35
35
fixedTime = time .Date (2017 , 9 , 7 , 12 , 15 , 23 , 0 , time .UTC )
36
36
fixedTimeMillis = uint64 (fixedTime .UnixNano () / nanosPerMilli )
37
37
demoLogID = [32 ]byte {19 , 56 , 222 , 93 , 229 , 36 , 102 , 128 , 227 , 214 , 3 , 121 , 93 , 175 , 126 , 236 , 97 , 217 , 34 , 32 , 40 , 233 , 98 , 27 , 46 , 179 , 164 , 251 , 84 , 10 , 60 , 57 }
38
+ fakeIndex = uint8 (8 )
39
+ fakeExtension = []byte {0 , 0 , 5 , 0 , 0 , 0 , 0 , fakeIndex }
38
40
fakeSignature = []byte ("signed" )
39
41
)
40
42
@@ -46,6 +48,7 @@ const (
46
48
defaultPrecertIssuerHashString string = "iamapublickeyshatwofivesixdigest"
47
49
defaultPrecertTBSString string = "tbs"
48
50
51
+ // TODO(phboneff): add extension and regenerate data
49
52
defaultCertificateSCTSignatureInputHexString string =
50
53
// version, 1 byte
51
54
"00" +
@@ -251,11 +254,19 @@ func TestBuildV1MerkleTreeLeafForCert(t *testing.T) {
251
254
t .Fatalf ("could not create signer: %v" , err )
252
255
}
253
256
254
- leaf , err := MerkleTreeLeafFromChain ([]* x509.Certificate {cert }, types .X509LogEntryType , fixedTimeMillis )
257
+ // Use the same cert as the issuer for convenience.
258
+ entry , err := entryFromChain ([]* x509.Certificate {cert , cert }, false , fixedTimeMillis )
255
259
if err != nil {
256
260
t .Fatalf ("buildV1MerkleTreeLeafForCert()=nil,%v; want _,nil" , err )
257
261
}
258
- got , err := buildV1SCT (signer , leaf )
262
+ var leaf types.MerkleTreeLeaf
263
+ leafValue := entry .MerkleTreeLeaf (uint64 (fakeIndex ))
264
+ if rest , err := tls .Unmarshal (leafValue , & leaf ); err != nil {
265
+ t .Fatalf ("failed to reconstruct MerkleTreeLeaf: %s" , err )
266
+ } else if len (rest ) > 0 {
267
+ t .Fatalf ("extra data (%d bytes) on reconstructing MerkleTreeLeaf" , len (rest ))
268
+ }
269
+ got , err := buildV1SCT (signer , & leaf )
259
270
if err != nil {
260
271
t .Fatalf ("buildV1SCT()=nil,%v; want _,nil" , err )
261
272
}
@@ -264,7 +275,7 @@ func TestBuildV1MerkleTreeLeafForCert(t *testing.T) {
264
275
SCTVersion : 0 ,
265
276
LogID : types.LogID {KeyID : demoLogID },
266
277
Timestamp : fixedTimeMillis ,
267
- Extensions : types.CTExtensions {} ,
278
+ Extensions : types .CTExtensions ( fakeExtension ) ,
268
279
Signature : types.DigitallySigned {
269
280
Algorithm : tls.SignatureAndHashAlgorithm {
270
281
Hash : tls .SHA256 ,
@@ -307,11 +318,19 @@ func TestSignV1SCTForPrecertificate(t *testing.T) {
307
318
}
308
319
309
320
// Use the same cert as the issuer for convenience.
310
- leaf , err := MerkleTreeLeafFromChain ([]* x509.Certificate {cert , cert }, types . PrecertLogEntryType , fixedTimeMillis )
321
+ entry , err := entryFromChain ([]* x509.Certificate {cert , cert }, true , fixedTimeMillis )
311
322
if err != nil {
312
323
t .Fatalf ("buildV1MerkleTreeLeafForCert()=nil,%v; want _,nil" , err )
313
324
}
314
- got , err := buildV1SCT (signer , leaf )
325
+ var leaf types.MerkleTreeLeaf
326
+ leafValue := entry .MerkleTreeLeaf (uint64 (fakeIndex ))
327
+ if rest , err := tls .Unmarshal (leafValue , & leaf ); err != nil {
328
+ t .Fatalf ("failed to reconstruct MerkleTreeLeaf: %s" , err )
329
+ } else if len (rest ) > 0 {
330
+ t .Fatalf ("extra data (%d bytes) on reconstructing MerkleTreeLeaf" , len (rest ))
331
+ }
332
+
333
+ got , err := buildV1SCT (signer , & leaf )
315
334
if err != nil {
316
335
t .Fatalf ("buildV1SCT()=nil,%v; want _,nil" , err )
317
336
}
@@ -320,7 +339,7 @@ func TestSignV1SCTForPrecertificate(t *testing.T) {
320
339
SCTVersion : 0 ,
321
340
LogID : types.LogID {KeyID : demoLogID },
322
341
Timestamp : fixedTimeMillis ,
323
- Extensions : types.CTExtensions {} ,
342
+ Extensions : types .CTExtensions ( fakeExtension ) ,
324
343
Signature : types.DigitallySigned {
325
344
Algorithm : tls.SignatureAndHashAlgorithm {
326
345
Hash : tls .SHA256 ,
0 commit comments