Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / 3ed09d0181b8207c1dd2093ec0036bd5192e25c9 / . / tests / unit-tests / security / test-validator.cpp
blob: 46bc6a36dcc17e7b56c80e48d55ef65614b218a6 [file] [log] [blame]
Alexander Afanasyevc169a812014-05-20 20:37:29 -0400[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]2/**
Alexander Afanasyevc169a812014-05-20 20:37:29 -0400[diff] [blame]3 * Copyright (c) 2013-2014 Regents of the University of California.
Alexander Afanasyevdfa52c42014-04-24 21:10:11 -0700[diff] [blame]4 *
5 * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
Alexander Afanasyevdfa52c42014-04-24 21:10:11 -0700[diff] [blame]6 *
Alexander Afanasyevc169a812014-05-20 20:37:29 -0400[diff] [blame]7 * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8 * terms of the GNU Lesser General Public License as published by the Free Software
9 * Foundation, either version 3 of the License, or (at your option) any later version.
10 *
11 * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License and GNU Lesser
16 * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17 * <http://www.gnu.org/licenses/>.
18 *
19 * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]20 */
21
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]22#include "security/validator-null.hpp"
23#include "security/key-chain.hpp"
24#include "util/time.hpp"
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame^]25#include "identity-management-fixture.hpp"
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]26#include "boost-test.hpp"
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]27
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]28namespace ndn {
29
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]30using std::string;
31
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame^]32BOOST_FIXTURE_TEST_SUITE(SecurityTestValidator, security::IdentityManagementFixture)
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]33
34void
35onValidated(const shared_ptr<const Data>& data)
Alexander Afanasyev24b75c82014-05-31 15:59:31 +0300[diff] [blame]36{
37 BOOST_CHECK(true);
38}
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]39
40void
Yingdi Yu40587c02014-02-21 16:40:48 -0800[diff] [blame]41onValidationFailed(const shared_ptr<const Data>& data, const string& failureInfo)
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]42{
43 BOOST_CHECK(false);
Yingdi Yu40587c02014-02-21 16:40:48 -0800[diff] [blame]44}
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]45
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]46BOOST_AUTO_TEST_CASE(Null)
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]47{
Alexander Afanasyevaa0e7da2014-03-17 14:37:33 -0700[diff] [blame]48 Name identity("/TestValidator/Null");
49 identity.appendVersion();
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame^]50 BOOST_REQUIRE(addIdentity(identity, RsaKeyParams()));
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]51
52 Name dataName = identity;
53 dataName.append("1");
54 shared_ptr<Data> data = make_shared<Data>(dataName);
55
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame^]56 BOOST_CHECK_NO_THROW(m_keyChain.signByIdentity(*data, identity));
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]57
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]58 ValidatorNull validator;
Alexander Afanasyev0222fba2014-02-09 23:16:02 -0800[diff] [blame]59
60 // data must be a shared pointer
61 validator.validate(*data,
Yingdi Yu96e64062014-04-15 19:57:33 -0700[diff] [blame]62 bind(&onValidated, _1),
63 bind(&onValidationFailed, _1, _2));
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]64}
65
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]66const uint8_t ecdsaSigInfo[] = {
670x16, 0x1b, // SignatureInfo
68 0x1b, 0x01, // SignatureType
69 0x03,
70 0x1c, 0x16, // KeyLocator
71 0x07, 0x14, // Name
72 0x08, 0x04,
73 0x74, 0x65, 0x73, 0x74,
74 0x08, 0x03,
75 0x6b, 0x65, 0x79,
76 0x08, 0x07,
77 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x6f, 0x72
78};
79
80const uint8_t ecdsaSigValue[] = {
810x17, 0x40, // SignatureValue
82 0x2f, 0xd6, 0xf1, 0x6e, 0x80, 0x6f, 0x10, 0xbe, 0xb1, 0x6f, 0x3e, 0x31, 0xec,
83 0xe3, 0xb9, 0xea, 0x83, 0x30, 0x40, 0x03, 0xfc, 0xa0, 0x13, 0xd9, 0xb3, 0xc6,
84 0x25, 0x16, 0x2d, 0xa6, 0x58, 0x41, 0x69, 0x62, 0x56, 0xd8, 0xb3, 0x6a, 0x38,
85 0x76, 0x56, 0xea, 0x61, 0xb2, 0x32, 0x70, 0x1c, 0xb6, 0x4d, 0x10, 0x1d, 0xdc,
86 0x92, 0x8e, 0x52, 0xa5, 0x8a, 0x1d, 0xd9, 0x96, 0x5e, 0xc0, 0x62, 0x0b
87};
88
89BOOST_AUTO_TEST_CASE(RsaSignatureVerification)
90{
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]91 Name identity("/TestValidator/RsaSignatureVerification");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame^]92 BOOST_REQUIRE(addIdentity(identity, RsaKeyParams()));
93 Name keyName = m_keyChain.getDefaultKeyNameForIdentity(identity);
94 shared_ptr<PublicKey> publicKey = m_keyChain.getPublicKey(keyName);
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]95
96 Name identity2("/TestValidator/RsaSignatureVerification/id2");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame^]97 BOOST_REQUIRE(addIdentity(identity2, RsaKeyParams()));
98 Name keyName2 = m_keyChain.getDefaultKeyNameForIdentity(identity2);
99 shared_ptr<PublicKey> publicKey2 = m_keyChain.getPublicKey(keyName2);
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]100
101 Data data("/TestData/1");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame^]102 BOOST_CHECK_NO_THROW(m_keyChain.signByIdentity(data, identity));
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]103 BOOST_CHECK_EQUAL(Validator::verifySignature(data, *publicKey), true);
104 BOOST_CHECK_EQUAL(Validator::verifySignature(data, *publicKey2), false);
105
106 Interest interest("/TestInterest/1");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame^]107 BOOST_CHECK_NO_THROW(m_keyChain.signByIdentity(interest, identity));
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]108 BOOST_CHECK_EQUAL(Validator::verifySignature(interest, *publicKey), true);
109 BOOST_CHECK_EQUAL(Validator::verifySignature(interest, *publicKey2), false);
110
111 Data wrongData("/TestData/2");
112 Block ecdsaSigInfoBlock(ecdsaSigInfo, sizeof(ecdsaSigInfo));
113 Block ecdsaSigValueBlock(ecdsaSigValue, sizeof(ecdsaSigValue));
114 Signature ecdsaSig(ecdsaSigInfoBlock, ecdsaSigValueBlock);
115 wrongData.setSignature(ecdsaSig);
116 BOOST_CHECK_EQUAL(Validator::verifySignature(wrongData, *publicKey), false);
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]117}
118
119const uint8_t rsaSigInfo[] = {
1200x16, 0x1b, // SignatureInfo
121 0x1b, 0x01, // SignatureType
122 0x01,
123 0x1c, 0x16, // KeyLocator
124 0x07, 0x14, // Name
125 0x08, 0x04,
126 0x74, 0x65, 0x73, 0x74,
127 0x08, 0x03,
128 0x6b, 0x65, 0x79,
129 0x08, 0x07,
130 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x6f, 0x72
131};
132
133const uint8_t rsaSigValue[] = {
1340x17, 0x80, // SignatureValue
135 0x2f, 0xd6, 0xf1, 0x6e, 0x80, 0x6f, 0x10, 0xbe, 0xb1, 0x6f, 0x3e, 0x31, 0xec,
136 0xe3, 0xb9, 0xea, 0x83, 0x30, 0x40, 0x03, 0xfc, 0xa0, 0x13, 0xd9, 0xb3, 0xc6,
137 0x25, 0x16, 0x2d, 0xa6, 0x58, 0x41, 0x69, 0x62, 0x56, 0xd8, 0xb3, 0x6a, 0x38,
138 0x76, 0x56, 0xea, 0x61, 0xb2, 0x32, 0x70, 0x1c, 0xb6, 0x4d, 0x10, 0x1d, 0xdc,
139 0x92, 0x8e, 0x52, 0xa5, 0x8a, 0x1d, 0xd9, 0x96, 0x5e, 0xc0, 0x62, 0x0b, 0xcf,
140 0x3a, 0x9d, 0x7f, 0xca, 0xbe, 0xa1, 0x41, 0x71, 0x85, 0x7a, 0x8b, 0x5d, 0xa9,
141 0x64, 0xd6, 0x66, 0xb4, 0xe9, 0x8d, 0x0c, 0x28, 0x43, 0xee, 0xa6, 0x64, 0xe8,
142 0x55, 0xf6, 0x1c, 0x19, 0x0b, 0xef, 0x99, 0x25, 0x1e, 0xdc, 0x78, 0xb3, 0xa7,
143 0xaa, 0x0d, 0x14, 0x58, 0x30, 0xe5, 0x37, 0x6a, 0x6d, 0xdb, 0x56, 0xac, 0xa3,
144 0xfc, 0x90, 0x7a, 0xb8, 0x66, 0x9c, 0x0e, 0xf6, 0xb7, 0x64, 0xd1
145};
146
147
148BOOST_AUTO_TEST_CASE(EcdsaSignatureVerification)
149{
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]150 Name identity("/TestValidator/EcdsaSignatureVerification");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame^]151 BOOST_REQUIRE(addIdentity(identity, EcdsaKeyParams()));
152 Name keyName = m_keyChain.getDefaultKeyNameForIdentity(identity);
153 shared_ptr<PublicKey> publicKey = m_keyChain.getPublicKey(keyName);
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]154
155 Name identity2("/TestValidator/EcdsaSignatureVerification/id2");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame^]156 BOOST_REQUIRE(addIdentity(identity2, EcdsaKeyParams()));
157 Name keyName2 = m_keyChain.getDefaultKeyNameForIdentity(identity2);
158 shared_ptr<PublicKey> publicKey2 = m_keyChain.getPublicKey(keyName2);
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]159
160
161 Data data("/TestData/1");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame^]162 BOOST_CHECK_NO_THROW(m_keyChain.signByIdentity(data, identity));
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]163 BOOST_CHECK_EQUAL(Validator::verifySignature(data, *publicKey), true);
164 BOOST_CHECK_EQUAL(Validator::verifySignature(data, *publicKey2), false);
165
166 Interest interest("/TestInterest/1");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame^]167 BOOST_CHECK_NO_THROW(m_keyChain.signByIdentity(interest, identity));
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]168 BOOST_CHECK_EQUAL(Validator::verifySignature(interest, *publicKey), true);
169 BOOST_CHECK_EQUAL(Validator::verifySignature(interest, *publicKey2), false);
170
171 Data wrongData("/TestData/2");
172 Block rsaSigInfoBlock(rsaSigInfo, sizeof(rsaSigInfo));
173 Block rsaSigValueBlock(rsaSigValue, sizeof(rsaSigValue));
174 Signature rsaSig(rsaSigInfoBlock, rsaSigValueBlock);
175 wrongData.setSignature(rsaSig);
176 BOOST_CHECK_EQUAL(Validator::verifySignature(wrongData, *publicKey), false);
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]177}
178
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]179BOOST_AUTO_TEST_CASE(EcdsaSignatureVerification2)
180{
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]181 Name ecdsaIdentity("/SecurityTestValidator/EcdsaSignatureVerification2/ecdsa");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame^]182 BOOST_REQUIRE(addIdentity(ecdsaIdentity, EcdsaKeyParams()));
183 Name ecdsaCertName = m_keyChain.getDefaultCertificateNameForIdentity(ecdsaIdentity);
184 shared_ptr<IdentityCertificate> ecdsaCert = m_keyChain.getCertificate(ecdsaCertName);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]185
186 Name rsaIdentity("/SecurityTestValidator/EcdsaSignatureVerification2/rsa");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame^]187 BOOST_REQUIRE(addIdentity(rsaIdentity, RsaKeyParams()));
188 Name rsaCertName = m_keyChain.getDefaultCertificateNameForIdentity(rsaIdentity);
189 shared_ptr<IdentityCertificate> rsaCert = m_keyChain.getCertificate(rsaCertName);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]190
191 Name packetName("/Test/Packet/Name");
192
193 shared_ptr<Data> testDataRsa = make_shared<Data>(packetName);
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame^]194 m_keyChain.signByIdentity(*testDataRsa, rsaIdentity);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]195 shared_ptr<Data> testDataEcdsa = make_shared<Data>(packetName);
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame^]196 m_keyChain.signByIdentity(*testDataEcdsa, ecdsaIdentity);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]197 shared_ptr<Interest> testInterestRsa = make_shared<Interest>(packetName);
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame^]198 m_keyChain.signByIdentity(*testInterestRsa, rsaIdentity);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]199 shared_ptr<Interest> testInterestEcdsa = make_shared<Interest>(packetName);
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame^]200 m_keyChain.signByIdentity(*testInterestEcdsa, ecdsaIdentity);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]201
202 BOOST_CHECK(Validator::verifySignature(*ecdsaCert, ecdsaCert->getPublicKeyInfo()));
203 BOOST_CHECK_EQUAL(Validator::verifySignature(*ecdsaCert, rsaCert->getPublicKeyInfo()), false);
204 BOOST_CHECK_EQUAL(Validator::verifySignature(*rsaCert, ecdsaCert->getPublicKeyInfo()), false);
205 BOOST_CHECK(Validator::verifySignature(*rsaCert, rsaCert->getPublicKeyInfo()));
206
207 BOOST_CHECK(Validator::verifySignature(*testDataEcdsa, ecdsaCert->getPublicKeyInfo()));
208 BOOST_CHECK_EQUAL(Validator::verifySignature(*testDataEcdsa, rsaCert->getPublicKeyInfo()), false);
209 BOOST_CHECK_EQUAL(Validator::verifySignature(*testDataRsa, ecdsaCert->getPublicKeyInfo()), false);
210 BOOST_CHECK(Validator::verifySignature(*testDataRsa, rsaCert->getPublicKeyInfo()));
211
212 BOOST_CHECK(Validator::verifySignature(*testInterestEcdsa, ecdsaCert->getPublicKeyInfo()));
213 BOOST_CHECK_EQUAL(Validator::verifySignature(*testInterestEcdsa, rsaCert->getPublicKeyInfo()),
214 false);
215 BOOST_CHECK_EQUAL(Validator::verifySignature(*testInterestRsa, ecdsaCert->getPublicKeyInfo()),
216 false);
217 BOOST_CHECK(Validator::verifySignature(*testInterestRsa, rsaCert->getPublicKeyInfo()));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]218}
219
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]220BOOST_AUTO_TEST_SUITE_END()
221
222} // namespace ndn