Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / e4f8c3bec24566cfe7bfcc505ab39b0bf124ba98 / . / tests / unit-tests / security / key-chain.t.cpp
blob: 797ce019f74e714c25060ca79bae799256ea8b71 [file] [log] [blame]
Alexander Afanasyevc169a812014-05-20 20:37:29 -0400[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]2/**
José Quevedo641de4c2016-01-29 00:11:24 +0000[diff] [blame]3 * Copyright (c) 2013-2016 Regents of the University of California.
Alexander Afanasyevdfa52c42014-04-24 21:10:11 -0700[diff] [blame]4 *
5 * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
Alexander Afanasyevdfa52c42014-04-24 21:10:11 -0700[diff] [blame]6 *
Alexander Afanasyevc169a812014-05-20 20:37:29 -0400[diff] [blame]7 * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8 * terms of the GNU Lesser General Public License as published by the Free Software
9 * Foundation, either version 3 of the License, or (at your option) any later version.
10 *
11 * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License and GNU Lesser
16 * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17 * <http://www.gnu.org/licenses/>.
18 *
19 * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]20 */
21
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]22#include "security/key-chain.hpp"
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]23#include "security/validator.hpp"
José Quevedo641de4c2016-01-29 00:11:24 +0000[diff] [blame]24#include "security/signing-helpers.hpp"
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]25
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]26#include "boost-test.hpp"
Alexander Afanasyev07113802015-01-15 19:14:36 -0800[diff] [blame]27#include "dummy-keychain.hpp"
José Quevedo641de4c2016-01-29 00:11:24 +0000[diff] [blame]28#include "../util/test-home-environment-fixture.hpp"
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]29#include "key-chain-fixture.hpp"
30#include "identity-management-fixture.hpp"
José Quevedo641de4c2016-01-29 00:11:24 +0000[diff] [blame]31
32#include <boost/filesystem.hpp>
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]33#include <boost/algorithm/string.hpp>
34#include <fstream>
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]35
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]36namespace ndn {
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]37namespace security {
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]38namespace tests {
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]39
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]40using namespace ndn::tests;
41
Spyridon Mastorakis429634f2015-02-19 17:35:33 -0800[diff] [blame]42BOOST_FIXTURE_TEST_SUITE(SecurityKeyChain, util::TestHomeEnvironmentFixture)
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]43
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]44template<class Path>
45class TestHomeAndPibFixture : public PibDirFixture<Path>
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]46{
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]47public:
48 TestHomeAndPibFixture()
49 {
50 setenv("TEST_HOME", this->m_pibDir.c_str(), true);
51 unsetenv("NDN_CLIENT_PIB");
52 unsetenv("NDN_CLIENT_TPM");
53 }
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]54
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]55 ~TestHomeAndPibFixture()
56 {
57 unsetenv("TEST_HOME");
58 }
59
60 void
61 createClientConf(std::initializer_list<std::string> lines)
62 {
63 boost::filesystem::create_directories(boost::filesystem::path(this->m_pibDir) / ".ndn");
64 std::ofstream of((boost::filesystem::path(this->m_pibDir) / ".ndn" / "client.conf").c_str());
65 for (auto line : lines) {
66 boost::replace_all(line, "%PATH%", this->m_pibDir);
67 of << line << std::endl;
68 }
69 }
70};
71
72struct PibPathSqlite3File
73{
74 const std::string PATH = "build/keys-sqlite3-file/";
75};
76
77BOOST_FIXTURE_TEST_CASE(ConstructorNormalConfig, TestHomeAndPibFixture<PibPathSqlite3File>)
78{
79 createClientConf({"pib=pib-sqlite3:%PATH%", "tpm=tpm-file:%PATH%"});
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]80
81 BOOST_REQUIRE_NO_THROW(KeyChain());
82
Alexander Afanasyev07113802015-01-15 19:14:36 -0800[diff] [blame]83 KeyChain keyChain;
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]84 BOOST_CHECK_EQUAL(keyChain.getPib().getPibLocator(), "pib-sqlite3:" + m_pibDir);
85 BOOST_CHECK_EQUAL(keyChain.getPib().getTpmLocator(), "tpm-file:" + m_pibDir);
86 BOOST_CHECK_EQUAL(keyChain.getTpm().getTpmLocator(), "tpm-file:" + m_pibDir);
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]87}
88
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]89struct PibPathSqlite3Empty
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]90{
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]91 const std::string PATH = "build/keys-sqlite3-empty/";
92};
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]93
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]94BOOST_FIXTURE_TEST_CASE(ConstructorEmptyConfig, TestHomeAndPibFixture<PibPathSqlite3Empty>)
95{
96 createClientConf({"pib=pib-sqlite3:%PATH%"});
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]97
Yingdi Yu41546342014-11-30 23:37:53 -0800[diff] [blame]98#if defined(NDN_CXX_HAVE_OSX_SECURITY)
99 std::string oldHOME;
100 if (std::getenv("OLD_HOME"))
101 oldHOME = std::getenv("OLD_HOME");
102
103 std::string HOME;
104 if (std::getenv("HOME"))
105 HOME = std::getenv("HOME");
106
107 if (!oldHOME.empty())
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]108 setenv("HOME", oldHOME.c_str(), true);
Yingdi Yu41546342014-11-30 23:37:53 -0800[diff] [blame]109 else
110 unsetenv("HOME");
111#endif
112
113 BOOST_REQUIRE_NO_THROW(KeyChain());
Alexander Afanasyev07113802015-01-15 19:14:36 -0800[diff] [blame]114 KeyChain keyChain;
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]115 BOOST_CHECK_EQUAL(keyChain.getPib().getPibLocator(), "pib-sqlite3:" + m_pibDir);
Alexander Afanasyev07113802015-01-15 19:14:36 -0800[diff] [blame]116
117#if defined(NDN_CXX_HAVE_OSX_SECURITY)
118 BOOST_CHECK_EQUAL(keyChain.getPib().getTpmLocator(), "tpm-osxkeychain:");
119 BOOST_CHECK_EQUAL(keyChain.getTpm().getTpmLocator(), "tpm-osxkeychain:");
120#else
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]121 BOOST_CHECK_EQUAL(keyChain.getPib().getTpmLocator(), "tpm-file:");
122 BOOST_CHECK_EQUAL(keyChain.getTpm().getTpmLocator(), "tpm-file:");
Alexander Afanasyev07113802015-01-15 19:14:36 -0800[diff] [blame]123#endif
Yingdi Yu41546342014-11-30 23:37:53 -0800[diff] [blame]124
125#if defined(NDN_CXX_HAVE_OSX_SECURITY)
126 if (!HOME.empty())
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]127 setenv("HOME", HOME.c_str(), true);
Yingdi Yu41546342014-11-30 23:37:53 -0800[diff] [blame]128 else
129 unsetenv("HOME");
130#endif
Yingdi Yu41546342014-11-30 23:37:53 -0800[diff] [blame]131}
132
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]133struct PibPathEmptyFile
Yingdi Yu41546342014-11-30 23:37:53 -0800[diff] [blame]134{
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]135 const std::string PATH = "build/keys-empty-file/";
136};
Yingdi Yu41546342014-11-30 23:37:53 -0800[diff] [blame]137
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]138BOOST_FIXTURE_TEST_CASE(ConstructorEmpty2Config, TestHomeAndPibFixture<PibPathEmptyFile>)
139{
140 createClientConf({"tpm=tpm-file:%PATH%"});
Yingdi Yu41546342014-11-30 23:37:53 -0800[diff] [blame]141
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]142 BOOST_REQUIRE_NO_THROW(KeyChain());
143
Alexander Afanasyev07113802015-01-15 19:14:36 -0800[diff] [blame]144 KeyChain keyChain;
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]145 BOOST_CHECK_EQUAL(keyChain.getPib().getPibLocator(), "pib-sqlite3:");
146 BOOST_CHECK_EQUAL(keyChain.getPib().getTpmLocator(), "tpm-file:" + m_pibDir);
147 BOOST_CHECK_EQUAL(keyChain.getTpm().getTpmLocator(), "tpm-file:" + m_pibDir);
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]148}
149
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]150BOOST_FIXTURE_TEST_CASE(ConstructorMalConfig, TestHomeAndPibFixture<DefaultPibDir>)
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]151{
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]152 createClientConf({"pib=lord", "tpm=ring"});
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]153
154 BOOST_REQUIRE_THROW(KeyChain(), KeyChain::Error); // Wrong configuration. Error expected.
155}
156
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]157BOOST_FIXTURE_TEST_CASE(ConstructorMal2Config, TestHomeAndPibFixture<DefaultPibDir>)
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]158{
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]159 createClientConf({"pib=pib-sqlite3:%PATH%", "tpm=just-wrong"});
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]160 BOOST_REQUIRE_THROW(KeyChain(), KeyChain::Error); // Wrong configuration. Error expected.
161}
162
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]163BOOST_FIXTURE_TEST_CASE(ExportIdentity, IdentityManagementFixture)
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]164{
Alexander Afanasyevaa0e7da2014-03-17 14:37:33 -0700[diff] [blame]165 Name identity("/TestKeyChain/ExportIdentity/");
166 identity.appendVersion();
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]167 addIdentity(identity);
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]168
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]169 shared_ptr<SecuredBag> exported = m_keyChain.exportIdentity(identity, "1234");
Yingdi Yu64c3fb42014-02-26 17:30:04 -0800[diff] [blame]170
171 Block block = exported->wireEncode();
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]172
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]173 Name keyName = m_keyChain.getDefaultKeyNameForIdentity(identity);
174 Name certName = m_keyChain.getDefaultCertificateNameForKey(keyName);
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]175
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]176 m_keyChain.deleteIdentity(identity);
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]177
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]178 BOOST_CHECK_EQUAL(m_keyChain.doesIdentityExist(identity), false);
179 BOOST_CHECK_EQUAL(m_keyChain.doesPublicKeyExist(keyName), false);
180 BOOST_CHECK_EQUAL(m_keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE), false);
181 BOOST_CHECK_EQUAL(m_keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC), false);
182 BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName), false);
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]183
Yingdi Yu64c3fb42014-02-26 17:30:04 -0800[diff] [blame]184 SecuredBag imported;
185 imported.wireDecode(block);
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]186 m_keyChain.importIdentity(imported, "1234");
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]187
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]188 BOOST_CHECK(m_keyChain.doesIdentityExist(identity));
189 BOOST_CHECK(m_keyChain.doesPublicKeyExist(keyName));
190 BOOST_CHECK(m_keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PRIVATE));
191 BOOST_CHECK(m_keyChain.doesKeyExistInTpm(keyName, KEY_CLASS_PUBLIC));
192 BOOST_CHECK(m_keyChain.doesCertificateExist(certName));
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]193}
194
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]195BOOST_FIXTURE_TEST_CASE(PrepareIdentityCertificate, IdentityManagementFixture)
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]196{
Alexander Afanasyevaa0e7da2014-03-17 14:37:33 -0700[diff] [blame]197 Name identity("/TestKeyChain/PrepareIdentityCertificate/");
198 identity.appendVersion();
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]199 addIdentity(identity);
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]200
Junxiao Shi8ca43252015-06-11 21:29:43 -0700[diff] [blame]201 std::vector<CertificateSubjectDescription> subjectDescription;
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]202 Name lowerIdentity = identity;
Alexander Afanasyevaa0e7da2014-03-17 14:37:33 -0700[diff] [blame]203 lowerIdentity.append("Lower").appendVersion();
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]204 Name lowerKeyName = m_keyChain.generateRsaKeyPair(lowerIdentity, true);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]205 shared_ptr<IdentityCertificate> idCert =
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]206 m_keyChain.prepareUnsignedIdentityCertificate(lowerKeyName, identity,
207 time::system_clock::now(),
208 time::system_clock::now() + time::days(365),
209 subjectDescription);
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]210 BOOST_CHECK(static_cast<bool>(idCert));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]211 BOOST_CHECK_EQUAL(idCert->getName().getPrefix(5),
212 Name().append(identity).append("KEY").append("Lower"));
Junxiao Shi8ca43252015-06-11 21:29:43 -0700[diff] [blame]213 BOOST_CHECK(idCert->getFreshnessPeriod() >= time::milliseconds::zero());
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]214
Yingdi Yu0eb5d722014-06-10 15:06:25 -0700[diff] [blame]215 shared_ptr<IdentityCertificate> idCert11 =
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]216 m_keyChain.prepareUnsignedIdentityCertificate(lowerKeyName, identity,
217 time::system_clock::now(),
218 time::system_clock::now() + time::days(365),
219 subjectDescription,
220 lowerIdentity);
Yingdi Yu0eb5d722014-06-10 15:06:25 -0700[diff] [blame]221 BOOST_CHECK(static_cast<bool>(idCert11));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]222 BOOST_CHECK_EQUAL(idCert11->getName().getPrefix(6),
Yingdi Yu0eb5d722014-06-10 15:06:25 -0700[diff] [blame]223 Name().append(lowerIdentity).append("KEY"));
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]224
Alexander Afanasyevaa0e7da2014-03-17 14:37:33 -0700[diff] [blame]225 Name anotherIdentity("/TestKeyChain/PrepareIdentityCertificate/Another/");
226 anotherIdentity.appendVersion();
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]227 Name anotherKeyName = m_keyChain.generateRsaKeyPair(anotherIdentity, true);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]228 shared_ptr<IdentityCertificate> idCert2 =
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]229 m_keyChain.prepareUnsignedIdentityCertificate(anotherKeyName, identity,
230 time::system_clock::now(),
231 time::system_clock::now() + time::days(365),
232 subjectDescription);
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]233 BOOST_CHECK(static_cast<bool>(idCert2));
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]234 BOOST_CHECK_EQUAL(idCert2->getName().getPrefix(5), Name().append(anotherIdentity).append("KEY"));
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]235
236
237 Name wrongKeyName1;
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]238 shared_ptr<IdentityCertificate> idCert3 =
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]239 m_keyChain.prepareUnsignedIdentityCertificate(wrongKeyName1, identity,
240 time::system_clock::now(),
241 time::system_clock::now() + time::days(365),
242 subjectDescription);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]243 BOOST_CHECK_EQUAL(static_cast<bool>(idCert3), false);
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]244
245
246 Name wrongKeyName2("/TestKeyChain/PrepareIdentityCertificate");
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]247 shared_ptr<IdentityCertificate> idCert4 =
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]248 m_keyChain.prepareUnsignedIdentityCertificate(wrongKeyName2, identity,
249 time::system_clock::now(),
250 time::system_clock::now() + time::days(365),
251 subjectDescription);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]252 BOOST_CHECK_EQUAL(static_cast<bool>(idCert4), false);
Alexander Afanasyevb1db7c62014-04-03 14:57:25 -0700[diff] [blame]253
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]254
255 Name wrongKeyName3("/TestKeyChain/PrepareIdentityCertificate/ksk-1234");
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]256 shared_ptr<IdentityCertificate> idCert5 =
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]257 m_keyChain.prepareUnsignedIdentityCertificate(wrongKeyName3, identity,
258 time::system_clock::now(),
259 time::system_clock::now() + time::days(365),
260 subjectDescription);
Yingdi Yu5ec0ee32014-06-24 16:26:09 -0700[diff] [blame]261 BOOST_CHECK_EQUAL(static_cast<bool>(idCert5), false);
Yingdi Yuc55680b2014-02-26 12:31:35 -0800[diff] [blame]262}
263
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]264BOOST_FIXTURE_TEST_CASE(Delete, IdentityManagementFixture)
Yingdi Yu41546342014-11-30 23:37:53 -0800[diff] [blame]265{
Yingdi Yu41546342014-11-30 23:37:53 -0800[diff] [blame]266 Name identity("/TestSecPublicInfoSqlite3/Delete");
267 identity.appendVersion();
268
269 Name certName1;
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]270 BOOST_REQUIRE_NO_THROW(certName1 = m_keyChain.createIdentity(identity));
Yingdi Yu41546342014-11-30 23:37:53 -0800[diff] [blame]271
272 Name keyName1 = IdentityCertificate::certificateNameToPublicKeyName(certName1);
273 Name keyName2;
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]274 BOOST_REQUIRE_NO_THROW(keyName2 = m_keyChain.generateRsaKeyPairAsDefault(identity));
Yingdi Yu41546342014-11-30 23:37:53 -0800[diff] [blame]275
276 shared_ptr<IdentityCertificate> cert2;
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]277 BOOST_REQUIRE_NO_THROW(cert2 = m_keyChain.selfSign(keyName2));
Yingdi Yu41546342014-11-30 23:37:53 -0800[diff] [blame]278 Name certName2 = cert2->getName();
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]279 BOOST_REQUIRE_NO_THROW(m_keyChain.addCertificateAsKeyDefault(*cert2));
Yingdi Yu41546342014-11-30 23:37:53 -0800[diff] [blame]280
281 Name keyName3;
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]282 BOOST_REQUIRE_NO_THROW(keyName3 = m_keyChain.generateRsaKeyPairAsDefault(identity));
Yingdi Yu41546342014-11-30 23:37:53 -0800[diff] [blame]283
284 shared_ptr<IdentityCertificate> cert3;
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]285 BOOST_REQUIRE_NO_THROW(cert3 = m_keyChain.selfSign(keyName3));
Yingdi Yu41546342014-11-30 23:37:53 -0800[diff] [blame]286 Name certName3 = cert3->getName();
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]287 BOOST_REQUIRE_NO_THROW(m_keyChain.addCertificateAsKeyDefault(*cert3));
Yingdi Yu41546342014-11-30 23:37:53 -0800[diff] [blame]288 shared_ptr<IdentityCertificate> cert4;
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]289 BOOST_REQUIRE_NO_THROW(cert4 = m_keyChain.selfSign(keyName3));
Yingdi Yu41546342014-11-30 23:37:53 -0800[diff] [blame]290 Name certName4 = cert4->getName();
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]291 BOOST_REQUIRE_NO_THROW(m_keyChain.addCertificateAsKeyDefault(*cert4));
Yingdi Yu41546342014-11-30 23:37:53 -0800[diff] [blame]292 shared_ptr<IdentityCertificate> cert5;
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]293 BOOST_REQUIRE_NO_THROW(cert5 = m_keyChain.selfSign(keyName3));
Yingdi Yu41546342014-11-30 23:37:53 -0800[diff] [blame]294 Name certName5 = cert5->getName();
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]295 BOOST_REQUIRE_NO_THROW(m_keyChain.addCertificateAsKeyDefault(*cert5));
Yingdi Yu41546342014-11-30 23:37:53 -0800[diff] [blame]296
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]297 BOOST_CHECK_EQUAL(m_keyChain.doesIdentityExist(identity), true);
298 BOOST_CHECK_EQUAL(m_keyChain.doesPublicKeyExist(keyName1), true);
299 BOOST_CHECK_EQUAL(m_keyChain.doesPublicKeyExist(keyName2), true);
300 BOOST_CHECK_EQUAL(m_keyChain.doesPublicKeyExist(keyName3), true);
301 BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName1), true);
302 BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName2), true);
303 BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName3), true);
304 BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName4), true);
305 BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName5), true);
Yingdi Yu41546342014-11-30 23:37:53 -0800[diff] [blame]306
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]307 BOOST_REQUIRE_NO_THROW(m_keyChain.deleteCertificate(certName5));
308 BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName5), false);
309 BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName3), true);
310 BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName4), true);
311 BOOST_CHECK_EQUAL(m_keyChain.doesPublicKeyExist(keyName3), true);
Yingdi Yu41546342014-11-30 23:37:53 -0800[diff] [blame]312
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]313 BOOST_REQUIRE_NO_THROW(m_keyChain.deleteKey(keyName3));
314 BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName4), false);
315 BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName3), false);
316 BOOST_CHECK_EQUAL(m_keyChain.doesPublicKeyExist(keyName3), false);
317 BOOST_CHECK_EQUAL(m_keyChain.doesPublicKeyExist(keyName2), true);
318 BOOST_CHECK_EQUAL(m_keyChain.doesPublicKeyExist(keyName1), true);
319 BOOST_CHECK_EQUAL(m_keyChain.doesIdentityExist(identity), true);
Yingdi Yu41546342014-11-30 23:37:53 -0800[diff] [blame]320
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]321 BOOST_REQUIRE_NO_THROW(m_keyChain.deleteIdentity(identity));
322 BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName2), false);
323 BOOST_CHECK_EQUAL(m_keyChain.doesPublicKeyExist(keyName2), false);
324 BOOST_CHECK_EQUAL(m_keyChain.doesCertificateExist(certName1), false);
325 BOOST_CHECK_EQUAL(m_keyChain.doesPublicKeyExist(keyName1), false);
326 BOOST_CHECK_EQUAL(m_keyChain.doesIdentityExist(identity), false);
Yingdi Yu41546342014-11-30 23:37:53 -0800[diff] [blame]327}
328
Alexander Afanasyev07113802015-01-15 19:14:36 -0800[diff] [blame]329BOOST_AUTO_TEST_CASE(KeyChainWithCustomTpmAndPib)
330{
331 BOOST_REQUIRE_NO_THROW((KeyChain("pib-dummy", "tpm-dummy")));
Alexander Afanasyev34a37632015-01-16 17:37:36 -0800[diff] [blame]332 BOOST_REQUIRE_NO_THROW((KeyChain("pib-dummy2", "tpm-dummy2")));
Alexander Afanasyev07113802015-01-15 19:14:36 -0800[diff] [blame]333 BOOST_REQUIRE_NO_THROW((KeyChain("dummy", "dummy")));
334 BOOST_REQUIRE_NO_THROW((KeyChain("dummy:", "dummy:")));
335 BOOST_REQUIRE_NO_THROW((KeyChain("dummy:/something", "dummy:/something")));
336
337 KeyChain keyChain("dummy", "dummy");
Alexander Afanasyev34a37632015-01-16 17:37:36 -0800[diff] [blame]338 BOOST_CHECK_EQUAL(keyChain.getPib().getPibLocator(), "pib-dummy:");
339 BOOST_CHECK_EQUAL(keyChain.getPib().getTpmLocator(), "tpm-dummy:");
340 BOOST_CHECK_EQUAL(keyChain.getTpm().getTpmLocator(), "tpm-dummy:");
Alexander Afanasyev07113802015-01-15 19:14:36 -0800[diff] [blame]341 BOOST_CHECK_EQUAL(keyChain.getDefaultIdentity(), "/dummy/key");
342}
343
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]344BOOST_FIXTURE_TEST_CASE(GeneralSigningInterface, IdentityManagementFixture)
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]345{
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]346 Name id("/id");
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]347 Name certName = m_keyChain.createIdentity(id);
348 shared_ptr<IdentityCertificate> idCert = m_keyChain.getCertificate(certName);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]349 Name keyName = idCert->getPublicKeyName();
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]350 m_keyChain.setDefaultIdentity(id);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]351
352 Name id2("/id2");
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]353 Name cert2Name = m_keyChain.createIdentity(id2);
354 shared_ptr<IdentityCertificate> id2Cert = m_keyChain.getCertificate(cert2Name);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]355
356 // SigningInfo is set to default
357 Data data1("/data1");
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]358 m_keyChain.sign(data1);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]359 BOOST_CHECK(Validator::verifySignature(data1, idCert->getPublicKeyInfo()));
360 BOOST_CHECK_EQUAL(data1.getSignature().getKeyLocator().getName(), certName.getPrefix(-1));
361
362 Interest interest1("/interest1");
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]363 m_keyChain.sign(interest1);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]364 BOOST_CHECK(Validator::verifySignature(interest1, idCert->getPublicKeyInfo()));
365 SignatureInfo sigInfo1(interest1.getName()[-2].blockFromValue());
366 BOOST_CHECK_EQUAL(sigInfo1.getKeyLocator().getName(), certName.getPrefix(-1));
367
368 // SigningInfo is set to Identity
369 Data data2("/data2");
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]370 m_keyChain.sign(data2, SigningInfo(SigningInfo::SIGNER_TYPE_ID, id2));
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]371 BOOST_CHECK(Validator::verifySignature(data2, id2Cert->getPublicKeyInfo()));
372 BOOST_CHECK_EQUAL(data2.getSignature().getKeyLocator().getName(), cert2Name.getPrefix(-1));
373
374 Interest interest2("/interest2");
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]375 m_keyChain.sign(interest2, SigningInfo(SigningInfo::SIGNER_TYPE_ID, id2));
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]376 BOOST_CHECK(Validator::verifySignature(interest2, id2Cert->getPublicKeyInfo()));
377 SignatureInfo sigInfo2(interest2.getName()[-2].blockFromValue());
378 BOOST_CHECK_EQUAL(sigInfo2.getKeyLocator().getName(), cert2Name.getPrefix(-1));
379
380 // SigningInfo is set to Key
381 Data data3("/data3");
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]382 m_keyChain.sign(data3, SigningInfo(SigningInfo::SIGNER_TYPE_KEY, keyName));
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]383 BOOST_CHECK(Validator::verifySignature(data3, idCert->getPublicKeyInfo()));
384 BOOST_CHECK_EQUAL(data3.getSignature().getKeyLocator().getName(), certName.getPrefix(-1));
385
386 Interest interest3("/interest3");
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]387 m_keyChain.sign(interest3);
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]388 BOOST_CHECK(Validator::verifySignature(interest3, idCert->getPublicKeyInfo()));
389 SignatureInfo sigInfo3(interest1.getName()[-2].blockFromValue());
390 BOOST_CHECK_EQUAL(sigInfo3.getKeyLocator().getName(), certName.getPrefix(-1));
391
392 // SigningInfo is set to Cert
393 Data data4("/data4");
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]394 m_keyChain.sign(data4, SigningInfo(SigningInfo::SIGNER_TYPE_CERT, certName));
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]395 BOOST_CHECK(Validator::verifySignature(data4, idCert->getPublicKeyInfo()));
396 BOOST_CHECK_EQUAL(data4.getSignature().getKeyLocator().getName(), certName.getPrefix(-1));
397
398 Interest interest4("/interest4");
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]399 m_keyChain.sign(interest4, SigningInfo(SigningInfo::SIGNER_TYPE_CERT, certName));
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]400 BOOST_CHECK(Validator::verifySignature(interest4, idCert->getPublicKeyInfo()));
401 SignatureInfo sigInfo4(interest4.getName()[-2].blockFromValue());
402 BOOST_CHECK_EQUAL(sigInfo4.getKeyLocator().getName(), certName.getPrefix(-1));
403
404
405 // SigningInfo is set to DigestSha256
406 Data data5("/data5");
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]407 m_keyChain.sign(data5, SigningInfo(SigningInfo::SIGNER_TYPE_SHA256));
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]408 BOOST_CHECK(Validator::verifySignature(data5, DigestSha256(data5.getSignature())));
409
410 Interest interest5("/interest4");
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]411 m_keyChain.sign(interest5, SigningInfo(SigningInfo::SIGNER_TYPE_SHA256));
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]412 BOOST_CHECK(Validator::verifySignature(interest5,
413 DigestSha256(Signature(interest5.getName()[-2].blockFromValue(),
414 interest5.getName()[-1].blockFromValue()))));
415}
416
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]417BOOST_FIXTURE_TEST_CASE(EcdsaSigningByIdentityNoCert, IdentityManagementFixture)
José Quevedo641de4c2016-01-29 00:11:24 +0000[diff] [blame]418{
José Quevedo641de4c2016-01-29 00:11:24 +0000[diff] [blame]419 Data data("/test/data");
420
421 Name nonExistingIdentity = Name("/non-existing/identity").appendVersion();
422
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]423 BOOST_CHECK_NO_THROW(m_keyChain.sign(data, signingByIdentity(nonExistingIdentity)));
José Quevedo641de4c2016-01-29 00:11:24 +0000[diff] [blame]424 BOOST_CHECK_EQUAL(data.getSignature().getType(),
425 KeyChain::getSignatureType(KeyChain::DEFAULT_KEY_PARAMS.getKeyType(),
426 DIGEST_ALGORITHM_SHA256));
427 BOOST_CHECK(nonExistingIdentity.isPrefixOf(data.getSignature().getKeyLocator().getName()));
428
429 Name ecdsaIdentity = Name("/ndn/test/ecdsa").appendVersion();
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700[diff] [blame^]430 Name ecdsaKeyName = m_keyChain.generateEcdsaKeyPairAsDefault(ecdsaIdentity, false, 256);
431 BOOST_CHECK_NO_THROW(m_keyChain.sign(data, signingByIdentity(ecdsaIdentity)));
José Quevedo641de4c2016-01-29 00:11:24 +0000[diff] [blame]432 BOOST_CHECK_EQUAL(data.getSignature().getType(),
433 KeyChain::getSignatureType(EcdsaKeyParams().getKeyType(), DIGEST_ALGORITHM_SHA256));
434 BOOST_CHECK(ecdsaIdentity.isPrefixOf(data.getSignature().getKeyLocator().getName()));
435}
436
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]437BOOST_AUTO_TEST_SUITE_END()
438
Yingdi Yuf56c68f2014-04-24 21:50:13 -0700[diff] [blame]439} // namespace tests
Yingdi Yu1b0311c2015-06-10 14:58:47 -0700[diff] [blame]440} // namespace security
Yingdi Yu8dceb1d2014-02-18 12:45:10 -0800[diff] [blame]441} // namespace ndn