Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / f8379173cfbbcdf5c891c2f4896bbd82e026d381 / . / tests / unit-tests / security / v1 / sec-tpm-file.t.cpp
blob: 79e3645c238b968a64d832eb69a86486d262b165 [file] [log] [blame]
Alexander Afanasyevc169a812014-05-20 20:37:29 -0400[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Yingdi Yu04020922014-01-22 12:46:53 -0800[diff] [blame]2/**
Alexander Afanasyev4c9a3d52017-01-03 17:45:19 -0800[diff] [blame]3 * Copyright (c) 2013-2017 Regents of the University of California.
Alexander Afanasyevdfa52c42014-04-24 21:10:11 -0700[diff] [blame]4 *
5 * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
Alexander Afanasyevdfa52c42014-04-24 21:10:11 -0700[diff] [blame]6 *
Alexander Afanasyevc169a812014-05-20 20:37:29 -0400[diff] [blame]7 * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8 * terms of the GNU Lesser General Public License as published by the Free Software
9 * Foundation, either version 3 of the License, or (at your option) any later version.
10 *
11 * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License and GNU Lesser
16 * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17 * <http://www.gnu.org/licenses/>.
18 *
19 * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
Yingdi Yu04020922014-01-22 12:46:53 -0800[diff] [blame]20 */
21
Alexander Afanasyev4c9a3d52017-01-03 17:45:19 -0800[diff] [blame]22#include "security/v1/sec-tpm-file.hpp"
23#include "security/v1/key-chain.hpp"
Alexander Afanasyev2fa59392016-07-29 17:24:23 -0700[diff] [blame]24#include "security/v1/cryptopp.hpp"
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]25#include "util/time.hpp"
26
Davide Pesaventoeee3e822016-11-26 19:19:34 +0100[diff] [blame]27#include "boost-test.hpp"
28
Yingdi Yu41546342014-11-30 23:37:53 -0800[diff] [blame]29#include <boost/filesystem.hpp>
Alexander Afanasyev258ec2b2014-05-14 16:15:37 -0700[diff] [blame]30#include <boost/lexical_cast.hpp>
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]31
Alexander Afanasyev0abb2da2014-01-30 18:07:57 -0800[diff] [blame]32namespace ndn {
Alexander Afanasyev2fa59392016-07-29 17:24:23 -0700[diff] [blame]33namespace security {
Alexander Afanasyev4c9a3d52017-01-03 17:45:19 -0800[diff] [blame]34namespace v1 {
Spyridon Mastorakis429634f2015-02-19 17:35:33 -0800[diff] [blame]35namespace tests {
Yingdi Yu04020922014-01-22 12:46:53 -0800[diff] [blame]36
Davide Pesaventoeee3e822016-11-26 19:19:34 +0100[diff] [blame]37BOOST_AUTO_TEST_SUITE(Security)
Alexander Afanasyev4c9a3d52017-01-03 17:45:19 -0800[diff] [blame]38BOOST_AUTO_TEST_SUITE(V1)
Davide Pesaventoeee3e822016-11-26 19:19:34 +0100[diff] [blame]39BOOST_AUTO_TEST_SUITE(TestSecTpmFile)
Yingdi Yu04020922014-01-22 12:46:53 -0800[diff] [blame]40
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]41BOOST_AUTO_TEST_CASE(Delete)
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]42{
43 SecTpmFile tpm;
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]44
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]45 Name keyName("/TestSecTpmFile/Delete/ksk-" +
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]46 boost::lexical_cast<std::string>(time::toUnixTimestamp(time::system_clock::now())));
47 RsaKeyParams params(2048);
48 BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, params));
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]49
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]50 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), true);
51 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), true);
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]52
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]53 tpm.deleteKeyPairInTpm(keyName);
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]54
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]55 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), false);
56 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), false);
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]57}
58
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]59BOOST_AUTO_TEST_CASE(SignVerify)
Yingdi Yu04020922014-01-22 12:46:53 -0800[diff] [blame]60{
61 SecTpmFile tpm;
62
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]63 Name keyName("/TestSecTpmFile/SignVerify/ksk-" +
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]64 boost::lexical_cast<std::string>(time::toUnixTimestamp(time::system_clock::now())));
65 RsaKeyParams params(2048);
66 BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, params));
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]67
Yingdi Yu04020922014-01-22 12:46:53 -0800[diff] [blame]68 Data data("/tmp/test/1");
69 const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
70
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]71 Block sigBlock;
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]72 BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content),
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]73 keyName, DigestAlgorithm::SHA256));
Alexander Afanasyev2fa59392016-07-29 17:24:23 -0700[diff] [blame]74 shared_ptr<v1::PublicKey> publicKey;
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]75 BOOST_CHECK_NO_THROW(publicKey = tpm.getPublicKeyFromTpm(keyName));
Yingdi Yu04020922014-01-22 12:46:53 -0800[diff] [blame]76
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]77 try
78 {
79 using namespace CryptoPP;
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]80
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]81 RSA::PublicKey rsaPublicKey;
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]82 ByteQueue queue;
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]83 queue.Put(reinterpret_cast<const byte*>(publicKey->get().buf()), publicKey->get().size());
84 rsaPublicKey.Load(queue);
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]85
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]86 RSASS<PKCS1v15, SHA256>::Verifier verifier(rsaPublicKey);
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]87 bool result = verifier.VerifyMessage(content, sizeof(content),
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]88 sigBlock.value(), sigBlock.value_size());
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]89
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]90 BOOST_CHECK_EQUAL(result, true);
91 }
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]92 catch (CryptoPP::Exception& e)
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]93 {
94 BOOST_CHECK(false);
95 }
Yingdi Yu04020922014-01-22 12:46:53 -0800[diff] [blame]96
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]97 tpm.deleteKeyPairInTpm(keyName);
Yingdi Yu04020922014-01-22 12:46:53 -0800[diff] [blame]98}
99
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]100BOOST_AUTO_TEST_CASE(RandomGenerator)
Yingdi Yu4b752752014-02-18 12:24:03 -0800[diff] [blame]101{
102 SecTpmFile tpm;
103
Davide Pesavento41abef82016-08-08 07:41:59 +0200[diff] [blame]104 constexpr size_t scale = 1000;
105 constexpr size_t size = 256 * scale;
106 auto block = unique_ptr<uint8_t[]>{new uint8_t[size]};
107 tpm.generateRandomBlock(block.get(), size);
Yingdi Yu4b752752014-02-18 12:24:03 -0800[diff] [blame]108
Davide Pesavento41abef82016-08-08 07:41:59 +0200[diff] [blame]109 std::map<uint8_t, size_t> counter;
110 for (size_t i = 0; i < size; i++) {
111 counter[block[i]] += 1;
112 }
Yingdi Yu4b752752014-02-18 12:24:03 -0800[diff] [blame]113
Davide Pesavento41abef82016-08-08 07:41:59 +0200[diff] [blame]114 double dev = 0.0;
115 for (uint8_t i = 0; i < 255; i++) {
116 dev += static_cast<double>((counter[i] - scale) * (counter[i] - scale)) / (scale * scale);
117 }
118 dev /= 256;
Yingdi Yu4b752752014-02-18 12:24:03 -0800[diff] [blame]119
Davide Pesavento41abef82016-08-08 07:41:59 +0200[diff] [blame]120 BOOST_CHECK_CLOSE(dev, 0.001, 100);
Yingdi Yu4b752752014-02-18 12:24:03 -0800[diff] [blame]121}
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]122
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]123BOOST_AUTO_TEST_CASE(ImportExportKey)
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]124{
125 using namespace CryptoPP;
126
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]127 std::string imported =
128"MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIIJzwsbTIVqgCAggAMBQGCCqG"
129"SIb3DQMHBAiEsSKdgGkCEQSCBMjaYsEeHM/EPzGNDAPaSxE1ASKxjyNkXEVPQbtGx/ju1PlQ"
130"QakTCzPpia8ziVGihrVfuacHrxxbLh+ufNZtbVVsv9kGQL2g15BN2Nic8VqyTxplKrduFkEb"
131"eOipqu627gb6eTsrSj7kubXfs/w9OAdhRZFaEc7I/S6rcPUaDai4i3O03VuvuTOrzZL/unhD"
132"CDzOa3pr2aUQlO/5Pck6GbSYL1/4aW/fB7djZrZAjsGPTqIYpPa16oWlrzsILQ4650Zlvdn8"
133"feh6elTrA4qy6RljZfhIHxzGAeuGbVVLT7zavs01y+QE88sxPpeZ0RGtlVxCYp+xoB5hOO/x"
134"Xm3n0r+HVIaBV9rHLuUSUiHVAtzwuOj/XKh7YBNXeF58lcv8Npsx10etrPuV5hRQelYirKo1"
135"QbT+Aq7sLdWI09eGClDHjvRgw54lCFEUAVUFLxhBnzfVUfw/UiR2SheixH+c7cY3gOOvSMQh"
136"1oL9Omii4S6yhzfbD3hRN/wBKC0NgiIOLRR+Ti0mEEbTxYQrVcHC9rpRcnr1fFAiQvOXrOw0"
137"HyxsbnOeYpoURgLJmUyItPi09xUMCHwUPZ/sI6aG5eRqVUGgcYaQib7MBbGG/D2PlWaKZx1w"
138"iEYtYUI7rrc7Qc2ltp4i1u46ZLtSOxUi8kM7qK2Yp1AOtcWFlGn0XBXpGsHanZRzs8KzfDjQ"
139"OPmRIuFXFmuJweqUGmg6c8P3wHYueenB4oowYELYaDwmmV96obXMG5hbsKne5kcem875d6K+"
140"hL2QzjAl+na4tUZyXYXDdUO2lgTT8IItujBn6c+b8vDcZ24NcYyWPHHb16J4uvKi/6Zb245g"
141"/N0NC6hB43KE+2F0BH0eyXRzCnen6AjF8nvx/wgYrXsFlsU47P8gaL1e7V6QECkY4vIk6//b"
142"LINmpcgZoAv23fgjvYYTMfS/IyPsooS5DJarbHzbsgAWOuqP2ewYulrKqLi0vaUyoErRedQC"
143"8J5p9c4KF56++ameiwxbyKnDynHIIFCOM8eamLnDH4VvU9E2mtfZxmi8kWDWx/NhKEK9zbQv"
144"WuaGDpOysgPK4myTp2QGQNQDvBB92gMcrVTcY//3OGHSXeJrkUfDKLOUDyz7ROghEt1vpRTL"
145"j9Xdbm/01O/0MLBqyXDY119b1qAVVY7Y2CxRIRFdw2V76INWNIwPi46t/VUGwMBGmEux8S8+"
146"79Mv7UyGhKvSUr88pWCS1KdSz1HhN1VWjDvyXPyg96+SecpZMwXCdkUCLdLdD3/8rJLt7wS5"
147"3K5/1V4sacds8GHx7NckhQ/KV0VDlUEFuaOCS4Sd3XXetXs4IFSqtKH+Rn0jX7d8Igcw7X2b"
148"eaV1gxOVquDEwLDT5+wXURw96ahq0caL/4YfoBUQIOQ6HGtPTWJz1Yax0pGu9F30VEY/ObrK"
149"L/B6peJKfqhQGJ+MObqOiP6yHBZH75EImLAkksSVmREdNVjwWkz9D9vzPoAnmP8sQ3/NZarB"
150"Ak+ynQjc19t+CCecPrS2Tlh0cJZkHRiGFF7J5a3ci7yBvg3HfD86AXMRBQuSG1UG8TrzC6BK"
151"+qIQ8DWecQwBMZ3nv/Flo2Fejd/G4/wWe6ObMytC5SB8pJNOq9ri0Ff6Zh3rPrwaSv1PPgFJ"
152"GOw=";
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]153
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]154 std::string decoded;
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]155 BOOST_CHECK_NO_THROW(StringSource source(imported,
156 true,
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]157 new Base64Decoder(new StringSink(decoded))));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]158
159 SecTpmFile tpm;
160
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]161 Name keyName("/TestSecTpmFile/ImportKey/ksk-" +
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]162 boost::lexical_cast<std::string>(time::toUnixTimestamp(time::system_clock::now())));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]163
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]164 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), false);
165 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), false);
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]166
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]167 BOOST_REQUIRE_NO_THROW(
168 tpm.importPrivateKeyPkcs5IntoTpm(keyName,
169 reinterpret_cast<const uint8_t*>(decoded.c_str()),
170 decoded.size(),
171 "1234"));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]172
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]173 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), true);
174 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), true);
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]175
Alexander Afanasyev2fa59392016-07-29 17:24:23 -0700[diff] [blame]176 shared_ptr<v1::PublicKey> publicKey;
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]177 BOOST_CHECK_NO_THROW(publicKey = tpm.getPublicKeyFromTpm(keyName));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]178
179 const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]180 Block sigBlock;
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]181 BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content),
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]182 keyName, DigestAlgorithm::SHA256));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]183
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]184 try
185 {
186 using namespace CryptoPP;
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]187
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]188 RSA::PublicKey rsaPublicKey;
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]189 ByteQueue queue;
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]190 queue.Put(reinterpret_cast<const byte*>(publicKey->get().buf()), publicKey->get().size());
191 rsaPublicKey.Load(queue);
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]192
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]193 RSASS<PKCS1v15, SHA256>::Verifier verifier(rsaPublicKey);
194 bool isVerified = verifier.VerifyMessage(content, sizeof(content),
195 sigBlock.value(), sigBlock.value_size());
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]196
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]197 BOOST_CHECK_EQUAL(isVerified, true);
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]198 }
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]199 catch (CryptoPP::Exception& e)
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]200 {
201 BOOST_CHECK(false);
202 }
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]203
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]204 ConstBufferPtr exported;
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]205 BOOST_CHECK_NO_THROW(exported = tpm.exportPrivateKeyPkcs5FromTpm(keyName, "5678"));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]206
207 tpm.deleteKeyPairInTpm(keyName);
208
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]209 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), false);
210 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), false);
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]211
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]212 BOOST_REQUIRE(tpm.importPrivateKeyPkcs5IntoTpm(keyName, exported->buf(), exported->size(),
213 "5678"));
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]214
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]215 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), true);
216 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), true);
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]217
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]218 const uint8_t content2[] = {0x05, 0x06, 0x07, 0x08};
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]219 Block sigBlock2;
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]220 BOOST_CHECK_NO_THROW(sigBlock2 = tpm.signInTpm(content2, sizeof(content2),
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]221 keyName, DigestAlgorithm::SHA256));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]222
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]223 try
224 {
225 using namespace CryptoPP;
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]226
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]227 RSA::PublicKey rsaPublicKey;
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]228 ByteQueue queue;
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]229 queue.Put(reinterpret_cast<const byte*>(publicKey->get().buf()), publicKey->get().size());
230 rsaPublicKey.Load(queue);
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]231
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]232 RSASS<PKCS1v15, SHA256>::Verifier verifier(rsaPublicKey);
233 bool isVerified = verifier.VerifyMessage(content2, sizeof(content2),
234 sigBlock2.value(), sigBlock2.value_size());
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]235
Yingdi Yu7036ce22014-06-19 18:53:37 -0700[diff] [blame]236 BOOST_CHECK_EQUAL(isVerified, true);
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]237 }
Yingdi Yu5e96e002014-04-23 18:32:15 -0700[diff] [blame]238 catch (CryptoPP::Exception& e)
Yingdi Yu2e57a582014-02-20 23:34:43 -0800[diff] [blame]239 {
240 BOOST_CHECK(false);
241 }
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]242
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]243 tpm.deleteKeyPairInTpm(keyName);
244
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]245 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), false);
246 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), false);
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]247}
248
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]249BOOST_AUTO_TEST_CASE(EcdsaSigning)
250{
251 SecTpmFile tpm;
252
253 Name keyName("/TestSecTpmFile/EcdsaSigning/ksk-" +
254 boost::lexical_cast<std::string>(time::toUnixTimestamp(time::system_clock::now())));
255 EcdsaKeyParams params;
256 BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, params));
257
258 Data data("/TestSecTpmFile/EcdsaSigning/Data/1");
259 const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
260
261 Block sigBlock;
262 BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content),
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]263 keyName, DigestAlgorithm::SHA256));
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]264
Alexander Afanasyev2fa59392016-07-29 17:24:23 -0700[diff] [blame]265 shared_ptr<v1::PublicKey> pubkeyPtr;
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]266 BOOST_CHECK_NO_THROW(pubkeyPtr = tpm.getPublicKeyFromTpm(keyName));
267
268 try
269 {
270 using namespace CryptoPP;
271
272 ECDSA<ECP, SHA256>::PublicKey publicKey;
273 ByteQueue queue;
274 queue.Put(reinterpret_cast<const byte*>(pubkeyPtr->get().buf()), pubkeyPtr->get().size());
275 publicKey.Load(queue);
276
277 uint8_t buffer[64];
278 size_t usedSize = DSAConvertSignatureFormat(buffer, 64, DSA_P1363,
279 sigBlock.value(), sigBlock.value_size(), DSA_DER);
280
281 ECDSA<ECP, SHA256>::Verifier verifier(publicKey);
282 bool result = verifier.VerifyMessage(content, sizeof(content),
283 buffer, usedSize);
284
285 BOOST_CHECK_EQUAL(result, true);
286 }
287 catch (CryptoPP::Exception& e)
288 {
289 BOOST_CHECK(false);
290 }
291
292 tpm.deleteKeyPairInTpm(keyName);
293}
294
Yingdi Yu9d9d5992014-06-25 12:25:16 -0700[diff] [blame]295
296BOOST_AUTO_TEST_CASE(ImportExportEcdsaKey)
297{
298 using namespace CryptoPP;
299
300 std::string imported =
301 "MIGMMEAGCSqGSIb3DQEFDTAzMBsGCSqGSIb3DQEFDDAOBAhqkJiLfzFWtQICCAAw"
302 "FAYIKoZIhvcNAwcECJ1HLtP8OZC6BEgNv9OH2mZdbkxvqTVlRBkUqPbbP3580OG6"
303 "f0htqWSRppcb4IEKYfuPt2qPCYKL2GcAN2pU3eJqhiM7LFTSFaxgBRFozzIwusk=";
304
305 std::string decoded;
306 BOOST_CHECK_NO_THROW(StringSource source(imported,
307 true,
308 new Base64Decoder(new StringSink(decoded))));
309
310 SecTpmFile tpm;
311
312 Name keyName("/TestSecTpmFile/ImportExportEcdsaKey/ksk-" +
313 boost::lexical_cast<std::string>(time::toUnixTimestamp(time::system_clock::now())));
314
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]315 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), false);
316 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), false);
Yingdi Yu9d9d5992014-06-25 12:25:16 -0700[diff] [blame]317
318 BOOST_REQUIRE_NO_THROW(
319 tpm.importPrivateKeyPkcs5IntoTpm(keyName,
320 reinterpret_cast<const uint8_t*>(decoded.c_str()),
321 decoded.size(),
322 "5678"));
323
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]324 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), true);
325 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), true);
Yingdi Yu9d9d5992014-06-25 12:25:16 -0700[diff] [blame]326
Alexander Afanasyev2fa59392016-07-29 17:24:23 -0700[diff] [blame]327 shared_ptr<v1::PublicKey> publicKey;
Yingdi Yu9d9d5992014-06-25 12:25:16 -0700[diff] [blame]328 BOOST_CHECK_NO_THROW(publicKey = tpm.getPublicKeyFromTpm(keyName));
329
330 const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
331 Block sigBlock;
332 BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content),
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]333 keyName, DigestAlgorithm::SHA256));
Yingdi Yu9d9d5992014-06-25 12:25:16 -0700[diff] [blame]334
335 try
336 {
337 using namespace CryptoPP;
338
339 ECDSA<ECP, SHA256>::PublicKey ecdsaPublicKey;
340 ByteQueue queue;
341 queue.Put(reinterpret_cast<const byte*>(publicKey->get().buf()), publicKey->get().size());
342 ecdsaPublicKey.Load(queue);
343
344 uint8_t buffer[64];
345 size_t usedSize = DSAConvertSignatureFormat(buffer, 64, DSA_P1363,
346 sigBlock.value(), sigBlock.value_size(), DSA_DER);
347
348 ECDSA<ECP, SHA256>::Verifier verifier(ecdsaPublicKey);
349 bool isVerified = verifier.VerifyMessage(content, sizeof(content),
350 buffer, usedSize);
351
352 BOOST_CHECK_EQUAL(isVerified, true);
353 }
354 catch (CryptoPP::Exception& e)
355 {
356 BOOST_CHECK(false);
357 }
358
359 ConstBufferPtr exported;
360 BOOST_CHECK_NO_THROW(exported = tpm.exportPrivateKeyPkcs5FromTpm(keyName, "1234"));
361
362 tpm.deleteKeyPairInTpm(keyName);
363
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]364 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), false);
365 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), false);
Yingdi Yu9d9d5992014-06-25 12:25:16 -0700[diff] [blame]366
367 BOOST_REQUIRE(tpm.importPrivateKeyPkcs5IntoTpm(keyName, exported->buf(), exported->size(),
368 "1234"));
369
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]370 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), true);
371 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), true);
Yingdi Yu9d9d5992014-06-25 12:25:16 -0700[diff] [blame]372
373 const uint8_t content2[] = {0x05, 0x06, 0x07, 0x08};
374 Block sigBlock2;
375 BOOST_CHECK_NO_THROW(sigBlock2 = tpm.signInTpm(content2, sizeof(content2),
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]376 keyName, DigestAlgorithm::SHA256));
Yingdi Yu9d9d5992014-06-25 12:25:16 -0700[diff] [blame]377
378 try
379 {
380 using namespace CryptoPP;
381
382 ECDSA<ECP, SHA256>::PublicKey ecdsaPublicKey;
383 ByteQueue queue;
384 queue.Put(reinterpret_cast<const byte*>(publicKey->get().buf()), publicKey->get().size());
385 ecdsaPublicKey.Load(queue);
386
387 uint8_t buffer[64];
388 size_t usedSize = DSAConvertSignatureFormat(buffer, 64, DSA_P1363,
389 sigBlock2.value(), sigBlock2.value_size(),
390 DSA_DER);
391
392 ECDSA<ECP, SHA256>::Verifier verifier(ecdsaPublicKey);
393 bool isVerified = verifier.VerifyMessage(content2, sizeof(content2),
394 buffer, usedSize);
395
396 BOOST_CHECK_EQUAL(isVerified, true);
397
398 }
399 catch (CryptoPP::Exception& e)
400 {
401 BOOST_CHECK(false);
402 }
403
404 tpm.deleteKeyPairInTpm(keyName);
405
Yingdi Yu99b2a002015-08-12 12:47:44 -0700[diff] [blame]406 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), false);
407 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), false);
Yingdi Yu9d9d5992014-06-25 12:25:16 -0700[diff] [blame]408}
409
Davide Pesaventoeee3e822016-11-26 19:19:34 +0100[diff] [blame]410BOOST_AUTO_TEST_SUITE_END() // TestSecTpmFile
Alexander Afanasyev4c9a3d52017-01-03 17:45:19 -0800[diff] [blame]411BOOST_AUTO_TEST_SUITE_END() // V1
Davide Pesaventoeee3e822016-11-26 19:19:34 +0100[diff] [blame]412BOOST_AUTO_TEST_SUITE_END() // Security
Alexander Afanasyev0abb2da2014-01-30 18:07:57 -0800[diff] [blame]413
Spyridon Mastorakis429634f2015-02-19 17:35:33 -0800[diff] [blame]414} // namespace tests
Alexander Afanasyev4c9a3d52017-01-03 17:45:19 -0800[diff] [blame]415} // namespace v1
Alexander Afanasyev2fa59392016-07-29 17:24:23 -0700[diff] [blame]416} // namespace security
Alexander Afanasyev0abb2da2014-01-30 18:07:57 -0800[diff] [blame]417} // namespace ndn