LCOV - code coverage report
Current view: top level - egg - test-symkey.c (source / functions) Coverage Total Hit
Test: coverage.info Lines: 95.3 % 149 142
Test Date: 2024-12-15 20:37:51 Functions: 100.0 % 13 13

            Line data    Source code
       1              : /* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 8; tab-width: 8 -*- */
       2              : /* unit-test-crypto.c: Test crypto stuff
       3              : 
       4              :    Copyright (C) 2007 Stefan Walter
       5              : 
       6              :    The Gnome Keyring Library is free software; you can redistribute it and/or
       7              :    modify it under the terms of the GNU Library General Public License as
       8              :    published by the Free Software Foundation; either version 2 of the
       9              :    License, or (at your option) any later version.
      10              : 
      11              :    The Gnome Keyring Library is distributed in the hope that it will be useful,
      12              :    but WITHOUT ANY WARRANTY; without even the implied warranty of
      13              :    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
      14              :    Library General Public License for more details.
      15              : 
      16              :    You should have received a copy of the GNU Library General Public
      17              :    License along with the Gnome Library; see the file COPYING.LIB.  If not,
      18              :    <http://www.gnu.org/licenses/>.
      19              : 
      20              :    Author: Stef Walter <stef@memberwebs.com>
      21              : */
      22              : 
      23              : #include "config.h"
      24              : 
      25              : #include "egg/egg-asn1x.h"
      26              : #include "egg/egg-asn1-defs.h"
      27              : #include "egg/egg-libgcrypt.h"
      28              : #include "egg/egg-secure-memory.h"
      29              : #include "egg/egg-symkey.h"
      30              : #include "egg/egg-testing.h"
      31              : 
      32              : typedef struct _EggAsn1xDef ASN1_ARRAY_TYPE;
      33              : typedef struct _EggAsn1xDef asn1_static_node;
      34              : #include "test.asn.h"
      35              : 
      36              : #include <gcrypt.h>
      37              : 
      38              : #include <stdlib.h>
      39              : #include <stdio.h>
      40              : #include <string.h>
      41              : 
      42        25162 : EGG_SECURE_DEFINE_GLIB_GLOBALS ();
      43              : 
      44              : static const struct {
      45              :         const gchar *password;
      46              :         int cipher_algo;
      47              :         int hash_algo;
      48              :         int iterations;
      49              :         const gchar *salt;
      50              : 
      51              :         const gchar *result_simple;
      52              :         const gchar *result_pkcs12;
      53              :         const gchar *result_pbkdf2;
      54              :         const gchar *result_pbe;
      55              : } all_generation_tests[] = {
      56              : 
      57              :         { /* 24 byte output */
      58              :                 "booo", GCRY_CIPHER_3DES, GCRY_MD_MD5, 1,
      59              :                 "\x70\x4C\xFF\xD6\x2F\xBA\x03\xE9",
      60              :                 "\x84\x12\xBB\x34\x94\x8C\x40\xAD\x97\x57\x96\x74\x5B\x6A\xFB\xF8\xD6\x61\x33\x51\xEA\x8C\xCF\xD8",
      61              :                 NULL,
      62              :                 NULL,
      63              :                 NULL
      64              :         },
      65              : 
      66              :         { /* 5 byte output */
      67              :                 "booo", GCRY_CIPHER_RFC2268_40, GCRY_MD_SHA1, 2048,
      68              :                 "\x8A\x58\xC2\xE8\x7C\x1D\x80\x11",
      69              :                 NULL,
      70              :                 "\xD6\xA6\xF0\x76\x66",
      71              :                 NULL,
      72              :                 NULL
      73              :         },
      74              : 
      75              :         { /* Null Password, 5 byte output */
      76              :                 NULL, GCRY_CIPHER_RFC2268_40, GCRY_MD_SHA1, 2000,
      77              :                 "\x04\xE0\x1C\x3E\xF8\xF2\xE9\xFD",
      78              :                 NULL,
      79              :                 "\x98\x7F\x20\x97\x1E",
      80              :                 NULL,
      81              :                 NULL
      82              :         },
      83              : 
      84              :         { /* 24 byte output */
      85              :                 "booo", GCRY_CIPHER_3DES, GCRY_MD_SHA1, 2048,
      86              :                 "\xBD\xEE\x0B\xC6\xCF\x43\xAC\x25",
      87              :                 NULL,
      88              :                 "\x3F\x38\x1B\x0E\x87\xEB\x19\xBE\xD1\x39\xDC\x5B\xC2\xD2\xB3\x3C\x35\xA8\xB8\xF9\xEE\x66\x48\x94",
      89              :                 "\x20\x25\x90\xD8\xD6\x98\x3E\x71\x10\x17\x1F\x51\x49\x87\x27\xCA\x97\x27\xD1\xC9\x72\xF8\x11\xBB",
      90              :                 NULL
      91              :         },
      92              : 
      93              :         { /* Empty password, 24 byte output */
      94              :                 "", GCRY_CIPHER_3DES, GCRY_MD_SHA1, 2048,
      95              :                 "\xF7\xCF\xD9\xCF\x1F\xF3\xAD\xF6",
      96              :                 NULL,
      97              :                 NULL,
      98              :                 "\x53\xE3\x35\x9E\x5D\xC1\x85\x1A\x71\x3A\x67\x4E\x80\x56\x13\xD6\x4E\x3E\x89\x43\xB7\x1D\x5F\x7F",
      99              :                 NULL
     100              :         },
     101              : 
     102              :         { /* Empty password, 24 byte output */
     103              :                 "", GCRY_CIPHER_3DES, GCRY_MD_SHA1, 2048,
     104              :                 "\xD9\xB3\x2E\xC7\xBA\x1A\x8E\x15",
     105              :                 NULL,
     106              :                 "\x39\x70\x75\x7C\xF5\xE2\x13\x0B\x5D\xC2\x9D\x96\x8B\x71\xC7\xFC\x5B\x97\x1F\x79\x9F\x06\xFC\xA2",
     107              :                 NULL,
     108              :                 NULL
     109              :         },
     110              : 
     111              :         { /* 8 byte output */
     112              :                 "booo", GCRY_CIPHER_DES, GCRY_MD_MD5, 2048,
     113              :                 "\x93\x4C\x3D\x29\xA2\x42\xB0\xF5",
     114              :                 NULL,
     115              :                 NULL,
     116              :                 NULL,
     117              :                 "\x8C\x67\x19\x7F\xB9\x23\xE2\x8D"
     118              :         }
     119              : };
     120              : 
     121              : #define N_GENERATION_TESTS (sizeof (all_generation_tests) / sizeof (all_generation_tests[0]))
     122              : 
     123              : static void
     124            1 : test_generate_key_simple (void)
     125              : {
     126              :         int i;
     127              :         gboolean ret;
     128              :         guchar *key;
     129              : 
     130            8 :         for (i = 0; i < N_GENERATION_TESTS; ++i) {
     131              : 
     132            7 :                 if (!all_generation_tests[i].result_simple)
     133            6 :                         continue;
     134              : 
     135            1 :                 ret = egg_symkey_generate_simple (all_generation_tests[i].cipher_algo,
     136            1 :                                                   all_generation_tests[i].hash_algo,
     137            1 :                                                   all_generation_tests[i].password, -1,
     138            1 :                                                   (guchar*)all_generation_tests[i].salt, 8,
     139            1 :                                                   all_generation_tests[i].iterations,
     140              :                                                   &key, NULL);
     141            1 :                 g_assert (ret && "key generation failed");
     142              : 
     143            2 :                 ret = (memcmp (key, all_generation_tests[i].result_simple,
     144            1 :                                gcry_cipher_get_algo_keylen (all_generation_tests[i].cipher_algo)) == 0);
     145              : 
     146            1 :                 g_assert (ret && "invalid simple key generated");
     147              : 
     148            1 :                 egg_secure_free (key);
     149              :         }
     150            1 : }
     151              : 
     152              : static void
     153            1 : test_generate_key_pkcs12 (void)
     154              : {
     155              :         int i;
     156              :         gboolean ret;
     157              :         guchar *key;
     158              : 
     159            8 :         for (i = 0; i < N_GENERATION_TESTS; ++i) {
     160              : 
     161            7 :                 if (!all_generation_tests[i].result_pkcs12)
     162            3 :                         continue;
     163              : 
     164            4 :                 ret = egg_symkey_generate_pkcs12 (all_generation_tests[i].cipher_algo,
     165            4 :                                                   all_generation_tests[i].hash_algo,
     166            4 :                                                   all_generation_tests[i].password, -1,
     167            4 :                                                   (guchar*)all_generation_tests[i].salt, 8,
     168            4 :                                                   all_generation_tests[i].iterations,
     169              :                                                   &key, NULL);
     170            4 :                 g_assert ("failed to generate pkcs12 key" && ret);
     171              : 
     172            8 :                 ret = (memcmp (key, all_generation_tests[i].result_pkcs12,
     173            4 :                                 gcry_cipher_get_algo_keylen (all_generation_tests[i].cipher_algo)) == 0);
     174              : 
     175            4 :                 g_assert ("invalid pkcs12 key generated" && ret);
     176              : 
     177            4 :                 egg_secure_free (key);
     178              :         }
     179            1 : }
     180              : 
     181              : static void
     182            1 : test_generate_key_pbkdf2 (void)
     183              : {
     184              :         int i;
     185              :         gboolean ret;
     186              :         guchar *key;
     187              : 
     188            8 :         for (i = 0; i < N_GENERATION_TESTS; ++i) {
     189              : 
     190            7 :                 if (!all_generation_tests[i].result_pbkdf2)
     191            5 :                         continue;
     192              : 
     193            2 :                 ret = egg_symkey_generate_pbkdf2 (all_generation_tests[i].cipher_algo,
     194            2 :                                                   all_generation_tests[i].hash_algo,
     195            2 :                                                   all_generation_tests[i].password, -1,
     196            2 :                                                   (guchar*)all_generation_tests[i].salt, 8,
     197            2 :                                                   all_generation_tests[i].iterations,
     198              :                                                   &key, NULL);
     199            2 :                 g_assert ("failed to generate pbkdf2 key" && ret);
     200              : 
     201            4 :                 ret = (memcmp (key, all_generation_tests[i].result_pbkdf2,
     202            2 :                                 gcry_cipher_get_algo_keylen (all_generation_tests[i].cipher_algo)) == 0);
     203              : 
     204            2 :                 g_assert ("invalid pbkdf2 key generated" && ret);
     205              : 
     206            2 :                 egg_secure_free (key);
     207              :         }
     208            1 : }
     209              : 
     210              : static void
     211            1 : test_generate_key_pbe (void)
     212              : {
     213              :         int i;
     214              :         gboolean ret;
     215              :         guchar *key;
     216              : 
     217            8 :         for (i = 0; i < N_GENERATION_TESTS; ++i) {
     218              : 
     219            7 :                 if (!all_generation_tests[i].result_pbe)
     220            6 :                         continue;
     221              : 
     222            1 :                 ret = egg_symkey_generate_pbe (all_generation_tests[i].cipher_algo,
     223            1 :                                                all_generation_tests[i].hash_algo,
     224            1 :                                                all_generation_tests[i].password, -1,
     225            1 :                                                (guchar*)all_generation_tests[i].salt, 8,
     226            1 :                                                all_generation_tests[i].iterations,
     227              :                                                &key, NULL);
     228            1 :                 g_assert ("failed to generate pbe key" && ret);
     229              : 
     230            2 :                 ret = (memcmp (key, all_generation_tests[i].result_pbe,
     231            1 :                                 gcry_cipher_get_algo_keylen (all_generation_tests[i].cipher_algo)) == 0);
     232              : 
     233            1 :                 g_assert ("invalid pbe key generated" && ret);
     234              : 
     235            1 :                 egg_secure_free (key);
     236              :         }
     237            1 : }
     238              : 
     239              : typedef struct {
     240              :         const gchar *name;
     241              :         const gchar *scheme;
     242              : 
     243              :         /* Info to use with cipher */
     244              :         const gchar *password;
     245              :         const gchar *salt;
     246              :         gsize iterations;
     247              : 
     248              :         /* DER representation of cipher */
     249              :         gsize n_der;
     250              :         const gchar *der;
     251              : 
     252              :         /* Data to encrypt and test with */
     253              :         gsize n_text_length;
     254              :         const gchar *plain_text;
     255              :         const gchar *cipher_text;
     256              : } ReadCipher;
     257              : 
     258              : static const ReadCipher cipher_tests[] = {
     259              :         {
     260              :                 "pbe-sha1-des-cbc", "1.2.840.113549.1.5.10",
     261              :                 "password", "saltsalt", 33,
     262              :                 15, "\x30\x0D"
     263              :                         "\x04\x08""saltsalt"
     264              :                         "\x02\x01\x2A",
     265              :                 8, "plaintex", "\x69\xe2\x88\x4c\x31\xcf\x0e\x2a"
     266              :         },
     267              :         {
     268              :                 "pkcs12-pbe-3des-sha1", "1.2.840.113549.1.12.1.3",
     269              :                 "password", "saltsalt", 33,
     270              :                 15, "\x30\x0D"
     271              :                         "\x04\x08""saltsalt"
     272              :                         "\x02\x01\x2A",
     273              :                 8, "plaintex", "\xcf\xfb\x49\x2e\x42\x75\x15\x56"
     274              :         },
     275              :         {
     276              :                 "pkcs5-pbes2", "1.2.840.113549.1.5.13",
     277              :                 "password", "salt", 33,
     278              :                 48, "\x30\x2e"
     279              :                         "\x30\x16"
     280              :                                 "\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x05\x0c"
     281              :                                 "\x30\x09"
     282              :                                         "\x04\x04\x73\x61\x6c\x74"
     283              :                                         "\x02\x01\x21"
     284              :                         "\x30\x14"
     285              :                                 "\x06\x08\x2a\x86\x48\x86\xf7\x0d\x03\x07"
     286              :                                 "\x04\x08\x73\x61\x6c\x74\x73\x61\x6c\x74",
     287              :                 8, "plaintex", "\x46\x1A\x3A\x39\xD0\xF5\x21\x5C"
     288              :         },
     289              :         {
     290              :                 "pkcs5-pbes2-des-cbc", "1.2.840.113549.1.5.13",
     291              :                 "password", "salt", 33,
     292              :                 0x2d, "\x30\x2b"
     293              :                         "\x30\x16"
     294              :                                 "\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x05\x0c"
     295              :                                 "\x30\x09"
     296              :                                         "\x04\x04\x73\x61\x6c\x74"
     297              :                                         "\x02\x01\x21"
     298              :                         "\x30\x11"
     299              :                                 "\x06\x05\x2b\x0e\x03\x02\x07"
     300              :                                 "\x04\x08\x73\x61\x6c\x74\x73\x61\x6c\x74",
     301              :                 8, "plaintex", "\xB7\x7B\x54\xBF\x29\x4D\x31\x7D"
     302              :         }
     303              : };
     304              : 
     305              : typedef struct {
     306              :         const gchar *name;
     307              :         const gchar *scheme;
     308              : 
     309              :         /* Info to use with cipher */
     310              :         const gchar *password;
     311              : 
     312              :         /* DER representation of cipher */
     313              :         gsize n_der;
     314              :         const gchar *der;
     315              : } InvalidCipher;
     316              : 
     317              : #if 0
     318              : #include "egg/egg-hex.h"
     319              : 
     320              : static void
     321              : create_pkcs5_pbes2 (void)
     322              : {
     323              :         GNode *asn;
     324              :         GNode *param;
     325              :         GBytes *bytes;
     326              :         gconstpointer data;
     327              :         gsize size;
     328              : 
     329              :         asn = egg_asn1x_create (pkix_asn1_tab, "pkcs-5-PBES2-params");
     330              : 
     331              :         egg_asn1x_set_oid_as_string (egg_asn1x_node (asn, "keyDerivationFunc", "algorithm", NULL), "1.2.840.113549.1.5.12");
     332              :         param = egg_asn1x_create (pkix_asn1_tab, "pkcs-5-PBKDF2-params");
     333              :         egg_asn1x_set_integer_as_ulong (egg_asn1x_node (param, "iterationCount", NULL), 33);
     334              : #if 1
     335              :         egg_asn1x_set_choice (egg_asn1x_node (param, "salt", NULL), egg_asn1x_node (param, "salt", "specified", NULL));
     336              :         egg_asn1x_set_string_as_raw (egg_asn1x_node (param, "salt", "specified", NULL), (guchar *)"salt", 4, NULL);
     337              : #else
     338              :         egg_asn1x_set_choice (egg_asn1x_node (param, "salt", NULL), egg_asn1x_node (param, "salt", "otherSource", NULL)); */
     339              :         egg_asn1x_set_oid_as_string (egg_asn1x_node (param, "salt", "otherSource", "algorithm", NULL), "1.2.1"); */
     340              : #endif
     341              :         egg_asn1x_set_any_from (egg_asn1x_node (asn, "keyDerivationFunc", "parameters", NULL), param);
     342              :         egg_asn1x_destroy (param);
     343              : 
     344              :         egg_asn1x_set_oid_as_string (egg_asn1x_node (asn, "encryptionScheme", "algorithm", NULL), "1.3.14.3.2.7");
     345              :         param = egg_asn1x_create (pkix_asn1_tab, "pkcs-5-des-EDE3-CBC-params");
     346              :         egg_asn1x_set_string_as_raw (param, (guchar *)"saltsalt", 8, NULL);
     347              :         egg_asn1x_set_any_from (egg_asn1x_node (asn, "encryptionScheme", "parameters", NULL), param);
     348              :         egg_asn1x_destroy (param);
     349              : 
     350              :         bytes = egg_asn1x_encode (asn, NULL);
     351              :         egg_asn1x_assert (bytes != NULL, asn);
     352              :         egg_asn1x_destroy (asn);
     353              : 
     354              :         data = g_bytes_get_data (bytes, &size);
     355              :         g_printerr ("%s: \\x%s\n", __FUNCTION__, egg_hex_encode_full (data, size, FALSE, "\\x", 1));
     356              :         g_bytes_unref (bytes);
     357              : }
     358              : #endif
     359              : 
     360              : static void
     361            4 : test_read_cipher (gconstpointer data)
     362              : {
     363            4 :         const ReadCipher *test = data;
     364              :         gcry_cipher_hd_t cih;
     365              :         gcry_error_t gcry;
     366              :         GNode *asn;
     367              :         gboolean ret;
     368              :         GBytes *bytes;
     369              :         gpointer block;
     370              : 
     371            4 :         bytes = g_bytes_new_static (test->der, test->n_der);
     372            4 :         asn = egg_asn1x_create_and_decode (test_asn1_tab, "TestAny", bytes);
     373            4 :         g_assert (asn != NULL);
     374            4 :         g_bytes_unref (bytes);
     375              : 
     376            4 :         ret = egg_symkey_read_cipher (g_quark_from_static_string (test->scheme),
     377            4 :                                       test->password, strlen (test->password),
     378              :                                       asn, &cih);
     379              : 
     380            4 :         egg_asn1x_destroy (asn);
     381            4 :         g_assert (ret == TRUE);
     382              : 
     383            4 :         block = g_memdup (test->plain_text, test->n_text_length);
     384            4 :         gcry = gcry_cipher_encrypt (cih, block, test->n_text_length, NULL, 0);
     385            4 :         g_assert_cmpint (gcry, ==, 0);
     386              : 
     387            4 :         egg_assert_cmpmem (test->cipher_text, test->n_text_length, ==,
     388              :                            block, test->n_text_length);
     389              : 
     390            4 :         gcry_cipher_close (cih);
     391            4 :         g_free (block);
     392            4 : }
     393              : 
     394              : static const InvalidCipher cipher_invalid[] = {
     395              :         {
     396              :                 "pbe-bad-der", "1.2.840.113549.1.12.1.3",
     397              :                 "password",
     398              :                 /* Valid DER, but not pkcs-12-PbeParams */
     399              :                 11, "\x30\x09\x04\x07""invalid"
     400              :         },
     401              :         {
     402              :                 "pkcs5-pbe-bad-der", "1.2.840.113549.1.5.10",
     403              :                 "password",
     404              :                 /* Valid DER, but not pkcs-5-PBE-params */
     405              :                 11, "\x30\x09\x04\x07""invalid"
     406              :         },
     407              :         {
     408              :                 "pkcs5-pbes2-bad-der", "1.2.840.113549.1.5.13",
     409              :                 "password",
     410              :                 /* Valid DER, but not pkcs-5-PBES2-params */
     411              :                 11, "\x30\x09\x04\x07""invalid"
     412              :         },
     413              :         {
     414              :                 "pkcs5-pbes2-missing-key-parameters", "1.2.840.113549.1.5.13",
     415              :                 "password",
     416              :                 0x25, "\x30\x23"
     417              :                         "\x30\x0b"
     418              :                                 "\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x05\x0c"
     419              :                                 /* Missing OPTIONAL parameters here */
     420              :                         "\x30\x14"
     421              :                                 "\x06\x08\x2a\x86\x48\x86\xf7\x0d\x03\x07"
     422              :                                 "\x04\x08\x73\x61\x6c\x74\x73\x61\x6c\x74",
     423              :         },
     424              :         {
     425              :                 "pkcs5-pbes2-missing-scheme-parameters", "1.2.840.113549.1.5.13",
     426              :                 "password",
     427              :                 0x26, "\x30\x24"
     428              :                         "\x30\x16"
     429              :                                 "\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x05\x0c"
     430              :                                 "\x30\x09"
     431              :                                         "\x04\x04\x73\x61\x6c\x74"
     432              :                                         "\x02\x01\x21"
     433              :                         "\x30\x0a"
     434              :                                 "\x06\x08\x2a\x86\x48\x86\xf7\x0d\x03\x07"
     435              :                                 /* Missing OPTIONAL parameters here */
     436              :         },
     437              :         {
     438              :                 "pkcs5-pbes2-bad-key-derivation-algo", "1.2.840.113549.1.5.13",
     439              :                 "password",
     440              :                 48, "\x30\x2e"
     441              :                         "\x30\x16" /* An unsupported keyDerivation algorithm oid */
     442              :                                 "\x06\x09\x2a\x86\x48\x86\xf7\x0c\x01\x04\x0b"
     443              :                                 "\x30\x09"
     444              :                                         "\x04\x04\x73\x61\x6c\x74"
     445              :                                         "\x02\x01\x21"
     446              :                         "\x30\x14"
     447              :                                 "\x06\x08\x2a\x86\x48\x86\xf7\x0d\x03\x07"
     448              :                                 "\x04\x08\x73\x61\x6c\x74\x73\x61\x6c\x74",
     449              :         },
     450              :         {
     451              :                 "pkcs5-pbes2-salt-not-specified", "1.2.840.113549.1.5.13",
     452              :                 "password",
     453              :                 0x30, "\x30\x2e"
     454              :                         "\x30\x16"
     455              :                                 "\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x05\x0c"
     456              :                                 "\x30\x09"
     457              :                                         "\x30\x04"
     458              :                                                 "\x06\x02\x2a\x01"
     459              :                                         "\x02\x01\x21"
     460              :                         "\x30\x14"
     461              :                                 "\x06\x08\x2a\x86\x48\x86\xf7\x0d\x03\x07"
     462              :                                 "\x04\x08\x73\x61\x6c\x74\x73\x61\x6c\x74"
     463              :         },
     464              :         {
     465              :                 "pkcs5-pbes2-unsupported-des-rc5-cbc", "1.2.840.113549.1.5.13",
     466              :                 "password",
     467              :                 0x30, "\x30\x2e"
     468              :                         "\x30\x16"
     469              :                                 "\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x05\x0c"
     470              :                                 "\x30\x09"
     471              :                                         "\x04\x04\x73\x61\x6c\x74"
     472              :                                         "\x02\x01\x21"
     473              :                         "\x30\x14"
     474              :                                 "\x06\x08\x2a\x86\x48\x86\xf7\x0d\x03\x09"
     475              :                                 "\x04\x08\x73\x61\x6c\x74\x73\x61\x6c\x74"
     476              :         }
     477              : };
     478              : 
     479              : static void
     480            8 : test_read_cipher_invalid (gconstpointer data)
     481              : {
     482            8 :         const InvalidCipher *test = data;
     483              :         gcry_cipher_hd_t cih;
     484              :         GNode *asn;
     485              :         gboolean ret;
     486              :         GBytes *bytes;
     487              : 
     488            8 :         bytes = g_bytes_new_static (test->der, test->n_der);
     489            8 :         asn = egg_asn1x_create_and_decode (test_asn1_tab, "TestAny", bytes);
     490            8 :         g_assert (asn != NULL);
     491            8 :         g_bytes_unref (bytes);
     492              : 
     493            8 :         ret = egg_symkey_read_cipher (g_quark_from_static_string (test->scheme),
     494            8 :                                       test->password, strlen (test->password),
     495              :                                       asn, &cih);
     496              : 
     497            8 :         egg_asn1x_destroy (asn);
     498            8 :         g_assert (ret == FALSE);
     499            8 : }
     500              : 
     501              : static void
     502            1 : test_read_cipher_unsupported_pbe (void)
     503              : {
     504              :         gcry_cipher_hd_t cih;
     505              :         GNode *asn;
     506              :         gboolean ret;
     507              :         GBytes *bytes;
     508              : 
     509              :         /*
     510              :          * On many test systems RC2 is no longer supported by libgcrypt, but
     511              :          * in case these tests are run elsewhere, double check.
     512              :          */
     513            1 :         if (gcry_cipher_algo_info (GCRY_CIPHER_RFC2268_128, GCRYCTL_TEST_ALGO, NULL, 0) == 0)
     514            1 :                 return;
     515              : 
     516            0 :         bytes = g_bytes_new_static ("\x30\x09\x04\x07""invalid", 11);
     517            0 :         asn = egg_asn1x_create_and_decode (test_asn1_tab, "TestAny", bytes);
     518            0 :         g_assert (asn != NULL);
     519            0 :         g_bytes_unref (bytes);
     520              : 
     521            0 :         ret = egg_symkey_read_cipher (g_quark_from_static_string ("1.2.840.113549.1.12.1.5"),
     522              :                                       "blah", 4, asn, &cih);
     523              : 
     524            0 :         g_assert (ret == FALSE);
     525              : 
     526            0 :         egg_asn1x_destroy (asn);
     527              : }
     528              : 
     529              : typedef struct {
     530              :         const gchar *name;
     531              :         const gchar *scheme;
     532              :         gsize digest_len;
     533              : 
     534              :         /* Info to use with cipher */
     535              :         const gchar *password;
     536              :         const gchar *salt;
     537              :         gsize iterations;
     538              : 
     539              :         /* DER representation of cipher */
     540              :         gsize n_der;
     541              :         const gchar *der;
     542              : 
     543              :         /* Data to encrypt and test with */
     544              :         gsize n_plain_length;
     545              :         const gchar *plain_text;
     546              :         const gchar *digest;
     547              : } ReadMac;
     548              : 
     549              : static const ReadMac mac_tests[] = {
     550              :         {
     551              :                 "sha1", "1.3.14.3.2.26", 20,
     552              :                 "password", "saltsalt", 33,
     553              :                 31, "\x30\x1d"
     554              :                         "\x30\x12"
     555              :                                 "\x30\x07"
     556              :                                         "\x06\x05\x2b\x0e\x03\x02\x1a"
     557              :                                 "\x04\x07""invalid"
     558              :                         "\x04\x04""salt"
     559              :                         "\x02\x01\x21",
     560              :                 8, "plaintex", "\x8b\x96\x7f\xa2\xf4\x4f\x2d\x70\xcb\x59\x7e\x8f\xad\xf3\x92\x18\x70\x08\x5c\x57"
     561              :         }
     562              : };
     563              : 
     564              : static void
     565            1 : test_read_mac (gconstpointer data)
     566              : {
     567            1 :         const ReadMac *test = data;
     568              :         gcry_md_hd_t mdh;
     569              :         gpointer digest;
     570              :         gsize digest_len;
     571              :         GNode *asn;
     572              :         gboolean ret;
     573              :         GBytes *bytes;
     574              : 
     575            1 :         bytes = g_bytes_new_static (test->der, test->n_der);
     576            1 :         asn = egg_asn1x_create_and_decode (test_asn1_tab, "TestAny", bytes);
     577            1 :         g_assert (asn != NULL);
     578            1 :         g_bytes_unref (bytes);
     579              : 
     580            1 :         ret = egg_symkey_read_mac (g_quark_from_static_string (test->scheme),
     581            1 :                                    test->password, strlen (test->password),
     582              :                                    asn, &mdh, &digest_len);
     583              : 
     584            1 :         g_assert_cmpint (digest_len, ==, test->digest_len);
     585              : 
     586            1 :         egg_asn1x_destroy (asn);
     587            1 :         g_assert (ret == TRUE);
     588              : 
     589            1 :         gcry_md_write (mdh, test->plain_text, test->n_plain_length);
     590            1 :         digest = gcry_md_read (mdh, 0);
     591              : 
     592            1 :         egg_assert_cmpmem (test->digest, digest_len, ==,
     593              :                            digest, digest_len);
     594              : 
     595            1 :         gcry_md_close (mdh);
     596            1 : }
     597              : 
     598              : static void
     599            1 : test_read_mac_invalid (void)
     600              : {
     601              :         gcry_md_hd_t mdh;
     602              :         gsize digest_len;
     603              :         GNode *asn;
     604              :         gboolean ret;
     605              :         GBytes *bytes;
     606              : 
     607            1 :         bytes = g_bytes_new_static ("\x30\x09\x04\x07""invalid", 11);
     608            1 :         asn = egg_asn1x_create_and_decode (test_asn1_tab, "TestAny", bytes);
     609            1 :         g_assert (asn != NULL);
     610            1 :         g_bytes_unref (bytes);
     611              : 
     612            1 :         ret = egg_symkey_read_mac (g_quark_from_static_string ("1.3.14.3.2.26"),
     613              :                                    "blah", 4, asn, &mdh, &digest_len);
     614              : 
     615            1 :         g_assert (ret == FALSE);
     616              : 
     617            1 :         egg_asn1x_destroy (asn);
     618            1 : }
     619              : 
     620              : static void
     621           10 : null_log_handler (const gchar *log_domain, GLogLevelFlags log_level,
     622              :                   const gchar *message, gpointer user_data)
     623              : {
     624              : 
     625           10 : }
     626              : 
     627              : int
     628            1 : main (int argc, char **argv)
     629              : {
     630              :         gchar *name;
     631              :         gint i;
     632              : 
     633            1 :         g_test_init (&argc, &argv, NULL);
     634            1 :         egg_libgcrypt_initialize ();
     635              : 
     636              :         /* Suppress these messages in tests */
     637            1 :         g_log_set_handler (G_LOG_DOMAIN, G_LOG_LEVEL_MESSAGE | G_LOG_LEVEL_INFO,
     638              :                            null_log_handler, NULL);
     639              : 
     640            1 :         g_test_add_func ("/symkey/generate_key_simple", test_generate_key_simple);
     641            1 :         g_test_add_func ("/symkey/generate_key_pkcs12", test_generate_key_pkcs12);
     642            1 :         g_test_add_func ("/symkey/generate_key_pbkdf2", test_generate_key_pbkdf2);
     643            1 :         g_test_add_func ("/symkey/generate_key_pbe", test_generate_key_pbe);
     644              : 
     645            5 :         for (i = 0; i < G_N_ELEMENTS (cipher_tests); i++) {
     646            4 :                 name = g_strdup_printf ("/symkey/read-cipher/%s", cipher_tests[i].name);
     647            4 :                 g_test_add_data_func (name, cipher_tests + i, test_read_cipher);
     648            4 :                 g_free (name);
     649              :         }
     650              : 
     651            9 :         for (i = 0; i < G_N_ELEMENTS (cipher_invalid); i++) {
     652            8 :                 name = g_strdup_printf ("/symkey/read-cipher-invalid/%s", cipher_invalid[i].name);
     653            8 :                 g_test_add_data_func (name, cipher_invalid + i, test_read_cipher_invalid);
     654            8 :                 g_free (name);
     655              :         }
     656              : 
     657            1 :         g_test_add_func ("/symkey/read-cipher-unsupported/pbe", test_read_cipher_unsupported_pbe);
     658              : 
     659            2 :         for (i = 0; i < G_N_ELEMENTS (mac_tests); i++) {
     660            1 :                 name = g_strdup_printf ("/symkey/read-mac/%s", mac_tests[i].name);
     661            1 :                 g_test_add_data_func (name, mac_tests + i, test_read_mac);
     662            1 :                 g_free (name);
     663              :         }
     664              : 
     665            1 :         g_test_add_func ("/symkey/read-mac-invalid", test_read_mac_invalid);
     666              : 
     667            1 :         return g_test_run ();
     668              : }
        

Generated by: LCOV version 2.0-1