static void testVerifyDocument(CuTest *tc) {
int res;
unsigned char in[0x1ffff];
unsigned in_len = 0;
char doc[] = "LAPTOP";
FILE *f = NULL;
KSI_Signature *sig = NULL;
KSI_ERR_clearErrors(ctx);
f = fopen(getFullResourcePath(TEST_SIGNATURE_FILE), "rb");
CuAssert(tc, "Unable to open signature file.", f != NULL);
in_len = (unsigned)fread(in, 1, sizeof(in), f);
CuAssert(tc, "Nothing read from signature file.", in_len > 0);
fclose(f);
res = KSI_Signature_parse(ctx, in, in_len, &sig);
CuAssert(tc, "Failed to parse signature", res == KSI_OK && sig != NULL);
res = KSI_Signature_verifyDocument(sig, ctx, doc, strlen(doc));
CuAssert(tc, "Failed to verify valid document", res == KSI_OK);
res = KSI_Signature_verifyDocument(sig, ctx, doc, sizeof(doc));
CuAssert(tc, "Verification did not fail with expected error.", res == KSI_VERIFICATION_FAILURE);
KSI_Signature_free(sig);
}
static void testMaskingWithMetaDataMultiSig(CuTest *tc) {
#define TEST_AGGR_RESPONSE_FILE "resource/tlv/test_meta_data_masking.tlv"
static const unsigned char diceRolls[] = {0xd5, 0x58, 0xaf, 0xfa, 0x80, 0x67, 0xf4, 0x2c, 0xd9, 0x48, 0x36, 0x21, 0xd1, 0xab,
0xae, 0x23, 0xed, 0xd6, 0xca, 0x04, 0x72, 0x7e, 0xcf, 0xc7, 0xdb, 0xc7, 0x6b, 0xde, 0x34, 0x77, 0x1e, 0x53};
int res = KSI_UNKNOWN_ERROR;
KSI_BlockSigner *bs = NULL;
KSI_MultiSignature *ms = NULL;
size_t i;
KSI_DataHash *hsh = NULL;
KSI_Signature *sig = NULL;
KSI_DataHash *zero = NULL;
KSI_OctetString *iv = NULL;
/* Create zero hash. */
res = KSI_DataHash_createZero(ctx, KSI_HASHALG_SHA2_512, &zero);
CuAssert(tc, "Unable to create zero hash.", res == KSI_OK && zero != NULL);
/* Create random initial vector. */
res = KSI_OctetString_new(ctx, diceRolls, sizeof(diceRolls), &iv);
CuAssert(tc, "Unable to create initial vector.", res == KSI_OK && iv != NULL);
res = KSI_BlockSigner_new(ctx, KSI_HASHALG_SHA1, zero, iv, &bs);
CuAssert(tc, "Unable to create block signer instance with masking.", res == KSI_OK && bs != NULL);
addInput(tc, bs, 1);
res = KSI_CTX_setAggregator(ctx, getFullResourcePathUri(TEST_AGGR_RESPONSE_FILE), TEST_USER, TEST_PASS);
CuAssert(tc, "Unable to set aggregator file URI.", res == KSI_OK);
res = KSI_BlockSigner_close(bs, &ms);
CuAssert(tc, "Unable to close block signer and extract multi signature.", res == KSI_OK && ms != NULL);
res = KSITest_setDefaultPubfileAndVerInfo(ctx);
CuAssert(tc, "Unable to set default pubfile, default cert and default pki constraints.", res == KSI_OK);
/* Lets loop over all the inputs and try to verify them. */
for (i = 0; input_data[i] != NULL; i++) {
res = KSI_DataHash_create(ctx, input_data[i], strlen(input_data[i]), KSI_HASHALG_SHA2_256, &hsh);
CuAssert(tc, "Unable to create data hash.", res == KSI_OK && hsh != NULL);
res = KSI_MultiSignature_get(ms, hsh, &sig);
CuAssert(tc, "Unable to extract signature from the multi signature container.", res == KSI_OK && sig != NULL);
res = KSI_Signature_verifyDocument(sig, ctx, (void *)input_data[i], strlen(input_data[i]));
CuAssert(tc, "Unable to verify the input data.", res == KSI_OK);
KSI_Signature_free(sig);
sig = NULL;
KSI_DataHash_free(hsh);
hsh = NULL;
}
KSI_OctetString_free(iv);
KSI_DataHash_free(zero);
KSI_DataHash_free(hsh);
KSI_MultiSignature_free(ms);
KSI_BlockSigner_free(bs);
#undef TEST_AGGR_RESPONSE_FILE
}
static void testMultiSig(CuTest *tc) {
#define TEST_AGGR_RESPONSE_FILE "resource/tlv/ok-aggr-resp-1460631424.tlv"
int res = KSI_UNKNOWN_ERROR;
KSI_BlockSigner *bs = NULL;
KSI_MultiSignature *ms = NULL;
size_t i;
KSI_DataHash *hsh = NULL;
KSI_Signature *sig = NULL;
res = KSI_BlockSigner_new(ctx, KSI_HASHALG_SHA1, NULL, NULL, &bs);
CuAssert(tc, "Unable to create block signer instance.", res == KSI_OK && bs != NULL);
addInput(tc, bs, 0);
res = KSI_CTX_setAggregator(ctx, getFullResourcePathUri(TEST_AGGR_RESPONSE_FILE), TEST_USER, TEST_PASS);
CuAssert(tc, "Unable to set aggregator file URI.", res == KSI_OK);
res = KSI_BlockSigner_close(bs, &ms);
CuAssert(tc, "Unable to close block signer and extract multi signature.", res == KSI_OK && ms != NULL);
/* Lets loop over all the inputs and try to verify them. */
for (i = 0; input_data[i] != NULL; i++) {
res = KSI_DataHash_create(ctx, input_data[i], strlen(input_data[i]), KSI_HASHALG_SHA2_256, &hsh);
CuAssert(tc, "Unable to create data hash.", res == KSI_OK && hsh != NULL);
res = KSI_MultiSignature_get(ms, hsh, &sig);
CuAssert(tc, "Unable to extract signature from the multi signature container.", res == KSI_OK && sig != NULL);
res = KSI_Signature_verifyDocument(sig, ctx, (void *)input_data[i], strlen(input_data[i]));
CuAssert(tc, "Unable to verify the input data.", res == KSI_OK);
KSI_Signature_free(sig);
sig = NULL;
KSI_DataHash_free(hsh);
hsh = NULL;
}
KSI_DataHash_free(hsh);
KSI_MultiSignature_free(ms);
KSI_BlockSigner_free(bs);
#undef TEST_AGGR_RESPONSE_FILE
}
