aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorVincent Du <vdu@affinegy.com>2017-03-22 14:42:52 -0500
committerVincent Du <vdu@affinegy.com>2017-03-23 16:51:55 -0500
commit5e972dae10e6173408fffb1177e74f53b6f444da (patch)
tree2a6902a646ae4b3fdce670864bef0a5cb7108966
parent6f2c0512594c40c9dd6876fc37176fc1f204a151 (diff)
parentd7cc55a1ecc0dc1a9c1f122b781a9372a0c5e3f7 (diff)
ASACORE-3555: Merge branch 'master' into 1610-merge
Change-Id: I11b13a92369c8457327e94b77a0211a232d82953 Signed-off-by: Vincent Du <vdu@affinegy.com>
-rw-r--r--.gitignore1
-rw-r--r--alljoyn_c/inc/alljoyn_c/InterfaceDescription.h24
-rw-r--r--alljoyn_c/inc/alljoyn_c/PermissionConfigurator.h90
-rw-r--r--alljoyn_c/inc/alljoyn_c/SecurityApplicationProxy.h229
-rw-r--r--alljoyn_c/samples/basic/basic_c_service.c1
-rw-r--r--alljoyn_c/src/InterfaceDescription.cc8
-rw-r--r--alljoyn_c/src/PermissionConfigurator.cc119
-rw-r--r--alljoyn_c/src/SConscript5
-rw-r--r--alljoyn_c/src/SecurityApplicationProxy.cc351
-rw-r--r--alljoyn_c/unit_test/PermissionConfiguratorTest.cc39
-rw-r--r--alljoyn_c/unit_test/SecurityApplicationProxyTest.cc159
-rw-r--r--alljoyn_core/SConscript4
-rw-r--r--alljoyn_core/docs/snippets/SConscript2
-rw-r--r--alljoyn_core/inc/alljoyn/AboutIconObj.h7
-rw-r--r--alljoyn_core/inc/alljoyn/AboutObj.h4
-rw-r--r--alljoyn_core/inc/alljoyn/AboutObjectDescription.h1
-rw-r--r--alljoyn_core/inc/alljoyn/AuthListener.h2
-rw-r--r--alljoyn_core/inc/alljoyn/BusAttachment.h2
-rw-r--r--alljoyn_core/inc/alljoyn/BusObject.h3
-rw-r--r--alljoyn_core/inc/alljoyn/InterfaceDescription.h32
-rw-r--r--alljoyn_core/inc/alljoyn/Message.h2
-rw-r--r--alljoyn_core/inc/alljoyn/MsgArg.h6
-rw-r--r--alljoyn_core/inc/alljoyn/PermissionConfigurator.h2
-rw-r--r--alljoyn_core/inc/alljoyn/PermissionPolicy.h4
-rw-r--r--alljoyn_core/inc/alljoyn/ProxyBusObject.h9
-rw-r--r--alljoyn_core/inc/alljoyn/SecurityApplicationProxy.h64
-rw-r--r--alljoyn_core/router/DaemonSLAPTransport.cc6
-rw-r--r--alljoyn_core/router/SConscript11
-rw-r--r--alljoyn_core/router/TCPTransport.cc11
-rw-r--r--alljoyn_core/router/UDPTransport.cc16
-rw-r--r--alljoyn_core/router/ns/IpNameServiceImpl.cc120
-rw-r--r--alljoyn_core/router/ns/IpNameServiceImpl.h2
-rw-r--r--alljoyn_core/router/posix/DaemonTransportPosix.cc6
-rw-r--r--alljoyn_core/router/posix/SConscript14
-rw-r--r--alljoyn_core/router/test/SConscript19
-rw-r--r--alljoyn_core/router/test/ardp.cc2
-rw-r--r--alljoyn_core/router/test/ardptest.cc2
-rw-r--r--alljoyn_core/router/windows/NamedPipeDaemonTransport.cc2
-rw-r--r--alljoyn_core/samples/basic/basic_service.cc1
-rw-r--r--alljoyn_core/samples/basic/signal_service.cc1
-rw-r--r--alljoyn_core/samples/eventaction/SConscript2
-rw-r--r--alljoyn_core/samples/secure/door/secure_door_common.cc64
-rw-r--r--alljoyn_core/samples/secure/door/secure_door_common.h2
-rw-r--r--alljoyn_core/samples/secure/door/secure_door_provider.cc37
-rw-r--r--alljoyn_core/samples/securitymgr/agent/src/Manifest.cc4
-rw-r--r--alljoyn_core/samples/securitymgr/agent/src/SecurityAgentImpl.cc16
-rw-r--r--alljoyn_core/samples/securitymgr/agent/unit_test/ResetTests.cc13
-rw-r--r--alljoyn_core/samples/securitymgr/agent/unit_test/SConscript2
-rw-r--r--alljoyn_core/samples/securitymgr/agent/unit_test/TestApplication.cc3
-rw-r--r--alljoyn_core/samples/securitymgr/agent/unit_test/TestUtil.cc16
-rw-r--r--alljoyn_core/samples/windows/Service/Service.cpp1
-rw-r--r--alljoyn_core/src/AllJoynStd.cc2
-rw-r--r--alljoyn_core/src/BusObject.cc4
-rw-r--r--alljoyn_core/src/NullTransport.cc2
-rw-r--r--alljoyn_core/src/PeerState.cc15
-rw-r--r--alljoyn_core/src/PeerState.h7
-rw-r--r--alljoyn_core/src/PermissionMgmtObj.cc338
-rw-r--r--alljoyn_core/src/PermissionMgmtObj.h12
-rw-r--r--alljoyn_core/src/PermissionPolicy.cc1
-rw-r--r--alljoyn_core/src/RemoteEndpoint.cc23
-rw-r--r--alljoyn_core/src/RemoteEndpoint.h16
-rw-r--r--alljoyn_core/src/SConscript10
-rw-r--r--alljoyn_core/src/SecurityApplicationObj.cc2
-rw-r--r--alljoyn_core/src/SecurityApplicationProxy.cc119
-rw-r--r--alljoyn_core/src/SessionOpts.cc19
-rw-r--r--alljoyn_core/src/XmlRulesValidator.cc4
-rw-r--r--alljoyn_core/src/posix/ClientTransport.cc6
-rw-r--r--alljoyn_core/src/version.cc.in6
-rw-r--r--alljoyn_core/src/windows/ClientTransportWindows.cc6
-rw-r--r--alljoyn_core/src/windows/NamedPipeClientTransport.cc7
-rw-r--r--alljoyn_core/test/bbclient.cc41
-rw-r--r--alljoyn_core/test/bbjoin.cc107
-rw-r--r--alljoyn_core/test/marshal.cc28
-rw-r--r--alljoyn_core/test/mc-rcv.cc2
-rw-r--r--alljoyn_core/test/mc-snd.cc2
-rw-r--r--alljoyn_core/test/remarshal.cc14
-rw-r--r--alljoyn_core/unit_test/BusAttachmentTest.cc42
-rw-r--r--alljoyn_core/unit_test/CredentialAccessorTest.cc39
-rw-r--r--alljoyn_core/unit_test/MarshalTest.cc6
-rw-r--r--alljoyn_core/unit_test/PermissionMgmtTest.cc603
-rw-r--r--alljoyn_core/unit_test/PermissionMgmtTest.h58
-rw-r--r--alljoyn_core/unit_test/PermissionMgmtUseCaseTest.cc141
-rw-r--r--alljoyn_core/unit_test/PropChangedTest.cc1
-rw-r--r--alljoyn_core/unit_test/RemoteEndpointTest.cc15
-rw-r--r--alljoyn_core/unit_test/SConscript2
-rw-r--r--alljoyn_core/unit_test/SecurityACLTest.cc725
-rw-r--r--alljoyn_core/unit_test/SecurityAuthenticationTest.cc642
-rw-r--r--alljoyn_core/unit_test/SecurityClaimApplicationTest.cc387
-rw-r--r--alljoyn_core/unit_test/SecurityDefaultPolicyTest.cc270
-rw-r--r--alljoyn_core/unit_test/SecurityManagementTest.cc647
-rw-r--r--alljoyn_core/unit_test/SecurityMembershipPropagationTest.cc489
-rw-r--r--alljoyn_core/unit_test/SecurityOfflineClaimTest.cc195
-rw-r--r--alljoyn_core/unit_test/SecurityOfflineManagementTest.cc415
-rw-r--r--alljoyn_core/unit_test/SecurityOtherTests.cc238
-rw-r--r--alljoyn_core/unit_test/SecurityPolicyRulesTest.cc1060
-rw-r--r--alljoyn_core/unit_test/SecurityTestHelper.cc708
-rw-r--r--alljoyn_core/unit_test/SecurityTestHelper.h150
-rw-r--r--alljoyn_core/unit_test/SecurityWildCardPolicyRulesTest.cc178
-rw-r--r--alljoyn_core/unit_test/TestSecurityManager.cc18
-rw-r--r--alljoyn_core/unit_test/check/AllJoynObjTest.cc8
-rw-r--r--alljoyn_java/jni/CertificateX509.cc2
-rw-r--r--alljoyn_java/jni/CryptoECC.cc1
-rw-r--r--alljoyn_java/jni/ECCSecret.cc1
-rw-r--r--alljoyn_java/jni/JAboutObject.h2
-rw-r--r--alljoyn_java/jni/JApplicationStateListener.cc1
-rw-r--r--alljoyn_java/jni/JApplicationStateListener.h2
-rw-r--r--alljoyn_java/jni/JAuthListener.h2
-rw-r--r--alljoyn_java/jni/JBusAttachment.h2
-rw-r--r--alljoyn_java/jni/JKeyStoreListener.h2
-rw-r--r--alljoyn_java/jni/JPermissionConfigurationListener.cc1
-rw-r--r--alljoyn_java/jni/JPermissionConfigurationListener.h2
-rw-r--r--alljoyn_java/jni/JSignalHandler.h2
-rw-r--r--alljoyn_java/jni/PendingAsyncJoin.h2
-rw-r--r--alljoyn_java/jni/PendingAsyncPing.h2
-rw-r--r--alljoyn_java/jni/PermissionConfigurator.cc1
-rw-r--r--alljoyn_java/jni/SecurityApplicationProxy.cc1
-rw-r--r--alljoyn_java/jni/alljoyn_jni_helper.cc2
-rwxr-xr-xalljoyn_java/src/SConscript1
-rw-r--r--alljoyn_java/src/org/alljoyn/bus/AbstractDynamicBusObject.java272
-rw-r--r--alljoyn_java/src/org/alljoyn/bus/BusAttachment.java158
-rw-r--r--alljoyn_java/src/org/alljoyn/bus/Observer.java111
-rw-r--r--alljoyn_java/src/org/alljoyn/bus/common/ECCPrivateKey.java17
-rw-r--r--alljoyn_java/src/org/alljoyn/bus/common/ECCPublicKey.java18
-rw-r--r--alljoyn_java/src/org/alljoyn/bus/common/KeyInfo.java7
-rw-r--r--alljoyn_java/src/org/alljoyn/bus/common/KeyInfoECC.java5
-rw-r--r--alljoyn_java/src/org/alljoyn/bus/common/KeyInfoNISTP256.java26
-rwxr-xr-xalljoyn_java/src/org/alljoyn/bus/defs/SignalDef.java51
-rw-r--r--alljoyn_java/test/org/alljoyn/bus/BusAttachmentTest.java242
-rw-r--r--alljoyn_java/test/org/alljoyn/bus/ObserverTest.java331
-rw-r--r--alljoyn_java/test/org/alljoyn/bus/SignalEmitterTest.java409
-rw-r--r--[-rwxr-xr-x]alljoyn_js/jni/npapi/np.cc0
-rw-r--r--alljoyn_objc/.gitignore8
-rw-r--r--alljoyn_objc/AllJoynCodeGenerator/AllJoynCodeGenerator.xcodeproj/project.pbxproj253
-rw-r--r--alljoyn_objc/AllJoynCodeGenerator/AllJoynCodeGenerator.xcworkspace/contents.xcworkspacedata7
-rw-r--r--alljoyn_objc/AllJoynCodeGenerator/AllJoynCodeGenerator/AllJoynCodeGenerator.h45
-rw-r--r--alljoyn_objc/AllJoynCodeGenerator/AllJoynCodeGenerator/AllJoynCodeGenerator.m256
-rw-r--r--alljoyn_objc/AllJoynCodeGenerator/AllJoynCodeGenerator/main.m159
-rw-r--r--alljoyn_objc/AllJoynCodeGenerator/AllJoynCodeGenerator/objcExtensionHeader.xsl49
-rw-r--r--alljoyn_objc/AllJoynCodeGenerator/AllJoynCodeGenerator/objcExtensionSource.xsl54
-rw-r--r--alljoyn_objc/AllJoynCodeGenerator/AllJoynCodeGenerator/objcHeader.xsl82
-rw-r--r--alljoyn_objc/AllJoynCodeGenerator/AllJoynCodeGenerator/objcSource.xsl417
-rw-r--r--alljoyn_objc/AllJoynCodeGenerator/AllJoynCodeGeneratorTests/AllJoynCodeGeneratorTests.m148
-rw-r--r--alljoyn_objc/AllJoynCodeGenerator/AllJoynCodeGeneratorTests/BasicObjectCase/AJNBasicObjectRef.h (renamed from alljoyn_objc/AllJoynCodeGenerator/AllJoynCodeGenerator/AJNBasicObject.h)117
-rw-r--r--alljoyn_objc/AllJoynCodeGenerator/AllJoynCodeGeneratorTests/BasicObjectCase/AJNBasicObjectRef.mm (renamed from alljoyn_objc/AllJoynCodeGenerator/AllJoynCodeGenerator/AJNBasicObject.mm)1231
-rw-r--r--alljoyn_objc/AllJoynCodeGenerator/AllJoynCodeGeneratorTests/BasicObjectCase/BasicObjectModel.xml (renamed from alljoyn_objc/AllJoynCodeGenerator/AllJoynCodeGenerator/BasicObjectModel.xml)26
-rw-r--r--alljoyn_objc/AllJoynCodeGenerator/AllJoynCodeGeneratorTests/BasicObjectCase/BasicObjectRef.h (renamed from alljoyn_objc/AllJoynCodeGenerator/AllJoynCodeGenerator/BasicObject.h)11
-rw-r--r--alljoyn_objc/AllJoynCodeGenerator/AllJoynCodeGeneratorTests/BasicObjectCase/BasicObjectRef.m (renamed from alljoyn_objc/AllJoynCodeGenerator/AllJoynCodeGenerator/BasicObject.m)48
-rw-r--r--alljoyn_objc/AllJoynCodeGenerator/AllJoynCodeGeneratorTests/CodeGeneratorCompileTest/CodeGeneratorCompileTest.xcodeproj/project.pbxproj317
-rw-r--r--alljoyn_objc/AllJoynCodeGenerator/AllJoynCodeGeneratorTests/CodeGeneratorCompileTest/CodeGeneratorCompileTest.xcodeproj/project.xcworkspace/contents.xcworkspacedata7
-rw-r--r--alljoyn_objc/AllJoynCodeGenerator/AllJoynCodeGeneratorTests/CodeGeneratorCompileTest/CodeGeneratorCompileTest/.gitignore1
-rw-r--r--alljoyn_objc/AllJoynCodeGenerator/AllJoynCodeGeneratorTests/CodeGeneratorCompileTest/CodeGeneratorCompileTest/main.m37
-rw-r--r--alljoyn_objc/AllJoynCodeGenerator/AllJoynCodeGeneratorTests/Info.plist (renamed from alljoyn_objc/AllJoynFramework_iOS/AllJoynFramework_iOSTests/AllJoynFramework_iOSTests-Info.plist)6
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework.xcodeproj/project.pbxproj1970
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework.xcodeproj/project.xcworkspace/contents.xcworkspacedata2
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework.xcodeproj/xcshareddata/xcschemes/AllJoynFramework.xcscheme87
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework.xcodeproj/xcshareddata/xcschemes/AllJoynFramework_iOS.xcscheme (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework.xcodeproj/xcshareddata/xcschemes/API Documentation.xcscheme)42
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNAboutData.mm180
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNAboutDataListenerImpl.mm3
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNApplicationStateListenerImpl.mm4
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNBusAttachment.mm57
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNBusObject.mm22
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNCertificateX509.mm7
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNClientController.m2
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNGUID.mm6
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNMessageArgument.mm18
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNPermissionConfigurator.mm58
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNPingListenerImpl.mm4
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNProxyBusObject.mm34
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNSecurityApplicationProxy.mm12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNServiceController.m2
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNTranslatorImpl.mm2
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/AllJoynFramework-Prefix.pch7
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNAboutData.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNAboutData.h)214
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNAboutDataListener.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNAboutDataListener.h)16
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNAboutDataListenerImpl.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNAboutDataListenerImpl.h)28
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNAboutIcon.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNAboutIcon.h)16
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNAboutIconObject.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNAboutIconObject.h)16
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNAboutIconProxy.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNAboutIconProxy.h)16
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNAboutListener.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNAboutListener.h)12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNAboutListenerImpl.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNAboutListenerImpl.h)26
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNAboutObject.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNAboutObject.h)16
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNAboutObjectDescription.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNAboutObjectDescription.h)24
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNAboutProxy.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNAboutProxy.h)26
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNApplicationStateListener.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNApplicationStateListener.h)14
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNApplicationStateListenerImpl.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNApplicationStateListenerImpl.h)10
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNAuthenticationListener.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNAuthenticationListener.h)12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNAuthenticationListenerImpl.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNAuthenticationListenerImpl.h)12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNAutoPinger.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNAutoPinger.h)24
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNBus.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNBus.h)12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNBusAttachment.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNBusAttachment.h)217
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNBusController.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNBusController.h)12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNBusInterface.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNBusInterface.h)12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNBusListener.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNBusListener.h)12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNBusListenerImpl.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNBusListenerImpl.h)12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNBusObject.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNBusObject.h)51
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNBusObjectImpl.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNBusObjectImpl.h)12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNCertificateX509.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNCertificateX509.h)105
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNClientController.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNClientController.h)12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNCryptoECC.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNCryptoECC.h)15
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNGUID.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNGUID.h)27
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNHandle.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNHandle.h)12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNInit.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNInit.h)12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNInterfaceDescription.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNInterfaceDescription.h)73
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNInterfaceMember.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNInterfaceMember.h)12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNInterfaceProperty.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNInterfaceProperty.h)12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNKeyInfoECC.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNKeyInfoECC.h)23
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNKeyStoreListener.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNKeyStoreListener.h)18
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNKeyStoreListenerImpl.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNKeyStoreListenerImpl.h)14
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNMessage.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNMessage.h)14
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNMessageArgument.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNMessageArgument.h)41
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNMessageHeaderFields.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNMessageHeaderFields.h)12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNObject.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNObject.h)12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNObserver.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNObserver.h)16
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNObserverListener.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNObserverListener.h)16
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNPasswordManager.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNPasswordManager.h)12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNPermissionConfigurationListener.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNPermissionConfigurationListener.h)12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNPermissionConfigurationListenerImpl.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNPermissionConfigurationListenerImpl.h)12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNPermissionConfigurator.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNPermissionConfigurator.h)145
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNPingListener.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNPingListener.h)16
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNPingListenerImpl.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNPingListenerImpl.h)12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNProxyBusObject.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNProxyBusObject.h)121
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNSecurityApplicationProxy.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNSecurityApplicationProxy.h)136
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNSecurityCredentials.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNSecurityCredentials.h)12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNServiceController.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNServiceController.h)12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNSessionListener.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNSessionListener.h)14
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNSessionListenerImpl.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNSessionListenerImpl.h)12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNSessionOptions.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNSessionOptions.h)12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNSessionPortListener.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNSessionPortListener.h)12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNSessionPortListenerImpl.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNSessionPortListenerImpl.h)14
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNSignalHandler.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNSignalHandler.h)12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNSignalHandlerImpl.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNSignalHandlerImpl.h)12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNStatus.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNStatus.h)12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNTranslator.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNTranslator.h)44
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNTranslatorImpl.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNTranslatorImpl.h)12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNTransportMask.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNTransportMask.h)10
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNType.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNType.h)12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFramework/include/AJNVersion.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFramework/AJNVersion.h)12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFrameworkTests/AJNBasicObject.mm12
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFrameworkTests/AJNEventsActionObject.mm636
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFrameworkTests/AJNEventsActionsObject.mm66
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFrameworkTests/AJNObserverTestObjects.h8
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFrameworkTests/AJNSecureObject.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFrameworkTests/AJNEventsActionObject.h)60
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFrameworkTests/AJNSecureObject.mm371
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFrameworkTests/AuthenticationTests.m74
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFrameworkTests/AutoPingerTests.h34
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFrameworkTests/AutoPingerTests.m (renamed from alljoyn_objc/AllJoynFramework/AllJoynFrameworkTests/AutoPingerTest.m)152
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFrameworkTests/BusAttachmentTests.m466
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFrameworkTests/BusObjectTests.m121
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFrameworkTests/EventsActionsTests.m1216
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFrameworkTests/Info.plist (renamed from alljoyn_objc/AllJoynFramework/AllJoynFrameworkTests/AllJoynFrameworkTests-Info.plist)8
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFrameworkTests/InterfaceDescriptionTests.m22
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFrameworkTests/ObserverTests.m144
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFrameworkTests/SecureObject.h (renamed from alljoyn_objc/AllJoynFramework/AllJoynFrameworkTests/EventsActionObject.h)18
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFrameworkTests/SecureObject.m (renamed from alljoyn_objc/AllJoynFramework/AllJoynFrameworkTests/EventsActionObject.m)23
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFrameworkTests/SecurityTests.mm921
-rw-r--r--alljoyn_objc/AllJoynFramework/AllJoynFrameworkTests/en.lproj/InfoPlist.strings2
-rw-r--r--alljoyn_objc/AllJoynFramework_iOS/AllJoynFramework_iOS.xcodeproj/project.pbxproj1080
-rw-r--r--alljoyn_objc/AllJoynFramework_iOS/AllJoynFramework_iOS.xcodeproj/xcshareddata/xcschemes/API Documentation.xcscheme71
-rw-r--r--alljoyn_objc/AllJoynFramework_iOS/AllJoynFramework_iOS.xcodeproj/xcshareddata/xcschemes/AllJoynFramework_iOS.xcscheme126
-rw-r--r--alljoyn_objc/AllJoynFramework_iOS/AllJoynFramework_iOS/AllJoynFramework_iOS-Prefix.pch7
-rw-r--r--alljoyn_objc/AllJoynFramework_iOS/AllJoynFramework_iOSTests/en.lproj/InfoPlist.strings2
-rw-r--r--alljoyn_objc/README-INSTALLING.txt79
-rw-r--r--alljoyn_objc/alljoyn_darwin.xcodeproj/project.pbxproj402
-rw-r--r--alljoyn_objc/alljoyn_darwin.xcodeproj/xcshareddata/xcschemes/alljoyn_c_iOS.xcscheme (renamed from alljoyn_objc/alljoyn_darwin.xcodeproj/xcshareddata/xcschemes/alljoyn_core_arm64.xcscheme)20
-rw-r--r--alljoyn_objc/alljoyn_darwin.xcodeproj/xcshareddata/xcschemes/alljoyn_c_ios.xcscheme71
-rw-r--r--alljoyn_objc/alljoyn_darwin.xcodeproj/xcshareddata/xcschemes/alljoyn_c_macOS.xcscheme (renamed from alljoyn_objc/alljoyn_darwin.xcodeproj/xcshareddata/xcschemes/alljoyn_core_ios_x64.xcscheme)20
-rw-r--r--alljoyn_objc/alljoyn_darwin.xcodeproj/xcshareddata/xcschemes/alljoyn_c_osx.xcscheme118
-rw-r--r--alljoyn_objc/alljoyn_darwin.xcodeproj/xcshareddata/xcschemes/alljoyn_core_ios.xcscheme71
-rw-r--r--alljoyn_objc/alljoyn_darwin.xcodeproj/xcshareddata/xcschemes/alljoyn_core_osx.xcscheme109
-rw-r--r--alljoyn_objc/alljoyn_darwin.xcodeproj/xcshareddata/xcschemes/alljoyn_core_osx_x64.xcscheme118
-rw-r--r--alljoyn_objc/alljoyn_darwin.xcodeproj/xcshareddata/xcschemes/alljoyn_cpp_iOS.xcscheme (renamed from alljoyn_objc/alljoyn_darwin.xcodeproj/xcshareddata/xcschemes/alljoyn_core_ios_armv7s.xcscheme)20
-rw-r--r--alljoyn_objc/alljoyn_darwin.xcodeproj/xcshareddata/xcschemes/alljoyn_cpp_macOS.xcscheme (renamed from alljoyn_objc/alljoyn_darwin.xcodeproj/xcshareddata/xcschemes/alljoyn_core_ios_armv7.xcscheme)23
-rwxr-xr-xalljoyn_objc/build_core_ios.sh81
-rwxr-xr-xalljoyn_objc/build_core_macos.sh71
-rwxr-xr-xalljoyn_objc/build_ios.sh76
-rwxr-xr-xalljoyn_objc/build_macos.sh64
-rw-r--r--alljoyn_objc/samples/OSX/AllJoynChat/AllJoynChat.xcodeproj/project.pbxproj298
-rw-r--r--alljoyn_objc/samples/OSX/AllJoynChat/AllJoynChat/AJNCChatObjectSignalHandlerImpl.mm16
-rw-r--r--alljoyn_objc/samples/OSX/AllJoynChat/AllJoynChat/AJNCConversation.m4
-rw-r--r--alljoyn_objc/samples/OSX/basic_client/basic_client.xcodeproj/project.pbxproj288
-rw-r--r--alljoyn_objc/samples/OSX/basic_client/basic_client/BasicClientViewController.m6
-rw-r--r--alljoyn_objc/samples/OSX/basic_client/basic_clientTests/basic_clientTests.m4
-rw-r--r--alljoyn_objc/samples/OSX/basic_service/basic_service.xcodeproj/project.pbxproj292
-rw-r--r--alljoyn_objc/samples/OSX/basic_service/basic_service/BasicSampleObject.mm14
-rw-r--r--alljoyn_objc/samples/OSX/basic_service/basic_service/BasicSampleObjectImpl.mm6
-rw-r--r--alljoyn_objc/samples/OSX/basic_service/basic_service/BasicService.mm57
-rw-r--r--alljoyn_objc/samples/OSX/basic_service/basic_service/BasicServiceViewController.m7
-rw-r--r--alljoyn_objc/samples/OSX/basic_service/basic_serviceTests/basic_serviceTests.m4
-rw-r--r--alljoyn_objc/samples/iOS/AboutClient/AboutClient.xcodeproj/project.pbxproj292
-rw-r--r--alljoyn_objc/samples/iOS/AboutClient/BasicClient/AboutClient.m52
-rw-r--r--alljoyn_objc/samples/iOS/AboutService/AboutService.xcodeproj/project.pbxproj311
-rw-r--r--alljoyn_objc/samples/iOS/AboutService/BasicService/AJNBasicObject.mm90
-rw-r--r--alljoyn_objc/samples/iOS/AboutService/BasicService/AppDelegate.m10
-rw-r--r--alljoyn_objc/samples/iOS/BasicClient/BasicClient.xcodeproj/project.pbxproj300
-rw-r--r--alljoyn_objc/samples/iOS/BasicClient/BasicClient/BasicClient.m66
-rw-r--r--alljoyn_objc/samples/iOS/BasicService/BasicService.xcodeproj/project.pbxproj298
-rw-r--r--alljoyn_objc/samples/iOS/BasicService/BasicService/AppDelegate.m4
-rw-r--r--alljoyn_objc/samples/iOS/BasicService/BasicService/BasicService.m56
-rw-r--r--alljoyn_objc/samples/iOS/DoorObserver/DoorObject/AJNDoorObject.mm8
-rw-r--r--alljoyn_objc/samples/iOS/DoorObserver/DoorObserver.xcodeproj/project.pbxproj376
-rw-r--r--alljoyn_objc/samples/iOS/DoorObserver/DoorObserver/AppDelegate.m113
-rw-r--r--alljoyn_objc/samples/iOS/SecureClient/SecureClient.xcodeproj/project.pbxproj325
-rw-r--r--alljoyn_objc/samples/iOS/SecureClient/SecureClient/AJNSecureObject.h2
-rw-r--r--alljoyn_objc/samples/iOS/SecureClient/SecureClient/AJNSecureObject.mm102
-rw-r--r--alljoyn_objc/samples/iOS/SecureClient/SecureClient/AppDelegate.m4
-rw-r--r--alljoyn_objc/samples/iOS/SecureClient/SecureClient/AuthenticationTableViewController.m10
-rw-r--r--alljoyn_objc/samples/iOS/SecureClient/SecureClient/ViewController.m14
-rw-r--r--alljoyn_objc/samples/iOS/SecureService/SecureService.xcodeproj/project.pbxproj314
-rw-r--r--alljoyn_objc/samples/iOS/SecureService/SecureService/AppDelegate.m4
-rw-r--r--alljoyn_objc/samples/iOS/SecureService/SecureService/AuthenticationTableViewController.m10
-rw-r--r--alljoyn_objc/samples/iOS/SecureService/SecureService/ViewController.m14
-rw-r--r--alljoyn_objc/samples/iOS/Swift/BasicClient/BasicClient-Bridging-Header.h38
-rw-r--r--alljoyn_objc/samples/iOS/Swift/BasicClient/BasicClient.xcodeproj/project.pbxproj383
-rw-r--r--alljoyn_objc/samples/iOS/Swift/BasicClient/BasicClient.xcodeproj/project.xcworkspace/contents.xcworkspacedata (renamed from alljoyn_objc/AllJoynFramework_iOS/AllJoynFramework_iOS.xcodeproj/project.xcworkspace/contents.xcworkspacedata)2
-rw-r--r--alljoyn_objc/samples/iOS/Swift/BasicClient/BasicClient/AJNBasicObject.h119
-rw-r--r--alljoyn_objc/samples/iOS/Swift/BasicClient/BasicClient/AJNBasicObject.mm289
-rw-r--r--alljoyn_objc/samples/iOS/Swift/BasicClient/BasicClient/AppDelegate.swift69
-rw-r--r--alljoyn_objc/samples/iOS/Swift/BasicClient/BasicClient/Assets.xcassets/AppIcon.appiconset/Contents.json93
-rw-r--r--alljoyn_objc/samples/iOS/Swift/BasicClient/BasicClient/Base.lproj/LaunchScreen.storyboard31
-rw-r--r--alljoyn_objc/samples/iOS/Swift/BasicClient/BasicClient/Base.lproj/Main.storyboard59
-rw-r--r--alljoyn_objc/samples/iOS/Swift/BasicClient/BasicClient/BasicClient.swift289
-rw-r--r--alljoyn_objc/samples/iOS/Swift/BasicClient/BasicClient/Info.plist47
-rw-r--r--alljoyn_objc/samples/iOS/Swift/BasicClient/BasicClient/ViewController.swift68
-rw-r--r--alljoyn_objc/samples/iOS/Swift/BasicService/BasicService-Bridging-Header.h37
-rw-r--r--alljoyn_objc/samples/iOS/Swift/BasicService/BasicService.xcodeproj/project.pbxproj374
-rw-r--r--alljoyn_objc/samples/iOS/Swift/BasicService/BasicService.xcodeproj/project.xcworkspace/contents.xcworkspacedata7
-rw-r--r--alljoyn_objc/samples/iOS/Swift/BasicService/BasicService/AJNBasicObject.h119
-rw-r--r--alljoyn_objc/samples/iOS/Swift/BasicService/BasicService/AJNBasicObject.mm289
-rw-r--r--alljoyn_objc/samples/iOS/Swift/BasicService/BasicService/AppDelegate.swift69
-rw-r--r--alljoyn_objc/samples/iOS/Swift/BasicService/BasicService/Assets.xcassets/AppIcon.appiconset/Contents.json68
-rw-r--r--alljoyn_objc/samples/iOS/Swift/BasicService/BasicService/Base.lproj/LaunchScreen.storyboard31
-rw-r--r--alljoyn_objc/samples/iOS/Swift/BasicService/BasicService/Base.lproj/Main.storyboard57
-rw-r--r--alljoyn_objc/samples/iOS/Swift/BasicService/BasicService/BasicObject.h49
-rw-r--r--alljoyn_objc/samples/iOS/Swift/BasicService/BasicService/BasicObject.m53
-rw-r--r--alljoyn_objc/samples/iOS/Swift/BasicService/BasicService/BasicService.swift261
-rw-r--r--alljoyn_objc/samples/iOS/Swift/BasicService/BasicService/Info.plist45
-rw-r--r--alljoyn_objc/samples/iOS/Swift/BasicService/BasicService/ViewController.swift83
-rw-r--r--alljoyn_objc/samples/iOS/secure/DoorConsumer/DoorConsumer.xcodeproj/project.pbxproj339
-rw-r--r--alljoyn_objc/samples/iOS/secure/DoorProvider/DoorProvider.xcodeproj/project.pbxproj362
-rw-r--r--build_core/SConscript26
-rw-r--r--build_core/conf/darwin/SConscript12
-rw-r--r--build_core/conf/iOS/SConscript195
-rw-r--r--build_core/conf/linux/SConscript20
-rw-r--r--build_core/tools/scons/jsstatus.py1
-rw-r--r--common/crypto/builtin/CryptoAES.cc23
-rw-r--r--common/crypto/cng/CryptoAES.cc20
-rw-r--r--common/crypto/commoncrypto/CommonCrypto.cc48
-rw-r--r--common/crypto/commoncrypto/CommonCrypto.h47
-rw-r--r--common/crypto/commoncrypto/CryptoAES.cc507
-rw-r--r--common/crypto/commoncrypto/CryptoHash.cc216
-rw-r--r--common/crypto/commoncrypto/CryptoRand.cc56
-rw-r--r--common/crypto/openssl/CryptoAES.cc408
-rw-r--r--common/crypto/openssl/CryptoHash.cc241
-rw-r--r--common/crypto/openssl/OpenSsl.cc42
-rw-r--r--common/inc/qcc/CertificateECC.h2
-rw-r--r--common/inc/qcc/CngCache.h2
-rw-r--r--common/inc/qcc/Crypto.h20
-rw-r--r--common/inc/qcc/STLContainer.h1
-rw-r--r--common/inc/qcc/XmlElement.h1
-rw-r--r--common/os/posix/OSLogger.cc2
-rw-r--r--common/os/posix/atomic.cc1
-rw-r--r--common/os/windows/OSLogger.cc2
-rw-r--r--[-rwxr-xr-x]common/os/windows/Thread.cc0
-rw-r--r--common/src/ASN1.cc165
-rw-r--r--common/src/IPAddress.cc2
-rw-r--r--common/src/Status.xml6
-rw-r--r--common/unit_test/SConscript6
-rw-r--r--services/about/cpp/SConscript4
-rw-r--r--services/about/cpp/unit_test/SConscript14
369 files changed, 18824 insertions, 16545 deletions
diff --git a/.gitignore b/.gitignore
index 6a1ffac..6755890 100644
--- a/.gitignore
+++ b/.gitignore
@@ -10,3 +10,4 @@ alljoyn_java/cscope.out
alljoyn_java/sconsoutput
alljoyn_java/tags
alljoyn_java.h
+.DS_Store
diff --git a/alljoyn_c/inc/alljoyn_c/InterfaceDescription.h b/alljoyn_c/inc/alljoyn_c/InterfaceDescription.h
index 51db041..be1a0e0 100644
--- a/alljoyn_c/inc/alljoyn_c/InterfaceDescription.h
+++ b/alljoyn_c/inc/alljoyn_c/InterfaceDescription.h
@@ -648,8 +648,9 @@ extern AJ_API alljoyn_interfacedescription_securitypolicy AJ_CALL alljoyn_interf
* @param[in] iface Interface on which to set the description language.
* @param[in] language The language tag.
*/
-QCC_DEPRECATED_ON(
+QCC_DEPRECATED_MSG(
extern AJ_API void AJ_CALL alljoyn_interfacedescription_setdescriptionlanguage(alljoyn_interfacedescription iface, const char* language),
+ "Please use alljoyn_interfacedescription_setdescriptionforlanguage() instead.",
16.10);
/**
@@ -673,8 +674,9 @@ QCC_DEPRECATED_ON(
* @return The number of languages returned or the total number of
* language tags if languages is NULL.
*/
-QCC_DEPRECATED_ON(
+QCC_DEPRECATED_MSG(
extern AJ_API size_t AJ_CALL alljoyn_interfacedescription_getdescriptionlanguages(const alljoyn_interfacedescription iface, const char** languages, size_t size),
+ "Please use alljoyn_interfacedescription_getdescriptionlanguages2() instead.",
16.10);
/**
@@ -713,8 +715,9 @@ extern AJ_API size_t AJ_CALL alljoyn_interfacedescription_getdescriptionlanguage
* @param[in] iface Interface on which to set the description.
* @param[in] description The interface description. Call alljoyn_interfacedescription_setdescriptionlanguage() to specify description language.
*/
-QCC_DEPRECATED_ON(
+QCC_DEPRECATED_MSG(
extern AJ_API void AJ_CALL alljoyn_interfacedescription_setdescription(alljoyn_interfacedescription iface, const char* description),
+ "Please use alljoyn_interfacedescription_setdescriptionforlanguage() instead.",
16.10);
/**
@@ -779,8 +782,9 @@ extern AJ_API size_t AJ_CALL alljoyn_interfacedescription_getdescriptionforlangu
* - #ER_BUS_INTERFACE_ACTIVATED If the interface has already been activated.
* - #ER_BUS_INTERFACE_NO_SUCH_MEMBER If the member was not found.
*/
-QCC_DEPRECATED_ON(
+QCC_DEPRECATED_MSG(
extern AJ_API QStatus AJ_CALL alljoyn_interfacedescription_setmemberdescription(alljoyn_interfacedescription iface, const char* member, const char* description),
+ "Please use alljoyn_interfacedescription_setmemberdescriptionforlanguage() instead.",
16.10);
/**
@@ -852,8 +856,9 @@ extern AJ_API size_t AJ_CALL alljoyn_interfacedescription_getmemberdescriptionfo
* - #ER_BUS_INTERFACE_ACTIVATED If the interface has already been activated.
* - #ER_BUS_INTERFACE_NO_SUCH_MEMBER If the member was not found.
*/
-QCC_DEPRECATED_ON(
+QCC_DEPRECATED_MSG(
extern AJ_API QStatus AJ_CALL alljoyn_interfacedescription_setargdescription(alljoyn_interfacedescription iface, const char* member, const char* argName, const char* description),
+ "Please use alljoyn_interfacedescription_setargdescriptionforlanguage() instead.",
16.10);
/**
@@ -926,8 +931,9 @@ extern AJ_API size_t AJ_CALL alljoyn_interfacedescription_getargdescriptionforla
* - #ER_BUS_INTERFACE_ACTIVATED If the interface has already been activated.
* - #ER_BUS_NO_SUCH_PROPERTY If the property was not found.
*/
-QCC_DEPRECATED_ON(
+QCC_DEPRECATED_MSG(
extern AJ_API QStatus AJ_CALL alljoyn_interfacedescription_setpropertydescription(alljoyn_interfacedescription iface, const char* name, const char* description),
+ "Please use alljoyn_interfacedescription_setpropertydescriptionforlanguage() instead.",
16.10);
/**
@@ -992,8 +998,9 @@ extern AJ_API size_t AJ_CALL alljoyn_interfacedescription_getpropertydescription
* @param[in] iface Interface on which to set description translation callback.
* @param[in] translationCallback The translation callback instance.
*/
-QCC_DEPRECATED_ON(
+QCC_DEPRECATED_MSG(
extern AJ_API void AJ_CALL alljoyn_interfacedescription_setdescriptiontranslationcallback(alljoyn_interfacedescription iface, alljoyn_interfacedescription_translation_callback_ptr translationCallback),
+ "Please use language-aware accessors instead.",
16.10);
/**
@@ -1007,8 +1014,9 @@ QCC_DEPRECATED_ON(
*
* @return The translation callback instance.
*/
-QCC_DEPRECATED_ON(
+QCC_DEPRECATED_MSG(
extern AJ_API alljoyn_interfacedescription_translation_callback_ptr AJ_CALL alljoyn_interfacedescription_getdescriptiontranslationcallback(const alljoyn_interfacedescription iface),
+ "Please use language-aware accessors instead.",
16.10);
/**
diff --git a/alljoyn_c/inc/alljoyn_c/PermissionConfigurator.h b/alljoyn_c/inc/alljoyn_c/PermissionConfigurator.h
index c6a4846..1ec956f 100644
--- a/alljoyn_c/inc/alljoyn_c/PermissionConfigurator.h
+++ b/alljoyn_c/inc/alljoyn_c/PermissionConfigurator.h
@@ -111,6 +111,23 @@ typedef struct {
} alljoyn_manifestarray;
/**
+ * Struct used to return an array of certificates.
+ */
+typedef struct {
+ size_t count; /**< The number of elements in the certificate array. */
+ AJ_PSTR* certificates; /**< An array of strings, each containing a certificate */
+} alljoyn_certificatearray;
+
+/**
+ * Struct used to return an array of certificate chains.
+ */
+typedef struct {
+ size_t count; /**< The number of elements in the certificate chain array. */
+ alljoyn_certificatearray* chains; /**< An array of alljoyn_certificatearray */
+} alljoyn_certificatechainarray;
+
+
+/**
* Retrieves the current application state.
*
* @param[in] configurator The queried alljoyn_permissionconfigurator.
@@ -157,6 +174,21 @@ AJ_API QStatus AJ_CALL alljoyn_permissionconfigurator_getpublickey(alljoyn_permi
AJ_API void AJ_CALL alljoyn_permissionconfigurator_publickey_destroy(AJ_PSTR publicKey);
/**
+ * Get the connected peer's public key.
+ *
+ * @param[in] configurator The queried alljoyn_permissionconfigurator.
+ * @param[in] groupId Byte array representing the peer's group GUID in HEX format
+ * @param[out] publicKey Pointer to receive the null-terminated C string with the PEM-encoded representation
+ * of the application's public key. On success, this string must be freed with a call
+ * to alljoyn_permissionconfigurator_publickey_destroy.
+ *
+ * @return
+ * #ER_OK if successful.
+ * Other error status codes indicating a failure.
+ */
+AJ_API QStatus AJ_CALL alljoyn_permissionconfigurator_getconnectedpeerpublickey(alljoyn_permissionconfigurator configurator, const uint8_t* groupId, AJ_PSTR* publicKey);
+
+/**
* Get the application's manifest template as XML.
*
* @param[in] configurator The queried alljoyn_permissionconfigurator.
@@ -179,14 +211,22 @@ AJ_API QStatus AJ_CALL alljoyn_permissionconfigurator_getmanifesttemplate(alljoy
AJ_API void AJ_CALL alljoyn_permissionconfigurator_manifesttemplate_destroy(AJ_PSTR manifestTemplateXml);
/**
+ * Destroy a string received from a call to alljoyn_permissionconfigurator_signmanifest
+ *
+ * @param[in] manifestXml String received from the call.
+ *
+ */
+AJ_API void AJ_CALL alljoyn_permissionconfigurator_manifest_destroy(AJ_PSTR manifestXml);
+
+/**
* Set the application's manifest template from an XML.
*
* @param[in] configurator The queried alljoyn_permissionconfigurator.
* @param[in] manifestTemplateXml String containing the XML version of the manifest template.
*
* @return
- * #ER_OK if successful.
- * #ER_XML_MALFORMED if the XML is not in a valid manifest template format.
+ * #ER_OK If successful.
+ * #ER_XML_MALFORMED If the XML is not in a valid manifest template format.
* Other error status codes indicating a failure.
*/
AJ_API QStatus AJ_CALL alljoyn_permissionconfigurator_setmanifesttemplatefromxml(alljoyn_permissionconfigurator configurator, AJ_PCSTR manifestTemplateXml);
@@ -384,6 +424,13 @@ AJ_API QStatus AJ_CALL alljoyn_permissionconfigurator_getmanifests(alljoyn_permi
AJ_API void AJ_CALL alljoyn_permissionconfigurator_manifestarray_cleanup(alljoyn_manifestarray* manifestArray);
/**
+ * This method deallocates an array of strings containing certificates
+ *
+ * @param[in] certChainArray Pointer to alljoyn_certificatechainarray populated by a call to getmembershipcertficates API
+ */
+AJ_API void AJ_CALL alljoyn_permissionconfigurator_certificatechainarray_cleanup(alljoyn_certificatechainarray* certChainArray);
+
+/**
* This method allows the application to install signed manifests to itself. This method only verifies that manifests
* have a signature; it does not verify that the signature is valid.
*
@@ -578,7 +625,7 @@ AJ_API QStatus AJ_CALL alljoyn_permissionconfigurator_removemembership(alljoyn_p
*
* @return
* - #ER_OK If successful.
- * - #ER_MANAGEMENT_ALREADY_STARTED if the app is already in this state
+ * - #ER_MANAGEMENT_ALREADY_STARTED If the app is already in this state
*/
AJ_API QStatus AJ_CALL alljoyn_permissionconfigurator_startmanagement(alljoyn_permissionconfigurator configurator);
@@ -589,10 +636,45 @@ AJ_API QStatus AJ_CALL alljoyn_permissionconfigurator_startmanagement(alljoyn_pe
*
* @return
* - #ER_OK If successful.
- * - #ER_MANAGEMENT_NOT_STARTED if the app was not in the management state
+ * - #ER_MANAGEMENT_NOT_STARTED If the app was not in the management state
*/
AJ_API QStatus AJ_CALL alljoyn_permissionconfigurator_endmanagement(alljoyn_permissionconfigurator configurator);
+/**
+ * This method sign a certificate using the signing key for this bus attachment corresponding to the provided permission configurator.
+ *
+ * @param[in] configurator The alljoyn_permissionconfigurator for the application's bus attachment.
+ * @param[in] unsignedCertificate Null-terminated C string representing an unsigned X509 certificate in PEM encoding.
+ * @param[out] signedCertificate Pointer to null-terminated C string representing the signed X509 certificate in PEM encoding.
+ * This string must be freed by the caller with alljoyn_permissionconfigurator_certificatechain_destroy.
+ * @return
+ * - #ER_OK If successful.
+ * - #ER_MANAGEMENT_NOT_STARTED If the app was not in the management state
+ */
+AJ_API QStatus AJ_CALL alljoyn_permissionconfigurator_signcertificate(alljoyn_permissionconfigurator configurator,
+ AJ_PCSTR unsignedCertificate,
+ AJ_PSTR* signedCertificate);
+
+
+
+/**
+ * This method adds an identity certificate thumbprint to and signs the manifest XML.
+ *
+ * @param[in] configurator The alljoyn_permissionconfigurator for the application's bus attachment.
+ * @param[in] subjectCertificate Null-terminated C string representing a X509 certificate in PEM encoding to be used to sign the manifest.
+ * @param[in] unsignedManifestXml Null-terminated C string representing manifest XML to be signed.
+ * @param[in] signedManifestXml pointer to Null-terminated C string representing the signed manifest XML. On success, this string must be
+ * freed by caller using alljoyn_permissionconfigurator_manifest_destroy.
+ *
+ * @return
+ * - #ER_OK If successful.
+ * - #ER_MANAGEMENT_NOT_STARTED If the app was not in the management state.
+ */
+AJ_API QStatus AJ_CALL alljoyn_permissionconfigurator_signmanifest(alljoyn_permissionconfigurator configurator,
+ AJ_PCSTR subjectCertificate,
+ AJ_PCSTR unsignedManifestXml,
+ AJ_PSTR* signedManifestXml);
+
#ifdef __cplusplus
} /* extern "C" */
#endif
diff --git a/alljoyn_c/inc/alljoyn_c/SecurityApplicationProxy.h b/alljoyn_c/inc/alljoyn_c/SecurityApplicationProxy.h
index 555bf33..a012a3f 100644
--- a/alljoyn_c/inc/alljoyn_c/SecurityApplicationProxy.h
+++ b/alljoyn_c/inc/alljoyn_c/SecurityApplicationProxy.h
@@ -38,6 +38,7 @@
#include <alljoyn_c/PermissionConfigurator.h>
#include <alljoyn_c/BusAttachment.h>
#include <alljoyn_c/Session.h>
+#include <qcc/KeyInfoECC.h>
#ifdef __cplusplus
extern "C" {
@@ -117,12 +118,58 @@ AJ_API QStatus AJ_CALL alljoyn_securityapplicationproxy_claim(alljoyn_securityap
AJ_PCSTR* manifestsXmls, size_t manifestsCount);
/**
+ * This method allows the admin to retrieve the claimable application version from an application.
+ *
+ * @param[in] proxy The alljoyn_securityapplicationproxy connected to the managed application.
+ * @param[out] version The claimable application version.
+ *
+ * @return
+ * - #ER_OK If successful.
+ * - An error status indicating failure.
+ */
+AJ_API QStatus alljoyn_securityapplicationproxy_getclaimableapplicationversion(alljoyn_securityapplicationproxy proxy, uint16_t* version);
+
+/**
+ * This method allows the admin to retrieve the managed application version from an application.
+ *
+ * @param[in] proxy The alljoyn_securityapplicationproxy connected to the managed application.
+ * @param[out] version The managed application version
+ *
+ * @return
+ * - #ER_OK If successful.
+ * - An error status indicating failure.
+ */
+AJ_API QStatus alljoyn_securityapplicationproxy_getmanagedapplicationversion(alljoyn_securityapplicationproxy proxy, uint16_t* version);
+
+/**
+ * Retrieves the manifest in XML form from the application.
+ *
+ * @param[in] proxy The alljoyn_securityapplicationproxy connected to the managed application.
+ * @param[out] manifestArray The struct object contains the count and a null-terminated array of manifest strings
+ * The object is managed by the caller and must be later destroyed by calling
+ * alljoyn_securityapplicationproxy_manifestarray_cleanup API.
+ *
+ * @return
+ * - #ER_OK If successful.
+ * - Other error status codes indicating a failure.
+ */
+AJ_API QStatus AJ_CALL alljoyn_securityapplicationproxy_getmanifests(alljoyn_securityapplicationproxy proxy, alljoyn_manifestarray* manifestArray);
+
+/**
+ * This method deallocates an array of strings containing manifests returned by alljoyn_securityapplicationproxy_getmanifests.
+ *
+ * @param[in] manifestArray Pointer to alljoyn_manifestarray populated by a call to
+ * alljoyn_securityapplicationproxy_getmanifests.
+ */
+AJ_API void AJ_CALL alljoyn_securityapplicationproxy_manifestarray_cleanup(alljoyn_manifestarray* manifestArray);
+
+/**
* Retrieves the manifest template in XML form from the application.
*
* @param[in] proxy The alljoyn_securityapplicationproxy connected to the managed application.
- * @param[out] manifestTemplateXml A null-terminated C string with the manifest template in XML format.
- * The string is managed by the caller and must be later destroyed
- * using alljoyn_securityapplicationproxy_manifesttemplate_destroy.
+ * @param[out] manifestTemplateXml A pointer to null-terminated manifest template XML string.
+ * The string is managed by the caller and must be later destroyed by calling
+ * alljoyn_securityapplicationproxy_manifesttemplate_destroy API.
*
* @return
* - #ER_OK If successful.
@@ -131,6 +178,22 @@ AJ_API QStatus AJ_CALL alljoyn_securityapplicationproxy_claim(alljoyn_securityap
AJ_API QStatus AJ_CALL alljoyn_securityapplicationproxy_getmanifesttemplate(alljoyn_securityapplicationproxy proxy, AJ_PSTR* manifestTemplateXml);
/**
+ * Retrieves the manifest template digest from the application.
+ *
+ * @param[in] proxy The alljoyn_securityapplicationproxy connected to the managed application.
+ * @param[out] digest A byte array containing the digest, this array is allocated by the caller, and will be filled by this
+ * function with the digest. This array is managed by the caller and must be later destroyed using
+ * alljoyn_securityapplicationproxy_digest_destroy.
+ *
+ * @param[in] expectedSize Expected size of the digest array.
+ *
+ * @return
+ * - #ER_OK If successful.
+ * - Other error status codes indicating a failure.
+ */
+AJ_API QStatus AJ_CALL alljoyn_securityapplicationproxy_getmanifesttemplatedigest(alljoyn_securityapplicationproxy proxy, uint8_t* digest, size_t expectedSize);
+
+/**
* Frees the memory allocated for the manifest template inside alljoyn_securityapplicationproxy_get_manifest_template.
*
* @param[in] manifestTemplateXml Manifest string created using alljoyn_securityapplicationproxy_getmanifesttemplate.
@@ -138,6 +201,25 @@ AJ_API QStatus AJ_CALL alljoyn_securityapplicationproxy_getmanifesttemplate(allj
AJ_API void AJ_CALL alljoyn_securityapplicationproxy_manifesttemplate_destroy(AJ_PSTR manifestTemplateXml);
/**
+ * Frees the memory allocated for alljoyn_securityapplicationproxy_signmanifest.
+ *
+ * @param[in] manifestXml Manifest string created using get or sign manifest functions.
+ */
+AJ_API void AJ_CALL alljoyn_securityapplicationproxy_manifest_destroy(AJ_PSTR manifestXml);
+
+/**
+ * This method allows the admin to retrieve the active security application version from an application.
+ *
+ * @param[in] proxy The alljoyn_securityapplicationproxy connected to the managed application.
+ * @param[out] version The active security application version
+ *
+ * @return
+ * - #ER_OK If successful.
+ * - An error status indicating failure.
+ */
+AJ_API QStatus alljoyn_securityapplicationproxy_getsecurityapplicationversion(alljoyn_securityapplicationproxy proxy, uint16_t* version);
+
+/**
* Representation of the current state of the application.
* @see alljoyn_applicationstate in PermissionConfigurator.h for available values.
*
@@ -179,11 +261,23 @@ AJ_API QStatus AJ_CALL alljoyn_securityapplicationproxy_getclaimcapabilities(all
AJ_API QStatus AJ_CALL alljoyn_securityapplicationproxy_getclaimcapabilitiesadditionalinfo(alljoyn_securityapplicationproxy proxy, alljoyn_claimcapabilitiesadditionalinfo* additionalInfo);
/**
+ * This method allows the admin to retrieve the active policy version from an application.
+ *
+ * @param[in] proxy The alljoyn_securityapplicationproxy connected to the managed application.
+ * @param[out] version The active policy version which is the policy's serial number
+ *
+ * @return
+ * - #ER_OK If successful.
+ * - An error status indicating failure.
+ */
+AJ_API QStatus AJ_CALL alljoyn_securityapplicationproxy_getpolicyversion(alljoyn_securityapplicationproxy proxy, uint32_t* version);
+
+/**
* This method allows the admin to retrieve the active policy from an application.
*
- * @param[in] proxy The alljoyn_securityapplicationproxy connected to the managed application.
- * @param[out] policyXml The active policy in XML format. This string must be freed using
- * alljoyn_securityapplicationproxy_policy_destroy.
+ * @param[in] proxy The alljoyn_securityapplicationproxy connected to the managed application.
+ * @param[out] policyXml The active policy in XML format. This string must be freed using
+ * alljoyn_securityapplicationproxy_policy_destroy.
* @return
* - #ER_OK If successful.
* - An error status indicating failure.
@@ -276,7 +370,7 @@ AJ_API QStatus AJ_CALL alljoyn_securityapplicationproxy_updateidentity(alljoyn_s
AJ_PCSTR* manifestsXmls, size_t manifestsCount);
/**
- * This method allows the admin to install a membership cert chain to the
+ * This method allows the admin to install a membership certificate chain to the
* application.
*
* @param[in] proxy The alljoyn_securityapplicationproxy connected to the managed application.
@@ -295,6 +389,70 @@ AJ_API QStatus AJ_CALL alljoyn_securityapplicationproxy_updateidentity(alljoyn_s
AJ_API QStatus AJ_CALL alljoyn_securityapplicationproxy_installmembership(alljoyn_securityapplicationproxy proxy, AJ_PCSTR membershipCertificateChain);
/**
+ * This method allows the admin to remove a membership certificate chain from the
+ * application.
+ *
+ * @param[in] proxy The alljoyn_securityapplicationproxy connected to the managed application.
+ * @param[in] serial Certificate's serial number.
+ * @param[in] serialLen Certificate's serial number length.
+ * @param[in] pubKey Null-terminated C String representing the public key of the certificate to be removed in PEM format
+ * @param[in] issuerAki Certificate issuer's AKI.
+ * @param[in] issuerAkiLen Certificate issuer's AKI length.
+ *
+ * @return
+ * - #ER_OK if successful
+ * - #ER_PERMISSION_DENIED Error raised when the caller does not have permission
+ * - #ER_CERTIFICATE_NOT_FOUND Error raised when the certificate is not found
+ * - An error status indicating failure.
+ */
+AJ_API QStatus AJ_CALL alljoyn_securityapplicationproxy_removemembership(alljoyn_securityapplicationproxy proxy,
+ const uint8_t* serial,
+ size_t serialLen,
+ AJ_PCSTR pubKey,
+ const uint8_t* issuerAki,
+ size_t issuerAkiLen);
+
+/**
+ * Get the summaries for installed memberships
+ *
+ * @param[in] proxy The alljoyn_securityapplicationproxy connected to the managed application.
+ * @param[out] certificateIds The object containing the size and an array of alljoyn_certificateid. This array is allocated by the caller and must be later
+ * destroyed by calling alljoyn_securityapplicationproxy_certificateidarray_cleanup API.
+ *
+ * @return
+ * - #ER_OK if successful
+ * - An error status indicating failure
+ */
+AJ_API QStatus AJ_CALL alljoyn_securityapplicationproxy_getmembershipsummaries(alljoyn_securityapplicationproxy proxy, alljoyn_certificateidarray* certificateIds);
+
+/**
+ * Get installed membership certificates
+ *
+ * @param[in] proxy The alljoyn_securityapplicationproxy connected to the managed application.
+ * @param[out] certChainArray Pointer to the object representing certificate chains collection. This object is populated by this function
+ * and must be later destroyed by calling alljoyn_securityapplicationproxy_certificatechainarray_cleanup API.
+ *
+ * @return
+ * - #ER_OK if successful
+ * - An error status indicating failure
+ */
+AJ_API QStatus AJ_CALL alljoyn_securityapplicationproxy_getmembershipcertificates(alljoyn_securityapplicationproxy proxy, alljoyn_certificatechainarray* certChainArray);
+
+/**
+ * This method deallocates the object filled by alljoyn_securityapplicationproxy_getmembershipsummaries
+ *
+ * @param[in] certificateIds Pointer to alljoyn_certificateidarray populated by a call by alljoyn_securityapplicationproxy_getmembershipsummaries.
+ */
+AJ_API void AJ_CALL alljoyn_securityapplicationproxy_certificateidarray_cleanup(alljoyn_certificateidarray* certificateIds);
+
+/**
+ * This method deallocates the object filled by alljoyn_securityapplicationproxy_getmembershipcertificates
+ *
+ * @param[in] certChainArray Pointer to alljoyn_certificatechainarray populated by a call by alljoyn_securityapplicationproxy_getmembershipcertificates.
+ */
+AJ_API void AJ_CALL alljoyn_securityapplicationproxy_certificatechainarray_cleanup(alljoyn_certificatechainarray* certChainArray);
+
+/**
* This method allows an admin to reset the application to its original state
* prior to claim. The application's security 2.0 related configuration is
* discarded. The application is no longer claimed, but this is not a complete factory reset.
@@ -354,6 +512,28 @@ AJ_API QStatus AJ_CALL alljoyn_securityapplicationproxy_startmanagement(alljoyn_
AJ_API QStatus AJ_CALL alljoyn_securityapplicationproxy_endmanagement(alljoyn_securityapplicationproxy proxy);
/**
+ * Retrieves manufacturer certificate chain.
+ *
+ * @param[in] proxy The alljoyn_securityapplicationproxy connected to the managed application.
+ * @param[out] manufacturerCertificateChain Null-terminated C string representing PEM-encoded manufacturer certificate chain.
+ * The string is managed by the caller and must be later destroyed using
+ * alljoyn_securityapplicationproxy_manifest_destroy.
+ *
+ * @return
+ * - #ER_OK If successful.
+ * - #ER_CERTIFICATE_NOT_FOUND Error raised when no identity certificate chain is installed.
+ * - An error status indicating failure.
+ */
+QStatus AJ_CALL alljoyn_securityapplicationproxy_getmanufacturercerticate(alljoyn_securityapplicationproxy proxy, AJ_PSTR* manufacturerCertificateChain);
+
+/**
+ * This method deallocates a string of PEM-encoded certificates returned by alljoyn_permissionconfigurator_getidentity.
+ *
+ * @param[in] certificateChain String returned by a call to alljoyn_permissionconfigurator_getidentity.
+ */
+AJ_API void AJ_CALL alljoyn_securityapplicationproxy_certificatechain_destroy(AJ_PSTR certificateChain);
+
+/**
* Retrieves (in PEM format) the public ECC key used by the managed application.
*
* @param[in] proxy The alljoyn_securityapplicationproxy connected to the managed application.
@@ -404,6 +584,23 @@ AJ_API QStatus AJ_CALL alljoyn_securityapplicationproxy_signmanifest(AJ_PCSTR un
AJ_API void AJ_CALL alljoyn_securityapplicationproxy_manifest_destroy(AJ_PSTR signedManifestXml);
/**
+ * Install signed manifests to the application to which the proxy is connected by adding the manifests to the already-installed manifests
+ * present on the app. This method only verifies that manifests have a signature; it does not verify that the signature is valid.
+ *
+ * @param[in] proxy The alljoyn_securityapplicationproxy for the application's bus attachment.
+ * @param[in] manifestsXmls Array of null-terminated C strings, each of which is a signed manifest in XML format.
+ * @param[in] manifestsCount The number of elements in the manifests array.
+ *
+ * @return
+ * - #ER_OK If successful.
+ * - #ER_DIGEST_MISMATCH Error raised if no manifests can be installed because none are signed.
+ * - An error status indicating failure.
+ */
+AJ_API QStatus AJ_CALL alljoyn_securityapplicationproxy_installmanifests(alljoyn_securityapplicationproxy proxy,
+ AJ_PCSTR* manifestsXmls,
+ size_t manifestsCount);
+
+/**
* Adds an identity certificate thumbprint and retrieves the digest of the manifest XML for signing.
*
* @param[in] unsignedManifestXml The unsigned manifest in XML format. The XML schema can be found
@@ -458,6 +655,24 @@ AJ_API QStatus AJ_CALL alljoyn_securityapplicationproxy_setmanifestsignature(AJ_
size_t signatureSize,
AJ_PSTR* signedManifestXml);
+/**
+ * Retrieves identity certificate chain.
+ *
+ * @param[in] proxy The alljoyn_securityapplicationproxy for the application's bus attachment.
+ * @param[out] identityCertificateChain Null-terminated C string representing PEM-encoded identity certificate chain
+ * with the application's certificate being the leaf. The leaf is listed first
+ * followed by each intermediate Certificate Authority's certificate, ending in
+ * the trusted root's certificate. This string must be freed with
+ * alljoyn_securityapplicationproxy_certificatechain_destroy.
+ * @param[out] size a pointer to the size of the certificate Chain.
+ *
+ * @return
+ * - #ER_OK If successful.
+ * - #ER_CERTIFICATE_NOT_FOUND Error raised when no identity certificate chain is installed.
+ * - An error status indicating failure.
+ */
+AJ_API QStatus AJ_CALL alljoyn_securityapplicationproxy_getidentity(alljoyn_securityapplicationproxy proxy, AJ_PSTR* identityCertificateChain, size_t* size);
+
#ifdef __cplusplus
} /* extern "C" */
#endif
diff --git a/alljoyn_c/samples/basic/basic_c_service.c b/alljoyn_c/samples/basic/basic_c_service.c
index deecd8c..f99aebc 100644
--- a/alljoyn_c/samples/basic/basic_c_service.c
+++ b/alljoyn_c/samples/basic/basic_c_service.c
@@ -37,6 +37,7 @@
* TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
******************************************************************************/
+
#ifndef _WIN32
#define _DEFAULT_SOURCE /* usleep, glibc >=2.20 */
#define _BSD_SOURCE /* usleep */
diff --git a/alljoyn_c/src/InterfaceDescription.cc b/alljoyn_c/src/InterfaceDescription.cc
index 45f1244..3146ef4 100644
--- a/alljoyn_c/src/InterfaceDescription.cc
+++ b/alljoyn_c/src/InterfaceDescription.cc
@@ -38,6 +38,7 @@
#include <alljoyn_c/InterfaceDescription.h>
#include <alljoyn_c/Status.h>
#include <qcc/Debug.h>
+#include <qcc/Mutex.h>
#include <vector>
#define QCC_MODULE "ALLJOYN_C"
@@ -60,7 +61,9 @@ class TranslatorC : public Translator {
}
virtual QStatus AddTargetLanguage(const char* language, bool* added = NULL) {
+ targetLanguagesLock.Lock(MUTEX_CONTEXT);
bool addStatus = targetLanguages.insert(language).second;
+ targetLanguagesLock.Unlock(MUTEX_CONTEXT);
if (added != NULL) {
*added = addStatus;
}
@@ -73,12 +76,14 @@ class TranslatorC : public Translator {
}
size_t count = 0u;
+ targetLanguagesLock.Lock(MUTEX_CONTEXT);
for (std::set<qcc::String>::const_iterator itL = targetLanguages.begin();
(itL != targetLanguages.end()) && (count < size);
itL++) {
array[count] = itL->c_str();
count++;
}
+ targetLanguagesLock.Unlock(MUTEX_CONTEXT);
return count;
}
@@ -90,6 +95,7 @@ class TranslatorC : public Translator {
virtual void GetTargetLanguage(size_t index, qcc::String& ret)
{
+ targetLanguagesLock.Lock(MUTEX_CONTEXT);
if (index < targetLanguages.size()) {
std::set<qcc::String>::const_iterator itL = targetLanguages.begin();
std::advance(itL, index);
@@ -97,6 +103,7 @@ class TranslatorC : public Translator {
} else {
ret = "";
}
+ targetLanguagesLock.Unlock(MUTEX_CONTEXT);
}
virtual const char* Translate(const char* sourceLanguage, const char* targetLanguage, const char* source)
@@ -110,6 +117,7 @@ class TranslatorC : public Translator {
private:
// Std::set used to provide uniqueness and sorting of language tags.
std::set<qcc::String> targetLanguages;
+ qcc::Mutex targetLanguagesLock;
alljoyn_interfacedescription_translation_callback_ptr translation_callback_ptr;
};
diff --git a/alljoyn_c/src/PermissionConfigurator.cc b/alljoyn_c/src/PermissionConfigurator.cc
index 1f549bc..5443b39 100644
--- a/alljoyn_c/src/PermissionConfigurator.cc
+++ b/alljoyn_c/src/PermissionConfigurator.cc
@@ -108,6 +108,30 @@ void AJ_CALL alljoyn_permissionconfigurator_publickey_destroy(AJ_PSTR publicKey)
DestroyStringCopy(publicKey);
}
+QStatus AJ_CALL alljoyn_permissionconfigurator_getconnectedpeerpublickey(alljoyn_permissionconfigurator configurator, const uint8_t* groupId, AJ_PSTR* publicKey)
+{
+ QCC_DbgTrace(("%s", __FUNCTION__));
+
+ qcc::ECCPublicKey eccKey;
+ qcc::String eccKeyStr;
+ GUID128 gid;
+ gid.SetBytes(groupId);
+
+ QStatus status = ((PermissionConfigurator*)configurator)->GetConnectedPeerPublicKey(gid, &eccKey);
+ if (ER_OK != status) {
+ return status;
+ }
+
+ eccKeyStr = eccKey.ToString();
+ *publicKey = CreateStringCopy(static_cast<std::string>(eccKeyStr));
+
+ if (nullptr == *publicKey) {
+ return ER_OUT_OF_MEMORY;
+ }
+
+ return ER_OK;
+}
+
QStatus AJ_CALL alljoyn_permissionconfigurator_getmanifesttemplate(alljoyn_permissionconfigurator configurator, AJ_PSTR* manifestTemplateXml)
{
QCC_DbgTrace(("%s", __FUNCTION__));
@@ -134,6 +158,13 @@ void AJ_CALL alljoyn_permissionconfigurator_manifesttemplate_destroy(AJ_PSTR man
DestroyStringCopy(manifestTemplateXml);
}
+void AJ_CALL alljoyn_permissionconfigurator_manifest_destroy(AJ_PSTR manifestXml)
+{
+ QCC_DbgTrace(("%s", __FUNCTION__));
+
+ DestroyStringCopy(manifestXml);
+}
+
QStatus AJ_CALL alljoyn_permissionconfigurator_setmanifesttemplatefromxml(alljoyn_permissionconfigurator configurator, AJ_PCSTR manifestTemplateXml)
{
QCC_DbgTrace(("%s", __FUNCTION__));
@@ -364,6 +395,27 @@ void AJ_CALL alljoyn_permissionconfigurator_manifestarray_cleanup(alljoyn_manife
memset(manifestArray, 0, sizeof(*manifestArray));
}
+void AJ_CALL alljoyn_permissionconfigurator_certificatechainarray_cleanup(alljoyn_certificatechainarray* certChainArray)
+{
+ QCC_DbgTrace(("%s", __FUNCTION__));
+
+ QCC_ASSERT(nullptr != certChainArray);
+
+ for (size_t i = 0; i < certChainArray->count; ++i) {
+ for (size_t j = 0; j < certChainArray->chains[i].count; ++j) {
+ // Guard nullptr case instead of using QCC_ASSERT in case this function is called due to
+ // allocation failure for a particular chains[i].certificates
+ if (nullptr != certChainArray->chains[i].certificates) {
+ DestroyStringCopy(certChainArray->chains[i].certificates[j]);
+ }
+ }
+ delete[] certChainArray->chains[i].certificates;
+ }
+ delete[] certChainArray->chains;
+
+ memset(certChainArray, 0, sizeof(*certChainArray));
+}
+
QStatus AJ_CALL alljoyn_permissionconfigurator_installmanifests(alljoyn_permissionconfigurator configurator,
AJ_PCSTR* manifestsXmls,
size_t manifestsCount,
@@ -652,4 +704,69 @@ QStatus AJ_CALL alljoyn_permissionconfigurator_endmanagement(alljoyn_permissionc
QCC_DbgTrace(("%s", __FUNCTION__));
return ((PermissionConfigurator*)configurator)->EndManagement();
-} \ No newline at end of file
+}
+
+QStatus AJ_CALL alljoyn_permissionconfigurator_signcertificate(alljoyn_permissionconfigurator configurator, AJ_PCSTR unsignedCertificate, AJ_PSTR* signedCertificate)
+{
+ QCC_DbgTrace(("%s", __FUNCTION__));
+
+ QStatus status;
+ PermissionConfigurator* pc = (PermissionConfigurator*)configurator;
+ CertificateX509 cert;
+ qcc::String certificateStr(unsignedCertificate);
+
+ status = cert.LoadPEM(certificateStr);
+
+ if (ER_OK != status) {
+ return status;
+ }
+
+ status = pc->SignCertificate(cert);
+
+ if (ER_OK != status) {
+ return status;
+ }
+
+ certificateStr = cert.GetPEM();
+ *signedCertificate = CreateStringCopy(certificateStr);
+
+ if (nullptr == *signedCertificate) {
+ return ER_OUT_OF_MEMORY;
+ }
+
+ return status;
+}
+
+AJ_API QStatus AJ_CALL alljoyn_permissionconfigurator_signmanifest(alljoyn_permissionconfigurator configurator,
+ AJ_PCSTR subjectCertificate,
+ AJ_PCSTR unsignedManifestXml,
+ AJ_PSTR* signedManifestXml)
+{
+ QCC_DbgTrace(("%s", __FUNCTION__));
+
+ QStatus status;
+ PermissionConfigurator* pc = (PermissionConfigurator*)configurator;
+ CertificateX509 cert;
+ std::string input_str(unsignedManifestXml);
+ qcc::String certificate_str(subjectCertificate);
+
+ status = cert.LoadPEM(certificate_str);
+
+ if (ER_OK != status) {
+ return status;
+ }
+
+ status = pc->ComputeThumbprintAndSignManifestXml(cert, input_str);
+
+ if (ER_OK != status) {
+ return status;
+ }
+
+ *signedManifestXml = CreateStringCopy(input_str);
+
+ if (nullptr == *signedManifestXml) {
+ return ER_OUT_OF_MEMORY;
+ }
+
+ return status;
+}
diff --git a/alljoyn_c/src/SConscript b/alljoyn_c/src/SConscript
index 72f3eb1..7764e10 100644
--- a/alljoyn_c/src/SConscript
+++ b/alljoyn_c/src/SConscript
@@ -54,6 +54,11 @@ if env['OS_GROUP'] == 'windows':
liballjoyn_c_static = env.StaticLibrary('alljoyn_c_static', objs)
else:
liballjoyn_c_static = env.StaticLibrary('alljoyn_c', objs)
+
+#Add hardening flags for linux release build only.
+#The goal is to avoid any impact for these flags to our capability of debugging.
+if (env['OS'] == 'linux') and (env['VARIANT'] == 'release'):
+ env.Append(LINKFLAGS = ['-fPIC', '-Wl,-z,relro,-z,now'])
liballjoyn_c_shared = env.SharedLibrary('alljoyn_c', objs_shared)
Return('liballjoyn_c_static', 'liballjoyn_c_shared', 'objs_shared')
diff --git a/alljoyn_c/src/SecurityApplicationProxy.cc b/alljoyn_c/src/SecurityApplicationProxy.cc
index 99bd41b..e17f517 100644
--- a/alljoyn_c/src/SecurityApplicationProxy.cc
+++ b/alljoyn_c/src/SecurityApplicationProxy.cc
@@ -126,17 +126,90 @@ QStatus AJ_CALL alljoyn_securityapplicationproxy_claim(alljoyn_securityapplicati
return status;
}
+QStatus alljoyn_securityapplicationproxy_getclaimableapplicationversion(alljoyn_securityapplicationproxy proxy, uint16_t* version)
+{
+ QCC_DbgTrace(("%s", __FUNCTION__));
+ return ((SecurityApplicationProxy*)proxy)->GetClaimableApplicationVersion(*version);
+}
+
+QStatus alljoyn_securityapplicationproxy_getmanagedapplicationversion(alljoyn_securityapplicationproxy proxy, uint16_t* version)
+{
+ QCC_DbgTrace(("%s", __FUNCTION__));
+ return ((SecurityApplicationProxy*)proxy)->GetManagedApplicationVersion(*version);
+}
+
+QStatus AJ_CALL alljoyn_securityapplicationproxy_getmanifests(alljoyn_securityapplicationproxy proxy, alljoyn_manifestarray* manifestArray)
+{
+ QCC_DbgTrace(("%s", __FUNCTION__));
+
+ QStatus status;
+ vector<Manifest> manifests;
+
+ status = ((SecurityApplicationProxy*)proxy)->GetManifests(manifests);
+ if (ER_OK != status) {
+ return status;
+ }
+
+ QCC_ASSERT(manifests.size() > 0);
+
+ vector<std::string> manifestsStrings;
+ status = XmlManifestConverter::ManifestsToXmlArray(manifests.data(), manifests.size(), manifestsStrings);
+ if (ER_OK != status) {
+ return status;
+ }
+
+ vector<std::string>::size_type count = manifestsStrings.size();
+ manifestArray->xmls = new (std::nothrow) AJ_PSTR[count];
+ if (nullptr == manifestArray->xmls) {
+ manifestArray->count = 0;
+ return ER_OUT_OF_MEMORY;
+ }
+
+ memset(manifestArray->xmls, 0, sizeof(AJ_PSTR) * count);
+
+ manifestArray->count = count;
+
+ for (vector<std::string>::size_type i = 0; i < count; i++) {
+ manifestArray->xmls[i] = CreateStringCopy(manifestsStrings[i]);
+ if (nullptr == manifestArray->xmls[i]) {
+ alljoyn_securityapplicationproxy_manifestarray_cleanup(manifestArray);
+ return ER_OUT_OF_MEMORY;
+ }
+ }
+
+ return ER_OK;
+}
+
+void AJ_CALL alljoyn_securityapplicationproxy_manifestarray_cleanup(alljoyn_manifestarray* manifestArray)
+{
+ QCC_DbgTrace(("%s", __FUNCTION__));
+ alljoyn_permissionconfigurator_manifestarray_cleanup(manifestArray);
+}
+
QStatus AJ_CALL alljoyn_securityapplicationproxy_getmanifesttemplate(alljoyn_securityapplicationproxy proxy, AJ_PSTR* manifestXml)
{
QCC_DbgTrace(("%s", __FUNCTION__));
return ((SecurityApplicationProxy*)proxy)->GetManifestTemplate(manifestXml);
}
+QStatus AJ_CALL alljoyn_securityapplicationproxy_getmanifesttemplatedigest(alljoyn_securityapplicationproxy proxy, uint8_t* digest, size_t expectedSize)
+{
+ QCC_DbgTrace(("%s", __FUNCTION__));
+ return ((SecurityApplicationProxy*)proxy)->GetManifestTemplateDigest(digest, expectedSize);
+}
+
void AJ_CALL alljoyn_securityapplicationproxy_manifesttemplate_destroy(AJ_PSTR manifestXml)
{
+ QCC_DbgTrace(("%s", __FUNCTION__));
SecurityApplicationProxy::DestroyManifestTemplate(manifestXml);
}
+QStatus alljoyn_securityapplicationproxy_getsecurityapplicationversion(alljoyn_securityapplicationproxy proxy, uint16_t* version)
+{
+ QCC_DbgTrace(("%s", __FUNCTION__));
+ return ((SecurityApplicationProxy*)proxy)->GetSecurityApplicationVersion(*version);
+}
+
QStatus AJ_CALL alljoyn_securityapplicationproxy_getapplicationstate(alljoyn_securityapplicationproxy proxy, alljoyn_applicationstate* applicationState)
{
QCC_DbgTrace(("%s", __FUNCTION__));
@@ -179,6 +252,13 @@ QStatus AJ_CALL alljoyn_securityapplicationproxy_getclaimcapabilitiesadditionali
return status;
}
+QStatus AJ_CALL alljoyn_securityapplicationproxy_getpolicyversion(alljoyn_securityapplicationproxy proxy, uint32_t* version)
+{
+ QCC_DbgTrace(("%s", __FUNCTION__));
+ return ((SecurityApplicationProxy*)proxy)->GetPolicyVersion(*version);
+}
+
+
QStatus AJ_CALL alljoyn_securityapplicationproxy_getpolicy(alljoyn_securityapplicationproxy proxy, AJ_PSTR* policyXml)
{
QCC_DbgTrace(("%s", __FUNCTION__));
@@ -267,6 +347,184 @@ QStatus AJ_CALL alljoyn_securityapplicationproxy_installmembership(alljoyn_secur
return status;
}
+QStatus AJ_CALL alljoyn_securityapplicationproxy_removemembership(alljoyn_securityapplicationproxy proxy, const uint8_t* serial, size_t serialLen, AJ_PCSTR pubKey, const uint8_t* issuerAki, size_t issuerAkiLen)
+{
+ QCC_DbgTrace(("%s", __FUNCTION__));
+
+ QStatus status;
+ SecurityApplicationProxy* securityApplicationProxy = (SecurityApplicationProxy*)proxy;
+ KeyInfoNISTP256 issuerKeyInfo;
+
+ status = KeyInfoHelper::PEMToKeyInfoNISTP256(pubKey, issuerKeyInfo);
+
+ if (ER_OK != status) {
+ return status;
+ }
+
+ if ((nullptr != issuerAki) && (issuerAkiLen > 0)) {
+ issuerKeyInfo.SetKeyId(issuerAki, issuerAkiLen);
+ }
+
+ qcc::String serialStr((const char*)serial, serialLen);
+ return securityApplicationProxy->RemoveMembership(serialStr, issuerKeyInfo);
+}
+
+QStatus AJ_CALL alljoyn_securityapplicationproxy_getmembershipsummaries(alljoyn_securityapplicationproxy proxy, alljoyn_certificateidarray* certificateIds)
+{
+ QCC_DbgTrace(("%s", __FUNCTION__));
+
+ QStatus status;
+ vector<String> serialsVector;
+ vector<KeyInfoNISTP256> keyInfosVector;
+
+ memset(certificateIds, 0, sizeof(alljoyn_certificateidarray));
+
+ status = ((SecurityApplicationProxy*)proxy)->GetMembershipSummaries(serialsVector, keyInfosVector);
+ if (ER_OK != status) {
+ return status;
+ }
+
+ QCC_ASSERT(serialsVector.size() == keyInfosVector.size());
+
+ if (serialsVector.empty()) {
+ return ER_OK;
+ }
+
+ certificateIds->ids = new (std::nothrow) alljoyn_certificateid[serialsVector.size()];
+ if (nullptr == certificateIds->ids) {
+ return ER_OUT_OF_MEMORY;
+ }
+
+ memset(certificateIds->ids, 0, sizeof(alljoyn_certificateid) * serialsVector.size());
+ certificateIds->count = serialsVector.size();
+
+ for (vector<KeyInfoNISTP256>::size_type i = 0; i < keyInfosVector.size(); i++) {
+ String publicKeyString;
+ String akiString;
+
+ status = KeyInfoHelper::KeyInfoNISTP256ToPEM(keyInfosVector[i], publicKeyString);
+
+ if (ER_OK != status) {
+ alljoyn_securityapplicationproxy_certificateidarray_cleanup(certificateIds);
+ return status;
+ }
+
+ status = KeyInfoHelper::KeyInfoNISTP256ExtractAki(keyInfosVector[i], akiString);
+
+ if (ER_OK != status) {
+ alljoyn_securityapplicationproxy_certificateidarray_cleanup(certificateIds);
+ return status;
+ }
+
+ uint8_t* serialBuffer = new (std::nothrow) uint8_t[serialsVector[i].size()];
+
+ if (nullptr == serialBuffer) {
+ alljoyn_securityapplicationproxy_certificateidarray_cleanup(certificateIds);
+ return ER_OUT_OF_MEMORY;
+ }
+
+ memcpy(serialBuffer, serialsVector[i].data(), serialsVector[i].size());
+ certificateIds->ids[i].serial = serialBuffer;
+ certificateIds->ids[i].serialLen = serialsVector[i].size();
+ certificateIds->ids[i].issuerPublicKey = CreateStringCopy(publicKeyString);
+
+ if (nullptr == certificateIds->ids[i].issuerPublicKey) {
+ alljoyn_securityapplicationproxy_certificateidarray_cleanup(certificateIds);
+ return ER_OUT_OF_MEMORY;
+ }
+
+ uint8_t* akiBuffer = new (std::nothrow) uint8_t[akiString.size()];
+
+ if (nullptr == akiBuffer) {
+ alljoyn_securityapplicationproxy_certificateidarray_cleanup(certificateIds);
+ return ER_OUT_OF_MEMORY;
+ }
+
+ memcpy(akiBuffer, akiString.data(), akiString.size());
+ certificateIds->ids[i].issuerAki = akiBuffer;
+ certificateIds->ids[i].issuerAkiLen = akiString.size();
+ }
+
+ return ER_OK;
+}
+
+QStatus AJ_CALL alljoyn_securityapplicationproxy_getmembershipcertificates(alljoyn_securityapplicationproxy proxy, alljoyn_certificatechainarray* certChainArray)
+{
+ QCC_DbgTrace(("%s", __FUNCTION__));
+
+ QStatus status = ER_OK;
+ vector<vector<CertificateX509> > certs;
+
+ status = ((SecurityApplicationProxy*)proxy)->GetMembershipCertificates(certs);
+
+ if (ER_OK != status) {
+ return status;
+ }
+
+ qcc::String certStr;
+ size_t count = certs.size();
+ certChainArray->chains = new (std::nothrow) alljoyn_certificatearray[count];
+ if (nullptr == certChainArray->chains) {
+ certChainArray->count = 0;
+ return ER_OUT_OF_MEMORY;
+ }
+
+ memset(certChainArray->chains, 0, sizeof(alljoyn_certificatearray) * count);
+ certChainArray->count = count;
+
+ size_t chainIdx = 0;
+ size_t certIdx = 0;
+ for (auto& chain : certs) {
+
+ size_t certCount = chain.size();
+ alljoyn_certificatearray* chainPtr = &certChainArray->chains[chainIdx];
+ chainPtr->certificates = new (std::nothrow) AJ_PSTR[certCount];
+ if (nullptr == chainPtr->certificates) {
+ chainPtr->count = 0;
+ alljoyn_securityapplicationproxy_certificatechainarray_cleanup(certChainArray);
+ return ER_OUT_OF_MEMORY;
+ }
+
+ memset(chainPtr->certificates, 0, sizeof(AJ_PSTR) * certCount);
+ chainPtr->count = certCount;
+
+ for (auto& cert : chain) {
+ status = cert.EncodeCertificatePEM(certStr);
+ if (ER_OK != status) {
+ alljoyn_securityapplicationproxy_certificatechainarray_cleanup(certChainArray);
+ return status;
+ }
+
+ chainPtr->certificates[certIdx] = CreateStringCopy(static_cast<std::string>(certStr));
+ if (nullptr == chainPtr->certificates[certIdx]) {
+ alljoyn_securityapplicationproxy_certificatechainarray_cleanup(certChainArray);
+ return ER_OUT_OF_MEMORY;
+ }
+ ++certIdx;
+ }
+ ++chainIdx;
+ }
+ return ER_OK;
+}
+
+void AJ_CALL alljoyn_securityapplicationproxy_certificateidarray_cleanup(alljoyn_certificateidarray* certificateIds)
+{
+ QCC_DbgTrace(("%s", __FUNCTION__));
+
+ if (nullptr != certificateIds) {
+ alljoyn_permissionconfigurator_certificateidarray_cleanup(certificateIds);
+ }
+}
+
+void AJ_CALL alljoyn_securityapplicationproxy_certificatechainarray_cleanup(alljoyn_certificatechainarray* certChainArray)
+{
+ QCC_DbgTrace(("%s", __FUNCTION__));
+
+ if (nullptr != certChainArray) {
+ alljoyn_permissionconfigurator_certificatechainarray_cleanup(certChainArray);
+ }
+}
+
QStatus AJ_CALL alljoyn_securityapplicationproxy_reset(alljoyn_securityapplicationproxy proxy)
{
QCC_DbgTrace(("%s", __FUNCTION__));
@@ -291,6 +549,46 @@ QStatus AJ_CALL alljoyn_securityapplicationproxy_resetpolicy(alljoyn_securityapp
return ((SecurityApplicationProxy*)proxy)->ResetPolicy();
}
+QStatus AJ_CALL alljoyn_securityapplicationproxy_getmanufacturercerticate(alljoyn_securityapplicationproxy proxy, AJ_PSTR* manufacturerCertificateChain)
+{
+ QCC_DbgTrace(("%s", __FUNCTION__));
+
+ QStatus status;
+ vector<CertificateX509> certChain;
+
+ status = ((SecurityApplicationProxy*)proxy)->GetManufacturerCertificate(certChain);
+ if (ER_OK != status) {
+ return status;
+ }
+
+ std::string chainPEM;
+ qcc::String individualCertificate;
+
+ for (const auto& cert : certChain) {
+ status = cert.EncodeCertificatePEM(individualCertificate);
+
+ if (ER_OK != status) {
+ return status;
+ }
+ chainPEM.append(static_cast<std::string>(individualCertificate));
+ }
+
+ *manufacturerCertificateChain = CreateStringCopy(chainPEM);
+
+ if (nullptr == *manufacturerCertificateChain) {
+ return ER_OUT_OF_MEMORY;
+ }
+
+ return ER_OK;
+}
+
+void AJ_CALL alljoyn_securityapplicationproxy_certificatechain_destroy(AJ_PSTR certificateChain)
+{
+ QCC_DbgTrace(("%s", __FUNCTION__));
+
+ alljoyn_permissionconfigurator_certificatechain_destroy(certificateChain);
+}
+
QStatus AJ_CALL alljoyn_securityapplicationproxy_geteccpublickey(alljoyn_securityapplicationproxy proxy, AJ_PSTR* eccPublicKey)
{
QCC_DbgTrace(("%s", __FUNCTION__));
@@ -348,6 +646,21 @@ QStatus AJ_CALL alljoyn_securityapplicationproxy_signmanifest(AJ_PCSTR unsignedM
return status;
}
+QStatus AJ_CALL alljoyn_securityapplicationproxy_installmanifests(alljoyn_securityapplicationproxy proxy,
+ AJ_PCSTR* manifestsXmls,
+ size_t manifestsCount)
+{
+ QCC_DbgTrace(("%s", __FUNCTION__));
+ vector<Manifest> manifests;
+ QStatus status = XmlManifestConverter::XmlArrayToManifests(manifestsXmls, manifestsCount, manifests);
+
+ if (ER_OK == status) {
+ return ((SecurityApplicationProxy*)proxy)->InstallManifests(manifests.data(), manifests.size());
+ }
+
+ return status;
+}
+
void AJ_CALL alljoyn_securityapplicationproxy_manifest_destroy(AJ_PSTR signedManifestXml)
{
QCC_DbgTrace(("%s", __FUNCTION__));
@@ -446,4 +759,40 @@ QStatus AJ_CALL alljoyn_securityapplicationproxy_setmanifestsignature(AJ_PCSTR u
}
return ER_OK;
-} \ No newline at end of file
+}
+
+QStatus AJ_CALL alljoyn_securityapplicationproxy_getidentity(alljoyn_securityapplicationproxy proxy, AJ_PSTR* identityCertificateChain, size_t* size)
+{
+ QCC_DbgTrace(("%s", __FUNCTION__));
+
+ QStatus status;
+ vector<CertificateX509> certChain;
+
+ status = ((SecurityApplicationProxy*)proxy)->GetIdentity(certChain);
+
+ if (ER_OK != status) {
+ return status;
+ }
+
+ std::string chainPEM;
+ qcc::String individualCertificate;
+
+ for (const auto& cert : certChain) {
+ status = cert.EncodeCertificatePEM(individualCertificate);
+
+ if (ER_OK != status) {
+ return status;
+ }
+ chainPEM.append(static_cast<std::string>(individualCertificate));
+ }
+
+ *identityCertificateChain = CreateStringCopy(chainPEM);
+
+ if (nullptr == *identityCertificateChain) {
+ return ER_OUT_OF_MEMORY;
+ }
+
+ *size = certChain.size();
+
+ return ER_OK;
+}
diff --git a/alljoyn_c/unit_test/PermissionConfiguratorTest.cc b/alljoyn_c/unit_test/PermissionConfiguratorTest.cc
index e37527a..17f3d87 100644
--- a/alljoyn_c/unit_test/PermissionConfiguratorTest.cc
+++ b/alljoyn_c/unit_test/PermissionConfiguratorTest.cc
@@ -32,6 +32,7 @@
#include <alljoyn_c/SecurityApplicationProxy.h>
#include <qcc/Util.h>
#include <qcc/GUID.h>
+#include <qcc/CryptoECC.h>
#include "ajTestCommon.h"
#include "InMemoryKeyStore.h"
#include "SecurityApplicationProxyTestHelper.h"
@@ -713,6 +714,7 @@ TEST_P(PermissionConfiguratorClaimCapabilitiesTest, ShouldSetClaimCapabilitiesAd
}
#ifdef NDEBUG
+
TEST_F(PermissionConfiguratorPreClaimTest, shouldReturnErrorWhenSigningManifestWithNullCertificate)
{
EXPECT_EQ(ER_INVALID_DATA, alljoyn_securityapplicationproxy_signmanifest(s_validAllowAllManifestTemplate,
@@ -766,6 +768,35 @@ TEST_F(PermissionConfiguratorPreClaimTest, shouldReturnErrorWhenClaimingWithNull
}
#endif
+TEST_F(PermissionConfiguratorPreClaimTest, shouldPassSignCertificate)
+{
+ CertificateX509 cert;
+
+ qcc::String unSignedCert =
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIIBtDCCAVmgAwIBAgIJAMlyFqk69v+OMAoGCCqGSM49BAMCMFYxKTAnBgNVBAsM\n"
+ "IDdhNDhhYTI2YmM0MzQyZjZhNjYyMDBmNzdhODlkZDAyMSkwJwYDVQQDDCA3YTQ4\n"
+ "YWEyNmJjNDM0MmY2YTY2MjAwZjc3YTg5ZGQwMjAeFw0xNTAyMjYyMTUxMjVaFw0x\n"
+ "NjAyMjYyMTUxMjVaMFYxKTAnBgNVBAsMIDZkODVjMjkyMjYxM2IzNmUyZWVlZjUy\n"
+ "NzgwNDJjYzU2MSkwJwYDVQQDDCA2ZDg1YzI5MjI2MTNiMzZlMmVlZWY1Mjc4MDQy\n"
+ "Y2M1NjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABL50XeH1/aKcIF1+BJtlIgjL\n"
+ "AW32qoQdVOTyQg2WnM/R7pgxM2Ha0jMpksUd+JS9BiVYBBArwU76Whz9m6UyJeqj\n"
+ "EDAOMAwGA1UdEwQFMAMBAf8wCgYIKoZIzj0EAwIDSQAwRgIhAKfmglMgl67L5ALF\n"
+ "Z63haubkItTMACY1k4ROC2q7cnVmAiEArvAmcVInOq/U5C1y2XrvJQnAdwSl/Ogr\n"
+ "IizUeK0oI5c=\n"
+ "-----END CERTIFICATE-----";
+
+ ASSERT_EQ(ER_OK, alljoyn_permissionconfigurator_signcertificate(m_configuratorUnderTest, unSignedCert.c_str(), &m_altIdentityCertificate));
+ EXPECT_EQ(ER_OK, cert.LoadPEM(qcc::String(m_altIdentityCertificate)));
+ EXPECT_STRNE(m_altIdentityCertificate, unSignedCert.c_str());
+}
+
+TEST_F(PermissionConfiguratorPreClaimTest, shouldPassSignManifest)
+{
+ AJ_PSTR signedManifestXmls[1];
+ EXPECT_EQ(ER_OK, alljoyn_permissionconfigurator_signmanifest(m_configuratorUnderTest, m_identityCertificate, s_validAllowAllManifestTemplate, &signedManifestXmls[0]));
+}
+
TEST_F(PermissionConfiguratorPreClaimTest, shouldReturnErrorWhenClaimingWithInvalidPublicKey)
{
AJ_PCSTR invalidPublicKey = m_privateKey;
@@ -1082,4 +1113,10 @@ TEST_F(PermissionConfiguratorPostClaimTest, shouldFailRemoveMembershipSecondCall
m_certificateIdArray.ids[0].issuerAki,
m_certificateIdArray.ids[0].issuerAkiLen));
-} \ No newline at end of file
+}
+
+TEST_F(PermissionConfiguratorPostClaimTest, shouldFailGetConnectedPeerPublicKeyForNonconnectedPeer)
+{
+ AJ_PSTR pubKey = nullptr;
+ EXPECT_EQ(ER_BUS_KEY_UNAVAILABLE, alljoyn_permissionconfigurator_getconnectedpeerpublickey(m_configuratorUnderTest, m_adminGroupId, &pubKey));
+}
diff --git a/alljoyn_c/unit_test/SecurityApplicationProxyTest.cc b/alljoyn_c/unit_test/SecurityApplicationProxyTest.cc
index d411395..5234909 100644
--- a/alljoyn_c/unit_test/SecurityApplicationProxyTest.cc
+++ b/alljoyn_c/unit_test/SecurityApplicationProxyTest.cc
@@ -342,6 +342,7 @@ class SecurityApplicationProxySelfClaimTest : public SecurityApplicationProxyPre
SecurityApplicationProxySelfClaimTest() : SecurityApplicationProxyPreProxyTest(),
m_invalidProxy(nullptr),
m_managedApp(nullptr),
+ m_manufacturerCert(nullptr),
m_managedAppPermissionConfigurationListener(nullptr)
{
InitializeArrayElements(m_securityManagerSignedManifests, ArraySize(m_securityManagerSignedManifests));
@@ -377,6 +378,8 @@ class SecurityApplicationProxySelfClaimTest : public SecurityApplicationProxyPre
alljoyn_permissionconfigurationlistener_destroy(m_managedAppPermissionConfigurationListener);
+ alljoyn_securityapplicationproxy_certificatechain_destroy(m_manufacturerCert);
+
alljoyn_securityapplicationproxy_destroy(m_invalidProxy);
SecurityApplicationProxyPreProxyTest::TearDown();
@@ -388,6 +391,7 @@ class SecurityApplicationProxySelfClaimTest : public SecurityApplicationProxyPre
alljoyn_busattachment m_managedApp;
AJ_PSTR m_securityManagerSignedManifests[1];
GUID128 m_adminGroupGuid;
+ AJ_PSTR m_manufacturerCert;
void InitializeArrayElements(AJ_PSTR* someArray, size_t elementCount)
{
@@ -561,7 +565,9 @@ class SecurityApplicationProxyFullSetupTest : public SecurityApplicationProxyPos
SecurityApplicationProxyFullSetupTest() : SecurityApplicationProxyPostClaimTest(),
m_oldPolicy(nullptr),
m_newPolicy(nullptr),
- m_retrievedPolicy(nullptr)
+ m_retrievedPolicy(nullptr),
+ m_managedAppMembershipCertificate(nullptr),
+ m_identityCertificateChainOutput(nullptr)
{ }
virtual void SetUp()
@@ -571,6 +577,7 @@ class SecurityApplicationProxyFullSetupTest : public SecurityApplicationProxyPos
InstallAdminGroupMembership();
SetUpPolicies();
EndRemoteAppsManagement();
+ CreateAndInstallMembershipToManagedApp();
}
virtual void TearDown()
@@ -579,6 +586,20 @@ class SecurityApplicationProxyFullSetupTest : public SecurityApplicationProxyPos
DestroyStringCopy(m_oldPolicy);
DestroyStringCopy(m_retrievedPolicy);
+ if (m_certIds.count > 0) {
+ alljoyn_securityapplicationproxy_certificateidarray_cleanup(&m_certIds);
+ }
+
+ if (m_certChainArray.count > 0) {
+ alljoyn_securityapplicationproxy_certificatechainarray_cleanup(&m_certChainArray);
+ }
+
+ SecurityApplicationProxyTestHelper::DestroyCertificate(m_managedAppMembershipCertificate);
+
+ if (nullptr != m_identityCertificateChainOutput) {
+ alljoyn_securityapplicationproxy_certificatechain_destroy(m_identityCertificateChainOutput);
+ }
+
SecurityApplicationProxyPostClaimTest::TearDown();
}
@@ -587,7 +608,10 @@ class SecurityApplicationProxyFullSetupTest : public SecurityApplicationProxyPos
AJ_PSTR m_oldPolicy;
AJ_PSTR m_newPolicy;
AJ_PSTR m_retrievedPolicy;
-
+ alljoyn_certificateidarray m_certIds;
+ alljoyn_certificatechainarray m_certChainArray;
+ AJ_PSTR m_managedAppMembershipCertificate;
+ AJ_PSTR m_identityCertificateChainOutput;
void ModifyManagedAppIdentityCertAndManifests()
{
SecurityApplicationProxyTestHelper::DestroyCertificate(m_managedAppIdentityCertificate);
@@ -633,7 +657,6 @@ class SecurityApplicationProxyFullSetupTest : public SecurityApplicationProxyPos
delete fixedPolicyXml;
}
-
void InstallAdminGroupMembership()
{
ASSERT_EQ(ER_OK, alljoyn_securityapplicationproxy_installmembership(m_securityManagerSecurityApplicationProxy, m_adminGroupMembershipCertificate));
@@ -644,6 +667,18 @@ class SecurityApplicationProxyFullSetupTest : public SecurityApplicationProxyPos
{
ASSERT_EQ(ER_OK, alljoyn_securityapplicationproxy_endmanagement(m_managedAppSecurityApplicationProxy));
}
+
+ void CreateAndInstallMembershipToManagedApp()
+ {
+ m_certIds.count = 0;
+ m_certChainArray.count = 0;
+ SecurityApplicationProxyTestHelper::CreateMembershipCert(m_securityManager,
+ m_managedApp,
+ m_adminGroupId,
+ true,
+ &m_managedAppMembershipCertificate);
+ ASSERT_EQ(ER_OK, alljoyn_securityapplicationproxy_installmembership(m_managedAppSecurityApplicationProxy, m_managedAppMembershipCertificate));
+ }
};
bool SecurityApplicationProxyPreProxyTest::s_policyChangeHappened;
@@ -651,7 +686,6 @@ bool SecurityApplicationProxyPreProxyTest::s_factoryResetHappened;
bool SecurityApplicationProxyPreProxyTest::s_startManagementHappened;
bool SecurityApplicationProxyPreProxyTest::s_endManagementHappened;
-
TEST_F(SecurityApplicationProxyPreProxyTest, shouldPassWhenCreatingWithNonExistingRemoteApp)
{
m_securityManagerSecurityApplicationProxy = alljoyn_securityapplicationproxy_create(m_securityManager, INVALID_BUS_NAME, m_securityManagerSessionId);
@@ -803,6 +837,13 @@ TEST_F(SecurityApplicationProxyPreProxyTest, shouldPassWhenSettingManifestSignat
&m_signedManifestXml));
}
+TEST_F(SecurityApplicationProxySelfClaimTest, shouldPassGetManufacturerCertificate)
+{
+ ASSERT_EQ(ER_OK, alljoyn_securityapplicationproxy_getmanufacturercerticate(m_securityManagerSecurityApplicationProxy, &m_manufacturerCert));
+ //there is no Manufacturer Certificate installed now
+ EXPECT_STREQ("", m_manufacturerCert);
+}
+
TEST_F(SecurityApplicationProxySelfClaimTest, shouldReturnErrorWhenClaimingWithInvalidProxy)
{
EXPECT_EQ(ER_AUTH_FAIL, alljoyn_securityapplicationproxy_claim(m_invalidProxy,
@@ -1092,6 +1133,33 @@ TEST_F(SecurityApplicationProxyPreClaimTest, shouldReturnErrorWhenInstallingSame
EXPECT_EQ(ER_DUPLICATE_CERTIFICATE, alljoyn_securityapplicationproxy_installmembership(m_securityManagerSecurityApplicationProxy, m_adminGroupMembershipCertificate));
}
+TEST_F(SecurityApplicationProxyPostClaimTest, shouldSucceedGetSecurityApplicationVersion)
+{
+ uint16_t version = 0;
+
+ EXPECT_EQ(ER_OK, alljoyn_securityapplicationproxy_getsecurityapplicationversion(m_managedAppSecurityApplicationProxy, &version));
+ //see SECURITY_APPLICATION_VERSION in SecurityApplicationObj.cc
+ EXPECT_EQ(1U, version);
+}
+
+TEST_F(SecurityApplicationProxyPostClaimTest, shouldSucceedGetClaimableApplicationVersion)
+{
+ uint16_t version = 0;
+
+ EXPECT_EQ(ER_OK, alljoyn_securityapplicationproxy_getclaimableapplicationversion(m_managedAppSecurityApplicationProxy, &version));
+ //see SECURITY_CLAIMABLE_APPLICATION_VERSION in SecurityApplicationObj.cc
+ EXPECT_EQ(1U, version);
+}
+
+TEST_F(SecurityApplicationProxyPostClaimTest, shouldSucceedGetManagedApplicationVersion)
+{
+ uint16_t version = 0;
+
+ EXPECT_EQ(ER_OK, alljoyn_securityapplicationproxy_getmanagedapplicationversion(m_managedAppSecurityApplicationProxy, &version));
+ //see SECURITY_MANAGED_APPLICATION_VERSIOn in SecurityApplicationObj.cc
+ EXPECT_EQ(2U, version);
+}
+
TEST_F(SecurityApplicationProxyPostClaimTest, shouldReturnErrorForStartManagementWithInvalidProxy)
{
EXPECT_EQ(ER_AUTH_FAIL, alljoyn_securityapplicationproxy_startmanagement(m_invalidProxy));
@@ -1256,6 +1324,13 @@ TEST_F(SecurityApplicationProxyFullSetupTest, shouldNotCallPolicyChangedCallback
EXPECT_FALSE(WaitForTrueOrTimeout(&s_policyChangeHappened));
}
+TEST_F(SecurityApplicationProxyFullSetupTest, shouldPassGetManifests)
+{
+ alljoyn_manifestarray manifestArray;
+ EXPECT_EQ(ER_OK, alljoyn_securityapplicationproxy_getmanifests(m_managedAppSecurityApplicationProxy, &manifestArray));
+ EXPECT_EQ(1U, manifestArray.count);
+}
+
TEST_F(SecurityApplicationProxyFullSetupTest, shouldPassResetForValidProxyAndInstalledMembership)
{
EXPECT_EQ(ER_OK, alljoyn_securityapplicationproxy_reset(m_managedAppSecurityApplicationProxy));
@@ -1307,7 +1382,81 @@ TEST_F(SecurityApplicationProxyFullSetupTest, shouldSucceedGetPolicy)
EXPECT_EQ(ER_OK, alljoyn_securityapplicationproxy_getpolicy(m_managedAppSecurityApplicationProxy, &m_retrievedPolicy));
}
+TEST_F(SecurityApplicationProxyFullSetupTest, shouldSucceedGetPolicyVersion)
+{
+ ASSERT_EQ(ER_OK, alljoyn_securityapplicationproxy_updatepolicy(m_managedAppSecurityApplicationProxy, m_oldPolicy));
+ ASSERT_EQ(ER_OK, alljoyn_proxybusobject_secureconnection((alljoyn_proxybusobject)m_managedAppSecurityApplicationProxy, true));
+
+ uint32_t version = 0;
+ ASSERT_EQ(ER_OK, alljoyn_securityapplicationproxy_getpolicyversion(m_managedAppSecurityApplicationProxy, &version));
+ EXPECT_EQ(100U, version);
+
+ ASSERT_EQ(ER_OK, alljoyn_securityapplicationproxy_updatepolicy(m_managedAppSecurityApplicationProxy, m_newPolicy));
+ ASSERT_EQ(ER_OK, alljoyn_proxybusobject_secureconnection((alljoyn_proxybusobject)m_managedAppSecurityApplicationProxy, true));
+
+ ASSERT_EQ(ER_OK, alljoyn_securityapplicationproxy_getpolicyversion(m_managedAppSecurityApplicationProxy, &version));
+ EXPECT_EQ(200U, version);
+}
+
TEST_F(SecurityApplicationProxyFullSetupTest, shouldSucceedGetDefaultPolicy)
{
EXPECT_EQ(ER_OK, alljoyn_securityapplicationproxy_getdefaultpolicy(m_managedAppSecurityApplicationProxy, &m_retrievedPolicy));
-} \ No newline at end of file
+}
+
+TEST_F(SecurityApplicationProxyFullSetupTest, shouldPassGetIdentityManagedAppProxy)
+{
+ size_t size = 0xFF;
+
+ EXPECT_EQ(ER_OK, alljoyn_securityapplicationproxy_getidentity(m_managedAppSecurityApplicationProxy, &m_identityCertificateChainOutput, &size));
+ EXPECT_EQ(2U, size);
+}
+
+TEST_F(SecurityApplicationProxyFullSetupTest, shouldPassGetIdentitySecurityManagerProxy)
+{
+ size_t size = 0xFF;
+
+ EXPECT_EQ(ER_OK, alljoyn_securityapplicationproxy_getidentity(m_securityManagerSecurityApplicationProxy, &m_identityCertificateChainOutput, &size));
+ EXPECT_EQ(1U, size);
+}
+
+TEST_F(SecurityApplicationProxyFullSetupTest, shouldPassGetMembershipSummaries)
+{
+ EXPECT_EQ(ER_OK, alljoyn_securityapplicationproxy_getmembershipsummaries(m_managedAppSecurityApplicationProxy, &m_certIds));
+ EXPECT_EQ(1U, m_certIds.count);
+}
+
+TEST_F(SecurityApplicationProxyFullSetupTest, shouldPassGetMembershipCertificates)
+{
+ EXPECT_EQ(ER_OK, alljoyn_securityapplicationproxy_getmembershipcertificates(m_managedAppSecurityApplicationProxy, &m_certChainArray));
+ EXPECT_EQ(1U, m_certChainArray.count);
+ EXPECT_EQ(1U, m_certChainArray.chains[0].count);
+ EXPECT_STREQ(m_managedAppMembershipCertificate, m_certChainArray.chains[0].certificates[0]);
+}
+
+TEST_F(SecurityApplicationProxyFullSetupTest, shouldPassRemoveMembership)
+{
+ ASSERT_EQ(ER_OK, alljoyn_securityapplicationproxy_getmembershipsummaries(m_managedAppSecurityApplicationProxy, &m_certIds));
+ ASSERT_EQ(1U, m_certIds.count);
+
+ std::string serial((char*)m_certIds.ids[0].serial, m_certIds.ids[0].serialLen);
+ EXPECT_EQ(ER_OK, alljoyn_securityapplicationproxy_removemembership(m_managedAppSecurityApplicationProxy,
+ (const uint8_t*)serial.c_str(),
+ serial.size(),
+ m_certIds.ids[0].issuerPublicKey,
+ nullptr,
+ 0U));
+
+ EXPECT_EQ(ER_OK, alljoyn_securityapplicationproxy_getmembershipsummaries(m_managedAppSecurityApplicationProxy, &m_certIds));
+ EXPECT_EQ(0U, m_certIds.count);
+}
+
+TEST_F(SecurityApplicationProxyFullSetupTest, shouldPassInstallManifests)
+{
+ SecurityApplicationProxyTestHelper::CreateIdentityCert(m_securityManager, m_managedApp, &m_managedAppIdentityCertificate, false);
+ ASSERT_EQ(ER_OK, alljoyn_securityapplicationproxy_signmanifest(s_validManagedAppManifestTemplate,
+ m_managedAppIdentityCertificate,
+ m_securityManagerPrivateKey,
+ &m_signedManifestXml));
+
+ EXPECT_EQ(ER_OK, alljoyn_securityapplicationproxy_installmanifests(m_managedAppSecurityApplicationProxy, (AJ_PCSTR*)&m_signedManifestXml, 1));
+}
diff --git a/alljoyn_core/SConscript b/alljoyn_core/SConscript
index ccd4292..9fe1092 100644
--- a/alljoyn_core/SConscript
+++ b/alljoyn_core/SConscript
@@ -110,7 +110,7 @@ config_env.SConscript('$OBJDIR_CONFIG/cpp/SConscript', exports = ['config_env'])
# only include command line samples, unit test, test programs if we are not
# building for iOS. No support on iOS for command line applications.
-if env['OS'] == 'darwin' and env['CPU'] in ['arm', 'armv7', 'armv7s', 'arm64',]:
+if (env['OS'] == 'darwin' and env['CPU'] in ['arm', 'armv7', 'armv7s', 'arm64']) or env['OS'] == 'iOS':
progs = []
else:
# Test programs
@@ -135,7 +135,7 @@ elif ajenv['OS_CONF'] == 'android':
else: # linux based platforms
ajenv.InstallAs('$DISTDIR/README.txt', 'docs/README.linux.txt')
-if not (ajenv['OS'] == 'darwin' and ajenv['CPU'] in ['arm', 'armv7', 'armv7s', 'arm64',]):
+if not ((ajenv['OS'] == 'darwin' and ajenv['CPU'] in ['arm', 'armv7', 'armv7s', 'arm64']) or ajenv['OS'] == 'iOS'):
ajenv.Install('$DISTDIR', 'docs/ReleaseNotes.txt')
# Build docs
diff --git a/alljoyn_core/docs/snippets/SConscript b/alljoyn_core/docs/snippets/SConscript
index 7899baf..3dbc6b0 100644
--- a/alljoyn_core/docs/snippets/SConscript
+++ b/alljoyn_core/docs/snippets/SConscript
@@ -35,7 +35,7 @@ if snippets_env['BR'] == 'on':
# only include command line samples, unit test, test programs if we are not
# building for iOS. No support on iOS for command line applications.
-if not (snippets_env['OS'] == 'darwin' and snippets_env['CPU'] in ['arm', 'armv7', 'armv7s', 'arm64',]):
+if not ((snippets_env['OS'] == 'darwin' and snippets_env['CPU'] in ['arm', 'armv7', 'armv7s', 'arm64']) or snippets_env['OS'] == 'iOS'):
snippets_env.Program('usingmsgarg', ['usingmsgarg.cpp'])
snippets_env.Program('create_interface_from_xml_interface', ['create_interface_from_xml_interface.cpp'])
snippets_env.Program('create_interface_from_xml_node', ['create_interface_from_xml_node.cpp'])
diff --git a/alljoyn_core/inc/alljoyn/AboutIconObj.h b/alljoyn_core/inc/alljoyn/AboutIconObj.h
index ffab424..b8053a4 100644
--- a/alljoyn_core/inc/alljoyn/AboutIconObj.h
+++ b/alljoyn_core/inc/alljoyn/AboutIconObj.h
@@ -67,7 +67,7 @@ class AboutIconObj : public BusObject {
/**
* Handles GetUrl method call for the org.alljoyn.Icon interface
*
- * @param[in] member
+ * @param[in] member interface member
* @param[in] msg reference of AllJoyn Message
*/
void GetUrl(const InterfaceDescription::Member* member, Message& msg);
@@ -75,7 +75,7 @@ class AboutIconObj : public BusObject {
/**
* Handles GetContent method call for the org.alljoyn.Icon interface
*
- * @param[in] member
+ * @param[in] member interface member
* @param[in] msg reference of AllJoyn Message
*/
void GetContent(const InterfaceDescription::Member* member, Message& msg);
@@ -86,7 +86,8 @@ class AboutIconObj : public BusObject {
* @param[in] ifcName interface name
* @param[in] propName the name of the properly
* @param[in] val reference of MsgArg out parameter.
- * @return
+ *
+ * @return ER_OK on success
*/
QStatus Get(const char* ifcName, const char* propName, MsgArg& val);
diff --git a/alljoyn_core/inc/alljoyn/AboutObj.h b/alljoyn_core/inc/alljoyn/AboutObj.h
index e392715..207d098 100644
--- a/alljoyn_core/inc/alljoyn/AboutObj.h
+++ b/alljoyn_core/inc/alljoyn/AboutObj.h
@@ -119,14 +119,14 @@ class AboutObj : public BusObject {
private:
/**
* Handles GetAboutData method
- * @param[in] member
+ * @param[in] member interface member
* @param[in] msg reference of AllJoyn Message
*/
void GetAboutData(const InterfaceDescription::Member* member, Message& msg);
/**
* Handles GetObjectDescription method
- * @param[in] member
+ * @param[in] member interface member
* @param[in] msg reference of AllJoyn Message
*/
void GetObjectDescription(const InterfaceDescription::Member* member, Message& msg);
diff --git a/alljoyn_core/inc/alljoyn/AboutObjectDescription.h b/alljoyn_core/inc/alljoyn/AboutObjectDescription.h
index ecad8bb..9ddb538 100644
--- a/alljoyn_core/inc/alljoyn/AboutObjectDescription.h
+++ b/alljoyn_core/inc/alljoyn/AboutObjectDescription.h
@@ -177,7 +177,6 @@ class AboutObjectDescription {
/**
* Clear all the contents of this AboutObjectDescription
*
- * @return ER_OK
*/
void Clear();
/**
diff --git a/alljoyn_core/inc/alljoyn/AuthListener.h b/alljoyn_core/inc/alljoyn/AuthListener.h
index 49b09c8..ddd5546 100644
--- a/alljoyn_core/inc/alljoyn/AuthListener.h
+++ b/alljoyn_core/inc/alljoyn/AuthListener.h
@@ -455,7 +455,7 @@ class DefaultECDHEAuthListener : public AuthListener {
* when it is not yet defined) or clears it by providing a NULL array.
*
* @param[in] password the pre-shared secret or nullptr.
- * @param[in] password the size of the password secret. It must be at
+ * @param[in] passwordSize the size of the password secret. It must be at
* least 4 characters or 0 to clear the
* current value.
* @return ER_OK on success
diff --git a/alljoyn_core/inc/alljoyn/BusAttachment.h b/alljoyn_core/inc/alljoyn/BusAttachment.h
index 6e0541d..bae2e36 100644
--- a/alljoyn_core/inc/alljoyn/BusAttachment.h
+++ b/alljoyn_core/inc/alljoyn/BusAttachment.h
@@ -522,8 +522,6 @@ class BusAttachment : public MessageReceiver {
*
* @return
* - #ER_OK if successful.
- * - #ER_BUS_BUS_ALREADY_STARTED if already started
- * - Other error status codes indicating a failure
*/
QStatus Join();
diff --git a/alljoyn_core/inc/alljoyn/BusObject.h b/alljoyn_core/inc/alljoyn/BusObject.h
index c554ccd..d8757c3 100644
--- a/alljoyn_core/inc/alljoyn/BusObject.h
+++ b/alljoyn_core/inc/alljoyn/BusObject.h
@@ -201,6 +201,7 @@ class BusObject : public MessageReceiver {
* being received twice.
*
* @param msg [OUT] If non-null, the sent signal message is returned to the caller.
+ * This should be NULL when using SESSION_ID_ALL_HOSTED, otherwise the call will error.
* @return
* - #ER_OK if successful
* - #ER_BUS_OBJECT_NOT_REGISTERED if bus object has not yet been registered
@@ -689,7 +690,7 @@ class BusObject : public MessageReceiver {
* This utility method is called by the bus during object registration.
* Do not call this object explicitly.
*
- * @param bus BusAttachement to associate with BusObject.
+ * @param busAttachment BusAttachement to associate with BusObject.
* @return
* - #ER_OK if all the methods were added
* - #ER_BUS_NO_SUCH_INTERFACE is method can not be added because interface does not exist.
diff --git a/alljoyn_core/inc/alljoyn/InterfaceDescription.h b/alljoyn_core/inc/alljoyn/InterfaceDescription.h
index 9041778..845e4be 100644
--- a/alljoyn_core/inc/alljoyn/InterfaceDescription.h
+++ b/alljoyn_core/inc/alljoyn/InterfaceDescription.h
@@ -626,7 +626,9 @@ class InterfaceDescription {
*
* @param language The language tag
*/
- QCC_DEPRECATED_ON(void SetDescriptionLanguage(const char* language), 16.10);
+ QCC_DEPRECATED_MSG(void SetDescriptionLanguage(const char* language),
+ "Please use SetDescriptionForLanguage() instead.",
+ 16.10);
/**
* Get the language tag for the introspection descriptions of this InterfaceDescription
@@ -636,7 +638,9 @@ class InterfaceDescription {
*
* @return The langauge tag
*/
- QCC_DEPRECATED_ON(const char* GetDescriptionLanguage() const, 16.10);
+ QCC_DEPRECATED_MSG(const char* GetDescriptionLanguage() const,
+ "Please use GetDescriptionLanguages() or GetDescriptionForLanguage() instead.",
+ 16.10);
/**
* Get the set of all available description languages.
@@ -661,7 +665,9 @@ class InterfaceDescription {
*
* @param description The introspection description
*/
- QCC_DEPRECATED_ON(void SetDescription(const char* description), 16.10);
+ QCC_DEPRECATED_MSG(void SetDescription(const char* description),
+ "Please use SetDescriptionForLanguage() instead.",
+ 16.10);
/**
* Set the introspection description for this InterfaceDescription in the given language.
@@ -722,7 +728,9 @@ class InterfaceDescription {
* - #ER_BUS_INTERFACE_ACTIVATED If the interface has already been activated
* - #ER_BUS_INTERFACE_NO_SUCH_MEMBER If the member was not found
*/
- QCC_DEPRECATED_ON(QStatus SetMemberDescription(const char* member, const char* description), 16.10);
+ QCC_DEPRECATED_MSG(QStatus SetMemberDescription(const char* member, const char* description),
+ "Please use SetMemberDescriptionForLanguage() instead.",
+ 16.10);
/**
* Set the introspection description for member "memberName" of this InterfaceDescription
@@ -808,7 +816,9 @@ class InterfaceDescription {
* - #ER_BUS_INTERFACE_ACTIVATED If the interface has already been activated
* - #ER_BUS_INTERFACE_NO_SUCH_MEMBER If the member was not found
*/
- QCC_DEPRECATED_ON(QStatus SetArgDescription(const char* member, const char* arg, const char* description), 16.10);
+ QCC_DEPRECATED_MSG(QStatus SetArgDescription(const char* member, const char* arg, const char* description),
+ "Please use SetArgDescriptionForLanguage() instead.",
+ 16.10);
/**
* Set the introspection description for the argument "argName" of the member "memberName"
@@ -879,7 +889,9 @@ class InterfaceDescription {
* - #ER_BUS_INTERFACE_ACTIVATED If the interface has already been activated
* - #ER_BUS_NO_SUCH_PROPERTY If the property was not found
*/
- QCC_DEPRECATED_ON(QStatus SetPropertyDescription(const char* name, const char* description), 16.10);
+ QCC_DEPRECATED_MSG(QStatus SetPropertyDescription(const char* name, const char* description),
+ "Please use SetPropertyDescriptionForLanguage() instead.",
+ 16.10);
/**
* Set the introspection description for the interface property "propertyName"
@@ -942,7 +954,9 @@ class InterfaceDescription {
*
* @param translator The Translator instance.
*/
- QCC_DEPRECATED_ON(void SetDescriptionTranslator(Translator * translator), 16.10);
+ QCC_DEPRECATED_MSG(void SetDescriptionTranslator(Translator * translator),
+ "Please use SetDescriptionForLanguage() instead.",
+ 16.10);
/**
* Get the Translator that provides this InterfaceDescription's
@@ -953,7 +967,9 @@ class InterfaceDescription {
*
* @return The Translator instance.
*/
- QCC_DEPRECATED_ON(Translator * GetDescriptionTranslator() const, 16.10);
+ QCC_DEPRECATED_MSG(Translator * GetDescriptionTranslator() const,
+ "Please use GetDescriptionForLanguage() instead.",
+ 16.10);
/**
* Does this interface have at least one description on an element
diff --git a/alljoyn_core/inc/alljoyn/Message.h b/alljoyn_core/inc/alljoyn/Message.h
index b4b83c6..ba109c8 100644
--- a/alljoyn_core/inc/alljoyn/Message.h
+++ b/alljoyn_core/inc/alljoyn/Message.h
@@ -1084,7 +1084,7 @@ class _Message {
* @param sender sender of the message
* @param allowRemote true iff connection allows messages from remote devices.
* @param guid GUID of sender of message
- * @param nametype specify what names are transfered
+ * @param nameType specify what names are transfered
*
* @return
* - #ER_OK if hello method call was sent successfully.
diff --git a/alljoyn_core/inc/alljoyn/MsgArg.h b/alljoyn_core/inc/alljoyn/MsgArg.h
index 940349d..5eaada5 100644
--- a/alljoyn_core/inc/alljoyn/MsgArg.h
+++ b/alljoyn_core/inc/alljoyn/MsgArg.h
@@ -254,15 +254,15 @@ class MsgArg {
* The flag value that indicates that the MsgArg owns the data it references so is responsible
* for freeing that data in the destructor. This applies to any MsgArg that has a pointer to a
* string or other data.
- * @return value that indicates the MsgArg owns the data.
+ * return value that indicates the MsgArg owns the data.
*/
static const uint8_t OwnsData = 1;
/**
* The flag value that indicates that the MsgArg owns the nested MsgArgs it references so is responsible
* for freeing those MsgArgs in the destructor. This applies to MsgArgs of type #ALLJOYN_ARRAY,
- * #ALLJOYN_STRUCT, #ALLJOYN_DICT_ENTRY, and #ALLJOYN_VARIANT.
- * @return value that indicates the MsgArg owns the nested MsgArgs it references.
+ * ALLJOYN_STRUCT, ALLJOYN_DICT_ENTRY, and ALLJOYN_VARIANT.
+ * return value that indicates the MsgArg owns the nested MsgArgs it references.
*/
static const uint8_t OwnsArgs = 2;
diff --git a/alljoyn_core/inc/alljoyn/PermissionConfigurator.h b/alljoyn_core/inc/alljoyn/PermissionConfigurator.h
index 4dc28c6..2110abf 100644
--- a/alljoyn_core/inc/alljoyn/PermissionConfigurator.h
+++ b/alljoyn_core/inc/alljoyn/PermissionConfigurator.h
@@ -381,7 +381,7 @@ class PermissionConfigurator {
* Retrieve the local app's identity certificate information.
*
* @param[out] serial Identity certificate's serial
- * @param[out] keyInfo Identity certificate's KeyInfoNISTP256 structure
+ * @param[out] issuerKeyInfo Identity certificate's KeyInfoNISTP256 structure
*
* @return
* - #ER_OK if the identity certificate information is placed in the parameters
diff --git a/alljoyn_core/inc/alljoyn/PermissionPolicy.h b/alljoyn_core/inc/alljoyn/PermissionPolicy.h
index 4752052..316eab4 100644
--- a/alljoyn_core/inc/alljoyn/PermissionPolicy.h
+++ b/alljoyn_core/inc/alljoyn/PermissionPolicy.h
@@ -1011,7 +1011,7 @@ class _Manifest {
* Sign method before applying to an application.
*
* @param[in] rules Array of PermissionPolicy::Rule objects
- * @param[in] ruleCount Number of elements in rules array
+ * @param[in] rulesCount Number of elements in rules array
*
* @return
* - #ER_OK if successful
@@ -1221,7 +1221,7 @@ class _Manifest {
* - #ER_OK if serialization was successful
* - other error code indicating failure
*/
- QStatus Serialize(std::vector<uint8_t>& seralizedForm) const;
+ QStatus Serialize(std::vector<uint8_t>& serializedForm) const;
/**
* Deserialize a manifest from a vector of bytes.
diff --git a/alljoyn_core/inc/alljoyn/ProxyBusObject.h b/alljoyn_core/inc/alljoyn/ProxyBusObject.h
index 38cafc1..aee000a 100644
--- a/alljoyn_core/inc/alljoyn/ProxyBusObject.h
+++ b/alljoyn_core/inc/alljoyn/ProxyBusObject.h
@@ -636,8 +636,6 @@ class ProxyBusObject : public MessageReceiver {
* @param property The name of the property to set
* @param u The uint32 value to set
* @param timeout Timeout specified in milliseconds to wait for a reply
- * @param[out] errorName Error name
- * @param[out] errorDescription Error description
*
* @return
* - #ER_OK if the property was set
@@ -658,8 +656,6 @@ class ProxyBusObject : public MessageReceiver {
* @param property The name of the property to set
* @param i The int32 value to set
* @param timeout Timeout specified in milliseconds to wait for a reply
- * @param[out] errorName Error name
- * @param[out] errorDescription Error description
*
* @return
* - #ER_OK if the property was set
@@ -680,8 +676,6 @@ class ProxyBusObject : public MessageReceiver {
* @param property The name of the property to set
* @param s The string value to set
* @param timeout Timeout specified in milliseconds to wait for a reply
- * @param[out] errorName Error name
- * @param[out] errorDescription Error description
*
* @return
* - #ER_OK if the property was set
@@ -702,8 +696,6 @@ class ProxyBusObject : public MessageReceiver {
* @param property The name of the property to set
* @param s The string value to set
* @param timeout Timeout specified in milliseconds to wait for a reply
- * @param[out] errorName Error name
- * @param[out] errorDescription Error description
*
* @return
* - #ER_OK if the property was set
@@ -1025,7 +1017,6 @@ class ProxyBusObject : public MessageReceiver {
* @param replyFunc The function that is called to deliver the reply
* @param args The arguments for the method call (can be NULL)
* @param numArgs The number of arguments
- * @param receiver The object to be called when the asych method call completes.
* @param context User-defined context that will be returned to the reply handler
* @param timeout Timeout specified in milliseconds to wait for a reply
* @param flags Logical OR of the message flags for this method call. The following flags apply to method calls:
diff --git a/alljoyn_core/inc/alljoyn/SecurityApplicationProxy.h b/alljoyn_core/inc/alljoyn/SecurityApplicationProxy.h
index f847bde..d5b4313 100644
--- a/alljoyn_core/inc/alljoyn/SecurityApplicationProxy.h
+++ b/alljoyn_core/inc/alljoyn/SecurityApplicationProxy.h
@@ -128,6 +128,19 @@ class SecurityApplicationProxy : public ProxyBusObject {
* certs follow. This chain is installed by the manufacturer at production time.
* If no manufacturer certificate is available then this is an empty array.
*
+ * @param[out] certificateVector The manufacturer certificate chain.
+ *
+ * @return
+ * - #ER_OK if successful
+ * - an error status indicating failure
+ */
+ QStatus GetManufacturerCertificate(std::vector<qcc::CertificateX509>& certificateVector);
+
+ /**
+ * The manufacturer certificate chain. The leaf cert is listed first. The signing
+ * certs follow. This chain is installed by the manufacturer at production time.
+ * If no manufacturer certificate is available then this is an empty array.
+ *
* @param[out] certificate The manufacturer certificate chain.
*
* @return
@@ -362,7 +375,7 @@ class SecurityApplicationProxy : public ProxyBusObject {
* - an error status indicating failure
*/
QStatus UpdateIdentity(const qcc::CertificateX509* identityCertificateChain, size_t identityCertificateChainCount,
- const Manifest* manifest, size_t manifestCount);
+ const Manifest* manifests, size_t manifestCount);
/**
* This method allows an admin to update the application's identity certificate
@@ -438,7 +451,7 @@ class SecurityApplicationProxy : public ProxyBusObject {
*
* @see ProxyBusObject.SecureConnection(bool)
*
- * @param[in] policy The new policy in XML format. For the policy XSD refer to
+ * @param[in] policyXml The new policy in XML format. For the policy XSD refer to
* alljoyn_core/docs/policy.xsd.
*
* @return
@@ -475,7 +488,7 @@ class SecurityApplicationProxy : public ProxyBusObject {
* @param[in] certificateChain The membership certificate chain. It can be a
* single certificate if it is issued by the security
* group authority.
- * @param[in] certificateChainCount The number of certificates in the certificate chain.
+ * @param[in] certificateChainSize The number of certificates in the certificate chain.
*
* @return
* - #ER_OK if successful
@@ -528,9 +541,20 @@ class SecurityApplicationProxy : public ProxyBusObject {
QStatus GetManagedApplicationVersion(uint16_t& version);
/**
- * Get the identify certificate chain.
+ * Get the identity certificate chain.
+ *
+ * @param[out] certificateVector identity certificate chain.
+ *
+ * @return
+ * - #ER_OK if successful
+ * - an error status indicating failure
+ */
+ QStatus GetIdentity(std::vector<qcc::CertificateX509>& certificateVector);
+
+ /**
+ * Get the identity certificate chain.
*
- * @param[out] identityCertificate the identify certificate chain.
+ * @param[out] identityCertificate the identity certificate chain.
*
* @return
* - #ER_OK if successful
@@ -541,7 +565,7 @@ class SecurityApplicationProxy : public ProxyBusObject {
/**
* Get the manifests
*
- * @param[out] manifests the manifest
+ * @param[out] manifest the manifest
*
* @return
* - #ER_OK if successful
@@ -595,6 +619,21 @@ class SecurityApplicationProxy : public ProxyBusObject {
QStatus GetDefaultPolicy(PermissionPolicy& defaultPolicy);
/**
+ * Get the list of serial numbers and issuers of the currently installed membership
+ * certificates. If the issuer's public key is not available in the case
+ * where the membership is a single cert, the issuer public key field is
+ * empty.
+ *
+ * @param[out] serialsVector The container for membership serial numbers
+ * @param[out] keyInfosVector The container for membership KeyInfo
+ *
+ * @return
+ * - #ER_OK if successful
+ * - an error status indicating failure
+ */
+ QStatus GetMembershipSummaries(std::vector<qcc::String>& serialsVector, std::vector<qcc::KeyInfoNISTP256>& keyInfosVector);
+
+ /**
* The list of serial numbers and issuers of the currently installed membership
* certificates. If the issuer's public key is not available in the case
* where the membership is a single cert, the issuer public key field is
@@ -609,6 +648,19 @@ class SecurityApplicationProxy : public ProxyBusObject {
QStatus GetMembershipSummaries(MsgArg& membershipSummaries);
/**
+ * Retrieve the installed membership certificate chains from the remote peer
+ *
+ * @param[out] certificateChainsVector A 2D container for the membership certificate chains.
+ * The first dimension represents certificate chains; the second dimension represents
+ * certificates in that chain.
+ *
+ * @return
+ * - #ER_OK if successful
+ * - an error status indicating failure
+ */
+ QStatus GetMembershipCertificates(std::vector<std::vector<qcc::CertificateX509> >& certificateVector);
+
+ /**
* This method notifies the application about the fact that the Security Manager
* will start to make changes to the application's security settings.
*
diff --git a/alljoyn_core/router/DaemonSLAPTransport.cc b/alljoyn_core/router/DaemonSLAPTransport.cc
index dd9556d..2159dd3 100644
--- a/alljoyn_core/router/DaemonSLAPTransport.cc
+++ b/alljoyn_core/router/DaemonSLAPTransport.cc
@@ -83,8 +83,8 @@ class _DaemonSLAPEndpoint : public _RemoteEndpoint {
AUTH_DONE, /**< The auth thread has been successfully shut down and joined */
};
- _DaemonSLAPEndpoint(DaemonSLAPTransport* transport, BusAttachment& bus, bool incoming, const qcc::String connectSpec, UARTFd fd, uint32_t packetSize, uint32_t baudrate) :
- _RemoteEndpoint(bus, incoming, connectSpec, &m_stream, DaemonSLAPTransport::TransportName),
+ _DaemonSLAPEndpoint(DaemonSLAPTransport* transport, BusAttachment& bus, bool incoming, UARTFd fd, uint32_t packetSize, uint32_t baudrate) :
+ _RemoteEndpoint(bus, incoming, &m_stream, DaemonSLAPTransport::TransportName),
m_transport(transport), m_authThread(this), m_fd(fd), m_authState(AUTH_INITIALIZED), m_epState(EP_INITIALIZED),
m_timer("SLAPEp", true, 1, false, 10),
m_rawStream(fd),
@@ -788,7 +788,7 @@ void* DaemonSLAPTransport::Run(void* arg)
uint32_t packetSize = SLAP_DEFAULT_PACKET_SIZE;
uint32_t baudrate = StringToU32(listenListIt->args["baud"]);
QCC_DbgPrintf(("DaemonSLAPTransport::Run(): Creating endpoint for %s", listenListIt->args["dev"].c_str()));
- DaemonSLAPEndpoint conn(ptr, m_bus, truthiness, "slap", listenListIt->listenFd, packetSize, baudrate);
+ DaemonSLAPEndpoint conn(ptr, m_bus, truthiness, listenListIt->listenFd, packetSize, baudrate);
QCC_DbgPrintf(("DaemonSLAPTransport::Run(): Authenticating endpoint for %s", listenListIt->args["dev"].c_str()));
status = conn->Authenticate();
diff --git a/alljoyn_core/router/SConscript b/alljoyn_core/router/SConscript
index 851dae0..c149fe0 100644
--- a/alljoyn_core/router/SConscript
+++ b/alljoyn_core/router/SConscript
@@ -24,7 +24,6 @@
# PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
# TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
-#
from os.path import basename
@@ -39,9 +38,9 @@ vars.Update(router_env)
Help(vars.GenerateHelpText(router_env))
-if router_env['OS'] == "darwin":
+if router_env['OS_SUBGROUP'] == "darwin":
# Darwin has its own version of the daemon transport
- srcs = [ f for f in router_env.Glob('*.cc') + router_env.Glob('*.c') + [router_env['OS'] + '/DaemonTransport' + router_env['OS'].capitalize() + '.cc'] ]
+ srcs = [ f for f in router_env.Glob('*.cc') + router_env.Glob('*.c') + [router_env['OS_SUBGROUP'] + '/DaemonTransport' + router_env['OS_SUBGROUP'].capitalize() + '.cc'] ]
else:
srcs = [ f for f in router_env.Glob('*.cc') + router_env.Glob('*.c') + [router_env['OS_GROUP'] + '/DaemonTransport' + router_env['OS_GROUP'].capitalize() + '.cc']]
@@ -82,15 +81,15 @@ lib = router_env.StaticLibrary('ajrouter', brobj + router_objs);
# AllJoyn Daemon test programs
if router_env['OS'] == 'darwin':
- if router_env['CPU'] in ['arm', 'armv7', 'armv7s', 'arm64',]:
- print 'Not building unit tests for iOS...'
+ if router_env['CPU'] in ['arm', 'armv7', 'armv7s', 'arm64'] or router_env['OS'] == 'iOS':
+ print 'Not building unit tests for iOS...'
tests = []
else:
print 'Building unit tests for darwin...'
tests = router_env.SConscript('test/SConscript', exports = ['router_env', 'router_objs', 'srobj'])
else:
tests = router_env.SConscript('test/SConscript', exports = ['router_env', 'router_objs', 'srobj'])
-
+
# Return daemon and related tests
ret = progs + tests, lib, srobj, router_objs
Return('ret')
diff --git a/alljoyn_core/router/TCPTransport.cc b/alljoyn_core/router/TCPTransport.cc
index ea8713c..6f053ea 100644
--- a/alljoyn_core/router/TCPTransport.cc
+++ b/alljoyn_core/router/TCPTransport.cc
@@ -479,11 +479,10 @@ class _TCPEndpoint : public _RemoteEndpoint {
_TCPEndpoint(TCPTransport* transport,
BusAttachment& bus,
bool incoming,
- const qcc::String connectSpec,
qcc::SocketFd sock,
const qcc::IPAddress& ipAddr,
uint16_t port) :
- _RemoteEndpoint(bus, incoming, connectSpec, &m_stream, "tcp"),
+ _RemoteEndpoint(bus, incoming, &m_stream, "tcp"),
m_transport(transport),
m_sideState(SIDE_INITIALIZED),
m_authState(AUTH_INITIALIZED),
@@ -497,10 +496,10 @@ class _TCPEndpoint : public _RemoteEndpoint {
_TCPEndpoint(TCPTransport* transport,
BusAttachment& bus,
bool incoming,
- const qcc::String connectSpec, const AddressFamily family, const SocketType type,
+ const AddressFamily family, const SocketType type,
const qcc::IPAddress& ipAddr,
uint16_t port) :
- _RemoteEndpoint(bus, incoming, connectSpec, &m_stream, "tcp"),
+ _RemoteEndpoint(bus, incoming, &m_stream, "tcp"),
m_transport(transport),
m_sideState(SIDE_INITIALIZED),
m_authState(AUTH_INITIALIZED),
@@ -1867,7 +1866,7 @@ void* TCPTransport::Run(void* arg)
if ((m_authList.size() < maxAuth) && (m_authList.size() + m_endpointList.size() < maxConn)) {
static const bool truthiness = true;
TCPTransport* ptr = this;
- TCPEndpoint conn(ptr, m_bus, truthiness, TCPTransport::TransportName, newSock, remoteAddr, remotePort);
+ TCPEndpoint conn(ptr, m_bus, truthiness, newSock, remoteAddr, remotePort);
conn->SetPassive();
Timespec<MonotonicTime> tNow;
GetTimeNow(&tNow);
@@ -3125,7 +3124,7 @@ QStatus TCPTransport::Connect(const char* connectSpec, const SessionOpts& opts,
AddressFamily family = QCC_AF_INET;
SocketType type = QCC_SOCK_STREAM;
- TCPEndpoint tcpEp = TCPEndpoint(ptr, m_bus, falsiness, normSpec, family, type, ipAddr, port);
+ TCPEndpoint tcpEp = TCPEndpoint(ptr, m_bus, falsiness, family, type, ipAddr, port);
/*
* Before starting the underlying transport mechanism, we need to create
* a TCPEndpoint object that will orchestrate the movement of data
diff --git a/alljoyn_core/router/UDPTransport.cc b/alljoyn_core/router/UDPTransport.cc
index 9790bf1..1064271 100644
--- a/alljoyn_core/router/UDPTransport.cc
+++ b/alljoyn_core/router/UDPTransport.cc
@@ -722,7 +722,7 @@ class _UDPEndpoint : public _RemoteEndpoint {
enum EndpointState {
EP_ILLEGAL = 0,
EP_INITIALIZED, /**< The endpoint structure has been allocated but not used */
- EP_ACTIVE_STARTED, /**< The endpoint has begun the process of coming up, due to a passive connection request */
+ EP_ACTIVE_STARTED, /**< The endpoint has begun the process of coming up, due to a active connection request */
EP_PASSIVE_STARTED, /**< The endpoint has begun the process of coming up, due to a passive connection request */
EP_STARTED, /**< The endpoint is ready for use, registered with daemon, maybe threads wandering thorugh */
EP_STOPPING, /**< The endpoint is stopping but join has not been called */
@@ -798,9 +798,8 @@ class _UDPEndpoint : public _RemoteEndpoint {
*/
_UDPEndpoint(UDPTransport* transport,
BusAttachment& bus,
- bool incoming,
- const qcc::String connectSpec) :
- _RemoteEndpoint(bus, incoming, connectSpec, NULL, transport->GetTransportName(), false, true),
+ bool incoming) :
+ _RemoteEndpoint(bus, incoming, NULL, transport->GetTransportName(), false, true),
m_transport(transport),
m_stream(NULL),
m_handle(NULL),
@@ -823,8 +822,7 @@ class _UDPEndpoint : public _RemoteEndpoint {
m_stateLock(LOCK_LEVEL_UDPTRANSPORT_UDPENDPOINT_STATELOCK),
m_wait(true)
{
- QCC_DbgHLPrintf(("_UDPEndpoint::_UDPEndpoint(transport=%p, bus=%p, incoming=%d., connectSpec=\"%s\")",
- transport, &bus, incoming, connectSpec.c_str()));
+ QCC_DbgHLPrintf(("_UDPEndpoint::_UDPEndpoint(transport=%p, bus=%p, incoming=%d.)", transport, &bus, incoming));
}
/**
@@ -7045,8 +7043,7 @@ bool UDPTransport::AcceptCb(ArdpHandle* ardpHandle, qcc::IPAddress ipAddr, uint1
*/
static const bool truthiness = true;
UDPTransport* ptr = this;
- String normSpec = "udp:guid=" + remoteGUID + ",addr=" + ipAddr.ToString() + ",port=" + U32ToString(ipPort);
- UDPEndpoint udpEp(ptr, m_bus, truthiness, normSpec);
+ UDPEndpoint udpEp(ptr, m_bus, truthiness);
/*
* Some of this would "normally" be handled by EndpointAuth, but since we
@@ -7864,8 +7861,7 @@ void UDPTransport::DoConnectCb(ArdpHandle* ardpHandle, ArdpConnRecord* conn, uin
static const bool truthiness = true;
UDPTransport* ptr = this;
- String normSpec = "udp:guid=" + remoteGUID + ",addr=" + endpoint.addr.ToString() + ",port=" + U32ToString(endpoint.port);
- UDPEndpoint udpEp(ptr, m_bus, truthiness, normSpec);
+ UDPEndpoint udpEp(ptr, m_bus, truthiness);
/*
* Make a note of when we started this process in case something
diff --git a/alljoyn_core/router/ns/IpNameServiceImpl.cc b/alljoyn_core/router/ns/IpNameServiceImpl.cc
index 7375e7c..cf5a507 100644
--- a/alljoyn_core/router/ns/IpNameServiceImpl.cc
+++ b/alljoyn_core/router/ns/IpNameServiceImpl.cc
@@ -316,41 +316,6 @@ volatile int32_t INCREMENTAL_PACKET_ID;
const char* IpNameServiceImpl::INTERFACES_WILDCARD = "*";
//
-// Define WORKAROUND_2_3_BUG to send name service messages over the old site
-// administered addresses to work around a forward compatibility bug introduced
-// in version 2.3 daemons. They neglect to join the new IANA assigned multicast
-// groups and so cannot receive advertisements on those groups. In order to
-// workaround this problem, we send version zero name service messages over the
-// old groups. The old versions can send new IANA multicast group messages so
-// we can receive advertisements from them. They just can't hear our new
-// messages
-//
-#define WORKAROUND_2_3_BUG 0
-#if WORKAROUND_2_3_BUG
-
-//
-// This is just a random IPv4 multicast group chosen out of the defined site
-// administered block of addresses. This was a temporary choice while an IANA
-// reservation was in process, and remains for backward compatibility.
-//
-const char* IpNameServiceImpl::IPV4_MULTICAST_GROUP = "239.255.37.41";
-
-//
-// This is an IPv6 version of the temporary IPv4 multicast address described
-// above. IPv6 multicast groups are composed of a prefix containing 0xff and
-// then flags (4 bits) followed by the IPv6 Scope (4 bits) and finally the IPv4
-// group, as in "ff03::239.255.37.41". The Scope corresponding to the IPv4
-// Local Scope group is defined to be "3" by RFC 2365. Unfortunately, the
-// qcc::IPAddress code can't deal with "ff03::239.255.37.41" so we have to
-// translate it.
-//
-const char* IpNameServiceImpl::IPV6_MULTICAST_GROUP = "ff03::efff:2529";
-
-#endif
-
-
-#if 1
-//
// This is the IANA assigned IPv4 multicast group for AllJoyn. This is
// a Local Network Control Block address.
//
@@ -359,7 +324,6 @@ const char* IpNameServiceImpl::IPV6_MULTICAST_GROUP = "ff03::efff:2529";
const char* IpNameServiceImpl::IPV4_ALLJOYN_MULTICAST_GROUP = "224.0.0.113";
const char* IpNameServiceImpl::IPV4_MDNS_MULTICAST_GROUP = "224.0.0.251";
-#endif
//
// This is the IANA assigned UDP port for the AllJoyn Name Service. See
@@ -400,7 +364,6 @@ IpNameServiceImpl::IpNameServiceImpl()
m_loopback(false), m_broadcast(false), m_enableIPv4(false), m_enableIPv6(false), m_enableV1(false),
m_wakeEvent(), m_forceLazyUpdate(false), m_refreshAdvertisements(false),
m_enabled(false), m_doEnable(false), m_doDisable(false),
- m_ipv6QuietSockFd(qcc::INVALID_SOCKET_FD),
m_ipv4UnicastSockFd(qcc::INVALID_SOCKET_FD), m_ipv6UnicastSockFd(qcc::INVALID_SOCKET_FD),
m_unicastEvent(NULL), m_unicast6Event(NULL),
m_protectListeners(false), m_packetScheduler(*this),
@@ -549,15 +512,6 @@ IpNameServiceImpl::~IpNameServiceImpl()
}
//
- // If we opened a socket to send quiet responses (unicast, not over the
- // multicast channel) we need to close it.
- //
- if (m_ipv6QuietSockFd != qcc::INVALID_SOCKET_FD) {
- qcc::Close(m_ipv6QuietSockFd);
- m_ipv6QuietSockFd = qcc::INVALID_SOCKET_FD;
- }
-
- //
// m_unicastEvent must be deleted before closing m_ipv4UnicastSockFd,
// because m_unicastEvent's destructor code path is using
// m_ipv4UnicastSockFd. Same for IPv6 event and socket.
@@ -3628,28 +3582,12 @@ void IpNameServiceImpl::SendProtocolMessage(
// as of now.
//
if (packet->DestinationSet()) {
- QStatus status = ER_OK;
qcc::IPEndpoint destination = packet->GetDestination();
- qcc::AddressFamily family = destination.addr.IsIPv4() ? qcc::QCC_AF_INET : qcc::QCC_AF_INET6;
- if (family == qcc::QCC_AF_INET6 && m_ipv6QuietSockFd == qcc::INVALID_SOCKET_FD) {
- status = qcc::Socket(family, qcc::QCC_SOCK_DGRAM, m_ipv6QuietSockFd);
- }
+ QCC_DbgHLPrintf(("IpNameServiceImpl::SendProtocolMessage(): Sending quietly to \"%s\" over \"%s\"", destination.ToString().c_str(), m_liveInterfaces[interfaceIndex].m_interfaceName.c_str()));
- if (status != ER_OK) {
- QCC_LogError(status, ("IpNameServiceImpl::SendProtocolMessage(): Socket() failed: %d - %s", qcc::GetLastError(), qcc::GetLastErrorString().c_str()));
- }
-
- if (status == ER_OK) {
- QCC_DbgHLPrintf(("IpNameServiceImpl::SendProtocolMessage(): Sending quietly to \"%s\" over \"%s\"", destination.ToString().c_str(), m_liveInterfaces[interfaceIndex].m_interfaceName.c_str()));
-
- if (family == qcc::QCC_AF_INET) {
- status = qcc::SendTo(sockFd, destination.addr, destination.port, buffer, size, sent);
- } else {
- status = qcc::SendTo(m_ipv6QuietSockFd, destination.addr, destination.port, m_liveInterfaces[interfaceIndex].m_index,
- buffer, size, sent);
- }
- }
+ QStatus status = qcc::SendTo(sockFd, destination.addr, destination.port,
+ (destination.addr.IsIPv6() ? m_liveInterfaces[interfaceIndex].m_index : 0), buffer, size, sent);
if (status != ER_OK) {
QCC_LogError(status, ("IpNameServiceImpl::SendProtocolMessage(): Error quietly sending to \"%s\"", destination.ToString().c_str()));
@@ -3673,22 +3611,9 @@ void IpNameServiceImpl::SendProtocolMessage(
// the packet out on our IPv4 multicast groups (IANA registered and
// legacy).
//
-#if 1
- if (flags & qcc::IfConfigEntry::MULTICAST ||
- flags & qcc::IfConfigEntry::LOOPBACK) {
-#if WORKAROUND_2_3_BUG
+ if ((flags& qcc::IfConfigEntry::MULTICAST) || (flags & qcc::IfConfigEntry::LOOPBACK)) {
- if ((msgVersion == 0) && m_enableV1) {
- qcc::IPAddress ipv4SiteAdminMulticast(IPV4_MULTICAST_GROUP);
- QCC_DbgHLPrintf(("IpNameServiceImpl::SendProtocolMessage(): Sending actively to \"%s\" over \"%s\"",
- ipv4SiteAdminMulticast.ToString().c_str(), m_liveInterfaces[interfaceIndex].m_interfaceName.c_str()));
- QStatus status = qcc::SendTo(sockFd, ipv4SiteAdminMulticast, MULTICAST_PORT, buffer, size, sent);
- if (status != ER_OK) {
- QCC_LogError(status, ("IpNameServiceImpl::SendProtocolMessage(): Error sending to IPv4 Site Administered multicast group"));
- }
- }
-#endif
if (msgVersion == 2) {
qcc::IPAddress ipv4LocalMulticast(IPV4_MDNS_MULTICAST_GROUP);
QCC_DbgHLPrintf(("IpNameServiceImpl::SendProtocolMessage(): Sending actively to \"%s\" over \"%s\"",
@@ -3721,7 +3646,6 @@ void IpNameServiceImpl::SendProtocolMessage(
}
}
}
-#endif
//
// If the interface is broadcast-capable, We want to send out a subnet
@@ -3735,7 +3659,7 @@ void IpNameServiceImpl::SendProtocolMessage(
// error will have been logged when we did the IfConfig, so
// don't flood out any more, just silently ignore the problem.
//
- if (m_broadcast && interfaceAddressPrefixLen != static_cast<uint32_t>(-1)) {
+ if (m_broadcast && (interfaceAddressPrefixLen != static_cast<uint32_t>(-1))) {
QCC_ASSERT(m_enableV1 != false);
//
@@ -3781,34 +3705,24 @@ void IpNameServiceImpl::SendProtocolMessage(
QCC_DbgPrintf(("IpNameServiceImpl::SendProtocolMessage(): Interface does not support broadcast"));
}
} else {
- if (flags & qcc::IfConfigEntry::MULTICAST ||
- flags & qcc::IfConfigEntry::LOOPBACK) {
-
-#if WORKAROUND_2_3_BUG
+ if ((flags& qcc::IfConfigEntry::MULTICAST) || (flags & qcc::IfConfigEntry::LOOPBACK)) {
- if ((msgVersion == 0) && m_enableV1) {
- qcc::IPAddress ipv6SiteAdmin(IPV6_MULTICAST_GROUP);
- QCC_DbgHLPrintf(("IpNameServiceImpl::SendProtocolMessage(): Sending actively to \"%s\" over \"%s\"",
- ipv6SiteAdmin.ToString().c_str(), m_liveInterfaces[interfaceIndex].m_interfaceName.c_str()));
- QStatus status = qcc::SendTo(sockFd, ipv6SiteAdmin, MULTICAST_PORT, buffer, size, sent);
- if (status != ER_OK) {
- QCC_LogError(status, ("IpNameServiceImpl::SendProtocolMessage(): Error sending to IPv6 Site Administered multicast group "));
- }
- }
-
-#endif
QStatus status = ER_OK;
if (msgVersion == 2) {
- qcc::IPAddress ipv6AllJoyn(IPV6_MDNS_MULTICAST_GROUP);
+ qcc::IPAddress ipv6LocalMulticast(IPV6_MDNS_MULTICAST_GROUP);
QCC_DbgHLPrintf(("IpNameServiceImpl::SendProtocolMessage(): Sending actively to \"%s\" over \"%s\"",
- ipv6AllJoyn.ToString().c_str(), m_liveInterfaces[interfaceIndex].m_interfaceName.c_str()));
+ ipv6LocalMulticast.ToString().c_str(), m_liveInterfaces[interfaceIndex].m_interfaceName.c_str()));
/*
- * Ideally we would send the message from the port we are
- * expecting to receive (unicast) replies on. But since we do
- * not receive v6 unicast packets, we will be sending from
- * whatever port sockFd is bound to.
+ * Send the message from the port we are expecting to receive
+ * (unicast) replies on. Explicitly specify the interface we
+ * are sending on, otherwise the OS will pick for us.
*/
- status = qcc::SendTo(sockFd, ipv6AllJoyn, MULTICAST_MDNS_PORT, buffer, size, sent);
+ QStatus status = SetMulticastInterface(m_ipv6UnicastSockFd, qcc::QCC_AF_INET6,
+ m_liveInterfaces[interfaceIndex].m_interfaceName);
+ if (status != ER_OK) {
+ QCC_LogError(status, ("IpNameServiceImpl::SendProtocolMessage(): Error setting multicast interface"));
+ }
+ status = qcc::SendTo(m_ipv6UnicastSockFd, ipv6LocalMulticast, MULTICAST_MDNS_PORT, buffer, size, sent);
} else if (m_enableV1) {
qcc::IPAddress ipv6AllJoyn(IPV6_ALLJOYN_MULTICAST_GROUP);
QCC_DbgHLPrintf(("IpNameServiceImpl::SendProtocolMessage(): Sending actively to \"%s\" over \"%s\"",
diff --git a/alljoyn_core/router/ns/IpNameServiceImpl.h b/alljoyn_core/router/ns/IpNameServiceImpl.h
index 2575179..7eecc8a 100644
--- a/alljoyn_core/router/ns/IpNameServiceImpl.h
+++ b/alljoyn_core/router/ns/IpNameServiceImpl.h
@@ -1582,8 +1582,6 @@ class IpNameServiceImpl : public qcc::Thread {
qcc::Timespec<qcc::MonotonicTime> nextScheduleTime;
} BurstResponseHeader;
- qcc::SocketFd m_ipv6QuietSockFd;
-
qcc::SocketFd m_ipv4UnicastSockFd;
qcc::SocketFd m_ipv6UnicastSockFd;
qcc::Event* m_unicastEvent;
diff --git a/alljoyn_core/router/posix/DaemonTransportPosix.cc b/alljoyn_core/router/posix/DaemonTransportPosix.cc
index 8bc5341..6ec1d49 100644
--- a/alljoyn_core/router/posix/DaemonTransportPosix.cc
+++ b/alljoyn_core/router/posix/DaemonTransportPosix.cc
@@ -73,8 +73,8 @@ class _DaemonEndpoint : public _RemoteEndpoint {
public:
- _DaemonEndpoint(DaemonTransport* transport, BusAttachment& bus, bool incoming, const qcc::String connectSpec, SocketFd sock) :
- _RemoteEndpoint(bus, incoming, connectSpec, &stream, DaemonTransport::TransportName),
+ _DaemonEndpoint(DaemonTransport* transport, BusAttachment& bus, bool incoming, SocketFd sock) :
+ _RemoteEndpoint(bus, incoming, &stream, DaemonTransport::TransportName),
m_transport(transport),
processId(-1),
stream(sock)
@@ -255,7 +255,7 @@ void* DaemonTransport::Run(void* arg)
qcc::String redirection;
static const bool truthiness = true;
DaemonTransport* trans = this;
- DaemonEndpoint conn = DaemonEndpoint(trans, bus, truthiness, DaemonTransport::TransportName, newSock);
+ DaemonEndpoint conn = DaemonEndpoint(trans, bus, truthiness, newSock);
conn->SetUserId(uid);
conn->SetGroupId(gid);
diff --git a/alljoyn_core/router/posix/SConscript b/alljoyn_core/router/posix/SConscript
index 212fa7b..70dd126 100644
--- a/alljoyn_core/router/posix/SConscript
+++ b/alljoyn_core/router/posix/SConscript
@@ -24,21 +24,27 @@
# PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
# TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
-#
Import('router_env', 'router_objs', 'srobj')
# Build the posix daemon and service launcher helper.
-if router_env['OS'] != 'darwin':
+if router_env['OS_SUBGROUP'] != 'darwin':
daemon_env = router_env.Clone()
if daemon_env['OS'] != 'android':
daemon_env.Append(LIBS = 'cap')
+ #Add hardening flags for linux release build for details please refer to
+ #https://wiki.debian.org/Hardening
+ #The goal is to avoid any impact for these flags to our capability of debugging.
+ if daemon_env['OS'] == 'linux' and daemon_env['VARIANT'] == 'release':
+ daemon_env.Append(CXXFLAGS = ['-fstack-protector-all', '-Wstack-protector', '--param', 'ssp-buffer-size=4', '-D_FORTIFY_SOURCE=2', '-O2', '-fPIE'])
+ daemon_env.Append(LINKFLAGS = ['-pie', '-fPIE', '-Wl,-z,relro,-z,now'])
+
daemon = daemon_env.Program('alljoyn-daemon', ['daemon-main.cc'] + srobj + router_objs)
else:
daemon = []
-
+
#
-# On Android, build a static library that can be linked into a JNI dynamic
+# On Android, build a static library that can be linked into a JNI dynamic
# library to implement the daemon as a Service
#
if router_env['OS'] == 'android':
diff --git a/alljoyn_core/router/test/SConscript b/alljoyn_core/router/test/SConscript
index 1e992a2..dca87c7 100644
--- a/alljoyn_core/router/test/SConscript
+++ b/alljoyn_core/router/test/SConscript
@@ -29,14 +29,17 @@ Import('router_env', 'router_objs', 'srobj')
from os.path import basename
# Test Programs
-progs = [
- router_env.Program('advtunnel', ['advtunnel.cc'] + srobj + router_objs),
- router_env.Program('ns', ['ns.cc'] + srobj + router_objs)
- ]
+if router_env['OS'] == 'iOS':
+ progs = []
+else:
+ progs = [
+ router_env.Program('advtunnel', ['advtunnel.cc'] + srobj + router_objs),
+ router_env.Program('ns', ['ns.cc'] + srobj + router_objs)
+ ]
-if router_env['OS'] in ['android', 'linux', 'win7', 'win10']:
- progs.append(router_env.Program('bbdaemon', ['bbdaemon.cc'] + srobj + router_objs))
- progs.append(router_env.Program('ardp', ['ardp.cc'] + srobj + router_objs))
- progs.append(router_env.Program('ardptest', ['ardptest.cc'] + srobj + router_objs))
+ if router_env['OS'] in ['android', 'linux', 'win7', 'win10']:
+ progs.append(router_env.Program('bbdaemon', ['bbdaemon.cc'] + srobj + router_objs))
+ progs.append(router_env.Program('ardp', ['ardp.cc'] + srobj + router_objs))
+ progs.append(router_env.Program('ardptest', ['ardptest.cc'] + srobj + router_objs))
Return('progs')
diff --git a/alljoyn_core/router/test/ardp.cc b/alljoyn_core/router/test/ardp.cc
index c5701c2..cbb09b8 100644
--- a/alljoyn_core/router/test/ardp.cc
+++ b/alljoyn_core/router/test/ardp.cc
@@ -25,8 +25,8 @@
* PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
* TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
- *
******************************************************************************/
+
#include <stdlib.h>
#include <signal.h>
#include <stdio.h>
diff --git a/alljoyn_core/router/test/ardptest.cc b/alljoyn_core/router/test/ardptest.cc
index 5fd25ef..a1c0bfa 100644
--- a/alljoyn_core/router/test/ardptest.cc
+++ b/alljoyn_core/router/test/ardptest.cc
@@ -25,8 +25,8 @@
* PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
* TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
- *
******************************************************************************/
+
#include <stdlib.h>
#include <signal.h>
#include <stdio.h>
diff --git a/alljoyn_core/router/windows/NamedPipeDaemonTransport.cc b/alljoyn_core/router/windows/NamedPipeDaemonTransport.cc
index 571c61a..f30a740 100644
--- a/alljoyn_core/router/windows/NamedPipeDaemonTransport.cc
+++ b/alljoyn_core/router/windows/NamedPipeDaemonTransport.cc
@@ -170,7 +170,7 @@ class _NamedPipeDaemonEndpoint : public _RemoteEndpoint {
};
_NamedPipeDaemonEndpoint::_NamedPipeDaemonEndpoint(_In_ BusAttachment& bus, _In_ HANDLE pipeHandle, _In_ NamedPipeDaemonTransport* transport) :
- _RemoteEndpoint(bus, true, NamedPipeDaemonTransport::NamedPipeTransportName, &m_pipeStream, NamedPipeDaemonTransport::NamedPipeTransportName, false),
+ _RemoteEndpoint(bus, true, &m_pipeStream, NamedPipeDaemonTransport::NamedPipeTransportName, false),
m_transport(transport),
m_pipeStream(pipeHandle),
m_pipeHandle(pipeHandle),
diff --git a/alljoyn_core/samples/basic/basic_service.cc b/alljoyn_core/samples/basic/basic_service.cc
index 170f634..9e92c5b 100644
--- a/alljoyn_core/samples/basic/basic_service.cc
+++ b/alljoyn_core/samples/basic/basic_service.cc
@@ -37,6 +37,7 @@
* TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
******************************************************************************/
+
#include <qcc/platform.h>
#include <signal.h>
diff --git a/alljoyn_core/samples/basic/signal_service.cc b/alljoyn_core/samples/basic/signal_service.cc
index f187cf3..0ca33eb 100644
--- a/alljoyn_core/samples/basic/signal_service.cc
+++ b/alljoyn_core/samples/basic/signal_service.cc
@@ -39,6 +39,7 @@
* TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
******************************************************************************/
+
#include <qcc/platform.h>
#include <signal.h>
diff --git a/alljoyn_core/samples/eventaction/SConscript b/alljoyn_core/samples/eventaction/SConscript
index a41f6a8..8ce7754 100644
--- a/alljoyn_core/samples/eventaction/SConscript
+++ b/alljoyn_core/samples/eventaction/SConscript
@@ -24,7 +24,7 @@
# PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
# TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
-#
+
import os
Import('env')
diff --git a/alljoyn_core/samples/secure/door/secure_door_common.cc b/alljoyn_core/samples/secure/door/secure_door_common.cc
index c805ba5..45c8db1 100644
--- a/alljoyn_core/samples/secure/door/secure_door_common.cc
+++ b/alljoyn_core/samples/secure/door/secure_door_common.cc
@@ -29,8 +29,6 @@
#include "secure_door_common.h"
-#include <alljoyn/PermissionPolicy.h>
-
#if defined(QCC_OS_GROUP_WINDOWS)
#include <Winsock2.h> // gethostname
#endif
@@ -44,6 +42,34 @@ namespace sample {
namespace secure {
namespace door {
+//action "Provide" is only available for "method" and "property" for Provider app
+static AJ_PCSTR s_providerManifestTemplateXml =
+ "<manifest>"
+ "<node>"
+ "<interface = \"" DOOR_INTERFACE "\">"
+ "<method>"
+ "<annotation name = \"org.alljoyn.Bus.Action\" value = \"Provide\"/>"
+ "</method>"
+ "<property>"
+ "<annotation name = \"org.alljoyn.Bus.Action\" value = \"Provide\"/>"
+ "</property>"
+ "</interface>"
+ "</node>"
+ "</manifest>";
+
+//actions "Modify" and "Observe" are available for Consumer app
+static AJ_PCSTR s_consumerManifestTemplateXml =
+ "<manifest>"
+ "<node>"
+ "<interface = \"" DOOR_INTERFACE "\">"
+ "<any>"
+ "<annotation name = \"org.alljoyn.Bus.Action\" value = \"Modify\"/>"
+ "<annotation name = \"org.alljoyn.Bus.Action\" value = \"Observe\"/>"
+ "</any>"
+ "</interface>"
+ "</node>"
+ "</manifest>";
+
void DoorCommonPCL::StartManagement()
{
printf("StartManagement called.\n");
@@ -358,30 +384,8 @@ QStatus DoorCommon::Init(bool provider, PermissionConfigurationListener* inPcl)
}
}
- PermissionPolicy::Rule manifestRule;
- manifestRule.SetInterfaceName(DOOR_INTERFACE);
-
- if (provider) {
- // Set a very flexible default manifest for the door provider
- PermissionPolicy::Rule::Member members[2];
- members[0].SetMemberName("*");
- members[0].SetActionMask(PermissionPolicy::Rule::Member::ACTION_PROVIDE);
- members[0].SetMemberType(PermissionPolicy::Rule::Member::METHOD_CALL);
- members[1].SetMemberName("*");
- members[1].SetActionMask(PermissionPolicy::Rule::Member::ACTION_PROVIDE);
- members[1].SetMemberType(PermissionPolicy::Rule::Member::PROPERTY);
- manifestRule.SetMembers(2, members);
- } else {
- // Set a very flexible default manifest for the door consumer
- PermissionPolicy::Rule::Member member;
- member.SetMemberName("*");
- member.SetActionMask(PermissionPolicy::Rule::Member::ACTION_MODIFY |
- PermissionPolicy::Rule::Member::ACTION_OBSERVE);
- member.SetMemberType(PermissionPolicy::Rule::Member::NOT_SPECIFIED);
- manifestRule.SetMembers(1, &member);
- }
-
- status = ba->GetPermissionConfigurator().SetPermissionManifestTemplate(&manifestRule, 1);
+ AJ_PCSTR manifestTemplateXml = provider ? s_providerManifestTemplateXml : s_consumerManifestTemplateXml;
+ status = ba->GetPermissionConfigurator().SetManifestTemplateFromXml(manifestTemplateXml);
if (ER_OK != status) {
fprintf(stderr, "Failed to SetPermissionManifestTemplate - status (%s)\n", QCC_StatusText(status));
return status;
@@ -422,13 +426,11 @@ QStatus DoorCommon::SetSecurityForClaimedMode()
return ER_OK;
}
-QStatus DoorCommon::UpdateManifest(const PermissionPolicy::Acl& manifest)
+QStatus DoorCommon::UpdateManifestTemplate(AJ_PCSTR manifestTemplateXml)
{
- PermissionPolicy::Rule* rules = const_cast<PermissionPolicy::Rule*> (manifest.GetRules());
-
- QStatus status = ba->GetPermissionConfigurator().SetPermissionManifestTemplate(rules, manifest.GetRulesSize());
+ QStatus status = ba->GetPermissionConfigurator().SetManifestTemplateFromXml(manifestTemplateXml);
if (ER_OK != status) {
- fprintf(stderr, "Failed to SetPermissionManifestTemplate - status (%s)\n", QCC_StatusText(status));
+ fprintf(stderr, "Failed to SetManifestTemplateFromXml - status (%s)\n", QCC_StatusText(status));
return status;
}
diff --git a/alljoyn_core/samples/secure/door/secure_door_common.h b/alljoyn_core/samples/secure/door/secure_door_common.h
index c3b0ec4..4e4bc7a 100644
--- a/alljoyn_core/samples/secure/door/secure_door_common.h
+++ b/alljoyn_core/samples/secure/door/secure_door_common.h
@@ -170,7 +170,7 @@ class DoorCommon {
QStatus AnnounceAbout();
- QStatus UpdateManifest(const PermissionPolicy::Acl& manifest);
+ QStatus UpdateManifestTemplate(AJ_PCSTR manifestTemplateXml);
QStatus SetSecurityForClaimedMode();
diff --git a/alljoyn_core/samples/secure/door/secure_door_provider.cc b/alljoyn_core/samples/secure/door/secure_door_provider.cc
index 0b82b16..3fb4674 100644
--- a/alljoyn_core/samples/secure/door/secure_door_provider.cc
+++ b/alljoyn_core/samples/secure/door/secure_door_provider.cc
@@ -37,29 +37,16 @@ using namespace sample::secure::door;
using namespace ajn;
using namespace std;
-QStatus UpdateDoorProviderManifest(DoorCommon& common)
-{
- PermissionPolicy::Rule* rules = new PermissionPolicy::Rule[1];
- rules[0].SetInterfaceName(DOOR_INTERFACE);
-
- PermissionPolicy::Rule::Member* prms = new PermissionPolicy::Rule::Member[3];
- prms[0].SetMemberName("*");
- prms[0].SetMemberType(PermissionPolicy::Rule::Member::METHOD_CALL);
- prms[0].SetActionMask(PermissionPolicy::Rule::Member::ACTION_PROVIDE);
- prms[1].SetMemberName("*");
- prms[1].SetMemberType(PermissionPolicy::Rule::Member::SIGNAL);
- prms[1].SetActionMask(PermissionPolicy::Rule::Member::ACTION_PROVIDE);
- prms[2].SetMemberName("*");
- prms[2].SetMemberType(PermissionPolicy::Rule::Member::PROPERTY);
- prms[2].SetActionMask(PermissionPolicy::Rule::Member::ACTION_PROVIDE);
-
- rules[0].SetMembers(3, prms);
-
- PermissionPolicy::Acl manifest;
- manifest.SetRules(1, rules);
-
- return common.UpdateManifest(manifest);
-}
+static AJ_PCSTR s_providerManifestTemplateWithSignal =
+ "<manifest>"
+ "<node>"
+ "<interface = \"" DOOR_INTERFACE "\">"
+ "<any>"
+ "<annotation name = \"org.alljoyn.Bus.Action\" value = \"Provide\"/>"
+ "</any>"
+ "</interface>"
+ "</node>"
+ "</manifest>";
int CDECL_CALL main(int argc, char** argv)
{
@@ -144,10 +131,8 @@ int CDECL_CALL main(int argc, char** argv)
switch (cmd) {
case 'u':
printf("Enabling automatic signaling of door events ... ");
- status = UpdateDoorProviderManifest(common);
+ status = common.UpdateManifestTemplate(s_providerManifestTemplateWithSignal);
if (ER_OK != status) {
- fprintf(stderr, "Failed to UpdateDoorProviderManifest - status (%s)\n",
- QCC_StatusText(status));
break;
}
door.autoSignal = true;
diff --git a/alljoyn_core/samples/securitymgr/agent/src/Manifest.cc b/alljoyn_core/samples/securitymgr/agent/src/Manifest.cc
index 2632828..598c144 100644
--- a/alljoyn_core/samples/securitymgr/agent/src/Manifest.cc
+++ b/alljoyn_core/samples/securitymgr/agent/src/Manifest.cc
@@ -191,9 +191,7 @@ QStatus Manifest::SetFromSignedManifest(const ajn::Manifest& signedManifest)
string Manifest::ToString() const
{
- // The implementation for manifest->ToString() is currently in the feature/ASACORE-2710 branch.
- // When it gets into master, this can be corrected.
- return string(); // manifest->ToString();
+ return manifest->ToString();
}
Manifest& Manifest::operator=(const Manifest& rhs)
diff --git a/alljoyn_core/samples/securitymgr/agent/src/SecurityAgentImpl.cc b/alljoyn_core/samples/securitymgr/agent/src/SecurityAgentImpl.cc
index cbd7e97..b202fb9 100644
--- a/alljoyn_core/samples/securitymgr/agent/src/SecurityAgentImpl.cc
+++ b/alljoyn_core/samples/securitymgr/agent/src/SecurityAgentImpl.cc
@@ -68,10 +68,10 @@ class ClaimContextImpl :
public ClaimContext, public DefaultECDHEAuthListener {
public:
ClaimContextImpl(const OnlineApplication& application,
- const Manifest& manifest,
+ const Manifest& manifestTemplate,
const PermissionConfigurator::ClaimCapabilities _capabilities,
const PermissionConfigurator::ClaimCapabilityAdditionalInfo _capInfo) :
- ClaimContext(application, manifest, _capabilities, _capInfo)
+ ClaimContext(application, manifestTemplate, _capabilities, _capInfo)
{
}
@@ -169,7 +169,7 @@ QStatus SecurityAgentImpl::ClaimSelf()
}
signedManifestXmlC = signedManifestXml.c_str();
- // Go into claimable state by setting up a manifest.
+ // Go into claimable state by setting up a manifestTemplate.
status = configurator.SetManifestTemplateFromXml(s_selfClaimManifestTemplateXml);
if (status != ER_OK) {
QCC_LogError(status, ("Failed to set the Manifest"));
@@ -449,9 +449,9 @@ QStatus SecurityAgentImpl::Claim(const OnlineApplication& app, const IdentityInf
}
/*===========================================================
- * Step 1: Select Session type & Accept manifest
+ * Step 1: Select Session type & Accept manifest template
*/
- Manifest manifest;
+ Manifest manifestTemplate;
PermissionConfigurator::ClaimCapabilities claimCapabilities;
PermissionConfigurator::ClaimCapabilityAdditionalInfo claimCapInfo;
{ // Open scope limit the lifetime of the proxy object
@@ -461,7 +461,7 @@ QStatus SecurityAgentImpl::Claim(const OnlineApplication& app, const IdentityInf
QCC_LogError(status, ("Could not connect to the remote application"));
return status;
}
- status = mngdProxy.GetManifestTemplate(manifest);
+ status = mngdProxy.GetManifestTemplate(manifestTemplate);
if (ER_OK != status) {
QCC_LogError(status, ("Could not retrieve manifest template"));
return status;
@@ -473,7 +473,7 @@ QStatus SecurityAgentImpl::Claim(const OnlineApplication& app, const IdentityInf
return status;
}
}
- ClaimContextImpl ctx(_app, manifest, claimCapabilities, claimCapInfo);
+ ClaimContextImpl ctx(_app, manifestTemplate, claimCapabilities, claimCapInfo);
status = claimListener->ApproveManifestAndSelectSessionType(ctx);
if (ER_OK != status) {
@@ -505,7 +505,7 @@ QStatus SecurityAgentImpl::Claim(const OnlineApplication& app, const IdentityInf
GroupInfo adminGroup;
ajn::Manifest signedManifest;
- status = caStorage->StartApplicationClaiming(_app, identityInfo, manifest, adminGroup, idCertificate, signedManifest);
+ status = caStorage->StartApplicationClaiming(_app, identityInfo, manifestTemplate, adminGroup, idCertificate, signedManifest);
if (status != ER_OK) {
return status;
}
diff --git a/alljoyn_core/samples/securitymgr/agent/unit_test/ResetTests.cc b/alljoyn_core/samples/securitymgr/agent/unit_test/ResetTests.cc
index 611df31..7268227 100644
--- a/alljoyn_core/samples/securitymgr/agent/unit_test/ResetTests.cc
+++ b/alljoyn_core/samples/securitymgr/agent/unit_test/ResetTests.cc
@@ -173,11 +173,20 @@ TEST_F(ResetTests, RecoveryFromResetSuccess) {
// reset the application
ASSERT_EQ(ER_OK, storage->ResetApplication(app));
ASSERT_TRUE(WaitForState(app, PermissionConfigurator::CLAIMABLE, SYNC_WILL_RESET));
- ASSERT_NE(ER_END_OF_DATA, storage->GetManagedApplication(app));
+ ASSERT_EQ(ER_OK, storage->GetManagedApplication(app));
- // stop the test app
+ // stop agent to make sure update is completed
+ RemoveSecAgent();
+
+ // stop the test application
ASSERT_EQ(ER_OK, testApp.Stop());
+ // make sure storage will succeed on UpdatesCompleted
+ wrappedCA->failOnUpdatesCompleted = false;
+
+ // restart agent
+ InitSecAgent();
+
// restore connectivity to storage
wrappedCA->failOnUpdatesCompleted = false;
diff --git a/alljoyn_core/samples/securitymgr/agent/unit_test/SConscript b/alljoyn_core/samples/securitymgr/agent/unit_test/SConscript
index d00f577..e3dda31 100644
--- a/alljoyn_core/samples/securitymgr/agent/unit_test/SConscript
+++ b/alljoyn_core/samples/securitymgr/agent/unit_test/SConscript
@@ -32,7 +32,7 @@ Import('env')
if not env.has_key('GTEST_DIR'):
print('GTEST_DIR not specified skipping secmgr unit test build')
-elif env['OS'] == 'darwin' and env['CPU'] in ['arm', 'armv7', 'armv7s', 'arm64',]:
+elif (env['OS'] == 'darwin' and env['CPU'] in ['arm', 'armv7', 'armv7s', 'arm64']) or env['OS'] == 'iOS':
# do not even try Google test if darwin and arm
print 'GTEST_DIR ignored when building for OS=darwin CPU=arm, skipping secmgr unit test build'
diff --git a/alljoyn_core/samples/securitymgr/agent/unit_test/TestApplication.cc b/alljoyn_core/samples/securitymgr/agent/unit_test/TestApplication.cc
index 97f6be0..f5dea72 100644
--- a/alljoyn_core/samples/securitymgr/agent/unit_test/TestApplication.cc
+++ b/alljoyn_core/samples/securitymgr/agent/unit_test/TestApplication.cc
@@ -60,6 +60,7 @@ TestApplication::TestApplication(string _appName) :
manifestRules[1].SetMembers(1, mprms);
busAttachment = shared_ptr<BusAttachment>(new BusAttachment(appName.c_str(), true));
+ busAttachment->DeleteDefaultKeyStore(appName.c_str());
}
const string TestApplication::GetBusName() const
@@ -183,5 +184,7 @@ TestApplication::~TestApplication()
{
Reset();
Stop();
+ delete[] manifestRules;
+ manifestRules = nullptr;
}
} // namespace
diff --git a/alljoyn_core/samples/securitymgr/agent/unit_test/TestUtil.cc b/alljoyn_core/samples/securitymgr/agent/unit_test/TestUtil.cc
index c373af1..88ccabf 100644
--- a/alljoyn_core/samples/securitymgr/agent/unit_test/TestUtil.cc
+++ b/alljoyn_core/samples/securitymgr/agent/unit_test/TestUtil.cc
@@ -29,6 +29,7 @@
#include "TestUtil.h"
#include <stdlib.h>
+#include <errno.h>
#include <qcc/Thread.h>
#include <qcc/Util.h>
@@ -134,15 +135,19 @@ void BasicTest::SetUp()
if (storage_path.empty()) {
GetDefaultStorageFilePath(storage_path);
- assert(!storage_path.empty());
+ QCC_ASSERT(!storage_path.empty());
Environ::GetAppEnviron()->Add(STORAGE_FILEPATH_KEY, storage_path.c_str());
}
- remove(storage_path.c_str());
+ int status = remove(storage_path.c_str());
+ if ((status != 0) && (errno != ENOENT)) {
+ printf("Removing storage %s failed: %s\n", storage_path.c_str(), strerror(errno));
+ }
StorageFactory& storageFac = StorageFactory::GetInstance();
ba = new BusAttachment("testsecmgr", true);
+ ba->DeleteDefaultKeyStore("testsecmgr");
ASSERT_TRUE(ba != nullptr);
ASSERT_EQ(ER_OK, ba->Start());
ASSERT_EQ(ER_OK, ba->Connect());
@@ -211,6 +216,7 @@ QStatus BasicTest::CreateProxyObjectManager()
{
if (nullptr == proxyObjectManager) {
ownBus = new BusAttachment("ownsecmgrtest");
+ ownBus->DeleteDefaultKeyStore("ownsecmgrtest");
QStatus status = ownBus->Start();
if (ER_OK != status) {
cerr << "Failure in " << __FILE__ << "@" << __LINE__ << endl;
@@ -351,7 +357,7 @@ bool BasicTest::WaitForState(const OnlineApplication& appInfoNeeded, PermissionC
printf("timeout- failing test - %i\n", status);
break;
}
- assert(tal->events.size()); // assume TimedWait returns != ER_OK in case of timeout
+ QCC_ASSERT(tal->events.size()); // assume TimedWait returns != ER_OK in case of timeout
}
} while (true);
printf("WaitForState failed.\n");
@@ -380,7 +386,7 @@ bool BasicTest::WaitForEvents(size_t numOfEvents)
printf("timeout- failing test - %i\n", status);
break;
}
- assert(tal->events.size()); // assume TimedWait returns != ER_OK in case of timeout
+ QCC_ASSERT(tal->events.size()); // assume TimedWait returns != ER_OK in case of timeout
}
} while (true);
lock.Unlock();
@@ -913,4 +919,4 @@ QStatus BasicTest::GetPublicKey(const TestApplication& app, OnlineApplication& a
appInfo.keyInfo.SetPublicKey(&key);
return status;
}
-} \ No newline at end of file
+}
diff --git a/alljoyn_core/samples/windows/Service/Service.cpp b/alljoyn_core/samples/windows/Service/Service.cpp
index 32e6bbb..2d7c281 100644
--- a/alljoyn_core/samples/windows/Service/Service.cpp
+++ b/alljoyn_core/samples/windows/Service/Service.cpp
@@ -37,6 +37,7 @@
* TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
******************************************************************************/
+
#include <qcc/platform.h>
#include <signal.h>
diff --git a/alljoyn_core/src/AllJoynStd.cc b/alljoyn_core/src/AllJoynStd.cc
index 69a8f76..ae9aa76 100644
--- a/alljoyn_core/src/AllJoynStd.cc
+++ b/alljoyn_core/src/AllJoynStd.cc
@@ -347,6 +347,8 @@ QStatus org::alljoyn::CreateInterfaces(BusAttachment& bus)
ifc->AddMethod("RemoveMembership", "(ayay(yyayay))", "", "certificateId");
ifc->AddProperty("MembershipSummaries", "a(ayay(yyayay))", PROP_ACCESS_READ);
ifc->AddPropertyAnnotation("MembershipSummaries", org::freedesktop::DBus::AnnotateEmitsChanged, "false");
+ ifc->AddProperty("MembershipCertificates", "aa(yay)", PROP_ACCESS_READ);
+ ifc->AddPropertyAnnotation("MembershipCertificates", org::freedesktop::DBus::AnnotateEmitsChanged, "false");
ifc->AddMethod("StartManagement", "", "", "");
ifc->AddMethod("EndManagement", "", "", "");
ifc->AddMethod("InstallManifests", "a(ua(ssa(syy))saysay)", "", "manifests");
diff --git a/alljoyn_core/src/BusObject.cc b/alljoyn_core/src/BusObject.cc
index ee540e5..f98e02a 100644
--- a/alljoyn_core/src/BusObject.cc
+++ b/alljoyn_core/src/BusObject.cc
@@ -899,6 +899,10 @@ QStatus BusObject::SignalInternal(const char* destination,
std::vector<std::pair<SessionId, const char*> > emissionParams;
if (sessionId == SESSION_ID_ALL_HOSTED) {
+ if (outMsg != NULL) {
+ QCC_LogError(ER_BAD_ARG_8, ("outMsg should be NULL when using SESSION_ID_ALL_HOSTED"));
+ return ER_BAD_ARG_8;
+ }
sessions = bus->GetInternal().GetHostedSessions();
std::vector<BusAttachment::Internal::Session>::iterator it;
for (it = sessions.begin(); it != sessions.end(); ++it) {
diff --git a/alljoyn_core/src/NullTransport.cc b/alljoyn_core/src/NullTransport.cc
index 6ce97e6..b5c498c 100644
--- a/alljoyn_core/src/NullTransport.cc
+++ b/alljoyn_core/src/NullTransport.cc
@@ -233,7 +233,7 @@ QStatus _NullEndpoint::PushMessage(Message& msg)
status = ER_OK;
}
} else {
- QCC_ASSERT(msg->bus == &routerBus);
+ QCC_ASSERT((msg->bus == &routerBus) || ((msg->GetType() == MESSAGE_ERROR) && (uniqueName == msg->GetDestination())));
/*
* Register the endpoint with the client router if needed
*/
diff --git a/alljoyn_core/src/PeerState.cc b/alljoyn_core/src/PeerState.cc
index 077fff0..f6b18f4 100644
--- a/alljoyn_core/src/PeerState.cc
+++ b/alljoyn_core/src/PeerState.cc
@@ -390,11 +390,22 @@ void PeerStateTable::GetGroupKey(qcc::KeyBlob& key)
groupPeer->SetAuthorization(MESSAGE_SIGNAL, _PeerState::ALLOW_SECURE_TX);
}
-void PeerStateTable::Clear()
+void PeerStateTable::Clear(bool keepLocalPeer)
{
qcc::KeyBlob key(0); /* use version 0 to exchange with older clients that send keyblob instead of key data */
lock.Lock(MUTEX_CONTEXT);
- peerMap.clear();
+ if (keepLocalPeer) {
+ for (auto itPeer = peerMap.cbegin(); itPeer != peerMap.cend();) {
+ if (itPeer->second->IsLocalPeer()) {
+ ++itPeer;
+ } else {
+ peerMap.erase(itPeer++);
+ }
+ }
+ } else {
+ peerMap.clear();
+ }
+
PeerState nullPeer;
QCC_DbgHLPrintf(("Allocating group key"));
key.Rand(Crypto_AES::AES128_SIZE, KeyBlob::AES);
diff --git a/alljoyn_core/src/PeerState.h b/alljoyn_core/src/PeerState.h
index c7dd769..62c9ba5 100644
--- a/alljoyn_core/src/PeerState.h
+++ b/alljoyn_core/src/PeerState.h
@@ -312,7 +312,7 @@ class _PeerState {
*
* @return Returns true if this PeerState instance is for the local peer.
*/
- bool IsLocalPeer() { return isLocalPeer; }
+ bool IsLocalPeer() const { return isLocalPeer; }
/**
* Returns window size for serial number validation. Used by unit tests.
@@ -872,8 +872,11 @@ class PeerStateTable {
/**
* Clear all peer state.
+ *
+ * @param keepLocalPeer When set to true, the Peer State associated with the local
+ * bus attachment will not be cleared.
*/
- void Clear();
+ void Clear(bool keepLocalPeer = false);
/**
* Destructor
diff --git a/alljoyn_core/src/PermissionMgmtObj.cc b/alljoyn_core/src/PermissionMgmtObj.cc
index 6646fb6..22d2597 100644
--- a/alljoyn_core/src/PermissionMgmtObj.cc
+++ b/alljoyn_core/src/PermissionMgmtObj.cc
@@ -97,8 +97,10 @@ class ClearSecretsWhenMsgDeliveredNotification : public MessageEncryptionNotific
* Clear out the master secrets used in ECDSA key exchange
*/
bus.GetInternal().GetKeyStore().Clear(ECDHE_ECDSA_NAME_PATTERN);
- /* clear all the peer states to force re-authentication */
- bus.GetInternal().GetPeerStateTable()->Clear();
+ /* Clear other peers' states to force re-authentication.
+ * Do not clear own peer state to keep track of own memberships and
+ * to be able to decrypt own response if we are communicating with ourselves. */
+ bus.GetInternal().GetPeerStateTable()->Clear(true);
}
private:
@@ -119,7 +121,7 @@ static QStatus RetrieveAndGenDSAPublicKey(CredentialAccessor* ca, KeyInfoNISTP25
PermissionMgmtObj::PermissionMgmtObj(BusAttachment& bus, const char* objectPath) :
BusObject(objectPath), bus(bus), claimCapabilities(PermissionConfigurator::CLAIM_CAPABILITIES_DEFAULT),
- claimCapabilityAdditionalInfo(0), portListener(NULL), callbackToClearSecrets(NULL), ready(false), managementStarted(false)
+ claimCapabilityAdditionalInfo(0), portListener(nullptr), callbackToClearSecrets(nullptr), ready(false), managementStarted(false)
{
}
@@ -157,7 +159,7 @@ void PermissionMgmtObj::Load()
} else {
policyVersion = 0;
delete policy;
- policy = NULL;
+ policy = nullptr;
}
PolicyChanged(policy);
bool hasManifestTemplate;
@@ -709,10 +711,10 @@ void PermissionMgmtObj::Claim(const InterfaceDescription::Member* member, Messag
return;
}
- TrustAnchor* adminGroupAuthority = NULL;
+ TrustAnchor* adminGroupAuthority = nullptr;
TrustAnchor* certificateAuthority = new TrustAnchor(TRUST_ANCHOR_CA);
- std::vector<CertificateX509> certs;
- std::vector<Manifest> manifests;
+ vector<CertificateX509> certs;
+ vector<Manifest> manifests;
QStatus status = KeyInfoHelper::MsgArgToKeyInfoNISTP256PubKey(args[0], certificateAuthority->keyInfo);
if (ER_OK != status) {
goto DoneValidation;
@@ -906,7 +908,7 @@ QStatus PermissionMgmtObj::GetDefaultPolicy(MsgArg& msgArg)
QStatus PermissionMgmtObj::StorePolicy(PermissionPolicy& policy, bool defaultPolicy)
{
- uint8_t* buf = NULL;
+ uint8_t* buf = nullptr;
size_t size;
Message tmpMsg(bus);
DefaultPolicyMarshaller marshaller(tmpMsg);
@@ -1024,7 +1026,7 @@ static QStatus ValidateMembershipCertificateChain(const CertificateX509* certCha
return ER_INVALID_CERTIFICATE;
}
-static QStatus ValidateMembershipCertificateChain(std::vector<CertificateX509*>& certs, PermissionMgmtObj::TrustAnchorList* taList)
+static QStatus ValidateMembershipCertificateChain(vector<CertificateX509*>& certs, PermissionMgmtObj::TrustAnchorList* taList)
{
if (certs.size() == 0) {
return ER_INVALID_CERTIFICATE;
@@ -1032,7 +1034,7 @@ static QStatus ValidateMembershipCertificateChain(std::vector<CertificateX509*>&
/* build an array of base CertificateX509 instances for validation */
CertificateX509* certChain = new CertificateX509[certs.size()];
- if (certChain == NULL) {
+ if (certChain == nullptr) {
return ER_OUT_OF_MEMORY;
}
for (size_t cnt = 0; cnt < certs.size(); cnt++) {
@@ -1046,9 +1048,9 @@ static QStatus ValidateMembershipCertificateChain(std::vector<CertificateX509*>&
static QStatus LoadCertificate(CertificateX509::EncodingType encoding, const uint8_t* encoded, size_t encodedLen, CertificateX509& cert)
{
if (encoding == CertificateX509::ENCODING_X509_DER) {
- return cert.DecodeCertificateDER(String((const char*) encoded, encodedLen));
+ return cert.DecodeCertificateDER(qcc::String((const char*) encoded, encodedLen));
} else if (encoding == CertificateX509::ENCODING_X509_DER_PEM) {
- return cert.DecodeCertificatePEM(String((const char*) encoded, encodedLen));
+ return cert.DecodeCertificatePEM(qcc::String((const char*) encoded, encodedLen));
}
return ER_NOT_IMPLEMENTED;
}
@@ -1069,7 +1071,7 @@ QStatus PermissionMgmtObj::GetDSAPrivateKey(qcc::ECCPrivateKey& privateKey)
return ca->GetDSAPrivateKey(privateKey);
}
-QStatus PermissionMgmtObj::RetrieveCertsFromMsgArg(const MsgArg& certArg, std::vector<CertificateX509>& certs)
+QStatus PermissionMgmtObj::RetrieveCertsFromMsgArg(const MsgArg& certArg, vector<CertificateX509>& certs)
{
size_t certChainCount;
MsgArg* certChain;
@@ -1129,7 +1131,7 @@ QStatus PermissionMgmtObj::StoreIdentityCertChain(size_t certChainCount, const C
}
/* now storing the cert chain */
for (size_t cnt = 0; cnt < certChainCount; cnt++) {
- String der;
+ qcc::String der;
status = certs[cnt].EncodeCertificateDER(der);
KeyBlob kb((const uint8_t*) der.data(), der.size(), KeyBlob::GENERIC);
if (cnt == 0) {
@@ -1171,7 +1173,7 @@ ExitStoreIdentity:
return status;
}
-static QStatus RetrieveIdentityCertChainBlobs(CredentialAccessor* ca, KeyStore::Key identityHead, std::vector<KeyBlob*>& blobs)
+static QStatus RetrieveIdentityCertChainBlobs(CredentialAccessor* ca, KeyStore::Key identityHead, vector<KeyBlob*>& blobs)
{
KeyBlob* kb = new KeyBlob();
QStatus status = ca->GetKey(identityHead, *kb);
@@ -1185,7 +1187,7 @@ static QStatus RetrieveIdentityCertChainBlobs(CredentialAccessor* ca, KeyStore::
blobs.push_back(kb);
/* go thru the issuers */
- KeyStore::Key* keys = NULL;
+ KeyStore::Key* keys = nullptr;
size_t numOfKeys = 0;
status = ca->GetKeys(identityHead, &keys, &numOfKeys);
if (ER_OK != status) {
@@ -1199,7 +1201,7 @@ static QStatus RetrieveIdentityCertChainBlobs(CredentialAccessor* ca, KeyStore::
}
Exit:
if (ER_OK != status) {
- for (std::vector<KeyBlob*>::iterator it = blobs.begin(); it != blobs.end(); it++) {
+ for (vector<KeyBlob*>::iterator it = blobs.begin(); it != blobs.end(); it++) {
delete *it;
}
blobs.clear();
@@ -1208,7 +1210,7 @@ Exit:
return status;
}
-QStatus PermissionMgmtObj::GetIdentity(std::vector<qcc::CertificateX509>& certChain)
+QStatus PermissionMgmtObj::GetIdentity(vector<qcc::CertificateX509>& certChain)
{
QCC_DbgTrace(("%s", __FUNCTION__));
MsgArg certArg;
@@ -1232,7 +1234,7 @@ QStatus PermissionMgmtObj::RetrieveIdentityCertChain(MsgArg** certArgs, size_t*
{
KeyStore::Key identityHead;
GetACLKey(ENTRY_IDENTITY, identityHead);
- std::vector<KeyBlob*> blobs;
+ vector<KeyBlob*> blobs;
QStatus status = RetrieveIdentityCertChainBlobs(ca, identityHead, blobs);
if (ER_OK != status) {
return status;
@@ -1253,10 +1255,10 @@ QStatus PermissionMgmtObj::RetrieveIdentityCertChain(MsgArg** certArgs, size_t*
Exit:
if (ER_OK != status) {
delete [] *certArgs;
- *certArgs = NULL;
+ *certArgs = nullptr;
*count = 0;
}
- for (std::vector<KeyBlob*>::iterator it = blobs.begin(); it != blobs.end(); it++) {
+ for (vector<KeyBlob*>::iterator it = blobs.begin(); it != blobs.end(); it++) {
delete *it;
}
blobs.clear();
@@ -1267,7 +1269,7 @@ QStatus PermissionMgmtObj::RetrieveIdentityCertChainPEM(qcc::String& pem)
{
KeyStore::Key identityHead;
GetACLKey(ENTRY_IDENTITY, identityHead);
- std::vector<KeyBlob*> blobs;
+ vector<KeyBlob*> blobs;
QStatus status = RetrieveIdentityCertChainBlobs(ca, identityHead, blobs);
if (ER_OK != status) {
return status;
@@ -1277,8 +1279,8 @@ QStatus PermissionMgmtObj::RetrieveIdentityCertChainPEM(qcc::String& pem)
}
for (size_t cnt = 0; cnt < blobs.size(); cnt++) {
KeyBlob* kb = blobs[cnt];
- String der((const char*) kb->GetData(), kb->GetSize());
- String localPEM;
+ qcc::String der((const char*) kb->GetData(), kb->GetSize());
+ qcc::String localPEM;
status = CertificateX509::EncodeCertificatePEM(der, localPEM);
if (ER_OK != status) {
goto Exit;
@@ -1290,7 +1292,7 @@ QStatus PermissionMgmtObj::RetrieveIdentityCertChainPEM(qcc::String& pem)
}
}
Exit:
- for (std::vector<KeyBlob*>::iterator it = blobs.begin(); it != blobs.end(); it++) {
+ for (vector<KeyBlob*>::iterator it = blobs.begin(); it != blobs.end(); it++) {
delete *it;
}
blobs.clear();
@@ -1320,7 +1322,7 @@ QStatus PermissionMgmtObj::RetrieveIdentityCertificateId(qcc::String& serial, qc
issuerKeyInfo.SetKeyId((uint8_t*) leafCert.GetAuthorityKeyId().data(), leafCert.GetAuthorityKeyId().size());
/* locate the next cert in the identity cert chain for the issuer public key */
- KeyStore::Key* keys = NULL;
+ KeyStore::Key* keys = nullptr;
size_t numOfKeys = 0;
status = ca->GetKeys(identityHead, &keys, &numOfKeys);
if (ER_OK != status) {
@@ -1368,7 +1370,7 @@ QStatus PermissionMgmtObj::UpdateIdentity(
{
QCC_DbgTrace(("%s", __FUNCTION__));
/* save the current identity cert chain to rollback */
- MsgArg* currentCertArgs = NULL;
+ MsgArg* currentCertArgs = nullptr;
size_t count = 0;
QStatus status = RetrieveIdentityCertChain(&currentCertArgs, &count);
if (ER_OK != status) {
@@ -1389,9 +1391,9 @@ QStatus PermissionMgmtObj::UpdateIdentity(
if (ER_OK != status) {
QCC_LogError(status, ("Could not StoreManifests"));
/* In this case, we have to undo setting the identity cert chain. */
- if (currentCertArgs != NULL) {
+ if (currentCertArgs != nullptr) {
MsgArg arg("a(yay)", count, currentCertArgs);
- std::vector<CertificateX509> origCerts;
+ vector<CertificateX509> origCerts;
QStatus aStatus = RetrieveCertsFromMsgArg(arg, origCerts);
if (ER_OK != aStatus) {
QCC_LogError(aStatus, ("PermissionMgmtObj::DoUpdateIdentity restoring the identity certificate failed RetrieveCertsFromMsgArg"));
@@ -1417,8 +1419,8 @@ QStatus PermissionMgmtObj::UpdateIdentity(
void PermissionMgmtObj::InstallIdentity(const InterfaceDescription::Member* member, Message& msg)
{
QCC_UNUSED(member);
- std::vector<CertificateX509> certs;
- std::vector<Manifest> manifests;
+ vector<CertificateX509> certs;
+ vector<Manifest> manifests;
QStatus status = RetrieveCertsFromMsgArg((MsgArg&)*msg->GetArg(0), certs);
if (ER_OK != status) {
@@ -1459,7 +1461,7 @@ QStatus PermissionMgmtObj::GetIdentityBlob(KeyBlob& kb)
QStatus PermissionMgmtObj::GetIdentity(MsgArg& arg)
{
- MsgArg* certArgs = NULL;
+ MsgArg* certArgs = nullptr;
size_t count = 0;
QStatus status = RetrieveIdentityCertChain(&certArgs, &count);
if (ER_OK != status) {
@@ -1496,7 +1498,7 @@ QStatus PermissionMgmtObj::GenerateManifestDigest(BusAttachment& bus, const Perm
return marshaller.Digest(rules, count, digest, Crypto_SHA256::DIGEST_SIZE);
}
-QStatus PermissionMgmtObj::RetrieveManifestsFromMsgArg(const MsgArg& signedManifestsArg, std::vector<Manifest>& manifests)
+QStatus PermissionMgmtObj::RetrieveManifestsFromMsgArg(const MsgArg& signedManifestsArg, vector<Manifest>& manifests)
{
MsgArg* signedManifestArgArray;
size_t signedManifestCount;
@@ -1544,7 +1546,7 @@ QStatus PermissionMgmtObj::StoreManifests(size_t manifestCount, const Manifest*
return ER_DIGEST_MISMATCH;
}
- std::vector<Manifest> newManifests;
+ vector<Manifest> newManifests;
for (size_t i = 0; i < manifestCount; i++) {
newManifests.push_back(manifests[i]);
}
@@ -1553,7 +1555,7 @@ QStatus PermissionMgmtObj::StoreManifests(size_t manifestCount, const Manifest*
/* Retrieve the current set of manifests from the keystore first, and combine them with
* the new set.
*/
- std::vector<Manifest> previousManifests;
+ vector<Manifest> previousManifests;
status = RetrieveManifests(previousManifests);
if (ER_OK != status) {
QCC_LogError(status, ("Could not retrieve already-installed manifests"));
@@ -1566,7 +1568,7 @@ QStatus PermissionMgmtObj::StoreManifests(size_t manifestCount, const Manifest*
/* store the manifests into the key store */
KeyStore::Key key;
GetACLKey(ENTRY_MANIFEST, key);
- std::vector<uint8_t> serializedManifestArray;
+ vector<uint8_t> serializedManifestArray;
status = _Manifest::SerializeArray(newManifests, serializedManifestArray);
if (ER_OK != status) {
QCC_LogError(status, ("Failed to serialize array of passed manifests for storage"));
@@ -1583,15 +1585,15 @@ QStatus PermissionMgmtObj::StoreManifests(size_t manifestCount, const Manifest*
return status;
}
-static QStatus GetMembershipKey(CredentialAccessor* ca, KeyStore::Key& membershipHead, const String& serialNum, const String& issuerAki, KeyStore::Key& membershipKey)
+static QStatus GetMembershipKey(CredentialAccessor* ca, KeyStore::Key& membershipHead, const qcc::String& serialNum, const qcc::String& issuerAki, KeyStore::Key& membershipKey)
{
- KeyStore::Key* keys = NULL;
+ KeyStore::Key* keys = nullptr;
size_t numOfKeys;
QStatus status = ca->GetKeys(membershipHead, &keys, &numOfKeys);
if (ER_OK != status) {
return status;
}
- String tag = serialNum.substr(0, KeyBlob::MAX_TAG_LEN);
+ qcc::String tag = serialNum.substr(0, KeyBlob::MAX_TAG_LEN);
bool found = false;
status = ER_OK;
for (size_t cnt = 0; cnt < numOfKeys; cnt++) {
@@ -1669,7 +1671,7 @@ QStatus PermissionMgmtObj::StoreMembership(const qcc::CertificateX509* certChain
QCC_DbgPrintf(("PermissionMgmtObj::StoreMembership failed since certificate subject public key is not the same as target public key"));
return ER_INVALID_CERTIFICATE;
}
- status = ValidateMembershipCertificateChain(certChain, count, NULL);
+ status = ValidateMembershipCertificateChain(certChain, count, nullptr);
if (ER_OK != status) {
QCC_DbgPrintf(("PermissionMgmtObj::StoreMembership failed to validate certificate chain 0x%x", status));
return status;
@@ -1677,7 +1679,7 @@ QStatus PermissionMgmtObj::StoreMembership(const qcc::CertificateX509* certChain
GUID128 membershipGuid;
KeyStore::Key membershipKey(KeyStore::Key::LOCAL, membershipGuid);
for (size_t cnt = 0; cnt < count; cnt++) {
- String der;
+ qcc::String der;
status = certChain[cnt].EncodeCertificateDER(der);
if (ER_OK != status) {
return status;
@@ -1685,7 +1687,7 @@ QStatus PermissionMgmtObj::StoreMembership(const qcc::CertificateX509* certChain
KeyBlob kb((const uint8_t*) der.data(), der.size(), KeyBlob::GENERIC);
if (cnt == 0) {
/* handle the leaf cert */
- String serialTag;
+ qcc::String serialTag;
if (certChain[cnt].GetSerialLen() > 0) {
serialTag.assign_std(reinterpret_cast<const char*>(certChain[cnt].GetSerial()), certChain[cnt].GetSerialLen());
}
@@ -1741,7 +1743,7 @@ QStatus PermissionMgmtObj::StoreMembership(const MsgArg& msgArg)
}
CertificateX509* certs = new CertificateX509[certChainCount];
- if (certs == NULL) {
+ if (certs == nullptr) {
return ER_OUT_OF_MEMORY;
}
for (size_t cnt = 0; cnt < certChainCount; cnt++) {
@@ -1751,13 +1753,20 @@ QStatus PermissionMgmtObj::StoreMembership(const MsgArg& msgArg)
goto Exit;
}
}
+
status = StoreMembership(certs, certChainCount);
+ if (status == ER_OK) {
+ /* Store own membership data in own PeerState. */
+ PeerState peerState = bus.GetInternal().GetPeerStateTable()->GetPeerState(bus.GetUniqueName());
+ status = AddMembershipsToPeerState(peerState, certs, certChainCount);
+ }
+
Exit:
delete [] certs;
return status;
}
-QStatus PermissionMgmtObj::LocateMembershipEntry(const String& serialNum, const String& issuerAki, KeyStore::Key& membershipKey)
+QStatus PermissionMgmtObj::LocateMembershipEntry(const qcc::String& serialNum, const qcc::String& issuerAki, KeyStore::Key& membershipKey)
{
/* look for memberships head in the key store */
KeyStore::Key membershipHead;
@@ -1771,7 +1780,7 @@ QStatus PermissionMgmtObj::LocateMembershipEntry(const String& serialNum, const
return GetMembershipKey(ca, membershipHead, serialNum, issuerAki, membershipKey);
}
-QStatus PermissionMgmtObj::RemoveMembership(const String& serial, const ECCPublicKey* issuerPublicKey, const String& issuerAki)
+QStatus PermissionMgmtObj::RemoveMembership(const qcc::String& serial, const ECCPublicKey* issuerPublicKey, const qcc::String& issuerAki)
{
QStatus status = RemoveMembershipInternal(serial, issuerPublicKey, issuerAki);
@@ -1782,13 +1791,13 @@ QStatus PermissionMgmtObj::RemoveMembership(const String& serial, const ECCPubli
}
}
-static QStatus SetKeyInfo(const ECCPublicKey* publicKey, const String& aki, KeyInfoNISTP256& keyInfo)
+static QStatus SetKeyInfo(const ECCPublicKey* publicKey, const qcc::String& aki, KeyInfoNISTP256& keyInfo)
{
QCC_DbgTrace(("%s", __FUNCTION__));
keyInfo.SetPublicKey(publicKey);
if (aki.empty()) {
- String computedAki;
+ qcc::String computedAki;
/* calculate it */
QStatus status = CertificateX509::GenerateAuthorityKeyId(keyInfo.GetPublicKey(), computedAki);
if (ER_OK != status) {
@@ -1803,7 +1812,7 @@ static QStatus SetKeyInfo(const ECCPublicKey* publicKey, const String& aki, KeyI
return ER_OK;
}
-QStatus PermissionMgmtObj::RemoveMembershipInternal(const String& serial, const ECCPublicKey* issuerPublicKey, const String& issuerAki)
+QStatus PermissionMgmtObj::RemoveMembershipInternal(const qcc::String& serial, const ECCPublicKey* issuerPublicKey, const qcc::String& issuerAki)
{
QCC_DbgTrace(("%s", __FUNCTION__));
KeyStore::Key membershipKey;
@@ -1889,8 +1898,8 @@ void PermissionMgmtObj::RemoveMembership(const InterfaceDescription::Member* mem
MethodReply(msg, ER_INVALID_DATA);
return;
}
- String serial((const char*) serialVal, serialLen);
- String issuerAki((const char*)akiVal, akiLen);
+ qcc::String serial((const char*) serialVal, serialLen);
+ qcc::String issuerAki((const char*)akiVal, akiLen);
status = RemoveMembership(serial, &publicKey, issuerAki);
MethodReply(msg, status);
}
@@ -1941,7 +1950,7 @@ void PermissionMgmtObj::InstallManifests(const InterfaceDescription::Member* mem
{
QCC_UNUSED(member);
- std::vector<Manifest> manifests;
+ vector<Manifest> manifests;
QStatus status = RetrieveManifestsFromMsgArg((MsgArg&)*msg->GetArg(0), manifests);
if (ER_OK != status) {
QCC_LogError(status, ("%s: Could not RetrieveManifestsFromMsgArg", __FUNCTION__));
@@ -1969,7 +1978,7 @@ QStatus PermissionMgmtObj::GetAllMembershipCerts(MembershipCertMap& certMap, boo
if (status == ER_BUS_KEY_UNAVAILABLE) {
return ER_OK; /* nothing to do */
}
- KeyStore::Key* keys = NULL;
+ KeyStore::Key* keys = nullptr;
size_t numOfKeys;
status = ca->GetKeys(membershipHead, &keys, &numOfKeys);
if (ER_OK != status) {
@@ -1987,7 +1996,7 @@ QStatus PermissionMgmtObj::GetAllMembershipCerts(MembershipCertMap& certMap, boo
delete [] keys;
return status;
}
- MembershipCertificate* cert = NULL;
+ MembershipCertificate* cert = nullptr;
if (loadCert) {
cert = new MembershipCertificate();
status = LoadCertificate(CertificateX509::ENCODING_X509_DER, kb.GetData(), kb.GetSize(), *cert);
@@ -2017,9 +2026,9 @@ void PermissionMgmtObj::ClearMembershipCertMap(MembershipCertMap& certMap)
certMap.clear();
}
-static void ClearArgVector(std::vector<MsgArg*>& argList)
+static void ClearArgVector(vector<MsgArg*>& argList)
{
- for (std::vector<MsgArg*>::iterator it = argList.begin(); it != argList.end(); it++) {
+ for (vector<MsgArg*>::iterator it = argList.begin(); it != argList.end(); it++) {
delete *it;
}
argList.clear();
@@ -2046,9 +2055,9 @@ static void ClearArgVector(std::vector<MsgArg*>& argList)
*/
-static QStatus GenerateSendMembershipForCertEntry(BusAttachment& bus, CredentialAccessor* ca, KeyStore::Key& entryKey, std::vector<MsgArg*>& argList)
+static QStatus GenerateSendMembershipForCertEntry(BusAttachment& bus, CredentialAccessor* ca, KeyStore::Key& entryKey, vector<MsgArg*>& argList)
{
- KeyStore::Key* keys = NULL;
+ KeyStore::Key* keys = nullptr;
size_t numOfKeys;
QStatus status = ca->GetKeys(entryKey, &keys, &numOfKeys);
if (ER_OK != status) {
@@ -2059,8 +2068,8 @@ static QStatus GenerateSendMembershipForCertEntry(BusAttachment& bus, Credential
return status;
}
- std::vector<MsgArg*> addOns;
- /* go through the associated entries of this keys */
+ vector<MsgArg*> addOns;
+ /* go through the associated entries of these keys */
for (size_t cnt = 0; cnt < numOfKeys; cnt++) {
KeyBlob kb;
status = ca->GetKey(keys[cnt], kb);
@@ -2095,6 +2104,113 @@ Exit:
return status;
}
+static QStatus GetMembershipCertificateEntryChain(BusAttachment& bus, CredentialAccessor* ca, KeyStore::Key& entryKey, vector<qcc::String>& certChainStrs)
+{
+ KeyStore::Key* keys = nullptr;
+ size_t numOfKeys;
+ QStatus status = ca->GetKeys(entryKey, &keys, &numOfKeys);
+ if (ER_OK != status) {
+ delete [] keys;
+ if (ER_BUS_KEY_UNAVAILABLE == status) {
+ return ER_OK; /* nothing to generate */
+ }
+ return status;
+ }
+
+ vector<qcc::String> addOns;
+ /* go through the associated entries of these keys */
+ for (size_t cnt = 0; cnt < numOfKeys; cnt++) {
+ KeyBlob kb;
+ status = ca->GetKey(keys[cnt], kb);
+ if (ER_OK != status) {
+ break;
+ }
+
+ /* this cert chain node may have a parent cert */
+ std::string certStr(reinterpret_cast<const char*>(kb.GetData()), kb.GetSize());
+ addOns.push_back(static_cast<qcc::String>(certStr));
+ if (ER_OK != status) {
+ goto Exit;
+ }
+ status = GetMembershipCertificateEntryChain(bus, ca, keys[cnt], addOns);
+ if (ER_OK != status) {
+ goto Exit;
+ }
+ }
+Exit:
+ if (ER_OK == status) {
+ certChainStrs.reserve(certChainStrs.size() + addOns.size());
+ certChainStrs.insert(certChainStrs.end(), addOns.begin(), addOns.end());
+ }
+
+ addOns.clear();
+ delete [] keys;
+ return status;
+}
+
+QStatus PermissionMgmtObj::GetMembershipCertificates(MsgArg& args)
+{
+ MembershipCertMap certMap;
+
+ QStatus status = GetAllMembershipCerts(certMap);
+ if (ER_OK != status) {
+ return status;
+ }
+
+ size_t numCertChains = certMap.size();
+ if (0 == numCertChains) {
+ args.Set("aa(yay)", 0, nullptr);
+ return ER_OK;
+ }
+
+ size_t cnt = 0;
+ vector<MsgArg> certChainArgs;
+ certChainArgs.resize(numCertChains);
+ for (MembershipCertMap::iterator it = certMap.begin(); it != certMap.end(); it++) {
+ vector<qcc::String> certList;
+ MembershipCertificate* cert = it->second;
+ qcc::String der;
+ status = cert->EncodeCertificateDER(der);
+ if (ER_OK != status) {
+ goto Exit;
+ }
+ certList.push_back(der);
+
+ status = GetMembershipCertificateEntryChain(bus, ca, (KeyStore::Key&)it->first, certList);
+ if (ER_OK != status) {
+ goto Exit;
+ }
+
+ size_t certChainSize = certList.size();
+ vector<MsgArg> certChainArg;
+ certChainArg.resize(certChainSize);
+ size_t certCnt = 0;
+ for (auto& cert : certList) {
+ status = certChainArg[certCnt].Set("(yay)", CertificateX509::ENCODING_X509_DER, cert.size(), cert.c_str());
+ if (ER_OK != status) {
+ goto Exit;
+ }
+ ++certCnt;
+ }
+
+ status = certChainArgs[cnt].Set("a(yay)", certChainArg.size(), certChainArg.data());
+ if (ER_OK != status) {
+ goto Exit;
+ }
+
+ certChainArgs[cnt].Stabilize();
+ ++cnt;
+ }
+
+ status = args.Set("aa(yay)", certChainArgs.size(), certChainArgs.data());
+Exit:
+ if (ER_OK == status) {
+ args.Stabilize();
+ }
+ ClearMembershipCertMap(certMap);
+ return status;
+}
+
QStatus PermissionMgmtObj::GetMembershipSummaries(MsgArg& arg)
{
MembershipCertMap certMap;
@@ -2103,20 +2219,21 @@ QStatus PermissionMgmtObj::GetMembershipSummaries(MsgArg& arg)
return status;
}
if (certMap.size() == 0) {
- arg.Set("a(ayay(yyayay))", 0, NULL);
+ arg.Set("a(ayay(yyayay))", 0, nullptr);
return ER_OK;
}
- MsgArg* membershipArgs = new MsgArg[certMap.size()];
+ vector<MsgArg> membershipArgs;
+ membershipArgs.resize(certMap.size());
size_t cnt = 0;
- KeyStore::Key* issuerKeys = NULL;
+ KeyStore::Key* issuerKeys = nullptr;
for (MembershipCertMap::iterator it = certMap.begin(); it != certMap.end(); it++) {
KeyInfoNISTP256 issuerKeyInfo;
KeyStore::Key leafKey = it->first;
MembershipCertificate* leafCert = it->second;
issuerKeyInfo.SetKeyId((const uint8_t*) leafCert->GetAuthorityKeyId().data(), leafCert->GetAuthorityKeyId().size());
delete [] issuerKeys;
- issuerKeys = NULL;
+ issuerKeys = nullptr;
size_t numOfIssuerKeys = 0;
bool locateIssuer = false;
status = ca->GetKeys(leafKey, &issuerKeys, &numOfIssuerKeys);
@@ -2140,7 +2257,7 @@ QStatus PermissionMgmtObj::GetMembershipSummaries(MsgArg& arg)
}
issuerKeyInfo.SetPublicKey(issuerCert.GetSubjectPublicKey());
if (issuerKeyInfo.GetKeyIdLen() == 0) {
- String aki;
+ qcc::String aki;
if (ER_OK != CertificateX509::GenerateAuthorityKeyId(issuerKeyInfo.GetPublicKey(), aki)) {
goto Exit;
}
@@ -2183,16 +2300,15 @@ QStatus PermissionMgmtObj::GetMembershipSummaries(MsgArg& arg)
Exit:
delete [] issuerKeys;
if (ER_OK == status) {
- arg.Set("a(ayay(yyayay))", certMap.size(), membershipArgs);
+ arg.Set("a(ayay(yyayay))", membershipArgs.size(), membershipArgs.data());
+ arg.Stabilize();
arg.SetOwnershipFlags(MsgArg::OwnsArgs, true);
- } else {
- delete [] membershipArgs;
}
ClearMembershipCertMap(certMap);
return status;
}
-bool PermissionMgmtObj::IsRelevantMembershipCert(std::vector<MsgArg*>& membershipChain, std::vector<ECCPublicKey> peerIssuers)
+bool PermissionMgmtObj::IsRelevantMembershipCert(vector<MsgArg*>& membershipChain, vector<ECCPublicKey> peerIssuers)
{
QStatus status;
CertificateX509 cert;
@@ -2240,11 +2356,11 @@ bool PermissionMgmtObj::IsRelevantMembershipCert(std::vector<MsgArg*>& membershi
return false;
}
-QStatus PermissionMgmtObj::GenerateSendMemberships(std::vector<std::vector<MsgArg*> >& args, const qcc::GUID128& remotePeerGuid)
+QStatus PermissionMgmtObj::GenerateSendMemberships(vector<vector<MsgArg*> >& args, const qcc::GUID128& remotePeerGuid)
{
MembershipCertMap certMap;
ECCPublicKey peerPublicKey;
- std::vector<ECCPublicKey> peerIssuers;
+ vector<ECCPublicKey> peerIssuers;
bool publicKeyFound = false;
qcc::String authMechanism;
@@ -2256,15 +2372,15 @@ QStatus PermissionMgmtObj::GenerateSendMemberships(std::vector<std::vector<MsgAr
return ER_OK;
}
- status = this->GetConnectedPeerAuthMetadata(remotePeerGuid, authMechanism, publicKeyFound, &peerPublicKey, NULL, peerIssuers);
+ status = this->GetConnectedPeerAuthMetadata(remotePeerGuid, authMechanism, publicKeyFound, &peerPublicKey, nullptr, peerIssuers);
if ((status != ER_OK) || !publicKeyFound) {
goto Exit;
}
for (MembershipCertMap::iterator it = certMap.begin(); it != certMap.end(); it++) {
- std::vector<MsgArg*> argList;
+ vector<MsgArg*> argList;
MembershipCertificate* cert = it->second;
- String der;
+ qcc::String der;
status = cert->EncodeCertificateDER(der);
if (ER_OK != status) {
goto Exit;
@@ -2298,7 +2414,7 @@ Exit:
QStatus PermissionMgmtObj::ParseSendManifests(Message& msg, PeerState& peerState)
{
- std::vector<ECCPublicKey> issuerKeys;
+ vector<ECCPublicKey> issuerKeys;
MsgArg* signedManifestArgs;
size_t signedManifestCount;
QStatus status = msg->GetArg(0)->Get(_Manifest::s_MsgArgArraySignature, &signedManifestCount, &signedManifestArgs);
@@ -2307,7 +2423,7 @@ QStatus PermissionMgmtObj::ParseSendManifests(Message& msg, PeerState& peerState
}
ECCPublicKey peerPublicKey;
- std::vector<ECCPublicKey> issuerPublicKeys;
+ vector<ECCPublicKey> issuerPublicKeys;
qcc::String authMechanism;
bool publicKeyFound = false;
uint8_t identityCertificateThumbprint[Crypto_SHA256::DIGEST_SIZE];
@@ -2318,7 +2434,7 @@ QStatus PermissionMgmtObj::ParseSendManifests(Message& msg, PeerState& peerState
return status;
}
- std::vector<uint8_t> thumbprintVector(Crypto_SHA256::DIGEST_SIZE);
+ vector<uint8_t> thumbprintVector(Crypto_SHA256::DIGEST_SIZE);
thumbprintVector.assign(identityCertificateThumbprint, identityCertificateThumbprint + Crypto_SHA256::DIGEST_SIZE);
for (size_t i = 0; i < signedManifestCount; i++) {
@@ -2405,7 +2521,7 @@ QStatus PermissionMgmtObj::ParseSendMemberships(Message& msg, bool& done)
}
PeerState peerState = bus.GetInternal().GetPeerStateTable()->GetPeerState(msg->GetSender());
- _PeerState::GuildMetadata* meta = NULL;
+ _PeerState::GuildMetadata* meta = nullptr;
for (size_t idx = 0; idx < count; idx++) {
CertificateX509* cert = new CertificateX509();
if (idx == 0) {
@@ -2418,7 +2534,7 @@ QStatus PermissionMgmtObj::ParseSendMemberships(Message& msg, bool& done)
return status;
}
meta->certChain.push_back(cert);
- String serialTag;
+ qcc::String serialTag;
if (cert->GetSerialLen() > 0) {
serialTag.assign_std(reinterpret_cast<const char*>(cert->GetSerial()), cert->GetSerialLen());
}
@@ -2659,7 +2775,7 @@ QStatus PermissionMgmtObj::Reset(bool endManagement)
/* Reset the security configuration. */
status = PerformReset(true, endManagement);
if (ER_OK == status) {
- PolicyChanged(NULL);
+ PolicyChanged(nullptr);
StateChanged();
}
return status;
@@ -2671,7 +2787,7 @@ void PermissionMgmtObj::Reset(const InterfaceDescription::Member* member, Messag
MethodReply(msg, Reset());
}
-QStatus PermissionMgmtObj::GetConnectedPeerAuthMetadata(const GUID128& guid, qcc::String& authMechanism, bool& publicKeyFound, qcc::ECCPublicKey* publicKey, uint8_t* identityCertificateThumbprint, std::vector<ECCPublicKey>& issuerPublicKeys)
+QStatus PermissionMgmtObj::GetConnectedPeerAuthMetadata(const GUID128& guid, qcc::String& authMechanism, bool& publicKeyFound, qcc::ECCPublicKey* publicKey, uint8_t* identityCertificateThumbprint, vector<ECCPublicKey>& issuerPublicKeys)
{
CredentialAccessor ca(bus);
KeyBlob kb;
@@ -2690,7 +2806,7 @@ QStatus PermissionMgmtObj::GetConnectedPeerAuthMetadata(const GUID128& guid, qcc
return status;
}
-QStatus PermissionMgmtObj::GetConnectedPeerPublicKey(const GUID128& guid, qcc::ECCPublicKey* publicKey, std::vector<ECCPublicKey>& issuerPublicKeys)
+QStatus PermissionMgmtObj::GetConnectedPeerPublicKey(const GUID128& guid, qcc::ECCPublicKey* publicKey, vector<ECCPublicKey>& issuerPublicKeys)
{
bool publicKeyFound = false;
qcc::String authMechanism;
@@ -2706,7 +2822,7 @@ QStatus PermissionMgmtObj::GetConnectedPeerPublicKey(const GUID128& guid, qcc::E
QStatus PermissionMgmtObj::GetConnectedPeerPublicKey(const GUID128& guid, qcc::ECCPublicKey* publicKey)
{
- std::vector<ECCPublicKey> issuerPublicKeys;
+ vector<ECCPublicKey> issuerPublicKeys;
return GetConnectedPeerPublicKey(guid, publicKey, issuerPublicKeys);
}
@@ -2753,7 +2869,7 @@ QStatus PermissionMgmtObj::SetManifestTemplate(const PermissionPolicy::Rule* rul
return status;
}
-QStatus PermissionMgmtObj::RetrieveManifests(std::vector<Manifest>& manifests)
+QStatus PermissionMgmtObj::RetrieveManifests(vector<Manifest>& manifests)
{
KeyBlob kb;
KeyStore::Key key;
@@ -2952,7 +3068,7 @@ bool PermissionMgmtObj::KeyExchangeListener::RequestCredentials(const char* auth
if (ER_OK != pmo->GetDSAPrivateKey(pk)) {
handled = false;
}
- String pem;
+ qcc::String pem;
CertificateX509::EncodePrivateKeyPEM(&pk, pem);
credentials.SetPrivateKey(pem);
}
@@ -2992,24 +3108,24 @@ QStatus PermissionMgmtObj::BindPort()
if (portListener) {
if (ER_OK == bus.UnbindSessionPort(sessionPort)) {
delete portListener;
- portListener = NULL;
+ portListener = nullptr;
}
}
- if (portListener == NULL) {
+ if (portListener == nullptr) {
portListener = new PortListener();
}
QStatus status = bus.BindSessionPort(sessionPort, opts, *portListener);
if (ER_OK != status) {
delete portListener;
- portListener = NULL;
+ portListener = nullptr;
}
return status;
}
QStatus PermissionMgmtObj::ManageTrustAnchors(PermissionPolicy* policy)
{
- if (policy == NULL) {
+ if (policy == nullptr) {
return ER_OK;
}
ClearTrustAnchors();
@@ -3106,7 +3222,7 @@ static bool IsStdInterface(const char* iName)
}
/* Helper function borrowed from PermissionManager.cc. */
-static bool MatchesPrefix(const String& str, const String& prefix)
+static bool MatchesPrefix(const qcc::String& str, const qcc::String& prefix)
{
return !WildcardMatch(str, prefix);
}
@@ -3118,7 +3234,7 @@ QStatus PermissionMgmtObj::SendManifests(const ProxyBusObject* remotePeerObj, Me
}
const InterfaceDescription* ifc = bus.GetInterface(org::alljoyn::Bus::Peer::Authentication::InterfaceName);
- if (ifc == NULL) {
+ if (ifc == nullptr) {
return ER_BUS_NO_SUCH_INTERFACE;
}
@@ -3158,7 +3274,7 @@ QStatus PermissionMgmtObj::SendManifests(const ProxyBusObject* remotePeerObj, Me
QCC_DbgTrace(("%s: passed early exit checks. Destination is %s, peer GUID is %s",
__FUNCTION__, destination, peerState->GetGuid().ToString().c_str()));
- std::vector<Manifest> manifests;
+ vector<Manifest> manifests;
QStatus status = RetrieveManifests(manifests);
if (ER_OK != status) {
if (ER_MANIFEST_NOT_FOUND == status) {
@@ -3168,7 +3284,7 @@ QStatus PermissionMgmtObj::SendManifests(const ProxyBusObject* remotePeerObj, Me
}
}
- std::vector<Manifest> manifestsToSend;
+ vector<Manifest> manifestsToSend;
/* We don't have a copy of the message, probably because the app is calling SecureConnection
* explicitly. This gives us no basis on which to send manifests.
@@ -3282,4 +3398,42 @@ QStatus PermissionMgmtObj::SendManifests(const ProxyBusObject* remotePeerObj, Me
return ParseSendManifests(replyMsg, peerState);
}
+QStatus PermissionMgmtObj::AddMembershipsToPeerState(PeerState& peerState,
+ const qcc::CertificateX509* certs,
+ size_t certChainCount) const
+{
+ if (certChainCount == 0) {
+ return ER_OK;
+ }
+
+ unique_ptr<CertificateX509> leafCert(new (nothrow) CertificateX509(certs[0]));
+ if (leafCert.get() == nullptr) {
+ QCC_LogError(ER_OUT_OF_MEMORY, ("Could not allocate leaf certificate object"));
+ return ER_OUT_OF_MEMORY;
+ }
+ unique_ptr<_PeerState::GuildMetadata> metadata(new (nothrow) _PeerState::GuildMetadata());
+ if (metadata.get() == nullptr) {
+ QCC_LogError(ER_OUT_OF_MEMORY, ("Could not allocate GUILD metadata object"));
+ return ER_OUT_OF_MEMORY;
+ }
+
+ qcc::String serialTag;
+ if (leafCert->GetSerialLen() > 0) {
+ serialTag.assign_std(reinterpret_cast<const char*>(leafCert->GetSerial()), leafCert->GetSerialLen());
+ }
+ qcc::String issuerAki = leafCert->GetAuthorityKeyId();
+ metadata->certChain.push_back(leafCert.release());
+
+ for (size_t idx = 1; idx < certChainCount; idx++) {
+ std::unique_ptr<CertificateX509> cert(new (nothrow) CertificateX509(certs[idx]));
+ if (cert.get() == nullptr) {
+ QCC_LogError(ER_OUT_OF_MEMORY, ("Could not allocate certificate object"));
+ return ER_OUT_OF_MEMORY;
+ }
+ metadata->certChain.push_back(cert.release());
+ }
+ peerState->SetGuildMetadata(serialTag, issuerAki, metadata.release());
+ return ER_OK;
+}
+
} /* namespace ajn */
diff --git a/alljoyn_core/src/PermissionMgmtObj.h b/alljoyn_core/src/PermissionMgmtObj.h
index b369ac5..6f6fefc 100644
--- a/alljoyn_core/src/PermissionMgmtObj.h
+++ b/alljoyn_core/src/PermissionMgmtObj.h
@@ -425,6 +425,17 @@ class PermissionMgmtObj : public BusObject {
QStatus GetMembershipSummaries(MsgArg& arg);
/**
+ * Get the membership certificates as MsgArgs.
+ *
+ * @param[out] arg A MsgArg containing a collection of certificate chains
+ *
+ * @return
+ * - #ER_OK if the membership certificates are successfully retrieved
+ * - other error code indicating failure
+ */
+ QStatus GetMembershipCertificates(MsgArg& arg);
+
+ /**
* Retrieve certificates in a MsgArg used to transmit certificates in the standard format,
* used by Claim and GetIdentity.
*
@@ -870,6 +881,7 @@ class PermissionMgmtObj : public BusObject {
bool HasDefaultPolicy();
bool IsRelevantMembershipCert(std::vector<MsgArg*>& membershipChain, std::vector<qcc::ECCPublicKey> peerIssuers);
QStatus LookForManifestTemplate(bool& exist);
+ QStatus AddMembershipsToPeerState(PeerState& peerState, const qcc::CertificateX509* certs, size_t certChainCount) const;
/* Bind to an exclusive port for PermissionMgmt object */
QStatus BindPort();
diff --git a/alljoyn_core/src/PermissionPolicy.cc b/alljoyn_core/src/PermissionPolicy.cc
index a08f583..c42a509 100644
--- a/alljoyn_core/src/PermissionPolicy.cc
+++ b/alljoyn_core/src/PermissionPolicy.cc
@@ -2041,6 +2041,7 @@ std::string _Manifest::ToString() const
output += "=====================\n";
output += "Version: ";
output += versionBuf;
+ output += "\n";
output += "Thumbprint algorithm OID: " + m_thumbprintAlgorithmOid + "\n";
output += "Thumbprint: ";
output += BytesToHexString(m_thumbprint.data(), m_thumbprint.size()).c_str();
diff --git a/alljoyn_core/src/RemoteEndpoint.cc b/alljoyn_core/src/RemoteEndpoint.cc
index b0bddc2..55becdc 100644
--- a/alljoyn_core/src/RemoteEndpoint.cc
+++ b/alljoyn_core/src/RemoteEndpoint.cc
@@ -99,14 +99,13 @@ class _RemoteEndpoint::Internal {
} State;
static const char* StateText[];
- Internal(BusAttachment& bus, bool incoming, const qcc::String& connectSpec, Stream* stream, const char* threadName, bool isSocket) :
+ Internal(BusAttachment& bus, bool incoming, Stream* stream, const char* threadName, bool isSocket) :
bus(bus),
stream(stream),
txQueue(),
txWaitQueue(),
lock(LOCK_LEVEL_REMOTEENDPOINT_INTERNAL_LOCK),
listener(NULL),
- connSpec(connectSpec),
incoming(incoming),
processId((uint32_t)-1),
alljoynVersion(0),
@@ -145,7 +144,6 @@ class _RemoteEndpoint::Internal {
EndpointListener* listener; /**< Listener for thread exit and untrusted client start and exit notifications. */
- qcc::String connSpec; /**< Connection specification for out-going connections */
bool incoming; /**< Indicates if connection is incoming (true) or outgoing (false) */
Features features; /**< Requested and negotiated features of this endpoint */
@@ -263,22 +261,6 @@ qcc::Stream& _RemoteEndpoint::GetStream()
}
}
-const qcc::String& _RemoteEndpoint::GetConnectSpec() const
-{
- if (internal) {
- return internal->connSpec;
- } else {
- return String::Empty;
- }
-}
-
-void _RemoteEndpoint::SetConnectSpec(const qcc::String& connSpec)
-{
- if (internal) {
- internal->connSpec = connSpec;
- }
-}
-
bool _RemoteEndpoint::IsIncomingConnection() const
{
if (internal) {
@@ -346,14 +328,13 @@ QStatus _RemoteEndpoint::SetLinkTimeout(uint32_t& idleTimeout)
/* Endpoint constructor */
_RemoteEndpoint::_RemoteEndpoint(BusAttachment& bus,
bool incoming,
- const qcc::String& connectSpec,
Stream* stream,
const char* threadName,
bool isSocket,
bool minimal) :
_BusEndpoint(ENDPOINT_TYPE_REMOTE), minimalEndpoint(minimal)
{
- internal = new Internal(bus, incoming, connectSpec, stream, threadName, isSocket);
+ internal = new Internal(bus, incoming, stream, threadName, isSocket);
}
_RemoteEndpoint::~_RemoteEndpoint()
diff --git a/alljoyn_core/src/RemoteEndpoint.h b/alljoyn_core/src/RemoteEndpoint.h
index 9d3d5c7..5fdcc3e 100644
--- a/alljoyn_core/src/RemoteEndpoint.h
+++ b/alljoyn_core/src/RemoteEndpoint.h
@@ -153,14 +153,12 @@ class _RemoteEndpoint : public _BusEndpoint, public qcc::ThreadListener, public
*
* @param[in] bus Message bus associated with transport.
* @param[in] incoming true iff this is an incoming connection.
- * @param[in] connectSpec AllJoyn connection specification for this endpoint.
* @param[in] stream Socket Stream used to communicate with media.
* @param[in] type Base name for thread.
* @param[in] isSocket true iff stream is actually a socketStream.
*/
_RemoteEndpoint(BusAttachment& bus,
bool incoming,
- const qcc::String& connectSpec,
qcc::Stream* stream,
const char* type = "endpoint",
bool isSocket = true, bool minimal = false);
@@ -345,20 +343,6 @@ class _RemoteEndpoint : public _BusEndpoint, public qcc::ThreadListener, public
void SetRemoteGUID(const qcc::GUID128& remoteGUID);
/**
- * Get the connect spec for this endpoint.
- *
- * @return The connect spec string (may be empty).
- */
- const qcc::String& GetConnectSpec() const;
-
- /**
- * Set the connect spec for this endpoint.
- *
- * @param[in] connSpec The connect spec string.
- */
- void SetConnectSpec(const qcc::String& connSpec);
-
- /**
* Indicate whether this endpoint can receive messages from other devices.
*
* @return true iff this endpoint can receive messages from other devices.
diff --git a/alljoyn_core/src/SConscript b/alljoyn_core/src/SConscript
index d553895..8998256 100644
--- a/alljoyn_core/src/SConscript
+++ b/alljoyn_core/src/SConscript
@@ -24,7 +24,6 @@
# PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
# TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
-#
Import('ajenv')
Import('common_static_objs')
@@ -40,8 +39,8 @@ srcs = [ f for f in libenv.Glob('*.cc') + libenv.Glob('*.c')
if not (str(f).endswith('version.cc')) ]
# Platform specific sources
-if libenv['OS'] == 'darwin':
- os_srcs = [ f for f in libenv.Glob(libenv['OS'] + '/*.cc') ]
+if libenv['OS_SUBGROUP'] == 'darwin':
+ os_srcs = [ f for f in libenv.Glob(libenv['OS_SUBGROUP'] + '/*.cc') ]
os_srcs += [ f for f in libenv.Glob(libenv['OS_GROUP'] + '/KeyStoreListenerFactory.cc') ]
else:
os_srcs = [ f for f in libenv.Glob(libenv['OS_GROUP'] + '/*.cc') ]
@@ -59,6 +58,11 @@ else:
libenv.Depends(version_cc, shared_objs)
shared_objs.append(libenv.SharedObject(version_cc))
+ #Add hardening flags for linux release build only.
+ #The goal is to avoid any impact for these flags to our capability of debugging.
+ if (libenv['OS'] == 'linux') and (libenv['VARIANT'] == 'release'):
+ libenv.Append(LINKFLAGS = ['-fPIC', '-Wl,-z,relro,-z,now'])
+
# AllJoyn Static Library
libs = libenv.StaticLibrary('alljoyn', static_objs)
if libenv['LIBTYPE'] != 'static':
diff --git a/alljoyn_core/src/SecurityApplicationObj.cc b/alljoyn_core/src/SecurityApplicationObj.cc
index c5da5fb..8f0da50 100644
--- a/alljoyn_core/src/SecurityApplicationObj.cc
+++ b/alljoyn_core/src/SecurityApplicationObj.cc
@@ -326,6 +326,8 @@ QStatus SecurityApplicationObj::Get(const char* ifcName, const char* propName, M
status = GetDefaultPolicy(val);
} else if (0 == strcmp("MembershipSummaries", propName)) {
status = GetMembershipSummaries(val);
+ } else if (0 == strcmp("MembershipCertificates", propName)) {
+ status = GetMembershipCertificates(val);
}
} else if (0 == strcmp(org::alljoyn::Bus::Application::InterfaceName, ifcName)) {
if (0 == strcmp("Version", propName)) {
diff --git a/alljoyn_core/src/SecurityApplicationProxy.cc b/alljoyn_core/src/SecurityApplicationProxy.cc
index 561de9b..6aa2254 100644
--- a/alljoyn_core/src/SecurityApplicationProxy.cc
+++ b/alljoyn_core/src/SecurityApplicationProxy.cc
@@ -228,6 +228,32 @@ QStatus SecurityApplicationProxy::GetEccPublicKey(qcc::ECCPublicKey& eccPublicKe
return status;
}
+QStatus SecurityApplicationProxy::GetManufacturerCertificate(vector<CertificateX509>& certificateVector)
+{
+ QCC_DbgTrace(("SecurityApplicationProxy::%s", __FUNCTION__));
+ MsgArg certArg;
+ size_t count;
+
+ QStatus status = GetManufacturerCertificate(certArg);
+ if (ER_OK != status) {
+ QCC_LogError(status, ("Could not GetManufacturerCertificate"));
+ return status;
+ }
+
+ count = certArg.v_array.GetNumElements();
+ certificateVector.clear();
+ certificateVector.resize(count);
+
+ //Note: ManufacturerCertificate uses a(yay) as well, which is the same as IdentityCerts
+ status = MsgArgToIdentityCertChain(certArg, certificateVector.data(), count);
+ if (ER_OK != status) {
+ QCC_LogError(status, ("MsgArgToIdentityCertChain failed"));
+ return status;
+ }
+
+ return status;
+}
+
QStatus SecurityApplicationProxy::GetManufacturerCertificate(MsgArg& certificate)
{
QCC_DbgTrace(("SecurityApplicationProxy::%s", __FUNCTION__));
@@ -816,6 +842,30 @@ void SecurityApplicationProxy::DestroyManifestDigest(uint8_t* digest)
delete[] digest;
}
+QStatus SecurityApplicationProxy::GetIdentity(vector<CertificateX509>& certificateVector)
+{
+ QCC_DbgTrace(("SecurityApplicationProxy::%s", __FUNCTION__));
+ MsgArg certArg;
+ size_t count;
+ QStatus status = GetIdentity(certArg);
+ if (ER_OK != status) {
+ QCC_LogError(status, ("Could not GetIdentity"));
+ return status;
+ }
+
+ count = certArg.v_array.GetNumElements();
+ certificateVector.clear();
+ certificateVector.resize(count);
+
+ status = MsgArgToIdentityCertChain(certArg, certificateVector.data(), count);
+ if (ER_OK != status) {
+ QCC_LogError(status, ("MsgArgToIdentityCertChain failed"));
+ return status;
+ }
+
+ return status;
+}
+
QStatus SecurityApplicationProxy::GetIdentity(MsgArg& identityCertificate)
{
QCC_DbgTrace(("SecurityApplicationProxy::%s", __FUNCTION__));
@@ -1007,6 +1057,32 @@ QStatus SecurityApplicationProxy::GetDefaultPolicy(PermissionPolicy& defaultPoli
return status;
}
+QStatus SecurityApplicationProxy::GetMembershipSummaries(vector<String>& serialsVector, vector<KeyInfoNISTP256>& keyInfosVector)
+{
+ QCC_DbgTrace(("SecurityApplicationProxy::%s", __FUNCTION__));
+ QStatus status = ER_OK;
+ size_t count;
+ MsgArg arg;
+
+ status = GetMembershipSummaries(arg);
+ if (ER_OK == status) {
+ /* Get the Summaries array */
+ count = arg.v_array.GetNumElements();
+ if (0 == count) {
+ QCC_DbgTrace(("Zero memberships found."));
+ return ER_OK;
+ }
+
+ serialsVector.clear();
+ serialsVector.resize(count);
+ keyInfosVector.clear();
+ keyInfosVector.resize(count);
+ status = MsgArgToCertificateIds(arg, serialsVector.data(), keyInfosVector.data(), count);
+ }
+
+ return status;
+}
+
QStatus SecurityApplicationProxy::GetMembershipSummaries(MsgArg& membershipSummaries)
{
QCC_DbgTrace(("SecurityApplicationProxy::%s", __FUNCTION__));
@@ -1025,6 +1101,49 @@ QStatus SecurityApplicationProxy::GetMembershipSummaries(MsgArg& membershipSumma
return status;
}
+QStatus SecurityApplicationProxy::GetMembershipCertificates(vector<vector<CertificateX509> >& certificateVector)
+{
+ QCC_DbgTrace(("SecurityApplicationProxy::%s", __FUNCTION__));
+ QStatus status = ER_OK;
+
+ MsgArg args;
+ status = GetProperty(org::alljoyn::Bus::Security::ManagedApplication::InterfaceName, "MembershipCertificates", args);
+ if (ER_OK != status) {
+ QCC_LogError(status, ("Could not GetMembershipCertificates"));
+ return status;
+ }
+
+ size_t count = 0;
+ MsgArg* certChainArg;
+
+ status = args.Get("aa(yay)", &count, &certChainArg);
+ if (ER_OK != status) {
+ QCC_LogError(status, ("Retrieving certChainArg failed"));
+ return status;
+ }
+ if (0 == count) {
+ QCC_DbgPrintf(("%s Retrieved 0 membership certificate chains", __FUNCTION__));
+ return ER_OK;
+ }
+
+ certificateVector.clear();
+ certificateVector.resize(count);
+
+ size_t cnt = 0;
+ for (auto& certChain : certificateVector) {
+ size_t expectedChainSize = certChainArg[cnt].v_array.GetNumElements();
+ certChain.resize(expectedChainSize);
+ status = MsgArgToIdentityCertChain(certChainArg[cnt], certChain.data(), expectedChainSize);
+ if (ER_OK != status) {
+ QCC_LogError(status, ("MsgArgToIdentityCertChain failed"));
+ return status;
+ }
+ ++cnt;
+ }
+
+ return status;
+}
+
QStatus SecurityApplicationProxy::StartManagement()
{
QCC_DbgTrace(("SecurityApplicationProxy::%s", __FUNCTION__));
diff --git a/alljoyn_core/src/SessionOpts.cc b/alljoyn_core/src/SessionOpts.cc
index 4b011da..8ee2d54 100644
--- a/alljoyn_core/src/SessionOpts.cc
+++ b/alljoyn_core/src/SessionOpts.cc
@@ -140,7 +140,24 @@ qcc::String SessionOpts::ToString() const
break;
}
- str.append(", transports=%X", transports);
+ qcc::String sTransports;
+ if ((transports & TRANSPORT_ANY) == TRANSPORT_ANY) {
+ sTransports.append("TRANSPORT_ANY");
+ } else if ((transports & TRANSPORT_IP) == TRANSPORT_IP) {
+ sTransports.append("TRANSPORT_IP");
+ } else {
+ if ((transports & TRANSPORT_LOCAL) == TRANSPORT_LOCAL) {
+ sTransports.append("TRANSPORT_LOCAL");
+ }
+ if ((transports & TRANSPORT_TCP) == TRANSPORT_TCP) {
+ sTransports.append(sTransports.empty() ? "TRANSPORT_TCP" : ",TRANSPORT_TCP");
+ }
+ if ((transports & TRANSPORT_UDP) == TRANSPORT_UDP) {
+ sTransports.append(sTransports.empty() ? "TRANSPORT_UDP" : ",TRANSPORT_UDP");
+ }
+ }
+ str.append(", transports=" + sTransports);
+
return str;
}
void SessionOpts::SetAllNames()
diff --git a/alljoyn_core/src/XmlRulesValidator.cc b/alljoyn_core/src/XmlRulesValidator.cc
index 64cb670..87ffab0 100644
--- a/alljoyn_core/src/XmlRulesValidator.cc
+++ b/alljoyn_core/src/XmlRulesValidator.cc
@@ -80,6 +80,10 @@ void XmlRulesValidator::Shutdown()
delete s_memberTypeMap;
s_memberTypeMap = nullptr;
+
+ MethodsValidator::Shutdown();
+ SignalsValidator::Shutdown();
+ PropertiesValidator::Shutdown();
}
XmlRulesValidator* XmlRulesValidator::GetInstance()
diff --git a/alljoyn_core/src/posix/ClientTransport.cc b/alljoyn_core/src/posix/ClientTransport.cc
index ff869f7..89f3ad5 100644
--- a/alljoyn_core/src/posix/ClientTransport.cc
+++ b/alljoyn_core/src/posix/ClientTransport.cc
@@ -71,8 +71,8 @@ const char* ClientTransport::TransportName = "unix";
class _ClientEndpoint : public _RemoteEndpoint {
public:
/* Unix endpoint constructor */
- _ClientEndpoint(BusAttachment& bus, bool incoming, const qcc::String connectSpec, SocketFd sock) :
- _RemoteEndpoint(bus, incoming, connectSpec, &stream, ClientTransport::TransportName),
+ _ClientEndpoint(BusAttachment& bus, bool incoming, SocketFd sock) :
+ _RemoteEndpoint(bus, incoming, &stream, ClientTransport::TransportName),
processId(-1),
stream(sock)
{
@@ -244,7 +244,7 @@ QStatus ClientTransport::Connect(const char* connectArgs, const SessionOpts& opt
status = SendSocketCreds(sockFd, GetUid(), GetGid(), GetPid());
static const bool falsiness = false;
- ClientEndpoint ep = ClientEndpoint(m_bus, falsiness, normSpec, sockFd);
+ ClientEndpoint ep = ClientEndpoint(m_bus, falsiness, sockFd);
/* Initialized the features for this endpoint */
ep->GetFeatures().isBusToBus = false;
diff --git a/alljoyn_core/src/version.cc.in b/alljoyn_core/src/version.cc.in
index 0e5e37e..c9a1f86 100644
--- a/alljoyn_core/src/version.cc.in
+++ b/alljoyn_core/src/version.cc.in
@@ -34,9 +34,9 @@
#include "alljoyn/version.h"
-static const unsigned int year = 16;
-static const unsigned int month = 10;
-static const unsigned int feature = 0; /* feature is always 0 for core. */
+static const unsigned int year = 0;
+static const unsigned int month = 0;
+static const unsigned int feature = 1; /* feature is always 0 for core. */
static const unsigned int bugfix = ' ';
static const char version[] = "##VERSION_STRING##";
diff --git a/alljoyn_core/src/windows/ClientTransportWindows.cc b/alljoyn_core/src/windows/ClientTransportWindows.cc
index 7366b3f..f44b091 100644
--- a/alljoyn_core/src/windows/ClientTransportWindows.cc
+++ b/alljoyn_core/src/windows/ClientTransportWindows.cc
@@ -65,9 +65,9 @@ typedef ManagedObj<_ClientEndpoint> ClientEndpoint;
class _ClientEndpoint : public _RemoteEndpoint {
public:
- _ClientEndpoint(ClientTransport* transport, BusAttachment& bus, const qcc::String connectSpec,
+ _ClientEndpoint(ClientTransport* transport, BusAttachment& bus,
qcc::SocketFd sock, const qcc::IPAddress& ipAddr, uint16_t port) :
- _RemoteEndpoint(bus, false, connectSpec, &m_stream, ClientTransport::TransportName),
+ _RemoteEndpoint(bus, false, &m_stream, ClientTransport::TransportName),
m_transport(transport),
m_stream(sock),
m_ipAddr(ipAddr),
@@ -210,7 +210,7 @@ QStatus ClientTransport::Connect(const char* connectSpec, const SessionOpts& opt
* ClientEndpoint object that will orchestrate the movement of data across the
* transport.
*/
- ClientEndpoint ep(this, m_bus, normSpec, sockFd, ipAddr, port);
+ ClientEndpoint ep(this, m_bus, sockFd, ipAddr, port);
/* Initialized the features for this endpoint */
ep->GetFeatures().isBusToBus = false;
diff --git a/alljoyn_core/src/windows/NamedPipeClientTransport.cc b/alljoyn_core/src/windows/NamedPipeClientTransport.cc
index d67564b..0c3822a 100644
--- a/alljoyn_core/src/windows/NamedPipeClientTransport.cc
+++ b/alljoyn_core/src/windows/NamedPipeClientTransport.cc
@@ -66,9 +66,8 @@ typedef ManagedObj<_NamedPipeClientEndpoint> ClientEndpoint;
class _NamedPipeClientEndpoint : public _RemoteEndpoint {
public:
- _NamedPipeClientEndpoint(NamedPipeClientTransport* transport, BusAttachment& bus, const qcc::String connectSpec,
- HANDLE clientHandle) :
- _RemoteEndpoint(bus, false, connectSpec, &m_stream, NamedPipeClientTransport::NamedPipeTransportName, false),
+ _NamedPipeClientEndpoint(NamedPipeClientTransport* transport, BusAttachment& bus, HANDLE clientHandle) :
+ _RemoteEndpoint(bus, false, &m_stream, NamedPipeClientTransport::NamedPipeTransportName, false),
m_transport(transport),
m_stream(clientHandle)
{
@@ -191,7 +190,7 @@ QStatus NamedPipeClientTransport::Connect(const char* connectSpec, const Session
* ClientEndpoint object that will orchestrate the movement of data across the
* transport.
*/
- ClientEndpoint ep(this, m_bus, connectSpec, clientHandle);
+ ClientEndpoint ep(this, m_bus, clientHandle);
/*
* Initialize the features for this endpoint.
diff --git a/alljoyn_core/test/bbclient.cc b/alljoyn_core/test/bbclient.cc
index 5c193be..72d3436 100644
--- a/alljoyn_core/test/bbclient.cc
+++ b/alljoyn_core/test/bbclient.cc
@@ -84,9 +84,12 @@ const char* InterfaceName = "org.alljoyn.alljoyn_test.values";
/** static interrupt flag */
static volatile sig_atomic_t g_interrupt = false;
+class MyAuthListener;
+
/** Static data */
-static BusAttachment* g_msgBus = NULL;
-static Event* g_discoverEvent = NULL;
+static BusAttachment* g_msgBus = nullptr;
+static Event* g_discoverEvent = nullptr;
+static MyAuthListener* g_myAuthListener = nullptr;
static String g_remoteBusName = ::org::alljoyn::alljoyn_test::DefaultWellKnownName;
static TransportMask allowedTransports = TRANSPORT_ANY;
static uint32_t findStartTime = 0;
@@ -98,7 +101,7 @@ static String g_testAboutApplicationName = "bbservice";
static bool g_useAboutFeatureDiscovery = false;
static string g_customRouterConfig;
-static const char* g_alternatePSK = NULL;
+static const char* g_alternatePSK = nullptr;
static const char* g_defaultPSK = "faaa0af3dd3f1e0379da046a3ab6ca44";
/** AllJoynListener receives discovery events from AllJoyn */
@@ -192,7 +195,7 @@ class MyAboutListener : public AboutListener {
char* appName;
ad.GetAppName(&appName);
- if (appName != NULL && strcmp(g_testAboutApplicationName.c_str(), appName) == 0) {
+ if ((appName != nullptr) && (g_testAboutApplicationName == appName)) {
findEndTime = GetTimestamp();
g_remoteBusName = busName;
@@ -376,7 +379,7 @@ class MyAuthListener : public AuthListener {
* this is used instead of the default PSK.
*/
const char* csPSK;
- if (NULL != g_alternatePSK) {
+ if (nullptr != g_alternatePSK) {
csPSK = g_alternatePSK;
} else {
csPSK = g_defaultPSK;
@@ -464,7 +467,7 @@ int CDECL_CALL main(int argc, char** argv)
qcc::String authMechs;
qcc::String pbusConnect;
qcc::String userId;
- const char* keyStore = NULL;
+ const char* keyStore = nullptr;
unsigned long pingCount = 1;
unsigned long repCount = 1;
unsigned long authCount = 1000;
@@ -720,17 +723,18 @@ int CDECL_CALL main(int argc, char** argv)
}
/* Create message bus */
+ g_myAuthListener = new MyAuthListener(userId, authCount);
g_msgBus = new BusAttachment("bbclient", true);
if (!useIntrospection) {
/* Add org.alljoyn.alljoyn_test interface */
- InterfaceDescription* testIntf = NULL;
+ InterfaceDescription* testIntf = nullptr;
status = g_msgBus->CreateInterface(::org::alljoyn::alljoyn_test::InterfaceName, testIntf, secPolicy);
if ((ER_OK == status) && testIntf) {
- testIntf->AddSignal("my_signal", NULL, NULL, 0);
+ testIntf->AddSignal("my_signal", nullptr, nullptr, 0);
testIntf->AddMethod("my_ping", "s", "s", "outStr,inStr", 0);
testIntf->AddMethod("delayed_ping", "su", "s", "outStr,delay,inStr", 0);
- testIntf->AddMethod("time_ping", "uq", "uq", NULL, 0);
+ testIntf->AddMethod("time_ping", "uq", "uq", nullptr, 0);
testIntf->Activate();
} else {
if (ER_OK == status) {
@@ -741,7 +745,7 @@ int CDECL_CALL main(int argc, char** argv)
if (ER_OK == status) {
/* Add org.alljoyn.alljoyn_test.values interface */
- InterfaceDescription* valuesIntf = NULL;
+ InterfaceDescription* valuesIntf = nullptr;
status = g_msgBus->CreateInterface(::org::alljoyn::alljoyn_test::values::InterfaceName, valuesIntf, secPolicy);
if ((ER_OK == status) && valuesIntf) {
valuesIntf->AddProperty("int_val", "i", PROP_ACCESS_RW);
@@ -768,7 +772,7 @@ int CDECL_CALL main(int argc, char** argv)
status = g_msgBus->Start();
if (ER_OK == status) {
if (secPolicy != AJ_IFC_SECURITY_INHERIT) {
- g_msgBus->EnablePeerSecurity(authMechs.c_str(), new MyAuthListener(userId, authCount), keyStore, keyStore != NULL);
+ g_msgBus->EnablePeerSecurity(authMechs.c_str(), g_myAuthListener, keyStore, true);
if (clearKeys) {
g_msgBus->ClearKeyStore();
}
@@ -915,9 +919,9 @@ int CDECL_CALL main(int argc, char** argv)
if ((remoteObj.IsSecure() || (secPolicy == AJ_IFC_SECURITY_REQUIRED)) && !g_msgBus->IsPeerSecurityEnabled()) {
QCC_SyncPrintf("Enabling peer security\n");
g_msgBus->EnablePeerSecurity("ALLJOYN_SRP_KEYX ALLJOYN_SRP_LOGON",
- new MyAuthListener(userId, authCount),
+ g_myAuthListener,
keyStore,
- keyStore != NULL);
+ true);
}
}
@@ -934,7 +938,7 @@ int CDECL_CALL main(int argc, char** argv)
MsgArg pingArgs[2];
const InterfaceDescription::Member* pingMethod;
const InterfaceDescription* ifc = remoteObj.GetInterface(::org::alljoyn::alljoyn_test::InterfaceName);
- if (ifc == NULL) {
+ if (ifc == nullptr) {
status = ER_BUS_NO_SUCH_INTERFACE;
QCC_SyncPrintf("Unable to Get InterfaceDecription for the %s interface\n",
::org::alljoyn::alljoyn_test::InterfaceName);
@@ -1065,13 +1069,16 @@ int CDECL_CALL main(int argc, char** argv)
/* Deallocate bus */
delete g_msgBus;
- g_msgBus = NULL;
+ g_msgBus = nullptr;
+
+ delete g_myAuthListener;
+ g_myAuthListener = nullptr;
delete g_busListener;
- g_busListener = NULL;
+ g_busListener = nullptr;
delete g_aboutListener;
- g_aboutListener = NULL;
+ g_aboutListener = nullptr;
if (status != ER_OK) {
break;
diff --git a/alljoyn_core/test/bbjoin.cc b/alljoyn_core/test/bbjoin.cc
index 7ccda77..68165da 100644
--- a/alljoyn_core/test/bbjoin.cc
+++ b/alljoyn_core/test/bbjoin.cc
@@ -1,4 +1,4 @@
-/* bbjoin - will join any names on multipoint session port 26.*/
+/* bbjoin - will join any names on session port 26.*/
/******************************************************************************
* Copyright (c) Open Connectivity Foundation (OCF), AllJoyn Open Source
@@ -70,14 +70,13 @@ const char* DefaultWellKnownName = "org.alljoyn.signals";
}
/** Static top level message bus object */
-static BusAttachment* g_msgBus = NULL;
+static BusAttachment* g_msgBus = nullptr;
static String g_wellKnownName = ::org::alljoyn::alljoyn_test::DefaultWellKnownName;
static bool g_acceptSession = true;
static bool g_stressTest = false;
-static char* g_findPrefix = NULL;
+static String g_findPrefix;
static int g_sleepBeforeRejoin = 0;
static int g_sleepBeforeLeave = 0;
-static int g_useCount = 0;
static bool g_useMultipoint = true;
static bool g_suppressNameOwnerChanged = false;
static bool g_keep_retrying_in_failure = false;
@@ -118,20 +117,28 @@ class MyBusListener : public BusListener, public SessionPortListener, public Ses
printf("=============> Session Established: joiner=%s, sessionId=%u\n", joiner, sessionId);
QStatus status = g_msgBus->SetSessionListener(sessionId, this);
if (ER_OK != status) {
- QCC_LogError(status, ("Failed to SetSessionListener(%u)", sessionId));
+ QCC_LogError(status, ("Failed to SetSessionListener(%u), quitting", sessionId));
+ g_interrupt = true;
}
}
void FoundAdvertisedName(const char* name, TransportMask transport, const char* namePrefix)
{
- printf("FoundAdvertisedName(name=%s, transport=0x%x, prefix=%s)\n", name, transport, namePrefix);
- if (strcmp(name, g_wellKnownName.c_str()) != 0) {
+ if ((g_wellKnownName != name) && (strncmp(name, g_findPrefix.c_str(), g_findPrefix.size()) == 0)) {
+ printf("FoundAdvertisedName(name=%s, transport=0x%x, prefix=%s)\n", name, transport, namePrefix);
SessionOpts::TrafficType traffic = SessionOpts::TRAFFIC_MESSAGES;
SessionOpts opts(traffic, g_useMultipoint, SessionOpts::PROXIMITY_ANY, transport);
- QStatus status = g_msgBus->JoinSessionAsync(name, SESSION_PORT, this, opts, this, ::strdup(name));
- if (ER_OK != status) {
- QCC_LogError(status, ("JoinSessionAsync(%s) failed \n", name));
+ char* context = ::strdup(name);
+ if (context != NULL) {
+ QStatus status = g_msgBus->JoinSessionAsync(name, SESSION_PORT, this, opts, this, context);
+ if (ER_OK != status) {
+ QCC_LogError(status, ("JoinSessionAsync(%s) failed, quitting", name));
+ free(context);
+ g_interrupt = true;
+ }
+ } else {
+ QCC_LogError(ER_OUT_OF_MEMORY, ("strdup(%s) failed, quitting", name));
g_interrupt = true;
}
}
@@ -142,21 +149,27 @@ class MyBusListener : public BusListener, public SessionPortListener, public Ses
const char* name = reinterpret_cast<const char*>(context);
if (status == ER_OK) {
- printf("JoinSessionAsync succeeded. SessionId=%u ===========================> %s\n", sessionId, name);
+ printf("JoinSessionAsync succeeded. SessionId=%u =============> %s\n", sessionId, name);
} else {
- QCC_LogError(status, ("JoinSessionCB failure "));
if (g_keep_retrying_in_failure) {
+ QCC_LogError(status, ("JoinSessionCB failure, retrying"));
/* Keep retrying inspite of failure. */
char* retryContext = ::strdup(name);
- SessionOpts::TrafficType traffic = SessionOpts::TRAFFIC_MESSAGES;
- SessionOpts opts1(traffic, g_useMultipoint, SessionOpts::PROXIMITY_ANY, TRANSPORT_ANY);
- QStatus status1 = g_msgBus->JoinSessionAsync(name, SESSION_PORT, this, opts1, this, retryContext);
- if (status1 != ER_OK) {
- QCC_LogError(status1, ("JoinSession retry failure"));
- free(retryContext);
+ if (retryContext != NULL) {
+ SessionOpts::TrafficType traffic = SessionOpts::TRAFFIC_MESSAGES;
+ SessionOpts opts1(traffic, g_useMultipoint, SessionOpts::PROXIMITY_ANY, TRANSPORT_ANY);
+ QStatus status1 = g_msgBus->JoinSessionAsync(name, SESSION_PORT, this, opts1, this, retryContext);
+ if (status1 != ER_OK) {
+ QCC_LogError(status1, ("JoinSessionAsync retry failure"));
+ free(retryContext);
+ }
+ } else {
+ QCC_LogError(ER_OUT_OF_MEMORY, ("strdup(%s) failed, quitting", name));
+ g_interrupt = true;
}
} else {
- QCC_LogError(status, ("JoinSessionAsyncCB: JoinSession failure"));
+ QCC_LogError(status, ("JoinSessionCB failure, quitting"));
+ g_interrupt = true;
}
}
@@ -168,6 +181,7 @@ class MyBusListener : public BusListener, public SessionPortListener, public Ses
g_msgBus->EnableConcurrentCallbacks();
+ QCC_ASSERT(sessionId != 0);
status = g_msgBus->LeaveSession(sessionId);
if (status == ER_OK) {
@@ -175,15 +189,26 @@ class MyBusListener : public BusListener, public SessionPortListener, public Ses
qcc::Sleep(g_sleepBeforeRejoin);
}
char* retryContext = ::strdup(name);
- status = g_msgBus->JoinSessionAsync(name, SESSION_PORT, this, opts, this, retryContext);
- if (status != ER_OK) {
- QCC_LogError(status, ("JoinSessionAsync failed"));
- free(retryContext);
+ if (retryContext != NULL) {
+ status = g_msgBus->JoinSessionAsync(name, SESSION_PORT, this, opts, this, retryContext);
+ if (status != ER_OK) {
+ QCC_LogError(status, ("JoinSessionAsync failed"));
+ free(retryContext);
+ }
+ } else {
+ QCC_LogError(ER_OUT_OF_MEMORY, ("strdup(%s) failed, quitting", name));
+ g_interrupt = true;
}
} else {
QCC_LogError(status, ("LeaveSession failed"));
}
+
+ if ((status != ER_OK) && !g_keep_retrying_in_failure) {
+ QCC_LogError(status, ("Failure in stress mode, quitting"));
+ g_interrupt = true;
+ }
}
+
free(context);
}
@@ -268,10 +293,17 @@ class MyAboutListener : public AboutListener {
SessionOpts opts(traffic, g_useMultipoint, SessionOpts::PROXIMITY_ANY, transport);
/* don't attempt to join self */
- if (strcmp(busName, g_msgBus->GetUniqueName().c_str()) != 0) {
- QStatus status = g_msgBus->JoinSessionAsync(busName, SESSION_PORT, busListener, opts, busListener, ::strdup(busName));
- if (ER_OK != status) {
- QCC_LogError(status, ("JoinSessionAsync(%s) failed \n", busName));
+ if ((g_msgBus->GetUniqueName() != busName) && (strncmp(busName, g_findPrefix.c_str(), g_findPrefix.size()) == 0)) {
+ char* context = ::strdup(busName);
+ if (context != NULL) {
+ QStatus status = g_msgBus->JoinSessionAsync(busName, SESSION_PORT, busListener, opts, busListener, context);
+ if (ER_OK != status) {
+ QCC_LogError(status, ("JoinSessionAsync(%s) failed, quitting", busName));
+ free(context);
+ g_interrupt = true;
+ }
+ } else {
+ QCC_LogError(ER_OUT_OF_MEMORY, ("strdup(%s) failed, quitting", busName));
g_interrupt = true;
}
}
@@ -288,7 +320,7 @@ class LocalTestObject : public BusObject {
{
QStatus status = ER_FAIL;
- InterfaceDescription* aboutIntf = NULL;
+ InterfaceDescription* aboutIntf = nullptr;
if (g_useAboutFeatureDiscovery && g_testAboutInterfaceName != "") {
status = bus.CreateInterface(g_testAboutInterfaceName.c_str(), aboutIntf);
if ((ER_OK == status) && aboutIntf) {
@@ -346,7 +378,7 @@ int CDECL_CALL main(int argc, char** argv)
const uint64_t startTime = GetTimestamp64(); // timestamp in milliseconds
QStatus status = ER_OK;
TransportMask transportOpts = TRANSPORT_ANY;
- AboutObj* aboutObj = NULL;
+ AboutObj* aboutObj = nullptr;
// echo command line to provide distinguishing information within multipoint session
for (int i = 0; i < argc; i++) {
printf("%s ", argv[i]);
@@ -437,8 +469,8 @@ int CDECL_CALL main(int argc, char** argv)
/* Create message bus */
g_msgBus = new BusAttachment("bbjoin", true, g_concurrent_threads);
- LocalTestObject* testObj = NULL;
- if (g_msgBus != NULL) {
+ LocalTestObject* testObj = nullptr;
+ if (g_msgBus != nullptr) {
status = g_msgBus->Start();
if (ER_OK != status) {
QCC_LogError(status, ("BusAttachment::Start failed"));
@@ -496,11 +528,11 @@ int CDECL_CALL main(int argc, char** argv)
g_aboutData.SetDeviceName("DeviceName");
//DeviceId is a string encoded 128bit UUID
g_aboutData.SetDeviceId("1273b650-49bc-11e4-916c-0800200c9a66");
- g_aboutData.SetAppName("bbservice");
+ g_aboutData.SetAppName("bbjoin");
g_aboutData.SetManufacturer("AllSeen Alliance");
g_aboutData.SetModelNumber("");
- g_aboutData.SetDescription("bbservice is a test application used to verify AllJoyn functionality");
- // software version of bbservice is the same as the AllJoyn version
+ g_aboutData.SetDescription("bbjoin is a test application used to verify AllJoyn functionality related to sessions");
+ // software version of bbjoin is the same as the AllJoyn version
g_aboutData.SetSoftwareVersion(ajn::GetVersion());
g_aboutData.SetTransportOpts(transportOpts);
aboutObj = new AboutObj(*g_msgBus);
@@ -520,7 +552,10 @@ int CDECL_CALL main(int argc, char** argv)
exit(-1);
}
- status = g_msgBus->FindAdvertisedNameByTransport(g_findPrefix ? g_findPrefix : "com", transportOpts);
+ if (g_findPrefix.empty()) {
+ g_findPrefix = "com";
+ }
+ status = g_msgBus->FindAdvertisedNameByTransport(g_findPrefix.c_str(), transportOpts);
if (status != ER_OK) {
QCC_LogError(status, ("FindAdvertisedName failed "));
exit(-1);
@@ -528,7 +563,7 @@ int CDECL_CALL main(int argc, char** argv)
}
}
- while ((g_interrupt == false) || (g_useCount > 0)) {
+ while (g_interrupt == false) {
qcc::Sleep(100);
}
diff --git a/alljoyn_core/test/marshal.cc b/alljoyn_core/test/marshal.cc
index 2f3742f..57dee24 100644
--- a/alljoyn_core/test/marshal.cc
+++ b/alljoyn_core/test/marshal.cc
@@ -64,7 +64,7 @@ using namespace std;
using namespace ajn;
-static BusAttachment* gBus;
+static BusAttachment* gBus = nullptr;
static bool fuzzing = false;
static bool nobig = false;
static bool quiet = false;
@@ -319,7 +319,7 @@ static QStatus TestMarshal(const MsgArg* argList, size_t numArgs, const char* ex
TestPipe stream;
MyMessage msg;
TestPipe* pStream = &stream;
- RemoteEndpoint ep(*gBus, falsiness, String::Empty, pStream);
+ RemoteEndpoint ep(*gBus, falsiness, pStream);
ep->GetFeatures().handlePassing = true;
if (numArgs == 0) {
@@ -1037,7 +1037,7 @@ QStatus TestMsgUnpack()
size_t numArgs = ArraySize(args);
double dbl = 0.9;
TestPipe* pStream = &stream;
- RemoteEndpoint ep(*gBus, falsiness, String::Empty, pStream);
+ RemoteEndpoint ep(*gBus, falsiness, pStream);
ep->GetFeatures().handlePassing = true;
MsgArg::Set(args, numArgs, "usyd", 4, "hello", 8, dbl);
@@ -1201,18 +1201,6 @@ int CDECL_CALL main(int argc, char** argv)
if (SignatureUtils::IsValidSignature(sig)) {
status = ER_FAIL;
}
- if (status == ER_OK) {
- sig[255] = 0;
- if (!SignatureUtils::IsValidSignature(sig)) {
- status = ER_FAIL;
- }
- }
- if (status == ER_OK) {
- sig[0] = 0;
- if (!SignatureUtils::IsValidSignature(sig)) {
- status = ER_FAIL;
- }
- }
}
/*
* Maximum nested arrays (32) and structs
@@ -1354,6 +1342,16 @@ int CDECL_CALL main(int argc, char** argv)
}
}
+ if (gBus != nullptr) {
+ if (gBus->IsConnected()) {
+ gBus->Disconnect();
+ }
+ status = gBus->Stop();
+ if (status == ER_OK) {
+ gBus->Join();
+ }
+ }
+
#ifdef ROUTER
AllJoynRouterShutdown();
#endif
diff --git a/alljoyn_core/test/mc-rcv.cc b/alljoyn_core/test/mc-rcv.cc
index ff9375c..c3d7e5a 100644
--- a/alljoyn_core/test/mc-rcv.cc
+++ b/alljoyn_core/test/mc-rcv.cc
@@ -25,8 +25,8 @@
* PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
* TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
- *
******************************************************************************/
+
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
diff --git a/alljoyn_core/test/mc-snd.cc b/alljoyn_core/test/mc-snd.cc
index d818e0d..c06668b 100644
--- a/alljoyn_core/test/mc-snd.cc
+++ b/alljoyn_core/test/mc-snd.cc
@@ -25,8 +25,8 @@
* PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
* TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
* PERFORMANCE OF THIS SOFTWARE.
- *
******************************************************************************/
+
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
diff --git a/alljoyn_core/test/remarshal.cc b/alljoyn_core/test/remarshal.cc
index 5ba4a1a..681ad89 100644
--- a/alljoyn_core/test/remarshal.cc
+++ b/alljoyn_core/test/remarshal.cc
@@ -58,7 +58,7 @@ using namespace qcc;
using namespace std;
using namespace ajn;
-static BusAttachment* gBus;
+static BusAttachment* gBus = nullptr;
class MyMessage : public _Message {
public:
@@ -131,7 +131,7 @@ static QStatus TestRemarshal(const MsgArg* argList, size_t numArgs, const char*
Pipe stream;
Pipe* pStream = &stream;
static const bool falsiness = false;
- RemoteEndpoint ep(*gBus, falsiness, String::Empty, pStream);
+ RemoteEndpoint ep(*gBus, falsiness, pStream);
MyMessage msg;
if (numArgs == 0) {
@@ -234,6 +234,16 @@ int CDECL_CALL main(int argc, char** argv)
}
printf("\n");
+ if (gBus != nullptr) {
+ if (gBus->IsConnected()) {
+ gBus->Disconnect();
+ }
+ status = gBus->Stop();
+ if (status == ER_OK) {
+ gBus->Join();
+ }
+ }
+
#ifdef ROUTER
AllJoynRouterShutdown();
#endif
diff --git a/alljoyn_core/unit_test/BusAttachmentTest.cc b/alljoyn_core/unit_test/BusAttachmentTest.cc
index fe16761..88aca86 100644
--- a/alljoyn_core/unit_test/BusAttachmentTest.cc
+++ b/alljoyn_core/unit_test/BusAttachmentTest.cc
@@ -66,14 +66,23 @@ class TestApplicationStateListener : public ApplicationStateListener {
}
};
+class TestECDHEAuthListener : public DefaultECDHEAuthListener {
+ public:
+ volatile int authCount;
+ TestECDHEAuthListener() : authCount(0) { }
+ virtual void AuthenticationComplete(const char*, const char*, bool) { ++authCount; }
+};
+
class BusAttachmentTest : public testing::Test {
public:
BusAttachment bus;
+ TestECDHEAuthListener* authListener;
TestApplicationStateListener testListener;
TestApplicationStateListener* nullListener;
BusAttachmentTest() :
bus("BusAttachmentTest", false),
+ authListener(nullptr),
nullListener(nullptr)
{
EXPECT_EQ(ER_OK, BusAttachment::DeleteDefaultKeyStore("BusAttachmentTest"));
@@ -89,6 +98,10 @@ class BusAttachmentTest : public testing::Test {
virtual void TearDown() {
bus.Stop();
bus.Join();
+ if (authListener != nullptr) {
+ delete authListener;
+ authListener = nullptr;
+ }
}
};
@@ -743,7 +756,6 @@ TEST_F(BusAttachmentTest, PingAsync_other_on_same_bus) {
TEST_F(BusAttachmentTest, BasicSecureConnection)
{
- DefaultECDHEAuthListener al;
BusAttachment otherBus("BusAttachmentOtherBus", false);
EXPECT_EQ(ER_OK, BusAttachment::DeleteDefaultKeyStore("BusAttachmentOtherBus"));
ASSERT_EQ(ER_BUS_NOT_CONNECTED, otherBus.SecureConnection(bus.GetUniqueName().c_str()));
@@ -753,10 +765,12 @@ TEST_F(BusAttachmentTest, BasicSecureConnection)
otherBus.Connect();
EXPECT_EQ(ER_BUS_SECURITY_NOT_ENABLED, otherBus.SecureConnection(bus.GetUniqueName().c_str()));
- EXPECT_EQ(ER_OK, otherBus.EnablePeerSecurity("ALLJOYN_ECDHE_NULL", &al, "myOtherTestKeyStore", true));
- EXPECT_EQ(ER_OK, bus.EnablePeerSecurity("ALLJOYN_ECDHE_NULL", &al, "myTestKeyStore", true));
+ authListener = new TestECDHEAuthListener();
+ EXPECT_EQ(ER_OK, otherBus.EnablePeerSecurity("ALLJOYN_ECDHE_NULL", authListener, "myOtherTestKeyStore", true));
+ EXPECT_EQ(ER_OK, bus.EnablePeerSecurity("ALLJOYN_ECDHE_NULL", authListener, "myTestKeyStore", true));
EXPECT_EQ(ER_OK, otherBus.SecureConnection(bus.GetUniqueName().c_str()));
+ EXPECT_EQ(authListener->authCount, 2);
otherBus.Stop();
otherBus.ClearKeyStore();
@@ -764,16 +778,8 @@ TEST_F(BusAttachmentTest, BasicSecureConnection)
bus.ClearKeyStore();
}
-class TestECDHEAuthListener : public DefaultECDHEAuthListener {
- public:
- volatile bool isComplete;
- TestECDHEAuthListener() : isComplete(false) { }
- virtual void AuthenticationComplete(const char*, const char*, bool) { isComplete = true; }
-};
-
TEST_F(BusAttachmentTest, BasicSecureConnectionAsync)
{
- DefaultECDHEAuthListener al;
BusAttachment otherBus("BusAttachmentOtherBus", false);
ASSERT_EQ(ER_BUS_NOT_CONNECTED, otherBus.SecureConnectionAsync(bus.GetUniqueName().c_str()));
otherBus.Start();
@@ -782,21 +788,21 @@ TEST_F(BusAttachmentTest, BasicSecureConnectionAsync)
otherBus.Connect();
EXPECT_EQ(ER_BUS_SECURITY_NOT_ENABLED, otherBus.SecureConnectionAsync(bus.GetUniqueName().c_str()));
- TestECDHEAuthListener otherBusAuthListener, busAuthListener;
- EXPECT_EQ(ER_OK, otherBus.EnablePeerSecurity("ALLJOYN_ECDHE_NULL", &otherBusAuthListener, "myOtherTestKeyStore", true));
- EXPECT_EQ(ER_OK, bus.EnablePeerSecurity("ALLJOYN_ECDHE_NULL", &busAuthListener, "myTestKeyStore", true));
+ authListener = new TestECDHEAuthListener();
+
+ EXPECT_EQ(ER_OK, otherBus.EnablePeerSecurity("ALLJOYN_ECDHE_NULL", authListener, "myOtherTestKeyStore", true));
+ EXPECT_EQ(ER_OK, bus.EnablePeerSecurity("ALLJOYN_ECDHE_NULL", authListener, "myTestKeyStore", true));
- EXPECT_EQ(ER_OK, otherBus.SecureConnectionAsync(bus.GetUniqueName().c_str()));
+ EXPECT_EQ(ER_OK, bus.SecureConnectionAsync(otherBus.GetUniqueName().c_str()));
// Wait for the authentication to complete.
for (int i = 0; i < 200; ++i) {
- if (otherBusAuthListener.isComplete && busAuthListener.isComplete) {
+ if (authListener->authCount == 2) {
break;
}
qcc::Sleep(WAIT_TIME_10);
}
- EXPECT_TRUE(otherBusAuthListener.isComplete);
- EXPECT_TRUE(busAuthListener.isComplete);
+ EXPECT_EQ(authListener->authCount, 2);
otherBus.Stop();
otherBus.ClearKeyStore();
diff --git a/alljoyn_core/unit_test/CredentialAccessorTest.cc b/alljoyn_core/unit_test/CredentialAccessorTest.cc
index d01dcaf..b95b9bb 100644
--- a/alljoyn_core/unit_test/CredentialAccessorTest.cc
+++ b/alljoyn_core/unit_test/CredentialAccessorTest.cc
@@ -595,8 +595,43 @@ static const char Rev0X103KeyStore[] = {
};
#else
-
+/**
+ * In case Crypto parameters change, this test will fail. The input is a Base64 encoded ciphertext, below is how it could be re-constructed:
+ *
+ * 1). leading 40 chars are the header part which will be stripped out by KeyStore by serveral "PullBytes" calls for version, lengh, etc. and
+ * they are not part of Decryption/Encryption.
+ *
+ * "AwEjAAAACEtbgok0cG9FkAZiTHILwWwBAAAAAAAA"
+ *
+ * After Base64 decoding the length is 30 bytes;
+ *
+ * 2). The rest part should be 364 bytes long after Base64 decoding, which contains 348 bytes of Ciphertext and 16 bytes of Tag. To compute the
+ * right input, either start from your own Cleartext, or first Base64 decode the following string, then use the same Crypto, nonce, key to do a
+ * Encrypt_CCM, which will compute a tag and append to the end of the Ciphtertext.
+ *
+ * "DQAAAM9eg8ltGrz5qniR1pWyN3jhAfmIigAAAAAAJwAAFwBUaGlzIGlzIHRoZSBw"
+ * "ZWVyIHNlY3JldAAAAAAAFgAAALk60g9MFjECwVYBNgtuCbzBARyJigAAAAAAXwAA"
+ * "GQBUaGlzIGlzIHRoZSBwZWVyIHNlY3JldCAyAAAAAAASAAAAcSWw2r7sBeb4KeMo"
+ * "FGRuxsEGCImKAAAAAABHAAAYAFRoaXMgaXMgdGhlIGN1c3RvbSBrZXkgMRBHTBKU"
+ * "h8QyEGP8f/aConjxAAAAABEAAABHTBKUh8QyEGP8f/aConjx4QH5iIoAAAAAAEIA"
+ * "ABcAVGhpcyBpcyB0aGUgcGVlciBzZWNyZXQAAAAAAA8AAAAI2pMoWbvvcwCC1qvq"
+ * "RXx+wQbqiIoAAAAAAD4AABUAQmxvYiBmb3IgY3VzdG9tIGtleSAyEM9eg8ltGrz5"
+ * "qniR1pWyN3gAAAAA";
+ *
+ * 3). Encode the Ciphertext and prepend the string from Step #1)
+ */
static const char Rev0X103KeyStore[] = {
+#ifdef QCC_LINUX_OPENSSL_GT_1_1_X
+ "AwEjAAAACEtbgok0cG9FkAZiTHILwWwBAAAAAAAA"
+ "6EzFwX0Z3vdzWJUTsRQdGo2+uUA7ixOSwt/j5Vfb8xDVkZkp6qqbtI3AOx4iZpy+"
+ "n3Db7hbSxLLg6+2qIOEJAn/ThAc9jQKYm8lVUApYOX2shcomLAdAgPG7ShArVrCz"
+ "1dlR1BhjjZ/gO5lOPvth05z8mcr5mHLOle3HjKONk2Nm+2dilSJzl2CwKPL+h2/f"
+ "JNp1MPJqbT7X2d227mIjAPRK8WX5BUJ+A7wdXqmLh67TEw00uMcLyB9yVrtFwmnC"
+ "9uHV8iL65d8ZYMLraIGax5Cle05oS+RdUImBjQz2POwEmBekJCWPs0F/7zQgSBjq"
+ "mBj+cfjfLbGQND+KHP5HrzQU89yWOmZlaer+DMkAFPWd3KNu+S+OZFc1d2UZ60H2"
+ "y2ZEAdUeHjUYz1gj4nrRgATChbkiaXmkvUKc2HhS8alfF+DjyjO5oX0O3tV9NRPl"
+ "fT7MZAaWq+RV0TG+q+U8YpZfg85XyuHKj1g+8g=="
+#else
"AwEjAAAACEtbgok0cG9FkAZiTHILwWwBAAAAAAAA4jYH7mABwaANNQGjS70p"
"JlYX7kbxeF02f/K0iTrVcQGe343Yz60DjEo9cG8Gam5jngLGS3k4+etaHjEo"
"C/Q8GX8eQTtk7hhewBt7U4zHzhQnlIST0y8ZXMYgDaCvwv6LY8vriQLSs0Qo"
@@ -606,8 +641,8 @@ static const char Rev0X103KeyStore[] = {
"kfaOjXVjwlSdVHaymkLN+vRp43Vfm3zqwcICwhVAdukv/ubr/PJBAVNEu9EJ"
"cPHY1bVUcQUdDcUfPMFs4zYhSEdat0yghfhMyiIjTNWRFSpIU/Bn9BpgWXVn"
"7vSFQOmd2b+2gO271nSBT3QXdFdLRK0S3rznBBBoveJlyA=="
+#endif //QCC_LINUX_OPENSSL_GT_1_1_X
};
-
#endif
static const char Rev0X103KeyStorePwd[] = {
diff --git a/alljoyn_core/unit_test/MarshalTest.cc b/alljoyn_core/unit_test/MarshalTest.cc
index d656fe3..c25d858 100644
--- a/alljoyn_core/unit_test/MarshalTest.cc
+++ b/alljoyn_core/unit_test/MarshalTest.cc
@@ -287,7 +287,7 @@ TEST(MarshalTest, TestMsgUnpack) {
TestPipe* pStream = &stream;
static const bool falsiness = false;
- RemoteEndpoint ep(*bus, falsiness, String::Empty, pStream);
+ RemoteEndpoint ep(*bus, falsiness, pStream);
ep->GetFeatures().handlePassing = true;
MsgArg::Set(args, numArgs, "usyd", 4, "hello", 8, d);
@@ -334,7 +334,7 @@ TEST(MarshalTest, ReplayProtection) {
TestPipe* pStream = &stream;
static const bool falsiness = false;
- RemoteEndpoint ep(*bus, falsiness, String::Empty, pStream);
+ RemoteEndpoint ep(*bus, falsiness, pStream);
ep->GetFeatures().handlePassing = true;
MsgArg::Set(args, numArgs, "usyd", 4, "hello", 8, d);
@@ -600,7 +600,7 @@ static QStatus TestMarshal(const MsgArg* argList, size_t numArgs, const char* ex
TestPipe* pStream = &stream;
static const bool falsiness = false;
- RemoteEndpoint ep(*fuzzingBus, falsiness, String::Empty, pStream);
+ RemoteEndpoint ep(*fuzzingBus, falsiness, pStream);
ep->GetFeatures().handlePassing = true;
if (numArgs == 0) {
diff --git a/alljoyn_core/unit_test/PermissionMgmtTest.cc b/alljoyn_core/unit_test/PermissionMgmtTest.cc
index 671c56e..739983b 100644
--- a/alljoyn_core/unit_test/PermissionMgmtTest.cc
+++ b/alljoyn_core/unit_test/PermissionMgmtTest.cc
@@ -48,9 +48,9 @@
#include "ajTestCommon.h"
#include "KeyInfoHelper.h"
#include "CredentialAccessor.h"
-#include "PermissionMgmtObj.h"
#include "PermissionMgmtTest.h"
#include "BusInternal.h"
+#include "SecurityTestHelper.h"
#include <vector>
#include <string>
@@ -61,12 +61,10 @@ using namespace std;
const char* BasePermissionMgmtTest::INTERFACE_NAME = "org.allseen.Security.PermissionMgmt";
const char* BasePermissionMgmtTest::ONOFF_IFC_NAME = "org.allseenalliance.control.OnOff";
const char* BasePermissionMgmtTest::TV_IFC_NAME = "org.allseenalliance.control.TV";
-
-static void BuildValidity(CertificateX509::ValidPeriod& validity, uint32_t expiredInSecs)
-{
- validity.validFrom = qcc::GetEpochTimestamp() / 1000;
- validity.validTo = validity.validFrom + expiredInSecs;
-}
+const char* BasePermissionMgmtTest::ADMIN_BUS_NAME = "PermissionMgmtTestAdmin";
+const char* BasePermissionMgmtTest::SERVICE_BUS_NAME = "PermissionMgmtTestService";
+const char* BasePermissionMgmtTest::CONSUMER_BUS_NAME = "PermissionMgmtTestConsumer";
+const char* BasePermissionMgmtTest::RC_BUS_NAME = "PermissionMgmtTestRemoteControl";
void TestApplicationStateListener::State(const char* busName, const qcc::KeyInfoNISTP256& publicKeyInfo, PermissionConfigurator::ApplicationState state)
{
@@ -87,276 +85,6 @@ void TestPermissionConfigurationListener::PolicyChanged()
policyChangedReceived = true;
}
-QStatus PermissionMgmtTestHelper::CreateIdentityCertChain(BusAttachment& caBus, BusAttachment& issuerBus, const qcc::String& serial, const qcc::String& subject, const ECCPublicKey* subjectPubKey, const qcc::String& alias, uint32_t expiredInSecs, qcc::IdentityCertificate* certChain, size_t chainCount)
-{
- if (chainCount > 3) {
- return ER_INVALID_DATA;
- }
- QStatus status = ER_CRYPTO_ERROR;
-
- qcc::GUID128 ca(0);
- GetGUID(caBus, ca);
- String caStr = ca.ToString();
- PermissionConfigurator& caPC = caBus.GetPermissionConfigurator();
- if (chainCount == 3) {
- /* generate the self signed CA cert */
- String caSerial = serial + "02";
- certChain[2].SetSerial(reinterpret_cast<const uint8_t*>(caSerial.data()), caSerial.size());
- certChain[2].SetIssuerCN((const uint8_t*) caStr.data(), caStr.size());
- certChain[2].SetSubjectCN((const uint8_t*) caStr.data(), caStr.size());
- CertificateX509::ValidPeriod validity;
- BuildValidity(validity, expiredInSecs);
- certChain[2].SetValidity(&validity);
- certChain[2].SetCA(true);
- KeyInfoNISTP256 keyInfo;
- caPC.GetSigningPublicKey(keyInfo);
- certChain[2].SetSubjectPublicKey(keyInfo.GetPublicKey());
- status = caPC.SignCertificate(certChain[2]);
- if (ER_OK != status) {
- return status;
- }
- }
-
- /* generate the issuer cert */
- qcc::GUID128 issuer(0);
- GetGUID(issuerBus, issuer);
- String issuerStr = issuer.ToString();
-
- String issuerSerial = serial + "01";
- certChain[1].SetSerial(reinterpret_cast<const uint8_t*>(issuerSerial.data()), issuerSerial.size());
- certChain[1].SetIssuerCN((const uint8_t*) caStr.data(), caStr.size());
- certChain[1].SetSubjectCN((const uint8_t*) issuerStr.data(), issuerStr.size());
- CertificateX509::ValidPeriod validity;
- BuildValidity(validity, expiredInSecs);
- certChain[1].SetValidity(&validity);
- certChain[1].SetCA(true);
- PermissionConfigurator& pc = issuerBus.GetPermissionConfigurator();
- KeyInfoNISTP256 keyInfo;
- pc.GetSigningPublicKey(keyInfo);
- certChain[1].SetSubjectPublicKey(keyInfo.GetPublicKey());
-
- status = caPC.SignCertificate(certChain[1]);
- if (ER_OK != status) {
- return status;
- }
-
- /* generate the leaf cert */
- certChain[0].SetSerial(reinterpret_cast<const uint8_t*>(serial.data()), serial.size());
- certChain[0].SetIssuerCN((const uint8_t*) issuerStr.data(), issuerStr.size());
- certChain[0].SetSubjectCN((const uint8_t*) subject.data(), subject.size());
- certChain[0].SetSubjectPublicKey(subjectPubKey);
- certChain[0].SetAlias(alias);
- certChain[0].SetValidity(&validity);
-
- /* use the issuer bus to sign the cert */
- status = pc.SignCertificate(certChain[0]);
- if (ER_OK != status) {
- return status;
- }
-
- status = certChain[0].Verify(certChain[1].GetSubjectPublicKey());
- if (ER_OK != status) {
- return status;
- }
-
- return ER_OK;
-}
-
-QStatus PermissionMgmtTestHelper::CreateAllInclusiveManifest(Manifest& manifest)
-{
- // All Inclusive manifest
- const size_t manifestSize = 1;
- PermissionPolicy::Rule manifestRules[manifestSize];
- manifestRules[0].SetObjPath("*");
- manifestRules[0].SetInterfaceName("*");
- {
- PermissionPolicy::Rule::Member member[3];
- member[0].Set("*", PermissionPolicy::Rule::Member::METHOD_CALL,
- PermissionPolicy::Rule::Member::ACTION_PROVIDE |
- PermissionPolicy::Rule::Member::ACTION_MODIFY);
- member[1].Set("*", PermissionPolicy::Rule::Member::SIGNAL,
- PermissionPolicy::Rule::Member::ACTION_PROVIDE |
- PermissionPolicy::Rule::Member::ACTION_OBSERVE);
- member[2].Set("*", PermissionPolicy::Rule::Member::PROPERTY,
- PermissionPolicy::Rule::Member::ACTION_PROVIDE |
- PermissionPolicy::Rule::Member::ACTION_MODIFY |
- PermissionPolicy::Rule::Member::ACTION_OBSERVE);
-
- manifestRules[0].SetMembers(ArraySize(member), member);
- }
- return manifest->SetRules(manifestRules, manifestSize);
-}
-
-QStatus PermissionMgmtTestHelper::SignManifests(BusAttachment& issuerBus, const qcc::CertificateX509& subjectCertificate, std::vector<Manifest>& manifests)
-{
- for (Manifest manifest : manifests) {
- QStatus status = SignManifest(issuerBus, subjectCertificate, manifest);
- if (ER_OK != status) {
- return status;
- }
- }
-
- return ER_OK;
-}
-
-QStatus PermissionMgmtTestHelper::SignManifest(BusAttachment& issuerBus, const qcc::CertificateX509& subjectCertificate, Manifest& manifest)
-{
- return issuerBus.GetPermissionConfigurator().ComputeThumbprintAndSignManifest(subjectCertificate, manifest);
-}
-
-QStatus ajn::PermissionMgmtTestHelper::SignManifest(BusAttachment& issuerBus, const qcc::CertificateX509& subjectCertificate, AJ_PCSTR unsignedManifestXml, string& signedManifestXml)
-{
- CredentialAccessor ca(issuerBus);
- ECCPrivateKey privateKey;
- AJ_PSTR signedManifestXmlC = nullptr;
- QStatus status = ca.GetDSAPrivateKey(privateKey);
- if (ER_OK != status) {
- return status;
- }
-
- status = SecurityApplicationProxy::SignManifest(subjectCertificate, privateKey, unsignedManifestXml, &signedManifestXmlC);
-
- if (ER_OK != status) {
- return status;
- }
-
- signedManifestXml = signedManifestXmlC;
- SecurityApplicationProxy::DestroySignedManifest(signedManifestXmlC);
-
- return ER_OK;
-}
-
-QStatus PermissionMgmtTestHelper::SignManifest(BusAttachment& issuerBus, const std::vector<uint8_t>& subjectThumbprint, Manifest& manifest)
-{
- return issuerBus.GetPermissionConfigurator().SignManifest(subjectThumbprint, manifest);
-}
-
-QStatus PermissionMgmtTestHelper::CreateIdentityCert(BusAttachment& issuerBus, const qcc::String& serial, const qcc::String& subject, const ECCPublicKey* subjectPubKey, const qcc::String& alias, uint32_t expiredInSecs, qcc::IdentityCertificate& cert, bool setEmptyAKI)
-{
- qcc::GUID128 issuer(0);
- GetGUID(issuerBus, issuer);
-
- QStatus status = ER_CRYPTO_ERROR;
-
- cert.SetSerial(reinterpret_cast<const uint8_t*>(serial.data()), serial.size());
- String issuerStr = issuer.ToString();
- cert.SetIssuerCN((const uint8_t*) issuerStr.data(), issuerStr.size());
- cert.SetSubjectCN((const uint8_t*) subject.data(), subject.size());
- cert.SetSubjectPublicKey(subjectPubKey);
- cert.SetAlias(alias);
- CertificateX509::ValidPeriod validity;
- BuildValidity(validity, expiredInSecs);
- cert.SetValidity(&validity);
-
- /* use the issuer bus to sign the cert */
- PermissionConfigurator& pc = issuerBus.GetPermissionConfigurator();
- if (setEmptyAKI) {
- CredentialAccessor ca(issuerBus);
- ECCPrivateKey privateKey;
- status = ca.GetDSAPrivateKey(privateKey);
- if (ER_OK != status) {
- return status;
- }
- status = cert.Sign(&privateKey);
- } else {
- status = pc.SignCertificate(cert);
- }
- if (ER_OK != status) {
- return status;
- }
-
- KeyInfoNISTP256 keyInfo;
- pc.GetSigningPublicKey(keyInfo);
- status = cert.Verify(keyInfo.GetPublicKey());
- if (ER_OK != status) {
- return status;
- }
-
- return ER_OK;
-}
-
-QStatus PermissionMgmtTestHelper::SetCAFlagOnCert(BusAttachment& issuerBus, qcc::CertificateX509& certificate)
-{
- certificate.SetCA(true);
- PermissionConfigurator& pc = issuerBus.GetPermissionConfigurator();
- return pc.SignCertificate(certificate);
-}
-
-QStatus PermissionMgmtTestHelper::CreateIdentityCert(BusAttachment& issuerBus, const qcc::String& serial, const qcc::String& subject, const ECCPublicKey* subjectPubKey, const qcc::String& alias, uint32_t expiredInSecs, qcc::String& der)
-{
- IdentityCertificate cert;
- QStatus status = CreateIdentityCert(issuerBus, serial, subject, subjectPubKey, alias, expiredInSecs, cert);
- if (ER_OK != status) {
- return status;
- }
- return cert.EncodeCertificateDER(der);
-}
-
-QStatus PermissionMgmtTestHelper::CreateIdentityCert(BusAttachment& issuerBus, const qcc::String& serial, const qcc::String& subject, const ECCPublicKey* subjectPubKey, const qcc::String& alias, qcc::String& der)
-{
- /* expire the cert in 1 hour */
- return CreateIdentityCert(issuerBus, serial, subject, subjectPubKey, alias, 24 * 3600, der);
-}
-
-QStatus PermissionMgmtTestHelper::CreateMembershipCert(const String& serial, BusAttachment& signingBus, const qcc::String& subject, const ECCPublicKey* subjectPubKey, const qcc::GUID128& guild, bool delegate, uint32_t expiredInSecs, qcc::MembershipCertificate& cert, bool setEmptyAKI)
-{
- qcc::GUID128 issuer(0);
- GetGUID(signingBus, issuer);
-
- if (subject.empty()) {
- /* Produce log output for the test run. */
- EXPECT_TRUE(false) << "TEST BUG: Subject given to CreateMembershipCert cannot be empty";
- return ER_BAD_ARG_3;
- }
-
- cert.SetSerial(reinterpret_cast<const uint8_t*>(serial.data()), serial.size());
- String issuerStr = issuer.ToString();
- cert.SetIssuerCN((const uint8_t*) issuerStr.data(), issuerStr.size());
- cert.SetSubjectCN((const uint8_t*) subject.data(), subject.size());
- cert.SetSubjectPublicKey(subjectPubKey);
- cert.SetGuild(guild);
- cert.SetCA(delegate);
- CertificateX509::ValidPeriod validity;
- BuildValidity(validity, expiredInSecs);
- cert.SetValidity(&validity);
- /* use the signing bus to sign the cert */
- PermissionConfigurator& pc = signingBus.GetPermissionConfigurator();
- QStatus status = ER_CRYPTO_ERROR;
- if (setEmptyAKI) {
- CredentialAccessor ca(signingBus);
- ECCPrivateKey privateKey;
- status = ca.GetDSAPrivateKey(privateKey);
- if (ER_OK != status) {
- return status;
- }
- status = cert.Sign(&privateKey);
- } else {
- status = pc.SignCertificate(cert);
- }
- return status;
-}
-
-QStatus PermissionMgmtTestHelper::CreateMembershipCert(const String& serial, BusAttachment& signingBus, const qcc::String& subject, const ECCPublicKey* subjectPubKey, const qcc::GUID128& guild, bool delegate, uint32_t expiredInSecs, qcc::String& der)
-{
- MembershipCertificate cert;
- QStatus status = CreateMembershipCert(serial, signingBus, subject, subjectPubKey, guild, delegate, expiredInSecs, cert);
- if (ER_OK != status) {
- return status;
- }
- return cert.EncodeCertificateDER(der);
-}
-
-QStatus PermissionMgmtTestHelper::CreateMembershipCert(const String& serial, BusAttachment& signingBus, const qcc::String& subject, const ECCPublicKey* subjectPubKey, const qcc::GUID128& guild, bool delegate, qcc::String& der)
-{
- /* expire the cert in 1 hour */
- return CreateMembershipCert(serial, signingBus, subject, subjectPubKey, guild, delegate, 24 * 3600, der);
-}
-
-QStatus PermissionMgmtTestHelper::CreateMembershipCert(const String& serial, BusAttachment& signingBus, const qcc::String& subject, const ECCPublicKey* subjectPubKey, const qcc::GUID128& guild, qcc::String& der)
-{
- return CreateMembershipCert(serial, signingBus, subject, subjectPubKey, guild, false, der);
-}
-
QStatus BasePermissionMgmtTest::InterestInChannelChangedSignal(BusAttachment* bus)
{
const char* tvChannelChangedMatchRule = "type='signal',interface='" "org.allseenalliance.control.TV" "',member='ChannelChanged'";
@@ -412,13 +140,13 @@ void BasePermissionMgmtTest::TearDown()
status = TeardownBus(remoteControlBus);
EXPECT_EQ(ER_OK, status) << " Actual Status: " << QCC_StatusText(status);
delete serviceKeyListener;
- serviceKeyListener = NULL;
+ serviceKeyListener = nullptr;
delete adminKeyListener;
- adminKeyListener = NULL;
+ adminKeyListener = nullptr;
delete consumerKeyListener;
- consumerKeyListener = NULL;
+ consumerKeyListener = nullptr;
delete remoteControlKeyListener;
- remoteControlKeyListener = NULL;
+ remoteControlKeyListener = nullptr;
}
void BasePermissionMgmtTest::PropertiesChanged(ProxyBusObject& obj, const char* ifaceName, const MsgArg& changed, const MsgArg& invalidated, void* context)
@@ -447,7 +175,7 @@ static AuthListener* GenAuthListener(const char* keyExchange) {
if (strstr(keyExchange, "ECDHE_PSK")) {
qcc::String psk("38347892FFBEF5B2442AEDE9E53C4B32");
DefaultECDHEAuthListener* authListener = new DefaultECDHEAuthListener();
- PermissionMgmtTestHelper::CallDeprecatedSetPSK(authListener, reinterpret_cast<const uint8_t*>(psk.data()), psk.size());
+ SecurityTestHelper::CallDeprecatedSetPSK(authListener, reinterpret_cast<const uint8_t*>(psk.data()), psk.size());
return authListener;
}
return new DefaultECDHEAuthListener();
@@ -459,16 +187,16 @@ void BasePermissionMgmtTest::EnableSecurity(const char* keyExchange)
}
delete adminKeyListener;
adminKeyListener = GenAuthListener(keyExchange);
- adminBus.EnablePeerSecurity(keyExchange, adminKeyListener, NULL, true);
+ adminBus.EnablePeerSecurity(keyExchange, adminKeyListener, nullptr, true);
delete serviceKeyListener;
serviceKeyListener = GenAuthListener(keyExchange);
- serviceBus.EnablePeerSecurity(keyExchange, serviceKeyListener, NULL, false, &testPCL);
+ serviceBus.EnablePeerSecurity(keyExchange, serviceKeyListener, nullptr, false, &testPCL);
delete consumerKeyListener;
consumerKeyListener = GenAuthListener(keyExchange);
- consumerBus.EnablePeerSecurity(keyExchange, consumerKeyListener, NULL, false, &testPCL);
+ consumerBus.EnablePeerSecurity(keyExchange, consumerKeyListener, nullptr, false, &testPCL);
delete remoteControlKeyListener;
remoteControlKeyListener = GenAuthListener(keyExchange);
- remoteControlBus.EnablePeerSecurity(keyExchange, remoteControlKeyListener, NULL, false, &testPCL);
+ remoteControlBus.EnablePeerSecurity(keyExchange, remoteControlKeyListener, nullptr, false, &testPCL);
authMechanisms = keyExchange;
}
@@ -480,14 +208,14 @@ const qcc::String& BasePermissionMgmtTest::GetAuthMechanisms() const
void BasePermissionMgmtTest::CreateOnOffAppInterface(BusAttachment& bus, bool addService)
{
/* create/activate alljoyn_interface */
- InterfaceDescription* ifc = NULL;
+ InterfaceDescription* ifc = nullptr;
QStatus status = bus.CreateInterface(BasePermissionMgmtTest::ONOFF_IFC_NAME, ifc, AJ_IFC_SECURITY_REQUIRED);
EXPECT_EQ(ER_OK, status) << " Actual Status: " << QCC_StatusText(status);
- EXPECT_TRUE(ifc != NULL);
- if (ifc != NULL) {
- status = ifc->AddMember(MESSAGE_METHOD_CALL, "On", NULL, NULL, NULL);
+ EXPECT_TRUE(ifc != nullptr);
+ if (ifc != nullptr) {
+ status = ifc->AddMember(MESSAGE_METHOD_CALL, "On", nullptr, nullptr, nullptr);
EXPECT_EQ(ER_OK, status) << " Actual Status: " << QCC_StatusText(status);
- status = ifc->AddMember(MESSAGE_METHOD_CALL, "Off", NULL, NULL, NULL);
+ status = ifc->AddMember(MESSAGE_METHOD_CALL, "Off", nullptr, nullptr, nullptr);
EXPECT_EQ(ER_OK, status) << " Actual Status: " << QCC_StatusText(status);
ifc->Activate();
}
@@ -503,20 +231,20 @@ void BasePermissionMgmtTest::CreateOnOffAppInterface(BusAttachment& bus, bool ad
void BasePermissionMgmtTest::CreateTVAppInterface(BusAttachment& bus, bool addService)
{
/* create/activate alljoyn_interface */
- InterfaceDescription* ifc = NULL;
+ InterfaceDescription* ifc = nullptr;
QStatus status = bus.CreateInterface(BasePermissionMgmtTest::TV_IFC_NAME, ifc, AJ_IFC_SECURITY_REQUIRED);
EXPECT_EQ(ER_OK, status) << " Actual Status: " << QCC_StatusText(status);
- EXPECT_TRUE(ifc != NULL);
- if (ifc != NULL) {
- status = ifc->AddMember(MESSAGE_METHOD_CALL, "Up", NULL, NULL, NULL);
+ EXPECT_TRUE(ifc != nullptr);
+ if (ifc != nullptr) {
+ status = ifc->AddMember(MESSAGE_METHOD_CALL, "Up", nullptr, nullptr, nullptr);
EXPECT_EQ(ER_OK, status) << " Actual Status: " << QCC_StatusText(status);
- status = ifc->AddMember(MESSAGE_METHOD_CALL, "Down", NULL, NULL, NULL);
+ status = ifc->AddMember(MESSAGE_METHOD_CALL, "Down", nullptr, nullptr, nullptr);
EXPECT_EQ(ER_OK, status) << " Actual Status: " << QCC_StatusText(status);
- status = ifc->AddMember(MESSAGE_METHOD_CALL, "Channel", NULL, NULL, NULL);
+ status = ifc->AddMember(MESSAGE_METHOD_CALL, "Channel", nullptr, nullptr, nullptr);
EXPECT_EQ(ER_OK, status) << " Actual Status: " << QCC_StatusText(status);
- status = ifc->AddMember(MESSAGE_METHOD_CALL, "Mute", NULL, NULL, NULL);
+ status = ifc->AddMember(MESSAGE_METHOD_CALL, "Mute", nullptr, nullptr, nullptr);
EXPECT_EQ(ER_OK, status) << " Actual Status: " << QCC_StatusText(status);
- status = ifc->AddMember(MESSAGE_METHOD_CALL, "InputSource", NULL, NULL, NULL);
+ status = ifc->AddMember(MESSAGE_METHOD_CALL, "InputSource", nullptr, nullptr, nullptr);
EXPECT_EQ(ER_OK, status) << " Actual Status: " << QCC_StatusText(status);
#if defined(__GNUC__)
#pragma GCC diagnostic push
@@ -541,7 +269,7 @@ void BasePermissionMgmtTest::CreateTVAppInterface(BusAttachment& bus, bool addSe
ifc->Activate();
status = bus.RegisterSignalHandler(this,
- static_cast<MessageReceiver::SignalHandler>(&BasePermissionMgmtTest::ChannelChangedSignalHandler), ifc->GetMember("ChannelChanged"), NULL);
+ static_cast<MessageReceiver::SignalHandler>(&BasePermissionMgmtTest::ChannelChangedSignalHandler), ifc->GetMember("ChannelChanged"), nullptr);
EXPECT_EQ(ER_OK, status) << " Failed to register channel changed signal handler. Actual Status: " << QCC_StatusText(status);
status = InterestInChannelChangedSignal(&bus);
EXPECT_EQ(ER_OK, status) << " Failed to show interest in channel changed signal. Actual Status: " << QCC_StatusText(status);
@@ -674,10 +402,10 @@ void BasePermissionMgmtTest::TVChannelChanged(const InterfaceDescription::Member
MsgArg args[1];
args[0].Set("u", currentTVChannel);
if (sendMethod == SEND_SIGNAL_SESSIONCAST) {
- Signal(NULL, SESSION_ID_ALL_HOSTED, *member->iface->GetMember("ChannelChanged"), args, 1, 0, 0);
+ Signal(nullptr, SESSION_ID_ALL_HOSTED, *member->iface->GetMember("ChannelChanged"), args, 1, 0, 0);
} else if (sendMethod == SEND_SIGNAL_BROADCAST) {
/* sending a broadcast signal */
- Signal(NULL, 0, *member->iface->GetMember("ChannelChanged"), args, 1, 0, 0);
+ Signal(nullptr, 0, *member->iface->GetMember("ChannelChanged"), args, 1, 0, 0);
} else {
Signal(consumerBus.GetUniqueName().c_str(), 0, *member->iface->GetMember("ChannelChanged"), args, 1, 0, 0);
Signal(remoteControlBus.GetUniqueName().c_str(), 0, *member->iface->GetMember("ChannelChanged"), args, 1, 0, 0);
@@ -736,183 +464,6 @@ void BasePermissionMgmtTest::DetermineStateSignalReachable()
SetApplicationStateSignalReceived(false);
}
-bool PermissionMgmtTestHelper::IsPermissionDeniedError(QStatus status, Message& msg)
-{
- if (ER_PERMISSION_DENIED == status) {
- return true;
- }
- if (ER_BUS_REPLY_IS_ERROR_MESSAGE == status) {
- qcc::String errorMsg;
- const char* errorName = msg->GetErrorName(&errorMsg);
- if (errorName == NULL) {
- return false;
- }
- if (strcmp(errorName, "org.alljoyn.Bus.Security.Error.PermissionDenied") == 0) {
- return true;
- }
- if (strcmp(errorName, "org.alljoyn.Bus.ErStatus") != 0) {
- return false;
- }
- if (errorMsg == "ER_PERMISSION_DENIED") {
- return true;
- }
- }
- return false;
-}
-
-QStatus PermissionMgmtTestHelper::RetrievePublicKeyFromMsgArg(MsgArg& arg, ECCPublicKey* pubKey)
-{
- uint8_t keyFormat;
- MsgArg* variantArg;
- QStatus status = arg.Get("(yv)", &keyFormat, &variantArg);
- if (ER_OK != status) {
- return status;
- }
- if (keyFormat != KeyInfo::FORMAT_ALLJOYN) {
- return status;
- }
- uint8_t* kid;
- size_t kidLen;
- uint8_t keyUsageType;
- uint8_t keyType;
- MsgArg* keyVariantArg;
- status = variantArg->Get("(ayyyv)", &kidLen, &kid, &keyUsageType, &keyType, &keyVariantArg);
- if (ER_OK != status) {
- return status;
- }
- if ((keyUsageType != KeyInfo::USAGE_SIGNING) && (keyUsageType != KeyInfo::USAGE_ENCRYPTION)) {
- return status;
- }
- if (keyType != KeyInfoECC::KEY_TYPE) {
- return status;
- }
- uint8_t algorithm;
- uint8_t curve;
- MsgArg* curveVariant;
- status = keyVariantArg->Get("(yyv)", &algorithm, &curve, &curveVariant);
- if (ER_OK != status) {
- return status;
- }
- if (curve != Crypto_ECC::ECC_NIST_P256) {
- return status;
- }
-
- uint8_t* xCoord;
- size_t xLen;
- uint8_t* yCoord;
- size_t yLen;
- status = curveVariant->Get("(ayay)", &xLen, &xCoord, &yLen, &yCoord);
- if (ER_OK != status) {
- return status;
- }
- if ((xLen != ECC_COORDINATE_SZ) || (yLen != ECC_COORDINATE_SZ)) {
- return status;
- }
- return pubKey->Import(xCoord, xLen, yCoord, yLen);
-}
-
-QStatus PermissionMgmtTestHelper::ReadClaimResponse(Message& msg, ECCPublicKey* pubKey)
-{
- return RetrievePublicKeyFromMsgArg((MsgArg&) *msg->GetArg(0), pubKey);
-}
-
-QStatus PermissionMgmtTestHelper::RetrieveDSAPublicKeyFromKeyStore(BusAttachment& bus, ECCPublicKey* publicKey)
-{
- CredentialAccessor ca(bus);
- return ca.GetDSAPublicKey(*publicKey);
-}
-
-QStatus PermissionMgmtTestHelper::LoadCertificateBytes(Message& msg, CertificateX509& cert)
-{
- uint8_t encoding;
- uint8_t* encoded;
- size_t encodedLen;
- QStatus status = msg->GetArg(0)->Get("(yay)", &encoding, &encodedLen, &encoded);
- if (ER_OK != status) {
- return status;
- }
- status = ER_NOT_IMPLEMENTED;
- if (encoding == CertificateX509::ENCODING_X509_DER) {
- status = cert.DecodeCertificateDER(String((const char*) encoded, encodedLen));
- } else if (encoding == CertificateX509::ENCODING_X509_DER_PEM) {
- status = cert.DecodeCertificatePEM(String((const char*) encoded, encodedLen));
- }
- return status;
-}
-
-QStatus PermissionMgmtTestHelper::InstallMembership(const String& serial, BusAttachment& bus, const qcc::String& remoteObjName, BusAttachment& signingBus, const qcc::String& subject, const ECCPublicKey* subjectPubKey, const qcc::GUID128& guild)
-{
- SecurityApplicationProxy saProxy(bus, remoteObjName.c_str());
- QStatus status;
-
- qcc::MembershipCertificate certs[1];
- status = CreateMembershipCert(serial, signingBus, subject, subjectPubKey, guild, false, 24 * 3600, certs[0]);
- if (status != ER_OK) {
- return status;
- }
-
- return saProxy.InstallMembership(certs, 1);
-}
-
-QStatus PermissionMgmtTestHelper::InstallMembershipChain(BusAttachment& topBus, BusAttachment& secondBus, const String& serial0, const String& serial1, const qcc::String& remoteObjName, const qcc::String& secondSubject, const ECCPublicKey* secondPubKey, const qcc::String& targetSubject, const ECCPublicKey* targetPubKey, const qcc::GUID128& guild, bool setEmptyAKI)
-{
- SecurityApplicationProxy saSecondProxy(secondBus, remoteObjName.c_str());
-
- /* create the second cert first -- with delegate on */
- qcc::MembershipCertificate certs[2];
- QStatus status = CreateMembershipCert(serial1, topBus, secondSubject, secondPubKey, guild, true, 24 * 3600, certs[1], setEmptyAKI);
- if (status != ER_OK) {
- return status;
- }
-
- /* create the leaf cert signed by the subject */
- status = CreateMembershipCert(serial0, secondBus, targetSubject, targetPubKey, guild, false, 24 * 3600, certs[0], setEmptyAKI);
- if (status != ER_OK) {
- return status;
- }
-
- /* install cert chain */
- return saSecondProxy.InstallMembership(certs, 2);
-}
-
-QStatus PermissionMgmtTestHelper::InstallMembershipChain(BusAttachment& caBus, BusAttachment& intermediateBus, BusAttachment& targetBus, qcc::String& leafSerial, const qcc::GUID128& sgID)
-{
- qcc::MembershipCertificate certs[3];
- /* create the top cert first self signed CA cert with delegate on */
- PermissionConfigurator& caPC = caBus.GetPermissionConfigurator();
- String caSerial = leafSerial + "02";
- KeyInfoNISTP256 keyInfo;
- caPC.GetSigningPublicKey(keyInfo);
- qcc::GUID128 subject(0);
- GetGUID(caBus, subject);
- QStatus status = CreateMembershipCert(caSerial, caBus, subject.ToString(), keyInfo.GetPublicKey(), sgID, true, 24 * 3600, certs[2]);
- if (status != ER_OK) {
- return status;
- }
- /* create the intermediate cert with delegate on */
- PermissionConfigurator& intermediatePC = intermediateBus.GetPermissionConfigurator();
- String intermediateSerial = leafSerial + "01";
- intermediatePC.GetSigningPublicKey(keyInfo);
- GetGUID(intermediateBus, subject);
- status = CreateMembershipCert(intermediateSerial, caBus, subject.ToString(), keyInfo.GetPublicKey(), sgID, true, 24 * 3600, certs[1]);
- if (status != ER_OK) {
- return status;
- }
-
- /* create the leaf cert delegate off */
- PermissionConfigurator& targetPC = targetBus.GetPermissionConfigurator();
- targetPC.GetSigningPublicKey(keyInfo);
- GetGUID(targetBus, subject);
- status = CreateMembershipCert(leafSerial, intermediateBus, subject.ToString(), keyInfo.GetPublicKey(), sgID, false, 24 * 3600, certs[0]);
- if (status != ER_OK) {
- return status;
- }
-
- /* install cert chain */
- SecurityApplicationProxy saProxy(intermediateBus, targetBus.GetUniqueName().c_str());
- return saProxy.InstallMembership(certs, ArraySize(certs));
-}
-
QStatus PermissionMgmtTestHelper::ExerciseOn(BusAttachment& bus, ProxyBusObject& remoteObj)
{
QStatus status;
@@ -920,9 +471,9 @@ QStatus PermissionMgmtTestHelper::ExerciseOn(BusAttachment& bus, ProxyBusObject&
remoteObj.AddInterface(*itf);
Message reply(bus);
- status = remoteObj.MethodCall(BasePermissionMgmtTest::ONOFF_IFC_NAME, "On", NULL, 0, reply, METHOD_CALL_TIMEOUT);
+ status = remoteObj.MethodCall(BasePermissionMgmtTest::ONOFF_IFC_NAME, "On", nullptr, 0, reply, METHOD_CALL_TIMEOUT);
if (ER_OK != status) {
- if (IsPermissionDeniedError(status, reply)) {
+ if (SecurityTestHelper::IsPermissionDeniedError(status, reply)) {
status = ER_PERMISSION_DENIED;
}
}
@@ -936,9 +487,9 @@ QStatus PermissionMgmtTestHelper::ExerciseOff(BusAttachment& bus, ProxyBusObject
remoteObj.AddInterface(*itf);
Message reply(bus);
- status = remoteObj.MethodCall(BasePermissionMgmtTest::ONOFF_IFC_NAME, "Off", NULL, 0, reply, METHOD_CALL_TIMEOUT);
+ status = remoteObj.MethodCall(BasePermissionMgmtTest::ONOFF_IFC_NAME, "Off", nullptr, 0, reply, METHOD_CALL_TIMEOUT);
if (ER_OK != status) {
- if (IsPermissionDeniedError(status, reply)) {
+ if (SecurityTestHelper::IsPermissionDeniedError(status, reply)) {
status = ER_PERMISSION_DENIED;
}
}
@@ -952,9 +503,9 @@ QStatus PermissionMgmtTestHelper::ExerciseTVUp(BusAttachment& bus, ProxyBusObjec
remoteObj.AddInterface(*itf);
Message reply(bus);
- status = remoteObj.MethodCall(BasePermissionMgmtTest::TV_IFC_NAME, "Up", NULL, 0, reply, METHOD_CALL_TIMEOUT);
+ status = remoteObj.MethodCall(BasePermissionMgmtTest::TV_IFC_NAME, "Up", nullptr, 0, reply, METHOD_CALL_TIMEOUT);
if (ER_OK != status) {
- if (IsPermissionDeniedError(status, reply)) {
+ if (SecurityTestHelper::IsPermissionDeniedError(status, reply)) {
status = ER_PERMISSION_DENIED;
}
}
@@ -1009,9 +560,9 @@ QStatus PermissionMgmtTestHelper::ExerciseTVDown(BusAttachment& bus, ProxyBusObj
remoteObj.AddInterface(*itf);
Message reply(bus);
- status = remoteObj.MethodCall(BasePermissionMgmtTest::TV_IFC_NAME, "Down", NULL, 0, reply, METHOD_CALL_TIMEOUT);
+ status = remoteObj.MethodCall(BasePermissionMgmtTest::TV_IFC_NAME, "Down", nullptr, 0, reply, METHOD_CALL_TIMEOUT);
if (ER_OK != status) {
- if (IsPermissionDeniedError(status, reply)) {
+ if (SecurityTestHelper::IsPermissionDeniedError(status, reply)) {
status = ER_PERMISSION_DENIED;
}
}
@@ -1025,9 +576,9 @@ QStatus PermissionMgmtTestHelper::ExerciseTVChannel(BusAttachment& bus, ProxyBus
remoteObj.AddInterface(*itf);
Message reply(bus);
- status = remoteObj.MethodCall(BasePermissionMgmtTest::TV_IFC_NAME, "Channel", NULL, 0, reply, METHOD_CALL_TIMEOUT);
+ status = remoteObj.MethodCall(BasePermissionMgmtTest::TV_IFC_NAME, "Channel", nullptr, 0, reply, METHOD_CALL_TIMEOUT);
if (ER_OK != status) {
- if (IsPermissionDeniedError(status, reply)) {
+ if (SecurityTestHelper::IsPermissionDeniedError(status, reply)) {
status = ER_PERMISSION_DENIED;
}
}
@@ -1041,9 +592,9 @@ QStatus PermissionMgmtTestHelper::ExerciseTVMute(BusAttachment& bus, ProxyBusObj
remoteObj.AddInterface(*itf);
Message reply(bus);
- status = remoteObj.MethodCall(BasePermissionMgmtTest::TV_IFC_NAME, "Mute", NULL, 0, reply, METHOD_CALL_TIMEOUT);
+ status = remoteObj.MethodCall(BasePermissionMgmtTest::TV_IFC_NAME, "Mute", nullptr, 0, reply, METHOD_CALL_TIMEOUT);
if (ER_OK != status) {
- if (IsPermissionDeniedError(status, reply)) {
+ if (SecurityTestHelper::IsPermissionDeniedError(status, reply)) {
status = ER_PERMISSION_DENIED;
}
}
@@ -1057,36 +608,20 @@ QStatus PermissionMgmtTestHelper::ExerciseTVInputSource(BusAttachment& bus, Prox
remoteObj.AddInterface(*itf);
Message reply(bus);
- status = remoteObj.MethodCall(BasePermissionMgmtTest::TV_IFC_NAME, "InputSource", NULL, 0, reply, METHOD_CALL_TIMEOUT);
+ status = remoteObj.MethodCall(BasePermissionMgmtTest::TV_IFC_NAME, "InputSource", nullptr, 0, reply, METHOD_CALL_TIMEOUT);
if (ER_OK != status) {
- if (IsPermissionDeniedError(status, reply)) {
+ if (SecurityTestHelper::IsPermissionDeniedError(status, reply)) {
status = ER_PERMISSION_DENIED;
}
}
return status;
}
-QStatus PermissionMgmtTestHelper::JoinPeerSession(BusAttachment& initiator, BusAttachment& responder, SessionId& sessionId)
-{
- SessionOpts opts(SessionOpts::TRAFFIC_MESSAGES, false, SessionOpts::PROXIMITY_ANY, TRANSPORT_ANY);
- QStatus status = ER_FAIL;
- for (int cnt = 0; cnt < 30; cnt++) {
- status = initiator.JoinSession(responder.GetUniqueName().c_str(),
- ALLJOYN_SESSIONPORT_PERMISSION_MGMT, NULL, sessionId, opts);
- if (ER_OK == status) {
- return status;
- }
- /* sleep a few seconds since the responder may not yet setup the listener port */
- qcc::Sleep(WAIT_TIME_100);
- }
- return status;
-}
-
QStatus BasePermissionMgmtTest::JoinSessionWithService(BusAttachment& initiator, SessionId& sessionId)
{
servicePortListener.lastJoiner = String::Empty;
SessionOpts opts(SessionOpts::TRAFFIC_MESSAGES, false, SessionOpts::PROXIMITY_ANY, TRANSPORT_ANY);
- QStatus status = initiator.JoinSession(serviceBus.GetUniqueName().c_str(), servicePort, NULL, sessionId, opts);
+ QStatus status = initiator.JoinSession(serviceBus.GetUniqueName().c_str(), servicePort, nullptr, sessionId, opts);
if (ER_OK != status) {
return status;
}
@@ -1099,18 +634,6 @@ QStatus BasePermissionMgmtTest::JoinSessionWithService(BusAttachment& initiator,
return ER_TIMEOUT;
}
-QStatus PermissionMgmtTestHelper::GetGUID(BusAttachment& bus, qcc::GUID128& guid)
-{
- CredentialAccessor ca(bus);
- return ca.GetGuid(guid);
-}
-
-QStatus PermissionMgmtTestHelper::GetPeerGUID(BusAttachment& bus, qcc::String& peerName, qcc::GUID128& peerGuid)
-{
- CredentialAccessor ca(bus);
- return ca.GetPeerGuid(peerName, peerGuid);
-}
-
QStatus BasePermissionMgmtTest::Get(const char* ifcName, const char* propName, MsgArg& val)
{
QCC_UNUSED(ifcName);
@@ -1142,39 +665,3 @@ QStatus BasePermissionMgmtTest::Set(const char* ifcName, const char* propName, M
}
return ER_BUS_NO_SUCH_PROPERTY;
}
-
-void PermissionMgmtTestHelper::CallDeprecatedSetPSK(DefaultECDHEAuthListener* authListener, const uint8_t* pskBytes, size_t pskLength)
-{
- /*
- * This function suppresses compiler warnings when calling SetPSK, which is deprecated.
- * ECHDE_PSK is deprecated as of 16.04, but we still test it, per the Alliance deprecation policy.
- * ASACORE-2762 tracks removal of the ECDHE_PSK tests (and this function can be removed as a part of that work).
- * https://jira.allseenalliance.org/browse/ASACORE-2762
- */
-#ifdef __GNUC__
-#pragma GCC diagnostic push
-#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
-#endif
-#if defined(QCC_OS_GROUP_WINDOWS)
-#pragma warning(push)
-#pragma warning(disable: 4996)
-#endif
-
- QCC_VERIFY(ER_OK == authListener->SetPSK(pskBytes, pskLength));
-
-#if defined(QCC_OS_GROUP_WINDOWS)
-#pragma warning(pop)
-#endif
-#ifdef __GNUC__
-#pragma GCC diagnostic pop
-#endif
-
-}
-
-void PermissionMgmtTestHelper::UnwrapStrings(const vector<string>& strings, vector<AJ_PCSTR>& unwrapped)
-{
- unwrapped.resize(strings.size());
- for (vector<string>::size_type i = 0; i < strings.size(); i++) {
- unwrapped[i] = strings[i].c_str();
- }
-} \ No newline at end of file
diff --git a/alljoyn_core/unit_test/PermissionMgmtTest.h b/alljoyn_core/unit_test/PermissionMgmtTest.h
index e8ae36d..abcec28 100644
--- a/alljoyn_core/unit_test/PermissionMgmtTest.h
+++ b/alljoyn_core/unit_test/PermissionMgmtTest.h
@@ -55,7 +55,6 @@
#include <alljoyn/SecurityApplicationProxy.h>
#include <alljoyn/PermissionPolicy.h>
#include "KeyStore.h"
-#include "PermissionMgmtObj.h"
#include "InMemoryKeyStore.h"
namespace ajn {
@@ -101,23 +100,27 @@ class BasePermissionMgmtTest : public testing::Test, public BusObject,
static const char* NOTIFY_INTERFACE_NAME;
static const char* ONOFF_IFC_NAME;
static const char* TV_IFC_NAME;
+ static const char* ADMIN_BUS_NAME;
+ static const char* SERVICE_BUS_NAME;
+ static const char* CONSUMER_BUS_NAME;
+ static const char* RC_BUS_NAME;
BasePermissionMgmtTest(const char* path) : BusObject(path),
- adminBus("PermissionMgmtTestAdmin", false),
- serviceBus("PermissionMgmtTestService", false),
+ adminBus(ADMIN_BUS_NAME, false),
+ serviceBus(SERVICE_BUS_NAME, false),
servicePort(0),
- consumerBus("PermissionMgmtTestConsumer", false),
- remoteControlBus("PermissionMgmtTestRemoteControl", false),
+ consumerBus(CONSUMER_BUS_NAME, false),
+ remoteControlBus(RC_BUS_NAME, false),
adminAdminGroupGUID("00112233445566778899AABBCCDDEEFF"),
consumerAdminGroupGUID("AABBCCDDEEFF00112233445566778899"),
serviceGUID(),
consumerGUID(),
remoteControlGUID(),
status(ER_OK),
- serviceKeyListener(NULL),
- adminKeyListener(NULL),
- consumerKeyListener(NULL),
- remoteControlKeyListener(NULL),
+ serviceKeyListener(nullptr),
+ adminKeyListener(nullptr),
+ consumerKeyListener(nullptr),
+ remoteControlKeyListener(nullptr),
canTestStateSignalReception(false),
currentTVChannel(1),
volume(1),
@@ -126,6 +129,10 @@ class BasePermissionMgmtTest : public testing::Test, public BusObject,
testASL(),
testPCL()
{
+ adminBus.DeleteDefaultKeyStore(ADMIN_BUS_NAME);
+ serviceBus.DeleteDefaultKeyStore(SERVICE_BUS_NAME);
+ consumerBus.DeleteDefaultKeyStore(CONSUMER_BUS_NAME);
+ remoteControlBus.DeleteDefaultKeyStore(RC_BUS_NAME);
}
virtual void SetUp();
@@ -216,34 +223,6 @@ class BasePermissionMgmtTest : public testing::Test, public BusObject,
class PermissionMgmtTestHelper {
public:
- static QStatus SetCAFlagOnCert(BusAttachment& issuerBus, qcc::CertificateX509& certificate);
- static QStatus CreateAllInclusiveManifest(Manifest& manifest);
- static QStatus SignManifest(BusAttachment& issuerBus, const std::vector<uint8_t>& subjectThumbprint, Manifest& manifest);
- static QStatus SignManifest(BusAttachment& issuerBus, const qcc::CertificateX509& subjectCertificate, Manifest& manifest);
- static QStatus SignManifest(BusAttachment& issuerBus, const qcc::CertificateX509& subjectCertificate, AJ_PCSTR unsignedManifestXml, std::string& signedManifestXml);
- static QStatus SignManifests(BusAttachment& issuerBus, const qcc::CertificateX509& subjectCertificate, std::vector<Manifest>& manifests);
- static QStatus CreateIdentityCertChain(BusAttachment& caBus, BusAttachment& issuerBus, const qcc::String& serial, const qcc::String& subject, const qcc::ECCPublicKey* subjectPubKey, const qcc::String& alias, uint32_t expiredInSecs, qcc::IdentityCertificate* certChain, size_t chainCount);
- static QStatus CreateIdentityCert(BusAttachment& issuerBus, const qcc::String& serial, const qcc::String& subject, const qcc::ECCPublicKey* subjectPubKey, const qcc::String& alias, uint32_t expiredInSecs, qcc::IdentityCertificate& cert, bool setEmptyAKI = false);
- static QStatus CreateIdentityCert(BusAttachment& issuerBus, const qcc::String& serial, const qcc::String& subject, const qcc::ECCPublicKey* subjectPubKey, const qcc::String& alias, uint32_t expiredInSecs, qcc::String& der);
-
- static QStatus CreateIdentityCert(BusAttachment& issuerBus, const qcc::String& serial, const qcc::String& subject, const qcc::ECCPublicKey* subjectPubKey, const qcc::String& alias, qcc::String& der);
-
- static QStatus CreateMembershipCert(const qcc::String& serial, BusAttachment& signingBus, const qcc::String& subject, const qcc::ECCPublicKey* subjectPubKey, const qcc::GUID128& guild, bool delegate, uint32_t expiredInSecs, qcc::MembershipCertificate& cert, bool setEmptyAKI = false);
- static QStatus CreateMembershipCert(const qcc::String& serial, BusAttachment& signingBus, const qcc::String& subject, const qcc::ECCPublicKey* subjectPubKey, const qcc::GUID128& guild, bool delegate, uint32_t expiredInSecs, qcc::String& der);
- static QStatus CreateMembershipCert(const qcc::String& serial, BusAttachment& signingBus, const qcc::String& subject, const qcc::ECCPublicKey* subjectPubKey, const qcc::GUID128& guild, bool delegate, qcc::String& der);
- static QStatus CreateMembershipCert(const qcc::String& serial, BusAttachment& signingBus, const qcc::String& subject, const qcc::ECCPublicKey* subjectPubKey, const qcc::GUID128& guild, qcc::String& der);
- static bool IsPermissionDeniedError(QStatus status, Message& msg);
- static QStatus ReadClaimResponse(Message& msg, qcc::ECCPublicKey* pubKey);
- static QStatus GenerateManifest(PermissionPolicy::Rule** retRules, size_t* count);
-
- static QStatus RetrieveDSAPublicKeyFromKeyStore(BusAttachment& bus, qcc::ECCPublicKey* publicKey);
-
- static QStatus LoadCertificateBytes(Message& msg, qcc::CertificateX509& cert);
- static QStatus InstallMembership(const qcc::String& serial, BusAttachment& bus, const qcc::String& remoteObjName, BusAttachment& signingBus, const qcc::String& subject, const qcc::ECCPublicKey* subjectPubKey, const qcc::GUID128& guild);
- static QStatus InstallMembershipChain(BusAttachment& topBus, BusAttachment& secondBus, const qcc::String& serial0, const qcc::String& serial1, const qcc::String& remoteObjName, const qcc::String& secondSubject, const qcc::ECCPublicKey* secondPubKey, const qcc::String& targetSubject, const qcc::ECCPublicKey* targetPubKey, const qcc::GUID128& guild, bool setEmptyAKI = false);
- static QStatus InstallMembershipChain(BusAttachment& caBus, BusAttachment& intermediateBus, BusAttachment& targetBus, qcc::String& leafSerial, const qcc::GUID128& sgID);
- static QStatus RetrievePublicKeyFromMsgArg(MsgArg& arg, qcc::ECCPublicKey* pubKey);
- static QStatus GetPeerPublicKey(BusAttachment& bus, ProxyBusObject& remoteObj, qcc::ECCPublicKey* pubKey);
static QStatus ExerciseOn(BusAttachment& bus, ProxyBusObject& remoteObj);
static QStatus ExerciseOff(BusAttachment& bus, ProxyBusObject& remoteObj);
static QStatus ExerciseTVUp(BusAttachment& bus, ProxyBusObject& remoteObj);
@@ -251,14 +230,9 @@ class PermissionMgmtTestHelper {
static QStatus ExerciseTVChannel(BusAttachment& bus, ProxyBusObject& remoteObj);
static QStatus ExerciseTVMute(BusAttachment& bus, ProxyBusObject& remoteObj);
static QStatus ExerciseTVInputSource(BusAttachment& bus, ProxyBusObject& remoteObj);
- static QStatus JoinPeerSession(BusAttachment& initiator, BusAttachment& responder, SessionId& sessionId);
- static QStatus GetGUID(BusAttachment& bus, qcc::GUID128& guid);
- static QStatus GetPeerGUID(BusAttachment& bus, qcc::String& peerName, qcc::GUID128& peerGuid);
static QStatus GetTVVolume(BusAttachment& bus, ProxyBusObject& remoteObj, uint32_t& volume);
static QStatus SetTVVolume(BusAttachment& bus, ProxyBusObject& remoteObj, uint32_t volume);
static QStatus GetTVCaption(BusAttachment& bus, ProxyBusObject& remoteObj, size_t& propertyCount);
- static void CallDeprecatedSetPSK(DefaultECDHEAuthListener* authListener, const uint8_t* pskBytes, size_t pskLength);
- static void UnwrapStrings(const std::vector<std::string>& strings, std::vector<AJ_PCSTR>& unwrapped);
};
}
diff --git a/alljoyn_core/unit_test/PermissionMgmtUseCaseTest.cc b/alljoyn_core/unit_test/PermissionMgmtUseCaseTest.cc
index 05d2518..274b001 100644
--- a/alljoyn_core/unit_test/PermissionMgmtUseCaseTest.cc
+++ b/alljoyn_core/unit_test/PermissionMgmtUseCaseTest.cc
@@ -33,6 +33,7 @@
#include "XmlManifestTemplateValidator.h"
#include "XmlRulesConverterTest.h"
#include "ajTestCommon.h"
+#include "SecurityTestHelper.h"
#include <qcc/Crypto.h>
#include <qcc/Util.h>
#include <string>
@@ -347,9 +348,9 @@ static QStatus GenerateGetAllPropertiesObservePolicy(BusAttachment& bus, BusAtta
static QStatus GeneratePolicy(BusAttachment& bus, BusAttachment& targetBus, PermissionPolicy& policy, BusAttachment& guildAuthorityBus)
{
qcc::GUID128 guildAuthorityGUID;
- PermissionMgmtTestHelper::GetGUID(guildAuthorityBus, guildAuthorityGUID);
+ SecurityTestHelper::GetGUID(guildAuthorityBus, guildAuthorityGUID);
ECCPublicKey guildAuthorityPubKey;
- QStatus status = PermissionMgmtTestHelper::RetrieveDSAPublicKeyFromKeyStore(guildAuthorityBus, &guildAuthorityPubKey);
+ QStatus status = SecurityTestHelper::RetrieveDSAPublicKeyFromKeyStore(guildAuthorityBus, &guildAuthorityPubKey);
EXPECT_EQ(ER_OK, status) << " RetrieveDSAPublicKeyFromKeyStore failed. Actual Status: " << QCC_StatusText(status);
SecurityApplicationProxy saProxy(bus, targetBus.GetUniqueName().c_str());
@@ -849,9 +850,9 @@ static QStatus GenerateFullAccessOutgoingPolicyWithGuestServices(BusAttachment&
static QStatus GenerateGuildSpecificAccessOutgoingPolicy(BusAttachment& bus, BusAttachment& targetBus, PermissionPolicy& policy, const GUID128& guildGUID, BusAttachment& guildAuthorityBus)
{
qcc::GUID128 guildAuthorityGUID;
- PermissionMgmtTestHelper::GetGUID(guildAuthorityBus, guildAuthorityGUID);
+ SecurityTestHelper::GetGUID(guildAuthorityBus, guildAuthorityGUID);
ECCPublicKey guildAuthorityPubKey;
- QStatus status = PermissionMgmtTestHelper::RetrieveDSAPublicKeyFromKeyStore(guildAuthorityBus, &guildAuthorityPubKey);
+ QStatus status = SecurityTestHelper::RetrieveDSAPublicKeyFromKeyStore(guildAuthorityBus, &guildAuthorityPubKey);
EXPECT_EQ(ER_OK, status) << " RetrieveDSAPublicKeyFromKeyStore failed. Actual Status: " << QCC_StatusText(status);
SecurityApplicationProxy saProxy(bus, targetBus.GetUniqueName().c_str());
@@ -1013,7 +1014,7 @@ static QStatus GeneratePolicyDenyPeerPublicKey(BusAttachment& bus, BusAttachment
static QStatus GenerateAllowAllManifest(Manifest& manifest)
{
- return PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifest);
+ return SecurityTestHelper::CreateAllInclusiveManifest(manifest);
}
static QStatus GenerateUselessManifest(Manifest& manifest)
@@ -1182,13 +1183,6 @@ class PermissionMgmtUseCaseTest : public BasePermissionMgmtTest {
{
}
- void GetAppPublicKey(BusAttachment& bus, ECCPublicKey& publicKey)
- {
- KeyInfoNISTP256 keyInfo;
- bus.GetPermissionConfigurator().GetSigningPublicKey(keyInfo);
- publicKey = *keyInfo.GetPublicKey();
- }
-
QStatus VerifyIdentity(BusAttachment& bus, BusAttachment& targetBus, IdentityCertificate* identityCertChain, size_t certChainCount)
{
SecurityApplicationProxy saProxy(bus, targetBus.GetUniqueName().c_str());
@@ -1271,12 +1265,12 @@ class PermissionMgmtUseCaseTest : public BasePermissionMgmtTest {
/* retrieve public key from to-be-claimed app to create identity cert */
ECCPublicKey claimedPubKey;
if (expectClaimToFail) {
- GetAppPublicKey(claimedBus, claimedPubKey);
+ SecurityTestHelper::GetAppPublicKey(claimedBus, claimedPubKey);
} else {
EXPECT_EQ(ER_OK, saProxy.GetEccPublicKey(claimedPubKey)) << " Fail to retrieve to-be-claimed public key.";
}
qcc::GUID128 guid;
- PermissionMgmtTestHelper::GetGUID(claimedBus, guid);
+ SecurityTestHelper::GetGUID(claimedBus, guid);
IdentityCertificate identityCertChain[3];
size_t certChainCount = 3;
std::vector<Manifest> manifests;
@@ -1284,18 +1278,18 @@ class PermissionMgmtUseCaseTest : public BasePermissionMgmtTest {
EXPECT_EQ(ER_OK, GenerateAllowAllManifest(manifests, generateExtraManifests));
if (caBus != NULL) {
- status = PermissionMgmtTestHelper::CreateIdentityCertChain(*caBus, claimerBus, serial, guid.ToString(), &claimedPubKey, alias, 3600, identityCertChain, certChainCount);
+ status = SecurityTestHelper::CreateIdentityCertChain(*caBus, claimerBus, serial, guid.ToString(), &claimedPubKey, alias, identityCertChain, certChainCount);
EXPECT_EQ(ER_OK, status) << " CreateIdentityCert failed. Actual Status: " << QCC_StatusText(status);
if (ER_OK == status) {
- status = PermissionMgmtTestHelper::SignManifests(claimerBus, identityCertChain[0], manifests);
+ status = SecurityTestHelper::SignManifests(claimerBus, identityCertChain[0], manifests);
EXPECT_EQ(ER_OK, status) << " SignManifest failed. Actual Status: " << QCC_StatusText(status);
}
} else {
certChainCount = 1;
- status = PermissionMgmtTestHelper::CreateIdentityCert(claimerBus, serial, guid.ToString(), &claimedPubKey, alias, 3600, identityCertChain[0]);
+ status = SecurityTestHelper::CreateIdentityCert(claimerBus, serial, guid.ToString(), &claimedPubKey, alias, identityCertChain[0]);
EXPECT_EQ(ER_OK, status) << " CreateIdentityCert failed. Actual Status: " << QCC_StatusText(status);
if (ER_OK == status) {
- status = PermissionMgmtTestHelper::SignManifests(claimerBus, identityCertChain[0], manifests);
+ status = SecurityTestHelper::SignManifests(claimerBus, identityCertChain[0], manifests);
EXPECT_EQ(ER_OK, status) << " SignManifest failed. Actual Status: " << QCC_StatusText(status);
}
@@ -1369,7 +1363,7 @@ class PermissionMgmtUseCaseTest : public BasePermissionMgmtTest {
SessionId sessionId;
SessionOpts opts(SessionOpts::TRAFFIC_MESSAGES, false, SessionOpts::PROXIMITY_ANY, TRANSPORT_ANY);
- status = PermissionMgmtTestHelper::JoinPeerSession(adminBus, serviceBus, sessionId);
+ status = SecurityTestHelper::JoinPeerSession(adminBus, serviceBus, sessionId);
EXPECT_EQ(ER_OK, status) << " JoinSession failed. Actual Status: " << QCC_StatusText(status);
SecurityApplicationProxy saProxy(adminBus, serviceBus.GetUniqueName().c_str());
@@ -1440,7 +1434,7 @@ class PermissionMgmtUseCaseTest : public BasePermissionMgmtTest {
SessionId sessionId;
SessionOpts opts(SessionOpts::TRAFFIC_MESSAGES, false, SessionOpts::PROXIMITY_ANY, TRANSPORT_ANY);
- status = PermissionMgmtTestHelper::JoinPeerSession(adminBus, consumerBus, sessionId);
+ status = SecurityTestHelper::JoinPeerSession(adminBus, consumerBus, sessionId);
EXPECT_EQ(ER_OK, status) << " JoinSession failed. Actual Status: " << QCC_StatusText(status);
SetApplicationStateSignalReceived(false);
@@ -1487,7 +1481,7 @@ class PermissionMgmtUseCaseTest : public BasePermissionMgmtTest {
SessionId sessionId;
SessionOpts opts(SessionOpts::TRAFFIC_MESSAGES, false, SessionOpts::PROXIMITY_ANY, TRANSPORT_ANY);
- status = PermissionMgmtTestHelper::JoinPeerSession(consumerBus, remoteControlBus, sessionId);
+ status = SecurityTestHelper::JoinPeerSession(consumerBus, remoteControlBus, sessionId);
EXPECT_EQ(ER_OK, status) << " JoinSession failed. Actual Status: " << QCC_StatusText(status);
SetApplicationStateSignalReceived(false);
SetPolicyChangedReceived(false);
@@ -1647,7 +1641,7 @@ class PermissionMgmtUseCaseTest : public BasePermissionMgmtTest {
subjectPublicKey = certs[0].GetSubjectPublicKey();
}
std::unique_ptr<IdentityCertificate[]> identityCertChain(new IdentityCertificate[count]);
- status = PermissionMgmtTestHelper::CreateIdentityCert(bus, "4040404", subject, subjectPublicKey, "Service Provider", 3600, identityCertChain[0], setEmptyAKI);
+ status = SecurityTestHelper::CreateIdentityCert(bus, "4040404", subject, subjectPublicKey, "Service Provider", identityCertChain[0], 3600, setEmptyAKI);
ASSERT_EQ(ER_OK, status) << " CreateIdentityCert failed.";
for (size_t i = 1; i < count; i++) {
identityCertChain[i] = certs[i];
@@ -1658,7 +1652,7 @@ class PermissionMgmtUseCaseTest : public BasePermissionMgmtTest {
std::vector<Manifest> manifests(1);
manifests[0] = manifest;
- status = PermissionMgmtTestHelper::SignManifests(bus, identityCertChain[0], manifests);
+ status = SecurityTestHelper::SignManifests(bus, identityCertChain[0], manifests);
ASSERT_EQ(ER_OK, status) << " SignManifest failed.";
status = saProxy.UpdateIdentity(identityCertChain.get(), count, manifests.data(), manifests.size());
@@ -1724,9 +1718,9 @@ class PermissionMgmtUseCaseTest : public BasePermissionMgmtTest {
EXPECT_EQ(ER_OK, GenerateAllowAllManifest(manifests, generateExtraManifests));
/* create a cert that expires in 1 second */
- status = PermissionMgmtTestHelper::CreateIdentityCert(bus, "4040404", subject, certs[0].GetSubjectPublicKey(), "Service Provider", 1, identityCertChain[0]);
+ status = SecurityTestHelper::CreateIdentityCert(bus, "4040404", subject, certs[0].GetSubjectPublicKey(), "Service Provider", identityCertChain[0], 1);
EXPECT_EQ(ER_OK, status) << " CreateIdentityCert failed.";
- status = PermissionMgmtTestHelper::SignManifests(bus, identityCertChain[0], manifests);
+ status = SecurityTestHelper::SignManifests(bus, identityCertChain[0], manifests);
EXPECT_EQ(ER_OK, status) << " SignManifest failed.";
/* sleep to get the cert to expire */
@@ -1742,12 +1736,12 @@ class PermissionMgmtUseCaseTest : public BasePermissionMgmtTest {
void InstallMembershipToServiceProvider(AJ_PCSTR serial, qcc::GUID128& guildID)
{
ECCPublicKey claimedPubKey;
- status = PermissionMgmtTestHelper::RetrieveDSAPublicKeyFromKeyStore(serviceBus, &claimedPubKey);
+ status = SecurityTestHelper::RetrieveDSAPublicKeyFromKeyStore(serviceBus, &claimedPubKey);
EXPECT_EQ(ER_OK, status) << " InstallMembership RetrieveDSAPublicKeyFromKeyStore failed. Actual Status: " << QCC_StatusText(status);
qcc::String subjectCN(serviceGUID.ToString());
- status = PermissionMgmtTestHelper::InstallMembership(serial, adminBus, serviceBus.GetUniqueName(), adminBus, subjectCN, &claimedPubKey, guildID);
+ status = SecurityTestHelper::InstallMembership(serial, adminBus, serviceBus.GetUniqueName(), adminBus, subjectCN, &claimedPubKey, guildID);
EXPECT_EQ(ER_OK, status) << " InstallMembership cert1 failed. Actual Status: " << QCC_StatusText(status);
- status = PermissionMgmtTestHelper::InstallMembership(serial, adminBus, serviceBus.GetUniqueName(), adminBus, subjectCN, &claimedPubKey, guildID);
+ status = SecurityTestHelper::InstallMembership(serial, adminBus, serviceBus.GetUniqueName(), adminBus, subjectCN, &claimedPubKey, guildID);
EXPECT_NE(ER_OK, status) << " InstallMembership cert1 again is supposed to fail. Actual Status: " << QCC_StatusText(status);
}
@@ -1779,10 +1773,10 @@ class PermissionMgmtUseCaseTest : public BasePermissionMgmtTest {
void InstallMembershipToConsumer(AJ_PCSTR serial, qcc::GUID128& guildID, BusAttachment& authorityBus)
{
ECCPublicKey claimedPubKey;
- status = PermissionMgmtTestHelper::RetrieveDSAPublicKeyFromKeyStore(consumerBus, &claimedPubKey);
+ status = SecurityTestHelper::RetrieveDSAPublicKeyFromKeyStore(consumerBus, &claimedPubKey);
EXPECT_EQ(ER_OK, status) << " InstallMembershipToConsumer RetrieveDSAPublicKeyFromKeyStore failed. Actual Status: " << QCC_StatusText(status);
qcc::String subjectCN(consumerGUID.ToString());
- status = PermissionMgmtTestHelper::InstallMembership(serial, adminBus, consumerBus.GetUniqueName(), authorityBus, subjectCN, &claimedPubKey, guildID);
+ status = SecurityTestHelper::InstallMembership(serial, adminBus, consumerBus.GetUniqueName(), authorityBus, subjectCN, &claimedPubKey, guildID);
EXPECT_EQ(ER_OK, status) << " InstallMembershipToConsumer cert1 failed. Actual Status: " << QCC_StatusText(status);
}
@@ -1800,10 +1794,10 @@ class PermissionMgmtUseCaseTest : public BasePermissionMgmtTest {
void InstallMembershipChainToTarget(BusAttachment& topBus, BusAttachment& middleBus, BusAttachment& targetBus, AJ_PCSTR serial0, AJ_PCSTR serial1, qcc::GUID128& guildID, bool setEmptyAKI = false)
{
ECCPublicKey targetPubKey;
- status = PermissionMgmtTestHelper::RetrieveDSAPublicKeyFromKeyStore(targetBus, &targetPubKey);
+ status = SecurityTestHelper::RetrieveDSAPublicKeyFromKeyStore(targetBus, &targetPubKey);
EXPECT_EQ(ER_OK, status) << " InstallMembershipChainToTarget RetrieveDSAPublicKeyFromKeyStore failed. Actual Status: " << QCC_StatusText(status);
ECCPublicKey secondPubKey;
- status = PermissionMgmtTestHelper::RetrieveDSAPublicKeyFromKeyStore(middleBus, &secondPubKey);
+ status = SecurityTestHelper::RetrieveDSAPublicKeyFromKeyStore(middleBus, &secondPubKey);
EXPECT_EQ(ER_OK, status) << " InstallMembershipChainToTarget RetrieveDSAPublicKeyFromKeyStore failed. Actual Status: " << QCC_StatusText(status);
CredentialAccessor mca(middleBus);
qcc::GUID128 middleGUID;
@@ -1813,7 +1807,7 @@ class PermissionMgmtUseCaseTest : public BasePermissionMgmtTest {
status = tca.GetGuid(targetGUID);
qcc::String middleCN(middleGUID.ToString());
qcc::String targetCN(targetGUID.ToString());
- status = PermissionMgmtTestHelper::InstallMembershipChain(topBus, middleBus, serial0, serial1, targetBus.GetUniqueName().c_str(), middleCN, &secondPubKey, targetCN, &targetPubKey, guildID, setEmptyAKI);
+ status = SecurityTestHelper::InstallMembershipChain(topBus, middleBus, serial0, serial1, targetBus.GetUniqueName().c_str(), middleCN, &secondPubKey, targetCN, &targetPubKey, guildID, setEmptyAKI);
if (setEmptyAKI) {
EXPECT_EQ(ER_INVALID_CERTIFICATE, status) << " InstallMembershipChainToTarget did not fail.";
return;
@@ -1851,7 +1845,7 @@ class PermissionMgmtUseCaseTest : public BasePermissionMgmtTest {
*/
void Install3CertMembershipChainToTarget(BusAttachment& caBus, BusAttachment& middleBus, BusAttachment& targetBus, qcc::String leafSerial, qcc::GUID128& sgID)
{
- ASSERT_EQ(ER_OK, PermissionMgmtTestHelper::InstallMembershipChain(caBus, middleBus, targetBus, leafSerial, sgID)) << "Install3CertMembershipChainToTarget failed";
+ ASSERT_EQ(ER_OK, SecurityTestHelper::InstallMembershipChain(caBus, middleBus, targetBus, leafSerial, sgID)) << "Install3CertMembershipChainToTarget failed";
/* retrieve the membership summaries to verify the issuer public key is provided */
SecurityApplicationProxy saProxy(middleBus, targetBus.GetUniqueName().c_str());
@@ -1870,6 +1864,11 @@ class PermissionMgmtUseCaseTest : public BasePermissionMgmtTest {
EXPECT_EQ(*keyInfos[0].GetPublicKey(), *middleBusCA.GetPublicKey()) << "issuer keys don't match";
delete [] serials;
delete [] keyInfos;
+
+ vector<vector<CertificateX509> > certChains;
+ ASSERT_EQ(ER_OK, saProxy.GetMembershipCertificates(certChains)) << "GetMembershipCertificates failed.";
+ ASSERT_EQ(1U, certChains.size()) << "Wrong number of membership cert chains.";
+ EXPECT_EQ(3U, certChains[0].size()) << "Wrong number of certs in the cert chain.";
}
/**
@@ -1878,10 +1877,10 @@ class PermissionMgmtUseCaseTest : public BasePermissionMgmtTest {
void InstallOthersMembershipToConsumer()
{
ECCPublicKey claimedPubKey;
- status = PermissionMgmtTestHelper::RetrieveDSAPublicKeyFromKeyStore(adminBus, &claimedPubKey);
+ status = SecurityTestHelper::RetrieveDSAPublicKeyFromKeyStore(adminBus, &claimedPubKey);
EXPECT_EQ(ER_OK, status) << " InstallOthersMembershipToConsumer RetrieveDSAPublicKeyFromKeyStore failed. Actual Status: " << QCC_StatusText(status);
qcc::String subjectCN(consumerGUID.ToString());
- EXPECT_NE(ER_OK, PermissionMgmtTestHelper::InstallMembership(membershipSerial1, adminBus, serviceBus.GetUniqueName(), adminBus, subjectCN, &claimedPubKey, membershipGUID1)) << " InstallOthersMembershipToConsumer InstallMembership is supposed to failed.";
+ EXPECT_NE(ER_OK, SecurityTestHelper::InstallMembership(membershipSerial1, adminBus, serviceBus.GetUniqueName(), adminBus, subjectCN, &claimedPubKey, membershipGUID1)) << " InstallOthersMembershipToConsumer InstallMembership is supposed to failed.";
}
/**
@@ -1890,10 +1889,10 @@ class PermissionMgmtUseCaseTest : public BasePermissionMgmtTest {
void InstallMembershipToAdmin(const String& serial, const GUID128& membershipGUID, BusAttachment& authorityBus, bool expectSuccess = true)
{
ECCPublicKey claimedPubKey;
- status = PermissionMgmtTestHelper::RetrieveDSAPublicKeyFromKeyStore(adminBus, &claimedPubKey);
+ status = SecurityTestHelper::RetrieveDSAPublicKeyFromKeyStore(adminBus, &claimedPubKey);
EXPECT_EQ(ER_OK, status) << " InstallMembershipToAdmin RetrieveDSAPublicKeyFromKeyStore failed. Actual Status: " << QCC_StatusText(status);
qcc::String subjectCN(consumerGUID.ToString());
- status = PermissionMgmtTestHelper::InstallMembership(serial, adminBus, adminBus.GetUniqueName(), authorityBus, subjectCN, &claimedPubKey, membershipGUID);
+ status = SecurityTestHelper::InstallMembership(serial, adminBus, adminBus.GetUniqueName(), authorityBus, subjectCN, &claimedPubKey, membershipGUID);
if (expectSuccess) {
EXPECT_EQ(ER_OK, status) << " InstallMembershipToAdmin cert1 failed.";
@@ -2253,7 +2252,7 @@ class PermissionMgmtUseCaseTest : public BasePermissionMgmtTest {
PermissionConfigurator& pc = consumerBus.GetPermissionConfigurator();
GUID128 serviceGUID(0);
String peerName = serviceBus.GetUniqueName();
- status = PermissionMgmtTestHelper::GetPeerGUID(consumerBus, peerName, serviceGUID);
+ status = SecurityTestHelper::GetPeerGUID(consumerBus, peerName, serviceGUID);
EXPECT_EQ(ER_OK, status) << " ca.GetPeerGuid failed. Actual Status: " << QCC_StatusText(status);
ECCPublicKey publicKey;
status = pc.GetConnectedPeerPublicKey(serviceGUID, &publicKey);
@@ -2267,8 +2266,8 @@ class PermissionMgmtUseCaseTest : public BasePermissionMgmtTest {
{
String peerName = peerBus.GetUniqueName();
GUID128 peerGUID(0);
- QStatus status = PermissionMgmtTestHelper::GetPeerGUID(bus, peerName, peerGUID);
- EXPECT_EQ(ER_OK, status) << " PermissionMgmtTestHelper::GetPeerGuid failed. Actual Status: " << QCC_StatusText(status);
+ QStatus status = SecurityTestHelper::GetPeerGUID(bus, peerName, peerGUID);
+ EXPECT_EQ(ER_OK, status) << " SecurityTestHelper::GetPeerGuid failed. Actual Status: " << QCC_StatusText(status);
status = bus.ClearKeys(peerGUID.ToString());
EXPECT_TRUE((ER_OK == status) || (ER_BUS_KEY_UNAVAILABLE == status)) << " BusAttachment::ClearKeys failed. Actual Status: " << QCC_StatusText(status);
}
@@ -2511,7 +2510,7 @@ TEST_F(PermissionMgmtUseCaseTest, AccessByPublicKey)
Claims(true);
/* generate a policy */
ECCPublicKey consumerPublicKey;
- status = PermissionMgmtTestHelper::RetrieveDSAPublicKeyFromKeyStore(consumerBus, &consumerPublicKey);
+ status = SecurityTestHelper::RetrieveDSAPublicKeyFromKeyStore(consumerBus, &consumerPublicKey);
EXPECT_EQ(ER_OK, status) << " RetrieveDSAPublicKeyFromKeyStore failed. Actual Status: " << QCC_StatusText(status);
PermissionPolicy policy;
ASSERT_EQ(ER_OK, GeneratePolicyPeerPublicKey(adminBus, serviceBus, policy, consumerPublicKey)) << "GeneratePolicy failed.";
@@ -2535,7 +2534,7 @@ TEST_F(PermissionMgmtUseCaseTest, AccessDeniedForPeerPublicKey)
/* generate a policy */
ECCPublicKey consumerPublicKey;
- status = PermissionMgmtTestHelper::RetrieveDSAPublicKeyFromKeyStore(consumerBus, &consumerPublicKey);
+ status = SecurityTestHelper::RetrieveDSAPublicKeyFromKeyStore(consumerBus, &consumerPublicKey);
EXPECT_EQ(ER_OK, status) << " RetrieveDSAPublicKeyFromKeyStore failed. Actual Status: " << QCC_StatusText(status);
PermissionPolicy policy;
ASSERT_EQ(ER_OK, GeneratePolicyDenyPeerPublicKey(adminBus, serviceBus, policy, consumerPublicKey)) << "GeneratePolicy failed.";
@@ -3173,7 +3172,7 @@ TEST_F(PermissionMgmtUseCaseTest, DisconnectAndReenableSecurity)
SessionId sessionId;
SessionOpts opts(SessionOpts::TRAFFIC_MESSAGES, false, SessionOpts::PROXIMITY_ANY, TRANSPORT_ANY);
- status = PermissionMgmtTestHelper::JoinPeerSession(cpAdminBus, consumerBus, sessionId);
+ status = SecurityTestHelper::JoinPeerSession(cpAdminBus, consumerBus, sessionId);
EXPECT_EQ(ER_OK, status) << " JoinSession failed. Actual Status: " << QCC_StatusText(status);
SecurityApplicationProxy saProxy(cpAdminBus, consumerBus.GetUniqueName().c_str());
@@ -3244,19 +3243,19 @@ TEST_F(PermissionMgmtUseCaseTest, ClaimUnenabledAppShouldFail)
SecurityApplicationProxy saProxy(adminBus, serviceBus.GetUniqueName().c_str());
/* retrieve public key from to-be-claimed app to create identity cert */
ECCPublicKey claimedPubKey;
- GetAppPublicKey(serviceBus, claimedPubKey);
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(adminBus, "1010", "subject", &claimedPubKey, "service alias", 3600, identityCert)) << " CreateIdentityCert failed.";
+ SecurityTestHelper::GetAppPublicKey(serviceBus, claimedPubKey);
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(adminBus, "1010", "subject", &claimedPubKey, "service alias", identityCert)) << " CreateIdentityCert failed.";
IdentityCertificate signingCert;
ECCPublicKey consumerPubKey;
- GetAppPublicKey(consumerBus, consumerPubKey);
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(consumerBus, "1011", "signer", &consumerPubKey, "consumer alias", 3600, signingCert)) << " CreateIdentityCert failed.";
+ SecurityTestHelper::GetAppPublicKey(consumerBus, consumerPubKey);
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(consumerBus, "1011", "signer", &consumerPubKey, "consumer alias", signingCert)) << " CreateIdentityCert failed.";
IdentityCertificate certChain[2];
certChain[0] = identityCert;
certChain[1] = signingCert;
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifests(consumerBus, identityCert, manifests));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifests(consumerBus, identityCert, manifests));
EXPECT_EQ(ER_PERMISSION_DENIED, saProxy.Claim(adminAdminGroupAuthority, adminAdminGroupGUID, adminAdminGroupAuthority, certChain, 2, manifests.data(), manifests.size())) << "Claim did not fail.";
}
@@ -3271,10 +3270,10 @@ TEST_F(PermissionMgmtUseCaseTest, ClaimClaimableAppWithoutManifestTemplate)
SecurityApplicationProxy saProxy(adminBus, serviceBus.GetUniqueName().c_str());
/* retrieve public key from to-be-claimed app to create identity cert */
ECCPublicKey claimedPubKey;
- GetAppPublicKey(serviceBus, claimedPubKey);
+ SecurityTestHelper::GetAppPublicKey(serviceBus, claimedPubKey);
IdentityCertificate identityCertChain[2];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCertChain(adminBus, adminBus, "1010", "subject", &claimedPubKey, "service alias", 3600, identityCertChain, 2)) << " CreateIdentityCertChain failed.";
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifests(adminBus, identityCertChain[0], manifests));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCertChain(adminBus, adminBus, "1010", "subject", &claimedPubKey, "service alias", identityCertChain, 2)) << " CreateIdentityCertChain failed.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifests(adminBus, identityCertChain[0], manifests));
EXPECT_EQ(ER_OK, serviceBus.GetPermissionConfigurator().SetApplicationState(PermissionConfigurator::CLAIMABLE)) << " SetApplicationState failed.";
EXPECT_EQ(ER_OK, saProxy.Claim(adminAdminGroupAuthority, adminAdminGroupGUID, adminAdminGroupAuthority, identityCertChain, 2, manifests.data(), manifests.size())) << "Claim did not fail.";
@@ -3293,14 +3292,14 @@ TEST_F(PermissionMgmtUseCaseTest, ClaimWithInvalidCertChain)
/* retrieve public key from to-be-claimed app to create identity cert */
ECCPublicKey claimedPubKey;
EXPECT_EQ(ER_OK, saProxy.GetEccPublicKey(claimedPubKey)) << " Fail to retrieve to-be-claimed public key.";
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(adminBus, "1010", "subject", &claimedPubKey, "service alias", 3600, identityCert)) << " CreateIdentityCert failed.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(adminBus, "1010", "subject", &claimedPubKey, "service alias", identityCert)) << " CreateIdentityCert failed.";
IdentityCertificate signingCert;
ECCPublicKey consumerPubKey;
SecurityApplicationProxy consumerProxy(adminBus, consumerBus.GetUniqueName().c_str());
EXPECT_EQ(ER_OK, consumerProxy.GetEccPublicKey(consumerPubKey)) << " Fail to retrieve to-be-claimed public key.";
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(consumerBus, "1011", "signer", &consumerPubKey, "consumer alias", 3600, signingCert)) << " CreateIdentityCert failed.";
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifests(consumerBus, identityCert, manifests));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(consumerBus, "1011", "signer", &consumerPubKey, "consumer alias", signingCert)) << " CreateIdentityCert failed.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifests(consumerBus, identityCert, manifests));
/* app is claimable after installing manifest template or explicitly set to be claimable */
SetManifestTemplate(serviceBus);
@@ -3355,14 +3354,14 @@ TEST_F(PermissionMgmtUseCaseTest, ClaimWithIdentityCertSignedByUnknownCA)
ECCPublicKey claimedPubKey;
EXPECT_EQ(ER_OK, saProxy.GetEccPublicKey(claimedPubKey)) << " Fail to retrieve to-be-claimed public key.";
qcc::GUID128 guid;
- PermissionMgmtTestHelper::GetGUID(consumerBus, guid);
+ SecurityTestHelper::GetGUID(consumerBus, guid);
IdentityCertificate identityCertChain[3];
size_t certChainCount = 3;
std::vector<Manifest> manifests;
EXPECT_EQ(ER_OK, GenerateAllowAllManifest(manifests, generateExtraManifests));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCertChain(remoteControlBus, adminBus, "303030", guid.ToString(), &claimedPubKey, "alias", 3600, identityCertChain, certChainCount)) << " CreateIdentityCert failed";
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifests(adminBus, identityCertChain[0], manifests));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCertChain(remoteControlBus, adminBus, "303030", guid.ToString(), &claimedPubKey, "alias", identityCertChain, certChainCount)) << " CreateIdentityCert failed";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifests(adminBus, identityCertChain[0], manifests));
/* app is claimable after installing manifest template or explicitly set to be claimable */
SetManifestTemplate(consumerBus);
@@ -3390,8 +3389,8 @@ TEST_F(PermissionMgmtUseCaseTest, ClaimWithEmptyCAPublicKey)
EXPECT_EQ(ER_OK, GenerateAllowAllManifest(manifests, generateExtraManifests));
certChainCount = 1;
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(adminBus, "1010", guid.ToString(), &claimedPubKey, "alias", 3600, identityCertChain[0])) << " CreateIdentityCert failed.";
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifests(adminBus, identityCertChain[0], manifests));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(adminBus, "1010", guid.ToString(), &claimedPubKey, "alias", identityCertChain[0])) << " CreateIdentityCert failed.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifests(adminBus, identityCertChain[0], manifests));
/* app is claimable after installing manifest template or explicitly set to be claimable */
SetManifestTemplate(adminBus);
@@ -3416,8 +3415,8 @@ TEST_F(PermissionMgmtUseCaseTest, ClaimWithEmptyCAAKI)
EXPECT_EQ(ER_OK, GenerateAllowAllManifest(manifests, generateExtraManifests));
certChainCount = 1;
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(adminBus, "1010", guid.ToString(), &claimedPubKey, "alias", 3600, identityCertChain[0])) << " CreateIdentityCert failed.";
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifests(adminBus, identityCertChain[0], manifests));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(adminBus, "1010", guid.ToString(), &claimedPubKey, "alias", identityCertChain[0])) << " CreateIdentityCert failed.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifests(adminBus, identityCertChain[0], manifests));
/* app is claimable after installing manifest template or explicitly set to be claimable */
SetManifestTemplate(adminBus);
@@ -3442,8 +3441,8 @@ TEST_F(PermissionMgmtUseCaseTest, ClaimWithEmptyAdminSecurityGroupAKI)
EXPECT_EQ(ER_OK, GenerateAllowAllManifest(manifests, generateExtraManifests));
certChainCount = 1;
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(adminBus, "1010", guid.ToString(), &claimedPubKey, "alias", 3600, identityCertChain[0])) << " CreateIdentityCert failed.";
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifests(adminBus, identityCertChain[0], manifests));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(adminBus, "1010", guid.ToString(), &claimedPubKey, "alias", identityCertChain[0])) << " CreateIdentityCert failed.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifests(adminBus, identityCertChain[0], manifests));
/* app is claimable after installing manifest template or explicitly set to be claimable */
SetManifestTemplate(adminBus);
@@ -3469,8 +3468,8 @@ TEST_F(PermissionMgmtUseCaseTest, ClaimWithEmptyAdminSecurityGroupPublicKey)
EXPECT_EQ(ER_OK, GenerateAllowAllManifest(manifests, generateExtraManifests));
certChainCount = 1;
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(adminBus, "1010", guid.ToString(), &claimedPubKey, "alias", 3600, identityCertChain[0])) << " CreateIdentityCert failed.";
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifests(adminBus, identityCertChain[0], manifests));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(adminBus, "1010", guid.ToString(), &claimedPubKey, "alias", identityCertChain[0])) << " CreateIdentityCert failed.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifests(adminBus, identityCertChain[0], manifests));
/* app is claimable after installing manifest template or explicitly set to be claimable */
SetManifestTemplate(adminBus);
@@ -3898,7 +3897,7 @@ TEST_F(PermissionMgmtUseCaseTest, ExerciseInstallManifestsCall)
std::vector<Manifest> newManifests(1);
ASSERT_EQ(ER_OK, GenerateManifestNoInputSource(newManifests[0]));
- ASSERT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(adminBus, manifests[0]->GetThumbprint(), newManifests[0]));
+ ASSERT_EQ(ER_OK, SecurityTestHelper::SignManifest(adminBus, manifests[0]->GetThumbprint(), newManifests[0]));
EXPECT_EQ(ER_OK, saProxy.InstallManifests(newManifests.data(), newManifests.size()));
}
@@ -3919,7 +3918,7 @@ TEST_F(PermissionMgmtUseCaseTest, InstallOneAdditionalManifestCountCorrect)
std::vector<Manifest> newManifests(1);
ASSERT_EQ(ER_OK, GenerateManifestNoInputSource(newManifests[0]));
- ASSERT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(adminBus, manifests[0]->GetThumbprint(), newManifests[0]));
+ ASSERT_EQ(ER_OK, SecurityTestHelper::SignManifest(adminBus, manifests[0]->GetThumbprint(), newManifests[0]));
ASSERT_EQ(ER_OK, saProxy.InstallManifests(newManifests.data(), newManifests.size()));
std::vector<Manifest> manifestsAfterUpdate;
@@ -3945,7 +3944,7 @@ TEST_F(PermissionMgmtUseCaseTest, InstallOneAdditionalManifestNewManifestCorrect
std::vector<Manifest> newManifests(1);
ASSERT_EQ(ER_OK, GenerateManifestNoInputSource(newManifests[0]));
- ASSERT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(adminBus, manifests[0]->GetThumbprint(), newManifests[0]));
+ ASSERT_EQ(ER_OK, SecurityTestHelper::SignManifest(adminBus, manifests[0]->GetThumbprint(), newManifests[0]));
ASSERT_EQ(ER_OK, saProxy.InstallManifests(newManifests.data(), newManifests.size()));
std::vector<Manifest> manifestsAfterUpdate;
@@ -3966,9 +3965,9 @@ TEST_F(PermissionMgmtUseCaseTest, ClaimWithUnsignedManifestFails)
SecurityApplicationProxy saProxy(adminBus, serviceBus.GetUniqueName().c_str());
/* Retrieve public key from to-be-claimed app to create identity cert */
ECCPublicKey claimedPubKey;
- GetAppPublicKey(serviceBus, claimedPubKey);
+ SecurityTestHelper::GetAppPublicKey(serviceBus, claimedPubKey);
IdentityCertificate identityCertChain[2];
- ASSERT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCertChain(adminBus, adminBus, "1010", "subject", &claimedPubKey, "service alias", 3600, identityCertChain, 2)) << " CreateIdentityCertChain failed.";
+ ASSERT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCertChain(adminBus, adminBus, "1010", "subject", &claimedPubKey, "service alias", identityCertChain, 2)) << " CreateIdentityCertChain failed.";
/* No SignManifests call here. */
ASSERT_EQ(ER_OK, serviceBus.GetPermissionConfigurator().SetApplicationState(PermissionConfigurator::CLAIMABLE)) << " SetApplicationState failed.";
diff --git a/alljoyn_core/unit_test/PropChangedTest.cc b/alljoyn_core/unit_test/PropChangedTest.cc
index 680dbe9..7d79a0c 100644
--- a/alljoyn_core/unit_test/PropChangedTest.cc
+++ b/alljoyn_core/unit_test/PropChangedTest.cc
@@ -372,6 +372,7 @@ class PropChangedTestBusObject :
virtual ~PropChangedTestBusObject()
{
+ bus.UnregisterBusObject(*this);
}
virtual QStatus Get(const char* ifcName, const char* propName, MsgArg& val)
diff --git a/alljoyn_core/unit_test/RemoteEndpointTest.cc b/alljoyn_core/unit_test/RemoteEndpointTest.cc
index 1b43886..f4fbace 100644
--- a/alljoyn_core/unit_test/RemoteEndpointTest.cc
+++ b/alljoyn_core/unit_test/RemoteEndpointTest.cc
@@ -76,8 +76,8 @@ typedef qcc::ManagedObj<_TestMessage> TestMessage;
class _TestRemoteEndpoint : public _RemoteEndpoint {
public:
- _TestRemoteEndpoint(const char* uniqueName, BusAttachment& bus, bool incoming, const qcc::String& connectSpec, qcc::Stream* stream)
- : _RemoteEndpoint(bus, incoming, connectSpec, stream) {
+ _TestRemoteEndpoint(const char* uniqueName, BusAttachment& bus, bool incoming, qcc::Stream* stream)
+ : _RemoteEndpoint(bus, incoming, stream) {
SetUniqueName(uniqueName);
GetFeatures().protocolVersion = 3;
}
@@ -92,11 +92,10 @@ class RemoteEndpointTest : public testing::Test {
public:
BusAttachment bus;
bool incoming;
- const String connectSpec;
TestStream ts;
Stream* s;
TestRemoteEndpoint rep;
- RemoteEndpointTest() : bus("RemoteEndpointTest"), incoming(false), s(&ts), rep(":test.2", bus, incoming, connectSpec, s) { }
+ RemoteEndpointTest() : bus("RemoteEndpointTest"), incoming(false), s(&ts), rep(":test.2", bus, incoming, s) { }
void SetUp() {
EXPECT_EQ(ER_OK, bus.Start());
EXPECT_EQ(ER_OK, rep->Start());
@@ -177,7 +176,7 @@ TEST_F(RemoteEndpointTest, TxTimeout)
{
TxTestStream tts;
s = &tts;
- TestRemoteEndpoint trep(":test.3", bus, incoming, connectSpec, s);
+ TestRemoteEndpoint trep(":test.3", bus, incoming, s);
EXPECT_EQ(ER_OK, trep->Start(0U, 0U, 0U, 1U)); /* Tx timeout of 1 sec. */
/*
* Tx timeout will kick in once we have a partial message push.
@@ -199,7 +198,7 @@ TEST_F(RemoteEndpointTest, TxFail)
{
TxTestStream tts;
s = &tts;
- TestRemoteEndpoint trep(":test.3", bus, incoming, connectSpec, s);
+ TestRemoteEndpoint trep(":test.3", bus, incoming, s);
EXPECT_EQ(ER_OK, trep->Start());
TestMessage tm(bus);
Message m = Message::cast(tm);
@@ -229,7 +228,7 @@ TEST_F(RemoteEndpointTest, TxMaxControlMessages)
EXPECT_EQ(ER_OK, tb.Start());
TxTestStream tts;
s = &tts;
- TestRemoteEndpoint trep(":test.3", tb, incoming, connectSpec, s);
+ TestRemoteEndpoint trep(":test.3", tb, incoming, s);
EXPECT_EQ(ER_OK, trep->Start());
QStatus status = ER_OK;
while (status == ER_OK) {
@@ -272,6 +271,6 @@ TEST_F(RemoteEndpointTest, TxQueueIsFull)
TEST_F(RemoteEndpointTest, CreateDestroy)
{
{
- TestRemoteEndpoint trep(":test.3", bus, incoming, connectSpec, s);
+ TestRemoteEndpoint trep(":test.3", bus, incoming, s);
}
}
diff --git a/alljoyn_core/unit_test/SConscript b/alljoyn_core/unit_test/SConscript
index d3a8906..9d7c5e7 100644
--- a/alljoyn_core/unit_test/SConscript
+++ b/alljoyn_core/unit_test/SConscript
@@ -54,7 +54,7 @@ env.Append(BUILDERS = {'Check' : Builder(action = builder_check)})
if not env.has_key('GTEST_DIR'):
print('GTEST_DIR not specified skipping alljoyn_core unit test build')
-elif env['OS'] == 'darwin' and env['CPU'] in ['arm', 'armv7', 'armv7s', 'arm64',]:
+elif (env['OS'] == 'darwin' and env['CPU'] in ['arm', 'armv7', 'armv7s', 'arm64']) or env['OS'] == 'iOS':
# do not even try Google test if darwin and arm
print 'GTEST_DIR ignored when building for OS=darwin CPU=arm, skipping alljoyn_core unit test build'
diff --git a/alljoyn_core/unit_test/SecurityACLTest.cc b/alljoyn_core/unit_test/SecurityACLTest.cc
index aa7285c..8afbcf9 100644
--- a/alljoyn_core/unit_test/SecurityACLTest.cc
+++ b/alljoyn_core/unit_test/SecurityACLTest.cc
@@ -27,6 +27,7 @@
* PERFORMANCE OF THIS SOFTWARE.
******************************************************************************/
#include <gtest/gtest.h>
+#include <alljoyn/AllJoynStd.h>
#include <alljoyn/AuthListener.h>
#include <alljoyn/BusAttachment.h>
#include <alljoyn/SecurityApplicationProxy.h>
@@ -35,8 +36,7 @@
#include <map>
#include "InMemoryKeyStore.h"
-#include "PermissionMgmtObj.h"
-#include "PermissionMgmtTest.h"
+#include "SecurityTestHelper.h"
using namespace ajn;
using namespace qcc;
@@ -52,84 +52,6 @@ class AclTestSessionPortListener : public SessionPortListener {
}
};
-
-static void CreatePermissivePolicy(PermissionPolicy& policy, uint32_t version) {
- policy.SetVersion(version);
- {
- PermissionPolicy::Acl acls[1];
- {
- PermissionPolicy::Peer peers[1];
- peers[0].SetType(PermissionPolicy::Peer::PEER_ALL);
- acls[0].SetPeers(1, peers);
- }
- {
- PermissionPolicy::Rule rules[1];
- rules[0].SetObjPath("*");
- rules[0].SetInterfaceName("*");
- {
- PermissionPolicy::Rule::Member members[1];
- members[0].Set("*",
- PermissionPolicy::Rule::Member::NOT_SPECIFIED,
- PermissionPolicy::Rule::Member::ACTION_PROVIDE |
- PermissionPolicy::Rule::Member::ACTION_MODIFY |
- PermissionPolicy::Rule::Member::ACTION_OBSERVE);
- rules[0].SetMembers(1, members);
- }
- acls[0].SetRules(1, rules);
- }
- policy.SetAcls(1, acls);
- }
-}
-
-static QStatus UpdatePolicyWithValuesFromDefaultPolicy(const PermissionPolicy& defaultPolicy,
- PermissionPolicy& policy,
- bool keepCAentry,
- bool keepAdminGroupEntry,
- bool keepInstallMembershipEntry) {
-
- size_t count = policy.GetAclsSize();
- if (keepCAentry) {
- ++count;
- }
- if (keepAdminGroupEntry) {
- ++count;
- }
- if (keepInstallMembershipEntry) {
- ++count;
- }
-
- PermissionPolicy::Acl* acls = new PermissionPolicy::Acl[count];
- size_t idx = 0;
-
- for (size_t cnt = 0; cnt < defaultPolicy.GetAclsSize(); ++cnt) {
- if (defaultPolicy.GetAcls()[cnt].GetPeersSize() > 0) {
- if (defaultPolicy.GetAcls()[cnt].GetPeers()[0].GetType() == PermissionPolicy::Peer::PEER_FROM_CERTIFICATE_AUTHORITY) {
- if (keepCAentry) {
- acls[idx++] = defaultPolicy.GetAcls()[cnt];
- }
- } else if (defaultPolicy.GetAcls()[cnt].GetPeers()[0].GetType() == PermissionPolicy::Peer::PEER_WITH_MEMBERSHIP) {
- if (keepAdminGroupEntry) {
- acls[idx++] = defaultPolicy.GetAcls()[cnt];
- }
- } else if (defaultPolicy.GetAcls()[cnt].GetPeers()[0].GetType() == PermissionPolicy::Peer::PEER_WITH_PUBLIC_KEY) {
- if (keepInstallMembershipEntry) {
- acls[idx++] = defaultPolicy.GetAcls()[cnt];
- }
- }
- }
-
- }
-
- for (size_t cnt = 0; cnt < policy.GetAclsSize(); ++cnt) {
- assert(idx <= count);
- acls[idx++] = policy.GetAcls()[cnt];
- }
-
- policy.SetAcls(count, acls);
- delete [] acls;
- return ER_OK;
-}
-
class ACLTestBusObject : public BusObject {
public:
ACLTestBusObject(BusAttachment& bus, const char* path, const char* interfaceName, bool announce = true)
@@ -371,20 +293,20 @@ TEST(SecurityACLTest, multiple_acls_and_different_peer_types) {
EXPECT_EQ(ER_OK, pcLivingRoom.GetSigningPublicKey(livingRoomKey));
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
GUID128 managerGuid;
- PermissionMgmtTestHelper::GetGUID(managerBus, managerGuid);
+ SecurityTestHelper::GetGUID(managerBus, managerGuid);
GUID128 peer1Guid;
- PermissionMgmtTestHelper::GetGUID(peer1Bus, peer1Guid);
+ SecurityTestHelper::GetGUID(peer1Bus, peer1Guid);
GUID128 peer2Guid;
- PermissionMgmtTestHelper::GetGUID(peer2Bus, peer2Guid);
+ SecurityTestHelper::GetGUID(peer2Bus, peer2Guid);
GUID128 peer3Guid;
- PermissionMgmtTestHelper::GetGUID(peer3Bus, peer3Guid);
+ SecurityTestHelper::GetGUID(peer3Bus, peer3Guid);
GUID128 caGuid;
- PermissionMgmtTestHelper::GetGUID(busUsedAsCA, caGuid);
+ SecurityTestHelper::GetGUID(busUsedAsCA, caGuid);
GUID128 livingRoomGuid;
- PermissionMgmtTestHelper::GetGUID(busUsedAsLivingRoom, livingRoomGuid);
+ SecurityTestHelper::GetGUID(busUsedAsLivingRoom, livingRoomGuid);
//Create identityCerts
const size_t certChainSize = 2;
@@ -394,55 +316,50 @@ TEST(SecurityACLTest, multiple_acls_and_different_peer_types) {
IdentityCertificate identityCertChainPeer3[certChainSize];
/* Create CA cert for all the chains. */
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(busUsedAsCA,
- "0",
- caGuid.ToString(),
- caKey.GetPublicKey(),
- "CertificateAuthority",
- 3600,
- identityCertChainMaster[1])) << "Failed to create CA cert";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(busUsedAsCA,
+ "0",
+ caGuid.ToString(),
+ caKey.GetPublicKey(),
+ "CertificateAuthority",
+ identityCertChainMaster[1])) << "Failed to create CA cert";
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SetCAFlagOnCert(busUsedAsCA, identityCertChainMaster[1])) << "Failed to set CA flag on CA's cert";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SetCAFlagOnCert(busUsedAsCA, identityCertChainMaster[1])) << "Failed to set CA flag on CA's cert";
/* Copy to other chains. */
identityCertChainPeer1[1] = identityCertChainMaster[1];
identityCertChainPeer2[1] = identityCertChainMaster[1];
identityCertChainPeer3[1] = identityCertChainMaster[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(busUsedAsCA,
- "0",
- managerGuid.ToString(),
- managerKey.GetPublicKey(),
- "ManagerAlias",
- 3600,
- identityCertChainMaster[0])) << "Failed to create identity certificate.";
-
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(busUsedAsCA,
- "0",
- peer1Guid.ToString(),
- peer1Key.GetPublicKey(),
- "Peer1Alias",
- 3600,
- identityCertChainPeer1[0])) << "Failed to create identity certificate.";
-
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(busUsedAsCA,
- "0",
- peer2Guid.ToString(),
- peer2Key.GetPublicKey(),
- "Peer2Alias",
- 3600,
- identityCertChainPeer2[0])) << "Failed to create identity certificate.";
-
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(busUsedAsCA,
- "0",
- peer3Guid.ToString(),
- peer3Key.GetPublicKey(),
- "Peer3Alias",
- 3600,
- identityCertChainPeer3[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(busUsedAsCA,
+ "0",
+ managerGuid.ToString(),
+ managerKey.GetPublicKey(),
+ "ManagerAlias",
+ identityCertChainMaster[0])) << "Failed to create identity certificate.";
+
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(busUsedAsCA,
+ "0",
+ peer1Guid.ToString(),
+ peer1Key.GetPublicKey(),
+ "Peer1Alias",
+ identityCertChainPeer1[0])) << "Failed to create identity certificate.";
+
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(busUsedAsCA,
+ "0",
+ peer2Guid.ToString(),
+ peer2Key.GetPublicKey(),
+ "Peer2Alias",
+ identityCertChainPeer2[0])) << "Failed to create identity certificate.";
+
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(busUsedAsCA,
+ "0",
+ peer3Guid.ToString(),
+ peer3Key.GetPublicKey(),
+ "Peer3Alias",
+ identityCertChainPeer3[0])) << "Failed to create identity certificate.";
managerBus.GetPermissionConfigurator().SetApplicationState(PermissionConfigurator::CLAIMABLE);
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(busUsedAsCA, identityCertChainMaster[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(busUsedAsCA, identityCertChainMaster[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithManager.Claim(caKey,
managerGuid,
managerKey,
@@ -450,7 +367,7 @@ TEST(SecurityACLTest, multiple_acls_and_different_peer_types) {
manifests, ArraySize(manifests)));
peer1Bus.GetPermissionConfigurator().SetApplicationState(PermissionConfigurator::CLAIMABLE);
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(busUsedAsCA, identityCertChainPeer1[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(busUsedAsCA, identityCertChainPeer1[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithPeer1.Claim(caKey,
managerGuid,
managerKey,
@@ -458,7 +375,7 @@ TEST(SecurityACLTest, multiple_acls_and_different_peer_types) {
manifests, ArraySize(manifests)));
peer2Bus.GetPermissionConfigurator().SetApplicationState(PermissionConfigurator::CLAIMABLE);
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(busUsedAsCA, identityCertChainPeer2[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(busUsedAsCA, identityCertChainPeer2[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithPeer2.Claim(caKey,
managerGuid,
managerKey,
@@ -466,7 +383,7 @@ TEST(SecurityACLTest, multiple_acls_and_different_peer_types) {
manifests, ArraySize(manifests)));
peer3Bus.GetPermissionConfigurator().SetApplicationState(PermissionConfigurator::CLAIMABLE);
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(busUsedAsCA, identityCertChainPeer3[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(busUsedAsCA, identityCertChainPeer3[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithPeer3.Claim(caKey,
managerGuid,
managerKey,
@@ -480,24 +397,21 @@ TEST(SecurityACLTest, multiple_acls_and_different_peer_types) {
qcc::String membershipSerial = "1";
qcc::MembershipCertificate managerMembershipCertificate[2];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("0-1",
- busUsedAsCA,
- managerGuid.ToString(),
- managerKey.GetPublicKey(),
- managerGuid,
- true,
- 3600,
- managerMembershipCertificate[1]
- ));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("0-0",
- managerBus,
- managerGuid.ToString(),
- managerKey.GetPublicKey(),
- managerGuid,
- false,
- 3600,
- managerMembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("0-1",
+ busUsedAsCA,
+ managerGuid.ToString(),
+ managerKey.GetPublicKey(),
+ managerGuid,
+ managerMembershipCertificate[1],
+ true
+ ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("0-0",
+ managerBus,
+ managerGuid.ToString(),
+ managerKey.GetPublicKey(),
+ managerGuid,
+ managerMembershipCertificate[0]
+ ));
EXPECT_EQ(ER_OK, sapWithManager.InstallMembership(managerMembershipCertificate, 2));
/**
@@ -510,66 +424,59 @@ TEST(SecurityACLTest, multiple_acls_and_different_peer_types) {
*/
qcc::MembershipCertificate peer1MembershipCertificate[2];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("2-1",
- busUsedAsCA,
- livingRoomGuid.ToString(),
- livingRoomKey.GetPublicKey(),
- livingRoomGuid,
- true,
- 3600,
- peer1MembershipCertificate[1]
- ));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("2-0",
- busUsedAsLivingRoom,
- peer1Guid.ToString(),
- peer1Key.GetPublicKey(),
- livingRoomGuid,
- false,
- 3600,
- peer1MembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("2-1",
+ busUsedAsCA,
+ livingRoomGuid.ToString(),
+ livingRoomKey.GetPublicKey(),
+ livingRoomGuid,
+ peer1MembershipCertificate[1],
+ true
+ ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("2-0",
+ busUsedAsLivingRoom,
+ peer1Guid.ToString(),
+ peer1Key.GetPublicKey(),
+ livingRoomGuid,
+ peer1MembershipCertificate[0]
+ ));
EXPECT_EQ(ER_OK, sapWithPeer1.InstallMembership(peer1MembershipCertificate, 2));
qcc::MembershipCertificate peer2MembershipCertificate[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert(membershipSerial,
- busUsedAsCA,
- peer2Bus.GetUniqueName(),
- peer2Key.GetPublicKey(),
- managerGuid,
- false,
- 3600,
- peer2MembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert(membershipSerial,
+ busUsedAsCA,
+ peer2Bus.GetUniqueName(),
+ peer2Key.GetPublicKey(),
+ managerGuid,
+ peer2MembershipCertificate[0]
+ ));
EXPECT_EQ(ER_OK, sapWithPeer2.InstallMembership(peer2MembershipCertificate, 1));
qcc::MembershipCertificate peer3MembershipCertificate[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert(membershipSerial,
- busUsedAsCA,
- peer3Bus.GetUniqueName(),
- peer3Key.GetPublicKey(),
- managerGuid,
- false,
- 3600,
- peer3MembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert(membershipSerial,
+ busUsedAsCA,
+ peer3Bus.GetUniqueName(),
+ peer3Key.GetPublicKey(),
+ managerGuid,
+ peer3MembershipCertificate[0]
+ ));
EXPECT_EQ(ER_OK, sapWithPeer3.InstallMembership(peer3MembershipCertificate, 1));
//Install permissive policies on Peer1 and Peer2
{
PermissionPolicy peer1Policy;
- CreatePermissivePolicy(peer1Policy, 1);
+ SecurityTestHelper::CreatePermissivePolicyAll(peer1Policy, 1);
PermissionPolicy defaultPolicy;
sapWithPeer1.GetDefaultPolicy(defaultPolicy);
- UpdatePolicyWithValuesFromDefaultPolicy(defaultPolicy, peer1Policy, true, true, true);
+ SecurityTestHelper::UpdatePolicyWithValuesFromDefaultPolicy(defaultPolicy, peer1Policy, true, true, true);
EXPECT_EQ(ER_OK, sapWithPeer1.UpdatePolicy(peer1Policy));
EXPECT_EQ(ER_OK, sapWithPeer1.SecureConnection(true));
}
{
PermissionPolicy peer2Policy;
- CreatePermissivePolicy(peer2Policy, 1);
+ SecurityTestHelper::CreatePermissivePolicyAll(peer2Policy, 1);
PermissionPolicy defaultPolicy;
sapWithPeer2.GetDefaultPolicy(defaultPolicy);
- UpdatePolicyWithValuesFromDefaultPolicy(defaultPolicy, peer2Policy, true, true, true);
+ SecurityTestHelper::UpdatePolicyWithValuesFromDefaultPolicy(defaultPolicy, peer2Policy, true, true, true);
EXPECT_EQ(ER_OK, sapWithPeer2.UpdatePolicy(peer2Policy));
EXPECT_EQ(ER_OK, sapWithPeer2.SecureConnection(true));
}
@@ -679,7 +586,7 @@ TEST(SecurityACLTest, multiple_acls_and_different_peer_types) {
{
PermissionPolicy defaultPolicy;
sapWithPeer3.GetDefaultPolicy(defaultPolicy);
- UpdatePolicyWithValuesFromDefaultPolicy(defaultPolicy, peer3Policy, true, true, true);
+ SecurityTestHelper::UpdatePolicyWithValuesFromDefaultPolicy(defaultPolicy, peer3Policy, true, true, true);
EXPECT_EQ(ER_OK, sapWithPeer3.UpdatePolicy(peer3Policy));
EXPECT_EQ(ER_OK, sapWithPeer3.SecureConnection(true));
}
@@ -747,18 +654,17 @@ TEST(SecurityACLTest, multiple_acls_and_different_peer_types) {
* Peer1 makes a method call sing. It should be successful. Auth mechanism should be ECDHE_ECDSA.
*/
{
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(busUsedAsCA,
- "4",
- peer1Guid.ToString(),
- peer1Key.GetPublicKey(),
- "Peer1Alias",
- 3600,
- identityCertChainPeer1[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(busUsedAsCA,
+ "4",
+ peer1Guid.ToString(),
+ peer1Key.GetPublicKey(),
+ "Peer1Alias",
+ identityCertChainPeer1[0])) << "Failed to create identity certificate.";
/* peer1 was set to use ECDHE_NULL in the previous test, so now it
needs to be enabled with ECDSA */
EXPECT_EQ(ER_OK, peer1Bus.EnablePeerSecurity("ALLJOYN_ECDHE_ECDSA", &peer1AuthListener));
EXPECT_EQ(ER_OK, sapWithPeer1.SecureConnection(true));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(busUsedAsCA, identityCertChainPeer1[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(busUsedAsCA, identityCertChainPeer1[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithPeer1.UpdateIdentity(identityCertChainPeer1, ArraySize(identityCertChainPeer1), manifests, ArraySize(manifests)));
EXPECT_EQ(ER_OK, peer3Bus.EnablePeerSecurity("ALLJOYN_ECDHE_ECDSA", &peer3AuthListener));
@@ -784,17 +690,16 @@ TEST(SecurityACLTest, multiple_acls_and_different_peer_types) {
* Peer1 makes a method call sing. It should be successful. Auth mechanism should be ECDHE_ECDSA.
*/
{
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(busUsedAsCA,
- "5",
- peer1Guid.ToString(),
- peer1Key.GetPublicKey(),
- "Peer1Alias",
- 3600,
- identityCertChainPeer1[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(busUsedAsCA,
+ "5",
+ peer1Guid.ToString(),
+ peer1Key.GetPublicKey(),
+ "Peer1Alias",
+ identityCertChainPeer1[0])) << "Failed to create identity certificate.";
/* reestablish connection */
EXPECT_EQ(ER_OK, sapWithPeer1.SecureConnection(true));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(busUsedAsCA, identityCertChainPeer1[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(busUsedAsCA, identityCertChainPeer1[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithPeer1.UpdateIdentity(identityCertChainPeer1, ArraySize(identityCertChainPeer1), manifests, ArraySize(manifests)));
EXPECT_EQ(ER_OK, peer1Bus.EnablePeerSecurity("ALLJOYN_ECDHE_ECDSA", &peer1AuthListener));
@@ -821,14 +726,13 @@ TEST(SecurityACLTest, multiple_acls_and_different_peer_types) {
* Peer2 makes a method call sing. Ensure that it cannot be received by peer2.
*/
{
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(busUsedAsCA,
- "6",
- peer2Guid.ToString(),
- peer2Key.GetPublicKey(),
- "Peer2Alias",
- 3600,
- identityCertChainPeer2[0])) << "Failed to create identity certificate.";
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(busUsedAsCA, identityCertChainPeer2[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(busUsedAsCA,
+ "6",
+ peer2Guid.ToString(),
+ peer2Key.GetPublicKey(),
+ "Peer2Alias",
+ identityCertChainPeer2[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(busUsedAsCA, identityCertChainPeer2[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithPeer2.UpdateIdentity(identityCertChainPeer2, ArraySize(identityCertChainPeer2), manifests, ArraySize(manifests)));
EXPECT_EQ(ER_OK, peer1Bus.EnablePeerSecurity("ALLJOYN_ECDHE_ECDSA", &peer1AuthListener));
@@ -1123,34 +1027,34 @@ TEST(SecurityACLTest, acl_verify_peers_using_different_membershipchain_can_make_
EXPECT_EQ(ER_OK, pcInt2.GetSigningPublicKey(int2Key));
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
GUID128 managerGuid;
- PermissionMgmtTestHelper::GetGUID(managerBus, managerGuid);
+ SecurityTestHelper::GetGUID(managerBus, managerGuid);
GUID128 peer1Guid;
- PermissionMgmtTestHelper::GetGUID(peer1Bus, peer1Guid);
+ SecurityTestHelper::GetGUID(peer1Bus, peer1Guid);
GUID128 peer2Guid;
- PermissionMgmtTestHelper::GetGUID(peer2Bus, peer2Guid);
+ SecurityTestHelper::GetGUID(peer2Bus, peer2Guid);
GUID128 caGuid;
- PermissionMgmtTestHelper::GetGUID(busUsedAsCA, caGuid);
+ SecurityTestHelper::GetGUID(busUsedAsCA, caGuid);
GUID128 alphaGuid;
- PermissionMgmtTestHelper::GetGUID(busUsedAsAlpha, alphaGuid);
+ SecurityTestHelper::GetGUID(busUsedAsAlpha, alphaGuid);
GUID128 betaGuid;
- PermissionMgmtTestHelper::GetGUID(busUsedAsBeta, betaGuid);
+ SecurityTestHelper::GetGUID(busUsedAsBeta, betaGuid);
GUID128 gammaGuid;
- PermissionMgmtTestHelper::GetGUID(busUsedAsGamma, gammaGuid);
+ SecurityTestHelper::GetGUID(busUsedAsGamma, gammaGuid);
GUID128 phiGuid;
- PermissionMgmtTestHelper::GetGUID(busUsedAsPhi, phiGuid);
+ SecurityTestHelper::GetGUID(busUsedAsPhi, phiGuid);
GUID128 siGuid;
- PermissionMgmtTestHelper::GetGUID(busUsedAsSi, siGuid);
+ SecurityTestHelper::GetGUID(busUsedAsSi, siGuid);
GUID128 omegaGuid;
- PermissionMgmtTestHelper::GetGUID(busUsedAsOmega, omegaGuid);
+ SecurityTestHelper::GetGUID(busUsedAsOmega, omegaGuid);
GUID128 tauGuid;
- PermissionMgmtTestHelper::GetGUID(busUsedAsTau, tauGuid);
+ SecurityTestHelper::GetGUID(busUsedAsTau, tauGuid);
GUID128 int1Guid;
- PermissionMgmtTestHelper::GetGUID(busUsedAsInt1, int1Guid);
+ SecurityTestHelper::GetGUID(busUsedAsInt1, int1Guid);
GUID128 int2Guid;
- PermissionMgmtTestHelper::GetGUID(busUsedAsInt2, int2Guid);
+ SecurityTestHelper::GetGUID(busUsedAsInt2, int2Guid);
//Create identityCerts
const size_t certChainSize = 2;
@@ -1159,47 +1063,43 @@ TEST(SecurityACLTest, acl_verify_peers_using_different_membershipchain_can_make_
IdentityCertificate identityCertChainPeer2[certChainSize];
/* Create CA cert for all the chains. */
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(busUsedAsCA,
- "0",
- caGuid.ToString(),
- caKey.GetPublicKey(),
- "CertificateAuthority",
- 3600,
- identityCertChainMaster[1])) << "Failed to create CA cert";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(busUsedAsCA,
+ "0",
+ caGuid.ToString(),
+ caKey.GetPublicKey(),
+ "CertificateAuthority",
+ identityCertChainMaster[1])) << "Failed to create CA cert";
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SetCAFlagOnCert(busUsedAsCA, identityCertChainMaster[1])) << "Failed to set CA flag on CA's cert";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SetCAFlagOnCert(busUsedAsCA, identityCertChainMaster[1])) << "Failed to set CA flag on CA's cert";
/* Copy to other chains. */
identityCertChainPeer1[1] = identityCertChainMaster[1];
identityCertChainPeer2[1] = identityCertChainMaster[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(busUsedAsCA,
- "0",
- managerGuid.ToString(),
- managerKey.GetPublicKey(),
- "ManagerAlias",
- 3600,
- identityCertChainMaster[0])) << "Failed to create identity certificate.";
-
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(busUsedAsCA,
- "0",
- peer1Guid.ToString(),
- peer1Key.GetPublicKey(),
- "Peer1Alias",
- 3600,
- identityCertChainPeer1[0])) << "Failed to create identity certificate.";
-
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(busUsedAsCA,
- "0",
- peer2Guid.ToString(),
- peer2Key.GetPublicKey(),
- "Peer2Alias",
- 3600,
- identityCertChainPeer2[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(busUsedAsCA,
+ "0",
+ managerGuid.ToString(),
+ managerKey.GetPublicKey(),
+ "ManagerAlias",
+ identityCertChainMaster[0])) << "Failed to create identity certificate.";
+
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(busUsedAsCA,
+ "0",
+ peer1Guid.ToString(),
+ peer1Key.GetPublicKey(),
+ "Peer1Alias",
+ identityCertChainPeer1[0])) << "Failed to create identity certificate.";
+
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(busUsedAsCA,
+ "0",
+ peer2Guid.ToString(),
+ peer2Key.GetPublicKey(),
+ "Peer2Alias",
+ identityCertChainPeer2[0])) << "Failed to create identity certificate.";
managerBus.GetPermissionConfigurator().SetApplicationState(PermissionConfigurator::CLAIMABLE);
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(busUsedAsCA, identityCertChainMaster[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(busUsedAsCA, identityCertChainMaster[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithManager.Claim(caKey,
managerGuid,
managerKey,
@@ -1207,7 +1107,7 @@ TEST(SecurityACLTest, acl_verify_peers_using_different_membershipchain_can_make_
manifests, ArraySize(manifests)));
peer1Bus.GetPermissionConfigurator().SetApplicationState(PermissionConfigurator::CLAIMABLE);
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(busUsedAsCA, identityCertChainPeer1[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(busUsedAsCA, identityCertChainPeer1[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithPeer1.Claim(caKey,
managerGuid,
managerKey,
@@ -1215,7 +1115,7 @@ TEST(SecurityACLTest, acl_verify_peers_using_different_membershipchain_can_make_
manifests, ArraySize(manifests)));
peer2Bus.GetPermissionConfigurator().SetApplicationState(PermissionConfigurator::CLAIMABLE);
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(busUsedAsCA, identityCertChainPeer2[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(busUsedAsCA, identityCertChainPeer2[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithPeer2.Claim(caKey,
managerGuid,
managerKey,
@@ -1227,24 +1127,21 @@ TEST(SecurityACLTest, acl_verify_peers_using_different_membershipchain_can_make_
EXPECT_EQ(ER_OK, peer2Bus.EnablePeerSecurity("ALLJOYN_ECDHE_ECDSA", &peer2AuthListener));
qcc::MembershipCertificate managerMembershipCertificate[2];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("0-1",
- busUsedAsCA,
- managerGuid.ToString(),
- managerKey.GetPublicKey(),
- managerGuid,
- true,
- 3600,
- managerMembershipCertificate[1]
- ));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("0-0",
- managerBus,
- managerGuid.ToString(),
- managerKey.GetPublicKey(),
- managerGuid,
- false,
- 3600,
- managerMembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("0-1",
+ busUsedAsCA,
+ managerGuid.ToString(),
+ managerKey.GetPublicKey(),
+ managerGuid,
+ managerMembershipCertificate[1],
+ true
+ ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("0-0",
+ managerBus,
+ managerGuid.ToString(),
+ managerKey.GetPublicKey(),
+ managerGuid,
+ managerMembershipCertificate[0]
+ ));
EXPECT_EQ(ER_OK, sapWithManager.InstallMembership(managerMembershipCertificate, 2));
EXPECT_EQ(ER_OK, sapWithManager.SecureConnection());
@@ -1255,89 +1152,78 @@ TEST(SecurityACLTest, acl_verify_peers_using_different_membershipchain_can_make_
qcc::MembershipCertificate peer1MembershipCertificate[3];
// alpha->Int1->Peer1
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("0-2",
- busUsedAsCA,
- alphaGuid.ToString(),
- alphaKey.GetPublicKey(),
- alphaGuid,
- true,
- 3600,
- peer1MembershipCertificate[2]
- ));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("0-1",
- busUsedAsAlpha,
- int1Guid.ToString(),
- int1Key.GetPublicKey(),
- alphaGuid,
- true,
- 3600,
- peer1MembershipCertificate[1]
- ));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("0-0",
- busUsedAsInt1,
- peer1Guid.ToString(),
- peer1Key.GetPublicKey(),
- alphaGuid,
- false,
- 3600,
- peer1MembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("0-2",
+ busUsedAsCA,
+ alphaGuid.ToString(),
+ alphaKey.GetPublicKey(),
+ alphaGuid,
+ peer1MembershipCertificate[2],
+ true
+ ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("0-1",
+ busUsedAsAlpha,
+ int1Guid.ToString(),
+ int1Key.GetPublicKey(),
+ alphaGuid,
+ peer1MembershipCertificate[1],
+ true
+ ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("0-0",
+ busUsedAsInt1,
+ peer1Guid.ToString(),
+ peer1Key.GetPublicKey(),
+ alphaGuid,
+ peer1MembershipCertificate[0]
+ ));
EXPECT_EQ(ER_OK, sapWithPeer1.InstallMembership(peer1MembershipCertificate, 3));
EXPECT_EQ(ER_OK, sapWithPeer1.SecureConnection());
// beta->Int1->Peer1
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("1-2",
- busUsedAsCA,
- betaGuid.ToString(),
- betaKey.GetPublicKey(),
- betaGuid,
- true,
- 3600,
- peer1MembershipCertificate[2]
- ));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("1-1",
- busUsedAsBeta,
- int1Guid.ToString(),
- int1Key.GetPublicKey(),
- betaGuid,
- true,
- 3600,
- peer1MembershipCertificate[1]
- ));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("1-0",
- busUsedAsInt1,
- peer1Guid.ToString(),
- peer1Key.GetPublicKey(),
- betaGuid,
- false,
- 3600,
- peer1MembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("1-2",
+ busUsedAsCA,
+ betaGuid.ToString(),
+ betaKey.GetPublicKey(),
+ betaGuid,
+ peer1MembershipCertificate[2],
+ true
+ ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("1-1",
+ busUsedAsBeta,
+ int1Guid.ToString(),
+ int1Key.GetPublicKey(),
+ betaGuid,
+ peer1MembershipCertificate[1],
+ true
+ ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("1-0",
+ busUsedAsInt1,
+ peer1Guid.ToString(),
+ peer1Key.GetPublicKey(),
+ betaGuid,
+ peer1MembershipCertificate[0]
+ ));
EXPECT_EQ(ER_OK, sapWithPeer1.InstallMembership(peer1MembershipCertificate, 3));
EXPECT_EQ(ER_OK, sapWithPeer1.SecureConnection());
// gamma->Peer1
qcc::MembershipCertificate peer1GammaMembershipCertificate[2];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("2-1",
- busUsedAsCA,
- gammaGuid.ToString(),
- gammaKey.GetPublicKey(),
- gammaGuid,
- true,
- 3600,
- peer1GammaMembershipCertificate[1]
- ));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("2-0",
- busUsedAsGamma,
- peer1Guid.ToString(),
- peer1Key.GetPublicKey(),
- gammaGuid,
- false,
- 3600,
- peer1GammaMembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("2-1",
+ busUsedAsCA,
+ gammaGuid.ToString(),
+ gammaKey.GetPublicKey(),
+ gammaGuid,
+ peer1GammaMembershipCertificate[1],
+ true
+ ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("2-0",
+ busUsedAsGamma,
+ peer1Guid.ToString(),
+ peer1Key.GetPublicKey(),
+ gammaGuid,
+ peer1GammaMembershipCertificate[0]
+ ));
EXPECT_EQ(ER_OK, sapWithPeer1.InstallMembership(peer1GammaMembershipCertificate, 2));
EXPECT_EQ(ER_OK, sapWithPeer1.SecureConnection());
@@ -1348,89 +1234,78 @@ TEST(SecurityACLTest, acl_verify_peers_using_different_membershipchain_can_make_
// si->Peer2
qcc::MembershipCertificate peer2MembershipCertificate[3];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("0-2",
- busUsedAsCA,
- phiGuid.ToString(),
- phiKey.GetPublicKey(),
- phiGuid,
- true,
- 3600,
- peer2MembershipCertificate[2]
- ));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("0-1",
- busUsedAsPhi,
- int2Guid.ToString(),
- int2Key.GetPublicKey(),
- phiGuid,
- true,
- 3600,
- peer2MembershipCertificate[1]
- ));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("0-0",
- busUsedAsInt2,
- peer2Guid.ToString(),
- peer2Key.GetPublicKey(),
- phiGuid,
- false,
- 3600,
- peer2MembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("0-2",
+ busUsedAsCA,
+ phiGuid.ToString(),
+ phiKey.GetPublicKey(),
+ phiGuid,
+ peer2MembershipCertificate[2],
+ true
+ ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("0-1",
+ busUsedAsPhi,
+ int2Guid.ToString(),
+ int2Key.GetPublicKey(),
+ phiGuid,
+ peer2MembershipCertificate[1],
+ true
+ ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("0-0",
+ busUsedAsInt2,
+ peer2Guid.ToString(),
+ peer2Key.GetPublicKey(),
+ phiGuid,
+ peer2MembershipCertificate[0]
+ ));
EXPECT_EQ(ER_OK, sapWithPeer2.InstallMembership(peer2MembershipCertificate, 3));
EXPECT_EQ(ER_OK, sapWithPeer2.SecureConnection());
// omega->Int2->Peer2
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("1-2",
- busUsedAsCA,
- omegaGuid.ToString(),
- omegaKey.GetPublicKey(),
- omegaGuid,
- true,
- 3600,
- peer2MembershipCertificate[2]
- ));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("1-1",
- busUsedAsOmega,
- int2Guid.ToString(),
- int2Key.GetPublicKey(),
- omegaGuid,
- true,
- 3600,
- peer2MembershipCertificate[1]
- ));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("1-0",
- busUsedAsInt2,
- peer2Guid.ToString(),
- peer2Key.GetPublicKey(),
- omegaGuid,
- false,
- 3600,
- peer2MembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("1-2",
+ busUsedAsCA,
+ omegaGuid.ToString(),
+ omegaKey.GetPublicKey(),
+ omegaGuid,
+ peer2MembershipCertificate[2],
+ true
+ ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("1-1",
+ busUsedAsOmega,
+ int2Guid.ToString(),
+ int2Key.GetPublicKey(),
+ omegaGuid,
+ peer2MembershipCertificate[1],
+ true
+ ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("1-0",
+ busUsedAsInt2,
+ peer2Guid.ToString(),
+ peer2Key.GetPublicKey(),
+ omegaGuid,
+ peer2MembershipCertificate[0]
+ ));
EXPECT_EQ(ER_OK, sapWithPeer2.InstallMembership(peer2MembershipCertificate, 3));
EXPECT_EQ(ER_OK, sapWithPeer2.SecureConnection());
// si->Peer2
qcc::MembershipCertificate peer2SiMembershipCertificate[2];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("2-1",
- busUsedAsCA,
- siGuid.ToString(),
- siKey.GetPublicKey(),
- siGuid,
- true,
- 3600,
- peer2SiMembershipCertificate[1]
- ));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("2-0",
- busUsedAsSi,
- peer2Guid.ToString(),
- peer2Key.GetPublicKey(),
- siGuid,
- false,
- 3600,
- peer2SiMembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("2-1",
+ busUsedAsCA,
+ siGuid.ToString(),
+ siKey.GetPublicKey(),
+ siGuid,
+ peer2SiMembershipCertificate[1],
+ true
+ ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("2-0",
+ busUsedAsSi,
+ peer2Guid.ToString(),
+ peer2Key.GetPublicKey(),
+ siGuid,
+ peer2SiMembershipCertificate[0]
+ ));
EXPECT_EQ(ER_OK, sapWithPeer2.InstallMembership(peer2SiMembershipCertificate, 2));
EXPECT_EQ(ER_OK, sapWithPeer2.SecureConnection());
@@ -1511,7 +1386,7 @@ TEST(SecurityACLTest, acl_verify_peers_using_different_membershipchain_can_make_
{
PermissionPolicy defaultPolicy;
sapWithPeer2.GetDefaultPolicy(defaultPolicy);
- UpdatePolicyWithValuesFromDefaultPolicy(defaultPolicy, peer2Policy, true, true, true);
+ SecurityTestHelper::UpdatePolicyWithValuesFromDefaultPolicy(defaultPolicy, peer2Policy, true, true, true);
EXPECT_EQ(ER_OK, sapWithPeer2.UpdatePolicy(peer2Policy));
EXPECT_EQ(ER_OK, sapWithPeer2.SecureConnection(true));
}
@@ -1613,7 +1488,7 @@ TEST(SecurityACLTest, acl_verify_peers_using_different_membershipchain_can_make_
{
PermissionPolicy defaultPolicy;
sapWithPeer1.GetDefaultPolicy(defaultPolicy);
- UpdatePolicyWithValuesFromDefaultPolicy(defaultPolicy, peer1Policy, true, true, true);
+ SecurityTestHelper::UpdatePolicyWithValuesFromDefaultPolicy(defaultPolicy, peer1Policy, true, true, true);
EXPECT_EQ(ER_OK, sapWithPeer1.UpdatePolicy(peer1Policy));
EXPECT_EQ(ER_OK, sapWithPeer1.SecureConnection(true));
}
diff --git a/alljoyn_core/unit_test/SecurityAuthenticationTest.cc b/alljoyn_core/unit_test/SecurityAuthenticationTest.cc
index 8d11dab..017a116 100644
--- a/alljoyn_core/unit_test/SecurityAuthenticationTest.cc
+++ b/alljoyn_core/unit_test/SecurityAuthenticationTest.cc
@@ -30,14 +30,14 @@
#include <alljoyn/AuthListener.h>
#include <alljoyn/BusAttachment.h>
#include <alljoyn/SecurityApplicationProxy.h>
+#include <qcc/Crypto.h>
#include <qcc/Util.h>
#include <iostream>
#include <map>
#include <set>
#include "InMemoryKeyStore.h"
-#include "PermissionMgmtObj.h"
-#include "PermissionMgmtTest.h"
+#include "SecurityTestHelper.h"
using namespace ajn;
using namespace qcc;
@@ -58,120 +58,6 @@ class SecurityAuthenticationTestSessionPortListener : public SessionPortListener
}
};
-class SecurityAuthTestHelper {
- public:
- static QStatus UpdatePolicyWithValuesFromDefaultPolicy(const PermissionPolicy& defaultPolicy,
- PermissionPolicy& policy,
- bool keepCAentry = true,
- bool keepAdminGroupEntry = false,
- bool keepInstallMembershipEntry = false) {
-
- size_t count = policy.GetAclsSize();
- if (keepCAentry) {
- ++count;
- }
- if (keepAdminGroupEntry) {
- ++count;
- }
- if (keepInstallMembershipEntry) {
- ++count;
- }
-
- PermissionPolicy::Acl* acls = new PermissionPolicy::Acl[count];
- size_t idx = 0;
- for (size_t cnt = 0; cnt < defaultPolicy.GetAclsSize(); ++cnt) {
- if (defaultPolicy.GetAcls()[cnt].GetPeersSize() > 0) {
- if (defaultPolicy.GetAcls()[cnt].GetPeers()[0].GetType() == PermissionPolicy::Peer::PEER_FROM_CERTIFICATE_AUTHORITY) {
- if (keepCAentry) {
- acls[idx++] = defaultPolicy.GetAcls()[cnt];
- }
- } else if (defaultPolicy.GetAcls()[cnt].GetPeers()[0].GetType() == PermissionPolicy::Peer::PEER_WITH_MEMBERSHIP) {
- if (keepAdminGroupEntry) {
- acls[idx++] = defaultPolicy.GetAcls()[cnt];
- }
- } else if (defaultPolicy.GetAcls()[cnt].GetPeers()[0].GetType() == PermissionPolicy::Peer::PEER_WITH_PUBLIC_KEY) {
- if (keepInstallMembershipEntry) {
- acls[idx++] = defaultPolicy.GetAcls()[cnt];
- }
- }
- }
-
- }
- for (size_t cnt = 0; cnt < policy.GetAclsSize(); ++cnt) {
- QCC_ASSERT(idx <= count);
- acls[idx++] = policy.GetAcls()[cnt];
- }
- policy.SetAcls(count, acls);
- delete [] acls;
- return ER_OK;
- }
-
- /*
- * Creates a PermissionPolicy that allows everything.
- * @policy[out] the policy to set
- * @version[in] the version number for the policy
- */
- static void GeneratePermissivePolicyAll(PermissionPolicy& policy, uint32_t version) {
- policy.SetVersion(version);
- {
- PermissionPolicy::Acl acls[1];
- {
- PermissionPolicy::Peer peers[1];
- peers[0].SetType(PermissionPolicy::Peer::PEER_ALL);
- acls[0].SetPeers(1, peers);
- }
- {
- PermissionPolicy::Rule rules[1];
- rules[0].SetObjPath("*");
- rules[0].SetInterfaceName("*");
- {
- PermissionPolicy::Rule::Member members[1];
- members[0].Set("*",
- PermissionPolicy::Rule::Member::NOT_SPECIFIED,
- PermissionPolicy::Rule::Member::ACTION_PROVIDE |
- PermissionPolicy::Rule::Member::ACTION_MODIFY |
- PermissionPolicy::Rule::Member::ACTION_OBSERVE);
- rules[0].SetMembers(1, members);
- }
- acls[0].SetRules(1, rules);
- }
- policy.SetAcls(1, acls);
- }
- }
- /*
- * Creates a PermissionPolicy that allows everything.
- * @policy[out] the policy to set
- * @version[in] the version number for the policy
- */
- static void GeneratePermissivePolicyAnyTrusted(PermissionPolicy& policy, uint32_t version) {
- policy.SetVersion(version);
- {
- PermissionPolicy::Acl acls[1];
- {
- PermissionPolicy::Peer peers[1];
- peers[0].SetType(PermissionPolicy::Peer::PEER_ANY_TRUSTED);
- acls[0].SetPeers(1, peers);
- }
- {
- PermissionPolicy::Rule rules[1];
- rules[0].SetObjPath("*");
- rules[0].SetInterfaceName("*");
- {
- PermissionPolicy::Rule::Member members[1];
- members[0].Set("*",
- PermissionPolicy::Rule::Member::NOT_SPECIFIED,
- PermissionPolicy::Rule::Member::ACTION_PROVIDE |
- PermissionPolicy::Rule::Member::ACTION_MODIFY |
- PermissionPolicy::Rule::Member::ACTION_OBSERVE);
- rules[0].SetMembers(1, members);
- }
- acls[0].SetRules(1, rules);
- }
- policy.SetAcls(1, acls);
- }
- }
-};
-
static const char ecdsaPrivateKeyPEM[] = {
"-----BEGIN EC PRIVATE KEY-----\n"
"MDECAQEEIICSqj3zTadctmGnwyC/SXLioO39pB1MlCbNEX04hjeioAoGCCqGSM49\n"
@@ -275,13 +161,6 @@ class SecurityAuthenticationAuthListener : public AuthListener {
bool securityViolationCalled;
};
-static void GetAppPublicKey(BusAttachment& bus, ECCPublicKey& publicKey)
-{
- KeyInfoNISTP256 keyInfo;
- bus.GetPermissionConfigurator().GetSigningPublicKey(keyInfo);
- publicKey = *keyInfo.GetPublicKey();
-}
-
class SecurityAuthenticationTest : public testing::Test {
public:
SecurityAuthenticationTest() :
@@ -342,7 +221,7 @@ class SecurityAuthenticationTest : public testing::Test {
SecurityApplicationProxy sapWithPeer2(managerBus, peer2Bus.GetUniqueName().c_str(), managerToPeer2SessionId);
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
//Get manager key
KeyInfoNISTP256 managerKey;
@@ -367,17 +246,16 @@ class SecurityAuthenticationTest : public testing::Test {
const size_t certChainSize = 1;
IdentityCertificate identityCertChainMaster[certChainSize];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(managerBus,
- "0",
- managerGuid.ToString(),
- managerKey.GetPublicKey(),
- "ManagerAlias",
- 3600,
- identityCertChainMaster[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(managerBus,
+ "0",
+ managerGuid.ToString(),
+ managerKey.GetPublicKey(),
+ "ManagerAlias",
+ identityCertChainMaster[0])) << "Failed to create identity certificate.";
/* set claimable */
managerBus.GetPermissionConfigurator().SetApplicationState(PermissionConfigurator::CLAIMABLE);
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(managerBus, identityCertChainMaster[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(managerBus, identityCertChainMaster[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithManager.Claim(managerKey,
managerGuid,
managerKey,
@@ -386,24 +264,23 @@ class SecurityAuthenticationTest : public testing::Test {
ECCPublicKey managerPublicKey;
- GetAppPublicKey(managerBus, managerPublicKey);
+ SecurityTestHelper::GetAppPublicKey(managerBus, managerPublicKey);
ASSERT_EQ(*managerKey.GetPublicKey(), managerPublicKey);
//Create peer1 identityCert
IdentityCertificate identityCertChainPeer1[certChainSize];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(managerBus,
- "0",
- managerGuid.ToString(),
- peer1Key.GetPublicKey(),
- "Peer1Alias",
- 3600,
- identityCertChainPeer1[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(managerBus,
+ "0",
+ managerGuid.ToString(),
+ peer1Key.GetPublicKey(),
+ "Peer1Alias",
+ identityCertChainPeer1[0])) << "Failed to create identity certificate.";
/* set claimable */
peer1Bus.GetPermissionConfigurator().SetApplicationState(PermissionConfigurator::CLAIMABLE);
//Manager claims Peers
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(managerBus, identityCertChainPeer1[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(managerBus, identityCertChainPeer1[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithPeer1.Claim(managerKey,
managerGuid,
managerKey,
@@ -413,16 +290,15 @@ class SecurityAuthenticationTest : public testing::Test {
//Create peer2 identityCert
IdentityCertificate identityCertChainPeer2[certChainSize];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(managerBus,
- "0",
- managerGuid.ToString(),
- peer2Key.GetPublicKey(),
- "Peer2Alias",
- 3600,
- identityCertChainPeer2[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(managerBus,
+ "0",
+ managerGuid.ToString(),
+ peer2Key.GetPublicKey(),
+ "Peer2Alias",
+ identityCertChainPeer2[0])) << "Failed to create identity certificate.";
/* set claimable */
peer2Bus.GetPermissionConfigurator().SetApplicationState(PermissionConfigurator::CLAIMABLE);
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(managerBus, identityCertChainPeer2[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(managerBus, identityCertChainPeer2[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithPeer2.Claim(managerKey,
managerGuid,
managerKey,
@@ -437,40 +313,34 @@ class SecurityAuthenticationTest : public testing::Test {
String membershipSerial = "1";
qcc::MembershipCertificate managerMembershipCertificate[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert(membershipSerial,
- managerBus,
- managerBus.GetUniqueName(),
- managerKey.GetPublicKey(),
- managerGuid,
- false,
- 3600,
- managerMembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert(membershipSerial,
+ managerBus,
+ managerBus.GetUniqueName(),
+ managerKey.GetPublicKey(),
+ managerGuid,
+ managerMembershipCertificate[0]
+ ));
EXPECT_EQ(ER_OK, sapWithManager.InstallMembership(managerMembershipCertificate, 1));
qcc::MembershipCertificate peer1MembershipCertificate[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert(membershipSerial,
- managerBus,
- peer1Bus.GetUniqueName(),
- peer1Key.GetPublicKey(),
- managerGuid,
- false,
- 3600,
- peer1MembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert(membershipSerial,
+ managerBus,
+ peer1Bus.GetUniqueName(),
+ peer1Key.GetPublicKey(),
+ managerGuid,
+ peer1MembershipCertificate[0]
+ ));
EXPECT_EQ(ER_OK, sapWithPeer1.InstallMembership(peer1MembershipCertificate, 1));
qcc::MembershipCertificate peer2MembershipCertificate[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert(membershipSerial,
- managerBus,
- peer2Bus.GetUniqueName(),
- peer2Key.GetPublicKey(),
- managerGuid,
- false,
- 3600,
- peer2MembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert(membershipSerial,
+ managerBus,
+ peer2Bus.GetUniqueName(),
+ peer2Key.GetPublicKey(),
+ managerGuid,
+ peer2MembershipCertificate[0]
+ ));
EXPECT_EQ(ER_OK, sapWithPeer2.InstallMembership(peer2MembershipCertificate, 1));
}
@@ -535,14 +405,14 @@ TEST_F(SecurityAuthenticationTest, authenticate_test1_case1_ECDHE_NULL) {
//---------------- Install Policy --------------
{
PermissionPolicy policy;
- SecurityAuthTestHelper::GeneratePermissivePolicyAll(policy, 1);
+ SecurityTestHelper::CreatePermissivePolicyAll(policy, 1);
SecurityApplicationProxy sapWithPeer1(managerBus, peer1Bus.GetUniqueName().c_str(), managerToPeer1SessionId);
EXPECT_EQ(ER_OK, sapWithPeer1.UpdatePolicy(policy));
// Don't instantly call SecureConnection we want to control when SecureConnection is called.
}
{
PermissionPolicy policy;
- SecurityAuthTestHelper::GeneratePermissivePolicyAll(policy, 1);
+ SecurityTestHelper::CreatePermissivePolicyAll(policy, 1);
SecurityApplicationProxy sapWithPeer2(managerBus, peer2Bus.GetUniqueName().c_str(), managerToPeer2SessionId);
EXPECT_EQ(ER_OK, sapWithPeer2.UpdatePolicy(policy));
// Don't instantly call SecureConnection we want to control when SecureConnection is called.
@@ -575,14 +445,14 @@ TEST_F(SecurityAuthenticationTest, authenticate_test1_case2_ECDHE_PSK) {
//---------------- Install Policy --------------
{
PermissionPolicy policy;
- SecurityAuthTestHelper::GeneratePermissivePolicyAll(policy, 1);
+ SecurityTestHelper::CreatePermissivePolicyAll(policy, 1);
SecurityApplicationProxy sapWithPeer1(managerBus, peer1Bus.GetUniqueName().c_str(), managerToPeer1SessionId);
EXPECT_EQ(ER_OK, sapWithPeer1.UpdatePolicy(policy));
// Don't instantly call SecureConnection we want to control when SecureConnection is called.
}
{
PermissionPolicy policy;
- SecurityAuthTestHelper::GeneratePermissivePolicyAll(policy, 1);
+ SecurityTestHelper::CreatePermissivePolicyAll(policy, 1);
SecurityApplicationProxy sapWithPeer2(managerBus, peer2Bus.GetUniqueName().c_str(), managerToPeer2SessionId);
EXPECT_EQ(ER_OK, sapWithPeer2.UpdatePolicy(policy));
// Don't instantly call SecureConnection we want to control when SecureConnection is called.
@@ -615,14 +485,14 @@ TEST_F(SecurityAuthenticationTest, authenticate_test1_case3_SRP) {
//---------------- Install Policy --------------
{
PermissionPolicy policy;
- SecurityAuthTestHelper::GeneratePermissivePolicyAll(policy, 1);
+ SecurityTestHelper::CreatePermissivePolicyAll(policy, 1);
SecurityApplicationProxy sapWithPeer1(managerBus, peer1Bus.GetUniqueName().c_str(), managerToPeer1SessionId);
EXPECT_EQ(ER_OK, sapWithPeer1.UpdatePolicy(policy));
// Don't instantly call SecureConnection we want to control when SecureConnection is called.
}
{
PermissionPolicy policy;
- SecurityAuthTestHelper::GeneratePermissivePolicyAll(policy, 1);
+ SecurityTestHelper::CreatePermissivePolicyAll(policy, 1);
SecurityApplicationProxy sapWithPeer2(managerBus, peer2Bus.GetUniqueName().c_str(), managerToPeer2SessionId);
EXPECT_EQ(ER_OK, sapWithPeer2.UpdatePolicy(policy));
// Don't instantly call SecureConnection we want to control when SecureConnection is called.
@@ -655,14 +525,14 @@ TEST_F(SecurityAuthenticationTest, authenticate_test1_case4_ECDHE_ECDSA) {
//---------------- Install Policy --------------
{
PermissionPolicy policy;
- SecurityAuthTestHelper::GeneratePermissivePolicyAll(policy, 1);
+ SecurityTestHelper::CreatePermissivePolicyAll(policy, 1);
SecurityApplicationProxy sapWithPeer1(managerBus, peer1Bus.GetUniqueName().c_str(), managerToPeer1SessionId);
EXPECT_EQ(ER_OK, sapWithPeer1.UpdatePolicy(policy));
// Don't instantly call SecureConnection we want to control when SecureConnection is called.
}
{
PermissionPolicy policy;
- SecurityAuthTestHelper::GeneratePermissivePolicyAll(policy, 1);
+ SecurityTestHelper::CreatePermissivePolicyAll(policy, 1);
SecurityApplicationProxy sapWithPeer2(managerBus, peer2Bus.GetUniqueName().c_str(), managerToPeer2SessionId);
EXPECT_EQ(ER_OK, sapWithPeer2.UpdatePolicy(policy));
// Don't instantly call SecureConnection we want to control when SecureConnection is called.
@@ -721,14 +591,14 @@ TEST_F(SecurityAuthenticationTest, authenticate_test2_case1_ECDHE_NULL) {
//----------------Install Policy --------------
{
PermissionPolicy policy;
- SecurityAuthTestHelper::GeneratePermissivePolicyAnyTrusted(policy, 1);
+ SecurityTestHelper::CreatePermissivePolicyAnyTrusted(policy, 1);
SecurityApplicationProxy sapWithPeer1(managerBus, peer1Bus.GetUniqueName().c_str(), managerToPeer1SessionId);
EXPECT_EQ(ER_OK, sapWithPeer1.UpdatePolicy(policy));
// Don't instantly call SecureConnection we want to control when SecureConnection is called.
}
{
PermissionPolicy policy;
- SecurityAuthTestHelper::GeneratePermissivePolicyAnyTrusted(policy, 1);
+ SecurityTestHelper::CreatePermissivePolicyAnyTrusted(policy, 1);
SecurityApplicationProxy sapWithPeer2(managerBus, peer2Bus.GetUniqueName().c_str(), managerToPeer2SessionId);
EXPECT_EQ(ER_OK, sapWithPeer2.UpdatePolicy(policy));
// Don't instantly call SecureConnection we want to control when SecureConnection is called.
@@ -761,14 +631,14 @@ TEST_F(SecurityAuthenticationTest, authenticate_test2_case2_ECDHE_PSK) {
//----------------Install Policy --------------
{
PermissionPolicy policy;
- SecurityAuthTestHelper::GeneratePermissivePolicyAnyTrusted(policy, 1);
+ SecurityTestHelper::CreatePermissivePolicyAnyTrusted(policy, 1);
SecurityApplicationProxy sapWithPeer1(managerBus, peer1Bus.GetUniqueName().c_str(), managerToPeer1SessionId);
EXPECT_EQ(ER_OK, sapWithPeer1.UpdatePolicy(policy));
// Don't instantly call SecureConnection we want to control when SecureConnection is called.
}
{
PermissionPolicy policy;
- SecurityAuthTestHelper::GeneratePermissivePolicyAnyTrusted(policy, 1);
+ SecurityTestHelper::CreatePermissivePolicyAnyTrusted(policy, 1);
SecurityApplicationProxy sapWithPeer2(managerBus, peer2Bus.GetUniqueName().c_str(), managerToPeer2SessionId);
EXPECT_EQ(ER_OK, sapWithPeer2.UpdatePolicy(policy));
// Don't instantly call SecureConnection we want to control when SecureConnection is called.
@@ -801,14 +671,14 @@ TEST_F(SecurityAuthenticationTest, authenticate_test2_case3_SRP) {
//----------------Install Policy --------------
{
PermissionPolicy policy;
- SecurityAuthTestHelper::GeneratePermissivePolicyAnyTrusted(policy, 1);
+ SecurityTestHelper::CreatePermissivePolicyAnyTrusted(policy, 1);
SecurityApplicationProxy sapWithPeer1(managerBus, peer1Bus.GetUniqueName().c_str(), managerToPeer1SessionId);
EXPECT_EQ(ER_OK, sapWithPeer1.UpdatePolicy(policy));
// Don't instantly call SecureConnection we want to control when SecureConnection is called.
}
{
PermissionPolicy policy;
- SecurityAuthTestHelper::GeneratePermissivePolicyAnyTrusted(policy, 1);
+ SecurityTestHelper::CreatePermissivePolicyAnyTrusted(policy, 1);
SecurityApplicationProxy sapWithPeer2(managerBus, peer2Bus.GetUniqueName().c_str(), managerToPeer2SessionId);
EXPECT_EQ(ER_OK, sapWithPeer2.UpdatePolicy(policy));
// Don't instantly call SecureConnection we want to control when SecureConnection is called.
@@ -841,14 +711,14 @@ TEST_F(SecurityAuthenticationTest, authenticate_test2_case4_ECDHE_ECDSA) {
//----------------Install Policy --------------
{
PermissionPolicy policy;
- SecurityAuthTestHelper::GeneratePermissivePolicyAnyTrusted(policy, 1);
+ SecurityTestHelper::CreatePermissivePolicyAnyTrusted(policy, 1);
SecurityApplicationProxy sapWithPeer1(managerBus, peer1Bus.GetUniqueName().c_str(), managerToPeer1SessionId);
EXPECT_EQ(ER_OK, sapWithPeer1.UpdatePolicy(policy));
// Don't instantly call SecureConnection we want to control when SecureConnection is called.
}
{
PermissionPolicy policy;
- SecurityAuthTestHelper::GeneratePermissivePolicyAnyTrusted(policy, 1);
+ SecurityTestHelper::CreatePermissivePolicyAnyTrusted(policy, 1);
SecurityApplicationProxy sapWithPeer2(managerBus, peer2Bus.GetUniqueName().c_str(), managerToPeer2SessionId);
EXPECT_EQ(ER_OK, sapWithPeer2.UpdatePolicy(policy));
// Don't instantly call SecureConnection we want to control when SecureConnection is called.
@@ -884,7 +754,7 @@ class SecurityAuthentication2AuthListener : public DefaultECDHEAuthListener {
0xdd, 0x3f, 0x1e, 0x03,
0x79, 0xda, 0x04, 0x6a,
0x3a, 0xb6, 0xca, 0x44 };
- PermissionMgmtTestHelper::CallDeprecatedSetPSK((DefaultECDHEAuthListener*) this, psk, sizeof(psk));
+ SecurityTestHelper::CallDeprecatedSetPSK((DefaultECDHEAuthListener*) this, psk, sizeof(psk));
}
QStatus RequestCredentialsAsync(const char* authMechanism, const char* authPeer, uint16_t authCount, const char* userId, uint16_t credMask, void* context)
@@ -996,7 +866,7 @@ class SecurityAuthenticationTest2 : public testing::Test {
SecurityApplicationProxy sapWithPeer2(managerBus, peer2Bus.GetUniqueName().c_str(), managerToPeer2SessionId);
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
//Get manager key
KeyInfoNISTP256 managerKey;
@@ -1024,17 +894,16 @@ class SecurityAuthenticationTest2 : public testing::Test {
const size_t certChainSize = 1;
IdentityCertificate identityCertChainMaster[certChainSize];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(busUsedAsCA,
- "0",
- managerGuid.ToString(),
- managerKey.GetPublicKey(),
- "ManagerAlias",
- 3600,
- identityCertChainMaster[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(busUsedAsCA,
+ "0",
+ managerGuid.ToString(),
+ managerKey.GetPublicKey(),
+ "ManagerAlias",
+ identityCertChainMaster[0])) << "Failed to create identity certificate.";
/* set claimable */
managerBus.GetPermissionConfigurator().SetApplicationState(PermissionConfigurator::CLAIMABLE);
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(busUsedAsCA, identityCertChainMaster[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(busUsedAsCA, identityCertChainMaster[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithManager.Claim(caKey,
managerGuid,
managerKey,
@@ -1043,25 +912,24 @@ class SecurityAuthenticationTest2 : public testing::Test {
ECCPublicKey managerPublicKey;
- GetAppPublicKey(managerBus, managerPublicKey);
+ SecurityTestHelper::GetAppPublicKey(managerBus, managerPublicKey);
ASSERT_EQ(*managerKey.GetPublicKey(), managerPublicKey);
//Create peer1 identityCert
IdentityCertificate identityCertChainPeer1[certChainSize];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(busUsedAsCA,
- "0",
- caGuid.ToString(),
- peer1Key.GetPublicKey(),
- "Peer1Alias",
- 3600,
- identityCertChainPeer1[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(busUsedAsCA,
+ "0",
+ caGuid.ToString(),
+ peer1Key.GetPublicKey(),
+ "Peer1Alias",
+ identityCertChainPeer1[0])) << "Failed to create identity certificate.";
SecurityApplicationProxy sapWithPeer1(managerBus, peer1Bus.GetUniqueName().c_str(), managerToPeer1SessionId);
//Manager claims Peers
/* set claimable */
peer1Bus.GetPermissionConfigurator().SetApplicationState(PermissionConfigurator::CLAIMABLE);
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(busUsedAsCA, identityCertChainPeer1[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(busUsedAsCA, identityCertChainPeer1[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithPeer1.Claim(caKey,
managerGuid,
caKey,
@@ -1071,16 +939,15 @@ class SecurityAuthenticationTest2 : public testing::Test {
//Create peer2 identityCert
IdentityCertificate identityCertChainPeer2[certChainSize];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(busUsedAsCA,
- "0",
- caGuid.ToString(),
- peer2Key.GetPublicKey(),
- "Peer2Alias",
- 3600,
- identityCertChainPeer2[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(busUsedAsCA,
+ "0",
+ caGuid.ToString(),
+ peer2Key.GetPublicKey(),
+ "Peer2Alias",
+ identityCertChainPeer2[0])) << "Failed to create identity certificate.";
peer2Bus.GetPermissionConfigurator().SetApplicationState(PermissionConfigurator::CLAIMABLE);
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(busUsedAsCA, identityCertChainPeer2[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(busUsedAsCA, identityCertChainPeer2[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithPeer2.Claim(caKey,
managerGuid,
caKey,
@@ -1095,41 +962,35 @@ class SecurityAuthenticationTest2 : public testing::Test {
String membershipSerial = "1";
qcc::MembershipCertificate managerMembershipCertificate[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert(membershipSerial,
- busUsedAsCA,
- managerBus.GetUniqueName(),
- managerKey.GetPublicKey(),
- managerGuid,
- false,
- 3600,
- managerMembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert(membershipSerial,
+ busUsedAsCA,
+ managerBus.GetUniqueName(),
+ managerKey.GetPublicKey(),
+ managerGuid,
+ managerMembershipCertificate[0]
+ ));
EXPECT_EQ(ER_OK, sapWithManager.InstallMembership(managerMembershipCertificate, 1));
// Install Membership certificate
qcc::MembershipCertificate peer1MembershipCertificate[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("1",
- busUsedAsCA,
- peer1Bus.GetUniqueName(),
- peer1Key.GetPublicKey(),
- managerGuid,
- false,
- 3600,
- peer1MembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("1",
+ busUsedAsCA,
+ peer1Bus.GetUniqueName(),
+ peer1Key.GetPublicKey(),
+ managerGuid,
+ peer1MembershipCertificate[0]
+ ));
EXPECT_EQ(ER_OK, sapWithPeer1.InstallMembership(peer1MembershipCertificate, 1));
qcc::MembershipCertificate peer2MembershipCertificate[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert(membershipSerial,
- busUsedAsCA,
- peer2Bus.GetUniqueName(),
- peer2Key.GetPublicKey(),
- managerGuid,
- false,
- 3600,
- peer2MembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert(membershipSerial,
+ busUsedAsCA,
+ peer2Bus.GetUniqueName(),
+ peer2Key.GetPublicKey(),
+ managerGuid,
+ peer2MembershipCertificate[0]
+ ));
EXPECT_EQ(ER_OK, sapWithPeer2.InstallMembership(peer2MembershipCertificate, 1));
}
@@ -1333,7 +1194,7 @@ class SecurityAuthenticationTest2 : public testing::Test {
EXPECT_EQ(ER_OK, sapWithPeer1.GetDefaultPolicy(peer1DefaultPolicy));
/* peer1 will have new CA but managerBus still retains admin group privilege so it can install identity
* cert to peer1 later */
- SecurityAuthTestHelper::UpdatePolicyWithValuesFromDefaultPolicy(peer1DefaultPolicy, policy, false, true);
+ SecurityTestHelper::UpdatePolicyWithValuesFromDefaultPolicy(peer1DefaultPolicy, policy, false, true);
EXPECT_EQ(ER_OK, sapWithPeer1.UpdatePolicy(policy));
EXPECT_EQ(ER_OK, sapWithPeer1.SecureConnection(true));
}
@@ -1349,7 +1210,7 @@ class SecurityAuthenticationTest2 : public testing::Test {
//Create peer1 identityCert
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
GUID128 peer1Guid;
@@ -1359,16 +1220,15 @@ class SecurityAuthenticationTest2 : public testing::Test {
KeyInfoNISTP256 peer1PublicKey;
EXPECT_EQ(ER_OK, pcCA.GetSigningPublicKey(peer1PublicKey));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(identityIssuer,
- "1",
- peer1Guid.ToString(),
- peer1PublicKey.GetPublicKey(),
- "Peer1Alias",
- 3600,
- identityCertChainPeer1[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(identityIssuer,
+ "1",
+ peer1Guid.ToString(),
+ peer1PublicKey.GetPublicKey(),
+ "Peer1Alias",
+ identityCertChainPeer1[0])) << "Failed to create identity certificate.";
SecurityApplicationProxy sapWithPeer1(managerBus, peer1Bus.GetUniqueName().c_str(), managerToPeer1SessionId);
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(identityIssuer, identityCertChainPeer1[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(identityIssuer, identityCertChainPeer1[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithPeer1.UpdateIdentity(identityCertChainPeer1, 1, manifests, ArraySize(manifests)))
<< "Failed to update Identity cert or manifest ";
uint32_t sessionId;
@@ -1424,7 +1284,7 @@ class SecurityAuthenticationTest2 : public testing::Test {
EXPECT_EQ(ER_OK, sapWithPeer1.GetDefaultPolicy(peer1DefaultPolicy));
/* peer1 will have new CA but managerBus still retains admin group privilege so it can install identity
* cert to peer1 later */
- SecurityAuthTestHelper::UpdatePolicyWithValuesFromDefaultPolicy(peer1DefaultPolicy, policy, false, true);
+ SecurityTestHelper::UpdatePolicyWithValuesFromDefaultPolicy(peer1DefaultPolicy, policy, false, true);
EXPECT_EQ(ER_OK, sapWithPeer1.UpdatePolicy(policy));
EXPECT_EQ(ER_OK, sapWithPeer1.SecureConnection(true));
}
@@ -1440,7 +1300,7 @@ class SecurityAuthenticationTest2 : public testing::Test {
//Create peer1 identityCert
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
GUID128 peer1Guid;
@@ -1450,16 +1310,15 @@ class SecurityAuthenticationTest2 : public testing::Test {
KeyInfoNISTP256 peer1PublicKey;
EXPECT_EQ(ER_OK, pcCA.GetSigningPublicKey(peer1PublicKey));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(identityIssuer,
- "1",
- peer1Guid.ToString(),
- peer1PublicKey.GetPublicKey(),
- "Peer1Alias",
- 3600,
- identityCertChainPeer1[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(identityIssuer,
+ "1",
+ peer1Guid.ToString(),
+ peer1PublicKey.GetPublicKey(),
+ "Peer1Alias",
+ identityCertChainPeer1[0])) << "Failed to create identity certificate.";
SecurityApplicationProxy sapWithPeer1(managerBus, peer1Bus.GetUniqueName().c_str(), managerToPeer1SessionId);
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(identityIssuer, identityCertChainPeer1[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(identityIssuer, identityCertChainPeer1[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithPeer1.UpdateIdentity(identityCertChainPeer1, 1, manifests, ArraySize(manifests)))
<< "Failed to update Identity cert or manifest ";
}
@@ -1481,7 +1340,7 @@ class SecurityAuthenticationTest2 : public testing::Test {
//Create peer1 identityCert
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
GUID128 peer1Guid;
@@ -1491,16 +1350,15 @@ class SecurityAuthenticationTest2 : public testing::Test {
KeyInfoNISTP256 peer1PublicKey;
EXPECT_EQ(ER_OK, pcCA.GetSigningPublicKey(peer1PublicKey));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(identityIssuer,
- "1",
- peer1Guid.ToString(),
- peer1PublicKey.GetPublicKey(),
- "Peer1Alias",
- 3600,
- identityCertChainPeer1[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(identityIssuer,
+ "1",
+ peer1Guid.ToString(),
+ peer1PublicKey.GetPublicKey(),
+ "Peer1Alias",
+ identityCertChainPeer1[0])) << "Failed to create identity certificate.";
SecurityApplicationProxy sapWithPeer1(managerBus, peer1Bus.GetUniqueName().c_str(), managerToPeer1SessionId);
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(identityIssuer, identityCertChainPeer1[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(identityIssuer, identityCertChainPeer1[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithPeer1.UpdateIdentity(identityCertChainPeer1, 1, manifests, ArraySize(manifests)))
<< "Failed to update Identity cert or manifest ";
uint32_t sessionId;
@@ -1921,7 +1779,7 @@ class SecurityAuthentication3AuthListener1 : public DefaultECDHEAuthListener {
0xdd, 0x3f, 0x1e, 0x03,
0x79, 0xda, 0x04, 0x6a,
0x3a, 0xb6, 0xca, 0x44 };
- PermissionMgmtTestHelper::CallDeprecatedSetPSK((DefaultECDHEAuthListener*) this, psk, sizeof(psk));
+ SecurityTestHelper::CallDeprecatedSetPSK((DefaultECDHEAuthListener*) this, psk, sizeof(psk));
calledAuthMechanisms.clear();
}
@@ -1951,7 +1809,7 @@ class SecurityAuthentication3AuthListener2 : public DefaultECDHEAuthListener {
0xdd, 0x3f, 0x1e, 0x03,
0x79, 0xda, 0x04, 0x6a,
0x3a, 0xb6, 0xca, 0x55 };
- PermissionMgmtTestHelper::CallDeprecatedSetPSK((DefaultECDHEAuthListener*) this, psk, sizeof(psk));
+ SecurityTestHelper::CallDeprecatedSetPSK((DefaultECDHEAuthListener*) this, psk, sizeof(psk));
calledAuthMechanisms.clear();
}
@@ -2067,7 +1925,7 @@ class SecurityAuthenticationTest3 : public testing::Test {
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
//Get manager key
KeyInfoNISTP256 managerKey;
@@ -2094,17 +1952,16 @@ class SecurityAuthenticationTest3 : public testing::Test {
const size_t certChainSize = 1;
IdentityCertificate identityCertChainMaster[certChainSize];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(busUsedAsCA,
- "0",
- managerGuid.ToString(),
- managerKey.GetPublicKey(),
- "ManagerAlias",
- 3600,
- identityCertChainMaster[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(busUsedAsCA,
+ "0",
+ managerGuid.ToString(),
+ managerKey.GetPublicKey(),
+ "ManagerAlias",
+ identityCertChainMaster[0])) << "Failed to create identity certificate.";
/* set claimable */
managerBus.GetPermissionConfigurator().SetApplicationState(PermissionConfigurator::CLAIMABLE);
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(busUsedAsCA, identityCertChainMaster[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(busUsedAsCA, identityCertChainMaster[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithManager.Claim(caKey,
managerGuid,
managerKey,
@@ -2113,25 +1970,24 @@ class SecurityAuthenticationTest3 : public testing::Test {
ECCPublicKey managerPublicKey;
- GetAppPublicKey(managerBus, managerPublicKey);
+ SecurityTestHelper::GetAppPublicKey(managerBus, managerPublicKey);
ASSERT_EQ(*managerKey.GetPublicKey(), managerPublicKey);
//Create peer1 identityCert
IdentityCertificate identityCertChainPeer1[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(busUsedAsCA,
- "0",
- caGuid.ToString(),
- peer1Key.GetPublicKey(),
- "Peer1Alias",
- 3600,
- identityCertChainPeer1[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(busUsedAsCA,
+ "0",
+ caGuid.ToString(),
+ peer1Key.GetPublicKey(),
+ "Peer1Alias",
+ identityCertChainPeer1[0])) << "Failed to create identity certificate.";
SecurityApplicationProxy sapWithPeer1(managerBus, peer1Bus.GetUniqueName().c_str(), managerToPeer1SessionId);
//Manager claims Peers
/* set claimable */
peer1Bus.GetPermissionConfigurator().SetApplicationState(PermissionConfigurator::CLAIMABLE);
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(busUsedAsCA, identityCertChainPeer1[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(busUsedAsCA, identityCertChainPeer1[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithPeer1.Claim(caKey,
managerGuid,
caKey,
@@ -2141,16 +1997,15 @@ class SecurityAuthenticationTest3 : public testing::Test {
//Create peer2 identityCert
IdentityCertificate identityCertChainPeer2[certChainSize];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(busUsedAsCA,
- "0",
- caGuid.ToString(),
- peer2Key.GetPublicKey(),
- "Peer2Alias",
- 3600,
- identityCertChainPeer2[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(busUsedAsCA,
+ "0",
+ caGuid.ToString(),
+ peer2Key.GetPublicKey(),
+ "Peer2Alias",
+ identityCertChainPeer2[0])) << "Failed to create identity certificate.";
peer2Bus.GetPermissionConfigurator().SetApplicationState(PermissionConfigurator::CLAIMABLE);
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(busUsedAsCA, identityCertChainPeer2[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(busUsedAsCA, identityCertChainPeer2[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithPeer2.Claim(caKey,
managerGuid,
caKey,
@@ -2165,41 +2020,35 @@ class SecurityAuthenticationTest3 : public testing::Test {
String membershipSerial = "1";
qcc::MembershipCertificate managerMembershipCertificate[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert(membershipSerial,
- busUsedAsCA,
- managerBus.GetUniqueName(),
- managerKey.GetPublicKey(),
- managerGuid,
- false,
- 3600,
- managerMembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert(membershipSerial,
+ busUsedAsCA,
+ managerBus.GetUniqueName(),
+ managerKey.GetPublicKey(),
+ managerGuid,
+ managerMembershipCertificate[0]
+ ));
EXPECT_EQ(ER_OK, sapWithManager.InstallMembership(managerMembershipCertificate, 1));
// Install Membership certificate
qcc::MembershipCertificate peer1MembershipCertificate[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("1",
- busUsedAsCA,
- peer1Bus.GetUniqueName(),
- peer1Key.GetPublicKey(),
- managerGuid,
- false,
- 3600,
- peer1MembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("1",
+ busUsedAsCA,
+ peer1Bus.GetUniqueName(),
+ peer1Key.GetPublicKey(),
+ managerGuid,
+ peer1MembershipCertificate[0]
+ ));
EXPECT_EQ(ER_OK, sapWithPeer1.InstallMembership(peer1MembershipCertificate, 1));
qcc::MembershipCertificate peer2MembershipCertificate[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert(membershipSerial,
- busUsedAsCA,
- peer2Bus.GetUniqueName(),
- peer2Key.GetPublicKey(),
- managerGuid,
- false,
- 3600,
- peer2MembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert(membershipSerial,
+ busUsedAsCA,
+ peer2Bus.GetUniqueName(),
+ peer2Key.GetPublicKey(),
+ managerGuid,
+ peer2MembershipCertificate[0]
+ ));
EXPECT_EQ(ER_OK, sapWithPeer2.InstallMembership(peer2MembershipCertificate, 1));
}
@@ -2311,7 +2160,7 @@ class SecurityAuthenticationTest3 : public testing::Test {
EXPECT_EQ(ER_OK, sapWithPeer1.GetDefaultPolicy(peer1DefaultPolicy));
/* peer1 will have new CA but managerBus still retains admin group privilege so it can install identity
* cert to peer1 later */
- SecurityAuthTestHelper::UpdatePolicyWithValuesFromDefaultPolicy(peer1DefaultPolicy, policy, false, true);
+ SecurityTestHelper::UpdatePolicyWithValuesFromDefaultPolicy(peer1DefaultPolicy, policy, false, true);
EXPECT_EQ(ER_OK, sapWithPeer1.UpdatePolicy(policy));
EXPECT_EQ(ER_OK, sapWithPeer1.SecureConnection(true));
}
@@ -2327,7 +2176,7 @@ class SecurityAuthenticationTest3 : public testing::Test {
//Create peer1 identityCert
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
GUID128 peer1Guid;
@@ -2337,16 +2186,15 @@ class SecurityAuthenticationTest3 : public testing::Test {
KeyInfoNISTP256 peer1PublicKey;
EXPECT_EQ(ER_OK, pcCA.GetSigningPublicKey(peer1PublicKey));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(identityIssuer,
- "1",
- peer1Guid.ToString(),
- peer1PublicKey.GetPublicKey(),
- "Peer1Alias",
- 3600,
- identityCertChainPeer1[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(identityIssuer,
+ "1",
+ peer1Guid.ToString(),
+ peer1PublicKey.GetPublicKey(),
+ "Peer1Alias",
+ identityCertChainPeer1[0])) << "Failed to create identity certificate.";
SecurityApplicationProxy sapWithPeer1(managerBus, peer1Bus.GetUniqueName().c_str(), managerToPeer1SessionId);
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(identityIssuer, identityCertChainPeer1[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(identityIssuer, identityCertChainPeer1[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithPeer1.UpdateIdentity(identityCertChainPeer1, 1, manifests, ArraySize(manifests)))
<< "Failed to update Identity cert or manifest ";
}
@@ -2628,7 +2476,7 @@ class SecurityAuthenticationTest4 : public testing::Test {
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
//Get manager key
KeyInfoNISTP256 managerKey;
@@ -2656,17 +2504,16 @@ class SecurityAuthenticationTest4 : public testing::Test {
const size_t certChainSize = 1;
IdentityCertificate identityCertChainMaster[certChainSize];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(managerBus,
- "0",
- managerGuid.ToString(),
- managerKey.GetPublicKey(),
- "ManagerAlias",
- 3600,
- identityCertChainMaster[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(managerBus,
+ "0",
+ managerGuid.ToString(),
+ managerKey.GetPublicKey(),
+ "ManagerAlias",
+ identityCertChainMaster[0])) << "Failed to create identity certificate.";
/* set claimable */
managerBus.GetPermissionConfigurator().SetApplicationState(PermissionConfigurator::CLAIMABLE);
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(managerBus, identityCertChainMaster[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(managerBus, identityCertChainMaster[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithManager.Claim(caKey,
managerGuid,
managerKey,
@@ -2675,24 +2522,23 @@ class SecurityAuthenticationTest4 : public testing::Test {
ECCPublicKey managerPublicKey;
- GetAppPublicKey(managerBus, managerPublicKey);
+ SecurityTestHelper::GetAppPublicKey(managerBus, managerPublicKey);
ASSERT_EQ(*managerKey.GetPublicKey(), managerPublicKey);
//Create peer1 identityCert
IdentityCertificate identityCertChainPeer1[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(managerBus,
- "0",
- caGuid.ToString(),
- peer1Key.GetPublicKey(),
- "Peer1Alias",
- 3600,
- identityCertChainPeer1[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(managerBus,
+ "0",
+ caGuid.ToString(),
+ peer1Key.GetPublicKey(),
+ "Peer1Alias",
+ identityCertChainPeer1[0])) << "Failed to create identity certificate.";
peer1Bus.GetPermissionConfigurator().SetApplicationState(PermissionConfigurator::CLAIMABLE);
SecurityApplicationProxy sapWithPeer1(managerBus, peer1Bus.GetUniqueName().c_str(), managerToPeer1SessionId);
//Manager claims Peers
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(managerBus, identityCertChainPeer1[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(managerBus, identityCertChainPeer1[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithPeer1.Claim(caKey,
managerGuid,
managerKey,
@@ -2702,16 +2548,15 @@ class SecurityAuthenticationTest4 : public testing::Test {
//Create peer2 identityCert
IdentityCertificate identityCertChainPeer2[certChainSize];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(managerBus,
- "0",
- caGuid.ToString(),
- peer2Key.GetPublicKey(),
- "Peer2Alias",
- 3600,
- identityCertChainPeer2[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(managerBus,
+ "0",
+ caGuid.ToString(),
+ peer2Key.GetPublicKey(),
+ "Peer2Alias",
+ identityCertChainPeer2[0])) << "Failed to create identity certificate.";
peer2Bus.GetPermissionConfigurator().SetApplicationState(PermissionConfigurator::CLAIMABLE);
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(managerBus, identityCertChainPeer2[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(managerBus, identityCertChainPeer2[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithPeer2.Claim(caKey,
managerGuid,
managerKey,
@@ -2726,42 +2571,36 @@ class SecurityAuthenticationTest4 : public testing::Test {
String membershipSerial = "1";
qcc::MembershipCertificate managerMembershipCertificate[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert(membershipSerial,
- managerBus,
- managerBus.GetUniqueName(),
- managerKey.GetPublicKey(),
- managerGuid,
- false,
- 3600,
- managerMembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert(membershipSerial,
+ managerBus,
+ managerBus.GetUniqueName(),
+ managerKey.GetPublicKey(),
+ managerGuid,
+ managerMembershipCertificate[0]
+ ));
EXPECT_EQ(ER_OK, sapWithManager.InstallMembership(managerMembershipCertificate, 1));
// Install Membership certificate
qcc::MembershipCertificate peer1MembershipCertificate[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("1",
- managerBus,
- peer1Bus.GetUniqueName(),
- peer1Key.GetPublicKey(),
- managerGuid,
- false,
- 3600,
- peer1MembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("1",
+ managerBus,
+ peer1Bus.GetUniqueName(),
+ peer1Key.GetPublicKey(),
+ managerGuid,
+ peer1MembershipCertificate[0]
+ ));
EXPECT_EQ(ER_OK, sapWithPeer1.InstallMembership(peer1MembershipCertificate, 1));
qcc::MembershipCertificate peer2MembershipCertificate[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert(membershipSerial,
- managerBus,
- peer2Bus.GetUniqueName(),
- peer2Key.GetPublicKey(),
- managerGuid,
- false,
- 3600,
- peer2MembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert(membershipSerial,
+ managerBus,
+ peer2Bus.GetUniqueName(),
+ peer2Key.GetPublicKey(),
+ managerGuid,
+ peer2MembershipCertificate[0]
+ ));
EXPECT_EQ(ER_OK, sapWithPeer2.InstallMembership(peer2MembershipCertificate, 1));
}
@@ -2791,7 +2630,7 @@ class SecurityAuthenticationTest4 : public testing::Test {
//Create peer1 identityCert
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
GUID128 peer1Guid;
@@ -2801,16 +2640,15 @@ class SecurityAuthenticationTest4 : public testing::Test {
KeyInfoNISTP256 peer1PublicKey;
EXPECT_EQ(ER_OK, pcCA.GetSigningPublicKey(peer1PublicKey));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(identityIssuer,
- "1",
- peer1Guid.ToString(),
- peer1PublicKey.GetPublicKey(),
- "Peer1Alias",
- 3600,
- identityCertChainPeer1[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(identityIssuer,
+ "1",
+ peer1Guid.ToString(),
+ peer1PublicKey.GetPublicKey(),
+ "Peer1Alias",
+ identityCertChainPeer1[0])) << "Failed to create identity certificate.";
SecurityApplicationProxy sapWithPeer1(managerBus, peer1Bus.GetUniqueName().c_str(), managerToPeer1SessionId);
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(identityIssuer, identityCertChainPeer1[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(identityIssuer, identityCertChainPeer1[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithPeer1.UpdateIdentity(identityCertChainPeer1, 1, manifests, ArraySize(manifests)))
<< "Failed to update Identity cert or manifest ";
uint32_t sessionId;
diff --git a/alljoyn_core/unit_test/SecurityClaimApplicationTest.cc b/alljoyn_core/unit_test/SecurityClaimApplicationTest.cc
index 000ced6..dee645a 100644
--- a/alljoyn_core/unit_test/SecurityClaimApplicationTest.cc
+++ b/alljoyn_core/unit_test/SecurityClaimApplicationTest.cc
@@ -38,10 +38,9 @@
#include <queue>
-#include "PermissionMgmtObj.h"
-#include "PermissionMgmtTest.h"
#include "InMemoryKeyStore.h"
#include "ajTestCommon.h"
+#include "SecurityTestHelper.h"
using namespace ajn;
using namespace qcc;
@@ -112,15 +111,13 @@ class SecurityClaimApplicationTest : public testing::Test {
String membershipSerial = "1";
qcc::MembershipCertificate managerMembershipCertificate[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert(membershipSerial,
- securityManagerBus,
- securityManagerBus.GetUniqueName(),
- managerKey.GetPublicKey(),
- managerGuid,
- false,
- 3600,
- managerMembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert(membershipSerial,
+ securityManagerBus,
+ securityManagerBus.GetUniqueName(),
+ managerKey.GetPublicKey(),
+ managerGuid,
+ managerMembershipCertificate[0]
+ ));
SecurityApplicationProxy sapWithManagerBus(securityManagerBus, securityManagerBus.GetUniqueName().c_str());
EXPECT_EQ(ER_OK, sapWithManagerBus.InstallMembership(managerMembershipCertificate, 1));
}
@@ -145,13 +142,6 @@ class SecurityClaimApplicationTest : public testing::Test {
};
-static void GetAppPublicKey(BusAttachment& bus, ECCPublicKey& publicKey)
-{
- KeyInfoNISTP256 keyInfo;
- bus.GetPermissionConfigurator().GetSigningPublicKey(keyInfo);
- publicKey = *keyInfo.GetPublicKey();
-}
-
TEST_F(SecurityClaimApplicationTest, IsUnclaimableByDefault)
{
//EnablePeerSecurity
@@ -264,18 +254,17 @@ TEST_F(SecurityClaimApplicationTest, Claim_using_ECDHE_NULL_session_successful)
EXPECT_EQ(ER_OK, sapWithPeer1.GetEccPublicKey(peer1PublicKey));
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(securityManagerBus,
- "0",
- securityManagerGuid.ToString(),
- &peer1PublicKey,
- "Alias",
- 3600,
- identityCertChain[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(securityManagerBus,
+ "0",
+ securityManagerGuid.ToString(),
+ &peer1PublicKey,
+ "Alias",
+ identityCertChain[0])) << "Failed to create identity certificate.";
appStateListener.stateChanged = false;
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(securityManagerBus, identityCertChain[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(securityManagerBus, identityCertChain[0], manifests[0]));
/*
* Claim Peer1
* the certificate authority is self signed so the certificateAuthority
@@ -378,18 +367,17 @@ TEST_F(SecurityClaimApplicationTest, Claim_with_NULL_fails_when_peer_requires_PS
EXPECT_EQ(ER_OK, sapWithPeer1.GetEccPublicKey(peer1PublicKey));
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(securityManagerBus,
- "0",
- securityManagerGuid.ToString(),
- &peer1PublicKey,
- "Alias",
- 3600,
- identityCertChain[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(securityManagerBus,
+ "0",
+ securityManagerGuid.ToString(),
+ &peer1PublicKey,
+ "Alias",
+ identityCertChain[0])) << "Failed to create identity certificate.";
appStateListener.stateChanged = false;
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(securityManagerBus, identityCertChain[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(securityManagerBus, identityCertChain[0], manifests[0]));
/*
* Claim Peer1
* the certificate authority is self signed so the certificateAuthority
@@ -483,17 +471,16 @@ TEST_F(SecurityClaimApplicationTest, Claim_with_NULL_fails_when_peer_requires_SP
EXPECT_EQ(ER_OK, sapWithPeer1.GetEccPublicKey(peer1PublicKey));
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
-
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(securityManagerBus,
- "0",
- securityManagerGuid.ToString(),
- &peer1PublicKey,
- "Alias",
- 3600,
- identityCertChain[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
+
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(securityManagerBus,
+ "0",
+ securityManagerGuid.ToString(),
+ &peer1PublicKey,
+ "Alias",
+ identityCertChain[0])) << "Failed to create identity certificate.";
appStateListener.stateChanged = false;
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(securityManagerBus, identityCertChain[0], manifests[0])) << "Failed to sign manifest";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(securityManagerBus, identityCertChain[0], manifests[0])) << "Failed to sign manifest";
/*
* Claim Peer1
* the certificate authority is self signed so the certificateAuthority
@@ -566,18 +553,17 @@ TEST_F(SecurityClaimApplicationTest, claim_fails_using_empty_caPublicKeyIdentifi
EXPECT_EQ(ER_OK, sapWithPeer1.GetEccPublicKey(peer1PublicKey));
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(securityManagerBus,
- "1215",
- securityManagerGuid.ToString(),
- &peer1PublicKey,
- "Alias",
- 3600,
- identityCertChain[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(securityManagerBus,
+ "1215",
+ securityManagerGuid.ToString(),
+ &peer1PublicKey,
+ "Alias",
+ identityCertChain[0])) << "Failed to create identity certificate.";
appStateListener.stateChanged = false;
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(securityManagerBus, identityCertChain[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(securityManagerBus, identityCertChain[0], manifests[0]));
/* set claimable */
peer1Bus.GetPermissionConfigurator().SetApplicationState(PermissionConfigurator::CLAIMABLE);
@@ -655,18 +641,17 @@ TEST_F(SecurityClaimApplicationTest, claim_fails_using_empty_adminGroupSecurityP
EXPECT_EQ(ER_OK, sapWithPeer1.GetEccPublicKey(peer1PublicKey));
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(securityManagerBus,
- "1215",
- securityManagerGuid.ToString(),
- &peer1PublicKey,
- "Alias",
- 3600,
- identityCertChain[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(securityManagerBus,
+ "1215",
+ securityManagerGuid.ToString(),
+ &peer1PublicKey,
+ "Alias",
+ identityCertChain[0])) << "Failed to create identity certificate.";
appStateListener.stateChanged = false;
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(securityManagerBus, identityCertChain[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(securityManagerBus, identityCertChain[0], manifests[0]));
/* set claimable */
peer1Bus.GetPermissionConfigurator().SetApplicationState(PermissionConfigurator::CLAIMABLE);
/*
@@ -779,19 +764,18 @@ TEST_F(SecurityClaimApplicationTest, Claim_using_ECDHE_NULL_caKey_not_same_as_ad
EXPECT_EQ(ER_OK, sapWithPeer1.GetEccPublicKey(peer1PublicKey));
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
// peer2 will become the one signing the identity certificate.
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(peer2Bus,
- "1215",
- caGuid.ToString(),
- &peer1PublicKey,
- "Alias",
- 3600,
- identityCertChain[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(peer2Bus,
+ "1215",
+ caGuid.ToString(),
+ &peer1PublicKey,
+ "Alias",
+ identityCertChain[0])) << "Failed to create identity certificate.";
appStateListener.stateChanged = false;
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(peer2Bus, identityCertChain[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(peer2Bus, identityCertChain[0], manifests[0]));
//Verify the caPublicKey != adminGroupSecurityPublicKey.
EXPECT_NE(caKey, securityManagerKey);
/*
@@ -845,7 +829,7 @@ TEST_F(SecurityClaimApplicationTest, Claim_using_ECDHE_PSK_session_successful)
//EnablePeerSecurity
const uint8_t psk[] = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16 };
securityManagerKeyListener = new DefaultECDHEAuthListener();
- PermissionMgmtTestHelper::CallDeprecatedSetPSK(securityManagerKeyListener, psk, sizeof(psk));
+ SecurityTestHelper::CallDeprecatedSetPSK(securityManagerKeyListener, psk, sizeof(psk));
securityManagerBus.EnablePeerSecurity("ALLJOYN_ECDHE_PSK", securityManagerKeyListener);
/* The State signal is only emitted if manifest template is installed */
@@ -862,7 +846,7 @@ TEST_F(SecurityClaimApplicationTest, Claim_using_ECDHE_PSK_session_successful)
appStateListener.stateChanged = false;
peer1KeyListener = new DefaultECDHEAuthListener();
- PermissionMgmtTestHelper::CallDeprecatedSetPSK(peer1KeyListener, psk, sizeof(psk));
+ SecurityTestHelper::CallDeprecatedSetPSK(peer1KeyListener, psk, sizeof(psk));
peer1Bus.EnablePeerSecurity("ALLJOYN_ECDHE_PSK", peer1KeyListener);
EXPECT_EQ(ER_OK, peer1Bus.GetPermissionConfigurator().SetClaimCapabilities(PermissionConfigurator::CAPABLE_ECDHE_PSK));
@@ -907,18 +891,17 @@ TEST_F(SecurityClaimApplicationTest, Claim_using_ECDHE_PSK_session_successful)
EXPECT_EQ(ER_OK, sapWithPeer1.GetEccPublicKey(peer1PublicKey));
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(securityManagerBus,
- "0",
- securityManagerGuid.ToString(),
- &peer1PublicKey,
- "Alias",
- 3600,
- identityCertChain[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(securityManagerBus,
+ "0",
+ securityManagerGuid.ToString(),
+ &peer1PublicKey,
+ "Alias",
+ identityCertChain[0])) << "Failed to create identity certificate.";
appStateListener.stateChanged = false;
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(securityManagerBus, identityCertChain[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(securityManagerBus, identityCertChain[0], manifests[0]));
/*
* Claim Peer1
* the certificate authority is self signed so the certificateAuthority
@@ -1032,18 +1015,17 @@ TEST_F(SecurityClaimApplicationTest, Claim_using_ECDHE_SPEKE_session_successful)
EXPECT_EQ(ER_OK, sapWithPeer1.GetEccPublicKey(peer1PublicKey));
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(securityManagerBus,
- "0",
- securityManagerGuid.ToString(),
- &peer1PublicKey,
- "Alias",
- 3600,
- identityCertChain[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(securityManagerBus,
+ "0",
+ securityManagerGuid.ToString(),
+ &peer1PublicKey,
+ "Alias",
+ identityCertChain[0])) << "Failed to create identity certificate.";
appStateListener.stateChanged = false;
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(securityManagerBus, identityCertChain[0], manifests[0])) << "Failed to sign manifest";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(securityManagerBus, identityCertChain[0], manifests[0])) << "Failed to sign manifest";
/*
* Claim Peer1
* The certificate authority is self signed so the certificateAuthority
@@ -1142,18 +1124,17 @@ TEST_F(SecurityClaimApplicationTest, fail_second_claim)
EXPECT_EQ(ER_OK, sapWithPeer1.GetEccPublicKey(peer1PublicKey));
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(securityManagerBus,
- "0",
- securityManagerGuid.ToString(),
- &peer1PublicKey,
- "Alias",
- 3600,
- identityCertChain[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(securityManagerBus,
+ "0",
+ securityManagerGuid.ToString(),
+ &peer1PublicKey,
+ "Alias",
+ identityCertChain[0])) << "Failed to create identity certificate.";
appStateListener.stateChanged = false;
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(securityManagerBus, identityCertChain[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(securityManagerBus, identityCertChain[0], manifests[0]));
/*
* Claim Peer1
* the certificate authority is self signed so the certificateAuthority
@@ -1260,18 +1241,17 @@ TEST_F(SecurityClaimApplicationTest, fail_second_claim_with_different_parameters
EXPECT_EQ(ER_OK, sapWithPeer1.GetEccPublicKey(peer1PublicKey));
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(securityManagerBus,
- "0",
- securityManagerGuid.ToString(),
- &peer1PublicKey,
- "Alias",
- 3600,
- identityCertChain[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(securityManagerBus,
+ "0",
+ securityManagerGuid.ToString(),
+ &peer1PublicKey,
+ "Alias",
+ identityCertChain[0])) << "Failed to create identity certificate.";
appStateListener.stateChanged = false;
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(securityManagerBus, identityCertChain[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(securityManagerBus, identityCertChain[0], manifests[0]));
/*
* Claim Peer1
* the certificate authority is self signed so the certificateAuthority
@@ -1304,15 +1284,14 @@ TEST_F(SecurityClaimApplicationTest, fail_second_claim_with_different_parameters
//Create identityCertChain
IdentityCertificate identityCertChain2[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(securityManagerBus,
- "0",
- securityManagerGuid.ToString(),
- &peer1PublicKey,
- "Alias",
- 3600,
- identityCertChain2[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(securityManagerBus,
+ "0",
+ securityManagerGuid.ToString(),
+ &peer1PublicKey,
+ "Alias",
+ identityCertChain2[0])) << "Failed to create identity certificate.";
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(securityManagerBus, identityCertChain2[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(securityManagerBus, identityCertChain2[0], manifests[0]));
EXPECT_EQ(ER_PERMISSION_DENIED, sapWithPeer1.Claim(securityManagerKey,
securityManagerGuid,
@@ -1393,18 +1372,17 @@ TEST_F(SecurityClaimApplicationTest, fail_when_claiming_non_claimable)
EXPECT_EQ(ER_OK, sapWithPeer1.GetEccPublicKey(peer1PublicKey));
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(securityManagerBus,
- "0",
- securityManagerGuid.ToString(),
- &peer1PublicKey,
- "Alias",
- 3600,
- identityCertChain[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(securityManagerBus,
+ "0",
+ securityManagerGuid.ToString(),
+ &peer1PublicKey,
+ "Alias",
+ identityCertChain[0])) << "Failed to create identity certificate.";
appStateListener.stateChanged = false;
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(securityManagerBus, identityCertChain[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(securityManagerBus, identityCertChain[0], manifests[0]));
/*
* Claim Peer1
* the certificate authority is self signed so the certificateAuthority
@@ -1487,17 +1465,16 @@ TEST_F(SecurityClaimApplicationTest, fail_claimer_security_not_enabled)
EXPECT_EQ(ER_OK, peer1PermissionConfigurator.GetSigningPublicKey(peer1Key));
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(peer2Bus,
- "0",
- securityManagerGuid.ToString(),
- peer1Key.GetPublicKey(),
- "Alias",
- 3600,
- identityCertChain[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(peer2Bus,
+ "0",
+ securityManagerGuid.ToString(),
+ peer1Key.GetPublicKey(),
+ "Alias",
+ identityCertChain[0])) << "Failed to create identity certificate.";
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(peer2Bus, identityCertChain[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(peer2Bus, identityCertChain[0], manifests[0]));
EXPECT_EQ(ER_BUS_SECURITY_NOT_ENABLED, sapWithPeer1.Claim(caKey,
securityManagerGuid,
caKey,
@@ -1554,18 +1531,17 @@ TEST_F(SecurityClaimApplicationTest, fail_when_peer_being_claimed_is_not_securit
IdentityCertificate identityCertChain[1];
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(securityManagerBus,
- "0",
- securityManagerGuid.ToString(),
- securityManagerKey.GetPublicKey(),
- "Alias",
- 3600,
- identityCertChain[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(securityManagerBus,
+ "0",
+ securityManagerGuid.ToString(),
+ securityManagerKey.GetPublicKey(),
+ "Alias",
+ identityCertChain[0])) << "Failed to create identity certificate.";
appStateListener.stateChanged = false;
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(securityManagerBus, identityCertChain[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(securityManagerBus, identityCertChain[0], manifests[0]));
SecurityApplicationProxy sapWithPeer1(securityManagerBus, peer1Bus.GetUniqueName().c_str());
/*
* Claim Peer1
@@ -1608,20 +1584,19 @@ class ClaimThread1 : public Thread {
// peer public key used to generate the identity certificate chain
ECCPublicKey peer1PublicKey;
- GetAppPublicKey(thiz->peer1Bus, peer1PublicKey);
+ SecurityTestHelper::GetAppPublicKey(thiz->peer1Bus, peer1PublicKey);
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(thiz->securityManagerBus,
- "0",
- securityManagerGuid.ToString(),
- &peer1PublicKey,
- "Alias",
- 3600,
- identityCertChain[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(thiz->securityManagerBus,
+ "0",
+ securityManagerGuid.ToString(),
+ &peer1PublicKey,
+ "Alias",
+ identityCertChain[0])) << "Failed to create identity certificate.";
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(thiz->securityManagerBus, identityCertChain[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(thiz->securityManagerBus, identityCertChain[0], manifests[0]));
status = sapWithPeer1.Claim(securityManagerKey,
securityManagerGuid,
@@ -1661,17 +1636,16 @@ class ClaimThread2 : public Thread {
peer1PublicKey = *keyInfo.GetPublicKey();
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(thiz->peer2Bus,
- "0",
- securityManagerGuid.ToString(),
- &peer1PublicKey,
- "Alias",
- 3600,
- identityCertChain[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(thiz->peer2Bus,
+ "0",
+ securityManagerGuid.ToString(),
+ &peer1PublicKey,
+ "Alias",
+ identityCertChain[0])) << "Failed to create identity certificate.";
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(thiz->peer2Bus, identityCertChain[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(thiz->peer2Bus, identityCertChain[0], manifests[0]));
status = sapWithPeer1.Claim(securityManagerKey,
securityManagerGuid,
@@ -1845,18 +1819,17 @@ TEST_F(SecurityClaimApplicationTest, fail_when_admin_and_peer_use_different_secu
EXPECT_EQ(ER_OK, peer1PermissionConfigurator.GetSigningPublicKey(peer1Key));
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(securityManagerBus,
- "0",
- securityManagerGuid.ToString(),
- peer1Key.GetPublicKey(),
- "Alias",
- 3600,
- identityCertChain[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(securityManagerBus,
+ "0",
+ securityManagerGuid.ToString(),
+ peer1Key.GetPublicKey(),
+ "Alias",
+ identityCertChain[0])) << "Failed to create identity certificate.";
appStateListener.stateChanged = false;
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(securityManagerBus, identityCertChain[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(securityManagerBus, identityCertChain[0], manifests[0]));
EXPECT_EQ(ER_AUTH_FAIL, sapWithPeer1.Claim(securityManagerKey,
securityManagerGuid,
@@ -1938,21 +1911,20 @@ TEST_F(SecurityClaimApplicationTest, fail_if_incorrect_publickey_used_in_identit
EXPECT_EQ(ER_OK, peer1PermissionConfigurator.GetSigningPublicKey(peer1Key));
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
// securityManagerKey used instead of Peer1 key to make sure we create an
// invalid cert.
EXPECT_NE(*peer1Key.GetPublicKey(), *securityManagerKey.GetPublicKey());
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(securityManagerBus,
- "0",
- securityManagerGuid.ToString(),
- securityManagerKey.GetPublicKey(),
- "Alias",
- 3600,
- identityCertChain[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(securityManagerBus,
+ "0",
+ securityManagerGuid.ToString(),
+ securityManagerKey.GetPublicKey(),
+ "Alias",
+ identityCertChain[0])) << "Failed to create identity certificate.";
appStateListener.stateChanged = false;
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(securityManagerBus, identityCertChain[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(securityManagerBus, identityCertChain[0], manifests[0]));
EXPECT_EQ(ER_UNKNOWN_CERTIFICATE, sapWithPeer1.Claim(securityManagerKey,
securityManagerGuid,
@@ -2155,21 +2127,20 @@ TEST_F(SecurityClaimApplicationTest, get_application_state_signal_for_claimed_pe
IdentityCertificate identityCertChain[1];
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(securityManagerBus,
- "0",
- securityManagerGuid.ToString(),
- &peer1PublicKey,
- "Alias",
- 3600,
- identityCertChain[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(securityManagerBus,
+ "0",
+ securityManagerGuid.ToString(),
+ &peer1PublicKey,
+ "Alias",
+ identityCertChain[0])) << "Failed to create identity certificate.";
peer1AppStateListener.stateChanged = false;
peer1AppStateListener.stateToCheck = PermissionConfigurator::CLAIMED;
EXPECT_TRUE(peer1AppStateListener.busNames.size() == 0 && peer1AppStateListener.publicKeys.size() == 0 && peer1AppStateListener.states.size() == 0);
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(securityManagerBus, identityCertChain[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(securityManagerBus, identityCertChain[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithPeer1.Claim(securityManagerKey,
securityManagerGuid,
securityManagerKey,
@@ -2253,18 +2224,17 @@ TEST_F(SecurityClaimApplicationTest, DISABLED_get_application_state_signal_for_c
IdentityCertificate identityCertChain[1];
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
// Manager bus claims itself
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(securityManagerBus,
- "0",
- managerGuid.ToString(),
- securityManagerKey.GetPublicKey(),
- "Alias",
- 3600,
- identityCertChain[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(securityManagerBus,
+ "0",
+ managerGuid.ToString(),
+ securityManagerKey.GetPublicKey(),
+ "Alias",
+ identityCertChain[0])) << "Failed to create identity certificate.";
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(securityManagerBus, identityCertChain[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(securityManagerBus, identityCertChain[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithManager.Claim(securityManagerKey,
managerGuid,
@@ -2272,15 +2242,14 @@ TEST_F(SecurityClaimApplicationTest, DISABLED_get_application_state_signal_for_c
identityCertChain, ArraySize(identityCertChain),
manifests, ArraySize(manifests)));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(securityManagerBus,
- "0",
- managerGuid.ToString(),
- peer1PublicKey.GetPublicKey(),
- "Alias",
- 3600,
- identityCertChain[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(securityManagerBus,
+ "0",
+ managerGuid.ToString(),
+ peer1PublicKey.GetPublicKey(),
+ "Alias",
+ identityCertChain[0])) << "Failed to create identity certificate.";
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(securityManagerBus, identityCertChain[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(securityManagerBus, identityCertChain[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithPeer1.Claim(securityManagerKey,
managerGuid,
diff --git a/alljoyn_core/unit_test/SecurityDefaultPolicyTest.cc b/alljoyn_core/unit_test/SecurityDefaultPolicyTest.cc
index 993bd8b..ba59ab9 100644
--- a/alljoyn_core/unit_test/SecurityDefaultPolicyTest.cc
+++ b/alljoyn_core/unit_test/SecurityDefaultPolicyTest.cc
@@ -27,16 +27,17 @@
* PERFORMANCE OF THIS SOFTWARE.
******************************************************************************/
#include <gtest/gtest.h>
+#include <alljoyn/AllJoynStd.h>
#include <alljoyn/AuthListener.h>
#include <alljoyn/BusAttachment.h>
#include <alljoyn/SecurityApplicationProxy.h>
+#include <qcc/Thread.h>
#include <qcc/Util.h>
#include <map>
#include "InMemoryKeyStore.h"
-#include "PermissionMgmtObj.h"
-#include "PermissionMgmtTest.h"
#include "ajTestCommon.h"
+#include "SecurityTestHelper.h"
using namespace ajn;
using namespace qcc;
@@ -173,13 +174,6 @@ class SecurityDefaultPolicyTest : public testing::Test {
{
}
- void GetAppPublicKey(BusAttachment& bus, ECCPublicKey& publicKey)
- {
- KeyInfoNISTP256 keyInfo;
- bus.GetPermissionConfigurator().GetSigningPublicKey(keyInfo);
- publicKey = *keyInfo.GetPublicKey();
- }
-
virtual void SetUp() {
EXPECT_EQ(ER_OK, managerBus.Start());
EXPECT_EQ(ER_OK, managerBus.Connect());
@@ -253,7 +247,7 @@ class SecurityDefaultPolicyTest : public testing::Test {
managerBus.RegisterApplicationStateListener(appStateListener);
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
//Get manager key
KeyInfoNISTP256 managerKey;
@@ -274,18 +268,17 @@ class SecurityDefaultPolicyTest : public testing::Test {
const size_t certChainSize = 1;
IdentityCertificate identityCertChainMaster[certChainSize];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(managerBus,
- "0",
- managerGuid.ToString(),
- managerKey.GetPublicKey(),
- "ManagerAlias",
- 3600,
- identityCertChainMaster[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(managerBus,
+ "0",
+ managerGuid.ToString(),
+ managerKey.GetPublicKey(),
+ "ManagerAlias",
+ identityCertChainMaster[0])) << "Failed to create identity certificate.";
SecurityApplicationProxy sapWithManagerBus(managerBus, managerBus.GetUniqueName().c_str());
/* set claimable */
managerBus.GetPermissionConfigurator().SetApplicationState(PermissionConfigurator::CLAIMABLE);
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(managerBus, identityCertChainMaster[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(managerBus, identityCertChainMaster[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithManagerBus.Claim(managerKey,
managerGuid,
managerKey,
@@ -300,7 +293,7 @@ class SecurityDefaultPolicyTest : public testing::Test {
}
ECCPublicKey managerPublicKey;
- GetAppPublicKey(managerBus, managerPublicKey);
+ SecurityTestHelper::GetAppPublicKey(managerBus, managerPublicKey);
ASSERT_EQ(*managerKey.GetPublicKey(), managerPublicKey);
ASSERT_EQ(PermissionConfigurator::ApplicationState::CLAIMED, appStateListener.stateMap[managerBus.GetUniqueName()]);
@@ -308,18 +301,17 @@ class SecurityDefaultPolicyTest : public testing::Test {
//Create peer1 identityCert
IdentityCertificate identityCertChainPeer1[certChainSize];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(managerBus,
- "0",
- managerGuid.ToString(),
- peer1Key.GetPublicKey(),
- "Peer1Alias",
- 3600,
- identityCertChainPeer1[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(managerBus,
+ "0",
+ managerGuid.ToString(),
+ peer1Key.GetPublicKey(),
+ "Peer1Alias",
+ identityCertChainPeer1[0])) << "Failed to create identity certificate.";
//Manager claims Peers
/* set claimable */
peer1Bus.GetPermissionConfigurator().SetApplicationState(PermissionConfigurator::CLAIMABLE);
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(managerBus, identityCertChainPeer1[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(managerBus, identityCertChainPeer1[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithPeer1.Claim(managerKey,
managerGuid,
managerKey,
@@ -339,16 +331,15 @@ class SecurityDefaultPolicyTest : public testing::Test {
IdentityCertificate identityCertChainPeer2[certChainSize];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(managerBus,
- "0",
- managerGuid.ToString(),
- peer2Key.GetPublicKey(),
- "Peer2Alias",
- 3600,
- identityCertChainPeer2[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(managerBus,
+ "0",
+ managerGuid.ToString(),
+ peer2Key.GetPublicKey(),
+ "Peer2Alias",
+ identityCertChainPeer2[0])) << "Failed to create identity certificate.";
/* set claimable */
peer2Bus.GetPermissionConfigurator().SetApplicationState(PermissionConfigurator::CLAIMABLE);
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(managerBus, identityCertChainPeer2[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(managerBus, identityCertChainPeer2[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithPeer2.Claim(managerKey,
managerGuid,
managerKey,
@@ -392,15 +383,13 @@ class SecurityDefaultPolicyTest : public testing::Test {
String membershipSerial = "1";
qcc::MembershipCertificate managerMembershipCertificate[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert(membershipSerial,
- managerBus,
- managerBus.GetUniqueName(),
- managerKey.GetPublicKey(),
- managerGuid,
- false,
- 3600,
- managerMembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert(membershipSerial,
+ managerBus,
+ managerBus.GetUniqueName(),
+ managerKey.GetPublicKey(),
+ managerGuid,
+ managerMembershipCertificate[0]
+ ));
SecurityApplicationProxy sapWithManagerBus(managerBus, managerBus.GetUniqueName().c_str());
EXPECT_EQ(ER_OK, sapWithManagerBus.InstallMembership(managerMembershipCertificate, 1));
}
@@ -413,15 +402,13 @@ class SecurityDefaultPolicyTest : public testing::Test {
String membershipSerial = "1";
qcc::MembershipCertificate peer1MembershipCertificate[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert(membershipSerial,
- managerBus,
- peer1Bus.GetUniqueName(),
- peer1Key.GetPublicKey(),
- managerGuid,
- false,
- 3600,
- peer1MembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert(membershipSerial,
+ managerBus,
+ peer1Bus.GetUniqueName(),
+ peer1Key.GetPublicKey(),
+ managerGuid,
+ peer1MembershipCertificate[0]
+ ));
SecurityApplicationProxy sapWithPeer1(managerBus, peer1Bus.GetUniqueName().c_str(), managerToPeer1SessionId);
EXPECT_EQ(ER_OK, sapWithPeer1.InstallMembership(peer1MembershipCertificate, 1));
}
@@ -434,96 +421,17 @@ class SecurityDefaultPolicyTest : public testing::Test {
String membershipSerial = "1";
qcc::MembershipCertificate peer2MembershipCertificate[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert(membershipSerial,
- managerBus,
- peer2Bus.GetUniqueName(),
- peer2Key.GetPublicKey(),
- managerGuid,
- false,
- 3600,
- peer2MembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert(membershipSerial,
+ managerBus,
+ peer2Bus.GetUniqueName(),
+ peer2Key.GetPublicKey(),
+ managerGuid,
+ peer2MembershipCertificate[0]
+ ));
SecurityApplicationProxy sapWithPeer2(managerBus, peer2Bus.GetUniqueName().c_str(), managerToPeer2SessionId);
EXPECT_EQ(ER_OK, sapWithPeer2.InstallMembership(peer2MembershipCertificate, 1));
}
- /*
- * Creates a PermissionPolicy that allows everything.
- * @policy[out] the policy to set
- * @version[in] the version number for the policy
- */
- void GeneratePermissivePolicy(PermissionPolicy& policy, uint32_t version) {
- policy.SetVersion(version);
- {
- PermissionPolicy::Acl acls[1];
- {
- PermissionPolicy::Peer peers[1];
- peers[0].SetType(PermissionPolicy::Peer::PEER_ALL);
- acls[0].SetPeers(1, peers);
- }
- {
- PermissionPolicy::Rule rules[1];
- rules[0].SetObjPath("*");
- rules[0].SetInterfaceName("*");
- {
- PermissionPolicy::Rule::Member members[1];
- members[0].Set("*",
- PermissionPolicy::Rule::Member::NOT_SPECIFIED,
- PermissionPolicy::Rule::Member::ACTION_PROVIDE |
- PermissionPolicy::Rule::Member::ACTION_MODIFY |
- PermissionPolicy::Rule::Member::ACTION_OBSERVE);
- rules[0].SetMembers(1, members);
- }
- acls[0].SetRules(1, rules);
- }
- policy.SetAcls(1, acls);
- }
- }
-
- QStatus UpdatePolicyWithValuesFromDefaultPolicy(const PermissionPolicy& defaultPolicy,
- PermissionPolicy& policy,
- bool keepCAentry = true,
- bool keepAdminGroupEntry = false,
- bool keepInstallMembershipEntry = false) {
- size_t count = policy.GetAclsSize();
- if (keepCAentry) {
- ++count;
- }
- if (keepAdminGroupEntry) {
- ++count;
- }
- if (keepInstallMembershipEntry) {
- ++count;
- }
-
- PermissionPolicy::Acl* acls = new PermissionPolicy::Acl[count];
- size_t idx = 0;
- for (size_t cnt = 0; cnt < defaultPolicy.GetAclsSize(); ++cnt) {
- if (defaultPolicy.GetAcls()[cnt].GetPeersSize() > 0) {
- if (defaultPolicy.GetAcls()[cnt].GetPeers()[0].GetType() == PermissionPolicy::Peer::PEER_FROM_CERTIFICATE_AUTHORITY) {
- if (keepCAentry) {
- acls[idx++] = defaultPolicy.GetAcls()[cnt];
- }
- } else if (defaultPolicy.GetAcls()[cnt].GetPeers()[0].GetType() == PermissionPolicy::Peer::PEER_WITH_MEMBERSHIP) {
- if (keepAdminGroupEntry) {
- acls[idx++] = defaultPolicy.GetAcls()[cnt];
- }
- } else if (defaultPolicy.GetAcls()[cnt].GetPeers()[0].GetType() == PermissionPolicy::Peer::PEER_WITH_PUBLIC_KEY) {
- if (keepInstallMembershipEntry) {
- acls[idx++] = defaultPolicy.GetAcls()[cnt];
- }
- }
- }
-
- }
- for (size_t cnt = 0; cnt < policy.GetAclsSize(); ++cnt) {
- QCC_ASSERT(idx <= count);
- acls[idx++] = policy.GetAcls()[cnt];
- }
- policy.SetAcls(count, acls);
- delete [] acls;
- return ER_OK;
- }
BusAttachment managerBus;
BusAttachment peer1Bus;
BusAttachment peer2Bus;
@@ -606,12 +514,12 @@ TEST_F(SecurityDefaultPolicyTest, DefaultPolicy_ECDSA_everything_passes)
/* install all permissive permission policy for Peer1*/
//Permission policy that will be installed on peer1
PermissionPolicy peer1Policy;
- GeneratePermissivePolicy(peer1Policy, 1);
+ SecurityTestHelper::CreatePermissivePolicyAll(peer1Policy, 1);
SecurityApplicationProxy sapWithPeer1(managerBus, peer1Bus.GetUniqueName().c_str(), managerToPeer1SessionId);
{
PermissionPolicy defaultPolicy;
EXPECT_EQ(ER_OK, sapWithPeer1.GetDefaultPolicy(defaultPolicy));
- EXPECT_EQ(ER_OK, UpdatePolicyWithValuesFromDefaultPolicy(defaultPolicy, peer1Policy));
+ SecurityTestHelper::UpdatePolicyWithValuesFromDefaultPolicy(defaultPolicy, peer1Policy);
}
EXPECT_EQ(ER_OK, sapWithPeer1.UpdatePolicy(peer1Policy));
EXPECT_EQ(ER_OK, sapWithPeer1.SecureConnection(true));
@@ -874,13 +782,13 @@ TEST_F(SecurityDefaultPolicyTest, DefaultPolicy_ECDHE_NULL_everything_fails)
/* install all permissive permission policy for Peer1*/
//Permission policy that will be installed on peer1
PermissionPolicy peer1Policy;
- GeneratePermissivePolicy(peer1Policy, 1);
+ SecurityTestHelper::CreatePermissivePolicyAll(peer1Policy, 1);
SecurityApplicationProxy sapWithPeer1(managerBus, peer1Bus.GetUniqueName().c_str(), managerToPeer1SessionId);
{
PermissionPolicy defaultPolicy;
EXPECT_EQ(ER_OK, sapWithPeer1.GetDefaultPolicy(defaultPolicy));
- EXPECT_EQ(ER_OK, UpdatePolicyWithValuesFromDefaultPolicy(defaultPolicy, peer1Policy));
+ SecurityTestHelper::UpdatePolicyWithValuesFromDefaultPolicy(defaultPolicy, peer1Policy);
}
EXPECT_EQ(ER_OK, sapWithPeer1.UpdatePolicy(peer1Policy));
EXPECT_EQ(ER_OK, sapWithPeer1.SecureConnection(true));
@@ -1080,13 +988,13 @@ TEST_F(SecurityDefaultPolicyTest, DefaultPolicy_MemberShipCertificate_not_instal
/* install all permissive permission policy for Peer1*/
//Permission policy that will be installed on peer1
PermissionPolicy peer1Policy;
- GeneratePermissivePolicy(peer1Policy, 1);
+ SecurityTestHelper::CreatePermissivePolicyAll(peer1Policy, 1);
SecurityApplicationProxy sapWithPeer1(managerBus, peer1Bus.GetUniqueName().c_str(), managerToPeer1SessionId);
{
PermissionPolicy defaultPolicy;
EXPECT_EQ(ER_OK, sapWithPeer1.GetDefaultPolicy(defaultPolicy));
- EXPECT_EQ(ER_OK, UpdatePolicyWithValuesFromDefaultPolicy(defaultPolicy, peer1Policy));
+ SecurityTestHelper::UpdatePolicyWithValuesFromDefaultPolicy(defaultPolicy, peer1Policy);
}
EXPECT_EQ(ER_OK, sapWithPeer1.UpdatePolicy(peer1Policy));
EXPECT_EQ(ER_OK, sapWithPeer1.SecureConnection(true));
@@ -1465,15 +1373,13 @@ TEST_F(SecurityDefaultPolicyTest, DefaultPolicy_self_install_membership_certific
qcc::GUID128 peer1Guid;
qcc::MembershipCertificate peer1MembershipCertificate[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert(membershipSerial,
- managerBus,
- peer1Bus.GetUniqueName(),
- peer1Key.GetPublicKey(),
- peer1Guid,
- false,
- 3600,
- peer1MembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert(membershipSerial,
+ managerBus,
+ peer1Bus.GetUniqueName(),
+ peer1Key.GetPublicKey(),
+ peer1Guid,
+ peer1MembershipCertificate[0]
+ ));
SecurityApplicationProxy sapPeer1WithSelf(peer1Bus, peer1Bus.GetUniqueName().c_str());
// app. bus calls InstallMembership on itself.
@@ -1560,7 +1466,7 @@ TEST_F(SecurityDefaultPolicyTest, default_policy_overridden_when_a_new_policy_in
PermissionPolicy defaultPolicy;
EXPECT_EQ(ER_OK, sapWithPeer1.GetDefaultPolicy(defaultPolicy));
- EXPECT_EQ(ER_OK, UpdatePolicyWithValuesFromDefaultPolicy(defaultPolicy, policy));
+ SecurityTestHelper::UpdatePolicyWithValuesFromDefaultPolicy(defaultPolicy, policy);
EXPECT_NE(policy, defaultPolicy);
EXPECT_EQ(ER_OK, sapWithPeer1.UpdatePolicy(policy));
@@ -1568,11 +1474,11 @@ TEST_F(SecurityDefaultPolicyTest, default_policy_overridden_when_a_new_policy_in
SecurityApplicationProxy sapWithPeer2(managerBus, peer2Bus.GetUniqueName().c_str(), managerToPeer2SessionId);
PermissionPolicy peer2Policy;
- GeneratePermissivePolicy(peer2Policy, 1);
+ SecurityTestHelper::CreatePermissivePolicyAll(peer2Policy, 1);
{
PermissionPolicy defaultPolicy;
EXPECT_EQ(ER_OK, sapWithPeer2.GetDefaultPolicy(defaultPolicy));
- EXPECT_EQ(ER_OK, UpdatePolicyWithValuesFromDefaultPolicy(defaultPolicy, peer2Policy));
+ SecurityTestHelper::UpdatePolicyWithValuesFromDefaultPolicy(defaultPolicy, peer2Policy);
}
EXPECT_EQ(ER_OK, sapWithPeer2.UpdatePolicy(peer2Policy));
EXPECT_EQ(ER_OK, sapWithPeer1.SecureConnection(true));
@@ -1621,11 +1527,11 @@ TEST_F(SecurityDefaultPolicyTest, manifest_can_deny_secure_management_operations
SecurityApplicationProxy sapWithPeer1(managerBus, peer1Bus.GetUniqueName().c_str(), managerToPeer1SessionId);
SecurityApplicationProxy sapWithPeer2(managerBus, peer2Bus.GetUniqueName().c_str(), managerToPeer2SessionId);
PermissionPolicy peer1Policy;
- GeneratePermissivePolicy(peer1Policy, 1);
+ SecurityTestHelper::CreatePermissivePolicyAll(peer1Policy, 1);
{
PermissionPolicy peer1DefaultPolicy;
EXPECT_EQ(ER_OK, sapWithPeer1.GetDefaultPolicy(peer1DefaultPolicy));
- UpdatePolicyWithValuesFromDefaultPolicy(peer1DefaultPolicy, peer1Policy, true, true);
+ SecurityTestHelper::UpdatePolicyWithValuesFromDefaultPolicy(peer1DefaultPolicy, peer1Policy, true, true);
}
EXPECT_EQ(ER_OK, sapWithPeer1.UpdatePolicy(peer1Policy));
EXPECT_EQ(ER_OK, sapWithPeer1.SecureConnection(true));
@@ -1667,15 +1573,14 @@ TEST_F(SecurityDefaultPolicyTest, manifest_can_deny_secure_management_operations
//Create peer1 identityCert
IdentityCertificate identityCertChainPeer1[certChainSize];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(managerBus,
- "1",
- managerGuid.ToString(),
- peer1Key.GetPublicKey(),
- "Peer1Alias",
- 3600,
- identityCertChainPeer1[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(managerBus,
+ "1",
+ managerGuid.ToString(),
+ peer1Key.GetPublicKey(),
+ "Peer1Alias",
+ identityCertChainPeer1[0])) << "Failed to create identity certificate.";
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(managerBus, identityCertChainPeer1[0], peer1Manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(managerBus, identityCertChainPeer1[0], peer1Manifests[0]));
EXPECT_EQ(ER_OK, sapWithPeer1.UpdateIdentity(identityCertChainPeer1, certChainSize, peer1Manifests, ArraySize(peer1Manifests)));
EXPECT_EQ(ER_OK, sapWithPeer1.SecureConnection(true));
@@ -1714,15 +1619,14 @@ TEST_F(SecurityDefaultPolicyTest, manifest_can_deny_secure_management_operations
//Create peer2 identityCert
IdentityCertificate identityCertChainPeer2[certChainSize];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(managerBus,
- "1",
- managerGuid.ToString(),
- peer2Key.GetPublicKey(),
- "Peer2Alias",
- 3600,
- identityCertChainPeer2[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(managerBus,
+ "1",
+ managerGuid.ToString(),
+ peer2Key.GetPublicKey(),
+ "Peer2Alias",
+ identityCertChainPeer2[0])) << "Failed to create identity certificate.";
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(managerBus, identityCertChainPeer2[0], peer2Manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(managerBus, identityCertChainPeer2[0], peer2Manifests[0]));
EXPECT_EQ(ER_OK, sapWithPeer2.UpdateIdentity(identityCertChainPeer2, certChainSize, peer2Manifests, ArraySize(peer2Manifests)));
EXPECT_EQ(ER_OK, sapWithPeer2.SecureConnection(true));
@@ -1767,15 +1671,13 @@ TEST(SecurityDefaultPolicy2Test, DefaultPolicy_self_install_membership_certifica
qcc::GUID128 guid;
qcc::MembershipCertificate membershipCertificate[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert(serial,
- unclaimedBus,
- unclaimedBus.GetUniqueName(),
- key.GetPublicKey(),
- guid,
- false,
- 3600,
- membershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert(serial,
+ unclaimedBus,
+ unclaimedBus.GetUniqueName(),
+ key.GetPublicKey(),
+ guid,
+ membershipCertificate[0]
+ ));
SecurityApplicationProxy sapWithSelf(unclaimedBus, unclaimedBus.GetUniqueName().c_str());
// app. bus is not claimed.
diff --git a/alljoyn_core/unit_test/SecurityManagementTest.cc b/alljoyn_core/unit_test/SecurityManagementTest.cc
index ddf5199..8ab1331 100644
--- a/alljoyn_core/unit_test/SecurityManagementTest.cc
+++ b/alljoyn_core/unit_test/SecurityManagementTest.cc
@@ -27,17 +27,18 @@
* PERFORMANCE OF THIS SOFTWARE.
******************************************************************************/
#include <gtest/gtest.h>
+#include <alljoyn/AllJoynStd.h>
#include <alljoyn/AuthListener.h>
#include <alljoyn/BusAttachment.h>
#include <alljoyn/SecurityApplicationProxy.h>
+#include <qcc/Thread.h>
#include <qcc/Util.h>
#include <map>
#include "InMemoryKeyStore.h"
-#include "PermissionMgmtObj.h"
-#include "PermissionMgmtTest.h"
#include "KeyStore.h"
#include "ajTestCommon.h"
+#include "SecurityTestHelper.h"
#define TEN_MINS 600 // 600 secs is 10 mins
@@ -169,13 +170,6 @@ class ChirpSignalReceiver : public MessageReceiver {
bool signalReceivedFlag;
};
-static void GetAppPublicKey(BusAttachment& bus, ECCPublicKey& publicKey)
-{
- KeyInfoNISTP256 keyInfo;
- bus.GetPermissionConfigurator().GetSigningPublicKey(keyInfo);
- publicKey = *keyInfo.GetPublicKey();
-}
-
class SecurityManagementTestConfigurationListener : public PermissionConfigurationListener {
public:
SecurityManagementTestConfigurationListener() : factoryResetReceived(false), policyChangedReceived(false),
@@ -268,7 +262,7 @@ class SecurityManagementPolicyTest : public testing::Test {
EXPECT_EQ(ER_OK, peer2Bus.EnablePeerSecurity("ALLJOYN_ECDHE_NULL ALLJOYN_ECDHE_ECDSA", peer2AuthListener, nullptr, false, &peer2ConfigurationListener));
EXPECT_EQ(ER_OK, peer3Bus.EnablePeerSecurity("ALLJOYN_ECDHE_NULL ALLJOYN_ECDHE_ECDSA", peer3AuthListener, nullptr, false, &peer3ConfigurationListener));
- PermissionMgmtTestHelper::GetGUID(managerBus, managerGuid);
+ SecurityTestHelper::GetGUID(managerBus, managerGuid);
SetManifestTemplate(managerBus);
SetManifestTemplate(peer1Bus);
SetManifestTemplate(peer2Bus);
@@ -327,7 +321,7 @@ class SecurityManagementPolicyTest : public testing::Test {
managerBus.RegisterApplicationStateListener(appStateListener);
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
EXPECT_EQ(ER_OK, managerConfigurator.GetSigningPublicKey(managerPublicKey));
@@ -345,17 +339,16 @@ class SecurityManagementPolicyTest : public testing::Test {
const size_t certChainSize = 1;
IdentityCertificate identityCertChainMaster[certChainSize];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(managerBus,
- "0",
- managerGuid.ToString(),
- managerPublicKey.GetPublicKey(),
- "ManagerAlias",
- 3600,
- identityCertChainMaster[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(managerBus,
+ "0",
+ managerGuid.ToString(),
+ managerPublicKey.GetPublicKey(),
+ "ManagerAlias",
+ identityCertChainMaster[0])) << "Failed to create identity certificate.";
string signedManifestXml;
AJ_PCSTR signedManifestXmlC;
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(managerBus, identityCertChainMaster[0], s_defaultManifestTemplateXml, signedManifestXml));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(managerBus, identityCertChainMaster[0], s_defaultManifestTemplateXml, signedManifestXml));
signedManifestXmlC = signedManifestXml.c_str();
EXPECT_EQ(ER_OK, managerConfigurator.Claim(managerPublicKey,
managerGuid,
@@ -376,15 +369,14 @@ class SecurityManagementPolicyTest : public testing::Test {
IdentityCertificate identityCertChainPeer1[certChainSize];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(managerBus,
- "0",
- managerGuid.ToString(),
- peer1Key.GetPublicKey(),
- "Peer1Alias",
- 3600,
- identityCertChainPeer1[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(managerBus,
+ "0",
+ managerGuid.ToString(),
+ peer1Key.GetPublicKey(),
+ "Peer1Alias",
+ identityCertChainPeer1[0])) << "Failed to create identity certificate.";
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(managerBus, identityCertChainPeer1[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(managerBus, identityCertChainPeer1[0], manifests[0]));
//Manager claims Peers
EXPECT_EQ(ER_OK, sapWithPeer1.Claim(managerPublicKey,
managerGuid,
@@ -403,14 +395,13 @@ class SecurityManagementPolicyTest : public testing::Test {
// Create peer2 identityCert
IdentityCertificate identityCertChainPeer2[certChainSize];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(managerBus,
- "0",
- managerGuid.ToString(),
- peer2Key.GetPublicKey(),
- "Peer2Alias",
- 3600,
- identityCertChainPeer2[0])) << "Failed to create identity certificate.";
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(managerBus, identityCertChainPeer2[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(managerBus,
+ "0",
+ managerGuid.ToString(),
+ peer2Key.GetPublicKey(),
+ "Peer2Alias",
+ identityCertChainPeer2[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(managerBus, identityCertChainPeer2[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithPeer2.Claim(managerPublicKey,
managerGuid,
managerPublicKey,
@@ -483,13 +474,12 @@ class SecurityManagementPolicyTest : public testing::Test {
ASSERT_EQ(ER_OK, securityApplicationProxy.GetEccPublicKey(peerPublicKey));
IdentityCertificate identityCertChain[1];
- ASSERT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(
+ ASSERT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(
managerBus,
"0",
managerGuid.ToString(),
&peerPublicKey,
"PeerAlias",
- 3600,
identityCertChain[0])) << "Failed to create identity certificate.";
PermissionConfigurator::ApplicationState applicationState;
@@ -497,8 +487,8 @@ class SecurityManagementPolicyTest : public testing::Test {
ASSERT_EQ(PermissionConfigurator::CLAIMABLE, applicationState);
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
- ASSERT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(managerBus, identityCertChain[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ ASSERT_EQ(ER_OK, SecurityTestHelper::SignManifest(managerBus, identityCertChain[0], manifests[0]));
ASSERT_EQ(ER_OK, securityApplicationProxy.Claim(
managerPublicKey,
@@ -513,15 +503,14 @@ class SecurityManagementPolicyTest : public testing::Test {
void InstallMembershipOnManager() {
String membershipSerial = "1";
qcc::MembershipCertificate managerMembershipCertificate[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert(membershipSerial,
- managerBus,
- managerBusUniqueName,
- managerPublicKey.GetPublicKey(),
- managerGuid,
- true,
- 3600,
- managerMembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert(membershipSerial,
+ managerBus,
+ managerBusUniqueName,
+ managerPublicKey.GetPublicKey(),
+ managerGuid,
+ managerMembershipCertificate[0],
+ true
+ ));
PermissionConfigurator& managerConfigurator = managerBus.GetPermissionConfigurator();
EXPECT_EQ(ER_OK, managerConfigurator.InstallMembership(managerMembershipCertificate, 1));
}
@@ -535,15 +524,13 @@ class SecurityManagementPolicyTest : public testing::Test {
String membershipSerial = "1";
qcc::MembershipCertificate peer1MembershipCertificate[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert(membershipSerial,
- managerBus,
- peer1BusUniqueName,
- peer1Key.GetPublicKey(),
- managerGuid,
- false,
- 3600,
- peer1MembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert(membershipSerial,
+ managerBus,
+ peer1BusUniqueName,
+ peer1Key.GetPublicKey(),
+ managerGuid,
+ peer1MembershipCertificate[0]
+ ));
SecurityApplicationProxy sapWithPeer1(managerBus, peer1BusUniqueName.c_str(), managerToPeer1SessionId);
EXPECT_EQ(ER_OK, sapWithPeer1.InstallMembership(peer1MembershipCertificate, 1));
}
@@ -557,15 +544,13 @@ class SecurityManagementPolicyTest : public testing::Test {
String membershipSerial = "1";
qcc::MembershipCertificate peer2MembershipCertificate[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert(membershipSerial,
- managerBus,
- peer2BusUniqueName,
- peer2Key.GetPublicKey(),
- managerGuid,
- false,
- 3600,
- peer2MembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert(membershipSerial,
+ managerBus,
+ peer2BusUniqueName,
+ peer2Key.GetPublicKey(),
+ managerGuid,
+ peer2MembershipCertificate[0]
+ ));
SecurityApplicationProxy sapWithPeer2(managerBus, peer2BusUniqueName.c_str(), managerToPeer2SessionId);
EXPECT_EQ(ER_OK, sapWithPeer2.InstallMembership(peer2MembershipCertificate, 1));
}
@@ -575,22 +560,6 @@ class SecurityManagementPolicyTest : public testing::Test {
ASSERT_EQ(ER_OK, bus.GetPermissionConfigurator().SetManifestTemplateFromXml(s_defaultManifestTemplateXml));
}
- static QStatus UpdatePolicyWithValuesFromDefaultPolicy(const PermissionPolicy& defaultPolicy,
- PermissionPolicy& policy,
- bool keepCAentry = true,
- bool keepAdminGroupEntry = false,
- bool keepInstallMembershipEntry = false);
-
- /*
- * this will create a Policy that will allow access to everything.
- * Many of the tests assume that a Bus is able to respond to method calls
- * The value of the policy is unimportant just that the bus is using security
- * and is responsive.
- *
- * DOES NOT add the CA entry from the default policy
- */
- static void CreatePermissivePolicy(PermissionPolicy& policy, uint32_t version);
-
KeyInfoNISTP256 managerPublicKey;
BusAttachment managerBus;
@@ -637,83 +606,6 @@ class SecurityManagementPolicyTest : public testing::Test {
SecurityManagementTestConfigurationListener peer3ConfigurationListener;
};
-QStatus SecurityManagementPolicyTest::UpdatePolicyWithValuesFromDefaultPolicy(const PermissionPolicy& defaultPolicy,
- PermissionPolicy& policy,
- bool keepCAentry,
- bool keepAdminGroupEntry,
- bool keepInstallMembershipEntry) {
-
- size_t count = policy.GetAclsSize();
- if (keepCAentry) {
- ++count;
- }
- if (keepAdminGroupEntry) {
- ++count;
- }
- if (keepInstallMembershipEntry) {
- ++count;
- }
-
- PermissionPolicy::Acl* acls = new PermissionPolicy::Acl[count];
- size_t idx = 0;
-
- for (size_t cnt = 0; cnt < defaultPolicy.GetAclsSize(); ++cnt) {
- if (defaultPolicy.GetAcls()[cnt].GetPeersSize() > 0) {
- if (defaultPolicy.GetAcls()[cnt].GetPeers()[0].GetType() == PermissionPolicy::Peer::PEER_FROM_CERTIFICATE_AUTHORITY) {
- if (keepCAentry) {
- acls[idx++] = defaultPolicy.GetAcls()[cnt];
- }
- } else if (defaultPolicy.GetAcls()[cnt].GetPeers()[0].GetType() == PermissionPolicy::Peer::PEER_WITH_MEMBERSHIP) {
- if (keepAdminGroupEntry) {
- acls[idx++] = defaultPolicy.GetAcls()[cnt];
- }
- } else if (defaultPolicy.GetAcls()[cnt].GetPeers()[0].GetType() == PermissionPolicy::Peer::PEER_WITH_PUBLIC_KEY) {
- if (keepInstallMembershipEntry) {
- acls[idx++] = defaultPolicy.GetAcls()[cnt];
- }
- }
- }
-
- }
-
- for (size_t cnt = 0; cnt < policy.GetAclsSize(); ++cnt) {
- QCC_ASSERT(idx <= count);
- acls[idx++] = policy.GetAcls()[cnt];
- }
-
- policy.SetAcls(count, acls);
- delete [] acls;
- return ER_OK;
-}
-
-void SecurityManagementPolicyTest::CreatePermissivePolicy(PermissionPolicy& policy, uint32_t version) {
- policy.SetVersion(version);
- {
- PermissionPolicy::Acl acls[1];
- {
- PermissionPolicy::Peer peers[1];
- peers[0].SetType(PermissionPolicy::Peer::PEER_ALL);
- acls[0].SetPeers(1, peers);
- }
- {
- PermissionPolicy::Rule rules[1];
- rules[0].SetObjPath("*");
- rules[0].SetInterfaceName("*");
- {
- PermissionPolicy::Rule::Member members[1];
- members[0].Set("*",
- PermissionPolicy::Rule::Member::NOT_SPECIFIED,
- PermissionPolicy::Rule::Member::ACTION_PROVIDE |
- PermissionPolicy::Rule::Member::ACTION_MODIFY |
- PermissionPolicy::Rule::Member::ACTION_OBSERVE);
- rules[0].SetMembers(1, members);
- }
- acls[0].SetRules(1, rules);
- }
- policy.SetAcls(1, acls);
- }
-}
-
/*
* Purpose:
* Latest Policy to be installed should have a serial number greater than the
@@ -782,7 +674,7 @@ TEST_F(SecurityManagementPolicyTest, UpdatePolicy_fails_if_version_not_newer)
{
PermissionPolicy peer1DefaultPolicy;
EXPECT_EQ(ER_OK, sapWithPeer1.GetDefaultPolicy(peer1DefaultPolicy));
- UpdatePolicyWithValuesFromDefaultPolicy(peer1DefaultPolicy, policy1, true, true);
+ SecurityTestHelper::UpdatePolicyWithValuesFromDefaultPolicy(peer1DefaultPolicy, policy1, true, true);
}
EXPECT_EQ(ER_OK, sapWithPeer1.UpdatePolicy(policy1));
@@ -833,7 +725,7 @@ TEST_F(SecurityManagementPolicyTest, UpdatePolicy_fails_if_version_not_newer)
{
PermissionPolicy peer1DefaultPolicy;
EXPECT_EQ(ER_OK, sapWithPeer1.GetDefaultPolicy(peer1DefaultPolicy));
- UpdatePolicyWithValuesFromDefaultPolicy(peer1DefaultPolicy, policy2, true, true);
+ SecurityTestHelper::UpdatePolicyWithValuesFromDefaultPolicy(peer1DefaultPolicy, policy2, true, true);
}
EXPECT_EQ(ER_OK, sapWithPeer1.GetPolicy(fetchedPolicy));
@@ -910,7 +802,7 @@ TEST_F(SecurityManagementPolicyTest, UpdatePolicy_new_policy_should_override_old
{
PermissionPolicy peer1DefaultPolicy;
EXPECT_EQ(ER_OK, sapWithPeer1.GetDefaultPolicy(peer1DefaultPolicy));
- UpdatePolicyWithValuesFromDefaultPolicy(peer1DefaultPolicy, policy1, true, true);
+ SecurityTestHelper::UpdatePolicyWithValuesFromDefaultPolicy(peer1DefaultPolicy, policy1, true, true);
}
EXPECT_EQ(ER_OK, sapWithPeer1.UpdatePolicy(policy1));
@@ -956,7 +848,7 @@ TEST_F(SecurityManagementPolicyTest, UpdatePolicy_new_policy_should_override_old
{
PermissionPolicy peer1DefaultPolicy;
EXPECT_EQ(ER_OK, sapWithPeer1.GetDefaultPolicy(peer1DefaultPolicy));
- UpdatePolicyWithValuesFromDefaultPolicy(peer1DefaultPolicy, policy2, true, true);
+ SecurityTestHelper::UpdatePolicyWithValuesFromDefaultPolicy(peer1DefaultPolicy, policy2, true, true);
}
EXPECT_EQ(ER_OK, sapWithPeer1.UpdatePolicy(policy2));
@@ -1054,7 +946,7 @@ TEST_F(SecurityManagementPolicyTest, Update_identity_fails_on_invalid_icc_chain)
SecurityApplicationProxy sapWithPeer2(managerBus, peer2BusUniqueName.c_str(), managerToPeer2SessionId);
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
uint8_t managerCN[] = { 1, 2, 3, 4 };
uint8_t intermediateCN[] = { 5, 6, 7, 8 };
@@ -1126,7 +1018,7 @@ TEST_F(SecurityManagementPolicyTest, Update_identity_fails_on_invalid_icc_chain)
EXPECT_EQ(ER_OK, managerBus.EnablePeerSecurity("ALLJOYN_ECDHE_ECDSA", managerAuthListener, nullptr, false, &managerConfigurationListener));
EXPECT_EQ(ER_OK, peer1Bus.EnablePeerSecurity("ALLJOYN_ECDHE_ECDSA", peer1AuthListener, nullptr, false, &peer1ConfigurationListener));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(peer1Bus, identityCertChain[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(peer1Bus, identityCertChain[0], manifests[0]));
// Call UpdateIdentity to install the cert chain
EXPECT_EQ(ER_INVALID_CERTIFICATE, sapWithPeer2.UpdateIdentity(identityCertChain, certChainSize, manifests, ArraySize(manifests)))
<< "Failed to update Identity cert or manifest ";
@@ -1138,7 +1030,7 @@ TEST_F(SecurityManagementPolicyTest, Update_identity_fails_on_intermediate_ca_fl
SecurityApplicationProxy sapWithPeer2(managerBus, peer2BusUniqueName.c_str(), managerToPeer2SessionId);
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
uint8_t managerCN[] = { 1, 2, 3, 4 };
uint8_t intermediateCN[] = { 5, 6, 7, 8 };
@@ -1211,7 +1103,7 @@ TEST_F(SecurityManagementPolicyTest, Update_identity_fails_on_intermediate_ca_fl
EXPECT_EQ(ER_OK, managerBus.EnablePeerSecurity("ALLJOYN_ECDHE_ECDSA", managerAuthListener, nullptr, false, &managerConfigurationListener));
EXPECT_EQ(ER_OK, peer1Bus.EnablePeerSecurity("ALLJOYN_ECDHE_ECDSA", peer1AuthListener, nullptr, false, &peer1ConfigurationListener));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(peer1Bus, identityCertChain[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(peer1Bus, identityCertChain[0], manifests[0]));
// Call UpdateIdentity to install the cert chain
EXPECT_EQ(ER_INVALID_CERTIFICATE, sapWithPeer2.UpdateIdentity(identityCertChain, certChainSize, manifests, ArraySize(manifests)))
<< "Failed to update Identity cert or manifest ";
@@ -1224,7 +1116,7 @@ TEST_F(SecurityManagementPolicyTest, Update_identity_fails_on_different_subject_
SecurityApplicationProxy sapWithPeer2(managerBus, peer2BusUniqueName.c_str(), managerToPeer2SessionId);
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
uint8_t managerCN[] = { 1, 2, 3, 4 };
uint8_t intermediateCN[] = { 5, 6, 7, 8 };
@@ -1295,7 +1187,7 @@ TEST_F(SecurityManagementPolicyTest, Update_identity_fails_on_different_subject_
EXPECT_EQ(ER_OK, managerBus.EnablePeerSecurity("ALLJOYN_ECDHE_ECDSA", managerAuthListener, nullptr, false, &managerConfigurationListener));
EXPECT_EQ(ER_OK, peer2Bus.EnablePeerSecurity("ALLJOYN_ECDHE_ECDSA", peer2AuthListener, nullptr, false, &peer2ConfigurationListener));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(peer1Bus, identityCertChain[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(peer1Bus, identityCertChain[0], manifests[0]));
// Call UpdateIdentity to install the cert chain
EXPECT_EQ(ER_INVALID_CERTIFICATE, sapWithPeer2.UpdateIdentity(identityCertChain, certChainSize, manifests, ArraySize(manifests)))
<< "Failed to update Identity cert or manifest ";
@@ -1307,7 +1199,7 @@ TEST_F(SecurityManagementPolicyTest, Update_identity_succeeds_on_long_icc)
SecurityApplicationProxy sapWithPeer2(managerBus, peer2BusUniqueName.c_str(), managerToPeer2SessionId);
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
uint8_t managerCN[] = { 1, 2, 3, 4 };
uint8_t intermediateCN[] = { 5, 6, 7, 8 };
@@ -1401,7 +1293,7 @@ TEST_F(SecurityManagementPolicyTest, Update_identity_succeeds_on_long_icc)
EXPECT_EQ(ER_OK, peer2Bus.EnablePeerSecurity("ALLJOYN_ECDHE_ECDSA", peer2AuthListener));
EXPECT_EQ(ER_OK, peer3Bus.EnablePeerSecurity("ALLJOYN_ECDHE_ECDSA", peer3AuthListener));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(peer3Bus, identityCertChain[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(peer3Bus, identityCertChain[0], manifests[0]));
// Call UpdateIdentity to install the cert chain
EXPECT_EQ(ER_OK, sapWithPeer2.UpdateIdentity(identityCertChain, certChainSize, manifests, ArraySize(manifests)))
<< "Failed to update Identity cert or manifest ";
@@ -1413,7 +1305,7 @@ TEST_F(SecurityManagementPolicyTest, Update_identity_single_icc_any_sign)
SecurityApplicationProxy sapWithPeer2(managerBus, peer2BusUniqueName.c_str(), managerToPeer2SessionId);
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
uint8_t leafCN[] = { 9, 0, 1, 2 };
@@ -1448,7 +1340,7 @@ TEST_F(SecurityManagementPolicyTest, Update_identity_single_icc_any_sign)
EXPECT_EQ(ER_OK, managerBus.EnablePeerSecurity("ALLJOYN_ECDHE_ECDSA", managerAuthListener));
EXPECT_EQ(ER_OK, peer2Bus.EnablePeerSecurity("ALLJOYN_ECDHE_ECDSA", peer2AuthListener));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(peer1Bus, identityCertChain[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(peer1Bus, identityCertChain[0], manifests[0]));
// Call UpdateIdentity to install the cert chain.
EXPECT_EQ(ER_OK, sapWithPeer2.UpdateIdentity(identityCertChain, certChainSize, manifests, ArraySize(manifests)))
<< "Failed to update Identity cert or manifest ";
@@ -1460,7 +1352,7 @@ TEST_F(SecurityManagementPolicyTest, DISABLED_install_membership_fails_with_inva
SecurityApplicationProxy sapWithPeer2(managerBus, peer2BusUniqueName.c_str(), managerToPeer2SessionId);
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
KeyInfoNISTP256 peer1PublicKey;
PermissionConfigurator& peer1PermissionConfigurator = peer1Bus.GetPermissionConfigurator();
@@ -1468,25 +1360,22 @@ TEST_F(SecurityManagementPolicyTest, DISABLED_install_membership_fails_with_inva
qcc::MembershipCertificate membershipCertificate[2];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("1",
- managerBus,
- managerBusUniqueName,
- managerPublicKey.GetPublicKey(),
- managerGuid,
- true,
- 3600,
- membershipCertificate[1]
- ));
-
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("2",
- managerBus,
- peer1BusUniqueName,
- peer1PublicKey.GetPublicKey(),
- managerGuid,
- false,
- 3600,
- membershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("1",
+ managerBus,
+ managerBusUniqueName,
+ managerPublicKey.GetPublicKey(),
+ managerGuid,
+ membershipCertificate[1],
+ true
+ ));
+
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("2",
+ managerBus,
+ peer1BusUniqueName,
+ peer1PublicKey.GetPublicKey(),
+ managerGuid,
+ membershipCertificate[0]
+ ));
EXPECT_EQ(ER_OK, managerBus.EnablePeerSecurity("ALLJOYN_ECDHE_ECDSA", managerAuthListener));
@@ -1501,7 +1390,7 @@ TEST_F(SecurityManagementPolicyTest, install_membership_fails_with_same_cert_ser
SecurityApplicationProxy sapWithPeer2(managerBus, peer2BusUniqueName.c_str(), managerToPeer2SessionId);
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
EXPECT_EQ(ER_OK, managerBus.EnablePeerSecurity("ALLJOYN_ECDHE_ECDSA", managerAuthListener));
EXPECT_EQ(ER_OK, peer2Bus.EnablePeerSecurity("ALLJOYN_ECDHE_ECDSA", peer2AuthListener));
@@ -1511,30 +1400,28 @@ TEST_F(SecurityManagementPolicyTest, install_membership_fails_with_same_cert_ser
EXPECT_EQ(ER_OK, peer2PermissionConfigurator.GetSigningPublicKey(peer2PublicKey));
qcc::MembershipCertificate membershipCertificate[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("1",
- managerBus,
- peer2BusUniqueName,
- peer2PublicKey.GetPublicKey(),
- managerGuid,
- true,
- 3600,
- membershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("1",
+ managerBus,
+ peer2BusUniqueName,
+ peer2PublicKey.GetPublicKey(),
+ managerGuid,
+ membershipCertificate[0],
+ true
+ ));
// Call InstallMembership
EXPECT_EQ(ER_OK, sapWithPeer2.InstallMembership(membershipCertificate, 1)) << "Failed to install membership ";
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("1",
- managerBus,
- peer2BusUniqueName,
- peer2PublicKey.GetPublicKey(),
- managerGuid,
- true,
- 3600,
- membershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("1",
+ managerBus,
+ peer2BusUniqueName,
+ peer2PublicKey.GetPublicKey(),
+ managerGuid,
+ membershipCertificate[0],
+ true
+ ));
// Call InstallMembership
EXPECT_EQ(ER_DUPLICATE_CERTIFICATE, sapWithPeer2.InstallMembership(membershipCertificate, 1)) << "Failed to install membership ";
@@ -1545,7 +1432,7 @@ TEST_F(SecurityManagementPolicyTest, DISABLED_remove_membership_succeeds)
SecurityApplicationProxy sapWithPeer2(managerBus, peer2BusUniqueName.c_str(), managerToPeer2SessionId);
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
uint8_t issuerCN[] = { 1, 2, 3, 4 };
uint8_t leafCN[] = { 5, 6, 7, 8 };
@@ -1644,7 +1531,7 @@ TEST_F(SecurityManagementPolicyTest, remove_membership_fails_if_serial_does_not_
SecurityApplicationProxy sapWithPeer2(managerBus, peer2BusUniqueName.c_str(), managerToPeer2SessionId);
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
EXPECT_EQ(ER_OK, managerBus.EnablePeerSecurity("ALLJOYN_ECDHE_ECDSA", managerAuthListener));
EXPECT_EQ(ER_OK, peer2Bus.EnablePeerSecurity("ALLJOYN_ECDHE_ECDSA", peer2AuthListener));
@@ -1654,28 +1541,26 @@ TEST_F(SecurityManagementPolicyTest, remove_membership_fails_if_serial_does_not_
EXPECT_EQ(ER_OK, peer2PermissionConfigurator.GetSigningPublicKey(peer2PublicKey));
qcc::MembershipCertificate membershipCertificate[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("123",
- managerBus,
- peer2BusUniqueName,
- peer2PublicKey.GetPublicKey(),
- managerGuid,
- true,
- 3600,
- membershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("123",
+ managerBus,
+ peer2BusUniqueName,
+ peer2PublicKey.GetPublicKey(),
+ managerGuid,
+ membershipCertificate[0],
+ true
+ ));
// Call InstallMembership
EXPECT_EQ(ER_OK, sapWithPeer2.InstallMembership(membershipCertificate, 1)) << "Failed to install membership ";
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("456",
- managerBus,
- peer2BusUniqueName,
- peer2PublicKey.GetPublicKey(),
- managerGuid,
- true,
- 3600,
- membershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("456",
+ managerBus,
+ peer2BusUniqueName,
+ peer2PublicKey.GetPublicKey(),
+ managerGuid,
+ membershipCertificate[0],
+ true
+ ));
// Call InstallMembership
@@ -1718,7 +1603,7 @@ TEST_F(SecurityManagementPolicyTest, remove_membership_fails_if_issuer_does_not_
SecurityApplicationProxy sapWithPeer2(managerBus, peer2BusUniqueName.c_str(), managerToPeer2SessionId);
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
EXPECT_EQ(ER_OK, managerBus.EnablePeerSecurity("ALLJOYN_ECDHE_ECDSA", managerAuthListener));
EXPECT_EQ(ER_OK, peer2Bus.EnablePeerSecurity("ALLJOYN_ECDHE_ECDSA", peer2AuthListener));
@@ -1728,28 +1613,26 @@ TEST_F(SecurityManagementPolicyTest, remove_membership_fails_if_issuer_does_not_
EXPECT_EQ(ER_OK, peer2PermissionConfigurator.GetSigningPublicKey(peer2PublicKey));
qcc::MembershipCertificate membershipCertificate[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("123",
- managerBus,
- peer2BusUniqueName,
- peer2PublicKey.GetPublicKey(),
- managerGuid,
- true,
- 3600,
- membershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("123",
+ managerBus,
+ peer2BusUniqueName,
+ peer2PublicKey.GetPublicKey(),
+ managerGuid,
+ membershipCertificate[0],
+ true
+ ));
// Call InstallMembership
EXPECT_EQ(ER_OK, sapWithPeer2.InstallMembership(membershipCertificate, 1)) << "Failed to install membership ";
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert("456",
- managerBus,
- peer2BusUniqueName,
- peer2PublicKey.GetPublicKey(),
- managerGuid,
- true,
- 3600,
- membershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert("456",
+ managerBus,
+ peer2BusUniqueName,
+ peer2PublicKey.GetPublicKey(),
+ managerGuid,
+ membershipCertificate[0],
+ true
+ ));
// Call InstallMembership
@@ -1805,9 +1688,9 @@ TEST_F(SecurityManagementPolicyTest, successful_method_call_after_chained_member
GUID128 interGuid;
GUID128 caGUID;
- PermissionMgmtTestHelper::GetGUID(peer1Bus, leafGuid);
- PermissionMgmtTestHelper::GetGUID(peer3Bus, interGuid);
- PermissionMgmtTestHelper::GetGUID(busUsedAsCA, caGUID);
+ SecurityTestHelper::GetGUID(peer1Bus, leafGuid);
+ SecurityTestHelper::GetGUID(peer3Bus, interGuid);
+ SecurityTestHelper::GetGUID(busUsedAsCA, caGUID);
PermissionConfigurator& managerConfigurator = managerBus.GetPermissionConfigurator();
@@ -1815,7 +1698,7 @@ TEST_F(SecurityManagementPolicyTest, successful_method_call_after_chained_member
SecurityApplicationProxy sapWithPeer2(managerBus, peer2BusUniqueName.c_str(), managerToPeer2SessionId);
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
uint8_t managerCN[] = { 1, 2, 3, 4 };
uint8_t intermediateCN[] = { 9, 9, 9, 9 };
@@ -1854,7 +1737,7 @@ TEST_F(SecurityManagementPolicyTest, successful_method_call_after_chained_member
peer1Cert.SetValidity(&validity);
ECCPublicKey peer1PublicKey;
- GetAppPublicKey(peer1Bus, peer1PublicKey);
+ SecurityTestHelper::GetAppPublicKey(peer1Bus, peer1PublicKey);
peer1Cert.SetSubjectPublicKey(&peer1PublicKey);
peer1Cert.SetAlias("intermediate-cert-alias");
@@ -1873,7 +1756,7 @@ TEST_F(SecurityManagementPolicyTest, successful_method_call_after_chained_member
// Create membership chain to be installed on peer 1
//
- PermissionMgmtTestHelper::GetGUID(managerBus, guildAuthorityGUID);
+ SecurityTestHelper::GetGUID(managerBus, guildAuthorityGUID);
KeyInfoNISTP256 sgaKey;
PermissionConfigurator& managerPC = managerBus.GetPermissionConfigurator();
EXPECT_EQ(ER_OK, managerPC.GetSigningPublicKey(sgaKey));
@@ -1945,7 +1828,7 @@ TEST_F(SecurityManagementPolicyTest, successful_method_call_after_chained_member
//EXPECT_EQ(ER_OK, sapWithPeer1.Reset());
EXPECT_EQ(ER_OK, sapWithPeer1.InstallMembership(membershipCertChain, 3));
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(busUsedAsCA, identityCertChain[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(busUsedAsCA, identityCertChain[0], manifests[0]));
// Call UpdateIdentity on Peer 1 to install the cert chain
EXPECT_EQ(ER_OK, sapWithPeer1.UpdateIdentity(identityCertChain, certChainSize, manifests, ArraySize(manifests)))
<< "Failed to update Identity cert or manifest ";
@@ -1974,7 +1857,7 @@ TEST_F(SecurityManagementPolicyTest, successful_method_call_after_chained_member
identityCertChain[0] = peer2Cert;
identityCertChain[1] = caCert;
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(busUsedAsCA, identityCertChain[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(busUsedAsCA, identityCertChain[0], manifests[0]));
// Call UpdateIdentity on Peer 1 to install the cert chain
EXPECT_EQ(ER_OK, sapWithPeer2.UpdateIdentity(identityCertChain, certChainSize, manifests, ArraySize(manifests)))
<< "Failed to update Identity cert or manifest ";
@@ -2007,9 +1890,9 @@ TEST_F(SecurityManagementPolicyTest, unsuccessful_method_call_after_chained_memb
GUID128 interGuid;
GUID128 caGUID;
- PermissionMgmtTestHelper::GetGUID(peer1Bus, leafGuid);
- PermissionMgmtTestHelper::GetGUID(peer3Bus, interGuid);
- PermissionMgmtTestHelper::GetGUID(busUsedAsCA, caGUID);
+ SecurityTestHelper::GetGUID(peer1Bus, leafGuid);
+ SecurityTestHelper::GetGUID(peer3Bus, interGuid);
+ SecurityTestHelper::GetGUID(busUsedAsCA, caGUID);
PermissionConfigurator& managerConfigurator = managerBus.GetPermissionConfigurator();
@@ -2017,7 +1900,7 @@ TEST_F(SecurityManagementPolicyTest, unsuccessful_method_call_after_chained_memb
SecurityApplicationProxy sapWithPeer2(managerBus, peer2BusUniqueName.c_str(), managerToPeer2SessionId);
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
uint8_t managerCN[] = { 1, 2, 3, 4 };
uint8_t intermediateCN[] = { 9, 9, 9, 9 };
@@ -2075,7 +1958,7 @@ TEST_F(SecurityManagementPolicyTest, unsuccessful_method_call_after_chained_memb
// Create membership chain to be installed on peer 1
//
- PermissionMgmtTestHelper::GetGUID(managerBus, guildAuthorityGUID);
+ SecurityTestHelper::GetGUID(managerBus, guildAuthorityGUID);
KeyInfoNISTP256 sgaKey;
PermissionConfigurator& managerPC = managerBus.GetPermissionConfigurator();
EXPECT_EQ(ER_OK, managerPC.GetSigningPublicKey(sgaKey));
@@ -2166,14 +2049,14 @@ TEST_F(SecurityManagementPolicyTest, chained_membership_signed_upto_ca_fails)
GUID128 interGuid;
GUID128 caGUID;
- PermissionMgmtTestHelper::GetGUID(peer1Bus, leafGuid);
- PermissionMgmtTestHelper::GetGUID(peer3Bus, interGuid);
- PermissionMgmtTestHelper::GetGUID(busUsedAsCA, caGUID);
+ SecurityTestHelper::GetGUID(peer1Bus, leafGuid);
+ SecurityTestHelper::GetGUID(peer3Bus, interGuid);
+ SecurityTestHelper::GetGUID(busUsedAsCA, caGUID);
SecurityApplicationProxy sapWithPeer1(managerBus, peer1BusUniqueName.c_str(), managerToPeer1SessionId);
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
uint8_t managerCN[] = { 1, 2, 3, 4 };
uint8_t intermediateCN[] = { 9, 9, 9, 9 };
@@ -2187,7 +2070,7 @@ TEST_F(SecurityManagementPolicyTest, chained_membership_signed_upto_ca_fails)
// Create membership chain to be installed on peer 1
//
- PermissionMgmtTestHelper::GetGUID(managerBus, guildAuthorityGUID);
+ SecurityTestHelper::GetGUID(managerBus, guildAuthorityGUID);
// SGA membership certificate
qcc::MembershipCertificate caMembershipCert;
@@ -2271,10 +2154,10 @@ TEST_F(SecurityManagementPolicyTest, chained_membership_with_two_levels_fails)
GUID128 inter2Guid;
GUID128 caGUID;
- PermissionMgmtTestHelper::GetGUID(peer1Bus, leafGuid);
- PermissionMgmtTestHelper::GetGUID(peer2Bus, inter2Guid);
- PermissionMgmtTestHelper::GetGUID(peer3Bus, interGuid);
- PermissionMgmtTestHelper::GetGUID(busUsedAsCA, caGUID);
+ SecurityTestHelper::GetGUID(peer1Bus, leafGuid);
+ SecurityTestHelper::GetGUID(peer2Bus, inter2Guid);
+ SecurityTestHelper::GetGUID(peer3Bus, interGuid);
+ SecurityTestHelper::GetGUID(busUsedAsCA, caGUID);
SecurityApplicationProxy sapWithPeer1(managerBus, peer1BusUniqueName.c_str(), managerToPeer1SessionId);
@@ -2291,7 +2174,7 @@ TEST_F(SecurityManagementPolicyTest, chained_membership_with_two_levels_fails)
// Create membership chain to be installed on peer 1
//
- PermissionMgmtTestHelper::GetGUID(managerBus, guildAuthorityGUID);
+ SecurityTestHelper::GetGUID(managerBus, guildAuthorityGUID);
// SGA membership certificate
qcc::MembershipCertificate caMembershipCert;
@@ -2392,9 +2275,9 @@ TEST_F(SecurityManagementPolicyTest, unsuccessful_method_call_when_sga_delegatio
GUID128 interGuid;
GUID128 caGUID;
- PermissionMgmtTestHelper::GetGUID(peer1Bus, leafGuid);
- PermissionMgmtTestHelper::GetGUID(peer3Bus, interGuid);
- PermissionMgmtTestHelper::GetGUID(busUsedAsCA, caGUID);
+ SecurityTestHelper::GetGUID(peer1Bus, leafGuid);
+ SecurityTestHelper::GetGUID(peer3Bus, interGuid);
+ SecurityTestHelper::GetGUID(busUsedAsCA, caGUID);
PermissionConfigurator& managerConfigurator = managerBus.GetPermissionConfigurator();
@@ -2402,7 +2285,7 @@ TEST_F(SecurityManagementPolicyTest, unsuccessful_method_call_when_sga_delegatio
SecurityApplicationProxy sapWithPeer2(managerBus, peer2BusUniqueName.c_str(), managerToPeer2SessionId);
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
uint8_t managerCN[] = { 1, 2, 3, 4 };
//uint8_t intermediateCN[] = { 9, 9, 9, 9 };
@@ -2460,7 +2343,7 @@ TEST_F(SecurityManagementPolicyTest, unsuccessful_method_call_when_sga_delegatio
// Create membership chain to be installed on peer 1
//
- PermissionMgmtTestHelper::GetGUID(managerBus, guildAuthorityGUID);
+ SecurityTestHelper::GetGUID(managerBus, guildAuthorityGUID);
KeyInfoNISTP256 sgaKey;
PermissionConfigurator& managerPC = managerBus.GetPermissionConfigurator();
EXPECT_EQ(ER_OK, managerPC.GetSigningPublicKey(sgaKey));
@@ -2558,6 +2441,8 @@ TEST_F(SecurityManagementPolicyTest, unsuccessful_method_call_when_sga_delegatio
* InstallMembership should be successful.
* GetProperty("MembershipSummaries") should return the details about the membership certificates installed.
*
+ * GetMembershipCertificates should return the membership certificates installed.
+ *
* RemoveMembership should be sucessful.
*
* Reset should be successful.
@@ -2580,7 +2465,7 @@ TEST_F(SecurityManagementPolicyTest, admin_security_group_members_can_also_call_
// Call UpdateIdentity
Manifest manifests[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateAllInclusiveManifest(manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateAllInclusiveManifest(manifests[0]));
// Get manager key
@@ -2594,14 +2479,13 @@ TEST_F(SecurityManagementPolicyTest, admin_security_group_members_can_also_call_
GUID128 guid;
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateIdentityCert(managerBus,
- "1",
- managerGuid.ToString(),
- peer2Key.GetPublicKey(),
- "Alias",
- 3600,
- identityCertChain[0])) << "Failed to create identity certificate.";
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::SignManifest(managerBus, identityCertChain[0], manifests[0]));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateIdentityCert(managerBus,
+ "1",
+ managerGuid.ToString(),
+ peer2Key.GetPublicKey(),
+ "Alias",
+ identityCertChain[0])) << "Failed to create identity certificate.";
+ EXPECT_EQ(ER_OK, SecurityTestHelper::SignManifest(managerBus, identityCertChain[0], manifests[0]));
EXPECT_EQ(ER_OK, sapWithPeer1toPeer2.UpdateIdentity(identityCertChain, certChainSize, manifests, ArraySize(manifests)));
EXPECT_EQ(ER_OK, sapWithPeer1toPeer2.SecureConnection(true));
@@ -2638,15 +2522,13 @@ TEST_F(SecurityManagementPolicyTest, admin_security_group_members_can_also_call_
String membershipSerial = "2";
qcc::MembershipCertificate peer2MembershipCertificate[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert(membershipSerial,
- managerBus,
- peer2BusUniqueName,
- peer2Key.GetPublicKey(),
- managerGuid,
- false,
- 3600,
- peer2MembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert(membershipSerial,
+ managerBus,
+ peer2BusUniqueName,
+ peer2Key.GetPublicKey(),
+ managerGuid,
+ peer2MembershipCertificate[0]
+ ));
EXPECT_EQ(ER_OK, sapWithPeer1toPeer2.InstallMembership(peer2MembershipCertificate, 1));
MsgArg membershipSummariesArg;
@@ -2674,6 +2556,29 @@ TEST_F(SecurityManagementPolicyTest, admin_security_group_members_can_also_call_
EXPECT_STREQ(serials[1].c_str(), serial0.c_str());
}
+ // GetMembershipCertificates
+ vector<vector<CertificateX509> > certificateVector;
+ ASSERT_EQ(ER_OK, sapWithPeer1toPeer2.GetMembershipCertificates(certificateVector));
+ ASSERT_EQ(2U, certificateVector.size());
+ ASSERT_EQ(1U, certificateVector[0].size());
+ ASSERT_EQ(1U, certificateVector[1].size());
+
+ CertificateX509 cert0 = certificateVector[0][0];
+ CertificateX509 cert1 = certificateVector[1][0];
+ EXPECT_EQ(CertificateX509::MEMBERSHIP_CERTIFICATE, cert0.GetType());
+ EXPECT_EQ(CertificateX509::MEMBERSHIP_CERTIFICATE, cert1.GetType());
+
+ String certSerial0(String((const char*)cert0.GetSerial(), cert0.GetSerialLen()));
+ String certSerial1(String((const char*)cert1.GetSerial(), cert1.GetSerialLen()));
+
+ if (certSerial0 == serial0) {
+ EXPECT_STREQ(certSerial0.c_str(), serial0.c_str());
+ EXPECT_STREQ(certSerial1.c_str(), serial1.c_str());
+ } else {
+ EXPECT_STREQ(certSerial1.c_str(), serial0.c_str());
+ EXPECT_STREQ(certSerial0.c_str(), serial1.c_str());
+ }
+
// StartManagement
PermissionConfigurator::ApplicationState applicationState;
EXPECT_EQ(ER_OK, sapWithPeer1toPeer2.GetApplicationState(applicationState));
@@ -2790,29 +2695,25 @@ TEST_F(SecurityManagementPolicyTest, admin_security_group_members_call_getallpro
const qcc::GUID128 mem2Guid;
String membershipSerial = "2";
qcc::MembershipCertificate peer2MembershipCertificate[1];
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert(membershipSerial,
- managerBus,
- peer2BusUniqueName,
- peer2Key.GetPublicKey(),
- mem2Guid,
- false,
- 3600,
- peer2MembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert(membershipSerial,
+ managerBus,
+ peer2BusUniqueName,
+ peer2Key.GetPublicKey(),
+ mem2Guid,
+ peer2MembershipCertificate[0]
+ ));
SecurityApplicationProxy sapWithPeer2(managerBus, peer2BusUniqueName.c_str(), managerToPeer2SessionId);
EXPECT_EQ(ER_OK, sapWithPeer2.InstallMembership(peer2MembershipCertificate, 1));
const qcc::GUID128 mem3Guid;
membershipSerial = "3";
- EXPECT_EQ(ER_OK, PermissionMgmtTestHelper::CreateMembershipCert(membershipSerial,
- managerBus,
- peer2BusUniqueName,
- peer2Key.GetPublicKey(),
- mem3Guid,
- false,
- 3600,
- peer2MembershipCertificate[0]
- ));
+ EXPECT_EQ(ER_OK, SecurityTestHelper::CreateMembershipCert(membershipSerial,
+ managerBus,
+ peer2BusUniqueName,
+ peer2Key.GetPublicKey(),
+