Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / aa0e7dad62bf078ca122bb7b91c03a74825b9433 / . / tests / security / test-sec-tpm-osx.cpp
blob: a08dc4833cbb68e9b01051652f5e29160a40a155 [file] [log] [blame]
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]1/**
2 * Copyright (C) 2013 Regents of the University of California.
3 * @author: Yingdi Yu <yingdi0@cs.ucla.edu>
4 * See COPYING for copyright and distribution information.
5 */
6
7#if __clang__
8#pragma clang diagnostic ignored "-Wtautological-compare"
9#endif
10
11#include <boost/test/unit_test.hpp>
12
13#include "security/key-chain.hpp"
Yingdi Yube4150e2014-02-18 13:02:46 -0800[diff] [blame]14#include "util/time.hpp"
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]15#include <cryptopp/rsa.h>
Yingdi Yube4150e2014-02-18 13:02:46 -0800[diff] [blame]16#include <cryptopp/files.h>
17#include <cryptopp/hex.h>
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]18
19using namespace std;
Alexander Afanasyev0abb2da2014-01-30 18:07:57 -0800[diff] [blame]20namespace ndn {
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]21
22BOOST_AUTO_TEST_SUITE(TestSecTpmOsx)
23
24BOOST_AUTO_TEST_CASE (Delete)
25{
26 SecTpmOsx tpm;
27
Alexander Afanasyevaa0e7da2014-03-17 14:37:33 -0700[diff] [blame^]28 Name keyName("/TestSecTpmOsx/Delete/ksk-" + boost::lexical_cast<string>(
29 time::toUnixTimestamp(time::system_clock::now()).count()));
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]30 BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, KEY_TYPE_RSA, 2048));
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]31
32 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), true);
33 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE), true);
34
35 tpm.deleteKeyPairInTpm(keyName);
36
37 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), false);
38 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE), false);
39}
40
41BOOST_AUTO_TEST_CASE (SignVerify)
42{
43 SecTpmOsx tpm;
44
Alexander Afanasyevaa0e7da2014-03-17 14:37:33 -0700[diff] [blame^]45 Name keyName("/TestSecTpmOsx/SignVerify/ksk-" + boost::lexical_cast<string>(
46 time::toUnixTimestamp(time::system_clock::now()).count()));
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]47 BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, KEY_TYPE_RSA, 2048));
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]48
Yingdi Yube4150e2014-02-18 13:02:46 -0800[diff] [blame]49 Data data("/TestSecTpmOsx/SignVaerify/Data/1");
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]50 const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
51
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]52 Block sigBlock;
53 BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content), keyName, DIGEST_ALGORITHM_SHA256));
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]54
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]55 shared_ptr<PublicKey> pubkeyPtr;
56 BOOST_CHECK_NO_THROW(pubkeyPtr = tpm.getPublicKeyFromTpm(keyName));
57 try
58 {
59 using namespace CryptoPP;
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]60
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]61 RSA::PublicKey publicKey;
62 ByteQueue queue;
63 queue.Put(reinterpret_cast<const byte*>(pubkeyPtr->get().buf()), pubkeyPtr->get().size());
64 publicKey.Load(queue);
65
66 RSASS<PKCS1v15, SHA256>::Verifier verifier (publicKey);
67 bool result = verifier.VerifyMessage(content, sizeof(content),
68 sigBlock.value(), sigBlock.value_size());
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]69
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]70 BOOST_CHECK_EQUAL(result, true);
71 }
72 catch(CryptoPP::Exception& e)
73 {
74 BOOST_CHECK(false);
75 }
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]76
77 tpm.deleteKeyPairInTpm(keyName);
78}
79
Yingdi Yu4b752752014-02-18 12:24:03 -0800[diff] [blame]80BOOST_AUTO_TEST_CASE (RandomGenerator)
81{
82 SecTpmOsx tpm;
83
84 size_t scale = 1000;
85 size_t size = 256 * scale;
86 uint8_t* block = new uint8_t[size];
87 tpm.generateRandomBlock(block, size);
88
89 map<uint8_t, int> counter;
90 for(size_t i = 0; i < size; i++)
91 counter[block[i]] += 1;
92
93 float dev = 0.0;
94 for(size_t i = 0; i != 255; i++)
95 dev += ((counter[i] - scale) * (counter[i] - scale)) * 1.0 / (scale * scale);
96
97 BOOST_CHECK_CLOSE(dev / 256, 0.001, 100);
98
99}
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]100
101BOOST_AUTO_TEST_CASE (ExportImportKey)
102{
103 using namespace CryptoPP;
104
105 SecTpmOsx tpm;
106
Alexander Afanasyevaa0e7da2014-03-17 14:37:33 -0700[diff] [blame^]107 Name keyName("/TestSecTpmOsx/ExportImportKey/ksk-" + boost::lexical_cast<string>(
108 time::toUnixTimestamp(time::system_clock::now()).count()));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]109
110 BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, KEY_TYPE_RSA, 2048));
111
112 BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE) == true);
113 BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC) == true);
114
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]115 ConstBufferPtr exported;
116 BOOST_CHECK_NO_THROW(exported = tpm.exportPrivateKeyPkcs8FromTpm(keyName, "1234"));
117 shared_ptr<PublicKey> pubkeyPtr;
118 BOOST_REQUIRE_NO_THROW(pubkeyPtr = tpm.getPublicKeyFromTpm(keyName));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]119
120 tpm.deleteKeyPairInTpm(keyName);
121
122 BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE) == false);
123 BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC) == false);
124
Yingdi Yube4150e2014-02-18 13:02:46 -0800[diff] [blame]125 BOOST_REQUIRE(tpm.importPrivateKeyPkcs8IntoTpm(keyName, exported->buf(), exported->size(), "1234"));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]126
127 BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC) == true);
128 BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE) == true);
129
130 const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]131 Block sigBlock;
132 BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content), keyName, DIGEST_ALGORITHM_SHA256));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]133
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]134 try
135 {
136 using namespace CryptoPP;
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]137
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]138 RSA::PublicKey publicKey;
139 ByteQueue queue;
140 queue.Put(reinterpret_cast<const byte*>(pubkeyPtr->get().buf()), pubkeyPtr->get().size());
141 publicKey.Load(queue);
142
143 RSASS<PKCS1v15, SHA256>::Verifier verifier (publicKey);
144 bool result = verifier.VerifyMessage(content, sizeof(content),
145 sigBlock.value(), sigBlock.value_size());
146
147 BOOST_CHECK_EQUAL(result, true);
148 }
149 catch(CryptoPP::Exception& e)
150 {
151 BOOST_CHECK(false);
152 }
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]153
154 tpm.deleteKeyPairInTpm(keyName);
155 // This is some problem related to Mac OS Key chain, and we will fix it later.
156 // BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE) == false);
157 // BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC) == false);
158}
159
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]160BOOST_AUTO_TEST_SUITE_END()
Alexander Afanasyev0abb2da2014-01-30 18:07:57 -0800[diff] [blame]161
162} // namespace ndn