improve the robustness of ndncert library
Change-Id: Iaabc4d8f28ca27a7e7f501ebd122c5231ceb3ac0
diff --git a/tests/unit-tests/ca-config.t.cpp b/tests/unit-tests/ca-config.t.cpp
index 0cebb26..5b47505 100644
--- a/tests/unit-tests/ca-config.t.cpp
+++ b/tests/unit-tests/ca-config.t.cpp
@@ -32,7 +32,7 @@
BOOST_FIXTURE_TEST_SUITE(TestCaConfig, IdentityManagementFixture)
-BOOST_AUTO_TEST_CASE(ReadConfigFileWithFileAnchor)
+BOOST_AUTO_TEST_CASE(ReadConfigFile)
{
CaConfig config;
config.load("tests/unit-tests/ca.conf.test");
@@ -43,6 +43,24 @@
BOOST_CHECK_EQUAL(config.m_caInfo, "ndn testbed ca");
}
+BOOST_AUTO_TEST_CASE(ReadNonexistConfigFile)
+{
+ CaConfig config;
+ BOOST_CHECK_THROW(config.load("tests/unit-tests/Nonexist"), CaConfig::Error);
+}
+
+BOOST_AUTO_TEST_CASE(ReadConfigFileWithoutCaPrefix)
+{
+ CaConfig config;
+ BOOST_CHECK_THROW(config.load("tests/unit-tests/ca.conf.test2"), CaConfig::Error);
+}
+
+BOOST_AUTO_TEST_CASE(ReadConfigFileWithChallengeNotSupported)
+{
+ CaConfig config;
+ BOOST_CHECK_THROW(config.load("tests/unit-tests/ca.conf.test3"), CaConfig::Error);
+}
+
BOOST_AUTO_TEST_SUITE_END() // TestCaConfig
} // namespace tests
diff --git a/tests/unit-tests/ca-module.t.cpp b/tests/unit-tests/ca-module.t.cpp
index 374c847..a72a3d8 100644
--- a/tests/unit-tests/ca-module.t.cpp
+++ b/tests/unit-tests/ca-module.t.cpp
@@ -179,7 +179,8 @@
BOOST_CHECK(challengesJson.size() != 0);
client.onNewResponse(response);
- BOOST_CHECK_EQUAL_COLLECTIONS(client.m_aesKey, client.m_aesKey + 32, ca.m_aesKey, ca.m_aesKey + 32);
+ BOOST_CHECK_EQUAL_COLLECTIONS(client.m_aesKey, client.m_aesKey + sizeof(client.m_aesKey),
+ ca.m_aesKey, ca.m_aesKey + sizeof(ca.m_aesKey));
});
face.receive(*interest);
diff --git a/tests/unit-tests/ca.conf.test2 b/tests/unit-tests/ca.conf.test2
new file mode 100644
index 0000000..17f058b
--- /dev/null
+++ b/tests/unit-tests/ca.conf.test2
@@ -0,0 +1,9 @@
+{
+ "issuing-freshness": "720",
+ "validity-period": "360",
+ "ca-info": "ndn testbed ca",
+ "supported-challenges":
+ [
+ { "type": "PIN" }
+ ]
+}
\ No newline at end of file
diff --git a/tests/unit-tests/ca.conf.test3 b/tests/unit-tests/ca.conf.test3
new file mode 100644
index 0000000..f12eabb
--- /dev/null
+++ b/tests/unit-tests/ca.conf.test3
@@ -0,0 +1,10 @@
+{
+ "ca-prefix": "/ndn",
+ "issuing-freshness": "720",
+ "validity-period": "360",
+ "ca-info": "ndn testbed ca",
+ "supported-challenges":
+ [
+ { "type": "PINN" }
+ ]
+}
\ No newline at end of file
diff --git a/tests/unit-tests/client-config.t.cpp b/tests/unit-tests/client-config.t.cpp
index 5d662ff..0f8aa95 100644
--- a/tests/unit-tests/client-config.t.cpp
+++ b/tests/unit-tests/client-config.t.cpp
@@ -44,6 +44,24 @@
BOOST_CHECK_EQUAL(config.m_localNdncertAnchor, "/usr/local/etc/ndncert/anchor.key");
}
+BOOST_AUTO_TEST_CASE(ReadNonexistConfigFile)
+{
+ ClientConfig config;
+ BOOST_CHECK_THROW(config.load("tests/unit-tests/nonexist"), ClientConfig::Error);
+}
+
+BOOST_AUTO_TEST_CASE(ReadConfigFileWithInvalidCert)
+{
+ ClientConfig config;
+ BOOST_CHECK_THROW(config.load("tests/unit-tests/client.conf.test2"), ClientConfig::Error);
+}
+
+BOOST_AUTO_TEST_CASE(ReadConfigFileWithoutCaPrefix)
+{
+ ClientConfig config;
+ BOOST_CHECK_THROW(config.load("tests/unit-tests/client.conf.test3"), ClientConfig::Error);
+}
+
BOOST_AUTO_TEST_CASE(AddAndRemoveCaItem)
{
ClientConfig config;
diff --git a/tests/unit-tests/client.conf.test2 b/tests/unit-tests/client.conf.test2
new file mode 100644
index 0000000..f3d5630
--- /dev/null
+++ b/tests/unit-tests/client.conf.test2
@@ -0,0 +1,18 @@
+{
+ "ca-list":
+ [
+ {
+ "ca-prefix": "/ndn/edu/ucla",
+ "ca-info": "UCLA's ceritificate authority, located in BH4805.",
+ "probe": "email",
+ "certificate": "ANuZG4IBXNpdGUxCANLRVkICBG8IvRjFf8XCARzZWxmCAn9AAABWcgU2aUUCRgBAhkEADbugBX9AU8wggFLMIIBAwYHKoZIzj0CATCB9wIBATAsBgcqhkjOPQEBAiEA/////wAAAAEAAAAAAAAAAAAAAAD///////////////8wWwQg/////wAAAAEAAAAAAAAAAAAAAAD///////////////wEIFrGNdiqOpPns+u9VXaYhrxlHQawzFOw9jvOPD4n0mBLAxUAxJ02CIbnBJNqZnjhE50mt4GffpAEQQRrF9Hy4SxCR/i85uVjpEDydwN9gS3rM6D0oTlF2JjClk/jQuL+Gn+bjufrSnwPnhYrzjNXazFezsu2QGg3v1H1AiEA/////wAAAAD//////////7zm+q2nF56E87nKwvxjJVECAQEDQgAES9Cb9iANUNYmwt5bjwNW1mZgjzIkDJb6FTCdiYWnkMMIVxh2YDllphoWDEAPS6kqJczzCuhnGYpZCp9tTaYKGxZMGwEDHB0HGwgDbmRuCAVzaXRlMQgDS0VZCAgRvCL0YxX/F/0A/Sb9AP4PMTk3MDAxMDFUMDAwMDAw/QD/DzIwMzcwMTE3VDIxMjg0NhdIMEYCIQDXkR1hF3GiP7yLXq+0JBJfi9QC+hhAu/1Bykx+MWz6RAIhANwelBTxxZr2C5bD15mjfhWudK4I1tOb4b/9xWCHyM7F"
+ },
+ {
+ "ca-prefix": "/ndn/edu/ucla/zhiyi",
+ "ca-info": "Zhiyi's own ceritificate authority",
+ "probe": "email",
+ "certificate": "Bv0CJAcsCANuZG4IBXNpdGUxCANLRVkICBG8IvRjFf8XCARzZWxmCAn9AAABWcgU2aUUCRgBAhkEADbugBX9AU8wggFLMIIBAwYHKoZIzj0CATCB9wIBATAsBgcqhkjOPQEBAiEA/////wAAAAEAAAAAAAAAAAAAAAD///////////////8wWwQg/////wAAAAEAAAAAAAAAAAAAAAD///////////////wEIFrGNdiqOpPns+u9VXaYhrxlHQawzFOw9jvOPD4n0mBLAxUAxJ02CIbnBJNqZnjhE50mt4GffpAEQQRrF9Hy4SxCR/i85uVjpEDydwN9gS3rM6D0oTlF2JjClk/jQuL+Gn+bjufrSnwPnhYrzjNXazFezsu2QGg3v1H1AiEA/////wAAAAD//////////7zm+q2nF56E87nKwvxjJVECAQEDQgAES9Cb9iANUNYmwt5bjwNW1mZgjzIkDJb6FTCdiYWnkMMIVxh2YDllphoWDEAPS6kqJczzCuhnGYpZCp9tTaYKGxZMGwEDHB0HGwgDbmRuCAVzaXRlMQgDS0VZCAgRvCL0YxX/F/0A/Sb9AP4PMTk3MDAxMDFUMDAwMDAw/QD/DzIwMzcwMTE3VDIxMjg0NhdIMEYCIQDXkR1hF3GiP7yLXq+0JBJfi9QC+hhAu/1Bykx+MWz6RAIhANwelBTxxZr2C5bD15mjfhWudK4I1tOb4b/9xWCHyM7F"
+ }
+ ],
+ "local-ndncert-anchor": "/usr/local/etc/ndncert/anchor.key"
+}
\ No newline at end of file
diff --git a/tests/unit-tests/client.conf.test3 b/tests/unit-tests/client.conf.test3
new file mode 100644
index 0000000..257850a
--- /dev/null
+++ b/tests/unit-tests/client.conf.test3
@@ -0,0 +1,17 @@
+{
+ "ca-list":
+ [
+ {
+ "ca-info": "UCLA's ceritificate authority, located in BH4805.",
+ "probe": "email",
+ "certificate": "ANuZG4IBXNpdGUxCANLRVkICBG8IvRjFf8XCARzZWxmCAn9AAABWcgU2aUUCRgBAhkEADbugBX9AU8wggFLMIIBAwYHKoZIzj0CATCB9wIBATAsBgcqhkjOPQEBAiEA/////wAAAAEAAAAAAAAAAAAAAAD///////////////8wWwQg/////wAAAAEAAAAAAAAAAAAAAAD///////////////wEIFrGNdiqOpPns+u9VXaYhrxlHQawzFOw9jvOPD4n0mBLAxUAxJ02CIbnBJNqZnjhE50mt4GffpAEQQRrF9Hy4SxCR/i85uVjpEDydwN9gS3rM6D0oTlF2JjClk/jQuL+Gn+bjufrSnwPnhYrzjNXazFezsu2QGg3v1H1AiEA/////wAAAAD//////////7zm+q2nF56E87nKwvxjJVECAQEDQgAES9Cb9iANUNYmwt5bjwNW1mZgjzIkDJb6FTCdiYWnkMMIVxh2YDllphoWDEAPS6kqJczzCuhnGYpZCp9tTaYKGxZMGwEDHB0HGwgDbmRuCAVzaXRlMQgDS0VZCAgRvCL0YxX/F/0A/Sb9AP4PMTk3MDAxMDFUMDAwMDAw/QD/DzIwMzcwMTE3VDIxMjg0NhdIMEYCIQDXkR1hF3GiP7yLXq+0JBJfi9QC+hhAu/1Bykx+MWz6RAIhANwelBTxxZr2C5bD15mjfhWudK4I1tOb4b/9xWCHyM7F"
+ },
+ {
+ "ca-prefix": "/ndn/edu/ucla/zhiyi",
+ "ca-info": "Zhiyi's own ceritificate authority",
+ "probe": "email",
+ "certificate": "Bv0CJAcsCANuZG4IBXNpdGUxCANLRVkICBG8IvRjFf8XCARzZWxmCAn9AAABWcgU2aUUCRgBAhkEADbugBX9AU8wggFLMIIBAwYHKoZIzj0CATCB9wIBATAsBgcqhkjOPQEBAiEA/////wAAAAEAAAAAAAAAAAAAAAD///////////////8wWwQg/////wAAAAEAAAAAAAAAAAAAAAD///////////////wEIFrGNdiqOpPns+u9VXaYhrxlHQawzFOw9jvOPD4n0mBLAxUAxJ02CIbnBJNqZnjhE50mt4GffpAEQQRrF9Hy4SxCR/i85uVjpEDydwN9gS3rM6D0oTlF2JjClk/jQuL+Gn+bjufrSnwPnhYrzjNXazFezsu2QGg3v1H1AiEA/////wAAAAD//////////7zm+q2nF56E87nKwvxjJVECAQEDQgAES9Cb9iANUNYmwt5bjwNW1mZgjzIkDJb6FTCdiYWnkMMIVxh2YDllphoWDEAPS6kqJczzCuhnGYpZCp9tTaYKGxZMGwEDHB0HGwgDbmRuCAVzaXRlMQgDS0VZCAgRvCL0YxX/F/0A/Sb9AP4PMTk3MDAxMDFUMDAwMDAw/QD/DzIwMzcwMTE3VDIxMjg0NhdIMEYCIQDXkR1hF3GiP7yLXq+0JBJfi9QC+hhAu/1Bykx+MWz6RAIhANwelBTxxZr2C5bD15mjfhWudK4I1tOb4b/9xWCHyM7F"
+ }
+ ],
+ "local-ndncert-anchor": "/usr/local/etc/ndncert/anchor.key"
+}
\ No newline at end of file
diff --git a/tests/unit-tests/crypto-helper.t.cpp b/tests/unit-tests/crypto-helper.t.cpp
index eda32d1..b6f8bd3 100644
--- a/tests/unit-tests/crypto-helper.t.cpp
+++ b/tests/unit-tests/crypto-helper.t.cpp
@@ -49,6 +49,16 @@
bobResult, bobResult + 32);
}
+BOOST_AUTO_TEST_CASE(EcdhWithRawKeyWrongInput)
+{
+ ECDHState aliceState;
+ auto alicePub = aliceState.getRawSelfPubKey();
+ BOOST_CHECK(alicePub != nullptr);
+ BOOST_CHECK(aliceState.context->publicKeyLen != 0);
+ uint8_t fakePub[] = {0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b};
+ BOOST_CHECK_THROW(aliceState.deriveSecret(fakePub, sizeof(fakePub)), CryptoError);
+}
+
BOOST_AUTO_TEST_CASE(EcdhWithBase64Key)
{
ECDHState aliceState;