diff --git a/.gitignore b/.gitignore index 616b70c..c60fad5 100644 --- a/.gitignore +++ b/.gitignore @@ -3,6 +3,8 @@ *.la *.lo *.pyc +*.gcno +*.gcda .deps .cproject .libs @@ -27,6 +29,12 @@ stamp* .project .cproject +/coverage + /po/POTFILES +/egg/tests/test-dh +/egg/tests/test-hkdf +/egg/tests/test-secmem + /library/tests/test-session diff --git a/Makefile.am b/Makefile.am index ade6afd..05042e1 100644 --- a/Makefile.am +++ b/Makefile.am @@ -4,3 +4,36 @@ include $(top_srcdir)/Makefile.decl ACLOCAL_AMFLAGS = -I m4 ${ACLOCAL_FLAGS} SUBDIRS = po egg library + +DISTCHECK_CONFIGURE_FLAGS = \ + --enable-debug=yes \ + --disable-coverage + +dist-hook: + @if test -d "$(srcdir)/.git"; \ + then \ + echo Creating ChangeLog && \ + ( cd "$(top_srcdir)" && \ + echo '# Generate automatically. Do not edit.'; echo; \ + $(top_srcdir)/missing --run git log --stat --date=short ) > ChangeLog.tmp \ + && mv -f ChangeLog.tmp $(top_distdir)/ChangeLog \ + || ( rm -f ChangeLog.tmp ; \ + echo Failed to generate ChangeLog >&2 ); \ + else \ + echo A git clone is required to generate a ChangeLog >&2; \ + fi + +if WITH_COVERAGE +check-coverage: clear-coverage check coverage + +coverage: + mkdir -p coverage + $(LCOV) --directory . --capture --output-file coverage/coverage.info + $(GENHTML) --output-directory coverage/coverage coverage/coverage.info + $(LCOV) --directory . --zerocounters + @echo "file://$(abs_top_builddir)/coverage/index.html" + +clear-coverage: + $(LCOV) --directory . --zerocounters + +endif diff --git a/configure.ac b/configure.ac index 00a24ee..5e10dd0 100644 --- a/configure.ac +++ b/configure.ac @@ -65,16 +65,18 @@ if test "$enable_gcrypt" != "no"; then AC_SUBST([LIBGCRYPT_CFLAGS]) AC_SUBST([LIBGCRYPT_LIBS]) - enable_gcrypt="yes" + gcrypt_status=$GCRYPT_VERSION + enable_gcrypt="yes" +else + gcrypt_status="no" fi AM_CONDITIONAL(WITH_GCRYPT, test "$enable_gcrypt" = "yes") - -dnl ************************************* -dnl *** Warnings to show if using GCC *** -dnl ************************************* +# -------------------------------------------------------------------- +# Compilation options +# AC_ARG_ENABLE(more-warnings, AS_HELP_STRING([--disable-more-warnings], [Inhibit compiler warnings]), @@ -105,19 +107,90 @@ AC_ARG_ENABLE(strict, [ AS_HELP_STRING([--enable-strict], [Strict code compilation]) ]) +AC_MSG_CHECKING([build strict]) + if test "$enable_strict" = "yes"; then CFLAGS="$CFLAGS -Werror \ -DGTK_DISABLE_DEPRECATED \ -DGDK_DISABLE_DEPRECATED \ - -DG_DISABLE_DEPRECATED" + -DG_DISABLE_DEPRECATED \ + -DGDK_PIXBUF_DISABLE_DEPRECATED" + TEST_MODE="thorough" +else + TEST_MODE="quick" + $enable_strict="no" fi -dnl ***************************** -dnl *** done *** -dnl ***************************** +AC_MSG_RESULT($enable_strict) +AC_SUBST(TEST_MODE) + +AC_MSG_CHECKING([for debug mode]) +AC_ARG_ENABLE(debug, + AC_HELP_STRING([--enable-debug=no/default/yes], + [Turn on or off debugging]) + ) + +if test "$enable_debug" != "no"; then + AC_DEFINE_UNQUOTED(WITH_DEBUG, 1, [Print debug output]) + AC_DEFINE_UNQUOTED(_DEBUG, 1, [In debug mode]) + CFLAGS="$CFLAGS -g" +fi +if test "$enable_debug" = "yes"; then + debug_status="yes" + CFLAGS="$CFLAGS -O0" +elif test "$enable_debug" = "no"; then + debug_status="no" + AC_DEFINE_UNQUOTED(G_DISABLE_ASSERT, 1, [Disable glib assertions]) +else + debug_status="default" +fi + +AC_MSG_RESULT($debug_status) + +AC_MSG_CHECKING([whether to build with gcov testing]) +AC_ARG_ENABLE([coverage], + AS_HELP_STRING([--enable-coverage], + [Whether to enable coverage testing ]), + [], [enable_coverage=no]) +AC_MSG_RESULT([$enable_coverage]) + +if test "$enable_coverage" = "yes"; then + if test "$GCC" != "yes"; then + AC_MSG_ERROR(Coverage testing requires GCC) + fi + + AC_PATH_PROG(GCOV, gcov, no) + if test "$GCOV" = "no" ; then + AC_MSG_ERROR(gcov tool is not available) + fi + + AC_PATH_PROG(LCOV, lcov, no) + if test "$LCOV" = "no" ; then + AC_MSG_ERROR(lcov tool is not installed) + fi + + AC_PATH_PROG(GENHTML, genhtml, no) + if test "$GENHTML" = "no" ; then + AC_MSG_ERROR(lcov's genhtml tool is not installed) + fi + + CFLAGS="$CFLAGS -O0 -g -fprofile-arcs -ftest-coverage" + LDFLAGS="$LDFLAGS -lgcov" +fi + +AM_CONDITIONAL([WITH_COVERAGE], [test "$enable_coverage" = "yes"]) +AC_SUBST(LCOV) +AC_SUBST(GCOV) +AC_SUBST(GENHTML) + +# ------------------------------------------------------------------------------ +# Results +# + AC_CONFIG_FILES([ Makefile egg/Makefile + egg/tests/Makefile po/Makefile.in po/Makefile library/Makefile @@ -125,13 +198,11 @@ AC_CONFIG_FILES([ ]) AC_OUTPUT -# ------------------------------------------------------------------------------ -# Summary -# - echo echo "CFLAGS: $CFLAGS" echo echo "OPTIONS:" -echo " libgcrypt: $enable_gcrypt" +echo " libgcrypt: $gcrypt_status" +echo " Debug: $debug_status" +echo " Coverage: $enable_coverage" echo diff --git a/egg/Makefile.am b/egg/Makefile.am index d499fea..af91d34 100644 --- a/egg/Makefile.am +++ b/egg/Makefile.am @@ -1,7 +1,10 @@ +SUBDIRS = . tests noinst_LTLIBRARIES = \ libegg.la +EXTRA_DIST = egg-testing.h + INCLUDES = \ -I$(top_srcdir) @@ -15,5 +18,6 @@ endif libegg_la_SOURCES = \ egg-secure-memory.c egg-secure-memory.h \ + egg-testing.c egg-testing.h \ $(ENCRYPTION_SRCS) \ $(BUILT_SOURCES) \ No newline at end of file diff --git a/egg/egg-testing.c b/egg/egg-testing.c new file mode 100644 index 0000000..0235ac0 --- /dev/null +++ b/egg/egg-testing.c @@ -0,0 +1,157 @@ +/* + * gnome-keyring + * + * Copyright (C) 2011 Collabora Ltd. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General License for more details. + * + * You should have received a copy of the GNU Lesser General + * License along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA + * 02111-1307, USA. + * + * Stef Walter + */ + +#include "config.h" + +#include "egg-testing.h" + +#include +#include + +static GCond *wait_condition = NULL; +static GCond *wait_start = NULL; +static GMutex *wait_mutex = NULL; +static gboolean wait_waiting = FALSE; + +static const char HEXC[] = "0123456789ABCDEF"; + +static gchar* +hex_dump (const guchar *data, gsize n_data) +{ + GString *result; + gsize i; + guchar j; + + g_assert (data); + + result = g_string_sized_new (n_data * 2 + 1); + for (i = 0; i < n_data; ++i) { + g_string_append (result, "\\x"); + + j = data[i] >> 4 & 0xf; + g_string_append_c (result, HEXC[j]); + j = data[i] & 0xf; + g_string_append_c (result, HEXC[j]); + } + + return g_string_free (result, FALSE); +} + +void +egg_assertion_message_cmpmem (const char *domain, + const char *file, + int line, + const char *func, + const char *expr, + gconstpointer arg1, + gsize n_arg1, + const char *cmp, + gconstpointer arg2, + gsize n_arg2) +{ + char *a1, *a2, *s; + a1 = arg1 ? hex_dump (arg1, n_arg1) : g_strdup ("NULL"); + a2 = arg2 ? hex_dump (arg2, n_arg2) : g_strdup ("NULL"); + s = g_strdup_printf ("assertion failed (%s): (%s %s %s)", expr, a1, cmp, a2); + g_free (a1); + g_free (a2); + g_assertion_message (domain, file, line, func, s); + g_free (s); +} + +void +egg_test_wait_stop (void) +{ + GTimeVal tv; + + g_get_current_time (&tv); + g_time_val_add (&tv, 1000); + + g_assert (wait_mutex); + g_assert (wait_condition); + g_mutex_lock (wait_mutex); + if (!wait_waiting) + g_cond_timed_wait (wait_start, wait_mutex, &tv); + g_assert (wait_waiting); + g_cond_broadcast (wait_condition); + g_mutex_unlock (wait_mutex); +} + +gboolean +egg_test_wait_until (int timeout) +{ + GTimeVal tv; + gboolean ret; + + g_get_current_time (&tv); + g_time_val_add (&tv, timeout * 1000); + + g_assert (wait_mutex); + g_assert (wait_condition); + g_mutex_lock (wait_mutex); + g_assert (!wait_waiting); + wait_waiting = TRUE; + g_cond_broadcast (wait_start); + ret = g_cond_timed_wait (wait_condition, wait_mutex, &tv); + g_assert (wait_waiting); + wait_waiting = FALSE; + g_mutex_unlock (wait_mutex); + + return ret; +} + +static gpointer +testing_thread (gpointer loop) +{ + /* Must have been defined by the test including this file */ + gint ret = g_test_run (); + g_main_loop_quit (loop); + return GINT_TO_POINTER (ret); +} + +gint +egg_tests_run_in_thread_with_loop (void) +{ + GThread *thread; + GMainLoop *loop; + gpointer ret; + + g_thread_init (NULL); + + loop = g_main_loop_new (NULL, FALSE); + wait_condition = g_cond_new (); + wait_start = g_cond_new (); + wait_mutex = g_mutex_new (); + + thread = g_thread_create (testing_thread, loop, TRUE, NULL); + g_assert (thread); + + g_main_loop_run (loop); + ret = g_thread_join (thread); + g_main_loop_unref (loop); + + g_cond_free (wait_condition); + g_mutex_free (wait_mutex); + + return GPOINTER_TO_INT (ret); +} diff --git a/egg/egg-testing.h b/egg/egg-testing.h new file mode 100644 index 0000000..f6b7a0e --- /dev/null +++ b/egg/egg-testing.h @@ -0,0 +1,52 @@ +/* + * gnome-keyring + * + * Copyright (C) 2011 Stefan Walter + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General License for more details. + * + * You should have received a copy of the GNU Lesser General + * License along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA + * 02111-1307, USA. + * + * Author: Stef Walter + */ + +#ifndef EGG_TESTING_H_ +#define EGG_TESTING_H_ + +#include +#include + +#define egg_assert_cmpsize(a, o, b) \ + g_assert_cmpuint ((guint)(a), o, (guint)(b)) + +#define egg_assert_cmpmem(a, na, cmp, b, nb) \ + do { gconstpointer __p1 = (a), __p2 = (b); gsize __n1 = (na), __n2 = (nb); \ + if (__n1 cmp __n2 && memcmp (__p1, __p2, __n1) cmp 0) ; else \ + egg_assertion_message_cmpmem (G_LOG_DOMAIN, __FILE__, __LINE__, \ + G_STRFUNC, #a "[" #na"] " #cmp " " #b "[" #nb "]", \ + __p1, __n1, #cmp, __p2, __n2); } while (0) + +void egg_assertion_message_cmpmem (const char *domain, const char *file, + int line, const char *func, + const char *expr, gconstpointer arg1, + gsize n_arg1, const char *cmp, + gconstpointer arg2, gsize n_arg2); + +void egg_test_wait_stop (void); + +gboolean egg_test_wait_until (int timeout); + +gint egg_tests_run_in_thread_with_loop (void); + +#endif /* EGG_DH_H_ */ diff --git a/egg/tests/Makefile.am b/egg/tests/Makefile.am new file mode 100644 index 0000000..f7cacc7 --- /dev/null +++ b/egg/tests/Makefile.am @@ -0,0 +1,27 @@ + +INCLUDES = \ + -I$(top_builddir) \ + -I$(top_srcdir) \ + -DSRCDIR="\"@abs_srcdir@\"" \ + $(GLIB_CFLAGS) + +LDADD = \ + $(top_builddir)/egg/libegg.la \ + $(LIBGCRYPT_LIBS) \ + $(GLIB_LIBS) + +TEST_PROGS = \ + test-secmem + +if WITH_GCRYPT +TEST_PROGS += test-hkdf test-dh +endif + +check_PROGRAMS = $(TEST_PROGS) + +test: $(TEST_PROGS) + gtester --verbose -m $(TEST_MODE) --g-fatal-warnings $(TEST_PROGS) + +check-local: test + +all-local: $(check_PROGRAMS) diff --git a/egg/tests/test-dh.c b/egg/tests/test-dh.c new file mode 100644 index 0000000..ba9fcfc --- /dev/null +++ b/egg/tests/test-dh.c @@ -0,0 +1,209 @@ +/* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 8; tab-width: 8 -*- */ +/* test-dh.c: Test egg-dh.c + + Copyright (C) 2009 Stefan Walter + + The Gnome Keyring Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Library General Public License as + published by the Free Software Foundation; either version 2 of the + License, or (at your option) any later version. + + The Gnome Keyring Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Library General Public License for more details. + + You should have received a copy of the GNU Library General Public + License along with the Gnome Library; see the file COPYING.LIB. If not, + write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, + Boston, MA 02111-1307, USA. + + Author: Stef Walter +*/ + +#include "config.h" + +#include "egg/egg-dh.h" +#include "egg/egg-secure-memory.h" +#include "egg/egg-testing.h" + +#include +#include +#include + +#include +#include + +EGG_SECURE_GLIB_DEFINITIONS (); + +static void +test_perform (void) +{ + gcry_mpi_t p, g; + gcry_mpi_t x1, X1; + gcry_mpi_t x2, X2; + gpointer k1, k2; + gboolean ret; + gsize n1, n2; + + /* Load up the parameters */ + if (!egg_dh_default_params ("ietf-ike-grp-modp-768", &p, &g)) + g_assert_not_reached (); + + /* Generate secrets */ + ret = egg_dh_gen_pair (p, g, 0, &X1, &x1); + g_assert (ret); + ret = egg_dh_gen_pair (p, g, 0, &X2, &x2); + g_assert (ret); + + /* Calculate keys */ + k1 = egg_dh_gen_secret (X2, x1, p, &n1); + g_assert (k1); + k2 = egg_dh_gen_secret (X1, x2, p, &n2); + g_assert (k2); + + /* Keys must be the same */ + egg_assert_cmpsize (n1, ==, n2); + g_assert (memcmp (k1, k2, n1) == 0); + + gcry_mpi_release (p); + gcry_mpi_release (g); + gcry_mpi_release (x1); + gcry_mpi_release (X1); + egg_secure_free (k1); + gcry_mpi_release (x2); + gcry_mpi_release (X2); + egg_secure_free (k2); +} + +static void +test_short_pair (void) +{ + gcry_mpi_t p, g; + gcry_mpi_t x1, X1; + gboolean ret; + + /* Load up the parameters */ + ret = egg_dh_default_params ("ietf-ike-grp-modp-1024", &p, &g); + g_assert (ret); + g_assert_cmpuint (gcry_mpi_get_nbits (p), ==, 1024); + + /* Generate secrets */ + ret = egg_dh_gen_pair (p, g, 512, &X1, &x1); + g_assert (ret); + g_assert_cmpuint (gcry_mpi_get_nbits (x1), <=, 512); + + gcry_mpi_release (p); + gcry_mpi_release (g); + gcry_mpi_release (x1); + gcry_mpi_release (X1); +} + +static void +check_dh_default (const gchar *name, guint bits) +{ + gboolean ret; + gcry_mpi_t p, g, check; + gconstpointer prime, base; + gsize n_prime, n_base; + gcry_error_t gcry; + + ret = egg_dh_default_params (name, &p, &g); + g_assert (ret); + g_assert_cmpint (gcry_mpi_get_nbits (p), ==, bits); + g_assert_cmpint (gcry_mpi_get_nbits (g), <, gcry_mpi_get_nbits (p)); + + ret = egg_dh_default_params_raw (name, &prime, &n_prime, &base, &n_base); + g_assert (ret); + g_assert (prime != NULL); + egg_assert_cmpsize (n_prime, >, 0); + g_assert (base != NULL); + egg_assert_cmpsize (n_base, >, 0); + + gcry = gcry_mpi_scan (&check, GCRYMPI_FMT_USG, prime, n_prime, NULL); + g_assert (gcry == 0); + g_assert (gcry_mpi_cmp (check, p) == 0); + gcry_mpi_release (check); + + gcry = gcry_mpi_scan (&check, GCRYMPI_FMT_USG, base, n_base, NULL); + g_assert (gcry == 0); + g_assert (gcry_mpi_cmp (check, g) == 0); + gcry_mpi_release (check); + + gcry_mpi_release (p); + gcry_mpi_release (g); +} + +static void +test_default_768 (void) +{ + check_dh_default ("ietf-ike-grp-modp-768", 768); +} + +static void +test_default_1024 (void) +{ + check_dh_default ("ietf-ike-grp-modp-1024", 1024); +} + +static void +test_default_1536 (void) +{ + check_dh_default ("ietf-ike-grp-modp-1536", 1536); +} + +static void +test_default_2048 (void) +{ + check_dh_default ("ietf-ike-grp-modp-2048", 2048); +} + +static void +test_default_3072 (void) +{ + check_dh_default ("ietf-ike-grp-modp-3072", 3072); +} + +static void +test_default_4096 (void) +{ + check_dh_default ("ietf-ike-grp-modp-4096", 4096); +} + +static void +test_default_8192 (void) +{ + check_dh_default ("ietf-ike-grp-modp-8192", 8192); +} + +static void +test_default_bad (void) +{ + gboolean ret; + gcry_mpi_t p, g; + + ret = egg_dh_default_params ("bad-name", &p, &g); + g_assert (!ret); +} + +int +main (int argc, char **argv) +{ + g_test_init (&argc, &argv, NULL); + + if (!g_test_quick ()) { + g_test_add_func ("/dh/perform", test_perform); + g_test_add_func ("/dh/short_pair", test_short_pair); + } + + g_test_add_func ("/dh/default_768", test_default_768); + g_test_add_func ("/dh/default_1024", test_default_1024); + g_test_add_func ("/dh/default_1536", test_default_1536); + g_test_add_func ("/dh/default_2048", test_default_2048); + g_test_add_func ("/dh/default_3072", test_default_3072); + g_test_add_func ("/dh/default_4096", test_default_4096); + g_test_add_func ("/dh/default_8192", test_default_8192); + g_test_add_func ("/dh/default_bad", test_default_bad); + + return g_test_run (); +} diff --git a/egg/tests/test-hkdf.c b/egg/tests/test-hkdf.c new file mode 100644 index 0000000..93f16df --- /dev/null +++ b/egg/tests/test-hkdf.c @@ -0,0 +1,345 @@ +/* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 8; tab-width: 8 -*- */ +/* test-hkdf.c: Test egg-hkdf.c + + Copyright (C) 2011 Collabora Ltd. + + The Gnome Keyring Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Library General Public License as + published by the Free Software Foundation; either version 2 of the + License, or (at your option) any later version. + + The Gnome Keyring Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Library General Public License for more details. + + You should have received a copy of the GNU Library General Public + License along with the Gnome Library; see the file COPYING.LIB. If not, + write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, + Boston, MA 02111-1307, USA. + + Author: Stef Walter +*/ + +#include "config.h" + +#include +#include +#include + +#include "egg/egg-hkdf.h" +#include "egg/egg-secure-memory.h" +#include "egg/egg-testing.h" + +#include + +EGG_SECURE_GLIB_DEFINITIONS (); + +static void +test_hkdf_test_case_1 (void) +{ + /* RFC 5869: A.1 Test Case 1 */ + const guchar ikm[] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b }; + const guchar salt[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c }; + const guchar info[] = { 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, + 0xf8, 0xf9 }; + const guchar okm[] = { 0x3c, 0xb2, 0x5f, 0x25, 0xfa, 0xac, 0xd5, 0x7a, + 0x90, 0x43, 0x4f, 0x64, 0xd0, 0x36, 0x2f, 0x2a, + 0x2d, 0x2d, 0x0a, 0x90, 0xcf, 0x1a, 0x5a, 0x4c, + 0x5d, 0xb0, 0x2d, 0x56, 0xec, 0xc4, 0xc5, 0xbf, + 0x34, 0x00, 0x72, 0x08, 0xd5, 0xb8, 0x87, 0x18, + 0x58, 0x65 }; + guchar buffer[sizeof (okm)]; + gboolean ret; + + egg_assert_cmpsize (sizeof (ikm), ==, 22); + egg_assert_cmpsize (sizeof (salt), ==, 13); + egg_assert_cmpsize (sizeof (info), ==, 10); + egg_assert_cmpsize (sizeof (okm), ==, 42); + + memset (buffer, 0, sizeof (buffer)); + ret = egg_hkdf_perform ("sha256", + ikm, sizeof (ikm), + salt, sizeof (salt), + info, sizeof (info), + buffer, sizeof (buffer)); + g_assert (ret); + egg_assert_cmpmem (buffer, sizeof (buffer), ==, okm, sizeof (okm)); +} + +static void +test_hkdf_test_case_2 (void) +{ + /* RFC 5869: A.2 Test Case 2 */ + const guchar ikm[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, + 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, + 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, + 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, + 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f }; + const guchar salt[] = { 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, + 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, + 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, + 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, + 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, + 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, + 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, + 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, + 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, + 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf }; + const guchar info[] = { 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, + 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, + 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, + 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, + 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, + 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, + 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, + 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, + 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, + 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff }; + const guchar okm[] = { 0xb1, 0x1e, 0x39, 0x8d, 0xc8, 0x03, 0x27, 0xa1, + 0xc8, 0xe7, 0xf7, 0x8c, 0x59, 0x6a, 0x49, 0x34, + 0x4f, 0x01, 0x2e, 0xda, 0x2d, 0x4e, 0xfa, 0xd8, + 0xa0, 0x50, 0xcc, 0x4c, 0x19, 0xaf, 0xa9, 0x7c, + 0x59, 0x04, 0x5a, 0x99, 0xca, 0xc7, 0x82, 0x72, + 0x71, 0xcb, 0x41, 0xc6, 0x5e, 0x59, 0x0e, 0x09, + 0xda, 0x32, 0x75, 0x60, 0x0c, 0x2f, 0x09, 0xb8, + 0x36, 0x77, 0x93, 0xa9, 0xac, 0xa3, 0xdb, 0x71, + 0xcc, 0x30, 0xc5, 0x81, 0x79, 0xec, 0x3e, 0x87, + 0xc1, 0x4c, 0x01, 0xd5, 0xc1, 0xf3, 0x43, 0x4f, + 0x1d, 0x87 }; + guchar buffer[sizeof (okm)]; + gboolean ret; + + egg_assert_cmpsize (sizeof (ikm), ==, 80); + egg_assert_cmpsize (sizeof (salt), ==, 80); + egg_assert_cmpsize (sizeof (info), ==, 80); + egg_assert_cmpsize (sizeof (okm), ==, 82); + + memset (buffer, 0, sizeof (buffer)); + ret = egg_hkdf_perform ("sha256", + ikm, sizeof (ikm), + salt, sizeof (salt), + info, sizeof (info), + buffer, sizeof (buffer)); + g_assert (ret); + egg_assert_cmpmem (buffer, sizeof (buffer), ==, okm, sizeof (okm)); +} + +static void +test_hkdf_test_case_3 (void) +{ + /* RFC 5869: A.3 Test Case 3 */ + const guchar ikm[] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,}; + const guchar salt[] = { }; + const guchar info[] = { }; + const guchar okm[] = { 0x8d, 0xa4, 0xe7, 0x75, 0xa5, 0x63, 0xc1, 0x8f, + 0x71, 0x5f, 0x80, 0x2a, 0x06, 0x3c, 0x5a, 0x31, + 0xb8, 0xa1, 0x1f, 0x5c, 0x5e, 0xe1, 0x87, 0x9e, + 0xc3, 0x45, 0x4e, 0x5f, 0x3c, 0x73, 0x8d, 0x2d, + 0x9d, 0x20, 0x13, 0x95, 0xfa, 0xa4, 0xb6, 0x1a, + 0x96, 0xc8 }; + guchar buffer[sizeof (okm)]; + gboolean ret; + + egg_assert_cmpsize (sizeof (ikm), ==, 22); + egg_assert_cmpsize (sizeof (salt), ==, 0); + egg_assert_cmpsize (sizeof (info), ==, 0); + egg_assert_cmpsize (sizeof (okm), ==, 42); + + memset (buffer, 0, sizeof (buffer)); + ret = egg_hkdf_perform ("sha256", + ikm, sizeof (ikm), + salt, sizeof (salt), + info, sizeof (info), + buffer, sizeof (buffer)); + g_assert (ret); + egg_assert_cmpmem (buffer, sizeof (buffer), ==, okm, sizeof (okm)); +} + +static void +test_hkdf_test_case_4 (void) +{ + /* RFC 5869: A.4 Test Case 4 */ + const guchar ikm[] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b }; + const guchar salt[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c }; + const guchar info[] = { 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, + 0xf8, 0xf9 }; + const guchar okm[] = { 0x08, 0x5a, 0x01, 0xea, 0x1b, 0x10, 0xf3, 0x69, + 0x33, 0x06, 0x8b, 0x56, 0xef, 0xa5, 0xad, 0x81, + 0xa4, 0xf1, 0x4b, 0x82, 0x2f, 0x5b, 0x09, 0x15, + 0x68, 0xa9, 0xcd, 0xd4, 0xf1, 0x55, 0xfd, 0xa2, + 0xc2, 0x2e, 0x42, 0x24, 0x78, 0xd3, 0x05, 0xf3, + 0xf8, 0x96 }; + guchar buffer[sizeof (okm)]; + gboolean ret; + + egg_assert_cmpsize (sizeof (ikm), ==, 11); + egg_assert_cmpsize (sizeof (salt), ==, 13); + egg_assert_cmpsize (sizeof (info), ==, 10); + egg_assert_cmpsize (sizeof (okm), ==, 42); + + memset (buffer, 0, sizeof (buffer)); + ret = egg_hkdf_perform ("sha1", + ikm, sizeof (ikm), + salt, sizeof (salt), + info, sizeof (info), + buffer, sizeof (buffer)); + g_assert (ret); + egg_assert_cmpmem (buffer, sizeof (buffer), ==, okm, sizeof (okm)); +} + +static void +test_hkdf_test_case_5 (void) +{ + /* RFC 5869: A.5 Test Case 5 */ + const guchar ikm[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, + 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, + 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, + 0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, + 0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, + 0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f }; + const guchar salt[] = { 0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, + 0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f, + 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, + 0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f, + 0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87, + 0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f, + 0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97, + 0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f, + 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7, + 0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf }; + const guchar info[] = { 0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7, + 0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf, + 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, + 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf, + 0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7, + 0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf, + 0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7, + 0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef, + 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, + 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff }; + const guchar okm[] = { 0x0b, 0xd7, 0x70, 0xa7, 0x4d, 0x11, 0x60, 0xf7, + 0xc9, 0xf1, 0x2c, 0xd5, 0x91, 0x2a, 0x06, 0xeb, + 0xff, 0x6a, 0xdc, 0xae, 0x89, 0x9d, 0x92, 0x19, + 0x1f, 0xe4, 0x30, 0x56, 0x73, 0xba, 0x2f, 0xfe, + 0x8f, 0xa3, 0xf1, 0xa4, 0xe5, 0xad, 0x79, 0xf3, + 0xf3, 0x34, 0xb3, 0xb2, 0x02, 0xb2, 0x17, 0x3c, + 0x48, 0x6e, 0xa3, 0x7c, 0xe3, 0xd3, 0x97, 0xed, + 0x03, 0x4c, 0x7f, 0x9d, 0xfe, 0xb1, 0x5c, 0x5e, + 0x92, 0x73, 0x36, 0xd0, 0x44, 0x1f, 0x4c, 0x43, + 0x00, 0xe2, 0xcf, 0xf0, 0xd0, 0x90, 0x0b, 0x52, + 0xd3, 0xb4 }; + guchar buffer[sizeof (okm)]; + gboolean ret; + + egg_assert_cmpsize (sizeof (ikm), ==, 80); + egg_assert_cmpsize (sizeof (salt), ==, 80); + egg_assert_cmpsize (sizeof (info), ==, 80); + egg_assert_cmpsize (sizeof (okm), ==, 82); + + memset (buffer, 0, sizeof (buffer)); + ret = egg_hkdf_perform ("sha1", + ikm, sizeof (ikm), + salt, sizeof (salt), + info, sizeof (info), + buffer, sizeof (buffer)); + g_assert (ret); + egg_assert_cmpmem (buffer, sizeof (buffer), ==, okm, sizeof (okm)); +} + +static void +test_hkdf_test_case_6 (void) +{ + /* RFC 5869: A.6 Test Case 6 */ + const guchar ikm[] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b }; + const guchar salt[] = { }; + const guchar info[] = { }; + const guchar okm[] = { 0x0a, 0xc1, 0xaf, 0x70, 0x02, 0xb3, 0xd7, 0x61, + 0xd1, 0xe5, 0x52, 0x98, 0xda, 0x9d, 0x05, 0x06, + 0xb9, 0xae, 0x52, 0x05, 0x72, 0x20, 0xa3, 0x06, + 0xe0, 0x7b, 0x6b, 0x87, 0xe8, 0xdf, 0x21, 0xd0, + 0xea, 0x00, 0x03, 0x3d, 0xe0, 0x39, 0x84, 0xd3, + 0x49, 0x18 }; + guchar buffer[sizeof (okm)]; + gboolean ret; + + egg_assert_cmpsize (sizeof (ikm), ==, 22); + egg_assert_cmpsize (sizeof (salt), ==, 0); + egg_assert_cmpsize (sizeof (info), ==, 0); + egg_assert_cmpsize (sizeof (okm), ==, 42); + + memset (buffer, 0, sizeof (buffer)); + ret = egg_hkdf_perform ("sha1", + ikm, sizeof (ikm), + salt, sizeof (salt), + info, sizeof (info), + buffer, sizeof (buffer)); + g_assert (ret); + egg_assert_cmpmem (buffer, sizeof (buffer), ==, okm, sizeof (okm)); +} + +static void +test_hkdf_test_case_7 (void) +{ + /* RFC 5869: A.7 Test Case 7 */ + const guchar ikm[] = { 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, + 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, + 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c }; + const guchar *salt = NULL; + const guchar info[] = { }; + const guchar okm[] = { 0x2c, 0x91, 0x11, 0x72, 0x04, 0xd7, 0x45, 0xf3, + 0x50, 0x0d, 0x63, 0x6a, 0x62, 0xf6, 0x4f, 0x0a, + 0xb3, 0xba, 0xe5, 0x48, 0xaa, 0x53, 0xd4, 0x23, + 0xb0, 0xd1, 0xf2, 0x7e, 0xbb, 0xa6, 0xf5, 0xe5, + 0x67, 0x3a, 0x08, 0x1d, 0x70, 0xcc, 0xe7, 0xac, + 0xfc, 0x48 }; + guchar buffer[sizeof (okm)]; + gboolean ret; + + egg_assert_cmpsize (sizeof (ikm), ==, 22); + egg_assert_cmpsize (sizeof (info), ==, 0); + egg_assert_cmpsize (sizeof (okm), ==, 42); + + memset (buffer, 0, sizeof (buffer)); + ret = egg_hkdf_perform ("sha1", + ikm, sizeof (ikm), + salt, sizeof (salt), + info, sizeof (info), + buffer, sizeof (buffer)); + g_assert (ret); + egg_assert_cmpmem (buffer, sizeof (buffer), ==, okm, sizeof (okm)); +} + +int +main (int argc, char **argv) +{ + g_test_init (&argc, &argv, NULL); + + g_test_add_func ("/hkdf/test-case-1", test_hkdf_test_case_1); + g_test_add_func ("/hkdf/test-case-2", test_hkdf_test_case_2); + g_test_add_func ("/hkdf/test-case-3", test_hkdf_test_case_3); + g_test_add_func ("/hkdf/test-case-4", test_hkdf_test_case_4); + g_test_add_func ("/hkdf/test-case-5", test_hkdf_test_case_5); + g_test_add_func ("/hkdf/test-case-6", test_hkdf_test_case_6); + g_test_add_func ("/hkdf/test-case-7", test_hkdf_test_case_7); + + return g_test_run (); +} diff --git a/egg/tests/test-secmem.c b/egg/tests/test-secmem.c new file mode 100644 index 0000000..20beec9 --- /dev/null +++ b/egg/tests/test-secmem.c @@ -0,0 +1,267 @@ +/* -*- Mode: C; indent-tabs-mode: t; c-basic-offset: 8; tab-width: 8 -*- */ +/* unit-test-secmem.c: Test low level secure memory allocation functionality + + Copyright (C) 2007 Stefan Walter + + The Gnome Keyring Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Library General Public License as + published by the Free Software Foundation; either version 2 of the + License, or (at your option) any later version. + + The Gnome Keyring Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Library General Public License for more details. + + You should have received a copy of the GNU Library General Public + License along with the Gnome Library; see the file COPYING.LIB. If not, + write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, + Boston, MA 02111-1307, USA. + + Author: Stef Walter +*/ + +#include "config.h" + +#include "egg/egg-secure-memory.h" + +#include + +#include +#include +#include + + +EGG_SECURE_GLIB_DEFINITIONS (); + +/* Declared in egg-secure-memory.c */ +extern int egg_secure_warnings; + +EGG_SECURE_DECLARE (tests); + +/* + * Each test looks like (on one line): + * void unit_test_xxxxx (CuTest* cu) + * + * Each setup looks like (on one line): + * void unit_setup_xxxxx (void); + * + * Each teardown looks like (on one line): + * void unit_teardown_xxxxx (void); + * + * Tests be run in the order specified here. + */ + +static gsize +find_non_zero (gpointer mem, gsize len) +{ + guchar *b, *e; + gsize sz = 0; + for (b = (guchar*)mem, e = ((guchar*)mem) + len; b != e; ++b, ++sz) { + if (*b != 0x00) + return sz; + } + + return G_MAXSIZE; +} + +static void +test_alloc_free (void) +{ + gpointer p; + gboolean ret; + + p = egg_secure_alloc_full ("tests", 512, 0); + g_assert (p != NULL); + g_assert_cmpint (G_MAXSIZE, ==, find_non_zero (p, 512)); + + memset (p, 0x67, 512); + + ret = egg_secure_check (p); + g_assert (ret == TRUE); + + egg_secure_free_full (p, 0); +} + +static void +test_realloc_across (void) +{ + gpointer p, p2; + + /* Tiny allocation */ + p = egg_secure_realloc_full ("tests", NULL, 1088, 0); + g_assert (p != NULL); + g_assert_cmpint (G_MAXSIZE, ==, find_non_zero (p, 1088)); + + /* Reallocate to a large one, will have to have changed blocks */ + p2 = egg_secure_realloc_full ("tests", p, 16200, 0); + g_assert (p2 != NULL); + g_assert_cmpint (G_MAXSIZE, ==, find_non_zero (p2, 16200)); +} + +static void +test_alloc_two (void) +{ + gpointer p, p2; + gboolean ret; + + p2 = egg_secure_alloc_full ("tests", 4, 0); + g_assert (p2 != NULL); + g_assert_cmpint (G_MAXSIZE, ==, find_non_zero (p2, 4)); + + memset (p2, 0x67, 4); + + p = egg_secure_alloc_full ("tests", 16200, 0); + g_assert (p != NULL); + g_assert_cmpint (G_MAXSIZE, ==, find_non_zero (p, 16200)); + + memset (p, 0x67, 16200); + + ret = egg_secure_check (p); + g_assert (ret == TRUE); + + egg_secure_free_full (p2, 0); + egg_secure_free_full (p, 0); +} + +static void +test_realloc (void) +{ + gchar *str = "a test string to see if realloc works properly"; + gpointer p, p2; + gsize len; + + len = strlen (str) + 1; + + p = egg_secure_realloc_full ("tests", NULL, len, 0); + g_assert (p != NULL); + g_assert_cmpint (G_MAXSIZE, ==, find_non_zero (p, len)); + + strcpy ((gchar*)p, str); + + p2 = egg_secure_realloc_full ("tests", p, 512, 0); + g_assert (p2 != NULL); + g_assert_cmpint (G_MAXSIZE, ==, find_non_zero (((gchar*)p2) + len, 512 - len)); + + g_assert (strcmp (p2, str) == 0); + + p = egg_secure_realloc_full ("tests", p2, 0, 0); + g_assert (p == NULL); +} + +static void +test_multialloc (void) +{ + GPtrArray *memory; + gpointer data; + gsize size; + int i, action, index; + + /* A predetermined seed to get a predetermined pattern */ + g_random_set_seed (15); + memory = g_ptr_array_new (); + + /* Don't print "can't allocate" warnings */ + egg_secure_warnings = 0; + + for (i = 0; TRUE; ++i) { + + /* Determine what we want to do */ + if (memory->len > 0) { + if (i > 100000) /* Once we've done 100000 alocations start freeing */ + action = 2; + else + action = g_random_int_range (0, 3); + } else { + action = 0; /* No allocations, so allocate */ + } + + switch (action) { + case 0: /* Allocate some memory */ + size = g_random_int_range (1, 16384); + data = egg_secure_alloc (size); + g_assert (data); + memset (data, 0xCAFEBABE, size); + g_ptr_array_add (memory, data); + break; + case 1: /* Reallocate some memory */ + index = g_random_int_range (0, memory->len); + data = g_ptr_array_index (memory, index); + g_assert (data); + size = g_random_int_range (1, 16384); + data = egg_secure_realloc (data, size); + g_assert (data); + memset (data, 0xCAFEBABE, size); + g_ptr_array_index (memory, index) = data; + break; + case 2: /* Free some memory */ + index = g_random_int_range (0, memory->len); + data = g_ptr_array_index (memory, index); + g_assert (data); + egg_secure_free (data); + g_ptr_array_remove_index_fast (memory, index); + break; + default: + g_assert_not_reached (); + } + + egg_secure_validate (); + + if (i > 100000 && !memory->len) + break; + } + + g_assert (memory->len == 0); + g_ptr_array_free (memory, TRUE); + + egg_secure_warnings = 1; +} + +static void +test_clear (void) +{ + gpointer p; + + p = egg_secure_alloc_full ("tests", 188, 0); + g_assert (p != NULL); + memset (p, 0x89, 188); + g_assert (memchr (p, 0x89, 188) == p); + + egg_secure_clear (p, 188); + g_assert (memchr (p, 0x89, 188) == NULL); + + egg_secure_free_full (p, 0); +} + +static void +test_strclear (void) +{ + gchar *str; + + str = egg_secure_strdup ("secret"); + g_assert (str != NULL); + g_assert_cmpuint (strlen (str), ==, 6); + g_assert (strchr (str, 't') == str + 5); + + egg_secure_strclear (str); + g_assert_cmpuint (strlen (str), ==, 6); + g_assert (strchr (str, 't') == NULL); + + egg_secure_free_full (str, 0); +} + +int +main (int argc, char **argv) +{ + g_test_init (&argc, &argv, NULL); + + g_test_add_func ("/secmem/alloc_free", test_alloc_free); + g_test_add_func ("/secmem/realloc_across", test_realloc_across); + g_test_add_func ("/secmem/alloc_two", test_alloc_two); + g_test_add_func ("/secmem/realloc", test_realloc); + g_test_add_func ("/secmem/multialloc", test_multialloc); + g_test_add_func ("/secmem/clear", test_clear); + g_test_add_func ("/secmem/strclear", test_strclear); + + return g_test_run (); +} diff --git a/po/POTFILES.in b/po/POTFILES.in index e69de29..ce1ace3 100644 --- a/po/POTFILES.in +++ b/po/POTFILES.in @@ -0,0 +1,2 @@ +library/gsecret-item.c +library/gsecret-service.c diff --git a/po/gsecret.pot b/po/gsecret.pot new file mode 100644 index 0000000..19499ab --- /dev/null +++ b/po/gsecret.pot @@ -0,0 +1,29 @@ +# SOME DESCRIPTIVE TITLE. +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the PACKAGE package. +# FIRST AUTHOR , YEAR. +# +#, fuzzy +msgid "" +msgstr "" +"Project-Id-Version: PACKAGE VERSION\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2011-09-25 21:16+0200\n" +"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" +"Last-Translator: FULL NAME \n" +"Language-Team: LANGUAGE \n" +"Language: \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=CHARSET\n" +"Content-Transfer-Encoding: 8bit\n" + +#: ../library/gsecret-item.c:147 ../library/gsecret-item.c:248 +#, c-format +msgid "Received invalid secret from the secret storage" +msgstr "" + +#: ../library/gsecret-service.c:308 ../library/gsecret-service.c:348 +#: ../library/gsecret-service.c:508 +#, c-format +msgid "Couldn't communicate with the secret storage" +msgstr ""