Gitiles
Code Review Sign In
gerrit.named-data.net / ndncert / 6f3958156ca2222d9627e57d23fb0a07e530c3cc / . / tests / unit-tests / ca-module.t.cpp
blob: 4f1f1bfc676fc45cfcfe58f497388c5f1844806b [file] [log] [blame]
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Davide Pesavento914d05f2019-07-13 16:20:19 -0400[diff] [blame]2/*
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]3 * Copyright (c) 2017-2020, Regents of the University of California.
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]4 *
5 * This file is part of ndncert, a certificate management system based on NDN.
6 *
7 * ndncert is free software: you can redistribute it and/or modify it under the terms
8 * of the GNU General Public License as published by the Free Software Foundation, either
9 * version 3 of the License, or (at your option) any later version.
10 *
11 * ndncert is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License along with
16 * ndncert, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
17 *
18 * See AUTHORS.md for complete list of ndncert authors and contributors.
19 */
20
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]21#include "ca-module.hpp"
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]22#include "challenge-module.hpp"
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]23#include "challenge-module/challenge-email.hpp"
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]24#include "challenge-module/challenge-pin.hpp"
25#include "client-module.hpp"
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]26#include "protocol-detail/info.hpp"
Zhiyi Zhang5d80e1e2020-09-25 11:34:54 -0700[diff] [blame]27#include "test-common.hpp"
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]28
29namespace ndn {
30namespace ndncert {
31namespace tests {
32
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]33BOOST_FIXTURE_TEST_SUITE(TestCaModule, DatabaseFixture)
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]34
35BOOST_AUTO_TEST_CASE(Initialization)
36{
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]37 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang42d992d2019-07-07 16:46:50 -0700[diff] [blame]38 CaModule ca(face, m_keyChain, "tests/unit-tests/ca.conf.test", "ca-storage-memory");
Suyong Won44d0cce2020-05-10 04:07:43 -0700[diff] [blame]39 BOOST_CHECK_EQUAL(ca.getCaConf().m_caPrefix, "/ndn");
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]40
41 auto identity = addIdentity(Name("/ndn/site2"));
42 auto key = identity.getDefaultKey();
43 auto cert = key.getDefaultCertificate();
44 ca.getCaStorage()->addCertificate("111", cert);
45 BOOST_CHECK_EQUAL(ca.getCaStorage()->getCertificate("111").getIdentity(), Name("/ndn/site2"));
46
47 advanceClocks(time::milliseconds(20), 60);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]48 BOOST_CHECK_EQUAL(ca.m_registeredPrefixHandles.size(), 2);
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]49 BOOST_CHECK_EQUAL(ca.m_interestFilterHandles.size(), 5); // onInfo, onProbe, onNew, onChallenge, onRevoke
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]50}
51
swa77020643ac2020-03-26 02:24:45 -0700[diff] [blame]52BOOST_AUTO_TEST_CASE(HandleInfo)
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]53{
54 auto identity = addIdentity(Name("/ndn"));
55 auto key = identity.getDefaultKey();
56 auto cert = key.getDefaultCertificate();
57
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]58 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang42d992d2019-07-07 16:46:50 -0700[diff] [blame]59 CaModule ca(face, m_keyChain, "tests/unit-tests/ca.conf.test", "ca-storage-memory");
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]60 advanceClocks(time::milliseconds(20), 60);
61
swa77020643ac2020-03-26 02:24:45 -0700[diff] [blame]62 Interest interest("/ndn/CA/INFO");
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]63 interest.setCanBePrefix(false);
64
65 int count = 0;
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]66 face.onSendData.connect([&](const Data& response) {
67 count++;
68 BOOST_CHECK(security::verifySignature(response, cert));
69 auto contentBlock = response.getContent();
70 contentBlock.parse();
71 auto caItem = INFO::decodeClientConfigFromContent(contentBlock);
72 BOOST_CHECK_EQUAL(caItem.m_caPrefix, "/ndn");
73 BOOST_CHECK_EQUAL(caItem.m_probe, "");
74 BOOST_CHECK_EQUAL(caItem.m_anchor.wireEncode(), cert.wireEncode());
75 BOOST_CHECK_EQUAL(caItem.m_caInfo, "ndn testbed ca");
76 });
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]77 face.receive(interest);
78
79 advanceClocks(time::milliseconds(20), 60);
80 BOOST_CHECK_EQUAL(count, 1);
81}
82
Zhiyi Zhang6f395812020-09-29 14:42:03 -0700[diff] [blame^]83BOOST_AUTO_TEST_CASE(HandleProbe)
84{
85 auto identity = addIdentity(Name("/ndn"));
86 auto key = identity.getDefaultKey();
87 auto cert = key.getDefaultCertificate();
88
89 util::DummyClientFace face(io, m_keyChain, {true, true});
90 CaModule ca(face, m_keyChain, "tests/unit-tests/ca.conf.test", "ca-storage-memory");
91 ca.setNameAssignmentFunction([&](const std::vector<std::tuple<std::string, std::string>>) -> std::vector<std::string> {
92 std::vector<std::string> result;
93 result.push_back("example");
94 return result;
95 });
96 advanceClocks(time::milliseconds(20), 60);
97
98 Interest interest("/ndn/CA/PROBE");
99 interest.setCanBePrefix(false);
100
101 Block paramTLV = makeEmptyBlock(tlv::ApplicationParameters);
102 paramTLV.push_back(makeStringBlock(tlv_parameter_key, "name"));
103 paramTLV.push_back(makeStringBlock(tlv_parameter_value, "zhiyi"));
104 paramTLV.encode();
105
106 interest.setApplicationParameters(paramTLV);
107
108 int count = 0;
109 face.onSendData.connect([&](const Data& response) {
110 count++;
111 BOOST_CHECK(security::verifySignature(response, cert));
112 Block contentBlock = response.getContent();
113 contentBlock.parse();
114 Block probeResponse = contentBlock.get(tlv_probe_response);
115 probeResponse.parse();
116 Name caName;
117 caName.wireDecode(probeResponse.get(tlv::Name));
118 BOOST_CHECK_EQUAL(caName, "/ndn/example");
119 });
120 face.receive(interest);
121
122 advanceClocks(time::milliseconds(20), 60);
123 BOOST_CHECK_EQUAL(count, 1);
124}
125
126
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]127BOOST_AUTO_TEST_CASE(HandleProbeUsingDefaultHandler)
128{
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]129 auto identity = addIdentity(Name("/ndn"));
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]130 auto key = identity.getDefaultKey();
131 auto cert = key.getDefaultCertificate();
132
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]133 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang42d992d2019-07-07 16:46:50 -0700[diff] [blame]134 CaModule ca(face, m_keyChain, "tests/unit-tests/ca.conf.test", "ca-storage-memory");
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]135 advanceClocks(time::milliseconds(20), 60);
136
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]137 Interest interest("/ndn/CA/PROBE");
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]138 interest.setCanBePrefix(false);
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]139
140 Block paramTLV = makeEmptyBlock(tlv::ApplicationParameters);
Zhiyi Zhang6f395812020-09-29 14:42:03 -0700[diff] [blame^]141 paramTLV.push_back(makeStringBlock(tlv_parameter_key, "name"));
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]142 paramTLV.push_back(makeStringBlock(tlv_parameter_value, "zhiyi"));
143 paramTLV.encode();
144
145 interest.setApplicationParameters(paramTLV);
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]146
147 int count = 0;
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]148 face.onSendData.connect([&](const Data& response) {
149 count++;
150 BOOST_CHECK(security::verifySignature(response, cert));
151 auto contentBlock = response.getContent();
152 contentBlock.parse();
153 auto probeResponseBlock = contentBlock.get(tlv_probe_response);
154 probeResponseBlock.parse();
155 Name caPrefix;
156 caPrefix.wireDecode(probeResponseBlock.get(tlv::Name));
157 BOOST_CHECK(caPrefix != "");
158 });
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]159 face.receive(interest);
160
161 advanceClocks(time::milliseconds(20), 60);
162 BOOST_CHECK_EQUAL(count, 1);
163}
164
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]165BOOST_AUTO_TEST_CASE(HandleNew)
166{
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]167 auto identity = addIdentity(Name("/ndn"));
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]168 auto key = identity.getDefaultKey();
169 auto cert = key.getDefaultCertificate();
170
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]171 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang42d992d2019-07-07 16:46:50 -0700[diff] [blame]172 CaModule ca(face, m_keyChain, "tests/unit-tests/ca.conf.test", "ca-storage-memory");
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]173 advanceClocks(time::milliseconds(20), 60);
174
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]175 ClientModule client(m_keyChain);
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]176 ClientCaItem item;
Suyong Won256c9062020-05-11 02:45:56 -0700[diff] [blame]177 item.m_caPrefix = Name("/ndn");
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]178 item.m_anchor = cert;
179 client.getClientConf().m_caItems.push_back(item);
Zhiyi Zhang5f749a22019-06-12 17:02:33 -0700[diff] [blame]180
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]181 auto interest = client.generateNewInterest(time::system_clock::now(),
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]182 time::system_clock::now() + time::days(1),
Zhiyi Zhang5f749a22019-06-12 17:02:33 -0700[diff] [blame]183 Name("/ndn/zhiyi"));
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]184
185 int count = 0;
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]186 face.onSendData.connect([&](const Data& response) {
187 count++;
188 BOOST_CHECK(security::verifySignature(response, cert));
189 auto contentBlock = response.getContent();
190 contentBlock.parse();
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]191
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]192 BOOST_CHECK(readString(contentBlock.get(tlv_ecdh_pub)) != "");
193 BOOST_CHECK(readString(contentBlock.get(tlv_salt)) != "");
194 BOOST_CHECK(readString(contentBlock.get(tlv_request_id)) != "");
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]195
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]196 auto challengeBlockCount = 0;
197 for (auto const& element : contentBlock.elements()) {
198 if (element.type() == tlv_challenge) {
199 challengeBlockCount++;
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]200 }
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]201 }
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]202
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]203 BOOST_CHECK(challengeBlockCount != 0);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]204
tylerliu0e176c32020-09-29 11:39:46 -0700[diff] [blame]205 client.onNewRenewRevokeResponse(response);
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]206 BOOST_CHECK_EQUAL_COLLECTIONS(client.m_aesKey, client.m_aesKey + sizeof(client.m_aesKey),
207 ca.m_aesKey, ca.m_aesKey + sizeof(ca.m_aesKey));
208 });
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]209 face.receive(*interest);
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]210
211 advanceClocks(time::milliseconds(20), 60);
212 BOOST_CHECK_EQUAL(count, 1);
213}
214
Zhiyi Zhang1a735bc2019-07-04 21:36:49 -0700[diff] [blame]215BOOST_AUTO_TEST_CASE(HandleNewWithInvalidValidityPeriod1)
216{
217 auto identity = addIdentity(Name("/ndn"));
218 auto key = identity.getDefaultKey();
219 auto cert = key.getDefaultCertificate();
220
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]221 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang1a735bc2019-07-04 21:36:49 -0700[diff] [blame]222 CaModule ca(face, m_keyChain, "tests/unit-tests/ca.conf.test");
223 advanceClocks(time::milliseconds(20), 60);
224
225 ClientModule client(m_keyChain);
226 ClientCaItem item;
Suyong Won256c9062020-05-11 02:45:56 -0700[diff] [blame]227 item.m_caPrefix = Name("/ndn");
Zhiyi Zhang1a735bc2019-07-04 21:36:49 -0700[diff] [blame]228 item.m_anchor = cert;
229 client.getClientConf().m_caItems.push_back(item);
230 auto current_tp = time::system_clock::now();
231 auto interest1 = client.generateNewInterest(current_tp, current_tp - time::hours(1),
232 Name("/ndn/zhiyi"));
233 auto interest2 = client.generateNewInterest(current_tp, current_tp + time::days(361),
234 Name("/ndn/zhiyi"));
235 auto interest3 = client.generateNewInterest(current_tp - time::hours(1),
236 current_tp + time::hours(2),
237 Name("/ndn/zhiyi"));
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]238 face.onSendData.connect([&](const Data& response) {
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]239 auto contentTlv = response.getContent();
240 contentTlv.parse();
241 auto errorCode = static_cast<ErrorCode>(readNonNegativeInteger(contentTlv.get(tlv_error_code)));
242 BOOST_CHECK(errorCode != ErrorCode::NO_ERROR);
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]243 });
Zhiyi Zhang1a735bc2019-07-04 21:36:49 -0700[diff] [blame]244 face.receive(*interest1);
245 face.receive(*interest2);
246 face.receive(*interest3);
247
248 advanceClocks(time::milliseconds(20), 60);
249}
250
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]251BOOST_AUTO_TEST_CASE(HandleNewWithLongSuffix)
252{
253 auto identity = addIdentity(Name("/ndn"));
254 auto key = identity.getDefaultKey();
255 auto cert = key.getDefaultCertificate();
256
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]257 util::DummyClientFace face(io, m_keyChain, {true, true});
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]258 CaModule ca(face, m_keyChain, "tests/unit-tests/ca.conf.test", "ca-storage-memory");
259 advanceClocks(time::milliseconds(20), 60);
260
261 ClientModule client(m_keyChain);
262 ClientCaItem item;
263 item.m_caPrefix = Name("/ndn");
264 item.m_anchor = cert;
265 client.getClientConf().m_caItems.push_back(item);
266
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]267 auto interest1 = client.generateNewInterest(time::system_clock::now(),
268 time::system_clock::now() + time::days(1),
269 Name("/ndn/a"));
270 auto interest2 = client.generateNewInterest(time::system_clock::now(),
271 time::system_clock::now() + time::days(1),
272 Name("/ndn/a/b"));
273 auto interest3 = client.generateNewInterest(time::system_clock::now(),
274 time::system_clock::now() + time::days(1),
275 Name("/ndn/a/b/c/d"));
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]276
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]277 face.onSendData.connect([&](const Data& response) {
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]278 auto contentTlv = response.getContent();
279 contentTlv.parse();
280 if (interest3->getName().isPrefixOf(response.getName())) {
281 auto errorCode = static_cast<ErrorCode>(readNonNegativeInteger(contentTlv.get(tlv_error_code)));
282 BOOST_CHECK(errorCode != ErrorCode::NO_ERROR);
283 }
284 else {
285 // should successfully get responses
286 BOOST_CHECK_EXCEPTION(readNonNegativeInteger(contentTlv.get(tlv_error_code)), std::runtime_error,
287 [](const auto& e) { return true; });
288 }
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]289 });
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]290 face.receive(*interest1);
291 face.receive(*interest2);
292 face.receive(*interest3);
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]293 advanceClocks(time::milliseconds(20), 60);
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]294}
295
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]296BOOST_AUTO_TEST_CASE(HandleNewWithInvalidLength1)
297{
298 auto identity = addIdentity(Name("/ndn"));
299 auto key = identity.getDefaultKey();
300 auto cert = key.getDefaultCertificate();
301
302 util::DummyClientFace face(io, m_keyChain, {true, true});
303 CaModule ca(face, m_keyChain, "tests/unit-tests/ca.conf.test");
304 advanceClocks(time::milliseconds(20), 60);
305
306 ClientModule client(m_keyChain);
307 ClientCaItem item;
308 item.m_caPrefix = Name("/ndn");
309 item.m_anchor = cert;
310 client.getClientConf().m_caItems.push_back(item);
311 auto current_tp = time::system_clock::now();
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]312 auto interest1 = client.generateNewInterest(current_tp, current_tp + time::days(1), Name("/ndn"));
313 auto interest2 = client.generateNewInterest(current_tp, current_tp + time::days(1), Name("/ndn/a/b/c/d"));
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]314 face.onSendData.connect([&](const Data& response) {
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]315 auto contentTlv = response.getContent();
316 contentTlv.parse();
317 auto errorCode = static_cast<ErrorCode>(readNonNegativeInteger(contentTlv.get(tlv_error_code)));
318 BOOST_CHECK(errorCode != ErrorCode::NO_ERROR);
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]319 });
320 face.receive(*interest1);
321 face.receive(*interest2);
322
323 advanceClocks(time::milliseconds(20), 60);
324}
325
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]326BOOST_AUTO_TEST_CASE(HandleChallenge)
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]327{
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]328 auto identity = addIdentity(Name("/ndn"));
329 auto key = identity.getDefaultKey();
330 auto cert = key.getDefaultCertificate();
331
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]332 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang42d992d2019-07-07 16:46:50 -0700[diff] [blame]333 CaModule ca(face, m_keyChain, "tests/unit-tests/ca.conf.test", "ca-storage-memory");
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]334 advanceClocks(time::milliseconds(20), 60);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]335
336 // generate NEW Interest
337 ClientModule client(m_keyChain);
338 ClientCaItem item;
Suyong Won256c9062020-05-11 02:45:56 -0700[diff] [blame]339 item.m_caPrefix = Name("/ndn");
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]340 item.m_anchor = cert;
341 client.getClientConf().m_caItems.push_back(item);
342 auto newInterest = client.generateNewInterest(time::system_clock::now(),
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]343 time::system_clock::now() + time::days(1), Name("/ndn/zhiyi"));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]344
345 // generate CHALLENGE Interest
346 ChallengePin pinChallenge;
347 shared_ptr<Interest> challengeInterest = nullptr;
348 shared_ptr<Interest> challengeInterest2 = nullptr;
349 shared_ptr<Interest> challengeInterest3 = nullptr;
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]350
351 int count = 0;
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]352 face.onSendData.connect([&](const Data& response) {
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]353 if (Name("/ndn/CA/NEW").isPrefixOf(response.getName())) {
tylerliu0e176c32020-09-29 11:39:46 -0700[diff] [blame]354 client.onNewRenewRevokeResponse(response);
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]355 auto paramList = pinChallenge.getRequestedParameterList(client.m_status, client.m_challengeStatus);
Suyong Won44d0cce2020-05-10 04:07:43 -0700[diff] [blame]356 challengeInterest = client.generateChallengeInterest(pinChallenge.genChallengeRequestTLV(client.m_status,
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]357 client.m_challengeStatus,
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]358 std::move(paramList)));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]359 }
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]360 else if (Name("/ndn/CA/CHALLENGE").isPrefixOf(response.getName()) && count == 0) {
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]361 count++;
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]362 BOOST_CHECK(security::verifySignature(response, cert));
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]363
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]364 client.onChallengeResponse(response);
Zhiyi Zhang48f23782020-09-28 12:11:24 -0700[diff] [blame]365 BOOST_CHECK(client.m_status == Status::CHALLENGE);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]366 BOOST_CHECK_EQUAL(client.m_challengeStatus, ChallengePin::NEED_CODE);
Davide Pesavento914d05f2019-07-13 16:20:19 -0400[diff] [blame]367
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]368 auto paramList = pinChallenge.getRequestedParameterList(client.m_status, client.m_challengeStatus);
Suyong Won44d0cce2020-05-10 04:07:43 -0700[diff] [blame]369 challengeInterest2 = client.generateChallengeInterest(pinChallenge.genChallengeRequestTLV(client.m_status,
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]370 client.m_challengeStatus,
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]371 std::move(paramList)));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]372 }
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]373 else if (Name("/ndn/CA/CHALLENGE").isPrefixOf(response.getName()) && count == 1) {
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]374 count++;
375 BOOST_CHECK(security::verifySignature(response, cert));
376
377 client.onChallengeResponse(response);
Zhiyi Zhang48f23782020-09-28 12:11:24 -0700[diff] [blame]378 BOOST_CHECK(client.m_status == Status::CHALLENGE);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]379 BOOST_CHECK_EQUAL(client.m_challengeStatus, ChallengePin::WRONG_CODE);
Davide Pesavento914d05f2019-07-13 16:20:19 -0400[diff] [blame]380
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]381 auto paramList = pinChallenge.getRequestedParameterList(client.m_status, client.m_challengeStatus);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]382 auto request = ca.getCertificateRequest(*challengeInterest2);
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]383 auto secret = request.m_challengeSecrets.get(ChallengePin::PARAMETER_KEY_CODE, "");
384 std::get<1>(paramList[0]) = secret;
Suyong Won44d0cce2020-05-10 04:07:43 -0700[diff] [blame]385 challengeInterest3 = client.generateChallengeInterest(pinChallenge.genChallengeRequestTLV(client.m_status,
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]386 client.m_challengeStatus,
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]387 std::move(paramList)));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]388 }
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]389 else if (Name("/ndn/CA/CHALLENGE").isPrefixOf(response.getName()) && count == 2) {
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]390 count++;
391 BOOST_CHECK(security::verifySignature(response, cert));
392
393 client.onChallengeResponse(response);
Zhiyi Zhang48f23782020-09-28 12:11:24 -0700[diff] [blame]394 BOOST_CHECK(client.m_status == Status::SUCCESS);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]395 }
Davide Pesavento914d05f2019-07-13 16:20:19 -0400[diff] [blame]396 });
397
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]398 face.receive(*newInterest);
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]399 advanceClocks(time::milliseconds(20), 60);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]400 face.receive(*challengeInterest);
401 advanceClocks(time::milliseconds(20), 60);
402 face.receive(*challengeInterest2);
403 advanceClocks(time::milliseconds(20), 60);
404 face.receive(*challengeInterest3);
405 advanceClocks(time::milliseconds(20), 60);
406 BOOST_CHECK_EQUAL(count, 3);
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]407}
408
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]409BOOST_AUTO_TEST_CASE(HandleRevoke)
410{
411 auto identity = addIdentity(Name("/ndn"));
412 auto key = identity.getDefaultKey();
413 auto cert = key.getDefaultCertificate();
414
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]415 util::DummyClientFace face(io, {true, true});
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]416 CaModule ca(face, m_keyChain, "tests/unit-tests/ca.conf.test", "ca-storage-memory");
417 advanceClocks(time::milliseconds(20), 60);
418
419 //generate a certificate
420 auto clientIdentity = m_keyChain.createIdentity("/ndn/qwerty");
421 auto clientKey = clientIdentity.getDefaultKey();
422 security::v2::Certificate clientCert;
423 clientCert.setName(Name(clientKey.getName()).append("cert-request").appendVersion());
424 clientCert.setContentType(tlv::ContentType_Key);
425 clientCert.setFreshnessPeriod(time::hours(24));
426 clientCert.setContent(clientKey.getPublicKey().data(), clientKey.getPublicKey().size());
427 SignatureInfo signatureInfo;
428 signatureInfo.setValidityPeriod(security::ValidityPeriod(time::system_clock::now(),
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]429 time::system_clock::now() + time::hours(10)));
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]430 m_keyChain.sign(clientCert, signingByKey(clientKey.getName()).setSignatureInfo(signatureInfo));
Zhiyi Zhangc87d52b2020-09-28 22:07:18 -0700[diff] [blame]431 CertificateRequest certRequest(Name("/ndn"), "122", RequestType::NEW, Status::SUCCESS, clientCert);
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]432 auto issuedCert = ca.issueCertificate(certRequest);
433
434 ClientModule client(m_keyChain);
435 ClientCaItem item;
436 item.m_caName = Name("/ndn");
437 item.m_anchor = cert;
438 client.getClientConf().m_caItems.push_back(item);
439
440 auto interest = client.generateRevokeInterest(issuedCert);
441
442 int count = 0;
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]443 face.onSendData.connect([&](const Data& response) {
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]444 count++;
445 BOOST_CHECK(security::verifySignature(response, cert));
446 auto contentBlock = response.getContent();
447 contentBlock.parse();
448
449 BOOST_CHECK(readString(contentBlock.get(tlv_ecdh_pub)) != "");
450 BOOST_CHECK(readString(contentBlock.get(tlv_salt)) != "");
451 BOOST_CHECK(readString(contentBlock.get(tlv_request_id)) != "");
452
453 auto challengeBlockCount = 0;
454 for (auto const& element : contentBlock.elements()) {
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]455 if (element.type() == tlv_challenge) {
456 challengeBlockCount++;
457 }
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]458 }
459
460 BOOST_CHECK(challengeBlockCount != 0);
461
tylerliu0e176c32020-09-29 11:39:46 -0700[diff] [blame]462 client.onNewRenewRevokeResponse(response);
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]463 BOOST_CHECK_EQUAL_COLLECTIONS(client.m_aesKey, client.m_aesKey + sizeof(client.m_aesKey),
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]464 ca.m_aesKey, ca.m_aesKey + sizeof(ca.m_aesKey));
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]465 });
466 face.receive(*interest);
467
468 advanceClocks(time::milliseconds(20), 60);
469 BOOST_CHECK_EQUAL(count, 1);
470}
471
472BOOST_AUTO_TEST_CASE(HandleRevokeWithBadCert)
473{
474 auto identity = addIdentity(Name("/ndn"));
475 auto key = identity.getDefaultKey();
476 auto cert = key.getDefaultCertificate();
477
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]478 util::DummyClientFace face(io, {true, true});
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]479 CaModule ca(face, m_keyChain, "tests/unit-tests/ca.conf.test", "ca-storage-memory");
480 advanceClocks(time::milliseconds(20), 60);
481
482 //generate a certificate
483 auto clientIdentity = m_keyChain.createIdentity("/ndn/qwerty");
484 auto clientKey = clientIdentity.getDefaultKey();
485 security::v2::Certificate clientCert;
486 clientCert.setName(Name(clientKey.getName()).append("NDNCERT").append(std::to_string(1473283247810732701)));
487 clientCert.setContentType(tlv::ContentType_Key);
488 clientCert.setFreshnessPeriod(time::hours(24));
489 clientCert.setContent(clientKey.getPublicKey().data(), clientKey.getPublicKey().size());
490 SignatureInfo signatureInfo;
491 signatureInfo.setValidityPeriod(security::ValidityPeriod(time::system_clock::now(),
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]492 time::system_clock::now() + time::hours(10)));
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]493 m_keyChain.sign(clientCert, signingByKey(clientKey.getName()).setSignatureInfo(signatureInfo));
494
495 ClientModule client(m_keyChain);
496 ClientCaItem item;
497 item.m_caName = Name("/ndn");
498 item.m_anchor = cert;
499 client.getClientConf().m_caItems.push_back(item);
500
501 auto interest = client.generateRevokeInterest(clientCert);
502
503 int count = 0;
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]504 face.onSendData.connect([&](const Data& response) {
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]505 count++;
506 });
507 face.receive(*interest);
508
509 advanceClocks(time::milliseconds(20), 60);
510 BOOST_CHECK_EQUAL(count, 0);
511}
512
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]513BOOST_AUTO_TEST_SUITE_END() // TestCaModule
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]514
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]515} // namespace tests
516} // namespace ndncert
517} // namespace ndn