From: Petr Štetiar Date: Mon, 16 Dec 2019 13:43:19 +0000 (+0100) Subject: add cram based unit tests X-Git-Url: https://git.librecmc.org/?p=oweals%2Fucert.git;a=commitdiff_plain;h=4462ff9dedfa030e19012ead8764998a945519b5 add cram based unit tests For improved QA etc. for the start with initial test case for dump command. Signed-off-by: Petr Štetiar --- diff --git a/CMakeLists.txt b/CMakeLists.txt index 443d79b..71c0059 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -19,6 +19,14 @@ FIND_LIBRARY(ubox NAMES ubox) FIND_LIBRARY(blobmsg_json NAMES blobmsg_json) FIND_LIBRARY(json NAMES json-c json) +MACRO(ADD_UNIT_TEST_SAN name) + ADD_EXECUTABLE(${name}-san ${name}.c) + TARGET_COMPILE_OPTIONS(${name}-san PRIVATE -g -fno-omit-frame-pointer -fsanitize=undefined,address,leak -fno-sanitize-recover=all) + TARGET_LINK_OPTIONS(${name}-san PRIVATE -fsanitize=undefined,address,leak) + TARGET_LINK_LIBRARIES(${name}-san ucert_lib ${ubox} ${blobmsg_json} ${json}) + TARGET_INCLUDE_DIRECTORIES(${name}-san PRIVATE ${PROJECT_SOURCE_DIR}) +ENDMACRO(ADD_UNIT_TEST_SAN) + IF(UCERT_HOST_BUILD) ADD_DEFINITIONS(-DUCERT_HOST_BUILD) ENDIF() @@ -39,4 +47,10 @@ ELSE() TARGET_LINK_LIBRARIES(ucert ucert_lib ${ubox}) ENDIF() +IF(UNIT_TESTING) + ENABLE_TESTING() + ADD_SUBDIRECTORY(tests) + ADD_UNIT_TEST_SAN(ucert) +ENDIF() + INSTALL(TARGETS ucert RUNTIME DESTINATION bin) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt new file mode 100644 index 0000000..efefc2e --- /dev/null +++ b/tests/CMakeLists.txt @@ -0,0 +1,14 @@ +ADD_SUBDIRECTORY(cram) + +MACRO(ADD_UNIT_TEST name) + ADD_EXECUTABLE(${name} ${name}.c) + TARGET_LINK_LIBRARIES(${name} ubox blobmsg_json ${json}) + TARGET_INCLUDE_DIRECTORIES(${name} PRIVATE ${PROJECT_SOURCE_DIR}) +ENDMACRO(ADD_UNIT_TEST) + +FILE(GLOB test_cases "test-*.c") +FOREACH(test_case ${test_cases}) + GET_FILENAME_COMPONENT(test_case ${test_case} NAME_WE) + ADD_UNIT_TEST(${test_case}) + ADD_UNIT_TEST_SAN(${test_case}) +ENDFOREACH(test_case) diff --git a/tests/cram/CMakeLists.txt b/tests/cram/CMakeLists.txt new file mode 100644 index 0000000..47247aa --- /dev/null +++ b/tests/cram/CMakeLists.txt @@ -0,0 +1,21 @@ +FIND_PACKAGE(PythonInterp 3 REQUIRED) +FILE(GLOB test_cases "test_*.t") + +SET(PYTHON_VENV_DIR "${CMAKE_CURRENT_BINARY_DIR}/.venv") +SET(PYTHON_VENV_PIP "${PYTHON_VENV_DIR}/bin/pip") +SET(PYTHON_VENV_CRAM "${PYTHON_VENV_DIR}/bin/cram") + +ADD_CUSTOM_COMMAND( + OUTPUT ${PYTHON_VENV_CRAM} + COMMAND ${PYTHON_EXECUTABLE} -m venv ${PYTHON_VENV_DIR} + COMMAND ${PYTHON_VENV_PIP} install cram +) +ADD_CUSTOM_TARGET(prepare-cram-venv ALL DEPENDS ${PYTHON_VENV_CRAM}) + +ADD_TEST( + NAME cram + COMMAND ${PYTHON_VENV_CRAM} ${test_cases} + WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR} +) + +SET_PROPERTY(TEST cram APPEND PROPERTY ENVIRONMENT "TEST_BIN_DIR=$") diff --git a/tests/cram/inputs/invalid.ucert b/tests/cram/inputs/invalid.ucert new file mode 100644 index 0000000..dbdeb72 Binary files /dev/null and b/tests/cram/inputs/invalid.ucert differ diff --git a/tests/cram/inputs/key-build.ucert b/tests/cram/inputs/key-build.ucert new file mode 100644 index 0000000..8b347b1 Binary files /dev/null and b/tests/cram/inputs/key-build.ucert differ diff --git a/tests/cram/test_ucert.t b/tests/cram/test_ucert.t new file mode 100644 index 0000000..985740d --- /dev/null +++ b/tests/cram/test_ucert.t @@ -0,0 +1,65 @@ +check that ucert is producing expected results: + + $ [ -n "$TEST_BIN_DIR" ] && export PATH="$TEST_BIN_DIR:$PATH" + $ export TEST_INPUTS="$TESTDIR/inputs" + $ alias ucert='valgrind --quiet --leak-check=full ucert' + + $ ucert + Usage: ucert + Commands: + -A:\t\t\tappend signature (needs -c and -x) (esc) + -D:\t\t\tdump (needs -c) (esc) + -I:\t\t\tissue cert and revoker (needs -c and -p and -s) (esc) + -R:\t\t\tprocess revoker certificate (needs -c and -P) (esc) + -V:\t\t\tverify (needs -c and -p|-P, may have -m) (esc) + Options: + -c :\t\tcertificate file (esc) + -m :\t\tmessage file (verify only) (esc) + -p :\t\tpublic key file (esc) + -P :\t\tpublic key directory (verify only) (esc) + -q:\t\t\tquiet (do not print verification result, use return code only) (esc) + -s :\t\tsecret key file (issue only) (esc) + -x :\t\tsignature file (append only) (esc) + + [1] + + $ ucert -D -c $TEST_INPUTS/key-build.ucert + === CHAIN ELEMENT 01 === + signature: + --- + untrusted comment: signed by key 84bfc88a17166577 + RWSEv8iKFxZld+bQ+NTqCdDlHOuVYNw5Qw7Q8shjfMgFJcTqrzaqO0bysjIQhTadmcwvWiWvHlyMcwAXSix2BYdfghz/zhDjvgU= + --- + payload: + --- + "ucert": { + \t"certtype": 1, (esc) + \t"validfrom": 1546188410, (esc) + \t"expiresat": 1577724410, (esc) + \t"pubkey": "untrusted comment: Local build key\\nRWSEv8iKFxZld6vicE1icWhYNfEV9PM7C9MKUKl+YNEKB+PdAWGDF5Z9\\n" (esc) + } + --- + $ ucert-san -D -c $TEST_INPUTS/key-build.ucert + === CHAIN ELEMENT 01 === + signature: + --- + untrusted comment: signed by key 84bfc88a17166577 + RWSEv8iKFxZld+bQ+NTqCdDlHOuVYNw5Qw7Q8shjfMgFJcTqrzaqO0bysjIQhTadmcwvWiWvHlyMcwAXSix2BYdfghz/zhDjvgU= + --- + payload: + --- + "ucert": { + \t"certtype": 1, (esc) + \t"validfrom": 1546188410, (esc) + \t"expiresat": 1577724410, (esc) + \t"pubkey": "untrusted comment: Local build key\\nRWSEv8iKFxZld6vicE1icWhYNfEV9PM7C9MKUKl+YNEKB+PdAWGDF5Z9\\n" (esc) + } + --- + + $ ucert -D -c $TEST_INPUTS/invalid.ucert + cert_dump(406): cannot parse cert + [1] + + $ ucert-san -D -c $TEST_INPUTS/invalid.ucert + cert_dump(406): cannot parse cert + [1]