Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / fc40d878d99d636009659329c614cf38c31039e6 / . / tests / security / test-sec-tpm-osx.cpp
blob: f801018588bc073add3a7598fb35d5709abff9a1 [file] [log] [blame]
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]1/**
2 * Copyright (C) 2013 Regents of the University of California.
3 * @author: Yingdi Yu <yingdi0@cs.ucla.edu>
4 * See COPYING for copyright and distribution information.
5 */
6
7#if __clang__
8#pragma clang diagnostic ignored "-Wtautological-compare"
9#endif
10
11#include <boost/test/unit_test.hpp>
12
13#include "security/key-chain.hpp"
14#include <cryptopp/rsa.h>
15
16using namespace std;
Alexander Afanasyev0abb2da2014-01-30 18:07:57 -0800[diff] [blame]17namespace ndn {
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]18
19BOOST_AUTO_TEST_SUITE(TestSecTpmOsx)
20
21BOOST_AUTO_TEST_CASE (Delete)
22{
23 SecTpmOsx tpm;
24
25 Name keyName("/tmp/ksk-123456");
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]26 BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, KEY_TYPE_RSA, 2048));
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]27
28 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), true);
29 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE), true);
30
31 tpm.deleteKeyPairInTpm(keyName);
32
33 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), false);
34 BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE), false);
35}
36
37BOOST_AUTO_TEST_CASE (SignVerify)
38{
39 SecTpmOsx tpm;
40
41 Name keyName("/tmp/ksk-123456");
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]42 BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, KEY_TYPE_RSA, 2048));
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]43
44 Data data("/tmp/test/1");
45 const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
46
47 Block sigBlock = tpm.signInTpm(content, sizeof(content), keyName, DIGEST_ALGORITHM_SHA256);
48 ptr_lib::shared_ptr<PublicKey> pubkeyPtr = tpm.getPublicKeyFromTpm(keyName);
49
50 {
51 using namespace CryptoPP;
52
53 RSA::PublicKey publicKey;
54 ByteQueue queue;
55 queue.Put(reinterpret_cast<const byte*>(pubkeyPtr->get().buf()), pubkeyPtr->get().size());
56 publicKey.Load(queue);
57
58 RSASS<PKCS1v15, SHA256>::Verifier verifier (publicKey);
59 bool result = verifier.VerifyMessage(content, sizeof(content),
60 sigBlock.value(), sigBlock.value_size());
61
62 BOOST_REQUIRE_EQUAL(result, true);
63 }
64
65 tpm.deleteKeyPairInTpm(keyName);
66}
67
Yingdi Yu4b752752014-02-18 12:24:03 -0800[diff] [blame]68BOOST_AUTO_TEST_CASE (RandomGenerator)
69{
70 SecTpmOsx tpm;
71
72 size_t scale = 1000;
73 size_t size = 256 * scale;
74 uint8_t* block = new uint8_t[size];
75 tpm.generateRandomBlock(block, size);
76
77 map<uint8_t, int> counter;
78 for(size_t i = 0; i < size; i++)
79 counter[block[i]] += 1;
80
81 float dev = 0.0;
82 for(size_t i = 0; i != 255; i++)
83 dev += ((counter[i] - scale) * (counter[i] - scale)) * 1.0 / (scale * scale);
84
85 BOOST_CHECK_CLOSE(dev / 256, 0.001, 100);
86
87}
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]88
89BOOST_AUTO_TEST_CASE (ExportImportKey)
90{
91 using namespace CryptoPP;
92
93 SecTpmOsx tpm;
94
95 Name keyName("/TestSecTpmFile/ExportImportKey/ksk-" + boost::lexical_cast<string>(time::now()));
96
97 BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, KEY_TYPE_RSA, 2048));
98
99 BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE) == true);
100 BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC) == true);
101
102 ConstBufferPtr exported = tpm.exportPrivateKeyPkcs8FromTpm(keyName, true, "1234");
103 shared_ptr<PublicKey> pubkeyPtr = tpm.getPublicKeyFromTpm(keyName);
104
105 tpm.deleteKeyPairInTpm(keyName);
106
107 BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE) == false);
108 BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC) == false);
109
110 BOOST_REQUIRE(tpm.importPrivateKeyPkcs8IntoTpm(keyName, exported->buf(), exported->size(), true, "1234"));
111
112 BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC) == true);
113 BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE) == true);
114
115 const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
116 Block sigBlock = tpm.signInTpm(content, sizeof(content), keyName, DIGEST_ALGORITHM_SHA256);
117
118 {
119 using namespace CryptoPP;
120
121 RSA::PublicKey publicKey;
122 ByteQueue queue;
123 queue.Put(reinterpret_cast<const byte*>(pubkeyPtr->get().buf()), pubkeyPtr->get().size());
124 publicKey.Load(queue);
125
126 RSASS<PKCS1v15, SHA256>::Verifier verifier (publicKey);
127 bool result = verifier.VerifyMessage(content, sizeof(content),
128 sigBlock.value(), sigBlock.value_size());
129
130 BOOST_REQUIRE_EQUAL(result, true);
131 }
132
133 tpm.deleteKeyPairInTpm(keyName);
134 // This is some problem related to Mac OS Key chain, and we will fix it later.
135 // BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE) == false);
136 // BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC) == false);
137}
138
Yingdi Yu28fd32f2014-01-28 19:03:03 -0800[diff] [blame]139BOOST_AUTO_TEST_SUITE_END()
Alexander Afanasyev0abb2da2014-01-30 18:07:57 -0800[diff] [blame]140
141} // namespace ndn