blob: 9c8816a042ea09a8b504cdca455b5b292a366ddb [file] [log] [blame]
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
* Copyright (c) 2013-2020 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
* ndn-cxx library is free software: you can redistribute it and/or modify it under the
* terms of the GNU Lesser General Public License as published by the Free Software
* Foundation, either version 3 of the License, or (at your option) any later version.
*
* ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
* WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
* PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
*
* You should have received copies of the GNU General Public License and GNU Lesser
* General Public License along with ndn-cxx, e.g., in COPYING.md file. If not, see
* <http://www.gnu.org/licenses/>.
*
* See AUTHORS.md for complete list of ndn-cxx authors and contributors.
*/
#include "ndn-cxx/security/validation-policy-simple-hierarchy.hpp"
#include "tests/boost-test.hpp"
#include "tests/unit/security/validator-fixture.hpp"
#include <boost/mpl/vector.hpp>
namespace ndn {
namespace security {
inline namespace v2 {
namespace tests {
using namespace ndn::tests;
BOOST_AUTO_TEST_SUITE(Security)
BOOST_FIXTURE_TEST_SUITE(TestValidationPolicySimpleHierarchy,
HierarchicalValidatorFixture<ValidationPolicySimpleHierarchy>)
typedef boost::mpl::vector<Interest, Data> Packets;
BOOST_AUTO_TEST_CASE_TEMPLATE(Validate, Packet, Packets)
{
Packet unsignedPacket("/Security/ValidatorFixture/Sub1/Sub2/Packet");
Packet packet = unsignedPacket;
VALIDATE_FAILURE(packet, "Unsigned");
packet = unsignedPacket;
m_keyChain.sign(packet, signingWithSha256());
VALIDATE_FAILURE(packet, "Policy doesn't accept Sha256Digest signature");
packet = unsignedPacket;
m_keyChain.sign(packet, signingByIdentity(identity));
VALIDATE_SUCCESS(packet, "Should get accepted, as signed by the anchor");
packet = unsignedPacket;
m_keyChain.sign(packet, signingByIdentity(subIdentity));
VALIDATE_SUCCESS(packet, "Should get accepted, as signed by the policy-compliant cert");
packet = unsignedPacket;
m_keyChain.sign(packet, signingByIdentity(otherIdentity));
VALIDATE_FAILURE(packet, "Should fail, as signed by the policy-violating cert");
packet = unsignedPacket;
m_keyChain.sign(packet, signingByIdentity(subSelfSignedIdentity));
VALIDATE_FAILURE(packet, "Should fail, because subSelfSignedIdentity is not a trust anchor");
// TODO add checks with malformed packets
}
BOOST_AUTO_TEST_SUITE_END() // TestValidator
BOOST_AUTO_TEST_SUITE_END() // Security
} // namespace tests
} // inline namespace v2
} // namespace security
} // namespace ndn