Extend processor SHA fetching tests

Allow to forbid individual hashes from downloading. This allows to for testing the behavior, if one of the hashes could not be downloaded.
2025-12-22 11:55:40 +01:00 · 2024-12-16 12:23:10 +01:00 · 2024-12-16 12:23:10 +01:00 · b1a7620763
commit b1a7620763
parent 9dd4b7fc8d
3 changed files with 68 additions and 65 deletions
--- a/cmd/csaf_checker/processor_test.go
+++ b/cmd/csaf_checker/processor_test.go
@ -29,8 +29,11 @@ func getRequirementTestData(t *testing.T, params testutil.ProviderParams, direct
 	if params.EnableSha512 {
 		path += "sha512-"
 	}
-	if params.ForbidHashFetching {
-		path += "forbid-hash-fetching-"
+	if params.ForbidSha256 {
+		path += "forbid-sha256-"
+	}
+	if params.ForbidSha512 {
+		path += "forbid-sha512-"
 	}
 	if directoryProvider {
 		path += "directory"
@ -68,70 +71,64 @@ func TestShaMarking(t *testing.T) {
 		directoryProvider bool
 		enableSha256      bool
 		enableSha512      bool
-		forbidHashFetching bool
+		forbidSha256      bool
+		forbidSha512      bool
 	}{
 		{
 			name:              "deliver sha256 and sha512",
 			directoryProvider: false,
 			enableSha256:      true,
 			enableSha512:      true,
-			forbidHashFetching: false,
 		},
 		{
 			name:              "enable sha256 and sha512, forbid fetching",
 			directoryProvider: false,
 			enableSha256:      true,
 			enableSha512:      true,
-			forbidHashFetching: true,
+			forbidSha256:      true,
+			forbidSha512:      true,
 		},
 		{
 			name:              "only deliver sha256",
 			directoryProvider: false,
 			enableSha256:      true,
 			enableSha512:      false,
-			forbidHashFetching: false,
 		},
 		{
 			name:              "only deliver sha512",
 			directoryProvider: false,
 			enableSha256:      false,
 			enableSha512:      true,
-			forbidHashFetching: false,
 		},
 		{
 			name:              "deliver sha256 and sha512, directory provider",
 			directoryProvider: true,
 			enableSha256:      true,
 			enableSha512:      true,
-			forbidHashFetching: false,
 		},
 		{
 			name:              "only deliver sha256, directory provider",
 			directoryProvider: true,
 			enableSha256:      true,
 			enableSha512:      false,
-			forbidHashFetching: false,
 		},
 		{
 			name:              "only deliver sha512, directory provider",
 			directoryProvider: true,
 			enableSha256:      false,
 			enableSha512:      true,
-			forbidHashFetching: false,
 		},
 		{
 			name:              "no hash",
 			directoryProvider: false,
 			enableSha256:      false,
 			enableSha512:      false,
-			forbidHashFetching: false,
 		},
 		{
 			name:              "no hash, directory provider",
 			directoryProvider: true,
 			enableSha256:      false,
 			enableSha512:      false,
-			forbidHashFetching: false,
 		},
 	}

@ -145,7 +142,8 @@ func TestShaMarking(t *testing.T) {
 				URL:          "",
 				EnableSha256: test.enableSha256,
 				EnableSha512: test.enableSha512,
-				ForbidHashFetching: test.forbidHashFetching,
+				ForbidSha256: test.forbidSha256,
+				ForbidSha512: test.forbidSha512,
 			}
 			server := httptest.NewTLSServer(testutil.ProviderHandler(&params, test.directoryProvider))
 			defer server.Close()
@ -176,7 +174,8 @@ func TestShaMarking(t *testing.T) {
 					URL:          serverURL,
 					EnableSha256: test.enableSha256,
 					EnableSha512: test.enableSha512,
-					ForbidHashFetching: test.forbidHashFetching,
+					ForbidSha256: test.forbidSha256,
+					ForbidSha512: test.forbidSha512,
 				},
 				test.directoryProvider)
 			for i, got := range report.Domains[0].Requirements {
--- a/internal/testutil/testutil.go
+++ b/internal/testutil/testutil.go
@ -21,7 +21,8 @@ type ProviderParams struct {
 	URL          string
 	EnableSha256 bool
 	EnableSha512 bool
-	ForbidHashFetching bool
+	ForbidSha256 bool
+	ForbidSha512 bool
 }

 // ProviderHandler returns a test provider handler with the specified configuration.
@ -50,7 +51,10 @@ func ProviderHandler(params *ProviderParams, directoryProvider bool) http.Handle
 			w.Header().Add("Content-Type", "text/html")
 		case strings.HasSuffix(path, ".json"):
 			w.Header().Add("Content-Type", "application/json")
-		case (strings.HasSuffix(path, ".sha256") || strings.HasSuffix(path, ".sha512")) && params.ForbidHashFetching:
+		case (strings.HasSuffix(path, ".sha256")) && params.ForbidSha256:
+			w.WriteHeader(http.StatusForbidden)
+			return
+		case strings.HasSuffix(path, ".sha512") && params.ForbidSha512:
 			w.WriteHeader(http.StatusForbidden)
 			return
 		case strings.HasSuffix(path, ".sha256") && directoryProvider && !params.EnableSha256:
--- a/testdata/processor-requirements/sha256-sha512-forbid-sha256-forbid-sha512-rolie.json
+++ b/testdata/processor-requirements/sha256-sha512-forbid-sha256-forbid-sha512-rolie.json