trust: improve testing

go/lib/scrypto/cppki/BUILD.bazel

@@ -29,7 +29,7 @@ go_test(
         "certs_test.go",
         "export_test.go",
         "id_test.go",
-        "singed_trc_test.go",
+        "signed_trc_test.go",
         "trc_asn1_test.go",
         "trc_test.go",
         "validity_test.go",

go/lib/scrypto/cppki/certs_test.go

@@ -40,7 +40,12 @@ func updateCert(goldenCert string) ([]byte, error) {
 	defer cleanF()
 
 	cmd := exec.Command("sh", "-c", "./testdata/update_certs.sh")
-	cmd.Env = []string{"SAFEDIR=" + dir}
+	cmd.Env = []string{
+		"SAFEDIR=" + dir,
+		"STARTDATE=20200624120000Z",
+		"ENDDATE=20250624120000Z",
+	}
+
 	out, err := cmd.CombinedOutput()
 	if err != nil {
 		return out, err

go/pkg/trust/fetching_provider_test.go

@@ -336,6 +336,36 @@ func TestFetchingProviderGetChains(t *testing.T) {
 			Options:      []trust.Option{trust.Server(&net.UDPAddr{Port: 90})},
 			ErrAssertion: assert.Error,
 		},
+		"reject forged chain": {
+			DB: func(t *testing.T, ctrl *gomock.Controller) trust.DB {
+				db := mock_trust.NewMockDB(ctrl)
+				db.EXPECT().Chains(gomock.Any(), chainQueryMatcher{
+					ia:   query.IA,
+					skid: query.SubjectKeyID}).Return(nil, nil)
+				db.EXPECT().SignedTRC(gomock.Any(), gomock.Any()).Return(trc, nil)
+				return db
+			},
+			Recurser: func(t *testing.T, ctrl *gomock.Controller) trust.Recurser {
+				r := mock_trust.NewMockRecurser(ctrl)
+				r.EXPECT().AllowRecursion(gomock.Any()).Return(nil)
+				return r
+			},
+			Router: func(t *testing.T, ctrl *gomock.Controller) trust.Router {
+				return mock_trust.NewMockRouter(ctrl)
+			},
+			Fetcher: func(t *testing.T, ctrl *gomock.Controller) trust.Fetcher {
+				f := mock_trust.NewMockFetcher(ctrl)
+				forged := xtest.LoadChain(t,
+					filepath.Join(goldenDir, "ISD1/ASff00_0_110/crypto/as/ISD1-ASff00_0_110.pem"))
+				forged[0].Signature[30] ^= 0xFF
+				f.EXPECT().Chains(gomock.Any(), query, &net.UDPAddr{Port: 90}).Return(
+					[][]*x509.Certificate{forged}, nil,
+				)
+				return f
+			},
+			Options:      []trust.Option{trust.Server(&net.UDPAddr{Port: 90})},
+			ErrAssertion: assert.NoError,
+		},
 	}
 	for name, tc := range testCases {
 		name, tc := name, tc
@@ -574,7 +604,7 @@ func TestFetchingProviderNotifyTRC(t *testing.T) {
 			Options:      []trust.Option{trust.Server(&net.UDPAddr{Port: 90})},
 			ErrAssertion: assert.Error,
 		},
-		"non-verifiable response": {
+		"reject forged TRC": {
 			ID: updated.TRC.ID,
 			DB: func(t *testing.T, ctrl *gomock.Controller) trust.DB {
 				db := mock_trust.NewMockDB(ctrl)
@@ -595,12 +625,12 @@ func TestFetchingProviderNotifyTRC(t *testing.T) {
 			Fetcher: func(t *testing.T, ctrl *gomock.Controller) trust.Fetcher {
 				f := mock_trust.NewMockFetcher(ctrl)
 
-				invalid := xtest.LoadTRC(t, filepath.Join(goldenDir, "trcs/ISD1-B1-S2.trc"))
-				for i := range invalid.SignerInfos {
-					invalid.SignerInfos[i].Signature[0] ^= 0xFF
+				forged := xtest.LoadTRC(t, filepath.Join(goldenDir, "trcs/ISD1-B1-S2.trc"))
+				for i := range forged.SignerInfos {
+					forged.SignerInfos[i].Signature[0] ^= 0xFF
 				}
 				f.EXPECT().TRC(gomock.Any(), updated.TRC.ID, &net.UDPAddr{Port: 90}).Return(
-					invalid, nil,
+					forged, nil,
 				)
 				return f
 			},

go/pkg/trust/store_test.go

@@ -37,19 +37,16 @@ func TestLoadChains(t *testing.T) {
 	}
 	trc := xtest.LoadTRC(t, filepath.Join(goldenDir, "ISD1/trcs/ISD1-B1-S1.trc"))
 
-	mctlr := gomock.NewController(t)
-	defer mctlr.Finish()
-
 	testCases := map[string]struct {
 		inputDir   string
-		setupDB    func() trust.DB
+		setupDB    func(*gomock.Controller) trust.DB
 		assertFunc assert.ErrorAssertionFunc
 		ignored    []string
 		loaded     []string
 	}{
 		"valid": {
 			inputDir: filepath.Join(goldenDir, "certs"),
-			setupDB: func() trust.DB {
+			setupDB: func(mctlr *gomock.Controller) trust.DB {
 				db := mock_trust.NewMockDB(mctlr)
 				db.EXPECT().SignedTRC(ctxMatcher{},
 					TRCIDMatcher{ISD: 1}).Return(trc, nil).AnyTimes()
@@ -68,36 +65,30 @@ func TestLoadChains(t *testing.T) {
 		},
 		"invalid dir": {
 			inputDir: "./path/to/nowhere",
-			setupDB: func() trust.DB {
+			setupDB: func(mctlr *gomock.Controller) trust.DB {
 				return mock_trust.NewMockDB(mctlr)
 			},
 			assertFunc: assert.Error,
 		},
 		"db.SignedTRC error": {
 			inputDir: filepath.Join(goldenDir, "certs"),
-			setupDB: func() trust.DB {
+			setupDB: func(mctlr *gomock.Controller) trust.DB {
 				db := mock_trust.NewMockDB(mctlr)
 				db.EXPECT().SignedTRC(ctxMatcher{},
 					TRCIDMatcher{ISD: 1}).Return(
 					cppki.SignedTRC{}, serrors.New("db failed")).AnyTimes()
-				db.EXPECT().InsertChain(ctxMatcher{}, gomock.Any()).Return(
-					false, nil,
-				)
 				return db
 			},
 			assertFunc: assert.Error,
 		},
 		"db.SignedTRC not found": {
 			inputDir: filepath.Join(goldenDir, "certs"),
-			setupDB: func() trust.DB {
+			setupDB: func(mctlr *gomock.Controller) trust.DB {
 				db := mock_trust.NewMockDB(mctlr)
 				db.EXPECT().SignedTRC(ctxMatcher{},
 					TRCIDMatcher{ISD: 1}).AnyTimes().Return(
 					cppki.SignedTRC{}, nil,
 				)
-				db.EXPECT().InsertChain(ctxMatcher{}, gomock.Any()).Return(
-					false, nil,
-				)
 				return db
 			},
 			assertFunc: assert.NoError,
@@ -110,7 +101,7 @@ func TestLoadChains(t *testing.T) {
 		},
 		"db.Chain error": {
 			inputDir: filepath.Join(goldenDir, "certs"),
-			setupDB: func() trust.DB {
+			setupDB: func(mctlr *gomock.Controller) trust.DB {
 				db := mock_trust.NewMockDB(mctlr)
 				db.EXPECT().SignedTRC(ctxMatcher{},
 					TRCIDMatcher{ISD: 1}).Return(trc, nil).AnyTimes()
@@ -123,7 +114,7 @@ func TestLoadChains(t *testing.T) {
 		},
 		"invalid TRC validation": {
 			inputDir: filepath.Join(goldenDir, "certs"),
-			setupDB: func() trust.DB {
+			setupDB: func(mctlr *gomock.Controller) trust.DB {
 				db := mock_trust.NewMockDB(mctlr)
 				db.EXPECT().SignedTRC(ctxMatcher{},
 					TRCIDMatcher{ISD: 1}).Return(
@@ -145,7 +136,9 @@ func TestLoadChains(t *testing.T) {
 		name, tc := name, tc
 		t.Run(name, func(t *testing.T) {
 			t.Parallel()
-			db := tc.setupDB()
+			ctlr := gomock.NewController(t)
+			defer ctlr.Finish()
+			db := tc.setupDB(ctlr)
 			res, err := trust.LoadChains(context.Background(), tc.inputDir, db)
 			tc.assertFunc(t, err)
 			if err != nil {

go/pkg/trust/verifier_test.go

@@ -48,6 +48,8 @@ func TestVerify(t *testing.T) {
 	key := loadKey(t, filepath.Join(goldenDir,
 		"ISD1/ASff00_0_110/crypto/as/cp-as.key"))
 	sign := validSignS(t, msg, "1-ff00:0:110", key)
+	forgedSign := validSignS(t, msg, "1-ff00:0:110", key)
+	forgedSign.Signature[30] ^= 0xFF
 
 	testCases := map[string]struct {
 		provider    func(mctrl *gomock.Controller) trust.Provider
@@ -167,6 +169,27 @@ func TestVerify(t *testing.T) {
 			sign:       sign,
 			assertFunc: assert.Error,
 		},
+		"reject forged signature": {
+			provider: func(mctrl *gomock.Controller) trust.Provider {
+				p := mock_trust.NewMockProvider(mctrl)
+				p.EXPECT().NotifyTRC(
+					gomock.Any(),
+					cppki.TRCID{ISD: 1, Base: 1, Serial: 1},
+					trust.OptionsMatcher{},
+				).Return(nil)
+
+				p.EXPECT().GetChains(ctxMatcher{},
+					chainQueryMatcher{
+						ia:   xtest.MustParseIA("1-ff00:0:110"),
+						skid: []byte("subject-key-id"),
+					},
+					trust.OptionsMatcher{},
+				).Return(chains, nil).Times(1)
+				return p
+			},
+			sign:       forgedSign,
+			assertFunc: assert.Error,
+		},
 	}
 
 	for name, tc := range testCases {