def test_refresh_10s(self): with open('policy_config/testData', 'r') as dataFile: encodedData = dataFile.read() data = Data() dataBlob = Blob(b64decode(encodedData)) data.wireDecode(dataBlob) # This test is needed, since the KeyChain will express interests in # unknown certificates. vr = doVerify(self.policyManager, data) self.assertTrue(vr.hasFurtherSteps, "ConfigPolicyManager did not create ValidationRequest for unknown certificate") self.assertEqual(vr.successCount, 0, "ConfigPolicyManager called success callback with pending ValidationRequest") self.assertEqual(vr.failureCount, 0, "ConfigPolicyManager called failure callback with pending ValidationRequest") # Now save the cert data to our anchor directory, and wait. # We have to sign it with the current identity or the policy manager # will create an interest for the signing certificate. cert = CertificateV2() certData = b64decode(CERT_DUMP) cert.wireDecode(Blob(certData, False)) signingInfo = SigningInfo() signingInfo.setSigningIdentity(self.identityName) # Make sure the validity period is current for two years. now = Common.getNowMilliseconds() signingInfo.setValidityPeriod(ValidityPeriod (now, now + 2 * 365 * 24 * 3600 * 1000.0)) self.keyChain.sign(cert, signingInfo) encodedCert = b64encode(cert.wireEncode().toBytes()) with open(self.testCertFile, 'w') as certFile: certFile.write(Blob(encodedCert, False).toRawStr()) # Still too early for refresh to pick it up. vr = doVerify(self.policyManager, data) self.assertTrue(vr.hasFurtherSteps, "ConfigPolicyManager refresh occured sooner than specified") self.assertEqual(vr.successCount, 0, "ConfigPolicyManager called success callback with pending ValidationRequest") self.assertEqual(vr.failureCount, 0, "ConfigPolicyManager called failure callback with pending ValidationRequest") time.sleep(6) # Now we should find it. vr = doVerify(self.policyManager, data) self.assertFalse(vr.hasFurtherSteps, "ConfigPolicyManager did not refresh certificate store") self.assertEqual(vr.successCount, 1, "Verification success called {} times instead of 1".format( vr.successCount)) self.assertEqual(vr.failureCount, 0, "ConfigPolicyManager did not verify valid signed data")
def test_basic(self): identityName = Name("/my-identity") keyName = Name("/my-key") certificateName = Name("/my-cert") info = SigningInfo() self.assertEquals(SigningInfo.SignerType.NULL, info.getSignerType()) self.assertTrue(Name().equals(info.getSignerName())) self.assertEquals(DigestAlgorithm.SHA256, info.getDigestAlgorithm()) info.setSigningIdentity(identityName) self.assertEquals(SigningInfo.SignerType.ID, info.getSignerType()) self.assertTrue(identityName.equals(info.getSignerName())) self.assertEquals(DigestAlgorithm.SHA256, info.getDigestAlgorithm()) infoId = SigningInfo(SigningInfo.SignerType.ID, identityName) self.assertEquals(SigningInfo.SignerType.ID, infoId.getSignerType()) self.assertTrue(identityName.equals(infoId.getSignerName())) self.assertEquals(DigestAlgorithm.SHA256, infoId.getDigestAlgorithm()) info.setSigningKeyName(keyName) self.assertEquals(SigningInfo.SignerType.KEY, info.getSignerType()) self.assertTrue(keyName.equals(info.getSignerName())) self.assertEquals(DigestAlgorithm.SHA256, info.getDigestAlgorithm()) infoKey = SigningInfo(SigningInfo.SignerType.KEY, keyName) self.assertEquals(SigningInfo.SignerType.KEY, infoKey.getSignerType()) self.assertTrue(keyName.equals(infoKey.getSignerName())) self.assertEquals(DigestAlgorithm.SHA256, infoKey.getDigestAlgorithm()) info.setSigningCertificateName(certificateName) self.assertEquals(SigningInfo.SignerType.CERT, info.getSignerType()) self.assertTrue(certificateName.equals(info.getSignerName())) self.assertEquals(DigestAlgorithm.SHA256, info.getDigestAlgorithm()) infoCert = SigningInfo(SigningInfo.SignerType.CERT, certificateName) self.assertEquals(SigningInfo.SignerType.CERT, infoCert.getSignerType()) self.assertTrue(certificateName.equals(infoCert.getSignerName())) self.assertEquals(DigestAlgorithm.SHA256, infoCert.getDigestAlgorithm()) info.setSha256Signing() self.assertEquals(SigningInfo.SignerType.SHA256, info.getSignerType()) self.assertTrue(Name().equals(info.getSignerName())) self.assertEquals(DigestAlgorithm.SHA256, info.getDigestAlgorithm()) infoSha256 = SigningInfo(SigningInfo.SignerType.SHA256) self.assertEquals(SigningInfo.SignerType.SHA256, infoSha256.getSignerType()) self.assertTrue(Name().equals(infoSha256.getSignerName())) self.assertEquals(DigestAlgorithm.SHA256, infoSha256.getDigestAlgorithm())
def test_basic(self): identityName = Name("/my-identity") keyName = Name("/my-key") certificateName = Name("/my-cert") info = SigningInfo() self.assertEqual(SigningInfo.SignerType.NULL, info.getSignerType()) self.assertTrue(Name().equals(info.getSignerName())) self.assertEqual(DigestAlgorithm.SHA256, info.getDigestAlgorithm()) info.setSigningIdentity(identityName) self.assertEqual(SigningInfo.SignerType.ID, info.getSignerType()) self.assertTrue(identityName.equals(info.getSignerName())) self.assertEqual(DigestAlgorithm.SHA256, info.getDigestAlgorithm()) infoId = SigningInfo(SigningInfo.SignerType.ID, identityName) self.assertEqual(SigningInfo.SignerType.ID, infoId.getSignerType()) self.assertTrue(identityName.equals(infoId.getSignerName())) self.assertEqual(DigestAlgorithm.SHA256, infoId.getDigestAlgorithm()) info.setSigningKeyName(keyName) self.assertEqual(SigningInfo.SignerType.KEY, info.getSignerType()) self.assertTrue(keyName.equals(info.getSignerName())) self.assertEqual(DigestAlgorithm.SHA256, info.getDigestAlgorithm()) infoKey = SigningInfo(SigningInfo.SignerType.KEY, keyName) self.assertEqual(SigningInfo.SignerType.KEY, infoKey.getSignerType()) self.assertTrue(keyName.equals(infoKey.getSignerName())) self.assertEqual(DigestAlgorithm.SHA256, infoKey.getDigestAlgorithm()) info.setSigningCertificateName(certificateName) self.assertEqual(SigningInfo.SignerType.CERT, info.getSignerType()) self.assertTrue(certificateName.equals(info.getSignerName())) self.assertEqual(DigestAlgorithm.SHA256, info.getDigestAlgorithm()) infoCert = SigningInfo(SigningInfo.SignerType.CERT, certificateName) self.assertEqual(SigningInfo.SignerType.CERT, infoCert.getSignerType()) self.assertTrue(certificateName.equals(infoCert.getSignerName())) self.assertEqual(DigestAlgorithm.SHA256, infoCert.getDigestAlgorithm()) info.setSha256Signing() self.assertEqual(SigningInfo.SignerType.SHA256, info.getSignerType()) self.assertTrue(Name().equals(info.getSignerName())) self.assertEqual(DigestAlgorithm.SHA256, info.getDigestAlgorithm()) infoSha256 = SigningInfo(SigningInfo.SignerType.SHA256) self.assertEqual(SigningInfo.SignerType.SHA256, infoSha256.getSignerType()) self.assertTrue(Name().equals(infoSha256.getSignerName())) self.assertEqual(DigestAlgorithm.SHA256, infoSha256.getDigestAlgorithm())