Gitiles
Code Review Sign In
gerrit.named-data.net / ndncert / 48f2378f1f47ea0128d65fd05f8e3bd641831cec / . / tests / unit-tests / ca-module.t.cpp
blob: 9e0289a605461b645b6f1fc0455895f9a59389e7 [file] [log] [blame]
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Davide Pesavento914d05f2019-07-13 16:20:19 -0400[diff] [blame]2/*
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]3 * Copyright (c) 2017-2020, Regents of the University of California.
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]4 *
5 * This file is part of ndncert, a certificate management system based on NDN.
6 *
7 * ndncert is free software: you can redistribute it and/or modify it under the terms
8 * of the GNU General Public License as published by the Free Software Foundation, either
9 * version 3 of the License, or (at your option) any later version.
10 *
11 * ndncert is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License along with
16 * ndncert, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
17 *
18 * See AUTHORS.md for complete list of ndncert authors and contributors.
19 */
20
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]21#include "ca-module.hpp"
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]22#include "challenge-module.hpp"
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]23#include "challenge-module/challenge-email.hpp"
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]24#include "challenge-module/challenge-pin.hpp"
25#include "client-module.hpp"
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]26#include "protocol-detail/info.hpp"
Zhiyi Zhang5d80e1e2020-09-25 11:34:54 -0700[diff] [blame]27#include "test-common.hpp"
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]28
29namespace ndn {
30namespace ndncert {
31namespace tests {
32
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]33BOOST_FIXTURE_TEST_SUITE(TestCaModule, DatabaseFixture)
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]34
35BOOST_AUTO_TEST_CASE(Initialization)
36{
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]37 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang42d992d2019-07-07 16:46:50 -0700[diff] [blame]38 CaModule ca(face, m_keyChain, "tests/unit-tests/ca.conf.test", "ca-storage-memory");
Suyong Won44d0cce2020-05-10 04:07:43 -0700[diff] [blame]39 BOOST_CHECK_EQUAL(ca.getCaConf().m_caPrefix, "/ndn");
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]40
41 auto identity = addIdentity(Name("/ndn/site2"));
42 auto key = identity.getDefaultKey();
43 auto cert = key.getDefaultCertificate();
44 ca.getCaStorage()->addCertificate("111", cert);
45 BOOST_CHECK_EQUAL(ca.getCaStorage()->getCertificate("111").getIdentity(), Name("/ndn/site2"));
46
47 advanceClocks(time::milliseconds(20), 60);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]48 BOOST_CHECK_EQUAL(ca.m_registeredPrefixHandles.size(), 2);
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]49 BOOST_CHECK_EQUAL(ca.m_interestFilterHandles.size(), 5); // onInfo, onProbe, onNew, onChallenge, onRevoke
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]50}
51
Zhiyi Zhangf6c5d272020-09-28 10:17:32 -0700[diff] [blame]52// BOOST_AUTO_TEST_CASE(HandleProbe)
53// {
54// auto identity = addIdentity(Name("/ndn"));
55// auto key = identity.getDefaultKey();
56// auto cert = key.getDefaultCertificate();
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]57
Zhiyi Zhangf6c5d272020-09-28 10:17:32 -0700[diff] [blame]58// util::DummyClientFace face(io, m_keyChain, {true, true});
59// CaModule ca(face, m_keyChain, "tests/unit-tests/ca.conf.test", "ca-storage-memory");
60// ca.setProbeHandler([&](const Block& probeInfo) {
61// return "example";
62// });
63// advanceClocks(time::milliseconds(20), 60);
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]64
Zhiyi Zhangf6c5d272020-09-28 10:17:32 -0700[diff] [blame]65// Interest interest("/ndn/CA/PROBE");
66// interest.setCanBePrefix(false);
Suyong Won44d0cce2020-05-10 04:07:43 -0700[diff] [blame]67
Zhiyi Zhangf6c5d272020-09-28 10:17:32 -0700[diff] [blame]68// Block paramTLV = makeEmptyBlock(tlv::ApplicationParameters);
69// paramTLV.push_back(makeStringBlock(tlv_parameter_key, JSON_CLIENT_PROBE_INFO));
70// paramTLV.push_back(makeStringBlock(tlv_parameter_value, "zhiyi"));
71// paramTLV.encode();
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]72
Zhiyi Zhangf6c5d272020-09-28 10:17:32 -0700[diff] [blame]73// interest.setApplicationParameters(paramTLV);
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]74
Zhiyi Zhangf6c5d272020-09-28 10:17:32 -0700[diff] [blame]75// int count = 0;
76// face.onSendData.connect([&](const Data& response) {
77// count++;
78// BOOST_CHECK(security::verifySignature(response, cert));
79// Block contentBlock = response.getContent();
80// contentBlock.parse();
81// Block probeResponse = contentBlock.get(tlv_probe_response);
82// probeResponse.parse();
83// Name caName;
84// caName.wireDecode(probeResponse.get(tlv::Name));
85// BOOST_CHECK_EQUAL(caName, "/ndn/example");
86// });
87// face.receive(interest);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]88
Zhiyi Zhangf6c5d272020-09-28 10:17:32 -0700[diff] [blame]89// advanceClocks(time::milliseconds(20), 60);
90// BOOST_CHECK_EQUAL(count, 1);
91// }
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]92
swa77020643ac2020-03-26 02:24:45 -0700[diff] [blame]93BOOST_AUTO_TEST_CASE(HandleInfo)
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]94{
95 auto identity = addIdentity(Name("/ndn"));
96 auto key = identity.getDefaultKey();
97 auto cert = key.getDefaultCertificate();
98
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]99 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang42d992d2019-07-07 16:46:50 -0700[diff] [blame]100 CaModule ca(face, m_keyChain, "tests/unit-tests/ca.conf.test", "ca-storage-memory");
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]101 advanceClocks(time::milliseconds(20), 60);
102
swa77020643ac2020-03-26 02:24:45 -0700[diff] [blame]103 Interest interest("/ndn/CA/INFO");
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]104 interest.setCanBePrefix(false);
105
106 int count = 0;
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]107 face.onSendData.connect([&](const Data& response) {
108 count++;
109 BOOST_CHECK(security::verifySignature(response, cert));
110 auto contentBlock = response.getContent();
111 contentBlock.parse();
112 auto caItem = INFO::decodeClientConfigFromContent(contentBlock);
113 BOOST_CHECK_EQUAL(caItem.m_caPrefix, "/ndn");
114 BOOST_CHECK_EQUAL(caItem.m_probe, "");
115 BOOST_CHECK_EQUAL(caItem.m_anchor.wireEncode(), cert.wireEncode());
116 BOOST_CHECK_EQUAL(caItem.m_caInfo, "ndn testbed ca");
117 });
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]118 face.receive(interest);
119
120 advanceClocks(time::milliseconds(20), 60);
121 BOOST_CHECK_EQUAL(count, 1);
122}
123
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]124BOOST_AUTO_TEST_CASE(HandleProbeUsingDefaultHandler)
125{
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]126 auto identity = addIdentity(Name("/ndn"));
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]127 auto key = identity.getDefaultKey();
128 auto cert = key.getDefaultCertificate();
129
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]130 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang42d992d2019-07-07 16:46:50 -0700[diff] [blame]131 CaModule ca(face, m_keyChain, "tests/unit-tests/ca.conf.test", "ca-storage-memory");
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]132 advanceClocks(time::milliseconds(20), 60);
133
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]134 Interest interest("/ndn/CA/PROBE");
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]135 interest.setCanBePrefix(false);
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]136
137 Block paramTLV = makeEmptyBlock(tlv::ApplicationParameters);
138 paramTLV.push_back(makeStringBlock(tlv_parameter_key, JSON_CLIENT_PROBE_INFO));
139 paramTLV.push_back(makeStringBlock(tlv_parameter_value, "zhiyi"));
140 paramTLV.encode();
141
142 interest.setApplicationParameters(paramTLV);
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]143
144 int count = 0;
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]145 face.onSendData.connect([&](const Data& response) {
146 count++;
147 BOOST_CHECK(security::verifySignature(response, cert));
148 auto contentBlock = response.getContent();
149 contentBlock.parse();
150 auto probeResponseBlock = contentBlock.get(tlv_probe_response);
151 probeResponseBlock.parse();
152 Name caPrefix;
153 caPrefix.wireDecode(probeResponseBlock.get(tlv::Name));
154 BOOST_CHECK(caPrefix != "");
155 });
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]156 face.receive(interest);
157
158 advanceClocks(time::milliseconds(20), 60);
159 BOOST_CHECK_EQUAL(count, 1);
160}
161
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]162BOOST_AUTO_TEST_CASE(HandleNew)
163{
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]164 auto identity = addIdentity(Name("/ndn"));
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]165 auto key = identity.getDefaultKey();
166 auto cert = key.getDefaultCertificate();
167
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]168 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang42d992d2019-07-07 16:46:50 -0700[diff] [blame]169 CaModule ca(face, m_keyChain, "tests/unit-tests/ca.conf.test", "ca-storage-memory");
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]170 advanceClocks(time::milliseconds(20), 60);
171
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]172 ClientModule client(m_keyChain);
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]173 ClientCaItem item;
Suyong Won256c9062020-05-11 02:45:56 -0700[diff] [blame]174 item.m_caPrefix = Name("/ndn");
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]175 item.m_anchor = cert;
176 client.getClientConf().m_caItems.push_back(item);
Zhiyi Zhang5f749a22019-06-12 17:02:33 -0700[diff] [blame]177
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]178 auto interest = client.generateNewInterest(time::system_clock::now(),
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]179 time::system_clock::now() + time::days(1),
Zhiyi Zhang5f749a22019-06-12 17:02:33 -0700[diff] [blame]180 Name("/ndn/zhiyi"));
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]181
182 int count = 0;
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]183 face.onSendData.connect([&](const Data& response) {
184 count++;
185 BOOST_CHECK(security::verifySignature(response, cert));
186 auto contentBlock = response.getContent();
187 contentBlock.parse();
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]188
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]189 BOOST_CHECK(readString(contentBlock.get(tlv_ecdh_pub)) != "");
190 BOOST_CHECK(readString(contentBlock.get(tlv_salt)) != "");
191 BOOST_CHECK(readString(contentBlock.get(tlv_request_id)) != "");
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]192
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]193 auto challengeBlockCount = 0;
194 for (auto const& element : contentBlock.elements()) {
195 if (element.type() == tlv_challenge) {
196 challengeBlockCount++;
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]197 }
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]198 }
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]199
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]200 BOOST_CHECK(challengeBlockCount != 0);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]201
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]202 client.onNewResponse(response);
203 BOOST_CHECK_EQUAL_COLLECTIONS(client.m_aesKey, client.m_aesKey + sizeof(client.m_aesKey),
204 ca.m_aesKey, ca.m_aesKey + sizeof(ca.m_aesKey));
205 });
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]206 face.receive(*interest);
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]207
208 advanceClocks(time::milliseconds(20), 60);
209 BOOST_CHECK_EQUAL(count, 1);
210}
211
Zhiyi Zhang1a735bc2019-07-04 21:36:49 -0700[diff] [blame]212BOOST_AUTO_TEST_CASE(HandleNewWithInvalidValidityPeriod1)
213{
214 auto identity = addIdentity(Name("/ndn"));
215 auto key = identity.getDefaultKey();
216 auto cert = key.getDefaultCertificate();
217
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]218 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang1a735bc2019-07-04 21:36:49 -0700[diff] [blame]219 CaModule ca(face, m_keyChain, "tests/unit-tests/ca.conf.test");
220 advanceClocks(time::milliseconds(20), 60);
221
222 ClientModule client(m_keyChain);
223 ClientCaItem item;
Suyong Won256c9062020-05-11 02:45:56 -0700[diff] [blame]224 item.m_caPrefix = Name("/ndn");
Zhiyi Zhang1a735bc2019-07-04 21:36:49 -0700[diff] [blame]225 item.m_anchor = cert;
226 client.getClientConf().m_caItems.push_back(item);
227 auto current_tp = time::system_clock::now();
228 auto interest1 = client.generateNewInterest(current_tp, current_tp - time::hours(1),
229 Name("/ndn/zhiyi"));
230 auto interest2 = client.generateNewInterest(current_tp, current_tp + time::days(361),
231 Name("/ndn/zhiyi"));
232 auto interest3 = client.generateNewInterest(current_tp - time::hours(1),
233 current_tp + time::hours(2),
234 Name("/ndn/zhiyi"));
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]235 face.onSendData.connect([&](const Data& response) {
236 BOOST_CHECK(false);
237 });
Zhiyi Zhang1a735bc2019-07-04 21:36:49 -0700[diff] [blame]238 face.receive(*interest1);
239 face.receive(*interest2);
240 face.receive(*interest3);
241
242 advanceClocks(time::milliseconds(20), 60);
243}
244
Zhiyi Zhang5f749a22019-06-12 17:02:33 -0700[diff] [blame]245BOOST_AUTO_TEST_CASE(HandleNewWithProbeToken)
246{
247 auto identity = addIdentity(Name("/ndn"));
248 auto key = identity.getDefaultKey();
249 auto cert = key.getDefaultCertificate();
250
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]251 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang42d992d2019-07-07 16:46:50 -0700[diff] [blame]252 CaModule ca(face, m_keyChain, "tests/unit-tests/ca.conf.test", "ca-storage-memory");
Zhiyi Zhang5f749a22019-06-12 17:02:33 -0700[diff] [blame]253 advanceClocks(time::milliseconds(20), 60);
254
255 ClientModule client(m_keyChain);
256 ClientCaItem item;
Suyong Won256c9062020-05-11 02:45:56 -0700[diff] [blame]257 item.m_caPrefix = Name("/ndn");
Zhiyi Zhang5f749a22019-06-12 17:02:33 -0700[diff] [blame]258 item.m_anchor = cert;
259 client.getClientConf().m_caItems.push_back(item);
260
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]261 auto data = make_shared<Data>(Name("/ndn/CA/PROBE/123"));
Suyong Won256c9062020-05-11 02:45:56 -0700[diff] [blame]262 m_keyChain.sign(*data, signingByIdentity(ca.m_config.m_caPrefix));
Zhiyi Zhang5f749a22019-06-12 17:02:33 -0700[diff] [blame]263
264 auto interest = client.generateNewInterest(time::system_clock::now(),
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]265 time::system_clock::now() + time::days(1),
Zhiyi Zhang5f749a22019-06-12 17:02:33 -0700[diff] [blame]266 Name("/ndn/zhiyi"), data);
267
268 int count = 0;
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]269 face.onSendData.connect([&](const Data& response) {
270 count++;
271 BOOST_CHECK(security::verifySignature(response, cert));
272 });
Zhiyi Zhang5f749a22019-06-12 17:02:33 -0700[diff] [blame]273 face.receive(*interest);
274
275 advanceClocks(time::milliseconds(20), 60);
276 BOOST_CHECK_EQUAL(count, 1);
277}
278
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]279BOOST_AUTO_TEST_CASE(HandleChallenge)
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]280{
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]281 auto identity = addIdentity(Name("/ndn"));
282 auto key = identity.getDefaultKey();
283 auto cert = key.getDefaultCertificate();
284
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]285 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang42d992d2019-07-07 16:46:50 -0700[diff] [blame]286 CaModule ca(face, m_keyChain, "tests/unit-tests/ca.conf.test", "ca-storage-memory");
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]287 advanceClocks(time::milliseconds(20), 60);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]288
289 // generate NEW Interest
290 ClientModule client(m_keyChain);
291 ClientCaItem item;
Suyong Won256c9062020-05-11 02:45:56 -0700[diff] [blame]292 item.m_caPrefix = Name("/ndn");
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]293 item.m_anchor = cert;
294 client.getClientConf().m_caItems.push_back(item);
295 auto newInterest = client.generateNewInterest(time::system_clock::now(),
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]296 time::system_clock::now() + time::days(1), Name("/ndn/zhiyi"));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]297
298 // generate CHALLENGE Interest
299 ChallengePin pinChallenge;
300 shared_ptr<Interest> challengeInterest = nullptr;
301 shared_ptr<Interest> challengeInterest2 = nullptr;
302 shared_ptr<Interest> challengeInterest3 = nullptr;
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]303
304 int count = 0;
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]305 face.onSendData.connect([&](const Data& response) {
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]306 if (Name("/ndn/CA/NEW").isPrefixOf(response.getName())) {
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]307 client.onNewResponse(response);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]308 auto paramJson = pinChallenge.getRequirementForChallenge(client.m_status, client.m_challengeStatus);
Suyong Won44d0cce2020-05-10 04:07:43 -0700[diff] [blame]309 challengeInterest = client.generateChallengeInterest(pinChallenge.genChallengeRequestTLV(client.m_status,
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]310 client.m_challengeStatus,
311 paramJson));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]312 }
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]313 else if (Name("/ndn/CA/CHALLENGE").isPrefixOf(response.getName()) && count == 0) {
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]314 count++;
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]315 BOOST_CHECK(security::verifySignature(response, cert));
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]316
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]317 client.onChallengeResponse(response);
Zhiyi Zhang48f23782020-09-28 12:11:24 -0700[diff] [blame^]318 BOOST_CHECK(client.m_status == Status::CHALLENGE);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]319 BOOST_CHECK_EQUAL(client.m_challengeStatus, ChallengePin::NEED_CODE);
Davide Pesavento914d05f2019-07-13 16:20:19 -0400[diff] [blame]320
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]321 auto paramJson = pinChallenge.getRequirementForChallenge(client.m_status, client.m_challengeStatus);
Suyong Won44d0cce2020-05-10 04:07:43 -0700[diff] [blame]322 challengeInterest2 = client.generateChallengeInterest(pinChallenge.genChallengeRequestTLV(client.m_status,
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]323 client.m_challengeStatus,
324 paramJson));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]325 }
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]326 else if (Name("/ndn/CA/CHALLENGE").isPrefixOf(response.getName()) && count == 1) {
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]327 count++;
328 BOOST_CHECK(security::verifySignature(response, cert));
329
330 client.onChallengeResponse(response);
Zhiyi Zhang48f23782020-09-28 12:11:24 -0700[diff] [blame^]331 BOOST_CHECK(client.m_status == Status::CHALLENGE);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]332 BOOST_CHECK_EQUAL(client.m_challengeStatus, ChallengePin::WRONG_CODE);
Davide Pesavento914d05f2019-07-13 16:20:19 -0400[diff] [blame]333
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]334 auto paramJson = pinChallenge.getRequirementForChallenge(client.m_status, client.m_challengeStatus);
335 auto request = ca.getCertificateRequest(*challengeInterest2);
336 auto secret = request.m_challengeSecrets.get(ChallengePin::JSON_PIN_CODE, "");
Davide Pesavento914d05f2019-07-13 16:20:19 -0400[diff] [blame]337 for (auto& i : paramJson) {
338 if (i.first == ChallengePin::JSON_PIN_CODE)
339 i.second.put("", secret);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]340 }
Suyong Won44d0cce2020-05-10 04:07:43 -0700[diff] [blame]341 challengeInterest3 = client.generateChallengeInterest(pinChallenge.genChallengeRequestTLV(client.m_status,
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]342 client.m_challengeStatus,
343 paramJson));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]344 }
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]345 else if (Name("/ndn/CA/CHALLENGE").isPrefixOf(response.getName()) && count == 2) {
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]346 count++;
347 BOOST_CHECK(security::verifySignature(response, cert));
348
349 client.onChallengeResponse(response);
Zhiyi Zhang48f23782020-09-28 12:11:24 -0700[diff] [blame^]350 BOOST_CHECK(client.m_status == Status::SUCCESS);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]351 BOOST_CHECK_EQUAL(client.m_challengeStatus, CHALLENGE_STATUS_SUCCESS);
352 }
Davide Pesavento914d05f2019-07-13 16:20:19 -0400[diff] [blame]353 });
354
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]355 face.receive(*newInterest);
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]356 advanceClocks(time::milliseconds(20), 60);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]357 face.receive(*challengeInterest);
358 advanceClocks(time::milliseconds(20), 60);
359 face.receive(*challengeInterest2);
360 advanceClocks(time::milliseconds(20), 60);
361 face.receive(*challengeInterest3);
362 advanceClocks(time::milliseconds(20), 60);
363 BOOST_CHECK_EQUAL(count, 3);
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]364}
365
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]366BOOST_AUTO_TEST_CASE(HandleRevoke)
367{
368 auto identity = addIdentity(Name("/ndn"));
369 auto key = identity.getDefaultKey();
370 auto cert = key.getDefaultCertificate();
371
372 util::DummyClientFace face(io, { true, true });
373 CaModule ca(face, m_keyChain, "tests/unit-tests/ca.conf.test", "ca-storage-memory");
374 advanceClocks(time::milliseconds(20), 60);
375
376 //generate a certificate
377 auto clientIdentity = m_keyChain.createIdentity("/ndn/qwerty");
378 auto clientKey = clientIdentity.getDefaultKey();
379 security::v2::Certificate clientCert;
380 clientCert.setName(Name(clientKey.getName()).append("cert-request").appendVersion());
381 clientCert.setContentType(tlv::ContentType_Key);
382 clientCert.setFreshnessPeriod(time::hours(24));
383 clientCert.setContent(clientKey.getPublicKey().data(), clientKey.getPublicKey().size());
384 SignatureInfo signatureInfo;
385 signatureInfo.setValidityPeriod(security::ValidityPeriod(time::system_clock::now(),
386 time::system_clock::now() + time::hours(10)));
387 m_keyChain.sign(clientCert, signingByKey(clientKey.getName()).setSignatureInfo(signatureInfo));
Zhiyi Zhang48f23782020-09-28 12:11:24 -0700[diff] [blame^]388 CertificateRequest certRequest(Name("/ndn"), "122", REQUEST_TYPE_NEW, Status::SUCCESS, clientCert);
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]389 auto issuedCert = ca.issueCertificate(certRequest);
390
391 ClientModule client(m_keyChain);
392 ClientCaItem item;
393 item.m_caName = Name("/ndn");
394 item.m_anchor = cert;
395 client.getClientConf().m_caItems.push_back(item);
396
397 auto interest = client.generateRevokeInterest(issuedCert);
398
399 int count = 0;
400 face.onSendData.connect([&] (const Data& response) {
401 count++;
402 BOOST_CHECK(security::verifySignature(response, cert));
403 auto contentBlock = response.getContent();
404 contentBlock.parse();
405
406 BOOST_CHECK(readString(contentBlock.get(tlv_ecdh_pub)) != "");
407 BOOST_CHECK(readString(contentBlock.get(tlv_salt)) != "");
408 BOOST_CHECK(readString(contentBlock.get(tlv_request_id)) != "");
409
410 auto challengeBlockCount = 0;
411 for (auto const& element : contentBlock.elements()) {
412 if (element.type() == tlv_challenge) {
413 challengeBlockCount++;
414 }
415 }
416
417 BOOST_CHECK(challengeBlockCount != 0);
418
419 client.onRevokeResponse(response);
420 BOOST_CHECK_EQUAL_COLLECTIONS(client.m_aesKey, client.m_aesKey + sizeof(client.m_aesKey),
421 ca.m_aesKey, ca.m_aesKey + sizeof(ca.m_aesKey));
422 });
423 face.receive(*interest);
424
425 advanceClocks(time::milliseconds(20), 60);
426 BOOST_CHECK_EQUAL(count, 1);
427}
428
429BOOST_AUTO_TEST_CASE(HandleRevokeWithBadCert)
430{
431 auto identity = addIdentity(Name("/ndn"));
432 auto key = identity.getDefaultKey();
433 auto cert = key.getDefaultCertificate();
434
435 util::DummyClientFace face(io, { true, true });
436 CaModule ca(face, m_keyChain, "tests/unit-tests/ca.conf.test", "ca-storage-memory");
437 advanceClocks(time::milliseconds(20), 60);
438
439 //generate a certificate
440 auto clientIdentity = m_keyChain.createIdentity("/ndn/qwerty");
441 auto clientKey = clientIdentity.getDefaultKey();
442 security::v2::Certificate clientCert;
443 clientCert.setName(Name(clientKey.getName()).append("NDNCERT").append(std::to_string(1473283247810732701)));
444 clientCert.setContentType(tlv::ContentType_Key);
445 clientCert.setFreshnessPeriod(time::hours(24));
446 clientCert.setContent(clientKey.getPublicKey().data(), clientKey.getPublicKey().size());
447 SignatureInfo signatureInfo;
448 signatureInfo.setValidityPeriod(security::ValidityPeriod(time::system_clock::now(),
449 time::system_clock::now() + time::hours(10)));
450 m_keyChain.sign(clientCert, signingByKey(clientKey.getName()).setSignatureInfo(signatureInfo));
451
452 ClientModule client(m_keyChain);
453 ClientCaItem item;
454 item.m_caName = Name("/ndn");
455 item.m_anchor = cert;
456 client.getClientConf().m_caItems.push_back(item);
457
458 auto interest = client.generateRevokeInterest(clientCert);
459
460 int count = 0;
461 face.onSendData.connect([&] (const Data& response) {
462 count++;
463 });
464 face.receive(*interest);
465
466 advanceClocks(time::milliseconds(20), 60);
467 BOOST_CHECK_EQUAL(count, 0);
468}
469
470
471BOOST_AUTO_TEST_SUITE_END() // TestCaModule
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]472
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]473} // namespace tests
474} // namespace ndncert
475} // namespace ndn