Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Improve E2E testing #253

Merged
merged 1 commit into from
Sep 21, 2020
Merged

Improve E2E testing #253

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
357 changes: 22 additions & 335 deletions Cargo.lock
View file
Open in desktop

Large diffs are not rendered by default.

7 changes: 0 additions & 7 deletions Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,13 +44,6 @@ picky-asn1-x509 = { version = "0.3.2", optional = true }
users = "0.10.0"
libc = "0.2.77"

[dev-dependencies]
ring = "0.16.15"
lazy_static = "1.4.0"
rsa = "0.3.0"
rand = "0.7.3"
sha2 = "0.9.1"
Comment on lines -47 to -52
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🙏


[package.metadata.docs.rs]
features = ["pkcs11-provider", "tpm-provider", "tss-esapi/docs", "mbed-crypto-provider"]

Expand Down
1 change: 1 addition & 0 deletions e2e_tests/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ log = "0.4.11"
rand = "0.7.3"

[dev-dependencies]
ring = "0.16.15"
env_logger = "0.7.1"
rsa = "0.3.0"
picky-asn1-x509 = "0.3.2"
Expand Down
136 changes: 128 additions & 8 deletions e2e_tests/src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -159,7 +159,37 @@ impl TestClient {
verify_hash: true,
sign_message: true,
verify_message: true,
export: true,
export: false,
encrypt: false,
decrypt: false,
cache: false,
copy: false,
derive: false,
},
permitted_algorithms: Algorithm::AsymmetricSignature(
AsymmetricSignature::RsaPkcs1v15Sign {
hash_alg: Hash::Sha256.into(),
},
),
},
},
)
}

pub fn generate_long_rsa_sign_key(&mut self, key_name: String) -> Result<()> {
self.generate_key(
key_name,
Attributes {
lifetime: Lifetime::Persistent,
key_type: Type::RsaKeyPair,
bits: 2048,
policy: Policy {
usage_flags: UsageFlags {
sign_hash: true,
verify_hash: true,
sign_message: true,
verify_message: true,
export: false,
encrypt: false,
decrypt: false,
cache: false,
Expand Down Expand Up @@ -192,7 +222,7 @@ impl TestClient {
verify_hash: false,
sign_message: false,
verify_message: false,
export: true,
export: false,
encrypt: true,
decrypt: true,
cache: false,
Expand All @@ -218,7 +248,7 @@ impl TestClient {
verify_hash: false,
sign_message: false,
verify_message: false,
export: true,
export: false,
encrypt: true,
decrypt: true,
cache: false,
Expand Down Expand Up @@ -247,7 +277,7 @@ impl TestClient {
verify_hash: false,
sign_message: false,
verify_message: false,
export: true,
export: false,
encrypt: true,
decrypt: true,
cache: false,
Expand Down Expand Up @@ -277,7 +307,7 @@ impl TestClient {
verify_hash: false,
sign_message: false,
verify_message: false,
export: true,
export: false,
encrypt: true,
decrypt: true,
cache: false,
Expand Down Expand Up @@ -308,10 +338,10 @@ impl TestClient {
policy: Policy {
usage_flags: UsageFlags {
sign_hash: true,
verify_hash: false,
verify_hash: true,
sign_message: true,
verify_message: false,
export: true,
export: false,
encrypt: false,
decrypt: false,
cache: false,
Expand All @@ -327,6 +357,37 @@ impl TestClient {
)
}

pub fn generate_ecc_key_pair_secpr1_ecdsa_sha256(&mut self, key_name: String) -> Result<()> {
self.generate_key(
key_name,
Attributes {
lifetime: Lifetime::Persistent,
key_type: Type::EccKeyPair {
curve_family: EccFamily::SecpR1,
},
bits: 256,
policy: Policy {
usage_flags: UsageFlags {
sign_hash: true,
verify_hash: true,
sign_message: true,
verify_message: true,
export: false,
encrypt: false,
decrypt: false,
cache: false,
copy: false,
derive: false,
},
permitted_algorithms: AsymmetricSignature::Ecdsa {
hash_alg: Hash::Sha256.into(),
}
.into(),
},
},
)
}

/// Import ECC key pair with secp R1 curve family.
/// The key can only be used for key agreement with Ecdh algorithm.
pub fn generate_ecc_pair_secp_r1_key(&mut self, key_name: String) -> Result<()> {
Expand Down Expand Up @@ -381,13 +442,44 @@ impl TestClient {
lifetime: Lifetime::Persistent,
key_type: Type::RsaKeyPair,
bits: 1024,
policy: Policy {
usage_flags: UsageFlags {
sign_hash: false,
verify_hash: false,
sign_message: false,
verify_message: false,
export: false,
encrypt: true,
decrypt: true,
cache: false,
copy: false,
derive: false,
},
permitted_algorithms: AsymmetricEncryption::RsaPkcs1v15Crypt.into(),
},
},
data,
)
}

pub fn import_rsa_public_key_for_encryption(
&mut self,
key_name: String,
data: Vec<u8>,
) -> Result<()> {
self.import_key(
key_name,
Attributes {
lifetime: Lifetime::Persistent,
key_type: Type::RsaPublicKey,
bits: 1024,
policy: Policy {
usage_flags: UsageFlags {
sign_hash: false,
verify_hash: false,
sign_message: false,
verify_message: true,
export: true,
export: false,
encrypt: true,
decrypt: true,
cache: false,
Expand Down Expand Up @@ -563,6 +655,17 @@ impl TestClient {
)
}

/// Signs a short digest with an ECDSA key.
pub fn sign_with_ecdsa_sha256(&mut self, key_name: String, hash: Vec<u8>) -> Result<Vec<u8>> {
self.sign(
key_name,
AsymmetricSignature::Ecdsa {
hash_alg: Hash::Sha256.into(),
},
hash,
)
}

/// Verifies a signature.
pub fn verify(
&mut self,
Expand Down Expand Up @@ -593,6 +696,23 @@ impl TestClient {
)
}

/// Verifies a signature made with an ECDSA key.
pub fn verify_with_ecdsa_sha256(
&mut self,
key_name: String,
hash: Vec<u8>,
signature: Vec<u8>,
) -> Result<()> {
self.verify(
key_name,
AsymmetricSignature::Ecdsa {
hash_alg: Hash::Sha256.into(),
},
hash,
signature,
)
}

pub fn asymmetric_encrypt_message_with_rsapkcs1v15(
&mut self,
key_name: String,
Expand Down
Loading