tests: check that the filename encryption is working as expected

Also check that the "gocryptfs.conf" path filtering is working
as expected
This commit is contained in:
Jakob Unterwurzacher 2015-11-03 22:27:11 +01:00
parent 050005fd7b
commit 765411cc70
2 changed files with 79 additions and 18 deletions

View File

@ -146,11 +146,13 @@ func main() {
os.Exit(ERREXIT_CIPHERDIR)
}
var plaintextNames bool
var cf *cryptfs.ConfFile
var currentPassword string
key := make([]byte, cryptfs.KEY_LEN)
if args.zerokey {
fmt.Printf("Zerokey mode active: using all-zero dummy master key.\n")
plaintextNames = args.plaintextnames
} else if len(args.masterkey) > 0 {
key = parseMasterKey(args.masterkey)
fmt.Printf("Using explicit master key.\n")
@ -196,7 +198,6 @@ func main() {
os.Exit(0)
}
var plaintextNames bool
if cf != nil {
plaintextNames = cf.PlaintextNames()
}

View File

@ -15,9 +15,27 @@ import (
)
const tmpDir = "/tmp/gocryptfs_main_test/"
// Mountpoint
const plainDir = tmpDir + "plain/"
const cipherDir = tmpDir + "cipher/"
func resetTmpDir() {
fu := exec.Command("fusermount", "-z", "-u", plainDir)
fu.Run()
os.RemoveAll(tmpDir)
err := os.MkdirAll(plainDir, 0777)
if err != nil {
panic("Could not create plainDir")
}
err = os.MkdirAll(cipherDir, 0777)
if err != nil {
panic("Could not create cipherDir")
}
}
func mount(extraArgs ...string) {
var args []string
args = append(args, extraArgs...)
@ -25,8 +43,10 @@ func mount(extraArgs ...string) {
args = append(args, cipherDir)
args = append(args, plainDir)
c := exec.Command("./gocryptfs", args...)
c.Stdout = os.Stdout
c.Stderr = os.Stderr
// Warning messages clutter the test output. Uncomment if you want to debug
// failures.
//c.Stdout = os.Stdout
//c.Stderr = os.Stderr
err := c.Run()
if err != nil {
fmt.Println(err)
@ -77,32 +97,36 @@ func verifySize(t *testing.T, path string, want int) {
}
}
var plaintextNames bool
// This is the entry point for the tests
func TestMain(m *testing.M) {
fu := exec.Command("fusermount", "-z", "-u", plainDir)
fu.Run()
os.RemoveAll(tmpDir)
err := os.MkdirAll(plainDir, 0777)
if err != nil {
panic("Could not create plainDir")
if testing.Verbose() {
// First printf does not show up. Verbose() always return false before "m.Run()"?
fmt.Printf("***** Testing with native Go crypto\n")
}
err = os.MkdirAll(cipherDir, 0777)
if err != nil {
panic("Could not create cipherDir")
}
resetTmpDir()
mount("--zerokey", "--openssl=false")
r := m.Run()
unmount()
if testing.Verbose() {
fmt.Printf("***** Testing with OpenSSL\n")
}
resetTmpDir()
mount("--zerokey")
r = m.Run()
unmount()
if testing.Verbose() {
fmt.Printf("***** Testing \"--plaintextnames\"\n")
}
resetTmpDir()
mount("--zerokey", "--plaintextnames")
plaintextNames = true
r = m.Run()
unmount()
os.Exit(r)
}
@ -323,6 +347,42 @@ func TestRmwRace(t *testing.T) {
fmt.Println(goodMd5)
}
}
// With "--plaintextnames", the name "/gocryptfs.conf" is reserved.
// Otherwise there should be no restrictions.
func TestFiltered(t *testing.T) {
filteredFile := plainDir + "gocryptfs.conf"
file, err := os.Create(filteredFile)
if plaintextNames == true && err == nil {
fmt.Errorf("should have failed but didn't")
} else if plaintextNames == false && err != nil {
t.Error(err)
}
file.Close()
err = os.Remove(filteredFile)
if plaintextNames == true && err == nil {
fmt.Errorf("should have failed but didn't")
} else if plaintextNames == false && err != nil {
t.Error(err)
}
}
func TestFilenameEncryption(t *testing.T) {
file, err := os.Create(plainDir + "TestFilenameEncryption.txt")
file.Close()
if err != nil {
t.Fatal(err)
}
_, err = os.Stat(cipherDir + "TestFilenameEncryption.txt")
if plaintextNames == true && err != nil {
t.Errorf("plaintextnames not working: %v", err)
} else if plaintextNames == false && err == nil {
t.Errorf("file name encryption not working")
}
}
func BenchmarkStreamWrite(t *testing.B) {
buf := make([]byte, 1024*1024)
t.SetBytes(int64(len(buf)))