Update CaConfig to support multi CA and make config JSON style
Change-Id: I1737fa26356c255f3eb8090a5463614d7f728644
diff --git a/tests/unit-tests/ca.conf.test b/tests/unit-tests/ca.conf.test
index 8459594..838d9c4 100644
--- a/tests/unit-tests/ca.conf.test
+++ b/tests/unit-tests/ca.conf.test
@@ -1,73 +1,29 @@
-; The namespace that the NDN Certificate Authority will serve.
-name "/ndn/edu/ucla/cs/zhiyi"
-
-; This section configures parameter(s) of the issued certificates.
-certificate-info
{
- ; freshness-period defines the freshness period of newly issued certificates.
- freshness-period 720
-}
-
-; This ca-anchor section configures the CA certificate.
-;
-; The type defines the type of certificate. Now NDNCERT supports two types:
-;
-; file; value should be the file name of the certificate file
-; base64; value should be the Base64 encoded plain text of NDN certificate bytes
-;
-ca-anchor
-{
- type file
- value "ca.ndncert.test"
-}
-
-; This challenge-list section defines a list of all available challenge types.
-;
-; It includes one or more challenge. For every challenge, the type should be
-; the unique type identifier of the registered Challenge Module.
-;
-challenge-list
-{
- challenge
- {
- type pin
- }
-}
-
-;
-validator-conf
-{
- ; This section defines the trust model for NDNCERT CaModule validator. It consists of rules
- ; and trust-anchors, which are briefly defined in this file. For more information refer to
- ; manpage of ndn-validator.conf:
- ;
- ; man ndn-validator.conf
- ;
- ; A trust-anchor is a pre-trusted certificate. This can be any certificate that is the root
- ; of certification chain (e.g., NDN testbed root certificate) or an existing default system
- ; certificate `default.ndncert`. A rule defines conditions a valid packet MUST have. A
- ; packet must satisfy one of the rules defined here. A rule can be broken into two parts:
- ; matching & checking. A packet will be matched against rules from the first to the last
- ; until a matched rule is encountered. The matched rule will be used to check the packet. If
- ; a packet does not match any rule, it will be treated as invalid. The matching part of a
- ; rule consists of `for` and `filter` sections. They collectively define which packets can be
- ; checked with this rule. `for` defines packet type (data or interest) and `filter` defines
- ; conditions on other properties of a packet. Right now, you can only define conditions on
- ; packet name, and you can only specify ONLY ONE filter for packet name. The checking part
- ; of a rule consists of `checker`, which defines the conditions that a VALID packet MUST
- ; have. See comments in checker section for more details.
- rule
- {
- id "zhiyi interest rule"
- for interest
- filter
+ "ca-list":
+ [
{
- type name
- regex ^<ndn><edu><ucla><cs><zhiyi>[<_NEW><_POLL>]<>*$
- }
- trust-anchor
+ "ca-prefix": "/ndn/edu/ucla/cs/zhiyi",
+ "ca-info": "UCLA's ceritificate authority, located in BH4805.",
+ "probe": "true",
+ "issuing-freshness": "720",
+ "validity-period": "360",
+ "ca-anchor": "/ndn/edu/ucla/cs/zhiyi/KEY/%9A%E0%C6%C6%09%7C%92i/self/%FD%00%00%01Z%B0%2AJ%B4",
+ "supported-challenges":
+ [
+ { "type": "PIN" }
+ ]
+ },
{
- type any
+ "ca-prefix": "/ndn/site1",
+ "ca-info": "UCLA's ceritificate authority, located in BH4805.",
+ "probe": "true",
+ "issuing-freshness": "720",
+ "validity-period": "360",
+ "ca-anchor": "/ndn/site1/KEY/%11%BC%22%F4c%15%FF%17/self/%FD%00%00%01Y%C8%14%D9%A5",
+ "supported-challenges":
+ [
+ { "type": "PIN" }
+ ]
}
- }
-}
+ ]
+}
\ No newline at end of file