...

Source file src/github.com/google/certificate-transparency-go/submission/stub.go

Documentation: github.com/google/certificate-transparency-go/submission 

     1  // Copyright 2019 Google LLC. All Rights Reserved.
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package submission
    16  
    17  import (
    18  	"context"
    19  	"crypto/sha256"
    20  	"fmt"
    21  
    22  	ct "github.com/google/certificate-transparency-go"
    23  	"github.com/google/certificate-transparency-go/client"
    24  	"github.com/google/certificate-transparency-go/loglist3"
    25  	"github.com/google/certificate-transparency-go/tls"
    26  	"github.com/google/certificate-transparency-go/x509util"
    27  )
    28  
    29  type rootInfo struct {
    30  	raw      []byte
    31  	filename string
    32  }
    33  
    34  // Stub for AddLogCLient interface
    35  type stubLogClient struct {
    36  	logURL     string
    37  	rootsCerts map[string][]rootInfo
    38  }
    39  
    40  func (m stubLogClient) AddChain(ctx context.Context, chain []ct.ASN1Cert) (*ct.SignedCertificateTimestamp, error) {
    41  	if _, ok := m.rootsCerts[m.logURL]; ok {
    42  		return testSCT(m.logURL), nil
    43  	}
    44  	return nil, fmt.Errorf("log %q has no roots", m.logURL)
    45  }
    46  
    47  func (m stubLogClient) AddPreChain(ctx context.Context, chain []ct.ASN1Cert) (*ct.SignedCertificateTimestamp, error) {
    48  	if _, ok := m.rootsCerts[m.logURL]; ok {
    49  		return testSCT(m.logURL), nil
    50  	}
    51  	return nil, fmt.Errorf("log %q has no roots", m.logURL)
    52  }
    53  
    54  func (m stubLogClient) GetAcceptedRoots(ctx context.Context) ([]ct.ASN1Cert, error) {
    55  	roots := []ct.ASN1Cert{}
    56  	certInfos, ok := m.rootsCerts[m.logURL]
    57  	if !ok {
    58  		return roots, nil
    59  	}
    60  	for _, certInfo := range certInfos {
    61  		if len(certInfo.raw) > 0 {
    62  			roots = append(roots, ct.ASN1Cert{Data: certInfo.raw})
    63  			continue
    64  		}
    65  		roots = append(roots, ct.ASN1Cert{Data: readCertFile(certInfo.filename)})
    66  	}
    67  	return roots, nil
    68  }
    69  
    70  // readCertFile returns the first certificate it finds in file provided.
    71  func readCertFile(filename string) []byte {
    72  	data, err := x509util.ReadPossiblePEMFile(filename, "CERTIFICATE")
    73  	if err != nil {
    74  		return nil
    75  	}
    76  	return data[0]
    77  }
    78  
    79  // TestSCT builds a mock SCT for given logURL.
    80  func testSCT(logURL string) *ct.SignedCertificateTimestamp {
    81  	var keyID [sha256.Size]byte
    82  	copy(keyID[:], logURL)
    83  	return &ct.SignedCertificateTimestamp{
    84  		SCTVersion: ct.V1,
    85  		LogID:      ct.LogID{KeyID: keyID},
    86  		Timestamp:  1234,
    87  		Extensions: []byte{},
    88  		Signature: ct.DigitallySigned{
    89  			Algorithm: tls.SignatureAndHashAlgorithm{
    90  				Hash:      tls.SHA256,
    91  				Signature: tls.ECDSA,
    92  			},
    93  		},
    94  	}
    95  }
    96  
    97  func newRootedStubLogClient(log *loglist3.Log, rCerts map[string][]rootInfo) (client.AddLogClient, error) {
    98  	return stubLogClient{logURL: log.URL, rootsCerts: rCerts}, nil
    99  }
   100  
   101  func newEmptyStubLogClient(log *loglist3.Log) (client.AddLogClient, error) {
   102  	return newRootedStubLogClient(log, map[string][]rootInfo{})
   103  }
   104  
   105  // NewStubLogClient is builder for log-client stubs. Used for dry-runs and
   106  // testing.
   107  func NewStubLogClient(log *loglist3.Log) (client.AddLogClient, error) {
   108  	return stubLogClient{logURL: log.URL, rootsCerts: map[string][]rootInfo{log.URL: {}}}, nil
   109  }
   110  

View as plain text