From 765411cc70577a6332f2eb3f446364878555a8bd Mon Sep 17 00:00:00 2001 From: Jakob Unterwurzacher Date: Tue, 3 Nov 2015 22:27:11 +0100 Subject: [PATCH] tests: check that the filename encryption is working as expected Also check that the "gocryptfs.conf" path filtering is working as expected --- main.go | 3 +- main_test.go | 94 ++++++++++++++++++++++++++++++++++++++++++---------- 2 files changed, 79 insertions(+), 18 deletions(-) diff --git a/main.go b/main.go index 57dbe05..2adf656 100644 --- a/main.go +++ b/main.go @@ -146,11 +146,13 @@ func main() { os.Exit(ERREXIT_CIPHERDIR) } + var plaintextNames bool var cf *cryptfs.ConfFile var currentPassword string key := make([]byte, cryptfs.KEY_LEN) if args.zerokey { fmt.Printf("Zerokey mode active: using all-zero dummy master key.\n") + plaintextNames = args.plaintextnames } else if len(args.masterkey) > 0 { key = parseMasterKey(args.masterkey) fmt.Printf("Using explicit master key.\n") @@ -196,7 +198,6 @@ func main() { os.Exit(0) } - var plaintextNames bool if cf != nil { plaintextNames = cf.PlaintextNames() } diff --git a/main_test.go b/main_test.go index 8e3af8f..befdb78 100644 --- a/main_test.go +++ b/main_test.go @@ -15,9 +15,27 @@ import ( ) const tmpDir = "/tmp/gocryptfs_main_test/" +// Mountpoint const plainDir = tmpDir + "plain/" const cipherDir = tmpDir + "cipher/" +func resetTmpDir() { + fu := exec.Command("fusermount", "-z", "-u", plainDir) + fu.Run() + + os.RemoveAll(tmpDir) + + err := os.MkdirAll(plainDir, 0777) + if err != nil { + panic("Could not create plainDir") + } + + err = os.MkdirAll(cipherDir, 0777) + if err != nil { + panic("Could not create cipherDir") + } +} + func mount(extraArgs ...string) { var args []string args = append(args, extraArgs...) @@ -25,8 +43,10 @@ func mount(extraArgs ...string) { args = append(args, cipherDir) args = append(args, plainDir) c := exec.Command("./gocryptfs", args...) - c.Stdout = os.Stdout - c.Stderr = os.Stderr + // Warning messages clutter the test output. Uncomment if you want to debug + // failures. + //c.Stdout = os.Stdout + //c.Stderr = os.Stderr err := c.Run() if err != nil { fmt.Println(err) @@ -77,32 +97,36 @@ func verifySize(t *testing.T, path string, want int) { } } +var plaintextNames bool + // This is the entry point for the tests func TestMain(m *testing.M) { - - fu := exec.Command("fusermount", "-z", "-u", plainDir) - fu.Run() - - os.RemoveAll(tmpDir) - - err := os.MkdirAll(plainDir, 0777) - if err != nil { - panic("Could not create plainDir") + if testing.Verbose() { + // First printf does not show up. Verbose() always return false before "m.Run()"? + fmt.Printf("***** Testing with native Go crypto\n") } - - err = os.MkdirAll(cipherDir, 0777) - if err != nil { - panic("Could not create cipherDir") - } - + resetTmpDir() mount("--zerokey", "--openssl=false") r := m.Run() unmount() + if testing.Verbose() { + fmt.Printf("***** Testing with OpenSSL\n") + } + resetTmpDir() mount("--zerokey") r = m.Run() unmount() + if testing.Verbose() { + fmt.Printf("***** Testing \"--plaintextnames\"\n") + } + resetTmpDir() + mount("--zerokey", "--plaintextnames") + plaintextNames = true + r = m.Run() + unmount() + os.Exit(r) } @@ -323,6 +347,42 @@ func TestRmwRace(t *testing.T) { fmt.Println(goodMd5) } } + +// With "--plaintextnames", the name "/gocryptfs.conf" is reserved. +// Otherwise there should be no restrictions. +func TestFiltered(t *testing.T) { + filteredFile := plainDir + "gocryptfs.conf" + file, err := os.Create(filteredFile) + if plaintextNames == true && err == nil { + fmt.Errorf("should have failed but didn't") + } else if plaintextNames == false && err != nil { + t.Error(err) + } + file.Close() + + err = os.Remove(filteredFile) + if plaintextNames == true && err == nil { + fmt.Errorf("should have failed but didn't") + } else if plaintextNames == false && err != nil { + t.Error(err) + } +} + +func TestFilenameEncryption(t *testing.T) { + file, err := os.Create(plainDir + "TestFilenameEncryption.txt") + file.Close() + if err != nil { + t.Fatal(err) + } + + _, err = os.Stat(cipherDir + "TestFilenameEncryption.txt") + if plaintextNames == true && err != nil { + t.Errorf("plaintextnames not working: %v", err) + } else if plaintextNames == false && err == nil { + t.Errorf("file name encryption not working") + } +} + func BenchmarkStreamWrite(t *testing.B) { buf := make([]byte, 1024*1024) t.SetBytes(int64(len(buf)))