LONGBOW_TEST_CASE(Global, ccnxWireFormatMessage_HashProtectedRegion)
{
// >1234<
const char string[] = "Hello dev null\n";
PARCBuffer *buffer = parcBuffer_Wrap((void *) string, sizeof(string), 0, sizeof(string));
size_t start = 5;
size_t length = 4;
CCNxWireFormatMessage *message = ccnxWireFormatMessage_FromContentObjectPacketType(CCNxTlvDictionary_SchemaVersion_V1, buffer);
ccnxWireFormatMessage_SetProtectedRegionStart(message, start);
ccnxWireFormatMessage_SetProtectedRegionLength(message, length);
PARCCryptoHasher *hasher = parcCryptoHasher_Create(PARCCryptoHashType_SHA256);
PARCCryptoHash *hash = ccnxWireFormatMessage_HashProtectedRegion(message, hasher);
// the correctness of the has is tested in _ccnxWireFormatFacadeV1_ComputeHash
assertNotNull(hash, "Got null hash from a good packet");
ccnxWireFormatMessage_Release(&message);
parcCryptoHash_Release(&hash);
parcBuffer_Release(&buffer);
parcCryptoHasher_Release(&hasher);
}
LONGBOW_TEST_CASE(Global, parcCryptoHash_GetDigest)
{
int fd_buffer = open("test_digest_bytes_128.bin", O_RDONLY);
int fd_truth = open("test_digest_bytes_128.sha256", O_RDONLY);
assertFalse(fd_buffer < 0, "Could not open %s: %s", "test_digest_bytes_128.bin", strerror(errno));
assertFalse(fd_truth < 0, "Could not open %s: %s", "test_digest_bytes_128.sha256", strerror(errno));
uint8_t scratch[bufferLength];
ssize_t read_length = read(fd_truth, scratch, bufferLength);
PARCCryptoHash *hashTruth = parcCryptoHash_CreateFromArray(PARC_HASH_SHA256, scratch, read_length);
read_length = read(fd_buffer, scratch, bufferLength);
PARCCryptoHasher *hasher = parcCryptoHasher_Create(PARC_HASH_SHA256);
parcCryptoHasher_Init(hasher);
parcCryptoHasher_UpdateBytes(hasher, scratch, read_length);
PARCCryptoHash *hashTest = parcCryptoHasher_Finalize(hasher);
assertTrue(parcBuffer_Equals(parcCryptoHash_GetDigest(hashTruth), parcCryptoHash_GetDigest(hashTest)), "Expected to be true");
parcCryptoHasher_Release(&hasher);
parcCryptoHash_Release(&hashTruth);
parcCryptoHash_Release(&hashTest);
close(fd_buffer);
close(fd_truth);
}
CCNxInterestPayloadId *
ccnxInterestPayloadId_CreateAsSHA256Hash(const PARCBuffer *data)
{
CCNxInterestPayloadId *result = parcObject_CreateInstance(CCNxInterestPayloadId);
PARCCryptoHasher *hasher = parcCryptoHasher_Create(PARCCryptoHashType_SHA256);
parcCryptoHasher_Init(hasher);
parcCryptoHasher_UpdateBuffer(hasher, data);
PARCCryptoHash *hash = parcCryptoHasher_Finalize(hasher);
parcCryptoHasher_Release(&hasher);
PARCBuffer *hashData = parcCryptoHash_GetDigest(hash);
PARCBuffer *codedHash = parcBuffer_Allocate(parcBuffer_Capacity(hashData) + 1);
parcBuffer_PutUint8(codedHash, CCNxInterestPayloadId_TypeCode_RFC6920_SHA256);
parcBuffer_PutBuffer(codedHash, hashData);
parcBuffer_Flip(codedHash);
result->nameSegment =
ccnxNameSegment_CreateTypeValue(CCNxNameLabelType_PAYLOADID, codedHash);
parcBuffer_Release(&codedHash);
parcCryptoHash_Release(&hash);
return result;
}
PARCVerifierInterface *
parcInMemoryVerifier_Create()
{
PARCInMemoryVerifier *verifier = parcMemory_AllocateAndClear(sizeof(PARCInMemoryVerifier));
assertNotNull(verifier, "parcMemory_AllocateAndClear(%zu) returned NULL, cannot allocate verifier", sizeof(PARCInMemoryVerifier));
// right now only support sha-256. need to figure out how to make this flexible
verifier->hasher_sha256 = parcCryptoHasher_Create(PARC_HASH_SHA256);
verifier->hasher_sha512 = parcCryptoHasher_Create(PARC_HASH_SHA512);
verifier->key_cache = parcCryptoCache_Create();
PARCVerifierInterface *interface = parcMemory_AllocateAndClear(sizeof(PARCVerifierInterface));
assertNotNull(interface, "parcMemory_AllocateAndClear(%zu) returned NULL", sizeof(PARCVerifierInterface));
*interface = inmemory_verifier_interface;
interface->interfaceContext = verifier;
return interface;
}
static PARCCryptoHash *
_computeHash(const uint8_t *packet, size_t offset, size_t endMessage)
{
PARCCryptoHasher *hasher = parcCryptoHasher_Create(PARC_HASH_SHA256);
parcCryptoHasher_Init(hasher);
parcCryptoHasher_UpdateBytes(hasher, packet + offset, endMessage - offset);
PARCCryptoHash *hash = parcCryptoHasher_Finalize(hasher);
parcCryptoHasher_Release(&hasher);
return hash;
}
PARCPublicKeySigner *
parcPublicKeySigner_Create(PARCKeyStore *keyStore, PARCSigningAlgorithm signingAlgorithm, PARCCryptoHashType hashType)
{
PARCPublicKeySigner *result = parcObject_CreateInstance(PARCPublicKeySigner);
if (result != NULL) {
result->keyStore = parcKeyStore_Acquire(keyStore);
result->signingAlgorithm = signingAlgorithm;
result->hashType = hashType;
result->hasher = parcCryptoHasher_Create(hashType);
}
return result;
}
static _MockSigner *
_createSigner()
{
_MockSigner *signer = parcObject_CreateInstance(_MockSigner);
signer->hasher = parcCryptoHasher_Create(PARCCryptoHashType_SHA256);
PARCPkcs12KeyStore *publicKeyStore = parcPkcs12KeyStore_Open("test_rsa.p12", "blueberry", PARCCryptoHashType_SHA256);
assertNotNull(publicKeyStore, "Got null result from opening openssl pkcs12 file");
signer->keyStore = parcKeyStore_Create(publicKeyStore, PARCPkcs12KeyStoreAsKeyStore);
parcPkcs12KeyStore_Release(&publicKeyStore);
return signer;
}
/**
* Create a PKCS12 signing context for use in ccnx_Signing from the provided key. It is destroyed
* by parc_Signing when the signing context is destroyed.
*
* Example:
* @code
* <#example#>
* @endcode
*/
PARCSigningInterface *
parcSymmetricSignerFileStore_Create(PARCBuffer *secret_key, PARCCryptoHashType hmacHashType)
{
_PARCAesSignerFileStore *keystore = parcMemory_AllocateAndClear(sizeof(_PARCAesSignerFileStore));
assertNotNull(keystore, "parcMemory_AllocateAndClear(%zu) returned NULL, cannot allocate keystore", sizeof(_PARCAesSignerFileStore));
keystore->hashType = hmacHashType;
switch (hmacHashType) {
case PARC_HASH_SHA256:
keystore->hashLength = SHA256_DIGEST_LENGTH;
keystore->opensslMd = EVP_sha256();
break;
case PARC_HASH_SHA512:
keystore->hashLength = SHA512_DIGEST_LENGTH;
keystore->opensslMd = EVP_sha512();
break;
default:
parcBuffer_Release(&secret_key);
parcMemory_Deallocate((void **) &keystore);
trapIllegalValue(hmacHashType, "Unknown HMAC hash type: %d", hmacHashType);
}
keystore->secretKey = parcBuffer_Acquire(secret_key);
// the signer key digest is SHA256, independent of the HMAC digest
PARCCryptoHasher *hasher = parcCryptoHasher_Create(PARC_HASH_SHA256);
parcCryptoHasher_Init(hasher);
parcCryptoHasher_UpdateBuffer(hasher, secret_key);
keystore->secretKeyHash = parcCryptoHasher_Finalize(hasher);
parcCryptoHasher_Release(&hasher);
// create the functor from the template then specialize it to this keystore.
// This depends on keystore->secret_key being set. It will cause a callback
// into hmac_setup()
keystore->hasherFunctor = functor_hmac;
keystore->hasherFunctor.functor_env = keystore;
keystore->hasher = parcCryptoHasher_CustomHasher(keystore->hashType, keystore->hasherFunctor);
PARCSigningInterface *signer = parcMemory_AllocateAndClear(sizeof(PARCSigningInterface));
assertNotNull(signer, "parcMemory_AllocateAndClear(%zu) returned NULL", sizeof(PARCSigningInterface));
*signer = aeskeystoreinterface;
signer->interfaceContext = keystore;
return signer;
}
PARCPkcs12KeyStore *
parcPkcs12KeyStore_Open(const char *filename, const char *password, PARCCryptoHashType hashType)
{
PARCPkcs12KeyStore *keyStore = parcObject_CreateAndClearInstance(PARCPkcs12KeyStore);
if (keyStore != NULL) {
keyStore->hasher = parcCryptoHasher_Create(hashType);
keyStore->public_key_digest = NULL;
keyStore->certificate_digest = NULL;
keyStore->public_key_der = NULL;
keyStore->certificate_der = NULL;
keyStore->hashType = hashType;
if (_parcPkcs12KeyStore_ParseFile(keyStore, filename, password) != 0) {
parcPkcs12KeyStore_Release(&keyStore);
}
}
return keyStore;
}
