blob: 0e778db91a333e2e400015400e5875d1b064a099 [file] [log] [blame]
Yingdi Yu48e8c0c2014-03-19 12:01:55 -07001/**
2 * Copyright (C) 2013 Regents of the University of California.
3 * @author: Yingdi Yu <yingdi0@cs.ucla.edu>
4 * See COPYING for copyright and distribution information.
5 */
6
7#include "security/validator-config.hpp"
8
9#include <boost/test/unit_test.hpp>
10
11#include "security/key-chain.hpp"
12#include "util/io.hpp"
13
14
15using namespace std;
16
17namespace ndn {
18
19BOOST_AUTO_TEST_SUITE(TestValidatorConfig)
20
21void
22onValidated(const shared_ptr<const Data>& data)
23{
24 BOOST_CHECK(true);
25}
26
27void
28onValidationFailed(const shared_ptr<const Data>& data, const string& failureInfo)
29{
30 std::cerr << "Failure Info: " << failureInfo << std::endl;
31 BOOST_CHECK(false);
32}
33
34void
35onIntentionalFailureValidated(const shared_ptr<const Data>& data)
36{
37 BOOST_CHECK(false);
38}
39
40void
41onIntentionalFailureInvalidated(const shared_ptr<const Data>& data, const string& failureInfo)
42{
43 BOOST_CHECK(true);
44}
45
46void
47onValidated2(const shared_ptr<const Interest>& interest)
48{
49 BOOST_CHECK(true);
50}
51
52void
53onValidationFailed2(const shared_ptr<const Interest>& interest, const string& failureInfo)
54{
55 std::cerr << "Interest Name: " << interest->getName() << std::endl;
56 std::cerr << "Failure Info: " << failureInfo << std::endl;
57 BOOST_CHECK(false);
58}
59
60void
61onIntentionalFailureValidated2(const shared_ptr<const Interest>& interest)
62{
63 BOOST_CHECK(false);
64}
65
66void
67onIntentionalFailureInvalidated2(const shared_ptr<const Interest>& interest,
68 const string& failureInfo)
69{
70 BOOST_CHECK(true);
71}
72
73BOOST_AUTO_TEST_CASE(NameFilter)
74{
75 KeyChain keyChain;
76
77 Name identity("/TestValidatorConfig/NameFilter");
78 identity.appendVersion();
79 BOOST_REQUIRE_NO_THROW(keyChain.createIdentity(identity));
80 Name certName = keyChain.getDefaultCertificateNameForIdentity(identity);
81 shared_ptr<IdentityCertificate> idCert = keyChain.getCertificate(certName);
82 io::save(*idCert, "trust-anchor-1.cert");
83
84 Name dataName1("/simple/equal");
85 shared_ptr<Data> data1 = make_shared<Data>(dataName1);
86 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data1, identity));
87
88 Name dataName2("/simple/different");
89 shared_ptr<Data> data2 = make_shared<Data>(dataName2);
90 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data2, identity));
91
92 std::string CONFIG_1 =
93 "rule\n"
94 "{\n"
95 " id \"Simple Rule\"\n"
96 " for data\n"
97 " filter"
98 " {\n"
99 " type name\n"
100 " name /simple/equal\n"
101 " relation equal\n"
102 " }\n"
103 " checker\n"
104 " {\n"
105 " type customized\n"
106 " sig-type rsa-sha256\n"
107 " key-locator\n"
108 " {\n"
109 " type name\n"
110 " name ";
111
112 std::string CONFIG_2 =
113 "\n"
114 " relation equal\n"
115 " }\n"
116 " }\n"
117 "}\n"
118 "trust-anchor\n"
119 "{\n"
120 " type file\n"
121 " file-name \"trust-anchor-1.cert\"\n"
122 "}\n";
123 const std::string CONFIG = CONFIG_1 + certName.getPrefix(-1).toUri() + CONFIG_2;
124
125 const boost::filesystem::path CONFIG_PATH =
126 (boost::filesystem::current_path() / std::string("unit-test-nfd.conf"));
127
128
129 shared_ptr<Face> face = make_shared<Face>();
130 ValidatorConfig validator(face);
131 validator.load(CONFIG, CONFIG_PATH.native());
132
133 validator.validate(*data1,
134 bind(&onValidated, _1),
135 bind(&onValidationFailed, _1, _2));
136
137 validator.validate(*data2,
138 bind(&onIntentionalFailureValidated, _1),
139 bind(&onIntentionalFailureInvalidated, _1, _2));
140
141 keyChain.deleteIdentity(identity);
142
143 const boost::filesystem::path CERT_PATH =
144 (boost::filesystem::current_path() / std::string("trust-anchor-1.cert"));
145 boost::filesystem::remove(CERT_PATH);
146}
147
148BOOST_AUTO_TEST_CASE(NameFilter2)
149{
150 KeyChain keyChain;
151
152 Name identity("/TestValidatorConfig/NameFilter2");
153 identity.appendVersion();
154 BOOST_REQUIRE_NO_THROW(keyChain.createIdentity(identity));
155 Name certName = keyChain.getDefaultCertificateNameForIdentity(identity);
156 shared_ptr<IdentityCertificate> idCert = keyChain.getCertificate(certName);
157 io::save(*idCert, "trust-anchor-2.cert");
158
159 Name dataName1("/simple/isPrefixOf");
160 shared_ptr<Data> data1 = make_shared<Data>(dataName1);
161 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data1, identity));
162
163 Name dataName2("/simple/notPrefixOf");
164 shared_ptr<Data> data2 = make_shared<Data>(dataName2);
165 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data2, identity));
166
167 Name dataName3("/simple/isPrefixOf/anotherLevel");
168 shared_ptr<Data> data3 = make_shared<Data>(dataName3);
169 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data3, identity));
170
171 std::string CONFIG_1 =
172 "rule\n"
173 "{\n"
174 " id \"Simple2 Rule\"\n"
175 " for data\n"
176 " filter"
177 " {\n"
178 " type name\n"
179 " name /simple/isPrefixOf\n"
180 " relation is-prefix-of\n"
181 " }\n"
182 " checker\n"
183 " {\n"
184 " type customized\n"
185 " sig-type rsa-sha256\n"
186 " key-locator\n"
187 " {\n"
188 " type name\n"
189 " name ";
190
191 std::string CONFIG_2 =
192 "\n"
193 " relation equal\n"
194 " }\n"
195 " }\n"
196 "}\n"
197 "trust-anchor\n"
198 "{\n"
199 " type file\n"
200 " file-name \"trust-anchor-2.cert\"\n"
201 "}\n";
202 const std::string CONFIG = CONFIG_1 + certName.getPrefix(-1).toUri() + CONFIG_2;
203
204 const boost::filesystem::path CONFIG_PATH =
205 (boost::filesystem::current_path() / std::string("unit-test-nfd.conf"));
206
207
208 shared_ptr<Face> face = make_shared<Face>();
209 ValidatorConfig validator(face);
210 validator.load(CONFIG, CONFIG_PATH.native());
211
212 validator.validate(*data1,
213 bind(&onValidated, _1),
214 bind(&onValidationFailed, _1, _2));
215
216 validator.validate(*data2,
217 bind(&onIntentionalFailureValidated, _1),
218 bind(&onIntentionalFailureInvalidated, _1, _2));
219
220 validator.validate(*data3,
221 bind(&onValidated, _1),
222 bind(&onValidationFailed, _1, _2));
223
224 keyChain.deleteIdentity(identity);
225
226 const boost::filesystem::path CERT_PATH =
227 (boost::filesystem::current_path() / std::string("trust-anchor-2.cert"));
228 boost::filesystem::remove(CERT_PATH);
229}
230
231BOOST_AUTO_TEST_CASE(NameFilter3)
232{
233 KeyChain keyChain;
234
235 Name identity("/TestValidatorConfig/NameFilter3");
236 identity.appendVersion();
237 BOOST_REQUIRE_NO_THROW(keyChain.createIdentity(identity));
238 Name certName = keyChain.getDefaultCertificateNameForIdentity(identity);
239 shared_ptr<IdentityCertificate> idCert = keyChain.getCertificate(certName);
240 io::save(*idCert, "trust-anchor-3.cert");
241
242 Name dataName1("/simple/isStrictPrefixOf");
243 shared_ptr<Data> data1 = make_shared<Data>(dataName1);
244 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data1, identity));
245
246 Name dataName2("/simple");
247 shared_ptr<Data> data2 = make_shared<Data>(dataName2);
248 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data2, identity));
249
250 Name dataName3("/simple/isStrictPrefixOf/anotherLevel");
251 shared_ptr<Data> data3 = make_shared<Data>(dataName3);
252 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data3, identity));
253
254 std::string CONFIG_1 =
255 "rule\n"
256 "{\n"
257 " id \"Simple3 Rule\"\n"
258 " for data\n"
259 " filter"
260 " {\n"
261 " type name\n"
262 " name /simple/isStrictPrefixOf\n"
263 " relation is-strict-prefix-of\n"
264 " }\n"
265 " checker\n"
266 " {\n"
267 " type customized\n"
268 " sig-type rsa-sha256\n"
269 " key-locator\n"
270 " {\n"
271 " type name\n"
272 " name ";
273
274 std::string CONFIG_2 =
275 "\n"
276 " relation equal\n"
277 " }\n"
278 " }\n"
279 "}\n"
280 "trust-anchor\n"
281 "{\n"
282 " type file\n"
283 " file-name \"trust-anchor-3.cert\"\n"
284 "}\n";
285 const std::string CONFIG = CONFIG_1 + certName.getPrefix(-1).toUri() + CONFIG_2;
286
287 const boost::filesystem::path CONFIG_PATH =
288 (boost::filesystem::current_path() / std::string("unit-test-nfd.conf"));
289
290
291 shared_ptr<Face> face = make_shared<Face>();
292 ValidatorConfig validator(face);
293 validator.load(CONFIG, CONFIG_PATH.native());
294
295 validator.validate(*data1,
296 bind(&onIntentionalFailureValidated, _1),
297 bind(&onIntentionalFailureInvalidated, _1, _2));
298
299 validator.validate(*data2,
300 bind(&onIntentionalFailureValidated, _1),
301 bind(&onIntentionalFailureInvalidated, _1, _2));
302
303 validator.validate(*data3,
304 bind(&onValidated, _1),
305 bind(&onValidationFailed, _1, _2));
306
307 keyChain.deleteIdentity(identity);
308
309 const boost::filesystem::path CERT_PATH =
310 (boost::filesystem::current_path() / std::string("trust-anchor-3.cert"));
311 boost::filesystem::remove(CERT_PATH);
312}
313
314BOOST_AUTO_TEST_CASE(NameFilter4)
315{
316 KeyChain keyChain;
317
318 Name identity("/TestValidatorConfig/NameFilter4");
319 identity.appendVersion();
320 BOOST_REQUIRE_NO_THROW(keyChain.createIdentity(identity));
321 Name certName = keyChain.getDefaultCertificateNameForIdentity(identity);
322 shared_ptr<IdentityCertificate> idCert = keyChain.getCertificate(certName);
323 io::save(*idCert, "trust-anchor-4.cert");
324
325 Name dataName1("/simple/regex");
326 shared_ptr<Data> data1 = make_shared<Data>(dataName1);
327 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data1, identity));
328
329 Name dataName2("/simple/regex-wrong");
330 shared_ptr<Data> data2 = make_shared<Data>(dataName2);
331 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data2, identity));
332
333 Name dataName3("/simple/regex/correct");
334 shared_ptr<Data> data3 = make_shared<Data>(dataName3);
335 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data3, identity));
336
337 std::string CONFIG_1 =
338 "rule\n"
339 "{\n"
340 " id \"Simple3 Rule\"\n"
341 " for data\n"
342 " filter"
343 " {\n"
344 " type name\n"
345 " regex ^<simple><regex>\n"
346 " }\n"
347 " checker\n"
348 " {\n"
349 " type customized\n"
350 " sig-type rsa-sha256\n"
351 " key-locator\n"
352 " {\n"
353 " type name\n"
354 " name ";
355
356 std::string CONFIG_2 =
357 "\n"
358 " relation equal\n"
359 " }\n"
360 " }\n"
361 "}\n"
362 "trust-anchor\n"
363 "{\n"
364 " type file\n"
365 " file-name \"trust-anchor-4.cert\"\n"
366 "}\n";
367 const std::string CONFIG = CONFIG_1 + certName.getPrefix(-1).toUri() + CONFIG_2;
368
369 const boost::filesystem::path CONFIG_PATH =
370 (boost::filesystem::current_path() / std::string("unit-test-nfd.conf"));
371
372
373 shared_ptr<Face> face = make_shared<Face>();
374 ValidatorConfig validator(face);
375 validator.load(CONFIG, CONFIG_PATH.native());
376
377 validator.validate(*data1,
378 bind(&onValidated, _1),
379 bind(&onValidationFailed, _1, _2));
380
381 validator.validate(*data2,
382 bind(&onIntentionalFailureValidated, _1),
383 bind(&onIntentionalFailureInvalidated, _1, _2));
384
385 validator.validate(*data3,
386 bind(&onValidated, _1),
387 bind(&onValidationFailed, _1, _2));
388
389 keyChain.deleteIdentity(identity);
390
391 const boost::filesystem::path CERT_PATH =
392 (boost::filesystem::current_path() / std::string("trust-anchor-4.cert"));
393 boost::filesystem::remove(CERT_PATH);
394}
395
396BOOST_AUTO_TEST_CASE(KeyLocatorNameChecker1)
397{
398 KeyChain keyChain;
399
400 Name identity("/TestValidatorConfig/KeyLocatorNameChecker1");
401 identity.appendVersion();
402 BOOST_REQUIRE_NO_THROW(keyChain.createIdentity(identity));
403 Name certName = keyChain.getDefaultCertificateNameForIdentity(identity);
404 shared_ptr<IdentityCertificate> idCert = keyChain.getCertificate(certName);
405 io::save(*idCert, "trust-anchor-5.cert");
406
407 Name dataName1 = identity;
408 dataName1.append("1");
409 shared_ptr<Data> data1 = make_shared<Data>(dataName1);
410 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data1, identity));
411
412 Name dataName2 = identity;
413 shared_ptr<Data> data2 = make_shared<Data>(dataName2);
414 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data2, identity));
415
416 Name dataName3("/TestValidatorConfig/KeyLocatorNameChecker1");
417 shared_ptr<Data> data3 = make_shared<Data>(dataName3);
418 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data3, identity));
419
420 const std::string CONFIG =
421 "rule\n"
422 "{\n"
423 " id \"Simple3 Rule\"\n"
424 " for data\n"
425 " checker\n"
426 " {\n"
427 " type customized\n"
428 " sig-type rsa-sha256\n"
429 " key-locator\n"
430 " {\n"
431 " type name\n"
432 " hyper-relation\n"
433 " {\n"
434 " k-regex ^([^<KEY>]*)<KEY>(<>*)<><ID-CERT>$\n"
435 " k-expand \\\\1\\\\2\n"
436 " h-relation is-strict-prefix-of\n"
437 " p-regex ^(<>*)$\n"
438 " p-expand \\\\1\n"
439 " }\n"
440 " }\n"
441 " }\n"
442 "}\n"
443 "trust-anchor\n"
444 "{\n"
445 " type file\n"
446 " file-name \"trust-anchor-5.cert\"\n"
447 "}\n";
448 const boost::filesystem::path CONFIG_PATH =
449 (boost::filesystem::current_path() / std::string("unit-test-nfd.conf"));
450
451
452 shared_ptr<Face> face = make_shared<Face>();
453 ValidatorConfig validator(face);
454 validator.load(CONFIG, CONFIG_PATH.native());
455
456 validator.validate(*data1,
457 bind(&onValidated, _1),
458 bind(&onValidationFailed, _1, _2));
459
460 validator.validate(*data2,
461 bind(&onIntentionalFailureValidated, _1),
462 bind(&onIntentionalFailureInvalidated, _1, _2));
463
464 validator.validate(*data3,
465 bind(&onIntentionalFailureValidated, _1),
466 bind(&onIntentionalFailureInvalidated, _1, _2));
467
468 keyChain.deleteIdentity(identity);
469
470 const boost::filesystem::path CERT_PATH =
471 (boost::filesystem::current_path() / std::string("trust-anchor-5.cert"));
472 boost::filesystem::remove(CERT_PATH);
473}
474
475struct FacesFixture
476{
477 FacesFixture()
478 : regPrefixId(0)
479 , regPrefixId2(0)
480 {}
481
482 void
483 onInterest(shared_ptr<Face> face, shared_ptr<Data> data)
484 {
485 face->put(*data);
486 face->unsetInterestFilter(regPrefixId);
487 }
488
489 void
490 onInterest2(shared_ptr<Face> face, shared_ptr<Data> data)
491 {
492 face->put(*data);
493 face->unsetInterestFilter(regPrefixId2);
494 }
495
496 void
497 onRegFailed()
498 {}
499
500 void
501 validate1(shared_ptr<ValidatorConfig> validator, shared_ptr<Data> data)
502 {
503 validator->validate(*data,
504 bind(&onValidated, _1),
505 bind(&onValidationFailed, _1, _2));
506 }
507
508 void
509 validate2(shared_ptr<ValidatorConfig> validator, shared_ptr<Data> data)
510 {
511 validator->validate(*data,
512 bind(&onIntentionalFailureValidated, _1),
513 bind(&onIntentionalFailureInvalidated, _1, _2));
514 }
515
516 void
517 validate3(shared_ptr<ValidatorConfig> validator, shared_ptr<Interest> interest)
518 {
519 validator->validate(*interest,
520 bind(&onValidated2, _1),
521 bind(&onValidationFailed2, _1, _2));
522 }
523
524 void
525 validate4(shared_ptr<ValidatorConfig> validator, shared_ptr<Interest> interest)
526 {
527 validator->validate(*interest,
528 bind(&onIntentionalFailureValidated2, _1),
529 bind(&onIntentionalFailureInvalidated2, _1, _2));
530 }
531
532 void
533 terminate(shared_ptr<Face> face)
534 {
535 face->ioService()->stop();
536 }
537
538 const RegisteredPrefixId* regPrefixId;
539 const RegisteredPrefixId* regPrefixId2;
540};
541
542BOOST_FIXTURE_TEST_CASE(HierarchicalChecker, FacesFixture)
543{
544 KeyChain keyChain;
545 std::vector<CertificateSubjectDescription> subjectDescription;
546
547 Name root("/TestValidatorConfig");
548 Name rootCertName = keyChain.createIdentity(root);
549 shared_ptr<IdentityCertificate> rootCert =
550 keyChain.getCertificate(rootCertName);
551 io::save(*rootCert, "trust-anchor-6.cert");
552
553
554 Name sld("/TestValidatorConfig/HierarchicalChecker");
555 Name sldKeyName = keyChain.generateRSAKeyPairAsDefault(sld, true);
556 shared_ptr<IdentityCertificate> sldCert =
557 keyChain.prepareUnsignedIdentityCertificate(sldKeyName,
558 root,
559 time::system_clock::now(),
560 time::system_clock::now() + time::days(7300),
561 subjectDescription);
562 keyChain.signByIdentity(*sldCert, root);
563 keyChain.addCertificateAsIdentityDefault(*sldCert);
564
565 Name nld("/TestValidatorConfig/HierarchicalChecker/NextLevel");
566 Name nldKeyName = keyChain.generateRSAKeyPairAsDefault(nld, true);
567 shared_ptr<IdentityCertificate> nldCert =
568 keyChain.prepareUnsignedIdentityCertificate(nldKeyName,
569 sld,
570 time::system_clock::now(),
571 time::system_clock::now() + time::days(7300),
572 subjectDescription);
573 keyChain.signByIdentity(*nldCert, sld);
574 keyChain.addCertificateAsIdentityDefault(*nldCert);
575
576 shared_ptr<Face> face = make_shared<Face>();
577 shared_ptr<Face> face2 = shared_ptr<Face>(new Face(face->ioService()));
578 Scheduler scheduler(*face->ioService());
579
580 scheduler.scheduleEvent(time::seconds(1),
581 bind(&FacesFixture::terminate, this, face));
582
583 regPrefixId = face->setInterestFilter(sldCert->getName().getPrefix(-1),
584 bind(&FacesFixture::onInterest, this, face, sldCert),
585 bind(&FacesFixture::onRegFailed, this));
586
587 regPrefixId2 = face->setInterestFilter(nldCert->getName().getPrefix(-1),
588 bind(&FacesFixture::onInterest2, this, face, nldCert),
589 bind(&FacesFixture::onRegFailed, this));
590
591 Name dataName1 = nld;
592 dataName1.append("data1");
593 shared_ptr<Data> data1 = make_shared<Data>(dataName1);
594 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data1, nld));
595
596 Name dataName2("/ConfValidatorTest");
597 dataName2.append("data1");
598 shared_ptr<Data> data2 = make_shared<Data>(dataName2);
599 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data2, nld));
600
601
602 const std::string CONFIG =
603 "rule\n"
604 "{\n"
605 " id \"Simple3 Rule\"\n"
606 " for data\n"
607 " checker\n"
608 " {\n"
609 " type hierarchical\n"
610 " sig-type rsa-sha256\n"
611 " }\n"
612 "}\n"
613 "trust-anchor\n"
614 "{\n"
615 " type file\n"
616 " file-name \"trust-anchor-6.cert\"\n"
617 "}\n";
618 const boost::filesystem::path CONFIG_PATH =
619 (boost::filesystem::current_path() / std::string("unit-test-nfd.conf"));
620
621
622 shared_ptr<ValidatorConfig> validator = shared_ptr<ValidatorConfig>(new ValidatorConfig(face2));
623 validator->load(CONFIG, CONFIG_PATH.native());
624
625 scheduler.scheduleEvent(time::milliseconds(200),
626 bind(&FacesFixture::validate1, this,
627 validator, data1));
628
629 scheduler.scheduleEvent(time::milliseconds(400),
630 bind(&FacesFixture::validate2, this,
631 validator, data2));
632
633 BOOST_REQUIRE_NO_THROW(face->processEvents());
634
635 keyChain.deleteIdentity(root);
636 keyChain.deleteIdentity(sld);
637 keyChain.deleteIdentity(nld);
638
639 const boost::filesystem::path CERT_PATH =
640 (boost::filesystem::current_path() / std::string("trust-anchor-6.cert"));
641 boost::filesystem::remove(CERT_PATH);
642}
643
644BOOST_AUTO_TEST_CASE(FixedSingerChecker)
645{
646 KeyChain keyChain;
647
648 Name identity("/TestValidatorConfig/FixedSingerChecker");
649
650 Name identity1 = identity;
651 identity1.append("1").appendVersion();
652 BOOST_REQUIRE_NO_THROW(keyChain.createIdentity(identity1));
653 Name certName1 = keyChain.getDefaultCertificateNameForIdentity(identity1);
654 shared_ptr<IdentityCertificate> idCert1 = keyChain.getCertificate(certName1);
655 io::save(*idCert1, "trust-anchor-7.cert");
656
657 Name identity2 = identity;
658 identity2.append("2").appendVersion();
659 BOOST_REQUIRE_NO_THROW(keyChain.createIdentity(identity2));
660
661 Name dataName1 = identity;
662 dataName1.append("data").appendVersion();
663 shared_ptr<Data> data1 = make_shared<Data>(dataName1);
664 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data1, identity1));
665
666 Name dataName2 = identity;
667 dataName2.append("data").appendVersion();
668 shared_ptr<Data> data2 = make_shared<Data>(dataName2);
669 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*data2, identity2));
670
671 const std::string CONFIG =
672 "rule\n"
673 "{\n"
674 " id \"Simple3 Rule\"\n"
675 " for data\n"
676 " filter"
677 " {\n"
678 " type name\n"
679 " name /TestValidatorConfig/FixedSingerChecker\n"
680 " relation is-strict-prefix-of\n"
681 " }\n"
682 " checker\n"
683 " {\n"
684 " type fixed-signer\n"
685 " sig-type rsa-sha256\n"
686 " signer\n"
687 " {\n"
688 " type file\n"
689 " file-name \"trust-anchor-7.cert\"\n"
690 " }\n"
691 " }\n"
692 "}\n";
693 const boost::filesystem::path CONFIG_PATH =
694 (boost::filesystem::current_path() / std::string("unit-test-nfd.conf"));
695
696
697 shared_ptr<Face> face = make_shared<Face>();
698 ValidatorConfig validator(face);
699 validator.load(CONFIG, CONFIG_PATH.native());
700
701 validator.validate(*data1,
702 bind(&onValidated, _1),
703 bind(&onValidationFailed, _1, _2));
704
705 validator.validate(*data2,
706 bind(&onIntentionalFailureValidated, _1),
707 bind(&onIntentionalFailureInvalidated, _1, _2));
708
709
710 keyChain.deleteIdentity(identity1);
711 keyChain.deleteIdentity(identity2);
712
713 const boost::filesystem::path CERT_PATH =
714 (boost::filesystem::current_path() / std::string("trust-anchor-7.cert"));
715 boost::filesystem::remove(CERT_PATH);
716}
717
718
719BOOST_FIXTURE_TEST_CASE(Nrd, FacesFixture)
720{
721 KeyChain keyChain;
722 std::vector<CertificateSubjectDescription> subjectDescription;
723
724 Name root("/TestValidatorConfig");
725 Name rootCertName = keyChain.createIdentity(root);
726 shared_ptr<IdentityCertificate> rootCert =
727 keyChain.getCertificate(rootCertName);
728 io::save(*rootCert, "trust-anchor-8.cert");
729
730
731 Name sld("/TestValidatorConfig/Nrd-1");
732 Name sldKeyName = keyChain.generateRSAKeyPairAsDefault(sld, true);
733 shared_ptr<IdentityCertificate> sldCert =
734 keyChain.prepareUnsignedIdentityCertificate(sldKeyName,
735 root,
736 time::system_clock::now(),
737 time::system_clock::now() + time::days(7300),
738 subjectDescription);
739 keyChain.signByIdentity(*sldCert, root);
740 keyChain.addCertificateAsIdentityDefault(*sldCert);
741
742 Name nld("/TestValidatorConfig/Nrd-1/Nrd-2");
743 Name nldKeyName = keyChain.generateRSAKeyPairAsDefault(nld, true);
744 shared_ptr<IdentityCertificate> nldCert =
745 keyChain.prepareUnsignedIdentityCertificate(nldKeyName,
746 sld,
747 time::system_clock::now(),
748 time::system_clock::now() + time::days(7300),
749 subjectDescription);
750 keyChain.signByIdentity(*nldCert, sld);
751 keyChain.addCertificateAsIdentityDefault(*nldCert);
752
753 shared_ptr<Face> face = make_shared<Face>();
754 shared_ptr<Face> face2 = shared_ptr<Face>(new Face(face->ioService()));
755 Scheduler scheduler(*face->ioService());
756
757 scheduler.scheduleEvent(time::seconds(1),
758 bind(&FacesFixture::terminate, this, face));
759
760 regPrefixId = face->setInterestFilter(sldCert->getName().getPrefix(-1),
761 bind(&FacesFixture::onInterest, this, face, sldCert),
762 bind(&FacesFixture::onRegFailed, this));
763
764 regPrefixId2 = face->setInterestFilter(nldCert->getName().getPrefix(-1),
765 bind(&FacesFixture::onInterest2, this, face, nldCert),
766 bind(&FacesFixture::onRegFailed, this));
767
768 Name interestName1("/localhost/nrd/register/option/timestamp/nonce");
769 shared_ptr<Interest> interest1 = make_shared<Interest>(interestName1);
770 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*interest1, nld));
771
772 Name interestName2("/localhost/nrd/non-register");
773 shared_ptr<Interest> interest2 = make_shared<Interest>(interestName2);
774 BOOST_CHECK_NO_THROW(keyChain.signByIdentity(*interest2, nld));
775
776
777 const std::string CONFIG =
778 "rule\n"
779 "{\n"
780 " id \"NRD Prefix Registration Command Rule\"\n"
781 " for interest\n"
782 " filter\n"
783 " {\n"
784 " type name\n"
785 " regex ^<localhost><nrd>[<register><unregister><advertise><withdraw>]<>{3}$\n"
786 " }\n"
787 " checker\n"
788 " {\n"
789 " type customized\n"
790 " sig-type rsa-sha256\n"
791 " key-locator\n"
792 " {\n"
793 " type name\n"
794 " regex ^[^<KEY>]*<KEY><>*<ksk-.*><ID-CERT>$\n"
795 " }\n"
796 " }\n"
797 "}\n"
798 "rule\n"
799 "{\n"
800 " id \"Testbed Hierarchy Rule\"\n"
801 " for data\n"
802 " filter\n"
803 " {\n"
804 " type name\n"
805 " regex ^[^<KEY>]*<KEY><>*<ksk-.*><ID-CERT><>$\n"
806 " }\n"
807 " checker\n"
808 " {\n"
809 " type hierarchical\n"
810 " sig-type rsa-sha256\n"
811 " }\n"
812 "}\n"
813 "trust-anchor\n"
814 "{\n"
815 " type file\n"
816 " file-name \"trust-anchor-8.cert\"\n"
817 "}\n";
818 const boost::filesystem::path CONFIG_PATH =
819 (boost::filesystem::current_path() / std::string("unit-test-nfd.conf"));
820
821
822 shared_ptr<ValidatorConfig> validator = shared_ptr<ValidatorConfig>(new ValidatorConfig(face2));
823 validator->load(CONFIG, CONFIG_PATH.native());
824
825 scheduler.scheduleEvent(time::milliseconds(200),
826 bind(&FacesFixture::validate3, this,
827 validator, interest1));
828
829 scheduler.scheduleEvent(time::milliseconds(400),
830 bind(&FacesFixture::validate4, this,
831 validator, interest2));
832
833 BOOST_REQUIRE_NO_THROW(face->processEvents());
834
835 keyChain.deleteIdentity(root);
836 keyChain.deleteIdentity(sld);
837 keyChain.deleteIdentity(nld);
838
839 const boost::filesystem::path CERT_PATH =
840 (boost::filesystem::current_path() / std::string("trust-anchor-8.cert"));
841 boost::filesystem::remove(CERT_PATH);
842}
843
844
845
846BOOST_AUTO_TEST_SUITE_END()
847
848} // namespace ndn