Gitiles
Code Review Sign In
gerrit.named-data.net / ndncert / 90c75787d928d45a61dc24bb5f6ee70b379566fd / . / tests / unit-tests / ca-module.t.cpp
blob: 062b5026de3bfd43b26841cdfc47a2280f22312a [file] [log] [blame]
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Davide Pesavento914d05f2019-07-13 16:20:19 -0400[diff] [blame]2/*
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]3 * Copyright (c) 2017-2020, Regents of the University of California.
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]4 *
5 * This file is part of ndncert, a certificate management system based on NDN.
6 *
7 * ndncert is free software: you can redistribute it and/or modify it under the terms
8 * of the GNU General Public License as published by the Free Software Foundation, either
9 * version 3 of the License, or (at your option) any later version.
10 *
11 * ndncert is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License along with
16 * ndncert, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
17 *
18 * See AUTHORS.md for complete list of ndncert authors and contributors.
19 */
20
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]21#include "ca-module.hpp"
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]22#include "challenge-module.hpp"
Zhiyi Zhang8bd8e5b2020-09-29 17:40:40 -0700[diff] [blame]23#include "challenge-modules/challenge-email.hpp"
24#include "challenge-modules/challenge-pin.hpp"
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]25#include "protocol-detail/info.hpp"
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]26#include "requester.hpp"
Zhiyi Zhang5d80e1e2020-09-25 11:34:54 -0700[diff] [blame]27#include "test-common.hpp"
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]28
29namespace ndn {
30namespace ndncert {
31namespace tests {
32
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]33BOOST_FIXTURE_TEST_SUITE(TestCaModule, DatabaseFixture)
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]34
35BOOST_AUTO_TEST_CASE(Initialization)
36{
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]37 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]38 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
39 BOOST_CHECK_EQUAL(ca.getCaConf().m_caItem.m_caPrefix, "/ndn");
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]40
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]41 advanceClocks(time::milliseconds(20), 60);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]42 BOOST_CHECK_EQUAL(ca.m_registeredPrefixHandles.size(), 2);
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]43 BOOST_CHECK_EQUAL(ca.m_interestFilterHandles.size(), 5); // onInfo, onProbe, onNew, onChallenge, onRevoke
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]44}
45
swa77020643ac2020-03-26 02:24:45 -0700[diff] [blame]46BOOST_AUTO_TEST_CASE(HandleInfo)
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]47{
48 auto identity = addIdentity(Name("/ndn"));
49 auto key = identity.getDefaultKey();
50 auto cert = key.getDefaultCertificate();
51
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]52 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]53 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]54 advanceClocks(time::milliseconds(20), 60);
55
swa77020643ac2020-03-26 02:24:45 -0700[diff] [blame]56 Interest interest("/ndn/CA/INFO");
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]57 interest.setCanBePrefix(false);
58
59 int count = 0;
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]60 face.onSendData.connect([&](const Data& response) {
61 count++;
62 BOOST_CHECK(security::verifySignature(response, cert));
63 auto contentBlock = response.getContent();
64 contentBlock.parse();
Zhiyi Zhang3e8ca252020-09-30 17:18:38 -0700[diff] [blame]65 auto caItem = INFO::decodeDataContent(contentBlock);
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]66 BOOST_CHECK_EQUAL(caItem.m_caPrefix, "/ndn");
Zhiyi Zhangb940aa12020-09-30 16:38:57 -0700[diff] [blame]67 BOOST_CHECK_EQUAL(caItem.m_probeParameterKeys.size(), 1);
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]68 BOOST_CHECK_EQUAL(caItem.m_cert->wireEncode(), cert.wireEncode());
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]69 BOOST_CHECK_EQUAL(caItem.m_caInfo, "ndn testbed ca");
70 });
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]71 face.receive(interest);
72
73 advanceClocks(time::milliseconds(20), 60);
74 BOOST_CHECK_EQUAL(count, 1);
75}
76
Zhiyi Zhang6f395812020-09-29 14:42:03 -0700[diff] [blame]77BOOST_AUTO_TEST_CASE(HandleProbe)
78{
79 auto identity = addIdentity(Name("/ndn"));
80 auto key = identity.getDefaultKey();
81 auto cert = key.getDefaultCertificate();
82
83 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]84 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
Zhiyi Zhang6f395812020-09-29 14:42:03 -0700[diff] [blame]85 ca.setNameAssignmentFunction([&](const std::vector<std::tuple<std::string, std::string>>) -> std::vector<std::string> {
86 std::vector<std::string> result;
87 result.push_back("example");
88 return result;
89 });
90 advanceClocks(time::milliseconds(20), 60);
91
92 Interest interest("/ndn/CA/PROBE");
93 interest.setCanBePrefix(false);
94
95 Block paramTLV = makeEmptyBlock(tlv::ApplicationParameters);
96 paramTLV.push_back(makeStringBlock(tlv_parameter_key, "name"));
97 paramTLV.push_back(makeStringBlock(tlv_parameter_value, "zhiyi"));
98 paramTLV.encode();
99
100 interest.setApplicationParameters(paramTLV);
101
102 int count = 0;
103 face.onSendData.connect([&](const Data& response) {
104 count++;
105 BOOST_CHECK(security::verifySignature(response, cert));
106 Block contentBlock = response.getContent();
107 contentBlock.parse();
108 Block probeResponse = contentBlock.get(tlv_probe_response);
109 probeResponse.parse();
110 Name caName;
111 caName.wireDecode(probeResponse.get(tlv::Name));
112 BOOST_CHECK_EQUAL(caName, "/ndn/example");
113 });
114 face.receive(interest);
115
116 advanceClocks(time::milliseconds(20), 60);
117 BOOST_CHECK_EQUAL(count, 1);
118}
119
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]120BOOST_AUTO_TEST_CASE(HandleProbeUsingDefaultHandler)
121{
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]122 auto identity = addIdentity(Name("/ndn"));
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]123 auto key = identity.getDefaultKey();
124 auto cert = key.getDefaultCertificate();
125
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]126 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]127 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]128 advanceClocks(time::milliseconds(20), 60);
129
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]130 Interest interest("/ndn/CA/PROBE");
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]131 interest.setCanBePrefix(false);
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]132
133 Block paramTLV = makeEmptyBlock(tlv::ApplicationParameters);
Zhiyi Zhang6f395812020-09-29 14:42:03 -0700[diff] [blame]134 paramTLV.push_back(makeStringBlock(tlv_parameter_key, "name"));
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]135 paramTLV.push_back(makeStringBlock(tlv_parameter_value, "zhiyi"));
136 paramTLV.encode();
137
138 interest.setApplicationParameters(paramTLV);
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]139
140 int count = 0;
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]141 face.onSendData.connect([&](const Data& response) {
142 count++;
143 BOOST_CHECK(security::verifySignature(response, cert));
144 auto contentBlock = response.getContent();
145 contentBlock.parse();
146 auto probeResponseBlock = contentBlock.get(tlv_probe_response);
147 probeResponseBlock.parse();
148 Name caPrefix;
149 caPrefix.wireDecode(probeResponseBlock.get(tlv::Name));
150 BOOST_CHECK(caPrefix != "");
151 });
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]152 face.receive(interest);
153
154 advanceClocks(time::milliseconds(20), 60);
155 BOOST_CHECK_EQUAL(count, 1);
156}
157
Suyong Wone2afeb52020-10-04 03:05:39 +0900[diff] [blame]158BOOST_AUTO_TEST_CASE(HandleProbeRedirection)
159{
160 auto identity = addIdentity(Name("/ndn"));
161 auto key = identity.getDefaultKey();
162 auto cert = key.getDefaultCertificate();
163
164 util::DummyClientFace face(io, m_keyChain, {true, true});
165 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-5", "ca-storage-memory");
166 ca.setNameAssignmentFunction([&](const std::vector<std::tuple<std::string, std::string>>) -> std::vector<std::string> {
167 std::vector<std::string> result;
168 result.push_back("example");
169 return result;
170 });
171 advanceClocks(time::milliseconds(20), 60);
172
173 Interest interest("/ndn/CA/PROBE");
174 interest.setCanBePrefix(false);
175
176 Block paramTLV = makeEmptyBlock(tlv::ApplicationParameters);
177 paramTLV.push_back(makeStringBlock(tlv_parameter_key, "name"));
178 paramTLV.push_back(makeStringBlock(tlv_parameter_value, "zhiyi"));
179 paramTLV.encode();
180
181 interest.setApplicationParameters(paramTLV);
182
183 int count = 0;
184 face.onSendData.connect([&](const Data& response) {
185 count++;
186 BOOST_CHECK(security::verifySignature(response, cert));
187 Block contentBlock = response.getContent();
188 contentBlock.parse();
189
190 // Test CA sent redirections
Zhiyi Zhang34a8d432020-10-03 22:14:25 -0700[diff] [blame]191 std::vector<Name> redirectionItems;
192 for (auto item : contentBlock.elements()) {
193 if (item.type() == tlv_probe_redirect) {
194 redirectionItems.push_back(Name(item.blockFromValue()));
195 }
Suyong Wone2afeb52020-10-04 03:05:39 +0900[diff] [blame]196 }
Zhiyi Zhang34a8d432020-10-03 22:14:25 -0700[diff] [blame]197 BOOST_CHECK_EQUAL(redirectionItems.size(), 2);
198 BOOST_CHECK_EQUAL(security::v2::extractIdentityFromCertName(redirectionItems[0].getPrefix(-1)), "/ndn/site1");
199 BOOST_CHECK_EQUAL(security::v2::extractIdentityFromCertName(redirectionItems[1].getPrefix(-1)), "/ndn/site1");
Suyong Wone2afeb52020-10-04 03:05:39 +0900[diff] [blame]200 });
201 face.receive(interest);
202 advanceClocks(time::milliseconds(20), 60);
203 BOOST_CHECK_EQUAL(count, 1);
204}
205
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]206BOOST_AUTO_TEST_CASE(HandleNew)
207{
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]208 auto identity = addIdentity(Name("/ndn"));
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]209 auto key = identity.getDefaultKey();
210 auto cert = key.getDefaultCertificate();
211
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]212 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]213 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]214 advanceClocks(time::milliseconds(20), 60);
215
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]216 CaProfile item;
Suyong Won256c9062020-05-11 02:45:56 -0700[diff] [blame]217 item.m_caPrefix = Name("/ndn");
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]218 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]219 RequesterState state(m_keyChain, item, RequestType::NEW);
220 auto interest = Requester::genNewInterest(state, Name("/ndn/zhiyi"),
221 time::system_clock::now(),
222 time::system_clock::now() + time::days(1));
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]223
224 int count = 0;
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]225 face.onSendData.connect([&](const Data& response) {
226 count++;
227 BOOST_CHECK(security::verifySignature(response, cert));
228 auto contentBlock = response.getContent();
229 contentBlock.parse();
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]230
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]231 BOOST_CHECK(readString(contentBlock.get(tlv_ecdh_pub)) != "");
232 BOOST_CHECK(readString(contentBlock.get(tlv_salt)) != "");
233 BOOST_CHECK(readString(contentBlock.get(tlv_request_id)) != "");
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]234
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]235 auto challengeBlockCount = 0;
236 for (auto const& element : contentBlock.elements()) {
237 if (element.type() == tlv_challenge) {
238 challengeBlockCount++;
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]239 }
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]240 }
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]241
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]242 BOOST_CHECK(challengeBlockCount != 0);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]243
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]244 auto challengeList = Requester::onNewRenewRevokeResponse(state, response);
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]245 auto ca_encryption_key = ca.getCaStorage()->getRequest(readString(contentBlock.get(tlv_request_id))).m_encryptionKey;
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]246 BOOST_CHECK_EQUAL_COLLECTIONS(state.m_aesKey, state.m_aesKey + sizeof(state.m_aesKey),
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]247 ca_encryption_key.value(), ca_encryption_key.value() + ca_encryption_key.value_size());
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]248 });
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]249 face.receive(*interest);
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]250
251 advanceClocks(time::milliseconds(20), 60);
252 BOOST_CHECK_EQUAL(count, 1);
253}
254
Zhiyi Zhang1a735bc2019-07-04 21:36:49 -0700[diff] [blame]255BOOST_AUTO_TEST_CASE(HandleNewWithInvalidValidityPeriod1)
256{
257 auto identity = addIdentity(Name("/ndn"));
258 auto key = identity.getDefaultKey();
259 auto cert = key.getDefaultCertificate();
260
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]261 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]262 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1");
Zhiyi Zhang1a735bc2019-07-04 21:36:49 -0700[diff] [blame]263 advanceClocks(time::milliseconds(20), 60);
264
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]265 CaProfile item;
Suyong Won256c9062020-05-11 02:45:56 -0700[diff] [blame]266 item.m_caPrefix = Name("/ndn");
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]267 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]268 RequesterState state(m_keyChain, item, RequestType::NEW);
Zhiyi Zhang1a735bc2019-07-04 21:36:49 -0700[diff] [blame]269 auto current_tp = time::system_clock::now();
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]270 auto interest1 = Requester::genNewInterest(state, Name("/ndn/zhiyi"), current_tp, current_tp - time::hours(1));
271 auto interest2 = Requester::genNewInterest(state, Name("/ndn/zhiyi"), current_tp, current_tp + time::days(361));
272 auto interest3 = Requester::genNewInterest(state, Name("/ndn/zhiyi"), current_tp - time::hours(1), current_tp + time::hours(2));
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]273 face.onSendData.connect([&](const Data& response) {
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]274 auto contentTlv = response.getContent();
275 contentTlv.parse();
276 auto errorCode = static_cast<ErrorCode>(readNonNegativeInteger(contentTlv.get(tlv_error_code)));
277 BOOST_CHECK(errorCode != ErrorCode::NO_ERROR);
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]278 });
Zhiyi Zhang1a735bc2019-07-04 21:36:49 -0700[diff] [blame]279 face.receive(*interest1);
280 face.receive(*interest2);
281 face.receive(*interest3);
282
283 advanceClocks(time::milliseconds(20), 60);
284}
285
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]286BOOST_AUTO_TEST_CASE(HandleNewWithLongSuffix)
287{
288 auto identity = addIdentity(Name("/ndn"));
289 auto key = identity.getDefaultKey();
290 auto cert = key.getDefaultCertificate();
291
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]292 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]293 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]294 advanceClocks(time::milliseconds(20), 60);
295
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]296 CaProfile item;
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]297 item.m_caPrefix = Name("/ndn");
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]298 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]299 RequesterState state(m_keyChain, item, RequestType::NEW);
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]300
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]301 auto interest1 = Requester::genNewInterest(state, Name("/ndn/a"), time::system_clock::now(),
302 time::system_clock::now() + time::days(1));
303 auto interest2 = Requester::genNewInterest(state, Name("/ndn/a/b"), time::system_clock::now(),
304 time::system_clock::now() + time::days(1));
305 auto interest3 = Requester::genNewInterest(state, Name("/ndn/a/b/c/d"), time::system_clock::now(),
306 time::system_clock::now() + time::days(1));
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]307
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]308 face.onSendData.connect([&](const Data& response) {
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]309 auto contentTlv = response.getContent();
310 contentTlv.parse();
311 if (interest3->getName().isPrefixOf(response.getName())) {
312 auto errorCode = static_cast<ErrorCode>(readNonNegativeInteger(contentTlv.get(tlv_error_code)));
313 BOOST_CHECK(errorCode != ErrorCode::NO_ERROR);
314 }
315 else {
316 // should successfully get responses
317 BOOST_CHECK_EXCEPTION(readNonNegativeInteger(contentTlv.get(tlv_error_code)), std::runtime_error,
318 [](const auto& e) { return true; });
319 }
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]320 });
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]321 face.receive(*interest1);
322 face.receive(*interest2);
323 face.receive(*interest3);
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]324 advanceClocks(time::milliseconds(20), 60);
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]325}
326
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]327BOOST_AUTO_TEST_CASE(HandleNewWithInvalidLength1)
328{
329 auto identity = addIdentity(Name("/ndn"));
330 auto key = identity.getDefaultKey();
331 auto cert = key.getDefaultCertificate();
332
333 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]334 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1");
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]335 advanceClocks(time::milliseconds(20), 60);
336
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]337 CaProfile item;
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]338 item.m_caPrefix = Name("/ndn");
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]339 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]340 RequesterState state(m_keyChain, item, RequestType::NEW);
341
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]342 auto current_tp = time::system_clock::now();
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]343 auto interest1 = Requester::genNewInterest(state, Name("/ndn"), current_tp, current_tp + time::days(1));
344 auto interest2 = Requester::genNewInterest(state, Name("/ndn/a/b/c/d"), current_tp, current_tp + time::days(1));
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]345 face.onSendData.connect([&](const Data& response) {
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]346 auto contentTlv = response.getContent();
347 contentTlv.parse();
348 auto errorCode = static_cast<ErrorCode>(readNonNegativeInteger(contentTlv.get(tlv_error_code)));
349 BOOST_CHECK(errorCode != ErrorCode::NO_ERROR);
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]350 });
351 face.receive(*interest1);
352 face.receive(*interest2);
353
354 advanceClocks(time::milliseconds(20), 60);
355}
356
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]357BOOST_AUTO_TEST_CASE(HandleChallenge)
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]358{
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]359 auto identity = addIdentity(Name("/ndn"));
360 auto key = identity.getDefaultKey();
361 auto cert = key.getDefaultCertificate();
362
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]363 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]364 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]365 advanceClocks(time::milliseconds(20), 60);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]366
367 // generate NEW Interest
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]368 CaProfile item;
Suyong Won256c9062020-05-11 02:45:56 -0700[diff] [blame]369 item.m_caPrefix = Name("/ndn");
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]370 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]371 RequesterState state(m_keyChain, item, RequestType::NEW);
372
373 auto newInterest = Requester::genNewInterest(state, Name("/ndn/zhiyi"), time::system_clock::now(),
374 time::system_clock::now() + time::days(1));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]375
376 // generate CHALLENGE Interest
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]377 shared_ptr<Interest> challengeInterest = nullptr;
378 shared_ptr<Interest> challengeInterest2 = nullptr;
379 shared_ptr<Interest> challengeInterest3 = nullptr;
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]380
381 int count = 0;
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]382 face.onSendData.connect([&](const Data& response) {
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]383 if (Name("/ndn/CA/NEW").isPrefixOf(response.getName())) {
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]384 auto challengeList = Requester::onNewRenewRevokeResponse(state, response);
385 auto paramList = Requester::selectOrContinueChallenge(state, "pin");
386 challengeInterest = Requester::genChallengeInterest(state, std::move(paramList));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]387 }
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]388 else if (Name("/ndn/CA/CHALLENGE").isPrefixOf(response.getName()) && count == 0) {
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]389 count++;
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]390 BOOST_CHECK(security::verifySignature(response, cert));
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]391
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]392 Requester::onChallengeResponse(state, response);
393 BOOST_CHECK(state.m_status == Status::CHALLENGE);
394 BOOST_CHECK_EQUAL(state.m_challengeStatus, ChallengePin::NEED_CODE);
395 auto paramList = Requester::selectOrContinueChallenge(state, "pin");
396 challengeInterest2 = Requester::genChallengeInterest(state, std::move(paramList));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]397 }
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]398 else if (Name("/ndn/CA/CHALLENGE").isPrefixOf(response.getName()) && count == 1) {
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]399 count++;
400 BOOST_CHECK(security::verifySignature(response, cert));
401
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]402 Requester::onChallengeResponse(state, response);
403 BOOST_CHECK(state.m_status == Status::CHALLENGE);
404 BOOST_CHECK_EQUAL(state.m_challengeStatus, ChallengePin::WRONG_CODE);
Davide Pesavento914d05f2019-07-13 16:20:19 -0400[diff] [blame]405
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]406 auto paramList = Requester::selectOrContinueChallenge(state, "pin");
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]407 auto request = ca.getCertificateRequest(*challengeInterest2);
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]408 auto secret = request.m_challengeState->m_secrets.get(ChallengePin::PARAMETER_KEY_CODE, "");
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]409 std::get<1>(paramList[0]) = secret;
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]410 challengeInterest3 = Requester::genChallengeInterest(state, std::move(paramList));
411 std::cout << "CHALLENGE Interest Size: " << challengeInterest3->wireEncode().size() << std::endl;
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]412 }
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]413 else if (Name("/ndn/CA/CHALLENGE").isPrefixOf(response.getName()) && count == 2) {
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]414 count++;
415 BOOST_CHECK(security::verifySignature(response, cert));
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]416 Requester::onChallengeResponse(state, response);
417 BOOST_CHECK(state.m_status == Status::SUCCESS);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]418 }
Davide Pesavento914d05f2019-07-13 16:20:19 -0400[diff] [blame]419 });
420
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]421 face.receive(*newInterest);
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]422 advanceClocks(time::milliseconds(20), 60);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]423 face.receive(*challengeInterest);
424 advanceClocks(time::milliseconds(20), 60);
425 face.receive(*challengeInterest2);
426 advanceClocks(time::milliseconds(20), 60);
427 face.receive(*challengeInterest3);
428 advanceClocks(time::milliseconds(20), 60);
429 BOOST_CHECK_EQUAL(count, 3);
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]430}
431
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]432BOOST_AUTO_TEST_CASE(HandleRevoke)
433{
434 auto identity = addIdentity(Name("/ndn"));
435 auto key = identity.getDefaultKey();
436 auto cert = key.getDefaultCertificate();
437
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]438 util::DummyClientFace face(io, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]439 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]440 advanceClocks(time::milliseconds(20), 60);
441
442 //generate a certificate
443 auto clientIdentity = m_keyChain.createIdentity("/ndn/qwerty");
444 auto clientKey = clientIdentity.getDefaultKey();
445 security::v2::Certificate clientCert;
446 clientCert.setName(Name(clientKey.getName()).append("cert-request").appendVersion());
447 clientCert.setContentType(tlv::ContentType_Key);
448 clientCert.setFreshnessPeriod(time::hours(24));
449 clientCert.setContent(clientKey.getPublicKey().data(), clientKey.getPublicKey().size());
450 SignatureInfo signatureInfo;
451 signatureInfo.setValidityPeriod(security::ValidityPeriod(time::system_clock::now(),
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]452 time::system_clock::now() + time::hours(10)));
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]453 m_keyChain.sign(clientCert, signingByKey(clientKey.getName()).setSignatureInfo(signatureInfo));
tylerliu8704d032020-06-23 10:18:15 -0700[diff] [blame]454 CaState certRequest(Name("/ndn"), "122", RequestType::NEW, Status::SUCCESS, clientCert, makeEmptyBlock(tlv::ContentType_Key));
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]455 auto issuedCert = ca.issueCertificate(certRequest);
456
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]457 CaProfile item;
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]458 item.m_caPrefix = Name("/ndn");
459 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]460 RequesterState state(m_keyChain, item, RequestType::REVOKE);
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]461
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]462 auto interest = Requester::genRevokeInterest(state, issuedCert);
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]463
464 int count = 0;
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]465 face.onSendData.connect([&](const Data& response) {
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]466 count++;
467 BOOST_CHECK(security::verifySignature(response, cert));
468 auto contentBlock = response.getContent();
469 contentBlock.parse();
470
471 BOOST_CHECK(readString(contentBlock.get(tlv_ecdh_pub)) != "");
472 BOOST_CHECK(readString(contentBlock.get(tlv_salt)) != "");
473 BOOST_CHECK(readString(contentBlock.get(tlv_request_id)) != "");
474
475 auto challengeBlockCount = 0;
476 for (auto const& element : contentBlock.elements()) {
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]477 if (element.type() == tlv_challenge) {
478 challengeBlockCount++;
479 }
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]480 }
481
482 BOOST_CHECK(challengeBlockCount != 0);
483
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]484 auto challengeList = Requester::onNewRenewRevokeResponse(state, response);
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]485 auto ca_encryption_key = ca.getCaStorage()->getRequest(readString(contentBlock.get(tlv_request_id))).m_encryptionKey;
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]486 BOOST_CHECK_EQUAL_COLLECTIONS(state.m_aesKey, state.m_aesKey + sizeof(state.m_aesKey),
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]487 ca_encryption_key.value(), ca_encryption_key.value() + ca_encryption_key.value_size());
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]488 });
489 face.receive(*interest);
490
491 advanceClocks(time::milliseconds(20), 60);
492 BOOST_CHECK_EQUAL(count, 1);
493}
494
495BOOST_AUTO_TEST_CASE(HandleRevokeWithBadCert)
496{
497 auto identity = addIdentity(Name("/ndn"));
498 auto key = identity.getDefaultKey();
499 auto cert = key.getDefaultCertificate();
500
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]501 util::DummyClientFace face(io, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]502 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]503 advanceClocks(time::milliseconds(20), 60);
504
Zhiyi Zhang3e8ca252020-09-30 17:18:38 -0700[diff] [blame]505 // generate a certificate
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]506 auto clientIdentity = m_keyChain.createIdentity("/ndn/qwerty");
507 auto clientKey = clientIdentity.getDefaultKey();
508 security::v2::Certificate clientCert;
509 clientCert.setName(Name(clientKey.getName()).append("NDNCERT").append(std::to_string(1473283247810732701)));
510 clientCert.setContentType(tlv::ContentType_Key);
511 clientCert.setFreshnessPeriod(time::hours(24));
512 clientCert.setContent(clientKey.getPublicKey().data(), clientKey.getPublicKey().size());
513 SignatureInfo signatureInfo;
514 signatureInfo.setValidityPeriod(security::ValidityPeriod(time::system_clock::now(),
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]515 time::system_clock::now() + time::hours(10)));
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]516 m_keyChain.sign(clientCert, signingByKey(clientKey.getName()).setSignatureInfo(signatureInfo));
517
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]518 CaProfile item;
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]519 item.m_caPrefix = Name("/ndn");
520 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]521 RequesterState state(m_keyChain, item, RequestType::NEW);
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]522
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]523 auto interest = Requester::genRevokeInterest(state, clientCert);
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]524
Zhiyi Zhang3e8ca252020-09-30 17:18:38 -0700[diff] [blame]525 bool receiveData = false;
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]526 face.onSendData.connect([&](const Data& response) {
Zhiyi Zhang3e8ca252020-09-30 17:18:38 -0700[diff] [blame]527 receiveData = true;
528 auto contentTlv = response.getContent();
529 contentTlv.parse();
530 BOOST_CHECK(static_cast<ErrorCode>(readNonNegativeInteger(contentTlv.get(tlv_error_code))) != ErrorCode::NO_ERROR);
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]531 });
532 face.receive(*interest);
533
534 advanceClocks(time::milliseconds(20), 60);
Zhiyi Zhang3e8ca252020-09-30 17:18:38 -0700[diff] [blame]535 BOOST_CHECK_EQUAL(receiveData, true);
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]536}
537
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]538BOOST_AUTO_TEST_SUITE_END() // TestCaModule
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]539
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]540} // namespace tests
541} // namespace ndncert
542} // namespace ndn