enable test 32

This commit is contained in:
Christian Grothoff 2020-03-27 12:30:31 +01:00
parent 13bbcef87b
commit 31746d8128
No known key found for this signature in database
GPG Key ID: 939E6BE1E29FC3CC
4 changed files with 60 additions and 45 deletions

View File

@ -707,31 +707,23 @@ This section lists operations that the exchange performed, but for
which the signatures provided are invalid. Hence the operations were which the signatures provided are invalid. Hence the operations were
invalid and the amount involved should be considered lost. invalid and the amount involved should be considered lost.
The key given is always the key for which the signature verification \subsubsection{For aggregation}
step failed. This is the reserve public key for ``withdraw''
operations, the coin public key for ``deposit'' and ``melt''
operations, the merchant's public key for ``melt'' operations,
the (hash of the) denomination public key for
``recoup-verify'' and ``deposit-verify'' operations, and the master
public key for ``recoup-master'' operations.
\subsubsection{For aggregations} % Table generation tested by testcase #32 in test-auditor.sh
% Table generation tested by testcase #XX in test-auditor.sh
{% if aggregation.bad_sig_losses|length() == 0 %} {% if aggregation.bad_sig_losses|length() == 0 %}
{\bf All signatures were valid.} {\bf All signatures were valid.}
{% else %} {% else %}
\begin{longtable}{l|r|r} \begin{longtable}{l|r|r}
\multicolumn{3}{l}{ {\bf Public key} }\\ \multicolumn{3}{l}{ {\bf Coin public key} }\\
{\bf Operation type} & Database row & {\bf Loss amount} \\ {\bf Operation type} & Database row & {\bf Loss amount} \\
\hline \hline \hline \hline
\endfirsthead \endfirsthead
\multicolumn{3}{l}{ {\bf Public key} }\\ \multicolumn{3}{l}{ {\bf Coin public key} }\\
{\bf Operation type} & Database row & {\bf Loss amount} \\ \hline \hline {\bf Operation type} & Database row & {\bf Loss amount} \\ \hline \hline
\endhead \endhead
\hline \hline \hline \hline
\multicolumn{3}{l}{ {\bf Public key} }\\ \multicolumn{3}{l}{ {\bf Coin public key} }\\
{\bf Operation type} & Database row & {\bf Loss amount} \\ {\bf Operation type} & Database row & {\bf Loss amount} \\
\endfoot \endfoot
\hline \hline
@ -741,7 +733,7 @@ public key for ``recoup-master'' operations.
\label{table:bad_signature_losses} \label{table:bad_signature_losses}
\endlastfoot \endlastfoot
{% for item in aggregation.bad_sig_losses %} {% for item in aggregation.bad_sig_losses %}
\multicolumn{3}{l}{ {\tt \small \truncate{0.9\textwidth}{ {{ item.key_pub }} } } } \\ \multicolumn{3}{l}{ {\tt \small \truncate{0.9\textwidth}{ {{ item.coin_pub }} } } } \\
\nopagebreak \nopagebreak
{{ item.operation }} & {{ item.operation }} &
{{ item.row }} & {{ item.row }} &
@ -759,15 +751,15 @@ public key for ``recoup-master'' operations.
{\bf All signatures were valid.} {\bf All signatures were valid.}
{% else %} {% else %}
\begin{longtable}{l|r|r} \begin{longtable}{l|r|r}
\multicolumn{3}{l}{ {\bf Public key} }\\ \multicolumn{3}{l}{ {\bf Coin public key} }\\
{\bf Operation type} & Database row & {\bf Loss amount} \\ {\bf Operation type} & Database row & {\bf Loss amount} \\
\hline \hline \hline \hline
\endfirsthead \endfirsthead
\multicolumn{3}{l}{ {\bf Public key} }\\ \multicolumn{3}{l}{ {\bf Coin public key} }\\
{\bf Operation type} & Database row & {\bf Loss amount} \\ \hline \hline {\bf Operation type} & Database row & {\bf Loss amount} \\ \hline \hline
\endhead \endhead
\hline \hline \hline \hline
\multicolumn{3}{l}{ {\bf Public key} }\\ \multicolumn{3}{l}{ {\bf Coin public key} }\\
{\bf Operation type} & Database row & {\bf Loss amount} \\ {\bf Operation type} & Database row & {\bf Loss amount} \\
\endfoot \endfoot
\hline \hline
@ -790,6 +782,13 @@ public key for ``recoup-master'' operations.
% Table generation tested by testcase #7 in test-auditor.sh % Table generation tested by testcase #7 in test-auditor.sh
The key given is always the key for which the signature verification step
failed. This is the reserve public key for ``withdraw'' operations, the coin
public key for ``recoup'' operations, and the master public key for
``recoup-master'' operations (where the master's signature on the revocation
is invalid).
{% if reserves.bad_sig_losses|length() == 0 %} {% if reserves.bad_sig_losses|length() == 0 %}
{\bf All signatures were valid.} {\bf All signatures were valid.}
{% else %} {% else %}
@ -1140,7 +1139,7 @@ with respect to what wire fee it charges at what time.
This section describes issues found that do not have a clear financial This section describes issues found that do not have a clear financial
impact. impact.
\subsubsection{For aggregations} \subsubsection{For aggregation}
% Table generation tested by testcase #15/#25 in test-auditor.sh % Table generation tested by testcase #15/#25 in test-auditor.sh

View File

@ -845,6 +845,9 @@ wire_transfer_information_cb (
wcc->qs = qs; wcc->qs = qs;
return; return;
} }
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Testing coin `%s' for validity\n",
TALER_B2S (&coin.coin_pub));
if (GNUNET_OK != if (GNUNET_OK !=
TALER_test_coin_valid (&coin, TALER_test_coin_valid (&coin,
denom_pub)) denom_pub))
@ -854,8 +857,8 @@ wire_transfer_information_cb (
"operation", "wire", "operation", "wire",
"row", (json_int_t) rowid, "row", (json_int_t) rowid,
"loss", TALER_JSON_from_amount (coin_value), "loss", TALER_JSON_from_amount (coin_value),
"key_pub", GNUNET_JSON_from_data_auto ( "coin_pub", GNUNET_JSON_from_data_auto (
&issue->denom_hash))); &coin.coin_pub)));
GNUNET_assert (GNUNET_OK == GNUNET_assert (GNUNET_OK ==
TALER_amount_add (&total_bad_sig_loss, TALER_amount_add (&total_bad_sig_loss,
&total_bad_sig_loss, &total_bad_sig_loss,
@ -1490,10 +1493,10 @@ run (void *cls,
"total_wire_out_delta_minus", "total_wire_out_delta_minus",
TALER_JSON_from_amount ( TALER_JSON_from_amount (
&total_wire_out_delta_minus), &total_wire_out_delta_minus),
/* Tested in test-auditor.sh #28 */ /* Tested in test-auditor.sh #28/32 */
"bad_sig_losses", "bad_sig_losses",
report_bad_sig_losses, report_bad_sig_losses,
/* Tested in test-auditor.sh #28 */ /* Tested in test-auditor.sh #28/32 */
"total_bad_sig_loss", "total_bad_sig_loss",
TALER_JSON_from_amount (&total_bad_sig_loss), TALER_JSON_from_amount (&total_bad_sig_loss),
/* block #2 */ /* block #2 */

View File

@ -31,14 +31,11 @@
#include "report-lib.h" #include "report-lib.h"
/** /**
* How many coin histories do we keep in RAM at any given point in * How many coin histories do we keep in RAM at any given point in time?
* time? Used bound memory consumption of the auditor. Larger values * Expect a few kB per coin history to be used. Used bound memory consumption
* reduce database accesses. * of the auditor. Larger values reduce database accesses.
*
* Set to a VERY low value here for testing. Practical values may be
* in the millions.
*/ */
#define MAX_COIN_HISTORIES 4 #define MAX_COIN_HISTORIES (16 * 1024 * 1024)
/** /**
* Use a 1 day grace period to deal with clocks not being perfectly synchronized. * Use a 1 day grace period to deal with clocks not being perfectly synchronized.

View File

@ -9,7 +9,7 @@ set -eu
# Set of numbers for all the testcases. # Set of numbers for all the testcases.
# When adding new tests, increase the last number: # When adding new tests, increase the last number:
ALL_TESTS=`seq 0 31` ALL_TESTS=`seq 0 32`
# $TESTS determines which tests we should run. # $TESTS determines which tests we should run.
# This construction is used to make it easy to # This construction is used to make it easy to
@ -60,7 +60,6 @@ function pre_audit () {
exit_skip "Failed to launch bank" exit_skip "Failed to launch bank"
fi fi
echo " DONE" echo " DONE"
if test ${1:-no} = "aggregator" if test ${1:-no} = "aggregator"
then then
echo -n "Running exchange aggregator ..." echo -n "Running exchange aggregator ..."
@ -1595,6 +1594,7 @@ then
run_audit aggregator run_audit aggregator
echo -n "Testing inconsistency detection... "
ROW=`jq -e .bad_sig_losses[0].row < test-audit-aggregation.json` ROW=`jq -e .bad_sig_losses[0].row < test-audit-aggregation.json`
if test $ROW != "1" if test $ROW != "1"
then then
@ -1624,6 +1624,7 @@ then
exit_fail "Wrong total bad sig loss, got $LOSS" exit_fail "Wrong total bad sig loss, got $LOSS"
fi fi
echo "OK"
# cannot easily undo aggregator, hence full reload # cannot easily undo aggregator, hence full reload
full_reload full_reload
@ -1643,6 +1644,7 @@ echo "UPDATE auditor_denominations SET fee_withdraw_frac=5000000 WHERE coin_val=
run_audit run_audit
echo -n "Testing inconsistency detection... "
AMOUNT=`jq -r .total_balance_summary_delta_plus < test-audit-reserves.json` AMOUNT=`jq -r .total_balance_summary_delta_plus < test-audit-reserves.json`
if test "x$AMOUNT" == "xTESTKUDOS:0" if test "x$AMOUNT" == "xTESTKUDOS:0"
then then
@ -1654,7 +1656,7 @@ if test "x$PROFIT" != "x-1"
then then
exit_fail "Reported wrong profitability: $PROFIT" exit_fail "Reported wrong profitability: $PROFIT"
fi fi
echo "OK"
# Undo # Undo
echo "UPDATE auditor_denominations SET fee_withdraw_frac=2000000 WHERE coin_val=1;" | psql -Aqt $DB echo "UPDATE auditor_denominations SET fee_withdraw_frac=2000000 WHERE coin_val=1;" | psql -Aqt $DB
@ -1669,7 +1671,7 @@ echo "===========30: melt fee inconsistency ================="
echo "UPDATE auditor_denominations SET fee_refresh_frac=5000000 WHERE coin_val=10;" | psql -Aqt $DB echo "UPDATE auditor_denominations SET fee_refresh_frac=5000000 WHERE coin_val=10;" | psql -Aqt $DB
run_audit run_audit
echo -n "Testing inconsistency detection... "
AMOUNT=`jq -r .bad_sig_losses[0].loss < test-audit-coins.json` AMOUNT=`jq -r .bad_sig_losses[0].loss < test-audit-coins.json`
if test "x$AMOUNT" == "xTESTKUDOS:0" if test "x$AMOUNT" == "xTESTKUDOS:0"
then then
@ -1683,7 +1685,7 @@ then
fi fi
jq -e .emergencies[0] < test-audit-coins.json > /dev/null && exit_fail "Unexpected emergency detected in ordinary run" jq -e .emergencies[0] < test-audit-coins.json > /dev/null && exit_fail "Unexpected emergency detected in ordinary run"
echo "OK"
# Undo # Undo
echo "UPDATE auditor_denominations SET fee_refresh_frac=3000000 WHERE coin_val=1;" | psql -Aqt $DB echo "UPDATE auditor_denominations SET fee_refresh_frac=3000000 WHERE coin_val=1;" | psql -Aqt $DB
@ -1705,8 +1707,8 @@ then
echo "UPDATE auditor_denominations SET fee_deposit_frac=5000000 WHERE coin_val=8;" | psql -Aqt $DB echo "UPDATE auditor_denominations SET fee_deposit_frac=5000000 WHERE coin_val=8;" | psql -Aqt $DB
run_audit aggregation run_audit aggregator
echo -n "Testing inconsistency detection... "
AMOUNT=`jq -r .total_bad_sig_loss < test-audit-coins.json` AMOUNT=`jq -r .total_bad_sig_loss < test-audit-coins.json`
if test "x$AMOUNT" == "xTESTKUDOS:0" if test "x$AMOUNT" == "xTESTKUDOS:0"
then then
@ -1714,11 +1716,12 @@ then
fi fi
OP=`jq -r .bad_sig_losses[0].operation < test-audit-coins.json` OP=`jq -r .bad_sig_losses[0].operation < test-audit-coins.json`
if test "x$OP" == "xdeposit" if test "x$OP" != "xdeposit"
then then
exit_fail "Reported wrong operation: $OP" exit_fail "Reported wrong operation: $OP"
fi fi
echo "OK"
# Undo # Undo
echo "UPDATE auditor_denominations SET fee_deposit_frac=2000000 WHERE coin_val=8;" | psql -Aqt $DB echo "UPDATE auditor_denominations SET fee_deposit_frac=2000000 WHERE coin_val=8;" | psql -Aqt $DB
@ -1744,16 +1747,30 @@ then
echo "===========32: known_coins signature wrong w. aggregation=================" echo "===========32: known_coins signature wrong w. aggregation================="
# Modify denom_sig, so it is wrong # Modify denom_sig, so it is wrong
OLD_SIG=`echo 'SELECT denom_sig FROM known_coins LIMIT 1;' | psql $DB -Aqt` OLD_SIG=`echo 'SELECT denom_sig FROM known_coins LIMIT 1;' | psql $DB -At`
COIN_PUB=`echo "SELECT coin_pub FROM known_coins WHERE denom_sig='$OLD_SIG';" | psql $DB -Aqt` COIN_PUB=`echo "SELECT coin_pub FROM known_coins WHERE denom_sig='$OLD_SIG';" | psql $DB -At`
echo "UPDATE known_coins SET denom_sig='\x287369672d76616c200a2028727361200a2020287320233542383731423743393036444643303442424430453039353246413642464132463537303139374131313437353746324632323332394644443146324643333445393939413336363430334233413133324444464239413833353833464536354442374335434445304441453035374438363336434541423834463843323843344446304144363030343430413038353435363039373833434431333239393736423642433437313041324632414132414435413833303432434346314139464635394244434346374436323238344143354544364131373739463430353032323241373838423837363535453434423145443831364244353638303232413123290a2020290a20290b' WHERE coin_pub='$COIN_PUB'" | psql -Aqt $DB echo "UPDATE known_coins SET denom_sig='\x287369672d76616c200a2028727361200a2020287320233542383731423743393036444643303442424430453039353246413642464132463537303139374131313437353746324632323332394644443146324643333445393939413336363430334233413133324444464239413833353833464536354442374335434445304441453035374438363336434541423834463843323843344446304144363030343430413038353435363039373833434431333239393736423642433437313041324632414132414435413833303432434346314139464635394244434346374436323238344143354544364131373739463430353032323241373838423837363535453434423145443831364244353638303232413123290a2020290a20290b' WHERE coin_pub='$COIN_PUB'" | psql -At $DB
run_audit aggregation run_audit aggregator
echo -n "Testing inconsistency detection... "
AMOUNT=`jq -r .total_bad_sig_loss < test-audit-aggregation.json`
if test "x$AMOUNT" == "xTESTKUDOS:0"
then
exit_fail "Reported total amount wrong: $AMOUNT"
fi
OP=`jq -r .bad_sig_losses[0].operation < test-audit-aggregation.json`
if test "x$OP" != "xwire"
then
exit_fail "Reported wrong operation: $OP"
fi
# FIXME: test incomplete... # FIXME: test incomplete...
# BIG Q: why is wire_out empty? => aggregation test does not actually # BIG Q: why is wire_out empty? => aggregation test does not actually
# find WTIDs to check, and thus doesn't detect the bad signature! # find WTIDs to check, and thus doesn't detect the bad signature!
echo "OK"
# Cannot undo aggregation, do full reload # Cannot undo aggregation, do full reload
full_reload full_reload
@ -1802,10 +1819,9 @@ check_with_database()
break break
fi fi
done done
# echo "Cleanup (disabled, leaving database $DB behind)" echo "Cleanup (disabled, leaving database $DB behind)"
dropdb $DB # dropdb $DB
rm -r $WIRE_FEE_DIR # rm -r $WIRE_FEE_DIR
rm -f test-audit.log test-wire-audit.log
} }