Index: crypto/ec_signature_creator_unittest.cc |
diff --git a/crypto/ec_signature_creator_unittest.cc b/crypto/ec_signature_creator_unittest.cc |
index 407b2781b2befcf29fec67203461dff576e9a1e9..0f89920689d525002cd6f3ae3ef11b4ed4b184c0 100644 |
--- a/crypto/ec_signature_creator_unittest.cc |
+++ b/crypto/ec_signature_creator_unittest.cc |
@@ -7,6 +7,11 @@ |
#include <string> |
#include <vector> |
+#if !defined(USE_OPENSSL) |
+#include <cryptohi.h> |
+#include <secerr.h> |
+#endif |
+ |
#include "base/memory/scoped_ptr.h" |
#include "crypto/ec_private_key.h" |
#include "crypto/signature_verifier.h" |
@@ -53,19 +58,32 @@ TEST(ECSignatureCreatorTest, BasicTest) { |
std::vector<uint8> public_key_info; |
ASSERT_TRUE(key_original->ExportPublicKey(&public_key_info)); |
- // This is the algorithm ID for SHA-1 with EC encryption. |
- const uint8 kECDSAWithSHA1AlgorithmID[] = { |
- 0x30, 0x0b, |
- 0x06, 0x07, |
- 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x01, |
+ // This is the algorithm ID for SHA-256 with EC encryption. |
+ const uint8 kECDSAWithSHA256AlgorithmID[] = { |
+ 0x30, 0x0c, |
+ 0x06, 0x08, |
+ 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, |
0x05, 0x00 |
}; |
+ |
+ // SignatureVerifier expects the signatures to be DER encoded. |
Ryan Sleevi
2012/09/12 17:55:22
Shouldn't we also be fixing this to match?
agl
2012/09/12 18:51:48
The SignatureVerifier is used elsewhere too, and i
|
+ SECItem der_signature; |
+ SECItem sig; |
+ sig.type = siBuffer; |
+ sig.len = signature.size(); |
+ sig.data = signature.data(); |
+ SECStatus rv = DSAU_EncodeDerSigWithLen(&der_signature, &sig, sig.len); |
+ ASSERT_EQ(SECSuccess, rv); |
+ |
crypto::SignatureVerifier verifier; |
ASSERT_TRUE(verifier.VerifyInit( |
- kECDSAWithSHA1AlgorithmID, sizeof(kECDSAWithSHA1AlgorithmID), |
- &signature.front(), signature.size(), |
+ kECDSAWithSHA256AlgorithmID, sizeof(kECDSAWithSHA256AlgorithmID), |
+ der_signature.data, der_signature.len, |
&public_key_info.front(), public_key_info.size())); |
+ SECITEM_FreeItem(&der_signature, |
+ PR_FALSE /* don't free der_signature itself */); |
+ |
verifier.VerifyUpdate(reinterpret_cast<const uint8*>(data.c_str()), |
data.size()); |
ASSERT_TRUE(verifier.VerifyFinal()); |