blob: d47fbb537ef7e0ebc7206de42e6d2d2c71a30f37 [file] [log] [blame]
//! PKCS#1 algorithm params tests
use const_oid::db;
use der::{
asn1::{AnyRef, ObjectIdentifier, OctetStringRef},
oid::AssociatedOid,
Encode,
};
use hex_literal::hex;
use pkcs1::{RsaOaepParams, RsaPssParams, TrailerField};
/// Default PSS parameters using all default values (SHA1, MGF1)
const RSA_PSS_PARAMETERS_DEFAULTS: &[u8] = &hex!("3000");
/// Example PSS parameters using SHA256 instead of SHA1
const RSA_PSS_PARAMETERS_SHA2_256: &[u8] = &hex!("3034a00f300d06096086480165030402010500a11c301a06092a864886f70d010108300d06096086480165030402010500a203020120");
/// Default OAEP parameters using all default values (SHA1, MGF1, Empty)
const RSA_OAEP_PARAMETERS_DEFAULTS: &[u8] = &hex!("3000");
/// Example OAEP parameters using SHA256 instead of SHA1
const RSA_OAEP_PARAMETERS_SHA2_256: &[u8] = &hex!("302fa00f300d06096086480165030402010500a11c301a06092a864886f70d010108300d06096086480165030402010500");
struct Sha1Mock {}
impl AssociatedOid for Sha1Mock {
const OID: ObjectIdentifier = ObjectIdentifier::new_unwrap("1.3.14.3.2.26");
}
struct Sha256Mock {}
impl AssociatedOid for Sha256Mock {
const OID: ObjectIdentifier = ObjectIdentifier::new_unwrap("2.16.840.1.101.3.4.2.1");
}
#[test]
fn decode_pss_param() {
let param = RsaPssParams::try_from(RSA_PSS_PARAMETERS_SHA2_256).unwrap();
assert!(param
.hash
.assert_algorithm_oid(db::rfc5912::ID_SHA_256)
.is_ok());
assert_eq!(param.hash.parameters, Some(AnyRef::NULL));
assert!(param
.mask_gen
.assert_algorithm_oid(db::rfc5912::ID_MGF_1)
.is_ok());
assert!(param
.mask_gen
.parameters
.unwrap()
.assert_algorithm_oid(db::rfc5912::ID_SHA_256)
.is_ok());
assert_eq!(param.salt_len, 32);
assert_eq!(param.trailer_field, TrailerField::BC);
}
#[test]
fn encode_pss_param() {
let mut buf = [0_u8; 256];
let param = RsaPssParams::try_from(RSA_PSS_PARAMETERS_SHA2_256).unwrap();
assert_eq!(
param.encode_to_slice(&mut buf).unwrap(),
RSA_PSS_PARAMETERS_SHA2_256
);
}
#[test]
fn decode_pss_param_default() {
let param = RsaPssParams::try_from(RSA_PSS_PARAMETERS_DEFAULTS).unwrap();
assert!(param
.hash
.assert_algorithm_oid(db::rfc5912::ID_SHA_1)
.is_ok());
assert_eq!(param.hash.parameters, Some(AnyRef::NULL));
assert!(param
.mask_gen
.assert_algorithm_oid(db::rfc5912::ID_MGF_1)
.is_ok());
assert!(param
.mask_gen
.parameters
.unwrap()
.assert_algorithm_oid(db::rfc5912::ID_SHA_1)
.is_ok());
assert_eq!(
param.mask_gen.parameters.unwrap().parameters,
Some(AnyRef::NULL)
);
assert_eq!(param.salt_len, 20);
assert_eq!(param.trailer_field, TrailerField::BC);
assert_eq!(param, Default::default())
}
#[test]
fn encode_pss_param_default() {
let mut buf = [0_u8; 256];
assert_eq!(
RsaPssParams::default().encode_to_slice(&mut buf).unwrap(),
RSA_PSS_PARAMETERS_DEFAULTS
);
}
#[test]
fn new_pss_param() {
let mut buf = [0_u8; 256];
let param = RsaPssParams::new::<Sha1Mock>(20);
assert_eq!(
param.encode_to_slice(&mut buf).unwrap(),
RSA_PSS_PARAMETERS_DEFAULTS
);
let param = RsaPssParams::new::<Sha256Mock>(32);
assert_eq!(
param.encode_to_slice(&mut buf).unwrap(),
RSA_PSS_PARAMETERS_SHA2_256
);
}
#[test]
fn decode_oaep_param() {
let param = RsaOaepParams::try_from(RSA_OAEP_PARAMETERS_SHA2_256).unwrap();
assert!(param
.hash
.assert_algorithm_oid(db::rfc5912::ID_SHA_256)
.is_ok());
assert_eq!(param.hash.parameters, Some(AnyRef::NULL));
assert!(param
.mask_gen
.assert_algorithm_oid(db::rfc5912::ID_MGF_1)
.is_ok());
assert!(param
.mask_gen
.parameters
.unwrap()
.assert_algorithm_oid(db::rfc5912::ID_SHA_256)
.is_ok());
assert!(param
.p_source
.assert_algorithm_oid(db::rfc5912::ID_P_SPECIFIED)
.is_ok());
assert!(param
.p_source
.parameters_any()
.unwrap()
.decode_as::<OctetStringRef<'_>>()
.unwrap()
.is_empty(),);
}
#[test]
fn encode_oaep_param() {
let mut buf = [0_u8; 256];
let param = RsaOaepParams::try_from(RSA_OAEP_PARAMETERS_SHA2_256).unwrap();
assert_eq!(
param.encode_to_slice(&mut buf).unwrap(),
RSA_OAEP_PARAMETERS_SHA2_256
);
}
#[test]
fn decode_oaep_param_default() {
let param = RsaOaepParams::try_from(RSA_OAEP_PARAMETERS_DEFAULTS).unwrap();
assert!(param
.hash
.assert_algorithm_oid(db::rfc5912::ID_SHA_1)
.is_ok());
assert_eq!(param.hash.parameters, Some(AnyRef::NULL));
assert!(param
.mask_gen
.assert_algorithm_oid(db::rfc5912::ID_MGF_1)
.is_ok());
assert!(param
.mask_gen
.parameters
.unwrap()
.assert_algorithm_oid(db::rfc5912::ID_SHA_1)
.is_ok());
assert_eq!(
param.mask_gen.parameters.unwrap().parameters,
Some(AnyRef::NULL)
);
assert!(param
.p_source
.assert_algorithm_oid(db::rfc5912::ID_P_SPECIFIED)
.is_ok());
assert!(param
.p_source
.parameters_any()
.unwrap()
.decode_as::<OctetStringRef<'_>>()
.unwrap()
.is_empty(),);
assert_eq!(param, Default::default())
}
#[test]
fn encode_oaep_param_default() {
let mut buf = [0_u8; 256];
assert_eq!(
RsaOaepParams::default().encode_to_slice(&mut buf).unwrap(),
RSA_OAEP_PARAMETERS_DEFAULTS
);
}
#[test]
fn new_oaep_param() {
let mut buf = [0_u8; 256];
let param = RsaOaepParams::new::<Sha1Mock>();
assert_eq!(
param.encode_to_slice(&mut buf).unwrap(),
RSA_OAEP_PARAMETERS_DEFAULTS
);
let param = RsaOaepParams::new::<Sha256Mock>();
println!("{:02x?}", param.encode_to_slice(&mut buf).unwrap());
assert_eq!(
param.encode_to_slice(&mut buf).unwrap(),
RSA_OAEP_PARAMETERS_SHA2_256
);
}