diff options
Diffstat (limited to 'checks')
-rw-r--r-- | checks/cvc_tests.cpp | 74 |
1 files changed, 38 insertions, 36 deletions
diff --git a/checks/cvc_tests.cpp b/checks/cvc_tests.cpp index a9c9e878f..1e6a4844b 100644 --- a/checks/cvc_tests.cpp +++ b/checks/cvc_tests.cpp @@ -31,6 +31,8 @@ #include <botan/cvc_ado.h> #include <botan/enums.h> +#define TEST_DATA_DIR "checks/ecc_testdata" + using namespace Botan; #define CHECK_MESSAGE(expr, print) try { if(!(expr)) std::cout << print << "\n"; } catch(std::exception& e) { std::cout << __FUNCTION__ << ": " << e.what() << "\n"; } @@ -97,21 +99,21 @@ void test_enc_gen_selfsigned(RandomNumberGenerator& rng) SecureVector<byte> der(cert.BER_encode()); std::ofstream cert_file; - cert_file.open("checks/temp/my_cv_cert.ber", std::ios::binary); + cert_file.open(TEST_DATA_DIR "/my_cv_cert.ber", std::ios::binary); //cert_file << der; // this is bad !!! cert_file.write((char*)der.begin(), der.size()); cert_file.close(); - EAC1_1_CVC cert_in("checks/temp/my_cv_cert.ber"); + EAC1_1_CVC cert_in(TEST_DATA_DIR "/my_cv_cert.ber"); CHECK(cert == cert_in); // encoding it again while it has no dp SecureVector<byte> der2(cert_in.BER_encode()); - std::ofstream cert_file2("checks/temp/my_cv_cert2.ber", std::ios::binary); + std::ofstream cert_file2(TEST_DATA_DIR "/my_cv_cert2.ber", std::ios::binary); cert_file2.write((char*)der2.begin(), der2.size()); cert_file2.close(); // read both and compare them - std::ifstream cert_1_in("checks/temp/my_cv_cert.ber"); - std::ifstream cert_2_in("checks/temp/my_cv_cert2.ber"); + std::ifstream cert_1_in(TEST_DATA_DIR "/my_cv_cert.ber"); + std::ifstream cert_2_in(TEST_DATA_DIR "/my_cv_cert2.ber"); SecureVector<byte> sv1; SecureVector<byte> sv2; if (!cert_1_in || !cert_2_in) @@ -197,7 +199,7 @@ void test_enc_gen_req(RandomNumberGenerator& rng) //opts.cpi = 0; opts.chr = ASN1_Chr("my_opt_chr"); - opts.hash_alg = "SHA-1"; + opts.hash_alg = "SHA-160"; // creating a non sense selfsigned cert w/o dom pars EC_Domain_Params dom_pars(get_EC_Dom_Pars_by_oid("1.3.132.0.8")); @@ -205,12 +207,12 @@ void test_enc_gen_req(RandomNumberGenerator& rng) key.set_parameter_encoding(ENC_IMPLICITCA); EAC1_1_Req req = CVC_EAC::create_cvc_req(key, opts.chr, opts.hash_alg, rng); SecureVector<byte> der(req.BER_encode()); - std::ofstream req_file("checks/temp/my_cv_req.ber", std::ios::binary); + std::ofstream req_file(TEST_DATA_DIR "/my_cv_req.ber", std::ios::binary); req_file.write((char*)der.begin(), der.size()); req_file.close(); // read and check signature... - EAC1_1_Req req_in("checks/temp/my_cv_req.ber"); + EAC1_1_Req req_in(TEST_DATA_DIR "/my_cv_req.ber"); //req_in.set_domain_parameters(dom_pars); std::auto_ptr<Public_Key> p_pk = req_in.subject_public_key(); ECDSA_PublicKey* p_ecdsa_pk = dynamic_cast<ECDSA_PublicKey*>(p_pk.get()); @@ -224,7 +226,7 @@ void test_cvc_req_ext(RandomNumberGenerator&) { std::cout << "." << std::flush; - EAC1_1_Req req_in("checks/testdata/DE1_flen_chars_cvcRequest_ECDSA.der"); + EAC1_1_Req req_in(TEST_DATA_DIR "/DE1_flen_chars_cvcRequest_ECDSA.der"); EC_Domain_Params dom_pars(get_EC_Dom_Pars_by_oid("1.3.36.3.3.2.8.1.1.5")); // "german curve" //req_in.set_domain_parameters(dom_pars); std::auto_ptr<Public_Key> p_pk = req_in.subject_public_key(); @@ -239,7 +241,7 @@ void test_cvc_ado_ext(RandomNumberGenerator&) { std::cout << "." << std::flush; - EAC1_1_ADO req_in("checks/testdata/ado.cvcreq"); + EAC1_1_ADO req_in(TEST_DATA_DIR "/ado.cvcreq"); EC_Domain_Params dom_pars(get_EC_Dom_Pars_by_oid("1.3.36.3.3.2.8.1.1.5")); // "german curve" //cout << "car = " << req_in.get_car().value() << std::endl; //req_in.set_domain_parameters(dom_pars); @@ -262,7 +264,7 @@ void test_cvc_ado_creation(RandomNumberGenerator& rng) //EAC1_1_Req req = CVC_EAC::create_cvc_req(req_key, opts); EAC1_1_Req req = CVC_EAC::create_cvc_req(req_key, opts.chr, opts.hash_alg, rng); SecureVector<byte> der(req.BER_encode()); - std::ofstream req_file("checks/temp/my_cv_req.ber", std::ios::binary); + std::ofstream req_file(TEST_DATA_DIR "/my_cv_req.ber", std::ios::binary); req_file.write((char*)der.begin(), der.size()); req_file.close(); @@ -276,12 +278,12 @@ void test_cvc_ado_creation(RandomNumberGenerator& rng) EAC1_1_ADO ado = CVC_EAC::create_ado_req(ado_key, req, ado_opts.car, rng); CHECK_MESSAGE(ado.check_signature(ado_key), "failure of ado verification after creation"); - std::ofstream ado_file("checks/temp/ado", std::ios::binary); + std::ofstream ado_file(TEST_DATA_DIR "/ado", std::ios::binary); SecureVector<byte> ado_der(ado.BER_encode()); ado_file.write((char*)ado_der.begin(), ado_der.size()); ado_file.close(); // read it again and check the signature - EAC1_1_ADO ado2("checks/temp/ado"); + EAC1_1_ADO ado2(TEST_DATA_DIR "/ado"); CHECK(ado == ado2); //ECDSA_PublicKey* p_ado_pk = dynamic_cast<ECDSA_PublicKey*>(&ado_key); //bool ver = ado2.check_signature(*p_ado_pk); @@ -318,7 +320,7 @@ void test_cvc_ado_comparison(RandomNumberGenerator& rng) EAC1_1_CVC_Options opts2; //opts2.cpi = 0; opts2.chr = ASN1_Chr("my_opt_chr"); - opts2.hash_alg = "SHA-1"; // this is the only difference + opts2.hash_alg = "SHA-160"; // this is the only difference ECDSA_PrivateKey req_key2(rng, dom_pars); req_key.set_parameter_encoding(ENC_IMPLICITCA); //EAC1_1_Req req2 = CVC_EAC::create_cvc_req(req_key2, opts2, rng); @@ -326,19 +328,19 @@ void test_cvc_ado_comparison(RandomNumberGenerator& rng) ECDSA_PrivateKey ado_key2(rng, dom_pars); EAC1_1_CVC_Options ado_opts2; ado_opts2.car = ASN1_Car("my_ado_car1"); - ado_opts2.hash_alg = "SHA-1"; // must be equal to req's hash alg, because ado takes his sig_algo from it's request + ado_opts2.hash_alg = "SHA-160"; // must be equal to req's hash alg, because ado takes his sig_algo from it's request EAC1_1_ADO ado2 = CVC_EAC::create_ado_req(ado_key2, req2, ado_opts2.car, rng); CHECK_MESSAGE(ado2.check_signature(ado_key2), "failure of ado verification after creation"); CHECK_MESSAGE(ado != ado2, "ado's found to be equal where they are not"); - // std::ofstream ado_file("checks/temp/ado"); + // std::ofstream ado_file(TEST_DATA_DIR "/ado"); // SecureVector<byte> ado_der(ado.BER_encode()); // ado_file.write((char*)ado_der.begin(), ado_der.size()); // ado_file.close(); // read it again and check the signature - // EAC1_1_ADO ado2("checks/temp/ado"); + // EAC1_1_ADO ado2(TEST_DATA_DIR "/ado"); // ECDSA_PublicKey* p_ado_pk = dynamic_cast<ECDSA_PublicKey*>(&ado_key); // //bool ver = ado2.check_signature(*p_ado_pk); // bool ver = ado2.check_signature(ado_key); @@ -387,7 +389,7 @@ void test_ver_cvca(RandomNumberGenerator&) { std::cout << "." << std::flush; - EAC1_1_CVC req_in("checks/testdata/cvca01.cv.crt"); + EAC1_1_CVC req_in(TEST_DATA_DIR "/cvca01.cv.crt"); //auto_ptr<ECDSA_PublicKey> ecdsa_pk = dynamic_cast<auto_ptr<ECDSA_PublicKey> >(p_pk); //ECDSA_PublicKey* p_ecdsa_pk = dynamic_cast<ECDSA_PublicKey*>(p_pk.get()); @@ -413,20 +415,20 @@ void test_copy_and_assignment(RandomNumberGenerator&) { std::cout << "." << std::flush; - EAC1_1_CVC cert_in("checks/testdata/cvca01.cv.crt"); + EAC1_1_CVC cert_in(TEST_DATA_DIR "/cvca01.cv.crt"); EAC1_1_CVC cert_cp(cert_in); EAC1_1_CVC cert_ass = cert_in; CHECK(cert_in == cert_cp); CHECK(cert_in == cert_ass); - EAC1_1_ADO ado_in("checks/testdata/ado.cvcreq"); + EAC1_1_ADO ado_in(TEST_DATA_DIR "/ado.cvcreq"); //EC_Domain_Params dom_pars(get_EC_Dom_Pars_by_oid("1.3.36.3.3.2.8.1.1.5")); // "german curve" EAC1_1_ADO ado_cp(ado_in); EAC1_1_ADO ado_ass = ado_in; CHECK(ado_in == ado_cp); CHECK(ado_in == ado_ass); - EAC1_1_Req req_in("checks/testdata/DE1_flen_chars_cvcRequest_ECDSA.der"); + EAC1_1_Req req_in(TEST_DATA_DIR "/DE1_flen_chars_cvcRequest_ECDSA.der"); //EC_Domain_Params dom_pars(get_EC_Dom_Pars_by_oid("1.3.36.3.3.2.8.1.1.5")); // "german curve" EAC1_1_Req req_cp(req_in); EAC1_1_Req req_ass = req_in; @@ -441,7 +443,7 @@ void test_eac_str_illegal_values(RandomNumberGenerator&) bool exc = false; try { - EAC1_1_CVC("checks/testdata/cvca_illegal_chars.cv.crt"); + EAC1_1_CVC(TEST_DATA_DIR "/cvca_illegal_chars.cv.crt"); } catch (Decoding_Error) @@ -453,7 +455,7 @@ void test_eac_str_illegal_values(RandomNumberGenerator&) bool exc2 = false; try { - EAC1_1_CVC("checks/testdata/cvca_illegal_chars2.cv.crt"); + EAC1_1_CVC(TEST_DATA_DIR "/cvca_illegal_chars2.cv.crt"); } catch (Decoding_Error) @@ -493,7 +495,7 @@ void test_cvc_chain(RandomNumberGenerator& rng) std::string hash("SHA-224"); ASN1_Car car("DECVCA00001"); EAC1_1_CVC cvca_cert = DE_EAC::create_cvca(cvca_privk, hash, car, true, true, 12, rng); - std::ofstream cvca_file("checks/temp/cvc_chain_cvca.cer", std::ios::binary); + std::ofstream cvca_file(TEST_DATA_DIR "/cvc_chain_cvca.cer", std::ios::binary); SecureVector<byte> cvca_sv = cvca_cert.BER_encode(); cvca_file.write((char*)cvca_sv.begin(), cvca_sv.size()); cvca_file.close(); @@ -503,21 +505,21 @@ void test_cvc_chain(RandomNumberGenerator& rng) EAC1_1_CVC cvca_cert2 = DE_EAC::create_cvca(cvca_privk2, hash, car2, true, true, 12, rng); EAC1_1_CVC link12 = DE_EAC::link_cvca(cvca_cert, cvca_privk, cvca_cert2, rng); SecureVector<byte> link12_sv = link12.BER_encode(); - std::ofstream link12_file("checks/temp/cvc_chain_link12.cer", std::ios::binary); + std::ofstream link12_file(TEST_DATA_DIR "/cvc_chain_link12.cer", std::ios::binary); link12_file.write((char*)link12_sv.begin(), link12_sv.size()); link12_file.close(); // verify the link CHECK(link12.check_signature(cvca_privk)); - EAC1_1_CVC link12_reloaded("checks/temp/cvc_chain_link12.cer"); - EAC1_1_CVC cvca1_reloaded("checks/temp/cvc_chain_cvca.cer"); + EAC1_1_CVC link12_reloaded(TEST_DATA_DIR "/cvc_chain_link12.cer"); + EAC1_1_CVC cvca1_reloaded(TEST_DATA_DIR "/cvc_chain_cvca.cer"); std::auto_ptr<Public_Key> cvca1_rel_pk = cvca1_reloaded.subject_public_key(); CHECK(link12_reloaded.check_signature(*cvca1_rel_pk)); // create first round dvca-req ECDSA_PrivateKey dvca_priv_key(rng, dom_pars); EAC1_1_Req dvca_req = DE_EAC::create_cvc_req(dvca_priv_key, ASN1_Chr("DEDVCAEPASS"), hash, rng); - std::ofstream dvca_file("checks/temp/cvc_chain_dvca_req.cer", std::ios::binary); + std::ofstream dvca_file(TEST_DATA_DIR "/cvc_chain_dvca_req.cer", std::ios::binary); SecureVector<byte> dvca_sv = dvca_req.BER_encode(); dvca_file.write((char*)dvca_sv.begin(), dvca_sv.size()); dvca_file.close(); @@ -526,18 +528,18 @@ void test_cvc_chain(RandomNumberGenerator& rng) EAC1_1_CVC dvca_cert1 = DE_EAC::sign_request(cvca_cert, cvca_privk, dvca_req, 1, 5, true, 3, 1, rng); CHECK(dvca_cert1.get_car().iso_8859() == "DECVCA00001"); CHECK(dvca_cert1.get_chr().iso_8859() == "DEDVCAEPASS00001"); - helper_write_file(dvca_cert1, "checks/temp/cvc_chain_dvca_cert1.cer"); + helper_write_file(dvca_cert1, TEST_DATA_DIR "/cvc_chain_dvca_cert1.cer"); // make a second round dvca ado request ECDSA_PrivateKey dvca_priv_key2(rng, dom_pars); EAC1_1_Req dvca_req2 = DE_EAC::create_cvc_req(dvca_priv_key2, ASN1_Chr("DEDVCAEPASS"), hash, rng); - std::ofstream dvca_file2("checks/temp/cvc_chain_dvca_req2.cer", std::ios::binary); + std::ofstream dvca_file2(TEST_DATA_DIR "/cvc_chain_dvca_req2.cer", std::ios::binary); SecureVector<byte> dvca_sv2 = dvca_req2.BER_encode(); dvca_file2.write((char*)dvca_sv2.begin(), dvca_sv2.size()); dvca_file2.close(); EAC1_1_ADO dvca_ado2 = CVC_EAC::create_ado_req(dvca_priv_key, dvca_req2, ASN1_Car(dvca_cert1.get_chr().iso_8859()), rng); - helper_write_file(dvca_ado2, "checks/temp/cvc_chain_dvca_ado2.cer"); + helper_write_file(dvca_ado2, TEST_DATA_DIR "/cvc_chain_dvca_ado2.cer"); // verify the ado and sign the request too @@ -546,14 +548,14 @@ void test_cvc_chain(RandomNumberGenerator& rng) cert_pk->set_domain_parameters(dom_pars); //std::cout << "dvca_cert.public_point.size() = " << ec::EC2OSP(cert_pk->get_public_point(), ec::PointGFp::COMPRESSED).size() << std::endl; - EAC1_1_CVC dvca_cert1_reread("checks/temp/cvc_chain_cvca.cer"); + EAC1_1_CVC dvca_cert1_reread(TEST_DATA_DIR "/cvc_chain_cvca.cer"); CHECK(dvca_ado2.check_signature(*cert_pk)); CHECK(dvca_ado2.check_signature(dvca_priv_key)); // must also work EAC1_1_Req dvca_req2b = dvca_ado2.get_request(); - helper_write_file(dvca_req2b, "checks/temp/cvc_chain_dvca_req2b.cer"); - CHECK(helper_files_equal("checks/temp/cvc_chain_dvca_req2b.cer", "checks/temp/cvc_chain_dvca_req2.cer")); + helper_write_file(dvca_req2b, TEST_DATA_DIR "/cvc_chain_dvca_req2b.cer"); + CHECK(helper_files_equal(TEST_DATA_DIR "/cvc_chain_dvca_req2b.cer", TEST_DATA_DIR "/cvc_chain_dvca_req2.cer")); EAC1_1_CVC dvca_cert2 = DE_EAC::sign_request(cvca_cert, cvca_privk, dvca_req2b, 2, 5, true, 3, 1, rng); CHECK(dvca_cert2.get_car().iso_8859() == "DECVCA00001"); CHECK_MESSAGE(dvca_cert2.get_chr().iso_8859() == "DEDVCAEPASS00002", @@ -562,14 +564,14 @@ void test_cvc_chain(RandomNumberGenerator& rng) // make a first round IS request ECDSA_PrivateKey is_priv_key(rng, dom_pars); EAC1_1_Req is_req = DE_EAC::create_cvc_req(is_priv_key, ASN1_Chr("DEIS"), hash, rng); - helper_write_file(is_req, "checks/temp/cvc_chain_is_req.cer"); + helper_write_file(is_req, TEST_DATA_DIR "/cvc_chain_is_req.cer"); // sign the IS request //dvca_cert1.set_domain_parameters(dom_pars); EAC1_1_CVC is_cert1 = DE_EAC::sign_request(dvca_cert1, dvca_priv_key, is_req, 1, 5, true, 3, 1, rng); CHECK_MESSAGE(is_cert1.get_car().iso_8859() == "DEDVCAEPASS00001", "car = " << is_cert1.get_car().iso_8859()); CHECK(is_cert1.get_chr().iso_8859() == "DEIS00001"); - helper_write_file(is_cert1, "checks/temp/cvc_chain_is_cert.cer"); + helper_write_file(is_cert1, TEST_DATA_DIR "/cvc_chain_is_cert.cer"); // verify the signature of the certificate CHECK(is_cert1.check_signature(dvca_priv_key)); |