libgocryptfs/internal/configfile/config_test.go

package configfile

import (
	"fmt"
	"testing"
	"time"

	"github.com/rfjakob/gocryptfs/v2/internal/tlog"
)

var testPw = []byte("test")

func TestLoadV1(t *testing.T) {
	_, _, err := LoadAndDecrypt("config_test/v1.conf", testPw)
	if err == nil {
		t.Errorf("Outdated v1 config file must fail to load but it didn't")
	} else if testing.Verbose() {
		fmt.Println(err)
	}
}

// Load a known-good config file and verify that it takes at least 100ms
// (brute-force protection)
func TestLoadV2(t *testing.T) {
	t1 := time.Now()

	_, _, err := LoadAndDecrypt("config_test/v2.conf", testPw)
	if err != nil {
		t.Errorf("Could not load v2 config file: %v", err)
	}

	elapsed := time.Since(t1)
	if elapsed < 100*time.Millisecond {
		t.Errorf("scrypt calculation runs too fast: %d ms", elapsed/time.Millisecond)
	}
}

func TestLoadV2PwdError(t *testing.T) {
	if !testing.Verbose() {
		tlog.Warn.Enabled = false
	}
	_, _, err := LoadAndDecrypt("config_test/v2.conf", []byte("wrongpassword"))
	if err == nil {
		t.Errorf("Loading with wrong password must fail but it didn't")
	}
}

func TestLoadV2Feature(t *testing.T) {
	_, _, err := LoadAndDecrypt("config_test/PlaintextNames.conf", testPw)
	if err != nil {
		t.Errorf("Could not load v2 PlaintextNames config file: %v", err)
	}
}

func TestLoadV2StrangeFeature(t *testing.T) {
	_, _, err := LoadAndDecrypt("config_test/StrangeFeature.conf", testPw)
	if err == nil {
		t.Errorf("Loading unknown feature must fail but it didn't")
	} else if testing.Verbose() {
		fmt.Println(err)
	}
}

func TestCreateConfDefault(t *testing.T) {
	err := Create(&CreateArgs{
		Filename: "config_test/tmp.conf",
		Password: testPw,
		LogN:     10,
		Creator:  "test"})
	if err != nil {
		t.Fatal(err)
	}
	_, c, err := LoadAndDecrypt("config_test/tmp.conf", testPw)
	if err != nil {
		t.Fatal(err)
	}
	// Check that all expected feature flags are set
	want := []flagIota{
		FlagGCMIV128, FlagDirIV, FlagEMENames, FlagLongNames,
		FlagRaw64, FlagHKDF,
	}
	for _, f := range want {
		if !c.IsFeatureFlagSet(f) {
			t.Errorf("Feature flag %q should be set but is not", knownFlags[f])
		}
	}
}

func TestCreateConfDevRandom(t *testing.T) {
	err := Create(&CreateArgs{
		Filename:  "config_test/tmp.conf",
		Password:  testPw,
		LogN:      10,
		Creator:   "test",
		Devrandom: true})
	if err != nil {
		t.Fatal(err)
	}
}

func TestCreateConfPlaintextnames(t *testing.T) {
	err := Create(&CreateArgs{
		Filename:       "config_test/tmp.conf",
		Password:       testPw,
		PlaintextNames: true,
		LogN:           10,
		Creator:        "test"})
	if err != nil {
		t.Fatal(err)
	}
	_, c, err := LoadAndDecrypt("config_test/tmp.conf", testPw)
	if err != nil {
		t.Fatal(err)
	}
	// Check that all expected feature flags are set
	want := []flagIota{
		FlagGCMIV128, FlagHKDF,
	}
	for _, f := range want {
		if !c.IsFeatureFlagSet(f) {
			t.Errorf("Feature flag %q should be set but is not", knownFlags[f])
		}
	}
}

// Reverse mode uses AESSIV
func TestCreateConfFileAESSIV(t *testing.T) {
	err := Create(&CreateArgs{
		Filename: "config_test/tmp.conf",
		Password: testPw,
		LogN:     10,
		Creator:  "test",
		AESSIV:   true})
	if err != nil {
		t.Fatal(err)
	}
	_, c, err := LoadAndDecrypt("config_test/tmp.conf", testPw)
	if err != nil {
		t.Fatal(err)
	}
	if !c.IsFeatureFlagSet(FlagAESSIV) {
		t.Error("AESSIV flag should be set but is not")
	}
}

func TestIsFeatureFlagKnown(t *testing.T) {
	// Test a few hardcoded values
	testKnownFlags := []string{"DirIV", "PlaintextNames", "EMENames", "GCMIV128", "LongNames", "AESSIV"}
	// And also everything in knownFlags (yes, it is likely that we end up with
	// some duplicates. Does not matter.)
	for _, f := range knownFlags {
		testKnownFlags = append(testKnownFlags, f)
	}

	for _, f := range testKnownFlags {
		if !isFeatureFlagKnown(f) {
			t.Errorf("flag %q should be known", f)
		}
	}

	f := "StrangeFeatureFlag"
	if isFeatureFlagKnown(f) {
		t.Errorf("flag %q should be NOT known", f)
	}
}
Major refactoring: Split up "cryptfs" into several internal packages "git status" for reference: deleted: cryptfs/cryptfs.go deleted: cryptfs/names_core.go modified: integration_tests/cli_test.go modified: integration_tests/helpers.go renamed: cryptfs/config_file.go -> internal/configfile/config_file.go renamed: cryptfs/config_test.go -> internal/configfile/config_test.go renamed: cryptfs/config_test/.gitignore -> internal/configfile/config_test/.gitignore renamed: cryptfs/config_test/PlaintextNames.conf -> internal/configfile/config_test/PlaintextNames.conf renamed: cryptfs/config_test/StrangeFeature.conf -> internal/configfile/config_test/StrangeFeature.conf renamed: cryptfs/config_test/v1.conf -> internal/configfile/config_test/v1.conf renamed: cryptfs/config_test/v2.conf -> internal/configfile/config_test/v2.conf renamed: cryptfs/kdf.go -> internal/configfile/kdf.go renamed: cryptfs/kdf_test.go -> internal/configfile/kdf_test.go renamed: cryptfs/cryptfs_content.go -> internal/contentenc/content.go new file: internal/contentenc/content_api.go renamed: cryptfs/content_test.go -> internal/contentenc/content_test.go renamed: cryptfs/file_header.go -> internal/contentenc/file_header.go renamed: cryptfs/intrablock.go -> internal/contentenc/intrablock.go renamed: cryptfs/address_translation.go -> internal/contentenc/offsets.go new file: internal/cryptocore/crypto_api.go renamed: cryptfs/gcm_go1.4.go -> internal/cryptocore/gcm_go1.4.go renamed: cryptfs/gcm_go1.5.go -> internal/cryptocore/gcm_go1.5.go renamed: cryptfs/nonce.go -> internal/cryptocore/nonce.go renamed: cryptfs/openssl_aead.go -> internal/cryptocore/openssl_aead.go renamed: cryptfs/openssl_benchmark.bash -> internal/cryptocore/openssl_benchmark.bash renamed: cryptfs/openssl_test.go -> internal/cryptocore/openssl_test.go new file: internal/nametransform/name_api.go new file: internal/nametransform/names_core.go renamed: cryptfs/names_diriv.go -> internal/nametransform/names_diriv.go renamed: cryptfs/names_noiv.go -> internal/nametransform/names_noiv.go renamed: cryptfs/names_test.go -> internal/nametransform/names_test.go new file: internal/nametransform/pad16.go renamed: cryptfs/log.go -> internal/toggledlog/log.go renamed: cryptfs/log_go1.4.go -> internal/toggledlog/log_go1.4.go renamed: cryptfs/log_go1.5.go -> internal/toggledlog/log_go1.5.go modified: main.go modified: masterkey.go modified: pathfs_frontend/file.go modified: pathfs_frontend/file_holes.go modified: pathfs_frontend/fs.go modified: pathfs_frontend/fs_dir.go modified: pathfs_frontend/names.go modified: test.bash 2016-02-06 19:20:54 +01:00			`package configfile`
tests: add config file and feature flags tests 2015-11-03 21:06:52 +01:00
			`import (`
			`"fmt"`
			`"testing"`
			`"time"`
Fix tests - were broken by the refactoring 2016-02-06 20:22:45 +01:00
go mod: declare module version v2 Our git version is v2+ for some time now, but go.mod still declared v1. Hopefully making both match makes https://pkg.go.dev/github.com/rfjakob/gocryptfs/v2 work. All the import paths have been fixed like this: find . -name \*.go \| xargs sed -i s%github.com/rfjakob/gocryptfs/%github.com/rfjakob/gocryptfs/v2/% 2021-08-23 15:05:15 +02:00			`"github.com/rfjakob/gocryptfs/v2/internal/tlog"`
tests: add config file and feature flags tests 2015-11-03 21:06:52 +01:00			`)`

readpassword: convert from string to []byte This will allows us to overwrite the password with zeros once we are done with it. https://github.com/rfjakob/gocryptfs/issues/211 2018-02-18 14:26:54 +01:00			`var testPw = []byte("test")`

tests: add config file and feature flags tests 2015-11-03 21:06:52 +01:00			`func TestLoadV1(t *testing.T) {`
configfile: add LoadAndDecrypt wrapper Callers that do not want to decrypt the masterkey should call plain Load(). https://github.com/rfjakob/gocryptfs/issues/258 2018-09-08 12:40:29 +02:00			`_, _, err := LoadAndDecrypt("config_test/v1.conf", testPw)`
tests: add config file and feature flags tests 2015-11-03 21:06:52 +01:00			`if err == nil {`
			`t.Errorf("Outdated v1 config file must fail to load but it didn't")`
			`} else if testing.Verbose() {`
tests: configfile: add missing newlines in verbose output 2017-02-16 19:45:20 +01:00			`fmt.Println(err)`
tests: add config file and feature flags tests 2015-11-03 21:06:52 +01:00			`}`
			`}`

			`// Load a known-good config file and verify that it takes at least 100ms`
			`// (brute-force protection)`
			`func TestLoadV2(t *testing.T) {`
			`t1 := time.Now()`

configfile: add LoadAndDecrypt wrapper Callers that do not want to decrypt the masterkey should call plain Load(). https://github.com/rfjakob/gocryptfs/issues/258 2018-09-08 12:40:29 +02:00			`_, _, err := LoadAndDecrypt("config_test/v2.conf", testPw)`
tests: add config file and feature flags tests 2015-11-03 21:06:52 +01:00			`if err != nil {`
			`t.Errorf("Could not load v2 config file: %v", err)`
			`}`

			`elapsed := time.Since(t1)`
Run go fmt and go vet 2015-11-14 17:16:17 +01:00			`if elapsed < 100*time.Millisecond {`
			`t.Errorf("scrypt calculation runs too fast: %d ms", elapsed/time.Millisecond)`
tests: add config file and feature flags tests 2015-11-03 21:06:52 +01:00			`}`
			`}`

			`func TestLoadV2PwdError(t *testing.T) {`
Run go fmt and go vet 2015-11-14 17:16:17 +01:00			`if !testing.Verbose() {`
Rename internal "toggledlog" package to "tlog" tlog is used heavily everywhere and deserves a shorter name. Renamed using sed magic, without any manual rework: find * -type f -exec sed -i 's/toggledlog/tlog/g' {} + 2016-06-15 23:30:44 +02:00			`tlog.Warn.Enabled = false`
tests: add config file and feature flags tests 2015-11-03 21:06:52 +01:00			`}`
configfile: add LoadAndDecrypt wrapper Callers that do not want to decrypt the masterkey should call plain Load(). https://github.com/rfjakob/gocryptfs/issues/258 2018-09-08 12:40:29 +02:00			`_, _, err := LoadAndDecrypt("config_test/v2.conf", []byte("wrongpassword"))`
tests: add config file and feature flags tests 2015-11-03 21:06:52 +01:00			`if err == nil {`
			`t.Errorf("Loading with wrong password must fail but it didn't")`
			`}`
			`}`

			`func TestLoadV2Feature(t *testing.T) {`
configfile: add LoadAndDecrypt wrapper Callers that do not want to decrypt the masterkey should call plain Load(). https://github.com/rfjakob/gocryptfs/issues/258 2018-09-08 12:40:29 +02:00			`_, _, err := LoadAndDecrypt("config_test/PlaintextNames.conf", testPw)`
tests: add config file and feature flags tests 2015-11-03 21:06:52 +01:00			`if err != nil {`
			`t.Errorf("Could not load v2 PlaintextNames config file: %v", err)`
			`}`
			`}`

			`func TestLoadV2StrangeFeature(t *testing.T) {`
configfile: add LoadAndDecrypt wrapper Callers that do not want to decrypt the masterkey should call plain Load(). https://github.com/rfjakob/gocryptfs/issues/258 2018-09-08 12:40:29 +02:00			`_, _, err := LoadAndDecrypt("config_test/StrangeFeature.conf", testPw)`
tests: add config file and feature flags tests 2015-11-03 21:06:52 +01:00			`if err == nil {`
			`t.Errorf("Loading unknown feature must fail but it didn't")`
			`} else if testing.Verbose() {`
tests: configfile: add missing newlines in verbose output 2017-02-16 19:45:20 +01:00			`fmt.Println(err)`
tests: add config file and feature flags tests 2015-11-03 21:06:52 +01:00			`}`
			`}`

configfile: HKDF feature flag should also be set for "-plaintextnames" 2017-03-07 21:03:05 +01:00			`func TestCreateConfDefault(t *testing.T) {`
configfile: pass struct to Create 2/2 Drop Create and rename Create2 to Create. 2021-08-21 14:04:04 +02:00			`err := Create(&CreateArgs{`
configfile: pass struct to Create 1/2 The argument list got too long. Part 1: Replace with Create2 2021-08-21 14:01:58 +02:00			`Filename: "config_test/tmp.conf",`
			`Password: testPw,`
			`LogN: 10,`
			`Creator: "test"})`
tests: add config file and feature flags tests 2015-11-03 21:06:52 +01:00			`if err != nil {`
			`t.Fatal(err)`
			`}`
configfile: add LoadAndDecrypt wrapper Callers that do not want to decrypt the masterkey should call plain Load(). https://github.com/rfjakob/gocryptfs/issues/258 2018-09-08 12:40:29 +02:00			`_, c, err := LoadAndDecrypt("config_test/tmp.conf", testPw)`
tests: add config file and feature flags tests 2015-11-03 21:06:52 +01:00			`if err != nil {`
			`t.Fatal(err)`
			`}`
configfile: enable HKDF and Raw64 feature flags by default Also adds a test to verify that they are set in new config files. 2017-03-06 22:20:28 +01:00			`// Check that all expected feature flags are set`
			`want := []flagIota{`
			`FlagGCMIV128, FlagDirIV, FlagEMENames, FlagLongNames,`
			`FlagRaw64, FlagHKDF,`
			`}`
			`for _, f := range want {`
			`if !c.IsFeatureFlagSet(f) {`
			`t.Errorf("Feature flag %q should be set but is not", knownFlags[f])`
tests: configfile: fix spurious test failure This test fails because Raw64 has been disabled for now. 2017-03-05 23:15:50 +01:00			`}`
configfile: enable HKDF and Raw64 feature flags by default Also adds a test to verify that they are set in new config files. 2017-03-06 22:20:28 +01:00			`}`
tests: add config file and feature flags tests 2015-11-03 21:06:52 +01:00			`}`
diriv: Define "DirIV" feature flag (unused so far) 2015-11-27 22:18:36 +01:00
main: Add '-devrandom' commandline option Allows to use /dev/random for generating the master key instead of the default Go implementation. When the kernel random generator has been properly initialized both are considered equally secure, however: * Versions of Go prior to 1.9 just fall back to /dev/urandom if the getrandom() syscall would be blocking (Go Bug #19274) * Kernel versions prior to 3.17 do not support getrandom(), and there is no check if the random generator has been properly initialized before reading from /dev/urandom This is especially useful for embedded hardware with low-entroy. Please note that generation of the master key might block indefinitely if the kernel cannot harvest enough entropy. 2017-11-19 13:30:04 +01:00			`func TestCreateConfDevRandom(t *testing.T) {`
configfile: pass struct to Create 2/2 Drop Create and rename Create2 to Create. 2021-08-21 14:04:04 +02:00			`err := Create(&CreateArgs{`
configfile: pass struct to Create 1/2 The argument list got too long. Part 1: Replace with Create2 2021-08-21 14:01:58 +02:00			`Filename: "config_test/tmp.conf",`
			`Password: testPw,`
			`LogN: 10,`
			`Creator: "test",`
			`Devrandom: true})`
main: Add '-devrandom' commandline option Allows to use /dev/random for generating the master key instead of the default Go implementation. When the kernel random generator has been properly initialized both are considered equally secure, however: * Versions of Go prior to 1.9 just fall back to /dev/urandom if the getrandom() syscall would be blocking (Go Bug #19274) * Kernel versions prior to 3.17 do not support getrandom(), and there is no check if the random generator has been properly initialized before reading from /dev/urandom This is especially useful for embedded hardware with low-entroy. Please note that generation of the master key might block indefinitely if the kernel cannot harvest enough entropy. 2017-11-19 13:30:04 +01:00			`if err != nil {`
			`t.Fatal(err)`
			`}`
			`}`

configfile: HKDF feature flag should also be set for "-plaintextnames" 2017-03-07 21:03:05 +01:00			`func TestCreateConfPlaintextnames(t *testing.T) {`
configfile: pass struct to Create 2/2 Drop Create and rename Create2 to Create. 2021-08-21 14:04:04 +02:00			`err := Create(&CreateArgs{`
configfile: pass struct to Create 1/2 The argument list got too long. Part 1: Replace with Create2 2021-08-21 14:01:58 +02:00			`Filename: "config_test/tmp.conf",`
			`Password: testPw,`
			`PlaintextNames: true,`
			`LogN: 10,`
			`Creator: "test"})`
configfile: HKDF feature flag should also be set for "-plaintextnames" 2017-03-07 21:03:05 +01:00			`if err != nil {`
			`t.Fatal(err)`
			`}`
configfile: add LoadAndDecrypt wrapper Callers that do not want to decrypt the masterkey should call plain Load(). https://github.com/rfjakob/gocryptfs/issues/258 2018-09-08 12:40:29 +02:00			`_, c, err := LoadAndDecrypt("config_test/tmp.conf", testPw)`
configfile: HKDF feature flag should also be set for "-plaintextnames" 2017-03-07 21:03:05 +01:00			`if err != nil {`
			`t.Fatal(err)`
			`}`
			`// Check that all expected feature flags are set`
			`want := []flagIota{`
			`FlagGCMIV128, FlagHKDF,`
			`}`
			`for _, f := range want {`
			`if !c.IsFeatureFlagSet(f) {`
			`t.Errorf("Feature flag %q should be set but is not", knownFlags[f])`
			`}`
			`}`
			`}`

			`// Reverse mode uses AESSIV`
reverse: switch from GCM-SIV to AES-SIV GCM-SIV is not yet finalized, and the reference implemenation is painfully slow at about 2 MB/s. Switch to AES-SIV. 2016-09-26 23:25:13 +02:00			`func TestCreateConfFileAESSIV(t *testing.T) {`
configfile: pass struct to Create 2/2 Drop Create and rename Create2 to Create. 2021-08-21 14:04:04 +02:00			`err := Create(&CreateArgs{`
configfile: pass struct to Create 1/2 The argument list got too long. Part 1: Replace with Create2 2021-08-21 14:01:58 +02:00			`Filename: "config_test/tmp.conf",`
			`Password: testPw,`
			`LogN: 10,`
			`Creator: "test",`
			`AESSIV: true})`
contentenc: add GCM-SIV support Also add ReverseDummyNonce nonce generation. 2016-09-20 22:59:10 +02:00			`if err != nil {`
			`t.Fatal(err)`
			`}`
configfile: add LoadAndDecrypt wrapper Callers that do not want to decrypt the masterkey should call plain Load(). https://github.com/rfjakob/gocryptfs/issues/258 2018-09-08 12:40:29 +02:00			`_, c, err := LoadAndDecrypt("config_test/tmp.conf", testPw)`
contentenc: add GCM-SIV support Also add ReverseDummyNonce nonce generation. 2016-09-20 22:59:10 +02:00			`if err != nil {`
			`t.Fatal(err)`
			`}`
reverse: switch from GCM-SIV to AES-SIV GCM-SIV is not yet finalized, and the reference implemenation is painfully slow at about 2 MB/s. Switch to AES-SIV. 2016-09-26 23:25:13 +02:00			`if !c.IsFeatureFlagSet(FlagAESSIV) {`
			`t.Error("AESSIV flag should be set but is not")`
contentenc: add GCM-SIV support Also add ReverseDummyNonce nonce generation. 2016-09-20 22:59:10 +02:00			`}`
			`}`

diriv: Define "DirIV" feature flag (unused so far) 2015-11-27 22:18:36 +01:00			`func TestIsFeatureFlagKnown(t *testing.T) {`
configfile: use map[flagIota] for feature flags This should make things saner and more extensible. It prepares the infrastructure for "required feature flags" that will be used to deprecate old gocryptfs version. 2016-06-05 12:53:10 +02:00			`// Test a few hardcoded values`
reverse: switch from GCM-SIV to AES-SIV GCM-SIV is not yet finalized, and the reference implemenation is painfully slow at about 2 MB/s. Switch to AES-SIV. 2016-09-26 23:25:13 +02:00			`testKnownFlags := []string{"DirIV", "PlaintextNames", "EMENames", "GCMIV128", "LongNames", "AESSIV"}`
configfile: use map[flagIota] for feature flags This should make things saner and more extensible. It prepares the infrastructure for "required feature flags" that will be used to deprecate old gocryptfs version. 2016-06-05 12:53:10 +02:00			`// And also everything in knownFlags (yes, it is likely that we end up with`
			`// some duplicates. Does not matter.)`
			`for _, f := range knownFlags {`
			`testKnownFlags = append(testKnownFlags, f)`
diriv: Define "DirIV" feature flag (unused so far) 2015-11-27 22:18:36 +01:00			`}`
configfile: use map[flagIota] for feature flags This should make things saner and more extensible. It prepares the infrastructure for "required feature flags" that will be used to deprecate old gocryptfs version. 2016-06-05 12:53:10 +02:00
			`for _, f := range testKnownFlags {`
configfile: add Validate() function, support FlagXChaCha20Poly1305 We used to do validation using lists of mandatory feature flags. With the introduction of XChaCha20Poly1305, this became too simplistic, as it uses a different IV length, hence disabling GCMIV128. Add a dedicated function, Validate(), with open-coded validation logic. The validation and creation logic also gets XChaCha20Poly1305 support, and gocryptfs -init -xchacha now writes the flag into gocryptfs.conf. 2021-08-21 21:43:26 +02:00			`if !isFeatureFlagKnown(f) {`
configfile: use map[flagIota] for feature flags This should make things saner and more extensible. It prepares the infrastructure for "required feature flags" that will be used to deprecate old gocryptfs version. 2016-06-05 12:53:10 +02:00			`t.Errorf("flag %q should be known", f)`
			`}`
diriv: Define "DirIV" feature flag (unused so far) 2015-11-27 22:18:36 +01:00			`}`
configfile: use map[flagIota] for feature flags This should make things saner and more extensible. It prepares the infrastructure for "required feature flags" that will be used to deprecate old gocryptfs version. 2016-06-05 12:53:10 +02:00
			`f := "StrangeFeatureFlag"`
configfile: add Validate() function, support FlagXChaCha20Poly1305 We used to do validation using lists of mandatory feature flags. With the introduction of XChaCha20Poly1305, this became too simplistic, as it uses a different IV length, hence disabling GCMIV128. Add a dedicated function, Validate(), with open-coded validation logic. The validation and creation logic also gets XChaCha20Poly1305 support, and gocryptfs -init -xchacha now writes the flag into gocryptfs.conf. 2021-08-21 21:43:26 +02:00			`if isFeatureFlagKnown(f) {`
configfile: use map[flagIota] for feature flags This should make things saner and more extensible. It prepares the infrastructure for "required feature flags" that will be used to deprecate old gocryptfs version. 2016-06-05 12:53:10 +02:00			`t.Errorf("flag %q should be NOT known", f)`
diriv: Define "DirIV" feature flag (unused so far) 2015-11-27 22:18:36 +01:00			`}`
			`}`