remove duplicate test functions

Signed-off-by: Dmitry S <[email protected]>
sigstore · Jul 1, 2024 · f1be17d · f1be17d
1 parent ec1abdf
commit f1be17d
Showing 1 changed file with 0 additions and 242 deletions.
diff --git a/test/e2e_test.go b/test/e2e_test.go
@@ -38,7 +38,6 @@ import (
 	"testing"
 	"time"
 
-	"github.com/go-openapi/strfmt"
 	"github.com/google/go-cmp/cmp"
 	"github.com/google/go-containerregistry/pkg/name"
 	"github.com/google/go-containerregistry/pkg/v1/remote"
@@ -1056,151 +1055,6 @@ func TestVerifyWithCARoots(t *testing.T) {
 	}
 }
 
-func TestAttachWithRFC3161Timestamp(t *testing.T) {
-	ctx := context.Background()
-	// TSA server needed to create timestamp
-	viper.Set("timestamp-signer", "memory")
-	viper.Set("timestamp-signer-hash", "sha256")
-	apiServer := server.NewRestAPIServer("localhost", 0, []string{"http"}, false, 10*time.Second, 10*time.Second)
-	server := httptest.NewServer(apiServer.GetHandler())
-	t.Cleanup(server.Close)
-
-	repo, stop := reg(t)
-	defer stop()
-	td := t.TempDir()
-
-	imgName := path.Join(repo, "cosign-attach-timestamp-e2e")
-
-	_, _, cleanup := mkimage(t, imgName)
-	defer cleanup()
-
-	b := bytes.Buffer{}
-	must(generate.GenerateCmd(context.Background(), options.RegistryOptions{}, imgName, nil, &b), t)
-
-	rootCert, rootKey, _ := GenerateRootCa()
-	subCert, subKey, _ := GenerateSubordinateCa(rootCert, rootKey)
-	leafCert, privKey, _ := GenerateLeafCert("[email protected]", "oidc-issuer", subCert, subKey)
-	pemRoot := pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: rootCert.Raw})
-	pemSub := pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: subCert.Raw})
-	pemLeaf := pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: leafCert.Raw})
-
-	payloadref := mkfile(b.String(), td, t)
-
-	h := sha256.Sum256(b.Bytes())
-	signature, _ := privKey.Sign(rand.Reader, h[:], crypto.SHA256)
-	b64signature := base64.StdEncoding.EncodeToString([]byte(signature))
-	sigRef := mkfile(b64signature, td, t)
-	pemleafRef := mkfile(string(pemLeaf), td, t)
-	pemrootRef := mkfile(string(pemRoot), td, t)
-
-	certchainRef := mkfile(string(append(pemSub[:], pemRoot[:]...)), td, t)
-
-	t.Setenv("SIGSTORE_ROOT_FILE", pemrootRef)
-	// reset the roots to use the root pointed by the environment variable SIGSTORE_ROOT_FILE
-	if err := fulcioroots.ReInit(); err != nil {
-		t.Fatal(err)
-	}
-
-	tsclient, err := tsaclient.GetTimestampClient(server.URL)
-	if err != nil {
-		t.Error(err)
-	}
-
-	chain, err := tsclient.Timestamp.GetTimestampCertChain(nil)
-	if err != nil {
-		t.Fatalf("unexpected error getting timestamp chain: %v", err)
-	}
-
-	file, err := os.CreateTemp(os.TempDir(), "tempfile")
-	if err != nil {
-		t.Fatalf("error creating temp file: %v", err)
-	}
-	defer os.Remove(file.Name())
-	_, err = file.WriteString(chain.Payload)
-	if err != nil {
-		t.Fatalf("error writing chain payload to temp file: %v", err)
-	}
-
-	tsBytes, err := tsa.GetTimestampedSignature(signature, client.NewTSAClient(server.URL+"/api/v1/timestamp"))
-	if err != nil {
-		t.Fatalf("unexpected error creating timestamp: %v", err)
-	}
-	rfc3161TSRef := mkfile(string(tsBytes), td, t)
-
-	// Upload it!
-	err = attach.SignatureCmd(ctx, options.RegistryOptions{}, sigRef, payloadref, pemleafRef, certchainRef, rfc3161TSRef, "", imgName)
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	must(verifyKeylessTSA(imgName, file.Name(), true, true), t)
-}
-
-func TestAttachWithRekorBundle(t *testing.T) {
-	ctx := context.Background()
-
-	repo, stop := reg(t)
-	defer stop()
-	td := t.TempDir()
-
-	imgName := path.Join(repo, "cosign-attach-timestamp-e2e")
-
-	_, _, cleanup := mkimage(t, imgName)
-	defer cleanup()
-
-	b := bytes.Buffer{}
-	must(generate.GenerateCmd(context.Background(), options.RegistryOptions{}, imgName, nil, &b), t)
-
-	rootCert, rootKey, _ := GenerateRootCa()
-	subCert, subKey, _ := GenerateSubordinateCa(rootCert, rootKey)
-	leafCert, privKey, _ := GenerateLeafCert("[email protected]", "oidc-issuer", subCert, subKey)
-	pemRoot := pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: rootCert.Raw})
-	pemSub := pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: subCert.Raw})
-	pemLeaf := pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: leafCert.Raw})
-
-	payloadref := mkfile(b.String(), td, t)
-
-	h := sha256.Sum256(b.Bytes())
-	signature, _ := privKey.Sign(rand.Reader, h[:], crypto.SHA256)
-	b64signature := base64.StdEncoding.EncodeToString([]byte(signature))
-	sigRef := mkfile(b64signature, td, t)
-	pemleafRef := mkfile(string(pemLeaf), td, t)
-	pemrootRef := mkfile(string(pemRoot), td, t)
-
-	t.Setenv("SIGSTORE_ROOT_FILE", pemrootRef)
-
-	certchainRef := mkfile(string(append(pemSub[:], pemRoot[:]...)), td, t)
-
-	localPayload := cosign.LocalSignedPayload{
-		Base64Signature: b64signature,
-		Cert:            string(pemLeaf),
-		Bundle: &bundle.RekorBundle{
-			SignedEntryTimestamp: strfmt.Base64("MEUCIEDcarEwRYkrxE9ne+kzEVvUhnWaauYzxhUyXOLy1hwAAiEA4VdVCvNRs+D/5o33C2KBy+q2YX3lP4Y7nqRFU+K3hi0="),
-			Payload: bundle.RekorPayload{
-				Body:           "REMOVED",
-				IntegratedTime: 1631646761,
-				LogIndex:       693591,
-				LogID:          "c0d23d6ad406973f9559f3ba2d1ca01f84147d8ffc5b8445c224f98b9591801d",
-			},
-		},
-	}
-
-	jsonBundle, err := json.Marshal(localPayload)
-	if err != nil {
-		t.Fatal(err)
-	}
-	bundlePath := filepath.Join(td, "bundle.json")
-	if err := os.WriteFile(bundlePath, jsonBundle, 0644); err != nil {
-		t.Fatal(err)
-	}
-
-	// Upload it!
-	err = attach.SignatureCmd(ctx, options.RegistryOptions{}, sigRef, payloadref, pemleafRef, certchainRef, "", bundlePath, imgName)
-	if err != nil {
-		t.Fatal(err)
-	}
-}
-
 func TestRekorBundle(t *testing.T) {
 	td := t.TempDir()
 	err := downloadAndSetEnv(t, rekorURL+"/api/v1/log/publicKey", env.VariableSigstoreRekorPublicKey.String(), td)
@@ -1832,102 +1686,6 @@ func TestGenerate(t *testing.T) {
 	equals(ss.Optional["foo"], "bar", t)
 }
 
-func TestUploadDownload(t *testing.T) {
-	repo, stop := reg(t)
-	defer stop()
-	td := t.TempDir()
-	ctx := context.Background()
-
-	testCases := map[string]struct {
-		signature     string
-		signatureType attach.SignatureArgType
-		expectedErr   bool
-	}{
-		"stdin containing signature": {
-			signature:     "testsignatureraw",
-			signatureType: attach.StdinSignature,
-			expectedErr:   false,
-		},
-		"file containing signature": {
-			signature:     "testsignaturefile",
-			signatureType: attach.FileSignature,
-			expectedErr:   false,
-		},
-		"raw signature as argument": {
-			signature:     "testsignatureraw",
-			signatureType: attach.RawSignature,
-			expectedErr:   true,
-		},
-		"empty signature as argument": {
-			signature:     "",
-			signatureType: attach.RawSignature,
-			expectedErr:   true,
-		},
-	}
-
-	imgName := path.Join(repo, "cosign-e2e")
-	for testName, testCase := range testCases {
-		t.Run(testName, func(t *testing.T) {
-			ref, _, cleanup := mkimage(t, imgName)
-			payload := "testpayload"
-			payloadPath := mkfile(payload, td, t)
-			signature := base64.StdEncoding.EncodeToString([]byte(testCase.signature))
-			restoreStdin := func() {}
-
-			var sigRef string
-			if testCase.signatureType == attach.FileSignature {
-				sigRef = mkfile(signature, td, t)
-			} else if testCase.signatureType == attach.StdinSignature {
-				sigRef = "-"
-				restoreStdin = mockStdin(signature, td, t)
-			} else {
-				sigRef = signature
-			}
-			// Upload it!
-			err := attach.SignatureCmd(ctx, options.RegistryOptions{}, sigRef, payloadPath, "", "", "", "", imgName)
-			if testCase.expectedErr {
-				mustErr(err, t)
-			} else {
-				must(err, t)
-			}
-			restoreStdin()
-
-			// Now download it!
-			se, err := ociremote.SignedEntity(ref, ociremote.WithRemoteOptions(registryClientOpts(ctx)...))
-			must(err, t)
-			sigs, err := se.Signatures()
-			must(err, t)
-			signatures, err := sigs.Get()
-			must(err, t)
-
-			if testCase.expectedErr {
-				if len(signatures) != 0 {
-					t.Fatalf("unexpected signatures %d, wanted 0", len(signatures))
-				}
-			} else {
-				if len(signatures) != 1 {
-					t.Fatalf("unexpected signatures %d, wanted 1", len(signatures))
-				}
-
-				if b64sig, err := signatures[0].Base64Signature(); err != nil {
-					t.Fatalf("Base64Signature() = %v", err)
-				} else if diff := cmp.Diff(b64sig, signature); diff != "" {
-					t.Error(diff)
-				}
-
-				if p, err := signatures[0].Payload(); err != nil {
-					t.Fatalf("Payload() = %v", err)
-				} else if diff := cmp.Diff(p, []byte(payload)); diff != "" {
-					t.Error(diff)
-				}
-			}
-
-			// Now delete it!
-			cleanup()
-		})
-	}
-}
-
 func TestSaveLoad(t *testing.T) {
 	td := t.TempDir()
 	err := downloadAndSetEnv(t, rekorURL+"/api/v1/log/publicKey", env.VariableSigstoreRekorPublicKey.String(), td)