Gitiles
Code Review Sign In
gerrit.named-data.net / name-based-access-control / 9ea4c45a4f31115c4aa739e341b226af043f487b / . / tests / unit / access-manager.t.cpp
blob: e2d41cd2a11c84adec39146db9913c24e109da2b [file] [log] [blame]
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Davide Pesavento9062a502020-01-04 17:14:04 -0500[diff] [blame]2/*
Davide Pesavento9ea4c452024-02-03 15:45:32 -0500[diff] [blame^]3 * Copyright (c) 2014-2024, Regents of the University of California
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]4 *
5 * NAC library is free software: you can redistribute it and/or modify it under the
6 * terms of the GNU Lesser General Public License as published by the Free Software
7 * Foundation, either version 3 of the License, or (at your option) any later version.
8 *
9 * NAC library is distributed in the hope that it will be useful, but WITHOUT ANY
10 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
11 * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
12 *
13 * You should have received copies of the GNU General Public License and GNU Lesser
14 * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
15 * <http://www.gnu.org/licenses/>.
16 *
17 * See AUTHORS.md for complete list of NAC library authors and contributors.
18 */
19
20#include "access-manager.hpp"
21
Davide Pesaventoba3f6892020-12-08 22:18:35 -0500[diff] [blame]22#include "tests/boost-test.hpp"
Davide Pesaventoba3f6892020-12-08 22:18:35 -0500[diff] [blame]23#include "tests/io-key-chain-fixture.hpp"
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]24
Davide Pesaventocab86032020-12-10 20:30:12 -0500[diff] [blame]25#include <ndn-cxx/util/dummy-client-face.hpp>
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]26#include <ndn-cxx/util/string-helper.hpp>
27
Davide Pesavento9ea4c452024-02-03 15:45:32 -0500[diff] [blame^]28#include <iostream>
29
Davide Pesavento5d2f1512023-08-11 14:50:51 -0400[diff] [blame]30namespace ndn::nac::tests {
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]31
Davide Pesaventoba3f6892020-12-08 22:18:35 -0500[diff] [blame]32class AccessManagerFixture : public IoKeyChainFixture
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]33{
34public:
35 AccessManagerFixture()
Davide Pesaventocab86032020-12-10 20:30:12 -0500[diff] [blame]36 : face(m_io, m_keyChain, {true, true})
Davide Pesaventoba3f6892020-12-08 22:18:35 -0500[diff] [blame]37 , accessIdentity(m_keyChain.createIdentity("/access/policy/identity"))
38 , nacIdentity(m_keyChain.createIdentity("/access/policy/identity/NAC/dataset", // hack to get access to KEK key-id
39 RsaKeyParams()))
40 , userIdentities{m_keyChain.createIdentity("/first/user", RsaKeyParams()),
41 m_keyChain.createIdentity("/second/user", RsaKeyParams())}
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]42 , manager(accessIdentity, Name("/dataset"), m_keyChain, face)
43 {
44 advanceClocks(1_ms, 10);
45
46 for (auto& user : userIdentities) {
47 manager.addMember(user.getDefaultKey().getDefaultCertificate());
48 }
49 }
50
51public:
Davide Pesavento5d2f1512023-08-11 14:50:51 -0400[diff] [blame]52 DummyClientFace face;
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]53 Identity accessIdentity;
54 Identity nacIdentity;
55 std::vector<Identity> userIdentities;
56 AccessManager manager;
57};
58
59BOOST_FIXTURE_TEST_SUITE(TestAccessManager, AccessManagerFixture)
60
61BOOST_AUTO_TEST_CASE(PublishedKek)
62{
63 face.receive(Interest(Name("/access/policy/identity/NAC/dataset/KEK"))
64 .setCanBePrefix(true).setMustBeFresh(true));
65 advanceClocks(1_ms, 10);
66
67 BOOST_CHECK_EQUAL(face.sentData.at(0).getName().getPrefix(-1), "/access/policy/identity/NAC/dataset/KEK");
68 BOOST_CHECK_EQUAL(face.sentData.at(0).getName().get(-1), nacIdentity.getDefaultKey().getName().get(-1));
69}
70
71BOOST_AUTO_TEST_CASE(PublishedKdks)
72{
73 for (auto& user : userIdentities) {
74 Name kdk("/access/policy/identity/NAC/dataset/KDK");
75 kdk
76 .append(nacIdentity.getDefaultKey().getName().get(-1))
77 .append("ENCRYPTED-BY")
78 .append(user.getDefaultKey().getName());
79
Davide Pesavento32d1dc22020-12-09 18:01:47 -0500[diff] [blame]80 face.receive(Interest(kdk).setCanBePrefix(true).setMustBeFresh(true));
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]81 advanceClocks(1_ms, 10);
82
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]83 BOOST_CHECK_EQUAL(face.sentData.at(0).getName(), kdk);
84 face.sentData.clear();
85 }
86}
87
88BOOST_AUTO_TEST_CASE(EnumerateDataFromIms)
89{
90 BOOST_CHECK_EQUAL(manager.size(), 3);
91 size_t nKek = 0;
92 size_t nKdk = 0;
93 for (const auto& data : manager) {
94 BOOST_TEST_MESSAGE(data.getName());
95 if (data.getName().at(5) == KEK) {
96 ++nKek;
97 }
98 else if (data.getName().at(5) == KDK) {
99 ++nKdk;
100 }
101 }
102 BOOST_CHECK_EQUAL(nKek, 1);
103 BOOST_CHECK_EQUAL(nKdk, 2);
104}
105
Davide Pesavento32d1dc22020-12-09 18:01:47 -0500[diff] [blame]106BOOST_AUTO_TEST_CASE(GenerateTestData,
107 * ut::description("regenerates the static test data used by other test cases")
Davide Pesavento9ea4c452024-02-03 15:45:32 -0500[diff] [blame^]108 * ut::disabled()
109 * ut::label("generator"))
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]110{
Davide Pesaventoba3f6892020-12-08 22:18:35 -0500[diff] [blame]111 std::cerr << "const Block nacIdentity = \"";
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]112 auto block = m_keyChain.exportSafeBag(nacIdentity.getDefaultKey().getDefaultCertificate(),
113 "password", strlen("password"))->wireEncode();
Davide Pesavento714dba02022-03-17 20:46:28 -0400[diff] [blame]114 printHex(std::cerr, block, true);
Davide Pesavento9ea4c452024-02-03 15:45:32 -0500[diff] [blame^]115 std::cerr << "\"_block;\n";
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]116
Davide Pesavento9ea4c452024-02-03 15:45:32 -0500[diff] [blame^]117 std::cerr << "const std::vector<Block> userIdentities{\n";
Davide Pesaventoba3f6892020-12-08 22:18:35 -0500[diff] [blame]118 for (const auto& userId : userIdentities) {
119 std::cerr << " \"";
120 block = m_keyChain.exportSafeBag(userId.getDefaultKey().getDefaultCertificate(),
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]121 "password", strlen("password"))->wireEncode();
Davide Pesavento714dba02022-03-17 20:46:28 -0400[diff] [blame]122 printHex(std::cerr, block, true);
Davide Pesaventoba3f6892020-12-08 22:18:35 -0500[diff] [blame]123 std::cerr << "\"_block,\n";
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]124 }
Davide Pesavento9ea4c452024-02-03 15:45:32 -0500[diff] [blame^]125 std::cerr << "};\n";
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]126
Davide Pesavento9ea4c452024-02-03 15:45:32 -0500[diff] [blame^]127 std::cerr << "const std::vector<Block> managerPackets{\n";
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]128 for (const auto& data : manager) {
Davide Pesaventoba3f6892020-12-08 22:18:35 -0500[diff] [blame]129 std::cerr << " \"";
Davide Pesavento714dba02022-03-17 20:46:28 -0400[diff] [blame]130 printHex(std::cerr, data.wireEncode(), true);
Davide Pesaventoba3f6892020-12-08 22:18:35 -0500[diff] [blame]131 std::cerr << "\"_block,\n";
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]132 }
Davide Pesavento9ea4c452024-02-03 15:45:32 -0500[diff] [blame^]133 std::cerr << "};\n";
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]134}
135
136BOOST_AUTO_TEST_SUITE_END()
137
Davide Pesavento5d2f1512023-08-11 14:50:51 -0400[diff] [blame]138} // namespace ndn::nac::tests