Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / 5e96e00d242d9e0828fd982e73b99f0c350e34ee / . / tests / security / test-sec-tpm-osx.cpp
blob: eb4361a90bd897cfd250dad1dbd97541c920a172 [file] [log] [blame]
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]1/**
2 * Copyright (C) 2013 Regents of the University of California.
3 * @author: Yingdi Yu <yingdi0@cs.ucla.edu>
4 * See COPYING for copyright and distribution information.
5 */
6
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]7#include "security/key-chain.hpp"
Yingdi Yube4150e2014-02-18 13:02:46 -0800[diff] [blame]8#include "util/time.hpp"
Junxiao Shi482ccc52014-03-31 13:05:24 -0700[diff] [blame]9#include "security/cryptopp.hpp"
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]10
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]11#include "boost-test.hpp"
12
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]13using namespace std;
Alexander Afanasyev0abb2da2014-01-30 18:07:57 -0800[diff] [blame]14namespace ndn {
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]15
Alexander Afanasyevd1b5c412014-03-27 15:03:51 -0700[diff] [blame]16BOOST_AUTO_TEST_SUITE(SecurityTestSecTpmOsx)
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]17
18BOOST_AUTO_TEST_CASE (Delete)
19{
20 SecTpmOsx tpm;
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]21
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame^]22 Name keyName("/TestSecTpmOsx/Delete/ksk-" +
23 boost::lexical_cast<string>(
24 time::toUnixTimestamp(time::system_clock::now()).count()));
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]25 BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, KEY_TYPE_RSA, 2048));
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]26
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]27 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), true);
28 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE), true);
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]29
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]30 tpm.deleteKeyPairInTpm(keyName);
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]31
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]32 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), false);
33 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE), false);
34}
35
36BOOST_AUTO_TEST_CASE (SignVerify)
37{
38 SecTpmOsx tpm;
39
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame^]40 Name keyName("/TestSecTpmOsx/SignVerify/ksk-" +
41 boost::lexical_cast<string>(
42 time::toUnixTimestamp(time::system_clock::now()).count()));
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]43 BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, KEY_TYPE_RSA, 2048));
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]44
Yingdi Yube4150e2014-02-18 13:02:46 -0800[diff] [blame]45 Data data("/TestSecTpmOsx/SignVaerify/Data/1");
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]46 const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
47
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]48 Block sigBlock;
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame^]49 BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content),
50 keyName, DIGEST_ALGORITHM_SHA256));
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]51
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]52 shared_ptr<PublicKey> pubkeyPtr;
53 BOOST_CHECK_NO_THROW(pubkeyPtr = tpm.getPublicKeyFromTpm(keyName));
54 try
55 {
56 using namespace CryptoPP;
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]57
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]58 RSA::PublicKey publicKey;
59 ByteQueue queue;
60 queue.Put(reinterpret_cast<const byte*>(pubkeyPtr->get().buf()), pubkeyPtr->get().size());
61 publicKey.Load(queue);
62
63 RSASS<PKCS1v15, SHA256>::Verifier verifier (publicKey);
64 bool result = verifier.VerifyMessage(content, sizeof(content),
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame^]65 sigBlock.value(), sigBlock.value_size());
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]66
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]67 BOOST_CHECK_EQUAL(result, true);
68 }
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame^]69 catch (CryptoPP::Exception& e)
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]70 {
71 BOOST_CHECK(false);
72 }
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]73
74 tpm.deleteKeyPairInTpm(keyName);
75}
76
Yingdi Yu4b752752014-02-18 12:24:03 -0800[diff] [blame]77BOOST_AUTO_TEST_CASE (RandomGenerator)
78{
79 SecTpmOsx tpm;
80
81 size_t scale = 1000;
82 size_t size = 256 * scale;
83 uint8_t* block = new uint8_t[size];
84 tpm.generateRandomBlock(block, size);
85
86 map<uint8_t, int> counter;
87 for(size_t i = 0; i < size; i++)
88 counter[block[i]] += 1;
89
90 float dev = 0.0;
91 for(size_t i = 0; i != 255; i++)
92 dev += ((counter[i] - scale) * (counter[i] - scale)) * 1.0 / (scale * scale);
93
94 BOOST_CHECK_CLOSE(dev / 256, 0.001, 100);
95
96}
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]97
98BOOST_AUTO_TEST_CASE (ExportImportKey)
99{
100 using namespace CryptoPP;
101
102 SecTpmOsx tpm;
103
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame^]104 Name keyName("/TestSecTpmOsx/ExportImportKey/ksk-" +
105 boost::lexical_cast<string>(
106 time::toUnixTimestamp(time::system_clock::now()).count()));
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]107
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]108 BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, KEY_TYPE_RSA, 2048));
109
110 BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE) == true);
111 BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC) == true);
112
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]113 ConstBufferPtr exported;
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame^]114 BOOST_CHECK_NO_THROW(exported = tpm.exportPrivateKeyPkcs5FromTpm(keyName, "1234"));
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]115 shared_ptr<PublicKey> pubkeyPtr;
116 BOOST_REQUIRE_NO_THROW(pubkeyPtr = tpm.getPublicKeyFromTpm(keyName));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]117
118 tpm.deleteKeyPairInTpm(keyName);
119
120 BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE) == false);
121 BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC) == false);
122
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame^]123 BOOST_REQUIRE(tpm.importPrivateKeyPkcs5IntoTpm(keyName,
124 exported->buf(), exported->size(),
125 "1234"));
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]126
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]127 BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC) == true);
128 BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE) == true);
129
130 const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]131 Block sigBlock;
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame^]132 BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content),
133 keyName, DIGEST_ALGORITHM_SHA256));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]134
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]135 try
136 {
137 using namespace CryptoPP;
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]138
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]139 RSA::PublicKey publicKey;
140 ByteQueue queue;
141 queue.Put(reinterpret_cast<const byte*>(pubkeyPtr->get().buf()), pubkeyPtr->get().size());
142 publicKey.Load(queue);
143
144 RSASS<PKCS1v15, SHA256>::Verifier verifier (publicKey);
145 bool result = verifier.VerifyMessage(content, sizeof(content),
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame^]146 sigBlock.value(), sigBlock.value_size());
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]147
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]148 BOOST_CHECK_EQUAL(result, true);
149 }
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame^]150 catch (CryptoPP::Exception& e)
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]151 {
152 BOOST_CHECK(false);
153 }
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]154
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]155 tpm.deleteKeyPairInTpm(keyName);
156 // This is some problem related to Mac OS Key chain, and we will fix it later.
157 // BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE) == false);
158 // BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC) == false);
159}
160
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]161BOOST_AUTO_TEST_SUITE_END()
Alexander Afanasyev0abb2da2014-01-30 18:07:57 -0800[diff] [blame]162
163} // namespace ndn