Ejemplo n.º 1
0
    def test_refresh_10s(self):
        with open('policy_config/testData', 'r') as dataFile:
            encodedData = dataFile.read()
            data = Data()
            dataBlob = Blob(b64decode(encodedData))
            data.wireDecode(dataBlob)

        # This test is needed, since the KeyChain will express interests in
        # unknown certificates.
        vr = doVerify(self.policyManager, data)

        self.assertTrue(vr.hasFurtherSteps,
          "ConfigPolicyManager did not create ValidationRequest for unknown certificate")
        self.assertEqual(vr.successCount, 0,
          "ConfigPolicyManager called success callback with pending ValidationRequest")
        self.assertEqual(vr.failureCount, 0,
          "ConfigPolicyManager called failure callback with pending ValidationRequest")

        # Now save the cert data to our anchor directory, and wait.
        # We have to sign it with the current identity or the policy manager
        # will create an interest for the signing certificate.

        cert = CertificateV2()
        certData = b64decode(CERT_DUMP)
        cert.wireDecode(Blob(certData, False))
        signingInfo = SigningInfo()
        signingInfo.setSigningIdentity(self.identityName)
        # Make sure the validity period is current for two years.
        now = Common.getNowMilliseconds()
        signingInfo.setValidityPeriod(ValidityPeriod
          (now, now + 2 * 365 * 24 * 3600 * 1000.0))

        self.keyChain.sign(cert, signingInfo)
        encodedCert = b64encode(cert.wireEncode().toBytes())
        with open(self.testCertFile, 'w') as certFile:
            certFile.write(Blob(encodedCert, False).toRawStr())

        # Still too early for refresh to pick it up.
        vr = doVerify(self.policyManager, data)

        self.assertTrue(vr.hasFurtherSteps,
          "ConfigPolicyManager refresh occured sooner than specified")
        self.assertEqual(vr.successCount, 0,
          "ConfigPolicyManager called success callback with pending ValidationRequest")
        self.assertEqual(vr.failureCount, 0,
          "ConfigPolicyManager called failure callback with pending ValidationRequest")
        time.sleep(6)

        # Now we should find it.
        vr  = doVerify(self.policyManager, data)

        self.assertFalse(vr.hasFurtherSteps,
          "ConfigPolicyManager did not refresh certificate store")
        self.assertEqual(vr.successCount, 1,
          "Verification success called {} times instead of 1".format(
            vr.successCount))
        self.assertEqual(vr.failureCount, 0,
          "ConfigPolicyManager did not verify valid signed data")
Ejemplo n.º 2
0
    def test_basic(self):
        identityName = Name("/my-identity")
        keyName = Name("/my-key")
        certificateName = Name("/my-cert")

        info = SigningInfo()

        self.assertEquals(SigningInfo.SignerType.NULL, info.getSignerType())
        self.assertTrue(Name().equals(info.getSignerName()))
        self.assertEquals(DigestAlgorithm.SHA256, info.getDigestAlgorithm())

        info.setSigningIdentity(identityName)
        self.assertEquals(SigningInfo.SignerType.ID, info.getSignerType())
        self.assertTrue(identityName.equals(info.getSignerName()))
        self.assertEquals(DigestAlgorithm.SHA256, info.getDigestAlgorithm())

        infoId = SigningInfo(SigningInfo.SignerType.ID, identityName)
        self.assertEquals(SigningInfo.SignerType.ID, infoId.getSignerType())
        self.assertTrue(identityName.equals(infoId.getSignerName()))
        self.assertEquals(DigestAlgorithm.SHA256, infoId.getDigestAlgorithm())

        info.setSigningKeyName(keyName)
        self.assertEquals(SigningInfo.SignerType.KEY, info.getSignerType())
        self.assertTrue(keyName.equals(info.getSignerName()))
        self.assertEquals(DigestAlgorithm.SHA256, info.getDigestAlgorithm())

        infoKey = SigningInfo(SigningInfo.SignerType.KEY, keyName)
        self.assertEquals(SigningInfo.SignerType.KEY, infoKey.getSignerType())
        self.assertTrue(keyName.equals(infoKey.getSignerName()))
        self.assertEquals(DigestAlgorithm.SHA256, infoKey.getDigestAlgorithm())

        info.setSigningCertificateName(certificateName)
        self.assertEquals(SigningInfo.SignerType.CERT, info.getSignerType())
        self.assertTrue(certificateName.equals(info.getSignerName()))
        self.assertEquals(DigestAlgorithm.SHA256, info.getDigestAlgorithm())

        infoCert = SigningInfo(SigningInfo.SignerType.CERT, certificateName)
        self.assertEquals(SigningInfo.SignerType.CERT,
                          infoCert.getSignerType())
        self.assertTrue(certificateName.equals(infoCert.getSignerName()))
        self.assertEquals(DigestAlgorithm.SHA256,
                          infoCert.getDigestAlgorithm())

        info.setSha256Signing()
        self.assertEquals(SigningInfo.SignerType.SHA256, info.getSignerType())
        self.assertTrue(Name().equals(info.getSignerName()))
        self.assertEquals(DigestAlgorithm.SHA256, info.getDigestAlgorithm())

        infoSha256 = SigningInfo(SigningInfo.SignerType.SHA256)
        self.assertEquals(SigningInfo.SignerType.SHA256,
                          infoSha256.getSignerType())
        self.assertTrue(Name().equals(infoSha256.getSignerName()))
        self.assertEquals(DigestAlgorithm.SHA256,
                          infoSha256.getDigestAlgorithm())
Ejemplo n.º 3
0
    def test_basic(self):
        identityName = Name("/my-identity")
        keyName = Name("/my-key")
        certificateName = Name("/my-cert")

        info = SigningInfo()

        self.assertEqual(SigningInfo.SignerType.NULL, info.getSignerType())
        self.assertTrue(Name().equals(info.getSignerName()))
        self.assertEqual(DigestAlgorithm.SHA256, info.getDigestAlgorithm())

        info.setSigningIdentity(identityName)
        self.assertEqual(SigningInfo.SignerType.ID, info.getSignerType())
        self.assertTrue(identityName.equals(info.getSignerName()))
        self.assertEqual(DigestAlgorithm.SHA256, info.getDigestAlgorithm())

        infoId = SigningInfo(SigningInfo.SignerType.ID, identityName)
        self.assertEqual(SigningInfo.SignerType.ID, infoId.getSignerType())
        self.assertTrue(identityName.equals(infoId.getSignerName()))
        self.assertEqual(DigestAlgorithm.SHA256, infoId.getDigestAlgorithm())

        info.setSigningKeyName(keyName)
        self.assertEqual(SigningInfo.SignerType.KEY, info.getSignerType())
        self.assertTrue(keyName.equals(info.getSignerName()))
        self.assertEqual(DigestAlgorithm.SHA256, info.getDigestAlgorithm())

        infoKey = SigningInfo(SigningInfo.SignerType.KEY, keyName)
        self.assertEqual(SigningInfo.SignerType.KEY, infoKey.getSignerType())
        self.assertTrue(keyName.equals(infoKey.getSignerName()))
        self.assertEqual(DigestAlgorithm.SHA256, infoKey.getDigestAlgorithm())

        info.setSigningCertificateName(certificateName)
        self.assertEqual(SigningInfo.SignerType.CERT, info.getSignerType())
        self.assertTrue(certificateName.equals(info.getSignerName()))
        self.assertEqual(DigestAlgorithm.SHA256, info.getDigestAlgorithm())

        infoCert = SigningInfo(SigningInfo.SignerType.CERT, certificateName)
        self.assertEqual(SigningInfo.SignerType.CERT, infoCert.getSignerType())
        self.assertTrue(certificateName.equals(infoCert.getSignerName()))
        self.assertEqual(DigestAlgorithm.SHA256, infoCert.getDigestAlgorithm())

        info.setSha256Signing()
        self.assertEqual(SigningInfo.SignerType.SHA256, info.getSignerType())
        self.assertTrue(Name().equals(info.getSignerName()))
        self.assertEqual(DigestAlgorithm.SHA256, info.getDigestAlgorithm())

        infoSha256 = SigningInfo(SigningInfo.SignerType.SHA256)
        self.assertEqual(SigningInfo.SignerType.SHA256, infoSha256.getSignerType())
        self.assertTrue(Name().equals(infoSha256.getSignerName()))
        self.assertEqual(DigestAlgorithm.SHA256, infoSha256.getDigestAlgorithm())