Initial commit: ccnxlibs.

Change-Id: I1b376527a7dd01a6b9e083a6cb646955902f45c0
Signed-off-by: Luca Muscariello <lumuscar+fdio@cisco.com>

7 files changed, 885 insertions, 0 deletions

diff --git a/libccnx-common/ccnx/common/validation/test/.gitignore b/libccnx-common/ccnx/common/validation/test/.gitignore
new file mode 100644
index 00000000..d5f2004f
--- /dev/null
+++ b/libccnx-common/ccnx/common/validation/test/.gitignore
@@ -0,0 +1,4 @@
+test_ccnxValidation_CRC32C
+test_ccnxValidation_EcSecp256K1
+test_ccnxValidation_HmacSha256
+test_ccnxValidation_RsaSha256
diff --git a/libccnx-common/ccnx/common/validation/test/CMakeLists.txt b/libccnx-common/ccnx/common/validation/test/CMakeLists.txt
new file mode 100644
index 00000000..90f678f7
--- /dev/null
+++ b/libccnx-common/ccnx/common/validation/test/CMakeLists.txt
@@ -0,0 +1,16 @@
+# Enable gcov output for the tests
+add_definitions(--coverage)
+set(CMAKE_EXE_LINKER_FLAGS ${CMAKE_EXE_LINKER_FLAGS} " --coverage")
+
+set(TestsExpectedToPass
+  test_ccnxValidation_CRC32C
+  test_ccnxValidation_EcSecp256K1
+  test_ccnxValidation_HmacSha256
+  test_ccnxValidation_RsaSha256
+)
+
+  
+foreach(test ${TestsExpectedToPass})
+   AddTest(${test})
+endforeach()
+
diff --git a/libccnx-common/ccnx/common/validation/test/test_ccnxValidation_CRC32C.c b/libccnx-common/ccnx/common/validation/test/test_ccnxValidation_CRC32C.c
new file mode 100755
index 00000000..90eae917
--- /dev/null
+++ b/libccnx-common/ccnx/common/validation/test/test_ccnxValidation_CRC32C.c
@@ -0,0 +1,203 @@
+/*
+ * Copyright (c) 2017 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ */
+
+// Include the file(s) containing the functions to be tested.
+// This permits internal static functions to be visible to this Test Framework.
+#include "../ccnxValidation_CRC32C.c"
+#include <parc/algol/parc_SafeMemory.h>
+
+#include <LongBow/unit-test.h>
+#include "testrig_validation.c"
+
+#include <sys/time.h>
+
+/*
+ * Ground truth set derived from CRC RevEng http://reveng.sourceforge.net
+ * e.g. reveng -c  -m CRC-32C 313233343536373839 gives the canonical check value 0xe306928e
+ *
+ * You can also calcaulate them online at http://www.zorc.breitbandkatze.de/crc.html using
+ * CRC polynomial 0x1EDC6F41, init 0xFFFFFFFF, final 0xFFFFFFFF, reverse data bytes (check),
+ * and reverse CRC result before final XOR (check).
+ *
+ */
+struct test_vector {
+    uint32_t crc32c;
+    int length;
+    uint8_t *buffer;
+} vectors[] = {
+    { .crc32c = 0xe3069283, .length = 9,  .buffer = (uint8_t []) { '1',  '2', '3', '4', '5', '6', '7', '8', '9' } },
+    { .crc32c = 0xddb65633, .length = 1,  .buffer = (uint8_t []) { 0x3D } },
+    { .crc32c = 0xc203c1fd, .length = 2,  .buffer = (uint8_t []) { 0x3D, 0x41 } },
+    { .crc32c = 0x80a9d169, .length = 3,  .buffer = (uint8_t []) { 'b',  'e', 'e' } },
+    { .crc32c = 0xa099f534, .length = 4,  .buffer = (uint8_t []) { 'h',  'e', 'l', 'l' } },
+    { .crc32c = 0x9a71bb4c, .length = 5,  .buffer = (uint8_t []) { 'h',  'e', 'l', 'l', 'o' } },
+    { .crc32c = 0x2976E503, .length = 6,  .buffer = (uint8_t []) { 'g',  'r', 'u', 'm', 'p', 'y' } },
+    { .crc32c = 0xe627f441, .length = 7,  .buffer = (uint8_t []) { 'a',  'b', 'c', 'd', 'e', 'f', 'g' } },
+    { .crc32c = 0x2d265c1d, .length = 13, .buffer = (uint8_t []) { 'a',  'b', 'c', 'd', 'e', 'f', 'g', 'a', 'b', 'c', 'd', 'e', 'f'} },
+    { .crc32c = 0,          .length = 0,  .buffer = NULL }
+};
+
+LONGBOW_TEST_RUNNER(ccnxValidation_CRC32C)
+{
+    // The following Test Fixtures will run their corresponding Test Cases.
+    // Test Fixtures are run in the order specified, but all tests should be idempotent.
+    // Never rely on the execution order of tests or share state between them.
+    LONGBOW_RUN_TEST_FIXTURE(Global);
+}
+
+// The Test Runner calls this function once before any Test Fixtures are run.
+LONGBOW_TEST_RUNNER_SETUP(ccnxValidation_CRC32C)
+{
+    parcMemory_SetInterface(&PARCSafeMemoryAsPARCMemory);
+    return LONGBOW_STATUS_SUCCEEDED;
+}
+
+// The Test Runner calls this function once after all the Test Fixtures are run.
+LONGBOW_TEST_RUNNER_TEARDOWN(ccnxValidation_CRC32C)
+{
+    return LONGBOW_STATUS_SUCCEEDED;
+}
+
+// ===========================================================
+
+LONGBOW_TEST_FIXTURE(Global)
+{
+    LONGBOW_RUN_TEST_CASE(Global, ccnxValidationCRC32C_Set);
+    LONGBOW_RUN_TEST_CASE(Global, ccnxValidationCRC32C_CreateSigner);
+    LONGBOW_RUN_TEST_CASE(Global, ccnxValidationCRC32C_CreateVerifier);
+    LONGBOW_RUN_TEST_CASE(Global, ccnxValidationCRC32C_DictionaryCryptoSuiteValue);
+}
+
+LONGBOW_TEST_FIXTURE_SETUP(Global)
+{
+    longBowTestCase_SetClipBoardData(testCase, commonSetup());
+    return LONGBOW_STATUS_SUCCEEDED;
+}
+
+LONGBOW_TEST_FIXTURE_TEARDOWN(Global)
+{
+    commonTeardown(longBowTestCase_GetClipBoardData(testCase));
+
+    uint32_t outstandingAllocations = parcSafeMemory_ReportAllocation(STDERR_FILENO);
+    if (outstandingAllocations != 0) {
+        printf("%s leaks memory by %d allocations\n", longBowTestCase_GetName(testCase), outstandingAllocations);
+        return LONGBOW_STATUS_MEMORYLEAK;
+    }
+    return LONGBOW_STATUS_SUCCEEDED;
+}
+
+LONGBOW_TEST_CASE(Global, ccnxValidationCRC32C_Set)
+{
+    // do not test on V0 packets, no support
+    TestData *data = longBowTestCase_GetClipBoardData(testCase);
+    testValidationSet_NoParam(data, ccnxValidationCRC32C_Set, ccnxValidationCRC32C_Test, false, true);
+}
+
+LONGBOW_TEST_CASE(Global, ccnxValidationCRC32C_CreateSigner)
+{
+    PARCSigner *signer = ccnxValidationCRC32C_CreateSigner();
+    assertNotNull(signer, "Got null signer");
+
+    // now run all the test vectors through it
+
+    for (int i = 0; vectors[i].buffer != NULL; i++) {
+        PARCCryptoHasher *hasher = parcSigner_GetCryptoHasher(signer);
+
+        parcCryptoHasher_Init(hasher);
+        parcCryptoHasher_UpdateBytes(hasher, vectors[i].buffer, vectors[i].length);
+        PARCCryptoHash *hash = parcCryptoHasher_Finalize(hasher);
+
+        PARCSignature *sig = parcSigner_SignDigest(signer, hash);
+        PARCBuffer *sigbits = parcSignature_GetSignature(sig);
+        uint32_t testCrc = parcBuffer_GetUint32(sigbits);
+        assertTrue(testCrc == vectors[i].crc32c,
+                   "CRC32C values wrong, index %d got 0x%08x expected 0x%08x\n",
+                   i, testCrc, vectors[i].crc32c);
+
+        parcSignature_Release(&sig);
+        parcCryptoHash_Release(&hash);
+    }
+
+    parcSigner_Release(&signer);
+}
+
+LONGBOW_TEST_CASE(Global, ccnxValidationCRC32C_CreateVerifier)
+{
+    PARCSigner *signer = ccnxValidationCRC32C_CreateSigner();
+    assertNotNull(signer, "Got null signer");
+
+    PARCVerifier *verifier = ccnxValidationCRC32C_CreateVerifier();
+    assertNotNull(verifier, "Got null verifier");
+
+    for (int i = 0; vectors[i].buffer != NULL; i++) {
+        // Produce the signature
+        PARCSignature *sig = NULL;
+        {
+            PARCCryptoHasher *signingHasher = parcSigner_GetCryptoHasher(signer);
+            parcCryptoHasher_Init(signingHasher);
+            parcCryptoHasher_UpdateBytes(signingHasher, vectors[i].buffer, vectors[i].length);
+            PARCCryptoHash *signingHash = parcCryptoHasher_Finalize(signingHasher);
+            sig = parcSigner_SignDigest(signer, signingHash);
+            parcCryptoHash_Release(&signingHash);
+        }
+
+        // Now do the verification stage
+        PARCCryptoHash *verifierHash = NULL;
+        {
+            PARCCryptoHasher *verifyHasher = parcVerifier_GetCryptoHasher(verifier, NULL, PARCCryptoHashType_CRC32C);
+            parcCryptoHasher_Init(verifyHasher);
+            parcCryptoHasher_UpdateBytes(verifyHasher, vectors[i].buffer, vectors[i].length);
+            verifierHash = parcCryptoHasher_Finalize(verifyHasher);
+        }
+
+        bool success = parcVerifier_VerifyDigestSignature(verifier, NULL, verifierHash, PARCCryptoSuite_NULL_CRC32C, sig);
+
+        assertTrue(success,
+                   "Failed to verify signature, index %d expected 0x%08x\n",
+                   i, vectors[i].crc32c);
+
+        parcSignature_Release(&sig);
+        parcCryptoHash_Release(&verifierHash);
+    }
+    parcSigner_Release(&signer);
+    parcVerifier_Release(&verifier);
+}
+
+LONGBOW_TEST_CASE(Global, ccnxValidationCRC32C_DictionaryCryptoSuiteValue)
+{
+    TestData *data = longBowTestCase_GetClipBoardData(testCase);
+
+    CCNxTlvDictionary *dictionary = ccnxContentObject_CreateWithImplAndPayload(&CCNxContentObjectFacadeV1_Implementation,
+                                                                               data->keyname,
+                                                                               CCNxPayloadType_DATA,
+                                                                               NULL);
+    ccnxValidationCRC32C_Set(dictionary);
+    uint64_t cryptosuite = ccnxTlvDictionary_GetInteger(dictionary, CCNxCodecSchemaV1TlvDictionary_ValidationFastArray_CRYPTO_SUITE);
+    assertTrue(cryptosuite == PARCCryptoSuite_NULL_CRC32C, "Unexpected PARCCryptoSuite value in dictionary");
+
+    ccnxTlvDictionary_Release(&dictionary);
+}
+
+int
+main(int argc, char *argv[])
+{
+    LongBowRunner *testRunner = LONGBOW_TEST_RUNNER_CREATE(ccnxValidation_CRC32C);
+    int exitStatus = longBowMain(argc, argv, testRunner, NULL);
+    longBowTestRunner_Destroy(&testRunner);
+    exit(exitStatus);
+}
diff --git a/libccnx-common/ccnx/common/validation/test/test_ccnxValidation_EcSecp256K1.c b/libccnx-common/ccnx/common/validation/test/test_ccnxValidation_EcSecp256K1.c
new file mode 100755
index 00000000..8fe00f35
--- /dev/null
+++ b/libccnx-common/ccnx/common/validation/test/test_ccnxValidation_EcSecp256K1.c
@@ -0,0 +1,116 @@
+/*
+ * Copyright (c) 2017 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ */
+
+// Include the file(s) containing the functions to be tested.
+// This permits internal static functions to be visible to this Test Framework.
+#include "../ccnxValidation_EcSecp256K1.c"
+#include <parc/algol/parc_SafeMemory.h>
+
+#include <LongBow/unit-test.h>
+#include "testrig_validation.c"
+
+LONGBOW_TEST_RUNNER(ccnxValidation_EcSecp256K1)
+{
+    // The following Test Fixtures will run their corresponding Test Cases.
+    // Test Fixtures are run in the order specified, but all tests should be idempotent.
+    // Never rely on the execution order of tests or share state between them.
+    LONGBOW_RUN_TEST_FIXTURE(Global);
+    LONGBOW_RUN_TEST_FIXTURE(Local);
+}
+
+// The Test Runner calls this function once before any Test Fixtures are run.
+LONGBOW_TEST_RUNNER_SETUP(ccnxValidation_EcSecp256K1)
+{
+    parcMemory_SetInterface(&PARCSafeMemoryAsPARCMemory);
+    return LONGBOW_STATUS_SUCCEEDED;
+}
+
+// The Test Runner calls this function once after all the Test Fixtures are run.
+LONGBOW_TEST_RUNNER_TEARDOWN(ccnxValidation_EcSecp256K1)
+{
+    return LONGBOW_STATUS_SUCCEEDED;
+}
+
+LONGBOW_TEST_FIXTURE(Global)
+{
+    LONGBOW_RUN_TEST_CASE(Global, ccnxValidationEcSecp256K1_Set);
+    LONGBOW_RUN_TEST_CASE(Global, ccnxValidationEcSecp256K1_DictionaryCryptoSuiteValue);
+}
+
+LONGBOW_TEST_FIXTURE_SETUP(Global)
+{
+    longBowTestCase_SetClipBoardData(testCase, commonSetup());
+    return LONGBOW_STATUS_SUCCEEDED;
+}
+
+LONGBOW_TEST_FIXTURE_TEARDOWN(Global)
+{
+    commonTeardown(longBowTestCase_GetClipBoardData(testCase));
+
+    uint32_t outstandingAllocations = parcSafeMemory_ReportAllocation(STDERR_FILENO);
+    if (outstandingAllocations != 0) {
+        printf("%s leaks memory by %d allocations\n", longBowTestCase_GetName(testCase), outstandingAllocations);
+        return LONGBOW_STATUS_MEMORYLEAK;
+    }
+    return LONGBOW_STATUS_SUCCEEDED;
+}
+
+LONGBOW_TEST_CASE(Global, ccnxValidationEcSecp256K1_Set)
+{
+    // Do not run over V0 packets, no support
+    TestData *data = longBowTestCase_GetClipBoardData(testCase);
+    testValidationSet_KeyId_KeyLocator(data, ccnxValidationEcSecp256K1_Set, ccnxValidationEcSecp256K1_Test, false, true);
+}
+
+LONGBOW_TEST_CASE(Global, ccnxValidationEcSecp256K1_DictionaryCryptoSuiteValue)
+{
+    TestData *data = longBowTestCase_GetClipBoardData(testCase);
+
+    CCNxTlvDictionary *dictionary = ccnxContentObject_CreateWithImplAndPayload(&CCNxContentObjectFacadeV1_Implementation,
+                                                                               data->keyname,
+                                                                               CCNxPayloadType_DATA,
+                                                                               NULL);
+    ccnxValidationEcSecp256K1_Set(dictionary, data->keyid, NULL);
+    uint64_t cryptosuite = ccnxTlvDictionary_GetInteger(dictionary, CCNxCodecSchemaV1TlvDictionary_ValidationFastArray_CRYPTO_SUITE);
+    assertTrue(cryptosuite == PARCCryptoSuite_EC_SECP_256K1, "Unexpected PARCCryptoSuite value in dictionary");
+
+    ccnxTlvDictionary_Release(&dictionary);
+}
+
+LONGBOW_TEST_FIXTURE(Local)
+{
+}
+
+LONGBOW_TEST_FIXTURE_SETUP(Local)
+{
+    return LONGBOW_STATUS_SUCCEEDED;
+}
+
+LONGBOW_TEST_FIXTURE_TEARDOWN(Local)
+{
+    return LONGBOW_STATUS_SUCCEEDED;
+}
+
+int
+main(int argc, char *argv[])
+{
+    LongBowRunner *testRunner = LONGBOW_TEST_RUNNER_CREATE(ccnxValidation_EcSecp256K1);
+    int exitStatus = longBowMain(argc, argv, testRunner, NULL);
+    longBowTestRunner_Destroy(&testRunner);
+    exit(exitStatus);
+}
diff --git a/libccnx-common/ccnx/common/validation/test/test_ccnxValidation_HmacSha256.c b/libccnx-common/ccnx/common/validation/test/test_ccnxValidation_HmacSha256.c
new file mode 100755
index 00000000..4d095567
--- /dev/null
+++ b/libccnx-common/ccnx/common/validation/test/test_ccnxValidation_HmacSha256.c
@@ -0,0 +1,130 @@
+/*
+ * Copyright (c) 2017 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ */
+
+// Include the file(s) containing the functions to be tested.
+// This permits internal static functions to be visible to this Test Framework.
+#include "../ccnxValidation_HmacSha256.c"
+#include <parc/algol/parc_SafeMemory.h>
+
+#include <parc/algol/parc_Object.h>
+
+#include <LongBow/unit-test.h>
+#include "testrig_validation.c"
+
+LONGBOW_TEST_RUNNER(ccnxValidation_HmacSha256)
+{
+    // The following Test Fixtures will run their corresponding Test Cases.
+    // Test Fixtures are run in the order specified, but all tests should be idempotent.
+    // Never rely on the execution order of tests or share state between them.
+    LONGBOW_RUN_TEST_FIXTURE(Global);
+    LONGBOW_RUN_TEST_FIXTURE(Local);
+}
+
+// The Test Runner calls this function once before any Test Fixtures are run.
+LONGBOW_TEST_RUNNER_SETUP(ccnxValidation_HmacSha256)
+{
+    parcMemory_SetInterface(&PARCSafeMemoryAsPARCMemory);
+    return LONGBOW_STATUS_SUCCEEDED;
+}
+
+// The Test Runner calls this function once after all the Test Fixtures are run.
+LONGBOW_TEST_RUNNER_TEARDOWN(ccnxValidation_HmacSha256)
+{
+    return LONGBOW_STATUS_SUCCEEDED;
+}
+
+LONGBOW_TEST_FIXTURE(Global)
+{
+    LONGBOW_RUN_TEST_CASE(Global, ccnxValidationHmacSha256_Set);
+    LONGBOW_RUN_TEST_CASE(Global, ccnxValidationHmacSha256_CreateSigner);
+    LONGBOW_RUN_TEST_CASE(Global, ccnxValidationHmacSha256_DictionaryCryptoSuiteValue);
+}
+
+LONGBOW_TEST_FIXTURE_SETUP(Global)
+{
+    longBowTestCase_SetClipBoardData(testCase, commonSetup());
+    return LONGBOW_STATUS_SUCCEEDED;
+}
+
+LONGBOW_TEST_FIXTURE_TEARDOWN(Global)
+{
+    commonTeardown(longBowTestCase_GetClipBoardData(testCase));
+
+    uint32_t outstandingAllocations = parcSafeMemory_ReportAllocation(STDERR_FILENO);
+    if (outstandingAllocations != 0) {
+        printf("%s leaks memory by %d allocations\n", longBowTestCase_GetName(testCase), outstandingAllocations);
+        return LONGBOW_STATUS_MEMORYLEAK;
+    }
+    return LONGBOW_STATUS_SUCCEEDED;
+}
+
+LONGBOW_TEST_CASE(Global, ccnxValidationHmacSha256_Set)
+{
+    TestData *data = longBowTestCase_GetClipBoardData(testCase);
+    testValidationSet_KeyId(data, ccnxValidationHmacSha256_Set, ccnxValidationHmacSha256_Test, true, true);
+}
+
+LONGBOW_TEST_CASE(Global, ccnxValidationHmacSha256_CreateSigner)
+{
+    char secretKeyString[] = "0123456789ABCDEF0123456789ABCDEF";
+    PARCBuffer *secretKey = bufferFromString(strlen(secretKeyString), secretKeyString);
+
+    PARCSigner *signer = ccnxValidationHmacSha256_CreateSigner(secretKey);
+    assertNotNull(signer, "Got null signer");
+
+    parcSigner_Release(&signer);
+    parcBuffer_Release(&secretKey);
+}
+
+LONGBOW_TEST_CASE(Global, ccnxValidationHmacSha256_DictionaryCryptoSuiteValue)
+{
+    TestData *data = longBowTestCase_GetClipBoardData(testCase);
+
+    CCNxTlvDictionary *dictionary = ccnxContentObject_CreateWithImplAndPayload(&CCNxContentObjectFacadeV1_Implementation,
+                                                                               data->keyname,
+                                                                               CCNxPayloadType_DATA,
+                                                                               NULL);
+    ccnxValidationHmacSha256_Set(dictionary, data->keyid);
+    uint64_t cryptosuite = ccnxTlvDictionary_GetInteger(dictionary, CCNxCodecSchemaV1TlvDictionary_ValidationFastArray_CRYPTO_SUITE);
+    assertTrue(cryptosuite == PARCCryptoSuite_HMAC_SHA256, "Unexpected PARCCryptoSuite value in dictionary");
+
+    ccnxTlvDictionary_Release(&dictionary);
+}
+
+LONGBOW_TEST_FIXTURE(Local)
+{
+}
+
+LONGBOW_TEST_FIXTURE_SETUP(Local)
+{
+    return LONGBOW_STATUS_SUCCEEDED;
+}
+
+LONGBOW_TEST_FIXTURE_TEARDOWN(Local)
+{
+    return LONGBOW_STATUS_SUCCEEDED;
+}
+
+int
+main(int argc, char *argv[])
+{
+    LongBowRunner *testRunner = LONGBOW_TEST_RUNNER_CREATE(ccnxValidation_HmacSha256);
+    int exitStatus = longBowMain(argc, argv, testRunner, NULL);
+    longBowTestRunner_Destroy(&testRunner);
+    exit(exitStatus);
+}
diff --git a/libccnx-common/ccnx/common/validation/test/test_ccnxValidation_RsaSha256.c b/libccnx-common/ccnx/common/validation/test/test_ccnxValidation_RsaSha256.c
new file mode 100755
index 00000000..5119a262
--- /dev/null
+++ b/libccnx-common/ccnx/common/validation/test/test_ccnxValidation_RsaSha256.c
@@ -0,0 +1,118 @@
+/*
+ * Copyright (c) 2017 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ */
+
+// Include the file(s) containing the functions to be tested.
+// This permits internal static functions to be visible to this Test Framework.
+#include "../ccnxValidation_RsaSha256.c"
+#include <parc/algol/parc_SafeMemory.h>
+
+#include <LongBow/unit-test.h>
+#include "testrig_validation.c"
+#include <ccnx/common/validation/ccnxValidation_HmacSha256.h>
+
+
+LONGBOW_TEST_RUNNER(ccnxValidation_RsaSha256)
+{
+    // The following Test Fixtures will run their corresponding Test Cases.
+    // Test Fixtures are run in the order specified, but all tests should be idempotent.
+    // Never rely on the execution order of tests or share state between them.
+    LONGBOW_RUN_TEST_FIXTURE(Global);
+    LONGBOW_RUN_TEST_FIXTURE(Local);
+}
+
+// The Test Runner calls this function once before any Test Fixtures are run.
+LONGBOW_TEST_RUNNER_SETUP(ccnxValidation_RsaSha256)
+{
+    parcMemory_SetInterface(&PARCSafeMemoryAsPARCMemory);
+    return LONGBOW_STATUS_SUCCEEDED;
+}
+
+// The Test Runner calls this function once after all the Test Fixtures are run.
+LONGBOW_TEST_RUNNER_TEARDOWN(ccnxValidation_RsaSha256)
+{
+    return LONGBOW_STATUS_SUCCEEDED;
+}
+
+LONGBOW_TEST_FIXTURE(Global)
+{
+    LONGBOW_RUN_TEST_CASE(Global, ccnxValidationRsaSha256_Set);
+    LONGBOW_RUN_TEST_CASE(Global, ccnxValidationRsaSha256_DictionaryCryptoSuiteValue);
+}
+
+LONGBOW_TEST_FIXTURE_SETUP(Global)
+{
+    longBowTestCase_SetClipBoardData(testCase, commonSetup());
+    return LONGBOW_STATUS_SUCCEEDED;
+}
+
+LONGBOW_TEST_FIXTURE_TEARDOWN(Global)
+{
+    commonTeardown(longBowTestCase_GetClipBoardData(testCase));
+
+    uint32_t outstandingAllocations = parcSafeMemory_ReportAllocation(STDERR_FILENO);
+    if (outstandingAllocations != 0) {
+        printf("%s leaks memory by %d allocations\n", longBowTestCase_GetName(testCase), outstandingAllocations);
+        return LONGBOW_STATUS_MEMORYLEAK;
+    }
+    return LONGBOW_STATUS_SUCCEEDED;
+}
+
+LONGBOW_TEST_CASE(Global, ccnxValidationRsaSha256_Set)
+{
+    TestData *data = longBowTestCase_GetClipBoardData(testCase);
+    testValidationSet_KeyId_KeyLocator(data, ccnxValidationRsaSha256_Set, ccnxValidationRsaSha256_Test, true, true);
+}
+
+LONGBOW_TEST_CASE(Global, ccnxValidationRsaSha256_DictionaryCryptoSuiteValue)
+{
+    TestData *data = longBowTestCase_GetClipBoardData(testCase);
+
+    CCNxTlvDictionary *dictionary = ccnxContentObject_CreateWithImplAndPayload(&CCNxContentObjectFacadeV1_Implementation,
+                                                                               data->keyname,
+                                                                               CCNxPayloadType_DATA,
+                                                                               NULL);
+    ccnxValidationRsaSha256_Set(dictionary, data->keyid, NULL);
+
+    uint64_t cryptosuite = ccnxTlvDictionary_GetInteger(dictionary, CCNxCodecSchemaV1TlvDictionary_ValidationFastArray_CRYPTO_SUITE);
+    assertTrue(cryptosuite == PARCCryptoSuite_RSA_SHA256, "Unexpected PARCCryptoSuite value in dictionary");
+
+    ccnxTlvDictionary_Release(&dictionary);
+}
+
+LONGBOW_TEST_FIXTURE(Local)
+{
+}
+
+LONGBOW_TEST_FIXTURE_SETUP(Local)
+{
+    return LONGBOW_STATUS_SUCCEEDED;
+}
+
+LONGBOW_TEST_FIXTURE_TEARDOWN(Local)
+{
+    return LONGBOW_STATUS_SUCCEEDED;
+}
+
+int
+main(int argc, char *argv[])
+{
+    LongBowRunner *testRunner = LONGBOW_TEST_RUNNER_CREATE(ccnxValidation_RsaSha256);
+    int exitStatus = longBowMain(argc, argv, testRunner, NULL);
+    longBowTestRunner_Destroy(&testRunner);
+    exit(exitStatus);
+}
diff --git a/libccnx-common/ccnx/common/validation/test/testrig_validation.c b/libccnx-common/ccnx/common/validation/test/testrig_validation.c
new file mode 100755
index 00000000..185be143
--- /dev/null
+++ b/libccnx-common/ccnx/common/validation/test/testrig_validation.c
@@ -0,0 +1,298 @@
+/*
+ * Copyright (c) 2017 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * Common routines to test validators
+ *
+ */
+
+#include <ccnx/common/ccnx_KeyLocator.h>
+#include <ccnx/common/internal/ccnx_ValidationFacadeV1.h>
+
+#include <ccnx/common/ccnx_ContentObject.h>
+
+#include <parc/algol/parc_Buffer.h>
+
+typedef struct test_data {
+    PARCBuffer   *keyid;
+    PARCBuffer   *key;
+    PARCBuffer   *cert;
+    CCNxName     *keyname;
+
+    CCNxKeyLocator *locatorByKey;
+    CCNxKeyLocator *locatorByName;
+} TestData;
+
+PARCBuffer *
+bufferFromString(size_t length, const char string[length])
+{
+    return parcBuffer_Flip(parcBuffer_PutArray(parcBuffer_Allocate(length), length, (const uint8_t *) string));
+}
+
+TestData *
+testData_Create(void)
+{
+    char keyidString[] = "the keyid";
+    char keyString[] = "Memory, all alone in the moonlight";
+    char certString[] = "The quick brown fox";
+
+    TestData *data = parcMemory_AllocateAndClear(sizeof(TestData));
+    assertNotNull(data, "parcMemory_AllocateAndClear(%zu) returned NULL", sizeof(TestData));
+
+    data->keyid = bufferFromString(sizeof(keyidString), keyidString);
+    data->key = bufferFromString(sizeof(keyString), keyString);
+    data->cert = bufferFromString(sizeof(certString), certString);
+    data->keyname = ccnxName_CreateFromCString("lci:/lazy/dog");
+
+    PARCBuffer *bb_id = parcBuffer_Wrap("choo choo", 9, 0, 9);
+    PARCKeyId *keyid = parcKeyId_Create(bb_id);
+    parcBuffer_Release(&bb_id);
+
+    PARCKey *key = parcKey_CreateFromDerEncodedPublicKey(keyid, PARCSigningAlgorithm_RSA, data->key);
+
+    data->locatorByKey = ccnxKeyLocator_CreateFromKey(key);
+    parcKey_Release(&key);
+    parcKeyId_Release(&keyid);
+
+    CCNxLink *link = ccnxLink_Create(data->keyname, NULL, NULL);
+    data->locatorByName = ccnxKeyLocator_CreateFromKeyLink(link);
+    ccnxLink_Release(&link);
+
+    return data;
+}
+
+void
+testData_Release(TestData **dataPtr)
+{
+    TestData *data = *dataPtr;
+
+    ccnxKeyLocator_Release(&data->locatorByKey);
+    ccnxKeyLocator_Release(&data->locatorByName);
+    ccnxName_Release(&data->keyname);
+    parcBuffer_Release(&data->cert);
+    parcBuffer_Release(&data->key);
+    parcBuffer_Release(&data->keyid);
+
+    parcMemory_Deallocate((void **) &data);
+    *dataPtr = NULL;
+}
+
+TestData *
+commonSetup(void)
+{
+    TestData *data = testData_Create();
+    return data;
+}
+
+int
+commonTeardown(TestData *data)
+{
+    testData_Release(&data);
+    return 0;
+}
+
+// === V1
+
+void
+testValidationSetV1_NoParam(TestData *data, bool (*set)(CCNxTlvDictionary *message), bool (*test)(const CCNxTlvDictionary *message))
+{
+    CCNxName *name = ccnxName_CreateFromCString("lci:/parc/validation/test");
+    CCNxTlvDictionary *packetV1 = ccnxContentObject_CreateWithImplAndPayload(&CCNxContentObjectFacadeV1_Implementation,
+                                                                             name,
+                                                                             CCNxPayloadType_DATA,
+                                                                             NULL);
+    bool success = set(packetV1);
+    assertTrue(success, "Failed to set on V1");
+
+    bool testResult = test(packetV1);
+    assertTrue(testResult, "Test function failed on V1 packet");
+
+    ccnxName_Release(&name);
+    ccnxTlvDictionary_Release(&packetV1);
+}
+
+void
+testValidationSetV1_KeyId_Null(TestData *data, bool (*set)(CCNxTlvDictionary *message, const PARCBuffer *keyid), bool (*test)(const CCNxTlvDictionary *message))
+{
+    CCNxName *name = ccnxName_CreateFromCString("lci:/parc/validation/test");
+    CCNxTlvDictionary *packetV1 = ccnxContentObject_CreateWithImplAndPayload(&CCNxContentObjectFacadeV1_Implementation,
+                                                                             name,
+                                                                             CCNxPayloadType_DATA,
+                                                                             NULL);
+    bool success = set(packetV1, NULL);
+    assertTrue(success, "Failed to set on V1");
+
+    bool testResult = test(packetV1);
+    assertTrue(testResult, "Test function failed on V1 packet");
+
+    ccnxName_Release(&name);
+    ccnxTlvDictionary_Release(&packetV1);
+}
+
+void
+testValidationSetV1_KeyId_KeyId(TestData *data, bool (*set)(CCNxTlvDictionary *message, const PARCBuffer *keyid), bool (*test)(const CCNxTlvDictionary *message))
+{
+    CCNxName *name = ccnxName_CreateFromCString("lci:/parc/validation/test");
+    CCNxTlvDictionary *packetV1 = ccnxContentObject_CreateWithImplAndPayload(&CCNxContentObjectFacadeV1_Implementation,
+                                                                             name,
+                                                                             CCNxPayloadType_DATA,
+                                                                             NULL);
+    bool success = set(packetV1, data->keyid);
+    assertTrue(success, "Failed to set on V1");
+
+    bool testResult = test(packetV1);
+    assertTrue(testResult, "Test function failed on V1 packet");
+
+    PARCBuffer *testKeyId = ccnxValidationFacadeV1_GetKeyId(packetV1);
+    assertTrue(parcBuffer_Equals(testKeyId, data->keyid), "keyid not equal");
+
+    ccnxName_Release(&name);
+    ccnxTlvDictionary_Release(&packetV1);
+}
+
+void
+testValidationSetV1_KeyId_KeyLocator_Null_Null(TestData *data,
+                                               bool (*set)(CCNxTlvDictionary *message, const PARCBuffer *keyid,
+                                                           const CCNxKeyLocator *keyLocator),
+                                               bool (*test)(const CCNxTlvDictionary *message))
+{
+    CCNxName *name = ccnxName_CreateFromCString("lci:/parc/validation/test");
+    CCNxTlvDictionary *packetV1 = ccnxContentObject_CreateWithImplAndPayload(&CCNxContentObjectFacadeV1_Implementation,
+                                                                             name,
+                                                                             CCNxPayloadType_DATA,
+                                                                             NULL);
+    bool success = set(packetV1, NULL, NULL);
+    assertTrue(success, "Failed to set on V1");
+
+    bool testResult = test(packetV1);
+    assertTrue(testResult, "Test function failed on V1 packet");
+
+    ccnxName_Release(&name);
+    ccnxTlvDictionary_Release(&packetV1);
+}
+
+void
+testValidationSetV1_KeyId_KeyLocator_KeyId_Null(TestData *data,
+                                                bool (*set)(CCNxTlvDictionary *message, const PARCBuffer *keyid,
+                                                            const CCNxKeyLocator *keyLocator),
+                                                bool (*test)(const CCNxTlvDictionary *message))
+{
+    CCNxName *name = ccnxName_CreateFromCString("lci:/parc/validation/test");
+    CCNxTlvDictionary *packetV1 = ccnxContentObject_CreateWithImplAndPayload(&CCNxContentObjectFacadeV1_Implementation,
+                                                                             name,
+                                                                             CCNxPayloadType_DATA,
+                                                                             NULL);
+    bool success = set(packetV1, data->keyid, NULL);
+    assertTrue(success, "Failed to set on V1");
+
+    bool testResult = test(packetV1);
+    assertTrue(testResult, "Test function failed on V1 packet");
+
+    PARCBuffer *testKeyId = ccnxValidationFacadeV1_GetKeyId(packetV1);
+    assertTrue(parcBuffer_Equals(testKeyId, data->keyid), "keyid not equal");
+
+    ccnxName_Release(&name);
+    ccnxTlvDictionary_Release(&packetV1);
+}
+
+void
+testValidationSetV1_KeyId_KeyLocator_KeyId_Key(TestData *data,
+                                               bool (*set)(CCNxTlvDictionary *message, const PARCBuffer *keyid,
+                                                           const CCNxKeyLocator *keyLocator),
+                                               bool (*test)(const CCNxTlvDictionary *message))
+{
+    CCNxName *name = ccnxName_CreateFromCString("lci:/parc/validation/test");
+    CCNxTlvDictionary *packetV1 = ccnxContentObject_CreateWithImplAndPayload(&CCNxContentObjectFacadeV1_Implementation,
+                                                                             name,
+                                                                             CCNxPayloadType_DATA,
+                                                                             NULL);
+    bool success = set(packetV1, data->keyid, data->locatorByKey);
+    assertTrue(success, "Failed to set on V1");
+
+    bool testResult = test(packetV1);
+    assertTrue(testResult, "Test function failed on V1 packet");
+
+    PARCBuffer *testKeyId = ccnxValidationFacadeV1_GetKeyId(packetV1);
+    assertTrue(parcBuffer_Equals(testKeyId, data->keyid), "keyid not equal");
+
+    PARCBuffer *testKey = ccnxValidationFacadeV1_GetPublicKey(packetV1);
+    assertTrue(parcBuffer_Equals(testKey, data->key), "keys not equal");
+
+    ccnxName_Release(&name);
+    ccnxTlvDictionary_Release(&packetV1);
+}
+
+void
+testValidationSetV1_KeyId_KeyLocator_KeyId_KeyName(TestData *data,
+                                                   bool (*set)(CCNxTlvDictionary *message, const PARCBuffer *keyid,
+                                                               const CCNxKeyLocator *keyLocator),
+                                                   bool (*test)(const CCNxTlvDictionary *message))
+{
+    CCNxName *name = ccnxName_CreateFromCString("lci:/parc/validation/test");
+    CCNxTlvDictionary *packetV1 = ccnxContentObject_CreateWithImplAndPayload(&CCNxContentObjectFacadeV1_Implementation,
+                                                                             name,
+                                                                             CCNxPayloadType_DATA,
+                                                                             NULL);
+    bool success = set(packetV1, data->keyid, data->locatorByName);
+    assertTrue(success, "Failed to set on V1");
+
+    bool testResult = test(packetV1);
+    assertTrue(testResult, "Test function failed on V1 packet");
+
+    PARCBuffer *testKeyId = ccnxValidationFacadeV1_GetKeyId(packetV1);
+    assertTrue(parcBuffer_Equals(testKeyId, data->keyid), "keyid not equal");
+
+    // XXX: TODO: GetKeyName() returns a Link, so it should be GetLink().
+    //            It also creates a new object (the CCNxLink), so... needs thinking about.
+    //            See BugzId: 3322
+
+    CCNxLink *testLink = ccnxValidationFacadeV1_GetKeyName(packetV1);
+    assertTrue(ccnxName_Equals(ccnxLink_GetName(testLink), data->keyname), "Keynames not equal");
+    ccnxLink_Release(&testLink);
+
+    ccnxName_Release(&name);
+    ccnxTlvDictionary_Release(&packetV1);
+}
+
+// === General test for public key algs
+
+void
+testValidationSet_KeyId_KeyLocator(TestData *data, bool (*set)(CCNxTlvDictionary *message, const PARCBuffer *keyid, const CCNxKeyLocator *keyLocator), bool (*test)(const CCNxTlvDictionary *message), bool v0ok, bool v1ok)
+{
+    if (v1ok) {
+        testValidationSetV1_KeyId_KeyLocator_Null_Null(data, set, test);
+        testValidationSetV1_KeyId_KeyLocator_KeyId_Null(data, set, test);
+        testValidationSetV1_KeyId_KeyLocator_KeyId_Key(data, set, test);
+        testValidationSetV1_KeyId_KeyLocator_KeyId_KeyName(data, set, test);
+    }
+}
+
+void
+testValidationSet_KeyId(TestData *data, bool (*set)(CCNxTlvDictionary *message, const PARCBuffer *keyid), bool (*test)(const CCNxTlvDictionary *message), bool v0ok, bool v1ok)
+{
+    if (v1ok) {
+        testValidationSetV1_KeyId_Null(data, set, test);
+        testValidationSetV1_KeyId_KeyId(data, set, test);
+    }
+}
+
+void
+testValidationSet_NoParam(TestData *data, bool (*set)(CCNxTlvDictionary *message), bool (*test)(const CCNxTlvDictionary *message), bool v0ok, bool v1ok)
+{
+    if (v1ok) {
+        testValidationSetV1_NoParam(data, set, test);
+        testValidationSetV1_NoParam(data, set, test);
+    }
+}