add mac and signature default algorithm finders

Author: Xor-el

CryptoLib.Benchmark/Delphi/CryptoLib.BenchmarkConsole.dpr

@@ -694,6 +694,10 @@ uses
   ClpIAsymmetricKeyEntry in '..\..\CryptoLib\src\Interfaces\Pkcs\ClpIAsymmetricKeyEntry.pas',
   ClpDefaultDigestAlgorithmFinder in '..\..\CryptoLib\src\Crypto\Operators\ClpDefaultDigestAlgorithmFinder.pas',
   ClpIDigestAlgorithmFinder in '..\..\CryptoLib\src\Interfaces\Crypto\Operators\ClpIDigestAlgorithmFinder.pas',
+  ClpDefaultMacAlgorithmFinder in '..\..\CryptoLib\src\Crypto\Operators\ClpDefaultMacAlgorithmFinder.pas',
+  ClpIMacAlgorithmFinder in '..\..\CryptoLib\src\Interfaces\Crypto\Operators\ClpIMacAlgorithmFinder.pas',
+  ClpDefaultSignatureAlgorithmFinder in '..\..\CryptoLib\src\Crypto\Operators\ClpDefaultSignatureAlgorithmFinder.pas',
+  ClpISignatureAlgorithmFinder in '..\..\CryptoLib\src\Interfaces\Crypto\Operators\ClpISignatureAlgorithmFinder.pas',
   ClpPkcs12Utilities in '..\..\CryptoLib\src\Pkcs\ClpPkcs12Utilities.pas',
   ClpPkcs12StoreBuilder in '..\..\CryptoLib\src\Pkcs\ClpPkcs12StoreBuilder.pas',
   ClpIPkcs12StoreBuilder in '..\..\CryptoLib\src\Interfaces\Pkcs\ClpIPkcs12StoreBuilder.pas',

CryptoLib.Examples/Delphi.Examples/CryptoLib.Examples.dpr

@@ -699,6 +699,10 @@ uses
   ClpIAsymmetricKeyEntry in '..\..\CryptoLib\src\Interfaces\Pkcs\ClpIAsymmetricKeyEntry.pas',
   ClpDefaultDigestAlgorithmFinder in '..\..\CryptoLib\src\Crypto\Operators\ClpDefaultDigestAlgorithmFinder.pas',
   ClpIDigestAlgorithmFinder in '..\..\CryptoLib\src\Interfaces\Crypto\Operators\ClpIDigestAlgorithmFinder.pas',
+  ClpDefaultMacAlgorithmFinder in '..\..\CryptoLib\src\Crypto\Operators\ClpDefaultMacAlgorithmFinder.pas',
+  ClpIMacAlgorithmFinder in '..\..\CryptoLib\src\Interfaces\Crypto\Operators\ClpIMacAlgorithmFinder.pas',
+  ClpDefaultSignatureAlgorithmFinder in '..\..\CryptoLib\src\Crypto\Operators\ClpDefaultSignatureAlgorithmFinder.pas',
+  ClpISignatureAlgorithmFinder in '..\..\CryptoLib\src\Interfaces\Crypto\Operators\ClpISignatureAlgorithmFinder.pas',
   ClpPkcs12Utilities in '..\..\CryptoLib\src\Pkcs\ClpPkcs12Utilities.pas',
   ClpPkcs12StoreBuilder in '..\..\CryptoLib\src\Pkcs\ClpPkcs12StoreBuilder.pas',
   ClpIPkcs12StoreBuilder in '..\..\CryptoLib\src\Interfaces\Pkcs\ClpIPkcs12StoreBuilder.pas',

CryptoLib.Tests/Delphi.Tests/CryptoLib.Tests.dpr

@@ -710,6 +710,10 @@ uses
   ClpIAsymmetricKeyEntry in '..\..\CryptoLib\src\Interfaces\Pkcs\ClpIAsymmetricKeyEntry.pas',
   ClpDefaultDigestAlgorithmFinder in '..\..\CryptoLib\src\Crypto\Operators\ClpDefaultDigestAlgorithmFinder.pas',
   ClpIDigestAlgorithmFinder in '..\..\CryptoLib\src\Interfaces\Crypto\Operators\ClpIDigestAlgorithmFinder.pas',
+  ClpDefaultMacAlgorithmFinder in '..\..\CryptoLib\src\Crypto\Operators\ClpDefaultMacAlgorithmFinder.pas',
+  ClpIMacAlgorithmFinder in '..\..\CryptoLib\src\Interfaces\Crypto\Operators\ClpIMacAlgorithmFinder.pas',
+  ClpDefaultSignatureAlgorithmFinder in '..\..\CryptoLib\src\Crypto\Operators\ClpDefaultSignatureAlgorithmFinder.pas',
+  ClpISignatureAlgorithmFinder in '..\..\CryptoLib\src\Interfaces\Crypto\Operators\ClpISignatureAlgorithmFinder.pas',
   ClpPkcs12Utilities in '..\..\CryptoLib\src\Pkcs\ClpPkcs12Utilities.pas',
   ClpPkcs12StoreBuilder in '..\..\CryptoLib\src\Pkcs\ClpPkcs12StoreBuilder.pas',
   ClpIPkcs12StoreBuilder in '..\..\CryptoLib\src\Interfaces\Pkcs\ClpIPkcs12StoreBuilder.pas',
@@ -819,6 +823,7 @@ uses
   RSATests in '..\src\Crypto\RSATests.pas',
   RSABlindedTests in '..\src\Crypto\RSABlindedTests.pas',
   RSADigestSignerTests in '..\src\Crypto\RSADigestSignerTests.pas',
+  AlgorithmFinderTests in '..\src\Crypto\AlgorithmFinderTests.pas',
   ISO9796Tests in '..\src\Crypto\ISO9796Tests.pas',
   PssTests in '..\src\Crypto\PssTests.pas',
   PrivateKeyInfoTests in '..\src\Asn1\PrivateKeyInfoTests.pas',

CryptoLib.Tests/FreePascal.Tests/CryptoLib.Tests.lpi

@@ -79,7 +79,7 @@
         <PackageName Value="FCL"/>
       </Item4>
     </RequiredPackages>
-    <Units Count="153">
+    <Units Count="154">
       <Unit0>
         <Filename Value="CryptoLib.lpr"/>
         <IsPartOfProject Value="True"/>
@@ -693,6 +693,10 @@
         <Filename Value="..\src\X509\X509UtilitiesTests.pas"/>
         <IsPartOfProject Value="True"/>
       </Unit152>
+      <Unit153>
+        <Filename Value="..\src\Crypto\AlgorithmFinderTests.pas"/>
+        <IsPartOfProject Value="True"/>
+      </Unit153>
     </Units>
   </ProjectOptions>
   <CompilerOptions>

CryptoLib.Tests/FreePascal.Tests/CryptoLib.lpr

@@ -36,9 +36,9 @@
   CryptoIOSinkTests, OaepTests, RijndaelTests, BlowfishTests, Poly1305Tests,
   MacTests, ChaCha20Poly1305Tests, OcbTests, CcmTests, EaxTests, CMacTests,
   AeadTestUtilities, GcmReorderTests, GCMTests, GcmSivTests, GMacTests,
-  Pkcs12Tests, Bip327MuSig2Tests, Bip340SchnorrTests, CryptoLibTestBase,
-  SimdSelectSlotTests, PkcsEncryptedPrivateKeyInfoTests, Pkcs12StoreTests,
-  OpenSslReaderTests, OpenSslWriterTests, X509CertGenTests,
+  Pkcs12Tests, Bip327MuSig2Tests, Bip340SchnorrTests, AlgorithmFinderTests,
+  CryptoLibTestBase, SimdSelectSlotTests, PkcsEncryptedPrivateKeyInfoTests,
+  Pkcs12StoreTests, OpenSslReaderTests, OpenSslWriterTests, X509CertGenTests,
   X509CertificatePairTests, X509UtilitiesTests, ClpFixedSecureRandom,
   ClpShortenedDigest, ClpCertTestUtilities, ClpFusedKernelToggle, Int32Tests,
   Int64Tests, IPAddressUtilitiesTests, PemReaderTests;

CryptoLib.Tests/FreePascal.Tests/CryptoLibConsole.lpi

@@ -39,7 +39,7 @@
         <PackageName Value="FCL"/>
       </Item2>
     </RequiredPackages>
-    <Units Count="153">
+    <Units Count="154">
       <Unit0>
         <Filename Value="CryptoLibConsole.lpr"/>
         <IsPartOfProject Value="True"/>
@@ -652,6 +652,10 @@
         <Filename Value="..\src\X509\X509UtilitiesTests.pas"/>
         <IsPartOfProject Value="True"/>
       </Unit152>
+      <Unit153>
+        <Filename Value="..\src\Crypto\AlgorithmFinderTests.pas"/>
+        <IsPartOfProject Value="True"/>
+      </Unit153>
     </Units>
   </ProjectOptions>
   <CompilerOptions>

CryptoLib.Tests/FreePascal.Tests/CryptoLibConsole.lpr

@@ -37,11 +37,12 @@
   BlowfishTests, CcmTests, ChaCha20Poly1305Tests, CMacTests, EaxTests, OcbTests,
   MacTests, Poly1305Tests, AeadTestUtilities, GcmReorderTests, GCMTests,
   GcmSivTests, GMacTests, Pkcs12Tests, Bip327MuSig2Tests, Bip340SchnorrTests,
-  CryptoLibTestBase, SimdSelectSlotTests, PkcsEncryptedPrivateKeyInfoTests,
-  Pkcs12StoreTests, OpenSslReaderTests, OpenSslWriterTests, X509CertGenTests,
-  X509CertificatePairTests, X509UtilitiesTests, ClpFixedSecureRandom,
-  ClpShortenedDigest, ClpCertTestUtilities, ClpFusedKernelToggle, Int32Tests,
-  Int64Tests, IPAddressUtilitiesTests, PemReaderTests;
+  AlgorithmFinderTests, CryptoLibTestBase, SimdSelectSlotTests,
+  PkcsEncryptedPrivateKeyInfoTests, Pkcs12StoreTests, OpenSslReaderTests,
+  OpenSslWriterTests, X509CertGenTests, X509CertificatePairTests,
+  X509UtilitiesTests, ClpFixedSecureRandom, ClpShortenedDigest,
+  ClpCertTestUtilities, ClpFusedKernelToggle, Int32Tests, Int64Tests,
+  IPAddressUtilitiesTests, PemReaderTests;
 
 type
 

CryptoLib.Tests/src/Crypto/AlgorithmFinderTests.pas

@@ -0,0 +1,251 @@
+{ *********************************************************************************** }
+{ *                              CryptoLib Library                                  * }
+{ *                           Author - Ugochukwu Mmaduekwe                          * }
+{ *                 Github Repository <https://github.com/Xor-el>                   * }
+{ *                                                                                 * }
+{ *  Distributed under the MIT software license, see the accompanying file LICENSE  * }
+{ *          or visit http://www.opensource.org/licenses/mit-license.php.           * }
+{ *                                                                                 * }
+{ *                              Acknowledgements:                                  * }
+{ *                                                                                 * }
+{ *      Thanks to Sphere 10 Software (http://www.sphere10.com/) for sponsoring     * }
+{ *                         the development of this library                         * }
+{ * ******************************************************************************* * }
+
+(* &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&& *)
+
+unit AlgorithmFinderTests;
+
+interface
+
+{$IFDEF FPC}
+{$MODE DELPHI}
+{$ENDIF FPC}
+
+uses
+  SysUtils,
+{$IFDEF FPC}
+  fpcunit,
+  testregistry,
+{$ELSE}
+  TestFramework,
+{$ENDIF FPC}
+  ClpAsn1Objects,
+  ClpIAsn1Objects,
+  ClpIX509Asn1Objects,
+  ClpX509Asn1Objects,
+  ClpPkcsObjectIdentifiers,
+  ClpNistObjectIdentifiers,
+  ClpOiwObjectIdentifiers,
+  ClpEdECObjectIdentifiers,
+  ClpX9ObjectIdentifiers,
+  ClpPkcsRsaAsn1Objects,
+  ClpIPkcsRsaAsn1Objects,
+  ClpDefaultDigestAlgorithmFinder,
+  ClpIDigestAlgorithmFinder,
+  ClpDefaultMacAlgorithmFinder,
+  ClpIMacAlgorithmFinder,
+  ClpDefaultSignatureAlgorithmFinder,
+  ClpISignatureAlgorithmFinder,
+  ClpX509Utilities,
+  ClpCryptoLibTypes,
+  CryptoLibTestBase;
+
+type
+  TAlgorithmFinderTest = class(TCryptoLibAlgorithmTestCase)
+  published
+    procedure TestDigestFindByName;
+    procedure TestDigestFindBySignatureAlgorithm;
+    procedure TestDigestFindByOid;
+    procedure TestDigestFindPssDelegation;
+    procedure TestDigestFindUnknownName;
+    procedure TestDigestFindNilOid;
+    procedure TestMacFindKnown;
+    procedure TestMacFindUnknown;
+    procedure TestSignatureFindKnown;
+    procedure TestSignatureFindPss;
+    procedure TestSignatureFindEd25519;
+    procedure TestSignatureFindEcdsa;
+    procedure TestSignatureFindUnknown;
+  end;
+
+implementation
+
+{ TAlgorithmFinderTest }
+
+procedure TAlgorithmFinderTest.TestDigestFindByName;
+var
+  LDigestAlg: IAlgorithmIdentifier;
+begin
+  LDigestAlg := TDefaultDigestAlgorithmFinder.Instance.Find('SHA-256');
+  CheckNotNull(LDigestAlg, 'digest algorithm should not be nil');
+  CheckTrue(LDigestAlg.Algorithm.Equals(TNistObjectIdentifiers.IdSha256),
+    'SHA-256 digest OID mismatch');
+end;
+
+procedure TAlgorithmFinderTest.TestDigestFindBySignatureAlgorithm;
+var
+  LSignatureAlg, LDigestAlg: IAlgorithmIdentifier;
+begin
+  LSignatureAlg := TAlgorithmIdentifier.Create(TPkcsObjectIdentifiers.Sha256WithRsaEncryption,
+    TDerNull.Instance);
+  LDigestAlg := TDefaultDigestAlgorithmFinder.Instance.Find(LSignatureAlg);
+  CheckNotNull(LDigestAlg, 'digest algorithm should not be nil');
+  CheckTrue(LDigestAlg.Algorithm.Equals(TNistObjectIdentifiers.IdSha256),
+    'signature-to-digest OID mismatch');
+end;
+
+procedure TAlgorithmFinderTest.TestDigestFindByOid;
+var
+  LDigestAlg: IAlgorithmIdentifier;
+begin
+  LDigestAlg := TDefaultDigestAlgorithmFinder.Instance.Find(TNistObjectIdentifiers.IdSha384);
+  CheckNotNull(LDigestAlg, 'digest algorithm should not be nil');
+  CheckTrue(LDigestAlg.Algorithm.Equals(TNistObjectIdentifiers.IdSha384),
+    'digest OID mismatch');
+end;
+
+procedure TAlgorithmFinderTest.TestDigestFindPssDelegation;
+var
+  LHashAlgId, LSignatureAlg, LDigestAlg: IAlgorithmIdentifier;
+  LPssParams: IRsassaPssParameters;
+begin
+  LHashAlgId := TAlgorithmIdentifier.Create(TNistObjectIdentifiers.IdSha256, TDerNull.Instance);
+  LPssParams := TRsassaPssParameters.Create(LHashAlgId,
+    TAlgorithmIdentifier.Create(TPkcsObjectIdentifiers.IdMgf1, LHashAlgId) as IAlgorithmIdentifier,
+    TDerInteger.Create(32) as IDerInteger, TRsassaPssParameters.DefaultTrailerField);
+  LSignatureAlg := TAlgorithmIdentifier.Create(TPkcsObjectIdentifiers.IdRsassaPss, LPssParams);
+  LDigestAlg := TDefaultDigestAlgorithmFinder.Instance.Find(LSignatureAlg);
+  CheckNotNull(LDigestAlg, 'PSS digest algorithm should not be nil');
+  CheckTrue(LDigestAlg.Algorithm.Equals(TNistObjectIdentifiers.IdSha256),
+    'PSS digest OID mismatch');
+end;
+
+procedure TAlgorithmFinderTest.TestDigestFindUnknownName;
+var
+  LDigestAlg: IAlgorithmIdentifier;
+begin
+  LDigestAlg := TDefaultDigestAlgorithmFinder.Instance.Find('UNKNOWN-DIGEST-NAME');
+  CheckNull(LDigestAlg, 'unknown digest name should return nil');
+end;
+
+procedure TAlgorithmFinderTest.TestDigestFindNilOid;
+var
+  LNilOid: IDerObjectIdentifier;
+begin
+  LNilOid := nil;
+  try
+    TDefaultDigestAlgorithmFinder.Instance.Find(LNilOid);
+    Fail('expected EArgumentNilCryptoLibException');
+  except
+    on E: EArgumentNilCryptoLibException do
+      CheckEquals('digestOid', E.Message);
+  end;
+end;
+
+procedure TAlgorithmFinderTest.TestMacFindKnown;
+var
+  LMacAlg: IAlgorithmIdentifier;
+begin
+  LMacAlg := TDefaultMacAlgorithmFinder.Instance.Find('HMACSHA256');
+  CheckNotNull(LMacAlg, 'HMACSHA256 should not be nil');
+  CheckTrue(LMacAlg.Algorithm.Equals(TPkcsObjectIdentifiers.IdHmacWithSha256),
+    'HMACSHA256 OID mismatch');
+  CheckTrue(LMacAlg.Parameters.Equals(TDerNull.Instance), 'HMACSHA256 params should be NULL');
+
+  LMacAlg := TDefaultMacAlgorithmFinder.Instance.Find('HMACSHA1');
+  CheckNotNull(LMacAlg, 'HMACSHA1 should not be nil');
+  CheckTrue(LMacAlg.Algorithm.Equals(TOiwObjectIdentifiers.IdSha1),
+    'HMACSHA1 OID mismatch');
+  CheckTrue(TX509Utilities.IsAbsentParameters(LMacAlg.Parameters),
+    'HMACSHA1 params should be absent');
+
+  LMacAlg := TDefaultMacAlgorithmFinder.Instance.Find('HMACSHA3-512');
+  CheckNotNull(LMacAlg, 'HMACSHA3-512 should not be nil');
+  CheckTrue(LMacAlg.Algorithm.Equals(TNistObjectIdentifiers.IdHMacWithSha3_512),
+    'HMACSHA3-512 OID mismatch');
+  CheckTrue(TX509Utilities.IsAbsentParameters(LMacAlg.Parameters),
+    'HMACSHA3-512 params should be absent');
+end;
+
+procedure TAlgorithmFinderTest.TestMacFindUnknown;
+var
+  LMacAlg: IAlgorithmIdentifier;
+begin
+  LMacAlg := TDefaultMacAlgorithmFinder.Instance.Find('HMACUNKNOWN');
+  CheckNull(LMacAlg, 'unknown MAC name should return nil');
+end;
+
+procedure TAlgorithmFinderTest.TestSignatureFindKnown;
+var
+  LSignatureAlg: IAlgorithmIdentifier;
+begin
+  LSignatureAlg := TDefaultSignatureAlgorithmFinder.Instance.Find('SHA256WITHRSA');
+  CheckNotNull(LSignatureAlg, 'SHA256WITHRSA should not be nil');
+  CheckTrue(LSignatureAlg.Algorithm.Equals(TPkcsObjectIdentifiers.Sha256WithRsaEncryption),
+    'SHA256WITHRSA OID mismatch');
+  CheckTrue(LSignatureAlg.Parameters.Equals(TDerNull.Instance),
+    'SHA256WITHRSA params should be NULL');
+end;
+
+procedure TAlgorithmFinderTest.TestSignatureFindPss;
+var
+  LSignatureAlg: IAlgorithmIdentifier;
+  LPssParams: IRsassaPssParameters;
+begin
+  LSignatureAlg := TDefaultSignatureAlgorithmFinder.Instance.Find('SHA256WITHRSAANDMGF1');
+  CheckNotNull(LSignatureAlg, 'SHA256WITHRSAANDMGF1 should not be nil');
+  CheckTrue(LSignatureAlg.Algorithm.Equals(TPkcsObjectIdentifiers.IdRsassaPss),
+    'SHA256WITHRSAANDMGF1 OID mismatch');
+  LPssParams := TRsassaPssParameters.GetInstance(LSignatureAlg.Parameters);
+  CheckNotNull(LPssParams, 'PSS parameters should not be nil');
+  CheckTrue(LPssParams.HashAlgorithm.Algorithm.Equals(TNistObjectIdentifiers.IdSha256),
+    'PSS hash algorithm mismatch');
+  CheckEquals(32, LPssParams.SaltLength.IntValueExact, 'PSS salt length mismatch');
+end;
+
+procedure TAlgorithmFinderTest.TestSignatureFindEd25519;
+var
+  LSignatureAlg: IAlgorithmIdentifier;
+begin
+  LSignatureAlg := TDefaultSignatureAlgorithmFinder.Instance.Find('Ed25519');
+  CheckNotNull(LSignatureAlg, 'Ed25519 should not be nil');
+  CheckTrue(LSignatureAlg.Algorithm.Equals(TEdECObjectIdentifiers.IdEd25519),
+    'Ed25519 OID mismatch');
+  CheckTrue(TX509Utilities.IsAbsentParameters(LSignatureAlg.Parameters),
+    'Ed25519 params should be absent');
+end;
+
+procedure TAlgorithmFinderTest.TestSignatureFindEcdsa;
+var
+  LSignatureAlg: IAlgorithmIdentifier;
+begin
+  LSignatureAlg := TDefaultSignatureAlgorithmFinder.Instance.Find('SHA256WITHECDSA');
+  CheckNotNull(LSignatureAlg, 'SHA256WITHECDSA should not be nil');
+  CheckTrue(LSignatureAlg.Algorithm.Equals(TX9ObjectIdentifiers.ECDsaWithSha256),
+    'SHA256WITHECDSA OID mismatch');
+  CheckTrue(TX509Utilities.IsAbsentParameters(LSignatureAlg.Parameters),
+    'SHA256WITHECDSA params should be absent');
+end;
+
+procedure TAlgorithmFinderTest.TestSignatureFindUnknown;
+begin
+  try
+    TDefaultSignatureAlgorithmFinder.Instance.Find('UNKNOWN-SIGNATURE-NAME');
+    Fail('expected EArgumentCryptoLibException');
+  except
+    on E: EArgumentCryptoLibException do
+      CheckTrue(Pos('Unknown signature name:', E.Message) > 0,
+        'Wrong exception message: ' + E.Message);
+  end;
+end;
+
+initialization
+
+{$IFDEF FPC}
+  RegisterTest(TAlgorithmFinderTest);
+{$ELSE}
+  RegisterTest(TAlgorithmFinderTest.Suite);
+{$ENDIF FPC}
+
+end.