jacobpascual/keepassxc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add sharing of groups between databases

Browse Source 
* Add source folder keeshare for sharing with corresponding define WITH_XC_KEESHARE
* Move common crypto parts to src/crypto/ssh
* Extended OpenSSHKey
* Move filewatching to own file (currently in two related classes DelayedFileWatcher and BulkFileWatcher)
* Small improvements for style and code in several classes
* Sharing is secured using RSA-Keys which are generated on demand
* Publisher signs the container using their private key
* Client can verify the signed container and choose to decline an import,
import only once or trust the publisher and automatically import all
data of this source henceforth
* Integration of settings into Group-Settings, Database-Settings and Application-Settings
* Introduced dependency QuaZip as dependency to allow combined export of
key container and the (custom format) certificate
This commit is contained in:
Christian Kieschnick
2018-10-01 10:26:24 -04:00
committed by Jonathan White
parent c1e9f45df9
commit eca9c658f4
106 changed files with 5828 additions and 503 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
tests/CMakeLists.txt
View File

@@ -95,7 +95,7 @@ set(TEST_LIBRARIES
${ZLIB_LIBRARIES}
)
set(testsupport_SOURCES TestGlobal.h modeltest.cpp FailDevice.cpp stub/TestClock.cpp)
set(testsupport_SOURCES TestGlobal.h modeltest.cpp FailDevice.cpp stub/TestClock.cpp stub/TestRandom.cpp)
add_library(testsupport STATIC ${testsupport_SOURCES})
target_link_libraries(testsupport Qt5::Core Qt5::Concurrent Qt5::Widgets Qt5::Test)
@@ -130,6 +130,11 @@ add_unit_test(NAME testcryptohash SOURCES TestCryptoHash.cpp
add_unit_test(NAME testsymmetriccipher SOURCES TestSymmetricCipher.cpp
LIBS ${TEST_LIBRARIES})
if(WITH_XC_KEESHARE)
add_unit_test(NAME testsignature SOURCES TestSignature.cpp
LIBS ${TEST_LIBRARIES})
endif()
add_unit_test(NAME testhashedblockstream SOURCES TestHashedBlockStream.cpp
LIBS testsupport ${TEST_LIBRARIES})
@@ -154,9 +159,9 @@ if(WITH_XC_AUTOTYPE)
set_target_properties(testautotype PROPERTIES ENABLE_EXPORTS ON)
endif()
if(WITH_XC_SSHAGENT)
add_unit_test(NAME testopensshkey SOURCES TestOpenSSHKey.cpp
LIBS sshagent ${TEST_LIBRARIES})
if(WITH_XC_CRYPTO_SSH)
add_unit_test(NAME testopensshkey SOURCES TestOpenSSHKey.cpp
LIBS ${TEST_LIBRARIES})
endif()
add_unit_test(NAME testentry SOURCES TestEntry.cpp
@@ -174,8 +179,8 @@ add_unit_test(NAME testbase32 SOURCES TestBase32.cpp
add_unit_test(NAME testcsvparser SOURCES TestCsvParser.cpp
LIBS ${TEST_LIBRARIES})
add_unit_test(NAME testrandom SOURCES TestRandom.cpp
LIBS ${TEST_LIBRARIES})
add_unit_test(NAME testrandomgenerator SOURCES TestRandomGenerator.cpp
LIBS testsupport ${TEST_LIBRARIES})
add_unit_test(NAME testentrysearcher SOURCES TestEntrySearcher.cpp
LIBS ${TEST_LIBRARIES})
@@ -187,6 +192,11 @@ add_unit_test(NAME testykchallengeresponsekey
SOURCES TestYkChallengeResponseKey.cpp
LIBS ${TEST_LIBRARIES})
if(WITH_XC_KEESHARE)
add_unit_test(NAME testsharing SOURCES TestSharing.cpp
LIBS testsupport ${TEST_LIBRARIES})
endif()
add_unit_test(NAME testdatabase SOURCES TestDatabase.cpp
LIBS ${TEST_LIBRARIES})

58
tests/TestOpenSSHKey.cpp
View File

@@ -18,7 +18,8 @@
#include "TestOpenSSHKey.h"
#include "TestGlobal.h"
#include "crypto/Crypto.h"
#include "sshagent/OpenSSHKey.h"
#include "crypto/ssh/BinaryStream.h"
#include "crypto/ssh/OpenSSHKey.h"
QTEST_GUILESS_MAIN(TestOpenSSHKey)
@@ -43,7 +44,7 @@ void TestOpenSSHKey::testParse()
const QByteArray keyData = keyString.toLatin1();
OpenSSHKey key;
QVERIFY(key.parse(keyData));
QVERIFY(key.parsePKCS1PEM(keyData));
QVERIFY(!key.encrypted());
QCOMPARE(key.cipherName(), QString("none"));
QCOMPARE(key.type(), QString("ssh-ed25519"));
@@ -79,7 +80,7 @@ void TestOpenSSHKey::testParseDSA()
const QByteArray keyData = keyString.toLatin1();
OpenSSHKey key;
QVERIFY(key.parse(keyData));
QVERIFY(key.parsePKCS1PEM(keyData));
QVERIFY(!key.encrypted());
QCOMPARE(key.cipherName(), QString("none"));
QCOMPARE(key.type(), QString("ssh-dss"));
@@ -125,11 +126,11 @@ void TestOpenSSHKey::testDecryptRSAAES128CBC()
const QByteArray keyData = keyString.toLatin1();
OpenSSHKey key;
QVERIFY(key.parse(keyData));
QVERIFY(key.parsePKCS1PEM(keyData));
QVERIFY(key.encrypted());
QCOMPARE(key.cipherName(), QString("AES-128-CBC"));
QVERIFY(!key.openPrivateKey("incorrectpassphrase"));
QVERIFY(key.openPrivateKey("correctpassphrase"));
QVERIFY(!key.openKey("incorrectpassphrase"));
QVERIFY(key.openKey("correctpassphrase"));
QCOMPARE(key.type(), QString("ssh-rsa"));
QCOMPARE(key.comment(), QString(""));
QCOMPARE(key.fingerprint(), QString("SHA256:1Hsebt2WWnmc72FERsUOgvaajIGHkrMONxXylcmk87U"));
@@ -168,7 +169,7 @@ void TestOpenSSHKey::testParseRSA()
const QByteArray keyData = keyString.toLatin1();
OpenSSHKey key;
QVERIFY(key.parse(keyData));
QVERIFY(key.parsePKCS1PEM(keyData));
QVERIFY(!key.encrypted());
QCOMPARE(key.cipherName(), QString("none"));
QCOMPARE(key.type(), QString("ssh-rsa"));
@@ -246,8 +247,8 @@ void TestOpenSSHKey::testParseRSACompare()
QByteArray oldPrivateKey, newPrivateKey;
BinaryStream oldPrivateStream(&oldPrivateKey), newPrivateStream(&newPrivateKey);
QVERIFY(oldKey.parse(oldKeyData));
QVERIFY(newKey.parse(newKeyData));
QVERIFY(oldKey.parsePKCS1PEM(oldKeyData));
QVERIFY(newKey.parsePKCS1PEM(newKeyData));
// comment is not part of the old format and writePrivate() includes it
oldKey.setComment("id_rsa");
@@ -274,11 +275,11 @@ void TestOpenSSHKey::testDecryptOpenSSHAES256CBC()
const QByteArray keyData = keyString.toLatin1();
OpenSSHKey key;
QVERIFY(key.parse(keyData));
QVERIFY(key.parsePKCS1PEM(keyData));
QVERIFY(key.encrypted());
QCOMPARE(key.cipherName(), QString("aes256-cbc"));
QVERIFY(!key.openPrivateKey("incorrectpassphrase"));
QVERIFY(key.openPrivateKey("correctpassphrase"));
QVERIFY(!key.openKey("incorrectpassphrase"));
QVERIFY(key.openKey("correctpassphrase"));
QCOMPARE(key.type(), QString("ssh-ed25519"));
QCOMPARE(key.comment(), QString("opensshkey-test-aes256cbc@keepassxc"));
@@ -330,11 +331,11 @@ void TestOpenSSHKey::testDecryptRSAAES256CBC()
const QByteArray keyData = keyString.toLatin1();
OpenSSHKey key;
QVERIFY(key.parse(keyData));
QVERIFY(key.parsePKCS1PEM(keyData));
QVERIFY(key.encrypted());
QCOMPARE(key.cipherName(), QString("AES-256-CBC"));
QVERIFY(!key.openPrivateKey("incorrectpassphrase"));
QVERIFY(key.openPrivateKey("correctpassphrase"));
QVERIFY(!key.openKey("incorrectpassphrase"));
QVERIFY(key.openKey("correctpassphrase"));
QCOMPARE(key.type(), QString("ssh-rsa"));
QCOMPARE(key.comment(), QString(""));
QCOMPARE(key.fingerprint(), QString("SHA256:1Hsebt2WWnmc72FERsUOgvaajIGHkrMONxXylcmk87U"));
@@ -354,11 +355,11 @@ void TestOpenSSHKey::testDecryptOpenSSHAES256CTR()
const QByteArray keyData = keyString.toLatin1();
OpenSSHKey key;
QVERIFY(key.parse(keyData));
QVERIFY(key.parsePKCS1PEM(keyData));
QVERIFY(key.encrypted());
QCOMPARE(key.cipherName(), QString("aes256-ctr"));
QVERIFY(!key.openPrivateKey("incorrectpassphrase"));
QVERIFY(key.openPrivateKey("correctpassphrase"));
QVERIFY(!key.openKey("incorrectpassphrase"));
QVERIFY(key.openKey("correctpassphrase"));
QCOMPARE(key.type(), QString("ssh-ed25519"));
QCOMPARE(key.comment(), QString("opensshkey-test-aes256ctr@keepassxc"));
@@ -410,11 +411,11 @@ void TestOpenSSHKey::testDecryptRSAAES256CTR()
const QByteArray keyData = keyString.toLatin1();
OpenSSHKey key;
QVERIFY(key.parse(keyData));
QVERIFY(key.parsePKCS1PEM(keyData));
QVERIFY(key.encrypted());
QCOMPARE(key.cipherName(), QString("AES-256-CTR"));
QVERIFY(!key.openPrivateKey("incorrectpassphrase"));
QVERIFY(key.openPrivateKey("correctpassphrase"));
QVERIFY(!key.openKey("incorrectpassphrase"));
QVERIFY(key.openKey("correctpassphrase"));
QCOMPARE(key.type(), QString("ssh-rsa"));
QCOMPARE(key.comment(), QString(""));
QCOMPARE(key.fingerprint(), QString("SHA256:1Hsebt2WWnmc72FERsUOgvaajIGHkrMONxXylcmk87U"));
@@ -436,12 +437,21 @@ void TestOpenSSHKey::testDecryptUTF8()
const QByteArray keyData = keyString.toLatin1();
OpenSSHKey key;
QVERIFY(key.parse(keyData));
QVERIFY(key.parsePKCS1PEM(keyData));
QVERIFY(key.encrypted());
QCOMPARE(key.cipherName(), QString("aes256-ctr"));
QVERIFY(!key.openPrivateKey("incorrectpassphrase"));
QVERIFY(key.openPrivateKey("äåéëþüúíóö"));
QVERIFY(!key.openKey("incorrectpassphrase"));
QVERIFY(key.openKey("äåéëþüúíóö"));
QCOMPARE(key.fingerprint(), QString("SHA256:EfUXwvH4rOoys+AlbznCqjMwzIVW8KuhoWu9uT03FYA"));
QCOMPARE(key.type(), QString("ssh-ed25519"));
QCOMPARE(key.comment(), QString("opensshkey-test-utf8@keepassxc"));
}
void TestOpenSSHKey::testGenerateRSA()
{
OpenSSHKey key = OpenSSHKey::generate(false);
QVERIFY(!key.encrypted());
QCOMPARE(key.cipherName(), QString("none"));
QCOMPARE(key.type(), QString("ssh-rsa"));
QCOMPARE(key.comment(), QString(""));
}

1
tests/TestOpenSSHKey.h
View File

@@ -38,6 +38,7 @@ private slots:
void testDecryptOpenSSHAES256CTR();
void testDecryptRSAAES256CTR();
void testDecryptUTF8();
void testGenerateRSA();
};
#endif // TESTOPENSSHKEY_H

48
tests/TestRandom.cpp → tests/TestRandomGenerator.cpp
View File

@@ -15,21 +15,31 @@
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "TestRandom.h"
#include "TestRandomGenerator.h"
#include "TestGlobal.h"
#include "core/Endian.h"
#include "core/Global.h"
#include "stub/TestRandom.h"
QTEST_GUILESS_MAIN(TestRandom)
#include <QTest>
void TestRandom::initTestCase()
QTEST_GUILESS_MAIN(TestRandomGenerator)
void TestRandomGenerator::initTestCase()
{
m_backend = new RandomBackendTest();
m_backend = new RandomBackendPreset();
Random::createWithBackend(m_backend);
TestRandom::setup(m_backend);
}
void TestRandom::testUInt()
void TestRandomGenerator::cleanupTestCase()
{
TestRandom::teardown();
m_backend = nullptr;
}
void TestRandomGenerator::testUInt()
{
QByteArray nextBytes;
@@ -60,7 +70,7 @@ void TestRandom::testUInt()
QCOMPARE(randomGen()->randomUInt((QUINT32_MAX / 2U) + 1U), QUINT32_MAX / 2U);
}
void TestRandom::testUIntRange()
void TestRandomGenerator::testUIntRange()
{
QByteArray nextBytes;
@@ -68,27 +78,3 @@ void TestRandom::testUIntRange()
m_backend->setNextBytes(nextBytes);
QCOMPARE(randomGen()->randomUIntRange(100, 200), 142U);
}
RandomBackendTest::RandomBackendTest()
: m_bytesIndex(0)
{
}
void RandomBackendTest::randomize(void* data, int len)
{
QVERIFY(len <= (m_nextBytes.size() - m_bytesIndex));
char* charData = reinterpret_cast<char*>(data);
for (int i = 0; i < len; i++) {
charData[i] = m_nextBytes[m_bytesIndex + i];
}
m_bytesIndex += len;
}
void RandomBackendTest::setNextBytes(const QByteArray& nextBytes)
{
m_nextBytes = nextBytes;
m_bytesIndex = 0;
}

23
tests/TestRandom.h → tests/TestRandomGenerator.h
View File

@@ -15,36 +15,27 @@
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef KEEPASSX_TESTRANDOM_H
#define KEEPASSX_TESTRANDOM_H
#ifndef KEEPASSX_TESTRANDOMGENERATOR_H
#define KEEPASSX_TESTRANDOMGENERATOR_H
#include "crypto/Random.h"
#include <QObject>
class RandomBackendTest : public RandomBackend
{
public:
RandomBackendTest();
void randomize(void* data, int len) override;
void setNextBytes(const QByteArray& nextBytes);
class RandomBackendPreset;
private:
QByteArray m_nextBytes;
int m_bytesIndex;
};
class TestRandom : public QObject
class TestRandomGenerator : public QObject
{
Q_OBJECT
private slots:
void initTestCase();
void cleanupTestCase();
void testUInt();
void testUIntRange();
private:
RandomBackendTest* m_backend;
RandomBackendPreset* m_backend;
};
#endif // KEEPASSX_TESTRANDOM_H
#endif // KEEPASSX_TESTRANDOMGENERATOR_H

306
tests/TestSharing.cpp Normal file
View File

@@ -0,0 +1,306 @@
/*
* Copyright (C) 2018 KeePassXC Team <team@keepassxc.org>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 2 or (at your option)
* version 3 of the License.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "TestSharing.h"
#include "TestGlobal.h"
#include "stub/TestRandom.h"
#include <QBuffer>
#include <QSignalSpy>
#include <QTemporaryFile>
#include <QXmlStreamReader>
#include <QXmlStreamWriter>
#include "config-keepassx-tests.h"
#include "core/Metadata.h"
#include "crypto/Crypto.h"
#include "crypto/Random.h"
#include "crypto/ssh/OpenSSHKey.h"
#include "format/KeePass2Writer.h"
#include "keeshare/KeeShareSettings.h"
#include "keys/PasswordKey.h"
#include <format/KeePass2Reader.h>
QTEST_GUILESS_MAIN(TestSharing)
Q_DECLARE_METATYPE(KeeShareSettings::Type)
Q_DECLARE_METATYPE(KeeShareSettings::Key)
Q_DECLARE_METATYPE(KeeShareSettings::Certificate)
Q_DECLARE_METATYPE(QList<KeeShareSettings::Certificate>)
void TestSharing::initTestCase()
{
QVERIFY(Crypto::init());
}
void TestSharing::cleanupTestCase()
{
TestRandom::teardown();
}
void TestSharing::testIdempotentDatabaseWriting()
{
QScopedPointer<Database> db(new Database());
auto key = QSharedPointer<CompositeKey>::create();
key->addKey(QSharedPointer<PasswordKey>::create("password"));
db->setKey(key);
Group* sharingGroup = new Group();
sharingGroup->setName("SharingGroup");
sharingGroup->setUuid(QUuid::createUuid());
sharingGroup->setParent(db->rootGroup());
Entry* entry1 = new Entry();
entry1->setUuid(QUuid::createUuid());
entry1->beginUpdate();
entry1->setTitle("Entry1");
entry1->endUpdate();
entry1->setGroup(sharingGroup);
Entry* entry2 = new Entry();
entry2->setUuid(QUuid::createUuid());
entry2->beginUpdate();
entry2->setTitle("Entry2");
entry2->endUpdate();
entry2->setGroup(sharingGroup);
// prevent from changes introduced by randomization
TestRandom::setup(new RandomBackendNull());
QByteArray bufferOriginal;
{
QBuffer device(&bufferOriginal);
device.open(QIODevice::ReadWrite);
KeePass2Writer writer;
writer.writeDatabase(&device, db.data());
}
QByteArray bufferCopy;
{
QBuffer device(&bufferCopy);
device.open(QIODevice::ReadWrite);
KeePass2Writer writer;
writer.writeDatabase(&device, db.data());
}
QCOMPARE(bufferCopy, bufferOriginal);
}
void TestSharing::testNullObjects()
{
const QString empty;
QXmlStreamReader reader(empty);
const KeeShareSettings::Key nullKey;
QVERIFY(nullKey.isNull());
const KeeShareSettings::Key xmlKey = KeeShareSettings::Key::deserialize(reader);
QVERIFY(xmlKey.isNull());
const KeeShareSettings::Certificate certificate;
QVERIFY(certificate.isNull());
const KeeShareSettings::Certificate xmlCertificate = KeeShareSettings::Certificate::deserialize(reader);
QVERIFY(xmlCertificate.isNull());
const KeeShareSettings::Own own;
QVERIFY(own.isNull());
const KeeShareSettings::Own xmlOwn = KeeShareSettings::Own::deserialize(empty);
QVERIFY(xmlOwn.isNull());
const KeeShareSettings::Active active;
QVERIFY(active.isNull());
const KeeShareSettings::Active xmlActive = KeeShareSettings::Active::deserialize(empty);
QVERIFY(xmlActive.isNull());
const KeeShareSettings::Foreign foreign;
QVERIFY(foreign.isNull());
const KeeShareSettings::Foreign xmlForeign = KeeShareSettings::Foreign::deserialize(empty);
QVERIFY(xmlForeign.isNull());
const KeeShareSettings::Reference reference;
QVERIFY(reference.isNull());
const KeeShareSettings::Reference xmlReference = KeeShareSettings::Reference::deserialize(empty);
QVERIFY(xmlReference.isNull());
}
void TestSharing::testCertificateSerialization()
{
QFETCH(bool, trusted);
const OpenSSHKey& key = stubkey();
KeeShareSettings::Certificate original;
original.key = OpenSSHKey::serializeToBinary(OpenSSHKey::Public, key);
original.signer = "Some <!> &#_\"\" weird string";
original.trusted = trusted;
QString buffer;
QXmlStreamWriter writer(&buffer);
writer.writeStartDocument();
writer.writeStartElement("Certificate");
KeeShareSettings::Certificate::serialize(writer, original);
writer.writeEndElement();
writer.writeEndDocument();
QXmlStreamReader reader(buffer);
reader.readNextStartElement();
QVERIFY(reader.name() == "Certificate");
KeeShareSettings::Certificate restored = KeeShareSettings::Certificate::deserialize(reader);
QCOMPARE(restored.key, original.key);
QCOMPARE(restored.signer, original.signer);
QCOMPARE(restored.trusted, original.trusted);
QCOMPARE(restored.sshKey().publicParts(), key.publicParts());
}
void TestSharing::testCertificateSerialization_data()
{
QTest::addColumn<bool>("trusted");
QTest::newRow("Trusted") << true;
QTest::newRow("Untrusted") << false;
}
void TestSharing::testKeySerialization()
{
const OpenSSHKey& key = stubkey();
KeeShareSettings::Key original;
original.key = OpenSSHKey::serializeToBinary(OpenSSHKey::Private, key);
QString buffer;
QXmlStreamWriter writer(&buffer);
writer.writeStartDocument();
writer.writeStartElement("Key");
KeeShareSettings::Key::serialize(writer, original);
writer.writeEndElement();
writer.writeEndDocument();
QXmlStreamReader reader(buffer);
reader.readNextStartElement();
QVERIFY(reader.name() == "Key");
KeeShareSettings::Key restored = KeeShareSettings::Key::deserialize(reader);
QCOMPARE(restored.key, original.key);
QCOMPARE(restored.sshKey().privateParts(), key.privateParts());
QCOMPARE(restored.sshKey().type(), key.type());
}
void TestSharing::testReferenceSerialization()
{
QFETCH(QString, password);
QFETCH(QString, path);
QFETCH(QUuid, uuid);
QFETCH(int, type);
KeeShareSettings::Reference original;
original.password = password;
original.path = path;
original.uuid = uuid;
original.type = static_cast<KeeShareSettings::Type>(type);
const QString serialized = KeeShareSettings::Reference::serialize(original);
const KeeShareSettings::Reference restored = KeeShareSettings::Reference::deserialize(serialized);
QCOMPARE(restored.password, original.password);
QCOMPARE(restored.path, original.path);
QCOMPARE(restored.uuid, original.uuid);
QCOMPARE(int(restored.type), int(original.type));
}
void TestSharing::testReferenceSerialization_data()
{
QTest::addColumn<QString>("password");
QTest::addColumn<QString>("path");
QTest::addColumn<QUuid>("uuid");
QTest::addColumn<int>("type");
QTest::newRow("1") << "Password" << "/some/path" << QUuid::createUuid() << int(KeeShareSettings::Inactive);
QTest::newRow("2") << "" << "" << QUuid() << int(KeeShareSettings::SynchronizeWith);
QTest::newRow("3") << "" << "/some/path" << QUuid() << int(KeeShareSettings::ExportTo);
}
void TestSharing::testSettingsSerialization()
{
QFETCH(bool, importing);
QFETCH(bool, exporting);
QFETCH(KeeShareSettings::Certificate, ownCertificate);
QFETCH(KeeShareSettings::Key, ownKey);
QFETCH(QList<KeeShareSettings::Certificate>, foreignCertificates);
KeeShareSettings::Own originalOwn;
KeeShareSettings::Foreign originalForeign;
KeeShareSettings::Active originalActive;
originalActive.in = importing;
originalActive.out = exporting;
originalOwn.certificate = ownCertificate;
originalOwn.key = ownKey;
originalForeign.certificates = foreignCertificates;
const QString serializedActive = KeeShareSettings::Active::serialize(originalActive);
KeeShareSettings::Active restoredActive = KeeShareSettings::Active::deserialize(serializedActive);
const QString serializedOwn = KeeShareSettings::Own::serialize(originalOwn);
KeeShareSettings::Own restoredOwn = KeeShareSettings::Own::deserialize(serializedOwn);
const QString serializedForeign = KeeShareSettings::Foreign::serialize(originalForeign);
KeeShareSettings::Foreign restoredForeign = KeeShareSettings::Foreign::deserialize(serializedForeign);
QCOMPARE(restoredActive.in, importing);
QCOMPARE(restoredActive.out, exporting);
QCOMPARE(restoredOwn.certificate.key, ownCertificate.key);
QCOMPARE(restoredOwn.certificate.trusted, ownCertificate.trusted);
QCOMPARE(restoredOwn.key.key, ownKey.key);
QCOMPARE(restoredForeign.certificates.count(), foreignCertificates.count());
for (int i = 0; i < foreignCertificates.count(); ++i) {
QCOMPARE(restoredForeign.certificates[i].key, foreignCertificates[i].key);
}
}
void TestSharing::testSettingsSerialization_data()
{
const OpenSSHKey& sshKey0 = stubkey(0);
KeeShareSettings::Certificate certificate0;
certificate0.key = OpenSSHKey::serializeToBinary(OpenSSHKey::Public, sshKey0);
certificate0.signer = "Some <!> &#_\"\" weird string";
certificate0.trusted = true;
KeeShareSettings::Key key0;
key0.key = OpenSSHKey::serializeToBinary(OpenSSHKey::Private, sshKey0);
const OpenSSHKey& sshKey1 = stubkey(1);
KeeShareSettings::Certificate certificate1;
certificate1.key = OpenSSHKey::serializeToBinary(OpenSSHKey::Public, sshKey1);
certificate1.signer = "Another ";
certificate1.trusted = true;
QTest::addColumn<bool>("importing");
QTest::addColumn<bool>("exporting");
QTest::addColumn<KeeShareSettings::Certificate>("ownCertificate");
QTest::addColumn<KeeShareSettings::Key>("ownKey");
QTest::addColumn<QList<KeeShareSettings::Certificate>>("foreignCertificates");
QTest::newRow("1") << false << false << KeeShareSettings::Certificate() << KeeShareSettings::Key() << QList<KeeShareSettings::Certificate>();
QTest::newRow("2") << true << false << KeeShareSettings::Certificate() << KeeShareSettings::Key() << QList<KeeShareSettings::Certificate>();
QTest::newRow("3") << true << true << KeeShareSettings::Certificate() << KeeShareSettings::Key() << QList<KeeShareSettings::Certificate>({ certificate0, certificate1 });
QTest::newRow("4") << false << true << certificate0 << key0 << QList<KeeShareSettings::Certificate>();
QTest::newRow("5") << false << false << certificate0 << key0 << QList<KeeShareSettings::Certificate>({ certificate1 });
}
const OpenSSHKey& TestSharing::stubkey(int index)
{
static QMap<int, OpenSSHKey*> keys;
if (!keys.contains(index)) {
OpenSSHKey* key = new OpenSSHKey(OpenSSHKey::generate(false));
key->setParent(this);
keys[index] = key;
}
return *keys[index];
}

47
tests/TestSharing.h Normal file
View File

@@ -0,0 +1,47 @@
/*
* Copyright (C) 2018 KeePassXC Team <team@keepassxc.org>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 2 or (at your option)
* version 3 of the License.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef KEEPASSXC_TESTSHARING_H
#define KEEPASSXC_TESTSHARING_H
#include <QObject>
#include <QSharedPointer>
class OpenSSHKey;
class TestSharing : public QObject
{
Q_OBJECT
private slots:
void initTestCase();
void cleanupTestCase();
void testIdempotentDatabaseWriting();
void testNullObjects();
void testCertificateSerialization();
void testCertificateSerialization_data();
void testKeySerialization();
void testReferenceSerialization();
void testReferenceSerialization_data();
void testSettingsSerialization();
void testSettingsSerialization_data();
private:
const OpenSSHKey& stubkey(int iIndex = 0);
};
#endif // KEEPASSXC_TESTSHARING_H

198
tests/TestSignature.cpp Normal file
View File

@@ -0,0 +1,198 @@
/*
* Copyright (C) 2010 Felix Geyer <debfx@fobos.de>
* Copyright (C) 2017 KeePassXC Team <team@keepassxc.org>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 2 or (at your option)
* version 3 of the License.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "TestSignature.h"
#include "TestGlobal.h"
#include <QBuffer>
#include "crypto/Crypto.h"
#include "crypto/ssh/OpenSSHKey.h"
#include "keeshare/Signature.h"
QTEST_GUILESS_MAIN(TestSignature)
static const char* rsa_2_private = "-----BEGIN RSA PRIVATE KEY-----\n"
"MIIEowIBAAKCAQEAwGdladnqFfcDy02Gubx4sdBT8NYEg2YKXfcKLSwca5gV4X7I\n"
"z/+QR51LAfPCkj+QjWpj3DD1/6P7s6jOJ4BNd6CSDukv18DOsIsFn2D+zLmVoir2\n"
"lki3sTsmiEz65KvHE8EnQ8IzZCqZDC40tZOcz2bnkZrmcsEibKoxYsmQJk95NwdR\n"
"teFymp1qH3zq85xdNWw2u6c5CKzLgI5BjInttO98iSxL0KuY/JmzMx0gTbRiqc0x\n"
"22EODtdVsBoNL/pt8v6Q+WLpRg4/Yq7YurAngxk4h38NWvufj2vJvbcRqX4cupcu\n"
"92T9SWwSwZmd4Xy3bt+AUlq4XRMa1MlKfPvXmwIDAQABAoIBAGbWnRD/xaup1OBU\n"
"dr9N6qD3/fXLHqxw3PeudEUCv8oOhxt43bK3IZH1k8LeXFA5I3VCuU9W6BWUu5Mi\n"
"ldXtMPrQ22CW6NiEGLWqCP5QJMCeLUl5d0WKZoyXVhgiNTQGUKjRY8BGy5stXZJy\n"
"HAA1fuooUXu09Jm/ezvjl/P6Uk722nZns4g6cc8aUSQDSVoeuCvwDaix5o4Z4RGY\n"
"4biIKGj5qYxoe+rbgYH/2zlEcAiSJIuqjYY+Xk4IdB89DYZBYnO/xPkRaDeiY2xl\n"
"QM7Inr7PQC8PWJc9zYYvlGnnmIRCkO15mWau70N1Y1rUAsyW61g2GyFhdsIIODH/\n"
"878Kc9ECgYEA+2JaUqRWr6dqE+uVPpGkbGiAaRQ79olTcRmxXCnM+Y3c88z9G7kC\n"
"2S5UKPRDl7EzwmMJqqb8BZbdSWoAxO4++F6ylSz7TqowPw+13Wxwm3wApvr2Q1Mo\n"
"rkq4ltgyHMR+iXvKqOYa2GqZNmRwh7JGLIJ7Y0Z77nwBkkgDc/3ey8MCgYEAw+/N\n"
"fxv2t+r6VKxEtjdy3sfn8LLjiWqghPngJzcYH9NdB8fmMN1WHqX075hbKjI9TyJw\n"
"77p8onjZI0opLexHHUmepEa6Ijo1zynJJ7XPXnyruiTXXqz49io6lFOLcXi/i+DZ\n"
"B2vQcMGWA4qwJxz7KA6EZ/HimjuysV1guvlKf0kCgYA6+JGTvXWQc0eRMLysFuJp\n"
"hAJLpDGE3iYy7AINSskI6dyhXL8rl7UxWYroqJSKq0knGrCT1eRdM0zqAfH4QKOJ\n"
"BD4EfK7ff1EeGgNh1CR+dRJ6GXlXxdRPPrwattDaqsW8Xsvl30UA69DRT7KOQqXv\n"
"nxRu74P3KCP+OuKEfVOcnQKBgQC+/2r1Zj/5huBhW9BbQ/ABBSOuueMeGEfDeIUu\n"
"FQG6PGKqbA2TQp9pnuMGECGGH5UuJ+epeMN36Y/ZW7iKoJGuFg7EGoHlTZMYj6Yb\n"
"xJoRhDwuZy1eiATkicOyxUHf6hHme9dz6YA1+i+O4knWxuR5ZrVhUiRPrrQBO4JI\n"
"oSwiqQKBgHblgOVfOJrG3HDg6bo+qmxQsGFRCD0mehsg9YpokuZVX0UJtGx/RJHU\n"
"vIBL00An6YcNfPTSlNJeG83APtk/tdgsXvQd3pmIkeY78x6xWKSieZXv4lyDv7lX\n"
"r28lCTj2Ez2gEzEohZgf4V1uzBvTdJefarpQ00ep34UZ9FsNfUwD\n"
"-----END RSA PRIVATE KEY-----\n";
static const char* rsa_2_public = "-----BEGIN RSA PUBLIC KEY-----\n"
"MIIBCgKCAQEAwGdladnqFfcDy02Gubx4sdBT8NYEg2YKXfcKLSwca5gV4X7Iz/+Q\n"
"R51LAfPCkj+QjWpj3DD1/6P7s6jOJ4BNd6CSDukv18DOsIsFn2D+zLmVoir2lki3\n"
"sTsmiEz65KvHE8EnQ8IzZCqZDC40tZOcz2bnkZrmcsEibKoxYsmQJk95NwdRteFy\n"
"mp1qH3zq85xdNWw2u6c5CKzLgI5BjInttO98iSxL0KuY/JmzMx0gTbRiqc0x22EO\n"
"DtdVsBoNL/pt8v6Q+WLpRg4/Yq7YurAngxk4h38NWvufj2vJvbcRqX4cupcu92T9\n"
"SWwSwZmd4Xy3bt+AUlq4XRMa1MlKfPvXmwIDAQAB\n"
"-----END RSA PUBLIC KEY-----\n";
static const char* rsa_2_sign = "4fda1b39f93f174cdc79ac2bd6118155359830c90e2c39b60a1a548852f2c87a"
"cd61b2a378259a38befad35dbf208a2c1332ab74faf2cee2ff2e8be49c4c5f41"
"dc10e5a5fafb53d3c54e2b7640d7bfee6bb0f24c5a1fb934150a144c2b465fe4"
"8a1579e666a097fb1609ae9abc5760f6e6d6e73acb610fb11dd1c409ca284a72"
"0be64dd56a28ab257e8721f5bade58816382581ac08d932098dd200d836fe897"
"f78a5f02095ac3b21cca2a47b2afd282ce075c6450cba8c85b08b58c5bacb75d"
"e1a73bdec4321193d4a3ce653d8e3aa8a4f2beac6a44497328f8855f7e28e15d"
"f63b21f8bc7204bf6e202c9cb08be050379be5ad88d8e695a38440a50e75dfdf";
static const char* rsa_1_private = "-----BEGIN RSA PRIVATE KEY-----\n"
"MIIEpAIBAAKCAQEAsCHtJicDPWnvHSIKbnTZaJkIB9vgE0pmLdK580JUqBuonVbB\n"
"y1QTy0ZQ7/TtqvLPgwPK88TR46OLO/QGCzo2+XxgJ85uy0xfuyUYRmSuw0drsErN\n"
"mH8vU91lSBxsGDp9LtBbgHKoR23vMWZ34IxFRc55XphrIH48ijsMaL6bXBwF/3tD\n"
"9T3lm2MpP1huyVNnIY9+GRRWCy4f9LMj/UGu/n4RtwwfpOZBBRwYkq5QkzA9lPm/\n"
"VzF3MP1rKTMkvAw+Nfb383mkmc6MRnsa6uh6iDa9aVB7naegM13UJQX/PY1Ks6pO\n"
"XDpy/MQ7iCh+HmYNq5dRmARyaNl9xIXJNhz1cQIDAQABAoIBAQCnEUc1LUQxeM5K\n"
"wANNCqE+SgoIClPdeHC7fmrLh1ttqe6ib6ybBUFRS31yXs0hnfefunVEDKlaV8K2\n"
"N52UAMAsngFHQNRvGh6kEWeZPd9Xc+N98TZbNCjcT+DGKc+Om8wqH5DrodZlCq4c\n"
"GaoT4HnE4TjWtZTH2XXrWF9I66PKFWf070R44nvyVcvaZi4pC2YmURRPuGF6K1iK\n"
"dH8zM6HHG1UGu2W6hLNn+K01IulG0Lb8eWNaNYMmtQWaxyp7I2IWkkecUs3nCuiR\n"
"byFOoomCjdh8r9yZFvwxjGUhgtkALN9GCU0Mwve+s11IB2gevruN+q9/Qejbyfdm\n"
"IlgLAeTRAoGBANRcVzW9CYeobCf+U9hKJFEOur8XO+J2mTMaELA0EjWpTJFAeIT7\n"
"KeRpCRG4/vOSklxxRF6vP1EACA4Z+5BlN+FTipHHs+bSEgqkPZiiANDH7Zot5Iqv\n"
"1q0fRyldNRZNZK7DWp08BPNVWGA/EnEuKJiURxnxBaxNXbUyMCdjxvMvAoGBANRT\n"
"utbrqS/bAa/DcHKn3V6DRqBl3TDOfvCNjiKC84a67F2uXgzLIdMktr4d1NyCZVJd\n"
"7/zVgWORLIdg1eAi6rYGoOvNV39wwga7CF+m9sBY0wAaKYCELe6L26r4aQHVCX6n\n"
"rnIgUv+4o4itmU2iP0r3wlmDC9pDRQP82vfvQPlfAoGASwhleANW/quvq2HdViq8\n"
"Mje2HBalfhrRfpDTHK8JUBSFjTzuWG42GxJRtgVbb8x2ElujAKGDCaetMO5VSGu7\n"
"Fs5hw6iAFCpdXY0yhl+XUi2R8kwM2EPQ4lKO3jqkq0ClNmqn9a5jQWcCVt9yMLNS\n"
"fLbHeI8EpiCf34ngIcrLXNkCgYEAzlcEZuKkC46xB+dNew8pMTUwSKZVm53BfPKD\n"
"44QRN6imFbBjU9mAaJnwQbfp6dWKs834cGPolyM4++MeVfB42iZ88ksesgmZdUMD\n"
"szkl6O0pOJs0I+HQZVdjRbadDZvD22MHQ3+oST1dJ3FVXz3Cdo9qPuT8esMO6f4r\n"
"qfDH2s8CgYAXC/lWWHQ//PGP0pH4oiEXisx1K0X1u0xMGgrChxBRGRiKZUwNMIvJ\n"
"TqUu7IKizK19cLHF/NBvxHYHFw+m7puNjn6T1RtRCUjRZT7Dx1VHfVosL9ih5DA8\n"
"tpbZA5KGKcvHtB5DDgT0MHwzBZnb4Q//Rhovzn+HXZPsJTTgHHy3NQ==\n"
"-----END RSA PRIVATE KEY-----\n";
static const char* rsa_1_public = "-----BEGIN RSA PUBLIC KEY-----\n"
"MIIBCgKCAQEAsCHtJicDPWnvHSIKbnTZaJkIB9vgE0pmLdK580JUqBuonVbBy1QT\n"
"y0ZQ7/TtqvLPgwPK88TR46OLO/QGCzo2+XxgJ85uy0xfuyUYRmSuw0drsErNmH8v\n"
"U91lSBxsGDp9LtBbgHKoR23vMWZ34IxFRc55XphrIH48ijsMaL6bXBwF/3tD9T3l\n"
"m2MpP1huyVNnIY9+GRRWCy4f9LMj/UGu/n4RtwwfpOZBBRwYkq5QkzA9lPm/VzF3\n"
"MP1rKTMkvAw+Nfb383mkmc6MRnsa6uh6iDa9aVB7naegM13UJQX/PY1Ks6pOXDpy\n"
"/MQ7iCh+HmYNq5dRmARyaNl9xIXJNhz1cQIDAQAB\n"
"-----END RSA PUBLIC KEY-----\n";
static QByteArray data("Some trivial test with a longer .... ................................. longer text");
void TestSignature::initTestCase()
{
QVERIFY(Crypto::init());
}
void TestSignature::testSigningOpenSSH_RSA_PrivateOnly()
{
OpenSSHKey privateKey;
privateKey.parsePKCS1PEM(rsa_2_private);
privateKey.openKey(QString());
QCOMPARE(privateKey.fingerprint(), QString("SHA256:ZAQ/W1QdW59OaIh/0hs3ePl2og5TjXnGX5L0iN7WtNA"));
Signature signer;
const QString sign = signer.create(data, privateKey);
QVERIFY(!sign.isEmpty());
QCOMPARE(sign, QString("rsa|%1").arg(QString::fromLatin1(rsa_2_sign)));
Signature verifier;
const bool verified = verifier.verify(data, sign, privateKey);
QCOMPARE(verified, true);
}
void TestSignature::testSigningOpenSSH_RSA()
{
OpenSSHKey privateKey;
privateKey.parsePKCS1PEM(rsa_2_private);
privateKey.openKey(QString());
QCOMPARE(privateKey.fingerprint(), QString("SHA256:ZAQ/W1QdW59OaIh/0hs3ePl2og5TjXnGX5L0iN7WtNA"));
Signature signer;
const QString sign = signer.create(data, privateKey);
QVERIFY(!sign.isEmpty());
OpenSSHKey publicKey;
publicKey.parsePKCS1PEM(rsa_2_public);
publicKey.openKey(QString());
QCOMPARE(publicKey.fingerprint(), QString("SHA256:ZAQ/W1QdW59OaIh/0hs3ePl2og5TjXnGX5L0iN7WtNA"));
Signature verifier;
const bool verified = verifier.verify(data, sign, publicKey);
QCOMPARE(verified, true);
}
void TestSignature::testSigningGenerated_RSA_PrivateOnly()
{
OpenSSHKey privateKey = OpenSSHKey::generate(false);
privateKey.openKey(QString());
Signature signer;
const QString sign = signer.create(data, privateKey);
QVERIFY(!sign.isEmpty());
Signature verifier;
const bool verified = verifier.verify(data, sign, privateKey);
QCOMPARE(verified, true);
}
void TestSignature::testSigningTest_RSA_PrivateOnly()
{
OpenSSHKey privateKey;
privateKey.parsePKCS1PEM(rsa_1_private);
privateKey.openKey(QString());
QCOMPARE(privateKey.fingerprint(), QString("SHA256:DYdaZciYNxCejr+/8x+OKYxeTU1D5UsuIFUG4PWRFkk"));
Signature signer;
const QString sign = signer.create(data, privateKey);
QVERIFY(!sign.isEmpty());
Signature verifier;
const bool verified = verifier.verify(data, sign, privateKey);
QCOMPARE(verified, true);
}
void TestSignature::testSigningTest_RSA()
{
OpenSSHKey privateKey;
privateKey.parsePKCS1PEM(rsa_1_private);
privateKey.openKey(QString());
QCOMPARE(privateKey.fingerprint(), QString("SHA256:DYdaZciYNxCejr+/8x+OKYxeTU1D5UsuIFUG4PWRFkk"));
Signature signer;
const QString sign = signer.create(data, privateKey);
QVERIFY(!sign.isEmpty());
OpenSSHKey publicKey;
publicKey.parsePKCS1PEM(rsa_1_public);
publicKey.openKey(QString());
QCOMPARE(publicKey.fingerprint(), QString("SHA256:DYdaZciYNxCejr+/8x+OKYxeTU1D5UsuIFUG4PWRFkk"));
Signature verifier;
const bool verified = verifier.verify(data, sign, publicKey);
QCOMPARE(verified, true);
}

40
tests/TestSignature.h Normal file
View File

@@ -0,0 +1,40 @@
/*
* Copyright (C) 2010 Felix Geyer <debfx@fobos.de>
* Copyright (C) 2017 KeePassXC Team <team@keepassxc.org>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 2 or (at your option)
* version 3 of the License.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef KEEPASSXC_TESTSIGNATURE_H
#define KEEPASSXC_TESTSIGNATURE_H
#include <QObject>
class TestSignature : public QObject
{
Q_OBJECT
private slots:
void initTestCase();
void testSigningOpenSSH_RSA_PrivateOnly();
void testSigningOpenSSH_RSA();
void testSigningGenerated_RSA_PrivateOnly();
void testSigningTest_RSA_PrivateOnly();
void testSigningTest_RSA();
};
#endif // KEEPASSX_TESTSIGNATURE_H

62
tests/stub/TestRandom.cpp Normal file
View File

@@ -0,0 +1,62 @@
/*
* Copyright (C) 2018 KeePassXC Team <team@keepassxc.org>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 2 or (at your option)
* version 3 of the License.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "TestRandom.h"
#include "TestGlobal.h"
RandomBackendPreset::RandomBackendPreset()
: m_bytesIndex(0)
{
}
void RandomBackendPreset::randomize(void* data, int len)
{
QVERIFY(len <= (m_nextBytes.size() - m_bytesIndex));
char* charData = reinterpret_cast<char*>(data);
for (int i = 0; i < len; i++) {
charData[i] = m_nextBytes[m_bytesIndex + i];
}
m_bytesIndex += len;
}
void RandomBackendPreset::setNextBytes(const QByteArray& nextBytes)
{
m_nextBytes = nextBytes;
m_bytesIndex = 0;
}
void TestRandom::setup(RandomBackend* backend)
{
Random::setInstance(backend);
}
void TestRandom::teardown()
{
Random::resetInstance();
}
void RandomBackendNull::randomize(void* data, int len)
{
char* charData = reinterpret_cast<char*>(data);
for (int i = 0; i < len; i++) {
charData[i] = '\0';
}
}

48
tests/stub/TestRandom.h Normal file
View File

@@ -0,0 +1,48 @@
/*
* Copyright (C) 2018 KeePassXC Team <team@keepassxc.org>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 2 or (at your option)
* version 3 of the License.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef KEEPASSXC_TESTRANDOM_H
#define KEEPASSXC_TESTRANDOM_H
#include "crypto/Random.h"
class RandomBackendPreset : public RandomBackend
{
public:
RandomBackendPreset();
void randomize(void* data, int len) override;
void setNextBytes(const QByteArray& nextBytes);
private:
QByteArray m_nextBytes;
int m_bytesIndex;
};
class RandomBackendNull : public RandomBackend
{
public:
void randomize(void* data, int len) override;
};
class TestRandom : public Random
{
public:
static void setup(RandomBackend* backend);
static void teardown();
};
#endif // KEEPASSXC_TESTRANDOM_H