From 5ad55b1d586f42ab99e1f5f8a8a1f14814c73437 Mon Sep 17 00:00:00 2001 From: Sebastian Messmer Date: Tue, 11 Sep 2018 18:53:21 -0700 Subject: [PATCH] - UnswappableAllocator - EncryptionKey uses UnswappableAllocator --- src/cpp-utils/crypto/kdf/PasswordBasedKDF.h | 8 +- .../crypto/symmetric/EncryptionKey.h | 122 +++++++++--------- .../testutils/FakeAuthenticatedCipher.h | 6 +- src/cpp-utils/system/memory.h | 14 +- src/cpp-utils/system/memory_nonwindows.cpp | 16 ++- src/cpp-utils/system/memory_windows.cpp | 12 +- src/cryfs/config/CryCipher.cpp | 2 +- src/cryfs/config/CryCipher.h | 3 +- .../config/crypto/CryConfigEncryptor.cpp | 8 +- src/cryfs/config/crypto/CryConfigEncryptor.h | 4 +- .../config/crypto/outer/OuterEncryptor.cpp | 4 +- .../config/crypto/outer/OuterEncryptor.h | 2 +- .../EncryptedBlockStoreTest_Generic.cpp | 10 +- test/cpp-utils/crypto/kdf/SCryptTest.cpp | 15 ++- .../cpp-utils/crypto/symmetric/CipherTest.cpp | 2 +- test/cpp-utils/system/MemoryTest.cpp | 26 ++-- .../config/crypto/CryConfigEncryptorTest.cpp | 7 +- .../inner/ConcreteInnerEncryptorTest.cpp | 4 +- .../crypto/outer/OuterEncryptorTest.cpp | 4 +- 19 files changed, 142 insertions(+), 127 deletions(-) diff --git a/src/cpp-utils/crypto/kdf/PasswordBasedKDF.h b/src/cpp-utils/crypto/kdf/PasswordBasedKDF.h index e43f143c..c4241841 100644 --- a/src/cpp-utils/crypto/kdf/PasswordBasedKDF.h +++ b/src/cpp-utils/crypto/kdf/PasswordBasedKDF.h @@ -2,7 +2,7 @@ #ifndef MESSMER_CPPUTILS_CRYPTO_KDF_PASSWORDBASEDKDF_H #define MESSMER_CPPUTILS_CRYPTO_KDF_PASSWORDBASEDKDF_H -#include "../../data/FixedSizeData.h" +#include "../../crypto/symmetric/EncryptionKey.h" #include "../../data/Data.h" namespace cpputils { @@ -11,16 +11,16 @@ namespace cpputils { public: virtual ~PasswordBasedKDF() {} - template FixedSizeData deriveKey(const std::string &password); + template EncryptionKey deriveKey(const std::string &password); virtual const Data &kdfParameters() const = 0; protected: virtual void derive(void *destination, size_t size, const std::string &password) = 0; }; - template FixedSizeData + template EncryptionKey inline PasswordBasedKDF::deriveKey(const std::string &password) { - auto result = FixedSizeData::Null(); + auto result = EncryptionKey::Null(); derive(result.data(), result.BINARY_LENGTH, password); return result; } diff --git a/src/cpp-utils/crypto/symmetric/EncryptionKey.h b/src/cpp-utils/crypto/symmetric/EncryptionKey.h index 534d4a8a..33b029fb 100644 --- a/src/cpp-utils/crypto/symmetric/EncryptionKey.h +++ b/src/cpp-utils/crypto/symmetric/EncryptionKey.h @@ -22,89 +22,89 @@ namespace cpputils { template class EncryptionKey final { private: - struct EncryptionKeyData final { - public: - constexpr static size_t BINARY_LENGTH = FixedSizeData::BINARY_LENGTH; - constexpr static size_t STRING_LENGTH = FixedSizeData::STRING_LENGTH; - - EncryptionKeyData(const FixedSizeData& keyData); - ~EncryptionKeyData(); - - // Disallow copying and moving - EncryptionKeyData(const EncryptionKeyData &rhs) = delete; - EncryptionKeyData(EncryptionKeyData &&rhs) = delete; - EncryptionKeyData &operator=(const EncryptionKeyData &rhs) = delete; - EncryptionKeyData &operator=(EncryptionKeyData &&rhs) = delete; - - FixedSizeData key; - DontSwapMemoryRAII memoryProtector; // this makes sure that the key data isn't swapped to disk - }; + explicit EncryptionKey(std::shared_ptr keyData) + : _keyData(std::move(keyData)) { + ASSERT(_keyData->size() == KeySize, "Wrong key data size"); + } + template friend class EncryptionKey; public: - constexpr static size_t BINARY_LENGTH = EncryptionKeyData::BINARY_LENGTH; - constexpr static size_t STRING_LENGTH = EncryptionKeyData::STRING_LENGTH; + EncryptionKey(const EncryptionKey& rhs) = default; + EncryptionKey(EncryptionKey&& rhs) = default; + EncryptionKey& operator=(const EncryptionKey& rhs) = default; + EncryptionKey& operator=(EncryptionKey&& rhs) = default; - EncryptionKey(const FixedSizeData& keyData); + static constexpr size_t BINARY_LENGTH = KeySize; + static constexpr size_t STRING_LENGTH = 2 * BINARY_LENGTH; - static EncryptionKey FromBinary(const void *source); - static EncryptionKey FromString(const std::string& keyData); - std::string ToString() const; + static EncryptionKey Null() { + auto data = std::make_shared( + KeySize, + make_unique_ref() + ); + data->FillWithZeroes(); + return EncryptionKey(std::move(data)); + } + + static EncryptionKey FromString(const std::string& keyData) { + ASSERT(keyData.size() == STRING_LENGTH, "Wrong input size or EncryptionKey::FromString()"); + + auto data = std::make_shared( + Data::FromString(keyData, make_unique_ref()) + ); + ASSERT(data->size() == KeySize, "Wrong input size for EncryptionKey::FromString()"); + + return EncryptionKey(std::move(data)); + } + + std::string ToString() const { + auto result = _keyData->ToString(); + ASSERT(result.size() == STRING_LENGTH, "Wrong string length"); + return result; + } static EncryptionKey CreateKey(RandomGenerator &randomGenerator) { - EncryptionKey result(FixedSizeData::Null()); - randomGenerator.write(result._key->key.data(), BINARY_LENGTH); + EncryptionKey result(std::make_shared( + KeySize, + make_unique_ref() // the allocator makes sure key data is never swapped to disk + )); + randomGenerator.write(result._keyData->data(), KeySize); return result; } const void *data() const { - return _key->key.data(); + return _keyData->data(); } void *data() { return const_cast(const_cast(this)->data()); } -private: + // TODO Test take/drop - std::shared_ptr _key; + template + EncryptionKey take() const { + static_assert(NumTaken <= KeySize, "Out of bounds"); + auto result = std::make_shared(NumTaken, make_unique_ref()); + std::memcpy(result->data(), _keyData->data(), NumTaken); + return EncryptionKey(std::move(result)); + } + + template + EncryptionKey drop() const { + static_assert(NumDropped <= KeySize, "Out of bounds"); + auto result = std::make_shared(KeySize - NumDropped, make_unique_ref()); + std::memcpy(result->data(), _keyData->dataOffset(NumDropped), KeySize - NumDropped); + return EncryptionKey(std::move(result)); + } + +private: + std::shared_ptr _keyData; }; template constexpr size_t EncryptionKey::BINARY_LENGTH; template constexpr size_t EncryptionKey::STRING_LENGTH; -template -inline EncryptionKey::EncryptionKeyData::EncryptionKeyData(const FixedSizeData& keyData) -: key(keyData) -, memoryProtector(&key, sizeof(key)) { -} - -template -inline EncryptionKey::EncryptionKeyData::~EncryptionKeyData() { - // After destruction, the swap-protection is lifted, but we also don't need the key data anymore. - // Overwrite it with zeroes. - std::memset(key.data(), 0, KeySize); -} - -template -inline EncryptionKey::EncryptionKey(const FixedSizeData& keyData) -: _key(std::make_shared(keyData)) { -} - -template -EncryptionKey EncryptionKey::FromBinary(const void *source) { - return EncryptionKey(FixedSizeData::FromBinary(source)); -} - -template -EncryptionKey EncryptionKey::FromString(const std::string& keyData) { - return EncryptionKey(FixedSizeData::FromString(keyData)); -} - -template -std::string EncryptionKey::ToString() const { - return _key->key.ToString(); -} - } #endif diff --git a/src/cpp-utils/crypto/symmetric/testutils/FakeAuthenticatedCipher.h b/src/cpp-utils/crypto/symmetric/testutils/FakeAuthenticatedCipher.h index 075d04e9..79c59f46 100644 --- a/src/cpp-utils/crypto/symmetric/testutils/FakeAuthenticatedCipher.h +++ b/src/cpp-utils/crypto/symmetric/testutils/FakeAuthenticatedCipher.h @@ -13,15 +13,15 @@ namespace cpputils { struct FakeKey { - static FakeKey FromBinary(const void *data) { - return FakeKey{deserialize(data)}; + static FakeKey FromString(const std::string& keyData) { + return FakeKey{static_cast(std::atoi(keyData.c_str()))}; } static constexpr unsigned int BINARY_LENGTH = sizeof(uint64_t); static FakeKey CreateKey(RandomGenerator &randomGenerator) { auto data = randomGenerator.getFixedSize(); - return FromBinary(data.data()); + return FakeKey {*reinterpret_cast(data.data())}; } uint64_t value; diff --git a/src/cpp-utils/system/memory.h b/src/cpp-utils/system/memory.h index c91cf20e..fb754fd4 100644 --- a/src/cpp-utils/system/memory.h +++ b/src/cpp-utils/system/memory.h @@ -3,19 +3,15 @@ #define MESSMER_CPPUTILS_SYSTEM_MEMORY_H #include +#include "../data/Data.h" namespace cpputils { -// While this RAII object exists, it locks a given memory address into RAM, -// i.e. tells the operating system not to swap it. -class DontSwapMemoryRAII final { +// This allocator allocates memory that won't be swapped out to the disk, but will be kept in RAM +class UnswappableAllocator final : public Allocator { public: - DontSwapMemoryRAII(void* addr, size_t len); - ~DontSwapMemoryRAII(); - -private: - void* const addr_; - const size_t len_; + void* allocate(size_t size) override; + void free(void* data, size_t size) override; }; } diff --git a/src/cpp-utils/system/memory_nonwindows.cpp b/src/cpp-utils/system/memory_nonwindows.cpp index a4a59809..d01b48a9 100644 --- a/src/cpp-utils/system/memory_nonwindows.cpp +++ b/src/cpp-utils/system/memory_nonwindows.cpp @@ -10,19 +10,25 @@ using namespace cpputils::logging; namespace cpputils { -DontSwapMemoryRAII::DontSwapMemoryRAII(void *addr, size_t len) -: addr_(addr), len_(len) { - const int result = ::mlock(addr_, len_); +void* UnswappableAllocator::allocate(size_t size) { + void* data = DefaultAllocator().allocate(size); + const int result = ::mlock(data, size); if (0 != result) { throw std::runtime_error("Error calling mlock. Errno: " + std::to_string(errno)); } + return data; } -DontSwapMemoryRAII::~DontSwapMemoryRAII() { - const int result = ::munlock(addr_, len_); +void UnswappableAllocator::free(void* data, size_t size) { + const int result = ::munlock(data, size); if (0 != result) { LOG(WARN, "Error calling munlock. Errno: {}", errno); } + + // overwrite the memory with zeroes before we free it + std::memset(data, 0, size); + + DefaultAllocator().free(data, size); } } diff --git a/src/cpp-utils/system/memory_windows.cpp b/src/cpp-utils/system/memory_windows.cpp index bc905f91..207ebd23 100644 --- a/src/cpp-utils/system/memory_windows.cpp +++ b/src/cpp-utils/system/memory_windows.cpp @@ -9,19 +9,25 @@ using namespace cpputils::logging; namespace cpputils { -DontSwapMemoryRAII::DontSwapMemoryRAII(void *addr, size_t len) -: addr_(addr), len_(len) { +void* UnswappableAllocator::allocate(size_t size) { + void* data = DefaultAllocator().allocate(size); const BOOL result = ::VirtualLock(addr_, len_); if (!result) { throw std::runtime_error("Error calling VirtualLock. Errno: " + std::to_string(GetLastError())); } + return data; } -DontSwapMemoryRAII::~DontSwapMemoryRAII() { +void UnswappableAllocator::free(void* data, size_t size) { const BOOL result = ::VirtualUnlock(addr_, len_); if (!result) { LOG(WARN, "Error calling VirtualUnlock. Errno: {}", GetLastError()); } + + // overwrite the memory with zeroes before we free it + std::memset(data, 0, size); + + DefaultAllocator().free(data, size); } } diff --git a/src/cryfs/config/CryCipher.cpp b/src/cryfs/config/CryCipher.cpp index 19099fb5..bff577ff 100644 --- a/src/cryfs/config/CryCipher.cpp +++ b/src/cryfs/config/CryCipher.cpp @@ -47,7 +47,7 @@ public: return Cipher::EncryptionKey::CreateKey(randomGenerator).ToString(); } - unique_ref createInnerConfigEncryptor(const FixedSizeData &key) const override { + unique_ref createInnerConfigEncryptor(const EncryptionKey& key) const override { return make_unique_ref>(key.take()); } diff --git a/src/cryfs/config/CryCipher.h b/src/cryfs/config/CryCipher.h index 061d612a..f57a13f8 100644 --- a/src/cryfs/config/CryCipher.h +++ b/src/cryfs/config/CryCipher.h @@ -8,6 +8,7 @@ #include #include #include "crypto/inner/InnerEncryptor.h" +#include namespace cryfs { @@ -40,7 +41,7 @@ public: virtual const boost::optional &warning() const = 0; virtual cpputils::unique_ref createEncryptedBlockstore(cpputils::unique_ref baseBlockStore, const std::string &encKey) const = 0; virtual std::string createKey(cpputils::RandomGenerator &randomGenerator) const = 0; - virtual cpputils::unique_ref createInnerConfigEncryptor(const cpputils::FixedSizeData &key) const = 0; + virtual cpputils::unique_ref createInnerConfigEncryptor(const cpputils::EncryptionKey &key) const = 0; }; diff --git a/src/cryfs/config/crypto/CryConfigEncryptor.cpp b/src/cryfs/config/crypto/CryConfigEncryptor.cpp index a8d0ae32..59a2833b 100644 --- a/src/cryfs/config/crypto/CryConfigEncryptor.cpp +++ b/src/cryfs/config/crypto/CryConfigEncryptor.cpp @@ -14,8 +14,8 @@ namespace cryfs { constexpr size_t CryConfigEncryptor::OuterKeySize; constexpr size_t CryConfigEncryptor::MaxTotalKeySize; - CryConfigEncryptor::CryConfigEncryptor(const FixedSizeData& derivedKey, cpputils::Data kdfParameters) - : _derivedKey(derivedKey), _kdfParameters(std::move(kdfParameters)) { + CryConfigEncryptor::CryConfigEncryptor(cpputils::EncryptionKey derivedKey, cpputils::Data kdfParameters) + : _derivedKey(std::move(derivedKey)), _kdfParameters(std::move(kdfParameters)) { } Data CryConfigEncryptor::encrypt(const Data &plaintext, const string &cipherName) const { @@ -47,11 +47,11 @@ namespace cryfs { unique_ref CryConfigEncryptor::_outerEncryptor() const { auto outerKey = _derivedKey.take(); - return make_unique_ref(outerKey, _kdfParameters.copy()); + return make_unique_ref(std::move(outerKey), _kdfParameters.copy()); } unique_ref CryConfigEncryptor::_innerEncryptor(const string &cipherName) const { auto innerKey = _derivedKey.drop(); - return CryCiphers::find(cipherName).createInnerConfigEncryptor(innerKey); + return CryCiphers::find(cipherName).createInnerConfigEncryptor(std::move(innerKey)); } } diff --git a/src/cryfs/config/crypto/CryConfigEncryptor.h b/src/cryfs/config/crypto/CryConfigEncryptor.h index 8954dad0..a7e724c3 100644 --- a/src/cryfs/config/crypto/CryConfigEncryptor.h +++ b/src/cryfs/config/crypto/CryConfigEncryptor.h @@ -23,7 +23,7 @@ namespace cryfs { bool wasInDeprecatedConfigFormat; }; - CryConfigEncryptor(const cpputils::FixedSizeData& derivedKey, cpputils::Data _kdfParameters); + CryConfigEncryptor(cpputils::EncryptionKey derivedKey, cpputils::Data _kdfParameters); cpputils::Data encrypt(const cpputils::Data &plaintext, const std::string &cipherName) const; boost::optional decrypt(const cpputils::Data &data) const; @@ -32,7 +32,7 @@ namespace cryfs { cpputils::unique_ref _outerEncryptor() const; cpputils::unique_ref _innerEncryptor(const std::string &cipherName) const; - cpputils::FixedSizeData _derivedKey; + cpputils::EncryptionKey _derivedKey; cpputils::Data _kdfParameters; DISALLOW_COPY_AND_ASSIGN(CryConfigEncryptor); diff --git a/src/cryfs/config/crypto/outer/OuterEncryptor.cpp b/src/cryfs/config/crypto/outer/OuterEncryptor.cpp index 96dce442..b5f5068c 100644 --- a/src/cryfs/config/crypto/outer/OuterEncryptor.cpp +++ b/src/cryfs/config/crypto/outer/OuterEncryptor.cpp @@ -10,8 +10,8 @@ using boost::none; using namespace cpputils::logging; namespace cryfs { - OuterEncryptor::OuterEncryptor(const Cipher::EncryptionKey& key, cpputils::Data kdfParameters) - : _key(key), _kdfParameters(std::move(kdfParameters)) { + OuterEncryptor::OuterEncryptor(Cipher::EncryptionKey key, cpputils::Data kdfParameters) + : _key(std::move(key)), _kdfParameters(std::move(kdfParameters)) { } OuterConfig OuterEncryptor::encrypt(const Data &plaintext) const { diff --git a/src/cryfs/config/crypto/outer/OuterEncryptor.h b/src/cryfs/config/crypto/outer/OuterEncryptor.h index 344d8c8b..ece3f7e2 100644 --- a/src/cryfs/config/crypto/outer/OuterEncryptor.h +++ b/src/cryfs/config/crypto/outer/OuterEncryptor.h @@ -14,7 +14,7 @@ namespace cryfs { using Cipher = cpputils::AES256_GCM; static constexpr size_t CONFIG_SIZE = 1024; // Config data is grown to this size before encryption to hide its actual size - OuterEncryptor(const Cipher::EncryptionKey& key, cpputils::Data kdfParameters); + OuterEncryptor(Cipher::EncryptionKey key, cpputils::Data kdfParameters); OuterConfig encrypt(const cpputils::Data &encryptedInnerConfig) const; boost::optional decrypt(const OuterConfig &outerConfig) const; diff --git a/test/blockstore/implementations/encrypted/EncryptedBlockStoreTest_Generic.cpp b/test/blockstore/implementations/encrypted/EncryptedBlockStoreTest_Generic.cpp index a97688f7..613202ad 100644 --- a/test/blockstore/implementations/encrypted/EncryptedBlockStoreTest_Generic.cpp +++ b/test/blockstore/implementations/encrypted/EncryptedBlockStoreTest_Generic.cpp @@ -36,8 +36,9 @@ public: private: static typename Cipher::EncryptionKey createKeyFixture(int seed = 0) { - Data data = DataFixture::generate(Cipher::EncryptionKey::BINARY_LENGTH, seed); - return Cipher::EncryptionKey::FromBinary(data.data()); + return Cipher::EncryptionKey::FromString( + DataFixture::generate(Cipher::EncryptionKey::BINARY_LENGTH, seed).ToString() + ); } }; @@ -54,8 +55,9 @@ public: private: static typename Cipher::EncryptionKey createKeyFixture(int seed = 0) { - Data data = DataFixture::generate(Cipher::EncryptionKey::BINARY_LENGTH, seed); - return Cipher::EncryptionKey::FromBinary(data.data()); + return Cipher::EncryptionKey::FromString( + DataFixture::generate(Cipher::EncryptionKey::BINARY_LENGTH, seed).ToString() + ); } }; diff --git a/test/cpp-utils/crypto/kdf/SCryptTest.cpp b/test/cpp-utils/crypto/kdf/SCryptTest.cpp index 8bb273f7..9b9992fe 100644 --- a/test/cpp-utils/crypto/kdf/SCryptTest.cpp +++ b/test/cpp-utils/crypto/kdf/SCryptTest.cpp @@ -13,36 +13,41 @@ public: SCryptParameters result = SCryptParameters::deserialize(scrypt.kdfParameters()); return result; } + + template + bool keyEquals(const EncryptionKey& lhs, const EncryptionKey& rhs) { + return 0 == std::memcmp(lhs.data(), rhs.data(), SIZE); + } }; TEST_F(SCryptTest, GeneratedKeyIsReproductible_448) { auto derivedKey = scryptForNewKey->deriveKey<56>("mypassword"); auto rederivedKey = scryptForExistingKey->deriveKey<56>("mypassword"); - EXPECT_EQ(derivedKey, rederivedKey); + EXPECT_TRUE(keyEquals(derivedKey, rederivedKey)); } TEST_F(SCryptTest, GeneratedKeyIsReproductible_256) { auto derivedKey = scryptForNewKey->deriveKey<32>("mypassword"); auto rederivedKey = scryptForExistingKey->deriveKey<32>("mypassword"); - EXPECT_EQ(derivedKey, rederivedKey); + EXPECT_TRUE(keyEquals(derivedKey, rederivedKey)); } TEST_F(SCryptTest, GeneratedKeyIsReproductible_128) { auto derivedKey = scryptForNewKey->deriveKey<16>("mypassword"); auto rederivedKey = scryptForExistingKey->deriveKey<16>("mypassword"); - EXPECT_EQ(derivedKey, rederivedKey); + EXPECT_TRUE(keyEquals(derivedKey, rederivedKey)); } TEST_F(SCryptTest, GeneratedKeyIsReproductible_DefaultSettings) { auto derivedKey = scryptForNewKey->deriveKey<16>("mypassword"); auto rederivedKey = scryptForExistingKey->deriveKey<16>("mypassword"); - EXPECT_EQ(derivedKey, rederivedKey); + EXPECT_TRUE(keyEquals(derivedKey, rederivedKey)); } TEST_F(SCryptTest, DifferentPasswordResultsInDifferentKey) { auto derivedKey = scryptForNewKey->deriveKey<16>("mypassword"); auto rederivedKey = scryptForExistingKey->deriveKey<16>("mypassword2"); - EXPECT_NE(derivedKey, rederivedKey); + EXPECT_FALSE(keyEquals(derivedKey, rederivedKey)); } TEST_F(SCryptTest, UsesCorrectSettings) { diff --git a/test/cpp-utils/crypto/symmetric/CipherTest.cpp b/test/cpp-utils/crypto/symmetric/CipherTest.cpp index cd30cc48..249f8042 100644 --- a/test/cpp-utils/crypto/symmetric/CipherTest.cpp +++ b/test/cpp-utils/crypto/symmetric/CipherTest.cpp @@ -19,7 +19,7 @@ public: static typename Cipher::EncryptionKey createKeyFixture(int seed = 0) { Data data = DataFixture::generate(Cipher::EncryptionKey::BINARY_LENGTH, seed); - return Cipher::EncryptionKey::FromBinary(data.data()); + return Cipher::EncryptionKey::FromString(data.ToString()); } void CheckEncryptThenDecryptIsIdentity(const Data &plaintext) { diff --git a/test/cpp-utils/system/MemoryTest.cpp b/test/cpp-utils/system/MemoryTest.cpp index 6327b113..8459c77b 100644 --- a/test/cpp-utils/system/MemoryTest.cpp +++ b/test/cpp-utils/system/MemoryTest.cpp @@ -3,24 +3,16 @@ #include #include -using cpputils::DontSwapMemoryRAII; +using cpputils::UnswappableAllocator; -TEST(MemoryTest, LockingSmallStackMemoryDoesntCrash) { - bool memory; - DontSwapMemoryRAII obj(&memory, sizeof(memory)); +TEST(MemoryTest, LockingSmallMemoryDoesntCrash) { + UnswappableAllocator allocator; + void *data = allocator.allocate(5); + allocator.free(data, 5); } -TEST(MemoryTest, LockingLargeStackMemoryDoesntCrash) { - bool memory[10*1024]; - DontSwapMemoryRAII obj(memory, sizeof(memory)); -} - -TEST(MemoryTest, LockingSmallHeapMemoryDoesntCrash) { - auto memory = std::make_unique(false); - DontSwapMemoryRAII obj(memory.get(), sizeof(*memory)); -} - -TEST(MemoryTest, LockingLargeHeapMemoryDoesntCrash) { - auto memory = std::make_unique(10*1024); - DontSwapMemoryRAII obj(memory.get(), 10*1024); +TEST(MemoryTest, LockingLargeMemoryDoesntCrash) { + UnswappableAllocator allocator; + void *data = allocator.allocate(10240); + allocator.free(data, 10240); } diff --git a/test/cryfs/config/crypto/CryConfigEncryptorTest.cpp b/test/cryfs/config/crypto/CryConfigEncryptorTest.cpp index 36242100..26961339 100644 --- a/test/cryfs/config/crypto/CryConfigEncryptorTest.cpp +++ b/test/cryfs/config/crypto/CryConfigEncryptorTest.cpp @@ -8,6 +8,7 @@ using cpputils::unique_ref; using cpputils::make_unique_ref; using cpputils::DataFixture; using cpputils::Data; +using cpputils::EncryptionKey; using cpputils::FixedSizeData; using cpputils::AES128_CFB; using cpputils::AES256_GCM; @@ -40,8 +41,10 @@ public: } private: - FixedSizeData _derivedKey() { - return DataFixture::generateFixedSize(3); + EncryptionKey _derivedKey() { + return EncryptionKey::FromString( + DataFixture::generateFixedSize(3).ToString() + ); } Data _kdfParameters() { diff --git a/test/cryfs/config/crypto/inner/ConcreteInnerEncryptorTest.cpp b/test/cryfs/config/crypto/inner/ConcreteInnerEncryptorTest.cpp index 35a52870..a8e78c25 100644 --- a/test/cryfs/config/crypto/inner/ConcreteInnerEncryptorTest.cpp +++ b/test/cryfs/config/crypto/inner/ConcreteInnerEncryptorTest.cpp @@ -28,7 +28,9 @@ class ConcreteInnerEncryptorTest : public ::testing::Test { public: template unique_ref makeInnerEncryptor() { - auto key = DataFixture::generateFixedSize(); + auto key = Cipher::EncryptionKey::FromString( + DataFixture::generateFixedSize().ToString() + ); return make_unique_ref>(key); } }; diff --git a/test/cryfs/config/crypto/outer/OuterEncryptorTest.cpp b/test/cryfs/config/crypto/outer/OuterEncryptorTest.cpp index 9b50b7f1..bcb2e287 100644 --- a/test/cryfs/config/crypto/outer/OuterEncryptorTest.cpp +++ b/test/cryfs/config/crypto/outer/OuterEncryptorTest.cpp @@ -28,7 +28,9 @@ public: } unique_ref makeOuterEncryptor() { - auto key = DataFixture::generateFixedSize(); + auto key = OuterEncryptor::Cipher::EncryptionKey::FromString( + DataFixture::generateFixedSize().ToString() + ); return make_unique_ref(key, kdfParameters()); } };