert_equal(txt, OpenSSL::PKey::EC.new(txt).send(meth))
- end
-
- bn = key.public_key.to_bn
- assert_equal(bn, OpenSSL::PKey::EC::Point.new(group, bn).to_bn)
- end
- end
-
- def test_set_keys
- for key in @keys
- k = OpenSSL::PKey::EC.new
- k.group = key.group
- k.private_key = key.private_key
- k.public_key = key.public_key
-
- compare_keys(key, k)
- end
+ key = OpenSSL::PKey::EC.new("prime256v1").generate_key!
+ assert_equal(true, key.check_key)
+ assert_equal(true, key.private?)
+ assert_equal(true, key.public?)
+ key2 = OpenSSL::PKey::EC.new(key.group)
+ assert_equal(false, key2.private?)
+ assert_equal(false, key2.public?)
+ key2.public_key = key.public_key
+ assert_equal(false, key2.private?)
+ assert_equal(true, key2.public?)
+ key2.private_key = key.private_key
+ assert_equal(true, key2.private?)
+ assert_equal(true, key2.public?)
+ assert_equal(true, key2.check_key)
+ key2.private_key += 1
+ assert_raise(OpenSSL::PKey::ECError) { key2.check_key }
end
def test_dsa_sign_verify
- for key in @keys
- sig = key.dsa_sign_asn1(@data1)
- assert(key.dsa_verify_asn1(@data1, sig))
- end
+ data1 = "foo"
+ data2 = "bar"
+ key = OpenSSL::PKey::EC.new("prime256v1").generate_key!
+ sig = key.dsa_sign_asn1(data1)
+ assert_equal true, key.dsa_verify_asn1(data1, sig)
+ assert_equal false, key.dsa_verify_asn1(data2, sig)
end
def test_dsa_sign_asn1_FIPS186_3
- for key in @keys
- size = key.group.order.num_bits / 8 + 1
- dgst = (1..size).to_a.pack('C*')
- begin
- sig = key.dsa_sign_asn1(dgst)
- # dgst is auto-truncated according to FIPS186-3 after openssl-0.9.8m
- assert(key.dsa_verify_asn1(dgst + "garbage", sig))
- rescue OpenSSL::PKey::ECError => e
- # just an exception for longer dgst before openssl-0.9.8m
- assert_equal('ECDSA_sign: data too large for key size', e.message)
- # no need to do following tests
- return
- end
+ key = OpenSSL::PKey::EC.new("prime256v1").generate_key!
+ size = key.group.order.num_bits / 8 + 1
+ dgst = (1..size).to_a.pack('C*')
+ begin
+ sig = key.dsa_sign_asn1(dgst)
+ # dgst is auto-truncated according to FIPS186-3 after openssl-0.9.8m
+ assert(key.dsa_verify_asn1(dgst + "garbage", sig))
+ rescue OpenSSL::PKey::ECError => e
+ # just an exception for longer dgst before openssl-0.9.8m
+ assert_equal('ECDSA_sign: data too large for key size', e.message)
+ # no need to do following tests
+ return
end
end
def test_dh_compute_key
- for key in @keys
- k = OpenSSL::PKey::EC.new(key.group)
- k.generate_key!
-
- puba = key.public_key
- pubb = k.public_key
- a = key.dh_compute_key(pubb)
- b = k.dh_compute_key(puba)
- assert_equal(a, b)
- end
+ key_a = OpenSSL::PKey::EC.new("prime256v1").generate_key!
+ key_b = OpenSSL::PKey::EC.new(key_a.group).generate_key!
+
+ pub_a = key_a.public_key
+ pub_b = key_b.public_key
+ a = key_a.dh_compute_key(pub_b)
+ b = key_b.dh_compute_key(pub_a)
+ assert_equal a, b
end
- def test_read_private_key_der
- ec = OpenSSL::TestUtils::TEST_KEY_EC_P256V1
- der = ec.to_der
- ec2 = OpenSSL::PKey.read(der)
- assert(ec2.private_key?)
- assert_equal(der, ec2.to_der)
+ def test_ECPrivateKey
+ asn1 = OpenSSL::ASN1::Sequence([
+ OpenSSL::ASN1::Integer(1),
+ OpenSSL::ASN1::OctetString(P256.private_key.to_s(2)),
+ OpenSSL::ASN1::ASN1Data.new(
+ [OpenSSL::ASN1::ObjectId("prime256v1")],
+ 0, :CONTEXT_SPECIFIC
+ ),
+ OpenSSL::ASN1::ASN1Data.new(
+ [OpenSSL::ASN1::BitString(P256.public_key.to_bn.to_s(2))],
+ 1, :CONTEXT_SPECIFIC
+ )
+ ])
+ key = OpenSSL::PKey::EC.new(asn1.to_der)
+ assert_predicate key, :private?
+ assert_same_ec P256, key
+
+ pem = <<~EOF
+ -----BEGIN EC PRIVATE KEY-----
+ MHcCAQEEIID49FDqcf1O1eO8saTgG70UbXQw9Fqwseliit2aWhH1oAoGCCqGSM49
+ AwEHoUQDQgAEFglk2c+oVUIKQ64eZG9bhLNPWB7lSZ/ArK41eGy5wAzU/0G51Xtt
+ CeBUl+MahZtn9fO1JKdF4qJmS39dXnpENg==
+ -----END EC PRIVATE KEY-----
+ EOF
+ key = OpenSSL::PKey::EC.new(pem)
+ assert_same_ec P256, key
+
+ assert_equal asn1.to_der, P256.to_der
+ assert_equal pem, P256.export
end
- def test_read_private_key_pem
- ec = OpenSSL::TestUtils::TEST_KEY_EC_P256V1
- pem = ec.to_pem
- ec2 = OpenSSL::PKey.read(pem)
- assert(ec2.private_key?)
- assert_equal(pem, ec2.to_pem)
+ def test_ECPrivateKey_encrypted
+ # key = abcdef
+ pem = <<~EOF
+ -----BEGIN EC PRIVATE KEY-----
+ Proc-Type: 4,ENCRYPTED
+ DEK-Info: AES-128-CBC,85743EB6FAC9EA76BF99D9328AFD1A66
+
+ nhsP1NHxb53aeZdzUe9umKKyr+OIwQq67eP0ONM6E1vFTIcjkDcFLR6PhPFufF4m
+ y7E2HF+9uT1KPQhlE+D63i1m1Mvez6PWfNM34iOQp2vEhaoHHKlR3c43lLyzaZDI
+ 0/dGSU5SzFG+iT9iFXCwCvv+bxyegkBOyALFje1NAsM=
+ -----END EC PRIVATE KEY-----
+ EOF
+ key = OpenSSL::PKey::EC.new(pem, "abcdef")
+ assert_same_ec P256, key
+ key = OpenSSL::PKey::EC.new(pem) { "abcdef" }
+ assert_same_ec P256, key
+
+ cipher = OpenSSL::Cipher.new("aes-128-cbc")
+ exported = P256.to_pem(cipher, "abcdef\0\1")
+ assert_same_ec P256, OpenSSL::PKey::EC.new(exported, "abcdef\0\1")
+ assert_raise(OpenSSL::PKey::ECError) {
+ OpenSSL::PKey::EC.new(exported, "abcdef")
+ }
end
- def test_read_public_key_der
- ec = OpenSSL::TestUtils::TEST_KEY_EC_P256V1
- ec2 = OpenSSL::PKey::EC.new(ec.group)
- ec2.public_key = ec.public_key
- der = ec2.to_der
- ec3 = OpenSSL::PKey.read(der)
- assert(!ec3.private_key?)
- assert_equal(der, ec3.to_der)
+ def test_PUBKEY
+ asn1 = OpenSSL::ASN1::Sequence([
+ OpenSSL::ASN1::Sequence([
+ OpenSSL::ASN1::ObjectId("id-ecPublicKey"),
+ OpenSSL::ASN1::ObjectId("prime256v1")
+ ]),
+ OpenSSL::ASN1::BitString(
+ P256.public_key.to_bn.to_s(2)
+ )
+ ])
+ key = OpenSSL::PKey::EC.new(asn1.to_der)
+ assert_not_predicate key, :private?
+ assert_same_ec dup_public(P256), key
+
+ pem = <<~EOF
+ -----BEGIN PUBLIC KEY-----
+ MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFglk2c+oVUIKQ64eZG9bhLNPWB7l
+ SZ/ArK41eGy5wAzU/0G51XttCeBUl+MahZtn9fO1JKdF4qJmS39dXnpENg==
+ -----END PUBLIC KEY-----
+ EOF
+ key = OpenSSL::PKey::EC.new(pem)
+ assert_same_ec dup_public(P256), key
+
+ assert_equal asn1.to_der, dup_public(P256).to_der
+ assert_equal pem, dup_public(P256).export
end
- def test_read_public_key_pem
- ec = OpenSSL::TestUtils::TEST_KEY_EC_P256V1
- ec2 = OpenSSL::PKey::EC.new(ec.group)
- ec2.public_key = ec.public_key
- pem = ec2.to_pem
- ec3 = OpenSSL::PKey.read(pem)
- assert(!ec3.private_key?)
- assert_equal(pem, ec3.to_pem)
+ def test_ec_group
+ group1 = OpenSSL::PKey::EC::Group.new("prime256v1")
+ key1 = OpenSSL::PKey::EC.new(group1)
+ assert_equal group1, key1.group
+
+ group2 = OpenSSL::PKey::EC::Group.new(group1)
+ assert_equal group1.to_der, group2.to_der
+ assert_equal group1, group2
+ group2.asn1_flag ^=OpenSSL::PKey::EC::NAMED_CURVE
+ assert_not_equal group1.to_der, group2.to_der
+ assert_equal group1, group2
+
+ group3 = group1.dup
+ assert_equal group1.to_der, group3.to_der
+
+ assert group1.asn1_flag & OpenSSL::PKey::EC::NAMED_CURVE # our default
+ der = group1.to_der
+ group4 = OpenSSL::PKey::EC::Group.new(der)
+ group1.point_conversion_form = group4.point_conversion_form = :uncompressed
+ assert_equal :uncompressed, group1.point_conversion_form
+ assert_equal :uncompressed, group4.point_conversion_form
+ assert_equal group1, group4
+ assert_equal group1.curve_name, group4.curve_name
+ assert_equal group1.generator.to_bn, group4.generator.to_bn
+ assert_equal group1.order, group4.order
+ assert_equal group1.cofactor, group4.cofactor
+ assert_equal group1.seed, group4.seed
+ assert_equal group1.degree, group4.degree
end
- def test_read_private_key_pem_pw
- ec = OpenSSL::TestUtils::TEST_KEY_EC_P256V1
- pem = ec.to_pem(OpenSSL::Cipher.new('AES-128-CBC'), 'secret')
- #callback form for password
- ec2 = OpenSSL::PKey.read(pem) do
- 'secret'
- end
- assert(ec2.private_key?)
- # pass password directly
- ec2 = OpenSSL::PKey.read(pem, 'secret')
- assert(ec2.private_key?)
- #omit pem equality check, will be different due to cipher iv
- end
+ def test_ec_point
+ group = OpenSSL::PKey::EC::Group.new("prime256v1")
+ key = OpenSSL::PKey::EC.new(group).generate_key!
+ point = key.public_key
- def test_export_password_length
- key = OpenSSL::TestUtils::TEST_KEY_EC_P256V1
- assert_raise(OpenSSL::OpenSSLError) do
- key.export(OpenSSL::Cipher.new('AES-128-CBC'), 'sec')
- end
- pem = key.export(OpenSSL::Cipher.new('AES-128-CBC'), 'secr')
- assert(pem)
- end
+ point2 = OpenSSL::PKey::EC::Point.new(group, point.to_bn)
+ assert_equal point, point2
+ assert_equal point.to_bn, point2.to_bn
+ point2.invert!
+ assert_not_equal point.to_bn, point2.to_bn
- def test_export_password_funny
- key = OpenSSL::TestUtils::TEST_KEY_EC_P256V1
- pem = key.export(OpenSSL::Cipher.new('AES-128-CBC'), "pass\0wd")
- assert_raise(ArgumentError) do
- OpenSSL::PKey.read(pem, "pass")
+ begin
+ group = OpenSSL::PKey::EC::Group.new(:GFp, 17, 2, 2)
+ group.point_conversion_form = :uncompressed
+ generator = OpenSSL::PKey::EC::Point.new(group, 0x040501.to_bn)
+ group.set_generator(generator, 19, 1)
+ point = OpenSSL::PKey::EC::Point.new(group, 0x040603.to_bn)
+ rescue OpenSSL::PKey::EC::Group::Error
+ pend "Patched OpenSSL rejected curve" if /unsupported field/ =~ $!.message
+ raise
end
- key2 = OpenSSL::PKey.read(pem, "pass\0wd")
- assert(key2.private_key?)
- key3 = OpenSSL::PKey::EC.new(pem, "pass\0wd")
- assert(key3.private_key?)
+
+ assert_equal 0x040603.to_bn, point.to_bn
+ assert_equal true, point.on_curve?
+ point.invert! # 8.5
+ assert_equal 0x04060E.to_bn, point.to_bn
+ assert_equal true, point.on_curve?
+
+ assert_equal false, point.infinity?
+ point.set_to_infinity!
+ assert_equal true, point.infinity?
+ assert_equal 0.to_bn, point.to_bn
+ assert_equal true, point.on_curve?
end
def test_ec_point_mul
@@ -247,44 +262,50 @@ class OpenSSL::TestEC < OpenSSL::TestCase
# y^2 = x^3 + 2x + 2 over F_17
# generator is (5, 1)
group = OpenSSL::PKey::EC::Group.new(:GFp, 17, 2, 2)
+ group.point_conversion_form = :uncompressed
gen = OpenSSL::PKey::EC::Point.new(group, OpenSSL::BN.new("040501", 16))
group.set_generator(gen, 0, 0)
# 3 * (6, 3) = (16, 13)
point_a = OpenSSL::PKey::EC::Point.new(group, OpenSSL::BN.new("040603", 16))
- result_a1 = point_a.mul(3.to_bn)
+ result_a1 = point_a.mul(3)
assert_equal("04100D", result_a1.to_bn.to_s(16))
# 3 * (6, 3) + 3 * (5, 1) = (7, 6)
- result_a2 = point_a.mul(3.to_bn, 3.to_bn)
+ result_a2 = point_a.mul(3, 3)
assert_equal("040706", result_a2.to_bn.to_s(16))
# 3 * point_a = 3 * (6, 3) = (16, 13)
- result_b1 = point_a.mul([3.to_bn], [])
+ result_b1 = point_a.mul([3], [])
assert_equal("04100D", result_b1.to_bn.to_s(16))
# 3 * point_a + 2 * point_a = 3 * (6, 3) + 2 * (6, 3) = (7, 11)
- result_b1 = point_a.mul([3.to_bn, 2.to_bn], [point_a])
+ result_b1 = point_a.mul([3, 2], [point_a])
assert_equal("04070B", result_b1.to_bn.to_s(16))
# 3 * point_a + 5 * point_a.group.generator = 3 * (6, 3) + 5 * (5, 1) = (13, 10)
- result_b1 = point_a.mul([3.to_bn], [], 5)
+ result_b1 = point_a.mul([3], [], 5)
assert_equal("040D0A", result_b1.to_bn.to_s(16))
rescue OpenSSL::PKey::EC::Group::Error
# CentOS patches OpenSSL to reject curves defined over Fp where p < 256 bits
raise if $!.message !~ /unsupported field/
end
- p256_key = OpenSSL::TestUtils::TEST_KEY_EC_P256V1
+ p256_key = P256
p256_g = p256_key.group
assert_equal(p256_key.public_key, p256_g.generator.mul(p256_key.private_key))
# invalid argument
point = p256_key.public_key
assert_raise(TypeError) { point.mul(nil) }
- assert_raise(ArgumentError) { point.mul([1.to_bn], [point]) }
- assert_raise(TypeError) { point.mul([1.to_bn], nil) }
+ assert_raise(ArgumentError) { point.mul([1], [point]) }
+ assert_raise(TypeError) { point.mul([1], nil) }
assert_raise(TypeError) { point.mul([nil], []) }
end
# test Group: asn1_flag, point_conversion
+ private
+
+ def assert_same_ec(expected, key)
+ check_component(expected, key, [:group, :public_key, :private_key])
+ end
end
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-20 13:44:44 +0000