Gitiles
Code Review Sign In
review.jami.net / dhtnet / 061ead604369bc9f3420d38549c3c5c85687b242 / . / tests / certstore.cpp
blob: 9f4fc81db2db8c157e5627e14c325fa327505de8 [file] [log] [blame]
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]1/*
2 * Copyright (C) 2004-2023 Savoir-faire Linux Inc.
3 *
Adrien Béraudcb753622023-07-17 22:32:49 -0400[diff] [blame]4 * This program is free software: you can redistribute it and/or modify
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]5 * it under the terms of the GNU General Public License as published by
Adrien Béraudcb753622023-07-17 22:32:49 -0400[diff] [blame]6 * the Free Software Foundation, either version 3 of the License, or
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]7 * (at your option) any later version.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
Adrien Béraudcb753622023-07-17 22:32:49 -0400[diff] [blame]11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
Adrien Béraudcb753622023-07-17 22:32:49 -0400[diff] [blame]15 * along with this program. If not, see <https://www.gnu.org/licenses/>.
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]16 */
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]17#include <cppunit/TestAssert.h>
18#include <cppunit/TestFixture.h>
19#include <cppunit/extensions/HelperMacros.h>
20
21#include "test_runner.h"
22#include "certstore.h"
23
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]24namespace dhtnet {
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]25namespace test {
26
27class CertStoreTest : public CppUnit::TestFixture
28{
29public:
30 CertStoreTest()
31 {
32 }
33 ~CertStoreTest() { }
34 static std::string name() { return "certstore"; }
35 void setUp();
36 void tearDown();
37
38 std::string aliceId;
39 std::string bobId;
40
41private:
42 void trustStoreTest();
43 void getCertificateWithSplitted();
Sébastien Blin57928252023-08-08 14:22:03 -0400[diff] [blame]44 void testBannedParent();
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]45
46 CPPUNIT_TEST_SUITE(CertStoreTest);
47 CPPUNIT_TEST(trustStoreTest);
48 CPPUNIT_TEST(getCertificateWithSplitted);
Sébastien Blin57928252023-08-08 14:22:03 -0400[diff] [blame]49 CPPUNIT_TEST(testBannedParent);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]50 CPPUNIT_TEST_SUITE_END();
51};
52
53CPPUNIT_TEST_SUITE_NAMED_REGISTRATION(CertStoreTest, CertStoreTest::name());
54
55void
56CertStoreTest::setUp()
57{
58 /*auto actors = load_actors_and_wait_for_announcement("actors/alice-bob.yml");
59 aliceId = actors["alice"];
60 bobId = actors["bob"];*/
61}
62
63void
64CertStoreTest::tearDown()
65{
66 //wait_for_removal_of({aliceId, bobId});
67}
68
69void
70CertStoreTest::trustStoreTest()
71{
72 //auto aliceAccount = Manager::instance().getAccount<JamiAccount>(aliceId);
73
74 auto ca = dht::crypto::generateIdentity("test CA");
75 auto account = dht::crypto::generateIdentity("test account", ca, 4096, true);
76 auto device = dht::crypto::generateIdentity("test device", account);
77 auto device2 = dht::crypto::generateIdentity("test device 2", account);
78 /*auto storeSize = aliceAccount->certStore().getPinnedCertificates().size();
79 auto id = ca.second->getId().toString();
80 auto pinned = aliceAccount->certStore().getPinnedCertificates();
81 CPPUNIT_ASSERT(std::find_if(pinned.begin(), pinned.end(), [&](auto v) { return v == id; })
82 == pinned.end());
83
84 // Test certificate status
85 auto certAllowed = aliceAccount->accountManager()->getCertificatesByStatus(
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]86 dhtnet::tls::TrustStore::PermissionStatus::ALLOWED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]87 CPPUNIT_ASSERT(
88 std::find_if(certAllowed.begin(), certAllowed.end(), [&](auto v) { return v == id; })
89 == certAllowed.end());
90 CPPUNIT_ASSERT(aliceAccount->accountManager()->getCertificateStatus(id)
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]91 == dhtnet::tls::TrustStore::PermissionStatus::UNDEFINED);
92 aliceAccount->setCertificateStatus(ca.second, dhtnet::tls::TrustStore::PermissionStatus::ALLOWED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]93 certAllowed = aliceAccount->accountManager()->getCertificatesByStatus(
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]94 dhtnet::tls::TrustStore::PermissionStatus::ALLOWED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]95 CPPUNIT_ASSERT(
96 std::find_if(certAllowed.begin(), certAllowed.end(), [&](auto v) { return v == id; })
97 != certAllowed.end());
98 CPPUNIT_ASSERT(aliceAccount->accountManager()->getCertificateStatus(id)
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]99 == dhtnet::tls::TrustStore::PermissionStatus::ALLOWED);
100 aliceAccount->setCertificateStatus(ca.second, dhtnet::tls::TrustStore::PermissionStatus::UNDEFINED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]101 CPPUNIT_ASSERT(aliceAccount->accountManager()->getCertificateStatus(id)
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]102 == dhtnet::tls::TrustStore::PermissionStatus::UNDEFINED);
103 aliceAccount->setCertificateStatus(ca.second, dhtnet::tls::TrustStore::PermissionStatus::ALLOWED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]104 CPPUNIT_ASSERT(aliceAccount->accountManager()->getCertificateStatus(id)
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]105 == dhtnet::tls::TrustStore::PermissionStatus::ALLOWED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]106
107 // Test getPinnedCertificates
108 pinned = aliceAccount->certStore().getPinnedCertificates();
109 CPPUNIT_ASSERT(pinned.size() == storeSize + 2);
110 CPPUNIT_ASSERT(std::find_if(pinned.begin(), pinned.end(), [&](auto v) { return v == id; })
111 != pinned.end());
112
113 // Test findCertificateByUID & findIssuer
114 CPPUNIT_ASSERT(!aliceAccount->certStore().findCertificateByUID("NON_EXISTING_ID"));
115 auto cert = aliceAccount->certStore().findCertificateByUID(id);
116 CPPUNIT_ASSERT(cert);
117 auto issuer = aliceAccount->certStore().findIssuer(cert);
118 CPPUNIT_ASSERT(issuer);
119 CPPUNIT_ASSERT(issuer->getId().toString() == id);
120
121 // Test is allowed
122 CPPUNIT_ASSERT(aliceAccount->accountManager()->isAllowed(*ca.second));
123 CPPUNIT_ASSERT(aliceAccount->accountManager()->isAllowed(*account.second));
124 CPPUNIT_ASSERT(aliceAccount->accountManager()->isAllowed(*device.second));
125
126 // Ban device
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]127 aliceAccount->setCertificateStatus(device.second, dhtnet::tls::TrustStore::PermissionStatus::BANNED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]128 CPPUNIT_ASSERT(aliceAccount->accountManager()->getCertificateStatus(device.second->getId().toString())
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]129 == dhtnet::tls::TrustStore::PermissionStatus::BANNED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]130 CPPUNIT_ASSERT(aliceAccount->accountManager()->getCertificateStatus(id)
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]131 == dhtnet::tls::TrustStore::PermissionStatus::ALLOWED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]132
133 CPPUNIT_ASSERT(aliceAccount->accountManager()->isAllowed(*ca.second));
134 CPPUNIT_ASSERT(aliceAccount->accountManager()->isAllowed(*account.second));
135 CPPUNIT_ASSERT(not aliceAccount->accountManager()->isAllowed(*device.second));
136
137 // Ban account
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]138 aliceAccount->setCertificateStatus(account.second, dhtnet::tls::TrustStore::PermissionStatus::BANNED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]139 CPPUNIT_ASSERT(aliceAccount->accountManager()->getCertificateStatus(account.second->getId().toString())
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]140 == dhtnet::tls::TrustStore::PermissionStatus::BANNED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]141 CPPUNIT_ASSERT(aliceAccount->accountManager()->isAllowed(*ca.second));
142 CPPUNIT_ASSERT(not aliceAccount->accountManager()->isAllowed(*account.second));
143 CPPUNIT_ASSERT(not aliceAccount->accountManager()->isAllowed(*device2.second));
144
145 // Unban account
146 aliceAccount->setCertificateStatus(account.second,
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]147 dhtnet::tls::TrustStore::PermissionStatus::ALLOWED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]148 CPPUNIT_ASSERT(aliceAccount->accountManager()->getCertificateStatus(account.second->getId().toString())
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]149 == dhtnet::tls::TrustStore::PermissionStatus::ALLOWED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]150 CPPUNIT_ASSERT(aliceAccount->accountManager()->isAllowed(*ca.second));
151 CPPUNIT_ASSERT(aliceAccount->accountManager()->isAllowed(*account.second));
152 CPPUNIT_ASSERT(aliceAccount->accountManager()->isAllowed(*device2.second));
153
154 // Ban CA
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]155 aliceAccount->setCertificateStatus(ca.second, dhtnet::tls::TrustStore::PermissionStatus::BANNED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]156 CPPUNIT_ASSERT(aliceAccount->accountManager()->getCertificateStatus(ca.second->getId().toString())
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]157 == dhtnet::tls::TrustStore::PermissionStatus::BANNED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]158 CPPUNIT_ASSERT(not aliceAccount->accountManager()->isAllowed(*ca.second));
159 CPPUNIT_ASSERT(not aliceAccount->accountManager()->isAllowed(*account.second));
160 CPPUNIT_ASSERT(not aliceAccount->accountManager()->isAllowed(*device2.second));
161
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]162 aliceAccount->setCertificateStatus(ca.second, dhtnet::tls::TrustStore::PermissionStatus::BANNED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]163 CPPUNIT_ASSERT(aliceAccount->accountManager()->getCertificateStatus(ca.second->getId().toString())
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]164 == dhtnet::tls::TrustStore::PermissionStatus::BANNED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]165
166 // Test unpin
167 aliceAccount->certStore().unpinCertificate(id);
168 pinned = aliceAccount->certStore().getPinnedCertificates();
169 CPPUNIT_ASSERT(std::find_if(pinned.begin(), pinned.end(), [&](auto v) { return v == id; })
170 == pinned.end());
171
172 // Test statusToStr
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]173 CPPUNIT_ASSERT(strcmp(dhtnet::tls::statusToStr(dhtnet::tls::TrustStatus::TRUSTED),
174 libdhtnet::Certificate::TrustStatus::TRUSTED)
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]175 == 0);
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]176 CPPUNIT_ASSERT(strcmp(dhtnet::tls::statusToStr(dhtnet::tls::TrustStatus::UNTRUSTED),
177 libdhtnet::Certificate::TrustStatus::UNTRUSTED)
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]178 == 0);*/
179}
180
181void
182CertStoreTest::getCertificateWithSplitted()
183{
184 //auto aliceAccount = Manager::instance().getAccount<JamiAccount>(aliceId);
185 auto ca = dht::crypto::generateIdentity("test CA");
186 auto account = dht::crypto::generateIdentity("test account", ca, 4096, true);
187 auto device = dht::crypto::generateIdentity("test device", account);
188
189 auto caCert = std::make_shared<dht::crypto::Certificate>(ca.second->toString(false));
190 auto accountCert = std::make_shared<dht::crypto::Certificate>(account.second->toString(false));
191 auto devicePartialCert = std::make_shared<dht::crypto::Certificate>(
192 device.second->toString(false));
193
194 /*aliceAccount->certStore().pinCertificate(caCert);
195 aliceAccount->certStore().pinCertificate(accountCert);
196 aliceAccount->certStore().pinCertificate(devicePartialCert);
197
198 auto fullCert = aliceAccount->certStore().getCertificate(device.second->getId().toString());
199 CPPUNIT_ASSERT(fullCert->issuer && fullCert->issuer->getUID() == accountCert->getUID());
200 CPPUNIT_ASSERT(fullCert->issuer->issuer
201 && fullCert->issuer->issuer->getUID() == caCert->getUID());*/
202}
203
Sébastien Blin57928252023-08-08 14:22:03 -0400[diff] [blame]204void
205CertStoreTest::testBannedParent()
206{
207 /*auto aliceAccount = Manager::instance().getAccount<JamiAccount>(aliceId);
208
209 auto ca = dht::crypto::generateIdentity("test CA");
210 auto account = dht::crypto::generateIdentity("test account", ca, 4096, true);
211 auto device = dht::crypto::generateIdentity("test device", account);
212 auto device2 = dht::crypto::generateIdentity("test device 2", account);
213 auto id = ca.second->getId().toString();
214 auto pinned = aliceAccount->certStore().getPinnedCertificates();
215 CPPUNIT_ASSERT(std::find_if(pinned.begin(), pinned.end(), [&](auto v) { return v == id; })
216 == pinned.end());
217
218 // Ban account
219 aliceAccount->setCertificateStatus(account.second, dhtnet::tls::TrustStore::PermissionStatus::BANNED);
220 CPPUNIT_ASSERT(aliceAccount->accountManager()->getCertificateStatus(account.second->getId().toString())
221 == dhtnet::tls::TrustStore::PermissionStatus::BANNED);
222 CPPUNIT_ASSERT(not aliceAccount->accountManager()->isAllowed(*account.second));
223 CPPUNIT_ASSERT(not aliceAccount->accountManager()->isAllowed(*device2.second));
224 CPPUNIT_ASSERT(not aliceAccount->accountManager()->isAllowed(*device.second));*/
225}
226
227
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]228} // namespace test
Sébastien Blin464bdff2023-07-19 08:02:53 -0400[diff] [blame]229} // namespace dhtnet
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]230
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]231JAMI_TEST_RUNNER(dhtnet::test::CertStoreTest::name());