lints: better test utils, avoid accessing lint.Lints directly (#364)

* testlint: remove unused testDef dir/json data * testlint: move prepend_openssl.sh to test/ * test: update paths in prepend_testcerts_openssl.sh * testlint: move all test certs to testdata/ * test: fix helpers.go package/paths * lints: refactor all lints to use new test helpers. This avoids needing to access `lint.Lints` (soon to be un-exported) and also removes a lot of duplication (particularly of test data paths).
zmap · Jan 17, 2020 · 2cce203 · 2cce203
1 parent 566701e
commit 2cce203
Show file tree

Hide file tree

Showing 844 changed files with 1,409 additions and 1,411 deletions.
diff --git a/lint/base_test.go b/lint/base_test.go
@@ -18,7 +18,7 @@ import (
 	"testing"
 	"time"
 
-	"github.com/zmap/zlint/util"
+	"github.com/zmap/zcrypto/x509"
 )
 
 func TestAllLintsHaveNameDescriptionSource(t *testing.T) {
@@ -44,8 +44,10 @@ func TestAllLintsHaveSource(t *testing.T) {
 }
 
 func TestLintCheckEffective(t *testing.T) {
+	c := &x509.Certificate{
+		NotBefore: time.Now(),
+	}
 	l := Lint{}
-	c := util.ReadCertificate("../testlint/testCerts/caBasicConstCrit.pem")
 
 	l.EffectiveDate = time.Time{}
 	if l.CheckEffective(c) != true {

diff --git a/lints/apple/lint_ct_sct_policy_count_unsatisfied_test.go b/lints/apple/lint_ct_sct_policy_count_unsatisfied_test.go
@@ -15,11 +15,10 @@
 package apple
 
 import (
-	"fmt"
 	"testing"
 
 	"github.com/zmap/zlint/lint"
-	"github.com/zmap/zlint/util"
+	"github.com/zmap/zlint/test"
 )
 
 func TestSCTCountPolicyUnsatisified(t *testing.T) {
@@ -104,8 +103,7 @@ func TestSCTCountPolicyUnsatisified(t *testing.T) {
 
 	for _, tc := range testCases {
 		t.Run(tc.Name, func(t *testing.T) {
-			inputPath := fmt.Sprintf("%s%s", util.TestCaseDir, tc.Filename)
-			result := lint.Lints["w_ct_sct_policy_count_unsatisfied"].Execute(util.ReadCertificate(inputPath))
+			result := test.TestLint("w_ct_sct_policy_count_unsatisfied", tc.Filename)
 			if result.Status != tc.ExpectedResult {
 				t.Errorf("expected result %v was %v", tc.ExpectedResult, result.Status)
 			}

diff --git a/lints/cabf_br/lint_ca_common_name_missing_test.go b/lints/cabf_br/lint_ca_common_name_missing_test.go
@@ -18,22 +18,22 @@ import (
 	"testing"
 
 	"github.com/zmap/zlint/lint"
-	"github.com/zmap/zlint/util"
+	"github.com/zmap/zlint/test"
 )
 
 func TestCaCommonNameMissing(t *testing.T) {
-	inputPath := "../../testlint/testCerts/caCommonNameMissing.pem"
+	inputPath := "caCommonNameMissing.pem"
 	expected := lint.Error
-	out := lint.Lints["e_ca_common_name_missing"].Execute(util.ReadCertificate(inputPath))
+	out := test.TestLint("e_ca_common_name_missing", inputPath)
 	if out.Status != expected {
 		t.Errorf("%s: expected %s, got %s", inputPath, expected, out.Status)
 	}
 }
 
 func TestCaCommonNameNotMissing(t *testing.T) {
-	inputPath := "../../testlint/testCerts/caCommonNameNotMissing.pem"
+	inputPath := "caCommonNameNotMissing.pem"
 	expected := lint.Pass
-	out := lint.Lints["e_ca_common_name_missing"].Execute(util.ReadCertificate(inputPath))
+	out := test.TestLint("e_ca_common_name_missing", inputPath)
 	if out.Status != expected {
 		t.Errorf("%s: expected %s, got %s", inputPath, expected, out.Status)
 	}

diff --git a/lints/cabf_br/lint_ca_country_name_invalid_test.go b/lints/cabf_br/lint_ca_country_name_invalid_test.go
@@ -18,22 +18,22 @@ import (
 	"testing"
 
 	"github.com/zmap/zlint/lint"
-	"github.com/zmap/zlint/util"
+	"github.com/zmap/zlint/test"
 )
 
 func TestCaCountryNameInvalid(t *testing.T) {
-	inputPath := "../../testlint/testCerts/caInvalCountryCode.pem"
+	inputPath := "caInvalCountryCode.pem"
 	expected := lint.Error
-	out := lint.Lints["e_ca_country_name_invalid"].Execute(util.ReadCertificate(inputPath))
+	out := test.TestLint("e_ca_country_name_invalid", inputPath)
 	if out.Status != expected {
 		t.Errorf("%s: expected %s, got %s", inputPath, expected, out.Status)
 	}
 }
 
 func TestCaCountryNameValid(t *testing.T) {
-	inputPath := "../../testlint/testCerts/caValCountry.pem"
+	inputPath := "caValCountry.pem"
 	expected := lint.Pass
-	out := lint.Lints["e_ca_country_name_invalid"].Execute(util.ReadCertificate(inputPath))
+	out := test.TestLint("e_ca_country_name_invalid", inputPath)
 	if out.Status != expected {
 		t.Errorf("%s: expected %s, got %s", inputPath, expected, out.Status)
 	}

diff --git a/lints/cabf_br/lint_ca_country_name_missing_test.go b/lints/cabf_br/lint_ca_country_name_missing_test.go
@@ -18,7 +18,7 @@ import (
 	"testing"
 
 	"github.com/zmap/zlint/lint"
-	"github.com/zmap/zlint/util"
+	"github.com/zmap/zlint/test"
 )
 
 /************************************************
@@ -30,18 +30,18 @@ in which the CA’s place	of business	is located.
 ************************************************/
 
 func TestCaCountryNameMissing(t *testing.T) {
-	inputPath := "../../testlint/testCerts/caBlankCountry.pem"
+	inputPath := "caBlankCountry.pem"
 	expected := lint.Error
-	out := lint.Lints["e_ca_country_name_missing"].Execute(util.ReadCertificate(inputPath))
+	out := test.TestLint("e_ca_country_name_missing", inputPath)
 	if out.Status != expected {
 		t.Errorf("%s: expected %s, got %s", inputPath, expected, out.Status)
 	}
 }
 
 func TestCaCountryNamePresent(t *testing.T) {
-	inputPath := "../../testlint/testCerts/caValCountry.pem"
+	inputPath := "caValCountry.pem"
 	expected := lint.Pass
-	out := lint.Lints["e_ca_country_name_missing"].Execute(util.ReadCertificate(inputPath))
+	out := test.TestLint("e_ca_country_name_missing", inputPath)
 	if out.Status != expected {
 		t.Errorf("%s: expected %s, got %s", inputPath, expected, out.Status)
 	}

diff --git a/lints/cabf_br/lint_ca_crl_sign_not_set_test.go b/lints/cabf_br/lint_ca_crl_sign_not_set_test.go
@@ -18,22 +18,22 @@ import (
 	"testing"
 
 	"github.com/zmap/zlint/lint"
-	"github.com/zmap/zlint/util"
+	"github.com/zmap/zlint/test"
 )
 
 func TestCaKeyUsageNoCRLSign(t *testing.T) {
-	inputPath := "../../testlint/testCerts/caKeyUsageNoCRL.pem"
+	inputPath := "caKeyUsageNoCRL.pem"
 	expected := lint.Error
-	out := lint.Lints["e_ca_crl_sign_not_set"].Execute(util.ReadCertificate(inputPath))
+	out := test.TestLint("e_ca_crl_sign_not_set", inputPath)
 	if out.Status != expected {
 		t.Errorf("%s: expected %s, got %s", inputPath, expected, out.Status)
 	}
 }
 
 func TestKeyUsageCRLSign(t *testing.T) {
-	inputPath := "../../testlint/testCerts/caKeyUsageCrit.pem"
+	inputPath := "caKeyUsageCrit.pem"
 	expected := lint.Pass
-	out := lint.Lints["e_ca_crl_sign_not_set"].Execute(util.ReadCertificate(inputPath))
+	out := test.TestLint("e_ca_crl_sign_not_set", inputPath)
 	if out.Status != expected {
 		t.Errorf("%s: expected %s, got %s", inputPath, expected, out.Status)
 	}

diff --git a/lints/cabf_br/lint_ca_digital_signature_not_set_test.go b/lints/cabf_br/lint_ca_digital_signature_not_set_test.go
@@ -18,22 +18,22 @@ import (
 	"testing"
 
 	"github.com/zmap/zlint/lint"
-	"github.com/zmap/zlint/util"
+	"github.com/zmap/zlint/test"
 )
 
 func TestCaKeyUsageNoDigSign(t *testing.T) {
-	inputPath := "../../testlint/testCerts/caKeyUsageNoCertSign.pem"
+	inputPath := "caKeyUsageNoCertSign.pem"
 	expected := lint.Notice
-	out := lint.Lints["n_ca_digital_signature_not_set"].Execute(util.ReadCertificate(inputPath))
+	out := test.TestLint("n_ca_digital_signature_not_set", inputPath)
 	if out.Status != expected {
 		t.Errorf("%s: expected %s, got %s", inputPath, expected, out.Status)
 	}
 }
 
 func TestKeyUsageDigSign(t *testing.T) {
-	inputPath := "../../testlint/testCerts/caKeyUsageWDigSign.pem"
+	inputPath := "caKeyUsageWDigSign.pem"
 	expected := lint.Pass
-	out := lint.Lints["n_ca_digital_signature_not_set"].Execute(util.ReadCertificate(inputPath))
+	out := test.TestLint("n_ca_digital_signature_not_set", inputPath)
 	if out.Status != expected {
 		t.Errorf("%s: expected %s, got %s", inputPath, expected, out.Status)
 	}

diff --git a/lints/cabf_br/lint_ca_is_ca_test.go b/lints/cabf_br/lint_ca_is_ca_test.go
@@ -18,22 +18,22 @@ import (
 	"testing"
 
 	"github.com/zmap/zlint/lint"
-	"github.com/zmap/zlint/util"
+	"github.com/zmap/zlint/test"
 )
 
 func TestKeyCertSignNotCA(t *testing.T) {
-	inputPath := "../../testlint/testCerts/keyCertSignNotCA.pem"
+	inputPath := "keyCertSignNotCA.pem"
 	expected := lint.Error
-	out := lint.Lints["e_ca_is_ca"].Execute(util.ReadCertificate(inputPath))
+	out := test.TestLint("e_ca_is_ca", inputPath)
 	if out.Status != expected {
 		t.Errorf("%s: expected %s, got %s", inputPath, expected, out.Status)
 	}
 }
 
 func TestKeyCertSignCA(t *testing.T) {
-	inputPath := "../../testlint/testCerts/keyCertSignCA.pem"
+	inputPath := "keyCertSignCA.pem"
 	expected := lint.Pass
-	out := lint.Lints["e_ca_is_ca"].Execute(util.ReadCertificate(inputPath))
+	out := test.TestLint("e_ca_is_ca", inputPath)
 	if out.Status != expected {
 		t.Errorf("%s: expected %s, got %s", inputPath, expected, out.Status)
 	}

diff --git a/lints/cabf_br/lint_ca_key_cert_sign_not_set_test.go b/lints/cabf_br/lint_ca_key_cert_sign_not_set_test.go
@@ -18,22 +18,22 @@ import (
 	"testing"
 
 	"github.com/zmap/zlint/lint"
-	"github.com/zmap/zlint/util"
+	"github.com/zmap/zlint/test"
 )
 
 func TestCaKeyUsageNoCertSign(t *testing.T) {
-	inputPath := "../../testlint/testCerts/caKeyUsageNoCertSign.pem"
+	inputPath := "caKeyUsageNoCertSign.pem"
 	expected := lint.Error
-	out := lint.Lints["e_ca_key_cert_sign_not_set"].Execute(util.ReadCertificate(inputPath))
+	out := test.TestLint("e_ca_key_cert_sign_not_set", inputPath)
 	if out.Status != expected {
 		t.Errorf("%s: expected %s, got %s", inputPath, expected, out.Status)
 	}
 }
 
 func TestKeyUsageCertSign(t *testing.T) {
-	inputPath := "../../testlint/testCerts/caKeyUsageCrit.pem"
+	inputPath := "caKeyUsageCrit.pem"
 	expected := lint.Pass
-	out := lint.Lints["e_ca_key_cert_sign_not_set"].Execute(util.ReadCertificate(inputPath))
+	out := test.TestLint("e_ca_key_cert_sign_not_set", inputPath)
 	if out.Status != expected {
 		t.Errorf("%s: expected %s, got %s", inputPath, expected, out.Status)
 	}

diff --git a/lints/cabf_br/lint_ca_key_usage_missing_test.go b/lints/cabf_br/lint_ca_key_usage_missing_test.go
@@ -18,22 +18,22 @@ import (
 	"testing"
 
 	"github.com/zmap/zlint/lint"
-	"github.com/zmap/zlint/util"
+	"github.com/zmap/zlint/test"
 )
 
 func TestCaKeyUsageMissing(t *testing.T) {
-	inputPath := "../../testlint/testCerts/caKeyUsageMissing.pem"
+	inputPath := "caKeyUsageMissing.pem"
 	expected := lint.Error
-	out := lint.Lints["e_ca_key_usage_missing"].Execute(util.ReadCertificate(inputPath))
+	out := test.TestLint("e_ca_key_usage_missing", inputPath)
 	if out.Status != expected {
 		t.Errorf("%s: expected %s, got %s", inputPath, expected, out.Status)
 	}
 }
 
 func TestKeyUsagePresent(t *testing.T) {
-	inputPath := "../../testlint/testCerts/caKeyUsageCrit.pem"
+	inputPath := "caKeyUsageCrit.pem"
 	expected := lint.Pass
-	out := lint.Lints["e_ca_key_usage_missing"].Execute(util.ReadCertificate(inputPath))
+	out := test.TestLint("e_ca_key_usage_missing", inputPath)
 	if out.Status != expected {
 		t.Errorf("%s: expected %s, got %s", inputPath, expected, out.Status)
 	}

diff --git a/lints/cabf_br/lint_ca_key_usage_not_critical_test.go b/lints/cabf_br/lint_ca_key_usage_not_critical_test.go
@@ -18,22 +18,22 @@ import (
 	"testing"
 
 	"github.com/zmap/zlint/lint"
-	"github.com/zmap/zlint/util"
+	"github.com/zmap/zlint/test"
 )
 
 func TestCaKeyUsageNotCrit(t *testing.T) {
-	inputPath := "../../testlint/testCerts/caKeyUsageNotCrit.pem"
+	inputPath := "caKeyUsageNotCrit.pem"
 	expected := lint.Error
-	out := lint.Lints["e_ca_key_usage_not_critical"].Execute(util.ReadCertificate(inputPath))
+	out := test.TestLint("e_ca_key_usage_not_critical", inputPath)
 	if out.Status != expected {
 		t.Errorf("%s: expected %s, got %s", inputPath, expected, out.Status)
 	}
 }
 
 func TestKeyUsageCrit(t *testing.T) {
-	inputPath := "../../testlint/testCerts/caKeyUsageCrit.pem"
+	inputPath := "caKeyUsageCrit.pem"
 	expected := lint.Pass
-	out := lint.Lints["e_ca_key_usage_not_critical"].Execute(util.ReadCertificate(inputPath))
+	out := test.TestLint("e_ca_key_usage_not_critical", inputPath)
 	if out.Status != expected {
 		t.Errorf("%s: expected %s, got %s", inputPath, expected, out.Status)
 	}

diff --git a/lints/cabf_br/lint_ca_organization_name_missing_test.go b/lints/cabf_br/lint_ca_organization_name_missing_test.go
@@ -18,31 +18,31 @@ import (
 	"testing"
 
 	"github.com/zmap/zlint/lint"
-	"github.com/zmap/zlint/util"
+	"github.com/zmap/zlint/test"
 )
 
 func TestCAOrgNameBlank(t *testing.T) {
-	inputPath := "../../testlint/testCerts/caOrgNameEmpty.pem"
+	inputPath := "caOrgNameEmpty.pem"
 	expected := lint.Error
-	out := lint.Lints["e_ca_organization_name_missing"].Execute(util.ReadCertificate(inputPath))
+	out := test.TestLint("e_ca_organization_name_missing", inputPath)
 	if out.Status != expected {
 		t.Errorf("%s: expected %s, got %s", inputPath, expected, out.Status)
 	}
 }
 
 func TestCAOrgNameMissing(t *testing.T) {
-	inputPath := "../../testlint/testCerts/caOrgNameMissing.pem"
+	inputPath := "caOrgNameMissing.pem"
 	expected := lint.Error
-	out := lint.Lints["e_ca_organization_name_missing"].Execute(util.ReadCertificate(inputPath))
+	out := test.TestLint("e_ca_organization_name_missing", inputPath)
 	if out.Status != expected {
 		t.Errorf("%s: expected %s, got %s", inputPath, expected, out.Status)
 	}
 }
 
 func TestCAOrgNameValid(t *testing.T) {
-	inputPath := "../../testlint/testCerts/caValOrgName.pem"
+	inputPath := "caValOrgName.pem"
 	expected := lint.Pass
-	out := lint.Lints["e_ca_organization_name_missing"].Execute(util.ReadCertificate(inputPath))
+	out := test.TestLint("e_ca_organization_name_missing", inputPath)
 	if out.Status != expected {
 		t.Errorf("%s: expected %s, got %s", inputPath, expected, out.Status)
 	}

diff --git a/lints/cabf_br/lint_cab_dv_conflicts_with_locality_test.go b/lints/cabf_br/lint_cab_dv_conflicts_with_locality_test.go
@@ -18,22 +18,22 @@ import (
 	"testing"
 
 	"github.com/zmap/zlint/lint"
-	"github.com/zmap/zlint/util"
+	"github.com/zmap/zlint/test"
 )
 
 func TestCertPolicyNotConflictWithLocal(t *testing.T) {
-	inputPath := "../../testlint/testCerts/domainValGoodSubject.pem"
+	inputPath := "domainValGoodSubject.pem"
 	expected := lint.Pass
-	out := lint.Lints["e_cab_dv_conflicts_with_locality"].Execute(util.ReadCertificate(inputPath))
+	out := test.TestLint("e_cab_dv_conflicts_with_locality", inputPath)
 	if out.Status != expected {
 		t.Errorf("%s: expected %s, got %s", inputPath, expected, out.Status)
 	}
 }
 
 func TestCertPolicyConflictsWithLocal(t *testing.T) {
-	inputPath := "../../testlint/testCerts/domainValWithLocal.pem"
+	inputPath := "domainValWithLocal.pem"
 	expected := lint.Error
-	out := lint.Lints["e_cab_dv_conflicts_with_locality"].Execute(util.ReadCertificate(inputPath))
+	out := test.TestLint("e_cab_dv_conflicts_with_locality", inputPath)
 	if out.Status != expected {
 		t.Errorf("%s: expected %s, got %s", inputPath, expected, out.Status)
 	}

diff --git a/lints/cabf_br/lint_cab_dv_conflicts_with_org_test.go b/lints/cabf_br/lint_cab_dv_conflicts_with_org_test.go
@@ -18,22 +18,22 @@ import (
 	"testing"
 
 	"github.com/zmap/zlint/lint"
-	"github.com/zmap/zlint/util"
+	"github.com/zmap/zlint/test"
 )
 
 func TestCertPolicyNotConflictWithOrg(t *testing.T) {
-	inputPath := "../../testlint/testCerts/domainValGoodSubject.pem"
+	inputPath := "domainValGoodSubject.pem"
 	expected := lint.Pass
-	out := lint.Lints["e_cab_dv_conflicts_with_org"].Execute(util.ReadCertificate(inputPath))
+	out := test.TestLint("e_cab_dv_conflicts_with_org", inputPath)
 	if out.Status != expected {
 		t.Errorf("%s: expected %s, got %s", inputPath, expected, out.Status)
 	}
 }
 
 func TestCertPolicyConflictsWithOrg(t *testing.T) {
-	inputPath := "../../testlint/testCerts/domainValWithOrg.pem"
+	inputPath := "domainValWithOrg.pem"
 	expected := lint.Error
-	out := lint.Lints["e_cab_dv_conflicts_with_org"].Execute(util.ReadCertificate(inputPath))
+	out := test.TestLint("e_cab_dv_conflicts_with_org", inputPath)
 	if out.Status != expected {
 		t.Errorf("%s: expected %s, got %s", inputPath, expected, out.Status)
 	}