Gitiles
Code Review Sign In
gerrit.named-data.net / ndncert / 74c6114cb7fecf97ad539583066e683228d03158 / . / tests / unit-tests / ca-module.t.cpp
blob: 9484196a8f23a176b3958ef5550d9e874dab65f2 [file] [log] [blame]
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Davide Pesavento914d05f2019-07-13 16:20:19 -0400[diff] [blame]2/*
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]3 * Copyright (c) 2017-2020, Regents of the University of California.
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]4 *
5 * This file is part of ndncert, a certificate management system based on NDN.
6 *
7 * ndncert is free software: you can redistribute it and/or modify it under the terms
8 * of the GNU General Public License as published by the Free Software Foundation, either
9 * version 3 of the License, or (at your option) any later version.
10 *
11 * ndncert is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License along with
16 * ndncert, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
17 *
18 * See AUTHORS.md for complete list of ndncert authors and contributors.
19 */
20
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]21#include "ca-module.hpp"
Zhiyi Zhangdbd9d432020-10-07 15:56:27 -0700[diff] [blame]22#include "identity-challenge/challenge-module.hpp"
23#include "identity-challenge/challenge-email.hpp"
24#include "identity-challenge/challenge-pin.hpp"
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]25#include "protocol-detail/info.hpp"
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]26#include "requester.hpp"
Zhiyi Zhang5d80e1e2020-09-25 11:34:54 -0700[diff] [blame]27#include "test-common.hpp"
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]28
29namespace ndn {
30namespace ndncert {
31namespace tests {
32
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]33BOOST_FIXTURE_TEST_SUITE(TestCaModule, DatabaseFixture)
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]34
35BOOST_AUTO_TEST_CASE(Initialization)
36{
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]37 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]38 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
39 BOOST_CHECK_EQUAL(ca.getCaConf().m_caItem.m_caPrefix, "/ndn");
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]40
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]41 advanceClocks(time::milliseconds(20), 60);
Zhiyi Zhangfbcab842020-10-07 15:17:13 -0700[diff] [blame]42 BOOST_CHECK_EQUAL(ca.m_registeredPrefixHandles.size(), 1); // removed local discovery registration
43 BOOST_CHECK_EQUAL(ca.m_interestFilterHandles.size(), 4); // onProbe, onNew, onChallenge, onRevoke
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]44}
45
Zhiyi Zhangfbcab842020-10-07 15:17:13 -0700[diff] [blame]46BOOST_AUTO_TEST_CASE(HandleProfileFetching)
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]47{
48 auto identity = addIdentity(Name("/ndn"));
49 auto key = identity.getDefaultKey();
50 auto cert = key.getDefaultCertificate();
51
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]52 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]53 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
Zhiyi Zhangf61404d2020-10-07 15:41:07 -0700[diff] [blame]54 auto metaData = ca.generateCaProfileMetaData();
55 auto profileData = ca.generateCaProfileData();
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]56 advanceClocks(time::milliseconds(20), 60);
57
Zhiyi Zhangfbcab842020-10-07 15:17:13 -0700[diff] [blame]58 Interest interest = MetadataObject::makeDiscoveryInterest(Name("/ndn/CA/INFO"));
59 shared_ptr<Interest> infoInterest = nullptr;
60
61 face.setInterestFilter(InterestFilter("/ndn/CA/INFO"),
62 [&](const auto&, const Interest& interest) {
63 if (interest.matchesData(*metaData)) {
64 face.put(*metaData);
65 }
66 else {
67 BOOST_CHECK(interest.matchesData(*profileData));
68 face.put(*profileData);
69 }
70 }, nullptr, nullptr);
71 advanceClocks(time::milliseconds(20), 60);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]72
73 int count = 0;
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]74 face.onSendData.connect([&](const Data& response) {
Zhiyi Zhangfbcab842020-10-07 15:17:13 -0700[diff] [blame]75 if (count == 0) {
76 count++;
77 auto block = response.getContent();
78 block.parse();
79 Interest interest(Name(block.get(tlv::Name)));
80 interest.setCanBePrefix(true);
81 infoInterest = make_shared<Interest>(interest);
82 }
83 else {
84 count++;
85 BOOST_CHECK(security::verifySignature(response, cert));
86 auto contentBlock = response.getContent();
87 contentBlock.parse();
88 auto caItem = INFO::decodeDataContent(contentBlock);
89 BOOST_CHECK_EQUAL(caItem.m_caPrefix, "/ndn");
90 BOOST_CHECK_EQUAL(caItem.m_probeParameterKeys.size(), 1);
91 BOOST_CHECK_EQUAL(caItem.m_probeParameterKeys.front(), "full name");
92 BOOST_CHECK_EQUAL(caItem.m_cert->wireEncode(), cert.wireEncode());
93 BOOST_CHECK_EQUAL(caItem.m_caInfo, "ndn testbed ca");
94 }
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]95 });
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]96 face.receive(interest);
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]97 advanceClocks(time::milliseconds(20), 60);
Zhiyi Zhangfbcab842020-10-07 15:17:13 -0700[diff] [blame]98 face.receive(*infoInterest);
99 advanceClocks(time::milliseconds(20), 60);
100 BOOST_CHECK_EQUAL(count, 2);
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]101}
102
Zhiyi Zhang6f395812020-09-29 14:42:03 -0700[diff] [blame]103BOOST_AUTO_TEST_CASE(HandleProbe)
104{
105 auto identity = addIdentity(Name("/ndn"));
106 auto key = identity.getDefaultKey();
107 auto cert = key.getDefaultCertificate();
108
109 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]110 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
Zhiyi Zhang6f395812020-09-29 14:42:03 -0700[diff] [blame]111 advanceClocks(time::milliseconds(20), 60);
112
113 Interest interest("/ndn/CA/PROBE");
114 interest.setCanBePrefix(false);
115
116 Block paramTLV = makeEmptyBlock(tlv::ApplicationParameters);
117 paramTLV.push_back(makeStringBlock(tlv_parameter_key, "name"));
118 paramTLV.push_back(makeStringBlock(tlv_parameter_value, "zhiyi"));
119 paramTLV.encode();
120
121 interest.setApplicationParameters(paramTLV);
122
123 int count = 0;
124 face.onSendData.connect([&](const Data& response) {
125 count++;
126 BOOST_CHECK(security::verifySignature(response, cert));
127 Block contentBlock = response.getContent();
128 contentBlock.parse();
129 Block probeResponse = contentBlock.get(tlv_probe_response);
130 probeResponse.parse();
131 Name caName;
132 caName.wireDecode(probeResponse.get(tlv::Name));
Zhiyi Zhang8683ec92020-10-07 18:18:35 -0700[diff] [blame]133 BOOST_CHECK_EQUAL(caName.size(), 2);
Zhiyi Zhang6f395812020-09-29 14:42:03 -0700[diff] [blame]134 });
135 face.receive(interest);
136
137 advanceClocks(time::milliseconds(20), 60);
138 BOOST_CHECK_EQUAL(count, 1);
139}
140
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]141BOOST_AUTO_TEST_CASE(HandleProbeUsingDefaultHandler)
142{
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]143 auto identity = addIdentity(Name("/ndn"));
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]144 auto key = identity.getDefaultKey();
145 auto cert = key.getDefaultCertificate();
146
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]147 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]148 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]149 advanceClocks(time::milliseconds(20), 60);
150
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]151 Interest interest("/ndn/CA/PROBE");
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]152 interest.setCanBePrefix(false);
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]153
154 Block paramTLV = makeEmptyBlock(tlv::ApplicationParameters);
Zhiyi Zhang6f395812020-09-29 14:42:03 -0700[diff] [blame]155 paramTLV.push_back(makeStringBlock(tlv_parameter_key, "name"));
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]156 paramTLV.push_back(makeStringBlock(tlv_parameter_value, "zhiyi"));
157 paramTLV.encode();
158
159 interest.setApplicationParameters(paramTLV);
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]160
161 int count = 0;
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]162 face.onSendData.connect([&](const Data& response) {
163 count++;
164 BOOST_CHECK(security::verifySignature(response, cert));
165 auto contentBlock = response.getContent();
166 contentBlock.parse();
167 auto probeResponseBlock = contentBlock.get(tlv_probe_response);
168 probeResponseBlock.parse();
169 Name caPrefix;
170 caPrefix.wireDecode(probeResponseBlock.get(tlv::Name));
171 BOOST_CHECK(caPrefix != "");
172 });
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]173 face.receive(interest);
174
175 advanceClocks(time::milliseconds(20), 60);
176 BOOST_CHECK_EQUAL(count, 1);
177}
178
Suyong Wone2afeb52020-10-04 03:05:39 +0900[diff] [blame]179BOOST_AUTO_TEST_CASE(HandleProbeRedirection)
180{
181 auto identity = addIdentity(Name("/ndn"));
182 auto key = identity.getDefaultKey();
183 auto cert = key.getDefaultCertificate();
184
185 util::DummyClientFace face(io, m_keyChain, {true, true});
186 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-5", "ca-storage-memory");
Suyong Wone2afeb52020-10-04 03:05:39 +0900[diff] [blame]187 advanceClocks(time::milliseconds(20), 60);
188
189 Interest interest("/ndn/CA/PROBE");
190 interest.setCanBePrefix(false);
191
192 Block paramTLV = makeEmptyBlock(tlv::ApplicationParameters);
193 paramTLV.push_back(makeStringBlock(tlv_parameter_key, "name"));
194 paramTLV.push_back(makeStringBlock(tlv_parameter_value, "zhiyi"));
195 paramTLV.encode();
196
197 interest.setApplicationParameters(paramTLV);
198
199 int count = 0;
200 face.onSendData.connect([&](const Data& response) {
201 count++;
202 BOOST_CHECK(security::verifySignature(response, cert));
203 Block contentBlock = response.getContent();
204 contentBlock.parse();
205
206 // Test CA sent redirections
Zhiyi Zhang34a8d432020-10-03 22:14:25 -0700[diff] [blame]207 std::vector<Name> redirectionItems;
208 for (auto item : contentBlock.elements()) {
209 if (item.type() == tlv_probe_redirect) {
210 redirectionItems.push_back(Name(item.blockFromValue()));
211 }
Suyong Wone2afeb52020-10-04 03:05:39 +0900[diff] [blame]212 }
Zhiyi Zhang34a8d432020-10-03 22:14:25 -0700[diff] [blame]213 BOOST_CHECK_EQUAL(redirectionItems.size(), 2);
214 BOOST_CHECK_EQUAL(security::v2::extractIdentityFromCertName(redirectionItems[0].getPrefix(-1)), "/ndn/site1");
215 BOOST_CHECK_EQUAL(security::v2::extractIdentityFromCertName(redirectionItems[1].getPrefix(-1)), "/ndn/site1");
Suyong Wone2afeb52020-10-04 03:05:39 +0900[diff] [blame]216 });
217 face.receive(interest);
218 advanceClocks(time::milliseconds(20), 60);
219 BOOST_CHECK_EQUAL(count, 1);
220}
221
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]222BOOST_AUTO_TEST_CASE(HandleNew)
223{
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]224 auto identity = addIdentity(Name("/ndn"));
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]225 auto key = identity.getDefaultKey();
226 auto cert = key.getDefaultCertificate();
227
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]228 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]229 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]230 advanceClocks(time::milliseconds(20), 60);
231
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]232 CaProfile item;
Suyong Won256c9062020-05-11 02:45:56 -0700[diff] [blame]233 item.m_caPrefix = Name("/ndn");
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]234 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]235 RequesterState state(m_keyChain, item, RequestType::NEW);
236 auto interest = Requester::genNewInterest(state, Name("/ndn/zhiyi"),
237 time::system_clock::now(),
238 time::system_clock::now() + time::days(1));
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]239
240 int count = 0;
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]241 face.onSendData.connect([&](const Data& response) {
242 count++;
243 BOOST_CHECK(security::verifySignature(response, cert));
244 auto contentBlock = response.getContent();
245 contentBlock.parse();
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]246
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]247 BOOST_CHECK(readString(contentBlock.get(tlv_ecdh_pub)) != "");
248 BOOST_CHECK(readString(contentBlock.get(tlv_salt)) != "");
249 BOOST_CHECK(readString(contentBlock.get(tlv_request_id)) != "");
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]250
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]251 auto challengeBlockCount = 0;
252 for (auto const& element : contentBlock.elements()) {
253 if (element.type() == tlv_challenge) {
254 challengeBlockCount++;
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]255 }
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]256 }
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]257
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]258 BOOST_CHECK(challengeBlockCount != 0);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]259
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]260 auto challengeList = Requester::onNewRenewRevokeResponse(state, response);
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]261 auto ca_encryption_key = ca.getCaStorage()->getRequest(readString(contentBlock.get(tlv_request_id))).m_encryptionKey;
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]262 BOOST_CHECK_EQUAL_COLLECTIONS(state.m_aesKey, state.m_aesKey + sizeof(state.m_aesKey),
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]263 ca_encryption_key.value(), ca_encryption_key.value() + ca_encryption_key.value_size());
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]264 });
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]265 face.receive(*interest);
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]266
267 advanceClocks(time::milliseconds(20), 60);
268 BOOST_CHECK_EQUAL(count, 1);
269}
270
Zhiyi Zhang1a735bc2019-07-04 21:36:49 -0700[diff] [blame]271BOOST_AUTO_TEST_CASE(HandleNewWithInvalidValidityPeriod1)
272{
273 auto identity = addIdentity(Name("/ndn"));
274 auto key = identity.getDefaultKey();
275 auto cert = key.getDefaultCertificate();
276
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]277 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]278 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1");
Zhiyi Zhang1a735bc2019-07-04 21:36:49 -0700[diff] [blame]279 advanceClocks(time::milliseconds(20), 60);
280
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]281 CaProfile item;
Suyong Won256c9062020-05-11 02:45:56 -0700[diff] [blame]282 item.m_caPrefix = Name("/ndn");
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]283 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]284 RequesterState state(m_keyChain, item, RequestType::NEW);
Zhiyi Zhang1a735bc2019-07-04 21:36:49 -0700[diff] [blame]285 auto current_tp = time::system_clock::now();
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]286 auto interest1 = Requester::genNewInterest(state, Name("/ndn/zhiyi"), current_tp, current_tp - time::hours(1));
287 auto interest2 = Requester::genNewInterest(state, Name("/ndn/zhiyi"), current_tp, current_tp + time::days(361));
288 auto interest3 = Requester::genNewInterest(state, Name("/ndn/zhiyi"), current_tp - time::hours(1), current_tp + time::hours(2));
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]289 face.onSendData.connect([&](const Data& response) {
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]290 auto contentTlv = response.getContent();
291 contentTlv.parse();
292 auto errorCode = static_cast<ErrorCode>(readNonNegativeInteger(contentTlv.get(tlv_error_code)));
293 BOOST_CHECK(errorCode != ErrorCode::NO_ERROR);
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]294 });
Zhiyi Zhang1a735bc2019-07-04 21:36:49 -0700[diff] [blame]295 face.receive(*interest1);
296 face.receive(*interest2);
297 face.receive(*interest3);
298
299 advanceClocks(time::milliseconds(20), 60);
300}
301
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]302BOOST_AUTO_TEST_CASE(HandleNewWithLongSuffix)
303{
304 auto identity = addIdentity(Name("/ndn"));
305 auto key = identity.getDefaultKey();
306 auto cert = key.getDefaultCertificate();
307
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]308 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]309 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]310 advanceClocks(time::milliseconds(20), 60);
311
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]312 CaProfile item;
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]313 item.m_caPrefix = Name("/ndn");
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]314 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]315 RequesterState state(m_keyChain, item, RequestType::NEW);
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]316
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]317 auto interest1 = Requester::genNewInterest(state, Name("/ndn/a"), time::system_clock::now(),
318 time::system_clock::now() + time::days(1));
319 auto interest2 = Requester::genNewInterest(state, Name("/ndn/a/b"), time::system_clock::now(),
320 time::system_clock::now() + time::days(1));
321 auto interest3 = Requester::genNewInterest(state, Name("/ndn/a/b/c/d"), time::system_clock::now(),
322 time::system_clock::now() + time::days(1));
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]323
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]324 face.onSendData.connect([&](const Data& response) {
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]325 auto contentTlv = response.getContent();
326 contentTlv.parse();
327 if (interest3->getName().isPrefixOf(response.getName())) {
328 auto errorCode = static_cast<ErrorCode>(readNonNegativeInteger(contentTlv.get(tlv_error_code)));
329 BOOST_CHECK(errorCode != ErrorCode::NO_ERROR);
330 }
331 else {
332 // should successfully get responses
333 BOOST_CHECK_EXCEPTION(readNonNegativeInteger(contentTlv.get(tlv_error_code)), std::runtime_error,
334 [](const auto& e) { return true; });
335 }
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]336 });
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]337 face.receive(*interest1);
338 face.receive(*interest2);
339 face.receive(*interest3);
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]340 advanceClocks(time::milliseconds(20), 60);
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]341}
342
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]343BOOST_AUTO_TEST_CASE(HandleNewWithInvalidLength1)
344{
345 auto identity = addIdentity(Name("/ndn"));
346 auto key = identity.getDefaultKey();
347 auto cert = key.getDefaultCertificate();
348
349 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]350 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1");
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]351 advanceClocks(time::milliseconds(20), 60);
352
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]353 CaProfile item;
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]354 item.m_caPrefix = Name("/ndn");
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]355 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]356 RequesterState state(m_keyChain, item, RequestType::NEW);
357
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]358 auto current_tp = time::system_clock::now();
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]359 auto interest1 = Requester::genNewInterest(state, Name("/ndn"), current_tp, current_tp + time::days(1));
360 auto interest2 = Requester::genNewInterest(state, Name("/ndn/a/b/c/d"), current_tp, current_tp + time::days(1));
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]361 face.onSendData.connect([&](const Data& response) {
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]362 auto contentTlv = response.getContent();
363 contentTlv.parse();
364 auto errorCode = static_cast<ErrorCode>(readNonNegativeInteger(contentTlv.get(tlv_error_code)));
365 BOOST_CHECK(errorCode != ErrorCode::NO_ERROR);
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]366 });
367 face.receive(*interest1);
368 face.receive(*interest2);
369
370 advanceClocks(time::milliseconds(20), 60);
371}
372
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]373BOOST_AUTO_TEST_CASE(HandleChallenge)
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]374{
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]375 auto identity = addIdentity(Name("/ndn"));
376 auto key = identity.getDefaultKey();
377 auto cert = key.getDefaultCertificate();
378
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]379 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]380 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]381 advanceClocks(time::milliseconds(20), 60);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]382
383 // generate NEW Interest
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]384 CaProfile item;
Suyong Won256c9062020-05-11 02:45:56 -0700[diff] [blame]385 item.m_caPrefix = Name("/ndn");
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]386 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]387 RequesterState state(m_keyChain, item, RequestType::NEW);
388
389 auto newInterest = Requester::genNewInterest(state, Name("/ndn/zhiyi"), time::system_clock::now(),
390 time::system_clock::now() + time::days(1));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]391
392 // generate CHALLENGE Interest
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]393 shared_ptr<Interest> challengeInterest = nullptr;
394 shared_ptr<Interest> challengeInterest2 = nullptr;
395 shared_ptr<Interest> challengeInterest3 = nullptr;
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]396
397 int count = 0;
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]398 face.onSendData.connect([&](const Data& response) {
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]399 if (Name("/ndn/CA/NEW").isPrefixOf(response.getName())) {
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]400 auto challengeList = Requester::onNewRenewRevokeResponse(state, response);
401 auto paramList = Requester::selectOrContinueChallenge(state, "pin");
402 challengeInterest = Requester::genChallengeInterest(state, std::move(paramList));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]403 }
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]404 else if (Name("/ndn/CA/CHALLENGE").isPrefixOf(response.getName()) && count == 0) {
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]405 count++;
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]406 BOOST_CHECK(security::verifySignature(response, cert));
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]407
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]408 Requester::onChallengeResponse(state, response);
409 BOOST_CHECK(state.m_status == Status::CHALLENGE);
410 BOOST_CHECK_EQUAL(state.m_challengeStatus, ChallengePin::NEED_CODE);
411 auto paramList = Requester::selectOrContinueChallenge(state, "pin");
412 challengeInterest2 = Requester::genChallengeInterest(state, std::move(paramList));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]413 }
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]414 else if (Name("/ndn/CA/CHALLENGE").isPrefixOf(response.getName()) && count == 1) {
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]415 count++;
416 BOOST_CHECK(security::verifySignature(response, cert));
417
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]418 Requester::onChallengeResponse(state, response);
419 BOOST_CHECK(state.m_status == Status::CHALLENGE);
420 BOOST_CHECK_EQUAL(state.m_challengeStatus, ChallengePin::WRONG_CODE);
Davide Pesavento914d05f2019-07-13 16:20:19 -0400[diff] [blame]421
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]422 auto paramList = Requester::selectOrContinueChallenge(state, "pin");
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]423 auto request = ca.getCertificateRequest(*challengeInterest2);
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]424 auto secret = request.m_challengeState->m_secrets.get(ChallengePin::PARAMETER_KEY_CODE, "");
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]425 std::get<1>(paramList[0]) = secret;
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]426 challengeInterest3 = Requester::genChallengeInterest(state, std::move(paramList));
427 std::cout << "CHALLENGE Interest Size: " << challengeInterest3->wireEncode().size() << std::endl;
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]428 }
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]429 else if (Name("/ndn/CA/CHALLENGE").isPrefixOf(response.getName()) && count == 2) {
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]430 count++;
431 BOOST_CHECK(security::verifySignature(response, cert));
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]432 Requester::onChallengeResponse(state, response);
433 BOOST_CHECK(state.m_status == Status::SUCCESS);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]434 }
Davide Pesavento914d05f2019-07-13 16:20:19 -0400[diff] [blame]435 });
436
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]437 face.receive(*newInterest);
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]438 advanceClocks(time::milliseconds(20), 60);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]439 face.receive(*challengeInterest);
440 advanceClocks(time::milliseconds(20), 60);
441 face.receive(*challengeInterest2);
442 advanceClocks(time::milliseconds(20), 60);
443 face.receive(*challengeInterest3);
444 advanceClocks(time::milliseconds(20), 60);
445 BOOST_CHECK_EQUAL(count, 3);
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]446}
447
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]448BOOST_AUTO_TEST_CASE(HandleRevoke)
449{
450 auto identity = addIdentity(Name("/ndn"));
451 auto key = identity.getDefaultKey();
452 auto cert = key.getDefaultCertificate();
453
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]454 util::DummyClientFace face(io, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]455 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]456 advanceClocks(time::milliseconds(20), 60);
457
458 //generate a certificate
459 auto clientIdentity = m_keyChain.createIdentity("/ndn/qwerty");
460 auto clientKey = clientIdentity.getDefaultKey();
461 security::v2::Certificate clientCert;
462 clientCert.setName(Name(clientKey.getName()).append("cert-request").appendVersion());
463 clientCert.setContentType(tlv::ContentType_Key);
464 clientCert.setFreshnessPeriod(time::hours(24));
465 clientCert.setContent(clientKey.getPublicKey().data(), clientKey.getPublicKey().size());
466 SignatureInfo signatureInfo;
467 signatureInfo.setValidityPeriod(security::ValidityPeriod(time::system_clock::now(),
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]468 time::system_clock::now() + time::hours(10)));
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]469 m_keyChain.sign(clientCert, signingByKey(clientKey.getName()).setSignatureInfo(signatureInfo));
tylerliu8704d032020-06-23 10:18:15 -0700[diff] [blame]470 CaState certRequest(Name("/ndn"), "122", RequestType::NEW, Status::SUCCESS, clientCert, makeEmptyBlock(tlv::ContentType_Key));
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]471 auto issuedCert = ca.issueCertificate(certRequest);
472
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]473 CaProfile item;
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]474 item.m_caPrefix = Name("/ndn");
475 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]476 RequesterState state(m_keyChain, item, RequestType::REVOKE);
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]477
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]478 auto interest = Requester::genRevokeInterest(state, issuedCert);
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]479
480 int count = 0;
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]481 face.onSendData.connect([&](const Data& response) {
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]482 count++;
483 BOOST_CHECK(security::verifySignature(response, cert));
484 auto contentBlock = response.getContent();
485 contentBlock.parse();
486
487 BOOST_CHECK(readString(contentBlock.get(tlv_ecdh_pub)) != "");
488 BOOST_CHECK(readString(contentBlock.get(tlv_salt)) != "");
489 BOOST_CHECK(readString(contentBlock.get(tlv_request_id)) != "");
490
491 auto challengeBlockCount = 0;
492 for (auto const& element : contentBlock.elements()) {
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]493 if (element.type() == tlv_challenge) {
494 challengeBlockCount++;
495 }
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]496 }
497
498 BOOST_CHECK(challengeBlockCount != 0);
499
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]500 auto challengeList = Requester::onNewRenewRevokeResponse(state, response);
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]501 auto ca_encryption_key = ca.getCaStorage()->getRequest(readString(contentBlock.get(tlv_request_id))).m_encryptionKey;
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]502 BOOST_CHECK_EQUAL_COLLECTIONS(state.m_aesKey, state.m_aesKey + sizeof(state.m_aesKey),
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]503 ca_encryption_key.value(), ca_encryption_key.value() + ca_encryption_key.value_size());
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]504 });
505 face.receive(*interest);
506
507 advanceClocks(time::milliseconds(20), 60);
508 BOOST_CHECK_EQUAL(count, 1);
509}
510
511BOOST_AUTO_TEST_CASE(HandleRevokeWithBadCert)
512{
513 auto identity = addIdentity(Name("/ndn"));
514 auto key = identity.getDefaultKey();
515 auto cert = key.getDefaultCertificate();
516
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]517 util::DummyClientFace face(io, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]518 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]519 advanceClocks(time::milliseconds(20), 60);
520
Zhiyi Zhang3e8ca252020-09-30 17:18:38 -0700[diff] [blame]521 // generate a certificate
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]522 auto clientIdentity = m_keyChain.createIdentity("/ndn/qwerty");
523 auto clientKey = clientIdentity.getDefaultKey();
524 security::v2::Certificate clientCert;
525 clientCert.setName(Name(clientKey.getName()).append("NDNCERT").append(std::to_string(1473283247810732701)));
526 clientCert.setContentType(tlv::ContentType_Key);
527 clientCert.setFreshnessPeriod(time::hours(24));
528 clientCert.setContent(clientKey.getPublicKey().data(), clientKey.getPublicKey().size());
529 SignatureInfo signatureInfo;
530 signatureInfo.setValidityPeriod(security::ValidityPeriod(time::system_clock::now(),
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]531 time::system_clock::now() + time::hours(10)));
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]532 m_keyChain.sign(clientCert, signingByKey(clientKey.getName()).setSignatureInfo(signatureInfo));
533
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]534 CaProfile item;
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]535 item.m_caPrefix = Name("/ndn");
536 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]537 RequesterState state(m_keyChain, item, RequestType::NEW);
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]538
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]539 auto interest = Requester::genRevokeInterest(state, clientCert);
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]540
Zhiyi Zhang3e8ca252020-09-30 17:18:38 -0700[diff] [blame]541 bool receiveData = false;
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]542 face.onSendData.connect([&](const Data& response) {
Zhiyi Zhang3e8ca252020-09-30 17:18:38 -0700[diff] [blame]543 receiveData = true;
544 auto contentTlv = response.getContent();
545 contentTlv.parse();
546 BOOST_CHECK(static_cast<ErrorCode>(readNonNegativeInteger(contentTlv.get(tlv_error_code))) != ErrorCode::NO_ERROR);
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]547 });
548 face.receive(*interest);
549
550 advanceClocks(time::milliseconds(20), 60);
Zhiyi Zhang3e8ca252020-09-30 17:18:38 -0700[diff] [blame]551 BOOST_CHECK_EQUAL(receiveData, true);
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]552}
553
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]554BOOST_AUTO_TEST_SUITE_END() // TestCaModule
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]555
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]556} // namespace tests
557} // namespace ndncert
558} // namespace ndn