Move test client back in the Parsec repo

This commit moves the test client back in the main Parsec repo and moves
it on top of the `BasicClient` - the main core client, thus making the
most out of functionality re-use.

Signed-off-by: Ionut Mihalcea <[email protected]>

Author: ionut-arm

Cargo.lock

@@ -18,7 +18,7 @@ name = "parsec"
 path = "src/bin/main.rs"
 
 [dependencies]
-parsec-interface = "0.12.0"
+parsec-interface = "0.13.0"
 rand = "0.7.2"
 base64 = "0.10.1"
 uuid = "0.7.4"
@@ -40,12 +40,13 @@ derivative = "1.0.3"
 version = "3.0.0"
 
 [dev-dependencies]
-parsec-client-test = { git = "https://github.com/parallaxsecond/parsec-client-test", tag = "0.3.0" }
 num_cpus = "1.10.1"
 picky-asn1-der = "0.2.2"
 picky-asn1 = "0.2.1"
 serde = { version = "1.0", features = ["derive"] }
 sha2 = "0.8.1"
+parsec-client = { git = "https://github.com/parallaxsecond/parsec-client-rust" }
+parsec-interface = { version = "0.13.0", features = ["testing"] }
 
 [build-dependencies]
 bindgen = "0.50.0"

Cargo.toml

@@ -80,17 +80,47 @@ $ cd parsec
 $ RUST_LOG=info cargo run
 ```
 
-Parsec Client Libraries can now communicate with the service. For example using the Rust Test client,
+Parsec Client Libraries can now communicate with the service. For example using the Rust client,
 RSA signatures can be done as follows:
 ```rust
-use parsec_client_test::TestClient;
-
-let mut client = TestClient::new();
+use parsec_client::BasicClient;
+use parsec_client::auth::AuthenticationData;
+use parsec_client::core::ProviderID;
+use parsec_client::core::psa_algorithm::{Algorithm, AsymmetricSignature, Hash};
+use parsec_client::core::psa_key_attributes::{KeyAttributes, KeyType, KeyPolicy, UsageFlags};
+use sha2::Sha256;
+
+let app_identity_ = AuthenticationData::AppIdentity(String::from("my-app"));
+let client = BasicClient::new(app_identity, ProviderID::Tpm);
+let sign_alg = AsymmetricSignature::RsaPkcs1v15Sign {
+    hash_alg: Hash::Sha256,
+};
+let key_attrs = KeyAttributes {
+    key_type: KeyType::RsaKeyPair,
+    key_bits: 1024,
+    key_policy: KeyPolicy {
+        key_usage_flags: UsageFlags {
+            sign_hash: true,
+            verify_hash: true,
+            sign_message: true,
+            verify_message: true,
+            export: true,
+            encrypt: false,
+            decrypt: false,
+            cache: false,
+            copy: false,
+            derive: false,
+        },
+        key_algorithm: Algorithm::AsymmetricSignature(sign_alg),
+    },
+};
 let key_name = String::from("🔑 What shall I sign? 🔑");
-client.generate_rsa_sign_key(key_name.clone()).unwrap();
-let signature = client.sign(key_name,
-                            String::from("Platform AbstRaction for SECurity").into_bytes())
-                      .unwrap();
+client.psa_generate_key(key_name.clone(), key_attrs).unwrap();
+
+let mut hasher = Sha256::new();
+hasher.input(b"Bob wrote this message.");
+let hash = hasher.result().to_vec();
+let signature = client.psa_sign_hash(key_name, hash, sign_alg).unwrap();
 ```
 
 Check the [**user**](https://parallaxsecond.github.io/parsec-book/parsec_users.html), [**client developer**](https://parallaxsecond.github.io/parsec-book/parsec_client/index.html) and [**service developer**](https://parallaxsecond.github.io/parsec-book/parsec_service/index.html) guides for more information on building, installing, testing and using Parsec!

README.md

@@ -12,8 +12,8 @@
 // WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
-use parsec_client_test::TestClient;
-use parsec_interface::requests::Result;
+use crate::test_clients::TestClient;
+use parsec_client::error::Result;
 use parsec_interface::requests::{Opcode, ProviderID};
 use std::collections::HashSet;
 use uuid::Uuid;

tests/all_providers/mod.rs

@@ -44,3 +44,4 @@
 
 mod all_providers;
 mod per_provider;
+mod test_clients;

tests/mod.rs

@@ -12,10 +12,11 @@
 // WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
-use parsec_client_test::TestClient;
+use crate::test_clients::error::{Error, Result};
+use crate::test_clients::TestClient;
 use parsec_interface::operations::psa_algorithm::*;
 use parsec_interface::operations::psa_key_attributes::*;
-use parsec_interface::requests::{ResponseStatus, Result};
+use parsec_interface::requests::ResponseStatus;
 use sha2::{Digest, Sha256};
 
 const HASH: [u8; 32] = [
@@ -30,7 +31,7 @@ fn asym_sign_no_key() {
     let status = client
         .sign_with_rsa_sha256(key_name, HASH.to_vec())
         .expect_err("Key should not exist.");
-    assert_eq!(status, ResponseStatus::PsaErrorDoesNotExist);
+    assert_eq!(status, Error::Service(ResponseStatus::PsaErrorDoesNotExist));
 }
 
 #[test]
@@ -41,7 +42,7 @@ fn asym_verify_no_key() {
     let status = client
         .verify_with_rsa_sha256(key_name, HASH.to_vec(), signature)
         .expect_err("Verification should have failed");
-    assert_eq!(status, ResponseStatus::PsaErrorDoesNotExist);
+    assert_eq!(status, Error::Service(ResponseStatus::PsaErrorDoesNotExist));
 }
 
 #[test]
@@ -67,8 +68,8 @@ fn asym_verify_fail() -> Result<()> {
     let status = client
         .verify_with_rsa_sha256(key_name, HASH.to_vec(), signature)
         .expect_err("Verification should fail.");
-    if !(status == ResponseStatus::PsaErrorInvalidSignature
-        || status == ResponseStatus::PsaErrorCorruptionDetected)
+    if !(status == Error::Service(ResponseStatus::PsaErrorInvalidSignature)
+        || status == Error::Service(ResponseStatus::PsaErrorCorruptionDetected))
     {
         panic!("An invalid signature or a tampering detection should be the only reasons of the verification failing.");
     } else {
@@ -171,7 +172,7 @@ fn sign_hash_not_permitted() -> Result<()> {
 
     let status = client.sign_with_rsa_sha256(key_name, hash).unwrap_err();
 
-    assert_eq!(status, ResponseStatus::PsaErrorNotPermitted);
+    assert_eq!(status, Error::Service(ResponseStatus::PsaErrorNotPermitted));
 
     Ok(())
 }
@@ -190,8 +191,14 @@ fn sign_hash_bad_format() -> Result<()> {
         .unwrap_err();
     let status2 = client.sign_with_rsa_sha256(key_name, hash2).unwrap_err();
 
-    assert_eq!(status1, ResponseStatus::PsaErrorInvalidArgument);
-    assert_eq!(status2, ResponseStatus::PsaErrorInvalidArgument);
+    assert_eq!(
+        status1,
+        Error::Service(ResponseStatus::PsaErrorInvalidArgument)
+    );
+    assert_eq!(
+        status2,
+        Error::Service(ResponseStatus::PsaErrorInvalidArgument)
+    );
     Ok(())
 }
 
@@ -247,7 +254,7 @@ fn verify_hash_not_permitted() -> Result<()> {
         .verify_with_rsa_sha256(key_name, hash, signature)
         .unwrap_err();
 
-    assert_eq!(status, ResponseStatus::PsaErrorNotPermitted);
+    assert_eq!(status, Error::Service(ResponseStatus::PsaErrorNotPermitted));
     Ok(())
 }
 
@@ -271,8 +278,14 @@ fn verify_hash_bad_format() -> Result<()> {
         .verify_with_rsa_sha256(key_name, hash2, signature)
         .unwrap_err();
 
-    assert_eq!(status1, ResponseStatus::PsaErrorInvalidArgument);
-    assert_eq!(status2, ResponseStatus::PsaErrorInvalidArgument);
+    assert_eq!(
+        status1,
+        Error::Service(ResponseStatus::PsaErrorInvalidArgument)
+    );
+    assert_eq!(
+        status2,
+        Error::Service(ResponseStatus::PsaErrorInvalidArgument)
+    );
     Ok(())
 }
 
@@ -293,7 +306,10 @@ fn fail_verify_hash() -> Result<()> {
     let status = client
         .verify_with_rsa_sha256(key_name, hash, signature)
         .unwrap_err();
-    assert_eq!(status, ResponseStatus::PsaErrorInvalidSignature);
+    assert_eq!(
+        status,
+        Error::Service(ResponseStatus::PsaErrorInvalidSignature)
+    );
     Ok(())
 }
 
@@ -314,6 +330,9 @@ fn fail_verify_hash2() -> Result<()> {
     let status = client
         .verify_with_rsa_sha256(key_name, hash, signature)
         .unwrap_err();
-    assert_eq!(status, ResponseStatus::PsaErrorInvalidSignature);
+    assert_eq!(
+        status,
+        Error::Service(ResponseStatus::PsaErrorInvalidSignature)
+    );
     Ok(())
 }

tests/per_provider/normal_tests/asym_sign_verify.rs

@@ -12,15 +12,16 @@
 // WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
-use parsec_client_test::TestClient;
-use parsec_interface::requests::{ResponseStatus, Result};
+use crate::test_clients::TestClient;
+use parsec_client::error::{Error, Result};
+use parsec_interface::requests::ResponseStatus;
 
 #[test]
 fn two_auths_same_key_name() -> Result<()> {
     let key_name = String::from("two_auths_same_key_name");
     let mut client = TestClient::new();
-    let auth1 = String::from("first_client").into_bytes();
-    let auth2 = String::from("second_client").into_bytes();
+    let auth1 = String::from("first_client");
+    let auth2 = String::from("second_client");
 
     client.set_auth(auth1);
     client.generate_rsa_sign_key(key_name.clone())?;
@@ -33,8 +34,8 @@ fn two_auths_same_key_name() -> Result<()> {
 fn delete_wrong_key() -> Result<()> {
     let key_name = String::from("delete_wrong_key");
     let mut client = TestClient::new();
-    let auth1 = String::from("first_client").into_bytes();
-    let auth2 = String::from("second_client").into_bytes();
+    let auth1 = String::from("first_client");
+    let auth2 = String::from("second_client");
 
     client.set_auth(auth1);
     client.generate_rsa_sign_key(key_name.clone())?;
@@ -43,7 +44,7 @@ fn delete_wrong_key() -> Result<()> {
     let status = client
         .destroy_key(key_name)
         .expect_err("Destroying key should have failed");
-    assert_eq!(status, ResponseStatus::PsaErrorDoesNotExist);
+    assert_eq!(status, Error::Service(ResponseStatus::PsaErrorDoesNotExist));
 
     Ok(())
 }