Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / 64c3fb454c50f4cad5619f6aeb00d49e69880a39 / . / tests / security / test-keychain.cpp
blob: 3e9b4fc7965c45f054d462c9c7260f348d225183 [file] [log] [blame]
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]1/**
2 * Copyright (C) 2013 Regents of the University of California.
3 * @author: Yingdi Yu <yingdi0@cs.ucla.edu>
4 * See COPYING for copyright and distribution information.
5 */
6
7#include <boost/test/unit_test.hpp>
8
9#include "security/key-chain.hpp"
10#include "util/time.hpp"
11
12using namespace std;
13
14namespace ndn {
15
16BOOST_AUTO_TEST_SUITE(TestKeyChain)
17
18BOOST_AUTO_TEST_CASE (ExportIdentity)
19{
20 KeyChainImpl<SecPublicInfoSqlite3, SecTpmFile> keyChain;
21
22 Name identity(string("/TestKeyChain/ExportIdentity/") + boost::lexical_cast<std::string>(time::now()));
23 keyChain.createIdentity(identity);
24
Yingdi Yu64c3fb42014-02-26 17:30:04 -0800[diff] [blame^]25 shared_ptr<SecuredBag> exported = keyChain.exportIdentity(identity, "1234");
26
27 Block block = exported->wireEncode();
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]28
29 Name keyName = keyChain.getDefaultKeyNameForIdentity(identity);
30 Name certName = keyChain.getDefaultCertificateNameForKey(keyName);
31
32 keyChain.deleteIdentity(identity);
33
34 BOOST_REQUIRE(keyChain.doesIdentityExist(identity) == false);
35 BOOST_REQUIRE(keyChain.doesPublicKeyExist(keyName) == false);
36 BOOST_REQUIRE(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE) == false);
37 BOOST_REQUIRE(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC) == false);
38 BOOST_REQUIRE(keyChain.doesCertificateExist(certName) == false);
39
Yingdi Yu64c3fb42014-02-26 17:30:04 -0800[diff] [blame^]40 SecuredBag imported;
41 imported.wireDecode(block);
42 keyChain.importIdentity(imported, "1234");
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]43
44 BOOST_REQUIRE(keyChain.doesIdentityExist(identity));
45 BOOST_REQUIRE(keyChain.doesPublicKeyExist(keyName));
46 BOOST_REQUIRE(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE));
47 BOOST_REQUIRE(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC));
48 BOOST_REQUIRE(keyChain.doesCertificateExist(certName));
49
50 keyChain.deleteIdentity(identity);
51
52 BOOST_REQUIRE(keyChain.doesIdentityExist(identity) == false);
53 BOOST_REQUIRE(keyChain.doesPublicKeyExist(keyName) == false);
54 BOOST_REQUIRE(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE) == false);
55 BOOST_REQUIRE(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC) == false);
56 BOOST_REQUIRE(keyChain.doesCertificateExist(certName) == false);
57}
58
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]59BOOST_AUTO_TEST_CASE (PrepareIdentityCertificate)
60{
61 KeyChainImpl<SecPublicInfoSqlite3, SecTpmFile> keyChain;
62
63 Name identity(string("/TestKeyChain/PrepareIdentityCertificate/") + boost::lexical_cast<std::string>(time::now()));
64 keyChain.createIdentity(identity);
65
66 vector<CertificateSubjectDescription> subjectDescription;
67 Name lowerIdentity = identity;
68 lowerIdentity.append("Lower").append(boost::lexical_cast<std::string>(time::now()));
69 Name lowerKeyName = keyChain.generateRSAKeyPair(lowerIdentity, true);
70 shared_ptr<IdentityCertificate> idCert
71 = keyChain.prepareUnsignedIdentityCertificate(lowerKeyName, identity,
72 time::now() / 1000000,
73 time::now() / 1000000 + 630720000,
74 subjectDescription);
75 BOOST_CHECK(static_cast<bool>(idCert));
76 BOOST_CHECK(idCert->getName().getPrefix(5) == Name().append(identity).append("KEY").append("Lower"));
77
78
79 Name anotherIdentity(string("/TestKeyChain/PrepareIdentityCertificate/Another/") + boost::lexical_cast<std::string>(time::now()));
80 Name anotherKeyName = keyChain.generateRSAKeyPair(anotherIdentity, true);
81 shared_ptr<IdentityCertificate> idCert2
82 = keyChain.prepareUnsignedIdentityCertificate(anotherKeyName, identity,
83 time::now() / 1000000,
84 time::now() / 1000000 + 630720000,
85 subjectDescription);
86 BOOST_CHECK(static_cast<bool>(idCert2));
87 BOOST_CHECK(idCert2->getName().getPrefix(5) == Name().append(anotherIdentity).append("KEY"));
88
89
90 Name wrongKeyName1;
91 shared_ptr<IdentityCertificate> idCert3
92 = keyChain.prepareUnsignedIdentityCertificate(wrongKeyName1, identity,
93 time::now() / 1000000,
94 time::now() / 1000000 + 630720000,
95 subjectDescription);
96 BOOST_CHECK(!static_cast<bool>(idCert3));
97
98
99 Name wrongKeyName2("/TestKeyChain/PrepareIdentityCertificate");
100 shared_ptr<IdentityCertificate> idCert4
101 = keyChain.prepareUnsignedIdentityCertificate(wrongKeyName2, identity,
102 time::now() / 1000000,
103 time::now() / 1000000 + 630720000,
104 subjectDescription);
105 BOOST_CHECK(!static_cast<bool>(idCert4));
106
107
108 Name wrongKeyName3("/TestKeyChain/PrepareIdentityCertificate/ksk-1234");
109 shared_ptr<IdentityCertificate> idCert5
110 = keyChain.prepareUnsignedIdentityCertificate(wrongKeyName3, identity,
111 time::now() / 1000000,
112 time::now() / 1000000 + 630720000,
113 subjectDescription);
114 BOOST_CHECK(!static_cast<bool>(idCert5));
115
116 keyChain.deleteIdentity(identity);
117 keyChain.deleteIdentity(lowerIdentity);
118 keyChain.deleteIdentity(anotherIdentity);
119}
120
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]121BOOST_AUTO_TEST_SUITE_END()
122
123} // namespace ndn