Home Explore Help
Register Sign In
RISCI_ATOM
/
ucert
mirror of https://git.openwrt.org/project/ucert.git
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

add cram based unit tests

For improved QA etc. for the start with initial test case for dump
command.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar 4 years ago
parent
5fe64b5606
commit
4462ff9ded
6 changed files with 114 additions and 0 deletions
Split View Show Diff Stats
  1. 14 0
      CMakeLists.txt
  2. 14 0
      tests/CMakeLists.txt
  3. 21 0
      tests/cram/CMakeLists.txt
  4. BIN
      tests/cram/inputs/invalid.ucert
  5. BIN
      tests/cram/inputs/key-build.ucert
  6. 65 0
      tests/cram/test_ucert.t

+ 14 - 0
CMakeLists.txt
View File 

@@ -19,6 +19,14 @@ FIND_LIBRARY(ubox NAMES ubox)
 
 FIND_LIBRARY(blobmsg_json NAMES blobmsg_json)
 
 FIND_LIBRARY(json NAMES json-c json)
 
 
+MACRO(ADD_UNIT_TEST_SAN name)
 
+	ADD_EXECUTABLE(${name}-san ${name}.c)
 
+	TARGET_COMPILE_OPTIONS(${name}-san PRIVATE -g -fno-omit-frame-pointer -fsanitize=undefined,address,leak -fno-sanitize-recover=all)
 
+	TARGET_LINK_OPTIONS(${name}-san PRIVATE -fsanitize=undefined,address,leak)
 
+	TARGET_LINK_LIBRARIES(${name}-san ucert_lib ${ubox} ${blobmsg_json} ${json})
 
+	TARGET_INCLUDE_DIRECTORIES(${name}-san PRIVATE ${PROJECT_SOURCE_DIR})
 
+ENDMACRO(ADD_UNIT_TEST_SAN)
 
+
 
 IF(UCERT_HOST_BUILD)
 
 	ADD_DEFINITIONS(-DUCERT_HOST_BUILD)
 
 ENDIF()
 
@@ -39,4 +47,10 @@ ELSE()
 
 	TARGET_LINK_LIBRARIES(ucert ucert_lib ${ubox})
 
 ENDIF()
 
 
+IF(UNIT_TESTING)
 
+	ENABLE_TESTING()
 
+	ADD_SUBDIRECTORY(tests)
 
+	ADD_UNIT_TEST_SAN(ucert)
 
+ENDIF()
 
+
 
 INSTALL(TARGETS ucert RUNTIME DESTINATION bin)

+ 14 - 0
tests/CMakeLists.txt
View File 

@@ -0,0 +1,14 @@
 
+ADD_SUBDIRECTORY(cram)
 
+
 
+MACRO(ADD_UNIT_TEST name)
 
+  ADD_EXECUTABLE(${name} ${name}.c)
 
+  TARGET_LINK_LIBRARIES(${name} ubox blobmsg_json ${json})
 
+  TARGET_INCLUDE_DIRECTORIES(${name} PRIVATE ${PROJECT_SOURCE_DIR})
 
+ENDMACRO(ADD_UNIT_TEST)
 
+
 
+FILE(GLOB test_cases "test-*.c")
 
+FOREACH(test_case ${test_cases})
 
+  GET_FILENAME_COMPONENT(test_case ${test_case} NAME_WE)
 
+  ADD_UNIT_TEST(${test_case})
 
+  ADD_UNIT_TEST_SAN(${test_case})
 
+ENDFOREACH(test_case)

+ 21 - 0
tests/cram/CMakeLists.txt
View File 

@@ -0,0 +1,21 @@
 
+FIND_PACKAGE(PythonInterp 3 REQUIRED)
 
+FILE(GLOB test_cases "test_*.t")
 
+
 
+SET(PYTHON_VENV_DIR "${CMAKE_CURRENT_BINARY_DIR}/.venv")
 
+SET(PYTHON_VENV_PIP "${PYTHON_VENV_DIR}/bin/pip")
 
+SET(PYTHON_VENV_CRAM "${PYTHON_VENV_DIR}/bin/cram")
 
+
 
+ADD_CUSTOM_COMMAND(
 
+	OUTPUT ${PYTHON_VENV_CRAM}
 
+	COMMAND ${PYTHON_EXECUTABLE} -m venv ${PYTHON_VENV_DIR}
 
+	COMMAND ${PYTHON_VENV_PIP} install cram
 
+)
 
+ADD_CUSTOM_TARGET(prepare-cram-venv ALL DEPENDS ${PYTHON_VENV_CRAM})
 
+
 
+ADD_TEST(
 
+	NAME cram
 
+	COMMAND ${PYTHON_VENV_CRAM} ${test_cases}
 
+	WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
 
+)
 
+
 
+SET_PROPERTY(TEST cram APPEND PROPERTY ENVIRONMENT "TEST_BIN_DIR=$<TARGET_FILE_DIR:ucert>")

BIN
tests/cram/inputs/invalid.ucert
View File


BIN
tests/cram/inputs/key-build.ucert
View File


+ 65 - 0
tests/cram/test_ucert.t
View File 

@@ -0,0 +1,65 @@
 
+check that ucert is producing expected results:
 
+
 
+  $ [ -n "$TEST_BIN_DIR" ] && export PATH="$TEST_BIN_DIR:$PATH"
 
+  $ export TEST_INPUTS="$TESTDIR/inputs"
 
+  $ alias ucert='valgrind --quiet --leak-check=full ucert'
 
+
 
+  $ ucert
 
+  Usage: ucert <command> <options>
 
+  Commands:
 
+    -A:\t\t\tappend signature (needs -c and -x) (esc)
 
+    -D:\t\t\tdump (needs -c) (esc)
 
+    -I:\t\t\tissue cert and revoker (needs -c and -p and -s) (esc)
 
+    -R:\t\t\tprocess revoker certificate (needs -c and -P) (esc)
 
+    -V:\t\t\tverify (needs -c and -p|-P, may have -m) (esc)
 
+  Options:
 
+    -c <file>:\t\tcertificate file (esc)
 
+    -m <file>:\t\tmessage file (verify only) (esc)
 
+    -p <file>:\t\tpublic key file (esc)
 
+    -P <path>:\t\tpublic key directory (verify only) (esc)
 
+    -q:\t\t\tquiet (do not print verification result, use return code only) (esc)
 
+    -s <file>:\t\tsecret key file (issue only) (esc)
 
+    -x <file>:\t\tsignature file (append only) (esc)
 
+  
+  [1]
 
+
 
+  $ ucert -D -c $TEST_INPUTS/key-build.ucert
 
+  === CHAIN ELEMENT 01 ===
 
+  signature:
 
+  ---
 
+  untrusted comment: signed by key 84bfc88a17166577
 
+  RWSEv8iKFxZld+bQ+NTqCdDlHOuVYNw5Qw7Q8shjfMgFJcTqrzaqO0bysjIQhTadmcwvWiWvHlyMcwAXSix2BYdfghz/zhDjvgU=
 
+  ---
 
+  payload:
 
+  ---
 
+  "ucert": {
 
+  \t"certtype": 1, (esc)
 
+  \t"validfrom": 1546188410, (esc)
 
+  \t"expiresat": 1577724410, (esc)
 
+  \t"pubkey": "untrusted comment: Local build key\\nRWSEv8iKFxZld6vicE1icWhYNfEV9PM7C9MKUKl+YNEKB+PdAWGDF5Z9\\n" (esc)
 
+  }
 
+  ---
 
+  $ ucert-san -D -c $TEST_INPUTS/key-build.ucert
 
+  === CHAIN ELEMENT 01 ===
 
+  signature:
 
+  ---
 
+  untrusted comment: signed by key 84bfc88a17166577
 
+  RWSEv8iKFxZld+bQ+NTqCdDlHOuVYNw5Qw7Q8shjfMgFJcTqrzaqO0bysjIQhTadmcwvWiWvHlyMcwAXSix2BYdfghz/zhDjvgU=
 
+  ---
 
+  payload:
 
+  ---
 
+  "ucert": {
 
+  \t"certtype": 1, (esc)
 
+  \t"validfrom": 1546188410, (esc)
 
+  \t"expiresat": 1577724410, (esc)
 
+  \t"pubkey": "untrusted comment: Local build key\\nRWSEv8iKFxZld6vicE1icWhYNfEV9PM7C9MKUKl+YNEKB+PdAWGDF5Z9\\n" (esc)
 
+  }
 
+  ---
 
+
 
+  $ ucert -D -c $TEST_INPUTS/invalid.ucert
 
+  cert_dump(406): cannot parse cert
 
+  [1]
 
+
 
+  $ ucert-san -D -c $TEST_INPUTS/invalid.ucert
 
+  cert_dump(406): cannot parse cert
 
+  [1]