blob: dc83f2a5f4b7a1ec8dc33b8b2bb98b0009f6a34b [file] [log] [blame]
Yingdi Yu77627ab2015-07-21 16:13:49 -07001/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
2/**
Davide Pesavento013de9b2016-09-01 12:06:56 +00003 * Copyright (c) 2014-2016, Regents of the University of California.
Yingdi Yu77627ab2015-07-21 16:13:49 -07004 *
Yingdi Yu0a312e52015-07-22 13:14:53 -07005 * This file is part of ndn-tools (Named Data Networking Essential Tools).
6 * See AUTHORS.md for complete list of ndn-tools authors and contributors.
Yingdi Yu77627ab2015-07-21 16:13:49 -07007 *
Yingdi Yu0a312e52015-07-22 13:14:53 -07008 * ndn-tools is free software: you can redistribute it and/or modify it under the terms
9 * of the GNU General Public License as published by the Free Software Foundation,
10 * either version 3 of the License, or (at your option) any later version.
Yingdi Yu77627ab2015-07-21 16:13:49 -070011 *
Yingdi Yu0a312e52015-07-22 13:14:53 -070012 * ndn-tools is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
13 * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
14 * PURPOSE. See the GNU General Public License for more details.
Yingdi Yu77627ab2015-07-21 16:13:49 -070015 *
Yingdi Yu0a312e52015-07-22 13:14:53 -070016 * You should have received a copy of the GNU General Public License along with
17 * ndn-tools, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
Yingdi Yu77627ab2015-07-21 16:13:49 -070018 *
Yingdi Yu0a312e52015-07-22 13:14:53 -070019 * @author Yingdi Yu <yingdi@cs.ucla.edu>
Yingdi Yu77627ab2015-07-21 16:13:49 -070020 */
21
22#include "tools/pib/pib-validator.hpp"
23#include "tools/pib/encoding/update-param.hpp"
24#include "tools/pib/encoding/delete-param.hpp"
Yingdi Yu77627ab2015-07-21 16:13:49 -070025
Davide Pesavento013de9b2016-09-01 12:06:56 +000026#include "tests/identity-management-fixture.hpp"
27
28#include <ndn-cxx/security/key-chain.hpp>
Yingdi Yu77627ab2015-07-21 16:13:49 -070029#include <boost/filesystem.hpp>
Yingdi Yu77627ab2015-07-21 16:13:49 -070030
31namespace ndn {
32namespace pib {
33namespace tests {
34
Yingdi Yu0a312e52015-07-22 13:14:53 -070035class PibValidatorFixture : public ndn::tests::IdentityManagementTimeFixture
Yingdi Yu77627ab2015-07-21 16:13:49 -070036{
37public:
38 PibValidatorFixture()
39 : tmpPath(boost::filesystem::path(TMP_TESTS_PATH) / "DbTest")
40 , db(tmpPath.c_str())
41 {
42 }
43
44 ~PibValidatorFixture()
45 {
46 boost::filesystem::remove_all(tmpPath);
47 }
48
49 boost::asio::io_service io;
50 boost::filesystem::path tmpPath;
51 PibDb db;
52 bool isProcessed;
53};
54
Davide Pesavento013de9b2016-09-01 12:06:56 +000055BOOST_AUTO_TEST_SUITE(Pib)
56BOOST_FIXTURE_TEST_SUITE(TestPibValidator, PibValidatorFixture)
Yingdi Yu77627ab2015-07-21 16:13:49 -070057
58BOOST_AUTO_TEST_CASE(Basic)
59{
60 PibValidator validator(db);
61
62 Name testUser("/localhost/pib/test/mgmt");
63 BOOST_REQUIRE(addIdentity(testUser, RsaKeyParams()));
64 Name testUserCertName = m_keyChain.getDefaultCertificateNameForIdentity(testUser);
65 shared_ptr<IdentityCertificate> testUserCert = m_keyChain.getCertificate(testUserCertName);
66
67 advanceClocks(io, time::milliseconds(100));
68 Name testUser2("/localhost/pib/test2/mgmt");
69 BOOST_REQUIRE(addIdentity(testUser2, RsaKeyParams()));
70
71 db.updateMgmtCertificate(*testUserCert);
72
73 advanceClocks(io, time::milliseconds(100));
74 Name normalId("/normal/id");
75 BOOST_REQUIRE(addIdentity(normalId, RsaKeyParams()));
76 Name normalIdCertName = m_keyChain.getDefaultCertificateNameForIdentity(normalId);
77 shared_ptr<IdentityCertificate> normalIdCert = m_keyChain.getCertificate(normalIdCertName);
78
79 db.addIdentity(normalId);
80 db.addKey(normalIdCert->getPublicKeyName(), normalIdCert->getPublicKeyInfo());
81 db.addCertificate(*normalIdCert);
82
83 Name command1("/localhost/pib/test/verb/param");
84 shared_ptr<Interest> interest1 = make_shared<Interest>(command1);
85 m_keyChain.signByIdentity(*interest1, testUser);
86 // "test" user is trusted for any command about itself, OK.
87 isProcessed = false;
88 validator.validate(*interest1,
89 [this] (const shared_ptr<const Interest>&) {
90 isProcessed = true;
91 BOOST_CHECK(true);
92 },
93 [this] (const shared_ptr<const Interest>&, const std::string&) {
94 isProcessed = true;
95 BOOST_CHECK(false);
96 });
97 BOOST_CHECK(isProcessed);
98
99 Name command2("/localhost/pib/test/verb/param");
100 shared_ptr<Interest> interest2 = make_shared<Interest>(command2);
101 m_keyChain.signByIdentity(*interest2, testUser2);
102 // "test2" user is NOT trusted for any command about other user, MUST fail
103 isProcessed = false;
104 validator.validate(*interest2,
105 [this] (const shared_ptr<const Interest>&) {
106 isProcessed = true;
107 BOOST_CHECK(false);
108 },
109 [this] (const shared_ptr<const Interest>&, const std::string&) {
110 isProcessed = true;
111 BOOST_CHECK(true);
112 });
113 BOOST_CHECK(isProcessed);
114
115 Name command3("/localhost/pib/test/verb/param");
116 shared_ptr<Interest> interest3 = make_shared<Interest>(command3);
117 m_keyChain.signByIdentity(*interest3, normalId);
118 // "normalId" is in "test" pib, can be trusted for some commands about "test".
119 // Detail checking is needed, but it is not the job of Validator, OK.
120 isProcessed = false;
121 validator.validate(*interest3,
122 [this] (const shared_ptr<const Interest>&) {
123 isProcessed = true;
124 BOOST_CHECK(true);
125 },
126 [this] (const shared_ptr<const Interest>&, const std::string&) {
127 isProcessed = true;
128 BOOST_CHECK(false);
129 });
130 BOOST_CHECK(isProcessed);
131
132}
133
Davide Pesavento013de9b2016-09-01 12:06:56 +0000134BOOST_AUTO_TEST_SUITE_END() // TestPibValidator
135BOOST_AUTO_TEST_SUITE_END() // Pib
Yingdi Yu77627ab2015-07-21 16:13:49 -0700136
137} // namespace tests
138} // namespace pib
139} // namespace ndn