blob: 07c867cd3fd6793ee03fe39cff1bd21b68483f15 [file] [log] [blame]
Alexander Afanasyevc169a812014-05-20 20:37:29 -04001/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Yingdi Yu04020922014-01-22 12:46:53 -08002/**
Davide Pesavento41abef82016-08-08 07:41:59 +02003 * Copyright (c) 2013-2016 Regents of the University of California.
Alexander Afanasyevdfa52c42014-04-24 21:10:11 -07004 *
5 * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
Alexander Afanasyevdfa52c42014-04-24 21:10:11 -07006 *
Alexander Afanasyevc169a812014-05-20 20:37:29 -04007 * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8 * terms of the GNU Lesser General Public License as published by the Free Software
9 * Foundation, either version 3 of the License, or (at your option) any later version.
10 *
11 * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License and GNU Lesser
16 * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17 * <http://www.gnu.org/licenses/>.
18 *
19 * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
Yingdi Yu04020922014-01-22 12:46:53 -080020 */
21
Yingdi Yuf56c68f2014-04-24 21:50:13 -070022#include "security/sec-tpm-file.hpp"
Alexander Afanasyev09c613f2014-01-29 00:23:58 -080023#include "security/key-chain.hpp"
Junxiao Shi482ccc52014-03-31 13:05:24 -070024#include "security/cryptopp.hpp"
Yingdi Yu04020922014-01-22 12:46:53 -080025
Yingdi Yuf56c68f2014-04-24 21:50:13 -070026#include "util/time.hpp"
27
Yingdi Yu41546342014-11-30 23:37:53 -080028#include <boost/filesystem.hpp>
Alexander Afanasyev258ec2b2014-05-14 16:15:37 -070029#include <boost/lexical_cast.hpp>
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -070030#include "boost-test.hpp"
31
Alexander Afanasyev0abb2da2014-01-30 18:07:57 -080032namespace ndn {
Spyridon Mastorakis429634f2015-02-19 17:35:33 -080033namespace tests {
Yingdi Yu04020922014-01-22 12:46:53 -080034
Spyridon Mastorakis429634f2015-02-19 17:35:33 -080035BOOST_AUTO_TEST_SUITE(SecuritySecTpmFile)
Yingdi Yu04020922014-01-22 12:46:53 -080036
Yingdi Yu7036ce22014-06-19 18:53:37 -070037BOOST_AUTO_TEST_CASE(Delete)
Yingdi Yu28fd32f2014-01-28 19:03:03 -080038{
39 SecTpmFile tpm;
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -070040
Yingdi Yu5e96e002014-04-23 18:32:15 -070041 Name keyName("/TestSecTpmFile/Delete/ksk-" +
Yingdi Yu7036ce22014-06-19 18:53:37 -070042 boost::lexical_cast<std::string>(time::toUnixTimestamp(time::system_clock::now())));
43 RsaKeyParams params(2048);
44 BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, params));
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -070045
Yingdi Yu28fd32f2014-01-28 19:03:03 -080046 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), true);
47 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE), true);
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -070048
Yingdi Yu28fd32f2014-01-28 19:03:03 -080049 tpm.deleteKeyPairInTpm(keyName);
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -070050
Yingdi Yu28fd32f2014-01-28 19:03:03 -080051 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), false);
52 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE), false);
53}
54
Yingdi Yu7036ce22014-06-19 18:53:37 -070055BOOST_AUTO_TEST_CASE(SignVerify)
Yingdi Yu04020922014-01-22 12:46:53 -080056{
57 SecTpmFile tpm;
58
Yingdi Yu5e96e002014-04-23 18:32:15 -070059 Name keyName("/TestSecTpmFile/SignVerify/ksk-" +
Yingdi Yu7036ce22014-06-19 18:53:37 -070060 boost::lexical_cast<std::string>(time::toUnixTimestamp(time::system_clock::now())));
61 RsaKeyParams params(2048);
62 BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, params));
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -070063
Yingdi Yu04020922014-01-22 12:46:53 -080064 Data data("/tmp/test/1");
65 const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
66
Yingdi Yu2e57a582014-02-20 23:34:43 -080067 Block sigBlock;
Yingdi Yu5e96e002014-04-23 18:32:15 -070068 BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content),
69 keyName, DIGEST_ALGORITHM_SHA256));
Yingdi Yu7036ce22014-06-19 18:53:37 -070070 shared_ptr<PublicKey> publicKey;
71 BOOST_CHECK_NO_THROW(publicKey = tpm.getPublicKeyFromTpm(keyName));
Yingdi Yu04020922014-01-22 12:46:53 -080072
Yingdi Yu2e57a582014-02-20 23:34:43 -080073 try
74 {
75 using namespace CryptoPP;
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -070076
Yingdi Yu7036ce22014-06-19 18:53:37 -070077 RSA::PublicKey rsaPublicKey;
Yingdi Yu2e57a582014-02-20 23:34:43 -080078 ByteQueue queue;
Yingdi Yu7036ce22014-06-19 18:53:37 -070079 queue.Put(reinterpret_cast<const byte*>(publicKey->get().buf()), publicKey->get().size());
80 rsaPublicKey.Load(queue);
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -070081
Yingdi Yu7036ce22014-06-19 18:53:37 -070082 RSASS<PKCS1v15, SHA256>::Verifier verifier(rsaPublicKey);
Yingdi Yu2e57a582014-02-20 23:34:43 -080083 bool result = verifier.VerifyMessage(content, sizeof(content),
Yingdi Yu5e96e002014-04-23 18:32:15 -070084 sigBlock.value(), sigBlock.value_size());
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -070085
Yingdi Yu2e57a582014-02-20 23:34:43 -080086 BOOST_CHECK_EQUAL(result, true);
87 }
Yingdi Yu5e96e002014-04-23 18:32:15 -070088 catch (CryptoPP::Exception& e)
Yingdi Yu2e57a582014-02-20 23:34:43 -080089 {
90 BOOST_CHECK(false);
91 }
Yingdi Yu04020922014-01-22 12:46:53 -080092
Yingdi Yu28fd32f2014-01-28 19:03:03 -080093 tpm.deleteKeyPairInTpm(keyName);
Yingdi Yu04020922014-01-22 12:46:53 -080094}
95
Yingdi Yu7036ce22014-06-19 18:53:37 -070096BOOST_AUTO_TEST_CASE(RandomGenerator)
Yingdi Yu4b752752014-02-18 12:24:03 -080097{
98 SecTpmFile tpm;
99
Davide Pesavento41abef82016-08-08 07:41:59 +0200100 constexpr size_t scale = 1000;
101 constexpr size_t size = 256 * scale;
102 auto block = unique_ptr<uint8_t[]>{new uint8_t[size]};
103 tpm.generateRandomBlock(block.get(), size);
Yingdi Yu4b752752014-02-18 12:24:03 -0800104
Davide Pesavento41abef82016-08-08 07:41:59 +0200105 std::map<uint8_t, size_t> counter;
106 for (size_t i = 0; i < size; i++) {
107 counter[block[i]] += 1;
108 }
Yingdi Yu4b752752014-02-18 12:24:03 -0800109
Davide Pesavento41abef82016-08-08 07:41:59 +0200110 double dev = 0.0;
111 for (uint8_t i = 0; i < 255; i++) {
112 dev += static_cast<double>((counter[i] - scale) * (counter[i] - scale)) / (scale * scale);
113 }
114 dev /= 256;
Yingdi Yu4b752752014-02-18 12:24:03 -0800115
Davide Pesavento41abef82016-08-08 07:41:59 +0200116 BOOST_CHECK_CLOSE(dev, 0.001, 100);
Yingdi Yu4b752752014-02-18 12:24:03 -0800117}
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800118
Yingdi Yu7036ce22014-06-19 18:53:37 -0700119BOOST_AUTO_TEST_CASE(ImportExportKey)
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800120{
121 using namespace CryptoPP;
122
Yingdi Yu7036ce22014-06-19 18:53:37 -0700123 std::string imported =
124"MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIIJzwsbTIVqgCAggAMBQGCCqG"
125"SIb3DQMHBAiEsSKdgGkCEQSCBMjaYsEeHM/EPzGNDAPaSxE1ASKxjyNkXEVPQbtGx/ju1PlQ"
126"QakTCzPpia8ziVGihrVfuacHrxxbLh+ufNZtbVVsv9kGQL2g15BN2Nic8VqyTxplKrduFkEb"
127"eOipqu627gb6eTsrSj7kubXfs/w9OAdhRZFaEc7I/S6rcPUaDai4i3O03VuvuTOrzZL/unhD"
128"CDzOa3pr2aUQlO/5Pck6GbSYL1/4aW/fB7djZrZAjsGPTqIYpPa16oWlrzsILQ4650Zlvdn8"
129"feh6elTrA4qy6RljZfhIHxzGAeuGbVVLT7zavs01y+QE88sxPpeZ0RGtlVxCYp+xoB5hOO/x"
130"Xm3n0r+HVIaBV9rHLuUSUiHVAtzwuOj/XKh7YBNXeF58lcv8Npsx10etrPuV5hRQelYirKo1"
131"QbT+Aq7sLdWI09eGClDHjvRgw54lCFEUAVUFLxhBnzfVUfw/UiR2SheixH+c7cY3gOOvSMQh"
132"1oL9Omii4S6yhzfbD3hRN/wBKC0NgiIOLRR+Ti0mEEbTxYQrVcHC9rpRcnr1fFAiQvOXrOw0"
133"HyxsbnOeYpoURgLJmUyItPi09xUMCHwUPZ/sI6aG5eRqVUGgcYaQib7MBbGG/D2PlWaKZx1w"
134"iEYtYUI7rrc7Qc2ltp4i1u46ZLtSOxUi8kM7qK2Yp1AOtcWFlGn0XBXpGsHanZRzs8KzfDjQ"
135"OPmRIuFXFmuJweqUGmg6c8P3wHYueenB4oowYELYaDwmmV96obXMG5hbsKne5kcem875d6K+"
136"hL2QzjAl+na4tUZyXYXDdUO2lgTT8IItujBn6c+b8vDcZ24NcYyWPHHb16J4uvKi/6Zb245g"
137"/N0NC6hB43KE+2F0BH0eyXRzCnen6AjF8nvx/wgYrXsFlsU47P8gaL1e7V6QECkY4vIk6//b"
138"LINmpcgZoAv23fgjvYYTMfS/IyPsooS5DJarbHzbsgAWOuqP2ewYulrKqLi0vaUyoErRedQC"
139"8J5p9c4KF56++ameiwxbyKnDynHIIFCOM8eamLnDH4VvU9E2mtfZxmi8kWDWx/NhKEK9zbQv"
140"WuaGDpOysgPK4myTp2QGQNQDvBB92gMcrVTcY//3OGHSXeJrkUfDKLOUDyz7ROghEt1vpRTL"
141"j9Xdbm/01O/0MLBqyXDY119b1qAVVY7Y2CxRIRFdw2V76INWNIwPi46t/VUGwMBGmEux8S8+"
142"79Mv7UyGhKvSUr88pWCS1KdSz1HhN1VWjDvyXPyg96+SecpZMwXCdkUCLdLdD3/8rJLt7wS5"
143"3K5/1V4sacds8GHx7NckhQ/KV0VDlUEFuaOCS4Sd3XXetXs4IFSqtKH+Rn0jX7d8Igcw7X2b"
144"eaV1gxOVquDEwLDT5+wXURw96ahq0caL/4YfoBUQIOQ6HGtPTWJz1Yax0pGu9F30VEY/ObrK"
145"L/B6peJKfqhQGJ+MObqOiP6yHBZH75EImLAkksSVmREdNVjwWkz9D9vzPoAnmP8sQ3/NZarB"
146"Ak+ynQjc19t+CCecPrS2Tlh0cJZkHRiGFF7J5a3ci7yBvg3HfD86AXMRBQuSG1UG8TrzC6BK"
147"+qIQ8DWecQwBMZ3nv/Flo2Fejd/G4/wWe6ObMytC5SB8pJNOq9ri0Ff6Zh3rPrwaSv1PPgFJ"
148"GOw=";
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800149
Yingdi Yu7036ce22014-06-19 18:53:37 -0700150 std::string decoded;
Yingdi Yu5e96e002014-04-23 18:32:15 -0700151 BOOST_CHECK_NO_THROW(StringSource source(imported,
152 true,
Yingdi Yu7036ce22014-06-19 18:53:37 -0700153 new Base64Decoder(new StringSink(decoded))));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800154
155 SecTpmFile tpm;
156
Yingdi Yu5e96e002014-04-23 18:32:15 -0700157 Name keyName("/TestSecTpmFile/ImportKey/ksk-" +
Yingdi Yu7036ce22014-06-19 18:53:37 -0700158 boost::lexical_cast<std::string>(time::toUnixTimestamp(time::system_clock::now())));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800159
Yingdi Yu7036ce22014-06-19 18:53:37 -0700160 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE), false);
161 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), false);
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700162
Yingdi Yu5e96e002014-04-23 18:32:15 -0700163 BOOST_REQUIRE_NO_THROW(
164 tpm.importPrivateKeyPkcs5IntoTpm(keyName,
165 reinterpret_cast<const uint8_t*>(decoded.c_str()),
166 decoded.size(),
167 "1234"));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800168
Yingdi Yu7036ce22014-06-19 18:53:37 -0700169 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE), true);
170 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), true);
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800171
Yingdi Yu7036ce22014-06-19 18:53:37 -0700172 shared_ptr<PublicKey> publicKey;
173 BOOST_CHECK_NO_THROW(publicKey = tpm.getPublicKeyFromTpm(keyName));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800174
175 const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
Yingdi Yu2e57a582014-02-20 23:34:43 -0800176 Block sigBlock;
Yingdi Yu5e96e002014-04-23 18:32:15 -0700177 BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content),
178 keyName, DIGEST_ALGORITHM_SHA256));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800179
Yingdi Yu2e57a582014-02-20 23:34:43 -0800180 try
181 {
182 using namespace CryptoPP;
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700183
Yingdi Yu7036ce22014-06-19 18:53:37 -0700184 RSA::PublicKey rsaPublicKey;
Yingdi Yu2e57a582014-02-20 23:34:43 -0800185 ByteQueue queue;
Yingdi Yu7036ce22014-06-19 18:53:37 -0700186 queue.Put(reinterpret_cast<const byte*>(publicKey->get().buf()), publicKey->get().size());
187 rsaPublicKey.Load(queue);
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700188
Yingdi Yu7036ce22014-06-19 18:53:37 -0700189 RSASS<PKCS1v15, SHA256>::Verifier verifier(rsaPublicKey);
190 bool isVerified = verifier.VerifyMessage(content, sizeof(content),
191 sigBlock.value(), sigBlock.value_size());
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700192
Yingdi Yu7036ce22014-06-19 18:53:37 -0700193 BOOST_CHECK_EQUAL(isVerified, true);
Yingdi Yu2e57a582014-02-20 23:34:43 -0800194 }
Yingdi Yu5e96e002014-04-23 18:32:15 -0700195 catch (CryptoPP::Exception& e)
Yingdi Yu2e57a582014-02-20 23:34:43 -0800196 {
197 BOOST_CHECK(false);
198 }
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800199
Yingdi Yu2e57a582014-02-20 23:34:43 -0800200 ConstBufferPtr exported;
Yingdi Yu5e96e002014-04-23 18:32:15 -0700201 BOOST_CHECK_NO_THROW(exported = tpm.exportPrivateKeyPkcs5FromTpm(keyName, "5678"));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800202
203 tpm.deleteKeyPairInTpm(keyName);
204
Yingdi Yu7036ce22014-06-19 18:53:37 -0700205 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE), false);
206 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), false);
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800207
Yingdi Yu5e96e002014-04-23 18:32:15 -0700208 BOOST_REQUIRE(tpm.importPrivateKeyPkcs5IntoTpm(keyName, exported->buf(), exported->size(),
209 "5678"));
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700210
Yingdi Yu7036ce22014-06-19 18:53:37 -0700211 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE), true);
212 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), true);
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700213
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800214 const uint8_t content2[] = {0x05, 0x06, 0x07, 0x08};
Yingdi Yu2e57a582014-02-20 23:34:43 -0800215 Block sigBlock2;
Yingdi Yu5e96e002014-04-23 18:32:15 -0700216 BOOST_CHECK_NO_THROW(sigBlock2 = tpm.signInTpm(content2, sizeof(content2),
217 keyName, DIGEST_ALGORITHM_SHA256));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800218
Yingdi Yu2e57a582014-02-20 23:34:43 -0800219 try
220 {
221 using namespace CryptoPP;
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700222
Yingdi Yu7036ce22014-06-19 18:53:37 -0700223 RSA::PublicKey rsaPublicKey;
Yingdi Yu2e57a582014-02-20 23:34:43 -0800224 ByteQueue queue;
Yingdi Yu7036ce22014-06-19 18:53:37 -0700225 queue.Put(reinterpret_cast<const byte*>(publicKey->get().buf()), publicKey->get().size());
226 rsaPublicKey.Load(queue);
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800227
Yingdi Yu7036ce22014-06-19 18:53:37 -0700228 RSASS<PKCS1v15, SHA256>::Verifier verifier(rsaPublicKey);
229 bool isVerified = verifier.VerifyMessage(content2, sizeof(content2),
230 sigBlock2.value(), sigBlock2.value_size());
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700231
Yingdi Yu7036ce22014-06-19 18:53:37 -0700232 BOOST_CHECK_EQUAL(isVerified, true);
Yingdi Yu2e57a582014-02-20 23:34:43 -0800233 }
Yingdi Yu5e96e002014-04-23 18:32:15 -0700234 catch (CryptoPP::Exception& e)
Yingdi Yu2e57a582014-02-20 23:34:43 -0800235 {
236 BOOST_CHECK(false);
237 }
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700238
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800239 tpm.deleteKeyPairInTpm(keyName);
240
Yingdi Yu7036ce22014-06-19 18:53:37 -0700241 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE), false);
242 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), false);
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800243}
244
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700245BOOST_AUTO_TEST_CASE(EcdsaSigning)
246{
247 SecTpmFile tpm;
248
249 Name keyName("/TestSecTpmFile/EcdsaSigning/ksk-" +
250 boost::lexical_cast<std::string>(time::toUnixTimestamp(time::system_clock::now())));
251 EcdsaKeyParams params;
252 BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, params));
253
254 Data data("/TestSecTpmFile/EcdsaSigning/Data/1");
255 const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
256
257 Block sigBlock;
258 BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content),
259 keyName, DIGEST_ALGORITHM_SHA256));
260
261 shared_ptr<PublicKey> pubkeyPtr;
262 BOOST_CHECK_NO_THROW(pubkeyPtr = tpm.getPublicKeyFromTpm(keyName));
263
264 try
265 {
266 using namespace CryptoPP;
267
268 ECDSA<ECP, SHA256>::PublicKey publicKey;
269 ByteQueue queue;
270 queue.Put(reinterpret_cast<const byte*>(pubkeyPtr->get().buf()), pubkeyPtr->get().size());
271 publicKey.Load(queue);
272
273 uint8_t buffer[64];
274 size_t usedSize = DSAConvertSignatureFormat(buffer, 64, DSA_P1363,
275 sigBlock.value(), sigBlock.value_size(), DSA_DER);
276
277 ECDSA<ECP, SHA256>::Verifier verifier(publicKey);
278 bool result = verifier.VerifyMessage(content, sizeof(content),
279 buffer, usedSize);
280
281 BOOST_CHECK_EQUAL(result, true);
282 }
283 catch (CryptoPP::Exception& e)
284 {
285 BOOST_CHECK(false);
286 }
287
288 tpm.deleteKeyPairInTpm(keyName);
289}
290
Yingdi Yu9d9d5992014-06-25 12:25:16 -0700291
292BOOST_AUTO_TEST_CASE(ImportExportEcdsaKey)
293{
294 using namespace CryptoPP;
295
296 std::string imported =
297 "MIGMMEAGCSqGSIb3DQEFDTAzMBsGCSqGSIb3DQEFDDAOBAhqkJiLfzFWtQICCAAw"
298 "FAYIKoZIhvcNAwcECJ1HLtP8OZC6BEgNv9OH2mZdbkxvqTVlRBkUqPbbP3580OG6"
299 "f0htqWSRppcb4IEKYfuPt2qPCYKL2GcAN2pU3eJqhiM7LFTSFaxgBRFozzIwusk=";
300
301 std::string decoded;
302 BOOST_CHECK_NO_THROW(StringSource source(imported,
303 true,
304 new Base64Decoder(new StringSink(decoded))));
305
306 SecTpmFile tpm;
307
308 Name keyName("/TestSecTpmFile/ImportExportEcdsaKey/ksk-" +
309 boost::lexical_cast<std::string>(time::toUnixTimestamp(time::system_clock::now())));
310
311 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE), false);
312 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), false);
313
314 BOOST_REQUIRE_NO_THROW(
315 tpm.importPrivateKeyPkcs5IntoTpm(keyName,
316 reinterpret_cast<const uint8_t*>(decoded.c_str()),
317 decoded.size(),
318 "5678"));
319
320 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE), true);
321 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), true);
322
323 shared_ptr<PublicKey> publicKey;
324 BOOST_CHECK_NO_THROW(publicKey = tpm.getPublicKeyFromTpm(keyName));
325
326 const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
327 Block sigBlock;
328 BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content),
329 keyName, DIGEST_ALGORITHM_SHA256));
330
331 try
332 {
333 using namespace CryptoPP;
334
335 ECDSA<ECP, SHA256>::PublicKey ecdsaPublicKey;
336 ByteQueue queue;
337 queue.Put(reinterpret_cast<const byte*>(publicKey->get().buf()), publicKey->get().size());
338 ecdsaPublicKey.Load(queue);
339
340 uint8_t buffer[64];
341 size_t usedSize = DSAConvertSignatureFormat(buffer, 64, DSA_P1363,
342 sigBlock.value(), sigBlock.value_size(), DSA_DER);
343
344 ECDSA<ECP, SHA256>::Verifier verifier(ecdsaPublicKey);
345 bool isVerified = verifier.VerifyMessage(content, sizeof(content),
346 buffer, usedSize);
347
348 BOOST_CHECK_EQUAL(isVerified, true);
349 }
350 catch (CryptoPP::Exception& e)
351 {
352 BOOST_CHECK(false);
353 }
354
355 ConstBufferPtr exported;
356 BOOST_CHECK_NO_THROW(exported = tpm.exportPrivateKeyPkcs5FromTpm(keyName, "1234"));
357
358 tpm.deleteKeyPairInTpm(keyName);
359
360 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE), false);
361 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), false);
362
363 BOOST_REQUIRE(tpm.importPrivateKeyPkcs5IntoTpm(keyName, exported->buf(), exported->size(),
364 "1234"));
365
366 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE), true);
367 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), true);
368
369 const uint8_t content2[] = {0x05, 0x06, 0x07, 0x08};
370 Block sigBlock2;
371 BOOST_CHECK_NO_THROW(sigBlock2 = tpm.signInTpm(content2, sizeof(content2),
372 keyName, DIGEST_ALGORITHM_SHA256));
373
374 try
375 {
376 using namespace CryptoPP;
377
378 ECDSA<ECP, SHA256>::PublicKey ecdsaPublicKey;
379 ByteQueue queue;
380 queue.Put(reinterpret_cast<const byte*>(publicKey->get().buf()), publicKey->get().size());
381 ecdsaPublicKey.Load(queue);
382
383 uint8_t buffer[64];
384 size_t usedSize = DSAConvertSignatureFormat(buffer, 64, DSA_P1363,
385 sigBlock2.value(), sigBlock2.value_size(),
386 DSA_DER);
387
388 ECDSA<ECP, SHA256>::Verifier verifier(ecdsaPublicKey);
389 bool isVerified = verifier.VerifyMessage(content2, sizeof(content2),
390 buffer, usedSize);
391
392 BOOST_CHECK_EQUAL(isVerified, true);
393
394 }
395 catch (CryptoPP::Exception& e)
396 {
397 BOOST_CHECK(false);
398 }
399
400 tpm.deleteKeyPairInTpm(keyName);
401
402 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE), false);
403 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), false);
404}
405
Yingdi Yu04020922014-01-22 12:46:53 -0800406BOOST_AUTO_TEST_SUITE_END()
Alexander Afanasyev0abb2da2014-01-30 18:07:57 -0800407
Spyridon Mastorakis429634f2015-02-19 17:35:33 -0800408} // namespace tests
Alexander Afanasyev0abb2da2014-01-30 18:07:57 -0800409} // namespace ndn