Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / 2ea079316b2ff5a361f56d4a7ab7876cefb35592 / . / tests / identity-management-fixture.cpp
blob: b92402445823b3f6cd0e95cba4ada3ec02f82cbb [file] [log] [blame]
Yingdi Yud9715e32014-06-27 08:48:47 -0700[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
2/**
Zhiyi Zhang1e164cc2017-01-03 11:04:35 -0800[diff] [blame]3 * Copyright (c) 2013-2017 Regents of the University of California.
Yingdi Yud9715e32014-06-27 08:48:47 -0700[diff] [blame]4 *
5 * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
6 *
7 * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8 * terms of the GNU Lesser General Public License as published by the Free Software
9 * Foundation, either version 3 of the License, or (at your option) any later version.
10 *
11 * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License and GNU Lesser
16 * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17 * <http://www.gnu.org/licenses/>.
18 *
19 * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
20 */
21
22#include "identity-management-fixture.hpp"
Zhiyi Zhang0a939b42016-11-16 14:27:20 -0800[diff] [blame]23#include "util/io.hpp"
Alexander Afanasyevfc99b512017-01-04 11:10:36 -0800[diff] [blame]24#include "security/v2/additional-description.hpp"
Zhiyi Zhang0a939b42016-11-16 14:27:20 -0800[diff] [blame]25
26#include <boost/filesystem.hpp>
Yingdi Yud9715e32014-06-27 08:48:47 -0700[diff] [blame]27
28namespace ndn {
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame]29namespace tests {
Yingdi Yud9715e32014-06-27 08:48:47 -0700[diff] [blame]30
Alexander Afanasyevfc99b512017-01-04 11:10:36 -0800[diff] [blame]31namespace v1 = security::v1;
32namespace v2 = security::v2;
Yingdi Yud9715e32014-06-27 08:48:47 -0700[diff] [blame]33
Alexander Afanasyevfc99b512017-01-04 11:10:36 -0800[diff] [blame]34IdentityManagementBaseFixture::~IdentityManagementBaseFixture()
Yingdi Yud9715e32014-06-27 08:48:47 -0700[diff] [blame]35{
Zhiyi Zhang0a939b42016-11-16 14:27:20 -0800[diff] [blame]36 boost::system::error_code ec;
37 for (const auto& certFile : m_certFiles) {
38 boost::filesystem::remove(certFile, ec); // ignore error
39 }
Yingdi Yud9715e32014-06-27 08:48:47 -0700[diff] [blame]40}
41
42bool
Alexander Afanasyevfc99b512017-01-04 11:10:36 -0800[diff] [blame]43IdentityManagementBaseFixture::saveCertToFile(const Data& obj, const std::string& filename)
Yingdi Yud9715e32014-06-27 08:48:47 -0700[diff] [blame]44{
Alexander Afanasyevfc99b512017-01-04 11:10:36 -0800[diff] [blame]45 m_certFiles.insert(filename);
Yingdi Yud9715e32014-06-27 08:48:47 -0700[diff] [blame]46 try {
Alexander Afanasyevfc99b512017-01-04 11:10:36 -0800[diff] [blame]47 io::save(obj, filename);
Zhiyi Zhang0a939b42016-11-16 14:27:20 -0800[diff] [blame]48 return true;
49 }
Alexander Afanasyev4c9a3d52017-01-03 17:45:19 -0800[diff] [blame]50 catch (const io::Error&) {
Zhiyi Zhang0a939b42016-11-16 14:27:20 -0800[diff] [blame]51 return false;
52 }
53}
54
Alexander Afanasyevfc99b512017-01-04 11:10:36 -0800[diff] [blame]55IdentityManagementV1Fixture::~IdentityManagementV1Fixture()
56{
57 for (const auto& identity : m_identities) {
58 m_keyChain.deleteIdentity(identity);
59 }
60}
61
62Name
63IdentityManagementV1Fixture::addIdentity(const Name& identity, const KeyParams& params)
64{
65 Name certName = m_keyChain.createIdentity(identity, params);
66 m_identities.insert(identity);
67 return certName;
68}
69
Zhiyi Zhang1e164cc2017-01-03 11:04:35 -0800[diff] [blame]70bool
Alexander Afanasyevfc99b512017-01-04 11:10:36 -0800[diff] [blame]71IdentityManagementV1Fixture::saveIdentityCertificate(const Name& certName, const std::string& filename)
72{
73 try {
74 auto cert = m_keyChain.getCertificate(certName);
75 return saveCertToFile(*cert, filename);
76 }
77 catch (const v1::SecPublicInfo::Error&) {
78 return false;
79 }
80}
81
82bool
83IdentityManagementV1Fixture::addSubCertificate(const Name& subIdentity, const Name& issuer, const KeyParams& params)
Zhiyi Zhang1e164cc2017-01-03 11:04:35 -0800[diff] [blame]84{
85 if (!m_keyChain.doesIdentityExist(issuer))
86 return false;
Alexander Afanasyevfc99b512017-01-04 11:10:36 -0800[diff] [blame]87 if (!m_keyChain.doesIdentityExist(subIdentity)) {
88 addIdentity(subIdentity, params);
Zhiyi Zhang1e164cc2017-01-03 11:04:35 -0800[diff] [blame]89 }
90 Name identityKeyName;
91 try {
Alexander Afanasyevfc99b512017-01-04 11:10:36 -0800[diff] [blame]92 identityKeyName = m_keyChain.getDefaultKeyNameForIdentity(subIdentity);
Zhiyi Zhang1e164cc2017-01-03 11:04:35 -0800[diff] [blame]93 }
Alexander Afanasyevfc99b512017-01-04 11:10:36 -0800[diff] [blame]94 catch (const v1::SecPublicInfo::Error&) {
95 identityKeyName = m_keyChain.generateRsaKeyPairAsDefault(subIdentity, true);
Zhiyi Zhang1e164cc2017-01-03 11:04:35 -0800[diff] [blame]96 }
Alexander Afanasyevfc99b512017-01-04 11:10:36 -0800[diff] [blame]97 std::vector<v1::CertificateSubjectDescription> subjectDescription;
98 shared_ptr<v1::IdentityCertificate> identityCert =
Zhiyi Zhang1e164cc2017-01-03 11:04:35 -0800[diff] [blame]99 m_keyChain.prepareUnsignedIdentityCertificate(identityKeyName,
100 issuer,
101 time::system_clock::now(),
102 time::system_clock::now() + time::days(7300),
103 subjectDescription);
Alexander Afanasyevfc99b512017-01-04 11:10:36 -0800[diff] [blame]104 m_keyChain.sign(*identityCert, signingByIdentity(issuer));
Zhiyi Zhang1e164cc2017-01-03 11:04:35 -0800[diff] [blame]105 m_keyChain.addCertificateAsIdentityDefault(*identityCert);
106 return true;
107}
108
Alexander Afanasyevfc99b512017-01-04 11:10:36 -0800[diff] [blame]109IdentityManagementV2Fixture::IdentityManagementV2Fixture()
110 : m_keyChain("pib-memory:", "tpm-memory:")
111{
112}
113
114security::Identity
115IdentityManagementV2Fixture::addIdentity(const Name& identityName, const KeyParams& params)
116{
117 auto identity = m_keyChain.createIdentity(identityName, params);
118 m_identities.insert(identityName);
119 return identity;
120}
121
122bool
123IdentityManagementV2Fixture::saveIdentityCertificate(const security::Identity& identity,
124 const std::string& filename)
125{
126 try {
127 auto cert = identity.getDefaultKey().getDefaultCertificate();
128 return saveCertToFile(cert, filename);
129 }
130 catch (const security::Pib::Error&) {
131 return false;
132 }
133}
134
135security::Identity
136IdentityManagementV2Fixture::addSubCertificate(const Name& subIdentityName,
137 const security::Identity& issuer, const KeyParams& params)
138{
139 auto subIdentity = addIdentity(subIdentityName, params);
140
141 v2::Certificate request = subIdentity.getDefaultKey().getDefaultCertificate();
142
143 request.setName(request.getKeyName().append("parent").appendVersion());
144
145 SignatureInfo info;
146 info.setValidityPeriod(security::ValidityPeriod(time::system_clock::now(),
147 time::system_clock::now() + time::days(7300)));
148
149 v2::AdditionalDescription description;
150 description.set("type", "sub-certificate");
151 info.appendTypeSpecificTlv(description.wireEncode());
152
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]153 m_keyChain.sign(request, signingByIdentity(issuer).setSignatureInfo(info));
Alexander Afanasyevfc99b512017-01-04 11:10:36 -0800[diff] [blame]154 m_keyChain.setDefaultCertificate(subIdentity.getDefaultKey(), request);
155
156 return subIdentity;
157}
158
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]159v2::Certificate
160IdentityManagementV2Fixture::addCertificate(const security::Key& key, const std::string& issuer)
161{
162 Name certificateName = key.getName();
163 certificateName
164 .append(issuer)
165 .appendVersion();
166 v2::Certificate certificate;
167 certificate.setName(certificateName);
168
169 // set metainfo
170 certificate.setContentType(tlv::ContentType_Key);
171 certificate.setFreshnessPeriod(time::hours(1));
172
173 // set content
174 certificate.setContent(key.getPublicKey().buf(), key.getPublicKey().size());
175
176 // set signature-info
177 SignatureInfo info;
178 info.setValidityPeriod(security::ValidityPeriod(time::system_clock::now(),
179 time::system_clock::now() + time::days(10)));
180
181 m_keyChain.sign(certificate, signingByKey(key).setSignatureInfo(info));
182 return certificate;
183}
184
185
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame]186} // namespace tests
Yingdi Yud9715e32014-06-27 08:48:47 -0700[diff] [blame]187} // namespace ndn