|
| 1 | +package dsig_test |
| 2 | + |
| 3 | +import ( |
| 4 | + "crypto" |
| 5 | + "crypto/ecdsa" |
| 6 | + "crypto/elliptic" |
| 7 | + "crypto/rand" |
| 8 | + "crypto/sha256" |
| 9 | + "crypto/sha512" |
| 10 | + "hash" |
| 11 | + "testing" |
| 12 | + |
| 13 | + "github.com/lestrrat-go/dsig" |
| 14 | + "github.com/stretchr/testify/require" |
| 15 | +) |
| 16 | + |
| 17 | +func TestECDSADER(t *testing.T) { |
| 18 | + t.Parallel() |
| 19 | + |
| 20 | + tests := []struct { |
| 21 | + name string |
| 22 | + curve elliptic.Curve |
| 23 | + h crypto.Hash |
| 24 | + hfunc func() hash.Hash |
| 25 | + }{ |
| 26 | + {"P256/SHA256", elliptic.P256(), crypto.SHA256, sha256.New}, |
| 27 | + {"P384/SHA384", elliptic.P384(), crypto.SHA384, sha512.New384}, |
| 28 | + {"P521/SHA512", elliptic.P521(), crypto.SHA512, sha512.New}, |
| 29 | + } |
| 30 | + |
| 31 | + payload := []byte("the quick brown fox jumps over the lazy dog") |
| 32 | + |
| 33 | + for _, tc := range tests { |
| 34 | + t.Run(tc.name, func(t *testing.T) { |
| 35 | + t.Parallel() |
| 36 | + |
| 37 | + key, err := ecdsa.GenerateKey(tc.curve, rand.Reader) |
| 38 | + require.NoError(t, err, "generate key") |
| 39 | + |
| 40 | + digest := func() []byte { |
| 41 | + h := tc.hfunc() |
| 42 | + h.Write(payload) |
| 43 | + return h.Sum(nil) |
| 44 | + } |
| 45 | + |
| 46 | + t.Run("round trip", func(t *testing.T) { |
| 47 | + sig, err := dsig.SignECDSADER(key, payload, tc.h, nil) |
| 48 | + require.NoError(t, err, "SignECDSADER") |
| 49 | + require.NoError(t, dsig.VerifyECDSADER(&key.PublicKey, payload, sig, tc.h), "VerifyECDSADER") |
| 50 | + }) |
| 51 | + |
| 52 | + t.Run("dsig sign, stdlib verify", func(t *testing.T) { |
| 53 | + sig, err := dsig.SignECDSADER(key, payload, tc.h, nil) |
| 54 | + require.NoError(t, err, "SignECDSADER") |
| 55 | + require.True(t, ecdsa.VerifyASN1(&key.PublicKey, digest(), sig), "stdlib VerifyASN1 must accept dsig DER output") |
| 56 | + }) |
| 57 | + |
| 58 | + t.Run("stdlib sign, dsig verify", func(t *testing.T) { |
| 59 | + sig, err := ecdsa.SignASN1(rand.Reader, key, digest()) |
| 60 | + require.NoError(t, err, "ecdsa.SignASN1") |
| 61 | + require.NoError(t, dsig.VerifyECDSADER(&key.PublicKey, payload, sig, tc.h), "VerifyECDSADER must accept stdlib DER output") |
| 62 | + }) |
| 63 | + |
| 64 | + t.Run("format isolation", func(t *testing.T) { |
| 65 | + derSig, err := dsig.SignECDSADER(key, payload, tc.h, nil) |
| 66 | + require.NoError(t, err, "SignECDSADER") |
| 67 | + jwsSig, err := dsig.SignECDSA(key, payload, tc.h, nil) |
| 68 | + require.NoError(t, err, "SignECDSA") |
| 69 | + |
| 70 | + require.Error(t, dsig.VerifyECDSA(&key.PublicKey, payload, derSig, tc.h), "JWS verifier must reject DER signature") |
| 71 | + require.Error(t, dsig.VerifyECDSADER(&key.PublicKey, payload, jwsSig, tc.h), "DER verifier must reject JWS signature") |
| 72 | + }) |
| 73 | + |
| 74 | + t.Run("tamper detection", func(t *testing.T) { |
| 75 | + sig, err := dsig.SignECDSADER(key, payload, tc.h, nil) |
| 76 | + require.NoError(t, err, "SignECDSADER") |
| 77 | + tampered := make([]byte, len(sig)) |
| 78 | + copy(tampered, sig) |
| 79 | + tampered[len(tampered)/2] ^= 0xFF |
| 80 | + require.Error(t, dsig.VerifyECDSADER(&key.PublicKey, payload, tampered, tc.h), "tampered signature must fail") |
| 81 | + }) |
| 82 | + |
| 83 | + t.Run("wrong key", func(t *testing.T) { |
| 84 | + sig, err := dsig.SignECDSADER(key, payload, tc.h, nil) |
| 85 | + require.NoError(t, err, "SignECDSADER") |
| 86 | + other, err := ecdsa.GenerateKey(tc.curve, rand.Reader) |
| 87 | + require.NoError(t, err, "generate other key") |
| 88 | + require.Error(t, dsig.VerifyECDSADER(&other.PublicKey, payload, sig, tc.h), "wrong key must fail") |
| 89 | + }) |
| 90 | + }) |
| 91 | + } |
| 92 | +} |
0 commit comments