security: Adding delete methods in KeyChain
Change-Id: I8e3bbbf6e911b43189c510c56118d291f8932df4
diff --git a/tests/test-sec-public-info-sqlite3.cpp b/tests/test-sec-public-info-sqlite3.cpp
new file mode 100644
index 0000000..233109c
--- /dev/null
+++ b/tests/test-sec-public-info-sqlite3.cpp
@@ -0,0 +1,75 @@
+/**
+ * Copyright (C) 2013 Regents of the University of California.
+ * @author: Yingdi Yu <yingdi0@cs.ucla.edu>
+ * See COPYING for copyright and distribution information.
+ */
+
+#if __clang__
+#pragma clang diagnostic ignored "-Wtautological-compare"
+#endif
+
+#include <boost/test/unit_test.hpp>
+
+#include "security/key-chain.hpp"
+
+using namespace std;
+using namespace ndn;
+
+
+BOOST_AUTO_TEST_SUITE(TestSecPublicInfoSqlite3)
+
+BOOST_AUTO_TEST_CASE (Delete)
+{
+ KeyChainImpl<SecPublicInfoSqlite3, SecTpmFile> keyChain;
+
+ Name identity("/tmp");
+ Name certName1 = keyChain.createIdentity(identity);
+ Name keyName1 = IdentityCertificate::certificateNameToPublicKeyName(certName1);
+ Name keyName2 = keyChain.generateRSAKeyPairAsDefault(identity);
+ ptr_lib::shared_ptr<IdentityCertificate> cert2 = keyChain.selfSign(keyName2);
+ Name certName2 = cert2->getName();
+ keyChain.addCertificateAsKeyDefault(*cert2);
+ Name keyName3 = keyChain.generateRSAKeyPairAsDefault(identity);
+ ptr_lib::shared_ptr<IdentityCertificate> cert3 = keyChain.selfSign(keyName3);
+ Name certName3 = cert3->getName();
+ keyChain.addCertificateAsKeyDefault(*cert3);
+ ptr_lib::shared_ptr<IdentityCertificate> cert4 = keyChain.selfSign(keyName3);
+ Name certName4 = cert4->getName();
+ keyChain.addCertificateAsKeyDefault(*cert4);
+ ptr_lib::shared_ptr<IdentityCertificate> cert5 = keyChain.selfSign(keyName3);
+ Name certName5 = cert5->getName();
+ keyChain.addCertificateAsKeyDefault(*cert5);
+
+ BOOST_REQUIRE_EQUAL(keyChain.doesIdentityExist(identity), true);
+ BOOST_REQUIRE_EQUAL(keyChain.doesPublicKeyExist(keyName1), true);
+ BOOST_REQUIRE_EQUAL(keyChain.doesPublicKeyExist(keyName2), true);
+ BOOST_REQUIRE_EQUAL(keyChain.doesPublicKeyExist(keyName3), true);
+ BOOST_REQUIRE_EQUAL(keyChain.doesCertificateExist(certName1), true);
+ BOOST_REQUIRE_EQUAL(keyChain.doesCertificateExist(certName2), true);
+ BOOST_REQUIRE_EQUAL(keyChain.doesCertificateExist(certName3), true);
+ BOOST_REQUIRE_EQUAL(keyChain.doesCertificateExist(certName4), true);
+ BOOST_REQUIRE_EQUAL(keyChain.doesCertificateExist(certName5), true);
+
+ keyChain.deleteCertificate(certName5);
+ BOOST_CHECK_EQUAL(keyChain.doesCertificateExist(certName5), false);
+ BOOST_REQUIRE_EQUAL(keyChain.doesCertificateExist(certName3), true);
+ BOOST_REQUIRE_EQUAL(keyChain.doesCertificateExist(certName4), true);
+ BOOST_CHECK_EQUAL(keyChain.doesPublicKeyExist(keyName3), true);
+
+ keyChain.deleteKey(keyName3);
+ BOOST_CHECK_EQUAL(keyChain.doesCertificateExist(certName4), false);
+ BOOST_CHECK_EQUAL(keyChain.doesCertificateExist(certName3), false);
+ BOOST_CHECK_EQUAL(keyChain.doesPublicKeyExist(keyName3), false);
+ BOOST_CHECK_EQUAL(keyChain.doesPublicKeyExist(keyName2), true);
+ BOOST_CHECK_EQUAL(keyChain.doesPublicKeyExist(keyName1), true);
+ BOOST_CHECK_EQUAL(keyChain.doesIdentityExist(identity), true);
+
+ keyChain.deleteIdentity(identity);
+ BOOST_CHECK_EQUAL(keyChain.doesCertificateExist(certName2), false);
+ BOOST_CHECK_EQUAL(keyChain.doesPublicKeyExist(keyName2), false);
+ BOOST_CHECK_EQUAL(keyChain.doesCertificateExist(certName1), false);
+ BOOST_CHECK_EQUAL(keyChain.doesPublicKeyExist(keyName1), false);
+ BOOST_CHECK_EQUAL(keyChain.doesIdentityExist(identity), false);
+}
+
+BOOST_AUTO_TEST_SUITE_END()
diff --git a/tests/test-sec-tpm-file.cpp b/tests/test-sec-tpm-file.cpp
index 5facdf4..fd27ae8 100644
--- a/tests/test-sec-tpm-file.cpp
+++ b/tests/test-sec-tpm-file.cpp
@@ -6,14 +6,6 @@
#if __clang__
#pragma clang diagnostic ignored "-Wtautological-compare"
-// #pragma clang diagnostic push
-// #pragma clang diagnostic ignored "-Wreorder"
-// #pragma clang diagnostic ignored "-Wunused-variable"
-// #pragma clang diagnostic ignored "-Wunused-function"
-// #elif __GNUC__
-// #pragma GCC diagnostic ignored "-Wreorder"
-// #pragma GCC diagnostic ignored "-Wunused-variable"
-// #pragma GCC diagnostic ignored "-Wunused-function"
#endif
#include <boost/test/unit_test.hpp>
@@ -27,16 +19,28 @@
BOOST_AUTO_TEST_SUITE(TestSecTpmFile)
+BOOST_AUTO_TEST_CASE (Delete)
+{
+ SecTpmFile tpm;
+
+ Name keyName("/tmp/ksk-123456");
+ tpm.generateKeyPairInTpm(keyName, KEY_TYPE_RSA, 2048);
+
+ BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), true);
+ BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE), true);
+
+ tpm.deleteKeyPairInTpm(keyName);
+
+ BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), false);
+ BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE), false);
+}
+
BOOST_AUTO_TEST_CASE (SignVerify)
{
SecTpmFile tpm;
Name keyName("/tmp/ksk-123456");
- try {
- tpm.generateKeyPairInTpm(keyName, KEY_TYPE_RSA, 2048);
- }
- catch(const SecTpm::Error&) {
- }
+ tpm.generateKeyPairInTpm(keyName, KEY_TYPE_RSA, 2048);
Data data("/tmp/test/1");
const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
@@ -59,7 +63,7 @@
BOOST_REQUIRE_EQUAL(result, true);
}
- //We should remove the temporary test key, this should be fixed in a later commit which will add delete operation in SecTpm.
+ tpm.deleteKeyPairInTpm(keyName);
}
BOOST_AUTO_TEST_SUITE_END()
diff --git a/tests/test-sec-tpm-osx.cpp b/tests/test-sec-tpm-osx.cpp
new file mode 100644
index 0000000..8c57dc0
--- /dev/null
+++ b/tests/test-sec-tpm-osx.cpp
@@ -0,0 +1,69 @@
+/**
+ * Copyright (C) 2013 Regents of the University of California.
+ * @author: Yingdi Yu <yingdi0@cs.ucla.edu>
+ * See COPYING for copyright and distribution information.
+ */
+
+#if __clang__
+#pragma clang diagnostic ignored "-Wtautological-compare"
+#endif
+
+#include <boost/test/unit_test.hpp>
+
+#include "security/key-chain.hpp"
+#include <cryptopp/rsa.h>
+
+using namespace std;
+using namespace ndn;
+
+
+BOOST_AUTO_TEST_SUITE(TestSecTpmOsx)
+
+BOOST_AUTO_TEST_CASE (Delete)
+{
+ SecTpmOsx tpm;
+
+ Name keyName("/tmp/ksk-123456");
+ tpm.generateKeyPairInTpm(keyName, KEY_TYPE_RSA, 2048);
+
+ BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), true);
+ BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE), true);
+
+ tpm.deleteKeyPairInTpm(keyName);
+
+ BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), false);
+ BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE), false);
+}
+
+BOOST_AUTO_TEST_CASE (SignVerify)
+{
+ SecTpmOsx tpm;
+
+ Name keyName("/tmp/ksk-123456");
+ tpm.generateKeyPairInTpm(keyName, KEY_TYPE_RSA, 2048);
+
+ Data data("/tmp/test/1");
+ const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
+
+ Block sigBlock = tpm.signInTpm(content, sizeof(content), keyName, DIGEST_ALGORITHM_SHA256);
+ ptr_lib::shared_ptr<PublicKey> pubkeyPtr = tpm.getPublicKeyFromTpm(keyName);
+
+ {
+ using namespace CryptoPP;
+
+ RSA::PublicKey publicKey;
+ ByteQueue queue;
+ queue.Put(reinterpret_cast<const byte*>(pubkeyPtr->get().buf()), pubkeyPtr->get().size());
+ publicKey.Load(queue);
+
+ RSASS<PKCS1v15, SHA256>::Verifier verifier (publicKey);
+ bool result = verifier.VerifyMessage(content, sizeof(content),
+ sigBlock.value(), sigBlock.value_size());
+
+ BOOST_REQUIRE_EQUAL(result, true);
+ }
+
+ tpm.deleteKeyPairInTpm(keyName);
+}
+
+BOOST_AUTO_TEST_SUITE_END()