Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / 152ef44da92e9d38d8290fbdeb8de38a8cd83edc / . / tests / unit / security / certificate.t.cpp
blob: 44ae73106a11ffe46361543f340eecb7a0fe19b0 [file] [log] [blame]
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Davide Pesavento0f830802018-01-16 23:58:58 -0500[diff] [blame]2/*
Davide Pesaventof6b45892023-03-13 15:00:51 -0400[diff] [blame]3 * Copyright (c) 2013-2023 Regents of the University of California.
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]4 *
5 * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
6 *
7 * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8 * terms of the GNU Lesser General Public License as published by the Free Software
9 * Foundation, either version 3 of the License, or (at your option) any later version.
10 *
11 * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License and GNU Lesser
16 * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17 * <http://www.gnu.org/licenses/>.
18 *
19 * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
20 *
21 * @author Zhiyi Zhang <dreamerbarrychang@gmail.com>
22 */
23
Alexander Afanasyev09236c22020-06-03 13:42:38 -0400[diff] [blame]24#include "ndn-cxx/security/certificate.hpp"
Davide Pesaventodd0724b2022-04-18 00:30:05 -0400[diff] [blame]25#include "ndn-cxx/encoding/block-helpers.hpp"
26#include "ndn-cxx/util/io.hpp"
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]27
Davide Pesavento7e780642018-11-24 15:51:34 -0500[diff] [blame]28#include "tests/boost-test.hpp"
Davide Pesavento4c1ad4c2020-11-16 21:12:02 -0500[diff] [blame]29#include "tests/unit/clock-fixture.hpp"
Davide Pesavento74daf742018-11-23 18:14:13 -0500[diff] [blame]30
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]31#include <boost/lexical_cast.hpp>
32
33namespace ndn {
34namespace security {
Alexander Afanasyev09236c22020-06-03 13:42:38 -0400[diff] [blame]35inline namespace v2 {
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]36namespace tests {
37
38using namespace ndn::tests;
39
Davide Pesavento152ef442023-04-22 02:02:29 -0400[diff] [blame^]40BOOST_CONCEPT_ASSERT((WireEncodable<Certificate>));
41BOOST_CONCEPT_ASSERT((WireDecodable<Certificate>));
42static_assert(std::is_convertible_v<Certificate::Error*, Data::Error*>,
43 "Certificate::Error must inherit from Data::Error");
44
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]45BOOST_AUTO_TEST_SUITE(Security)
Davide Pesavento4c1ad4c2020-11-16 21:12:02 -0500[diff] [blame]46BOOST_FIXTURE_TEST_SUITE(TestCertificate, ClockFixture)
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]47
48const uint8_t PUBLIC_KEY[] = {
49 0x30, 0x81, 0x9d, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01,
50 0x01, 0x05, 0x00, 0x03, 0x81, 0x8b, 0x00, 0x30, 0x81, 0x87, 0x02, 0x81, 0x81, 0x00, 0x9e,
51 0x06, 0x3e, 0x47, 0x85, 0xb2, 0x34, 0x37, 0xaa, 0x85, 0x47, 0xac, 0x03, 0x24, 0x83, 0xb5,
52 0x9c, 0xa8, 0x05, 0x3a, 0x24, 0x1e, 0xeb, 0x89, 0x01, 0xbb, 0xe9, 0x9b, 0xb2, 0xc3, 0x22,
53 0xac, 0x68, 0xe3, 0xf0, 0x6c, 0x02, 0xce, 0x68, 0xa6, 0xc4, 0xd0, 0xa7, 0x06, 0x90, 0x9c,
54 0xaa, 0x1b, 0x08, 0x1d, 0x8b, 0x43, 0x9a, 0x33, 0x67, 0x44, 0x6d, 0x21, 0xa3, 0x1b, 0x88,
55 0x9a, 0x97, 0x5e, 0x59, 0xc4, 0x15, 0x0b, 0xd9, 0x2c, 0xbd, 0x51, 0x07, 0x61, 0x82, 0xad,
56 0xc1, 0xb8, 0xd7, 0xbf, 0x9b, 0xcf, 0x7d, 0x24, 0xc2, 0x63, 0xf3, 0x97, 0x17, 0xeb, 0xfe,
57 0x62, 0x25, 0xba, 0x5b, 0x4d, 0x8a, 0xc2, 0x7a, 0xbd, 0x43, 0x8a, 0x8f, 0xb8, 0xf2, 0xf1,
58 0xc5, 0x6a, 0x30, 0xd3, 0x50, 0x8c, 0xc8, 0x9a, 0xdf, 0xef, 0xed, 0x35, 0xe7, 0x7a, 0x62,
59 0xea, 0x76, 0x7c, 0xbb, 0x08, 0x26, 0xc7, 0x02, 0x01, 0x11
60};
61
62const uint8_t SIG_INFO[] = {
63 0x16, 0x55, 0x1B, 0x01, 0x01, 0x1C, 0x26, 0x07, 0x24, 0x08, 0x03, 0x6E, 0x64, 0x6E, 0x08, 0x05,
64 0x73, 0x69, 0x74, 0x65, 0x31, 0x08, 0x11, 0x6B, 0x73, 0x6B, 0x2D, 0x32, 0x35, 0x31, 0x36, 0x34,
65 0x32, 0x35, 0x33, 0x37, 0x37, 0x30, 0x39, 0x34, 0x08, 0x03, 0x4B, 0x45, 0x59, 0xFD, 0x00, 0xFD,
66 0x26, 0xFD, 0x00, 0xFE, 0x0F, 0x32, 0x30, 0x31, 0x35, 0x30, 0x38, 0x31, 0x34, 0x54, 0x32, 0x32,
67 0x33, 0x37, 0x33, 0x39, 0xFD, 0x00, 0xFF, 0x0F, 0x32, 0x30, 0x31, 0x35, 0x30, 0x38, 0x31, 0x38,
68 0x54, 0x32, 0x32, 0x33, 0x37, 0x33, 0x38
69};
70
71const uint8_t SIG_VALUE[] = {
Davide Pesavento14c56cd2020-05-21 01:44:03 -0400[diff] [blame]72 0x2f, 0xd6, 0xf1, 0x6e, 0x80, 0x6f, 0x10, 0xbe, 0xb1, 0x6f, 0x3e, 0x31, 0xec, 0xe3, 0xb9, 0xea,
73 0x83, 0x30, 0x40, 0x03, 0xfc, 0xa0, 0x13, 0xd9, 0xb3, 0xc6, 0x25, 0x16, 0x2d, 0xa6, 0x58, 0x41,
74 0x69, 0x62, 0x56, 0xd8, 0xb3, 0x6a, 0x38, 0x76, 0x56, 0xea, 0x61, 0xb2, 0x32, 0x70, 0x1c, 0xb6,
75 0x4d, 0x10, 0x1d, 0xdc, 0x92, 0x8e, 0x52, 0xa5, 0x8a, 0x1d, 0xd9, 0x96, 0x5e, 0xc0, 0x62, 0x0b,
76 0xcf, 0x3a, 0x9d, 0x7f, 0xca, 0xbe, 0xa1, 0x41, 0x71, 0x85, 0x7a, 0x8b, 0x5d, 0xa9, 0x64, 0xd6,
77 0x66, 0xb4, 0xe9, 0x8d, 0x0c, 0x28, 0x43, 0xee, 0xa6, 0x64, 0xe8, 0x55, 0xf6, 0x1c, 0x19, 0x0b,
78 0xef, 0x99, 0x25, 0x1e, 0xdc, 0x78, 0xb3, 0xa7, 0xaa, 0x0d, 0x14, 0x58, 0x30, 0xe5, 0x37, 0x6a,
79 0x6d, 0xdb, 0x56, 0xac, 0xa3, 0xfc, 0x90, 0x7a, 0xb8, 0x66, 0x9c, 0x0e, 0xf6, 0xb7, 0x64, 0xd1,
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]80};
81
82const uint8_t CERT[] = {
83 0x06, 0xFD, 0x01, 0xBB, // Data
84 0x07, 0x33, // Name /ndn/site1/KEY/ksk-1416425377094/0123/%FD%00%00%01I%C9%8B
85 0x08, 0x03, 0x6E, 0x64, 0x6E,
86 0x08, 0x05, 0x73, 0x69, 0x74, 0x65, 0x31,
87 0x08, 0x03, 0x4B, 0x45, 0x59,
88 0x08, 0x11,
89 0x6B, 0x73, 0x6B, 0x2D, 0x31, 0x34, 0x31, 0x36, 0x34, 0x32, 0x35, 0x33, 0x37, 0x37, 0x30, 0x39,
90 0x34,
91 0x08, 0x04, 0x30, 0x31, 0x32, 0x33,
92 0x08, 0x07, 0xFD, 0x00, 0x00, 0x01, 0x49, 0xC9, 0x8B,
93 0x14, 0x09, // MetaInfo
94 0x18, 0x01, 0x02, // ContentType = Key
95 0x19, 0x04, 0x00, 0x36, 0xEE, 0x80, // FreshnessPeriod = 3600000 ms
96 0x15, 0xA0, // Content
97 0x30, 0x81, 0x9D, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01,
98 0x05, 0x00, 0x03, 0x81, 0x8B, 0x00, 0x30, 0x81, 0x87, 0x02, 0x81, 0x81, 0x00, 0x9E, 0x06, 0x3E,
99 0x47, 0x85, 0xB2, 0x34, 0x37, 0xAA, 0x85, 0x47, 0xAC, 0x03, 0x24, 0x83, 0xB5, 0x9C, 0xA8, 0x05,
100 0x3A, 0x24, 0x1E, 0xEB, 0x89, 0x01, 0xBB, 0xE9, 0x9B, 0xB2, 0xC3, 0x22, 0xAC, 0x68, 0xE3, 0xF0,
101 0x6C, 0x02, 0xCE, 0x68, 0xA6, 0xC4, 0xD0, 0xA7, 0x06, 0x90, 0x9C, 0xAA, 0x1B, 0x08, 0x1D, 0x8B,
102 0x43, 0x9A, 0x33, 0x67, 0x44, 0x6D, 0x21, 0xA3, 0x1B, 0x88, 0x9A, 0x97, 0x5E, 0x59, 0xC4, 0x15,
103 0x0B, 0xD9, 0x2C, 0xBD, 0x51, 0x07, 0x61, 0x82, 0xAD, 0xC1, 0xB8, 0xD7, 0xBF, 0x9B, 0xCF, 0x7D,
104 0x24, 0xC2, 0x63, 0xF3, 0x97, 0x17, 0xEB, 0xFE, 0x62, 0x25, 0xBA, 0x5B, 0x4D, 0x8A, 0xC2, 0x7A,
105 0xBD, 0x43, 0x8A, 0x8F, 0xB8, 0xF2, 0xF1, 0xC5, 0x6A, 0x30, 0xD3, 0x50, 0x8C, 0xC8, 0x9A, 0xDF,
106 0xEF, 0xED, 0x35, 0xE7, 0x7A, 0x62, 0xEA, 0x76, 0x7C, 0xBB, 0x08, 0x26, 0xC7, 0x02, 0x01, 0x11,
107 0x16, 0x55, // SignatureInfo
108 0x1B, 0x01, 0x01, // SignatureType
109 0x1C, 0x26, // KeyLocator: /ndn/site1/KEY/ksk-2516425377094
110 0x07, 0x24,
111 0x08, 0x03, 0x6E, 0x64, 0x6E,
112 0x08, 0x05, 0x73, 0x69, 0x74, 0x65, 0x31,
113 0x08, 0x03, 0x4B, 0x45, 0x59,
114 0x08, 0x11,
115 0x6B, 0x73, 0x6B, 0x2D, 0x32, 0x35, 0x31, 0x36, 0x34, 0x32, 0x35, 0x33, 0x37, 0x37, 0x30, 0x39,
116 0x34,
117 0xFD, 0x00, 0xFD, 0x26, // ValidityPeriod: (20150814T223739, 20150818T223738)
118 0xFD, 0x00, 0xFE, 0x0F,
119 0x32, 0x30, 0x31, 0x35, 0x30, 0x38, 0x31, 0x34, 0x54, 0x32, 0x32, 0x33, 0x37, 0x33, 0x39,
120 0xFD, 0x00, 0xFF, 0x0F,
121 0x32, 0x30, 0x31, 0x35, 0x30, 0x38, 0x31, 0x38, 0x54, 0x32, 0x32, 0x33, 0x37, 0x33, 0x38,
122 0x17, 0x80, // SignatureValue
123 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
124 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
125 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
126 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
127 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
128 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
129 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
130 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
131};
132
Eric Newberrya3c8bd12020-05-15 17:27:07 -0700[diff] [blame]133static void
134generateFakeSignature(Data& data)
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]135{
Davide Pesaventofbea4fc2022-02-08 07:26:04 -0500[diff] [blame]136 SignatureInfo signatureInfo(Block{SIG_INFO});
Davide Pesavento487e3d32022-05-05 18:06:23 -0400[diff] [blame]137 signatureInfo.setKeyLocator(Name("/ndn/site1/KEY/ksk-2516425377094"));
Eric Newberrya3c8bd12020-05-15 17:27:07 -0700[diff] [blame]138 signatureInfo.setValidityPeriod(ValidityPeriod(time::fromIsoString("20141111T050000"),
139 time::fromIsoString("20141111T060000")));
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]140
Eric Newberrya3c8bd12020-05-15 17:27:07 -0700[diff] [blame]141 data.setSignatureInfo(signatureInfo);
Davide Pesavento487e3d32022-05-05 18:06:23 -0400[diff] [blame]142 data.setSignatureValue(SIG_VALUE);
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]143}
144
145BOOST_AUTO_TEST_CASE(Construction)
146{
Davide Pesaventofbea4fc2022-02-08 07:26:04 -0500[diff] [blame]147 Block block(CERT);
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]148 Certificate certificate(block);
Davide Pesavento8e2a61d2022-05-13 18:44:03 -0400[diff] [blame]149 const ValidityPeriod vp(time::fromIsoString("20150814T223739"),
150 time::fromIsoString("20150818T223738"));
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]151
152 BOOST_CHECK_EQUAL(certificate.getName(), "/ndn/site1/KEY/ksk-1416425377094/0123/%FD%00%00%01I%C9%8B");
153 BOOST_CHECK_EQUAL(certificate.getKeyName(), "/ndn/site1/KEY/ksk-1416425377094");
154 BOOST_CHECK_EQUAL(certificate.getIdentity(), "/ndn/site1");
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]155 BOOST_CHECK_EQUAL(certificate.getKeyId(), name::Component("ksk-1416425377094"));
Davide Pesavento8e2a61d2022-05-13 18:44:03 -0400[diff] [blame]156 BOOST_CHECK_EQUAL(certificate.getIssuerId(), name::Component("0123"));
157 BOOST_TEST(certificate.getPublicKey() == PUBLIC_KEY, boost::test_tools::per_element());
Davide Pesaventodd0724b2022-04-18 00:30:05 -0400[diff] [blame]158 BOOST_CHECK_EQUAL(certificate.getKeyLocator().value().getName(), "/ndn/site1/KEY/ksk-2516425377094");
Davide Pesavento8e2a61d2022-05-13 18:44:03 -0400[diff] [blame]159 BOOST_CHECK_EQUAL(certificate.getValidityPeriod(), vp);
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]160
Davide Pesavento8e2a61d2022-05-13 18:44:03 -0400[diff] [blame]161 BOOST_CHECK_EQUAL(certificate.getExtension(tlv::ValidityPeriod), vp.wireEncode());
162 BOOST_CHECK_THROW(certificate.getExtension(12345), tlv::Error);
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]163
164 Data data(block);
165 Certificate certificate2(std::move(data));
166 BOOST_CHECK_EQUAL(certificate, certificate2);
167}
168
169BOOST_AUTO_TEST_CASE(Setters)
170{
171 Certificate certificate;
172 certificate.setName("/ndn/site1/KEY/ksk-1416425377094/0123/%FD%00%00%01I%C9%8B");
Davide Pesavento0f830802018-01-16 23:58:58 -0500[diff] [blame]173 certificate.setFreshnessPeriod(1_h);
Davide Pesaventoa3d809e2022-02-06 11:55:02 -0500[diff] [blame]174 certificate.setContent(PUBLIC_KEY);
Eric Newberrya3c8bd12020-05-15 17:27:07 -0700[diff] [blame]175 generateFakeSignature(certificate);
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]176
Davide Pesavento8e2a61d2022-05-13 18:44:03 -0400[diff] [blame]177 const ValidityPeriod vp(time::fromIsoString("20141111T050000"),
178 time::fromIsoString("20141111T060000"));
179
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]180 BOOST_CHECK_EQUAL(certificate.getName(), "/ndn/site1/KEY/ksk-1416425377094/0123/%FD%00%00%01I%C9%8B");
181 BOOST_CHECK_EQUAL(certificate.getKeyName(), "/ndn/site1/KEY/ksk-1416425377094");
182 BOOST_CHECK_EQUAL(certificate.getIdentity(), "/ndn/site1");
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]183 BOOST_CHECK_EQUAL(certificate.getKeyId(), name::Component("ksk-1416425377094"));
Davide Pesavento8e2a61d2022-05-13 18:44:03 -0400[diff] [blame]184 BOOST_CHECK_EQUAL(certificate.getIssuerId(), name::Component("0123"));
185 BOOST_TEST(certificate.getPublicKey() == PUBLIC_KEY, boost::test_tools::per_element());
Davide Pesaventodd0724b2022-04-18 00:30:05 -0400[diff] [blame]186 BOOST_CHECK_EQUAL(certificate.getKeyLocator().value().getName(), "/ndn/site1/KEY/ksk-2516425377094");
Davide Pesavento8e2a61d2022-05-13 18:44:03 -0400[diff] [blame]187 BOOST_CHECK_EQUAL(certificate.getValidityPeriod(), vp);
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]188
Davide Pesavento8e2a61d2022-05-13 18:44:03 -0400[diff] [blame]189 BOOST_CHECK_EQUAL(certificate.getExtension(tlv::ValidityPeriod), vp.wireEncode());
190 BOOST_CHECK_THROW(certificate.getExtension(12345), tlv::Error);
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]191}
192
193BOOST_AUTO_TEST_CASE(ValidityPeriodChecking)
194{
195 Certificate certificate;
196 certificate.setName("/ndn/site1/KEY/ksk-1416425377094/0123/%FD%00%00%01I%C9%8B");
Davide Pesavento0f830802018-01-16 23:58:58 -0500[diff] [blame]197 certificate.setFreshnessPeriod(1_h);
Davide Pesaventoa3d809e2022-02-06 11:55:02 -0500[diff] [blame]198 certificate.setContent(PUBLIC_KEY);
Eric Newberrya3c8bd12020-05-15 17:27:07 -0700[diff] [blame]199 generateFakeSignature(certificate);
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]200
201 BOOST_CHECK_EQUAL(certificate.isValid(), true);
202 BOOST_CHECK_EQUAL(certificate.isValid(time::fromIsoString("20141111T045959")), false);
203 BOOST_CHECK_EQUAL(certificate.isValid(time::fromIsoString("20141111T060001")), false);
204}
205
206// This fixture prepares a well-formed certificate. A test case then modifies one of the
207// fields, and verifies the Certificate class correctly identifies the certificate as
208// malformed.
209class InvalidCertFixture
210{
211public:
212 InvalidCertFixture()
213 {
Davide Pesaventofbea4fc2022-02-08 07:26:04 -0500[diff] [blame]214 Certificate certBase(Block{CERT});
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]215 m_certBase = Data(certBase);
Eric Newberrya3c8bd12020-05-15 17:27:07 -0700[diff] [blame]216 generateFakeSignature(m_certBase);
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]217
Davide Pesaventodd0724b2022-04-18 00:30:05 -0400[diff] [blame]218 BOOST_REQUIRE_NO_THROW(Certificate{m_certBase});
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]219 }
220
Davide Pesaventodd0724b2022-04-18 00:30:05 -0400[diff] [blame]221protected:
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]222 Data m_certBase;
223};
224
225BOOST_FIXTURE_TEST_CASE(InvalidName, InvalidCertFixture)
226{
227 Data data(m_certBase);
228 data.setName("/ndn/site1/ksk-1416425377094/0123/%FD%00%00%01I%C9%8B");
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]229
Davide Pesavento8e2a61d2022-05-13 18:44:03 -0400[diff] [blame]230 BOOST_CHECK_EXCEPTION(Certificate{std::move(data)}, Certificate::Error, [] (const auto& e) {
231 return e.what() == "Certificate name does not follow the naming conventions"s;
232 });
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]233}
234
Davide Pesavento8e2a61d2022-05-13 18:44:03 -0400[diff] [blame]235BOOST_FIXTURE_TEST_CASE(InvalidContentType, InvalidCertFixture)
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]236{
237 Data data(m_certBase);
238 data.setContentType(tlv::ContentType_Blob);
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]239
Davide Pesavento8e2a61d2022-05-13 18:44:03 -0400[diff] [blame]240 BOOST_CHECK_EXCEPTION(Certificate{std::move(data)}, Certificate::Error, [] (const auto& e) {
241 return e.what() == "Expecting ContentType=Key, got 0"s;
242 });
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]243}
244
Davide Pesavento8e2a61d2022-05-13 18:44:03 -0400[diff] [blame]245BOOST_FIXTURE_TEST_CASE(InvalidFreshnessPeriod, InvalidCertFixture)
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]246{
247 Data data(m_certBase);
Davide Pesavento8e2a61d2022-05-13 18:44:03 -0400[diff] [blame]248 data.setFreshnessPeriod(0_ms);
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]249
Davide Pesavento8e2a61d2022-05-13 18:44:03 -0400[diff] [blame]250 BOOST_CHECK_EXCEPTION(Certificate{std::move(data)}, Certificate::Error, [] (const auto& e) {
251 return e.what() == "Certificate FreshnessPeriod cannot be zero"s;
252 });
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]253}
254
Davide Pesaventodd0724b2022-04-18 00:30:05 -0400[diff] [blame]255BOOST_AUTO_TEST_CASE(Print)
Alexander Afanasyev5f1820e2017-01-04 18:12:42 -0800[diff] [blame]256{
Davide Pesaventodd0724b2022-04-18 00:30:05 -0400[diff] [blame]257 const std::string expected1(
258R"TXT(Certificate Name:
259 /
260Public Key:
261 Key Type: Unknown (0 bytes)
262Signature Information:
263 Signature Type: Unknown(65535)
264)TXT");
265
266 Certificate cert1;
267 BOOST_CHECK_EQUAL(boost::lexical_cast<std::string>(cert1), expected1);
268
269 const std::string expected2(
270R"TXT(Certificate Name:
Alexander Afanasyev5f1820e2017-01-04 18:12:42 -0800[diff] [blame]271 /ndn/site1/KEY/ksk-1416425377094/0123/%FD%00%00%01I%C9%8B
Davide Pesaventodd0724b2022-04-18 00:30:05 -0400[diff] [blame]272Public Key:
273 Key Type: 1024-bit RSA
Alexander Afanasyev5f1820e2017-01-04 18:12:42 -0800[diff] [blame]274 MIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQCeBj5HhbI0N6qFR6wDJIO1nKgF
275 OiQe64kBu+mbssMirGjj8GwCzmimxNCnBpCcqhsIHYtDmjNnRG0hoxuImpdeWcQV
276 C9ksvVEHYYKtwbjXv5vPfSTCY/OXF+v+YiW6W02Kwnq9Q4qPuPLxxWow01CMyJrf
277 7+0153pi6nZ8uwgmxwIBEQ==
Davide Pesaventodd0724b2022-04-18 00:30:05 -0400[diff] [blame]278Validity:
279 Not Before: 2015-08-14T22:37:39
280 Not After: 2015-08-18T22:37:38
Alexander Afanasyev5f1820e2017-01-04 18:12:42 -0800[diff] [blame]281Signature Information:
282 Signature Type: SignatureSha256WithRsa
283 Key Locator: Name=/ndn/site1/KEY/ksk-2516425377094
Davide Pesaventodd0724b2022-04-18 00:30:05 -0400[diff] [blame]284)TXT");
Alexander Afanasyev5f1820e2017-01-04 18:12:42 -0800[diff] [blame]285
Davide Pesaventodd0724b2022-04-18 00:30:05 -0400[diff] [blame]286 Certificate cert2(Block{CERT});
287 BOOST_CHECK_EQUAL(boost::lexical_cast<std::string>(cert2), expected2);
Alexander Afanasyev5f1820e2017-01-04 18:12:42 -0800[diff] [blame]288
Davide Pesaventodd0724b2022-04-18 00:30:05 -0400[diff] [blame]289 const std::string expected3(
290R"TXT(Certificate Name:
291 /ndn/test/identity/KEY/%C7G%3A%D6%12P%B5%F0/self/v=1650251820652
292Public Key:
293 Key Type: 256-bit EC
294 MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnoGVuhO+9JnIRo6QSgJin8RgA8Gh
295 RN9oVbnXi2rAJa4jq1yuCKaLeOt2sdXlkW6uBByOhbTuDdovlbIUsJ8bhg==
296Validity:
297 Not Before: 1970-01-01T00:00:00
298 Not After: 2042-04-13T03:17:00
299Signature Information:
300 Signature Type: SignatureSha256WithEcdsa
301 Key Locator: Name=/ndn/test/identity/KEY/%C7G%3A%D6%12P%B5%F0
302 Self-Signed: yes
303)TXT");
304
305 std::istringstream is(
306R"BASE64(Bv0BPgc0CANuZG4IBHRlc3QICGlkZW50aXR5CANLRVkICMdHOtYSULXwCARzZWxm
307NggAAAGAOqxubBQJGAECGQQANu6AFVswWTATBgcqhkjOPQIBBggqhkjOPQMBBwNC
308AASegZW6E770mchGjpBKAmKfxGADwaFE32hVudeLasAlriOrXK4Ipot463ax1eWR
309bq4EHI6FtO4N2i+VshSwnxuGFlUbAQMcJgckCANuZG4IBHRlc3QICGlkZW50aXR5
310CANLRVkICMdHOtYSULXw/QD9Jv0A/g8xOTcwMDEwMVQwMDAwMDD9AP8PMjA0MjA0
311MTNUMDMxNzAwF0cwRQIgFRnwthtzKdqRgO3cZMNA1hfT3QcNu/+xjo7hUy+UvdsC
312IQCz3DHoRtKl7uZoJOgQsZP1/CGkNjlGZE3EQ+Ylwiprrw==)BASE64");
313 Certificate cert3 = io::loadTlv<Certificate>(is, io::BASE64);
314 BOOST_CHECK_EQUAL(boost::lexical_cast<std::string>(cert3), expected3);
315
316 const std::string expected4(
317R"TXT(Certificate Name:
318 /ndn/test/identity/KEY/%C7G%3A%D6%12P%B5%F0/self/v=1650251820652
319Public Key:
320 Key Type: Unknown (23 bytes)
321 bm90IGEgdmFsaWQgcHVibGljIGtleQA=
322Validity:
323 Not Before: 1970-01-01T00:00:00
324 Not After: 2042-04-13T03:17:00
325Signature Information:
326 Signature Type: SignatureSha256WithEcdsa
327 Key Locator: Name=/ndn/test/identity/KEY/%C7G%3A%D6%12P%B5%F0
328 Self-Signed: yes
329)TXT");
330
331 const uint8_t notAKey[] = "not a valid public key";
332 Certificate cert4(cert3);
333 cert4.setContent(notAKey);
334 BOOST_CHECK_EQUAL(boost::lexical_cast<std::string>(cert4), expected4);
335
336 const std::string expected5(
337R"TXT(Certificate Name:
338 /ndn/test/identity/KEY/%C7G%3A%D6%12P%B5%F0/self/v=1650251820652
339Additional Description:
340 bWFsZm9ybWVk
341Public Key:
342 Key Type: 256-bit EC
343 MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnoGVuhO+9JnIRo6QSgJin8RgA8Gh
344 RN9oVbnXi2rAJa4jq1yuCKaLeOt2sdXlkW6uBByOhbTuDdovlbIUsJ8bhg==
345Validity:
346 Not Before: 1970-01-01T00:00:00
347 Not After: 2042-04-13T03:17:00
348Signature Information:
349 Signature Type: SignatureSha256WithEcdsa
350 Key Locator: KeyDigest=0000000000000000
351)TXT");
352
353 auto sigInfo = cert3.getSignatureInfo();
354 sigInfo.addCustomTlv(makeStringBlock(tlv::AdditionalDescription, "malformed"));
355 sigInfo.setKeyLocator(KeyLocator().setKeyDigest(std::make_shared<Buffer>(8)));
356 Certificate cert5(cert3);
357 cert5.setSignatureInfo(sigInfo);
358 BOOST_CHECK_EQUAL(boost::lexical_cast<std::string>(cert5), expected5);
359
360 const std::string expected6(
361R"TXT(Certificate Name:
362 /ndn/test/identity/KEY/%C7G%3A%D6%12P%B5%F0/self/v=1650251820652
363Public Key:
364 Key Type: 256-bit EC
365 MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnoGVuhO+9JnIRo6QSgJin8RgA8Gh
366 RN9oVbnXi2rAJa4jq1yuCKaLeOt2sdXlkW6uBByOhbTuDdovlbIUsJ8bhg==
367Signature Information:
368 Signature Type: DigestSha256
369)TXT");
370
371 sigInfo.removeCustomTlv(tlv::AdditionalDescription);
372 sigInfo.addCustomTlv(makeStringBlock(tlv::ValidityPeriod, "malformed"));
373 sigInfo.setSignatureType(tlv::DigestSha256);
Davide Pesaventof6b45892023-03-13 15:00:51 -0400[diff] [blame]374 sigInfo.setKeyLocator(std::nullopt);
Davide Pesaventodd0724b2022-04-18 00:30:05 -0400[diff] [blame]375 Certificate cert6(cert3);
376 cert6.setSignatureInfo(sigInfo);
377 BOOST_CHECK_EQUAL(boost::lexical_cast<std::string>(cert6), expected6);
Alexander Afanasyev5f1820e2017-01-04 18:12:42 -0800[diff] [blame]378}
379
Davide Pesavento8e2a61d2022-05-13 18:44:03 -0400[diff] [blame]380BOOST_AUTO_TEST_CASE(Helpers)
381{
382 BOOST_CHECK_EQUAL(extractIdentityFromCertName("/KEY/hello/world/v=1"), "/");
383 BOOST_CHECK_EQUAL(extractIdentityFromCertName("/hello/world/KEY/!/self/v=42"), "/hello/world");
384
385 BOOST_CHECK_THROW(extractIdentityFromCertName("/hello"), std::invalid_argument);
386 BOOST_CHECK_THROW(extractIdentityFromCertName("/hello/KEY/keyid"), std::invalid_argument);
387 BOOST_CHECK_THROW(extractIdentityFromCertName("/hello/KEY/keyid/issuer"), std::invalid_argument);
388 BOOST_CHECK_THROW(extractIdentityFromCertName("/a/long/enough/but/invalid/name"), std::invalid_argument);
389
390 BOOST_CHECK_EQUAL(extractKeyNameFromCertName("/KEY/hello/world/v=1"), "/KEY/hello");
391 BOOST_CHECK_EQUAL(extractKeyNameFromCertName("/hello/world/KEY/!/self/v=42"), "/hello/world/KEY/!");
392
393 BOOST_CHECK_THROW(extractKeyNameFromCertName("/hello"), std::invalid_argument);
394 BOOST_CHECK_THROW(extractKeyNameFromCertName("/hello/KEY/keyid"), std::invalid_argument);
395 BOOST_CHECK_THROW(extractKeyNameFromCertName("/hello/KEY/keyid/issuer"), std::invalid_argument);
396 BOOST_CHECK_THROW(extractKeyNameFromCertName("/a/long/enough/but/invalid/name"), std::invalid_argument);
397}
398
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]399BOOST_AUTO_TEST_SUITE_END() // TestCertificate
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]400BOOST_AUTO_TEST_SUITE_END() // Security
401
402} // namespace tests
Alexander Afanasyev09236c22020-06-03 13:42:38 -0400[diff] [blame]403} // inline namespace v2
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700[diff] [blame]404} // namespace security
405} // namespace ndn