From 0b1bb9de275fb64efe03ed85da1838e73ab231c0 Mon Sep 17 00:00:00 2001 From: Nils Hanke Date: Wed, 21 Sep 2022 16:05:25 +0000 Subject: [PATCH] Remove unit test, add integration test for unsupported imports --- ego/cli/elf_test.go | 94 ------------------------- ego/cmd/unsupported-import-test/go.mod | 10 +++ ego/cmd/unsupported-import-test/go.sum | 11 +++ ego/cmd/unsupported-import-test/main.go | 13 ++++ src/integration_test.sh | 9 +++ 5 files changed, 43 insertions(+), 94 deletions(-) create mode 100644 ego/cmd/unsupported-import-test/go.mod create mode 100644 ego/cmd/unsupported-import-test/go.sum create mode 100644 ego/cmd/unsupported-import-test/main.go diff --git a/ego/cli/elf_test.go b/ego/cli/elf_test.go index f46c9ff..2c1b285 100644 --- a/ego/cli/elf_test.go +++ b/ego/cli/elf_test.go @@ -8,10 +8,6 @@ package cli import ( "encoding/json" - "io/ioutil" - "os" - "os/exec" - "path/filepath" "testing" "ego/config" @@ -108,93 +104,3 @@ func TestEmbedConfigAsPayload(t *testing.T) { assert.NotEqualValues(jsonData, reconstructedJSON) assert.EqualValues(jsonNewData, reconstructedJSON) } - -func TestCheckUnsupportedImports(t *testing.T) { - // create an unsigned EGo executable - elfBadImport := func() []byte { - const outFile = "bad-import" - const srcFile = outFile + ".go" - - goroot, err := filepath.Abs(filepath.Join("..", "..", "_ertgo")) - if err != nil { - panic(err) - } - - dir, err := ioutil.TempDir("", "") - if err != nil { - panic(err) - } - defer os.RemoveAll(dir) - - // Create go.mod & go.sum - const goMod = `module example.com/bad-import - - go 1.18 - - require github.com/edgelesssys/ego v1.0.1 - - require ( - golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa // indirect - gopkg.in/square/go-jose.v2 v2.6.0 // indirect - ) - ` - if err := ioutil.WriteFile(filepath.Join(dir, "go.mod"), []byte(goMod), 0o400); err != nil { - panic(err) - } - - const goSum = `github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= - github.com/edgelesssys/ego v1.0.1 h1:EZMW7ppQr1Iliv18DIxGIBUmBOWqUmq/RWQ61HW16zE= - github.com/edgelesssys/ego v1.0.1/go.mod h1:iO7G4U9XISd1XqeqzlzKYvGlFDMLJau+mBvJDjq45x8= - github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg= - github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= - github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk= - golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa h1:zuSxTR4o9y82ebqCUJYNGJbGPo6sKVl54f/TVDObg1c= - golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= - gopkg.in/square/go-jose.v2 v2.6.0 h1:NGk74WTnPKBNUhNzQX7PYcTLUjoq7mzKk2OKbvwk2iI= - gopkg.in/square/go-jose.v2 v2.6.0/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= - gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= -` - - if err := ioutil.WriteFile(filepath.Join(dir, "go.sum"), []byte(goSum), 0o400); err != nil { - panic(err) - } - - // write minimal source file - const src = `package main;import "github.com/edgelesssys/ego/eclient";func main(){eclient.VerifyRemoteReport([]byte{})}` - - if err := ioutil.WriteFile(filepath.Join(dir, srcFile), []byte(src), 0o400); err != nil { - panic(err) - } - - // compile - cmd := exec.Command(filepath.Join(goroot, "bin", "go"), "build", srcFile) - cmd.Dir = dir - cmd.Env = append(os.Environ(), "GOROOT="+goroot) - cmd.Stdout = os.Stdout - cmd.Stderr = os.Stderr - if err := cmd.Run(); err != nil { - panic(err) - } - - // read resulting executable - data, err := ioutil.ReadFile(filepath.Join(dir, outFile)) - if err != nil { - panic(err) - } - - return data - }() - - assert := assert.New(t) - require := require.New(t) - - fs := afero.Afero{Fs: afero.NewMemMapFs()} - runner := signRunner{fs: fs} - cli := NewCli(&runner, fs) - - require.NoError(afero.WriteFile(fs, "hello", elfUnsigned, 0o755)) - require.NoError(afero.WriteFile(fs, "badImport", elfBadImport, 0o755)) - - assert.NoError(cli.checkUnsupportedImports("hello")) - assert.ErrorContains(cli.checkUnsupportedImports("badImport"), "unsupported import") -} diff --git a/ego/cmd/unsupported-import-test/go.mod b/ego/cmd/unsupported-import-test/go.mod new file mode 100644 index 0000000..c06d107 --- /dev/null +++ b/ego/cmd/unsupported-import-test/go.mod @@ -0,0 +1,10 @@ +module example.com/bad-import + +go 1.18 + +require github.com/edgelesssys/ego v1.0.1 + +require ( + golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa // indirect + gopkg.in/square/go-jose.v2 v2.6.0 // indirect +) diff --git a/ego/cmd/unsupported-import-test/go.sum b/ego/cmd/unsupported-import-test/go.sum new file mode 100644 index 0000000..b5afa1e --- /dev/null +++ b/ego/cmd/unsupported-import-test/go.sum @@ -0,0 +1,11 @@ +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/edgelesssys/ego v1.0.1 h1:EZMW7ppQr1Iliv18DIxGIBUmBOWqUmq/RWQ61HW16zE= +github.com/edgelesssys/ego v1.0.1/go.mod h1:iO7G4U9XISd1XqeqzlzKYvGlFDMLJau+mBvJDjq45x8= +github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk= +golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa h1:zuSxTR4o9y82ebqCUJYNGJbGPo6sKVl54f/TVDObg1c= +golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +gopkg.in/square/go-jose.v2 v2.6.0 h1:NGk74WTnPKBNUhNzQX7PYcTLUjoq7mzKk2OKbvwk2iI= +gopkg.in/square/go-jose.v2 v2.6.0/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= diff --git a/ego/cmd/unsupported-import-test/main.go b/ego/cmd/unsupported-import-test/main.go new file mode 100644 index 0000000..d9afaad --- /dev/null +++ b/ego/cmd/unsupported-import-test/main.go @@ -0,0 +1,13 @@ +// Copyright (c) Edgeless Systems GmbH. +// +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this +// file, You can obtain one at https://mozilla.org/MPL/2.0/. + +package main + +import "github.com/edgelesssys/ego/eclient" + +func main() { + eclient.VerifyRemoteReport([]byte{}) +} diff --git a/src/integration_test.sh b/src/integration_test.sh index dbeca96..3227765 100755 --- a/src/integration_test.sh +++ b/src/integration_test.sh @@ -10,6 +10,7 @@ onexit() fi rm -r $tPath rm -r /tmp/ego-integration-test + rm -r /tmp/ego-unsupported-import-test } trap onexit EXIT @@ -47,3 +48,11 @@ run ego-go build -o /tmp/ego-integration-test/integration-test cd /tmp/ego-integration-test run ego sign run ego run integration-test + +# Test unsupported import detection on sign & run +mkdir -p /tmp/ego-unsupported-import-test +cd $egoPath/ego/cmd/unsupported-import-test +run ego-go build -o /tmp/ego-unsupported-import-test/unsupported-import +cd /tmp/ego-unsupported-import-test +run ego sign unsupported-import |& grep "unsupported import" +run ego run unsupported-import |& grep "unsupported import"