Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / 83eb1cc88e8e3eb5cabf858419f2a3ad841819dc / . / tests / unit-tests / security / sec-tpm-file.t.cpp
blob: 68671e8524da0e918faf602689a89c24ea5c89f5 [file] [log] [blame]
Alexander Afanasyevc169a812014-05-20 20:37:29 -0400[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Yingdi Yu04020922014-01-22 12:46:53 -0800[diff] [blame]2/**
Davide Pesavento41abef82016-08-08 07:41:59 +0200[diff] [blame]3 * Copyright (c) 2013-2016 Regents of the University of California.
Alexander Afanasyevdfa52c42014-04-24 21:10:11 -0700[diff] [blame]4 *
5 * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
Alexander Afanasyevdfa52c42014-04-24 21:10:11 -0700[diff] [blame]6 *
Alexander Afanasyevc169a812014-05-20 20:37:29 -0400[diff] [blame]7 * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8 * terms of the GNU Lesser General Public License as published by the Free Software
9 * Foundation, either version 3 of the License, or (at your option) any later version.
10 *
11 * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License and GNU Lesser
16 * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17 * <http://www.gnu.org/licenses/>.
18 *
19 * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
Yingdi Yu04020922014-01-22 12:46:53 -0800[diff] [blame]20 */
21
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]22#include "security/sec-tpm-file.hpp"
Alexander Afanasyev09c613f2014-01-29 00:23:58 -0800[diff] [blame]23#include "security/key-chain.hpp"
Alexander Afanasyev2fa59392016-07-29 17:24:23 -0700[diff] [blame]24#include "security/v1/cryptopp.hpp"
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]25#include "util/time.hpp"
26
Davide Pesaventoeee3e822016-11-26 19:19:34 +0100[diff] [blame]27#include "boost-test.hpp"
28
Yingdi Yu41546342014-11-30 23:37:53 -0800[diff] [blame]29#include <boost/filesystem.hpp>
Alexander Afanasyev258ec2b2014-05-14 16:15:37 -0700[diff] [blame]30#include <boost/lexical_cast.hpp>
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]31
Alexander Afanasyev0abb2da2014-01-30 18:07:57 -0800[diff] [blame]32namespace ndn {
Alexander Afanasyev2fa59392016-07-29 17:24:23 -0700[diff] [blame]33namespace security {
Spyridon Mastorakis429634f2015-02-19 17:35:33 -0800[diff] [blame]34namespace tests {
Yingdi Yu04020922014-01-22 12:46:53 -0800[diff] [blame]35
Davide Pesaventoeee3e822016-11-26 19:19:34 +0100[diff] [blame]36BOOST_AUTO_TEST_SUITE(Security)
37BOOST_AUTO_TEST_SUITE(TestSecTpmFile)
Yingdi Yu04020922014-01-22 12:46:53 -0800[diff] [blame]38
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]39BOOST_AUTO_TEST_CASE(Delete)
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]40{
41 SecTpmFile tpm;
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]42
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]43 Name keyName("/TestSecTpmFile/Delete/ksk-" +
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]44 boost::lexical_cast<std::string>(time::toUnixTimestamp(time::system_clock::now())));
45 RsaKeyParams params(2048);
46 BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, params));
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]47
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]48 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), true);
49 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), true);
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]50
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]51 tpm.deleteKeyPairInTpm(keyName);
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]52
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]53 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), false);
54 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), false);
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]55}
56
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]57BOOST_AUTO_TEST_CASE(SignVerify)
Yingdi Yu04020922014-01-22 12:46:53 -0800[diff] [blame]58{
59 SecTpmFile tpm;
60
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]61 Name keyName("/TestSecTpmFile/SignVerify/ksk-" +
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]62 boost::lexical_cast<std::string>(time::toUnixTimestamp(time::system_clock::now())));
63 RsaKeyParams params(2048);
64 BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, params));
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]65
Yingdi Yu04020922014-01-22 12:46:53 -0800[diff] [blame]66 Data data("/tmp/test/1");
67 const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
68
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]69 Block sigBlock;
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]70 BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content),
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]71 keyName, DigestAlgorithm::SHA256));
Alexander Afanasyev2fa59392016-07-29 17:24:23 -0700[diff] [blame]72 shared_ptr<v1::PublicKey> publicKey;
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]73 BOOST_CHECK_NO_THROW(publicKey = tpm.getPublicKeyFromTpm(keyName));
Yingdi Yu04020922014-01-22 12:46:53 -0800[diff] [blame]74
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]75 try
76 {
77 using namespace CryptoPP;
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]78
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]79 RSA::PublicKey rsaPublicKey;
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]80 ByteQueue queue;
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]81 queue.Put(reinterpret_cast<const byte*>(publicKey->get().buf()), publicKey->get().size());
82 rsaPublicKey.Load(queue);
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]83
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]84 RSASS<PKCS1v15, SHA256>::Verifier verifier(rsaPublicKey);
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]85 bool result = verifier.VerifyMessage(content, sizeof(content),
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]86 sigBlock.value(), sigBlock.value_size());
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]87
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]88 BOOST_CHECK_EQUAL(result, true);
89 }
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]90 catch (CryptoPP::Exception& e)
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]91 {
92 BOOST_CHECK(false);
93 }
Yingdi Yu04020922014-01-22 12:46:53 -0800[diff] [blame]94
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]95 tpm.deleteKeyPairInTpm(keyName);
Yingdi Yu04020922014-01-22 12:46:53 -0800[diff] [blame]96}
97
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]98BOOST_AUTO_TEST_CASE(RandomGenerator)
Yingdi Yu4b752752014-02-18 12:24:03 -0800[diff] [blame]99{
100 SecTpmFile tpm;
101
Davide Pesavento41abef82016-08-08 07:41:59 +0200[diff] [blame]102 constexpr size_t scale = 1000;
103 constexpr size_t size = 256 * scale;
104 auto block = unique_ptr<uint8_t[]>{new uint8_t[size]};
105 tpm.generateRandomBlock(block.get(), size);
Yingdi Yu4b752752014-02-18 12:24:03 -0800[diff] [blame]106
Davide Pesavento41abef82016-08-08 07:41:59 +0200[diff] [blame]107 std::map<uint8_t, size_t> counter;
108 for (size_t i = 0; i < size; i++) {
109 counter[block[i]] += 1;
110 }
Yingdi Yu4b752752014-02-18 12:24:03 -0800[diff] [blame]111
Davide Pesavento41abef82016-08-08 07:41:59 +0200[diff] [blame]112 double dev = 0.0;
113 for (uint8_t i = 0; i < 255; i++) {
114 dev += static_cast<double>((counter[i] - scale) * (counter[i] - scale)) / (scale * scale);
115 }
116 dev /= 256;
Yingdi Yu4b752752014-02-18 12:24:03 -0800[diff] [blame]117
Davide Pesavento41abef82016-08-08 07:41:59 +0200[diff] [blame]118 BOOST_CHECK_CLOSE(dev, 0.001, 100);
Yingdi Yu4b752752014-02-18 12:24:03 -0800[diff] [blame]119}
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]120
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]121BOOST_AUTO_TEST_CASE(ImportExportKey)
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]122{
123 using namespace CryptoPP;
124
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]125 std::string imported =
126"MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIIJzwsbTIVqgCAggAMBQGCCqG"
127"SIb3DQMHBAiEsSKdgGkCEQSCBMjaYsEeHM/EPzGNDAPaSxE1ASKxjyNkXEVPQbtGx/ju1PlQ"
128"QakTCzPpia8ziVGihrVfuacHrxxbLh+ufNZtbVVsv9kGQL2g15BN2Nic8VqyTxplKrduFkEb"
129"eOipqu627gb6eTsrSj7kubXfs/w9OAdhRZFaEc7I/S6rcPUaDai4i3O03VuvuTOrzZL/unhD"
130"CDzOa3pr2aUQlO/5Pck6GbSYL1/4aW/fB7djZrZAjsGPTqIYpPa16oWlrzsILQ4650Zlvdn8"
131"feh6elTrA4qy6RljZfhIHxzGAeuGbVVLT7zavs01y+QE88sxPpeZ0RGtlVxCYp+xoB5hOO/x"
132"Xm3n0r+HVIaBV9rHLuUSUiHVAtzwuOj/XKh7YBNXeF58lcv8Npsx10etrPuV5hRQelYirKo1"
133"QbT+Aq7sLdWI09eGClDHjvRgw54lCFEUAVUFLxhBnzfVUfw/UiR2SheixH+c7cY3gOOvSMQh"
134"1oL9Omii4S6yhzfbD3hRN/wBKC0NgiIOLRR+Ti0mEEbTxYQrVcHC9rpRcnr1fFAiQvOXrOw0"
135"HyxsbnOeYpoURgLJmUyItPi09xUMCHwUPZ/sI6aG5eRqVUGgcYaQib7MBbGG/D2PlWaKZx1w"
136"iEYtYUI7rrc7Qc2ltp4i1u46ZLtSOxUi8kM7qK2Yp1AOtcWFlGn0XBXpGsHanZRzs8KzfDjQ"
137"OPmRIuFXFmuJweqUGmg6c8P3wHYueenB4oowYELYaDwmmV96obXMG5hbsKne5kcem875d6K+"
138"hL2QzjAl+na4tUZyXYXDdUO2lgTT8IItujBn6c+b8vDcZ24NcYyWPHHb16J4uvKi/6Zb245g"
139"/N0NC6hB43KE+2F0BH0eyXRzCnen6AjF8nvx/wgYrXsFlsU47P8gaL1e7V6QECkY4vIk6//b"
140"LINmpcgZoAv23fgjvYYTMfS/IyPsooS5DJarbHzbsgAWOuqP2ewYulrKqLi0vaUyoErRedQC"
141"8J5p9c4KF56++ameiwxbyKnDynHIIFCOM8eamLnDH4VvU9E2mtfZxmi8kWDWx/NhKEK9zbQv"
142"WuaGDpOysgPK4myTp2QGQNQDvBB92gMcrVTcY//3OGHSXeJrkUfDKLOUDyz7ROghEt1vpRTL"
143"j9Xdbm/01O/0MLBqyXDY119b1qAVVY7Y2CxRIRFdw2V76INWNIwPi46t/VUGwMBGmEux8S8+"
144"79Mv7UyGhKvSUr88pWCS1KdSz1HhN1VWjDvyXPyg96+SecpZMwXCdkUCLdLdD3/8rJLt7wS5"
145"3K5/1V4sacds8GHx7NckhQ/KV0VDlUEFuaOCS4Sd3XXetXs4IFSqtKH+Rn0jX7d8Igcw7X2b"
146"eaV1gxOVquDEwLDT5+wXURw96ahq0caL/4YfoBUQIOQ6HGtPTWJz1Yax0pGu9F30VEY/ObrK"
147"L/B6peJKfqhQGJ+MObqOiP6yHBZH75EImLAkksSVmREdNVjwWkz9D9vzPoAnmP8sQ3/NZarB"
148"Ak+ynQjc19t+CCecPrS2Tlh0cJZkHRiGFF7J5a3ci7yBvg3HfD86AXMRBQuSG1UG8TrzC6BK"
149"+qIQ8DWecQwBMZ3nv/Flo2Fejd/G4/wWe6ObMytC5SB8pJNOq9ri0Ff6Zh3rPrwaSv1PPgFJ"
150"GOw=";
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]151
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]152 std::string decoded;
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]153 BOOST_CHECK_NO_THROW(StringSource source(imported,
154 true,
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]155 new Base64Decoder(new StringSink(decoded))));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]156
157 SecTpmFile tpm;
158
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]159 Name keyName("/TestSecTpmFile/ImportKey/ksk-" +
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]160 boost::lexical_cast<std::string>(time::toUnixTimestamp(time::system_clock::now())));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]161
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]162 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), false);
163 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), false);
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]164
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]165 BOOST_REQUIRE_NO_THROW(
166 tpm.importPrivateKeyPkcs5IntoTpm(keyName,
167 reinterpret_cast<const uint8_t*>(decoded.c_str()),
168 decoded.size(),
169 "1234"));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]170
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]171 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), true);
172 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), true);
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]173
Alexander Afanasyev2fa59392016-07-29 17:24:23 -0700[diff] [blame]174 shared_ptr<v1::PublicKey> publicKey;
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]175 BOOST_CHECK_NO_THROW(publicKey = tpm.getPublicKeyFromTpm(keyName));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]176
177 const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]178 Block sigBlock;
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]179 BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content),
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]180 keyName, DigestAlgorithm::SHA256));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]181
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]182 try
183 {
184 using namespace CryptoPP;
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]185
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]186 RSA::PublicKey rsaPublicKey;
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]187 ByteQueue queue;
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]188 queue.Put(reinterpret_cast<const byte*>(publicKey->get().buf()), publicKey->get().size());
189 rsaPublicKey.Load(queue);
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]190
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]191 RSASS<PKCS1v15, SHA256>::Verifier verifier(rsaPublicKey);
192 bool isVerified = verifier.VerifyMessage(content, sizeof(content),
193 sigBlock.value(), sigBlock.value_size());
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]194
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]195 BOOST_CHECK_EQUAL(isVerified, true);
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]196 }
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]197 catch (CryptoPP::Exception& e)
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]198 {
199 BOOST_CHECK(false);
200 }
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]201
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]202 ConstBufferPtr exported;
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]203 BOOST_CHECK_NO_THROW(exported = tpm.exportPrivateKeyPkcs5FromTpm(keyName, "5678"));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]204
205 tpm.deleteKeyPairInTpm(keyName);
206
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]207 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), false);
208 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), false);
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]209
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]210 BOOST_REQUIRE(tpm.importPrivateKeyPkcs5IntoTpm(keyName, exported->buf(), exported->size(),
211 "5678"));
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]212
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]213 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), true);
214 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), true);
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]215
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]216 const uint8_t content2[] = {0x05, 0x06, 0x07, 0x08};
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]217 Block sigBlock2;
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]218 BOOST_CHECK_NO_THROW(sigBlock2 = tpm.signInTpm(content2, sizeof(content2),
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]219 keyName, DigestAlgorithm::SHA256));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]220
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]221 try
222 {
223 using namespace CryptoPP;
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]224
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]225 RSA::PublicKey rsaPublicKey;
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]226 ByteQueue queue;
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]227 queue.Put(reinterpret_cast<const byte*>(publicKey->get().buf()), publicKey->get().size());
228 rsaPublicKey.Load(queue);
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]229
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]230 RSASS<PKCS1v15, SHA256>::Verifier verifier(rsaPublicKey);
231 bool isVerified = verifier.VerifyMessage(content2, sizeof(content2),
232 sigBlock2.value(), sigBlock2.value_size());
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]233
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]234 BOOST_CHECK_EQUAL(isVerified, true);
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]235 }
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]236 catch (CryptoPP::Exception& e)
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]237 {
238 BOOST_CHECK(false);
239 }
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]240
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]241 tpm.deleteKeyPairInTpm(keyName);
242
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]243 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), false);
244 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), false);
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]245}
246
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]247BOOST_AUTO_TEST_CASE(EcdsaSigning)
248{
249 SecTpmFile tpm;
250
251 Name keyName("/TestSecTpmFile/EcdsaSigning/ksk-" +
252 boost::lexical_cast<std::string>(time::toUnixTimestamp(time::system_clock::now())));
253 EcdsaKeyParams params;
254 BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, params));
255
256 Data data("/TestSecTpmFile/EcdsaSigning/Data/1");
257 const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
258
259 Block sigBlock;
260 BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content),
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]261 keyName, DigestAlgorithm::SHA256));
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]262
Alexander Afanasyev2fa59392016-07-29 17:24:23 -0700[diff] [blame]263 shared_ptr<v1::PublicKey> pubkeyPtr;
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]264 BOOST_CHECK_NO_THROW(pubkeyPtr = tpm.getPublicKeyFromTpm(keyName));
265
266 try
267 {
268 using namespace CryptoPP;
269
270 ECDSA<ECP, SHA256>::PublicKey publicKey;
271 ByteQueue queue;
272 queue.Put(reinterpret_cast<const byte*>(pubkeyPtr->get().buf()), pubkeyPtr->get().size());
273 publicKey.Load(queue);
274
275 uint8_t buffer[64];
276 size_t usedSize = DSAConvertSignatureFormat(buffer, 64, DSA_P1363,
277 sigBlock.value(), sigBlock.value_size(), DSA_DER);
278
279 ECDSA<ECP, SHA256>::Verifier verifier(publicKey);
280 bool result = verifier.VerifyMessage(content, sizeof(content),
281 buffer, usedSize);
282
283 BOOST_CHECK_EQUAL(result, true);
284 }
285 catch (CryptoPP::Exception& e)
286 {
287 BOOST_CHECK(false);
288 }
289
290 tpm.deleteKeyPairInTpm(keyName);
291}
292
Yingdi Yu9d9d5992014-06-25 12:25:16 -0700[diff] [blame]293
294BOOST_AUTO_TEST_CASE(ImportExportEcdsaKey)
295{
296 using namespace CryptoPP;
297
298 std::string imported =
299 "MIGMMEAGCSqGSIb3DQEFDTAzMBsGCSqGSIb3DQEFDDAOBAhqkJiLfzFWtQICCAAw"
300 "FAYIKoZIhvcNAwcECJ1HLtP8OZC6BEgNv9OH2mZdbkxvqTVlRBkUqPbbP3580OG6"
301 "f0htqWSRppcb4IEKYfuPt2qPCYKL2GcAN2pU3eJqhiM7LFTSFaxgBRFozzIwusk=";
302
303 std::string decoded;
304 BOOST_CHECK_NO_THROW(StringSource source(imported,
305 true,
306 new Base64Decoder(new StringSink(decoded))));
307
308 SecTpmFile tpm;
309
310 Name keyName("/TestSecTpmFile/ImportExportEcdsaKey/ksk-" +
311 boost::lexical_cast<std::string>(time::toUnixTimestamp(time::system_clock::now())));
312
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]313 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), false);
314 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), false);
Yingdi Yu9d9d5992014-06-25 12:25:16 -0700[diff] [blame]315
316 BOOST_REQUIRE_NO_THROW(
317 tpm.importPrivateKeyPkcs5IntoTpm(keyName,
318 reinterpret_cast<const uint8_t*>(decoded.c_str()),
319 decoded.size(),
320 "5678"));
321
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]322 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), true);
323 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), true);
Yingdi Yu9d9d5992014-06-25 12:25:16 -0700[diff] [blame]324
Alexander Afanasyev2fa59392016-07-29 17:24:23 -0700[diff] [blame]325 shared_ptr<v1::PublicKey> publicKey;
Yingdi Yu9d9d5992014-06-25 12:25:16 -0700[diff] [blame]326 BOOST_CHECK_NO_THROW(publicKey = tpm.getPublicKeyFromTpm(keyName));
327
328 const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
329 Block sigBlock;
330 BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content),
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]331 keyName, DigestAlgorithm::SHA256));
Yingdi Yu9d9d5992014-06-25 12:25:16 -0700[diff] [blame]332
333 try
334 {
335 using namespace CryptoPP;
336
337 ECDSA<ECP, SHA256>::PublicKey ecdsaPublicKey;
338 ByteQueue queue;
339 queue.Put(reinterpret_cast<const byte*>(publicKey->get().buf()), publicKey->get().size());
340 ecdsaPublicKey.Load(queue);
341
342 uint8_t buffer[64];
343 size_t usedSize = DSAConvertSignatureFormat(buffer, 64, DSA_P1363,
344 sigBlock.value(), sigBlock.value_size(), DSA_DER);
345
346 ECDSA<ECP, SHA256>::Verifier verifier(ecdsaPublicKey);
347 bool isVerified = verifier.VerifyMessage(content, sizeof(content),
348 buffer, usedSize);
349
350 BOOST_CHECK_EQUAL(isVerified, true);
351 }
352 catch (CryptoPP::Exception& e)
353 {
354 BOOST_CHECK(false);
355 }
356
357 ConstBufferPtr exported;
358 BOOST_CHECK_NO_THROW(exported = tpm.exportPrivateKeyPkcs5FromTpm(keyName, "1234"));
359
360 tpm.deleteKeyPairInTpm(keyName);
361
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]362 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), false);
363 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), false);
Yingdi Yu9d9d5992014-06-25 12:25:16 -0700[diff] [blame]364
365 BOOST_REQUIRE(tpm.importPrivateKeyPkcs5IntoTpm(keyName, exported->buf(), exported->size(),
366 "1234"));
367
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]368 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), true);
369 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), true);
Yingdi Yu9d9d5992014-06-25 12:25:16 -0700[diff] [blame]370
371 const uint8_t content2[] = {0x05, 0x06, 0x07, 0x08};
372 Block sigBlock2;
373 BOOST_CHECK_NO_THROW(sigBlock2 = tpm.signInTpm(content2, sizeof(content2),
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]374 keyName, DigestAlgorithm::SHA256));
Yingdi Yu9d9d5992014-06-25 12:25:16 -0700[diff] [blame]375
376 try
377 {
378 using namespace CryptoPP;
379
380 ECDSA<ECP, SHA256>::PublicKey ecdsaPublicKey;
381 ByteQueue queue;
382 queue.Put(reinterpret_cast<const byte*>(publicKey->get().buf()), publicKey->get().size());
383 ecdsaPublicKey.Load(queue);
384
385 uint8_t buffer[64];
386 size_t usedSize = DSAConvertSignatureFormat(buffer, 64, DSA_P1363,
387 sigBlock2.value(), sigBlock2.value_size(),
388 DSA_DER);
389
390 ECDSA<ECP, SHA256>::Verifier verifier(ecdsaPublicKey);
391 bool isVerified = verifier.VerifyMessage(content2, sizeof(content2),
392 buffer, usedSize);
393
394 BOOST_CHECK_EQUAL(isVerified, true);
395
396 }
397 catch (CryptoPP::Exception& e)
398 {
399 BOOST_CHECK(false);
400 }
401
402 tpm.deleteKeyPairInTpm(keyName);
403
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]404 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), false);
405 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), false);
Yingdi Yu9d9d5992014-06-25 12:25:16 -0700[diff] [blame]406}
407
Davide Pesaventoeee3e822016-11-26 19:19:34 +0100[diff] [blame]408BOOST_AUTO_TEST_SUITE_END() // TestSecTpmFile
409BOOST_AUTO_TEST_SUITE_END() // Security
Alexander Afanasyev0abb2da2014-01-30 18:07:57 -0800[diff] [blame]410
Spyridon Mastorakis429634f2015-02-19 17:35:33 -0800[diff] [blame]411} // namespace tests
Alexander Afanasyev2fa59392016-07-29 17:24:23 -0700[diff] [blame]412} // namespace security
Alexander Afanasyev0abb2da2014-01-30 18:07:57 -0800[diff] [blame]413} // namespace ndn