port NAC to security v2
This commit is based on Lei Pi's commit, which changed certificate version from v1 to v2.
The later changes fix some bugs and refactor algo part of the library to get rid of cryptopp.
Change-Id: I3be7e0341fe85ee69f1b5f1c3ed7421a6c61d0b5
diff --git a/tests/unit-tests/algo/aes.t.cpp b/tests/unit-tests/algo/aes.t.cpp
index 740855e..a2bf151 100644
--- a/tests/unit-tests/algo/aes.t.cpp
+++ b/tests/unit-tests/algo/aes.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2014-2015, Regents of the University of California
+ * Copyright (c) 2014-2018, Regents of the University of California
*
* This file is part of ndn-group-encrypt (Group-based Encryption Protocol for NDN).
* See AUTHORS.md for complete list of ndn-group-encrypt authors and contributors.
@@ -27,65 +27,64 @@
namespace algo {
namespace tests {
-const uint8_t key[] = {
- 0xdd, 0x60, 0x77, 0xec, 0xa9, 0x6b, 0x23, 0x1b,
- 0x40, 0x6b, 0x5a, 0xf8, 0x7d, 0x3d, 0x55, 0x32
-};
+const uint8_t key[] = {0xdd, 0x60, 0x77, 0xec, 0xa9, 0x6b, 0x23, 0x1b,
+ 0x40, 0x6b, 0x5a, 0xf8, 0x7d, 0x3d, 0x55, 0x32};
-const uint8_t plaintext[] = { // plaintext: AES-Encrypt-Test
- 0x41, 0x45, 0x53, 0x2d, 0x45, 0x6e, 0x63, 0x72,
- 0x79, 0x70, 0x74, 0x2d, 0x54, 0x65, 0x73, 0x74
-};
+// plaintext: AES-Encrypt-Test
+const uint8_t plaintext[] = { 0x41, 0x45, 0x53, 0x2d, 0x45, 0x6e, 0x63, 0x72,
+ 0x79, 0x70, 0x74, 0x2d, 0x54, 0x65, 0x73, 0x74};
-const uint8_t ciphertext_ecb[] = {
- 0xcb, 0xe5, 0x6a, 0x80, 0x41, 0x24, 0x58, 0x23,
- 0x84, 0x14, 0x15, 0x61, 0x80, 0xb9, 0x5e, 0xbd,
- 0xce, 0x32, 0xb4, 0xbe, 0xbc, 0x91, 0x31, 0xd6,
- 0x19, 0x00, 0x80, 0x8b, 0xfa, 0x00, 0x05, 0x9c
-};
+// const uint8_t ciphertext_ecb[] = {0xcb, 0xe5, 0x6a, 0x80, 0x41, 0x24, 0x58, 0x23, 0x84, 0x14, 0x15,
+// 0x61, 0x80, 0xb9, 0x5e, 0xbd, 0xce, 0x32, 0xb4, 0xbe, 0xbc, 0x91,
+// 0x31, 0xd6, 0x19, 0x00, 0x80, 0x8b, 0xfa, 0x00, 0x05, 0x9c};
-const uint8_t initvector[] = {
- 0x6f, 0x53, 0x7a, 0x65, 0x58, 0x6c, 0x65, 0x75,
- 0x44, 0x4c, 0x77, 0x35, 0x58, 0x63, 0x78, 0x6e
-};
+const uint8_t initvector[] = {0x6f, 0x53, 0x7a, 0x65, 0x58, 0x6c, 0x65, 0x75,
+ 0x44, 0x4c, 0x77, 0x35, 0x58, 0x63, 0x78, 0x6e};
-const uint8_t ciphertext_cbc_iv[] = {
- 0xb7, 0x19, 0x5a, 0xbb, 0x23, 0xbf, 0x92, 0xb0,
- 0x95, 0xae, 0x74, 0xe9, 0xad, 0x72, 0x7c, 0x28,
- 0x6e, 0xc6, 0x73, 0xb5, 0x0b, 0x1a, 0x9e, 0xb9,
- 0x4d, 0xc5, 0xbd, 0x8b, 0x47, 0x1f, 0x43, 0x00
-};
+const uint8_t ciphertext_cbc_iv[] = {0xb7, 0x19, 0x5a, 0xbb, 0x23, 0xbf, 0x92, 0xb0,
+ 0x95, 0xae, 0x74, 0xe9, 0xad, 0x72, 0x7c, 0x28,
+ 0x6e, 0xc6, 0x73, 0xb5, 0x0b, 0x1a, 0x9e, 0xb9,
+ 0x4d, 0xc5, 0xbd, 0x8b, 0x47, 0x1f, 0x43, 0x00};
BOOST_AUTO_TEST_SUITE(TestAesAlgorithm)
BOOST_AUTO_TEST_CASE(EncryptionDecryption)
{
- RandomNumberGenerator rng;
AesKeyParams params;
-
EncryptParams eparams(tlv::AlgorithmAesEcb, 16);
DecryptKey<Aes> decryptKey(Buffer(key, sizeof(key)));
EncryptKey<Aes> encryptKey = Aes::deriveEncryptKey(decryptKey.getKeyBits());
// check if loading key and key derivation
- BOOST_CHECK_EQUAL_COLLECTIONS(encryptKey.getKeyBits().begin(), encryptKey.getKeyBits().end(), key, key + sizeof(key));
- BOOST_CHECK_EQUAL_COLLECTIONS(decryptKey.getKeyBits().begin(), decryptKey.getKeyBits().end(), key, key + sizeof(key));
+ BOOST_CHECK_EQUAL_COLLECTIONS(encryptKey.getKeyBits().begin(),
+ encryptKey.getKeyBits().end(),
+ key, key + sizeof(key));
+ BOOST_CHECK_EQUAL_COLLECTIONS(decryptKey.getKeyBits().begin(),
+ decryptKey.getKeyBits().end(),
+ key, key + sizeof(key));
- // encrypt data in AES_ECB
- Buffer cipherBuf = Aes::encrypt(key, sizeof(key), plaintext, sizeof(plaintext), eparams);
- BOOST_CHECK_EQUAL_COLLECTIONS(cipherBuf.begin(), cipherBuf.end(),
- ciphertext_ecb, ciphertext_ecb + sizeof(ciphertext_ecb));
+ // Comment out the test of AES_ECB because NAC no longer supports CBC.
+ // Compared with ECB, CBC is more secure.
- // decrypt data in AES_ECB
- Buffer recvBuf = Aes::decrypt(key, sizeof(key), cipherBuf.buf(), cipherBuf.size(), eparams);
- BOOST_CHECK_EQUAL_COLLECTIONS(recvBuf.begin(), recvBuf.end(),
- plaintext, plaintext + sizeof(plaintext));
+ // // encrypt data in AES_ECB
+ // Buffer cipherBuf = Aes::encrypt(key, sizeof(key), plaintext, sizeof(plaintext), eparams);
+ // BOOST_CHECK_EQUAL_COLLECTIONS(cipherBuf.begin(),
+ // cipherBuf.end(),
+ // ciphertext_ecb,
+ // ciphertext_ecb + sizeof(ciphertext_ecb));
+
+ // // decrypt data in AES_ECB
+ // Buffer recvBuf = Aes::decrypt(key, sizeof(key), cipherBuf.data(), cipherBuf.size(), eparams);
+ // BOOST_CHECK_EQUAL_COLLECTIONS(recvBuf.begin(),
+ // recvBuf.end(),
+ // plaintext,
+ // plaintext + sizeof(plaintext));
// encrypt/decrypt data in AES_CBC with auto-generated IV
eparams.setAlgorithmType(tlv::AlgorithmAesCbc);
- cipherBuf = Aes::encrypt(key, sizeof(key), plaintext, sizeof(plaintext), eparams);
- recvBuf = Aes::decrypt(key, sizeof(key), cipherBuf.buf(), cipherBuf.size(), eparams);
+ Buffer cipherBuf = Aes::encrypt(key, sizeof(key), plaintext, sizeof(plaintext), eparams);
+ Buffer recvBuf = Aes::decrypt(key, sizeof(key), cipherBuf.data(), cipherBuf.size(), eparams);
BOOST_CHECK_EQUAL_COLLECTIONS(recvBuf.begin(), recvBuf.end(),
plaintext, plaintext + sizeof(plaintext));
@@ -96,7 +95,7 @@
ciphertext_cbc_iv, ciphertext_cbc_iv + sizeof(ciphertext_cbc_iv));
// decrypt data in AES_CBC with specified IV
- recvBuf = Aes::decrypt(key, sizeof(key), cipherBuf.buf(), cipherBuf.size(), eparams);
+ recvBuf = Aes::decrypt(key, sizeof(key), cipherBuf.data(), cipherBuf.size(), eparams);
BOOST_CHECK_EQUAL_COLLECTIONS(recvBuf.begin(), recvBuf.end(),
plaintext, plaintext + sizeof(plaintext));
}
diff --git a/tests/unit-tests/algo/encryptor.t.cpp b/tests/unit-tests/algo/encryptor.t.cpp
index d6c0451..59a3d5b 100644
--- a/tests/unit-tests/algo/encryptor.t.cpp
+++ b/tests/unit-tests/algo/encryptor.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2014-2015, Regents of the University of California
+ * Copyright (c) 2014-2018, Regents of the University of California
*
* This file is part of ndn-group-encrypt (Group-based Encryption Protocol for NDN).
* See AUTHORS.md for complete list of ndn-group-encrypt authors and contributors.
@@ -17,14 +17,13 @@
* ndn-group-encrypt, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
*/
-#include "random-number-generator.hpp"
-#include "encrypted-content.hpp"
#include "algo/encryptor.hpp"
-#include "algo/rsa.hpp"
+#include "encrypted-content.hpp"
#include "algo/aes.hpp"
+#include "algo/rsa.hpp"
-#include <boost/mpl/list.hpp>
#include "boost-test.hpp"
+#include <boost/mpl/list.hpp>
#include <algorithm>
namespace ndn {
@@ -34,51 +33,6 @@
BOOST_AUTO_TEST_SUITE(TestEncryptor)
-class TestDataAesEcb
-{
-public:
- TestDataAesEcb()
- : keyName("/test")
- , encryptParams(tlv::AlgorithmAesEcb)
- {
- const uint8_t raw_content[] = {
- 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
- 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
- 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x73
- };
- plainText = Buffer(raw_content, sizeof(raw_content));
-
- const uint8_t aes_key[] = {
- 0xdd, 0x60, 0x77, 0xec, 0xa9, 0x6b, 0x23, 0x1b,
- 0x40, 0x6b, 0x5a, 0xf8, 0x7d, 0x3d, 0x55, 0x32
- };
- key = Buffer(aes_key, sizeof(aes_key));
-
- const uint8_t encrypted_content[] = {
- 0x15, 0x31,
- 0x82, 0x2f,
- 0x1c, 0x08,
- 0x07, 0x06,
- 0x08, 0x04, 0x74, 0x65, 0x73, 0x74,
- 0x83, 0x01,
- 0x00,
- 0x84, 0x20,
- 0x13, 0x80, 0x1a, 0xc0, 0x4c, 0x75, 0xa7, 0x7f,
- 0x43, 0x5e, 0xd7, 0xa6, 0x3f, 0xd3, 0x68, 0x94,
- 0xe2, 0xcf, 0x54, 0xb1, 0xc2, 0xce, 0xad, 0x9b,
- 0x56, 0x6e, 0x1c, 0xe6, 0x55, 0x1d, 0x79, 0x04
- };
- encryptedContent = Buffer(encrypted_content, sizeof(encrypted_content));
- }
-
-public:
- Buffer plainText;
- Buffer key;
- Name keyName;
- EncryptParams encryptParams;
- Buffer encryptedContent;
-};
-
class TestDataAesCbc
{
public:
@@ -134,29 +88,39 @@
Buffer encryptedContent;
};
-typedef boost::mpl::list<TestDataAesCbc,
- TestDataAesEcb> EncryptorAesTestInputs;
+typedef boost::mpl::list<TestDataAesCbc> EncryptorAesTestInputs;
BOOST_AUTO_TEST_CASE_TEMPLATE(ContentSymmetricEncrypt, T, EncryptorAesTestInputs)
{
T input;
Data data;
- encryptData(data, input.plainText.buf(), input.plainText.size(),
- input.keyName, input.key.buf(), input.key.size(), input.encryptParams);
+ encryptData(data,
+ input.plainText.data(),
+ input.plainText.size(),
+ input.keyName,
+ input.key.data(),
+ input.key.size(),
+ input.encryptParams);
BOOST_CHECK_EQUAL(data.getName(), Name("/FOR").append(input.keyName));
- BOOST_CHECK_EQUAL_COLLECTIONS(input.encryptedContent.begin(), input.encryptedContent.end(),
- data.getContent().wire(), data.getContent().wire() + data.getContent().size());
+ BOOST_CHECK_EQUAL_COLLECTIONS(input.encryptedContent.begin(),
+ input.encryptedContent.end(),
+ data.getContent().wire(),
+ data.getContent().wire() + data.getContent().size());
EncryptedContent content(data.getContent().blockFromValue());
- const Buffer& decryptedOutput = Aes::decrypt(input.key.buf(), input.key.size(),
- content.getPayload().buf(), content.getPayload().size(),
+ const Buffer& decryptedOutput = Aes::decrypt(input.key.data(),
+ input.key.size(),
+ content.getPayload().data(),
+ content.getPayload().size(),
input.encryptParams);
- BOOST_CHECK_EQUAL_COLLECTIONS(input.plainText.begin(), input.plainText.end(),
- decryptedOutput.begin(), decryptedOutput.end());
+ BOOST_CHECK_EQUAL_COLLECTIONS(input.plainText.begin(),
+ input.plainText.end(),
+ decryptedOutput.begin(),
+ decryptedOutput.end());
}
class TestDataRsaOaep
@@ -166,6 +130,7 @@
: type(tlv::AlgorithmRsaOaep)
{
}
+
public:
tlv::AlgorithmTypeValue type;
};
@@ -177,30 +142,27 @@
: type(tlv::AlgorithmRsaPkcs)
{
}
+
public:
tlv::AlgorithmTypeValue type;
};
-typedef boost::mpl::list<TestDataRsaOaep,
- TestDataRsaPkcs> EncryptorRsaTestInputs;
+typedef boost::mpl::list<TestDataRsaOaep, TestDataRsaPkcs> EncryptorRsaTestInputs;
BOOST_AUTO_TEST_CASE_TEMPLATE(ContentAsymmetricEncryptSmall, T, EncryptorRsaTestInputs)
{
T type;
- const uint8_t raw_content[] = {
- 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
- 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
- 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x73
- };
+ const uint8_t raw_content[] = {0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
+ 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
+ 0x63, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x73};
Data data;
- RandomNumberGenerator rng;
RsaKeyParams rsaParams(1024);
Name keyName("test");
- DecryptKey<Rsa> decryptKey = Rsa::generateKey(rng, rsaParams);
+ DecryptKey<Rsa> decryptKey = Rsa::generateKey(rsaParams);
EncryptKey<Rsa> encryptKey = Rsa::deriveEncryptKey(decryptKey.getKeyBits());
Buffer eKey = encryptKey.getKeyBits();
@@ -208,8 +170,7 @@
EncryptParams encryptParams(type.type);
- encryptData(data, raw_content, sizeof(raw_content),
- keyName, eKey.buf(), eKey.size(), encryptParams);
+ encryptData(data, raw_content, sizeof(raw_content), keyName, eKey.data(), eKey.size(), encryptParams);
BOOST_CHECK_EQUAL(data.getName(), Name("/FOR").append(keyName));
@@ -223,69 +184,53 @@
BOOST_CHECK_EQUAL(extractContent.getAlgorithmType(), type.type);
const Buffer& recovered = extractContent.getPayload();
- Buffer decrypted = Rsa::decrypt(dKey.buf(), dKey.size(), recovered.buf(), recovered.size(), encryptParams);
- BOOST_CHECK_EQUAL_COLLECTIONS(raw_content, raw_content + sizeof(raw_content),
- decrypted.begin(), decrypted.end());
+ Buffer decrypted =
+ Rsa::decrypt(dKey.data(), dKey.size(), recovered.data(), recovered.size());
+ BOOST_CHECK_EQUAL_COLLECTIONS(raw_content,
+ raw_content + sizeof(raw_content),
+ decrypted.begin(),
+ decrypted.end());
}
BOOST_AUTO_TEST_CASE_TEMPLATE(ContentAsymmetricEncryptLarge, T, EncryptorRsaTestInputs)
{
T type;
- const uint8_t large_content[] = {
- 0x73, 0x5a, 0xbd, 0x47, 0x0c, 0xfe, 0xf8, 0x7d,
- 0x2e, 0x17, 0xaa, 0x11, 0x6f, 0x23, 0xc5, 0x10,
- 0x23, 0x36, 0x88, 0xc4, 0x2a, 0x0f, 0x9a, 0x72,
- 0x54, 0x31, 0xa8, 0xb3, 0x51, 0x18, 0x9f, 0x0e,
- 0x1b, 0x93, 0x62, 0xd9, 0xc4, 0xf5, 0xf4, 0x3d,
- 0x61, 0x9a, 0xca, 0x05, 0x65, 0x6b, 0xc6, 0x41,
- 0xf9, 0xd5, 0x1c, 0x67, 0xc1, 0xd0, 0xd5, 0x6f,
- 0x7b, 0x70, 0xb8, 0x8f, 0xdb, 0x19, 0x68, 0x7c,
- 0xe0, 0x2d, 0x04, 0x49, 0xa9, 0xa2, 0x77, 0x4e,
- 0xfc, 0x60, 0x0d, 0x7c, 0x1b, 0x93, 0x6c, 0xd2,
- 0x61, 0xc4, 0x6b, 0x01, 0xe9, 0x12, 0x28, 0x6d,
- 0xf5, 0x78, 0xe9, 0x99, 0x0b, 0x9c, 0x4f, 0x90,
- 0x34, 0x3e, 0x06, 0x92, 0x57, 0xe3, 0x7a, 0x8f,
- 0x13, 0xc7, 0xf3, 0xfe, 0xf0, 0xe2, 0x59, 0x48,
- 0x15, 0xb9, 0xdb, 0x77, 0x07, 0x1d, 0x6d, 0xb5,
- 0x65, 0x17, 0xdf, 0x76, 0x6f, 0xb5, 0x43, 0xde,
- 0x71, 0xac, 0xf1, 0x22, 0xbf, 0xb2, 0xe5, 0xd9,
- 0x22, 0xf1, 0x67, 0x76, 0x71, 0x0c, 0xff, 0x99,
- 0x7b, 0x94, 0x9b, 0x24, 0x20, 0x80, 0xe3, 0xcc,
- 0x06, 0x4a, 0xed, 0xdf, 0xec, 0x50, 0xd5, 0x87,
- 0x3d, 0xa0, 0x7d, 0x9c, 0xe5, 0x13, 0x10, 0x98,
- 0x14, 0xc3, 0x90, 0x10, 0xd9, 0x25, 0x9a, 0x59,
- 0xe9, 0x37, 0x26, 0xfd, 0x87, 0xd7, 0xf4, 0xf9,
- 0x11, 0x91, 0xad, 0x5c, 0x00, 0x95, 0xf5, 0x2b,
- 0x37, 0xf7, 0x4e, 0xb4, 0x4b, 0x42, 0x7c, 0xb3,
- 0xad, 0xd6, 0x33, 0x5f, 0x0b, 0x84, 0x57, 0x7f,
- 0xa7, 0x07, 0x73, 0x37, 0x4b, 0xab, 0x2e, 0xfb,
- 0xfe, 0x1e, 0xcb, 0xb6, 0x4a, 0xc1, 0x21, 0x5f,
- 0xec, 0x92, 0xb7, 0xac, 0x97, 0x75, 0x20, 0xc9,
- 0xd8, 0x9e, 0x93, 0xd5, 0x12, 0x7a, 0x64, 0xb9,
- 0x4c, 0xed, 0x49, 0x87, 0x44, 0x5b, 0x4f, 0x90,
- 0x34, 0x3e, 0x06, 0x92, 0x57, 0xe3, 0x7a, 0x8f,
- 0x13, 0xc7, 0xf3, 0xfe, 0xf0, 0xe2, 0x59, 0x48,
- 0x15, 0xb9, 0xdb, 0x77, 0x07, 0x1d, 0x6d, 0xb5,
- 0x65, 0x17, 0xdf, 0x76, 0x6f, 0xb5, 0x43, 0xde,
- 0x71, 0xac, 0xf1, 0x22, 0xbf, 0xb2, 0xe5, 0xd9
- };
+ const uint8_t large_content[] =
+ {0x73, 0x5a, 0xbd, 0x47, 0x0c, 0xfe, 0xf8, 0x7d, 0x2e, 0x17, 0xaa, 0x11, 0x6f, 0x23, 0xc5,
+ 0x10, 0x23, 0x36, 0x88, 0xc4, 0x2a, 0x0f, 0x9a, 0x72, 0x54, 0x31, 0xa8, 0xb3, 0x51, 0x18,
+ 0x9f, 0x0e, 0x1b, 0x93, 0x62, 0xd9, 0xc4, 0xf5, 0xf4, 0x3d, 0x61, 0x9a, 0xca, 0x05, 0x65,
+ 0x6b, 0xc6, 0x41, 0xf9, 0xd5, 0x1c, 0x67, 0xc1, 0xd0, 0xd5, 0x6f, 0x7b, 0x70, 0xb8, 0x8f,
+ 0xdb, 0x19, 0x68, 0x7c, 0xe0, 0x2d, 0x04, 0x49, 0xa9, 0xa2, 0x77, 0x4e, 0xfc, 0x60, 0x0d,
+ 0x7c, 0x1b, 0x93, 0x6c, 0xd2, 0x61, 0xc4, 0x6b, 0x01, 0xe9, 0x12, 0x28, 0x6d, 0xf5, 0x78,
+ 0xe9, 0x99, 0x0b, 0x9c, 0x4f, 0x90, 0x34, 0x3e, 0x06, 0x92, 0x57, 0xe3, 0x7a, 0x8f, 0x13,
+ 0xc7, 0xf3, 0xfe, 0xf0, 0xe2, 0x59, 0x48, 0x15, 0xb9, 0xdb, 0x77, 0x07, 0x1d, 0x6d, 0xb5,
+ 0x65, 0x17, 0xdf, 0x76, 0x6f, 0xb5, 0x43, 0xde, 0x71, 0xac, 0xf1, 0x22, 0xbf, 0xb2, 0xe5,
+ 0xd9, 0x22, 0xf1, 0x67, 0x76, 0x71, 0x0c, 0xff, 0x99, 0x7b, 0x94, 0x9b, 0x24, 0x20, 0x80,
+ 0xe3, 0xcc, 0x06, 0x4a, 0xed, 0xdf, 0xec, 0x50, 0xd5, 0x87, 0x3d, 0xa0, 0x7d, 0x9c, 0xe5,
+ 0x13, 0x10, 0x98, 0x14, 0xc3, 0x90, 0x10, 0xd9, 0x25, 0x9a, 0x59, 0xe9, 0x37, 0x26, 0xfd,
+ 0x87, 0xd7, 0xf4, 0xf9, 0x11, 0x91, 0xad, 0x5c, 0x00, 0x95, 0xf5, 0x2b, 0x37, 0xf7, 0x4e,
+ 0xb4, 0x4b, 0x42, 0x7c, 0xb3, 0xad, 0xd6, 0x33, 0x5f, 0x0b, 0x84, 0x57, 0x7f, 0xa7, 0x07,
+ 0x73, 0x37, 0x4b, 0xab, 0x2e, 0xfb, 0xfe, 0x1e, 0xcb, 0xb6, 0x4a, 0xc1, 0x21, 0x5f, 0xec,
+ 0x92, 0xb7, 0xac, 0x97, 0x75, 0x20, 0xc9, 0xd8, 0x9e, 0x93, 0xd5, 0x12, 0x7a, 0x64, 0xb9,
+ 0x4c, 0xed, 0x49, 0x87, 0x44, 0x5b, 0x4f, 0x90, 0x34, 0x3e, 0x06, 0x92, 0x57, 0xe3, 0x7a,
+ 0x8f, 0x13, 0xc7, 0xf3, 0xfe, 0xf0, 0xe2, 0x59, 0x48, 0x15, 0xb9, 0xdb, 0x77, 0x07, 0x1d,
+ 0x6d, 0xb5, 0x65, 0x17, 0xdf, 0x76, 0x6f, 0xb5, 0x43, 0xde, 0x71, 0xac, 0xf1, 0x22, 0xbf,
+ 0xb2, 0xe5, 0xd9};
Data data;
- RandomNumberGenerator rng;
RsaKeyParams rsaParams(1024);
Name keyName("test");
- DecryptKey<Rsa> decryptKey = Rsa::generateKey(rng, rsaParams);
+ DecryptKey<Rsa> decryptKey = Rsa::generateKey(rsaParams);
EncryptKey<Rsa> encryptKey = Rsa::deriveEncryptKey(decryptKey.getKeyBits());
Buffer eKey = encryptKey.getKeyBits();
Buffer dKey = decryptKey.getKeyBits();
EncryptParams encryptParams(type.type);
- encryptData(data, large_content, sizeof(large_content),
- keyName, eKey.buf(), eKey.size(), encryptParams);
+ encryptData(data, large_content, sizeof(large_content), keyName, eKey.data(), eKey.size(), encryptParams);
BOOST_CHECK_EQUAL(data.getName(), Name("/FOR").append(keyName));
@@ -317,20 +262,25 @@
BOOST_CHECK(it == largeDataContent.elements_end());
const Buffer& bufferNonce = encryptedNonce.getPayload();
- Buffer nonce = Rsa::decrypt(dKey.buf(), dKey.size(), bufferNonce.buf(), bufferNonce.size(), encryptParams);
+ Buffer nonce =
+ Rsa::decrypt(dKey.data(), dKey.size(), bufferNonce.data(), bufferNonce.size());
encryptParams.setAlgorithmType(tlv::AlgorithmAesCbc);
- encryptParams.setIV(encryptedPayload.getInitialVector().buf(), encryptedPayload.getInitialVector().size());
+ encryptParams.setIV(encryptedPayload.getInitialVector().data(),
+ encryptedPayload.getInitialVector().size());
const Buffer& bufferPayload = encryptedPayload.getPayload();
- Buffer largePayload = Aes::decrypt(nonce.buf(), nonce.size(), bufferPayload.buf(), bufferPayload.size(), encryptParams);
+ Buffer largePayload =
+ Aes::decrypt(nonce.data(), nonce.size(), bufferPayload.data(), bufferPayload.size(), encryptParams);
- BOOST_CHECK_EQUAL_COLLECTIONS(large_content, large_content + sizeof(large_content),
- largePayload.begin(), largePayload.end());
+ BOOST_CHECK_EQUAL_COLLECTIONS(large_content,
+ large_content + sizeof(large_content),
+ largePayload.begin(),
+ largePayload.end());
}
BOOST_AUTO_TEST_SUITE_END()
-} // namespace algo
} // namespace tests
+} // namespace algo
} // namespace gep
} // namespace ndn
diff --git a/tests/unit-tests/algo/rsa.t.cpp b/tests/unit-tests/algo/rsa.t.cpp
index d9ee899..6b7bbcb 100644
--- a/tests/unit-tests/algo/rsa.t.cpp
+++ b/tests/unit-tests/algo/rsa.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2014-2015, Regents of the University of California
+ * Copyright (c) 2014-2018, Regents of the University of California
*
* This file is part of ndn-group-encrypt (Group-based Encryption Protocol for NDN).
* See AUTHORS.md for complete list of ndn-group-encrypt authors and contributors.
@@ -17,109 +17,53 @@
* ndn-group-encrypt, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
*/
-#include <ndn-cxx/encoding/buffer-stream.hpp>
-#include "algo/encrypt-params.hpp"
#include "algo/rsa.hpp"
-
+#include "algo/encrypt-params.hpp"
#include "boost-test.hpp"
+#include <ndn-cxx/security/key-params.hpp>
+#include <ndn-cxx/security/transform/private-key.hpp>
+#include <ndn-cxx/security/transform/public-key.hpp>
+#include <ndn-cxx/encoding/buffer-stream.hpp>
#include <algorithm>
#include <string>
-using namespace CryptoPP;
-
namespace ndn {
namespace gep {
namespace algo {
namespace tests {
-const std::string privateKey = {
- "MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMLY2w1PmsuZNvZ4"
- "rJs1pESLrxF1Xlk9Zg4Sc0r2HIEn/eme8f7cOxXq8OtxIjowEfjceHGvfc7YG1Nw"
- "LDh+ka4Jh6QtYqPEL9GHfrBeufynd0g2PAPVXySBvOJr/Isk+4/Fsj5ihrIPgrQ5"
- "wTBBuLYjDgwPppC/+vddsr5wu5bbAgMBAAECgYBYmRLB8riIa5q6aBTUXofbQ0jP"
- "v3avTWPicjFKnK5JbE3gtQ2Evc+AH9x8smzF2KXTayy5RPsH2uxR/GefKK5EkWbB"
- "mLwWDJ5/QPlLK1STxPs8B/89mp8sZkZ1AxnSHhV/a3dRcK1rVamVcqPMdFyM5PfX"
- "/apL3MlL6bsq2FipAQJBAOp7EJuEs/qAjh8hgyV2acLdsokUEwXH4gCK6+KQW8XS"
- "xFWAG4IbbLfq1HwEpHC2hJSzifCQGoPAxYBRgSK+h6sCQQDUuqF04o06+Qpe4A/W"
- "pWCBGE33+CD4lBtaeoIagsAs/lgcFmXiJZ4+4PhyIORmwFgql9ZDFHSpl8rAYsfk"
- "dz2RAkEAtUKpFe/BybYzJ3Galg0xuMf0ye7QvblExjKeIqiBqS1DRO0hVrSomIxZ"
- "8f0MuWz+lI0t5t8fABa3FnjrINa0vQJBAJeZKNaTXPJZ5/oU0zS0RkG5gFbmjRiY"
- "86VXCMC7zRhDaacajyDKjithR6yNpDdVe39fFWJYgYsakXLo8mruTwECQGqywoy9"
- "epf1flKx4YCCrw+qRKmbkcXWcpFV32EG2K2D1GsxkuXv/b3qO67Uxx1Arxp9o8dl"
- "k34WfzApRjNjho0="
-};
-
-const std::string publicKey = {
- "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDC2NsNT5rLmTb2eKybNaREi68R"
- "dV5ZPWYOEnNK9hyBJ/3pnvH+3DsV6vDrcSI6MBH43Hhxr33O2BtTcCw4fpGuCYek"
- "LWKjxC/Rh36wXrn8p3dINjwD1V8kgbzia/yLJPuPxbI+YoayD4K0OcEwQbi2Iw4M"
- "D6aQv/r3XbK+cLuW2wIDAQAB"
-};
-
-const uint8_t plaintext[] = { // plaintext: RSA-Encrypt-Test
- 0x52, 0x53, 0x41, 0x2d, 0x45, 0x6e, 0x63, 0x72,
- 0x79, 0x70, 0x74, 0x2d, 0x54, 0x65, 0x73, 0x74
-};
-
-const uint8_t ciphertext[] = {
- 0x33, 0xfb, 0x32, 0xd4, 0x2d, 0x45, 0x75, 0x3f, 0x34, 0xde, 0x3b,
- 0xaa, 0x80, 0x5f, 0x74, 0x6f, 0xf0, 0x3f, 0x01, 0x31, 0xdd, 0x2b,
- 0x85, 0x02, 0x1b, 0xed, 0x2d, 0x16, 0x1b, 0x96, 0xe5, 0x77, 0xde,
- 0xcd, 0x44, 0xe5, 0x3c, 0x32, 0xb6, 0x9a, 0xa9, 0x5d, 0xaa, 0x4b,
- 0x94, 0xe2, 0xac, 0x4a, 0x4e, 0xf5, 0x35, 0x21, 0xd0, 0x03, 0x4a,
- 0xa7, 0x53, 0xae, 0x13, 0x08, 0x63, 0x38, 0x2c, 0x92, 0xe3, 0x44,
- 0x64, 0xbf, 0x33, 0x84, 0x8e, 0x51, 0x9d, 0xb9, 0x85, 0x83, 0xf6,
- 0x8e, 0x09, 0xc1, 0x72, 0xb9, 0x90, 0x5d, 0x48, 0x63, 0xec, 0xd0,
- 0xcc, 0xfa, 0xab, 0x44, 0x2b, 0xaa, 0xa6, 0xb6, 0xca, 0xec, 0x2b,
- 0x5f, 0xbe, 0x77, 0xa5, 0x52, 0xeb, 0x0a, 0xaa, 0xf2, 0x2a, 0x19,
- 0x62, 0x80, 0x14, 0x87, 0x42, 0x35, 0xd0, 0xb6, 0xa3, 0x47, 0x4e,
- 0xb6, 0x1a, 0x88, 0xa3, 0x16, 0xb2, 0x19
-};
+// plaintext: RSA-Encrypt-Test
+const uint8_t plainText[] = { 0x52, 0x53, 0x41, 0x2d, 0x45, 0x6e, 0x63, 0x72,
+ 0x79, 0x70, 0x74, 0x2d, 0x54, 0x65, 0x73, 0x74};
BOOST_AUTO_TEST_SUITE(TestRsaAlgorithm)
+BOOST_AUTO_TEST_CASE(TransformEncryptionDecryption)
+{
+ RsaKeyParams params;
+ auto sKey = security::transform::generatePrivateKey(params);
+ security::transform::PublicKey pKey;
+ ConstBufferPtr pKeyBits = sKey->derivePublicKey();
+ pKey.loadPkcs8(pKeyBits->data(), pKeyBits->size());
+
+ auto cipherText = pKey.encrypt(plainText, sizeof(plainText));
+ auto decrypted = sKey->decrypt(cipherText->data(), cipherText->size());
+ BOOST_CHECK_EQUAL_COLLECTIONS(plainText, plainText + sizeof(plainText),
+ decrypted->begin(), decrypted->end());
+}
+
BOOST_AUTO_TEST_CASE(EncryptionDecryption)
{
- RandomNumberGenerator rng;
RsaKeyParams params;
- EncryptParams eparams(tlv::AlgorithmRsaOaep);
+ DecryptKey<Rsa> sKey = Rsa::generateKey(params);
+ EncryptKey<Rsa> pKey = Rsa::deriveEncryptKey(sKey.getKeyBits());
- OBufferStream privateKeyBuffer, publicKeyBuffer;
- StringSource privPipe(privateKey, true,
- new Base64Decoder(new FileSink(privateKeyBuffer)));
- StringSource publPipe(publicKey, true,
- new Base64Decoder(new FileSink(publicKeyBuffer)));
-
- DecryptKey<Rsa> decryptKey(std::move(*(privateKeyBuffer.buf())));
- EncryptKey<Rsa> encryptKey = Rsa::deriveEncryptKey(decryptKey.getKeyBits());
-
- const Buffer& encodedPublicKey = *(publicKeyBuffer.buf());
- const Buffer& derivedPublicKey = encryptKey.getKeyBits();
- const Buffer& encodedPrivateKey = *(privateKeyBuffer.buf());
- const Buffer& derivedPrivateKey = decryptKey.getKeyBits();
-
- BOOST_CHECK_EQUAL_COLLECTIONS(encodedPublicKey.begin(),
- encodedPublicKey.end(),
- derivedPublicKey.begin(),
- derivedPublicKey.end());
-
- const Buffer& encryptBuf = Rsa::encrypt(encodedPublicKey.buf(), encodedPublicKey.size(),
- plaintext, sizeof(plaintext),
- eparams);
-
- const Buffer& recvBuf = Rsa::decrypt(encodedPrivateKey.buf(), encodedPrivateKey.size(),
- encryptBuf.buf(), encryptBuf.size(),
- eparams);
-
- BOOST_CHECK_EQUAL_COLLECTIONS(plaintext, plaintext + sizeof(plaintext),
- recvBuf.begin(), recvBuf.end());
-
- const Buffer& convBuf = Rsa::decrypt(derivedPrivateKey.buf(), derivedPrivateKey.size(),
- ciphertext, sizeof(ciphertext),
- eparams);
-
- BOOST_CHECK_EQUAL_COLLECTIONS(plaintext, plaintext + sizeof(plaintext),
- convBuf.begin(), convBuf.end());
+ auto cipherText = Rsa::encrypt(pKey.getKeyBits().data(), pKey.getKeyBits().size(),
+ plainText, sizeof(plainText));
+ auto decrypted = Rsa::decrypt(sKey.getKeyBits().data(), sKey.getKeyBits().size(),
+ cipherText.data(), cipherText.size());
+ BOOST_CHECK_EQUAL_COLLECTIONS(plainText, plainText + sizeof(plainText),
+ decrypted.begin(), decrypted.end());
}
BOOST_AUTO_TEST_SUITE_END()