open-vault/vault/barrier_aes_gcm_test.go

package vault

import (
	"bytes"
	"testing"

	"github.com/hashicorp/vault/physical"
)

// mockBarrier returns a physical backend, security barrier, and master key
func mockBarrier(t *testing.T) (physical.Backend, SecurityBarrier, []byte) {
	inm := physical.NewInmem()
	b, err := NewAESGCMBarrier(inm)
	if err != nil {
		t.Fatalf("err: %v", err)
	}

	// Initialize and unseal
	key, _ := b.GenerateKey()
	b.Initialize(key)
	b.Unseal(key)
	return inm, b, key
}

func TestAESGCMBarrier_Basic(t *testing.T) {
	inm := physical.NewInmem()
	b, err := NewAESGCMBarrier(inm)
	if err != nil {
		t.Fatalf("err: %v", err)
	}
	testBarrier(t, b)
}

// Verify data sent through is encrypted
func TestAESGCMBarrier_Confidential(t *testing.T) {
	inm := physical.NewInmem()
	b, err := NewAESGCMBarrier(inm)
	if err != nil {
		t.Fatalf("err: %v", err)
	}

	// Initialize and unseal
	key, _ := b.GenerateKey()
	b.Initialize(key)
	b.Unseal(key)

	// Put a logical entry
	entry := &Entry{Key: "test", Value: []byte("test")}
	err = b.Put(entry)
	if err != nil {
		t.Fatalf("err: %v", err)
	}

	// Check the physcial entry
	pe, err := inm.Get("test")
	if err != nil {
		t.Fatalf("err: %v", err)
	}
	if pe == nil {
		t.Fatalf("missing physical entry")
	}

	if pe.Key != "test" {
		t.Fatalf("bad: %#v", pe)
	}
	if bytes.Equal(pe.Value, entry.Value) {
		t.Fatalf("bad: %#v", pe)
	}
}

// Verify data sent through is cannot be tampered
func TestAESGCMBarrier_Integrity(t *testing.T) {
	inm := physical.NewInmem()
	b, err := NewAESGCMBarrier(inm)
	if err != nil {
		t.Fatalf("err: %v", err)
	}

	// Initialize and unseal
	key, _ := b.GenerateKey()
	b.Initialize(key)
	b.Unseal(key)

	// Put a logical entry
	entry := &Entry{Key: "test", Value: []byte("test")}
	err = b.Put(entry)
	if err != nil {
		t.Fatalf("err: %v", err)
	}

	// Change a byte in the underlying physical entry
	pe, _ := inm.Get("test")
	pe.Value[15]++
	err = inm.Put(pe)
	if err != nil {
		t.Fatalf("err: %v", err)
	}

	// Read from the barrier
	_, err = b.Get("test")
	if err == nil {
		t.Fatalf("should fail!")
	}
}

func TestEncrypt_Unique(t *testing.T) {
	inm := physical.NewInmem()
	b, err := NewAESGCMBarrier(inm)
	if err != nil {
		t.Fatalf("err: %v", err)
	}

	key, _ := b.GenerateKey()
	b.Initialize(key)
	b.Unseal(key)

	if b.keyring == nil {
		t.Fatalf("barrier is sealed")
	}

	entry := &Entry{Key: "test", Value: []byte("test")}
	term := b.keyring.ActiveTerm()
	primary, _ := b.aeadForTerm(term)

	first := b.encrypt(term, primary, entry.Value)
	second := b.encrypt(term, primary, entry.Value)

	if bytes.Equal(first, second) == true {
		t.Fatalf("improper random seeding detected")
	}
}

func TestInitialize_KeyLength(t *testing.T) {
	inm := physical.NewInmem()
	b, err := NewAESGCMBarrier(inm)
	if err != nil {
		t.Fatalf("err: %v", err)
	}

	long := []byte("ThisKeyDoesNotHaveTheRightLength!")
	middle := []byte("ThisIsASecretKeyAndMore")
	short := []byte("Key")

	err = b.Initialize(long)

	if err == nil {
		t.Fatalf("key length protection failed")
	}

	err = b.Initialize(middle)

	if err == nil {
		t.Fatalf("key length protection failed")
	}

	err = b.Initialize(short)

	if err == nil {
		t.Fatalf("key length protection failed")
	}
}
vault: First pass at a barrier 2015-03-05 21:27:35 +00:00			`package vault`

			`import (`
vault: Basic test for barrier confidentiality and integrity 2015-03-05 22:03:00 +00:00			`"bytes"`
vault: First pass at a barrier 2015-03-05 21:27:35 +00:00			`"testing"`

			`"github.com/hashicorp/vault/physical"`
			`)`

vault: Adding a barrier view 2015-03-05 22:34:05 +00:00			`// mockBarrier returns a physical backend, security barrier, and master key`
			`func mockBarrier(t *testing.T) (physical.Backend, SecurityBarrier, []byte) {`
			`inm := physical.NewInmem()`
			`b, err := NewAESGCMBarrier(inm)`
			`if err != nil {`
			`t.Fatalf("err: %v", err)`
			`}`

			`// Initialize and unseal`
			`key, _ := b.GenerateKey()`
			`b.Initialize(key)`
			`b.Unseal(key)`
			`return inm, b, key`
			`}`

vault: First pass at a barrier 2015-03-05 21:27:35 +00:00			`func TestAESGCMBarrier_Basic(t *testing.T) {`
			`inm := physical.NewInmem()`
			`b, err := NewAESGCMBarrier(inm)`
			`if err != nil {`
			`t.Fatalf("err: %v", err)`
			`}`
			`testBarrier(t, b)`
			`}`

vault: Basic test for barrier confidentiality and integrity 2015-03-05 22:03:00 +00:00			`// Verify data sent through is encrypted`
vault: First pass at a barrier 2015-03-05 21:27:35 +00:00			`func TestAESGCMBarrier_Confidential(t *testing.T) {`
vault: Basic test for barrier confidentiality and integrity 2015-03-05 22:03:00 +00:00			`inm := physical.NewInmem()`
			`b, err := NewAESGCMBarrier(inm)`
			`if err != nil {`
			`t.Fatalf("err: %v", err)`
			`}`

			`// Initialize and unseal`
			`key, _ := b.GenerateKey()`
			`b.Initialize(key)`
			`b.Unseal(key)`

			`// Put a logical entry`
			`entry := &Entry{Key: "test", Value: []byte("test")}`
			`err = b.Put(entry)`
			`if err != nil {`
			`t.Fatalf("err: %v", err)`
			`}`

			`// Check the physcial entry`
			`pe, err := inm.Get("test")`
			`if err != nil {`
			`t.Fatalf("err: %v", err)`
			`}`
			`if pe == nil {`
			`t.Fatalf("missing physical entry")`
			`}`

			`if pe.Key != "test" {`
			`t.Fatalf("bad: %#v", pe)`
			`}`
			`if bytes.Equal(pe.Value, entry.Value) {`
			`t.Fatalf("bad: %#v", pe)`
			`}`
vault: First pass at a barrier 2015-03-05 21:27:35 +00:00			`}`

vault: Basic test for barrier confidentiality and integrity 2015-03-05 22:03:00 +00:00			`// Verify data sent through is cannot be tampered`
vault: First pass at a barrier 2015-03-05 21:27:35 +00:00			`func TestAESGCMBarrier_Integrity(t *testing.T) {`
vault: Basic test for barrier confidentiality and integrity 2015-03-05 22:03:00 +00:00			`inm := physical.NewInmem()`
			`b, err := NewAESGCMBarrier(inm)`
			`if err != nil {`
			`t.Fatalf("err: %v", err)`
			`}`

			`// Initialize and unseal`
			`key, _ := b.GenerateKey()`
			`b.Initialize(key)`
			`b.Unseal(key)`

			`// Put a logical entry`
			`entry := &Entry{Key: "test", Value: []byte("test")}`
			`err = b.Put(entry)`
			`if err != nil {`
			`t.Fatalf("err: %v", err)`
			`}`

			`// Change a byte in the underlying physical entry`
			`pe, _ := inm.Get("test")`
			`pe.Value[15]++`
			`err = inm.Put(pe)`
			`if err != nil {`
			`t.Fatalf("err: %v", err)`
			`}`

			`// Read from the barrier`
			`_, err = b.Get("test")`
			`if err == nil {`
			`t.Fatalf("should fail!")`
			`}`
vault: First pass at a barrier 2015-03-05 21:27:35 +00:00			`}`
Add test to verify unique encrypted values It wasn't immediately clear that the proper random seeding was taking place. This ensures that the same plaintext encrypted twice does not result in the same ciphertext. It will also be a good test to keep around incase of future regressions. 2015-04-30 17:15:41 +00:00
			`func TestEncrypt_Unique(t *testing.T) {`
			`inm := physical.NewInmem()`
			`b, err := NewAESGCMBarrier(inm)`
			`if err != nil {`
			`t.Fatalf("err: %v", err)`
			`}`

			`key, _ := b.GenerateKey()`
			`b.Initialize(key)`
			`b.Unseal(key)`

vault: first pass at keyring integration 2015-05-27 23:01:25 +00:00			`if b.keyring == nil {`
Use lowercase 2015-04-30 17:37:47 +00:00			`t.Fatalf("barrier is sealed")`
Add test to verify unique encrypted values It wasn't immediately clear that the proper random seeding was taking place. This ensures that the same plaintext encrypted twice does not result in the same ciphertext. It will also be a good test to keep around incase of future regressions. 2015-04-30 17:15:41 +00:00			`}`

vault: first pass at keyring integration 2015-05-27 23:01:25 +00:00			`entry := &Entry{Key: "test", Value: []byte("test")}`
			`term := b.keyring.ActiveTerm()`
			`primary, _ := b.aeadForTerm(term)`

			`first := b.encrypt(term, primary, entry.Value)`
			`second := b.encrypt(term, primary, entry.Value)`
Add test to verify unique encrypted values It wasn't immediately clear that the proper random seeding was taking place. This ensures that the same plaintext encrypted twice does not result in the same ciphertext. It will also be a good test to keep around incase of future regressions. 2015-04-30 17:15:41 +00:00
Use lowercase 2015-04-30 17:37:47 +00:00			`if bytes.Equal(first, second) == true {`
			`t.Fatalf("improper random seeding detected")`
Add test to verify unique encrypted values It wasn't immediately clear that the proper random seeding was taking place. This ensures that the same plaintext encrypted twice does not result in the same ciphertext. It will also be a good test to keep around incase of future regressions. 2015-04-30 17:15:41 +00:00			`}`
			`}`
Add test that ensure keylength check is working Not likely to fail, but if it did would result in complete failure, so probably good to have a test for it. 2015-04-30 18:12:47 +00:00
			`func TestInitialize_KeyLength(t *testing.T) {`
			`inm := physical.NewInmem()`
			`b, err := NewAESGCMBarrier(inm)`
			`if err != nil {`
			`t.Fatalf("err: %v", err)`
			`}`

			`long := []byte("ThisKeyDoesNotHaveTheRightLength!")`
			`middle := []byte("ThisIsASecretKeyAndMore")`
			`short := []byte("Key")`

			`err = b.Initialize(long)`

			`if err == nil {`
Lowercase again 2015-04-30 18:27:32 +00:00			`t.Fatalf("key length protection failed")`
Add test that ensure keylength check is working Not likely to fail, but if it did would result in complete failure, so probably good to have a test for it. 2015-04-30 18:12:47 +00:00			`}`

			`err = b.Initialize(middle)`

			`if err == nil {`
Lowercase again 2015-04-30 18:27:32 +00:00			`t.Fatalf("key length protection failed")`
Add test that ensure keylength check is working Not likely to fail, but if it did would result in complete failure, so probably good to have a test for it. 2015-04-30 18:12:47 +00:00			`}`

			`err = b.Initialize(short)`

			`if err == nil {`
Lowercase again 2015-04-30 18:27:32 +00:00			`t.Fatalf("key length protection failed")`
Add test that ensure keylength check is working Not likely to fail, but if it did would result in complete failure, so probably good to have a test for it. 2015-04-30 18:12:47 +00:00			`}`
			`}`