@@ -24,16 +24,11 @@ const (
24
24
validationKindClient = "CLIENT"
25
25
validationKindServer = "SERVER"
26
26
27
- testcaseFailed testcaseResult = "FAILURE"
28
- testcasePassed testcaseResult = "SUCCESS"
29
- testcaseSkipped testcaseResult = "SKIPPED"
27
+ resultFailure testcaseResult = "FAILURE"
28
+ resultSuccess testcaseResult = "SUCCESS"
29
+ resultSkipped testcaseResult = "SKIPPED"
30
30
)
31
31
32
- func (r testcaseResult ) String () string {
33
- s := map [testcaseResult ]string {testcaseFailed : "FAIL" , testcasePassed : "PASS" , testcaseSkipped : "SKIP" }
34
- return s [r ]
35
- }
36
-
37
32
type result struct {
38
33
ID string `json:"id"`
39
34
Result testcaseResult `json:"actual_result"`
@@ -64,25 +59,29 @@ func main() {
64
59
resultsEncoder := json .NewEncoder (resultsFile )
65
60
66
61
var (
67
- pass , fail , skip int
68
- outputResults results
62
+ conform , nonconform , skip int
63
+ outputResults results
69
64
)
70
65
for _ , tc := range testcases .Testcases {
71
66
fmt .Printf ("Running test %s ... " , tc .Id )
72
67
r , err := evaluateTestcase (tc )
73
- fmt .Printf ("%s\n " , r )
74
68
75
69
var context string
76
- switch r {
77
- case testcaseFailed :
78
- fmt .Printf ("\t err=%+#v\n " , err )
79
- context = err .Error ()
80
- fail ++
81
- case testcasePassed :
82
- pass ++
83
- case testcaseSkipped :
84
- skip ++
85
- continue
70
+ if r != testcaseResult (tc .ExpectedResult .(string )) {
71
+ if r != resultSkipped {
72
+ fmt .Printf ("NON-CONFORMANT\n \t err=%s\n " , err )
73
+ nonconform ++
74
+ } else {
75
+ fmt .Println ("SKIPPED" )
76
+ skip ++
77
+ }
78
+
79
+ if err != nil {
80
+ context = err .Error ()
81
+ }
82
+ } else {
83
+ fmt .Println ("CONFORMANT" )
84
+ conform ++
86
85
}
87
86
88
87
outputResults .Results = append (outputResults .Results , result {
@@ -96,7 +95,7 @@ func main() {
96
95
outputResults .Harness = fmt .Sprintf ("gocryptox509-%s" , runtime .Version ())
97
96
resultsEncoder .Encode (outputResults )
98
97
99
- fmt .Printf ("done! passed/failed /skipped/total %d/%d/%d/%d.\n " , pass , fail , skip , len (testcases .Testcases ))
98
+ fmt .Printf ("done! conformant/nonconformant /skipped/total %d/%d/%d/%d.\n " , conform , nonconform , skip , len (testcases .Testcases ))
100
99
}
101
100
102
101
func loadTestcases (path string ) (testcases LimboSchemaJson , err error ) {
@@ -129,20 +128,18 @@ func evaluateTestcase(testcase Testcase) (testcaseResult, error) {
129
128
130
129
if err != nil {
131
130
fmt .Printf ("%s\n " , err )
132
- return testcaseSkipped , errors .Wrap (err , "unable to parse testcase time as RFC3339" )
131
+ return resultSkipped , errors .Wrap (err , "unable to parse testcase time as RFC3339" )
133
132
}
134
133
}
135
134
136
- expectSuccess := testcaseResult (testcase .ExpectedResult .(string )) == testcasePassed
137
-
138
135
// TODO: Support testcases that constrain signature algorthms.
139
136
if len (testcase .SignatureAlgorithms ) != 0 {
140
- return testcaseSkipped , fmt .Errorf ("signature algorithm checks not supported yet" )
137
+ return resultSkipped , fmt .Errorf ("signature algorithm checks not supported yet" )
141
138
}
142
139
143
140
// TODO: Support testcases that constrain key usages.
144
141
if len (testcase .KeyUsage ) != 0 {
145
- return testcaseSkipped , fmt .Errorf ("key usage checks not supported yet" )
142
+ return resultSkipped , fmt .Errorf ("key usage checks not supported yet" )
146
143
}
147
144
148
145
var ekus []x509.ExtKeyUsage
@@ -165,12 +162,12 @@ func evaluateTestcase(testcase Testcase) (testcaseResult, error) {
165
162
166
163
switch testcase .ValidationKind {
167
164
case validationKindClient :
168
- return testcaseSkipped , fmt .Errorf ("unimplemented validationKindClient" )
165
+ return resultSkipped , fmt .Errorf ("unimplemented validationKindClient" )
169
166
case validationKindServer :
170
167
var dnsName string
171
168
if peerName , ok := testcase .ExpectedPeerName .(map [string ]interface {}); ok {
172
169
if peerName ["kind" ] != "DNS" {
173
- return testcaseSkipped , fmt .Errorf ("non-DNS peer name checks not supported yet" )
170
+ return resultSkipped , fmt .Errorf ("non-DNS peer name checks not supported yet" )
174
171
}
175
172
dnsName = peerName ["value" ].(string )
176
173
}
@@ -180,19 +177,15 @@ func evaluateTestcase(testcase Testcase) (testcaseResult, error) {
180
177
181
178
peerAsPEM , rest := pem .Decode ([]byte (testcase .PeerCertificate ))
182
179
if peerAsPEM == nil || peerAsPEM .Type != "CERTIFICATE" {
183
- return testcaseFailed , fmt .Errorf ("unexpected data, expected cert: %+#v" , * peerAsPEM )
180
+ return resultFailure , fmt .Errorf ("unexpected data, expected cert: %+#v" , * peerAsPEM )
184
181
} else if len (rest ) > 0 {
185
- return testcaseFailed , fmt .Errorf ("peer certificate has %d trailing bytes" , len (rest ))
182
+ return resultFailure , fmt .Errorf ("peer certificate has %d trailing bytes" , len (rest ))
186
183
}
187
184
188
185
peer , err := x509 .ParseCertificate (peerAsPEM .Bytes )
189
186
if err != nil {
190
187
err = errors .Wrap (err , "unable to parse ASN1 certificate from PEM" )
191
- if expectSuccess {
192
- return testcaseFailed , err
193
- } else {
194
- return testcasePassed , err
195
- }
188
+ return resultFailure , err
196
189
}
197
190
198
191
opts := x509.VerifyOptions {
@@ -205,12 +198,24 @@ func evaluateTestcase(testcase Testcase) (testcaseResult, error) {
205
198
chain , err := peer .Verify (opts )
206
199
_ = chain
207
200
208
- if err != nil && expectSuccess {
209
- return testcaseFailed , errors .Wrap (err , "validation failed when success was expected" )
210
- } else if err == nil && ! expectSuccess {
211
- return testcaseFailed , fmt .Errorf ("validation succeeded when failure was expected" )
201
+ var (
202
+ expected = testcaseResult (testcase .ExpectedResult .(string ))
203
+ actual testcaseResult
204
+ )
205
+ if err != nil {
206
+ actual = resultFailure
207
+ } else {
208
+ actual = resultSuccess
209
+ }
210
+
211
+ if expected != actual {
212
+ if err == nil {
213
+ err = errors .New ("chain built" )
214
+ }
215
+ err = errors .Wrap (err , "validation" )
212
216
}
217
+ return actual , err
213
218
}
214
219
215
- return testcasePassed , nil
220
+ return resultSkipped , errors . New ( "no result returned from evaulation" )
216
221
}
0 commit comments