still one error left
Change-Id: Id89dd6c85e02032b788d6cf97fc8b3ae9964b757
diff --git a/src/ca-module.cpp b/src/ca-module.cpp
index 6df30eb..a7c2fdb 100644
--- a/src/ca-module.cpp
+++ b/src/ca-module.cpp
@@ -234,8 +234,8 @@
std::array<uint8_t, 32> salt;
random::generateSecureBytes(salt.data(), salt.size());
// hkdf
- uint8_t aesKey[AES_128_KEY_LEN];
- hkdf(sharedSecret.data(), sharedSecret.size(), salt.data(), salt.size(), aesKey, sizeof(aesKey));
+ std::array<uint8_t, 16> aesKey;
+ hkdf(sharedSecret.data(), sharedSecret.size(), salt.data(), salt.size(), aesKey.data(), aesKey.size());
// verify identity name
if (!m_config.m_caItem.m_caPrefix.isPrefixOf(clientCert->getIdentity())
@@ -307,9 +307,8 @@
}
RequestId id;
std::memcpy(id.data(), requestIdData, id.size());
- RequestState requestState(m_config.m_caItem.m_caPrefix, id,
- requestType, Status::BEFORE_CHALLENGE, *clientCert,
- makeBinaryBlock(ndn::tlv::ContentType_Key, aesKey, sizeof(aesKey)));
+ RequestState requestState(m_config.m_caItem.m_caPrefix, id, requestType,
+ Status::BEFORE_CHALLENGE, *clientCert, std::move(aesKey));
try {
m_storage->addRequest(requestState);
}
@@ -355,7 +354,7 @@
Buffer paramTLVPayload;
try {
paramTLVPayload = decodeBlockWithAesGcm128(request.getApplicationParameters(),
- requestState->m_encryptionKey.value(),
+ requestState->m_encryptionKey.data(),
requestState->m_requestId.data(),
requestState->m_requestId.size());
}
diff --git a/src/detail/ca-request-state.cpp b/src/detail/ca-request-state.cpp
index 3d69969..0de0820 100644
--- a/src/detail/ca-request-state.cpp
+++ b/src/detail/ca-request-state.cpp
@@ -61,7 +61,7 @@
}
RequestState::RequestState(const Name& caName, const RequestId& requestId, RequestType requestType, Status status,
- const security::Certificate& cert, Block encryptionKey, uint32_t aesBlockCounter)
+ const security::Certificate& cert, std::array<uint8_t, 16>&& encryptionKey, uint32_t aesBlockCounter)
: m_caPrefix(caName)
, m_requestId(requestId)
, m_requestType(requestType)
@@ -73,10 +73,10 @@
}
RequestState::RequestState(const Name& caName, const RequestId& requestId, RequestType requestType, Status status,
- const security::Certificate& cert, const std::string& challengeType,
- const std::string& challengeStatus, const time::system_clock::TimePoint& challengeTp,
- size_t remainingTries, time::seconds remainingTime, JsonSection&& challengeSecrets,
- Block encryptionKey, uint32_t aesBlockCounter)
+ const security::Certificate& cert, const std::string& challengeType,
+ const std::string& challengeStatus, const time::system_clock::TimePoint& challengeTp,
+ size_t remainingTries, time::seconds remainingTime, JsonSection&& challengeSecrets,
+ std::array<uint8_t, 16>&& encryptionKey, uint32_t aesBlockCounter)
: m_caPrefix(caName)
, m_requestId(requestId)
, m_requestType(requestType)
diff --git a/src/detail/ca-request-state.hpp b/src/detail/ca-request-state.hpp
index 94305c0..49c862e 100644
--- a/src/detail/ca-request-state.hpp
+++ b/src/detail/ca-request-state.hpp
@@ -89,7 +89,7 @@
* @brief Used to instantiate a RequestState when challenge is not started.
*/
RequestState(const Name& caName, const RequestId& requestId, RequestType requestType, Status status,
- const security::Certificate& cert, Block m_encryptionKey, uint32_t aesBlockCounter = 0);
+ const security::Certificate& cert, std::array<uint8_t, 16>&& m_encryptionKey, uint32_t aesBlockCounter = 0);
/**
* @brief Used to instantiate a RequestState after challenge is started.
*/
@@ -97,7 +97,7 @@
const security::Certificate& cert, const std::string& challengeType,
const std::string& challengeStatus, const time::system_clock::TimePoint& challengeTp,
size_t remainingTries, time::seconds remainingTime, JsonSection&& challengeSecrets,
- Block m_encryptionKey, uint32_t aesBlockCounter);
+ std::array<uint8_t, 16>&& m_encryptionKey, uint32_t aesBlockCounter);
public:
/**
@@ -123,7 +123,7 @@
/**
* @brief The encryption key for the requester.
*/
- Block m_encryptionKey;
+ std::array<uint8_t, 16> m_encryptionKey;
/**
* @brief The AES block counter for the requester.
*/
diff --git a/src/detail/ca-sqlite.cpp b/src/detail/ca-sqlite.cpp
index bc5dfd6..6ef80bc 100644
--- a/src/detail/ca-sqlite.cpp
+++ b/src/detail/ca-sqlite.cpp
@@ -145,16 +145,17 @@
auto remainingTries = statement.getInt(8);
auto remainingTime = statement.getInt(9);
auto requestType = static_cast<RequestType>(statement.getInt(10));
- auto encryptionKey = statement.getBlock(11);
+ std::array<uint8_t, 16> encryptionKey;
+ std::memcpy(encryptionKey.data(), statement.getBlob(11), statement.getSize(11));
auto aesCounter = statement.getInt(12);
if (challengeType != "") {
return RequestState(caName, requestId, requestType, status, cert,
- challengeType, challengeStatus, time::fromIsoString(challengeTp),
- remainingTries, time::seconds(remainingTime),
- convertString2Json(challengeSecrets), encryptionKey, aesCounter);
+ challengeType, challengeStatus, time::fromIsoString(challengeTp),
+ remainingTries, time::seconds(remainingTime),
+ convertString2Json(challengeSecrets), std::move(encryptionKey), aesCounter);
}
else {
- return RequestState(caName, requestId, requestType, status, cert, encryptionKey);
+ return RequestState(caName, requestId, requestType, status, cert, std::move(encryptionKey));
}
}
else {
@@ -176,7 +177,7 @@
statement.bind(3, static_cast<int>(request.m_status));
statement.bind(4, static_cast<int>(request.m_requestType));
statement.bind(5, request.m_cert.wireEncode(), SQLITE_TRANSIENT);
- statement.bind(12, request.m_encryptionKey, SQLITE_TRANSIENT);
+ statement.bind(12, request.m_encryptionKey.data(), request.m_encryptionKey.size(), SQLITE_TRANSIENT);
statement.bind(13, request.m_aesBlockCounter);
if (request.m_challengeState) {
statement.bind(6, request.m_challengeType, SQLITE_TRANSIENT);
@@ -246,16 +247,19 @@
auto remainingTries = statement.getInt(9);
auto remainingTime = statement.getInt(10);
auto requestType = static_cast<RequestType>(statement.getInt(11));
- auto encryptionKey = statement.getBlock(12);
+ std::array<uint8_t, 16> encryptionKey;
+ std::memcpy(encryptionKey.data(), statement.getBlob(12), statement.getSize(12));
auto aesBlockCounter = statement.getInt(13);
if (challengeType != "") {
result.push_back(RequestState(caName, requestId, requestType, status, cert,
- challengeType, challengeStatus, time::fromIsoString(challengeTp),
- remainingTries, time::seconds(remainingTime),
- convertString2Json(challengeSecrets), encryptionKey, aesBlockCounter));
+ challengeType, challengeStatus, time::fromIsoString(challengeTp),
+ remainingTries, time::seconds(remainingTime),
+ convertString2Json(challengeSecrets),
+ std::move(encryptionKey), aesBlockCounter));
}
else {
- result.push_back(RequestState(caName, requestId, requestType, status, cert, encryptionKey, aesBlockCounter));
+ result.push_back(RequestState(caName, requestId, requestType,
+ status, cert, std::move(encryptionKey), aesBlockCounter));
}
}
return result;
@@ -268,7 +272,7 @@
Sqlite3Statement statement(m_database,
R"_SQLTEXT_(SELECT id, request_id, ca_name, status,
challenge_status, cert_request, challenge_type, challenge_secrets,
- challenge_tp, remaining_tries, remaining_time, request_type,
+ challenge_tp, remaining_tries, remaining_time, request_type,
encryption_key, aes_block_counter
FROM RequestStates WHERE ca_name = ?)_SQLTEXT_");
statement.bind(1, caName.wireEncode(), SQLITE_TRANSIENT);
@@ -286,16 +290,19 @@
auto remainingTries = statement.getInt(9);
auto remainingTime = statement.getInt(10);
auto requestType = static_cast<RequestType>(statement.getInt(11));
- auto encryptionKey = statement.getBlock(12);
+ std::array<uint8_t, 16> encryptionKey;
+ std::memcpy(encryptionKey.data(), statement.getBlob(12), statement.getSize(12));
auto aesBlockCounter = statement.getInt(13);
if (challengeType != "") {
result.push_back(RequestState(caName, requestId, requestType, status, cert,
- challengeType, challengeStatus, time::fromIsoString(challengeTp),
- remainingTries, time::seconds(remainingTime),
- convertString2Json(challengeSecrets), encryptionKey, aesBlockCounter));
+ challengeType, challengeStatus, time::fromIsoString(challengeTp),
+ remainingTries, time::seconds(remainingTime),
+ convertString2Json(challengeSecrets),
+ std::move(encryptionKey), aesBlockCounter));
}
else {
- result.push_back(RequestState(caName, requestId, requestType, status, cert, encryptionKey, aesBlockCounter));
+ result.push_back(RequestState(caName, requestId, requestType, status,
+ cert, std::move(encryptionKey), aesBlockCounter));
}
}
return result;
diff --git a/src/detail/challenge-encoder.cpp b/src/detail/challenge-encoder.cpp
index 5c3a4d4..22dc6c7 100644
--- a/src/detail/challenge-encoder.cpp
+++ b/src/detail/challenge-encoder.cpp
@@ -39,7 +39,7 @@
response.push_back(makeNestedBlock(tlv::IssuedCertName, *issuedCertName));
}
response.encode();
- return encodeBlockWithAesGcm128(ndn::tlv::Content, request.m_encryptionKey.value(),
+ return encodeBlockWithAesGcm128(ndn::tlv::Content, request.m_encryptionKey.data(),
response.value(), response.value_size(),
request.m_requestId.data(), request.m_requestId.size(), request.m_aesBlockCounter);
}
@@ -47,7 +47,7 @@
void
ChallengeEncoder::decodeDataContent(const Block& contentBlock, requester::RequestContext& state)
{
- auto result = decodeBlockWithAesGcm128(contentBlock, state.m_aesKey,
+ auto result = decodeBlockWithAesGcm128(contentBlock, state.m_aesKey.data(),
state.m_requestId.data(), state.m_requestId.size());
auto data = makeBinaryBlock(tlv::EncryptedPayload, result.data(), result.size());
data.parse();
diff --git a/src/requester-state.hpp b/src/requester-state.hpp
index 9ee0b53..9c14c1e 100644
--- a/src/requester-state.hpp
+++ b/src/requester-state.hpp
@@ -88,7 +88,7 @@
/**
* @brief AES key derived from the ecdh shared secret.
*/
- uint8_t m_aesKey[16] = {0};
+ std::array<uint8_t, 16> m_aesKey = {0};
/**
* @brief The counter of AES blocks that have been encrypted.
*/
diff --git a/src/requester.cpp b/src/requester.cpp
index 52c0014..8a8dc86 100644
--- a/src/requester.cpp
+++ b/src/requester.cpp
@@ -206,7 +206,7 @@
// ECDH and HKDF
auto sharedSecret = state.m_ecdh.deriveSecret(ecdhKey);
hkdf(sharedSecret.data(), sharedSecret.size(),
- salt.data(), salt.size(), state.m_aesKey, sizeof(state.m_aesKey));
+ salt.data(), salt.size(), state.m_aesKey.data(), state.m_aesKey.size());
// update state
return challenges;
@@ -243,7 +243,7 @@
interest->setCanBePrefix(false);
// encrypt the Interest parameters
- auto paramBlock = encodeBlockWithAesGcm128(ndn::tlv::ApplicationParameters, state.m_aesKey,
+ auto paramBlock = encodeBlockWithAesGcm128(ndn::tlv::ApplicationParameters, state.m_aesKey.data(),
challengeParams.value(), challengeParams.value_size(),
state.m_requestId.data(),
state.m_requestId.size(),
diff --git a/tests/unit-tests/ca-memory.t.cpp b/tests/unit-tests/ca-memory.t.cpp
index 86c150e..4d6c9cc 100644
--- a/tests/unit-tests/ca-memory.t.cpp
+++ b/tests/unit-tests/ca-memory.t.cpp
@@ -40,7 +40,9 @@
// add operation
RequestId requestId = {1,2,3,4,5,6,7,8};
- RequestState request1(Name("/ndn/site1"), requestId, RequestType::NEW, Status::BEFORE_CHALLENGE, cert1, makeStringBlock(ndn::tlv::ContentType_Key, "PretendItIsAKey"));
+ std::array<uint8_t, 16> aesKey1;
+ RequestState request1(Name("/ndn/site1"), requestId, RequestType::NEW,
+ Status::BEFORE_CHALLENGE, cert1, std::move(aesKey1));
BOOST_CHECK_NO_THROW(storage.addRequest(request1));
// get operation
@@ -48,15 +50,17 @@
BOOST_CHECK_EQUAL(request1.m_cert, result.m_cert);
BOOST_CHECK(request1.m_status == result.m_status);
BOOST_CHECK_EQUAL(request1.m_caPrefix, result.m_caPrefix);
- BOOST_CHECK_EQUAL(request1.m_encryptionKey, result.m_encryptionKey);
+ BOOST_CHECK_EQUAL_COLLECTIONS(request1.m_encryptionKey.begin(), request1.m_encryptionKey.end(),
+ result.m_encryptionKey.begin(), result.m_encryptionKey.end());
JsonSection json;
json.put("code", "1234");
// update operation
+ std::array<uint8_t, 16> aesKey2;
RequestState request2(Name("/ndn/site1"), requestId, RequestType::NEW, Status::CHALLENGE, cert1,
"email", "test", time::system_clock::now(), 3, time::seconds(3600),
- std::move(json), makeStringBlock(ndn::tlv::ContentType_Key, "PretendItIsAKey"), 0);
+ std::move(json), std::move(aesKey2), 0);
storage.updateRequest(request2);
result = storage.getRequest(requestId);
BOOST_CHECK_EQUAL(request2.m_cert, result.m_cert);
@@ -67,7 +71,9 @@
auto key2 = identity2.getDefaultKey();
auto cert2 = key2.getDefaultCertificate();
RequestId requestId2 = {8,7,6,5,4,3,2,1};
- RequestState request3(Name("/ndn/site2"), requestId2, RequestType::NEW, Status::BEFORE_CHALLENGE, cert2, makeStringBlock(ndn::tlv::ContentType_Key, "PretendItIsAKey"));
+ std::array<uint8_t, 16> aesKey3;
+ RequestState request3(Name("/ndn/site2"), requestId2, RequestType::NEW, Status::BEFORE_CHALLENGE,
+ cert2, std::move(aesKey3));
storage.addRequest(request3);
// list operation
diff --git a/tests/unit-tests/ca-module.t.cpp b/tests/unit-tests/ca-module.t.cpp
index d346014..97727c0 100644
--- a/tests/unit-tests/ca-module.t.cpp
+++ b/tests/unit-tests/ca-module.t.cpp
@@ -260,8 +260,8 @@
RequestId requestId;
std::memcpy(requestId.data(), contentBlock.get(tlv::RequestId).value(), contentBlock.get(tlv::RequestId).value_size());
auto ca_encryption_key = ca.getCaStorage()->getRequest(requestId).m_encryptionKey;
- BOOST_CHECK_EQUAL_COLLECTIONS(state.m_aesKey, state.m_aesKey + sizeof(state.m_aesKey),
- ca_encryption_key.value(), ca_encryption_key.value() + ca_encryption_key.value_size());
+ BOOST_CHECK_EQUAL_COLLECTIONS(state.m_aesKey.begin(), state.m_aesKey.end(),
+ ca_encryption_key.begin(), ca_encryption_key.end());
});
face.receive(*interest);
@@ -468,7 +468,8 @@
time::system_clock::now() + time::hours(10)));
m_keyChain.sign(clientCert, signingByKey(clientKey.getName()).setSignatureInfo(signatureInfo));
RequestId requestId = {1,2,3,4,5,6,7,8};
- RequestState certRequest(Name("/ndn"), requestId, RequestType::NEW, Status::SUCCESS, clientCert, makeEmptyBlock(ndn::tlv::ContentType_Key));
+ std::array<uint8_t, 16> aesKey;
+ RequestState certRequest(Name("/ndn"), requestId, RequestType::NEW, Status::SUCCESS, clientCert, std::move(aesKey));
auto issuedCert = ca.issueCertificate(certRequest);
CaProfile item;
@@ -502,8 +503,8 @@
RequestId requestId;
std::memcpy(requestId.data(), contentBlock.get(tlv::RequestId).value(), contentBlock.get(tlv::RequestId).value_size());
auto ca_encryption_key = ca.getCaStorage()->getRequest(requestId).m_encryptionKey;
- BOOST_CHECK_EQUAL_COLLECTIONS(state.m_aesKey, state.m_aesKey + sizeof(state.m_aesKey),
- ca_encryption_key.value(), ca_encryption_key.value() + ca_encryption_key.value_size());
+ BOOST_CHECK_EQUAL_COLLECTIONS(state.m_aesKey.begin(), state.m_aesKey.end(),
+ ca_encryption_key.begin(), ca_encryption_key.end());
});
face.receive(*interest);
diff --git a/tests/unit-tests/ca-sqlite.t.cpp b/tests/unit-tests/ca-sqlite.t.cpp
index 5f8e49e..ee1a2c5 100644
--- a/tests/unit-tests/ca-sqlite.t.cpp
+++ b/tests/unit-tests/ca-sqlite.t.cpp
@@ -39,7 +39,8 @@
// add operation
RequestId requestId = {1,2,3,4,5,6,7,8};
- RequestState request1(Name("/ndn/site1"), requestId, RequestType::NEW, Status::BEFORE_CHALLENGE, cert1, makeStringBlock(ndn::tlv::ContentType_Key, "PretendItIsAKey"));
+ std::array<uint8_t, 16> aesKey1;
+ RequestState request1(Name("/ndn/site1"), requestId, RequestType::NEW, Status::BEFORE_CHALLENGE, cert1, std::move(aesKey1));
storage.addRequest(request1);
// get operation
@@ -47,14 +48,16 @@
BOOST_CHECK_EQUAL(request1.m_cert, result.m_cert);
BOOST_CHECK(request1.m_status == result.m_status);
BOOST_CHECK_EQUAL(request1.m_caPrefix, result.m_caPrefix);
- BOOST_CHECK_EQUAL(request1.m_encryptionKey, result.m_encryptionKey);
+ BOOST_CHECK_EQUAL_COLLECTIONS(request1.m_encryptionKey.begin(), request1.m_encryptionKey.end(),
+ result.m_encryptionKey.begin(), result.m_encryptionKey.end());
// update operation
JsonSection json;
json.put("test", "4567");
+ std::array<uint8_t, 16> aesKey2;
RequestState request2(Name("/ndn/site1"), requestId, RequestType::NEW, Status::CHALLENGE, cert1,
"email", "test", time::system_clock::now(), 3, time::seconds(3600),
- std::move(json), makeEmptyBlock(ndn::tlv::ContentType_Key), 0);
+ std::move(json), std::move(aesKey2), 0);
storage.updateRequest(request2);
result = storage.getRequest(requestId);
BOOST_CHECK_EQUAL(request2.m_cert, result.m_cert);
@@ -65,7 +68,9 @@
auto key2 = identity2.getDefaultKey();
auto cert2 = key2.getDefaultCertificate();
RequestId requestId2 = {8,7,6,5,4,3,2,1};
- RequestState request3(Name("/ndn/site2"), requestId2, RequestType::NEW, Status::BEFORE_CHALLENGE, cert2, makeStringBlock(ndn::tlv::ContentType_Key, "PretendItIsAKey"));
+ std::array<uint8_t, 16> aesKey3;
+ RequestState request3(Name("/ndn/site2"), requestId2, RequestType::NEW,
+ Status::BEFORE_CHALLENGE, cert2, std::move(aesKey3));
storage.addRequest(request3);
// list operation
@@ -91,7 +96,9 @@
// add operation
RequestId requestId = {1,2,3,4,5,6,7,8};
- RequestState request1(Name("/ndn/site1"),requestId, RequestType::NEW, Status::BEFORE_CHALLENGE, cert1, makeEmptyBlock(ndn::tlv::ContentType_Key));
+ std::array<uint8_t, 16> aesKey;
+ RequestState request1(Name("/ndn/site1"),requestId, RequestType::NEW,
+ Status::BEFORE_CHALLENGE, cert1, std::move(aesKey));
BOOST_CHECK_NO_THROW(storage.addRequest(request1));
// add again
BOOST_CHECK_THROW(storage.addRequest(request1), std::runtime_error);
diff --git a/tests/unit-tests/challenge-credential.t.cpp b/tests/unit-tests/challenge-credential.t.cpp
index 8a301df..93a52d0 100644
--- a/tests/unit-tests/challenge-credential.t.cpp
+++ b/tests/unit-tests/challenge-credential.t.cpp
@@ -54,7 +54,9 @@
auto keyA = identityA.getDefaultKey();
auto certA = key.getDefaultCertificate();
RequestId requestId = {1,2,3,4,5,6,7,8};
- ca::RequestState state(Name("/example"), requestId, RequestType::NEW, Status::BEFORE_CHALLENGE, certA, makeEmptyBlock(ndn::tlv::ContentType_Key));
+ std::array<uint8_t, 16> aesKey;
+ ca::RequestState state(Name("/example"), requestId, RequestType::NEW,
+ Status::BEFORE_CHALLENGE, certA, std::move(aesKey));
// create requester's credential
auto identityB = addIdentity(Name("/trust/cert"));
diff --git a/tests/unit-tests/challenge-email.t.cpp b/tests/unit-tests/challenge-email.t.cpp
index ccf51cf..5801bca 100644
--- a/tests/unit-tests/challenge-email.t.cpp
+++ b/tests/unit-tests/challenge-email.t.cpp
@@ -45,8 +45,9 @@
auto identity = addIdentity(Name("/ndn/site1"));
auto key = identity.getDefaultKey();
auto cert = key.getDefaultCertificate();
- RequestId requestId = {1,2,3,4,5,6,7,8};
- ca::RequestState request(Name("/ndn/site1"), requestId, RequestType::NEW, Status::BEFORE_CHALLENGE, cert, makeEmptyBlock(ndn::tlv::ContentType_Key));
+ RequestId requestId = {1, 2, 3, 4, 5, 6, 7, 8};
+ std::array<uint8_t, 16> aesKey;
+ ca::RequestState request(Name("/ndn/site1"), requestId, RequestType::NEW, Status::BEFORE_CHALLENGE, cert, std::move(aesKey));
Block paramTLV = makeEmptyBlock(tlv::EncryptedPayload);
paramTLV.push_back(makeStringBlock(tlv::ParameterKey, ChallengeEmail::PARAMETER_KEY_EMAIL));
@@ -95,8 +96,9 @@
auto identity = addIdentity(Name("/ndn/site1"));
auto key = identity.getDefaultKey();
auto cert = key.getDefaultCertificate();
- RequestId requestId = {1,2,3,4,5,6,7,8};
- ca::RequestState request(Name("/ndn/site1"), requestId, RequestType::NEW, Status::BEFORE_CHALLENGE, cert, makeEmptyBlock(ndn::tlv::ContentType_Key));
+ RequestId requestId = {1, 2, 3, 4, 5, 6, 7, 8};
+ std::array<uint8_t, 16> aesKey;
+ ca::RequestState request(Name("/ndn/site1"), requestId, RequestType::NEW, Status::BEFORE_CHALLENGE, cert, std::move(aesKey));
Block paramTLV = makeEmptyBlock(tlv::EncryptedPayload);
paramTLV.push_back(makeStringBlock(tlv::ParameterKey, ChallengeEmail::PARAMETER_KEY_EMAIL));
@@ -117,10 +119,11 @@
auto cert = key.getDefaultCertificate();
JsonSection json;
json.put(ChallengeEmail::PARAMETER_KEY_CODE, "4567");
- RequestId requestId = {1,2,3,4,5,6,7,8};
+ RequestId requestId = {1, 2, 3, 4, 5, 6, 7, 8};
+ std::array<uint8_t, 16> aesKey;
ca::RequestState request(Name("/ndn/site1"), requestId, RequestType::NEW, Status::CHALLENGE, cert,
- "email", ChallengeEmail::NEED_CODE, time::system_clock::now(),
- 3, time::seconds(3600), std::move(json), makeEmptyBlock(ndn::tlv::ContentType_Key), 0);
+ "email", ChallengeEmail::NEED_CODE, time::system_clock::now(),
+ 3, time::seconds(3600), std::move(json), std::move(aesKey), 0);
Block paramTLV = makeEmptyBlock(tlv::EncryptedPayload);
paramTLV.push_back(makeStringBlock(tlv::ParameterKey, ChallengeEmail::PARAMETER_KEY_CODE));
@@ -140,10 +143,11 @@
auto cert = key.getDefaultCertificate();
JsonSection json;
json.put(ChallengeEmail::PARAMETER_KEY_CODE, "4567");
- RequestId requestId = {1,2,3,4,5,6,7,8};
+ RequestId requestId = {1, 2, 3, 4, 5, 6, 7, 8};
+ std::array<uint8_t, 16> aesKey;
ca::RequestState request(Name("/ndn/site1"), requestId, RequestType::NEW, Status::CHALLENGE, cert,
- "email", ChallengeEmail::NEED_CODE, time::system_clock::now(),
- 3, time::seconds(3600), std::move(json), makeEmptyBlock(ndn::tlv::ContentType_Key), 0);
+ "email", ChallengeEmail::NEED_CODE, time::system_clock::now(),
+ 3, time::seconds(3600), std::move(json), std::move(aesKey), 0);
Block paramTLV = makeEmptyBlock(tlv::EncryptedPayload);
paramTLV.push_back(makeStringBlock(tlv::ParameterKey, ChallengeEmail::PARAMETER_KEY_CODE));
diff --git a/tests/unit-tests/challenge-pin.t.cpp b/tests/unit-tests/challenge-pin.t.cpp
index e1bfad1..f790bad 100644
--- a/tests/unit-tests/challenge-pin.t.cpp
+++ b/tests/unit-tests/challenge-pin.t.cpp
@@ -38,8 +38,9 @@
auto identity = addIdentity(Name("/ndn/site1"));
auto key = identity.getDefaultKey();
auto cert = key.getDefaultCertificate();
- RequestId requestId = {1,2,3,4,5,6,7,8};
- ca::RequestState request(Name("/ndn/site1"), requestId, RequestType::NEW, Status::BEFORE_CHALLENGE, cert, makeEmptyBlock(ndn::tlv::ContentType_Key));
+ RequestId requestId = {1, 2, 3, 4, 5, 6, 7, 8};
+ std::array<uint8_t, 16> aesKey;
+ ca::RequestState request(Name("/ndn/site1"), requestId, RequestType::NEW, Status::BEFORE_CHALLENGE, cert, std::move(aesKey));
ChallengePin challenge;
challenge.handleChallengeRequest(makeEmptyBlock(tlv::EncryptedPayload), request);
@@ -56,10 +57,11 @@
auto cert = key.getDefaultCertificate();
JsonSection secret;
secret.add(ChallengePin::PARAMETER_KEY_CODE, "12345");
- RequestId requestId = {1,2,3,4,5,6,7,8};
+ RequestId requestId = {1, 2, 3, 4, 5, 6, 7, 8};
+ std::array<uint8_t, 16> aesKey;
ca::RequestState request(Name("/ndn/site1"), requestId, RequestType::NEW, Status::CHALLENGE, cert,
- "pin", ChallengePin::NEED_CODE, time::system_clock::now(),
- 3, time::seconds(3600), std::move(secret), makeEmptyBlock(ndn::tlv::ContentType_Key), 0);
+ "pin", ChallengePin::NEED_CODE, time::system_clock::now(),
+ 3, time::seconds(3600), std::move(secret), std::move(aesKey), 0);
Block paramTLV = makeEmptyBlock(tlv::EncryptedPayload);
paramTLV.push_back(makeStringBlock(tlv::ParameterKey, ChallengePin::PARAMETER_KEY_CODE));
@@ -79,10 +81,11 @@
auto cert = key.getDefaultCertificate();
JsonSection secret;
secret.add(ChallengePin::PARAMETER_KEY_CODE, "12345");
- RequestId requestId = {1,2,3,4,5,6,7,8};
+ RequestId requestId = {1, 2, 3, 4, 5, 6, 7, 8};
+ std::array<uint8_t, 16> aesKey;
ca::RequestState request(Name("/ndn/site1"), requestId, RequestType::NEW, Status::CHALLENGE, cert,
- "pin", ChallengePin::NEED_CODE, time::system_clock::now(),
- 3, time::seconds(3600), std::move(secret), makeEmptyBlock(ndn::tlv::ContentType_Key), 0);
+ "pin", ChallengePin::NEED_CODE, time::system_clock::now(),
+ 3, time::seconds(3600), std::move(secret), std::move(aesKey), 0);
Block paramTLV = makeEmptyBlock(tlv::EncryptedPayload);
paramTLV.push_back(makeStringBlock(tlv::ParameterKey, ChallengePin::PARAMETER_KEY_CODE));
diff --git a/tests/unit-tests/protocol-encoders.t.cpp b/tests/unit-tests/protocol-encoders.t.cpp
index 184b608..6382194 100644
--- a/tests/unit-tests/protocol-encoders.t.cpp
+++ b/tests/unit-tests/protocol-encoders.t.cpp
@@ -141,29 +141,33 @@
BOOST_CHECK_EQUAL(static_cast<size_t>(s), static_cast<size_t>(Status::BEFORE_CHALLENGE));
}
-// BOOST_AUTO_TEST_CASE(ChallengeEncoding)
-// {
-// time::system_clock::TimePoint t = time::system_clock::now();
-// requester::ProfileStorage caCache;
-// caCache.load("tests/unit-tests/config-files/config-client-1");
-// security::Certificate certRequest = *caCache.m_caItems.front().m_cert;
-// RequestId id = {102};
-// ca::RequestState state(Name("/ndn/ucla"), id, RequestType::NEW, Status::PENDING,
-// certRequest, "hahaha", "Just a test", t, 3, time::seconds(321), JsonSection(),
-// Block(), 0);
-// auto b = ChallengeEncoder::encodeDataContent(state);
-// b.push_back(makeNestedBlock(tlv::IssuedCertName, Name("/ndn/ucla/a/b/c")));
+BOOST_AUTO_TEST_CASE(ChallengeEncoding)
+{
+ const uint8_t key[] = {0x23, 0x70, 0xe3, 0x20, 0xd4, 0x34, 0x42, 0x08,
+ 0xe0, 0xff, 0x56, 0x83, 0xf2, 0x43, 0xb2, 0x13};
+ time::system_clock::TimePoint t = time::system_clock::now();
+ requester::ProfileStorage caCache;
+ caCache.load("tests/unit-tests/config-files/config-client-1");
+ security::Certificate certRequest = *caCache.m_caItems.front().m_cert;
+ RequestId id = {102};
+ std::array<uint8_t, 16> aesKey;
+ std::memcpy(aesKey.data(), key, sizeof(key));
+ ca::RequestState state(Name("/ndn/ucla"), id, RequestType::NEW, Status::PENDING,
+ certRequest, "pin", "test", t, 3, time::seconds(321), JsonSection(),
+ std::move(aesKey), 0);
+ auto b = ChallengeEncoder::encodeDataContent(state, Name("/ndn/ucla/a/b/c"));
-// requester::RequestContext context(m_keyChain, caCache.m_caItems.front(), RequestType::NEW);
-// ChallengeEncoder::decodeDataContent(b, context);
+ requester::RequestContext context(m_keyChain, caCache.m_caItems.front(), RequestType::NEW);
+ std::memcpy(context.m_aesKey.data(), key, sizeof(key));
+ ChallengeEncoder::decodeDataContent(b, context);
-// BOOST_CHECK_EQUAL(static_cast<size_t>(context.m_status), static_cast<size_t>(Status::PENDING));
-// BOOST_CHECK_EQUAL(context.m_challengeStatus, "Just a test");
-// BOOST_CHECK_EQUAL(context.m_remainingTries, 3);
-// BOOST_ASSERT(context.m_freshBefore > time::system_clock::now() + time::seconds(321) - time::milliseconds(100));
-// BOOST_ASSERT(context.m_freshBefore < time::system_clock::now() + time::seconds(321) + time::milliseconds(100));
-// BOOST_CHECK_EQUAL(context.m_issuedCertName, "/ndn/ucla/a/b/c");
-// }
+ BOOST_CHECK_EQUAL(static_cast<size_t>(context.m_status), static_cast<size_t>(Status::PENDING));
+ BOOST_CHECK_EQUAL(context.m_challengeStatus, "test");
+ BOOST_CHECK_EQUAL(context.m_remainingTries, 3);
+ BOOST_ASSERT(context.m_freshBefore > time::system_clock::now() + time::seconds(321) - time::milliseconds(100));
+ BOOST_ASSERT(context.m_freshBefore < time::system_clock::now() + time::seconds(321) + time::milliseconds(100));
+ BOOST_CHECK_EQUAL(context.m_issuedCertName, "/ndn/ucla/a/b/c");
+}
BOOST_AUTO_TEST_SUITE_END()