LONGBOW_TEST_CASE(Global, parcSigner_CreatePublicKey)
{
_MockSigner *mock = _createSigner();
PARCSigner *signer = parcSigner_Create(mock, _MockSignerInterface);
PARCKey *key = parcSigner_CreatePublicKey(signer);
// Compute the real value
PARCCryptoHash *hash = parcKeyStore_GetVerifierKeyDigest(mock->keyStore);
PARCKeyId *keyid = parcKeyId_Create(parcCryptoHash_GetDigest(hash));
PARCBuffer *derEncodedKey = parcKeyStore_GetDEREncodedPublicKey(mock->keyStore);
PARCKey *expectedKey = parcKey_CreateFromDerEncodedPublicKey(keyid,
parcSigner_GetSigningAlgorithm(signer),
derEncodedKey);
parcBuffer_Release(&derEncodedKey);
parcKeyId_Release(&keyid);
parcCryptoHash_Release(&hash);
assertTrue(parcKey_Equals(key, expectedKey), "Expected public keys to be computed equally.");
parcKey_Release(&key);
parcKey_Release(&expectedKey);
parcSigner_Release(&signer);
_mockSigner_Release(&mock);
}
/**
* read in the openssl command-line generated pkcs12 file
*/
LONGBOW_TEST_CASE(openssl_commandline, parcPkcs12KeyStore_GetPublicKeyDigest)
{
PARCPkcs12KeyStore *publicKeyStore = parcPkcs12KeyStore_Open("test_rsa.p12", "blueberry", PARC_HASH_SHA256);
PARCKeyStore *keyStore = parcKeyStore_Create(publicKeyStore, PARCPkcs12KeyStoreAsKeyStore);
parcPkcs12KeyStore_Release(&publicKeyStore);
PARCPublicKeySigner *publicKeySigner = parcPublicKeySigner_Create(keyStore, PARCSigningAlgorithm_RSA, PARC_HASH_SHA256);
parcKeyStore_Release(&keyStore);
PARCSigner *signer = parcSigner_Create(publicKeySigner, PARCPublicKeySignerAsSigner);
parcPublicKeySigner_Release(&publicKeySigner);
assertNotNull(signer, "parcPkcs12KeyStore_Open(\"test_rsa.p12\", \"blueberry\", PARC_HASH_SHA256) returned NULL");
PARCCryptoHash *pkd = parcKeyStore_GetVerifierKeyDigest(parcSigner_GetKeyStore(signer));
assertNotNull(pkd, "got null public key digest for external pkcs12");
// read in the "truth" from the command line utilities
int fd = open("test_rsa_pub_sha256.bin", O_RDONLY);
uint8_t true_digest[SHA256_DIGEST_LENGTH];
ssize_t read_bytes = read(fd, true_digest, SHA256_DIGEST_LENGTH);
close(fd);
assertTrue(read_bytes == SHA256_DIGEST_LENGTH, "could not read %d byte digest from test_rsa_pub_sha256.bin", SHA256_DIGEST_LENGTH);
PARCBuffer *digest = parcCryptoHash_GetDigest(pkd);
const uint8_t *bb_buffer = parcByteArray_Array(parcBuffer_Array(digest));
size_t bb_length = parcBuffer_Remaining(digest);
assertTrue(bb_length == SHA256_DIGEST_LENGTH,
"Incorrect digest length returned from GetPublicKeyDigest: %zu", bb_length);
assertTrue(memcmp(bb_buffer, true_digest, SHA256_DIGEST_LENGTH) == 0, "digests did not match");
parcSigner_Release(&signer);
parcCryptoHash_Release(&pkd);
}
/**
* Use a ccnx-generated pkcs12 file
*/
LONGBOW_TEST_CASE(ccnx_internal, parcPkcs12KeyStore_GetPublicKeyDigest)
{
// create a file and open it
const char *password = "******";
const char *subject = "alice";
bool result;
result = parcPkcs12KeyStore_CreateFile(filename, password, subject, 1024, 32);
assertTrue(result, "got error from parcPkcs12KeyStore_CreatePkcs12File");
PARCPkcs12KeyStore *publicKeyStore = parcPkcs12KeyStore_Open(filename, password, PARC_HASH_SHA256);
assertNotNull(publicKeyStore, "Got null result from opening openssl pkcs12 file");
PARCKeyStore *keyStore = parcKeyStore_Create(publicKeyStore, PARCPkcs12KeyStoreAsKeyStore);
parcPkcs12KeyStore_Release(&publicKeyStore);
PARCCryptoHash *pkd = parcKeyStore_GetVerifierKeyDigest(keyStore);
assertNotNull(pkd, "got null public key digest for external pkcs12");
size_t bb_length = parcBuffer_Remaining(parcCryptoHash_GetDigest(pkd));
assertTrue(bb_length == SHA256_DIGEST_LENGTH, "Incorrect digest length returned from GetPublicKeyDigest: %zu", bb_length);
parcKeyStore_Release(&keyStore);
parcCryptoHash_Release(&pkd);
}