From e646369697f9de02b904c6492cc523305108a244 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Mon, 30 Dec 2013 08:28:18 -0600 Subject: add urandom engine register/unregister tests also rename some variables in the urandom engine for easier comparison --- tests/hazmat/backends/test_openssl.py | 58 +++++++++++++++++++++++++++++++++++ 1 file changed, 58 insertions(+) (limited to 'tests') diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index 543a05fe..4dd74c35 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -97,3 +97,61 @@ class TestOpenSSL(object): backend.lib.EVP_F_EVP_DECRYPTFINAL_EX, 0 ) + + # This test is not in the next class because to check if it's really + # default we don't want to run the setup_method before it + def test_urandom_engine_is_default(self): + e = backend.lib.ENGINE_get_default_RAND() + name = backend.lib.ENGINE_get_name(e) + assert name == backend.lib.Cryptography_urandom_engine_name + res = backend.lib.ENGINE_free(e) + assert res == 1 + + +class TestOpenSSLRandomEngine(object): + def setup_method(self, method): + # we need to reset state to being default. backend is a shared global + # for all these tests. + backend.register_urandom_engine() + pass + + def test_register_urandom_already_default(self): + e = backend.lib.ENGINE_get_default_RAND() + name = backend.lib.ENGINE_get_name(e) + assert name == backend.lib.Cryptography_urandom_engine_name + res = backend.lib.ENGINE_free(e) + assert res == 1 + backend.register_urandom_engine() + e = backend.lib.ENGINE_get_default_RAND() + name = backend.lib.ENGINE_get_name(e) + assert name == backend.lib.Cryptography_urandom_engine_name + res = backend.lib.ENGINE_free(e) + assert res == 1 + + def test_unregister_urandom_engine_already_unregistered(self): + backend.unregister_urandom_engine() + e = backend.lib.ENGINE_get_default_RAND() + assert e == backend.ffi.NULL + backend.unregister_urandom_engine() + e = backend.lib.ENGINE_get_default_RAND() + assert e == backend.ffi.NULL + + def test_unregister_urandom_engine(self): + e = backend.lib.ENGINE_get_default_RAND() + assert e != backend.ffi.NULL + name = backend.lib.ENGINE_get_name(e) + assert name == backend.lib.Cryptography_urandom_engine_name + backend.unregister_urandom_engine() + e = backend.lib.ENGINE_get_default_RAND() + assert e == backend.ffi.NULL + + def test_register_urandom_not_default(self): + backend.unregister_urandom_engine() + e = backend.lib.ENGINE_get_default_RAND() + assert e == backend.ffi.NULL + backend.register_urandom_engine() + e = backend.lib.ENGINE_get_default_RAND() + name = backend.lib.ENGINE_get_name(e) + assert name == backend.lib.Cryptography_urandom_engine_name + res = backend.lib.ENGINE_free(e) + assert res == 1 -- cgit v1.2.3 From 3f2524572d6efedb413558c50ba875256eadfaab Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Tue, 31 Dec 2013 09:44:32 -0600 Subject: Add dummy engine to tests and test other engine scenarios Modify register_urandom_engine to fix a leak --- tests/hazmat/backends/test_openssl.py | 157 +++++++++++++++++++++++++++++++++- 1 file changed, 153 insertions(+), 4 deletions(-) (limited to 'tests') diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index 4dd74c35..4be5cd03 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -11,6 +11,8 @@ # See the License for the specific language governing permissions and # limitations under the License. +import cffi + import pytest from cryptography import utils @@ -23,6 +25,114 @@ from cryptography.hazmat.primitives.ciphers.algorithms import AES from cryptography.hazmat.primitives.ciphers.modes import CBC +ffi = cffi.FFI() + +ffi.cdef(""" +static const char *const Cryptography_faux_engine_name; +static const char *const Cryptography_faux_engine_id; +int Cryptography_add_faux_engine(void); +int Cryptography_remove_faux_engine(void); +""") +dummy_engine = ffi.verify( + source=""" + #include + #include + static const char *const Cryptography_faux_engine_name="faux_engine"; + static const char *const Cryptography_faux_engine_id="faux"; + static int faux_bytes(unsigned char *buffer, int size) { + memset(buffer, 1, size); + return 1; + } + static int faux_status(void) { return 1; } + static int faux_init(ENGINE *e) { return 1; } + static int faux_finish(ENGINE *e) { return 1; } + static RAND_METHOD faux_rand = { + NULL, + faux_bytes, + NULL, + NULL, + faux_bytes, + faux_status, + }; + + int Cryptography_add_faux_engine(void) { + ENGINE *e = ENGINE_new(); + if (e == NULL) { + return 0; + } + if(!ENGINE_set_id(e, Cryptography_faux_engine_id) || + !ENGINE_set_name(e, Cryptography_faux_engine_name) || + !ENGINE_set_RAND(e, &faux_rand) || + !ENGINE_set_init_function(e, faux_init) || + !ENGINE_set_finish_function(e, faux_finish)) { + return 0; + } + if (!ENGINE_add(e)) { + ENGINE_free(e); + return 0; + } + if (!ENGINE_free(e)) { + return 0; + } + + return 1; + } + + int Cryptography_remove_faux_engine(void) { + ENGINE *e = ENGINE_by_id(Cryptography_faux_engine_id); + if (e == NULL) { + return 0; + } + if (!ENGINE_remove(e)) { + ENGINE_free(e); + return 0; + } + if (!ENGINE_free(e)) { + return 0; + } + return 1; + } + """, + libraries=["crypto", "ssl"], +) + + +def register_dummy_engine(): + current_rand = backend.lib.ENGINE_get_default_RAND() + assert current_rand != backend.ffi.NULL + name = backend.lib.ENGINE_get_name(current_rand) + assert name != backend.ffi.NULL + assert name != dummy_engine.Cryptography_faux_engine_id + e = backend.lib.ENGINE_by_id(dummy_engine.Cryptography_faux_engine_id) + assert e != backend.ffi.NULL + res = backend.lib.ENGINE_init(e) + assert res == 1 + res = backend.lib.ENGINE_set_default_RAND(e) + assert res == 1 + res = backend.lib.ENGINE_finish(e) + assert res == 1 + res = backend.lib.ENGINE_free(e) + assert res == 1 + # this resets the RNG to use the new engine + backend.lib.RAND_cleanup() + res = backend.lib.ENGINE_finish(current_rand) + assert res == 1 + + +def unregister_dummy_engine(): + e = backend.lib.ENGINE_get_default_RAND() + if e != backend.ffi.NULL: + name = backend.lib.ENGINE_get_name(e) + assert name != backend.ffi.NULL + if name == dummy_engine.Cryptography_faux_engine_name: + backend.lib.ENGINE_unregister_RAND(e) + res = backend.lib.ENGINE_finish(e) + assert res == 1 + backend.lib.RAND_cleanup() + res = backend.lib.ENGINE_free(e) + assert res == 1 + + @utils.register_interface(interfaces.Mode) class DummyMode(object): name = "dummy-mode" @@ -109,11 +219,20 @@ class TestOpenSSL(object): class TestOpenSSLRandomEngine(object): - def setup_method(self, method): + @classmethod + def setup_class(cls): + # add the faux engine to the list of available engines + res = dummy_engine.Cryptography_add_faux_engine() + assert res == 1 + + def teardown_method(self, method): # we need to reset state to being default. backend is a shared global # for all these tests. + unregister_dummy_engine() backend.register_urandom_engine() - pass + current_default = backend.lib.ENGINE_get_default_RAND() + name = backend.lib.ENGINE_get_name(current_default) + assert name == backend.lib.Cryptography_urandom_engine_name def test_register_urandom_already_default(self): e = backend.lib.ENGINE_get_default_RAND() @@ -128,7 +247,7 @@ class TestOpenSSLRandomEngine(object): res = backend.lib.ENGINE_free(e) assert res == 1 - def test_unregister_urandom_engine_already_unregistered(self): + def test_unregister_urandom_engine_nothing_registered(self): backend.unregister_urandom_engine() e = backend.lib.ENGINE_get_default_RAND() assert e == backend.ffi.NULL @@ -141,11 +260,13 @@ class TestOpenSSLRandomEngine(object): assert e != backend.ffi.NULL name = backend.lib.ENGINE_get_name(e) assert name == backend.lib.Cryptography_urandom_engine_name + res = backend.lib.ENGINE_free(e) + assert res == 1 backend.unregister_urandom_engine() e = backend.lib.ENGINE_get_default_RAND() assert e == backend.ffi.NULL - def test_register_urandom_not_default(self): + def test_register_urandom_no_default(self): backend.unregister_urandom_engine() e = backend.lib.ENGINE_get_default_RAND() assert e == backend.ffi.NULL @@ -155,3 +276,31 @@ class TestOpenSSLRandomEngine(object): assert name == backend.lib.Cryptography_urandom_engine_name res = backend.lib.ENGINE_free(e) assert res == 1 + + def test_unregister_urandom_other_engine_default(self): + register_dummy_engine() + default = backend.lib.ENGINE_get_default_RAND() + default_name = backend.lib.ENGINE_get_name(default) + assert default_name == dummy_engine.Cryptography_faux_engine_name + res = backend.lib.ENGINE_finish(default) + assert res == 1 + backend.unregister_urandom_engine() + current_default = backend.lib.ENGINE_get_default_RAND() + name = backend.lib.ENGINE_get_name(current_default) + assert name == dummy_engine.Cryptography_faux_engine_name + res = backend.lib.ENGINE_finish(current_default) + assert res == 1 + + def test_register_urandom_other_engine_default(self): + register_dummy_engine() + default = backend.lib.ENGINE_get_default_RAND() + default_name = backend.lib.ENGINE_get_name(default) + assert default_name == dummy_engine.Cryptography_faux_engine_name + res = backend.lib.ENGINE_finish(default) + assert res == 1 + backend.register_urandom_engine() + current_default = backend.lib.ENGINE_get_default_RAND() + name = backend.lib.ENGINE_get_name(current_default) + assert name == backend.lib.Cryptography_urandom_engine_name + res = backend.lib.ENGINE_finish(current_default) + assert res == 1 -- cgit v1.2.3 From 53473d3447fd6ad5d70810da3e638e6e7a59afbb Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Tue, 31 Dec 2013 12:00:37 -0600 Subject: improve init/finish engine funcs, do a better job inc/dec struct/func refs --- tests/hazmat/backends/test_openssl.py | 24 +++--------------------- 1 file changed, 3 insertions(+), 21 deletions(-) (limited to 'tests') diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index 4be5cd03..82832b10 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -31,7 +31,6 @@ ffi.cdef(""" static const char *const Cryptography_faux_engine_name; static const char *const Cryptography_faux_engine_id; int Cryptography_add_faux_engine(void); -int Cryptography_remove_faux_engine(void); """) dummy_engine = ffi.verify( source=""" @@ -77,21 +76,6 @@ dummy_engine = ffi.verify( return 1; } - - int Cryptography_remove_faux_engine(void) { - ENGINE *e = ENGINE_by_id(Cryptography_faux_engine_id); - if (e == NULL) { - return 0; - } - if (!ENGINE_remove(e)) { - ENGINE_free(e); - return 0; - } - if (!ENGINE_free(e)) { - return 0; - } - return 1; - } """, libraries=["crypto", "ssl"], ) @@ -103,6 +87,8 @@ def register_dummy_engine(): name = backend.lib.ENGINE_get_name(current_rand) assert name != backend.ffi.NULL assert name != dummy_engine.Cryptography_faux_engine_id + res = backend.lib.ENGINE_finish(current_rand) + assert res == 1 e = backend.lib.ENGINE_by_id(dummy_engine.Cryptography_faux_engine_id) assert e != backend.ffi.NULL res = backend.lib.ENGINE_init(e) @@ -115,8 +101,6 @@ def register_dummy_engine(): assert res == 1 # this resets the RNG to use the new engine backend.lib.RAND_cleanup() - res = backend.lib.ENGINE_finish(current_rand) - assert res == 1 def unregister_dummy_engine(): @@ -126,10 +110,8 @@ def unregister_dummy_engine(): assert name != backend.ffi.NULL if name == dummy_engine.Cryptography_faux_engine_name: backend.lib.ENGINE_unregister_RAND(e) - res = backend.lib.ENGINE_finish(e) - assert res == 1 backend.lib.RAND_cleanup() - res = backend.lib.ENGINE_free(e) + res = backend.lib.ENGINE_finish(e) assert res == 1 -- cgit v1.2.3 From 77389ac83db5a04e173fce52170dd8d2003e5560 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Tue, 31 Dec 2013 13:32:50 -0600 Subject: rename urandom engine to osrandom engine --- tests/hazmat/backends/test_openssl.py | 46 +++++++++++++++++------------------ 1 file changed, 23 insertions(+), 23 deletions(-) (limited to 'tests') diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index 82832b10..3fabfe38 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -192,10 +192,10 @@ class TestOpenSSL(object): # This test is not in the next class because to check if it's really # default we don't want to run the setup_method before it - def test_urandom_engine_is_default(self): + def test_osrandom_engine_is_default(self): e = backend.lib.ENGINE_get_default_RAND() name = backend.lib.ENGINE_get_name(e) - assert name == backend.lib.Cryptography_urandom_engine_name + assert name == backend.lib.Cryptography_osrandom_engine_name res = backend.lib.ENGINE_free(e) assert res == 1 @@ -211,78 +211,78 @@ class TestOpenSSLRandomEngine(object): # we need to reset state to being default. backend is a shared global # for all these tests. unregister_dummy_engine() - backend.register_urandom_engine() + backend.register_osrandom_engine() current_default = backend.lib.ENGINE_get_default_RAND() name = backend.lib.ENGINE_get_name(current_default) - assert name == backend.lib.Cryptography_urandom_engine_name + assert name == backend.lib.Cryptography_osrandom_engine_name - def test_register_urandom_already_default(self): + def test_register_osrandom_already_default(self): e = backend.lib.ENGINE_get_default_RAND() name = backend.lib.ENGINE_get_name(e) - assert name == backend.lib.Cryptography_urandom_engine_name + assert name == backend.lib.Cryptography_osrandom_engine_name res = backend.lib.ENGINE_free(e) assert res == 1 - backend.register_urandom_engine() + backend.register_osrandom_engine() e = backend.lib.ENGINE_get_default_RAND() name = backend.lib.ENGINE_get_name(e) - assert name == backend.lib.Cryptography_urandom_engine_name + assert name == backend.lib.Cryptography_osrandom_engine_name res = backend.lib.ENGINE_free(e) assert res == 1 - def test_unregister_urandom_engine_nothing_registered(self): - backend.unregister_urandom_engine() + def test_unregister_osrandom_engine_nothing_registered(self): + backend.unregister_osrandom_engine() e = backend.lib.ENGINE_get_default_RAND() assert e == backend.ffi.NULL - backend.unregister_urandom_engine() + backend.unregister_osrandom_engine() e = backend.lib.ENGINE_get_default_RAND() assert e == backend.ffi.NULL - def test_unregister_urandom_engine(self): + def test_unregister_osrandom_engine(self): e = backend.lib.ENGINE_get_default_RAND() assert e != backend.ffi.NULL name = backend.lib.ENGINE_get_name(e) - assert name == backend.lib.Cryptography_urandom_engine_name + assert name == backend.lib.Cryptography_osrandom_engine_name res = backend.lib.ENGINE_free(e) assert res == 1 - backend.unregister_urandom_engine() + backend.unregister_osrandom_engine() e = backend.lib.ENGINE_get_default_RAND() assert e == backend.ffi.NULL - def test_register_urandom_no_default(self): - backend.unregister_urandom_engine() + def test_register_osrandom_no_default(self): + backend.unregister_osrandom_engine() e = backend.lib.ENGINE_get_default_RAND() assert e == backend.ffi.NULL - backend.register_urandom_engine() + backend.register_osrandom_engine() e = backend.lib.ENGINE_get_default_RAND() name = backend.lib.ENGINE_get_name(e) - assert name == backend.lib.Cryptography_urandom_engine_name + assert name == backend.lib.Cryptography_osrandom_engine_name res = backend.lib.ENGINE_free(e) assert res == 1 - def test_unregister_urandom_other_engine_default(self): + def test_unregister_osrandom_other_engine_default(self): register_dummy_engine() default = backend.lib.ENGINE_get_default_RAND() default_name = backend.lib.ENGINE_get_name(default) assert default_name == dummy_engine.Cryptography_faux_engine_name res = backend.lib.ENGINE_finish(default) assert res == 1 - backend.unregister_urandom_engine() + backend.unregister_osrandom_engine() current_default = backend.lib.ENGINE_get_default_RAND() name = backend.lib.ENGINE_get_name(current_default) assert name == dummy_engine.Cryptography_faux_engine_name res = backend.lib.ENGINE_finish(current_default) assert res == 1 - def test_register_urandom_other_engine_default(self): + def test_register_osrandom_other_engine_default(self): register_dummy_engine() default = backend.lib.ENGINE_get_default_RAND() default_name = backend.lib.ENGINE_get_name(default) assert default_name == dummy_engine.Cryptography_faux_engine_name res = backend.lib.ENGINE_finish(default) assert res == 1 - backend.register_urandom_engine() + backend.register_osrandom_engine() current_default = backend.lib.ENGINE_get_default_RAND() name = backend.lib.ENGINE_get_name(current_default) - assert name == backend.lib.Cryptography_urandom_engine_name + assert name == backend.lib.Cryptography_osrandom_engine_name res = backend.lib.ENGINE_finish(current_default) assert res == 1 -- cgit v1.2.3 From 9ad4d755bb3a2edfb8e46b60f6dfaff6365f0386 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Thu, 2 Jan 2014 15:20:50 -0600 Subject: handle lib/ffi on backend becoming private --- tests/hazmat/backends/test_openssl.py | 128 +++++++++++++++++----------------- 1 file changed, 64 insertions(+), 64 deletions(-) (limited to 'tests') diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index 6fc1e583..b7d999b8 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -82,36 +82,36 @@ dummy_engine = ffi.verify( def register_dummy_engine(): - current_rand = backend.lib.ENGINE_get_default_RAND() - assert current_rand != backend.ffi.NULL - name = backend.lib.ENGINE_get_name(current_rand) - assert name != backend.ffi.NULL + current_rand = backend._lib.ENGINE_get_default_RAND() + assert current_rand != backend._ffi.NULL + name = backend._lib.ENGINE_get_name(current_rand) + assert name != backend._ffi.NULL assert name != dummy_engine.Cryptography_faux_engine_id - res = backend.lib.ENGINE_finish(current_rand) + res = backend._lib.ENGINE_finish(current_rand) assert res == 1 - e = backend.lib.ENGINE_by_id(dummy_engine.Cryptography_faux_engine_id) - assert e != backend.ffi.NULL - res = backend.lib.ENGINE_init(e) + e = backend._lib.ENGINE_by_id(dummy_engine.Cryptography_faux_engine_id) + assert e != backend._ffi.NULL + res = backend._lib.ENGINE_init(e) assert res == 1 - res = backend.lib.ENGINE_set_default_RAND(e) + res = backend._lib.ENGINE_set_default_RAND(e) assert res == 1 - res = backend.lib.ENGINE_finish(e) + res = backend._lib.ENGINE_finish(e) assert res == 1 - res = backend.lib.ENGINE_free(e) + res = backend._lib.ENGINE_free(e) assert res == 1 # this resets the RNG to use the new engine - backend.lib.RAND_cleanup() + backend._lib.RAND_cleanup() def unregister_dummy_engine(): - e = backend.lib.ENGINE_get_default_RAND() - if e != backend.ffi.NULL: - name = backend.lib.ENGINE_get_name(e) - assert name != backend.ffi.NULL + e = backend._lib.ENGINE_get_default_RAND() + if e != backend._ffi.NULL: + name = backend._lib.ENGINE_get_name(e) + assert name != backend._ffi.NULL if name == dummy_engine.Cryptography_faux_engine_name: - backend.lib.ENGINE_unregister_RAND(e) - backend.lib.RAND_cleanup() - res = backend.lib.ENGINE_finish(e) + backend._lib.ENGINE_unregister_RAND(e) + backend._lib.RAND_cleanup() + res = backend._lib.ENGINE_finish(e) assert res == 1 @@ -188,10 +188,10 @@ class TestOpenSSL(object): # This test is not in the next class because to check if it's really # default we don't want to run the setup_method before it def test_osrandom_engine_is_default(self): - e = backend.lib.ENGINE_get_default_RAND() - name = backend.lib.ENGINE_get_name(e) - assert name == backend.lib.Cryptography_osrandom_engine_name - res = backend.lib.ENGINE_free(e) + e = backend._lib.ENGINE_get_default_RAND() + name = backend._lib.ENGINE_get_name(e) + assert name == backend._lib.Cryptography_osrandom_engine_name + res = backend._lib.ENGINE_free(e) assert res == 1 @@ -207,77 +207,77 @@ class TestOpenSSLRandomEngine(object): # for all these tests. unregister_dummy_engine() backend.register_osrandom_engine() - current_default = backend.lib.ENGINE_get_default_RAND() - name = backend.lib.ENGINE_get_name(current_default) - assert name == backend.lib.Cryptography_osrandom_engine_name + current_default = backend._lib.ENGINE_get_default_RAND() + name = backend._lib.ENGINE_get_name(current_default) + assert name == backend._lib.Cryptography_osrandom_engine_name def test_register_osrandom_already_default(self): - e = backend.lib.ENGINE_get_default_RAND() - name = backend.lib.ENGINE_get_name(e) - assert name == backend.lib.Cryptography_osrandom_engine_name - res = backend.lib.ENGINE_free(e) + e = backend._lib.ENGINE_get_default_RAND() + name = backend._lib.ENGINE_get_name(e) + assert name == backend._lib.Cryptography_osrandom_engine_name + res = backend._lib.ENGINE_free(e) assert res == 1 backend.register_osrandom_engine() - e = backend.lib.ENGINE_get_default_RAND() - name = backend.lib.ENGINE_get_name(e) - assert name == backend.lib.Cryptography_osrandom_engine_name - res = backend.lib.ENGINE_free(e) + e = backend._lib.ENGINE_get_default_RAND() + name = backend._lib.ENGINE_get_name(e) + assert name == backend._lib.Cryptography_osrandom_engine_name + res = backend._lib.ENGINE_free(e) assert res == 1 def test_unregister_osrandom_engine_nothing_registered(self): backend.unregister_osrandom_engine() - e = backend.lib.ENGINE_get_default_RAND() - assert e == backend.ffi.NULL + e = backend._lib.ENGINE_get_default_RAND() + assert e == backend._ffi.NULL backend.unregister_osrandom_engine() - e = backend.lib.ENGINE_get_default_RAND() - assert e == backend.ffi.NULL + e = backend._lib.ENGINE_get_default_RAND() + assert e == backend._ffi.NULL def test_unregister_osrandom_engine(self): - e = backend.lib.ENGINE_get_default_RAND() - assert e != backend.ffi.NULL - name = backend.lib.ENGINE_get_name(e) - assert name == backend.lib.Cryptography_osrandom_engine_name - res = backend.lib.ENGINE_free(e) + e = backend._lib.ENGINE_get_default_RAND() + assert e != backend._ffi.NULL + name = backend._lib.ENGINE_get_name(e) + assert name == backend._lib.Cryptography_osrandom_engine_name + res = backend._lib.ENGINE_free(e) assert res == 1 backend.unregister_osrandom_engine() - e = backend.lib.ENGINE_get_default_RAND() - assert e == backend.ffi.NULL + e = backend._lib.ENGINE_get_default_RAND() + assert e == backend._ffi.NULL def test_register_osrandom_no_default(self): backend.unregister_osrandom_engine() - e = backend.lib.ENGINE_get_default_RAND() - assert e == backend.ffi.NULL + e = backend._lib.ENGINE_get_default_RAND() + assert e == backend._ffi.NULL backend.register_osrandom_engine() - e = backend.lib.ENGINE_get_default_RAND() - name = backend.lib.ENGINE_get_name(e) - assert name == backend.lib.Cryptography_osrandom_engine_name - res = backend.lib.ENGINE_free(e) + e = backend._lib.ENGINE_get_default_RAND() + name = backend._lib.ENGINE_get_name(e) + assert name == backend._lib.Cryptography_osrandom_engine_name + res = backend._lib.ENGINE_free(e) assert res == 1 def test_unregister_osrandom_other_engine_default(self): register_dummy_engine() - default = backend.lib.ENGINE_get_default_RAND() - default_name = backend.lib.ENGINE_get_name(default) + default = backend._lib.ENGINE_get_default_RAND() + default_name = backend._lib.ENGINE_get_name(default) assert default_name == dummy_engine.Cryptography_faux_engine_name - res = backend.lib.ENGINE_finish(default) + res = backend._lib.ENGINE_finish(default) assert res == 1 backend.unregister_osrandom_engine() - current_default = backend.lib.ENGINE_get_default_RAND() - name = backend.lib.ENGINE_get_name(current_default) + current_default = backend._lib.ENGINE_get_default_RAND() + name = backend._lib.ENGINE_get_name(current_default) assert name == dummy_engine.Cryptography_faux_engine_name - res = backend.lib.ENGINE_finish(current_default) + res = backend._lib.ENGINE_finish(current_default) assert res == 1 def test_register_osrandom_other_engine_default(self): register_dummy_engine() - default = backend.lib.ENGINE_get_default_RAND() - default_name = backend.lib.ENGINE_get_name(default) + default = backend._lib.ENGINE_get_default_RAND() + default_name = backend._lib.ENGINE_get_name(default) assert default_name == dummy_engine.Cryptography_faux_engine_name - res = backend.lib.ENGINE_finish(default) + res = backend._lib.ENGINE_finish(default) assert res == 1 backend.register_osrandom_engine() - current_default = backend.lib.ENGINE_get_default_RAND() - name = backend.lib.ENGINE_get_name(current_default) - assert name == backend.lib.Cryptography_osrandom_engine_name - res = backend.lib.ENGINE_finish(current_default) + current_default = backend._lib.ENGINE_get_default_RAND() + name = backend._lib.ENGINE_get_name(current_default) + assert name == backend._lib.Cryptography_osrandom_engine_name + res = backend._lib.ENGINE_finish(current_default) assert res == 1 -- cgit v1.2.3 From a85baf166b9d9aec6e662a0657d2d21bcfd3df28 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Wed, 29 Jan 2014 22:15:51 -0600 Subject: add windows support to random engine tests --- tests/hazmat/backends/test_openssl.py | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index e527ed19..ea716204 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -11,6 +11,8 @@ # See the License for the specific language governing permissions and # limitations under the License. +import sys + import cffi import pytest @@ -25,6 +27,11 @@ from cryptography.hazmat.primitives.ciphers.algorithms import AES from cryptography.hazmat.primitives.ciphers.modes import CBC +if sys.platform != "win32": + libraries = ["crypto", "ssl"] +else: # pragma: no cover + libraries = ["libeay32", "ssleay32", "advapi32"] + ffi = cffi.FFI() ffi.cdef(""" @@ -77,7 +84,7 @@ dummy_engine = ffi.verify( return 1; } """, - libraries=["crypto", "ssl"], + libraries=libraries ) -- cgit v1.2.3 From d52b89b4e881639bc68d9c30983e08a1b8085be8 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Fri, 31 Jan 2014 10:57:17 -0600 Subject: change register/unregister to activate/deactivate --- tests/hazmat/backends/test_openssl.py | 40 +++++++++++++++++------------------ 1 file changed, 20 insertions(+), 20 deletions(-) (limited to 'tests') diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index ea716204..daae2065 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -88,7 +88,7 @@ dummy_engine = ffi.verify( ) -def register_dummy_engine(): +def activate_dummy_engine(): current_rand = backend._lib.ENGINE_get_default_RAND() assert current_rand != backend._ffi.NULL name = backend._lib.ENGINE_get_name(current_rand) @@ -110,7 +110,7 @@ def register_dummy_engine(): backend._lib.RAND_cleanup() -def unregister_dummy_engine(): +def deactivate_dummy_engine(): e = backend._lib.ENGINE_get_default_RAND() if e != backend._ffi.NULL: name = backend._lib.ENGINE_get_name(e) @@ -233,77 +233,77 @@ class TestOpenSSLRandomEngine(object): def teardown_method(self, method): # we need to reset state to being default. backend is a shared global # for all these tests. - unregister_dummy_engine() - backend.register_osrandom_engine() + deactivate_dummy_engine() + backend.activate_osrandom_engine() current_default = backend._lib.ENGINE_get_default_RAND() name = backend._lib.ENGINE_get_name(current_default) assert name == backend._lib.Cryptography_osrandom_engine_name - def test_register_osrandom_already_default(self): + def test_activate_osrandom_already_default(self): e = backend._lib.ENGINE_get_default_RAND() name = backend._lib.ENGINE_get_name(e) assert name == backend._lib.Cryptography_osrandom_engine_name res = backend._lib.ENGINE_free(e) assert res == 1 - backend.register_osrandom_engine() + backend.activate_osrandom_engine() e = backend._lib.ENGINE_get_default_RAND() name = backend._lib.ENGINE_get_name(e) assert name == backend._lib.Cryptography_osrandom_engine_name res = backend._lib.ENGINE_free(e) assert res == 1 - def test_unregister_osrandom_engine_nothing_registered(self): - backend.unregister_osrandom_engine() + def test_deactivate_osrandom_engine_nothing_registered(self): + backend.deactivate_osrandom_engine() e = backend._lib.ENGINE_get_default_RAND() assert e == backend._ffi.NULL - backend.unregister_osrandom_engine() + backend.deactivate_osrandom_engine() e = backend._lib.ENGINE_get_default_RAND() assert e == backend._ffi.NULL - def test_unregister_osrandom_engine(self): + def test_deactivate_osrandom_engine(self): e = backend._lib.ENGINE_get_default_RAND() assert e != backend._ffi.NULL name = backend._lib.ENGINE_get_name(e) assert name == backend._lib.Cryptography_osrandom_engine_name res = backend._lib.ENGINE_free(e) assert res == 1 - backend.unregister_osrandom_engine() + backend.deactivate_osrandom_engine() e = backend._lib.ENGINE_get_default_RAND() assert e == backend._ffi.NULL - def test_register_osrandom_no_default(self): - backend.unregister_osrandom_engine() + def test_activate_osrandom_no_default(self): + backend.deactivate_osrandom_engine() e = backend._lib.ENGINE_get_default_RAND() assert e == backend._ffi.NULL - backend.register_osrandom_engine() + backend.activate_osrandom_engine() e = backend._lib.ENGINE_get_default_RAND() name = backend._lib.ENGINE_get_name(e) assert name == backend._lib.Cryptography_osrandom_engine_name res = backend._lib.ENGINE_free(e) assert res == 1 - def test_unregister_osrandom_other_engine_default(self): - register_dummy_engine() + def test_deactivate_osrandom_other_engine_default(self): + activate_dummy_engine() default = backend._lib.ENGINE_get_default_RAND() default_name = backend._lib.ENGINE_get_name(default) assert default_name == dummy_engine.Cryptography_faux_engine_name res = backend._lib.ENGINE_finish(default) assert res == 1 - backend.unregister_osrandom_engine() + backend.deactivate_osrandom_engine() current_default = backend._lib.ENGINE_get_default_RAND() name = backend._lib.ENGINE_get_name(current_default) assert name == dummy_engine.Cryptography_faux_engine_name res = backend._lib.ENGINE_finish(current_default) assert res == 1 - def test_register_osrandom_other_engine_default(self): - register_dummy_engine() + def test_activate_osrandom_other_engine_default(self): + activate_dummy_engine() default = backend._lib.ENGINE_get_default_RAND() default_name = backend._lib.ENGINE_get_name(default) assert default_name == dummy_engine.Cryptography_faux_engine_name res = backend._lib.ENGINE_finish(default) assert res == 1 - backend.register_osrandom_engine() + backend.activate_osrandom_engine() current_default = backend._lib.ENGINE_get_default_RAND() name = backend._lib.ENGINE_get_name(current_default) assert name == backend._lib.Cryptography_osrandom_engine_name -- cgit v1.2.3 From e035ba978bf81c9dc17c33d7a8c6d61082ac4292 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sun, 2 Feb 2014 12:46:47 -0600 Subject: add catastrophic failure check to tests --- tests/hazmat/backends/test_openssl.py | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'tests') diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index daae2065..cef28af0 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -239,6 +239,13 @@ class TestOpenSSLRandomEngine(object): name = backend._lib.ENGINE_get_name(current_default) assert name == backend._lib.Cryptography_osrandom_engine_name + def test_osrandom_sanity_check(self): + # This test serves as a check against catastrophic failure. + buf = backend._ffi.new("char[]", 500) + res = backend._lib.RAND_bytes(buf, 500) + assert res == 1 + assert backend._ffi.buffer(buf)[:] != "\x00" * 500 + def test_activate_osrandom_already_default(self): e = backend._lib.ENGINE_get_default_RAND() name = backend._lib.ENGINE_get_name(e) -- cgit v1.2.3 From 1389acbfa1fb90cdabe93810c30b481e9d3e4042 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Tue, 4 Feb 2014 16:04:39 -0600 Subject: assert the right thing --- tests/hazmat/backends/test_openssl.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index 046ff3e1..ef7560f7 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -92,7 +92,7 @@ def activate_dummy_engine(): assert current_rand != backend._ffi.NULL name = backend._lib.ENGINE_get_name(current_rand) assert name != backend._ffi.NULL - assert name != dummy_engine.Cryptography_faux_engine_id + assert name != dummy_engine.Cryptography_faux_engine_name res = backend._lib.ENGINE_finish(current_rand) assert res == 1 e = backend._lib.ENGINE_by_id(dummy_engine.Cryptography_faux_engine_id) -- cgit v1.2.3 From d258222091c9ac2d5a701debca356e3d9a3f8559 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Wed, 5 Feb 2014 16:21:19 -0600 Subject: remove deactivate and replace with activate_builtin_random --- tests/hazmat/backends/test_openssl.py | 160 +++------------------------------- 1 file changed, 13 insertions(+), 147 deletions(-) (limited to 'tests') diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index 1fd513d5..b24808df 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -11,10 +11,6 @@ # See the License for the specific language governing permissions and # limitations under the License. -import sys - -import cffi - import pytest from cryptography import utils @@ -26,101 +22,6 @@ from cryptography.hazmat.primitives.ciphers.algorithms import AES from cryptography.hazmat.primitives.ciphers.modes import CBC -if sys.platform != "win32": - libraries = ["crypto", "ssl"] -else: # pragma: no cover - libraries = ["libeay32", "ssleay32", "advapi32"] - -ffi = cffi.FFI() - -ffi.cdef(""" -static const char *const Cryptography_faux_engine_name; -static const char *const Cryptography_faux_engine_id; -int Cryptography_add_faux_engine(void); -""") -dummy_engine = ffi.verify( - source=""" - #include - #include - static const char *const Cryptography_faux_engine_name="faux_engine"; - static const char *const Cryptography_faux_engine_id="faux"; - static int faux_bytes(unsigned char *buffer, int size) { - memset(buffer, 1, size); - return 1; - } - static int faux_status(void) { return 1; } - static int faux_init(ENGINE *e) { return 1; } - static int faux_finish(ENGINE *e) { return 1; } - static RAND_METHOD faux_rand = { - NULL, - faux_bytes, - NULL, - NULL, - faux_bytes, - faux_status, - }; - - int Cryptography_add_faux_engine(void) { - ENGINE *e = ENGINE_new(); - if (e == NULL) { - return 0; - } - if(!ENGINE_set_id(e, Cryptography_faux_engine_id) || - !ENGINE_set_name(e, Cryptography_faux_engine_name) || - !ENGINE_set_RAND(e, &faux_rand) || - !ENGINE_set_init_function(e, faux_init) || - !ENGINE_set_finish_function(e, faux_finish)) { - return 0; - } - if (!ENGINE_add(e)) { - ENGINE_free(e); - return 0; - } - if (!ENGINE_free(e)) { - return 0; - } - - return 1; - } - """, - libraries=libraries -) - - -def activate_dummy_engine(): - current_rand = backend._lib.ENGINE_get_default_RAND() - assert current_rand != backend._ffi.NULL - name = backend._lib.ENGINE_get_name(current_rand) - assert name != backend._ffi.NULL - assert name != dummy_engine.Cryptography_faux_engine_name - res = backend._lib.ENGINE_finish(current_rand) - assert res == 1 - e = backend._lib.ENGINE_by_id(dummy_engine.Cryptography_faux_engine_id) - assert e != backend._ffi.NULL - res = backend._lib.ENGINE_init(e) - assert res == 1 - res = backend._lib.ENGINE_set_default_RAND(e) - assert res == 1 - res = backend._lib.ENGINE_finish(e) - assert res == 1 - res = backend._lib.ENGINE_free(e) - assert res == 1 - # this resets the RNG to use the new engine - backend._lib.RAND_cleanup() - - -def deactivate_dummy_engine(): - e = backend._lib.ENGINE_get_default_RAND() - if e != backend._ffi.NULL: - name = backend._lib.ENGINE_get_name(e) - assert name != backend._ffi.NULL - if name == dummy_engine.Cryptography_faux_engine_name: - backend._lib.ENGINE_unregister_RAND(e) - backend._lib.RAND_cleanup() - res = backend._lib.ENGINE_finish(e) - assert res == 1 - - @utils.register_interface(interfaces.Mode) class DummyMode(object): name = "dummy-mode" @@ -263,16 +164,9 @@ class TestOpenSSL(object): class TestOpenSSLRandomEngine(object): - @classmethod - def setup_class(cls): - # add the faux engine to the list of available engines - res = dummy_engine.Cryptography_add_faux_engine() - assert res == 1 - def teardown_method(self, method): # we need to reset state to being default. backend is a shared global # for all these tests. - deactivate_dummy_engine() backend.activate_osrandom_engine() current_default = backend._lib.ENGINE_get_default_RAND() name = backend._lib.ENGINE_get_name(current_default) @@ -298,60 +192,32 @@ class TestOpenSSLRandomEngine(object): res = backend._lib.ENGINE_free(e) assert res == 1 - def test_deactivate_osrandom_engine_nothing_registered(self): - backend.deactivate_osrandom_engine() + def test_activate_osrandom_no_default(self): + backend.activate_builtin_random() e = backend._lib.ENGINE_get_default_RAND() assert e == backend._ffi.NULL - backend.deactivate_osrandom_engine() + backend.activate_osrandom_engine() e = backend._lib.ENGINE_get_default_RAND() - assert e == backend._ffi.NULL + name = backend._lib.ENGINE_get_name(e) + assert name == backend._lib.Cryptography_osrandom_engine_name + res = backend._lib.ENGINE_free(e) + assert res == 1 - def test_deactivate_osrandom_engine(self): + def test_activate_builtin_random(self): e = backend._lib.ENGINE_get_default_RAND() assert e != backend._ffi.NULL name = backend._lib.ENGINE_get_name(e) assert name == backend._lib.Cryptography_osrandom_engine_name res = backend._lib.ENGINE_free(e) assert res == 1 - backend.deactivate_osrandom_engine() + backend.activate_builtin_random() e = backend._lib.ENGINE_get_default_RAND() assert e == backend._ffi.NULL - def test_activate_osrandom_no_default(self): - backend.deactivate_osrandom_engine() + def test_activate_builtin_random_already_active(self): + backend.activate_builtin_random() e = backend._lib.ENGINE_get_default_RAND() assert e == backend._ffi.NULL - backend.activate_osrandom_engine() + backend.activate_builtin_random() e = backend._lib.ENGINE_get_default_RAND() - name = backend._lib.ENGINE_get_name(e) - assert name == backend._lib.Cryptography_osrandom_engine_name - res = backend._lib.ENGINE_free(e) - assert res == 1 - - def test_deactivate_osrandom_other_engine_default(self): - activate_dummy_engine() - default = backend._lib.ENGINE_get_default_RAND() - default_name = backend._lib.ENGINE_get_name(default) - assert default_name == dummy_engine.Cryptography_faux_engine_name - res = backend._lib.ENGINE_finish(default) - assert res == 1 - backend.deactivate_osrandom_engine() - current_default = backend._lib.ENGINE_get_default_RAND() - name = backend._lib.ENGINE_get_name(current_default) - assert name == dummy_engine.Cryptography_faux_engine_name - res = backend._lib.ENGINE_finish(current_default) - assert res == 1 - - def test_activate_osrandom_other_engine_default(self): - activate_dummy_engine() - default = backend._lib.ENGINE_get_default_RAND() - default_name = backend._lib.ENGINE_get_name(default) - assert default_name == dummy_engine.Cryptography_faux_engine_name - res = backend._lib.ENGINE_finish(default) - assert res == 1 - backend.activate_osrandom_engine() - current_default = backend._lib.ENGINE_get_default_RAND() - name = backend._lib.ENGINE_get_name(current_default) - assert name == backend._lib.Cryptography_osrandom_engine_name - res = backend._lib.ENGINE_finish(current_default) - assert res == 1 + assert e == backend._ffi.NULL -- cgit v1.2.3