security: Add ECDSA signature signing and validation
Change-Id: I2f193e9d643498a68579ae59a7f524ff446dcb9e
Refs: #1660
diff --git a/tests/unit-tests/security/test-validator.cpp b/tests/unit-tests/security/test-validator.cpp
index b8d6157..bd91280 100644
--- a/tests/unit-tests/security/test-validator.cpp
+++ b/tests/unit-tests/security/test-validator.cpp
@@ -69,6 +69,141 @@
keyChain.deleteIdentity(identity);
}
+const uint8_t ecdsaSigInfo[] = {
+0x16, 0x1b, // SignatureInfo
+ 0x1b, 0x01, // SignatureType
+ 0x03,
+ 0x1c, 0x16, // KeyLocator
+ 0x07, 0x14, // Name
+ 0x08, 0x04,
+ 0x74, 0x65, 0x73, 0x74,
+ 0x08, 0x03,
+ 0x6b, 0x65, 0x79,
+ 0x08, 0x07,
+ 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x6f, 0x72
+};
+
+const uint8_t ecdsaSigValue[] = {
+0x17, 0x40, // SignatureValue
+ 0x2f, 0xd6, 0xf1, 0x6e, 0x80, 0x6f, 0x10, 0xbe, 0xb1, 0x6f, 0x3e, 0x31, 0xec,
+ 0xe3, 0xb9, 0xea, 0x83, 0x30, 0x40, 0x03, 0xfc, 0xa0, 0x13, 0xd9, 0xb3, 0xc6,
+ 0x25, 0x16, 0x2d, 0xa6, 0x58, 0x41, 0x69, 0x62, 0x56, 0xd8, 0xb3, 0x6a, 0x38,
+ 0x76, 0x56, 0xea, 0x61, 0xb2, 0x32, 0x70, 0x1c, 0xb6, 0x4d, 0x10, 0x1d, 0xdc,
+ 0x92, 0x8e, 0x52, 0xa5, 0x8a, 0x1d, 0xd9, 0x96, 0x5e, 0xc0, 0x62, 0x0b
+};
+
+BOOST_AUTO_TEST_CASE(RsaSignatureVerification)
+{
+ BOOST_REQUIRE_NO_THROW(KeyChain("sqlite3", "file"));
+ KeyChain keyChain("sqlite3", "file");
+
+ Name identity("/TestValidator/RsaSignatureVerification");
+ BOOST_REQUIRE_NO_THROW(keyChain.createIdentity(identity));
+ Name keyName = keyChain.getDefaultKeyNameForIdentity(identity);
+ shared_ptr<PublicKey> publicKey = keyChain.getPublicKey(keyName);
+
+ Name identity2("/TestValidator/RsaSignatureVerification/id2");
+ BOOST_REQUIRE_NO_THROW(keyChain.createIdentity(identity2));
+ Name keyName2 = keyChain.getDefaultKeyNameForIdentity(identity2);
+ shared_ptr<PublicKey> publicKey2 = keyChain.getPublicKey(keyName2);
+
+
+ Data data("/TestData/1");
+ BOOST_CHECK_NO_THROW(keyChain.signByIdentity(data, identity));
+ BOOST_CHECK_EQUAL(Validator::verifySignature(data, *publicKey), true);
+ BOOST_CHECK_EQUAL(Validator::verifySignature(data, *publicKey2), false);
+
+ Interest interest("/TestInterest/1");
+ BOOST_CHECK_NO_THROW(keyChain.signByIdentity(interest, identity));
+ BOOST_CHECK_EQUAL(Validator::verifySignature(interest, *publicKey), true);
+ BOOST_CHECK_EQUAL(Validator::verifySignature(interest, *publicKey2), false);
+
+ Data wrongData("/TestData/2");
+ Block ecdsaSigInfoBlock(ecdsaSigInfo, sizeof(ecdsaSigInfo));
+ Block ecdsaSigValueBlock(ecdsaSigValue, sizeof(ecdsaSigValue));
+ Signature ecdsaSig(ecdsaSigInfoBlock, ecdsaSigValueBlock);
+ wrongData.setSignature(ecdsaSig);
+ BOOST_CHECK_EQUAL(Validator::verifySignature(wrongData, *publicKey), false);
+
+ keyChain.deleteIdentity(identity);
+ keyChain.deleteIdentity(identity2);
+}
+
+const uint8_t rsaSigInfo[] = {
+0x16, 0x1b, // SignatureInfo
+ 0x1b, 0x01, // SignatureType
+ 0x01,
+ 0x1c, 0x16, // KeyLocator
+ 0x07, 0x14, // Name
+ 0x08, 0x04,
+ 0x74, 0x65, 0x73, 0x74,
+ 0x08, 0x03,
+ 0x6b, 0x65, 0x79,
+ 0x08, 0x07,
+ 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x6f, 0x72
+};
+
+const uint8_t rsaSigValue[] = {
+0x17, 0x80, // SignatureValue
+ 0x2f, 0xd6, 0xf1, 0x6e, 0x80, 0x6f, 0x10, 0xbe, 0xb1, 0x6f, 0x3e, 0x31, 0xec,
+ 0xe3, 0xb9, 0xea, 0x83, 0x30, 0x40, 0x03, 0xfc, 0xa0, 0x13, 0xd9, 0xb3, 0xc6,
+ 0x25, 0x16, 0x2d, 0xa6, 0x58, 0x41, 0x69, 0x62, 0x56, 0xd8, 0xb3, 0x6a, 0x38,
+ 0x76, 0x56, 0xea, 0x61, 0xb2, 0x32, 0x70, 0x1c, 0xb6, 0x4d, 0x10, 0x1d, 0xdc,
+ 0x92, 0x8e, 0x52, 0xa5, 0x8a, 0x1d, 0xd9, 0x96, 0x5e, 0xc0, 0x62, 0x0b, 0xcf,
+ 0x3a, 0x9d, 0x7f, 0xca, 0xbe, 0xa1, 0x41, 0x71, 0x85, 0x7a, 0x8b, 0x5d, 0xa9,
+ 0x64, 0xd6, 0x66, 0xb4, 0xe9, 0x8d, 0x0c, 0x28, 0x43, 0xee, 0xa6, 0x64, 0xe8,
+ 0x55, 0xf6, 0x1c, 0x19, 0x0b, 0xef, 0x99, 0x25, 0x1e, 0xdc, 0x78, 0xb3, 0xa7,
+ 0xaa, 0x0d, 0x14, 0x58, 0x30, 0xe5, 0x37, 0x6a, 0x6d, 0xdb, 0x56, 0xac, 0xa3,
+ 0xfc, 0x90, 0x7a, 0xb8, 0x66, 0x9c, 0x0e, 0xf6, 0xb7, 0x64, 0xd1
+};
+
+
+BOOST_AUTO_TEST_CASE(EcdsaSignatureVerification)
+{
+ BOOST_REQUIRE_NO_THROW(KeyChain("sqlite3", "file"));
+ KeyChain keyChain("sqlite3", "file");
+
+ Name identity("/TestValidator/EcdsaSignatureVerification");
+ EcdsaKeyParams params;
+ // BOOST_REQUIRE_NO_THROW(keyChain.createIdentity(identity, params));
+ try
+ {
+ keyChain.createIdentity(identity, params);
+ }
+ catch (std::runtime_error& e)
+ {
+ std::cerr << e.what() << std::endl;
+ }
+ Name keyName = keyChain.getDefaultKeyNameForIdentity(identity);
+ shared_ptr<PublicKey> publicKey = keyChain.getPublicKey(keyName);
+
+ Name identity2("/TestValidator/EcdsaSignatureVerification/id2");
+ BOOST_REQUIRE_NO_THROW(keyChain.createIdentity(identity2, params));
+ Name keyName2 = keyChain.getDefaultKeyNameForIdentity(identity2);
+ shared_ptr<PublicKey> publicKey2 = keyChain.getPublicKey(keyName2);
+
+
+ Data data("/TestData/1");
+ BOOST_CHECK_NO_THROW(keyChain.signByIdentity(data, identity));
+ BOOST_CHECK_EQUAL(Validator::verifySignature(data, *publicKey), true);
+ BOOST_CHECK_EQUAL(Validator::verifySignature(data, *publicKey2), false);
+
+ Interest interest("/TestInterest/1");
+ BOOST_CHECK_NO_THROW(keyChain.signByIdentity(interest, identity));
+ BOOST_CHECK_EQUAL(Validator::verifySignature(interest, *publicKey), true);
+ BOOST_CHECK_EQUAL(Validator::verifySignature(interest, *publicKey2), false);
+
+ Data wrongData("/TestData/2");
+ Block rsaSigInfoBlock(rsaSigInfo, sizeof(rsaSigInfo));
+ Block rsaSigValueBlock(rsaSigValue, sizeof(rsaSigValue));
+ Signature rsaSig(rsaSigInfoBlock, rsaSigValueBlock);
+ wrongData.setSignature(rsaSig);
+ BOOST_CHECK_EQUAL(Validator::verifySignature(wrongData, *publicKey), false);
+
+ keyChain.deleteIdentity(identity);
+ keyChain.deleteIdentity(identity2);
+}
+
BOOST_AUTO_TEST_SUITE_END()
} // namespace ndn