Skip to content

Commit

Permalink
Extend SHA marking tests
Browse files Browse the repository at this point in the history
  • Loading branch information
@koplas
koplas committed Sep 17, 2024
1 parent 13c94f4 commit ddb5518
Show file tree
Hide file tree
Showing 14 changed files with 143 additions and 46 deletions.
4 changes: 2 additions & 2 deletions cmd/csaf_downloader/config.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,8 +44,8 @@ const (
type hashAlgorithm string

const (
algSha256 = hashAlgorithm("SHA256")
algSha2512 = hashAlgorithm("SHA512")
algSha256 = hashAlgorithm("sha256")
algSha512 = hashAlgorithm("sha512")
)

type config struct {
Expand Down
4 changes: 2 additions & 2 deletions cmd/csaf_downloader/downloader.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -502,7 +502,7 @@ nextAdvisory:
signData []byte
)

if (d.cfg.PreferredHash != "sha512" || file.SHA512URL() == "") && file.SHA256URL() != "" {
if (d.cfg.PreferredHash != algSha512 || file.SHA512URL() == "") && file.SHA256URL() != "" {
// Only hash when we have a remote counterpart we can compare it with.
if remoteSHA256, s256Data, err = loadHash(client, file.SHA256URL()); err != nil {
if !file.IsDirectory() {
Expand All @@ -518,7 +518,7 @@ nextAdvisory:
}
}

if (d.cfg.PreferredHash != "sha256" || file.SHA256URL() == "") && file.SHA512URL() != "" {
if (d.cfg.PreferredHash != algSha256 || file.SHA256URL() == "") && file.SHA512URL() != "" {
if remoteSHA512, s512Data, err = loadHash(client, file.SHA512URL()); err != nil {
if !file.IsDirectory() {
slog.Warn("Cannot fetch SHA512",
Expand Down
111 changes: 104 additions & 7 deletions cmd/csaf_downloader/downloader_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ package main

import (
"context"
"errors"
"html/template"
"log/slog"
"net/http"
Expand Down Expand Up @@ -53,6 +54,12 @@ func ProviderHandler(params *ProviderParams, directoryProvider bool) http.Handle
w.Header().Add("Content-Type", "text/html")
case strings.HasSuffix(path, ".json"):
w.Header().Add("Content-Type", "application/json")
case strings.HasSuffix(path, ".sha256") && directoryProvider && !params.EnableSha256:
w.WriteHeader(http.StatusNotFound)
return
case strings.HasSuffix(path, ".sha512") && directoryProvider && !params.EnableSha512:
w.WriteHeader(http.StatusNotFound)
return
default:
w.Header().Add("Content-Type", "text/plain")
}
Expand All @@ -62,22 +69,97 @@ func ProviderHandler(params *ProviderParams, directoryProvider bool) http.Handle
w.WriteHeader(http.StatusInternalServerError)
return
}
tmplt.Execute(w, params)
err = tmplt.Execute(w, params)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
return
}
})
}

func checkIfFileExists(path string, t *testing.T) bool {
if _, err := os.Stat(path); err == nil {
return true
} else if errors.Is(err, os.ErrNotExist) {
return false
} else {
t.Fatalf("Failed to check if file exists: %v", err)
return false
}
}

func TestShaMarking(t *testing.T) {
tests := []struct {
name string
directoryProvider bool
wantSha256 bool
wantSha512 bool
enableSha256 bool
enableSha512 bool
preferredHash hashAlgorithm
}{
{
name: "want sha256 and sha512",
directoryProvider: false,
wantSha256: true,
wantSha512: true,
enableSha256: true,
enableSha512: true,
},
{
name: "only want sha256",
directoryProvider: false,
wantSha256: true,
wantSha512: false,
enableSha256: true,
enableSha512: true,
preferredHash: algSha256,
},
{
name: "only want sha512",
directoryProvider: false,
wantSha256: false,
wantSha512: true,
enableSha256: true,
enableSha512: true,
preferredHash: algSha512,
},
{
name: "only want sha512",
directoryProvider: false,
wantSha256: false,
wantSha512: true,
enableSha256: true,
enableSha512: true,
preferredHash: algSha512,
},

{
name: "only deliver sha256",
directoryProvider: false,
wantSha256: true,
wantSha512: false,
enableSha256: true,
enableSha512: false,
preferredHash: algSha512,
},
{
name: "only want sha256, directory provider",
directoryProvider: true,
wantSha256: true,
wantSha512: false,
enableSha256: true,
enableSha512: true,
preferredHash: algSha256,
},
{
name: "only want sha512, directory provider",
directoryProvider: true,
wantSha256: false,
wantSha512: true,
enableSha256: true,
enableSha512: true,
preferredHash: algSha512,
},
}

Expand All @@ -89,8 +171,8 @@ func TestShaMarking(t *testing.T) {
serverURL := ""
params := ProviderParams{
URL: "",
EnableSha256: true,
EnableSha512: true,
EnableSha256: test.enableSha256,
EnableSha512: test.enableSha512,
}
server := httptest.NewTLSServer(ProviderHandler(&params, test.directoryProvider))
defer server.Close()
Expand All @@ -102,19 +184,34 @@ func TestShaMarking(t *testing.T) {
client := util.Client(hClient)

tempDir := t.TempDir()
cfg := config{LogLevel: &options.LogLevel{Level: slog.LevelDebug}, Directory: tempDir}
cfg.prepare()
cfg := config{LogLevel: &options.LogLevel{Level: slog.LevelDebug}, Directory: tempDir, PreferredHash: test.preferredHash}
err := cfg.prepare()
if err != nil {
t.Fatalf("SHA marking config failed: %v", err)
}
d, err := newDownloader(&cfg)
if err != nil {
t.Fatalf("could not init downloader: %v", err)
}
defer d.close()
d.client = &client

ctx := context.Background()
err = d.run(ctx, []string{serverURL + "/provider-metadata.json"})
if err != nil {
t.Errorf("SHA marking: Expected no error, got: %v", err)
t.Errorf("SHA marking %v: Expected no error, got: %v", test.name, err)
}
d.close()

// Check for downloaded hashes
sha256Exists := checkIfFileExists(tempDir+"/white/2020/avendor-advisory-0004.json.sha256", t)
sha512Exists := checkIfFileExists(tempDir+"/white/2020/avendor-advisory-0004.json.sha512", t)

if sha256Exists != test.wantSha256 {
t.Errorf("%v: expected sha256 hash present to be %v, got: %v", test.name, test.wantSha256, sha256Exists)
}

if sha512Exists != test.wantSha512 {
t.Errorf("%v: expected sha512 hash present to be %v, got: %v", test.name, test.wantSha512, sha512Exists)
}
})
}
Expand Down
8 changes: 4 additions & 4 deletions testdata/simple-directory-provider/provider-metadata.json
View file
Original file line number Diff line number Diff line change
@@ -1,18 +1,18 @@
{
"canonical_url": "/provider-metadata.json",
"canonical_url": "{{.URL}}/provider-metadata.json",
"distributions": [
{
"directory_url": "/white/"
"directory_url": "{{.URL}}/white/"
}
],
"last_updated": "2020-00-00T00:00:00Z",
"last_updated": "2020-01-01T00:00:00Z",
"list_on_CSAF_aggregators": true,
"metadata_version": "2.0",
"mirror_on_CSAF_aggregators": true,
"public_openpgp_keys": [
{
"fingerprint": "A8914CA2F11139C6A69A0018FB3CD9B15DE61596",
"url": "/openpgp/pubkey.asc"
"url": "{{.URL}}/openpgp/pubkey.asc"
}
],
"publisher": {
Expand Down
12 changes: 6 additions & 6 deletions testdata/simple-directory-provider/white/avendor-advisory-0004-not-listed.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,19 +22,19 @@
},
"title": "Test CSAF document",
"tracking": {
"current_release_date": "2020-00-00T00:00:00Z",
"current_release_date": "2020-01-01T00:00:00Z",
"generator": {
"date": "2020-00-00T00:00:00Z",
"date": "2020-01-01T00:00:00Z",
"engine": {
"name": "csaf-tool",
"version": "0.3.2"
}
},
"id": "Avendor-advisory-0004",
"initial_release_date": "2020-00-00T00:00:00Z",
"initial_release_date": "2020-01-01T00:00:00Z",
"revision_history": [
{
"date": "2020-00-00T00:00:00Z",
"date": "2020-01-01T00:00:00Z",
"number": "1",
"summary": "Initial version"
}
Expand Down Expand Up @@ -140,7 +140,7 @@
{
"category": "impact",
"details": "Customers should upgrade to the latest version of the product",
"date": "2020-00-00T00:00:00Z",
"date": "2020-01-01T00:00:00Z",
"product_ids": ["CSAFPID_0001"]
}
]
Expand All @@ -161,7 +161,7 @@
{
"category": "impact",
"details": "Still under investigation",
"date": "2020-00-00T00:00:00Z",
"date": "2020-01-01T00:00:00Z",
"product_ids": ["CSAFPID_0001"]
}
]
Expand Down
12 changes: 6 additions & 6 deletions testdata/simple-directory-provider/white/avendor-advisory-0004.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,19 +22,19 @@
},
"title": "Test CSAF document",
"tracking": {
"current_release_date": "2020-00-00T00:00:00Z",
"current_release_date": "2020-01-01T00:00:00Z",
"generator": {
"date": "2020-00-00T00:00:00Z",
"date": "2020-01-01T00:00:00Z",
"engine": {
"name": "csaf-tool",
"version": "0.3.2"
}
},
"id": "Avendor-advisory-0004",
"initial_release_date": "2020-00-00T00:00:00Z",
"initial_release_date": "2020-01-01T00:00:00Z",
"revision_history": [
{
"date": "2020-00-00T00:00:00Z",
"date": "2020-01-01T00:00:00Z",
"number": "1",
"summary": "Initial version"
}
Expand Down Expand Up @@ -140,7 +140,7 @@
{
"category": "impact",
"details": "Customers should upgrade to the latest version of the product",
"date": "2020-00-00T00:00:00Z",
"date": "2020-01-01T00:00:00Z",
"product_ids": ["CSAFPID_0001"]
}
]
Expand All @@ -161,7 +161,7 @@
{
"category": "impact",
"details": "Still under investigation",
"date": "2020-00-00T00:00:00Z",
"date": "2020-01-01T00:00:00Z",
"product_ids": ["CSAFPID_0001"]
}
]
Expand Down
8 changes: 4 additions & 4 deletions testdata/simple-directory-provider/white/avendor-advisory-0004.json.asc
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
-----BEGIN PGP SIGNATURE-----

iHUEABYKAB0WIQSokUyi8RE5xqaaABj7PNmxXeYVlgUCZuftaAAKCRD7PNmxXeYV
lh/FAP90NaBzCYu9JpIuqvG8MZegVLpc85P6AeeMPU5W6dRHJwD/eQzrfy0TzAZ2
q6xmpih4scq9j8frOjoH40w3rAByoQc=
=EhZh
iHUEABYKAB0WIQSokUyi8RE5xqaaABj7PNmxXeYVlgUCZukv9QAKCRD7PNmxXeYV
ljq0AP9n/rTgoNCJzSTZzNrrMy28ZR+Ppp1MSPWGFUzsx6qLJgD/d8cu0lokMsXf
y0uc9k7hrla/ajFUzNt3AVvT+CPFtAo=
=7E66
-----END PGP SIGNATURE-----
2 changes: 1 addition & 1 deletion testdata/simple-directory-provider/white/avendor-advisory-0004.json.sha256
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
ab1995c322f4b7905b79d78646fd8774900e27ac0b00128e892cd84cee1f17e2 avendor-advisory-0004.json
cb263bf1beab18b893de63f2966d0d8c5f38d60101c24d3fd7a5feebaad02c3b avendor-advisory-0004.json
2 changes: 1 addition & 1 deletion testdata/simple-directory-provider/white/avendor-advisory-0004.json.sha512
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
8a7dd7d1247f510a59c26bf6f973ff4c3a8d37c5a69fd361aa7cc7cf06a38a8ef096e4f2f09b75269ad2b1cc99179381a63c7c731e5e492a9647ba0452255b37 avendor-advisory-0004.json
39476e1d08a0871d166091c90de259544382a3599eebda118a93468499a30fd034286086c461a97d3d5298e093b0be3868e8d89d8a6a255c4aa6adb81ebbfcad avendor-advisory-0004.json
2 changes: 1 addition & 1 deletion testdata/simple-directory-provider/white/changes.csv
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
"avendor-advisory-0004.json","2020-00-00T00:00:00+00:00"
"avendor-advisory-0004.json","2020-01-01T00:00:00+00:00"
12 changes: 6 additions & 6 deletions testdata/simple-rolie-provider/white/avendor-advisory-0004.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,19 +22,19 @@
},
"title": "Test CSAF document",
"tracking": {
"current_release_date": "2020-00-00T00:00:00Z",
"current_release_date": "2020-01-01T00:00:00Z",
"generator": {
"date": "2020-00-00T00:00:00Z",
"date": "2020-01-01T00:00:00Z",
"engine": {
"name": "csaf-tool",
"version": "0.3.2"
}
},
"id": "Avendor-advisory-0004",
"initial_release_date": "2020-00-00T00:00:00Z",
"initial_release_date": "2020-01-01T00:00:00Z",
"revision_history": [
{
"date": "2020-00-00T00:00:00Z",
"date": "2020-01-01T00:00:00Z",
"number": "1",
"summary": "Initial version"
}
Expand Down Expand Up @@ -140,7 +140,7 @@
{
"category": "impact",
"details": "Customers should upgrade to the latest version of the product",
"date": "2020-00-00T00:00:00Z",
"date": "2020-01-01T00:00:00Z",
"product_ids": ["CSAFPID_0001"]
}
]
Expand All @@ -161,7 +161,7 @@
{
"category": "impact",
"details": "Still under investigation",
"date": "2020-00-00T00:00:00Z",
"date": "2020-01-01T00:00:00Z",
"product_ids": ["CSAFPID_0001"]
}
]
Expand Down
8 changes: 4 additions & 4 deletions testdata/simple-rolie-provider/white/avendor-advisory-0004.json.asc
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
-----BEGIN PGP SIGNATURE-----

iHUEABYKAB0WIQSokUyi8RE5xqaaABj7PNmxXeYVlgUCZuftaAAKCRD7PNmxXeYV
lh/FAP90NaBzCYu9JpIuqvG8MZegVLpc85P6AeeMPU5W6dRHJwD/eQzrfy0TzAZ2
q6xmpih4scq9j8frOjoH40w3rAByoQc=
=EhZh
iHUEABYKAB0WIQSokUyi8RE5xqaaABj7PNmxXeYVlgUCZukv9QAKCRD7PNmxXeYV
ljq0AP9n/rTgoNCJzSTZzNrrMy28ZR+Ppp1MSPWGFUzsx6qLJgD/d8cu0lokMsXf
y0uc9k7hrla/ajFUzNt3AVvT+CPFtAo=
=7E66
-----END PGP SIGNATURE-----
2 changes: 1 addition & 1 deletion testdata/simple-rolie-provider/white/avendor-advisory-0004.json.sha256
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
ab1995c322f4b7905b79d78646fd8774900e27ac0b00128e892cd84cee1f17e2 avendor-advisory-0004.json
cb263bf1beab18b893de63f2966d0d8c5f38d60101c24d3fd7a5feebaad02c3b avendor-advisory-0004.json
2 changes: 1 addition & 1 deletion testdata/simple-rolie-provider/white/avendor-advisory-0004.json.sha512
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
8a7dd7d1247f510a59c26bf6f973ff4c3a8d37c5a69fd361aa7cc7cf06a38a8ef096e4f2f09b75269ad2b1cc99179381a63c7c731e5e492a9647ba0452255b37 avendor-advisory-0004.json
39476e1d08a0871d166091c90de259544382a3599eebda118a93468499a30fd034286086c461a97d3d5298e093b0be3868e8d89d8a6a255c4aa6adb81ebbfcad avendor-advisory-0004.json

0 comments on commit ddb5518

Please sign in to comment.