chore: update vendor

This commit is contained in:
Mikaël Cluseau
2018-07-03 18:25:07 +11:00
parent ecb3e9c868
commit f91ae88876
211 changed files with 18789 additions and 46221 deletions

View File

@ -1,22 +1,12 @@
// Code generated by protoc-gen-go. DO NOT EDIT.
// source: multilog.proto
/*
Package configpb is a generated protocol buffer package.
It is generated from these files:
multilog.proto
It has these top-level messages:
TemporalLogConfig
LogShardConfig
*/
package configpb
import proto "github.com/golang/protobuf/proto"
import fmt "fmt"
import math "math"
import google_protobuf "github.com/golang/protobuf/ptypes/timestamp"
import timestamp "github.com/golang/protobuf/ptypes/timestamp"
// Reference imports to suppress errors if they are not otherwise used.
var _ = proto.Marshal
@ -32,13 +22,35 @@ const _ = proto.ProtoPackageIsVersion2 // please upgrade the proto package
// TemporalLogConfig is a set of LogShardConfig messages, whose
// time limits should be contiguous.
type TemporalLogConfig struct {
Shard []*LogShardConfig `protobuf:"bytes,1,rep,name=shard" json:"shard,omitempty"`
Shard []*LogShardConfig `protobuf:"bytes,1,rep,name=shard" json:"shard,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"`
XXX_sizecache int32 `json:"-"`
}
func (m *TemporalLogConfig) Reset() { *m = TemporalLogConfig{} }
func (m *TemporalLogConfig) String() string { return proto.CompactTextString(m) }
func (*TemporalLogConfig) ProtoMessage() {}
func (*TemporalLogConfig) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{0} }
func (m *TemporalLogConfig) Reset() { *m = TemporalLogConfig{} }
func (m *TemporalLogConfig) String() string { return proto.CompactTextString(m) }
func (*TemporalLogConfig) ProtoMessage() {}
func (*TemporalLogConfig) Descriptor() ([]byte, []int) {
return fileDescriptor_multilog_3c9b797b88da6f07, []int{0}
}
func (m *TemporalLogConfig) XXX_Unmarshal(b []byte) error {
return xxx_messageInfo_TemporalLogConfig.Unmarshal(m, b)
}
func (m *TemporalLogConfig) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
return xxx_messageInfo_TemporalLogConfig.Marshal(b, m, deterministic)
}
func (dst *TemporalLogConfig) XXX_Merge(src proto.Message) {
xxx_messageInfo_TemporalLogConfig.Merge(dst, src)
}
func (m *TemporalLogConfig) XXX_Size() int {
return xxx_messageInfo_TemporalLogConfig.Size(m)
}
func (m *TemporalLogConfig) XXX_DiscardUnknown() {
xxx_messageInfo_TemporalLogConfig.DiscardUnknown(m)
}
var xxx_messageInfo_TemporalLogConfig proto.InternalMessageInfo
func (m *TemporalLogConfig) GetShard() []*LogShardConfig {
if m != nil {
@ -56,17 +68,39 @@ type LogShardConfig struct {
// not_after_start defines the start of the range of acceptable NotAfter
// values, inclusive.
// Leaving this unset implies no lower bound to the range.
NotAfterStart *google_protobuf.Timestamp `protobuf:"bytes,3,opt,name=not_after_start,json=notAfterStart" json:"not_after_start,omitempty"`
NotAfterStart *timestamp.Timestamp `protobuf:"bytes,3,opt,name=not_after_start,json=notAfterStart" json:"not_after_start,omitempty"`
// not_after_limit defines the end of the range of acceptable NotAfter values,
// exclusive.
// Leaving this unset implies no upper bound to the range.
NotAfterLimit *google_protobuf.Timestamp `protobuf:"bytes,4,opt,name=not_after_limit,json=notAfterLimit" json:"not_after_limit,omitempty"`
NotAfterLimit *timestamp.Timestamp `protobuf:"bytes,4,opt,name=not_after_limit,json=notAfterLimit" json:"not_after_limit,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"`
XXX_sizecache int32 `json:"-"`
}
func (m *LogShardConfig) Reset() { *m = LogShardConfig{} }
func (m *LogShardConfig) String() string { return proto.CompactTextString(m) }
func (*LogShardConfig) ProtoMessage() {}
func (*LogShardConfig) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{1} }
func (m *LogShardConfig) Reset() { *m = LogShardConfig{} }
func (m *LogShardConfig) String() string { return proto.CompactTextString(m) }
func (*LogShardConfig) ProtoMessage() {}
func (*LogShardConfig) Descriptor() ([]byte, []int) {
return fileDescriptor_multilog_3c9b797b88da6f07, []int{1}
}
func (m *LogShardConfig) XXX_Unmarshal(b []byte) error {
return xxx_messageInfo_LogShardConfig.Unmarshal(m, b)
}
func (m *LogShardConfig) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
return xxx_messageInfo_LogShardConfig.Marshal(b, m, deterministic)
}
func (dst *LogShardConfig) XXX_Merge(src proto.Message) {
xxx_messageInfo_LogShardConfig.Merge(dst, src)
}
func (m *LogShardConfig) XXX_Size() int {
return xxx_messageInfo_LogShardConfig.Size(m)
}
func (m *LogShardConfig) XXX_DiscardUnknown() {
xxx_messageInfo_LogShardConfig.DiscardUnknown(m)
}
var xxx_messageInfo_LogShardConfig proto.InternalMessageInfo
func (m *LogShardConfig) GetUri() string {
if m != nil {
@ -82,14 +116,14 @@ func (m *LogShardConfig) GetPublicKeyDer() []byte {
return nil
}
func (m *LogShardConfig) GetNotAfterStart() *google_protobuf.Timestamp {
func (m *LogShardConfig) GetNotAfterStart() *timestamp.Timestamp {
if m != nil {
return m.NotAfterStart
}
return nil
}
func (m *LogShardConfig) GetNotAfterLimit() *google_protobuf.Timestamp {
func (m *LogShardConfig) GetNotAfterLimit() *timestamp.Timestamp {
if m != nil {
return m.NotAfterLimit
}
@ -101,9 +135,9 @@ func init() {
proto.RegisterType((*LogShardConfig)(nil), "configpb.LogShardConfig")
}
func init() { proto.RegisterFile("multilog.proto", fileDescriptor0) }
func init() { proto.RegisterFile("multilog.proto", fileDescriptor_multilog_3c9b797b88da6f07) }
var fileDescriptor0 = []byte{
var fileDescriptor_multilog_3c9b797b88da6f07 = []byte{
// 241 bytes of a gzipped FileDescriptorProto
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x8c, 0x8f, 0xb1, 0x4e, 0xc3, 0x30,
0x14, 0x45, 0x65, 0x02, 0x08, 0xdc, 0x12, 0xc0, 0x93, 0xd5, 0x85, 0xa8, 0x62, 0xc8, 0xe4, 0x4a,

View File

@ -19,7 +19,6 @@ package client
import (
"context"
"crypto/sha256"
"encoding/base64"
"fmt"
"net/http"
@ -35,11 +34,19 @@ type LogClient struct {
jsonclient.JSONClient
}
// CheckLogClient is an interface that allows (just) checking of various log contents.
type CheckLogClient interface {
BaseURI() string
GetSTH(context.Context) (*ct.SignedTreeHead, error)
GetSTHConsistency(ctx context.Context, first, second uint64) ([][]byte, error)
GetProofByHash(ctx context.Context, hash []byte, treeSize uint64) (*ct.GetProofByHashResponse, error)
}
// New constructs a new LogClient instance.
// |uri| is the base URI of the CT log instance to interact with, e.g.
// http://ct.googleapis.com/pilot
// https://ct.googleapis.com/pilot
// |hc| is the underlying client to be used for HTTP requests to the CT log.
// |opts| can be used to provide a customer logger interface and a public key
// |opts| can be used to provide a custom logger interface and a public key
// for signature verification.
func New(uri string, hc *http.Client, opts jsonclient.Options) (*LogClient, error) {
logClient, err := jsonclient.New(uri, hc, opts)
@ -169,35 +176,16 @@ func (c *LogClient) GetSTH(ctx context.Context) (*ct.SignedTreeHead, error) {
}
return nil, err
}
sth := ct.SignedTreeHead{
TreeSize: resp.TreeSize,
Timestamp: resp.Timestamp,
}
if len(resp.SHA256RootHash) != sha256.Size {
return nil, RspError{
Err: fmt.Errorf("sha256_root_hash is invalid length, expected %d got %d", sha256.Size, len(resp.SHA256RootHash)),
StatusCode: httpRsp.StatusCode,
Body: body,
}
}
copy(sth.SHA256RootHash[:], resp.SHA256RootHash)
var ds ct.DigitallySigned
if rest, err := tls.Unmarshal(resp.TreeHeadSignature, &ds); err != nil {
return nil, RspError{Err: err, StatusCode: httpRsp.StatusCode, Body: body}
} else if len(rest) > 0 {
return nil, RspError{
Err: fmt.Errorf("trailing data (%d bytes) after DigitallySigned", len(rest)),
StatusCode: httpRsp.StatusCode,
Body: body,
}
}
sth.TreeHeadSignature = ds
if err := c.VerifySTHSignature(sth); err != nil {
sth, err := resp.ToSignedTreeHead()
if err != nil {
return nil, RspError{Err: err, StatusCode: httpRsp.StatusCode, Body: body}
}
return &sth, nil
if err := c.VerifySTHSignature(*sth); err != nil {
return nil, RspError{Err: err, StatusCode: httpRsp.StatusCode, Body: body}
}
return sth, nil
}
// VerifySTHSignature checks the signature in sth, returning any error encountered or nil if verification is
@ -281,3 +269,21 @@ func (c *LogClient) GetAcceptedRoots(ctx context.Context) ([]ct.ASN1Cert, error)
}
return roots, nil
}
// GetEntryAndProof returns a log entry and audit path for the index of a leaf.
func (c *LogClient) GetEntryAndProof(ctx context.Context, index, treeSize uint64) (*ct.GetEntryAndProofResponse, error) {
base10 := 10
params := map[string]string{
"leaf_index": strconv.FormatUint(index, base10),
"tree_size": strconv.FormatUint(treeSize, base10),
}
var resp ct.GetEntryAndProofResponse
httpRsp, body, err := c.GetAndParse(ctx, ct.GetEntryAndProofPath, params, &resp)
if err != nil {
if httpRsp != nil {
return nil, RspError{Err: err, StatusCode: httpRsp.StatusCode, Body: body}
}
return nil, err
}
return &resp, nil
}

View File

@ -12,7 +12,7 @@
// See the License for the specific language governing permissions and
// limitations under the License.
package client
package client_test
import (
"bytes"
@ -32,6 +32,7 @@ import (
"time"
ct "github.com/google/certificate-transparency-go"
"github.com/google/certificate-transparency-go/client"
"github.com/google/certificate-transparency-go/jsonclient"
"github.com/google/certificate-transparency-go/testdata"
"github.com/google/certificate-transparency-go/tls"
@ -85,6 +86,15 @@ const (
]
}`
GetSTHConsistencyResp = `{ "consistency": [ "IqlrapPQKtmCY1jCr8+lpCtscRyjjZAA7nyadtFPRFQ=", "ytf6K2GnSRZ3Au+YkivCb7N1DygfKyZmE4aEs9OXl\/8=" ] }`
GetEntryAndProofResp = `{
"leaf_input": "AAAAAAFhw8UTtQAAAAJ1MIICcTCCAhegAwIBAgIFAN6tvu8wCgYIKoZIzj0EAwIwcjELMAkGA1UEBhMCR0IxDzANBgNVBAgTBkxvbmRvbjEPMA0GA1UEBxMGTG9uZG9uMQ8wDQYDVQQKEwZHb29nbGUxDDAKBgNVBAsTA0VuZzEiMCAGA1UEAxMZRmFrZUludGVybWVkaWF0ZUF1dGhvcml0eTAgFw0xNjEyMDcxNTEzMzZaGA8wMDAxMDEwMTAwMDAwMFowVjELMAkGA1UEBhMCR0IxDzANBgNVBAgMBkxvbmRvbjEPMA0GA1UECgwGR29vZ2xlMQwwCgYDVQQLDANFbmcxFzAVBgNVBAMMDmxlYWYwMS5jc3IucGVtMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE6zdOUkWcRtWouMXtWLkwKaZwimmgJlyeL264ayNshOFGOpg2gkSliheLQYIy9C3gCFt+BzhS/EdWKCeb7WCLrKOBszCBsDAPBgNVHQ8BAf8EBQMDB/mAMIGLBgNVHQ4EgYMEgYBPRBC+90lR8pRLbTi3ID4j0WRzjoJOT3MGkKko87o8z6gEifk9zCwOiHeIgclTA0ZUTxXMRI5r+nUY0frjRCWZu4uthPlE90iJM+RyjcNTwDJGu2StvLnJ8y4t5fdnwdGssncXiBQMuM7/1eMEwAOfHgTFzJ0UBC2Umztl0hul3zAPBgNVHSMECDAGgAQBAgMEMAoGCCqGSM49BAMCA0gAMEUCIQCrwywGKvyt/BwR+e7yDs78qt4sSEVJltv7Y0W6gOI5awIgQ+IAjejYivLEfqNufFRezCBWHWhbq/HHGdNQtv6EArkAAA==",
"extra_data": "RXh0cmEK",
"audit_path": [
"pMumx96PIUB3TX543ljlpQ/RgZRqitRfykupIZrXq0Q=",
"5s2NQWkjmesu+Kqgp70TCwVLwq8obpHw/JyMGwN56pQ=",
"7VelXijfmGFSl62BWIsG8LRmxJGBq9XP8FxmszuT2Cg="
]
}`
)
func b64(s string) []byte {
@ -156,11 +166,11 @@ func TestGetEntries(t *testing.T) {
CertEntryExtraDataB64)
})
defer ts.Close()
client, err := New(ts.URL, &http.Client{}, jsonclient.Options{})
lc, err := client.New(ts.URL, &http.Client{}, jsonclient.Options{})
if err != nil {
t.Fatalf("Failed to create client: %v", err)
}
leaves, err := client.GetEntries(context.Background(), 0, 1)
leaves, err := lc.GetEntries(context.Background(), 0, 1)
if err != nil {
t.Errorf("GetEntries(0,1)=nil,%v; want 2 leaves,nil", err)
} else if len(leaves) != 2 {
@ -185,12 +195,12 @@ func TestGetEntriesErrors(t *testing.T) {
for _, test := range tests {
ts := serveRspAt(t, "/ct/v1/get-entries", test.rsp)
defer ts.Close()
client, err := New(ts.URL, &http.Client{}, jsonclient.Options{})
lc, err := client.New(ts.URL, &http.Client{}, jsonclient.Options{})
if err != nil {
t.Errorf("Failed to create client: %v", err)
continue
}
got, err := client.GetEntries(ctx, test.start, test.end)
got, err := lc.GetEntries(ctx, test.start, test.end)
if err == nil {
t.Errorf("GetEntries(%d, %d)=%+v, nil; want nil, %q", test.start, test.end, got, test.want)
} else if !strings.Contains(err.Error(), test.want) {
@ -218,12 +228,12 @@ func TestGetRawEntriesErrors(t *testing.T) {
for _, test := range tests {
ts := serveRspAt(t, "/ct/v1/get-entries", test.rsp)
defer ts.Close()
client, err := New(ts.URL, &http.Client{}, jsonclient.Options{})
lc, err := client.New(ts.URL, &http.Client{}, jsonclient.Options{})
if err != nil {
t.Errorf("Failed to create client: %v", err)
continue
}
got, err := client.GetRawEntries(ctx, test.start, test.end)
got, err := lc.GetRawEntries(ctx, test.start, test.end)
if err == nil {
t.Errorf("GetRawEntries(%d, %d)=%+v, nil; want nil, %q", test.start, test.end, got, test.want)
} else if !strings.Contains(err.Error(), test.want) {
@ -234,7 +244,7 @@ func TestGetRawEntriesErrors(t *testing.T) {
}
if len(test.rsp) > 0 {
// Expect the error to include the HTTP response
if rspErr, ok := err.(RspError); !ok {
if rspErr, ok := err.(client.RspError); !ok {
t.Errorf("GetRawEntries(%d, %d)=nil, .(%T); want nil, .(RspError)", test.start, test.end, err)
} else if string(rspErr.Body) != test.rsp {
t.Errorf("GetRawEntries(%d, %d)=nil, .Body=%q; want nil, .Body=%q", test.start, test.end, rspErr.Body, test.rsp)
@ -251,11 +261,11 @@ func TestGetSTH(t *testing.T) {
ValidSTHResponseSHA256RootHash,
ValidSTHResponseTreeHeadSignature))
defer ts.Close()
client, err := New(ts.URL, &http.Client{}, jsonclient.Options{})
lc, err := client.New(ts.URL, &http.Client{}, jsonclient.Options{})
if err != nil {
t.Fatalf("Failed to create client: %v", err)
}
sth, err := client.GetSTH(context.Background())
sth, err := lc.GetSTH(context.Background())
if err != nil {
t.Fatal(err)
}
@ -303,12 +313,12 @@ func TestGetSTHErrors(t *testing.T) {
for _, test := range tests {
ts := serveRspAt(t, "/ct/v1/get-sth", test.rsp)
defer ts.Close()
client, err := New(ts.URL, &http.Client{}, jsonclient.Options{})
lc, err := client.New(ts.URL, &http.Client{}, jsonclient.Options{})
if err != nil {
t.Errorf("Failed to create client: %v", err)
continue
}
got, err := client.GetSTH(ctx)
got, err := lc.GetSTH(ctx)
if err == nil {
t.Errorf("GetSTH()=%+v, nil; want nil, %q", got, test.want)
} else if !strings.Contains(err.Error(), test.want) {
@ -319,7 +329,7 @@ func TestGetSTHErrors(t *testing.T) {
}
if len(test.rsp) > 0 {
// Expect the error to include the HTTP response
if rspErr, ok := err.(RspError); !ok {
if rspErr, ok := err.(client.RspError); !ok {
t.Errorf("GetSTH()=nil, .(%T); want nil, .(RspError)", err)
} else if string(rspErr.Body) != test.rsp {
t.Errorf("GetSTH()=nil, .Body=%q; want nil, .Body=%q", rspErr.Body, test.rsp)
@ -417,7 +427,7 @@ func TestAddChainRetries(t *testing.T) {
for i, test := range tests {
deadline := context.Background()
client, err := New(hs.URL, &http.Client{}, jsonclient.Options{})
lc, err := client.New(hs.URL, &http.Client{}, jsonclient.Options{})
if err != nil {
t.Fatalf("Failed to create client: %v", err)
}
@ -431,7 +441,7 @@ func TestAddChainRetries(t *testing.T) {
currentFailures = 0
started := time.Now()
sct, err := client.AddChain(deadline, chain)
sct, err := lc.AddChain(deadline, chain)
took := time.Since(started)
delta := math.Abs(float64(took - test.expected))
ratio := delta / float64(test.expected)
@ -452,19 +462,19 @@ func TestAddChainRetries(t *testing.T) {
func TestAddChain(t *testing.T) {
hs := serveSCTAt(t, "/ct/v1/add-chain", testdata.TestCertProof)
defer hs.Close()
client, err := New(hs.URL, &http.Client{}, jsonclient.Options{PublicKey: testdata.LogPublicKeyPEM})
lc, err := client.New(hs.URL, &http.Client{}, jsonclient.Options{PublicKey: testdata.LogPublicKeyPEM})
if err != nil {
t.Fatalf("Failed to create client: %v", err)
}
cert, err := x509util.CertificateFromPEM(testdata.TestCertPEM)
cert, err := x509util.CertificateFromPEM([]byte(testdata.TestCertPEM))
if err != nil {
t.Fatalf("Failed to parse certificate from PEM: %v", err)
}
// AddChain will verify the signature because the client has a public key.
chain := []ct.ASN1Cert{{Data: cert.Raw}}
_, err = client.AddChain(context.Background(), chain)
_, err = lc.AddChain(context.Background(), chain)
if err != nil {
t.Errorf("AddChain()=nil,%v; want sct,nil", err)
}
@ -473,23 +483,23 @@ func TestAddChain(t *testing.T) {
func TestAddPreChain(t *testing.T) {
hs := serveSCTAt(t, "/ct/v1/add-pre-chain", testdata.TestPreCertProof)
defer hs.Close()
client, err := New(hs.URL, &http.Client{}, jsonclient.Options{PublicKey: testdata.LogPublicKeyPEM})
lc, err := client.New(hs.URL, &http.Client{}, jsonclient.Options{PublicKey: testdata.LogPublicKeyPEM})
if err != nil {
t.Fatalf("Failed to create client: %v", err)
}
cert, err := x509util.CertificateFromPEM(testdata.TestPreCertPEM)
cert, err := x509util.CertificateFromPEM([]byte(testdata.TestPreCertPEM))
if err != nil {
t.Fatalf("Failed to parse pre-certificate from PEM: %v", err)
}
issuer, err := x509util.CertificateFromPEM(testdata.CACertPEM)
issuer, err := x509util.CertificateFromPEM([]byte(testdata.CACertPEM))
if err != nil {
t.Fatalf("Failed to parse issuer certificate from PEM: %v", err)
}
// AddPreChain will verify the signature because the client has a public key.
chain := []ct.ASN1Cert{{Data: cert.Raw}, {Data: issuer.Raw}}
_, err = client.AddPreChain(context.Background(), chain)
_, err = lc.AddPreChain(context.Background(), chain)
if err != nil {
t.Errorf("AddPreChain()=nil,%v; want sct,nil", err)
}
@ -498,7 +508,7 @@ func TestAddPreChain(t *testing.T) {
func TestAddJSON(t *testing.T) {
hs := serveRspAt(t, "/ct/v1/add-json", AddJSONResp)
defer hs.Close()
client, err := New(hs.URL, &http.Client{}, jsonclient.Options{})
lc, err := client.New(hs.URL, &http.Client{}, jsonclient.Options{})
if err != nil {
t.Fatalf("Failed to create client: %v", err)
}
@ -511,7 +521,7 @@ func TestAddJSON(t *testing.T) {
}
for _, test := range tests {
sct, err := client.AddJSON(context.Background(), test.data)
sct, err := lc.AddJSON(context.Background(), test.data)
if test.success && err != nil {
t.Errorf("AddJSON(%v)=nil,%v; want sct,nil", test.data, err)
} else if !test.success && err == nil {
@ -526,7 +536,7 @@ func TestAddJSON(t *testing.T) {
func TestGetSTHConsistency(t *testing.T) {
hs := serveRspAt(t, "/ct/v1/get-sth-consistency", GetSTHConsistencyResp)
defer hs.Close()
client, err := New(hs.URL, &http.Client{}, jsonclient.Options{})
lc, err := client.New(hs.URL, &http.Client{}, jsonclient.Options{})
if err != nil {
t.Fatalf("Failed to create client: %v", err)
}
@ -543,7 +553,7 @@ func TestGetSTHConsistency(t *testing.T) {
}
for _, test := range tests {
proof, err := client.GetSTHConsistency(context.Background(), test.first, test.second)
proof, err := lc.GetSTHConsistency(context.Background(), test.first, test.second)
if err != nil {
t.Errorf("GetSTHConsistency(%d, %d)=nil,%v; want proof,nil", test.first, test.second, err)
} else if !reflect.DeepEqual(proof, test.proof) {
@ -567,12 +577,12 @@ func TestGetSTHConsistencyErrors(t *testing.T) {
for _, test := range tests {
ts := serveRspAt(t, "/ct/v1/get-sth-consistency", test.rsp)
defer ts.Close()
client, err := New(ts.URL, &http.Client{}, jsonclient.Options{})
lc, err := client.New(ts.URL, &http.Client{}, jsonclient.Options{})
if err != nil {
t.Errorf("Failed to create client: %v", err)
continue
}
got, err := client.GetSTHConsistency(ctx, test.first, test.second)
got, err := lc.GetSTHConsistency(ctx, test.first, test.second)
if err == nil {
t.Errorf("GetSTHConsistency(%d, %d)=%+v, nil; want nil, %q", test.first, test.second, got, test.want)
} else if !strings.Contains(err.Error(), test.want) {
@ -583,7 +593,7 @@ func TestGetSTHConsistencyErrors(t *testing.T) {
}
if len(test.rsp) > 0 {
// Expect the error to include the HTTP response
if rspErr, ok := err.(RspError); !ok {
if rspErr, ok := err.(client.RspError); !ok {
t.Errorf("GetSTHConsistency(%d, %d)=nil, .(%T); want nil, .(RspError)", test.first, test.second, err)
} else if string(rspErr.Body) != test.rsp {
t.Errorf("GetSTHConsistency(%d, %d)=nil, .Body=%q; want nil, .Body=%q", test.first, test.second, rspErr.Body, test.rsp)
@ -595,7 +605,7 @@ func TestGetSTHConsistencyErrors(t *testing.T) {
func TestGetProofByHash(t *testing.T) {
hs := serveRspAt(t, "/ct/v1/get-proof-by-hash", ProofByHashResp)
defer hs.Close()
client, err := New(hs.URL, &http.Client{}, jsonclient.Options{})
lc, err := client.New(hs.URL, &http.Client{}, jsonclient.Options{})
if err != nil {
t.Fatalf("Failed to create client: %v", err)
}
@ -608,7 +618,7 @@ func TestGetProofByHash(t *testing.T) {
}
for _, test := range tests {
resp, err := client.GetProofByHash(context.Background(), test.hash, test.treesize)
resp, err := lc.GetProofByHash(context.Background(), test.hash, test.treesize)
if err != nil {
t.Errorf("GetProofByHash(%v, %v)=nil,%v; want proof,nil", test.hash, test.treesize, err)
} else if got := len(resp.AuditPath); got < 1 {
@ -632,12 +642,12 @@ func TestGetProofByHashErrors(t *testing.T) {
for _, test := range tests {
ts := serveRspAt(t, "/ct/v1/get-proof-by-hash", test.rsp)
defer ts.Close()
client, err := New(ts.URL, &http.Client{}, jsonclient.Options{})
lc, err := client.New(ts.URL, &http.Client{}, jsonclient.Options{})
if err != nil {
t.Errorf("Failed to create client: %v", err)
continue
}
got, err := client.GetProofByHash(ctx, aHash, 100)
got, err := lc.GetProofByHash(ctx, aHash, 100)
if err == nil {
t.Errorf("GetProofByHash()=%+v, nil; want nil, %q", got, test.want)
} else if !strings.Contains(err.Error(), test.want) {
@ -648,7 +658,7 @@ func TestGetProofByHashErrors(t *testing.T) {
}
if len(test.rsp) > 0 {
// Expect the error to include the HTTP response
if rspErr, ok := err.(RspError); !ok {
if rspErr, ok := err.(client.RspError); !ok {
t.Errorf("GetProofByHash()=nil, .(%T); want nil, .(RspError)", err)
} else if string(rspErr.Body) != test.rsp {
t.Errorf("GetProofByHash()=nil, .Body=%q; want nil, .Body=%q", rspErr.Body, test.rsp)
@ -660,12 +670,12 @@ func TestGetProofByHashErrors(t *testing.T) {
func TestGetAcceptedRoots(t *testing.T) {
hs := serveRspAt(t, "/ct/v1/get-roots", GetRootsResp)
defer hs.Close()
client, err := New(hs.URL, &http.Client{}, jsonclient.Options{})
lc, err := client.New(hs.URL, &http.Client{}, jsonclient.Options{})
if err != nil {
t.Fatalf("Failed to create client: %v", err)
}
certs, err := client.GetAcceptedRoots(context.Background())
certs, err := lc.GetAcceptedRoots(context.Background())
if err != nil {
t.Errorf("GetAcceptedRoots()=nil,%q; want roots,nil", err.Error())
} else if len(certs) < 1 {
@ -687,12 +697,12 @@ func TestGetAcceptedRootsErrors(t *testing.T) {
for _, test := range tests {
ts := serveRspAt(t, "/ct/v1/get-roots", test.rsp)
defer ts.Close()
client, err := New(ts.URL, &http.Client{}, jsonclient.Options{})
lc, err := client.New(ts.URL, &http.Client{}, jsonclient.Options{})
if err != nil {
t.Errorf("Failed to create client: %v", err)
continue
}
got, err := client.GetAcceptedRoots(ctx)
got, err := lc.GetAcceptedRoots(ctx)
if err == nil {
t.Errorf("GetAcceptedRoots()=%+v, nil; want nil, %q", got, test.want)
} else if !strings.Contains(err.Error(), test.want) {
@ -703,7 +713,7 @@ func TestGetAcceptedRootsErrors(t *testing.T) {
}
if len(test.rsp) > 0 {
// Expect the error to include the HTTP response
if rspErr, ok := err.(RspError); !ok {
if rspErr, ok := err.(client.RspError); !ok {
t.Errorf("GetAcceptedRoots()=nil, .(%T); want nil, .(RspError)", err)
} else if string(rspErr.Body) != test.rsp {
t.Errorf("GetAcceptedRoots()=nil, .Body=%q; want nil, .Body=%q", rspErr.Body, test.rsp)
@ -711,3 +721,69 @@ func TestGetAcceptedRootsErrors(t *testing.T) {
}
}
}
func TestGetEntryAndProof(t *testing.T) {
hs := serveRspAt(t, "/ct/v1/get-entry-and-proof", GetEntryAndProofResp)
defer hs.Close()
lc, err := client.New(hs.URL, &http.Client{}, jsonclient.Options{})
if err != nil {
t.Fatalf("Failed to create client: %v", err)
}
tests := []struct {
index uint64
treesize uint64
}{
{1000, 2000},
}
for _, test := range tests {
resp, err := lc.GetEntryAndProof(context.Background(), test.index, test.treesize)
if err != nil {
t.Errorf("GetEntryAndProof(%v, %v)=nil,%v; want proof,nil", test.index, test.treesize, err)
} else if got := len(resp.AuditPath); got < 1 {
t.Errorf("len(GetEntryAndProof(%v, %v)): %v; want > 1", test.index, test.treesize, got)
}
}
}
func TestGetEntryAndProofErrors(t *testing.T) {
ctx := context.Background()
var tests = []struct {
rsp, want string
}{
{rsp: "", want: "EOF"},
{rsp: "not-json", want: "invalid"},
{rsp: `{"leaf_input": "bogus", "extra_data": "Z29vZAo=", "audit_path": ["Z29vZAo="]}`, want: "illegal base64"},
{rsp: `{"leaf_input": "Z29vZAo=", "extra_data": "bogus", "audit_path": ["Z29vZAo="]}`, want: "illegal base64"},
{rsp: `{"leaf_input": "Z29vZAo=", "extra_data": "Z29vZAo=", "audit_path": ["bogus"]}`, want: "illegal base64"},
{rsp: `{"leaf_input": "Z29vZAo=", "extra_data": "Z29vZAo=", "audit_path": ["bbbb",]}`, want: "invalid"},
}
for _, test := range tests {
ts := serveRspAt(t, "/ct/v1/get-entry-and-proof", test.rsp)
defer ts.Close()
lc, err := client.New(ts.URL, &http.Client{}, jsonclient.Options{})
if err != nil {
t.Errorf("Failed to create client: %v", err)
continue
}
got, err := lc.GetEntryAndProof(ctx, 99, 100)
if err == nil {
t.Errorf("GetEntryAndProof()=%+v, nil; want nil, %q", got, test.want)
} else if !strings.Contains(err.Error(), test.want) {
t.Errorf("GetEntryAndProof()=nil, %q; want nil, %q", err, test.want)
}
if got != nil {
t.Errorf("GetEntryAndProof()=%+v, _; want nil, _", got)
}
if len(test.rsp) > 0 {
// Expect the error to include the HTTP response
if rspErr, ok := err.(client.RspError); !ok {
t.Errorf("GetEntryAndProof()=nil, .(%T); want nil, .(RspError)", err)
} else if string(rspErr.Body) != test.rsp {
t.Errorf("GetEntryAndProof()=nil, .Body=%q; want nil, .Body=%q", rspErr.Body, test.rsp)
}
}
}
}

View File

@ -23,7 +23,7 @@ import (
"net/http"
"time"
"github.com/gogo/protobuf/proto"
"github.com/golang/protobuf/proto"
"github.com/golang/protobuf/ptypes"
ct "github.com/google/certificate-transparency-go"
"github.com/google/certificate-transparency-go/client/configpb"

View File

@ -12,7 +12,7 @@
// See the License for the specific language governing permissions and
// limitations under the License.
package client
package client_test
import (
"context"
@ -26,6 +26,7 @@ import (
"github.com/golang/protobuf/ptypes"
tspb "github.com/golang/protobuf/ptypes/timestamp"
ct "github.com/google/certificate-transparency-go"
"github.com/google/certificate-transparency-go/client"
"github.com/google/certificate-transparency-go/client/configpb"
"github.com/google/certificate-transparency-go/testdata"
"github.com/google/certificate-transparency-go/x509util"
@ -200,7 +201,7 @@ func TestNewTemporalLogClient(t *testing.T) {
},
}
for _, test := range tests {
_, err := NewTemporalLogClient(test.cfg, nil)
_, err := client.NewTemporalLogClient(test.cfg, nil)
if err != nil {
if test.wantErr == "" {
t.Errorf("NewTemporalLogClient(%+v)=nil,%v; want _,nil", test.cfg, err)
@ -313,7 +314,7 @@ func TestIndexByDate(t *testing.T) {
{cfg: boundedCfg, when: time.Date(2015, 9, 19, 11, 00, 00, 00, time.UTC), wantErr: true},
}
for _, test := range tests {
tlc, err := NewTemporalLogClient(test.cfg, nil)
tlc, err := client.NewTemporalLogClient(test.cfg, nil)
if err != nil {
t.Errorf("NewTemporalLogClient(%+v)=nil, %v; want _,nil", test.cfg, err)
continue
@ -349,16 +350,16 @@ func TestTemporalAddChain(t *testing.T) {
}))
defer hs.Close()
cert, err := x509util.CertificateFromPEM(testdata.TestCertPEM)
cert, err := x509util.CertificateFromPEM([]byte(testdata.TestCertPEM))
if err != nil {
t.Fatalf("Failed to parse certificate from PEM: %v", err)
}
certChain := []ct.ASN1Cert{{Data: cert.Raw}}
precert, err := x509util.CertificateFromPEM(testdata.TestPreCertPEM)
precert, err := x509util.CertificateFromPEM([]byte(testdata.TestPreCertPEM))
if err != nil {
t.Fatalf("Failed to parse pre-certificate from PEM: %v", err)
}
issuer, err := x509util.CertificateFromPEM(testdata.CACertPEM)
issuer, err := x509util.CertificateFromPEM([]byte(testdata.CACertPEM))
if err != nil {
t.Fatalf("Failed to parse issuer certificate from PEM: %v", err)
}
@ -423,7 +424,7 @@ func TestTemporalAddChain(t *testing.T) {
ctx := context.Background()
for _, test := range tests {
tlc, err := NewTemporalLogClient(test.cfg, nil)
tlc, err := client.NewTemporalLogClient(test.cfg, nil)
if err != nil {
t.Errorf("NewTemporalLogClient(%+v)=nil, %v; want _,nil", test.cfg, err)
continue
@ -464,7 +465,7 @@ func TestTemporalAddChainErrors(t *testing.T) {
}
ctx := context.Background()
tlc, err := NewTemporalLogClient(cfg, nil)
tlc, err := client.NewTemporalLogClient(cfg, nil)
if err != nil {
t.Fatalf("NewTemporalLogClient(%+v)=nil, %v; want _,nil", cfg, err)
}