LONGBOW_TEST_CASE(Global, ccnxContentObject_GetKeyId)
{
CCNxName *name = ccnxName_CreateFromCString("lci:/hello/dolly");
PARCBuffer *payload = parcBuffer_WrapCString("hello");
CCNxContentObject *contentObject = ccnxContentObject_CreateWithDataPayload(name, payload);
assertNull(ccnxContentObject_GetKeyId(contentObject), "Expect NULL for KeyId here");
PARCBuffer *testKeyId = parcBuffer_WrapCString("keyhash");
PARCBuffer *sigbits = parcBuffer_WrapCString("siggybits");
PARCSignature *signature = parcSignature_Create(PARCSigningAlgorithm_RSA, PARC_HASH_SHA256, parcBuffer_Flip(sigbits));
ccnxContentObject_SetSignature(contentObject, testKeyId, signature, NULL);
PARCBuffer *keyId = ccnxContentObject_GetKeyId(contentObject);
assertTrue(parcBuffer_Equals(keyId, testKeyId), "Expect key ids to match");
parcBuffer_Release(&payload);
parcBuffer_Release(&sigbits);
parcBuffer_Release(&keyId);
parcSignature_Release(&signature);
ccnxName_Release(&name);
ccnxContentObject_Release(&contentObject);
}
static PARCSignature *
_SignDigest(PARCPublicKeySigner *signer, const PARCCryptoHash *digestToSign)
{
parcSecurity_AssertIsInitialized();
assertNotNull(signer, "Parameter must be non-null CCNxFileKeystore");
assertNotNull(digestToSign, "Buffer to sign must not be null");
// TODO: what is the best way to expose this?
PARCKeyStore *keyStore = signer->keyStore;
PARCBuffer *privateKeyBuffer = parcKeyStore_GetDEREncodedPrivateKey(keyStore);
EVP_PKEY *privateKey = NULL;
size_t keySize = parcBuffer_Remaining(privateKeyBuffer);
uint8_t *bytes = parcBuffer_Overlay(privateKeyBuffer, keySize);
privateKey = d2i_PrivateKey(EVP_PKEY_RSA, &privateKey, (const unsigned char **) &bytes, keySize);
parcBuffer_Release(&privateKeyBuffer);
RSA *rsa = EVP_PKEY_get1_RSA(privateKey);
int opensslDigestType;
switch (parcCryptoHash_GetDigestType(digestToSign)) {
case PARCCryptoHashType_SHA256:
opensslDigestType = NID_sha256;
break;
case PARCCryptoHashType_SHA512:
opensslDigestType = NID_sha512;
break;
default:
trapUnexpectedState("Unknown digest type: %s",
parcCryptoHashType_ToString(parcCryptoHash_GetDigestType(digestToSign)));
}
uint8_t *sig = parcMemory_Allocate(RSA_size(rsa));
assertNotNull(sig, "parcMemory_Allocate(%u) returned NULL", RSA_size(rsa));
unsigned sigLength = 0;
PARCBuffer *bb_digest = parcCryptoHash_GetDigest(digestToSign);
int result = RSA_sign(opensslDigestType,
(unsigned char *) parcByteArray_Array(parcBuffer_Array(bb_digest)),
(int) parcBuffer_Remaining(bb_digest),
sig,
&sigLength,
rsa);
assertTrue(result == 1, "Got error from RSA_sign: %d", result);
RSA_free(rsa);
PARCBuffer *bbSign = parcBuffer_Allocate(sigLength);
parcBuffer_Flip(parcBuffer_PutArray(bbSign, sigLength, sig));
parcMemory_Deallocate((void **) &sig);
PARCSignature *signature =
parcSignature_Create(_GetSigningAlgorithm(signer),
parcCryptoHash_GetDigestType(digestToSign),
bbSign
);
parcBuffer_Release(&bbSign);
return signature;
}
static PARCSignature *
_SignDigest(PARCSigner *interfaceContext)
{
PARCBuffer *buffer = parcBuffer_WrapCString(FAKE_SIGNATURE);
PARCSignature *signature = parcSignature_Create(PARCSigningAlgorithm_RSA, PARCCryptoHashType_SHA256, buffer);
parcBuffer_Release(&buffer);
return signature;
}
/**
* wrap the HMAC in digestToSign in a PARCSignature
*
* @param hashToSign is the HMAC computed by the our PARCCryptoHasher.
*/
static PARCSignature *
_signDigest(void *interfaceContext, const PARCCryptoHash *hashToSign)
{
// The digest computed via our hash function (hmac) is the actual signature.
// just need to wrap it up with the right parameters.
PARCBuffer *signatureBits = parcBuffer_Copy(parcCryptoHash_GetDigest(hashToSign));
PARCSignature *result = parcSignature_Create(_getSigningAlgorithm(interfaceContext), parcCryptoHash_GetDigestType(hashToSign), signatureBits);
parcBuffer_Release(&signatureBits);
return result;
}
LONGBOW_TEST_CASE(Global, parcSignature_GetSignature)
{
PARCBuffer *expected = parcBuffer_Allocate(strlen("Hello"));
parcBuffer_PutArray(expected, strlen("Hello"), (uint8_t *) "Hello");
PARCSignature *signature = parcSignature_Create(PARCSigningAlgorithm_DSA, PARC_HASH_SHA256, expected);
PARCBuffer *actual = parcSignature_GetSignature(signature);
assertTrue(parcBuffer_Equals(expected, actual), "Expected the original signature bits to be equal to the actual bits");
parcSignature_Release(&signature);
parcBuffer_Release(&expected);
}
LONGBOW_TEST_CASE(Global, parcSignature_Equals)
{
PARCBuffer *bits = parcBuffer_Allocate(10); // arbitrary bufer size -- not important
PARCBuffer *otherBits = parcBuffer_Allocate(strlen("hello"));
parcBuffer_PutArray(otherBits, strlen("hello"), (uint8_t *) "hello");
PARCSignature *x = parcSignature_Create(PARCSigningAlgorithm_DSA, PARC_HASH_SHA256, bits);
PARCSignature *y = parcSignature_Create(PARCSigningAlgorithm_DSA, PARC_HASH_SHA256, bits);
PARCSignature *z = parcSignature_Create(PARCSigningAlgorithm_DSA, PARC_HASH_SHA256, bits);
PARCSignature *unequal1 = parcSignature_Create(PARCSigningAlgorithm_HMAC, PARC_HASH_SHA256, bits);
PARCSignature *unequal2 = parcSignature_Create(PARCSigningAlgorithm_DSA, PARC_HASH_CRC32C, bits);
PARCSignature *unequal3 = parcSignature_Create(PARCSigningAlgorithm_DSA, PARC_HASH_SHA256, otherBits);
parcObjectTesting_AssertEqualsFunction(parcSignature_Equals, x, y, z, unequal1, unequal2, unequal3, NULL);
parcSignature_Release(&x);
parcSignature_Release(&y);
parcSignature_Release(&z);
parcSignature_Release(&unequal1);
parcSignature_Release(&unequal2);
parcSignature_Release(&unequal3);
parcBuffer_Release(&bits);
parcBuffer_Release(&otherBits);
}
LONGBOW_TEST_CASE(Global, parcSignature_GetSigningAlgorithm)
{
PARCBuffer *signatureBits = parcBuffer_Allocate(strlen("Hello"));
parcBuffer_PutArray(signatureBits, strlen("Hello"), (uint8_t *) "Hello");
PARCSigningAlgorithm expected = PARCSigningAlgorithm_DSA;
PARCSignature *signature = parcSignature_Create(expected, PARC_HASH_SHA256, signatureBits);
PARCSigningAlgorithm actual = parcSignature_GetSigningAlgorithm(signature);
assertTrue(expected == actual, "Expected %d, actual %d", expected, actual);
parcSignature_Release(&signature);
parcBuffer_Release(&signatureBits);
}
LONGBOW_TEST_CASE(Global, parcSignature_GetHashType)
{
PARCBuffer *bits = parcBuffer_Allocate(strlen("Hello"));
parcBuffer_PutArray(bits, strlen("Hello"), (uint8_t *) "Hello");
PARCCryptoHashType expected = PARC_HASH_SHA256;
PARCSignature *signature = parcSignature_Create(PARCSigningAlgorithm_DSA, expected, bits);
parcBuffer_Release(&bits);
PARCCryptoHashType actual = parcSignature_GetHashType(signature);
assertTrue(expected == actual, "Expected %d, actual %d", expected, actual);
parcSignature_Release(&signature);
}
LONGBOW_TEST_CASE(Global, parcSignature_Create)
{
PARCBuffer *bits = parcBuffer_Allocate(10); // arbitrary buffer size -- not important
PARCSignature *signature = parcSignature_Create(PARCSigningAlgorithm_DSA, PARC_HASH_SHA256, bits);
parcBuffer_Release(&bits);
assertNotNull(signature, "Expected non-NULL PARCSignature");
PARCReferenceCount referenceCount = parcObject_GetReferenceCount(signature);
assertTrue(referenceCount == 1,
"Expected reference count to be equal to 1, got %" PRIu64 "",
referenceCount);
parcSignature_Release(&signature);
}
LONGBOW_TEST_CASE(Global, parcSignature_ToString)
{
PARCBuffer *signatureBits = parcBuffer_Allocate(strlen("Hello"));
parcBuffer_PutArray(signatureBits, strlen("Hello"), (uint8_t *) "Hello");
PARCSigningAlgorithm expected = PARCSigningAlgorithm_DSA;
PARCSignature *signature = parcSignature_Create(expected, PARC_HASH_SHA256, signatureBits);
char *string = parcSignature_ToString(signature);
assertNotNull(string, "Expected non-NULL result from parcSignature_ToString");
parcMemory_Deallocate((void **) &string);
parcSignature_Release(&signature);
parcBuffer_Release(&signatureBits);
}
LONGBOW_TEST_CASE(Global, ccnxContentObject_SetSignature)
{
CCNxName *name = ccnxName_CreateFromCString("lci:/hello/dolly");
PARCBuffer *payload = parcBuffer_WrapCString("hello");
CCNxContentObject *contentObject = ccnxContentObject_CreateWithDataPayload(name, payload);
PARCBuffer *keyId = parcBuffer_WrapCString("keyhash");
PARCBuffer *sigbits = parcBuffer_WrapCString("siggybits");
PARCSignature *signature = parcSignature_Create(PARCSigningAlgorithm_RSA, PARC_HASH_SHA256, parcBuffer_Flip(sigbits));
ccnxContentObject_SetSignature(contentObject, keyId, signature, NULL);
parcBuffer_Release(&payload);
parcBuffer_Release(&sigbits);
parcBuffer_Release(&keyId);
parcSignature_Release(&signature);
ccnxName_Release(&name);
ccnxContentObject_Release(&contentObject);
}
static CCNxTlvDictionary *
createSignedContentObject(void)
{
CCNxName *name = ccnxName_CreateFromURI("lci:/some/name");
PARCBuffer *payload = parcBuffer_Flip(parcBuffer_PutArray(parcBuffer_Allocate(20), 11, (uint8_t *) "the payload"));
CCNxTlvDictionary *contentObject = ccnxContentObject_CreateWithDataPayload(name, payload);
parcBuffer_Release(&payload);
ccnxName_Release(&name);
PARCBuffer *keyid = parcBuffer_Flip(parcBuffer_PutArray(parcBuffer_Allocate(20), 5, (uint8_t *) "keyid"));
ccnxValidationRsaSha256_Set(contentObject, keyid, NULL);
parcBuffer_Release(&keyid);
PARCBuffer *sigbits = parcBuffer_WrapCString("the signature");
PARCSignature *signature = parcSignature_Create(PARCSigningAlgorithm_RSA, PARC_HASH_SHA256, parcBuffer_Flip(sigbits));
ccnxContentObject_SetSignature(contentObject, keyid, signature, NULL);
parcSignature_Release(&signature);
parcBuffer_Release(&sigbits);
return contentObject;
}
