diff options
Diffstat (limited to 'tools/testcase1.py')
-rwxr-xr-x | tools/testcase1.py | 55 |
1 files changed, 20 insertions, 35 deletions
diff --git a/tools/testcase1.py b/tools/testcase1.py index 697cc99..1a294d9 100755 --- a/tools/testcase1.py +++ b/tools/testcase1.py @@ -22,11 +22,14 @@ certfiles = ["../tools/testcerts/cert1.txt", "../tools/testcerts/cert2.txt", "../tools/testcerts/cert3.txt", "../tools/testcerts/cert4.txt", "../tools/testcerts/cert5.txt"] -cc1 = get_certs_from_file(certfiles[0]) -cc2 = get_certs_from_file(certfiles[1]) -cc3 = get_certs_from_file(certfiles[2]) -cc4 = get_certs_from_file(certfiles[3]) -cc5 = get_certs_from_file(certfiles[4]) +def get_blob_from_file(filename): + return [open(filename, 'r').read()] + +cc1 = get_blob_from_file(certfiles[0]) +cc2 = get_blob_from_file(certfiles[1]) +cc3 = get_blob_from_file(certfiles[2]) +cc4 = get_blob_from_file(certfiles[3]) +cc5 = get_blob_from_file(certfiles[4]) create_ssl_context(cafile=cacertfile) @@ -54,7 +57,8 @@ def assert_equal(actual, expected, name, quiet=False, nodata=False, fatal=False) if nodata: print_error("%s differs", name) else: - print_error("%s expected %s got %s", name, expected, actual) + print_error("%s expected %s got %s", name, repr(expected), + repr(actual)) if fatal: sys.exit(1) elif not quiet: @@ -74,12 +78,13 @@ def print_and_check_tree_size(expected, baseurl): def do_add_chain(chain, baseurl): global failures + blob = ''.join(chain) try: - result = add_chain(baseurl, {"chain":map(base64.b64encode, chain)}) + result = add_chain(baseurl, {"blob":base64.b64encode(blob)}) except ValueError, e: print_error("%s", e) try: - signed_entry = pack_cert(chain[0]) + signed_entry = pack_cert(blob) check_sct_signature(baseurl, signed_entry, result, publickey=logpublickey) print_success("signature check succeeded") except AssertionError, e: @@ -90,8 +95,8 @@ def do_add_chain(chain, baseurl): return result def get_and_validate_proof(timestamp, chain, leaf_index, nentries, baseurl): - cert = chain[0] - merkle_tree_leaf = pack_mtl(timestamp, cert) + blob = ''.join(chain) + merkle_tree_leaf = pack_mtl(timestamp, blob) leaf_hash = get_leaf_hash(merkle_tree_leaf) sth = get_sth(baseurl) proof = get_proof_by_hash(baseurl, leaf_hash, sth["tree_size"]) @@ -104,7 +109,7 @@ def get_and_validate_proof(timestamp, chain, leaf_index, nentries, baseurl): root_hash = base64.b64decode(sth["sha256_root_hash"]) assert_equal(root_hash, calc_root_hash, "verified root hash", nodata=True, quiet=True) - get_and_check_entry(timestamp, chain, leaf_index, baseurl) + get_and_check_entry(timestamp, blob, leaf_index, baseurl) def get_and_validate_consistency_proof(sth1, sth2, size1, size2, baseurl): consistency_proof = [base64.decodestring(entry) for entry in get_consistency_proof(baseurl, size1, size2)] @@ -116,35 +121,15 @@ def get_and_validate_consistency_proof(sth1, sth2, size1, size2, baseurl): def get_and_check_entry(timestamp, chain, leaf_index, baseurl): + blob = ''.join(chain) entries = get_entries(baseurl, leaf_index, leaf_index) assert_equal(len(entries), 1, "get_entries", quiet=True) fetched_entry = entries["entries"][0] - merkle_tree_leaf = pack_mtl(timestamp, chain[0]) + merkle_tree_leaf = pack_mtl(timestamp, blob) leaf_input = base64.decodestring(fetched_entry["leaf_input"]) - assert_equal(leaf_input, merkle_tree_leaf, "entry", nodata=True, quiet=True) extra_data = base64.decodestring(fetched_entry["extra_data"]) - certchain = decode_certificate_chain(extra_data) - - submittedcertchain = chain[1:] - - for (submittedcert, fetchedcert, i) in zip(submittedcertchain, - certchain, itertools.count(1)): - assert_equal(fetchedcert, submittedcert, "cert %d in chain" % (i,), quiet=True) - - if len(certchain) == len(submittedcertchain) + 1: - last_issuer = get_cert_info(submittedcertchain[-1])["issuer"] - root_subject = get_cert_info(certchain[-1])["subject"] - if last_issuer == root_subject: - print_success("fetched chain has an appended root cert") - else: - print_error("fetched chain has an extra entry") - elif len(certchain) == len(submittedcertchain): - print_success("cert chains are the same length") - else: - print_error("cert chain length %d expected %d or %d", - len(certchain), - len(submittedcertchain), - len(submittedcertchain)) + assert_equal(leaf_input, merkle_tree_leaf, "entry", nodata=True, quiet=True) + assert_equal(extra_data, '\x00\x00\x00', "extra_data", quiet=True) def merge(): return subprocess.call(["../tools/merge", "--config", "../test/catlfish-test.cfg", |