diff options
| author | Christian Grothoff <christian@grothoff.org> | 2021-04-16 15:32:15 +0200 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2021-04-16 15:32:15 +0200 |
| commit | 7d425da40e2500456caab083518b889921945356 (patch) | |
| tree | 4a0f624d3429c23f4a9623bcc892d54bf6923ba9 | |
| parent | 2021641450d905b8c5b6a50fce870b1832da2ae5 (diff) | |
add test foer #6836
| -rw-r--r-- | src/testing/Makefile.am | 5 | ||||
| -rw-r--r-- | src/testing/test_key_rotation.conf | 81 | ||||
| -rwxr-xr-x | src/testing/test_key_rotation.sh | 111 |
3 files changed, 120 insertions, 77 deletions
diff --git a/src/testing/Makefile.am b/src/testing/Makefile.am index 67d808cc..21551bf9 100644 --- a/src/testing/Makefile.am +++ b/src/testing/Makefile.am @@ -139,7 +139,10 @@ EXTRA_DIST = \ test_merchant_api_proxy_exchange.conf \ test_merchant_api_home/.local/share/taler/exchange/offline-keys/master.priv \ test_merchant_api_home/.config/taler/exchange/account-2.json \ - test_merchant.priv + test_merchant.priv \ + test_key_rotation.sh \ + test_key_rotation.conf + MOSTLYCLEANFILES = \ test_merchant_api_home/.local/share/taler/exchange/offline-keys/secm_tofus.pub diff --git a/src/testing/test_key_rotation.conf b/src/testing/test_key_rotation.conf index 22d04dc4..6c72acaf 100644 --- a/src/testing/test_key_rotation.conf +++ b/src/testing/test_key_rotation.conf @@ -19,14 +19,14 @@ UNIXPATH_MODE = 660 PORT = 8081 BASE_URL = http://localhost:8081/ SIGNKEY_DURATION = 30 s -SIGNKEY_LEGAL_DURATION = 15 m +SIGNKEY_LEGAL_DURATION = 240 s KEYDIR = ${TALER_DATA_HOME}/exchange/live-keys/ REVOCATION_DIR = ${TALER_DATA_HOME}/exchange/revocations/ TERMS_ETAG = 0 PRIVACY_ETAG = 0 [taler-exchange-secmod-eddsa] -OVERLAP_DURATION = 5 s +OVERLAP_DURATION = 2 s KEY_DIR = ${TALER_DATA_HOME}/crypto-eddsa/ UNIXPATH = $TALER_RUNTIME_DIR/taler-exchange-secmod-eddsa.sock SM_PRIV_KEY = ${TALER_DATA_HOME}/taler-exchange-secmod-eddsa/.private-key @@ -34,7 +34,7 @@ LOOKAHEAD_SIGN = 60 s DURATION = 30 s [taler-exchange-secmod-rsa] -OVERLAP_DURATION = 5 s +OVERLAP_DURATION = 2 s KEY_DIR = ${TALER_DATA_HOME}/crypto-rsa/ UNIXPATH = $TALER_RUNTIME_DIR/taler-exchange-secmod-rsa.sock SM_PRIV_KEY = ${TALER_DATA_HOME}/taler-exchange-secmod-rsa/.private-key @@ -110,9 +110,9 @@ exchange = http://localhost:8081/ [coin_kudos_ct_1] value = TESTKUDOS:0.01 -duration_withdraw = 30 s -duration_spend = 5 m -duration_legal = 15 m +duration_withdraw = 10 s +duration_spend = 60 s +duration_legal = 2 m fee_withdraw = TESTKUDOS:0.01 fee_deposit = TESTKUDOS:0.01 fee_refresh = TESTKUDOS:0.01 @@ -121,77 +121,22 @@ rsa_keysize = 1024 [coin_kudos_ct_10] value = TESTKUDOS:0.10 -duration_withdraw = 30 s -duration_spend = 5 m -duration_legal = 15 m +duration_withdraw = 10 s +duration_spend = 60 s +duration_legal = 2 m fee_withdraw = TESTKUDOS:0.01 fee_deposit = TESTKUDOS:0.01 fee_refresh = TESTKUDOS:0.03 fee_refund = TESTKUDOS:0.01 rsa_keysize = 1024 -[coin_kudos_1] +[coin_kudos_50] value = TESTKUDOS:1 -duration_withdraw = 30 s -duration_spend = 5 m -duration_legal = 15 m +duration_withdraw = 10 s +duration_spend = 60 s +duration_legal = 2 m fee_withdraw = TESTKUDOS:0.02 fee_deposit = TESTKUDOS:0.02 fee_refresh = TESTKUDOS:0.03 fee_refund = TESTKUDOS:0.01 rsa_keysize = 1024 - -[coin_kudos_2] -value = TESTKUDOS:2 -duration_withdraw = 30 s -duration_spend = 5 m -duration_legal = 15 m -fee_withdraw = TESTKUDOS:0.03 -fee_deposit = TESTKUDOS:0.03 -fee_refresh = TESTKUDOS:0.04 -fee_refund = TESTKUDOS:0.02 -rsa_keysize = 1024 - -[coin_kudos_4] -value = TESTKUDOS:4 -duration_withdraw = 30 s -duration_spend = 5 m -duration_legal = 15 m -fee_withdraw = TESTKUDOS:0.03 -fee_deposit = TESTKUDOS:0.03 -fee_refresh = TESTKUDOS:0.04 -fee_refund = TESTKUDOS:0.02 -rsa_keysize = 1024 - -[coin_kudos_5] -value = TESTKUDOS:5 -duration_withdraw = 30 s -duration_spend = 5 m -duration_legal = 15 m -fee_withdraw = TESTKUDOS:0.01 -fee_deposit = TESTKUDOS:0.01 -fee_refresh = TESTKUDOS:0.03 -fee_refund = TESTKUDOS:0.01 -rsa_keysize = 1024 - -[coin_kudos_8] -value = TESTKUDOS:8 -duration_withdraw = 30 s -duration_spend = 5 m -duration_legal = 15 m -fee_withdraw = TESTKUDOS:0.05 -fee_deposit = TESTKUDOS:0.02 -fee_refresh = TESTKUDOS:0.03 -fee_refund = TESTKUDOS:0.04 -rsa_keysize = 1024 - -[coin_kudos_10] -value = TESTKUDOS:10 -duration_withdraw = 30 s -duration_spend = 5 m -duration_legal = 15 m -fee_withdraw = TESTKUDOS:0.01 -fee_deposit = TESTKUDOS:0.01 -fee_refresh = TESTKUDOS:0.03 -fee_refund = TESTKUDOS:0.01 -rsa_keysize = 1024 diff --git a/src/testing/test_key_rotation.sh b/src/testing/test_key_rotation.sh index ad5d4ae4..05d1eb83 100755 --- a/src/testing/test_key_rotation.sh +++ b/src/testing/test_key_rotation.sh @@ -1,5 +1,12 @@ #!/bin/bash # This file is in the public domain. +# +# Note that this test is intentionally NOT run as part of the standard test +# suite, because it is awfully slow (due to necessary 'wait' operations) and +# may even hang on slower computers (with the wallet trying to withdraw and +# failing because all keys have expired) due to the relatively short timeouts +# involved. +# ## Coloring style Text shell script COLOR='\033[0;35m' NOCOLOR='\033[0m' @@ -195,6 +202,18 @@ ORDER_2=`curl -s -H "Content-Type: application/json" -X POST \ | jq -er '.order_id'` PAY2=taler+http://pay/localhost:9966/${ORDER_2}/ +ORDER_3=`curl -s -H "Content-Type: application/json" -X POST \ + http://localhost:9966/private/orders \ + -d '{"create_token":false, "order":{"amount":"TESTKUDOS:0.01","summary":"Minimal test order #3"}}' \ + | jq -er '.order_id'` +PAY3=taler+http://pay/localhost:9966/${ORDER_3}/ + +ORDER_4=`curl -s -H "Content-Type: application/json" -X POST \ + http://localhost:9966/private/orders \ + -d '{"create_token":false, "order":{"amount":"TESTKUDOS:0.01","summary":"Minimal test order #4"}}' \ + | jq -er '.order_id'` +PAY4=taler+http://pay/localhost:9966/${ORDER_4}/ + if [ "$STATUS" != "204" ] then @@ -212,7 +231,7 @@ export EXCHANGE_URL export WALLET_DB echo -n "Setting up keys ..." -taler-exchange-offline -c $CONF \ +taler-exchange-offline -L INFO -c $CONF \ download \ sign \ enable-account payto://x-taler-bank/localhost/Exchange \ @@ -240,7 +259,7 @@ fi echo " OK" echo -n "Setting up auditor signatures ..." -taler-auditor-offline -c $CONF \ +taler-auditor-offline -L INFO -c $CONF \ download sign upload &> taler-auditor-offline.log echo " OK" @@ -265,16 +284,17 @@ echo -n "Pay first order ..." taler-wallet-cli --no-throttle --wallet-db=$WALLET_DB handle-uri ${PAY1} -y 2> wallet-pay1.err > wallet-pay1.log echo " OK" -echo -n "Wait for old keys to definitively expire..." -sleep 60 +echo -n "Wait for keys to rotate, but not ALL to expire..." +sleep 20 echo " OK" + echo -n "Updating keys ..." -taler-exchange-offline -c $CONF \ +taler-exchange-offline -L INFO -c $CONF \ download \ sign \ upload &> taler-exchange-offline-2.log -taler-auditor-offline -c $CONF \ +taler-auditor-offline -L INFO -c $CONF \ download sign upload &> taler-auditor-offline-2.log echo " OK" @@ -289,8 +309,8 @@ taler-wallet-cli --no-throttle --wallet-db=$WALLET_DB api 'withdrawTestBalance' }' \ --arg BANK_URL "$BANK_URL" \ --arg EXCHANGE_URL "$EXCHANGE_URL" - )" 2> /dev/null >/dev/null -taler-wallet-cli --wallet-db=$WALLET_DB run-until-done 2>/dev/null >/dev/null + )" 2>wallet-withdraw-2.err >wallet-withdraw-2.out +taler-wallet-cli --wallet-db=$WALLET_DB run-until-done 2>wallet-withdraw-finish-2.err >wallet-withdraw-finish-2.out echo " OK" echo -n "Pay second order ..." @@ -298,6 +318,81 @@ taler-wallet-cli --no-throttle --wallet-db=$WALLET_DB handle-uri ${PAY2} -y 2> w echo " OK" +echo -n "Wait for keys to rotate, and original ones to expire..." +sleep 60 +echo " OK" + +date +echo -n "Updating keys ..." +taler-exchange-offline -c $CONF \ + download > taler-exchange-offline-download-3.log +taler-exchange-offline -c $CONF \ + download sign > taler-exchange-offline-sign-3.log +taler-exchange-offline -L INFO -c $CONF \ + download \ + sign \ + upload &> taler-exchange-offline-3.log +taler-auditor-offline -L INFO -c $CONF \ + download sign upload &> taler-auditor-offline-3.log +echo " OK" + +echo -n "Third withdraw wallet" +rm $WALLET_DB +taler-wallet-cli --no-throttle --wallet-db=$WALLET_DB api 'withdrawTestBalance' \ + "$(jq -n ' + { + amount: "TESTKUDOS:1", + bankBaseUrl: $BANK_URL, + exchangeBaseUrl: $EXCHANGE_URL + }' \ + --arg BANK_URL "$BANK_URL" \ + --arg EXCHANGE_URL "$EXCHANGE_URL" + )" 2>wallet-withdraw-3.err >wallet-withdraw-3.out + +echo " OK" +date +echo -n "Waiting for wallet to finish ..." +taler-wallet-cli --wallet-db=$WALLET_DB run-until-done 2>wallet-withdraw-finish-3.err >wallet-withdraw-finish-3.out +echo " OK" + +echo -n "Pay third order ..." +taler-wallet-cli --no-throttle --wallet-db=$WALLET_DB handle-uri ${PAY3} -y 2> wallet-pay3.err > wallet-pay3.log +echo " OK" + + +echo -n "Wait for everything to expire..." +sleep 120 +echo " OK" + +echo -n "Updating keys ..." +taler-exchange-offline -L INFO -c $CONF \ + download \ + sign \ + upload &> taler-exchange-offline-4.log +taler-auditor-offline -L INFO -c $CONF \ + download sign upload &> taler-auditor-offline-4.log +echo " OK" + +echo -n "Fourth withdraw wallet" +rm $WALLET_DB +taler-wallet-cli --no-throttle --wallet-db=$WALLET_DB api 'withdrawTestBalance' \ + "$(jq -n ' + { + amount: "TESTKUDOS:1", + bankBaseUrl: $BANK_URL, + exchangeBaseUrl: $EXCHANGE_URL + }' \ + --arg BANK_URL "$BANK_URL" \ + --arg EXCHANGE_URL "$EXCHANGE_URL" + )" 2>wallet-withdraw-4.err >wallet-withdraw-4.out +taler-wallet-cli --wallet-db=$WALLET_DB run-until-done 2>wallet-withdraw-finish-4.err >wallet-withdraw-finish-4.out +echo " OK" + +echo -n "Pay fourth order ..." +taler-wallet-cli --no-throttle --wallet-db=$WALLET_DB handle-uri ${PAY4} -y 2> wallet-pay4.err > wallet-pay4.log +echo " OK" + + exit 0 |