blob: 01c95023b86342828cb1667c1a3ee832190c03e6 [file] [log] [blame]
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
/**
* Copyright (c) 2013-2014, Regents of the University of California.
* All rights reserved.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
* See AUTHORS.md for complete list of ndn-cxx authors and contributors.
*
* This file licensed under New BSD License. See COPYING for detailed information about
* ndn-cxx library copyright, permissions, and redistribution restrictions.
*/
#include "security/key-chain.hpp"
#include "boost-test.hpp"
using namespace std;
namespace ndn {
BOOST_AUTO_TEST_SUITE(SecurityTestKeyChain)
BOOST_AUTO_TEST_CASE (ExportIdentity)
{
KeyChainImpl<SecPublicInfoSqlite3, SecTpmFile> keyChain;
Name identity("/TestKeyChain/ExportIdentity/");
identity.appendVersion();
keyChain.createIdentity(identity);
shared_ptr<SecuredBag> exported = keyChain.exportIdentity(identity, "1234");
Block block = exported->wireEncode();
Name keyName = keyChain.getDefaultKeyNameForIdentity(identity);
Name certName = keyChain.getDefaultCertificateNameForKey(keyName);
keyChain.deleteIdentity(identity);
BOOST_REQUIRE(keyChain.doesIdentityExist(identity) == false);
BOOST_REQUIRE(keyChain.doesPublicKeyExist(keyName) == false);
BOOST_REQUIRE(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE) == false);
BOOST_REQUIRE(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC) == false);
BOOST_REQUIRE(keyChain.doesCertificateExist(certName) == false);
SecuredBag imported;
imported.wireDecode(block);
keyChain.importIdentity(imported, "1234");
BOOST_REQUIRE(keyChain.doesIdentityExist(identity));
BOOST_REQUIRE(keyChain.doesPublicKeyExist(keyName));
BOOST_REQUIRE(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE));
BOOST_REQUIRE(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC));
BOOST_REQUIRE(keyChain.doesCertificateExist(certName));
keyChain.deleteIdentity(identity);
BOOST_REQUIRE(keyChain.doesIdentityExist(identity) == false);
BOOST_REQUIRE(keyChain.doesPublicKeyExist(keyName) == false);
BOOST_REQUIRE(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE) == false);
BOOST_REQUIRE(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC) == false);
BOOST_REQUIRE(keyChain.doesCertificateExist(certName) == false);
}
BOOST_AUTO_TEST_CASE (PrepareIdentityCertificate)
{
KeyChainImpl<SecPublicInfoSqlite3, SecTpmFile> keyChain;
Name identity("/TestKeyChain/PrepareIdentityCertificate/");
identity.appendVersion();
keyChain.createIdentity(identity);
vector<CertificateSubjectDescription> subjectDescription;
Name lowerIdentity = identity;
lowerIdentity.append("Lower").appendVersion();
Name lowerKeyName = keyChain.generateRSAKeyPair(lowerIdentity, true);
shared_ptr<IdentityCertificate> idCert
= keyChain.prepareUnsignedIdentityCertificate(lowerKeyName, identity,
time::system_clock::now(),
time::system_clock::now() + time::days(365),
subjectDescription);
BOOST_CHECK(static_cast<bool>(idCert));
BOOST_CHECK(idCert->getName().getPrefix(5) == Name().append(identity).append("KEY").append("Lower"));
Name anotherIdentity("/TestKeyChain/PrepareIdentityCertificate/Another/");
anotherIdentity.appendVersion();
Name anotherKeyName = keyChain.generateRSAKeyPair(anotherIdentity, true);
shared_ptr<IdentityCertificate> idCert2
= keyChain.prepareUnsignedIdentityCertificate(anotherKeyName, identity,
time::system_clock::now(),
time::system_clock::now() + time::days(365),
subjectDescription);
BOOST_CHECK(static_cast<bool>(idCert2));
BOOST_CHECK(idCert2->getName().getPrefix(5) == Name().append(anotherIdentity).append("KEY"));
Name wrongKeyName1;
shared_ptr<IdentityCertificate> idCert3
= keyChain.prepareUnsignedIdentityCertificate(wrongKeyName1, identity,
time::system_clock::now(),
time::system_clock::now() + time::days(365),
subjectDescription);
BOOST_CHECK(!static_cast<bool>(idCert3));
Name wrongKeyName2("/TestKeyChain/PrepareIdentityCertificate");
shared_ptr<IdentityCertificate> idCert4
= keyChain.prepareUnsignedIdentityCertificate(wrongKeyName2, identity,
time::system_clock::now(),
time::system_clock::now() + time::days(365),
subjectDescription);
BOOST_CHECK(!static_cast<bool>(idCert4));
Name wrongKeyName3("/TestKeyChain/PrepareIdentityCertificate/ksk-1234");
shared_ptr<IdentityCertificate> idCert5
= keyChain.prepareUnsignedIdentityCertificate(wrongKeyName3, identity,
time::system_clock::now(),
time::system_clock::now() + time::days(365),
subjectDescription);
BOOST_CHECK(!static_cast<bool>(idCert5));
keyChain.deleteIdentity(identity);
keyChain.deleteIdentity(lowerIdentity);
keyChain.deleteIdentity(anotherIdentity);
}
BOOST_AUTO_TEST_SUITE_END()
} // namespace ndn