blob: cad1a7e9b94e70ec9b3fefbe0830a550ba9ef990 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
|
# Makefile for catlfish
PREFIX=rel
build all:
./make.erl
clean:
-rm ebin/*.beam
release: all
rm -rf $(PREFIX)
mkdir $(PREFIX)
./makerelease.erl $(PREFIX)
-include test/test.mk
tests-prepare:
rm -r $(PREFIX)/tests || true
mkdir $(PREFIX)/tests
make tests-createca
make tests-createcert
mkdir $(PREFIX)/tests/keys
(cd $(PREFIX)/tests/keys ; ../../../tools/create-key.sh logkey)
mkdir $(PREFIX)/tests/mergedb
mkdir $(PREFIX)/tests/mergedb/chains
touch $(PREFIX)/tests/mergedb/logorder
mkdir $(PREFIX)/tests/known_roots
cp tools/testcerts/roots/* $(PREFIX)/tests/known_roots
cp -r test/config/privatekeys $(PREFIX)/tests
cp -r test/config/publickeys $(PREFIX)/tests
@for machine in $(MACHINES); do \
tools/compileconfig.py --config=test/catlfish-test.cfg --localconfig test/catlfish-test-local-$$machine.cfg ; \
mkdir -p $(PREFIX)/tests/machine/machine-$$machine/db ; \
touch $(PREFIX)/tests/machine/machine-$$machine/db/index ; \
touch $(PREFIX)/tests/machine/machine-$$machine/db/newentries ; \
done
tools/compileconfig.py --config test/catlfish-test.cfg --localconfig test/catlfish-test-local-signing.cfg
@for node in $(NODES); do \
mkdir -p test/nodes/$$node/log ; \
done
tests-start:
@for node in $(NODES); do \
(cd $(PREFIX) ; bin/run_erl -daemon ../test/nodes/$$node/ ../test/nodes/$$node/log/ "exec bin/erl -config $$node") \
done
@for i in 1 2 3 4 5 6 7 8 9 10; do \
echo "waiting for system to start" ; \
sleep 0.5 ; \
allstarted=1 ; \
notstarted= ; \
for testurl in $(TESTURLS); do \
if curl -s -k -4 https://$$testurl > /dev/null ; then : ; else allstarted=0 ; notstarted="$$testurl $$notstarted" ; fi ; \
: ; \
done ; \
if [ $$allstarted -eq 1 ]; then break ; \
elif [ $$i -eq 10 ]; then echo Not started: $$notstarted ; fi ; \
done
tests-run:
@(cd $(PREFIX) && python ../tools/testcase1.py https://localhost:8080/ tests/keys/logkey.pem) || (echo "Tests failed" ; false)
@(cd $(PREFIX) && python ../tools/fetchallcerts.py $(BASEURL) --publickey=tests/keys/logkey.pem) || (echo "Verification failed" ; false)
@(cd $(PREFIX) && rm -f submittedcerts)
@(cd $(PREFIX) && python ../tools/submitcert.py --parallel=1 --store ../tools/testcerts/cert1.txt --check-sct --sct-file=submittedcerts $(BASEURL) --publickey=tests/keys/logkey.pem) || (echo "Submission failed" ; false)
@(cd $(PREFIX) && python ../tools/submitcert.py --parallel=1 --store ../tools/testcerts/cert2.txt --check-sct --sct-file=submittedcerts $(BASEURL) --publickey=tests/keys/logkey.pem) || (echo "Submission failed" ; false)
@(cd $(PREFIX) && python ../tools/submitcert.py --parallel=1 --store ../tools/testcerts/cert3.txt --check-sct --sct-file=submittedcerts $(BASEURL) --publickey=tests/keys/logkey.pem) || (echo "Submission failed" ; false)
@(cd $(PREFIX) && python ../tools/submitcert.py --parallel=1 --store ../tools/testcerts/cert4.txt --check-sct --sct-file=submittedcerts $(BASEURL) --publickey=tests/keys/logkey.pem) || (echo "Submission failed" ; false)
@(cd $(PREFIX) && python ../tools/submitcert.py --parallel=1 --store ../tools/testcerts/cert5.txt --check-sct --sct-file=submittedcerts $(BASEURL) --publickey=tests/keys/logkey.pem) || (echo "Submission failed" ; false)
@(cd $(PREFIX) && python ../tools/submitcert.py --parallel=1 --store ../tools/testcerts/pre1.txt --check-sct --sct-file=submittedcerts $(BASEURL) --publickey=tests/keys/logkey.pem) || (echo "Submission failed" ; false)
@(cd $(PREFIX) && python ../tools/submitcert.py --parallel=1 --store ../tools/testcerts/pre2.txt --check-sct --sct-file=submittedcerts $(BASEURL) --publickey=tests/keys/logkey.pem) || (echo "Submission failed" ; false)
@(cd $(PREFIX) && python ../tools/merge.py --config ../test/catlfish-test.cfg --localconfig ../test/catlfish-test-local-merge.cfg) || (echo "Merge failed" ; false)
tests-run2:
@(cd $(PREFIX) ; python ../tools/verifysct.py --sct-file=submittedcerts --parallel 1 $(BASEURL) --publickey=tests/keys/logkey.pem) || echo "Verification of SCT:s failed"
tests-stop:
@for node in $(NODES); do \
./tools/halt.py to_erl test/nodes/$$node/ ; \
done
tests-wait:
sleep 5
tests:
tools/compileconfig.py --config=test/catlfish-test.cfg --testmakefile=test/test.mk --machines 1
@make tests-prepare
@make tests-start
@make tests-run || (make tests-stop ; false)
@make tests-wait
@make tests-stop
@make tests-wait
@make tests-start
@make tests-run2 || (make tests-stop ; false)
@make tests-wait
@make tests-stop
tests-createca:
mkdir $(PREFIX)/tests/httpsca
( cd $(PREFIX)/tests/httpsca ; \
mkdir -p demoCA/newcerts ; \
touch demoCA/index.txt ; \
echo 00 > demoCA/serial ; \
echo '[ req ]' > caconfig.txt ; \
echo 'distinguished_name = req_distinguished_name' >> caconfig.txt ; \
echo 'x509_extensions = v3_ca' >> caconfig.txt ; \
echo '[ req_distinguished_name ]' >> caconfig.txt ; \
echo '[ v3_ca ]' >> caconfig.txt ; \
echo 'basicConstraints=CA:true' >> caconfig.txt ; \
openssl req -newkey rsa:2048 -keyout key.pem -out req.csr -nodes -subj '/countryName=SE/stateOrProvinceName=Stockholm/organizationName=Test/commonName=ca/O=ca' -config caconfig.txt ; \
openssl ca -in req.csr -selfsign -keyfile key.pem -out demoCA/cacert.pem -batch \
)
tests-createcert:
mkdir $(PREFIX)/tests/httpscert
openssl req -new -newkey rsa:2048 -keyout $(PREFIX)/tests/httpscert/httpskey-1.pem -out $(PREFIX)/tests/httpsca/httpscert-1.csr -nodes -subj '/countryName=SE/stateOrProvinceName=Stockholm/organizationName=Test/CN=localhost'
( cd $(PREFIX)/tests/httpsca ; \
openssl ca -in httpscert-1.csr -keyfile key.pem -out httpscert-1.pem -batch \
)
cp $(PREFIX)/tests/httpsca/httpscert-1.pem $(PREFIX)/tests/httpscert/
# Unit testing.
check: all
test/check.erl
|