security: modernize Key and KeyContainer; add logging
Change-Id: Ibbe6a4ea54e2a1cc7ad7a7e00ea88a29ab1f6c3d
diff --git a/tests/unit/security/pib/impl/key-impl.t.cpp b/tests/unit/security/pib/impl/key-impl.t.cpp
index c59efb5..dfcd19a 100644
--- a/tests/unit/security/pib/impl/key-impl.t.cpp
+++ b/tests/unit/security/pib/impl/key-impl.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2021 Regents of the University of California.
+ * Copyright (c) 2013-2022 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -37,7 +37,7 @@
BOOST_AUTO_TEST_SUITE(Pib)
BOOST_FIXTURE_TEST_SUITE(TestKeyImpl, security::tests::PibDataFixture)
-using security::Pib;
+using pib::Pib;
BOOST_AUTO_TEST_CASE(Basic)
{
@@ -47,18 +47,16 @@
BOOST_CHECK_EQUAL(key11.getName(), id1Key1Name);
BOOST_CHECK_EQUAL(key11.getIdentity(), id1);
BOOST_CHECK_EQUAL(key11.getKeyType(), KeyType::EC);
- BOOST_CHECK_EQUAL_COLLECTIONS(key11.getPublicKey().begin(), key11.getPublicKey().end(),
- id1Key1.begin(), id1Key1.end());
+ BOOST_TEST(key11.getPublicKey() == id1Key1, boost::test_tools::per_element());
KeyImpl key11Bak(id1Key1Name, pibImpl);
BOOST_CHECK_EQUAL(key11Bak.getName(), id1Key1Name);
BOOST_CHECK_EQUAL(key11Bak.getIdentity(), id1);
BOOST_CHECK_EQUAL(key11Bak.getKeyType(), KeyType::EC);
- BOOST_CHECK_EQUAL_COLLECTIONS(key11Bak.getPublicKey().begin(), key11Bak.getPublicKey().end(),
- id1Key1.begin(), id1Key1.end());
+ BOOST_TEST(key11Bak.getPublicKey() == id1Key1, boost::test_tools::per_element());
}
-BOOST_AUTO_TEST_CASE(CertificateOperation)
+BOOST_AUTO_TEST_CASE(CertificateOperations)
{
auto pibImpl = make_shared<pib::PibMemory>();
KeyImpl key11(id1Key1Name, id1Key1, pibImpl);
@@ -72,16 +70,15 @@
// get default certificate, throw Pib::Error
BOOST_CHECK_THROW(key11.getDefaultCertificate(), Pib::Error);
// set non-existing certificate as default certificate, throw Pib::Error
- BOOST_REQUIRE_THROW(key11.setDefaultCertificate(id1Key1Cert1.getName()), Pib::Error);
+ BOOST_CHECK_THROW(key11.setDefaultCertificate(id1Key1Cert1.getName()), Pib::Error);
// add certificate
key11.addCertificate(id1Key1Cert1);
- BOOST_CHECK_NO_THROW(key11.getCertificate(id1Key1Cert1.getName()));
+ const auto& addedCert = key11.getCertificate(id1Key1Cert1.getName());
+ BOOST_CHECK_EQUAL(addedCert, id1Key1Cert1);
// new certificate becomes default certificate when there was no default certificate
- BOOST_REQUIRE_NO_THROW(key11.getDefaultCertificate());
const auto& defaultCert0 = key11.getDefaultCertificate();
- BOOST_CHECK_EQUAL(defaultCert0.getName(), id1Key1Cert1.getName());
BOOST_CHECK_EQUAL(defaultCert0, id1Key1Cert1);
// remove certificate
@@ -91,23 +88,16 @@
// set default certificate directly
BOOST_REQUIRE_NO_THROW(key11.setDefaultCertificate(id1Key1Cert1));
- BOOST_REQUIRE_NO_THROW(key11.getDefaultCertificate());
- BOOST_CHECK_NO_THROW(key11.getCertificate(id1Key1Cert1.getName()));
-
- // check default cert
const auto& defaultCert1 = key11.getDefaultCertificate();
- BOOST_CHECK_EQUAL(defaultCert1.getName(), id1Key1Cert1.getName());
BOOST_CHECK_EQUAL(defaultCert1, id1Key1Cert1);
// add another certificate
key11.addCertificate(id1Key1Cert2);
BOOST_CHECK_EQUAL(key11.getCertificates().size(), 2);
- // set default certificate through name
- BOOST_REQUIRE_NO_THROW(key11.setDefaultCertificate(id1Key1Cert2.getName()));
- BOOST_REQUIRE_NO_THROW(key11.getDefaultCertificate());
+ // set default certificate through name and check return value
+ BOOST_CHECK_EQUAL(key11.setDefaultCertificate(id1Key1Cert2.getName()), id1Key1Cert2);
const auto& defaultCert2 = key11.getDefaultCertificate();
- BOOST_CHECK_EQUAL(defaultCert2.getName(), id1Key1Cert2.getName());
BOOST_CHECK_EQUAL(defaultCert2, id1Key1Cert2);
// remove certificate
@@ -115,10 +105,9 @@
BOOST_CHECK_THROW(key11.getCertificate(id1Key1Cert1.getName()), Pib::Error);
BOOST_CHECK_EQUAL(key11.getCertificates().size(), 1);
- // set default certificate directly again, change the default setting
+ // set removed certificate as default, certificate is implicitly added
BOOST_REQUIRE_NO_THROW(key11.setDefaultCertificate(id1Key1Cert1));
const auto& defaultCert3 = key11.getDefaultCertificate();
- BOOST_CHECK_EQUAL(defaultCert3.getName(), id1Key1Cert1.getName());
BOOST_CHECK_EQUAL(defaultCert3, id1Key1Cert1);
BOOST_CHECK_EQUAL(key11.getCertificates().size(), 2);
@@ -128,8 +117,8 @@
BOOST_CHECK_EQUAL(key11.getCertificates().size(), 1);
key11.removeCertificate(id1Key1Cert2.getName());
BOOST_CHECK_THROW(key11.getCertificate(id1Key1Cert2.getName()), Pib::Error);
- BOOST_CHECK_THROW(key11.getDefaultCertificate(), Pib::Error);
BOOST_CHECK_EQUAL(key11.getCertificates().size(), 0);
+ BOOST_CHECK_THROW(key11.getDefaultCertificate(), Pib::Error);
}
class OverwriteFixture : public ndn::security::tests::PibDataFixture,
@@ -158,17 +147,15 @@
auto otherCert = id1Key1Cert1;
SignatureInfo info;
- info.setValidityPeriod(ValidityPeriod(time::system_clock::now(),
- time::system_clock::now() + 1_s));
+ info.setValidityPeriod(ValidityPeriod::makeRelative(-1_s, 10_s));
m_keyChain.sign(otherCert, SigningInfo().setSignatureInfo(info));
- BOOST_CHECK_EQUAL(otherCert.getName(), id1Key1Cert1.getName());
- BOOST_CHECK(otherCert.getContent() == id1Key1Cert1.getContent());
- BOOST_CHECK_NE(otherCert, id1Key1Cert1);
+ BOOST_TEST(otherCert.getName() == id1Key1Cert1.getName());
+ BOOST_TEST(otherCert.getContent() == id1Key1Cert1.getContent());
+ BOOST_TEST(otherCert != id1Key1Cert1);
key1.addCertificate(otherCert);
-
- BOOST_CHECK_EQUAL(key1.getCertificate(id1Key1Cert1.getName()), otherCert);
+ BOOST_TEST(key1.getCertificate(id1Key1Cert1.getName()) == otherCert);
}
BOOST_AUTO_TEST_CASE(Errors)
diff --git a/tests/unit/security/pib/key-container.t.cpp b/tests/unit/security/pib/key-container.t.cpp
index 25188a2..3e51424 100644
--- a/tests/unit/security/pib/key-container.t.cpp
+++ b/tests/unit/security/pib/key-container.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2021 Regents of the University of California.
+ * Copyright (c) 2013-2022 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -21,7 +21,6 @@
#include "ndn-cxx/security/pib/key-container.hpp"
#include "ndn-cxx/security/pib/impl/pib-memory.hpp"
-#include "ndn-cxx/security/pib/pib.hpp"
#include "tests/boost-test.hpp"
#include "tests/unit/security/pib/pib-data-fixture.hpp"
@@ -37,94 +36,86 @@
BOOST_AUTO_TEST_SUITE(Pib)
BOOST_FIXTURE_TEST_SUITE(TestKeyContainer, PibDataFixture)
-using pib::Pib;
-
-BOOST_AUTO_TEST_CASE(Basic)
+BOOST_AUTO_TEST_CASE(AddGetRemove)
{
auto pibImpl = make_shared<PibMemory>();
- // start with an empty container
- KeyContainer container(id1, pibImpl);
- BOOST_CHECK_EQUAL(container.size(), 0);
- BOOST_CHECK_EQUAL(container.getLoadedKeys().size(), 0);
+ {
+ // start with an empty container
+ KeyContainer container(id1, pibImpl);
+ BOOST_CHECK_EQUAL(container.size(), 0);
+ BOOST_CHECK_EQUAL(container.m_keys.size(), 0);
- // add the first key
- Key key11 = container.add(id1Key1, id1Key1Name);
- BOOST_CHECK_EQUAL(key11.getName(), id1Key1Name);
- BOOST_CHECK_EQUAL_COLLECTIONS(key11.getPublicKey().begin(), key11.getPublicKey().end(),
- id1Key1.begin(), id1Key1.end());
- BOOST_CHECK_EQUAL(container.size(), 1);
- BOOST_CHECK_EQUAL(container.getLoadedKeys().size(), 1);
- BOOST_CHECK(container.find(id1Key1Name) != container.end());
+ // add the first key
+ Key key11 = container.add(id1Key1, id1Key1Name);
+ BOOST_CHECK_EQUAL(key11.getName(), id1Key1Name);
+ BOOST_TEST(key11.getPublicKey() == id1Key1, boost::test_tools::per_element());
+ BOOST_CHECK_EQUAL(container.size(), 1);
+ BOOST_CHECK_EQUAL(container.m_keys.size(), 1);
+ BOOST_CHECK(container.find(id1Key1Name) != container.end());
- // add the same key again
- Key key12 = container.add(id1Key1, id1Key1Name);
- BOOST_CHECK_EQUAL(key12.getName(), id1Key1Name);
- BOOST_CHECK_EQUAL_COLLECTIONS(key12.getPublicKey().begin(), key12.getPublicKey().end(),
- id1Key1.begin(), id1Key1.end());
- BOOST_CHECK_EQUAL(container.size(), 1);
- BOOST_CHECK_EQUAL(container.getLoadedKeys().size(), 1);
- BOOST_CHECK(container.find(id1Key1Name) != container.end());
+ // add the same key again
+ Key key12 = container.add(id1Key1, id1Key1Name);
+ BOOST_CHECK_EQUAL(key12.getName(), id1Key1Name);
+ BOOST_TEST(key12.getPublicKey() == id1Key1, boost::test_tools::per_element());
+ BOOST_CHECK_EQUAL(container.size(), 1);
+ BOOST_CHECK_EQUAL(container.m_keys.size(), 1);
+ BOOST_CHECK(container.find(id1Key1Name) != container.end());
- // add the second key
- Key key21 = container.add(id1Key2, id1Key2Name);
- BOOST_CHECK_EQUAL(key21.getName(), id1Key2Name);
- BOOST_CHECK_EQUAL_COLLECTIONS(key21.getPublicKey().begin(), key21.getPublicKey().end(),
- id1Key2.begin(), id1Key2.end());
- BOOST_CHECK_EQUAL(container.size(), 2);
- BOOST_CHECK_EQUAL(container.getLoadedKeys().size(), 2);
- BOOST_CHECK(container.find(id1Key1Name) != container.end());
- BOOST_CHECK(container.find(id1Key2Name) != container.end());
+ // add the second key
+ Key key21 = container.add(id1Key2, id1Key2Name);
+ BOOST_CHECK_EQUAL(key21.getName(), id1Key2Name);
+ BOOST_TEST(key21.getPublicKey() == id1Key2, boost::test_tools::per_element());
+ BOOST_CHECK_EQUAL(container.size(), 2);
+ BOOST_CHECK_EQUAL(container.m_keys.size(), 2);
+ BOOST_CHECK(container.find(id1Key1Name) != container.end());
+ BOOST_CHECK(container.find(id1Key2Name) != container.end());
- // get keys
- BOOST_REQUIRE_NO_THROW(container.get(id1Key1Name));
- BOOST_REQUIRE_NO_THROW(container.get(id1Key2Name));
- Name id1Key3Name = constructKeyName(id1, name::Component("non-existing-id"));
- BOOST_CHECK_THROW(container.get(id1Key3Name), Pib::Error);
+ // check keys
+ Key key1 = container.get(id1Key1Name);
+ Key key2 = container.get(id1Key2Name);
+ BOOST_CHECK_EQUAL(key1.getName(), id1Key1Name);
+ BOOST_TEST(key1.getPublicKey() == id1Key1, boost::test_tools::per_element());
+ BOOST_CHECK_EQUAL(key2.getName(), id1Key2Name);
+ BOOST_TEST(key2.getPublicKey() == id1Key2, boost::test_tools::per_element());
+ Name id1Key3Name = constructKeyName(id1, name::Component("non-existing-id"));
+ BOOST_CHECK_THROW(container.get(id1Key3Name), pib::Pib::Error);
+ }
- // check key
- Key key1 = container.get(id1Key1Name);
- Key key2 = container.get(id1Key2Name);
- BOOST_CHECK_EQUAL(key1.getName(), id1Key1Name);
- BOOST_CHECK_EQUAL_COLLECTIONS(key1.getPublicKey().begin(), key1.getPublicKey().end(),
- id1Key1.begin(), id1Key1.end());
- BOOST_CHECK_EQUAL(key2.getName(), id1Key2Name);
- BOOST_CHECK_EQUAL_COLLECTIONS(key2.getPublicKey().begin(), key2.getPublicKey().end(),
- id1Key2.begin(), id1Key2.end());
+ {
+ // create a container from an existing (non-empty) PibImpl
+ // names are loaded immediately but the key cache should initially be empty
+ KeyContainer container2(id1, pibImpl);
+ BOOST_CHECK_EQUAL(container2.size(), 2);
+ BOOST_CHECK_EQUAL(container2.m_keys.size(), 0);
- // create another container from the same PibImpl
- // cache should be empty
- KeyContainer container2(id1, pibImpl);
- BOOST_CHECK_EQUAL(container2.size(), 2);
- BOOST_CHECK_EQUAL(container2.getLoadedKeys().size(), 0);
+ // fetching the keys should populate the cache
+ BOOST_CHECK_EQUAL(container2.get(id1Key1Name).getName(), id1Key1Name);
+ BOOST_CHECK_EQUAL(container2.size(), 2);
+ BOOST_CHECK_EQUAL(container2.m_keys.size(), 1);
- // get key, cache should be filled
- BOOST_REQUIRE_NO_THROW(container2.get(id1Key1Name));
- BOOST_CHECK_EQUAL(container2.size(), 2);
- BOOST_CHECK_EQUAL(container2.getLoadedKeys().size(), 1);
+ BOOST_CHECK_EQUAL(container2.get(id1Key2Name).getName(), id1Key2Name);
+ BOOST_CHECK_EQUAL(container2.size(), 2);
+ BOOST_CHECK_EQUAL(container2.m_keys.size(), 2);
- BOOST_REQUIRE_NO_THROW(container2.get(id1Key2Name));
- BOOST_CHECK_EQUAL(container2.size(), 2);
- BOOST_CHECK_EQUAL(container2.getLoadedKeys().size(), 2);
+ // remove a key
+ container2.remove(id1Key1Name);
+ BOOST_CHECK_EQUAL(container2.size(), 1);
+ BOOST_CHECK_EQUAL(container2.m_keys.size(), 1);
+ BOOST_CHECK(container2.find(id1Key1Name) == container2.end());
+ BOOST_CHECK(container2.find(id1Key2Name) != container2.end());
- // remove a key
- container2.remove(id1Key1Name);
- BOOST_CHECK_EQUAL(container2.size(), 1);
- BOOST_CHECK_EQUAL(container2.getLoadedKeys().size(), 1);
- BOOST_CHECK(container2.find(id1Key1Name) == container2.end());
- BOOST_CHECK(container2.find(id1Key2Name) != container2.end());
-
- // remove another key
- container2.remove(id1Key2Name);
- BOOST_CHECK_EQUAL(container2.size(), 0);
- BOOST_CHECK_EQUAL(container2.getLoadedKeys().size(), 0);
- BOOST_CHECK(container2.find(id1Key2Name) == container2.end());
+ // remove another key
+ container2.remove(id1Key2Name);
+ BOOST_CHECK_EQUAL(container2.size(), 0);
+ BOOST_CHECK_EQUAL(container2.m_keys.size(), 0);
+ BOOST_CHECK(container2.find(id1Key2Name) == container2.end());
+ }
}
BOOST_AUTO_TEST_CASE(Errors)
{
auto pibImpl = make_shared<PibMemory>();
-
KeyContainer container(id1, pibImpl);
BOOST_CHECK_THROW(container.add(id2Key1, id2Key1Name), std::invalid_argument);
@@ -136,16 +127,13 @@
{
auto pibImpl = make_shared<PibMemory>();
KeyContainer container(id1, pibImpl);
-
container.add(id1Key1, id1Key1Name);
container.add(id1Key2, id1Key2Name);
- std::set<Name> keyNames;
- keyNames.insert(id1Key1Name);
- keyNames.insert(id1Key2Name);
+ const std::set<Name> keyNames{id1Key1Name, id1Key2Name};
KeyContainer::const_iterator it = container.begin();
- std::set<Name>::const_iterator testIt = keyNames.begin();
+ auto testIt = keyNames.begin();
BOOST_CHECK_EQUAL((*it).getName(), *testIt);
it++;
testIt++;
@@ -154,7 +142,8 @@
testIt++;
BOOST_CHECK(it == container.end());
- size_t count = 0;
+ // test range-based for
+ int count = 0;
testIt = keyNames.begin();
for (const auto& key : container) {
BOOST_CHECK_EQUAL(key.getIdentity(), id1);
diff --git a/tests/unit/security/pib/key.t.cpp b/tests/unit/security/pib/key.t.cpp
index 8d0244f..2aa28e1 100644
--- a/tests/unit/security/pib/key.t.cpp
+++ b/tests/unit/security/pib/key.t.cpp
@@ -1,6 +1,6 @@
/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
/*
- * Copyright (c) 2013-2021 Regents of the University of California.
+ * Copyright (c) 2013-2022 Regents of the University of California.
*
* This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
*
@@ -41,36 +41,42 @@
BOOST_AUTO_TEST_CASE(ValidityChecking)
{
Key key;
- BOOST_CHECK(!key);
- BOOST_CHECK_EQUAL(static_cast<bool>(key), false);
+ BOOST_TEST(!key);
+ BOOST_TEST(key == Key());
- auto keyImpl = std::make_shared<detail::KeyImpl>(id1Key1Name, id1Key1,
- std::make_shared<pib::PibMemory>());
- key = Key(keyImpl);
- BOOST_CHECK(key);
- BOOST_CHECK_EQUAL(!key, false);
+ auto impl = std::make_shared<detail::KeyImpl>(id1Key1Name, id1Key1, std::make_shared<pib::PibMemory>());
+ key = Key(impl);
+ BOOST_TEST(key);
+ BOOST_TEST(key != Key());
+
+ impl.reset();
+ BOOST_TEST(!key);
}
-// pib::Key is a wrapper of pib::detail::KeyImpl. Since the functionalities of KeyImpl
-// have already been tested in detail/key-impl.t.cpp, we only test the shared property
-// of pib::Key in this test case.
+// pib::Key is a wrapper of pib::detail::KeyImpl. Since the functionality of KeyImpl is
+// already tested in key-impl.t.cpp, we only test the shared property of pib::Key in
+// this test case.
BOOST_AUTO_TEST_CASE(SharedImpl)
{
auto keyImpl = std::make_shared<detail::KeyImpl>(id1Key1Name, id1Key1,
std::make_shared<pib::PibMemory>());
Key key1(keyImpl);
Key key2(keyImpl);
- BOOST_CHECK_EQUAL(key1, key2);
- BOOST_CHECK_NE(key1, Key());
- BOOST_CHECK_EQUAL(Key(), Key());
+ BOOST_TEST(key1 == key2);
+ BOOST_TEST(key1 != Key());
+ BOOST_TEST(Key() != key2);
+ BOOST_TEST(Key() == Key());
+
+ BOOST_CHECK_THROW(key2.getCertificate(id1Key1Cert1.getName()), pib::Pib::Error);
key1.addCertificate(id1Key1Cert1);
- BOOST_CHECK_NO_THROW(key2.getCertificate(id1Key1Cert1.getName()));
+ BOOST_TEST(key2.getCertificate(id1Key1Cert1.getName()) == id1Key1Cert1);
+
key2.removeCertificate(id1Key1Cert1.getName());
BOOST_CHECK_THROW(key1.getCertificate(id1Key1Cert1.getName()), pib::Pib::Error);
key1.setDefaultCertificate(id1Key1Cert1);
- BOOST_CHECK_NO_THROW(key2.getDefaultCertificate());
+ BOOST_TEST(key2.getDefaultCertificate() == id1Key1Cert1);
}
BOOST_AUTO_TEST_CASE(Helpers)