tests: use decorators to label test data generators
Also various minor cleanups
Change-Id: Iaee434991b923abdf464293fec35da22d6cb449a
diff --git a/tests/unit/security/certificate-cache.t.cpp b/tests/unit/security/certificate-cache.t.cpp
index acbdd00..0a00adf 100644
--- a/tests/unit/security/certificate-cache.t.cpp
+++ b/tests/unit/security/certificate-cache.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2023 Regents of the University of California.
+ * Copyright (c) 2013-2024 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -31,31 +31,31 @@
{
public:
CertificateCacheFixture()
- : certCache(10_s)
{
identity = m_keyChain.createIdentity("/TestCertificateCache");
cert = identity.getDefaultKey().getDefaultCertificate();
}
void
- checkFindByInterest(const Name& name, bool canBePrefix, std::optional<Certificate> expected) const
+ checkFindByInterest(const Name& name, bool canBePrefix,
+ const std::optional<Certificate>& expected) const
{
Interest interest(name);
interest.setCanBePrefix(canBePrefix);
- BOOST_TEST_CONTEXT(interest) {
- auto found = certCache.find(interest);
- if (expected) {
- BOOST_REQUIRE(found != nullptr);
- BOOST_CHECK_EQUAL(found->getName(), expected->getName());
- }
- else {
- BOOST_CHECK(found == nullptr);
- }
+ BOOST_TEST_INFO_SCOPE("Interest = " << interest);
+
+ auto found = certCache.find(interest);
+ if (expected) {
+ BOOST_REQUIRE(found != nullptr);
+ BOOST_CHECK_EQUAL(found->getName(), expected->getName());
+ }
+ else {
+ BOOST_CHECK(found == nullptr);
}
}
public:
- security::CertificateCache certCache;
+ security::CertificateCache certCache{10_s};
Identity identity;
Certificate cert;
};
diff --git a/tests/unit/security/certificate-fetcher-direct-fetch.t.cpp b/tests/unit/security/certificate-fetcher-direct-fetch.t.cpp
index ca185c6..eb77031 100644
--- a/tests/unit/security/certificate-fetcher-direct-fetch.t.cpp
+++ b/tests/unit/security/certificate-fetcher-direct-fetch.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2023 Regents of the University of California.
+ * Copyright (c) 2013-2024 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -39,8 +39,8 @@
BOOST_AUTO_TEST_SUITE(TestCertificateFetcherDirectFetch)
struct Cert {};
-struct Timeout {};
struct Nack {};
+struct Timeout {};
template<class Response>
class CertificateFetcherDirectFetchFixture : public HierarchicalValidatorFixture<ValidationPolicySimpleHierarchy,
@@ -53,7 +53,6 @@
BOTH
};
-public:
CertificateFetcherDirectFetchFixture()
: data("/Security/ValidatorFixture/Sub1/Sub3/Data")
, interest("/Security/ValidatorFixture/Sub1/Sub3/Interest")
@@ -85,7 +84,22 @@
}
void
- makeResponse(const Interest& interest);
+ makeResponse(const Interest& interest)
+ {
+ if constexpr (std::is_same_v<Response, Cert>) {
+ auto cert = cache.find(interest);
+ if (cert == nullptr) {
+ return;
+ }
+ face.receive(*cert);
+ }
+ else if constexpr (std::is_same_v<Response, Nack>) {
+ face.receive(makeNack(interest, lp::NackReason::NO_ROUTE));
+ }
+ else {
+ // do nothing
+ }
+ }
void
setResponseType(ResponseType type)
@@ -100,32 +114,7 @@
ResponseType responseType = ResponseType::INFRASTRUCTURE;
};
-template<>
-void
-CertificateFetcherDirectFetchFixture<Cert>::makeResponse(const Interest& interest)
-{
- auto cert = cache.find(interest);
- if (cert == nullptr) {
- return;
- }
- face.receive(*cert);
-}
-
-template<>
-void
-CertificateFetcherDirectFetchFixture<Timeout>::makeResponse(const Interest& interest)
-{
- // do nothing
-}
-
-template<>
-void
-CertificateFetcherDirectFetchFixture<Nack>::makeResponse(const Interest& interest)
-{
- face.receive(makeNack(interest, lp::NackReason::NO_ROUTE));
-}
-
-using Failures = boost::mp11::mp_list<Timeout, Nack>;
+using FailureModes = boost::mp11::mp_list<Nack, Timeout>;
BOOST_FIXTURE_TEST_CASE(ValidateSuccessData, CertificateFetcherDirectFetchFixture<Cert>)
{
@@ -158,7 +147,8 @@
}
}
-BOOST_FIXTURE_TEST_CASE_TEMPLATE(ValidateFailureData, T, Failures, CertificateFetcherDirectFetchFixture<T>)
+BOOST_FIXTURE_TEST_CASE_TEMPLATE(ValidateFailureData, T, FailureModes,
+ CertificateFetcherDirectFetchFixture<T>)
{
VALIDATE_FAILURE(this->data, "Should fail, as all interests either NACKed or timeout");
BOOST_TEST(this->lastError.getCode() == ValidationError::CANNOT_RETRIEVE_CERT);
@@ -179,7 +169,8 @@
}
}
-BOOST_FIXTURE_TEST_CASE_TEMPLATE(ValidateFailureDataDirectOnly, T, Failures, CertificateFetcherDirectFetchFixture<T>)
+BOOST_FIXTURE_TEST_CASE_TEMPLATE(ValidateFailureDataDirectOnly, T, FailureModes,
+ CertificateFetcherDirectFetchFixture<T>)
{
this->setResponseType(CertificateFetcherDirectFetchFixture<T>::ResponseType::DIRECT);
static_cast<CertificateFetcherDirectFetch&>(this->validator.getFetcher()).setSendDirectInterestOnly(true);
@@ -195,7 +186,8 @@
}
}
-BOOST_FIXTURE_TEST_CASE_TEMPLATE(ValidateFailureDataNoTagDirectOnly, T, Failures, CertificateFetcherDirectFetchFixture<T>)
+BOOST_FIXTURE_TEST_CASE_TEMPLATE(ValidateFailureDataNoTagDirectOnly, T, FailureModes,
+ CertificateFetcherDirectFetchFixture<T>)
{
this->setResponseType(CertificateFetcherDirectFetchFixture<T>::ResponseType::DIRECT);
static_cast<CertificateFetcherDirectFetch&>(this->validator.getFetcher()).setSendDirectInterestOnly(true);
@@ -226,7 +218,8 @@
}
}
-BOOST_FIXTURE_TEST_CASE_TEMPLATE(ValidateFailureInterest, T, Failures, CertificateFetcherDirectFetchFixture<T>)
+BOOST_FIXTURE_TEST_CASE_TEMPLATE(ValidateFailureInterest, T, FailureModes,
+ CertificateFetcherDirectFetchFixture<T>)
{
VALIDATE_FAILURE(this->interest, "Should fail, as all interests either NACKed or timeout");
BOOST_TEST(this->lastError.getCode() == ValidationError::CANNOT_RETRIEVE_CERT);
diff --git a/tests/unit/security/key-chain.t.cpp b/tests/unit/security/key-chain.t.cpp
index ac45ee7..4fd91b4 100644
--- a/tests/unit/security/key-chain.t.cpp
+++ b/tests/unit/security/key-chain.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2023 Regents of the University of California.
+ * Copyright (c) 2013-2024 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -158,7 +158,8 @@
static constexpr std::string_view PATH = "build/config-file-non-canonical-tpm/";
};
-BOOST_FIXTURE_TEST_CASE(ConstructorNonCanonicalTpm, TestHomeAndPibFixture<PibPathConfigFileNonCanonicalTpm>) // Bug 4297
+BOOST_FIXTURE_TEST_CASE(ConstructorNonCanonicalTpm, TestHomeAndPibFixture<PibPathConfigFileNonCanonicalTpm>,
+ * ut::description("test for bug #4297"))
{
createClientConf({"pib=pib-sqlite3:", "tpm=tpm-file"});
@@ -328,7 +329,7 @@
struct DataPkt
{
Data packet{"/data"};
- SignedInterestFormat sigFormat = SignedInterestFormat::V02; // irrelevant for Data
+ static constexpr SignedInterestFormat sigFormat = SignedInterestFormat::V02; // irrelevant for Data
SignatureInfo
getSignatureInfo() const
@@ -340,7 +341,7 @@
struct InterestV02Pkt
{
Interest packet{"/interest02"};
- SignedInterestFormat sigFormat = SignedInterestFormat::V02;
+ static constexpr SignedInterestFormat sigFormat = SignedInterestFormat::V02;
SignatureInfo
getSignatureInfo() const
@@ -352,7 +353,7 @@
struct InterestV03Pkt
{
Interest packet{"/interest03"};
- SignedInterestFormat sigFormat = SignedInterestFormat::V03;
+ static constexpr SignedInterestFormat sigFormat = SignedInterestFormat::V03;
SignatureInfo
getSignatureInfo() const
@@ -421,8 +422,8 @@
const Key key = KeyMaker<AsymmetricKeyParams>()(m_keyChain, id);
const Certificate cert = key.getDefaultCertificate();
- const uint32_t expectedSigType = SignatureTypeTlvValue;
- const bool shouldHaveKeyLocator = true;
+ static constexpr uint32_t expectedSigType = SignatureTypeTlvValue;
+ static constexpr bool shouldHaveKeyLocator = true;
const std::optional<KeyLocator> expectedKeyLocator = cert.getName();
bool
@@ -498,8 +499,8 @@
SigningInfo("hmac-sha256:QjM3NEEyNkE3MTQ5MDQzN0FBMDI0RTRGQURENUI0OTdGREZGMUE4RUE2RkYxMkY2RkI2NUFGMjcyMEI1OUNDRg=="),
};
- const uint32_t expectedSigType = SignatureTypeTlvValue;
- const bool shouldHaveKeyLocator = true;
+ static constexpr uint32_t expectedSigType = SignatureTypeTlvValue;
+ static constexpr bool shouldHaveKeyLocator = true;
const std::optional<KeyLocator> expectedKeyLocator = std::nullopt; // don't check KeyLocator value
bool
@@ -518,8 +519,8 @@
signingWithSha256()
};
- const uint32_t expectedSigType = tlv::DigestSha256;
- const bool shouldHaveKeyLocator = false;
+ static constexpr uint32_t expectedSigType = tlv::DigestSha256;
+ static constexpr bool shouldHaveKeyLocator = false;
const std::optional<KeyLocator> expectedKeyLocator = std::nullopt;
bool
@@ -550,22 +551,21 @@
BOOST_FIXTURE_TEST_CASE_TEMPLATE(SigningInterface, T, SigningTests, T)
{
- BOOST_TEST_CONTEXT("Packet = " << this->packet.getName()) {
- for (auto signingInfo : this->signingInfos) {
- signingInfo.setSignedInterestFormat(this->sigFormat);
+ BOOST_TEST_INFO_SCOPE("Packet = " << this->packet.getName());
- BOOST_TEST_CONTEXT("SigningInfo = " << signingInfo) {
- this->m_keyChain.sign(this->packet, signingInfo);
+ for (auto signingInfo : this->signingInfos) {
+ signingInfo.setSignedInterestFormat(this->sigFormat);
+ BOOST_TEST_INFO_SCOPE("SigningInfo = " << signingInfo);
- auto sigInfo = this->getSignatureInfo();
- BOOST_CHECK_EQUAL(sigInfo.getSignatureType(), this->expectedSigType);
- BOOST_CHECK_EQUAL(sigInfo.hasKeyLocator(), this->shouldHaveKeyLocator);
- if (this->expectedKeyLocator) {
- BOOST_CHECK_EQUAL(sigInfo.getKeyLocator(), *this->expectedKeyLocator);
- }
- BOOST_CHECK(this->verify(signingInfo));
- }
+ this->m_keyChain.sign(this->packet, signingInfo);
+
+ auto sigInfo = this->getSignatureInfo();
+ BOOST_CHECK_EQUAL(sigInfo.getSignatureType(), this->expectedSigType);
+ BOOST_CHECK_EQUAL(sigInfo.hasKeyLocator(), this->shouldHaveKeyLocator);
+ if (this->expectedKeyLocator) {
+ BOOST_CHECK_EQUAL(sigInfo.getKeyLocator(), *this->expectedKeyLocator);
}
+ BOOST_CHECK(this->verify(signingInfo));
}
}
diff --git a/tests/unit/security/pib/pib-data-fixture.cpp b/tests/unit/security/pib/pib-data-fixture.cpp
index dde1d8b..7196daa 100644
--- a/tests/unit/security/pib/pib-data-fixture.cpp
+++ b/tests/unit/security/pib/pib-data-fixture.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2023 Regents of the University of California.
+ * Copyright (c) 2013-2024 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -20,91 +20,96 @@
*/
#include "tests/unit/security/pib/pib-data-fixture.hpp"
+
#include "ndn-cxx/security/pib/impl/pib-memory.hpp"
+#include "ndn-cxx/security/tpm/impl/back-end-mem.hpp"
+#include "ndn-cxx/security/tpm/tpm.hpp"
+#include "ndn-cxx/util/string-helper.hpp"
-// #include "ndn-cxx/security/tpm/impl/back-end-mem.hpp"
-// #include "ndn-cxx/security/tpm/tpm.hpp"
-// #include "ndn-cxx/util/string-helper.hpp"
+#include "tests/boost-test.hpp"
-// #include "tests/boost-test.hpp"
-
-// #include <iostream>
+#include <iostream>
namespace ndn::tests {
using namespace ndn::security;
-using namespace ndn::security::pib;
-// class TestCertDataGenerator
-// {
-// public:
-// void
-// printTestDataForId(const std::string& prefix, const Name& id)
-// {
-// for (auto keyId : {1u, 2u}) {
-// Name keyName = tpm.createKey(id, EcKeyParams(name::Component::fromNumber(keyId)));
+BOOST_AUTO_TEST_SUITE(Security)
+BOOST_AUTO_TEST_SUITE(PibData)
-// for (auto certVersion : {1u, 2u}) {
-// Name certName = keyName;
-// certName
-// .append("issuer")
-// .appendVersion(certVersion);
-// Certificate cert;
-// cert.setName(certName);
-// cert.setFreshnessPeriod(1_h);
-// cert.setContent(tpm.getPublicKey(keyName));
+class TestCertDataGenerator
+{
+public:
+ void
+ printTestDataForId(const std::string& prefix, const Name& id)
+ {
+ for (auto keyId : {1u, 2u}) {
+ Name keyName = m_tpm.createKey(id, EcKeyParams(name::Component::fromNumber(keyId)));
-// // TODO: sign using KeyChain
-// SignatureInfo info;
-// info.setSignatureType(tlv::SignatureSha256WithEcdsa);
-// info.setKeyLocator(keyName);
-// info.setValidityPeriod(ValidityPeriod(time::fromIsoString("20170102T000000"),
-// time::fromIsoString("20180102T000000")));
-// cert.setSignatureInfo(info);
+ for (auto certVersion : {1u, 2u}) {
+ Name certName = keyName;
+ certName.append("issuer");
+ certName.appendVersion(certVersion);
+ Certificate cert;
+ cert.setName(certName);
+ cert.setFreshnessPeriod(1_h);
+ cert.setContent(m_tpm.getPublicKey(keyName));
-// EncodingBuffer buf;
-// cert.wireEncode(buf, true);
-// cert.setSignatureValue(tpm.sign({buf}, keyName, DigestAlgorithm::SHA256));
+ // TODO: sign using KeyChain
+ SignatureInfo info;
+ info.setSignatureType(tlv::SignatureSha256WithEcdsa);
+ info.setKeyLocator(keyName);
+ info.setValidityPeriod(ValidityPeriod(time::fromIsoString("20170102T000000"),
+ time::fromIsoString("20180102T000000")));
+ cert.setSignatureInfo(info);
-// printBytes(prefix + "_KEY" + to_string(keyId) + "_CERT" + to_string(certVersion),
-// cert.wireEncode());
-// }
-// }
-// }
+ EncodingBuffer buf;
+ cert.wireEncode(buf, true);
+ cert.setSignatureValue(m_tpm.sign({buf}, keyName, DigestAlgorithm::SHA256));
-// static void
-// printBytes(const std::string& name, span<const uint8_t> bytes)
-// {
-// std::cout << "\nconst uint8_t " << name << "[] = {\n"
-// << " ";
+ printBytes(prefix + "_KEY" + std::to_string(keyId) + "_CERT" + std::to_string(certVersion),
+ cert.wireEncode());
+ }
+ }
+ }
-// std::string hex = toHex(bytes);
+ static void
+ printBytes(std::string_view name, span<const uint8_t> bytes)
+ {
+ auto hex = toHex(bytes);
+ std::cout << "\nconst uint8_t " << name << "[] = {\n"
+ << " ";
-// for (size_t i = 0; i < hex.size(); i++) {
-// if (i > 0 && i % 40 == 0)
-// std::cout << "\n ";
+ for (size_t i = 0; i < hex.size(); i++) {
+ if (i > 0 && i % 40 == 0)
+ std::cout << "\n ";
-// std::cout << "0x" << hex[i];
-// std::cout << hex[++i];
+ std::cout << "0x" << hex[i];
+ std::cout << hex[++i];
-// if (i + 1 != hex.size())
-// std::cout << ", ";
-// }
-// std::cout << "\n"
-// << "};" << std::endl;
-// }
+ if (i + 1 != hex.size())
+ std::cout << ", ";
+ }
+ std::cout << "\n"
+ << "};" << std::endl;
+ }
-// private:
-// PibMemory pib;
-// Tpm tpm{"test:test", make_unique<tpm::BackEndMem>()};
-// };
+private:
+ pib::PibMemory m_pib;
+ Tpm m_tpm{"test:test", make_unique<tpm::BackEndMem>()};
+};
-// // The test data can be generated using this test case
-// BOOST_FIXTURE_TEST_CASE(GenerateTestCertData, TestCertDataGenerator)
-// {
-// printTestDataForId("ID1", Name("/pib/interface/id/1"));
-// printTestDataForId("ID2", Name("/pib/interface/id/2"));
-// }
+BOOST_FIXTURE_TEST_CASE(GenerateTestCerts, TestCertDataGenerator,
+ * ut::description("regenerates the test certificates used in PibDataFixture")
+ * ut::disabled()
+ * ut::label("generator"))
+{
+ printTestDataForId("ID1", "/pib/interface/id/1");
+ printTestDataForId("ID2", "/pib/interface/id/2");
+}
+
+BOOST_AUTO_TEST_SUITE_END() // PibData
+BOOST_AUTO_TEST_SUITE_END() // Security
const uint8_t ID1_KEY1_CERT1[] = {
0x06, 0xFD, 0x02, 0x25, 0x07, 0x2B, 0x08, 0x03, 0x70, 0x69, 0x62, 0x08, 0x09, 0x69, 0x6E, 0x74, 0x65, 0x72, 0x66, 0x61,
@@ -397,18 +402,18 @@
BOOST_ASSERT(id2Key2Cert2.getContent() == id2Key2Cert1.getContent());
}
-shared_ptr<PibImpl>
+shared_ptr<pib::PibImpl>
PibDataFixture::makePibWithIdentity(const Name& idName)
{
- auto pib = std::make_shared<PibMemory>();
+ auto pib = std::make_shared<pib::PibMemory>();
pib->addIdentity(idName);
return pib;
}
-shared_ptr<PibImpl>
+shared_ptr<pib::PibImpl>
PibDataFixture::makePibWithKey(const Name& keyName, span<const uint8_t> key)
{
- auto pib = std::make_shared<PibMemory>();
+ auto pib = std::make_shared<pib::PibMemory>();
pib->addIdentity(extractIdentityFromKeyName(keyName));
pib->addKey(extractIdentityFromKeyName(keyName), keyName, key);
return pib;
diff --git a/tests/unit/security/trust-anchor-container.t.cpp b/tests/unit/security/trust-anchor-container.t.cpp
index 0e76214..879ef40 100644
--- a/tests/unit/security/trust-anchor-container.t.cpp
+++ b/tests/unit/security/trust-anchor-container.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2023 Regents of the University of California.
+ * Copyright (c) 2013-2024 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -55,19 +55,20 @@
}
void
- checkFindByInterest(const Name& name, bool canBePrefix, std::optional<Certificate> expected) const
+ checkFindByInterest(const Name& name, bool canBePrefix,
+ const std::optional<Certificate>& expected) const
{
Interest interest(name);
interest.setCanBePrefix(canBePrefix);
- BOOST_TEST_CONTEXT(interest) {
- auto found = anchorContainer.find(interest);
- if (expected) {
- BOOST_REQUIRE(found != nullptr);
- BOOST_CHECK_EQUAL(found->getName(), expected->getName());
- }
- else {
- BOOST_CHECK(found == nullptr);
- }
+ BOOST_TEST_INFO_SCOPE("Interest = " << interest);
+
+ auto found = anchorContainer.find(interest);
+ if (expected) {
+ BOOST_REQUIRE(found != nullptr);
+ BOOST_CHECK_EQUAL(found->getName(), expected->getName());
+ }
+ else {
+ BOOST_CHECK(found == nullptr);
}
}
diff --git a/tests/unit/security/validation-policy-command-interest.t.cpp b/tests/unit/security/validation-policy-command-interest.t.cpp
index 657b830..069c1be 100644
--- a/tests/unit/security/validation-policy-command-interest.t.cpp
+++ b/tests/unit/security/validation-policy-command-interest.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2023 Regents of the University of California.
+ * Copyright (c) 2013-2024 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -38,26 +38,27 @@
struct CommandInterestDefaultOptions
{
- static ValidationPolicyCommandInterest::Options
+ static auto
getOptions()
{
- return {};
+ return ValidationPolicyCommandInterest::Options{};
}
};
-template<class T, class InnerPolicy>
+template<class ValidationOptions, class InnerPolicy>
class CommandInterestPolicyWrapper : public ValidationPolicyCommandInterest
{
public:
CommandInterestPolicyWrapper()
- : ValidationPolicyCommandInterest(make_unique<InnerPolicy>(), T::getOptions())
+ : ValidationPolicyCommandInterest(make_unique<InnerPolicy>(), ValidationOptions::getOptions())
{
}
};
-template<class T, class InnerPolicy = ValidationPolicySimpleHierarchy>
+template<class ValidationOptions = CommandInterestDefaultOptions,
+ class InnerPolicy = ValidationPolicySimpleHierarchy>
class ValidationPolicyCommandInterestFixture
- : public HierarchicalValidatorFixture<CommandInterestPolicyWrapper<T, InnerPolicy>>
+ : public HierarchicalValidatorFixture<CommandInterestPolicyWrapper<ValidationOptions, InnerPolicy>>
{
protected:
Interest
@@ -81,13 +82,12 @@
InterestSigner m_signer{this->m_keyChain};
};
-BOOST_FIXTURE_TEST_SUITE(TestValidationPolicyCommandInterest,
- ValidationPolicyCommandInterestFixture<CommandInterestDefaultOptions>)
+BOOST_FIXTURE_TEST_SUITE(TestValidationPolicyCommandInterest, ValidationPolicyCommandInterestFixture<>)
template<int secs>
struct GracePeriodSeconds
{
- static ValidationPolicyCommandInterest::Options
+ static auto
getOptions()
{
ValidationPolicyCommandInterest::Options options;
@@ -141,7 +141,8 @@
using ValidationPolicyAcceptAllCommands = ValidationPolicyCommandInterestFixture<CommandInterestDefaultOptions,
ValidationPolicyAcceptAll>;
-BOOST_FIXTURE_TEST_CASE(SignedWithSha256, ValidationPolicyAcceptAllCommands) // Bug 4635
+BOOST_FIXTURE_TEST_CASE(SignedWithSha256, ValidationPolicyAcceptAllCommands,
+ * ut::description("test for bug #4635"))
{
auto i1 = m_signer.makeCommandInterest("/hello/world/CMD", signingWithSha256());
VALIDATE_SUCCESS(i1, "Should succeed (within grace period)");
@@ -337,6 +338,19 @@
BOOST_AUTO_TEST_SUITE_END() // Rejects
+template<ssize_t count>
+struct MaxRecords
+{
+ static auto
+ getOptions()
+ {
+ ValidationPolicyCommandInterest::Options options;
+ options.gracePeriod = 15_s;
+ options.maxRecords = count;
+ return options;
+ }
+};
+
BOOST_AUTO_TEST_SUITE(Options)
using NonPositiveGracePeriods = boost::mp11::mp_list<GracePeriodSeconds<0>, GracePeriodSeconds<-1>>;
@@ -359,20 +373,7 @@
BOOST_TEST(this->lastError.getCode() == ValidationError::POLICY_ERROR);
}
-class LimitedRecordsOptions
-{
-public:
- static ValidationPolicyCommandInterest::Options
- getOptions()
- {
- ValidationPolicyCommandInterest::Options options;
- options.gracePeriod = 15_s;
- options.maxRecords = 3;
- return options;
- }
-};
-
-BOOST_FIXTURE_TEST_CASE(LimitedRecords, ValidationPolicyCommandInterestFixture<LimitedRecordsOptions>)
+BOOST_FIXTURE_TEST_CASE(LimitedRecords, ValidationPolicyCommandInterestFixture<MaxRecords<3>>)
{
Identity id1 = this->addSubCertificate("/Security/ValidatorFixture/Sub1", identity);
this->cache.insert(id1.getDefaultKey().getDefaultCertificate());
@@ -410,20 +411,7 @@
VALIDATE_SUCCESS(i01, "Should succeed despite timestamp is reordered, because record has been evicted");
}
-class UnlimitedRecordsOptions
-{
-public:
- static ValidationPolicyCommandInterest::Options
- getOptions()
- {
- ValidationPolicyCommandInterest::Options options;
- options.gracePeriod = 15_s;
- options.maxRecords = -1;
- return options;
- }
-};
-
-BOOST_FIXTURE_TEST_CASE(UnlimitedRecords, ValidationPolicyCommandInterestFixture<UnlimitedRecordsOptions>)
+BOOST_FIXTURE_TEST_CASE(UnlimitedRecords, ValidationPolicyCommandInterestFixture<MaxRecords<-1>>)
{
std::vector<Identity> identities;
for (size_t i = 0; i < 20; ++i) {
@@ -444,20 +432,7 @@
BOOST_TEST(lastError.getCode() == ValidationError::POLICY_ERROR);
}
-class ZeroRecordsOptions
-{
-public:
- static ValidationPolicyCommandInterest::Options
- getOptions()
- {
- ValidationPolicyCommandInterest::Options options;
- options.gracePeriod = 15_s;
- options.maxRecords = 0;
- return options;
- }
-};
-
-BOOST_FIXTURE_TEST_CASE(ZeroRecords, ValidationPolicyCommandInterestFixture<ZeroRecordsOptions>)
+BOOST_FIXTURE_TEST_CASE(ZeroRecords, ValidationPolicyCommandInterestFixture<MaxRecords<0>>)
{
auto i1 = makeCommandInterest(identity); // signed at 0s
advanceClocks(1_s);
@@ -468,10 +443,9 @@
VALIDATE_SUCCESS(i1, "Should succeed despite timestamp is reordered, because record isn't kept");
}
-class LimitedRecordLifetimeOptions
+struct LimitedRecordLifetimeOptions
{
-public:
- static ValidationPolicyCommandInterest::Options
+ static auto
getOptions()
{
ValidationPolicyCommandInterest::Options options;
@@ -500,15 +474,14 @@
VALIDATE_SUCCESS(i2, "Should succeed despite timestamp is reordered, because record has been expired");
}
-class ZeroRecordLifetimeOptions
+struct ZeroRecordLifetimeOptions
{
-public:
- static ValidationPolicyCommandInterest::Options
+ static auto
getOptions()
{
ValidationPolicyCommandInterest::Options options;
options.gracePeriod = 15_s;
- options.recordLifetime = time::seconds::zero();
+ options.recordLifetime = 0_s;
return options;
}
};
diff --git a/tests/unit/security/validation-policy-config.t.cpp b/tests/unit/security/validation-policy-config.t.cpp
index 031eff0..746ac90 100644
--- a/tests/unit/security/validation-policy-config.t.cpp
+++ b/tests/unit/security/validation-policy-config.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2023 Regents of the University of California.
+ * Copyright (c) 2013-2024 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -24,7 +24,6 @@
#include "ndn-cxx/security/transform/base64-encode.hpp"
#include "ndn-cxx/security/transform/buffer-source.hpp"
#include "ndn-cxx/security/transform/stream-sink.hpp"
-#include "ndn-cxx/util/io.hpp"
#include "tests/boost-test.hpp"
#include "tests/unit/security/validator-config/common.hpp"
@@ -57,44 +56,18 @@
VALIDATE_FAILURE(i, "Empty policy should reject everything");
}
-template<typename Packet>
-class PacketName;
-
-template<>
-class PacketName<Interest>
-{
-public:
- static std::string
- getName()
- {
- return "interest";
- }
-};
-
-template<>
-class PacketName<Data>
-{
-public:
- static std::string
- getName()
- {
- return "data";
- }
-};
-
template<typename PacketType>
class ValidationPolicyConfigFixture : public HierarchicalValidatorFixture<ValidationPolicyConfig>
{
public:
ValidationPolicyConfigFixture()
- : path(boost::filesystem::path(UNIT_TESTS_TMPDIR) / "security" / "validation-policy-config")
{
boost::filesystem::create_directories(path);
baseConfig = R"CONF(
rule
{
id test-rule-id
- for )CONF" + PacketName<Packet>::getName() + R"CONF(
+ for )CONF" + std::string(getPacketName()) + R"CONF(
filter
{
type name
@@ -115,11 +88,23 @@
boost::filesystem::remove_all(path);
}
-protected:
- using Packet = PacketType;
+private:
+ static constexpr std::string_view
+ getPacketName()
+ {
+ if constexpr (std::is_same_v<PacketType, Interest>)
+ return "interest";
+ else if constexpr (std::is_same_v<PacketType, Data>)
+ return "data";
+ else
+ return "";
+ }
- const boost::filesystem::path path;
+protected:
+ const boost::filesystem::path path{boost::filesystem::path(UNIT_TESTS_TMPDIR) / "security" / "validation-policy-config"};
std::string baseConfig;
+
+ using Packet = PacketType;
};
template<typename PacketType>
@@ -260,9 +245,8 @@
}
};
-class NoRefresh
+struct NoRefresh
{
-public:
static std::string
getRefreshString()
{
@@ -270,9 +254,8 @@
}
};
-class Refresh1h
+struct Refresh1h
{
-public:
static std::string
getRefreshString()
{
@@ -286,9 +269,8 @@
}
};
-class Refresh1m
+struct Refresh1m
{
-public:
static std::string
getRefreshString()
{
@@ -302,9 +284,8 @@
}
};
-class Refresh1s
+struct Refresh1s
{
-public:
static std::string
getRefreshString()
{
@@ -343,31 +324,20 @@
}
};
-using DataPolicies = boost::mp11::mp_list<
- LoadStringWithFileAnchor<Data>,
- LoadFileWithFileAnchor<Data>,
- LoadFileWithMultipleFileAnchors<Data>,
- LoadSectionWithFileAnchor<Data>,
- LoadStringWithBase64Anchor<Data>,
- LoadStringWithDirAnchor<Data>,
- LoadStringWithDirAnchor<Data, Refresh1h>,
- LoadStringWithDirAnchor<Data, Refresh1m>,
- LoadStringWithDirAnchor<Data, Refresh1s>
+template<typename PacketType>
+using Policies = boost::mp11::mp_list<
+ LoadStringWithFileAnchor<PacketType>,
+ LoadFileWithFileAnchor<PacketType>,
+ LoadFileWithMultipleFileAnchors<PacketType>,
+ LoadSectionWithFileAnchor<PacketType>,
+ LoadStringWithBase64Anchor<PacketType>,
+ LoadStringWithDirAnchor<PacketType>,
+ LoadStringWithDirAnchor<PacketType, Refresh1h>,
+ LoadStringWithDirAnchor<PacketType, Refresh1m>,
+ LoadStringWithDirAnchor<PacketType, Refresh1s>
>;
-using InterestPolicies = boost::mp11::mp_list<
- LoadStringWithFileAnchor<Interest>,
- LoadFileWithFileAnchor<Interest>,
- LoadFileWithMultipleFileAnchors<Interest>,
- LoadSectionWithFileAnchor<Interest>,
- LoadStringWithBase64Anchor<Interest>,
- LoadStringWithDirAnchor<Interest>,
- LoadStringWithDirAnchor<Interest, Refresh1h>,
- LoadStringWithDirAnchor<Interest, Refresh1m>,
- LoadStringWithDirAnchor<Interest, Refresh1s>
->;
-
-BOOST_FIXTURE_TEST_CASE_TEMPLATE(ValidateData, Policy, DataPolicies, Policy)
+BOOST_FIXTURE_TEST_CASE_TEMPLATE(ValidateData, Policy, Policies<Data>, Policy)
{
BOOST_CHECK_EQUAL(this->policy.m_dataRules.size(), 1);
BOOST_CHECK_EQUAL(this->policy.m_interestRules.size(), 0);
@@ -403,7 +373,7 @@
VALIDATE_FAILURE(packet, "Should fail, because subSelfSignedIdentity is not a trust anchor");
}
-BOOST_FIXTURE_TEST_CASE_TEMPLATE(ValidateInterest, Policy, InterestPolicies, Policy)
+BOOST_FIXTURE_TEST_CASE_TEMPLATE(ValidateInterest, Policy, Policies<Interest>, Policy)
{
BOOST_CHECK_EQUAL(this->policy.m_dataRules.size(), 0);
BOOST_CHECK_EQUAL(this->policy.m_interestRules.size(), 1);
@@ -736,9 +706,7 @@
using RefreshPolicies = boost::mp11::mp_list<Refresh1h, Refresh1m, Refresh1s>;
template<typename RefreshPolicy>
-class RefreshPolicyFixture : public LoadStringWithDirAnchor<Data, RefreshPolicy>
-{
-};
+using RefreshPolicyFixture = LoadStringWithDirAnchor<Data, RefreshPolicy>;
BOOST_FIXTURE_TEST_CASE_TEMPLATE(ValidateRefresh, Refresh, RefreshPolicies, RefreshPolicyFixture<Refresh>)
{
@@ -757,7 +725,8 @@
VALIDATE_FAILURE(packet, "Should fail, as the trust anchor should no longer exist");
}
-BOOST_FIXTURE_TEST_CASE(OrphanedPolicyLoad, HierarchicalValidatorFixture<ValidationPolicyConfig>) // Bug #4758
+BOOST_FIXTURE_TEST_CASE(OrphanedPolicyLoad, HierarchicalValidatorFixture<ValidationPolicyConfig>,
+ * ut::description("test for bug #4758"))
{
using ndn::security::validator_config::Error;
diff --git a/tests/unit/security/validation-policy-signed-interest.t.cpp b/tests/unit/security/validation-policy-signed-interest.t.cpp
index 2cd91a7..75d1f5e 100644
--- a/tests/unit/security/validation-policy-signed-interest.t.cpp
+++ b/tests/unit/security/validation-policy-signed-interest.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2023 Regents of the University of California.
+ * Copyright (c) 2013-2024 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -22,7 +22,6 @@
#include "ndn-cxx/security/validation-policy-signed-interest.hpp"
#include "ndn-cxx/security/interest-signer.hpp"
-#include "ndn-cxx/security/validation-policy-accept-all.hpp"
#include "ndn-cxx/security/validation-policy-simple-hierarchy.hpp"
#include "tests/test-common.hpp"
@@ -38,47 +37,46 @@
struct SignedInterestDefaultOptions
{
- static ValidationPolicySignedInterest::Options
+ static auto
getOptions()
{
- return {};
+ return ValidationPolicySignedInterest::Options{};
}
};
-template<class T, class InnerPolicy>
+template<class ValidationOptions, class InnerPolicy>
class SignedInterestPolicyWrapper : public ValidationPolicySignedInterest
{
public:
SignedInterestPolicyWrapper()
- : ValidationPolicySignedInterest(make_unique<InnerPolicy>(), T::getOptions())
+ : ValidationPolicySignedInterest(make_unique<InnerPolicy>(), ValidationOptions::getOptions())
{
}
};
-template<class T, class InnerPolicy = ValidationPolicySimpleHierarchy>
+template<class ValidationOptions = SignedInterestDefaultOptions,
+ class InnerPolicy = ValidationPolicySimpleHierarchy>
class ValidationPolicySignedInterestFixture
- : public HierarchicalValidatorFixture<SignedInterestPolicyWrapper<T, InnerPolicy>>
+ : public HierarchicalValidatorFixture<SignedInterestPolicyWrapper<ValidationOptions, InnerPolicy>>
{
protected:
Interest
- makeSignedInterest(const Identity& identity,
+ makeSignedInterest(const Identity& id,
uint32_t signingFlags = InterestSigner::WantNonce | InterestSigner::WantTime)
{
- Interest i(Name(identity.getName()).append("CMD"));
- m_signer.makeSignedInterest(i, signingByIdentity(identity), signingFlags);
- return i;
+ Interest interest(Name(id.getName()).append("CMD"));
+ m_signer.makeSignedInterest(interest, signingByIdentity(id), signingFlags);
+ return interest;
}
protected:
InterestSigner m_signer{this->m_keyChain};
-
static constexpr uint32_t WantAll = InterestSigner::WantNonce |
- InterestSigner::WantTime |
- InterestSigner::WantSeqNum;
+ InterestSigner::WantTime |
+ InterestSigner::WantSeqNum;
};
-BOOST_FIXTURE_TEST_SUITE(TestValidationPolicySignedInterest,
- ValidationPolicySignedInterestFixture<SignedInterestDefaultOptions>)
+BOOST_FIXTURE_TEST_SUITE(TestValidationPolicySignedInterest, ValidationPolicySignedInterestFixture<>)
BOOST_AUTO_TEST_CASE(Basic)
{
@@ -114,7 +112,7 @@
template<ssize_t count>
struct MaxRecordCount
{
- static ValidationPolicySignedInterest::Options
+ static auto
getOptions()
{
ValidationPolicySignedInterest::Options options;
@@ -194,6 +192,29 @@
VALIDATE_SUCCESS(i1, "Should succeed despite timestamp reordering, as records aren't kept");
}
+struct DisabledTimestampValidation
+{
+ static auto
+ getOptions()
+ {
+ ValidationPolicySignedInterest::Options options;
+ options.shouldValidateTimestamps = false;
+ return options;
+ }
+};
+
+template<int secs>
+struct GracePeriodSeconds
+{
+ static auto
+ getOptions()
+ {
+ ValidationPolicySignedInterest::Options options;
+ options.timestampGracePeriod = time::seconds(secs);
+ return options;
+ }
+};
+
BOOST_AUTO_TEST_SUITE(TimestampValidation)
BOOST_AUTO_TEST_CASE(MissingTimestamp)
@@ -203,19 +224,7 @@
BOOST_TEST(lastError.getCode() == ValidationError::POLICY_ERROR);
}
-struct DisabledTimestampValidationOptions
-{
- static ValidationPolicySignedInterest::Options
- getOptions()
- {
- ValidationPolicySignedInterest::Options options;
- options.shouldValidateTimestamps = false;
- return options;
- }
-};
-
-BOOST_FIXTURE_TEST_CASE(Disabled,
- ValidationPolicySignedInterestFixture<DisabledTimestampValidationOptions>)
+BOOST_FIXTURE_TEST_CASE(Disabled, ValidationPolicySignedInterestFixture<DisabledTimestampValidation>)
{
auto i1 = makeSignedInterest(identity); // signed at 0ms
advanceClocks(100_ms);
@@ -229,18 +238,6 @@
VALIDATE_SUCCESS(i2, "Should succeed");
}
-template<int secs>
-struct GracePeriodSeconds
-{
- static ValidationPolicySignedInterest::Options
- getOptions()
- {
- ValidationPolicySignedInterest::Options options;
- options.timestampGracePeriod = time::seconds(secs);
- return options;
- }
-};
-
BOOST_FIXTURE_TEST_CASE(TimestampTooOld, ValidationPolicySignedInterestFixture<GracePeriodSeconds<15>>)
{
auto i1 = makeSignedInterest(identity); // signed at 0s
@@ -346,6 +343,17 @@
BOOST_AUTO_TEST_SUITE_END() // TimestampValidation
+struct EnabledSeqNumValidation
+{
+ static auto
+ getOptions()
+ {
+ ValidationPolicySignedInterest::Options options;
+ options.shouldValidateSeqNums = true;
+ return options;
+ }
+};
+
BOOST_AUTO_TEST_SUITE(SeqNumValidation)
// By default, sequence number validation is disabled
@@ -362,27 +370,14 @@
VALIDATE_SUCCESS(i2, "Should succeed");
}
-struct SeqNumValidationOptions
-{
- static ValidationPolicySignedInterest::Options
- getOptions()
- {
- ValidationPolicySignedInterest::Options options;
- options.shouldValidateSeqNums = true;
- return options;
- }
-};
-
-BOOST_FIXTURE_TEST_CASE(MissingSeqNum,
- ValidationPolicySignedInterestFixture<SeqNumValidationOptions>)
+BOOST_FIXTURE_TEST_CASE(MissingSeqNum, ValidationPolicySignedInterestFixture<EnabledSeqNumValidation>)
{
auto i1 = makeSignedInterest(identity, InterestSigner::WantTime);
VALIDATE_FAILURE(i1, "Should fail (sequence number missing");
BOOST_TEST(lastError.getCode() == ValidationError::POLICY_ERROR);
}
-BOOST_FIXTURE_TEST_CASE(SeqNumReorder,
- ValidationPolicySignedInterestFixture<SeqNumValidationOptions>)
+BOOST_FIXTURE_TEST_CASE(SeqNumReorder, ValidationPolicySignedInterestFixture<EnabledSeqNumValidation>)
{
auto i1 = makeSignedInterest(identity, WantAll); // seq num is i
VALIDATE_SUCCESS(i1, "Should succeed");
@@ -400,6 +395,31 @@
BOOST_AUTO_TEST_SUITE_END() // SeqNumValidation
+struct DisabledNonceValidation
+{
+ static auto
+ getOptions()
+ {
+ ValidationPolicySignedInterest::Options options;
+ options.shouldValidateNonces = false;
+ return options;
+ }
+};
+
+template<ssize_t count>
+struct MaxNonceRecordCount
+{
+ static auto
+ getOptions()
+ {
+ ValidationPolicySignedInterest::Options options;
+ options.shouldValidateTimestamps = false;
+ options.shouldValidateSeqNums = false;
+ options.maxNonceRecordCount = count;
+ return options;
+ }
+};
+
BOOST_AUTO_TEST_SUITE(NonceValidation)
BOOST_AUTO_TEST_CASE(MissingNonce)
@@ -429,19 +449,7 @@
VALIDATE_SUCCESS(i3, "Should succeed");
}
-struct DisabledNonceValidationOptions
-{
- static ValidationPolicySignedInterest::Options
- getOptions()
- {
- ValidationPolicySignedInterest::Options options;
- options.shouldValidateNonces = false;
- return options;
- }
-};
-
-BOOST_FIXTURE_TEST_CASE(Disabled,
- ValidationPolicySignedInterestFixture<DisabledNonceValidationOptions>)
+BOOST_FIXTURE_TEST_CASE(Disabled, ValidationPolicySignedInterestFixture<DisabledNonceValidation>)
{
auto i1 = makeSignedInterest(identity, WantAll ^ InterestSigner::WantNonce);
VALIDATE_SUCCESS(i1, "Should succeed");
@@ -460,21 +468,7 @@
VALIDATE_SUCCESS(i3, "Should succeed");
}
-struct NonceLimit2Options
-{
- static ValidationPolicySignedInterest::Options
- getOptions()
- {
- ValidationPolicySignedInterest::Options options;
- options.shouldValidateTimestamps = false;
- options.shouldValidateSeqNums = false;
- options.maxNonceRecordCount = 2;
- return options;
- }
-};
-
-BOOST_FIXTURE_TEST_CASE(NonceRecordLimit,
- ValidationPolicySignedInterestFixture<NonceLimit2Options>)
+BOOST_FIXTURE_TEST_CASE(NonceRecordLimit, ValidationPolicySignedInterestFixture<MaxNonceRecordCount<2>>)
{
auto i1 = makeSignedInterest(identity, WantAll);
VALIDATE_SUCCESS(i1, "Should succeed");
diff --git a/tests/unit/security/validator-config.t.cpp b/tests/unit/security/validator-config.t.cpp
index 7cdfa53..3cfb122 100644
--- a/tests/unit/security/validator-config.t.cpp
+++ b/tests/unit/security/validator-config.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2023 Regents of the University of California.
+ * Copyright (c) 2013-2024 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -124,8 +124,8 @@
BOOST_AUTO_TEST_SUITE_END() // Loads
-
-BOOST_FIXTURE_TEST_CASE(ValidateCommandInterestWithDigestSha256, ValidatorConfigFixture) // Bug 4635
+BOOST_FIXTURE_TEST_CASE(ValidateCommandInterestWithDigestSha256, ValidatorConfigFixture,
+ * ut::description("test for bug #4635"))
{
validator.load(configFile);
diff --git a/tests/unit/security/validator-config/checker.t.cpp b/tests/unit/security/validator-config/checker.t.cpp
index d7e2fb9..523f1a2 100644
--- a/tests/unit/security/validator-config/checker.t.cpp
+++ b/tests/unit/security/validator-config/checker.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2023 Regents of the University of California.
+ * Copyright (c) 2013-2024 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -64,14 +64,15 @@
static void
testChecker(C& checker, tlv::SignatureTypeValue sigType, const Name& pktName, const Name& klName, bool expectedOutcome)
{
- BOOST_TEST_CONTEXT("pkt=" << pktName << " kl=" << klName) {
- auto state = PktType::makeState();
- auto result = checker.check(PktType::getType(), sigType, pktName, klName, *state);
- BOOST_CHECK_EQUAL(bool(result), expectedOutcome);
- BOOST_CHECK(boost::logic::indeterminate(state->getOutcome()));
- if (!result) {
- BOOST_CHECK_NE(result.getErrorMessage(), "");
- }
+ BOOST_TEST_INFO_SCOPE("Packet = " << pktName);
+ BOOST_TEST_INFO_SCOPE("KeyLocator = " << klName);
+
+ auto state = PktType::makeState();
+ auto result = checker.check(PktType::getType(), sigType, pktName, klName, *state);
+ BOOST_CHECK_EQUAL(bool(result), expectedOutcome);
+ BOOST_CHECK(boost::logic::indeterminate(state->getOutcome()));
+ if (!result) {
+ BOOST_CHECK_NE(result.getErrorMessage(), "");
}
}
diff --git a/tests/unit/security/validator-config/rule.t.cpp b/tests/unit/security/validator-config/rule.t.cpp
index 434a0c9..49fdde2 100644
--- a/tests/unit/security/validator-config/rule.t.cpp
+++ b/tests/unit/security/validator-config/rule.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2023 Regents of the University of California.
+ * Copyright (c) 2013-2024 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -95,20 +95,21 @@
BOOST_FIXTURE_TEST_CASE_TEMPLATE(Checkers, PktType, PktTypes, RuleFixture<PktType>)
{
auto testChecker = [this] (const Name& klName, bool expectedOutcome) {
- BOOST_TEST_CONTEXT(klName << " expected=" << expectedOutcome) {
- this->state = PktType::makeState(); // reset state
- BOOST_CHECK_EQUAL(this->rule.check(PktType::getType(), tlv::SignatureSha256WithRsa,
- this->pktName, klName, this->state),
- expectedOutcome);
+ BOOST_TEST_INFO_SCOPE("Name = " << klName);
+ BOOST_TEST_INFO_SCOPE("Expected = " << expectedOutcome);
- auto outcome = this->state->getOutcome();
- if (expectedOutcome) {
- BOOST_CHECK(boost::logic::indeterminate(outcome));
- }
- else {
- BOOST_CHECK(!boost::logic::indeterminate(outcome));
- BOOST_CHECK(!bool(outcome));
- }
+ this->state = PktType::makeState(); // reset state
+ BOOST_CHECK_EQUAL(this->rule.check(PktType::getType(), tlv::SignatureSha256WithRsa,
+ this->pktName, klName, this->state),
+ expectedOutcome);
+
+ auto outcome = this->state->getOutcome();
+ if (expectedOutcome) {
+ BOOST_CHECK(boost::logic::indeterminate(outcome));
+ }
+ else {
+ BOOST_CHECK(!boost::logic::indeterminate(outcome));
+ BOOST_CHECK(!bool(outcome));
}
};
diff --git a/tests/unit/security/verification-helpers.t.cpp b/tests/unit/security/verification-helpers.t.cpp
index 0e34bcd..fa8be69 100644
--- a/tests/unit/security/verification-helpers.t.cpp
+++ b/tests/unit/security/verification-helpers.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2023 Regents of the University of California.
+ * Copyright (c) 2013-2024 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -21,13 +21,15 @@
#include "ndn-cxx/security/verification-helpers.hpp"
#include "ndn-cxx/security/transform/public-key.hpp"
-// #include "ndn-cxx/util/string-helper.hpp"
+#include "ndn-cxx/util/string-helper.hpp"
#include "tests/key-chain-fixture.hpp"
#include "tests/test-common.hpp"
#include <boost/mp11/list.hpp>
+#include <iostream>
+
namespace ndn::tests {
using namespace ndn::security;
@@ -35,95 +37,108 @@
BOOST_AUTO_TEST_SUITE(Security)
BOOST_AUTO_TEST_SUITE(TestVerificationHelpers)
-// // Use this test case to regenerate the dataset if the signature format changes
-// BOOST_FIXTURE_TEST_CASE(Generator, KeyChainFixture)
-// {
-// Identity wrongIdentity = m_keyChain.createIdentity("/Security/TestVerificationHelpers/Wrong");
-// const std::map<std::string, SigningInfo> identities = {
-// {"Ecdsa", signingByIdentity(m_keyChain.createIdentity("/Security/TestVerificationHelpers/EC", EcKeyParams()))},
-// {"Rsa", signingByIdentity(m_keyChain.createIdentity("/Security/TestVerificationHelpers/RSA", RsaKeyParams()))},
-// {"Sha256", signingWithSha256()}
-// };
+// Use this test case to regenerate the datasets if the signature format changes
+BOOST_FIXTURE_TEST_CASE(GenerateTestData, KeyChainFixture,
+ * ut::description("regenerates the static test data used by other test cases")
+ * ut::disabled()
+ * ut::label("generator"))
+{
+ auto wrongIdentity = m_keyChain.createIdentity("/Security/TestVerificationHelpers/Wrong");
+ const std::map<std::string, SigningInfo> identities = {
+ {"Ecdsa", signingByIdentity(m_keyChain.createIdentity("/Security/TestVerificationHelpers/EC", EcKeyParams()))},
+ {"Rsa", signingByIdentity(m_keyChain.createIdentity("/Security/TestVerificationHelpers/RSA", RsaKeyParams()))},
+ {"Sha256", signingWithSha256()}
+ };
-// auto print = [] (const std::string& name, span<const uint8_t> buf) {
-// std::cout << " const Block " + name + "{{\n ";
+ auto print = [] (std::string_view name, span<const uint8_t> buf) {
+ auto hex = toHex(buf);
+ std::cout << " const Block " << name << "{{\n ";
-// std::string hex = toHex(buf);
+ for (size_t i = 0; i < hex.size(); i++) {
+ if (i > 0 && i % 32 == 0)
+ std::cout << "\n ";
-// for (size_t i = 0; i < hex.size(); i++) {
-// if (i > 0 && i % 32 == 0)
-// std::cout << "\n ";
+ std::cout << "0x" << hex[i];
+ std::cout << hex[++i];
-// std::cout << "0x" << hex[i];
-// std::cout << hex[++i];
+ if ((i + 1) != hex.size())
+ std::cout << ", ";
+ }
+ std::cout << "\n }};";
+ };
-// if ((i + 1) != hex.size())
-// std::cout << ", ";
-// }
-// std::cout << "\n }};";
-// };
+ for (const auto& i : identities) {
+ const std::string& type = i.first;
+ const SigningInfo& signingInfo = i.second;
-// for (const auto& i : identities) {
-// const std::string& type = i.first;
-// const SigningInfo& signingInfo = i.second;
+ std::cout << "struct " << type << "Dataset\n{\n";
-// std::cout << "struct " + type + "Dataset\n{\n";
-// std::cout << " const std::string name = \"" << type << "\";\n";
+ if (signingInfo.getSignerType() == SigningInfo::SIGNER_TYPE_ID) {
+ print("cert", signingInfo.getPibIdentity().getDefaultKey().getDefaultCertificate().wireEncode());
+ }
+ else {
+ print("cert", {});
+ }
+ std::cout << "\n";
-// if (signingInfo.getSignerType() == SigningInfo::SIGNER_TYPE_ID) {
-// print("cert", signingInfo.getPibIdentity().getDefaultKey().getDefaultCertificate().wireEncode());
-// }
-// else {
-// print("cert", {});
-// }
-// std::cout << "\n";
+ // Create data that can be verified by cert
+ Data data(Name("/test/data").append(type));
+ m_keyChain.sign(data, signingInfo);
+ print("goodData", data.wireEncode());
+ std::cout << "\n";
-// // Create data that can be verified by cert
-// Data data(Name("/test/data").append(type));
-// m_keyChain.sign(data, signingInfo);
-// print("goodData", data.wireEncode());
-// std::cout << "\n";
+ // Create data that cannot be verified by cert
+ m_keyChain.sign(data, signingByIdentity(wrongIdentity));
+ print("badSigData", data.wireEncode());
+ std::cout << "\n";
-// // Create data that cannot be verified by cert
-// m_keyChain.sign(data, signingByIdentity(wrongIdentity));
-// print("badSigData", data.wireEncode());
-// std::cout << "\n";
+ // Create interest that can be verified by cert
+ Interest interest1(Name("/test/interest").append(type));
+ SigningInfo signingInfoV03(signingInfo);
+ signingInfoV03.setSignedInterestFormat(SignedInterestFormat::V03);
+ interest1.setNonce(0xF72C8A4B);
+ m_keyChain.sign(interest1, signingInfoV03);
+ print("goodInterest", interest1.wireEncode());
+ std::cout << "\n";
-// // Create interest that can be verified by cert
-// Interest interest1(Name("/test/interest").append(type));
-// SigningInfo signingInfoV03(signingInfo);
-// signingInfoV03.setSignedInterestFormat(SignedInterestFormat::V03);
-// interest1.setNonce(0xF72C8A4B);
-// m_keyChain.sign(interest1, signingInfoV03);
-// print("goodInterest", interest1.wireEncode());
-// std::cout << "\n";
+ // Create interest that cannot be verified by cert
+ m_keyChain.sign(interest1,
+ signingByIdentity(wrongIdentity).setSignedInterestFormat(SignedInterestFormat::V03));
+ print("badSigInterest", interest1.wireEncode());
+ std::cout << "\n";
-// // Create interest that cannot be verified by cert
-// m_keyChain.sign(interest1, signingByIdentity(wrongIdentity)
-// .setSignedInterestFormat(SignedInterestFormat::V03));
-// print("badSigInterest", interest1.wireEncode());
-// std::cout << "\n";
+ // Create interest that can be verified by cert (old signed Interest format)
+ Interest interest2(Name("/test/interest").append(type));
+ SigningInfo signingInfoV02(signingInfo);
+ signingInfoV02.setSignedInterestFormat(SignedInterestFormat::V03);
+ interest2.setNonce(0xF72C8A4B);
+ m_keyChain.sign(interest2, signingInfoV02);
+ print("goodInterestOldFormat", interest2.wireEncode());
+ std::cout << "\n";
-// // Create interest that can be verified by cert (old signed Interest format)
-// Interest interest2(Name("/test/interest").append(type));
-// SigningInfo signingInfoV02(signingInfo);
-// signingInfoV02.setSignedInterestFormat(SignedInterestFormat::V03);
-// interest2.setNonce(0xF72C8A4B);
-// m_keyChain.sign(interest2, signingInfoV02);
-// print("goodInterestOldFormat", interest2.wireEncode());
-// std::cout << "\n";
+ // Create interest that cannot be verified by cert (old signed Interest format)
+ m_keyChain.sign(interest2,
+ signingByIdentity(wrongIdentity).setSignedInterestFormat(SignedInterestFormat::V02));
+ print("badSigInterestOldFormat", interest2.wireEncode());
+ std::cout << "\n};\n\n";
+ }
+}
-// // Create interest that cannot be verified by cert (old signed Interest format)
-// m_keyChain.sign(interest2, signingByIdentity(wrongIdentity)
-// .setSignedInterestFormat(SignedInterestFormat::V02));
-// print("badSigInterestOldFormat", interest2.wireEncode());
-// std::cout << "\n};\n\n";
-// }
-// }
+// Note about the datasets below:
+// - .cert a valid certificate
+// - .goodData is a Data packet that can be verified against .cert
+// - .badSigData a valid and signed Data packet that cannot be verified against cert (signed using
+// a different private key)
+// - .goodInterest is an Interest packet that can be verified against .cert
+// - .badSigInterest is a valid and signed Interest packet that cannot be verified against .cert
+// (signed using a different private key)
+// - .goodInterestOldFormat is an Interest packet that can be verified against .cert (in the old
+// signed Interest format)
+// - .badSigInterestOldFormat is a valid and signed Interest packet that cannot be verified against
+// .cert (signed using a different private key and in the old signed Interest format)
struct EcdsaDataset
{
- const std::string name = "Ecdsa";
const Block cert{{
0x06, 0xFD, 0x01, 0x62, 0x07, 0x47, 0x08, 0x08, 0x53, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79,
0x08, 0x17, 0x54, 0x65, 0x73, 0x74, 0x56, 0x65, 0x72, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69,
@@ -249,7 +264,6 @@
struct RsaDataset
{
- const std::string name = "Rsa";
const Block cert{{
0x06, 0xFD, 0x02, 0xED, 0x07, 0x48, 0x08, 0x08, 0x53, 0x65, 0x63, 0x75, 0x72, 0x69, 0x74, 0x79,
0x08, 0x17, 0x54, 0x65, 0x73, 0x74, 0x56, 0x65, 0x72, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69,
@@ -446,7 +460,6 @@
struct Sha256Dataset
{
- const std::string name = "Sha256";
const Block cert{{
}};
const Block goodData{{
@@ -522,19 +535,6 @@
}};
};
-// Note about the datasets:
-// - .cert a valid certificate
-// - .goodData is a Data packet that can be verified against .cert
-// - .badSigData a valid and signed Data packet that cannot be verified against cert (signed using
-// a different private key)
-// - .goodInterest is an Interest packet that can be verified against .cert
-// - .badSigInterest is a valid and signed Interest packet that cannot be verified against .cert
-// (signed using a different private key)
-// - .goodInterestOldFormat is an Interest packet that can be verified against .cert (in the old
-// signed Interest format)
-// - .badSigInterestOldFormat is a valid and signed Interest packet that cannot be verified against
-// .cert (signed using a different private key and in the old signed Interest format)
-
using SignatureDatasets = boost::mp11::mp_list<EcdsaDataset, RsaDataset>;
BOOST_AUTO_TEST_CASE_TEMPLATE(VerifySignature, Dataset, SignatureDatasets)
@@ -587,8 +587,8 @@
BOOST_CHECK(!verifySignature(unsignedData, invalidKey));
BOOST_CHECK(!verifySignature(unsignedInterest1, invalidKey));
- // - base version of verifySignature is tested transitively
- // - pib::Key version is tested as part of key-chain.t.cpp (Security/TestKeyChain)
+ // - base version of verifySignature() is tested transitively
+ // - pib::Key version is tested in key-chain.t.cpp (Security/TestKeyChain)
}
BOOST_FIXTURE_TEST_CASE(VerifyHmac, KeyChainFixture)
@@ -663,7 +663,8 @@
0x02, 0x03, 0x04
};
-BOOST_AUTO_TEST_CASE(VerifyWithUnrecognizedElements) // Bug #4583
+BOOST_AUTO_TEST_CASE(VerifyWithUnrecognizedElements,
+ * ut::description("test for bug #4583"))
{
Data data(Block{sha256DataUnrecognizedElements});
Interest interest(Block{sha256InterestUnrecognizedElements});