rust
/
webpki
mirror of https://github.com/briansmith/webpki
1
0
Fork 0
Code Issues Releases Wiki Activity

Import Chromium's |verify_signed_data| test data.

This commit is contained in:
Brian Smith 2015-08-14 10:20:42 -04:00
parent 6b60cbd719
commit 7f0632ba67
35 changed files with 1998 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
LICENSE
View File

@ -14,3 +14,6 @@ ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
The files under third-party/chromium are licensed as described in
third-party/chromium/LICENSE.

27
third-party/chromium/LICENSE vendored Normal file
View File

@ -0,0 +1,27 @@
// Copyright 2015 The Chromium Authors. All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are
// met:
//
// * Redistributions of source code must retain the above copyright
// notice, this list of conditions and the following disclaimer.
// * Redistributions in binary form must reproduce the above
// copyright notice, this list of conditions and the following disclaimer
// in the documentation and/or other materials provided with the
// distribution.
// * Neither the name of Google Inc. nor the names of its
// contributors may be used to endorse or promote products derived from
// this software without specific prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

35
third-party/chromium/data/verify_signed_data/README vendored Normal file
View File

@ -0,0 +1,35 @@
This directory contains test data for testing net::VerifySignedData().
When adding or changing test data, run the script
$ python annotate_test_data.py
This script will apply a uniform formatting. For instance it will add a
comment showing what the parsed ASN.1 looks like, and reformat the base64 to
have consistent line breaks.
The general format for the test files is as follows:
<A description of the test>
-----BEGIN PUBLIC KEY-----
<base64-encoded, DER-encoded, SPKI>
-----END PUBLIC KEY-----
-----BEGIN ALGORITHM-----
<base64-encoded, DER-encoded, AlgorithmIdentifier for the signature.>
-----END ALGORITHM-----
-----BEGIN DATA-----
<base64-encoded data that is being verified>
-----END DATA-----
-----BEGIN SIGNATURE-----
<base64-encoded, DER-encoded, BIT STRING of the signature>
-----END SIGNATURE-----
Comments for a PEM block should be placed immediately below that block.
The script will also insert a comment after the block describing its parsed
ASN.1 structure (your extra comments need to be above the script-generated
comments or they will be stripped).

167
third-party/chromium/data/verify_signed_data/annotate_test_data.py vendored Normal file
View File

@ -0,0 +1,167 @@
#!/usr/bin/python
# Copyright (c) 2015 The Chromium Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
"""This script is called without any arguments to re-format all of the *.pem
files in the script's parent directory.
The main formatting change is to run "openssl asn1parse" for each of the PEM
block sections (except for DATA), and add that output to the comment.
Refer to the README file for more information.
"""
import glob
import os
import re
import base64
import subprocess
def Transform(file_data):
"""Returns a transformed (formatted) version of file_data"""
result = ''
# Get the file's description (all the text before the first PEM block)
file_description = GetTextUntilNextPemBlock(file_data)
result += file_description + '\n'
for block in GetPemBlocks(file_data):
result += '\n\n\n'
result += MakePemBlockString(block.name, block.data)
# If there was a user comment (non-script-generated comment) associated
# with the block, output it immediately after the block.
user_comment = GetUserComment(block.comment)
if user_comment:
result += '\n' + user_comment + '\n'
# For every block except for DATA, try to pretty print the parsed ASN.1.
# DATA blocks likely would be DER in practice, but for the purposes of
# these tests seeing its structure doesn't clarify
# anything and is just a distraction.
if block.name != 'DATA':
generated_comment = GenerateCommentForBlock(block.name, block.data)
result += '\n' + generated_comment + '\n'
return result
def GenerateCommentForBlock(block_name, block_data):
"""Returns a string describing the ASN.1 structure of block_data"""
p = subprocess.Popen(['openssl', 'asn1parse', '-i', '-inform', 'DER'],
stdout=subprocess.PIPE, stdin=subprocess.PIPE,
stderr=subprocess.PIPE)
stdout_data, stderr_data = p.communicate(input=block_data)
generated_comment = '$ openssl asn1parse -i < [%s]\n%s' % (block_name,
stdout_data)
return generated_comment.strip('\n')
def GetTextUntilNextPemBlock(text):
return text.split('-----BEGIN ', 1)[0].strip('\n')
def GetUserComment(comment):
"""Removes any script-generated lines (everything after the $ openssl line)"""
# Consider everything after "$ openssl" to be a generated comment.
comment = comment.split('$ openssl asn1parse -i', 1)[0].strip('\n')
if IsEntirelyWhiteSpace(comment):
comment = ''
return comment
def MakePemBlockString(name, data):
return ('-----BEGIN %s-----\n'
'%s'
'-----END %s-----\n') % (name, EncodeDataForPem(data), name)
def GetPemFilePaths():
"""Returns an iterable for all the paths to the PEM test files"""
base_dir = os.path.dirname(os.path.realpath(__file__))
return glob.iglob(os.path.join(base_dir, '*.pem'))
def ReadFileToString(path):
with open(path, 'r') as f:
return f.read()
def WrapTextToLineWidth(text, column_width):
result = ''
pos = 0
while pos < len(text):
result += text[pos : pos + column_width] + '\n'
pos += column_width
return result
def EncodeDataForPem(data):
result = base64.b64encode(data)
return WrapTextToLineWidth(result, 75)
class PemBlock(object):
def __init__(self):
self.name = None
self.data = None
self.comment = None
def StripAllWhitespace(text):
pattern = re.compile(r'\s+')
return re.sub(pattern, '', text)
def IsEntirelyWhiteSpace(text):
return len(StripAllWhitespace(text)) == 0
def DecodePemBlockData(text):
text = StripAllWhitespace(text)
return base64.b64decode(text)
def GetPemBlocks(data):
"""Returns an iterable of PemBlock"""
regex = re.compile(r'-----BEGIN ([\w ]+)-----(.*?)-----END \1-----',
re.DOTALL)
for match in regex.finditer(data):
block = PemBlock()
block.name = match.group(1)
block.data = DecodePemBlockData(match.group(2))
# Keep track of any non-PEM text between blocks
block.comment = GetTextUntilNextPemBlock(data[match.end():])
yield block
def WriteStringToFile(data, path):
with open(path, "w") as f:
f.write(data)
def main():
for path in GetPemFilePaths():
print "Processing %s ..." % (path)
original_data = ReadFileToString(path)
transformed_data = Transform(original_data)
if original_data != transformed_data:
WriteStringToFile(transformed_data, path)
print "Rewrote %s" % (path)
if __name__ == "__main__":
main()

45
third-party/chromium/data/verify_signed_data/ecdsa-prime256v1-sha512-spki-params-null.pem vendored Normal file
View File

@ -0,0 +1,45 @@
This is the same test as ecdsa-prime256v1-sha512.pem except the public key's
algorithm has been tampered with. The parameters for ecPublicKey should be a
namedCurve, but here they have been replaced by NULL.
-----BEGIN PUBLIC KEY-----
MFEwCwYHKoZIzj0CAQUAA0IABJywz2kwPa/HYdTkaHtOzwOebTSrlkr4CBDY1VikqNb3LVEjOhe
IkgqG7gihlix576MX+3h54pfa0hRtuZX6HHg=
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [PUBLIC KEY]
0:d=0 hl=2 l= 81 cons: SEQUENCE
2:d=1 hl=2 l= 11 cons: SEQUENCE
4:d=2 hl=2 l= 7 prim: OBJECT :id-ecPublicKey
13:d=2 hl=2 l= 0 prim: NULL
15:d=1 hl=2 l= 66 prim: BIT STRING
-----BEGIN ALGORITHM-----
MAoGCCqGSM49BAME
-----END ALGORITHM-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 10 cons: SEQUENCE
2:d=1 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA512
-----BEGIN DATA-----
bikyFTMBpO72gOZCiSmtrpiMEI1mijH/VdBImUfXX/gaRr+J6E1kAfAjvm6HaI+814TXhcqEZzV
SSstS0ARSyEBApHnnzDMJNkQdk7vnIqlDKm4dsRK1yUA7ECcssTR/1hnUY/ep0iOtdv3gbYpog1
APuEMjWr/5jiQb37VTjD4=
-----END DATA-----
-----BEGIN SIGNATURE-----
A0cAMEQCIEufkeQoUocmGh0ckjz2Gc1SwXXP5/G+YKUljGEDSLo9AiAoxF+QHXHEGymGOOwNaoX
X/LDDO7/sWpyBCEa2OSiahA==
-----END SIGNATURE-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=2 l= 71 prim: BIT STRING

53
third-party/chromium/data/verify_signed_data/ecdsa-prime256v1-sha512-unused-bits-signature.pem vendored Normal file
View File

@ -0,0 +1,53 @@
This is the same test as ecdsa-prime256v1-sha512.pem, however the SIGNATURE has
been changed to a (valid) BIT STRING containing two unused bits.
Note that the last two bits of the original signature were 0, so the
DER-encoded bytes portion of the mutated BIT STRING remains the same. All that
changes is the octet at the start which indicates the number of unused bits.
In other words SIGNATURE changes from:
03 47 00 30 ... 84
To:
03 47 02 30 ... 84
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnLDPaTA9r8dh1ORoe07PA55tNKuWSvgIENjVWKS
o1vctUSM6F4iSCobuCKGWLHnvoxf7eHnil9rSFG25lfoceA==
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [PUBLIC KEY]
0:d=0 hl=2 l= 89 cons: SEQUENCE
2:d=1 hl=2 l= 19 cons: SEQUENCE
4:d=2 hl=2 l= 7 prim: OBJECT :id-ecPublicKey
13:d=2 hl=2 l= 8 prim: OBJECT :prime256v1
23:d=1 hl=2 l= 66 prim: BIT STRING
-----BEGIN ALGORITHM-----
MAoGCCqGSM49BAME
-----END ALGORITHM-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 10 cons: SEQUENCE
2:d=1 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA512
-----BEGIN DATA-----
bikyFTMBpO72gOZCiSmtrpiMEI1mijH/VdBImUfXX/gaRr+J6E1kAfAjvm6HaI+814TXhcqEZzV
SSstS0ARSyEBApHnnzDMJNkQdk7vnIqlDKm4dsRK1yUA7ECcssTR/1hnUY/ep0iOtdv3gbYpog1
APuEMjWr/5jiQb37VTjD4=
-----END DATA-----
-----BEGIN SIGNATURE-----
A0cCMEQCIEufkeQoUocmGh0ckjz2Gc1SwXXP5/G+YKUljGEDSLo9AiAoxF+QHXHEGymGOOwNaoX
X/LDDO7/sWpyBCEa2OSiahA==
-----END SIGNATURE-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=2 l= 71 prim: BIT STRING

48
third-party/chromium/data/verify_signed_data/ecdsa-prime256v1-sha512-using-ecdh-key.pem vendored Normal file
View File

@ -0,0 +1,48 @@
This uses the same test data as ecdsa-prime256v1-sha512.pem, HOWEVER the
algorithm OID for the public key has been changed from id-ecPublicKey
(1.2.840.10045.2.1) to id-ecDH (1.3.132.1.12)
This test should fail because the public key's algorithm does not match that of
the signature algorithm.
-----BEGIN PUBLIC KEY-----
MFcwEQYFK4EEAQwGCCqGSM49AwEHA0IABJywz2kwPa/HYdTkaHtOzwOebTSrlkr4CBDY1VikqNb
3LVEjOheIkgqG7gihlix576MX+3h54pfa0hRtuZX6HHg=
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [PUBLIC KEY]
0:d=0 hl=2 l= 87 cons: SEQUENCE
2:d=1 hl=2 l= 17 cons: SEQUENCE
4:d=2 hl=2 l= 5 prim: OBJECT :1.3.132.1.12
11:d=2 hl=2 l= 8 prim: OBJECT :prime256v1
21:d=1 hl=2 l= 66 prim: BIT STRING
-----BEGIN ALGORITHM-----
MAoGCCqGSM49BAME
-----END ALGORITHM-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 10 cons: SEQUENCE
2:d=1 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA512
-----BEGIN DATA-----
bikyFTMBpO72gOZCiSmtrpiMEI1mijH/VdBImUfXX/gaRr+J6E1kAfAjvm6HaI+814TXhcqEZzV
SSstS0ARSyEBApHnnzDMJNkQdk7vnIqlDKm4dsRK1yUA7ECcssTR/1hnUY/ep0iOtdv3gbYpog1
APuEMjWr/5jiQb37VTjD4=
-----END DATA-----
-----BEGIN SIGNATURE-----
A0cAMEQCIEufkeQoUocmGh0ckjz2Gc1SwXXP5/G+YKUljGEDSLo9AiAoxF+QHXHEGymGOOwNaoX
X/LDDO7/sWpyBCEa2OSiahA==
-----END SIGNATURE-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=2 l= 71 prim: BIT STRING

48
third-party/chromium/data/verify_signed_data/ecdsa-prime256v1-sha512-using-ecmqv-key.pem vendored Normal file
View File

@ -0,0 +1,48 @@
This uses the same test data as ecdsa-prime256v1-sha512.pem, HOWEVER the
algorithm OID for the public key has been changed from id-ecPublicKey
(1.2.840.10045.2.1) to id-ecMQV (1.3.132.1.13)
This test should fail because the public key's algorithm does not match that of
the signature algorithm.
-----BEGIN PUBLIC KEY-----
MFcwEQYFK4EEAQ0GCCqGSM49AwEHA0IABJywz2kwPa/HYdTkaHtOzwOebTSrlkr4CBDY1VikqNb
3LVEjOheIkgqG7gihlix576MX+3h54pfa0hRtuZX6HHg=
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [PUBLIC KEY]
0:d=0 hl=2 l= 87 cons: SEQUENCE
2:d=1 hl=2 l= 17 cons: SEQUENCE
4:d=2 hl=2 l= 5 prim: OBJECT :1.3.132.1.13
11:d=2 hl=2 l= 8 prim: OBJECT :prime256v1
21:d=1 hl=2 l= 66 prim: BIT STRING
-----BEGIN ALGORITHM-----
MAoGCCqGSM49BAME
-----END ALGORITHM-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 10 cons: SEQUENCE
2:d=1 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA512
-----BEGIN DATA-----
bikyFTMBpO72gOZCiSmtrpiMEI1mijH/VdBImUfXX/gaRr+J6E1kAfAjvm6HaI+814TXhcqEZzV
SSstS0ARSyEBApHnnzDMJNkQdk7vnIqlDKm4dsRK1yUA7ECcssTR/1hnUY/ep0iOtdv3gbYpog1
APuEMjWr/5jiQb37VTjD4=
-----END DATA-----
-----BEGIN SIGNATURE-----
A0cAMEQCIEufkeQoUocmGh0ckjz2Gc1SwXXP5/G+YKUljGEDSLo9AiAoxF+QHXHEGymGOOwNaoX
X/LDDO7/sWpyBCEa2OSiahA==
-----END SIGNATURE-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=2 l= 71 prim: BIT STRING

48
third-party/chromium/data/verify_signed_data/ecdsa-prime256v1-sha512-using-rsa-algorithm.pem vendored Normal file
View File

@ -0,0 +1,48 @@
This test specified a valid ECDSA signature and EC key (the same as ecdsa-prime256v1-sha512.pem)
The problem however is the signature algorithm is indicated as being RSA PKCS#1 v1.5.
Signature verification consequently should fail.
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnLDPaTA9r8dh1ORoe07PA55tNKuWSvgIENjVWKS
o1vctUSM6F4iSCobuCKGWLHnvoxf7eHnil9rSFG25lfoceA==
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [PUBLIC KEY]
0:d=0 hl=2 l= 89 cons: SEQUENCE
2:d=1 hl=2 l= 19 cons: SEQUENCE
4:d=2 hl=2 l= 7 prim: OBJECT :id-ecPublicKey
13:d=2 hl=2 l= 8 prim: OBJECT :prime256v1
23:d=1 hl=2 l= 66 prim: BIT STRING
-----BEGIN ALGORITHM-----
MA0GCSqGSIb3DQEBDQUA
-----END ALGORITHM-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 13 cons: SEQUENCE
2:d=1 hl=2 l= 9 prim: OBJECT :sha512WithRSAEncryption
13:d=1 hl=2 l= 0 prim: NULL
-----BEGIN DATA-----
bikyFTMBpO72gOZCiSmtrpiMEI1mijH/VdBImUfXX/gaRr+J6E1kAfAjvm6HaI+814TXhcqEZzV
SSstS0ARSyEBApHnnzDMJNkQdk7vnIqlDKm4dsRK1yUA7ECcssTR/1hnUY/ep0iOtdv3gbYpog1
APuEMjWr/5jiQb37VTjD4=
-----END DATA-----
-----BEGIN SIGNATURE-----
A0cAMEQCIEufkeQoUocmGh0ckjz2Gc1SwXXP5/G+YKUljGEDSLo9AiAoxF+QHXHEGymGOOwNaoX
X/LDDO7/sWpyBCEa2OSiahA==
-----END SIGNATURE-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=2 l= 71 prim: BIT STRING

47
third-party/chromium/data/verify_signed_data/ecdsa-prime256v1-sha512-wrong-signature-format.pem vendored Normal file
View File

@ -0,0 +1,47 @@
This is the same as ecdsa-prime256v1-sha512.pem, except the signature is wrong.
Rather than encoding the signature into a DER-encoded Ecdsa-Sig-Value, it is a
concatenation of the r and s values. This is the format that WebCrypto uses for
ECDSA signature, but not what is used for digital signatures.
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnLDPaTA9r8dh1ORoe07PA55tNKuWSvgIENjVWKS
o1vctUSM6F4iSCobuCKGWLHnvoxf7eHnil9rSFG25lfoceA==
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [PUBLIC KEY]
0:d=0 hl=2 l= 89 cons: SEQUENCE
2:d=1 hl=2 l= 19 cons: SEQUENCE
4:d=2 hl=2 l= 7 prim: OBJECT :id-ecPublicKey
13:d=2 hl=2 l= 8 prim: OBJECT :prime256v1
23:d=1 hl=2 l= 66 prim: BIT STRING
-----BEGIN ALGORITHM-----
MAoGCCqGSM49BAME
-----END ALGORITHM-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 10 cons: SEQUENCE
2:d=1 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA512
-----BEGIN DATA-----
bikyFTMBpO72gOZCiSmtrpiMEI1mijH/VdBImUfXX/gaRr+J6E1kAfAjvm6HaI+814TXhcqEZzV
SSstS0ARSyEBApHnnzDMJNkQdk7vnIqlDKm4dsRK1yUA7ECcssTR/1hnUY/ep0iOtdv3gbYpog1
APuEMjWr/5jiQb37VTjD4=
-----END DATA-----
-----BEGIN SIGNATURE-----
A0EAS5+R5ChShyYaHRySPPYZzVLBdc/n8b5gpSWMYQNIuj0oxF+QHXHEGymGOOwNaoXX/LDDO7/
sWpyBCEa2OSiahA==
-----END SIGNATURE-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=2 l= 65 prim: BIT STRING

49
third-party/chromium/data/verify_signed_data/ecdsa-prime256v1-sha512.pem vendored Normal file
View File

@ -0,0 +1,49 @@
The key, message, and signature come from:
http://csrc.nist.gov/groups/STM/cavp/documents/dss/186-3ecdsatestvectors.zip (SigVer.rsp)
The algorithm DER was synthesized to match, and the signature (provided as an r
and s tuple) was encoded into a Ecdsa-Sig-Value and then a BIT STRING.
It uses ECDSA verification, using curve prime256v1 and SHA-512
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnLDPaTA9r8dh1ORoe07PA55tNKuWSvgIENjVWKS
o1vctUSM6F4iSCobuCKGWLHnvoxf7eHnil9rSFG25lfoceA==
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [PUBLIC KEY]
0:d=0 hl=2 l= 89 cons: SEQUENCE
2:d=1 hl=2 l= 19 cons: SEQUENCE
4:d=2 hl=2 l= 7 prim: OBJECT :id-ecPublicKey
13:d=2 hl=2 l= 8 prim: OBJECT :prime256v1
23:d=1 hl=2 l= 66 prim: BIT STRING
-----BEGIN ALGORITHM-----
MAoGCCqGSM49BAME
-----END ALGORITHM-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 10 cons: SEQUENCE
2:d=1 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA512
-----BEGIN DATA-----
bikyFTMBpO72gOZCiSmtrpiMEI1mijH/VdBImUfXX/gaRr+J6E1kAfAjvm6HaI+814TXhcqEZzV
SSstS0ARSyEBApHnnzDMJNkQdk7vnIqlDKm4dsRK1yUA7ECcssTR/1hnUY/ep0iOtdv3gbYpog1
APuEMjWr/5jiQb37VTjD4=
-----END DATA-----
-----BEGIN SIGNATURE-----
A0cAMEQCIEufkeQoUocmGh0ckjz2Gc1SwXXP5/G+YKUljGEDSLo9AiAoxF+QHXHEGymGOOwNaoX
X/LDDO7/sWpyBCEa2OSiahA==
-----END SIGNATURE-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=2 l= 71 prim: BIT STRING

53
third-party/chromium/data/verify_signed_data/ecdsa-secp384r1-sha256-corrupted-data.pem vendored Normal file
View File

@ -0,0 +1,53 @@
This is the same test as ecdsa-secp384r1-sha256.pem, except the DATA section
has been corrupted. The third byte has been set to 0.
This signature should NOT verify successfully.
-----BEGIN PUBLIC KEY-----
MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEXFhBi+WKXuxeK9yCbC9jqEchwjCNsQ4RXAsJ07oHZ+Q
qz55cNIY5BAhcQ0QYY5jv9BimGL9SuhUuOSuS3Pn9rrsIFGcFsihy4kDr8rq5+7RbN8bV057gW5
emYjLtvDsQ
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [PUBLIC KEY]
0:d=0 hl=2 l= 118 cons: SEQUENCE
2:d=1 hl=2 l= 16 cons: SEQUENCE
4:d=2 hl=2 l= 7 prim: OBJECT :id-ecPublicKey
13:d=2 hl=2 l= 5 prim: OBJECT :secp384r1
20:d=1 hl=2 l= 98 prim: BIT STRING
-----BEGIN ALGORITHM-----
MAoGCCqGSM49BAMC
-----END ALGORITHM-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 10 cons: SEQUENCE
2:d=1 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA256
-----BEGIN DATA-----
MIIA6KADAgECAgkAtUVxft6/Vc0wCgYIKoZIzj0EAwIwbzELMAkGA1UEBhMCQVUxEzARBgNVBAg
MClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEMMAoGA1UEAw
wDYWhhMRowGAYJKoZIhvcNAQkBFgtzdXBAZm9vLmNvbTAeFw0xNTA3MDIwMDM4MTRaFw0xNjA3M
DEwMDM4MTRaMG8xCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJ
bnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxDDAKBgNVBAMMA2FoYTEaMBgGCSqGSIb3DQEJARYLc3V
wQGZvby5jb20wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARcWEGL5Ype7F4r3IJsL2OoRyHCMI2xDh
FcCwnTugdn5CrPnlw0hjkECFxDRBhjmO/0GKYYv1K6FS45K5Lc+f2uuwgUZwWyKHLiQOvyurn7t
Fs3xtXTnuBbl6ZiMu28OxCjUDBOMB0GA1UdDgQWBBR6nDgtPalG2JvSlWzdGRCi/Cu7NjAfBgNV
HSMEGDAWgBR6nDgtPalG2JvSlWzdGRCi/Cu7NjAMBgNVHRMEBTADAQH/
-----END DATA-----
-----BEGIN SIGNATURE-----
A2kAMGYCMQCDwMSZVJZ8qThiNTV7VX57m8fdNnNS6cXIjRYoh4SozlYWmWGh87nhmJJCeD16jVM
CMQDkroAY8oNi8RxLUor+LozhhVgu24tu6lcp4MP8H3Zy8bBea5HerAd1AqJp3Ox7KDU=
-----END SIGNATURE-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=2 l= 105 prim: BIT STRING

84
third-party/chromium/data/verify_signed_data/ecdsa-secp384r1-sha256.pem vendored Normal file
View File

@ -0,0 +1,84 @@
This test data was produced by creating a self-signed EC cert using OpenSSL,
and then extracting the relevant fields.
It uses ECDSA with curve secp384r1 an SHA-256.
(1) Generate self-signed certificate
openssl ecparam -out ec_key.pem -name secp384r1 -genkey
openssl req -new -key ec_key.pem -x509 -nodes -days 365 -out cert.pem
(2) Extract public key
openssl x509 -in cert.pem -pubkey -noout > pubkey.pem
cat pubkey.pem
(3) Extract signed data (tbsCertificate)
openssl asn1parse -in cert.pem -out tbs -noout -strparse 4
base64 tbs
(4) Extract signature algorithm
# Find the offset of the signature algorithm near the end (496 in this case)
openssl asn1parse -in cert.pem
openssl asn1parse -in cert.pem -out alg -noout -strparse 496
base64 alg
(5) Extract the signature
# Find the final offset of BIT STRING (508 in this case)
openssl asn1parse -in cert.pem
openssl asn1parse -in cert.pem -out sig -noout -strparse 508
base64 sig
-----BEGIN PUBLIC KEY-----
MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEXFhBi+WKXuxeK9yCbC9jqEchwjCNsQ4RXAsJ07oHZ+Q
qz55cNIY5BAhcQ0QYY5jv9BimGL9SuhUuOSuS3Pn9rrsIFGcFsihy4kDr8rq5+7RbN8bV057gW5
emYjLtvDsQ
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [PUBLIC KEY]
0:d=0 hl=2 l= 118 cons: SEQUENCE
2:d=1 hl=2 l= 16 cons: SEQUENCE
4:d=2 hl=2 l= 7 prim: OBJECT :id-ecPublicKey
13:d=2 hl=2 l= 5 prim: OBJECT :secp384r1
20:d=1 hl=2 l= 98 prim: BIT STRING
-----BEGIN ALGORITHM-----
MAoGCCqGSM49BAMC
-----END ALGORITHM-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 10 cons: SEQUENCE
2:d=1 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA256
-----BEGIN DATA-----
MIIB6KADAgECAgkAtUVxft6/Vc0wCgYIKoZIzj0EAwIwbzELMAkGA1UEBhMCQVUxEzARBgNVBAg
MClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEMMAoGA1UEAw
wDYWhhMRowGAYJKoZIhvcNAQkBFgtzdXBAZm9vLmNvbTAeFw0xNTA3MDIwMDM4MTRaFw0xNjA3M
DEwMDM4MTRaMG8xCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJ
bnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxDDAKBgNVBAMMA2FoYTEaMBgGCSqGSIb3DQEJARYLc3V
wQGZvby5jb20wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARcWEGL5Ype7F4r3IJsL2OoRyHCMI2xDh
FcCwnTugdn5CrPnlw0hjkECFxDRBhjmO/0GKYYv1K6FS45K5Lc+f2uuwgUZwWyKHLiQOvyurn7t
Fs3xtXTnuBbl6ZiMu28OxCjUDBOMB0GA1UdDgQWBBR6nDgtPalG2JvSlWzdGRCi/Cu7NjAfBgNV
HSMEGDAWgBR6nDgtPalG2JvSlWzdGRCi/Cu7NjAMBgNVHRMEBTADAQH/
-----END DATA-----
-----BEGIN SIGNATURE-----
A2kAMGYCMQCDwMSZVJZ8qThiNTV7VX57m8fdNnNS6cXIjRYoh4SozlYWmWGh87nhmJJCeD16jVM
CMQDkroAY8oNi8RxLUor+LozhhVgu24tu6lcp4MP8H3Zy8bBea5HerAd1AqJp3Ox7KDU=
-----END SIGNATURE-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=2 l= 105 prim: BIT STRING

51
third-party/chromium/data/verify_signed_data/ecdsa-using-rsa-key.pem vendored Normal file
View File

@ -0,0 +1,51 @@
This test specifies an ECDSA signature algorithm (and a valid ecdsa signature),
HOWEVER it provides an RSA key. Verification should fail.
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQClbkoOcBAXWJpRh9x+qEHRVvLsDjatUqRN/rH
mH3rZkdjFEFb/7bFitMDyg6EqiKOU3/Umq3KRy7MHzqv84LHf1c2VCAltWyuLbfXWce9jd8CSHL
I8Jwpw4lmOb/idGfEFrMLT8Ms18pKA4Thrb2TE7yLh4fINDOjP+yJJvZohNwIDAQAB
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [PUBLIC KEY]
0:d=0 hl=3 l= 159 cons: SEQUENCE
3:d=1 hl=2 l= 13 cons: SEQUENCE
5:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption
16:d=2 hl=2 l= 0 prim: NULL
18:d=1 hl=3 l= 141 prim: BIT STRING
-----BEGIN ALGORITHM-----
MAoGCCqGSM49BAMC
-----END ALGORITHM-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 10 cons: SEQUENCE
2:d=1 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA256
-----BEGIN DATA-----
MIIB6KADAgECAgkAtUVxft6/Vc0wCgYIKoZIzj0EAwIwbzELMAkGA1UEBhMCQVUxEzARBgNVBAg
MClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEMMAoGA1UEAw
wDYWhhMRowGAYJKoZIhvcNAQkBFgtzdXBAZm9vLmNvbTAeFw0xNTA3MDIwMDM4MTRaFw0xNjA3M
DEwMDM4MTRaMG8xCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJ
bnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxDDAKBgNVBAMMA2FoYTEaMBgGCSqGSIb3DQEJARYLc3V
wQGZvby5jb20wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARcWEGL5Ype7F4r3IJsL2OoRyHCMI2xDh
FcCwnTugdn5CrPnlw0hjkECFxDRBhjmO/0GKYYv1K6FS45K5Lc+f2uuwgUZwWyKHLiQOvyurn7t
Fs3xtXTnuBbl6ZiMu28OxCjUDBOMB0GA1UdDgQWBBR6nDgtPalG2JvSlWzdGRCi/Cu7NjAfBgNV
HSMEGDAWgBR6nDgtPalG2JvSlWzdGRCi/Cu7NjAMBgNVHRMEBTADAQH/
-----END DATA-----
-----BEGIN SIGNATURE-----
A2kAMGYCMQCDwMSZVJZ8qThiNTV7VX57m8fdNnNS6cXIjRYoh4SozlYWmWGh87nhmJJCeD16jVM
CMQDkroAY8oNi8RxLUor+LozhhVgu24tu6lcp4MP8H3Zy8bBea5HerAd1AqJp3Ox7KDU=
-----END SIGNATURE-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=2 l= 105 prim: BIT STRING

44
third-party/chromium/data/verify_signed_data/rsa-pkcs1-sha1-bad-key-der-length.pem vendored Normal file
View File

@ -0,0 +1,44 @@
Same test as rsa-pkcs1-sha1.pem except the length of the first SEQUENCE has
been increased by 2 (which makes it invalid).
-----BEGIN PUBLIC KEY-----
MIOfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQClbkoOcBAXWJpRh9x+qEHRVvLsDjatUqRN/rH
mH3rZkdjFEFb/7bFitMDyg6EqiKOU3/Umq3KRy7MHzqv84LHf1c2VCAltWyuLbfXWce9jd8CSHL
I8Jwpw4lmOb/idGfEFrMLT8Ms18pKA4Thrb2TE7yLh4fINDOjP+yJJvZohNwIDAQAB
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [PUBLIC KEY]
Error in encoding
-----BEGIN ALGORITHM-----
MA0GCSqGSIb3DQEBBQUA
-----END ALGORITHM-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 13 cons: SEQUENCE
2:d=1 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
13:d=1 hl=2 l= 0 prim: NULL
-----BEGIN DATA-----
zch9oiPXht87ReC7vHITJtHuKvgGzDFUdcxvDZxm4bYjcdRc4jkuGskoRMMQEC8Vag2NUsH0xAu
jqmUJV4bLdpdXplY7qVj+0LzJhOi1F6PV9RWyO4pB50qoZ2k/kN+wYabobfqu5kRywA5fIJRXKc
vr538Gznjgj0CY+6QfnWGTwDF+i2DUtghKy0LSnjgIo7w3LYXjMRcPy/fMctC3HClmSLOk0Q9BY
pXQgHqmJcqydE/Z6o/SI8QlNwKYKL0WvgJUbxMP0uM7k20mduCK7RtzMYt1CgFn0A==
-----END DATA-----
-----BEGIN SIGNATURE-----
A4GBAGvDoGZWhCkwokfjDVhktNgZI2unxollhirX28TiSvKOhrtTHwM1i+X7dHd8YIb4UMrviT8
Nb8wtDJHsATaTtOoAuAzUmqxOy1+JEa/lOa2kqPOCPR0T5HLRSQVHxlnHYX89JAh9228rcglhZ/
wJfKsY6aRY/LY0zc6O41iUxITX
-----END SIGNATURE-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=3 l= 129 prim: BIT STRING

52
third-party/chromium/data/verify_signed_data/rsa-pkcs1-sha1-bad-key-der-null.pem vendored Normal file
View File

@ -0,0 +1,52 @@
Same test as rsa-pkcs1-sha1.pem except an extra NULL (0x05, 0x00) has been
appended to the SPKI.
The DER can still be parsed, however it should fail due to the unconsumed data
at the end.
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQClbkoOcBAXWJpRh9x+qEHRVvLsDjatUqRN/rH
mH3rZkdjFEFb/7bFitMDyg6EqiKOU3/Umq3KRy7MHzqv84LHf1c2VCAltWyuLbfXWce9jd8CSHL
I8Jwpw4lmOb/idGfEFrMLT8Ms18pKA4Thrb2TE7yLh4fINDOjP+yJJvZohNwIDAQABBQA=
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [PUBLIC KEY]
0:d=0 hl=3 l= 159 cons: SEQUENCE
3:d=1 hl=2 l= 13 cons: SEQUENCE
5:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption
16:d=2 hl=2 l= 0 prim: NULL
18:d=1 hl=3 l= 141 prim: BIT STRING
162:d=0 hl=2 l= 0 prim: NULL
-----BEGIN ALGORITHM-----
MA0GCSqGSIb3DQEBBQUA
-----END ALGORITHM-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 13 cons: SEQUENCE
2:d=1 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
13:d=1 hl=2 l= 0 prim: NULL
-----BEGIN DATA-----
zch9oiPXht87ReC7vHITJtHuKvgGzDFUdcxvDZxm4bYjcdRc4jkuGskoRMMQEC8Vag2NUsH0xAu
jqmUJV4bLdpdXplY7qVj+0LzJhOi1F6PV9RWyO4pB50qoZ2k/kN+wYabobfqu5kRywA5fIJRXKc
vr538Gznjgj0CY+6QfnWGTwDF+i2DUtghKy0LSnjgIo7w3LYXjMRcPy/fMctC3HClmSLOk0Q9BY
pXQgHqmJcqydE/Z6o/SI8QlNwKYKL0WvgJUbxMP0uM7k20mduCK7RtzMYt1CgFn0A==
-----END DATA-----
-----BEGIN SIGNATURE-----
A4GBAGvDoGZWhCkwokfjDVhktNgZI2unxollhirX28TiSvKOhrtTHwM1i+X7dHd8YIb4UMrviT8
Nb8wtDJHsATaTtOoAuAzUmqxOy1+JEa/lOa2kqPOCPR0T5HLRSQVHxlnHYX89JAh9228rcglhZ/
wJfKsY6aRY/LY0zc6O41iUxITX
-----END SIGNATURE-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=3 l= 129 prim: BIT STRING

49
third-party/chromium/data/verify_signed_data/rsa-pkcs1-sha1-key-params-absent.pem vendored Normal file
View File

@ -0,0 +1,49 @@
Same test as rsa-pkcs1-sha1.pem, except the SPKI has been modified so the
algorithm parameters are absent rather than NULL.
This should fail because RFC 3279 says the parameters MUST be NULL.
-----BEGIN PUBLIC KEY-----
MIGdMAsGCSqGSIb3DQEBAQOBjQAwgYkCgYEApW5KDnAQF1iaUYfcfqhB0Vby7A42rVKkTf6x5h9
62ZHYxRBW/+2xYrTA8oOhKoijlN/1JqtykcuzB86r/OCx39XNlQgJbVsri2311nHvY3fAkhyyPC
cKcOJZjm/4nRnxBazC0/DLNfKSgOE4a29kxO8i4eHyDQzoz/siSb2aITcCAwEAAQ==
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [PUBLIC KEY]
0:d=0 hl=3 l= 157 cons: SEQUENCE
3:d=1 hl=2 l= 11 cons: SEQUENCE
5:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption
16:d=1 hl=3 l= 141 prim: BIT STRING
-----BEGIN ALGORITHM-----
MA0GCSqGSIb3DQEBBQUA
-----END ALGORITHM-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 13 cons: SEQUENCE
2:d=1 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
13:d=1 hl=2 l= 0 prim: NULL
-----BEGIN DATA-----
zch9oiPXht87ReC7vHITJtHuKvgGzDFUdcxvDZxm4bYjcdRc4jkuGskoRMMQEC8Vag2NUsH0xAu
jqmUJV4bLdpdXplY7qVj+0LzJhOi1F6PV9RWyO4pB50qoZ2k/kN+wYabobfqu5kRywA5fIJRXKc
vr538Gznjgj0CY+6QfnWGTwDF+i2DUtghKy0LSnjgIo7w3LYXjMRcPy/fMctC3HClmSLOk0Q9BY
pXQgHqmJcqydE/Z6o/SI8QlNwKYKL0WvgJUbxMP0uM7k20mduCK7RtzMYt1CgFn0A==
-----END DATA-----
-----BEGIN SIGNATURE-----
A4GBAGvDoGZWhCkwokfjDVhktNgZI2unxollhirX28TiSvKOhrtTHwM1i+X7dHd8YIb4UMrviT8
Nb8wtDJHsATaTtOoAuAzUmqxOy1+JEa/lOa2kqPOCPR0T5HLRSQVHxlnHYX89JAh9228rcglhZ/
wJfKsY6aRY/LY0zc6O41iUxITX
-----END SIGNATURE-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=3 l= 129 prim: BIT STRING

51
third-party/chromium/data/verify_signed_data/rsa-pkcs1-sha1-using-pss-key-no-params.pem vendored Normal file
View File

@ -0,0 +1,51 @@
This is the same test as rsa-pkcs1-sha1.pem, except the SPKI has been modified
so that the key algorithm is rsaPss (1.2.840.113549.1.1.10) with absent
parameters.
Subsequently this should fail, as a PSS key should not be used with a signature
algorithm for PKCS#1 v1.5.
-----BEGIN PUBLIC KEY-----
MIGdMAsGCSqGSIb3DQEBCgOBjQAwgYkCgYEApW5KDnAQF1iaUYfcfqhB0Vby7A42rVKkTf6x5h9
62ZHYxRBW/+2xYrTA8oOhKoijlN/1JqtykcuzB86r/OCx39XNlQgJbVsri2311nHvY3fAkhyyPC
cKcOJZjm/4nRnxBazC0/DLNfKSgOE4a29kxO8i4eHyDQzoz/siSb2aITcCAwEAAQ==
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [PUBLIC KEY]
0:d=0 hl=3 l= 157 cons: SEQUENCE
3:d=1 hl=2 l= 11 cons: SEQUENCE
5:d=2 hl=2 l= 9 prim: OBJECT :rsassaPss
16:d=1 hl=3 l= 141 prim: BIT STRING
-----BEGIN ALGORITHM-----
MA0GCSqGSIb3DQEBBQUA
-----END ALGORITHM-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 13 cons: SEQUENCE
2:d=1 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
13:d=1 hl=2 l= 0 prim: NULL
-----BEGIN DATA-----
zch9oiPXht87ReC7vHITJtHuKvgGzDFUdcxvDZxm4bYjcdRc4jkuGskoRMMQEC8Vag2NUsH0xAu
jqmUJV4bLdpdXplY7qVj+0LzJhOi1F6PV9RWyO4pB50qoZ2k/kN+wYabobfqu5kRywA5fIJRXKc
vr538Gznjgj0CY+6QfnWGTwDF+i2DUtghKy0LSnjgIo7w3LYXjMRcPy/fMctC3HClmSLOk0Q9BY
pXQgHqmJcqydE/Z6o/SI8QlNwKYKL0WvgJUbxMP0uM7k20mduCK7RtzMYt1CgFn0A==
-----END DATA-----
-----BEGIN SIGNATURE-----
A4GBAGvDoGZWhCkwokfjDVhktNgZI2unxollhirX28TiSvKOhrtTHwM1i+X7dHd8YIb4UMrviT8
Nb8wtDJHsATaTtOoAuAzUmqxOy1+JEa/lOa2kqPOCPR0T5HLRSQVHxlnHYX89JAh9228rcglhZ/
wJfKsY6aRY/LY0zc6O41iUxITX
-----END SIGNATURE-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=3 l= 129 prim: BIT STRING

48
third-party/chromium/data/verify_signed_data/rsa-pkcs1-sha1-wrong-algorithm.pem vendored Normal file
View File

@ -0,0 +1,48 @@
This is the same as rsa-pkcs1-sha1.pem, however the ALGORITHM has been change
to have SHA256 instead of SHA1. Using this algorithm verification should fail.
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQClbkoOcBAXWJpRh9x+qEHRVvLsDjatUqRN/rH
mH3rZkdjFEFb/7bFitMDyg6EqiKOU3/Umq3KRy7MHzqv84LHf1c2VCAltWyuLbfXWce9jd8CSHL
I8Jwpw4lmOb/idGfEFrMLT8Ms18pKA4Thrb2TE7yLh4fINDOjP+yJJvZohNwIDAQAB
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [PUBLIC KEY]
0:d=0 hl=3 l= 159 cons: SEQUENCE
3:d=1 hl=2 l= 13 cons: SEQUENCE
5:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption
16:d=2 hl=2 l= 0 prim: NULL
18:d=1 hl=3 l= 141 prim: BIT STRING
-----BEGIN ALGORITHM-----
MA0GCSqGSIb3DQEBCwUA
-----END ALGORITHM-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 13 cons: SEQUENCE
2:d=1 hl=2 l= 9 prim: OBJECT :sha256WithRSAEncryption
13:d=1 hl=2 l= 0 prim: NULL
-----BEGIN DATA-----
zch9oiPXht87ReC7vHITJtHuKvgGzDFUdcxvDZxm4bYjcdRc4jkuGskoRMMQEC8Vag2NUsH0xAu
jqmUJV4bLdpdXplY7qVj+0LzJhOi1F6PV9RWyO4pB50qoZ2k/kN+wYabobfqu5kRywA5fIJRXKc
vr538Gznjgj0CY+6QfnWGTwDF+i2DUtghKy0LSnjgIo7w3LYXjMRcPy/fMctC3HClmSLOk0Q9BY
pXQgHqmJcqydE/Z6o/SI8QlNwKYKL0WvgJUbxMP0uM7k20mduCK7RtzMYt1CgFn0A==
-----END DATA-----
-----BEGIN SIGNATURE-----
A4GBAGvDoGZWhCkwokfjDVhktNgZI2unxollhirX28TiSvKOhrtTHwM1i+X7dHd8YIb4UMrviT8
Nb8wtDJHsATaTtOoAuAzUmqxOy1+JEa/lOa2kqPOCPR0T5HLRSQVHxlnHYX89JAh9228rcglhZ/
wJfKsY6aRY/LY0zc6O41iUxITX
-----END SIGNATURE-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=3 l= 129 prim: BIT STRING

53
third-party/chromium/data/verify_signed_data/rsa-pkcs1-sha1.pem vendored Normal file
View File

@ -0,0 +1,53 @@
The key, message, and signature come from Example 1 of:
ftp://ftp.rsa.com/pub/rsalabs/tmp/pkcs1v15sign-vectors.txt
(The algorithm DER was synthesized to match, and the signature enclosed in a BIT STRING).
It uses an RSA key with modulus length of 1024 bits, PKCS#1 v1.5 padding, and
SHA-1 as the digest.
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQClbkoOcBAXWJpRh9x+qEHRVvLsDjatUqRN/rH
mH3rZkdjFEFb/7bFitMDyg6EqiKOU3/Umq3KRy7MHzqv84LHf1c2VCAltWyuLbfXWce9jd8CSHL
I8Jwpw4lmOb/idGfEFrMLT8Ms18pKA4Thrb2TE7yLh4fINDOjP+yJJvZohNwIDAQAB
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [PUBLIC KEY]
0:d=0 hl=3 l= 159 cons: SEQUENCE
3:d=1 hl=2 l= 13 cons: SEQUENCE
5:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption
16:d=2 hl=2 l= 0 prim: NULL
18:d=1 hl=3 l= 141 prim: BIT STRING
-----BEGIN ALGORITHM-----
MA0GCSqGSIb3DQEBBQUA
-----END ALGORITHM-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 13 cons: SEQUENCE
2:d=1 hl=2 l= 9 prim: OBJECT :sha1WithRSAEncryption
13:d=1 hl=2 l= 0 prim: NULL
-----BEGIN DATA-----
zch9oiPXht87ReC7vHITJtHuKvgGzDFUdcxvDZxm4bYjcdRc4jkuGskoRMMQEC8Vag2NUsH0xAu
jqmUJV4bLdpdXplY7qVj+0LzJhOi1F6PV9RWyO4pB50qoZ2k/kN+wYabobfqu5kRywA5fIJRXKc
vr538Gznjgj0CY+6QfnWGTwDF+i2DUtghKy0LSnjgIo7w3LYXjMRcPy/fMctC3HClmSLOk0Q9BY
pXQgHqmJcqydE/Z6o/SI8QlNwKYKL0WvgJUbxMP0uM7k20mduCK7RtzMYt1CgFn0A==
-----END DATA-----
-----BEGIN SIGNATURE-----
A4GBAGvDoGZWhCkwokfjDVhktNgZI2unxollhirX28TiSvKOhrtTHwM1i+X7dHd8YIb4UMrviT8
Nb8wtDJHsATaTtOoAuAzUmqxOy1+JEa/lOa2kqPOCPR0T5HLRSQVHxlnHYX89JAh9228rcglhZ/
wJfKsY6aRY/LY0zc6O41iUxITX
-----END SIGNATURE-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=3 l= 129 prim: BIT STRING

62
third-party/chromium/data/verify_signed_data/rsa-pkcs1-sha256-key-encoded-ber.pem vendored Normal file
View File

@ -0,0 +1,62 @@
This is the same test as rsa-pkcs1-sha256.pem except the SPKI has been encoded
using a non-minimal length for the outtermost SEQUENCE.
Under DER, the tag-length-value encodings should be minimal and hence this should fail.
Specifically the SPKI start was changed from:
30 81 9f
To:
30 82 00 9f
(the length of 0x9F is being expressed using 2 bytes instead of 1)
-----BEGIN PUBLIC KEY-----
MIIAnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqkfgdjI9YqzadSZ2Ns0CEEUD8+8m7OplIx0
94X+QD8mooNrunwT04asbLIINGL4qiI/+9IVSvyV3Kj9c4EeQIbANGoJ8AI3wf6MOBB/txxGFed
qqcTffKVMQvtZdoYFbZ/MQkvyRsoyvunb/pWcN4sSaF9kY1bXSeP3J99fBIYUCAwEAAQ==
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [PUBLIC KEY]
0:d=0 hl=4 l= 159 cons: SEQUENCE
4:d=1 hl=2 l= 13 cons: SEQUENCE
6:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption
17:d=2 hl=2 l= 0 prim: NULL
19:d=1 hl=3 l= 141 prim: BIT STRING
-----BEGIN ALGORITHM-----
MA0GCSqGSIb3DQEBCwUA
-----END ALGORITHM-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 13 cons: SEQUENCE
2:d=1 hl=2 l= 9 prim: OBJECT :sha256WithRSAEncryption
13:d=1 hl=2 l= 0 prim: NULL
-----BEGIN DATA-----
MIIB46ADAgECAgkA3l4tFOVii0UwDQYJKoZIhvcNAQELBQAwVjELMAkGA1UEBhMCQVUxEzARBgN
VBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEPMA0GA1
UEAwwGTXkga2V5MB4XDTE1MDcwMjE3MDYzOVoXDTE2MDcwMTE3MDYzOVowVjELMAkGA1UEBhMCQ
VUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0
ZDEPMA0GA1UEAwwGTXkga2V5MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqR+B2Mj1irNp
1JnY2zQIQRQPz7ybs6mUjHT3hf5APyaig2u6fBPThqxssgg0YviqIj/70hVK/JXcqP1zgR5AhsA
0agnwAjfB/ow4EH+3HEYV52qpxN98pUxC+1l2hgVtn8xCS/JGyjK+6dv+lZw3ixJoX2RjVtdJ4/
cn318EhhQIDAQABo1AwTjAdBgNVHQ4EFgQUzQBVKTEknyLndWd2HTsBdTKvyikwHwYDVR0jBBgw
FoAUzQBVKTEknyLndWd2HTsBdTKvyikwDAYDVR0TBAUwAwEB/w==
-----END DATA-----
-----BEGIN SIGNATURE-----
A4GBADrHSmFSJw/Gv7hs5PNzpaJwAri/sitarIZfzN/SjR+n8L8yeTEoiDb1+BkxlFvXvPHTaOK
oO3WlslNNOxh1W5/JkYYGOUkCcyIjnln6qS560imcr3VNjomT/M8M2Iss+rJiKau1TRuaP7H8i6
+Gqf3saGdr8/LnvFAdNQvkalQt
-----END SIGNATURE-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=3 l= 129 prim: BIT STRING

59
third-party/chromium/data/verify_signed_data/rsa-pkcs1-sha256-spki-non-null-params.pem vendored Normal file
View File

@ -0,0 +1,59 @@
This is the same test as rsa-pkcs1-sha256.pem except the SPKI has been tampered
with. The parameters have been changed from NULL to an INTEGER.
This was done by changing:
05 00 (NULL)
To:
02 00 (INTEGER)
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQIAA4GNADCBiQKBgQCqR+B2Mj1irNp1JnY2zQIQRQPz7ybs6mUjHT3
hf5APyaig2u6fBPThqxssgg0YviqIj/70hVK/JXcqP1zgR5AhsA0agnwAjfB/ow4EH+3HEYV52q
pxN98pUxC+1l2hgVtn8xCS/JGyjK+6dv+lZw3ixJoX2RjVtdJ4/cn318EhhQIDAQAB
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [PUBLIC KEY]
0:d=0 hl=3 l= 159 cons: SEQUENCE
3:d=1 hl=2 l= 13 cons: SEQUENCE
5:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption
16:d=2 hl=2 l= 0 prim: INTEGER :00
18:d=1 hl=3 l= 141 prim: BIT STRING
-----BEGIN ALGORITHM-----
MA0GCSqGSIb3DQEBCwUA
-----END ALGORITHM-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 13 cons: SEQUENCE
2:d=1 hl=2 l= 9 prim: OBJECT :sha256WithRSAEncryption
13:d=1 hl=2 l= 0 prim: NULL
-----BEGIN DATA-----
MIIB46ADAgECAgkA3l4tFOVii0UwDQYJKoZIhvcNAQELBQAwVjELMAkGA1UEBhMCQVUxEzARBgN
VBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEPMA0GA1
UEAwwGTXkga2V5MB4XDTE1MDcwMjE3MDYzOVoXDTE2MDcwMTE3MDYzOVowVjELMAkGA1UEBhMCQ
VUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0
ZDEPMA0GA1UEAwwGTXkga2V5MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqR+B2Mj1irNp
1JnY2zQIQRQPz7ybs6mUjHT3hf5APyaig2u6fBPThqxssgg0YviqIj/70hVK/JXcqP1zgR5AhsA
0agnwAjfB/ow4EH+3HEYV52qpxN98pUxC+1l2hgVtn8xCS/JGyjK+6dv+lZw3ixJoX2RjVtdJ4/
cn318EhhQIDAQABo1AwTjAdBgNVHQ4EFgQUzQBVKTEknyLndWd2HTsBdTKvyikwHwYDVR0jBBgw
FoAUzQBVKTEknyLndWd2HTsBdTKvyikwDAYDVR0TBAUwAwEB/w==
-----END DATA-----
-----BEGIN SIGNATURE-----
A4GBADrHSmFSJw/Gv7hs5PNzpaJwAri/sitarIZfzN/SjR+n8L8yeTEoiDb1+BkxlFvXvPHTaOK
oO3WlslNNOxh1W5/JkYYGOUkCcyIjnln6qS560imcr3VNjomT/M8M2Iss+rJiKau1TRuaP7H8i6
+Gqf3saGdr8/LnvFAdNQvkalQt
-----END SIGNATURE-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=3 l= 129 prim: BIT STRING

55
third-party/chromium/data/verify_signed_data/rsa-pkcs1-sha256-using-ecdsa-algorithm.pem vendored Normal file
View File

@ -0,0 +1,55 @@
This test specified a valid RSA PKCS#1 v.1.5 signature and RSA key (the same as rsa-pkcs1-sha256.pem).
The problem however is the signature algorithm is indicated as being ECDSA.
Signature verification consequently should fail.
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqR+B2Mj1irNp1JnY2zQIQRQPz7ybs6mUjHT3
hf5APyaig2u6fBPThqxssgg0YviqIj/70hVK/JXcqP1zgR5AhsA0agnwAjfB/ow4EH+3HEYV52q
pxN98pUxC+1l2hgVtn8xCS/JGyjK+6dv+lZw3ixJoX2RjVtdJ4/cn318EhhQIDAQAB
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [PUBLIC KEY]
0:d=0 hl=3 l= 159 cons: SEQUENCE
3:d=1 hl=2 l= 13 cons: SEQUENCE
5:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption
16:d=2 hl=2 l= 0 prim: NULL
18:d=1 hl=3 l= 141 prim: BIT STRING
-----BEGIN ALGORITHM-----
MAoGCCqGSM49BAMC
-----END ALGORITHM-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 10 cons: SEQUENCE
2:d=1 hl=2 l= 8 prim: OBJECT :ecdsa-with-SHA256
-----BEGIN DATA-----
MIIB46ADAgECAgkA3l4tFOVii0UwDQYJKoZIhvcNAQELBQAwVjELMAkGA1UEBhMCQVUxEzARBgN
VBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEPMA0GA1
UEAwwGTXkga2V5MB4XDTE1MDcwMjE3MDYzOVoXDTE2MDcwMTE3MDYzOVowVjELMAkGA1UEBhMCQ
VUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0
ZDEPMA0GA1UEAwwGTXkga2V5MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqR+B2Mj1irNp
1JnY2zQIQRQPz7ybs6mUjHT3hf5APyaig2u6fBPThqxssgg0YviqIj/70hVK/JXcqP1zgR5AhsA
0agnwAjfB/ow4EH+3HEYV52qpxN98pUxC+1l2hgVtn8xCS/JGyjK+6dv+lZw3ixJoX2RjVtdJ4/
cn318EhhQIDAQABo1AwTjAdBgNVHQ4EFgQUzQBVKTEknyLndWd2HTsBdTKvyikwHwYDVR0jBBgw
FoAUzQBVKTEknyLndWd2HTsBdTKvyikwDAYDVR0TBAUwAwEB/w==
-----END DATA-----
-----BEGIN SIGNATURE-----
A4GBADrHSmFSJw/Gv7hs5PNzpaJwAri/sitarIZfzN/SjR+n8L8yeTEoiDb1+BkxlFvXvPHTaOK
oO3WlslNNOxh1W5/JkYYGOUkCcyIjnln6qS560imcr3VNjomT/M8M2Iss+rJiKau1TRuaP7H8i6
+Gqf3saGdr8/LnvFAdNQvkalQt
-----END SIGNATURE-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=3 l= 129 prim: BIT STRING

54
third-party/chromium/data/verify_signed_data/rsa-pkcs1-sha256-using-id-ea-rsa.pem vendored Normal file
View File

@ -0,0 +1,54 @@
This is the same test as rsa-pkcs1-sha256.pem except the SPKI has been tampered
with. Rather than using an rsaEncryption OID for the key's algorithm, it uses
id-ea-rsa (2.5.8.1.1).
-----BEGIN PUBLIC KEY-----
MIGaMAgGBFUIAQEFAAOBjQAwgYkCgYEAqkfgdjI9YqzadSZ2Ns0CEEUD8+8m7OplIx094X+QD8m
ooNrunwT04asbLIINGL4qiI/+9IVSvyV3Kj9c4EeQIbANGoJ8AI3wf6MOBB/txxGFedqqcTffKV
MQvtZdoYFbZ/MQkvyRsoyvunb/pWcN4sSaF9kY1bXSeP3J99fBIYUCAwEAAQ==
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [PUBLIC KEY]
0:d=0 hl=3 l= 154 cons: SEQUENCE
3:d=1 hl=2 l= 8 cons: SEQUENCE
5:d=2 hl=2 l= 4 prim: OBJECT :rsa
11:d=2 hl=2 l= 0 prim: NULL
13:d=1 hl=3 l= 141 prim: BIT STRING
-----BEGIN ALGORITHM-----
MA0GCSqGSIb3DQEBCwUA
-----END ALGORITHM-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 13 cons: SEQUENCE
2:d=1 hl=2 l= 9 prim: OBJECT :sha256WithRSAEncryption
13:d=1 hl=2 l= 0 prim: NULL
-----BEGIN DATA-----
MIIB46ADAgECAgkA3l4tFOVii0UwDQYJKoZIhvcNAQELBQAwVjELMAkGA1UEBhMCQVUxEzARBgN
VBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEPMA0GA1
UEAwwGTXkga2V5MB4XDTE1MDcwMjE3MDYzOVoXDTE2MDcwMTE3MDYzOVowVjELMAkGA1UEBhMCQ
VUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0
ZDEPMA0GA1UEAwwGTXkga2V5MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqR+B2Mj1irNp
1JnY2zQIQRQPz7ybs6mUjHT3hf5APyaig2u6fBPThqxssgg0YviqIj/70hVK/JXcqP1zgR5AhsA
0agnwAjfB/ow4EH+3HEYV52qpxN98pUxC+1l2hgVtn8xCS/JGyjK+6dv+lZw3ixJoX2RjVtdJ4/
cn318EhhQIDAQABo1AwTjAdBgNVHQ4EFgQUzQBVKTEknyLndWd2HTsBdTKvyikwHwYDVR0jBBgw
FoAUzQBVKTEknyLndWd2HTsBdTKvyikwDAYDVR0TBAUwAwEB/w==
-----END DATA-----
-----BEGIN SIGNATURE-----
A4GBADrHSmFSJw/Gv7hs5PNzpaJwAri/sitarIZfzN/SjR+n8L8yeTEoiDb1+BkxlFvXvPHTaOK
oO3WlslNNOxh1W5/JkYYGOUkCcyIjnln6qS560imcr3VNjomT/M8M2Iss+rJiKau1TRuaP7H8i6
+Gqf3saGdr8/LnvFAdNQvkalQt
-----END SIGNATURE-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=3 l= 129 prim: BIT STRING

86
third-party/chromium/data/verify_signed_data/rsa-pkcs1-sha256.pem vendored Normal file
View File

@ -0,0 +1,86 @@
This test data was produced by creating a self-signed EC cert using OpenSSL,
and then extracting the relevant fields.
It uses RSA PKCS#1 v1.5 with SHA-256 and a 1024-bit key.
(1) Generate self-signed certificate
openssl genrsa -out rsa_key.pem 1024
openssl req -new -key rsa_key.pem -x509 -nodes -days 365 -out cert.pem
(2) Extract public key
openssl x509 -in cert.pem -pubkey -noout > pubkey.pem
cat pubkey.pem
(3) Extract signed data (tbsCertificate)
openssl asn1parse -in cert.pem -out tbs -noout -strparse 4
base64 tbs
(4) Extract signature algorithm
# Find the offset of the signature algorithm near the end (491 in this case)
openssl asn1parse -in cert.pem
openssl asn1parse -in cert.pem -out alg -noout -strparse 491
base64 alg
(5) Extract the signature
# Find the final offset of BIT STRING (506 in this case)
openssl asn1parse -in cert.pem
openssl asn1parse -in cert.pem -out sig -noout -strparse 506
base64 sig
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqR+B2Mj1irNp1JnY2zQIQRQPz7ybs6mUjHT3
hf5APyaig2u6fBPThqxssgg0YviqIj/70hVK/JXcqP1zgR5AhsA0agnwAjfB/ow4EH+3HEYV52q
pxN98pUxC+1l2hgVtn8xCS/JGyjK+6dv+lZw3ixJoX2RjVtdJ4/cn318EhhQIDAQAB
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [PUBLIC KEY]
0:d=0 hl=3 l= 159 cons: SEQUENCE
3:d=1 hl=2 l= 13 cons: SEQUENCE
5:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption
16:d=2 hl=2 l= 0 prim: NULL
18:d=1 hl=3 l= 141 prim: BIT STRING
-----BEGIN ALGORITHM-----
MA0GCSqGSIb3DQEBCwUA
-----END ALGORITHM-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 13 cons: SEQUENCE
2:d=1 hl=2 l= 9 prim: OBJECT :sha256WithRSAEncryption
13:d=1 hl=2 l= 0 prim: NULL
-----BEGIN DATA-----
MIIB46ADAgECAgkA3l4tFOVii0UwDQYJKoZIhvcNAQELBQAwVjELMAkGA1UEBhMCQVUxEzARBgN
VBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEPMA0GA1
UEAwwGTXkga2V5MB4XDTE1MDcwMjE3MDYzOVoXDTE2MDcwMTE3MDYzOVowVjELMAkGA1UEBhMCQ
VUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0
ZDEPMA0GA1UEAwwGTXkga2V5MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqR+B2Mj1irNp
1JnY2zQIQRQPz7ybs6mUjHT3hf5APyaig2u6fBPThqxssgg0YviqIj/70hVK/JXcqP1zgR5AhsA
0agnwAjfB/ow4EH+3HEYV52qpxN98pUxC+1l2hgVtn8xCS/JGyjK+6dv+lZw3ixJoX2RjVtdJ4/
cn318EhhQIDAQABo1AwTjAdBgNVHQ4EFgQUzQBVKTEknyLndWd2HTsBdTKvyikwHwYDVR0jBBgw
FoAUzQBVKTEknyLndWd2HTsBdTKvyikwDAYDVR0TBAUwAwEB/w==
-----END DATA-----
-----BEGIN SIGNATURE-----
A4GBADrHSmFSJw/Gv7hs5PNzpaJwAri/sitarIZfzN/SjR+n8L8yeTEoiDb1+BkxlFvXvPHTaOK
oO3WlslNNOxh1W5/JkYYGOUkCcyIjnln6qS560imcr3VNjomT/M8M2Iss+rJiKau1TRuaP7H8i6
+Gqf3saGdr8/LnvFAdNQvkalQt
-----END SIGNATURE-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=3 l= 129 prim: BIT STRING

48
third-party/chromium/data/verify_signed_data/rsa-pss-sha1-salt20-using-pss-key-no-params.pem vendored Normal file
View File

@ -0,0 +1,48 @@
This is the same test as rsa-pss-sha1-salt20.pem, except the public key's
algorithm identifier has been changed from rsaEncryption (1.2.840.113549.1.1.1)
to rsaPss (1.2.840.113549.1.1.10).
-----BEGIN PUBLIC KEY-----
MIGdMAsGCSqGSIb3DQEBCgOBjQAwgYkCgYEApW5KDnAQF1iaUYfcfqhB0Vby7A42rVKkTf6x5h9
62ZHYxRBW/+2xYrTA8oOhKoijlN/1JqtykcuzB86r/OCx39XNlQgJbVsri2311nHvY3fAkhyyPC
cKcOJZjm/4nRnxBazC0/DLNfKSgOE4a29kxO8i4eHyDQzoz/siSb2aITcCAwEAAQ==
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [PUBLIC KEY]
0:d=0 hl=3 l= 157 cons: SEQUENCE
3:d=1 hl=2 l= 11 cons: SEQUENCE
5:d=2 hl=2 l= 9 prim: OBJECT :rsassaPss
16:d=1 hl=3 l= 141 prim: BIT STRING
-----BEGIN ALGORITHM-----
MA0GCSqGSIb3DQEBCjAA
-----END ALGORITHM-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 13 cons: SEQUENCE
2:d=1 hl=2 l= 9 prim: OBJECT :rsassaPss
13:d=1 hl=2 l= 0 cons: SEQUENCE
-----BEGIN DATA-----
zch9oiPXht87ReC7vHITJtHuKvgGzDFUdcxvDZxm4bYjcdRc4jkuGskoRMMQEC8Vag2NUsH0xAu
jqmUJV4bLdpdXplY7qVj+0LzJhOi1F6PV9RWyO4pB50qoZ2k/kN+wYabobfqu5kRywA5fIJRXKc
vr538Gznjgj0CY+6QfnWGTwDF+i2DUtghKy0LSnjgIo7w3LYXjMRcPy/fMctC3HClmSLOk0Q9BY
pXQgHqmJcqydE/Z6o/SI8QlNwKYKL0WvgJUbxMP0uM7k20mduCK7RtzMYt1CgFn0A==
-----END DATA-----
-----BEGIN SIGNATURE-----
A4GBAJB0MI+1mOlwGyKUOI5S+XH6rCtgpRRa8YXfUoe17SiH5Xzn/UTchjTkB8jg5DYLwibz7CJ
/nZ5UY46NMfUFEhXfbrucL5V5qndZijj5FLW5wb2DxOL584Kg0Ko1Qv/uZZhKYBvGnrKN6yfcoS
yCwtTD9mzVAPH/K5lNik4wy7M8
-----END SIGNATURE-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=3 l= 129 prim: BIT STRING

50
third-party/chromium/data/verify_signed_data/rsa-pss-sha1-salt20-using-pss-key-with-null-params.pem vendored Normal file
View File

@ -0,0 +1,50 @@
This is the same test as rsa-pss-sha1-salt20.pem, except the public key's
algorithm identifier has been changed from rsaEncryption (1.2.840.113549.1.1.1)
to rsaPss (1.2.840.113549.1.1.10). Note that the PSS parameters have been
encoded as NULL which is incorrect.
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBCgUAA4GNADCBiQKBgQClbkoOcBAXWJpRh9x+qEHRVvLsDjatUqRN/rH
mH3rZkdjFEFb/7bFitMDyg6EqiKOU3/Umq3KRy7MHzqv84LHf1c2VCAltWyuLbfXWce9jd8CSHL
I8Jwpw4lmOb/idGfEFrMLT8Ms18pKA4Thrb2TE7yLh4fINDOjP+yJJvZohNwIDAQAB
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [PUBLIC KEY]
0:d=0 hl=3 l= 159 cons: SEQUENCE
3:d=1 hl=2 l= 13 cons: SEQUENCE
5:d=2 hl=2 l= 9 prim: OBJECT :rsassaPss
16:d=2 hl=2 l= 0 prim: NULL
18:d=1 hl=3 l= 141 prim: BIT STRING
-----BEGIN ALGORITHM-----
MA0GCSqGSIb3DQEBCjAA
-----END ALGORITHM-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 13 cons: SEQUENCE
2:d=1 hl=2 l= 9 prim: OBJECT :rsassaPss
13:d=1 hl=2 l= 0 cons: SEQUENCE
-----BEGIN DATA-----
zch9oiPXht87ReC7vHITJtHuKvgGzDFUdcxvDZxm4bYjcdRc4jkuGskoRMMQEC8Vag2NUsH0xAu
jqmUJV4bLdpdXplY7qVj+0LzJhOi1F6PV9RWyO4pB50qoZ2k/kN+wYabobfqu5kRywA5fIJRXKc
vr538Gznjgj0CY+6QfnWGTwDF+i2DUtghKy0LSnjgIo7w3LYXjMRcPy/fMctC3HClmSLOk0Q9BY
pXQgHqmJcqydE/Z6o/SI8QlNwKYKL0WvgJUbxMP0uM7k20mduCK7RtzMYt1CgFn0A==
-----END DATA-----
-----BEGIN SIGNATURE-----
A4GBAJB0MI+1mOlwGyKUOI5S+XH6rCtgpRRa8YXfUoe17SiH5Xzn/UTchjTkB8jg5DYLwibz7CJ
/nZ5UY46NMfUFEhXfbrucL5V5qndZijj5FLW5wb2DxOL584Kg0Ko1Qv/uZZhKYBvGnrKN6yfcoS
yCwtTD9mzVAPH/K5lNik4wy7M8
-----END SIGNATURE-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=3 l= 129 prim: BIT STRING

53
third-party/chromium/data/verify_signed_data/rsa-pss-sha1-salt20.pem vendored Normal file
View File

@ -0,0 +1,53 @@
The key, message, and signature come from Example 1.1 of:
ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1-vec.zip (pss-vect.txt)
(The algorithm DER was synthesized to match, and the signature enclosed in a BIT STRING).
It uses an RSA key with modulus length of 1024 bits, PSS padding,
SHA-1 as the digest, MGF1 with SHA-1, and salt length of 20.
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQClbkoOcBAXWJpRh9x+qEHRVvLsDjatUqRN/rH
mH3rZkdjFEFb/7bFitMDyg6EqiKOU3/Umq3KRy7MHzqv84LHf1c2VCAltWyuLbfXWce9jd8CSHL
I8Jwpw4lmOb/idGfEFrMLT8Ms18pKA4Thrb2TE7yLh4fINDOjP+yJJvZohNwIDAQAB
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [PUBLIC KEY]
0:d=0 hl=3 l= 159 cons: SEQUENCE
3:d=1 hl=2 l= 13 cons: SEQUENCE
5:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption
16:d=2 hl=2 l= 0 prim: NULL
18:d=1 hl=3 l= 141 prim: BIT STRING
-----BEGIN ALGORITHM-----
MA0GCSqGSIb3DQEBCjAA
-----END ALGORITHM-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 13 cons: SEQUENCE
2:d=1 hl=2 l= 9 prim: OBJECT :rsassaPss
13:d=1 hl=2 l= 0 cons: SEQUENCE
-----BEGIN DATA-----
zch9oiPXht87ReC7vHITJtHuKvgGzDFUdcxvDZxm4bYjcdRc4jkuGskoRMMQEC8Vag2NUsH0xAu
jqmUJV4bLdpdXplY7qVj+0LzJhOi1F6PV9RWyO4pB50qoZ2k/kN+wYabobfqu5kRywA5fIJRXKc
vr538Gznjgj0CY+6QfnWGTwDF+i2DUtghKy0LSnjgIo7w3LYXjMRcPy/fMctC3HClmSLOk0Q9BY
pXQgHqmJcqydE/Z6o/SI8QlNwKYKL0WvgJUbxMP0uM7k20mduCK7RtzMYt1CgFn0A==
-----END DATA-----
-----BEGIN SIGNATURE-----
A4GBAJB0MI+1mOlwGyKUOI5S+XH6rCtgpRRa8YXfUoe17SiH5Xzn/UTchjTkB8jg5DYLwibz7CJ
/nZ5UY46NMfUFEhXfbrucL5V5qndZijj5FLW5wb2DxOL584Kg0Ko1Qv/uZZhKYBvGnrKN6yfcoS
yCwtTD9mzVAPH/K5lNik4wy7M8
-----END SIGNATURE-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=3 l= 129 prim: BIT STRING

51
third-party/chromium/data/verify_signed_data/rsa-pss-sha1-wrong-salt.pem vendored Normal file
View File

@ -0,0 +1,51 @@
Same as rsa-pss-sha1-wrong-salt.pem except the ALGORITHM has been changed to
have a salt of 23. When verified using this algorithm it will fail, however if
the default salt of 20 were used it would succeed.
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQClbkoOcBAXWJpRh9x+qEHRVvLsDjatUqRN/rH
mH3rZkdjFEFb/7bFitMDyg6EqiKOU3/Umq3KRy7MHzqv84LHf1c2VCAltWyuLbfXWce9jd8CSHL
I8Jwpw4lmOb/idGfEFrMLT8Ms18pKA4Thrb2TE7yLh4fINDOjP+yJJvZohNwIDAQAB
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [PUBLIC KEY]
0:d=0 hl=3 l= 159 cons: SEQUENCE
3:d=1 hl=2 l= 13 cons: SEQUENCE
5:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption
16:d=2 hl=2 l= 0 prim: NULL
18:d=1 hl=3 l= 141 prim: BIT STRING
-----BEGIN ALGORITHM-----
MBIGCSqGSIb3DQEBCjAFogMCARc=
-----END ALGORITHM-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 18 cons: SEQUENCE
2:d=1 hl=2 l= 9 prim: OBJECT :rsassaPss
13:d=1 hl=2 l= 5 cons: SEQUENCE
15:d=2 hl=2 l= 3 cons: cont [ 2 ]
17:d=3 hl=2 l= 1 prim: INTEGER :17
-----BEGIN DATA-----
zch9oiPXht87ReC7vHITJtHuKvgGzDFUdcxvDZxm4bYjcdRc4jkuGskoRMMQEC8Vag2NUsH0xAu
jqmUJV4bLdpdXplY7qVj+0LzJhOi1F6PV9RWyO4pB50qoZ2k/kN+wYabobfqu5kRywA5fIJRXKc
vr538Gznjgj0CY+6QfnWGTwDF+i2DUtghKy0LSnjgIo7w3LYXjMRcPy/fMctC3HClmSLOk0Q9BY
pXQgHqmJcqydE/Z6o/SI8QlNwKYKL0WvgJUbxMP0uM7k20mduCK7RtzMYt1CgFn0A==
-----END DATA-----
-----BEGIN SIGNATURE-----
A4GBAJB0MI+1mOlwGyKUOI5S+XH6rCtgpRRa8YXfUoe17SiH5Xzn/UTchjTkB8jg5DYLwibz7CJ
/nZ5UY46NMfUFEhXfbrucL5V5qndZijj5FLW5wb2DxOL584Kg0Ko1Qv/uZZhKYBvGnrKN6yfcoS
yCwtTD9mzVAPH/K5lNik4wy7M8
-----END SIGNATURE-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=3 l= 129 prim: BIT STRING

67
third-party/chromium/data/verify_signed_data/rsa-pss-sha256-mgf1-sha512-salt33.pem vendored Normal file
View File

@ -0,0 +1,67 @@
This test exercises using a different hash function parameter to the mask gen
function (SHA-256 for the hash, but SHA-512 for the MGF1 hash).
This test data was constructed manually by calling signing functions from
OpenSSL code.
It constructs an RSASSA-PSS signature using:
* Key with modulus 1024 bit
* Salt length 33 bytes
* Digest function of SHA-256
* Mask gen function of MGF1 with SHA-512
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQClbkoOcBAXWJpRh9x+qEHRVvLsDjatUqRN/rH
mH3rZkdjFEFb/7bFitMDyg6EqiKOU3/Umq3KRy7MHzqv84LHf1c2VCAltWyuLbfXWce9jd8CSHL
I8Jwpw4lmOb/idGfEFrMLT8Ms18pKA4Thrb2TE7yLh4fINDOjP+yJJvZohNwIDAQAB
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [PUBLIC KEY]
0:d=0 hl=3 l= 159 cons: SEQUENCE
3:d=1 hl=2 l= 13 cons: SEQUENCE
5:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption
16:d=2 hl=2 l= 0 prim: NULL
18:d=1 hl=3 l= 141 prim: BIT STRING
-----BEGIN ALGORITHM-----
MEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAIBBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWU
DBAIDBQCiAwIBIQ==
-----END ALGORITHM-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 65 cons: SEQUENCE
2:d=1 hl=2 l= 9 prim: OBJECT :rsassaPss
13:d=1 hl=2 l= 52 cons: SEQUENCE
15:d=2 hl=2 l= 15 cons: cont [ 0 ]
17:d=3 hl=2 l= 13 cons: SEQUENCE
19:d=4 hl=2 l= 9 prim: OBJECT :sha256
30:d=4 hl=2 l= 0 prim: NULL
32:d=2 hl=2 l= 28 cons: cont [ 1 ]
34:d=3 hl=2 l= 26 cons: SEQUENCE
36:d=4 hl=2 l= 9 prim: OBJECT :mgf1
47:d=4 hl=2 l= 13 cons: SEQUENCE
49:d=5 hl=2 l= 9 prim: OBJECT :sha512
60:d=5 hl=2 l= 0 prim: NULL
62:d=2 hl=2 l= 3 cons: cont [ 2 ]
64:d=3 hl=2 l= 1 prim: INTEGER :21
-----BEGIN DATA-----
VGVzdCBtZXNzYWdlIHRvIGJlIHNpZ25lZC4uLg==
-----END DATA-----
-----BEGIN SIGNATURE-----
A4GBAFob0HSC5uuTqKu4J/lj+5bDa+Hhij4H3klWnvt6Yc+wwPza7/UC4lgGGyvZqD32RUEdt7v
Z14qqYNk53b5aj4C2gBMvLzV7Pay4mmQM4DSWa5JHMxTILqE3DDqihrbMcBw2q3XAsLcjeqLWQ9
yp8tfnV21h98qsCLtErrxZWHRr
-----END SIGNATURE-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=3 l= 129 prim: BIT STRING

74
third-party/chromium/data/verify_signed_data/rsa-pss-sha256-salt10-using-pss-key-with-params.pem vendored Normal file
View File

@ -0,0 +1,74 @@
This is the same test as rsa-pss-sha256-salt10.pem except instead of specifying
the SPKI using rsaEncryption it is specified using rsaPss along with
parameters that match those of the signature algorithm.
-----BEGIN PUBLIC KEY-----
MIHRMEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAIBBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZ
IAWUDBAIBBQCiAwIBCgOBiwAwgYcCgYEAvkmbXn8GyD+gKT4xRlyOtrWK+SC65Sp7W5v+t6py2x
JkES6z/UMdMaKn5QlBVmkpSUoOiR7VYTkYtLUbDR+5d4Oyas99DzhM+zX00oJPXdOAYjomvxgLY
5YcYZ3NsgyuQG8i9uJ2yAo3JZSQz+tywacahPGEbTMId7o+MQHsnHsCARE=
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [PUBLIC KEY]
0:d=0 hl=3 l= 209 cons: SEQUENCE
3:d=1 hl=2 l= 65 cons: SEQUENCE
5:d=2 hl=2 l= 9 prim: OBJECT :rsassaPss
16:d=2 hl=2 l= 52 cons: SEQUENCE
18:d=3 hl=2 l= 15 cons: cont [ 0 ]
20:d=4 hl=2 l= 13 cons: SEQUENCE
22:d=5 hl=2 l= 9 prim: OBJECT :sha256
33:d=5 hl=2 l= 0 prim: NULL
35:d=3 hl=2 l= 28 cons: cont [ 1 ]
37:d=4 hl=2 l= 26 cons: SEQUENCE
39:d=5 hl=2 l= 9 prim: OBJECT :mgf1
50:d=5 hl=2 l= 13 cons: SEQUENCE
52:d=6 hl=2 l= 9 prim: OBJECT :sha256
63:d=6 hl=2 l= 0 prim: NULL
65:d=3 hl=2 l= 3 cons: cont [ 2 ]
67:d=4 hl=2 l= 1 prim: INTEGER :0A
70:d=1 hl=3 l= 139 prim: BIT STRING
-----BEGIN ALGORITHM-----
MEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAIBBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWU
DBAIBBQCiAwIBCg==
-----END ALGORITHM-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 65 cons: SEQUENCE
2:d=1 hl=2 l= 9 prim: OBJECT :rsassaPss
13:d=1 hl=2 l= 52 cons: SEQUENCE
15:d=2 hl=2 l= 15 cons: cont [ 0 ]
17:d=3 hl=2 l= 13 cons: SEQUENCE
19:d=4 hl=2 l= 9 prim: OBJECT :sha256
30:d=4 hl=2 l= 0 prim: NULL
32:d=2 hl=2 l= 28 cons: cont [ 1 ]
34:d=3 hl=2 l= 26 cons: SEQUENCE
36:d=4 hl=2 l= 9 prim: OBJECT :mgf1
47:d=4 hl=2 l= 13 cons: SEQUENCE
49:d=5 hl=2 l= 9 prim: OBJECT :sha256
60:d=5 hl=2 l= 0 prim: NULL
62:d=2 hl=2 l= 3 cons: cont [ 2 ]
64:d=3 hl=2 l= 1 prim: INTEGER :0A
-----BEGIN DATA-----
x/UnD8pyX5vRn1GajXzKPMXAeQJAKfO65RD5sCFA/iOJCOT2wY8HqJxofIaEZpsfHbK6+SUaPIK
frMtJMIThbsnijViGgHSl1iIWZ91uUo0W/iyfPbTPr2xNzoyEOa84zqqqnOLsrnvI9KWlXjv5bf
nNV1xPnLMnlRuM3+QIcWg=
-----END DATA-----
-----BEGIN SIGNATURE-----
A4GBABHhafL9QLB2Qbl2iiqxmWX7bCfxD88DI/zG0S608cBrMw3aoepQRAevop3p6+A3T+nR59D
/vV/Bzzo0RuQUVBXSqyT3ibNGTFxDola7wdaSz38EgB2sW7QBpKA6t9VyioYMGeGk3Hl8pULIID
zsLmAesMUfVn8u2gIrC5693u76
-----END SIGNATURE-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=3 l= 129 prim: BIT STRING

74
third-party/chromium/data/verify_signed_data/rsa-pss-sha256-salt10-using-pss-key-with-wrong-params.pem vendored Normal file
View File

@ -0,0 +1,74 @@
This is the same test as rsa-pss-sha256-salt10-using-pss-key-with-params.pem
except the hash in the PSS key's parameters has been changed from SHA-256 to
SHA-384.
-----BEGIN PUBLIC KEY-----
MIHRMEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAICBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZ
IAWUDBAIBBQCiAwIBCgOBiwAwgYcCgYEAvkmbXn8GyD+gKT4xRlyOtrWK+SC65Sp7W5v+t6py2x
JkES6z/UMdMaKn5QlBVmkpSUoOiR7VYTkYtLUbDR+5d4Oyas99DzhM+zX00oJPXdOAYjomvxgLY
5YcYZ3NsgyuQG8i9uJ2yAo3JZSQz+tywacahPGEbTMId7o+MQHsnHsCARE=
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [PUBLIC KEY]
0:d=0 hl=3 l= 209 cons: SEQUENCE
3:d=1 hl=2 l= 65 cons: SEQUENCE
5:d=2 hl=2 l= 9 prim: OBJECT :rsassaPss
16:d=2 hl=2 l= 52 cons: SEQUENCE
18:d=3 hl=2 l= 15 cons: cont [ 0 ]
20:d=4 hl=2 l= 13 cons: SEQUENCE
22:d=5 hl=2 l= 9 prim: OBJECT :sha384
33:d=5 hl=2 l= 0 prim: NULL
35:d=3 hl=2 l= 28 cons: cont [ 1 ]
37:d=4 hl=2 l= 26 cons: SEQUENCE
39:d=5 hl=2 l= 9 prim: OBJECT :mgf1
50:d=5 hl=2 l= 13 cons: SEQUENCE
52:d=6 hl=2 l= 9 prim: OBJECT :sha256
63:d=6 hl=2 l= 0 prim: NULL
65:d=3 hl=2 l= 3 cons: cont [ 2 ]
67:d=4 hl=2 l= 1 prim: INTEGER :0A
70:d=1 hl=3 l= 139 prim: BIT STRING
-----BEGIN ALGORITHM-----
MEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAIBBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWU
DBAIBBQCiAwIBCg==
-----END ALGORITHM-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 65 cons: SEQUENCE
2:d=1 hl=2 l= 9 prim: OBJECT :rsassaPss
13:d=1 hl=2 l= 52 cons: SEQUENCE
15:d=2 hl=2 l= 15 cons: cont [ 0 ]
17:d=3 hl=2 l= 13 cons: SEQUENCE
19:d=4 hl=2 l= 9 prim: OBJECT :sha256
30:d=4 hl=2 l= 0 prim: NULL
32:d=2 hl=2 l= 28 cons: cont [ 1 ]
34:d=3 hl=2 l= 26 cons: SEQUENCE
36:d=4 hl=2 l= 9 prim: OBJECT :mgf1
47:d=4 hl=2 l= 13 cons: SEQUENCE
49:d=5 hl=2 l= 9 prim: OBJECT :sha256
60:d=5 hl=2 l= 0 prim: NULL
62:d=2 hl=2 l= 3 cons: cont [ 2 ]
64:d=3 hl=2 l= 1 prim: INTEGER :0A
-----BEGIN DATA-----
x/UnD8pyX5vRn1GajXzKPMXAeQJAKfO65RD5sCFA/iOJCOT2wY8HqJxofIaEZpsfHbK6+SUaPIK
frMtJMIThbsnijViGgHSl1iIWZ91uUo0W/iyfPbTPr2xNzoyEOa84zqqqnOLsrnvI9KWlXjv5bf
nNV1xPnLMnlRuM3+QIcWg=
-----END DATA-----
-----BEGIN SIGNATURE-----
A4GBABHhafL9QLB2Qbl2iiqxmWX7bCfxD88DI/zG0S608cBrMw3aoepQRAevop3p6+A3T+nR59D
/vV/Bzzo0RuQUVBXSqyT3ibNGTFxDola7wdaSz38EgB2sW7QBpKA6t9VyioYMGeGk3Hl8pULIID
zsLmAesMUfVn8u2gIrC5693u76
-----END SIGNATURE-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=3 l= 129 prim: BIT STRING

65
third-party/chromium/data/verify_signed_data/rsa-pss-sha256-salt10.pem vendored Normal file
View File

@ -0,0 +1,65 @@
The key, message, and signature come from:
http://csrc.nist.gov/groups/STM/cavp/documents/dss/186-2rsatestvectors.zip (SigVerPSS_186-3.rsp)
(The algorithm DER was synthesized to match, and the signature wrapped in a BIT STRING).
It uses an RSA key with modulus length of 1024 bits, PSS padding,
SHA-256 as the digest, MGF1 with SHA-256, and salt length of 10.
-----BEGIN PUBLIC KEY-----
MIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQC+SZtefwbIP6ApPjFGXI62tYr5ILrlKntbm/6
3qnLbEmQRLrP9Qx0xoqflCUFWaSlJSg6JHtVhORi0tRsNH7l3g7Jqz30POEz7NfTSgk9d04BiOi
a/GAtjlhxhnc2yDK5AbyL24nbICjcllJDP63LBpxqE8YRtMwh3uj4xAeycewIBEQ==
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [PUBLIC KEY]
0:d=0 hl=3 l= 157 cons: SEQUENCE
3:d=1 hl=2 l= 13 cons: SEQUENCE
5:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption
16:d=2 hl=2 l= 0 prim: NULL
18:d=1 hl=3 l= 139 prim: BIT STRING
-----BEGIN ALGORITHM-----
MEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAIBBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWU
DBAIBBQCiAwIBCg==
-----END ALGORITHM-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 65 cons: SEQUENCE
2:d=1 hl=2 l= 9 prim: OBJECT :rsassaPss
13:d=1 hl=2 l= 52 cons: SEQUENCE
15:d=2 hl=2 l= 15 cons: cont [ 0 ]
17:d=3 hl=2 l= 13 cons: SEQUENCE
19:d=4 hl=2 l= 9 prim: OBJECT :sha256
30:d=4 hl=2 l= 0 prim: NULL
32:d=2 hl=2 l= 28 cons: cont [ 1 ]
34:d=3 hl=2 l= 26 cons: SEQUENCE
36:d=4 hl=2 l= 9 prim: OBJECT :mgf1
47:d=4 hl=2 l= 13 cons: SEQUENCE
49:d=5 hl=2 l= 9 prim: OBJECT :sha256
60:d=5 hl=2 l= 0 prim: NULL
62:d=2 hl=2 l= 3 cons: cont [ 2 ]
64:d=3 hl=2 l= 1 prim: INTEGER :0A
-----BEGIN DATA-----
x/UnD8pyX5vRn1GajXzKPMXAeQJAKfO65RD5sCFA/iOJCOT2wY8HqJxofIaEZpsfHbK6+SUaPIK
frMtJMIThbsnijViGgHSl1iIWZ91uUo0W/iyfPbTPr2xNzoyEOa84zqqqnOLsrnvI9KWlXjv5bf
nNV1xPnLMnlRuM3+QIcWg=
-----END DATA-----
-----BEGIN SIGNATURE-----
A4GBABHhafL9QLB2Qbl2iiqxmWX7bCfxD88DI/zG0S608cBrMw3aoepQRAevop3p6+A3T+nR59D
/vV/Bzzo0RuQUVBXSqyT3ibNGTFxDola7wdaSz38EgB2sW7QBpKA6t9VyioYMGeGk3Hl8pULIID
zsLmAesMUfVn8u2gIrC5693u76
-----END SIGNATURE-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=3 l= 129 prim: BIT STRING

52
third-party/chromium/data/verify_signed_data/rsa-using-ec-key.pem vendored Normal file
View File

@ -0,0 +1,52 @@
This test specifies an RSA PKCS#1 v1.5 signature algorithm (and a valid RSA
signature), HOWEVER it provides an EC key. Verification should fail.
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnLDPaTA9r8dh1ORoe07PA55tNKuWSvgIENjVWKS
o1vctUSM6F4iSCobuCKGWLHnvoxf7eHnil9rSFG25lfoceA==
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [PUBLIC KEY]
0:d=0 hl=2 l= 89 cons: SEQUENCE
2:d=1 hl=2 l= 19 cons: SEQUENCE
4:d=2 hl=2 l= 7 prim: OBJECT :id-ecPublicKey
13:d=2 hl=2 l= 8 prim: OBJECT :prime256v1
23:d=1 hl=2 l= 66 prim: BIT STRING
-----BEGIN ALGORITHM-----
MA0GCSqGSIb3DQEBCwUA
-----END ALGORITHM-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 13 cons: SEQUENCE
2:d=1 hl=2 l= 9 prim: OBJECT :sha256WithRSAEncryption
13:d=1 hl=2 l= 0 prim: NULL
-----BEGIN DATA-----
MIIB46ADAgECAgkA3l4tFOVii0UwDQYJKoZIhvcNAQELBQAwVjELMAkGA1UEBhMCQVUxEzARBgN
VBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEPMA0GA1
UEAwwGTXkga2V5MB4XDTE1MDcwMjE3MDYzOVoXDTE2MDcwMTE3MDYzOVowVjELMAkGA1UEBhMCQ
VUxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0
ZDEPMA0GA1UEAwwGTXkga2V5MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqR+B2Mj1irNp
1JnY2zQIQRQPz7ybs6mUjHT3hf5APyaig2u6fBPThqxssgg0YviqIj/70hVK/JXcqP1zgR5AhsA
0agnwAjfB/ow4EH+3HEYV52qpxN98pUxC+1l2hgVtn8xCS/JGyjK+6dv+lZw3ixJoX2RjVtdJ4/
cn318EhhQIDAQABo1AwTjAdBgNVHQ4EFgQUzQBVKTEknyLndWd2HTsBdTKvyikwHwYDVR0jBBgw
FoAUzQBVKTEknyLndWd2HTsBdTKvyikwDAYDVR0TBAUwAwEB/w==
-----END DATA-----
-----BEGIN SIGNATURE-----
A4GBADrHSmFSJw/Gv7hs5PNzpaJwAri/sitarIZfzN/SjR+n8L8yeTEoiDb1+BkxlFvXvPHTaOK
oO3WlslNNOxh1W5/JkYYGOUkCcyIjnln6qS560imcr3VNjomT/M8M2Iss+rJiKau1TRuaP7H8i6
+Gqf3saGdr8/LnvFAdNQvkalQt
-----END SIGNATURE-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=3 l= 129 prim: BIT STRING

93
third-party/chromium/data/verify_signed_data/rsa2048-pkcs1-sha512.pem vendored Normal file
View File

@ -0,0 +1,93 @@
This test data was produced by creating a self-signed RSA cert using OpenSSL,
and then extracting the relevant fields.
It uses RSA PKCS#1 v1.5 with SHA-512 and a 2048-bit key.
(1) Generate self-signed certificate
openssl genrsa -out rsa_key.pem 2048
openssl req -new -key rsa_key.pem -x509 -nodes -days 365 -sha512 -out cert.pem
(2) Extract public key
openssl x509 -in cert.pem -pubkey -noout > pubkey.pem
cat pubkey.pem
(3) Extract signed data (tbsCertificate)
openssl asn1parse -in cert.pem -out tbs -noout -strparse 4
base64 tbs
(4) Extract signature algorithm
# Find the offset of the signature algorithm near the end (589 in this case)
openssl asn1parse -in cert.pem
openssl asn1parse -in cert.pem -out alg -noout -strparse 589
base64 alg
(5) Extract the signature
# Find the final offset of BIT STRING (506 in this case)
openssl asn1parse -in cert.pem
openssl asn1parse -in cert.pem -out sig -noout -strparse 506
base64 sig
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcu2shJRrXFAwMkf30y2AY1zIg9VF/h
egYcejzdR2AzUb8vU2TXld2i8pp44l+DrvtqmzS7G+yxx3uOx+zsoqBaUT0c9HfkbE+IRmcLkQF
vYpSpm6Eu8OS14CSmEtiR91Et8LR0+bd0Gn3pgmb+epFJBaBPeDSiI/smqKCs7yP04+tS4Q4r47
G04LhSp4/hmqH32b4Gcm9nsihHV9FfPfVdxDQUEJp3AgyBPwhPZEAyhoQS73TjjxXHqJRSz37Sl
ueMVPuNncqbT4nAMKz25J1CtRlQh21uZzfY2QRP3m6rAZquQUos1febC6A7qmhQljWKKmXtfVY+
fAamstdHrWwIDAQAB
-----END PUBLIC KEY-----
$ openssl asn1parse -i < [PUBLIC KEY]
0:d=0 hl=4 l= 290 cons: SEQUENCE
4:d=1 hl=2 l= 13 cons: SEQUENCE
6:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption
17:d=2 hl=2 l= 0 prim: NULL
19:d=1 hl=4 l= 271 prim: BIT STRING
-----BEGIN ALGORITHM-----
MA0GCSqGSIb3DQEBDQUA
-----END ALGORITHM-----
$ openssl asn1parse -i < [ALGORITHM]
0:d=0 hl=2 l= 13 cons: SEQUENCE
2:d=1 hl=2 l= 9 prim: OBJECT :sha512WithRSAEncryption
13:d=1 hl=2 l= 0 prim: NULL
-----BEGIN DATA-----
MIICRaADAgECAgkA7jWRLkwHvHswDQYJKoZIhvcNAQENBQAwRTELMAkGA1UEBhMCQVUxEzARBgN
VBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0xNT
A3MjgwMjIyMzFaFw0xNjA3MjcwMjIyMzFaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lL
VN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQDNy7ayElGtcUDAyR/fTLYBjXMiD1UX+F6Bhx6PN1HYDNRvy9TZNeV
3aLymnjiX4Ou+2qbNLsb7LHHe47H7OyioFpRPRz0d+RsT4hGZwuRAW9ilKmboS7w5LXgJKYS2JH
3US3wtHT5t3QafemCZv56kUkFoE94NKIj+yaooKzvI/Tj61LhDivjsbTguFKnj+GaoffZvgZyb2
eyKEdX0V899V3ENBQQmncCDIE/CE9kQDKGhBLvdOOPFceolFLPftKW54xU+42dyptPicAwrPbkn
UK1GVCHbW5nN9jZBE/ebqsBmq5BSizV95sLoDuqaFCWNYoqZe19Vj58Bqay10etbAgMBAAGjUDB
OMB0GA1UdDgQWBBRsCPajkEscZM6SpLbNTa/7dY5azzAfBgNVHSMEGDAWgBRsCPajkEscZM6SpL
bNTa/7dY5azzAMBgNVHRMEBTADAQH/
-----END DATA-----
-----BEGIN SIGNATURE-----
A4IBAQAhKSNq+X/CfzhtNsMo6MJpTBjJBV5fhHerIZr6e3ozCTBCR29vYsVnJ4/6i5lL1pNeOhM
ldthnuSlMzTS1Zme1OqRWB3U8QmwCFwhDxW/i4fdT8kxDAmELNp4z0GcXbe27V895PE0R/m8P47
B6xbra+SQlEMW12K1EndUqrO6vgLbobV14mveWdgc0KIOnDKgsTHV8NTV1w3qtp1ujfvizYfBZu
yyMOA1yZPDpREZtClro7lufwDQ7+LgSdtNLMDAMzapfIjAEPVNVLmJzMgzaHqMsZM8gP8vWAdfc
R4mCmWXVotrM6d1rjJGdRADAONYCC4/+d1IMkVGoVfpaej6I
-----END SIGNATURE-----
$ openssl asn1parse -i < [SIGNATURE]
0:d=0 hl=4 l= 257 prim: BIT STRING