Gitiles
Code Review Sign In
gerrit.named-data.net / ndncert / 1d3dcd230166d1871bd80a0a534cd4191aded21f / . / tests / unit-tests / ca-module.t.cpp
blob: ff139c674071dc37c56290c57e8b967ea73d03dd [file] [log] [blame]
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Davide Pesavento914d05f2019-07-13 16:20:19 -0400[diff] [blame]2/*
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]3 * Copyright (c) 2017-2020, Regents of the University of California.
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]4 *
5 * This file is part of ndncert, a certificate management system based on NDN.
6 *
7 * ndncert is free software: you can redistribute it and/or modify it under the terms
8 * of the GNU General Public License as published by the Free Software Foundation, either
9 * version 3 of the License, or (at your option) any later version.
10 *
11 * ndncert is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License along with
16 * ndncert, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
17 *
18 * See AUTHORS.md for complete list of ndncert authors and contributors.
19 */
20
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]21#include "ca-module.hpp"
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]22#include "challenge-module.hpp"
Zhiyi Zhang8bd8e5b2020-09-29 17:40:40 -0700[diff] [blame]23#include "challenge-modules/challenge-email.hpp"
24#include "challenge-modules/challenge-pin.hpp"
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]25#include "protocol-detail/info.hpp"
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame^]26#include "requester.hpp"
Zhiyi Zhang5d80e1e2020-09-25 11:34:54 -0700[diff] [blame]27#include "test-common.hpp"
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]28
29namespace ndn {
30namespace ndncert {
31namespace tests {
32
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]33BOOST_FIXTURE_TEST_SUITE(TestCaModule, DatabaseFixture)
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]34
35BOOST_AUTO_TEST_CASE(Initialization)
36{
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]37 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]38 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
39 BOOST_CHECK_EQUAL(ca.getCaConf().m_caItem.m_caPrefix, "/ndn");
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]40
41 auto identity = addIdentity(Name("/ndn/site2"));
42 auto key = identity.getDefaultKey();
43 auto cert = key.getDefaultCertificate();
44 ca.getCaStorage()->addCertificate("111", cert);
45 BOOST_CHECK_EQUAL(ca.getCaStorage()->getCertificate("111").getIdentity(), Name("/ndn/site2"));
46
47 advanceClocks(time::milliseconds(20), 60);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]48 BOOST_CHECK_EQUAL(ca.m_registeredPrefixHandles.size(), 2);
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]49 BOOST_CHECK_EQUAL(ca.m_interestFilterHandles.size(), 5); // onInfo, onProbe, onNew, onChallenge, onRevoke
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]50}
51
swa77020643ac2020-03-26 02:24:45 -0700[diff] [blame]52BOOST_AUTO_TEST_CASE(HandleInfo)
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]53{
54 auto identity = addIdentity(Name("/ndn"));
55 auto key = identity.getDefaultKey();
56 auto cert = key.getDefaultCertificate();
57
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]58 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]59 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]60 advanceClocks(time::milliseconds(20), 60);
61
swa77020643ac2020-03-26 02:24:45 -0700[diff] [blame]62 Interest interest("/ndn/CA/INFO");
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]63 interest.setCanBePrefix(false);
64
65 int count = 0;
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]66 face.onSendData.connect([&](const Data& response) {
67 count++;
68 BOOST_CHECK(security::verifySignature(response, cert));
69 auto contentBlock = response.getContent();
70 contentBlock.parse();
Zhiyi Zhang3e8ca252020-09-30 17:18:38 -0700[diff] [blame]71 auto caItem = INFO::decodeDataContent(contentBlock);
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]72 BOOST_CHECK_EQUAL(caItem.m_caPrefix, "/ndn");
Zhiyi Zhangb940aa12020-09-30 16:38:57 -0700[diff] [blame]73 BOOST_CHECK_EQUAL(caItem.m_probeParameterKeys.size(), 1);
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]74 BOOST_CHECK_EQUAL(caItem.m_cert->wireEncode(), cert.wireEncode());
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]75 BOOST_CHECK_EQUAL(caItem.m_caInfo, "ndn testbed ca");
76 });
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]77 face.receive(interest);
78
79 advanceClocks(time::milliseconds(20), 60);
80 BOOST_CHECK_EQUAL(count, 1);
81}
82
Zhiyi Zhang6f395812020-09-29 14:42:03 -0700[diff] [blame]83BOOST_AUTO_TEST_CASE(HandleProbe)
84{
85 auto identity = addIdentity(Name("/ndn"));
86 auto key = identity.getDefaultKey();
87 auto cert = key.getDefaultCertificate();
88
89 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]90 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
Zhiyi Zhang6f395812020-09-29 14:42:03 -0700[diff] [blame]91 ca.setNameAssignmentFunction([&](const std::vector<std::tuple<std::string, std::string>>) -> std::vector<std::string> {
92 std::vector<std::string> result;
93 result.push_back("example");
94 return result;
95 });
96 advanceClocks(time::milliseconds(20), 60);
97
98 Interest interest("/ndn/CA/PROBE");
99 interest.setCanBePrefix(false);
100
101 Block paramTLV = makeEmptyBlock(tlv::ApplicationParameters);
102 paramTLV.push_back(makeStringBlock(tlv_parameter_key, "name"));
103 paramTLV.push_back(makeStringBlock(tlv_parameter_value, "zhiyi"));
104 paramTLV.encode();
105
106 interest.setApplicationParameters(paramTLV);
107
108 int count = 0;
109 face.onSendData.connect([&](const Data& response) {
110 count++;
111 BOOST_CHECK(security::verifySignature(response, cert));
112 Block contentBlock = response.getContent();
113 contentBlock.parse();
114 Block probeResponse = contentBlock.get(tlv_probe_response);
115 probeResponse.parse();
116 Name caName;
117 caName.wireDecode(probeResponse.get(tlv::Name));
118 BOOST_CHECK_EQUAL(caName, "/ndn/example");
119 });
120 face.receive(interest);
121
122 advanceClocks(time::milliseconds(20), 60);
123 BOOST_CHECK_EQUAL(count, 1);
124}
125
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]126BOOST_AUTO_TEST_CASE(HandleProbeUsingDefaultHandler)
127{
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]128 auto identity = addIdentity(Name("/ndn"));
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]129 auto key = identity.getDefaultKey();
130 auto cert = key.getDefaultCertificate();
131
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]132 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]133 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]134 advanceClocks(time::milliseconds(20), 60);
135
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]136 Interest interest("/ndn/CA/PROBE");
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]137 interest.setCanBePrefix(false);
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]138
139 Block paramTLV = makeEmptyBlock(tlv::ApplicationParameters);
Zhiyi Zhang6f395812020-09-29 14:42:03 -0700[diff] [blame]140 paramTLV.push_back(makeStringBlock(tlv_parameter_key, "name"));
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]141 paramTLV.push_back(makeStringBlock(tlv_parameter_value, "zhiyi"));
142 paramTLV.encode();
143
144 interest.setApplicationParameters(paramTLV);
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]145
146 int count = 0;
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]147 face.onSendData.connect([&](const Data& response) {
148 count++;
149 BOOST_CHECK(security::verifySignature(response, cert));
150 auto contentBlock = response.getContent();
151 contentBlock.parse();
152 auto probeResponseBlock = contentBlock.get(tlv_probe_response);
153 probeResponseBlock.parse();
154 Name caPrefix;
155 caPrefix.wireDecode(probeResponseBlock.get(tlv::Name));
156 BOOST_CHECK(caPrefix != "");
157 });
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]158 face.receive(interest);
159
160 advanceClocks(time::milliseconds(20), 60);
161 BOOST_CHECK_EQUAL(count, 1);
162}
163
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]164BOOST_AUTO_TEST_CASE(HandleNew)
165{
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]166 auto identity = addIdentity(Name("/ndn"));
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]167 auto key = identity.getDefaultKey();
168 auto cert = key.getDefaultCertificate();
169
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]170 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]171 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]172 advanceClocks(time::milliseconds(20), 60);
173
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame^]174 CaProfile item;
Suyong Won256c9062020-05-11 02:45:56 -0700[diff] [blame]175 item.m_caPrefix = Name("/ndn");
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]176 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame^]177 RequesterState state(m_keyChain, item, RequestType::NEW);
178 auto interest = Requester::genNewInterest(state, Name("/ndn/zhiyi"),
179 time::system_clock::now(),
180 time::system_clock::now() + time::days(1));
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]181
182 int count = 0;
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]183 face.onSendData.connect([&](const Data& response) {
184 count++;
185 BOOST_CHECK(security::verifySignature(response, cert));
186 auto contentBlock = response.getContent();
187 contentBlock.parse();
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]188
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]189 BOOST_CHECK(readString(contentBlock.get(tlv_ecdh_pub)) != "");
190 BOOST_CHECK(readString(contentBlock.get(tlv_salt)) != "");
191 BOOST_CHECK(readString(contentBlock.get(tlv_request_id)) != "");
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]192
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]193 auto challengeBlockCount = 0;
194 for (auto const& element : contentBlock.elements()) {
195 if (element.type() == tlv_challenge) {
196 challengeBlockCount++;
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]197 }
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]198 }
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]199
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]200 BOOST_CHECK(challengeBlockCount != 0);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]201
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame^]202 auto challengeList = Requester::onNewRenewRevokeResponse(state, response);
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]203 auto ca_encryption_key = ca.getCaStorage()->getRequest(readString(contentBlock.get(tlv_request_id))).m_encryptionKey;
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame^]204 BOOST_CHECK_EQUAL_COLLECTIONS(state.m_aesKey, state.m_aesKey + sizeof(state.m_aesKey),
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]205 ca_encryption_key.value(), ca_encryption_key.value() + ca_encryption_key.value_size());
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]206 });
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]207 face.receive(*interest);
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]208
209 advanceClocks(time::milliseconds(20), 60);
210 BOOST_CHECK_EQUAL(count, 1);
211}
212
Zhiyi Zhang1a735bc2019-07-04 21:36:49 -0700[diff] [blame]213BOOST_AUTO_TEST_CASE(HandleNewWithInvalidValidityPeriod1)
214{
215 auto identity = addIdentity(Name("/ndn"));
216 auto key = identity.getDefaultKey();
217 auto cert = key.getDefaultCertificate();
218
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]219 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]220 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1");
Zhiyi Zhang1a735bc2019-07-04 21:36:49 -0700[diff] [blame]221 advanceClocks(time::milliseconds(20), 60);
222
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame^]223 CaProfile item;
Suyong Won256c9062020-05-11 02:45:56 -0700[diff] [blame]224 item.m_caPrefix = Name("/ndn");
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]225 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame^]226 RequesterState state(m_keyChain, item, RequestType::NEW);
Zhiyi Zhang1a735bc2019-07-04 21:36:49 -0700[diff] [blame]227 auto current_tp = time::system_clock::now();
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame^]228 auto interest1 = Requester::genNewInterest(state, Name("/ndn/zhiyi"), current_tp, current_tp - time::hours(1));
229 auto interest2 = Requester::genNewInterest(state, Name("/ndn/zhiyi"), current_tp, current_tp + time::days(361));
230 auto interest3 = Requester::genNewInterest(state, Name("/ndn/zhiyi"), current_tp - time::hours(1), current_tp + time::hours(2));
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]231 face.onSendData.connect([&](const Data& response) {
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]232 auto contentTlv = response.getContent();
233 contentTlv.parse();
234 auto errorCode = static_cast<ErrorCode>(readNonNegativeInteger(contentTlv.get(tlv_error_code)));
235 BOOST_CHECK(errorCode != ErrorCode::NO_ERROR);
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]236 });
Zhiyi Zhang1a735bc2019-07-04 21:36:49 -0700[diff] [blame]237 face.receive(*interest1);
238 face.receive(*interest2);
239 face.receive(*interest3);
240
241 advanceClocks(time::milliseconds(20), 60);
242}
243
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]244BOOST_AUTO_TEST_CASE(HandleNewWithLongSuffix)
245{
246 auto identity = addIdentity(Name("/ndn"));
247 auto key = identity.getDefaultKey();
248 auto cert = key.getDefaultCertificate();
249
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]250 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]251 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]252 advanceClocks(time::milliseconds(20), 60);
253
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame^]254 CaProfile item;
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]255 item.m_caPrefix = Name("/ndn");
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]256 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame^]257 RequesterState state(m_keyChain, item, RequestType::NEW);
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]258
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame^]259 auto interest1 = Requester::genNewInterest(state, Name("/ndn/a"), time::system_clock::now(),
260 time::system_clock::now() + time::days(1));
261 auto interest2 = Requester::genNewInterest(state, Name("/ndn/a/b"), time::system_clock::now(),
262 time::system_clock::now() + time::days(1));
263 auto interest3 = Requester::genNewInterest(state, Name("/ndn/a/b/c/d"), time::system_clock::now(),
264 time::system_clock::now() + time::days(1));
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]265
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]266 face.onSendData.connect([&](const Data& response) {
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]267 auto contentTlv = response.getContent();
268 contentTlv.parse();
269 if (interest3->getName().isPrefixOf(response.getName())) {
270 auto errorCode = static_cast<ErrorCode>(readNonNegativeInteger(contentTlv.get(tlv_error_code)));
271 BOOST_CHECK(errorCode != ErrorCode::NO_ERROR);
272 }
273 else {
274 // should successfully get responses
275 BOOST_CHECK_EXCEPTION(readNonNegativeInteger(contentTlv.get(tlv_error_code)), std::runtime_error,
276 [](const auto& e) { return true; });
277 }
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]278 });
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]279 face.receive(*interest1);
280 face.receive(*interest2);
281 face.receive(*interest3);
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]282 advanceClocks(time::milliseconds(20), 60);
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]283}
284
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]285BOOST_AUTO_TEST_CASE(HandleNewWithInvalidLength1)
286{
287 auto identity = addIdentity(Name("/ndn"));
288 auto key = identity.getDefaultKey();
289 auto cert = key.getDefaultCertificate();
290
291 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]292 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1");
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]293 advanceClocks(time::milliseconds(20), 60);
294
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame^]295 CaProfile item;
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]296 item.m_caPrefix = Name("/ndn");
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]297 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame^]298 RequesterState state(m_keyChain, item, RequestType::NEW);
299
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]300 auto current_tp = time::system_clock::now();
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame^]301 auto interest1 = Requester::genNewInterest(state, Name("/ndn"), current_tp, current_tp + time::days(1));
302 auto interest2 = Requester::genNewInterest(state, Name("/ndn/a/b/c/d"), current_tp, current_tp + time::days(1));
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]303 face.onSendData.connect([&](const Data& response) {
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]304 auto contentTlv = response.getContent();
305 contentTlv.parse();
306 auto errorCode = static_cast<ErrorCode>(readNonNegativeInteger(contentTlv.get(tlv_error_code)));
307 BOOST_CHECK(errorCode != ErrorCode::NO_ERROR);
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]308 });
309 face.receive(*interest1);
310 face.receive(*interest2);
311
312 advanceClocks(time::milliseconds(20), 60);
313}
314
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]315BOOST_AUTO_TEST_CASE(HandleChallenge)
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]316{
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]317 auto identity = addIdentity(Name("/ndn"));
318 auto key = identity.getDefaultKey();
319 auto cert = key.getDefaultCertificate();
320
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]321 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]322 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]323 advanceClocks(time::milliseconds(20), 60);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]324
325 // generate NEW Interest
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame^]326 CaProfile item;
Suyong Won256c9062020-05-11 02:45:56 -0700[diff] [blame]327 item.m_caPrefix = Name("/ndn");
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]328 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame^]329 RequesterState state(m_keyChain, item, RequestType::NEW);
330
331 auto newInterest = Requester::genNewInterest(state, Name("/ndn/zhiyi"), time::system_clock::now(),
332 time::system_clock::now() + time::days(1));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]333
334 // generate CHALLENGE Interest
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]335 shared_ptr<Interest> challengeInterest = nullptr;
336 shared_ptr<Interest> challengeInterest2 = nullptr;
337 shared_ptr<Interest> challengeInterest3 = nullptr;
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]338
339 int count = 0;
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]340 face.onSendData.connect([&](const Data& response) {
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]341 if (Name("/ndn/CA/NEW").isPrefixOf(response.getName())) {
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame^]342 auto challengeList = Requester::onNewRenewRevokeResponse(state, response);
343 auto paramList = Requester::selectOrContinueChallenge(state, "pin");
344 challengeInterest = Requester::genChallengeInterest(state, std::move(paramList));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]345 }
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]346 else if (Name("/ndn/CA/CHALLENGE").isPrefixOf(response.getName()) && count == 0) {
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]347 count++;
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]348 BOOST_CHECK(security::verifySignature(response, cert));
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]349
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame^]350 Requester::onChallengeResponse(state, response);
351 BOOST_CHECK(state.m_status == Status::CHALLENGE);
352 BOOST_CHECK_EQUAL(state.m_challengeStatus, ChallengePin::NEED_CODE);
353 auto paramList = Requester::selectOrContinueChallenge(state, "pin");
354 challengeInterest2 = Requester::genChallengeInterest(state, std::move(paramList));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]355 }
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]356 else if (Name("/ndn/CA/CHALLENGE").isPrefixOf(response.getName()) && count == 1) {
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]357 count++;
358 BOOST_CHECK(security::verifySignature(response, cert));
359
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame^]360 Requester::onChallengeResponse(state, response);
361 BOOST_CHECK(state.m_status == Status::CHALLENGE);
362 BOOST_CHECK_EQUAL(state.m_challengeStatus, ChallengePin::WRONG_CODE);
Davide Pesavento914d05f2019-07-13 16:20:19 -0400[diff] [blame]363
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame^]364 auto paramList = Requester::selectOrContinueChallenge(state, "pin");
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]365 auto request = ca.getCertificateRequest(*challengeInterest2);
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]366 auto secret = request.m_challengeState->m_secrets.get(ChallengePin::PARAMETER_KEY_CODE, "");
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]367 std::get<1>(paramList[0]) = secret;
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame^]368 challengeInterest3 = Requester::genChallengeInterest(state, std::move(paramList));
369 std::cout << "CHALLENGE Interest Size: " << challengeInterest3->wireEncode().size() << std::endl;
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]370 }
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]371 else if (Name("/ndn/CA/CHALLENGE").isPrefixOf(response.getName()) && count == 2) {
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]372 count++;
373 BOOST_CHECK(security::verifySignature(response, cert));
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame^]374 Requester::onChallengeResponse(state, response);
375 BOOST_CHECK(state.m_status == Status::SUCCESS);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]376 }
Davide Pesavento914d05f2019-07-13 16:20:19 -0400[diff] [blame]377 });
378
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]379 face.receive(*newInterest);
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]380 advanceClocks(time::milliseconds(20), 60);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]381 face.receive(*challengeInterest);
382 advanceClocks(time::milliseconds(20), 60);
383 face.receive(*challengeInterest2);
384 advanceClocks(time::milliseconds(20), 60);
385 face.receive(*challengeInterest3);
386 advanceClocks(time::milliseconds(20), 60);
387 BOOST_CHECK_EQUAL(count, 3);
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]388}
389
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]390BOOST_AUTO_TEST_CASE(HandleRevoke)
391{
392 auto identity = addIdentity(Name("/ndn"));
393 auto key = identity.getDefaultKey();
394 auto cert = key.getDefaultCertificate();
395
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]396 util::DummyClientFace face(io, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]397 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]398 advanceClocks(time::milliseconds(20), 60);
399
400 //generate a certificate
401 auto clientIdentity = m_keyChain.createIdentity("/ndn/qwerty");
402 auto clientKey = clientIdentity.getDefaultKey();
403 security::v2::Certificate clientCert;
404 clientCert.setName(Name(clientKey.getName()).append("cert-request").appendVersion());
405 clientCert.setContentType(tlv::ContentType_Key);
406 clientCert.setFreshnessPeriod(time::hours(24));
407 clientCert.setContent(clientKey.getPublicKey().data(), clientKey.getPublicKey().size());
408 SignatureInfo signatureInfo;
409 signatureInfo.setValidityPeriod(security::ValidityPeriod(time::system_clock::now(),
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]410 time::system_clock::now() + time::hours(10)));
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]411 m_keyChain.sign(clientCert, signingByKey(clientKey.getName()).setSignatureInfo(signatureInfo));
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]412 RequestState certRequest(Name("/ndn"), "122", RequestType::NEW, Status::SUCCESS, clientCert, makeEmptyBlock(tlv::ContentType_Key));
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]413 auto issuedCert = ca.issueCertificate(certRequest);
414
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame^]415 CaProfile item;
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]416 item.m_caPrefix = Name("/ndn");
417 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame^]418 RequesterState state(m_keyChain, item, RequestType::REVOKE);
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]419
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame^]420 auto interest = Requester::genRevokeInterest(state, issuedCert);
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]421
422 int count = 0;
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]423 face.onSendData.connect([&](const Data& response) {
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]424 count++;
425 BOOST_CHECK(security::verifySignature(response, cert));
426 auto contentBlock = response.getContent();
427 contentBlock.parse();
428
429 BOOST_CHECK(readString(contentBlock.get(tlv_ecdh_pub)) != "");
430 BOOST_CHECK(readString(contentBlock.get(tlv_salt)) != "");
431 BOOST_CHECK(readString(contentBlock.get(tlv_request_id)) != "");
432
433 auto challengeBlockCount = 0;
434 for (auto const& element : contentBlock.elements()) {
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]435 if (element.type() == tlv_challenge) {
436 challengeBlockCount++;
437 }
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]438 }
439
440 BOOST_CHECK(challengeBlockCount != 0);
441
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame^]442 auto challengeList = Requester::onNewRenewRevokeResponse(state, response);
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]443 auto ca_encryption_key = ca.getCaStorage()->getRequest(readString(contentBlock.get(tlv_request_id))).m_encryptionKey;
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame^]444 BOOST_CHECK_EQUAL_COLLECTIONS(state.m_aesKey, state.m_aesKey + sizeof(state.m_aesKey),
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]445 ca_encryption_key.value(), ca_encryption_key.value() + ca_encryption_key.value_size());
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]446 });
447 face.receive(*interest);
448
449 advanceClocks(time::milliseconds(20), 60);
450 BOOST_CHECK_EQUAL(count, 1);
451}
452
453BOOST_AUTO_TEST_CASE(HandleRevokeWithBadCert)
454{
455 auto identity = addIdentity(Name("/ndn"));
456 auto key = identity.getDefaultKey();
457 auto cert = key.getDefaultCertificate();
458
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]459 util::DummyClientFace face(io, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]460 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]461 advanceClocks(time::milliseconds(20), 60);
462
Zhiyi Zhang3e8ca252020-09-30 17:18:38 -0700[diff] [blame]463 // generate a certificate
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]464 auto clientIdentity = m_keyChain.createIdentity("/ndn/qwerty");
465 auto clientKey = clientIdentity.getDefaultKey();
466 security::v2::Certificate clientCert;
467 clientCert.setName(Name(clientKey.getName()).append("NDNCERT").append(std::to_string(1473283247810732701)));
468 clientCert.setContentType(tlv::ContentType_Key);
469 clientCert.setFreshnessPeriod(time::hours(24));
470 clientCert.setContent(clientKey.getPublicKey().data(), clientKey.getPublicKey().size());
471 SignatureInfo signatureInfo;
472 signatureInfo.setValidityPeriod(security::ValidityPeriod(time::system_clock::now(),
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]473 time::system_clock::now() + time::hours(10)));
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]474 m_keyChain.sign(clientCert, signingByKey(clientKey.getName()).setSignatureInfo(signatureInfo));
475
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame^]476 CaProfile item;
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]477 item.m_caPrefix = Name("/ndn");
478 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame^]479 RequesterState state(m_keyChain, item, RequestType::NEW);
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]480
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame^]481 auto interest = Requester::genRevokeInterest(state, clientCert);
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]482
Zhiyi Zhang3e8ca252020-09-30 17:18:38 -0700[diff] [blame]483 bool receiveData = false;
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]484 face.onSendData.connect([&](const Data& response) {
Zhiyi Zhang3e8ca252020-09-30 17:18:38 -0700[diff] [blame]485 receiveData = true;
486 auto contentTlv = response.getContent();
487 contentTlv.parse();
488 BOOST_CHECK(static_cast<ErrorCode>(readNonNegativeInteger(contentTlv.get(tlv_error_code))) != ErrorCode::NO_ERROR);
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]489 });
490 face.receive(*interest);
491
492 advanceClocks(time::milliseconds(20), 60);
Zhiyi Zhang3e8ca252020-09-30 17:18:38 -0700[diff] [blame]493 BOOST_CHECK_EQUAL(receiveData, true);
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]494}
495
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]496BOOST_AUTO_TEST_SUITE_END() // TestCaModule
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]497
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]498} // namespace tests
499} // namespace ndncert
500} // namespace ndn