blob: 8fa26ecdd4d0a82f0c83059fb1df3d45288735a7 [file] [log] [blame]
Alexander Afanasyevc169a812014-05-20 20:37:29 -04001/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Yingdi Yu9a335352014-01-31 11:57:46 -08002/**
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -07003 * Copyright (c) 2013-2016 Regents of the University of California.
Alexander Afanasyevdfa52c42014-04-24 21:10:11 -07004 *
5 * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
Alexander Afanasyevdfa52c42014-04-24 21:10:11 -07006 *
Alexander Afanasyevc169a812014-05-20 20:37:29 -04007 * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8 * terms of the GNU Lesser General Public License as published by the Free Software
9 * Foundation, either version 3 of the License, or (at your option) any later version.
10 *
11 * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License and GNU Lesser
16 * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17 * <http://www.gnu.org/licenses/>.
18 *
19 * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
Yingdi Yu9a335352014-01-31 11:57:46 -080020 */
21
Yingdi Yu9a335352014-01-31 11:57:46 -080022#include "security/validator-null.hpp"
23#include "security/key-chain.hpp"
Junxiao Shi198c3812016-08-12 19:24:18 +000024
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -070025#include "boost-test.hpp"
Junxiao Shi198c3812016-08-12 19:24:18 +000026#include "identity-management-fixture.hpp"
27#include "../make-interest-data.hpp"
Yingdi Yu9a335352014-01-31 11:57:46 -080028
Yingdi Yu9a335352014-01-31 11:57:46 -080029namespace ndn {
Spyridon Mastorakis429634f2015-02-19 17:35:33 -080030namespace tests {
Yingdi Yu9a335352014-01-31 11:57:46 -080031
Junxiao Shi198c3812016-08-12 19:24:18 +000032BOOST_AUTO_TEST_SUITE(Security)
33BOOST_FIXTURE_TEST_SUITE(TestValidator, IdentityManagementFixture)
Yingdi Yu9a335352014-01-31 11:57:46 -080034
35void
36onValidated(const shared_ptr<const Data>& data)
Alexander Afanasyev24b75c82014-05-31 15:59:31 +030037{
38 BOOST_CHECK(true);
39}
Yingdi Yu9a335352014-01-31 11:57:46 -080040
41void
Junxiao Shi198c3812016-08-12 19:24:18 +000042onValidationFailed(const shared_ptr<const Data>& data, const std::string& failureInfo)
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -070043{
44 BOOST_CHECK(false);
Yingdi Yu40587c02014-02-21 16:40:48 -080045}
Yingdi Yu9a335352014-01-31 11:57:46 -080046
Yingdi Yuf56c68f2014-04-24 21:50:13 -070047BOOST_AUTO_TEST_CASE(Null)
Yingdi Yu9a335352014-01-31 11:57:46 -080048{
Alexander Afanasyevaa0e7da2014-03-17 14:37:33 -070049 Name identity("/TestValidator/Null");
50 identity.appendVersion();
Yingdi Yu3ed09d02014-10-13 16:24:08 -070051 BOOST_REQUIRE(addIdentity(identity, RsaKeyParams()));
Yingdi Yu9a335352014-01-31 11:57:46 -080052
53 Name dataName = identity;
54 dataName.append("1");
55 shared_ptr<Data> data = make_shared<Data>(dataName);
56
Yingdi Yu1b0311c2015-06-10 14:58:47 -070057 BOOST_CHECK_NO_THROW(m_keyChain.sign(*data,
58 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
59 identity)));
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -070060
Yingdi Yu9a335352014-01-31 11:57:46 -080061 ValidatorNull validator;
Alexander Afanasyev0222fba2014-02-09 23:16:02 -080062
63 // data must be a shared pointer
64 validator.validate(*data,
Yingdi Yu96e64062014-04-15 19:57:33 -070065 bind(&onValidated, _1),
66 bind(&onValidationFailed, _1, _2));
Yingdi Yu9a335352014-01-31 11:57:46 -080067}
68
Yingdi Yuc8f883c2014-06-20 23:25:22 -070069const uint8_t ecdsaSigInfo[] = {
700x16, 0x1b, // SignatureInfo
71 0x1b, 0x01, // SignatureType
72 0x03,
73 0x1c, 0x16, // KeyLocator
74 0x07, 0x14, // Name
75 0x08, 0x04,
76 0x74, 0x65, 0x73, 0x74,
77 0x08, 0x03,
78 0x6b, 0x65, 0x79,
79 0x08, 0x07,
80 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x6f, 0x72
81};
82
83const uint8_t ecdsaSigValue[] = {
840x17, 0x40, // SignatureValue
85 0x2f, 0xd6, 0xf1, 0x6e, 0x80, 0x6f, 0x10, 0xbe, 0xb1, 0x6f, 0x3e, 0x31, 0xec,
86 0xe3, 0xb9, 0xea, 0x83, 0x30, 0x40, 0x03, 0xfc, 0xa0, 0x13, 0xd9, 0xb3, 0xc6,
87 0x25, 0x16, 0x2d, 0xa6, 0x58, 0x41, 0x69, 0x62, 0x56, 0xd8, 0xb3, 0x6a, 0x38,
88 0x76, 0x56, 0xea, 0x61, 0xb2, 0x32, 0x70, 0x1c, 0xb6, 0x4d, 0x10, 0x1d, 0xdc,
89 0x92, 0x8e, 0x52, 0xa5, 0x8a, 0x1d, 0xd9, 0x96, 0x5e, 0xc0, 0x62, 0x0b
90};
91
92BOOST_AUTO_TEST_CASE(RsaSignatureVerification)
93{
Yingdi Yuc8f883c2014-06-20 23:25:22 -070094 Name identity("/TestValidator/RsaSignatureVerification");
Yingdi Yu3ed09d02014-10-13 16:24:08 -070095 BOOST_REQUIRE(addIdentity(identity, RsaKeyParams()));
96 Name keyName = m_keyChain.getDefaultKeyNameForIdentity(identity);
97 shared_ptr<PublicKey> publicKey = m_keyChain.getPublicKey(keyName);
Yingdi Yuc8f883c2014-06-20 23:25:22 -070098
99 Name identity2("/TestValidator/RsaSignatureVerification/id2");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700100 BOOST_REQUIRE(addIdentity(identity2, RsaKeyParams()));
101 Name keyName2 = m_keyChain.getDefaultKeyNameForIdentity(identity2);
102 shared_ptr<PublicKey> publicKey2 = m_keyChain.getPublicKey(keyName2);
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700103
104 Data data("/TestData/1");
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700105 BOOST_CHECK_NO_THROW(m_keyChain.sign(data,
106 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
107 identity)));
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700108 BOOST_CHECK_EQUAL(Validator::verifySignature(data, *publicKey), true);
109 BOOST_CHECK_EQUAL(Validator::verifySignature(data, *publicKey2), false);
110
111 Interest interest("/TestInterest/1");
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700112 BOOST_CHECK_NO_THROW(m_keyChain.sign(interest,
113 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
114 identity)));
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700115 BOOST_CHECK_EQUAL(Validator::verifySignature(interest, *publicKey), true);
116 BOOST_CHECK_EQUAL(Validator::verifySignature(interest, *publicKey2), false);
117
118 Data wrongData("/TestData/2");
119 Block ecdsaSigInfoBlock(ecdsaSigInfo, sizeof(ecdsaSigInfo));
120 Block ecdsaSigValueBlock(ecdsaSigValue, sizeof(ecdsaSigValue));
121 Signature ecdsaSig(ecdsaSigInfoBlock, ecdsaSigValueBlock);
122 wrongData.setSignature(ecdsaSig);
123 BOOST_CHECK_EQUAL(Validator::verifySignature(wrongData, *publicKey), false);
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700124}
125
126const uint8_t rsaSigInfo[] = {
1270x16, 0x1b, // SignatureInfo
128 0x1b, 0x01, // SignatureType
129 0x01,
130 0x1c, 0x16, // KeyLocator
131 0x07, 0x14, // Name
132 0x08, 0x04,
133 0x74, 0x65, 0x73, 0x74,
134 0x08, 0x03,
135 0x6b, 0x65, 0x79,
136 0x08, 0x07,
137 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x6f, 0x72
138};
139
140const uint8_t rsaSigValue[] = {
1410x17, 0x80, // SignatureValue
142 0x2f, 0xd6, 0xf1, 0x6e, 0x80, 0x6f, 0x10, 0xbe, 0xb1, 0x6f, 0x3e, 0x31, 0xec,
143 0xe3, 0xb9, 0xea, 0x83, 0x30, 0x40, 0x03, 0xfc, 0xa0, 0x13, 0xd9, 0xb3, 0xc6,
144 0x25, 0x16, 0x2d, 0xa6, 0x58, 0x41, 0x69, 0x62, 0x56, 0xd8, 0xb3, 0x6a, 0x38,
145 0x76, 0x56, 0xea, 0x61, 0xb2, 0x32, 0x70, 0x1c, 0xb6, 0x4d, 0x10, 0x1d, 0xdc,
146 0x92, 0x8e, 0x52, 0xa5, 0x8a, 0x1d, 0xd9, 0x96, 0x5e, 0xc0, 0x62, 0x0b, 0xcf,
147 0x3a, 0x9d, 0x7f, 0xca, 0xbe, 0xa1, 0x41, 0x71, 0x85, 0x7a, 0x8b, 0x5d, 0xa9,
148 0x64, 0xd6, 0x66, 0xb4, 0xe9, 0x8d, 0x0c, 0x28, 0x43, 0xee, 0xa6, 0x64, 0xe8,
149 0x55, 0xf6, 0x1c, 0x19, 0x0b, 0xef, 0x99, 0x25, 0x1e, 0xdc, 0x78, 0xb3, 0xa7,
150 0xaa, 0x0d, 0x14, 0x58, 0x30, 0xe5, 0x37, 0x6a, 0x6d, 0xdb, 0x56, 0xac, 0xa3,
151 0xfc, 0x90, 0x7a, 0xb8, 0x66, 0x9c, 0x0e, 0xf6, 0xb7, 0x64, 0xd1
152};
153
154
155BOOST_AUTO_TEST_CASE(EcdsaSignatureVerification)
156{
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700157 Name identity("/TestValidator/EcdsaSignatureVerification");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700158 BOOST_REQUIRE(addIdentity(identity, EcdsaKeyParams()));
159 Name keyName = m_keyChain.getDefaultKeyNameForIdentity(identity);
160 shared_ptr<PublicKey> publicKey = m_keyChain.getPublicKey(keyName);
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700161
162 Name identity2("/TestValidator/EcdsaSignatureVerification/id2");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700163 BOOST_REQUIRE(addIdentity(identity2, EcdsaKeyParams()));
164 Name keyName2 = m_keyChain.getDefaultKeyNameForIdentity(identity2);
165 shared_ptr<PublicKey> publicKey2 = m_keyChain.getPublicKey(keyName2);
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700166
167
168 Data data("/TestData/1");
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700169 BOOST_CHECK_NO_THROW(m_keyChain.sign(data,
170 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
171 identity)));
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700172 BOOST_CHECK_EQUAL(Validator::verifySignature(data, *publicKey), true);
173 BOOST_CHECK_EQUAL(Validator::verifySignature(data, *publicKey2), false);
174
175 Interest interest("/TestInterest/1");
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700176 BOOST_CHECK_NO_THROW(m_keyChain.sign(interest,
177 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
178 identity)));
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700179 BOOST_CHECK_EQUAL(Validator::verifySignature(interest, *publicKey), true);
180 BOOST_CHECK_EQUAL(Validator::verifySignature(interest, *publicKey2), false);
181
182 Data wrongData("/TestData/2");
183 Block rsaSigInfoBlock(rsaSigInfo, sizeof(rsaSigInfo));
184 Block rsaSigValueBlock(rsaSigValue, sizeof(rsaSigValue));
185 Signature rsaSig(rsaSigInfoBlock, rsaSigValueBlock);
186 wrongData.setSignature(rsaSig);
187 BOOST_CHECK_EQUAL(Validator::verifySignature(wrongData, *publicKey), false);
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700188}
189
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700190BOOST_AUTO_TEST_CASE(EcdsaSignatureVerification2)
191{
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700192 Name ecdsaIdentity("/SecurityTestValidator/EcdsaSignatureVerification2/ecdsa");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700193 BOOST_REQUIRE(addIdentity(ecdsaIdentity, EcdsaKeyParams()));
194 Name ecdsaCertName = m_keyChain.getDefaultCertificateNameForIdentity(ecdsaIdentity);
195 shared_ptr<IdentityCertificate> ecdsaCert = m_keyChain.getCertificate(ecdsaCertName);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700196
197 Name rsaIdentity("/SecurityTestValidator/EcdsaSignatureVerification2/rsa");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700198 BOOST_REQUIRE(addIdentity(rsaIdentity, RsaKeyParams()));
199 Name rsaCertName = m_keyChain.getDefaultCertificateNameForIdentity(rsaIdentity);
200 shared_ptr<IdentityCertificate> rsaCert = m_keyChain.getCertificate(rsaCertName);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700201
202 Name packetName("/Test/Packet/Name");
203
204 shared_ptr<Data> testDataRsa = make_shared<Data>(packetName);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700205 m_keyChain.sign(*testDataRsa,
206 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
207 rsaIdentity));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700208 shared_ptr<Data> testDataEcdsa = make_shared<Data>(packetName);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700209 m_keyChain.sign(*testDataEcdsa,
210 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
211 ecdsaIdentity));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700212 shared_ptr<Interest> testInterestRsa = make_shared<Interest>(packetName);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700213 m_keyChain.sign(*testInterestRsa,
214 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
215 rsaIdentity));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700216 shared_ptr<Interest> testInterestEcdsa = make_shared<Interest>(packetName);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700217 m_keyChain.sign(*testInterestEcdsa,
218 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
219 ecdsaIdentity));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700220
221 BOOST_CHECK(Validator::verifySignature(*ecdsaCert, ecdsaCert->getPublicKeyInfo()));
222 BOOST_CHECK_EQUAL(Validator::verifySignature(*ecdsaCert, rsaCert->getPublicKeyInfo()), false);
223 BOOST_CHECK_EQUAL(Validator::verifySignature(*rsaCert, ecdsaCert->getPublicKeyInfo()), false);
224 BOOST_CHECK(Validator::verifySignature(*rsaCert, rsaCert->getPublicKeyInfo()));
225
226 BOOST_CHECK(Validator::verifySignature(*testDataEcdsa, ecdsaCert->getPublicKeyInfo()));
227 BOOST_CHECK_EQUAL(Validator::verifySignature(*testDataEcdsa, rsaCert->getPublicKeyInfo()), false);
228 BOOST_CHECK_EQUAL(Validator::verifySignature(*testDataRsa, ecdsaCert->getPublicKeyInfo()), false);
229 BOOST_CHECK(Validator::verifySignature(*testDataRsa, rsaCert->getPublicKeyInfo()));
230
231 BOOST_CHECK(Validator::verifySignature(*testInterestEcdsa, ecdsaCert->getPublicKeyInfo()));
232 BOOST_CHECK_EQUAL(Validator::verifySignature(*testInterestEcdsa, rsaCert->getPublicKeyInfo()),
233 false);
234 BOOST_CHECK_EQUAL(Validator::verifySignature(*testInterestRsa, ecdsaCert->getPublicKeyInfo()),
235 false);
236 BOOST_CHECK(Validator::verifySignature(*testInterestRsa, rsaCert->getPublicKeyInfo()));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700237}
238
Junxiao Shi198c3812016-08-12 19:24:18 +0000239BOOST_AUTO_TEST_CASE(MalformedInterestSigInfo)
240{
241 auto interest = make_shared<Interest>("/prefix");
242 m_keyChain.sign(*interest);
243
244 setNameComponent(*interest, signed_interest::POS_SIG_INFO, "not-SignatureInfo");
245
246 PublicKey pubkey = m_keyChain.getDefaultCertificate()->getPublicKeyInfo();
247 BOOST_CHECK_EQUAL(Validator::verifySignature(*interest, pubkey), false);
248}
249
250BOOST_AUTO_TEST_CASE(MalformedInterestSigValue)
251{
252 auto interest = make_shared<Interest>("/prefix");
253 m_keyChain.sign(*interest);
254
255 setNameComponent(*interest, signed_interest::POS_SIG_VALUE, "bad-signature-bits");
256
257 PublicKey pubkey = m_keyChain.getDefaultCertificate()->getPublicKeyInfo();
258 BOOST_CHECK_EQUAL(Validator::verifySignature(*interest, pubkey), false);
259}
260
261BOOST_AUTO_TEST_SUITE_END() // TestValidator
262BOOST_AUTO_TEST_SUITE_END() // Security
Yingdi Yu9a335352014-01-31 11:57:46 -0800263
Spyridon Mastorakis429634f2015-02-19 17:35:33 -0800264} // namespace tests
Yingdi Yu9a335352014-01-31 11:57:46 -0800265} // namespace ndn