Exemplo n.º 1
0
END_TEST





START_TEST(check_ed25519_signatures)
{
	ED25519_KEY *key;
	ed25519_signature sigbuf;
	unsigned char *rdata;
	size_t dlens[] = { 16, 128, 1024, 65535 };
	size_t rsize, last_min = 1;
	int res;

	res = crypto_init();
	ck_assert_msg(!res, "Crypto initialization routine failed.\n");

	key = generate_ed25519_keypair();
	ck_assert_msg((key != NULL), "ed25519 signature/verification check failed: could not generate key pair.\n");

	for (size_t i = 0; i < (sizeof(dlens) / sizeof(dlens[0])); i++) {

		for (size_t j = 0; j < N_SIGNATURE_TIER_TESTS; j++) {
			rdata = gen_random_data(last_min, dlens[i], &rsize);
			memset(sigbuf, 0, sizeof(sigbuf));
			ck_assert_msg((rdata != NULL), "ed25519 signature/verification check failed: could not generate random data.\n");
			ed25519_sign_data(rdata, rsize, key, sigbuf);

			res = ed25519_verify_sig(rdata, rsize, key, sigbuf);
			ck_assert_msg((res == 1), "ed25519 signature/verification check failed: signature verification failed (%d).\n", res);

			free(rdata);
		}

		last_min = dlens[i];
	}

	free_ed25519_key(key);

	fprintf(stderr, "ed25519 signature/verification check completed.\n");
}
Exemplo n.º 2
0
END_TEST

START_TEST(check_signet_sok)
{

	ED25519_KEY *sok, *sok_from_signet;
	int res;
	signet_t *signet;

	_crypto_init();

	signet = dime_sgnt_signet_create(SIGNET_TYPE_USER);
	ck_assert_msg(signet != NULL, "Failure to create user signet.\n");

	sok = generate_ed25519_keypair();
	ck_assert_msg(sok != NULL, "Failure to generate ed25519 key pair.\n");

	res = dime_sgnt_sok_create(signet, sok, (unsigned char) SIGNKEY_DEFAULT_FORMAT, (SIGNET_SOK_SIGNET | SIGNET_SOK_MSG | SIGNET_SOK_TLS | SIGNET_SOK_SOFTWARE) );
	ck_assert_msg(res == -1, "Error cause by inserting a SOK inside a user signet.\n");

	dime_sgnt_signet_destroy(signet);

	signet = dime_sgnt_signet_create(SIGNET_TYPE_ORG);
	ck_assert_msg(signet != NULL, "Failure to create organizational signet.\n");

	res = dime_sgnt_sok_create(signet, sok, 214, (SIGNET_SOK_SIGNET | SIGNET_SOK_MSG) );
	ck_assert_msg(res == -1, "Error caused by inserting a SOK with an invalid format.\n");

	res = dime_sgnt_sok_create(signet, sok, (unsigned char) SIGNKEY_DEFAULT_FORMAT, (SIGNET_SOK_SIGNET | SIGNET_SOK_MSG | SIGNET_SOK_TLS | SIGNET_SOK_SOFTWARE) );
	ck_assert_msg(res == 0, "Failure to add a SOK field to signet.\n");

	sok_from_signet = dime_sgnt_sok_num_fetch(signet, 1);
	ck_assert_msg(sok_from_signet != NULL, "Failure to fetch SOK from signet.\n");

	res = memcmp(sok->public_key, sok_from_signet->public_key, ED25519_KEY_SIZE);
	ck_assert_msg(res == 0, "SOK was corrupted during inserting and fetching into and from the signet.\n");

	free_ed25519_key(sok_from_signet);
	dime_sgnt_signet_destroy(signet);

	fprintf(stderr, "Signet SOK check complete.\n");
}
Exemplo n.º 3
0
END_TEST

START_TEST(check_signet_multi_signkey)
{

	EC_KEY *eckey;
	ED25519_KEY *keys[5], **fetched;
	int res;
	signet_t *signet;

	_crypto_init();

	for(int i = 0; i < 5; ++i) {
		keys[i] = generate_ed25519_keypair();
	}

	eckey = generate_ec_keypair(0);

	signet = dime_sgnt_signet_create(SIGNET_TYPE_ORG);
	ck_assert_msg(signet != NULL, "Failed to create organizational signet.\n");

	res = dime_sgnt_signkey_set(signet, keys[0], SIGNKEY_DEFAULT_FORMAT);
	ck_assert_msg(res == 0, "Failed to set signet POK.\n");

	res += dime_sgnt_sok_create(signet, keys[1], SIGNKEY_DEFAULT_FORMAT, SIGNET_SOK_SIGNET);
	ck_assert_msg(res == 0, "Failed to create SOK 1.\n");

	res += dime_sgnt_sok_create(signet, keys[2], SIGNKEY_DEFAULT_FORMAT, SIGNET_SOK_MSG);
	ck_assert_msg(res == 0, "Failed to create SOK 2.\n");

	res += dime_sgnt_sok_create(signet, keys[3], SIGNKEY_DEFAULT_FORMAT, SIGNET_SOK_TLS);
	ck_assert_msg(res == 0, "Failed to create SOK 3.\n");

	res += dime_sgnt_sok_create(signet, keys[4], SIGNKEY_DEFAULT_FORMAT, SIGNET_SOK_SOFTWARE);
	ck_assert_msg(res == 0, "Failed to create SOK 4.\n");

	res = dime_sgnt_enckey_set(signet, eckey, 0);
	ck_assert_msg(res == 0, "Failed to set signet encryption key.\n");

	free_ec_key(eckey);

	res = dime_sgnt_sig_crypto_sign(signet, keys[0]);
	ck_assert_msg(res == 0, "Failed to sign organizational signet with its private POK.\n");

	fetched = dime_sgnt_signkeys_signet_fetch(signet);
	ck_assert_msg( (fetched != NULL), "Failed to fetch signing keys.\n");
	ck_assert_msg( (fetched[0] != NULL), "Failed to fetch signing keys.\n");
	ck_assert_msg( (fetched[1] != NULL), "Failed to fetch signing keys.\n");
	ck_assert_msg( (fetched[2] == NULL), "Failed to fetch signing keys.\n");

	res = memcmp(fetched[0]->public_key, keys[0]->public_key, ED25519_KEY_SIZE);
	ck_assert_msg(res == 0, "POK was corrupted.\n");
	
	res = memcmp(fetched[1]->public_key, keys[1]->public_key, ED25519_KEY_SIZE);
	ck_assert_msg(res == 0, "SOK 1 was corrupted.\n");

	free_ed25519_key_chain(fetched);
	fetched = NULL;
	fetched = dime_sgnt_signkeys_msg_fetch(signet);
	ck_assert_msg( (fetched != NULL) && 
                       (fetched[0] != NULL) && 
                       (fetched[1] != NULL) && 
                       (fetched[2] == NULL), "Failed to fetch signing keys.\n");
	res = memcmp(fetched[0]->public_key, keys[0]->public_key, ED25519_KEY_SIZE);
	ck_assert_msg(res == 0, "POK was corrupted.\n");

	res = memcmp(fetched[1]->public_key, keys[2]->public_key, ED25519_KEY_SIZE);
	ck_assert_msg(res == 0, "SOK 2 was corrupted.\n");

	free_ed25519_key_chain(fetched);
	fetched = NULL;

	fetched = dime_sgnt_signkeys_tls_fetch(signet);
	ck_assert_msg( (fetched != NULL) && 
                       (fetched[0] != NULL) && 
                       (fetched[1] != NULL) && 
                       (fetched[2] == NULL), "Failed to fetch signing keys.\n");

	res = memcmp(fetched[0]->public_key, keys[0]->public_key, ED25519_KEY_SIZE);
	ck_assert_msg(res == 0, "POK was corrupted.\n");
	
	res = memcmp(fetched[1]->public_key, keys[3]->public_key, ED25519_KEY_SIZE);
	ck_assert_msg(res == 0, "SOK 3 was corrupted.\n");
	
	free_ed25519_key_chain(fetched);
	fetched = NULL;

	fetched = dime_sgnt_signkeys_software_fetch(signet);
	ck_assert_msg( (fetched != NULL) && 
                       (fetched[0] != NULL) && 
                       (fetched[1] != NULL) && 
                       (fetched[2] == NULL), "Failed to fetch signing keys.\n");

	res = memcmp(fetched[0]->public_key, keys[0]->public_key, ED25519_KEY_SIZE);
	ck_assert_msg(res == 0, "POK was corrupted.\n");
	
	res = memcmp(fetched[1]->public_key, keys[4]->public_key, ED25519_KEY_SIZE);
	ck_assert_msg(res == 0, "SOK 4 was corrupted.\n");
	
	free_ed25519_key_chain(fetched);
	fetched = NULL;

	for(int i = 0; i < 5; ++i) {
		free_ed25519_key(keys[i]);
	}

	dime_sgnt_signet_destroy(signet);

	fprintf(stderr, "Signet selective signing key multi-fetching check complete.\n");
}