security: Remove old security framework
This commit also finalizes removal of CryptoPP dependency.
Change-Id: Ia670cbeaf21b28d3b93fd36bb3781da3ac822662
Refs: #4246, #3946
diff --git a/tests/identity-management-fixture.cpp b/tests/identity-management-fixture.cpp
index 486cc9c..ecda82d 100644
--- a/tests/identity-management-fixture.cpp
+++ b/tests/identity-management-fixture.cpp
@@ -28,7 +28,6 @@
namespace ndn {
namespace tests {
-namespace v1 = security::v1;
namespace v2 = security::v2;
IdentityManagementBaseFixture::~IdentityManagementBaseFixture()
@@ -52,67 +51,13 @@
}
}
-IdentityManagementV1Fixture::~IdentityManagementV1Fixture()
-{
- for (const auto& identity : m_identities) {
- m_keyChain.deleteIdentity(identity);
- }
-}
-
-Name
-IdentityManagementV1Fixture::addIdentity(const Name& identity, const KeyParams& params)
-{
- Name certName = m_keyChain.createIdentity(identity, params);
- m_identities.insert(identity);
- return certName;
-}
-
-bool
-IdentityManagementV1Fixture::saveIdentityCertificate(const Name& certName, const std::string& filename)
-{
- try {
- auto cert = m_keyChain.getCertificate(certName);
- return saveCertToFile(*cert, filename);
- }
- catch (const v1::SecPublicInfo::Error&) {
- return false;
- }
-}
-
-bool
-IdentityManagementV1Fixture::addSubCertificate(const Name& subIdentity, const Name& issuer, const KeyParams& params)
-{
- if (!m_keyChain.doesIdentityExist(issuer))
- return false;
- if (!m_keyChain.doesIdentityExist(subIdentity)) {
- addIdentity(subIdentity, params);
- }
- Name identityKeyName;
- try {
- identityKeyName = m_keyChain.getDefaultKeyNameForIdentity(subIdentity);
- }
- catch (const v1::SecPublicInfo::Error&) {
- identityKeyName = m_keyChain.generateRsaKeyPairAsDefault(subIdentity, true);
- }
- std::vector<v1::CertificateSubjectDescription> subjectDescription;
- shared_ptr<v1::IdentityCertificate> identityCert =
- m_keyChain.prepareUnsignedIdentityCertificate(identityKeyName,
- issuer,
- time::system_clock::now(),
- time::system_clock::now() + time::days(7300),
- subjectDescription);
- m_keyChain.sign(*identityCert, signingByIdentity(issuer));
- m_keyChain.addCertificateAsIdentityDefault(*identityCert);
- return true;
-}
-
-IdentityManagementV2Fixture::IdentityManagementV2Fixture()
+IdentityManagementFixture::IdentityManagementFixture()
: m_keyChain("pib-memory:", "tpm-memory:")
{
}
security::Identity
-IdentityManagementV2Fixture::addIdentity(const Name& identityName, const KeyParams& params)
+IdentityManagementFixture::addIdentity(const Name& identityName, const KeyParams& params)
{
auto identity = m_keyChain.createIdentity(identityName, params);
m_identities.insert(identityName);
@@ -120,7 +65,7 @@
}
bool
-IdentityManagementV2Fixture::saveCertificate(const security::Identity& identity, const std::string& filename)
+IdentityManagementFixture::saveCertificate(const security::Identity& identity, const std::string& filename)
{
try {
auto cert = identity.getDefaultKey().getDefaultCertificate();
@@ -132,8 +77,8 @@
}
security::Identity
-IdentityManagementV2Fixture::addSubCertificate(const Name& subIdentityName,
- const security::Identity& issuer, const KeyParams& params)
+IdentityManagementFixture::addSubCertificate(const Name& subIdentityName,
+ const security::Identity& issuer, const KeyParams& params)
{
auto subIdentity = addIdentity(subIdentityName, params);
@@ -156,7 +101,7 @@
}
v2::Certificate
-IdentityManagementV2Fixture::addCertificate(const security::Key& key, const std::string& issuer)
+IdentityManagementFixture::addCertificate(const security::Key& key, const std::string& issuer)
{
Name certificateName = key.getName();
certificateName
@@ -181,6 +126,5 @@
return certificate;
}
-
} // namespace tests
} // namespace ndn
diff --git a/tests/identity-management-fixture.hpp b/tests/identity-management-fixture.hpp
index 82545f9..53b68f5 100644
--- a/tests/identity-management-fixture.hpp
+++ b/tests/identity-management-fixture.hpp
@@ -22,7 +22,6 @@
#ifndef NDN_TESTS_IDENTITY_MANAGEMENT_FIXTURE_HPP
#define NDN_TESTS_IDENTITY_MANAGEMENT_FIXTURE_HPP
-#include "security/v1/key-chain.hpp"
#include "security/v2/key-chain.hpp"
#include "security/signing-helpers.hpp"
@@ -52,57 +51,11 @@
*
* Test cases in the suite can use this fixture to create identities. Identities,
* certificates, and saved certificates are automatically removed during test teardown.
- *
- * @deprecated Use IdentityManagementV2Fixture
*/
-class IdentityManagementV1Fixture : public IdentityManagementBaseFixture
+class IdentityManagementFixture : public IdentityManagementBaseFixture
{
public:
- ~IdentityManagementV1Fixture();
-
- /**
- * @brief Add identity
- * @return name of the created self-signed certificate
- */
- Name
- addIdentity(const Name& identity, const KeyParams& params = security::v1::KeyChain::DEFAULT_KEY_PARAMS);
-
- /**
- * @brief save identity certificate to a file
- * @param identity certificate name
- * @param filename file name, should be writable
- * @return whether successful
- */
- bool
- saveIdentityCertificate(const Name& certName, const std::string& filename);
-
- /**
- * @brief issue a certificate for \p subIdentity signed by \p issuer
- *
- * If identity does not exist, it is created.
- * A new key is generated as the default key for identity.
- * A default certificate for the key is signed by the issuer using its default certificate.
- *
- * @return whether success
- */
- bool
- addSubCertificate(const Name& subIdentity, const Name& issuer,
- const KeyParams& params = security::v1::KeyChain::DEFAULT_KEY_PARAMS);
-
-protected:
- security::v1::KeyChain m_keyChain;
-};
-
-/**
- * @brief A test suite level fixture to help with identity management
- *
- * Test cases in the suite can use this fixture to create identities. Identities,
- * certificates, and saved certificates are automatically removed during test teardown.
- */
-class IdentityManagementV2Fixture : public IdentityManagementBaseFixture
-{
-public:
- IdentityManagementV2Fixture();
+ IdentityManagementFixture();
/**
* @brief Add identity @p identityName
@@ -140,11 +93,9 @@
addCertificate(const security::Key& key, const std::string& issuer);
protected:
- security::v2::KeyChain m_keyChain;
+ KeyChain m_keyChain;
};
-using IdentityManagementFixture = IdentityManagementV2Fixture;
-
} // namespace tests
} // namespace ndn
diff --git a/tests/unit-tests/data.t.cpp b/tests/unit-tests/data.t.cpp
index 48f4f82..4e5cfdd 100644
--- a/tests/unit-tests/data.t.cpp
+++ b/tests/unit-tests/data.t.cpp
@@ -21,6 +21,7 @@
#include "data.hpp"
#include "encoding/buffer-stream.hpp"
+#include "security/signature-sha256-with-rsa.hpp"
#include "security/transform/private-key.hpp"
#include "security/transform/public-key.hpp"
#include "security/transform/signer-filter.hpp"
diff --git a/tests/unit-tests/identity-management-time-fixture.hpp b/tests/unit-tests/identity-management-time-fixture.hpp
index 99278d0..b07ea12 100644
--- a/tests/unit-tests/identity-management-time-fixture.hpp
+++ b/tests/unit-tests/identity-management-time-fixture.hpp
@@ -1,5 +1,5 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
-/**
+/*
* Copyright (c) 2013-2017 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
@@ -28,18 +28,11 @@
namespace ndn {
namespace tests {
-class IdentityManagementV1TimeFixture : public UnitTestTimeFixture
- , public IdentityManagementV1Fixture
+class IdentityManagementTimeFixture : public UnitTestTimeFixture
+ , public IdentityManagementFixture
{
};
-class IdentityManagementV2TimeFixture : public UnitTestTimeFixture
- , public IdentityManagementV2Fixture
-{
-};
-
-using IdentityManagementTimeFixture = IdentityManagementV2TimeFixture;
-
} // namespace tests
} // namespace ndn
diff --git a/tests/unit-tests/security/certificate-cache-ttl.t.cpp b/tests/unit-tests/security/certificate-cache-ttl.t.cpp
deleted file mode 100644
index 2bf11f4..0000000
--- a/tests/unit-tests/security/certificate-cache-ttl.t.cpp
+++ /dev/null
@@ -1,142 +0,0 @@
-/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
-/**
- * Copyright (c) 2013-2016 Regents of the University of California.
- *
- * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
- *
- * ndn-cxx library is free software: you can redistribute it and/or modify it under the
- * terms of the GNU Lesser General Public License as published by the Free Software
- * Foundation, either version 3 of the License, or (at your option) any later version.
- *
- * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
- * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
- * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
- *
- * You should have received copies of the GNU General Public License and GNU Lesser
- * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
- * <http://www.gnu.org/licenses/>.
- *
- * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
- */
-
-#include "security/certificate-cache-ttl.hpp"
-#include "face.hpp"
-#include "util/time-unit-test-clock.hpp"
-
-#include "boost-test.hpp"
-#include "../unit-test-time-fixture.hpp"
-
-namespace ndn {
-namespace security {
-namespace tests {
-
-using namespace ndn::tests;
-
-BOOST_AUTO_TEST_SUITE(Security)
-BOOST_AUTO_TEST_SUITE(TestCertificateCacheTtl)
-
-class CertificateCacheFixture : public UnitTestTimeFixture
-{
-public:
- CertificateCacheFixture()
- : scheduler(io)
- , cache(make_shared<CertificateCacheTtl>(ref(io), time::seconds(1)))
- {
- cert1 = make_shared<v1::IdentityCertificate>();
- Name certName1("/tmp/KEY/ksk-1/ID-CERT/1");
- cert1->setName(certName1);
- cert1->setFreshnessPeriod(time::milliseconds(500));
-
- cert2 = make_shared<v1::IdentityCertificate>();
- Name certName2("/tmp/KEY/ksk-2/ID-CERT/2");
- cert2->setName(certName2);
- cert2->setFreshnessPeriod(time::milliseconds(1000));
-
- name1 = certName1.getPrefix(-1);
- name2 = certName2.getPrefix(-1);
- }
-
-public:
- Scheduler scheduler;
-
- shared_ptr<CertificateCacheTtl> cache;
-
- shared_ptr<v1::IdentityCertificate> cert1;
- shared_ptr<v1::IdentityCertificate> cert2;
-
- Name name1;
- Name name2;
-};
-
-BOOST_FIXTURE_TEST_CASE(Expiration, CertificateCacheFixture)
-{
- cache->insertCertificate(cert1);
- cache->insertCertificate(cert2);
-
- advanceClocks(time::nanoseconds(1));
- BOOST_CHECK_EQUAL(cache->getSize(), 2);
-
- scheduler.scheduleEvent(time::milliseconds(200), [&] {
- BOOST_CHECK_EQUAL(cache->getSize(), 2);
- BOOST_CHECK_EQUAL(static_cast<bool>(cache->getCertificate(name1)), true);
- BOOST_CHECK_EQUAL(static_cast<bool>(cache->getCertificate(name2)), true);
- });
-
- advanceClocks(time::milliseconds(200));
-
- // cert1 should removed from the cache
- scheduler.scheduleEvent(time::milliseconds(700), [&] {
- BOOST_CHECK_EQUAL(static_cast<bool>(cache->getCertificate(name1)), false);
- BOOST_CHECK_EQUAL(static_cast<bool>(cache->getCertificate(name2)), true);
- });
-
- advanceClocks(time::milliseconds(700));
- BOOST_CHECK_EQUAL(cache->getSize(), 1);
-
- advanceClocks(time::milliseconds(700));
- BOOST_CHECK_EQUAL(cache->getSize(), 0);
-}
-
-BOOST_FIXTURE_TEST_CASE(TtlRefresh, CertificateCacheFixture)
-{
- cache->insertCertificate(cert1); // 500ms
-
- advanceClocks(time::nanoseconds(1));
- BOOST_CHECK_EQUAL(cache->getSize(), 1);
-
- advanceClocks(time::milliseconds(400));
- BOOST_CHECK_EQUAL(cache->getSize(), 1);
-
- // Refresh certificate in cache
- cache->insertCertificate(cert1); // +500ms
-
- advanceClocks(time::nanoseconds(1));
- BOOST_CHECK_EQUAL(cache->getSize(), 1);
-
- advanceClocks(time::milliseconds(400));
- BOOST_CHECK_EQUAL(cache->getSize(), 1);
-
- advanceClocks(time::milliseconds(200));
- BOOST_CHECK_EQUAL(cache->getSize(), 0);
-}
-
-BOOST_FIXTURE_TEST_CASE(Reset, CertificateCacheFixture)
-{
- cache->insertCertificate(cert1);
- cache->insertCertificate(cert2);
-
- advanceClocks(time::nanoseconds(1));
- BOOST_CHECK_EQUAL(cache->getSize(), 2);
-
- cache->reset();
-
- advanceClocks(time::nanoseconds(1));
- BOOST_CHECK_EQUAL(cache->getSize(), 0);
-}
-
-BOOST_AUTO_TEST_SUITE_END() // TestCertificateCacheTtl
-BOOST_AUTO_TEST_SUITE_END() // Security
-
-} // namespace tests
-} // namespace security
-} // namespace ndn
diff --git a/tests/unit-tests/security/command-interest-signer.t.cpp b/tests/unit-tests/security/command-interest-signer.t.cpp
index 33add93..4c95293 100644
--- a/tests/unit-tests/security/command-interest-signer.t.cpp
+++ b/tests/unit-tests/security/command-interest-signer.t.cpp
@@ -1,5 +1,5 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
-/**
+/*
* Copyright (c) 2013-2017 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
@@ -32,7 +32,7 @@
using namespace ndn::tests;
BOOST_AUTO_TEST_SUITE(Security)
-BOOST_FIXTURE_TEST_SUITE(TestCommandInterestSigner, IdentityManagementV2TimeFixture)
+BOOST_FIXTURE_TEST_SUITE(TestCommandInterestSigner, IdentityManagementTimeFixture)
BOOST_AUTO_TEST_CASE(Basic)
{
diff --git a/tests/unit-tests/security/digest-sha256.t.cpp b/tests/unit-tests/security/digest-sha256.t.cpp
index d49b5b4..7855058 100644
--- a/tests/unit-tests/security/digest-sha256.t.cpp
+++ b/tests/unit-tests/security/digest-sha256.t.cpp
@@ -20,7 +20,7 @@
*/
#include "security/digest-sha256.hpp"
-#include "security/validator.hpp"
+#include "security/verification-helpers.hpp"
#include "util/sha256.hpp"
#include "util/string-helper.hpp"
@@ -28,8 +28,11 @@
#include "boost-test.hpp"
namespace ndn {
+namespace security {
namespace tests {
+using namespace ndn::tests;
+
BOOST_AUTO_TEST_SUITE(Security)
BOOST_FIXTURE_TEST_SUITE(TestDigestSha256, IdentityManagementFixture)
@@ -48,16 +51,10 @@
Data testData(name);
char content[5] = "1234";
testData.setContent(reinterpret_cast<uint8_t*>(content), 5);
-
m_keyChain.sign(testData, security::SigningInfo(security::SigningInfo::SIGNER_TYPE_SHA256));
- testData.wireEncode();
-
- DigestSha256 sig(testData.getSignature());
-
- BOOST_CHECK(Validator::verifySignature(testData, sig));
-
- BOOST_CHECK_THROW(sig.getKeyLocator(), ndn::SignatureInfo::Error);
+ BOOST_CHECK_THROW(testData.getSignature().getKeyLocator(), ndn::SignatureInfo::Error);
+ verifyDigest(testData, DigestAlgorithm::SHA256);
}
BOOST_AUTO_TEST_CASE(InterestSignature)
@@ -66,17 +63,12 @@
Interest testInterest(name);
m_keyChain.sign(testInterest, security::SigningInfo(security::SigningInfo::SIGNER_TYPE_SHA256));
- testInterest.wireEncode();
- const Name& signedName = testInterest.getName();
-
- Signature signature(signedName[signed_interest::POS_SIG_INFO].blockFromValue(),
- signedName[signed_interest::POS_SIG_VALUE].blockFromValue());
- DigestSha256 sig(signature);
- BOOST_CHECK(Validator::verifySignature(testInterest, sig));
+ verifyDigest(testInterest, DigestAlgorithm::SHA256);
}
BOOST_AUTO_TEST_SUITE_END() // TestDigestSha256
BOOST_AUTO_TEST_SUITE_END() // Security
} // namespace tests
+} // namespace security
} // namespace ndn
diff --git a/tests/unit-tests/security/v1/certificate.t.cpp b/tests/unit-tests/security/v1/certificate.t.cpp
deleted file mode 100644
index 95188d6..0000000
--- a/tests/unit-tests/security/v1/certificate.t.cpp
+++ /dev/null
@@ -1,387 +0,0 @@
-/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
-/**
- * Copyright (c) 2013-2017 Regents of the University of California.
- *
- * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
- *
- * ndn-cxx library is free software: you can redistribute it and/or modify it under the
- * terms of the GNU Lesser General Public License as published by the Free Software
- * Foundation, either version 3 of the License, or (at your option) any later version.
- *
- * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
- * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
- * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
- *
- * You should have received copies of the GNU General Public License and GNU Lesser
- * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
- * <http://www.gnu.org/licenses/>.
- *
- * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
- */
-
-#include "security/v1/certificate.hpp"
-#include "security/v1/public-key.hpp"
-
-#include "security/v1/cryptopp.hpp"
-
-#include "boost-test.hpp"
-
-namespace ndn {
-namespace security {
-namespace v1 {
-namespace tests {
-
-BOOST_AUTO_TEST_SUITE(Security)
-BOOST_AUTO_TEST_SUITE(V1)
-BOOST_AUTO_TEST_SUITE(TestCertificate)
-
-using namespace CryptoPP;
-
-const uint8_t PUBLIC_KEY[] = {
- 0x30, 0x81, 0x9d, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01,
- 0x01, 0x05, 0x00, 0x03, 0x81, 0x8b, 0x00, 0x30, 0x81, 0x87, 0x02, 0x81, 0x81, 0x00, 0x9e,
- 0x06, 0x3e, 0x47, 0x85, 0xb2, 0x34, 0x37, 0xaa, 0x85, 0x47, 0xac, 0x03, 0x24, 0x83, 0xb5,
- 0x9c, 0xa8, 0x05, 0x3a, 0x24, 0x1e, 0xeb, 0x89, 0x01, 0xbb, 0xe9, 0x9b, 0xb2, 0xc3, 0x22,
- 0xac, 0x68, 0xe3, 0xf0, 0x6c, 0x02, 0xce, 0x68, 0xa6, 0xc4, 0xd0, 0xa7, 0x06, 0x90, 0x9c,
- 0xaa, 0x1b, 0x08, 0x1d, 0x8b, 0x43, 0x9a, 0x33, 0x67, 0x44, 0x6d, 0x21, 0xa3, 0x1b, 0x88,
- 0x9a, 0x97, 0x5e, 0x59, 0xc4, 0x15, 0x0b, 0xd9, 0x2c, 0xbd, 0x51, 0x07, 0x61, 0x82, 0xad,
- 0xc1, 0xb8, 0xd7, 0xbf, 0x9b, 0xcf, 0x7d, 0x24, 0xc2, 0x63, 0xf3, 0x97, 0x17, 0xeb, 0xfe,
- 0x62, 0x25, 0xba, 0x5b, 0x4d, 0x8a, 0xc2, 0x7a, 0xbd, 0x43, 0x8a, 0x8f, 0xb8, 0xf2, 0xf1,
- 0xc5, 0x6a, 0x30, 0xd3, 0x50, 0x8c, 0xc8, 0x9a, 0xdf, 0xef, 0xed, 0x35, 0xe7, 0x7a, 0x62,
- 0xea, 0x76, 0x7c, 0xbb, 0x08, 0x26, 0xc7, 0x02, 0x01, 0x11
-};
-
-const uint8_t CERT[] = {
- 0x30, 0x81, 0xff, 0x30, 0x22, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x33, 0x31, 0x32, 0x32, 0x36,
- 0x32, 0x33, 0x32, 0x32, 0x35, 0x34, 0x5a, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x33, 0x31, 0x32,
- 0x32, 0x36, 0x32, 0x33, 0x32, 0x32, 0x35, 0x34, 0x5a, 0x30, 0x12, 0x30, 0x10, 0x06, 0x03,
- 0x55, 0x04, 0x29, 0x13, 0x09, 0x54, 0x45, 0x53, 0x54, 0x20, 0x4e, 0x41, 0x4d, 0x45, 0x30,
- 0x81, 0x9d, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01,
- 0x05, 0x00, 0x03, 0x81, 0x8b, 0x00, 0x30, 0x81, 0x87, 0x02, 0x81, 0x81, 0x00, 0x9e, 0x06,
- 0x3e, 0x47, 0x85, 0xb2, 0x34, 0x37, 0xaa, 0x85, 0x47, 0xac, 0x03, 0x24, 0x83, 0xb5, 0x9c,
- 0xa8, 0x05, 0x3a, 0x24, 0x1e, 0xeb, 0x89, 0x01, 0xbb, 0xe9, 0x9b, 0xb2, 0xc3, 0x22, 0xac,
- 0x68, 0xe3, 0xf0, 0x6c, 0x02, 0xce, 0x68, 0xa6, 0xc4, 0xd0, 0xa7, 0x06, 0x90, 0x9c, 0xaa,
- 0x1b, 0x08, 0x1d, 0x8b, 0x43, 0x9a, 0x33, 0x67, 0x44, 0x6d, 0x21, 0xa3, 0x1b, 0x88, 0x9a,
- 0x97, 0x5e, 0x59, 0xc4, 0x15, 0x0b, 0xd9, 0x2c, 0xbd, 0x51, 0x07, 0x61, 0x82, 0xad, 0xc1,
- 0xb8, 0xd7, 0xbf, 0x9b, 0xcf, 0x7d, 0x24, 0xc2, 0x63, 0xf3, 0x97, 0x17, 0xeb, 0xfe, 0x62,
- 0x25, 0xba, 0x5b, 0x4d, 0x8a, 0xc2, 0x7a, 0xbd, 0x43, 0x8a, 0x8f, 0xb8, 0xf2, 0xf1, 0xc5,
- 0x6a, 0x30, 0xd3, 0x50, 0x8c, 0xc8, 0x9a, 0xdf, 0xef, 0xed, 0x35, 0xe7, 0x7a, 0x62, 0xea,
- 0x76, 0x7c, 0xbb, 0x08, 0x26, 0xc7, 0x02, 0x01, 0x11, 0x30, 0x25, 0x30, 0x23, 0x06, 0x06,
- 0x2b, 0x06, 0x01, 0x05, 0x20, 0x01, 0x01, 0x01, 0xff, 0x04, 0x16, 0x30, 0x14, 0x04, 0x0c,
- 0x2f, 0x68, 0x65, 0x6c, 0x6c, 0x6f, 0x2f, 0x6b, 0x69, 0x74, 0x74, 0x79, 0x02, 0x01, 0x00,
- 0x02, 0x01, 0x0a
-};
-
-const std::string CERT_INFO =
- "Certificate name:\n"
- " /\n"
- "Validity:\n"
- " NotBefore: 20131226T232254\n"
- " NotAfter: 20131226T232254\n"
- "Subject Description:\n"
- " 2.5.4.41: TEST NAME\n"
- "Public key bits: (RSA)\n"
- " MIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQCeBj5HhbI0N6qFR6wDJIO1nKgF\n"
- " OiQe64kBu+mbssMirGjj8GwCzmimxNCnBpCcqhsIHYtDmjNnRG0hoxuImpdeWcQV\n"
- " C9ksvVEHYYKtwbjXv5vPfSTCY/OXF+v+YiW6W02Kwnq9Q4qPuPLxxWow01CMyJrf\n"
- " 7+0153pi6nZ8uwgmxwIB\n"
- "Signature Information:\n"
- " Signature Type: Unknown Signature Type\n";
-
-BOOST_AUTO_TEST_CASE(Encode)
-{
- Certificate certificate;
-
- // validity
- // not before 12/26/2013 @ 11:22pm
- certificate.setNotBefore(time::fromUnixTimestamp(time::milliseconds(1388100174000LL)));
- // not after 12/26/2013 @ 11:22pm
- certificate.setNotAfter(time::fromUnixTimestamp(time::milliseconds(1388100174000LL)));
-
- // subject
- certificate.addSubjectDescription(CertificateSubjectDescription(oid::ATTRIBUTE_NAME,
- "TEST NAME"));
-
- // publicKeyInfo
- PublicKey key(PUBLIC_KEY, sizeof(PUBLIC_KEY));
- certificate.setPublicKeyInfo(key);
-
- // extensions
- BOOST_REQUIRE_NO_THROW({
- std::string extenstionValue;
- StringSink sink(extenstionValue);
- DERSequenceEncoder seq(sink);
- {
- std::string name("/hello/kitty");
- DEREncodeOctetString(seq, reinterpret_cast<const uint8_t*>(name.c_str()), name.size());
- // trustClass
- DEREncodeUnsigned<uint32_t>(seq, 0);
- // trustLevel
- DEREncodeUnsigned<uint32_t>(seq, 10);
- }
- seq.MessageEnd();
-
- //create a randome extension
- certificate.addExtension(CertificateExtension(Oid("1.3.6.1.5.32.1"), true,
- reinterpret_cast<const uint8_t*>(extenstionValue.c_str()),
- extenstionValue.size()));
- });
- // RSA::PublicKey p;
- // StringSource source(T, sizeof(T), true);
- // p.Load(source);
-
- BOOST_REQUIRE_NO_THROW(certificate.encode());
-
- // ofstream of("cert.out");
- // of.write((const char*certificate.getContent().value(), certificate.getContent().value_size());
-
- // const Block &wire = i.wireEncode();
- BOOST_REQUIRE_EQUAL_COLLECTIONS(CERT, CERT+sizeof(CERT),
- certificate.getContent().value_begin(),
- certificate.getContent().value_end());
-
- std::ostringstream os;
- os << certificate;
- std::string info(os.str());
-
- BOOST_CHECK_EQUAL(CERT_INFO, info);
-}
-
-const unsigned char REAL_CERT[] = {
- 0x30, 0x82, 0x01, 0x63, 0x30, 0x22, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x33, 0x31, 0x31, 0x30,
- 0x31, 0x31, 0x37, 0x31, 0x31, 0x32, 0x32, 0x5a, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x34, 0x31,
- 0x31, 0x30, 0x31, 0x31, 0x37, 0x31, 0x31, 0x32, 0x32, 0x5a, 0x30, 0x19, 0x30, 0x17, 0x06,
- 0x03, 0x55, 0x04, 0x29, 0x13, 0x10, 0x4e, 0x44, 0x4e, 0x20, 0x54, 0x65, 0x73, 0x74, 0x62,
- 0x65, 0x64, 0x20, 0x52, 0x6f, 0x6f, 0x74, 0x30, 0x82, 0x01, 0x20, 0x30, 0x0d, 0x06, 0x09,
- 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0d,
- 0x00, 0x30, 0x82, 0x01, 0x08, 0x02, 0x82, 0x01, 0x01, 0x00, 0xd3, 0xac, 0x7e, 0x7a, 0x5c,
- 0x33, 0x58, 0x21, 0xda, 0xe0, 0x8d, 0xdb, 0xca, 0xb6, 0x02, 0x30, 0x02, 0x15, 0xc5, 0x0a,
- 0x51, 0x54, 0xbb, 0x8e, 0x5e, 0x9d, 0x21, 0xf8, 0x14, 0xbe, 0xe4, 0x63, 0x60, 0x31, 0x53,
- 0xe2, 0xef, 0xee, 0x34, 0xa3, 0x8c, 0xd2, 0x24, 0x6f, 0xa4, 0x89, 0x4f, 0x02, 0x20, 0x7d,
- 0x66, 0xb6, 0x3f, 0x11, 0x40, 0x0c, 0xc1, 0x5f, 0xd8, 0x45, 0x23, 0x95, 0x40, 0xc8, 0xe0,
- 0xbc, 0x9d, 0x2f, 0x03, 0xf1, 0x83, 0x9f, 0x07, 0x0b, 0x76, 0xc9, 0x10, 0xd9, 0x3e, 0x0b,
- 0x75, 0x13, 0x93, 0xe9, 0xc9, 0x85, 0x01, 0x88, 0x36, 0x2e, 0xab, 0xfc, 0xe6, 0x24, 0x32,
- 0xfc, 0xc6, 0x3c, 0x40, 0x97, 0x1a, 0xcc, 0xcd, 0x53, 0xaa, 0x0f, 0xfb, 0xa3, 0xfe, 0xf9,
- 0x24, 0x70, 0x13, 0x3f, 0x4f, 0x5b, 0x7d, 0x43, 0xaa, 0x75, 0x0a, 0x94, 0x72, 0xab, 0xe1,
- 0x8c, 0x45, 0xb5, 0x78, 0x10, 0x01, 0xef, 0x1f, 0xb3, 0x05, 0x6f, 0xa6, 0xc3, 0xac, 0x7f,
- 0x6d, 0xf0, 0x31, 0xc4, 0x83, 0xb3, 0x4f, 0x50, 0x26, 0x92, 0x40, 0x1a, 0xdd, 0xec, 0xfb,
- 0xcb, 0xef, 0x63, 0xfe, 0x41, 0xd8, 0x8d, 0x1f, 0xdc, 0xec, 0xfc, 0x48, 0x95, 0xcc, 0x09,
- 0x1e, 0x30, 0x6e, 0x22, 0x9e, 0x24, 0x97, 0x2e, 0xe6, 0x0c, 0xdf, 0x3d, 0x20, 0x32, 0xaa,
- 0x9c, 0xc9, 0x45, 0x14, 0xaf, 0xaa, 0xf5, 0x17, 0xd2, 0x01, 0x98, 0x33, 0xbe, 0x2a, 0x9f,
- 0x7b, 0x9d, 0x98, 0x7c, 0x54, 0x22, 0xfe, 0x72, 0x72, 0x04, 0xc3, 0x2c, 0xc0, 0x14, 0x0b,
- 0xa9, 0x40, 0x7e, 0x46, 0xa1, 0x75, 0x16, 0x1a, 0x27, 0x9e, 0xf2, 0x82, 0x96, 0xc0, 0x7d,
- 0xaf, 0x18, 0x75, 0xfb, 0xbb, 0xab, 0x16, 0x66, 0xc0, 0xa9, 0xd7, 0x93, 0x4c, 0x48, 0x6d,
- 0xce, 0x0b, 0x88, 0xd4, 0x21, 0x93, 0x84, 0x89, 0x55, 0x05, 0xd5, 0x02, 0x01, 0x11
-};
-
-const std::string REAL_CERT_INFO = "Certificate name:\n"
- " /tmp\n"
- "Validity:\n"
- " NotBefore: 20131101T171122\n"
- " NotAfter: 20141101T171122\n"
- "Subject Description:\n"
- " 2.5.4.41: NDN Testbed Root\n"
- "Public key bits: (RSA)\n"
- " MIIBIDANBgkqhkiG9w0BAQEFAAOCAQ0AMIIBCAKCAQEA06x+elwzWCHa4I3byrYC\n"
- " MAIVxQpRVLuOXp0h+BS+5GNgMVPi7+40o4zSJG+kiU8CIH1mtj8RQAzBX9hFI5VA\n"
- " yOC8nS8D8YOfBwt2yRDZPgt1E5PpyYUBiDYuq/zmJDL8xjxAlxrMzVOqD/uj/vkk\n"
- " cBM/T1t9Q6p1CpRyq+GMRbV4EAHvH7MFb6bDrH9t8DHEg7NPUCaSQBrd7PvL72P+\n"
- " QdiNH9zs/EiVzAkeMG4iniSXLuYM3z0gMqqcyUUUr6r1F9IBmDO+Kp97nZh8VCL+\n"
- " cnIEwyzAFAupQH5GoXUWGiee8oKWwH2vGHX7u6sWZsCp15NMSG3OC4jUIZOEiVUF\n"
- " 1QIB\n"
- "Signature Information:\n"
- " Signature Type: Unknown Signature Type\n";
-
-const uint8_t SELF_SIGNED_ECDSA_CERT[] = {
- 0x06, 0xfd, 0x01, 0x5b, 0x07, 0x33, 0x08, 0x05, 0x65, 0x63, 0x64, 0x73, 0x61, 0x08, 0x03,
- 0x4b, 0x45, 0x59, 0x08, 0x11, 0x6b, 0x73, 0x6b, 0x2d, 0x31, 0x34, 0x31, 0x36, 0x35, 0x39,
- 0x34, 0x35, 0x35, 0x32, 0x38, 0x32, 0x37, 0x08, 0x07, 0x49, 0x44, 0x2d, 0x43, 0x45, 0x52,
- 0x54, 0x08, 0x09, 0xfd, 0x00, 0x00, 0x01, 0x49, 0xd3, 0x9d, 0x78, 0x00, 0x14, 0x03, 0x18,
- 0x01, 0x02, 0x15, 0xa5, 0x30, 0x81, 0xa2, 0x30, 0x22, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x34,
- 0x31, 0x31, 0x32, 0x31, 0x31, 0x38, 0x32, 0x39, 0x31, 0x32, 0x5a, 0x18, 0x0f, 0x32, 0x30,
- 0x33, 0x34, 0x31, 0x31, 0x31, 0x36, 0x31, 0x38, 0x32, 0x39, 0x31, 0x32, 0x5a, 0x30, 0x21,
- 0x30, 0x1f, 0x06, 0x03, 0x55, 0x04, 0x29, 0x13, 0x18, 0x2f, 0x65, 0x63, 0x64, 0x73, 0x61,
- 0x2f, 0x6b, 0x73, 0x6b, 0x2d, 0x31, 0x34, 0x31, 0x36, 0x35, 0x39, 0x34, 0x35, 0x35, 0x32,
- 0x38, 0x32, 0x37, 0x30, 0x59, 0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02,
- 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, 0x03, 0x42, 0x00, 0x04,
- 0x83, 0xe5, 0x81, 0x19, 0xd9, 0xfa, 0x64, 0x40, 0xad, 0x7c, 0x93, 0xfc, 0x15, 0x90, 0x6b,
- 0x38, 0x1e, 0xc5, 0xca, 0xb1, 0x6b, 0x0b, 0x1f, 0x64, 0xbf, 0x48, 0xaa, 0xd0, 0x91, 0x5c,
- 0x24, 0xd6, 0x78, 0x40, 0xfd, 0x95, 0x5d, 0x54, 0x64, 0xe1, 0x2d, 0x0e, 0x98, 0x66, 0x1d,
- 0x7a, 0xb0, 0x61, 0x17, 0x05, 0x26, 0x13, 0x63, 0x25, 0x7c, 0xda, 0x87, 0x11, 0xc9, 0x67,
- 0xcd, 0x12, 0x05, 0xf0, 0x16, 0x2f, 0x1b, 0x01, 0x03, 0x1c, 0x2a, 0x07, 0x28, 0x08, 0x05,
- 0x65, 0x63, 0x64, 0x73, 0x61, 0x08, 0x03, 0x4b, 0x45, 0x59, 0x08, 0x11, 0x6b, 0x73, 0x6b,
- 0x2d, 0x31, 0x34, 0x31, 0x36, 0x35, 0x39, 0x34, 0x35, 0x35, 0x32, 0x38, 0x32, 0x37, 0x08,
- 0x07, 0x49, 0x44, 0x2d, 0x43, 0x45, 0x52, 0x54, 0x17, 0x47, 0x30, 0x45, 0x02, 0x21, 0x00,
- 0x9b, 0xae, 0xf4, 0x87, 0x55, 0xaa, 0x78, 0xbf, 0x00, 0xff, 0x1a, 0xbe, 0x90, 0x46, 0x6e,
- 0xdd, 0xe6, 0x3b, 0x44, 0xfd, 0x41, 0x04, 0x86, 0xcc, 0x6a, 0x8b, 0x5a, 0x25, 0xbb, 0xf1,
- 0x55, 0xcd, 0x02, 0x20, 0x0e, 0x67, 0xd8, 0x86, 0xe8, 0x7c, 0x90, 0x3c, 0x13, 0xfd, 0x36,
- 0x9c, 0xbc, 0xa1, 0xc3, 0x7c, 0xe0, 0x0c, 0x6d, 0x64, 0xac, 0xdb, 0x69, 0x99, 0xde, 0x80,
- 0x35, 0x3f, 0xf4, 0x6a, 0xcd, 0x6f
-};
-
-const std::string SELF_SIGNED_ECDSA_CERT_INFO =
- "Certificate name:\n"
- " /ecdsa/KEY/ksk-1416594552827/ID-CERT/%FD%00%00%01I%D3%9Dx%00\n"
- "Validity:\n"
- " NotBefore: 20141121T182912\n"
- " NotAfter: 20341116T182912\n"
- "Subject Description:\n"
- " 2.5.4.41: /ecdsa/ksk-1416594552827\n"
- "Public key bits: (EC)\n"
- " MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEg+WBGdn6ZECtfJP8FZBrOB7FyrFr\n"
- " Cx9kv0iq0JFcJNZ4QP2VXVRk4S0OmGYderBhFwUmE2MlfNqHEclnzRIF\n"
- "Signature Information:\n"
- " Signature Type: SignatureSha256WithEcdsa\n"
- " Key Locator: (Self-Signed) /ecdsa/KEY/ksk-1416594552827/ID-CERT\n";
-
-const uint8_t RSA_CERT[] = {
- 0x06, 0xfd, 0x02, 0xd7, 0x07, 0x38, 0x08, 0x03, 0x6e, 0x64, 0x6e, 0x08, 0x03, 0x4b, 0x45,
- 0x59, 0x08, 0x05, 0x73, 0x69, 0x74, 0x65, 0x31, 0x08, 0x11, 0x6b, 0x73, 0x6b, 0x2d, 0x31,
- 0x34, 0x31, 0x36, 0x34, 0x32, 0x35, 0x33, 0x37, 0x37, 0x30, 0x39, 0x34, 0x08, 0x07, 0x49,
- 0x44, 0x2d, 0x43, 0x45, 0x52, 0x54, 0x08, 0x09, 0xfd, 0x00, 0x00, 0x01, 0x49, 0xc9, 0x8b,
- 0x2e, 0x73, 0x14, 0x03, 0x18, 0x01, 0x02, 0x15, 0xfd, 0x01, 0x61, 0x30, 0x82, 0x01, 0x5d,
- 0x30, 0x22, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x34, 0x31, 0x31, 0x31, 0x39, 0x31, 0x39, 0x33,
- 0x33, 0x30, 0x32, 0x5a, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x35, 0x31, 0x31, 0x31, 0x39, 0x31,
- 0x39, 0x33, 0x33, 0x30, 0x32, 0x5a, 0x30, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x29,
- 0x13, 0x0a, 0x2f, 0x6e, 0x64, 0x6e, 0x2f, 0x73, 0x69, 0x74, 0x65, 0x31, 0x30, 0x82, 0x01,
- 0x20, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05,
- 0x00, 0x03, 0x82, 0x01, 0x0d, 0x00, 0x30, 0x82, 0x01, 0x08, 0x02, 0x82, 0x01, 0x01, 0x00,
- 0xb6, 0x54, 0x7e, 0xe8, 0xf2, 0x91, 0x7d, 0xc1, 0x6d, 0xcb, 0x25, 0x44, 0x97, 0x90, 0xdc,
- 0x78, 0x15, 0x0e, 0xef, 0xb5, 0xe7, 0xfd, 0x09, 0x2c, 0xf8, 0xd5, 0x9c, 0x2f, 0xe5, 0xa6,
- 0xae, 0x9d, 0x7e, 0x95, 0x2d, 0xfc, 0xc7, 0xc3, 0x43, 0x46, 0xb0, 0x6f, 0x53, 0xcd, 0xcd,
- 0x6a, 0x29, 0x1d, 0x95, 0xa1, 0x62, 0xcd, 0xa9, 0xf2, 0xf8, 0xe2, 0xfa, 0x8b, 0x5d, 0xfe,
- 0xa1, 0x2b, 0x15, 0x3f, 0x7f, 0x71, 0xe6, 0x3e, 0xb9, 0xb1, 0x29, 0xd1, 0x22, 0x6f, 0x56,
- 0xdf, 0xb6, 0x85, 0xaf, 0xd4, 0xb3, 0x67, 0x8b, 0x94, 0xb8, 0x83, 0xcb, 0x72, 0x86, 0xc4,
- 0xf2, 0x86, 0xb2, 0x7c, 0x94, 0xbc, 0x38, 0x7b, 0x8c, 0x92, 0x86, 0x36, 0x83, 0x0e, 0x11,
- 0x8c, 0x95, 0x49, 0xff, 0xcc, 0x16, 0x62, 0xdb, 0x55, 0x40, 0x7f, 0xc8, 0x8d, 0xe4, 0x3f,
- 0x87, 0x02, 0x87, 0xaf, 0xf6, 0x2f, 0x8a, 0x7d, 0x74, 0x10, 0xd3, 0xbb, 0xa3, 0xfe, 0x5a,
- 0x7b, 0x8f, 0x56, 0x09, 0x8b, 0x49, 0x46, 0x9f, 0x7d, 0x55, 0xa3, 0x4a, 0xe8, 0x22, 0x7b,
- 0x80, 0x8a, 0x6f, 0xde, 0x9f, 0xfb, 0x2f, 0xeb, 0xf7, 0x29, 0x8a, 0x38, 0x67, 0x41, 0xae,
- 0x21, 0x7a, 0xe3, 0x7b, 0x96, 0x1a, 0x90, 0x35, 0x7d, 0x04, 0xaa, 0x4d, 0x9f, 0xe6, 0xd6,
- 0x00, 0x17, 0x4e, 0x02, 0x34, 0x6c, 0x56, 0x3a, 0x81, 0x3c, 0xb4, 0x7f, 0x98, 0x48, 0x22,
- 0xa0, 0x9f, 0x53, 0x35, 0xf9, 0x4e, 0xae, 0x8f, 0xc3, 0xfa, 0x0b, 0x93, 0xd4, 0x55, 0x78,
- 0x05, 0xb0, 0x40, 0x44, 0x48, 0x74, 0xb7, 0x9b, 0x2d, 0x65, 0xf0, 0x3d, 0x2e, 0x87, 0x2b,
- 0x48, 0x29, 0x12, 0x85, 0xf0, 0xaf, 0xc4, 0xdc, 0x73, 0xce, 0x18, 0x8b, 0xd9, 0x4c, 0x60,
- 0x15, 0x51, 0xae, 0x47, 0x1e, 0x2b, 0x54, 0xde, 0xf6, 0xba, 0x77, 0x30, 0x5d, 0x68, 0x9a,
- 0xfb, 0x02, 0x01, 0x11, 0x16, 0x2d, 0x1b, 0x01, 0x01, 0x1c, 0x28, 0x07, 0x26, 0x08, 0x03,
- 0x6e, 0x64, 0x6e, 0x08, 0x03, 0x4b, 0x45, 0x59, 0x08, 0x11, 0x6b, 0x73, 0x6b, 0x2d, 0x31,
- 0x34, 0x31, 0x36, 0x34, 0x32, 0x35, 0x32, 0x39, 0x35, 0x35, 0x34, 0x36, 0x08, 0x07, 0x49,
- 0x44, 0x2d, 0x43, 0x45, 0x52, 0x54, 0x17, 0xfd, 0x01, 0x00, 0x26, 0x40, 0xbc, 0xf0, 0x28,
- 0x12, 0x69, 0x94, 0x11, 0x13, 0xff, 0x47, 0x2c, 0x6b, 0x12, 0xdd, 0xfa, 0x60, 0x92, 0xe9,
- 0x59, 0x10, 0x98, 0xd8, 0x11, 0x2a, 0xf0, 0x25, 0xb0, 0x03, 0xb2, 0xda, 0xd3, 0xb6, 0xa9,
- 0xfb, 0x8b, 0xc3, 0x6f, 0xfb, 0xb4, 0x93, 0x9b, 0x24, 0x9f, 0x7e, 0x63, 0x8a, 0x37, 0xea,
- 0x88, 0x74, 0xac, 0x0c, 0x04, 0x5b, 0xa2, 0x39, 0x0c, 0xa1, 0x9e, 0x0e, 0xa2, 0xd6, 0x74,
- 0xca, 0xc4, 0x92, 0x64, 0x9f, 0xc2, 0x68, 0x56, 0xef, 0xc5, 0x11, 0xe8, 0x7a, 0xf3, 0x21,
- 0xde, 0x88, 0x40, 0x70, 0x2b, 0x44, 0xe0, 0xcb, 0x3b, 0x33, 0xc6, 0x53, 0x65, 0x70, 0x56,
- 0x08, 0xe2, 0x22, 0x70, 0x9e, 0xe0, 0x38, 0x18, 0xa8, 0x7c, 0x7d, 0x09, 0x15, 0xac, 0xf1,
- 0x44, 0x63, 0x5d, 0xd5, 0x59, 0xf4, 0xeb, 0x60, 0x6c, 0x6e, 0x77, 0x36, 0x20, 0x2a, 0xe2,
- 0xd1, 0x2d, 0xa1, 0x7d, 0xd4, 0x6d, 0x29, 0x2d, 0x88, 0xde, 0x9e, 0xf8, 0x64, 0x41, 0x6a,
- 0xeb, 0x9f, 0x3b, 0x52, 0x06, 0xb1, 0x94, 0x09, 0x3b, 0xc9, 0xba, 0xa0, 0x05, 0x31, 0x2d,
- 0x49, 0x17, 0x5b, 0xc1, 0x62, 0xf5, 0x19, 0xce, 0x27, 0x7b, 0xe8, 0x4b, 0xeb, 0x80, 0x36,
- 0xf3, 0xd7, 0xe9, 0x59, 0x22, 0x50, 0x5a, 0x14, 0xb0, 0x1a, 0xa5, 0x6b, 0x33, 0xb2, 0x83,
- 0x72, 0x11, 0xf4, 0xd5, 0xd2, 0x32, 0x93, 0x94, 0xb6, 0x8d, 0xed, 0xcd, 0xce, 0x54, 0x79,
- 0xe8, 0xc3, 0x3c, 0xa8, 0xc6, 0x71, 0xa7, 0x61, 0xba, 0x70, 0x44, 0x94, 0xc9, 0xfc, 0xd0,
- 0x20, 0x00, 0x87, 0xdc, 0xf3, 0x3c, 0x47, 0x1b, 0x4f, 0x91, 0x4c, 0xc7, 0x49, 0xb7, 0xe4,
- 0xe3, 0x84, 0xb7, 0x82, 0x52, 0xec, 0x91, 0xa9, 0x28, 0x38, 0x2d, 0x48, 0x89, 0xc7, 0xcf,
- 0xfa, 0x63, 0x0b, 0xf0, 0x62, 0x51, 0xac, 0xe9, 0xdb, 0xfd, 0x1c
-};
-
-const std::string RSA_CERT_INFO =
- "Certificate name:\n"
- " /ndn/KEY/site1/ksk-1416425377094/ID-CERT/%FD%00%00%01I%C9%8B.s\n"
- "Validity:\n"
- " NotBefore: 20141119T193302\n"
- " NotAfter: 20151119T193302\n"
- "Subject Description:\n"
- " 2.5.4.41: /ndn/site1\n"
- "Public key bits: (RSA)\n"
- " MIIBIDANBgkqhkiG9w0BAQEFAAOCAQ0AMIIBCAKCAQEAtlR+6PKRfcFtyyVEl5Dc\n"
- " eBUO77Xn/Qks+NWcL+Wmrp1+lS38x8NDRrBvU83NaikdlaFizany+OL6i13+oSsV\n"
- " P39x5j65sSnRIm9W37aFr9SzZ4uUuIPLcobE8oayfJS8OHuMkoY2gw4RjJVJ/8wW\n"
- " YttVQH/IjeQ/hwKHr/Yvin10ENO7o/5ae49WCYtJRp99VaNK6CJ7gIpv3p/7L+v3\n"
- " KYo4Z0GuIXrje5YakDV9BKpNn+bWABdOAjRsVjqBPLR/mEgioJ9TNflOro/D+guT\n"
- " 1FV4BbBAREh0t5stZfA9LocrSCkShfCvxNxzzhiL2UxgFVGuRx4rVN72uncwXWia\n"
- " +wIB\n"
- "Signature Information:\n"
- " Signature Type: SignatureSha256WithRsa\n"
- " Key Locator: (Name) /ndn/KEY/ksk-1416425295546/ID-CERT\n";
-
-BOOST_AUTO_TEST_CASE(Decode)
-{
- ndn::Data data("/tmp");
- data.setContent(REAL_CERT, sizeof(REAL_CERT));
-
- Certificate certificate(data);
-
- std::ostringstream os;
- os << certificate;
- std::string info(os.str());
-
- BOOST_CHECK_EQUAL(REAL_CERT_INFO, info);
-
-
- ndn::Block selfSignedCertBlock(SELF_SIGNED_ECDSA_CERT, sizeof(SELF_SIGNED_ECDSA_CERT));
- Certificate selfSignedCert;
- selfSignedCert.wireDecode(selfSignedCertBlock);
-
- std::ostringstream selfSignedCertOs;
- selfSignedCertOs << selfSignedCert;
- std::string selfSignedCertInfo(selfSignedCertOs.str());
-
- BOOST_CHECK_EQUAL(SELF_SIGNED_ECDSA_CERT_INFO, selfSignedCertInfo);
-
-
- ndn::Block rsaCertBlock(RSA_CERT, sizeof(RSA_CERT));
- Certificate rsaCert;
- rsaCert.wireDecode(rsaCertBlock);
-
- std::ostringstream rsaCertOs;
- rsaCertOs << rsaCert;
- std::string rsaCertInfo(rsaCertOs.str());
-
- BOOST_CHECK_EQUAL(RSA_CERT_INFO, rsaCertInfo);
-}
-
-const uint8_t WRONG_CERT[] = { // first byte is wrong and an error will be thrown out
- 0x31, 0x82, 0x01, 0x63, 0x30, 0x22, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x33, 0x31, 0x31, 0x30,
- 0x31, 0x31, 0x37, 0x31, 0x31, 0x32, 0x32, 0x5a, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x34, 0x31,
- 0x31, 0x30, 0x31, 0x31, 0x37, 0x31, 0x31, 0x32, 0x32, 0x5a, 0x30, 0x19, 0x30, 0x17, 0x06,
- 0x03, 0x55, 0x04, 0x29, 0x13, 0x10, 0x4e, 0x44, 0x4e, 0x20, 0x54, 0x65, 0x73, 0x74, 0x62,
- 0x65, 0x64, 0x20, 0x52, 0x6f, 0x6f, 0x74, 0x30, 0x82, 0x01, 0x20, 0x30, 0x0d, 0x06, 0x09,
- 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0d,
- 0x00, 0x30, 0x82, 0x01, 0x08, 0x02, 0x82, 0x01, 0x01, 0x00, 0xd3, 0xac, 0x7e, 0x7a, 0x5c,
- 0x33, 0x58, 0x21, 0xda, 0xe0, 0x8d, 0xdb, 0xca, 0xb6, 0x02, 0x30, 0x02, 0x15, 0xc5, 0x0a,
- 0x51, 0x54, 0xbb, 0x8e, 0x5e, 0x9d, 0x21, 0xf8, 0x14, 0xbe, 0xe4, 0x63, 0x60, 0x31, 0x53,
- 0xe2, 0xef, 0xee, 0x34, 0xa3, 0x8c, 0xd2, 0x24, 0x6f, 0xa4, 0x89, 0x4f, 0x02, 0x20, 0x7d,
- 0x66, 0xb6, 0x3f, 0x11, 0x40, 0x0c, 0xc1, 0x5f, 0xd8, 0x45, 0x23, 0x95, 0x40, 0xc8, 0xe0,
- 0xbc, 0x9d, 0x2f, 0x03, 0xf1, 0x83, 0x9f, 0x07, 0x0b, 0x76, 0xc9, 0x10, 0xd9, 0x3e, 0x0b,
- 0x75, 0x13, 0x93, 0xe9, 0xc9, 0x85, 0x01, 0x88, 0x36, 0x2e, 0xab, 0xfc, 0xe6, 0x24, 0x32,
- 0xfc, 0xc6, 0x3c, 0x40, 0x97, 0x1a, 0xcc, 0xcd, 0x53, 0xaa, 0x0f, 0xfb, 0xa3, 0xfe, 0xf9,
- 0x24, 0x70, 0x13, 0x3f, 0x4f, 0x5b, 0x7d, 0x43, 0xaa, 0x75, 0x0a, 0x94, 0x72, 0xab, 0xe1,
- 0x8c, 0x45, 0xb5, 0x78, 0x10, 0x01, 0xef, 0x1f, 0xb3, 0x05, 0x6f, 0xa6, 0xc3, 0xac, 0x7f,
- 0x6d, 0xf0, 0x31, 0xc4, 0x83, 0xb3, 0x4f, 0x50, 0x26, 0x92, 0x40, 0x1a, 0xdd, 0xec, 0xfb,
- 0xcb, 0xef, 0x63, 0xfe, 0x41, 0xd8, 0x8d, 0x1f, 0xdc, 0xec, 0xfc, 0x48, 0x95, 0xcc, 0x09,
- 0x1e, 0x30, 0x6e, 0x22, 0x9e, 0x24, 0x97, 0x2e, 0xe6, 0x0c, 0xdf, 0x3d, 0x20, 0x32, 0xaa,
- 0x9c, 0xc9, 0x45, 0x14, 0xaf, 0xaa, 0xf5, 0x17, 0xd2, 0x01, 0x98, 0x33, 0xbe, 0x2a, 0x9f,
- 0x7b, 0x9d, 0x98, 0x7c, 0x54, 0x22, 0xfe, 0x72, 0x72, 0x04, 0xc3, 0x2c, 0xc0, 0x14, 0x0b,
- 0xa9, 0x40, 0x7e, 0x46, 0xa1, 0x75, 0x16, 0x1a, 0x27, 0x9e, 0xf2, 0x82, 0x96, 0xc0, 0x7d,
- 0xaf, 0x18, 0x75, 0xfb, 0xbb, 0xab, 0x16, 0x66, 0xc0, 0xa9, 0xd7, 0x93, 0x4c, 0x48, 0x6d,
- 0xce, 0x0b, 0x88, 0xd4, 0x21, 0x93, 0x84, 0x89, 0x55, 0x05, 0xd5, 0x02, 0x01, 0x11
-};
-
-BOOST_AUTO_TEST_CASE(DecodeError)
-{
- ndn::Data data("/tmp");
- data.setContent(WRONG_CERT, sizeof(WRONG_CERT));
-
- BOOST_CHECK_THROW(Certificate certificate(data), Certificate::Error);
-}
-
-BOOST_AUTO_TEST_SUITE_END() // TestCertificate
-BOOST_AUTO_TEST_SUITE_END() // V1
-BOOST_AUTO_TEST_SUITE_END() // Security
-
-} // namespace tests
-} // namespace v1
-} // namespace security
-} // namespace ndn
diff --git a/tests/unit-tests/security/v1/dummy-keychain.cpp b/tests/unit-tests/security/v1/dummy-keychain.cpp
deleted file mode 100644
index 21db30c..0000000
--- a/tests/unit-tests/security/v1/dummy-keychain.cpp
+++ /dev/null
@@ -1,395 +0,0 @@
-/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
-/**
- * Copyright (c) 2013-2017 Regents of the University of California.
- *
- * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
- *
- * ndn-cxx library is free software: you can redistribute it and/or modify it under the
- * terms of the GNU Lesser General Public License as published by the Free Software
- * Foundation, either version 3 of the License, or (at your option) any later version.
- *
- * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
- * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
- * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
- *
- * You should have received copies of the GNU General Public License and GNU Lesser
- * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
- * <http://www.gnu.org/licenses/>.
- *
- * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
- */
-
-#include "dummy-keychain.hpp"
-#include "encoding/buffer-stream.hpp"
-#include "util/io.hpp"
-#include <boost/iostreams/device/array.hpp>
-
-namespace ndn {
-namespace security {
-namespace v1 {
-
-static const uint8_t DUMMY_CERT[] =
- "Bv0C8Ac4CAVkdW1teQgDa2V5CANLRVkIEWtzay0xNDE4NjAwMzkxMDUwCAdJRC1D"
- "RVJUCAn9AAABSkssIl4UAxgBAhX9AXMwggFvMCIYDzIwMTQxMjE0MjMzOTUxWhgP"
- "MjAzNDEyMDkyMzM5NTFaMCUwIwYDVQQpExwvZHVtbXkva2V5L2tzay0xNDE4NjAw"
- "MzkxMDUwMIIBIDANBgkqhkiG9w0BAQEFAAOCAQ0AMIIBCAKCAQEAxUfhv54Jdgeq"
- "0wmQ/ru9ew/ByCKcQawaZT9Xm9o/sMahwQ9IbNx2Dz4Jkelaxra7+DI0QP3pYctv"
- "Ykn/jwq5y3cO0LJQB+kf/7FtSKG9qBEv8aqq5hDVteBUKiyUXqDmQzbe+mTcJ9Yd"
- "D7siF1dhrjnM3KL1xpcXu3QaV5m/I6cKVwYrJxp3JKr6k5pHhxJlPIyUu7oU3kFW"
- "7bHq2uq4ec9gBXCKwA64IVYVQm1GVDk+V0wr7pw9qD6QNa7eMzrCME6vfM0deSiU"
- "a4TovUJDQFDsM287kYm3tZu7iuJzmOC63tl4YZdyqyOgnqSrUGE1soNHfLokI13H"
- "hSwxok7nuQIBERY0GwEBHC8HLQgFZHVtbXkIA2tleQgDS0VZCBFrc2stMTQxODYw"
- "MDM5MTA1MAgHSUQtQ0VSVBf9AQBLLJoQt9HE93NI3Mv1JCb3ezBCWMwTDnZA+XQV"
- "UgVSvISJfU/lo2sne0SfGp4KsUhj206CDpuh3q0Th5gKSJeysy/bv66V2m2G8aDn"
- "OkJ7Ut+2o/QnFpIMJz+oZf2f9Z0Pchocmkv8y4Fj02t8HCuFO1ekEvOcocZvWbKy"
- "HX+P0OdefPzSC535/rsNHXTzgPsoV+yb13vrm4wPeqPPBs+scQYneIFKkRkGE5PU"
- "pkncAMBN6iWgmSA2RcjcbmT6utCjJTqWviX1XPQtHoF/hBGC0D/TtQDgwVGGibXB"
- "zb+klRHvCC/uUIfjU2HrE705kaw8btPhTP5/PMe8YKkk+hjh";
-
-static const uint8_t DUMMY_SIGNATURE[] =
- {0x17, 0xfd, 0x01, 0x00, 0x93, 0x15, 0x09, 0x49, 0x79, 0x9e, 0xb7, 0x9c, 0xd3, 0xc1, 0xbf, 0x61,
- 0x89, 0xd5, 0xd9, 0xca, 0xf2, 0xb0, 0x14, 0xae, 0x72, 0x7c, 0x1f, 0x8f, 0xf5, 0xb1, 0x70, 0xd6,
- 0x9b, 0x8f, 0xf8, 0xd7, 0x2d, 0xbc, 0x92, 0x6f, 0x7d, 0x77, 0x96, 0x46, 0xea, 0xd4, 0x7d, 0x90,
- 0xbc, 0x7a, 0xeb, 0xe2, 0x03, 0x93, 0xb1, 0xd2, 0x62, 0xec, 0x9d, 0xff, 0x9c, 0x9c, 0x2a, 0x14,
- 0x7d, 0x23, 0xca, 0x29, 0x3d, 0x15, 0x1a, 0x40, 0x42, 0x2c, 0x59, 0x33, 0x8a, 0xf7, 0xc0, 0x6b,
- 0xc4, 0x9c, 0xf3, 0xc4, 0x99, 0xa4, 0x1a, 0x60, 0xf5, 0x28, 0x7d, 0x4c, 0xef, 0x43, 0x7d, 0xbd,
- 0x7d, 0x00, 0x51, 0xee, 0x41, 0xf5, 0x25, 0x80, 0xce, 0xe6, 0x64, 0x4f, 0x75, 0x54, 0xf3, 0xb2,
- 0x99, 0x9a, 0x0f, 0x93, 0x9a, 0x28, 0x1d, 0xfe, 0x12, 0x8a, 0xe0, 0xc1, 0x02, 0xeb, 0xa4, 0x35,
- 0x52, 0x88, 0xac, 0x44, 0x1a, 0x44, 0x82, 0x97, 0x4f, 0x5f, 0xa8, 0xd8, 0x9f, 0x67, 0x38, 0xa8,
- 0x64, 0xb6, 0x62, 0x99, 0xbd, 0x96, 0x3c, 0xf5, 0x86, 0x09, 0x5c, 0x97, 0x6b, 0x8f, 0xae, 0xe0,
- 0x60, 0xe7, 0x23, 0x98, 0x6a, 0xee, 0xc1, 0xb0, 0x14, 0xbe, 0x46, 0x2c, 0xfb, 0xa7, 0x27, 0x73,
- 0xe4, 0xf3, 0x26, 0x33, 0xba, 0x99, 0xd4, 0x01, 0x38, 0xa8, 0xf2, 0x9e, 0x87, 0xe0, 0x71, 0x0b,
- 0x25, 0x44, 0x07, 0x35, 0x88, 0xab, 0x67, 0x27, 0x56, 0x0e, 0xb5, 0xb5, 0xe8, 0x27, 0xb4, 0x49,
- 0xdc, 0xb8, 0x48, 0x31, 0xff, 0x99, 0x48, 0xab, 0x11, 0xb4, 0xa0, 0xdf, 0x8a, 0x6d, 0xff, 0x43,
- 0x69, 0x32, 0xa7, 0xbc, 0x63, 0x9d, 0x0f, 0xe0, 0x95, 0x34, 0x36, 0x25, 0x4b, 0x3e, 0x36, 0xbd,
- 0x81, 0x91, 0x0b, 0x91, 0x9f, 0x3a, 0x04, 0xa2, 0x44, 0x28, 0x19, 0xa1, 0x38, 0x21, 0x4f, 0x25,
- 0x59, 0x8a, 0x48, 0xc2};
-
-const std::string DummyPublicInfo::SCHEME = "pib-dummy";
-const std::string DummyTpm::SCHEME = "tpm-dummy";
-
-NDN_CXX_V1_KEYCHAIN_REGISTER_PIB(DummyPublicInfo, "pib-dummy", "dummy");
-NDN_CXX_V1_KEYCHAIN_REGISTER_TPM(DummyTpm, "tpm-dummy", "dummy");
-
-typedef DummyPublicInfo DummyPublicInfo2;
-typedef DummyTpm DummyTpm2;
-
-NDN_CXX_V1_KEYCHAIN_REGISTER_PIB(DummyPublicInfo2, "pib-dummy2");
-NDN_CXX_V1_KEYCHAIN_REGISTER_TPM(DummyTpm2, "tpm-dummy2");
-
-DummyPublicInfo::DummyPublicInfo(const std::string& locator)
- : SecPublicInfo(locator)
-{
-}
-
-bool
-DummyPublicInfo::doesIdentityExist(const Name& identityName)
-{
- return true;
-}
-
-void
-DummyPublicInfo::addIdentity(const Name& identityName)
-{
-}
-
-bool
-DummyPublicInfo::revokeIdentity()
-{
- return true;
-}
-
-bool
-DummyPublicInfo::doesPublicKeyExist(const Name& keyName)
-{
- return true;
-}
-
-void
-DummyPublicInfo::addKey(const Name& keyName, const v1::PublicKey& publicKey)
-{
-}
-
-shared_ptr<v1::PublicKey>
-DummyPublicInfo::getPublicKey(const Name& keyName)
-{
- static shared_ptr<v1::PublicKey> publicKey = nullptr;
- if (publicKey == nullptr) {
- typedef boost::iostreams::stream<boost::iostreams::array_source> ArrayStream;
- ArrayStream is(reinterpret_cast<const char*>(DUMMY_CERT), sizeof(DUMMY_CERT));
- auto cert = io::load<v1::IdentityCertificate>(is, io::NO_ENCODING);
- publicKey = make_shared<v1::PublicKey>(cert->getPublicKeyInfo());
- }
-
- return publicKey;
-}
-
-KeyType
-DummyPublicInfo::getPublicKeyType(const Name& keyName)
-{
- return KeyType::RSA;
-}
-
-bool
-DummyPublicInfo::doesCertificateExist(const Name& certificateName)
-{
- return true;
-}
-
-void
-DummyPublicInfo::addCertificate(const v1::IdentityCertificate& certificate)
-{
-}
-
-shared_ptr<v1::IdentityCertificate>
-DummyPublicInfo::getCertificate(const Name& certificateName)
-{
- static shared_ptr<v1::IdentityCertificate> cert = nullptr;
- if (cert == nullptr) {
- typedef boost::iostreams::stream<boost::iostreams::array_source> ArrayStream;
- ArrayStream is(reinterpret_cast<const char*>(DUMMY_CERT), sizeof(DUMMY_CERT));
- cert = io::load<v1::IdentityCertificate>(is);
- }
-
- return cert;
-}
-
-Name
-DummyPublicInfo::getDefaultIdentity()
-{
- return "/dummy/key";
-}
-
-Name
-DummyPublicInfo::getDefaultKeyNameForIdentity(const Name& identityName)
-{
- return "/dummy/key/ksk-1418600391050";
-}
-
-Name
-DummyPublicInfo::getDefaultCertificateNameForKey(const Name& keyName)
-{
- return "/dummy/key/KEY/ksk-1418600391050/ID-CERT/%FD%00%00%01JK%2C%22%5E";
-}
-
-void
-DummyPublicInfo::getAllIdentities(std::vector<Name>& nameList, bool isDefault)
-{
- if (isDefault) {
- nameList.push_back("/dummy");
- }
-}
-
-void
-DummyPublicInfo::getAllKeyNames(std::vector<Name>& nameList, bool isDefault)
-{
- if (isDefault) {
- nameList.push_back("/dummy/key/ksk-1418600391050");
- }
-}
-
-void
-DummyPublicInfo::getAllKeyNamesOfIdentity(const Name& identity, std::vector<Name>& nameList,
- bool isDefault)
-{
- if (isDefault) {
- nameList.push_back("/dummy/key/ksk-1418600391050");
- }
-}
-
-void
-DummyPublicInfo::getAllCertificateNames(std::vector<Name>& nameList, bool isDefault)
-{
- if (isDefault) {
- nameList.push_back("/dummy/key/KEY/ksk-1418600391050/ID-CERT/%FD%00%00%01JK%2C%22%5E");
- }
-}
-
-void
-DummyPublicInfo::getAllCertificateNamesOfKey(const Name& keyName, std::vector<Name>& nameList,
- bool isDefault)
-{
- if (isDefault) {
- nameList.push_back("/dummy/key/KEY/ksk-1418600391050/ID-CERT/%FD%00%00%01JK%2C%22%5E");
- }
-}
-
-void
-DummyPublicInfo::deleteCertificateInfo(const Name& certificateName)
-{
-}
-
-void
-DummyPublicInfo::deletePublicKeyInfo(const Name& keyName)
-{
-}
-
-void
-DummyPublicInfo::deleteIdentityInfo(const Name& identity)
-{
-}
-
-void
-DummyPublicInfo::setDefaultIdentityInternal(const Name& identityName)
-{
-}
-
-void
-DummyPublicInfo::setDefaultKeyNameForIdentityInternal(const Name& keyName)
-{
-}
-
-void
-DummyPublicInfo::setDefaultCertificateNameForKeyInternal(const Name& certificateName)
-{
-}
-
-void
-DummyPublicInfo::setTpmLocator(const std::string& tpmLocator)
-{
- m_tpmLocator = tpmLocator;
-}
-
-std::string
-DummyPublicInfo::getTpmLocator()
-{
- return m_tpmLocator;
-}
-
-std::string
-DummyPublicInfo::getScheme()
-{
- return DummyPublicInfo::SCHEME;
-}
-
-//////////////////////////////////////////////////////////////////////////////////////////
-//////////////////////////////////////////////////////////////////////////////////////////
-//////////////////////////////////////////////////////////////////////////////////////////
-//////////////////////////////////////////////////////////////////////////////////////////
-
-DummyTpm::DummyTpm(const std::string& locator)
- : SecTpm(locator)
-{
-}
-
-void
-DummyTpm::setTpmPassword(const uint8_t* password, size_t passwordLength)
-{
-}
-
-void
-DummyTpm::resetTpmPassword()
-{
-}
-
-void
-DummyTpm::setInTerminal(bool inTerminal)
-{
-}
-
-bool
-DummyTpm::getInTerminal() const
-{
- return false;
-}
-
-bool
-DummyTpm::isLocked()
-{
- return false;
-}
-
-bool
-DummyTpm::unlockTpm(const char* password, size_t passwordLength, bool usePassword)
-{
- return true;
-}
-
-void
-DummyTpm::generateKeyPairInTpm(const Name& keyName, const KeyParams& params)
-{
-}
-
-void
-DummyTpm::deleteKeyPairInTpm(const Name& keyName)
-{
-}
-
-shared_ptr<v1::PublicKey>
-DummyTpm::getPublicKeyFromTpm(const Name& keyName)
-{
- return nullptr;
-}
-
-Block
-DummyTpm::signInTpm(const uint8_t* data, size_t dataLength, const Name& keyName,
- DigestAlgorithm digestAlgorithm)
-{
- return Block(DUMMY_SIGNATURE, sizeof(DUMMY_SIGNATURE));
-}
-
-ConstBufferPtr
-DummyTpm::decryptInTpm(const uint8_t* data, size_t dataLength, const Name& keyName,
- bool isSymmetric)
-{
- BOOST_THROW_EXCEPTION(Error("Not supported"));
-}
-
-ConstBufferPtr
-DummyTpm::encryptInTpm(const uint8_t* data, size_t dataLength, const Name& keyName,
- bool isSymmetric)
-{
- BOOST_THROW_EXCEPTION(Error("Not supported"));
-}
-
-void
-DummyTpm::generateSymmetricKeyInTpm(const Name& keyName, const KeyParams& params)
-{
-}
-
-bool
-DummyTpm::doesKeyExistInTpm(const Name& keyName, KeyClass keyClass)
-{
- return true;
-}
-
-bool
-DummyTpm::generateRandomBlock(uint8_t* res, size_t size)
-{
- return false;
-}
-
-void
-DummyTpm::addAppToAcl(const Name& keyName, KeyClass keyClass, const std::string& appPath,
- AclType acl)
-{
-}
-
-ConstBufferPtr
-DummyTpm::exportPrivateKeyPkcs8FromTpm(const Name& keyName)
-{
- BOOST_THROW_EXCEPTION(Error("Not supported"));
-}
-
-bool
-DummyTpm::importPrivateKeyPkcs8IntoTpm(const Name& keyName, const uint8_t* buffer,
- size_t bufferSize)
-{
- return false;
-}
-
-bool
-DummyTpm::importPublicKeyPkcs1IntoTpm(const Name& keyName, const uint8_t* buffer, size_t bufferSize)
-{
- return false;
-}
-
-std::string
-DummyTpm::getScheme()
-{
- return DummyTpm::SCHEME;
-}
-
-} // namespace v1
-} // namespace security
-} // namespace ndn
diff --git a/tests/unit-tests/security/v1/dummy-keychain.hpp b/tests/unit-tests/security/v1/dummy-keychain.hpp
deleted file mode 100644
index 3fe2101..0000000
--- a/tests/unit-tests/security/v1/dummy-keychain.hpp
+++ /dev/null
@@ -1,205 +0,0 @@
-/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
-/**
- * Copyright (c) 2013-2017 Regents of the University of California.
- *
- * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
- *
- * ndn-cxx library is free software: you can redistribute it and/or modify it under the
- * terms of the GNU Lesser General Public License as published by the Free Software
- * Foundation, either version 3 of the License, or (at your option) any later version.
- *
- * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
- * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
- * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
- *
- * You should have received copies of the GNU General Public License and GNU Lesser
- * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
- * <http://www.gnu.org/licenses/>.
- *
- * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
- */
-
-#ifndef NDN_TESTS_SECURITY_V1_DUMMY_KEYCHAIN_HPP
-#define NDN_TESTS_SECURITY_V1_DUMMY_KEYCHAIN_HPP
-
-#include "security/v1/key-chain.hpp"
-
-namespace ndn {
-namespace security {
-namespace v1 {
-
-class DummyPublicInfo : public SecPublicInfo
-{
-public:
- explicit
- DummyPublicInfo(const std::string& locator);
-
- virtual bool
- doesIdentityExist(const Name& identityName);
-
- virtual void
- addIdentity(const Name& identityName);
-
- virtual bool
- revokeIdentity();
-
- virtual bool
- doesPublicKeyExist(const Name& keyName);
-
- virtual void
- addKey(const Name& keyName, const v1::PublicKey& publicKey);
-
- virtual shared_ptr<v1::PublicKey>
- getPublicKey(const Name& keyName);
-
- virtual KeyType
- getPublicKeyType(const Name& keyName);
-
- virtual bool
- doesCertificateExist(const Name& certificateName);
-
- virtual void
- addCertificate(const v1::IdentityCertificate& certificate);
-
- virtual shared_ptr<v1::IdentityCertificate>
- getCertificate(const Name& certificateName);
-
- virtual Name
- getDefaultIdentity();
-
- virtual Name
- getDefaultKeyNameForIdentity(const Name& identityName);
-
- virtual Name
- getDefaultCertificateNameForKey(const Name& keyName);
-
- virtual void
- getAllIdentities(std::vector<Name>& nameList, bool isDefault);
-
- virtual void
- getAllKeyNames(std::vector<Name>& nameList, bool isDefault);
-
- virtual void
- getAllKeyNamesOfIdentity(const Name& identity, std::vector<Name>& nameList, bool isDefault);
-
- virtual void
- getAllCertificateNames(std::vector<Name>& nameList, bool isDefault);
-
- virtual void
- getAllCertificateNamesOfKey(const Name& keyName, std::vector<Name>& nameList, bool isDefault);
-
- virtual void
- deleteCertificateInfo(const Name& certificateName);
-
- virtual void
- deletePublicKeyInfo(const Name& keyName);
-
- virtual void
- deleteIdentityInfo(const Name& identity);
-
- virtual void
- setTpmLocator(const std::string& tpmLocator);
-
- virtual std::string
- getTpmLocator();
-
-protected:
- virtual void
- setDefaultIdentityInternal(const Name& identityName);
-
- virtual void
- setDefaultKeyNameForIdentityInternal(const Name& keyName);
-
- virtual void
- setDefaultCertificateNameForKeyInternal(const Name& certificateName);
-
- virtual std::string
- getScheme();
-
-public:
- static const std::string SCHEME;
-
-private:
- std::string m_tpmLocator;
-};
-
-//////////////////////////////////////////////////////////////////////////////////////////
-//////////////////////////////////////////////////////////////////////////////////////////
-
-class DummyTpm : public SecTpm
-{
-public:
- explicit
- DummyTpm(const std::string& locator);
-
- virtual void
- setTpmPassword(const uint8_t* password, size_t passwordLength);
-
- virtual void
- resetTpmPassword();
-
- virtual void
- setInTerminal(bool inTerminal);
-
- virtual bool
- getInTerminal() const;
-
- virtual bool
- isLocked();
-
- virtual bool
- unlockTpm(const char* password, size_t passwordLength, bool usePassword);
-
- virtual void
- generateKeyPairInTpm(const Name& keyName, const KeyParams& params);
-
- virtual void
- deleteKeyPairInTpm(const Name& keyName);
-
- virtual shared_ptr<v1::PublicKey>
- getPublicKeyFromTpm(const Name& keyName);
-
- virtual Block
- signInTpm(const uint8_t* data, size_t dataLength, const Name& keyName,
- DigestAlgorithm digestAlgorithm);
-
- virtual ConstBufferPtr
- decryptInTpm(const uint8_t* data, size_t dataLength, const Name& keyName, bool isSymmetric);
-
- virtual ConstBufferPtr
- encryptInTpm(const uint8_t* data, size_t dataLength, const Name& keyName, bool isSymmetric);
-
- virtual void
- generateSymmetricKeyInTpm(const Name& keyName, const KeyParams& params);
-
- virtual bool
- doesKeyExistInTpm(const Name& keyName, KeyClass keyClass);
-
- virtual bool
- generateRandomBlock(uint8_t* res, size_t size);
-
- virtual void
- addAppToAcl(const Name& keyName, KeyClass keyClass, const std::string& appPath, AclType acl);
-
- virtual std::string
- getScheme();
-
-protected:
- virtual ConstBufferPtr
- exportPrivateKeyPkcs8FromTpm(const Name& keyName);
-
- virtual bool
- importPrivateKeyPkcs8IntoTpm(const Name& keyName, const uint8_t* buffer, size_t bufferSize);
-
- virtual bool
- importPublicKeyPkcs1IntoTpm(const Name& keyName, const uint8_t* buffer, size_t bufferSize);
-
-public:
- static const std::string SCHEME;
-};
-
-} // namespace v1
-} // namespace security
-} // namespace ndn
-
-#endif // NDN_TESTS_SECURITY_V1_DUMMY_KEYCHAIN_HPP
diff --git a/tests/unit-tests/security/v1/key-chain.t.cpp b/tests/unit-tests/security/v1/key-chain.t.cpp
deleted file mode 100644
index 0ae3cc3..0000000
--- a/tests/unit-tests/security/v1/key-chain.t.cpp
+++ /dev/null
@@ -1,430 +0,0 @@
-/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
-/**
- * Copyright (c) 2013-2017 Regents of the University of California.
- *
- * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
- *
- * ndn-cxx library is free software: you can redistribute it and/or modify it under the
- * terms of the GNU Lesser General Public License as published by the Free Software
- * Foundation, either version 3 of the License, or (at your option) any later version.
- *
- * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
- * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
- * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
- *
- * You should have received copies of the GNU General Public License and GNU Lesser
- * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
- * <http://www.gnu.org/licenses/>.
- *
- * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
- */
-
-#include "security/v1/key-chain.hpp"
-#include "security/validator.hpp"
-#include "security/signing-helpers.hpp"
-
-#include "boost-test.hpp"
-#include "dummy-keychain.hpp"
-#include "../../test-home-env-saver.hpp"
-#include "test-home-fixture.hpp"
-#include "identity-management-fixture.hpp"
-
-#include <boost/algorithm/string.hpp>
-#include <boost/filesystem.hpp>
-#include <cstdlib>
-
-namespace ndn {
-namespace security {
-namespace v1 {
-namespace tests {
-
-using namespace ndn::tests;
-
-BOOST_AUTO_TEST_SUITE(Security)
-BOOST_AUTO_TEST_SUITE(V1)
-BOOST_FIXTURE_TEST_SUITE(TestKeyChain, TestHomeEnvSaver)
-
-template<class Path>
-class TestHomeAndPibFixture : public TestHomeFixture<Path>
-{
-public:
- TestHomeAndPibFixture()
- {
- unsetenv("NDN_CLIENT_PIB");
- unsetenv("NDN_CLIENT_TPM");
- }
-};
-
-struct PibPathSqlite3File
-{
- const std::string PATH = "build/keys-sqlite3-file/";
-};
-
-BOOST_FIXTURE_TEST_CASE(ConstructorNormalConfig, TestHomeAndPibFixture<PibPathSqlite3File>)
-{
- createClientConf({"pib=pib-sqlite3:%PATH%", "tpm=tpm-file:%PATH%"});
-
- BOOST_REQUIRE_NO_THROW(KeyChain());
-
- KeyChain keyChain;
- BOOST_CHECK_EQUAL(keyChain.getPib().getPibLocator(), "pib-sqlite3:" + m_pibDir);
- BOOST_CHECK_EQUAL(keyChain.getPib().getTpmLocator(), "tpm-file:" + m_pibDir);
- BOOST_CHECK_EQUAL(keyChain.getTpm().getTpmLocator(), "tpm-file:" + m_pibDir);
-}
-
-struct PibPathSqlite3Empty
-{
- const std::string PATH = "build/keys-sqlite3-empty/";
-};
-
-BOOST_FIXTURE_TEST_CASE(ConstructorEmptyConfig, TestHomeAndPibFixture<PibPathSqlite3Empty>)
-{
- createClientConf({"pib=pib-sqlite3:%PATH%"});
-
-#if defined(NDN_CXX_HAVE_OSX_FRAMEWORKS)
- std::string oldHOME;
- if (std::getenv("OLD_HOME"))
- oldHOME = std::getenv("OLD_HOME");
-
- std::string HOME;
- if (std::getenv("HOME"))
- HOME = std::getenv("HOME");
-
- if (!oldHOME.empty())
- setenv("HOME", oldHOME.c_str(), true);
- else
- unsetenv("HOME");
-#endif
-
- BOOST_REQUIRE_NO_THROW(KeyChain());
- KeyChain keyChain;
- BOOST_CHECK_EQUAL(keyChain.getPib().getPibLocator(), "pib-sqlite3:" + m_pibDir);
-
-#if defined(NDN_CXX_HAVE_OSX_FRAMEWORKS)
- BOOST_CHECK_EQUAL(keyChain.getPib().getTpmLocator(), "tpm-osxkeychain:");
- BOOST_CHECK_EQUAL(keyChain.getTpm().getTpmLocator(), "tpm-osxkeychain:");
-#else
- BOOST_CHECK_EQUAL(keyChain.getPib().getTpmLocator(), "tpm-file:");
- BOOST_CHECK_EQUAL(keyChain.getTpm().getTpmLocator(), "tpm-file:");
-#endif
-
-#if defined(NDN_CXX_HAVE_OSX_FRAMEWORKS)
- if (!HOME.empty())
- setenv("HOME", HOME.c_str(), true);
- else
- unsetenv("HOME");
-#endif
-}
-
-struct PibPathEmptyFile
-{
- const std::string PATH = "build/keys-empty-file/";
-};
-
-BOOST_FIXTURE_TEST_CASE(ConstructorEmpty2Config, TestHomeAndPibFixture<PibPathEmptyFile>)
-{
- createClientConf({"tpm=tpm-file:%PATH%"});
-
- BOOST_REQUIRE_NO_THROW(KeyChain());
-
- KeyChain keyChain;
- BOOST_CHECK_EQUAL(keyChain.getPib().getPibLocator(), "pib-sqlite3:");
- BOOST_CHECK_EQUAL(keyChain.getPib().getTpmLocator(), "tpm-file:" + m_pibDir);
- BOOST_CHECK_EQUAL(keyChain.getTpm().getTpmLocator(), "tpm-file:" + m_pibDir);
-}
-
-BOOST_FIXTURE_TEST_CASE(ConstructorMalConfig, TestHomeAndPibFixture<DefaultPibDir>)
-{
- createClientConf({"pib=lord", "tpm=ring"});
-
- BOOST_REQUIRE_THROW(KeyChain(), KeyChain::Error); // Wrong configuration. Error expected.
-}
-
-BOOST_FIXTURE_TEST_CASE(ConstructorMal2Config, TestHomeAndPibFixture<DefaultPibDir>)
-{
- createClientConf({"pib=pib-sqlite3:%PATH%", "tpm=just-wrong"});
- BOOST_REQUIRE_THROW(KeyChain(), KeyChain::Error); // Wrong configuration. Error expected.
-}
-
-BOOST_FIXTURE_TEST_CASE(ExportIdentity, IdentityManagementV1Fixture)
-{
- Name identity("/TestKeyChain/ExportIdentity/");
- identity.appendVersion();
- addIdentity(identity);
-
- shared_ptr<SecuredBag> exported = m_keyChain.exportIdentity(identity, "1234");
-
- Block block = exported->wireEncode();
-
- Name keyName = m_keyChain.getDefaultKeyNameForIdentity(identity);
- Name certName = m_keyChain.getDefaultCertificateNameForKey(keyName);
-
- m_keyChain.deleteIdentity(identity);
-
- BOOST_CHECK_EQUAL(m_keyChain.doesIdentityExist(identity), false);
- BOOST_CHECK_EQUAL(m_keyChain.doesPublicKeyExist(keyName), false);
- BOOST_CHECK_EQUAL(m_keyChain.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), false);
- BOOST_CHECK_EQUAL(m_keyChain.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), false);
- BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName), false);
-
- SecuredBag imported;
- imported.wireDecode(block);
- m_keyChain.importIdentity(imported, "1234");
-
- BOOST_CHECK(m_keyChain.doesIdentityExist(identity));
- BOOST_CHECK(m_keyChain.doesPublicKeyExist(keyName));
- BOOST_CHECK(m_keyChain.doesKeyExistInTpm(keyName, KeyClass::PRIVATE));
- BOOST_CHECK(m_keyChain.doesKeyExistInTpm(keyName, KeyClass::PUBLIC));
- BOOST_CHECK(m_keyChain.doesCertificateExist(certName));
-}
-
-BOOST_FIXTURE_TEST_CASE(PrepareIdentityCertificate, IdentityManagementV1Fixture)
-{
- Name identity("/TestKeyChain/PrepareIdentityCertificate/");
- identity.appendVersion();
- addIdentity(identity);
-
- std::vector<v1::CertificateSubjectDescription> subjectDescription;
- Name lowerIdentity = identity;
- lowerIdentity.append("Lower").appendVersion();
- Name lowerKeyName = m_keyChain.generateRsaKeyPair(lowerIdentity, true);
- shared_ptr<v1::IdentityCertificate> idCert =
- m_keyChain.prepareUnsignedIdentityCertificate(lowerKeyName, identity,
- time::system_clock::now(),
- time::system_clock::now() + time::days(365),
- subjectDescription);
- BOOST_CHECK(static_cast<bool>(idCert));
- BOOST_CHECK_EQUAL(idCert->getName().getPrefix(5),
- Name().append(identity).append("KEY").append("Lower"));
- BOOST_CHECK(idCert->getFreshnessPeriod() >= time::milliseconds::zero());
-
- shared_ptr<v1::IdentityCertificate> idCert11 =
- m_keyChain.prepareUnsignedIdentityCertificate(lowerKeyName, identity,
- time::system_clock::now(),
- time::system_clock::now() + time::days(365),
- subjectDescription,
- lowerIdentity);
- BOOST_CHECK(static_cast<bool>(idCert11));
- BOOST_CHECK_EQUAL(idCert11->getName().getPrefix(6),
- Name().append(lowerIdentity).append("KEY"));
-
- Name anotherIdentity("/TestKeyChain/PrepareIdentityCertificate/Another/");
- anotherIdentity.appendVersion();
- Name anotherKeyName = m_keyChain.generateRsaKeyPair(anotherIdentity, true);
- shared_ptr<v1::IdentityCertificate> idCert2 =
- m_keyChain.prepareUnsignedIdentityCertificate(anotherKeyName, identity,
- time::system_clock::now(),
- time::system_clock::now() + time::days(365),
- subjectDescription);
- BOOST_CHECK(static_cast<bool>(idCert2));
- BOOST_CHECK_EQUAL(idCert2->getName().getPrefix(5), Name().append(anotherIdentity).append("KEY"));
-
-
- Name wrongKeyName1;
- shared_ptr<v1::IdentityCertificate> idCert3 =
- m_keyChain.prepareUnsignedIdentityCertificate(wrongKeyName1, identity,
- time::system_clock::now(),
- time::system_clock::now() + time::days(365),
- subjectDescription);
- BOOST_CHECK_EQUAL(static_cast<bool>(idCert3), false);
-
-
- Name wrongKeyName2("/TestKeyChain/PrepareIdentityCertificate");
- shared_ptr<v1::IdentityCertificate> idCert4 =
- m_keyChain.prepareUnsignedIdentityCertificate(wrongKeyName2, identity,
- time::system_clock::now(),
- time::system_clock::now() + time::days(365),
- subjectDescription);
- BOOST_CHECK_EQUAL(static_cast<bool>(idCert4), false);
-
-
- Name wrongKeyName3("/TestKeyChain/PrepareIdentityCertificate/ksk-1234");
- shared_ptr<v1::IdentityCertificate> idCert5 =
- m_keyChain.prepareUnsignedIdentityCertificate(wrongKeyName3, identity,
- time::system_clock::now(),
- time::system_clock::now() + time::days(365),
- subjectDescription);
- BOOST_CHECK_EQUAL(static_cast<bool>(idCert5), false);
-}
-
-BOOST_FIXTURE_TEST_CASE(Delete, IdentityManagementV1Fixture)
-{
- Name identity("/TestSecPublicInfoSqlite3/Delete");
- identity.appendVersion();
-
- Name certName1;
- BOOST_REQUIRE_NO_THROW(certName1 = m_keyChain.createIdentity(identity));
-
- Name keyName1 = v1::IdentityCertificate::certificateNameToPublicKeyName(certName1);
- Name keyName2;
- BOOST_REQUIRE_NO_THROW(keyName2 = m_keyChain.generateRsaKeyPairAsDefault(identity));
-
- shared_ptr<v1::IdentityCertificate> cert2;
- BOOST_REQUIRE_NO_THROW(cert2 = m_keyChain.selfSign(keyName2));
- Name certName2 = cert2->getName();
- BOOST_REQUIRE_NO_THROW(m_keyChain.addCertificateAsKeyDefault(*cert2));
-
- Name keyName3;
- BOOST_REQUIRE_NO_THROW(keyName3 = m_keyChain.generateRsaKeyPairAsDefault(identity));
-
- shared_ptr<v1::IdentityCertificate> cert3;
- BOOST_REQUIRE_NO_THROW(cert3 = m_keyChain.selfSign(keyName3));
- Name certName3 = cert3->getName();
- BOOST_REQUIRE_NO_THROW(m_keyChain.addCertificateAsKeyDefault(*cert3));
- shared_ptr<v1::IdentityCertificate> cert4;
- BOOST_REQUIRE_NO_THROW(cert4 = m_keyChain.selfSign(keyName3));
- Name certName4 = cert4->getName();
- BOOST_REQUIRE_NO_THROW(m_keyChain.addCertificateAsKeyDefault(*cert4));
- shared_ptr<v1::IdentityCertificate> cert5;
- BOOST_REQUIRE_NO_THROW(cert5 = m_keyChain.selfSign(keyName3));
- Name certName5 = cert5->getName();
- BOOST_REQUIRE_NO_THROW(m_keyChain.addCertificateAsKeyDefault(*cert5));
-
- BOOST_CHECK_EQUAL(m_keyChain.doesIdentityExist(identity), true);
- BOOST_CHECK_EQUAL(m_keyChain.doesPublicKeyExist(keyName1), true);
- BOOST_CHECK_EQUAL(m_keyChain.doesPublicKeyExist(keyName2), true);
- BOOST_CHECK_EQUAL(m_keyChain.doesPublicKeyExist(keyName3), true);
- BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName1), true);
- BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName2), true);
- BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName3), true);
- BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName4), true);
- BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName5), true);
-
- BOOST_REQUIRE_NO_THROW(m_keyChain.deleteCertificate(certName5));
- BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName5), false);
- BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName3), true);
- BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName4), true);
- BOOST_CHECK_EQUAL(m_keyChain.doesPublicKeyExist(keyName3), true);
-
- BOOST_REQUIRE_NO_THROW(m_keyChain.deleteKey(keyName3));
- BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName4), false);
- BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName3), false);
- BOOST_CHECK_EQUAL(m_keyChain.doesPublicKeyExist(keyName3), false);
- BOOST_CHECK_EQUAL(m_keyChain.doesPublicKeyExist(keyName2), true);
- BOOST_CHECK_EQUAL(m_keyChain.doesPublicKeyExist(keyName1), true);
- BOOST_CHECK_EQUAL(m_keyChain.doesIdentityExist(identity), true);
-
- BOOST_REQUIRE_NO_THROW(m_keyChain.deleteIdentity(identity));
- BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName2), false);
- BOOST_CHECK_EQUAL(m_keyChain.doesPublicKeyExist(keyName2), false);
- BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName1), false);
- BOOST_CHECK_EQUAL(m_keyChain.doesPublicKeyExist(keyName1), false);
- BOOST_CHECK_EQUAL(m_keyChain.doesIdentityExist(identity), false);
-}
-
-BOOST_AUTO_TEST_CASE(KeyChainWithCustomTpmAndPib)
-{
- BOOST_REQUIRE_NO_THROW((KeyChain("pib-dummy", "tpm-dummy")));
- BOOST_REQUIRE_NO_THROW((KeyChain("pib-dummy2", "tpm-dummy2")));
- BOOST_REQUIRE_NO_THROW((KeyChain("dummy", "dummy")));
- BOOST_REQUIRE_NO_THROW((KeyChain("dummy:", "dummy:")));
- BOOST_REQUIRE_NO_THROW((KeyChain("dummy:/something", "dummy:/something")));
-
- KeyChain keyChain("dummy", "dummy");
- BOOST_CHECK_EQUAL(keyChain.getPib().getPibLocator(), "pib-dummy:");
- BOOST_CHECK_EQUAL(keyChain.getPib().getTpmLocator(), "tpm-dummy:");
- BOOST_CHECK_EQUAL(keyChain.getTpm().getTpmLocator(), "tpm-dummy:");
- BOOST_CHECK_EQUAL(keyChain.getDefaultIdentity(), "/dummy/key");
-}
-
-BOOST_FIXTURE_TEST_CASE(GeneralSigningInterface, IdentityManagementV1Fixture)
-{
- Name id("/id");
- Name certName = m_keyChain.createIdentity(id);
- shared_ptr<v1::IdentityCertificate> idCert = m_keyChain.getCertificate(certName);
- Name keyName = idCert->getPublicKeyName();
- m_keyChain.setDefaultIdentity(id);
-
- Name id2("/id2");
- Name cert2Name = m_keyChain.createIdentity(id2);
- shared_ptr<v1::IdentityCertificate> id2Cert = m_keyChain.getCertificate(cert2Name);
-
- // SigningInfo is set to default
- Data data1("/data1");
- m_keyChain.sign(data1);
- BOOST_CHECK(Validator::verifySignature(data1, idCert->getPublicKeyInfo()));
- BOOST_CHECK_EQUAL(data1.getSignature().getKeyLocator().getName(), certName.getPrefix(-1));
-
- Interest interest1("/interest1");
- m_keyChain.sign(interest1);
- BOOST_CHECK(Validator::verifySignature(interest1, idCert->getPublicKeyInfo()));
- SignatureInfo sigInfo1(interest1.getName()[-2].blockFromValue());
- BOOST_CHECK_EQUAL(sigInfo1.getKeyLocator().getName(), certName.getPrefix(-1));
-
- // SigningInfo is set to Identity
- Data data2("/data2");
- m_keyChain.sign(data2, SigningInfo(SigningInfo::SIGNER_TYPE_ID, id2));
- BOOST_CHECK(Validator::verifySignature(data2, id2Cert->getPublicKeyInfo()));
- BOOST_CHECK_EQUAL(data2.getSignature().getKeyLocator().getName(), cert2Name.getPrefix(-1));
-
- Interest interest2("/interest2");
- m_keyChain.sign(interest2, SigningInfo(SigningInfo::SIGNER_TYPE_ID, id2));
- BOOST_CHECK(Validator::verifySignature(interest2, id2Cert->getPublicKeyInfo()));
- SignatureInfo sigInfo2(interest2.getName()[-2].blockFromValue());
- BOOST_CHECK_EQUAL(sigInfo2.getKeyLocator().getName(), cert2Name.getPrefix(-1));
-
- // SigningInfo is set to Key
- Data data3("/data3");
- m_keyChain.sign(data3, SigningInfo(SigningInfo::SIGNER_TYPE_KEY, keyName));
- BOOST_CHECK(Validator::verifySignature(data3, idCert->getPublicKeyInfo()));
- BOOST_CHECK_EQUAL(data3.getSignature().getKeyLocator().getName(), certName.getPrefix(-1));
-
- Interest interest3("/interest3");
- m_keyChain.sign(interest3);
- BOOST_CHECK(Validator::verifySignature(interest3, idCert->getPublicKeyInfo()));
- SignatureInfo sigInfo3(interest1.getName()[-2].blockFromValue());
- BOOST_CHECK_EQUAL(sigInfo3.getKeyLocator().getName(), certName.getPrefix(-1));
-
- // SigningInfo is set to Cert
- Data data4("/data4");
- m_keyChain.sign(data4, SigningInfo(SigningInfo::SIGNER_TYPE_CERT, certName));
- BOOST_CHECK(Validator::verifySignature(data4, idCert->getPublicKeyInfo()));
- BOOST_CHECK_EQUAL(data4.getSignature().getKeyLocator().getName(), certName.getPrefix(-1));
-
- Interest interest4("/interest4");
- m_keyChain.sign(interest4, SigningInfo(SigningInfo::SIGNER_TYPE_CERT, certName));
- BOOST_CHECK(Validator::verifySignature(interest4, idCert->getPublicKeyInfo()));
- SignatureInfo sigInfo4(interest4.getName()[-2].blockFromValue());
- BOOST_CHECK_EQUAL(sigInfo4.getKeyLocator().getName(), certName.getPrefix(-1));
-
-
- // SigningInfo is set to DigestSha256
- Data data5("/data5");
- m_keyChain.sign(data5, SigningInfo(SigningInfo::SIGNER_TYPE_SHA256));
- BOOST_CHECK(Validator::verifySignature(data5, DigestSha256(data5.getSignature())));
-
- Interest interest5("/interest4");
- m_keyChain.sign(interest5, SigningInfo(SigningInfo::SIGNER_TYPE_SHA256));
- BOOST_CHECK(Validator::verifySignature(interest5,
- DigestSha256(Signature(interest5.getName()[-2].blockFromValue(),
- interest5.getName()[-1].blockFromValue()))));
-}
-
-BOOST_FIXTURE_TEST_CASE(EcdsaSigningByIdentityNoCert, IdentityManagementV1Fixture)
-{
- Data data("/test/data");
-
- Name nonExistingIdentity = Name("/non-existing/identity").appendVersion();
-
- BOOST_CHECK_NO_THROW(m_keyChain.sign(data, signingByIdentity(nonExistingIdentity)));
- BOOST_CHECK_EQUAL(data.getSignature().getType(),
- KeyChain::getSignatureType(KeyChain::DEFAULT_KEY_PARAMS.getKeyType(),
- DigestAlgorithm::SHA256));
- BOOST_CHECK(nonExistingIdentity.isPrefixOf(data.getSignature().getKeyLocator().getName()));
-
- Name ecIdentity = Name("/ndn/test/ec").appendVersion();
- Name ecKeyName = m_keyChain.generateEcKeyPairAsDefault(ecIdentity, false, 256);
- BOOST_CHECK_NO_THROW(m_keyChain.sign(data, signingByIdentity(ecIdentity)));
- BOOST_CHECK_EQUAL(data.getSignature().getType(),
- KeyChain::getSignatureType(EcKeyParams().getKeyType(), DigestAlgorithm::SHA256));
- BOOST_CHECK(ecIdentity.isPrefixOf(data.getSignature().getKeyLocator().getName()));
-}
-
-BOOST_AUTO_TEST_SUITE_END() // TestKeyChain
-BOOST_AUTO_TEST_SUITE_END() // V1
-BOOST_AUTO_TEST_SUITE_END() // Security
-
-} // namespace tests
-} // namespace v1
-} // namespace security
-} // namespace ndn
diff --git a/tests/unit-tests/security/v1/public-key.t.cpp b/tests/unit-tests/security/v1/public-key.t.cpp
deleted file mode 100644
index 41ee7d6..0000000
--- a/tests/unit-tests/security/v1/public-key.t.cpp
+++ /dev/null
@@ -1,115 +0,0 @@
-/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
-/**
- * Copyright (c) 2013-2017 Regents of the University of California.
- *
- * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
- *
- * ndn-cxx library is free software: you can redistribute it and/or modify it under the
- * terms of the GNU Lesser General Public License as published by the Free Software
- * Foundation, either version 3 of the License, or (at your option) any later version.
- *
- * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
- * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
- * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
- *
- * You should have received copies of the GNU General Public License and GNU Lesser
- * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
- * <http://www.gnu.org/licenses/>.
- *
- * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
- */
-
-#include "security/v1/public-key.hpp"
-#include "security/v1/cryptopp.hpp"
-#include "encoding/buffer-stream.hpp"
-
-#include "boost-test.hpp"
-
-namespace ndn {
-namespace security {
-namespace v1 {
-namespace tests {
-
-BOOST_AUTO_TEST_SUITE(Security)
-BOOST_AUTO_TEST_SUITE(V1)
-BOOST_AUTO_TEST_SUITE(TestPublicKey)
-
-const std::string RSA_DER("MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFoDcNtffwbfFix64fw0\
-hI2tKMkFrc6Ex7yw0YLMK9vGE8lXOyBl/qXabow6RCz+GldmFN6E2Qhm1+AX3Zm5\
-sj3H53/HPtzMefvMQ9X7U+lK8eNMWawpRzvBh4/36VrK/awlkNIVIQ9aXj6q6BVe\
-zL+zWT/WYemLq/8A1/hHWiwCtfOH1xQhGqWHJzeSgwIgOOrzxTbRaCjhAb1u2TeV\
-yx/I9H/DV+AqSHCaYbB92HDcDN0kqwSnUf5H1+osE9MR5DLBLhXdSiULSgxT3Or/\
-y2QgsgUK59WrjhlVMPEiHHRs15NZJbL1uQFXjgScdEarohcY3dilqotineFZCeN8\
-DwIDAQAB");
-
-const uint8_t RSA_DER_KEY_DIGEST[] = {
- 0x1d, 0x20,
- 0x58, 0x72, 0x4c, 0xf7, 0x36, 0x3d, 0xee, 0x4a,
- 0x5c, 0x5b, 0x39, 0x44, 0x2d, 0xf6, 0x1a, 0x24,
- 0xda, 0x13, 0xac, 0xab, 0x70, 0xf7, 0x74, 0x40,
- 0x5a, 0x44, 0xfe, 0xc0, 0xc9, 0x26, 0x58, 0x74
-};
-
-const std::string ECDSA_DER("MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAENZpqkPJDj8uhSpffOiCbvSYMLsGB\
-1Eo/WU6mrexjGvduQXjqwon/eSHFI6EgHZk8L9KfiV5XVtVsk2g5wIpJVg==");
-
-const uint8_t ECDSA_DER_KEY_DIGEST[] = {
- 0x1d, 0x20,
- 0xaf, 0x82, 0x3f, 0xfc, 0xdc, 0x85, 0xb2, 0xa4,
- 0xc8, 0xf5, 0x3b, 0x1a, 0xf8, 0xec, 0x4a, 0x55,
- 0x97, 0x55, 0x19, 0x3f, 0x54, 0xdd, 0xd0, 0xfd,
- 0xb5, 0x9d, 0x80, 0x65, 0x80, 0x6b, 0x4b, 0x63
-};
-
-BOOST_AUTO_TEST_CASE(Rsa)
-{
- using namespace CryptoPP;
-
- OBufferStream os;
- StringSource ss(reinterpret_cast<const uint8_t*>(RSA_DER.c_str()), RSA_DER.size(),
- true, new Base64Decoder(new FileSink(os)));
-
- shared_ptr<PublicKey> publicKey;
- BOOST_REQUIRE_NO_THROW(publicKey = shared_ptr<PublicKey>(new PublicKey(os.buf()->buf(),
- os.buf()->size())));
-
- BOOST_CHECK_EQUAL(publicKey->getKeyType(), KeyType::RSA);
-
- Block digestBlock(RSA_DER_KEY_DIGEST, sizeof(RSA_DER_KEY_DIGEST));
- const Block& digest = publicKey->computeDigest();
- BOOST_CHECK_EQUAL_COLLECTIONS(digestBlock.wire(),
- digestBlock.wire() + digestBlock.size(),
- digest.wire(),
- digest.wire() + digest.size());
-}
-
-BOOST_AUTO_TEST_CASE(Ec)
-{
- using namespace CryptoPP;
-
- OBufferStream os;
- StringSource ss(reinterpret_cast<const uint8_t*>(ECDSA_DER.c_str()), ECDSA_DER.size(),
- true, new Base64Decoder(new FileSink(os)));
-
- shared_ptr<PublicKey> publicKey;
- BOOST_REQUIRE_NO_THROW(publicKey = shared_ptr<PublicKey>(new PublicKey(os.buf()->buf(),
- os.buf()->size())));
-
- BOOST_CHECK_EQUAL(publicKey->getKeyType(), KeyType::EC);
-
- Block digestBlock(ECDSA_DER_KEY_DIGEST, sizeof(ECDSA_DER_KEY_DIGEST));
- const Block& digest = publicKey->computeDigest();
- BOOST_CHECK_EQUAL_COLLECTIONS(digestBlock.wire(),
- digestBlock.wire() + digestBlock.size(),
- digest.wire(),
- digest.wire() + digest.size());
-}
-
-BOOST_AUTO_TEST_SUITE_END() // TestPublicKey
-BOOST_AUTO_TEST_SUITE_END() // V1
-BOOST_AUTO_TEST_SUITE_END() // Security
-
-} // namespace tests
-} // namespace v1
-} // namespace security
-} // namespace ndn
diff --git a/tests/unit-tests/security/v1/sec-public-info-sqlite3.t.cpp b/tests/unit-tests/security/v1/sec-public-info-sqlite3.t.cpp
deleted file mode 100644
index aaa0499..0000000
--- a/tests/unit-tests/security/v1/sec-public-info-sqlite3.t.cpp
+++ /dev/null
@@ -1,156 +0,0 @@
-/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
-/**
- * Copyright (c) 2013-2017 Regents of the University of California.
- *
- * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
- *
- * ndn-cxx library is free software: you can redistribute it and/or modify it under the
- * terms of the GNU Lesser General Public License as published by the Free Software
- * Foundation, either version 3 of the License, or (at your option) any later version.
- *
- * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
- * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
- * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
- *
- * You should have received copies of the GNU General Public License and GNU Lesser
- * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
- * <http://www.gnu.org/licenses/>.
- *
- * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
- */
-
-#include "security/v1/sec-public-info-sqlite3.hpp"
-#include "security/v1/key-chain.hpp"
-#include "security/v1/cryptopp.hpp"
-#include "encoding/buffer-stream.hpp"
-#include "util/time.hpp"
-
-#include "boost-test.hpp"
-
-#include <boost/filesystem.hpp>
-#include <boost/lexical_cast.hpp>
-
-namespace ndn {
-namespace security {
-namespace v1 {
-namespace tests {
-
-class PibTmpPathFixture
-{
-public:
- PibTmpPathFixture()
- {
- boost::system::error_code error;
- tmpPath = boost::filesystem::temp_directory_path(error);
- BOOST_REQUIRE(boost::system::errc::success == error.value());
- tmpPath /= boost::lexical_cast<std::string>(random::generateWord32());
- }
-
- ~PibTmpPathFixture()
- {
- boost::filesystem::remove_all(tmpPath);
- }
-
-public:
- boost::filesystem::path tmpPath;
-};
-
-BOOST_AUTO_TEST_SUITE(Security)
-BOOST_AUTO_TEST_SUITE(V1)
-BOOST_AUTO_TEST_SUITE(TestSecPublicInfoSqlite3)
-
-const std::string RSA_DER("MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFoDcNtffwbfFix64fw0\
-hI2tKMkFrc6Ex7yw0YLMK9vGE8lXOyBl/qXabow6RCz+GldmFN6E2Qhm1+AX3Zm5\
-sj3H53/HPtzMefvMQ9X7U+lK8eNMWawpRzvBh4/36VrK/awlkNIVIQ9aXj6q6BVe\
-zL+zWT/WYemLq/8A1/hHWiwCtfOH1xQhGqWHJzeSgwIgOOrzxTbRaCjhAb1u2TeV\
-yx/I9H/DV+AqSHCaYbB92HDcDN0kqwSnUf5H1+osE9MR5DLBLhXdSiULSgxT3Or/\
-y2QgsgUK59WrjhlVMPEiHHRs15NZJbL1uQFXjgScdEarohcY3dilqotineFZCeN8\
-DwIDAQAB");
-const std::string ECDSA_DER("MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAENZpqkPJDj8uhSpffOiCbvSYMLsGB\
-1Eo/WU6mrexjGvduQXjqwon/eSHFI6EgHZk8L9KfiV5XVtVsk2g5wIpJVg==");
-
-BOOST_FIXTURE_TEST_CASE(Basic, PibTmpPathFixture)
-{
- SecPublicInfoSqlite3 pib(tmpPath.generic_string());
-
- BOOST_CHECK(pib.doesTableExist("Identity"));
- BOOST_CHECK(pib.doesTableExist("Key"));
- BOOST_CHECK(pib.doesTableExist("Certificate"));
-}
-
-BOOST_FIXTURE_TEST_CASE(TpmLocatorTest, PibTmpPathFixture)
-{
- SecPublicInfoSqlite3 pib(tmpPath.generic_string());
-
- BOOST_REQUIRE_THROW(pib.getTpmLocator(), SecPublicInfo::Error);
- pib.addIdentity("/test/id1");
- BOOST_CHECK(pib.doesIdentityExist("/test/id1"));
-
- // Pib does not have tpmInfo set yet, setTpmInfo simply set the tpmInfo.
- std::string tpmLocator("tpm-file:");
- tpmLocator.append((tmpPath / "tpm").generic_string());
- pib.setTpmLocator(tpmLocator);
- BOOST_CHECK(pib.doesIdentityExist("/test/id1"));
-
- BOOST_REQUIRE_NO_THROW(pib.getTpmLocator());
- BOOST_CHECK_EQUAL(tpmLocator, pib.getTpmLocator());
-
- // Pib has tpmInfo set, set a different tpmInfo will reset Pib content.
- std::string tpmLocator3("tpm-osxkeychain:");
- pib.setTpmLocator(tpmLocator3);
- BOOST_CHECK(!pib.doesIdentityExist("/test/id1"));
-}
-
-BOOST_AUTO_TEST_CASE(KeyTypeRsa)
-{
- using namespace CryptoPP;
-
- OBufferStream os;
- StringSource ss(reinterpret_cast<const uint8_t*>(RSA_DER.c_str()), RSA_DER.size(),
- true, new Base64Decoder(new FileSink(os)));
-
- shared_ptr<v1::PublicKey> rsaKey;
- BOOST_REQUIRE_NO_THROW(rsaKey = make_shared<v1::PublicKey>(os.buf()->buf(), os.buf()->size()));
- Name rsaKeyName("/TestSecPublicInfoSqlite3/KeyType/RSA/ksk-123");
- SecPublicInfoSqlite3 pib;
- pib.addKey(rsaKeyName, *rsaKey);
-
- BOOST_CHECK_EQUAL(KeyType::RSA, pib.getPublicKeyType(rsaKeyName));
-
- pib.deleteIdentityInfo(Name("/TestSecPublicInfoSqlite3/KeyType/RSA"));
-}
-
-BOOST_AUTO_TEST_CASE(KeyTypeEc)
-{
- using namespace CryptoPP;
-
- OBufferStream os;
- StringSource ss(reinterpret_cast<const uint8_t*>(ECDSA_DER.c_str()), ECDSA_DER.size(),
- true, new Base64Decoder(new FileSink(os)));
-
- shared_ptr<v1::PublicKey> ecKey;
- BOOST_REQUIRE_NO_THROW(ecKey = make_shared<v1::PublicKey>(os.buf()->buf(), os.buf()->size()));
- Name ecKeyName("/TestSecPublicInfoSqlite3/KeyType/EC/ksk-123");
- SecPublicInfoSqlite3 pib;
- pib.addKey(ecKeyName, *ecKey);
-
- BOOST_CHECK_EQUAL(KeyType::EC, pib.getPublicKeyType(ecKeyName));
- pib.deleteIdentityInfo(Name("/TestSecPublicInfoSqlite3/KeyType/EC"));
-}
-
-BOOST_AUTO_TEST_CASE(KeyTypeNonExistent)
-{
- Name nullKeyName("/TestSecPublicInfoSqlite3/KeyType/Null");
- SecPublicInfoSqlite3 pib;
-
- BOOST_CHECK_EQUAL(KeyType::NONE, pib.getPublicKeyType(nullKeyName));
-}
-
-BOOST_AUTO_TEST_SUITE_END() // TestSecPublicInfoSqlite3
-BOOST_AUTO_TEST_SUITE_END() // V1
-BOOST_AUTO_TEST_SUITE_END() // Security
-
-} // namespace tests
-} // namespace v1
-} // namespace security
-} // namespace ndn
diff --git a/tests/unit-tests/security/v1/sec-tpm-file.t.cpp b/tests/unit-tests/security/v1/sec-tpm-file.t.cpp
deleted file mode 100644
index 54518d8..0000000
--- a/tests/unit-tests/security/v1/sec-tpm-file.t.cpp
+++ /dev/null
@@ -1,417 +0,0 @@
-/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
-/**
- * Copyright (c) 2013-2017 Regents of the University of California.
- *
- * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
- *
- * ndn-cxx library is free software: you can redistribute it and/or modify it under the
- * terms of the GNU Lesser General Public License as published by the Free Software
- * Foundation, either version 3 of the License, or (at your option) any later version.
- *
- * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
- * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
- * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
- *
- * You should have received copies of the GNU General Public License and GNU Lesser
- * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
- * <http://www.gnu.org/licenses/>.
- *
- * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
- */
-
-#include "security/v1/sec-tpm-file.hpp"
-#include "security/v1/key-chain.hpp"
-#include "security/v1/cryptopp.hpp"
-#include "util/time.hpp"
-
-#include "boost-test.hpp"
-
-#include <boost/filesystem.hpp>
-#include <boost/lexical_cast.hpp>
-
-namespace ndn {
-namespace security {
-namespace v1 {
-namespace tests {
-
-BOOST_AUTO_TEST_SUITE(Security)
-BOOST_AUTO_TEST_SUITE(V1)
-BOOST_AUTO_TEST_SUITE(TestSecTpmFile)
-
-BOOST_AUTO_TEST_CASE(Delete)
-{
- SecTpmFile tpm;
-
- Name keyName("/TestSecTpmFile/Delete/ksk-" +
- boost::lexical_cast<std::string>(time::toUnixTimestamp(time::system_clock::now())));
- RsaKeyParams params(2048);
- BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, params));
-
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), true);
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), true);
-
- tpm.deleteKeyPairInTpm(keyName);
-
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), false);
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), false);
-}
-
-BOOST_AUTO_TEST_CASE(SignVerify)
-{
- SecTpmFile tpm;
-
- Name keyName("/TestSecTpmFile/SignVerify/ksk-" +
- boost::lexical_cast<std::string>(time::toUnixTimestamp(time::system_clock::now())));
- RsaKeyParams params(2048);
- BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, params));
-
- Data data("/tmp/test/1");
- const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
-
- Block sigBlock;
- BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content),
- keyName, DigestAlgorithm::SHA256));
- shared_ptr<v1::PublicKey> publicKey;
- BOOST_CHECK_NO_THROW(publicKey = tpm.getPublicKeyFromTpm(keyName));
-
- try
- {
- using namespace CryptoPP;
-
- RSA::PublicKey rsaPublicKey;
- ByteQueue queue;
- queue.Put(reinterpret_cast<const byte*>(publicKey->get().buf()), publicKey->get().size());
- rsaPublicKey.Load(queue);
-
- RSASS<PKCS1v15, SHA256>::Verifier verifier(rsaPublicKey);
- bool result = verifier.VerifyMessage(content, sizeof(content),
- sigBlock.value(), sigBlock.value_size());
-
- BOOST_CHECK_EQUAL(result, true);
- }
- catch (CryptoPP::Exception& e)
- {
- BOOST_CHECK(false);
- }
-
- tpm.deleteKeyPairInTpm(keyName);
-}
-
-BOOST_AUTO_TEST_CASE(RandomGenerator)
-{
- SecTpmFile tpm;
-
- constexpr size_t scale = 1000;
- constexpr size_t size = 256 * scale;
- auto block = unique_ptr<uint8_t[]>{new uint8_t[size]};
- tpm.generateRandomBlock(block.get(), size);
-
- std::map<uint8_t, size_t> counter;
- for (size_t i = 0; i < size; i++) {
- counter[block[i]] += 1;
- }
-
- double dev = 0.0;
- for (uint8_t i = 0; i < 255; i++) {
- dev += static_cast<double>((counter[i] - scale) * (counter[i] - scale)) / (scale * scale);
- }
- dev /= 256;
-
- BOOST_CHECK_CLOSE(dev, 0.001, 100);
-}
-
-BOOST_AUTO_TEST_CASE(ImportExportKey)
-{
- using namespace CryptoPP;
-
- std::string imported =
-"MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIIJzwsbTIVqgCAggAMBQGCCqG"
-"SIb3DQMHBAiEsSKdgGkCEQSCBMjaYsEeHM/EPzGNDAPaSxE1ASKxjyNkXEVPQbtGx/ju1PlQ"
-"QakTCzPpia8ziVGihrVfuacHrxxbLh+ufNZtbVVsv9kGQL2g15BN2Nic8VqyTxplKrduFkEb"
-"eOipqu627gb6eTsrSj7kubXfs/w9OAdhRZFaEc7I/S6rcPUaDai4i3O03VuvuTOrzZL/unhD"
-"CDzOa3pr2aUQlO/5Pck6GbSYL1/4aW/fB7djZrZAjsGPTqIYpPa16oWlrzsILQ4650Zlvdn8"
-"feh6elTrA4qy6RljZfhIHxzGAeuGbVVLT7zavs01y+QE88sxPpeZ0RGtlVxCYp+xoB5hOO/x"
-"Xm3n0r+HVIaBV9rHLuUSUiHVAtzwuOj/XKh7YBNXeF58lcv8Npsx10etrPuV5hRQelYirKo1"
-"QbT+Aq7sLdWI09eGClDHjvRgw54lCFEUAVUFLxhBnzfVUfw/UiR2SheixH+c7cY3gOOvSMQh"
-"1oL9Omii4S6yhzfbD3hRN/wBKC0NgiIOLRR+Ti0mEEbTxYQrVcHC9rpRcnr1fFAiQvOXrOw0"
-"HyxsbnOeYpoURgLJmUyItPi09xUMCHwUPZ/sI6aG5eRqVUGgcYaQib7MBbGG/D2PlWaKZx1w"
-"iEYtYUI7rrc7Qc2ltp4i1u46ZLtSOxUi8kM7qK2Yp1AOtcWFlGn0XBXpGsHanZRzs8KzfDjQ"
-"OPmRIuFXFmuJweqUGmg6c8P3wHYueenB4oowYELYaDwmmV96obXMG5hbsKne5kcem875d6K+"
-"hL2QzjAl+na4tUZyXYXDdUO2lgTT8IItujBn6c+b8vDcZ24NcYyWPHHb16J4uvKi/6Zb245g"
-"/N0NC6hB43KE+2F0BH0eyXRzCnen6AjF8nvx/wgYrXsFlsU47P8gaL1e7V6QECkY4vIk6//b"
-"LINmpcgZoAv23fgjvYYTMfS/IyPsooS5DJarbHzbsgAWOuqP2ewYulrKqLi0vaUyoErRedQC"
-"8J5p9c4KF56++ameiwxbyKnDynHIIFCOM8eamLnDH4VvU9E2mtfZxmi8kWDWx/NhKEK9zbQv"
-"WuaGDpOysgPK4myTp2QGQNQDvBB92gMcrVTcY//3OGHSXeJrkUfDKLOUDyz7ROghEt1vpRTL"
-"j9Xdbm/01O/0MLBqyXDY119b1qAVVY7Y2CxRIRFdw2V76INWNIwPi46t/VUGwMBGmEux8S8+"
-"79Mv7UyGhKvSUr88pWCS1KdSz1HhN1VWjDvyXPyg96+SecpZMwXCdkUCLdLdD3/8rJLt7wS5"
-"3K5/1V4sacds8GHx7NckhQ/KV0VDlUEFuaOCS4Sd3XXetXs4IFSqtKH+Rn0jX7d8Igcw7X2b"
-"eaV1gxOVquDEwLDT5+wXURw96ahq0caL/4YfoBUQIOQ6HGtPTWJz1Yax0pGu9F30VEY/ObrK"
-"L/B6peJKfqhQGJ+MObqOiP6yHBZH75EImLAkksSVmREdNVjwWkz9D9vzPoAnmP8sQ3/NZarB"
-"Ak+ynQjc19t+CCecPrS2Tlh0cJZkHRiGFF7J5a3ci7yBvg3HfD86AXMRBQuSG1UG8TrzC6BK"
-"+qIQ8DWecQwBMZ3nv/Flo2Fejd/G4/wWe6ObMytC5SB8pJNOq9ri0Ff6Zh3rPrwaSv1PPgFJ"
-"GOw=";
-
- std::string decoded;
- BOOST_CHECK_NO_THROW(StringSource source(imported,
- true,
- new Base64Decoder(new StringSink(decoded))));
-
- SecTpmFile tpm;
-
- Name keyName("/TestSecTpmFile/ImportKey/ksk-" +
- boost::lexical_cast<std::string>(time::toUnixTimestamp(time::system_clock::now())));
-
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), false);
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), false);
-
- BOOST_REQUIRE_NO_THROW(
- tpm.importPrivateKeyPkcs5IntoTpm(keyName,
- reinterpret_cast<const uint8_t*>(decoded.c_str()),
- decoded.size(),
- "1234"));
-
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), true);
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), true);
-
- shared_ptr<v1::PublicKey> publicKey;
- BOOST_CHECK_NO_THROW(publicKey = tpm.getPublicKeyFromTpm(keyName));
-
- const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
- Block sigBlock;
- BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content),
- keyName, DigestAlgorithm::SHA256));
-
- try
- {
- using namespace CryptoPP;
-
- RSA::PublicKey rsaPublicKey;
- ByteQueue queue;
- queue.Put(reinterpret_cast<const byte*>(publicKey->get().buf()), publicKey->get().size());
- rsaPublicKey.Load(queue);
-
- RSASS<PKCS1v15, SHA256>::Verifier verifier(rsaPublicKey);
- bool isVerified = verifier.VerifyMessage(content, sizeof(content),
- sigBlock.value(), sigBlock.value_size());
-
- BOOST_CHECK_EQUAL(isVerified, true);
- }
- catch (CryptoPP::Exception& e)
- {
- BOOST_CHECK(false);
- }
-
- ConstBufferPtr exported;
- BOOST_CHECK_NO_THROW(exported = tpm.exportPrivateKeyPkcs5FromTpm(keyName, "5678"));
-
- tpm.deleteKeyPairInTpm(keyName);
-
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), false);
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), false);
-
- BOOST_REQUIRE(tpm.importPrivateKeyPkcs5IntoTpm(keyName, exported->buf(), exported->size(),
- "5678"));
-
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), true);
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), true);
-
- const uint8_t content2[] = {0x05, 0x06, 0x07, 0x08};
- Block sigBlock2;
- BOOST_CHECK_NO_THROW(sigBlock2 = tpm.signInTpm(content2, sizeof(content2),
- keyName, DigestAlgorithm::SHA256));
-
- try
- {
- using namespace CryptoPP;
-
- RSA::PublicKey rsaPublicKey;
- ByteQueue queue;
- queue.Put(reinterpret_cast<const byte*>(publicKey->get().buf()), publicKey->get().size());
- rsaPublicKey.Load(queue);
-
- RSASS<PKCS1v15, SHA256>::Verifier verifier(rsaPublicKey);
- bool isVerified = verifier.VerifyMessage(content2, sizeof(content2),
- sigBlock2.value(), sigBlock2.value_size());
-
- BOOST_CHECK_EQUAL(isVerified, true);
- }
- catch (CryptoPP::Exception& e)
- {
- BOOST_CHECK(false);
- }
-
- tpm.deleteKeyPairInTpm(keyName);
-
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), false);
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), false);
-}
-
-BOOST_AUTO_TEST_CASE(EcdsaSigning)
-{
- SecTpmFile tpm;
-
- Name keyName("/TestSecTpmFile/EcdsaSigning/ksk-" +
- boost::lexical_cast<std::string>(time::toUnixTimestamp(time::system_clock::now())));
- EcKeyParams params;
- BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, params));
-
- Data data("/TestSecTpmFile/EcdsaSigning/Data/1");
- const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
-
- Block sigBlock;
- BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content),
- keyName, DigestAlgorithm::SHA256));
-
- shared_ptr<v1::PublicKey> pubkeyPtr;
- BOOST_CHECK_NO_THROW(pubkeyPtr = tpm.getPublicKeyFromTpm(keyName));
-
- try
- {
- using namespace CryptoPP;
-
- ECDSA<ECP, SHA256>::PublicKey publicKey;
- ByteQueue queue;
- queue.Put(reinterpret_cast<const byte*>(pubkeyPtr->get().buf()), pubkeyPtr->get().size());
- publicKey.Load(queue);
-
- uint8_t buffer[64];
- size_t usedSize = DSAConvertSignatureFormat(buffer, 64, DSA_P1363,
- sigBlock.value(), sigBlock.value_size(), DSA_DER);
-
- ECDSA<ECP, SHA256>::Verifier verifier(publicKey);
- bool result = verifier.VerifyMessage(content, sizeof(content),
- buffer, usedSize);
-
- BOOST_CHECK_EQUAL(result, true);
- }
- catch (CryptoPP::Exception& e)
- {
- BOOST_CHECK(false);
- }
-
- tpm.deleteKeyPairInTpm(keyName);
-}
-
-
-BOOST_AUTO_TEST_CASE(ImportExportEcKey)
-{
- using namespace CryptoPP;
-
- std::string imported =
- "MIGMMEAGCSqGSIb3DQEFDTAzMBsGCSqGSIb3DQEFDDAOBAhqkJiLfzFWtQICCAAw"
- "FAYIKoZIhvcNAwcECJ1HLtP8OZC6BEgNv9OH2mZdbkxvqTVlRBkUqPbbP3580OG6"
- "f0htqWSRppcb4IEKYfuPt2qPCYKL2GcAN2pU3eJqhiM7LFTSFaxgBRFozzIwusk=";
-
- std::string decoded;
- BOOST_CHECK_NO_THROW(StringSource source(imported,
- true,
- new Base64Decoder(new StringSink(decoded))));
-
- SecTpmFile tpm;
-
- Name keyName("/TestSecTpmFile/ImportExportEcKey/ksk-" +
- boost::lexical_cast<std::string>(time::toUnixTimestamp(time::system_clock::now())));
-
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), false);
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), false);
-
- BOOST_REQUIRE_NO_THROW(
- tpm.importPrivateKeyPkcs5IntoTpm(keyName,
- reinterpret_cast<const uint8_t*>(decoded.c_str()),
- decoded.size(),
- "5678"));
-
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), true);
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), true);
-
- shared_ptr<v1::PublicKey> publicKey;
- BOOST_CHECK_NO_THROW(publicKey = tpm.getPublicKeyFromTpm(keyName));
-
- const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
- Block sigBlock;
- BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content),
- keyName, DigestAlgorithm::SHA256));
-
- try
- {
- using namespace CryptoPP;
-
- ECDSA<ECP, SHA256>::PublicKey ecPublicKey;
- ByteQueue queue;
- queue.Put(reinterpret_cast<const byte*>(publicKey->get().buf()), publicKey->get().size());
- ecPublicKey.Load(queue);
-
- uint8_t buffer[64];
- size_t usedSize = DSAConvertSignatureFormat(buffer, 64, DSA_P1363,
- sigBlock.value(), sigBlock.value_size(), DSA_DER);
-
- ECDSA<ECP, SHA256>::Verifier verifier(ecPublicKey);
- bool isVerified = verifier.VerifyMessage(content, sizeof(content),
- buffer, usedSize);
-
- BOOST_CHECK_EQUAL(isVerified, true);
- }
- catch (CryptoPP::Exception& e)
- {
- BOOST_CHECK(false);
- }
-
- ConstBufferPtr exported;
- BOOST_CHECK_NO_THROW(exported = tpm.exportPrivateKeyPkcs5FromTpm(keyName, "1234"));
-
- tpm.deleteKeyPairInTpm(keyName);
-
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), false);
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), false);
-
- BOOST_REQUIRE(tpm.importPrivateKeyPkcs5IntoTpm(keyName, exported->buf(), exported->size(),
- "1234"));
-
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), true);
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), true);
-
- const uint8_t content2[] = {0x05, 0x06, 0x07, 0x08};
- Block sigBlock2;
- BOOST_CHECK_NO_THROW(sigBlock2 = tpm.signInTpm(content2, sizeof(content2),
- keyName, DigestAlgorithm::SHA256));
-
- try
- {
- using namespace CryptoPP;
-
- ECDSA<ECP, SHA256>::PublicKey ecPublicKey;
- ByteQueue queue;
- queue.Put(reinterpret_cast<const byte*>(publicKey->get().buf()), publicKey->get().size());
- ecPublicKey.Load(queue);
-
- uint8_t buffer[64];
- size_t usedSize = DSAConvertSignatureFormat(buffer, 64, DSA_P1363,
- sigBlock2.value(), sigBlock2.value_size(),
- DSA_DER);
-
- ECDSA<ECP, SHA256>::Verifier verifier(ecPublicKey);
- bool isVerified = verifier.VerifyMessage(content2, sizeof(content2),
- buffer, usedSize);
-
- BOOST_CHECK_EQUAL(isVerified, true);
-
- }
- catch (CryptoPP::Exception& e)
- {
- BOOST_CHECK(false);
- }
-
- tpm.deleteKeyPairInTpm(keyName);
-
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), false);
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), false);
-}
-
-BOOST_AUTO_TEST_SUITE_END() // TestSecTpmFile
-BOOST_AUTO_TEST_SUITE_END() // V1
-BOOST_AUTO_TEST_SUITE_END() // Security
-
-} // namespace tests
-} // namespace v1
-} // namespace security
-} // namespace ndn
diff --git a/tests/unit-tests/security/v1/sec-tpm-osx.t.cpp b/tests/unit-tests/security/v1/sec-tpm-osx.t.cpp
deleted file mode 100644
index 7c36328..0000000
--- a/tests/unit-tests/security/v1/sec-tpm-osx.t.cpp
+++ /dev/null
@@ -1,372 +0,0 @@
-/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
-/**
- * Copyright (c) 2013-2017 Regents of the University of California.
- *
- * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
- *
- * ndn-cxx library is free software: you can redistribute it and/or modify it under the
- * terms of the GNU Lesser General Public License as published by the Free Software
- * Foundation, either version 3 of the License, or (at your option) any later version.
- *
- * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
- * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
- * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
- *
- * You should have received copies of the GNU General Public License and GNU Lesser
- * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
- * <http://www.gnu.org/licenses/>.
- *
- * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
- */
-
-#include "security/v1/sec-tpm-osx.hpp"
-#include "security/v1/cryptopp.hpp"
-#include "util/time.hpp"
-
-#include "boost-test.hpp"
-
-#include <boost/lexical_cast.hpp>
-#include <Availability.h>
-
-namespace ndn {
-namespace security {
-namespace v1 {
-namespace tests {
-
-class OsxKeyChainTestFixture
-{
-public:
- OsxKeyChainTestFixture()
- {
- std::string oldHOME;
- if (std::getenv("OLD_HOME"))
- oldHOME = std::getenv("OLD_HOME");
-
- if (std::getenv("HOME"))
- m_HOME = std::getenv("HOME");
-
- if (!oldHOME.empty())
- setenv("HOME", oldHOME.c_str(), 1);
- else
- unsetenv("HOME");
- }
-
- ~OsxKeyChainTestFixture()
- {
- if (!m_HOME.empty())
- setenv("HOME", m_HOME.c_str(), 1);
- else
- unsetenv("HOME");
- }
-
-protected:
- std::string m_HOME;
-};
-
-BOOST_AUTO_TEST_SUITE(Security)
-BOOST_AUTO_TEST_SUITE(V1)
-BOOST_FIXTURE_TEST_SUITE(TestSecTpmOsx, OsxKeyChainTestFixture)
-
-BOOST_AUTO_TEST_CASE(Delete)
-{
- SecTpmOsx tpm;
-
- Name keyName("/TestSecTpmOsx/Delete/ksk-" +
- boost::lexical_cast<std::string>(
- time::toUnixTimestamp(time::system_clock::now()).count()));
- RsaKeyParams params(2048);
- BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, params));
-
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), true);
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), true);
-
- tpm.deleteKeyPairInTpm(keyName);
-
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), false);
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), false);
-}
-
-BOOST_AUTO_TEST_CASE(SignVerify)
-{
- SecTpmOsx tpm;
-
- Name keyName("/TestSecTpmOsx/SignVerify/ksk-" +
- boost::lexical_cast<std::string>(
- time::toUnixTimestamp(time::system_clock::now()).count()));
- RsaKeyParams params(2048);
- BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, params));
-
- Data data("/TestSecTpmOsx/SignVaerify/Data/1");
- const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
-
- Block sigBlock;
- BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content),
- keyName, DigestAlgorithm::SHA256));
-
- shared_ptr<v1::PublicKey> publicKey;
- BOOST_CHECK_NO_THROW(publicKey = tpm.getPublicKeyFromTpm(keyName));
- try
- {
- using namespace CryptoPP;
-
- RSA::PublicKey rsaPublicKey;
- ByteQueue queue;
- queue.Put(reinterpret_cast<const byte*>(publicKey->get().buf()), publicKey->get().size());
- rsaPublicKey.Load(queue);
-
- RSASS<PKCS1v15, SHA256>::Verifier verifier(rsaPublicKey);
- bool isVerified = verifier.VerifyMessage(content, sizeof(content),
- sigBlock.value(), sigBlock.value_size());
-
- BOOST_CHECK_EQUAL(isVerified, true);
- }
- catch (CryptoPP::Exception& e)
- {
- BOOST_CHECK(false);
- }
-
- tpm.deleteKeyPairInTpm(keyName);
-}
-
-BOOST_AUTO_TEST_CASE(RandomGenerator)
-{
- SecTpmOsx tpm;
-
- size_t scale = 1000;
- size_t size = 256 * scale;
- uint8_t* block = new uint8_t[size];
- tpm.generateRandomBlock(block, size);
-
- std::map<uint8_t, int> counter;
- for (size_t i = 0; i < size; i++)
- {
- counter[block[i]] += 1;
- }
-
- float dev = 0.0;
- for (size_t i = 0; i != 255; i++)
- {
- dev += ((counter[i] - scale) * (counter[i] - scale)) * 1.0 / (scale * scale);
- }
-
- BOOST_CHECK_CLOSE(dev / 256, 0.001, 100);
-
-}
-
-BOOST_AUTO_TEST_CASE(ExportImportKey)
-{
- using namespace CryptoPP;
-
- SecTpmOsx tpm;
-
- Name keyName("/TestSecTpmOsx/ExportImportKey/ksk-" +
- boost::lexical_cast<std::string>(
- time::toUnixTimestamp(time::system_clock::now()).count()));
-
- RsaKeyParams params(2048);
- BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, params));
-
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), true);
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), true);
-
- ConstBufferPtr exported;
- BOOST_CHECK_NO_THROW(exported = tpm.exportPrivateKeyPkcs5FromTpm(keyName, "1234"));
- shared_ptr<v1::PublicKey> publicKey;
- BOOST_REQUIRE_NO_THROW(publicKey = tpm.getPublicKeyFromTpm(keyName));
-
- tpm.deleteKeyPairInTpm(keyName);
-
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), false);
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), false);
-
- BOOST_REQUIRE(tpm.importPrivateKeyPkcs5IntoTpm(keyName,
- exported->buf(), exported->size(),
- "1234"));
-
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), true);
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), true);
-
- const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
- Block sigBlock;
- BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content),
- keyName, DigestAlgorithm::SHA256));
-
- try
- {
- using namespace CryptoPP;
-
- RSA::PublicKey rsaPublicKey;
- ByteQueue queue;
- queue.Put(reinterpret_cast<const byte*>(publicKey->get().buf()), publicKey->get().size());
- rsaPublicKey.Load(queue);
-
- RSASS<PKCS1v15, SHA256>::Verifier verifier(rsaPublicKey);
- bool isVerified = verifier.VerifyMessage(content, sizeof(content),
- sigBlock.value(), sigBlock.value_size());
-
- BOOST_CHECK_EQUAL(isVerified, true);
- }
- catch (CryptoPP::Exception& e)
- {
- BOOST_CHECK(false);
- }
-
- tpm.deleteKeyPairInTpm(keyName);
- // This is some problem related to Mac OS Key chain.
- // On OSX 10.8, we cannot delete imported keys, but there is no such problem on OSX 10.9.
-#ifdef __MAC_OS_X_VERSION_MAX_ALLOWED
-#if __MAC_OS_X_VERSION_MAX_ALLOWED >= __MAC_10_9
- BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE) == false);
- BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC) == false);
-#endif
-#endif
-}
-
-BOOST_AUTO_TEST_CASE(NonExistingKey)
-{
- using namespace CryptoPP;
-
- SecTpmOsx tpm;
-
- Name keyName("/TestSecTpmOsx/NonExistingKey");
-
- BOOST_REQUIRE_THROW(tpm.getPublicKeyFromTpm(keyName), SecTpmOsx::Error);
-
- const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
- BOOST_REQUIRE_THROW(tpm.signInTpm(content, sizeof(content), keyName, DigestAlgorithm::SHA256),
- SecTpmOsx::Error);
-
- BOOST_REQUIRE_THROW(tpm.signInTpm(0, 1, keyName, DigestAlgorithm::SHA256),
- SecTpmOsx::Error);
-}
-
-BOOST_AUTO_TEST_CASE(EcdsaSigning)
-{
- SecTpmOsx tpm;
-
- Name keyName("/TestSecTpmOsx/EcdsaSigning/ksk-" +
- boost::lexical_cast<std::string>(time::toUnixTimestamp(time::system_clock::now())));
- EcKeyParams params;
- BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, params));
-
- Data data("/TestSecTpmOsx/EcdsaSigning/Data/1");
- const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
-
- Block sigBlock;
- BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content),
- keyName, DigestAlgorithm::SHA256));
-
- shared_ptr<v1::PublicKey> pubkeyPtr;
- BOOST_CHECK_NO_THROW(pubkeyPtr = tpm.getPublicKeyFromTpm(keyName));
-
- try
- {
- using namespace CryptoPP;
-
- ECDSA<ECP, SHA256>::PublicKey publicKey;
- ByteQueue queue;
- queue.Put(reinterpret_cast<const byte*>(pubkeyPtr->get().buf()), pubkeyPtr->get().size());
- publicKey.Load(queue);
-
- uint8_t buffer[64];
- size_t usedSize = DSAConvertSignatureFormat(buffer, 64, DSA_P1363,
- sigBlock.value(), sigBlock.value_size(), DSA_DER);
-
- ECDSA<ECP, SHA256>::Verifier verifier(publicKey);
- bool result = verifier.VerifyMessage(content, sizeof(content),
- buffer, usedSize);
-
- BOOST_CHECK_EQUAL(result, true);
- }
- catch (CryptoPP::Exception& e)
- {
- BOOST_CHECK(false);
- }
-
- tpm.deleteKeyPairInTpm(keyName);
-}
-
-
-BOOST_AUTO_TEST_CASE(ExportImportEcKey)
-{
- using namespace CryptoPP;
-
- SecTpmOsx tpm;
-
- Name keyName("/TestSecTpmOsx/ExportImportEcKey/ksk-" +
- boost::lexical_cast<std::string>(
- time::toUnixTimestamp(time::system_clock::now()).count()));
-
- EcKeyParams params;
- BOOST_CHECK_NO_THROW(tpm.generateKeyPairInTpm(keyName, params));
-
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), true);
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), true);
-
- ConstBufferPtr exported;
- BOOST_CHECK_NO_THROW(exported = tpm.exportPrivateKeyPkcs5FromTpm(keyName, "1234"));
-
- shared_ptr<v1::PublicKey> publicKey;
- BOOST_REQUIRE_NO_THROW(publicKey = tpm.getPublicKeyFromTpm(keyName));
-
- tpm.deleteKeyPairInTpm(keyName);
-
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), false);
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), false);
-
- BOOST_REQUIRE(tpm.importPrivateKeyPkcs5IntoTpm(keyName,
- exported->buf(), exported->size(),
- "1234"));
-
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC), true);
- BOOST_REQUIRE_EQUAL(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE), true);
-
- const uint8_t content[] = {0x01, 0x02, 0x03, 0x04};
- Block sigBlock;
- BOOST_CHECK_NO_THROW(sigBlock = tpm.signInTpm(content, sizeof(content),
- keyName, DigestAlgorithm::SHA256));
-
- try
- {
- using namespace CryptoPP;
-
- ECDSA<ECP, SHA256>::PublicKey ecPublicKey;
- ByteQueue queue;
- queue.Put(reinterpret_cast<const byte*>(publicKey->get().buf()), publicKey->get().size());
- ecPublicKey.Load(queue);
-
- uint8_t buffer[64];
- size_t usedSize = DSAConvertSignatureFormat(buffer, 64, DSA_P1363,
- sigBlock.value(), sigBlock.value_size(),
- DSA_DER);
-
- ECDSA<ECP, SHA256>::Verifier verifier(ecPublicKey);
- bool isVerified = verifier.VerifyMessage(content, sizeof(content),
- buffer, usedSize);
-
- BOOST_CHECK_EQUAL(isVerified, true);
- }
- catch (CryptoPP::Exception& e)
- {
- BOOST_CHECK(false);
- }
-
- tpm.deleteKeyPairInTpm(keyName);
- // This is some problem related to Mac OS Key chain.
- // On OSX 10.8, we cannot delete imported keys, but there is no such problem on OSX 10.9.
-#ifdef __MAC_OS_X_VERSION_MAX_ALLOWED
-#if __MAC_OS_X_VERSION_MAX_ALLOWED >= __MAC_10_9
- BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KeyClass::PRIVATE) == false);
- BOOST_REQUIRE(tpm.doesKeyExistInTpm(keyName, KeyClass::PUBLIC) == false);
-#endif
-#endif
-}
-
-BOOST_AUTO_TEST_SUITE_END() // TestSecTpmOsx
-BOOST_AUTO_TEST_SUITE_END() // V1
-BOOST_AUTO_TEST_SUITE_END() // Security
-
-} // namespace tests
-} // namespace v1
-} // namespace security
-} // namespace ndn
diff --git a/tests/unit-tests/security/validator.t.cpp b/tests/unit-tests/security/validator.t.cpp
deleted file mode 100644
index 7550eb3..0000000
--- a/tests/unit-tests/security/validator.t.cpp
+++ /dev/null
@@ -1,234 +0,0 @@
-/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
-/*
- * Copyright (c) 2013-2017 Regents of the University of California.
- *
- * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
- *
- * ndn-cxx library is free software: you can redistribute it and/or modify it under the
- * terms of the GNU Lesser General Public License as published by the Free Software
- * Foundation, either version 3 of the License, or (at your option) any later version.
- *
- * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
- * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
- * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
- *
- * You should have received copies of the GNU General Public License and GNU Lesser
- * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
- * <http://www.gnu.org/licenses/>.
- *
- * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
- */
-
-#include "security/validator.hpp"
-
-#include "boost-test.hpp"
-#include "identity-management-fixture.hpp"
-#include "make-interest-data.hpp"
-
-namespace ndn {
-namespace security {
-namespace tests {
-
-using namespace ndn::tests;
-
-BOOST_AUTO_TEST_SUITE(Security)
-BOOST_FIXTURE_TEST_SUITE(TestValidator, IdentityManagementV1Fixture)
-
-const uint8_t ecdsaSigInfo[] = {
-0x16, 0x1b, // SignatureInfo
- 0x1b, 0x01, // SignatureType
- 0x03,
- 0x1c, 0x16, // KeyLocator
- 0x07, 0x14, // Name
- 0x08, 0x04,
- 0x74, 0x65, 0x73, 0x74,
- 0x08, 0x03,
- 0x6b, 0x65, 0x79,
- 0x08, 0x07,
- 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x6f, 0x72
-};
-
-const uint8_t ecdsaSigValue[] = {
-0x17, 0x40, // SignatureValue
- 0x2f, 0xd6, 0xf1, 0x6e, 0x80, 0x6f, 0x10, 0xbe, 0xb1, 0x6f, 0x3e, 0x31, 0xec,
- 0xe3, 0xb9, 0xea, 0x83, 0x30, 0x40, 0x03, 0xfc, 0xa0, 0x13, 0xd9, 0xb3, 0xc6,
- 0x25, 0x16, 0x2d, 0xa6, 0x58, 0x41, 0x69, 0x62, 0x56, 0xd8, 0xb3, 0x6a, 0x38,
- 0x76, 0x56, 0xea, 0x61, 0xb2, 0x32, 0x70, 0x1c, 0xb6, 0x4d, 0x10, 0x1d, 0xdc,
- 0x92, 0x8e, 0x52, 0xa5, 0x8a, 0x1d, 0xd9, 0x96, 0x5e, 0xc0, 0x62, 0x0b
-};
-
-BOOST_AUTO_TEST_CASE(RsaSignatureVerification)
-{
- Name identity("/TestValidator/RsaSignatureVerification");
- addIdentity(identity, RsaKeyParams());
- Name keyName = m_keyChain.getDefaultKeyNameForIdentity(identity);
- shared_ptr<v1::PublicKey> publicKey = m_keyChain.getPublicKey(keyName);
-
- Name identity2("/TestValidator/RsaSignatureVerification/id2");
- addIdentity(identity2, RsaKeyParams());
- Name keyName2 = m_keyChain.getDefaultKeyNameForIdentity(identity2);
- shared_ptr<v1::PublicKey> publicKey2 = m_keyChain.getPublicKey(keyName2);
-
- Data data("/TestData/1");
- BOOST_CHECK_NO_THROW(m_keyChain.sign(data,
- security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
- identity)));
- BOOST_CHECK_EQUAL(Validator::verifySignature(data, *publicKey), true);
- BOOST_CHECK_EQUAL(Validator::verifySignature(data, *publicKey2), false);
-
- Interest interest("/TestInterest/1");
- BOOST_CHECK_NO_THROW(m_keyChain.sign(interest,
- security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
- identity)));
- BOOST_CHECK_EQUAL(Validator::verifySignature(interest, *publicKey), true);
- BOOST_CHECK_EQUAL(Validator::verifySignature(interest, *publicKey2), false);
-
- Data wrongData("/TestData/2");
- Block ecdsaSigInfoBlock(ecdsaSigInfo, sizeof(ecdsaSigInfo));
- Block ecdsaSigValueBlock(ecdsaSigValue, sizeof(ecdsaSigValue));
- Signature ecdsaSig(ecdsaSigInfoBlock, ecdsaSigValueBlock);
- wrongData.setSignature(ecdsaSig);
- BOOST_CHECK_EQUAL(Validator::verifySignature(wrongData, *publicKey), false);
-}
-
-const uint8_t rsaSigInfo[] = {
-0x16, 0x1b, // SignatureInfo
- 0x1b, 0x01, // SignatureType
- 0x01,
- 0x1c, 0x16, // KeyLocator
- 0x07, 0x14, // Name
- 0x08, 0x04,
- 0x74, 0x65, 0x73, 0x74,
- 0x08, 0x03,
- 0x6b, 0x65, 0x79,
- 0x08, 0x07,
- 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x6f, 0x72
-};
-
-const uint8_t rsaSigValue[] = {
-0x17, 0x80, // SignatureValue
- 0x2f, 0xd6, 0xf1, 0x6e, 0x80, 0x6f, 0x10, 0xbe, 0xb1, 0x6f, 0x3e, 0x31, 0xec,
- 0xe3, 0xb9, 0xea, 0x83, 0x30, 0x40, 0x03, 0xfc, 0xa0, 0x13, 0xd9, 0xb3, 0xc6,
- 0x25, 0x16, 0x2d, 0xa6, 0x58, 0x41, 0x69, 0x62, 0x56, 0xd8, 0xb3, 0x6a, 0x38,
- 0x76, 0x56, 0xea, 0x61, 0xb2, 0x32, 0x70, 0x1c, 0xb6, 0x4d, 0x10, 0x1d, 0xdc,
- 0x92, 0x8e, 0x52, 0xa5, 0x8a, 0x1d, 0xd9, 0x96, 0x5e, 0xc0, 0x62, 0x0b, 0xcf,
- 0x3a, 0x9d, 0x7f, 0xca, 0xbe, 0xa1, 0x41, 0x71, 0x85, 0x7a, 0x8b, 0x5d, 0xa9,
- 0x64, 0xd6, 0x66, 0xb4, 0xe9, 0x8d, 0x0c, 0x28, 0x43, 0xee, 0xa6, 0x64, 0xe8,
- 0x55, 0xf6, 0x1c, 0x19, 0x0b, 0xef, 0x99, 0x25, 0x1e, 0xdc, 0x78, 0xb3, 0xa7,
- 0xaa, 0x0d, 0x14, 0x58, 0x30, 0xe5, 0x37, 0x6a, 0x6d, 0xdb, 0x56, 0xac, 0xa3,
- 0xfc, 0x90, 0x7a, 0xb8, 0x66, 0x9c, 0x0e, 0xf6, 0xb7, 0x64, 0xd1
-};
-
-
-BOOST_AUTO_TEST_CASE(EcdsaSignatureVerification)
-{
- Name identity("/TestValidator/EcdsaSignatureVerification");
- addIdentity(identity, EcKeyParams());
- Name keyName = m_keyChain.getDefaultKeyNameForIdentity(identity);
- shared_ptr<v1::PublicKey> publicKey = m_keyChain.getPublicKey(keyName);
-
- Name identity2("/TestValidator/EcdsaSignatureVerification/id2");
- addIdentity(identity2, EcKeyParams());
- Name keyName2 = m_keyChain.getDefaultKeyNameForIdentity(identity2);
- shared_ptr<v1::PublicKey> publicKey2 = m_keyChain.getPublicKey(keyName2);
-
-
- Data data("/TestData/1");
- BOOST_CHECK_NO_THROW(m_keyChain.sign(data,
- security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
- identity)));
- BOOST_CHECK_EQUAL(Validator::verifySignature(data, *publicKey), true);
- BOOST_CHECK_EQUAL(Validator::verifySignature(data, *publicKey2), false);
-
- Interest interest("/TestInterest/1");
- BOOST_CHECK_NO_THROW(m_keyChain.sign(interest,
- security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
- identity)));
- BOOST_CHECK_EQUAL(Validator::verifySignature(interest, *publicKey), true);
- BOOST_CHECK_EQUAL(Validator::verifySignature(interest, *publicKey2), false);
-
- Data wrongData("/TestData/2");
- Block rsaSigInfoBlock(rsaSigInfo, sizeof(rsaSigInfo));
- Block rsaSigValueBlock(rsaSigValue, sizeof(rsaSigValue));
- Signature rsaSig(rsaSigInfoBlock, rsaSigValueBlock);
- wrongData.setSignature(rsaSig);
- BOOST_CHECK_EQUAL(Validator::verifySignature(wrongData, *publicKey), false);
-}
-
-BOOST_AUTO_TEST_CASE(EcdsaSignatureVerification2)
-{
- Name ecIdentity("/SecurityTestValidator/EcdsaSignatureVerification2/ec");
- addIdentity(ecIdentity, EcKeyParams());
- Name ecCertName = m_keyChain.getDefaultCertificateNameForIdentity(ecIdentity);
- shared_ptr<v1::IdentityCertificate> ecCert = m_keyChain.getCertificate(ecCertName);
-
- Name rsaIdentity("/SecurityTestValidator/EcdsaSignatureVerification2/rsa");
- addIdentity(rsaIdentity, RsaKeyParams());
- Name rsaCertName = m_keyChain.getDefaultCertificateNameForIdentity(rsaIdentity);
- shared_ptr<v1::IdentityCertificate> rsaCert = m_keyChain.getCertificate(rsaCertName);
-
- Name packetName("/Test/Packet/Name");
-
- shared_ptr<Data> testDataRsa = make_shared<Data>(packetName);
- m_keyChain.sign(*testDataRsa,
- security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
- rsaIdentity));
- shared_ptr<Data> testDataEcdsa = make_shared<Data>(packetName);
- m_keyChain.sign(*testDataEcdsa,
- security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
- ecIdentity));
- shared_ptr<Interest> testInterestRsa = make_shared<Interest>(packetName);
- m_keyChain.sign(*testInterestRsa,
- security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
- rsaIdentity));
- shared_ptr<Interest> testInterestEcdsa = make_shared<Interest>(packetName);
- m_keyChain.sign(*testInterestEcdsa,
- security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
- ecIdentity));
-
- BOOST_CHECK(Validator::verifySignature(*ecCert, ecCert->getPublicKeyInfo()));
- BOOST_CHECK_EQUAL(Validator::verifySignature(*ecCert, rsaCert->getPublicKeyInfo()), false);
- BOOST_CHECK_EQUAL(Validator::verifySignature(*rsaCert, ecCert->getPublicKeyInfo()), false);
- BOOST_CHECK(Validator::verifySignature(*rsaCert, rsaCert->getPublicKeyInfo()));
-
- BOOST_CHECK(Validator::verifySignature(*testDataEcdsa, ecCert->getPublicKeyInfo()));
- BOOST_CHECK_EQUAL(Validator::verifySignature(*testDataEcdsa, rsaCert->getPublicKeyInfo()), false);
- BOOST_CHECK_EQUAL(Validator::verifySignature(*testDataRsa, ecCert->getPublicKeyInfo()), false);
- BOOST_CHECK(Validator::verifySignature(*testDataRsa, rsaCert->getPublicKeyInfo()));
-
- BOOST_CHECK(Validator::verifySignature(*testInterestEcdsa, ecCert->getPublicKeyInfo()));
- BOOST_CHECK_EQUAL(Validator::verifySignature(*testInterestEcdsa, rsaCert->getPublicKeyInfo()),
- false);
- BOOST_CHECK_EQUAL(Validator::verifySignature(*testInterestRsa, ecCert->getPublicKeyInfo()),
- false);
- BOOST_CHECK(Validator::verifySignature(*testInterestRsa, rsaCert->getPublicKeyInfo()));
-}
-
-BOOST_AUTO_TEST_CASE(MalformedInterestSigInfo)
-{
- auto interest = make_shared<Interest>("/prefix");
- m_keyChain.sign(*interest);
-
- setNameComponent(*interest, signed_interest::POS_SIG_INFO, "not-SignatureInfo");
-
- v1::PublicKey pubkey = m_keyChain.getDefaultCertificate()->getPublicKeyInfo();
- BOOST_CHECK_EQUAL(Validator::verifySignature(*interest, pubkey), false);
-}
-
-BOOST_AUTO_TEST_CASE(MalformedInterestSigValue)
-{
- auto interest = make_shared<Interest>("/prefix");
- m_keyChain.sign(*interest);
-
- setNameComponent(*interest, signed_interest::POS_SIG_VALUE, "bad-signature-bits");
-
- v1::PublicKey pubkey = m_keyChain.getDefaultCertificate()->getPublicKeyInfo();
- BOOST_CHECK_EQUAL(Validator::verifySignature(*interest, pubkey), false);
-}
-
-BOOST_AUTO_TEST_SUITE_END() // TestValidator
-BOOST_AUTO_TEST_SUITE_END() // Security
-
-} // namespace tests
-} // namespace security
-} // namespace ndn