diff options
Diffstat (limited to 'libtransport/src/test/test_auth.cc')
| -rw-r--r-- | libtransport/src/test/test_auth.cc | 110 |
1 files changed, 110 insertions, 0 deletions
diff --git a/libtransport/src/test/test_auth.cc b/libtransport/src/test/test_auth.cc new file mode 100644 index 000000000..976981cce --- /dev/null +++ b/libtransport/src/test/test_auth.cc @@ -0,0 +1,110 @@ +/* + * Copyright (c) 2021 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <gtest/gtest.h> +#include <hicn/transport/auth/crypto_hash_type.h> +#include <hicn/transport/auth/identity.h> +#include <hicn/transport/auth/signer.h> +#include <hicn/transport/auth/verifier.h> +#include <hicn/transport/core/content_object.h> + +namespace transport { +namespace auth { + +namespace { +class AuthTest : public ::testing::Test { + protected: + const std::string PASSPHRASE = "hunter2"; + + AuthTest() = default; + ~AuthTest() {} + void SetUp() override {} + void TearDown() override {} +}; +} // namespace + +TEST_F(AuthTest, VoidVerifier) { + // Create a content object + core::ContentObject packet(HF_INET6_TCP_AH); + + // Fill it with bogus data + uint8_t buffer[256] = {0}; + packet.appendPayload(buffer, 256); + + // Verify that VoidVerifier validates the packet + std::shared_ptr<Verifier> verifier = std::make_shared<VoidVerifier>(); + ASSERT_EQ(verifier->verifyPacket(&packet), true); + ASSERT_EQ(verifier->verifyPackets(&packet), VerificationPolicy::ACCEPT); +} + +TEST_F(AuthTest, RSAVerifier) { + // Create the RSA signer from an Identity object + Identity identity("test_rsa.p12", PASSPHRASE, CryptoSuite::RSA_SHA256, 1024u, + 30, "RSAVerifier"); + std::shared_ptr<Signer> signer = identity.getSigner(); + + // Create a content object + core::ContentObject packet(HF_INET6_TCP_AH, signer->getSignatureSize()); + + // Fill it with bogus data + uint8_t buffer[256] = {0}; + packet.appendPayload(buffer, 256); + + // Sign the packet + signer->signPacket(&packet); + + // Create the RSA verifier + PARCKey *key = parcSigner_CreatePublicKey(signer->getParcSigner()); + std::shared_ptr<Verifier> verifier = + std::make_shared<AsymmetricVerifier>(key); + + ASSERT_EQ(packet.getFormat(), HF_INET6_TCP_AH); + ASSERT_EQ(signer->getCryptoHashType(), CryptoHashType::SHA_256); + ASSERT_EQ(signer->getCryptoSuite(), CryptoSuite::RSA_SHA256); + ASSERT_EQ(signer->getSignatureSize(), 128u); + ASSERT_EQ(verifier->verifyPackets(&packet), VerificationPolicy::ACCEPT); + + // Release PARC objects + parcKey_Release(&key); +} + +TEST_F(AuthTest, HMACVerifier) { + // Create the HMAC signer from a passphrase + std::shared_ptr<Signer> signer = + std::make_shared<SymmetricSigner>(CryptoSuite::HMAC_SHA256, PASSPHRASE); + + // Create a content object + core::ContentObject packet(HF_INET6_TCP_AH, signer->getSignatureSize()); + + // Fill it with bogus data + uint8_t buffer[256] = {0}; + packet.appendPayload(buffer, 256); + + // Sign the packet + signer->signPacket(&packet); + + // Create the HMAC verifier + std::shared_ptr<Verifier> verifier = + std::make_shared<SymmetricVerifier>(PASSPHRASE); + + ASSERT_EQ(packet.getFormat(), HF_INET6_TCP_AH); + ASSERT_EQ(signer->getCryptoHashType(), CryptoHashType::SHA_256); + ASSERT_EQ(signer->getCryptoSuite(), CryptoSuite::HMAC_SHA256); + ASSERT_EQ(signer->getSignatureSize(), 32u); + ASSERT_EQ(verifier->verifyPackets(&packet), VerificationPolicy::ACCEPT); +} + +} // namespace auth +} // namespace transport |