github.com/anjalikarhana/fabric@v2.1.1+incompatible/orderer/common/msgprocessor/expiration_test.go

github.com/anjalikarhana/fabric@v2.1.1+incompatible/orderer/common/msgprocessor/expiration_test.go (about)

     1  /*
     2  Copyright IBM Corp. All Rights Reserved.
     3  
     4  SPDX-License-Identifier: Apache-2.0
     5  */
     6  
     7  package msgprocessor
     8  
     9  import (
    10  	"io/ioutil"
    11  	"path/filepath"
    12  	"testing"
    13  
    14  	"github.com/golang/protobuf/proto"
    15  	"github.com/hyperledger/fabric-protos-go/common"
    16  	"github.com/hyperledger/fabric-protos-go/msp"
    17  	"github.com/hyperledger/fabric/common/channelconfig"
    18  	"github.com/hyperledger/fabric/orderer/common/msgprocessor/mocks"
    19  	"github.com/hyperledger/fabric/protoutil"
    20  	"github.com/stretchr/testify/assert"
    21  )
    22  
    23  //go:generate counterfeiter -o mocks/config_resources.go --fake-name Resources . configResources
    24  
    25  type configResources interface {
    26  	channelconfig.Resources
    27  }
    28  
    29  //go:generate counterfeiter -o mocks/orderer_config.go --fake-name OrdererConfig . ordererConfig
    30  
    31  type ordererConfig interface {
    32  	channelconfig.Orderer
    33  }
    34  
    35  //go:generate counterfeiter -o mocks/orderer_capabilities.go --fake-name OrdererCapabilities . ordererCapabilities
    36  
    37  type ordererCapabilities interface {
    38  	channelconfig.OrdererCapabilities
    39  }
    40  
    41  func createEnvelope(t *testing.T, serializedIdentity []byte) *common.Envelope {
    42  	sHdr := protoutil.MakeSignatureHeader(serializedIdentity, nil)
    43  	hdr := protoutil.MakePayloadHeader(&common.ChannelHeader{}, sHdr)
    44  	payload := &common.Payload{
    45  		Header: hdr,
    46  	}
    47  	payloadBytes, err := proto.Marshal(payload)
    48  	assert.NoError(t, err)
    49  	return &common.Envelope{
    50  		Payload:   payloadBytes,
    51  		Signature: []byte{1, 2, 3},
    52  	}
    53  }
    54  
    55  func createX509Identity(t *testing.T, certFileName string) []byte {
    56  	certBytes, err := ioutil.ReadFile(filepath.Join("testdata", certFileName))
    57  	assert.NoError(t, err)
    58  	sId := &msp.SerializedIdentity{
    59  		IdBytes: certBytes,
    60  	}
    61  	idBytes, err := proto.Marshal(sId)
    62  	assert.NoError(t, err)
    63  	return idBytes
    64  }
    65  
    66  func createIdemixIdentity(t *testing.T) []byte {
    67  	idemixId := &msp.SerializedIdemixIdentity{
    68  		NymX: []byte{1, 2, 3},
    69  		NymY: []byte{1, 2, 3},
    70  		Ou:   []byte("OU1"),
    71  	}
    72  	idemixBytes, err := proto.Marshal(idemixId)
    73  	assert.NoError(t, err)
    74  	sId := &msp.SerializedIdentity{
    75  		IdBytes: idemixBytes,
    76  	}
    77  	idBytes, err := proto.Marshal(sId)
    78  	assert.NoError(t, err)
    79  	return idBytes
    80  }
    81  
    82  func TestExpirationRejectRule(t *testing.T) {
    83  	mockResources := &mocks.Resources{}
    84  
    85  	t.Run("NoOrdererConfig", func(t *testing.T) {
    86  		assert.Panics(t, func() {
    87  			NewExpirationRejectRule(mockResources).Apply(&common.Envelope{})
    88  		})
    89  	})
    90  
    91  	mockOrderer := &mocks.OrdererConfig{}
    92  	mockResources.OrdererConfigReturns(mockOrderer, true)
    93  	mockCapabilities := &mocks.OrdererCapabilities{}
    94  	mockOrderer.CapabilitiesReturns(mockCapabilities)
    95  
    96  	t.Run("BadEnvelope", func(t *testing.T) {
    97  		mockCapabilities.ExpirationCheckReturns(true)
    98  		err := NewExpirationRejectRule(mockResources).Apply(&common.Envelope{})
    99  		assert.Error(t, err)
   100  		assert.Contains(t, err.Error(), "could not convert message to signedData")
   101  
   102  		mockCapabilities.ExpirationCheckReturns(false)
   103  		err = NewExpirationRejectRule(mockResources).Apply(&common.Envelope{})
   104  		assert.NoError(t, err)
   105  	})
   106  
   107  	t.Run("ExpiredX509Identity", func(t *testing.T) {
   108  		env := createEnvelope(t, createX509Identity(t, "expiredCert.pem"))
   109  		mockCapabilities.ExpirationCheckReturns(true)
   110  		err := NewExpirationRejectRule(mockResources).Apply(env)
   111  		assert.Error(t, err)
   112  		assert.Equal(t, err.Error(), "identity expired")
   113  
   114  		mockCapabilities.ExpirationCheckReturns(false)
   115  		err = NewExpirationRejectRule(mockResources).Apply(env)
   116  		assert.NoError(t, err)
   117  	})
   118  	t.Run("IdemixIdentity", func(t *testing.T) {
   119  		env := createEnvelope(t, createIdemixIdentity(t))
   120  		mockCapabilities.ExpirationCheckReturns(true)
   121  		assert.Nil(t, NewExpirationRejectRule(mockResources).Apply(env))
   122  		mockCapabilities.ExpirationCheckReturns(false)
   123  		assert.Nil(t, NewExpirationRejectRule(mockResources).Apply(env))
   124  	})
   125  	t.Run("NoneExpiredX509Identity", func(t *testing.T) {
   126  		env := createEnvelope(t, createX509Identity(t, "cert.pem"))
   127  		mockCapabilities.ExpirationCheckReturns(true)
   128  		assert.Nil(t, NewExpirationRejectRule(mockResources).Apply(env))
   129  		mockCapabilities.ExpirationCheckReturns(false)
   130  		assert.Nil(t, NewExpirationRejectRule(mockResources).Apply(env))
   131  	})
   132  }