1 package grpc
2
3 import (
4 "encoding/json"
5 "net"
6 "testing"
7 "time"
8
9 "google.golang.org/protobuf/types/known/timestamppb"
10 "gopkg.in/go-jose/go-jose.v2"
11
12 "github.com/letsencrypt/boulder/core"
13 corepb "github.com/letsencrypt/boulder/core/proto"
14 "github.com/letsencrypt/boulder/identifier"
15 "github.com/letsencrypt/boulder/probs"
16 "github.com/letsencrypt/boulder/test"
17 )
18
19 const JWK1JSON = `{"kty":"RSA","n":"vuc785P8lBj3fUxyZchF_uZw6WtbxcorqgTyq-qapF5lrO1U82Tp93rpXlmctj6fyFHBVVB5aXnUHJ7LZeVPod7Wnfl8p5OyhlHQHC8BnzdzCqCMKmWZNX5DtETDId0qzU7dPzh0LP0idt5buU7L9QNaabChw3nnaL47iu_1Di5Wp264p2TwACeedv2hfRDjDlJmaQXuS8Rtv9GnRWyC9JBu7XmGvGDziumnJH7Hyzh3VNu-kSPQD3vuAFgMZS6uUzOztCkT0fpOalZI6hqxtWLvXUMj-crXrn-Maavz8qRhpAyp5kcYk3jiHGgQIi7QSK2JIdRJ8APyX9HlmTN5AQ","e":"AQAB"}`
20
21 func TestProblemDetails(t *testing.T) {
22 pb, err := ProblemDetailsToPB(nil)
23 test.AssertNotEquals(t, err, "problemDetailToPB failed")
24 test.Assert(t, pb == nil, "Returned corepb.ProblemDetails is not nil")
25
26 prob := &probs.ProblemDetails{Type: probs.TLSProblem, Detail: "asd", HTTPStatus: 200}
27 pb, err = ProblemDetailsToPB(prob)
28 test.AssertNotError(t, err, "problemDetailToPB failed")
29 test.Assert(t, pb != nil, "return corepb.ProblemDetails is nill")
30 test.AssertDeepEquals(t, pb.ProblemType, string(prob.Type))
31 test.AssertEquals(t, pb.Detail, prob.Detail)
32 test.AssertEquals(t, int(pb.HttpStatus), prob.HTTPStatus)
33
34 recon, err := PBToProblemDetails(pb)
35 test.AssertNotError(t, err, "PBToProblemDetails failed")
36 test.AssertDeepEquals(t, recon, prob)
37
38 recon, err = PBToProblemDetails(nil)
39 test.AssertNotError(t, err, "PBToProblemDetails failed")
40 test.Assert(t, recon == nil, "Returned core.PRoblemDetails is not nil")
41 _, err = PBToProblemDetails(&corepb.ProblemDetails{})
42 test.AssertError(t, err, "PBToProblemDetails did not fail")
43 test.AssertEquals(t, err, ErrMissingParameters)
44 _, err = PBToProblemDetails(&corepb.ProblemDetails{ProblemType: ""})
45 test.AssertError(t, err, "PBToProblemDetails did not fail")
46 test.AssertEquals(t, err, ErrMissingParameters)
47 _, err = PBToProblemDetails(&corepb.ProblemDetails{Detail: ""})
48 test.AssertError(t, err, "PBToProblemDetails did not fail")
49 test.AssertEquals(t, err, ErrMissingParameters)
50 }
51
52 func TestChallenge(t *testing.T) {
53 var jwk jose.JSONWebKey
54 err := json.Unmarshal([]byte(JWK1JSON), &jwk)
55 test.AssertNotError(t, err, "Failed to unmarshal test key")
56 validated := time.Now().Round(0).UTC()
57 chall := core.Challenge{
58 Type: core.ChallengeTypeDNS01,
59 Status: core.StatusValid,
60 Token: "asd",
61 ProvidedKeyAuthorization: "keyauth",
62 Validated: &validated,
63 }
64
65 pb, err := ChallengeToPB(chall)
66 test.AssertNotError(t, err, "ChallengeToPB failed")
67 test.Assert(t, pb != nil, "Returned corepb.Challenge is nil")
68
69 recon, err := PBToChallenge(pb)
70 test.AssertNotError(t, err, "PBToChallenge failed")
71 test.AssertDeepEquals(t, recon, chall)
72
73 ip := net.ParseIP("1.1.1.1")
74 chall.ValidationRecord = []core.ValidationRecord{
75 {
76 Hostname: "example.com",
77 Port: "2020",
78 AddressesResolved: []net.IP{ip},
79 AddressUsed: ip,
80 URL: "https://example.com:2020",
81 AddressesTried: []net.IP{ip},
82 },
83 }
84 chall.Error = &probs.ProblemDetails{Type: probs.TLSProblem, Detail: "asd", HTTPStatus: 200}
85 pb, err = ChallengeToPB(chall)
86 test.AssertNotError(t, err, "ChallengeToPB failed")
87 test.Assert(t, pb != nil, "Returned corepb.Challenge is nil")
88
89 recon, err = PBToChallenge(pb)
90 test.AssertNotError(t, err, "PBToChallenge failed")
91 test.AssertDeepEquals(t, recon, chall)
92
93 _, err = PBToChallenge(nil)
94 test.AssertError(t, err, "PBToChallenge did not fail")
95 test.AssertEquals(t, err, ErrMissingParameters)
96 _, err = PBToChallenge(&corepb.Challenge{})
97 test.AssertError(t, err, "PBToChallenge did not fail")
98 test.AssertEquals(t, err, ErrMissingParameters)
99
100 challNilValidation := core.Challenge{
101 Type: core.ChallengeTypeDNS01,
102 Status: core.StatusValid,
103 Token: "asd",
104 ProvidedKeyAuthorization: "keyauth",
105 Validated: nil,
106 }
107 pb, err = ChallengeToPB(challNilValidation)
108 test.AssertNotError(t, err, "ChallengeToPB failed")
109 test.Assert(t, pb != nil, "Returned corepb.Challenge is nil")
110 recon, err = PBToChallenge(pb)
111 test.AssertNotError(t, err, "PBToChallenge failed")
112 test.AssertDeepEquals(t, recon, challNilValidation)
113 }
114
115 func TestValidationRecord(t *testing.T) {
116 ip := net.ParseIP("1.1.1.1")
117 vr := core.ValidationRecord{
118 Hostname: "exampleA.com",
119 Port: "80",
120 AddressesResolved: []net.IP{ip},
121 AddressUsed: ip,
122 URL: "http://exampleA.com",
123 AddressesTried: []net.IP{ip},
124 }
125
126 pb, err := ValidationRecordToPB(vr)
127 test.AssertNotError(t, err, "ValidationRecordToPB failed")
128 test.Assert(t, pb != nil, "Return core.ValidationRecord is nil")
129
130 recon, err := PBToValidationRecord(pb)
131 test.AssertNotError(t, err, "PBToValidationRecord failed")
132 test.AssertDeepEquals(t, recon, vr)
133 }
134
135 func TestValidationResult(t *testing.T) {
136 ip := net.ParseIP("1.1.1.1")
137 vrA := core.ValidationRecord{
138 Hostname: "exampleA.com",
139 Port: "443",
140 AddressesResolved: []net.IP{ip},
141 AddressUsed: ip,
142 URL: "https://exampleA.com",
143 AddressesTried: []net.IP{ip},
144 }
145 vrB := core.ValidationRecord{
146 Hostname: "exampleB.com",
147 Port: "443",
148 AddressesResolved: []net.IP{ip},
149 AddressUsed: ip,
150 URL: "https://exampleB.com",
151 AddressesTried: []net.IP{ip},
152 }
153 result := []core.ValidationRecord{vrA, vrB}
154 prob := &probs.ProblemDetails{Type: probs.TLSProblem, Detail: "asd", HTTPStatus: 200}
155
156 pb, err := ValidationResultToPB(result, prob)
157 test.AssertNotError(t, err, "ValidationResultToPB failed")
158 test.Assert(t, pb != nil, "Returned vapb.ValidationResult is nil")
159
160 reconResult, reconProb, err := pbToValidationResult(pb)
161 test.AssertNotError(t, err, "pbToValidationResult failed")
162 test.AssertDeepEquals(t, reconResult, result)
163 test.AssertDeepEquals(t, reconProb, prob)
164 }
165
166 func TestRegistration(t *testing.T) {
167 contacts := []string{"email"}
168 var key jose.JSONWebKey
169 err := json.Unmarshal([]byte(`
170 {
171 "e": "AQAB",
172 "kty": "RSA",
173 "n": "tSwgy3ORGvc7YJI9B2qqkelZRUC6F1S5NwXFvM4w5-M0TsxbFsH5UH6adigV0jzsDJ5imAechcSoOhAh9POceCbPN1sTNwLpNbOLiQQ7RD5mY_pSUHWXNmS9R4NZ3t2fQAzPeW7jOfF0LKuJRGkekx6tXP1uSnNibgpJULNc4208dgBaCHo3mvaE2HV2GmVl1yxwWX5QZZkGQGjNDZYnjFfa2DKVvFs0QbAk21ROm594kAxlRlMMrvqlf24Eq4ERO0ptzpZgm_3j_e4hGRD39gJS7kAzK-j2cacFQ5Qi2Y6wZI2p-FCq_wiYsfEAIkATPBiLKl_6d_Jfcvs_impcXQ"
174 }
175 `), &key)
176 test.AssertNotError(t, err, "Could not unmarshal testing key")
177 createdAt := time.Now().Round(0).UTC()
178 inReg := core.Registration{
179 ID: 1,
180 Key: &key,
181 Contact: &contacts,
182 Agreement: "yup",
183 InitialIP: net.ParseIP("1.1.1.1"),
184 CreatedAt: &createdAt,
185 Status: core.StatusValid,
186 }
187 pbReg, err := RegistrationToPB(inReg)
188 test.AssertNotError(t, err, "registrationToPB failed")
189 outReg, err := PbToRegistration(pbReg)
190 test.AssertNotError(t, err, "PbToRegistration failed")
191 test.AssertDeepEquals(t, inReg, outReg)
192
193 inReg.Contact = nil
194 pbReg, err = RegistrationToPB(inReg)
195 test.AssertNotError(t, err, "registrationToPB failed")
196 pbReg.Contact = []string{}
197 outReg, err = PbToRegistration(pbReg)
198 test.AssertNotError(t, err, "PbToRegistration failed")
199 test.AssertDeepEquals(t, inReg, outReg)
200
201 var empty []string
202 inReg.Contact = &empty
203 pbReg, err = RegistrationToPB(inReg)
204 test.AssertNotError(t, err, "registrationToPB failed")
205 outReg, err = PbToRegistration(pbReg)
206 test.AssertNotError(t, err, "PbToRegistration failed")
207 test.Assert(t, *outReg.Contact != nil, "Empty slice was converted to a nil slice")
208
209 inRegNilCreatedAt := core.Registration{
210 ID: 1,
211 Key: &key,
212 Contact: &contacts,
213 Agreement: "yup",
214 InitialIP: net.ParseIP("1.1.1.1"),
215 CreatedAt: nil,
216 Status: core.StatusValid,
217 }
218 pbReg, err = RegistrationToPB(inRegNilCreatedAt)
219 test.AssertNotError(t, err, "registrationToPB failed")
220 outReg, err = PbToRegistration(pbReg)
221 test.AssertNotError(t, err, "PbToRegistration failed")
222 test.AssertDeepEquals(t, inRegNilCreatedAt, outReg)
223 }
224
225 func TestAuthz(t *testing.T) {
226 exp := time.Now().AddDate(0, 0, 1).UTC()
227 identifier := identifier.ACMEIdentifier{Type: identifier.DNS, Value: "example.com"}
228 challA := core.Challenge{
229 Type: core.ChallengeTypeDNS01,
230 Status: core.StatusPending,
231 Token: "asd",
232 ProvidedKeyAuthorization: "keyauth",
233 }
234 challB := core.Challenge{
235 Type: core.ChallengeTypeDNS01,
236 Status: core.StatusPending,
237 Token: "asd2",
238 ProvidedKeyAuthorization: "keyauth4",
239 }
240 inAuthz := core.Authorization{
241 ID: "1",
242 Identifier: identifier,
243 RegistrationID: 5,
244 Status: core.StatusPending,
245 Expires: &exp,
246 Challenges: []core.Challenge{challA, challB},
247 }
248 pbAuthz, err := AuthzToPB(inAuthz)
249 test.AssertNotError(t, err, "AuthzToPB failed")
250 outAuthz, err := PBToAuthz(pbAuthz)
251 test.AssertNotError(t, err, "PBToAuthz failed")
252 test.AssertDeepEquals(t, inAuthz, outAuthz)
253
254 inAuthzNilExpires := core.Authorization{
255 ID: "1",
256 Identifier: identifier,
257 RegistrationID: 5,
258 Status: core.StatusPending,
259 Expires: nil,
260 Challenges: []core.Challenge{challA, challB},
261 }
262 pbAuthz2, err := AuthzToPB(inAuthzNilExpires)
263 test.AssertNotError(t, err, "AuthzToPB failed")
264 outAuthz2, err := PBToAuthz(pbAuthz2)
265 test.AssertNotError(t, err, "PBToAuthz failed")
266 test.AssertDeepEquals(t, inAuthzNilExpires, outAuthz2)
267 }
268
269 func TestCert(t *testing.T) {
270 now := time.Now().Round(0)
271 cert := core.Certificate{
272 RegistrationID: 1,
273 Serial: "serial",
274 Digest: "digest",
275 DER: []byte{255},
276 Issued: now,
277 Expires: now.Add(time.Hour),
278 }
279
280 certPB := CertToPB(cert)
281 outCert := PBToCert(certPB)
282
283 test.AssertDeepEquals(t, cert, outCert)
284 }
285
286 func TestOrderValid(t *testing.T) {
287 created := time.Now()
288 expires := created.Add(1 * time.Hour)
289 testCases := []struct {
290 Name string
291 Order *corepb.Order
292 ExpectedValid bool
293 }{
294 {
295 Name: "All valid",
296 Order: &corepb.Order{
297 Id: 1,
298 RegistrationID: 1,
299 ExpiresNS: expires.UnixNano(),
300 Expires: timestamppb.New(expires),
301 CertificateSerial: "",
302 V2Authorizations: []int64{},
303 Names: []string{"example.com"},
304 BeganProcessing: false,
305 CreatedNS: created.UnixNano(),
306 Created: timestamppb.New(created),
307 },
308 ExpectedValid: true,
309 },
310 {
311 Name: "Serial empty",
312 Order: &corepb.Order{
313 Id: 1,
314 RegistrationID: 1,
315 ExpiresNS: expires.UnixNano(),
316 Expires: timestamppb.New(expires),
317 V2Authorizations: []int64{},
318 Names: []string{"example.com"},
319 BeganProcessing: false,
320 CreatedNS: created.UnixNano(),
321 Created: timestamppb.New(created),
322 },
323 ExpectedValid: true,
324 },
325 {
326 Name: "All zero",
327 Order: &corepb.Order{},
328 },
329 {
330 Name: "ID 0",
331 Order: &corepb.Order{
332 Id: 0,
333 RegistrationID: 1,
334 ExpiresNS: expires.UnixNano(),
335 Expires: timestamppb.New(expires),
336 CertificateSerial: "",
337 V2Authorizations: []int64{},
338 Names: []string{"example.com"},
339 BeganProcessing: false,
340 },
341 },
342 {
343 Name: "Reg ID zero",
344 Order: &corepb.Order{
345 Id: 1,
346 RegistrationID: 0,
347 ExpiresNS: expires.UnixNano(),
348 Expires: timestamppb.New(expires),
349 CertificateSerial: "",
350 V2Authorizations: []int64{},
351 Names: []string{"example.com"},
352 BeganProcessing: false,
353 },
354 },
355 {
356 Name: "Expires 0",
357 Order: &corepb.Order{
358 Id: 1,
359 RegistrationID: 1,
360 ExpiresNS: 0,
361 Expires: nil,
362 CertificateSerial: "",
363 V2Authorizations: []int64{},
364 Names: []string{"example.com"},
365 BeganProcessing: false,
366 },
367 },
368 {
369 Name: "Names empty",
370 Order: &corepb.Order{
371 Id: 1,
372 RegistrationID: 1,
373 ExpiresNS: expires.UnixNano(),
374 Expires: timestamppb.New(expires),
375 CertificateSerial: "",
376 V2Authorizations: []int64{},
377 Names: []string{},
378 BeganProcessing: false,
379 },
380 },
381 }
382
383 for _, tc := range testCases {
384 t.Run(tc.Name, func(t *testing.T) {
385 result := orderValid(tc.Order)
386 test.AssertEquals(t, result, tc.ExpectedValid)
387 })
388 }
389 }
390
View as plain text