libnm/crypto: refactor crypto test functions to return GBytes

Using GBytes consistently simplifies the code. Also use it
for the test related functions.

3 files changed, 38 insertions, 68 deletions

diff --git a/libnm-core/nm-crypto.c b/libnm-core/nm-crypto.c
index 7f84614cc7..ab52c94d69 100644
--- a/libnm-core/nm-crypto.c
+++ b/libnm-core/nm-crypto.c
@@ -52,19 +52,6 @@
 
 /*****************************************************************************/
 
-static GByteArray *
-to_gbyte_array_mem (gconstpointer mem, gsize len)
-{
-	GByteArray *arr;
-
-	arr = g_byte_array_sized_new (len);
-	if (len > 0)
-		g_byte_array_append (arr, mem, len);
-	return arr;
-}
-
-/*****************************************************************************/
-
 static gboolean
 find_tag (const char *tag,
           const guint8 *data,
@@ -519,7 +506,7 @@ decrypt_key (const char *cipher,
 	return TRUE;
 }
 
-GByteArray *
+GBytes *
 nmtst_crypto_decrypt_openssl_private_key_data (const guint8 *data,
                                                gsize data_len,
                                                const char *password,
@@ -567,16 +554,16 @@ nmtst_crypto_decrypt_openssl_private_key_data (const guint8 *data,
 		                  error))
 			return NULL;
 
-		return to_gbyte_array_mem (parsed2.bin, parsed2.len);
+		return nm_secret_copy_to_gbytes (parsed2.bin, parsed2.len);
 	}
 
 	if (cipher || iv)
 		return NULL;
 
-	return to_gbyte_array_mem (parsed.bin, parsed.len);
+	return nm_secret_copy_to_gbytes (parsed.bin, parsed.len);
 }
 
-GByteArray *
+GBytes *
 nmtst_crypto_decrypt_openssl_private_key (const char *file,
                                           const char *password,
                                           NMCryptoKeyType *out_key_type,
diff --git a/libnm-core/nm-crypto.h b/libnm-core/nm-crypto.h
index 669f9660eb..88fec819e7 100644
--- a/libnm-core/nm-crypto.h
+++ b/libnm-core/nm-crypto.h
@@ -49,16 +49,16 @@ typedef enum {
 	NM_CRYPTO_FILE_FORMAT_PKCS12
 } NMCryptoFileFormat;
 
-GByteArray *nmtst_crypto_decrypt_openssl_private_key_data (const guint8 *data,
-                                                           gsize data_len,
-                                                           const char *password,
-                                                           NMCryptoKeyType *out_key_type,
-                                                           GError **error);
-
-GByteArray *nmtst_crypto_decrypt_openssl_private_key (const char *file,
-                                                      const char *password,
-                                                      NMCryptoKeyType *out_key_type,
-                                                      GError **error);
+GBytes *nmtst_crypto_decrypt_openssl_private_key_data (const guint8 *data,
+                                                       gsize data_len,
+                                                       const char *password,
+                                                       NMCryptoKeyType *out_key_type,
+                                                       GError **error);
+
+GBytes *nmtst_crypto_decrypt_openssl_private_key (const char *file,
+                                                  const char *password,
+                                                  NMCryptoKeyType *out_key_type,
+                                                  GError **error);
 
 gboolean nm_crypto_load_and_verify_certificate (const char *file,
                                                 NMCryptoFileFormat *out_file_format,
diff --git a/libnm-core/tests/test-crypto.c b/libnm-core/tests/test-crypto.c
index 26ef08f56c..93970f3adc 100644
--- a/libnm-core/tests/test-crypto.c
+++ b/libnm-core/tests/test-crypto.c
@@ -113,22 +113,6 @@ test_cert (gconstpointer test_data)
 	g_assert (nm_utils_file_is_certificate (path));
 }
 
-static GByteArray *
-file_to_byte_array (const char *filename)
-{
-	char *contents;
-	GByteArray *array = NULL;
-	gsize length = 0;
-
-	if (g_file_get_contents (filename, &contents, &length, NULL)) {
-		array = g_byte_array_sized_new (length);
-		g_byte_array_append (array, (guint8 *) contents, length);
-		g_assert (array->len == length);
-		g_free (contents);
-	}
-	return array;
-}
-
 static void
 test_load_private_key (const char *path,
                        const char *password,
@@ -137,7 +121,7 @@ test_load_private_key (const char *path,
 {
 	NMCryptoKeyType key_type = NM_CRYPTO_KEY_TYPE_UNKNOWN;
 	gboolean is_encrypted = FALSE;
-	GByteArray *array, *decrypted;
+	gs_unref_bytes GBytes *array = NULL;
 	GError *error = NULL;
 
 	g_assert (nm_utils_file_is_private_key (path, &is_encrypted));
@@ -163,16 +147,14 @@ test_load_private_key (const char *path,
 	g_assert (array != NULL);
 
 	if (decrypted_path) {
-		/* Compare the crypto decrypted key against a known-good decryption */
-		decrypted = file_to_byte_array (decrypted_path);
-		g_assert (decrypted != NULL);
-		g_assert (decrypted->len == array->len);
-		g_assert (memcmp (decrypted->data, array->data, array->len) == 0);
+		gs_free char *contents = NULL;
+		gsize length;
 
-		g_byte_array_free (decrypted, TRUE);
+		/* Compare the crypto decrypted key against a known-good decryption */
+		if (!g_file_get_contents (decrypted_path, &contents, &length, NULL))
+			g_assert_not_reached ();
+		g_assert (nm_utils_gbytes_equal_mem (array, contents, length));
 	}
-
-	g_byte_array_free (array, TRUE);
 }
 
 static void
@@ -260,34 +242,35 @@ test_encrypt_private_key (const char *path,
                           const char *password)
 {
 	NMCryptoKeyType key_type = NM_CRYPTO_KEY_TYPE_UNKNOWN;
-	GByteArray *array, *encrypted, *re_decrypted;
+	gs_unref_bytes GBytes *array = NULL;
+	nm_auto_unref_bytearray GByteArray *encrypted = NULL;
+	gs_unref_bytes GBytes *re_decrypted = NULL;
 	GError *error = NULL;
 
 	array = nmtst_crypto_decrypt_openssl_private_key (path, password, &key_type, &error);
-	g_assert_no_error (error);
-	g_assert (array != NULL);
+	nmtst_assert_success (array, error);
 	g_assert_cmpint (key_type, ==, NM_CRYPTO_KEY_TYPE_RSA);
 
 	/* Now re-encrypt the private key */
-	encrypted = nm_utils_rsa_key_encrypt (array->data, array->len, password, NULL, &error);
-	g_assert_no_error (error);
-	g_assert (encrypted != NULL);
+	encrypted = nm_utils_rsa_key_encrypt (g_bytes_get_data (array, NULL),
+	                                      g_bytes_get_size (array),
+	                                      password,
+	                                      NULL,
+	                                      &error);
+	nmtst_assert_success (encrypted, error);
 
 	/* Then re-decrypt the private key */
 	key_type = NM_CRYPTO_KEY_TYPE_UNKNOWN;
-	re_decrypted = nmtst_crypto_decrypt_openssl_private_key_data (encrypted->data, encrypted->len,
-	                                                              password, &key_type, &error);
-	g_assert_no_error (error);
-	g_assert (re_decrypted != NULL);
+	re_decrypted = nmtst_crypto_decrypt_openssl_private_key_data (encrypted->data,
+	                                                              encrypted->len,
+	                                                              password,
+	                                                              &key_type,
+	                                                              &error);
+	nmtst_assert_success (re_decrypted, error);
 	g_assert_cmpint (key_type, ==, NM_CRYPTO_KEY_TYPE_RSA);
 
 	/* Compare the original decrypted key with the re-decrypted key */
-	g_assert_cmpint (array->len, ==, re_decrypted->len);
-	g_assert (!memcmp (array->data, re_decrypted->data, array->len));
-
-	g_byte_array_free (re_decrypted, TRUE);
-	g_byte_array_free (encrypted, TRUE);
-	g_byte_array_free (array, TRUE);
+	g_assert (g_bytes_equal (array, re_decrypted));
 }
 
 static void