Gitiles
Code Review Sign In
gerrit.named-data.net / ndns / 2a3bb8485f7f59857e83a4caf7654389ec25a007 / . / tests / unit / validator / validator.cpp
blob: c9ac64485f4d2200d0583af755801b5f4a4af3f6 [file] [log] [blame]
Shock Jiang0b165f42014-10-24 09:08:09 -0700[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Yumin Xia2c509c22017-02-09 14:37:36 -0800[diff] [blame]2/*
Davide Pesavento2a3bb842019-03-22 17:39:29 -0400[diff] [blame^]3 * Copyright (c) 2014-2019, Regents of the University of California.
Shock Jiang0b165f42014-10-24 09:08:09 -0700[diff] [blame]4 *
5 * This file is part of NDNS (Named Data Networking Domain Name Service).
6 * See AUTHORS.md for complete list of NDNS authors and contributors.
7 *
8 * NDNS is free software: you can redistribute it and/or modify it under the terms
9 * of the GNU General Public License as published by the Free Software Foundation,
10 * either version 3 of the License, or (at your option) any later version.
11 *
12 * NDNS is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
13 * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
14 * PURPOSE. See the GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License along with
17 * NDNS, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
18 */
19
Yumin Xia99c821a2017-04-07 11:01:08 -0700[diff] [blame]20#include "validator/validator.hpp"
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]21#include "ndns-label.hpp"
22#include "util/cert-helper.hpp"
23#include "daemon/name-server.hpp"
Alexander Afanasyevfde570c2016-12-19 16:02:55 -0800[diff] [blame]24
25#include "test-common.hpp"
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]26#include "unit/database-test-data.hpp"
Yumin Xia2c509c22017-02-09 14:37:36 -0800[diff] [blame]27
Shock Jiang0b165f42014-10-24 09:08:09 -0700[diff] [blame]28namespace ndn {
29namespace ndns {
30namespace tests {
Alexander Afanasyevc7c99002015-10-09 17:27:30 -0700[diff] [blame]31
Shock Jiang0b165f42014-10-24 09:08:09 -0700[diff] [blame]32BOOST_AUTO_TEST_SUITE(Validator)
33
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]34class ValidatorTestFixture : public DbTestData
Shock Jiang0b165f42014-10-24 09:08:09 -0700[diff] [blame]35{
36public:
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]37 ValidatorTestFixture()
Davide Pesavento2a3bb842019-03-22 17:39:29 -0400[diff] [blame^]38 : m_validatorFace(m_io, m_keyChain, {true, true})
39 , m_validator(NdnsValidatorBuilder::create(m_validatorFace, 500, 0,
40 TEST_CONFIG_PATH "/validator.conf"))
Shock Jiang0b165f42014-10-24 09:08:09 -0700[diff] [blame]41 {
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]42 // generate a random cert
43 // check how does name-server test do
Davide Pesavento2a3bb842019-03-22 17:39:29 -0400[diff] [blame^]44 // initialize all servers
45 auto addServer = [this] (const Name& zoneName) {
46 m_serverFaces.push_back(make_unique<util::DummyClientFace>(m_io, m_keyChain,
47 util::DummyClientFace::Options{true, true}));
48 m_serverFaces.back()->linkTo(m_validatorFace);
49
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]50 // validator is used only for check update signature
51 // no updates tested here, so validator will not be used
52 // passing m_validator is only for construct server
53 Name certName = CertHelper::getDefaultCertificateNameOfIdentity(m_keyChain,
54 Name(zoneName).append("NDNS"));
Davide Pesavento2a3bb842019-03-22 17:39:29 -0400[diff] [blame^]55 auto server = make_shared<NameServer>(zoneName, certName, *m_serverFaces.back(),
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]56 m_session, m_keyChain, *m_validator);
Davide Pesavento2a3bb842019-03-22 17:39:29 -0400[diff] [blame^]57 m_servers.push_back(std::move(server));
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]58 };
59 addServer(m_testName);
60 addServer(m_netName);
61 addServer(m_ndnsimName);
Davide Pesavento2a3bb842019-03-22 17:39:29 -0400[diff] [blame^]62
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]63 m_ndnsimCert = CertHelper::getDefaultCertificateNameOfIdentity(m_keyChain,
Davide Pesavento2a3bb842019-03-22 17:39:29 -0400[diff] [blame^]64 Name(m_ndnsimName).append("NDNS"));
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]65 m_randomCert = m_keyChain.createIdentity("/random/identity").getDefaultKey()
Davide Pesavento2a3bb842019-03-22 17:39:29 -0400[diff] [blame^]66 .getDefaultCertificate().getName();
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]67 advanceClocks(time::milliseconds(10), 1);
Shock Jiang0b165f42014-10-24 09:08:09 -0700[diff] [blame]68 }
69
Shock Jiang0b165f42014-10-24 09:08:09 -0700[diff] [blame]70public:
Davide Pesavento2a3bb842019-03-22 17:39:29 -0400[diff] [blame^]71 util::DummyClientFace m_validatorFace;
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]72 unique_ptr<security::v2::Validator> m_validator;
Davide Pesavento2a3bb842019-03-22 17:39:29 -0400[diff] [blame^]73 std::vector<unique_ptr<util::DummyClientFace>> m_serverFaces;
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]74 std::vector<shared_ptr<ndns::NameServer>> m_servers;
75 Name m_ndnsimCert;
76 Name m_randomCert;
Shock Jiang0b165f42014-10-24 09:08:09 -0700[diff] [blame]77};
78
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]79BOOST_FIXTURE_TEST_CASE(Basic, ValidatorTestFixture)
Shock Jiang0b165f42014-10-24 09:08:09 -0700[diff] [blame]80{
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]81 SignatureInfo info;
82 info.setValidityPeriod(security::ValidityPeriod(time::system_clock::TimePoint::min(),
83 time::system_clock::now() + time::days(10)));
Shock Jiang0b165f42014-10-24 09:08:09 -0700[diff] [blame]84
Yumin Xia2c509c22017-02-09 14:37:36 -0800[diff] [blame]85 // case1: record of testId3, signed by its dsk, should be successful validated.
Alexander Afanasyevfde570c2016-12-19 16:02:55 -0800[diff] [blame]86 Name dataName;
87 dataName
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]88 .append(m_ndnsimName)
Alexander Afanasyevfde570c2016-12-19 16:02:55 -0800[diff] [blame]89 .append("NDNS")
Shock Jiang0b165f42014-10-24 09:08:09 -0700[diff] [blame]90 .append("rrLabel")
91 .append("rrType")
92 .appendVersion();
93 shared_ptr<Data> data = make_shared<Data>(dataName);
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]94 m_keyChain.sign(*data, signingByCertificate(m_ndnsimCert).setSignatureInfo(info));
Shock Jiang0b165f42014-10-24 09:08:09 -0700[diff] [blame]95
96 bool hasValidated = false;
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]97 m_validator->validate(*data,
98 [&] (const Data& data) {
99 hasValidated = true;
100 BOOST_CHECK(true);
101 },
102 [&] (const Data& data, const security::v2::ValidationError& str) {
103 hasValidated = true;
104 BOOST_CHECK(false);
105 });
Shock Jiang0b165f42014-10-24 09:08:09 -0700[diff] [blame]106
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]107 advanceClocks(time::seconds(3), 100);
108 // m_io.run();
Shock Jiang0b165f42014-10-24 09:08:09 -0700[diff] [blame]109 BOOST_CHECK_EQUAL(hasValidated, true);
110
Yumin Xia2c509c22017-02-09 14:37:36 -0800[diff] [blame]111 // case2: signing testId2's data by testId3's key, which should failed in validation
Alexander Afanasyevfde570c2016-12-19 16:02:55 -0800[diff] [blame]112 dataName = Name();
113 dataName
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]114 .append(m_netName)
Yumin Xia2c509c22017-02-09 14:37:36 -0800[diff] [blame]115 .append("NDNS")
Shock Jiang0b165f42014-10-24 09:08:09 -0700[diff] [blame]116 .append("rrLabel")
Yumin Xia2c509c22017-02-09 14:37:36 -0800[diff] [blame]117 .append("CERT")
Shock Jiang0b165f42014-10-24 09:08:09 -0700[diff] [blame]118 .appendVersion();
119 data = make_shared<Data>(dataName);
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]120 m_keyChain.sign(*data, signingByCertificate(m_ndnsimCert)); // key's owner's name is longer than data owner's
Shock Jiang0b165f42014-10-24 09:08:09 -0700[diff] [blame]121
122 hasValidated = false;
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]123 m_validator->validate(*data,
124 [&] (const Data& data) {
125 hasValidated = true;
126 BOOST_CHECK(false);
127 },
128 [&] (const Data& data, const security::v2::ValidationError& str) {
129 hasValidated = true;
130 BOOST_CHECK(true);
131 });
Shock Jiang0b165f42014-10-24 09:08:09 -0700[diff] [blame]132
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]133 advanceClocks(time::seconds(3), 100);
Shock Jiang0b165f42014-10-24 09:08:09 -0700[diff] [blame]134 // cannot pass verification due to key's owner's name is longer than data owner's
135 BOOST_CHECK_EQUAL(hasValidated, true);
136
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]137 // case3: totally wrong key to sign
Alexander Afanasyevfde570c2016-12-19 16:02:55 -0800[diff] [blame]138 dataName = Name();
139 dataName
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]140 .append(m_ndnsimName)
Yumin Xia918343d2017-03-17 19:04:55 -0700[diff] [blame]141 .append("NDNS")
Shock Jiang0b165f42014-10-24 09:08:09 -0700[diff] [blame]142 .append("rrLabel")
Yumin Xia2c509c22017-02-09 14:37:36 -0800[diff] [blame]143 .append("CERT")
Shock Jiang0b165f42014-10-24 09:08:09 -0700[diff] [blame]144 .appendVersion();
145 data = make_shared<Data>(dataName);
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]146 m_keyChain.sign(*data, signingByCertificate(m_randomCert));
Shock Jiang0b165f42014-10-24 09:08:09 -0700[diff] [blame]147
148 hasValidated = false;
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]149 m_validator->validate(*data,
150 [&] (const Data& data) {
151 hasValidated = true;
152 BOOST_CHECK(false);
153 },
154 [&] (const Data& data, const security::v2::ValidationError& str) {
155 hasValidated = true;
156 BOOST_CHECK(true);
157 });
Shock Jiang0b165f42014-10-24 09:08:09 -0700[diff] [blame]158
Yumin Xiafa2bce72017-04-09 16:20:25 -0700[diff] [blame]159 advanceClocks(time::seconds(3), 100);
Shock Jiang0b165f42014-10-24 09:08:09 -0700[diff] [blame]160 // cannot pass due to a totally mismatched key
161 BOOST_CHECK_EQUAL(hasValidated, true);
162}
163
164BOOST_AUTO_TEST_SUITE_END()
165
166} // namespace tests
167} // namespace ndns
168} // namespace ndn