Adding Group Manager
Change-Id: I033c9a71d052b6346c1be33004deb9d5d9b359e1
Refs: #3015
diff --git a/src/common.hpp b/src/common.hpp
index 675b17a..4b39994 100644
--- a/src/common.hpp
+++ b/src/common.hpp
@@ -22,7 +22,7 @@
#include "config.hpp"
-#ifdef WITH_TESTS
+#ifdef NDN_GEP_HAVE_TESTS
#define VIRTUAL_WITH_TESTS virtual
#define PUBLIC_WITH_TESTS_ELSE_PROTECTED public
#define PUBLIC_WITH_TESTS_ELSE_PRIVATE public
diff --git a/src/group-manager-db.cpp b/src/group-manager-db.cpp
index 7a955b5..ec0473d 100644
--- a/src/group-manager-db.cpp
+++ b/src/group-manager-db.cpp
@@ -20,6 +20,7 @@
*/
#include "group-manager-db.hpp"
+#include "algo/rsa.hpp"
#include <sqlite3.h>
#include <boost/filesystem.hpp>
@@ -46,7 +47,8 @@
" member_id INTEGER PRIMARY KEY, \n"
" schedule_id INTEGER NOT NULL, \n"
" member_name BLOB NOT NULL, \n"
- " member_cert BLOB NOT NULL, \n"
+ " key_name BLOB NOT NULL, \n"
+ " pubkey BLOB NOT NULL, \n"
" FOREIGN KEY(schedule_id) \n"
" REFERENCES schedules(schedule_id) \n"
" ON DELETE CASCADE \n"
@@ -155,21 +157,24 @@
return result;
}
-std::map<Name, Data>
+std::map<Name, Buffer>
GroupManagerDB::getScheduleMembers(const std::string& name) const
{
- std::map<Name, Data> result;
+ std::map<Name, Buffer> result;
Sqlite3Statement statement(m_impl->m_database,
- "SELECT member_name, member_cert\
+ "SELECT key_name, pubkey\
FROM members JOIN schedules\
ON members.schedule_id=schedules.schedule_id\
WHERE schedule_name=?");
statement.bind(1, name, SQLITE_TRANSIENT);
-
result.clear();
+
+ const uint8_t* keyBytes = nullptr;
while (statement.step() == SQLITE_ROW) {
- result.insert(std::pair<Name, Data>(Name(statement.getBlock(0)),
- Data(statement.getBlock(1))));
+ keyBytes = statement.getBlob(1);
+ const int& keyBytesSize = statement.getSize(1);
+ result.insert(std::pair<Name, Buffer>(Name(statement.getBlock(0)),
+ Buffer(keyBytes, keyBytesSize)));
}
return result;
}
@@ -248,22 +253,6 @@
return result;
}
-Data
-GroupManagerDB::getMemberCert(const Name& identity) const
-{
- Sqlite3Statement statement(m_impl->m_database,
- "SELECT member_cert FROM members WHERE member_name=?");
- statement.bind(1, identity.wireEncode(), SQLITE_TRANSIENT);
- Data result;
- if (statement.step() == SQLITE_ROW) {
- result.wireDecode(statement.getBlock(0));
- }
- else {
- BOOST_THROW_EXCEPTION(Error("Cannot get the result from database"));
- }
- return result;
-}
-
std::string
GroupManagerDB::getMemberSchedule(const Name& identity) const
{
@@ -285,21 +274,24 @@
}
void
-GroupManagerDB::addMember(const std::string& scheduleName, const Data& certificate)
+GroupManagerDB::addMember(const std::string& scheduleName, const Name& keyName,
+ const Buffer& key)
{
int scheduleId = m_impl->getScheduleId(scheduleName);
if (scheduleId == -1)
BOOST_THROW_EXCEPTION(Error("The schedule dose not exist"));
- IdentityCertificate cert(certificate);
- Name memberName = cert.getPublicKeyName().getPrefix(-1);
+ // need to be changed in the future
+ Name memberName = keyName.getPrefix(-1);
Sqlite3Statement statement(m_impl->m_database,
- "INSERT INTO members(schedule_id, member_name, member_cert)\
- values (?, ?, ?)");
+ "INSERT INTO members(schedule_id, member_name, key_name, pubkey)\
+ values (?, ?, ?, ?)");
statement.bind(1, scheduleId);
statement.bind(2, memberName.wireEncode(), SQLITE_TRANSIENT);
- statement.bind(3, certificate.wireEncode(), SQLITE_TRANSIENT);
+ statement.bind(3, keyName.wireEncode(), SQLITE_TRANSIENT);
+ statement.bind(4, key.buf(), key.size(), SQLITE_TRANSIENT);
+
if (statement.step() != SQLITE_DONE)
BOOST_THROW_EXCEPTION(Error("Cannot add the member to database"));
}
diff --git a/src/group-manager-db.hpp b/src/group-manager-db.hpp
index e64d677..bf5ef2f 100644
--- a/src/group-manager-db.hpp
+++ b/src/group-manager-db.hpp
@@ -75,10 +75,9 @@
getSchedule(const std::string& name) const;
/**
- * @brief Get member information of a schedule with @p name.
- * The member information include member name and certificate.
+ * @brief Get member key name and public key buffer of a schedule with @p name.
*/
- std::map<Name, Data>
+ std::map<Name, Buffer>
getScheduleMembers(const std::string& name) const;
/**
@@ -129,14 +128,6 @@
listAllMembers() const;
/**
- * @brief Get the certificate of the member with name @p identity
- *
- * @throw Error if there is no member with name @p identity in database
- */
- Data
- getMemberCert(const Name& identity) const;
-
- /**
* @brief Get the schedule name of a member with name @p identity
*
* @throw Error if there is no member with name @p identity in database
@@ -145,13 +136,15 @@
getMemberSchedule(const Name& identity) const;
/**
- * @brief Add a new member with @p certificate into a schedule with name @p scheduleName.
+ * @brief Add a new member with @p key of @p keyName
+ * into a schedule with name @p scheduleName.
*
* @throw Error when there's no schedule named @p scheduleName
- * @throw Error if add operation fails, e.g., a member with the same name exists
+ * @throw Error if add operation fails, e.g., the added member exists
*/
void
- addMember(const std::string& scheduleName, const Data& certificate);
+ addMember(const std::string& scheduleName, const Name& keyName,
+ const Buffer& key);
/**
* @brief Change the schedule of a member with name @p identity to a schedule with @p scheduleName
diff --git a/src/group-manager.cpp b/src/group-manager.cpp
new file mode 100644
index 0000000..587c488
--- /dev/null
+++ b/src/group-manager.cpp
@@ -0,0 +1,207 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
+/**
+ * Copyright (c) 2014-2015, Regents of the University of California
+ *
+ * This file is part of ndn-group-encrypt (Group-based Encryption Protocol for NDN).
+ * See AUTHORS.md for complete list of ndn-group-encrypt authors and contributors.
+ *
+ * ndn-group-encrypt is free software: you can redistribute it and/or modify it under the terms
+ * of the GNU General Public License as published by the Free Software Foundation,
+ * either version 3 of the License, or (at your option) any later version.
+ *
+ * ndn-group-encrypt is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
+ * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+ * PURPOSE. See the GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * ndn-group-encrypt, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
+ *
+ * @author Zhiyi Zhang <dreamerbarrychang@gmail.com>
+ */
+
+#include "group-manager.hpp"
+#include "encryptor.hpp"
+#include "encrypted-content.hpp"
+
+#include <map>
+
+namespace ndn {
+namespace gep {
+
+static const std::string E_KEY_COMPONENT = "E-KEY";
+static const std::string D_KEY_COMPONENT = "D-KEY";
+
+GroupManager::GroupManager(const Name& managedNamespace, const std::string& dbDir,
+ const int paramLength, const int freshPeriod)
+ : m_namespace(managedNamespace)
+ , m_db(dbDir)
+ , m_paramLength(paramLength)
+ , m_freshPeriod(freshPeriod)
+{
+}
+
+std::list<Data>
+GroupManager::getGroupKey(const TimeStamp& timeslot)
+{
+ std::map<Name, Buffer> memberKeys;
+ std::list<Data> result;
+
+ // get time interval
+ Interval finalInterval = calculateInterval(timeslot, memberKeys);
+ if (finalInterval.isValid() == false)
+ return result;
+
+ std::string startTs = boost::posix_time::to_iso_string(finalInterval.getStartTime());
+ std::string endTs = boost::posix_time::to_iso_string(finalInterval.getEndTime());
+
+ // generate the pri key and pub key
+ Buffer priKeyBuf, pubKeyBuf;
+ generateKeyPairs(priKeyBuf, pubKeyBuf);
+
+ // add the first element to the result
+ // E-KEY (public key) data packet name convention:
+ // /<data_type>/E-KEY/[start-ts]/[end-ts]
+ Data data = createEKeyData(startTs, endTs, pubKeyBuf);
+ result.push_back(data);
+
+ // encrypt pri key with pub key from certificate
+ for (const auto& entry : memberKeys) {
+ const Name& keyName = entry.first;
+ const Buffer& certKey = entry.second;
+
+ // generate the name of the packet
+ // D-KEY (private key) data packet name convention:
+ // /<data_type>/D-KEY/[start-ts]/[end-ts]/[member-name]
+ data = createDKeyData(startTs, endTs, keyName, priKeyBuf, certKey);
+ result.push_back(data);
+ }
+ return result;
+}
+
+void
+GroupManager::addSchedule(const std::string& scheduleName, const Schedule& schedule)
+{
+ m_db.addSchedule(scheduleName, schedule);
+}
+
+void
+GroupManager::deleteSchedule(const std::string& scheduleName)
+{
+ m_db.deleteSchedule(scheduleName);
+}
+
+void
+GroupManager::updateSchedule(const std::string& scheduleName, const Schedule& schedule)
+{
+ m_db.updateSchedule(scheduleName, schedule);
+}
+
+void
+GroupManager::addMember(const std::string& scheduleName, const Data& memCert)
+{
+ IdentityCertificate cert(memCert);
+ m_db.addMember(scheduleName, cert.getPublicKeyName(), cert.getPublicKeyInfo().get());
+}
+
+void
+GroupManager::removeMember(const Name& identity)
+{
+ m_db.deleteMember(identity);
+}
+
+void
+GroupManager::updateMemberSchedule(const Name& identity, const std::string& scheduleName)
+{
+ m_db.updateMemberSchedule(identity, scheduleName);
+}
+
+Interval
+GroupManager::calculateInterval(const TimeStamp& timeslot, std::map<Name, Buffer>& memberKeys)
+{
+ // prepare
+ Interval positiveResult;
+ Interval negativeResult;
+ Interval tempInterval;
+ Interval finalInterval;
+ bool isPositive;
+ memberKeys.clear();
+
+ // get the all intervals from schedules
+ for (const std::string& scheduleName : m_db.listAllScheduleNames()) {
+
+ const Schedule& schedule = m_db.getSchedule(scheduleName);
+ std::tie(isPositive, tempInterval) = schedule.getCoveringInterval(timeslot);
+
+ if (isPositive) {
+ if (!positiveResult.isValid())
+ positiveResult = tempInterval;
+ positiveResult && tempInterval;
+
+ std::map<Name, Buffer> m = m_db.getScheduleMembers(scheduleName);
+ memberKeys.insert(m.begin(), m.end());
+ }
+ else {
+ if (!negativeResult.isValid())
+ negativeResult = tempInterval;
+ negativeResult && tempInterval;
+ }
+ }
+ if (!positiveResult.isValid()) {
+ // return invalid interval when there is no member has interval covering the time slot
+ return Interval(false);
+ }
+
+ // get the final interval result
+ if (negativeResult.isValid())
+ finalInterval = positiveResult && negativeResult;
+ else
+ finalInterval = positiveResult;
+
+ return finalInterval;
+}
+
+void
+GroupManager::generateKeyPairs(Buffer& priKeyBuf, Buffer& pubKeyBuf) const
+{
+ RandomNumberGenerator rng;
+ RsaKeyParams params(m_paramLength);
+ algo::EncryptParams eparams(tlv::AlgorithmRsaPkcs);
+ DecryptKey<algo::Rsa> privateKey = algo::Rsa::generateKey(rng, params);
+ priKeyBuf = privateKey.getKeyBits();
+ EncryptKey<algo::Rsa> publicKey = algo::Rsa::deriveEncryptKey(priKeyBuf);
+ pubKeyBuf = publicKey.getKeyBits();
+}
+
+
+Data
+GroupManager::createEKeyData(const std::string& startTs, const std::string& endTs,
+ const Buffer& pubKeyBuf)
+{
+ Name dataName(m_namespace);
+ dataName.append(E_KEY_COMPONENT).append(startTs).append(endTs);
+ Data data(dataName);
+ data.setFreshnessPeriod(time::hours(m_freshPeriod));
+ data.setContent(pubKeyBuf.get(), pubKeyBuf.size());
+ m_keyChain.sign(data);
+ return data;
+}
+
+Data
+GroupManager::createDKeyData(const std::string& startTs, const std::string& endTs,
+ const Name& keyName, const Buffer& priKeyBuf,
+ const Buffer& certKey)
+{
+ Name dataName(m_namespace);
+ dataName.append(D_KEY_COMPONENT);
+ dataName.append(startTs).append(endTs).append(keyName.getPrefix(-1));
+ Data data = Data(dataName);
+ data.setFreshnessPeriod(time::hours(m_freshPeriod));
+ algo::EncryptParams eparams(tlv::AlgorithmRsaPkcs);
+ algo::encryptData(data, priKeyBuf.buf(), priKeyBuf.size(), keyName,
+ certKey.buf(), certKey.size(), eparams);
+ m_keyChain.sign(data);
+ return data;
+}
+
+} // namespace ndn
+} // namespace ndn
diff --git a/src/group-manager.hpp b/src/group-manager.hpp
new file mode 100644
index 0000000..34937da
--- /dev/null
+++ b/src/group-manager.hpp
@@ -0,0 +1,128 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
+/**
+ * Copyright (c) 2014-2015, Regents of the University of California
+ *
+ * This file is part of ndn-group-encrypt (Group-based Encryption Protocol for NDN).
+ * See AUTHORS.md for complete list of ndn-group-encrypt authors and contributors.
+ *
+ * ndn-group-encrypt is free software: you can redistribute it and/or modify it under the terms
+ * of the GNU General Public License as published by the Free Software Foundation,
+ * either version 3 of the License, or (at your option) any later version.
+ *
+ * ndn-group-encrypt is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
+ * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+ * PURPOSE. See the GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * ndn-group-encrypt, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
+ *
+ * @author Zhiyi Zhang <dreamerbarrychang@gmail.com>
+ */
+
+#ifndef NDN_GEP_GROUP_MANAGER_HPP
+#define NDN_GEP_GROUP_MANAGER_HPP
+
+#include "group-manager-db.hpp"
+#include "algo/rsa.hpp"
+
+#include <ndn-cxx/security/key-chain.hpp>
+
+namespace ndn {
+namespace gep {
+
+class GroupManager
+{
+public:
+ class Error : public std::runtime_error
+ {
+ public:
+ explicit
+ Error(const std::string& what)
+ : std::runtime_error(what)
+ {
+ }
+ };
+
+public:
+ /// @brief Create group manager using @p managedNamespace
+ GroupManager(const Name& managedNamespace, const std::string& dbDir,
+ const int paramLength, const int freshPeriod);
+
+ /**
+ * @brief Create a group key for interval which
+ * @p timeslot falls into
+ *
+ * This method creates a group key if it does not
+ * exist, and encrypts the key using public key of
+ * all eligible members
+ *
+ * @returns The group key (the first one is the
+ * public key, and the rest are encrypted
+ * private key.
+ */
+ std::list<Data>
+ getGroupKey(const TimeStamp& timeslot);
+
+ /// @brief Add @p schedule with @p scheduleName
+ void
+ addSchedule(const std::string& scheduleName, const Schedule& schedule);
+
+ /// @brief Delete schedule with name @p scheduleName
+ void
+ deleteSchedule(const std::string& scheduleName);
+
+ /// @brief Update a schedule by name @p scheduleName with a new @p schedule
+ void
+ updateSchedule(const std::string& scheduleName, const Schedule& schedule);
+
+ /// @brief Add @p memCert with @p scheduleName
+ void
+ addMember(const std::string& scheduleName, const Data& memCert);
+
+ /// @brief Remove member with name @p identity from the group.
+ void
+ removeMember(const Name& identity);
+
+ /// @brief Update @p member with a schedule of @p schedule Name.
+ void
+ updateMemberSchedule(const Name& identity, const std::string& scheduleName);
+
+PUBLIC_WITH_TESTS_ELSE_PRIVATE:
+ /**
+ * @brief Calculate interval that covers @p timeslot
+ * and fill @p memberKeys with the info of members who is allowed to access the interval.
+ */
+ Interval
+ calculateInterval(const TimeStamp& timeslot, std::map<Name, Buffer>& certMap);
+
+ /**
+ * @brief Generate rsa key pairs according to the member variable m_paramLength.
+ * @p priKeyBuf The generated private key buffer
+ * @p pubKeyBuf The generated public key buffer
+ */
+ void
+ generateKeyPairs(Buffer& priKeyBuf, Buffer& pubKeyBuf) const;
+
+ /// @brief Create E-KEY data.
+ Data
+ createEKeyData(const std::string& startTs, const std::string& endTs,
+ const Buffer& pubKeyBuf);
+
+ /// @brief Create D-KEY data.
+ Data
+ createDKeyData(const std::string& startTs, const std::string& endTs, const Name& keyName,
+ const Buffer& priKeyBuf, const Buffer& certKey);
+
+private:
+ Name m_namespace;
+ GroupManagerDB m_db;
+ int m_paramLength;
+ int m_freshPeriod;
+
+ KeyChain m_keyChain;
+};
+
+} // namespace gep
+} // namespace ndn
+
+#endif // NDN_GEP_GROUP_MANAGER_HPP
diff --git a/tests/unit-tests/group-manager-db.t.cpp b/tests/unit-tests/group-manager-db.t.cpp
index 2c23fab..a5807f2 100644
--- a/tests/unit-tests/group-manager-db.t.cpp
+++ b/tests/unit-tests/group-manager-db.t.cpp
@@ -20,6 +20,7 @@
*/
#include "group-manager-db.hpp"
+#include "algo/rsa.hpp"
#include "boost-test.hpp"
#include <boost/filesystem.hpp>
@@ -28,57 +29,57 @@
namespace gep {
namespace tests {
-const uint8_t DATA[] = {
-0x06, 0xfd, 0x02, 0xd7, 0x07, 0x38, 0x08, 0x03, 0x6e, 0x64, 0x6e, 0x08, 0x03, 0x4b, 0x45,
-0x59, 0x08, 0x05, 0x73, 0x69, 0x74, 0x65, 0x31, 0x08, 0x11, 0x6b, 0x73, 0x6b, 0x2d, 0x31,
-0x34, 0x31, 0x36, 0x34, 0x32, 0x35, 0x33, 0x37, 0x37, 0x30, 0x39, 0x34, 0x08, 0x07, 0x49,
-0x44, 0x2d, 0x43, 0x45, 0x52, 0x54, 0x08, 0x09, 0xfd, 0x00, 0x00, 0x01, 0x49, 0xc9, 0x8b,
-0x2e, 0x73, 0x14, 0x03, 0x18, 0x01, 0x02, 0x15, 0xfd, 0x01, 0x61, 0x30, 0x82, 0x01, 0x5d,
-0x30, 0x22, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x34, 0x31, 0x31, 0x31, 0x39, 0x31, 0x39, 0x33,
-0x33, 0x30, 0x32, 0x5a, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x35, 0x31, 0x31, 0x31, 0x39, 0x31,
-0x39, 0x33, 0x33, 0x30, 0x32, 0x5a, 0x30, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x29,
-0x13, 0x0a, 0x2f, 0x6e, 0x64, 0x6e, 0x2f, 0x73, 0x69, 0x74, 0x65, 0x31, 0x30, 0x82, 0x01,
-0x20, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05,
-0x00, 0x03, 0x82, 0x01, 0x0d, 0x00, 0x30, 0x82, 0x01, 0x08, 0x02, 0x82, 0x01, 0x01, 0x00,
-0xb6, 0x54, 0x7e, 0xe8, 0xf2, 0x91, 0x7d, 0xc1, 0x6d, 0xcb, 0x25, 0x44, 0x97, 0x90, 0xdc,
-0x78, 0x15, 0x0e, 0xef, 0xb5, 0xe7, 0xfd, 0x09, 0x2c, 0xf8, 0xd5, 0x9c, 0x2f, 0xe5, 0xa6,
-0xae, 0x9d, 0x7e, 0x95, 0x2d, 0xfc, 0xc7, 0xc3, 0x43, 0x46, 0xb0, 0x6f, 0x53, 0xcd, 0xcd,
-0x6a, 0x29, 0x1d, 0x95, 0xa1, 0x62, 0xcd, 0xa9, 0xf2, 0xf8, 0xe2, 0xfa, 0x8b, 0x5d, 0xfe,
-0xa1, 0x2b, 0x15, 0x3f, 0x7f, 0x71, 0xe6, 0x3e, 0xb9, 0xb1, 0x29, 0xd1, 0x22, 0x6f, 0x56,
-0xdf, 0xb6, 0x85, 0xaf, 0xd4, 0xb3, 0x67, 0x8b, 0x94, 0xb8, 0x83, 0xcb, 0x72, 0x86, 0xc4,
-0xf2, 0x86, 0xb2, 0x7c, 0x94, 0xbc, 0x38, 0x7b, 0x8c, 0x92, 0x86, 0x36, 0x83, 0x0e, 0x11,
-0x8c, 0x95, 0x49, 0xff, 0xcc, 0x16, 0x62, 0xdb, 0x55, 0x40, 0x7f, 0xc8, 0x8d, 0xe4, 0x3f,
-0x87, 0x02, 0x87, 0xaf, 0xf6, 0x2f, 0x8a, 0x7d, 0x74, 0x10, 0xd3, 0xbb, 0xa3, 0xfe, 0x5a,
-0x7b, 0x8f, 0x56, 0x09, 0x8b, 0x49, 0x46, 0x9f, 0x7d, 0x55, 0xa3, 0x4a, 0xe8, 0x22, 0x7b,
-0x80, 0x8a, 0x6f, 0xde, 0x9f, 0xfb, 0x2f, 0xeb, 0xf7, 0x29, 0x8a, 0x38, 0x67, 0x41, 0xae,
-0x21, 0x7a, 0xe3, 0x7b, 0x96, 0x1a, 0x90, 0x35, 0x7d, 0x04, 0xaa, 0x4d, 0x9f, 0xe6, 0xd6,
-0x00, 0x17, 0x4e, 0x02, 0x34, 0x6c, 0x56, 0x3a, 0x81, 0x3c, 0xb4, 0x7f, 0x98, 0x48, 0x22,
-0xa0, 0x9f, 0x53, 0x35, 0xf9, 0x4e, 0xae, 0x8f, 0xc3, 0xfa, 0x0b, 0x93, 0xd4, 0x55, 0x78,
-0x05, 0xb0, 0x40, 0x44, 0x48, 0x74, 0xb7, 0x9b, 0x2d, 0x65, 0xf0, 0x3d, 0x2e, 0x87, 0x2b,
-0x48, 0x29, 0x12, 0x85, 0xf0, 0xaf, 0xc4, 0xdc, 0x73, 0xce, 0x18, 0x8b, 0xd9, 0x4c, 0x60,
-0x15, 0x51, 0xae, 0x47, 0x1e, 0x2b, 0x54, 0xde, 0xf6, 0xba, 0x77, 0x30, 0x5d, 0x68, 0x9a,
-0xfb, 0x02, 0x01, 0x11, 0x16, 0x2d, 0x1b, 0x01, 0x01, 0x1c, 0x28, 0x07, 0x26, 0x08, 0x03,
-0x6e, 0x64, 0x6e, 0x08, 0x03, 0x4b, 0x45, 0x59, 0x08, 0x11, 0x6b, 0x73, 0x6b, 0x2d, 0x31,
-0x34, 0x31, 0x36, 0x34, 0x32, 0x35, 0x32, 0x39, 0x35, 0x35, 0x34, 0x36, 0x08, 0x07, 0x49,
-0x44, 0x2d, 0x43, 0x45, 0x52, 0x54, 0x17, 0xfd, 0x01, 0x00, 0x26, 0x40, 0xbc, 0xf0, 0x28,
-0x12, 0x69, 0x94, 0x11, 0x13, 0xff, 0x47, 0x2c, 0x6b, 0x12, 0xdd, 0xfa, 0x60, 0x92, 0xe9,
-0x59, 0x10, 0x98, 0xd8, 0x11, 0x2a, 0xf0, 0x25, 0xb0, 0x03, 0xb2, 0xda, 0xd3, 0xb6, 0xa9,
-0xfb, 0x8b, 0xc3, 0x6f, 0xfb, 0xb4, 0x93, 0x9b, 0x24, 0x9f, 0x7e, 0x63, 0x8a, 0x37, 0xea,
-0x88, 0x74, 0xac, 0x0c, 0x04, 0x5b, 0xa2, 0x39, 0x0c, 0xa1, 0x9e, 0x0e, 0xa2, 0xd6, 0x74,
-0xca, 0xc4, 0x92, 0x64, 0x9f, 0xc2, 0x68, 0x56, 0xef, 0xc5, 0x11, 0xe8, 0x7a, 0xf3, 0x21,
-0xde, 0x88, 0x40, 0x70, 0x2b, 0x44, 0xe0, 0xcb, 0x3b, 0x33, 0xc6, 0x53, 0x65, 0x70, 0x56,
-0x08, 0xe2, 0x22, 0x70, 0x9e, 0xe0, 0x38, 0x18, 0xa8, 0x7c, 0x7d, 0x09, 0x15, 0xac, 0xf1,
-0x44, 0x63, 0x5d, 0xd5, 0x59, 0xf4, 0xeb, 0x60, 0x6c, 0x6e, 0x77, 0x36, 0x20, 0x2a, 0xe2,
-0xd1, 0x2d, 0xa1, 0x7d, 0xd4, 0x6d, 0x29, 0x2d, 0x88, 0xde, 0x9e, 0xf8, 0x64, 0x41, 0x6a,
-0xeb, 0x9f, 0x3b, 0x52, 0x06, 0xb1, 0x94, 0x09, 0x3b, 0xc9, 0xba, 0xa0, 0x05, 0x31, 0x2d,
-0x49, 0x17, 0x5b, 0xc1, 0x62, 0xf5, 0x19, 0xce, 0x27, 0x7b, 0xe8, 0x4b, 0xeb, 0x80, 0x36,
-0xf3, 0xd7, 0xe9, 0x59, 0x22, 0x50, 0x5a, 0x14, 0xb0, 0x1a, 0xa5, 0x6b, 0x33, 0xb2, 0x83,
-0x72, 0x11, 0xf4, 0xd5, 0xd2, 0x32, 0x93, 0x94, 0xb6, 0x8d, 0xed, 0xcd, 0xce, 0x54, 0x79,
-0xe8, 0xc3, 0x3c, 0xa8, 0xc6, 0x71, 0xa7, 0x61, 0xba, 0x70, 0x44, 0x94, 0xc9, 0xfc, 0xd0,
-0x20, 0x00, 0x87, 0xdc, 0xf3, 0x3c, 0x47, 0x1b, 0x4f, 0x91, 0x4c, 0xc7, 0x49, 0xb7, 0xe4,
-0xe3, 0x84, 0xb7, 0x82, 0x52, 0xec, 0x91, 0xa9, 0x28, 0x38, 0x2d, 0x48, 0x89, 0xc7, 0xcf,
-0xfa, 0x63, 0x0b, 0xf0, 0x62, 0x51, 0xac, 0xe9, 0xdb, 0xfd, 0x1c
-};
+// const uint8_t DATA[] = {
+// 0x06, 0xfd, 0x02, 0xd7, 0x07, 0x38, 0x08, 0x03, 0x6e, 0x64, 0x6e, 0x08, 0x03, 0x4b, 0x45,
+// 0x59, 0x08, 0x05, 0x73, 0x69, 0x74, 0x65, 0x31, 0x08, 0x11, 0x6b, 0x73, 0x6b, 0x2d, 0x31,
+// 0x34, 0x31, 0x36, 0x34, 0x32, 0x35, 0x33, 0x37, 0x37, 0x30, 0x39, 0x34, 0x08, 0x07, 0x49,
+// 0x44, 0x2d, 0x43, 0x45, 0x52, 0x54, 0x08, 0x09, 0xfd, 0x00, 0x00, 0x01, 0x49, 0xc9, 0x8b,
+// 0x2e, 0x73, 0x14, 0x03, 0x18, 0x01, 0x02, 0x15, 0xfd, 0x01, 0x61, 0x30, 0x82, 0x01, 0x5d,
+// 0x30, 0x22, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x34, 0x31, 0x31, 0x31, 0x39, 0x31, 0x39, 0x33,
+// 0x33, 0x30, 0x32, 0x5a, 0x18, 0x0f, 0x32, 0x30, 0x31, 0x35, 0x31, 0x31, 0x31, 0x39, 0x31,
+// 0x39, 0x33, 0x33, 0x30, 0x32, 0x5a, 0x30, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x29,
+// 0x13, 0x0a, 0x2f, 0x6e, 0x64, 0x6e, 0x2f, 0x73, 0x69, 0x74, 0x65, 0x31, 0x30, 0x82, 0x01,
+// 0x20, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05,
+// 0x00, 0x03, 0x82, 0x01, 0x0d, 0x00, 0x30, 0x82, 0x01, 0x08, 0x02, 0x82, 0x01, 0x01, 0x00,
+// 0xb6, 0x54, 0x7e, 0xe8, 0xf2, 0x91, 0x7d, 0xc1, 0x6d, 0xcb, 0x25, 0x44, 0x97, 0x90, 0xdc,
+// 0x78, 0x15, 0x0e, 0xef, 0xb5, 0xe7, 0xfd, 0x09, 0x2c, 0xf8, 0xd5, 0x9c, 0x2f, 0xe5, 0xa6,
+// 0xae, 0x9d, 0x7e, 0x95, 0x2d, 0xfc, 0xc7, 0xc3, 0x43, 0x46, 0xb0, 0x6f, 0x53, 0xcd, 0xcd,
+// 0x6a, 0x29, 0x1d, 0x95, 0xa1, 0x62, 0xcd, 0xa9, 0xf2, 0xf8, 0xe2, 0xfa, 0x8b, 0x5d, 0xfe,
+// 0xa1, 0x2b, 0x15, 0x3f, 0x7f, 0x71, 0xe6, 0x3e, 0xb9, 0xb1, 0x29, 0xd1, 0x22, 0x6f, 0x56,
+// 0xdf, 0xb6, 0x85, 0xaf, 0xd4, 0xb3, 0x67, 0x8b, 0x94, 0xb8, 0x83, 0xcb, 0x72, 0x86, 0xc4,
+// 0xf2, 0x86, 0xb2, 0x7c, 0x94, 0xbc, 0x38, 0x7b, 0x8c, 0x92, 0x86, 0x36, 0x83, 0x0e, 0x11,
+// 0x8c, 0x95, 0x49, 0xff, 0xcc, 0x16, 0x62, 0xdb, 0x55, 0x40, 0x7f, 0xc8, 0x8d, 0xe4, 0x3f,
+// 0x87, 0x02, 0x87, 0xaf, 0xf6, 0x2f, 0x8a, 0x7d, 0x74, 0x10, 0xd3, 0xbb, 0xa3, 0xfe, 0x5a,
+// 0x7b, 0x8f, 0x56, 0x09, 0x8b, 0x49, 0x46, 0x9f, 0x7d, 0x55, 0xa3, 0x4a, 0xe8, 0x22, 0x7b,
+// 0x80, 0x8a, 0x6f, 0xde, 0x9f, 0xfb, 0x2f, 0xeb, 0xf7, 0x29, 0x8a, 0x38, 0x67, 0x41, 0xae,
+// 0x21, 0x7a, 0xe3, 0x7b, 0x96, 0x1a, 0x90, 0x35, 0x7d, 0x04, 0xaa, 0x4d, 0x9f, 0xe6, 0xd6,
+// 0x00, 0x17, 0x4e, 0x02, 0x34, 0x6c, 0x56, 0x3a, 0x81, 0x3c, 0xb4, 0x7f, 0x98, 0x48, 0x22,
+// 0xa0, 0x9f, 0x53, 0x35, 0xf9, 0x4e, 0xae, 0x8f, 0xc3, 0xfa, 0x0b, 0x93, 0xd4, 0x55, 0x78,
+// 0x05, 0xb0, 0x40, 0x44, 0x48, 0x74, 0xb7, 0x9b, 0x2d, 0x65, 0xf0, 0x3d, 0x2e, 0x87, 0x2b,
+// 0x48, 0x29, 0x12, 0x85, 0xf0, 0xaf, 0xc4, 0xdc, 0x73, 0xce, 0x18, 0x8b, 0xd9, 0x4c, 0x60,
+// 0x15, 0x51, 0xae, 0x47, 0x1e, 0x2b, 0x54, 0xde, 0xf6, 0xba, 0x77, 0x30, 0x5d, 0x68, 0x9a,
+// 0xfb, 0x02, 0x01, 0x11, 0x16, 0x2d, 0x1b, 0x01, 0x01, 0x1c, 0x28, 0x07, 0x26, 0x08, 0x03,
+// 0x6e, 0x64, 0x6e, 0x08, 0x03, 0x4b, 0x45, 0x59, 0x08, 0x11, 0x6b, 0x73, 0x6b, 0x2d, 0x31,
+// 0x34, 0x31, 0x36, 0x34, 0x32, 0x35, 0x32, 0x39, 0x35, 0x35, 0x34, 0x36, 0x08, 0x07, 0x49,
+// 0x44, 0x2d, 0x43, 0x45, 0x52, 0x54, 0x17, 0xfd, 0x01, 0x00, 0x26, 0x40, 0xbc, 0xf0, 0x28,
+// 0x12, 0x69, 0x94, 0x11, 0x13, 0xff, 0x47, 0x2c, 0x6b, 0x12, 0xdd, 0xfa, 0x60, 0x92, 0xe9,
+// 0x59, 0x10, 0x98, 0xd8, 0x11, 0x2a, 0xf0, 0x25, 0xb0, 0x03, 0xb2, 0xda, 0xd3, 0xb6, 0xa9,
+// 0xfb, 0x8b, 0xc3, 0x6f, 0xfb, 0xb4, 0x93, 0x9b, 0x24, 0x9f, 0x7e, 0x63, 0x8a, 0x37, 0xea,
+// 0x88, 0x74, 0xac, 0x0c, 0x04, 0x5b, 0xa2, 0x39, 0x0c, 0xa1, 0x9e, 0x0e, 0xa2, 0xd6, 0x74,
+// 0xca, 0xc4, 0x92, 0x64, 0x9f, 0xc2, 0x68, 0x56, 0xef, 0xc5, 0x11, 0xe8, 0x7a, 0xf3, 0x21,
+// 0xde, 0x88, 0x40, 0x70, 0x2b, 0x44, 0xe0, 0xcb, 0x3b, 0x33, 0xc6, 0x53, 0x65, 0x70, 0x56,
+// 0x08, 0xe2, 0x22, 0x70, 0x9e, 0xe0, 0x38, 0x18, 0xa8, 0x7c, 0x7d, 0x09, 0x15, 0xac, 0xf1,
+// 0x44, 0x63, 0x5d, 0xd5, 0x59, 0xf4, 0xeb, 0x60, 0x6c, 0x6e, 0x77, 0x36, 0x20, 0x2a, 0xe2,
+// 0xd1, 0x2d, 0xa1, 0x7d, 0xd4, 0x6d, 0x29, 0x2d, 0x88, 0xde, 0x9e, 0xf8, 0x64, 0x41, 0x6a,
+// 0xeb, 0x9f, 0x3b, 0x52, 0x06, 0xb1, 0x94, 0x09, 0x3b, 0xc9, 0xba, 0xa0, 0x05, 0x31, 0x2d,
+// 0x49, 0x17, 0x5b, 0xc1, 0x62, 0xf5, 0x19, 0xce, 0x27, 0x7b, 0xe8, 0x4b, 0xeb, 0x80, 0x36,
+// 0xf3, 0xd7, 0xe9, 0x59, 0x22, 0x50, 0x5a, 0x14, 0xb0, 0x1a, 0xa5, 0x6b, 0x33, 0xb2, 0x83,
+// 0x72, 0x11, 0xf4, 0xd5, 0xd2, 0x32, 0x93, 0x94, 0xb6, 0x8d, 0xed, 0xcd, 0xce, 0x54, 0x79,
+// 0xe8, 0xc3, 0x3c, 0xa8, 0xc6, 0x71, 0xa7, 0x61, 0xba, 0x70, 0x44, 0x94, 0xc9, 0xfc, 0xd0,
+// 0x20, 0x00, 0x87, 0xdc, 0xf3, 0x3c, 0x47, 0x1b, 0x4f, 0x91, 0x4c, 0xc7, 0x49, 0xb7, 0xe4,
+// 0xe3, 0x84, 0xb7, 0x82, 0x52, 0xec, 0x91, 0xa9, 0x28, 0x38, 0x2d, 0x48, 0x89, 0xc7, 0xcf,
+// 0xfa, 0x63, 0x0b, 0xf0, 0x62, 0x51, 0xac, 0xe9, 0xdb, 0xfd, 0x1c
+// };
const uint8_t SCHEDULE[] = {
0x8f, 0xc4,// Schedule
@@ -181,23 +182,23 @@
dbDir += "/test.db";
GroupManagerDB db(dbDir);
- Block dataBlock(DATA, sizeof(DATA));
Block scheduleBlock(SCHEDULE, sizeof(SCHEDULE));
// create schedule
Schedule schedule(scheduleBlock);
// create member
- Data data1(dataBlock);
- data1.setName(Name("/ndn/BoyA/KEY/ksk-123/ID-CERT/123"));
- Data data2(dataBlock);
- data2.setName(Name("/ndn/BoyB/KEY/ksk-123/ID-CERT/123"));
- Data data3(dataBlock);
- data3.setName(Name("/ndn/GirlC/KEY/ksk-123/ID-CERT/123"));
- Data data4(dataBlock);
- data4.setName(Name("/ndn/GirlD/KEY/ksk-123/ID-CERT/123"));
- Data data5(dataBlock);
- data5.setName(Name("/ndn/Hello/KEY/ksk-123/ID-CERT/123"));
+ RandomNumberGenerator rng;
+ RsaKeyParams params;
+ DecryptKey<algo::Rsa> decryptKey = algo::Rsa::generateKey(rng, params);
+ EncryptKey<algo::Rsa> encryptKey = algo::Rsa::deriveEncryptKey(decryptKey.getKeyBits());
+ Buffer keyBuf = encryptKey.getKeyBits();
+
+ Name name1("/ndn/BoyA/ksk-123");
+ Name name2("/ndn/BoyB/ksk-1233");
+ Name name3("/ndn/GirlC/ksk-123");
+ Name name4("/ndn/GirlD/ksk-123");
+ Name name5("/ndn/Hello/ksk-123");
// add schedules into the database
BOOST_CHECK_NO_THROW(db.addSchedule("work-time", schedule));
@@ -209,18 +210,18 @@
BOOST_CHECK_THROW(db.addSchedule("boelter-time", schedule), GroupManagerDB::Error);
// add members into the database
- BOOST_CHECK_NO_THROW(db.addMember("work-time", data1));
- BOOST_CHECK_NO_THROW(db.addMember("rest-time", data2));
- BOOST_CHECK_NO_THROW(db.addMember("play-time", data3));
- BOOST_CHECK_NO_THROW(db.addMember("play-time", data4));
+ BOOST_CHECK_NO_THROW(db.addMember("work-time", name1, keyBuf));
+ BOOST_CHECK_NO_THROW(db.addMember("rest-time", name2, keyBuf));
+ BOOST_CHECK_NO_THROW(db.addMember("play-time", name3, keyBuf));
+ BOOST_CHECK_NO_THROW(db.addMember("play-time", name4, keyBuf));
// throw exception when adding a member having a not existing schedule name
- BOOST_CHECK_THROW(db.addMember("false-time", data5), GroupManagerDB::Error);
+ BOOST_CHECK_THROW(db.addMember("false-time", name5, keyBuf), GroupManagerDB::Error);
- BOOST_CHECK_NO_THROW(db.addMember("boelter-time", data5));
+ BOOST_CHECK_NO_THROW(db.addMember("boelter-time", name5, keyBuf));
// throw exception when adding a member having an existing identity
- BOOST_CHECK_THROW(db.addMember("work-time", data5), GroupManagerDB::Error);
+ BOOST_CHECK_THROW(db.addMember("work-time", name5, keyBuf), GroupManagerDB::Error);
// has function
BOOST_CHECK_EQUAL(db.hasSchedule("work-time"), true);
@@ -243,16 +244,6 @@
// throw exception when there is no such schedule in database
BOOST_CHECK_THROW(db.getSchedule("work-time-11"), GroupManagerDB::Error);
- // get certificate of a member
- Data dataResult = db.getMemberCert(Name("/ndn/BoyA"));
- BOOST_CHECK(dataResult.wireEncode() == data1.wireEncode());
-
- dataResult = db.getMemberCert(Name("/ndn/GirlC"));
- BOOST_CHECK(dataResult.wireEncode() == data3.wireEncode());
-
- // throw error when there is no such member in database
- BOOST_CHECK_THROW(db.getMemberCert(Name("/ndn/GirlA")), GroupManagerDB::Error);
-
// list all schedule names
std::list<std::string> names = db.listAllScheduleNames();
BOOST_CHECK(std::find(names.begin(), names.end(), "work-time") != names.end());
@@ -261,7 +252,7 @@
BOOST_CHECK(std::find(names.begin(), names.end(), "sleep-time") == names.end());
// list members of a schedule
- std::map<Name, Data> memberMap = db.getScheduleMembers("play-time");
+ std::map<Name, Buffer> memberMap = db.getScheduleMembers("play-time");
BOOST_CHECK(memberMap.size() != 0);
// when there's no such schedule, the return list's size is 0
diff --git a/tests/unit-tests/group-manager.t.cpp b/tests/unit-tests/group-manager.t.cpp
new file mode 100644
index 0000000..1d25698
--- /dev/null
+++ b/tests/unit-tests/group-manager.t.cpp
@@ -0,0 +1,354 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
+/**
+ * Copyright (c) 2014-2015, Regents of the University of California
+ *
+ * This file is part of ndn-group-encrypt (Group-based Encryption Protocol for NDN).
+ * See AUTHORS.md for complete list of ndn-group-encrypt authors and contributors.
+ *
+ * ndn-group-encrypt is free software: you can redistribute it and/or modify it under the terms
+ * of the GNU General Public License as published by the Free Software Foundation,
+ * either version 3 of the License, or (at your option) any later version.
+ *
+ * ndn-group-encrypt is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
+ * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+ * PURPOSE. See the GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along with
+ * ndn-group-encrypt, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
+ *
+ * @author Zhiyi Zhang <dreamerbarrychang@gmail.com>
+ */
+
+#include "group-manager.hpp"
+#include "boost-test.hpp"
+#include "algo/rsa.hpp"
+#include "algo/aes.hpp"
+#include "encrypted-content.hpp"
+
+#include <boost/filesystem.hpp>
+#include <ndn-cxx/encoding/buffer-stream.hpp>
+#include <string>
+
+namespace ndn {
+namespace gep {
+namespace tests {
+
+using namespace boost::posix_time;
+
+const uint8_t SIG_INFO[] = {
+ 0x16, 0x1b, // SignatureInfo
+ 0x1b, 0x01, // SignatureType
+ 0x01,
+ 0x1c, 0x16, // KeyLocator
+ 0x07, 0x14, // Name
+ 0x08, 0x04,
+ 0x74, 0x65, 0x73, 0x74,
+ 0x08, 0x03,
+ 0x6b, 0x65, 0x79,
+ 0x08, 0x07,
+ 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x6f, 0x72
+};
+
+const uint8_t SIG_VALUE[] = {
+ 0x17, 0x80, // SignatureValue
+ 0x2f, 0xd6, 0xf1, 0x6e, 0x80, 0x6f, 0x10, 0xbe, 0xb1, 0x6f, 0x3e, 0x31, 0xec,
+ 0xe3, 0xb9, 0xea, 0x83, 0x30, 0x40, 0x03, 0xfc, 0xa0, 0x13, 0xd9, 0xb3, 0xc6,
+ 0x25, 0x16, 0x2d, 0xa6, 0x58, 0x41, 0x69, 0x62, 0x56, 0xd8, 0xb3, 0x6a, 0x38,
+ 0x76, 0x56, 0xea, 0x61, 0xb2, 0x32, 0x70, 0x1c, 0xb6, 0x4d, 0x10, 0x1d, 0xdc,
+ 0x92, 0x8e, 0x52, 0xa5, 0x8a, 0x1d, 0xd9, 0x96, 0x5e, 0xc0, 0x62, 0x0b, 0xcf,
+ 0x3a, 0x9d, 0x7f, 0xca, 0xbe, 0xa1, 0x41, 0x71, 0x85, 0x7a, 0x8b, 0x5d, 0xa9,
+ 0x64, 0xd6, 0x66, 0xb4, 0xe9, 0x8d, 0x0c, 0x28, 0x43, 0xee, 0xa6, 0x64, 0xe8,
+ 0x55, 0xf6, 0x1c, 0x19, 0x0b, 0xef, 0x99, 0x25, 0x1e, 0xdc, 0x78, 0xb3, 0xa7,
+ 0xaa, 0x0d, 0x14, 0x58, 0x30, 0xe5, 0x37, 0x6a, 0x6d, 0xdb, 0x56, 0xac, 0xa3,
+ 0xfc, 0x90, 0x7a, 0xb8, 0x66, 0x9c, 0x0e, 0xf6, 0xb7, 0x64, 0xd1
+};
+
+class GroupManagerFixture
+{
+public:
+ GroupManagerFixture()
+ : tmpPath(boost::filesystem::path(TMP_TESTS_PATH))
+ {
+ boost::filesystem::create_directories(tmpPath);
+
+ // generate the certificate public key
+ RandomNumberGenerator rng;
+ RsaKeyParams params;
+ DecryptKey<algo::Rsa> memberDecryptKey = algo::Rsa::generateKey(rng, params);
+ decryptKeyBuf = memberDecryptKey.getKeyBits();
+ EncryptKey<algo::Rsa> memberEncryptKey = algo::Rsa::deriveEncryptKey(decryptKeyBuf);
+ encryptKeyBuf = memberEncryptKey.getKeyBits();
+
+ // generate certificate
+ cert.setName(Name("/ndn/memberA/KEY/ksk-123/ID-CERT/123"));
+ PublicKey contentPubKey(encryptKeyBuf.buf(), encryptKeyBuf.size());
+ cert.setPublicKeyInfo(contentPubKey);
+ cert.encode();
+
+ Block sigInfoBlock(SIG_INFO, sizeof(SIG_INFO));
+ Block sigValueBlock(SIG_VALUE, sizeof(SIG_VALUE));
+
+ Signature sig(sigInfoBlock, sigValueBlock);
+ cert.setSignature(sig);
+
+ auto dataBlock = cert.wireEncode();
+ }
+
+ void
+ setManager(GroupManager& manager)
+ {
+ // set the first schedule
+ Schedule schedule1;
+ RepetitiveInterval interval11(from_iso_string("20150825T000000"),
+ from_iso_string("20150827T000000"),
+ 5, 10, 2, RepetitiveInterval::RepeatUnit::DAY);
+ RepetitiveInterval interval12(from_iso_string("20150825T000000"),
+ from_iso_string("20150827T000000"),
+ 6, 8, 1, RepetitiveInterval::RepeatUnit::DAY);
+ RepetitiveInterval interval13(from_iso_string("20150827T000000"),
+ from_iso_string("20150827T000000"),
+ 7, 8);
+ schedule1.addWhiteInterval(interval11);
+ schedule1.addWhiteInterval(interval12);
+ schedule1.addBlackInterval(interval13);
+
+ // set the second schedule
+ Schedule schedule2;
+ RepetitiveInterval interval21(from_iso_string("20150825T000000"),
+ from_iso_string("20150827T000000"),
+ 9, 12, 1, RepetitiveInterval::RepeatUnit::DAY);
+ RepetitiveInterval interval22(from_iso_string("20150827T000000"),
+ from_iso_string("20150827T000000"),
+ 6, 8);
+ RepetitiveInterval interval23(from_iso_string("20150827T000000"),
+ from_iso_string("20150827T000000"),
+ 2, 4);
+ schedule2.addWhiteInterval(interval21);
+ schedule2.addWhiteInterval(interval22);
+ schedule2.addBlackInterval(interval23);
+
+ // add to the group manager db
+ manager.addSchedule("schedule1", schedule1);
+ manager.addSchedule("schedule2", schedule2);
+
+ // do some adaptions to certificate
+ Block dataBlock = cert.wireEncode();
+
+ Data memberA(dataBlock);
+ memberA.setName(Name("/ndn/memberA/KEY/ksk-123/ID-CERT/123"));
+ Data memberB(dataBlock);
+ memberB.setName(Name("/ndn/memberB/KEY/ksk-123/ID-CERT/123"));
+ Data memberC(dataBlock);
+ memberC.setName(Name("/ndn/memberC/KEY/ksk-123/ID-CERT/123"));
+
+ // add members to the database
+ manager.addMember("schedule1", memberA);
+ manager.addMember("schedule1", memberB);
+ manager.addMember("schedule2", memberC);
+ }
+
+ ~GroupManagerFixture()
+ {
+ boost::filesystem::remove_all(tmpPath);
+ }
+
+public:
+ boost::filesystem::path tmpPath;
+ Buffer decryptKeyBuf;
+ Buffer encryptKeyBuf;
+ IdentityCertificate cert;
+};
+
+BOOST_FIXTURE_TEST_SUITE(TestGroupManager, GroupManagerFixture)
+
+BOOST_AUTO_TEST_CASE(CreateDKeyData)
+{
+ // create the group manager database
+ std::string dbDir = tmpPath.c_str();
+ dbDir += "/manager-d-key-test.db";
+ GroupManager manager(Name("Alice-read"), dbDir, 2048, 1);
+
+ Block newCertBlock = cert.wireEncode();
+ IdentityCertificate newCert(newCertBlock);
+
+ // encrypt D-KEY
+ Data data = manager.createDKeyData("20150825T000000", "20150827T000000", Name("/ndn/memberA/KEY"),
+ decryptKeyBuf, newCert.getPublicKeyInfo().get());
+
+ // verify encrypted D-KEY
+ Block dataContent = data.getContent();
+ dataContent.parse();
+ BOOST_CHECK_EQUAL(dataContent.elements_size(), 2);
+
+ // get nonce key
+ Block::element_const_iterator contentIterator = dataContent.elements_begin();
+ Block nonceContent(*contentIterator);
+ BOOST_CHECK_EQUAL(nonceContent.type(), tlv::EncryptedContent);
+ EncryptedContent encryptedNonce(nonceContent);
+ BOOST_CHECK_EQUAL(encryptedNonce.getInitialVector().size(), 0);
+ BOOST_CHECK_EQUAL(encryptedNonce.getAlgorithmType(), tlv::AlgorithmRsaPkcs);
+
+ const Buffer& bufferNonce = encryptedNonce.getPayload();
+ algo::EncryptParams decryptParams(tlv::AlgorithmRsaPkcs);
+ Buffer nonce = algo::Rsa::decrypt(decryptKeyBuf.buf(), decryptKeyBuf.size(),
+ bufferNonce.buf(), bufferNonce.size(), decryptParams);
+
+ // get D-KEY
+ contentIterator++;
+ Block payloadContent(*contentIterator);
+ BOOST_CHECK_EQUAL(payloadContent.type(), tlv::EncryptedContent);
+ EncryptedContent encryptedPayload(payloadContent);
+ BOOST_CHECK_EQUAL(encryptedPayload.getInitialVector().size(), 16);
+ BOOST_CHECK_EQUAL(encryptedPayload.getAlgorithmType(), tlv::AlgorithmAesCbc);
+
+ decryptParams.setAlgorithmType(tlv::AlgorithmAesCbc);
+ decryptParams.setIV(encryptedPayload.getInitialVector().buf(),
+ encryptedPayload.getInitialVector().size());
+ const Buffer& bufferPayload = encryptedPayload.getPayload();
+ Buffer largePayload = algo::Aes::decrypt(nonce.buf(), nonce.size(),
+ bufferPayload.buf(), bufferPayload.size(),
+ decryptParams);
+
+ BOOST_CHECK_EQUAL_COLLECTIONS(largePayload.begin(), largePayload.end(),
+ decryptKeyBuf.begin(), decryptKeyBuf.end());
+}
+
+BOOST_AUTO_TEST_CASE(CreateEKeyData)
+{
+ // create the group manager database
+ std::string dbDir = tmpPath.c_str();
+ dbDir += "/manager-e-key-test.db";
+
+ // create group manager
+ GroupManager manager(Name("Alice-read"), dbDir, 1024, 1);
+ setManager(manager);
+
+ Data data = manager.createEKeyData("20150825T090000", "20150825T110000", encryptKeyBuf);
+ BOOST_CHECK_EQUAL(data.getName().toUri(), "/Alice-read/E-KEY/20150825T090000/20150825T110000");
+
+ Buffer contentBuf(data.getContent().value(), data.getContent().value_size());
+ BOOST_CHECK_EQUAL_COLLECTIONS(encryptKeyBuf.begin(), encryptKeyBuf.end(),
+ contentBuf.begin(), contentBuf.end());
+
+}
+
+BOOST_AUTO_TEST_CASE(CalculateInterval)
+{
+ // create the group manager database
+ std::string dbDir = tmpPath.c_str();
+ dbDir += "/manager-interval-test.db";
+
+ // create group manager
+ GroupManager manager(Name("Alice-read"), dbDir, 1024, 1);
+ setManager(manager);
+
+ std::map<Name, Buffer> memberKeys;
+ Interval result;
+
+ TimeStamp tp1(from_iso_string("20150825T093000"));
+ result = manager.calculateInterval(tp1, memberKeys);
+ BOOST_CHECK_EQUAL(to_iso_string(result.getStartTime()), "20150825T090000");
+ BOOST_CHECK_EQUAL(to_iso_string(result.getEndTime()), "20150825T100000");
+
+ TimeStamp tp2(from_iso_string("20150827T073000"));
+ result = manager.calculateInterval(tp2, memberKeys);
+ BOOST_CHECK_EQUAL(to_iso_string(result.getStartTime()), "20150827T070000");
+ BOOST_CHECK_EQUAL(to_iso_string(result.getEndTime()), "20150827T080000");
+
+ TimeStamp tp3(from_iso_string("20150827T043000"));
+ result = manager.calculateInterval(tp3, memberKeys);
+ BOOST_CHECK_EQUAL(result.isValid(), false);
+
+ TimeStamp tp4(from_iso_string("20150827T053000"));
+ result = manager.calculateInterval(tp4, memberKeys);
+ BOOST_CHECK_EQUAL(to_iso_string(result.getStartTime()), "20150827T050000");
+ BOOST_CHECK_EQUAL(to_iso_string(result.getEndTime()), "20150827T060000");
+}
+
+BOOST_AUTO_TEST_CASE(GetGroupKey)
+{
+ // create the group manager database
+ std::string dbDir = tmpPath.c_str();
+ dbDir += "/manager-group-key-test.db";
+
+ // create group manager
+ GroupManager manager(Name("Alice-read"), dbDir, 1024, 1);
+ setManager(manager);
+
+ // get data list from group manager
+ TimeStamp tp1(from_iso_string("20150825T093000"));
+ std::list<Data> result = manager.getGroupKey(tp1);
+
+ BOOST_CHECK_EQUAL(result.size(), 4);
+
+ // first data contain the group encrypt key(public key)
+ std::list<Data>::iterator dataIterator = result.begin();
+ BOOST_CHECK_EQUAL(dataIterator->getName().toUri(),
+ "/Alice-read/E-KEY/20150825T090000/20150825T100000");
+ EncryptKey<algo::Rsa> groupEKey(Buffer(dataIterator->getContent().value(),
+ dataIterator->getContent().value_size()));
+
+ // second data and decrypt
+ dataIterator++;
+ BOOST_CHECK_EQUAL(dataIterator->getName().getPrefix(-2).toUri(),
+ "/Alice-read/D-KEY/20150825T090000/20150825T100000");
+
+ //////////////////////////////////////////////////////////////////////// start decryption
+ Block dataContent = dataIterator->getContent();
+
+ dataContent.parse();
+ BOOST_CHECK_EQUAL(dataContent.elements_size(), 2);
+
+ // get nonce key
+ Block::element_const_iterator contentIterator = dataContent.elements_begin();
+ Block nonceContent(*contentIterator);
+ BOOST_CHECK_EQUAL(nonceContent.type(), tlv::EncryptedContent);
+ EncryptedContent encryptedNonce(nonceContent);
+ BOOST_CHECK_EQUAL(encryptedNonce.getInitialVector().size(), 0);
+ BOOST_CHECK_EQUAL(encryptedNonce.getAlgorithmType(), tlv::AlgorithmRsaPkcs);
+
+ algo::EncryptParams decryptParams(tlv::AlgorithmRsaPkcs);
+ const Buffer& bufferNonce = encryptedNonce.getPayload();
+ Buffer nonce = algo::Rsa::decrypt(decryptKeyBuf.buf(), decryptKeyBuf.size(),
+ bufferNonce.buf(), bufferNonce.size(), decryptParams);
+
+ // get buffer payload
+ contentIterator++;
+ Block payloadContent(*contentIterator);
+ BOOST_CHECK_EQUAL(payloadContent.type(), tlv::EncryptedContent);
+ EncryptedContent encryptedPayload(payloadContent);
+ BOOST_CHECK_EQUAL(encryptedPayload.getInitialVector().size(), 16);
+ BOOST_CHECK_EQUAL(encryptedPayload.getAlgorithmType(), tlv::AlgorithmAesCbc);
+
+ decryptParams.setAlgorithmType(tlv::AlgorithmAesCbc);
+ decryptParams.setIV(encryptedPayload.getInitialVector().buf(),
+ encryptedPayload.getInitialVector().size());
+ const Buffer& bufferPayload = encryptedPayload.getPayload();
+ Buffer largePayload = algo::Aes::decrypt(nonce.buf(), nonce.size(),
+ bufferPayload.buf(), bufferPayload.size(),
+ decryptParams);
+
+ // get group D-KEY
+ DecryptKey<algo::Rsa> groupDKey(Buffer(largePayload.buf(), largePayload.size()));
+
+ /////////////////////////////////////////////////////////////////////// end decryption
+
+ // check the D-KEY
+ EncryptKey<algo::Rsa> derivedGroupEKey = algo::Rsa::deriveEncryptKey(groupDKey.getKeyBits());
+ BOOST_CHECK_EQUAL_COLLECTIONS(groupEKey.getKeyBits().begin(), groupEKey.getKeyBits().end(),
+ derivedGroupEKey.getKeyBits().begin(),
+ derivedGroupEKey.getKeyBits().end());
+
+ // invalid time stamp to get group key
+ TimeStamp tp2(from_iso_string("20150826T083000"));
+ BOOST_CHECK_EQUAL(manager.getGroupKey(tp2).size(), 0);
+
+ TimeStamp tp3(from_iso_string("20150827T023000"));
+ BOOST_CHECK_EQUAL(manager.getGroupKey(tp3).size(), 0);
+}
+
+BOOST_AUTO_TEST_SUITE_END()
+
+} // namespace test
+} // namespace gep
+} // namespace ndn