blob: dac69131a9bfa18bf85e23d7279ea4cee43ce96e [file] [log] [blame]
Yingdi Yu41546342014-11-30 23:37:53 -08001/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Junxiao Shi2bea5c42017-08-14 20:10:32 +00002/*
Alexander Afanasyev09236c22020-06-03 13:42:38 -04003 * Copyright (c) 2013-2020 Regents of the University of California.
Yingdi Yu41546342014-11-30 23:37:53 -08004 *
5 * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
6 *
7 * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8 * terms of the GNU Lesser General Public License as published by the Free Software
9 * Foundation, either version 3 of the License, or (at your option) any later version.
10 *
11 * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License and GNU Lesser
16 * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17 * <http://www.gnu.org/licenses/>.
18 *
19 * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
20 */
21
Davide Pesavento7e780642018-11-24 15:51:34 -050022#include "ndn-cxx/security/validator-config.hpp"
Alexander Afanasyev09236c22020-06-03 13:42:38 -040023#include "ndn-cxx/security/certificate-fetcher-offline.hpp"
Davide Pesavento7e780642018-11-24 15:51:34 -050024#include "ndn-cxx/security/command-interest-signer.hpp"
Davide Pesavento7e780642018-11-24 15:51:34 -050025#include "ndn-cxx/util/dummy-client-face.hpp"
Yingdi Yu41546342014-11-30 23:37:53 -080026
Davide Pesavento7e780642018-11-24 15:51:34 -050027#include "tests/boost-test.hpp"
28#include "tests/identity-management-fixture.hpp"
Alexander Afanasyev09236c22020-06-03 13:42:38 -040029#include "tests/unit/security/validator-config/common.hpp"
Yingdi Yu41546342014-11-30 23:37:53 -080030
Yingdi Yu41546342014-11-30 23:37:53 -080031namespace ndn {
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -070032namespace security {
Yingdi Yu41546342014-11-30 23:37:53 -080033namespace tests {
34
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -070035using namespace ndn::tests;
Yingdi Yu41546342014-11-30 23:37:53 -080036
Junxiao Shid5827ce2016-07-14 20:49:37 +000037BOOST_AUTO_TEST_SUITE(Security)
Alexander Afanasyeve5a19b82017-01-30 22:30:46 -080038BOOST_FIXTURE_TEST_SUITE(TestValidatorConfig, IdentityManagementFixture)
Alexander Afanasyev70244f42017-01-04 12:47:12 -080039
Alexander Afanasyeve5a19b82017-01-30 22:30:46 -080040// This test only for API, actual tests are in ValidationPolicyConfig and corresponding CertificateFetchers
41
42BOOST_AUTO_TEST_CASE(Construct)
43{
44 util::DummyClientFace face;
45
46 ValidatorConfig v1(face);
47 BOOST_CHECK_EQUAL(v1.m_policyConfig.m_isConfigured, false);
48
49 ValidatorConfig v2(make_unique<v2::CertificateFetcherOffline>());
50 BOOST_CHECK_EQUAL(v2.m_policyConfig.m_isConfigured, false);
51}
52
53class ValidatorConfigFixture : public IdentityManagementFixture
Alexander Afanasyev70244f42017-01-04 12:47:12 -080054{
55public:
56 ValidatorConfigFixture()
Alexander Afanasyeve5a19b82017-01-30 22:30:46 -080057 : path(boost::filesystem::path(UNIT_TEST_CONFIG_PATH) / "security" / "validator-config")
58 , validator(make_unique<v2::CertificateFetcherOffline>())
Alexander Afanasyev70244f42017-01-04 12:47:12 -080059 {
Alexander Afanasyeve5a19b82017-01-30 22:30:46 -080060 boost::filesystem::create_directories(path);
61 config = R"CONF(
62 trust-anchor
63 {
64 type any
65 }
66 )CONF";
67 configFile = (this->path / "config.conf").string();
68 std::ofstream f(configFile.c_str());
69 f << config;
70 }
71
72 ~ValidatorConfigFixture()
73 {
74 boost::filesystem::remove_all(path);
Alexander Afanasyev70244f42017-01-04 12:47:12 -080075 }
76
77public:
Alexander Afanasyeve5a19b82017-01-30 22:30:46 -080078 const boost::filesystem::path path;
79 std::string config;
80 std::string configFile;
Alexander Afanasyev70244f42017-01-04 12:47:12 -080081 ValidatorConfig validator;
82};
83
Alexander Afanasyeve5a19b82017-01-30 22:30:46 -080084BOOST_FIXTURE_TEST_SUITE(Loads, ValidatorConfigFixture)
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -070085
Alexander Afanasyeve5a19b82017-01-30 22:30:46 -080086BOOST_AUTO_TEST_CASE(FromFile)
Yingdi Yu41546342014-11-30 23:37:53 -080087{
Alexander Afanasyeve5a19b82017-01-30 22:30:46 -080088 validator.load(configFile);
89 BOOST_CHECK_EQUAL(validator.m_policyConfig.m_isConfigured, true);
Alexander Afanasyev6aff0242017-08-29 17:14:44 -040090
91 // should reload policy
92 validator.load(configFile);
93 BOOST_CHECK_EQUAL(validator.m_policyConfig.m_isConfigured, true);
Yingdi Yu41546342014-11-30 23:37:53 -080094}
95
Alexander Afanasyeve5a19b82017-01-30 22:30:46 -080096BOOST_AUTO_TEST_CASE(FromString)
Yingdi Yu41546342014-11-30 23:37:53 -080097{
Alexander Afanasyeve5a19b82017-01-30 22:30:46 -080098 validator.load(config, "config-file-from-string");
99 BOOST_CHECK_EQUAL(validator.m_policyConfig.m_isConfigured, true);
Alexander Afanasyev6aff0242017-08-29 17:14:44 -0400100
101 // should reload policy
102 validator.load(config, "config-file-from-string");
103 BOOST_CHECK_EQUAL(validator.m_policyConfig.m_isConfigured, true);
Yingdi Yu41546342014-11-30 23:37:53 -0800104}
105
Alexander Afanasyeve5a19b82017-01-30 22:30:46 -0800106BOOST_AUTO_TEST_CASE(FromIstream)
Yingdi Yu41546342014-11-30 23:37:53 -0800107{
Alexander Afanasyeve5a19b82017-01-30 22:30:46 -0800108 std::istringstream is(config);
109 validator.load(is, "config-file-from-istream");
110 BOOST_CHECK_EQUAL(validator.m_policyConfig.m_isConfigured, true);
Alexander Afanasyev6aff0242017-08-29 17:14:44 -0400111
112 // should reload policy
113 std::istringstream is2(config);
114 validator.load(is2, "config-file-from-istream");
115 BOOST_CHECK_EQUAL(validator.m_policyConfig.m_isConfigured, true);
Yingdi Yu41546342014-11-30 23:37:53 -0800116}
117
Alexander Afanasyeve5a19b82017-01-30 22:30:46 -0800118BOOST_AUTO_TEST_CASE(FromSection)
Yingdi Yu41546342014-11-30 23:37:53 -0800119{
Alexander Afanasyeve5a19b82017-01-30 22:30:46 -0800120 validator.load(v2::validator_config::tests::makeSection(config), "config-file-from-section");
121 BOOST_CHECK_EQUAL(validator.m_policyConfig.m_isConfigured, true);
Alexander Afanasyev6aff0242017-08-29 17:14:44 -0400122
123 // should reload policy
124 validator.load(v2::validator_config::tests::makeSection(config), "config-file-from-section");
125 BOOST_CHECK_EQUAL(validator.m_policyConfig.m_isConfigured, true);
Yingdi Yu41546342014-11-30 23:37:53 -0800126}
127
Alexander Afanasyeve5a19b82017-01-30 22:30:46 -0800128BOOST_AUTO_TEST_SUITE_END() // Loads
Zhiyi Zhang48becde2017-01-05 16:41:38 -0800129
Alexander Afanasyev31fd4672018-06-17 13:25:52 -0400130
131BOOST_FIXTURE_TEST_CASE(ValidateCommandInterestWithDigestSha256, ValidatorConfigFixture) // Bug 4635
132{
133 validator.load(configFile);
134
Eric Newberry1caa6342020-08-23 19:29:08 -0700135 InterestSigner signer(m_keyChain);
Alexander Afanasyev31fd4672018-06-17 13:25:52 -0400136 auto i = signer.makeCommandInterest("/hello/world/CMD", signingWithSha256());
137 size_t nValidated = 0, nFailed = 0;
138
139 validator.validate(i, [&] (auto&&...) { ++nValidated; }, [&] (auto&&...) { ++nFailed; });
140 BOOST_CHECK_EQUAL(nValidated, 1);
141 BOOST_CHECK_EQUAL(nFailed, 0);
142
143 validator.validate(i, [&] (auto&&...) { ++nValidated; }, [&] (auto&&...) { ++nFailed; });
144 BOOST_CHECK_EQUAL(nValidated, 1);
145 BOOST_CHECK_EQUAL(nFailed, 1);
146
147 i = signer.makeCommandInterest("/hello/world/CMD", signingWithSha256());
148 validator.validate(i, [&] (auto&&...) { ++nValidated; }, [&] (auto&&...) { ++nFailed; });
149 BOOST_CHECK_EQUAL(nValidated, 2);
150 BOOST_CHECK_EQUAL(nFailed, 1);
151}
152
Eric Newberry1caa6342020-08-23 19:29:08 -0700153BOOST_FIXTURE_TEST_CASE(ValidateSignedInterest, ValidatorConfigFixture)
154{
155 validator.load(configFile);
156
157 InterestSigner signer(m_keyChain);
158 Interest i1("/hello/world");
159 i1.setCanBePrefix(false);
160 signer.makeSignedInterest(i1);
161 size_t nValidated = 0, nFailed = 0;
162
163 validator.validate(i1, [&] (auto&&...) { ++nValidated; }, [&] (auto&&...) { ++nFailed; });
164 BOOST_CHECK_EQUAL(nValidated, 1);
165 BOOST_CHECK_EQUAL(nFailed, 0);
166
167 validator.validate(i1, [&] (auto&&...) { ++nValidated; }, [&] (auto&&...) { ++nFailed; });
168 BOOST_CHECK_EQUAL(nValidated, 1);
169 BOOST_CHECK_EQUAL(nFailed, 1);
170
171 Interest i2("/hello/world");
172 i2.setCanBePrefix(false);
173 signer.makeSignedInterest(i2, signingWithSha256());
174 validator.validate(i2, [&] (auto&&...) { ++nValidated; }, [&] (auto&&...) { ++nFailed; });
175 BOOST_CHECK_EQUAL(nValidated, 2);
176 BOOST_CHECK_EQUAL(nFailed, 1);
177}
178
179BOOST_FIXTURE_TEST_CASE(ValidateCommandInterest, ValidatorConfigFixture)
180{
181 validator.load(configFile);
182
183 InterestSigner signer(m_keyChain);
184 auto i1 = signer.makeCommandInterest("/hello/world");
185 size_t nValidated = 0, nFailed = 0;
186
187 validator.validate(i1, [&] (auto&&...) { ++nValidated; }, [&] (auto&&...) { ++nFailed; });
188 BOOST_CHECK_EQUAL(nValidated, 1);
189 BOOST_CHECK_EQUAL(nFailed, 0);
190
191 validator.validate(i1, [&] (auto&&...) { ++nValidated; }, [&] (auto&&...) { ++nFailed; });
192 BOOST_CHECK_EQUAL(nValidated, 1);
193 BOOST_CHECK_EQUAL(nFailed, 1);
194
195 auto i2 = signer.makeCommandInterest("/hello/world");
196 validator.validate(i2, [&] (auto&&...) { ++nValidated; }, [&] (auto&&...) { ++nFailed; });
197 BOOST_CHECK_EQUAL(nValidated, 2);
198 BOOST_CHECK_EQUAL(nFailed, 1);
199}
Alexander Afanasyev31fd4672018-06-17 13:25:52 -0400200
Junxiao Shid5827ce2016-07-14 20:49:37 +0000201BOOST_AUTO_TEST_SUITE_END() // TestValidatorConfig
202BOOST_AUTO_TEST_SUITE_END() // Security
Yingdi Yu41546342014-11-30 23:37:53 -0800203
204} // namespace tests
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700205} // namespace security
Yingdi Yu41546342014-11-30 23:37:53 -0800206} // namespace ndn