Alexander Afanasyev | c169a81 | 2014-05-20 20:37:29 -0400 | [diff] [blame] | 1 | /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */ |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 2 | /** |
Alexander Afanasyev | c169a81 | 2014-05-20 20:37:29 -0400 | [diff] [blame] | 3 | * Copyright (c) 2013-2014 Regents of the University of California. |
Alexander Afanasyev | dfa52c4 | 2014-04-24 21:10:11 -0700 | [diff] [blame] | 4 | * |
| 5 | * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions). |
Alexander Afanasyev | dfa52c4 | 2014-04-24 21:10:11 -0700 | [diff] [blame] | 6 | * |
Alexander Afanasyev | c169a81 | 2014-05-20 20:37:29 -0400 | [diff] [blame] | 7 | * ndn-cxx library is free software: you can redistribute it and/or modify it under the |
| 8 | * terms of the GNU Lesser General Public License as published by the Free Software |
| 9 | * Foundation, either version 3 of the License, or (at your option) any later version. |
| 10 | * |
| 11 | * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY |
| 12 | * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A |
| 13 | * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. |
| 14 | * |
| 15 | * You should have received copies of the GNU General Public License and GNU Lesser |
| 16 | * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see |
| 17 | * <http://www.gnu.org/licenses/>. |
| 18 | * |
| 19 | * See AUTHORS.md for complete list of ndn-cxx authors and contributors. |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 20 | */ |
| 21 | |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 22 | #include "security/key-chain.hpp" |
Yingdi Yu | f56c68f | 2014-04-24 21:50:13 -0700 | [diff] [blame] | 23 | #include <boost/filesystem.hpp> |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 24 | |
Alexander Afanasyev | b1db7c6 | 2014-04-03 14:57:25 -0700 | [diff] [blame] | 25 | #include "boost-test.hpp" |
| 26 | |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 27 | namespace ndn { |
Yingdi Yu | f56c68f | 2014-04-24 21:50:13 -0700 | [diff] [blame] | 28 | namespace tests { |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 29 | |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 30 | using std::vector; |
| 31 | |
Yingdi Yu | f56c68f | 2014-04-24 21:50:13 -0700 | [diff] [blame] | 32 | class KeychainConfigFileFixture |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 33 | { |
Yingdi Yu | f56c68f | 2014-04-24 21:50:13 -0700 | [diff] [blame] | 34 | public: |
| 35 | KeychainConfigFileFixture() |
| 36 | { |
| 37 | if (std::getenv("TEST_HOME")) |
| 38 | m_HOME = std::getenv("TEST_HOME"); |
| 39 | } |
| 40 | |
| 41 | ~KeychainConfigFileFixture() |
| 42 | { |
| 43 | if (!m_HOME.empty()) |
| 44 | setenv("TEST_HOME", m_HOME.c_str(), 1); |
| 45 | else |
| 46 | unsetenv("TEST_HOME"); |
| 47 | } |
| 48 | |
| 49 | protected: |
| 50 | std::string m_HOME; |
| 51 | }; |
| 52 | |
| 53 | BOOST_FIXTURE_TEST_SUITE(SecurityTestKeyChain, KeychainConfigFileFixture) |
| 54 | |
| 55 | BOOST_AUTO_TEST_CASE(ConstructorNormalConfig) |
| 56 | { |
| 57 | using namespace boost::filesystem; |
| 58 | |
Alexander Afanasyev | 8b1674a | 2014-05-15 00:58:43 -0700 | [diff] [blame] | 59 | setenv("TEST_HOME", "tests/unit-tests/security/config-file-home", 1); |
Yingdi Yu | f56c68f | 2014-04-24 21:50:13 -0700 | [diff] [blame] | 60 | |
| 61 | BOOST_REQUIRE_NO_THROW(KeyChain()); |
| 62 | |
| 63 | path pibPath(absolute(std::getenv("TEST_HOME"))); |
| 64 | pibPath /= ".ndn/ndnsec-public-info.db"; |
| 65 | |
| 66 | boost::filesystem::remove(pibPath); |
| 67 | } |
| 68 | |
| 69 | BOOST_AUTO_TEST_CASE(ConstructorEmptyConfig) |
| 70 | { |
| 71 | using namespace boost::filesystem; |
| 72 | |
Alexander Afanasyev | 8b1674a | 2014-05-15 00:58:43 -0700 | [diff] [blame] | 73 | setenv("TEST_HOME", "tests/unit-tests/security/config-file-empty-home", 1); |
Yingdi Yu | f56c68f | 2014-04-24 21:50:13 -0700 | [diff] [blame] | 74 | |
| 75 | BOOST_REQUIRE_NO_THROW(KeyChain()); |
| 76 | |
| 77 | path pibPath(absolute(std::getenv("TEST_HOME"))); |
| 78 | pibPath /= ".ndn/ndnsec-public-info.db"; |
| 79 | |
| 80 | boost::filesystem::remove(pibPath); |
| 81 | } |
| 82 | |
| 83 | BOOST_AUTO_TEST_CASE(ConstructorMalConfig) |
| 84 | { |
| 85 | using namespace boost::filesystem; |
| 86 | |
Alexander Afanasyev | 8b1674a | 2014-05-15 00:58:43 -0700 | [diff] [blame] | 87 | setenv("TEST_HOME", "tests/unit-tests/security/config-file-malformed-home", 1); |
Yingdi Yu | f56c68f | 2014-04-24 21:50:13 -0700 | [diff] [blame] | 88 | |
| 89 | BOOST_REQUIRE_THROW(KeyChain(), KeyChain::Error); // Wrong configuration. Error expected. |
| 90 | } |
| 91 | |
| 92 | BOOST_AUTO_TEST_CASE(ConstructorMal2Config) |
| 93 | { |
| 94 | using namespace boost::filesystem; |
| 95 | |
Alexander Afanasyev | 8b1674a | 2014-05-15 00:58:43 -0700 | [diff] [blame] | 96 | setenv("TEST_HOME", "tests/unit-tests/security/config-file-malformed2-home", 1); |
Yingdi Yu | f56c68f | 2014-04-24 21:50:13 -0700 | [diff] [blame] | 97 | |
| 98 | BOOST_REQUIRE_THROW(KeyChain(), KeyChain::Error); // Wrong configuration. Error expected. |
| 99 | } |
| 100 | |
| 101 | BOOST_AUTO_TEST_CASE(ExportIdentity) |
| 102 | { |
| 103 | BOOST_REQUIRE_NO_THROW(KeyChain("sqlite3", "file")); |
| 104 | KeyChain keyChain("sqlite3", "file"); |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 105 | |
Alexander Afanasyev | aa0e7da | 2014-03-17 14:37:33 -0700 | [diff] [blame] | 106 | Name identity("/TestKeyChain/ExportIdentity/"); |
| 107 | identity.appendVersion(); |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 108 | keyChain.createIdentity(identity); |
Alexander Afanasyev | b1db7c6 | 2014-04-03 14:57:25 -0700 | [diff] [blame] | 109 | |
Yingdi Yu | 64c3fb4 | 2014-02-26 17:30:04 -0800 | [diff] [blame] | 110 | shared_ptr<SecuredBag> exported = keyChain.exportIdentity(identity, "1234"); |
| 111 | |
| 112 | Block block = exported->wireEncode(); |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 113 | |
| 114 | Name keyName = keyChain.getDefaultKeyNameForIdentity(identity); |
| 115 | Name certName = keyChain.getDefaultCertificateNameForKey(keyName); |
| 116 | |
| 117 | keyChain.deleteIdentity(identity); |
| 118 | |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 119 | BOOST_CHECK_EQUAL(keyChain.doesIdentityExist(identity), false); |
| 120 | BOOST_CHECK_EQUAL(keyChain.doesPublicKeyExist(keyName), false); |
| 121 | BOOST_CHECK_EQUAL(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE), false); |
| 122 | BOOST_CHECK_EQUAL(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), false); |
| 123 | BOOST_CHECK_EQUAL(keyChain.doesCertificateExist(certName), false); |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 124 | |
Yingdi Yu | 64c3fb4 | 2014-02-26 17:30:04 -0800 | [diff] [blame] | 125 | SecuredBag imported; |
| 126 | imported.wireDecode(block); |
| 127 | keyChain.importIdentity(imported, "1234"); |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 128 | |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 129 | BOOST_CHECK(keyChain.doesIdentityExist(identity)); |
| 130 | BOOST_CHECK(keyChain.doesPublicKeyExist(keyName)); |
| 131 | BOOST_CHECK(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE)); |
| 132 | BOOST_CHECK(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC)); |
| 133 | BOOST_CHECK(keyChain.doesCertificateExist(certName)); |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 134 | |
| 135 | keyChain.deleteIdentity(identity); |
| 136 | |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 137 | BOOST_CHECK_EQUAL(keyChain.doesIdentityExist(identity), false); |
| 138 | BOOST_CHECK_EQUAL(keyChain.doesPublicKeyExist(keyName), false); |
| 139 | BOOST_CHECK_EQUAL(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE), false); |
| 140 | BOOST_CHECK_EQUAL(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), false); |
| 141 | BOOST_CHECK_EQUAL(keyChain.doesCertificateExist(certName), false); |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 142 | } |
| 143 | |
Yingdi Yu | f56c68f | 2014-04-24 21:50:13 -0700 | [diff] [blame] | 144 | BOOST_AUTO_TEST_CASE(PrepareIdentityCertificate) |
Yingdi Yu | c55680b | 2014-02-26 12:31:35 -0800 | [diff] [blame] | 145 | { |
Yingdi Yu | f56c68f | 2014-04-24 21:50:13 -0700 | [diff] [blame] | 146 | BOOST_REQUIRE_NO_THROW(KeyChain("sqlite3", "file")); |
| 147 | KeyChain keyChain("sqlite3", "file"); |
Alexander Afanasyev | b1db7c6 | 2014-04-03 14:57:25 -0700 | [diff] [blame] | 148 | |
Alexander Afanasyev | aa0e7da | 2014-03-17 14:37:33 -0700 | [diff] [blame] | 149 | Name identity("/TestKeyChain/PrepareIdentityCertificate/"); |
| 150 | identity.appendVersion(); |
Yingdi Yu | c55680b | 2014-02-26 12:31:35 -0800 | [diff] [blame] | 151 | keyChain.createIdentity(identity); |
| 152 | |
| 153 | vector<CertificateSubjectDescription> subjectDescription; |
| 154 | Name lowerIdentity = identity; |
Alexander Afanasyev | aa0e7da | 2014-03-17 14:37:33 -0700 | [diff] [blame] | 155 | lowerIdentity.append("Lower").appendVersion(); |
Yingdi Yu | f56c68f | 2014-04-24 21:50:13 -0700 | [diff] [blame] | 156 | Name lowerKeyName = keyChain.generateRsaKeyPair(lowerIdentity, true); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 157 | shared_ptr<IdentityCertificate> idCert = |
| 158 | keyChain.prepareUnsignedIdentityCertificate(lowerKeyName, identity, |
| 159 | time::system_clock::now(), |
| 160 | time::system_clock::now() + time::days(365), |
| 161 | subjectDescription); |
Yingdi Yu | c55680b | 2014-02-26 12:31:35 -0800 | [diff] [blame] | 162 | BOOST_CHECK(static_cast<bool>(idCert)); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 163 | BOOST_CHECK_EQUAL(idCert->getName().getPrefix(5), |
| 164 | Name().append(identity).append("KEY").append("Lower")); |
Yingdi Yu | c55680b | 2014-02-26 12:31:35 -0800 | [diff] [blame] | 165 | |
Yingdi Yu | 0eb5d72 | 2014-06-10 15:06:25 -0700 | [diff] [blame] | 166 | shared_ptr<IdentityCertificate> idCert11 = |
| 167 | keyChain.prepareUnsignedIdentityCertificate(lowerKeyName, identity, |
| 168 | time::system_clock::now(), |
| 169 | time::system_clock::now() + time::days(365), |
| 170 | subjectDescription, |
| 171 | lowerIdentity); |
| 172 | BOOST_CHECK(static_cast<bool>(idCert11)); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 173 | BOOST_CHECK_EQUAL(idCert11->getName().getPrefix(6), |
Yingdi Yu | 0eb5d72 | 2014-06-10 15:06:25 -0700 | [diff] [blame] | 174 | Name().append(lowerIdentity).append("KEY")); |
Yingdi Yu | c55680b | 2014-02-26 12:31:35 -0800 | [diff] [blame] | 175 | |
Alexander Afanasyev | aa0e7da | 2014-03-17 14:37:33 -0700 | [diff] [blame] | 176 | Name anotherIdentity("/TestKeyChain/PrepareIdentityCertificate/Another/"); |
| 177 | anotherIdentity.appendVersion(); |
Yingdi Yu | f56c68f | 2014-04-24 21:50:13 -0700 | [diff] [blame] | 178 | Name anotherKeyName = keyChain.generateRsaKeyPair(anotherIdentity, true); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 179 | shared_ptr<IdentityCertificate> idCert2 = |
| 180 | keyChain.prepareUnsignedIdentityCertificate(anotherKeyName, identity, |
| 181 | time::system_clock::now(), |
| 182 | time::system_clock::now() + time::days(365), |
| 183 | subjectDescription); |
Yingdi Yu | c55680b | 2014-02-26 12:31:35 -0800 | [diff] [blame] | 184 | BOOST_CHECK(static_cast<bool>(idCert2)); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 185 | BOOST_CHECK_EQUAL(idCert2->getName().getPrefix(5), Name().append(anotherIdentity).append("KEY")); |
Yingdi Yu | c55680b | 2014-02-26 12:31:35 -0800 | [diff] [blame] | 186 | |
| 187 | |
| 188 | Name wrongKeyName1; |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 189 | shared_ptr<IdentityCertificate> idCert3 = |
| 190 | keyChain.prepareUnsignedIdentityCertificate(wrongKeyName1, identity, |
| 191 | time::system_clock::now(), |
| 192 | time::system_clock::now() + time::days(365), |
| 193 | subjectDescription); |
| 194 | BOOST_CHECK_EQUAL(static_cast<bool>(idCert3), false); |
Yingdi Yu | c55680b | 2014-02-26 12:31:35 -0800 | [diff] [blame] | 195 | |
| 196 | |
| 197 | Name wrongKeyName2("/TestKeyChain/PrepareIdentityCertificate"); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 198 | shared_ptr<IdentityCertificate> idCert4 = |
| 199 | keyChain.prepareUnsignedIdentityCertificate(wrongKeyName2, identity, |
| 200 | time::system_clock::now(), |
| 201 | time::system_clock::now() + time::days(365), |
| 202 | subjectDescription); |
| 203 | BOOST_CHECK_EQUAL(static_cast<bool>(idCert4), false); |
Alexander Afanasyev | b1db7c6 | 2014-04-03 14:57:25 -0700 | [diff] [blame] | 204 | |
Yingdi Yu | c55680b | 2014-02-26 12:31:35 -0800 | [diff] [blame] | 205 | |
| 206 | Name wrongKeyName3("/TestKeyChain/PrepareIdentityCertificate/ksk-1234"); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 207 | shared_ptr<IdentityCertificate> idCert5 = |
| 208 | keyChain.prepareUnsignedIdentityCertificate(wrongKeyName3, identity, |
| 209 | time::system_clock::now(), |
| 210 | time::system_clock::now() + time::days(365), |
| 211 | subjectDescription); |
| 212 | BOOST_CHECK_EQUAL(static_cast<bool>(idCert5), false); |
Yingdi Yu | c55680b | 2014-02-26 12:31:35 -0800 | [diff] [blame] | 213 | |
| 214 | keyChain.deleteIdentity(identity); |
| 215 | keyChain.deleteIdentity(lowerIdentity); |
| 216 | keyChain.deleteIdentity(anotherIdentity); |
| 217 | } |
| 218 | |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 219 | BOOST_AUTO_TEST_SUITE_END() |
| 220 | |
Yingdi Yu | f56c68f | 2014-04-24 21:50:13 -0700 | [diff] [blame] | 221 | } // namespace tests |
Yingdi Yu | 8dceb1d | 2014-02-18 12:45:10 -0800 | [diff] [blame] | 222 | } // namespace ndn |