diff options
author | Kevin Jacobs <kjacobs@mozilla.com> | 2021-01-13 02:33:06 +0000 |
---|---|---|
committer | Kevin Jacobs <kjacobs@mozilla.com> | 2021-01-13 02:33:06 +0000 |
commit | 11925d05e802a578ee2934924483a5f22951bd0e (patch) | |
tree | c41e54bf284fed471d444dff0486b8ddef84b652 /gtests/softoken_gtest | |
parent | a8c41b1514115268e5bee6f7bc681f67e058d8e0 (diff) | |
download | nss-hg-11925d05e802a578ee2934924483a5f22951bd0e.tar.gz |
Bug 1684300 - Disable legacy storage when compiled with NSS_DISABLE_DBM. r=mt
Differential Revision: https://phabricator.services.mozilla.com/D101218
Diffstat (limited to 'gtests/softoken_gtest')
-rw-r--r-- | gtests/softoken_gtest/manifest.mn | 1 | ||||
-rw-r--r-- | gtests/softoken_gtest/softoken_gtest.cc | 56 | ||||
-rw-r--r-- | gtests/softoken_gtest/softoken_gtest.gyp | 1 |
3 files changed, 58 insertions, 0 deletions
diff --git a/gtests/softoken_gtest/manifest.mn b/gtests/softoken_gtest/manifest.mn index f146811ba..81545b2c5 100644 --- a/gtests/softoken_gtest/manifest.mn +++ b/gtests/softoken_gtest/manifest.mn @@ -33,4 +33,5 @@ EXTRA_LIBS = \ $(DIST)/lib/$(LIB_PREFIX)gtest.$(LIB_SUFFIX) \ $(DIST)/lib/$(LIB_PREFIX)cpputil.$(LIB_SUFFIX) \ $(DIST)/lib/$(LIB_PREFIX)gtestutil.$(LIB_SUFFIX) \ + $(DIST)/lib/$(LIB_PREFIX)sqlite.$(LIB_SUFFIX) \ $(NULL) diff --git a/gtests/softoken_gtest/softoken_gtest.cc b/gtests/softoken_gtest/softoken_gtest.cc index 6fff252bd..59e98765c 100644 --- a/gtests/softoken_gtest/softoken_gtest.cc +++ b/gtests/softoken_gtest/softoken_gtest.cc @@ -14,6 +14,7 @@ #include "databuffer.h" #include <fstream> #include <chrono> +#include <sqlite3.h> using namespace std::chrono; #include "softoken_dh_vectors.h" @@ -42,6 +43,61 @@ class SoftokenTest : public ::testing::Test { ScopedUniqueDirectory mNSSDBDir; }; +TEST_F(SoftokenTest, CheckDefaultPbkdf2Iterations) { + ScopedPK11SlotInfo slot(PK11_GetInternalKeySlot()); + ASSERT_TRUE(slot); + EXPECT_EQ(SECSuccess, PK11_InitPin(slot.get(), nullptr, "password")); + + // Open key4.db and check encoded PBE algorithm and iteration count. + // Compare bytes against the expected values to avoid ASN.1 here. + std::string key_db = mNSSDBDir.GetPath() + "/key4.db"; + + sqlite3 *sql_db = NULL; + ASSERT_EQ(SQLITE_OK, sqlite3_open(key_db.c_str(), &sql_db)); + + char *query_str = sqlite3_mprintf("SELECT item2 FROM metaData;"); + ASSERT_NE(nullptr, query_str); + + sqlite3_stmt *statement = NULL; + ASSERT_EQ(SQLITE_OK, + sqlite3_prepare_v2(sql_db, query_str, -1, &statement, NULL)); + ASSERT_EQ(SQLITE_ROW, sqlite3_step(statement)); + unsigned int len = sqlite3_column_bytes(statement, 0); + const unsigned char *reader = sqlite3_column_text(statement, 0); + + ASSERT_NE(nullptr, reader); + ASSERT_EQ(133U, len); + + // pkcs5PBES2, pkcs5PBKDF2 + const uint8_t pkcs5_with_pbkdf2[] = { + 0x30, 0x81, 0x82, 0x30, 0x6E, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, + 0xF7, 0x0D, 0x01, 0x05, 0x0D, 0x30, 0x61, 0x30, 0x42, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x05, 0x0C, 0x30, 0x35}; + EXPECT_EQ(0, memcmp(reader, pkcs5_with_pbkdf2, sizeof(pkcs5_with_pbkdf2))); + reader += sizeof(pkcs5_with_pbkdf2); + + // Skip over the 32B random salt + const uint8_t salt_prefix[] = {0x04, 0x20}; + EXPECT_EQ(0, memcmp(reader, salt_prefix, sizeof(salt_prefix))); + reader += sizeof(salt_prefix) + 0x20; + + // Expect 10000 iterations + const uint8_t iterations[] = {0x02, 0x02, 0x27, 0x10}; + EXPECT_EQ(0, memcmp(reader, iterations, sizeof(iterations))); + reader += sizeof(iterations); + + // hmacWithSHA256, aes256-CBC + const uint8_t oids[] = {0x02, 0x01, 0x20, 0x30, 0x0A, 0x06, 0x08, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x02, + 0x09, 0x30, 0x1B, 0x06, 0x09, 0x60, 0x86, + 0x48, 0x01, 0x65, 0x03, 0x04, 0x01, 0x2A}; + EXPECT_EQ(0, memcmp(reader, oids, sizeof(oids))); + + EXPECT_EQ(SQLITE_OK, sqlite3_finalize(statement)); + sqlite3_free(query_str); + sqlite3_close(sql_db); +} + TEST_F(SoftokenTest, ResetSoftokenEmptyPassword) { ScopedPK11SlotInfo slot(PK11_GetInternalKeySlot()); ASSERT_TRUE(slot); diff --git a/gtests/softoken_gtest/softoken_gtest.gyp b/gtests/softoken_gtest/softoken_gtest.gyp index c613a1ddd..f364dbe33 100644 --- a/gtests/softoken_gtest/softoken_gtest.gyp +++ b/gtests/softoken_gtest/softoken_gtest.gyp @@ -38,6 +38,7 @@ 'dependencies': [ '<(DEPTH)/lib/nss/nss.gyp:nss3', '<(DEPTH)/lib/ssl/ssl.gyp:ssl3', + '<(DEPTH)/lib/sqlite/sqlite.gyp:sqlite3', ], }], ], |