Add integration tests

rustls · Aug 5, 2024 · d58bd14 · d58bd14
1 parent 04eabc5
commit d58bd14
Show file tree

Hide file tree

Showing 75 changed files with 845 additions and 38 deletions.
diff --git a/tests/generate.py b/tests/generate.py
@@ -7,6 +7,7 @@
 Run this script from tests/.  It edits the bottom part of some .rs files and
 drops testcase data into subdirectories as required.
 """
+
 import argparse
 import enum
 import os
@@ -16,7 +17,7 @@
 from cryptography import x509
 from cryptography.hazmat.primitives import hashes
 from cryptography.hazmat.primitives.asymmetric import rsa, ec, ed25519, padding
-from cryptography.hazmat.primitives.serialization import Encoding
+from cryptography.hazmat.primitives.serialization import Encoding, PublicFormat
 from cryptography.hazmat.backends import default_backend
 from cryptography.x509.oid import NameOID, ExtendedKeyUsageOID
 import ipaddress
@@ -32,10 +33,10 @@
 NOT_AFTER: datetime.datetime = datetime.datetime.utcfromtimestamp(0x1FEDF00D + 30)
 
 ANY_PRIV_KEY = Union[
-    ed25519.Ed25519PrivateKey | ec.EllipticCurvePrivateKey | rsa.RSAPrivateKey
+    ed25519.Ed25519PrivateKey, ec.EllipticCurvePrivateKey, rsa.RSAPrivateKey
 ]
 ANY_PUB_KEY = Union[
-    ed25519.Ed25519PublicKey | ec.EllipticCurvePublicKey | rsa.RSAPublicKey
+    ed25519.Ed25519PublicKey, ec.EllipticCurvePublicKey, rsa.RSAPublicKey
 ]
 SIGNER = Callable[
     [Any, bytes], Any
@@ -651,6 +652,9 @@ def signatures(force: bool) -> None:
     def _cert_path(cert_type: str) -> str:
         return os.path.join(output_dir, f"{cert_type}.ee.der")
 
+    def _rpk_path(rpk_type: str) -> str:
+        return os.path.join(output_dir, f"{rpk_type}.spki.der")
+
     for name, private_key in all_key_types.items():
         ee_subject = x509.Name(
             [x509.NameAttribute(NameOID.ORGANIZATION_NAME, name + " test")]
@@ -664,13 +668,18 @@ def _cert_path(cert_type: str) -> str:
             issuer_name=issuer_subject,
         )
 
+        rpk_pub_key = private_key.public_key().public_bytes(
+            Encoding.DER, PublicFormat.SubjectPublicKeyInfo
+        )
+        write_der(_rpk_path(name), rpk_pub_key, force)
         write_der(_cert_path(name), certificate.public_bytes(Encoding.DER), force)
 
     def _test(
         test_name: str, cert_type: str, algorithm: str, signature: bytes, expected: str
     ) -> None:
         nonlocal message_path
         cert_path: str = _cert_path(cert_type)
+        rpk_path: str = _rpk_path(cert_type)
         lower_test_name: str = test_name.lower()
 
         sig_path: str = os.path.join(output_dir, f"{lower_test_name}.sig.bin")
@@ -694,6 +703,23 @@ def _test(
             file=output,
         )
 
+        print(
+            """
+#[test]
+#[cfg(%(feature_gate)s)]
+fn %(lower_test_name)s_rpk() {
+    let rpk = include_bytes!("%(rpk_path)s");
+    let message = include_bytes!("%(message_path)s");
+    let signature = include_bytes!("%(sig_path)s");
+    assert_eq!(
+        check_sig_rpk(rpk, %(algorithm)s, message, signature),
+        %(expected)s
+    );
+}"""
+            % locals(),
+            file=output,
+        )
+
     def good_signature(
         test_name: str, cert_type: str, algorithm: str, signer: SIGNER
     ) -> None: