aboutsummaryrefslogtreecommitdiff
path: root/tests/hkdf_sanity
diff options
context:
space:
mode:
Diffstat (limited to 'tests/hkdf_sanity')
-rw-r--r--tests/hkdf_sanity/broken_content/gocryptfs.conf17
-rw-r--r--tests/hkdf_sanity/broken_content/status.txtbin0 -> 60 bytes
-rw-r--r--tests/hkdf_sanity/broken_names/L3yg-cJYAInDGg4TcjXrnwbin0 -> 60 bytes
-rw-r--r--tests/hkdf_sanity/broken_names/gocryptfs.conf20
-rw-r--r--tests/hkdf_sanity/broken_names/gocryptfs.diriv1
-rw-r--r--tests/hkdf_sanity/sanity_test.go34
6 files changed, 72 insertions, 0 deletions
diff --git a/tests/hkdf_sanity/broken_content/gocryptfs.conf b/tests/hkdf_sanity/broken_content/gocryptfs.conf
new file mode 100644
index 0000000..205f3ad
--- /dev/null
+++ b/tests/hkdf_sanity/broken_content/gocryptfs.conf
@@ -0,0 +1,17 @@
+{
+ "Creator": "gocryptfs v1.2.1-32-g14038a1-dirty",
+ "EncryptedKey": "b3888jnQC5GYem+YGtUkOTS13/YCOfA6J0/bkftfEoNA9fZTN2xMGw4c+LK+emg4L6P2wGvm44RUqCfFfgowxw==",
+ "ScryptObject": {
+ "Salt": "7YnR8bF7TzYNP5mIwmpQ1qj4e/QZkbH92Hx7YQctIZQ=",
+ "N": 1024,
+ "R": 8,
+ "P": 1,
+ "KeyLen": 32
+ },
+ "Version": 2,
+ "FeatureFlags": [
+ "GCMIV128",
+ "HKDF",
+ "PlaintextNames"
+ ]
+}
diff --git a/tests/hkdf_sanity/broken_content/status.txt b/tests/hkdf_sanity/broken_content/status.txt
new file mode 100644
index 0000000..30d42f7
--- /dev/null
+++ b/tests/hkdf_sanity/broken_content/status.txt
Binary files differ
diff --git a/tests/hkdf_sanity/broken_names/L3yg-cJYAInDGg4TcjXrnw b/tests/hkdf_sanity/broken_names/L3yg-cJYAInDGg4TcjXrnw
new file mode 100644
index 0000000..7ba2789
--- /dev/null
+++ b/tests/hkdf_sanity/broken_names/L3yg-cJYAInDGg4TcjXrnw
Binary files differ
diff --git a/tests/hkdf_sanity/broken_names/gocryptfs.conf b/tests/hkdf_sanity/broken_names/gocryptfs.conf
new file mode 100644
index 0000000..f0b1509
--- /dev/null
+++ b/tests/hkdf_sanity/broken_names/gocryptfs.conf
@@ -0,0 +1,20 @@
+{
+ "Creator": "gocryptfs v1.2.1-32-g14038a1-dirty",
+ "EncryptedKey": "0ymk/BtKEN1KmRLMquLinLIzXDaf+GLuP2f9R4VbLOglim9nXd5WxkCFl0DQg0J2FtCEke9MQBaCfL5OTJdR4g==",
+ "ScryptObject": {
+ "Salt": "tCrF2o5GoOyQt0LAlCWk47hyJsF5K6ID9uPzjTSBbh8=",
+ "N": 1024,
+ "R": 8,
+ "P": 1,
+ "KeyLen": 32
+ },
+ "Version": 2,
+ "FeatureFlags": [
+ "GCMIV128",
+ "HKDF",
+ "DirIV",
+ "EMENames",
+ "LongNames",
+ "Raw64"
+ ]
+}
diff --git a/tests/hkdf_sanity/broken_names/gocryptfs.diriv b/tests/hkdf_sanity/broken_names/gocryptfs.diriv
new file mode 100644
index 0000000..24f3d28
--- /dev/null
+++ b/tests/hkdf_sanity/broken_names/gocryptfs.diriv
@@ -0,0 +1 @@
+%Cx(E!dц \ No newline at end of file
diff --git a/tests/hkdf_sanity/sanity_test.go b/tests/hkdf_sanity/sanity_test.go
new file mode 100644
index 0000000..b382861
--- /dev/null
+++ b/tests/hkdf_sanity/sanity_test.go
@@ -0,0 +1,34 @@
+// We test two filesystems that have the "HKDF" feature flag in their config file
+// set, but the actual file contents and names are encrypted with HKDF disabled.
+// This test verifies that the "HKDF" feature flag in the config file takes effect.
+package hkdf_sanity
+
+import (
+ "io/ioutil"
+ "os"
+ "testing"
+
+ "github.com/rfjakob/gocryptfs/tests/test_helpers"
+)
+
+func TestBrokenContent(t *testing.T) {
+ cDir := "broken_content"
+ pDir := test_helpers.TmpDir + "/" + cDir
+ test_helpers.MountOrFatal(t, cDir, pDir, "-extpass", "echo test", "-wpanic=false")
+ _, err := ioutil.ReadFile(pDir + "/status.txt")
+ if err == nil {
+ t.Error("this should fail")
+ }
+ test_helpers.UnmountPanic(pDir)
+}
+
+func TestBrokenNames(t *testing.T) {
+ cDir := "broken_names"
+ pDir := test_helpers.TmpDir + "/" + cDir
+ test_helpers.MountOrFatal(t, cDir, pDir, "-extpass", "echo test", "-wpanic=false")
+ _, err := os.Stat(pDir + "/status.txt")
+ if err == nil {
+ t.Error("this should fail")
+ }
+ test_helpers.UnmountPanic(pDir)
+}