security: use EVP_DigestVerify* routines in VerifierFilter Change-Id: I2f5323fee86dd08c16552c2310b3181a620013b5

commit: 8a14b9b93ce1350105f8187f99ae077c9210a7f8 [log] [tgz]
author: Davide Pesavento <davide.pesavento@lip6.fr> Sun Sep 17 01:26:06 2017 -0400
committer: Davide Pesavento <davide.pesavento@lip6.fr> Mon Sep 18 19:02:46 2017 -0400
tree: 9d8d57edf1757ad64c0cf5eaee0d5906112c74de
parent: 8aad372379045240f478f86b4a94c6ae7c212800 [diff] [blame]
diff --git a/tests/unit-tests/security/transform/verifier-filter.t.cpp b/tests/unit-tests/security/transform/verifier-filter.t.cpp
index 4464c4e..217cf87 100644
--- a/tests/unit-tests/security/transform/verifier-filter.t.cpp
+++ b/tests/unit-tests/security/transform/verifier-filter.t.cpp

@@ -82,10 +82,10 @@
 
   OBufferStream os1;
   bufferSource(publicKeyPkcs8) >> base64Decode() >> streamSink(os1);
-  auto publicKeyBuffer = os1.buf();
+  auto pubKey = os1.buf();
 
   PublicKey pKey;
-  pKey.loadPkcs8(publicKeyBuffer->buf(), publicKeyBuffer->size());
+  pKey.loadPkcs8(pubKey->buf(), pubKey->size());
 
   PrivateKey sKey;
   sKey.loadPkcs1Base64(reinterpret_cast<const uint8_t*>(privateKeyPkcs1.data()), privateKeyPkcs1.size());
@@ -94,6 +94,8 @@
   bufferSource(data, sizeof(data)) >> signerFilter(DigestAlgorithm::SHA256, sKey) >> streamSink(os2);
   auto sig = os2.buf();
 
+  BOOST_CHECK_THROW(VerifierFilter(DigestAlgorithm::NONE, pKey, sig->buf(), sig->size()), Error);
+
   bool result = false;
   bufferSource(data, sizeof(data)) >>
     verifierFilter(DigestAlgorithm::SHA256, pKey, sig->buf(), sig->size()) >>
@@ -125,10 +127,10 @@
 
   OBufferStream os1;
   bufferSource(publicKeyPkcs8) >> base64Decode() >> streamSink(os1);
-  auto publicKeyBuffer = os1.buf();
+  auto pubKey = os1.buf();
 
   PublicKey pKey;
-  pKey.loadPkcs8(publicKeyBuffer->buf(), publicKeyBuffer->size());
+  pKey.loadPkcs8(pubKey->buf(), pubKey->size());
 
   PrivateKey sKey;
   sKey.loadPkcs1Base64(reinterpret_cast<const uint8_t*>(privateKeyPkcs1.data()), privateKeyPkcs1.size());
@@ -137,6 +139,8 @@
   bufferSource(data, sizeof(data)) >> signerFilter(DigestAlgorithm::SHA256, sKey) >> streamSink(os2);
   auto sig = os2.buf();
 
+  BOOST_CHECK_THROW(VerifierFilter(DigestAlgorithm::NONE, pKey, sig->buf(), sig->size()), Error);
+
   bool result = false;
   bufferSource(data, sizeof(data)) >>
     verifierFilter(DigestAlgorithm::SHA256, pKey, sig->buf(), sig->size()) >>
@@ -145,6 +149,12 @@
   BOOST_CHECK_EQUAL(result, true);
 }
 
+BOOST_AUTO_TEST_CASE(InvalidKey)
+{
+  PublicKey pKey;
+  BOOST_CHECK_THROW(VerifierFilter(DigestAlgorithm::SHA256, pKey, nullptr, 0), Error);
+}
+
 BOOST_AUTO_TEST_SUITE_END() // TestVerifierFilter
 BOOST_AUTO_TEST_SUITE_END() // Transform
 BOOST_AUTO_TEST_SUITE_END() // Security
commit	8a14b9b93ce1350105f8187f99ae077c9210a7f8	[log] [tgz]
author	Davide Pesavento <davide.pesavento@lip6.fr>	Sun Sep 17 01:26:06 2017 -0400
committer	Davide Pesavento <davide.pesavento@lip6.fr>	Mon Sep 18 19:02:46 2017 -0400
tree	9d8d57edf1757ad64c0cf5eaee0d5906112c74de
parent	8aad372379045240f478f86b4a94c6ae7c212800 [diff] [blame]