Add CaConfig to support CA configuration
Change-Id: I3095b4c8fbe70c2f5b8e27722c0e85d1ec801aba
diff --git a/tests/unit-tests/ca-config.t.cpp b/tests/unit-tests/ca-config.t.cpp
new file mode 100644
index 0000000..09a0d08
--- /dev/null
+++ b/tests/unit-tests/ca-config.t.cpp
@@ -0,0 +1,66 @@
+/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
+/**
+ * Copyright (c) 2017, Regents of the University of California.
+ *
+ * This file is part of ndncert, a certificate management system based on NDN.
+ *
+ * ndncert is free software: you can redistribute it and/or modify it under the terms
+ * of the GNU General Public License as published by the Free Software Foundation, either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * ndncert is distributed in the hope that it will be useful, but WITHOUT ANY
+ * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+ * PARTICULAR PURPOSE. See the GNU General Public License for more details.
+ *
+ * You should have received copies of the GNU General Public License along with
+ * ndncert, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
+ *
+ * See AUTHORS.md for complete list of ndncert authors and contributors.
+ */
+
+#include "identity-management-fixture.hpp"
+#include "ca-config.hpp"
+#include <ndn-cxx/security/transform/base64-encode.hpp>
+#include <ndn-cxx/security/transform/buffer-source.hpp>
+#include <ndn-cxx/security/transform/stream-sink.hpp>
+
+namespace ndn {
+namespace ndncert {
+namespace tests {
+
+BOOST_FIXTURE_TEST_SUITE(TestCaConfig, IdentityManagementV2Fixture)
+
+BOOST_AUTO_TEST_CASE(ReadConfigFileWithFileAnchor)
+{
+ CaConfig config("tests/unit-tests/ca.conf.test");
+ BOOST_CHECK_EQUAL(config.m_caName.toUri(), "/ndn/edu/ucla/cs/zhiyi");
+ BOOST_CHECK_EQUAL(config.m_freshPeriod, 720);
+ BOOST_CHECK_EQUAL(config.m_anchor->getName().toUri(),
+ "/ndn/site1/KEY/%11%BC%22%F4c%15%FF%17/self/%FD%00%00%01Y%C8%14%D9%A5");
+ BOOST_CHECK_EQUAL(config.m_availableChallenges.size(), 1);
+}
+
+BOOST_AUTO_TEST_CASE(ReadConfigFileWithBase64Anchor)
+{
+ auto identity = addIdentity(Name("/ndn/site1"));
+ auto key = identity.getDefaultKey();
+ auto cert = key.getDefaultCertificate();
+
+ using namespace security::transform;
+ std::stringstream ss;
+ bufferSource(cert.wireEncode().wire(), cert.wireEncode().size()) >> base64Encode() >> streamSink(ss);
+
+ const std::string certBase64 = ss.str();
+
+ CaConfig config("tests/unit-tests/ca.conf.test");
+ config.m_config.put("ca-anchor.type", "base64");
+ config.m_config.put("ca-anchor.value", certBase64);
+ config.load();
+ BOOST_CHECK_EQUAL(*(config.m_anchor), cert);
+}
+
+BOOST_AUTO_TEST_SUITE_END() // TestCaConfig
+
+} // namespace tests
+} // namespace ndncert
+} // namespace ndn
diff --git a/tests/unit-tests/ca.conf.test b/tests/unit-tests/ca.conf.test
new file mode 100644
index 0000000..8459594
--- /dev/null
+++ b/tests/unit-tests/ca.conf.test
@@ -0,0 +1,73 @@
+; The namespace that the NDN Certificate Authority will serve.
+name "/ndn/edu/ucla/cs/zhiyi"
+
+; This section configures parameter(s) of the issued certificates.
+certificate-info
+{
+ ; freshness-period defines the freshness period of newly issued certificates.
+ freshness-period 720
+}
+
+; This ca-anchor section configures the CA certificate.
+;
+; The type defines the type of certificate. Now NDNCERT supports two types:
+;
+; file; value should be the file name of the certificate file
+; base64; value should be the Base64 encoded plain text of NDN certificate bytes
+;
+ca-anchor
+{
+ type file
+ value "ca.ndncert.test"
+}
+
+; This challenge-list section defines a list of all available challenge types.
+;
+; It includes one or more challenge. For every challenge, the type should be
+; the unique type identifier of the registered Challenge Module.
+;
+challenge-list
+{
+ challenge
+ {
+ type pin
+ }
+}
+
+;
+validator-conf
+{
+ ; This section defines the trust model for NDNCERT CaModule validator. It consists of rules
+ ; and trust-anchors, which are briefly defined in this file. For more information refer to
+ ; manpage of ndn-validator.conf:
+ ;
+ ; man ndn-validator.conf
+ ;
+ ; A trust-anchor is a pre-trusted certificate. This can be any certificate that is the root
+ ; of certification chain (e.g., NDN testbed root certificate) or an existing default system
+ ; certificate `default.ndncert`. A rule defines conditions a valid packet MUST have. A
+ ; packet must satisfy one of the rules defined here. A rule can be broken into two parts:
+ ; matching & checking. A packet will be matched against rules from the first to the last
+ ; until a matched rule is encountered. The matched rule will be used to check the packet. If
+ ; a packet does not match any rule, it will be treated as invalid. The matching part of a
+ ; rule consists of `for` and `filter` sections. They collectively define which packets can be
+ ; checked with this rule. `for` defines packet type (data or interest) and `filter` defines
+ ; conditions on other properties of a packet. Right now, you can only define conditions on
+ ; packet name, and you can only specify ONLY ONE filter for packet name. The checking part
+ ; of a rule consists of `checker`, which defines the conditions that a VALID packet MUST
+ ; have. See comments in checker section for more details.
+ rule
+ {
+ id "zhiyi interest rule"
+ for interest
+ filter
+ {
+ type name
+ regex ^<ndn><edu><ucla><cs><zhiyi>[<_NEW><_POLL>]<>*$
+ }
+ trust-anchor
+ {
+ type any
+ }
+ }
+}
diff --git a/tests/unit-tests/ca.ndncert.test b/tests/unit-tests/ca.ndncert.test
new file mode 100644
index 0000000..e7d29bf
--- /dev/null
+++ b/tests/unit-tests/ca.ndncert.test
@@ -0,0 +1,12 @@
+Bv0CJAcsCANuZG4IBXNpdGUxCANLRVkICBG8IvRjFf8XCARzZWxmCAn9AAABWcgU
+2aUUCRgBAhkEADbugBX9AU8wggFLMIIBAwYHKoZIzj0CATCB9wIBATAsBgcqhkjO
+PQEBAiEA/////wAAAAEAAAAAAAAAAAAAAAD///////////////8wWwQg/////wAA
+AAEAAAAAAAAAAAAAAAD///////////////wEIFrGNdiqOpPns+u9VXaYhrxlHQaw
+zFOw9jvOPD4n0mBLAxUAxJ02CIbnBJNqZnjhE50mt4GffpAEQQRrF9Hy4SxCR/i8
+5uVjpEDydwN9gS3rM6D0oTlF2JjClk/jQuL+Gn+bjufrSnwPnhYrzjNXazFezsu2
+QGg3v1H1AiEA/////wAAAAD//////////7zm+q2nF56E87nKwvxjJVECAQEDQgAE
+S9Cb9iANUNYmwt5bjwNW1mZgjzIkDJb6FTCdiYWnkMMIVxh2YDllphoWDEAPS6kq
+JczzCuhnGYpZCp9tTaYKGxZMGwEDHB0HGwgDbmRuCAVzaXRlMQgDS0VZCAgRvCL0
+YxX/F/0A/Sb9AP4PMTk3MDAxMDFUMDAwMDAw/QD/DzIwMzcwMTE3VDIxMjg0NhdI
+MEYCIQDXkR1hF3GiP7yLXq+0JBJfi9QC+hhAu/1Bykx+MWz6RAIhANwelBTxxZr2
+C5bD15mjfhWudK4I1tOb4b/9xWCHyM7F
\ No newline at end of file