blob: 486cc9c4c8d81a2c014f4eee75a1c1244e616944 [file] [log] [blame]
Yingdi Yud9715e32014-06-27 08:48:47 -07001/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Alexander Afanasyeve5a19b82017-01-30 22:30:46 -08002/*
Zhiyi Zhang1e164cc2017-01-03 11:04:35 -08003 * Copyright (c) 2013-2017 Regents of the University of California.
Yingdi Yud9715e32014-06-27 08:48:47 -07004 *
5 * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
6 *
7 * ndn-cxx library is free software: you can redistribute it and/or modify it under the
8 * terms of the GNU Lesser General Public License as published by the Free Software
9 * Foundation, either version 3 of the License, or (at your option) any later version.
10 *
11 * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License and GNU Lesser
16 * General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
17 * <http://www.gnu.org/licenses/>.
18 *
19 * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
20 */
21
22#include "identity-management-fixture.hpp"
Zhiyi Zhang0a939b42016-11-16 14:27:20 -080023#include "util/io.hpp"
Alexander Afanasyevfc99b512017-01-04 11:10:36 -080024#include "security/v2/additional-description.hpp"
Zhiyi Zhang0a939b42016-11-16 14:27:20 -080025
26#include <boost/filesystem.hpp>
Yingdi Yud9715e32014-06-27 08:48:47 -070027
28namespace ndn {
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -070029namespace tests {
Yingdi Yud9715e32014-06-27 08:48:47 -070030
Alexander Afanasyevfc99b512017-01-04 11:10:36 -080031namespace v1 = security::v1;
32namespace v2 = security::v2;
Yingdi Yud9715e32014-06-27 08:48:47 -070033
Alexander Afanasyevfc99b512017-01-04 11:10:36 -080034IdentityManagementBaseFixture::~IdentityManagementBaseFixture()
Yingdi Yud9715e32014-06-27 08:48:47 -070035{
Zhiyi Zhang0a939b42016-11-16 14:27:20 -080036 boost::system::error_code ec;
37 for (const auto& certFile : m_certFiles) {
38 boost::filesystem::remove(certFile, ec); // ignore error
39 }
Yingdi Yud9715e32014-06-27 08:48:47 -070040}
41
42bool
Alexander Afanasyevfc99b512017-01-04 11:10:36 -080043IdentityManagementBaseFixture::saveCertToFile(const Data& obj, const std::string& filename)
Yingdi Yud9715e32014-06-27 08:48:47 -070044{
Alexander Afanasyevfc99b512017-01-04 11:10:36 -080045 m_certFiles.insert(filename);
Yingdi Yud9715e32014-06-27 08:48:47 -070046 try {
Alexander Afanasyevfc99b512017-01-04 11:10:36 -080047 io::save(obj, filename);
Zhiyi Zhang0a939b42016-11-16 14:27:20 -080048 return true;
49 }
Alexander Afanasyev4c9a3d52017-01-03 17:45:19 -080050 catch (const io::Error&) {
Zhiyi Zhang0a939b42016-11-16 14:27:20 -080051 return false;
52 }
53}
54
Alexander Afanasyevfc99b512017-01-04 11:10:36 -080055IdentityManagementV1Fixture::~IdentityManagementV1Fixture()
56{
57 for (const auto& identity : m_identities) {
58 m_keyChain.deleteIdentity(identity);
59 }
60}
61
62Name
63IdentityManagementV1Fixture::addIdentity(const Name& identity, const KeyParams& params)
64{
65 Name certName = m_keyChain.createIdentity(identity, params);
66 m_identities.insert(identity);
67 return certName;
68}
69
Zhiyi Zhang1e164cc2017-01-03 11:04:35 -080070bool
Alexander Afanasyevfc99b512017-01-04 11:10:36 -080071IdentityManagementV1Fixture::saveIdentityCertificate(const Name& certName, const std::string& filename)
72{
73 try {
74 auto cert = m_keyChain.getCertificate(certName);
75 return saveCertToFile(*cert, filename);
76 }
77 catch (const v1::SecPublicInfo::Error&) {
78 return false;
79 }
80}
81
82bool
83IdentityManagementV1Fixture::addSubCertificate(const Name& subIdentity, const Name& issuer, const KeyParams& params)
Zhiyi Zhang1e164cc2017-01-03 11:04:35 -080084{
85 if (!m_keyChain.doesIdentityExist(issuer))
86 return false;
Alexander Afanasyevfc99b512017-01-04 11:10:36 -080087 if (!m_keyChain.doesIdentityExist(subIdentity)) {
88 addIdentity(subIdentity, params);
Zhiyi Zhang1e164cc2017-01-03 11:04:35 -080089 }
90 Name identityKeyName;
91 try {
Alexander Afanasyevfc99b512017-01-04 11:10:36 -080092 identityKeyName = m_keyChain.getDefaultKeyNameForIdentity(subIdentity);
Zhiyi Zhang1e164cc2017-01-03 11:04:35 -080093 }
Alexander Afanasyevfc99b512017-01-04 11:10:36 -080094 catch (const v1::SecPublicInfo::Error&) {
95 identityKeyName = m_keyChain.generateRsaKeyPairAsDefault(subIdentity, true);
Zhiyi Zhang1e164cc2017-01-03 11:04:35 -080096 }
Alexander Afanasyevfc99b512017-01-04 11:10:36 -080097 std::vector<v1::CertificateSubjectDescription> subjectDescription;
98 shared_ptr<v1::IdentityCertificate> identityCert =
Zhiyi Zhang1e164cc2017-01-03 11:04:35 -080099 m_keyChain.prepareUnsignedIdentityCertificate(identityKeyName,
100 issuer,
101 time::system_clock::now(),
102 time::system_clock::now() + time::days(7300),
103 subjectDescription);
Alexander Afanasyevfc99b512017-01-04 11:10:36 -0800104 m_keyChain.sign(*identityCert, signingByIdentity(issuer));
Zhiyi Zhang1e164cc2017-01-03 11:04:35 -0800105 m_keyChain.addCertificateAsIdentityDefault(*identityCert);
106 return true;
107}
108
Alexander Afanasyevfc99b512017-01-04 11:10:36 -0800109IdentityManagementV2Fixture::IdentityManagementV2Fixture()
110 : m_keyChain("pib-memory:", "tpm-memory:")
111{
112}
113
114security::Identity
115IdentityManagementV2Fixture::addIdentity(const Name& identityName, const KeyParams& params)
116{
117 auto identity = m_keyChain.createIdentity(identityName, params);
118 m_identities.insert(identityName);
119 return identity;
120}
121
122bool
Alexander Afanasyeve5a19b82017-01-30 22:30:46 -0800123IdentityManagementV2Fixture::saveCertificate(const security::Identity& identity, const std::string& filename)
Alexander Afanasyevfc99b512017-01-04 11:10:36 -0800124{
125 try {
126 auto cert = identity.getDefaultKey().getDefaultCertificate();
127 return saveCertToFile(cert, filename);
128 }
129 catch (const security::Pib::Error&) {
130 return false;
131 }
132}
133
134security::Identity
135IdentityManagementV2Fixture::addSubCertificate(const Name& subIdentityName,
136 const security::Identity& issuer, const KeyParams& params)
137{
138 auto subIdentity = addIdentity(subIdentityName, params);
139
140 v2::Certificate request = subIdentity.getDefaultKey().getDefaultCertificate();
141
142 request.setName(request.getKeyName().append("parent").appendVersion());
143
144 SignatureInfo info;
145 info.setValidityPeriod(security::ValidityPeriod(time::system_clock::now(),
146 time::system_clock::now() + time::days(7300)));
147
148 v2::AdditionalDescription description;
149 description.set("type", "sub-certificate");
150 info.appendTypeSpecificTlv(description.wireEncode());
151
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700152 m_keyChain.sign(request, signingByIdentity(issuer).setSignatureInfo(info));
Alexander Afanasyevfc99b512017-01-04 11:10:36 -0800153 m_keyChain.setDefaultCertificate(subIdentity.getDefaultKey(), request);
154
155 return subIdentity;
156}
157
Qiuhan Ding4caa0cc2015-10-23 20:31:27 -0700158v2::Certificate
159IdentityManagementV2Fixture::addCertificate(const security::Key& key, const std::string& issuer)
160{
161 Name certificateName = key.getName();
162 certificateName
163 .append(issuer)
164 .appendVersion();
165 v2::Certificate certificate;
166 certificate.setName(certificateName);
167
168 // set metainfo
169 certificate.setContentType(tlv::ContentType_Key);
170 certificate.setFreshnessPeriod(time::hours(1));
171
172 // set content
173 certificate.setContent(key.getPublicKey().buf(), key.getPublicKey().size());
174
175 // set signature-info
176 SignatureInfo info;
177 info.setValidityPeriod(security::ValidityPeriod(time::system_clock::now(),
178 time::system_clock::now() + time::days(10)));
179
180 m_keyChain.sign(certificate, signingByKey(key).setSignatureInfo(info));
181 return certificate;
182}
183
184
Alexander Afanasyeve4f8c3b2016-06-23 16:03:48 -0700185} // namespace tests
Yingdi Yud9715e32014-06-27 08:48:47 -0700186} // namespace ndn