security: tolerate invalid or unsupported public keys in PIB
Change-Id: I3c1dd9d3fe81d0895e2d1706f0b29a8e61940beb
diff --git a/tests/unit/security/key-chain.t.cpp b/tests/unit/security/key-chain.t.cpp
index b7aef11..b3ea456 100644
--- a/tests/unit/security/key-chain.t.cpp
+++ b/tests/unit/security/key-chain.t.cpp
@@ -590,15 +590,14 @@
}
void
- checkKeyLocatorName(const Certificate& cert, optional<Name> klName = nullopt) const
+ checkKeyLocatorName(const Certificate& cert, const optional<Name>& klName = nullopt) const
{
auto kl = cert.getKeyLocator();
if (!kl.has_value()) {
BOOST_ERROR("KeyLocator is missing");
return;
}
- BOOST_CHECK_EQUAL(kl->getName(),
- klName.value_or(signerKey.getDefaultCertificate().getName()));
+ BOOST_CHECK_EQUAL(kl->getName(), klName.value_or(signerKey.getDefaultCertificate().getName()));
}
void
@@ -705,11 +704,17 @@
BOOST_AUTO_TEST_CASE(ErrContent)
{
Certificate request(requester.getDefaultCertificate());
+
+ // malformed public key
const auto& oldContent = request.getContent();
std::vector<uint8_t> content(oldContent.value_begin(), oldContent.value_end());
content[0] ^= 0x80;
request.setContent(content);
BOOST_CHECK_THROW(signerKeyChain.makeCertificate(request, signerParams), std::invalid_argument);
+
+ // empty content
+ request.setContent(span<uint8_t>{});
+ BOOST_CHECK_THROW(signerKeyChain.makeCertificate(request, signerParams), std::invalid_argument);
}
BOOST_AUTO_TEST_SUITE_END() // MakeCertificate