Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / 59d67a50e7a4597cb718052a258bf465b966ddb5 / . / tests-integrated / security / test-validator-config.cpp
blob: 243273977c5c9ec685559aa06c9983d28526ac24 [file] [log] [blame]
Yingdi Yu48e8c0c2014-03-19 12:01:55 -0700[diff] [blame]1/**
2 * Copyright (C) 2013 Regents of the University of California.
3 * @author: Yingdi Yu <yingdi0@cs.ucla.edu>
4 * See COPYING for copyright and distribution information.
5 */
6
7#include "security/validator-config.hpp"
8
Yingdi Yu48e8c0c2014-03-19 12:01:55 -0700[diff] [blame]9#include "security/key-chain.hpp"
10#include "util/io.hpp"
11
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]12#include "boost-test.hpp"
Yingdi Yu48e8c0c2014-03-19 12:01:55 -0700[diff] [blame]13
14using namespace std;
15
16namespace ndn {
17
18BOOST_AUTO_TEST_SUITE(TestValidatorConfig)
19
20void
21onValidated(const shared_ptr<const Data>& data)
22{
23 BOOST_CHECK(true);
24}
25
26void
27onValidationFailed(const shared_ptr<const Data>& data, const string& failureInfo)
28{
29 std::cerr << "Failure Info: " << failureInfo << std::endl;
30 BOOST_CHECK(false);
31}
32
33void
34onIntentionalFailureValidated(const shared_ptr<const Data>& data)
35{
36 BOOST_CHECK(false);
37}
38
39void
40onIntentionalFailureInvalidated(const shared_ptr<const Data>& data, const string& failureInfo)
41{
42 BOOST_CHECK(true);
43}
44
45void
46onValidated2(const shared_ptr<const Interest>& interest)
47{
48 BOOST_CHECK(true);
49}
50
51void
52onValidationFailed2(const shared_ptr<const Interest>& interest, const string& failureInfo)
53{
54 std::cerr << "Interest Name: " << interest->getName() << std::endl;
55 std::cerr << "Failure Info: " << failureInfo << std::endl;
56 BOOST_CHECK(false);
57}
58
59void
60onIntentionalFailureValidated2(const shared_ptr<const Interest>& interest)
61{
62 BOOST_CHECK(false);
63}
64
65void
66onIntentionalFailureInvalidated2(const shared_ptr<const Interest>& interest,
67 const string& failureInfo)
68{
69 BOOST_CHECK(true);
70}
71
72BOOST_AUTO_TEST_CASE(NameFilter)
73{
74 KeyChain keyChain;
75
76 Name identity("/TestValidatorConfig/NameFilter");
77 identity.appendVersion();
78 BOOST_REQUIRE_NO_THROW(keyChain.createIdentity(identity));
79 Name certName = keyChain.getDefaultCertificateNameForIdentity(identity);
80 shared_ptr<IdentityCertificate> idCert = keyChain.getCertificate(certName);
81 io::save(*idCert, "trust-anchor-1.cert");
82
83 Name dataName1("/simple/equal");
84 shared_ptr<Data> data1 = make_shared<Data>(dataName1);
85 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data1, identity));
86
87 Name dataName2("/simple/different");
88 shared_ptr<Data> data2 = make_shared<Data>(dataName2);
89 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data2, identity));
90
91 std::string CONFIG_1 =
92 "rule\n"
93 "{\n"
94 " id \"Simple Rule\"\n"
95 " for data\n"
96 " filter"
97 " {\n"
98 " type name\n"
99 " name /simple/equal\n"
100 " relation equal\n"
101 " }\n"
102 " checker\n"
103 " {\n"
104 " type customized\n"
105 " sig-type rsa-sha256\n"
106 " key-locator\n"
107 " {\n"
108 " type name\n"
109 " name ";
110
111 std::string CONFIG_2 =
112 "\n"
113 " relation equal\n"
114 " }\n"
115 " }\n"
116 "}\n"
117 "trust-anchor\n"
118 "{\n"
119 " type file\n"
120 " file-name \"trust-anchor-1.cert\"\n"
121 "}\n";
122 const std::string CONFIG = CONFIG_1 + certName.getPrefix(-1).toUri() + CONFIG_2;
123
124 const boost::filesystem::path CONFIG_PATH =
125 (boost::filesystem::current_path() / std::string("unit-test-nfd.conf"));
126
127
128 shared_ptr<Face> face = make_shared<Face>();
129 ValidatorConfig validator(face);
130 validator.load(CONFIG, CONFIG_PATH.native());
131
132 validator.validate(*data1,
133 bind(&onValidated, _1),
134 bind(&onValidationFailed, _1, _2));
135
136 validator.validate(*data2,
137 bind(&onIntentionalFailureValidated, _1),
138 bind(&onIntentionalFailureInvalidated, _1, _2));
139
140 keyChain.deleteIdentity(identity);
141
142 const boost::filesystem::path CERT_PATH =
143 (boost::filesystem::current_path() / std::string("trust-anchor-1.cert"));
144 boost::filesystem::remove(CERT_PATH);
145}
146
147BOOST_AUTO_TEST_CASE(NameFilter2)
148{
149 KeyChain keyChain;
150
151 Name identity("/TestValidatorConfig/NameFilter2");
152 identity.appendVersion();
153 BOOST_REQUIRE_NO_THROW(keyChain.createIdentity(identity));
154 Name certName = keyChain.getDefaultCertificateNameForIdentity(identity);
155 shared_ptr<IdentityCertificate> idCert = keyChain.getCertificate(certName);
156 io::save(*idCert, "trust-anchor-2.cert");
157
158 Name dataName1("/simple/isPrefixOf");
159 shared_ptr<Data> data1 = make_shared<Data>(dataName1);
160 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data1, identity));
161
162 Name dataName2("/simple/notPrefixOf");
163 shared_ptr<Data> data2 = make_shared<Data>(dataName2);
164 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data2, identity));
165
166 Name dataName3("/simple/isPrefixOf/anotherLevel");
167 shared_ptr<Data> data3 = make_shared<Data>(dataName3);
168 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data3, identity));
169
170 std::string CONFIG_1 =
171 "rule\n"
172 "{\n"
173 " id \"Simple2 Rule\"\n"
174 " for data\n"
175 " filter"
176 " {\n"
177 " type name\n"
178 " name /simple/isPrefixOf\n"
179 " relation is-prefix-of\n"
180 " }\n"
181 " checker\n"
182 " {\n"
183 " type customized\n"
184 " sig-type rsa-sha256\n"
185 " key-locator\n"
186 " {\n"
187 " type name\n"
188 " name ";
189
190 std::string CONFIG_2 =
191 "\n"
192 " relation equal\n"
193 " }\n"
194 " }\n"
195 "}\n"
196 "trust-anchor\n"
197 "{\n"
198 " type file\n"
199 " file-name \"trust-anchor-2.cert\"\n"
200 "}\n";
201 const std::string CONFIG = CONFIG_1 + certName.getPrefix(-1).toUri() + CONFIG_2;
202
203 const boost::filesystem::path CONFIG_PATH =
204 (boost::filesystem::current_path() / std::string("unit-test-nfd.conf"));
205
206
207 shared_ptr<Face> face = make_shared<Face>();
208 ValidatorConfig validator(face);
209 validator.load(CONFIG, CONFIG_PATH.native());
210
211 validator.validate(*data1,
212 bind(&onValidated, _1),
213 bind(&onValidationFailed, _1, _2));
214
215 validator.validate(*data2,
216 bind(&onIntentionalFailureValidated, _1),
217 bind(&onIntentionalFailureInvalidated, _1, _2));
218
219 validator.validate(*data3,
220 bind(&onValidated, _1),
221 bind(&onValidationFailed, _1, _2));
222
223 keyChain.deleteIdentity(identity);
224
225 const boost::filesystem::path CERT_PATH =
226 (boost::filesystem::current_path() / std::string("trust-anchor-2.cert"));
227 boost::filesystem::remove(CERT_PATH);
228}
229
230BOOST_AUTO_TEST_CASE(NameFilter3)
231{
232 KeyChain keyChain;
233
234 Name identity("/TestValidatorConfig/NameFilter3");
235 identity.appendVersion();
236 BOOST_REQUIRE_NO_THROW(keyChain.createIdentity(identity));
237 Name certName = keyChain.getDefaultCertificateNameForIdentity(identity);
238 shared_ptr<IdentityCertificate> idCert = keyChain.getCertificate(certName);
239 io::save(*idCert, "trust-anchor-3.cert");
240
241 Name dataName1("/simple/isStrictPrefixOf");
242 shared_ptr<Data> data1 = make_shared<Data>(dataName1);
243 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data1, identity));
244
245 Name dataName2("/simple");
246 shared_ptr<Data> data2 = make_shared<Data>(dataName2);
247 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data2, identity));
248
249 Name dataName3("/simple/isStrictPrefixOf/anotherLevel");
250 shared_ptr<Data> data3 = make_shared<Data>(dataName3);
251 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data3, identity));
252
253 std::string CONFIG_1 =
254 "rule\n"
255 "{\n"
256 " id \"Simple3 Rule\"\n"
257 " for data\n"
258 " filter"
259 " {\n"
260 " type name\n"
261 " name /simple/isStrictPrefixOf\n"
262 " relation is-strict-prefix-of\n"
263 " }\n"
264 " checker\n"
265 " {\n"
266 " type customized\n"
267 " sig-type rsa-sha256\n"
268 " key-locator\n"
269 " {\n"
270 " type name\n"
271 " name ";
272
273 std::string CONFIG_2 =
274 "\n"
275 " relation equal\n"
276 " }\n"
277 " }\n"
278 "}\n"
279 "trust-anchor\n"
280 "{\n"
281 " type file\n"
282 " file-name \"trust-anchor-3.cert\"\n"
283 "}\n";
284 const std::string CONFIG = CONFIG_1 + certName.getPrefix(-1).toUri() + CONFIG_2;
285
286 const boost::filesystem::path CONFIG_PATH =
287 (boost::filesystem::current_path() / std::string("unit-test-nfd.conf"));
288
289
290 shared_ptr<Face> face = make_shared<Face>();
291 ValidatorConfig validator(face);
292 validator.load(CONFIG, CONFIG_PATH.native());
293
294 validator.validate(*data1,
295 bind(&onIntentionalFailureValidated, _1),
296 bind(&onIntentionalFailureInvalidated, _1, _2));
297
298 validator.validate(*data2,
299 bind(&onIntentionalFailureValidated, _1),
300 bind(&onIntentionalFailureInvalidated, _1, _2));
301
302 validator.validate(*data3,
303 bind(&onValidated, _1),
304 bind(&onValidationFailed, _1, _2));
305
306 keyChain.deleteIdentity(identity);
307
308 const boost::filesystem::path CERT_PATH =
309 (boost::filesystem::current_path() / std::string("trust-anchor-3.cert"));
310 boost::filesystem::remove(CERT_PATH);
311}
312
313BOOST_AUTO_TEST_CASE(NameFilter4)
314{
315 KeyChain keyChain;
316
317 Name identity("/TestValidatorConfig/NameFilter4");
318 identity.appendVersion();
319 BOOST_REQUIRE_NO_THROW(keyChain.createIdentity(identity));
320 Name certName = keyChain.getDefaultCertificateNameForIdentity(identity);
321 shared_ptr<IdentityCertificate> idCert = keyChain.getCertificate(certName);
322 io::save(*idCert, "trust-anchor-4.cert");
323
324 Name dataName1("/simple/regex");
325 shared_ptr<Data> data1 = make_shared<Data>(dataName1);
326 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data1, identity));
327
328 Name dataName2("/simple/regex-wrong");
329 shared_ptr<Data> data2 = make_shared<Data>(dataName2);
330 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data2, identity));
331
332 Name dataName3("/simple/regex/correct");
333 shared_ptr<Data> data3 = make_shared<Data>(dataName3);
334 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data3, identity));
335
336 std::string CONFIG_1 =
337 "rule\n"
338 "{\n"
339 " id \"Simple3 Rule\"\n"
340 " for data\n"
341 " filter"
342 " {\n"
343 " type name\n"
344 " regex ^<simple><regex>\n"
345 " }\n"
346 " checker\n"
347 " {\n"
348 " type customized\n"
349 " sig-type rsa-sha256\n"
350 " key-locator\n"
351 " {\n"
352 " type name\n"
353 " name ";
354
355 std::string CONFIG_2 =
356 "\n"
357 " relation equal\n"
358 " }\n"
359 " }\n"
360 "}\n"
361 "trust-anchor\n"
362 "{\n"
363 " type file\n"
364 " file-name \"trust-anchor-4.cert\"\n"
365 "}\n";
366 const std::string CONFIG = CONFIG_1 + certName.getPrefix(-1).toUri() + CONFIG_2;
367
368 const boost::filesystem::path CONFIG_PATH =
369 (boost::filesystem::current_path() / std::string("unit-test-nfd.conf"));
370
371
372 shared_ptr<Face> face = make_shared<Face>();
373 ValidatorConfig validator(face);
374 validator.load(CONFIG, CONFIG_PATH.native());
375
376 validator.validate(*data1,
377 bind(&onValidated, _1),
378 bind(&onValidationFailed, _1, _2));
379
380 validator.validate(*data2,
381 bind(&onIntentionalFailureValidated, _1),
382 bind(&onIntentionalFailureInvalidated, _1, _2));
383
384 validator.validate(*data3,
385 bind(&onValidated, _1),
386 bind(&onValidationFailed, _1, _2));
387
388 keyChain.deleteIdentity(identity);
389
390 const boost::filesystem::path CERT_PATH =
391 (boost::filesystem::current_path() / std::string("trust-anchor-4.cert"));
392 boost::filesystem::remove(CERT_PATH);
393}
394
395BOOST_AUTO_TEST_CASE(KeyLocatorNameChecker1)
396{
397 KeyChain keyChain;
398
399 Name identity("/TestValidatorConfig/KeyLocatorNameChecker1");
400 identity.appendVersion();
401 BOOST_REQUIRE_NO_THROW(keyChain.createIdentity(identity));
402 Name certName = keyChain.getDefaultCertificateNameForIdentity(identity);
403 shared_ptr<IdentityCertificate> idCert = keyChain.getCertificate(certName);
404 io::save(*idCert, "trust-anchor-5.cert");
405
406 Name dataName1 = identity;
407 dataName1.append("1");
408 shared_ptr<Data> data1 = make_shared<Data>(dataName1);
409 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data1, identity));
410
411 Name dataName2 = identity;
412 shared_ptr<Data> data2 = make_shared<Data>(dataName2);
413 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data2, identity));
414
415 Name dataName3("/TestValidatorConfig/KeyLocatorNameChecker1");
416 shared_ptr<Data> data3 = make_shared<Data>(dataName3);
417 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data3, identity));
418
419 const std::string CONFIG =
420 "rule\n"
421 "{\n"
422 " id \"Simple3 Rule\"\n"
423 " for data\n"
424 " checker\n"
425 " {\n"
426 " type customized\n"
427 " sig-type rsa-sha256\n"
428 " key-locator\n"
429 " {\n"
430 " type name\n"
431 " hyper-relation\n"
432 " {\n"
433 " k-regex ^([^<KEY>]*)<KEY>(<>*)<><ID-CERT>$\n"
434 " k-expand \\\\1\\\\2\n"
435 " h-relation is-strict-prefix-of\n"
436 " p-regex ^(<>*)$\n"
437 " p-expand \\\\1\n"
438 " }\n"
439 " }\n"
440 " }\n"
441 "}\n"
442 "trust-anchor\n"
443 "{\n"
444 " type file\n"
445 " file-name \"trust-anchor-5.cert\"\n"
446 "}\n";
447 const boost::filesystem::path CONFIG_PATH =
448 (boost::filesystem::current_path() / std::string("unit-test-nfd.conf"));
449
450
451 shared_ptr<Face> face = make_shared<Face>();
452 ValidatorConfig validator(face);
453 validator.load(CONFIG, CONFIG_PATH.native());
454
455 validator.validate(*data1,
456 bind(&onValidated, _1),
457 bind(&onValidationFailed, _1, _2));
458
459 validator.validate(*data2,
460 bind(&onIntentionalFailureValidated, _1),
461 bind(&onIntentionalFailureInvalidated, _1, _2));
462
463 validator.validate(*data3,
464 bind(&onIntentionalFailureValidated, _1),
465 bind(&onIntentionalFailureInvalidated, _1, _2));
466
467 keyChain.deleteIdentity(identity);
468
469 const boost::filesystem::path CERT_PATH =
470 (boost::filesystem::current_path() / std::string("trust-anchor-5.cert"));
471 boost::filesystem::remove(CERT_PATH);
472}
473
474struct FacesFixture
475{
476 FacesFixture()
477 : regPrefixId(0)
478 , regPrefixId2(0)
479 {}
480
481 void
482 onInterest(shared_ptr<Face> face, shared_ptr<Data> data)
483 {
484 face->put(*data);
485 face->unsetInterestFilter(regPrefixId);
486 }
487
488 void
489 onInterest2(shared_ptr<Face> face, shared_ptr<Data> data)
490 {
491 face->put(*data);
492 face->unsetInterestFilter(regPrefixId2);
493 }
494
495 void
496 onRegFailed()
497 {}
498
499 void
500 validate1(shared_ptr<ValidatorConfig> validator, shared_ptr<Data> data)
501 {
502 validator->validate(*data,
503 bind(&onValidated, _1),
504 bind(&onValidationFailed, _1, _2));
505 }
506
507 void
508 validate2(shared_ptr<ValidatorConfig> validator, shared_ptr<Data> data)
509 {
510 validator->validate(*data,
511 bind(&onIntentionalFailureValidated, _1),
512 bind(&onIntentionalFailureInvalidated, _1, _2));
513 }
514
515 void
516 validate3(shared_ptr<ValidatorConfig> validator, shared_ptr<Interest> interest)
517 {
518 validator->validate(*interest,
519 bind(&onValidated2, _1),
520 bind(&onValidationFailed2, _1, _2));
521 }
522
523 void
524 validate4(shared_ptr<ValidatorConfig> validator, shared_ptr<Interest> interest)
525 {
526 validator->validate(*interest,
527 bind(&onIntentionalFailureValidated2, _1),
528 bind(&onIntentionalFailureInvalidated2, _1, _2));
529 }
530
531 void
532 terminate(shared_ptr<Face> face)
533 {
534 face->ioService()->stop();
535 }
536
537 const RegisteredPrefixId* regPrefixId;
538 const RegisteredPrefixId* regPrefixId2;
539};
540
541BOOST_FIXTURE_TEST_CASE(HierarchicalChecker, FacesFixture)
542{
543 KeyChain keyChain;
544 std::vector<CertificateSubjectDescription> subjectDescription;
545
546 Name root("/TestValidatorConfig");
547 Name rootCertName = keyChain.createIdentity(root);
548 shared_ptr<IdentityCertificate> rootCert =
549 keyChain.getCertificate(rootCertName);
550 io::save(*rootCert, "trust-anchor-6.cert");
551
552
553 Name sld("/TestValidatorConfig/HierarchicalChecker");
554 Name sldKeyName = keyChain.generateRSAKeyPairAsDefault(sld, true);
555 shared_ptr<IdentityCertificate> sldCert =
556 keyChain.prepareUnsignedIdentityCertificate(sldKeyName,
557 root,
558 time::system_clock::now(),
559 time::system_clock::now() + time::days(7300),
560 subjectDescription);
561 keyChain.signByIdentity(*sldCert, root);
562 keyChain.addCertificateAsIdentityDefault(*sldCert);
563
564 Name nld("/TestValidatorConfig/HierarchicalChecker/NextLevel");
565 Name nldKeyName = keyChain.generateRSAKeyPairAsDefault(nld, true);
566 shared_ptr<IdentityCertificate> nldCert =
567 keyChain.prepareUnsignedIdentityCertificate(nldKeyName,
568 sld,
569 time::system_clock::now(),
570 time::system_clock::now() + time::days(7300),
571 subjectDescription);
572 keyChain.signByIdentity(*nldCert, sld);
573 keyChain.addCertificateAsIdentityDefault(*nldCert);
574
575 shared_ptr<Face> face = make_shared<Face>();
576 shared_ptr<Face> face2 = shared_ptr<Face>(new Face(face->ioService()));
577 Scheduler scheduler(*face->ioService());
578
579 scheduler.scheduleEvent(time::seconds(1),
580 bind(&FacesFixture::terminate, this, face));
581
582 regPrefixId = face->setInterestFilter(sldCert->getName().getPrefix(-1),
583 bind(&FacesFixture::onInterest, this, face, sldCert),
584 bind(&FacesFixture::onRegFailed, this));
585
586 regPrefixId2 = face->setInterestFilter(nldCert->getName().getPrefix(-1),
587 bind(&FacesFixture::onInterest2, this, face, nldCert),
588 bind(&FacesFixture::onRegFailed, this));
589
590 Name dataName1 = nld;
591 dataName1.append("data1");
592 shared_ptr<Data> data1 = make_shared<Data>(dataName1);
593 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data1, nld));
594
595 Name dataName2("/ConfValidatorTest");
596 dataName2.append("data1");
597 shared_ptr<Data> data2 = make_shared<Data>(dataName2);
598 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data2, nld));
599
600
601 const std::string CONFIG =
602 "rule\n"
603 "{\n"
604 " id \"Simple3 Rule\"\n"
605 " for data\n"
606 " checker\n"
607 " {\n"
608 " type hierarchical\n"
609 " sig-type rsa-sha256\n"
610 " }\n"
611 "}\n"
612 "trust-anchor\n"
613 "{\n"
614 " type file\n"
615 " file-name \"trust-anchor-6.cert\"\n"
616 "}\n";
617 const boost::filesystem::path CONFIG_PATH =
618 (boost::filesystem::current_path() / std::string("unit-test-nfd.conf"));
619
620
621 shared_ptr<ValidatorConfig> validator = shared_ptr<ValidatorConfig>(new ValidatorConfig(face2));
622 validator->load(CONFIG, CONFIG_PATH.native());
623
624 scheduler.scheduleEvent(time::milliseconds(200),
625 bind(&FacesFixture::validate1, this,
626 validator, data1));
627
628 scheduler.scheduleEvent(time::milliseconds(400),
629 bind(&FacesFixture::validate2, this,
630 validator, data2));
631
632 BOOST_REQUIRE_NO_THROW(face->processEvents());
633
634 keyChain.deleteIdentity(root);
635 keyChain.deleteIdentity(sld);
636 keyChain.deleteIdentity(nld);
637
638 const boost::filesystem::path CERT_PATH =
639 (boost::filesystem::current_path() / std::string("trust-anchor-6.cert"));
640 boost::filesystem::remove(CERT_PATH);
641}
642
643BOOST_AUTO_TEST_CASE(FixedSingerChecker)
644{
645 KeyChain keyChain;
646
647 Name identity("/TestValidatorConfig/FixedSingerChecker");
648
649 Name identity1 = identity;
650 identity1.append("1").appendVersion();
651 BOOST_REQUIRE_NO_THROW(keyChain.createIdentity(identity1));
652 Name certName1 = keyChain.getDefaultCertificateNameForIdentity(identity1);
653 shared_ptr<IdentityCertificate> idCert1 = keyChain.getCertificate(certName1);
654 io::save(*idCert1, "trust-anchor-7.cert");
655
656 Name identity2 = identity;
657 identity2.append("2").appendVersion();
658 BOOST_REQUIRE_NO_THROW(keyChain.createIdentity(identity2));
659
660 Name dataName1 = identity;
661 dataName1.append("data").appendVersion();
662 shared_ptr<Data> data1 = make_shared<Data>(dataName1);
663 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data1, identity1));
664
665 Name dataName2 = identity;
666 dataName2.append("data").appendVersion();
667 shared_ptr<Data> data2 = make_shared<Data>(dataName2);
668 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data2, identity2));
669
670 const std::string CONFIG =
671 "rule\n"
672 "{\n"
673 " id \"Simple3 Rule\"\n"
674 " for data\n"
675 " filter"
676 " {\n"
677 " type name\n"
678 " name /TestValidatorConfig/FixedSingerChecker\n"
679 " relation is-strict-prefix-of\n"
680 " }\n"
681 " checker\n"
682 " {\n"
683 " type fixed-signer\n"
684 " sig-type rsa-sha256\n"
685 " signer\n"
686 " {\n"
687 " type file\n"
688 " file-name \"trust-anchor-7.cert\"\n"
689 " }\n"
690 " }\n"
691 "}\n";
692 const boost::filesystem::path CONFIG_PATH =
693 (boost::filesystem::current_path() / std::string("unit-test-nfd.conf"));
694
695
696 shared_ptr<Face> face = make_shared<Face>();
697 ValidatorConfig validator(face);
698 validator.load(CONFIG, CONFIG_PATH.native());
699
700 validator.validate(*data1,
701 bind(&onValidated, _1),
702 bind(&onValidationFailed, _1, _2));
703
704 validator.validate(*data2,
705 bind(&onIntentionalFailureValidated, _1),
706 bind(&onIntentionalFailureInvalidated, _1, _2));
707
708
709 keyChain.deleteIdentity(identity1);
710 keyChain.deleteIdentity(identity2);
711
712 const boost::filesystem::path CERT_PATH =
713 (boost::filesystem::current_path() / std::string("trust-anchor-7.cert"));
714 boost::filesystem::remove(CERT_PATH);
715}
716
717
718BOOST_FIXTURE_TEST_CASE(Nrd, FacesFixture)
719{
720 KeyChain keyChain;
721 std::vector<CertificateSubjectDescription> subjectDescription;
722
723 Name root("/TestValidatorConfig");
724 Name rootCertName = keyChain.createIdentity(root);
725 shared_ptr<IdentityCertificate> rootCert =
726 keyChain.getCertificate(rootCertName);
727 io::save(*rootCert, "trust-anchor-8.cert");
728
729
730 Name sld("/TestValidatorConfig/Nrd-1");
731 Name sldKeyName = keyChain.generateRSAKeyPairAsDefault(sld, true);
732 shared_ptr<IdentityCertificate> sldCert =
733 keyChain.prepareUnsignedIdentityCertificate(sldKeyName,
734 root,
735 time::system_clock::now(),
736 time::system_clock::now() + time::days(7300),
737 subjectDescription);
738 keyChain.signByIdentity(*sldCert, root);
739 keyChain.addCertificateAsIdentityDefault(*sldCert);
740
741 Name nld("/TestValidatorConfig/Nrd-1/Nrd-2");
742 Name nldKeyName = keyChain.generateRSAKeyPairAsDefault(nld, true);
743 shared_ptr<IdentityCertificate> nldCert =
744 keyChain.prepareUnsignedIdentityCertificate(nldKeyName,
745 sld,
746 time::system_clock::now(),
747 time::system_clock::now() + time::days(7300),
748 subjectDescription);
749 keyChain.signByIdentity(*nldCert, sld);
750 keyChain.addCertificateAsIdentityDefault(*nldCert);
751
752 shared_ptr<Face> face = make_shared<Face>();
753 shared_ptr<Face> face2 = shared_ptr<Face>(new Face(face->ioService()));
754 Scheduler scheduler(*face->ioService());
755
756 scheduler.scheduleEvent(time::seconds(1),
757 bind(&FacesFixture::terminate, this, face));
758
759 regPrefixId = face->setInterestFilter(sldCert->getName().getPrefix(-1),
760 bind(&FacesFixture::onInterest, this, face, sldCert),
761 bind(&FacesFixture::onRegFailed, this));
762
763 regPrefixId2 = face->setInterestFilter(nldCert->getName().getPrefix(-1),
764 bind(&FacesFixture::onInterest2, this, face, nldCert),
765 bind(&FacesFixture::onRegFailed, this));
766
767 Name interestName1("/localhost/nrd/register/option/timestamp/nonce");
768 shared_ptr<Interest> interest1 = make_shared<Interest>(interestName1);
769 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*interest1, nld));
770
771 Name interestName2("/localhost/nrd/non-register");
772 shared_ptr<Interest> interest2 = make_shared<Interest>(interestName2);
773 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*interest2, nld));
774
775
776 const std::string CONFIG =
777 "rule\n"
778 "{\n"
779 " id \"NRD Prefix Registration Command Rule\"\n"
780 " for interest\n"
781 " filter\n"
782 " {\n"
783 " type name\n"
784 " regex ^<localhost><nrd>[<register><unregister><advertise><withdraw>]<>{3}$\n"
785 " }\n"
786 " checker\n"
787 " {\n"
788 " type customized\n"
789 " sig-type rsa-sha256\n"
790 " key-locator\n"
791 " {\n"
792 " type name\n"
793 " regex ^[^<KEY>]*<KEY><>*<ksk-.*><ID-CERT>$\n"
794 " }\n"
795 " }\n"
796 "}\n"
797 "rule\n"
798 "{\n"
799 " id \"Testbed Hierarchy Rule\"\n"
800 " for data\n"
801 " filter\n"
802 " {\n"
803 " type name\n"
804 " regex ^[^<KEY>]*<KEY><>*<ksk-.*><ID-CERT><>$\n"
805 " }\n"
806 " checker\n"
807 " {\n"
808 " type hierarchical\n"
809 " sig-type rsa-sha256\n"
810 " }\n"
811 "}\n"
812 "trust-anchor\n"
813 "{\n"
814 " type file\n"
815 " file-name \"trust-anchor-8.cert\"\n"
816 "}\n";
817 const boost::filesystem::path CONFIG_PATH =
818 (boost::filesystem::current_path() / std::string("unit-test-nfd.conf"));
819
820
821 shared_ptr<ValidatorConfig> validator = shared_ptr<ValidatorConfig>(new ValidatorConfig(face2));
822 validator->load(CONFIG, CONFIG_PATH.native());
823
824 scheduler.scheduleEvent(time::milliseconds(200),
825 bind(&FacesFixture::validate3, this,
826 validator, interest1));
827
828 scheduler.scheduleEvent(time::milliseconds(400),
829 bind(&FacesFixture::validate4, this,
830 validator, interest2));
831
832 BOOST_REQUIRE_NO_THROW(face->processEvents());
833
834 keyChain.deleteIdentity(root);
835 keyChain.deleteIdentity(sld);
836 keyChain.deleteIdentity(nld);
837
838 const boost::filesystem::path CERT_PATH =
839 (boost::filesystem::current_path() / std::string("trust-anchor-8.cert"));
840 boost::filesystem::remove(CERT_PATH);
841}
842
843
844
845BOOST_AUTO_TEST_SUITE_END()
846
847} // namespace ndn