Add tests for signatures

Author: whyoleg

cryptography-providers-tests-api/src/commonMain/kotlin/utils.kt

@@ -8,6 +8,7 @@ import dev.whyoleg.cryptography.*
 import dev.whyoleg.cryptography.algorithms.*
 
 import dev.whyoleg.cryptography.materials.key.*
+import kotlinx.io.*
 import kotlinx.io.bytestring.*
 import kotlin.io.encoding.*
 import kotlin.test.*
@@ -64,6 +65,8 @@ fun digest(name: String): CryptographyAlgorithmId<Digest> = when (name) {
     else          -> error("Unknown digest: $name")
 }
 
+fun Buffer(bytes: ByteString): Buffer = Buffer().apply { write(bytes) }
+
 expect fun disableJsConsoleDebug()
 
 // Wasm tests on browser cannot be filtered: https://youtrack.jetbrains.com/issue/KT-58291

cryptography-providers-tests/src/commonMain/kotlin/default/EcdsaTest.kt

@@ -8,11 +8,12 @@ import dev.whyoleg.cryptography.*
 import dev.whyoleg.cryptography.algorithms.*
 import dev.whyoleg.cryptography.providers.tests.api.*
 import dev.whyoleg.cryptography.random.*
+import kotlinx.io.bytestring.*
 import kotlin.io.encoding.*
 import kotlin.math.*
 import kotlin.test.*
 
-abstract class EcdsaTest(provider: CryptographyProvider) : ProviderTest(provider) {
+abstract class EcdsaTest(provider: CryptographyProvider) : ProviderTest(provider), SignatureTest {
 
     //all sizes are in bytes
     // `privateKeySizes` contains three sizes.
@@ -83,4 +84,35 @@ abstract class EcdsaTest(provider: CryptographyProvider) : ProviderTest(provider
             }
         }
     }
+
+    @Test
+    fun testFunctions() = testAlgorithm(ECDSA) {
+        if (!supportsFunctions()) return@testAlgorithm
+
+        listOf(
+            EC.Curve.P256,
+            EC.Curve.P384,
+            EC.Curve.P521,
+            EC.Curve("secp256k1"),
+        ).forEach { curve ->
+            if (!supportsCurve(curve)) return@forEach
+
+            val keyPair = algorithm.keyPairGenerator(curve).generateKey()
+
+            generateDigests { digest, _ ->
+                if (!supportsDigest(digest)) return@generateDigests
+
+                ECDSA.SignatureFormat.entries.forEach { format ->
+                    val signatureGenerator = keyPair.privateKey.signatureGenerator(digest, format)
+                    val signatureVerifier = keyPair.publicKey.signatureVerifier(digest, format)
+
+                    repeat(10) {
+                        val size = CryptographyRandom.nextInt(20000)
+                        val data = ByteString(CryptographyRandom.nextBytes(size))
+                        assertSignaturesViaFunction(signatureGenerator, signatureVerifier, data)
+                    }
+                }
+            }
+        }
+    }
 }

cryptography-providers-tests/src/commonMain/kotlin/default/HmacTest.kt

@@ -8,10 +8,11 @@ import dev.whyoleg.cryptography.*
 import dev.whyoleg.cryptography.algorithms.*
 import dev.whyoleg.cryptography.providers.tests.api.*
 import dev.whyoleg.cryptography.random.*
+import kotlinx.io.bytestring.*
 import kotlin.math.*
 import kotlin.test.*
 
-abstract class HmacTest(provider: CryptographyProvider) : ProviderTest(provider) {
+abstract class HmacTest(provider: CryptographyProvider) : ProviderTest(provider), SignatureTest {
 
     private class HmacTestScope(
         logger: TestLogger,
@@ -81,4 +82,19 @@ abstract class HmacTest(provider: CryptographyProvider) : ProviderTest(provider)
         val signature = key.signatureGenerator().generateSignature(data)
         assertFalse(wrongKey.signatureVerifier().tryVerifySignature(data, signature))
     }
+
+    @Test
+    fun testFunctions() = runTestForEachDigest {
+        if (!supportsFunctions()) return@runTestForEachDigest
+
+        val key = algorithm.keyGenerator(digest).generateKey()
+        val signatureGenerator = key.signatureGenerator()
+        val signatureVerifier = key.signatureVerifier()
+
+        repeat(10) {
+            val size = CryptographyRandom.nextInt(20000)
+            val data = ByteString(CryptographyRandom.nextBytes(size))
+            assertSignaturesViaFunction(signatureGenerator, signatureVerifier, data)
+        }
+    }
 }

cryptography-providers-tests/src/commonMain/kotlin/default/RsaPkcs1Test.kt

@@ -8,10 +8,11 @@ import dev.whyoleg.cryptography.*
 import dev.whyoleg.cryptography.algorithms.*
 import dev.whyoleg.cryptography.providers.tests.api.*
 import dev.whyoleg.cryptography.random.*
+import kotlinx.io.bytestring.*
 import kotlin.math.*
 import kotlin.test.*
 
-abstract class RsaPkcs1Test(provider: CryptographyProvider) : ProviderTest(provider) {
+abstract class RsaPkcs1Test(provider: CryptographyProvider) : ProviderTest(provider), SignatureTest {
 
     @Test
     fun testSizes() = testAlgorithm(RSA.PKCS1) {
@@ -69,4 +70,24 @@ abstract class RsaPkcs1Test(provider: CryptographyProvider) : ProviderTest(provi
         assertContentEquals(plaintext, decryptor.decrypt(ciphertext))
     }
 
+    @Test
+    fun testSignatureFunctions() = testAlgorithm(RSA.PKCS1) {
+        if (!supportsFunctions()) return@testAlgorithm
+
+        generateRsaKeySizes { keySize ->
+            generateDigests { digest, _ ->
+                if (!supportsDigest(digest)) return@generateDigests
+
+                val keyPair = algorithm.keyPairGenerator(keySize, digest).generateKey()
+                val signatureGenerator = keyPair.privateKey.signatureGenerator()
+                val signatureVerifier = keyPair.publicKey.signatureVerifier()
+
+                repeat(5) {
+                    val size = CryptographyRandom.nextInt(20000)
+                    val data = ByteString(CryptographyRandom.nextBytes(size))
+                    assertSignaturesViaFunction(signatureGenerator, signatureVerifier, data)
+                }
+            }
+        }
+    }
 }

cryptography-providers-tests/src/commonMain/kotlin/default/RsaPssTest.kt

@@ -9,10 +9,11 @@ import dev.whyoleg.cryptography.BinarySize.Companion.bytes
 import dev.whyoleg.cryptography.algorithms.*
 import dev.whyoleg.cryptography.providers.tests.api.*
 import dev.whyoleg.cryptography.random.*
+import kotlinx.io.bytestring.*
 import kotlin.math.*
 import kotlin.test.*
 
-abstract class RsaPssTest(provider: CryptographyProvider) : ProviderTest(provider) {
+abstract class RsaPssTest(provider: CryptographyProvider) : ProviderTest(provider), SignatureTest {
 
     @Test
     fun testSizes() = testAlgorithm(RSA.PSS) {
@@ -53,4 +54,25 @@ abstract class RsaPssTest(provider: CryptographyProvider) : ProviderTest(provide
             }
         }
     }
+
+    @Test
+    fun testFunctions() = testAlgorithm(RSA.PSS) {
+        if (!supportsFunctions()) return@testAlgorithm
+
+        generateRsaKeySizes { keySize ->
+            generateDigests { digest, _ ->
+                if (!supportsDigest(digest)) return@generateDigests
+
+                val keyPair = algorithm.keyPairGenerator(keySize, digest).generateKey()
+                val signatureGenerator = keyPair.privateKey.signatureGenerator()
+                val signatureVerifier = keyPair.publicKey.signatureVerifier()
+
+                repeat(5) {
+                    val size = CryptographyRandom.nextInt(20000)
+                    val data = ByteString(CryptographyRandom.nextBytes(size))
+                    assertSignaturesViaFunction(signatureGenerator, signatureVerifier, data)
+                }
+            }
+        }
+    }
 }

cryptography-providers-tests/src/commonMain/kotlin/default/SignatureTest.kt

@@ -0,0 +1,57 @@
+/*
+ * Copyright (c) 2024 Oleg Yukhnevich. Use of this source code is governed by the Apache 2.0 license.
+ */
+
+package dev.whyoleg.cryptography.providers.tests.default
+
+import dev.whyoleg.cryptography.operations.*
+import dev.whyoleg.cryptography.providers.tests.api.*
+import kotlinx.io.*
+import kotlinx.io.bytestring.*
+import kotlin.test.*
+
+interface SignatureTest {
+    suspend fun AlgorithmTestScope<*>.assertSignaturesViaFunction(
+        signatureGenerator: SignatureGenerator,
+        signatureVerifier: SignatureVerifier,
+        data: ByteString,
+    ) {
+        val chunked: UpdateFunction. () -> Unit = {
+            val steps = 10
+            val step = data.size / steps
+            var start = 0
+            while (start < data.size) {
+                update(data, start, minOf(data.size, start + step))
+                start += step
+            }
+        }
+        val viaSource: UpdateFunction. () -> Unit = {
+            update((Buffer(data) as RawSource).buffered())
+        }
+        val viaSink: UpdateFunction. () -> Unit = {
+            updatingSink(discardingSink()).buffered().use { it.write(data) }
+        }
+
+        fun signature(block: UpdateFunction. () -> Unit) = signatureGenerator.createSignFunction().use {
+            it.block()
+            it.sign()
+        }
+
+        fun tryVerify(signature: ByteString, block: UpdateFunction. () -> Unit) = signatureVerifier.createVerifyFunction().use {
+            it.block()
+            it.tryVerify(signature)
+        }
+
+        listOf(
+            signatureGenerator.generateSignature(data),
+            signature(chunked),
+            signature(viaSource),
+            signature(viaSink),
+        ).forEach { signature ->
+            assertTrue(signatureVerifier.tryVerifySignature(data, signature))
+            assertTrue(tryVerify(signature, chunked))
+            assertTrue(tryVerify(signature, viaSource))
+            assertTrue(tryVerify(signature, viaSink))
+        }
+    }
+}