Gitiles
Code Review Sign In
gerrit.named-data.net / name-based-access-control / refs/heads/master / . / tests / unit-tests / group-manager.t.cpp
blob: 200ff7470df88a131a4b6c72eb84c7276d9be160 [file] [log] [blame]
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
2/**
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]3 * Copyright (c) 2014-2018, Regents of the University of California
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]4 *
Alexander Afanasyev9091d832018-04-18 17:21:08 -0400[diff] [blame]5 * This file is part of NAC (Name-Based Access Control for NDN).
6 * See AUTHORS.md for complete list of NAC authors and contributors.
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]7 *
Alexander Afanasyev9091d832018-04-18 17:21:08 -0400[diff] [blame]8 * NAC is free software: you can redistribute it and/or modify it under the terms
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]9 * of the GNU General Public License as published by the Free Software Foundation,
10 * either version 3 of the License, or (at your option) any later version.
11 *
Alexander Afanasyev9091d832018-04-18 17:21:08 -0400[diff] [blame]12 * NAC is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]13 * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
14 * PURPOSE. See the GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License along with
Alexander Afanasyev9091d832018-04-18 17:21:08 -0400[diff] [blame]17 * NAC, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]18 *
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]19 * @author Zhiyi Zhang <zhiyi@cs.ucla.edu>
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]20 */
21
22#include "group-manager.hpp"
23#include "boost-test.hpp"
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]24#include "encrypted-content.hpp"
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]25#include "algo/aes.hpp"
26#include "algo/rsa.hpp"
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]27#include <ndn-cxx/encoding/buffer-stream.hpp>
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]28#include <boost/filesystem.hpp>
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]29#include <string>
30
31namespace ndn {
Alexander Afanasyev9091d832018-04-18 17:21:08 -0400[diff] [blame]32namespace nac {
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]33namespace tests {
34
35using namespace boost::posix_time;
36
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]37const uint8_t SIG_INFO[] = {0x16, 0x1b, // SignatureInfo
38 0x1b, 0x01, // SignatureType
39 0x01, 0x1c, 0x16, // KeyLocator
40 0x07, 0x14, // Name
41 0x08, 0x04, 0x74, 0x65, 0x73, 0x74, 0x08, 0x03, 0x6b, 0x65,
42 0x79, 0x08, 0x07, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x6f, 0x72};
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]43
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]44const uint8_t SIG_VALUE[] = {0x17, 0x80, // SignatureValue
45 0x2f, 0xd6, 0xf1, 0x6e, 0x80, 0x6f, 0x10, 0xbe, 0xb1, 0x6f, 0x3e, 0x31,
46 0xec, 0xe3, 0xb9, 0xea, 0x83, 0x30, 0x40, 0x03, 0xfc, 0xa0, 0x13, 0xd9,
47 0xb3, 0xc6, 0x25, 0x16, 0x2d, 0xa6, 0x58, 0x41, 0x69, 0x62, 0x56, 0xd8,
48 0xb3, 0x6a, 0x38, 0x76, 0x56, 0xea, 0x61, 0xb2, 0x32, 0x70, 0x1c, 0xb6,
49 0x4d, 0x10, 0x1d, 0xdc, 0x92, 0x8e, 0x52, 0xa5, 0x8a, 0x1d, 0xd9, 0x96,
50 0x5e, 0xc0, 0x62, 0x0b, 0xcf, 0x3a, 0x9d, 0x7f, 0xca, 0xbe, 0xa1, 0x41,
51 0x71, 0x85, 0x7a, 0x8b, 0x5d, 0xa9, 0x64, 0xd6, 0x66, 0xb4, 0xe9, 0x8d,
52 0x0c, 0x28, 0x43, 0xee, 0xa6, 0x64, 0xe8, 0x55, 0xf6, 0x1c, 0x19, 0x0b,
53 0xef, 0x99, 0x25, 0x1e, 0xdc, 0x78, 0xb3, 0xa7, 0xaa, 0x0d, 0x14, 0x58,
54 0x30, 0xe5, 0x37, 0x6a, 0x6d, 0xdb, 0x56, 0xac, 0xa3, 0xfc, 0x90, 0x7a,
55 0xb8, 0x66, 0x9c, 0x0e, 0xf6, 0xb7, 0x64, 0xd1};
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]56
57class GroupManagerFixture
58{
59public:
60 GroupManagerFixture()
61 : tmpPath(boost::filesystem::path(TMP_TESTS_PATH))
62 {
63 boost::filesystem::create_directories(tmpPath);
64
65 // generate the certificate public key
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]66 RsaKeyParams params;
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]67 DecryptKey<algo::Rsa> memberDecryptKey = algo::Rsa::generateKey(params);
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]68 decryptKeyBuf = memberDecryptKey.getKeyBits();
69 EncryptKey<algo::Rsa> memberEncryptKey = algo::Rsa::deriveEncryptKey(decryptKeyBuf);
70 encryptKeyBuf = memberEncryptKey.getKeyBits();
71
72 // generate certificate
73 cert.setName(Name("/ndn/memberA/KEY/ksk-123/ID-CERT/123"));
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]74 cert.setContent(encryptKeyBuf.data(), encryptKeyBuf.size());
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]75
76 Block sigInfoBlock(SIG_INFO, sizeof(SIG_INFO));
77 Block sigValueBlock(SIG_VALUE, sizeof(SIG_VALUE));
78
79 Signature sig(sigInfoBlock, sigValueBlock);
80 cert.setSignature(sig);
81
82 auto dataBlock = cert.wireEncode();
83 }
84
85 void
86 setManager(GroupManager& manager)
87 {
88 // set the first schedule
89 Schedule schedule1;
90 RepetitiveInterval interval11(from_iso_string("20150825T000000"),
91 from_iso_string("20150827T000000"),
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]92 5,
93 10,
94 2,
95 RepetitiveInterval::RepeatUnit::DAY);
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]96 RepetitiveInterval interval12(from_iso_string("20150825T000000"),
97 from_iso_string("20150827T000000"),
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]98 6,
99 8,
100 1,
101 RepetitiveInterval::RepeatUnit::DAY);
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]102 RepetitiveInterval interval13(from_iso_string("20150827T000000"),
103 from_iso_string("20150827T000000"),
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]104 7,
105 8);
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]106 schedule1.addWhiteInterval(interval11);
107 schedule1.addWhiteInterval(interval12);
108 schedule1.addBlackInterval(interval13);
109
110 // set the second schedule
111 Schedule schedule2;
112 RepetitiveInterval interval21(from_iso_string("20150825T000000"),
113 from_iso_string("20150827T000000"),
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]114 9,
115 12,
116 1,
117 RepetitiveInterval::RepeatUnit::DAY);
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]118 RepetitiveInterval interval22(from_iso_string("20150827T000000"),
119 from_iso_string("20150827T000000"),
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]120 6,
121 8);
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]122 RepetitiveInterval interval23(from_iso_string("20150827T000000"),
123 from_iso_string("20150827T000000"),
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]124 2,
125 4);
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]126 schedule2.addWhiteInterval(interval21);
127 schedule2.addWhiteInterval(interval22);
128 schedule2.addBlackInterval(interval23);
129
130 // add to the group manager db
131 manager.addSchedule("schedule1", schedule1);
132 manager.addSchedule("schedule2", schedule2);
133
134 // do some adaptions to certificate
135 Block dataBlock = cert.wireEncode();
136
137 Data memberA(dataBlock);
138 memberA.setName(Name("/ndn/memberA/KEY/ksk-123/ID-CERT/123"));
139 Data memberB(dataBlock);
140 memberB.setName(Name("/ndn/memberB/KEY/ksk-123/ID-CERT/123"));
141 Data memberC(dataBlock);
142 memberC.setName(Name("/ndn/memberC/KEY/ksk-123/ID-CERT/123"));
143
144 // add members to the database
145 manager.addMember("schedule1", memberA);
146 manager.addMember("schedule1", memberB);
147 manager.addMember("schedule2", memberC);
148 }
149
150 ~GroupManagerFixture()
151 {
152 boost::filesystem::remove_all(tmpPath);
153 }
154
155public:
156 boost::filesystem::path tmpPath;
157 Buffer decryptKeyBuf;
158 Buffer encryptKeyBuf;
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]159 Certificate cert;
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]160};
161
162BOOST_FIXTURE_TEST_SUITE(TestGroupManager, GroupManagerFixture)
163
164BOOST_AUTO_TEST_CASE(CreateDKeyData)
165{
166 // create the group manager database
167 std::string dbDir = tmpPath.c_str();
168 dbDir += "/manager-d-key-test.db";
Yingdi Yu4467c112015-10-19 09:27:45 -0700[diff] [blame]169 GroupManager manager(Name("Alice"), Name("data_type"), dbDir, 2048, 1);
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]170
171 Block newCertBlock = cert.wireEncode();
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]172 Certificate newCert(newCertBlock);
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]173
174 // encrypt D-KEY
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]175 Data data = manager.createDKeyData("20150825T000000",
176 "20150827T000000",
177 Name("/ndn/memberA/KEY"),
178 decryptKeyBuf,
179 Buffer(newCert.getContent().value(),
180 newCert.getContent().value_size()));
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]181
182 // verify encrypted D-KEY
183 Block dataContent = data.getContent();
184 dataContent.parse();
185 BOOST_CHECK_EQUAL(dataContent.elements_size(), 2);
186
187 // get nonce key
188 Block::element_const_iterator contentIterator = dataContent.elements_begin();
189 Block nonceContent(*contentIterator);
190 BOOST_CHECK_EQUAL(nonceContent.type(), tlv::EncryptedContent);
191 EncryptedContent encryptedNonce(nonceContent);
192 BOOST_CHECK_EQUAL(encryptedNonce.getInitialVector().size(), 0);
Yingdi Yu883f4202015-11-02 13:54:11 -0800[diff] [blame]193 BOOST_CHECK_EQUAL(encryptedNonce.getAlgorithmType(), tlv::AlgorithmRsaOaep);
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]194
195 const Buffer& bufferNonce = encryptedNonce.getPayload();
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]196 Buffer nonce = algo::Rsa::decrypt(decryptKeyBuf.data(),
197 decryptKeyBuf.size(),
198 bufferNonce.data(),
199 bufferNonce.size());
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]200
201 // get D-KEY
202 contentIterator++;
203 Block payloadContent(*contentIterator);
204 BOOST_CHECK_EQUAL(payloadContent.type(), tlv::EncryptedContent);
205 EncryptedContent encryptedPayload(payloadContent);
206 BOOST_CHECK_EQUAL(encryptedPayload.getInitialVector().size(), 16);
207 BOOST_CHECK_EQUAL(encryptedPayload.getAlgorithmType(), tlv::AlgorithmAesCbc);
208
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]209 algo::EncryptParams decryptParams(tlv::AlgorithmAesCbc);
210 decryptParams.setIV(encryptedPayload.getInitialVector().data(),
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]211 encryptedPayload.getInitialVector().size());
212 const Buffer& bufferPayload = encryptedPayload.getPayload();
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]213 Buffer largePayload = algo::Aes::decrypt(nonce.data(),
214 nonce.size(),
215 bufferPayload.data(),
216 bufferPayload.size(),
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]217 decryptParams);
218
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]219 BOOST_CHECK_EQUAL_COLLECTIONS(largePayload.begin(),
220 largePayload.end(),
221 decryptKeyBuf.begin(),
222 decryptKeyBuf.end());
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]223}
224
225BOOST_AUTO_TEST_CASE(CreateEKeyData)
226{
227 // create the group manager database
228 std::string dbDir = tmpPath.c_str();
229 dbDir += "/manager-e-key-test.db";
230
231 // create group manager
Yingdi Yu4467c112015-10-19 09:27:45 -0700[diff] [blame]232 GroupManager manager(Name("Alice"), Name("data_type"), dbDir, 1024, 1);
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]233 setManager(manager);
234
235 Data data = manager.createEKeyData("20150825T090000", "20150825T110000", encryptKeyBuf);
Yingdi Yu4467c112015-10-19 09:27:45 -0700[diff] [blame]236 BOOST_CHECK_EQUAL(data.getName().toUri(),
Yingdi Yu3decf4e2015-11-02 12:33:31 -0800[diff] [blame]237 "/Alice/READ/data_type/E-KEY/20150825T090000/20150825T110000");
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]238
239 Buffer contentBuf(data.getContent().value(), data.getContent().value_size());
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]240 BOOST_CHECK_EQUAL_COLLECTIONS(encryptKeyBuf.begin(),
241 encryptKeyBuf.end(),
242 contentBuf.begin(),
243 contentBuf.end());
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]244}
245
246BOOST_AUTO_TEST_CASE(CalculateInterval)
247{
248 // create the group manager database
249 std::string dbDir = tmpPath.c_str();
250 dbDir += "/manager-interval-test.db";
251
252 // create group manager
Yingdi Yu4467c112015-10-19 09:27:45 -0700[diff] [blame]253 GroupManager manager(Name("Alice"), Name("data_type"), dbDir, 1024, 1);
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]254 setManager(manager);
255
256 std::map<Name, Buffer> memberKeys;
257 Interval result;
258
259 TimeStamp tp1(from_iso_string("20150825T093000"));
260 result = manager.calculateInterval(tp1, memberKeys);
261 BOOST_CHECK_EQUAL(to_iso_string(result.getStartTime()), "20150825T090000");
262 BOOST_CHECK_EQUAL(to_iso_string(result.getEndTime()), "20150825T100000");
263
264 TimeStamp tp2(from_iso_string("20150827T073000"));
265 result = manager.calculateInterval(tp2, memberKeys);
266 BOOST_CHECK_EQUAL(to_iso_string(result.getStartTime()), "20150827T070000");
267 BOOST_CHECK_EQUAL(to_iso_string(result.getEndTime()), "20150827T080000");
268
269 TimeStamp tp3(from_iso_string("20150827T043000"));
270 result = manager.calculateInterval(tp3, memberKeys);
271 BOOST_CHECK_EQUAL(result.isValid(), false);
272
273 TimeStamp tp4(from_iso_string("20150827T053000"));
274 result = manager.calculateInterval(tp4, memberKeys);
275 BOOST_CHECK_EQUAL(to_iso_string(result.getStartTime()), "20150827T050000");
276 BOOST_CHECK_EQUAL(to_iso_string(result.getEndTime()), "20150827T060000");
277}
278
279BOOST_AUTO_TEST_CASE(GetGroupKey)
280{
281 // create the group manager database
282 std::string dbDir = tmpPath.c_str();
283 dbDir += "/manager-group-key-test.db";
284
285 // create group manager
Yingdi Yu4467c112015-10-19 09:27:45 -0700[diff] [blame]286 GroupManager manager(Name("Alice"), Name("data_type"), dbDir, 1024, 1);
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]287 setManager(manager);
288
289 // get data list from group manager
290 TimeStamp tp1(from_iso_string("20150825T093000"));
291 std::list<Data> result = manager.getGroupKey(tp1);
292
293 BOOST_CHECK_EQUAL(result.size(), 4);
294
295 // first data contain the group encrypt key(public key)
296 std::list<Data>::iterator dataIterator = result.begin();
297 BOOST_CHECK_EQUAL(dataIterator->getName().toUri(),
Yingdi Yu3decf4e2015-11-02 12:33:31 -0800[diff] [blame]298 "/Alice/READ/data_type/E-KEY/20150825T090000/20150825T100000");
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]299
300 EncryptKey<algo::Rsa> groupEKey(
301 Buffer(dataIterator->getContent().value(), dataIterator->getContent().value_size()));
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]302
303 // second data and decrypt
304 dataIterator++;
Zhiyi Zhang3ac0d8d2015-10-28 14:07:09 +0800[diff] [blame]305 BOOST_CHECK_EQUAL(dataIterator->getName().toUri(),
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]306 "/Alice/READ/data_type/D-KEY/20150825T090000/20150825T100000/FOR/ndn/memberA/KEY/ksk-123");
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]307
308 //////////////////////////////////////////////////////////////////////// start decryption
309 Block dataContent = dataIterator->getContent();
310
311 dataContent.parse();
312 BOOST_CHECK_EQUAL(dataContent.elements_size(), 2);
313
314 // get nonce key
315 Block::element_const_iterator contentIterator = dataContent.elements_begin();
316 Block nonceContent(*contentIterator);
317 BOOST_CHECK_EQUAL(nonceContent.type(), tlv::EncryptedContent);
318 EncryptedContent encryptedNonce(nonceContent);
319 BOOST_CHECK_EQUAL(encryptedNonce.getInitialVector().size(), 0);
Yingdi Yu883f4202015-11-02 13:54:11 -0800[diff] [blame]320 BOOST_CHECK_EQUAL(encryptedNonce.getAlgorithmType(), tlv::AlgorithmRsaOaep);
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]321
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]322 const Buffer& bufferNonce = encryptedNonce.getPayload();
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]323
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]324 Buffer nonce = algo::Rsa::decrypt(decryptKeyBuf.data(),
325 decryptKeyBuf.size(),
326 bufferNonce.data(),
327 bufferNonce.size());
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]328 // get buffer payload
329 contentIterator++;
330 Block payloadContent(*contentIterator);
331 BOOST_CHECK_EQUAL(payloadContent.type(), tlv::EncryptedContent);
332 EncryptedContent encryptedPayload(payloadContent);
333 BOOST_CHECK_EQUAL(encryptedPayload.getInitialVector().size(), 16);
334 BOOST_CHECK_EQUAL(encryptedPayload.getAlgorithmType(), tlv::AlgorithmAesCbc);
335
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]336 algo::EncryptParams decryptParams(tlv::AlgorithmAesCbc);
337 decryptParams.setIV(encryptedPayload.getInitialVector().data(),
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]338 encryptedPayload.getInitialVector().size());
339 const Buffer& bufferPayload = encryptedPayload.getPayload();
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]340 Buffer largePayload = algo::Aes::decrypt(nonce.data(),
341 nonce.size(),
342 bufferPayload.data(),
343 bufferPayload.size(),
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]344 decryptParams);
345
346 // get group D-KEY
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]347 DecryptKey<algo::Rsa> groupDKey(Buffer(largePayload.data(), largePayload.size()));
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]348
349 /////////////////////////////////////////////////////////////////////// end decryption
350
351 // check the D-KEY
352 EncryptKey<algo::Rsa> derivedGroupEKey = algo::Rsa::deriveEncryptKey(groupDKey.getKeyBits());
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]353 BOOST_CHECK_EQUAL_COLLECTIONS(groupEKey.getKeyBits().begin(),
354 groupEKey.getKeyBits().end(),
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]355 derivedGroupEKey.getKeyBits().begin(),
356 derivedGroupEKey.getKeyBits().end());
357
Zhiyi Zhang3ac0d8d2015-10-28 14:07:09 +0800[diff] [blame]358 // third data and decrypt
359 dataIterator++;
360 BOOST_CHECK_EQUAL(dataIterator->getName().toUri(),
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]361 "/Alice/READ/data_type/D-KEY/20150825T090000/20150825T100000/FOR/ndn/memberB/KEY/ksk-123");
Zhiyi Zhang3ac0d8d2015-10-28 14:07:09 +0800[diff] [blame]362
363 // second data and decrypt
364 dataIterator++;
365 BOOST_CHECK_EQUAL(dataIterator->getName().toUri(),
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]366 "/Alice/READ/data_type/D-KEY/20150825T090000/20150825T100000/FOR/ndn/memberC/KEY/ksk-123");
Zhiyi Zhang3ac0d8d2015-10-28 14:07:09 +0800[diff] [blame]367
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]368 // invalid time stamp to get group key
369 TimeStamp tp2(from_iso_string("20150826T083000"));
370 BOOST_CHECK_EQUAL(manager.getGroupKey(tp2).size(), 0);
371
372 TimeStamp tp3(from_iso_string("20150827T023000"));
373 BOOST_CHECK_EQUAL(manager.getGroupKey(tp3).size(), 0);
374}
375
Zhiyi Zhang67f90aa2016-10-16 14:29:15 -0700[diff] [blame]376BOOST_AUTO_TEST_CASE(GetGroupKeyWithoutRegeneration)
377{
378 // create the group manager database
379 std::string dbDir = tmpPath.c_str();
380 dbDir += "/manager-group-key-test.db";
381
382 // create group manager
383 GroupManager manager(Name("Alice"), Name("data_type"), dbDir, 1024, 1);
384 setManager(manager);
385
386 // get data list from group manager
387 TimeStamp tp1(from_iso_string("20150825T093000"));
388 std::list<Data> result1 = manager.getGroupKey(tp1);
389
390 BOOST_CHECK_EQUAL(result1.size(), 4);
391
392 // first data contain the group encrypt key(public key)
393 std::list<Data>::iterator dataIterator1 = result1.begin();
394 BOOST_CHECK_EQUAL(dataIterator1->getName().toUri(),
395 "/Alice/READ/data_type/E-KEY/20150825T090000/20150825T100000");
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]396 EncryptKey<algo::Rsa> groupEKey1(
397 Buffer(dataIterator1->getContent().value(), dataIterator1->getContent().value_size()));
Zhiyi Zhang67f90aa2016-10-16 14:29:15 -0700[diff] [blame]398
399 // second data
400 dataIterator1++;
401 BOOST_CHECK_EQUAL(dataIterator1->getName().toUri(),
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]402 "/Alice/READ/data_type/D-KEY/20150825T090000/20150825T100000/FOR/ndn/memberA/KEY/ksk-123");
Zhiyi Zhang67f90aa2016-10-16 14:29:15 -0700[diff] [blame]403
404 // add new members to the database
405 Block dataBlock = cert.wireEncode();
406 Data memberD(dataBlock);
407 memberD.setName(Name("/ndn/memberD/KEY/ksk-123/ID-CERT/123"));
408 manager.addMember("schedule1", memberD);
409
410 std::list<Data> result2 = manager.getGroupKey(tp1, false);
411 BOOST_CHECK_EQUAL(result2.size(), 5);
412
413 // check the new EKey is the same with the previous one
414 std::list<Data>::iterator dataIterator2 = result2.begin();
415 BOOST_CHECK_EQUAL(dataIterator2->getName().toUri(),
416 "/Alice/READ/data_type/E-KEY/20150825T090000/20150825T100000");
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]417 EncryptKey<algo::Rsa> groupEKey2(
418 Buffer(dataIterator2->getContent().value(), dataIterator2->getContent().value_size()));
419 BOOST_CHECK_EQUAL_COLLECTIONS(groupEKey1.getKeyBits().begin(),
420 groupEKey1.getKeyBits().end(),
421 groupEKey2.getKeyBits().begin(),
422 groupEKey2.getKeyBits().end());
Zhiyi Zhang67f90aa2016-10-16 14:29:15 -0700[diff] [blame]423
424 // second data
425 dataIterator2++;
426 BOOST_CHECK_EQUAL(dataIterator2->getName().toUri(),
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]427 "/Alice/READ/data_type/D-KEY/20150825T090000/20150825T100000/FOR/ndn/memberA/KEY/ksk-123");
Zhiyi Zhang67f90aa2016-10-16 14:29:15 -0700[diff] [blame]428}
429
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]430BOOST_AUTO_TEST_SUITE_END()
431
Zhiyi Zhang19a11d22018-04-12 22:58:20 -0700[diff] [blame]432} // namespace tests
Alexander Afanasyev9091d832018-04-18 17:21:08 -0400[diff] [blame]433} // namespace nac
Zhiyi Zhang84986cc2015-09-21 00:26:07 +0800[diff] [blame]434} // namespace ndn