commit 06d6ae9eae542d067b245c80eac54b955fe083f1
author Zhiyi Zhang <zhiyi@cs.ucla.edu> Wed Mar 08 14:59:45 2017 -0800
committer Zhiyi Zhang <zhiyi@cs.ucla.edu> Thu Mar 09 14:47:56 2017 -0800
tree 670cdfc4139e9d8af9a7abd0da2fccb0a5b6a4b7
parent 3b76f2cfacfd5cadf85b982d8c5d3922781ffa1d

Update CaConfig to support multi CA and make config JSON style

Change-Id: I1737fa26356c255f3eb8090a5463614d7f728644

tests/unit-tests/ca-config.t.cpp

diff --git a/tests/unit-tests/ca-config.t.cpp b/tests/unit-tests/ca-config.t.cpp
index 09a0d08..e803254 100644
--- a/tests/unit-tests/ca-config.t.cpp
+++ b/tests/unit-tests/ca-config.t.cpp
@@ -32,31 +32,25 @@
 
 BOOST_AUTO_TEST_CASE(ReadConfigFileWithFileAnchor)
 {
-  CaConfig config("tests/unit-tests/ca.conf.test");
-  BOOST_CHECK_EQUAL(config.m_caName.toUri(), "/ndn/edu/ucla/cs/zhiyi");
-  BOOST_CHECK_EQUAL(config.m_freshPeriod, 720);
-  BOOST_CHECK_EQUAL(config.m_anchor->getName().toUri(),
+  CaConfig config;
+  config.load("tests/unit-tests/ca.conf.test");
+  auto itemA = config.m_caItems.front();
+  BOOST_CHECK_EQUAL(itemA.m_caName.toUri(), "/ndn/edu/ucla/cs/zhiyi");
+  BOOST_CHECK_EQUAL(itemA.m_probe, "true");
+  BOOST_CHECK_EQUAL(itemA.m_freshnessPeriod, time::seconds(720));
+  BOOST_CHECK_EQUAL(itemA.m_validityPeriod, time::days(360));
+  BOOST_CHECK_EQUAL(itemA.m_anchor.toUri(),
+                    "/ndn/edu/ucla/cs/zhiyi/KEY/%9A%E0%C6%C6%09%7C%92i/self/%FD%00%00%01Z%B0%2AJ%B4");
+  BOOST_CHECK_EQUAL(itemA.m_supportedChallenges.size(), 1);
+
+  auto itemB = config.m_caItems.back();
+  BOOST_CHECK_EQUAL(itemB.m_caName.toUri(), "/ndn/site1");
+  BOOST_CHECK_EQUAL(itemB.m_probe, "true");
+  BOOST_CHECK_EQUAL(itemB.m_freshnessPeriod, time::seconds(720));
+  BOOST_CHECK_EQUAL(itemB.m_validityPeriod, time::days(360));
+  BOOST_CHECK_EQUAL(itemB.m_anchor.toUri(),
                     "/ndn/site1/KEY/%11%BC%22%F4c%15%FF%17/self/%FD%00%00%01Y%C8%14%D9%A5");
-  BOOST_CHECK_EQUAL(config.m_availableChallenges.size(), 1);
-}
-
-BOOST_AUTO_TEST_CASE(ReadConfigFileWithBase64Anchor)
-{
-  auto identity = addIdentity(Name("/ndn/site1"));
-  auto key = identity.getDefaultKey();
-  auto cert = key.getDefaultCertificate();
-
-  using namespace security::transform;
-  std::stringstream ss;
-  bufferSource(cert.wireEncode().wire(), cert.wireEncode().size()) >> base64Encode() >> streamSink(ss);
-
-  const std::string certBase64 = ss.str();
-
-  CaConfig config("tests/unit-tests/ca.conf.test");
-  config.m_config.put("ca-anchor.type", "base64");
-  config.m_config.put("ca-anchor.value", certBase64);
-  config.load();
-  BOOST_CHECK_EQUAL(*(config.m_anchor), cert);
+  BOOST_CHECK_EQUAL(itemB.m_supportedChallenges.size(), 1);
 }
 
 BOOST_AUTO_TEST_SUITE_END() // TestCaConfig

tests/unit-tests/ca.conf.test

diff --git a/tests/unit-tests/ca.conf.test b/tests/unit-tests/ca.conf.test
index 8459594..838d9c4 100644
--- a/tests/unit-tests/ca.conf.test
+++ b/tests/unit-tests/ca.conf.test
@@ -1,73 +1,29 @@
-; The namespace that the NDN Certificate Authority will serve.
-name "/ndn/edu/ucla/cs/zhiyi"
-
-; This section configures parameter(s) of the issued certificates.
-certificate-info
 {
-  ; freshness-period defines the freshness period of newly issued certificates.
-  freshness-period 720
-}
-
-; This ca-anchor section configures the CA certificate.
-;
-; The type defines the type of certificate. Now NDNCERT supports two types:
-;
-;   file; value should be the file name of the certificate file
-;   base64; value should be the Base64 encoded plain text of NDN certificate bytes
-;
-ca-anchor
-{
-  type file
-  value "ca.ndncert.test"
-}
-
-; This challenge-list section defines a list of all available challenge types.
-;
-; It includes one or more challenge. For every challenge, the type should be
-; the unique type identifier of the registered Challenge Module.
-;
-challenge-list
-{
-  challenge
-  {
-    type pin
-  }
-}
-
-;
-validator-conf
-{
-  ; This section defines the trust model for NDNCERT CaModule validator. It consists of rules
-  ; and trust-anchors, which are briefly defined in this file.  For more information refer to
-  ; manpage of ndn-validator.conf:
-  ;
-  ;   man ndn-validator.conf
-  ;
-  ; A trust-anchor is a pre-trusted certificate.  This can be any certificate that is the root
-  ; of certification chain (e.g., NDN testbed root certificate) or an existing default system
-  ; certificate `default.ndncert`.  A rule defines conditions a valid packet MUST have. A
-  ; packet must satisfy one of the rules defined here. A rule can be broken into two parts:
-  ; matching & checking. A packet will be matched against rules from the first to the last
-  ; until a matched rule is encountered. The matched rule will be used to check the packet. If
-  ; a packet does not match any rule, it will be treated as invalid.  The matching part of a
-  ; rule consists of `for` and `filter` sections. They collectively define which packets can be
-  ; checked with this rule. `for` defines packet type (data or interest) and `filter` defines
-  ; conditions on other properties of a packet. Right now, you can only define conditions on
-  ; packet name, and you can only specify ONLY ONE filter for packet name.  The checking part
-  ; of a rule consists of `checker`, which defines the conditions that a VALID packet MUST
-  ; have. See comments in checker section for more details.
-  rule
-  {
-    id "zhiyi interest rule"
-    for interest
-    filter
+  "ca-list":
+  [
     {
-      type name
-      regex ^<ndn><edu><ucla><cs><zhiyi>[<_NEW><_POLL>]<>*$
-    }
-    trust-anchor
+        "ca-prefix": "/ndn/edu/ucla/cs/zhiyi",
+        "ca-info": "UCLA's ceritificate authority, located in BH4805.",
+        "probe": "true",
+        "issuing-freshness": "720",
+        "validity-period": "360",
+        "ca-anchor": "/ndn/edu/ucla/cs/zhiyi/KEY/%9A%E0%C6%C6%09%7C%92i/self/%FD%00%00%01Z%B0%2AJ%B4",
+        "supported-challenges":
+        [
+            { "type": "PIN" }
+        ]
+    },
     {
-      type any
+        "ca-prefix": "/ndn/site1",
+        "ca-info": "UCLA's ceritificate authority, located in BH4805.",
+        "probe": "true",
+        "issuing-freshness": "720",
+        "validity-period": "360",
+        "ca-anchor": "/ndn/site1/KEY/%11%BC%22%F4c%15%FF%17/self/%FD%00%00%01Y%C8%14%D9%A5",
+        "supported-challenges":
+        [
+            { "type": "PIN" }
+        ]
     }
-  }
-}
+  ]
+}
\ No newline at end of file

tests/unit-tests/ca.ndncert.test

diff --git a/tests/unit-tests/ca.ndncert.test b/tests/unit-tests/ca.ndncert.test
deleted file mode 100644
index e7d29bf..0000000
--- a/tests/unit-tests/ca.ndncert.test
+++ /dev/null
@@ -1,12 +0,0 @@
-Bv0CJAcsCANuZG4IBXNpdGUxCANLRVkICBG8IvRjFf8XCARzZWxmCAn9AAABWcgU
-2aUUCRgBAhkEADbugBX9AU8wggFLMIIBAwYHKoZIzj0CATCB9wIBATAsBgcqhkjO
-PQEBAiEA/////wAAAAEAAAAAAAAAAAAAAAD///////////////8wWwQg/////wAA
-AAEAAAAAAAAAAAAAAAD///////////////wEIFrGNdiqOpPns+u9VXaYhrxlHQaw
-zFOw9jvOPD4n0mBLAxUAxJ02CIbnBJNqZnjhE50mt4GffpAEQQRrF9Hy4SxCR/i8
-5uVjpEDydwN9gS3rM6D0oTlF2JjClk/jQuL+Gn+bjufrSnwPnhYrzjNXazFezsu2
-QGg3v1H1AiEA/////wAAAAD//////////7zm+q2nF56E87nKwvxjJVECAQEDQgAE
-S9Cb9iANUNYmwt5bjwNW1mZgjzIkDJb6FTCdiYWnkMMIVxh2YDllphoWDEAPS6kq
-JczzCuhnGYpZCp9tTaYKGxZMGwEDHB0HGwgDbmRuCAVzaXRlMQgDS0VZCAgRvCL0
-YxX/F/0A/Sb9AP4PMTk3MDAxMDFUMDAwMDAw/QD/DzIwMzcwMTE3VDIxMjg0NhdI
-MEYCIQDXkR1hF3GiP7yLXq+0JBJfi9QC+hhAu/1Bykx+MWz6RAIhANwelBTxxZr2
-C5bD15mjfhWudK4I1tOb4b/9xWCHyM7F
\ No newline at end of file