LONGBOW_TEST_CASE(Global, parcSigner_CreatePublicKey)
{
_MockSigner *mock = _createSigner();
PARCSigner *signer = parcSigner_Create(mock, _MockSignerInterface);
PARCKey *key = parcSigner_CreatePublicKey(signer);
// Compute the real value
PARCCryptoHash *hash = parcKeyStore_GetVerifierKeyDigest(mock->keyStore);
PARCKeyId *keyid = parcKeyId_Create(parcCryptoHash_GetDigest(hash));
PARCBuffer *derEncodedKey = parcKeyStore_GetDEREncodedPublicKey(mock->keyStore);
PARCKey *expectedKey = parcKey_CreateFromDerEncodedPublicKey(keyid,
parcSigner_GetSigningAlgorithm(signer),
derEncodedKey);
parcBuffer_Release(&derEncodedKey);
parcKeyId_Release(&keyid);
parcCryptoHash_Release(&hash);
assertTrue(parcKey_Equals(key, expectedKey), "Expected public keys to be computed equally.");
parcKey_Release(&key);
parcKey_Release(&expectedKey);
parcSigner_Release(&signer);
_mockSigner_Release(&mock);
}
/**
* Gets the DER encoded public key
*/
LONGBOW_TEST_CASE(openssl_commandline, parcPkcs12KeyStore_GetEncodedPublicKey)
{
PARCPkcs12KeyStore *publicKeyStore = parcPkcs12KeyStore_Open("test_rsa.p12", "blueberry", PARC_HASH_SHA256);
PARCKeyStore *keyStore = parcKeyStore_Create(publicKeyStore, PARCPkcs12KeyStoreAsKeyStore);
parcPkcs12KeyStore_Release(&publicKeyStore);
PARCPublicKeySigner *publicKeySigner = parcPublicKeySigner_Create(keyStore, PARCSigningAlgorithm_RSA, PARC_HASH_SHA256);
parcKeyStore_Release(&keyStore);
PARCSigner *signer = parcSigner_Create(publicKeySigner, PARCPublicKeySignerAsSigner);
parcPublicKeySigner_Release(&publicKeySigner);
assertNotNull(signer, "Got null result from opening openssl pkcs12 file");
PARCBuffer *pubkey_der = parcKeyStore_GetDEREncodedPublicKey(parcSigner_GetKeyStore(signer));
assertNotNull(pubkey_der, "got null public key der for external pkcs12");
// read in the "truth" from the command line utilities
int fd = open("test_rsa_pub.der", O_RDONLY);
uint8_t true_der[1024];
ssize_t read_bytes = read(fd, true_der, 1024);
close(fd);
assertTrue(read_bytes == 162, "could not read %d byte digest from test_rsa_pub_sha256.bin", 162);
const uint8_t *bb_buffer = parcByteArray_Array(parcBuffer_Array(pubkey_der));
size_t bb_length = parcBuffer_Remaining(pubkey_der);
assertTrue(bb_length == read_bytes, "Incorrect digest length returned from GetCertificateDigest: %zu", bb_length);
assertTrue(memcmp(bb_buffer, true_der, read_bytes) == 0, "digests did not match");
parcSigner_Release(&signer);
parcBuffer_Release(&pubkey_der);
}
LONGBOW_TEST_CASE(Global, ccnxPortalFactory_GetKeyId)
{
const char *keystoreName = "ccnxPortalFactory_keystore";
parcSecurity_Init();
bool success = parcPkcs12KeyStore_CreateFile(keystoreName, "keystore_password", "consumer", 1024, 30);
assertTrue(success, "parcPkcs12KeyStore_CreateFile('%s', 'keystore_password') failed.", keystoreName);
PARCIdentityFile *identityFile = parcIdentityFile_Create(keystoreName, "keystore_password");
PARCIdentity *identity = parcIdentity_Create(identityFile, PARCIdentityFileAsPARCIdentity);
CCNxPortalFactory *factory = ccnxPortalFactory_Create(identity);
const PARCKeyId *actual = ccnxPortalFactory_GetKeyId(factory);
PARCSigner *signer = parcIdentity_CreateSigner(identity);
PARCKeyId *expected = parcSigner_CreateKeyId(signer);
parcSigner_Release(&signer);
assertTrue(parcKeyId_Equals(expected, actual), "KeyIds not equal");
parcKeyId_Release(&expected);
ccnxPortalFactory_Release(&factory);
parcIdentityFile_Release(&identityFile);
parcIdentity_Release(&identity);
parcSecurity_Fini();
}
void
athena_EncodeMessage(CCNxMetaMessage *message)
{
PARCSigner *signer = ccnxValidationCRC32C_CreateSigner();
CCNxCodecNetworkBufferIoVec *iovec = ccnxCodecTlvPacket_DictionaryEncode(message, signer);
assertTrue(ccnxWireFormatMessage_PutIoVec(message, iovec), "ccnxWireFormatMessage_PutIoVec failed");;
ccnxCodecNetworkBufferIoVec_Release(&iovec);
parcSigner_Release(&signer);
}
LONGBOW_TEST_CASE(Global, parcSigner_Create)
{
_MockSigner *mock = _createSigner();
PARCSigner *signer = parcSigner_Create(mock, _MockSignerInterface);
_mockSigner_Release(&mock);
assertNotNull(signer, "Expected non-null signer");
parcSigner_Release(&signer);
}
LONGBOW_TEST_CASE(Global, parcSigner_GetKeyStore)
{
_MockSigner *mock = _createSigner();
PARCSigner *signer = parcSigner_Create(mock, _MockSignerInterface);
_mockSigner_Release(&mock);
PARCKeyStore *keyStore = parcSigner_GetKeyStore(signer);
assertNotNull(keyStore, "Expected non-NULL PARCKeyStore");
parcSigner_Release(&signer);
}
LONGBOW_TEST_CASE(Global, parcSigner_GetCryptoHashType)
{
_MockSigner *mock = _createSigner();
PARCSigner *signer = parcSigner_Create(mock, _MockSignerInterface);
_mockSigner_Release(&mock);
PARCCryptoHashType type = parcSigner_GetCryptoHashType(signer);
assertTrue(PARCCryptoHashType_SHA256 == type, "Expected PARCCryptoHashType_SHA256 algorithm, got %d", type);
parcSigner_Release(&signer);
}
LONGBOW_TEST_CASE(Global, parcSigner_GetSigningAlgorithm)
{
_MockSigner *mock = _createSigner();
PARCSigner *signer = parcSigner_Create(mock, _MockSignerInterface);
_mockSigner_Release(&mock);
PARCSigningAlgorithm alg = parcSigner_GetSigningAlgorithm(signer);
assertTrue(PARCSigningAlgorithm_RSA == alg, "Expected PARCSigningAlgorithm_RSA algorithm, got %d", alg);
parcSigner_Release(&signer);
}
LONGBOW_TEST_CASE(Global, ccnxValidationHmacSha256_CreateSigner)
{
char secretKeyString[] = "0123456789ABCDEF0123456789ABCDEF";
PARCBuffer *secretKey = bufferFromString(strlen(secretKeyString), secretKeyString);
PARCSigner *signer = ccnxValidationHmacSha256_CreateSigner(secretKey);
assertNotNull(signer, "Got null signer");
parcSigner_Release(&signer);
parcBuffer_Release(&secretKey);
}
LONGBOW_TEST_CASE(Global, parcSigner_GetCryptoHasher)
{
_MockSigner *mock = _createSigner();
PARCSigner *signer = parcSigner_Create(mock, _MockSignerInterface);
_mockSigner_Release(&mock);
PARCCryptoHasher *hasher = parcSigner_GetCryptoHasher(signer);
assertNotNull(hasher, "Expected non-NULL PARCCryptoHasher");
parcSigner_Release(&signer);
}
LONGBOW_TEST_CASE(Global, parcSigner_CreateKeyId)
{
_MockSigner *mock = _createSigner();
PARCSigner *signer = parcSigner_Create(mock, _MockSignerInterface);
_mockSigner_Release(&mock);
PARCKeyId *keyId = parcSigner_CreateKeyId(signer);
assertNotNull(keyId, "Expected non-NULL PARCKeyId");
parcKeyId_Release(&keyId);
parcSigner_Release(&signer);
}
LONGBOW_TEST_CASE(Global, parcSigner_AcquireRelease)
{
_MockSigner *mock = _createSigner();
PARCSigner *signer = parcSigner_Create(mock, _MockSignerInterface);
_mockSigner_Release(&mock);
assertNotNull(signer, "Expected non-null signer");
parcObjectTesting_AssertAcquireReleaseContract(parcSigner_Acquire, signer);
parcSigner_Release(&signer);
assertNull(signer, "Expected null result from parcSigner_Release();");
}
LONGBOW_TEST_CASE(Global, ccnxMetaMessage_EncodeDecode)
{
CCNxName *name = ccnxName_CreateFromCString("lci:/foo/bar");
CCNxInterest *interest = ccnxInterest_CreateSimple(name);
ccnxName_Release(&name);
PARCSigner *signer = ccnxValidationCRC32C_CreateSigner(); // Would really be SHA256 or something.
// Encode it to wire format.
PARCBuffer *wireFormatBuffer = ccnxMetaMessage_CreateWireFormatBuffer(interest, signer);
// Now decode it from wireformat.
CCNxMetaMessage *decodedMessage = ccnxMetaMessage_CreateFromWireFormatBuffer(wireFormatBuffer);
// At this point, the unpacked dictionary should be equivalent to the original interest.
assertTrue(ccnxInterest_Equals(interest, decodedMessage), "Expected an equivalent interest to be unpacked");
parcBuffer_Release(&wireFormatBuffer);
ccnxInterest_Release(&interest);
ccnxMetaMessage_Release(&decodedMessage);
parcSigner_Release(&signer);
}
LONGBOW_TEST_CASE(Global, parcSigner_SignDigest)
{
_MockSigner *mock = _createSigner();
PARCSigner *signer = parcSigner_Create(mock, _MockSignerInterface);
_mockSigner_Release(&mock);
PARCBuffer *buffer = parcBuffer_Allocate(10);
PARCCryptoHash *hash = parcCryptoHash_Create(PARCCryptoHashType_SHA256, buffer);
PARCSignature *signature = parcSigner_SignDigest(signer, hash);
assertNotNull(signature, "Expected non-NULL PARCSignature");
PARCBuffer *bits = parcSignature_GetSignature(signature);
char *bitstring = parcBuffer_ToString(bits);
char *expectedString = FAKE_SIGNATURE;
assertTrue(strcmp(bitstring, expectedString) == 0, "Expected the forced signature as output %s, got %s", expectedString, bitstring);
parcMemory_Deallocate(&bitstring);
parcCryptoHash_Release(&hash);
parcBuffer_Release(&buffer);
parcSignature_Release(&signature);
parcSigner_Release(&signer);
}
/**
* read in the openssl command-line generated pkcs12 file
*/
LONGBOW_TEST_CASE(openssl_commandline, parcPkcs12KeyStore_GetPublicKeyDigest)
{
PARCPkcs12KeyStore *publicKeyStore = parcPkcs12KeyStore_Open("test_rsa.p12", "blueberry", PARC_HASH_SHA256);
PARCKeyStore *keyStore = parcKeyStore_Create(publicKeyStore, PARCPkcs12KeyStoreAsKeyStore);
parcPkcs12KeyStore_Release(&publicKeyStore);
PARCPublicKeySigner *publicKeySigner = parcPublicKeySigner_Create(keyStore, PARCSigningAlgorithm_RSA, PARC_HASH_SHA256);
parcKeyStore_Release(&keyStore);
PARCSigner *signer = parcSigner_Create(publicKeySigner, PARCPublicKeySignerAsSigner);
parcPublicKeySigner_Release(&publicKeySigner);
assertNotNull(signer, "parcPkcs12KeyStore_Open(\"test_rsa.p12\", \"blueberry\", PARC_HASH_SHA256) returned NULL");
PARCCryptoHash *pkd = parcKeyStore_GetVerifierKeyDigest(parcSigner_GetKeyStore(signer));
assertNotNull(pkd, "got null public key digest for external pkcs12");
// read in the "truth" from the command line utilities
int fd = open("test_rsa_pub_sha256.bin", O_RDONLY);
uint8_t true_digest[SHA256_DIGEST_LENGTH];
ssize_t read_bytes = read(fd, true_digest, SHA256_DIGEST_LENGTH);
close(fd);
assertTrue(read_bytes == SHA256_DIGEST_LENGTH, "could not read %d byte digest from test_rsa_pub_sha256.bin", SHA256_DIGEST_LENGTH);
PARCBuffer *digest = parcCryptoHash_GetDigest(pkd);
const uint8_t *bb_buffer = parcByteArray_Array(parcBuffer_Array(digest));
size_t bb_length = parcBuffer_Remaining(digest);
assertTrue(bb_length == SHA256_DIGEST_LENGTH,
"Incorrect digest length returned from GetPublicKeyDigest: %zu", bb_length);
assertTrue(memcmp(bb_buffer, true_digest, SHA256_DIGEST_LENGTH) == 0, "digests did not match");
parcSigner_Release(&signer);
parcCryptoHash_Release(&pkd);
}
