github.com/zmap/zlint@v1.1.0/lints/lint_ct_sct_policy_count_unsatisfied_test.go (about) 1 /* 2 * ZLint Copyright 2019 Regents of the University of Michigan 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); you may not 5 * use this file except in compliance with the License. You may obtain a copy 6 * of the License at http://www.apache.org/licenses/LICENSE-2.0 7 * 8 * Unless required by applicable law or agreed to in writing, software 9 * distributed under the License is distributed on an "AS IS" BASIS, 10 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 11 * implied. See the License for the specific language governing 12 * permissions and limitations under the License. 13 */ 14 15 package lints 16 17 import ( 18 "fmt" 19 "testing" 20 ) 21 22 func TestSCTCountPolicyUnsatisified(t *testing.T) { 23 // NOTE(@cpu): Hello future human. If you need to recreate any of the 24 // Filenames referenced in this test you will need the `sctTestCerts.go` 25 // program[0]. Each test case has a comment that includes the invocation 26 // arguments that were used to create the test file. 27 // 28 // [0]: https://gist.github.com/cpu/6d26b2718f29e184ff88a90f02d7cbcb 29 testCases := []struct { 30 Name string 31 Filename string 32 ExpectedResult LintStatus 33 }{ 34 { 35 Name: "No SCTs, poisoned", 36 // go run sctTestCerts.go -lifetime 3 -scts 0 -poison > testlint/testCerts/ctNoSCTsPoisoned.pem 37 Filename: "ctNoSCTsPoisoned.pem", 38 ExpectedResult: NA, 39 }, 40 { 41 Name: "No SCTs, no poison", 42 // go run sctTestCerts.go -lifetime 3 -scts 0 > testlint/testCerts/ctNoSCTs.pem 43 Filename: "ctNoSCTs.pem", 44 ExpectedResult: Notice, 45 }, 46 { 47 Name: "Lifetime <15mo, 1 SCT", 48 // go run sctTestCerts.go -lifetime 3 -scts 1 > testlint/testCerts/ct3mo1SCTs.pem 49 Filename: "ct3mo1SCTs.pem", 50 ExpectedResult: Notice, 51 }, 52 { 53 Name: "Lifetime <15mo, 2 SCTs diff logs", 54 // go run sctTestCerts.go -lifetime 3 -scts 2 > testlint/testCerts/ct3mo2SCTs.pem 55 Filename: "ct3mo2SCTs.pem", 56 ExpectedResult: Pass, 57 }, 58 { 59 Name: "Lifetime <15mo, 2 SCTs same logs", 60 // go run sctTestCerts.go -lifetime 3 -scts 2 -differentLogs=false > testlint/testCerts/ct3mo2DupeSCTs.pem 61 Filename: "ct3mo2DupeSCTs.pem", 62 ExpectedResult: Notice, 63 }, 64 { 65 Name: "Lifetime >15mo <27mo, 2 SCTs diff logs", 66 // go run sctTestCerts.go -lifetime 18 -scts 2 > testlint/testCerts/ct18mo2SCTs.pem 67 Filename: "ct18mo2SCTs.pem", 68 ExpectedResult: Notice, 69 }, 70 { 71 Name: "Lifetime >15mo <27mo, 3 SCTs diff logs", 72 // go run sctTestCerts.go -lifetime 18 -scts 3 > testlint/testCerts/ct18mo3SCTs.pem 73 Filename: "ct18mo3SCTs.pem", 74 ExpectedResult: Pass, 75 }, 76 { 77 Name: "Lifetime >27mo <39mo, 3 SCTs diff logs", 78 // go run sctTestCerts.go -lifetime 38 -scts 3 > testlint/testCerts/ct38mo3SCTs.pem 79 Filename: "ct38mo3SCTs.pem", 80 ExpectedResult: Notice, 81 }, 82 { 83 Name: "Lifetime >27mo <39mo, 4 SCTs diff logs", 84 // go run sctTestCerts.go -lifetime 38 -scts 4 > testlint/testCerts/ct38mo4SCTs.pem 85 Filename: "ct38mo4SCTs.pem", 86 ExpectedResult: Pass, 87 }, 88 { 89 Name: "Lifetime >39mo, 4 SCTs diff logs", 90 // go run sctTestCerts.go -lifetime 666 -scts 4 > testlint/testCerts/ct666mo4SCTs.pem 91 Filename: "ct666mo4SCTs.pem", 92 ExpectedResult: Notice, 93 }, 94 { 95 Name: "Lifetime >39mo, 5 SCTs diff logs", 96 // go run sctTestCerts.go -lifetime 666 -scts 5 > testlint/testCerts/ct666mo5SCTs.pem 97 Filename: "ct666mo5SCTs.pem", 98 ExpectedResult: Pass, 99 }, 100 } 101 102 for _, tc := range testCases { 103 t.Run(tc.Name, func(t *testing.T) { 104 inputPath := fmt.Sprintf("%s%s", testCaseDir, tc.Filename) 105 result := Lints["w_ct_sct_policy_count_unsatisfied"].Execute(ReadCertificate(inputPath)) 106 if result.Status != tc.ExpectedResult { 107 t.Errorf("expected result %v was %v", tc.ExpectedResult, result.Status) 108 } 109 }) 110 } 111 }