diff options
| author | Linus Nordberg <linus@nordu.net> | 2014-05-02 18:21:47 +0200 |
|---|---|---|
| committer | Linus Nordberg <linus@nordu.net> | 2014-05-02 18:21:47 +0200 |
| commit | df6fca69a7d9bb11d7c6116a9cc4062a6e5e040d (patch) | |
| tree | ddb03b65a863384057696300bc756bd863621f59 /test | |
| parent | d1adbd1523f6d584fd9d060e4224ca07251aeb46 (diff) | |
Sign using ECDSA and fix a couple bugs.
Revive the plop_entry and hash over that instead of the full MTL, for
the db hash. We don't want the timestamp in that hash!
Use ECDSA instead of RSA for signing stuff. That's what Google does
and we want to use their test suites. An annoyance with DSA is that
the signature isn't deterministic. Testing just became less easy.
Fix db:find() now that the hash is no longer the primary key.
Diffstat (limited to 'test')
| -rw-r--r-- | test/eckey-public.pem | 4 | ||||
| -rw-r--r-- | test/eckey.pem | 8 | ||||
| -rw-r--r-- | test/plop_test.erl | 108 |
3 files changed, 51 insertions, 69 deletions
diff --git a/test/eckey-public.pem b/test/eckey-public.pem new file mode 100644 index 0000000..d952d7e --- /dev/null +++ b/test/eckey-public.pem @@ -0,0 +1,4 @@ +-----BEGIN PUBLIC KEY----- +MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE4qWq6afhBUi0OdcWUYhyJLNXTkGq +Q9PMS5lqoCgkV2h1ZvpNjBH2u8UbgcOQwqDo66z6BWQJGolozZYmNHE2kQ== +-----END PUBLIC KEY----- diff --git a/test/eckey.pem b/test/eckey.pem new file mode 100644 index 0000000..ed24cfa --- /dev/null +++ b/test/eckey.pem @@ -0,0 +1,8 @@ +-----BEGIN EC PARAMETERS----- +BggqhkjOPQMBBw== +-----END EC PARAMETERS----- +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEIMM/FjZ4FSzfENTTwGpTve6CP+IVrY7p8OKV634uJI/foAoGCCqGSM49 +AwEHoUQDQgAE4qWq6afhBUi0OdcWUYhyJLNXTkGqQ9PMS5lqoCgkV2h1ZvpNjBH2 +u8UbgcOQwqDo66z6BWQJGolozZYmNHE2kQ== +-----END EC PRIVATE KEY----- diff --git a/test/plop_test.erl b/test/plop_test.erl index 79dbbd3..cbbc85c 100644 --- a/test/plop_test.erl +++ b/test/plop_test.erl @@ -2,20 +2,20 @@ -include("plop.hrl"). -include_lib("eunit/include/eunit.hrl"). -start_stop_test_() -> - {"The server can be started, stopped and is regsitered", - {setup, fun start/0, fun stop/1, fun is_registered/1}}. +%% start_stop_test_() -> +%% {"The server can be started, stopped and is regsitered", +%% {setup, fun start/0, fun stop/1, fun is_registered/1}}. %% "Entries can be added and the STH changes." %% FIXME: This way, if a test fails, we don't stop plop. The tests %% must run and be validated in strict order though. adding_verifying_test() -> - Pid = start(), - add(0), - sth(0), - add(1), - %% sth(), - stop(Pid). + %%Pid = start(), + Pubkey = plop:testing_get_pubkey(), + add(0, Pubkey), + add(1, Pubkey), + sth(0, Pubkey). + %%stop(Pid). %%% Setup. start() -> @@ -31,49 +31,29 @@ is_registered(Pid) -> ?_assertEqual(Pid, whereis(plop))]. %%% Helpers. -add(0) -> - TestVector = - <<1,247,141,118,3,148,171,128,29,143,106,97,200,179,204,166,242,98,70,185,231, - 78,193,39,12,245,82,254,230,136,69,69,0,0,0,0,0,0,0,18,103,69,73,8,105,107, - 47,97,130,137,92,201,148,11,68,203,103,216,217,249,38,109,208,23,55,107,21, - 110,128,207,151,46,4,178,228,74,5,247,64,180,85,122,236,127,97,226,50,124, - 212,251,227,65,248,18,36,124,252,103,24,35,99,180,207,126,63,116,149,21,86, - 255,197,248,212,93,100,123,161,159,94,29,112,23,246,98,3,124,89,135,234,71, - 246,21,93,152,214,209,58,25,52,132,219,22,0,38,237,226,118,1,168,86,218,18, - 112,227,11,25,199,15,151,246,253,7,91,72,88,169,164,79,143,160,157,241,168, - 15,230,1,216,93,67,24,230,106,203,61,115,100,172,238,165,236,198,222,33,126, - 12,163,226,165,161,232,106,39,94,93,247,2,164,163,72,34,236,228,168,53,19, - 128,111,78,34,54,166,95,78,11,131,241,191,254,82,225,72,68,111,229,169,24,75, - 90,254,167,119,10,136,211,20,178,251,244,124,87,223,61,102,244,143,98,213,59, - 217,84,80,64,22,209,1,63,64,185,63,13,115,43,36,143,93,19,206,234,100,181, - 203,214,189,144,145,21,247,165,125,192,43,94,247,209,81,50,100>>, +add(0, Pubkey) -> + Msg = <<"some data">>, Entry = #timestamped_entry{timestamp = 4711, - entry_type = test, - entry = <<"some data">>}, + entry = #plop_entry{type = test, + data = Msg}}, SPT = plop:add(Entry), - ?assertEqual(TestVector, SPT); -add(1) -> - TestVector = - <<1,247,141,118,3,148,171,128,29,143,106,97,200,179,204,166,242,98,70,185,231, - 78,193,39,12,245,82,254,230,136,69,69,0,0,0,0,0,0,0,18,104,141,82,14,84,52, - 131,244,51,145,16,7,238,168,117,8,184,95,165,94,116,234,87,145,43,39,223,243, - 33,159,238,239,195,203,246,232,147,125,234,34,147,83,254,253,248,133,49,81, - 80,7,104,23,24,147,24,116,147,183,20,58,165,53,147,196,226,250,135,18,115, - 182,139,194,190,60,97,103,240,188,86,184,194,21,75,79,136,84,62,53,123,44, - 236,244,24,190,207,193,42,156,230,135,174,90,195,89,174,185,228,129,148,78, - 255,168,104,73,142,85,11,239,222,227,213,208,99,31,12,177,223,187,11,216,119, - 29,231,67,82,140,103,181,173,71,246,112,57,121,153,204,1,249,251,172,26,77, - 96,223,129,102,14,160,115,10,87,105,234,21,99,65,125,198,35,104,160,43,25,74, - 159,64,236,226,126,208,88,199,60,12,88,36,214,174,110,147,215,142,1,205,77, - 116,119,47,222,87,84,99,78,131,212,247,138,156,190,211,244,184,140,46,202,13, - 217,28,20,109,8,129,62,226,37,51,123,94,151,151,47,96,111,122,118,178,242,14, - 213,35,184,204,165,157,199,1,210,74,243,180,36,85,163,69,166,79,136>>, + <<Version:8, _LogID:256, Timestamp:64, Signature/binary>> = SPT, + Signed = <<1:8, 0:8, 4711:64, 2:16, Msg/binary>>, + ?assertEqual(1, Version), + ?assertEqual(4711, Timestamp), + ?assert(public_key:verify(Signed, sha256, Signature, Pubkey)); + +add(1, Pubkey) -> + Msg = <<"some more data">>, Entry = #timestamped_entry{timestamp = 4712, - entry_type = test, - entry = <<"some more data">>}, - SPT = plop:add(Entry), - %%io:format(element(2, file:open("foo", write)), "~p", [SPT]), - ?assertEqual(TestVector, SPT). + entry = #plop_entry{type = test, + data = Msg}}, + <<Version:8, _LogID:256, Timestamp:64, Signature/binary>> = plop:add(Entry), + Signed = <<1:8, 0:8, 4712:64, 2:16, Msg/binary>>, + ?assertEqual(1, Version), + ?assertEqual(4712, Timestamp), + ?assert(public_key:verify(Signed, sha256, Signature, Pubkey)). + %% add(2) -> %% TestVector = <<>>, %% %% Same data as in 0, should not result in new database entry. @@ -82,23 +62,13 @@ add(1) -> %% ?assertEqual(TestVector, SPT), %% ?assertEqual(fixme, fixme). -sth(0) -> - TestVector = - <<0,0,0,0,0,0,0,1,0,0,0,0,0,0,18,103,93,90,159,157,211,129,96,54,161,145,226, - 218,28,127,43,87,221,243,153,101,255,249,156,114,234,50,84,163,183,64,215, - 227,16,126,61,255,54,243,5,185,250,149,18,30,228,16,48,168,252,213,27,205, - 254,157,72,230,112,65,150,187,18,215,17,249,72,18,38,159,217,49,159,177,153, - 175,86,139,158,29,24,202,126,203,88,216,19,205,237,172,48,9,113,228,231,170, - 131,38,155,185,188,232,215,15,54,93,254,173,100,13,115,172,161,7,106,226,180, - 168,81,245,47,10,59,14,25,26,23,80,11,227,147,115,216,173,93,63,232,50,213, - 43,148,71,149,104,32,10,217,108,182,194,88,12,153,187,42,190,154,203,114,200, - 24,137,106,65,51,25,162,178,24,199,155,215,208,115,5,239,64,189,69,0,196,55, - 211,91,12,83,132,131,84,92,146,124,125,117,74,62,7,162,230,37,13,45,122,183, - 112,207,227,240,152,190,181,168,96,210,252,59,144,12,141,46,18,18,51,226,14, - 218,17,255,212,136,198,154,69,64,232,234,249,2,232,45,165,206,157,195,77,254, - 126,173,10,12,184,21,55,111,183,15,2,251,177,220,139,35,20,148,219,137,78, - 187,221,242,23,254,196,182,98,110,150,95,126,53,42,243,123,198,30,247,79,17, - 172,129>>, - STH = plop:sth(#sth{timestamp = 4711}), - io:format(element(2, file:open("testdata", write)), "~p", [STH]), - ?assertEqual(TestVector, STH). +sth(0, Pubkey) -> + STH = plop:sth(#sth{}), + %%io:format(element(2, file:open("testdata", write)), "~p", [STH]), + <<Treesize:64, + Timestamp:64, + Roothash:256, + Signature/binary>> = STH, + ?assertEqual(2, Treesize), + Data = <<1:8, 1:8, Timestamp:64, Treesize:64, Roothash:256>>, + ?assert(public_key:verify(Data, sha256, Signature, Pubkey)). |