Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 1 | /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */ |
Junxiao Shi | 2bea5c4 | 2017-08-14 20:10:32 +0000 | [diff] [blame] | 2 | /* |
Alexander Afanasyev | 09236c2 | 2020-06-03 13:42:38 -0400 | [diff] [blame] | 3 | * Copyright (c) 2013-2020 Regents of the University of California. |
Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 4 | * |
| 5 | * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions). |
| 6 | * |
| 7 | * ndn-cxx library is free software: you can redistribute it and/or modify it under the |
| 8 | * terms of the GNU Lesser General Public License as published by the Free Software |
| 9 | * Foundation, either version 3 of the License, or (at your option) any later version. |
| 10 | * |
| 11 | * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY |
| 12 | * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A |
| 13 | * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. |
| 14 | * |
| 15 | * You should have received copies of the GNU General Public License and GNU Lesser |
| 16 | * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see |
| 17 | * <http://www.gnu.org/licenses/>. |
| 18 | * |
| 19 | * See AUTHORS.md for complete list of ndn-cxx authors and contributors. |
| 20 | */ |
| 21 | |
Davide Pesavento | 7e78064 | 2018-11-24 15:51:34 -0500 | [diff] [blame] | 22 | #include "ndn-cxx/security/validator-config.hpp" |
Alexander Afanasyev | 09236c2 | 2020-06-03 13:42:38 -0400 | [diff] [blame] | 23 | #include "ndn-cxx/security/certificate-fetcher-offline.hpp" |
Davide Pesavento | 7e78064 | 2018-11-24 15:51:34 -0500 | [diff] [blame] | 24 | #include "ndn-cxx/security/command-interest-signer.hpp" |
Davide Pesavento | 7e78064 | 2018-11-24 15:51:34 -0500 | [diff] [blame] | 25 | #include "ndn-cxx/util/dummy-client-face.hpp" |
Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 26 | |
Davide Pesavento | 7e78064 | 2018-11-24 15:51:34 -0500 | [diff] [blame] | 27 | #include "tests/boost-test.hpp" |
| 28 | #include "tests/identity-management-fixture.hpp" |
Alexander Afanasyev | 09236c2 | 2020-06-03 13:42:38 -0400 | [diff] [blame] | 29 | #include "tests/unit/security/validator-config/common.hpp" |
Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 30 | |
Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 31 | namespace ndn { |
Alexander Afanasyev | e4f8c3b | 2016-06-23 16:03:48 -0700 | [diff] [blame] | 32 | namespace security { |
Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 33 | namespace tests { |
| 34 | |
Alexander Afanasyev | e4f8c3b | 2016-06-23 16:03:48 -0700 | [diff] [blame] | 35 | using namespace ndn::tests; |
Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 36 | |
Junxiao Shi | d5827ce | 2016-07-14 20:49:37 +0000 | [diff] [blame] | 37 | BOOST_AUTO_TEST_SUITE(Security) |
Alexander Afanasyev | e5a19b8 | 2017-01-30 22:30:46 -0800 | [diff] [blame] | 38 | BOOST_FIXTURE_TEST_SUITE(TestValidatorConfig, IdentityManagementFixture) |
Alexander Afanasyev | 70244f4 | 2017-01-04 12:47:12 -0800 | [diff] [blame] | 39 | |
Alexander Afanasyev | e5a19b8 | 2017-01-30 22:30:46 -0800 | [diff] [blame] | 40 | // This test only for API, actual tests are in ValidationPolicyConfig and corresponding CertificateFetchers |
| 41 | |
| 42 | BOOST_AUTO_TEST_CASE(Construct) |
| 43 | { |
| 44 | util::DummyClientFace face; |
| 45 | |
| 46 | ValidatorConfig v1(face); |
| 47 | BOOST_CHECK_EQUAL(v1.m_policyConfig.m_isConfigured, false); |
| 48 | |
| 49 | ValidatorConfig v2(make_unique<v2::CertificateFetcherOffline>()); |
| 50 | BOOST_CHECK_EQUAL(v2.m_policyConfig.m_isConfigured, false); |
| 51 | } |
| 52 | |
| 53 | class ValidatorConfigFixture : public IdentityManagementFixture |
Alexander Afanasyev | 70244f4 | 2017-01-04 12:47:12 -0800 | [diff] [blame] | 54 | { |
| 55 | public: |
| 56 | ValidatorConfigFixture() |
Alexander Afanasyev | e5a19b8 | 2017-01-30 22:30:46 -0800 | [diff] [blame] | 57 | : path(boost::filesystem::path(UNIT_TEST_CONFIG_PATH) / "security" / "validator-config") |
| 58 | , validator(make_unique<v2::CertificateFetcherOffline>()) |
Alexander Afanasyev | 70244f4 | 2017-01-04 12:47:12 -0800 | [diff] [blame] | 59 | { |
Alexander Afanasyev | e5a19b8 | 2017-01-30 22:30:46 -0800 | [diff] [blame] | 60 | boost::filesystem::create_directories(path); |
| 61 | config = R"CONF( |
| 62 | trust-anchor |
| 63 | { |
| 64 | type any |
| 65 | } |
| 66 | )CONF"; |
| 67 | configFile = (this->path / "config.conf").string(); |
| 68 | std::ofstream f(configFile.c_str()); |
| 69 | f << config; |
| 70 | } |
| 71 | |
| 72 | ~ValidatorConfigFixture() |
| 73 | { |
| 74 | boost::filesystem::remove_all(path); |
Alexander Afanasyev | 70244f4 | 2017-01-04 12:47:12 -0800 | [diff] [blame] | 75 | } |
| 76 | |
| 77 | public: |
Alexander Afanasyev | e5a19b8 | 2017-01-30 22:30:46 -0800 | [diff] [blame] | 78 | const boost::filesystem::path path; |
| 79 | std::string config; |
| 80 | std::string configFile; |
Alexander Afanasyev | 70244f4 | 2017-01-04 12:47:12 -0800 | [diff] [blame] | 81 | ValidatorConfig validator; |
| 82 | }; |
| 83 | |
Alexander Afanasyev | e5a19b8 | 2017-01-30 22:30:46 -0800 | [diff] [blame] | 84 | BOOST_FIXTURE_TEST_SUITE(Loads, ValidatorConfigFixture) |
Alexander Afanasyev | e4f8c3b | 2016-06-23 16:03:48 -0700 | [diff] [blame] | 85 | |
Alexander Afanasyev | e5a19b8 | 2017-01-30 22:30:46 -0800 | [diff] [blame] | 86 | BOOST_AUTO_TEST_CASE(FromFile) |
Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 87 | { |
Alexander Afanasyev | e5a19b8 | 2017-01-30 22:30:46 -0800 | [diff] [blame] | 88 | validator.load(configFile); |
| 89 | BOOST_CHECK_EQUAL(validator.m_policyConfig.m_isConfigured, true); |
Alexander Afanasyev | 6aff024 | 2017-08-29 17:14:44 -0400 | [diff] [blame] | 90 | |
| 91 | // should reload policy |
| 92 | validator.load(configFile); |
| 93 | BOOST_CHECK_EQUAL(validator.m_policyConfig.m_isConfigured, true); |
Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 94 | } |
| 95 | |
Alexander Afanasyev | e5a19b8 | 2017-01-30 22:30:46 -0800 | [diff] [blame] | 96 | BOOST_AUTO_TEST_CASE(FromString) |
Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 97 | { |
Alexander Afanasyev | e5a19b8 | 2017-01-30 22:30:46 -0800 | [diff] [blame] | 98 | validator.load(config, "config-file-from-string"); |
| 99 | BOOST_CHECK_EQUAL(validator.m_policyConfig.m_isConfigured, true); |
Alexander Afanasyev | 6aff024 | 2017-08-29 17:14:44 -0400 | [diff] [blame] | 100 | |
| 101 | // should reload policy |
| 102 | validator.load(config, "config-file-from-string"); |
| 103 | BOOST_CHECK_EQUAL(validator.m_policyConfig.m_isConfigured, true); |
Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 104 | } |
| 105 | |
Alexander Afanasyev | e5a19b8 | 2017-01-30 22:30:46 -0800 | [diff] [blame] | 106 | BOOST_AUTO_TEST_CASE(FromIstream) |
Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 107 | { |
Alexander Afanasyev | e5a19b8 | 2017-01-30 22:30:46 -0800 | [diff] [blame] | 108 | std::istringstream is(config); |
| 109 | validator.load(is, "config-file-from-istream"); |
| 110 | BOOST_CHECK_EQUAL(validator.m_policyConfig.m_isConfigured, true); |
Alexander Afanasyev | 6aff024 | 2017-08-29 17:14:44 -0400 | [diff] [blame] | 111 | |
| 112 | // should reload policy |
| 113 | std::istringstream is2(config); |
| 114 | validator.load(is2, "config-file-from-istream"); |
| 115 | BOOST_CHECK_EQUAL(validator.m_policyConfig.m_isConfigured, true); |
Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 116 | } |
| 117 | |
Alexander Afanasyev | e5a19b8 | 2017-01-30 22:30:46 -0800 | [diff] [blame] | 118 | BOOST_AUTO_TEST_CASE(FromSection) |
Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 119 | { |
Alexander Afanasyev | e5a19b8 | 2017-01-30 22:30:46 -0800 | [diff] [blame] | 120 | validator.load(v2::validator_config::tests::makeSection(config), "config-file-from-section"); |
| 121 | BOOST_CHECK_EQUAL(validator.m_policyConfig.m_isConfigured, true); |
Alexander Afanasyev | 6aff024 | 2017-08-29 17:14:44 -0400 | [diff] [blame] | 122 | |
| 123 | // should reload policy |
| 124 | validator.load(v2::validator_config::tests::makeSection(config), "config-file-from-section"); |
| 125 | BOOST_CHECK_EQUAL(validator.m_policyConfig.m_isConfigured, true); |
Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 126 | } |
| 127 | |
Alexander Afanasyev | e5a19b8 | 2017-01-30 22:30:46 -0800 | [diff] [blame] | 128 | BOOST_AUTO_TEST_SUITE_END() // Loads |
Zhiyi Zhang | 48becde | 2017-01-05 16:41:38 -0800 | [diff] [blame] | 129 | |
Alexander Afanasyev | 31fd467 | 2018-06-17 13:25:52 -0400 | [diff] [blame] | 130 | |
| 131 | BOOST_FIXTURE_TEST_CASE(ValidateCommandInterestWithDigestSha256, ValidatorConfigFixture) // Bug 4635 |
| 132 | { |
| 133 | validator.load(configFile); |
| 134 | |
Eric Newberry | 1caa634 | 2020-08-23 19:29:08 -0700 | [diff] [blame^] | 135 | InterestSigner signer(m_keyChain); |
Alexander Afanasyev | 31fd467 | 2018-06-17 13:25:52 -0400 | [diff] [blame] | 136 | auto i = signer.makeCommandInterest("/hello/world/CMD", signingWithSha256()); |
| 137 | size_t nValidated = 0, nFailed = 0; |
| 138 | |
| 139 | validator.validate(i, [&] (auto&&...) { ++nValidated; }, [&] (auto&&...) { ++nFailed; }); |
| 140 | BOOST_CHECK_EQUAL(nValidated, 1); |
| 141 | BOOST_CHECK_EQUAL(nFailed, 0); |
| 142 | |
| 143 | validator.validate(i, [&] (auto&&...) { ++nValidated; }, [&] (auto&&...) { ++nFailed; }); |
| 144 | BOOST_CHECK_EQUAL(nValidated, 1); |
| 145 | BOOST_CHECK_EQUAL(nFailed, 1); |
| 146 | |
| 147 | i = signer.makeCommandInterest("/hello/world/CMD", signingWithSha256()); |
| 148 | validator.validate(i, [&] (auto&&...) { ++nValidated; }, [&] (auto&&...) { ++nFailed; }); |
| 149 | BOOST_CHECK_EQUAL(nValidated, 2); |
| 150 | BOOST_CHECK_EQUAL(nFailed, 1); |
| 151 | } |
| 152 | |
Eric Newberry | 1caa634 | 2020-08-23 19:29:08 -0700 | [diff] [blame^] | 153 | BOOST_FIXTURE_TEST_CASE(ValidateSignedInterest, ValidatorConfigFixture) |
| 154 | { |
| 155 | validator.load(configFile); |
| 156 | |
| 157 | InterestSigner signer(m_keyChain); |
| 158 | Interest i1("/hello/world"); |
| 159 | i1.setCanBePrefix(false); |
| 160 | signer.makeSignedInterest(i1); |
| 161 | size_t nValidated = 0, nFailed = 0; |
| 162 | |
| 163 | validator.validate(i1, [&] (auto&&...) { ++nValidated; }, [&] (auto&&...) { ++nFailed; }); |
| 164 | BOOST_CHECK_EQUAL(nValidated, 1); |
| 165 | BOOST_CHECK_EQUAL(nFailed, 0); |
| 166 | |
| 167 | validator.validate(i1, [&] (auto&&...) { ++nValidated; }, [&] (auto&&...) { ++nFailed; }); |
| 168 | BOOST_CHECK_EQUAL(nValidated, 1); |
| 169 | BOOST_CHECK_EQUAL(nFailed, 1); |
| 170 | |
| 171 | Interest i2("/hello/world"); |
| 172 | i2.setCanBePrefix(false); |
| 173 | signer.makeSignedInterest(i2, signingWithSha256()); |
| 174 | validator.validate(i2, [&] (auto&&...) { ++nValidated; }, [&] (auto&&...) { ++nFailed; }); |
| 175 | BOOST_CHECK_EQUAL(nValidated, 2); |
| 176 | BOOST_CHECK_EQUAL(nFailed, 1); |
| 177 | } |
| 178 | |
| 179 | BOOST_FIXTURE_TEST_CASE(ValidateCommandInterest, ValidatorConfigFixture) |
| 180 | { |
| 181 | validator.load(configFile); |
| 182 | |
| 183 | InterestSigner signer(m_keyChain); |
| 184 | auto i1 = signer.makeCommandInterest("/hello/world"); |
| 185 | size_t nValidated = 0, nFailed = 0; |
| 186 | |
| 187 | validator.validate(i1, [&] (auto&&...) { ++nValidated; }, [&] (auto&&...) { ++nFailed; }); |
| 188 | BOOST_CHECK_EQUAL(nValidated, 1); |
| 189 | BOOST_CHECK_EQUAL(nFailed, 0); |
| 190 | |
| 191 | validator.validate(i1, [&] (auto&&...) { ++nValidated; }, [&] (auto&&...) { ++nFailed; }); |
| 192 | BOOST_CHECK_EQUAL(nValidated, 1); |
| 193 | BOOST_CHECK_EQUAL(nFailed, 1); |
| 194 | |
| 195 | auto i2 = signer.makeCommandInterest("/hello/world"); |
| 196 | validator.validate(i2, [&] (auto&&...) { ++nValidated; }, [&] (auto&&...) { ++nFailed; }); |
| 197 | BOOST_CHECK_EQUAL(nValidated, 2); |
| 198 | BOOST_CHECK_EQUAL(nFailed, 1); |
| 199 | } |
Alexander Afanasyev | 31fd467 | 2018-06-17 13:25:52 -0400 | [diff] [blame] | 200 | |
Junxiao Shi | d5827ce | 2016-07-14 20:49:37 +0000 | [diff] [blame] | 201 | BOOST_AUTO_TEST_SUITE_END() // TestValidatorConfig |
| 202 | BOOST_AUTO_TEST_SUITE_END() // Security |
Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 203 | |
| 204 | } // namespace tests |
Alexander Afanasyev | e4f8c3b | 2016-06-23 16:03:48 -0700 | [diff] [blame] | 205 | } // namespace security |
Yingdi Yu | 4154634 | 2014-11-30 23:37:53 -0800 | [diff] [blame] | 206 | } // namespace ndn |