From 06987aac6ea50e40915a59c0d3d52c84ae7e5498 Mon Sep 17 00:00:00 2001 From: Magnus Ahltorp Date: Mon, 2 Mar 2015 19:11:16 +0100 Subject: Move to external signing --- Makefile | 6 +++-- test/config/frontend-1.config | 8 +++--- test/config/privatekeys/signing-1-private.pem | 5 ++++ test/config/publickeys/signing-1.pem | 4 +++ test/config/signing-1.config | 35 +++++++++++++++++++++++++++ 5 files changed, 53 insertions(+), 5 deletions(-) create mode 100644 test/config/privatekeys/signing-1-private.pem create mode 100644 test/config/publickeys/signing-1.pem create mode 100644 test/config/signing-1.config diff --git a/Makefile b/Makefile index 5b2cf9e..d124325 100644 --- a/Makefile +++ b/Makefile @@ -32,8 +32,10 @@ tests-prepare: mkdir -p test/nodes/frontend-1/log mkdir -p test/nodes/storage-1/log mkdir -p test/nodes/storage-2/log + mkdir -p test/nodes/signing-1/log cp test/config/frontend-1.config rel cp test/config/storage-1.config rel + cp test/config/signing-1.config rel cp -r test/config/privatekeys rel cp -r test/config/publickeys rel rm -r rel/tests || true @@ -44,8 +46,8 @@ tests-prepare: touch rel/tests/machine/machine-1/db/index touch rel/tests/machine/machine-1/db/newentries -NODES=frontend-1 storage-1 -TESTURLS=https://127.0.0.1:8080/ https://127.0.0.1:8081/ https://127.0.0.1:8082/ +NODES=frontend-1 storage-1 signing-1 +TESTURLS=https://127.0.0.1:8080/ https://127.0.0.1:8081/ https://127.0.0.1:8082/ https://127.0.0.1:8088/ tests-start: @for node in $(NODES); do \ diff --git a/test/config/frontend-1.config b/test/config/frontend-1.config index 2ae1904..585efd8 100644 --- a/test/config/frontend-1.config +++ b/test/config/frontend-1.config @@ -33,10 +33,10 @@ {storage_nodes, ["https://127.0.0.1:8081/ct/storage/"]}, {storage_nodes_quorum, 1}, {publickey_path, "publickeys"}, - {services, [ht, sign]}, - {log_private_key, "test/eckey.pem"}, + {services, [ht]}, {log_public_key, "test/eckey-public.pem"}, {own_key, {"frontend-1", "privatekeys/frontend-1-private.pem"}}, + {signing_node, "https://127.0.0.1:8088/ct/signing/"}, {allowed_clients, [{"/ct/frontend/sendentry", ["merge-1"]}, {"/ct/frontend/sendlog", ["merge-1"]}, {"/ct/frontend/sendsth", ["merge-1"]}, @@ -52,6 +52,8 @@ {"/ct/v1/get-roots", noauth} ]}, {allowed_servers, [{"/ct/storage/sendentry", ["storage-1"]}, - {"/ct/storage/entrycommitted", ["storage-1"]} + {"/ct/storage/entrycommitted", ["storage-1"]}, + {"/ct/signing/sct", ["signing-1"]}, + {"/ct/signing/sth", ["signing-1"]} ]} ]}]. diff --git a/test/config/privatekeys/signing-1-private.pem b/test/config/privatekeys/signing-1-private.pem new file mode 100644 index 0000000..0c9f1ac --- /dev/null +++ b/test/config/privatekeys/signing-1-private.pem @@ -0,0 +1,5 @@ +-----BEGIN EC PRIVATE KEY----- +MHcCAQEEICQ+kchWtj3ZwGhzz+QkKl/CM0fsfQCDtI+1Cb3GID+moAoGCCqGSM49 +AwEHoUQDQgAEeVsqn8x1CWv4BK9+o6qQqVt+lQ7+dI6VoiwwNOT2CAvocdYHzzqW +2/dstQZIiYSdUw1SWQMR+7fTTRDZh5bDoQ== +-----END EC PRIVATE KEY----- diff --git a/test/config/publickeys/signing-1.pem b/test/config/publickeys/signing-1.pem new file mode 100644 index 0000000..cc5f472 --- /dev/null +++ b/test/config/publickeys/signing-1.pem @@ -0,0 +1,4 @@ +-----BEGIN PUBLIC KEY----- +MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEeVsqn8x1CWv4BK9+o6qQqVt+lQ7+ +dI6VoiwwNOT2CAvocdYHzzqW2/dstQZIiYSdUw1SWQMR+7fTTRDZh5bDoQ== +-----END PUBLIC KEY----- diff --git a/test/config/signing-1.config b/test/config/signing-1.config new file mode 100644 index 0000000..3b553a4 --- /dev/null +++ b/test/config/signing-1.config @@ -0,0 +1,35 @@ +%% catlfish configuration file (-*- erlang -*-) + +[{sasl, + [{sasl_error_logger, false}, + {errlog_type, error}, + {error_logger_mf_dir, "log"}, + {error_logger_mf_maxbytes, 10485760}, % 10 MB + {error_logger_mf_maxfiles, 10}]}, + {catlfish, + [{known_roots_path, "known_roots"}, + {https_servers, + [{signing_https_api, "127.0.0.1", 8088, signing} + ]}, + {https_certfile, "catlfish/webroot/certs/webcert.pem"}, + {https_keyfile, "catlfish/webroot/keys/webkey.pem"}, + {https_cacertfile, "catlfish/webroot/certs/webcert.pem"} + ]}, + {lager, + [{handlers, + [{lager_console_backend, info}, + {lager_file_backend, [{file, "signing-1-error.log"}, {level, error}]}, + {lager_file_backend, [{file, "signing-1-debug.log"}, {level, debug}]}, + {lager_file_backend, [{file, "signing-1-console.log"}, {level, info}]} + ]} + ]}, + {plop, + [{publickey_path, "publickeys"}, + {services, [sign]}, + {log_private_key, "test/eckey.pem"}, + {log_public_key, "test/eckey-public.pem"}, + {own_key, {"signing-1", "privatekeys/signing-1-private.pem"}}, + {allowed_clients, [{"/ct/signing/sct", ["frontend-1"]}, + {"/ct/signing/sth", ["frontend-1"]} + ]} + ]}]. -- cgit v1.1