From f1dbd19fe9f277430f4edc1501f4fb5dd8f745b1 Mon Sep 17 00:00:00 2001 From: Jakob Unterwurzacher Date: Sat, 18 Mar 2017 16:48:58 +0100 Subject: [PATCH] tests: add hkdf_sanity tests with broken example filesystem These are deliberately corrupt. --- .../hkdf_sanity/broken_content/gocryptfs.conf | 17 +++++++++ tests/hkdf_sanity/broken_content/status.txt | Bin 0 -> 60 bytes .../broken_names/L3yg-cJYAInDGg4TcjXrnw | Bin 0 -> 60 bytes tests/hkdf_sanity/broken_names/gocryptfs.conf | 20 +++++++++++ .../hkdf_sanity/broken_names/gocryptfs.diriv | 1 + tests/hkdf_sanity/sanity_test.go | 34 ++++++++++++++++++ 6 files changed, 72 insertions(+) create mode 100644 tests/hkdf_sanity/broken_content/gocryptfs.conf create mode 100644 tests/hkdf_sanity/broken_content/status.txt create mode 100644 tests/hkdf_sanity/broken_names/L3yg-cJYAInDGg4TcjXrnw create mode 100644 tests/hkdf_sanity/broken_names/gocryptfs.conf create mode 100644 tests/hkdf_sanity/broken_names/gocryptfs.diriv create mode 100644 tests/hkdf_sanity/sanity_test.go diff --git a/tests/hkdf_sanity/broken_content/gocryptfs.conf b/tests/hkdf_sanity/broken_content/gocryptfs.conf new file mode 100644 index 0000000..205f3ad --- /dev/null +++ b/tests/hkdf_sanity/broken_content/gocryptfs.conf @@ -0,0 +1,17 @@ +{ + "Creator": "gocryptfs v1.2.1-32-g14038a1-dirty", + "EncryptedKey": "b3888jnQC5GYem+YGtUkOTS13/YCOfA6J0/bkftfEoNA9fZTN2xMGw4c+LK+emg4L6P2wGvm44RUqCfFfgowxw==", + "ScryptObject": { + "Salt": "7YnR8bF7TzYNP5mIwmpQ1qj4e/QZkbH92Hx7YQctIZQ=", + "N": 1024, + "R": 8, + "P": 1, + "KeyLen": 32 + }, + "Version": 2, + "FeatureFlags": [ + "GCMIV128", + "HKDF", + "PlaintextNames" + ] +} diff --git a/tests/hkdf_sanity/broken_content/status.txt b/tests/hkdf_sanity/broken_content/status.txt new file mode 100644 index 0000000000000000000000000000000000000000..30d42f7f01be89acba707923a5b0e595c07b378c GIT binary patch literal 60 zcmV-C0K@+P0?JBbu30eZEe(D;qA+xCrD#p6oFqzLN>z4wQ`R2YR5M@|`N3MaPSMbH SHi>82&a|p!`t~>T$cCu}>m4fq literal 0 HcmV?d00001 diff --git a/tests/hkdf_sanity/broken_names/L3yg-cJYAInDGg4TcjXrnw b/tests/hkdf_sanity/broken_names/L3yg-cJYAInDGg4TcjXrnw new file mode 100644 index 0000000000000000000000000000000000000000..7ba2789f70f97cdba1c5c0002c7a0444b87bbb67 GIT binary patch literal 60 zcmV-C0K@+P0z_&n(B(lC(+AIMMnAdz&0o SaVW3$=4M|@NH3jjVsOe?Y8*iT literal 0 HcmV?d00001 diff --git a/tests/hkdf_sanity/broken_names/gocryptfs.conf b/tests/hkdf_sanity/broken_names/gocryptfs.conf new file mode 100644 index 0000000..f0b1509 --- /dev/null +++ b/tests/hkdf_sanity/broken_names/gocryptfs.conf @@ -0,0 +1,20 @@ +{ + "Creator": "gocryptfs v1.2.1-32-g14038a1-dirty", + "EncryptedKey": "0ymk/BtKEN1KmRLMquLinLIzXDaf+GLuP2f9R4VbLOglim9nXd5WxkCFl0DQg0J2FtCEke9MQBaCfL5OTJdR4g==", + "ScryptObject": { + "Salt": "tCrF2o5GoOyQt0LAlCWk47hyJsF5K6ID9uPzjTSBbh8=", + "N": 1024, + "R": 8, + "P": 1, + "KeyLen": 32 + }, + "Version": 2, + "FeatureFlags": [ + "GCMIV128", + "HKDF", + "DirIV", + "EMENames", + "LongNames", + "Raw64" + ] +} diff --git a/tests/hkdf_sanity/broken_names/gocryptfs.diriv b/tests/hkdf_sanity/broken_names/gocryptfs.diriv new file mode 100644 index 0000000..24f3d28 --- /dev/null +++ b/tests/hkdf_sanity/broken_names/gocryptfs.diriv @@ -0,0 +1 @@ +%Cx(E!dц \ No newline at end of file diff --git a/tests/hkdf_sanity/sanity_test.go b/tests/hkdf_sanity/sanity_test.go new file mode 100644 index 0000000..b382861 --- /dev/null +++ b/tests/hkdf_sanity/sanity_test.go @@ -0,0 +1,34 @@ +// We test two filesystems that have the "HKDF" feature flag in their config file +// set, but the actual file contents and names are encrypted with HKDF disabled. +// This test verifies that the "HKDF" feature flag in the config file takes effect. +package hkdf_sanity + +import ( + "io/ioutil" + "os" + "testing" + + "github.com/rfjakob/gocryptfs/tests/test_helpers" +) + +func TestBrokenContent(t *testing.T) { + cDir := "broken_content" + pDir := test_helpers.TmpDir + "/" + cDir + test_helpers.MountOrFatal(t, cDir, pDir, "-extpass", "echo test", "-wpanic=false") + _, err := ioutil.ReadFile(pDir + "/status.txt") + if err == nil { + t.Error("this should fail") + } + test_helpers.UnmountPanic(pDir) +} + +func TestBrokenNames(t *testing.T) { + cDir := "broken_names" + pDir := test_helpers.TmpDir + "/" + cDir + test_helpers.MountOrFatal(t, cDir, pDir, "-extpass", "echo test", "-wpanic=false") + _, err := os.Stat(pDir + "/status.txt") + if err == nil { + t.Error("this should fail") + } + test_helpers.UnmountPanic(pDir) +}