lib-dcrypt: Add unit tests for changes

diff --git a/src/lib-dcrypt/test-crypto.c b/src/lib-dcrypt/test-crypto.c
index 10954c9f16ee937f36a001a2a567f389c1e16241..784c51ee3219a31d6381d1bb09810e6120078b67 100644 (file)
--- a/src/lib-dcrypt/test-crypto.c
+++ b/src/lib-dcrypt/test-crypto.c
@@ -1014,6 +1014,130 @@ static void test_raw_keys(void)
                           "efb4619614cc5e19fe9b2d24dae834b:21d116b7b3e5c52e81f"
                           "0437a10b0116cfafc467fb1b96e48926d021668fc1bea");
 
+       test_end();
+}
+
+static void test_sign_verify_rsa(void)
+{
+       const char *error = NULL;
+       bool valid;
+       struct dcrypt_private_key *priv_key = NULL;
+       struct dcrypt_public_key *pub_key = NULL;
+
+       buffer_t *signature =
+               buffer_create_dynamic(pool_datastack_create(), 128);
+       const char *data = "signed data";
+
+       test_begin("sign and verify (rsa)");
+       const char *key = "-----BEGIN PRIVATE KEY-----\n"
+"MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBALz2rTYj017MEtD6\n"
+"i2flctgTtL4awpTPn2iCvjkMD/owj2N7LRbnpJ5ZDUUkPW8OEDH9NEEx86aFwg+w\n"
+"GNzmxqRg5rA92iKouM4iU76IfCdtuYu4yyq57T2+C9mwqO5OvYXkM4VBjjcGr813\n"
+"7huMcki104znz7HADYj/y8Nu0jyPAgMBAAECgYEAkJStMx92OrIqM3t/7p7AoFNz\n"
+"l4EiIHo7ndtrcHqqPuOo0pUMitnyOrYoUR7JYo+AFL+Hm9p8co0lTpuOanaoxQk8\n"
+"Hs9MDzvp4OjRyr0+mVSqKGJOVckXA1Bi0X6jbtOjm3bn7mp1ICPrnv6VB8VP1ef1\n"
+"/NgcOai1RHEfXQWAWQECQQD7s3LqUFN5vdYuc/RQ98/NAuKUSvy7zU8tZ7r1Ea2w\n"
+"RoxAcakc6Xh75u+9VhsbVyDHDEjWbTW5H2uqkPeotR2tAkEAwDDpS83xH6ilhNnP\n"
+"Cors2WKKXZBkw+ZczThJXWIWrbo0zrTDYWYeo46HQRulJawW0iDEkVahk62uC7Go\n"
+"Im5SqwJAXcShd/dK0dzOEOozx4I6kPaVMIerFc/Lwm+Vb70RRs1RbKSrStETiJ0l\n"
+"DRUp7gqMdHr4G6H91KSG+Lke+mPW1QJAdG8tZ5dktWFepZWvMRvpUem5GeYYpfYx\n"
+"0sJ+7+w1ARsGUxSAKcnMVhpLJs6wxpnzWWowrDxntyhJgRwoWHOt8QJBAPuX7gGH\n"
+"Lxm7PpWgYYhnAiHGQmsiYEWZpTDHw3qODbSyANFjAKgaQZ3sHy4gdksmhbNJK60e\n"
+"K7mLk9hTLlVPXJM=\n"
+"-----END PRIVATE KEY-----";
+
+       test_assert(dcrypt_key_load_private(&priv_key,
+               key, NULL, NULL, &error));
+       if (priv_key == NULL)
+               i_fatal("%s", error);
+       dcrypt_key_convert_private_to_public(priv_key, &pub_key);
+       test_assert(dcrypt_sign(priv_key,
+               "sha256", data, strlen(data), signature, 0, &error));
+       /* verify signature */
+       test_assert(dcrypt_verify(pub_key,
+               "sha256", data, strlen(data),
+                signature->data, signature->used, &valid, 0, &error) && valid);
+
+       dcrypt_key_unref_public(&pub_key);
+       dcrypt_key_unref_private(&priv_key);
+
+       test_end();
+}
+
+static void test_sign_verify_ecdsa(void)
+{
+       const char *error = NULL;
+       bool valid;
+       struct dcrypt_private_key *priv_key = NULL;
+       struct dcrypt_public_key *pub_key = NULL;
+
+       buffer_t *signature =
+               buffer_create_dynamic(pool_datastack_create(), 128);
+       const char *data = "signed data";
+
+       test_begin("sign and verify (ecdsa)");
+       const char *key = "-----BEGIN PRIVATE KEY-----\n"
+"MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgZ4AMMyJ9XDl5lKM2\n"
+"vusbT1OQ6VzBWBkB3/4syovaKtyhRANCAAQHTR+6L2qMh5fdcMZF+Y1rctBsq8Oy\n"
+"7jZ4uV+MiuaoGNQ5sTxlcv6ETX/XrEDq4S/DUhFKzQ6u9VXYZImvRCT1\n"
+"-----END PRIVATE KEY-----";
+
+       test_assert(dcrypt_key_load_private(&priv_key,
+               key, NULL, NULL, &error));
+       if (priv_key == NULL)
+               i_fatal("%s", error);
+       dcrypt_key_convert_private_to_public(priv_key, &pub_key);
+       test_assert(dcrypt_sign(priv_key,
+               "sha256", data, strlen(data), signature, 0, &error));
+       /* verify signature */
+       test_assert(dcrypt_verify(pub_key,
+               "sha256", data, strlen(data), signature->data,
+               signature->used, &valid, 0, &error) && valid);
+
+       dcrypt_key_unref_public(&pub_key);
+       dcrypt_key_unref_private(&priv_key);
+
+       test_end();
+}
+
+static void test_static_verify_ecdsa(void)
+{
+       test_begin("static verify (ecdsa)");
+       const char *input = "hello, world";
+       const char *priv_key_pem =
+          "-----BEGIN PRIVATE KEY-----\n"
+          "MGcCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcETTBLAgEBBCC25AkD65uhlZXCAdwN\n"
+          "yLJV2ui8A/CUyqyEMrezvwgMO6EkAyIAAybRUR3MsH0+0PQcDwkrXOJ9aePwzTQV\n"
+          "DN51+n1JCxbI\n"
+          "-----END PRIVATE KEY-----";
+       const char *pub_key_pem =
+          "-----BEGIN PUBLIC KEY-----\n"
+          "MDkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDIgADJtFRHcywfT7Q9BwPCStc4n1p4/DN\n"
+          "NBUM3nX6fUkLFsg=\n"
+          "-----END PUBLIC KEY-----";
+
+       const unsigned char sig[] = {
+               0x30,0x45,0x02,0x20,0x2c,0x76,0x20,0x5e,0xfc,0xa6,0x9e,0x16,
+               0x44,0xb3,0xbc,0xbf,0xcc,0x43,0xc1,0x08,0x76,0x4a,0xe8,0x60,
+               0xc5,0x9b,0x99,0x20,0x5b,0x44,0x33,0x5c,0x38,0x84,0x63,0xcb,
+               0x02,0x21,0x00,0xa3,0x67,0xed,0x57,0xbf,0x59,0x46,0xb7,0x0c,
+               0x7b,0xec,0x4f,0x78,0x14,0xec,0xfa,0x8d,0xa2,0x85,0x48,0xea,
+               0xe1,0xaf,0x9e,0xbf,0x04,0xac,0x0e,0x41,0xfe,0x84,0x0e
+       };
+
+       struct dcrypt_keypair pair;
+       bool valid;
+       const char *error;
+
+       i_zero(&pair);
+       /* static key test */
+       test_assert(dcrypt_key_load_public(&pair.pub, pub_key_pem, NULL));
+       test_assert(dcrypt_key_load_private(&pair.priv, priv_key_pem, NULL, NULL, NULL));
+       /* validate signature */
+       test_assert(dcrypt_verify(pair.pub, "sha256", input, strlen(input),
+                                 sig, sizeof(sig), &valid, 0, &error) &&
+                   valid == TRUE);
+
        dcrypt_keypair_unref(&pair);
 
        test_end();
@@ -1060,6 +1184,47 @@ static void test_jwk_keys(void)
        test_end();
 }
 
+static void test_static_verify_rsa(void)
+{
+       const char *error = NULL;
+       bool valid;
+       struct dcrypt_public_key *pub_key = NULL;
+
+       test_begin("static verify (rsa)");
+       const char *data = "test signature input\n";
+       const unsigned char sig[] = {
+               0x6f,0x1b,0xfb,0xdd,0xdb,0xb1,0xcd,0x6f,0xf1,0x1b,
+               0xb8,0xad,0x71,0x75,0x6c,0x87,0x22,0x11,0xe4,0xc3,
+               0xe7,0xca,0x15,0x04,0xda,0x98,0xab,0x07,0x27,0xcc,
+               0x5a,0x4d,0xab,0xac,0x37,0x7a,0xff,0xd2,0xdf,0x37,
+               0x58,0x37,0x53,0x46,0xd5,0x6d,0x9d,0x73,0x83,0x90,
+               0xea,0x5e,0x2c,0xc7,0x51,0x9e,0xc4,0xda,0xc5,0x7d,
+               0xa5,0xcd,0xb7,0xd7,0x41,0x23,0x6d,0xb9,0x6d,0xe0,
+               0x99,0xa1,0x63,0x6b,0x60,0x5f,0x15,0x5b,0xda,0x21,
+               0x17,0x4c,0x37,0x68,0x67,0x7f,0x8e,0x02,0x93,0xd2,
+               0x86,0xdd,0xe5,0xa7,0xc3,0xd9,0x93,0x8b,0x0c,0x56,
+               0x1d,0x5c,0x60,0x63,0x3e,0x8b,0xbe,0x1f,0xb2,0xe7,
+               0x7f,0xe5,0x66,0x6f,0xcd,0x2b,0x0c,0x02,0x2a,0x12,
+               0x96,0x86,0x66,0x00,0xff,0x12,0x8a,0x79
+       };
+       const char *key = "-----BEGIN PUBLIC KEY-----\n"
+"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC89q02I9NezBLQ+otn5XLYE7S+\n"
+"GsKUz59ogr45DA/6MI9jey0W56SeWQ1FJD1vDhAx/TRBMfOmhcIPsBjc5sakYOaw\n"
+"PdoiqLjOIlO+iHwnbbmLuMsque09vgvZsKjuTr2F5DOFQY43Bq/Nd+4bjHJItdOM\n"
+"58+xwA2I/8vDbtI8jwIDAQAB\n"
+"-----END PUBLIC KEY-----";
+
+       test_assert(dcrypt_key_load_public(&pub_key, key, &error));
+       if (pub_key == NULL)
+               i_fatal("%s", error);
+       test_assert(dcrypt_verify(pub_key, "sha256", data, strlen(data),
+               sig, sizeof(sig), &valid, DCRYPT_PADDING_RSA_PKCS1, &error) &&
+               valid);
+       dcrypt_key_unref_public(&pub_key);
+
+       test_end();
+}
+
 int main(void)
 {
        struct dcrypt_settings set = {
@@ -1092,6 +1257,10 @@ int main(void)
                test_load_invalid_keys,
                test_raw_keys,
                test_jwk_keys,
+               test_sign_verify_rsa,
+               test_sign_verify_ecdsa,
+               test_static_verify_ecdsa,
+               test_static_verify_rsa,
                NULL
        };