[test suite] added two GnuPG HMAC SHA512 tests
authorMichael Rash <mbr@cipherdyne.org>
Sat, 10 Aug 2013 17:54:03 +0000 (13:54 -0400)
committerMichael Rash <mbr@cipherdyne.org>
Sat, 10 Aug 2013 17:54:03 +0000 (13:54 -0400)
Makefile.am
test/conf/fwknoprc_gpg_hmac_sha512_key [new file with mode: 0644]
test/conf/fwknoprc_hmac_sha512_base64_key [new file with mode: 0644]
test/conf/gpg_hmac_sha512_access.conf [new file with mode: 0644]
test/conf/gpg_no_pw_hmac_sha512_access.conf [new file with mode: 0644]
test/test-fwknop.pl
test/tests/gpg_hmac.pl
test/tests/gpg_no_pw_hmac.pl

index 1ce46af..1192e03 100644 (file)
@@ -150,6 +150,10 @@ EXTRA_DIST = \
     test/conf/gpg_hmac_access.conf \
     test/conf/gpg_no_pw_access.conf \
     test/conf/gpg_no_pw_hmac_access.conf \
+    test/conf/fwknoprc_gpg_hmac_sha512_key \
+    test/conf/gpg_hmac_sha512_access.conf \
+    test/conf/fwknoprc_hmac_sha512_base64_key \
+    test/conf/gpg_no_pw_hmac_sha512_access.conf \
     test/conf/no_flush_init_fwknopd.conf \
     test/conf/no_flush_exit_fwknopd.conf \
     test/conf/no_flush_init_or_exit_fwknopd.conf \
diff --git a/test/conf/fwknoprc_gpg_hmac_sha512_key b/test/conf/fwknoprc_gpg_hmac_sha512_key
new file mode 100644 (file)
index 0000000..de7a7d9
--- /dev/null
@@ -0,0 +1,4 @@
+[default]
+HMAC_DIGEST_TYPE    sha512
+DIGEST_TYPE         sha512
+HMAC_KEY_BASE64     Yh+xizBnl6FotC5ec7FanVGClRMlsOAPh2u6eovnerfBVKwaVKzjGoblFMHMc593TNyi0dWn4opLoTIV9q/ttg==
diff --git a/test/conf/fwknoprc_hmac_sha512_base64_key b/test/conf/fwknoprc_hmac_sha512_base64_key
new file mode 100644 (file)
index 0000000..eeb055d
--- /dev/null
@@ -0,0 +1,4 @@
+[default]
+HMAC_DIGEST_TYPE    sha512
+KEY_BASE64          wzNP62oPPgEc+kXDPQLHPOayQBuNbYUTPP+QrErNDmg=
+HMAC_KEY_BASE64     Yh+xizBnl6FotC5ec7FanVGClRMlsOAPh2u6eovnerfBVKwaVKzjGoblFMHMc593TNyi0dWn4opLoTIV9q/ttg==
diff --git a/test/conf/gpg_hmac_sha512_access.conf b/test/conf/gpg_hmac_sha512_access.conf
new file mode 100644 (file)
index 0000000..917d383
--- /dev/null
@@ -0,0 +1,9 @@
+SOURCE                      ANY
+FW_ACCESS_TIMEOUT           3
+HMAC_DIGEST_TYPE            sha512
+DIGEST_TYPE                 sha512
+HMAC_KEY_BASE64             Yh+xizBnl6FotC5ec7FanVGClRMlsOAPh2u6eovnerfBVKwaVKzjGoblFMHMc593TNyi0dWn4opLoTIV9q/ttg==
+GPG_HOME_DIR                conf/server-gpg
+GPG_DECRYPT_ID              361BBAD4
+GPG_DECRYPT_PW              fwknoptest
+GPG_REMOTE_ID               6A3FAD56
diff --git a/test/conf/gpg_no_pw_hmac_sha512_access.conf b/test/conf/gpg_no_pw_hmac_sha512_access.conf
new file mode 100644 (file)
index 0000000..a954081
--- /dev/null
@@ -0,0 +1,8 @@
+SOURCE                      ANY
+FW_ACCESS_TIMEOUT           3
+HMAC_DIGEST_TYPE            sha512
+HMAC_KEY_BASE64             Yh+xizBnl6FotC5ec7FanVGClRMlsOAPh2u6eovnerfBVKwaVKzjGoblFMHMc593TNyi0dWn4opLoTIV9q/ttg==
+GPG_HOME_DIR                conf/server-gpg-no-pw
+GPG_DECRYPT_ID              361BBAD4
+GPG_ALLOW_NO_PW             Y
+GPG_REMOTE_ID               6A3FAD56
index e9a9b9d..0c69852 100755 (executable)
@@ -88,11 +88,13 @@ our %cf = (
     'hmac_dual_key_access'         => "$conf_dir/hmac_dual_key_usage_access.conf",
     'gpg_access'                   => "$conf_dir/gpg_access.conf",
     'gpg_hmac_access'              => "$conf_dir/gpg_hmac_access.conf",
+    'gpg_hmac_sha512_access'       => "$conf_dir/gpg_hmac_sha512_access.conf",
     'legacy_iv_access'             => "$conf_dir/legacy_iv_access.conf",
     'legacy_iv_long_key_access'    => "$conf_dir/legacy_iv_long_key_access.conf",
     'legacy_iv_long_key2_access'   => "$conf_dir/legacy_iv_long_key2_access.conf",
     'gpg_no_pw_access'             => "$conf_dir/gpg_no_pw_access.conf",
     'gpg_no_pw_hmac_access'        => "$conf_dir/gpg_no_pw_hmac_access.conf",
+    'gpg_no_pw_hmac_sha512_access' => "$conf_dir/gpg_no_pw_hmac_sha512_access.conf",
     'tcp_server'                   => "$conf_dir/tcp_server_fwknopd.conf",
     'tcp_pcap_filter'              => "$conf_dir/tcp_pcap_filter_fwknopd.conf",
     'icmp_pcap_filter'             => "$conf_dir/icmp_pcap_filter_fwknopd.conf",
@@ -123,10 +125,12 @@ our %cf = (
     'rc_hmac_equal_keys'           => "$conf_dir/fwknoprc_hmac_equal_keys",
     'rc_invalid_b64_key'           => "$conf_dir/fwknoprc_invalid_base64_key",
     'rc_hmac_b64_key'              => "$conf_dir/fwknoprc_default_hmac_base64_key",
+    'rc_hmac_sha512_b64_key'       => "$conf_dir/fwknoprc_hmac_sha512_base64_key",
     'rc_hmac_b64_key2'             => "$conf_dir/fwknoprc_hmac_key2",
     'rc_gpg_signing_pw'            => "$conf_dir/fwknoprc_gpg_signing_pw",
     'rc_gpg_named_signing_pw'      => "$conf_dir/fwknoprc_named_gpg_signing_pw",
     'rc_gpg_hmac_b64_key'          => "$conf_dir/fwknoprc_gpg_hmac_key",
+    'rc_gpg_hmac_sha512_b64_key'   => "$conf_dir/fwknoprc_gpg_hmac_sha512_key",
     'rc_gpg_args_hmac_b64_key'     => "$conf_dir/fwknoprc_gpg_args_hmac_key",
     'rc_gpg_args_no_pw_hmac_b64_key' => "$conf_dir/fwknoprc_gpg_args_no_pw_hmac_key",
     'rc_hmac_simple_key'           => "$conf_dir/fwknoprc_hmac_simple_keys",
index 8692c16..f9c2abc 100644 (file)
     {
         'category' => 'GPG+HMAC',
         'subcategory' => 'client+server',
+        'detail'   => 'complete cycle SHA512',
+        'function' => \&spa_cycle,
+        'cmdline'  => $default_client_gpg_args
+            . " --rc-file $cf{'rc_gpg_hmac_sha512_b64_key'}",
+        'fwknopd_cmdline' => "LD_LIBRARY_PATH=$lib_dir " .
+            "$valgrind_str $fwknopdCmd -c $cf{'def'} " .
+            "-a $cf{'gpg_hmac_sha512_access'} $intf_str " .
+            "-d $default_digest_file -p $default_pid_file",
+        'fw_rule_created' => $NEW_RULE_REQUIRED,
+        'fw_rule_removed' => $NEW_RULE_REMOVED,
+        'key_file' => $cf{'rc_gpg_hmac_sha512_b64_key'},
+        'fatal'    => $NO
+    },
+    {
+        'category' => 'GPG+HMAC',
+        'subcategory' => 'client+server',
         'detail'   => 'gpg args from rc file',
         'function' => \&spa_cycle,
         'cmdline'  => $default_client_args
index a66fa00..00747e7 100644 (file)
     {
         'category' => 'GPG (no pw) HMAC',
         'subcategory' => 'client+server',
+        'detail'   => 'complete cycle SHA512',
+        'function' => \&spa_cycle,
+        'cmdline'  => "$default_client_gpg_args_no_homedir "
+            . "--gpg-home-dir $gpg_client_home_dir_no_pw "
+            . "--rc-file $cf{'rc_gpg_hmac_sha512_b64_key'}",
+        'fwknopd_cmdline' => "LD_LIBRARY_PATH=$lib_dir " .
+            "$valgrind_str $fwknopdCmd -c $cf{'def'} " .
+            "-a $cf{'gpg_no_pw_hmac_sha512_access'} $intf_str " .
+            "-d $default_digest_file -p $default_pid_file",
+        'fw_rule_created' => $NEW_RULE_REQUIRED,
+        'fw_rule_removed' => $NEW_RULE_REMOVED,
+        'key_file' => $cf{'rc_gpg_hmac_sha512_b64_key'},
+        'fatal'    => $NO
+    },
+
+    {
+        'category' => 'GPG (no pw) HMAC',
+        'subcategory' => 'client+server',
         'detail'   => 'gpg args from rc file',
         'function' => \&spa_cycle,
         'cmdline'  => "$default_client_gpg_args_no_homedir "