blob: 46c952491ab7966a280ab856a142e40d05200f27 [file] [log] [blame]
Vince Lehmanc2acdcb2015-04-29 11:14:35 -05001/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Alexander Afanasyev0ad01f32020-06-03 14:12:58 -04002/*
Junxiao Shib032fcb2022-04-28 01:28:50 +00003 * Copyright (c) 2014-2022, The University of Memphis,
Vince Lehmanc2acdcb2015-04-29 11:14:35 -05004 * Regents of the University of California,
5 * Arizona Board of Regents.
6 *
7 * This file is part of NLSR (Named-data Link State Routing).
8 * See AUTHORS.md for complete list of NLSR authors and contributors.
9 *
10 * NLSR is free software: you can redistribute it and/or modify it under the terms
11 * of the GNU General Public License as published by the Free Software Foundation,
12 * either version 3 of the License, or (at your option) any later version.
13 *
14 * NLSR is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
15 * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
16 * PURPOSE. See the GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License along with
19 * NLSR, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
Alexander Afanasyev0ad01f32020-06-03 14:12:58 -040020 */
Vince Lehmanc2acdcb2015-04-29 11:14:35 -050021
22#include "security/certificate-store.hpp"
Saurab Dulal427e0122019-11-28 11:58:02 -060023#include "nlsr.hpp"
24#include "lsdb.hpp"
Vince Lehmanc2acdcb2015-04-29 11:14:35 -050025
Davide Pesavento8de8a8b2022-05-12 01:26:43 -040026#include "tests/io-key-chain-fixture.hpp"
27#include "tests/test-common.hpp"
28
29#include <boost/filesystem/operations.hpp>
30#include <boost/filesystem/path.hpp>
Ashlesh Gawande30d96e42021-03-21 19:15:33 -070031#include <boost/lexical_cast.hpp>
Davide Pesavento7bc3d432021-10-25 21:08:04 -040032#include <boost/property_tree/info_parser.hpp>
Vince Lehmanc2acdcb2015-04-29 11:14:35 -050033
34namespace nlsr {
Vince Lehmanc2acdcb2015-04-29 11:14:35 -050035namespace test {
36
37using std::shared_ptr;
38
Davide Pesavento8de8a8b2022-05-12 01:26:43 -040039class CertificateStoreFixture : public IoKeyChainFixture
Vince Lehmanc2acdcb2015-04-29 11:14:35 -050040{
41public:
42 CertificateStoreFixture()
Davide Pesavento8de8a8b2022-05-12 01:26:43 -040043 : face(m_io, m_keyChain, {true, true})
Saurab Dulal427e0122019-11-28 11:58:02 -060044 , conf(face, m_keyChain, "unit-test-nlsr.conf")
45 , confProcessor(conf, SYNC_PROTOCOL_PSYNC, HYPERBOLIC_STATE_OFF,
46 "/ndn/", "/site", "/%C1.Router/router1")
47 , rootIdName(conf.getNetwork())
48 , siteIdentityName(ndn::Name(conf.getNetwork()).append(conf.getSiteName()))
49 , opIdentityName(ndn::Name(conf.getNetwork())
50 .append(ndn::Name(conf.getSiteName()))
51 .append(ndn::Name("%C1.Operator")))
52 , routerIdName(conf.getRouterPrefix())
53 , nlsr(face, m_keyChain, conf)
54 , lsdb(nlsr.getLsdb())
55 , certStore(face, conf, lsdb)
Davide Pesavento8de8a8b2022-05-12 01:26:43 -040056 , ROOT_CERT_PATH(boost::filesystem::current_path() / "root.cert")
Vince Lehmanc2acdcb2015-04-29 11:14:35 -050057 {
Davide Pesavento8de8a8b2022-05-12 01:26:43 -040058 rootId = m_keyChain.createIdentity(rootIdName);
Saurab Dulal427e0122019-11-28 11:58:02 -060059 siteIdentity = addSubCertificate(siteIdentityName, rootId);
60 opIdentity = addSubCertificate(opIdentityName, siteIdentity);
61 routerId = addSubCertificate(routerIdName, opIdentity);
62
Junxiao Shib032fcb2022-04-28 01:28:50 +000063 auto instanceCert = conf.initializeKey();
64 BOOST_REQUIRE(!!instanceCert);
65 certStore.insert(*instanceCert);
66 instanceCertName = instanceCert->getName();
Saurab Dulal427e0122019-11-28 11:58:02 -060067
68 // Create certificate and load it to the validator
69 // previously this was done by in nlsr ctor
Junxiao Shib032fcb2022-04-28 01:28:50 +000070 for (const auto& id : {rootId, siteIdentity, opIdentity, routerId}) {
71 const auto& cert = id.getDefaultKey().getDefaultCertificate();
72 conf.loadCertToValidator(cert);
73 certStore.insert(cert);
74 }
Saurab Dulal427e0122019-11-28 11:58:02 -060075
76 boost::property_tree::ptree pt;
Junxiao Shib032fcb2022-04-28 01:28:50 +000077 boost::property_tree::read_info("nlsr.conf", pt);
Saurab Dulal427e0122019-11-28 11:58:02 -060078
79 // Load security section and file name
80 for (const auto& tn : pt) {
81 if (tn.first == "security") {
82 auto it = tn.second.begin();
83 conf.getValidator().load(it->second, std::string("nlsr.conf"));
84 break;
85 }
86 }
Saurab Dulal427e0122019-11-28 11:58:02 -060087
Junxiao Shib032fcb2022-04-28 01:28:50 +000088 advanceClocks(20_ms);
Vince Lehmanc2acdcb2015-04-29 11:14:35 -050089 }
90
91public:
Saurab Dulal427e0122019-11-28 11:58:02 -060092 void
93 checkForInterest(ndn::Name& interstName)
94 {
95 std::vector<ndn::Interest>& interests = face.sentInterests;
96 BOOST_REQUIRE(interests.size() > 0);
97
98 bool didFindInterest = false;
99 for (const auto& interest : interests) {
100 didFindInterest = didFindInterest || interest.getName() == interstName;
101 }
102 BOOST_CHECK(didFindInterest);
103 }
104
105 ndn::util::DummyClientFace face;
106
107 ConfParameter conf;
108 DummyConfFileProcessor confProcessor;
109
110 ndn::Name rootIdName, siteIdentityName, opIdentityName, routerIdName;
111 ndn::security::pib::Identity rootId, siteIdentity, opIdentity, routerId;
Junxiao Shib032fcb2022-04-28 01:28:50 +0000112 ndn::Name instanceCertName;
Saurab Dulal427e0122019-11-28 11:58:02 -0600113
114 Nlsr nlsr;
115 Lsdb& lsdb;
Alexander Afanasyev0ad01f32020-06-03 14:12:58 -0400116 ndn::security::Certificate certificate;
Vince Lehmanc2acdcb2015-04-29 11:14:35 -0500117 ndn::Name certificateKey;
Saurab Dulal427e0122019-11-28 11:58:02 -0600118 security::CertificateStore certStore;
119 const boost::filesystem::path ROOT_CERT_PATH;
Vince Lehmanc2acdcb2015-04-29 11:14:35 -0500120};
121
122BOOST_FIXTURE_TEST_SUITE(TestSecurityCertificateStore, CertificateStoreFixture)
123
124BOOST_AUTO_TEST_CASE(Basic)
125{
Saurab Dulal427e0122019-11-28 11:58:02 -0600126 ndn::Name identityName("/TestNLSR/identity");
127 identityName.appendVersion();
Vince Lehmanc2acdcb2015-04-29 11:14:35 -0500128
Saurab Dulal427e0122019-11-28 11:58:02 -0600129 auto identity = m_keyChain.createIdentity(identityName);
130 auto certificate = identity.getDefaultKey().getDefaultCertificate();
Vince Lehmanc2acdcb2015-04-29 11:14:35 -0500131
Saurab Dulal427e0122019-11-28 11:58:02 -0600132 ndn::Name certKey = certificate.getKeyName();
Vince Lehmanc2acdcb2015-04-29 11:14:35 -0500133
Saurab Dulal427e0122019-11-28 11:58:02 -0600134 BOOST_CHECK(certStore.find(certKey) == nullptr);
Junxiao Shib032fcb2022-04-28 01:28:50 +0000135 BOOST_CHECK(certStore.find(certificate.getName()) == nullptr);
Saurab Dulal427e0122019-11-28 11:58:02 -0600136
137 // Certificate should be retrievable from the CertificateStore
138 certStore.insert(certificate);
139 conf.loadCertToValidator(certificate);
140
141 BOOST_CHECK(certStore.find(certKey) != nullptr);
Junxiao Shib032fcb2022-04-28 01:28:50 +0000142 BOOST_CHECK(certStore.find(certificate.getName()) != nullptr);
Saurab Dulal427e0122019-11-28 11:58:02 -0600143
144 lsdb.expressInterest(certKey, 0);
145
146 advanceClocks(10_ms);
147 checkForInterest(certKey);
148}
149
Junxiao Shib032fcb2022-04-28 01:28:50 +0000150BOOST_AUTO_TEST_CASE(RetrieveCert)
151{
Davide Pesavento8de8a8b2022-05-12 01:26:43 -0400152 ndn::util::DummyClientFace consumer(m_io);
Junxiao Shib032fcb2022-04-28 01:28:50 +0000153 consumer.linkTo(face);
154
155 auto checkRetrieve = [&] (const ndn::Name& interestName, bool canBePrefix, const ndn::Name& dataName) {
156 ndn::Interest interest(interestName);
157 interest.setCanBePrefix(canBePrefix);
158 BOOST_TEST_CONTEXT(interest) {
159 bool hasData = false;
160 consumer.expressInterest(interest,
161 [&] (const auto&, const auto& data) {
162 BOOST_CHECK(!hasData);
163 hasData = true;
164 BOOST_CHECK_EQUAL(data.getName(), dataName);
165 },
166 [&] (const auto&, const auto&) { BOOST_ERROR("unexpected Nack"); },
167 [&] (const auto&) { BOOST_ERROR("unexpected timeout"); }
168 );
169 advanceClocks(10_ms, 2);
170 BOOST_CHECK(hasData);
171 }
172 };
173
174 for (const auto& id : {siteIdentity, opIdentity, routerId}) {
175 auto key = id.getDefaultKey();
176 auto cert = key.getDefaultCertificate();
177 checkRetrieve(key.getName(), true, cert.getName());
178 checkRetrieve(cert.getName(), false, cert.getName());
179 }
180
181 checkRetrieve(ndn::security::extractKeyNameFromCertName(instanceCertName), true, instanceCertName);
182 checkRetrieve(instanceCertName, false, instanceCertName);
183}
184
Saurab Dulal427e0122019-11-28 11:58:02 -0600185BOOST_AUTO_TEST_CASE(TestKeyPrefixRegistration)
186{
187 // check if nlsrKeyPrefix is registered
188 ndn::Name nlsrKeyPrefix = conf.getRouterPrefix();
189 nlsrKeyPrefix.append("nlsr");
Ashlesh Gawande7a231c02020-06-12 20:06:44 -0700190 nlsrKeyPrefix.append(ndn::security::Certificate::KEY_COMPONENT);
Saurab Dulal427e0122019-11-28 11:58:02 -0600191 checkPrefixRegistered(face, nlsrKeyPrefix);
192
193 // check if routerPrefix is registered
194 ndn::Name routerKeyPrefix = conf.getRouterPrefix();
Ashlesh Gawande7a231c02020-06-12 20:06:44 -0700195 routerKeyPrefix.append(ndn::security::Certificate::KEY_COMPONENT);
Saurab Dulal427e0122019-11-28 11:58:02 -0600196 checkPrefixRegistered(face, routerKeyPrefix);
197
198 // check if operatorKeyPrefix is registered
199 ndn::Name operatorKeyPrefix = conf.getNetwork();
200 operatorKeyPrefix.append(conf.getSiteName());
201 operatorKeyPrefix.append(std::string("%C1.Operator"));
202 checkPrefixRegistered(face, operatorKeyPrefix);
203}
204
205BOOST_AUTO_TEST_CASE(SegmentValidatedSignal)
206{
207 ndn::Name lsaInterestName("/localhop");
208 lsaInterestName.append(conf.getLsaPrefix().getSubName(1));
209 lsaInterestName.append(conf.getSiteName());
210 lsaInterestName.append(conf.getRouterName());
Ashlesh Gawande0db4d4d2020-02-05 20:30:02 -0800211 lsaInterestName.append(boost::lexical_cast<std::string>(Lsa::Type::NAME));
Saurab Dulal427e0122019-11-28 11:58:02 -0600212 lsaInterestName.appendNumber(nlsr.m_lsdb.m_sequencingManager.getNameLsaSeq() + 1);
213
214 lsdb.expressInterest(lsaInterestName, 0);
215 advanceClocks(10_ms);
216
217 checkForInterest(lsaInterestName);
218
219 ndn::Name lsaDataName(lsaInterestName);
220 lsaDataName.appendVersion();
221 lsaDataName.appendSegment(0);
222
223 ndn::Data data(lsaDataName);
224 data.setFreshnessPeriod(ndn::time::seconds(10));
Ashlesh Gawande0db4d4d2020-02-05 20:30:02 -0800225 NameLsa nameLsa;
226 data.setContent(nameLsa.wireEncode());
Saurab Dulal427e0122019-11-28 11:58:02 -0600227 data.setFinalBlock(lsaDataName[-1]);
228
229 // Sign data with this NLSR's key (in real it would be different NLSR)
230 m_keyChain.sign(data, conf.m_signingInfo);
231 face.put(data);
232
233 this->advanceClocks(ndn::time::milliseconds(1));
234
235 // Make NLSR validate data signed by its own key
236 conf.getValidator().validate(data,
Ashlesh Gawande0db4d4d2020-02-05 20:30:02 -0800237 [] (const ndn::Data&) { BOOST_CHECK(true); },
Junxiao Shib032fcb2022-04-28 01:28:50 +0000238 [] (const ndn::Data&, const ndn::security::ValidationError& e) {
239 BOOST_ERROR(e);
Ashlesh Gawande0db4d4d2020-02-05 20:30:02 -0800240 });
Saurab Dulal427e0122019-11-28 11:58:02 -0600241
242 lsdb.emitSegmentValidatedSignal(data);
Junxiao Shib032fcb2022-04-28 01:28:50 +0000243 auto certName = data.getSignatureInfo().getKeyLocator().getName();
244 auto keyName = ndn::security::extractKeyNameFromCertName(certName);
Saurab Dulal427e0122019-11-28 11:58:02 -0600245 BOOST_CHECK(certStore.find(keyName) != nullptr);
246
247 // testing a callback after segment validation signal from lsdb
248 ndn::util::signal::ScopedConnection connection = lsdb.afterSegmentValidatedSignal.connect(
249 [&] (const ndn::Data& lsaSegment) {
250 BOOST_CHECK_EQUAL(lsaSegment.getName(), data.getName());
251 });
Vince Lehmanc2acdcb2015-04-29 11:14:35 -0500252}
253
254BOOST_AUTO_TEST_SUITE_END()
255
256} // namespace test
Vince Lehmanc2acdcb2015-04-29 11:14:35 -0500257} // namespace nlsr