pascal
/
freepascal.compiler
mirror of https://gitlab.com/freepascal.org/fpc/source.git


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209
							unit utestsha256;

{$mode objfpc}{$H+}

interface

uses
  Classes, SysUtils, fpcunit, testutils, testregistry, fpecc, fpsha256, fphashutils;

type

  { TTestSHA256 }

  TTestSHA256 = class(TTestCase)
  Public
    Procedure TestHexString(Const aString,aDigest : String);
    Procedure TestBase64String(Const aString,aDigest : String);
    Procedure TestHMACString(Const aString,aKey,aDigest : String);
  published
    procedure TestEmpty;
    procedure TestSmallString;
    procedure TestEmptyBase64;
    procedure TestSmallBase64;
    procedure TestSmallHMAC;
    procedure TestHMACStream;
  end;

  { TTestECDSASHA256 }

  TTestECDSASHA256 = Class(TTestCase)
    // base64url encoded
    Const
    aInput =
      'eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.' +
      'eyJpYXQiOjE1MTYyMzkwMjIsImV4cCI6MTUxNjI0OTAyMiwiaXNzIjoiRGVscGhpIEpPU0UgYW5kIEpXVCBMaWJyYXJ5In0';
    aOutput =
      '4QDMKAvHwb6pA5fN0oQjlzuKmPIlNpmIQ8vPH7zy4fjZdtcPVJMtfiVhztwQldQL9A5yzBKI8q2puVygm-2Adw';
    // Private key in PEM format
    Const APrivateKeyPem =
        '-----BEGIN EC PRIVATE KEY-----'+ #10+
        'MHcCAQEEIFzS3/5bCnrlpa4902/zkYzURF6E2D8pazgnJu4smhpQoAoGCCqGSM49'+ #10+
        'AwEHoUQDQgAEqTjyg2z65i+zbyUZW8BQ+K87DNsICRaEH7Fy7Rm3MseXy9ItSCQU'+ #10+
        'VeJbtO6kYUA00mx7bKoC1sx5sbtFExnYPQ=='+ #10+
        '-----END EC PRIVATE KEY-----';
   Published
     Procedure TestSignVerify;
     Procedure TestVerify;
     Procedure TestVerifyFromKey;
   end;

implementation

uses
   fppem, fpecdsa,  basenenc;

{ TTestECDSASHA256 }

procedure TTestECDSASHA256.TestSignVerify;

var
  aPrivateKey : TEccPrivateKey;
  aPublicKey : TEccPublicKey;
  aSignature : TECCSignature;
  X,Y : Ansistring;
  S : TStringStream;

begin
  S:=TStringStream.Create(APrivateKeyPem);
  try
    AssertTrue('Loaded key',PemLoadECDSA(S,aPrivateKey,aPublicKey,X,Y));
    AssertTrue('Encrypted',TECDSA.SignSHA256(aInput,aPrivateKey,aSignature));
    EccPublicKeyFromPrivateKey(aPublicKey,aPrivateKey);
    AssertTrue('Verified our own',TECDSA.SignSHA256(aInput,aPrivateKey,aSignature));
  finally
    S.Free;
  end;
end;

procedure TTestECDSASHA256.TestVerify;

var
  aPrivateKey : TEccPrivateKey;
  aPublicKey : TEccPublicKey;
  aSignature : TECCSignature;
  X,Y : Ansistring;
  S : TStringStream;

begin
  S:=TStringStream.Create(APrivateKeyPem);
  try
    AssertTrue('Loaded key',PemLoadECDSA(S,aPrivateKey,aPublicKey,X,Y));
    AssertTrue('Encrypted',TECDSA.SignSHA256(aInput,aPrivateKey,aSignature));
    // Now verify with result of someone else (random elements)
    BytesToVar(Base64URL.Decode(aOutput),aSignature,SizeOf(aSignature));
    AssertTrue('Verified other',TECDSA.VerifySHA256(aInput,aPrivateKey,aSignature));
  finally
    S.Free;
  end;

end;

procedure TTestECDSASHA256.TestVerifyFromKey;

Const
  // from JWT.IO
  aInput2 = 'eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImlhdCI6MTUxNjIzOTAyMn0';
  aOutput2 = 'tyh-VfuzIxCyGYDlkBA7DfyjrqmSHu6pQ2hoZuFqUSLPNY2N0mpHb3nk5K17HWP_3cYHBw7AhHale5wky6-sVA';

  aPrivateKey2: TEccPrivateKey = ($7a,$f6,$73,$2f,$58,$1d,$00,$5a,$fc,$f2,$16,$f6,$38,$5f,$f6,
                $37,$10,$29,$24,$2c,$c6,$08,$40,$dd,$7d,$2a,$7a,$55,$03,$b7,
                $d2,$1c);

var
  aSignature : TECCSignature;

begin
  BytesToVar(Base64URL.Decode(aOutput2),aSignature,SizeOf(aSignature));
  AssertTrue('Verified other',TECDSA.VerifySHA256(aInput2,aPrivateKey2,aSignature));
end;

{ TTestSHA256 }

Procedure TTestSHA256.TestHexString(Const aString,aDigest : String);

var
  Digest : AnsiString;
  S : TBytes;

begin
  S:=[];
  Digest:='';
  S:=TEncoding.UTF8.GetAnsiBytes(aString);
  TSHA256.DigestHexa(S, Digest);
  AssertEquals('Correct hex digest',aDigest, Digest);
end;

procedure TTestSHA256.TestBase64String(const aString, aDigest: String);
var
  Digest : AnsiString;
  S : TBytes;

begin
  S:=TEncoding.UTF8.GetAnsiBytes(aString);
  Digest:='';
  TSHA256.DigestBase64(S,False,Digest);
  AssertEquals('Correct base64 digest',aDigest, Digest);
end;

procedure TTestSHA256.TestHMACString(const aString, aKey, aDigest: String);
var
  Digest : AnsiString;
  S,K : TBytes;

begin
  S:=TEncoding.UTF8.GetAnsiBytes(aString);
  K:=TEncoding.UTF8.GetAnsiBytes(aKey);
  TSHA256.HMACHexa(K,S,Digest);
  AssertEquals('Correct digest',aDigest, Digest);
end;

procedure TTestSHA256.TestEmpty;


begin
  TestHexString('','E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855');
end;

procedure TTestSHA256.TestSmallString;

begin
  TestHexString('abc','BA7816BF8F01CFEA414140DE5DAE2223B00361A396177A9CB410FF61F20015AD');
end;

procedure TTestSHA256.TestEmptyBase64;
begin
  TestBase64String('','47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU');
end;

procedure TTestSHA256.TestSmallBase64;

begin
  TestBase64String('abc','ungWv48Bz+pBQUDeXa4iI7ADYaOWF3qctBD/YfIAFa0');
end;

procedure TTestSHA256.TestSmallHMAC;
begin
  TestHMACString('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ',
                 'Secret key' ,
                 '6AE3261635F57BF68B6E3DF9C06ED14D3FA793F1B7BE55BC3429895B09F52F77');
end;

procedure TTestSHA256.TestHMACStream;

Var
  S : TStringStream;

begin
  S:=TStringStream.Create('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ');
  try
    AssertEquals('Correct hash','3964294B664613798D1A477EB8AD02118B48D0C5738C427613202F2ED123B5F1',TSHA256.StreamHexa(S));
  finally
    S.Free;
  end;
end;

initialization
  RegisterTests([TTestSHA256,TTestECDSASHA256]);
end.