diff options
author | Thomas Haller <thaller@redhat.com> | 2018-08-30 10:13:40 +0200 |
---|---|---|
committer | Thomas Haller <thaller@redhat.com> | 2018-09-03 18:07:59 +0200 |
commit | 24766438855d751224299fd17a4a76027bc0dc0c (patch) | |
tree | 9eba0b292d79f0003a6dc3542ff5991c3bf4ceae | |
parent | 472ead4c0b8ab18c5a5e0a2fa9699daeb392c2e9 (diff) | |
download | NetworkManager-24766438855d751224299fd17a4a76027bc0dc0c.tar.gz |
libnm/crypto: refactor crypto test functions to return GBytes
Using GBytes consistently simplifies the code. Also use it
for the test related functions.
-rw-r--r-- | libnm-core/nm-crypto.c | 21 | ||||
-rw-r--r-- | libnm-core/nm-crypto.h | 20 | ||||
-rw-r--r-- | libnm-core/tests/test-crypto.c | 65 |
3 files changed, 38 insertions, 68 deletions
diff --git a/libnm-core/nm-crypto.c b/libnm-core/nm-crypto.c index 7f84614cc7..ab52c94d69 100644 --- a/libnm-core/nm-crypto.c +++ b/libnm-core/nm-crypto.c @@ -52,19 +52,6 @@ /*****************************************************************************/ -static GByteArray * -to_gbyte_array_mem (gconstpointer mem, gsize len) -{ - GByteArray *arr; - - arr = g_byte_array_sized_new (len); - if (len > 0) - g_byte_array_append (arr, mem, len); - return arr; -} - -/*****************************************************************************/ - static gboolean find_tag (const char *tag, const guint8 *data, @@ -519,7 +506,7 @@ decrypt_key (const char *cipher, return TRUE; } -GByteArray * +GBytes * nmtst_crypto_decrypt_openssl_private_key_data (const guint8 *data, gsize data_len, const char *password, @@ -567,16 +554,16 @@ nmtst_crypto_decrypt_openssl_private_key_data (const guint8 *data, error)) return NULL; - return to_gbyte_array_mem (parsed2.bin, parsed2.len); + return nm_secret_copy_to_gbytes (parsed2.bin, parsed2.len); } if (cipher || iv) return NULL; - return to_gbyte_array_mem (parsed.bin, parsed.len); + return nm_secret_copy_to_gbytes (parsed.bin, parsed.len); } -GByteArray * +GBytes * nmtst_crypto_decrypt_openssl_private_key (const char *file, const char *password, NMCryptoKeyType *out_key_type, diff --git a/libnm-core/nm-crypto.h b/libnm-core/nm-crypto.h index 669f9660eb..88fec819e7 100644 --- a/libnm-core/nm-crypto.h +++ b/libnm-core/nm-crypto.h @@ -49,16 +49,16 @@ typedef enum { NM_CRYPTO_FILE_FORMAT_PKCS12 } NMCryptoFileFormat; -GByteArray *nmtst_crypto_decrypt_openssl_private_key_data (const guint8 *data, - gsize data_len, - const char *password, - NMCryptoKeyType *out_key_type, - GError **error); - -GByteArray *nmtst_crypto_decrypt_openssl_private_key (const char *file, - const char *password, - NMCryptoKeyType *out_key_type, - GError **error); +GBytes *nmtst_crypto_decrypt_openssl_private_key_data (const guint8 *data, + gsize data_len, + const char *password, + NMCryptoKeyType *out_key_type, + GError **error); + +GBytes *nmtst_crypto_decrypt_openssl_private_key (const char *file, + const char *password, + NMCryptoKeyType *out_key_type, + GError **error); gboolean nm_crypto_load_and_verify_certificate (const char *file, NMCryptoFileFormat *out_file_format, diff --git a/libnm-core/tests/test-crypto.c b/libnm-core/tests/test-crypto.c index 26ef08f56c..93970f3adc 100644 --- a/libnm-core/tests/test-crypto.c +++ b/libnm-core/tests/test-crypto.c @@ -113,22 +113,6 @@ test_cert (gconstpointer test_data) g_assert (nm_utils_file_is_certificate (path)); } -static GByteArray * -file_to_byte_array (const char *filename) -{ - char *contents; - GByteArray *array = NULL; - gsize length = 0; - - if (g_file_get_contents (filename, &contents, &length, NULL)) { - array = g_byte_array_sized_new (length); - g_byte_array_append (array, (guint8 *) contents, length); - g_assert (array->len == length); - g_free (contents); - } - return array; -} - static void test_load_private_key (const char *path, const char *password, @@ -137,7 +121,7 @@ test_load_private_key (const char *path, { NMCryptoKeyType key_type = NM_CRYPTO_KEY_TYPE_UNKNOWN; gboolean is_encrypted = FALSE; - GByteArray *array, *decrypted; + gs_unref_bytes GBytes *array = NULL; GError *error = NULL; g_assert (nm_utils_file_is_private_key (path, &is_encrypted)); @@ -163,16 +147,14 @@ test_load_private_key (const char *path, g_assert (array != NULL); if (decrypted_path) { - /* Compare the crypto decrypted key against a known-good decryption */ - decrypted = file_to_byte_array (decrypted_path); - g_assert (decrypted != NULL); - g_assert (decrypted->len == array->len); - g_assert (memcmp (decrypted->data, array->data, array->len) == 0); + gs_free char *contents = NULL; + gsize length; - g_byte_array_free (decrypted, TRUE); + /* Compare the crypto decrypted key against a known-good decryption */ + if (!g_file_get_contents (decrypted_path, &contents, &length, NULL)) + g_assert_not_reached (); + g_assert (nm_utils_gbytes_equal_mem (array, contents, length)); } - - g_byte_array_free (array, TRUE); } static void @@ -260,34 +242,35 @@ test_encrypt_private_key (const char *path, const char *password) { NMCryptoKeyType key_type = NM_CRYPTO_KEY_TYPE_UNKNOWN; - GByteArray *array, *encrypted, *re_decrypted; + gs_unref_bytes GBytes *array = NULL; + nm_auto_unref_bytearray GByteArray *encrypted = NULL; + gs_unref_bytes GBytes *re_decrypted = NULL; GError *error = NULL; array = nmtst_crypto_decrypt_openssl_private_key (path, password, &key_type, &error); - g_assert_no_error (error); - g_assert (array != NULL); + nmtst_assert_success (array, error); g_assert_cmpint (key_type, ==, NM_CRYPTO_KEY_TYPE_RSA); /* Now re-encrypt the private key */ - encrypted = nm_utils_rsa_key_encrypt (array->data, array->len, password, NULL, &error); - g_assert_no_error (error); - g_assert (encrypted != NULL); + encrypted = nm_utils_rsa_key_encrypt (g_bytes_get_data (array, NULL), + g_bytes_get_size (array), + password, + NULL, + &error); + nmtst_assert_success (encrypted, error); /* Then re-decrypt the private key */ key_type = NM_CRYPTO_KEY_TYPE_UNKNOWN; - re_decrypted = nmtst_crypto_decrypt_openssl_private_key_data (encrypted->data, encrypted->len, - password, &key_type, &error); - g_assert_no_error (error); - g_assert (re_decrypted != NULL); + re_decrypted = nmtst_crypto_decrypt_openssl_private_key_data (encrypted->data, + encrypted->len, + password, + &key_type, + &error); + nmtst_assert_success (re_decrypted, error); g_assert_cmpint (key_type, ==, NM_CRYPTO_KEY_TYPE_RSA); /* Compare the original decrypted key with the re-decrypted key */ - g_assert_cmpint (array->len, ==, re_decrypted->len); - g_assert (!memcmp (array->data, re_decrypted->data, array->len)); - - g_byte_array_free (re_decrypted, TRUE); - g_byte_array_free (encrypted, TRUE); - g_byte_array_free (array, TRUE); + g_assert (g_bytes_equal (array, re_decrypted)); } static void |