blob: 311cfe0a36725d8376c5d25fb470bf94dabacccd [file] [log] [blame]
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
* Copyright (c) 2013-2024 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
* ndn-cxx library is free software: you can redistribute it and/or modify it under the
* terms of the GNU Lesser General Public License as published by the Free Software
* Foundation, either version 3 of the License, or (at your option) any later version.
*
* ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
* WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
* PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
*
* You should have received copies of the GNU General Public License and GNU Lesser
* General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
* <http://www.gnu.org/licenses/>.
*
* See AUTHORS.md for complete list of ndn-cxx authors and contributors.
*/
#include "ndn-cxx/security/pib/impl/key-impl.hpp"
#include "tests/boost-test.hpp"
#include "tests/key-chain-fixture.hpp"
#include "tests/unit/security/pib/pib-data-fixture.hpp"
namespace ndn::tests {
using namespace ndn::security::pib;
BOOST_AUTO_TEST_SUITE(Security)
class KeyImplFixture : public PibDataFixture
{
protected:
const shared_ptr<PibImpl> pibImpl = makePibWithKey(id1Key1Name, id1Key1);
KeyImpl key11{id1Key1Name, id1Key1, pibImpl};
};
BOOST_FIXTURE_TEST_SUITE(TestKeyImpl, KeyImplFixture)
BOOST_AUTO_TEST_CASE(Properties)
{
BOOST_TEST(key11.getIdentity() == id1);
BOOST_TEST(key11.getName() == id1Key1Name);
BOOST_TEST(key11.getKeyType() == KeyType::EC);
BOOST_TEST(key11.getPublicKey() == id1Key1, boost::test_tools::per_element());
}
BOOST_AUTO_TEST_CASE(CertificateOperations)
{
// key does not have any certificates
BOOST_CHECK_EQUAL(key11.getCertificates().size(), 0);
// get non-existing certificate, throw Pib::Error
BOOST_CHECK_THROW(key11.getCertificate(id1Key1Cert1.getName()), Pib::Error);
// get default certificate, throw Pib::Error
BOOST_CHECK_THROW(key11.getDefaultCertificate(), Pib::Error);
// set non-existing certificate as default certificate, throw Pib::Error
BOOST_CHECK_THROW(key11.setDefaultCertificate(id1Key1Cert1.getName()), Pib::Error);
// add certificate
key11.addCertificate(id1Key1Cert1);
const auto& addedCert = key11.getCertificate(id1Key1Cert1.getName());
BOOST_CHECK_EQUAL(addedCert, id1Key1Cert1);
// new certificate becomes default certificate when there was no default certificate
const auto& defaultCert0 = key11.getDefaultCertificate();
BOOST_CHECK_EQUAL(defaultCert0, id1Key1Cert1);
// remove certificate
key11.removeCertificate(id1Key1Cert1.getName());
BOOST_CHECK_THROW(key11.getCertificate(id1Key1Cert1.getName()), Pib::Error);
BOOST_CHECK_THROW(key11.getDefaultCertificate(), Pib::Error);
// set default certificate directly
BOOST_REQUIRE_NO_THROW(key11.setDefaultCertificate(id1Key1Cert1));
const auto& defaultCert1 = key11.getDefaultCertificate();
BOOST_CHECK_EQUAL(defaultCert1, id1Key1Cert1);
// add another certificate
key11.addCertificate(id1Key1Cert2);
BOOST_CHECK_EQUAL(key11.getCertificates().size(), 2);
// set default certificate through name and check return value
BOOST_CHECK_EQUAL(key11.setDefaultCertificate(id1Key1Cert2.getName()), id1Key1Cert2);
const auto& defaultCert2 = key11.getDefaultCertificate();
BOOST_CHECK_EQUAL(defaultCert2, id1Key1Cert2);
// remove certificate
key11.removeCertificate(id1Key1Cert1.getName());
BOOST_CHECK_THROW(key11.getCertificate(id1Key1Cert1.getName()), Pib::Error);
BOOST_CHECK_EQUAL(key11.getCertificates().size(), 1);
// set removed certificate as default, certificate is implicitly added
BOOST_REQUIRE_NO_THROW(key11.setDefaultCertificate(id1Key1Cert1));
const auto& defaultCert3 = key11.getDefaultCertificate();
BOOST_CHECK_EQUAL(defaultCert3, id1Key1Cert1);
BOOST_CHECK_EQUAL(key11.getCertificates().size(), 2);
// remove all certificates
key11.removeCertificate(id1Key1Cert1.getName());
BOOST_CHECK_THROW(key11.getCertificate(id1Key1Cert1.getName()), Pib::Error);
BOOST_CHECK_EQUAL(key11.getCertificates().size(), 1);
key11.removeCertificate(id1Key1Cert2.getName());
BOOST_CHECK_THROW(key11.getCertificate(id1Key1Cert2.getName()), Pib::Error);
BOOST_CHECK_EQUAL(key11.getCertificates().size(), 0);
BOOST_CHECK_THROW(key11.getDefaultCertificate(), Pib::Error);
}
class ReplaceFixture : public KeyChainFixture, public KeyImplFixture
{
};
BOOST_FIXTURE_TEST_CASE(ReplaceCertificate, ReplaceFixture)
{
key11.addCertificate(id1Key1Cert1);
BOOST_CHECK_EQUAL(key11.getCertificate(id1Key1Cert1.getName()), id1Key1Cert1);
auto otherCert = id1Key1Cert1;
SignatureInfo info;
info.setValidityPeriod(security::ValidityPeriod::makeRelative(-1_s, 10_s));
m_keyChain.sign(otherCert, security::SigningInfo().setSignatureInfo(info));
BOOST_TEST(otherCert.getName() == id1Key1Cert1.getName());
BOOST_TEST(otherCert.getContent() == id1Key1Cert1.getContent());
BOOST_TEST(otherCert != id1Key1Cert1);
key11.addCertificate(otherCert); // overwrite cert
BOOST_TEST(key11.getCertificate(id1Key1Cert1.getName()) == otherCert);
}
BOOST_AUTO_TEST_CASE(Errors)
{
// illegal key name
BOOST_CHECK_THROW(KeyImpl(Name("/wrong"), id1Key1, pibImpl), std::invalid_argument);
BOOST_CHECK_THROW(key11.addCertificate(id1Key2Cert1), std::invalid_argument);
BOOST_CHECK_THROW(key11.removeCertificate(id1Key2Cert1.getName()), std::invalid_argument);
BOOST_CHECK_THROW(key11.getCertificate(id1Key2Cert1.getName()), std::invalid_argument);
BOOST_CHECK_THROW(key11.setDefaultCertificate(id1Key2Cert1), std::invalid_argument);
BOOST_CHECK_THROW(key11.setDefaultCertificate(id1Key2Cert1.getName()), std::invalid_argument);
}
BOOST_AUTO_TEST_CASE(UnknownKeyType)
{
Name keyName = security::constructKeyName(id1, name::Component::fromUri("foo"));
Buffer invalidKey{0x01, 0x02, 0x03, 0x04};
pibImpl->addKey(id1, keyName, invalidKey);
KeyImpl unknown(keyName, invalidKey, pibImpl);
BOOST_TEST(unknown.getIdentity() == id1);
BOOST_TEST(unknown.getName() == keyName);
BOOST_TEST(unknown.getKeyType() == KeyType::NONE);
BOOST_TEST(unknown.getPublicKey() == invalidKey, boost::test_tools::per_element());
}
BOOST_AUTO_TEST_SUITE_END() // TestKeyImpl
BOOST_AUTO_TEST_SUITE_END() // Security
} // namespace ndn::tests