summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMagnus Ahltorp <map@kth.se>2015-03-02 19:11:16 +0100
committerMagnus Ahltorp <map@kth.se>2015-03-02 19:11:16 +0100
commit06987aac6ea50e40915a59c0d3d52c84ae7e5498 (patch)
tree94b679858381f7aced32d5a1e9d390631315ad90
parent22b4bb12df2afc9b99ba3b790eff35973ccc629c (diff)
Move to external signing
-rw-r--r--Makefile6
-rw-r--r--test/config/frontend-1.config8
-rw-r--r--test/config/privatekeys/signing-1-private.pem5
-rw-r--r--test/config/publickeys/signing-1.pem4
-rw-r--r--test/config/signing-1.config35
5 files changed, 53 insertions, 5 deletions
diff --git a/Makefile b/Makefile
index 5b2cf9e..d124325 100644
--- a/Makefile
+++ b/Makefile
@@ -32,8 +32,10 @@ tests-prepare:
mkdir -p test/nodes/frontend-1/log
mkdir -p test/nodes/storage-1/log
mkdir -p test/nodes/storage-2/log
+ mkdir -p test/nodes/signing-1/log
cp test/config/frontend-1.config rel
cp test/config/storage-1.config rel
+ cp test/config/signing-1.config rel
cp -r test/config/privatekeys rel
cp -r test/config/publickeys rel
rm -r rel/tests || true
@@ -44,8 +46,8 @@ tests-prepare:
touch rel/tests/machine/machine-1/db/index
touch rel/tests/machine/machine-1/db/newentries
-NODES=frontend-1 storage-1
-TESTURLS=https://127.0.0.1:8080/ https://127.0.0.1:8081/ https://127.0.0.1:8082/
+NODES=frontend-1 storage-1 signing-1
+TESTURLS=https://127.0.0.1:8080/ https://127.0.0.1:8081/ https://127.0.0.1:8082/ https://127.0.0.1:8088/
tests-start:
@for node in $(NODES); do \
diff --git a/test/config/frontend-1.config b/test/config/frontend-1.config
index 2ae1904..585efd8 100644
--- a/test/config/frontend-1.config
+++ b/test/config/frontend-1.config
@@ -33,10 +33,10 @@
{storage_nodes, ["https://127.0.0.1:8081/ct/storage/"]},
{storage_nodes_quorum, 1},
{publickey_path, "publickeys"},
- {services, [ht, sign]},
- {log_private_key, "test/eckey.pem"},
+ {services, [ht]},
{log_public_key, "test/eckey-public.pem"},
{own_key, {"frontend-1", "privatekeys/frontend-1-private.pem"}},
+ {signing_node, "https://127.0.0.1:8088/ct/signing/"},
{allowed_clients, [{"/ct/frontend/sendentry", ["merge-1"]},
{"/ct/frontend/sendlog", ["merge-1"]},
{"/ct/frontend/sendsth", ["merge-1"]},
@@ -52,6 +52,8 @@
{"/ct/v1/get-roots", noauth}
]},
{allowed_servers, [{"/ct/storage/sendentry", ["storage-1"]},
- {"/ct/storage/entrycommitted", ["storage-1"]}
+ {"/ct/storage/entrycommitted", ["storage-1"]},
+ {"/ct/signing/sct", ["signing-1"]},
+ {"/ct/signing/sth", ["signing-1"]}
]}
]}].
diff --git a/test/config/privatekeys/signing-1-private.pem b/test/config/privatekeys/signing-1-private.pem
new file mode 100644
index 0000000..0c9f1ac
--- /dev/null
+++ b/test/config/privatekeys/signing-1-private.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEICQ+kchWtj3ZwGhzz+QkKl/CM0fsfQCDtI+1Cb3GID+moAoGCCqGSM49
+AwEHoUQDQgAEeVsqn8x1CWv4BK9+o6qQqVt+lQ7+dI6VoiwwNOT2CAvocdYHzzqW
+2/dstQZIiYSdUw1SWQMR+7fTTRDZh5bDoQ==
+-----END EC PRIVATE KEY-----
diff --git a/test/config/publickeys/signing-1.pem b/test/config/publickeys/signing-1.pem
new file mode 100644
index 0000000..cc5f472
--- /dev/null
+++ b/test/config/publickeys/signing-1.pem
@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEeVsqn8x1CWv4BK9+o6qQqVt+lQ7+
+dI6VoiwwNOT2CAvocdYHzzqW2/dstQZIiYSdUw1SWQMR+7fTTRDZh5bDoQ==
+-----END PUBLIC KEY-----
diff --git a/test/config/signing-1.config b/test/config/signing-1.config
new file mode 100644
index 0000000..3b553a4
--- /dev/null
+++ b/test/config/signing-1.config
@@ -0,0 +1,35 @@
+%% catlfish configuration file (-*- erlang -*-)
+
+[{sasl,
+ [{sasl_error_logger, false},
+ {errlog_type, error},
+ {error_logger_mf_dir, "log"},
+ {error_logger_mf_maxbytes, 10485760}, % 10 MB
+ {error_logger_mf_maxfiles, 10}]},
+ {catlfish,
+ [{known_roots_path, "known_roots"},
+ {https_servers,
+ [{signing_https_api, "127.0.0.1", 8088, signing}
+ ]},
+ {https_certfile, "catlfish/webroot/certs/webcert.pem"},
+ {https_keyfile, "catlfish/webroot/keys/webkey.pem"},
+ {https_cacertfile, "catlfish/webroot/certs/webcert.pem"}
+ ]},
+ {lager,
+ [{handlers,
+ [{lager_console_backend, info},
+ {lager_file_backend, [{file, "signing-1-error.log"}, {level, error}]},
+ {lager_file_backend, [{file, "signing-1-debug.log"}, {level, debug}]},
+ {lager_file_backend, [{file, "signing-1-console.log"}, {level, info}]}
+ ]}
+ ]},
+ {plop,
+ [{publickey_path, "publickeys"},
+ {services, [sign]},
+ {log_private_key, "test/eckey.pem"},
+ {log_public_key, "test/eckey-public.pem"},
+ {own_key, {"signing-1", "privatekeys/signing-1-private.pem"}},
+ {allowed_clients, [{"/ct/signing/sct", ["frontend-1"]},
+ {"/ct/signing/sth", ["frontend-1"]}
+ ]}
+ ]}].