Yingdi Yu | d9715e3 | 2014-06-27 08:48:47 -0700 | [diff] [blame] | 1 | /* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */ |
Alexander Afanasyev | e5a19b8 | 2017-01-30 22:30:46 -0800 | [diff] [blame^] | 2 | /* |
Zhiyi Zhang | 1e164cc | 2017-01-03 11:04:35 -0800 | [diff] [blame] | 3 | * Copyright (c) 2013-2017 Regents of the University of California. |
Yingdi Yu | d9715e3 | 2014-06-27 08:48:47 -0700 | [diff] [blame] | 4 | * |
| 5 | * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions). |
| 6 | * |
| 7 | * ndn-cxx library is free software: you can redistribute it and/or modify it under the |
| 8 | * terms of the GNU Lesser General Public License as published by the Free Software |
| 9 | * Foundation, either version 3 of the License, or (at your option) any later version. |
| 10 | * |
| 11 | * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY |
| 12 | * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A |
| 13 | * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. |
| 14 | * |
| 15 | * You should have received copies of the GNU General Public License and GNU Lesser |
| 16 | * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see |
| 17 | * <http://www.gnu.org/licenses/>. |
| 18 | * |
| 19 | * See AUTHORS.md for complete list of ndn-cxx authors and contributors. |
| 20 | */ |
| 21 | |
| 22 | #include "identity-management-fixture.hpp" |
Zhiyi Zhang | 0a939b4 | 2016-11-16 14:27:20 -0800 | [diff] [blame] | 23 | #include "util/io.hpp" |
Alexander Afanasyev | fc99b51 | 2017-01-04 11:10:36 -0800 | [diff] [blame] | 24 | #include "security/v2/additional-description.hpp" |
Zhiyi Zhang | 0a939b4 | 2016-11-16 14:27:20 -0800 | [diff] [blame] | 25 | |
| 26 | #include <boost/filesystem.hpp> |
Yingdi Yu | d9715e3 | 2014-06-27 08:48:47 -0700 | [diff] [blame] | 27 | |
| 28 | namespace ndn { |
Alexander Afanasyev | e4f8c3b | 2016-06-23 16:03:48 -0700 | [diff] [blame] | 29 | namespace tests { |
Yingdi Yu | d9715e3 | 2014-06-27 08:48:47 -0700 | [diff] [blame] | 30 | |
Alexander Afanasyev | fc99b51 | 2017-01-04 11:10:36 -0800 | [diff] [blame] | 31 | namespace v1 = security::v1; |
| 32 | namespace v2 = security::v2; |
Yingdi Yu | d9715e3 | 2014-06-27 08:48:47 -0700 | [diff] [blame] | 33 | |
Alexander Afanasyev | fc99b51 | 2017-01-04 11:10:36 -0800 | [diff] [blame] | 34 | IdentityManagementBaseFixture::~IdentityManagementBaseFixture() |
Yingdi Yu | d9715e3 | 2014-06-27 08:48:47 -0700 | [diff] [blame] | 35 | { |
Zhiyi Zhang | 0a939b4 | 2016-11-16 14:27:20 -0800 | [diff] [blame] | 36 | boost::system::error_code ec; |
| 37 | for (const auto& certFile : m_certFiles) { |
| 38 | boost::filesystem::remove(certFile, ec); // ignore error |
| 39 | } |
Yingdi Yu | d9715e3 | 2014-06-27 08:48:47 -0700 | [diff] [blame] | 40 | } |
| 41 | |
| 42 | bool |
Alexander Afanasyev | fc99b51 | 2017-01-04 11:10:36 -0800 | [diff] [blame] | 43 | IdentityManagementBaseFixture::saveCertToFile(const Data& obj, const std::string& filename) |
Yingdi Yu | d9715e3 | 2014-06-27 08:48:47 -0700 | [diff] [blame] | 44 | { |
Alexander Afanasyev | fc99b51 | 2017-01-04 11:10:36 -0800 | [diff] [blame] | 45 | m_certFiles.insert(filename); |
Yingdi Yu | d9715e3 | 2014-06-27 08:48:47 -0700 | [diff] [blame] | 46 | try { |
Alexander Afanasyev | fc99b51 | 2017-01-04 11:10:36 -0800 | [diff] [blame] | 47 | io::save(obj, filename); |
Zhiyi Zhang | 0a939b4 | 2016-11-16 14:27:20 -0800 | [diff] [blame] | 48 | return true; |
| 49 | } |
Alexander Afanasyev | 4c9a3d5 | 2017-01-03 17:45:19 -0800 | [diff] [blame] | 50 | catch (const io::Error&) { |
Zhiyi Zhang | 0a939b4 | 2016-11-16 14:27:20 -0800 | [diff] [blame] | 51 | return false; |
| 52 | } |
| 53 | } |
| 54 | |
Alexander Afanasyev | fc99b51 | 2017-01-04 11:10:36 -0800 | [diff] [blame] | 55 | IdentityManagementV1Fixture::~IdentityManagementV1Fixture() |
| 56 | { |
| 57 | for (const auto& identity : m_identities) { |
| 58 | m_keyChain.deleteIdentity(identity); |
| 59 | } |
| 60 | } |
| 61 | |
| 62 | Name |
| 63 | IdentityManagementV1Fixture::addIdentity(const Name& identity, const KeyParams& params) |
| 64 | { |
| 65 | Name certName = m_keyChain.createIdentity(identity, params); |
| 66 | m_identities.insert(identity); |
| 67 | return certName; |
| 68 | } |
| 69 | |
Zhiyi Zhang | 1e164cc | 2017-01-03 11:04:35 -0800 | [diff] [blame] | 70 | bool |
Alexander Afanasyev | fc99b51 | 2017-01-04 11:10:36 -0800 | [diff] [blame] | 71 | IdentityManagementV1Fixture::saveIdentityCertificate(const Name& certName, const std::string& filename) |
| 72 | { |
| 73 | try { |
| 74 | auto cert = m_keyChain.getCertificate(certName); |
| 75 | return saveCertToFile(*cert, filename); |
| 76 | } |
| 77 | catch (const v1::SecPublicInfo::Error&) { |
| 78 | return false; |
| 79 | } |
| 80 | } |
| 81 | |
| 82 | bool |
| 83 | IdentityManagementV1Fixture::addSubCertificate(const Name& subIdentity, const Name& issuer, const KeyParams& params) |
Zhiyi Zhang | 1e164cc | 2017-01-03 11:04:35 -0800 | [diff] [blame] | 84 | { |
| 85 | if (!m_keyChain.doesIdentityExist(issuer)) |
| 86 | return false; |
Alexander Afanasyev | fc99b51 | 2017-01-04 11:10:36 -0800 | [diff] [blame] | 87 | if (!m_keyChain.doesIdentityExist(subIdentity)) { |
| 88 | addIdentity(subIdentity, params); |
Zhiyi Zhang | 1e164cc | 2017-01-03 11:04:35 -0800 | [diff] [blame] | 89 | } |
| 90 | Name identityKeyName; |
| 91 | try { |
Alexander Afanasyev | fc99b51 | 2017-01-04 11:10:36 -0800 | [diff] [blame] | 92 | identityKeyName = m_keyChain.getDefaultKeyNameForIdentity(subIdentity); |
Zhiyi Zhang | 1e164cc | 2017-01-03 11:04:35 -0800 | [diff] [blame] | 93 | } |
Alexander Afanasyev | fc99b51 | 2017-01-04 11:10:36 -0800 | [diff] [blame] | 94 | catch (const v1::SecPublicInfo::Error&) { |
| 95 | identityKeyName = m_keyChain.generateRsaKeyPairAsDefault(subIdentity, true); |
Zhiyi Zhang | 1e164cc | 2017-01-03 11:04:35 -0800 | [diff] [blame] | 96 | } |
Alexander Afanasyev | fc99b51 | 2017-01-04 11:10:36 -0800 | [diff] [blame] | 97 | std::vector<v1::CertificateSubjectDescription> subjectDescription; |
| 98 | shared_ptr<v1::IdentityCertificate> identityCert = |
Zhiyi Zhang | 1e164cc | 2017-01-03 11:04:35 -0800 | [diff] [blame] | 99 | m_keyChain.prepareUnsignedIdentityCertificate(identityKeyName, |
| 100 | issuer, |
| 101 | time::system_clock::now(), |
| 102 | time::system_clock::now() + time::days(7300), |
| 103 | subjectDescription); |
Alexander Afanasyev | fc99b51 | 2017-01-04 11:10:36 -0800 | [diff] [blame] | 104 | m_keyChain.sign(*identityCert, signingByIdentity(issuer)); |
Zhiyi Zhang | 1e164cc | 2017-01-03 11:04:35 -0800 | [diff] [blame] | 105 | m_keyChain.addCertificateAsIdentityDefault(*identityCert); |
| 106 | return true; |
| 107 | } |
| 108 | |
Alexander Afanasyev | fc99b51 | 2017-01-04 11:10:36 -0800 | [diff] [blame] | 109 | IdentityManagementV2Fixture::IdentityManagementV2Fixture() |
| 110 | : m_keyChain("pib-memory:", "tpm-memory:") |
| 111 | { |
| 112 | } |
| 113 | |
| 114 | security::Identity |
| 115 | IdentityManagementV2Fixture::addIdentity(const Name& identityName, const KeyParams& params) |
| 116 | { |
| 117 | auto identity = m_keyChain.createIdentity(identityName, params); |
| 118 | m_identities.insert(identityName); |
| 119 | return identity; |
| 120 | } |
| 121 | |
| 122 | bool |
Alexander Afanasyev | e5a19b8 | 2017-01-30 22:30:46 -0800 | [diff] [blame^] | 123 | IdentityManagementV2Fixture::saveCertificate(const security::Identity& identity, const std::string& filename) |
Alexander Afanasyev | fc99b51 | 2017-01-04 11:10:36 -0800 | [diff] [blame] | 124 | { |
| 125 | try { |
| 126 | auto cert = identity.getDefaultKey().getDefaultCertificate(); |
| 127 | return saveCertToFile(cert, filename); |
| 128 | } |
| 129 | catch (const security::Pib::Error&) { |
| 130 | return false; |
| 131 | } |
| 132 | } |
| 133 | |
| 134 | security::Identity |
| 135 | IdentityManagementV2Fixture::addSubCertificate(const Name& subIdentityName, |
| 136 | const security::Identity& issuer, const KeyParams& params) |
| 137 | { |
| 138 | auto subIdentity = addIdentity(subIdentityName, params); |
| 139 | |
| 140 | v2::Certificate request = subIdentity.getDefaultKey().getDefaultCertificate(); |
| 141 | |
| 142 | request.setName(request.getKeyName().append("parent").appendVersion()); |
| 143 | |
| 144 | SignatureInfo info; |
| 145 | info.setValidityPeriod(security::ValidityPeriod(time::system_clock::now(), |
| 146 | time::system_clock::now() + time::days(7300))); |
| 147 | |
| 148 | v2::AdditionalDescription description; |
| 149 | description.set("type", "sub-certificate"); |
| 150 | info.appendTypeSpecificTlv(description.wireEncode()); |
| 151 | |
Qiuhan Ding | 4caa0cc | 2015-10-23 20:31:27 -0700 | [diff] [blame] | 152 | m_keyChain.sign(request, signingByIdentity(issuer).setSignatureInfo(info)); |
Alexander Afanasyev | fc99b51 | 2017-01-04 11:10:36 -0800 | [diff] [blame] | 153 | m_keyChain.setDefaultCertificate(subIdentity.getDefaultKey(), request); |
| 154 | |
| 155 | return subIdentity; |
| 156 | } |
| 157 | |
Qiuhan Ding | 4caa0cc | 2015-10-23 20:31:27 -0700 | [diff] [blame] | 158 | v2::Certificate |
| 159 | IdentityManagementV2Fixture::addCertificate(const security::Key& key, const std::string& issuer) |
| 160 | { |
| 161 | Name certificateName = key.getName(); |
| 162 | certificateName |
| 163 | .append(issuer) |
| 164 | .appendVersion(); |
| 165 | v2::Certificate certificate; |
| 166 | certificate.setName(certificateName); |
| 167 | |
| 168 | // set metainfo |
| 169 | certificate.setContentType(tlv::ContentType_Key); |
| 170 | certificate.setFreshnessPeriod(time::hours(1)); |
| 171 | |
| 172 | // set content |
| 173 | certificate.setContent(key.getPublicKey().buf(), key.getPublicKey().size()); |
| 174 | |
| 175 | // set signature-info |
| 176 | SignatureInfo info; |
| 177 | info.setValidityPeriod(security::ValidityPeriod(time::system_clock::now(), |
| 178 | time::system_clock::now() + time::days(10))); |
| 179 | |
| 180 | m_keyChain.sign(certificate, signingByKey(key).setSignatureInfo(info)); |
| 181 | return certificate; |
| 182 | } |
| 183 | |
| 184 | |
Alexander Afanasyev | e4f8c3b | 2016-06-23 16:03:48 -0700 | [diff] [blame] | 185 | } // namespace tests |
Yingdi Yu | d9715e3 | 2014-06-27 08:48:47 -0700 | [diff] [blame] | 186 | } // namespace ndn |