keychain/ot/tests/OTBottledPeerTests.m

   1 /*
   2  * Copyright (c) 2017 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24 #if OCTAGON
  25
  26 #import <Foundation/Foundation.h>
  27 #import <XCTest/XCTest.h>
  28 #import <OCMock/OCMock.h>
  29 #import "OTTestsBase.h"
  30 #import <SecurityFoundation/SFEncryptionOperation.h>
  31 #import <SecurityFoundation/SFSigningOperation.h>
  32 #import <SecurityFoundation/SFDigestOperation.h>
  33 #import <SecurityFoundation/SFKey.h>
  34 #import <SecurityFoundation/SFKey_Private.h>
  35
  36 #import "keychain/ot/OTBottledPeer.h"
  37 #import "keychain/ot/OTBottledPeerSigned.h"
  38
  39 #import "keychain/ckks/CKKS.h"
  40
  41 static NSString* const testDSID = @"123456789";
  42
  43 @interface UnitTestOTBottledPeer : OTTestsBase
  44
  45 @end
  46
  47 @implementation UnitTestOTBottledPeer
  48
  49 - (void)setUp
  50 {
  51     [super setUp];
  52     self.continueAfterFailure = NO;
  53     NSError* error = nil;
  54
  55     self.sosPeerID = @"spID";
  56     self.egoPeerID = @"egoPeerID";
  57     self.peerSigningKey = [[SFECKeyPair alloc] initRandomKeyPairWithSpecifier:[[SFECKeySpecifier alloc] initWithCurve:SFEllipticCurveNistp384]];
  58     self.peerEncryptionKey = [[SFECKeyPair alloc] initRandomKeyPairWithSpecifier:[[SFECKeySpecifier alloc] initWithCurve:SFEllipticCurveNistp384]];
  59     self.escrowKeys = [[OTEscrowKeys alloc]initWithSecret:self.secret dsid:testDSID error:&error];
  60 }
  61
  62 - (void)tearDown
  63 {
  64     [super tearDown];
  65 }
  66
  67 -(void)testBottledPeerCreation
  68 {
  69     NSError* error = nil;
  70
  71     OTBottledPeer *bp = [[OTBottledPeer alloc]initWithPeerID:self.egoPeerID spID:self.sosPeerID peerSigningKey:self.peerSigningKey peerEncryptionKey:self.peerEncryptionKey escrowKeys:self.escrowKeys error:&error];
  72
  73     XCTAssertNotNil(bp, @"bottled peer should not be nil");
  74     XCTAssertNil(error, @"error should be nil");
  75     XCTAssertNotNil(self.escrowKeys.signingKey, @"signing public key should not be nil");
  76     XCTAssertNotNil(self.escrowKeys.encryptionKey, @"encryption public key should not be nil");
  77
  78 }
  79
  80 -(void)testSignedBottledPeerCreation
  81 {
  82     NSError* error = nil;
  83
  84     OTBottledPeer *bp = [[OTBottledPeer alloc]initWithPeerID:self.egoPeerID spID:self.sosPeerID peerSigningKey:self.peerSigningKey peerEncryptionKey:self.peerEncryptionKey escrowKeys:self.escrowKeys error:&error];
  85
  86     XCTAssertNotNil(bp, @"plaintext should not be nil");
  87     XCTAssertNil(error, @"error should be nil");
  88     XCTAssertNotNil(self.escrowKeys.signingKey, @"signing public key should not be nil");
  89     XCTAssertNotNil(self.escrowKeys.encryptionKey, @"encryption public key should not be nil");
  90
  91     OTBottledPeerSigned *bpSigned = [[OTBottledPeerSigned alloc]initWithBottledPeer:bp escrowedSigningKey:self.escrowKeys.signingKey peerSigningKey:self.peerSigningKey error:&error];
  92     XCTAssertNil(error, @"error should be nil");
  93     XCTAssertNotNil(bpSigned, @"bottled peer signed should not be nil");
  94
  95 }
  96
  97 -(void)testCreatingBottledPeerFromRecord
  98 {
  99     NSError* error = nil;
 100     OTBottledPeer *bp = [[OTBottledPeer alloc]initWithPeerID:self.egoPeerID spID:self.sosPeerID peerSigningKey:self.peerSigningKey peerEncryptionKey:self.peerEncryptionKey escrowKeys:self.escrowKeys error:&error];
 101
 102     XCTAssertNotNil(bp, @"plaintext should not be nil");
 103     XCTAssertNil(error, @"error should be nil");
 104     XCTAssertNotNil(self.escrowKeys.signingKey, @"signing public key should not be nil");
 105     XCTAssertNotNil(self.escrowKeys.encryptionKey, @"encryption public key should not be nil");
 106
 107     OTBottledPeerSigned *bpSigned = [[OTBottledPeerSigned alloc]initWithBottledPeer:bp escrowedSigningKey:self.escrowKeys.signingKey peerSigningKey:self.peerSigningKey error:&error];
 108
 109     OTBottledPeerRecord* record = [bpSigned asRecord:@"escrowRecordID"];
 110     OTBottledPeerSigned *bpRestored = [[OTBottledPeerSigned alloc] initWithBottledPeerRecord:record escrowKeys:self.escrowKeys error:&error];
 111     XCTAssertNotNil(bpRestored, @"bottled peer signed should not be nil");
 112 }
 113
 114 -(void)testRestoringBottledPeerSigned
 115 {
 116     NSError* error = nil;
 117     OTBottledPeer *bp = [[OTBottledPeer alloc]initWithPeerID:self.egoPeerID spID:self.sosPeerID peerSigningKey:self.peerSigningKey peerEncryptionKey:self.peerEncryptionKey escrowKeys:self.escrowKeys error:&error];
 118
 119     XCTAssertNotNil(bp, @"plaintext should not be nil");
 120     XCTAssertNil(error, @"error should be nil");
 121
 122     SFECKeySpecifier *keySpecifier = [[SFECKeySpecifier alloc] initWithCurve:SFEllipticCurveNistp384];
 123     id<SFDigestOperation> digestOperation = [[SFSHA384DigestOperation alloc] init];
 124     SFEC_X962SigningOperation* xso = [[SFEC_X962SigningOperation alloc] initWithKeySpecifier:keySpecifier digestOperation:digestOperation];
 125
 126     NSData* signatureUsingEscrow = [xso sign:bp.data withKey:self.escrowKeys.signingKey error:&error].signature;
 127     XCTAssertNil(error, @"error should not be nil");
 128
 129     NSData* signatureUsingPeerKey = [xso sign:bp.data withKey:self.peerSigningKey error:&error].signature;
 130     XCTAssertNil(error, @"error should not be nil");
 131
 132     XCTAssertNotNil(signatureUsingEscrow, @"signature using escrow signing key should not be nil");
 133     XCTAssertNotNil(signatureUsingPeerKey, @"signature using peer signing key should not be nil");
 134
 135
 136      OTBottledPeerSigned *bpSigned = [[OTBottledPeerSigned alloc]initWithBottledPeer:bp signatureUsingEscrow:signatureUsingEscrow signatureUsingPeerKey:signatureUsingPeerKey escrowedSigningPubKey:[self.escrowKeys.signingKey publicKey] error:&error];
 137
 138      XCTAssertNotNil(bpSigned, @"bottled peer signed should not be nil");
 139
 140     bpSigned = [[OTBottledPeerSigned alloc]initWithBottledPeer:bp signatureUsingEscrow:[NSData data] signatureUsingPeerKey:[NSData data] escrowedSigningPubKey:[self.escrowKeys.signingKey publicKey] error:&error];
 141
 142     XCTAssertNil(bpSigned, @"bottled peer signed should be nil");
 143     XCTAssertNotNil(error, @"error should not be nil");
 144
 145 }
 146
 147 @end
 148
 149 #endif /* OCTAGON */