sec: use At/Prefix for name convention

named-data · Jan 31, 2025 · 0a7fe1d · 0a7fe1d
1 parent c9378d0
commit 0a7fe1d
Show file tree

Hide file tree

Showing 2 changed files with 60 additions and 10 deletions.
diff --git a/std/security/name_convention.go b/std/security/name_convention.go
@@ -20,13 +20,10 @@ func MakeKeyName(name enc.Name) enc.Name {
 
 // GetIdentityFromKeyName extracts the identity name from a key name.
 func GetIdentityFromKeyName(name enc.Name) (enc.Name, error) {
-	if len(name) < 3 {
-		return nil, ndn.ErrInvalidValue{Item: "key name"}
-	}
-	if name[len(name)-2].String() != "KEY" {
+	if name.At(-2).String() != "KEY" {
 		return nil, ndn.ErrInvalidValue{Item: "KEY component"}
 	}
-	return name[:len(name)-2], nil
+	return name.Prefix(-2), nil
 }
 
 // MakeCertName generates a new certificate name for a given key name.
@@ -40,16 +37,13 @@ func MakeCertName(keyName enc.Name, issuerId enc.Component, version uint64) (enc
 
 // GetKeyNameFromCertName extracts the key name from a certificate name.
 func GetKeyNameFromCertName(name enc.Name) (enc.Name, error) {
-	if len(name) < 5 {
-		return nil, ndn.ErrInvalidValue{Item: "certificate name"}
-	}
 	if name.At(-1).Typ == enc.TypeImplicitSha256DigestComponent {
 		name = name.Prefix(-1)
 	}
-	if name[len(name)-4].String() != "KEY" {
+	if name.At(-4).String() != "KEY" {
 		return nil, ndn.ErrInvalidValue{Item: "KEY component"}
 	}
-	return name[:len(name)-2], nil
+	return name.Prefix(-2), nil
 }
 
 // GetIdentityFromCertName extracts the identity name from a certificate name.

diff --git a/std/security/name_convention_test.go b/std/security/name_convention_test.go
@@ -22,3 +22,59 @@ func TestKeyName(t *testing.T) {
 	id2, _ := sec.GetIdentityFromKeyName(keyName)
 	require.Equal(t, id, id2)
 }
+
+func TestGetIdentityFromKeyName(t *testing.T) {
+	tu.SetT(t)
+
+	name, err := sec.GetIdentityFromKeyName(tu.NoErr(enc.NameFromStr("/my/test/identity/KEY/kid")))
+	require.NoError(t, err)
+	require.Equal(t, tu.NoErr(enc.NameFromStr("/my/test/identity")), name)
+
+	_, err = sec.GetIdentityFromKeyName(tu.NoErr(enc.NameFromStr("/some/components")))
+	require.Error(t, err)
+
+	_, err = sec.GetIdentityFromKeyName(tu.NoErr(enc.NameFromStr("/wrong/components/KEY/wrong/this")))
+	require.Error(t, err)
+
+	_, err = sec.GetIdentityFromKeyName(enc.Name{})
+	require.Error(t, err)
+}
+
+func TestMakeCertName(t *testing.T) {
+	tu.SetT(t)
+
+	keyName := tu.NoErr(enc.NameFromStr("/my/test/identity/KEY/kid"))
+	certName, err := sec.MakeCertName(keyName, enc.NewStringComponent(enc.TypeGenericNameComponent, "Test"), 123)
+	require.NoError(t, err)
+	require.Equal(t, "/my/test/identity/KEY/kid/Test/v=123", certName.String())
+
+	// invalid key name
+	_, err = sec.MakeCertName(tu.NoErr(enc.NameFromStr("/my/test/identity")), // no KEY
+		enc.NewStringComponent(enc.TypeGenericNameComponent, "Test"), 123)
+	require.Error(t, err)
+}
+
+func TestGetKeyNameFromCertName(t *testing.T) {
+	tu.SetT(t)
+
+	certName := tu.NoErr(enc.NameFromStr("/my/test/identity/KEY/kid/Test/v=123"))
+	keyName, err := sec.GetKeyNameFromCertName(certName)
+	require.NoError(t, err)
+	require.Equal(t, tu.NoErr(enc.NameFromStr("/my/test/identity/KEY/kid")), keyName)
+
+	// implicit digest
+	certName = tu.NoErr(enc.NameFromStr("/my/test/identity/KEY/kid/Test/v=123/1=implicit"))
+	keyName, err = sec.GetKeyNameFromCertName(certName)
+	require.NoError(t, err)
+	require.Equal(t, tu.NoErr(enc.NameFromStr("/my/test/identity/KEY/kid")), keyName)
+
+	// invalid cert names
+	_, err = sec.GetKeyNameFromCertName(tu.NoErr(enc.NameFromStr("/my/test/identity/NOTKEY/kid/Test/v=123")))
+	require.Error(t, err)
+
+	_, err = sec.GetKeyNameFromCertName(tu.NoErr(enc.NameFromStr("/my/test/identity/KEY/kid/Test/v=123/but/extra")))
+	require.Error(t, err)
+
+	_, err = sec.GetKeyNameFromCertName(enc.Name{})
+	require.Error(t, err)
+}