Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / caac54eb94693a62718d9c7bf4f67bb1145924fd / . / tests / security / test-keychain.cpp
blob: 214aa9a03248a3877c21612ba4b9881f92e50e77 [file] [log] [blame]
Alexander Afanasyevdfa52c42014-04-24 21:10:11 -0700[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil -*- */
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]2/**
Alexander Afanasyevdfa52c42014-04-24 21:10:11 -0700[diff] [blame]3 * Copyright (c) 2013-2014, Regents of the University of California.
4 * All rights reserved.
5 *
6 * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
7 * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
8 *
9 * This file licensed under New BSD License. See COPYING for detailed information about
10 * ndn-cxx library copyright, permissions, and redistribution restrictions.
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]11 */
12
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]13#include "security/key-chain.hpp"
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]14#include <boost/filesystem.hpp>
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]15
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]16#include "boost-test.hpp"
17
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]18using namespace std;
19
20namespace ndn {
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]21namespace tests {
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]22
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]23class KeychainConfigFileFixture
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]24{
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]25public:
26 KeychainConfigFileFixture()
27 {
28 if (std::getenv("TEST_HOME"))
29 m_HOME = std::getenv("TEST_HOME");
30 }
31
32 ~KeychainConfigFileFixture()
33 {
34 if (!m_HOME.empty())
35 setenv("TEST_HOME", m_HOME.c_str(), 1);
36 else
37 unsetenv("TEST_HOME");
38 }
39
40protected:
41 std::string m_HOME;
42};
43
44BOOST_FIXTURE_TEST_SUITE(SecurityTestKeyChain, KeychainConfigFileFixture)
45
46BOOST_AUTO_TEST_CASE(ConstructorNormalConfig)
47{
48 using namespace boost::filesystem;
49
50 setenv("TEST_HOME", "tests/security/config-file-home", 1);
51
52 BOOST_REQUIRE_NO_THROW(KeyChain());
53
54 path pibPath(absolute(std::getenv("TEST_HOME")));
55 pibPath /= ".ndn/ndnsec-public-info.db";
56
57 boost::filesystem::remove(pibPath);
58}
59
60BOOST_AUTO_TEST_CASE(ConstructorEmptyConfig)
61{
62 using namespace boost::filesystem;
63
64 setenv("TEST_HOME", "tests/security/config-file-empty-home", 1);
65
66 BOOST_REQUIRE_NO_THROW(KeyChain());
67
68 path pibPath(absolute(std::getenv("TEST_HOME")));
69 pibPath /= ".ndn/ndnsec-public-info.db";
70
71 boost::filesystem::remove(pibPath);
72}
73
74BOOST_AUTO_TEST_CASE(ConstructorMalConfig)
75{
76 using namespace boost::filesystem;
77
78 setenv("TEST_HOME", "tests/security/config-file-malformed-home", 1);
79
80 BOOST_REQUIRE_THROW(KeyChain(), KeyChain::Error); // Wrong configuration. Error expected.
81}
82
83BOOST_AUTO_TEST_CASE(ConstructorMal2Config)
84{
85 using namespace boost::filesystem;
86
87 setenv("TEST_HOME", "tests/security/config-file-malformed2-home", 1);
88
89 BOOST_REQUIRE_THROW(KeyChain(), KeyChain::Error); // Wrong configuration. Error expected.
90}
91
92BOOST_AUTO_TEST_CASE(ExportIdentity)
93{
94 BOOST_REQUIRE_NO_THROW(KeyChain("sqlite3", "file"));
95 KeyChain keyChain("sqlite3", "file");
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]96
Alexander Afanasyevaa0e7da2014-03-17 14:37:33 -0700[diff] [blame]97 Name identity("/TestKeyChain/ExportIdentity/");
98 identity.appendVersion();
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]99 keyChain.createIdentity(identity);
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]100
Yingdi Yu64c3fb42014-02-26 17:30:04 -0800[diff] [blame]101 shared_ptr<SecuredBag> exported = keyChain.exportIdentity(identity, "1234");
102
103 Block block = exported->wireEncode();
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]104
105 Name keyName = keyChain.getDefaultKeyNameForIdentity(identity);
106 Name certName = keyChain.getDefaultCertificateNameForKey(keyName);
107
108 keyChain.deleteIdentity(identity);
109
110 BOOST_REQUIRE(keyChain.doesIdentityExist(identity) == false);
111 BOOST_REQUIRE(keyChain.doesPublicKeyExist(keyName) == false);
112 BOOST_REQUIRE(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE) == false);
113 BOOST_REQUIRE(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC) == false);
114 BOOST_REQUIRE(keyChain.doesCertificateExist(certName) == false);
115
Yingdi Yu64c3fb42014-02-26 17:30:04 -0800[diff] [blame]116 SecuredBag imported;
117 imported.wireDecode(block);
118 keyChain.importIdentity(imported, "1234");
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]119
120 BOOST_REQUIRE(keyChain.doesIdentityExist(identity));
121 BOOST_REQUIRE(keyChain.doesPublicKeyExist(keyName));
122 BOOST_REQUIRE(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE));
123 BOOST_REQUIRE(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC));
124 BOOST_REQUIRE(keyChain.doesCertificateExist(certName));
125
126 keyChain.deleteIdentity(identity);
127
128 BOOST_REQUIRE(keyChain.doesIdentityExist(identity) == false);
129 BOOST_REQUIRE(keyChain.doesPublicKeyExist(keyName) == false);
130 BOOST_REQUIRE(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE) == false);
131 BOOST_REQUIRE(keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC) == false);
132 BOOST_REQUIRE(keyChain.doesCertificateExist(certName) == false);
133}
134
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]135BOOST_AUTO_TEST_CASE(PrepareIdentityCertificate)
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]136{
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]137 BOOST_REQUIRE_NO_THROW(KeyChain("sqlite3", "file"));
138 KeyChain keyChain("sqlite3", "file");
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]139
Alexander Afanasyevaa0e7da2014-03-17 14:37:33 -0700[diff] [blame]140 Name identity("/TestKeyChain/PrepareIdentityCertificate/");
141 identity.appendVersion();
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]142 keyChain.createIdentity(identity);
143
144 vector<CertificateSubjectDescription> subjectDescription;
145 Name lowerIdentity = identity;
Alexander Afanasyevaa0e7da2014-03-17 14:37:33 -0700[diff] [blame]146 lowerIdentity.append("Lower").appendVersion();
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]147 Name lowerKeyName = keyChain.generateRsaKeyPair(lowerIdentity, true);
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]148 shared_ptr<IdentityCertificate> idCert
149 = keyChain.prepareUnsignedIdentityCertificate(lowerKeyName, identity,
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]150 time::system_clock::now(),
151 time::system_clock::now() + time::days(365),
152 subjectDescription);
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]153 BOOST_CHECK(static_cast<bool>(idCert));
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]154 BOOST_CHECK(idCert->getName().getPrefix(5) ==
155 Name().append(identity).append("KEY").append("Lower"));
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]156
157
Alexander Afanasyevaa0e7da2014-03-17 14:37:33 -0700[diff] [blame]158 Name anotherIdentity("/TestKeyChain/PrepareIdentityCertificate/Another/");
159 anotherIdentity.appendVersion();
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]160 Name anotherKeyName = keyChain.generateRsaKeyPair(anotherIdentity, true);
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]161 shared_ptr<IdentityCertificate> idCert2
162 = keyChain.prepareUnsignedIdentityCertificate(anotherKeyName, identity,
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]163 time::system_clock::now(),
164 time::system_clock::now() + time::days(365),
165 subjectDescription);
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]166 BOOST_CHECK(static_cast<bool>(idCert2));
167 BOOST_CHECK(idCert2->getName().getPrefix(5) == Name().append(anotherIdentity).append("KEY"));
168
169
170 Name wrongKeyName1;
171 shared_ptr<IdentityCertificate> idCert3
172 = keyChain.prepareUnsignedIdentityCertificate(wrongKeyName1, identity,
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]173 time::system_clock::now(),
174 time::system_clock::now() + time::days(365),
175 subjectDescription);
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]176 BOOST_CHECK(!static_cast<bool>(idCert3));
177
178
179 Name wrongKeyName2("/TestKeyChain/PrepareIdentityCertificate");
180 shared_ptr<IdentityCertificate> idCert4
181 = keyChain.prepareUnsignedIdentityCertificate(wrongKeyName2, identity,
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]182 time::system_clock::now(),
183 time::system_clock::now() + time::days(365),
184 subjectDescription);
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]185 BOOST_CHECK(!static_cast<bool>(idCert4));
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]186
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]187
188 Name wrongKeyName3("/TestKeyChain/PrepareIdentityCertificate/ksk-1234");
189 shared_ptr<IdentityCertificate> idCert5
190 = keyChain.prepareUnsignedIdentityCertificate(wrongKeyName3, identity,
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]191 time::system_clock::now(),
192 time::system_clock::now() + time::days(365),
193 subjectDescription);
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]194 BOOST_CHECK(!static_cast<bool>(idCert5));
195
196 keyChain.deleteIdentity(identity);
197 keyChain.deleteIdentity(lowerIdentity);
198 keyChain.deleteIdentity(anotherIdentity);
199}
200
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]201BOOST_AUTO_TEST_SUITE_END()
202
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]203} // namespace tests
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]204} // namespace ndn