Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / 31fd46714e259ce02f6d9d2b7688890fd86f6f92^! / . / tests / unit-tests / security / v2 / validation-policy-command-interest.t.cpp
commit31fd46714e259ce02f6d9d2b7688890fd86f6f92[log] [tgz]
authorAlexander Afanasyev <aa@cs.fiu.edu>Sun Jun 17 13:25:52 2018 -0400
committerAlexander Afanasyev <aa@cs.fiu.edu>Mon Jun 18 11:29:06 2018 -0400
treed44f6ddf9bebbf96691ecb8c6537202e69550cf0
parent57d02b65efae2eacfe6ff3c20bf97ad7b7c7cacf [diff] [blame]
security: Correctly handle Sha256-signed Command Interests

Change-Id: Ibcda11627a4be0498dfd894df8b976cb65da308a
Refs: #4635

diff --git a/tests/unit-tests/security/v2/validation-policy-command-interest.t.cpp b/tests/unit-tests/security/v2/validation-policy-command-interest.t.cpp
index 4a3365c..7bd42ea 100644
--- a/tests/unit-tests/security/v2/validation-policy-command-interest.t.cpp
+++ b/tests/unit-tests/security/v2/validation-policy-command-interest.t.cpp

@@ -90,10 +90,14 @@
 {
   auto i1 = makeCommandInterest(identity);
   VALIDATE_SUCCESS(i1, "Should succeed (within grace period)");
+  VALIDATE_FAILURE(i1, "Should fail (replay attack)");
 
   advanceClocks(5_ms);
   auto i2 = makeCommandInterest(identity);
   VALIDATE_SUCCESS(i2, "Should succeed (timestamp larger than previous)");
+
+  auto i3 =  m_signer.makeCommandInterest(Name(identity.getName()).append("CMD"), signingWithSha256());
+  VALIDATE_FAILURE(i3, "Should fail (Sha256 signature violates policy)");
 }
 
 BOOST_AUTO_TEST_CASE(DataPassthru)
@@ -103,6 +107,20 @@
   VALIDATE_SUCCESS(d1, "Should succeed (fallback on inner validation policy for data)");
 }
 
+using ValidationPolicyAcceptAllCommands = ValidationPolicyCommandInterestFixture<DefaultOptions,
+                                                                                 ValidationPolicyAcceptAll>;
+
+BOOST_FIXTURE_TEST_CASE(SignedWithSha256, ValidationPolicyAcceptAllCommands) // Bug 4635
+{
+  auto i1 = m_signer.makeCommandInterest("/hello/world/CMD", signingWithSha256());
+  VALIDATE_SUCCESS(i1, "Should succeed (within grace period)");
+  VALIDATE_FAILURE(i1, "Should fail (replay attack)");
+
+  advanceClocks(5_ms);
+  auto i2 = m_signer.makeCommandInterest("/hello/world/CMD", signingWithSha256());
+  VALIDATE_SUCCESS(i2, "Should succeed (timestamp larger than previous)");
+}
+
 BOOST_AUTO_TEST_SUITE_END() // Accepts
 
 BOOST_AUTO_TEST_SUITE(Rejects)