Skip to content

Commit

Permalink
Nonce: Simplify Nonce Redeemer testing (#6740)
Browse files Browse the repository at this point in the history 
Implements three nonce redeemer clients that are either valid, invalid,
or broken.

Fixes #6701
  • Loading branch information
@pgporada
pgporada committed Mar 13, 2023
1 parent b9f0fe0 commit db9b247
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 27 deletions.
2 changes: 1 addition & 1 deletion nonce/nonce.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -360,7 +360,7 @@ type Getter interface {
Nonce(ctx context.Context, in *emptypb.Empty, opts ...grpc.CallOption) (*noncepb.NonceMessage, error)
}

// Getter is an interface for an RPC client that can redeem a nonce.
// Redeemer is an interface for an RPC client that can redeem a nonce.
type Redeemer interface {
Redeem(ctx context.Context, in *noncepb.NonceMessage, opts ...grpc.CallOption) (*noncepb.ValidMessage, error)
}
Expand Down
45 changes: 19 additions & 26 deletions nonce/nonce_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@ import (
noncepb "github.com/letsencrypt/boulder/nonce/proto"
"github.com/letsencrypt/boulder/test"
"google.golang.org/grpc"
"google.golang.org/protobuf/types/known/emptypb"
)

func TestValidNonce(t *testing.T) {
Expand Down Expand Up @@ -142,16 +141,22 @@ func TestNoncePrefixing(t *testing.T) {
test.Assert(t, !ns.Valid(n[6:]), "Valid nonce without prefix accepted")
}

type malleableNonceClient struct {
redeem func(ctx context.Context, in *noncepb.NonceMessage, opts ...grpc.CallOption) (*noncepb.ValidMessage, error)
type validRedeemer struct{}

func (vr *validRedeemer) Redeem(ctx context.Context, in *noncepb.NonceMessage, _ ...grpc.CallOption) (*noncepb.ValidMessage, error) {
return &noncepb.ValidMessage{Valid: true}, nil
}

func (mnc *malleableNonceClient) Redeem(ctx context.Context, in *noncepb.NonceMessage, opts ...grpc.CallOption) (*noncepb.ValidMessage, error) {
return mnc.redeem(ctx, in, opts...)
type invalidRedeemer struct{}

func (ivr *invalidRedeemer) Redeem(ctx context.Context, in *noncepb.NonceMessage, _ ...grpc.CallOption) (*noncepb.ValidMessage, error) {
return &noncepb.ValidMessage{Valid: false}, nil
}

func (mnc *malleableNonceClient) Nonce(ctx context.Context, in *emptypb.Empty, opts ...grpc.CallOption) (*noncepb.NonceMessage, error) {
return nil, errors.New("unimplemented")
type brokenRedeemer struct{}

func (br *brokenRedeemer) Redeem(ctx context.Context, in *noncepb.NonceMessage, _ ...grpc.CallOption) (*noncepb.ValidMessage, error) {
return nil, errors.New("broken redeemer!")
}

func TestRemoteRedeem(t *testing.T) {
Expand All @@ -163,16 +168,8 @@ func TestRemoteRedeem(t *testing.T) {
test.Assert(t, !valid, "RemoteRedeem accepted an empty nonce")

prefixMap := map[string]Redeemer{
"abcd": &malleableNonceClient{
redeem: func(ctx context.Context, in *noncepb.NonceMessage, opts ...grpc.CallOption) (*noncepb.ValidMessage, error) {
return nil, errors.New("wrong one!")
},
},
"wxyz": &malleableNonceClient{
redeem: func(ctx context.Context, in *noncepb.NonceMessage, opts ...grpc.CallOption) (*noncepb.ValidMessage, error) {
return &noncepb.ValidMessage{Valid: false}, nil
},
},
"abcd": &brokenRedeemer{},
"wxyz": &invalidRedeemer{},
}
// Attempt to redeem a nonce with a prefix not in the prefix map, expect return false, nil
valid, err = RemoteRedeem(context.Background(), prefixMap, "asddCQEC")
Expand All @@ -184,19 +181,15 @@ func TestRemoteRedeem(t *testing.T) {
_, err = RemoteRedeem(context.Background(), prefixMap, "abcdbeef")
test.AssertError(t, err, "RemoteRedeem didn't return error when remote did")

// Attempt to redeem a nonce with a prefix in the prefix map, remote returns valid
// expect true, nil
// Attempt to redeem a nonce with a prefix in the prefix map, remote returns invalid
// expect false, nil
valid, err = RemoteRedeem(context.Background(), prefixMap, "wxyzdead")
test.AssertNotError(t, err, "RemoteRedeem failed")
test.Assert(t, !valid, "RemoteRedeem didn't honor remote result")

// Attempt to redeem a nonce with a prefix in the prefix map, remote returns invalid
// expect false, nil
prefixMap["wxyz"] = &malleableNonceClient{
redeem: func(ctx context.Context, in *noncepb.NonceMessage, opts ...grpc.CallOption) (*noncepb.ValidMessage, error) {
return &noncepb.ValidMessage{Valid: true}, nil
},
}
// Attempt to redeem a nonce with a prefix in the prefix map, remote returns valid
// expect true, nil
prefixMap["wxyz"] = &validRedeemer{}
valid, err = RemoteRedeem(context.Background(), prefixMap, "wxyzdead")
test.AssertNotError(t, err, "RemoteRedeem failed")
test.Assert(t, valid, "RemoteRedeem didn't honor remote result")
Expand Down

0 comments on commit db9b247

Please sign in to comment.