Gitiles
Code Review Sign In
review.jami.net / dhtnet / 66bb3c6ccaf78e7db4ff6aaab8aca11d17d4b733 / . / tests / certstore.cpp
blob: 43967c68e0905ca081f83b31bf8862871f587c37 [file] [log] [blame]
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]1/*
2 * Copyright (C) 2004-2023 Savoir-faire Linux Inc.
3 *
4 * Author: florian Wiesweg <florian.wiesweg@campus.tu-berlin.de>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
19 */
20
21#include <cppunit/TestAssert.h>
22#include <cppunit/TestFixture.h>
23#include <cppunit/extensions/HelperMacros.h>
24
25#include "test_runner.h"
26#include "certstore.h"
27
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]28namespace dhtnet {
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]29namespace test {
30
31class CertStoreTest : public CppUnit::TestFixture
32{
33public:
34 CertStoreTest()
35 {
36 }
37 ~CertStoreTest() { }
38 static std::string name() { return "certstore"; }
39 void setUp();
40 void tearDown();
41
42 std::string aliceId;
43 std::string bobId;
44
45private:
46 void trustStoreTest();
47 void getCertificateWithSplitted();
48
49 CPPUNIT_TEST_SUITE(CertStoreTest);
50 CPPUNIT_TEST(trustStoreTest);
51 CPPUNIT_TEST(getCertificateWithSplitted);
52 CPPUNIT_TEST_SUITE_END();
53};
54
55CPPUNIT_TEST_SUITE_NAMED_REGISTRATION(CertStoreTest, CertStoreTest::name());
56
57void
58CertStoreTest::setUp()
59{
60 /*auto actors = load_actors_and_wait_for_announcement("actors/alice-bob.yml");
61 aliceId = actors["alice"];
62 bobId = actors["bob"];*/
63}
64
65void
66CertStoreTest::tearDown()
67{
68 //wait_for_removal_of({aliceId, bobId});
69}
70
71void
72CertStoreTest::trustStoreTest()
73{
74 //auto aliceAccount = Manager::instance().getAccount<JamiAccount>(aliceId);
75
76 auto ca = dht::crypto::generateIdentity("test CA");
77 auto account = dht::crypto::generateIdentity("test account", ca, 4096, true);
78 auto device = dht::crypto::generateIdentity("test device", account);
79 auto device2 = dht::crypto::generateIdentity("test device 2", account);
80 /*auto storeSize = aliceAccount->certStore().getPinnedCertificates().size();
81 auto id = ca.second->getId().toString();
82 auto pinned = aliceAccount->certStore().getPinnedCertificates();
83 CPPUNIT_ASSERT(std::find_if(pinned.begin(), pinned.end(), [&](auto v) { return v == id; })
84 == pinned.end());
85
86 // Test certificate status
87 auto certAllowed = aliceAccount->accountManager()->getCertificatesByStatus(
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]88 dhtnet::tls::TrustStore::PermissionStatus::ALLOWED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]89 CPPUNIT_ASSERT(
90 std::find_if(certAllowed.begin(), certAllowed.end(), [&](auto v) { return v == id; })
91 == certAllowed.end());
92 CPPUNIT_ASSERT(aliceAccount->accountManager()->getCertificateStatus(id)
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]93 == dhtnet::tls::TrustStore::PermissionStatus::UNDEFINED);
94 aliceAccount->setCertificateStatus(ca.second, dhtnet::tls::TrustStore::PermissionStatus::ALLOWED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]95 certAllowed = aliceAccount->accountManager()->getCertificatesByStatus(
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]96 dhtnet::tls::TrustStore::PermissionStatus::ALLOWED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]97 CPPUNIT_ASSERT(
98 std::find_if(certAllowed.begin(), certAllowed.end(), [&](auto v) { return v == id; })
99 != certAllowed.end());
100 CPPUNIT_ASSERT(aliceAccount->accountManager()->getCertificateStatus(id)
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]101 == dhtnet::tls::TrustStore::PermissionStatus::ALLOWED);
102 aliceAccount->setCertificateStatus(ca.second, dhtnet::tls::TrustStore::PermissionStatus::UNDEFINED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]103 CPPUNIT_ASSERT(aliceAccount->accountManager()->getCertificateStatus(id)
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]104 == dhtnet::tls::TrustStore::PermissionStatus::UNDEFINED);
105 aliceAccount->setCertificateStatus(ca.second, dhtnet::tls::TrustStore::PermissionStatus::ALLOWED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]106 CPPUNIT_ASSERT(aliceAccount->accountManager()->getCertificateStatus(id)
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]107 == dhtnet::tls::TrustStore::PermissionStatus::ALLOWED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]108
109 // Test getPinnedCertificates
110 pinned = aliceAccount->certStore().getPinnedCertificates();
111 CPPUNIT_ASSERT(pinned.size() == storeSize + 2);
112 CPPUNIT_ASSERT(std::find_if(pinned.begin(), pinned.end(), [&](auto v) { return v == id; })
113 != pinned.end());
114
115 // Test findCertificateByUID & findIssuer
116 CPPUNIT_ASSERT(!aliceAccount->certStore().findCertificateByUID("NON_EXISTING_ID"));
117 auto cert = aliceAccount->certStore().findCertificateByUID(id);
118 CPPUNIT_ASSERT(cert);
119 auto issuer = aliceAccount->certStore().findIssuer(cert);
120 CPPUNIT_ASSERT(issuer);
121 CPPUNIT_ASSERT(issuer->getId().toString() == id);
122
123 // Test is allowed
124 CPPUNIT_ASSERT(aliceAccount->accountManager()->isAllowed(*ca.second));
125 CPPUNIT_ASSERT(aliceAccount->accountManager()->isAllowed(*account.second));
126 CPPUNIT_ASSERT(aliceAccount->accountManager()->isAllowed(*device.second));
127
128 // Ban device
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]129 aliceAccount->setCertificateStatus(device.second, dhtnet::tls::TrustStore::PermissionStatus::BANNED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]130 CPPUNIT_ASSERT(aliceAccount->accountManager()->getCertificateStatus(device.second->getId().toString())
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]131 == dhtnet::tls::TrustStore::PermissionStatus::BANNED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]132 CPPUNIT_ASSERT(aliceAccount->accountManager()->getCertificateStatus(id)
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]133 == dhtnet::tls::TrustStore::PermissionStatus::ALLOWED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]134
135 CPPUNIT_ASSERT(aliceAccount->accountManager()->isAllowed(*ca.second));
136 CPPUNIT_ASSERT(aliceAccount->accountManager()->isAllowed(*account.second));
137 CPPUNIT_ASSERT(not aliceAccount->accountManager()->isAllowed(*device.second));
138
139 // Ban account
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]140 aliceAccount->setCertificateStatus(account.second, dhtnet::tls::TrustStore::PermissionStatus::BANNED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]141 CPPUNIT_ASSERT(aliceAccount->accountManager()->getCertificateStatus(account.second->getId().toString())
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]142 == dhtnet::tls::TrustStore::PermissionStatus::BANNED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]143 CPPUNIT_ASSERT(aliceAccount->accountManager()->isAllowed(*ca.second));
144 CPPUNIT_ASSERT(not aliceAccount->accountManager()->isAllowed(*account.second));
145 CPPUNIT_ASSERT(not aliceAccount->accountManager()->isAllowed(*device2.second));
146
147 // Unban account
148 aliceAccount->setCertificateStatus(account.second,
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]149 dhtnet::tls::TrustStore::PermissionStatus::ALLOWED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]150 CPPUNIT_ASSERT(aliceAccount->accountManager()->getCertificateStatus(account.second->getId().toString())
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]151 == dhtnet::tls::TrustStore::PermissionStatus::ALLOWED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]152 CPPUNIT_ASSERT(aliceAccount->accountManager()->isAllowed(*ca.second));
153 CPPUNIT_ASSERT(aliceAccount->accountManager()->isAllowed(*account.second));
154 CPPUNIT_ASSERT(aliceAccount->accountManager()->isAllowed(*device2.second));
155
156 // Ban CA
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]157 aliceAccount->setCertificateStatus(ca.second, dhtnet::tls::TrustStore::PermissionStatus::BANNED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]158 CPPUNIT_ASSERT(aliceAccount->accountManager()->getCertificateStatus(ca.second->getId().toString())
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]159 == dhtnet::tls::TrustStore::PermissionStatus::BANNED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]160 CPPUNIT_ASSERT(not aliceAccount->accountManager()->isAllowed(*ca.second));
161 CPPUNIT_ASSERT(not aliceAccount->accountManager()->isAllowed(*account.second));
162 CPPUNIT_ASSERT(not aliceAccount->accountManager()->isAllowed(*device2.second));
163
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]164 aliceAccount->setCertificateStatus(ca.second, dhtnet::tls::TrustStore::PermissionStatus::BANNED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]165 CPPUNIT_ASSERT(aliceAccount->accountManager()->getCertificateStatus(ca.second->getId().toString())
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]166 == dhtnet::tls::TrustStore::PermissionStatus::BANNED);
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]167
168 // Test unpin
169 aliceAccount->certStore().unpinCertificate(id);
170 pinned = aliceAccount->certStore().getPinnedCertificates();
171 CPPUNIT_ASSERT(std::find_if(pinned.begin(), pinned.end(), [&](auto v) { return v == id; })
172 == pinned.end());
173
174 // Test statusToStr
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]175 CPPUNIT_ASSERT(strcmp(dhtnet::tls::statusToStr(dhtnet::tls::TrustStatus::TRUSTED),
176 libdhtnet::Certificate::TrustStatus::TRUSTED)
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]177 == 0);
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]178 CPPUNIT_ASSERT(strcmp(dhtnet::tls::statusToStr(dhtnet::tls::TrustStatus::UNTRUSTED),
179 libdhtnet::Certificate::TrustStatus::UNTRUSTED)
Adrien Béraudefe27372023-05-27 18:56:29 -0400[diff] [blame]180 == 0);*/
181}
182
183void
184CertStoreTest::getCertificateWithSplitted()
185{
186 //auto aliceAccount = Manager::instance().getAccount<JamiAccount>(aliceId);
187 auto ca = dht::crypto::generateIdentity("test CA");
188 auto account = dht::crypto::generateIdentity("test account", ca, 4096, true);
189 auto device = dht::crypto::generateIdentity("test device", account);
190
191 auto caCert = std::make_shared<dht::crypto::Certificate>(ca.second->toString(false));
192 auto accountCert = std::make_shared<dht::crypto::Certificate>(account.second->toString(false));
193 auto devicePartialCert = std::make_shared<dht::crypto::Certificate>(
194 device.second->toString(false));
195
196 /*aliceAccount->certStore().pinCertificate(caCert);
197 aliceAccount->certStore().pinCertificate(accountCert);
198 aliceAccount->certStore().pinCertificate(devicePartialCert);
199
200 auto fullCert = aliceAccount->certStore().getCertificate(device.second->getId().toString());
201 CPPUNIT_ASSERT(fullCert->issuer && fullCert->issuer->getUID() == accountCert->getUID());
202 CPPUNIT_ASSERT(fullCert->issuer->issuer
203 && fullCert->issuer->issuer->getUID() == caCert->getUID());*/
204}
205
206} // namespace test
207} // namespace jami
208
Adrien Béraud1ae60aa2023-07-07 09:55:09 -0400[diff] [blame]209JAMI_TEST_RUNNER(dhtnet::test::CertStoreTest::name());