[FAB-2571] - Update reenroll test

Change-Id: Icb7314af7b996f2243fc980d7617703cd7c32458 Signed-off-by: rennman <[email protected]>
hyperledger · Apr 6, 2017 · 7b9eb18 · 7b9eb18
1 parent 4456f65
commit 7b9eb18
Showing 1 changed file with 36 additions and 64 deletions.
diff --git a/scripts/fvt/reenroll_test.sh b/scripts/fvt/reenroll_test.sh
@@ -1,8 +1,7 @@
 #!/bin/bash
 FABRIC_CA="$GOPATH/src/github.com/hyperledger/fabric-ca"
 SCRIPTDIR="$FABRIC_CA/scripts/fvt"
-TESTDATA="$FABRIC_CA/testdata"
-KEYSTORE="/tmp/keyStore"
+. $SCRIPTDIR/fabric-ca_utils
 PKI="$SCRIPTDIR/utils/pki"
 CERT_HOME="/tmp/CAs/"
 REGISTRAR="admin"
@@ -19,43 +18,25 @@ future=$(date +"$next_year%m%d%H%M%SZ")
 
 . $SCRIPTDIR/fabric-ca_utils
 
-function enrollUser() {
-   local USERNAME=$1
-   mkdir -p $KEYSTORE/$USERNAME
-   export CA_CFG_PATH=$KEYSTORE/$REGISTRAR
-   OUT=$($SCRIPTDIR/register.sh -u $USERNAME -t $USERTYPE -g $USERGRP -x $CA_CFG_PATH)
-   echo "$OUT"
-   PASSWD="$(echo "$OUT" | head -n1 | awk '{print $NF}')"
-   export CA_CFG_PATH=$KEYSTORE/$USERNAME
-   test -d $CA_CFG_PATH || mkdir -p $CA_CFG_PATH
-   $SCRIPTDIR/enroll.sh -u $USERNAME -p $PASSWD -x $CA_CFG_PATH
-}
-
-while getopts "du:t:k:l:" option; do
+while getopts "dx:" option; do
   case "$option" in
      d)   FABRIC_CA_DEBUG="true" ;;
-     u)   USERNAME="$OPTARG" ;;
-     t)   USERTYPE="$OPTARG" ;;
-     g)   USERGRP="$OPTARG" ;;
-     k)   KEYTYPE="$OPTARG" ;;
-     l)   KEYLEN="$OPTARG" ;;
+     x)   CA_CFG_PATH="$OPTARG" ;;
   esac
 done
 
+: ${CA_CFG_PATH:="/tmp/reenroll"}
 : ${FABRIC_CA_DEBUG="false"}
-: ${USERNAME="newclient"}
-: ${USERTYPE="client"}
-: ${USERGRP="bank_a"}
-: ${KEYTYPE="ecdsa"}
-: ${KEYLEN="256"}
 : ${HOST="localhost:10888"}
+export CA_CFG_PATH
+export FABRIC_CA_CLIENT_HOME="$CA_CFG_PATH/admin"
 
 HTTP_PORT="3755"
 
 rm -rf $CERT_HOME/ROOT_CERT $HOME/ROOT_CERT*
 rm -rf $CERT_HOME/UNSUPPORTED $HOME/UNSUPPORTED-
 $PKI -f newca   -d sha256 -a ROOT_CERT -t ec -l 256 ROOT_CERT -n "/CN=ROOT_CERT/"
-$PKI -f newcert -d sha256 -a ROOT_CERT -t ec -l 256 -p UNSUPPORTED- -n "/CN=UNSUPPORTED/" <<EOF
+$PKI -f newcert -d sha256 -a ROOT_CERT -t dsa -l 256 -p UNSUPPORTED- -n "/CN=UNSUPPORTED/" <<EOF
 y
 y
 EOF
@@ -75,82 +56,73 @@ python -m SimpleHTTPServer $HTTP_PORT &
 HTTP_PID=$!
 pollServer python localhost "$HTTP_PORT" || ErrorExit "Failed to start HTTP server"
 echo $HTTP_PID
-trap "kill $HTTP_PID; CleanUp" INT
+trap "kill $HTTP_PID; CleanUp 1; exit 1" INT
 
 export FABRIC_CA_DEBUG
-mkdir -p $KEYSTORE/$REGISTRAR
-export CA_CFG_PATH=$KEYSTORE/$REGISTRAR
-test -d $CA_CFG_PATH || mkdir -p $CA_CFG_PATH
-
-#for driver in sqlite3 postgres mysql; do
-for driver in sqlite3 ; do
+for driver in sqlite3 postgres mysql; do
    echo ""
    echo ""
    echo ""
    echo "------> BEGIN TESTING $driver <----------"
    # note MAX_ENROLLMENTS defaults to '1'
-   $SCRIPTDIR/fabric-ca_setup.sh -R -x $KEYSTORE
-   $SCRIPTDIR/fabric-ca_setup.sh -I -S -X -n4 -d $driver
+   $SCRIPTDIR/fabric-ca_setup.sh -R -d $driver -x $CA_CFG_PATH
+   $SCRIPTDIR/fabric-ca_setup.sh -I -S -X -n4 -d $driver -x $CA_CFG_PATH
    if test $? -ne 0; then
       ErrorMsg "Failed to setup server"
       continue
    fi
-
-   CA_CFG_PATH=$KEYSTORE/$REGISTRAR
-   $SCRIPTDIR/enroll.sh -u $REGISTRAR -p $REGISTRARPWD -x $CA_CFG_PATH
+   enroll $REGISTRAR
    if test $? -ne 0; then
       ErrorMsg "Failed to enroll $REGISTRAR"
       continue
    fi
 
    for i in {1..4}; do
-      enrollUser user${i}
-      if test $? -ne 0; then
-         echo "Failed to enroll user${i}"
-      else
-         CA_CFG_PATH=$KEYSTORE/user${i}
-         test -d $CA_CFG_PATH || mkdir -p $CA_CFG_PATH
-         # user can be reenrolled even though MAX_ENROLLMENTS set to '1'
-         $SCRIPTDIR/reenroll.sh -x $CA_CFG_PATH
-         test $? -ne 0 && ErrorMsg "Failed to reenroll user${i}"
-      fi
-      sleep 1
+      OUT=$(register $REGISTRAR user${i})
+      pswd[$i]=$(echo $OUT | tail -n1 | awk '{print $NF}')
+      echo $pswd
    done
 
-   # sqaure up the number of requests to each of 4 servers
-   $SCRIPTDIR/reenroll.sh -x /tmp/keyStore/$REGISTRAR
-   $SCRIPTDIR/reenroll.sh -x /tmp/keyStore/$REGISTRAR
-   $SCRIPTDIR/reenroll.sh -x /tmp/keyStore/$REGISTRAR
+   for i in {1..4}; do
+      enroll user${i} ${pswd[i]}
+      test $? -ne 0 && ErrorMsg "Failed to reenroll user${i}"
+   done
+
+   for i in 1 2 3 4 1 2 3; do
+      # sqaure up the number of requests to each of 4 servers by additional requests
+       reenroll user${i} "$CA_CFG_PATH/user${i}/$MSP_CERT_DIR/cert.pem" "$CA_CFG_PATH/user${i}/$MSP_KEY_DIR/key.pem"
+       test $? -ne 0 && ErrorMsg "Failed to reenroll user${i}"
+   done
    # all servers should register 4 successful requests
    # but...it's only available when tls is disabled
    if test "$FABRIC_TLS" = 'false'; then
       for s in {1..4}; do
          curl -s http://${HOST}/ | awk -v s="server${s}" '$0~s'|html2text|grep HTTP
          verifyServerTraffic $HOST server${s} 4
-         test $? -ne 0 && ErrorMsg echo "Distributed traffic to server FAILED"
+         test $? -ne 0 && ErrorMsg "Distributed traffic to server FAILED"
          sleep 1
       done
    fi
 
-   #for cert in EXPIRED UNRIPE UNSUPPORTED; do
-   for cert in EXPIRED UNRIPE ; do
-      CA_CFG_PATH=$KEYSTORE/user1
-      cat $HOME/${cert}-cert.pem |sed -n '/BEGIN CERTIFICATE/,/END CERTIFICATE/p' > $CA_CFG_PATH/cert.pem
-      cat $HOME/${cert}-key.pem | openssl ec -outform pem -out $CA_CFG_PATH/key.pem
-      #cp $HOME/${cert}-key.pem  $CA_CFG_PATH/key.pem
-      openssl ec -in $CA_CFG_PATH/key.pem -text
-      openssl x509 -in $CA_CFG_PATH/cert.pem -text
-      $SCRIPTDIR/reenroll.sh -x $CA_CFG_PATH
+   keyStore="$CA_CFG_PATH/user1/$MSP_KEY_DIR"
+   certStore="$CA_CFG_PATH/user1/$MSP_CERT_DIR"
+   for cert in EXPIRED UNRIPE UNSUPPORTED; do
+      openssl x509 -in $HOME/${cert}-cert.pem -out  $certStore/cert.pem
+      openssl ec -in $HOME/${cert}-key.pem -out $keyStore/key.pem
+      openssl ec -in $keyStore/key.pem -text
+      openssl x509 -in $certStore/cert.pem -text
+      reenroll user1 "$CA_CFG_PATH/user1/$MSP_CERT_DIR/cert.pem" "$CA_CFG_PATH/user1/$MSP_KEY_DIR/key.pem"
       test $? -eq 0 && ErrorMsg "reenrolled user1 with unsupported cert"
    done
-   $SCRIPTDIR/fabric-ca_setup.sh -R -x $KEYSTORE
+   $SCRIPTDIR/fabric-ca_setup.sh -L -d $driver
    echo "------> END TESTING $driver <----------"
    echo "***************************************"
    echo ""
    echo ""
    echo ""
    echo ""
 done
+$SCRIPTDIR/fabric-ca_setup.sh -R -d $driver -x $CA_CFG_PATH
 
 kill $HTTP_PID
 wait $HTTP_PID