fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2026-01-06 08:30:15 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

libnm/crypto: refactor crypto test functions to return GBytes

Browse source 
Using GBytes consistently simplifies the code. Also use it
for the test related functions.
This commit is contained in:
Thomas Haller 2018-08-30 10:13:40 +02:00
parent 896a47da53
commit 639e6de6e3
3 changed files with 37 additions and 67 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
libnm-core/nm-crypto.c
View file

@ -52,19 +52,6 @@
/*****************************************************************************/
static GByteArray *
to_gbyte_array_mem (gconstpointer mem, gsize len)
{
GByteArray *arr;
arr = g_byte_array_sized_new (len);
if (len > 0)
g_byte_array_append (arr, mem, len);
return arr;
}
/*****************************************************************************/
static gboolean
find_tag (const char *tag,
const guint8 *data,
@ -519,7 +506,7 @@ decrypt_key (const char *cipher,
return TRUE;
}
GByteArray *
GBytes *
nmtst_crypto_decrypt_openssl_private_key_data (const guint8 *data,
gsize data_len,
const char *password,
@ -567,16 +554,16 @@ nmtst_crypto_decrypt_openssl_private_key_data (const guint8 *data,
error))
return NULL;
return to_gbyte_array_mem (parsed2.bin, parsed2.len);
return nm_secret_copy_to_gbytes (parsed2.bin, parsed2.len);
}
if (cipher || iv)
return NULL;
return to_gbyte_array_mem (parsed.bin, parsed.len);
return nm_secret_copy_to_gbytes (parsed.bin, parsed.len);
}
GByteArray *
GBytes *
nmtst_crypto_decrypt_openssl_private_key (const char *file,
const char *password,
NMCryptoKeyType *out_key_type,

18
libnm-core/nm-crypto.h
View file

@ -49,16 +49,16 @@ typedef enum {
NM_CRYPTO_FILE_FORMAT_PKCS12
} NMCryptoFileFormat;
GByteArray *nmtst_crypto_decrypt_openssl_private_key_data (const guint8 *data,
gsize data_len,
const char *password,
NMCryptoKeyType *out_key_type,
GError **error);
GBytes *nmtst_crypto_decrypt_openssl_private_key_data (const guint8 *data,
gsize data_len,
const char *password,
NMCryptoKeyType *out_key_type,
GError **error);
GByteArray *nmtst_crypto_decrypt_openssl_private_key (const char *file,
const char *password,
NMCryptoKeyType *out_key_type,
GError **error);
GBytes *nmtst_crypto_decrypt_openssl_private_key (const char *file,
const char *password,
NMCryptoKeyType *out_key_type,
GError **error);
gboolean nm_crypto_load_and_verify_certificate (const char *file,
NMCryptoFileFormat *out_file_format,

65
libnm-core/tests/test-crypto.c
View file

@ -113,22 +113,6 @@ test_cert (gconstpointer test_data)
g_assert (nm_utils_file_is_certificate (path));
}
static GByteArray *
file_to_byte_array (const char *filename)
{
char *contents;
GByteArray *array = NULL;
gsize length = 0;
if (g_file_get_contents (filename, &contents, &length, NULL)) {
array = g_byte_array_sized_new (length);
g_byte_array_append (array, (guint8 *) contents, length);
g_assert (array->len == length);
g_free (contents);
}
return array;
}
static void
test_load_private_key (const char *path,
const char *password,
@ -137,7 +121,7 @@ test_load_private_key (const char *path,
{
NMCryptoKeyType key_type = NM_CRYPTO_KEY_TYPE_UNKNOWN;
gboolean is_encrypted = FALSE;
GByteArray *array, *decrypted;
gs_unref_bytes GBytes *array = NULL;
GError *error = NULL;
g_assert (nm_utils_file_is_private_key (path, &is_encrypted));
@ -163,16 +147,14 @@ test_load_private_key (const char *path,
g_assert (array != NULL);
if (decrypted_path) {
gs_free char *contents = NULL;
gsize length;
/* Compare the crypto decrypted key against a known-good decryption */
decrypted = file_to_byte_array (decrypted_path);
g_assert (decrypted != NULL);
g_assert (decrypted->len == array->len);
g_assert (memcmp (decrypted->data, array->data, array->len) == 0);
g_byte_array_free (decrypted, TRUE);
if (!g_file_get_contents (decrypted_path, &contents, &length, NULL))
g_assert_not_reached ();
g_assert (nm_utils_gbytes_equal_mem (array, contents, length));
}
g_byte_array_free (array, TRUE);
}
static void
@ -260,34 +242,35 @@ test_encrypt_private_key (const char *path,
const char *password)
{
NMCryptoKeyType key_type = NM_CRYPTO_KEY_TYPE_UNKNOWN;
GByteArray *array, *encrypted, *re_decrypted;
gs_unref_bytes GBytes *array = NULL;
nm_auto_unref_bytearray GByteArray *encrypted = NULL;
gs_unref_bytes GBytes *re_decrypted = NULL;
GError *error = NULL;
array = nmtst_crypto_decrypt_openssl_private_key (path, password, &key_type, &error);
g_assert_no_error (error);
g_assert (array != NULL);
nmtst_assert_success (array, error);
g_assert_cmpint (key_type, ==, NM_CRYPTO_KEY_TYPE_RSA);
/* Now re-encrypt the private key */
encrypted = nm_utils_rsa_key_encrypt (array->data, array->len, password, NULL, &error);
g_assert_no_error (error);
g_assert (encrypted != NULL);
encrypted = nm_utils_rsa_key_encrypt (g_bytes_get_data (array, NULL),
g_bytes_get_size (array),
password,
NULL,
&error);
nmtst_assert_success (encrypted, error);
/* Then re-decrypt the private key */
key_type = NM_CRYPTO_KEY_TYPE_UNKNOWN;
re_decrypted = nmtst_crypto_decrypt_openssl_private_key_data (encrypted->data, encrypted->len,
password, &key_type, &error);
g_assert_no_error (error);
g_assert (re_decrypted != NULL);
re_decrypted = nmtst_crypto_decrypt_openssl_private_key_data (encrypted->data,
encrypted->len,
password,
&key_type,
&error);
nmtst_assert_success (re_decrypted, error);
g_assert_cmpint (key_type, ==, NM_CRYPTO_KEY_TYPE_RSA);
/* Compare the original decrypted key with the re-decrypted key */
g_assert_cmpint (array->len, ==, re_decrypted->len);
g_assert (!memcmp (array->data, re_decrypted->data, array->len));
g_byte_array_free (re_decrypted, TRUE);
g_byte_array_free (encrypted, TRUE);
g_byte_array_free (array, TRUE);
g_assert (g_bytes_equal (array, re_decrypted));
}
static void