diff options
author | Linus Nordberg <linus@nordu.net> | 2016-07-12 17:48:15 +0200 |
---|---|---|
committer | Linus Nordberg <linus@nordu.net> | 2016-07-12 17:48:15 +0200 |
commit | fcba73af863920411aa62dbc66793f95ee6cc1f6 (patch) | |
tree | b3d1a8802d03838baa7929d0e439242b16761365 | |
parent | b6ce64e114022ea23668cd69ce0ef7517dbe68ad (diff) | |
parent | 0c324cb99362e5915860a915291ba287138f3bcf (diff) |
Use check-sth.py; Add missing testcerts/cert7.
-rw-r--r-- | Makefile | 16 | ||||
-rw-r--r-- | tools/testcerts/cert7.txt | 88 |
2 files changed, 96 insertions, 8 deletions
@@ -74,7 +74,7 @@ tests-start: tests-run: @(cd $(INSTDIR) && python ../tools/testcase1.py https://localhost:8080/ tests/keys/logkey.pem tests/httpsca/demoCA/cacert.pem) || (echo "Tests failed" ; false) - @(cd $(INSTDIR) && ../tools/verifysth.py $(BASEURL) --publickey=tests/keys/logkey.pem --cur-sth=stored-sth --cafile tests/httpsca/demoCA/cacert.pem) + @(cd $(INSTDIR) && ../tools/check-sth.py $(BASEURL) --publickey=tests/keys/logkey.pem --cur-sth=stored-sth --cafile tests/httpsca/demoCA/cacert.pem) @(cd $(INSTDIR) && python ../tools/check-sth.py --publickey=tests/keys/logkey.pem --cafile tests/httpsca/demoCA/cacert.pem https://localhost:8080/) || (echo "Check failed" ; false) @(cd $(INSTDIR) && python ../tools/fetchallcerts.py $(BASEURL) --publickey=tests/keys/logkey.pem --cafile tests/httpsca/demoCA/cacert.pem) || (echo "Verification failed" ; false) @(cd $(INSTDIR) && rm -f submittedcerts) @@ -88,7 +88,7 @@ tests-run: @(cd $(INSTDIR) && python ../tools/submitcert.py --parallel=1 --store ../tools/testcerts/pre2.txt --check-sct --sct-file=submittedcerts $(BASEURL) --publickey=tests/keys/logkey.pem --cafile tests/httpsca/demoCA/cacert.pem) || (echo "Submission failed" ; false) @(cd $(INSTDIR) && python ../tools/storagegc.py --config ../test/catlfish-test.cfg --localconfig ../test/catlfish-test-local-1.cfg) || (echo "GC failed" ; false) @(cd $(INSTDIR) && ../tools/merge --config ../test/catlfish-test.cfg --localconfig ../test/catlfish-test-local-merge.cfg) || (echo "Merge failed" ; false) - @(cd $(INSTDIR) && ../tools/verifysth.py $(BASEURL) --publickey=tests/keys/logkey.pem --cur-sth=stored-sth --cafile tests/httpsca/demoCA/cacert.pem) + @(cd $(INSTDIR) && ../tools/check-sth.py $(BASEURL) --publickey=tests/keys/logkey.pem --cur-sth=stored-sth --cafile tests/httpsca/demoCA/cacert.pem) @(cd $(INSTDIR) && python ../tools/check-sth.py --publickey=tests/keys/logkey.pem --cafile tests/httpsca/demoCA/cacert.pem https://localhost:8080/) || (echo "Check failed" ; false) @(cd $(INSTDIR) && rm -r fetchcertstore || true) @(cd $(INSTDIR) && mkdir fetchcertstore) @@ -108,7 +108,7 @@ tests-run: @(cd $(INSTDIR) && ../tools/merge --config ../test/catlfish-test.cfg --localconfig ../test/catlfish-test-local-merge.cfg) || (echo "Merge failed" ; false) @(cd $(INSTDIR) && treesize=$$(../tools/loginfo.py --config ../test/catlfish-test.cfg --localconfig ../test/catlfish-test-local-merge.cfg --treesize https://localhost:8080/) ; \ test "$$treesize" = "7" || (echo "Tree size $$treesize != expected 7" ; false)) - @(cd $(INSTDIR) && ../tools/verifysth.py $(BASEURL) --publickey=tests/keys/logkey.pem --cur-sth=stored-sth --cafile tests/httpsca/demoCA/cacert.pem) + @(cd $(INSTDIR) && ../tools/check-sth.py $(BASEURL) --publickey=tests/keys/logkey.pem --cur-sth=stored-sth --cafile tests/httpsca/demoCA/cacert.pem) @(cd $(INSTDIR) && bin/run_erl -daemon ../test/nodes/merge-2/ ../test/nodes/merge-2/log/ "exec bin/erl -config merge-2") @for i in 1 2 3 4 5 6 7 8 9 10; do \ echo "waiting for system to start" ; \ @@ -118,11 +118,11 @@ tests-run: @(cd $(INSTDIR) && ../tools/merge --config ../test/catlfish-test.cfg --localconfig ../test/catlfish-test-local-merge.cfg) || (echo "Merge failed" ; false) @(cd $(INSTDIR) && treesize=$$(../tools/loginfo.py --config ../test/catlfish-test.cfg --localconfig ../test/catlfish-test-local-merge.cfg --treesize https://localhost:8080/) ; \ test "$$treesize" = "8" || (echo "Tree size $$treesize != expected 8" ; false)) - @(cd $(INSTDIR) && ../tools/verifysth.py $(BASEURL) --publickey=tests/keys/logkey.pem --cur-sth=stored-sth --cafile tests/httpsca/demoCA/cacert.pem) + @(cd $(INSTDIR) && ../tools/check-sth.py $(BASEURL) --publickey=tests/keys/logkey.pem --cur-sth=stored-sth --cafile tests/httpsca/demoCA/cacert.pem) tests-run2: @(cd $(INSTDIR) ; python ../tools/verifysct.py --sct-file=submittedcerts --parallel 1 $(BASEURL) --publickey=tests/keys/logkey.pem --cafile tests/httpsca/demoCA/cacert.pem) || echo "Verification of SCT:s failed" - @(cd $(INSTDIR) && ../tools/verifysth.py $(BASEURL) --publickey=tests/keys/logkey.pem --cur-sth=stored-sth --cafile tests/httpsca/demoCA/cacert.pem) + @(cd $(INSTDIR) && ../tools/check-sth.py $(BASEURL) --publickey=tests/keys/logkey.pem --cur-sth=stored-sth --cafile tests/httpsca/demoCA/cacert.pem) @(cd $(INSTDIR) && python ../tools/storagegc.py --config ../test/catlfish-test.cfg --localconfig ../test/catlfish-test-local-1.cfg) || (echo "GC failed" ; false) tests-prepare-merge-takeover: @@ -136,11 +136,11 @@ tests-prepare-merge-takeover: tests-run3: @echo $@ @(cd $(INSTDIR) && ../tools/merge --config ../test/catlfish-test.cfg --localconfig ../test/catlfish-test-local-merge.cfg) || (echo "Merge failed" ; false) - @(cd $(INSTDIR) && ../tools/verifysth.py $(BASEURL) --publickey=tests/keys/logkey.pem --cur-sth=stored-sth --cafile tests/httpsca/demoCA/cacert.pem) + @(cd $(INSTDIR) && ../tools/check-sth.py $(BASEURL) --publickey=tests/keys/logkey.pem --cur-sth=stored-sth --cafile tests/httpsca/demoCA/cacert.pem) @(cd $(INSTDIR) && python ../tools/submitcert.py --parallel=1 --store ../tools/testcerts/cert7.txt --check-sct --sct-file=submittedcerts-7 $(BASEURL) --publickey=tests/keys/logkey.pem --cafile tests/httpsca/demoCA/cacert.pem) || (echo "Submission failed" ; false) @(cd $(INSTDIR) && ../tools/merge --config ../test/catlfish-test.cfg --localconfig ../test/catlfish-test-local-merge.cfg) || (echo "Merge failed" ; false) @(cd $(INSTDIR) ; python ../tools/verifysct.py --sct-file=submittedcerts --parallel 1 $(BASEURL) --publickey=tests/keys/logkey.pem --cafile tests/httpsca/demoCA/cacert.pem) || echo "Verification of SCT:s failed" - @(cd $(INSTDIR) && ../tools/verifysth.py $(BASEURL) --publickey=tests/keys/logkey.pem --cur-sth=stored-sth --cafile tests/httpsca/demoCA/cacert.pem) + @(cd $(INSTDIR) && ../tools/check-sth.py $(BASEURL) --publickey=tests/keys/logkey.pem --cur-sth=stored-sth --cafile tests/httpsca/demoCA/cacert.pem) tests-prepare-redistribute-frontend: @@ -153,7 +153,7 @@ tests-prepare-redistribute-frontend: tests-run4: @echo $@ @(cd $(INSTDIR) && ../tools/merge --config ../test/catlfish-test.cfg --localconfig ../test/catlfish-test-local-merge.cfg) || (echo "Merge failed" ; false) - @(cd $(INSTDIR) && ../tools/verifysth.py $(BASEURL) --publickey=tests/keys/logkey.pem --cur-sth=stored-sth --cafile tests/httpsca/demoCA/cacert.pem) + @(cd $(INSTDIR) && ../tools/check-sth.py $(BASEURL) --publickey=tests/keys/logkey.pem --cur-sth=stored-sth --cafile tests/httpsca/demoCA/cacert.pem) tests-stop: @for node in $(NODES); do \ diff --git a/tools/testcerts/cert7.txt b/tools/testcerts/cert7.txt new file mode 100644 index 0000000..0cd5fc7 --- /dev/null +++ b/tools/testcerts/cert7.txt @@ -0,0 +1,88 @@ +depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert High Assurance EV Root CA +verify return:1 +depth=1 C = NL, ST = Noord-Holland, L = Amsterdam, O = TERENA, CN = TERENA SSL High Assurance CA 3 +verify return:1 +depth=0 businessCategory = Government Entity, jurisdictionC = SE, serialNumber = Government Entity, street = Brinellv\C3\A4gen 8, postalCode = 114 28, C = SE, ST = Stockholm, L = Stockholm, O = Kungliga Tekniska h\C3\B6gskolan, OU = ITA, CN = ns-vip-01.sys.kth.se +verify return:1 +--- +Certificate chain + 0 s:/businessCategory=Government Entity/jurisdictionC=SE/serialNumber=Government Entity/street=Brinellv\xC3\xA4gen 8/postalCode=114 28/C=SE/ST=Stockholm/L=Stockholm/O=Kungliga Tekniska h\xC3\xB6gskolan/OU=ITA/CN=ns-vip-01.sys.kth.se + i:/C=NL/ST=Noord-Holland/L=Amsterdam/O=TERENA/CN=TERENA SSL High Assurance CA 3 + 1 s:/C=NL/ST=Noord-Holland/L=Amsterdam/O=TERENA/CN=TERENA SSL High Assurance CA 3 + i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA +--- +Server certificate +-----BEGIN CERTIFICATE----- +MIIHgzCCBmugAwIBAgIQCdqT9/QmgQ7tXQLSVpiJbjANBgkqhkiG9w0BAQsFADBz +MQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJ +QW1zdGVyZGFtMQ8wDQYDVQQKEwZURVJFTkExJzAlBgNVBAMTHlRFUkVOQSBTU0wg +SGlnaCBBc3N1cmFuY2UgQ0EgMzAeFw0xNTAyMDIwMDAwMDBaFw0xNzAyMDYxMjAw +MDBaMIIBATEaMBgGA1UEDwwRR292ZXJubWVudCBFbnRpdHkxEzARBgsrBgEEAYI3 +PAIBAxMCU0UxGjAYBgNVBAUTEUdvdmVybm1lbnQgRW50aXR5MRgwFgYDVQQJDA9C +cmluZWxsdsOkZ2VuIDgxDzANBgNVBBETBjExNCAyODELMAkGA1UEBhMCU0UxEjAQ +BgNVBAgTCVN0b2NraG9sbTESMBAGA1UEBxMJU3RvY2tob2xtMSUwIwYDVQQKDBxL +dW5nbGlnYSBUZWtuaXNrYSBow7Znc2tvbGFuMQwwCgYDVQQLEwNJVEExHTAbBgNV +BAMTFG5zLXZpcC0wMS5zeXMua3RoLnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A +MIIBCgKCAQEApiFDIvE+jH/pLv4e3dG2LIvP6Cskik6ZEq83gG7lDYZp0/lUzL29 +sOd/CnDypzoRRhURdy832tY+9Lyri1m3y6kBzl2tGKtM25r1TRR/VLYbaZr+7o+a +PLiu5E0jRdhc2lp5t4IOkHJMWAAEtXhvcI0b30kksM28NHv8t7b4Tfr8Xq82V/KI +mOHRVprZj0X/cRNfC5ELrONQCTyx/uEgl26biZ+FaN5E5K2adjGaOG2ejwf8tuex +aMDTqJJEBv0IOsDl/vVlv8xwo/EaqH2hIZqYLVcjpJYCZA0yzfGfPOvWaPjbdk3g +8j1ka/iMRUlWQlwJxC9KgjGA6xwM2SiZAwIDAQABo4IDgTCCA30wHwYDVR0jBBgw +FoAUwriF1+G5E73RSLz9Xtx9kEJ6iqkwHQYDVR0OBBYEFNwVQHULuYn87IccKDOy +8WXztypxMDMGA1UdEQQsMCqCFG5zLXZpcC0wMS5zeXMua3RoLnNlggZrdGguc2WC +Cnd3dy5rdGguc2UwDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMB +BggrBgEFBQcDAjCBhQYDVR0fBH4wfDA8oDqgOIY2aHR0cDovL2NybDMuZGlnaWNl +cnQuY29tL1RFUkVOQVNTTEhpZ2hBc3N1cmFuY2VDQTMuY3JsMDygOqA4hjZodHRw +Oi8vY3JsNC5kaWdpY2VydC5jb20vVEVSRU5BU1NMSGlnaEFzc3VyYW5jZUNBMy5j +cmwwQgYDVR0gBDswOTA3BglghkgBhv1sAgEwKjAoBggrBgEFBQcCARYcaHR0cHM6 +Ly93d3cuZGlnaWNlcnQuY29tL0NQUzB7BggrBgEFBQcBAQRvMG0wJAYIKwYBBQUH +MAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBFBggrBgEFBQcwAoY5aHR0cDov +L2NhY2VydHMuZGlnaWNlcnQuY29tL1RFUkVOQVNTTEhpZ2hBc3N1cmFuY2VDQTMu +Y3J0MAwGA1UdEwEB/wQCMAAwggF+BgorBgEEAdZ5AgQCBIIBbgSCAWoBaAB2AKS5 +CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7IDdwQAAABS0m3DSsAAAQDAEcwRQIh +AK5X6zyg4itvaiHvX52Dzt1KZXZtsSyPyvJ5TvIKYgnWAiAliRErIfDHWGJSc3QA +QFtFIO78h3CFE2VIaXG3a/OShQB1AGj2mPgfZIK+OozuuSgdTPxxUV1nk9RE0Qpn +rLtPT/vEAAABS0m3DNEAAAQDAEYwRAIgSxsxeRIEyG17W2Hm3gkoP+g0VRSBIYwm +cd3SkyUkM28CIE6kyWZw0ArCssseNtNi0nZO3UUCDNCmQwnnzXn2dw1zAHcAVhQG +mi/XwuzT9eG9RLI+x0Z2ubyZEVzA75SYVdaJ0N0AAAFLSbcOpwAABAMASDBGAiEA ++HptsTKBs/T9KWMn0MaFjdyTOvAAcp6s6iFd84naRRMCIQCD4bxdQEP1Fls7VXZl +kewlHIUo4aQqKhypPMCOGkRQDzANBgkqhkiG9w0BAQsFAAOCAQEAH3jW+5hZJ14a +EuCTAZXfrCsXmopbHLWuI/pjWYJLyqGcWLVBZD2c/WqHpptQEPcJQF8/oPjA/DT0 +TKKIh0DZcQ6XoZTz7o02dBvkKsnBu9Vhoz78EQNNRcgyEgmU7DPXjdfMuBKre0ia +qPYEllzZLF0EXeap4SLXxdYh0XpLVjFnQDEYFeUcqbYX2r7AAqG/1476Vx/PtX4x +SGu7Q9RUt+wq7WOxRxzT+IorJ9zPqETr6ywqjfPXvWGzpoxeDgPKNh3pDKm4v160 +aYuM6Ar4zueUYRTNbdNCvQXg1o8a9S6pZSh/YkY64pHGsZ95taBcIw3Gn4CBAboS +rw36n9nb1g== +-----END CERTIFICATE----- +subject=/businessCategory=Government Entity/jurisdictionC=SE/serialNumber=Government Entity/street=Brinellv\xC3\xA4gen 8/postalCode=114 28/C=SE/ST=Stockholm/L=Stockholm/O=Kungliga Tekniska h\xC3\xB6gskolan/OU=ITA/CN=ns-vip-01.sys.kth.se +issuer=/C=NL/ST=Noord-Holland/L=Amsterdam/O=TERENA/CN=TERENA SSL High Assurance CA 3 +-----BEGIN CERTIFICATE----- +MIIE4DCCA8igAwIBAgIQC1w0NWdbJGfA1zI3+Q1flDANBgkqhkiG9w0BAQsFADBs +MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j +ZSBFViBSb290IENBMB4XDTE0MTExODEyMDAwMFoXDTI0MTExODEyMDAwMFowczEL +MAkGA1UEBhMCTkwxFjAUBgNVBAgTDU5vb3JkLUhvbGxhbmQxEjAQBgNVBAcTCUFt +c3RlcmRhbTEPMA0GA1UEChMGVEVSRU5BMScwJQYDVQQDEx5URVJFTkEgU1NMIEhp +Z2ggQXNzdXJhbmNlIENBIDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB +AQChNsmK4gfxr6c9j2OMBRo3gOA7z5keoaPHiX4rUX+1fF1Brmvf7Uo83sRiXRYQ +RJrD79hzJrulDtdihxgS5HgvIQHqGrp3NRRDUlq/4bItLTp9QCHzLhRQSrSYaFkI +zztYezwb3ABzNiVciqQFk7WR9ebh9ZaCxaXfebcg7LodgQQ4XDvkW2Aknkb1J8NV +nlbKen6PLlNSL4+MLV+uF1e87aTgOxbM9sxZ1/1LRqrOu28z9WA8qUZn2Av+hcP2 +TQIBoMPMQ8dT+6Yx/0Y+2J702OU//dS0pi8gMe7FtYVcZrlcSy/C40I7EFYHEjTm +zH4EGvG6t9wZua2atFKvP/7HAgMBAAGjggF1MIIBcTASBgNVHRMBAf8ECDAGAQH/ +AgEAMA4GA1UdDwEB/wQEAwIBhjB/BggrBgEFBQcBAQRzMHEwJAYIKwYBBQUHMAGG +GGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBJBggrBgEFBQcwAoY9aHR0cDovL2Nh +Y2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENB +LmNydDBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsNC5kaWdpY2VydC5jb20v +RGlnaUNlcnRIaWdoQXNzdXJhbmNlRVZSb290Q0EuY3JsMD0GA1UdIAQ2MDQwMgYE +VR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BT +MB0GA1UdDgQWBBTCuIXX4bkTvdFIvP1e3H2QQnqKqTAfBgNVHSMEGDAWgBSxPsNp +A/i/RwHUmCYaCALvY2QrwzANBgkqhkiG9w0BAQsFAAOCAQEAsCq7NTey6NjZHqT4 +kjZBNU3sItnD+RYAMWx4ZyaELcy7XhndQzX88TYSCYxl/YWB6lCjxx0dL3wTZUbX +r+WRDzz5xX+98kdYrwNCT7fmT4eenv6cCS1sC9hc4sIl5dkb1pguY3ViV5D8/yEB +hadOpw3TwI8xkqe2j/H5fp4Oaf9cFdpf9C85mQgZJwsvtvmmDTQTPcGPRFTgdGtY +2xbWxDah6HjKpX6iI4BTBQhhpX6TJl6/GEaYK07s2Kr8BFPhrgmep9vrepWv61x7 +dnnqz5SeAs6cbSm551qG7Dj8+6f/8e33oqLC5Ldnbt0Ou6PjtZ4O02dN9cnicemR +1B0/YQ== +-----END CERTIFICATE----- |