github.com/osdi23p228/fabric@v0.0.0-20221218062954-77808885f5db/bccsp/sw/ecdsa_test.go (about) 1 /* 2 Copyright IBM Corp. 2017 All Rights Reserved. 3 4 Licensed under the Apache License, Version 2.0 (the "License"); 5 you may not use this file except in compliance with the License. 6 You may obtain a copy of the License at 7 8 http://www.apache.org/licenses/LICENSE-2.0 9 10 Unless required by applicable law or agreed to in writing, software 11 distributed under the License is distributed on an "AS IS" BASIS, 12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 See the License for the specific language governing permissions and 14 limitations under the License. 15 */ 16 17 package sw 18 19 import ( 20 "crypto/ecdsa" 21 "crypto/elliptic" 22 "crypto/rand" 23 "crypto/sha256" 24 "crypto/x509" 25 "math/big" 26 "testing" 27 28 "github.com/osdi23p228/fabric/bccsp/utils" 29 "github.com/stretchr/testify/assert" 30 ) 31 32 func TestSignECDSABadParameter(t *testing.T) { 33 // Generate a key 34 lowLevelKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) 35 assert.NoError(t, err) 36 37 // Induce an error on the underlying ecdsa algorithm 38 curve := *elliptic.P256().Params() 39 curve.N = big.NewInt(0) 40 lowLevelKey.Curve = &curve 41 42 _, err = signECDSA(lowLevelKey, []byte("hello world"), nil) 43 assert.Error(t, err) 44 assert.Contains(t, err.Error(), "zero parameter") 45 } 46 47 func TestVerifyECDSA(t *testing.T) { 48 t.Parallel() 49 50 // Generate a key 51 lowLevelKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) 52 assert.NoError(t, err) 53 54 msg := []byte("hello world") 55 sigma, err := signECDSA(lowLevelKey, msg, nil) 56 assert.NoError(t, err) 57 58 valid, err := verifyECDSA(&lowLevelKey.PublicKey, sigma, msg, nil) 59 assert.NoError(t, err) 60 assert.True(t, valid) 61 62 _, err = verifyECDSA(&lowLevelKey.PublicKey, nil, msg, nil) 63 assert.Error(t, err) 64 assert.Contains(t, err.Error(), "Failed unmashalling signature [") 65 66 R, S, err := utils.UnmarshalECDSASignature(sigma) 67 assert.NoError(t, err) 68 S.Add(utils.GetCurveHalfOrdersAt(elliptic.P256()), big.NewInt(1)) 69 sigmaWrongS, err := utils.MarshalECDSASignature(R, S) 70 assert.NoError(t, err) 71 _, err = verifyECDSA(&lowLevelKey.PublicKey, sigmaWrongS, msg, nil) 72 assert.Error(t, err) 73 assert.Contains(t, err.Error(), "Invalid S. Must be smaller than half the order [") 74 } 75 76 func TestEcdsaSignerSign(t *testing.T) { 77 t.Parallel() 78 79 signer := &ecdsaSigner{} 80 verifierPrivateKey := &ecdsaPrivateKeyVerifier{} 81 verifierPublicKey := &ecdsaPublicKeyKeyVerifier{} 82 83 // Generate a key 84 lowLevelKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) 85 assert.NoError(t, err) 86 k := &ecdsaPrivateKey{lowLevelKey} 87 pk, err := k.PublicKey() 88 assert.NoError(t, err) 89 90 // Sign 91 msg := []byte("Hello World") 92 sigma, err := signer.Sign(k, msg, nil) 93 assert.NoError(t, err) 94 assert.NotNil(t, sigma) 95 96 // Verify 97 valid, err := verifyECDSA(&lowLevelKey.PublicKey, sigma, msg, nil) 98 assert.NoError(t, err) 99 assert.True(t, valid) 100 101 valid, err = verifierPrivateKey.Verify(k, sigma, msg, nil) 102 assert.NoError(t, err) 103 assert.True(t, valid) 104 105 valid, err = verifierPublicKey.Verify(pk, sigma, msg, nil) 106 assert.NoError(t, err) 107 assert.True(t, valid) 108 } 109 110 func TestEcdsaPrivateKey(t *testing.T) { 111 t.Parallel() 112 113 lowLevelKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) 114 assert.NoError(t, err) 115 k := &ecdsaPrivateKey{lowLevelKey} 116 117 assert.False(t, k.Symmetric()) 118 assert.True(t, k.Private()) 119 120 _, err = k.Bytes() 121 assert.Error(t, err) 122 assert.Contains(t, err.Error(), "Not supported.") 123 124 k.privKey = nil 125 ski := k.SKI() 126 assert.Nil(t, ski) 127 128 k.privKey = lowLevelKey 129 ski = k.SKI() 130 raw := elliptic.Marshal(k.privKey.Curve, k.privKey.PublicKey.X, k.privKey.PublicKey.Y) 131 hash := sha256.New() 132 hash.Write(raw) 133 ski2 := hash.Sum(nil) 134 assert.Equal(t, ski2, ski, "SKI is not computed in the right way.") 135 136 pk, err := k.PublicKey() 137 assert.NoError(t, err) 138 assert.NotNil(t, pk) 139 ecdsaPK, ok := pk.(*ecdsaPublicKey) 140 assert.True(t, ok) 141 assert.Equal(t, &lowLevelKey.PublicKey, ecdsaPK.pubKey) 142 } 143 144 func TestEcdsaPublicKey(t *testing.T) { 145 t.Parallel() 146 147 lowLevelKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) 148 assert.NoError(t, err) 149 k := &ecdsaPublicKey{&lowLevelKey.PublicKey} 150 151 assert.False(t, k.Symmetric()) 152 assert.False(t, k.Private()) 153 154 k.pubKey = nil 155 ski := k.SKI() 156 assert.Nil(t, ski) 157 158 k.pubKey = &lowLevelKey.PublicKey 159 ski = k.SKI() 160 raw := elliptic.Marshal(k.pubKey.Curve, k.pubKey.X, k.pubKey.Y) 161 hash := sha256.New() 162 hash.Write(raw) 163 ski2 := hash.Sum(nil) 164 assert.Equal(t, ski, ski2, "SKI is not computed in the right way.") 165 166 pk, err := k.PublicKey() 167 assert.NoError(t, err) 168 assert.Equal(t, k, pk) 169 170 bytes, err := k.Bytes() 171 assert.NoError(t, err) 172 bytes2, err := x509.MarshalPKIXPublicKey(k.pubKey) 173 assert.NoError(t, err) 174 assert.Equal(t, bytes2, bytes, "bytes are not computed in the right way.") 175 176 invalidCurve := &elliptic.CurveParams{Name: "P-Invalid"} 177 invalidCurve.BitSize = 1024 178 k.pubKey = &ecdsa.PublicKey{Curve: invalidCurve, X: big.NewInt(1), Y: big.NewInt(1)} 179 _, err = k.Bytes() 180 assert.Error(t, err) 181 assert.Contains(t, err.Error(), "Failed marshalling key [") 182 }