Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / b6e276f27727280f39ab74c9e4cbae7fded33852 / . / tests / unit-tests / security / validator.t.cpp
blob: 6f22c5a13e5b24e762d13d1ff8e2b91136084bea [file] [log] [blame]
Alexander Afanasyevc169a812014-05-20 20:37:29 -0400[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Alexander Afanasyev6dfeffe2017-01-30 22:40:32 -0800[diff] [blame]2/*
Alexander Afanasyev4c9a3d52017-01-03 17:45:19 -0800[diff] [blame]3 * Copyright (c) 2013-2017 Regents of the University of California.
Alexander Afanasyevdfa52c42014-04-24 21:10:11 -0700[diff] [blame]4 *
5 * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
Alexander Afanasyevdfa52c42014-04-24 21:10:11 -0700[diff] [blame]6 *
Alexander Afanasyevc169a812014-05-20 20:37:29 -0400[diff] [blame]7 * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8 * terms of the GNU Lesser General Public License as published by the Free Software
9 * Foundation, either version 3 of the License, or (at your option) any later version.
10 *
11 * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License and GNU Lesser
16 * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17 * <http://www.gnu.org/licenses/>.
18 *
19 * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]20 */
21
Alexander Afanasyev6dfeffe2017-01-30 22:40:32 -0800[diff] [blame]22#include "security/validator.hpp"
Junxiao Shi198c3812016-08-12 19:24:18 +0000[diff] [blame]23
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]24#include "boost-test.hpp"
Junxiao Shi198c3812016-08-12 19:24:18 +0000[diff] [blame]25#include "identity-management-fixture.hpp"
26#include "../make-interest-data.hpp"
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]27
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]28namespace ndn {
Alexander Afanasyev2fa59392016-07-29 17:24:23 -0700[diff] [blame]29namespace security {
Spyridon Mastorakis429634f2015-02-19 17:35:33 -0800[diff] [blame]30namespace tests {
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]31
Alexander Afanasyev2fa59392016-07-29 17:24:23 -0700[diff] [blame]32using namespace ndn::tests;
33
Junxiao Shi198c3812016-08-12 19:24:18 +0000[diff] [blame]34BOOST_AUTO_TEST_SUITE(Security)
Alexander Afanasyev70244f42017-01-04 12:47:12 -0800[diff] [blame]35BOOST_FIXTURE_TEST_SUITE(TestValidator, IdentityManagementV1Fixture)
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]36
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]37const uint8_t ecdsaSigInfo[] = {
380x16, 0x1b, // SignatureInfo
39 0x1b, 0x01, // SignatureType
40 0x03,
41 0x1c, 0x16, // KeyLocator
42 0x07, 0x14, // Name
43 0x08, 0x04,
44 0x74, 0x65, 0x73, 0x74,
45 0x08, 0x03,
46 0x6b, 0x65, 0x79,
47 0x08, 0x07,
48 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x6f, 0x72
49};
50
51const uint8_t ecdsaSigValue[] = {
520x17, 0x40, // SignatureValue
53 0x2f, 0xd6, 0xf1, 0x6e, 0x80, 0x6f, 0x10, 0xbe, 0xb1, 0x6f, 0x3e, 0x31, 0xec,
54 0xe3, 0xb9, 0xea, 0x83, 0x30, 0x40, 0x03, 0xfc, 0xa0, 0x13, 0xd9, 0xb3, 0xc6,
55 0x25, 0x16, 0x2d, 0xa6, 0x58, 0x41, 0x69, 0x62, 0x56, 0xd8, 0xb3, 0x6a, 0x38,
56 0x76, 0x56, 0xea, 0x61, 0xb2, 0x32, 0x70, 0x1c, 0xb6, 0x4d, 0x10, 0x1d, 0xdc,
57 0x92, 0x8e, 0x52, 0xa5, 0x8a, 0x1d, 0xd9, 0x96, 0x5e, 0xc0, 0x62, 0x0b
58};
59
60BOOST_AUTO_TEST_CASE(RsaSignatureVerification)
61{
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]62 Name identity("/TestValidator/RsaSignatureVerification");
Alexander Afanasyevfc99b512017-01-04 11:10:36 -0800[diff] [blame]63 addIdentity(identity, RsaKeyParams());
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame]64 Name keyName = m_keyChain.getDefaultKeyNameForIdentity(identity);
Alexander Afanasyev2fa59392016-07-29 17:24:23 -0700[diff] [blame]65 shared_ptr<v1::PublicKey> publicKey = m_keyChain.getPublicKey(keyName);
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]66
67 Name identity2("/TestValidator/RsaSignatureVerification/id2");
Alexander Afanasyevfc99b512017-01-04 11:10:36 -0800[diff] [blame]68 addIdentity(identity2, RsaKeyParams());
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame]69 Name keyName2 = m_keyChain.getDefaultKeyNameForIdentity(identity2);
Alexander Afanasyev2fa59392016-07-29 17:24:23 -0700[diff] [blame]70 shared_ptr<v1::PublicKey> publicKey2 = m_keyChain.getPublicKey(keyName2);
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]71
72 Data data("/TestData/1");
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]73 BOOST_CHECK_NO_THROW(m_keyChain.sign(data,
74 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
75 identity)));
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]76 BOOST_CHECK_EQUAL(Validator::verifySignature(data, *publicKey), true);
77 BOOST_CHECK_EQUAL(Validator::verifySignature(data, *publicKey2), false);
78
79 Interest interest("/TestInterest/1");
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]80 BOOST_CHECK_NO_THROW(m_keyChain.sign(interest,
81 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
82 identity)));
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]83 BOOST_CHECK_EQUAL(Validator::verifySignature(interest, *publicKey), true);
84 BOOST_CHECK_EQUAL(Validator::verifySignature(interest, *publicKey2), false);
85
86 Data wrongData("/TestData/2");
87 Block ecdsaSigInfoBlock(ecdsaSigInfo, sizeof(ecdsaSigInfo));
88 Block ecdsaSigValueBlock(ecdsaSigValue, sizeof(ecdsaSigValue));
89 Signature ecdsaSig(ecdsaSigInfoBlock, ecdsaSigValueBlock);
90 wrongData.setSignature(ecdsaSig);
91 BOOST_CHECK_EQUAL(Validator::verifySignature(wrongData, *publicKey), false);
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]92}
93
94const uint8_t rsaSigInfo[] = {
950x16, 0x1b, // SignatureInfo
96 0x1b, 0x01, // SignatureType
97 0x01,
98 0x1c, 0x16, // KeyLocator
99 0x07, 0x14, // Name
100 0x08, 0x04,
101 0x74, 0x65, 0x73, 0x74,
102 0x08, 0x03,
103 0x6b, 0x65, 0x79,
104 0x08, 0x07,
105 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x6f, 0x72
106};
107
108const uint8_t rsaSigValue[] = {
1090x17, 0x80, // SignatureValue
110 0x2f, 0xd6, 0xf1, 0x6e, 0x80, 0x6f, 0x10, 0xbe, 0xb1, 0x6f, 0x3e, 0x31, 0xec,
111 0xe3, 0xb9, 0xea, 0x83, 0x30, 0x40, 0x03, 0xfc, 0xa0, 0x13, 0xd9, 0xb3, 0xc6,
112 0x25, 0x16, 0x2d, 0xa6, 0x58, 0x41, 0x69, 0x62, 0x56, 0xd8, 0xb3, 0x6a, 0x38,
113 0x76, 0x56, 0xea, 0x61, 0xb2, 0x32, 0x70, 0x1c, 0xb6, 0x4d, 0x10, 0x1d, 0xdc,
114 0x92, 0x8e, 0x52, 0xa5, 0x8a, 0x1d, 0xd9, 0x96, 0x5e, 0xc0, 0x62, 0x0b, 0xcf,
115 0x3a, 0x9d, 0x7f, 0xca, 0xbe, 0xa1, 0x41, 0x71, 0x85, 0x7a, 0x8b, 0x5d, 0xa9,
116 0x64, 0xd6, 0x66, 0xb4, 0xe9, 0x8d, 0x0c, 0x28, 0x43, 0xee, 0xa6, 0x64, 0xe8,
117 0x55, 0xf6, 0x1c, 0x19, 0x0b, 0xef, 0x99, 0x25, 0x1e, 0xdc, 0x78, 0xb3, 0xa7,
118 0xaa, 0x0d, 0x14, 0x58, 0x30, 0xe5, 0x37, 0x6a, 0x6d, 0xdb, 0x56, 0xac, 0xa3,
119 0xfc, 0x90, 0x7a, 0xb8, 0x66, 0x9c, 0x0e, 0xf6, 0xb7, 0x64, 0xd1
120};
121
122
123BOOST_AUTO_TEST_CASE(EcdsaSignatureVerification)
124{
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]125 Name identity("/TestValidator/EcdsaSignatureVerification");
Spyridon Mastorakis1ece2e32015-08-27 18:52:21 -0700[diff] [blame]126 addIdentity(identity, EcKeyParams());
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame]127 Name keyName = m_keyChain.getDefaultKeyNameForIdentity(identity);
Alexander Afanasyev2fa59392016-07-29 17:24:23 -0700[diff] [blame]128 shared_ptr<v1::PublicKey> publicKey = m_keyChain.getPublicKey(keyName);
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]129
130 Name identity2("/TestValidator/EcdsaSignatureVerification/id2");
Spyridon Mastorakis1ece2e32015-08-27 18:52:21 -0700[diff] [blame]131 addIdentity(identity2, EcKeyParams());
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame]132 Name keyName2 = m_keyChain.getDefaultKeyNameForIdentity(identity2);
Alexander Afanasyev2fa59392016-07-29 17:24:23 -0700[diff] [blame]133 shared_ptr<v1::PublicKey> publicKey2 = m_keyChain.getPublicKey(keyName2);
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]134
135
136 Data data("/TestData/1");
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]137 BOOST_CHECK_NO_THROW(m_keyChain.sign(data,
138 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
139 identity)));
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]140 BOOST_CHECK_EQUAL(Validator::verifySignature(data, *publicKey), true);
141 BOOST_CHECK_EQUAL(Validator::verifySignature(data, *publicKey2), false);
142
143 Interest interest("/TestInterest/1");
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]144 BOOST_CHECK_NO_THROW(m_keyChain.sign(interest,
145 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
146 identity)));
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]147 BOOST_CHECK_EQUAL(Validator::verifySignature(interest, *publicKey), true);
148 BOOST_CHECK_EQUAL(Validator::verifySignature(interest, *publicKey2), false);
149
150 Data wrongData("/TestData/2");
151 Block rsaSigInfoBlock(rsaSigInfo, sizeof(rsaSigInfo));
152 Block rsaSigValueBlock(rsaSigValue, sizeof(rsaSigValue));
153 Signature rsaSig(rsaSigInfoBlock, rsaSigValueBlock);
154 wrongData.setSignature(rsaSig);
155 BOOST_CHECK_EQUAL(Validator::verifySignature(wrongData, *publicKey), false);
Yingdi Yuc8f883c2014-06-20 23:25:22 -0700[diff] [blame]156}
157
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]158BOOST_AUTO_TEST_CASE(EcdsaSignatureVerification2)
159{
Spyridon Mastorakis1ece2e32015-08-27 18:52:21 -0700[diff] [blame]160 Name ecIdentity("/SecurityTestValidator/EcdsaSignatureVerification2/ec");
161 addIdentity(ecIdentity, EcKeyParams());
162 Name ecCertName = m_keyChain.getDefaultCertificateNameForIdentity(ecIdentity);
163 shared_ptr<v1::IdentityCertificate> ecCert = m_keyChain.getCertificate(ecCertName);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]164
165 Name rsaIdentity("/SecurityTestValidator/EcdsaSignatureVerification2/rsa");
Alexander Afanasyevfc99b512017-01-04 11:10:36 -0800[diff] [blame]166 addIdentity(rsaIdentity, RsaKeyParams());
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700[diff] [blame]167 Name rsaCertName = m_keyChain.getDefaultCertificateNameForIdentity(rsaIdentity);
Alexander Afanasyev2fa59392016-07-29 17:24:23 -0700[diff] [blame]168 shared_ptr<v1::IdentityCertificate> rsaCert = m_keyChain.getCertificate(rsaCertName);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]169
170 Name packetName("/Test/Packet/Name");
171
172 shared_ptr<Data> testDataRsa = make_shared<Data>(packetName);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]173 m_keyChain.sign(*testDataRsa,
174 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
175 rsaIdentity));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]176 shared_ptr<Data> testDataEcdsa = make_shared<Data>(packetName);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]177 m_keyChain.sign(*testDataEcdsa,
178 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
Spyridon Mastorakis1ece2e32015-08-27 18:52:21 -0700[diff] [blame]179 ecIdentity));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]180 shared_ptr<Interest> testInterestRsa = make_shared<Interest>(packetName);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]181 m_keyChain.sign(*testInterestRsa,
182 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
183 rsaIdentity));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]184 shared_ptr<Interest> testInterestEcdsa = make_shared<Interest>(packetName);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]185 m_keyChain.sign(*testInterestEcdsa,
186 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
Spyridon Mastorakis1ece2e32015-08-27 18:52:21 -0700[diff] [blame]187 ecIdentity));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]188
Spyridon Mastorakis1ece2e32015-08-27 18:52:21 -0700[diff] [blame]189 BOOST_CHECK(Validator::verifySignature(*ecCert, ecCert->getPublicKeyInfo()));
190 BOOST_CHECK_EQUAL(Validator::verifySignature(*ecCert, rsaCert->getPublicKeyInfo()), false);
191 BOOST_CHECK_EQUAL(Validator::verifySignature(*rsaCert, ecCert->getPublicKeyInfo()), false);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]192 BOOST_CHECK(Validator::verifySignature(*rsaCert, rsaCert->getPublicKeyInfo()));
193
Spyridon Mastorakis1ece2e32015-08-27 18:52:21 -0700[diff] [blame]194 BOOST_CHECK(Validator::verifySignature(*testDataEcdsa, ecCert->getPublicKeyInfo()));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]195 BOOST_CHECK_EQUAL(Validator::verifySignature(*testDataEcdsa, rsaCert->getPublicKeyInfo()), false);
Spyridon Mastorakis1ece2e32015-08-27 18:52:21 -0700[diff] [blame]196 BOOST_CHECK_EQUAL(Validator::verifySignature(*testDataRsa, ecCert->getPublicKeyInfo()), false);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]197 BOOST_CHECK(Validator::verifySignature(*testDataRsa, rsaCert->getPublicKeyInfo()));
198
Spyridon Mastorakis1ece2e32015-08-27 18:52:21 -0700[diff] [blame]199 BOOST_CHECK(Validator::verifySignature(*testInterestEcdsa, ecCert->getPublicKeyInfo()));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]200 BOOST_CHECK_EQUAL(Validator::verifySignature(*testInterestEcdsa, rsaCert->getPublicKeyInfo()),
201 false);
Spyridon Mastorakis1ece2e32015-08-27 18:52:21 -0700[diff] [blame]202 BOOST_CHECK_EQUAL(Validator::verifySignature(*testInterestRsa, ecCert->getPublicKeyInfo()),
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]203 false);
204 BOOST_CHECK(Validator::verifySignature(*testInterestRsa, rsaCert->getPublicKeyInfo()));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]205}
206
Junxiao Shi198c3812016-08-12 19:24:18 +0000[diff] [blame]207BOOST_AUTO_TEST_CASE(MalformedInterestSigInfo)
208{
209 auto interest = make_shared<Interest>("/prefix");
210 m_keyChain.sign(*interest);
211
212 setNameComponent(*interest, signed_interest::POS_SIG_INFO, "not-SignatureInfo");
213
Alexander Afanasyev2fa59392016-07-29 17:24:23 -0700[diff] [blame]214 v1::PublicKey pubkey = m_keyChain.getDefaultCertificate()->getPublicKeyInfo();
Junxiao Shi198c3812016-08-12 19:24:18 +0000[diff] [blame]215 BOOST_CHECK_EQUAL(Validator::verifySignature(*interest, pubkey), false);
216}
217
218BOOST_AUTO_TEST_CASE(MalformedInterestSigValue)
219{
220 auto interest = make_shared<Interest>("/prefix");
221 m_keyChain.sign(*interest);
222
223 setNameComponent(*interest, signed_interest::POS_SIG_VALUE, "bad-signature-bits");
224
Alexander Afanasyev2fa59392016-07-29 17:24:23 -0700[diff] [blame]225 v1::PublicKey pubkey = m_keyChain.getDefaultCertificate()->getPublicKeyInfo();
Junxiao Shi198c3812016-08-12 19:24:18 +0000[diff] [blame]226 BOOST_CHECK_EQUAL(Validator::verifySignature(*interest, pubkey), false);
227}
228
229BOOST_AUTO_TEST_SUITE_END() // TestValidator
230BOOST_AUTO_TEST_SUITE_END() // Security
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]231
Spyridon Mastorakis429634f2015-02-19 17:35:33 -0800[diff] [blame]232} // namespace tests
Alexander Afanasyev2fa59392016-07-29 17:24:23 -0700[diff] [blame]233} // namespace security
Yingdi Yu9a335352014-01-31 11:57:46 -0800[diff] [blame]234} // namespace ndn