summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xtools/testcase1.py113
1 files changed, 62 insertions, 51 deletions
diff --git a/tools/testcase1.py b/tools/testcase1.py
index dc62d17..7b3229d 100755
--- a/tools/testcase1.py
+++ b/tools/testcase1.py
@@ -14,7 +14,7 @@ import hashlib
import itertools
from certtools import *
-baseurl = "https://127.0.0.1:8080/"
+baseurls = ["https://127.0.0.1:8080/"]
certfiles = ["testcerts/cert1.txt", "testcerts/cert2.txt",
"testcerts/cert3.txt", "testcerts/cert4.txt",
"testcerts/cert5.txt"]
@@ -51,7 +51,7 @@ def assert_equal(actual, expected, name, quiet=False, nodata=False):
elif not quiet:
print_success("%s was correct", name)
-def print_and_check_tree_size(expected):
+def print_and_check_tree_size(expected, baseurl):
global failures
sth = get_sth(baseurl)
try:
@@ -61,9 +61,9 @@ def print_and_check_tree_size(expected):
except ecdsa.keys.BadSignatureError, e:
print_error("bad STH signature")
tree_size = sth["tree_size"]
- assert_equal(tree_size, expected, "tree size")
+ assert_equal(tree_size, expected, "tree size", quiet=True)
-def do_add_chain(chain):
+def do_add_chain(chain, baseurl):
global failures
try:
result = add_chain(baseurl, {"chain":map(base64.b64encode, chain)})
@@ -75,11 +75,12 @@ def do_add_chain(chain):
except AssertionError, e:
print_error("%s", e)
except ecdsa.keys.BadSignatureError, e:
+ print e
print_error("bad SCT signature")
print_success("signature check succeeded")
return result
-def get_and_validate_proof(timestamp, chain, leaf_index, nentries):
+def get_and_validate_proof(timestamp, chain, leaf_index, nentries, baseurl):
cert = chain[0]
merkle_tree_leaf = pack_mtl(timestamp, cert)
leaf_hash = get_leaf_hash(merkle_tree_leaf)
@@ -87,31 +88,31 @@ def get_and_validate_proof(timestamp, chain, leaf_index, nentries):
proof = get_proof_by_hash(baseurl, leaf_hash, sth["tree_size"])
leaf_index = proof["leaf_index"]
inclusion_proof = [base64.b64decode(e) for e in proof["audit_path"]]
- assert_equal(leaf_index, leaf_index, "leaf_index")
- assert_equal(len(inclusion_proof), nentries, "audit_path length")
+ assert_equal(leaf_index, leaf_index, "leaf_index", quiet=True)
+ assert_equal(len(inclusion_proof), nentries, "audit_path length", quiet=True)
calc_root_hash = verify_inclusion_proof(inclusion_proof, leaf_index, sth["tree_size"], leaf_hash)
root_hash = base64.b64decode(sth["sha256_root_hash"])
- assert_equal(root_hash, calc_root_hash, "verified root hash", nodata=True)
- get_and_check_entry(timestamp, chain, leaf_index)
+ assert_equal(root_hash, calc_root_hash, "verified root hash", nodata=True, quiet=True)
+ get_and_check_entry(timestamp, chain, leaf_index, baseurl)
-def get_and_validate_consistency_proof(sth1, sth2, size1, size2):
+def get_and_validate_consistency_proof(sth1, sth2, size1, size2, baseurl):
consistency_proof = [base64.decodestring(entry) for entry in get_consistency_proof(baseurl, size1, size2)]
(old_treehead, new_treehead) = verify_consistency_proof(consistency_proof, size1, size2, sth1)
#print repr(sth1), repr(old_treehead)
#print repr(sth2), repr(new_treehead)
- assert_equal(old_treehead, sth1, "sth1", nodata=True)
- assert_equal(new_treehead, sth2, "sth2", nodata=True)
+ assert_equal(old_treehead, sth1, "sth1", nodata=True, quiet=True)
+ assert_equal(new_treehead, sth2, "sth2", nodata=True, quiet=True)
-def get_and_check_entry(timestamp, chain, leaf_index):
+def get_and_check_entry(timestamp, chain, leaf_index, baseurl):
entries = get_entries(baseurl, leaf_index, leaf_index)
assert_equal(len(entries), 1, "get_entries", quiet=True)
fetched_entry = entries["entries"][0]
merkle_tree_leaf = pack_mtl(timestamp, chain[0])
leaf_input = base64.decodestring(fetched_entry["leaf_input"])
- assert_equal(leaf_input, merkle_tree_leaf, "entry", nodata=True)
+ assert_equal(leaf_input, merkle_tree_leaf, "entry", nodata=True, quiet=True)
extra_data = base64.decodestring(fetched_entry["extra_data"])
certchain = decode_certificate_chain(extra_data)
@@ -119,7 +120,7 @@ def get_and_check_entry(timestamp, chain, leaf_index):
for (submittedcert, fetchedcert, i) in zip(submittedcertchain,
certchain, itertools.count(1)):
- assert_equal(fetchedcert, submittedcert, "cert %d in chain" % (i,))
+ assert_equal(fetchedcert, submittedcert, "cert %d in chain" % (i,), quiet=True)
if len(certchain) == len(submittedcertchain) + 1:
last_issuer = get_cert_info(submittedcertchain[-1])["issuer"]
@@ -137,106 +138,116 @@ def get_and_check_entry(timestamp, chain, leaf_index):
len(submittedcertchain))
def merge():
- return subprocess.call(["./merge.py", "--baseurl", "https://127.0.0.1:8080/", "--frontend", "https://127.0.0.1:8082/", "--storage", "https://127.0.0.1:8081/", "--mergedb", "../rel/mergedb", "--signing", "https://127.0.0.1:8088/", "--own-keyname", "merge-1", "--own-keyfile", "../rel/privatekeys/merge-1-private.pem"])
+ return subprocess.call(["./merge.py", "--baseurl", "https://127.0.0.1:8080/",
+ "--frontend", "https://127.0.0.1:8082/", "--storage", "https://127.0.0.1:8081/",
+ "--mergedb", "../rel/mergedb", "--signing", "https://127.0.0.1:8088/",
+ "--own-keyname", "merge-1", "--own-keyfile", "../rel/privatekeys/merge-1-private.pem"])
mergeresult = merge()
assert_equal(mergeresult, 0, "merge", quiet=True)
-print_and_check_tree_size(0)
+for baseurl in baseurls:
+ print_and_check_tree_size(0, baseurl)
testgroup("cert1")
-result1 = do_add_chain(cc1)
+result1 = do_add_chain(cc1, baseurls[0])
mergeresult = merge()
assert_equal(mergeresult, 0, "merge", quiet=True)
size_sth = {}
-print_and_check_tree_size(1)
-size_sth[1] = base64.b64decode(get_sth(baseurl)["sha256_root_hash"])
+for baseurl in baseurls:
+ print_and_check_tree_size(1, baseurl)
+size_sth[1] = base64.b64decode(get_sth(baseurls[0])["sha256_root_hash"])
-result2 = do_add_chain(cc1)
+result2 = do_add_chain(cc1, baseurls[0])
assert_equal(result2["timestamp"], result1["timestamp"], "timestamp")
mergeresult = merge()
assert_equal(mergeresult, 0, "merge", quiet=True)
-print_and_check_tree_size(1)
-size1_v2_sth = base64.b64decode(get_sth(baseurl)["sha256_root_hash"])
+for baseurl in baseurls:
+ print_and_check_tree_size(1, baseurl)
+size1_v2_sth = base64.b64decode(get_sth(baseurls[0])["sha256_root_hash"])
assert_equal(size_sth[1], size1_v2_sth, "sth", nodata=True)
# TODO: add invalid cert and check that it generates an error
# and that treesize still is 1
-get_and_validate_proof(result1["timestamp"], cc1, 0, 0)
+get_and_validate_proof(result1["timestamp"], cc1, 0, 0, baseurls[0])
testgroup("cert2")
-result3 = do_add_chain(cc2)
+result3 = do_add_chain(cc2, baseurls[0])
mergeresult = merge()
assert_equal(mergeresult, 0, "merge", quiet=True)
-print_and_check_tree_size(2)
-size_sth[2] = base64.b64decode(get_sth(baseurl)["sha256_root_hash"])
+for baseurl in baseurls:
+ print_and_check_tree_size(2, baseurl)
+size_sth[2] = base64.b64decode(get_sth(baseurls[0])["sha256_root_hash"])
-get_and_validate_proof(result1["timestamp"], cc1, 0, 1)
-get_and_validate_proof(result3["timestamp"], cc2, 1, 1)
+get_and_validate_proof(result1["timestamp"], cc1, 0, 1, baseurls[0])
+get_and_validate_proof(result3["timestamp"], cc2, 1, 1, baseurls[0])
testgroup("cert3")
-result4 = do_add_chain(cc3)
+result4 = do_add_chain(cc3, baseurls[0])
mergeresult = merge()
assert_equal(mergeresult, 0, "merge", quiet=True)
-print_and_check_tree_size(3)
-size_sth[3] = base64.b64decode(get_sth(baseurl)["sha256_root_hash"])
+for baseurl in baseurls:
+ print_and_check_tree_size(3, baseurl)
+size_sth[3] = base64.b64decode(get_sth(baseurls[0])["sha256_root_hash"])
-get_and_validate_proof(result1["timestamp"], cc1, 0, 2)
-get_and_validate_proof(result3["timestamp"], cc2, 1, 2)
-get_and_validate_proof(result4["timestamp"], cc3, 2, 1)
+get_and_validate_proof(result1["timestamp"], cc1, 0, 2, baseurls[0])
+get_and_validate_proof(result3["timestamp"], cc2, 1, 2, baseurls[0])
+get_and_validate_proof(result4["timestamp"], cc3, 2, 1, baseurls[0])
testgroup("cert4")
-result5 = do_add_chain(cc4)
+result5 = do_add_chain(cc4, baseurls[0])
mergeresult = merge()
assert_equal(mergeresult, 0, "merge", quiet=True)
-print_and_check_tree_size(4)
-size_sth[4] = base64.b64decode(get_sth(baseurl)["sha256_root_hash"])
+for baseurl in baseurls:
+ print_and_check_tree_size(4, baseurl)
+size_sth[4] = base64.b64decode(get_sth(baseurls[0])["sha256_root_hash"])
-get_and_validate_proof(result1["timestamp"], cc1, 0, 2)
-get_and_validate_proof(result3["timestamp"], cc2, 1, 2)
-get_and_validate_proof(result4["timestamp"], cc3, 2, 2)
-get_and_validate_proof(result5["timestamp"], cc4, 3, 2)
+get_and_validate_proof(result1["timestamp"], cc1, 0, 2, baseurls[0])
+get_and_validate_proof(result3["timestamp"], cc2, 1, 2, baseurls[0])
+get_and_validate_proof(result4["timestamp"], cc3, 2, 2, baseurls[0])
+get_and_validate_proof(result5["timestamp"], cc4, 3, 2, baseurls[0])
testgroup("cert5")
-result6 = do_add_chain(cc5)
+result6 = do_add_chain(cc5, baseurls[0])
mergeresult = merge()
assert_equal(mergeresult, 0, "merge", quiet=True)
-print_and_check_tree_size(5)
-size_sth[5] = base64.b64decode(get_sth(baseurl)["sha256_root_hash"])
+for baseurl in baseurls:
+ print_and_check_tree_size(5, baseurl)
+size_sth[5] = base64.b64decode(get_sth(baseurls[0])["sha256_root_hash"])
-get_and_validate_proof(result1["timestamp"], cc1, 0, 3)
-get_and_validate_proof(result3["timestamp"], cc2, 1, 3)
-get_and_validate_proof(result4["timestamp"], cc3, 2, 3)
-get_and_validate_proof(result5["timestamp"], cc4, 3, 3)
-get_and_validate_proof(result6["timestamp"], cc5, 4, 1)
+get_and_validate_proof(result1["timestamp"], cc1, 0, 3, baseurls[0])
+get_and_validate_proof(result3["timestamp"], cc2, 1, 3, baseurls[0])
+get_and_validate_proof(result4["timestamp"], cc3, 2, 3, baseurls[0])
+get_and_validate_proof(result5["timestamp"], cc4, 3, 3, baseurls[0])
+get_and_validate_proof(result6["timestamp"], cc5, 4, 1, baseurls[0])
mergeresult = merge()
assert_equal(mergeresult, 0, "merge", quiet=True)
for first_size in range(1, 5):
for second_size in range(first_size + 1, 6):
- get_and_validate_consistency_proof(size_sth[first_size], size_sth[second_size], first_size, second_size)
+ get_and_validate_consistency_proof(size_sth[first_size], size_sth[second_size], first_size, second_size, baseurls[0])
print "-------"
if failures: