diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 03:32:49 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 03:32:49 +0000 |
commit | 8053187731ae8e3eb368d8360989cf5fd6eed9f7 (patch) | |
tree | 32bada84ff5d7460cdf3934fcbdbe770d6afe4cd /src/tests/issues | |
parent | Initial commit. (diff) | |
download | rnp-8053187731ae8e3eb368d8360989cf5fd6eed9f7.tar.xz rnp-8053187731ae8e3eb368d8360989cf5fd6eed9f7.zip |
Adding upstream version 0.17.0.upstream/0.17.0
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/tests/issues')
-rw-r--r-- | src/tests/issues/1030.cpp | 78 | ||||
-rw-r--r-- | src/tests/issues/1115.cpp | 47 | ||||
-rw-r--r-- | src/tests/issues/1171.cpp | 65 | ||||
-rw-r--r-- | src/tests/issues/oss-fuzz-25489.cpp | 68 |
4 files changed, 258 insertions, 0 deletions
diff --git a/src/tests/issues/1030.cpp b/src/tests/issues/1030.cpp new file mode 100644 index 0000000..692db5a --- /dev/null +++ b/src/tests/issues/1030.cpp @@ -0,0 +1,78 @@ +/* + * Copyright (c) 2020 [Ribose Inc](https://www.ribose.com). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "../rnp_tests.h" +#include "../support.h" + +static void +test_issue_1030(const char *keystore) +{ + int pipefd[2] = {-1, -1}; + cli_rnp_t rnp = {}; + const char *userid = "user"; + size_t keycount = 0; + + char *home = make_temp_dir(); + assert_true(setup_cli_rnp_common(&rnp, keystore, home, pipefd)); + cli_set_default_rsa_key_desc(rnp.cfg(), "SHA256"); + assert_true(cli_rnp_generate_key(&rnp, userid)); + + assert_true(rnp.load_keyrings(true)); + assert_rnp_success(rnp_get_public_key_count(rnp.ffi, &keycount)); + assert_int_equal(keycount, 2); + assert_rnp_success(rnp_get_secret_key_count(rnp.ffi, &keycount)); + assert_int_equal(keycount, 2); + + std::vector<rnp_key_handle_t> keys; + assert_true(cli_rnp_keys_matching_string(&rnp, keys, userid, CLI_SEARCH_SUBKEYS_AFTER)); + assert_int_equal(keys.size(), 2); + clear_key_handles(keys); + + assert_true(cli_rnp_keys_matching_string( + &rnp, keys, userid, CLI_SEARCH_SECRET | CLI_SEARCH_SUBKEYS_AFTER)); + assert_int_equal(keys.size(), 2); + for (auto key : keys) { + bool is_protected = false; + assert_rnp_success(rnp_key_is_protected(key, &is_protected)); + assert_true(is_protected); + } + clear_key_handles(keys); + + // done + if (pipefd[0] != -1) { + close(pipefd[0]); + } + rnp.end(); + clean_temp_dir(home); + free(home); +} + +TEST_F(rnp_tests, issue_1030_rnpkeys_secret_keys_unprotected) +{ + for (auto keystore : {RNP_KEYSTORE_GPG, RNP_KEYSTORE_GPG21, RNP_KEYSTORE_KBX}) { + test_issue_1030(keystore); + } +} diff --git a/src/tests/issues/1115.cpp b/src/tests/issues/1115.cpp new file mode 100644 index 0000000..2f9bb45 --- /dev/null +++ b/src/tests/issues/1115.cpp @@ -0,0 +1,47 @@ +/* + * Copyright (c) 2020 [Ribose Inc](https://www.ribose.com). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "../rnp_tests.h" +#include "../support.h" + +TEST_F(rnp_tests, test_issue_1115) +{ + rnp_ffi_t ffi = NULL; + rnp_input_t input = NULL; + + assert_rnp_success(rnp_ffi_create(&ffi, "GPG", "GPG")); + assert_rnp_success( + rnp_input_from_path(&input, "data/test_key_validity/case9/pubring.gpg")); + assert_rnp_success(rnp_import_keys(ffi, input, RNP_LOAD_SAVE_PUBLIC_KEYS, NULL)); + assert_rnp_success(rnp_input_destroy(input)); + rnp_key_handle_t key = NULL; + assert_rnp_success(rnp_locate_key(ffi, "userid", "Alice <alice@rnp>", &key)); + uint32_t expiry = 0; + assert_rnp_success(rnp_key_get_expiration(key, &expiry)); + assert_int_equal(expiry, 0); + assert_rnp_success(rnp_key_handle_destroy(key)); + assert_rnp_success(rnp_ffi_destroy(ffi)); +} diff --git a/src/tests/issues/1171.cpp b/src/tests/issues/1171.cpp new file mode 100644 index 0000000..e5e9e19 --- /dev/null +++ b/src/tests/issues/1171.cpp @@ -0,0 +1,65 @@ +/* + * Copyright (c) 2020 [Ribose Inc](https://www.ribose.com). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "../rnp_tests.h" +#include "../support.h" +#include <librepgp/stream-ctx.h> +#include "pgp-key.h" +#include "ffi-priv-types.h" + +TEST_F(rnp_tests, test_issue_1171_key_import_and_remove) +{ + rnp_ffi_t ffi = NULL; + assert_rnp_success(rnp_ffi_create(&ffi, "GPG", "GPG")); + assert_true(import_pub_keys(ffi, "data/test_key_validity/alice-sub-pub.pgp")); + + rnp_key_handle_t key = NULL; + assert_rnp_success( + rnp_locate_key(ffi, "grip", "3E3D52A346F0AD47754611B078117C240ED237E9", &key)); + assert_non_null(key); + assert_rnp_success(rnp_key_remove(key, RNP_KEY_REMOVE_PUBLIC)); + assert_rnp_success(rnp_key_handle_destroy(key)); + + assert_rnp_success( + rnp_locate_key(ffi, "grip", "3E3D52A346F0AD47754611B078117C240ED237E9", &key)); + assert_null(key); + + assert_rnp_success( + rnp_locate_key(ffi, "grip", "128E494F41F107E119AA1EEF7850C375A804341C", &key)); + assert_non_null(key); + uint32_t bits = 0; + assert_rnp_success(rnp_key_get_bits(key, &bits)); + assert_int_equal(bits, 256); + + /* directly use rnp_tests_get_key_by_grip() which caused crash */ + pgp_key_t *subkey = rnp_tests_get_key_by_grip(ffi->pubring, key->pub->grip()); + assert_int_equal(subkey->material().bits(), 256); + assert_rnp_success(rnp_key_handle_destroy(key)); + + assert_true(import_pub_keys(ffi, "data/test_key_validity/alice-sub-pub.pgp")); + + rnp_ffi_destroy(ffi); +} diff --git a/src/tests/issues/oss-fuzz-25489.cpp b/src/tests/issues/oss-fuzz-25489.cpp new file mode 100644 index 0000000..6e22df1 --- /dev/null +++ b/src/tests/issues/oss-fuzz-25489.cpp @@ -0,0 +1,68 @@ +/* + * Copyright (c) 2020 [Ribose Inc](https://www.ribose.com). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "../rnp_tests.h" +#include "../support.h" +#include "librekey/g23_sexp.hpp" + +TEST_F(rnp_tests, test_sxp_depth) +{ + gnupg_sexp_t sxp = {}; + const char * bytes; + size_t len; + auto mksxp = [](size_t depth) { + std::string data; + for (size_t i = 0; i < depth; i++) { + data += "(1:a"; + } + for (size_t i = 0; i < depth; i++) { + data += ")"; + } + return data; + }; + + { + std::string data(mksxp(1)); + bytes = &data[0]; + len = data.size(); + gnupg_sexp_t sexp; + assert_true(sexp.parse(bytes, len, SXP_MAX_DEPTH)); + } + { + std::string data(mksxp(SXP_MAX_DEPTH)); + bytes = &data[0]; + len = data.size(); + gnupg_sexp_t sexp; + assert_true(sexp.parse(bytes, len, SXP_MAX_DEPTH)); + } + { + std::string data(mksxp(SXP_MAX_DEPTH + 1)); + bytes = &data[0]; + len = data.size(); + gnupg_sexp_t sexp; + assert_false(sexp.parse(bytes, len, SXP_MAX_DEPTH)); + } +} |