Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / 81a6c5dea60cea97c60dab0d78576c0d3b4e29ed / . / tests / unit-tests / security / test-keychain.cpp
blob: bb3af0c7eb5c79a31c099ce1bdd96eceaea64e8a [file] [log] [blame]
Alexander Afanasyevc169a812014-05-20 20:37:29 -0400[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]2/**
Alexander Afanasyevc169a812014-05-20 20:37:29 -0400[diff] [blame]3 * Copyright (c) 2013-2014 Regents of the University of California.
Alexander Afanasyevdfa52c42014-04-24 21:10:11 -0700[diff] [blame]4 *
5 * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
Alexander Afanasyevdfa52c42014-04-24 21:10:11 -0700[diff] [blame]6 *
Alexander Afanasyevc169a812014-05-20 20:37:29 -0400[diff] [blame]7 * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8 * terms of the GNU Lesser General Public License as published by the Free Software
9 * Foundation, either version 3 of the License, or (at your option) any later version.
10 *
11 * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License and GNU Lesser
16 * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17 * <http://www.gnu.org/licenses/>.
18 *
19 * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]20 */
21
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]22#include "security/key-chain.hpp"
Steve DiBenedettoa8659ff2014-12-04 14:50:28 -0700[diff] [blame]23#include "../util/test-home-environment-fixture.hpp"
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]24#include <boost/filesystem.hpp>
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]25
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]26#include "boost-test.hpp"
27
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]28namespace ndn {
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]29namespace tests {
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]30
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]31using std::vector;
32
Steve DiBenedettoa8659ff2014-12-04 14:50:28 -0700[diff] [blame]33BOOST_FIXTURE_TEST_SUITE(SecurityTestKeyChain, util::TestHomeEnvironmentFixture)
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]34
35BOOST_AUTO_TEST_CASE(ConstructorNormalConfig)
36{
37 using namespace boost::filesystem;
38
Alexander Afanasyev8b1674a2014-05-15 00:58:43 -0700[diff] [blame]39 setenv("TEST_HOME", "tests/unit-tests/security/config-file-home", 1);
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]40
41 BOOST_REQUIRE_NO_THROW(KeyChain());
42
43 path pibPath(absolute(std::getenv("TEST_HOME")));
44 pibPath /= ".ndn/ndnsec-public-info.db";
45
46 boost::filesystem::remove(pibPath);
47}
48
49BOOST_AUTO_TEST_CASE(ConstructorEmptyConfig)
50{
51 using namespace boost::filesystem;
52
Alexander Afanasyev8b1674a2014-05-15 00:58:43 -0700[diff] [blame]53 setenv("TEST_HOME", "tests/unit-tests/security/config-file-empty-home", 1);
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]54
55 BOOST_REQUIRE_NO_THROW(KeyChain());
56
57 path pibPath(absolute(std::getenv("TEST_HOME")));
58 pibPath /= ".ndn/ndnsec-public-info.db";
59
60 boost::filesystem::remove(pibPath);
61}
62
63BOOST_AUTO_TEST_CASE(ConstructorMalConfig)
64{
65 using namespace boost::filesystem;
66
Alexander Afanasyev8b1674a2014-05-15 00:58:43 -0700[diff] [blame]67 setenv("TEST_HOME", "tests/unit-tests/security/config-file-malformed-home", 1);
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]68
69 BOOST_REQUIRE_THROW(KeyChain(), KeyChain::Error); // Wrong configuration. Error expected.
70}
71
72BOOST_AUTO_TEST_CASE(ConstructorMal2Config)
73{
74 using namespace boost::filesystem;
75
Alexander Afanasyev8b1674a2014-05-15 00:58:43 -0700[diff] [blame]76 setenv("TEST_HOME", "tests/unit-tests/security/config-file-malformed2-home", 1);
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]77
78 BOOST_REQUIRE_THROW(KeyChain(), KeyChain::Error); // Wrong configuration. Error expected.
79}
80
81BOOST_AUTO_TEST_CASE(ExportIdentity)
82{
83 BOOST_REQUIRE_NO_THROW(KeyChain("sqlite3", "file"));
84 KeyChain keyChain("sqlite3", "file");
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]85
Alexander Afanasyevaa0e7da2014-03-17 14:37:33 -0700[diff] [blame]86 Name identity("/TestKeyChain/ExportIdentity/");
87 identity.appendVersion();
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]88 keyChain.createIdentity(identity);
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]89
Yingdi Yu64c3fb42014-02-26 17:30:04 -0800[diff] [blame]90 shared_ptr<SecuredBag> exported = keyChain.exportIdentity(identity, "1234");
91
92 Block block = exported->wireEncode();
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]93
94 Name keyName = keyChain.getDefaultKeyNameForIdentity(identity);
95 Name certName = keyChain.getDefaultCertificateNameForKey(keyName);
96
97 keyChain.deleteIdentity(identity);
98
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]99 BOOST_CHECK_EQUAL(keyChain.doesIdentityExist(identity), false);
100 BOOST_CHECK_EQUAL(keyChain.doesPublicKeyExist(keyName), false);
101 BOOST_CHECK_EQUAL(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE), false);
102 BOOST_CHECK_EQUAL(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), false);
103 BOOST_CHECK_EQUAL(keyChain.doesCertificateExist(certName), false);
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]104
Yingdi Yu64c3fb42014-02-26 17:30:04 -0800[diff] [blame]105 SecuredBag imported;
106 imported.wireDecode(block);
107 keyChain.importIdentity(imported, "1234");
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]108
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]109 BOOST_CHECK(keyChain.doesIdentityExist(identity));
110 BOOST_CHECK(keyChain.doesPublicKeyExist(keyName));
111 BOOST_CHECK(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE));
112 BOOST_CHECK(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC));
113 BOOST_CHECK(keyChain.doesCertificateExist(certName));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]114
115 keyChain.deleteIdentity(identity);
116
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]117 BOOST_CHECK_EQUAL(keyChain.doesIdentityExist(identity), false);
118 BOOST_CHECK_EQUAL(keyChain.doesPublicKeyExist(keyName), false);
119 BOOST_CHECK_EQUAL(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE), false);
120 BOOST_CHECK_EQUAL(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), false);
121 BOOST_CHECK_EQUAL(keyChain.doesCertificateExist(certName), false);
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]122}
123
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]124BOOST_AUTO_TEST_CASE(PrepareIdentityCertificate)
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]125{
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]126 BOOST_REQUIRE_NO_THROW(KeyChain("sqlite3", "file"));
127 KeyChain keyChain("sqlite3", "file");
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]128
Alexander Afanasyevaa0e7da2014-03-17 14:37:33 -0700[diff] [blame]129 Name identity("/TestKeyChain/PrepareIdentityCertificate/");
130 identity.appendVersion();
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]131 keyChain.createIdentity(identity);
132
133 vector<CertificateSubjectDescription> subjectDescription;
134 Name lowerIdentity = identity;
Alexander Afanasyevaa0e7da2014-03-17 14:37:33 -0700[diff] [blame]135 lowerIdentity.append("Lower").appendVersion();
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]136 Name lowerKeyName = keyChain.generateRsaKeyPair(lowerIdentity, true);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]137 shared_ptr<IdentityCertificate> idCert =
138 keyChain.prepareUnsignedIdentityCertificate(lowerKeyName, identity,
139 time::system_clock::now(),
140 time::system_clock::now() + time::days(365),
141 subjectDescription);
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]142 BOOST_CHECK(static_cast<bool>(idCert));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]143 BOOST_CHECK_EQUAL(idCert->getName().getPrefix(5),
144 Name().append(identity).append("KEY").append("Lower"));
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]145
Yingdi Yu0eb5d722014-06-10 15:06:25 -0700[diff] [blame]146 shared_ptr<IdentityCertificate> idCert11 =
147 keyChain.prepareUnsignedIdentityCertificate(lowerKeyName, identity,
148 time::system_clock::now(),
149 time::system_clock::now() + time::days(365),
150 subjectDescription,
151 lowerIdentity);
152 BOOST_CHECK(static_cast<bool>(idCert11));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]153 BOOST_CHECK_EQUAL(idCert11->getName().getPrefix(6),
Yingdi Yu0eb5d722014-06-10 15:06:25 -0700[diff] [blame]154 Name().append(lowerIdentity).append("KEY"));
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]155
Alexander Afanasyevaa0e7da2014-03-17 14:37:33 -0700[diff] [blame]156 Name anotherIdentity("/TestKeyChain/PrepareIdentityCertificate/Another/");
157 anotherIdentity.appendVersion();
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]158 Name anotherKeyName = keyChain.generateRsaKeyPair(anotherIdentity, true);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]159 shared_ptr<IdentityCertificate> idCert2 =
160 keyChain.prepareUnsignedIdentityCertificate(anotherKeyName, identity,
161 time::system_clock::now(),
162 time::system_clock::now() + time::days(365),
163 subjectDescription);
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]164 BOOST_CHECK(static_cast<bool>(idCert2));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]165 BOOST_CHECK_EQUAL(idCert2->getName().getPrefix(5), Name().append(anotherIdentity).append("KEY"));
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]166
167
168 Name wrongKeyName1;
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]169 shared_ptr<IdentityCertificate> idCert3 =
170 keyChain.prepareUnsignedIdentityCertificate(wrongKeyName1, identity,
171 time::system_clock::now(),
172 time::system_clock::now() + time::days(365),
173 subjectDescription);
174 BOOST_CHECK_EQUAL(static_cast<bool>(idCert3), false);
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]175
176
177 Name wrongKeyName2("/TestKeyChain/PrepareIdentityCertificate");
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]178 shared_ptr<IdentityCertificate> idCert4 =
179 keyChain.prepareUnsignedIdentityCertificate(wrongKeyName2, identity,
180 time::system_clock::now(),
181 time::system_clock::now() + time::days(365),
182 subjectDescription);
183 BOOST_CHECK_EQUAL(static_cast<bool>(idCert4), false);
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]184
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]185
186 Name wrongKeyName3("/TestKeyChain/PrepareIdentityCertificate/ksk-1234");
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]187 shared_ptr<IdentityCertificate> idCert5 =
188 keyChain.prepareUnsignedIdentityCertificate(wrongKeyName3, identity,
189 time::system_clock::now(),
190 time::system_clock::now() + time::days(365),
191 subjectDescription);
192 BOOST_CHECK_EQUAL(static_cast<bool>(idCert5), false);
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]193
194 keyChain.deleteIdentity(identity);
195 keyChain.deleteIdentity(lowerIdentity);
196 keyChain.deleteIdentity(anotherIdentity);
197}
198
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]199BOOST_AUTO_TEST_SUITE_END()
200
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]201} // namespace tests
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]202} // namespace ndn