commit bc997e5ddd9e19414d6bd6ffebddbbbf2cffe363
author laqinfan <flq12021@gmail.com> Tue Jun 25 22:11:09 2019 -0500
committer Laqin Fan <flq12021@gmail.com> Tue Oct 29 19:43:46 2019 -0500
tree e435477feb6e96b63c09fdc03a1a3fe792964e1e
parent 73940c93a6c738fe5c287bfe8b59d27b79a74efe

security: add HMAC support in verification helpers

Add two more verifySignature() overloads with tpm and keyname as parameters

Change-Id: I53ef8f15c8764b17a26df3216c25f6b19f7c1719

tests/unit/security/v2/key-chain.t.cpp

diff --git a/tests/unit/security/v2/key-chain.t.cpp b/tests/unit/security/v2/key-chain.t.cpp
index 17f8569..1d25e59 100644
--- a/tests/unit/security/v2/key-chain.t.cpp
+++ b/tests/unit/security/v2/key-chain.t.cpp
@@ -366,19 +366,8 @@
       BOOST_CHECK_EQUAL(data.getSignature().getType(), tlv::SignatureHmacWithSha256);
       BOOST_CHECK_EQUAL(interestSignature.getType(), tlv::SignatureHmacWithSha256);
 
-      BOOST_CHECK(bool(tpm.verify(data.wireEncode().value(),
-                                  data.wireEncode().value_size() - data.getSignature().getValue().size(),
-                                  data.getSignature().getValue().value(),
-                                  data.getSignature().getValue().value_size(),
-                                  keyName, DigestAlgorithm::SHA256)));
-
-      const Name& interestName = interest.getName();
-      auto nameBlock = interestName.wireEncode();
-      BOOST_CHECK(bool(tpm.verify(nameBlock.value(),
-                                  nameBlock.value_size() - interestName[signed_interest::POS_SIG_VALUE].size(),
-                                  interestName[signed_interest::POS_SIG_VALUE].blockFromValue().value(),
-                                  interestName[signed_interest::POS_SIG_VALUE].blockFromValue().value_size(),
-                                  keyName, DigestAlgorithm::SHA256)));
+      BOOST_CHECK(bool(verifySignature(data, tpm, keyName, DigestAlgorithm::SHA256)));
+      BOOST_CHECK(bool(verifySignature(interest, tpm, keyName, DigestAlgorithm::SHA256)));
     }
     else {
       BOOST_CHECK_EQUAL(data.getSignature().getType(), tlv::SignatureSha256WithEcdsa);

tests/unit/security/verification-helpers.t.cpp

diff --git a/tests/unit/security/verification-helpers.t.cpp b/tests/unit/security/verification-helpers.t.cpp
index 977ec30..c0c6b5a 100644
--- a/tests/unit/security/verification-helpers.t.cpp
+++ b/tests/unit/security/verification-helpers.t.cpp
@@ -469,6 +469,25 @@
   // - pib::Key version is tested as part of v2/key-chain.t.cpp (Security/V2/TestKeyChain)
 }
 
+BOOST_FIXTURE_TEST_CASE(VerifyHmac, IdentityManagementFixture)
+{
+  const Tpm& tpm = m_keyChain.getTpm();
+  Data data("/data");
+  Interest interest("/interest");
+  SigningInfo signingInfo;
+  signingInfo.setSigningHmacKey("QjM3NEEyNkE3MTQ5MDQzN0FBMDI0RTRGQURENUI0OTdGREZGMUE4RUE2RkYxMkY2"
+                                "RkI2NUFGMjcyMEI1OUNDRg==");
+  signingInfo.setDigestAlgorithm(DigestAlgorithm::SHA256);
+
+  BOOST_CHECK(!verifySignature(data, tpm, signingInfo.getSignerName(), DigestAlgorithm::SHA256));
+  BOOST_CHECK(!verifySignature(interest, tpm, signingInfo.getSignerName(), DigestAlgorithm::SHA256));
+
+  m_keyChain.sign(data, signingInfo);
+  m_keyChain.sign(interest, signingInfo);
+  BOOST_CHECK(verifySignature(data, tpm, signingInfo.getSignerName(), DigestAlgorithm::SHA256));
+  BOOST_CHECK(verifySignature(interest, tpm, signingInfo.getSignerName(), DigestAlgorithm::SHA256));
+}
+
 using DigestDatasets = boost::mpl::vector<Sha256Dataset>;
 
 BOOST_AUTO_TEST_CASE_TEMPLATE(VerifyDigest, Dataset, DigestDatasets)