def test_refresh_10s(self):
with open('policy_config/testData', 'r') as dataFile:
encodedData = dataFile.read()
data = Data()
dataBlob = Blob(b64decode(encodedData))
data.wireDecode(dataBlob)
# This test is needed, since the KeyChain will express interests in
# unknown certificates.
vr = doVerify(self.policyManager, data)
self.assertTrue(vr.hasFurtherSteps,
"ConfigPolicyManager did not create ValidationRequest for unknown certificate")
self.assertEqual(vr.successCount, 0,
"ConfigPolicyManager called success callback with pending ValidationRequest")
self.assertEqual(vr.failureCount, 0,
"ConfigPolicyManager called failure callback with pending ValidationRequest")
# Now save the cert data to our anchor directory, and wait.
# We have to sign it with the current identity or the policy manager
# will create an interest for the signing certificate.
cert = CertificateV2()
certData = b64decode(CERT_DUMP)
cert.wireDecode(Blob(certData, False))
signingInfo = SigningInfo()
signingInfo.setSigningIdentity(self.identityName)
# Make sure the validity period is current for two years.
now = Common.getNowMilliseconds()
signingInfo.setValidityPeriod(ValidityPeriod
(now, now + 2 * 365 * 24 * 3600 * 1000.0))
self.keyChain.sign(cert, signingInfo)
encodedCert = b64encode(cert.wireEncode().toBytes())
with open(self.testCertFile, 'w') as certFile:
certFile.write(Blob(encodedCert, False).toRawStr())
# Still too early for refresh to pick it up.
vr = doVerify(self.policyManager, data)
self.assertTrue(vr.hasFurtherSteps,
"ConfigPolicyManager refresh occured sooner than specified")
self.assertEqual(vr.successCount, 0,
"ConfigPolicyManager called success callback with pending ValidationRequest")
self.assertEqual(vr.failureCount, 0,
"ConfigPolicyManager called failure callback with pending ValidationRequest")
time.sleep(6)
# Now we should find it.
vr = doVerify(self.policyManager, data)
self.assertFalse(vr.hasFurtherSteps,
"ConfigPolicyManager did not refresh certificate store")
self.assertEqual(vr.successCount, 1,
"Verification success called {} times instead of 1".format(
vr.successCount))
self.assertEqual(vr.failureCount, 0,
"ConfigPolicyManager did not verify valid signed data")
def test_basic(self):
identityName = Name("/my-identity")
keyName = Name("/my-key")
certificateName = Name("/my-cert")
info = SigningInfo()
self.assertEquals(SigningInfo.SignerType.NULL, info.getSignerType())
self.assertTrue(Name().equals(info.getSignerName()))
self.assertEquals(DigestAlgorithm.SHA256, info.getDigestAlgorithm())
info.setSigningIdentity(identityName)
self.assertEquals(SigningInfo.SignerType.ID, info.getSignerType())
self.assertTrue(identityName.equals(info.getSignerName()))
self.assertEquals(DigestAlgorithm.SHA256, info.getDigestAlgorithm())
infoId = SigningInfo(SigningInfo.SignerType.ID, identityName)
self.assertEquals(SigningInfo.SignerType.ID, infoId.getSignerType())
self.assertTrue(identityName.equals(infoId.getSignerName()))
self.assertEquals(DigestAlgorithm.SHA256, infoId.getDigestAlgorithm())
info.setSigningKeyName(keyName)
self.assertEquals(SigningInfo.SignerType.KEY, info.getSignerType())
self.assertTrue(keyName.equals(info.getSignerName()))
self.assertEquals(DigestAlgorithm.SHA256, info.getDigestAlgorithm())
infoKey = SigningInfo(SigningInfo.SignerType.KEY, keyName)
self.assertEquals(SigningInfo.SignerType.KEY, infoKey.getSignerType())
self.assertTrue(keyName.equals(infoKey.getSignerName()))
self.assertEquals(DigestAlgorithm.SHA256, infoKey.getDigestAlgorithm())
info.setSigningCertificateName(certificateName)
self.assertEquals(SigningInfo.SignerType.CERT, info.getSignerType())
self.assertTrue(certificateName.equals(info.getSignerName()))
self.assertEquals(DigestAlgorithm.SHA256, info.getDigestAlgorithm())
infoCert = SigningInfo(SigningInfo.SignerType.CERT, certificateName)
self.assertEquals(SigningInfo.SignerType.CERT,
infoCert.getSignerType())
self.assertTrue(certificateName.equals(infoCert.getSignerName()))
self.assertEquals(DigestAlgorithm.SHA256,
infoCert.getDigestAlgorithm())
info.setSha256Signing()
self.assertEquals(SigningInfo.SignerType.SHA256, info.getSignerType())
self.assertTrue(Name().equals(info.getSignerName()))
self.assertEquals(DigestAlgorithm.SHA256, info.getDigestAlgorithm())
infoSha256 = SigningInfo(SigningInfo.SignerType.SHA256)
self.assertEquals(SigningInfo.SignerType.SHA256,
infoSha256.getSignerType())
self.assertTrue(Name().equals(infoSha256.getSignerName()))
self.assertEquals(DigestAlgorithm.SHA256,
infoSha256.getDigestAlgorithm())
def test_basic(self):
identityName = Name("/my-identity")
keyName = Name("/my-key")
certificateName = Name("/my-cert")
info = SigningInfo()
self.assertEqual(SigningInfo.SignerType.NULL, info.getSignerType())
self.assertTrue(Name().equals(info.getSignerName()))
self.assertEqual(DigestAlgorithm.SHA256, info.getDigestAlgorithm())
info.setSigningIdentity(identityName)
self.assertEqual(SigningInfo.SignerType.ID, info.getSignerType())
self.assertTrue(identityName.equals(info.getSignerName()))
self.assertEqual(DigestAlgorithm.SHA256, info.getDigestAlgorithm())
infoId = SigningInfo(SigningInfo.SignerType.ID, identityName)
self.assertEqual(SigningInfo.SignerType.ID, infoId.getSignerType())
self.assertTrue(identityName.equals(infoId.getSignerName()))
self.assertEqual(DigestAlgorithm.SHA256, infoId.getDigestAlgorithm())
info.setSigningKeyName(keyName)
self.assertEqual(SigningInfo.SignerType.KEY, info.getSignerType())
self.assertTrue(keyName.equals(info.getSignerName()))
self.assertEqual(DigestAlgorithm.SHA256, info.getDigestAlgorithm())
infoKey = SigningInfo(SigningInfo.SignerType.KEY, keyName)
self.assertEqual(SigningInfo.SignerType.KEY, infoKey.getSignerType())
self.assertTrue(keyName.equals(infoKey.getSignerName()))
self.assertEqual(DigestAlgorithm.SHA256, infoKey.getDigestAlgorithm())
info.setSigningCertificateName(certificateName)
self.assertEqual(SigningInfo.SignerType.CERT, info.getSignerType())
self.assertTrue(certificateName.equals(info.getSignerName()))
self.assertEqual(DigestAlgorithm.SHA256, info.getDigestAlgorithm())
infoCert = SigningInfo(SigningInfo.SignerType.CERT, certificateName)
self.assertEqual(SigningInfo.SignerType.CERT, infoCert.getSignerType())
self.assertTrue(certificateName.equals(infoCert.getSignerName()))
self.assertEqual(DigestAlgorithm.SHA256, infoCert.getDigestAlgorithm())
info.setSha256Signing()
self.assertEqual(SigningInfo.SignerType.SHA256, info.getSignerType())
self.assertTrue(Name().equals(info.getSignerName()))
self.assertEqual(DigestAlgorithm.SHA256, info.getDigestAlgorithm())
infoSha256 = SigningInfo(SigningInfo.SignerType.SHA256)
self.assertEqual(SigningInfo.SignerType.SHA256, infoSha256.getSignerType())
self.assertTrue(Name().equals(infoSha256.getSignerName()))
self.assertEqual(DigestAlgorithm.SHA256, infoSha256.getDigestAlgorithm())
