Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / 2e57a58288d1d2bf76800f56e5061c17255a92fb / . / tests / security / test-sec-tpm-osx.cpp
blob: d75eec16a3eb7fd38af1d6217f9467f35470574e [file] [log] [blame]
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]1/**
2 * Copyright (C) 2013 Regents of the University of California.
3 * @author: Yingdi Yu <yingdi0@cs.ucla.edu>
4 * See COPYING for copyright and distribution information.
5 */
6
7#if __clang__
8#pragma clang diagnostic ignored "-Wtautological-compare"
9#endif
10
11#include <boost/test/unit_test.hpp>
12
13#include "security/key-chain.hpp"
Yingdi Yube4150e2014-02-18 13:02:46 -0800[diff] [blame]14#include "util/time.hpp"
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]15#include <cryptopp/rsa.h>
Yingdi Yube4150e2014-02-18 13:02:46 -0800[diff] [blame]16#include <cryptopp/files.h>
17#include <cryptopp/hex.h>
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]18
19using namespace std;
Alexander Afanasyev0abb2da2014-01-30 18:07:57 -0800[diff] [blame]20namespace ndn {
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]21
22BOOST_AUTO_TEST_SUITE(TestSecTpmOsx)
23
24BOOST_AUTO_TEST_CASE (Delete)
25{
26 SecTpmOsx tpm;
27
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame^]28 Name keyName("/TestSecTpmOsx/Delete/ksk-" + boost::lexical_cast<string>(time::now()));
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]29 BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, KEY_TYPE_RSA, 2048));
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]30
31 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), true);
32 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE), true);
33
34 tpm.deleteKeyPairInTpm(keyName);
35
36 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), false);
37 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE), false);
38}
39
40BOOST_AUTO_TEST_CASE (SignVerify)
41{
42 SecTpmOsx tpm;
43
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame^]44 Name keyName("/TestSecTpmOsx/SignVerify/ksk-" + boost::lexical_cast<string>(time::now()));
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]45 BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, KEY_TYPE_RSA, 2048));
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]46
Yingdi Yube4150e2014-02-18 13:02:46 -0800[diff] [blame]47 Data data("/TestSecTpmOsx/SignVaerify/Data/1");
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]48 const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
49
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame^]50 Block sigBlock;
51 BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content), keyName, DIGEST_ALGORITHM_SHA256));
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]52
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame^]53 shared_ptr<PublicKey> pubkeyPtr;
54 BOOST_CHECK_NO_THROW(pubkeyPtr = tpm.getPublicKeyFromTpm(keyName));
55 try
56 {
57 using namespace CryptoPP;
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]58
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame^]59 RSA::PublicKey publicKey;
60 ByteQueue queue;
61 queue.Put(reinterpret_cast<const byte*>(pubkeyPtr->get().buf()), pubkeyPtr->get().size());
62 publicKey.Load(queue);
63
64 RSASS<PKCS1v15, SHA256>::Verifier verifier (publicKey);
65 bool result = verifier.VerifyMessage(content, sizeof(content),
66 sigBlock.value(), sigBlock.value_size());
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]67
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame^]68 BOOST_CHECK_EQUAL(result, true);
69 }
70 catch(CryptoPP::Exception& e)
71 {
72 BOOST_CHECK(false);
73 }
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]74
75 tpm.deleteKeyPairInTpm(keyName);
76}
77
Yingdi Yu4b752752014-02-18 12:24:03 -0800[diff] [blame]78BOOST_AUTO_TEST_CASE (RandomGenerator)
79{
80 SecTpmOsx tpm;
81
82 size_t scale = 1000;
83 size_t size = 256 * scale;
84 uint8_t* block = new uint8_t[size];
85 tpm.generateRandomBlock(block, size);
86
87 map<uint8_t, int> counter;
88 for(size_t i = 0; i < size; i++)
89 counter[block[i]] += 1;
90
91 float dev = 0.0;
92 for(size_t i = 0; i != 255; i++)
93 dev += ((counter[i] - scale) * (counter[i] - scale)) * 1.0 / (scale * scale);
94
95 BOOST_CHECK_CLOSE(dev / 256, 0.001, 100);
96
97}
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]98
99BOOST_AUTO_TEST_CASE (ExportImportKey)
100{
101 using namespace CryptoPP;
102
103 SecTpmOsx tpm;
104
Yingdi Yube4150e2014-02-18 13:02:46 -0800[diff] [blame]105 Name keyName("/TestSecTpmOsx/ExportImportKey/ksk-" + boost::lexical_cast<string>(time::now()));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]106
107 BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, KEY_TYPE_RSA, 2048));
108
109 BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE) == true);
110 BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC) == true);
111
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame^]112 ConstBufferPtr exported;
113 BOOST_CHECK_NO_THROW(exported = tpm.exportPrivateKeyPkcs8FromTpm(keyName, "1234"));
114 shared_ptr<PublicKey> pubkeyPtr;
115 BOOST_REQUIRE_NO_THROW(pubkeyPtr = tpm.getPublicKeyFromTpm(keyName));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]116
117 tpm.deleteKeyPairInTpm(keyName);
118
119 BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE) == false);
120 BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC) == false);
121
Yingdi Yube4150e2014-02-18 13:02:46 -0800[diff] [blame]122 BOOST_REQUIRE(tpm.importPrivateKeyPkcs8IntoTpm(keyName, exported->buf(), exported->size(), "1234"));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]123
124 BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC) == true);
125 BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE) == true);
126
127 const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame^]128 Block sigBlock;
129 BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content), keyName, DIGEST_ALGORITHM_SHA256));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]130
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame^]131 try
132 {
133 using namespace CryptoPP;
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]134
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame^]135 RSA::PublicKey publicKey;
136 ByteQueue queue;
137 queue.Put(reinterpret_cast<const byte*>(pubkeyPtr->get().buf()), pubkeyPtr->get().size());
138 publicKey.Load(queue);
139
140 RSASS<PKCS1v15, SHA256>::Verifier verifier (publicKey);
141 bool result = verifier.VerifyMessage(content, sizeof(content),
142 sigBlock.value(), sigBlock.value_size());
143
144 BOOST_CHECK_EQUAL(result, true);
145 }
146 catch(CryptoPP::Exception& e)
147 {
148 BOOST_CHECK(false);
149 }
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]150
151 tpm.deleteKeyPairInTpm(keyName);
152 // This is some problem related to Mac OS Key chain, and we will fix it later.
153 // BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE) == false);
154 // BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC) == false);
155}
156
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]157BOOST_AUTO_TEST_SUITE_END()
Alexander Afanasyev0abb2da2014-01-30 18:07:57 -0800[diff] [blame]158
159} // namespace ndn