Yingdi Yu | 4270f20 | 2014-01-28 14:19:16 -0800 | [diff] [blame] | 1 | /** |
| 2 | * Copyright (C) 2013 Regents of the University of California. |
| 3 | * @author: Yingdi Yu <yingdi0@cs.ucla.edu> |
| 4 | * See COPYING for copyright and distribution information. |
| 5 | */ |
| 6 | |
| 7 | #include <boost/test/unit_test.hpp> |
| 8 | |
| 9 | #include "security/key-chain.hpp" |
Yingdi Yu | 6ac9798 | 2014-01-30 14:49:21 -0800 | [diff] [blame] | 10 | #include "security/validator.hpp" |
Alexander Afanasyev | 9cbf70a | 2014-02-17 18:07:51 -0800 | [diff] [blame] | 11 | |
| 12 | #include "helpers/command-interest-generator.hpp" |
| 13 | #include "helpers/command-interest-validator.hpp" |
Yingdi Yu | 4270f20 | 2014-01-28 14:19:16 -0800 | [diff] [blame] | 14 | |
| 15 | using namespace std; |
Alexander Afanasyev | 0abb2da | 2014-01-30 18:07:57 -0800 | [diff] [blame] | 16 | namespace ndn { |
Yingdi Yu | 4270f20 | 2014-01-28 14:19:16 -0800 | [diff] [blame] | 17 | |
| 18 | BOOST_AUTO_TEST_SUITE(TestSignedInterest) |
| 19 | |
Alexander Afanasyev | 9cbf70a | 2014-02-17 18:07:51 -0800 | [diff] [blame] | 20 | BOOST_AUTO_TEST_CASE (SignedInterest) |
Yingdi Yu | 4270f20 | 2014-01-28 14:19:16 -0800 | [diff] [blame] | 21 | { |
| 22 | KeyChainImpl<SecPublicInfoSqlite3, SecTpmFile> keyChain; |
| 23 | |
Yingdi Yu | 2e57a58 | 2014-02-20 23:34:43 -0800 | [diff] [blame] | 24 | Name identityName("/TestSignedInterest/SignVerify/" + boost::lexical_cast<string>(time::now())); |
Yingdi Yu | 17bc301 | 2014-02-10 17:37:12 -0800 | [diff] [blame] | 25 | Name certificateName; |
| 26 | BOOST_REQUIRE_NO_THROW(certificateName = keyChain.createIdentity(identityName)); |
Yingdi Yu | 4270f20 | 2014-01-28 14:19:16 -0800 | [diff] [blame] | 27 | |
Yingdi Yu | 17bc301 | 2014-02-10 17:37:12 -0800 | [diff] [blame] | 28 | Interest interest("/TestSignedInterest/SignVerify/Interest1"); |
Yingdi Yu | 2e57a58 | 2014-02-20 23:34:43 -0800 | [diff] [blame] | 29 | BOOST_CHECK_NO_THROW(keyChain.signByIdentity(interest, identityName)); |
Yingdi Yu | 4270f20 | 2014-01-28 14:19:16 -0800 | [diff] [blame] | 30 | |
| 31 | Block interestBlock(interest.wireEncode().wire(), interest.wireEncode().size()); |
| 32 | |
| 33 | Interest interest2; |
| 34 | interest2.wireDecode(interestBlock); |
| 35 | |
Yingdi Yu | 2e57a58 | 2014-02-20 23:34:43 -0800 | [diff] [blame] | 36 | shared_ptr<PublicKey> publicKey; |
| 37 | BOOST_REQUIRE_NO_THROW(publicKey = keyChain.getPublicKeyFromTpm(keyChain.getDefaultKeyNameForIdentity(identityName))); |
Yingdi Yu | 6ac9798 | 2014-01-30 14:49:21 -0800 | [diff] [blame] | 38 | bool result = Validator::verifySignature(interest2, *publicKey); |
Yingdi Yu | 4270f20 | 2014-01-28 14:19:16 -0800 | [diff] [blame] | 39 | |
Yingdi Yu | 17bc301 | 2014-02-10 17:37:12 -0800 | [diff] [blame] | 40 | BOOST_CHECK_EQUAL(result, true); |
| 41 | |
Yingdi Yu | 2e57a58 | 2014-02-20 23:34:43 -0800 | [diff] [blame] | 42 | keyChain.deleteIdentity(identityName); |
Yingdi Yu | 4270f20 | 2014-01-28 14:19:16 -0800 | [diff] [blame] | 43 | } |
| 44 | |
Alexander Afanasyev | 9cbf70a | 2014-02-17 18:07:51 -0800 | [diff] [blame] | 45 | class CommandInterestFixture |
| 46 | { |
| 47 | public: |
| 48 | CommandInterestFixture() |
| 49 | : m_validity(false) |
| 50 | {} |
| 51 | |
| 52 | void |
| 53 | validated(const shared_ptr<const Interest>& interest) |
| 54 | { m_validity = true; } |
| 55 | |
| 56 | void |
Yingdi Yu | 40587c0 | 2014-02-21 16:40:48 -0800 | [diff] [blame] | 57 | validationFailed(const shared_ptr<const Interest>& interest, const string& failureInfo) |
| 58 | { |
| 59 | m_validity = false; |
| 60 | } |
Alexander Afanasyev | 9cbf70a | 2014-02-17 18:07:51 -0800 | [diff] [blame] | 61 | |
| 62 | void |
| 63 | reset() |
| 64 | { m_validity = false; } |
| 65 | |
| 66 | bool m_validity; |
| 67 | }; |
| 68 | |
| 69 | BOOST_FIXTURE_TEST_CASE (CommandInterest, CommandInterestFixture) |
| 70 | { |
| 71 | KeyChain keyChain; |
Yingdi Yu | 40587c0 | 2014-02-21 16:40:48 -0800 | [diff] [blame] | 72 | Name identity("/TestCommandInterest/Validation/" + boost::lexical_cast<string>(time::now())); |
Alexander Afanasyev | 9cbf70a | 2014-02-17 18:07:51 -0800 | [diff] [blame] | 73 | Name certName; |
| 74 | BOOST_REQUIRE_NO_THROW(certName = keyChain.createIdentity(identity)); |
| 75 | |
| 76 | CommandInterestGenerator generator; |
| 77 | CommandInterestValidator validator; |
| 78 | |
| 79 | validator.addInterestRule("^<TestCommandInterest><Validation>", *keyChain.getCertificate(certName)); |
| 80 | |
| 81 | //Test a legitimate command |
| 82 | shared_ptr<Interest> commandInterest1 = make_shared<Interest>("/TestCommandInterest/Validation/Command1"); |
| 83 | generator.generateWithIdentity(*commandInterest1, identity); |
| 84 | validator.validate(*commandInterest1, |
| 85 | bind(&CommandInterestFixture::validated, this, _1), |
Yingdi Yu | 40587c0 | 2014-02-21 16:40:48 -0800 | [diff] [blame] | 86 | bind(&CommandInterestFixture::validationFailed, this, _1, _2)); |
Alexander Afanasyev | 9cbf70a | 2014-02-17 18:07:51 -0800 | [diff] [blame] | 87 | |
| 88 | BOOST_CHECK_EQUAL(m_validity, true); |
| 89 | |
| 90 | //Test an outdated command |
| 91 | reset(); |
| 92 | shared_ptr<Interest> commandInterest2 = make_shared<Interest>("/TestCommandInterest/Validation/Command2"); |
| 93 | int64_t timestamp = time::now() / 1000000; |
| 94 | timestamp -= 5000; |
| 95 | Name commandName = commandInterest2->getName(); |
| 96 | commandName |
| 97 | .append(name::Component::fromNumber(timestamp)) |
| 98 | .append(name::Component::fromNumber(random::generateWord64())); |
| 99 | commandInterest2->setName(commandName); |
| 100 | |
| 101 | keyChain.signByIdentity(*commandInterest2, identity); |
| 102 | validator.validate(*commandInterest2, |
| 103 | bind(&CommandInterestFixture::validated, this, _1), |
Yingdi Yu | 40587c0 | 2014-02-21 16:40:48 -0800 | [diff] [blame] | 104 | bind(&CommandInterestFixture::validationFailed, this, _1, _2)); |
Alexander Afanasyev | 9cbf70a | 2014-02-17 18:07:51 -0800 | [diff] [blame] | 105 | |
| 106 | BOOST_CHECK_EQUAL(m_validity, false); |
| 107 | |
| 108 | //Test an unauthorized command |
| 109 | Name identity2("/TestCommandInterest/Validation2"); |
| 110 | Name certName2; |
| 111 | BOOST_REQUIRE_NO_THROW(certName2 = keyChain.createIdentity(identity2)); |
| 112 | |
| 113 | shared_ptr<Interest> commandInterest3 = make_shared<Interest>("/TestCommandInterest/Validation/Command3"); |
| 114 | generator.generateWithIdentity(*commandInterest3, identity2); |
| 115 | validator.validate(*commandInterest3, |
| 116 | bind(&CommandInterestFixture::validated, this, _1), |
Yingdi Yu | 40587c0 | 2014-02-21 16:40:48 -0800 | [diff] [blame] | 117 | bind(&CommandInterestFixture::validationFailed, this, _1, _2)); |
Alexander Afanasyev | 9cbf70a | 2014-02-17 18:07:51 -0800 | [diff] [blame] | 118 | |
| 119 | BOOST_CHECK_EQUAL(m_validity, false); |
| 120 | |
| 121 | //Test another unauthorized command |
| 122 | shared_ptr<Interest> commandInterest4 = make_shared<Interest>("/TestCommandInterest/Validation2/Command"); |
| 123 | generator.generateWithIdentity(*commandInterest4, identity); |
| 124 | validator.validate(*commandInterest4, |
| 125 | bind(&CommandInterestFixture::validated, this, _1), |
Yingdi Yu | 40587c0 | 2014-02-21 16:40:48 -0800 | [diff] [blame] | 126 | bind(&CommandInterestFixture::validationFailed, this, _1, _2)); |
Alexander Afanasyev | 9cbf70a | 2014-02-17 18:07:51 -0800 | [diff] [blame] | 127 | |
| 128 | BOOST_CHECK_EQUAL(m_validity, false); |
| 129 | |
| 130 | BOOST_CHECK_NO_THROW(keyChain.deleteIdentity(identity)); |
| 131 | BOOST_CHECK_NO_THROW(keyChain.deleteIdentity(identity2)); |
| 132 | } |
| 133 | |
| 134 | |
Yingdi Yu | 4270f20 | 2014-01-28 14:19:16 -0800 | [diff] [blame] | 135 | BOOST_AUTO_TEST_SUITE_END() |
Alexander Afanasyev | 0abb2da | 2014-01-30 18:07:57 -0800 | [diff] [blame] | 136 | |
| 137 | } // namespace ndn |