blob: a9df438068bfb0ef72dcd6d7185b94c99557563a [file] [log] [blame]
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -07001/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Davide Pesavento0f830802018-01-16 23:58:58 -05002/*
Davide Pesaventoa3d809e2022-02-06 11:55:02 -05003 * Copyright (c) 2013-2022 Regents of the University of California.
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -07004 *
5 * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
6 *
7 * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8 * terms of the GNU Lesser General Public License as published by the Free Software
9 * Foundation, either version 3 of the License, or (at your option) any later version.
10 *
11 * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License and GNU Lesser
16 * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17 * <http://www.gnu.org/licenses/>.
18 *
19 * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
20 *
21 * @author Zhiyi Zhang <dreamerbarrychang@gmail.com>
22 */
23
Alexander Afanasyev09236c22020-06-03 13:42:38 -040024#include "ndn-cxx/security/certificate.hpp"
Davide Pesaventodd0724b2022-04-18 00:30:05 -040025#include "ndn-cxx/encoding/block-helpers.hpp"
26#include "ndn-cxx/util/io.hpp"
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -070027
Davide Pesavento7e780642018-11-24 15:51:34 -050028#include "tests/boost-test.hpp"
Davide Pesavento4c1ad4c2020-11-16 21:12:02 -050029#include "tests/unit/clock-fixture.hpp"
Davide Pesavento74daf742018-11-23 18:14:13 -050030
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -070031#include <boost/lexical_cast.hpp>
32
33namespace ndn {
34namespace security {
Alexander Afanasyev09236c22020-06-03 13:42:38 -040035inline namespace v2 {
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -070036namespace tests {
37
38using namespace ndn::tests;
39
40BOOST_AUTO_TEST_SUITE(Security)
Davide Pesavento4c1ad4c2020-11-16 21:12:02 -050041BOOST_FIXTURE_TEST_SUITE(TestCertificate, ClockFixture)
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -070042
43const uint8_t PUBLIC_KEY[] = {
44 0x30, 0x81, 0x9d, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01,
45 0x01, 0x05, 0x00, 0x03, 0x81, 0x8b, 0x00, 0x30, 0x81, 0x87, 0x02, 0x81, 0x81, 0x00, 0x9e,
46 0x06, 0x3e, 0x47, 0x85, 0xb2, 0x34, 0x37, 0xaa, 0x85, 0x47, 0xac, 0x03, 0x24, 0x83, 0xb5,
47 0x9c, 0xa8, 0x05, 0x3a, 0x24, 0x1e, 0xeb, 0x89, 0x01, 0xbb, 0xe9, 0x9b, 0xb2, 0xc3, 0x22,
48 0xac, 0x68, 0xe3, 0xf0, 0x6c, 0x02, 0xce, 0x68, 0xa6, 0xc4, 0xd0, 0xa7, 0x06, 0x90, 0x9c,
49 0xaa, 0x1b, 0x08, 0x1d, 0x8b, 0x43, 0x9a, 0x33, 0x67, 0x44, 0x6d, 0x21, 0xa3, 0x1b, 0x88,
50 0x9a, 0x97, 0x5e, 0x59, 0xc4, 0x15, 0x0b, 0xd9, 0x2c, 0xbd, 0x51, 0x07, 0x61, 0x82, 0xad,
51 0xc1, 0xb8, 0xd7, 0xbf, 0x9b, 0xcf, 0x7d, 0x24, 0xc2, 0x63, 0xf3, 0x97, 0x17, 0xeb, 0xfe,
52 0x62, 0x25, 0xba, 0x5b, 0x4d, 0x8a, 0xc2, 0x7a, 0xbd, 0x43, 0x8a, 0x8f, 0xb8, 0xf2, 0xf1,
53 0xc5, 0x6a, 0x30, 0xd3, 0x50, 0x8c, 0xc8, 0x9a, 0xdf, 0xef, 0xed, 0x35, 0xe7, 0x7a, 0x62,
54 0xea, 0x76, 0x7c, 0xbb, 0x08, 0x26, 0xc7, 0x02, 0x01, 0x11
55};
56
57const uint8_t SIG_INFO[] = {
58 0x16, 0x55, 0x1B, 0x01, 0x01, 0x1C, 0x26, 0x07, 0x24, 0x08, 0x03, 0x6E, 0x64, 0x6E, 0x08, 0x05,
59 0x73, 0x69, 0x74, 0x65, 0x31, 0x08, 0x11, 0x6B, 0x73, 0x6B, 0x2D, 0x32, 0x35, 0x31, 0x36, 0x34,
60 0x32, 0x35, 0x33, 0x37, 0x37, 0x30, 0x39, 0x34, 0x08, 0x03, 0x4B, 0x45, 0x59, 0xFD, 0x00, 0xFD,
61 0x26, 0xFD, 0x00, 0xFE, 0x0F, 0x32, 0x30, 0x31, 0x35, 0x30, 0x38, 0x31, 0x34, 0x54, 0x32, 0x32,
62 0x33, 0x37, 0x33, 0x39, 0xFD, 0x00, 0xFF, 0x0F, 0x32, 0x30, 0x31, 0x35, 0x30, 0x38, 0x31, 0x38,
63 0x54, 0x32, 0x32, 0x33, 0x37, 0x33, 0x38
64};
65
66const uint8_t SIG_VALUE[] = {
Davide Pesavento14c56cd2020-05-21 01:44:03 -040067 0x2f, 0xd6, 0xf1, 0x6e, 0x80, 0x6f, 0x10, 0xbe, 0xb1, 0x6f, 0x3e, 0x31, 0xec, 0xe3, 0xb9, 0xea,
68 0x83, 0x30, 0x40, 0x03, 0xfc, 0xa0, 0x13, 0xd9, 0xb3, 0xc6, 0x25, 0x16, 0x2d, 0xa6, 0x58, 0x41,
69 0x69, 0x62, 0x56, 0xd8, 0xb3, 0x6a, 0x38, 0x76, 0x56, 0xea, 0x61, 0xb2, 0x32, 0x70, 0x1c, 0xb6,
70 0x4d, 0x10, 0x1d, 0xdc, 0x92, 0x8e, 0x52, 0xa5, 0x8a, 0x1d, 0xd9, 0x96, 0x5e, 0xc0, 0x62, 0x0b,
71 0xcf, 0x3a, 0x9d, 0x7f, 0xca, 0xbe, 0xa1, 0x41, 0x71, 0x85, 0x7a, 0x8b, 0x5d, 0xa9, 0x64, 0xd6,
72 0x66, 0xb4, 0xe9, 0x8d, 0x0c, 0x28, 0x43, 0xee, 0xa6, 0x64, 0xe8, 0x55, 0xf6, 0x1c, 0x19, 0x0b,
73 0xef, 0x99, 0x25, 0x1e, 0xdc, 0x78, 0xb3, 0xa7, 0xaa, 0x0d, 0x14, 0x58, 0x30, 0xe5, 0x37, 0x6a,
74 0x6d, 0xdb, 0x56, 0xac, 0xa3, 0xfc, 0x90, 0x7a, 0xb8, 0x66, 0x9c, 0x0e, 0xf6, 0xb7, 0x64, 0xd1,
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -070075};
76
77const uint8_t CERT[] = {
78 0x06, 0xFD, 0x01, 0xBB, // Data
79 0x07, 0x33, // Name /ndn/site1/KEY/ksk-1416425377094/0123/%FD%00%00%01I%C9%8B
80 0x08, 0x03, 0x6E, 0x64, 0x6E,
81 0x08, 0x05, 0x73, 0x69, 0x74, 0x65, 0x31,
82 0x08, 0x03, 0x4B, 0x45, 0x59,
83 0x08, 0x11,
84 0x6B, 0x73, 0x6B, 0x2D, 0x31, 0x34, 0x31, 0x36, 0x34, 0x32, 0x35, 0x33, 0x37, 0x37, 0x30, 0x39,
85 0x34,
86 0x08, 0x04, 0x30, 0x31, 0x32, 0x33,
87 0x08, 0x07, 0xFD, 0x00, 0x00, 0x01, 0x49, 0xC9, 0x8B,
88 0x14, 0x09, // MetaInfo
89 0x18, 0x01, 0x02, // ContentType = Key
90 0x19, 0x04, 0x00, 0x36, 0xEE, 0x80, // FreshnessPeriod = 3600000 ms
91 0x15, 0xA0, // Content
92 0x30, 0x81, 0x9D, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01,
93 0x05, 0x00, 0x03, 0x81, 0x8B, 0x00, 0x30, 0x81, 0x87, 0x02, 0x81, 0x81, 0x00, 0x9E, 0x06, 0x3E,
94 0x47, 0x85, 0xB2, 0x34, 0x37, 0xAA, 0x85, 0x47, 0xAC, 0x03, 0x24, 0x83, 0xB5, 0x9C, 0xA8, 0x05,
95 0x3A, 0x24, 0x1E, 0xEB, 0x89, 0x01, 0xBB, 0xE9, 0x9B, 0xB2, 0xC3, 0x22, 0xAC, 0x68, 0xE3, 0xF0,
96 0x6C, 0x02, 0xCE, 0x68, 0xA6, 0xC4, 0xD0, 0xA7, 0x06, 0x90, 0x9C, 0xAA, 0x1B, 0x08, 0x1D, 0x8B,
97 0x43, 0x9A, 0x33, 0x67, 0x44, 0x6D, 0x21, 0xA3, 0x1B, 0x88, 0x9A, 0x97, 0x5E, 0x59, 0xC4, 0x15,
98 0x0B, 0xD9, 0x2C, 0xBD, 0x51, 0x07, 0x61, 0x82, 0xAD, 0xC1, 0xB8, 0xD7, 0xBF, 0x9B, 0xCF, 0x7D,
99 0x24, 0xC2, 0x63, 0xF3, 0x97, 0x17, 0xEB, 0xFE, 0x62, 0x25, 0xBA, 0x5B, 0x4D, 0x8A, 0xC2, 0x7A,
100 0xBD, 0x43, 0x8A, 0x8F, 0xB8, 0xF2, 0xF1, 0xC5, 0x6A, 0x30, 0xD3, 0x50, 0x8C, 0xC8, 0x9A, 0xDF,
101 0xEF, 0xED, 0x35, 0xE7, 0x7A, 0x62, 0xEA, 0x76, 0x7C, 0xBB, 0x08, 0x26, 0xC7, 0x02, 0x01, 0x11,
102 0x16, 0x55, // SignatureInfo
103 0x1B, 0x01, 0x01, // SignatureType
104 0x1C, 0x26, // KeyLocator: /ndn/site1/KEY/ksk-2516425377094
105 0x07, 0x24,
106 0x08, 0x03, 0x6E, 0x64, 0x6E,
107 0x08, 0x05, 0x73, 0x69, 0x74, 0x65, 0x31,
108 0x08, 0x03, 0x4B, 0x45, 0x59,
109 0x08, 0x11,
110 0x6B, 0x73, 0x6B, 0x2D, 0x32, 0x35, 0x31, 0x36, 0x34, 0x32, 0x35, 0x33, 0x37, 0x37, 0x30, 0x39,
111 0x34,
112 0xFD, 0x00, 0xFD, 0x26, // ValidityPeriod: (20150814T223739, 20150818T223738)
113 0xFD, 0x00, 0xFE, 0x0F,
114 0x32, 0x30, 0x31, 0x35, 0x30, 0x38, 0x31, 0x34, 0x54, 0x32, 0x32, 0x33, 0x37, 0x33, 0x39,
115 0xFD, 0x00, 0xFF, 0x0F,
116 0x32, 0x30, 0x31, 0x35, 0x30, 0x38, 0x31, 0x38, 0x54, 0x32, 0x32, 0x33, 0x37, 0x33, 0x38,
117 0x17, 0x80, // SignatureValue
118 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
119 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
120 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
121 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
122 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
123 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
124 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
125 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
126};
127
Eric Newberrya3c8bd12020-05-15 17:27:07 -0700128static void
129generateFakeSignature(Data& data)
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700130{
Davide Pesaventofbea4fc2022-02-08 07:26:04 -0500131 SignatureInfo signatureInfo(Block{SIG_INFO});
Davide Pesavento487e3d32022-05-05 18:06:23 -0400132 signatureInfo.setKeyLocator(Name("/ndn/site1/KEY/ksk-2516425377094"));
Eric Newberrya3c8bd12020-05-15 17:27:07 -0700133 signatureInfo.setValidityPeriod(ValidityPeriod(time::fromIsoString("20141111T050000"),
134 time::fromIsoString("20141111T060000")));
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700135
Eric Newberrya3c8bd12020-05-15 17:27:07 -0700136 data.setSignatureInfo(signatureInfo);
Davide Pesavento487e3d32022-05-05 18:06:23 -0400137 data.setSignatureValue(SIG_VALUE);
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700138}
139
140BOOST_AUTO_TEST_CASE(Construction)
141{
Davide Pesaventofbea4fc2022-02-08 07:26:04 -0500142 Block block(CERT);
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700143 Certificate certificate(block);
144
145 BOOST_CHECK_EQUAL(certificate.getName(), "/ndn/site1/KEY/ksk-1416425377094/0123/%FD%00%00%01I%C9%8B");
146 BOOST_CHECK_EQUAL(certificate.getKeyName(), "/ndn/site1/KEY/ksk-1416425377094");
147 BOOST_CHECK_EQUAL(certificate.getIdentity(), "/ndn/site1");
148 BOOST_CHECK_EQUAL(certificate.getIssuerId(), name::Component("0123"));
149 BOOST_CHECK_EQUAL(certificate.getKeyId(), name::Component("ksk-1416425377094"));
Davide Pesaventodd0724b2022-04-18 00:30:05 -0400150 BOOST_CHECK_EQUAL(certificate.getKeyLocator().value().getName(), "/ndn/site1/KEY/ksk-2516425377094");
Davide Pesavento14c56cd2020-05-21 01:44:03 -0400151 BOOST_CHECK_EQUAL(boost::lexical_cast<std::string>(certificate.getValidityPeriod()),
152 "(20150814T223739, 20150818T223738)");
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700153
Davide Pesaventodd0724b2022-04-18 00:30:05 -0400154 BOOST_CHECK_THROW(certificate.getExtension(12345), Data::Error);
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700155 BOOST_CHECK_NO_THROW(certificate.getPublicKey());
156
157 Data data(block);
158 Certificate certificate2(std::move(data));
159 BOOST_CHECK_EQUAL(certificate, certificate2);
160}
161
162BOOST_AUTO_TEST_CASE(Setters)
163{
164 Certificate certificate;
165 certificate.setName("/ndn/site1/KEY/ksk-1416425377094/0123/%FD%00%00%01I%C9%8B");
Davide Pesavento0f830802018-01-16 23:58:58 -0500166 certificate.setFreshnessPeriod(1_h);
Davide Pesaventoa3d809e2022-02-06 11:55:02 -0500167 certificate.setContent(PUBLIC_KEY);
Eric Newberrya3c8bd12020-05-15 17:27:07 -0700168 generateFakeSignature(certificate);
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700169
170 BOOST_CHECK_EQUAL(certificate.getName(), "/ndn/site1/KEY/ksk-1416425377094/0123/%FD%00%00%01I%C9%8B");
171 BOOST_CHECK_EQUAL(certificate.getKeyName(), "/ndn/site1/KEY/ksk-1416425377094");
172 BOOST_CHECK_EQUAL(certificate.getIdentity(), "/ndn/site1");
173 BOOST_CHECK_EQUAL(certificate.getIssuerId(), name::Component("0123"));
174 BOOST_CHECK_EQUAL(certificate.getKeyId(), name::Component("ksk-1416425377094"));
Davide Pesaventodd0724b2022-04-18 00:30:05 -0400175 BOOST_CHECK_EQUAL(certificate.getKeyLocator().value().getName(), "/ndn/site1/KEY/ksk-2516425377094");
Davide Pesavento14c56cd2020-05-21 01:44:03 -0400176 BOOST_CHECK_EQUAL(boost::lexical_cast<std::string>(certificate.getValidityPeriod()),
177 "(20141111T050000, 20141111T060000)");
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700178
Davide Pesaventodd0724b2022-04-18 00:30:05 -0400179 BOOST_CHECK_THROW(certificate.getExtension(12345), Data::Error);
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700180 BOOST_CHECK_NO_THROW(certificate.getPublicKey());
181}
182
183BOOST_AUTO_TEST_CASE(ValidityPeriodChecking)
184{
185 Certificate certificate;
186 certificate.setName("/ndn/site1/KEY/ksk-1416425377094/0123/%FD%00%00%01I%C9%8B");
Davide Pesavento0f830802018-01-16 23:58:58 -0500187 certificate.setFreshnessPeriod(1_h);
Davide Pesaventoa3d809e2022-02-06 11:55:02 -0500188 certificate.setContent(PUBLIC_KEY);
Eric Newberrya3c8bd12020-05-15 17:27:07 -0700189 generateFakeSignature(certificate);
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700190
191 BOOST_CHECK_EQUAL(certificate.isValid(), true);
192 BOOST_CHECK_EQUAL(certificate.isValid(time::fromIsoString("20141111T045959")), false);
193 BOOST_CHECK_EQUAL(certificate.isValid(time::fromIsoString("20141111T060001")), false);
194}
195
196// This fixture prepares a well-formed certificate. A test case then modifies one of the
197// fields, and verifies the Certificate class correctly identifies the certificate as
198// malformed.
199class InvalidCertFixture
200{
201public:
202 InvalidCertFixture()
203 {
Davide Pesaventofbea4fc2022-02-08 07:26:04 -0500204 Certificate certBase(Block{CERT});
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700205 m_certBase = Data(certBase);
Eric Newberrya3c8bd12020-05-15 17:27:07 -0700206 generateFakeSignature(m_certBase);
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700207
Davide Pesaventodd0724b2022-04-18 00:30:05 -0400208 BOOST_REQUIRE_NO_THROW(Certificate{m_certBase});
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700209 }
210
Davide Pesaventodd0724b2022-04-18 00:30:05 -0400211protected:
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700212 Data m_certBase;
213};
214
215BOOST_FIXTURE_TEST_CASE(InvalidName, InvalidCertFixture)
216{
217 Data data(m_certBase);
218 data.setName("/ndn/site1/ksk-1416425377094/0123/%FD%00%00%01I%C9%8B");
Eric Newberrya3c8bd12020-05-15 17:27:07 -0700219 generateFakeSignature(data);
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700220
221 BOOST_CHECK_THROW((Certificate(data)), Certificate::Error);
222 BOOST_CHECK_THROW((Certificate(std::move(data))), Certificate::Error);
223}
224
225BOOST_FIXTURE_TEST_CASE(InvalidType, InvalidCertFixture)
226{
227 Data data(m_certBase);
228 data.setContentType(tlv::ContentType_Blob);
Eric Newberrya3c8bd12020-05-15 17:27:07 -0700229 generateFakeSignature(data);
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700230
231 BOOST_CHECK_THROW((Certificate(data)), Certificate::Error);
232 BOOST_CHECK_THROW((Certificate(std::move(data))), Certificate::Error);
233}
234
235BOOST_FIXTURE_TEST_CASE(EmptyContent, InvalidCertFixture)
236{
237 Data data(m_certBase);
Davide Pesaventoa3d809e2022-02-06 11:55:02 -0500238 data.setContent(span<uint8_t>{});
Eric Newberrya3c8bd12020-05-15 17:27:07 -0700239 generateFakeSignature(data);
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700240
Davide Pesaventoa3d809e2022-02-06 11:55:02 -0500241 BOOST_CHECK_THROW(Certificate{data}, Certificate::Error);
242 BOOST_CHECK_THROW(Certificate{std::move(data)}, Certificate::Error);
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700243
244 Certificate cert(m_certBase);
Davide Pesaventoa3d809e2022-02-06 11:55:02 -0500245 cert.setContent(span<uint8_t>{});
Eric Newberrya3c8bd12020-05-15 17:27:07 -0700246 generateFakeSignature(cert);
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700247 BOOST_CHECK_THROW(cert.getPublicKey(), Certificate::Error);
248}
249
Davide Pesaventodd0724b2022-04-18 00:30:05 -0400250BOOST_AUTO_TEST_CASE(Print)
Alexander Afanasyev5f1820e2017-01-04 18:12:42 -0800251{
Davide Pesaventodd0724b2022-04-18 00:30:05 -0400252 const std::string expected1(
253R"TXT(Certificate Name:
254 /
255Public Key:
256 Key Type: Unknown (0 bytes)
257Signature Information:
258 Signature Type: Unknown(65535)
259)TXT");
260
261 Certificate cert1;
262 BOOST_CHECK_EQUAL(boost::lexical_cast<std::string>(cert1), expected1);
263
264 const std::string expected2(
265R"TXT(Certificate Name:
Alexander Afanasyev5f1820e2017-01-04 18:12:42 -0800266 /ndn/site1/KEY/ksk-1416425377094/0123/%FD%00%00%01I%C9%8B
Davide Pesaventodd0724b2022-04-18 00:30:05 -0400267Public Key:
268 Key Type: 1024-bit RSA
Alexander Afanasyev5f1820e2017-01-04 18:12:42 -0800269 MIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQCeBj5HhbI0N6qFR6wDJIO1nKgF
270 OiQe64kBu+mbssMirGjj8GwCzmimxNCnBpCcqhsIHYtDmjNnRG0hoxuImpdeWcQV
271 C9ksvVEHYYKtwbjXv5vPfSTCY/OXF+v+YiW6W02Kwnq9Q4qPuPLxxWow01CMyJrf
272 7+0153pi6nZ8uwgmxwIBEQ==
Davide Pesaventodd0724b2022-04-18 00:30:05 -0400273Validity:
274 Not Before: 2015-08-14T22:37:39
275 Not After: 2015-08-18T22:37:38
Alexander Afanasyev5f1820e2017-01-04 18:12:42 -0800276Signature Information:
277 Signature Type: SignatureSha256WithRsa
278 Key Locator: Name=/ndn/site1/KEY/ksk-2516425377094
Davide Pesaventodd0724b2022-04-18 00:30:05 -0400279)TXT");
Alexander Afanasyev5f1820e2017-01-04 18:12:42 -0800280
Davide Pesaventodd0724b2022-04-18 00:30:05 -0400281 Certificate cert2(Block{CERT});
282 BOOST_CHECK_EQUAL(boost::lexical_cast<std::string>(cert2), expected2);
Alexander Afanasyev5f1820e2017-01-04 18:12:42 -0800283
Davide Pesaventodd0724b2022-04-18 00:30:05 -0400284 const std::string expected3(
285R"TXT(Certificate Name:
286 /ndn/test/identity/KEY/%C7G%3A%D6%12P%B5%F0/self/v=1650251820652
287Public Key:
288 Key Type: 256-bit EC
289 MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnoGVuhO+9JnIRo6QSgJin8RgA8Gh
290 RN9oVbnXi2rAJa4jq1yuCKaLeOt2sdXlkW6uBByOhbTuDdovlbIUsJ8bhg==
291Validity:
292 Not Before: 1970-01-01T00:00:00
293 Not After: 2042-04-13T03:17:00
294Signature Information:
295 Signature Type: SignatureSha256WithEcdsa
296 Key Locator: Name=/ndn/test/identity/KEY/%C7G%3A%D6%12P%B5%F0
297 Self-Signed: yes
298)TXT");
299
300 std::istringstream is(
301R"BASE64(Bv0BPgc0CANuZG4IBHRlc3QICGlkZW50aXR5CANLRVkICMdHOtYSULXwCARzZWxm
302NggAAAGAOqxubBQJGAECGQQANu6AFVswWTATBgcqhkjOPQIBBggqhkjOPQMBBwNC
303AASegZW6E770mchGjpBKAmKfxGADwaFE32hVudeLasAlriOrXK4Ipot463ax1eWR
304bq4EHI6FtO4N2i+VshSwnxuGFlUbAQMcJgckCANuZG4IBHRlc3QICGlkZW50aXR5
305CANLRVkICMdHOtYSULXw/QD9Jv0A/g8xOTcwMDEwMVQwMDAwMDD9AP8PMjA0MjA0
306MTNUMDMxNzAwF0cwRQIgFRnwthtzKdqRgO3cZMNA1hfT3QcNu/+xjo7hUy+UvdsC
307IQCz3DHoRtKl7uZoJOgQsZP1/CGkNjlGZE3EQ+Ylwiprrw==)BASE64");
308 Certificate cert3 = io::loadTlv<Certificate>(is, io::BASE64);
309 BOOST_CHECK_EQUAL(boost::lexical_cast<std::string>(cert3), expected3);
310
311 const std::string expected4(
312R"TXT(Certificate Name:
313 /ndn/test/identity/KEY/%C7G%3A%D6%12P%B5%F0/self/v=1650251820652
314Public Key:
315 Key Type: Unknown (23 bytes)
316 bm90IGEgdmFsaWQgcHVibGljIGtleQA=
317Validity:
318 Not Before: 1970-01-01T00:00:00
319 Not After: 2042-04-13T03:17:00
320Signature Information:
321 Signature Type: SignatureSha256WithEcdsa
322 Key Locator: Name=/ndn/test/identity/KEY/%C7G%3A%D6%12P%B5%F0
323 Self-Signed: yes
324)TXT");
325
326 const uint8_t notAKey[] = "not a valid public key";
327 Certificate cert4(cert3);
328 cert4.setContent(notAKey);
329 BOOST_CHECK_EQUAL(boost::lexical_cast<std::string>(cert4), expected4);
330
331 const std::string expected5(
332R"TXT(Certificate Name:
333 /ndn/test/identity/KEY/%C7G%3A%D6%12P%B5%F0/self/v=1650251820652
334Additional Description:
335 bWFsZm9ybWVk
336Public Key:
337 Key Type: 256-bit EC
338 MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnoGVuhO+9JnIRo6QSgJin8RgA8Gh
339 RN9oVbnXi2rAJa4jq1yuCKaLeOt2sdXlkW6uBByOhbTuDdovlbIUsJ8bhg==
340Validity:
341 Not Before: 1970-01-01T00:00:00
342 Not After: 2042-04-13T03:17:00
343Signature Information:
344 Signature Type: SignatureSha256WithEcdsa
345 Key Locator: KeyDigest=0000000000000000
346)TXT");
347
348 auto sigInfo = cert3.getSignatureInfo();
349 sigInfo.addCustomTlv(makeStringBlock(tlv::AdditionalDescription, "malformed"));
350 sigInfo.setKeyLocator(KeyLocator().setKeyDigest(std::make_shared<Buffer>(8)));
351 Certificate cert5(cert3);
352 cert5.setSignatureInfo(sigInfo);
353 BOOST_CHECK_EQUAL(boost::lexical_cast<std::string>(cert5), expected5);
354
355 const std::string expected6(
356R"TXT(Certificate Name:
357 /ndn/test/identity/KEY/%C7G%3A%D6%12P%B5%F0/self/v=1650251820652
358Public Key:
359 Key Type: 256-bit EC
360 MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnoGVuhO+9JnIRo6QSgJin8RgA8Gh
361 RN9oVbnXi2rAJa4jq1yuCKaLeOt2sdXlkW6uBByOhbTuDdovlbIUsJ8bhg==
362Signature Information:
363 Signature Type: DigestSha256
364)TXT");
365
366 sigInfo.removeCustomTlv(tlv::AdditionalDescription);
367 sigInfo.addCustomTlv(makeStringBlock(tlv::ValidityPeriod, "malformed"));
368 sigInfo.setSignatureType(tlv::DigestSha256);
369 sigInfo.setKeyLocator(nullopt);
370 Certificate cert6(cert3);
371 cert6.setSignatureInfo(sigInfo);
372 BOOST_CHECK_EQUAL(boost::lexical_cast<std::string>(cert6), expected6);
Alexander Afanasyev5f1820e2017-01-04 18:12:42 -0800373}
374
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700375BOOST_AUTO_TEST_SUITE_END() // TestCertificate
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700376BOOST_AUTO_TEST_SUITE_END() // Security
377
378} // namespace tests
Alexander Afanasyev09236c22020-06-03 13:42:38 -0400379} // inline namespace v2
Zhiyi Zhangf4bb5c72015-08-19 19:02:51 -0700380} // namespace security
381} // namespace ndn