diff options
Diffstat (limited to 'test/core')
-rw-r--r-- | test/core/security/base64_test.c | 185 | ||||
-rw-r--r-- | test/core/security/json_token_test.c | 210 |
2 files changed, 395 insertions, 0 deletions
diff --git a/test/core/security/base64_test.c b/test/core/security/base64_test.c new file mode 100644 index 0000000000..b3ba491a34 --- /dev/null +++ b/test/core/security/base64_test.c @@ -0,0 +1,185 @@ +/* + * + * Copyright 2014, Google Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are + * met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following disclaimer + * in the documentation and/or other materials provided with the + * distribution. + * * Neither the name of Google Inc. nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#include "src/core/security/base64.h" + +#include <string.h> + +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> +#include <grpc/support/slice.h> +#include "test/core/util/test_config.h" + +static int buffers_are_equal(const unsigned char *buf1, + const unsigned char *buf2, size_t size) { + size_t i; + for (i = 0; i < size; i++) { + if (buf1[i] != buf2[i]) { + gpr_log(GPR_ERROR, "buf1 and buf2 differ: buf1[%d] = %x vs buf2[%d] = %x", + (int)i, buf1[i], (int)i, buf2[i]); + return 0; + } + } + return 1; +} +static void test_simple_encode_decode_b64(int url_safe, int multiline) { + const char *hello = "hello"; + char *hello_b64 = + grpc_base64_encode(hello, strlen(hello), url_safe, multiline); + gpr_slice hello_slice = grpc_base64_decode(hello_b64, url_safe); + GPR_ASSERT(GPR_SLICE_LENGTH(hello_slice) == strlen(hello)); + GPR_ASSERT(!strncmp((const char *)GPR_SLICE_START_PTR(hello_slice), hello, + GPR_SLICE_LENGTH(hello_slice))); + + gpr_slice_unref(hello_slice); + gpr_free(hello_b64); +} + +static void test_full_range_encode_decode_b64(int url_safe, int multiline) { + unsigned char orig[256]; + size_t i; + char *b64; + gpr_slice orig_decoded; + for (i = 0; i < sizeof(orig); i++) orig[i] = (char)i; + + /* Try all the different paddings. */ + for (i = 0; i < 3; i++) { + b64 = grpc_base64_encode(orig, sizeof(orig) - i, url_safe, multiline); + orig_decoded = grpc_base64_decode(b64, url_safe); + GPR_ASSERT(GPR_SLICE_LENGTH(orig_decoded) == (sizeof(orig) - i)); + GPR_ASSERT(buffers_are_equal(orig, GPR_SLICE_START_PTR(orig_decoded), + sizeof(orig) - i)); + gpr_slice_unref(orig_decoded); + gpr_free(b64); + } +} + +static void test_simple_encode_decode_b64_no_multiline(void) { + test_simple_encode_decode_b64(0, 0); +} + +static void test_simple_encode_decode_b64_multiline(void) { + test_simple_encode_decode_b64(0, 1); +} + +static void test_simple_encode_decode_b64_urlsafe_no_multiline(void) { + test_simple_encode_decode_b64(1, 0); +} + +static void test_simple_encode_decode_b64_urlsafe_multiline(void) { + test_simple_encode_decode_b64(1, 1); +} + +static void test_full_range_encode_decode_b64_no_multiline(void) { + test_full_range_encode_decode_b64(0, 0); +} + +static void test_full_range_encode_decode_b64_multiline(void) { + test_full_range_encode_decode_b64(0, 1); +} + +static void test_full_range_encode_decode_b64_urlsafe_no_multiline(void) { + test_full_range_encode_decode_b64(1, 0); +} + +static void test_full_range_encode_decode_b64_urlsafe_multiline(void) { + test_full_range_encode_decode_b64(1, 1); +} + +static void test_url_safe_unsafe_mismtach_failure(void) { + unsigned char orig[256]; + size_t i; + char *b64; + gpr_slice orig_decoded; + int url_safe = 1; + for (i = 0; i < sizeof(orig); i++) orig[i] = (char)i; + + b64 = grpc_base64_encode(orig, sizeof(orig), url_safe, 0); + orig_decoded = grpc_base64_decode(b64, !url_safe); + GPR_ASSERT(GPR_SLICE_IS_EMPTY(orig_decoded)); + gpr_free(b64); + gpr_slice_unref(orig_decoded); + + b64 = grpc_base64_encode(orig, sizeof(orig), !url_safe, 0); + orig_decoded = grpc_base64_decode(b64, url_safe); + GPR_ASSERT(GPR_SLICE_IS_EMPTY(orig_decoded)); + gpr_free(b64); + gpr_slice_unref(orig_decoded); +} + +static void test_rfc4648_test_vectors(void) { + char *b64; + + b64 = grpc_base64_encode("", 0, 0, 0); + GPR_ASSERT(!strcmp("", b64)); + gpr_free(b64); + + b64 = grpc_base64_encode("f", 1, 0, 0); + GPR_ASSERT(!strcmp("Zg==", b64)); + gpr_free(b64); + + b64 = grpc_base64_encode("fo", 2, 0, 0); + GPR_ASSERT(!strcmp("Zm8=", b64)); + gpr_free(b64); + + b64 = grpc_base64_encode("foo", 3, 0, 0); + GPR_ASSERT(!strcmp("Zm9v", b64)); + gpr_free(b64); + + b64 = grpc_base64_encode("foob", 4, 0, 0); + GPR_ASSERT(!strcmp("Zm9vYg==", b64)); + gpr_free(b64); + + b64 = grpc_base64_encode("fooba", 5, 0, 0); + GPR_ASSERT(!strcmp("Zm9vYmE=", b64)); + gpr_free(b64); + + b64 = grpc_base64_encode("foobar", 6, 0, 0); + GPR_ASSERT(!strcmp("Zm9vYmFy", b64)); + gpr_free(b64); +} + +int main(int argc, char **argv) { + grpc_test_init(argc, argv); + test_simple_encode_decode_b64_no_multiline(); + test_simple_encode_decode_b64_multiline(); + test_simple_encode_decode_b64_urlsafe_no_multiline(); + test_simple_encode_decode_b64_urlsafe_multiline(); + test_full_range_encode_decode_b64_no_multiline(); + test_full_range_encode_decode_b64_multiline(); + test_full_range_encode_decode_b64_urlsafe_no_multiline(); + test_full_range_encode_decode_b64_urlsafe_multiline(); + test_url_safe_unsafe_mismtach_failure(); + test_rfc4648_test_vectors(); + return 0; +} diff --git a/test/core/security/json_token_test.c b/test/core/security/json_token_test.c new file mode 100644 index 0000000000..bb36f786c4 --- /dev/null +++ b/test/core/security/json_token_test.c @@ -0,0 +1,210 @@ +/* + * + * Copyright 2014, Google Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are + * met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following disclaimer + * in the documentation and/or other materials provided with the + * distribution. + * * Neither the name of Google Inc. nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#include "src/core/security/json_token.h" + +#include <string.h> + +#include <grpc/support/alloc.h> +#include <grpc/support/log.h> +#include <grpc/support/slice.h> +#include "test/core/util/test_config.h" + +/* This JSON key was generated with the GCE console and revoked immediately. + The identifiers have been changed as well. + Maximum size for a string literal is 509 chars in C89, yay! */ +static const char test_json_key_str_part1[] = + "{ \"private_key\": \"-----BEGIN PRIVATE KEY-----" + "\nMIICeAIBADANBgkqhkiG9w0BAQEFAASCAmIwggJeAgEAAoGBAOEvJsnoHnyHkXcp\n7mJEqg" + "WGjiw71NfXByguekSKho65FxaGbsnSM9SMQAqVk7Q2rG+I0OpsT0LrWQtZ\nyjSeg/" + "rWBQvS4hle4LfijkP3J5BG+" + "IXDMP8RfziNRQsenAXDNPkY4kJCvKux2xdD\nOnVF6N7dL3nTYZg+" + "uQrNsMTz9UxVAgMBAAECgYEAzbLewe1xe9vy+2GoSsfib+28\nDZgSE6Bu/" + "zuFoPrRc6qL9p2SsnV7txrunTyJkkOnPLND9ABAXybRTlcVKP/sGgza\n/" + "8HpCqFYM9V8f34SBWfD4fRFT+n/" + "73cfRUtGXdXpseva2lh8RilIQfPhNZAncenU\ngqXjDvpkypEusgXAykECQQD+"; +static const char test_json_key_str_part2[] = + "53XxNVnxBHsYb+AYEfklR96yVi8HywjVHP34+OQZ\nCslxoHQM8s+" + "dBnjfScLu22JqkPv04xyxmt0QAKm9+vTdAkEA4ib7YvEAn2jXzcCI\nEkoy2L/" + "XydR1GCHoacdfdAwiL2npOdnbvi4ZmdYRPY1LSTO058tQHKVXV7NLeCa3\nAARh2QJBAMKeDAG" + "W303SQv2cZTdbeaLKJbB5drz3eo3j7dDKjrTD9JupixFbzcGw\n8FZi5c8idxiwC36kbAL6HzA" + "ZoX+ofI0CQE6KCzPJTtYNqyShgKAZdJ8hwOcvCZtf\n6z8RJm0+" + "6YBd38lfh5j8mZd7aHFf6I17j5AQY7oPEc47TjJj/" + "5nZ68ECQQDvYuI3\nLyK5fS8g0SYbmPOL9TlcHDOqwG0mrX9qpg5DC2fniXNSrrZ64GTDKdzZY" + "Ap6LI9W\nIqv4vr6y38N79TTC\n-----END PRIVATE KEY-----\n\", "; +static const char test_json_key_str_part3[] = + "\"private_key_id\": \"e6b5137873db8d2ef81e06a47289e6434ec8a165\", " + "\"client_email\": " + "\"777-abaslkan11hlb6nmim3bpspl31ud@developer.gserviceaccount." + "com\", \"client_id\": " + "\"777-abaslkan11hlb6nmim3bpspl31ud.apps.googleusercontent." + "com\", \"type\": \"service_account\" }"; + +static char *test_json_key_str(const char *bad_part3) { + const char *part3 = bad_part3 != NULL ? bad_part3 : test_json_key_str_part3; + size_t result_len = strlen(test_json_key_str_part1) + + strlen(test_json_key_str_part2) + strlen(part3); + char *result = gpr_malloc(result_len + 1); + char *current = result; + strcpy(result, test_json_key_str_part1); + current += strlen(test_json_key_str_part1); + strcpy(current, test_json_key_str_part2); + current += strlen(test_json_key_str_part2); + strcpy(current, part3); + return result; +} + +static void test_parse_json_key_success() { + char *json_string = test_json_key_str(NULL); + grpc_auth_json_key json_key = + grpc_auth_json_key_create_from_string(json_string); + GPR_ASSERT(grpc_auth_json_key_is_valid(&json_key)); + GPR_ASSERT(json_key.type != NULL && + !(strcmp(json_key.type, "service_account"))); + GPR_ASSERT(json_key.private_key_id != NULL && + !strcmp(json_key.private_key_id, + "e6b5137873db8d2ef81e06a47289e6434ec8a165")); + GPR_ASSERT(json_key.client_id != NULL && + !strcmp(json_key.client_id, + "777-abaslkan11hlb6nmim3bpspl31ud.apps." + "googleusercontent.com")); + GPR_ASSERT(json_key.client_email != NULL && + !strcmp(json_key.client_email, + "777-abaslkan11hlb6nmim3bpspl31ud@developer." + "gserviceaccount.com")); + GPR_ASSERT(json_key.private_key != NULL); + gpr_free(json_string); + grpc_auth_json_key_destruct(&json_key); +} + +static void test_parse_json_key_failure_bad_json() { + const char non_closing_part3[] = + "\"private_key_id\": \"e6b5137873db8d2ef81e06a47289e6434ec8a165\", " + "\"client_email\": " + "\"777-abaslkan11hlb6nmim3bpspl31ud@developer.gserviceaccount." + "com\", \"client_id\": " + "\"777-abaslkan11hlb6nmim3bpspl31ud.apps.googleusercontent." + "com\", \"type\": \"service_account\" "; + char *json_string = test_json_key_str(non_closing_part3); + grpc_auth_json_key json_key = + grpc_auth_json_key_create_from_string(json_string); + GPR_ASSERT(!grpc_auth_json_key_is_valid(&json_key)); + gpr_free(json_string); + grpc_auth_json_key_destruct(&json_key); +} + +static void test_parse_json_key_failure_no_type() { + const char no_type_part3[] = + "\"private_key_id\": \"e6b5137873db8d2ef81e06a47289e6434ec8a165\", " + "\"client_email\": " + "\"777-abaslkan11hlb6nmim3bpspl31ud@developer.gserviceaccount." + "com\", \"client_id\": " + "\"777-abaslkan11hlb6nmim3bpspl31ud.apps.googleusercontent." + "com\" }"; + char *json_string = test_json_key_str(no_type_part3); + grpc_auth_json_key json_key = + grpc_auth_json_key_create_from_string(json_string); + GPR_ASSERT(!grpc_auth_json_key_is_valid(&json_key)); + gpr_free(json_string); + grpc_auth_json_key_destruct(&json_key); +} + +static void test_parse_json_key_failure_no_client_id() { + const char no_client_id_part3[] = + "\"private_key_id\": \"e6b5137873db8d2ef81e06a47289e6434ec8a165\", " + "\"client_email\": " + "\"777-abaslkan11hlb6nmim3bpspl31ud@developer.gserviceaccount." + "com\", " + "\"type\": \"service_account\" }"; + char *json_string = test_json_key_str(no_client_id_part3); + grpc_auth_json_key json_key = + grpc_auth_json_key_create_from_string(json_string); + GPR_ASSERT(!grpc_auth_json_key_is_valid(&json_key)); + gpr_free(json_string); + grpc_auth_json_key_destruct(&json_key); +} + +static void test_parse_json_key_failure_no_client_email() { + const char no_client_email_part3[] = + "\"private_key_id\": \"e6b5137873db8d2ef81e06a47289e6434ec8a165\", " + "\"client_id\": " + "\"777-abaslkan11hlb6nmim3bpspl31ud.apps.googleusercontent." + "com\", \"type\": \"service_account\" }"; + char *json_string = test_json_key_str(no_client_email_part3); + grpc_auth_json_key json_key = + grpc_auth_json_key_create_from_string(json_string); + GPR_ASSERT(!grpc_auth_json_key_is_valid(&json_key)); + gpr_free(json_string); + grpc_auth_json_key_destruct(&json_key); +} + +static void test_parse_json_key_failure_no_private_key_id() { + const char no_private_key_id_part3[] = + "\"client_email\": " + "\"777-abaslkan11hlb6nmim3bpspl31ud@developer.gserviceaccount." + "com\", \"client_id\": " + "\"777-abaslkan11hlb6nmim3bpspl31ud.apps.googleusercontent." + "com\", \"type\": \"service_account\" }"; + char *json_string = test_json_key_str(no_private_key_id_part3); + grpc_auth_json_key json_key = + grpc_auth_json_key_create_from_string(json_string); + GPR_ASSERT(!grpc_auth_json_key_is_valid(&json_key)); + gpr_free(json_string); + grpc_auth_json_key_destruct(&json_key); +} + +static void test_parse_json_key_failure_no_private_key() { + const char no_private_key_json_string[] = + "{ \"private_key_id\": \"e6b5137873db8d2ef81e06a47289e6434ec8a165\", " + "\"client_email\": " + "\"777-abaslkan11hlb6nmim3bpspl31ud@developer.gserviceaccount." + "com\", \"client_id\": " + "\"777-abaslkan11hlb6nmim3bpspl31ud.apps.googleusercontent." + "com\", \"type\": \"service_account\" }"; + grpc_auth_json_key json_key = + grpc_auth_json_key_create_from_string(no_private_key_json_string); + GPR_ASSERT(!grpc_auth_json_key_is_valid(&json_key)); + grpc_auth_json_key_destruct(&json_key); +} + +int main(int argc, char **argv) { + grpc_test_init(argc, argv); + test_parse_json_key_success(); + test_parse_json_key_failure_bad_json(); + test_parse_json_key_failure_no_type(); + test_parse_json_key_failure_no_client_id(); + test_parse_json_key_failure_no_client_email(); + test_parse_json_key_failure_no_private_key_id(); + test_parse_json_key_failure_no_private_key(); + return 0; +} |