summaryrefslogtreecommitdiffstats
path: root/libtransport/src/test/test_auth.cc
diff options
context:
space:
mode:
Diffstat (limited to 'libtransport/src/test/test_auth.cc')
-rw-r--r--libtransport/src/test/test_auth.cc110
1 files changed, 110 insertions, 0 deletions
diff --git a/libtransport/src/test/test_auth.cc b/libtransport/src/test/test_auth.cc
new file mode 100644
index 000000000..976981cce
--- /dev/null
+++ b/libtransport/src/test/test_auth.cc
@@ -0,0 +1,110 @@
+/*
+ * Copyright (c) 2021 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <gtest/gtest.h>
+#include <hicn/transport/auth/crypto_hash_type.h>
+#include <hicn/transport/auth/identity.h>
+#include <hicn/transport/auth/signer.h>
+#include <hicn/transport/auth/verifier.h>
+#include <hicn/transport/core/content_object.h>
+
+namespace transport {
+namespace auth {
+
+namespace {
+class AuthTest : public ::testing::Test {
+ protected:
+ const std::string PASSPHRASE = "hunter2";
+
+ AuthTest() = default;
+ ~AuthTest() {}
+ void SetUp() override {}
+ void TearDown() override {}
+};
+} // namespace
+
+TEST_F(AuthTest, VoidVerifier) {
+ // Create a content object
+ core::ContentObject packet(HF_INET6_TCP_AH);
+
+ // Fill it with bogus data
+ uint8_t buffer[256] = {0};
+ packet.appendPayload(buffer, 256);
+
+ // Verify that VoidVerifier validates the packet
+ std::shared_ptr<Verifier> verifier = std::make_shared<VoidVerifier>();
+ ASSERT_EQ(verifier->verifyPacket(&packet), true);
+ ASSERT_EQ(verifier->verifyPackets(&packet), VerificationPolicy::ACCEPT);
+}
+
+TEST_F(AuthTest, RSAVerifier) {
+ // Create the RSA signer from an Identity object
+ Identity identity("test_rsa.p12", PASSPHRASE, CryptoSuite::RSA_SHA256, 1024u,
+ 30, "RSAVerifier");
+ std::shared_ptr<Signer> signer = identity.getSigner();
+
+ // Create a content object
+ core::ContentObject packet(HF_INET6_TCP_AH, signer->getSignatureSize());
+
+ // Fill it with bogus data
+ uint8_t buffer[256] = {0};
+ packet.appendPayload(buffer, 256);
+
+ // Sign the packet
+ signer->signPacket(&packet);
+
+ // Create the RSA verifier
+ PARCKey *key = parcSigner_CreatePublicKey(signer->getParcSigner());
+ std::shared_ptr<Verifier> verifier =
+ std::make_shared<AsymmetricVerifier>(key);
+
+ ASSERT_EQ(packet.getFormat(), HF_INET6_TCP_AH);
+ ASSERT_EQ(signer->getCryptoHashType(), CryptoHashType::SHA_256);
+ ASSERT_EQ(signer->getCryptoSuite(), CryptoSuite::RSA_SHA256);
+ ASSERT_EQ(signer->getSignatureSize(), 128u);
+ ASSERT_EQ(verifier->verifyPackets(&packet), VerificationPolicy::ACCEPT);
+
+ // Release PARC objects
+ parcKey_Release(&key);
+}
+
+TEST_F(AuthTest, HMACVerifier) {
+ // Create the HMAC signer from a passphrase
+ std::shared_ptr<Signer> signer =
+ std::make_shared<SymmetricSigner>(CryptoSuite::HMAC_SHA256, PASSPHRASE);
+
+ // Create a content object
+ core::ContentObject packet(HF_INET6_TCP_AH, signer->getSignatureSize());
+
+ // Fill it with bogus data
+ uint8_t buffer[256] = {0};
+ packet.appendPayload(buffer, 256);
+
+ // Sign the packet
+ signer->signPacket(&packet);
+
+ // Create the HMAC verifier
+ std::shared_ptr<Verifier> verifier =
+ std::make_shared<SymmetricVerifier>(PASSPHRASE);
+
+ ASSERT_EQ(packet.getFormat(), HF_INET6_TCP_AH);
+ ASSERT_EQ(signer->getCryptoHashType(), CryptoHashType::SHA_256);
+ ASSERT_EQ(signer->getCryptoSuite(), CryptoSuite::HMAC_SHA256);
+ ASSERT_EQ(signer->getSignatureSize(), 32u);
+ ASSERT_EQ(verifier->verifyPackets(&packet), VerificationPolicy::ACCEPT);
+}
+
+} // namespace auth
+} // namespace transport