Google Git
Sign in
android / platform / external / epid-sdk / HEAD / . / epid / member / unittests / sign-test.cc
blob: 54f2fafb312cb0b0bdb3e7b1ce3a0f118a73e418 [file] [log] [blame]
/*############################################################################
# Copyright 2016-2017 Intel Corporation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
############################################################################*/
/*!
* \file
* \brief Sign unit tests.
*/
#include <vector>
#include "epid/common-testhelper/epid_gtest-testhelper.h"
#include "gtest/gtest.h"
extern "C" {
#include "epid/member/api.h"
#include "epid/member/src/context.h"
#include "epid/verifier/api.h"
}
#include "epid/common-testhelper/errors-testhelper.h"
#include "epid/common-testhelper/prng-testhelper.h"
#include "epid/common-testhelper/verifier_wrapper-testhelper.h"
#include "epid/member/unittests/member-testhelper.h"
namespace {
/// Count of elements in array
#define COUNT_OF(A) (sizeof(A) / sizeof((A)[0]))
/////////////////////////////////////////////////////////////////////////
// Simple error cases
TEST_F(EpidMemberTest, SignFailsGivenNullParameters) {
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
auto& msg = this->kMsg0;
auto& bsn = this->kBsn0;
SigRl srl = {{{0}}, {{0}}, {{0}}, {{{{0}, {0}}, {{0}, {0}}}}};
srl.gid = this->kGroupPublicKey.gid;
std::vector<uint8_t> sig(EpidGetSigSize(&srl));
THROW_ON_EPIDERR(
EpidMemberSetSigRl(member, &srl, sizeof(srl) - sizeof(srl.bk)));
EXPECT_EQ(kEpidBadArgErr,
EpidSign(nullptr, msg.data(), msg.size(), bsn.data(), bsn.size(),
(EpidSignature*)sig.data(), sig.size()));
EXPECT_EQ(kEpidBadArgErr, EpidSign(member, msg.data(), msg.size(), bsn.data(),
bsn.size(), nullptr, sig.size()));
EXPECT_EQ(kEpidBadArgErr,
EpidSign(member, nullptr, msg.size(), bsn.data(), bsn.size(),
(EpidSignature*)sig.data(), sig.size()));
EXPECT_EQ(kEpidBadArgErr,
EpidSign(member, msg.data(), msg.size(), nullptr, bsn.size(),
(EpidSignature*)sig.data(), sig.size()));
}
TEST_F(EpidMemberTest, SignFailsGivenWrongSigLen) {
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
auto& msg = this->kMsg0;
auto& bsn = this->kBsn0;
SigRl srl = {{{0}}, {{0}}, {{0}}, {{{{0}, {0}}, {{0}, {0}}}}};
srl.gid = this->kGroupPublicKey.gid;
THROW_ON_EPIDERR(
EpidMemberSetSigRl(member, &srl, sizeof(srl) - sizeof(srl.bk)));
// signature buffer one byte less than needed
std::vector<uint8_t> sig_small(EpidGetSigSize(&srl) - 1);
EXPECT_EQ(kEpidBadArgErr,
EpidSign(member, msg.data(), msg.size(), bsn.data(), bsn.size(),
(EpidSignature*)sig_small.data(), sig_small.size()));
// signature buffer is one byte - a less than allowed for EpidSignature
std::vector<uint8_t> sig_one(1);
EXPECT_EQ(kEpidBadArgErr,
EpidSign(member, msg.data(), msg.size(), bsn.data(), bsn.size(),
(EpidSignature*)sig_one.data(), sig_one.size()));
}
TEST_F(EpidMemberTest, SignFailsGivenUnregisteredBasename) {
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
auto& msg = this->kMsg0;
auto& bsn = this->kBsn0;
auto& bsn1 = this->kBsn1;
SigRl srl = {{{0}}, {{0}}, {{0}}, {{{{0}, {0}}, {{0}, {0}}}}};
srl.gid = this->kGroupPublicKey.gid;
std::vector<uint8_t> sig(EpidGetSigSize(&srl));
THROW_ON_EPIDERR(
EpidMemberSetSigRl(member, &srl, sizeof(srl) - sizeof(srl.bk)));
THROW_ON_EPIDERR(EpidRegisterBasename(member, bsn.data(), bsn.size()));
EXPECT_EQ(kEpidBadArgErr,
EpidSign(member, msg.data(), msg.size(), bsn1.data(), bsn1.size(),
(EpidSignature*)sig.data(), sig.size()));
}
TEST_F(EpidMemberTest, SignsFailsIfNotProvisioned) {
Prng my_prng;
MemberCtxObj member(&Prng::Generate, &my_prng);
auto& msg = this->kMsg0;
std::vector<uint8_t> sig_data(EpidGetSigSize(nullptr));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
EXPECT_EQ(kEpidOutOfSequenceError,
EpidSign(member, msg.data(), msg.size(), nullptr, 0, sig, sig_len));
}
/////////////////////////////////////////////////////////////////////////
// Anonymity
TEST_F(EpidMemberTest, SignaturesOfSameMessageAreDifferent) {
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
auto& msg = this->kMsg0;
std::vector<uint8_t> sig1(EpidGetSigSize(nullptr));
std::vector<uint8_t> sig2(EpidGetSigSize(nullptr));
// without signature based revocation list
EXPECT_EQ(kEpidNoErr, EpidSign(member, msg.data(), msg.size(), nullptr, 0,
(EpidSignature*)sig1.data(), sig1.size()));
EXPECT_EQ(kEpidNoErr, EpidSign(member, msg.data(), msg.size(), nullptr, 0,
(EpidSignature*)sig2.data(), sig2.size()));
EXPECT_TRUE(sig1.size() == sig2.size() &&
0 != memcmp(sig1.data(), sig2.data(), sig1.size()));
// with signature based revocation list
uint8_t sig_rl_data_n2_one[] = {
// gid
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x01,
// version
0x00, 0x00, 0x00, 0x00,
// n2
0x0, 0x00, 0x00, 0x01,
// one bk
0x9c, 0xa5, 0xe5, 0xae, 0x5f, 0xae, 0x51, 0x59, 0x33, 0x35, 0x27, 0xd,
0x8, 0xb1, 0xbe, 0x5d, 0x69, 0x50, 0x84, 0xc5, 0xfe, 0xe2, 0x87, 0xea,
0x2e, 0xef, 0xfa, 0xee, 0x67, 0xf2, 0xd8, 0x28, 0x56, 0x43, 0xc6, 0x94,
0x67, 0xa6, 0x72, 0xf6, 0x41, 0x15, 0x4, 0x58, 0x42, 0x16, 0x88, 0x57,
0x9d, 0xc7, 0x71, 0xd1, 0xc, 0x84, 0x13, 0xa, 0x90, 0x23, 0x18, 0x8, 0xad,
0x7d, 0xfe, 0xf5, 0xc8, 0xae, 0xfc, 0x51, 0x40, 0xa7, 0xd1, 0x28, 0xc2,
0x89, 0xb2, 0x6b, 0x4e, 0xb4, 0xc1, 0x55, 0x87, 0x98, 0xbd, 0x72, 0xf9,
0xcf, 0xd, 0x40, 0x15, 0xee, 0x32, 0xc, 0xf3, 0x56, 0xc5, 0xc, 0x61, 0x9d,
0x4f, 0x7a, 0xb5, 0x2b, 0x16, 0xa9, 0xa3, 0x97, 0x38, 0xe2, 0xdd, 0x3a,
0x33, 0xad, 0xf6, 0x7b, 0x68, 0x8b, 0x68, 0xcf, 0xa3, 0xd3, 0x98, 0x37,
0xce, 0xec, 0xd1, 0xa8, 0xc, 0x8b};
SigRl* srl1 = reinterpret_cast<SigRl*>(sig_rl_data_n2_one);
size_t srl1_size = sizeof(sig_rl_data_n2_one);
std::vector<uint8_t> sig3(EpidGetSigSize(srl1));
std::vector<uint8_t> sig4(EpidGetSigSize(srl1));
THROW_ON_EPIDERR(EpidMemberSetSigRl(member, srl1, srl1_size));
EXPECT_EQ(kEpidNoErr, EpidSign(member, msg.data(), msg.size(), nullptr, 0,
(EpidSignature*)sig3.data(), sig3.size()));
EXPECT_EQ(kEpidNoErr, EpidSign(member, msg.data(), msg.size(), nullptr, 0,
(EpidSignature*)sig4.data(), sig4.size()));
EXPECT_TRUE(sig3.size() == sig4.size() &&
0 != memcmp(sig3.data(), sig4.data(), sig3.size()));
}
TEST_F(EpidMemberTest, SignaturesOfSameMessageWithSameBasenameAreDifferent) {
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
auto& msg = this->kMsg0;
auto& bsn = this->kBsn0;
std::vector<uint8_t> sig1(EpidGetSigSize(nullptr));
std::vector<uint8_t> sig2(EpidGetSigSize(nullptr));
// without signature based revocation list
THROW_ON_EPIDERR(EpidRegisterBasename(member, bsn.data(), bsn.size()));
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), msg.size(), bsn.data(), bsn.size(),
(EpidSignature*)sig1.data(), sig1.size()));
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), msg.size(), bsn.data(), bsn.size(),
(EpidSignature*)sig2.data(), sig2.size()));
EXPECT_TRUE(sig1.size() == sig2.size() &&
0 != memcmp(sig1.data(), sig2.data(), sig1.size()));
// with signature based revocation list
uint8_t sig_rl_data_n2_one[] = {
// gid
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x01,
// version
0x00, 0x00, 0x00, 0x00,
// n2
0x0, 0x00, 0x00, 0x01,
// one bk
0x9c, 0xa5, 0xe5, 0xae, 0x5f, 0xae, 0x51, 0x59, 0x33, 0x35, 0x27, 0xd,
0x8, 0xb1, 0xbe, 0x5d, 0x69, 0x50, 0x84, 0xc5, 0xfe, 0xe2, 0x87, 0xea,
0x2e, 0xef, 0xfa, 0xee, 0x67, 0xf2, 0xd8, 0x28, 0x56, 0x43, 0xc6, 0x94,
0x67, 0xa6, 0x72, 0xf6, 0x41, 0x15, 0x4, 0x58, 0x42, 0x16, 0x88, 0x57,
0x9d, 0xc7, 0x71, 0xd1, 0xc, 0x84, 0x13, 0xa, 0x90, 0x23, 0x18, 0x8, 0xad,
0x7d, 0xfe, 0xf5, 0xc8, 0xae, 0xfc, 0x51, 0x40, 0xa7, 0xd1, 0x28, 0xc2,
0x89, 0xb2, 0x6b, 0x4e, 0xb4, 0xc1, 0x55, 0x87, 0x98, 0xbd, 0x72, 0xf9,
0xcf, 0xd, 0x40, 0x15, 0xee, 0x32, 0xc, 0xf3, 0x56, 0xc5, 0xc, 0x61, 0x9d,
0x4f, 0x7a, 0xb5, 0x2b, 0x16, 0xa9, 0xa3, 0x97, 0x38, 0xe2, 0xdd, 0x3a,
0x33, 0xad, 0xf6, 0x7b, 0x68, 0x8b, 0x68, 0xcf, 0xa3, 0xd3, 0x98, 0x37,
0xce, 0xec, 0xd1, 0xa8, 0xc, 0x8b};
SigRl* srl1 = reinterpret_cast<SigRl*>(sig_rl_data_n2_one);
size_t srl1_size = sizeof(sig_rl_data_n2_one);
std::vector<uint8_t> sig3(EpidGetSigSize(srl1));
std::vector<uint8_t> sig4(EpidGetSigSize(srl1));
THROW_ON_EPIDERR(EpidMemberSetSigRl(member, srl1, srl1_size));
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), msg.size(), bsn.data(), bsn.size(),
(EpidSignature*)sig3.data(), sig3.size()));
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), msg.size(), bsn.data(), bsn.size(),
(EpidSignature*)sig4.data(), sig4.size()));
EXPECT_TRUE(sig3.size() == sig4.size() &&
0 != memcmp(sig3.data(), sig4.data(), sig3.size()));
}
/////////////////////////////////////////////////////////////////////////
// Variable basename
TEST_F(EpidMemberTest, SignsMessageUsingRandomBaseNoSigRl) {
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
auto& msg = this->kMsg0;
std::vector<uint8_t> sig_data(EpidGetSigSize(nullptr));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), msg.size(), nullptr, 0, sig, sig_len));
VerifierCtxObj ctx(this->kGroupPublicKey);
EXPECT_EQ(kEpidSigValid,
EpidVerify(ctx, sig, sig_len, msg.data(), msg.size()));
}
TEST_F(EpidMemberTest, SignsMessageUsingRandomBaseWithSigRl) {
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
auto& msg = this->kMsg0;
SigRl const* srl =
reinterpret_cast<SigRl const*>(this->kSigRl5EntryData.data());
size_t srl_size = this->kSigRl5EntryData.size() * sizeof(uint8_t);
std::vector<uint8_t> sig_data(EpidGetSigSize(srl));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
THROW_ON_EPIDERR(EpidMemberSetSigRl(member, srl, srl_size));
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), msg.size(), nullptr, 0, sig, sig_len));
VerifierCtxObj ctx(this->kGroupPublicKey);
THROW_ON_EPIDERR(EpidVerifierSetSigRl(ctx, srl, srl_size));
EXPECT_EQ(kEpidSigValid,
EpidVerify(ctx, sig, sig_len, msg.data(), msg.size()));
}
TEST_F(EpidMemberTest, SignsMessageUsingBasenameNoSigRl) {
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
auto& msg = this->kMsg0;
auto& bsn = this->kBsn0;
THROW_ON_EPIDERR(EpidRegisterBasename(member, bsn.data(), bsn.size()));
std::vector<uint8_t> sig_data(EpidGetSigSize(nullptr));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
EXPECT_EQ(kEpidNoErr, EpidSign(member, msg.data(), msg.size(), bsn.data(),
bsn.size(), sig, sig_len));
// verify basic signature
VerifierCtxObj ctx(this->kGroupPublicKey);
THROW_ON_EPIDERR(EpidVerifierSetBasename(ctx, bsn.data(), bsn.size()));
EXPECT_EQ(kEpidSigValid,
EpidVerify(ctx, sig, sig_len, msg.data(), msg.size()));
}
TEST_F(EpidMemberTest, SignsMessageUsingBasenameWithSigRl) {
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
auto& msg = this->kMsg0;
auto& bsn = this->kBsn0;
THROW_ON_EPIDERR(EpidRegisterBasename(member, bsn.data(), bsn.size()));
SigRl const* srl =
reinterpret_cast<SigRl const*>(this->kSigRl5EntryData.data());
size_t srl_size = this->kSigRl5EntryData.size() * sizeof(uint8_t);
std::vector<uint8_t> sig_data(EpidGetSigSize(srl));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
THROW_ON_EPIDERR(EpidMemberSetSigRl(member, srl, srl_size));
EXPECT_EQ(kEpidNoErr, EpidSign(member, msg.data(), msg.size(), bsn.data(),
bsn.size(), sig, sig_len));
VerifierCtxObj ctx(this->kGroupPublicKey);
THROW_ON_EPIDERR(EpidVerifierSetBasename(ctx, bsn.data(), bsn.size()));
THROW_ON_EPIDERR(EpidVerifierSetSigRl(ctx, srl, srl_size));
EXPECT_EQ(kEpidSigValid,
EpidVerify(ctx, sig, sig_len, msg.data(), msg.size()));
}
TEST_F(EpidMemberTest, SignsUsingRandomBaseWithRegisteredBasenamesNoSigRl) {
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
auto& msg = this->kMsg0;
auto& bsn = this->kBsn0;
THROW_ON_EPIDERR(EpidRegisterBasename(member, bsn.data(), bsn.size()));
std::vector<uint8_t> sig_data(EpidGetSigSize(nullptr));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), msg.size(), nullptr, 0, sig, sig_len));
VerifierCtxObj ctx(this->kGroupPublicKey);
EXPECT_EQ(kEpidSigValid,
EpidVerify(ctx, sig, sig_len, msg.data(), msg.size()));
}
TEST_F(EpidMemberTest, SignsUsingRandomBaseWithRegisteredBasenamesWithSigRl) {
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
auto& msg = this->kMsg0;
auto& bsn = this->kBsn0;
THROW_ON_EPIDERR(EpidRegisterBasename(member, bsn.data(), bsn.size()));
SigRl const* srl =
reinterpret_cast<SigRl const*>(this->kSigRl5EntryData.data());
size_t srl_size = this->kSigRl5EntryData.size() * sizeof(uint8_t);
std::vector<uint8_t> sig_data(EpidGetSigSize(srl));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
THROW_ON_EPIDERR(EpidMemberSetSigRl(member, srl, srl_size));
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), msg.size(), nullptr, 0, sig, sig_len));
VerifierCtxObj ctx(this->kGroupPublicKey);
THROW_ON_EPIDERR(EpidVerifierSetSigRl(ctx, srl, srl_size));
EXPECT_EQ(kEpidSigValid,
EpidVerify(ctx, sig, sig_len, msg.data(), msg.size()));
}
TEST_F(EpidMemberTest, SignsUsingRandomBaseWithoutRegisteredBasenamesNoSigRl) {
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
auto& msg = this->kMsg0;
std::vector<uint8_t> sig_data(EpidGetSigSize(nullptr));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), msg.size(), nullptr, 0, sig, sig_len));
VerifierCtxObj ctx(this->kGroupPublicKey);
EXPECT_EQ(kEpidSigValid,
EpidVerify(ctx, sig, sig_len, msg.data(), msg.size()));
}
TEST_F(EpidMemberTest,
SignsUsingRandomBaseWithoutRegisteredBasenamesWithSigRl) {
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
auto& msg = this->kMsg0;
SigRl const* srl =
reinterpret_cast<SigRl const*>(this->kSigRl5EntryData.data());
size_t srl_size = this->kSigRl5EntryData.size() * sizeof(uint8_t);
std::vector<uint8_t> sig_data(EpidGetSigSize(srl));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
THROW_ON_EPIDERR(EpidMemberSetSigRl(member, srl, srl_size));
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), msg.size(), nullptr, 0, sig, sig_len));
VerifierCtxObj ctx(this->kGroupPublicKey);
THROW_ON_EPIDERR(EpidVerifierSetSigRl(ctx, srl, srl_size));
EXPECT_EQ(kEpidSigValid,
EpidVerify(ctx, sig, sig_len, msg.data(), msg.size()));
}
#ifndef TPM_TSS
TEST_F(EpidMemberTest, SignsMessageUsingHugeBasenameNoSigRl) {
Prng my_prng;
MemberCtxObj member(this->kGrpXKey, this->kGrpXMember0PrivKey,
&Prng::Generate, &my_prng);
auto& msg = this->kMsg0;
std::vector<uint8_t> bsn(1024 * 1024); // exactly 1 MB
uint8_t c = 0;
for (size_t i = 0; i < bsn.size(); ++i) {
bsn[i] = c++;
}
THROW_ON_EPIDERR(EpidRegisterBasename(member, bsn.data(), bsn.size()));
std::vector<uint8_t> sig_data(EpidGetSigSize(nullptr));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
EXPECT_EQ(kEpidNoErr, EpidSign(member, msg.data(), msg.size(), bsn.data(),
bsn.size(), sig, sig_len));
// verify basic signature
VerifierCtxObj ctx(this->kGrpXKey);
THROW_ON_EPIDERR(EpidVerifierSetBasename(ctx, bsn.data(), bsn.size()));
EXPECT_EQ(kEpidSigValid,
EpidVerify(ctx, sig, sig_len, msg.data(), msg.size()));
}
TEST_F(EpidMemberTest, SignsMessageUsingHugeBasenameWithSigRl) {
Prng my_prng;
MemberCtxObj member(this->kGrpXKey, this->kGrpXMember0PrivKey,
&Prng::Generate, &my_prng);
auto& msg = this->kMsg0;
std::vector<uint8_t> bsn(1024 * 1024); // exactly 1 MB
uint8_t c = 0;
for (size_t i = 0; i < bsn.size(); ++i) {
bsn[i] = c++;
}
THROW_ON_EPIDERR(EpidRegisterBasename(member, bsn.data(), bsn.size()));
SigRl const* srl = reinterpret_cast<SigRl const*>(this->kGrpXSigRl.data());
size_t srl_size = this->kGrpXSigRl.size() * sizeof(this->kGrpXSigRl[0]);
std::vector<uint8_t> sig_data(EpidGetSigSize(srl));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
THROW_ON_EPIDERR(EpidMemberSetSigRl(member, srl, srl_size));
EXPECT_EQ(kEpidNoErr, EpidSign(member, msg.data(), msg.size(), bsn.data(),
bsn.size(), sig, sig_len));
VerifierCtxObj ctx(this->kGrpXKey);
THROW_ON_EPIDERR(EpidVerifierSetBasename(ctx, bsn.data(), bsn.size()));
THROW_ON_EPIDERR(EpidVerifierSetSigRl(ctx, srl, srl_size));
}
TEST_F(EpidMemberTest, SignsMsgUsingBsnContainingAllPossibleBytesNoSigRl) {
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
auto& msg = this->kMsg0;
auto& bsn = this->kData_0_255;
std::vector<uint8_t> sig_data(EpidGetSigSize(nullptr));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
THROW_ON_EPIDERR(EpidRegisterBasename(member, bsn.data(), bsn.size()));
EXPECT_EQ(kEpidNoErr, EpidSign(member, msg.data(), msg.size(), bsn.data(),
bsn.size(), sig, sig_len));
VerifierCtxObj ctx(this->kGroupPublicKey);
THROW_ON_EPIDERR(EpidVerifierSetBasename(ctx, bsn.data(), bsn.size()));
EXPECT_EQ(kEpidSigValid,
EpidVerify(ctx, sig, sig_len, msg.data(), msg.size()));
}
#endif
/////////////////////////////////////////////////////////////////////////
// Variable sigRL
TEST_F(EpidMemberTest, SignsMessageGivenNoSigRl) {
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
auto& msg = this->kMsg0;
size_t sig_len = EpidGetSigSize(nullptr);
std::vector<uint8_t> newsig(sig_len);
EpidSignature* sig = (EpidSignature*)newsig.data();
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), msg.size(), nullptr, 0, sig, sig_len));
// verify signature
VerifierCtxObj ctx(this->kGroupPublicKey);
EXPECT_EQ(kEpidSigValid,
EpidVerify(ctx, sig, sig_len, msg.data(), msg.size()));
}
TEST_F(EpidMemberTest, SignsMessageGivenNoSigRlUsingIKGFData) {
GroupPubKey grp_public_key = *reinterpret_cast<const GroupPubKey*>(
this->kGroupPublicKeyDataIkgf.data());
PrivKey mbr_private_key =
*reinterpret_cast<const PrivKey*>(this->kMemberPrivateKeyDataIkgf.data());
Prng my_prng;
auto& msg = this->kMsg0;
size_t sig_len = EpidGetSigSize(nullptr);
std::vector<uint8_t> newsig(sig_len);
// using ikgf keys
MemberCtxObj member(grp_public_key, mbr_private_key, &Prng::Generate,
&my_prng);
EpidSignature* sig = (EpidSignature*)newsig.data();
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), msg.size(), nullptr, 0, sig, sig_len));
// verify signature
VerifierCtxObj ctx(grp_public_key);
EXPECT_EQ(kEpidSigValid,
EpidVerify(ctx, sig, sig_len, msg.data(), msg.size()));
}
TEST_F(EpidMemberTest, SignsMessageGivenSigRlWithNoEntries) {
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
auto& msg = this->kMsg0;
uint8_t sig_rl_data_n2_zero[] = {
// gid
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x01,
// version
0x00, 0x00, 0x00, 0x00,
// n2
0x0, 0x00, 0x00, 0x00,
// not bk's
};
SigRl const* srl = reinterpret_cast<SigRl const*>(sig_rl_data_n2_zero);
size_t srl_size = sizeof(sig_rl_data_n2_zero);
std::vector<uint8_t> sig_data(EpidGetSigSize(srl));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
THROW_ON_EPIDERR(EpidMemberSetSigRl(member, srl, srl_size));
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), msg.size(), nullptr, 0, sig, sig_len));
VerifierCtxObj ctx(this->kGroupPublicKey);
THROW_ON_EPIDERR(EpidVerifierSetSigRl(ctx, srl, srl_size));
EXPECT_EQ(kEpidSigValid,
EpidVerify(ctx, sig, sig_len, msg.data(), msg.size()));
}
TEST_F(EpidMemberTest, SignsMessageGivenSigRlWithNoEntriesUsingIkgfData) {
GroupPubKey grp_public_key = *reinterpret_cast<const GroupPubKey*>(
this->kGroupPublicKeyDataIkgf.data());
PrivKey mbr_private_key =
*reinterpret_cast<const PrivKey*>(this->kMemberPrivateKeyDataIkgf.data());
Prng my_prng;
auto& msg = this->kMsg0;
// using ikgf keys
MemberCtxObj member_ikgf(grp_public_key, mbr_private_key, &Prng::Generate,
&my_prng);
uint8_t sig_rl_data_n2_one_gid0[] = {
#include "epid/common-testhelper/testdata/ikgf/groupa/sigrl_empty.inc"
};
SigRl* srl_ikgf = reinterpret_cast<SigRl*>(sig_rl_data_n2_one_gid0);
size_t srl_size = sizeof(sig_rl_data_n2_one_gid0);
std::vector<uint8_t> sig_data_ikgf(EpidGetSigSize(srl_ikgf));
EpidSignature* sig_ikgf =
reinterpret_cast<EpidSignature*>(sig_data_ikgf.data());
size_t sig_len = sig_data_ikgf.size() * sizeof(uint8_t);
THROW_ON_EPIDERR(EpidMemberSetSigRl(member_ikgf, srl_ikgf, srl_size));
EXPECT_EQ(kEpidNoErr, EpidSign(member_ikgf, msg.data(), msg.size(), nullptr,
0, sig_ikgf, sig_len));
VerifierCtxObj ctx_ikgf(grp_public_key);
THROW_ON_EPIDERR(EpidVerifierSetSigRl(ctx_ikgf, srl_ikgf, srl_size));
EXPECT_EQ(kEpidSigValid,
EpidVerify(ctx_ikgf, sig_ikgf, sig_len, msg.data(), msg.size()));
}
TEST_F(EpidMemberTest, SignsMessageGivenSigRlWithEntries) {
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
auto& msg = this->kMsg0;
uint8_t sig_rl_data_n2_one[] = {
// gid
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x01,
// version
0x00, 0x00, 0x00, 0x00,
// n2
0x0, 0x00, 0x00, 0x02,
// one bk
0x9c, 0xa5, 0xe5, 0xae, 0x5f, 0xae, 0x51, 0x59, 0x33, 0x35, 0x27, 0xd,
0x8, 0xb1, 0xbe, 0x5d, 0x69, 0x50, 0x84, 0xc5, 0xfe, 0xe2, 0x87, 0xea,
0x2e, 0xef, 0xfa, 0xee, 0x67, 0xf2, 0xd8, 0x28, 0x56, 0x43, 0xc6, 0x94,
0x67, 0xa6, 0x72, 0xf6, 0x41, 0x15, 0x4, 0x58, 0x42, 0x16, 0x88, 0x57,
0x9d, 0xc7, 0x71, 0xd1, 0xc, 0x84, 0x13, 0xa, 0x90, 0x23, 0x18, 0x8, 0xad,
0x7d, 0xfe, 0xf5, 0xc8, 0xae, 0xfc, 0x51, 0x40, 0xa7, 0xd1, 0x28, 0xc2,
0x89, 0xb2, 0x6b, 0x4e, 0xb4, 0xc1, 0x55, 0x87, 0x98, 0xbd, 0x72, 0xf9,
0xcf, 0xd, 0x40, 0x15, 0xee, 0x32, 0xc, 0xf3, 0x56, 0xc5, 0xc, 0x61, 0x9d,
0x4f, 0x7a, 0xb5, 0x2b, 0x16, 0xa9, 0xa3, 0x97, 0x38, 0xe2, 0xdd, 0x3a,
0x33, 0xad, 0xf6, 0x7b, 0x68, 0x8b, 0x68, 0xcf, 0xa3, 0xd3, 0x98, 0x37,
0xce, 0xec, 0xd1, 0xa8, 0xc, 0x8b,
0x71, 0x8a, 0xb5, 0x1, 0x7f, 0x7c, 0x92, 0x9a, 0xa2, 0xc9, 0x81, 0x10,
0xfe, 0xbf, 0xc, 0x53, 0xa4, 0x43, 0xaf, 0x31, 0x74, 0x12, 0x25, 0x60,
0x3e, 0xc0, 0x21, 0xe6, 0x63, 0x9a, 0xd2, 0x67, 0x2d, 0xb5, 0xd5, 0x82,
0xc4, 0x49, 0x29, 0x51, 0x42, 0x8f, 0xe0, 0xe, 0xd1, 0x73, 0x27, 0xf5,
0x77, 0x16, 0x4, 0x40, 0x8a, 0x0, 0xe, 0x3a, 0x5d, 0x37, 0x42, 0xd3, 0x8,
0x40, 0xbd, 0x69, 0xf7, 0x5f, 0x74, 0x21, 0x50, 0xf4, 0xce, 0xfe, 0xd9,
0xdd, 0x97, 0x6c, 0xa8, 0xa5, 0x60, 0x6b, 0xf8, 0x1b, 0xba, 0x2, 0xb2,
0xca, 0x5, 0x44, 0x9b, 0xb1, 0x5e, 0x3a, 0xa4, 0x35, 0x7a, 0x51, 0xfa,
0xcf, 0xa4, 0x4, 0xe9, 0xf3, 0xbf, 0x38, 0xd4, 0x24, 0x9, 0x52, 0xf3,
0x58, 0x3d, 0x9d, 0x4b, 0xb3, 0x37, 0x4b, 0xec, 0x87, 0xe1, 0x64, 0x60,
0x3c, 0xb6, 0xf7, 0x7b, 0xff, 0x40, 0x11};
SigRl* srl = reinterpret_cast<SigRl*>(sig_rl_data_n2_one);
size_t srl_size = sizeof(sig_rl_data_n2_one);
std::vector<uint8_t> sig_data(EpidGetSigSize(srl));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
THROW_ON_EPIDERR(EpidMemberSetSigRl(member, srl, srl_size));
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), msg.size(), nullptr, 0, sig, sig_len));
VerifierCtxObj ctx(this->kGroupPublicKey);
THROW_ON_EPIDERR(EpidVerifierSetSigRl(ctx, srl, srl_size));
EXPECT_EQ(kEpidSigValid,
EpidVerify(ctx, sig, sig_len, msg.data(), msg.size()));
}
TEST_F(EpidMemberTest, SignsMessageGivenSigRlWithEntriesUsingIKGFData) {
GroupPubKey grp_public_key = *reinterpret_cast<const GroupPubKey*>(
this->kGroupPublicKeyDataIkgf.data());
PrivKey mbr_private_key =
*reinterpret_cast<const PrivKey*>(this->kMemberPrivateKeyDataIkgf.data());
Prng my_prng;
auto& msg = this->kMsg0;
// using ikgf keys
MemberCtxObj member_ikgf(grp_public_key, mbr_private_key, &Prng::Generate,
&my_prng);
uint8_t sig_rl_data_n2_one_gid0[] = {
// gid
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00,
// version
0x00, 0x00, 0x00, 0x00,
// n2
0x0, 0x00, 0x00, 0x02,
// one bk
0x9c, 0xa5, 0xe5, 0xae, 0x5f, 0xae, 0x51, 0x59, 0x33, 0x35, 0x27, 0xd,
0x8, 0xb1, 0xbe, 0x5d, 0x69, 0x50, 0x84, 0xc5, 0xfe, 0xe2, 0x87, 0xea,
0x2e, 0xef, 0xfa, 0xee, 0x67, 0xf2, 0xd8, 0x28, 0x56, 0x43, 0xc6, 0x94,
0x67, 0xa6, 0x72, 0xf6, 0x41, 0x15, 0x4, 0x58, 0x42, 0x16, 0x88, 0x57,
0x9d, 0xc7, 0x71, 0xd1, 0xc, 0x84, 0x13, 0xa, 0x90, 0x23, 0x18, 0x8, 0xad,
0x7d, 0xfe, 0xf5, 0xc8, 0xae, 0xfc, 0x51, 0x40, 0xa7, 0xd1, 0x28, 0xc2,
0x89, 0xb2, 0x6b, 0x4e, 0xb4, 0xc1, 0x55, 0x87, 0x98, 0xbd, 0x72, 0xf9,
0xcf, 0xd, 0x40, 0x15, 0xee, 0x32, 0xc, 0xf3, 0x56, 0xc5, 0xc, 0x61, 0x9d,
0x4f, 0x7a, 0xb5, 0x2b, 0x16, 0xa9, 0xa3, 0x97, 0x38, 0xe2, 0xdd, 0x3a,
0x33, 0xad, 0xf6, 0x7b, 0x68, 0x8b, 0x68, 0xcf, 0xa3, 0xd3, 0x98, 0x37,
0xce, 0xec, 0xd1, 0xa8, 0xc, 0x8b,
0x71, 0x8a, 0xb5, 0x1, 0x7f, 0x7c, 0x92, 0x9a, 0xa2, 0xc9, 0x81, 0x10,
0xfe, 0xbf, 0xc, 0x53, 0xa4, 0x43, 0xaf, 0x31, 0x74, 0x12, 0x25, 0x60,
0x3e, 0xc0, 0x21, 0xe6, 0x63, 0x9a, 0xd2, 0x67, 0x2d, 0xb5, 0xd5, 0x82,
0xc4, 0x49, 0x29, 0x51, 0x42, 0x8f, 0xe0, 0xe, 0xd1, 0x73, 0x27, 0xf5,
0x77, 0x16, 0x4, 0x40, 0x8a, 0x0, 0xe, 0x3a, 0x5d, 0x37, 0x42, 0xd3, 0x8,
0x40, 0xbd, 0x69, 0xf7, 0x5f, 0x74, 0x21, 0x50, 0xf4, 0xce, 0xfe, 0xd9,
0xdd, 0x97, 0x6c, 0xa8, 0xa5, 0x60, 0x6b, 0xf8, 0x1b, 0xba, 0x2, 0xb2,
0xca, 0x5, 0x44, 0x9b, 0xb1, 0x5e, 0x3a, 0xa4, 0x35, 0x7a, 0x51, 0xfa,
0xcf, 0xa4, 0x4, 0xe9, 0xf3, 0xbf, 0x38, 0xd4, 0x24, 0x9, 0x52, 0xf3,
0x58, 0x3d, 0x9d, 0x4b, 0xb3, 0x37, 0x4b, 0xec, 0x87, 0xe1, 0x64, 0x60,
0x3c, 0xb6, 0xf7, 0x7b, 0xff, 0x40, 0x11};
SigRl* srl_ikgf = reinterpret_cast<SigRl*>(sig_rl_data_n2_one_gid0);
size_t srl_size = sizeof(sig_rl_data_n2_one_gid0);
std::vector<uint8_t> sig_data_ikgf(EpidGetSigSize(srl_ikgf));
EpidSignature* sig_ikgf =
reinterpret_cast<EpidSignature*>(sig_data_ikgf.data());
size_t sig_len = sig_data_ikgf.size() * sizeof(uint8_t);
THROW_ON_EPIDERR(EpidMemberSetSigRl(member_ikgf, srl_ikgf, srl_size));
EXPECT_EQ(kEpidNoErr, EpidSign(member_ikgf, msg.data(), msg.size(), nullptr,
0, sig_ikgf, sig_len));
VerifierCtxObj ctx_ikgf(grp_public_key);
THROW_ON_EPIDERR(EpidVerifierSetSigRl(ctx_ikgf, srl_ikgf, srl_size));
EXPECT_EQ(kEpidSigValid,
EpidVerify(ctx_ikgf, sig_ikgf, sig_len, msg.data(), msg.size()));
}
TEST_F(EpidMemberTest, SignMessageReportsIfMemberRevoked) {
// note: a complete sig + nr proof should still be returned!!
auto& pub_key = this->kGrpXKey;
auto& priv_key = this->kGrpXMember0PrivKey;
auto& msg = this->kMsg0;
Prng my_prng;
MemberCtxObj member(pub_key, priv_key, &Prng::Generate, &my_prng);
const std::vector<uint8_t> kGrpXSigRlMember0Sha512Rndbase0Msg0MiddleEntry = {
#include "epid/common-testhelper/testdata/grp_x/sigrl_member0_sig_sha512_rndbase_msg0_revoked_middle_entry.inc"
};
auto srl = reinterpret_cast<SigRl const*>(
kGrpXSigRlMember0Sha512Rndbase0Msg0MiddleEntry.data());
size_t srl_size = kGrpXSigRlMember0Sha512Rndbase0Msg0MiddleEntry.size();
std::vector<uint8_t> sig_data(EpidGetSigSize(srl));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
THROW_ON_EPIDERR(EpidMemberSetSigRl(member, srl, srl_size));
EXPECT_EQ(kEpidSigRevokedInSigRl,
EpidSign(member, msg.data(), msg.size(), nullptr, 0, sig, sig_len));
VerifierCtxObj ctx(pub_key);
THROW_ON_EPIDERR(EpidVerifierSetSigRl(ctx, srl, srl_size));
EXPECT_EQ(kEpidSigRevokedInSigRl,
EpidVerify(ctx, sig, sig_len, msg.data(), msg.size()));
}
TEST_F(EpidMemberTest, SignMessageReportsIfMemberRevokedUsingIKGFData) {
// note: a complete sig + nr proof should still be returned!!
GroupPubKey grp_public_key = *reinterpret_cast<const GroupPubKey*>(
this->kGroupPublicKeyDataIkgf.data());
const PrivKey member_private_key_revoked_by_sig = {
#include "epid/common-testhelper/testdata/ikgf/groupa/sigrevokedmember0/mprivkey.inc"
};
Prng my_prng;
MemberCtxObj member(grp_public_key, member_private_key_revoked_by_sig,
&Prng::Generate, &my_prng);
auto& msg = this->kMsg0;
const std::vector<uint8_t> sig_Rl = {
#include "epid/common-testhelper/testdata/ikgf/groupa/sigrl.inc"
};
auto srl = reinterpret_cast<SigRl const*>(sig_Rl.data());
size_t srl_size = sig_Rl.size();
std::vector<uint8_t> sig_data(EpidGetSigSize(srl));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
THROW_ON_EPIDERR(EpidMemberSetSigRl(member, srl, srl_size));
EXPECT_EQ(kEpidSigRevokedInSigRl,
EpidSign(member, msg.data(), msg.size(), nullptr, 0, sig, sig_len));
VerifierCtxObj ctx(grp_public_key);
THROW_ON_EPIDERR(EpidVerifierSetSigRl(ctx, srl, srl_size));
EXPECT_EQ(kEpidSigRevokedInSigRl,
EpidVerify(ctx, sig, sig_len, msg.data(), msg.size()));
}
/////////////////////////////////////////////////////////////////////////
// Revoked member by sigRL for TPM case
TEST_F(EpidMemberTest,
PROTECTED_SignMessageByCedentialReportsIfMemberRevoked_EPS0) {
// note: a complete sig + nr proof should still be returned!!
auto& pub_key = this->kEps0GroupPublicKey;
auto credential = *(MembershipCredential const*)&this->kEps0MemberPrivateKey;
const std::vector<uint8_t> msg = {'t', 'e', 's', 't', '2'};
Prng my_prng;
MemberCtxObj member(pub_key, credential, &Prng::Generate, &my_prng);
const std::vector<uint8_t> kEps0SigRlMember0Sha256Rndbase0Msg0FirstEntry = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x01,
0x39, 0x97, 0x09, 0x11, 0x30, 0xb0, 0x2a, 0x29, 0xa7, 0x9b, 0xf1, 0xef,
0xe9, 0xe5, 0xc7, 0x03, 0x17, 0xe6, 0x4f, 0x6f, 0x49, 0x4d, 0xeb, 0x0f,
0xfd, 0x1c, 0x3f, 0xce, 0xcc, 0xc8, 0x40, 0x6b, 0x23, 0xd3, 0xec, 0x78,
0x78, 0x15, 0x4a, 0x34, 0x0f, 0xd1, 0xd3, 0xfa, 0xd2, 0xb2, 0x5a, 0xc9,
0xec, 0xa2, 0x41, 0xe1, 0x46, 0x6d, 0xed, 0xb3, 0x4a, 0xa6, 0xdf, 0xb6,
0xc2, 0x11, 0x49, 0x0d, 0x8b, 0xc4, 0xdc, 0xe0, 0x3f, 0x86, 0x59, 0xb6,
0x47, 0x0e, 0x72, 0xd9, 0x04, 0x91, 0x06, 0x8d, 0xe7, 0xb0, 0x4e, 0x40,
0x4a, 0x72, 0xe2, 0x99, 0xcc, 0xf2, 0x93, 0x1f, 0xcb, 0x32, 0x2e, 0xa3,
0x62, 0xf5, 0x35, 0x51, 0x8b, 0x8e, 0xc8, 0xf4, 0x1e, 0xbe, 0xc9, 0xf4,
0xa9, 0xc4, 0x63, 0xd3, 0x86, 0x5d, 0xf6, 0x44, 0x36, 0x5c, 0x44, 0x11,
0xb4, 0xa3, 0x85, 0xd5, 0x9e, 0xaf, 0x56, 0x83};
auto srl = reinterpret_cast<SigRl const*>(
kEps0SigRlMember0Sha256Rndbase0Msg0FirstEntry.data());
size_t srl_size = kEps0SigRlMember0Sha256Rndbase0Msg0FirstEntry.size();
std::vector<uint8_t> sig_data(EpidGetSigSize(srl));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
THROW_ON_EPIDERR(EpidMemberSetSigRl(member, srl, srl_size));
EXPECT_EQ(kEpidSigRevokedInSigRl,
EpidSign(member, msg.data(), msg.size(), nullptr, 0, sig, sig_len));
VerifierCtxObj ctx(pub_key);
THROW_ON_EPIDERR(EpidVerifierSetSigRl(ctx, srl, srl_size));
EXPECT_EQ(kEpidSigRevokedInSigRl,
EpidVerify(ctx, sig, sig_len, msg.data(), msg.size()));
}
/////////////////////////////////////////////////////////////////////////
// Variable hash alg
TEST_F(EpidMemberTest, SignsMessageUsingSha256HashAlg) {
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, kSha256,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
auto& msg = this->kMsg0;
std::vector<uint8_t> sig_data(EpidGetSigSize(nullptr));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), msg.size(), nullptr, 0, sig, sig_len));
// verify signature
VerifierCtxObj ctx(this->kGroupPublicKey);
THROW_ON_EPIDERR(EpidVerifierSetHashAlg(ctx, kSha256));
EXPECT_EQ(kEpidSigValid,
EpidVerify(ctx, sig, sig_len, msg.data(), msg.size()));
}
TEST_F(EpidMemberTest, SignsMessageUsingSha384HashAlg) {
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, kSha384,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
auto& msg = this->kMsg0;
std::vector<uint8_t> sig_data(EpidGetSigSize(nullptr));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), msg.size(), nullptr, 0, sig, sig_len));
// verify signature
VerifierCtxObj ctx(this->kGroupPublicKey);
THROW_ON_EPIDERR(EpidVerifierSetHashAlg(ctx, kSha384));
EXPECT_EQ(kEpidSigValid,
EpidVerify(ctx, sig, sig_len, msg.data(), msg.size()));
}
TEST_F(EpidMemberTest, SignsMessageUsingSha512HashAlg) {
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, kSha512,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
auto& msg = this->kMsg0;
std::vector<uint8_t> sig_data(EpidGetSigSize(nullptr));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), msg.size(), nullptr, 0, sig, sig_len));
// verify signature
VerifierCtxObj ctx(this->kGroupPublicKey);
THROW_ON_EPIDERR(EpidVerifierSetHashAlg(ctx, kSha512));
EXPECT_EQ(kEpidSigValid,
EpidVerify(ctx, sig, sig_len, msg.data(), msg.size()));
}
TEST_F(EpidMemberTest, SignsMessageUsingSha512256HashAlg) {
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
kSha512_256, this->kMemberPrecomp, &Prng::Generate,
&my_prng);
auto& msg = this->kMsg0;
std::vector<uint8_t> sig_data(EpidGetSigSize(nullptr));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), msg.size(), nullptr, 0, sig, sig_len));
// verify signature
VerifierCtxObj ctx(this->kGroupPublicKey);
THROW_ON_EPIDERR(EpidVerifierSetHashAlg(ctx, kSha512_256));
EXPECT_EQ(kEpidSigValid,
EpidVerify(ctx, sig, sig_len, msg.data(), msg.size()));
}
/////////////////////////////////////////////////////////////////////////
// Variable hash alg for TPM data
TEST_F(EpidMemberTest,
PROTECTED_SignsMessageByCredentialUsingSha256HashAlg_EPS0) {
Prng my_prng;
MemberCtxObj member(
this->kEps0GroupPublicKey,
*(MembershipCredential const*)&this->kEps0MemberPrivateKey,
&Prng::Generate, &my_prng);
auto& msg = this->kMsg0;
std::vector<uint8_t> sig_data(EpidGetSigSize(nullptr));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), msg.size(), nullptr, 0, sig, sig_len));
// verify signature
VerifierCtxObj ctx(this->kEps0GroupPublicKey);
THROW_ON_EPIDERR(EpidVerifierSetHashAlg(ctx, kSha256));
EXPECT_EQ(kEpidSigValid,
EpidVerify(ctx, sig, sig_len, msg.data(), msg.size()));
}
TEST_F(EpidMemberTest,
DISABLED_PROTECTED_SignsMessageByCredentialUsingSha384HashAlg_EPS0) {
Prng my_prng;
MemberCtxObj member(
this->kEps0GroupPublicKey,
*(MembershipCredential const*)&this->kEps0MemberPrivateKey,
&Prng::Generate, &my_prng);
auto& msg = this->kMsg0;
std::vector<uint8_t> sig_data(EpidGetSigSize(nullptr));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
THROW_ON_EPIDERR(EpidMemberSetHashAlg(member, kSha384));
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), msg.size(), nullptr, 0, sig, sig_len));
// verify signature
VerifierCtxObj ctx(this->kEps0GroupPublicKey);
THROW_ON_EPIDERR(EpidVerifierSetHashAlg(ctx, kSha384));
EXPECT_EQ(kEpidSigValid,
EpidVerify(ctx, sig, sig_len, msg.data(), msg.size()));
}
TEST_F(EpidMemberTest,
DISABLED_PROTECTED_SignsMessageByCredentialUsingSha512HashAlg_EPS0) {
Prng my_prng;
MemberCtxObj member(
this->kEps0GroupPublicKey,
*(MembershipCredential const*)&this->kEps0MemberPrivateKey,
&Prng::Generate, &my_prng);
auto& msg = this->kMsg0;
std::vector<uint8_t> sig_data(EpidGetSigSize(nullptr));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
THROW_ON_EPIDERR(EpidMemberSetHashAlg(member, kSha512));
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), msg.size(), nullptr, 0, sig, sig_len));
// verify signature
VerifierCtxObj ctx(this->kEps0GroupPublicKey);
THROW_ON_EPIDERR(EpidVerifierSetHashAlg(ctx, kSha512));
EXPECT_EQ(kEpidSigValid,
EpidVerify(ctx, sig, sig_len, msg.data(), msg.size()));
}
/////////////////////////////////////////////////////////////////////////
// Variable precomputed signatures
TEST_F(EpidMemberTest, SignConsumesPrecomputedSignaturesNoSigRl) {
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
THROW_ON_EPIDERR(EpidAddPreSigs(member, 3));
auto& msg = this->kMsg0;
std::vector<uint8_t> sig_data(EpidGetSigSize(nullptr));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), msg.size(), nullptr, 0, sig, sig_len));
EXPECT_EQ((size_t)2, EpidGetNumPreSigs(member));
}
TEST_F(EpidMemberTest, SignConsumesPrecomputedSignaturesWithSigRl) {
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
THROW_ON_EPIDERR(EpidAddPreSigs(member, 3));
auto& msg = this->kMsg0;
SigRl const* srl =
reinterpret_cast<SigRl const*>(this->kSigRl5EntryData.data());
size_t srl_size = this->kSigRl5EntryData.size() * sizeof(uint8_t);
std::vector<uint8_t> sig_data(EpidGetSigSize(srl));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
THROW_ON_EPIDERR(EpidMemberSetSigRl(member, srl, srl_size));
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), msg.size(), nullptr, 0, sig, sig_len));
EXPECT_EQ((size_t)2, EpidGetNumPreSigs(member));
}
TEST_F(EpidMemberTest, SignsMessageWithPrecomputedSignaturesNoSigRl) {
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
THROW_ON_EPIDERR(EpidAddPreSigs(member, 1));
auto& msg = this->kMsg0;
std::vector<uint8_t> sig_data(EpidGetSigSize(nullptr));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), msg.size(), nullptr, 0, sig, sig_len));
// verify basic signature
VerifierCtxObj ctx(this->kGroupPublicKey);
EXPECT_EQ(kEpidSigValid,
EpidVerify(ctx, sig, sig_len, msg.data(), msg.size()));
}
TEST_F(EpidMemberTest, SignsMessageWithPrecomputedSignaturesWithSigRl) {
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
THROW_ON_EPIDERR(EpidAddPreSigs(member, 1));
auto& msg = this->kMsg0;
SigRl const* srl =
reinterpret_cast<SigRl const*>(this->kSigRl5EntryData.data());
size_t srl_size = this->kSigRl5EntryData.size() * sizeof(uint8_t);
std::vector<uint8_t> sig_data(EpidGetSigSize(srl));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
THROW_ON_EPIDERR(EpidMemberSetSigRl(member, srl, srl_size));
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), msg.size(), nullptr, 0, sig, sig_len));
// verify basic signature
VerifierCtxObj ctx(this->kGroupPublicKey);
THROW_ON_EPIDERR(EpidVerifierSetSigRl(ctx, srl, srl_size));
EXPECT_EQ(kEpidSigValid,
EpidVerify(ctx, sig, sig_len, msg.data(), msg.size()));
}
TEST_F(EpidMemberTest, SignsMessageWithoutPrecomputedSignaturesNoSigRl) {
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
auto& msg = this->kMsg0;
std::vector<uint8_t> sig_data(EpidGetSigSize(nullptr));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
// test sign without precomputed signatures
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), msg.size(), nullptr, 0, sig, sig_len));
// verify basic signature
VerifierCtxObj ctx(this->kGroupPublicKey);
EXPECT_EQ(kEpidSigValid,
EpidVerify(ctx, sig, sig_len, msg.data(), msg.size()));
}
TEST_F(EpidMemberTest, SignsMessageWithoutPrecomputedSignaturesWithSigRl) {
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
auto& msg = this->kMsg0;
SigRl const* srl =
reinterpret_cast<SigRl const*>(this->kSigRl5EntryData.data());
size_t srl_size = this->kSigRl5EntryData.size() * sizeof(uint8_t);
std::vector<uint8_t> sig_data(EpidGetSigSize(srl));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
THROW_ON_EPIDERR(EpidMemberSetSigRl(member, srl, srl_size));
// test sign without precomputed signatures
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), msg.size(), nullptr, 0, sig, sig_len));
// verify basic signature
VerifierCtxObj ctx(this->kGroupPublicKey);
THROW_ON_EPIDERR(EpidVerifierSetSigRl(ctx, srl, srl_size));
EXPECT_EQ(kEpidSigValid,
EpidVerify(ctx, sig, sig_len, msg.data(), msg.size()));
}
/////////////////////////////////////////////////////////////////////////
// Variable messages
TEST_F(EpidMemberTest, SignsEmptyMessageNoSigRl) {
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
auto& msg = this->kMsg0;
auto& bsn = this->kBsn0;
std::vector<uint8_t> sig_data(EpidGetSigSize(nullptr));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
THROW_ON_EPIDERR(EpidRegisterBasename(member, bsn.data(), bsn.size()));
EXPECT_EQ(kEpidNoErr, EpidSign(member, msg.data(), 0, bsn.data(), bsn.size(),
sig, sig_len));
VerifierCtxObj ctx(this->kGroupPublicKey);
THROW_ON_EPIDERR(EpidVerifierSetBasename(ctx, bsn.data(), bsn.size()));
EXPECT_EQ(kEpidSigValid, EpidVerify(ctx, sig, sig_len, msg.data(), 0));
}
TEST_F(EpidMemberTest, SignsEmptyMessageWithSigRl) {
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
auto& msg = this->kMsg0;
SigRl const* srl =
reinterpret_cast<SigRl const*>(this->kSigRl5EntryData.data());
size_t srl_size = this->kSigRl5EntryData.size() * sizeof(uint8_t);
std::vector<uint8_t> sig_data(EpidGetSigSize(srl));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
THROW_ON_EPIDERR(EpidMemberSetSigRl(member, srl, srl_size));
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), 0, nullptr, 0, sig, sig_len));
// verify basic signature
VerifierCtxObj ctx(this->kGroupPublicKey);
THROW_ON_EPIDERR(EpidVerifierSetSigRl(ctx, srl, srl_size));
EXPECT_EQ(kEpidSigValid, EpidVerify(ctx, sig, sig_len, msg.data(), 0));
}
TEST_F(EpidMemberTest, SignsShortMessageNoSigRl) {
// check: 1, 13, 128, 256, 512, 1021, 1024 bytes
// 13 and 1021 are primes
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
std::vector<uint8_t> sig_data(EpidGetSigSize(nullptr));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
VerifierCtxObj ctx(this->kGroupPublicKey);
size_t lengths[] = {1, 13, 128, 256,
512, 1021, 1024}; // have desired lengths to loop over
std::vector<uint8_t> msg(
lengths[COUNT_OF(lengths) - 1]); // allocate message for max size
for (size_t n = 0; n < msg.size(); n++) {
msg[n] = (uint8_t)n;
}
for (auto length : lengths) {
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), length, nullptr, 0, sig, sig_len))
<< "EpidSign for message_len: " << length << " failed";
EXPECT_EQ(kEpidSigValid, EpidVerify(ctx, sig, sig_len, msg.data(), length))
<< "EpidVerify for message_len: " << length << " failed";
}
}
TEST_F(EpidMemberTest, SignsShortMessageWithSigRl) {
// check: 1, 13, 128, 256, 512, 1021, 1024 bytes
// 13 and 1021 are primes
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
SigRl const* srl =
reinterpret_cast<SigRl const*>(this->kSigRl5EntryData.data());
size_t srl_size = this->kSigRl5EntryData.size() * sizeof(uint8_t);
std::vector<uint8_t> sig_data(EpidGetSigSize(srl));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
size_t message_len = 0;
VerifierCtxObj ctx(this->kGroupPublicKey);
THROW_ON_EPIDERR(EpidVerifierSetSigRl(ctx, srl, srl_size));
size_t lengths[] = {1, 13, 128, 256,
512, 1021, 1024}; // have desired lengths to loop over
std::vector<uint8_t> msg(
lengths[COUNT_OF(lengths) - 1]); // allocate message for max size
for (size_t n = 0; n < msg.size(); n++) {
msg.at(n) = (uint8_t)n;
}
THROW_ON_EPIDERR(EpidMemberSetSigRl(member, srl, srl_size));
for (auto length : lengths) {
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), length, nullptr, 0, sig, sig_len))
<< "EpidSign for message_len: " << message_len << " failed";
EXPECT_EQ(kEpidSigValid, EpidVerify(ctx, sig, sig_len, msg.data(), length))
<< "EpidVerify for message_len: " << message_len << " failed";
}
}
TEST_F(EpidMemberTest, SignsLongMessageNoSigRl) {
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
std::vector<uint8_t> sig_data(EpidGetSigSize(nullptr));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
VerifierCtxObj ctx(this->kGroupPublicKey);
std::vector<uint8_t> msg(1000000); // allocate message for max size
for (size_t n = 0; n < msg.size(); n++) {
msg.at(n) = (uint8_t)n;
}
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), msg.size(), nullptr, 0, sig, sig_len))
<< "EpidSign for message_len: " << 1000000 << " failed";
EXPECT_EQ(kEpidSigValid,
EpidVerify(ctx, sig, sig_len, msg.data(), msg.size()))
<< "EpidVerify for message_len: " << 1000000 << " failed";
}
TEST_F(EpidMemberTest, SignsLongMessageWithSigRl) {
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
SigRl const* srl =
reinterpret_cast<SigRl const*>(this->kSigRl5EntryData.data());
size_t srl_size = this->kSigRl5EntryData.size() * sizeof(uint8_t);
std::vector<uint8_t> sig_data(EpidGetSigSize(srl));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
VerifierCtxObj ctx(this->kGroupPublicKey);
THROW_ON_EPIDERR(EpidVerifierSetSigRl(ctx, srl, srl_size));
std::vector<uint8_t> msg(1000000); // allocate message for max size
for (size_t n = 0; n < msg.size(); n++) {
msg.at(n) = (uint8_t)n;
}
THROW_ON_EPIDERR(EpidMemberSetSigRl(member, srl, srl_size));
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), msg.size(), nullptr, 0, sig, sig_len))
<< "EpidSign for message_len: " << 1000000 << " failed";
EXPECT_EQ(kEpidSigValid,
EpidVerify(ctx, sig, sig_len, msg.data(), msg.size()))
<< "EpidVerify for message_len: " << 1000000 << " failed";
}
TEST_F(EpidMemberTest, SignsMsgContainingAllPossibleBytesNoSigRl) {
Prng my_prng;
MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
this->kMemberPrecomp, &Prng::Generate, &my_prng);
std::vector<uint8_t> sig_data(EpidGetSigSize(nullptr));
EpidSignature* sig = reinterpret_cast<EpidSignature*>(sig_data.data());
size_t sig_len = sig_data.size() * sizeof(uint8_t);
VerifierCtxObj ctx(this->kGroupPublicKey);
std::vector<uint8_t> msg = this->kData_0_255;
EXPECT_EQ(kEpidNoErr,
EpidSign(member, msg.data(), msg.size(), nullptr, 0, sig, sig_len));
EXPECT_EQ(kEpidSigValid,
EpidVerify(ctx, sig, sig_len, msg.data(), msg.size()));
}
} // namespace