173 lines
6.0 KiB
Java
173 lines
6.0 KiB
Java
package meerkat.crypto.concrete;
|
|
|
|
import com.google.protobuf.ByteString;
|
|
import meerkat.protobuf.Crypto;
|
|
import meerkat.protobuf.Bulletinboardserver.*;
|
|
import org.junit.Test;
|
|
|
|
import java.io.ByteArrayInputStream;
|
|
import java.io.ByteArrayOutputStream;
|
|
import java.io.InputStream;
|
|
import java.security.KeyStore;
|
|
import java.util.Arrays;
|
|
|
|
import static org.junit.Assert.assertFalse;
|
|
import static org.junit.Assert.assertTrue;
|
|
|
|
/**
|
|
* Created by talm on 12/11/15.
|
|
*/
|
|
public class TestECDSASignature {
|
|
public static String KEYFILE_EXAMPLE = "/certs/enduser-certs/user1-key-with-password-secret.p12";
|
|
public static String KEYFILE_PASSWORD = "secret";
|
|
|
|
public static String CERT1_PEM_EXAMPLE = "/certs/enduser-certs/user1.crt";
|
|
public static String CERT2_DER_EXAMPLE = "/certs/enduser-certs/user2.der";
|
|
|
|
public static String MSG_PLAINTEXT_EXAMPLE = "/certs/signed-messages/helloworld.txt";
|
|
public static String MSG_SIG_EXAMPLE = "/certs/signed-messages/helloworld.txt.sha256sig";
|
|
|
|
public static String HELLO_WORLD = "hello world!";
|
|
|
|
|
|
@Test
|
|
public void loadSignatureKey() throws Exception {
|
|
InputStream keyStream = getClass().getResourceAsStream(KEYFILE_EXAMPLE);
|
|
char[] password = KEYFILE_PASSWORD.toCharArray();
|
|
|
|
ECDSASignature sig = new ECDSASignature();
|
|
|
|
KeyStore.Builder keyStore = sig.getPKCS12KeyStoreBuilder(keyStream, password);
|
|
sig.loadSigningCertificate(keyStore);
|
|
keyStream.close();
|
|
}
|
|
|
|
@Test
|
|
public void loadPEMVerificationKey() throws Exception {
|
|
InputStream certStream = getClass().getResourceAsStream(CERT1_PEM_EXAMPLE);
|
|
|
|
ECDSASignature sig = new ECDSASignature();
|
|
|
|
sig.loadVerificationCertificates(certStream);
|
|
certStream.close();
|
|
}
|
|
|
|
@Test
|
|
public void loadDERVerificationKey() throws Exception {
|
|
InputStream certStream = getClass().getResourceAsStream(CERT2_DER_EXAMPLE);
|
|
|
|
ECDSASignature sig = new ECDSASignature();
|
|
|
|
sig.loadVerificationCertificates(certStream);
|
|
certStream.close();
|
|
}
|
|
|
|
|
|
@Test
|
|
public void verifyValidSig() throws Exception {
|
|
InputStream certStream = getClass().getResourceAsStream(CERT1_PEM_EXAMPLE);
|
|
InputStream msgStream = getClass().getResourceAsStream(MSG_PLAINTEXT_EXAMPLE);
|
|
InputStream sigStream = getClass().getResourceAsStream(MSG_SIG_EXAMPLE);
|
|
|
|
ECDSASignature signer = new ECDSASignature();
|
|
|
|
signer.loadVerificationCertificates(certStream);
|
|
certStream.close();
|
|
|
|
Crypto.Signature.Builder sig = Crypto.Signature.newBuilder();
|
|
sig.setType(Crypto.SignatureType.ECDSA);
|
|
sig.setSignerId(signer.loadedCertificates.entrySet().iterator().next().getKey());
|
|
sig.setData(ByteString.readFrom(sigStream));
|
|
|
|
Crypto.Signature builtSig = sig.build();
|
|
signer.initVerify(builtSig);
|
|
signer.updateSigner(msgStream);
|
|
assertTrue("Signature did not verify!", signer.verify());
|
|
}
|
|
|
|
@Test
|
|
public void verifyInvalidSig() throws Exception {
|
|
InputStream certStream = getClass().getResourceAsStream(CERT1_PEM_EXAMPLE);
|
|
InputStream msgStream = getClass().getResourceAsStream(MSG_PLAINTEXT_EXAMPLE);
|
|
InputStream sigStream = getClass().getResourceAsStream(MSG_SIG_EXAMPLE);
|
|
|
|
ECDSASignature signer = new ECDSASignature();
|
|
|
|
signer.loadVerificationCertificates(certStream);
|
|
certStream.close();
|
|
|
|
Crypto.Signature.Builder sig = Crypto.Signature.newBuilder();
|
|
sig.setType(Crypto.SignatureType.ECDSA);
|
|
sig.setSignerId(signer.loadedCertificates.entrySet().iterator().next().getKey());
|
|
byte[] sigData = ByteString.readFrom(sigStream).toByteArray();
|
|
++sigData[0];
|
|
|
|
sig.setData(ByteString.copyFrom(sigData));
|
|
|
|
|
|
Crypto.Signature builtSig = sig.build();
|
|
signer.initVerify(builtSig);
|
|
signer.updateSigner(msgStream);
|
|
assertFalse("Bad Signature passed verification!", signer.verify());
|
|
}
|
|
|
|
|
|
@Test
|
|
public void verifyInvalidMsg() throws Exception {
|
|
InputStream certStream = getClass().getResourceAsStream(CERT1_PEM_EXAMPLE);
|
|
InputStream msgStream = getClass().getResourceAsStream(MSG_PLAINTEXT_EXAMPLE);
|
|
InputStream sigStream = getClass().getResourceAsStream(MSG_SIG_EXAMPLE);
|
|
|
|
ECDSASignature signer = new ECDSASignature();
|
|
|
|
signer.loadVerificationCertificates(certStream);
|
|
certStream.close();
|
|
|
|
Crypto.Signature.Builder sig = Crypto.Signature.newBuilder();
|
|
sig.setType(Crypto.SignatureType.ECDSA);
|
|
sig.setSignerId(signer.loadedCertificates.entrySet().iterator().next().getKey());
|
|
sig.setData(ByteString.readFrom(sigStream));
|
|
byte[] msgData = ByteString.readFrom(msgStream).toByteArray();
|
|
++msgData[0];
|
|
|
|
Crypto.Signature builtSig = sig.build();
|
|
signer.initVerify(builtSig);
|
|
signer.updateSigner(msgStream);
|
|
assertFalse("Signature doesn't match message but passed verification!", signer.verify());
|
|
}
|
|
|
|
|
|
|
|
@Test
|
|
public void signAndVerify() throws Exception {
|
|
InputStream keyStream = getClass().getResourceAsStream(KEYFILE_EXAMPLE);
|
|
char[] password = KEYFILE_PASSWORD.toCharArray();
|
|
|
|
ECDSASignature signer = new ECDSASignature();
|
|
|
|
KeyStore.Builder keyStore = signer.getPKCS12KeyStoreBuilder(keyStream, password);
|
|
signer.loadSigningCertificate(keyStore);
|
|
|
|
|
|
UnsignedBulletinBoardMessage.Builder unsignedMsgBuilder = UnsignedBulletinBoardMessage.newBuilder();
|
|
unsignedMsgBuilder.setData(ByteString.copyFromUtf8(HELLO_WORLD));
|
|
unsignedMsgBuilder.addTags("Tag1");
|
|
unsignedMsgBuilder.addTags("Tag2");
|
|
unsignedMsgBuilder.addTags("Tag3");
|
|
|
|
UnsignedBulletinBoardMessage usMsg = unsignedMsgBuilder.build();
|
|
|
|
signer.updateContent(usMsg);
|
|
Crypto.Signature sig = signer.sign();
|
|
|
|
signer.loadVerificationCertificates(getClass().getResourceAsStream(CERT1_PEM_EXAMPLE));
|
|
|
|
signer.initVerify(sig);
|
|
signer.updateContent(usMsg);
|
|
assertTrue("Couldn't verify signature on ", signer.verify());
|
|
}
|
|
|
|
|
|
|
|
}
|