security: Changing security storage location. Adding test case
1. The default location of publilc info storage of SecPublicInfoSqlite3 is changed to ~/.ndnx/ndnsec-public-info.db
2. The default location of key directory of SecTpmFile is changed to ~/.ndnx/ndnsec-tpm-file/
3. Add a test case for SecTpmFile.
Change-Id: I2e314072ff05e3b8da308b577bc85d417ff22476
diff --git a/include/ndn-cpp-dev/security/key-chain.hpp b/include/ndn-cpp-dev/security/key-chain.hpp
index c5df5db..629d244 100644
--- a/include/ndn-cpp-dev/security/key-chain.hpp
+++ b/include/ndn-cpp-dev/security/key-chain.hpp
@@ -13,11 +13,17 @@
#include "public-key.hpp"
#include "signature-sha256-with-rsa.hpp"
+//PublicInfo
#include "sec-public-info-sqlite3.hpp"
#include "sec-public-info-memory.hpp"
-#include "sec-tpm-osx.hpp"
+//TPM
+#include "sec-tpm-file.hpp"
#include "sec-tpm-memory.hpp"
+#ifdef NDN_CPP_HAVE_OSX_SECURITY
+#include "sec-tpm-osx.hpp"
+#endif
+
namespace ndn {
@@ -363,6 +369,8 @@
}
+
+
#ifdef NDN_CPP_HAVE_OSX_SECURITY
namespace ndn
@@ -374,7 +382,7 @@
namespace ndn
{
-typedef KeyChainImpl<SecPublicInfoMemory, SecTpmMemory> KeyChain;
+typedef KeyChainImpl<SecPublicInfoSqlite3, SecTpmFile> KeyChain;
};
#endif //NDN_CPP_HAVE_OSX_SECURITY
diff --git a/src/security/sec-public-info-sqlite3.cpp b/src/security/sec-public-info-sqlite3.cpp
index 80f7b78..6c1ea7b 100644
--- a/src/security/sec-public-info-sqlite3.cpp
+++ b/src/security/sec-public-info-sqlite3.cpp
@@ -102,7 +102,7 @@
// TODO: Handle non-unix file systems which don't have "mkdir -p".
::system(("mkdir -p " + identityDir).c_str());
- int res = sqlite3_open((identityDir + '/' + "ndnsec-identity.db").c_str(), &database_);
+ int res = sqlite3_open((identityDir + '/' + "ndnsec-public-info.db").c_str(), &database_);
if (res != SQLITE_OK)
throw Error("identity DB cannot be opened/created");
diff --git a/src/security/sec-tpm-file.cpp b/src/security/sec-tpm-file.cpp
index c711089..3981ec4 100644
--- a/src/security/sec-tpm-file.cpp
+++ b/src/security/sec-tpm-file.cpp
@@ -7,6 +7,10 @@
* See COPYING for copyright and distribution information.
*/
+#if __clang__
+#pragma clang diagnostic ignored "-Wtautological-compare"
+#endif
+
#include <ndn-cpp-dev/security/sec-tpm-file.hpp>
#include <string>
@@ -38,7 +42,7 @@
Impl(const string &dir)
{
if(dir.empty())
- m_keystorePath = boost::filesystem::path(getenv("HOME")) / ".ndnx" / "ndnsec-keys";
+ m_keystorePath = boost::filesystem::path(getenv("HOME")) / ".ndnx" / "ndnsec-tpm-file";
else
m_keystorePath = dir;
diff --git a/tests_boost/Makefile.am b/tests_boost/Makefile.am
index 3564e82..8968a60 100644
--- a/tests_boost/Makefile.am
+++ b/tests_boost/Makefile.am
@@ -8,6 +8,7 @@
test-encode-decode-data.cpp \
test-encode-decode-interest.cpp \
test-encode-decode-forwarding-entry.cpp \
- test-encode-decode-block.cpp
+ test-encode-decode-block.cpp \
+ test-sec-tpm-file.cpp
unit_tests_LDADD = ../libndn-cpp-dev.la @BOOST_SYSTEM_LIB@ @BOOST_UNIT_TEST_FRAMEWORK_LIB@ @OPENSSL_LIBS@ @CRYPTOPP_LIBS@ @OSX_SECURITY_LIBS@
diff --git a/tests_boost/test-sec-tpm-file.cpp b/tests_boost/test-sec-tpm-file.cpp
new file mode 100644
index 0000000..9d75a38
--- /dev/null
+++ b/tests_boost/test-sec-tpm-file.cpp
@@ -0,0 +1,63 @@
+/**
+ * Copyright (C) 2013 Regents of the University of California.
+ * @author: Yingdi Yu <yingdi0@cs.ucla.edu>
+ * See COPYING for copyright and distribution information.
+ */
+
+#if __clang__
+#pragma clang diagnostic ignored "-Wtautological-compare"
+// #pragma clang diagnostic push
+// #pragma clang diagnostic ignored "-Wreorder"
+// #pragma clang diagnostic ignored "-Wunused-variable"
+// #pragma clang diagnostic ignored "-Wunused-function"
+// #elif __GNUC__
+// #pragma GCC diagnostic ignored "-Wreorder"
+// #pragma GCC diagnostic ignored "-Wunused-variable"
+// #pragma GCC diagnostic ignored "-Wunused-function"
+#endif
+
+#include <boost/test/unit_test.hpp>
+
+#include <ndn-cpp-dev/security/key-chain.hpp>
+#include <cryptopp/rsa.h>
+
+using namespace std;
+using namespace ndn;
+
+
+BOOST_AUTO_TEST_SUITE(TestSecTpmFile)
+
+BOOST_AUTO_TEST_CASE (SignVerify)
+{
+ SecTpmFile tpm;
+
+ Name keyName("/tmp/ksk-123456");
+ tpm.generateKeyPairInTpm(keyName, KEY_TYPE_RSA, 2048);
+
+
+
+ Data data("/tmp/test/1");
+ const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
+
+ Block sigBlock = tpm.signInTpm(content, sizeof(content), keyName, DIGEST_ALGORITHM_SHA256);
+ ptr_lib::shared_ptr<PublicKey> pubkeyPtr = tpm.getPublicKeyFromTpm(keyName);
+
+ {
+ using namespace CryptoPP;
+
+ RSA::PublicKey publicKey;
+ ByteQueue queue;
+ queue.Put(reinterpret_cast<const byte*>(pubkeyPtr->get().buf()), pubkeyPtr->get().size());
+ publicKey.Load(queue);
+
+ RSASS<PKCS1v15, SHA256>::Verifier verifier (publicKey);
+ bool result = verifier.VerifyMessage(content, sizeof(content),
+ sigBlock.value(), sigBlock.value_size());
+
+ BOOST_REQUIRE_EQUAL(result, true);
+ }
+
+ //We should remove the temporary test key, this should be fixed in a later commit which will add delete operation in SecTpm.
+}
+
+BOOST_AUTO_TEST_SUITE_END()