Skip to content

Commit b98c78c

Browse files
authored
gocryptox509: return "actual" validation result (#64)
Fixes #63.
1 parent ca07ede commit b98c78c

File tree

1 file changed

+46
-41
lines changed

1 file changed

+46
-41
lines changed

harness/gocryptox509/main.go

Lines changed: 46 additions & 41 deletions
Original file line numberDiff line numberDiff line change
@@ -24,16 +24,11 @@ const (
2424
validationKindClient = "CLIENT"
2525
validationKindServer = "SERVER"
2626

27-
testcaseFailed testcaseResult = "FAILURE"
28-
testcasePassed testcaseResult = "SUCCESS"
29-
testcaseSkipped testcaseResult = "SKIPPED"
27+
resultFailure testcaseResult = "FAILURE"
28+
resultSuccess testcaseResult = "SUCCESS"
29+
resultSkipped testcaseResult = "SKIPPED"
3030
)
3131

32-
func (r testcaseResult) String() string {
33-
s := map[testcaseResult]string{testcaseFailed: "FAIL", testcasePassed: "PASS", testcaseSkipped: "SKIP"}
34-
return s[r]
35-
}
36-
3732
type result struct {
3833
ID string `json:"id"`
3934
Result testcaseResult `json:"actual_result"`
@@ -64,25 +59,29 @@ func main() {
6459
resultsEncoder := json.NewEncoder(resultsFile)
6560

6661
var (
67-
pass, fail, skip int
68-
outputResults results
62+
conform, nonconform, skip int
63+
outputResults results
6964
)
7065
for _, tc := range testcases.Testcases {
7166
fmt.Printf("Running test %s ... ", tc.Id)
7267
r, err := evaluateTestcase(tc)
73-
fmt.Printf("%s\n", r)
7468

7569
var context string
76-
switch r {
77-
case testcaseFailed:
78-
fmt.Printf("\terr=%+#v\n", err)
79-
context = err.Error()
80-
fail++
81-
case testcasePassed:
82-
pass++
83-
case testcaseSkipped:
84-
skip++
85-
continue
70+
if r != testcaseResult(tc.ExpectedResult.(string)) {
71+
if r != resultSkipped {
72+
fmt.Printf("NON-CONFORMANT\n\terr=%s\n", err)
73+
nonconform++
74+
} else {
75+
fmt.Println("SKIPPED")
76+
skip++
77+
}
78+
79+
if err != nil {
80+
context = err.Error()
81+
}
82+
} else {
83+
fmt.Println("CONFORMANT")
84+
conform++
8685
}
8786

8887
outputResults.Results = append(outputResults.Results, result{
@@ -96,7 +95,7 @@ func main() {
9695
outputResults.Harness = fmt.Sprintf("gocryptox509-%s", runtime.Version())
9796
resultsEncoder.Encode(outputResults)
9897

99-
fmt.Printf("done! passed/failed/skipped/total %d/%d/%d/%d.\n", pass, fail, skip, len(testcases.Testcases))
98+
fmt.Printf("done! conformant/nonconformant/skipped/total %d/%d/%d/%d.\n", conform, nonconform, skip, len(testcases.Testcases))
10099
}
101100

102101
func loadTestcases(path string) (testcases LimboSchemaJson, err error) {
@@ -129,20 +128,18 @@ func evaluateTestcase(testcase Testcase) (testcaseResult, error) {
129128

130129
if err != nil {
131130
fmt.Printf("%s\n", err)
132-
return testcaseSkipped, errors.Wrap(err, "unable to parse testcase time as RFC3339")
131+
return resultSkipped, errors.Wrap(err, "unable to parse testcase time as RFC3339")
133132
}
134133
}
135134

136-
expectSuccess := testcaseResult(testcase.ExpectedResult.(string)) == testcasePassed
137-
138135
// TODO: Support testcases that constrain signature algorthms.
139136
if len(testcase.SignatureAlgorithms) != 0 {
140-
return testcaseSkipped, fmt.Errorf("signature algorithm checks not supported yet")
137+
return resultSkipped, fmt.Errorf("signature algorithm checks not supported yet")
141138
}
142139

143140
// TODO: Support testcases that constrain key usages.
144141
if len(testcase.KeyUsage) != 0 {
145-
return testcaseSkipped, fmt.Errorf("key usage checks not supported yet")
142+
return resultSkipped, fmt.Errorf("key usage checks not supported yet")
146143
}
147144

148145
var ekus []x509.ExtKeyUsage
@@ -165,12 +162,12 @@ func evaluateTestcase(testcase Testcase) (testcaseResult, error) {
165162

166163
switch testcase.ValidationKind {
167164
case validationKindClient:
168-
return testcaseSkipped, fmt.Errorf("unimplemented validationKindClient")
165+
return resultSkipped, fmt.Errorf("unimplemented validationKindClient")
169166
case validationKindServer:
170167
var dnsName string
171168
if peerName, ok := testcase.ExpectedPeerName.(map[string]interface{}); ok {
172169
if peerName["kind"] != "DNS" {
173-
return testcaseSkipped, fmt.Errorf("non-DNS peer name checks not supported yet")
170+
return resultSkipped, fmt.Errorf("non-DNS peer name checks not supported yet")
174171
}
175172
dnsName = peerName["value"].(string)
176173
}
@@ -180,19 +177,15 @@ func evaluateTestcase(testcase Testcase) (testcaseResult, error) {
180177

181178
peerAsPEM, rest := pem.Decode([]byte(testcase.PeerCertificate))
182179
if peerAsPEM == nil || peerAsPEM.Type != "CERTIFICATE" {
183-
return testcaseFailed, fmt.Errorf("unexpected data, expected cert: %+#v", *peerAsPEM)
180+
return resultFailure, fmt.Errorf("unexpected data, expected cert: %+#v", *peerAsPEM)
184181
} else if len(rest) > 0 {
185-
return testcaseFailed, fmt.Errorf("peer certificate has %d trailing bytes", len(rest))
182+
return resultFailure, fmt.Errorf("peer certificate has %d trailing bytes", len(rest))
186183
}
187184

188185
peer, err := x509.ParseCertificate(peerAsPEM.Bytes)
189186
if err != nil {
190187
err = errors.Wrap(err, "unable to parse ASN1 certificate from PEM")
191-
if expectSuccess {
192-
return testcaseFailed, err
193-
} else {
194-
return testcasePassed, err
195-
}
188+
return resultFailure, err
196189
}
197190

198191
opts := x509.VerifyOptions{
@@ -205,12 +198,24 @@ func evaluateTestcase(testcase Testcase) (testcaseResult, error) {
205198
chain, err := peer.Verify(opts)
206199
_ = chain
207200

208-
if err != nil && expectSuccess {
209-
return testcaseFailed, errors.Wrap(err, "validation failed when success was expected")
210-
} else if err == nil && !expectSuccess {
211-
return testcaseFailed, fmt.Errorf("validation succeeded when failure was expected")
201+
var (
202+
expected = testcaseResult(testcase.ExpectedResult.(string))
203+
actual testcaseResult
204+
)
205+
if err != nil {
206+
actual = resultFailure
207+
} else {
208+
actual = resultSuccess
209+
}
210+
211+
if expected != actual {
212+
if err == nil {
213+
err = errors.New("chain built")
214+
}
215+
err = errors.Wrap(err, "validation")
212216
}
217+
return actual, err
213218
}
214219

215-
return testcasePassed, nil
220+
return resultSkipped, errors.New("no result returned from evaulation")
216221
}

0 commit comments

Comments
 (0)