summaryrefslogtreecommitdiff
path: root/test
diff options
context:
space:
mode:
authorMagnus Ahltorp <map@kth.se>2017-01-27 16:11:11 +0100
committerLinus Nordberg <linus@nordu.net>2017-02-01 10:46:27 +0100
commitc0d8aceccb0961a25ee58a163441bbcbe6d6ea3d (patch)
tree90c98ad5f286a2475c1dd04ca7ddd70df6669aea /test
parent50667bc5c4896557415ab28269d2aea3ac534bf4 (diff)
Verify config file signature
Read log key from config file in more places. Check STH signature in storagegc.py
Diffstat (limited to 'test')
-rw-r--r--test/catlfish-test-local-1.cfg4
-rw-r--r--test/catlfish-test-local-merge-2.cfg4
-rw-r--r--test/catlfish-test-local-merge.cfg4
-rw-r--r--test/catlfish-test-local-signing.cfg4
-rw-r--r--test/logadminkey-private.pem5
-rw-r--r--test/logadminkey.pem4
-rwxr-xr-xtest/scripts/light-system-test-prepare.sh2
7 files changed, 26 insertions, 1 deletions
diff --git a/test/catlfish-test-local-1.cfg b/test/catlfish-test-local-1.cfg
index adc3e84..1795649 100644
--- a/test/catlfish-test-local-1.cfg
+++ b/test/catlfish-test-local-1.cfg
@@ -30,5 +30,9 @@ paths:
ratelimits:
add_chain: 10 per second
+logadminkey: MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEQ
+ Ah9sZ2CD+JeLbprS6AFcZbo0TGCH0rtEnr2Q3JW0ylhfA+
+ 0/WLu755b3soVX/wI23vqCVGC7N9fOB2WUltveQ==
+
#options:
# - sctcaching
diff --git a/test/catlfish-test-local-merge-2.cfg b/test/catlfish-test-local-merge-2.cfg
index 579e360..b871313 100644
--- a/test/catlfish-test-local-merge-2.cfg
+++ b/test/catlfish-test-local-merge-2.cfg
@@ -18,3 +18,7 @@ paths:
publickeys: publickeys
logpublickey: keys/logkey.pem
privatekeys: privatekeys
+
+logadminkey: MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEQ
+ Ah9sZ2CD+JeLbprS6AFcZbo0TGCH0rtEnr2Q3JW0ylhfA+
+ 0/WLu755b3soVX/wI23vqCVGC7N9fOB2WUltveQ==
diff --git a/test/catlfish-test-local-merge.cfg b/test/catlfish-test-local-merge.cfg
index 273b68e..3b4d45f 100644
--- a/test/catlfish-test-local-merge.cfg
+++ b/test/catlfish-test-local-merge.cfg
@@ -8,3 +8,7 @@ paths:
privatekeys: privatekeys
verifycert_bin: ../bin/verifycert.erl.escript
known_roots: known_roots/
+
+logadminkey: MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEQ
+ Ah9sZ2CD+JeLbprS6AFcZbo0TGCH0rtEnr2Q3JW0ylhfA+
+ 0/WLu755b3soVX/wI23vqCVGC7N9fOB2WUltveQ==
diff --git a/test/catlfish-test-local-signing.cfg b/test/catlfish-test-local-signing.cfg
index 386001e..df91bcd 100644
--- a/test/catlfish-test-local-signing.cfg
+++ b/test/catlfish-test-local-signing.cfg
@@ -19,3 +19,7 @@ paths:
# slot: 0
# label: mylabel
# pin: ffff
+
+logadminkey: MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEQ
+ Ah9sZ2CD+JeLbprS6AFcZbo0TGCH0rtEnr2Q3JW0ylhfA+
+ 0/WLu755b3soVX/wI23vqCVGC7N9fOB2WUltveQ==
diff --git a/test/logadminkey-private.pem b/test/logadminkey-private.pem
new file mode 100644
index 0000000..4464169
--- /dev/null
+++ b/test/logadminkey-private.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIKoa7p5gnAgd9L2t5N1L73MJ1OCj/zItvGoVMtsKPy4JoAoGCCqGSM49
+AwEHoUQDQgAEQAh9sZ2CD+JeLbprS6AFcZbo0TGCH0rtEnr2Q3JW0ylhfA+0/WLu
+755b3soVX/wI23vqCVGC7N9fOB2WUltveQ==
+-----END EC PRIVATE KEY-----
diff --git a/test/logadminkey.pem b/test/logadminkey.pem
new file mode 100644
index 0000000..43ff2c4
--- /dev/null
+++ b/test/logadminkey.pem
@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEQAh9sZ2CD+JeLbprS6AFcZbo0TGC
+H0rtEnr2Q3JW0ylhfA+0/WLu755b3soVX/wI23vqCVGC7N9fOB2WUltveQ==
+-----END PUBLIC KEY-----
diff --git a/test/scripts/light-system-test-prepare.sh b/test/scripts/light-system-test-prepare.sh
index df45d25..84b06cd 100755
--- a/test/scripts/light-system-test-prepare.sh
+++ b/test/scripts/light-system-test-prepare.sh
@@ -50,7 +50,6 @@ printf 0 > mergedb-secondary/verifiedsize
mkdir known_roots
cp ${top_srcdir}/tools/testcerts/roots/* known_roots
mkdir privatekeys
-mkdir publickeys
echo "apikeys:" > api-keys.cfg
for node in ${NODES}; do \
(cd privatekeys ; ${top_srcdir}/tools/create-key.sh ${node})
@@ -66,6 +65,7 @@ echo "cafingerprint: ${cafingerprint}" >> api-keys.cfg
cat ${top_srcdir}/test/catlfish-test.cfg.in api-keys.cfg > ${top_srcdir}/test/catlfish-test.cfg
+openssl dgst -sha256 -sign ${top_srcdir}/test/logadminkey-private.pem -out ${top_srcdir}/test/catlfish-test.cfg.sig ${top_srcdir}/test/catlfish-test.cfg
for machine in ${MACHINES}; do \
${top_srcdir}/tools/compileconfig.py --config ${top_srcdir}/test/catlfish-test.cfg --localconfig ${top_srcdir}/test/catlfish-test-local-${machine}.cfg
mkdir -p machine/machine-${machine}/db