blob: 64588eb5ca81f4eec715f4e6e018f93ab474826c [file] [log] [blame]
Yingdi Yu5ec0ee32014-06-24 16:26:09 -07001/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
2/**
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -07003 * Copyright (c) 2013-2016 Regents of the University of California.
Yingdi Yu5ec0ee32014-06-24 16:26:09 -07004 *
5 * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
6 *
7 * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8 * terms of the GNU Lesser General Public License as published by the Free Software
9 * Foundation, either version 3 of the License, or (at your option) any later version.
10 *
11 * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License and GNU Lesser
16 * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17 * <http://www.gnu.org/licenses/>.
18 *
19 * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
20 */
21
22#include "security/conf/checker.hpp"
23#include "security/key-chain.hpp"
Yingdi Yu3ed09d02014-10-13 16:24:08 -070024#include "identity-management-fixture.hpp"
Yingdi Yu5ec0ee32014-06-24 16:26:09 -070025#include "boost-test.hpp"
26
27namespace ndn {
Spyridon Mastorakis429634f2015-02-19 17:35:33 -080028namespace security {
29namespace conf {
30namespace tests {
Yingdi Yu5ec0ee32014-06-24 16:26:09 -070031
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -070032using namespace ndn::tests;
33
Spyridon Mastorakis429634f2015-02-19 17:35:33 -080034BOOST_FIXTURE_TEST_SUITE(SecurityConfChecker, IdentityManagementFixture)
Yingdi Yu5ec0ee32014-06-24 16:26:09 -070035
36void
37interestChecked(const shared_ptr<const Interest>& interest)
38{
39 BOOST_CHECK(true);
40}
41
42void
43interestCheckFailed(const shared_ptr<const Interest>& interest,
44 const std::string& failureInfo)
45{
46 std::cerr << failureInfo << std::endl;
47 BOOST_CHECK(false);
48}
49
50void
51interestCheckedFalse(const shared_ptr<const Interest>& interest)
52{
53 BOOST_CHECK(false);
54}
55
56void
57interestCheckFailedFalse(const shared_ptr<const Interest>& interest,
58 const std::string& failureInfo)
59{
60 BOOST_CHECK(true);
61}
62
63void
64dataChecked(const shared_ptr<const Data>& interest)
65{
66 BOOST_CHECK(true);
67}
68
69void
70dataCheckFailed(const shared_ptr<const Data>& interest,
71 const std::string& failureInfo)
72{
73 std::cerr << failureInfo << std::endl;
74 BOOST_CHECK(false);
75}
76
77void
78dataCheckedFalse(const shared_ptr<const Data>& interest)
79{
80 BOOST_CHECK(false);
81}
82
83void
84dataCheckFailedFalse(const shared_ptr<const Data>& interest,
85 const std::string& failureInfo)
86{
87 BOOST_CHECK(true);
88}
89
90
91BOOST_AUTO_TEST_CASE(CustomizedCheckerTest1)
92{
93 using security::conf::CustomizedChecker;
94 using security::conf::KeyLocatorChecker;
95 using security::conf::RelationKeyLocatorNameChecker;
96
Yingdi Yu5ec0ee32014-06-24 16:26:09 -070097 Name identity("/SecurityTestConfChecker/CustomizedCheckerTest1");
Yingdi Yu3ed09d02014-10-13 16:24:08 -070098 BOOST_REQUIRE(addIdentity(identity, RsaKeyParams()));
99 Name certName = m_keyChain.getDefaultCertificateNameForIdentity(identity);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700100
101 Name identity2("/SecurityTestConfChecker/CustomizedCheckerTest1Wrong");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700102 BOOST_REQUIRE(addIdentity(identity2, RsaKeyParams()));
103 Name certName2 = m_keyChain.getDefaultCertificateNameForIdentity(identity2);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700104
105 Name packetName("/SecurityTestConfChecker/CustomizedCheckerTest1/Data");
106 shared_ptr<Data> data1 = make_shared<Data>(packetName);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700107 m_keyChain.sign(*data1,
108 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
109 identity));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700110
111 shared_ptr<Data> data2 = make_shared<Data>(packetName);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700112 m_keyChain.sign(*data2,
113 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
114 identity2));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700115
116 shared_ptr<Interest> interest1 = make_shared<Interest>(packetName);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700117 m_keyChain.sign(*interest1,
118 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
119 identity));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700120
121 shared_ptr<Interest> interest2 = make_shared<Interest>(packetName);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700122 m_keyChain.sign(*interest2,
123 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
124 identity2));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700125
126 int8_t result = 0;
127
128
129 shared_ptr<RelationKeyLocatorNameChecker> keyLocatorCheckerEqual1 =
130 make_shared<RelationKeyLocatorNameChecker>(certName.getPrefix(-1),
131 KeyLocatorChecker::RELATION_EQUAL);
Steve DiBenedetto54ce6682014-07-22 13:22:57 -0600132 CustomizedChecker checker1(tlv::SignatureSha256WithRsa, keyLocatorCheckerEqual1);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700133
134 result = checker1.check(*data1,
135 bind(dataChecked, _1),
136 bind(dataCheckFailed, _1, _2));
137 BOOST_CHECK_EQUAL(result, 0);
138
139 result = checker1.check(*data2,
140 bind(dataCheckedFalse, _1),
141 bind(dataCheckFailedFalse, _1, _2));
142 BOOST_CHECK_EQUAL(result, -1);
143
144 result = checker1.check(*interest1,
145 bind(interestChecked, _1),
146 bind(interestCheckFailed, _1, _2));
147 BOOST_CHECK_EQUAL(result, 0);
148
149 result = checker1.check(*interest2,
150 bind(interestCheckedFalse, _1),
151 bind(interestCheckFailedFalse, _1, _2));
152 BOOST_CHECK_EQUAL(result, -1);
153
154
155 shared_ptr<RelationKeyLocatorNameChecker> keyLocatorCheckerEqual2 =
156 make_shared<RelationKeyLocatorNameChecker>(identity,
157 KeyLocatorChecker::RELATION_EQUAL);
Steve DiBenedetto54ce6682014-07-22 13:22:57 -0600158 CustomizedChecker checker2(tlv::SignatureSha256WithRsa, keyLocatorCheckerEqual2);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700159
160 result = checker2.check(*data1,
161 bind(dataCheckedFalse, _1),
162 bind(dataCheckFailedFalse, _1, _2));
163 BOOST_CHECK_EQUAL(result, -1);
164
165 result = checker2.check(*interest1,
166 bind(interestCheckedFalse, _1),
167 bind(interestCheckFailedFalse, _1, _2));
168 BOOST_CHECK_EQUAL(result, -1);
169
170
171 shared_ptr<RelationKeyLocatorNameChecker> keyLocatorCheckerPrefix1 =
172 make_shared<RelationKeyLocatorNameChecker>(certName.getPrefix(-1),
173 KeyLocatorChecker::RELATION_IS_PREFIX_OF);
Steve DiBenedetto54ce6682014-07-22 13:22:57 -0600174 CustomizedChecker checker3(tlv::SignatureSha256WithRsa, keyLocatorCheckerPrefix1);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700175
176 result = checker3.check(*data1,
177 bind(dataChecked, _1),
178 bind(dataCheckFailed, _1, _2));
179 BOOST_CHECK_EQUAL(result, 0);
180
181 result = checker3.check(*data2,
182 bind(dataCheckedFalse, _1),
183 bind(dataCheckFailedFalse, _1, _2));
184 BOOST_CHECK_EQUAL(result, -1);
185
186
187 shared_ptr<RelationKeyLocatorNameChecker> keyLocatorCheckerPrefix2 =
188 make_shared<RelationKeyLocatorNameChecker>(identity,
189 KeyLocatorChecker::RELATION_IS_PREFIX_OF);
Steve DiBenedetto54ce6682014-07-22 13:22:57 -0600190 CustomizedChecker checker4(tlv::SignatureSha256WithRsa, keyLocatorCheckerPrefix2);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700191
192 result = checker4.check(*data1,
193 bind(dataChecked, _1),
194 bind(dataCheckFailed, _1, _2));
195 BOOST_CHECK_EQUAL(result, 0);
196
197 result = checker4.check(*data2,
198 bind(dataCheckedFalse, _1),
199 bind(dataCheckFailedFalse, _1, _2));
200 BOOST_CHECK_EQUAL(result, -1);
201
202
203 shared_ptr<RelationKeyLocatorNameChecker> keyLocatorCheckerStrict1 =
204 make_shared<RelationKeyLocatorNameChecker>(certName.getPrefix(-1),
205 KeyLocatorChecker::RELATION_IS_STRICT_PREFIX_OF);
Steve DiBenedetto54ce6682014-07-22 13:22:57 -0600206 CustomizedChecker checker5(tlv::SignatureSha256WithRsa, keyLocatorCheckerStrict1);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700207
208 result = checker5.check(*data1,
209 bind(dataCheckedFalse, _1),
210 bind(dataCheckFailedFalse, _1, _2));
211 BOOST_CHECK_EQUAL(result, -1);
212
213 result = checker5.check(*data2,
214 bind(dataCheckedFalse, _1),
215 bind(dataCheckFailedFalse, _1, _2));
216 BOOST_CHECK_EQUAL(result, -1);
217
218 shared_ptr<RelationKeyLocatorNameChecker> keyLocatorCheckerStrict2 =
219 make_shared<RelationKeyLocatorNameChecker>(identity,
220 KeyLocatorChecker::RELATION_IS_STRICT_PREFIX_OF);
Steve DiBenedetto54ce6682014-07-22 13:22:57 -0600221 CustomizedChecker checker6(tlv::SignatureSha256WithRsa, keyLocatorCheckerStrict2);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700222
223 result = checker6.check(*data1,
224 bind(dataCheckedFalse, _1),
225 bind(dataCheckFailedFalse, _1, _2));
226 BOOST_CHECK_EQUAL(result, 0);
227
228 result = checker6.check(*data2,
229 bind(dataCheckedFalse, _1),
230 bind(dataCheckFailedFalse, _1, _2));
231 BOOST_CHECK_EQUAL(result, -1);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700232}
233
234BOOST_AUTO_TEST_CASE(CustomizedCheckerTest2)
235{
236 using security::conf::CustomizedChecker;
237 using security::conf::KeyLocatorChecker;
238 using security::conf::RegexKeyLocatorNameChecker;
239
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700240 Name identity("/SecurityTestConfChecker/CustomizedCheckerTest2");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700241 BOOST_REQUIRE(addIdentity(identity, RsaKeyParams()));
242 Name certName = m_keyChain.getDefaultCertificateNameForIdentity(identity);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700243
244 Name identity2("/SecurityTestConfChecker/CustomizedCheckerTest2Wrong");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700245 BOOST_REQUIRE(addIdentity(identity2, RsaKeyParams()));
246 Name certName2 = m_keyChain.getDefaultCertificateNameForIdentity(identity2);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700247
248 Name packetName("/SecurityTestConfChecker/CustomizedCheckerTest2/Data");
249 shared_ptr<Data> data1 = make_shared<Data>(packetName);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700250 m_keyChain.sign(*data1,
251 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
252 identity));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700253
254 shared_ptr<Data> data2 = make_shared<Data>(packetName);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700255 m_keyChain.sign(*data2,
256 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
257 identity2));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700258
259 shared_ptr<Interest> interest1 = make_shared<Interest>(packetName);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700260 m_keyChain.sign(*interest1,
261 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
262 identity));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700263
264 shared_ptr<Interest> interest2 = make_shared<Interest>(packetName);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700265 m_keyChain.sign(*interest2,
266 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
267 identity2));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700268
269 int8_t result = 0;
270
271
272 shared_ptr<RegexKeyLocatorNameChecker> keyLocatorCheckerRegex1 =
273 make_shared<RegexKeyLocatorNameChecker>(
274 Regex("^<SecurityTestConfChecker><CustomizedCheckerTest2>"));
Steve DiBenedetto54ce6682014-07-22 13:22:57 -0600275 CustomizedChecker checker1(tlv::SignatureSha256WithRsa, keyLocatorCheckerRegex1);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700276
277 result = checker1.check(*data1,
278 bind(dataChecked, _1),
279 bind(dataCheckFailed, _1, _2));
280 BOOST_CHECK_EQUAL(result, 0);
281
282 result = checker1.check(*data2,
283 bind(dataCheckedFalse, _1),
284 bind(dataCheckFailedFalse, _1, _2));
285 BOOST_CHECK_EQUAL(result, -1);
286
287 result = checker1.check(*interest1,
288 bind(interestChecked, _1),
289 bind(interestCheckFailed, _1, _2));
290 BOOST_CHECK_EQUAL(result, 0);
291
292 result = checker1.check(*interest2,
293 bind(interestCheckedFalse, _1),
294 bind(interestCheckFailedFalse, _1, _2));
295 BOOST_CHECK_EQUAL(result, -1);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700296}
297
298BOOST_AUTO_TEST_CASE(CustomizedCheckerTest3)
299{
300 using security::conf::CustomizedChecker;
301 using security::conf::KeyLocatorChecker;
302 using security::conf::RegexKeyLocatorNameChecker;
303
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700304 Name identity("/SecurityTestConfChecker/CustomizedCheckerTest3");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700305 BOOST_REQUIRE(addIdentity(identity, EcdsaKeyParams()));
306 Name certName = m_keyChain.getDefaultCertificateNameForIdentity(identity);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700307
308 Name identity2("/SecurityTestConfChecker/CustomizedCheckerTest3Wrong");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700309 BOOST_REQUIRE(addIdentity(identity2, EcdsaKeyParams()));
310 Name certName2 = m_keyChain.getDefaultCertificateNameForIdentity(identity2);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700311
312 Name packetName("/SecurityTestConfChecker/CustomizedCheckerTest3/Data");
313 shared_ptr<Data> data1 = make_shared<Data>(packetName);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700314 m_keyChain.sign(*data1,
315 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
316 identity));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700317
318 shared_ptr<Data> data2 = make_shared<Data>(packetName);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700319 m_keyChain.sign(*data2,
320 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
321 identity2));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700322
323 shared_ptr<Interest> interest1 = make_shared<Interest>(packetName);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700324 m_keyChain.sign(*interest1,
325 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
326 identity));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700327
328 shared_ptr<Interest> interest2 = make_shared<Interest>(packetName);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700329 m_keyChain.sign(*interest2,
330 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
331 identity2));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700332
333 int8_t result = 0;
334
335
336 shared_ptr<RegexKeyLocatorNameChecker> keyLocatorCheckerRegex1 =
337 make_shared<RegexKeyLocatorNameChecker>(
338 Regex("^<SecurityTestConfChecker><CustomizedCheckerTest3>"));
Steve DiBenedetto54ce6682014-07-22 13:22:57 -0600339 CustomizedChecker checker1(tlv::SignatureSha256WithEcdsa, keyLocatorCheckerRegex1);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700340
341 result = checker1.check(*data1,
342 bind(dataChecked, _1),
343 bind(dataCheckFailed, _1, _2));
344 BOOST_CHECK_EQUAL(result, 0);
345
346 result = checker1.check(*data2,
347 bind(dataCheckedFalse, _1),
348 bind(dataCheckFailedFalse, _1, _2));
349 BOOST_CHECK_EQUAL(result, -1);
350
351 result = checker1.check(*interest1,
352 bind(interestChecked, _1),
353 bind(interestCheckFailed, _1, _2));
354 BOOST_CHECK_EQUAL(result, 0);
355
356 result = checker1.check(*interest2,
357 bind(interestCheckedFalse, _1),
358 bind(interestCheckFailedFalse, _1, _2));
359 BOOST_CHECK_EQUAL(result, -1);
360
361
Steve DiBenedetto54ce6682014-07-22 13:22:57 -0600362 CustomizedChecker checker2(tlv::SignatureSha256WithRsa, keyLocatorCheckerRegex1);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700363
364 result = checker2.check(*data1,
365 bind(dataCheckedFalse, _1),
366 bind(dataCheckFailedFalse, _1, _2));
367 BOOST_CHECK_EQUAL(result, -1);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700368}
369
370BOOST_AUTO_TEST_CASE(HierarchicalCheckerTest1)
371{
372 using security::conf::HierarchicalChecker;
373
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700374 Name identity("/SecurityTestConfChecker/HierarchicalCheckerTest1");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700375 BOOST_REQUIRE(addIdentity(identity, EcdsaKeyParams()));
376 Name certName = m_keyChain.getDefaultCertificateNameForIdentity(identity);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700377
378 Name identity2("/SecurityTestConfChecker/HierarchicalCheckerTest1/Data");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700379 BOOST_REQUIRE(addIdentity(identity2, RsaKeyParams()));
380 Name certName2 = m_keyChain.getDefaultCertificateNameForIdentity(identity2);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700381
382 Name packetName("/SecurityTestConfChecker/HierarchicalCheckerTest1/Data");
383 Name packetName2("/SecurityTestConfChecker");
384 Name packetName3("/SecurityTestConfChecker/HierarchicalCheckerTest1");
385
386 shared_ptr<Data> data1 = make_shared<Data>(packetName);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700387 m_keyChain.sign(*data1,
388 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
389 identity));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700390
391 shared_ptr<Data> data2 = make_shared<Data>(packetName2);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700392 m_keyChain.sign(*data2,
393 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
394 identity));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700395
396 shared_ptr<Data> data3 = make_shared<Data>(packetName3);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700397 m_keyChain.sign(*data3,
398 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
399 identity));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700400
401 shared_ptr<Data> data4 = make_shared<Data>(packetName);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700402 m_keyChain.sign(*data4,
403 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
404 identity2));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700405
406 shared_ptr<Data> data5 = make_shared<Data>(packetName2);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700407 m_keyChain.sign(*data5,
408 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
409 identity2));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700410
411 shared_ptr<Data> data6 = make_shared<Data>(packetName3);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700412 m_keyChain.sign(*data6,
413 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
414 identity2));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700415
416 int8_t result = 0;
417
Steve DiBenedetto54ce6682014-07-22 13:22:57 -0600418 HierarchicalChecker checker1(tlv::SignatureSha256WithEcdsa);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700419
420 result = checker1.check(*data1,
421 bind(dataChecked, _1),
422 bind(dataCheckFailed, _1, _2));
423 BOOST_CHECK_EQUAL(result, 0);
424
425 result = checker1.check(*data2,
426 bind(dataCheckedFalse, _1),
427 bind(dataCheckFailedFalse, _1, _2));
428 BOOST_CHECK_EQUAL(result, -1);
429
430 result = checker1.check(*data3,
431 bind(dataChecked, _1),
432 bind(dataCheckFailed, _1, _2));
433 BOOST_CHECK_EQUAL(result, 0);
434
435 result = checker1.check(*data4,
436 bind(dataCheckedFalse, _1),
437 bind(dataCheckFailedFalse, _1, _2));
438 BOOST_CHECK_EQUAL(result, -1);
439
440 result = checker1.check(*data5,
441 bind(dataCheckedFalse, _1),
442 bind(dataCheckFailedFalse, _1, _2));
443 BOOST_CHECK_EQUAL(result, -1);
444
445 result = checker1.check(*data6,
446 bind(dataCheckedFalse, _1),
447 bind(dataCheckFailedFalse, _1, _2));
448 BOOST_CHECK_EQUAL(result, -1);
449
450
Steve DiBenedetto54ce6682014-07-22 13:22:57 -0600451 HierarchicalChecker checker2(tlv::SignatureSha256WithRsa);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700452
453 result = checker2.check(*data1,
454 bind(dataCheckedFalse, _1),
455 bind(dataCheckFailedFalse, _1, _2));
456 BOOST_CHECK_EQUAL(result, -1);
457
458 result = checker2.check(*data2,
459 bind(dataCheckedFalse, _1),
460 bind(dataCheckFailedFalse, _1, _2));
461 BOOST_CHECK_EQUAL(result, -1);
462
463 result = checker2.check(*data3,
464 bind(dataCheckedFalse, _1),
465 bind(dataCheckFailedFalse, _1, _2));
466 BOOST_CHECK_EQUAL(result, -1);
467
468 result = checker2.check(*data4,
469 bind(dataChecked, _1),
470 bind(dataCheckFailed, _1, _2));
471 BOOST_CHECK_EQUAL(result, 0);
472
473 result = checker2.check(*data5,
474 bind(dataCheckedFalse, _1),
475 bind(dataCheckFailedFalse, _1, _2));
476 BOOST_CHECK_EQUAL(result, -1);
477
478 result = checker2.check(*data6,
479 bind(dataCheckedFalse, _1),
480 bind(dataCheckFailedFalse, _1, _2));
481 BOOST_CHECK_EQUAL(result, -1);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700482}
483
484BOOST_AUTO_TEST_CASE(FixedSignerCheckerTest1)
485{
486 using security::conf::FixedSignerChecker;
487
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700488 Name identity("/SecurityTestConfChecker/FixedSignerCheckerTest1");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700489 BOOST_REQUIRE(addIdentity(identity, EcdsaKeyParams()));
490 Name certName = m_keyChain.getDefaultCertificateNameForIdentity(identity);
491 shared_ptr<IdentityCertificate> cert1 = m_keyChain.getCertificate(certName);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700492
493 Name identity2("/SecurityTestConfChecker/FixedSignerCheckerTest1Wrong");
Yingdi Yu3ed09d02014-10-13 16:24:08 -0700494 BOOST_REQUIRE(addIdentity(identity2, RsaKeyParams()));
495 Name certName2 = m_keyChain.getDefaultCertificateNameForIdentity(identity2);
496 shared_ptr<IdentityCertificate> cert2 = m_keyChain.getCertificate(certName2);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700497
498 Name packetName("/Test/Data");
499
500 shared_ptr<Data> data1 = make_shared<Data>(packetName);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700501 m_keyChain.sign(*data1,
502 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
503 identity));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700504
505 shared_ptr<Data> data2 = make_shared<Data>(packetName);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700506 m_keyChain.sign(*data2,
507 security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID,
508 identity2));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700509
510 std::vector<shared_ptr<IdentityCertificate> > certSet1;
511 certSet1.push_back(cert1);
512
513 std::vector<shared_ptr<IdentityCertificate> > certSet2;
514 certSet2.push_back(cert2);
515
516
517 int8_t result = 0;
518
Steve DiBenedetto54ce6682014-07-22 13:22:57 -0600519 FixedSignerChecker checker1(tlv::SignatureSha256WithEcdsa, certSet1);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700520
521 result = checker1.check(*data1,
522 bind(dataChecked, _1),
523 bind(dataCheckFailed, _1, _2));
524 BOOST_CHECK_EQUAL(result, 1);
525
526 result = checker1.check(*data2,
527 bind(dataCheckedFalse, _1),
528 bind(dataCheckFailedFalse, _1, _2));
529 BOOST_CHECK_EQUAL(result, -1);
530
531
Steve DiBenedetto54ce6682014-07-22 13:22:57 -0600532 FixedSignerChecker checker2(tlv::SignatureSha256WithRsa, certSet1);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700533
534 result = checker2.check(*data1,
535 bind(dataCheckedFalse, _1),
536 bind(dataCheckFailedFalse, _1, _2));
537 BOOST_CHECK_EQUAL(result, -1);
538
539 result = checker2.check(*data2,
540 bind(dataCheckedFalse, _1),
541 bind(dataCheckFailedFalse, _1, _2));
542 BOOST_CHECK_EQUAL(result, -1);
543
544
Steve DiBenedetto54ce6682014-07-22 13:22:57 -0600545 FixedSignerChecker checker3(tlv::SignatureSha256WithEcdsa, certSet2);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700546
547 result = checker3.check(*data1,
548 bind(dataCheckedFalse, _1),
549 bind(dataCheckFailedFalse, _1, _2));
550 BOOST_CHECK_EQUAL(result, -1);
551
552 result = checker3.check(*data2,
553 bind(dataCheckedFalse, _1),
554 bind(dataCheckFailedFalse, _1, _2));
555 BOOST_CHECK_EQUAL(result, -1);
556
557
Steve DiBenedetto54ce6682014-07-22 13:22:57 -0600558 FixedSignerChecker checker4(tlv::SignatureSha256WithRsa, certSet2);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700559
560 result = checker4.check(*data1,
561 bind(dataCheckedFalse, _1),
562 bind(dataCheckFailedFalse, _1, _2));
563 BOOST_CHECK_EQUAL(result, -1);
564
565 result = checker4.check(*data2,
566 bind(dataChecked, _1),
567 bind(dataCheckFailed, _1, _2));
568 BOOST_CHECK_EQUAL(result, 1);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700569}
570
571BOOST_AUTO_TEST_SUITE_END()
572
Spyridon Mastorakis429634f2015-02-19 17:35:33 -0800573} // namespace tests
574} // namespace conf
575} // namespace security
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700576} // namespace ndn