security: support new signed Interest format in Validator
refs #4804
Change-Id: I0391709dc1486c8156c03cf8e9d94e6cfbe30303
diff --git a/tests/unit/security/validation-policy-command-interest.t.cpp b/tests/unit/security/validation-policy-command-interest.t.cpp
index da6ced7..af9bc2a 100644
--- a/tests/unit/security/validation-policy-command-interest.t.cpp
+++ b/tests/unit/security/validation-policy-command-interest.t.cpp
@@ -71,10 +71,18 @@
}
Interest
- makeCommandInterest(const Identity& identity)
+ makeCommandInterest(const Identity& identity, bool wantV3 = false)
{
- return m_signer.makeCommandInterest(Name(identity.getName()).append("CMD"),
- signingByIdentity(identity));
+ if (wantV3) {
+ Interest i(Name(identity.getName()).append("CMD"));
+ i.setCanBePrefix(false);
+ m_signer.makeSignedInterest(i, signingByIdentity(identity));
+ return i;
+ }
+ else {
+ return m_signer.makeCommandInterest(Name(identity.getName()).append("CMD"),
+ signingByIdentity(identity));
+ }
}
public:
@@ -99,6 +107,22 @@
VALIDATE_FAILURE(i3, "Should fail (Sha256 signature violates policy)");
}
+BOOST_AUTO_TEST_CASE(BasicV3)
+{
+ auto i1 = makeCommandInterest(identity, true);
+ VALIDATE_SUCCESS(i1, "Should succeed (within grace period)");
+ VALIDATE_FAILURE(i1, "Should fail (replay attack)");
+
+ advanceClocks(5_ms);
+ auto i2 = makeCommandInterest(identity, true);
+ VALIDATE_SUCCESS(i2, "Should succeed (timestamp larger than previous)");
+
+ Interest i3(Name(identity.getName()).append("CMD"));
+ i3.setCanBePrefix(false);
+ m_signer.makeSignedInterest(i3, signingWithSha256());
+ VALIDATE_FAILURE(i3, "Should fail (Sha256 signature violates policy)");
+}
+
BOOST_AUTO_TEST_CASE(DataPassthru)
{
Data d1("/Security/ValidatorFixture/Sub1");