summaryrefslogtreecommitdiff
path: root/egg/test-openssl.c
diff options
context:
space:
mode:
Diffstat (limited to 'egg/test-openssl.c')
-rw-r--r--egg/test-openssl.c223
1 files changed, 223 insertions, 0 deletions
diff --git a/egg/test-openssl.c b/egg/test-openssl.c
new file mode 100644
index 00000000..4f511265
--- /dev/null
+++ b/egg/test-openssl.c
@@ -0,0 +1,223 @@
+/* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 8; tab-width: 8 -*- */
+/* test-openssl.c: Test openssl
+
+ Copyright (C) 2008 Stefan Walter
+
+ The Gnome Keyring Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Library General Public License as
+ published by the Free Software Foundation; either version 2 of the
+ License, or (at your option) any later version.
+
+ The Gnome Keyring Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Library General Public License for more details.
+
+ You should have received a copy of the GNU Library General Public
+ License along with the Gnome Library; see the file COPYING.LIB. If not,
+ <http://www.gnu.org/licenses/>.
+
+ Author: Stef Walter <stef@memberwebs.com>
+*/
+
+#include "config.h"
+
+#include "egg/egg-armor.h"
+#include "egg/egg-symkey.h"
+#include "egg/egg-openssl.h"
+#include "egg/egg-secure-memory.h"
+#include "egg/egg-testing.h"
+
+#include <glib.h>
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+
+EGG_SECURE_DEFINE_GLIB_GLOBALS ();
+
+typedef struct {
+ GBytes *input;
+ GQuark reftype;
+ guchar *refenc;
+ guchar *refdata;
+ gsize n_refenc;
+ gsize n_refdata;
+ GHashTable *refheaders;
+} Test;
+
+static void
+setup (Test *test, gconstpointer unused)
+{
+ gchar *contents;
+ gsize length;
+
+ if (!g_file_get_contents (SRCDIR "/fixtures/pem-rsa-enc.key", &contents, &length, NULL))
+ g_assert_not_reached ();
+
+ test->input = g_bytes_new_take (contents, length);
+}
+
+static void
+teardown (Test *test, gconstpointer unused)
+{
+ g_bytes_unref (test->input);
+ g_free (test->refenc);
+ egg_secure_free (test->refdata);
+ g_hash_table_destroy (test->refheaders);
+}
+
+static void
+copy_each_key_value (gpointer key, gpointer value, gpointer user_data)
+{
+ g_hash_table_insert ((GHashTable*)user_data, g_strdup ((gchar*)key), g_strdup ((gchar*)value));
+}
+
+static void
+parse_reference (GQuark type,
+ GBytes *data,
+ GBytes *outer,
+ GHashTable *headers,
+ gpointer user_data)
+{
+ Test *test = user_data;
+ const gchar *dekinfo;
+
+ g_assert (type);
+ test->reftype = type;
+
+ g_assert ("no data in PEM callback" && data != NULL);
+ g_assert ("no data in PEM callback" && g_bytes_get_size (data) > 0);
+ test->refenc = g_memdup (g_bytes_get_data (data, NULL), g_bytes_get_size (data));
+ test->n_refenc = g_bytes_get_size (data);
+
+ g_assert ("no headers present in file" && headers != NULL);
+ g_assert (!test->refheaders);
+ test->refheaders = egg_armor_headers_new ();
+ g_hash_table_foreach (headers, copy_each_key_value, test->refheaders);
+ dekinfo = egg_openssl_get_dekinfo (headers);
+ g_assert ("no dekinfo in headers" && dekinfo != NULL);
+
+ test->refdata = egg_openssl_decrypt_block (dekinfo, "booo", 4, data, &test->n_refdata);
+ g_assert ("no data returned from openssl decrypt" && test->refdata != NULL);
+ g_assert ("invalid amount of data returned from openssl decrypt" && test->n_refdata == g_bytes_get_size (data));
+}
+
+static void
+test_parse_reference (Test *test, gconstpointer unused)
+{
+ guint num;
+
+ num = egg_armor_parse (test->input, parse_reference, test);
+ g_assert ("couldn't PEM block in reference data" && num == 1);
+
+ g_assert ("parse_reference() wasn't called" && test->refdata != NULL);
+}
+
+static void
+test_write_reference (Test *test, gconstpointer unused)
+{
+ const gchar *dekinfo;
+ guchar *encrypted;
+ gsize n_encrypted;
+ GBytes *data;
+ guint num;
+
+ num = egg_armor_parse (test->input, parse_reference, test);
+ g_assert ("couldn't PEM block in reference data" && num == 1);
+
+ dekinfo = egg_openssl_get_dekinfo (test->refheaders);
+ g_assert ("no dekinfo in headers" && dekinfo != NULL);
+
+ data = g_bytes_new_static (test->refdata, test->n_refdata);
+ encrypted = egg_openssl_encrypt_block (dekinfo, "booo", 4, data, &n_encrypted);
+ g_bytes_unref (data);
+
+ g_assert ("no data returned from openssl encrypt" && encrypted != NULL);
+ g_assert ("invalid amount of data returned from openssl encrypt" && test->n_refdata <= n_encrypted);
+
+ g_assert ("data length doesn't match input length" && n_encrypted == test->n_refenc);
+ g_assert ("data doesn't match input" && memcmp (encrypted, test->refenc, n_encrypted) == 0);
+
+ g_free (encrypted);
+}
+
+static void
+test_write_exactly_same (Test *test, gconstpointer unused)
+{
+ guchar *result;
+ gsize n_result;
+ guint num;
+
+ num = egg_armor_parse (test->input, parse_reference, test);
+ g_assert ("couldn't PEM block in reference data" && num == 1);
+
+ result = egg_armor_write (test->refenc, test->n_refenc, test->reftype,
+ test->refheaders, &n_result);
+
+ /*
+ * Yes sirrr. Openssl's parser is so fragile, that we have to make it
+ * character for character identical. This includes line breaks, whitespace
+ * and line endings.
+ */
+
+ egg_assert_cmpbytes (test->input, ==, result, n_result);
+ g_free (result);
+}
+
+/* 29 bytes (prime number, so block length has bad chance of matching */
+static const guchar *TEST_DATA = (guchar*)"ABCDEFGHIJKLMNOPQRSTUVWXYZ123";
+const gsize TEST_DATA_L = 29;
+
+static void
+test_openssl_roundtrip (Test *test, gconstpointer unused)
+{
+ const gchar *dekinfo;
+ guchar *encrypted, *decrypted;
+ gsize n_encrypted, n_decrypted;
+ GBytes *data;
+ int i;
+ guint num;
+
+ num = egg_armor_parse (test->input, parse_reference, test);
+ g_assert ("couldn't PEM block in reference data" && num == 1);
+
+ dekinfo = egg_openssl_prep_dekinfo (test->refheaders);
+
+ data = g_bytes_new_static (TEST_DATA, TEST_DATA_L);
+ encrypted = egg_openssl_encrypt_block (dekinfo, "password", -1, data, &n_encrypted);
+ g_bytes_unref (data);
+
+ g_assert ("no data returned from openssl encrypt" && encrypted != NULL);
+ g_assert ("invalid amount of data returned from openssl encrypt" && TEST_DATA_L <= n_encrypted);
+
+ data = g_bytes_new_with_free_func (encrypted, n_encrypted, egg_secure_free, encrypted);
+ decrypted = egg_openssl_decrypt_block (dekinfo, "password", 8, data, &n_decrypted);
+ g_bytes_unref (data);
+
+ g_assert ("no data returned from openssl decrypt" && decrypted != NULL);
+
+ /* Check that the data was decrypted properly */
+ g_assert ("decrypted data doesn't match length" && n_decrypted >= TEST_DATA_L);
+ g_assert ("decrypted data doesn't match" && memcmp (TEST_DATA, decrypted, TEST_DATA_L) == 0);
+
+ /* Check that the remainder is all zeros */
+ for (i = TEST_DATA_L; i < n_decrypted; ++i)
+ g_assert ("non null byte in padding" && decrypted[i] == 0);
+
+ egg_secure_free (decrypted);
+}
+
+int
+main (int argc, char **argv)
+{
+ g_test_init (&argc, &argv, NULL);
+
+ g_test_add ("/openssl/parse_reference", Test, NULL, setup, test_parse_reference, teardown);
+ g_test_add ("/openssl/write_reference", Test, NULL, setup, test_write_reference, teardown);
+ g_test_add ("/openssl/write_exactly_same", Test, NULL, setup, test_write_exactly_same, teardown);
+ g_test_add ("/openssl/openssl_roundtrip", Test, NULL, setup, test_openssl_roundtrip, teardown);
+
+ return g_test_run ();
+}
View Lorry Controller Status