From 2e090545df618ef10ae22c850721d3683f2e381b Mon Sep 17 00:00:00 2001 From: Filippo Valsorda Date: Sun, 19 Jun 2022 17:28:39 +0200 Subject: [PATCH] age: reject leading zeroes and sign in scrypt work factor --- internal/testkit/testkit.go | 9 ++++++ scrypt.go | 10 +++++-- testdata/testkit/scrypt_bad_tag | Bin 0 -> 358 bytes testdata/testkit/scrypt_extra_argument | Bin 0 -> 335 bytes testdata/testkit/scrypt_not_canonical_body | Bin 0 -> 332 bytes testdata/testkit/scrypt_not_canonical_salt | Bin 0 -> 273 bytes testdata/testkit/scrypt_salt_long | Bin 0 -> 278 bytes testdata/testkit/scrypt_salt_missing | Bin 0 -> 250 bytes testdata/testkit/scrypt_salt_short | Bin 0 -> 267 bytes testdata/testkit/scrypt_uppercase | Bin 0 -> 267 bytes testdata/testkit/scrypt_work_factor_hex | Bin 0 -> 274 bytes .../scrypt_work_factor_leading_garbage | Bin 0 -> 277 bytes .../testkit/scrypt_work_factor_leading_plus | Bin 0 -> 274 bytes .../scrypt_work_factor_leading_zero_decimal | Bin 0 -> 274 bytes .../scrypt_work_factor_leading_zero_octal | Bin 0 -> 274 bytes testdata/testkit/scrypt_work_factor_missing | Bin 0 -> 270 bytes testdata/testkit/scrypt_work_factor_negative | Bin 0 -> 274 bytes testdata/testkit/scrypt_work_factor_overflow | Bin 0 -> 290 bytes .../scrypt_work_factor_trailing_garbage | Bin 0 -> 277 bytes testdata/testkit/scrypt_work_factor_wrong | Bin 0 -> 267 bytes testdata/testkit/scrypt_work_factor_zero | Bin 0 -> 272 bytes tests/scrypt_bad_tag.go | 27 ++++++++++++++++++ tests/scrypt_extra_argument.go | 23 +++++++++++++++ tests/scrypt_not_canonical_body.go | 22 ++++++++++++++ tests/scrypt_not_canonical_salt.go | 22 ++++++++++++++ tests/scrypt_salt_long.go | 20 +++++++++++++ tests/scrypt_salt_missing.go | 23 +++++++++++++++ tests/scrypt_salt_short.go | 20 +++++++++++++ tests/scrypt_uppercase.go | 22 ++++++++++++++ tests/scrypt_work_factor_hex.go | 22 ++++++++++++++ tests/scrypt_work_factor_leading_garbage.go | 22 ++++++++++++++ tests/scrypt_work_factor_leading_plus.go | 22 ++++++++++++++ ...scrypt_work_factor_leading_zero_decimal.go | 22 ++++++++++++++ .../scrypt_work_factor_leading_zero_octal.go | 22 ++++++++++++++ tests/scrypt_work_factor_missing.go | 22 ++++++++++++++ tests/scrypt_work_factor_negative.go | 22 ++++++++++++++ tests/scrypt_work_factor_overflow.go | 27 ++++++++++++++++++ tests/scrypt_work_factor_trailing_garbage.go | 22 ++++++++++++++ tests/scrypt_work_factor_wrong.go | 22 ++++++++++++++ tests/scrypt_work_factor_zero.go | 22 ++++++++++++++ tests/x25519_lowercase.go | 10 ++----- tests/x25519_not_canonical_body.go | 3 +- 42 files changed, 447 insertions(+), 11 deletions(-) create mode 100644 testdata/testkit/scrypt_bad_tag create mode 100644 testdata/testkit/scrypt_extra_argument create mode 100644 testdata/testkit/scrypt_not_canonical_body create mode 100644 testdata/testkit/scrypt_not_canonical_salt create mode 100644 testdata/testkit/scrypt_salt_long create mode 100644 testdata/testkit/scrypt_salt_missing create mode 100644 testdata/testkit/scrypt_salt_short create mode 100644 testdata/testkit/scrypt_uppercase create mode 100644 testdata/testkit/scrypt_work_factor_hex create mode 100644 testdata/testkit/scrypt_work_factor_leading_garbage create mode 100644 testdata/testkit/scrypt_work_factor_leading_plus create mode 100644 testdata/testkit/scrypt_work_factor_leading_zero_decimal create mode 100644 testdata/testkit/scrypt_work_factor_leading_zero_octal create mode 100644 testdata/testkit/scrypt_work_factor_missing create mode 100644 testdata/testkit/scrypt_work_factor_negative create mode 100644 testdata/testkit/scrypt_work_factor_overflow create mode 100644 testdata/testkit/scrypt_work_factor_trailing_garbage create mode 100644 testdata/testkit/scrypt_work_factor_wrong create mode 100644 testdata/testkit/scrypt_work_factor_zero create mode 100644 tests/scrypt_bad_tag.go create mode 100644 tests/scrypt_extra_argument.go create mode 100644 tests/scrypt_not_canonical_body.go create mode 100644 tests/scrypt_not_canonical_salt.go create mode 100644 tests/scrypt_salt_long.go create mode 100644 tests/scrypt_salt_missing.go create mode 100644 tests/scrypt_salt_short.go create mode 100644 tests/scrypt_uppercase.go create mode 100644 tests/scrypt_work_factor_hex.go create mode 100644 tests/scrypt_work_factor_leading_garbage.go create mode 100644 tests/scrypt_work_factor_leading_plus.go create mode 100644 tests/scrypt_work_factor_leading_zero_decimal.go create mode 100644 tests/scrypt_work_factor_leading_zero_octal.go create mode 100644 tests/scrypt_work_factor_missing.go create mode 100644 tests/scrypt_work_factor_negative.go create mode 100644 tests/scrypt_work_factor_overflow.go create mode 100644 tests/scrypt_work_factor_trailing_garbage.go create mode 100644 tests/scrypt_work_factor_wrong.go create mode 100644 tests/scrypt_work_factor_zero.go diff --git a/internal/testkit/testkit.go b/internal/testkit/testkit.go index 603fd15..ba03d50 100644 --- a/internal/testkit/testkit.go +++ b/internal/testkit/testkit.go @@ -90,6 +90,11 @@ func (f *TestFile) ArgsLine(args ...string) { f.TextLine(strings.Join(append([]string{"->"}, args...), " ")) } +func (f *TestFile) UnreadArgsLine() []string { + line := strings.TrimPrefix(f.UnreadLine(), "-> ") + return strings.Split(line, " ") +} + var b64 = base64.RawStdEncoding.EncodeToString func (f *TestFile) Body(body []byte) { @@ -160,6 +165,10 @@ func (f *TestFile) ScryptRecordPassphrase(passphrase string) { func (f *TestFile) ScryptNoRecordPassphrase(passphrase string, workFactor int) { salt := f.Rand(16) + f.ScryptNoRecordPassphraseWithSalt(passphrase, workFactor, salt) +} + +func (f *TestFile) ScryptNoRecordPassphraseWithSalt(passphrase string, workFactor int, salt []byte) { f.ArgsLine("scrypt", b64(salt), strconv.Itoa(workFactor)) key, err := scrypt.Key([]byte(passphrase), append([]byte("age-encryption.org/v1/scrypt"), salt...), 1< i.maxWorkFactor { return nil, fmt.Errorf("scrypt work factor too large: %v", logN) } - if logN <= 0 { + if logN <= 0 { // unreachable return nil, fmt.Errorf("invalid scrypt work factor: %v", logN) } salt = append([]byte(scryptLabel), salt...) k, err := scrypt.Key(i.password, salt, 1<uZfK{|AKIzy2$UD_9Zb|0-~rs5 z_zcFxtvesV#6rxu$@y~cJ%_FmY6}g<97aUg9&r6Rg(1x~h^q)AyO4`dRT)<>Mk;cU zf>l&S6k(8%EK9tUWK@G&Uh>odHjg427mdQBQ1?hNs@&uAT&c(ylKWyE3*RQf=P?w7 z!L1dqGw$S&yF1S8G*1M~1c}!K`WalNJZ1n8MkN~Wjz#)}r>wkCfOG->18Gw(UoU6# zv0;o7)@Or+V!aO)8L)BC$fIV*oJ{+Tj$@j}m5TTcT?LKGsHMwYd3`y&YpY}y0!fnK zFs<=$+LAHhp|YU1UgP@Yj9EdwT{oh> ziBB}DlR5!HQO2aqBEcjW_&?9N@R7%-Q%K9-JOb>N-2uUndfboG5c6P-WyA#FSmKoD z*kdVAV~-^Wu@IDUD~c?SdAiRoz5@|?eH=K+O)BzmPVm7 zF^g%tYmKgLv+G+{=UgXz42y|b8=f}R3w3!in4Rg&86!neu-npHUbOV7Xv~tvcvm{z z)Z%@&H*!pSsrs>2Tn*Y*6)cG=^!@wcYva>+D^@T0-p=p#P38IMM?P(>CXfA1>oxfJ E0|%pVqW}N^ literal 0 HcmV?d00001 diff --git a/testdata/testkit/scrypt_not_canonical_body b/testdata/testkit/scrypt_not_canonical_body new file mode 100644 index 0000000000000000000000000000000000000000..65298afdcce6cf93b65003d1594c35a8e1076e79 GIT binary patch literal 332 zcmW-ZO-jQ+0EJ!8Qd|h#jBAZe(ix=z1t~S@PpYv^sohPI$xoBaq?7a~y?}QR)C=?g z?gh^vf?IbUK`@rLd3@jF(RD`MLW3bC9u?3hQL+#e_)$V(OiK;oCc?- ziaexX6*Un>7-S^Rvrv$nYVg0WxbT3>)0DF6w+Jb8DtCq;WiIz37C`Rra2^stVU$D0 z3+NKYS>%!g01{BC+KMtOBF;{^23M5H_`m#ChTCLpG9j7x6xH3tV ztAQOdUJm>7MV$5Hp}sMWT@iyCe*b>>+WXYr%I!;Wa`byRtvz4-f?xygELTSMPDR=?zV4_~22XJrV z8H|ZrcOJpSN50K3AJjScrHbdk0^m4gaeBi6g>eda0gZ}jhfw1G7ScmSqHRivLINUF zg>(oIigH#I`JA%?RQ%_4#sh>{1Olvl-sEMRtqw9CiIt3m6I}d1%)63!ww|SKzwhMH zB%0x#~;*`iEpW-p0VML}C1_2QvD7OTK6dB^k$)S|DScOP5t>PxeED);xkcduHH$6v+6 N&L+9Hw$118?FS4yTw(wK literal 0 HcmV?d00001 diff --git a/testdata/testkit/scrypt_salt_long b/testdata/testkit/scrypt_salt_long new file mode 100644 index 0000000000000000000000000000000000000000..66e37f93776172a1fb5c876b22631b8021e4f4cf GIT binary patch literal 278 zcmW;AJx_x`9Ds2Lr&~Ci+9p8m{233O;c@!l8y)bflFIB4`_>Dz(pNh-JG2K z3JxYN?k27s9Q+Etyj#!B<9)Ta^Ys?KXitmp S*RA#K=K8_Bvp=ny>+K&g_FwJ* literal 0 HcmV?d00001 diff --git a/testdata/testkit/scrypt_salt_missing b/testdata/testkit/scrypt_salt_missing new file mode 100644 index 0000000000000000000000000000000000000000..880b0e1a1ca6d70c66c1febd0cbd61c0a1d79482 GIT binary patch literal 250 zcmYeTC`e5%u~NuLO-xBGQbRtPcOeH zUBAqbOV>`J7%Zk>XuuV2kn3BLQJLZA=WW#mJ(HA s=E}7u*4~`$X+YuSWh@GA(|2;RPCfMf>+N+fc&iwDG>TZeKA)=r0H6I;u>b%7 literal 0 HcmV?d00001 diff --git a/testdata/testkit/scrypt_salt_short b/testdata/testkit/scrypt_salt_short new file mode 100644 index 0000000000000000000000000000000000000000..a95f4608584930ff0805b2ba268f2b61c258e0e2 GIT binary patch literal 267 zcmW;AJ5Iwe9Ds3FydWk97GEIE%PuqnQdJUKwMqab1+gGE{>P1)hjB{UWMg9N$R)S{ z0}~S50g0{R96aaSFE=z62gQK(+XeETUUm=Z`}gD5&ZqO%Ja6O4X4BdFdjZdGKeUI} GgZ&@;hFTy1 literal 0 HcmV?d00001 diff --git a/testdata/testkit/scrypt_uppercase b/testdata/testkit/scrypt_uppercase new file mode 100644 index 0000000000000000000000000000000000000000..88bd1e424ddf209cb05b398d03304301ce5f87c8 GIT binary patch literal 267 zcmW;AzfOZd0Dy7l8;yfWmvdI+pm%9Xq6>wB6a@>7?RFjqEf%-}O7R7J2NU%L`T*`G zK7%oFb@LHS{F86_<>PC?S*^jmfElgX9K?$yhgZDSAn9X**>5rFsfct5!77fhLR8$x z91|dDRf%~?E3UymH$@o%Koc(UoRzJp7e#(pl!<(!0O=Tx{~s((B%d~y%h0j{k@(5E z;6(SKf)I6t9rF5l_p$Y^y|kOB`e5&Sch-44`l=pwHtD^$ I?LNnEKS`!p9{>OV literal 0 HcmV?d00001 diff --git a/testdata/testkit/scrypt_work_factor_hex b/testdata/testkit/scrypt_work_factor_hex new file mode 100644 index 0000000000000000000000000000000000000000..a1feca9aa4e54755b879c89c1e2041e7f1f24e74 GIT binary patch literal 274 zcmYeTC`e5%u~NuLO-xBGQbRtPcOeH zUBAqbOV>`J7%ZkxfsSmkRF&GRFG=w9H?MWk;s)En&n!V>*nnn77^&` zo#N~3;bUZyADLQ_1^O{P~{$6=w*}`8p)-rtE&)|kye&#RvwX_dPfEDlN@$+sOO9bxhRFdr!LczK4~CKK`U-9I6y9;2liV3-kc) zO+14!aqG?_nD~=-^W=r40DocP7`y-^4!tD1k$}P^1AGOQiMhcz^M4EZJ|$e|oKY4q zjZpgrC`2s10!;kpGM52DUIYrveOZY`lFxT@8L77#QVwzP|FCQm^{kv`u5AxR z)Q<)Nc(ad*Mo{FYRyAvPoY7_9>I9BscPY!quuLs|c+w>2q&~j5KBb;JMv9`~y;$$D z?UGd^L4eV`c3XZ+t!G`=SBJFBI@Vxn@H#x246)QYtF75b17&4=Ak#23o)icn1^p0zH6x z6VG5w+`97!CjR8zJb9tcz%NxC0}FuTkj)k=4k(;00MDUOG3^pc{NF;_kwvOdN@Nlc ziOQr)fKZgNqR3*-3Q+N%tCR-_u?PfM`n<`?S-Lz(dDLD@NI1g9|HE7t+h^7F!ZD0V z7TM7_13Iv=D9I>t60Nz>N0xhKYooxjj8mDU9@L4ZOojvTT)aKG%uSg&9uforr}hf0 zxhdtIYxIsCs@J45?TL{)jJ>{Mxp`k_a~PYIVWSp({k;3wdRJeX%~QF*_q{u9Jsy4) P4?COW{$ksD4&QzNE^AxV literal 0 HcmV?d00001 diff --git a/testdata/testkit/scrypt_work_factor_missing b/testdata/testkit/scrypt_work_factor_missing new file mode 100644 index 0000000000000000000000000000000000000000..62c14e21f010214bda0625ebeb5f33dd255b10ba GIT binary patch literal 270 zcmW;AOHPA89Ds4xvotPDx*6As1v(Q7iEb)Q8(Xy4`si+eKa}#C4p6`gcn1^p0zH6x z6VG5w+`97!CO-0Qe)*v0;1&j60P{d#pM`NL0Qq4IID*E&R40_Uzxh;CW!j;XsKg@* zRf$f3P{diD^MznJ82HasCOm{#01~9GXm}B3>0u^<_F6&GG0y)V7Ja#GRZct`45mDo z1U3iSn;>Peidoj1@hG^x8SZD(3z;ico#)m*1Hc!RD-uLdj^?3A^KkRIl L_vhQ=XaDU7oUvT3 literal 0 HcmV?d00001 diff --git a/testdata/testkit/scrypt_work_factor_negative b/testdata/testkit/scrypt_work_factor_negative new file mode 100644 index 0000000000000000000000000000000000000000..eaf540005c414b593dfc01787a2beb0a9e9ad058 GIT binary patch literal 274 zcmW;AO-_SA7=U5dvotPDx*7K(1D#0=iEa?At}d0|z6SE)Dx*9VRRH%@Okpdd~GUqP#4rcg$`-vZW?3F|UOW$IIj z$yA|087kbeEF$ifpyEF_IrkBALl7YIcw1C)o*m>o6l)0yN4Wfdm>Wd2n#WmX$R6HA%ZwSHU<*NtfR=d_AM=@HP)t7ejRPFD5?=Cx!hhOEx N&L+8^Y@5%)+Ydx`Tsi;% literal 0 HcmV?d00001 diff --git a/testdata/testkit/scrypt_work_factor_overflow b/testdata/testkit/scrypt_work_factor_overflow new file mode 100644 index 0000000000000000000000000000000000000000..03aeb0306dbe370b096a837d4a65ed151f4e4841 GIT binary patch literal 290 zcmW-aO-_SA7(iXm(zr0`X55RwFe8*iliCzPL~SXibVuQX{xcnFTY3TSV4_~22XJrV z8H|ZrcOJpSYToAMZ62&R#B&q(Axc2tG#ZTW1fX;<20Vh&#H>mgjklysCkoRTql6|@ zWrS8KP=68#UKoEc~uBTFarPIy}|GTFbHGGX+)H+t>Z)&WHJ0 bZl33d2S5AW%G1er@wm4cKHThjFX{U)-iKcF literal 0 HcmV?d00001 diff --git a/testdata/testkit/scrypt_work_factor_trailing_garbage b/testdata/testkit/scrypt_work_factor_trailing_garbage new file mode 100644 index 0000000000000000000000000000000000000000..bf3bfd5f276efbefcfcfe4cf32f1f25f2bfd19c5 GIT binary patch literal 277 zcmW-VO-{l<7(iXm(zq~TGp@B#hM7Q{XaWQ*wpA-X5q4wywX_yG&Qxi=fOjxaFTerZ zn|KCe;?|ualXo)HNiX?aGzEy#A2J8O^#YmB7?Xs9pCO(hd*y9vi zE>snuCaWS~)|}_@=E^=~{-wgz*}61t`lBpe4!mI|T8@;`8v;p^U}_YTbn0|rzOeKK zadSD-3*n4QE85udxke&qHSSI_e_(?ie*L`r*m*Z!y6sbQbnv}@-FrO!svq{Y+5N@t I^f`L_0p?3ut^fc4 literal 0 HcmV?d00001 diff --git a/testdata/testkit/scrypt_work_factor_zero b/testdata/testkit/scrypt_work_factor_zero new file mode 100644 index 0000000000000000000000000000000000000000..9d8c2789748d57166bfa04e515328190ec234455 GIT binary patch literal 272 zcmYeTC`e5%u~NuLO-xBGQbRtPcOeH zUBAqbOV>`J7%ZkxfsSmkRF&GRFG=w9H?Nxl^&YqTAAzS?Hd*m=<1!~ z>+9iTWRf45T9M^y9OCJ0;BQdn9$e^Ulo%SxrK_u}kfv*{mL95Y80F$$P;Bay zXkwaMWf|bCpIemepOa)@X5p3=;TvqhC2e}_S^HgvTULiF*UT@`QT!_rB|XpfZSh=@ OHCeL)gnW0T-2ecb+gnWl literal 0 HcmV?d00001 diff --git a/tests/scrypt_bad_tag.go b/tests/scrypt_bad_tag.go new file mode 100644 index 0000000..0675075 --- /dev/null +++ b/tests/scrypt_bad_tag.go @@ -0,0 +1,27 @@ +// Copyright 2022 The age Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build ignore + +package main + +import ( + "encoding/base64" + + "filippo.io/age/internal/testkit" +) + +func main() { + f := testkit.NewTestFile() + f.VersionLine("v1") + f.Scrypt("password", 10) + body, _ := base64.RawStdEncoding.DecodeString(f.UnreadLine()) + body[len(body)-1] ^= 0xff + f.TextLine(base64.RawStdEncoding.EncodeToString(body)) + f.HMAC() + f.Payload("age") + f.ExpectNoMatch() + f.Comment("the ChaCha20Poly1305 authentication tag on the body of the scrypt stanza is wrong") + f.Generate() +} diff --git a/tests/scrypt_extra_argument.go b/tests/scrypt_extra_argument.go new file mode 100644 index 0000000..baa3d7a --- /dev/null +++ b/tests/scrypt_extra_argument.go @@ -0,0 +1,23 @@ +// Copyright 2022 The age Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build ignore + +package main + +import "filippo.io/age/internal/testkit" + +func main() { + f := testkit.NewTestFile() + f.VersionLine("v1") + f.Scrypt("password", 10) + body, args := f.UnreadLine(), f.UnreadLine() + f.TextLine(args + " 10") + f.TextLine(body) + f.HMAC() + f.Payload("age") + f.ExpectHeaderFailure() + f.Comment("the base64 encoding of the share is not canonical") + f.Generate() +} diff --git a/tests/scrypt_not_canonical_body.go b/tests/scrypt_not_canonical_body.go new file mode 100644 index 0000000..d0a0304 --- /dev/null +++ b/tests/scrypt_not_canonical_body.go @@ -0,0 +1,22 @@ +// Copyright 2022 The age Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build ignore + +package main + +import "filippo.io/age/internal/testkit" + +func main() { + f := testkit.NewTestFile() + f.VersionLine("v1") + f.Scrypt("password", 10) + body := f.UnreadLine() + f.TextLine(testkit.NotCanonicalBase64(body)) + f.HMAC() + f.Payload("age") + f.ExpectHeaderFailure() + f.Comment("the base64 encoding of the share is not canonical") + f.Generate() +} diff --git a/tests/scrypt_not_canonical_salt.go b/tests/scrypt_not_canonical_salt.go new file mode 100644 index 0000000..38f27d2 --- /dev/null +++ b/tests/scrypt_not_canonical_salt.go @@ -0,0 +1,22 @@ +// Copyright 2022 The age Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build ignore + +package main + +import "filippo.io/age/internal/testkit" + +func main() { + f := testkit.NewTestFile() + f.VersionLine("v1") + f.Scrypt("password", 10) + body, args := f.UnreadLine(), f.UnreadArgsLine() + f.ArgsLine(args[0], testkit.NotCanonicalBase64(args[1]), args[2]) + f.TextLine(body) + f.HMAC() + f.Payload("age") + f.ExpectHeaderFailure() + f.Generate() +} diff --git a/tests/scrypt_salt_long.go b/tests/scrypt_salt_long.go new file mode 100644 index 0000000..578cb8f --- /dev/null +++ b/tests/scrypt_salt_long.go @@ -0,0 +1,20 @@ +// Copyright 2022 The age Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build ignore + +package main + +import "filippo.io/age/internal/testkit" + +func main() { + f := testkit.NewTestFile() + f.VersionLine("v1") + f.ScryptRecordPassphrase("password") + f.ScryptNoRecordPassphraseWithSalt("password", 10, f.Rand(20)) + f.HMAC() + f.Payload("age") + f.ExpectHeaderFailure() + f.Generate() +} diff --git a/tests/scrypt_salt_missing.go b/tests/scrypt_salt_missing.go new file mode 100644 index 0000000..a07715d --- /dev/null +++ b/tests/scrypt_salt_missing.go @@ -0,0 +1,23 @@ +// Copyright 2022 The age Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build ignore + +package main + +import "filippo.io/age/internal/testkit" + +func main() { + f := testkit.NewTestFile() + f.VersionLine("v1") + f.ScryptRecordPassphrase("password") + f.ScryptNoRecordPassphraseWithSalt("password", 10, nil) + body, args := f.UnreadLine(), f.UnreadArgsLine() + f.ArgsLine(args[0], args[2]) + f.TextLine(body) + f.HMAC() + f.Payload("age") + f.ExpectHeaderFailure() + f.Generate() +} diff --git a/tests/scrypt_salt_short.go b/tests/scrypt_salt_short.go new file mode 100644 index 0000000..e277af8 --- /dev/null +++ b/tests/scrypt_salt_short.go @@ -0,0 +1,20 @@ +// Copyright 2022 The age Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build ignore + +package main + +import "filippo.io/age/internal/testkit" + +func main() { + f := testkit.NewTestFile() + f.VersionLine("v1") + f.ScryptRecordPassphrase("password") + f.ScryptNoRecordPassphraseWithSalt("password", 10, f.Rand(12)) + f.HMAC() + f.Payload("age") + f.ExpectHeaderFailure() + f.Generate() +} diff --git a/tests/scrypt_uppercase.go b/tests/scrypt_uppercase.go new file mode 100644 index 0000000..836a4d1 --- /dev/null +++ b/tests/scrypt_uppercase.go @@ -0,0 +1,22 @@ +// Copyright 2022 The age Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build ignore + +package main + +import "filippo.io/age/internal/testkit" + +func main() { + f := testkit.NewTestFile() + f.VersionLine("v1") + f.Scrypt("password", 10) + body, args := f.UnreadLine(), f.UnreadArgsLine() + f.ArgsLine("Scrypt", args[1], args[2]) + f.TextLine(body) + f.HMAC() + f.Payload("age") + f.ExpectNoMatch() + f.Generate() +} diff --git a/tests/scrypt_work_factor_hex.go b/tests/scrypt_work_factor_hex.go new file mode 100644 index 0000000..fc43e4b --- /dev/null +++ b/tests/scrypt_work_factor_hex.go @@ -0,0 +1,22 @@ +// Copyright 2022 The age Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build ignore + +package main + +import "filippo.io/age/internal/testkit" + +func main() { + f := testkit.NewTestFile() + f.VersionLine("v1") + f.Scrypt("password", 10) + body, args := f.UnreadLine(), f.UnreadArgsLine() + f.ArgsLine(args[0], args[1], "0xa") + f.TextLine(body) + f.HMAC() + f.Payload("age") + f.ExpectHeaderFailure() + f.Generate() +} diff --git a/tests/scrypt_work_factor_leading_garbage.go b/tests/scrypt_work_factor_leading_garbage.go new file mode 100644 index 0000000..0b1a9a2 --- /dev/null +++ b/tests/scrypt_work_factor_leading_garbage.go @@ -0,0 +1,22 @@ +// Copyright 2022 The age Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build ignore + +package main + +import "filippo.io/age/internal/testkit" + +func main() { + f := testkit.NewTestFile() + f.VersionLine("v1") + f.Scrypt("password", 10) + body, args := f.UnreadLine(), f.UnreadArgsLine() + f.ArgsLine(args[0], args[1], "aaaa10") + f.TextLine(body) + f.HMAC() + f.Payload("age") + f.ExpectHeaderFailure() + f.Generate() +} diff --git a/tests/scrypt_work_factor_leading_plus.go b/tests/scrypt_work_factor_leading_plus.go new file mode 100644 index 0000000..34dc4af --- /dev/null +++ b/tests/scrypt_work_factor_leading_plus.go @@ -0,0 +1,22 @@ +// Copyright 2022 The age Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build ignore + +package main + +import "filippo.io/age/internal/testkit" + +func main() { + f := testkit.NewTestFile() + f.VersionLine("v1") + f.Scrypt("password", 10) + body, args := f.UnreadLine(), f.UnreadArgsLine() + f.ArgsLine(args[0], args[1], "+10") + f.TextLine(body) + f.HMAC() + f.Payload("age") + f.ExpectHeaderFailure() + f.Generate() +} diff --git a/tests/scrypt_work_factor_leading_zero_decimal.go b/tests/scrypt_work_factor_leading_zero_decimal.go new file mode 100644 index 0000000..09c2dce --- /dev/null +++ b/tests/scrypt_work_factor_leading_zero_decimal.go @@ -0,0 +1,22 @@ +// Copyright 2022 The age Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build ignore + +package main + +import "filippo.io/age/internal/testkit" + +func main() { + f := testkit.NewTestFile() + f.VersionLine("v1") + f.Scrypt("password", 10) + body, args := f.UnreadLine(), f.UnreadArgsLine() + f.ArgsLine(args[0], args[1], "010") + f.TextLine(body) + f.HMAC() + f.Payload("age") + f.ExpectHeaderFailure() + f.Generate() +} diff --git a/tests/scrypt_work_factor_leading_zero_octal.go b/tests/scrypt_work_factor_leading_zero_octal.go new file mode 100644 index 0000000..24be6af --- /dev/null +++ b/tests/scrypt_work_factor_leading_zero_octal.go @@ -0,0 +1,22 @@ +// Copyright 2022 The age Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build ignore + +package main + +import "filippo.io/age/internal/testkit" + +func main() { + f := testkit.NewTestFile() + f.VersionLine("v1") + f.Scrypt("password", 10) + body, args := f.UnreadLine(), f.UnreadArgsLine() + f.ArgsLine(args[0], args[1], "012") + f.TextLine(body) + f.HMAC() + f.Payload("age") + f.ExpectHeaderFailure() + f.Generate() +} diff --git a/tests/scrypt_work_factor_missing.go b/tests/scrypt_work_factor_missing.go new file mode 100644 index 0000000..18e6d06 --- /dev/null +++ b/tests/scrypt_work_factor_missing.go @@ -0,0 +1,22 @@ +// Copyright 2022 The age Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build ignore + +package main + +import "filippo.io/age/internal/testkit" + +func main() { + f := testkit.NewTestFile() + f.VersionLine("v1") + f.Scrypt("password", 18) // cmd/age default + body, args := f.UnreadLine(), f.UnreadArgsLine() + f.ArgsLine(args[0], args[1]) + f.TextLine(body) + f.HMAC() + f.Payload("age") + f.ExpectHeaderFailure() + f.Generate() +} diff --git a/tests/scrypt_work_factor_negative.go b/tests/scrypt_work_factor_negative.go new file mode 100644 index 0000000..ed264b0 --- /dev/null +++ b/tests/scrypt_work_factor_negative.go @@ -0,0 +1,22 @@ +// Copyright 2022 The age Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build ignore + +package main + +import "filippo.io/age/internal/testkit" + +func main() { + f := testkit.NewTestFile() + f.VersionLine("v1") + f.Scrypt("password", 10) + body, args := f.UnreadLine(), f.UnreadArgsLine() + f.ArgsLine(args[0], args[1], "-10") + f.TextLine(body) + f.HMAC() + f.Payload("age") + f.ExpectHeaderFailure() + f.Generate() +} diff --git a/tests/scrypt_work_factor_overflow.go b/tests/scrypt_work_factor_overflow.go new file mode 100644 index 0000000..3520057 --- /dev/null +++ b/tests/scrypt_work_factor_overflow.go @@ -0,0 +1,27 @@ +// Copyright 2022 The age Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build ignore + +package main + +import ( + "math" + "strconv" + + "filippo.io/age/internal/testkit" +) + +func main() { + f := testkit.NewTestFile() + f.VersionLine("v1") + f.Scrypt("password", 10) + body, args := f.UnreadLine(), f.UnreadArgsLine() + f.ArgsLine(args[0], args[1], strconv.FormatUint(math.MaxInt64+1+10, 10)) + f.TextLine(body) + f.HMAC() + f.Payload("age") + f.ExpectHeaderFailure() + f.Generate() +} diff --git a/tests/scrypt_work_factor_trailing_garbage.go b/tests/scrypt_work_factor_trailing_garbage.go new file mode 100644 index 0000000..0b1a9a2 --- /dev/null +++ b/tests/scrypt_work_factor_trailing_garbage.go @@ -0,0 +1,22 @@ +// Copyright 2022 The age Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build ignore + +package main + +import "filippo.io/age/internal/testkit" + +func main() { + f := testkit.NewTestFile() + f.VersionLine("v1") + f.Scrypt("password", 10) + body, args := f.UnreadLine(), f.UnreadArgsLine() + f.ArgsLine(args[0], args[1], "aaaa10") + f.TextLine(body) + f.HMAC() + f.Payload("age") + f.ExpectHeaderFailure() + f.Generate() +} diff --git a/tests/scrypt_work_factor_wrong.go b/tests/scrypt_work_factor_wrong.go new file mode 100644 index 0000000..a004999 --- /dev/null +++ b/tests/scrypt_work_factor_wrong.go @@ -0,0 +1,22 @@ +// Copyright 2022 The age Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build ignore + +package main + +import "filippo.io/age/internal/testkit" + +func main() { + f := testkit.NewTestFile() + f.VersionLine("v1") + f.Scrypt("password", 18) // cmd/go default + body, args := f.UnreadLine(), f.UnreadArgsLine() + f.ArgsLine(args[0], args[1], "10") + f.TextLine(body) + f.HMAC() + f.Payload("age") + f.ExpectNoMatch() + f.Generate() +} diff --git a/tests/scrypt_work_factor_zero.go b/tests/scrypt_work_factor_zero.go new file mode 100644 index 0000000..bc193f8 --- /dev/null +++ b/tests/scrypt_work_factor_zero.go @@ -0,0 +1,22 @@ +// Copyright 2022 The age Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build ignore + +package main + +import "filippo.io/age/internal/testkit" + +func main() { + f := testkit.NewTestFile() + f.VersionLine("v1") + f.Scrypt("password", 10) + body, args := f.UnreadLine(), f.UnreadArgsLine() + f.ArgsLine(args[0], args[1], "0") + f.TextLine(body) + f.HMAC() + f.Payload("age") + f.ExpectHeaderFailure() + f.Generate() +} diff --git a/tests/x25519_lowercase.go b/tests/x25519_lowercase.go index 7bdce73..1c7bb94 100644 --- a/tests/x25519_lowercase.go +++ b/tests/x25519_lowercase.go @@ -6,18 +6,14 @@ package main -import ( - "strings" - - "filippo.io/age/internal/testkit" -) +import "filippo.io/age/internal/testkit" func main() { f := testkit.NewTestFile() f.VersionLine("v1") f.X25519(testkit.TestX25519Recipient) - body, args := f.UnreadLine(), f.UnreadLine() - f.TextLine(strings.Replace(args, "X25519", "x25519", -1)) + body, args := f.UnreadLine(), f.UnreadArgsLine() + f.ArgsLine("x25519", args[1]) f.TextLine(body) f.HMAC() f.Payload("age") diff --git a/tests/x25519_not_canonical_body.go b/tests/x25519_not_canonical_body.go index ee49f96..b1bd4b5 100644 --- a/tests/x25519_not_canonical_body.go +++ b/tests/x25519_not_canonical_body.go @@ -12,8 +12,7 @@ func main() { f := testkit.NewTestFile() f.VersionLine("v1") f.X25519(testkit.TestX25519Recipient) - body, args := f.UnreadLine(), f.UnreadLine() - f.TextLine(args) + body := f.UnreadLine() f.TextLine(testkit.NotCanonicalBase64(body)) f.HMAC() f.Payload("age")