resource/csdk/security/unittest/credentialresource.cpp

   1 //******************************************************************
   2 //
   3 // Copyright 2015 Intel Mobile Communications GmbH All Rights Reserved.
   4 //
   5 //-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
   6 //
   7 // Licensed under the Apache License, Version 2.0 (the "License");
   8 // you may not use this file except in compliance with the License.
   9 // You may obtain a copy of the License at
  10 //
  11 // http://www.apache.org/licenses/LICENSE-2.0
  12 //
  13 // Unless required by applicable law or agreed to in writing, software
  14 // distributed under the License is distributed on an "AS IS" BASIS,
  15 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16 // See the License for the specific language governing permissions and
  17 // limitations under the License.
  18 //
  19 //-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
  20
  21 #include "gtest/gtest.h"
  22 #include "logger.h"
  23 #include "ocpayload.h"
  24 #include "ocstack.h"
  25 #include "oic_malloc.h"
  26 #include "oic_string.h"
  27 #include "resourcemanager.h"
  28 #include "credresource.h"
  29 #include "securevirtualresourcetypes.h"
  30 #include "srmtestcommon.h"
  31 #include "srmutility.h"
  32 #include "psinterface.h"
  33 #include "security_internals.h"
  34
  35 #define TAG "SRM-CRED-UT"
  36
  37 OicSecCred_t * getCredList()
  38 {
  39     size_t sz = 0;
  40     OicSecCred_t *cred = (OicSecCred_t *)OICCalloc(1, sizeof(*cred));
  41     VERIFY_NON_NULL(TAG, cred, ERROR);
  42     cred->credId = 1234;
  43     // use |memcpy| for copying full-lengthed UUID without null termination
  44     memcpy(cred->subject.id, "1111111111111111", sizeof(cred->subject.id));
  45
  46 #if 0
  47     cred->roleIdsLen = 2;
  48     cred->roleIds = (OicSecRole_t *)OICCalloc(cred->roleIdsLen, sizeof(OicSecRole_t));
  49     VERIFY_NON_NULL(TAG, cred->roleIds, ERROR);
  50     OICStrcpy((char *)cred->roleIds[0].id, sizeof(cred->roleIds[0].id), "role11");
  51     OICStrcpy((char *)cred->roleIds[1].id, sizeof(cred->roleIds[1].id), "role12");
  52 #endif
  53
  54     cred->credType = SYMMETRIC_PAIR_WISE_KEY;
  55     cred->privateData.encoding = OIC_ENCODING_RAW;
  56     cred->privateData.data = (uint8_t *)OICCalloc(1, strlen("My private Key11") + 1);
  57     cred->privateData.len = strlen("My private Key11");
  58     VERIFY_NON_NULL(TAG, cred->privateData.data, ERROR);
  59     OICStrcpy((char *)cred->privateData.data, strlen("My private Key11")+1,"My private Key11");
  60     // use |memcpy| for copying full-lengthed UUID without null termination
  61     memcpy(cred->rownerID.id, "aaaaaaaaaaaaaaaa", sizeof(cred->rownerID.id));
  62     cred->next = (OicSecCred_t*)OICCalloc(1, sizeof(*cred->next));
  63     VERIFY_NON_NULL(TAG, cred->next, ERROR);
  64     cred->next->credId = 5678;
  65     // use |memcpy| for copying full-lengthed UUID without null termination
  66     memcpy(cred->next->subject.id, "2222222222222222", sizeof(cred->next->subject.id));
  67 #if 0
  68     cred->next->roleIdsLen = 0;
  69 #endif
  70     cred->next->credType = SYMMETRIC_PAIR_WISE_KEY;
  71     cred->next->privateData.encoding = OIC_ENCODING_RAW;
  72     cred->next->privateData.len = strlen("My private Key21");
  73     sz = cred->next->privateData.len + 1;
  74     cred->next->privateData.data = (uint8_t *)OICCalloc(1, sz);
  75     VERIFY_NON_NULL(TAG, cred->next->privateData.data, ERROR);
  76     OICStrcpy((char *)cred->next->privateData.data, sz, "My private Key21");
  77 #if 0
  78     sz = strlen("My Public Key123") + 1;
  79     cred->next->publicData.data = (char *)OICCalloc(1, sz);
  80     VERIFY_NON_NULL(TAG, cred->next->publicData.data, ERROR);
  81     OICStrcpy(cred->next->publicData.data, sz,"My Public Key123");
  82 #endif
  83     // use |memcpy| for copying full-lengthed UUID without null termination
  84     memcpy(cred->next->rownerID.id, "bbbbbbbbbbbbbbbb", sizeof(cred->next->rownerID.id));
  85
  86     return cred;
  87
  88 exit:
  89     if(cred)
  90     {
  91         DeleteCredList(cred);
  92         cred = NULL;
  93     }
  94     return cred;
  95 }
  96
  97 static void printCred(const OicSecCred_t * cred)
  98 {
  99     EXPECT_TRUE(NULL != cred);
 100
 101     const OicSecCred_t *credTmp1 = NULL;
 102     for (credTmp1 = cred; credTmp1; credTmp1 = credTmp1->next)
 103     {
 104         OIC_LOG_V(INFO, TAG, "\ncred->credId = %d", credTmp1->credId);
 105         OIC_LOG_V(INFO, TAG, "cred->subject.id = %s", credTmp1->subject.id);
 106         OIC_LOG_V(INFO, TAG, "cred->credType = %d", credTmp1->credType);
 107         if(credTmp1->privateData.data)
 108         {
 109             OIC_LOG_V(INFO, TAG, "cred->privateData.data = %s", credTmp1->privateData.data);
 110         }
 111 #ifdef __WITH_DTLS__
 112         if(credTmp1->publicData.data)
 113         {
 114            OIC_LOG_V(INFO, TAG, "cred->publicData.data = %s", credTmp1->publicData.data);
 115         }
 116 #endif /* __WITH_DTLS__ */
 117     OIC_LOG_V(INFO, TAG, "cred->rownerID = %s", credTmp1->rownerID.id);
 118     }
 119 }
 120
 121  //InitCredResource Tests
 122 TEST(CredResourceTest, InitCredResource)
 123 {
 124     EXPECT_EQ(OC_STACK_INVALID_PARAM, InitCredResource());
 125 }
 126
 127 //DeInitCredResource Tests
 128 TEST(CredResourceTest, DeInitCredResource)
 129 {
 130     EXPECT_EQ(OC_STACK_INVALID_PARAM, DeInitCredResource());
 131 }
 132
 133 //CreateCredResource Tests
 134 TEST(CredResourceTest, CreateCredResource)
 135 {
 136     EXPECT_EQ(OC_STACK_INVALID_PARAM, CreateCredResource());
 137 }
 138
 139  //CredEntityHandler Tests
 140 TEST(CredResourceTest, CredEntityHandlerWithDummyRequest)
 141 {
 142     OCEntityHandlerRequest req = OCEntityHandlerRequest();
 143     EXPECT_EQ(OC_EH_ERROR,
 144             CredEntityHandler(OCEntityHandlerFlag::OC_REQUEST_FLAG, &req, NULL));
 145 }
 146
 147 TEST(CredResourceTest, CredEntityHandlerWithNULLRequest)
 148 {
 149     EXPECT_EQ(OC_EH_ERROR,
 150             CredEntityHandler(OCEntityHandlerFlag::OC_REQUEST_FLAG, NULL, NULL));
 151 }
 152
 153 TEST(CredResourceTest, CredEntityHandlerInvalidFlag)
 154 {
 155     OCEntityHandlerRequest req = OCEntityHandlerRequest();
 156     EXPECT_EQ(OC_EH_ERROR,
 157             CredEntityHandler(OCEntityHandlerFlag::OC_OBSERVE_FLAG, &req, NULL));
 158 }
 159
 160 //Cred DELETE request
 161 TEST(CredResourceTest, CredEntityHandlerDeleteTest)
 162 {
 163     OCEntityHandlerRequest ehReq =  OCEntityHandlerRequest();
 164     static OCPersistentStorage ps =  OCPersistentStorage();
 165     const OicSecCred_t* subjectCred1 = NULL;
 166     const OicSecCred_t* subjectCred2 = NULL;
 167     OCEntityHandlerResult ehRet = OC_EH_ERROR;
 168     char query[] = "subjectuuid=31313131-3131-3131-3131-313131313131"; //canonical uuid of subject1
 169
 170     SetPersistentHandler(&ps, true);
 171
 172     OicSecCred_t *cred = getCredList();
 173     ASSERT_TRUE(NULL != cred);
 174     uint8_t *payload = NULL;
 175     size_t size = 0;
 176     int secureFlag = 0;
 177     EXPECT_EQ(OC_STACK_OK, CredToCBORPayload(cred, &payload, &size, secureFlag));
 178     if (!payload)
 179     {
 180         DeleteCredList(cred);
 181     }
 182     ASSERT_TRUE(NULL != payload);
 183
 184     // Create Entity Handler POST request payload
 185     ehReq.method = OC_REST_POST;
 186     ehReq.payload = (OCPayload *)OCSecurityPayloadCreate(payload, size);
 187     if (!ehReq.payload)
 188     {
 189         OICFree(payload);
 190         DeleteCredList(cred);
 191     }
 192     ASSERT_TRUE( NULL != ehReq.payload);
 193     EXPECT_EQ(OC_EH_ERROR, CredEntityHandler(OC_REQUEST_FLAG, &ehReq, NULL));
 194
 195     // Verify if SRM contains Credential for the subject
 196     subjectCred1 = GetCredResourceData(&cred->subject);
 197     EXPECT_TRUE(NULL != subjectCred1);
 198
 199     // Create Entity Handler DELETE request
 200     ehReq.method = OC_REST_DELETE;
 201     ehReq.query = (char *)OICCalloc(1, strlen(query)+1);
 202     if (!ehReq.query)
 203     {
 204         OICFree(payload);
 205         DeleteCredList(cred);
 206     }
 207     ASSERT_TRUE(NULL != ehReq.query);
 208     OICStrcpy(ehReq.query, strlen(query)+1, query);
 209
 210     ehRet = CredEntityHandler(OC_REQUEST_FLAG, &ehReq, NULL);
 211     EXPECT_EQ(OC_EH_ERROR, ehRet);
 212
 213     // Verify if SRM has deleted ACE for the subject
 214     subjectCred2 = GetCredResourceData(&cred->subject);
 215     EXPECT_TRUE(NULL == subjectCred2);
 216
 217     // Perform cleanup
 218     OICFree(ehReq.query);
 219     OICFree(payload);
 220     DeInitCredResource();
 221     DeleteCredList(cred);
 222     OCPayloadDestroy((OCPayload *)ehReq.payload);
 223 }
 224
 225 TEST(CredResourceTest, CredToCBORPayloadNULL)
 226 {
 227     int secureFlag = 0;
 228     OicSecCred_t *cred = getCredList();
 229     EXPECT_EQ(OC_STACK_INVALID_PARAM, CredToCBORPayload(NULL, NULL, 0, secureFlag));
 230     size_t size = 0;
 231     uint8_t *cborPayload = (uint8_t *) OICCalloc(1, 10);
 232     if (!cborPayload)
 233     {
 234         DeleteCredList(cred);
 235     }
 236     ASSERT_TRUE(NULL != cborPayload);
 237     EXPECT_EQ(OC_STACK_INVALID_PARAM, CredToCBORPayload(cred, &cborPayload, &size, secureFlag));
 238     OICFree(cborPayload);
 239     cborPayload = NULL;
 240     EXPECT_EQ(OC_STACK_INVALID_PARAM, CredToCBORPayload(NULL, &cborPayload, &size,secureFlag));
 241     EXPECT_EQ(OC_STACK_INVALID_PARAM, CredToCBORPayload(cred, &cborPayload, 0, secureFlag));
 242     EXPECT_EQ(OC_STACK_INVALID_PARAM, CredToCBORPayload(cred, NULL, &size, secureFlag));
 243     DeleteCredList(cred);
 244 }
 245
 246 TEST(CredResourceTest, CredToCBORPayloadVALID)
 247 {
 248     uint8_t* payload = NULL;
 249     size_t size = 0;
 250     int secureFlag = 0;
 251     OicSecCred_t *cred = getCredList();
 252
 253     EXPECT_EQ(OC_STACK_OK, CredToCBORPayload(cred, &payload, &size, secureFlag));
 254     if (!payload)
 255     {
 256         DeleteCredList(cred);
 257     }
 258     ASSERT_TRUE(NULL != payload);
 259
 260     DeleteCredList(cred);
 261     OICFree(payload);
 262 }
 263
 264 TEST(CredResourceTest, CBORPayloadToCredVALID)
 265 {
 266     OicSecCred_t *cred1 = getCredList();
 267
 268     uint8_t *payload = NULL;
 269     size_t size = 0;
 270     int secureFlag = 0;
 271     EXPECT_EQ(OC_STACK_OK, CredToCBORPayload(cred1, &payload, &size, secureFlag));
 272     DeleteCredList(cred1);
 273     ASSERT_TRUE(NULL != payload);
 274
 275     OicSecCred_t *cred2 = NULL;
 276     EXPECT_EQ(OC_STACK_OK, CBORPayloadToCred(payload, size, &cred2));
 277     OICFree(payload);
 278     ASSERT_TRUE(cred2 != NULL);
 279     DeleteCredList(cred2);
 280 }
 281
 282 TEST(CredResourceTest, CBORPayloadToCredSecureVALID)
 283 {
 284     OicSecCred_t *cred1 = getCredList();
 285     ASSERT_TRUE(NULL != cred1);
 286     cred1->privateData.data = (uint8_t *)OICCalloc(1, OWNER_PSK_LENGTH_128);
 287     ASSERT_TRUE(NULL != cred1->privateData.data);
 288     cred1->privateData.len = OWNER_PSK_LENGTH_128;
 289
 290     uint8_t *payload = NULL;
 291     size_t size = 0;
 292     int secureFlag = 1;
 293     EXPECT_EQ(OC_STACK_OK, CredToCBORPayload(cred1, &payload, &size, secureFlag));
 294
 295     ASSERT_TRUE(NULL != payload);
 296
 297     OicSecCred_t *cred2 = NULL;
 298     EXPECT_EQ(OC_STACK_OK, CBORPayloadToCred(payload, size, &cred2));
 299     ASSERT_TRUE(cred2 != NULL);
 300     ASSERT_TRUE(NULL == cred2->privateData.data);
 301     ASSERT_TRUE(0 == cred2->privateData.len);
 302
 303     OICFree(payload);
 304
 305     DeleteCredList(cred1);
 306     DeleteCredList(cred2);
 307 }
 308
 309 TEST(CredResourceTest, CBORPayloadToCredNULL)
 310 {
 311     OicSecCred_t *cred = NULL;
 312     EXPECT_EQ(OC_STACK_INVALID_PARAM, CBORPayloadToCred(NULL, 0, NULL));
 313     uint8_t *cborPayload = (uint8_t *) OICCalloc(1, 10);
 314     ASSERT_TRUE(NULL != cborPayload);
 315     EXPECT_EQ(OC_STACK_INVALID_PARAM, CBORPayloadToCred(NULL, 0, &cred));
 316     EXPECT_EQ(OC_STACK_INVALID_PARAM, CBORPayloadToCred(cborPayload, 0, NULL));
 317     cred = getCredList();
 318     EXPECT_EQ(OC_STACK_INVALID_PARAM, CBORPayloadToCred(cborPayload, 0, &cred));
 319     DeleteCredList(cred);
 320     OICFree(cborPayload);
 321 }
 322
 323 //GetCredResourceData Test
 324 TEST(CredResourceTest, GetCredResourceDataNULLSubject)
 325 {
 326     EXPECT_EQ(NULL, GetCredResourceData(NULL));
 327 }
 328
 329 TEST(CredResourceTest, GenerateCredentialValidInput)
 330 {
 331     OicUuid_t rownerID = {{0}};
 332     OICStrcpy((char *)rownerID.id, sizeof(rownerID.id), "ownersId21");
 333
 334     OicUuid_t subject = {{0}};
 335     OICStrcpy((char *)subject.id, sizeof(subject.id), "subject11");
 336
 337     uint8_t privateKey[] = "My private Key11";
 338     OicSecKey_t key = {privateKey, sizeof(privateKey)};
 339
 340     OicSecCred_t * cred  = NULL;
 341     cred = GenerateCredential(&subject, SYMMETRIC_PAIR_WISE_KEY, NULL,
 342                               &key, &rownerID, NULL);
 343     printCred(cred);
 344
 345     ASSERT_TRUE(NULL != cred);
 346     DeleteCredList(cred);
 347 }
 348
 349 TEST(CredResourceTest, GenerateAndAddCredentialValidInput)
 350 {
 351     OicUuid_t rownerID = {{0}};
 352     OICStrcpy((char *)rownerID.id, sizeof(rownerID.id), "ownersId11");
 353
 354     OicUuid_t subject = {{0}};
 355     OICStrcpy((char *)subject.id, sizeof(subject.id), "subject11");
 356
 357     uint8_t privateKey[] = "My private Key11";
 358     OicSecKey_t key = {privateKey, sizeof(privateKey)};
 359
 360     OicSecCred_t *cred1  = NULL;
 361     OicSecCred_t *headCred = NULL;
 362
 363     cred1 = GenerateCredential(&subject, SYMMETRIC_PAIR_WISE_KEY, NULL,
 364                                &key, &rownerID, NULL);
 365
 366     EXPECT_EQ(OC_STACK_OK, AddCredential(cred1));
 367     headCred = cred1;
 368
 369     OICStrcpy((char *)rownerID.id, sizeof(rownerID.id), "ownersId22");
 370     OICStrcpy((char *)subject.id, sizeof(subject.id), "subject22");
 371     cred1 = GenerateCredential(&subject, SYMMETRIC_PAIR_WISE_KEY, NULL,
 372                                &key, &rownerID, NULL);
 373     EXPECT_EQ(OC_STACK_OK, AddCredential(cred1));
 374
 375     OICStrcpy((char *)rownerID.id, sizeof(rownerID.id), "ownersId33");
 376     OICStrcpy((char *)subject.id, sizeof(subject.id), "subject33");
 377     cred1 = GenerateCredential(&subject, SYMMETRIC_PAIR_WISE_KEY, NULL,
 378                                &key, &rownerID, NULL);
 379     EXPECT_EQ(OC_STACK_OK, AddCredential(cred1));
 380
 381     const OicSecCred_t* credList = GetCredResourceData(&headCred->subject);
 382
 383     printCred(credList);
 384
 385     DeleteCredList(headCred);
 386 }
 387
 388 #if 0
 389 TEST(CredGetResourceDataTest, GetCredResourceDataValidSubject)
 390 {
 391     OicSecCred_t* cred = getCredList();
 392     EXPECT_TRUE(NULL != GetCredResourceData(cred->subject));
 393 }
 394 #endif
 395
 396 #if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
 397 TEST(CredGetDtlsPskCredentialsTest, NullResult)
 398 {
 399     EXPECT_EQ(-1, GetDtlsPskCredentials(CA_DTLS_PSK_KEY, NULL, 0, NULL, 0));
 400 }
 401
 402 TEST(CredAddTmpPskWithPINTest, NullSubject)
 403 {
 404     EXPECT_EQ(OC_STACK_INVALID_PARAM, AddTmpPskWithPIN(NULL, SYMMETRIC_PAIR_WISE_KEY,
 405               NULL, 0, NULL, NULL));
 406 }
 407 #endif // __WITH_DTLS__ or __WITH_TLS__
 408 TEST(CredCBORPayloadToCredTest, NullPayload)
 409 {
 410     EXPECT_EQ(OC_STACK_INVALID_PARAM, CBORPayloadToCred(NULL, 0, NULL));
 411 }