Gitiles
Code Review Sign In
gerrit.named-data.net / ndncert / b940aa1a118e0bd5090cc02d76dc38dc703e6803 / . / tests / unit-tests / ca-module.t.cpp
blob: 22c0d564e3aa25978b3099663e00663767362339 [file] [log] [blame]
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Davide Pesavento914d05f2019-07-13 16:20:19 -0400[diff] [blame]2/*
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]3 * Copyright (c) 2017-2020, Regents of the University of California.
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]4 *
5 * This file is part of ndncert, a certificate management system based on NDN.
6 *
7 * ndncert is free software: you can redistribute it and/or modify it under the terms
8 * of the GNU General Public License as published by the Free Software Foundation, either
9 * version 3 of the License, or (at your option) any later version.
10 *
11 * ndncert is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License along with
16 * ndncert, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
17 *
18 * See AUTHORS.md for complete list of ndncert authors and contributors.
19 */
20
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]21#include "ca-module.hpp"
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]22#include "challenge-module.hpp"
Zhiyi Zhang8bd8e5b2020-09-29 17:40:40 -0700[diff] [blame]23#include "challenge-modules/challenge-email.hpp"
24#include "challenge-modules/challenge-pin.hpp"
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]25#include "client-module.hpp"
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]26#include "protocol-detail/info.hpp"
Zhiyi Zhang5d80e1e2020-09-25 11:34:54 -0700[diff] [blame]27#include "test-common.hpp"
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]28
29namespace ndn {
30namespace ndncert {
31namespace tests {
32
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]33BOOST_FIXTURE_TEST_SUITE(TestCaModule, DatabaseFixture)
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]34
35BOOST_AUTO_TEST_CASE(Initialization)
36{
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]37 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]38 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
39 BOOST_CHECK_EQUAL(ca.getCaConf().m_caItem.m_caPrefix, "/ndn");
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]40
41 auto identity = addIdentity(Name("/ndn/site2"));
42 auto key = identity.getDefaultKey();
43 auto cert = key.getDefaultCertificate();
44 ca.getCaStorage()->addCertificate("111", cert);
45 BOOST_CHECK_EQUAL(ca.getCaStorage()->getCertificate("111").getIdentity(), Name("/ndn/site2"));
46
47 advanceClocks(time::milliseconds(20), 60);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]48 BOOST_CHECK_EQUAL(ca.m_registeredPrefixHandles.size(), 2);
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]49 BOOST_CHECK_EQUAL(ca.m_interestFilterHandles.size(), 5); // onInfo, onProbe, onNew, onChallenge, onRevoke
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]50}
51
swa77020643ac2020-03-26 02:24:45 -0700[diff] [blame]52BOOST_AUTO_TEST_CASE(HandleInfo)
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]53{
54 auto identity = addIdentity(Name("/ndn"));
55 auto key = identity.getDefaultKey();
56 auto cert = key.getDefaultCertificate();
57
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]58 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]59 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]60 advanceClocks(time::milliseconds(20), 60);
61
swa77020643ac2020-03-26 02:24:45 -0700[diff] [blame]62 Interest interest("/ndn/CA/INFO");
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]63 interest.setCanBePrefix(false);
64
65 int count = 0;
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]66 face.onSendData.connect([&](const Data& response) {
67 count++;
68 BOOST_CHECK(security::verifySignature(response, cert));
69 auto contentBlock = response.getContent();
70 contentBlock.parse();
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]71 auto caItem = INFO::decodeDataContentToCaProfile(contentBlock);
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]72 BOOST_CHECK_EQUAL(caItem.m_caPrefix, "/ndn");
Zhiyi Zhangb940aa12020-09-30 16:38:57 -0700[diff] [blame^]73 BOOST_CHECK_EQUAL(caItem.m_probeParameterKeys.size(), 1);
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]74 BOOST_CHECK_EQUAL(caItem.m_cert->wireEncode(), cert.wireEncode());
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]75 BOOST_CHECK_EQUAL(caItem.m_caInfo, "ndn testbed ca");
76 });
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]77 face.receive(interest);
78
79 advanceClocks(time::milliseconds(20), 60);
80 BOOST_CHECK_EQUAL(count, 1);
81}
82
Zhiyi Zhang6f395812020-09-29 14:42:03 -0700[diff] [blame]83BOOST_AUTO_TEST_CASE(HandleProbe)
84{
85 auto identity = addIdentity(Name("/ndn"));
86 auto key = identity.getDefaultKey();
87 auto cert = key.getDefaultCertificate();
88
89 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]90 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
Zhiyi Zhang6f395812020-09-29 14:42:03 -0700[diff] [blame]91 ca.setNameAssignmentFunction([&](const std::vector<std::tuple<std::string, std::string>>) -> std::vector<std::string> {
92 std::vector<std::string> result;
93 result.push_back("example");
94 return result;
95 });
96 advanceClocks(time::milliseconds(20), 60);
97
98 Interest interest("/ndn/CA/PROBE");
99 interest.setCanBePrefix(false);
100
101 Block paramTLV = makeEmptyBlock(tlv::ApplicationParameters);
102 paramTLV.push_back(makeStringBlock(tlv_parameter_key, "name"));
103 paramTLV.push_back(makeStringBlock(tlv_parameter_value, "zhiyi"));
104 paramTLV.encode();
105
106 interest.setApplicationParameters(paramTLV);
107
108 int count = 0;
109 face.onSendData.connect([&](const Data& response) {
110 count++;
111 BOOST_CHECK(security::verifySignature(response, cert));
112 Block contentBlock = response.getContent();
113 contentBlock.parse();
114 Block probeResponse = contentBlock.get(tlv_probe_response);
115 probeResponse.parse();
116 Name caName;
117 caName.wireDecode(probeResponse.get(tlv::Name));
118 BOOST_CHECK_EQUAL(caName, "/ndn/example");
119 });
120 face.receive(interest);
121
122 advanceClocks(time::milliseconds(20), 60);
123 BOOST_CHECK_EQUAL(count, 1);
124}
125
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]126BOOST_AUTO_TEST_CASE(HandleProbeUsingDefaultHandler)
127{
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]128 auto identity = addIdentity(Name("/ndn"));
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]129 auto key = identity.getDefaultKey();
130 auto cert = key.getDefaultCertificate();
131
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]132 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]133 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]134 advanceClocks(time::milliseconds(20), 60);
135
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]136 Interest interest("/ndn/CA/PROBE");
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]137 interest.setCanBePrefix(false);
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]138
139 Block paramTLV = makeEmptyBlock(tlv::ApplicationParameters);
Zhiyi Zhang6f395812020-09-29 14:42:03 -0700[diff] [blame]140 paramTLV.push_back(makeStringBlock(tlv_parameter_key, "name"));
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]141 paramTLV.push_back(makeStringBlock(tlv_parameter_value, "zhiyi"));
142 paramTLV.encode();
143
144 interest.setApplicationParameters(paramTLV);
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]145
146 int count = 0;
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]147 face.onSendData.connect([&](const Data& response) {
148 count++;
149 BOOST_CHECK(security::verifySignature(response, cert));
150 auto contentBlock = response.getContent();
151 contentBlock.parse();
152 auto probeResponseBlock = contentBlock.get(tlv_probe_response);
153 probeResponseBlock.parse();
154 Name caPrefix;
155 caPrefix.wireDecode(probeResponseBlock.get(tlv::Name));
156 BOOST_CHECK(caPrefix != "");
157 });
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]158 face.receive(interest);
159
160 advanceClocks(time::milliseconds(20), 60);
161 BOOST_CHECK_EQUAL(count, 1);
162}
163
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]164BOOST_AUTO_TEST_CASE(HandleNew)
165{
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]166 auto identity = addIdentity(Name("/ndn"));
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]167 auto key = identity.getDefaultKey();
168 auto cert = key.getDefaultCertificate();
169
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]170 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]171 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]172 advanceClocks(time::milliseconds(20), 60);
173
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]174 ClientModule client(m_keyChain);
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]175 CaConfigItem item;
Suyong Won256c9062020-05-11 02:45:56 -0700[diff] [blame]176 item.m_caPrefix = Name("/ndn");
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]177 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]178 client.getClientConf().m_caItems.push_back(item);
Zhiyi Zhang5f749a22019-06-12 17:02:33 -0700[diff] [blame]179
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]180 auto interest = client.generateNewInterest(time::system_clock::now(),
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]181 time::system_clock::now() + time::days(1),
Zhiyi Zhang5f749a22019-06-12 17:02:33 -0700[diff] [blame]182 Name("/ndn/zhiyi"));
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]183
184 int count = 0;
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]185 face.onSendData.connect([&](const Data& response) {
186 count++;
187 BOOST_CHECK(security::verifySignature(response, cert));
188 auto contentBlock = response.getContent();
189 contentBlock.parse();
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]190
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]191 BOOST_CHECK(readString(contentBlock.get(tlv_ecdh_pub)) != "");
192 BOOST_CHECK(readString(contentBlock.get(tlv_salt)) != "");
193 BOOST_CHECK(readString(contentBlock.get(tlv_request_id)) != "");
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]194
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]195 auto challengeBlockCount = 0;
196 for (auto const& element : contentBlock.elements()) {
197 if (element.type() == tlv_challenge) {
198 challengeBlockCount++;
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]199 }
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]200 }
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]201
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]202 BOOST_CHECK(challengeBlockCount != 0);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]203
tylerliu0e176c32020-09-29 11:39:46 -0700[diff] [blame]204 client.onNewRenewRevokeResponse(response);
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]205 auto ca_encryption_key = ca.getCaStorage()->getRequest(readString(contentBlock.get(tlv_request_id))).m_encryptionKey;
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]206 BOOST_CHECK_EQUAL_COLLECTIONS(client.m_aesKey, client.m_aesKey + sizeof(client.m_aesKey),
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]207 ca_encryption_key.value(), ca_encryption_key.value() + ca_encryption_key.value_size());
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]208 });
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]209 face.receive(*interest);
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]210
211 advanceClocks(time::milliseconds(20), 60);
212 BOOST_CHECK_EQUAL(count, 1);
213}
214
Zhiyi Zhang1a735bc2019-07-04 21:36:49 -0700[diff] [blame]215BOOST_AUTO_TEST_CASE(HandleNewWithInvalidValidityPeriod1)
216{
217 auto identity = addIdentity(Name("/ndn"));
218 auto key = identity.getDefaultKey();
219 auto cert = key.getDefaultCertificate();
220
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]221 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]222 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1");
Zhiyi Zhang1a735bc2019-07-04 21:36:49 -0700[diff] [blame]223 advanceClocks(time::milliseconds(20), 60);
224
225 ClientModule client(m_keyChain);
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]226 CaConfigItem item;
Suyong Won256c9062020-05-11 02:45:56 -0700[diff] [blame]227 item.m_caPrefix = Name("/ndn");
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]228 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
Zhiyi Zhang1a735bc2019-07-04 21:36:49 -0700[diff] [blame]229 client.getClientConf().m_caItems.push_back(item);
230 auto current_tp = time::system_clock::now();
231 auto interest1 = client.generateNewInterest(current_tp, current_tp - time::hours(1),
232 Name("/ndn/zhiyi"));
233 auto interest2 = client.generateNewInterest(current_tp, current_tp + time::days(361),
234 Name("/ndn/zhiyi"));
235 auto interest3 = client.generateNewInterest(current_tp - time::hours(1),
236 current_tp + time::hours(2),
237 Name("/ndn/zhiyi"));
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]238 face.onSendData.connect([&](const Data& response) {
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]239 auto contentTlv = response.getContent();
240 contentTlv.parse();
241 auto errorCode = static_cast<ErrorCode>(readNonNegativeInteger(contentTlv.get(tlv_error_code)));
242 BOOST_CHECK(errorCode != ErrorCode::NO_ERROR);
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]243 });
Zhiyi Zhang1a735bc2019-07-04 21:36:49 -0700[diff] [blame]244 face.receive(*interest1);
245 face.receive(*interest2);
246 face.receive(*interest3);
247
248 advanceClocks(time::milliseconds(20), 60);
249}
250
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]251BOOST_AUTO_TEST_CASE(HandleNewWithLongSuffix)
252{
253 auto identity = addIdentity(Name("/ndn"));
254 auto key = identity.getDefaultKey();
255 auto cert = key.getDefaultCertificate();
256
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]257 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]258 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]259 advanceClocks(time::milliseconds(20), 60);
260
261 ClientModule client(m_keyChain);
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]262 CaConfigItem item;
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]263 item.m_caPrefix = Name("/ndn");
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]264 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]265 client.getClientConf().m_caItems.push_back(item);
266
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]267 auto interest1 = client.generateNewInterest(time::system_clock::now(),
268 time::system_clock::now() + time::days(1),
269 Name("/ndn/a"));
270 auto interest2 = client.generateNewInterest(time::system_clock::now(),
271 time::system_clock::now() + time::days(1),
272 Name("/ndn/a/b"));
273 auto interest3 = client.generateNewInterest(time::system_clock::now(),
274 time::system_clock::now() + time::days(1),
275 Name("/ndn/a/b/c/d"));
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]276
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]277 face.onSendData.connect([&](const Data& response) {
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]278 auto contentTlv = response.getContent();
279 contentTlv.parse();
280 if (interest3->getName().isPrefixOf(response.getName())) {
281 auto errorCode = static_cast<ErrorCode>(readNonNegativeInteger(contentTlv.get(tlv_error_code)));
282 BOOST_CHECK(errorCode != ErrorCode::NO_ERROR);
283 }
284 else {
285 // should successfully get responses
286 BOOST_CHECK_EXCEPTION(readNonNegativeInteger(contentTlv.get(tlv_error_code)), std::runtime_error,
287 [](const auto& e) { return true; });
288 }
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]289 });
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]290 face.receive(*interest1);
291 face.receive(*interest2);
292 face.receive(*interest3);
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]293 advanceClocks(time::milliseconds(20), 60);
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]294}
295
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]296BOOST_AUTO_TEST_CASE(HandleNewWithInvalidLength1)
297{
298 auto identity = addIdentity(Name("/ndn"));
299 auto key = identity.getDefaultKey();
300 auto cert = key.getDefaultCertificate();
301
302 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]303 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1");
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]304 advanceClocks(time::milliseconds(20), 60);
305
306 ClientModule client(m_keyChain);
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]307 CaConfigItem item;
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]308 item.m_caPrefix = Name("/ndn");
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]309 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]310 client.getClientConf().m_caItems.push_back(item);
311 auto current_tp = time::system_clock::now();
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]312 auto interest1 = client.generateNewInterest(current_tp, current_tp + time::days(1), Name("/ndn"));
313 auto interest2 = client.generateNewInterest(current_tp, current_tp + time::days(1), Name("/ndn/a/b/c/d"));
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]314 face.onSendData.connect([&](const Data& response) {
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]315 auto contentTlv = response.getContent();
316 contentTlv.parse();
317 auto errorCode = static_cast<ErrorCode>(readNonNegativeInteger(contentTlv.get(tlv_error_code)));
318 BOOST_CHECK(errorCode != ErrorCode::NO_ERROR);
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]319 });
320 face.receive(*interest1);
321 face.receive(*interest2);
322
323 advanceClocks(time::milliseconds(20), 60);
324}
325
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]326BOOST_AUTO_TEST_CASE(HandleChallenge)
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]327{
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]328 auto identity = addIdentity(Name("/ndn"));
329 auto key = identity.getDefaultKey();
330 auto cert = key.getDefaultCertificate();
331
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]332 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]333 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]334 advanceClocks(time::milliseconds(20), 60);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]335
336 // generate NEW Interest
337 ClientModule client(m_keyChain);
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]338 CaConfigItem item;
Suyong Won256c9062020-05-11 02:45:56 -0700[diff] [blame]339 item.m_caPrefix = Name("/ndn");
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]340 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]341 client.getClientConf().m_caItems.push_back(item);
342 auto newInterest = client.generateNewInterest(time::system_clock::now(),
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]343 time::system_clock::now() + time::days(1), Name("/ndn/zhiyi"));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]344
345 // generate CHALLENGE Interest
346 ChallengePin pinChallenge;
347 shared_ptr<Interest> challengeInterest = nullptr;
348 shared_ptr<Interest> challengeInterest2 = nullptr;
349 shared_ptr<Interest> challengeInterest3 = nullptr;
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]350
351 int count = 0;
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]352 face.onSendData.connect([&](const Data& response) {
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]353 if (Name("/ndn/CA/NEW").isPrefixOf(response.getName())) {
tylerliu0e176c32020-09-29 11:39:46 -0700[diff] [blame]354 client.onNewRenewRevokeResponse(response);
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]355 auto paramList = pinChallenge.getRequestedParameterList(client.m_status, client.m_challengeStatus);
Suyong Won44d0cce2020-05-10 04:07:43 -0700[diff] [blame]356 challengeInterest = client.generateChallengeInterest(pinChallenge.genChallengeRequestTLV(client.m_status,
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]357 client.m_challengeStatus,
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]358 std::move(paramList)));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]359 }
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]360 else if (Name("/ndn/CA/CHALLENGE").isPrefixOf(response.getName()) && count == 0) {
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]361 count++;
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]362 BOOST_CHECK(security::verifySignature(response, cert));
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]363
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]364 client.onChallengeResponse(response);
Zhiyi Zhang48f23782020-09-28 12:11:24 -0700[diff] [blame]365 BOOST_CHECK(client.m_status == Status::CHALLENGE);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]366 BOOST_CHECK_EQUAL(client.m_challengeStatus, ChallengePin::NEED_CODE);
Davide Pesavento914d05f2019-07-13 16:20:19 -0400[diff] [blame]367
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]368 auto paramList = pinChallenge.getRequestedParameterList(client.m_status, client.m_challengeStatus);
Suyong Won44d0cce2020-05-10 04:07:43 -0700[diff] [blame]369 challengeInterest2 = client.generateChallengeInterest(pinChallenge.genChallengeRequestTLV(client.m_status,
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]370 client.m_challengeStatus,
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]371 std::move(paramList)));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]372 }
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]373 else if (Name("/ndn/CA/CHALLENGE").isPrefixOf(response.getName()) && count == 1) {
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]374 count++;
375 BOOST_CHECK(security::verifySignature(response, cert));
376
377 client.onChallengeResponse(response);
Zhiyi Zhang48f23782020-09-28 12:11:24 -0700[diff] [blame]378 BOOST_CHECK(client.m_status == Status::CHALLENGE);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]379 BOOST_CHECK_EQUAL(client.m_challengeStatus, ChallengePin::WRONG_CODE);
Davide Pesavento914d05f2019-07-13 16:20:19 -0400[diff] [blame]380
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]381 auto paramList = pinChallenge.getRequestedParameterList(client.m_status, client.m_challengeStatus);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]382 auto request = ca.getCertificateRequest(*challengeInterest2);
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]383 auto secret = request.m_challengeState->m_secrets.get(ChallengePin::PARAMETER_KEY_CODE, "");
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]384 std::get<1>(paramList[0]) = secret;
Suyong Won44d0cce2020-05-10 04:07:43 -0700[diff] [blame]385 challengeInterest3 = client.generateChallengeInterest(pinChallenge.genChallengeRequestTLV(client.m_status,
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]386 client.m_challengeStatus,
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]387 std::move(paramList)));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]388 }
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]389 else if (Name("/ndn/CA/CHALLENGE").isPrefixOf(response.getName()) && count == 2) {
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]390 count++;
391 BOOST_CHECK(security::verifySignature(response, cert));
392
393 client.onChallengeResponse(response);
Zhiyi Zhang48f23782020-09-28 12:11:24 -0700[diff] [blame]394 BOOST_CHECK(client.m_status == Status::SUCCESS);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]395 }
Davide Pesavento914d05f2019-07-13 16:20:19 -0400[diff] [blame]396 });
397
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]398 face.receive(*newInterest);
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]399 advanceClocks(time::milliseconds(20), 60);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]400 face.receive(*challengeInterest);
401 advanceClocks(time::milliseconds(20), 60);
402 face.receive(*challengeInterest2);
403 advanceClocks(time::milliseconds(20), 60);
404 face.receive(*challengeInterest3);
405 advanceClocks(time::milliseconds(20), 60);
406 BOOST_CHECK_EQUAL(count, 3);
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]407}
408
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]409BOOST_AUTO_TEST_CASE(HandleRevoke)
410{
411 auto identity = addIdentity(Name("/ndn"));
412 auto key = identity.getDefaultKey();
413 auto cert = key.getDefaultCertificate();
414
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]415 util::DummyClientFace face(io, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]416 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]417 advanceClocks(time::milliseconds(20), 60);
418
419 //generate a certificate
420 auto clientIdentity = m_keyChain.createIdentity("/ndn/qwerty");
421 auto clientKey = clientIdentity.getDefaultKey();
422 security::v2::Certificate clientCert;
423 clientCert.setName(Name(clientKey.getName()).append("cert-request").appendVersion());
424 clientCert.setContentType(tlv::ContentType_Key);
425 clientCert.setFreshnessPeriod(time::hours(24));
426 clientCert.setContent(clientKey.getPublicKey().data(), clientKey.getPublicKey().size());
427 SignatureInfo signatureInfo;
428 signatureInfo.setValidityPeriod(security::ValidityPeriod(time::system_clock::now(),
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]429 time::system_clock::now() + time::hours(10)));
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]430 m_keyChain.sign(clientCert, signingByKey(clientKey.getName()).setSignatureInfo(signatureInfo));
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]431 RequestState certRequest(Name("/ndn"), "122", RequestType::NEW, Status::SUCCESS, clientCert, makeEmptyBlock(tlv::ContentType_Key));
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]432 auto issuedCert = ca.issueCertificate(certRequest);
433
434 ClientModule client(m_keyChain);
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]435 CaConfigItem item;
436 item.m_caPrefix = Name("/ndn");
437 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]438 client.getClientConf().m_caItems.push_back(item);
439
440 auto interest = client.generateRevokeInterest(issuedCert);
441
442 int count = 0;
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]443 face.onSendData.connect([&](const Data& response) {
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]444 count++;
445 BOOST_CHECK(security::verifySignature(response, cert));
446 auto contentBlock = response.getContent();
447 contentBlock.parse();
448
449 BOOST_CHECK(readString(contentBlock.get(tlv_ecdh_pub)) != "");
450 BOOST_CHECK(readString(contentBlock.get(tlv_salt)) != "");
451 BOOST_CHECK(readString(contentBlock.get(tlv_request_id)) != "");
452
453 auto challengeBlockCount = 0;
454 for (auto const& element : contentBlock.elements()) {
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]455 if (element.type() == tlv_challenge) {
456 challengeBlockCount++;
457 }
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]458 }
459
460 BOOST_CHECK(challengeBlockCount != 0);
461
tylerliu0e176c32020-09-29 11:39:46 -0700[diff] [blame]462 client.onNewRenewRevokeResponse(response);
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]463 auto ca_encryption_key = ca.getCaStorage()->getRequest(readString(contentBlock.get(tlv_request_id))).m_encryptionKey;
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]464 BOOST_CHECK_EQUAL_COLLECTIONS(client.m_aesKey, client.m_aesKey + sizeof(client.m_aesKey),
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]465 ca_encryption_key.value(), ca_encryption_key.value() + ca_encryption_key.value_size());
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]466 });
467 face.receive(*interest);
468
469 advanceClocks(time::milliseconds(20), 60);
470 BOOST_CHECK_EQUAL(count, 1);
471}
472
473BOOST_AUTO_TEST_CASE(HandleRevokeWithBadCert)
474{
475 auto identity = addIdentity(Name("/ndn"));
476 auto key = identity.getDefaultKey();
477 auto cert = key.getDefaultCertificate();
478
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]479 util::DummyClientFace face(io, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]480 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]481 advanceClocks(time::milliseconds(20), 60);
482
483 //generate a certificate
484 auto clientIdentity = m_keyChain.createIdentity("/ndn/qwerty");
485 auto clientKey = clientIdentity.getDefaultKey();
486 security::v2::Certificate clientCert;
487 clientCert.setName(Name(clientKey.getName()).append("NDNCERT").append(std::to_string(1473283247810732701)));
488 clientCert.setContentType(tlv::ContentType_Key);
489 clientCert.setFreshnessPeriod(time::hours(24));
490 clientCert.setContent(clientKey.getPublicKey().data(), clientKey.getPublicKey().size());
491 SignatureInfo signatureInfo;
492 signatureInfo.setValidityPeriod(security::ValidityPeriod(time::system_clock::now(),
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]493 time::system_clock::now() + time::hours(10)));
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]494 m_keyChain.sign(clientCert, signingByKey(clientKey.getName()).setSignatureInfo(signatureInfo));
495
496 ClientModule client(m_keyChain);
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]497 CaConfigItem item;
498 item.m_caPrefix = Name("/ndn");
499 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]500 client.getClientConf().m_caItems.push_back(item);
501
502 auto interest = client.generateRevokeInterest(clientCert);
503
504 int count = 0;
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]505 face.onSendData.connect([&](const Data& response) {
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]506 count++;
507 });
508 face.receive(*interest);
509
510 advanceClocks(time::milliseconds(20), 60);
511 BOOST_CHECK_EQUAL(count, 0);
512}
513
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]514BOOST_AUTO_TEST_SUITE_END() // TestCaModule
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]515
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]516} // namespace tests
517} // namespace ndncert
518} // namespace ndn