aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--integration/conf/client.config13
-rw-r--r--integration/conf/sigsum.config6
-rw-r--r--integration/conf/trillian.config7
-rw-r--r--integration/config18
-rwxr-xr-xintegration/run87
-rwxr-xr-xintegration/start_sigsum_serv15
-rwxr-xr-xintegration/start_tlog_seq10
-rwxr-xr-xintegration/start_tlog_serv6
-rwxr-xr-xintegration/test.sh164
9 files changed, 190 insertions, 136 deletions
diff --git a/integration/conf/client.config b/integration/conf/client.config
new file mode 100644
index 0000000..e62588f
--- /dev/null
+++ b/integration/conf/client.config
@@ -0,0 +1,13 @@
+#!/bin/bash
+
+#
+# Setup instructions:
+#
+# - Use `sigsum-debug keygen` to get a private key
+# - Set a domain hint that starts with "_sigsum_v0."
+# - Configure domain hint to be aware of the output of the appropriate
+# key hash. See `sigsum-debug pubkey` and `sigsum-debug keyhash`.
+#
+
+cli_priv=29599fd81e266e161a9df977044dda89ab72fe9c8a98f23026f7fb63ee2feed9cda2517e17dcba133eb0e71bf77473f94a77d7e61b1de4e1e64adfd0938d6182
+cli_domain_hint=_sigsum_v0.testonly.rgdd.se
diff --git a/integration/conf/sigsum.config b/integration/conf/sigsum.config
new file mode 100644
index 0000000..c44ccc0
--- /dev/null
+++ b/integration/conf/sigsum.config
@@ -0,0 +1,6 @@
+#!/bin/bash
+
+ssrv_endpoint=localhost:6966
+ssrv_prefix=testonly
+ssrv_shard_start=2009
+ssrv_interval=15s
diff --git a/integration/conf/trillian.config b/integration/conf/trillian.config
new file mode 100644
index 0000000..eaa6f6d
--- /dev/null
+++ b/integration/conf/trillian.config
@@ -0,0 +1,7 @@
+#!/bin/bash
+
+tsrv_rpc=localhost:6962
+tseq_rpc=localhost:6963
+
+tsrv_http=localhost:6964
+tseq_http=localhost:6965
diff --git a/integration/config b/integration/config
deleted file mode 100644
index 186c88f..0000000
--- a/integration/config
+++ /dev/null
@@ -1,18 +0,0 @@
-# Use createtree to create a trillian tree and set tree_id.
-tree_id=
-
-# Use sigsum_keygen to generate a key pair for the log and set log_sk.
-log_sk=
-
-# Use sigsum_keygen to generate a key pair for the witness and set wit_sk.
-wit_sk=
-
-# Use sigsum_keygen to generate a key pair for submission and set submit_sk.
-# Add a TXT record named $domain_hint with the hash of the vk as its value.
-submit_sk=
-domain_hint=_sigsum_v0.example.com
-
-
-log_vk=$(echo $log_sk | cut -c 65-)
-wit_vk=$(echo $wit_sk | cut -c 65-)
-submit_vk=$(echo $submit_sk | cut -c 65-)
diff --git a/integration/run b/integration/run
deleted file mode 100755
index f9045dc..0000000
--- a/integration/run
+++ /dev/null
@@ -1,87 +0,0 @@
-#!/bin/bash
-
-#
-# You will need to configure Trillian locally on your test machine. See
-#
-# cmd/sigsum_log_go/README.md.
-#
-# for some pointers. Ensure that trillian_log_server and trillian_log_signer
-# are in $GOPATH, and set the appropriate Trillian id in start_sigsum_server.
-#
-# You will also need to install into your $GOPATH:
-#
-# go build -o $GOPATH/bin/sigsum_log_go cmd/sigsum_log_go/main.go
-# go build -o $GOPATH/bin/sigsum_keygen cmd/tmp/keygen/main.go
-# go build -o $GOPATH/bin/cosign cmd/tmp/cosign/main.go
-# go build -o $GOPATH/bin/submit cmd/tmp/submit/main.go
-#
-# Run the test as follows:
-#
-# 1. integration/start_tlog_seq # "terminal 1"
-# 2. integration/start_tlog_serv # "terminal 2"
-# 3. integration/start_sigsum_serv # "terminal 3"
-# 4. integration/run # "terminal 4"
-#
-# What you expect to see is if the different endpoints function.
-#
-# - There is a to-cosign tree head
-# - Submitting four entries work
-# - Adding a cosignature works
-# - Cosigned tree head is not available (waiting for rotate)
-# - Experimental checkpoint works
-# - Consistency proof works
-# - Fetching entries work
-# - Cosigned tree head is available (tree heads rotated)
-#
-# Warning: it is assumed that there are at least 4 leaves in the database.
-# Warning: the get-inclusion-proof endpoint is not poked.
-# Warning: this needs to be replaced, see issues/add-integration-test.md.
-#
-
-. "$(dirname $0)/config"
-
-now=$(date +%s)
-url=http://localhost:6965/testonly/sigsum/v0
-shard_hint=$(date +%s)
-
-wait_seconds=5
-
-echo "test: get-tree-head-to-sign"
-curl $url/get-tree-head-to-sign
-sleep $wait_seconds; echo ""
-
-echo "test: submitting four..."
-$GOPATH/bin/submit --sk=$submit_sk --shard_hint=$shard_hint --domain_hint=$domain_hint | bash
-$GOPATH/bin/submit --sk=$submit_sk --shard_hint=$shard_hint --domain_hint=$domain_hint | bash
-$GOPATH/bin/submit --sk=$submit_sk --shard_hint=$shard_hint --domain_hint=$domain_hint | bash
-$GOPATH/bin/submit --sk=$submit_sk --shard_hint=$shard_hint --domain_hint=$domain_hint | bash
-sleep $wait_seconds
-
-echo "test: cosigning..."
-$GOPATH/bin/cosign --url=$url --log_vk=$log_vk --sk=$wit_sk
-sleep $wait_seconds
-echo ""
-
-echo "test: get-tree-head-cosigned -- expect Error=no cosignatures available"
-curl $url/get-tree-head-cosigned
-sleep $wait_seconds
-echo ""
-
-echo "test: get-checkpoint"
-curl $url/get-checkpoint
-sleep $wait_seconds
-echo ""
-
-echo "test: get-consistency-proof (expect failure on first run with new log)"
-printf "old_size=1\nnew_size=4\n" | curl --data-binary @- $url/get-consistency-proof
-sleep $wait_seconds
-echo ""
-
-echo "test: get-leaves (first and second)"
-printf "start_size=0\nend_size=1\n" | curl --data-binary @- $url/get-leaves
-sleep $wait_seconds
-echo ""
-
-echo "with 30s interval we should now have a cosigned tree head"
-curl $url/get-tree-head-cosigned
-echo ""
diff --git a/integration/start_sigsum_serv b/integration/start_sigsum_serv
deleted file mode 100755
index c4552c2..0000000
--- a/integration/start_sigsum_serv
+++ /dev/null
@@ -1,15 +0,0 @@
-#!/bin/bash
-
-. "$(dirname $0)/config"
-
-shard_start=1
-prefix=testonly
-
-echo "running sigsum-log-go with vk: $log_vk"
-$GOPATH/bin/sigsum_log_go \
- --logtostderr --v 3\
- --prefix $prefix \
- --key $log_sk \
- --trillian_id $tree_id \
- --witnesses $wit_vk \
- --shard_interval_start $shard_start
diff --git a/integration/start_tlog_seq b/integration/start_tlog_seq
deleted file mode 100755
index 29d1fb3..0000000
--- a/integration/start_tlog_seq
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/bin/bash
-
-$GOPATH/bin/trillian_log_signer \
- --logtostderr \
- --force_master \
- --rpc_endpoint=localhost:6961 \
- --http_endpoint=localhost:6964 \
- --num_sequencers 1 \
- --sequencer_interval 100ms \
- --batch_size 100
diff --git a/integration/start_tlog_serv b/integration/start_tlog_serv
deleted file mode 100755
index a9fc5dd..0000000
--- a/integration/start_tlog_serv
+++ /dev/null
@@ -1,6 +0,0 @@
-#!/bin/bash
-
-$GOPATH/bin/trillian_log_server \
- --logtostderr \
- --rpc_endpoint=localhost:6962 \
- --http_endpoint=localhost:6963
diff --git a/integration/test.sh b/integration/test.sh
new file mode 100755
index 0000000..64996ae
--- /dev/null
+++ b/integration/test.sh
@@ -0,0 +1,164 @@
+#!/bin/bash
+
+set -eu
+trap cleanup EXIT
+
+function main() {
+ log_dir=$(mktemp -d)
+ info "writing logs to $log_dir"
+
+ check_go_deps
+ trillian_setup conf/trillian.config
+ sigsum_setup conf/sigsum.config
+ client_setup conf/client.config
+ check_setup
+
+ run_tests
+}
+
+function check_go_deps() {
+ [[ $(command -v trillian_log_signer) ]] || die "Hint: go install github.com/google/trillian/cmd/trillian_log_signer@v1.3.13"
+ [[ $(command -v trillian_log_server) ]] || die "Hint: go install github.com/google/trillian/cmd/trillian_log_server@v1.3.13"
+ [[ $(command -v createtree) ]] || die "Hint: go install github.com/google/trillian/cmd/createtree@v1.3.13"
+ [[ $(command -v deletetree) ]] || die "Hint: go install github.com/google/trillian/cmd/deletetree@v1.3.13"
+ [[ $(command -v sigsum_log_go) ]] || die "Hint: go install git.sigsum.org/sigsum-log-go/cmd/sigsum_log_go@v0.3.5"
+ [[ $(command -v sigsum-debug) ]] || die "Hint: see sigsum-tools-go repo, branch rgdd/sigsum-debug"
+}
+
+function client_setup() {
+ source $1
+
+ cli_pub=$(echo $cli_priv | sigsum-debug pubkey)
+ cli_key_hash=$(echo $cli_pub | sigsum-debug hashkey)
+
+ [[ $cli_domain_hint =~ ^_sigsum_v0..+ ]] ||
+ die "must have a valid domain hint"
+
+ for line in $(dig +short -t txt $cli_domain_hint); do
+ key_hash=${line:1:${#line}-2}
+ if [[ $key_hash == $cli_key_hash ]]; then
+ return
+ fi
+ done
+
+ die "must have a properly configured domain hint"
+}
+
+function trillian_setup() {
+ source $1
+
+ trillian_log_server\
+ -rpc_endpoint=$tsrv_rpc\
+ -http_endpoint=$tsrv_http\
+ -log_dir=$log_dir 2>/dev/null &
+ tsrv_pid=$!
+ info "started Trillian log server (pid $tsrv_pid)"
+
+ trillian_log_signer\
+ -force_master\
+ -rpc_endpoint=$tseq_rpc\
+ -http_endpoint=$tseq_http\
+ -log_dir=$log_dir 2>/dev/null &
+
+ tseq_pid=$!
+ info "started Trillian log sequencer (pid $tseq_pid)"
+
+ ssrv_tree_id=$(createtree --admin_server $tsrv_rpc 2>/dev/null)
+ [[ $? -eq 0 ]] ||
+ die "must provision a new Merkle tree"
+
+ info "provisioned Merkle tree with id $ssrv_tree_id"
+}
+
+function sigsum_setup() {
+ source $1
+
+ wit1_priv=$(sigsum-debug genkey)
+ wit1_pub=$(echo $wit1_priv | sigsum-debug pubkey)
+ wit1_key_hash=$(echo $wit1_pub | sigsum-debug hashkey)
+
+ wit2_priv=$(sigsum-debug genkey)
+ wit2_pub=$(echo $wit2_priv | sigsum-debug pubkey)
+ wit2_key_hash=$(echo $wit2_pub | sigsum-debug hashkey)
+
+ ssrv_witnesses=$wit1_key_hash,$wit2_key_hash
+ ssrv_priv=$(sigsum-debug genkey)
+ ssrv_pub=$(echo $ssrv_priv | sigsum-debug pubkey)
+
+ sigsum_log_go\
+ -prefix=$ssrv_prefix\
+ -trillian_id=$ssrv_tree_id\
+ -shard_interval_start=$ssrv_shard_start\
+ -key=$ssrv_priv\
+ -witnesses=$ssrv_witnesses\
+ -interval=$ssrv_interval\
+ -http_endpoint=$ssrv_endpoint\
+ -log_dir=$log_dir -v=3 2>/dev/null &
+ ssrv_pid=$!
+
+ info "started Sigsum log server on $ssrv_endpoint (pid $ssrv_pid)"
+}
+
+function cleanup() {
+ set +e
+
+ info "cleaning up, please wait..."
+ sleep 1
+
+ kill -2 $ssrv_pid
+ kill -2 $tseq_pid
+ while :; do
+ sleep 1
+
+ ps -p $tseq_pid >/dev/null && continue
+ ps -p $ssrv_pid >/dev/null && continue
+
+ break
+ done
+
+ info "stopped Trillian log sequencer"
+ info "stopped Sigsum log server"
+
+ deletetree -admin_server=$tsrv_rpc -log_id=$ssrv_tree_id ||
+ warn "failed deleting provisioned Merkle tree"
+
+ info "deleteted provisioned Merkle tree"
+
+ kill -2 $tsrv_pid
+ while :; do
+ sleep 1
+
+ ps -p $tsrv_pid >/dev/null && continue
+
+ break
+ done
+
+ info "stopped Trillian log server"
+}
+
+function check_setup() {
+ sleep 3
+
+ ps -p $tseq_pid >/dev/null || die "must have Trillian log sequencer"
+ ps -p $tsrv_pid >/dev/null || die "must have Trillian log server"
+ ps -p $ssrv_pid >/dev/null || die "must have Sigsum log server"
+}
+
+function run_tests() {
+ info "TODO: add tests"
+}
+
+function die() {
+ echo "$(date +"%Y-%m-%d %H:%M:%S") [FATA] $@" >&2
+ exit 1
+}
+
+function info() {
+ echo "$(date +"%Y-%m-%d %H:%M:%S") [INFO] $@" >&2
+}
+
+function warn() {
+ echo "$(date +"%Y-%m-%d %H:%M:%S") [WARN] $@" >&2
+}
+
+main