blob: 87c347f5be0098a04ab81a83de20c3811b7f89a7 [file] [log] [blame]
Yingdi Yu1b0311c2015-06-10 14:58:47 -07001/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Davide Pesavento7e6f6f82017-10-31 18:05:28 -04002/*
Davide Pesavento80d671f2022-06-08 04:04:52 -04003 * Copyright (c) 2013-2022 Regents of the University of California.
Yingdi Yu1b0311c2015-06-10 14:58:47 -07004 *
5 * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
6 *
7 * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8 * terms of the GNU Lesser General Public License as published by the Free Software
9 * Foundation, either version 3 of the License, or (at your option) any later version.
10 *
11 * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License and GNU Lesser
16 * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17 * <http://www.gnu.org/licenses/>.
18 *
19 * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
20 */
21
Davide Pesavento7e780642018-11-24 15:51:34 -050022#include "ndn-cxx/security/signing-info.hpp"
Spencer Lee308bc442015-11-24 02:59:55 -070023
Davide Pesavento7e780642018-11-24 15:51:34 -050024#include "tests/boost-test.hpp"
Yingdi Yu1b0311c2015-06-10 14:58:47 -070025
Davide Pesavento80d671f2022-06-08 04:04:52 -040026#include <openssl/opensslv.h>
Davide Pesaventoeee3e822016-11-26 19:19:34 +010027#include <boost/lexical_cast.hpp>
28#include <sstream>
29
Yingdi Yu1b0311c2015-06-10 14:58:47 -070030namespace ndn {
31namespace security {
32namespace tests {
33
Davide Pesaventoeee3e822016-11-26 19:19:34 +010034BOOST_AUTO_TEST_SUITE(Security)
35BOOST_AUTO_TEST_SUITE(TestSigningInfo)
Yingdi Yu1b0311c2015-06-10 14:58:47 -070036
37BOOST_AUTO_TEST_CASE(Basic)
38{
Spencer Lee308bc442015-11-24 02:59:55 -070039 Name id("/my-identity");
40 Name key("/my-key");
41 Name cert("/my-cert");
Yingdi Yu1b0311c2015-06-10 14:58:47 -070042
43 SigningInfo info;
44
45 BOOST_CHECK_EQUAL(info.getSignerType(), SigningInfo::SIGNER_TYPE_NULL);
Eric Newberry78ffc632020-05-17 15:13:46 -070046 BOOST_CHECK_EQUAL(info.getSignerName(), Name());
Yingdi Yu99b2a002015-08-12 12:47:44 -070047 BOOST_CHECK_EQUAL(info.getDigestAlgorithm(), DigestAlgorithm::SHA256);
Eric Newberryb74bbda2020-06-18 19:33:58 -070048 BOOST_CHECK_EQUAL(info.getSignedInterestFormat(), SignedInterestFormat::V02);
Yingdi Yu1b0311c2015-06-10 14:58:47 -070049
50 const SignatureInfo& sigInfo = info.getSignatureInfo();
51 BOOST_CHECK_EQUAL(sigInfo.getSignatureType(), -1);
52 BOOST_CHECK_EQUAL(sigInfo.hasKeyLocator(), false);
53
54 info.setSigningIdentity(id);
55 BOOST_CHECK_EQUAL(info.getSignerType(), SigningInfo::SIGNER_TYPE_ID);
56 BOOST_CHECK_EQUAL(info.getSignerName(), id);
Yingdi Yu99b2a002015-08-12 12:47:44 -070057 BOOST_CHECK_EQUAL(info.getDigestAlgorithm(), DigestAlgorithm::SHA256);
Eric Newberryb74bbda2020-06-18 19:33:58 -070058 BOOST_CHECK_EQUAL(info.getSignedInterestFormat(), SignedInterestFormat::V02);
Yingdi Yu1b0311c2015-06-10 14:58:47 -070059
60 SigningInfo infoId(SigningInfo::SIGNER_TYPE_ID, id);
61 BOOST_CHECK_EQUAL(infoId.getSignerType(), SigningInfo::SIGNER_TYPE_ID);
62 BOOST_CHECK_EQUAL(infoId.getSignerName(), id);
Yingdi Yu99b2a002015-08-12 12:47:44 -070063 BOOST_CHECK_EQUAL(infoId.getDigestAlgorithm(), DigestAlgorithm::SHA256);
Eric Newberryb74bbda2020-06-18 19:33:58 -070064 BOOST_CHECK_EQUAL(infoId.getSignedInterestFormat(), SignedInterestFormat::V02);
Yingdi Yu1b0311c2015-06-10 14:58:47 -070065
66 info.setSigningKeyName(key);
67 BOOST_CHECK_EQUAL(info.getSignerType(), SigningInfo::SIGNER_TYPE_KEY);
68 BOOST_CHECK_EQUAL(info.getSignerName(), key);
Yingdi Yu99b2a002015-08-12 12:47:44 -070069 BOOST_CHECK_EQUAL(info.getDigestAlgorithm(), DigestAlgorithm::SHA256);
Eric Newberryb74bbda2020-06-18 19:33:58 -070070 BOOST_CHECK_EQUAL(info.getSignedInterestFormat(), SignedInterestFormat::V02);
Yingdi Yu1b0311c2015-06-10 14:58:47 -070071
72 SigningInfo infoKey(SigningInfo::SIGNER_TYPE_KEY, key);
73 BOOST_CHECK_EQUAL(infoKey.getSignerType(), SigningInfo::SIGNER_TYPE_KEY);
74 BOOST_CHECK_EQUAL(infoKey.getSignerName(), key);
Yingdi Yu99b2a002015-08-12 12:47:44 -070075 BOOST_CHECK_EQUAL(infoKey.getDigestAlgorithm(), DigestAlgorithm::SHA256);
Eric Newberryb74bbda2020-06-18 19:33:58 -070076 BOOST_CHECK_EQUAL(infoKey.getSignedInterestFormat(), SignedInterestFormat::V02);
Yingdi Yu1b0311c2015-06-10 14:58:47 -070077
78 info.setSigningCertName(cert);
79 BOOST_CHECK_EQUAL(info.getSignerType(), SigningInfo::SIGNER_TYPE_CERT);
80 BOOST_CHECK_EQUAL(info.getSignerName(), cert);
Yingdi Yu99b2a002015-08-12 12:47:44 -070081 BOOST_CHECK_EQUAL(info.getDigestAlgorithm(), DigestAlgorithm::SHA256);
Eric Newberryb74bbda2020-06-18 19:33:58 -070082 BOOST_CHECK_EQUAL(info.getSignedInterestFormat(), SignedInterestFormat::V02);
Yingdi Yu1b0311c2015-06-10 14:58:47 -070083
84 SigningInfo infoCert(SigningInfo::SIGNER_TYPE_CERT, cert);
85 BOOST_CHECK_EQUAL(infoCert.getSignerType(), SigningInfo::SIGNER_TYPE_CERT);
86 BOOST_CHECK_EQUAL(infoCert.getSignerName(), cert);
Yingdi Yu99b2a002015-08-12 12:47:44 -070087 BOOST_CHECK_EQUAL(infoCert.getDigestAlgorithm(), DigestAlgorithm::SHA256);
Eric Newberryb74bbda2020-06-18 19:33:58 -070088 BOOST_CHECK_EQUAL(infoCert.getSignedInterestFormat(), SignedInterestFormat::V02);
Yingdi Yu1b0311c2015-06-10 14:58:47 -070089
90 info.setSha256Signing();
91 BOOST_CHECK_EQUAL(info.getSignerType(), SigningInfo::SIGNER_TYPE_SHA256);
Eric Newberry78ffc632020-05-17 15:13:46 -070092 BOOST_CHECK_EQUAL(info.getSignerName(), Name());
Yingdi Yu99b2a002015-08-12 12:47:44 -070093 BOOST_CHECK_EQUAL(info.getDigestAlgorithm(), DigestAlgorithm::SHA256);
Eric Newberryb74bbda2020-06-18 19:33:58 -070094 BOOST_CHECK_EQUAL(info.getSignedInterestFormat(), SignedInterestFormat::V02);
Yingdi Yu1b0311c2015-06-10 14:58:47 -070095
96 SigningInfo infoSha(SigningInfo::SIGNER_TYPE_SHA256);
97 BOOST_CHECK_EQUAL(infoSha.getSignerType(), SigningInfo::SIGNER_TYPE_SHA256);
Eric Newberry78ffc632020-05-17 15:13:46 -070098 BOOST_CHECK_EQUAL(infoSha.getSignerName(), Name());
Yingdi Yu99b2a002015-08-12 12:47:44 -070099 BOOST_CHECK_EQUAL(infoSha.getDigestAlgorithm(), DigestAlgorithm::SHA256);
Eric Newberryb74bbda2020-06-18 19:33:58 -0700100 BOOST_CHECK_EQUAL(infoSha.getSignedInterestFormat(), SignedInterestFormat::V02);
laqinfan56a812d2019-06-03 15:33:58 -0500101
Davide Pesavento94dfcf12021-09-26 14:18:45 -0400102#if OPENSSL_VERSION_NUMBER < 0x30000000L // FIXME #5154
laqinfan56a812d2019-06-03 15:33:58 -0500103 std::string encodedKey("QjM3NEEyNkE3MTQ5MDQzN0FBMDI0RTRGQURENUI0OTdGRE"
104 "ZGMUE4RUE2RkYxMkY2RkI2NUFGMjcyMEI1OUNDRg==");
105 info.setSigningHmacKey(encodedKey);
106 BOOST_CHECK_EQUAL(info.getSignerType(), SigningInfo::SIGNER_TYPE_HMAC);
107 BOOST_CHECK_EQUAL(info.getDigestAlgorithm(), DigestAlgorithm::SHA256);
Eric Newberryb74bbda2020-06-18 19:33:58 -0700108 BOOST_CHECK_EQUAL(info.getSignedInterestFormat(), SignedInterestFormat::V02);
Davide Pesavento94dfcf12021-09-26 14:18:45 -0400109#endif
laqinfan56a812d2019-06-03 15:33:58 -0500110
111 SigningInfo infoHmac(SigningInfo::SIGNER_TYPE_HMAC, info.getSignerName());
112 BOOST_CHECK_EQUAL(infoHmac.getSignerType(), SigningInfo::SIGNER_TYPE_HMAC);
113 BOOST_CHECK_EQUAL(infoHmac.getDigestAlgorithm(), DigestAlgorithm::SHA256);
Eric Newberryb74bbda2020-06-18 19:33:58 -0700114 BOOST_CHECK_EQUAL(infoHmac.getSignedInterestFormat(), SignedInterestFormat::V02);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700115}
116
117BOOST_AUTO_TEST_CASE(CustomSignatureInfo)
118{
119 SigningInfo info1;
Junxiao Shi72c0c642018-04-20 15:41:09 +0000120 BOOST_CHECK_EQUAL(info1.getSignatureInfo(), SignatureInfo());
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700121
122 SignatureInfo si;
123 si.setKeyLocator(Name("ndn:/test/key/locator"));
124 info1.setSignatureInfo(si);
125
Junxiao Shi72c0c642018-04-20 15:41:09 +0000126 BOOST_CHECK_EQUAL(info1.getSignatureInfo(), si);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700127
Eric Newberry78ffc632020-05-17 15:13:46 -0700128 SigningInfo info2(SigningInfo::SIGNER_TYPE_NULL, Name(), si);
Junxiao Shi72c0c642018-04-20 15:41:09 +0000129 BOOST_CHECK_EQUAL(info2.getSignatureInfo(), si);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700130}
131
Spencer Lee308bc442015-11-24 02:59:55 -0700132BOOST_AUTO_TEST_CASE(FromString)
133{
134 SigningInfo infoDefault("");
135 BOOST_CHECK_EQUAL(infoDefault.getSignerType(), SigningInfo::SIGNER_TYPE_NULL);
Eric Newberry78ffc632020-05-17 15:13:46 -0700136 BOOST_CHECK_EQUAL(infoDefault.getSignerName(), Name());
Yingdi Yu99b2a002015-08-12 12:47:44 -0700137 BOOST_CHECK_EQUAL(infoDefault.getDigestAlgorithm(), DigestAlgorithm::SHA256);
Spencer Lee308bc442015-11-24 02:59:55 -0700138
139 SigningInfo infoId("id:/my-identity");
140 BOOST_CHECK_EQUAL(infoId.getSignerType(), SigningInfo::SIGNER_TYPE_ID);
141 BOOST_CHECK_EQUAL(infoId.getSignerName(), "/my-identity");
Yingdi Yu99b2a002015-08-12 12:47:44 -0700142 BOOST_CHECK_EQUAL(infoId.getDigestAlgorithm(), DigestAlgorithm::SHA256);
Spencer Lee308bc442015-11-24 02:59:55 -0700143
144 SigningInfo infoKey("key:/my-key");
145 BOOST_CHECK_EQUAL(infoKey.getSignerType(), SigningInfo::SIGNER_TYPE_KEY);
146 BOOST_CHECK_EQUAL(infoKey.getSignerName(), "/my-key");
Yingdi Yu99b2a002015-08-12 12:47:44 -0700147 BOOST_CHECK_EQUAL(infoKey.getDigestAlgorithm(), DigestAlgorithm::SHA256);
Spencer Lee308bc442015-11-24 02:59:55 -0700148
149 SigningInfo infoCert("cert:/my-cert");
150 BOOST_CHECK_EQUAL(infoCert.getSignerType(), SigningInfo::SIGNER_TYPE_CERT);
151 BOOST_CHECK_EQUAL(infoCert.getSignerName(), "/my-cert");
Yingdi Yu99b2a002015-08-12 12:47:44 -0700152 BOOST_CHECK_EQUAL(infoCert.getDigestAlgorithm(), DigestAlgorithm::SHA256);
Spencer Lee308bc442015-11-24 02:59:55 -0700153
Davide Pesavento94dfcf12021-09-26 14:18:45 -0400154#if OPENSSL_VERSION_NUMBER < 0x30000000L // FIXME #5154
laqinfan56a812d2019-06-03 15:33:58 -0500155 SigningInfo infoHmac("hmac-sha256:QjM3NEEyNkE3MTQ5MDQzN0FBMDI0RTRGQURENU"
156 "I0OTdGREZGMUE4RUE2RkYxMkY2RkI2NUFGMjcyMEI1OUNDRg==");
157 BOOST_CHECK_EQUAL(infoHmac.getSignerType(), SigningInfo::SIGNER_TYPE_HMAC);
158 BOOST_CHECK_EQUAL(infoHmac.getSignerName().getPrefix(3), SigningInfo::getHmacIdentity());
159 BOOST_CHECK_EQUAL(infoHmac.getDigestAlgorithm(), DigestAlgorithm::SHA256);
Davide Pesavento94dfcf12021-09-26 14:18:45 -0400160#endif
laqinfan56a812d2019-06-03 15:33:58 -0500161
Spencer Lee308bc442015-11-24 02:59:55 -0700162 SigningInfo infoSha("id:/localhost/identity/digest-sha256");
163 BOOST_CHECK_EQUAL(infoSha.getSignerType(), SigningInfo::SIGNER_TYPE_SHA256);
Eric Newberry78ffc632020-05-17 15:13:46 -0700164 BOOST_CHECK_EQUAL(infoSha.getSignerName(), Name());
Yingdi Yu99b2a002015-08-12 12:47:44 -0700165 BOOST_CHECK_EQUAL(infoSha.getDigestAlgorithm(), DigestAlgorithm::SHA256);
Spencer Lee308bc442015-11-24 02:59:55 -0700166}
167
168BOOST_AUTO_TEST_CASE(ToString)
169{
170 // We can't use lexical_cast due to Boost Bug 6298.
171 std::stringstream ss;
172 ss << SigningInfo();
173 BOOST_CHECK_EQUAL(ss.str(), "");
174
175 BOOST_CHECK_EQUAL(boost::lexical_cast<std::string>(
176 SigningInfo(SigningInfo::SIGNER_TYPE_ID, "/my-identity")), "id:/my-identity");
177 BOOST_CHECK_EQUAL(boost::lexical_cast<std::string>(
178 SigningInfo(SigningInfo::SIGNER_TYPE_KEY, "/my-key")), "key:/my-key");
179 BOOST_CHECK_EQUAL(boost::lexical_cast<std::string>(
180 SigningInfo(SigningInfo::SIGNER_TYPE_CERT, "/my-cert")), "cert:/my-cert");
181 BOOST_CHECK_EQUAL(boost::lexical_cast<std::string>(
182 SigningInfo(SigningInfo::SIGNER_TYPE_SHA256)),
183 "id:/localhost/identity/digest-sha256");
laqinfan56a812d2019-06-03 15:33:58 -0500184 BOOST_CHECK_EQUAL(boost::lexical_cast<std::string>(
185 SigningInfo(SigningInfo::SIGNER_TYPE_HMAC, "/localhost/identity/hmac/1234")),
186 "id:/localhost/identity/hmac/1234");
Spencer Lee308bc442015-11-24 02:59:55 -0700187}
188
Alexander Afanasyevc95f5642017-01-04 17:34:26 -0800189BOOST_AUTO_TEST_CASE(Chaining)
190{
191 SigningInfo info = SigningInfo()
192 .setSigningIdentity("/identity")
193 .setSigningKeyName("/key/name")
194 .setSigningCertName("/cert/name")
Alexander Afanasyevd6d78aa2017-01-02 18:14:23 -0800195 .setPibIdentity(Identity())
196 .setPibKey(Key())
Alexander Afanasyevc95f5642017-01-04 17:34:26 -0800197 .setSha256Signing()
198 .setDigestAlgorithm(DigestAlgorithm::SHA256)
199 .setSignatureInfo(SignatureInfo());
200
201 BOOST_CHECK_EQUAL(boost::lexical_cast<std::string>(info), "id:/localhost/identity/digest-sha256");
202}
203
Nick Gordon2a6d45a2017-01-25 14:10:44 -0600204BOOST_AUTO_TEST_CASE(OperatorEquals)
205{
206 // Check name equality
207 SigningInfo info1("id:/my-id");
208 SigningInfo info2("id:/my-id");
209 BOOST_CHECK_EQUAL(info1, info2);
210 // Change name, check inequality
211 info2 = SigningInfo("id:/not-same-id");
212 BOOST_CHECK_NE(info1, info2);
213
214 // Check name, digest algo equality
215 info1 = SigningInfo("id:/my-id");
216 info2 = SigningInfo("id:/my-id");
217 info1.setDigestAlgorithm(DigestAlgorithm::SHA256);
218 info2.setDigestAlgorithm(DigestAlgorithm::SHA256);
219 BOOST_CHECK_EQUAL(info1, info2);
220 // Change digest algo, check inequality
221 info2.setDigestAlgorithm(DigestAlgorithm::NONE);
222 BOOST_CHECK_NE(info1, info2);
223
224 // Check name, digest algo, signature info equality
225 info1 = SigningInfo("id:/my-id");
226 info2 = SigningInfo("id:/my-id");
227 info1.setDigestAlgorithm(DigestAlgorithm::SHA256);
228 info2.setDigestAlgorithm(DigestAlgorithm::SHA256);
Davide Pesavento7e6f6f82017-10-31 18:05:28 -0400229 SignatureInfo sigInfo1(tlv::DigestSha256);
Nick Gordon2a6d45a2017-01-25 14:10:44 -0600230 info1.setSignatureInfo(sigInfo1);
231 info2.setSignatureInfo(sigInfo1);
232 BOOST_CHECK_EQUAL(info1, info2);
233 // Change signature info, check inequality
Davide Pesavento7e6f6f82017-10-31 18:05:28 -0400234 SignatureInfo sigInfo2(tlv::SignatureSha256WithRsa);
Nick Gordon2a6d45a2017-01-25 14:10:44 -0600235 info2.setSignatureInfo(sigInfo2);
236 BOOST_CHECK_NE(info1, info2);
237}
238
239BOOST_AUTO_TEST_CASE(OperatorEqualsDifferentTypes)
240{
241 SigningInfo info1("key:/my-id/KEY/1");
242 SigningInfo info2("key:/my-id/KEY/1");
243 // Check equality for key type
244 BOOST_CHECK_EQUAL(info1, info2);
245 info2 = SigningInfo("id:/my-id");
246 // Change signature type, check inequality
247 BOOST_CHECK_NE(info1, info2);
248 info2 = SigningInfo("key:/not-same-id/KEY/1");
249 // Change key name, check inequality
250 BOOST_CHECK_NE(info1, info2);
251
252 info1 = SigningInfo("cert:/my-id/KEY/1/self/%FD01");
253 info2 = SigningInfo("cert:/my-id/KEY/1/self/%FD01");
254 // Check equality for cert type
255 BOOST_CHECK_EQUAL(info1, info2);
256 info2 = SigningInfo("cert:/not-my-id/KEY/1/other/%FD01");
257 // Change cert name, check inequality
258 BOOST_CHECK_NE(info1, info2);
259 info2 = SigningInfo("id:/my-id");
260 // Change signature type, check inequality
261 BOOST_CHECK_NE(info1, info2);
262
263 info1 = SigningInfo(SigningInfo::SIGNER_TYPE_NULL);
264 info2 = SigningInfo(SigningInfo::SIGNER_TYPE_NULL);
265 // Check equality for null type
266 BOOST_CHECK_EQUAL(info1, info2);
267 info2 = SigningInfo("id:/my-id");
268 // Change signature type, check inequality
269 BOOST_CHECK_NE(info1, info2);
270
271 info1 = SigningInfo(SigningInfo::SIGNER_TYPE_SHA256);
272 info2 = SigningInfo(SigningInfo::SIGNER_TYPE_SHA256);
273 // Check equality for SHA256 digest type
274 BOOST_CHECK_EQUAL(info1, info2);
275 info2 = SigningInfo("id:/my-id");
276 // Change signature type, check inequality
277 BOOST_CHECK_NE(info1, info2);
Eric Newberryb74bbda2020-06-18 19:33:58 -0700278
279 info1 = SigningInfo(SigningInfo::SIGNER_TYPE_SHA256);
280 info2 = SigningInfo(SigningInfo::SIGNER_TYPE_SHA256);
281 // Check equality for signed Interest format
282 BOOST_CHECK_EQUAL(info1, info2);
283 info2.setSignedInterestFormat(SignedInterestFormat::V03);
284 // Change signed Interest format, check inequality
285 BOOST_CHECK_NE(info1, info2);
Nick Gordon2a6d45a2017-01-25 14:10:44 -0600286}
287
Davide Pesaventoeee3e822016-11-26 19:19:34 +0100288BOOST_AUTO_TEST_SUITE_END() // TestSigningInfo
289BOOST_AUTO_TEST_SUITE_END() // Security
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700290
291} // namespace tests
292} // namespace security
293} // namespace ndn