Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 1 | /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */ |
| 2 | /** |
Alexander Afanasyev | e4f8c3b | 2016-06-23 16:03:48 -0700 | [diff] [blame^] | 3 | * Copyright (c) 2013-2016 Regents of the University of California. |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 4 | * |
| 5 | * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions). |
| 6 | * |
| 7 | * ndn-cxx library is free software: you can redistribute it and/or modify it under the |
| 8 | * terms of the GNU Lesser General Public License as published by the Free Software |
| 9 | * Foundation, either version 3 of the License, or (at your option) any later version. |
| 10 | * |
| 11 | * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY |
| 12 | * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A |
| 13 | * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. |
| 14 | * |
| 15 | * You should have received copies of the GNU General Public License and GNU Lesser |
| 16 | * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see |
| 17 | * <http://www.gnu.org/licenses/>. |
| 18 | * |
| 19 | * See AUTHORS.md for complete list of ndn-cxx authors and contributors. |
| 20 | */ |
| 21 | |
| 22 | #include "security/conf/checker.hpp" |
| 23 | #include "security/key-chain.hpp" |
Yingdi Yu | 3ed09d0 | 2014-10-13 16:24:08 -0700 | [diff] [blame] | 24 | #include "identity-management-fixture.hpp" |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 25 | #include "boost-test.hpp" |
| 26 | |
| 27 | namespace ndn { |
Spyridon Mastorakis | 429634f | 2015-02-19 17:35:33 -0800 | [diff] [blame] | 28 | namespace security { |
| 29 | namespace conf { |
| 30 | namespace tests { |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 31 | |
Alexander Afanasyev | e4f8c3b | 2016-06-23 16:03:48 -0700 | [diff] [blame^] | 32 | using namespace ndn::tests; |
| 33 | |
Spyridon Mastorakis | 429634f | 2015-02-19 17:35:33 -0800 | [diff] [blame] | 34 | BOOST_FIXTURE_TEST_SUITE(SecurityConfChecker, IdentityManagementFixture) |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 35 | |
| 36 | void |
| 37 | interestChecked(const shared_ptr<const Interest>& interest) |
| 38 | { |
| 39 | BOOST_CHECK(true); |
| 40 | } |
| 41 | |
| 42 | void |
| 43 | interestCheckFailed(const shared_ptr<const Interest>& interest, |
| 44 | const std::string& failureInfo) |
| 45 | { |
| 46 | std::cerr << failureInfo << std::endl; |
| 47 | BOOST_CHECK(false); |
| 48 | } |
| 49 | |
| 50 | void |
| 51 | interestCheckedFalse(const shared_ptr<const Interest>& interest) |
| 52 | { |
| 53 | BOOST_CHECK(false); |
| 54 | } |
| 55 | |
| 56 | void |
| 57 | interestCheckFailedFalse(const shared_ptr<const Interest>& interest, |
| 58 | const std::string& failureInfo) |
| 59 | { |
| 60 | BOOST_CHECK(true); |
| 61 | } |
| 62 | |
| 63 | void |
| 64 | dataChecked(const shared_ptr<const Data>& interest) |
| 65 | { |
| 66 | BOOST_CHECK(true); |
| 67 | } |
| 68 | |
| 69 | void |
| 70 | dataCheckFailed(const shared_ptr<const Data>& interest, |
| 71 | const std::string& failureInfo) |
| 72 | { |
| 73 | std::cerr << failureInfo << std::endl; |
| 74 | BOOST_CHECK(false); |
| 75 | } |
| 76 | |
| 77 | void |
| 78 | dataCheckedFalse(const shared_ptr<const Data>& interest) |
| 79 | { |
| 80 | BOOST_CHECK(false); |
| 81 | } |
| 82 | |
| 83 | void |
| 84 | dataCheckFailedFalse(const shared_ptr<const Data>& interest, |
| 85 | const std::string& failureInfo) |
| 86 | { |
| 87 | BOOST_CHECK(true); |
| 88 | } |
| 89 | |
| 90 | |
| 91 | BOOST_AUTO_TEST_CASE(CustomizedCheckerTest1) |
| 92 | { |
| 93 | using security::conf::CustomizedChecker; |
| 94 | using security::conf::KeyLocatorChecker; |
| 95 | using security::conf::RelationKeyLocatorNameChecker; |
| 96 | |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 97 | Name identity("/SecurityTestConfChecker/CustomizedCheckerTest1"); |
Yingdi Yu | 3ed09d0 | 2014-10-13 16:24:08 -0700 | [diff] [blame] | 98 | BOOST_REQUIRE(addIdentity(identity, RsaKeyParams())); |
| 99 | Name certName = m_keyChain.getDefaultCertificateNameForIdentity(identity); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 100 | |
| 101 | Name identity2("/SecurityTestConfChecker/CustomizedCheckerTest1Wrong"); |
Yingdi Yu | 3ed09d0 | 2014-10-13 16:24:08 -0700 | [diff] [blame] | 102 | BOOST_REQUIRE(addIdentity(identity2, RsaKeyParams())); |
| 103 | Name certName2 = m_keyChain.getDefaultCertificateNameForIdentity(identity2); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 104 | |
| 105 | Name packetName("/SecurityTestConfChecker/CustomizedCheckerTest1/Data"); |
| 106 | shared_ptr<Data> data1 = make_shared<Data>(packetName); |
Yingdi Yu | 1b0311c | 2015-06-10 14:58:47 -0700 | [diff] [blame] | 107 | m_keyChain.sign(*data1, |
| 108 | security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID, |
| 109 | identity)); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 110 | |
| 111 | shared_ptr<Data> data2 = make_shared<Data>(packetName); |
Yingdi Yu | 1b0311c | 2015-06-10 14:58:47 -0700 | [diff] [blame] | 112 | m_keyChain.sign(*data2, |
| 113 | security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID, |
| 114 | identity2)); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 115 | |
| 116 | shared_ptr<Interest> interest1 = make_shared<Interest>(packetName); |
Yingdi Yu | 1b0311c | 2015-06-10 14:58:47 -0700 | [diff] [blame] | 117 | m_keyChain.sign(*interest1, |
| 118 | security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID, |
| 119 | identity)); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 120 | |
| 121 | shared_ptr<Interest> interest2 = make_shared<Interest>(packetName); |
Yingdi Yu | 1b0311c | 2015-06-10 14:58:47 -0700 | [diff] [blame] | 122 | m_keyChain.sign(*interest2, |
| 123 | security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID, |
| 124 | identity2)); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 125 | |
| 126 | int8_t result = 0; |
| 127 | |
| 128 | |
| 129 | shared_ptr<RelationKeyLocatorNameChecker> keyLocatorCheckerEqual1 = |
| 130 | make_shared<RelationKeyLocatorNameChecker>(certName.getPrefix(-1), |
| 131 | KeyLocatorChecker::RELATION_EQUAL); |
Steve DiBenedetto | 54ce668 | 2014-07-22 13:22:57 -0600 | [diff] [blame] | 132 | CustomizedChecker checker1(tlv::SignatureSha256WithRsa, keyLocatorCheckerEqual1); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 133 | |
| 134 | result = checker1.check(*data1, |
| 135 | bind(dataChecked, _1), |
| 136 | bind(dataCheckFailed, _1, _2)); |
| 137 | BOOST_CHECK_EQUAL(result, 0); |
| 138 | |
| 139 | result = checker1.check(*data2, |
| 140 | bind(dataCheckedFalse, _1), |
| 141 | bind(dataCheckFailedFalse, _1, _2)); |
| 142 | BOOST_CHECK_EQUAL(result, -1); |
| 143 | |
| 144 | result = checker1.check(*interest1, |
| 145 | bind(interestChecked, _1), |
| 146 | bind(interestCheckFailed, _1, _2)); |
| 147 | BOOST_CHECK_EQUAL(result, 0); |
| 148 | |
| 149 | result = checker1.check(*interest2, |
| 150 | bind(interestCheckedFalse, _1), |
| 151 | bind(interestCheckFailedFalse, _1, _2)); |
| 152 | BOOST_CHECK_EQUAL(result, -1); |
| 153 | |
| 154 | |
| 155 | shared_ptr<RelationKeyLocatorNameChecker> keyLocatorCheckerEqual2 = |
| 156 | make_shared<RelationKeyLocatorNameChecker>(identity, |
| 157 | KeyLocatorChecker::RELATION_EQUAL); |
Steve DiBenedetto | 54ce668 | 2014-07-22 13:22:57 -0600 | [diff] [blame] | 158 | CustomizedChecker checker2(tlv::SignatureSha256WithRsa, keyLocatorCheckerEqual2); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 159 | |
| 160 | result = checker2.check(*data1, |
| 161 | bind(dataCheckedFalse, _1), |
| 162 | bind(dataCheckFailedFalse, _1, _2)); |
| 163 | BOOST_CHECK_EQUAL(result, -1); |
| 164 | |
| 165 | result = checker2.check(*interest1, |
| 166 | bind(interestCheckedFalse, _1), |
| 167 | bind(interestCheckFailedFalse, _1, _2)); |
| 168 | BOOST_CHECK_EQUAL(result, -1); |
| 169 | |
| 170 | |
| 171 | shared_ptr<RelationKeyLocatorNameChecker> keyLocatorCheckerPrefix1 = |
| 172 | make_shared<RelationKeyLocatorNameChecker>(certName.getPrefix(-1), |
| 173 | KeyLocatorChecker::RELATION_IS_PREFIX_OF); |
Steve DiBenedetto | 54ce668 | 2014-07-22 13:22:57 -0600 | [diff] [blame] | 174 | CustomizedChecker checker3(tlv::SignatureSha256WithRsa, keyLocatorCheckerPrefix1); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 175 | |
| 176 | result = checker3.check(*data1, |
| 177 | bind(dataChecked, _1), |
| 178 | bind(dataCheckFailed, _1, _2)); |
| 179 | BOOST_CHECK_EQUAL(result, 0); |
| 180 | |
| 181 | result = checker3.check(*data2, |
| 182 | bind(dataCheckedFalse, _1), |
| 183 | bind(dataCheckFailedFalse, _1, _2)); |
| 184 | BOOST_CHECK_EQUAL(result, -1); |
| 185 | |
| 186 | |
| 187 | shared_ptr<RelationKeyLocatorNameChecker> keyLocatorCheckerPrefix2 = |
| 188 | make_shared<RelationKeyLocatorNameChecker>(identity, |
| 189 | KeyLocatorChecker::RELATION_IS_PREFIX_OF); |
Steve DiBenedetto | 54ce668 | 2014-07-22 13:22:57 -0600 | [diff] [blame] | 190 | CustomizedChecker checker4(tlv::SignatureSha256WithRsa, keyLocatorCheckerPrefix2); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 191 | |
| 192 | result = checker4.check(*data1, |
| 193 | bind(dataChecked, _1), |
| 194 | bind(dataCheckFailed, _1, _2)); |
| 195 | BOOST_CHECK_EQUAL(result, 0); |
| 196 | |
| 197 | result = checker4.check(*data2, |
| 198 | bind(dataCheckedFalse, _1), |
| 199 | bind(dataCheckFailedFalse, _1, _2)); |
| 200 | BOOST_CHECK_EQUAL(result, -1); |
| 201 | |
| 202 | |
| 203 | shared_ptr<RelationKeyLocatorNameChecker> keyLocatorCheckerStrict1 = |
| 204 | make_shared<RelationKeyLocatorNameChecker>(certName.getPrefix(-1), |
| 205 | KeyLocatorChecker::RELATION_IS_STRICT_PREFIX_OF); |
Steve DiBenedetto | 54ce668 | 2014-07-22 13:22:57 -0600 | [diff] [blame] | 206 | CustomizedChecker checker5(tlv::SignatureSha256WithRsa, keyLocatorCheckerStrict1); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 207 | |
| 208 | result = checker5.check(*data1, |
| 209 | bind(dataCheckedFalse, _1), |
| 210 | bind(dataCheckFailedFalse, _1, _2)); |
| 211 | BOOST_CHECK_EQUAL(result, -1); |
| 212 | |
| 213 | result = checker5.check(*data2, |
| 214 | bind(dataCheckedFalse, _1), |
| 215 | bind(dataCheckFailedFalse, _1, _2)); |
| 216 | BOOST_CHECK_EQUAL(result, -1); |
| 217 | |
| 218 | shared_ptr<RelationKeyLocatorNameChecker> keyLocatorCheckerStrict2 = |
| 219 | make_shared<RelationKeyLocatorNameChecker>(identity, |
| 220 | KeyLocatorChecker::RELATION_IS_STRICT_PREFIX_OF); |
Steve DiBenedetto | 54ce668 | 2014-07-22 13:22:57 -0600 | [diff] [blame] | 221 | CustomizedChecker checker6(tlv::SignatureSha256WithRsa, keyLocatorCheckerStrict2); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 222 | |
| 223 | result = checker6.check(*data1, |
| 224 | bind(dataCheckedFalse, _1), |
| 225 | bind(dataCheckFailedFalse, _1, _2)); |
| 226 | BOOST_CHECK_EQUAL(result, 0); |
| 227 | |
| 228 | result = checker6.check(*data2, |
| 229 | bind(dataCheckedFalse, _1), |
| 230 | bind(dataCheckFailedFalse, _1, _2)); |
| 231 | BOOST_CHECK_EQUAL(result, -1); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 232 | } |
| 233 | |
| 234 | BOOST_AUTO_TEST_CASE(CustomizedCheckerTest2) |
| 235 | { |
| 236 | using security::conf::CustomizedChecker; |
| 237 | using security::conf::KeyLocatorChecker; |
| 238 | using security::conf::RegexKeyLocatorNameChecker; |
| 239 | |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 240 | Name identity("/SecurityTestConfChecker/CustomizedCheckerTest2"); |
Yingdi Yu | 3ed09d0 | 2014-10-13 16:24:08 -0700 | [diff] [blame] | 241 | BOOST_REQUIRE(addIdentity(identity, RsaKeyParams())); |
| 242 | Name certName = m_keyChain.getDefaultCertificateNameForIdentity(identity); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 243 | |
| 244 | Name identity2("/SecurityTestConfChecker/CustomizedCheckerTest2Wrong"); |
Yingdi Yu | 3ed09d0 | 2014-10-13 16:24:08 -0700 | [diff] [blame] | 245 | BOOST_REQUIRE(addIdentity(identity2, RsaKeyParams())); |
| 246 | Name certName2 = m_keyChain.getDefaultCertificateNameForIdentity(identity2); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 247 | |
| 248 | Name packetName("/SecurityTestConfChecker/CustomizedCheckerTest2/Data"); |
| 249 | shared_ptr<Data> data1 = make_shared<Data>(packetName); |
Yingdi Yu | 1b0311c | 2015-06-10 14:58:47 -0700 | [diff] [blame] | 250 | m_keyChain.sign(*data1, |
| 251 | security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID, |
| 252 | identity)); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 253 | |
| 254 | shared_ptr<Data> data2 = make_shared<Data>(packetName); |
Yingdi Yu | 1b0311c | 2015-06-10 14:58:47 -0700 | [diff] [blame] | 255 | m_keyChain.sign(*data2, |
| 256 | security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID, |
| 257 | identity2)); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 258 | |
| 259 | shared_ptr<Interest> interest1 = make_shared<Interest>(packetName); |
Yingdi Yu | 1b0311c | 2015-06-10 14:58:47 -0700 | [diff] [blame] | 260 | m_keyChain.sign(*interest1, |
| 261 | security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID, |
| 262 | identity)); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 263 | |
| 264 | shared_ptr<Interest> interest2 = make_shared<Interest>(packetName); |
Yingdi Yu | 1b0311c | 2015-06-10 14:58:47 -0700 | [diff] [blame] | 265 | m_keyChain.sign(*interest2, |
| 266 | security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID, |
| 267 | identity2)); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 268 | |
| 269 | int8_t result = 0; |
| 270 | |
| 271 | |
| 272 | shared_ptr<RegexKeyLocatorNameChecker> keyLocatorCheckerRegex1 = |
| 273 | make_shared<RegexKeyLocatorNameChecker>( |
| 274 | Regex("^<SecurityTestConfChecker><CustomizedCheckerTest2>")); |
Steve DiBenedetto | 54ce668 | 2014-07-22 13:22:57 -0600 | [diff] [blame] | 275 | CustomizedChecker checker1(tlv::SignatureSha256WithRsa, keyLocatorCheckerRegex1); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 276 | |
| 277 | result = checker1.check(*data1, |
| 278 | bind(dataChecked, _1), |
| 279 | bind(dataCheckFailed, _1, _2)); |
| 280 | BOOST_CHECK_EQUAL(result, 0); |
| 281 | |
| 282 | result = checker1.check(*data2, |
| 283 | bind(dataCheckedFalse, _1), |
| 284 | bind(dataCheckFailedFalse, _1, _2)); |
| 285 | BOOST_CHECK_EQUAL(result, -1); |
| 286 | |
| 287 | result = checker1.check(*interest1, |
| 288 | bind(interestChecked, _1), |
| 289 | bind(interestCheckFailed, _1, _2)); |
| 290 | BOOST_CHECK_EQUAL(result, 0); |
| 291 | |
| 292 | result = checker1.check(*interest2, |
| 293 | bind(interestCheckedFalse, _1), |
| 294 | bind(interestCheckFailedFalse, _1, _2)); |
| 295 | BOOST_CHECK_EQUAL(result, -1); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 296 | } |
| 297 | |
| 298 | BOOST_AUTO_TEST_CASE(CustomizedCheckerTest3) |
| 299 | { |
| 300 | using security::conf::CustomizedChecker; |
| 301 | using security::conf::KeyLocatorChecker; |
| 302 | using security::conf::RegexKeyLocatorNameChecker; |
| 303 | |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 304 | Name identity("/SecurityTestConfChecker/CustomizedCheckerTest3"); |
Yingdi Yu | 3ed09d0 | 2014-10-13 16:24:08 -0700 | [diff] [blame] | 305 | BOOST_REQUIRE(addIdentity(identity, EcdsaKeyParams())); |
| 306 | Name certName = m_keyChain.getDefaultCertificateNameForIdentity(identity); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 307 | |
| 308 | Name identity2("/SecurityTestConfChecker/CustomizedCheckerTest3Wrong"); |
Yingdi Yu | 3ed09d0 | 2014-10-13 16:24:08 -0700 | [diff] [blame] | 309 | BOOST_REQUIRE(addIdentity(identity2, EcdsaKeyParams())); |
| 310 | Name certName2 = m_keyChain.getDefaultCertificateNameForIdentity(identity2); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 311 | |
| 312 | Name packetName("/SecurityTestConfChecker/CustomizedCheckerTest3/Data"); |
| 313 | shared_ptr<Data> data1 = make_shared<Data>(packetName); |
Yingdi Yu | 1b0311c | 2015-06-10 14:58:47 -0700 | [diff] [blame] | 314 | m_keyChain.sign(*data1, |
| 315 | security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID, |
| 316 | identity)); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 317 | |
| 318 | shared_ptr<Data> data2 = make_shared<Data>(packetName); |
Yingdi Yu | 1b0311c | 2015-06-10 14:58:47 -0700 | [diff] [blame] | 319 | m_keyChain.sign(*data2, |
| 320 | security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID, |
| 321 | identity2)); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 322 | |
| 323 | shared_ptr<Interest> interest1 = make_shared<Interest>(packetName); |
Yingdi Yu | 1b0311c | 2015-06-10 14:58:47 -0700 | [diff] [blame] | 324 | m_keyChain.sign(*interest1, |
| 325 | security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID, |
| 326 | identity)); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 327 | |
| 328 | shared_ptr<Interest> interest2 = make_shared<Interest>(packetName); |
Yingdi Yu | 1b0311c | 2015-06-10 14:58:47 -0700 | [diff] [blame] | 329 | m_keyChain.sign(*interest2, |
| 330 | security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID, |
| 331 | identity2)); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 332 | |
| 333 | int8_t result = 0; |
| 334 | |
| 335 | |
| 336 | shared_ptr<RegexKeyLocatorNameChecker> keyLocatorCheckerRegex1 = |
| 337 | make_shared<RegexKeyLocatorNameChecker>( |
| 338 | Regex("^<SecurityTestConfChecker><CustomizedCheckerTest3>")); |
Steve DiBenedetto | 54ce668 | 2014-07-22 13:22:57 -0600 | [diff] [blame] | 339 | CustomizedChecker checker1(tlv::SignatureSha256WithEcdsa, keyLocatorCheckerRegex1); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 340 | |
| 341 | result = checker1.check(*data1, |
| 342 | bind(dataChecked, _1), |
| 343 | bind(dataCheckFailed, _1, _2)); |
| 344 | BOOST_CHECK_EQUAL(result, 0); |
| 345 | |
| 346 | result = checker1.check(*data2, |
| 347 | bind(dataCheckedFalse, _1), |
| 348 | bind(dataCheckFailedFalse, _1, _2)); |
| 349 | BOOST_CHECK_EQUAL(result, -1); |
| 350 | |
| 351 | result = checker1.check(*interest1, |
| 352 | bind(interestChecked, _1), |
| 353 | bind(interestCheckFailed, _1, _2)); |
| 354 | BOOST_CHECK_EQUAL(result, 0); |
| 355 | |
| 356 | result = checker1.check(*interest2, |
| 357 | bind(interestCheckedFalse, _1), |
| 358 | bind(interestCheckFailedFalse, _1, _2)); |
| 359 | BOOST_CHECK_EQUAL(result, -1); |
| 360 | |
| 361 | |
Steve DiBenedetto | 54ce668 | 2014-07-22 13:22:57 -0600 | [diff] [blame] | 362 | CustomizedChecker checker2(tlv::SignatureSha256WithRsa, keyLocatorCheckerRegex1); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 363 | |
| 364 | result = checker2.check(*data1, |
| 365 | bind(dataCheckedFalse, _1), |
| 366 | bind(dataCheckFailedFalse, _1, _2)); |
| 367 | BOOST_CHECK_EQUAL(result, -1); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 368 | } |
| 369 | |
| 370 | BOOST_AUTO_TEST_CASE(HierarchicalCheckerTest1) |
| 371 | { |
| 372 | using security::conf::HierarchicalChecker; |
| 373 | |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 374 | Name identity("/SecurityTestConfChecker/HierarchicalCheckerTest1"); |
Yingdi Yu | 3ed09d0 | 2014-10-13 16:24:08 -0700 | [diff] [blame] | 375 | BOOST_REQUIRE(addIdentity(identity, EcdsaKeyParams())); |
| 376 | Name certName = m_keyChain.getDefaultCertificateNameForIdentity(identity); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 377 | |
| 378 | Name identity2("/SecurityTestConfChecker/HierarchicalCheckerTest1/Data"); |
Yingdi Yu | 3ed09d0 | 2014-10-13 16:24:08 -0700 | [diff] [blame] | 379 | BOOST_REQUIRE(addIdentity(identity2, RsaKeyParams())); |
| 380 | Name certName2 = m_keyChain.getDefaultCertificateNameForIdentity(identity2); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 381 | |
| 382 | Name packetName("/SecurityTestConfChecker/HierarchicalCheckerTest1/Data"); |
| 383 | Name packetName2("/SecurityTestConfChecker"); |
| 384 | Name packetName3("/SecurityTestConfChecker/HierarchicalCheckerTest1"); |
| 385 | |
| 386 | shared_ptr<Data> data1 = make_shared<Data>(packetName); |
Yingdi Yu | 1b0311c | 2015-06-10 14:58:47 -0700 | [diff] [blame] | 387 | m_keyChain.sign(*data1, |
| 388 | security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID, |
| 389 | identity)); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 390 | |
| 391 | shared_ptr<Data> data2 = make_shared<Data>(packetName2); |
Yingdi Yu | 1b0311c | 2015-06-10 14:58:47 -0700 | [diff] [blame] | 392 | m_keyChain.sign(*data2, |
| 393 | security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID, |
| 394 | identity)); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 395 | |
| 396 | shared_ptr<Data> data3 = make_shared<Data>(packetName3); |
Yingdi Yu | 1b0311c | 2015-06-10 14:58:47 -0700 | [diff] [blame] | 397 | m_keyChain.sign(*data3, |
| 398 | security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID, |
| 399 | identity)); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 400 | |
| 401 | shared_ptr<Data> data4 = make_shared<Data>(packetName); |
Yingdi Yu | 1b0311c | 2015-06-10 14:58:47 -0700 | [diff] [blame] | 402 | m_keyChain.sign(*data4, |
| 403 | security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID, |
| 404 | identity2)); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 405 | |
| 406 | shared_ptr<Data> data5 = make_shared<Data>(packetName2); |
Yingdi Yu | 1b0311c | 2015-06-10 14:58:47 -0700 | [diff] [blame] | 407 | m_keyChain.sign(*data5, |
| 408 | security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID, |
| 409 | identity2)); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 410 | |
| 411 | shared_ptr<Data> data6 = make_shared<Data>(packetName3); |
Yingdi Yu | 1b0311c | 2015-06-10 14:58:47 -0700 | [diff] [blame] | 412 | m_keyChain.sign(*data6, |
| 413 | security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID, |
| 414 | identity2)); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 415 | |
| 416 | int8_t result = 0; |
| 417 | |
Steve DiBenedetto | 54ce668 | 2014-07-22 13:22:57 -0600 | [diff] [blame] | 418 | HierarchicalChecker checker1(tlv::SignatureSha256WithEcdsa); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 419 | |
| 420 | result = checker1.check(*data1, |
| 421 | bind(dataChecked, _1), |
| 422 | bind(dataCheckFailed, _1, _2)); |
| 423 | BOOST_CHECK_EQUAL(result, 0); |
| 424 | |
| 425 | result = checker1.check(*data2, |
| 426 | bind(dataCheckedFalse, _1), |
| 427 | bind(dataCheckFailedFalse, _1, _2)); |
| 428 | BOOST_CHECK_EQUAL(result, -1); |
| 429 | |
| 430 | result = checker1.check(*data3, |
| 431 | bind(dataChecked, _1), |
| 432 | bind(dataCheckFailed, _1, _2)); |
| 433 | BOOST_CHECK_EQUAL(result, 0); |
| 434 | |
| 435 | result = checker1.check(*data4, |
| 436 | bind(dataCheckedFalse, _1), |
| 437 | bind(dataCheckFailedFalse, _1, _2)); |
| 438 | BOOST_CHECK_EQUAL(result, -1); |
| 439 | |
| 440 | result = checker1.check(*data5, |
| 441 | bind(dataCheckedFalse, _1), |
| 442 | bind(dataCheckFailedFalse, _1, _2)); |
| 443 | BOOST_CHECK_EQUAL(result, -1); |
| 444 | |
| 445 | result = checker1.check(*data6, |
| 446 | bind(dataCheckedFalse, _1), |
| 447 | bind(dataCheckFailedFalse, _1, _2)); |
| 448 | BOOST_CHECK_EQUAL(result, -1); |
| 449 | |
| 450 | |
Steve DiBenedetto | 54ce668 | 2014-07-22 13:22:57 -0600 | [diff] [blame] | 451 | HierarchicalChecker checker2(tlv::SignatureSha256WithRsa); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 452 | |
| 453 | result = checker2.check(*data1, |
| 454 | bind(dataCheckedFalse, _1), |
| 455 | bind(dataCheckFailedFalse, _1, _2)); |
| 456 | BOOST_CHECK_EQUAL(result, -1); |
| 457 | |
| 458 | result = checker2.check(*data2, |
| 459 | bind(dataCheckedFalse, _1), |
| 460 | bind(dataCheckFailedFalse, _1, _2)); |
| 461 | BOOST_CHECK_EQUAL(result, -1); |
| 462 | |
| 463 | result = checker2.check(*data3, |
| 464 | bind(dataCheckedFalse, _1), |
| 465 | bind(dataCheckFailedFalse, _1, _2)); |
| 466 | BOOST_CHECK_EQUAL(result, -1); |
| 467 | |
| 468 | result = checker2.check(*data4, |
| 469 | bind(dataChecked, _1), |
| 470 | bind(dataCheckFailed, _1, _2)); |
| 471 | BOOST_CHECK_EQUAL(result, 0); |
| 472 | |
| 473 | result = checker2.check(*data5, |
| 474 | bind(dataCheckedFalse, _1), |
| 475 | bind(dataCheckFailedFalse, _1, _2)); |
| 476 | BOOST_CHECK_EQUAL(result, -1); |
| 477 | |
| 478 | result = checker2.check(*data6, |
| 479 | bind(dataCheckedFalse, _1), |
| 480 | bind(dataCheckFailedFalse, _1, _2)); |
| 481 | BOOST_CHECK_EQUAL(result, -1); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 482 | } |
| 483 | |
| 484 | BOOST_AUTO_TEST_CASE(FixedSignerCheckerTest1) |
| 485 | { |
| 486 | using security::conf::FixedSignerChecker; |
| 487 | |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 488 | Name identity("/SecurityTestConfChecker/FixedSignerCheckerTest1"); |
Yingdi Yu | 3ed09d0 | 2014-10-13 16:24:08 -0700 | [diff] [blame] | 489 | BOOST_REQUIRE(addIdentity(identity, EcdsaKeyParams())); |
| 490 | Name certName = m_keyChain.getDefaultCertificateNameForIdentity(identity); |
| 491 | shared_ptr<IdentityCertificate> cert1 = m_keyChain.getCertificate(certName); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 492 | |
| 493 | Name identity2("/SecurityTestConfChecker/FixedSignerCheckerTest1Wrong"); |
Yingdi Yu | 3ed09d0 | 2014-10-13 16:24:08 -0700 | [diff] [blame] | 494 | BOOST_REQUIRE(addIdentity(identity2, RsaKeyParams())); |
| 495 | Name certName2 = m_keyChain.getDefaultCertificateNameForIdentity(identity2); |
| 496 | shared_ptr<IdentityCertificate> cert2 = m_keyChain.getCertificate(certName2); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 497 | |
| 498 | Name packetName("/Test/Data"); |
| 499 | |
| 500 | shared_ptr<Data> data1 = make_shared<Data>(packetName); |
Yingdi Yu | 1b0311c | 2015-06-10 14:58:47 -0700 | [diff] [blame] | 501 | m_keyChain.sign(*data1, |
| 502 | security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID, |
| 503 | identity)); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 504 | |
| 505 | shared_ptr<Data> data2 = make_shared<Data>(packetName); |
Yingdi Yu | 1b0311c | 2015-06-10 14:58:47 -0700 | [diff] [blame] | 506 | m_keyChain.sign(*data2, |
| 507 | security::SigningInfo(security::SigningInfo::SIGNER_TYPE_ID, |
| 508 | identity2)); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 509 | |
| 510 | std::vector<shared_ptr<IdentityCertificate> > certSet1; |
| 511 | certSet1.push_back(cert1); |
| 512 | |
| 513 | std::vector<shared_ptr<IdentityCertificate> > certSet2; |
| 514 | certSet2.push_back(cert2); |
| 515 | |
| 516 | |
| 517 | int8_t result = 0; |
| 518 | |
Steve DiBenedetto | 54ce668 | 2014-07-22 13:22:57 -0600 | [diff] [blame] | 519 | FixedSignerChecker checker1(tlv::SignatureSha256WithEcdsa, certSet1); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 520 | |
| 521 | result = checker1.check(*data1, |
| 522 | bind(dataChecked, _1), |
| 523 | bind(dataCheckFailed, _1, _2)); |
| 524 | BOOST_CHECK_EQUAL(result, 1); |
| 525 | |
| 526 | result = checker1.check(*data2, |
| 527 | bind(dataCheckedFalse, _1), |
| 528 | bind(dataCheckFailedFalse, _1, _2)); |
| 529 | BOOST_CHECK_EQUAL(result, -1); |
| 530 | |
| 531 | |
Steve DiBenedetto | 54ce668 | 2014-07-22 13:22:57 -0600 | [diff] [blame] | 532 | FixedSignerChecker checker2(tlv::SignatureSha256WithRsa, certSet1); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 533 | |
| 534 | result = checker2.check(*data1, |
| 535 | bind(dataCheckedFalse, _1), |
| 536 | bind(dataCheckFailedFalse, _1, _2)); |
| 537 | BOOST_CHECK_EQUAL(result, -1); |
| 538 | |
| 539 | result = checker2.check(*data2, |
| 540 | bind(dataCheckedFalse, _1), |
| 541 | bind(dataCheckFailedFalse, _1, _2)); |
| 542 | BOOST_CHECK_EQUAL(result, -1); |
| 543 | |
| 544 | |
Steve DiBenedetto | 54ce668 | 2014-07-22 13:22:57 -0600 | [diff] [blame] | 545 | FixedSignerChecker checker3(tlv::SignatureSha256WithEcdsa, certSet2); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 546 | |
| 547 | result = checker3.check(*data1, |
| 548 | bind(dataCheckedFalse, _1), |
| 549 | bind(dataCheckFailedFalse, _1, _2)); |
| 550 | BOOST_CHECK_EQUAL(result, -1); |
| 551 | |
| 552 | result = checker3.check(*data2, |
| 553 | bind(dataCheckedFalse, _1), |
| 554 | bind(dataCheckFailedFalse, _1, _2)); |
| 555 | BOOST_CHECK_EQUAL(result, -1); |
| 556 | |
| 557 | |
Steve DiBenedetto | 54ce668 | 2014-07-22 13:22:57 -0600 | [diff] [blame] | 558 | FixedSignerChecker checker4(tlv::SignatureSha256WithRsa, certSet2); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 559 | |
| 560 | result = checker4.check(*data1, |
| 561 | bind(dataCheckedFalse, _1), |
| 562 | bind(dataCheckFailedFalse, _1, _2)); |
| 563 | BOOST_CHECK_EQUAL(result, -1); |
| 564 | |
| 565 | result = checker4.check(*data2, |
| 566 | bind(dataChecked, _1), |
| 567 | bind(dataCheckFailed, _1, _2)); |
| 568 | BOOST_CHECK_EQUAL(result, 1); |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 569 | } |
| 570 | |
| 571 | BOOST_AUTO_TEST_SUITE_END() |
| 572 | |
Spyridon Mastorakis | 429634f | 2015-02-19 17:35:33 -0800 | [diff] [blame] | 573 | } // namespace tests |
| 574 | } // namespace conf |
| 575 | } // namespace security |
Yingdi Yu | 5ec0ee3 | 2014-06-24 16:26:09 -0700 | [diff] [blame] | 576 | } // namespace ndn |