security: Bug fixing
1. correct the error message for non-existing public key.
2. rename private key export/import methods to avoid confusion.
Refs: #1527
Change-Id: I3ea8378378a66e1fbec7f0d4f210057c8f9b969b
diff --git a/src/security/key-chain.hpp b/src/security/key-chain.hpp
index 1a76d1a..5143a4a 100644
--- a/src/security/key-chain.hpp
+++ b/src/security/key-chain.hpp
@@ -511,14 +511,14 @@
Name keyName = Info::getDefaultKeyNameForIdentity(identity);
- ConstBufferPtr pkcs8;
+ ConstBufferPtr pkcs5;
try
{
- pkcs8 = Tpm::exportPrivateKeyPkcs8FromTpm(keyName, passwordStr);
+ pkcs5 = Tpm::exportPrivateKeyPkcs5FromTpm(keyName, passwordStr);
}
catch (TpmError& e)
{
- throw InfoError("Fail to export PKCS8 of private key");
+ throw InfoError("Fail to export PKCS5 of private key");
}
shared_ptr<IdentityCertificate> cert;
@@ -533,7 +533,7 @@
}
shared_ptr<SecuredBag> secureBag = make_shared<SecuredBag>(boost::cref(*cert),
- boost::cref(pkcs8));
+ boost::cref(pkcs5));
return secureBag;
}
@@ -555,7 +555,7 @@
Info::addIdentity(identity);
// Add key
- Tpm::importPrivateKeyPkcs8IntoTpm(keyName,
+ Tpm::importPrivateKeyPkcs5IntoTpm(keyName,
securedBag.getKey()->buf(),
securedBag.getKey()->size(),
passwordStr);
diff --git a/src/security/sec-tpm-file.cpp b/src/security/sec-tpm-file.cpp
index ba3cca8..94ed510 100644
--- a/src/security/sec-tpm-file.cpp
+++ b/src/security/sec-tpm-file.cpp
@@ -149,7 +149,7 @@
string keyURI = keyName.toUri();
if (!doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC))
- throw Error("Public Key already exist");
+ throw Error("Public Key does not exist");
ostringstream os;
try
@@ -169,7 +169,7 @@
}
ConstBufferPtr
-SecTpmFile::exportPrivateKeyPkcs1FromTpm(const Name& keyName)
+SecTpmFile::exportPrivateKeyPkcs8FromTpm(const Name& keyName)
{
OBufferStream privateKeyOs;
CryptoPP::FileSource(m_impl->nameTransform(keyName.toUri(), ".pri").string().c_str(), true,
@@ -179,7 +179,7 @@
}
bool
-SecTpmFile::importPrivateKeyPkcs1IntoTpm(const Name& keyName, const uint8_t* buf, size_t size)
+SecTpmFile::importPrivateKeyPkcs8IntoTpm(const Name& keyName, const uint8_t* buf, size_t size)
{
try
{
diff --git a/src/security/sec-tpm-file.hpp b/src/security/sec-tpm-file.hpp
index 8cc20df..4dbbf79 100644
--- a/src/security/sec-tpm-file.hpp
+++ b/src/security/sec-tpm-file.hpp
@@ -107,10 +107,10 @@
* From TrustedPlatformModule *
******************************/
virtual ConstBufferPtr
- exportPrivateKeyPkcs1FromTpm(const Name& keyName);
+ exportPrivateKeyPkcs8FromTpm(const Name& keyName);
virtual bool
- importPrivateKeyPkcs1IntoTpm(const Name& keyName, const uint8_t* buf, size_t size);
+ importPrivateKeyPkcs8IntoTpm(const Name& keyName, const uint8_t* buf, size_t size);
virtual bool
importPublicKeyPkcs1IntoTpm(const Name& keyName, const uint8_t* buf, size_t size);
diff --git a/src/security/sec-tpm-osx.cpp b/src/security/sec-tpm-osx.cpp
index fd21439..84be0e2 100644
--- a/src/security/sec-tpm-osx.cpp
+++ b/src/security/sec-tpm-osx.cpp
@@ -376,7 +376,7 @@
}
ConstBufferPtr
-SecTpmOsx::exportPrivateKeyPkcs1FromTpmInternal(const Name& keyName, bool needRetry)
+SecTpmOsx::exportPrivateKeyPkcs8FromTpmInternal(const Name& keyName, bool needRetry)
{
using namespace CryptoPP;
@@ -393,7 +393,7 @@
if (res == errSecAuthFailed && !needRetry)
{
if (unlockTpm(0, 0, false))
- return exportPrivateKeyPkcs1FromTpmInternal(keyName, true);
+ return exportPrivateKeyPkcs8FromTpmInternal(keyName, true);
else
return shared_ptr<Buffer>();
}
@@ -438,7 +438,7 @@
#endif // __GNUC__
bool
-SecTpmOsx::importPrivateKeyPkcs1IntoTpmInternal(const Name& keyName,
+SecTpmOsx::importPrivateKeyPkcs8IntoTpmInternal(const Name& keyName,
const uint8_t* buf, size_t size,
bool needRetry)
{
@@ -506,7 +506,7 @@
if (res == errSecAuthFailed && !needRetry)
{
if (unlockTpm(0, 0, false))
- return importPrivateKeyPkcs1IntoTpmInternal(keyName, buf, size, true);
+ return importPrivateKeyPkcs8IntoTpmInternal(keyName, buf, size, true);
else
return false;
}
diff --git a/src/security/sec-tpm-osx.hpp b/src/security/sec-tpm-osx.hpp
index 1a5bd1f..d4363c2 100644
--- a/src/security/sec-tpm-osx.hpp
+++ b/src/security/sec-tpm-osx.hpp
@@ -99,15 +99,15 @@
* From TrustedPlatformModule *
******************************/
virtual ConstBufferPtr
- exportPrivateKeyPkcs1FromTpm(const Name& keyName)
+ exportPrivateKeyPkcs8FromTpm(const Name& keyName)
{
- return exportPrivateKeyPkcs1FromTpmInternal(keyName, false);
+ return exportPrivateKeyPkcs8FromTpmInternal(keyName, false);
}
virtual bool
- importPrivateKeyPkcs1IntoTpm(const Name& keyName, const uint8_t* buf, size_t size)
+ importPrivateKeyPkcs8IntoTpm(const Name& keyName, const uint8_t* buf, size_t size)
{
- return importPrivateKeyPkcs1IntoTpmInternal(keyName, buf, size, false);
+ return importPrivateKeyPkcs8IntoTpmInternal(keyName, buf, size, false);
}
virtual bool
@@ -123,10 +123,10 @@
deleteKeyPairInTpmInternal(const Name& keyName, bool needRetry);
ConstBufferPtr
- exportPrivateKeyPkcs1FromTpmInternal(const Name& keyName, bool needRetry);
+ exportPrivateKeyPkcs8FromTpmInternal(const Name& keyName, bool needRetry);
bool
- importPrivateKeyPkcs1IntoTpmInternal(const Name& keyName,
+ importPrivateKeyPkcs8IntoTpmInternal(const Name& keyName,
const uint8_t* buf, size_t size,
bool needRetry);
diff --git a/src/security/sec-tpm.cpp b/src/security/sec-tpm.cpp
index d2e4af5..253ab02 100644
--- a/src/security/sec-tpm.cpp
+++ b/src/security/sec-tpm.cpp
@@ -14,7 +14,7 @@
namespace ndn {
ConstBufferPtr
-SecTpm::exportPrivateKeyPkcs8FromTpm(const Name& keyName, const string& passwordStr)
+SecTpm::exportPrivateKeyPkcs5FromTpm(const Name& keyName, const string& passwordStr)
{
using namespace CryptoPP;
@@ -47,14 +47,14 @@
CBC_Mode< DES_EDE3 >::Encryption e;
e.SetKeyWithIV(derived, derivedLen, iv);
- ConstBufferPtr pkcs1PrivateKey = exportPrivateKeyPkcs1FromTpm(keyName);
- if (!static_cast<bool>(pkcs1PrivateKey))
+ ConstBufferPtr pkcs8PrivateKey = exportPrivateKeyPkcs8FromTpm(keyName);
+ if (!static_cast<bool>(pkcs8PrivateKey))
throw Error("Cannot export the private key, #1");
OBufferStream encryptedOs;
try
{
- StringSource stringSource(pkcs1PrivateKey->buf(), pkcs1PrivateKey->size(), true,
+ StringSource stringSource(pkcs8PrivateKey->buf(), pkcs8PrivateKey->size(), true,
new StreamTransformationFilter(e, new FileSink(encryptedOs)));
}
catch (CryptoPP::Exception& e)
@@ -136,7 +136,7 @@
}
bool
-SecTpm::importPrivateKeyPkcs8IntoTpm(const Name& keyName,
+SecTpm::importPrivateKeyPkcs5IntoTpm(const Name& keyName,
const uint8_t* buf, size_t size,
const string& passwordStr)
{
@@ -249,7 +249,7 @@
return false;
}
- if (!importPrivateKeyPkcs1IntoTpm(keyName,
+ if (!importPrivateKeyPkcs8IntoTpm(keyName,
privateKeyOs.buf()->buf(), privateKeyOs.buf()->size()))
return false;
diff --git a/src/security/sec-tpm.hpp b/src/security/sec-tpm.hpp
index 14b5756..395cec9 100644
--- a/src/security/sec-tpm.hpp
+++ b/src/security/sec-tpm.hpp
@@ -208,7 +208,7 @@
addAppToACL(const Name& keyName, KeyClass keyClass, const std::string& appPath, AclType acl) = 0;
/**
- * @brief Export a private key in PKCS#8 format.
+ * @brief Export a private key in PKCS#5 format.
*
* @param keyName The private key name.
* @param password The password to encrypt the private key.
@@ -216,10 +216,10 @@
* @throws SecTpm::Error if private key cannot be exported.
*/
ConstBufferPtr
- exportPrivateKeyPkcs8FromTpm(const Name& keyName, const std::string& password);
+ exportPrivateKeyPkcs5FromTpm(const Name& keyName, const std::string& password);
/**
- * @brief Import a private key in PKCS#8 format.
+ * @brief Import a private key in PKCS#5 format.
*
* Also recover the public key and installed it in TPM.
*
@@ -229,29 +229,29 @@
* @return False if import fails.
*/
bool
- importPrivateKeyPkcs8IntoTpm(const Name& keyName,
+ importPrivateKeyPkcs5IntoTpm(const Name& keyName,
const uint8_t* buf, size_t size,
const std::string& password);
protected:
/**
- * @brief Export a private key in PKCS#1 format.
+ * @brief Export a private key in PKCS#8 format.
*
* @param keyName The private key name.
- * @return The private key info (in PKCS#1 format) if exist, otherwise a NULL pointer.
+ * @return The private key info (in PKCS#8 format) if exist, otherwise a NULL pointer.
*/
virtual ConstBufferPtr
- exportPrivateKeyPkcs1FromTpm(const Name& keyName) = 0;
+ exportPrivateKeyPkcs8FromTpm(const Name& keyName) = 0;
/**
- * @brief Import a private key in PKCS#1 format.
+ * @brief Import a private key in PKCS#8 format.
*
* @param keyName The private key name.
* @param key The encoded private key info.
* @return False if import fails.
*/
virtual bool
- importPrivateKeyPkcs1IntoTpm(const Name& keyName, const uint8_t* buf, size_t size) = 0;
+ importPrivateKeyPkcs8IntoTpm(const Name& keyName, const uint8_t* buf, size_t size) = 0;
/**
* @brief Import a public key in PKCS#1 format.
diff --git a/tests/security/test-sec-tpm-file.cpp b/tests/security/test-sec-tpm-file.cpp
index e42986a..2c9cd73 100644
--- a/tests/security/test-sec-tpm-file.cpp
+++ b/tests/security/test-sec-tpm-file.cpp
@@ -19,7 +19,8 @@
{
SecTpmFile tpm;
- Name keyName("/TestSecTpmFile/Delete/ksk-" + boost::lexical_cast<string>(time::toUnixTimestamp(time::system_clock::now())));
+ Name keyName("/TestSecTpmFile/Delete/ksk-" +
+ boost::lexical_cast<string>(time::toUnixTimestamp(time::system_clock::now())));
BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, KEY_TYPE_RSA, 2048));
BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), true);
@@ -35,14 +36,16 @@
{
SecTpmFile tpm;
- Name keyName("/TestSecTpmFile/SignVerify/ksk-" + boost::lexical_cast<string>(time::toUnixTimestamp(time::system_clock::now())));
+ Name keyName("/TestSecTpmFile/SignVerify/ksk-" +
+ boost::lexical_cast<string>(time::toUnixTimestamp(time::system_clock::now())));
BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, KEY_TYPE_RSA, 2048));
Data data("/tmp/test/1");
const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
Block sigBlock;
- BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content), keyName, DIGEST_ALGORITHM_SHA256));
+ BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content),
+ keyName, DIGEST_ALGORITHM_SHA256));
shared_ptr<PublicKey> pubkeyPtr;
BOOST_CHECK_NO_THROW(pubkeyPtr = tpm.getPublicKeyFromTpm(keyName));
@@ -57,11 +60,11 @@
RSASS<PKCS1v15, SHA256>::Verifier verifier (publicKey);
bool result = verifier.VerifyMessage(content, sizeof(content),
- sigBlock.value(), sigBlock.value_size());
+ sigBlock.value(), sigBlock.value_size());
BOOST_CHECK_EQUAL(result, true);
}
- catch(CryptoPP::Exception& e)
+ catch (CryptoPP::Exception& e)
{
BOOST_CHECK(false);
}
@@ -98,16 +101,23 @@
"3082050E304006092A864886F70D01050D3033301B06092A864886F70D01050C300E0408209CF0B1B4C856A802020800301406082A864886F70D0307040884B1229D80690211048204C8DA62C11E1CCFC43F318D0C03DA4B11350122B18F23645C454F41BB46C7F8EED4F95041A9130B33E989AF338951A286B55FB9A707AF1C5B2E1FAE7CD66D6D556CBFD90640BDA0D7904DD8D89CF15AB24F1A652AB76E16411B78E8A9AAEEB6EE06FA793B2B4A3EE4B9B5DFB3FC3D38076145915A11CEC8FD2EAB70F51A0DA8B88B73B4DD5BAFB933ABCD92FFBA7843083CCE6B7A6BD9A51094EFF93DC93A19B4982F5FF8696FDF07B76366B6408EC18F4EA218A4F6B5EA85A5AF3B082D0E3AE74665BDD9FC7DE87A7A54EB038AB2E9196365F8481F1CC601EB866D554B4FBCDABECD35CBE404F3CB313E9799D111AD955C42629FB1A01E6138EFF15E6DE7D2BF8754868157DAC72EE5125221D502DCF0B8E8FF5CA87B601357785E7C95CBFC369B31D747ADACFB95E614507A5622ACAA3541B4FE02AEEC2DD588D3D7860A50C78EF460C39E250851140155052F18419F37D551FC3F5224764A17A2C47F9CEDC63780E3AF48C421D682FD3A68A2E12EB28737DB0F785137FC01282D0D82220E2D147E4E2D261046D3C5842B55C1C2F6BA51727AF57C502242F397ACEC341F2C6C6E739E629A144602C9994C88B4F8B4F7150C087C143D9FEC23A686E5E46A5541A071869089BECC05B186FC3D8F95668A671D7088462D61423BAEB73B41CDA5B69E22D6EE3A64BB523B1522F2433BA8AD98A7500EB5C5859469F45C15E91AC1DA9D9473B3C2B37C38D038F99122E157166B89C1EA941A683A73C3F7C0762E79E9C1E28A306042D8683C26995F7AA1B5CC1B985BB0A9DEE6471E9BCEF977A2BE84BD90CE3025FA76B8B546725D85C37543B69604D3F0822DBA3067E9CF9BF2F0DC676E0D718C963C71DBD7A278BAF2A2FFA65BDB8E60FCDD0D0BA841E37284FB6174047D1EC974730A77A7E808C5F27BF1FF0818AD7B0596C538ECFF2068BD5EED5E90102918E2F224EBFFDB2C8366A5C819A00BF6DDF823BD861331F4BF2323ECA284B90C96AB6C7CDBB200163AEA8FD9EC18BA5ACAA8B8B4BDA532A04AD179D402F09E69F5CE0A179EBEF9A99E8B0C5BC8A9C3CA71C820508E33C79A98B9C31F856F53D1369AD7D9C668BC9160D6C7F3612842BDCDB42F5AE6860E93B2B203CAE26C93A7640640D403BC107DDA031CAD54DC63FFF73861D25DE26B9147C328B3940F2CFB44E82112DD6FA514CB8FD5DD6E6FF4D4EFF430B06AC970D8D75F5BD6A015558ED8D82C5121115DC3657BE88356348C0F8B8EADFD5506C0C046984BB1F12F3EEFD32FED4C8684ABD252BF3CA56092D4A752CF51E13755568C3BF25CFCA0F7AF9279CA593305C27645022DD2DD0F7FFCAC92EDEF04B9DCAE7FD55E2C69C76CF061F1ECD724850FCA574543954105B9A3824B849DDD75DEB57B382054AAB4A1FE467D235FB77C220730ED7D9B79A575831395AAE0C4C0B0D3E7EC17511C3DE9A86AD1C68BFF861FA0151020E43A1C6B4F4D6273D586B1D291AEF45DF454463F39BACA2FF07AA5E24A7EA850189F8C39BA8E88FEB21C1647EF910898B02492C49599111D3558F05A4CFD0FDBF33E802798FF2C437FCD65AAC1024FB29D08DCD7DB7E08279C3EB4B64E58747096641D1886145EC9E5ADDC8BBC81BE0DC77C3F3A017311050B921B5506F13AF30BA04AFAA210F0359E710C01319DE7BFF165A3615E8DDFC6E3FC167BA39B332B42E5207CA4934EABDAE2D057FA661DEB3EBC1A4AFD4F3E014918EC");
string decoded;
- BOOST_CHECK_NO_THROW(StringSource source(imported, true, new HexDecoder(new StringSink(decoded)))); // StringSource
+ BOOST_CHECK_NO_THROW(StringSource source(imported,
+ true,
+ new HexDecoder(new StringSink(decoded)))); //StringSource
SecTpmFile tpm;
- Name keyName("/TestSecTpmFile/ImportKey/ksk-" + boost::lexical_cast<string>(time::toUnixTimestamp(time::system_clock::now())));
+ Name keyName("/TestSecTpmFile/ImportKey/ksk-" +
+ boost::lexical_cast<string>(time::toUnixTimestamp(time::system_clock::now())));
BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE) == false);
BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC) == false);
- BOOST_REQUIRE_NO_THROW(tpm.importPrivateKeyPkcs8IntoTpm(keyName, reinterpret_cast<const uint8_t*>(decoded.c_str()), decoded.size(), "1234"));
+ BOOST_REQUIRE_NO_THROW(
+ tpm.importPrivateKeyPkcs5IntoTpm(keyName,
+ reinterpret_cast<const uint8_t*>(decoded.c_str()),
+ decoded.size(),
+ "1234"));
BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE) == true);
BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC) == true);
@@ -117,7 +127,8 @@
const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
Block sigBlock;
- BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content), keyName, DIGEST_ALGORITHM_SHA256));
+ BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content),
+ keyName, DIGEST_ALGORITHM_SHA256));
try
{
@@ -130,31 +141,33 @@
RSASS<PKCS1v15, SHA256>::Verifier verifier (publicKey);
bool result = verifier.VerifyMessage(content, sizeof(content),
- sigBlock.value(), sigBlock.value_size());
+ sigBlock.value(), sigBlock.value_size());
BOOST_CHECK_EQUAL(result, true);
}
- catch(CryptoPP::Exception& e)
+ catch (CryptoPP::Exception& e)
{
BOOST_CHECK(false);
}
ConstBufferPtr exported;
- BOOST_CHECK_NO_THROW(exported = tpm.exportPrivateKeyPkcs8FromTpm(keyName, "5678"));
+ BOOST_CHECK_NO_THROW(exported = tpm.exportPrivateKeyPkcs5FromTpm(keyName, "5678"));
tpm.deleteKeyPairInTpm(keyName);
BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE) == false);
BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC) == false);
- BOOST_REQUIRE(tpm.importPrivateKeyPkcs8IntoTpm(keyName, exported->buf(), exported->size(), "5678"));
+ BOOST_REQUIRE(tpm.importPrivateKeyPkcs5IntoTpm(keyName, exported->buf(), exported->size(),
+ "5678"));
BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE) == true);
BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC) == true);
const uint8_t content2[] = {0x05, 0x06, 0x07, 0x08};
Block sigBlock2;
- BOOST_CHECK_NO_THROW(sigBlock2 = tpm.signInTpm(content2, sizeof(content2), keyName, DIGEST_ALGORITHM_SHA256));
+ BOOST_CHECK_NO_THROW(sigBlock2 = tpm.signInTpm(content2, sizeof(content2),
+ keyName, DIGEST_ALGORITHM_SHA256));
try
{
@@ -167,11 +180,11 @@
RSASS<PKCS1v15, SHA256>::Verifier verifier (publicKey);
bool result = verifier.VerifyMessage(content2, sizeof(content2),
- sigBlock2.value(), sigBlock2.value_size());
+ sigBlock2.value(), sigBlock2.value_size());
BOOST_CHECK_EQUAL(result, true);
}
- catch(CryptoPP::Exception& e)
+ catch (CryptoPP::Exception& e)
{
BOOST_CHECK(false);
}
diff --git a/tests/security/test-sec-tpm-osx.cpp b/tests/security/test-sec-tpm-osx.cpp
index 435b2ce..eb4361a 100644
--- a/tests/security/test-sec-tpm-osx.cpp
+++ b/tests/security/test-sec-tpm-osx.cpp
@@ -19,8 +19,9 @@
{
SecTpmOsx tpm;
- Name keyName("/TestSecTpmOsx/Delete/ksk-" + boost::lexical_cast<string>(
- time::toUnixTimestamp(time::system_clock::now()).count()));
+ Name keyName("/TestSecTpmOsx/Delete/ksk-" +
+ boost::lexical_cast<string>(
+ time::toUnixTimestamp(time::system_clock::now()).count()));
BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, KEY_TYPE_RSA, 2048));
BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), true);
@@ -36,15 +37,17 @@
{
SecTpmOsx tpm;
- Name keyName("/TestSecTpmOsx/SignVerify/ksk-" + boost::lexical_cast<string>(
- time::toUnixTimestamp(time::system_clock::now()).count()));
+ Name keyName("/TestSecTpmOsx/SignVerify/ksk-" +
+ boost::lexical_cast<string>(
+ time::toUnixTimestamp(time::system_clock::now()).count()));
BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, KEY_TYPE_RSA, 2048));
Data data("/TestSecTpmOsx/SignVaerify/Data/1");
const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
Block sigBlock;
- BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content), keyName, DIGEST_ALGORITHM_SHA256));
+ BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content),
+ keyName, DIGEST_ALGORITHM_SHA256));
shared_ptr<PublicKey> pubkeyPtr;
BOOST_CHECK_NO_THROW(pubkeyPtr = tpm.getPublicKeyFromTpm(keyName));
@@ -59,11 +62,11 @@
RSASS<PKCS1v15, SHA256>::Verifier verifier (publicKey);
bool result = verifier.VerifyMessage(content, sizeof(content),
- sigBlock.value(), sigBlock.value_size());
+ sigBlock.value(), sigBlock.value_size());
BOOST_CHECK_EQUAL(result, true);
}
- catch(CryptoPP::Exception& e)
+ catch (CryptoPP::Exception& e)
{
BOOST_CHECK(false);
}
@@ -98,8 +101,9 @@
SecTpmOsx tpm;
- Name keyName("/TestSecTpmOsx/ExportImportKey/ksk-" + boost::lexical_cast<string>(
- time::toUnixTimestamp(time::system_clock::now()).count()));
+ Name keyName("/TestSecTpmOsx/ExportImportKey/ksk-" +
+ boost::lexical_cast<string>(
+ time::toUnixTimestamp(time::system_clock::now()).count()));
BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, KEY_TYPE_RSA, 2048));
@@ -107,7 +111,7 @@
BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC) == true);
ConstBufferPtr exported;
- BOOST_CHECK_NO_THROW(exported = tpm.exportPrivateKeyPkcs8FromTpm(keyName, "1234"));
+ BOOST_CHECK_NO_THROW(exported = tpm.exportPrivateKeyPkcs5FromTpm(keyName, "1234"));
shared_ptr<PublicKey> pubkeyPtr;
BOOST_REQUIRE_NO_THROW(pubkeyPtr = tpm.getPublicKeyFromTpm(keyName));
@@ -116,14 +120,17 @@
BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE) == false);
BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC) == false);
- BOOST_REQUIRE(tpm.importPrivateKeyPkcs8IntoTpm(keyName, exported->buf(), exported->size(), "1234"));
+ BOOST_REQUIRE(tpm.importPrivateKeyPkcs5IntoTpm(keyName,
+ exported->buf(), exported->size(),
+ "1234"));
BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC) == true);
BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE) == true);
const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
Block sigBlock;
- BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content), keyName, DIGEST_ALGORITHM_SHA256));
+ BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content),
+ keyName, DIGEST_ALGORITHM_SHA256));
try
{
@@ -136,11 +143,11 @@
RSASS<PKCS1v15, SHA256>::Verifier verifier (publicKey);
bool result = verifier.VerifyMessage(content, sizeof(content),
- sigBlock.value(), sigBlock.value_size());
+ sigBlock.value(), sigBlock.value_size());
BOOST_CHECK_EQUAL(result, true);
}
- catch(CryptoPP::Exception& e)
+ catch (CryptoPP::Exception& e)
{
BOOST_CHECK(false);
}