Skip to content

Commit

Permalink
test: Enforced passing of KMS key ID using KMS_KEY_ID env var.
Browse files Browse the repository at this point in the history
  • Loading branch information
orlowskilp committed Oct 15, 2024
1 parent 74e0f3f commit 6d37b6c
Show file tree
Hide file tree
Showing 7 changed files with 72 additions and 18 deletions.
3 changes: 3 additions & 0 deletions .github/workflows/build-and-test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,10 @@ on:
- feat/**
- fix/**
- chore/**
- test/**
- ci/**
tags:
- v[0-9]+.[0-9]+.[0-9]+

pull_request:
branches:
Expand Down
3 changes: 2 additions & 1 deletion Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -32,4 +32,5 @@ aws-sdk-kms = "1.37.0"
[dev-dependencies]
serde_json = "1.0.120"
serde_plain = "1.0.2"
tokio-test = "0.4.4"
tokio-test = "0.4.4"
lazy_static = "1.5.0"
9 changes: 9 additions & 0 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,9 @@ doc:

.PHONY: test
test:
ifndef KMS_KEY_ID
$(error KMS_KEY_ID is not set)
endif
cargo fmt
cargo test --lib --tests

Expand All @@ -18,13 +21,19 @@ test-coverage:

.PHONY: test-doc
test-doc:
ifndef KMS_KEY_ID
$(error KMS_KEY_ID is not set)
endif
cargo test --doc

.PHONY: unit-test
unit-test:
cargo test --lib

.PHONY: integration-tests
ifndef KMS_KEY_ID
$(error KMS_KEY_ID is not set)
endif
integration-test:
cargo test --tests

Expand Down
File renamed without changes.
File renamed without changes.
54 changes: 41 additions & 13 deletions tests/evm_account_test.rs
Original file line number Diff line number Diff line change
@@ -1,7 +1,9 @@
mod evm_account {
mod integration_tests {
use lazy_static::lazy_static;
use serde_json;
use serde_plain;
use std::env;
use std::fs::File;

use evm_signer_kms::evm_account::{
Expand All @@ -14,16 +16,29 @@ mod evm_account {
EvmAccount,
};

const KMS_KEY_ID: &str = "52c9a19f-bcfd-46a7-bd56-6d0cf98d8616";
// Reads the KMS_KEY_ID environment variable using lazy static evaluation.
// Assumes no default value and fails if the key ID is not set!
const KMS_KEY_ID_VAR_NAME: &str = "KMS_KEY_ID";
lazy_static! {
static ref KMS_KEY_ID: String = env::var(KMS_KEY_ID_VAR_NAME).expect(
format!("⚠️ `{}` environment variable not set", KMS_KEY_ID_VAR_NAME).as_str()
);
}

const TEST_TO_ADDRESS_BYTES: [u8; 20] = [
0xa9, 0xd8, 0x91, 0x86, 0xca, 0xa6, 0x63, 0xc8, 0xef, 0x03, 0x52, 0xfd, 0x1d, 0xb3,
0x59, 0x62, 0x80, 0x62, 0x55, 0x73,
];

// Only verifies if the signature can be generated
// NOTE: Digest signatures from KMS are non-deterministic, so the output of this test will
// vary. For this reason, the test is not asserting any specific value, but rather just
// assess whether transaction encoding can be performed without errors.
//
// The transactions are printed, so that they can be manually verified.

#[tokio::test]
async fn sign_transaction_succeed() {
let kms_key = &kms_key::KmsKey::new(KMS_KEY_ID).await;
let kms_key = &kms_key::KmsKey::new(&KMS_KEY_ID).await;
let evm_account = EvmAccount::new(kms_key);

let tx = FreeMarketTransaction {
Expand All @@ -45,14 +60,17 @@ mod evm_account {
.await
.unwrap();

// Print the signed transaction bytes for manual verification
println!("{:02x?}", signed_tx);

assert!(true);
}

#[tokio::test]
async fn encode_signed_legacy_tx_succeed() {
const TX_FILE_PATH: &str = "tests/data/valid-legacy-tx-01.json";

let kms_key = &kms_key::KmsKey::new(KMS_KEY_ID).await;
let kms_key = &kms_key::KmsKey::new(&KMS_KEY_ID).await;
let evm_account = EvmAccount::new(kms_key);

let tx_file = File::open(TX_FILE_PATH).unwrap();
Expand All @@ -67,15 +85,17 @@ mod evm_account {

let signed_tx_encoding_string = serde_plain::to_string(&signed_tx).unwrap();

// TODO: Verify the encoding string
// Print the signed transaction bytes for manual verification
println!("{}", signed_tx_encoding_string);

assert!(true);
}

#[tokio::test]
async fn encode_signed_access_list_tx_succeed() {
const TX_FILE_PATH: &str = "tests/data/valid-access-list-tx-02.json";

let kms_key = &kms_key::KmsKey::new(KMS_KEY_ID).await;
let kms_key = &kms_key::KmsKey::new(&KMS_KEY_ID).await;
let evm_account = EvmAccount::new(kms_key);

let tx_file = File::open(TX_FILE_PATH).unwrap();
Expand All @@ -90,15 +110,17 @@ mod evm_account {

let signed_tx_encoding_string = serde_plain::to_string(&signed_tx).unwrap();

// TODO: Verify the encoding string
// Print the signed transaction bytes for manual verification
println!("{}", signed_tx_encoding_string);

assert!(true);
}

#[tokio::test]
async fn encode_signed_free_market_tx_no_access_list_succeed() {
const TX_FILE_PATH: &str = "tests/data/valid-free-market-tx-01.json";

let kms_key = &kms_key::KmsKey::new(KMS_KEY_ID).await;
let kms_key = &kms_key::KmsKey::new(&KMS_KEY_ID).await;
let evm_account = EvmAccount::new(kms_key);

let tx_file = File::open(TX_FILE_PATH).unwrap();
Expand All @@ -113,15 +135,17 @@ mod evm_account {

let signed_tx_encoding_string = serde_plain::to_string(&signed_tx).unwrap();

// TODO: Verify the encoding string
// Print the signed transaction bytes for manual verification
println!("{}", signed_tx_encoding_string);

assert!(true);
}

#[tokio::test]
async fn encode_signed_free_market_tx_with_access_list_1_succeed() {
const TX_FILE_PATH: &str = "tests/data/valid-free-market-tx-03.json";

let kms_key = &kms_key::KmsKey::new(KMS_KEY_ID).await;
let kms_key = &kms_key::KmsKey::new(&KMS_KEY_ID).await;
let evm_account = EvmAccount::new(kms_key);

let tx_file = File::open(TX_FILE_PATH).unwrap();
Expand All @@ -136,15 +160,17 @@ mod evm_account {

let signed_tx_encoding_string = serde_plain::to_string(&signed_tx).unwrap();

// TODO: Verify the encoding string
// Print the signed transaction bytes for manual verification
println!("{}", signed_tx_encoding_string);

assert!(true);
}

#[tokio::test]
async fn encode_signed_free_market_tx_with_access_list_2_succeed() {
const TX_FILE_PATH: &str = "tests/data/valid-free-market-tx-04.json";

let kms_key = &kms_key::KmsKey::new(KMS_KEY_ID).await;
let kms_key = &kms_key::KmsKey::new(&KMS_KEY_ID).await;
let evm_account = EvmAccount::new(kms_key);

let tx_file = File::open(TX_FILE_PATH).unwrap();
Expand All @@ -159,8 +185,10 @@ mod evm_account {

let signed_tx_encoding_string = serde_plain::to_string(&signed_tx).unwrap();

// TODO: Verify the encoding string
// Print the signed transaction bytes for manual verification
println!("{}", signed_tx_encoding_string);

assert!(true);
}
}
}
21 changes: 17 additions & 4 deletions tests/kms_key_test.rs
Original file line number Diff line number Diff line change
@@ -1,10 +1,21 @@
mod kms_key {
mod integration_tests {
use lazy_static::lazy_static;
use std::env;
use std::{fs::File, io::Read};

use evm_signer_kms::evm_account::kms_key::KmsKey;

const KMS_KEY_ID: &str = "52c9a19f-bcfd-46a7-bd56-6d0cf98d8616";
// Reads the KMS_KEY_ID environment variable using lazy static evaluation.
// Assumes no default value and fails if the key ID is not set!
const KMS_KEY_ID_VAR_NAME: &str = "KMS_KEY_ID";
lazy_static! {
static ref KMS_KEY_ID: String = env::var(KMS_KEY_ID_VAR_NAME).expect(
format!("⚠️ `{}` environment variable not set", KMS_KEY_ID_VAR_NAME).as_str()
);
}

const TEST_PUBLIC_KEY_DER_FILE: &str = "tests/data/pub-key.der";
const DUMMY_KMS_KEY_ID: &str = "ffffffff-ffff-ffff-ffff-ffffffffffff";
const DUMMY_MESSAGE_DIGEST: [u8; 32] = [
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d,
Expand All @@ -14,8 +25,8 @@ mod kms_key {

#[tokio::test]
async fn get_public_key_succeed() {
let kms_key = KmsKey::new(KMS_KEY_ID);
let mut public_key_file = File::open(format!("tests/data/{}.der", KMS_KEY_ID)).unwrap();
let kms_key = KmsKey::new(&KMS_KEY_ID);
let mut public_key_file = File::open(TEST_PUBLIC_KEY_DER_FILE).unwrap();

let metadata_len = public_key_file.metadata().unwrap().len() as usize;
let mut public_key_from_file = vec![0; metadata_len];
Expand All @@ -37,10 +48,12 @@ mod kms_key {
// Just verifies if the signature process works
#[tokio::test]
async fn sign_succeed() {
let kms_key = KmsKey::new(KMS_KEY_ID);
let kms_key = KmsKey::new(&KMS_KEY_ID);
let message = &DUMMY_MESSAGE_DIGEST.to_vec();

kms_key.await.sign(message).await.unwrap();

assert!(true);
}
}
}

0 comments on commit 6d37b6c

Please sign in to comment.