diff options
| -rw-r--r-- | crypto_test.go | 118 | 
1 files changed, 116 insertions, 2 deletions
| diff --git a/crypto_test.go b/crypto_test.go index 60ad16b..577244a 100644 --- a/crypto_test.go +++ b/crypto_test.go @@ -1,7 +1,16 @@  package stfe  import ( +	"bytes" +	"crypto" +	"fmt"  	"testing" + +	cttestdata "github.com/google/certificate-transparency-go/trillian/testdata" +) + +var ( +	testLeaf = make([]byte, 64)  )  // TODO: TestBuildChainFromDerList @@ -12,10 +21,115 @@ func TestBuildChainFromDerList(t *testing.T) {  func TestVerifySignature(t *testing.T) {  } -// TODO: TestGenV1Sdi +// TestGenV1Sdi tests that a signature failure works as expected, and that +// the issued SDI (if any) is populated correctly.  func TestGenV1Sdi(t *testing.T) { +	for _, table := range []struct { +		description string +		leaf        []byte +		signer      crypto.Signer +		wantErr     bool +	}{ +		{ +			description: "signature failure", +			leaf:        testLeaf, +			signer:      cttestdata.NewSignerWithErr(nil, fmt.Errorf("signer failed")), +			wantErr:     true, +		}, +		{ +			description: "all ok", +			leaf:        testLeaf, +			signer:      cttestdata.NewSignerWithFixedSig(nil, testSignature), +		}, +	} { +		item, err := makeTestLogParameters(t, table.signer).genV1Sdi(table.leaf) +		if err != nil && !table.wantErr { +			t.Errorf("signing failed in test %q: %v", table.description, err) +		} else if err == nil && table.wantErr { +			t.Errorf("signing succeeded but wanted failure in test %q", table.description) +		} +		if err != nil || table.wantErr { +			continue +		} +		if want, got := item.Format, StFormatSignedDebugInfoV1; got != want { +			t.Errorf("got format %s, wanted %s in test %q", got, want, table.description) +			continue +		} + +		sdi := item.SignedDebugInfoV1 +		if got, want := sdi.LogId, testLogId; !bytes.Equal(got, want) { +			t.Errorf("got logId %X, wanted %X in test %q", got, want, table.description) +		} +		if got, want := sdi.Message, []byte("reserved"); !bytes.Equal(got, want) { +			t.Errorf("got message %s, wanted %s in test %q", got, want, table.description) +		} +		if got, want := sdi.Signature, testSignature; !bytes.Equal(got, want) { +			t.Errorf("got signature %X, wanted %X in test %q", got, want, table.description) +		} +	}  } -// TODO: TestGenV1Sth +// TestGenV1Sth tests that a signature failure works as expected, and that +// the issued STH (if any) is populated correctly.  func TestGenV1Sth(t *testing.T) { +	th := NewTreeHeadV1(makeTrillianLogRoot(t, testTimestamp, testTreeSize, testNodeHash)) +	for _, table := range []struct { +		description string +		th          *TreeHeadV1 +		signer      crypto.Signer +		wantErr     bool +	}{ +		{ +			description: "marshal failure", +			th:          NewTreeHeadV1(makeTrillianLogRoot(t, testTimestamp, testTreeSize, nil)), +			wantErr:     true, +		}, +		{ +			description: "signature failure", +			th:          th, +			signer:      cttestdata.NewSignerWithErr(nil, fmt.Errorf("signer failed")), +			wantErr:     true, +		}, +		{ +			description: "all ok", +			th:          th, +			signer:      cttestdata.NewSignerWithFixedSig(nil, testSignature), +		}, +	} { +		item, err := makeTestLogParameters(t, table.signer).genV1Sth(table.th) +		if err != nil && !table.wantErr { +			t.Errorf("signing failed in test %q: %v", table.description, err) +		} else if err == nil && table.wantErr { +			t.Errorf("signing succeeded but wanted failure in test %q", table.description) +		} +		if err != nil || table.wantErr { +			continue +		} +		if want, got := item.Format, StFormatSignedTreeHeadV1; got != want { +			t.Errorf("got format %s, wanted %s in test %q", got, want, table.description) +			continue +		} + +		sth := item.SignedTreeHeadV1 +		if got, want := sth.LogId, testLogId; !bytes.Equal(got, want) { +			t.Errorf("got logId %X, wanted %X in test %q", got, want, table.description) +		} +		if got, want := sth.Signature, testSignature; !bytes.Equal(got, want) { +			t.Errorf("got signature %X, wanted %X in test %q", got, want, table.description) +		} +		if got, want := sth.TreeHead.Timestamp, th.Timestamp; got != want { +			t.Errorf("got timestamp %d, wanted %d in test %q", got, want, table.description) +		} +		if got, want := sth.TreeHead.TreeSize, th.TreeSize; got != want { +			t.Errorf("got tree size %d, wanted %d in test %q", got, want, table.description) +		} +		if got, want := sth.TreeHead.RootHash.Data, th.RootHash.Data; !bytes.Equal(got, want) { +			t.Errorf("got root hash %X, wanted %X in test %q", got, want, table.description) +		} +		if sth.TreeHead.Extension != nil { +			t.Errorf("got extensions %X, wanted nil in test %q", sth.TreeHead.Extension, table.description) +		} +	}  } + +// TODO: test that metrics are updated correctly? | 
