Line data Source code
1 : /* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 8; tab-width: 8 -*- */
2 : /* test-sexp.c: Test sexp stuff
3 :
4 : Copyright (C) 2007 Stefan Walter
5 :
6 : The Gnome Keyring Library is free software; you can redistribute it and/or
7 : modify it under the terms of the GNU Library General Public License as
8 : published by the Free Software Foundation; either version 2 of the
9 : License, or (at your option) any later version.
10 :
11 : The Gnome Keyring Library is distributed in the hope that it will be useful,
12 : but WITHOUT ANY WARRANTY; without even the implied warranty of
13 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 : Library General Public License for more details.
15 :
16 : You should have received a copy of the GNU Library General Public
17 : License along with the Gnome Library; see the file COPYING.LIB. If not,
18 : <http://www.gnu.org/licenses/>.
19 :
20 : Author: Stef Walter <stef@memberwebs.com>
21 : */
22 :
23 : #include "config.h"
24 :
25 : #include <stdlib.h>
26 : #include <stdio.h>
27 : #include <string.h>
28 :
29 : #include "mock-module.h"
30 :
31 : #include "gkm/gkm-crypto.h"
32 : #include "gkm/gkm-sexp.h"
33 : #include "gkm/gkm-private-xsa-key.h"
34 : #include "gkm/gkm-public-xsa-key.h"
35 :
36 : #include "egg/egg-secure-memory.h"
37 : #include "gkm/gkm-transaction.h"
38 :
39 : #include <gcrypt.h>
40 :
41 : #define TEST_RSA \
42 : "(private-key (rsa " \
43 : "(n #00B78758D55EBFFAB61D07D0DC49B5309A6F1DA2AE51C275DFC2370959BB81AC0C39093B1C618E396161A0DECEB8768D0FFB14F197B96C3DA14190EE0F20D51315#)" \
44 : "(e #010001#)" \
45 : "(d #108BCAC5FDD35812981E6EC5957D98E2AB76E4064C47B861D27C2CC322C50792313C852B4164A035B42D261F1A09F9FFE8F477F9F78FF2EABBDA6BA875C671D7#)" \
46 : "(p #00C357F11B19A18C66573D25D1E466D9AB8BCDDCDFE0B2E80BD46712C4BEC18EB7#)" \
47 : "(q #00F0843B90A60EF7034CA4BE80414ED9497CABCC685143B388013FF989CBB0E093#)" \
48 : "(u #12F2555F52EB56329A991CF0404B51C68AC921AD370A797860F550415FF987BD#)" \
49 : "))"
50 :
51 : #define TEST_DSA \
52 : "(private-key (dsa " \
53 : " (p #0090EC0B60735839C754EAF8F64BB03FC35398D69772BFAE540079DEA2D3A61FAFFB27630A038A01A3D0CD62A10745A574A27ECB462F4F0885B79C61BBE954A60A29668AD54BBA5C07A72FD8B1105249670B339DF2C59E64A47064EFCF0B7236C5C72CD55CEB32917430BEC9A003D4E484FBAA84D79571B38D6B5AC95BB73E3F7B#)" \
54 : " (q #00FA214A1385C21BFEBAADAB240A2430C607D56271#)" \
55 : " (g #2DE05751F5DAEE97F3D43C54595A3E94A080728F0C66C98AEBED5762F6AB155802D8359EAD1DE1EC36A459FBEEEA48E59B9E6A8CB4F5295936B3CC881A5D957C7339175E2CFFE0F30D3711E430DB6648C2EB474AA10A4A3297450531FF2C7C6951220C9D446B6B6B0F00262E1EBEB3CC861476AA518CC555C9ABF9E5F39023FC#)" \
56 : " (y #54734451DB79D4EEDF0BBCEBD43BB6CBB7B8584603B957080075DD318EB5B0266D4B20DC5EFF376BDFC4EA2983B1F7F02A39ED4C619ED68712729FFF3B7C696ADD1B6D748F56A4B4BEC5C4385E528423A3B88AE65E6D5500F97839E7A486255982189C3B4FA8D94338C76F0E5CAFC9A30A1ED728BB9F2091D594E3250A09EA00#)" \
57 : " (x #00876F84F709D51108DFB0CBFA1F1C569C09C413EC#)))"
58 :
59 : #define TEST_ECDSA \
60 : "(private-key (ecdsa " \
61 : " (curve \"NIST P-256\")" \
62 : " (q #04D4F6A6738D9B8D3A7075C1E4EE95015FC0C9B7E4272D2BEB6644D3609FC781B71F9A8072F58CB66AE2F89BB12451873ABF7D91F9E1FBF96BF2F70E73AAC9A283#)" \
63 : " (d #5A1EF0035118F19F3110FB81813D3547BCE1E5BCE77D1F744715E1D5BBE70378#)))"
64 :
65 : /* test data 20 bytes for DSA */
66 : #define TEST_DATA "Test data to sign..."
67 : #define TEST_DATA_SIZE 20
68 :
69 :
70 : typedef struct {
71 : gcry_sexp_t rsakey;
72 : gcry_sexp_t dsakey;
73 : gcry_sexp_t ecdsakey;
74 : GkmModule *module;
75 : GkmTransaction *transaction;
76 : } Test;
77 :
78 : static void
79 6 : setup (Test *test, gconstpointer unused)
80 : {
81 : gcry_error_t gcry;
82 :
83 6 : gkm_crypto_initialize ();
84 :
85 6 : gcry = gcry_sexp_new (&test->rsakey, TEST_RSA, strlen (TEST_RSA), 1);
86 6 : g_return_if_fail (gcry == 0);
87 6 : gcry = gcry_sexp_new (&test->dsakey, TEST_DSA, strlen (TEST_DSA), 1);
88 6 : g_return_if_fail (gcry == 0);
89 6 : gcry = gcry_sexp_new (&test->ecdsakey, TEST_ECDSA, strlen (TEST_ECDSA), 1);
90 6 : g_return_if_fail (gcry == 0);
91 :
92 : /* create a bogus module */
93 6 : test->module = mock_module_initialize_and_enter ();
94 :
95 6 : test->transaction = gkm_transaction_new ();
96 : }
97 :
98 : static void
99 6 : teardown (Test *test, gconstpointer unused)
100 : {
101 6 : g_object_unref (test->transaction);
102 6 : test->transaction = NULL;
103 :
104 6 : gcry_sexp_release (test->rsakey);
105 6 : test->rsakey = NULL;
106 6 : gcry_sexp_release (test->dsakey);
107 6 : test->dsakey = NULL;
108 6 : gcry_sexp_release (test->ecdsakey);
109 6 : test->ecdsakey = NULL;
110 :
111 6 : mock_module_leave_and_finalize ();
112 6 : }
113 :
114 : static void
115 1 : test_parse_key (Test *test, gconstpointer unused)
116 : {
117 1 : gcry_sexp_t sexp = NULL;
118 1 : gcry_mpi_t mpi = NULL;
119 : gboolean ret;
120 1 : gboolean is_priv = FALSE;
121 1 : int algorithm = 0;
122 :
123 : /* RSA */
124 : /* Get the private key out */
125 1 : ret = gkm_sexp_parse_key (test->rsakey, &algorithm, &is_priv, &sexp);
126 1 : g_assert (ret);
127 1 : g_assert (algorithm == GCRY_PK_RSA);
128 1 : g_assert (is_priv == TRUE);
129 1 : g_assert (sexp != NULL);
130 1 : gcry_sexp_release (sexp);
131 :
132 1 : ret = gkm_sexp_extract_mpi (test->rsakey, &mpi, "p", NULL);
133 1 : g_assert (ret);
134 1 : g_assert (mpi != NULL);
135 1 : gcry_mpi_release (mpi);
136 :
137 : /* DSA */
138 : /* Get the private key out */
139 1 : ret = gkm_sexp_parse_key (test->dsakey, &algorithm, &is_priv, &sexp);
140 1 : g_assert (ret);
141 1 : g_assert (algorithm == GCRY_PK_DSA);
142 1 : g_assert (is_priv == TRUE);
143 1 : g_assert (sexp != NULL);
144 1 : gcry_sexp_release (sexp);
145 :
146 1 : ret = gkm_sexp_extract_mpi (test->dsakey, &mpi, "p", NULL);
147 1 : g_assert (ret);
148 1 : g_assert (mpi != NULL);
149 1 : gcry_mpi_release (mpi);
150 :
151 : /* ECDSA */
152 : /* Get the private key out */
153 1 : ret = gkm_sexp_parse_key (test->ecdsakey, &algorithm, &is_priv, &sexp);
154 1 : g_assert (ret);
155 1 : g_assert (algorithm == GCRY_PK_ECC);
156 1 : g_assert (is_priv == TRUE);
157 1 : g_assert (sexp != NULL);
158 1 : gcry_sexp_release (sexp);
159 :
160 1 : ret = gkm_sexp_extract_mpi (test->ecdsakey, &mpi, "d", NULL);
161 1 : g_assert (ret);
162 1 : g_assert (mpi != NULL);
163 1 : gcry_mpi_release (mpi);
164 1 : }
165 :
166 : static void
167 1 : test_key_to_public (Test *test, gconstpointer unused)
168 : {
169 1 : gcry_sexp_t pubkey = NULL;
170 : guchar id1[20], id2[20];
171 : gboolean ret;
172 : guchar *p;
173 :
174 : /* RSA */
175 1 : ret = gkm_sexp_key_to_public (test->rsakey, &pubkey);
176 1 : g_assert (ret);
177 1 : g_assert (pubkey != NULL);
178 :
179 1 : p = gcry_pk_get_keygrip (test->rsakey, id1);
180 1 : g_return_if_fail (p == id1);
181 1 : p = gcry_pk_get_keygrip (pubkey, id2);
182 1 : g_return_if_fail (p == id2);
183 :
184 1 : g_assert (memcmp (id1, id2, sizeof (id1)) == 0);
185 :
186 1 : gcry_sexp_release (pubkey);
187 :
188 :
189 : /* DSA */
190 1 : ret = gkm_sexp_key_to_public (test->dsakey, &pubkey);
191 1 : g_assert (ret);
192 1 : g_assert (pubkey != NULL);
193 :
194 1 : p = gcry_pk_get_keygrip (test->dsakey, id1);
195 1 : g_return_if_fail (p == id1);
196 1 : p = gcry_pk_get_keygrip (pubkey, id2);
197 1 : g_return_if_fail (p == id2);
198 :
199 1 : g_assert (memcmp (id1, id2, sizeof (id1)) == 0);
200 :
201 1 : gcry_sexp_release (pubkey);
202 :
203 :
204 : /* ECDSA */
205 1 : ret = gkm_sexp_key_to_public (test->ecdsakey, &pubkey);
206 1 : g_assert (ret);
207 1 : g_assert (pubkey != NULL);
208 :
209 1 : p = gcry_pk_get_keygrip (test->ecdsakey, id1);
210 1 : g_return_if_fail (p == id1);
211 1 : p = gcry_pk_get_keygrip (pubkey, id2);
212 1 : g_return_if_fail (p == id2);
213 :
214 1 : g_assert (memcmp (id1, id2, sizeof (id1)) == 0);
215 :
216 1 : gcry_sexp_release (pubkey);
217 : }
218 :
219 : static void
220 1 : test_sign_verify (Test *test, gconstpointer unused)
221 : {
222 1 : gcry_sexp_t pubkey = NULL;
223 : gboolean ret;
224 1 : CK_BYTE data[] = TEST_DATA;
225 1 : CK_ULONG data_size = TEST_DATA_SIZE;
226 : CK_BYTE signature[128];
227 1 : CK_ULONG signature_size = 128;
228 :
229 : /* RSA */
230 : /* sign some data */
231 1 : ret = gkm_crypto_sign_xsa (test->rsakey, CKM_RSA_PKCS, data, data_size, signature, &signature_size);
232 1 : g_assert (ret == CKR_OK);
233 1 : g_assert (signature_size != 0);
234 : g_assert (signature != NULL);
235 :
236 : /* create a public key */
237 1 : ret = gkm_sexp_key_to_public (test->rsakey, &pubkey);
238 1 : g_assert (ret);
239 1 : g_assert (pubkey != NULL);
240 :
241 : /* verify the signature */
242 1 : ret = gkm_crypto_verify_xsa (pubkey, CKM_RSA_PKCS, data, data_size, signature, signature_size);
243 1 : g_assert (ret == CKR_OK);
244 :
245 : /* reset for the next test */
246 1 : gcry_sexp_release (pubkey);
247 1 : signature_size = 512;
248 :
249 : /* DSA */
250 : /* sign some data */
251 1 : ret = gkm_crypto_sign_xsa (test->dsakey, CKM_DSA, data, data_size, signature, &signature_size);
252 1 : g_assert (ret == CKR_OK);
253 1 : g_assert (signature_size != 0);
254 : g_assert (signature != NULL);
255 :
256 : /* create a public key */
257 1 : ret = gkm_sexp_key_to_public (test->dsakey, &pubkey);
258 1 : g_assert (ret);
259 1 : g_assert (pubkey != NULL);
260 :
261 : /* verify the signature */
262 1 : ret = gkm_crypto_verify_xsa (pubkey, CKM_DSA, data, data_size, signature, signature_size);
263 1 : g_assert (ret == CKR_OK);
264 :
265 : /* reset for the next test */
266 1 : gcry_sexp_release (pubkey);
267 1 : signature_size = 512;
268 :
269 : /* ECDSA */
270 : /* sign some data */
271 1 : ret = gkm_crypto_sign_xsa (test->ecdsakey, CKM_ECDSA, data, data_size, signature, &signature_size);
272 1 : g_assert (ret == CKR_OK);
273 1 : g_assert (signature_size != 0);
274 : g_assert (signature != NULL);
275 :
276 : /* create a public key */
277 1 : ret = gkm_sexp_key_to_public (test->ecdsakey, &pubkey);
278 1 : g_assert (ret);
279 1 : g_assert (pubkey != NULL);
280 :
281 : /* verify the signature */
282 1 : ret = gkm_crypto_verify_xsa (pubkey, CKM_ECDSA, data, data_size, signature, signature_size);
283 1 : g_assert (ret == CKR_OK);
284 :
285 1 : gcry_sexp_release (pubkey);
286 1 : }
287 :
288 : static void
289 6 : assert_get_attribute_ulong (GkmPrivateXsaKey *key, CK_ATTRIBUTE_TYPE type, CK_ULONG value,
290 : CK_ATTRIBUTE_PTR attrs, CK_ULONG_PTR n_attrs)
291 : {
292 : CK_ATTRIBUTE_PTR attr;
293 : CK_RV ret;
294 : GkmPrivateXsaKeyClass *key_class;
295 : GkmObject *base;
296 :
297 6 : base = GKM_OBJECT (key); /* cast */
298 6 : key_class = GKM_PRIVATE_XSA_KEY_GET_CLASS(key);
299 :
300 6 : attr = &attrs[(*n_attrs)++];
301 6 : attr->pValue = g_new (CK_ULONG, 1);
302 6 : attr->ulValueLen = sizeof (CK_ULONG);
303 :
304 6 : attr->type = type;
305 6 : ret = GKM_OBJECT_CLASS (key_class)->get_attribute (base, NULL, attr);
306 6 : g_assert (ret == CKR_OK);
307 6 : g_assert (attr->ulValueLen == sizeof (CK_ULONG));
308 6 : g_assert (*( (CK_ULONG *) attr->pValue) == value);
309 6 : }
310 :
311 : static void
312 9 : assert_get_attribute_bool (GkmPrivateXsaKey *key, CK_ATTRIBUTE_TYPE type, CK_BBOOL value,
313 : CK_ATTRIBUTE_PTR attrs, CK_ULONG_PTR n_attrs)
314 : {
315 : CK_ATTRIBUTE_PTR attr;
316 : CK_RV ret;
317 : GkmPrivateXsaKeyClass *key_class;
318 : GkmObject *base;
319 :
320 9 : base = GKM_OBJECT (key); /* cast */
321 9 : key_class = GKM_PRIVATE_XSA_KEY_GET_CLASS(key);
322 :
323 9 : attr = &attrs[(*n_attrs)++];
324 9 : attr->pValue = g_new (CK_BBOOL, 1);
325 9 : attr->ulValueLen = sizeof (CK_BBOOL);
326 :
327 9 : attr->type = type;
328 9 : ret = GKM_OBJECT_CLASS (key_class)->get_attribute (base, NULL, attr);
329 9 : g_assert (ret == CKR_OK);
330 9 : g_assert (attr->ulValueLen == sizeof (CK_BBOOL));
331 9 : g_assert (*( (CK_BBOOL *) attr->pValue) == value);
332 9 : }
333 :
334 : static void
335 7 : assert_get_attribute_buffer (GkmPrivateXsaKey *key, CK_ATTRIBUTE_TYPE type, const gchar *exp, gsize exp_len,
336 : CK_ATTRIBUTE_PTR attrs, CK_ULONG_PTR n_attrs)
337 : {
338 : CK_ATTRIBUTE_PTR attr;
339 : CK_RV ret;
340 : GkmPrivateXsaKeyClass *key_class;
341 : GkmObject *base;
342 :
343 7 : g_assert (exp_len < 512);
344 :
345 7 : base = GKM_OBJECT (key); /* cast */
346 7 : key_class = GKM_PRIVATE_XSA_KEY_GET_CLASS(key);
347 :
348 7 : attr = &attrs[(*n_attrs)++];
349 7 : attr->pValue = g_new (gchar, 512);
350 7 : attr->ulValueLen = 512;
351 :
352 7 : attr->type = type;
353 7 : ret = GKM_OBJECT_CLASS (key_class)->get_attribute (base, NULL, attr);
354 7 : g_assert (ret == CKR_OK);
355 7 : g_assert (attr->ulValueLen == exp_len);
356 7 : g_assert (memcmp (attr->pValue, exp, exp_len) == 0);
357 7 : }
358 :
359 : static void
360 3 : assert_get_attribute_error (GkmPrivateXsaKey *key, CK_ATTRIBUTE_TYPE type, CK_RV expect)
361 : {
362 : CK_ATTRIBUTE attr;
363 : CK_RV ret;
364 : GkmPrivateXsaKeyClass *key_class;
365 : GkmObject *base;
366 :
367 3 : base = GKM_OBJECT (key); /* cast */
368 3 : key_class = GKM_PRIVATE_XSA_KEY_GET_CLASS(key);
369 :
370 3 : attr.pValue = NULL;
371 3 : attr.ulValueLen = 0;
372 :
373 3 : attr.type = type;
374 3 : ret = GKM_OBJECT_CLASS (key_class)->get_attribute (base, NULL, &attr);
375 3 : g_assert (ret == expect);
376 3 : }
377 :
378 : static void
379 2 : assert_sexp_compare_mpi (gcry_sexp_t s1, gcry_sexp_t s2, const gchar *field)
380 : {
381 : gcry_mpi_t m1, m2;
382 :
383 2 : g_assert (gkm_sexp_extract_mpi (s1, &m1, field, NULL));
384 2 : g_assert (gkm_sexp_extract_mpi (s2, &m2, field, NULL));
385 :
386 2 : g_assert (gcry_mpi_cmp (m1, m2) == 0);
387 2 : gcry_mpi_release (m1);
388 2 : gcry_mpi_release (m2);
389 2 : }
390 :
391 : static void
392 2 : assert_sexp_compare_bytes (gcry_sexp_t s1, gcry_sexp_t s2, const gchar *field)
393 : {
394 : gchar *b1, *b2;
395 : gsize bs1, bs2;
396 :
397 2 : g_assert (gkm_sexp_extract_buffer (s1, &b1, &bs1, field, NULL));
398 2 : g_assert (gkm_sexp_extract_buffer (s2, &b2, &bs2, field, NULL));
399 :
400 2 : g_assert (bs1 == bs2);
401 2 : g_assert (memcmp (b1, b2, bs1) == 0);
402 2 : g_free (b1);
403 2 : g_free (b2);
404 2 : }
405 :
406 : /* Test sexp -> PKCS#11 attributes */
407 : static void
408 1 : test_rsa_attributes (Test *test, gconstpointer unused)
409 : {
410 : GkmPrivateXsaKey *key;
411 : CK_ATTRIBUTE attrs[10];
412 1 : CK_ULONG n_attrs = 0;
413 : GkmSexp *sexp;
414 :
415 1 : key = g_object_new (GKM_TYPE_PRIVATE_XSA_KEY,
416 : "base-sexp", gkm_sexp_new (test->rsakey),
417 : "module", test->module, /*"manager", NULL,*/ NULL);
418 1 : g_assert (key != NULL);
419 :
420 1 : assert_get_attribute_ulong (key, CKA_KEY_TYPE, CKK_RSA, attrs, &n_attrs);
421 1 : assert_get_attribute_ulong (key, CKA_CLASS, CKO_PRIVATE_KEY, attrs, &n_attrs);
422 1 : assert_get_attribute_bool (key, CKA_PRIVATE, TRUE, attrs, &n_attrs);
423 1 : assert_get_attribute_bool (key, CKA_SIGN, TRUE, attrs, &n_attrs);
424 1 : assert_get_attribute_bool (key, CKA_SIGN_RECOVER, FALSE, attrs, &n_attrs);
425 1 : assert_get_attribute_buffer (key, CKA_MODULUS,
426 : "\xb7\x87\x58\xd5\x5e\xbf\xfa\xb6\x1d\x07\xd0\xdc\x49\xb5\x30\x9a"
427 : "\x6f\x1d\xa2\xae\x51\xc2\x75\xdf\xc2\x37\x09\x59\xbb\x81\xac\x0c"
428 : "\x39\x09\x3b\x1c\x61\x8e\x39\x61\x61\xa0\xde\xce\xb8\x76\x8d\x0f"
429 : "\xfb\x14\xf1\x97\xb9\x6c\x3d\xa1\x41\x90\xee\x0f\x20\xd5\x13\x15",
430 : 64, attrs, &n_attrs);
431 1 : assert_get_attribute_buffer (key, CKA_PUBLIC_EXPONENT,
432 : "\x01\x00\x01", 3, attrs, &n_attrs);
433 1 : assert_get_attribute_error (key, CKA_PRIVATE_EXPONENT, CKR_ATTRIBUTE_SENSITIVE);
434 :
435 : /* TODO to test parser and reader, there might be more tests */
436 :
437 : /* we have an object so lets recreate the sexp public key */
438 1 : sexp = gkm_public_xsa_key_create_sexp (NULL, test->transaction, attrs, n_attrs);
439 1 : g_assert (sexp != NULL);
440 :
441 8 : while (n_attrs > 0)
442 7 : g_free (attrs[--n_attrs].pValue);
443 :
444 1 : assert_sexp_compare_mpi (test->rsakey, gkm_sexp_get (sexp), "n");
445 1 : assert_sexp_compare_mpi (test->rsakey, gkm_sexp_get (sexp), "e");
446 :
447 : /* gcry_sexp_dump (gkm_sexp_get (sexp)); */
448 :
449 1 : gkm_sexp_unref (sexp);
450 1 : g_clear_object (&key);
451 1 : }
452 :
453 : static void
454 1 : test_dsa_attributes (Test *test, gconstpointer unused)
455 : {
456 : GkmPrivateXsaKey *key;
457 : CK_ATTRIBUTE attrs[10];
458 1 : CK_ULONG n_attrs = 0;
459 :
460 1 : key = g_object_new (GKM_TYPE_PRIVATE_XSA_KEY,
461 : "base-sexp", gkm_sexp_new (test->dsakey),
462 : "module", test->module, /*"manager", NULL,*/ NULL);
463 1 : g_assert (key != NULL);
464 :
465 1 : assert_get_attribute_ulong (key, CKA_CLASS, CKO_PRIVATE_KEY, attrs, &n_attrs);
466 1 : assert_get_attribute_bool (key, CKA_PRIVATE, TRUE, attrs, &n_attrs);
467 1 : assert_get_attribute_bool (key, CKA_SIGN, TRUE, attrs, &n_attrs);
468 1 : assert_get_attribute_bool (key, CKA_SIGN_RECOVER, FALSE, attrs, &n_attrs);
469 1 : assert_get_attribute_ulong (key, CKA_KEY_TYPE, CKK_DSA, attrs, &n_attrs);
470 1 : assert_get_attribute_error (key, CKA_VALUE, CKR_ATTRIBUTE_SENSITIVE);
471 1 : assert_get_attribute_buffer (key, CKA_PRIME,
472 : "\x90\xec\x0b\x60\x73\x58\x39\xc7\x54\xea\xf8\xf6\x4b\xb0\x3f\xc3"
473 : "\x53\x98\xd6\x97\x72\xbf\xae\x54\x00\x79\xde\xa2\xd3\xa6\x1f\xaf"
474 : "\xfb\x27\x63\x0a\x03\x8a\x01\xa3\xd0\xcd\x62\xa1\x07\x45\xa5\x74"
475 : "\xa2\x7e\xcb\x46\x2f\x4f\x08\x85\xb7\x9c\x61\xbb\xe9\x54\xa6\x0a"
476 : "\x29\x66\x8a\xd5\x4b\xba\x5c\x07\xa7\x2f\xd8\xb1\x10\x52\x49\x67"
477 : "\x0b\x33\x9d\xf2\xc5\x9e\x64\xa4\x70\x64\xef\xcf\x0b\x72\x36\xc5"
478 : "\xc7\x2c\xd5\x5c\xeb\x32\x91\x74\x30\xbe\xc9\xa0\x03\xd4\xe4\x84"
479 : "\xfb\xaa\x84\xd7\x95\x71\xb3\x8d\x6b\x5a\xc9\x5b\xb7\x3e\x3f\x7b",
480 : 128, attrs, &n_attrs);
481 1 : assert_get_attribute_buffer (key, CKA_SUBPRIME,
482 : "\xfa\x21\x4a\x13\x85\xc2\x1b\xfe\xba\xad\xab\x24"
483 : "\x0a\x24\x30\xc6\x07\xd5\x62\x71",
484 : 20, attrs, &n_attrs);
485 1 : assert_get_attribute_buffer (key, CKA_BASE,
486 : "\x2d\xe0\x57\x51\xf5\xda\xee\x97\xf3\xd4\x3c\x54\x59\x5a\x3e\x94"
487 : "\xa0\x80\x72\x8f\x0c\x66\xc9\x8a\xeb\xed\x57\x62\xf6\xab\x15\x58"
488 : "\x02\xd8\x35\x9e\xad\x1d\xe1\xec\x36\xa4\x59\xfb\xee\xea\x48\xe5"
489 : "\x9b\x9e\x6a\x8c\xb4\xf5\x29\x59\x36\xb3\xcc\x88\x1a\x5d\x95\x7c"
490 : "\x73\x39\x17\x5e\x2c\xff\xe0\xf3\x0d\x37\x11\xe4\x30\xdb\x66\x48"
491 : "\xc2\xeb\x47\x4a\xa1\x0a\x4a\x32\x97\x45\x05\x31\xff\x2c\x7c\x69"
492 : "\x51\x22\x0c\x9d\x44\x6b\x6b\x6b\x0f\x00\x26\x2e\x1e\xbe\xb3\xcc"
493 : "\x86\x14\x76\xaa\x51\x8c\xc5\x55\xc9\xab\xf9\xe5\xf3\x90\x23\xfc",
494 : 128, attrs, &n_attrs);
495 :
496 : /* TODO to test parser and reader, there might be more tests */
497 :
498 9 : while (n_attrs > 0)
499 8 : g_free (attrs[--n_attrs].pValue);
500 :
501 : /* can't recreate the public key, because CKA_VALUE is sensitive in private key*/
502 1 : g_clear_object (&key);
503 1 : }
504 :
505 : static void
506 1 : test_ecdsa_attributes (Test *test, gconstpointer unused)
507 : {
508 : GkmPrivateXsaKey *key;
509 : CK_ATTRIBUTE attrs[10];
510 1 : CK_ULONG n_attrs = 0;
511 : GkmSexp *sexp;
512 :
513 1 : key = g_object_new (GKM_TYPE_PRIVATE_XSA_KEY,
514 : "base-sexp", gkm_sexp_new (test->ecdsakey),
515 : "module", test->module, /*"manager", NULL,*/ NULL);
516 1 : g_assert (key != NULL);
517 :
518 1 : assert_get_attribute_ulong (key, CKA_CLASS, CKO_PRIVATE_KEY, attrs, &n_attrs);
519 1 : assert_get_attribute_bool (key, CKA_PRIVATE, TRUE, attrs, &n_attrs);
520 1 : assert_get_attribute_bool (key, CKA_SIGN, TRUE, attrs, &n_attrs);
521 1 : assert_get_attribute_bool (key, CKA_SIGN_RECOVER, FALSE, attrs, &n_attrs);
522 1 : assert_get_attribute_ulong (key, CKA_KEY_TYPE, CKK_ECDSA, attrs, &n_attrs);
523 1 : assert_get_attribute_error (key, CKA_VALUE, CKR_ATTRIBUTE_SENSITIVE);
524 1 : assert_get_attribute_buffer (key, CKA_EC_PARAMS,
525 : "\x06" /* tag (OID) */
526 : "\x08" /* length (8 bytes) */
527 : "\x2a\x86\x48\xce\x3d\x03\x01\x07", /* DER encoded OID */
528 : 10, attrs, &n_attrs);
529 1 : assert_get_attribute_buffer (key, CKA_EC_POINT,
530 : "\x04" /* tag (OCTET STRING) */
531 : "\x41" /* length (65 bytes) */
532 : "\x04\xd4\xf6\xa6\x73\x8d\x9b\x8d\x3a\x70\x75\xc1\xe4\xee\x95\x01\x5f\xc0\xc9\xb7\xe4\x27\x2d\x2b\xeb\x66\x44\xd3\x60\x9f\xc7\x81\xb7\x1f\x9a\x80\x72\xf5\x8c\xb6\x6a\xe2\xf8\x9b\xb1\x24\x51\x87\x3a\xbf\x7d\x91\xf9\xe1\xfb\xf9\x6b\xf2\xf7\x0e\x73\xaa\xc9\xa2\x83",
533 : 67, attrs, &n_attrs);
534 :
535 : /* we have an object so lets recreate the sexp public key */
536 1 : sexp = gkm_public_xsa_key_create_sexp (NULL, test->transaction, attrs, n_attrs);
537 1 : g_assert (sexp != NULL);
538 :
539 1 : assert_sexp_compare_bytes (test->ecdsakey, gkm_sexp_get (sexp), "curve");
540 1 : assert_sexp_compare_bytes (test->ecdsakey, gkm_sexp_get (sexp), "q");
541 :
542 : /* gcry_sexp_dump (gkm_sexp_get (sexp)); */
543 :
544 8 : while (n_attrs > 0)
545 7 : g_free (attrs[--n_attrs].pValue);
546 :
547 1 : gkm_sexp_unref (sexp);
548 1 : g_clear_object (&key);
549 1 : }
550 :
551 : int
552 1 : main (int argc, char **argv)
553 : {
554 : #if !GLIB_CHECK_VERSION(2,35,0)
555 : g_type_init ();
556 : #endif
557 1 : g_test_init (&argc, &argv, NULL);
558 :
559 1 : g_test_add ("/gkm/sexp/parse_key", Test, NULL, setup, test_parse_key, teardown);
560 1 : g_test_add ("/gkm/sexp/key_to_public", Test, NULL, setup, test_key_to_public, teardown);
561 1 : g_test_add ("/gkm/sexp/sign_verify", Test, NULL, setup, test_sign_verify, teardown);
562 1 : g_test_add ("/gkm/sexp/rsa_attributes", Test, NULL, setup, test_rsa_attributes, teardown);
563 1 : g_test_add ("/gkm/sexp/dsa_attributes", Test, NULL, setup, test_dsa_attributes, teardown);
564 1 : g_test_add ("/gkm/sexp/ecdsa_attributes", Test, NULL, setup, test_ecdsa_attributes, teardown);
565 :
566 1 : return g_test_run ();
567 : }
|