void
onConsumeComplete
(const ptr_lib::shared_ptr<Data>& contentData, const Blob& result,
int* finalCount)
{
(*finalCount) = 1;
ASSERT_TRUE(result.equals(Blob(DATA_CONTENT, sizeof(DATA_CONTENT))))
<< "consumeComplete";
}
TEST_F(TestAesAlgorithm, EncryptionDecryption)
{
EncryptParams encryptParams(ndn_EncryptAlgorithmType_AesEcb, 16);
Blob key(KEY, sizeof(KEY));
DecryptKey decryptKey(key);
EncryptKey encryptKey = AesAlgorithm::deriveEncryptKey(decryptKey.getKeyBits());
// Check key loading and key derivation.
ASSERT_TRUE(encryptKey.getKeyBits().equals(key));
ASSERT_TRUE(decryptKey.getKeyBits().equals(key));
Blob plainBlob(PLAINTEXT, sizeof(PLAINTEXT));
// Encrypt data in AES_ECB.
Blob cipherBlob = AesAlgorithm::encrypt
(encryptKey.getKeyBits(), plainBlob, encryptParams);
ASSERT_TRUE(cipherBlob.equals(Blob(CIPHERTEXT_ECB, sizeof(CIPHERTEXT_ECB))));
// Decrypt data in AES_ECB.
Blob receivedBlob = AesAlgorithm::decrypt
(decryptKey.getKeyBits(), cipherBlob, encryptParams);
ASSERT_TRUE(receivedBlob.equals(plainBlob));
// Encrypt/decrypt data in AES_CBC with auto-generated IV.
encryptParams.setAlgorithmType(ndn_EncryptAlgorithmType_AesCbc);
cipherBlob = AesAlgorithm::encrypt
(encryptKey.getKeyBits(), plainBlob, encryptParams);
receivedBlob = AesAlgorithm::decrypt
(decryptKey.getKeyBits(), cipherBlob, encryptParams);
ASSERT_TRUE(receivedBlob.equals(plainBlob));
// Encrypt data in AES_CBC with specified IV.
Blob initialVector(INITIAL_VECTOR, sizeof(INITIAL_VECTOR));
encryptParams.setInitialVector(initialVector);
cipherBlob = AesAlgorithm::encrypt
(encryptKey.getKeyBits(), plainBlob, encryptParams);
ASSERT_TRUE(cipherBlob.equals(Blob(CIPHERTEXT_CBC_IV, sizeof(CIPHERTEXT_CBC_IV))));
// Decrypt data in AES_CBC with specified IV.
receivedBlob = AesAlgorithm::decrypt
(decryptKey.getKeyBits(), cipherBlob, encryptParams);
ASSERT_TRUE(receivedBlob.equals(plainBlob));
}
TEST_F(TestRsaAlgorithm, EncryptionDecryption)
{
EncryptParams encryptParams(ndn_EncryptAlgorithmType_RsaOaep, 0);
ptr_lib::shared_ptr<vector<uint8_t> > privateKeyBuffer(new vector<uint8_t>());
fromBase64(PRIVATE_KEY, *privateKeyBuffer);
Blob privateKeyBlob(privateKeyBuffer, false);
ptr_lib::shared_ptr<vector<uint8_t> > publicKeyBuffer(new vector<uint8_t>());
fromBase64(PUBLIC_KEY, *publicKeyBuffer);
Blob publicKeyBlob(publicKeyBuffer, false);
DecryptKey decryptKey(privateKeyBlob);
EncryptKey encryptKey = RsaAlgorithm::deriveEncryptKey(decryptKey.getKeyBits());
Blob encodedPublic = publicKeyBlob;
Blob derivedPublicKey = encryptKey.getKeyBits();
ASSERT_TRUE(encodedPublic.equals(derivedPublicKey));
Blob plainBlob(PLAINTEXT, sizeof(PLAINTEXT));
Blob encryptBlob = RsaAlgorithm::encrypt
(encryptKey.getKeyBits(), plainBlob, encryptParams);
Blob receivedBlob = RsaAlgorithm::decrypt
(decryptKey.getKeyBits(), encryptBlob, encryptParams);
ASSERT_TRUE(plainBlob.equals(receivedBlob));
Blob cipherBlob(CIPHERTEXT_OAEP, sizeof(CIPHERTEXT_OAEP));
Blob decryptedBlob = RsaAlgorithm::decrypt
(decryptKey.getKeyBits(), cipherBlob, encryptParams);
ASSERT_TRUE(plainBlob.equals(decryptedBlob));
// Now test RsaPkcs.
encryptParams = EncryptParams(ndn_EncryptAlgorithmType_RsaPkcs, 0);
encryptBlob = RsaAlgorithm::encrypt
(encryptKey.getKeyBits(), plainBlob, encryptParams);
receivedBlob = RsaAlgorithm::decrypt
(decryptKey.getKeyBits(), encryptBlob, encryptParams);
ASSERT_TRUE(plainBlob.equals(receivedBlob));
cipherBlob = Blob(CIPHERTEXT_PKCS, sizeof(CIPHERTEXT_PKCS));
decryptedBlob = RsaAlgorithm::decrypt
(decryptKey.getKeyBits(), cipherBlob, encryptParams);
ASSERT_TRUE(plainBlob.equals(decryptedBlob));
}
TEST_F(TestAesAlgorithm, KeyGeneration)
{
AesKeyParams keyParams(128);
DecryptKey decryptKey = AesAlgorithm::generateKey(keyParams);
EncryptKey encryptKey = AesAlgorithm::deriveEncryptKey(decryptKey.getKeyBits());
Blob plainBlob(PLAINTEXT, sizeof(PLAINTEXT));
// Encrypt/decrypt data in AES_CBC with auto-generated IV.
EncryptParams encryptParams(ndn_EncryptAlgorithmType_AesCbc, 16);
Blob cipherBlob = AesAlgorithm::encrypt
(encryptKey.getKeyBits(), plainBlob, encryptParams);
Blob receivedBlob = AesAlgorithm::decrypt
(decryptKey.getKeyBits(), cipherBlob, encryptParams);
ASSERT_TRUE(receivedBlob.equals(plainBlob));
}
TEST_F(TestConsumerDb, OperateAesDecryptionKey)
{
// Test construction.
Sqlite3ConsumerDb database(databaseFilePath);
// Generate key blobs.
Blob encryptionKeyBlob;
Blob decryptionKeyBlob;
generateAesKeys(encryptionKeyBlob, decryptionKeyBlob);
Name keyName
("/alice/health/samples/activity/steps/C-KEY/20150928080000/20150928090000!");
keyName.append(Name("FOR/alice/health/read/activity!"));
database.addKey(keyName, decryptionKeyBlob);
Blob resultBlob = database.getKey(keyName);
ASSERT_TRUE(decryptionKeyBlob.equals(resultBlob));
database.deleteKey(keyName);
resultBlob = database.getKey(keyName);
ASSERT_EQ(0, resultBlob.size());
}
void
onPlainText(const Blob& result, const Blob& expectedResult)
{
ASSERT_TRUE(result.equals(expectedResult));
}
TEST_F(TestProducer, ContentKeyRequest)
{
Name prefix("/prefix");
Name suffix("/a/b/c");
Name expectedInterest(prefix);
expectedInterest.append(Encryptor::getNAME_COMPONENT_READ());
expectedInterest.append(suffix);
expectedInterest.append(Encryptor::getNAME_COMPONENT_E_KEY());
Name cKeyName(prefix);
cKeyName.append(Encryptor::getNAME_COMPONENT_SAMPLE());
cKeyName.append(suffix);
cKeyName.append(Encryptor::getNAME_COMPONENT_C_KEY());
Name timeMarker("20150101T100000/20150101T120000");
MillisecondsSince1970 testTime1 = fromIsoString("20150101T100001");
MillisecondsSince1970 testTime2 = fromIsoString("20150101T110001");
Name::Component testTimeRounded1("20150101T100000");
Name::Component testTimeRounded2("20150101T110000");
Name::Component testTimeComponent2("20150101T110001");
// Create content keys required for this test case:
for (size_t i = 0; i < suffix.size(); ++i) {
createEncryptionKey(expectedInterest, timeMarker);
expectedInterest = expectedInterest.getPrefix(-2).append
(Encryptor::getNAME_COMPONENT_E_KEY());
}
int expressInterestCallCount = 0;
// Prepare a TestFace to instantly answer calls to expressInterest.
class TestFace : public Face {
public:
TestFace(TestProducer* parent, const Name& timeMarker,
int* expressInterestCallCount)
: Face("localhost"),
parent_(parent),
timeMarker_(timeMarker),
expressInterestCallCount_(expressInterestCallCount)
{}
virtual uint64_t
expressInterest
(const Interest& interest, const OnData& onData,
const OnTimeout& onTimeout, const OnNetworkNack& onNetworkNack,
WireFormat& wireFormat = *WireFormat::getDefaultWireFormat())
{
++(*expressInterestCallCount_);
Name interestName(interest.getName());
interestName.append(timeMarker_);
if (parent_->encryptionKeys.find(interestName) == parent_->encryptionKeys.end())
throw runtime_error
("TestFace::expressInterest: Can't find " + interestName.toUri());
onData(ptr_lib::make_shared<Interest>(interest),
parent_->encryptionKeys[interestName]);
return 0;
}
private:
TestProducer* parent_;
Name timeMarker_;
int *expressInterestCallCount_;
};
TestFace face(this, timeMarker, &expressInterestCallCount);
// Verify that the content key is correctly encrypted for each domain, and
// the produce method encrypts the provided data with the same content key.
ptr_lib::shared_ptr<ProducerDb> testDb(new Sqlite3ProducerDb(databaseFilePath));
Producer producer(prefix, suffix, &face, keyChain.get(), testDb);
Blob contentKey;
// An initial test to confirm that keys are created for this time slot.
Name contentKeyName1 = producer.createContentKey
(testTime1,
bind(&TestProducer::checkEncryptionKeys, this, _1, testTime1,
testTimeRounded1, 3, &expressInterestCallCount, &contentKey, cKeyName,
testDb));
// Verify that we do not repeat the search for e-keys. The total
// expressInterestCallCount should be the same.
Name contentKeyName2 = producer.createContentKey
(testTime2,
bind(&TestProducer::checkEncryptionKeys, this, _1, testTime2,
testTimeRounded2, 3, &expressInterestCallCount, &contentKey, cKeyName,
testDb));
// Confirm content key names are correct
ASSERT_EQ(cKeyName, contentKeyName1.getPrefix(-1));
ASSERT_EQ(testTimeRounded1, contentKeyName1.get(6));
ASSERT_EQ(cKeyName, contentKeyName2.getPrefix(-1));
ASSERT_EQ(testTimeRounded2, contentKeyName2.get(6));
// Confirm that produce encrypts with the correct key and has the right name.
Data testData;
producer.produce(testData, testTime2, Blob(DATA_CONTENT, sizeof(DATA_CONTENT)));
const Name& producedName = testData.getName();
ASSERT_EQ(cKeyName.getPrefix(-1), producedName.getSubName(0, 5));
ASSERT_EQ(testTimeComponent2, producedName.get(5));
ASSERT_EQ(Encryptor::getNAME_COMPONENT_FOR(), producedName.get(6));
ASSERT_EQ(cKeyName, producedName.getSubName(7, 6));
ASSERT_EQ(testTimeRounded2, producedName.get(13));
const Blob& dataBlob = testData.getContent();
EncryptedContent dataContent;
dataContent.wireDecode(dataBlob);
const Blob& encryptedData = dataContent.getPayload();
const Blob& initialVector = dataContent.getInitialVector();
EncryptParams params(ndn_EncryptAlgorithmType_AesCbc, 16);
params.setInitialVector(initialVector);
Blob decryptTest = AesAlgorithm::decrypt(contentKey, encryptedData, params);
ASSERT_TRUE(decryptTest.equals(Blob(DATA_CONTENT, sizeof(DATA_CONTENT))));
}