[test suite] [client] added --key-gen and --key-gen-file tests
This commit is contained in:
Michael Rash
parent
16348aaccd
commit
ab52476bfc
@ -801,6 +801,10 @@ config_init(fko_cli_options_t *options, int argc, char **argv)
|
||||
case 'k':
|
||||
options->key_gen = 1;
|
||||
break;
|
||||
case 'K':
|
||||
options->key_gen = 1;
|
||||
strlcpy(options->key_gen_file, optarg, MAX_PATH_LEN);
|
||||
break;
|
||||
case 'l':
|
||||
options->run_last_command = 1;
|
||||
break;
|
||||
@ -1008,6 +1012,9 @@ usage(void)
|
||||
" line args as the last time it was executed\n"
|
||||
" (args are read from the ~/.fwknop.run file).\n"
|
||||
" -G, --get-key Load an encryption key/password from a file.\n"
|
||||
" -k, --key-gen Generate SPA Rijndael + HMAC keys.\n"
|
||||
" -K, --key-gen-file Write generated Rijndael + HMAC keys to a\n"
|
||||
" file\n"
|
||||
" -r, --rand-port Send the SPA packet over a randomly assigned\n"
|
||||
" port (requires a broader pcap filter on the\n"
|
||||
" server side than the default of udp 62201).\n"
|
||||
|
||||
@ -61,6 +61,7 @@ main(int argc, char **argv)
|
||||
char key[MAX_KEY_LEN+1] = {0};
|
||||
char hmac_key[MAX_KEY_LEN+1] = {0};
|
||||
int key_len = 0, hmac_key_len = 0;
|
||||
FILE *key_gen_file_ptr = NULL;
|
||||
|
||||
fko_cli_options_t options;
|
||||
|
||||
@ -92,7 +93,25 @@ main(int argc, char **argv)
|
||||
if(options.key_gen)
|
||||
{
|
||||
fko_key_gen(options.key_base64, options.hmac_key_base64);
|
||||
printf("KEY_BASE64: %s\nHMAC_KEY_BASE64: %s\n", options.key_base64, options.hmac_key_base64);
|
||||
|
||||
if(options.key_gen_file != NULL && options.key_gen_file[0] != '\0')
|
||||
{
|
||||
if ((key_gen_file_ptr = fopen(options.key_gen_file, "w")) == NULL)
|
||||
{
|
||||
fprintf(stderr, "Unable to create key gen file: %s: %s\n",
|
||||
options.key_gen_file, strerror(errno));
|
||||
return(EXIT_FAILURE);
|
||||
}
|
||||
fprintf(key_gen_file_ptr, "KEY_BASE64: %s\nHMAC_KEY_BASE64: %s\n",
|
||||
options.key_base64, options.hmac_key_base64);
|
||||
fclose(key_gen_file_ptr);
|
||||
printf("[+] Wrote Rijndael and HMAC keys to: %s\n",
|
||||
options.key_gen_file);
|
||||
}
|
||||
else
|
||||
{
|
||||
printf("KEY_BASE64: %s\nHMAC_KEY_BASE64: %s\n", options.key_base64, options.hmac_key_base64);
|
||||
}
|
||||
return(EXIT_SUCCESS);
|
||||
}
|
||||
|
||||
|
||||
@ -100,6 +100,7 @@ my $loopback_intf = '';
|
||||
my $anonymize_results = 0;
|
||||
my $curr_test_file = "$output_dir/init";
|
||||
my $tarfile = 'test_fwknop.tar.gz';
|
||||
my $key_gen_file = "$output_dir/key_gen";
|
||||
my $server_test_file = '';
|
||||
my $use_valgrind = 0;
|
||||
my $valgrind_str = '';
|
||||
@ -815,6 +816,28 @@ my @tests = (
|
||||
"--rc-file $cf{'rc_file_hmac_b64_key'}",
|
||||
'fatal' => $NO
|
||||
},
|
||||
{
|
||||
'category' => 'Rijndael SPA',
|
||||
'subcategory' => 'client',
|
||||
'detail' => '--key-gen',
|
||||
'err_msg' => 'SPA packet not generated',
|
||||
'function' => \&generic_exec,
|
||||
'cmdline' => "LD_LIBRARY_PATH=$lib_dir " .
|
||||
"$valgrind_str $fwknopCmd --key-gen",
|
||||
'positive_output_matches' => [qr/BASE64/, qw/HMAC/, qw/KEY/],
|
||||
'fatal' => $NO
|
||||
},
|
||||
{
|
||||
'category' => 'Rijndael SPA',
|
||||
'subcategory' => 'client',
|
||||
'detail' => '--key-gen to file',
|
||||
'err_msg' => 'SPA packet not generated',
|
||||
'function' => \&generic_exec,
|
||||
'cmdline' => "LD_LIBRARY_PATH=$lib_dir " .
|
||||
"$valgrind_str $fwknopCmd --key-gen --key-gen-file $key_gen_file",
|
||||
'positive_output_matches' => [qr/Wrote.*\skeys/],
|
||||
'fatal' => $NO
|
||||
},
|
||||
|
||||
{
|
||||
'category' => 'Rijndael SPA',
|
||||
@ -2959,26 +2982,16 @@ sub init() {
|
||||
$saved_last_results = 1;
|
||||
}
|
||||
|
||||
unless (-d $output_dir) {
|
||||
mkdir $output_dir or die "[*] Could not mkdir $output_dir: $!";
|
||||
}
|
||||
unless (-d $run_dir) {
|
||||
mkdir $run_dir or die "[*] Could not mkdir $run_dir: $!";
|
||||
for my $dir ($output_dir, $run_dir) {
|
||||
next if -d $dir;
|
||||
mkdir $dir or die "[*] Could not mkdir $dir: $!";
|
||||
}
|
||||
|
||||
for my $file (glob("$output_dir/*.test")) {
|
||||
for my $file (glob("$output_dir/*.test"), "$output_dir/init",
|
||||
$tmp_rc_file, $logfile, $key_gen_file) {
|
||||
next unless -d $file;
|
||||
unlink $file or die "[*] Could not unlink($file)";
|
||||
}
|
||||
if (-e "$output_dir/init") {
|
||||
unlink "$output_dir/init" or die $!;
|
||||
}
|
||||
if (-e $tmp_rc_file) {
|
||||
unlink $tmp_rc_file or die $!;
|
||||
}
|
||||
|
||||
if (-e $logfile) {
|
||||
unlink $logfile or die $!;
|
||||
}
|
||||
|
||||
if ($test_include) {
|
||||
@tests_to_include = split /\s*,\s*/, $test_include;
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user