Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / d8e0cad3390277c07125a75e57aab762e7fccaa0 / . / tests / unit / security / trust-anchor-container.t.cpp
blob: bb336b5545ed47fb733cf653b489ff10c9578ba1 [file] [log] [blame]
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Davide Pesavento0f830802018-01-16 23:58:58 -0500[diff] [blame]2/*
Davide Pesavento478d3382021-03-17 12:46:08 -0400[diff] [blame]3 * Copyright (c) 2013-2021 Regents of the University of California.
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]4 *
5 * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
6 *
7 * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8 * terms of the GNU Lesser General Public License as published by the Free Software
9 * Foundation, either version 3 of the License, or (at your option) any later version.
10 *
11 * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License and GNU Lesser
16 * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17 * <http://www.gnu.org/licenses/>.
18 *
19 * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
20 */
21
Alexander Afanasyev09236c22020-06-03 13:42:38 -0400[diff] [blame]22#include "ndn-cxx/security/trust-anchor-container.hpp"
Davide Pesavento7e780642018-11-24 15:51:34 -0500[diff] [blame]23#include "ndn-cxx/util/io.hpp"
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]24
Davide Pesavento7e780642018-11-24 15:51:34 -0500[diff] [blame]25#include "tests/boost-test.hpp"
Davide Pesavento4c1ad4c2020-11-16 21:12:02 -0500[diff] [blame]26#include "tests/key-chain-fixture.hpp"
27#include "tests/unit/clock-fixture.hpp"
Davide Pesavento0f830802018-01-16 23:58:58 -0500[diff] [blame]28
Davide Pesaventod8e0cad2021-05-26 21:43:47 -0400[diff] [blame^]29#include <boost/filesystem/operations.hpp>
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]30
31namespace ndn {
32namespace security {
Alexander Afanasyev09236c22020-06-03 13:42:38 -0400[diff] [blame]33inline namespace v2 {
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]34namespace tests {
35
36using namespace ndn::tests;
37
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]38/**
39 * This fixture creates a directory and prepares two certificates.
40 * cert1 is written to a file under the directory, while cert2 is not.
41 */
Davide Pesavento4c1ad4c2020-11-16 21:12:02 -0500[diff] [blame]42class TrustAnchorContainerFixture : public ClockFixture, public KeyChainFixture
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]43{
44public:
Davide Pesavento4c1ad4c2020-11-16 21:12:02 -0500[diff] [blame]45 TrustAnchorContainerFixture()
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]46 {
Davide Pesavento4c1ad4c2020-11-16 21:12:02 -0500[diff] [blame]47 boost::filesystem::create_directories(certDirPath);
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]48
Davide Pesavento4c1ad4c2020-11-16 21:12:02 -0500[diff] [blame]49 identity1 = m_keyChain.createIdentity("/TestAnchorContainer/First");
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]50 cert1 = identity1.getDefaultKey().getDefaultCertificate();
Davide Pesavento4c1ad4c2020-11-16 21:12:02 -0500[diff] [blame]51 saveCert(cert1, certPath1.string());
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]52
Davide Pesavento4c1ad4c2020-11-16 21:12:02 -0500[diff] [blame]53 identity2 = m_keyChain.createIdentity("/TestAnchorContainer/Second");
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]54 cert2 = identity2.getDefaultKey().getDefaultCertificate();
Davide Pesavento4c1ad4c2020-11-16 21:12:02 -0500[diff] [blame]55 saveCert(cert2, certPath2.string());
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]56 }
57
Davide Pesavento4c1ad4c2020-11-16 21:12:02 -0500[diff] [blame]58 ~TrustAnchorContainerFixture() override
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]59 {
Davide Pesavento4c1ad4c2020-11-16 21:12:02 -0500[diff] [blame]60 boost::filesystem::remove_all(certDirPath);
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]61 }
62
63public:
Davide Pesavento4c1ad4c2020-11-16 21:12:02 -0500[diff] [blame]64 const boost::filesystem::path certDirPath{boost::filesystem::path(UNIT_TESTS_TMPDIR) / "test-cert-dir"};
65 const boost::filesystem::path certPath1{certDirPath / "trust-anchor-1.cert"};
66 const boost::filesystem::path certPath2{certDirPath / "trust-anchor-2.cert"};
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]67
Davide Pesavento4c1ad4c2020-11-16 21:12:02 -0500[diff] [blame]68 TrustAnchorContainer anchorContainer;
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]69
70 Identity identity1;
71 Identity identity2;
72
73 Certificate cert1;
74 Certificate cert2;
75};
76
Davide Pesavento4c1ad4c2020-11-16 21:12:02 -0500[diff] [blame]77BOOST_AUTO_TEST_SUITE(Security)
78BOOST_FIXTURE_TEST_SUITE(TestTrustAnchorContainer, TrustAnchorContainerFixture)
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]79
80// one static group and one dynamic group created from file
81BOOST_AUTO_TEST_CASE(Insert)
82{
83 // Static
84 anchorContainer.insert("group1", Certificate(cert1));
85 BOOST_CHECK(anchorContainer.find(cert1.getName()) != nullptr);
86 BOOST_CHECK(anchorContainer.find(identity1.getName()) != nullptr);
87 const Certificate* cert = anchorContainer.find(cert1.getName());
88 BOOST_CHECK_NO_THROW(anchorContainer.insert("group1", Certificate(cert1)));
89 BOOST_CHECK_EQUAL(cert, anchorContainer.find(cert1.getName())); // still the same instance of the certificate
90 // cannot add dynamic group when static already exists
Davide Pesavento0f830802018-01-16 23:58:58 -0500[diff] [blame]91 BOOST_CHECK_THROW(anchorContainer.insert("group1", certPath1.string(), 1_s), TrustAnchorContainer::Error);
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]92 BOOST_CHECK_EQUAL(anchorContainer.getGroup("group1").size(), 1);
93 BOOST_CHECK_EQUAL(anchorContainer.size(), 1);
94
95 // From file
Davide Pesavento0f830802018-01-16 23:58:58 -0500[diff] [blame]96 anchorContainer.insert("group2", certPath2.string(), 1_s);
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]97 BOOST_CHECK(anchorContainer.find(cert2.getName()) != nullptr);
98 BOOST_CHECK(anchorContainer.find(identity2.getName()) != nullptr);
99 BOOST_CHECK_THROW(anchorContainer.insert("group2", Certificate(cert2)), TrustAnchorContainer::Error);
Davide Pesavento0f830802018-01-16 23:58:58 -0500[diff] [blame]100 BOOST_CHECK_THROW(anchorContainer.insert("group2", certPath2.string(), 1_s), TrustAnchorContainer::Error);
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]101 BOOST_CHECK_EQUAL(anchorContainer.getGroup("group2").size(), 1);
102 BOOST_CHECK_EQUAL(anchorContainer.size(), 2);
103
104 boost::filesystem::remove(certPath2);
Davide Pesavento0f830802018-01-16 23:58:58 -0500[diff] [blame]105 advanceClocks(1_s, 11);
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]106
107 BOOST_CHECK(anchorContainer.find(identity2.getName()) == nullptr);
108 BOOST_CHECK(anchorContainer.find(cert2.getName()) == nullptr);
109 BOOST_CHECK_EQUAL(anchorContainer.getGroup("group2").size(), 0);
110 BOOST_CHECK_EQUAL(anchorContainer.size(), 1);
111
112 TrustAnchorGroup& group = anchorContainer.getGroup("group1");
113 auto staticGroup = dynamic_cast<StaticTrustAnchorGroup*>(&group);
114 BOOST_REQUIRE(staticGroup != nullptr);
115 BOOST_CHECK_EQUAL(staticGroup->size(), 1);
116 staticGroup->remove(cert1.getName());
117 BOOST_CHECK_EQUAL(staticGroup->size(), 0);
118 BOOST_CHECK_EQUAL(anchorContainer.size(), 0);
119
120 BOOST_CHECK_THROW(anchorContainer.getGroup("non-existing-group"), TrustAnchorContainer::Error);
121}
122
123BOOST_AUTO_TEST_CASE(DynamicAnchorFromDir)
124{
125 boost::filesystem::remove(certPath2);
126
Davide Pesavento0f830802018-01-16 23:58:58 -0500[diff] [blame]127 anchorContainer.insert("group", certDirPath.string(), 1_s, true /* isDir */);
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]128
129 BOOST_CHECK(anchorContainer.find(identity1.getName()) != nullptr);
130 BOOST_CHECK(anchorContainer.find(identity2.getName()) == nullptr);
131 BOOST_CHECK_EQUAL(anchorContainer.getGroup("group").size(), 1);
132
Davide Pesavento4c1ad4c2020-11-16 21:12:02 -0500[diff] [blame]133 saveCert(cert2, certPath2.string());
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]134
Davide Pesavento0f830802018-01-16 23:58:58 -0500[diff] [blame]135 advanceClocks(100_ms, 11);
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]136
137 BOOST_CHECK(anchorContainer.find(identity1.getName()) != nullptr);
138 BOOST_CHECK(anchorContainer.find(identity2.getName()) != nullptr);
139 BOOST_CHECK_EQUAL(anchorContainer.getGroup("group").size(), 2);
140
141 boost::filesystem::remove_all(certDirPath);
142
Davide Pesavento0f830802018-01-16 23:58:58 -0500[diff] [blame]143 advanceClocks(100_ms, 11);
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]144
145 BOOST_CHECK(anchorContainer.find(identity1.getName()) == nullptr);
146 BOOST_CHECK(anchorContainer.find(identity2.getName()) == nullptr);
147 BOOST_CHECK_EQUAL(anchorContainer.getGroup("group").size(), 0);
148}
149
Davide Pesavento4c1ad4c2020-11-16 21:12:02 -0500[diff] [blame]150BOOST_AUTO_TEST_CASE(FindByInterest)
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]151{
Davide Pesavento0f830802018-01-16 23:58:58 -0500[diff] [blame]152 anchorContainer.insert("group1", certPath1.string(), 1_s);
Davide Pesavento478d3382021-03-17 12:46:08 -0400[diff] [blame]153 Interest interest1;
154 interest1.setCanBePrefix(true);
155 interest1.setName(identity1.getName());
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]156 BOOST_CHECK(anchorContainer.find(interest1) != nullptr);
Davide Pesavento478d3382021-03-17 12:46:08 -0400[diff] [blame]157 interest1.setName(identity1.getName().getPrefix(-1));
158 BOOST_CHECK(anchorContainer.find(interest1) != nullptr);
159 interest1.setName(Name(identity1.getName()).appendVersion());
160 BOOST_CHECK(anchorContainer.find(interest1) == nullptr);
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]161
Davide Pesavento4c1ad4c2020-11-16 21:12:02 -0500[diff] [blame]162 auto cert3 = makeCert(identity1.getDefaultKey(), "3");
163 auto cert4 = makeCert(identity1.getDefaultKey(), "4");
164 auto cert5 = makeCert(identity1.getDefaultKey(), "5");
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]165
166 Certificate cert3Copy = cert3;
167 anchorContainer.insert("group2", std::move(cert3Copy));
168 anchorContainer.insert("group3", std::move(cert4));
169 anchorContainer.insert("group4", std::move(cert5));
170
Davide Pesavento478d3382021-03-17 12:46:08 -0400[diff] [blame]171 auto interest3 = Interest(cert3.getKeyName()).setCanBePrefix(true);
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]172 const Certificate* foundCert = anchorContainer.find(interest3);
173 BOOST_REQUIRE(foundCert != nullptr);
174 BOOST_CHECK(interest3.getName().isPrefixOf(foundCert->getName()));
175 BOOST_CHECK_EQUAL(foundCert->getName(), cert3.getName());
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]176}
177
178BOOST_AUTO_TEST_SUITE_END() // TestTrustAnchorContainer
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]179BOOST_AUTO_TEST_SUITE_END() // Security
180
181} // namespace tests
Alexander Afanasyev09236c22020-06-03 13:42:38 -0400[diff] [blame]182} // inline namespace v2
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700[diff] [blame]183} // namespace security
184} // namespace ndn