[test suite] added backwards compatibility test for truncated keys longer > 16 chars

2013-06-02 21:19:19 -04:00 · 2013-06-02 21:19:19 -04:00 · 164888e075
commit 164888e075
parent 2874205d05
3 changed files with 32 additions and 0 deletions
--- a/test/conf/legacy_iv_long_key_access.conf
+++ b/test/conf/legacy_iv_long_key_access.conf
@ -0,0 +1,4 @@
+SOURCE                  ANY
+KEY                     1234567890123456
+FW_ACCESS_TIMEOUT       3
+ENCRYPTION_MODE         legacy
--- a/test/test-fwknop.pl
+++ b/test/test-fwknop.pl
@ -80,6 +80,7 @@ our %cf = (
    'gpg_access'                   => "$conf_dir/gpg_access.conf",
    'gpg_hmac_access'              => "$conf_dir/gpg_hmac_access.conf",
    'legacy_iv_access'             => "$conf_dir/legacy_iv_access.conf",
+    'legacy_iv_long_key_access'    => "$conf_dir/legacy_iv_long_key_access.conf",
    'gpg_no_pw_access'             => "$conf_dir/gpg_no_pw_access.conf",
    'gpg_no_pw_hmac_access'        => "$conf_dir/gpg_no_pw_hmac_access.conf",
    'tcp_server'                   => "$conf_dir/tcp_server_fwknopd.conf",
--- a/test/tests/rijndael_backwards_compatibility.pl
+++ b/test/tests/rijndael_backwards_compatibility.pl
@ -88,6 +88,33 @@
        'fw_rule_removed' => $NEW_RULE_REMOVED,
        'fatal'    => $NO
    },
+
+    ### This test helps with backwards compatibility for the corner
+    ### case where an SPA client pre-2.5 uses a password longer than 16 chars
+    ### which gets truncated to just 16 chars (this bug was fixed in the 2.5
+    ### development series).  The SPA packet itself was generated by fwknop
+    ### 2.0.4 with a pass phrase of '12345678901234567890', and this can be
+    ### decrypted with the legacy encryption mode setting in fwknop-2.5 as
+    ### long as the key in the access.conf file has been truncated to 16
+    ### chars.
+    {
+        'category' => 'Rijndael',
+        'subcategory' => 'client->server backwards compat.',
+        'detail'   => 'v2.0.4 truncated key',
+        'function' => \&backwards_compatibility,
+        'pkt' =>
+            '8nypBDKbDQZ2w6mTAB5xqOmNcoCWfhkIfqb6Ybuc101TZ+VbT+QjtREn2F2ff' .
+            'bL7PclPqPaGOrDeUCyMERFAkO/InryQUYtNlwnjcQdo15+JewnPj8XMDEtmvM' .
+            'jBZ7GmmG3WabIHzHcIi1xsBvoAwYCtxOH+GivVA',
+        'server_positive_output_matches' => [qr/with expire time/],
+        'fwknopd_cmdline'  => "LD_LIBRARY_PATH=$lib_dir $valgrind_str " .
+            "$fwknopdCmd -c $cf{'disable_aging'} -a $cf{'legacy_iv_long_key_access'} " .
+            "-d $default_digest_file -p $default_pid_file $intf_str",
+        'fw_rule_created' => $NEW_RULE_REQUIRED,
+        'fw_rule_removed' => $NEW_RULE_REMOVED,
+        'fatal'    => $NO
+    },
+
    {
        'category' => 'Rijndael',
        'subcategory' => 'Android compatibility',