Gitiles
Code Review Sign In
gerrit.named-data.net / name-based-access-control / d6e569ff4b2cf8dc76d7944980f7a2488faa92fe / . / tests / unit / access-manager.t.cpp
blob: d15249f8ade82cd1faa8ed76fbbdf0ecc4fadd87 [file] [log] [blame]
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Davide Pesavento9062a502020-01-04 17:14:04 -0500[diff] [blame]2/*
3 * Copyright (c) 2014-2020, Regents of the University of California
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]4 *
5 * NAC library is free software: you can redistribute it and/or modify it under the
6 * terms of the GNU Lesser General Public License as published by the Free Software
7 * Foundation, either version 3 of the License, or (at your option) any later version.
8 *
9 * NAC library is distributed in the hope that it will be useful, but WITHOUT ANY
10 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
11 * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
12 *
13 * You should have received copies of the GNU General Public License and GNU Lesser
14 * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
15 * <http://www.gnu.org/licenses/>.
16 *
17 * See AUTHORS.md for complete list of NAC library authors and contributors.
18 */
19
20#include "access-manager.hpp"
21
Davide Pesaventoba3f6892020-12-08 22:18:35 -0500[diff] [blame]22#include "tests/boost-test.hpp"
Davide Pesaventoba3f6892020-12-08 22:18:35 -0500[diff] [blame]23#include "tests/io-key-chain-fixture.hpp"
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]24
25#include <iostream>
Davide Pesaventocab86032020-12-10 20:30:12 -0500[diff] [blame]26#include <ndn-cxx/util/dummy-client-face.hpp>
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]27#include <ndn-cxx/util/string-helper.hpp>
28
29namespace ndn {
30namespace nac {
31namespace tests {
32
Davide Pesaventoba3f6892020-12-08 22:18:35 -0500[diff] [blame]33class AccessManagerFixture : public IoKeyChainFixture
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]34{
35public:
36 AccessManagerFixture()
Davide Pesaventocab86032020-12-10 20:30:12 -0500[diff] [blame]37 : face(m_io, m_keyChain, {true, true})
Davide Pesaventoba3f6892020-12-08 22:18:35 -0500[diff] [blame]38 , accessIdentity(m_keyChain.createIdentity("/access/policy/identity"))
39 , nacIdentity(m_keyChain.createIdentity("/access/policy/identity/NAC/dataset", // hack to get access to KEK key-id
40 RsaKeyParams()))
41 , userIdentities{m_keyChain.createIdentity("/first/user", RsaKeyParams()),
42 m_keyChain.createIdentity("/second/user", RsaKeyParams())}
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]43 , manager(accessIdentity, Name("/dataset"), m_keyChain, face)
44 {
45 advanceClocks(1_ms, 10);
46
47 for (auto& user : userIdentities) {
48 manager.addMember(user.getDefaultKey().getDefaultCertificate());
49 }
50 }
51
52public:
Davide Pesaventocab86032020-12-10 20:30:12 -0500[diff] [blame]53 util::DummyClientFace face;
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]54 Identity accessIdentity;
55 Identity nacIdentity;
56 std::vector<Identity> userIdentities;
57 AccessManager manager;
58};
59
60BOOST_FIXTURE_TEST_SUITE(TestAccessManager, AccessManagerFixture)
61
62BOOST_AUTO_TEST_CASE(PublishedKek)
63{
64 face.receive(Interest(Name("/access/policy/identity/NAC/dataset/KEK"))
65 .setCanBePrefix(true).setMustBeFresh(true));
66 advanceClocks(1_ms, 10);
67
68 BOOST_CHECK_EQUAL(face.sentData.at(0).getName().getPrefix(-1), "/access/policy/identity/NAC/dataset/KEK");
69 BOOST_CHECK_EQUAL(face.sentData.at(0).getName().get(-1), nacIdentity.getDefaultKey().getName().get(-1));
70}
71
72BOOST_AUTO_TEST_CASE(PublishedKdks)
73{
74 for (auto& user : userIdentities) {
75 Name kdk("/access/policy/identity/NAC/dataset/KDK");
76 kdk
77 .append(nacIdentity.getDefaultKey().getName().get(-1))
78 .append("ENCRYPTED-BY")
79 .append(user.getDefaultKey().getName());
80
Davide Pesavento32d1dc22020-12-09 18:01:47 -0500[diff] [blame]81 face.receive(Interest(kdk).setCanBePrefix(true).setMustBeFresh(true));
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]82 advanceClocks(1_ms, 10);
83
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]84 BOOST_CHECK_EQUAL(face.sentData.at(0).getName(), kdk);
85 face.sentData.clear();
86 }
87}
88
89BOOST_AUTO_TEST_CASE(EnumerateDataFromIms)
90{
91 BOOST_CHECK_EQUAL(manager.size(), 3);
92 size_t nKek = 0;
93 size_t nKdk = 0;
94 for (const auto& data : manager) {
95 BOOST_TEST_MESSAGE(data.getName());
96 if (data.getName().at(5) == KEK) {
97 ++nKek;
98 }
99 else if (data.getName().at(5) == KDK) {
100 ++nKdk;
101 }
102 }
103 BOOST_CHECK_EQUAL(nKek, 1);
104 BOOST_CHECK_EQUAL(nKdk, 2);
105}
106
Davide Pesavento32d1dc22020-12-09 18:01:47 -0500[diff] [blame]107BOOST_AUTO_TEST_CASE(GenerateTestData,
108 * ut::description("regenerates the static test data used by other test cases")
109 * ut::disabled())
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]110{
Davide Pesaventoba3f6892020-12-08 22:18:35 -0500[diff] [blame]111 std::cerr << "const Block nacIdentity = \"";
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]112 auto block = m_keyChain.exportSafeBag(nacIdentity.getDefaultKey().getDefaultCertificate(),
113 "password", strlen("password"))->wireEncode();
114 printHex(std::cerr, block.wire(), block.size(), true);
115 std::cerr << "\"_block;\n\n";
116
Davide Pesaventoba3f6892020-12-08 22:18:35 -0500[diff] [blame]117 std::cerr << "const std::vector<Block> userIdentities = {\n";
118 for (const auto& userId : userIdentities) {
119 std::cerr << " \"";
120 block = m_keyChain.exportSafeBag(userId.getDefaultKey().getDefaultCertificate(),
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]121 "password", strlen("password"))->wireEncode();
122 printHex(std::cerr, block.wire(), block.size(), true);
Davide Pesaventoba3f6892020-12-08 22:18:35 -0500[diff] [blame]123 std::cerr << "\"_block,\n";
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]124 }
Davide Pesaventoba3f6892020-12-08 22:18:35 -0500[diff] [blame]125 std::cerr << "};\n\n";
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]126
Davide Pesaventoba3f6892020-12-08 22:18:35 -0500[diff] [blame]127 std::cerr << "const std::vector<Block> managerPackets = {\n";
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]128 for (const auto& data : manager) {
Davide Pesaventoba3f6892020-12-08 22:18:35 -0500[diff] [blame]129 std::cerr << " \"";
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]130 printHex(std::cerr, data.wireEncode().wire(), data.wireEncode().size(), true);
Davide Pesaventoba3f6892020-12-08 22:18:35 -0500[diff] [blame]131 std::cerr << "\"_block,\n";
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]132 }
Davide Pesaventoba3f6892020-12-08 22:18:35 -0500[diff] [blame]133 std::cerr << "};\n\n";
Alexander Afanasyeve96538a2018-06-13 20:32:53 -0400[diff] [blame]134}
135
136BOOST_AUTO_TEST_SUITE_END()
137
138} // namespace tests
139} // namespace nac
140} // namespace ndn