[OpenPGP:SDK svn] r607 - in openpgpsdk/trunk: src/lib tests
Subversion
ben at links.org
Thu Aug 28 17:07:03 BST 2008
Author: rachel
Date: 2008-08-28 17:07:03 +0100 (Thu, 28 Aug 2008)
New Revision: 607
Modified:
openpgpsdk/trunk/src/lib/reader_armoured.c
openpgpsdk/trunk/tests/test_rsa_decrypt.c
openpgpsdk/trunk/tests/test_rsa_verify.c
Log:
Add tests to check that malformed armoured packets are detected.
Return error if malformed armoured packets detected.
Modified: openpgpsdk/trunk/src/lib/reader_armoured.c
===================================================================
--- openpgpsdk/trunk/src/lib/reader_armoured.c 2008-08-27 15:35:22 UTC (rev 606)
+++ openpgpsdk/trunk/src/lib/reader_armoured.c 2008-08-28 16:07:03 UTC (rev 607)
@@ -23,6 +23,7 @@
* \brief Code for dealing with ASCII-armoured packets
*/
+#include <openpgpsdk/errors.h>
#include <openpgpsdk/callback.h>
#include <openpgpsdk/configure.h>
#include <openpgpsdk/armour.h>
@@ -250,7 +251,7 @@
if(alg == OPS_HASH_UNKNOWN)
{
free(hash);
- ERR(cbinfo,"Unknown hash algorithm",OPS_E_R_BAD_FORMAT);
+ OPS_ERROR_1(errors,OPS_E_R_BAD_FORMAT,"Unknown hash algorithm '%s'",hashstr);
}
ops_hash_any(hash,alg);
}
@@ -276,13 +277,13 @@
{
/* then this had better be a trailer! */
if(c != '-')
- ERR(cbinfo,"Bad dash-escaping",OPS_E_R_BAD_FORMAT);
+ OPS_ERROR(errors,OPS_E_R_BAD_FORMAT,"Bad dash-escaping");
for(count=2 ; count < 5 ; ++count)
{
if((c=read_char(arg,errors,rinfo,cbinfo,ops_false)) < 0)
return -1;
if(c != '-')
- ERR(cbinfo,"Bad dash-escaping (2)",OPS_E_R_BAD_FORMAT);
+ OPS_ERROR(errors,OPS_E_R_BAD_FORMAT,"Bad dash-escaping (2)");
}
arg->state=AT_TRAILER_NAME;
break;
@@ -331,14 +332,16 @@
++arg->headers.nheaders;
}
+/* \todo what does a return value of 0 indicate? 1 is good, -1 is bad */
static int parse_headers(dearmour_arg_t *arg,ops_error_t **errors,
ops_reader_info_t *rinfo,ops_parse_cb_info_t *cbinfo)
{
+ int rtn=1;
char *buf;
unsigned nbuf;
unsigned size;
ops_boolean_t first=ops_true;
- ops_parser_content_t content;
+ //ops_parser_content_t content;
buf=NULL;
nbuf=size=0;
@@ -348,7 +351,11 @@
int c;
if((c=read_char(arg,errors,rinfo,cbinfo,ops_true)) < 0)
- return -1;
+ {
+ OPS_ERROR(errors,OPS_E_R_BAD_FORMAT,"Unexpected EOF");
+ rtn=-1;
+ break;
+ }
if(c == '\n')
{
@@ -363,25 +370,31 @@
s=strchr(buf,':');
if(!s)
if(!first && !arg->allow_headers_without_gap)
+ {
// then we have seriously malformed armour
- ERR(cbinfo,"No colon in armour header",OPS_E_R_BAD_FORMAT);
+ OPS_ERROR(errors,OPS_E_R_BAD_FORMAT,"No colon in armour header");
+ rtn=-1;
+ break;
+ }
else
{
if(first &&
!(arg->allow_headers_without_gap || arg->allow_no_gap))
- ERR(cbinfo,"No colon in armour header (2)",
- OPS_E_R_BAD_FORMAT);
- // then we have a nasty armoured block with no
- // headers, not even a blank line.
- buf[nbuf]='\n';
- push_back(arg,(unsigned char *)buf,nbuf+1);
- break;
+ {
+ OPS_ERROR(errors,OPS_E_R_BAD_FORMAT,"No colon in armour header (2)");
+ // then we have a nasty armoured block with no
+ // headers, not even a blank line.
+ buf[nbuf]='\n';
+ push_back(arg,(unsigned char *)buf,nbuf+1);
+ rtn=-1;
+ break;
+ }
}
else
{
*s='\0';
if(s[1] != ' ')
- ERR(cbinfo,"No space in armour header",OPS_E_R_BAD_FORMAT);
+ OPS_ERROR(errors,OPS_E_R_BAD_FORMAT,"No space in armour header");
add_header(arg,buf,s+2);
nbuf=0;
}
@@ -400,7 +413,7 @@
free(buf);
- return 1;
+ return rtn;
}
static int read4(dearmour_arg_t *arg,ops_error_t **errors,
@@ -467,7 +480,7 @@
unsigned n;
int n2;
unsigned long l;
- ops_parser_content_t content;
+ //ops_parser_content_t content;
int c;
int ret;
@@ -475,12 +488,12 @@
ret=read4(arg,errors,rinfo,cbinfo,&c,&n,&l);
if(ret < 0)
- ERR(cbinfo,"Badly formed base64",OPS_E_R_BAD_FORMAT);
+ OPS_ERROR(errors,OPS_E_R_BAD_FORMAT,"Badly formed base64");
if(n == 3)
{
if(c != '=')
- ERR(cbinfo,"Badly terminated base64 (2)",OPS_E_R_BAD_FORMAT);
+ OPS_ERROR(errors,OPS_E_R_BAD_FORMAT,"Badly terminated base64 (2)");
arg->buffered=2;
arg->eof64=ops_true;
l >>= 2;
@@ -488,18 +501,18 @@
else if(n == 2)
{
if(c != '=')
- ERR(cbinfo,"Badly terminated base64 (3)",OPS_E_R_BAD_FORMAT);
+ OPS_ERROR(errors,OPS_E_R_BAD_FORMAT,"Badly terminated base64 (3)");
arg->buffered=1;
arg->eof64=ops_true;
l >>= 4;
c=read_char(arg,errors,rinfo,cbinfo,ops_false);
if(c != '=')
- ERR(cbinfo,"Badly terminated base64",OPS_E_R_BAD_FORMAT);
+ OPS_ERROR(errors,OPS_E_R_BAD_FORMAT,"Badly terminated base64");
}
else if(n == 0)
{
if(!arg->prev_nl || c != '=')
- ERR(cbinfo,"Badly terminated base64 (4)",OPS_E_R_BAD_FORMAT);
+ OPS_ERROR(errors,OPS_E_R_BAD_FORMAT,"Badly terminated base64 (4)");
arg->buffered=0;
}
else
@@ -515,10 +528,10 @@
assert(c == '=');
c=read_and_eat_whitespace(arg,errors,rinfo,cbinfo,ops_true);
if(c != '\n')
- ERR(cbinfo,"No newline at base64 end",OPS_E_R_BAD_FORMAT);
+ OPS_ERROR(errors,OPS_E_R_BAD_FORMAT,"No newline at base64 end");
c=read_char(arg,errors,rinfo,cbinfo,ops_false);
if(c != '=')
- ERR(cbinfo,"No checksum at base64 end",OPS_E_R_BAD_FORMAT);
+ OPS_ERROR(errors,OPS_E_R_BAD_FORMAT,"No checksum at base64 end");
}
if(c == '=')
@@ -526,22 +539,22 @@
// now we are at the checksum
ret=read4(arg,errors,rinfo,cbinfo,&c,&n,&arg->read_checksum);
if(ret < 0 || n != 4)
- ERR(cbinfo,"Error in checksum",OPS_E_R_BAD_FORMAT);
+ OPS_ERROR(errors,OPS_E_R_BAD_FORMAT,"Error in checksum");
c=read_char(arg,errors,rinfo,cbinfo,ops_true);
if(arg->allow_trailing_whitespace)
c=eat_whitespace(c,arg,errors,rinfo,cbinfo,ops_true);
if(c != '\n')
- ERR(cbinfo,"Badly terminated checksum",OPS_E_R_BAD_FORMAT);
+ OPS_ERROR(errors,OPS_E_R_BAD_FORMAT,"Badly terminated checksum");
c=read_char(arg,errors,rinfo,cbinfo,ops_false);
if(c != '-')
- ERR(cbinfo,"Bad base64 trailer (2)",OPS_E_R_BAD_FORMAT);
+ OPS_ERROR(errors,OPS_E_R_BAD_FORMAT,"Bad base64 trailer (2)");
}
if(c == '-')
{
for(n=0 ; n < 4 ; ++n)
if(read_char(arg,errors,rinfo,cbinfo,ops_false) != '-')
- ERR(cbinfo,"Bad base64 trailer",OPS_E_R_BAD_FORMAT);
+ OPS_ERROR(errors,OPS_E_R_BAD_FORMAT,"Bad base64 trailer");
arg->eof64=ops_true;
}
else
@@ -557,7 +570,7 @@
arg->checksum=ops_crc24(arg->checksum,arg->buffer[n2]);
if(arg->eof64 && arg->read_checksum != arg->checksum)
- ERR(cbinfo,"Checksum mismatch",OPS_E_R_BAD_FORMAT);
+ OPS_ERROR(errors,OPS_E_R_BAD_FORMAT,"Checksum mismatch");
return 1;
}
@@ -725,7 +738,7 @@
buf[n++]=c;
}
/* then I guess this wasn't a proper trailer */
- ERR(cbinfo,"Bad ASCII armour trailer",OPS_E_R_BAD_FORMAT);
+ OPS_ERROR(errors,OPS_E_R_BAD_FORMAT,"Bad ASCII armour trailer");
break;
got_minus2:
@@ -738,8 +751,7 @@
return -1;
if(c != '-')
/* wasn't a trailer after all */
- ERR(cbinfo,"Bad ASCII armour trailer (2)",
- OPS_E_R_BAD_FORMAT);
+ OPS_ERROR(errors, OPS_E_R_BAD_FORMAT,"Bad ASCII armour trailer (2)");
}
/* Consume final NL */
@@ -751,7 +763,7 @@
return 0;
if(c != '\n')
/* wasn't a trailer line after all */
- ERR(cbinfo,"Bad ASCII armour trailer (3)",OPS_E_R_BAD_FORMAT);
+ OPS_ERROR(errors,OPS_E_R_BAD_FORMAT,"Bad ASCII armour trailer (3)");
if(!strncmp(buf,"BEGIN ",6))
{
Modified: openpgpsdk/trunk/tests/test_rsa_decrypt.c
===================================================================
--- openpgpsdk/trunk/tests/test_rsa_decrypt.c 2008-08-27 15:35:22 UTC (rev 606)
+++ openpgpsdk/trunk/tests/test_rsa_decrypt.c 2008-08-28 16:07:03 UTC (rev 607)
@@ -198,8 +198,11 @@
for (compress_alg=0; compress_alg<n_compress_algos; compress_alg++)
{
- for (compress_lvl=0; compress_lvl<MAX_COMPRESS_LEVEL; compress_lvl++)
+ for (compress_lvl=0; compress_lvl<=MAX_COMPRESS_LEVEL; compress_lvl++)
{
+ /* only need to check every compression level if we're debugging */
+ if (compress_lvl>0 && compress_lvl < MAX_COMPRESS_LEVEL)
+ continue;
for (armour=0; armour<=1; armour++)
{
char *armour_cmd= armour ? "--armor " : "";
Modified: openpgpsdk/trunk/tests/test_rsa_verify.c
===================================================================
--- openpgpsdk/trunk/tests/test_rsa_verify.c 2008-08-27 15:35:22 UTC (rev 606)
+++ openpgpsdk/trunk/tests/test_rsa_verify.c 2008-08-28 16:07:03 UTC (rev 607)
@@ -48,6 +48,7 @@
static char *filename_rsa_clearsign_nopassphrase="gpg_rsa_clearsign_nopassphrase.txt";
static char *filename_rsa_clearsign_passphrase="gpg_rsa_clearsign_passphrase.txt";
static char *filename_rsa_clearsign_fail_bad_sig="gpg_rsa_clearsign_fail_bad_sig.txt";
+
static char *filename_rsa_noarmour_compress_base="gpg_rsa_sign_noarmour_compress";
static char *filename_rsa_armour_compress_base="gpg_rsa_sign_armour_compress";
@@ -55,12 +56,50 @@
static char *filename_rsa_hash_md5="gpg_rsa_hash_md5.txt";
+static int num_malformed=0;
+
typedef ops_parse_cb_return_t (*ops_callback)(const ops_parser_content_t *, ops_parse_cb_info_t *);
/* Signature verification suite initialization.
* Create temporary test files.
*/
+static void make_filename_malformed(char* filename, int maxlen, const int i)
+ {
+ snprintf(filename,maxlen,"malformed_%d.txt",i);
+ }
+
+static void create_malformed_testfiles()
+ {
+ int i=0;
+ int fd=0;
+ char * malformed[]={
+ // no signature
+ "-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nmessage to encrypt\n-----BEGIN PGP SIGNATURE-----\n-----END PGP SIGNATURE-----\n",
+ // no signature and early EOF
+ "-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nmessage to encrypt\n-----BEGIN PGP SIGNATURE-----\n-----END PGP SIGNATURE-----",
+ // early EOF
+ "-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nmessage to encrypt\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.6 (GNU/Linux)\n",
+ // no signature
+ "-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nmessage to encrypt\n-----BEGIN PGP SIGNATURE-----\nVersion: -----END PGP SIGNATURE-----GnuPG v1.4.6 (GNU/Linux)\n"
+ };
+ num_malformed=sizeof (malformed)/sizeof(char *);
+ for (i=0; i<num_malformed; i++)
+ {
+ char fullname[MAXBUF];
+ char filename[MAXBUF];
+ make_filename_malformed(filename,MAXBUF,i);
+ snprintf(fullname,MAXBUF,"%s/%s.asc",dir,filename);
+ if ((fd=open(fullname,O_WRONLY | O_CREAT, 0600)) < 0)
+ {
+ fprintf(stderr,"create_malformed_testfiles: cannot open file %s for writing\n", fullname);
+ return;
+ }
+ write(fd,malformed[i],strlen(malformed[i]));
+ close(fd);
+ }
+ }
+
int init_suite_rsa_verify(void)
{
char cmd[MAXBUF+1];
@@ -77,6 +116,8 @@
create_small_testfile(filename_rsa_noarmour_passphrase);
create_small_testfile(filename_rsa_noarmour_fail_bad_sig);
+ create_malformed_testfiles();
+
// Now sign the test files with GPG
snprintf(cmd,sizeof cmd,"cat %s/%s | %s --openpgp --compress-level 0 --sign --local-user %s > %s/%s.gpg",
@@ -440,6 +481,20 @@
test_rsa_verify_fail(armour,filename_rsa_clearsign_fail_bad_sig,callback_bad_sig,OPS_E_V_BAD_SIGNATURE);
}
+static void test_rsa_verify_clearsign_fail_malformed_msg(void)
+ {
+ int i=0;
+ int armour=1;
+ assert(pub_keyring.nkeys);
+
+ for (i=0; i<num_malformed; i++)
+ {
+ char filename[MAXBUF];
+ make_filename_malformed(filename,MAXBUF,i);
+ test_rsa_verify_fail(armour,filename,NULL,OPS_E_R_BAD_FORMAT);
+ }
+ }
+
CU_pSuite suite_rsa_verify()
{
CU_pSuite suite = NULL;
@@ -479,6 +534,9 @@
if (NULL == CU_add_test(suite, "Clearsign: should fail on bad sig", test_rsa_verify_clearsign_fail_bad_sig))
return NULL;
+ if (NULL == CU_add_test(suite, "Clearsign: should fail on malformed message", test_rsa_verify_clearsign_fail_malformed_msg))
+ return NULL;
+
return suite;
}
More information about the OpenPGPsdk-svn
mailing list