diff options
author | Christian Grothoff <christian@grothoff.org> | 2020-11-22 18:31:33 +0100 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2020-11-22 18:31:33 +0100 |
commit | a9fb94e916ba6084997571f03fd6c2b4d557576b (patch) | |
tree | be306998212283fa32591308a583bb189c195b22 /src/util/test_helper_rsa.c | |
parent | 9b68dbb8e6c873ff40c00da85b3a9f709afd42e1 (diff) | |
download | exchange-a9fb94e916ba6084997571f03fd6c2b4d557576b.tar.xz |
start with testing crypto rsa helper
Diffstat (limited to 'src/util/test_helper_rsa.c')
-rw-r--r-- | src/util/test_helper_rsa.c | 314 |
1 files changed, 314 insertions, 0 deletions
diff --git a/src/util/test_helper_rsa.c b/src/util/test_helper_rsa.c new file mode 100644 index 000000000..4cb4a5f18 --- /dev/null +++ b/src/util/test_helper_rsa.c @@ -0,0 +1,314 @@ +/* + This file is part of TALER + (C) 2020 Taler Systems SA + + TALER is free software; you can redistribute it and/or modify it under the + terms of the GNU General Public License as published by the Free Software + Foundation; either version 3, or (at your option) any later version. + + TALER is distributed in the hope that it will be useful, but WITHOUT ANY + WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR + A PARTICULAR PURPOSE. See the GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along with + TALER; see the file COPYING. If not, see <http://www.gnu.org/licenses/> +*/ +/** + * @file util/test_helper_rsa.c + * @brief Tests for RSA crypto helper + * @author Christian Grothoff + */ +#include "platform.h" +#include "taler_util.h" + +/** + * Configuration has 1 minute duration and 5 minutes lookahead, so + * we should never have more than 6 active keys, plus for during + * key expiration / revocation. + */ +#define MAX_KEYS 7 + +/** + * How many random key revocations should we test? + */ +#define NUM_REVOKES 10 + + +/** + * Number of keys currently in #keys. + */ +static unsigned int num_keys; + +/** + * Keys currently managed by the helper. + */ +struct KeyData +{ + /** + * Validity start point. + */ + struct GNUNET_TIME_Absolute start_time; + + /** + * Key expires for signing at @e start_time plus this value. + */ + struct GNUNET_TIME_Relative validity_duration; + + /** + * Hash of the public key. + */ + struct GNUNET_HashCode h_denom_pub; + + /** + * Full public key. + */ + struct TALER_DenominationPublicKey denom_pub; + + /** + * Is this key currently valid? + */ + bool valid; + + /** + * Did the test driver revoke this key? + */ + bool revoked; +}; + +static struct KeyData keys[MAX_KEYS]; + + +static void +key_cb (void *cls, + const char *section_name, + struct GNUNET_TIME_Absolute start_time, + struct GNUNET_TIME_Relative validity_duration, + const struct GNUNET_HashCode *h_denom_pub, + const struct TALER_DenominationPublicKey *denom_pub) +{ + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "Key notification about key %s in `%s'\n", + GNUNET_h2s (h_denom_pub), + section_name); + if (0 == validity_duration.rel_value_us) + { + bool found = false; + + GNUNET_break (NULL == denom_pub); + GNUNET_break (NULL == section_name); + for (unsigned int i = 0; i<MAX_KEYS; i++) + if (0 == GNUNET_memcmp (h_denom_pub, + &keys[i].h_denom_pub)) + { + keys[i].valid = false; + keys[i].revoked = false; + GNUNET_CRYPTO_rsa_public_key_free (keys[i].denom_pub.rsa_public_key); + keys[i].denom_pub.rsa_public_key = NULL; + GNUNET_assert (num_keys > 0); + num_keys--; + found = true; + break; + } + if (! found) + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Error: helper announced expiration of unknown key!\n"); + + return; + } + GNUNET_break (NULL != denom_pub); + for (unsigned int i = 0; i<MAX_KEYS; i++) + if (! keys[i].valid) + { + keys[i].valid = true; + keys[i].h_denom_pub = *h_denom_pub; + keys[i].start_time = start_time; + keys[i].validity_duration = validity_duration; + keys[i].denom_pub.rsa_public_key + = GNUNET_CRYPTO_rsa_public_key_dup (denom_pub->rsa_public_key); + num_keys++; + return; + } + /* too many keys! */ + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Error: received %d live keys from the service!\n", + MAX_KEYS + 1); +} + + +/** + * Main entry point into the test logic with the helper already running. + */ +static int +run_test (void) +{ + struct GNUNET_CONFIGURATION_Handle *cfg; + struct TALER_CRYPTO_DenominationHelper *dh; + struct timespec req = { + .tv_nsec = 250000000 + }; + + cfg = GNUNET_CONFIGURATION_create (); + if (GNUNET_OK != + GNUNET_CONFIGURATION_load (cfg, + "test_helper_rsa.conf")) + { + GNUNET_break (0); + return 77; + } + dh = TALER_CRYPTO_helper_denom_connect (cfg, + &key_cb, + NULL); + GNUNET_CONFIGURATION_destroy (cfg); + if (NULL == dh) + { + GNUNET_break (0); + return 1; + } + /* wait for helper to start and give us keys */ + fprintf (stderr, "Waiting for helper to start "); + for (unsigned int i = 0; i<80; i++) + { + TALER_CRYPTO_helper_poll (dh); + if (0 != num_keys) + break; + nanosleep (&req, NULL); + fprintf (stderr, "."); + } + if (0 == num_keys) + { + fprintf (stderr, + "\nFAILED: timeout trying to connect to helper\n"); + TALER_CRYPTO_helper_denom_disconnect (dh); + return 1; + } + fprintf (stderr, + "\nOK: Helper ready (%u keys)\n", + num_keys); + for (unsigned int i = 0; i<NUM_REVOKES; i++) + { + uint32_t off; + + off = GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK, + num_keys); + /* find index of key to revoke */ + for (unsigned int j = 0; j < MAX_KEYS; j++) + { + if (! keys[j].valid) + continue; + if (0 != off) + { + off--; + continue; + } + keys[j].revoked = true; + fprintf (stderr, + "Revoking key %s ...", + GNUNET_h2s (&keys[j].h_denom_pub)); + TALER_CRYPTO_helper_denom_revoke (dh, + &keys[j].h_denom_pub); + for (unsigned int k = 0; k<80; k++) + { + TALER_CRYPTO_helper_poll (dh); + if (! keys[j].revoked) + break; + nanosleep (&req, NULL); + fprintf (stderr, "."); + } + if (keys[j].revoked) + { + fprintf (stderr, + "\nFAILED: timeout trying to revoke key %u\n", + j); + TALER_CRYPTO_helper_denom_disconnect (dh); + return 2; + } + break; + } + } + + + TALER_CRYPTO_helper_denom_disconnect (dh); + /* clean up our state */ + for (unsigned int i = 0; i<MAX_KEYS; i++) + if (keys[i].valid) + { + GNUNET_CRYPTO_rsa_public_key_free (keys[i].denom_pub.rsa_public_key); + keys[i].denom_pub.rsa_public_key = NULL; + GNUNET_assert (num_keys > 0); + num_keys--; + } + return 0; +} + + +int +main (int argc, + const char *const argv[]) +{ + struct GNUNET_OS_Process *helper; + char *libexec_dir; + char *binary_name; + int ret; + enum GNUNET_OS_ProcessStatusType type; + unsigned long code; + + (void) argc; + (void) argv; + GNUNET_log_setup ("test-helper-rsa", + "INFO", + NULL); + GNUNET_OS_init (TALER_project_data_default ()); + libexec_dir = GNUNET_OS_installation_get_path (GNUNET_OS_IPK_LIBEXECDIR); + GNUNET_asprintf (&binary_name, + "%s/%s", + libexec_dir, + "taler-helper-crypto-rsa"); + GNUNET_free (libexec_dir); + helper = GNUNET_OS_start_process (GNUNET_OS_INHERIT_STD_ERR, + NULL, NULL, NULL, + binary_name, + binary_name, + "-c", + "test_helper_rsa.conf", + "-L", + "INFO", + NULL); + if (NULL == helper) + { + GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR, + "exec", + binary_name); + GNUNET_free (binary_name); + return 77; + } + GNUNET_free (binary_name); + ret = run_test (); + + GNUNET_OS_process_kill (helper, + SIGTERM); + if (GNUNET_OK != + GNUNET_OS_process_wait_status (helper, + &type, + &code)) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Helper process did not die voluntarily, killing hard\n"); + GNUNET_OS_process_kill (helper, + SIGKILL); + ret = 4; + } + else if ( (GNUNET_OS_PROCESS_EXITED != type) || + (0 != code) ) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "Helper died with unexpected status %d/%d\n", + (int) type, + (int) code); + ret = 5; + } + GNUNET_OS_process_destroy (helper); + return ret; +} + + +/* end of test_helper_rsa.c */ |