security: Support name options in the KeyLocator when using ValidationPolicySimpleHierarchy Change-Id: I828e65a964d4d410e314f7bfc024ee749ac9757b Refs: #5115

commit: 8afba42296cbe8b3e62e997cc795016eb8e6ac3d [log] [tgz]
author: Alexander Afanasyev <aa@cs.fiu.edu> Thu Jun 11 17:56:21 2020 -0400
committer: Alex Afanasyev <aa@cs.fiu.edu> Wed Jun 17 10:36:48 2020 -0700
tree: 9fe8aaf80dd0794e983d5a74dba3ea7130358dda
parent: 2ca5e79633c6ea16496e586cb21509b44474bec8 [diff]
diff --git a/tests/unit/security/validation-policy-simple-hierarchy.t.cpp b/tests/unit/security/validation-policy-simple-hierarchy.t.cpp
index 9c8816a..6c619f0 100644
--- a/tests/unit/security/validation-policy-simple-hierarchy.t.cpp
+++ b/tests/unit/security/validation-policy-simple-hierarchy.t.cpp

@@ -69,7 +69,54 @@
   // TODO add checks with malformed packets
 }
 
-BOOST_AUTO_TEST_SUITE_END() // TestValidator
+BOOST_AUTO_TEST_CASE(NonKeyNameInsideLocator)
+{
+  // auto cert = identity.getDefaultKey().getDefaultCertificate().wireEncode();
+  // std::cerr << "Certificate idCert{\"" << toHex(cert.wire(), cert.size()) << "\"_block};" << std::endl;
+
+  // cert = subIdentity.getDefaultKey().getDefaultCertificate().wireEncode();
+  // std::cerr << "Certificate subIdCert{\"" << toHex(cert.wire(), cert.size()) << "\"_block};" << std::endl;
+
+  // Data packet("/Security/ValidatorFixture/Sub1/Sub2/Packet");
+  // m_keyChain.sign(packet, signingByIdentity(subIdentity));
+  // std::cerr << "Data packet{\"" << toHex(packet.wireEncode().wire(), packet.wireEncode().size()) << "\"_block};" << std::endl;
+
+  // These are hard-coded with a key locator that is the exact name of the certificate
+  Certificate idCert{"06FD014C073C08085365637572697479081056616C696461746F724669787475726508034B455"
+      "9080816971C408D162A0A080473656C660809FD000001499D598CA0140918010219040036EE80155B30593013060"
+      "72A8648CE3D020106082A8648CE3D03010703420004F795BB9A7D51ECC4491605D49ADFCB46598D8260F872F0F15"
+      "15FA4EA7259F2A27C25B5ADAFA8D548C5FA0FBB88AB7769E986057FCAB52C7AF17A7964C47DF57B165C1B01031C2"
+      "D072B08085365637572697479081056616C696461746F724669787475726508034B4559080816971C408D162A0AF"
+      "D00FD26FD00FE0F313937303031303154303030303030FD00FF0F323033343131303654303533353332174630440"
+      "2200E9C538FE7285B006476C86F1CCCEC4398C939D1F6CE2E4F3537EB145252EE1502201A1C50E647CAF90CAA76A"
+      "065452D1D560E5BB7122A7553002E7DFBCA80FCB422"_block};
+  Certificate subIdCert{"06FD0188074408085365637572697479081056616C696461746F7246697874757265080453"
+      "75623108034B45590808D76A31B01E14092B0806706172656E740809FD000001499D598CA0140918010219040036"
+      "EE80155B3059301306072A8648CE3D020106082A8648CE3D0301070342000441783BEDE80DEF6F2910D78E1BD0AD"
+      "7EF033A62F510A7578D1FC8F7601AC2B7709B27BBF225423A865964FA523B9746169FDB03C68B2FAC8D75DA0C755"
+      "8122AF16901B01031C3E073C08085365637572697479081056616C696461746F724669787475726508034B455908"
+      "0816971C408D162A0A080473656C660809FD000001499D598CA0FD00FD26FD00FE0F323031343131313154303533"
+      "353332FD00FF0F323033343131303654303533353332FD01021FFD02001BFD02010474797065FD02020F7375622D"
+      "636572746966696361746517463044022013CEFBF0E15EA6C85B26C56B550316A8A0F6F45510CCBDA4188E7732EF"
+      "1E81B6022026BDC1B6F32BE163F20E379B86EF686F5B8B2B57B6494DE89D5D503C8E3C6125"_block};
+  Data packet{"06CD073008085365637572697479081056616C696461746F724669787475726508045375623108045375"
+      "623208065061636B657414001500164B1B01031C46074408085365637572697479081056616C696461746F724669"
+      "787475726508045375623108034B45590808D76A31B01E14092B0806706172656E740809FD000001499D598CA017"
+      "483046022100BDD3E0EF2385658825EB73E87A02D1A16AA8ACE50840C1B91782836164AACA3B0221008007B3EBA9"
+      "B7638BD204766B08AF6E4221CDB88156CC7DA13CD916610D6D3AED"_block};
+
+  this->cache.insert(idCert);
+  this->cache.insert(subIdCert);
+  this->validator.loadAnchor("", std::move(idCert));
+
+  BOOST_REQUIRE(packet.getKeyLocator());
+  BOOST_CHECK_EQUAL(packet.getKeyLocator()->getName(),
+                    "/Security/ValidatorFixture/Sub1/KEY/%D7j1%B0%1E%14%09%2B/parent/%FD%00%00%01I%9DY%8C%A0");
+
+  VALIDATE_SUCCESS(packet, "Should get accepted, as signed by the policy-compliant cert");
+}
+
+BOOST_AUTO_TEST_SUITE_END() // TestValidationPolicySimpleHierarchy
 BOOST_AUTO_TEST_SUITE_END() // Security
 
 } // namespace tests

diff --git a/tests/unit/security/validation-policy.t.cpp b/tests/unit/security/validation-policy.t.cpp
new file mode 100644
index 0000000..41cde4d
--- /dev/null
+++ b/tests/unit/security/validation-policy.t.cpp

@@ -0,0 +1,59 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
+/*
+ * Copyright (c) 2013-2020 Regents of the University of California.
+ *
+ * This file is part of ndn-cxx library (NDN C++ library with eXperimental eXtensions).
+ *
+ * ndn-cxx library is free software: you can redistribute it and/or modify it under the
+ * terms of the GNU Lesser General Public License as published by the Free Software
+ * Foundation, either version 3 of the License, or (at your option) any later version.
+ *
+ * ndn-cxx library is distributed in the hope that it will be useful, but WITHOUT ANY
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ * PARTICULAR PURPOSE.  See the GNU Lesser General Public License for more details.
+ *
+ * You should have received copies of the GNU General Public License and GNU Lesser
+ * General Public License along with ndn-cxx, e.g., in COPYING.md file.  If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ * See AUTHORS.md for complete list of ndn-cxx authors and contributors.
+ */
+
+#include "ndn-cxx/security/validation-policy.hpp"
+
+#include "tests/boost-test.hpp"
+#include "tests/identity-management-fixture.hpp"
+
+namespace ndn {
+namespace security {
+inline namespace v2 {
+namespace tests {
+
+using namespace ndn::tests;
+
+BOOST_AUTO_TEST_SUITE(Security)
+BOOST_FIXTURE_TEST_SUITE(TestValidationPolicy, IdentityManagementFixture)
+
+BOOST_AUTO_TEST_CASE(ExtractIdentityNameFromKeyLocator)
+{
+  auto id = addIdentity("/random/identity");
+
+  auto keyName = id.getDefaultKey().getName();
+  auto certName = id.getDefaultKey().getDefaultCertificate().getName();
+  auto partialCertName = id.getDefaultKey().getDefaultCertificate().getName().getPrefix(-1);
+
+  BOOST_CHECK_EQUAL(extractIdentityNameFromKeyLocator(keyName), "/random/identity");
+  BOOST_CHECK_EQUAL(extractIdentityNameFromKeyLocator(certName), "/random/identity");
+  BOOST_CHECK_EQUAL(extractIdentityNameFromKeyLocator(partialCertName), "/random/identity");
+
+  BOOST_CHECK_THROW(extractIdentityNameFromKeyLocator(Name("/name/without/key/component")), std::runtime_error);
+  BOOST_CHECK_THROW(extractIdentityNameFromKeyLocator(Name("/name/with/KEY/but/in/a/wrong/place")), std::runtime_error);
+}
+
+BOOST_AUTO_TEST_SUITE_END() // TestValidationPolicy
+BOOST_AUTO_TEST_SUITE_END() // Security
+
+} // namespace tests
+} // inline namespace v2
+} // namespace security
+} // namespace ndn
commit	8afba42296cbe8b3e62e997cc795016eb8e6ac3d	[log] [tgz]
author	Alexander Afanasyev <aa@cs.fiu.edu>	Thu Jun 11 17:56:21 2020 -0400
committer	Alex Afanasyev <aa@cs.fiu.edu>	Wed Jun 17 10:36:48 2020 -0700
tree	9fe8aaf80dd0794e983d5a74dba3ea7130358dda
parent	2ca5e79633c6ea16496e586cb21509b44474bec8 [diff]