1 /*############################################################################
2 # Copyright 2016-2017 Intel Corporation
3 #
4 # Licensed under the Apache License, Version 2.0 (the "License");
5 # you may not use this file except in compliance with the License.
6 # You may obtain a copy of the License at
7 #
8 # http://www.apache.org/licenses/LICENSE-2.0
9 #
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS,
12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 # See the License for the specific language governing permissions and
14 # limitations under the License.
15 ############################################################################*/
16 /// NrProve unit tests.
17 /*! \file */
18
19 #include "epid/common-testhelper/epid_gtest-testhelper.h"
20 #include "gtest/gtest.h"
21
22 extern "C" {
23 #include "epid/member/src/nrprove.h"
24 #include "epid/member/src/signbasic.h"
25 }
26
27 #include "epid/common-testhelper/errors-testhelper.h"
28 #include "epid/common-testhelper/prng-testhelper.h"
29 #include "epid/common-testhelper/verifier_wrapper-testhelper.h"
30 #include "epid/member/unittests/member-testhelper.h"
31
32 namespace {
33
TEST_F(EpidMemberTest,NrProveFailsGivenNullParameters)34 TEST_F(EpidMemberTest, NrProveFailsGivenNullParameters) {
35 Prng my_prng;
36 MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
37 this->kMemberPrecomp, &Prng::Generate, &my_prng);
38
39 BasicSignature const* basic_sig =
40 &reinterpret_cast<EpidSignature const*>(
41 this->kGrp01Member0SigTest1Sha256.data())
42 ->sigma0;
43 auto& msg = this->kTest1Msg;
44 auto& bsn = this->kBsn0;
45 SigRl const* sig_rl = reinterpret_cast<const SigRl*>(this->kSigRlData.data());
46
47 NrProof proof;
48
49 EXPECT_EQ(kEpidBadArgErr,
50 EpidNrProve(nullptr, msg.data(), msg.size(), bsn.data(), bsn.size(),
51 basic_sig, &sig_rl->bk[0], &proof));
52 EXPECT_EQ(kEpidBadArgErr,
53 EpidNrProve(member, nullptr, msg.size(), bsn.data(), bsn.size(),
54 basic_sig, &sig_rl->bk[0], &proof));
55 EXPECT_EQ(kEpidBadArgErr, EpidNrProve(member, msg.data(), msg.size(), nullptr,
56 0, basic_sig, &sig_rl->bk[0], &proof));
57 EXPECT_EQ(kEpidBadArgErr,
58 EpidNrProve(member, msg.data(), msg.size(), bsn.data(), 0,
59 basic_sig, &sig_rl->bk[0], &proof));
60 EXPECT_EQ(kEpidBadArgErr,
61 EpidNrProve(member, msg.data(), msg.size(), bsn.data(), bsn.size(),
62 nullptr, &sig_rl->bk[0], &proof));
63 EXPECT_EQ(kEpidBadArgErr,
64 EpidNrProve(member, msg.data(), msg.size(), bsn.data(), bsn.size(),
65 basic_sig, nullptr, &proof));
66 EXPECT_EQ(kEpidBadArgErr,
67 EpidNrProve(member, msg.data(), msg.size(), bsn.data(), bsn.size(),
68 basic_sig, &sig_rl->bk[0], nullptr));
69 }
70
TEST_F(EpidMemberTest,NrProveFailsGivenInvalidSigRlEntry)71 TEST_F(EpidMemberTest, NrProveFailsGivenInvalidSigRlEntry) {
72 Prng my_prng;
73 MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
74 this->kMemberPrecomp, &Prng::Generate, &my_prng);
75
76 BasicSignature basic_sig;
77 auto msg = this->kTest1Msg;
78 SigRl const* sig_rl = reinterpret_cast<const SigRl*>(this->kSigRlData.data());
79 NrProof proof;
80 BigNumStr rnd_bsn = {0};
81
82 THROW_ON_EPIDERR(EpidSignBasic(member, msg.data(), msg.size(), nullptr, 0,
83 &basic_sig, &rnd_bsn));
84
85 SigRlEntry sig_rl_enty_invalid_k = sig_rl->bk[0];
86 sig_rl_enty_invalid_k.k.x.data.data[31]++; // make it not in EC group
87 EXPECT_EQ(kEpidBadArgErr, EpidNrProve(member, msg.data(), msg.size(),
88 &rnd_bsn, sizeof(rnd_bsn), &basic_sig,
89 &sig_rl_enty_invalid_k, &proof));
90
91 SigRlEntry sig_rl_enty_invalid_b = sig_rl->bk[0];
92 sig_rl_enty_invalid_b.b.x.data.data[31]++; // make it not in EC group
93 EXPECT_EQ(kEpidBadArgErr, EpidNrProve(member, msg.data(), msg.size(),
94 &rnd_bsn, sizeof(rnd_bsn), &basic_sig,
95 &sig_rl_enty_invalid_b, &proof));
96 }
97
TEST_F(EpidMemberTest,PROTECTED_NrProveFailsWithInvalidSigRlEntryAndCredential_EPS0)98 TEST_F(EpidMemberTest,
99 PROTECTED_NrProveFailsWithInvalidSigRlEntryAndCredential_EPS0) {
100 Prng my_prng;
101 MemberCtxObj member(
102 this->kEps0GroupPublicKey,
103 *(MembershipCredential const*)&this->kEps0MemberPrivateKey,
104 &Prng::Generate, &my_prng);
105
106 BasicSignature basic_sig;
107 auto msg = this->kTest1Msg;
108 SigRl const* sig_rl = reinterpret_cast<const SigRl*>(this->kSigRlData.data());
109 NrProof proof;
110 BigNumStr rnd_bsn = {0};
111
112 THROW_ON_EPIDERR(EpidSignBasic(member, msg.data(), msg.size(), nullptr, 0,
113 &basic_sig, &rnd_bsn));
114
115 SigRlEntry sig_rl_enty_invalid_k = sig_rl->bk[0];
116 sig_rl_enty_invalid_k.k.x.data.data[31]++; // make it not in EC group
117 EXPECT_EQ(kEpidBadArgErr, EpidNrProve(member, msg.data(), msg.size(),
118 &rnd_bsn, sizeof(rnd_bsn), &basic_sig,
119 &sig_rl_enty_invalid_k, &proof));
120
121 SigRlEntry sig_rl_enty_invalid_b = sig_rl->bk[0];
122 sig_rl_enty_invalid_b.b.x.data.data[31]++; // make it not in EC group
123 EXPECT_EQ(kEpidBadArgErr, EpidNrProve(member, msg.data(), msg.size(),
124 &rnd_bsn, sizeof(rnd_bsn), &basic_sig,
125 &sig_rl_enty_invalid_b, &proof));
126 }
127
TEST_F(EpidMemberTest,NrProveFailsGivenInvalidBasicSig)128 TEST_F(EpidMemberTest, NrProveFailsGivenInvalidBasicSig) {
129 Prng my_prng;
130 MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
131 this->kMemberPrecomp, &Prng::Generate, &my_prng);
132
133 BasicSignature basic_sig;
134 auto msg = this->kTest1Msg;
135 SigRl const* sig_rl = reinterpret_cast<const SigRl*>(this->kSigRlData.data());
136 NrProof proof;
137 BigNumStr rnd_bsn = {0};
138
139 THROW_ON_EPIDERR(EpidSignBasic(member, msg.data(), msg.size(), nullptr, 0,
140 &basic_sig, &rnd_bsn));
141
142 // invalid basic sig is only when K value is invalid!!
143 BasicSignature basic_sig_invalid_K = basic_sig;
144 basic_sig_invalid_K.K.x.data.data[31]++; // make it not in EC group
145 EXPECT_EQ(
146 kEpidBadArgErr,
147 EpidNrProve(member, msg.data(), msg.size(), &rnd_bsn, sizeof(rnd_bsn),
148 &basic_sig_invalid_K, &sig_rl->bk[0], &proof));
149 }
150
TEST_F(EpidMemberTest,PROTECTED_NrProveFailsGivenInvalidBasicSigAndCredential_EPS0)151 TEST_F(EpidMemberTest,
152 PROTECTED_NrProveFailsGivenInvalidBasicSigAndCredential_EPS0) {
153 Prng my_prng;
154 MemberCtxObj member(
155 this->kEps0GroupPublicKey,
156 *(MembershipCredential const*)&this->kEps0MemberPrivateKey,
157 &Prng::Generate, &my_prng);
158
159 BasicSignature basic_sig;
160 auto msg = this->kTest1Msg;
161 SigRl const* sig_rl = reinterpret_cast<const SigRl*>(this->kSigRlData.data());
162 NrProof proof;
163 BigNumStr rnd_bsn = {0};
164
165 THROW_ON_EPIDERR(EpidSignBasic(member, msg.data(), msg.size(), nullptr, 0,
166 &basic_sig, &rnd_bsn));
167
168 // invalid basic sig is only when K value is invalid!!
169 BasicSignature basic_sig_invalid_K = basic_sig;
170 basic_sig_invalid_K.K.x.data.data[31]++; // make it not in EC group
171 EXPECT_EQ(
172 kEpidBadArgErr,
173 EpidNrProve(member, msg.data(), msg.size(), &rnd_bsn, sizeof(rnd_bsn),
174 &basic_sig_invalid_K, &sig_rl->bk[0], &proof));
175 }
176
TEST_F(EpidMemberTest,GeneratesNrProofForEmptyMessage)177 TEST_F(EpidMemberTest, GeneratesNrProofForEmptyMessage) {
178 Prng my_prng;
179 MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, kSha256,
180 this->kMemberPrecomp, &Prng::Generate, &my_prng);
181
182 BasicSignature basic_sig;
183 SigRl const* sig_rl = reinterpret_cast<const SigRl*>(this->kSigRlData.data());
184 BigNumStr rnd_bsn = {0};
185
186 NrProof proof;
187
188 ASSERT_EQ(kEpidNoErr, EpidSignBasic(member, nullptr, 0, nullptr, 0,
189 &basic_sig, &rnd_bsn));
190 EXPECT_EQ(kEpidNoErr,
191 EpidNrProve(member, nullptr, 0, &rnd_bsn, sizeof(rnd_bsn),
192 &basic_sig, &sig_rl->bk[0], &proof));
193
194 // Check proof by doing an NrVerify
195 VerifierCtxObj ctx(this->kGroupPublicKey);
196 THROW_ON_EPIDERR(EpidVerifierSetHashAlg(ctx, kSha256));
197 EXPECT_EQ(kEpidNoErr,
198 EpidNrVerify(ctx, &basic_sig, nullptr, 0, &sig_rl->bk[0], &proof));
199 }
200
TEST_F(EpidMemberTest,GeneratesNrProofForMsgContainingAllPossibleBytes)201 TEST_F(EpidMemberTest, GeneratesNrProofForMsgContainingAllPossibleBytes) {
202 Prng my_prng;
203 MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
204 this->kMemberPrecomp, &Prng::Generate, &my_prng);
205
206 BasicSignature basic_sig;
207 auto msg = this->kData_0_255;
208 auto& bsn = this->kBsn0;
209 SigRl const* sig_rl = reinterpret_cast<const SigRl*>(this->kSigRlData.data());
210
211 NrProof proof;
212
213 THROW_ON_EPIDERR(EpidRegisterBasename(member, bsn.data(), bsn.size()));
214 ASSERT_EQ(kEpidNoErr,
215 EpidSignBasic(member, msg.data(), msg.size(), bsn.data(),
216 bsn.size(), &basic_sig, nullptr));
217 EXPECT_EQ(kEpidNoErr,
218 EpidNrProve(member, msg.data(), msg.size(), bsn.data(), bsn.size(),
219 &basic_sig, &sig_rl->bk[0], &proof));
220
221 // Check proof by doing an NrVerify
222 VerifierCtxObj ctx(this->kGroupPublicKey);
223 EXPECT_EQ(kEpidNoErr, EpidNrVerify(ctx, &basic_sig, msg.data(), msg.size(),
224 &sig_rl->bk[0], &proof));
225 }
226
TEST_F(EpidMemberTest,GeneratesNrProof)227 TEST_F(EpidMemberTest, GeneratesNrProof) {
228 Prng my_prng;
229 MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
230 this->kMemberPrecomp, &Prng::Generate, &my_prng);
231
232 BasicSignature basic_sig;
233 auto msg = this->kTest1Msg;
234 SigRl const* sig_rl = reinterpret_cast<const SigRl*>(this->kSigRlData.data());
235 BigNumStr rnd_bsn = {0};
236
237 NrProof proof;
238
239 ASSERT_EQ(kEpidNoErr, EpidSignBasic(member, msg.data(), msg.size(), nullptr,
240 0, &basic_sig, &rnd_bsn));
241 EXPECT_EQ(kEpidNoErr,
242 EpidNrProve(member, msg.data(), msg.size(), &rnd_bsn,
243 sizeof(rnd_bsn), &basic_sig, &sig_rl->bk[0], &proof));
244
245 // Check proof by doing an NrVerify
246 VerifierCtxObj ctx(this->kGroupPublicKey);
247
248 EXPECT_EQ(kEpidNoErr, EpidNrVerify(ctx, &basic_sig, msg.data(), msg.size(),
249 &sig_rl->bk[0], &proof));
250 }
251
TEST_F(EpidMemberTest,PROTECTED_GeneratesNrProofWithCredential_EPS0)252 TEST_F(EpidMemberTest, PROTECTED_GeneratesNrProofWithCredential_EPS0) {
253 Prng my_prng;
254 MemberCtxObj member(
255 this->kEps0GroupPublicKey,
256 *(MembershipCredential const*)&this->kEps0MemberPrivateKey,
257 &Prng::Generate, &my_prng);
258
259 BasicSignature basic_sig;
260 auto msg = this->kTest1Msg;
261 SigRl const* sig_rl = reinterpret_cast<const SigRl*>(this->kSigRlData.data());
262 BigNumStr rnd_bsn = {0};
263
264 NrProof proof;
265
266 ASSERT_EQ(kEpidNoErr, EpidSignBasic(member, msg.data(), msg.size(), nullptr,
267 0, &basic_sig, &rnd_bsn));
268 EXPECT_EQ(kEpidNoErr,
269 EpidNrProve(member, msg.data(), msg.size(), &rnd_bsn,
270 sizeof(rnd_bsn), &basic_sig, &sig_rl->bk[0], &proof));
271
272 // Check proof by doing an NrVerify
273 VerifierCtxObj ctx(this->kGroupPublicKey);
274
275 EXPECT_EQ(kEpidNoErr, EpidNrVerify(ctx, &basic_sig, msg.data(), msg.size(),
276 &sig_rl->bk[0], &proof));
277 }
278
TEST_F(EpidMemberTest,GeneratesNrProofUsingDefaultHashAlgUsingIKGFData)279 TEST_F(EpidMemberTest, GeneratesNrProofUsingDefaultHashAlgUsingIKGFData) {
280 Prng my_prng;
281 GroupPubKey grp_public_key = *reinterpret_cast<const GroupPubKey*>(
282 this->kGroupPublicKeyDataIkgf.data());
283 PrivKey mbr_private_key =
284 *reinterpret_cast<const PrivKey*>(this->kMemberPrivateKeyDataIkgf.data());
285 const std::vector<uint8_t> sigrl_bin = {
286 #include "epid/common-testhelper/testdata/ikgf/groupa/sigrl.inc"
287 };
288
289 MemberCtxObj member(grp_public_key, mbr_private_key, &Prng::Generate,
290 &my_prng);
291
292 BasicSignature basic_sig;
293 auto msg = this->kTest1Msg;
294 SigRl const* sig_rl = reinterpret_cast<const SigRl*>(sigrl_bin.data());
295 BigNumStr rnd_bsn = {0};
296
297 NrProof proof;
298
299 ASSERT_EQ(kEpidNoErr, EpidSignBasic(member, msg.data(), msg.size(), nullptr,
300 0, &basic_sig, &rnd_bsn));
301 EXPECT_EQ(kEpidNoErr,
302 EpidNrProve(member, msg.data(), msg.size(), &rnd_bsn,
303 sizeof(rnd_bsn), &basic_sig, &sig_rl->bk[0], &proof));
304
305 // Check proof by doing an NrVerify
306 VerifierCtxObj ctx(grp_public_key);
307
308 EXPECT_EQ(kEpidNoErr, EpidNrVerify(ctx, &basic_sig, msg.data(), msg.size(),
309 &sig_rl->bk[0], &proof));
310 }
311
TEST_F(EpidMemberTest,GeneratesNrProofUsingSha256HashAlg)312 TEST_F(EpidMemberTest, GeneratesNrProofUsingSha256HashAlg) {
313 Prng my_prng;
314 MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, kSha256,
315 this->kMemberPrecomp, &Prng::Generate, &my_prng);
316
317 BasicSignature basic_sig;
318 auto msg = this->kTest1Msg;
319 SigRl const* sig_rl = reinterpret_cast<const SigRl*>(this->kSigRlData.data());
320 BigNumStr rnd_bsn = {0};
321
322 NrProof proof;
323
324 ASSERT_EQ(kEpidNoErr, EpidSignBasic(member, msg.data(), msg.size(), nullptr,
325 0, &basic_sig, &rnd_bsn));
326 EXPECT_EQ(kEpidNoErr,
327 EpidNrProve(member, msg.data(), msg.size(), &rnd_bsn,
328 sizeof(rnd_bsn), &basic_sig, &sig_rl->bk[0], &proof));
329
330 // Check proof by doing an NrVerify
331 VerifierCtxObj ctx(this->kGroupPublicKey);
332 THROW_ON_EPIDERR(EpidVerifierSetHashAlg(ctx, kSha256));
333 EXPECT_EQ(kEpidNoErr, EpidNrVerify(ctx, &basic_sig, msg.data(), msg.size(),
334 &sig_rl->bk[0], &proof));
335 }
336
TEST_F(EpidMemberTest,GeneratesNrProofUsingSha384HashAlg)337 TEST_F(EpidMemberTest, GeneratesNrProofUsingSha384HashAlg) {
338 Prng my_prng;
339 MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, kSha384,
340 this->kMemberPrecomp, &Prng::Generate, &my_prng);
341
342 BasicSignature basic_sig;
343 auto msg = this->kTest1Msg;
344 SigRl const* sig_rl = reinterpret_cast<const SigRl*>(this->kSigRlData.data());
345 BigNumStr rnd_bsn = {0};
346
347 NrProof proof;
348
349 ASSERT_EQ(kEpidNoErr, EpidSignBasic(member, msg.data(), msg.size(), nullptr,
350 0, &basic_sig, &rnd_bsn));
351 EXPECT_EQ(kEpidNoErr,
352 EpidNrProve(member, msg.data(), msg.size(), &rnd_bsn,
353 sizeof(rnd_bsn), &basic_sig, &sig_rl->bk[0], &proof));
354
355 // Check proof by doing an NrVerify
356 VerifierCtxObj ctx(this->kGroupPublicKey);
357 THROW_ON_EPIDERR(EpidVerifierSetHashAlg(ctx, kSha384));
358 EXPECT_EQ(kEpidNoErr, EpidNrVerify(ctx, &basic_sig, msg.data(), msg.size(),
359 &sig_rl->bk[0], &proof));
360 }
361
TEST_F(EpidMemberTest,GeneratesNrProofUsingSha512HashAlg)362 TEST_F(EpidMemberTest, GeneratesNrProofUsingSha512HashAlg) {
363 Prng my_prng;
364 MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey, kSha512,
365 this->kMemberPrecomp, &Prng::Generate, &my_prng);
366
367 BasicSignature basic_sig;
368 auto msg = this->kTest1Msg;
369 SigRl const* sig_rl = reinterpret_cast<const SigRl*>(this->kSigRlData.data());
370 BigNumStr rnd_bsn = {0};
371
372 NrProof proof;
373
374 ASSERT_EQ(kEpidNoErr, EpidSignBasic(member, msg.data(), msg.size(), nullptr,
375 0, &basic_sig, &rnd_bsn));
376 EXPECT_EQ(kEpidNoErr,
377 EpidNrProve(member, msg.data(), msg.size(), &rnd_bsn,
378 sizeof(rnd_bsn), &basic_sig, &sig_rl->bk[0], &proof));
379
380 // Check proof by doing an NrVerify
381 VerifierCtxObj ctx(this->kGroupPublicKey);
382 THROW_ON_EPIDERR(EpidVerifierSetHashAlg(ctx, kSha512));
383 EXPECT_EQ(kEpidNoErr, EpidNrVerify(ctx, &basic_sig, msg.data(), msg.size(),
384 &sig_rl->bk[0], &proof));
385 }
386
TEST_F(EpidMemberTest,GeneratesNrProofUsingSha512256HashAlg)387 TEST_F(EpidMemberTest, GeneratesNrProofUsingSha512256HashAlg) {
388 Prng my_prng;
389 MemberCtxObj member(this->kGroupPublicKey, this->kMemberPrivateKey,
390 kSha512_256, this->kMemberPrecomp, &Prng::Generate,
391 &my_prng);
392
393 BasicSignature basic_sig;
394 auto msg = this->kTest1Msg;
395 SigRl const* sig_rl = reinterpret_cast<const SigRl*>(this->kSigRlData.data());
396 BigNumStr rnd_bsn = {0};
397
398 NrProof proof;
399
400 ASSERT_EQ(kEpidNoErr, EpidSignBasic(member, msg.data(), msg.size(), nullptr,
401 0, &basic_sig, &rnd_bsn));
402 EXPECT_EQ(kEpidNoErr,
403 EpidNrProve(member, msg.data(), msg.size(), &rnd_bsn,
404 sizeof(rnd_bsn), &basic_sig, &sig_rl->bk[0], &proof));
405
406 // Check proof by doing an NrVerify
407 VerifierCtxObj ctx(this->kGroupPublicKey);
408 THROW_ON_EPIDERR(EpidVerifierSetHashAlg(ctx, kSha512_256));
409 EXPECT_EQ(kEpidNoErr, EpidNrVerify(ctx, &basic_sig, msg.data(), msg.size(),
410 &sig_rl->bk[0], &proof));
411 }
412
413 } // namespace
414