security: Fix signing by identity (ECDSA)
When signing by identity, if no certificate is available for the default
key and its type does not corresponds to the `DEFAULT_KEY_PARAMS` a new
pair of `DEFAULT_KEY_PARAMS` keys is created, set as default and used for
signing. Solved by checking the type of key of the default key pair for
the identity.
Change-Id: I75c117cea17cbbfda410da9a83dd16b92d345d21
Refs: #3438
diff --git a/tests/unit-tests/security/key-chain.t.cpp b/tests/unit-tests/security/key-chain.t.cpp
index a6c0cbe..5eae0c4 100644
--- a/tests/unit-tests/security/key-chain.t.cpp
+++ b/tests/unit-tests/security/key-chain.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/**
- * Copyright (c) 2013-2015 Regents of the University of California.
+ * Copyright (c) 2013-2016 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -21,11 +21,13 @@
#include "security/key-chain.hpp"
#include "security/validator.hpp"
-#include "../util/test-home-environment-fixture.hpp"
-#include <boost/filesystem.hpp>
+#include "security/signing-helpers.hpp"
#include "boost-test.hpp"
#include "dummy-keychain.hpp"
+#include "../util/test-home-environment-fixture.hpp"
+
+#include <boost/filesystem.hpp>
namespace ndn {
namespace security {
@@ -417,6 +419,27 @@
interest5.getName()[-1].blockFromValue()))));
}
+BOOST_AUTO_TEST_CASE(EcdsaSigningByIdentityNoCert)
+{
+ KeyChain keyChain;
+ Data data("/test/data");
+
+ Name nonExistingIdentity = Name("/non-existing/identity").appendVersion();
+
+ BOOST_CHECK_NO_THROW(keyChain.sign(data, signingByIdentity(nonExistingIdentity)));
+ BOOST_CHECK_EQUAL(data.getSignature().getType(),
+ KeyChain::getSignatureType(KeyChain::DEFAULT_KEY_PARAMS.getKeyType(),
+ DIGEST_ALGORITHM_SHA256));
+ BOOST_CHECK(nonExistingIdentity.isPrefixOf(data.getSignature().getKeyLocator().getName()));
+
+ Name ecdsaIdentity = Name("/ndn/test/ecdsa").appendVersion();
+ Name ecdsaKeyName = keyChain.generateEcdsaKeyPairAsDefault(ecdsaIdentity, false, 256);
+ BOOST_CHECK_NO_THROW(keyChain.sign(data, signingByIdentity(ecdsaIdentity)));
+ BOOST_CHECK_EQUAL(data.getSignature().getType(),
+ KeyChain::getSignatureType(EcdsaKeyParams().getKeyType(), DIGEST_ALGORITHM_SHA256));
+ BOOST_CHECK(ecdsaIdentity.isPrefixOf(data.getSignature().getKeyLocator().getName()));
+}
+
BOOST_AUTO_TEST_SUITE_END()
} // namespace tests