aboutsummaryrefslogtreecommitdiff
path: root/instance_test.go
diff options
context:
space:
mode:
authorRasmus Dahlberg <rasmus.dahlberg@kau.se>2020-12-02 17:05:45 +0100
committerRasmus Dahlberg <rasmus.dahlberg@kau.se>2020-12-02 17:05:45 +0100
commit3f1489f4f4532f93f766fc849a2e3e2b65667747 (patch)
tree30adb41b1bce816cbce7c23454c89ae22ae89521 /instance_test.go
parentb540f681b4cdf740f9b8d1e584fd2b107fc1b090 (diff)
added instance and log parameter tests
Diffstat (limited to 'instance_test.go')
-rw-r--r--instance_test.go178
1 files changed, 165 insertions, 13 deletions
diff --git a/instance_test.go b/instance_test.go
index b4b13c8..02424c6 100644
--- a/instance_test.go
+++ b/instance_test.go
@@ -1,11 +1,14 @@
package stfe
import (
+ "bytes"
"testing"
"crypto"
+ "crypto/sha256"
"crypto/x509"
+ cttestdata "github.com/google/certificate-transparency-go/trillian/testdata"
"github.com/system-transparency/stfe/x509util"
"github.com/system-transparency/stfe/x509util/testdata"
)
@@ -20,22 +23,149 @@ var (
testExtKeyUsage = []x509.ExtKeyUsage{}
)
-func makeTestLogParameters(t *testing.T, signer crypto.Signer) *LogParameters {
- anchorList, err := x509util.NewCertificateList(testdata.TrustAnchors)
+func TestNewLogParameters(t *testing.T) {
+ anchors, err := x509util.NewCertificateList(testdata.TrustAnchors)
if err != nil {
t.Fatalf("must decode trust anchors: %v", err)
}
- return &LogParameters{
- LogId: testLogId,
- TreeId: testTreeId,
- Prefix: testPrefix,
- MaxRange: testMaxRange,
- MaxChain: testMaxChain,
- AnchorPool: x509util.NewCertPool(anchorList),
- AnchorList: anchorList,
- KeyUsage: testExtKeyUsage,
- Signer: signer,
- HashType: testHashType,
+ signer, err := x509util.NewEd25519PrivateKey(testdata.LogPrivateKey)
+ if err != nil {
+ t.Fatalf("must decode private key: %v", err)
+ }
+ pub, err := x509.MarshalPKIXPublicKey(signer.Public())
+ if err != nil {
+ t.Fatalf("must encode public key: %v", err)
+ }
+ hasher := sha256.New()
+ hasher.Write(pub)
+ logId := hasher.Sum(nil)
+ for _, table := range []struct {
+ description string
+ treeId int64
+ prefix string
+ maxRange int64
+ maxChain int64
+ anchors []*x509.Certificate
+ signer crypto.Signer
+ wantErr bool
+ }{
+ {
+ description: "invalid signer: nil",
+ treeId: testTreeId,
+ prefix: testPrefix,
+ maxRange: 0,
+ maxChain: testMaxChain,
+ anchors: anchors,
+ signer: nil,
+ wantErr: true,
+ },
+ {
+ description: "no trust anchors",
+ treeId: testTreeId,
+ prefix: testPrefix,
+ maxRange: testMaxRange,
+ maxChain: testMaxChain,
+ anchors: []*x509.Certificate{},
+ signer: signer,
+ wantErr: true,
+ },
+ {
+ description: "invalid max range",
+ treeId: testTreeId,
+ prefix: testPrefix,
+ maxRange: 0,
+ maxChain: testMaxChain,
+ anchors: anchors,
+ signer: signer,
+ wantErr: true,
+ },
+ {
+ description: "invalid max chain",
+ treeId: testTreeId,
+ prefix: testPrefix,
+ maxRange: testMaxRange,
+ maxChain: 0,
+ anchors: anchors,
+ signer: signer,
+ wantErr: true,
+ },
+ {
+ description: "public key marshal failure",
+ treeId: testTreeId,
+ prefix: testPrefix,
+ maxRange: testMaxRange,
+ maxChain: testMaxChain,
+ anchors: []*x509.Certificate{},
+ signer: cttestdata.NewSignerWithFixedSig("no pub", testSignature),
+ wantErr: true,
+ },
+ {
+ description: "valid log parameters",
+ treeId: testTreeId,
+ prefix: testPrefix,
+ maxRange: testMaxRange,
+ maxChain: testMaxChain,
+ anchors: anchors,
+ signer: signer,
+ },
+ } {
+ lp, err := NewLogParameters(table.treeId, table.prefix, table.anchors, table.signer, table.maxRange, table.maxChain)
+ if got, want := err != nil, table.wantErr; got != want {
+ t.Errorf("got error=%v but wanted %v in test %q: %v", got, want, table.description, err)
+ }
+ if err != nil {
+ continue
+ }
+
+ if got, want := lp.LogId, logId; !bytes.Equal(got, want) {
+ t.Errorf("got log id %X but wanted %X in test %q", got, want, table.description)
+ }
+ if got, want := lp.TreeId, testTreeId; got != want {
+ t.Errorf("got tree id %d but wanted %d in test %q", got, want, table.description)
+ }
+ if got, want := lp.Prefix, testPrefix; got != want {
+ t.Errorf("got prefix %s but wanted %s in test %q", got, want, table.description)
+ }
+ if got, want := lp.MaxRange, testMaxRange; got != want {
+ t.Errorf("got max range %d but wanted %d in test %q", got, want, table.description)
+ }
+ if got, want := lp.MaxChain, testMaxChain; got != want {
+ t.Errorf("got max chain %d but wanted %d in test %q", got, want, table.description)
+ }
+ if got, want := lp.MaxChain, testMaxChain; got != want {
+ t.Errorf("got max chain %d but wanted %d in test %q", got, want, table.description)
+ }
+ if got, want := len(lp.AnchorList), len(anchors); got != want {
+ t.Errorf("got %d anchors but wanted %d in test %q", got, want, table.description)
+ }
+ if got, want := len(lp.AnchorPool.Subjects()), len(anchors); got != want {
+ t.Errorf("got %d anchors in pool but wanted %d in test %q", got, want, table.description)
+ }
+ }
+}
+
+// TestHandlers checks that we configured all endpoints and that there are no
+// unexpected ones.
+func TestHandlers(t *testing.T) {
+ endpoints := map[Endpoint]bool{
+ EndpointAddEntry: false,
+ EndpointGetEntries: false,
+ EndpointGetSth: false,
+ EndpointGetProofByHash: false,
+ EndpointGetConsistencyProof: false,
+ EndpointGetAnchors: false,
+ }
+ i := NewInstance(makeTestLogParameters(t, nil), nil, testDeadline)
+ for _, handler := range i.Handlers() {
+ if _, ok := endpoints[handler.endpoint]; !ok {
+ t.Errorf("got unexpected endpoint: %s", handler.endpoint)
+ }
+ endpoints[handler.endpoint] = true
+ }
+ for endpoint, ok := range endpoints {
+ if !ok {
+ t.Errorf("endpoint %s is not configured", endpoint)
+ }
}
}
@@ -78,3 +208,25 @@ func TestEndpointPath(t *testing.T) {
}
}
}
+
+// makeTestLogParameters makes a collection of test log parameters that
+// correspond to testLogId, testTreeId, testPrefix, testMaxRange, testMaxChain,
+// the anchors in testdata.TrustAnchors, testHashType, and an optional signer.
+func makeTestLogParameters(t *testing.T, signer crypto.Signer) *LogParameters {
+ anchors, err := x509util.NewCertificateList(testdata.TrustAnchors)
+ if err != nil {
+ t.Fatalf("must decode trust anchors: %v", err)
+ }
+ return &LogParameters{
+ LogId: testLogId,
+ TreeId: testTreeId,
+ Prefix: testPrefix,
+ MaxRange: testMaxRange,
+ MaxChain: testMaxChain,
+ AnchorPool: x509util.NewCertPool(anchors),
+ AnchorList: anchors,
+ KeyUsage: testExtKeyUsage,
+ Signer: signer,
+ HashType: testHashType,
+ }
+}