Update web-platform-tests to revision 8a2ceb5f18911302b7a5c1cd2791f4ab50ad4326

2025-08-19 12:25:33 +01:00 · 2017-10-12 09:25:50 -04:00 · 2017-10-12 09:25:50 -04:00 · 1f531f66ea
commit 1f531f66ea
parent 462c272380
5377 changed files with 174916 additions and 84369 deletions
--- a/tests/wpt/web-platform-tests/subresource-integrity/tools/ed25519.py
+++ b/tests/wpt/web-platform-tests/subresource-integrity/tools/ed25519.py
@ -0,0 +1,109 @@
+# The original version of this file was downloaded from
+# http://ed25519.cr.yp.to/software.html, and came with the following copyright
+# statement:
+# The Ed25519 software is in the public domain.
+
+import hashlib
+
+b = 256
+q = 2**255 - 19
+l = 2**252 + 27742317777372353535851937790883648493
+
+def H(m):
+  return hashlib.sha512(m).digest()
+
+def expmod(b,e,m):
+  if e == 0: return 1
+  t = expmod(b,e/2,m)**2 % m
+  if e & 1: t = (t*b) % m
+  return t
+
+def inv(x):
+  return expmod(x,q-2,q)
+
+d = -121665 * inv(121666)
+I = expmod(2,(q-1)/4,q)
+
+def xrecover(y):
+  xx = (y*y-1) * inv(d*y*y+1)
+  x = expmod(xx,(q+3)/8,q)
+  if (x*x - xx) % q != 0: x = (x*I) % q
+  if x % 2 != 0: x = q-x
+  return x
+
+By = 4 * inv(5)
+Bx = xrecover(By)
+B = [Bx % q,By % q]
+
+def edwards(P,Q):
+  x1 = P[0]
+  y1 = P[1]
+  x2 = Q[0]
+  y2 = Q[1]
+  x3 = (x1*y2+x2*y1) * inv(1+d*x1*x2*y1*y2)
+  y3 = (y1*y2+x1*x2) * inv(1-d*x1*x2*y1*y2)
+  return [x3 % q,y3 % q]
+
+def scalarmult(P,e):
+  if e == 0: return [0,1]
+  Q = scalarmult(P,e/2)
+  Q = edwards(Q,Q)
+  if e & 1: Q = edwards(Q,P)
+  return Q
+
+def encodeint(y):
+  bits = [(y >> i) & 1 for i in range(b)]
+  return ''.join([chr(sum([bits[i * 8 + j] << j for j in range(8)])) for i in range(b/8)])
+
+def encodepoint(P):
+  x = P[0]
+  y = P[1]
+  bits = [(y >> i) & 1 for i in range(b - 1)] + [x & 1]
+  return ''.join([chr(sum([bits[i * 8 + j] << j for j in range(8)])) for i in range(b/8)])
+
+def bit(h,i):
+  return (ord(h[i/8]) >> (i%8)) & 1
+
+def publickey(sk):
+  h = H(sk)
+  a = 2**(b-2) + sum(2**i * bit(h,i) for i in range(3,b-2))
+  A = scalarmult(B,a)
+  return encodepoint(A)
+
+def Hint(m):
+  h = H(m)
+  return sum(2**i * bit(h,i) for i in range(2*b))
+
+def signature(m,sk,pk):
+  h = H(sk)
+  a = 2**(b-2) + sum(2**i * bit(h,i) for i in range(3,b-2))
+  r = Hint(''.join([h[i] for i in range(b/8,b/4)]) + m)
+  R = scalarmult(B,r)
+  S = (r + Hint(encodepoint(R) + pk + m) * a) % l
+  return encodepoint(R) + encodeint(S)
+
+def isoncurve(P):
+  x = P[0]
+  y = P[1]
+  return (-x*x + y*y - 1 - d*x*x*y*y) % q == 0
+
+def decodeint(s):
+  return sum(2**i * bit(s,i) for i in range(0,b))
+
+def decodepoint(s):
+  y = sum(2**i * bit(s,i) for i in range(0,b-1))
+  x = xrecover(y)
+  if x & 1 != bit(s,b-1): x = q-x
+  P = [x,y]
+  if not isoncurve(P): raise Exception("decoding point that is not on curve")
+  return P
+
+def checkvalid(s,m,pk):
+  if len(s) != b/4: raise Exception("signature length is wrong")
+  if len(pk) != b/8: raise Exception("public-key length is wrong")
+  R = decodepoint(s[0:b/8])
+  A = decodepoint(pk)
+  S = decodeint(s[b/8:b/4])
+  h = Hint(encodepoint(R) + pk + m)
+  if scalarmult(B,S) != edwards(R,scalarmult(A,h)):
+    raise Exception("signature does not pass verification")
--- a/tests/wpt/web-platform-tests/subresource-integrity/tools/list_hashes.py
+++ b/tests/wpt/web-platform-tests/subresource-integrity/tools/list_hashes.py
@ -1,6 +1,8 @@
 from os import path, listdir
 from hashlib import sha512, sha384, sha256, md5
 from base64 import b64encode
+from random import randint
+import ed25519
 import re

 DIR = path.normpath(path.join(__file__, "..", ".."))
@ -37,6 +39,21 @@ Generate an encoded sha256 URI.
 def sha256_uri(content):
  return "sha256-%s" % format_digest(sha256(content).digest())

+'''
+Generate an encoded ed25519 signature.
+'''
+def ed25519_signature(private_public_key, content):
+  signature = ed25519.signature(content, *private_public_key)
+  return "ed25519-%s" % format_digest(signature)
+
+'''
+Generate private + public key pair for ed25519 signatures.
+'''
+def ed25519_key_pair():
+  secret_key = ''.join(chr(randint(0, 255)) for _ in range(0,32))
+  public_key = ed25519.publickey(secret_key)
+  return (secret_key, public_key)
+
 '''
 Generate an encoded md5 digest URI.
 '''
@ -44,14 +61,17 @@ def md5_uri(content):
  return "md5-%s" % format_digest(md5(content).digest())

 def main():
+  ed25519_key = ed25519_key_pair()
  for file in js_and_css_files():
    print "Listing hash values for %s" % file
    with open(file, "r") as content_file:
      content = content_file.read()
-      print "\tSHA512 integrity: %s" % sha512_uri(content)
-      print "\tSHA384 integrity: %s" % sha384_uri(content)
-      print "\tSHA256 integrity: %s" % sha256_uri(content)
-      print "\tMD5 integrity:    %s" % md5_uri(content)
+      print "\tSHA512 integrity:  %s" % sha512_uri(content)
+      print "\tSHA384 integrity:  %s" % sha384_uri(content)
+      print "\tSHA256 integrity:  %s" % sha256_uri(content)
+      print "\tMD5 integrity:     %s" % md5_uri(content)
+      print "\tEd25519 integrity: %s" % ed25519_signature(ed25519_key, content)
+  print "\nEd25519 public key (used above): %s" % format_digest(ed25519_key[1])

 if __name__ == "__main__":
  main()