aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRasmus Dahlberg <rasmus.dahlberg@kau.se>2020-11-17 20:31:10 +0100
committerRasmus Dahlberg <rasmus.dahlberg@kau.se>2020-11-17 20:31:10 +0100
commit15444f91e74de6e1ca8ea99511e8cb6dcd92fa91 (patch)
tree9ba4d261af35ae86df40a274a5fa56482b3d6456
parent7ec441fc3362ff1cdf9161352adb9aa57ed5c438 (diff)
added tests for sdi and sth issuance
-rw-r--r--crypto_test.go118
1 files changed, 116 insertions, 2 deletions
diff --git a/crypto_test.go b/crypto_test.go
index 60ad16b..577244a 100644
--- a/crypto_test.go
+++ b/crypto_test.go
@@ -1,7 +1,16 @@
package stfe
import (
+ "bytes"
+ "crypto"
+ "fmt"
"testing"
+
+ cttestdata "github.com/google/certificate-transparency-go/trillian/testdata"
+)
+
+var (
+ testLeaf = make([]byte, 64)
)
// TODO: TestBuildChainFromDerList
@@ -12,10 +21,115 @@ func TestBuildChainFromDerList(t *testing.T) {
func TestVerifySignature(t *testing.T) {
}
-// TODO: TestGenV1Sdi
+// TestGenV1Sdi tests that a signature failure works as expected, and that
+// the issued SDI (if any) is populated correctly.
func TestGenV1Sdi(t *testing.T) {
+ for _, table := range []struct {
+ description string
+ leaf []byte
+ signer crypto.Signer
+ wantErr bool
+ }{
+ {
+ description: "signature failure",
+ leaf: testLeaf,
+ signer: cttestdata.NewSignerWithErr(nil, fmt.Errorf("signer failed")),
+ wantErr: true,
+ },
+ {
+ description: "all ok",
+ leaf: testLeaf,
+ signer: cttestdata.NewSignerWithFixedSig(nil, testSignature),
+ },
+ } {
+ item, err := makeTestLogParameters(t, table.signer).genV1Sdi(table.leaf)
+ if err != nil && !table.wantErr {
+ t.Errorf("signing failed in test %q: %v", table.description, err)
+ } else if err == nil && table.wantErr {
+ t.Errorf("signing succeeded but wanted failure in test %q", table.description)
+ }
+ if err != nil || table.wantErr {
+ continue
+ }
+ if want, got := item.Format, StFormatSignedDebugInfoV1; got != want {
+ t.Errorf("got format %s, wanted %s in test %q", got, want, table.description)
+ continue
+ }
+
+ sdi := item.SignedDebugInfoV1
+ if got, want := sdi.LogId, testLogId; !bytes.Equal(got, want) {
+ t.Errorf("got logId %X, wanted %X in test %q", got, want, table.description)
+ }
+ if got, want := sdi.Message, []byte("reserved"); !bytes.Equal(got, want) {
+ t.Errorf("got message %s, wanted %s in test %q", got, want, table.description)
+ }
+ if got, want := sdi.Signature, testSignature; !bytes.Equal(got, want) {
+ t.Errorf("got signature %X, wanted %X in test %q", got, want, table.description)
+ }
+ }
}
-// TODO: TestGenV1Sth
+// TestGenV1Sth tests that a signature failure works as expected, and that
+// the issued STH (if any) is populated correctly.
func TestGenV1Sth(t *testing.T) {
+ th := NewTreeHeadV1(makeTrillianLogRoot(t, testTimestamp, testTreeSize, testNodeHash))
+ for _, table := range []struct {
+ description string
+ th *TreeHeadV1
+ signer crypto.Signer
+ wantErr bool
+ }{
+ {
+ description: "marshal failure",
+ th: NewTreeHeadV1(makeTrillianLogRoot(t, testTimestamp, testTreeSize, nil)),
+ wantErr: true,
+ },
+ {
+ description: "signature failure",
+ th: th,
+ signer: cttestdata.NewSignerWithErr(nil, fmt.Errorf("signer failed")),
+ wantErr: true,
+ },
+ {
+ description: "all ok",
+ th: th,
+ signer: cttestdata.NewSignerWithFixedSig(nil, testSignature),
+ },
+ } {
+ item, err := makeTestLogParameters(t, table.signer).genV1Sth(table.th)
+ if err != nil && !table.wantErr {
+ t.Errorf("signing failed in test %q: %v", table.description, err)
+ } else if err == nil && table.wantErr {
+ t.Errorf("signing succeeded but wanted failure in test %q", table.description)
+ }
+ if err != nil || table.wantErr {
+ continue
+ }
+ if want, got := item.Format, StFormatSignedTreeHeadV1; got != want {
+ t.Errorf("got format %s, wanted %s in test %q", got, want, table.description)
+ continue
+ }
+
+ sth := item.SignedTreeHeadV1
+ if got, want := sth.LogId, testLogId; !bytes.Equal(got, want) {
+ t.Errorf("got logId %X, wanted %X in test %q", got, want, table.description)
+ }
+ if got, want := sth.Signature, testSignature; !bytes.Equal(got, want) {
+ t.Errorf("got signature %X, wanted %X in test %q", got, want, table.description)
+ }
+ if got, want := sth.TreeHead.Timestamp, th.Timestamp; got != want {
+ t.Errorf("got timestamp %d, wanted %d in test %q", got, want, table.description)
+ }
+ if got, want := sth.TreeHead.TreeSize, th.TreeSize; got != want {
+ t.Errorf("got tree size %d, wanted %d in test %q", got, want, table.description)
+ }
+ if got, want := sth.TreeHead.RootHash.Data, th.RootHash.Data; !bytes.Equal(got, want) {
+ t.Errorf("got root hash %X, wanted %X in test %q", got, want, table.description)
+ }
+ if sth.TreeHead.Extension != nil {
+ t.Errorf("got extensions %X, wanted nil in test %q", sth.TreeHead.Extension, table.description)
+ }
+ }
}
+
+// TODO: test that metrics are updated correctly?