added instance and log parameter tests

author: Rasmus Dahlberg <rasmus.dahlberg@kau.se> 2020-12-02 17:05:45 +0100
committer: Rasmus Dahlberg <rasmus.dahlberg@kau.se> 2020-12-02 17:05:45 +0100
commit: 3f1489f4f4532f93f766fc849a2e3e2b65667747 (patch)
tree: 30adb41b1bce816cbce7c23454c89ae22ae89521 /instance_test.go
parent: b540f681b4cdf740f9b8d1e584fd2b107fc1b090 (diff)
1 files changed, 165 insertions, 13 deletions
diff --git a/instance_test.go b/instance_test.go
index b4b13c8..02424c6 100644
--- a/instance_test.go
+++ b/instance_test.go
@@ -1,11 +1,14 @@
 package stfe
 
 import (
+	"bytes"
 	"testing"
 
 	"crypto"
+	"crypto/sha256"
 	"crypto/x509"
 
+	cttestdata "github.com/google/certificate-transparency-go/trillian/testdata"
 	"github.com/system-transparency/stfe/x509util"
 	"github.com/system-transparency/stfe/x509util/testdata"
 )
@@ -20,22 +23,149 @@ var (
 	testExtKeyUsage = []x509.ExtKeyUsage{}
 )
 
-func makeTestLogParameters(t *testing.T, signer crypto.Signer) *LogParameters {
-	anchorList, err := x509util.NewCertificateList(testdata.TrustAnchors)
+func TestNewLogParameters(t *testing.T) {
+	anchors, err := x509util.NewCertificateList(testdata.TrustAnchors)
 	if err != nil {
 		t.Fatalf("must decode trust anchors: %v", err)
 	}
-	return &LogParameters{
-		LogId:      testLogId,
-		TreeId:     testTreeId,
-		Prefix:     testPrefix,
-		MaxRange:   testMaxRange,
-		MaxChain:   testMaxChain,
-		AnchorPool: x509util.NewCertPool(anchorList),
-		AnchorList: anchorList,
-		KeyUsage:   testExtKeyUsage,
-		Signer:     signer,
-		HashType:   testHashType,
+	signer, err := x509util.NewEd25519PrivateKey(testdata.LogPrivateKey)
+	if err != nil {
+		t.Fatalf("must decode private key: %v", err)
+	}
+	pub, err := x509.MarshalPKIXPublicKey(signer.Public())
+	if err != nil {
+		t.Fatalf("must encode public key: %v", err)
+	}
+	hasher := sha256.New()
+	hasher.Write(pub)
+	logId := hasher.Sum(nil)
+	for _, table := range []struct {
+		description string
+		treeId      int64
+		prefix      string
+		maxRange    int64
+		maxChain    int64
+		anchors     []*x509.Certificate
+		signer      crypto.Signer
+		wantErr     bool
+	}{
+		{
+			description: "invalid signer: nil",
+			treeId:      testTreeId,
+			prefix:      testPrefix,
+			maxRange:    0,
+			maxChain:    testMaxChain,
+			anchors:     anchors,
+			signer:      nil,
+			wantErr:     true,
+		},
+		{
+			description: "no trust anchors",
+			treeId:      testTreeId,
+			prefix:      testPrefix,
+			maxRange:    testMaxRange,
+			maxChain:    testMaxChain,
+			anchors:     []*x509.Certificate{},
+			signer:      signer,
+			wantErr:     true,
+		},
+		{
+			description: "invalid max range",
+			treeId:      testTreeId,
+			prefix:      testPrefix,
+			maxRange:    0,
+			maxChain:    testMaxChain,
+			anchors:     anchors,
+			signer:      signer,
+			wantErr:     true,
+		},
+		{
+			description: "invalid max chain",
+			treeId:      testTreeId,
+			prefix:      testPrefix,
+			maxRange:    testMaxRange,
+			maxChain:    0,
+			anchors:     anchors,
+			signer:      signer,
+			wantErr:     true,
+		},
+		{
+			description: "public key marshal failure",
+			treeId:      testTreeId,
+			prefix:      testPrefix,
+			maxRange:    testMaxRange,
+			maxChain:    testMaxChain,
+			anchors:     []*x509.Certificate{},
+			signer:      cttestdata.NewSignerWithFixedSig("no pub", testSignature),
+			wantErr:     true,
+		},
+		{
+			description: "valid log parameters",
+			treeId:      testTreeId,
+			prefix:      testPrefix,
+			maxRange:    testMaxRange,
+			maxChain:    testMaxChain,
+			anchors:     anchors,
+			signer:      signer,
+		},
+	} {
+		lp, err := NewLogParameters(table.treeId, table.prefix, table.anchors, table.signer, table.maxRange, table.maxChain)
+		if got, want := err != nil, table.wantErr; got != want {
+			t.Errorf("got error=%v but wanted %v in test %q: %v", got, want, table.description, err)
+		}
+		if err != nil {
+			continue
+		}
+
+		if got, want := lp.LogId, logId; !bytes.Equal(got, want) {
+			t.Errorf("got log id %X but wanted %X in test %q", got, want, table.description)
+		}
+		if got, want := lp.TreeId, testTreeId; got != want {
+			t.Errorf("got tree id %d but wanted %d in test %q", got, want, table.description)
+		}
+		if got, want := lp.Prefix, testPrefix; got != want {
+			t.Errorf("got prefix %s but wanted %s in test %q", got, want, table.description)
+		}
+		if got, want := lp.MaxRange, testMaxRange; got != want {
+			t.Errorf("got max range %d but wanted %d in test %q", got, want, table.description)
+		}
+		if got, want := lp.MaxChain, testMaxChain; got != want {
+			t.Errorf("got max chain %d but wanted %d in test %q", got, want, table.description)
+		}
+		if got, want := lp.MaxChain, testMaxChain; got != want {
+			t.Errorf("got max chain %d but wanted %d in test %q", got, want, table.description)
+		}
+		if got, want := len(lp.AnchorList), len(anchors); got != want {
+			t.Errorf("got %d anchors but wanted %d in test %q", got, want, table.description)
+		}
+		if got, want := len(lp.AnchorPool.Subjects()), len(anchors); got != want {
+			t.Errorf("got %d anchors in pool but wanted %d in test %q", got, want, table.description)
+		}
+	}
+}
+
+// TestHandlers checks that we configured all endpoints and that there are no
+// unexpected ones.
+func TestHandlers(t *testing.T) {
+	endpoints := map[Endpoint]bool{
+		EndpointAddEntry:            false,
+		EndpointGetEntries:          false,
+		EndpointGetSth:              false,
+		EndpointGetProofByHash:      false,
+		EndpointGetConsistencyProof: false,
+		EndpointGetAnchors:          false,
+	}
+	i := NewInstance(makeTestLogParameters(t, nil), nil, testDeadline)
+	for _, handler := range i.Handlers() {
+		if _, ok := endpoints[handler.endpoint]; !ok {
+			t.Errorf("got unexpected endpoint: %s", handler.endpoint)
+		}
+		endpoints[handler.endpoint] = true
+	}
+	for endpoint, ok := range endpoints {
+		if !ok {
+			t.Errorf("endpoint %s is not configured", endpoint)
+		}
 	}
 }
 
@@ -78,3 +208,25 @@ func TestEndpointPath(t *testing.T) {
 		}
 	}
 }
+
+// makeTestLogParameters makes a collection of test log parameters that
+// correspond to testLogId, testTreeId, testPrefix, testMaxRange, testMaxChain,
+// the anchors in testdata.TrustAnchors, testHashType, and an optional signer.
+func makeTestLogParameters(t *testing.T, signer crypto.Signer) *LogParameters {
+	anchors, err := x509util.NewCertificateList(testdata.TrustAnchors)
+	if err != nil {
+		t.Fatalf("must decode trust anchors: %v", err)
+	}
+	return &LogParameters{
+		LogId:      testLogId,
+		TreeId:     testTreeId,
+		Prefix:     testPrefix,
+		MaxRange:   testMaxRange,
+		MaxChain:   testMaxChain,
+		AnchorPool: x509util.NewCertPool(anchors),
+		AnchorList: anchors,
+		KeyUsage:   testExtKeyUsage,
+		Signer:     signer,
+		HashType:   testHashType,
+	}
+}
author	Rasmus Dahlberg <rasmus.dahlberg@kau.se>	2020-12-02 17:05:45 +0100
committer	Rasmus Dahlberg <rasmus.dahlberg@kau.se>	2020-12-02 17:05:45 +0100
commit	3f1489f4f4532f93f766fc849a2e3e2b65667747 (patch)
tree	30adb41b1bce816cbce7c23454c89ae22ae89521 /instance_test.go
parent	b540f681b4cdf740f9b8d1e584fd2b107fc1b090 (diff)