Gitiles
Code Review Sign In
gerrit.named-data.net / ndncert / ead9f008a012a4bf5d918d3d19a1e291b578ff73 / . / tests / unit-tests / ca-module.t.cpp
blob: 15e48df6f9b16aa422e36e293d796f1d01ceac48 [file] [log] [blame]
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Davide Pesavento914d05f2019-07-13 16:20:19 -0400[diff] [blame]2/*
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]3 * Copyright (c) 2017-2020, Regents of the University of California.
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]4 *
5 * This file is part of ndncert, a certificate management system based on NDN.
6 *
7 * ndncert is free software: you can redistribute it and/or modify it under the terms
8 * of the GNU General Public License as published by the Free Software Foundation, either
9 * version 3 of the License, or (at your option) any later version.
10 *
11 * ndncert is distributed in the hope that it will be useful, but WITHOUT ANY
12 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
13 * PARTICULAR PURPOSE. See the GNU General Public License for more details.
14 *
15 * You should have received copies of the GNU General Public License along with
16 * ndncert, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
17 *
18 * See AUTHORS.md for complete list of ndncert authors and contributors.
19 */
20
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]21#include "ca-module.hpp"
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]22#include "challenge-module.hpp"
Zhiyi Zhang8bd8e5b2020-09-29 17:40:40 -0700[diff] [blame]23#include "challenge-modules/challenge-email.hpp"
24#include "challenge-modules/challenge-pin.hpp"
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]25#include "protocol-detail/info.hpp"
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]26#include "requester.hpp"
Zhiyi Zhang5d80e1e2020-09-25 11:34:54 -0700[diff] [blame]27#include "test-common.hpp"
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]28
29namespace ndn {
30namespace ndncert {
31namespace tests {
32
Zhiyi Zhangae123bf2017-04-14 12:24:53 -0700[diff] [blame]33BOOST_FIXTURE_TEST_SUITE(TestCaModule, DatabaseFixture)
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]34
35BOOST_AUTO_TEST_CASE(Initialization)
36{
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]37 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]38 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
39 BOOST_CHECK_EQUAL(ca.getCaConf().m_caItem.m_caPrefix, "/ndn");
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]40
41 auto identity = addIdentity(Name("/ndn/site2"));
42 auto key = identity.getDefaultKey();
43 auto cert = key.getDefaultCertificate();
44 ca.getCaStorage()->addCertificate("111", cert);
45 BOOST_CHECK_EQUAL(ca.getCaStorage()->getCertificate("111").getIdentity(), Name("/ndn/site2"));
46
47 advanceClocks(time::milliseconds(20), 60);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]48 BOOST_CHECK_EQUAL(ca.m_registeredPrefixHandles.size(), 2);
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]49 BOOST_CHECK_EQUAL(ca.m_interestFilterHandles.size(), 5); // onInfo, onProbe, onNew, onChallenge, onRevoke
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]50}
51
swa77020643ac2020-03-26 02:24:45 -0700[diff] [blame]52BOOST_AUTO_TEST_CASE(HandleInfo)
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]53{
54 auto identity = addIdentity(Name("/ndn"));
55 auto key = identity.getDefaultKey();
56 auto cert = key.getDefaultCertificate();
57
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]58 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]59 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]60 advanceClocks(time::milliseconds(20), 60);
61
swa77020643ac2020-03-26 02:24:45 -0700[diff] [blame]62 Interest interest("/ndn/CA/INFO");
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]63 interest.setCanBePrefix(false);
64
65 int count = 0;
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]66 face.onSendData.connect([&](const Data& response) {
67 count++;
68 BOOST_CHECK(security::verifySignature(response, cert));
69 auto contentBlock = response.getContent();
70 contentBlock.parse();
Zhiyi Zhang3e8ca252020-09-30 17:18:38 -0700[diff] [blame]71 auto caItem = INFO::decodeDataContent(contentBlock);
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]72 BOOST_CHECK_EQUAL(caItem.m_caPrefix, "/ndn");
Zhiyi Zhangb940aa12020-09-30 16:38:57 -0700[diff] [blame]73 BOOST_CHECK_EQUAL(caItem.m_probeParameterKeys.size(), 1);
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]74 BOOST_CHECK_EQUAL(caItem.m_cert->wireEncode(), cert.wireEncode());
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]75 BOOST_CHECK_EQUAL(caItem.m_caInfo, "ndn testbed ca");
76 });
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]77 face.receive(interest);
78
79 advanceClocks(time::milliseconds(20), 60);
80 BOOST_CHECK_EQUAL(count, 1);
81}
82
Zhiyi Zhang6f395812020-09-29 14:42:03 -0700[diff] [blame]83BOOST_AUTO_TEST_CASE(HandleProbe)
84{
85 auto identity = addIdentity(Name("/ndn"));
86 auto key = identity.getDefaultKey();
87 auto cert = key.getDefaultCertificate();
88
89 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]90 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
Zhiyi Zhang6f395812020-09-29 14:42:03 -0700[diff] [blame]91 ca.setNameAssignmentFunction([&](const std::vector<std::tuple<std::string, std::string>>) -> std::vector<std::string> {
92 std::vector<std::string> result;
93 result.push_back("example");
94 return result;
95 });
96 advanceClocks(time::milliseconds(20), 60);
97
98 Interest interest("/ndn/CA/PROBE");
99 interest.setCanBePrefix(false);
100
101 Block paramTLV = makeEmptyBlock(tlv::ApplicationParameters);
102 paramTLV.push_back(makeStringBlock(tlv_parameter_key, "name"));
103 paramTLV.push_back(makeStringBlock(tlv_parameter_value, "zhiyi"));
104 paramTLV.encode();
105
106 interest.setApplicationParameters(paramTLV);
107
108 int count = 0;
109 face.onSendData.connect([&](const Data& response) {
110 count++;
111 BOOST_CHECK(security::verifySignature(response, cert));
112 Block contentBlock = response.getContent();
113 contentBlock.parse();
114 Block probeResponse = contentBlock.get(tlv_probe_response);
115 probeResponse.parse();
116 Name caName;
117 caName.wireDecode(probeResponse.get(tlv::Name));
118 BOOST_CHECK_EQUAL(caName, "/ndn/example");
119 });
120 face.receive(interest);
121
122 advanceClocks(time::milliseconds(20), 60);
123 BOOST_CHECK_EQUAL(count, 1);
124}
125
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]126BOOST_AUTO_TEST_CASE(HandleProbeUsingDefaultHandler)
127{
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]128 auto identity = addIdentity(Name("/ndn"));
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]129 auto key = identity.getDefaultKey();
130 auto cert = key.getDefaultCertificate();
131
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]132 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]133 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]134 advanceClocks(time::milliseconds(20), 60);
135
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]136 Interest interest("/ndn/CA/PROBE");
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]137 interest.setCanBePrefix(false);
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]138
139 Block paramTLV = makeEmptyBlock(tlv::ApplicationParameters);
Zhiyi Zhang6f395812020-09-29 14:42:03 -0700[diff] [blame]140 paramTLV.push_back(makeStringBlock(tlv_parameter_key, "name"));
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]141 paramTLV.push_back(makeStringBlock(tlv_parameter_value, "zhiyi"));
142 paramTLV.encode();
143
144 interest.setApplicationParameters(paramTLV);
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]145
146 int count = 0;
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]147 face.onSendData.connect([&](const Data& response) {
148 count++;
149 BOOST_CHECK(security::verifySignature(response, cert));
150 auto contentBlock = response.getContent();
151 contentBlock.parse();
152 auto probeResponseBlock = contentBlock.get(tlv_probe_response);
153 probeResponseBlock.parse();
154 Name caPrefix;
155 caPrefix.wireDecode(probeResponseBlock.get(tlv::Name));
156 BOOST_CHECK(caPrefix != "");
157 });
Zhiyi Zhanga63b7372017-05-17 14:14:34 -0700[diff] [blame]158 face.receive(interest);
159
160 advanceClocks(time::milliseconds(20), 60);
161 BOOST_CHECK_EQUAL(count, 1);
162}
163
Suyong Wone2afeb52020-10-04 03:05:39 +0900[diff] [blame]164BOOST_AUTO_TEST_CASE(HandleProbeRedirection)
165{
166 auto identity = addIdentity(Name("/ndn"));
167 auto key = identity.getDefaultKey();
168 auto cert = key.getDefaultCertificate();
169
170 util::DummyClientFace face(io, m_keyChain, {true, true});
171 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-5", "ca-storage-memory");
172 ca.setNameAssignmentFunction([&](const std::vector<std::tuple<std::string, std::string>>) -> std::vector<std::string> {
173 std::vector<std::string> result;
174 result.push_back("example");
175 return result;
176 });
177 advanceClocks(time::milliseconds(20), 60);
178
179 Interest interest("/ndn/CA/PROBE");
180 interest.setCanBePrefix(false);
181
182 Block paramTLV = makeEmptyBlock(tlv::ApplicationParameters);
183 paramTLV.push_back(makeStringBlock(tlv_parameter_key, "name"));
184 paramTLV.push_back(makeStringBlock(tlv_parameter_value, "zhiyi"));
185 paramTLV.encode();
186
187 interest.setApplicationParameters(paramTLV);
188
189 int count = 0;
190 face.onSendData.connect([&](const Data& response) {
191 count++;
192 BOOST_CHECK(security::verifySignature(response, cert));
193 Block contentBlock = response.getContent();
194 contentBlock.parse();
195
196 // Test CA sent redirections
197 BOOST_CHECK_EQUAL(true, contentBlock.get(tlv_probe_redirect).hasValue());
198 Block probeRedirect = contentBlock.get(tlv_probe_redirect);
199 probeRedirect.parse();
200 // Test the case where we have multiple probeRedirects
201 BOOST_CHECK_EQUAL(probeRedirect.elements().size(), 2)
202 for (const auto& item : probeRedirect.elements()) {
203 Name caName;
204 caName.wireDecode(item.get(tlv::Name));
205 // TODO: Checkout the format of the name
206 BOOST_CHECK_EQUAL(caName, "/ndn/example");
207 }
208 });
209 face.receive(interest);
210 advanceClocks(time::milliseconds(20), 60);
211 BOOST_CHECK_EQUAL(count, 1);
212}
213
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]214BOOST_AUTO_TEST_CASE(HandleNew)
215{
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]216 auto identity = addIdentity(Name("/ndn"));
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]217 auto key = identity.getDefaultKey();
218 auto cert = key.getDefaultCertificate();
219
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]220 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]221 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]222 advanceClocks(time::milliseconds(20), 60);
223
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]224 CaProfile item;
Suyong Won256c9062020-05-11 02:45:56 -0700[diff] [blame]225 item.m_caPrefix = Name("/ndn");
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]226 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]227 RequesterState state(m_keyChain, item, RequestType::NEW);
228 auto interest = Requester::genNewInterest(state, Name("/ndn/zhiyi"),
229 time::system_clock::now(),
230 time::system_clock::now() + time::days(1));
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]231
232 int count = 0;
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]233 face.onSendData.connect([&](const Data& response) {
234 count++;
235 BOOST_CHECK(security::verifySignature(response, cert));
236 auto contentBlock = response.getContent();
237 contentBlock.parse();
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]238
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]239 BOOST_CHECK(readString(contentBlock.get(tlv_ecdh_pub)) != "");
240 BOOST_CHECK(readString(contentBlock.get(tlv_salt)) != "");
241 BOOST_CHECK(readString(contentBlock.get(tlv_request_id)) != "");
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]242
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]243 auto challengeBlockCount = 0;
244 for (auto const& element : contentBlock.elements()) {
245 if (element.type() == tlv_challenge) {
246 challengeBlockCount++;
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]247 }
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]248 }
Suyong Won7968f7a2020-05-12 01:01:25 -0700[diff] [blame]249
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]250 BOOST_CHECK(challengeBlockCount != 0);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]251
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]252 auto challengeList = Requester::onNewRenewRevokeResponse(state, response);
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]253 auto ca_encryption_key = ca.getCaStorage()->getRequest(readString(contentBlock.get(tlv_request_id))).m_encryptionKey;
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]254 BOOST_CHECK_EQUAL_COLLECTIONS(state.m_aesKey, state.m_aesKey + sizeof(state.m_aesKey),
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]255 ca_encryption_key.value(), ca_encryption_key.value() + ca_encryption_key.value_size());
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]256 });
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]257 face.receive(*interest);
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]258
259 advanceClocks(time::milliseconds(20), 60);
260 BOOST_CHECK_EQUAL(count, 1);
261}
262
Zhiyi Zhang1a735bc2019-07-04 21:36:49 -0700[diff] [blame]263BOOST_AUTO_TEST_CASE(HandleNewWithInvalidValidityPeriod1)
264{
265 auto identity = addIdentity(Name("/ndn"));
266 auto key = identity.getDefaultKey();
267 auto cert = key.getDefaultCertificate();
268
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]269 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]270 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1");
Zhiyi Zhang1a735bc2019-07-04 21:36:49 -0700[diff] [blame]271 advanceClocks(time::milliseconds(20), 60);
272
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]273 CaProfile item;
Suyong Won256c9062020-05-11 02:45:56 -0700[diff] [blame]274 item.m_caPrefix = Name("/ndn");
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]275 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]276 RequesterState state(m_keyChain, item, RequestType::NEW);
Zhiyi Zhang1a735bc2019-07-04 21:36:49 -0700[diff] [blame]277 auto current_tp = time::system_clock::now();
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]278 auto interest1 = Requester::genNewInterest(state, Name("/ndn/zhiyi"), current_tp, current_tp - time::hours(1));
279 auto interest2 = Requester::genNewInterest(state, Name("/ndn/zhiyi"), current_tp, current_tp + time::days(361));
280 auto interest3 = Requester::genNewInterest(state, Name("/ndn/zhiyi"), current_tp - time::hours(1), current_tp + time::hours(2));
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]281 face.onSendData.connect([&](const Data& response) {
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]282 auto contentTlv = response.getContent();
283 contentTlv.parse();
284 auto errorCode = static_cast<ErrorCode>(readNonNegativeInteger(contentTlv.get(tlv_error_code)));
285 BOOST_CHECK(errorCode != ErrorCode::NO_ERROR);
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]286 });
Zhiyi Zhang1a735bc2019-07-04 21:36:49 -0700[diff] [blame]287 face.receive(*interest1);
288 face.receive(*interest2);
289 face.receive(*interest3);
290
291 advanceClocks(time::milliseconds(20), 60);
292}
293
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]294BOOST_AUTO_TEST_CASE(HandleNewWithLongSuffix)
295{
296 auto identity = addIdentity(Name("/ndn"));
297 auto key = identity.getDefaultKey();
298 auto cert = key.getDefaultCertificate();
299
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]300 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]301 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]302 advanceClocks(time::milliseconds(20), 60);
303
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]304 CaProfile item;
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]305 item.m_caPrefix = Name("/ndn");
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]306 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]307 RequesterState state(m_keyChain, item, RequestType::NEW);
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]308
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]309 auto interest1 = Requester::genNewInterest(state, Name("/ndn/a"), time::system_clock::now(),
310 time::system_clock::now() + time::days(1));
311 auto interest2 = Requester::genNewInterest(state, Name("/ndn/a/b"), time::system_clock::now(),
312 time::system_clock::now() + time::days(1));
313 auto interest3 = Requester::genNewInterest(state, Name("/ndn/a/b/c/d"), time::system_clock::now(),
314 time::system_clock::now() + time::days(1));
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]315
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]316 face.onSendData.connect([&](const Data& response) {
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]317 auto contentTlv = response.getContent();
318 contentTlv.parse();
319 if (interest3->getName().isPrefixOf(response.getName())) {
320 auto errorCode = static_cast<ErrorCode>(readNonNegativeInteger(contentTlv.get(tlv_error_code)));
321 BOOST_CHECK(errorCode != ErrorCode::NO_ERROR);
322 }
323 else {
324 // should successfully get responses
325 BOOST_CHECK_EXCEPTION(readNonNegativeInteger(contentTlv.get(tlv_error_code)), std::runtime_error,
326 [](const auto& e) { return true; });
327 }
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]328 });
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]329 face.receive(*interest1);
330 face.receive(*interest2);
331 face.receive(*interest3);
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]332 advanceClocks(time::milliseconds(20), 60);
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]333}
334
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]335BOOST_AUTO_TEST_CASE(HandleNewWithInvalidLength1)
336{
337 auto identity = addIdentity(Name("/ndn"));
338 auto key = identity.getDefaultKey();
339 auto cert = key.getDefaultCertificate();
340
341 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]342 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1");
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]343 advanceClocks(time::milliseconds(20), 60);
344
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]345 CaProfile item;
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]346 item.m_caPrefix = Name("/ndn");
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]347 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]348 RequesterState state(m_keyChain, item, RequestType::NEW);
349
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]350 auto current_tp = time::system_clock::now();
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]351 auto interest1 = Requester::genNewInterest(state, Name("/ndn"), current_tp, current_tp + time::days(1));
352 auto interest2 = Requester::genNewInterest(state, Name("/ndn/a/b/c/d"), current_tp, current_tp + time::days(1));
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]353 face.onSendData.connect([&](const Data& response) {
Zhiyi Zhang01e91a32020-09-29 12:10:00 -0700[diff] [blame]354 auto contentTlv = response.getContent();
355 contentTlv.parse();
356 auto errorCode = static_cast<ErrorCode>(readNonNegativeInteger(contentTlv.get(tlv_error_code)));
357 BOOST_CHECK(errorCode != ErrorCode::NO_ERROR);
tylerliu0b6d0db2020-09-28 17:52:02 -0700[diff] [blame]358 });
359 face.receive(*interest1);
360 face.receive(*interest2);
361
362 advanceClocks(time::milliseconds(20), 60);
363}
364
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]365BOOST_AUTO_TEST_CASE(HandleChallenge)
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]366{
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]367 auto identity = addIdentity(Name("/ndn"));
368 auto key = identity.getDefaultKey();
369 auto cert = key.getDefaultCertificate();
370
Zhiyi Zhang22998612020-09-25 14:43:23 -0700[diff] [blame]371 util::DummyClientFace face(io, m_keyChain, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]372 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]373 advanceClocks(time::milliseconds(20), 60);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]374
375 // generate NEW Interest
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]376 CaProfile item;
Suyong Won256c9062020-05-11 02:45:56 -0700[diff] [blame]377 item.m_caPrefix = Name("/ndn");
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]378 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]379 RequesterState state(m_keyChain, item, RequestType::NEW);
380
381 auto newInterest = Requester::genNewInterest(state, Name("/ndn/zhiyi"), time::system_clock::now(),
382 time::system_clock::now() + time::days(1));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]383
384 // generate CHALLENGE Interest
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]385 shared_ptr<Interest> challengeInterest = nullptr;
386 shared_ptr<Interest> challengeInterest2 = nullptr;
387 shared_ptr<Interest> challengeInterest3 = nullptr;
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]388
389 int count = 0;
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]390 face.onSendData.connect([&](const Data& response) {
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]391 if (Name("/ndn/CA/NEW").isPrefixOf(response.getName())) {
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]392 auto challengeList = Requester::onNewRenewRevokeResponse(state, response);
393 auto paramList = Requester::selectOrContinueChallenge(state, "pin");
394 challengeInterest = Requester::genChallengeInterest(state, std::move(paramList));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]395 }
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]396 else if (Name("/ndn/CA/CHALLENGE").isPrefixOf(response.getName()) && count == 0) {
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]397 count++;
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]398 BOOST_CHECK(security::verifySignature(response, cert));
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]399
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]400 Requester::onChallengeResponse(state, response);
401 BOOST_CHECK(state.m_status == Status::CHALLENGE);
402 BOOST_CHECK_EQUAL(state.m_challengeStatus, ChallengePin::NEED_CODE);
403 auto paramList = Requester::selectOrContinueChallenge(state, "pin");
404 challengeInterest2 = Requester::genChallengeInterest(state, std::move(paramList));
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]405 }
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]406 else if (Name("/ndn/CA/CHALLENGE").isPrefixOf(response.getName()) && count == 1) {
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]407 count++;
408 BOOST_CHECK(security::verifySignature(response, cert));
409
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]410 Requester::onChallengeResponse(state, response);
411 BOOST_CHECK(state.m_status == Status::CHALLENGE);
412 BOOST_CHECK_EQUAL(state.m_challengeStatus, ChallengePin::WRONG_CODE);
Davide Pesavento914d05f2019-07-13 16:20:19 -0400[diff] [blame]413
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]414 auto paramList = Requester::selectOrContinueChallenge(state, "pin");
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]415 auto request = ca.getCertificateRequest(*challengeInterest2);
Zhiyi Zhanga749f442020-09-29 17:19:51 -0700[diff] [blame]416 auto secret = request.m_challengeState->m_secrets.get(ChallengePin::PARAMETER_KEY_CODE, "");
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]417 std::get<1>(paramList[0]) = secret;
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]418 challengeInterest3 = Requester::genChallengeInterest(state, std::move(paramList));
419 std::cout << "CHALLENGE Interest Size: " << challengeInterest3->wireEncode().size() << std::endl;
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]420 }
swa770de007bc2020-03-24 21:26:21 -0700[diff] [blame]421 else if (Name("/ndn/CA/CHALLENGE").isPrefixOf(response.getName()) && count == 2) {
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]422 count++;
423 BOOST_CHECK(security::verifySignature(response, cert));
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]424 Requester::onChallengeResponse(state, response);
425 BOOST_CHECK(state.m_status == Status::SUCCESS);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]426 }
Davide Pesavento914d05f2019-07-13 16:20:19 -0400[diff] [blame]427 });
428
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]429 face.receive(*newInterest);
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]430 advanceClocks(time::milliseconds(20), 60);
Zhiyi Zhangaf7c2902019-03-14 22:13:21 -0700[diff] [blame]431 face.receive(*challengeInterest);
432 advanceClocks(time::milliseconds(20), 60);
433 face.receive(*challengeInterest2);
434 advanceClocks(time::milliseconds(20), 60);
435 face.receive(*challengeInterest3);
436 advanceClocks(time::milliseconds(20), 60);
437 BOOST_CHECK_EQUAL(count, 3);
Zhiyi Zhang1c0bd372017-12-18 18:32:55 +0800[diff] [blame]438}
439
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]440BOOST_AUTO_TEST_CASE(HandleRevoke)
441{
442 auto identity = addIdentity(Name("/ndn"));
443 auto key = identity.getDefaultKey();
444 auto cert = key.getDefaultCertificate();
445
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]446 util::DummyClientFace face(io, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]447 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]448 advanceClocks(time::milliseconds(20), 60);
449
450 //generate a certificate
451 auto clientIdentity = m_keyChain.createIdentity("/ndn/qwerty");
452 auto clientKey = clientIdentity.getDefaultKey();
453 security::v2::Certificate clientCert;
454 clientCert.setName(Name(clientKey.getName()).append("cert-request").appendVersion());
455 clientCert.setContentType(tlv::ContentType_Key);
456 clientCert.setFreshnessPeriod(time::hours(24));
457 clientCert.setContent(clientKey.getPublicKey().data(), clientKey.getPublicKey().size());
458 SignatureInfo signatureInfo;
459 signatureInfo.setValidityPeriod(security::ValidityPeriod(time::system_clock::now(),
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]460 time::system_clock::now() + time::hours(10)));
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]461 m_keyChain.sign(clientCert, signingByKey(clientKey.getName()).setSignatureInfo(signatureInfo));
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]462 RequestState certRequest(Name("/ndn"), "122", RequestType::NEW, Status::SUCCESS, clientCert, makeEmptyBlock(tlv::ContentType_Key));
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]463 auto issuedCert = ca.issueCertificate(certRequest);
464
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]465 CaProfile item;
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]466 item.m_caPrefix = Name("/ndn");
467 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]468 RequesterState state(m_keyChain, item, RequestType::REVOKE);
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]469
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]470 auto interest = Requester::genRevokeInterest(state, issuedCert);
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]471
472 int count = 0;
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]473 face.onSendData.connect([&](const Data& response) {
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]474 count++;
475 BOOST_CHECK(security::verifySignature(response, cert));
476 auto contentBlock = response.getContent();
477 contentBlock.parse();
478
479 BOOST_CHECK(readString(contentBlock.get(tlv_ecdh_pub)) != "");
480 BOOST_CHECK(readString(contentBlock.get(tlv_salt)) != "");
481 BOOST_CHECK(readString(contentBlock.get(tlv_request_id)) != "");
482
483 auto challengeBlockCount = 0;
484 for (auto const& element : contentBlock.elements()) {
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]485 if (element.type() == tlv_challenge) {
486 challengeBlockCount++;
487 }
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]488 }
489
490 BOOST_CHECK(challengeBlockCount != 0);
491
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]492 auto challengeList = Requester::onNewRenewRevokeResponse(state, response);
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]493 auto ca_encryption_key = ca.getCaStorage()->getRequest(readString(contentBlock.get(tlv_request_id))).m_encryptionKey;
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]494 BOOST_CHECK_EQUAL_COLLECTIONS(state.m_aesKey, state.m_aesKey + sizeof(state.m_aesKey),
tylerliu8e170d62020-09-30 01:31:53 -0700[diff] [blame]495 ca_encryption_key.value(), ca_encryption_key.value() + ca_encryption_key.value_size());
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]496 });
497 face.receive(*interest);
498
499 advanceClocks(time::milliseconds(20), 60);
500 BOOST_CHECK_EQUAL(count, 1);
501}
502
503BOOST_AUTO_TEST_CASE(HandleRevokeWithBadCert)
504{
505 auto identity = addIdentity(Name("/ndn"));
506 auto key = identity.getDefaultKey();
507 auto cert = key.getDefaultCertificate();
508
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]509 util::DummyClientFace face(io, {true, true});
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]510 CaModule ca(face, m_keyChain, "tests/unit-tests/config-files/config-ca-1", "ca-storage-memory");
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]511 advanceClocks(time::milliseconds(20), 60);
512
Zhiyi Zhang3e8ca252020-09-30 17:18:38 -0700[diff] [blame]513 // generate a certificate
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]514 auto clientIdentity = m_keyChain.createIdentity("/ndn/qwerty");
515 auto clientKey = clientIdentity.getDefaultKey();
516 security::v2::Certificate clientCert;
517 clientCert.setName(Name(clientKey.getName()).append("NDNCERT").append(std::to_string(1473283247810732701)));
518 clientCert.setContentType(tlv::ContentType_Key);
519 clientCert.setFreshnessPeriod(time::hours(24));
520 clientCert.setContent(clientKey.getPublicKey().data(), clientKey.getPublicKey().size());
521 SignatureInfo signatureInfo;
522 signatureInfo.setValidityPeriod(security::ValidityPeriod(time::system_clock::now(),
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]523 time::system_clock::now() + time::hours(10)));
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]524 m_keyChain.sign(clientCert, signingByKey(clientKey.getName()).setSignatureInfo(signatureInfo));
525
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]526 CaProfile item;
Zhiyi Zhang9829da92020-09-30 16:19:34 -0700[diff] [blame]527 item.m_caPrefix = Name("/ndn");
528 item.m_cert = std::make_shared<security::v2::Certificate>(cert);
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]529 RequesterState state(m_keyChain, item, RequestType::NEW);
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]530
Zhiyi Zhang1d3dcd22020-10-01 22:25:43 -0700[diff] [blame]531 auto interest = Requester::genRevokeInterest(state, clientCert);
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]532
Zhiyi Zhang3e8ca252020-09-30 17:18:38 -0700[diff] [blame]533 bool receiveData = false;
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]534 face.onSendData.connect([&](const Data& response) {
Zhiyi Zhang3e8ca252020-09-30 17:18:38 -0700[diff] [blame]535 receiveData = true;
536 auto contentTlv = response.getContent();
537 contentTlv.parse();
538 BOOST_CHECK(static_cast<ErrorCode>(readNonNegativeInteger(contentTlv.get(tlv_error_code))) != ErrorCode::NO_ERROR);
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]539 });
540 face.receive(*interest);
541
542 advanceClocks(time::milliseconds(20), 60);
Zhiyi Zhang3e8ca252020-09-30 17:18:38 -0700[diff] [blame]543 BOOST_CHECK_EQUAL(receiveData, true);
tylerliu182bc532020-09-25 01:54:45 -0700[diff] [blame]544}
545
Zhiyi Zhang46049832020-09-28 17:08:12 -0700[diff] [blame]546BOOST_AUTO_TEST_SUITE_END() // TestCaModule
Zhiyi Zhangf5246c42017-01-26 09:39:20 -0800[diff] [blame]547
Zhiyi Zhangfc1678a2020-05-12 16:52:14 -0700[diff] [blame]548} // namespace tests
549} // namespace ndncert
550} // namespace ndn