diff options
| author | Robert Relyea <rrelyea@redhat.com> | 2021-08-24 09:27:02 -0700 |
|---|---|---|
| committer | Robert Relyea <rrelyea@redhat.com> | 2021-08-24 09:27:02 -0700 |
| commit | be2f17bfcf7e8196eeba121bb32b3432799d2e4d (patch) | |
| tree | 88c69802473c2c50cc864bf9d1c006b65c1d03da /tests | |
| parent | 11b79748a7c99ab4e20f848b2d7717b374346ae1 (diff) | |
| download | nss-hg-be2f17bfcf7e8196eeba121bb32b3432799d2e4d.tar.gz | |
Bug 1726022 Update test case to verify fix.
Updated test cases to verify pbe caching fix.
NOTE: putting passwords on databases are key to reproducing the original issue.
Differential Revision: https://phabricator.services.mozilla.com/D123504
Diffstat (limited to 'tests')
| -rwxr-xr-x | tests/cert/cert.sh | 3 | ||||
| -rw-r--r-- | tests/common/init.sh | 2 | ||||
| -rwxr-xr-x | tests/sdr/sdr.sh | 81 |
3 files changed, 70 insertions, 16 deletions
diff --git a/tests/cert/cert.sh b/tests/cert/cert.sh index 84edb59f1..d7ec101fa 100755 --- a/tests/cert/cert.sh +++ b/tests/cert/cert.sh @@ -479,9 +479,6 @@ cert_add_cert() ########################################################################## cert_all_CA() { - echo nss > ${PWFILE} - echo > ${EMPTY_FILE} - ALL_CU_SUBJECT="CN=NSS Test CA, O=BOGUS NSS, L=Mountain View, ST=California, C=US" cert_CA $CADIR TestCA -x "CTu,CTu,CTu" ${D_CA} "1" diff --git a/tests/common/init.sh b/tests/common/init.sh index 8c10bdd2a..6d74a6241 100644 --- a/tests/common/init.sh +++ b/tests/common/init.sh @@ -91,6 +91,8 @@ if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then FIPSBADPWFILE=${HOSTDIR}/tests.fipsbadpw FIPSP12PWFILE=${HOSTDIR}/tests.fipsp12pw + echo nss > ${PWFILE} + echo > ${EMPTY_FILE} echo "fIps140" > ${FIPSPWFILE} echo "fips104" > ${FIPSBADPWFILE} echo "pKcs12fips140" > ${FIPSP12PWFILE} diff --git a/tests/sdr/sdr.sh b/tests/sdr/sdr.sh index f846e9247..7321ebdbf 100755 --- a/tests/sdr/sdr.sh +++ b/tests/sdr/sdr.sh @@ -39,7 +39,6 @@ sdr_init() VALUE1=$HOSTDIR/tests.v1.$$ VALUE2=$HOSTDIR/tests.v2.$$ VALUE3=$HOSTDIR/tests.v3.$$ - T1="Test1" T2="The quick brown fox jumped over the lazy dog" T3="1234567" @@ -64,35 +63,91 @@ sdr_init() ######################################################################## sdr_main() { + # we need to make sure we are running these tests with the full + # shipped iteration count so we can detect time regressions + OLD_MAX_PBE_ITERATIONS=$NSS_MAX_MP_PBE_ITERATION_COUNT + unset NSS_MAX_MP_PBE_ITERATION_COUNT + ASCII_VALUE1=$HOSTDIR/tests.v1a.$$ + ASCII_VALUE2=$HOSTDIR/tests.v2a.$$ + ASCII_VALUE3=$HOSTDIR/tests.v3a.$$ + ASCII_COMBINED=$HOSTDIR/tests.v4a.$$ + COMBINED_300=$HOSTDIR/SDR/combined.$$ + DECODED=$HOSTDIR/SDR/decoded.$$ + LOG=$HOSTDIR/SDR/log.$$ + echo "$SCRIPTNAME: Creating an SDR key/SDR Encrypt - Value 1" - echo "sdrtest -d ${PROFILE} -o ${VALUE1} -t \"${T1}\"" - ${BINDIR}/sdrtest -d ${PROFILE} -o ${VALUE1} -t "${T1}" + echo "sdrtest -d ${PROFILE} -o ${VALUE1} -t \"${T1}\" -f ${R_PWFILE}" + ${BINDIR}/sdrtest -d ${PROFILE} -o ${VALUE1} -t "${T1}" -f ${R_PWFILE} html_msg $? 0 "Creating SDR Key/Encrypt - Value 1" echo "$SCRIPTNAME: SDR Encrypt - Value 2" - echo "sdrtest -d ${PROFILE} -o ${VALUE2} -t \"${T2}\"" - ${BINDIR}/sdrtest -d ${PROFILE} -o ${VALUE2} -t "${T2}" + echo "sdrtest -d ${PROFILE} -o ${VALUE2} -t \"${T2}\" -f ${R_PWFILE}" + ${BINDIR}/sdrtest -d ${PROFILE} -o ${VALUE2} -t "${T2}" -f ${R_PWFILE} html_msg $? 0 "Encrypt - Value 2" echo "$SCRIPTNAME: SDR Encrypt - Value 3" - echo "sdrtest -d ${PROFILE} -o ${VALUE3} -t \"${T3}\"" - ${BINDIR}/sdrtest -d ${PROFILE} -o ${VALUE3} -t "${T3}" + echo "sdrtest -d ${PROFILE} -o ${VALUE3} -t \"${T3}\" -f ${R_PWFILE}" + ${BINDIR}/sdrtest -d ${PROFILE} -o ${VALUE3} -t "${T3}" -f ${R_PWFILE} html_msg $? 0 "Encrypt - Value 3" echo "$SCRIPTNAME: SDR Decrypt - Value 1" - echo "sdrtest -d ${PROFILE} -i ${VALUE1} -t \"${T1}\"" - ${BINDIR}/sdrtest -d ${PROFILE} -i ${VALUE1} -t "${T1}" + echo "sdrtest -d ${PROFILE} -i ${VALUE1} -t \"${T1}\" -f ${R_PWFILE}" + ${BINDIR}/sdrtest -d ${PROFILE} -i ${VALUE1} -t "${T1}" -f ${R_PWFILE} html_msg $? 0 "Decrypt - Value 1" echo "$SCRIPTNAME: SDR Decrypt - Value 2" - echo "sdrtest -d ${PROFILE} -i ${VALUE2} -t \"${T2}\"" - ${BINDIR}/sdrtest -d ${PROFILE} -i ${VALUE2} -t "${T2}" + echo "sdrtest -d ${PROFILE} -i ${VALUE2} -t \"${T2}\" -f ${R_PWFILE}" + ${BINDIR}/sdrtest -d ${PROFILE} -i ${VALUE2} -t "${T2}" -f ${R_PWFILE} html_msg $? 0 "Decrypt - Value 2" echo "$SCRIPTNAME: SDR Decrypt - Value 3" - echo "sdrtest -d ${PROFILE} -i ${VALUE3} -t \"${T3}\"" - ${BINDIR}/sdrtest -d ${PROFILE} -i ${VALUE3} -t "${T3}" + echo "sdrtest -d ${PROFILE} -i ${VALUE3} -t \"${T3}\" -f ${R_PWFILE}" + ${BINDIR}/sdrtest -d ${PROFILE} -i ${VALUE3} -t "${T3}" -f ${R_PWFILE} html_msg $? 0 "Decrypt - Value 3" + + echo "$SCRIPTNAME: pwdecrypt - 300 Entries" + # get base64 encoded encrypted versions of our tests + sdrtest -d ${PROFILE} -o ${ASCII_VALUE1} -a -t "${T1}" -f ${R_PWFILE} + sdrtest -d ${PROFILE} -o ${ASCII_VALUE2} -a -t "${T2}" -f ${R_PWFILE} + sdrtest -d ${PROFILE} -o ${ASCII_VALUE3} -a -t "${T3}" -f ${R_PWFILE} + # make each encoded span exactly one line + touch ${ASCII_COMBINED} + cat ${ASCII_VALUE1} | tr -d '\n' >> ${ASCII_COMBINED} + echo >> ${ASCII_COMBINED} + cat ${ASCII_VALUE2} | tr -d '\n' >> ${ASCII_COMBINED} + echo >> ${ASCII_COMBINED} + cat ${ASCII_VALUE3} | tr -d '\n' >> ${ASCII_COMBINED} + echo >> ${ASCII_COMBINED} + #concantentate the 3 entries 100 times to produce 300 entries + touch ${COMBINED_300} + for ((i=0;i<100;i++)); do + cat ${ASCII_COMBINED} >> ${COMBINED_300} + done + echo "time pwdecrypt -i ${COMBINED_300} -o ${DECODED} -l ${LOG} -d ${PROFILE} -f ${R_PWFILE}" + dtime=$(time -p (pwdecrypt -i ${COMBINED_300} -o ${DECODED} -l ${LOG} -d ${PROFILE} -f ${R_PWFILE}) 2>&1 1>/dev/null) + echo "------------- result ----------------------" + cat ${DECODED} + wc -c ${DECODED} + RARRAY=($(wc -c ${DECODED})) + CHARCOUNT=9800 + if [ "${OS_ARCH}" = "WINNT" -o "${OS_ARCH}" = "WIN95" -o "${OS_ARCH}" = "OS2" ]; then + # includes include carriage returns as well as line feeds for new line + CHARCOUNT=10100 + fi + html_msg ${RARRAY[0]} ${CHARCOUNT} "pwdecrypt success" + echo "------------- log ----------------------" + cat ${LOG} + wc -c ${LOG} + RARRAY=($(wc -c ${LOG})) + html_msg ${RARRAY[0]} 0 "pwdecrypt no error log" + echo "------------- time ----------------------" + echo $dtime + # now parse the real time to make sure it's subsecond + RARRAY=($dtime) + TIMEARRAY=(${RARRAY[1]//./ }) + echo "${TIMEARRAY[0]} seconds" + html_msg ${TIMEARRAY[0]} 0 "pwdecrypt no time regression" + export NSS_MAX_MP_PBE_ITERATION_COUNT=$OLD_MAX_PBE_ITERATIONS } ############################## sdr_cleanup ############################# |