1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
|
require_relative 'utils'
if defined?(OpenSSL::PKey::EC)
class OpenSSL::TestEC < Test::Unit::TestCase
def setup
@data1 = 'foo'
@data2 = 'bar' * 1000 # data too long for DSA sig
@group1 = OpenSSL::PKey::EC::Group.new('secp112r1')
@group2 = OpenSSL::PKey::EC::Group.new('sect163k1')
@key1 = OpenSSL::PKey::EC.new
@key1.group = @group1
@key1.generate_key
@key2 = OpenSSL::PKey::EC.new(@group2.curve_name)
@key2.generate_key
@groups = [@group1, @group2]
@keys = [@key1, @key2]
end
def compare_keys(k1, k2)
assert_equal(k1.to_pem, k2.to_pem)
end
def test_curve_names
@groups.each_with_index do |group, idx|
key = @keys[idx]
assert_equal(group.curve_name, key.group.curve_name)
end
end
def test_check_key
for key in @keys
assert_equal(key.check_key, true)
assert_equal(key.private_key?, true)
assert_equal(key.public_key?, true)
end
end
def test_encoding
for group in @groups
for meth in [:to_der, :to_pem]
txt = group.send(meth)
gr = OpenSSL::PKey::EC::Group.new(txt)
assert_equal(txt, gr.send(meth))
assert_equal(group.generator.to_bn, gr.generator.to_bn)
assert_equal(group.cofactor, gr.cofactor)
assert_equal(group.order, gr.order)
assert_equal(group.seed, gr.seed)
assert_equal(group.degree, gr.degree)
end
end
for key in @keys
group = key.group
for meth in [:to_der, :to_pem]
txt = key.send(meth)
assert_equal(txt, OpenSSL::PKey::EC.new(txt).send(meth))
end
bn = key.public_key.to_bn
assert_equal(bn, OpenSSL::PKey::EC::Point.new(group, bn).to_bn)
end
end
def test_set_keys
for key in @keys
k = OpenSSL::PKey::EC.new
k.group = key.group
k.private_key = key.private_key
k.public_key = key.public_key
compare_keys(key, k)
end
end
def test_dsa_sign_verify
for key in @keys
sig = key.dsa_sign_asn1(@data1)
assert(key.dsa_verify_asn1(@data1, sig))
end
end
def test_dsa_sign_asn1_FIPS186_3
for key in @keys
size = key.group.order.num_bits / 8 + 1
dgst = (1..size).to_a.pack('C*')
begin
sig = key.dsa_sign_asn1(dgst)
# dgst is auto-truncated according to FIPS186-3 after openssl-0.9.8m
assert(key.dsa_verify_asn1(dgst + "garbage", sig))
rescue OpenSSL::PKey::ECError => e
# just an exception for longer dgst before openssl-0.9.8m
assert_equal('ECDSA_sign: data too large for key size', e.message)
# no need to do following tests
return
end
end
end
def test_dh_compute_key
for key in @keys
k = OpenSSL::PKey::EC.new(key.group)
k.generate_key
puba = key.public_key
pubb = k.public_key
a = key.dh_compute_key(pubb)
b = k.dh_compute_key(puba)
assert_equal(a, b)
end
end
# test Group: asn1_flag, point_conversion
end
end
|
