security: support new signed Interest format in Validator
refs #4804
Change-Id: I0391709dc1486c8156c03cf8e9d94e6cfbe30303
diff --git a/tests/unit/security/validator-config/checker.t.cpp b/tests/unit/security/validator-config/checker.t.cpp
index a5fb205..55e48a1 100644
--- a/tests/unit/security/validator-config/checker.t.cpp
+++ b/tests/unit/security/validator-config/checker.t.cpp
@@ -51,12 +51,6 @@
}
static Name
- makeSignedInterestName(const Name& name)
- {
- return Name(name).append("SignatureInfo").append("SignatureValue");
- }
-
- static Name
makeKeyLocatorName(const Name& name)
{
return Name(name).append("KEY").append("v=1");
@@ -329,28 +323,65 @@
Hierarchical,
CustomizedNameRelation, CustomizedRegex, CustomizedHyperRelation>;
-BOOST_FIXTURE_TEST_CASE_TEMPLATE(Checks, T, Tests, T)
+BOOST_FIXTURE_TEST_CASE_TEMPLATE(DataChecks, T, Tests, T)
{
using namespace ndn::security::v2::tests;
+ using PktType = DataPkt;
BOOST_REQUIRE_EQUAL(this->outcomes.size(), this->names.size());
for (size_t i = 0; i < this->names.size(); ++i) {
BOOST_REQUIRE_EQUAL(this->outcomes[i].size(), this->names.size());
for (size_t j = 0; j < this->names.size(); ++j) {
- const Name& pktName = this->names[i];
- Name klName = this->makeKeyLocatorName(this->names[j]);
+ auto pktName = PktType::makeName(this->names[i], this->m_keyChain);
+ auto klName = this->makeKeyLocatorName(this->names[j]);
bool expectedOutcome = this->outcomes[i][j];
- auto dataState = make_shared<DummyValidationState>();
- BOOST_CHECK_EQUAL(this->checker.check(tlv::Data, pktName, klName, dataState), expectedOutcome);
- BOOST_CHECK_EQUAL(boost::logic::indeterminate(dataState->getOutcome()), expectedOutcome);
- BOOST_CHECK_EQUAL(bool(dataState->getOutcome()), false);
+ auto state = PktType::makeState();
+ BOOST_CHECK_EQUAL(this->checker.check(PktType::getType(), pktName, klName, state), expectedOutcome);
+ BOOST_CHECK_EQUAL(boost::logic::indeterminate(state->getOutcome()), expectedOutcome);
+ BOOST_CHECK_EQUAL(bool(state->getOutcome()), false);
+ }
+ }
+}
- auto interestState = make_shared<DummyValidationState>();
- BOOST_CHECK_EQUAL(this->checker.check(tlv::Interest, this->makeSignedInterestName(pktName),
- klName, interestState), expectedOutcome);
- BOOST_CHECK_EQUAL(boost::logic::indeterminate(interestState->getOutcome()), expectedOutcome);
- BOOST_CHECK_EQUAL(bool(interestState->getOutcome()), false);
+BOOST_FIXTURE_TEST_CASE_TEMPLATE(InterestV02Checks, T, Tests, T)
+{
+ using namespace ndn::security::v2::tests;
+ using PktType = InterestV02Pkt;
+
+ BOOST_REQUIRE_EQUAL(this->outcomes.size(), this->names.size());
+ for (size_t i = 0; i < this->names.size(); ++i) {
+ BOOST_REQUIRE_EQUAL(this->outcomes[i].size(), this->names.size());
+ for (size_t j = 0; j < this->names.size(); ++j) {
+ auto pktName = PktType::makeName(this->names[i], this->m_keyChain);
+ auto klName = this->makeKeyLocatorName(this->names[j]);
+ bool expectedOutcome = this->outcomes[i][j];
+
+ auto state = PktType::makeState();
+ BOOST_CHECK_EQUAL(this->checker.check(PktType::getType(), pktName, klName, state), expectedOutcome);
+ BOOST_CHECK_EQUAL(boost::logic::indeterminate(state->getOutcome()), expectedOutcome);
+ BOOST_CHECK_EQUAL(bool(state->getOutcome()), false);
+ }
+ }
+}
+
+BOOST_FIXTURE_TEST_CASE_TEMPLATE(InterestV03Checks, T, Tests, T)
+{
+ using namespace ndn::security::v2::tests;
+ using PktType = InterestV03Pkt;
+
+ BOOST_REQUIRE_EQUAL(this->outcomes.size(), this->names.size());
+ for (size_t i = 0; i < this->names.size(); ++i) {
+ BOOST_REQUIRE_EQUAL(this->outcomes[i].size(), this->names.size());
+ for (size_t j = 0; j < this->names.size(); ++j) {
+ auto pktName = PktType::makeName(this->names[i], this->m_keyChain);
+ auto klName = this->makeKeyLocatorName(this->names[j]);
+ bool expectedOutcome = this->outcomes[i][j];
+
+ auto state = PktType::makeState();
+ BOOST_CHECK_EQUAL(this->checker.check(PktType::getType(), pktName, klName, state), expectedOutcome);
+ BOOST_CHECK_EQUAL(boost::logic::indeterminate(state->getOutcome()), expectedOutcome);
+ BOOST_CHECK_EQUAL(bool(state->getOutcome()), false);
}
}
}
diff --git a/tests/unit/security/validator-config/filter.t.cpp b/tests/unit/security/validator-config/filter.t.cpp
index 2b3bf6d..9f6029e 100644
--- a/tests/unit/security/validator-config/filter.t.cpp
+++ b/tests/unit/security/validator-config/filter.t.cpp
@@ -20,11 +20,11 @@
*/
#include "ndn-cxx/security/validator-config/filter.hpp"
-#include "ndn-cxx/security/command-interest-signer.hpp"
#include "tests/boost-test.hpp"
#include "tests/identity-management-fixture.hpp"
#include "tests/unit/security/validator-config/common.hpp"
+#include "tests/unit/security/validator-fixture.hpp"
namespace ndn {
namespace security {
@@ -33,33 +33,38 @@
namespace tests {
using namespace ndn::tests;
+using namespace ndn::security::v2::tests;
BOOST_AUTO_TEST_SUITE(Security)
BOOST_AUTO_TEST_SUITE(ValidatorConfig)
-class FilterFixture : public IdentityManagementFixture
-{
-public:
- Interest
- makeSignedInterest(const Name& name)
- {
- Interest interest(name);
- m_keyChain.sign(interest);
- return interest;
- }
-};
+BOOST_FIXTURE_TEST_SUITE(TestFilter, IdentityManagementFixture)
-BOOST_FIXTURE_TEST_SUITE(TestFilter, FilterFixture)
-
-#define CHECK_FOR_MATCHES(filter, same, longer, shorter, different) \
- BOOST_CHECK_EQUAL(filter.match(tlv::Interest, makeSignedInterest("/foo/bar").getName()), same); \
- BOOST_CHECK_EQUAL(filter.match(tlv::Data, Data("/foo/bar").getName()), same); \
- BOOST_CHECK_EQUAL(filter.match(tlv::Interest, makeSignedInterest("/foo/bar/bar").getName()), longer); \
- BOOST_CHECK_EQUAL(filter.match(tlv::Data, Data("/foo/bar/bar").getName()), longer); \
- BOOST_CHECK_EQUAL(filter.match(tlv::Interest, makeSignedInterest("/foo").getName()), shorter); \
- BOOST_CHECK_EQUAL(filter.match(tlv::Data, Data("/foo").getName()), shorter); \
- BOOST_CHECK_EQUAL(filter.match(tlv::Interest, makeSignedInterest("/other/prefix").getName()), different); \
- BOOST_CHECK_EQUAL(filter.match(tlv::Data, Data("/other/prefix").getName()), different);
+#define CHECK_FOR_MATCHES(filter, same, longer, shorter, different) \
+ BOOST_CHECK_EQUAL(filter.match(tlv::Interest, InterestV02Pkt::makeName("/foo/bar", m_keyChain), \
+ InterestV02Pkt::makeState()), same); \
+ BOOST_CHECK_EQUAL(filter.match(tlv::Interest, InterestV03Pkt::makeName("/foo/bar", m_keyChain), \
+ InterestV03Pkt::makeState()), same); \
+ BOOST_CHECK_EQUAL(filter.match(tlv::Data, DataPkt::makeName("/foo/bar", m_keyChain), \
+ DataPkt::makeState()), same); \
+ BOOST_CHECK_EQUAL(filter.match(tlv::Interest, InterestV02Pkt::makeName("/foo/bar/bar", m_keyChain), \
+ InterestV02Pkt::makeState()), longer); \
+ BOOST_CHECK_EQUAL(filter.match(tlv::Interest, InterestV03Pkt::makeName("/foo/bar/bar", m_keyChain), \
+ InterestV03Pkt::makeState()), longer); \
+ BOOST_CHECK_EQUAL(filter.match(tlv::Data, DataPkt::makeName("/foo/bar/bar", m_keyChain), \
+ DataPkt::makeState()), longer); \
+ BOOST_CHECK_EQUAL(filter.match(tlv::Interest, InterestV02Pkt::makeName("/foo", m_keyChain), \
+ InterestV02Pkt::makeState()), shorter); \
+ BOOST_CHECK_EQUAL(filter.match(tlv::Interest, InterestV03Pkt::makeName("/foo", m_keyChain), \
+ InterestV03Pkt::makeState()), shorter); \
+ BOOST_CHECK_EQUAL(filter.match(tlv::Data, DataPkt::makeName("/foo", m_keyChain), \
+ DataPkt::makeState()), shorter); \
+ BOOST_CHECK_EQUAL(filter.match(tlv::Interest, InterestV02Pkt::makeName("/other/prefix", m_keyChain), \
+ InterestV02Pkt::makeState()), different); \
+ BOOST_CHECK_EQUAL(filter.match(tlv::Interest, InterestV03Pkt::makeName("/other/prefix", m_keyChain), \
+ InterestV03Pkt::makeState()), different); \
+ BOOST_CHECK_EQUAL(filter.match(tlv::Data, DataPkt::makeName("/other/prefix", m_keyChain), \
+ DataPkt::makeState()), different);
BOOST_AUTO_TEST_CASE(RelationName)
{
@@ -85,7 +90,7 @@
CHECK_FOR_MATCHES(f3, false, true, false, false);
}
-BOOST_FIXTURE_TEST_SUITE(Create, FilterFixture)
+BOOST_FIXTURE_TEST_SUITE(Create, IdentityManagementFixture)
BOOST_AUTO_TEST_CASE(Errors)
{
diff --git a/tests/unit/security/validator-config/rule.t.cpp b/tests/unit/security/validator-config/rule.t.cpp
index dbc81bf..75eb6dc 100644
--- a/tests/unit/security/validator-config/rule.t.cpp
+++ b/tests/unit/security/validator-config/rule.t.cpp
@@ -39,87 +39,80 @@
BOOST_AUTO_TEST_SUITE(Security)
BOOST_AUTO_TEST_SUITE(ValidatorConfig)
-template<uint32_t PktType>
+template<class Packet>
class RuleFixture : public IdentityManagementFixture
{
public:
RuleFixture()
- : rule(ruleId, PktType)
- , pktName("/foo/bar")
+ : rule(ruleId, Packet::getType())
+ , pktName(Packet::makeName("/foo/bar", m_keyChain))
+ , state(Packet::makeState())
{
- if (PktType == tlv::Interest) {
- pktName = Name("/foo/bar/SigInfo/SigValue");
- }
}
public:
const std::string ruleId = "rule-id";
Rule rule;
Name pktName;
+ shared_ptr<ValidationState> state;
};
-using PktTypes = boost::mpl::vector_c<uint32_t, tlv::Data, tlv::Interest>;
+using PktTypes = boost::mpl::vector<DataPkt, InterestV02Pkt, InterestV03Pkt>;
BOOST_AUTO_TEST_SUITE(TestRule)
-BOOST_FIXTURE_TEST_CASE(Errors, RuleFixture<tlv::Data>)
+BOOST_FIXTURE_TEST_CASE(Errors, RuleFixture<DataPkt>)
{
- BOOST_CHECK_THROW(rule.match(tlv::Interest, this->pktName), Error);
-
- auto state = make_shared<DummyValidationState>();
+ BOOST_CHECK_THROW(rule.match(tlv::Interest, this->pktName, state), Error);
BOOST_CHECK_THROW(rule.check(tlv::Interest, this->pktName, "/foo/bar", state), Error);
}
-BOOST_FIXTURE_TEST_CASE_TEMPLATE(Constructor, PktType, PktTypes, RuleFixture<PktType::value>)
+BOOST_FIXTURE_TEST_CASE_TEMPLATE(Constructor, PktType, PktTypes, RuleFixture<PktType>)
{
BOOST_CHECK_EQUAL(this->rule.getId(), this->ruleId);
- BOOST_CHECK_EQUAL(this->rule.getPktType(), PktType::value);
+ BOOST_CHECK_EQUAL(this->rule.getPktType(), PktType::getType());
}
-BOOST_FIXTURE_TEST_CASE_TEMPLATE(EmptyRule, PktType, PktTypes, RuleFixture<PktType::value>)
+BOOST_FIXTURE_TEST_CASE_TEMPLATE(EmptyRule, PktType, PktTypes, RuleFixture<PktType>)
{
- BOOST_CHECK_EQUAL(this->rule.match(PktType::value, this->pktName), true);
-
- auto state = make_shared<DummyValidationState>();
- BOOST_CHECK_EQUAL(this->rule.check(PktType::value, this->pktName, "/foo/bar", state), false);
+ BOOST_CHECK_EQUAL(this->rule.match(PktType::getType(), this->pktName, this->state), true);
+ BOOST_CHECK_EQUAL(this->rule.check(PktType::getType(), this->pktName, "/foo/bar", this->state), false);
}
-BOOST_FIXTURE_TEST_CASE_TEMPLATE(Filters, PktType, PktTypes, RuleFixture<PktType::value>)
+BOOST_FIXTURE_TEST_CASE_TEMPLATE(Filters, PktType, PktTypes, RuleFixture<PktType>)
{
this->rule.addFilter(make_unique<RegexNameFilter>(Regex("^<foo><bar>$")));
- BOOST_CHECK_EQUAL(this->rule.match(PktType::value, this->pktName), true);
- BOOST_CHECK_EQUAL(this->rule.match(PktType::value, "/not" + this->pktName.toUri()), false);
+ BOOST_CHECK_EQUAL(this->rule.match(PktType::getType(), this->pktName, this->state), true);
+ BOOST_CHECK_EQUAL(this->rule.match(PktType::getType(), "/not" + this->pktName.toUri(), this->state), false);
this->rule.addFilter(make_unique<RegexNameFilter>(Regex("^<not><foo><bar>$")));
- BOOST_CHECK_EQUAL(this->rule.match(PktType::value, this->pktName), true);
- BOOST_CHECK_EQUAL(this->rule.match(PktType::value, "/not" + this->pktName.toUri()), true);
+ BOOST_CHECK_EQUAL(this->rule.match(PktType::getType(), this->pktName, this->state), true);
+ BOOST_CHECK_EQUAL(this->rule.match(PktType::getType(), "/not" + this->pktName.toUri(), this->state), true);
- auto state = make_shared<DummyValidationState>();
- BOOST_CHECK_EQUAL(this->rule.check(PktType::value, this->pktName, "/foo/bar", state), false);
+ BOOST_CHECK_EQUAL(this->rule.check(PktType::getType(), this->pktName, "/foo/bar", this->state), false);
}
-BOOST_FIXTURE_TEST_CASE_TEMPLATE(Checkers, PktType, PktTypes, RuleFixture<PktType::value>)
+BOOST_FIXTURE_TEST_CASE_TEMPLATE(Checkers, PktType, PktTypes, RuleFixture<PktType>)
{
this->rule.addChecker(make_unique<HyperRelationChecker>("^(<>+)$", "\\1",
"^<not>?(<>+)$", "\\1",
NameRelation::EQUAL));
- auto state = make_shared<DummyValidationState>();
- BOOST_CHECK_EQUAL(this->rule.check(PktType::value, this->pktName, "/foo/bar", state), true);
+ BOOST_CHECK_EQUAL(this->rule.check(PktType::getType(), this->pktName, "/foo/bar", this->state), true);
- state = make_shared<DummyValidationState>();
- BOOST_CHECK_EQUAL(this->rule.check(PktType::value, this->pktName, "/not/foo/bar", state), true);
+ this->state = PktType::makeState(); // reset state
+ BOOST_CHECK_EQUAL(this->rule.check(PktType::getType(), this->pktName, "/not/foo/bar", this->state), true);
this->rule.addChecker(make_unique<HyperRelationChecker>("^(<>+)$", "\\1",
"^(<>+)$", "\\1",
NameRelation::EQUAL));
- state = make_shared<DummyValidationState>();
- BOOST_CHECK_EQUAL(this->rule.check(PktType::value, this->pktName, "/foo/bar", state), true);
+ this->state = PktType::makeState(); // reset state
+ BOOST_CHECK_EQUAL(this->rule.check(PktType::getType(), this->pktName, "/foo/bar", this->state), true);
- state = make_shared<DummyValidationState>();
- BOOST_CHECK_EQUAL(this->rule.check(PktType::value, this->pktName, "/not/foo/bar", state), false);
+ this->state = PktType::makeState(); // reset state
+ BOOST_CHECK_EQUAL(this->rule.check(PktType::getType(), this->pktName, "/not/foo/bar", this->state), false);
}
BOOST_AUTO_TEST_SUITE(Create)
@@ -153,11 +146,11 @@
BOOST_CHECK_THROW(Rule::create(makeSection(config), "test-config"), Error);
}
-BOOST_FIXTURE_TEST_CASE_TEMPLATE(FilterAndChecker, PktType, PktTypes, RuleFixture<PktType::value>)
+BOOST_FIXTURE_TEST_CASE_TEMPLATE(FilterAndChecker, PktType, PktTypes, RuleFixture<PktType>)
{
std::string config = R"CONF(
id rule-id
- for )CONF" + (PktType::value == tlv::Data ? "data"s : "interest"s) + R"CONF(
+ for )CONF" + (PktType::getType() == tlv::Data ? "data"s : "interest"s) + R"CONF(
filter
{
type name
@@ -183,14 +176,13 @@
)CONF";
auto rule = Rule::create(makeSection(config), "test-config");
- BOOST_CHECK_EQUAL(rule->match(PktType::value, this->pktName), true);
- BOOST_CHECK_EQUAL(rule->match(PktType::value, "/not" + this->pktName.toUri()), false);
+ BOOST_CHECK_EQUAL(rule->match(PktType::getType(), this->pktName, this->state), true);
+ BOOST_CHECK_EQUAL(rule->match(PktType::getType(), "/not" + this->pktName.toUri(), this->state), false);
- auto state = make_shared<DummyValidationState>();
- BOOST_CHECK_EQUAL(rule->check(PktType::value, this->pktName, "/foo/bar", state), true);
+ BOOST_CHECK_EQUAL(rule->check(PktType::getType(), this->pktName, "/foo/bar", this->state), true);
- state = make_shared<DummyValidationState>();
- BOOST_CHECK_EQUAL(rule->check(PktType::value, this->pktName, "/not/foo/bar", state), false);
+ this->state = PktType::makeState(); // reset state
+ BOOST_CHECK_EQUAL(rule->check(PktType::getType(), this->pktName, "/not/foo/bar", this->state), false);
}
BOOST_AUTO_TEST_SUITE_END() // Create