Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / 429634fb7d13e0a6802d8385765268eb8eac1cd7 / . / tests / unit-tests / security / validator.t.cpp
blob: e72171e9c6abaf686405eb4eef7702416d98ca1f [file] [log] [blame]
Alexander Afanasyevc169a812014-05-20 20:37:29 -0400[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]2/**
Spyridon Mastorakis429634f2015-02-19 17:35:33 -0800[diff] [blame^]3 * Copyright (c) 2013-2015 Regents of the University of California.
Alexander Afanasyevdfa52c42014-04-24 21:10:11 -0700[diff] [blame]4 *
5 * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
Alexander Afanasyevdfa52c42014-04-24 21:10:11 -0700[diff] [blame]6 *
Alexander Afanasyevc169a812014-05-20 20:37:29 -0400[diff] [blame]7 * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8 * terms of the GNU Lesser General Public License as published by the Free Software
9 * Foundation, either version 3 of the License, or (at your option) any later version.
10 *
11 * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License and GNU Lesser
16 * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17 * <http://www.gnu.org/licenses/>.
18 *
19 * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]20 */
21
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]22#include "security/validator-null.hpp"
23#include "security/key-chain.hpp"
24#include "util/time.hpp"
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame]25#include "identity-management-fixture.hpp"
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]26#include "boost-test.hpp"
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]27
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]28namespace ndn {
Spyridon Mastorakis429634f2015-02-19 17:35:33 -0800[diff] [blame^]29namespace tests {
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]30
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]31using std::string;
32
Spyridon Mastorakis429634f2015-02-19 17:35:33 -0800[diff] [blame^]33BOOST_FIXTURE_TEST_SUITE(SecurityValidator, security::IdentityManagementFixture)
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]34
35void
36onValidated(const shared_ptr<const Data>& data)
Alexander Afanasyev24b75c82014-05-31 15:59:31 +0300[diff] [blame]37{
38 BOOST_CHECK(true);
39}
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]40
41void
Yingdi Yu40587c02014-02-21 16:40:48 -0800[diff] [blame]42onValidationFailed(const shared_ptr<const Data>& data, const string& failureInfo)
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]43{
44 BOOST_CHECK(false);
Yingdi Yu40587c02014-02-21 16:40:48 -0800[diff] [blame]45}
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]46
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]47BOOST_AUTO_TEST_CASE(Null)
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]48{
Alexander Afanasyevaa0e7da2014-03-17 14:37:33 -0700[diff] [blame]49 Name identity("/TestValidator/Null");
50 identity.appendVersion();
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame]51 BOOST_REQUIRE(addIdentity(identity, RsaKeyParams()));
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]52
53 Name dataName = identity;
54 dataName.append("1");
55 shared_ptr<Data> data = make_shared<Data>(dataName);
56
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame]57 BOOST_CHECK_NO_THROW(m_keyChain.signByIdentity(*data, identity));
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]58
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]59 ValidatorNull validator;
Alexander Afanasyev0222fba2014-02-09 23:16:02 -0800[diff] [blame]60
61 // data must be a shared pointer
62 validator.validate(*data,
Yingdi Yu96e64062014-04-15 19:57:33 -0700[diff] [blame]63 bind(&onValidated, _1),
64 bind(&onValidationFailed, _1, _2));
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]65}
66
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]67const uint8_t ecdsaSigInfo[] = {
680x16, 0x1b, // SignatureInfo
69 0x1b, 0x01, // SignatureType
70 0x03,
71 0x1c, 0x16, // KeyLocator
72 0x07, 0x14, // Name
73 0x08, 0x04,
74 0x74, 0x65, 0x73, 0x74,
75 0x08, 0x03,
76 0x6b, 0x65, 0x79,
77 0x08, 0x07,
78 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x6f, 0x72
79};
80
81const uint8_t ecdsaSigValue[] = {
820x17, 0x40, // SignatureValue
83 0x2f, 0xd6, 0xf1, 0x6e, 0x80, 0x6f, 0x10, 0xbe, 0xb1, 0x6f, 0x3e, 0x31, 0xec,
84 0xe3, 0xb9, 0xea, 0x83, 0x30, 0x40, 0x03, 0xfc, 0xa0, 0x13, 0xd9, 0xb3, 0xc6,
85 0x25, 0x16, 0x2d, 0xa6, 0x58, 0x41, 0x69, 0x62, 0x56, 0xd8, 0xb3, 0x6a, 0x38,
86 0x76, 0x56, 0xea, 0x61, 0xb2, 0x32, 0x70, 0x1c, 0xb6, 0x4d, 0x10, 0x1d, 0xdc,
87 0x92, 0x8e, 0x52, 0xa5, 0x8a, 0x1d, 0xd9, 0x96, 0x5e, 0xc0, 0x62, 0x0b
88};
89
90BOOST_AUTO_TEST_CASE(RsaSignatureVerification)
91{
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]92 Name identity("/TestValidator/RsaSignatureVerification");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame]93 BOOST_REQUIRE(addIdentity(identity, RsaKeyParams()));
94 Name keyName = m_keyChain.getDefaultKeyNameForIdentity(identity);
95 shared_ptr<PublicKey> publicKey = m_keyChain.getPublicKey(keyName);
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]96
97 Name identity2("/TestValidator/RsaSignatureVerification/id2");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame]98 BOOST_REQUIRE(addIdentity(identity2, RsaKeyParams()));
99 Name keyName2 = m_keyChain.getDefaultKeyNameForIdentity(identity2);
100 shared_ptr<PublicKey> publicKey2 = m_keyChain.getPublicKey(keyName2);
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]101
102 Data data("/TestData/1");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame]103 BOOST_CHECK_NO_THROW(m_keyChain.signByIdentity(data, identity));
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]104 BOOST_CHECK_EQUAL(Validator::verifySignature(data, *publicKey), true);
105 BOOST_CHECK_EQUAL(Validator::verifySignature(data, *publicKey2), false);
106
107 Interest interest("/TestInterest/1");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame]108 BOOST_CHECK_NO_THROW(m_keyChain.signByIdentity(interest, identity));
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]109 BOOST_CHECK_EQUAL(Validator::verifySignature(interest, *publicKey), true);
110 BOOST_CHECK_EQUAL(Validator::verifySignature(interest, *publicKey2), false);
111
112 Data wrongData("/TestData/2");
113 Block ecdsaSigInfoBlock(ecdsaSigInfo, sizeof(ecdsaSigInfo));
114 Block ecdsaSigValueBlock(ecdsaSigValue, sizeof(ecdsaSigValue));
115 Signature ecdsaSig(ecdsaSigInfoBlock, ecdsaSigValueBlock);
116 wrongData.setSignature(ecdsaSig);
117 BOOST_CHECK_EQUAL(Validator::verifySignature(wrongData, *publicKey), false);
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]118}
119
120const uint8_t rsaSigInfo[] = {
1210x16, 0x1b, // SignatureInfo
122 0x1b, 0x01, // SignatureType
123 0x01,
124 0x1c, 0x16, // KeyLocator
125 0x07, 0x14, // Name
126 0x08, 0x04,
127 0x74, 0x65, 0x73, 0x74,
128 0x08, 0x03,
129 0x6b, 0x65, 0x79,
130 0x08, 0x07,
131 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x6f, 0x72
132};
133
134const uint8_t rsaSigValue[] = {
1350x17, 0x80, // SignatureValue
136 0x2f, 0xd6, 0xf1, 0x6e, 0x80, 0x6f, 0x10, 0xbe, 0xb1, 0x6f, 0x3e, 0x31, 0xec,
137 0xe3, 0xb9, 0xea, 0x83, 0x30, 0x40, 0x03, 0xfc, 0xa0, 0x13, 0xd9, 0xb3, 0xc6,
138 0x25, 0x16, 0x2d, 0xa6, 0x58, 0x41, 0x69, 0x62, 0x56, 0xd8, 0xb3, 0x6a, 0x38,
139 0x76, 0x56, 0xea, 0x61, 0xb2, 0x32, 0x70, 0x1c, 0xb6, 0x4d, 0x10, 0x1d, 0xdc,
140 0x92, 0x8e, 0x52, 0xa5, 0x8a, 0x1d, 0xd9, 0x96, 0x5e, 0xc0, 0x62, 0x0b, 0xcf,
141 0x3a, 0x9d, 0x7f, 0xca, 0xbe, 0xa1, 0x41, 0x71, 0x85, 0x7a, 0x8b, 0x5d, 0xa9,
142 0x64, 0xd6, 0x66, 0xb4, 0xe9, 0x8d, 0x0c, 0x28, 0x43, 0xee, 0xa6, 0x64, 0xe8,
143 0x55, 0xf6, 0x1c, 0x19, 0x0b, 0xef, 0x99, 0x25, 0x1e, 0xdc, 0x78, 0xb3, 0xa7,
144 0xaa, 0x0d, 0x14, 0x58, 0x30, 0xe5, 0x37, 0x6a, 0x6d, 0xdb, 0x56, 0xac, 0xa3,
145 0xfc, 0x90, 0x7a, 0xb8, 0x66, 0x9c, 0x0e, 0xf6, 0xb7, 0x64, 0xd1
146};
147
148
149BOOST_AUTO_TEST_CASE(EcdsaSignatureVerification)
150{
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]151 Name identity("/TestValidator/EcdsaSignatureVerification");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame]152 BOOST_REQUIRE(addIdentity(identity, EcdsaKeyParams()));
153 Name keyName = m_keyChain.getDefaultKeyNameForIdentity(identity);
154 shared_ptr<PublicKey> publicKey = m_keyChain.getPublicKey(keyName);
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]155
156 Name identity2("/TestValidator/EcdsaSignatureVerification/id2");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame]157 BOOST_REQUIRE(addIdentity(identity2, EcdsaKeyParams()));
158 Name keyName2 = m_keyChain.getDefaultKeyNameForIdentity(identity2);
159 shared_ptr<PublicKey> publicKey2 = m_keyChain.getPublicKey(keyName2);
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]160
161
162 Data data("/TestData/1");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame]163 BOOST_CHECK_NO_THROW(m_keyChain.signByIdentity(data, identity));
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]164 BOOST_CHECK_EQUAL(Validator::verifySignature(data, *publicKey), true);
165 BOOST_CHECK_EQUAL(Validator::verifySignature(data, *publicKey2), false);
166
167 Interest interest("/TestInterest/1");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame]168 BOOST_CHECK_NO_THROW(m_keyChain.signByIdentity(interest, identity));
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]169 BOOST_CHECK_EQUAL(Validator::verifySignature(interest, *publicKey), true);
170 BOOST_CHECK_EQUAL(Validator::verifySignature(interest, *publicKey2), false);
171
172 Data wrongData("/TestData/2");
173 Block rsaSigInfoBlock(rsaSigInfo, sizeof(rsaSigInfo));
174 Block rsaSigValueBlock(rsaSigValue, sizeof(rsaSigValue));
175 Signature rsaSig(rsaSigInfoBlock, rsaSigValueBlock);
176 wrongData.setSignature(rsaSig);
177 BOOST_CHECK_EQUAL(Validator::verifySignature(wrongData, *publicKey), false);
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]178}
179
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]180BOOST_AUTO_TEST_CASE(EcdsaSignatureVerification2)
181{
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]182 Name ecdsaIdentity("/SecurityTestValidator/EcdsaSignatureVerification2/ecdsa");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame]183 BOOST_REQUIRE(addIdentity(ecdsaIdentity, EcdsaKeyParams()));
184 Name ecdsaCertName = m_keyChain.getDefaultCertificateNameForIdentity(ecdsaIdentity);
185 shared_ptr<IdentityCertificate> ecdsaCert = m_keyChain.getCertificate(ecdsaCertName);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]186
187 Name rsaIdentity("/SecurityTestValidator/EcdsaSignatureVerification2/rsa");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame]188 BOOST_REQUIRE(addIdentity(rsaIdentity, RsaKeyParams()));
189 Name rsaCertName = m_keyChain.getDefaultCertificateNameForIdentity(rsaIdentity);
190 shared_ptr<IdentityCertificate> rsaCert = m_keyChain.getCertificate(rsaCertName);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]191
192 Name packetName("/Test/Packet/Name");
193
194 shared_ptr<Data> testDataRsa = make_shared<Data>(packetName);
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame]195 m_keyChain.signByIdentity(*testDataRsa, rsaIdentity);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]196 shared_ptr<Data> testDataEcdsa = make_shared<Data>(packetName);
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame]197 m_keyChain.signByIdentity(*testDataEcdsa, ecdsaIdentity);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]198 shared_ptr<Interest> testInterestRsa = make_shared<Interest>(packetName);
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame]199 m_keyChain.signByIdentity(*testInterestRsa, rsaIdentity);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]200 shared_ptr<Interest> testInterestEcdsa = make_shared<Interest>(packetName);
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame]201 m_keyChain.signByIdentity(*testInterestEcdsa, ecdsaIdentity);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]202
203 BOOST_CHECK(Validator::verifySignature(*ecdsaCert, ecdsaCert->getPublicKeyInfo()));
204 BOOST_CHECK_EQUAL(Validator::verifySignature(*ecdsaCert, rsaCert->getPublicKeyInfo()), false);
205 BOOST_CHECK_EQUAL(Validator::verifySignature(*rsaCert, ecdsaCert->getPublicKeyInfo()), false);
206 BOOST_CHECK(Validator::verifySignature(*rsaCert, rsaCert->getPublicKeyInfo()));
207
208 BOOST_CHECK(Validator::verifySignature(*testDataEcdsa, ecdsaCert->getPublicKeyInfo()));
209 BOOST_CHECK_EQUAL(Validator::verifySignature(*testDataEcdsa, rsaCert->getPublicKeyInfo()), false);
210 BOOST_CHECK_EQUAL(Validator::verifySignature(*testDataRsa, ecdsaCert->getPublicKeyInfo()), false);
211 BOOST_CHECK(Validator::verifySignature(*testDataRsa, rsaCert->getPublicKeyInfo()));
212
213 BOOST_CHECK(Validator::verifySignature(*testInterestEcdsa, ecdsaCert->getPublicKeyInfo()));
214 BOOST_CHECK_EQUAL(Validator::verifySignature(*testInterestEcdsa, rsaCert->getPublicKeyInfo()),
215 false);
216 BOOST_CHECK_EQUAL(Validator::verifySignature(*testInterestRsa, ecdsaCert->getPublicKeyInfo()),
217 false);
218 BOOST_CHECK(Validator::verifySignature(*testInterestRsa, rsaCert->getPublicKeyInfo()));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]219}
220
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]221BOOST_AUTO_TEST_SUITE_END()
222
Spyridon Mastorakis429634f2015-02-19 17:35:33 -0800[diff] [blame^]223} // namespace tests
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]224} // namespace ndn