New Upstream Snapshot - rhonabwy
Ready changes
Summary
Merged new upstream version: 1.1.11 (was: 1.1.10).
Diff
diff --git a/.github/workflows/ccpp.yml b/.github/workflows/ccpp.yml
deleted file mode 100644
index dd55111..0000000
--- a/.github/workflows/ccpp.yml
+++ /dev/null
@@ -1,62 +0,0 @@
-name: C/C++ CI
-
-on: [push]
-
-jobs:
- build:
-
- runs-on: ubuntu-latest
-
- steps:
- - uses: actions/checkout@v1
- - name: install dependencies
- run: |
- sudo apt-get update
- sudo apt-get install -y cmake pkg-config check libsubunit-dev cppcheck libsystemd-dev libgnutls28-dev libjansson-dev libcurl4-gnutls-dev libmicrohttpd-dev valgrind doxygen gnutls-bin
- - name: cppcheck
- run: cppcheck --force --enable=warning,missingInclude --error-exitcode=1 .
- - name: dependencies
- run: |
- cd /opt
- git clone https://github.com/babelouest/orcania.git
- git clone https://github.com/babelouest/yder.git
- git clone https://github.com/babelouest/ulfius.git
- mkdir build
- cd build
-
- cmake -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_INSTALL_LIBDIR=lib ../orcania
- make
- sudo make install
- rm -rf *
-
- cmake -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_INSTALL_LIBDIR=lib ../yder
- make
- sudo make install
- rm -rf *
-
- cmake -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_INSTALL_LIBDIR=lib ../ulfius
- make
- sudo make install
- rm -rf *
- - name: build
- run: |
- # prepare build folders
- mkdir build
- # build rhonabwy, run tests, build package
- cd build
- cmake -DBUILD_RHONABWY_TESTING=ON -DBUILD_RHONABWY_DOCUMENTATION=ON -DWITH_CURL=OFF ..
- make
- rm -rf *
- cmake -DBUILD_RHONABWY_TESTING=ON -DBUILD_RHONABWY_DOCUMENTATION=ON ..
- ../test/cert/create-cert.sh || (cat ../test/cert/certtool.log && false)
- ln -s ../test/cert/ .
- ln -s ../test/cookbook-master .
- ln -s ../test/ .
- make test || (cat Testing/Temporary/LastTest.log && false)
- make package
- make doc
- sudo make install
- sudo ldconfig
- # test rnbyc
- cd ../tools/rnbyc/
- make test
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
deleted file mode 100644
index 2ed162d..0000000
--- a/.github/workflows/codeql-analysis.yml
+++ /dev/null
@@ -1,68 +0,0 @@
-name: "CodeQL"
-
-on:
- push:
- branches: [master, ]
- pull_request:
- # The branches below must be a subset of the branches above
- branches: [master]
- schedule:
- - cron: '0 21 * * 3'
-
-jobs:
- analyse:
- name: Analyse
- runs-on: ubuntu-latest
-
- steps:
- - name: Checkout repository
- uses: actions/checkout@v2
- with:
- # We must fetch at least the immediate parents so that if this is
- # a pull request then we can checkout the head.
- fetch-depth: 2
-
- # If this run was triggered by a pull request event, then checkout
- # the head of the pull request instead of the merge commit.
- - run: git checkout HEAD^2
- if: ${{ github.event_name == 'pull_request' }}
-
- # Initializes the CodeQL tools for scanning.
- - name: Initialize CodeQL
- uses: github/codeql-action/init@v1
- - name: dependencies
- run: |
- sudo apt-get update
- sudo apt-get install -y cmake pkg-config libsystemd-dev libgnutls28-dev libjansson-dev libcurl4-gnutls-dev libmicrohttpd-dev doxygen
-
- cd /opt
- git clone https://github.com/babelouest/orcania.git
- git clone https://github.com/babelouest/yder.git
- git clone https://github.com/babelouest/ulfius.git
- mkdir build
- cd build
-
- cmake -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_INSTALL_LIBDIR=lib ../orcania
- make
- sudo make install
- rm -rf *
-
- cmake -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_INSTALL_LIBDIR=lib ../yder
- make
- sudo make install
- rm -rf *
-
- cmake -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_INSTALL_LIBDIR=lib ../ulfius
- make
- sudo make install
- rm -rf *
- - run: |
- mkdir build
- cd build
- cmake -DBUILD_RHONABWY_DOCUMENTATION=on ..
- make
- make doc
- sudo make install
-
- - name: Perform CodeQL Analysis
- uses: github/codeql-action/analyze@v1
diff --git a/.gitignore b/.gitignore
deleted file mode 100644
index d31e0ea..0000000
--- a/.gitignore
+++ /dev/null
@@ -1,10 +0,0 @@
-*.o
-*.so
-*.so.*
-*.pc
-valgrind*.txt
-*.log
-rhonabwy-cfg.h
-tools/rnbyc/rnbyc
-*.jwks
-*.jwt
diff --git a/CHANGELOG.md b/CHANGELOG.md
index a486c78..bbdcd2f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,9 @@
# Rhonabwy Changelog
+## 1.1.11
+
+- Check payload length is a multiple of block size before decrypting a jwe to avoid issues with old GnuTLS version (#24)
+
## 1.1.10
- Build with flag `-Wconversion`
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 086c7c6..ffe16fd 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -30,10 +30,10 @@ set(PROJECT_HOMEPAGE_URL "https://github.com/babelouest/rhonabwy/")
set(PROJECT_BUGREPORT_PATH "https://github.com/babelouest/rhonabwy/issues")
set(LIBRARY_VERSION_MAJOR "1")
set(LIBRARY_VERSION_MINOR "1")
-set(LIBRARY_VERSION_PATCH "10")
+set(LIBRARY_VERSION_PATCH "11")
set(ORCANIA_VERSION_REQUIRED "2.3.2")
set(YDER_VERSION_REQUIRED "1.4.19")
-set(ULFIUS_VERSION_REQUIRED "2.7.12")
+set(ULFIUS_VERSION_REQUIRED "2.7.13")
set(PROJECT_VERSION "${LIBRARY_VERSION_MAJOR}.${LIBRARY_VERSION_MINOR}.${LIBRARY_VERSION_PATCH}")
set(PROJECT_VERSION_MAJOR ${LIBRARY_VERSION_MAJOR})
diff --git a/README.md b/README.md
index bafb9f4..0335a05 100644
--- a/README.md
+++ b/README.md
@@ -197,11 +197,12 @@ You only need to install `liborcania-dev_*`, `libyder-dev_*` for `librhonabwy-de
[CMake](https://cmake.org/download/) minimum 3.5 is required.
+Last Rhonabwy release: [https://github.com/babelouest/rhonabwy/releases/latest/](https://github.com/babelouest/rhonabwy/releases/latest/)
+
Run the CMake script in a sub-directory, example:
```shell
-$ git clone https://github.com/babelouest/rhonabwy.git
-$ cd rhonabwy/
+$ cd <rhonabwy_source>
$ mkdir build
$ cd build
$ cmake ..
@@ -222,8 +223,9 @@ The available options for CMake are:
Download Rhonabwy from GitHub repository, compile and install.
+Last Rhonabwy release: [https://github.com/babelouest/rhonabwy/releases/latest/](https://github.com/babelouest/rhonabwy/releases/latest/)
+
```shell
-$ git clone https://github.com/babelouest/rhonabwy.git
$ cd rhonabwy/src
$ make
$ sudo make install
diff --git a/debian/changelog b/debian/changelog
index 9179fdb..b9501e4 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+rhonabwy (1.1.11-1) UNRELEASED; urgency=low
+
+ * New upstream release.
+
+ -- Debian Janitor <janitor@jelmer.uk> Wed, 08 Feb 2023 17:32:05 -0000
+
rhonabwy (1.1.10-1) unstable; urgency=medium
* New upstream release
diff --git a/debian/patches/disable_test_rhonabwy_generate_key_pair.patch b/debian/patches/disable_test_rhonabwy_generate_key_pair.patch
index 50a5103..f8954ab 100644
--- a/debian/patches/disable_test_rhonabwy_generate_key_pair.patch
+++ b/debian/patches/disable_test_rhonabwy_generate_key_pair.patch
@@ -1,9 +1,11 @@
Description: Disable test_rhonabwy_generate_key_pair, takes too much time in some environments
Author: Nicolas Mora <babelouest@debian.org>
Forwarded: not-needed
---- a/test/jwk_core.c
-+++ b/test/jwk_core.c
-@@ -285,6 +285,7 @@
+Index: rhonabwy.git/test/jwk_core.c
+===================================================================
+--- rhonabwy.git.orig/test/jwk_core.c
++++ rhonabwy.git/test/jwk_core.c
+@@ -285,6 +285,7 @@ START_TEST(test_rhonabwy_delete_property
}
END_TEST
@@ -11,7 +13,7 @@ Forwarded: not-needed
START_TEST(test_rhonabwy_generate_key_pair)
{
jwk_t * jwk_privkey, * jwk_pubkey;
-@@ -450,6 +451,7 @@
+@@ -450,6 +451,7 @@ START_TEST(test_rhonabwy_generate_key_pa
}
END_TEST
@@ -19,7 +21,7 @@ Forwarded: not-needed
START_TEST(test_rhonabwy_equal)
{
-@@ -623,7 +625,9 @@
+@@ -623,7 +625,9 @@ static Suite *rhonabwy_suite(void)
tcase_add_test(tc_core, test_rhonabwy_get_property);
tcase_add_test(tc_core, test_rhonabwy_set_property);
tcase_add_test(tc_core, test_rhonabwy_delete_property);
diff --git a/doc/doxygen.cfg b/doc/doxygen.cfg
index 2426091..ba71e88 100644
--- a/doc/doxygen.cfg
+++ b/doc/doxygen.cfg
@@ -15,7 +15,6 @@ OUTPUT_DIRECTORY = doc
CREATE_SUBDIRS = NO
ALLOW_UNICODE_NAMES = NO
OUTPUT_LANGUAGE = English
-OUTPUT_TEXT_DIRECTION = None
BRIEF_MEMBER_DESC = YES
REPEAT_BRIEF = YES
ABBREVIATE_BRIEF = "The $name class" \
@@ -71,3 +70,4 @@ ENABLE_PREPROCESSING = YES
MACRO_EXPANSION = NO
EXPAND_ONLY_PREDEF = NO
SEARCH_INCLUDES = YES
+HAVE_DOT = NO
diff --git a/src/Makefile b/src/Makefile
index 3821818..ef413e4 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -37,7 +37,7 @@ OBJECTS=jwk.o jwks.o jws.o jwe.o jwt.o misc.o
OUTPUT=librhonabwy.so
VERSION_MAJOR=1
VERSION_MINOR=1
-VERSION_PATCH=10
+VERSION_PATCH=11
ifdef DISABLE_CURL
R_WITH_CURL=0
diff --git a/src/jwe.c b/src/jwe.c
index 3cd2552..8b3a1dd 100644
--- a/src/jwe.c
+++ b/src/jwe.c
@@ -3557,6 +3557,24 @@ int r_jwe_encrypt_payload(jwe_t * jwe) {
return ret;
}
+static int _r_gnutls_is_block_cipher(gnutls_cipher_algorithm_t alg)
+{
+ switch (alg) {
+ case GNUTLS_CIPHER_3DES_CBC:
+ case GNUTLS_CIPHER_AES_128_CBC:
+ case GNUTLS_CIPHER_AES_256_CBC:
+ case GNUTLS_CIPHER_CAMELLIA_128_CBC:
+ case GNUTLS_CIPHER_CAMELLIA_256_CBC:
+ case GNUTLS_CIPHER_AES_192_CBC:
+ case GNUTLS_CIPHER_CAMELLIA_192_CBC :
+ case GNUTLS_CIPHER_RC2_40_CBC :
+ case GNUTLS_CIPHER_DES_CBC:
+ return 1;
+ default:
+ return 0;
+ }
+}
+
int r_jwe_decrypt_payload(jwe_t * jwe) {
int ret = RHN_OK, res;
gnutls_cipher_hd_t handle;
@@ -3565,33 +3583,56 @@ int r_jwe_decrypt_payload(jwe_t * jwe) {
size_t payload_enc_len = 0, unzip_len = 0;
unsigned char tag[128];
size_t tag_len = 0;
+ size_t ciphertext_b64_len;
+ size_t ciphertext_decoded_len = 0;
+ unsigned cipher_block_size;
int cipher_cbc;
struct _o_datum dat = {0, NULL}, dat_ciph = {0, NULL}, dat_tag = {0, NULL};
- if (jwe != NULL && jwe->enc != R_JWA_ENC_UNKNOWN && !o_strnullempty((const char *)jwe->ciphertext_b64url) && !o_strnullempty((const char *)jwe->iv_b64url) && jwe->key != NULL && jwe->key_len && jwe->key_len == _r_get_key_size(jwe->enc)) {
- // Decode iv and payload_b64
- o_free(jwe->iv);
- if (o_base64url_decode_alloc(jwe->iv_b64url, o_strlen((const char *)jwe->iv_b64url), &dat)) {
- if ((jwe->iv = o_malloc(dat.size)) != NULL) {
- jwe->iv_len = dat.size;
- memcpy(jwe->iv, dat.data, dat.size);
- if (o_base64url_decode_alloc(jwe->ciphertext_b64url, o_strlen((const char *)jwe->ciphertext_b64url), &dat_ciph)) {
- if ((payload_enc = o_malloc(dat_ciph.size)) == NULL) {
- y_log_message(Y_LOG_LEVEL_ERROR, "r_jwe_decrypt_payload - Error allocating resources for payload_enc");
- ret = RHN_ERROR_MEMORY;
+ if (jwe != NULL && jwe->enc != R_JWA_ENC_UNKNOWN && (ciphertext_b64_len = o_strlen((const char *)jwe->ciphertext_b64url)) != 0 && !o_strnullempty((const char *)jwe->iv_b64url) && jwe->key != NULL && jwe->key_len && jwe->key_len == _r_get_key_size(jwe->enc)) {
+ /* ensure payload_enc_buflen is a multiple of cipher_block_size
+ * if the cipher is a block-mode cipher
+ */
+ if (_r_gnutls_is_block_cipher(_r_get_alg_from_enc(jwe->enc))) {
+ if (o_base64url_decode(jwe->ciphertext_b64url, ciphertext_b64_len, NULL, &ciphertext_decoded_len)) {
+ cipher_block_size = (unsigned)gnutls_cipher_get_block_size(_r_get_alg_from_enc(jwe->enc));
+ if (!ciphertext_decoded_len || ciphertext_decoded_len % cipher_block_size) {
+ /* The ciphertext length is not a multiple of block size.
+ * It can't possibly be valid */
+ y_log_message(Y_LOG_LEVEL_ERROR, "r_jwe_decrypt_payload - Invalid ciphertext length");
+ ret = RHN_ERROR_INVALID;
+ }
+ } else {
+ y_log_message(Y_LOG_LEVEL_ERROR, "r_jwe_decrypt_payload - Error o_base64url_decode ciphertext_b64url");
+ ret = RHN_ERROR;
+ }
+ }
+
+ if (ret == RHN_OK) {
+ // Decode iv and payload_b64
+ o_free(jwe->iv);
+ if (o_base64url_decode_alloc(jwe->iv_b64url, o_strlen((const char *)jwe->iv_b64url), &dat)) {
+ if ((jwe->iv = o_malloc(dat.size)) != NULL) {
+ jwe->iv_len = dat.size;
+ memcpy(jwe->iv, dat.data, dat.size);
+ if (o_base64url_decode_alloc(jwe->ciphertext_b64url, ciphertext_b64_len, &dat_ciph)) {
+ if ((payload_enc = o_malloc(dat_ciph.size)) == NULL) {
+ y_log_message(Y_LOG_LEVEL_ERROR, "r_jwe_decrypt_payload - Error allocating resources for payload_enc");
+ ret = RHN_ERROR_MEMORY;
+ }
+ } else {
+ y_log_message(Y_LOG_LEVEL_ERROR, "r_jwe_decrypt_payload - Error o_base64url_decode_alloc ciphertext_b64url");
+ ret = RHN_ERROR;
}
} else {
- y_log_message(Y_LOG_LEVEL_ERROR, "r_jwe_decrypt_payload - Error o_base64url_decode_alloc ciphertext_b64url");
- ret = RHN_ERROR;
+ y_log_message(Y_LOG_LEVEL_ERROR, "r_jwe_decrypt_payload - Error reallocating resources for iv");
+ ret = RHN_ERROR_MEMORY;
}
+ o_free(dat.data);
} else {
- y_log_message(Y_LOG_LEVEL_ERROR, "r_jwe_decrypt_payload - Error reallocating resources for iv");
- ret = RHN_ERROR_MEMORY;
+ y_log_message(Y_LOG_LEVEL_ERROR, "r_jwe_decrypt_payload - Error o_base64url_decode_alloc iv");
+ ret = RHN_ERROR;
}
- o_free(dat.data);
- } else {
- y_log_message(Y_LOG_LEVEL_ERROR, "r_jwe_decrypt_payload - Error o_base64url_decode_alloc iv");
- ret = RHN_ERROR;
}
if (ret == RHN_OK) {
@@ -3638,6 +3679,8 @@ int r_jwe_decrypt_payload(jwe_t * jwe) {
ret = RHN_ERROR;
}
}
+ } else if (res == GNUTLS_E_INVALID_REQUEST) {
+ ret = RHN_ERROR_INVALID;
} else if (res == GNUTLS_E_DECRYPTION_FAILED) {
y_log_message(Y_LOG_LEVEL_ERROR, "r_jwe_decrypt_payload - decryption failed: '%s'", gnutls_strerror(res));
ret = RHN_ERROR_INVALID;
@@ -3679,6 +3722,8 @@ int r_jwe_decrypt_payload(jwe_t * jwe) {
ret = RHN_ERROR;
}
}
+ } else if (jwe != NULL && jwe->key_len != _r_get_key_size(jwe->enc)) {
+ ret = RHN_ERROR_INVALID;
} else {
y_log_message(Y_LOG_LEVEL_ERROR, "r_jwe_decrypt_payload - Error input parameters");
ret = RHN_ERROR_PARAM;
diff --git a/src/jwk.c b/src/jwk.c
index a424356..f93479e 100644
--- a/src/jwk.c
+++ b/src/jwk.c
@@ -717,7 +717,7 @@ int r_jwk_key_type(jwk_t * jwk, unsigned int * bits, int x5u_flags) {
}
#endif
} else {
- y_log_message(Y_LOG_LEVEL_ERROR, "r_jwk_key_type x5c - Error unsupported algorithm %s", gnutls_pk_algorithm_get_name(pk_alg));
+ y_log_message(Y_LOG_LEVEL_ERROR, "r_jwk_key_type x5c - Error unsupported algorithm %s", gnutls_pk_algorithm_get_name((gnutls_pk_algorithm_t)pk_alg));
ret = R_KEY_TYPE_NONE;
}
ret |= R_KEY_TYPE_PUBLIC;
@@ -770,7 +770,7 @@ int r_jwk_key_type(jwk_t * jwk, unsigned int * bits, int x5u_flags) {
#endif
} else {
ret = R_KEY_TYPE_NONE;
- y_log_message(Y_LOG_LEVEL_ERROR, "r_jwk_key_type x5u - Error unsupported algorithm %s", gnutls_pk_algorithm_get_name(pk_alg));
+ y_log_message(Y_LOG_LEVEL_ERROR, "r_jwk_key_type x5u - Error unsupported algorithm %s", gnutls_pk_algorithm_get_name((gnutls_pk_algorithm_t)pk_alg));
}
ret |= R_KEY_TYPE_PUBLIC;
} else {
diff --git a/src/jws.c b/src/jws.c
index 8900309..946ba56 100644
--- a/src/jws.c
+++ b/src/jws.c
@@ -211,7 +211,7 @@ static unsigned char * r_jws_sign_hmac(jws_t * jws, jwk_t * jwk) {
}
if (alg != GNUTLS_DIG_NULL) {
- sig_len = (unsigned)gnutls_hmac_get_len(alg);
+ sig_len = (unsigned)gnutls_hmac_get_len((gnutls_mac_algorithm_t)alg);
sig = o_malloc(sig_len);
key_len = o_strlen(r_jwk_get_property_str(jwk, "k"));
@@ -236,7 +236,7 @@ static unsigned char * r_jws_sign_hmac(jws_t * jws, jwk_t * jwk) {
if (key != NULL && sig != NULL) {
data = (unsigned char *)msprintf("%s.%s", jws->header_b64url, jws->payload_b64url);
- if (!gnutls_hmac_fast(alg, key, key_len, data, o_strlen((const char *)data), sig)) {
+ if (!gnutls_hmac_fast((gnutls_mac_algorithm_t)alg, key, key_len, data, o_strlen((const char *)data), sig)) {
if (o_base64url_encode_alloc(sig, sig_len, &dat_sig)) {
to_return = (unsigned char*)o_strndup((const char *)dat_sig.data, dat_sig.size);
o_free(dat_sig.data);
@@ -302,7 +302,7 @@ static unsigned char * r_jws_sign_rsa(jws_t * jws, jwk_t * jwk) {
#else
gnutls_privkey_sign_data
#endif
- (privkey, alg, flag, &body_dat, &sig_dat))) {
+ (privkey, (gnutls_sign_algorithm_t)alg, flag, &body_dat, &sig_dat))) {
if (o_base64url_encode_alloc(sig_dat.data, sig_dat.size, &dat_sig)) {
to_return = (unsigned char*)o_strndup((const char *)dat_sig.data, dat_sig.size);
o_free(dat_sig.data);
@@ -349,7 +349,7 @@ static unsigned char * r_jws_sign_ecdsa(jws_t * jws, jwk_t * jwk) {
body_dat.data = (unsigned char *)msprintf("%s.%s", jws->header_b64url, jws->payload_b64url);
body_dat.size = (unsigned int)o_strlen((const char *)body_dat.data);
- if (!(res = gnutls_privkey_sign_data(privkey, alg, 0, &body_dat, &sig_dat))) {
+ if (!(res = gnutls_privkey_sign_data(privkey, (gnutls_digest_algorithm_t)alg, 0, &body_dat, &sig_dat))) {
if (!gnutls_decode_rs_value(&sig_dat, &r, &s)) {
if (r.size > adj) {
r_padding = r.size - adj;
@@ -531,7 +531,7 @@ static int r_jws_verify_sig_rsa(jws_t * jws, jwk_t * jwk, int x5u_flags) {
if (o_base64url_decode_alloc(jws->signature_b64url, o_strlen((const char *)jws->signature_b64url), &dat_sig)) {
sig_dat.data = dat_sig.data;
sig_dat.size = (unsigned int)dat_sig.size;
- if (gnutls_pubkey_verify_data2(pubkey, alg, flag, &data, &sig_dat)) {
+ if (gnutls_pubkey_verify_data2(pubkey, (gnutls_sign_algorithm_t)alg, flag, &data, &sig_dat)) {
y_log_message(Y_LOG_LEVEL_ERROR, "r_jws_verify_sig_rsa - Error invalid signature");
ret = RHN_ERROR_INVALID;
}
@@ -602,7 +602,7 @@ static int r_jws_verify_sig_ecdsa(jws_t * jws, jwk_t * jwk, int x5u_flags) {
if (ret == RHN_OK) {
if (!gnutls_encode_rs_value(&sig_dat, &r, &s)) {
- if (gnutls_pubkey_verify_data2(pubkey, alg, 0, &data, &sig_dat)) {
+ if (gnutls_pubkey_verify_data2(pubkey, (gnutls_sign_algorithm_t)alg, 0, &data, &sig_dat)) {
y_log_message(Y_LOG_LEVEL_ERROR, "r_jws_verify_sig_ecdsa - Error invalid signature");
ret = RHN_ERROR_INVALID;
}
diff --git a/test/cookbook.c b/test/cookbook.c
index 2e29d9f..aa82cc2 100644
--- a/test/cookbook.c
+++ b/test/cookbook.c
@@ -367,7 +367,7 @@ int main(int argc, char *argv[])
int number_failed;
Suite *s;
SRunner *sr;
- y_init_logs("Rhonabwy", Y_LOG_MODE_CONSOLE, Y_LOG_LEVEL_DEBUG, NULL, "Starting Rhonabwy cookbook tests");
+ //y_init_logs("Rhonabwy", Y_LOG_MODE_CONSOLE, Y_LOG_LEVEL_DEBUG, NULL, "Starting Rhonabwy cookbook tests");
r_global_init();
s = rhonabwy_suite();
sr = srunner_create(s);
@@ -377,6 +377,6 @@ int main(int argc, char *argv[])
srunner_free(sr);
r_global_close();
- y_close_logs();
+ //y_close_logs();
return (number_failed == 0) ? EXIT_SUCCESS : EXIT_FAILURE;
}
diff --git a/test/jwe_core.c b/test/jwe_core.c
index bdbe162..fc57e00 100644
--- a/test/jwe_core.c
+++ b/test/jwe_core.c
@@ -115,7 +115,7 @@ const unsigned char advanced_cert_pem_1[] = "-----BEGIN CERTIFICATE-----\n"
"D779sJ9gxiz68UPDo5ArHx3i2iS2ROkEGEUm93fYGi8y8yZtWb8MsPvqJi2Ar0tv\n"
"s3yOHp3+WqTOfToYSrrNz2rP\n"
"-----END CERTIFICATE-----";
-const unsigned char advanced_cert_der_1[] =
+const unsigned char advanced_cert_der_1[] =
"MIIDDjCCAXagAwIBAgIUNdBXsS0f7w7zoqBV005eOeD2DMgwDQYJKoZIhvcNAQEL"
"BQAwKjETMBEGA1UEAwwKZ2xld2x3eWRfMTETMBEGA1UEChMKYmFiZWxvdWVzdDAe"
"Fw0yMTA5MTMyMTQ5MzhaFw0yMjA4MjkyMTQ5MzhaMCsxFDASBgNVBAMTC0RhdmUg"
@@ -158,7 +158,7 @@ const unsigned char advanced_cert_pem_2[] = "-----BEGIN CERTIFICATE-----\n"
"BKgGmpZ2fEF6BKMTC4HyiCc9e2qeqLTIOZPiMpJm8N6fpEY37JEqqPHeY19WYxdE\n"
"TrY5XLCqtITFRVTMubJPyDnc\n"
"-----END CERTIFICATE-----";
-const unsigned char advanced_cert_der_2[] =
+const unsigned char advanced_cert_der_2[] =
"MIIDDjCCAXagAwIBAgIUd1sYeALcC3nDDzlovmUm9S+IAaEwDQYJKoZIhvcNAQEL"
"BQAwKjETMBEGA1UEAwwKZ2xld2x3eWRfMTETMBEGA1UEChMKYmFiZWxvdWVzdDAe"
"Fw0yMTA5MTQxNTI0NDZaFw0yMjA4MzAxNTI0NDZaMCsxFDASBgNVBAMTC0RhdmUg"
@@ -201,7 +201,7 @@ const unsigned char advanced_cert_pem_3[] = "-----BEGIN CERTIFICATE-----\n"
"IiKlSjZYotFffUsrfHVYqlk58PX5j7P/fohvLnHkucbu9FVrvVLlqZHK3vzafdw6\n"
"SlefNWD4/90X/5VFOpePkjZY\n"
"-----END CERTIFICATE-----";
-const unsigned char advanced_cert_der_3[] =
+const unsigned char advanced_cert_der_3[] =
"MIIDDjCCAXagAwIBAgIUcqJBzjg4lb0vBeFBGZ2uuY9ZoLkwDQYJKoZIhvcNAQEL"
"BQAwKjETMBEGA1UEAwwKZ2xld2x3eWRfMTETMBEGA1UEChMKYmFiZWxvdWVzdDAe"
"Fw0yMTA5MTMyMTQ5MzlaFw0yMjA4MjkyMTQ5MzlaMCsxFDASBgNVBAMTC0RhdmUg"
@@ -244,7 +244,7 @@ const unsigned char advanced_cert_pem_4[] = "-----BEGIN CERTIFICATE-----\n"
"Yj7MxshEtderX2xwlf0atGNyj/MQjhiuBzYCuvbzLxD8CkZMMjPwEHbwGkVaSdTa\n"
"Cggnp64OVIyU5OqLa4BVmWQl\n"
"-----END CERTIFICATE-----";
-const unsigned char advanced_cert_der_4[] =
+const unsigned char advanced_cert_der_4[] =
"MIIDDjCCAXagAwIBAgIUVWRCzRVkKkvSV8p5hX2em+k5NH0wDQYJKoZIhvcNAQEL"
"BQAwKjETMBEGA1UEAwwKZ2xld2x3eWRfMjETMBEGA1UEChMKYmFiZWxvdWVzdDAe"
"Fw0yMTA5MTQxNTI0NDdaFw0yMjA4MzAxNTI0NDdaMCsxFDASBgNVBAMTC0RhdmUg"
@@ -263,6 +263,7 @@ const unsigned char advanced_cert_der_4[] =
"Yj7MxshEtderX2xwlf0atGNyj/MQjhiuBzYCuvbzLxD8CkZMMjPwEHbwGkVaSdTa"
"Cggnp64OVIyU5OqLa4BVmWQl";
const char advanced_jku_4[] = "{\"keys\":[{\"kty\":\"EC\",\"x\":\"rXNalVG5Ylar4cutzXQVVA02QJLCo7b21E3C2nHhBLc\",\"y\":\"Rf9u09u0einojf_spvzu_NLmS8KgmhUfYseSN_ycaXY\",\"crv\":\"P-256\",\"kid\":\"OsipzlLJ1CAOU_WnT2zuB4u31IlgFPsZfT4j4r5qZUA\"}]}";
+const char jwk_key_128_1[] = "{\"kty\":\"oct\",\"alg\":\"HS256\",\"k\":\"Zd3bPKCfbPc2A6sh3M7dIbzgD6PS-qIwsbN79VgN5PY\"}";
#define ADVANCED_TOKEN "eyJraWQiOiJkZjVTckx2SlgzWEI3OHhHa25QZVZDemdXOTZhT2pYSTlfQnFtYkUzV0ljIiwiandrIjp7Imt0eSI6IkVDIiwieCI6IktPSVItVXpkTDRpOV9uUDM1dVg1UklhZnF3c0FEUkZpTjc0TWNNYTNMVkkiLCJ5IjoiXzB3MzZMb0ZlYVpXTG1jOXYwOHlXNjhEdzFHQWdmNjFmUDRSNUx0TFY1dyIsImNydiI6IlAtMjU2Iiwia2lkIjoiMSIsIng1YyI6WyJNSUlERGpDQ0FYYWdBd0lCQWdJVU5kQlhzUzBmN3c3em9xQlYwMDVlT2VEMkRNZ3dEUVlKS29aSWh2Y05BUUVMQlFBd0tqRVRNQkVHQTFVRUF3d0taMnhsZDJ4M2VXUmZNVEVUTUJFR0ExVUVDaE1LWW1GaVpXeHZkV1Z6ZERBZUZ3MHlNVEE1TVRNeU1UUTVNemhhRncweU1qQTRNamt5TVRRNU16aGFNQ3N4RkRBU0JnTlZCQU1UQzBSaGRtVWdURzl3Y0dWeU1STXdFUVlEVlFRS0V3cGlZV0psYkc5MVpYTjBNRmt3RXdZSEtvWkl6ajBDQVFZSUtvWkl6ajBEQVFjRFFnQUVLT0lSK1V6ZEw0aTkvblAzNXVYNVJJYWZxd3NBRFJGaU43NE1jTWEzTFZML1REZm91Z1Y1cGxZdVp6Mi9UekpicndQRFVZQ0IvclY4L2hIa3UwdFhuS04yTUhRd0RBWURWUjBUQVFIL0JBSXdBREFUQmdOVkhTVUVEREFLQmdnckJnRUZCUWNEQWpBUEJnTlZIUThCQWY4RUJRTURCNEFBTUIwR0ExVWREZ1FXQkJSL3hBUFZNUlVnU0YySU5yTnNHclg5WmlrU1lEQWZCZ05WSFNNRUdEQVdnQlJabTQya1RDK2FMKzBEVk95U0lESU45U3ZVRWpBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQVlFQUhIOEZ0SjRDVmZyU3ZsR3hSa1pIOTFYRks2aWIxMTBiL051OXpJUEcydCtHYUZodkNCdFJmSGhiekY3RkcvbytOTmhiVWZXTG5iUFJlTlF5NDVRYXNxbHJRTURrZ2VDQVpza2VhZHgxTWpyQU44RWJGU21ReFE5ZEtKd1pyWFl4aVQzSVcxTEZXeXVISEErYXZEeVd5RFFTb0FCWmtWV3pWM1VIajZQRkdqTlVoZFdiVTdXTEY5ellYMDdLN3UyRnlWNjcvZkpDUFg5UjErY3ZWRnBZdFBRc09vNU5GbkVMcmxiUnM4ZDFnN0pwZlpYL2p1WEJ0WXNpQTcxaU9QOXNWcVdITTVVa1dnZDZ4YWRPR0ZxaWlTcEpNbitrNUxMOVBWTFo2QnFkcUxPRUZFTElVTE0vbVZ2SXZkM2tid2lUaVVrWlRiNnd0SS9aOGJBUGxLU1FCL3hIdXh5OC9IM2NPYzhDT29xMmZuVHRMQmFRajRjNFZFaytNUHVMc0s3c21GV3NRblFOUlMrdUhQSVBXNE52Nm55VWo1NHRxZThGYUl6RWlvQlVENzc5c0o5Z3hpejY4VVBEbzVBckh4M2kyaVMyUk9rRUdFVW05M2ZZR2k4eTh5WnRXYjhNc1B2cUppMkFyMHR2czN5T0hwMytXcVRPZlRvWVNyck56MnJQIl19LCJ4NWMiOlsiTUlJRERqQ0NBWGFnQXdJQkFnSVVkMXNZZUFMY0MzbkREemxvdm1VbTlTK0lBYUV3RFFZSktvWklodmNOQVFFTEJRQXdLakVUTUJFR0ExVUVBd3dLWjJ4bGQyeDNlV1JmTVRFVE1CRUdBMVVFQ2hNS1ltRmlaV3h2ZFdWemREQWVGdzB5TVRBNU1UUXhOVEkwTkRaYUZ3MHlNakE0TXpBeE5USTBORFphTUNzeEZEQVNCZ05WQkFNVEMwUmhkbVVnVEc5d2NHVnlNUk13RVFZRFZRUUtFd3BpWVdKbGJHOTFaWE4wTUZrd0V3WUhLb1pJemowQ0FRWUlLb1pJemowREFRY0RRZ0FFTy9JM1E4RnNFRmlpNW9IWkI1SHRaZTQ2YXdTWXhrbVR0bVZwV0thYjVUOVNJZnpuVndMM241L2lqTHlRNTRmNmJXbkxreGV1WnhSZlRkckRITm9kT3FOMk1IUXdEQVlEVlIwVEFRSC9CQUl3QURBVEJnTlZIU1VFRERBS0JnZ3JCZ0VGQlFjREFqQVBCZ05WSFE4QkFmOEVCUU1EQjRBQU1CMEdBMVVkRGdRV0JCU2RqczBycUxnRUh2Sm9lbjJUMFhJUlJpclM1VEFmQmdOVkhTTUVHREFXZ0JTVG1FbUcrVEhXL3pySk01WmZDUGkyNTlSQTh6QU5CZ2txaGtpRzl3MEJBUXNGQUFPQ0FZRUFFQ2RSdEZWRVJwa2tBZmo3bXdDN1F1Mm5vcE1ZY0tDRGFnREtpMTZZSkVMUVdERXgxZGpSOUdGdTE5UUVSTjBSR1NPRWd6UHVuaWZhVU9HZmtZc0ZhRjlOQTI3S1ZHZ3BLM1RnVGw1QUpCSUdJaUtQOHZTaXFGNktPb3NiVFUzV2VLd1Q0bUUzdDF5V2NHL0V4Q3FYVWNPVW1IMkJGTWg3NGFPMnlwOEFGaVJBSzUxQWxVN0wzV1J2ZHRhVkwxcnJpaVluT2g1U3JTZXZWdmViTWRaeE96c2w3d0docFc2Z1ZmbTB4bU1QS2RDTmh5alRsWDZVelJER3BOeFQ1VE5iM2tZUkd2aVovQnNNcFQxTXJuSVFSVVVoTEV6N2RkNDM2MlhnUlgxSmk2UnZES2NRVnhRTmRJT1RXeUpJRGVucmJxbXVBNFplVi9PSTg2VWY5aVBraktVR0ppVmhhWU1Xd2dYU2tmUnlVM3VBVnBlbExYNy9tem0zUHVKVjVSeUJzSnFOc3Vtc2REU2tBKys1VmhkT3FpOFlyNWdJMGdGM2VwNXRnZ3ZWQktnR21wWjJmRUY2QktNVEM0SHlpQ2M5ZTJxZXFMVElPWlBpTXBKbThONmZwRVkzN0pFcXFQSGVZMTlXWXhkRVRyWTVYTENxdElURlJWVE11YkpQeURuYyJdLCJ4NXUiOiJodHRwczovL2xvY2FsaG9zdDo3NDY4L3g1dSIsImprdSI6Imh0dHBzOi8vbG9jYWxob3N0Ojc0Njgvamt1IiwiYWxnIjoiRUNESC1FUytBMTI4S1ciLCJlcGsiOnsia3R5IjoiRUMiLCJ4IjoicDBRRHpqVU5HVTJ0UmM4QlNPbFpzRzBONTQwazNmTzBPT082bTJjbDlJSSIsInkiOiItTEkwRjdwbC1yNklYZjlXMVpMVFRDZXV3M05JemZRLW1OamVJS2RJc1RVIiwiY3J2IjoiUC0yNTYifSwiZW5jIjoiQTEyOENCQy1IUzI1NiJ9.jJY1hvX8J0f8T-8piAS_9zVejfTVV-oUaflrY7WV0ErmiNlYc7aHRg.bToigkLnPUDJb_P4cHt0hA.lLYVB2ajc0KNPt2iAvP2LFxDAjI1ujqKkjgZ1--8seq63WF0jZD9CxKRUUseIAmEjiPpaOG1co8DdqUXMEvw2g.MnoGVwEN_PG2i_joWhxTUA"
@@ -271,6 +272,7 @@ const char advanced_jku_4[] = "{\"keys\":[{\"kty\":\"EC\",\"x\":\"rXNalVG5Ylar4c
#define TOKEN_INVALID_HEADER_B64 ";error;iOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.S7OUaa-1ekDy8cPPo1Rzq81vwaEfk3yBL5Xw9FnfRtGikBSwH0OC6Q.29q9_PdnK2jXwG4gJvgDoQ.BuhbHPZczZ_XqNm8JwoW_B8rczVdVYO4o7pflVAcT0ojJg_m8Eo79F2W7FgLUEKVxrOoOz6-tuQjCzWfZkrE3g.p28K0cxZ3gDEpAMD_79pOw"
#define TOKEN_INVALID_IV_B64 "eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.S7OUaa-1ekDy8cPPo1Rzq81vwaEfk3yBL5Xw9FnfRtGikBSwH0OC6Q.;error;nK2jXwG4gJvgDoQ.BuhbHPZczZ_XqNm8JwoW_B8rczVdVYO4o7pflVAcT0ojJg_m8Eo79F2W7FgLUEKVxrOoOz6-tuQjCzWfZkrE3g.p28K0cxZ3gDEpAMD_79pOw"
#define TOKEN_INVALID_CIPHER_B64 "eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.S7OUaa-1ekDy8cPPo1Rzq81vwaEfk3yBL5Xw9FnfRtGikBSwH0OC6Q.29q9_PdnK2jXwG4gJvgDoQ.;error;czZ_XqNm8JwoW_B8rczVdVYO4o7pflVAcT0ojJg_m8Eo79F2W7FgLUEKVxrOoOz6-tuQjCzWfZkrE3g.p28K0cxZ3gDEpAMD_79pOw"
+#define TOKEN_INVALID_CIPHER_LEN "eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..-cNn1XCsgQJ4LUqRynkFYg.10CSSm6dThI4bPCQjzSrEupjI-sTLk52MEGEf06vxJDabMOAdfcyIlLa4CMJyOmFMpVvI9-eWRfLmoIM8R.r76qF3OECfzhDMxZ7yTGFg"
#define TOKEN_INVALID_TAG_B64 "eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.S7OUaa-1ekDy8cPPo1Rzq81vwaEfk3yBL5Xw9FnfRtGikBSwH0OC6Q.29q9_PdnK2jXwG4gJvgDoQ.BuhbHPZczZ_XqNm8JwoW_B8rczVdVYO4o7pflVAcT0ojJg_m8Eo79F2W7FgLUEKVxrOoOz6-tuQjCzWfZkrE3g.;error;Z3gDEpAMD_79pOw"
#define TOKEN_INVALID_DOTS "eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0S7OUaa-1ekDy8cPPo1Rzq81vwaEfk3yBL5Xw9FnfRtGikBSwH0OC6Q.29q9_PdnK2jXwG4gJvgDoQ.BuhbHPZczZ_XqNm8JwoW_B8rczVdVYO4o7pflVAcT0ojJg_m8Eo79F2W7FgLUEKVxrOoOz6-tuQjCzWfZkrE3g.p28K0cxZ3gDEpAMD_79pOw"
#define TOKEN_EMPTY_HEADER ".S7OUaa-1ekDy8cPPo1Rzq81vwaEfk3yBL5Xw9FnfRtGikBSwH0OC6Q.29q9_PdnK2jXwG4gJvgDoQ.BuhbHPZczZ_XqNm8JwoW_B8rczVdVYO4o7pflVAcT0ojJg_m8Eo79F2W7FgLUEKVxrOoOz6-tuQjCzWfZkrE3g.p28K0cxZ3gDEpAMD_79pOw"
@@ -280,14 +282,24 @@ const char advanced_jku_4[] = "{\"keys\":[{\"kty\":\"EC\",\"x\":\"rXNalVG5Ylar4c
#define TOKEN_OVERSIZE_IV "eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.ZXJyb3JlcnJvcmVycm9yZXJyb3JlcnJvcmVycm9yZXJyb3JlcnJvcmVycm9yZXJyb3JlcnJvcmVycm9yZXJyb3JlcnJvcmVycm9yZXJyb3JlcnJvcmVycm9yZXJyb3JlcnJvcmVycm9yZXJyb3JlcnJvcmVycm9yZXJyb3JlcnJvcmVycm9yZXJyb3JlcnJvcmVycm9yZXJyb3JlcnJvcmVycm9yZXJyb3JlcnJvcmVycm9yZXJyb3JlcnJvcmVycm9yZXJyb3JlcnJvcmVycm9yZXJyb3JlcnJvcmVycm9yZXJyb3JlcnJvcmVycm9yCg.29q9_PdnK2jXwG4gJvgDoQ.BuhbHPZczZ_XqNm8JwoW_B8rczVdVYO4o7pflVAcT0ojJg_m8Eo79F2W7FgLUEKVxrOoOz6-tuQjCzWfZkrE3g.p28K0cxZ3gDEpAMD_79pOw"
#define TOKEN_OVERSIZE_TAG "eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.S7OUaa-1ekDy8cPPo1Rzq81vwaEfk3yBL5Xw9FnfRtGikBSwH0OC6Q.29q9_PdnK2jXwG4gJvgDoQ.BuhbHPZczZ_XqNm8JwoW_B8rczVdVYO4o7pflVAcT0ojJg_m8Eo79F2W7FgLUEKVxrOoOz6-tuQjCzWfZkrE3g.ZXJyb3JlcnJvcmVycm9yZXJyb3JlcnJvcmVycm9yZXJyb3JlcnJvcmVycm9yZXJyb3JlcnJvcmVycm9yZXJyb3JlcnJvcmVycm9yZXJyb3JlcnJvcmVycm9yZXJyb3JlcnJvcmVycm9yZXJyb3JlcnJvcmVycm9yZXJyb3JlcnJvcmVycm9yZXJyb3JlcnJvcmVycm9yZXJyb3JlcnJvcmVycm9yZXJyb3JlcnJvcmVycm9yZXJyb3JlcnJvcmVycm9yZXJyb3JlcnJvcmVycm9yZXJyb3JlcnJvcmVycm9yZXJyb3JlcnJvcmVycm9yCg"
#define TOKEN_INVALID_ENC "eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIn0.S7OUaa-1ekDy8cPPo1Rzq81vwaEfk3yBL5Xw9FnfRtGikBSwH0OC6Q.29q9_PdnK2jXwG4gJvgDoQ.BuhbHPZczZ_XqNm8JwoW_B8rczVdVYO4o7pflVAcT0ojJg_m8Eo79F2W7FgLUEKVxrOoOz6-tuQjCzWfZkrE3g.p28K0cxZ3gDEpAMD_79pOw"
+#define TOKEN_VALID_CIPHER_LEN_1 "eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..BE6ybfu_NcwhkB01q7svMw.W5WH8adpm8Rmgz5X8MNkG3MUH3-Pdjr7F3nJ2L0CHDupVFGRuoMWBmYFrIIK6Po23LTK7Xo0QtxgoemzYpclIHZ8WLEh3FD-Ku0bq5Vm2Ic.xrblYm4FGTv2j59L7xQgAA"
+#define TOKEN_INVALID_CIPHER_LEN_1 "eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..BE6ybfu_NcwhkB01q7svMw.W5WH8adpm8Rmgz5X8MNkG3MUH3-Pdjr7F3nJ2L0CHDupVFGRuoMWBmYFrIIK6Po23LTK7Xo0QtxgoemzYpclIHZ8WLEh3FD-Ku0bq5.xrblYm4FGTv2j59L7xQgAA"
+#define TOKEN_INVALID_CIPHER_LEN_1_2 "eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..BE6ybfu_NcwhkB01q7svMw.W5WH8adpm8Rmgz5X8MNkG3MUH3-Pdjr7F3nJ2L0CHDupVFGRuoMWBmYFrIIK6Po23LTK7Xo0QtxgoemzYpclIHZ8WLEh3FD-Ku0bq5Vm2IcBE6yb.xrblYm4FGTv2j59L7xQgAA"
+#define TOKEN_INVALID_CIPHER_LEN_1_3 "eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..BE6ybfu_NcwhkB01q7svMw.W5WH8adpm8Rmgz5X8MNkG3MUH3-Pdjr7F3nJ2L0CHDupVFGRuoMWBmYFrIIK6Po23LTK7Xo0QtxgoemzYpclIHZ8WLEh3FD-Ku0bq5V.xrblYm4FGTv2j59L7xQgAA"
+#define TOKEN_INVALID_CIPHER_LEN_1_4 "eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..BE6ybfu_NcwhkB01q7svMw.W5WH8adpm8Rmgz5X8MNkG3MUH3-Pdjr7F3nJ2L0CHDupVFGRuoMWBmYFrIIK6Po23LTK7Xo0QtxgoemzYpclIHZ8WLEh3FD-Ku0bq5Vm2IcBE6y.xrblYm4FGTv2j59L7xQgAA"
+#define TOKEN_VALID_CIPHER_LEN_2 "eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..BE6ybfu_NcwhkB01q7svMw.W5WH8adpm8Rmgz5X8MNkG3MUH3-Pdjr7F3nJ2L0CHDupVFGRuoMWBmYFrIIK6Po23LTK7Xo0QtxgoemzYpclIHZ8WLEh3FD-Ku0bq5Vm2Ic.xrblYm4FGTv2j59L7xQgAA"
+#define TOKEN_INVALID_CIPHER_LEN_2 "eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..BE6ybfu_NcwhkB01q7svMw.AwliP-KmWgsZ37BvzCefNen6VTbRK3QMA4TkvRkH0tP1bTdhtFJgJxeVmJkLD61A1hnWGetdg11c9ADsnWgL56NyxwSYjU1ZEHcGkd3EkU0vjHi9gTlb90qSYFfeF0LwkcTtjbYKCsiNJQkcIp1yeM03OmuiYSoYJVSpf7ej6zaYcMv3WwdxDFl8REwOhNImk2Xld2JXq6BR53TSFkyT7PwVLuq-1GwtGHlQeg7gDT6xW0JqHDPn_H-puQsmthc9Zg0ojmJfqqFvETUxLAF-KjcBTS5dNy6egwkYtOt8EIHK-oEsKYtZRaa8Z7MOZ7UGxGIMvEmxrGCPeJa14slv2-gaqK0kEThkaSqdYw0F.xrblYm4FGTv2j59L7xQgAA"
+#define TOKEN_INVALID_CIPHER_LEN_2_2 "eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..BE6ybfu_NcwhkB01q7svMw.AwliP-KmWgsZ37BvzCefNen6VTbRK3QMA4TkvRkH0tP1bTdhtFJgJxeVmJkLD61A1hnWGetdg11c9ADsnWgL56NyxwSYjU1ZEHcGkd3EkU0vjHi9gTlb90qSYFfeF0LwkcTtjbYKCsiNJQkcIp1yeM03OmuiYSoYJVSpf7ej6zaYcMv3WwdxDFl8REwOhNImk2Xld2JXq6BR53TSFkyT7PwVLuq-1GwtGHlQeg7gDT6xW0JqHDPn_H-puQsmthc9Zg0ojmJfqqFvETUxLAF-KjcBTS5dNy6egwkYtOt8EIHK-oEsKYtZRaa8Z7MOZ7UGxGIMvEmxrGCPeJa14slv2-gaqK0kEThkaSqdYw0FkQZFBE6y.xrblYm4FGTv2j59L7xQgAA"
+#define TOKEN_INVALID_CIPHER_LEN_2_3 "eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..BE6ybfu_NcwhkB01q7svMw.AwliP-KmWgsZ37BvzCefNen6VTbRK3QMA4TkvRkH0tP1bTdhtFJgJxeVmJkLD61A1hnWGetdg11c9ADsnWgL56NyxwSYjU1ZEHcGkd3EkU0vjHi9gTlb90qSYFfeF0LwkcTtjbYKCsiNJQkcIp1yeM03OmuiYSoYJVSpf7ej6zaYcMv3WwdxDFl8REwOhNImk2Xld2JXq6BR53TSFkyT7PwVLuq-1GwtGHlQeg7gDT6xW0JqHDPn_H-puQsmthc9Zg0ojmJfqqFvETUxLAF-KjcBTS5dNy6egwkYtOt8EIHK-oEsKYtZRaa8Z7MOZ7UGxGIMvEmxrGCPeJa14slv2-gaqK0kEThkaSqdYw0.xrblYm4FGTv2j59L7xQgAA"
+#define TOKEN_INVALID_CIPHER_LEN_2_4 "eyJhbGciOiJkaXIiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0..BE6ybfu_NcwhkB01q7svMw.AwliP-KmWgsZ37BvzCefNen6VTbRK3QMA4TkvRkH0tP1bTdhtFJgJxeVmJkLD61A1hnWGetdg11c9ADsnWgL56NyxwSYjU1ZEHcGkd3EkU0vjHi9gTlb90qSYFfeF0LwkcTtjbYKCsiNJQkcIp1yeM03OmuiYSoYJVSpf7ej6zaYcMv3WwdxDFl8REwOhNImk2Xld2JXq6BR53TSFkyT7PwVLuq-1GwtGHlQeg7gDT6xW0JqHDPn_H-puQsmthc9Zg0ojmJfqqFvETUxLAF-KjcBTS5dNy6egwkYtOt8EIHK-oEsKYtZRaa8Z7MOZ7UGxGIMvEmxrGCPeJa14slv2-gaqK0kEThkaSqdYw0FkQZFBE6yb.xrblYm4FGTv2j59L7xQgAA"
START_TEST(test_rhonabwy_init)
{
jwe_t * jwe;
-
+
ck_assert_int_eq(r_jwe_init(NULL), RHN_ERROR_PARAM);
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
-
+
r_jwe_free(jwe);
}
END_TEST
@@ -295,14 +307,14 @@ END_TEST
START_TEST(test_rhonabwy_payload)
{
jwe_t * jwe;
-
+
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
-
+
ck_assert_int_eq(r_jwe_set_payload(NULL, (const unsigned char *)PAYLOAD, o_strlen(PAYLOAD)), RHN_ERROR_PARAM);
ck_assert_int_eq(r_jwe_set_payload(jwe, (const unsigned char *)PAYLOAD, o_strlen(PAYLOAD)), RHN_OK);
ck_assert_int_eq(r_jwe_set_payload(jwe, (const unsigned char *)PAYLOAD, 0), RHN_OK);
ck_assert_int_eq(r_jwe_set_payload(jwe, NULL, o_strlen(PAYLOAD)), RHN_OK);
-
+
r_jwe_free(jwe);
}
END_TEST
@@ -310,17 +322,17 @@ END_TEST
START_TEST(test_rhonabwy_alg)
{
jwe_t * jwe;
-
+
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwe_get_alg(jwe), R_JWA_ALG_UNKNOWN);
ck_assert_int_eq(r_jwe_set_alg(NULL, R_JWA_ALG_RSA1_5), RHN_ERROR_PARAM);
ck_assert_int_eq(r_jwe_set_alg(jwe, R_JWA_ALG_RSA1_5), RHN_OK);
ck_assert_int_eq(r_jwe_get_alg(jwe), R_JWA_ALG_RSA1_5);
-
+
ck_assert_int_eq(r_jwe_set_alg(jwe, R_JWA_ALG_ECDH_ES), RHN_OK);
ck_assert_int_eq(r_jwe_get_alg(jwe), R_JWA_ALG_ECDH_ES);
-
+
r_jwe_free(jwe);
}
END_TEST
@@ -329,23 +341,23 @@ START_TEST(test_rhonabwy_set_header)
{
jwe_t * jwe;
json_t * j_value = json_pack("{sssiso}", "str", "grut", "int", 42, "obj", json_true());
-
+
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
-
+
ck_assert_int_eq(r_jwe_set_header_str_value(NULL, "key", "value"), RHN_ERROR_PARAM);
ck_assert_int_eq(r_jwe_set_header_str_value(jwe, NULL, "value"), RHN_ERROR_PARAM);
ck_assert_int_eq(r_jwe_set_header_str_value(jwe, "key", NULL), RHN_OK);
ck_assert_int_eq(r_jwe_set_header_str_value(jwe, "key", "value"), RHN_OK);
-
+
ck_assert_int_eq(r_jwe_set_header_int_value(NULL, "key", 42), RHN_ERROR_PARAM);
ck_assert_int_eq(r_jwe_set_header_int_value(jwe, NULL, 42), RHN_ERROR_PARAM);
ck_assert_int_eq(r_jwe_set_header_int_value(jwe, "key", 42), RHN_OK);
-
+
ck_assert_int_eq(r_jwe_set_header_json_t_value(NULL, "key", j_value), RHN_ERROR_PARAM);
ck_assert_int_eq(r_jwe_set_header_json_t_value(jwe, NULL, j_value), RHN_ERROR_PARAM);
ck_assert_int_eq(r_jwe_set_header_json_t_value(jwe, "key", NULL), RHN_OK);
ck_assert_int_eq(r_jwe_set_header_json_t_value(jwe, "key", j_value), RHN_OK);
-
+
json_decref(j_value);
r_jwe_free(jwe);
}
@@ -355,21 +367,21 @@ START_TEST(test_rhonabwy_get_header)
{
jwe_t * jwe;
json_t * j_value = json_pack("{sssiso}", "str", "grut", "int", 42, "obj", json_true()), * j_result;
-
+
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
-
+
ck_assert_int_eq(r_jwe_set_header_str_value(jwe, "keystr", "value"), RHN_OK);
ck_assert_int_eq(r_jwe_set_header_int_value(jwe, "keyint", 42), RHN_OK);
ck_assert_int_eq(r_jwe_set_header_json_t_value(jwe, "keyjson", j_value), RHN_OK);
-
+
ck_assert_str_eq("value", r_jwe_get_header_str_value(jwe, "keystr"));
ck_assert_int_eq(42, r_jwe_get_header_int_value(jwe, "keyint"));
ck_assert_int_eq(json_equal(j_value, (j_result = r_jwe_get_header_json_t_value(jwe, "keyjson"))) , 1);
-
+
ck_assert_ptr_eq(NULL, r_jwe_get_header_str_value(jwe, "error"));
ck_assert_int_eq(0, r_jwe_get_header_int_value(jwe, "error"));
ck_assert_ptr_eq(NULL, r_jwe_get_header_json_t_value(jwe, "error"));
-
+
json_decref(j_value);
json_decref(j_result);
r_jwe_free(jwe);
@@ -380,27 +392,27 @@ START_TEST(test_rhonabwy_set_full_header_error)
{
jwe_t * jwe;
json_t * j_header;
-
+
j_header = json_pack("{ssss}", "alg", r_jwa_alg_to_str(R_JWA_ALG_RSA_OAEP_256), "enc", "error");
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwe_set_full_header_json_t(jwe, j_header), RHN_ERROR_PARAM);
r_jwe_free(jwe);
json_decref(j_header);
-
+
j_header = json_pack("{ssss}", "alg", "error", "enc", r_jwa_enc_to_str(R_JWA_ENC_A256GCM));
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwe_set_full_header_json_t(jwe, j_header), RHN_ERROR_PARAM);
r_jwe_free(jwe);
json_decref(j_header);
-
+
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwe_set_full_header_json_t(jwe, NULL), RHN_ERROR_PARAM);
r_jwe_free(jwe);
-
+
j_header = json_pack("{ssss}", "alg", r_jwa_alg_to_str(R_JWA_ALG_RSA_OAEP_256), "enc", r_jwa_enc_to_str(R_JWA_ENC_A256GCM));
ck_assert_int_eq(r_jwe_set_full_header_json_t(NULL, j_header), RHN_ERROR_PARAM);
json_decref(j_header);
-
+
}
END_TEST
@@ -409,7 +421,7 @@ START_TEST(test_rhonabwy_set_full_header)
jwe_t * jwe;
json_t * j_header = json_pack("{sssisossss}", "str", CLAIM_STR, "int", CLAIM_INT, "obj", json_true(), "alg", r_jwa_alg_to_str(R_JWA_ALG_RSA_OAEP_256), "enc", r_jwa_enc_to_str(R_JWA_ENC_A256GCM));
char * str_header = json_dumps(j_header, JSON_COMPACT);
-
+
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwe_set_full_header_json_t(jwe, j_header), RHN_OK);
ck_assert_str_eq(r_jwe_get_header_str_value(jwe, "str"), CLAIM_STR);
@@ -418,7 +430,7 @@ START_TEST(test_rhonabwy_set_full_header)
ck_assert_int_eq(r_jwe_get_alg(jwe), R_JWA_ALG_RSA_OAEP_256);
ck_assert_int_eq(r_jwe_get_enc(jwe), R_JWA_ENC_A256GCM);
r_jwe_free(jwe);
-
+
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwe_set_full_header_json_str(jwe, str_header), RHN_OK);
ck_assert_str_eq(r_jwe_get_header_str_value(jwe, "str"), CLAIM_STR);
@@ -427,7 +439,7 @@ START_TEST(test_rhonabwy_set_full_header)
ck_assert_int_eq(r_jwe_get_alg(jwe), R_JWA_ALG_RSA_OAEP_256);
ck_assert_int_eq(r_jwe_get_enc(jwe), R_JWA_ENC_A256GCM);
r_jwe_free(jwe);
-
+
o_free(str_header);
json_decref(j_header);
}
@@ -437,10 +449,10 @@ START_TEST(test_rhonabwy_get_full_header)
{
jwe_t * jwe;
json_t * j_value = json_pack("{sssiso}", "str", "grut", "int", 42, "obj", json_true()), * j_header = json_pack("{sssisO}", "keystr", "value", "keyint", 42, "keyjson", j_value), * j_result;
-
+
ck_assert_ptr_ne(j_header, NULL);
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
-
+
ck_assert_int_eq(r_jwe_set_header_str_value(jwe, "keystr", "value"), RHN_OK);
ck_assert_int_eq(r_jwe_set_header_int_value(jwe, "keyint", 42), RHN_OK);
ck_assert_int_eq(r_jwe_set_header_json_t_value(jwe, "keyjson", j_value), RHN_OK);
@@ -458,21 +470,21 @@ START_TEST(test_rhonabwy_set_full_unprotected_header)
jwe_t * jwe;
json_t * j_header = json_pack("{sssiso}", "str", CLAIM_STR, "int", CLAIM_INT, "obj", json_true());
char * str_header = json_dumps(j_header, JSON_COMPACT);
-
+
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwe_set_full_unprotected_header_json_t(jwe, json_null()), RHN_ERROR_PARAM);
ck_assert_int_eq(r_jwe_set_full_unprotected_header_json_t(jwe, NULL), RHN_ERROR_PARAM);
ck_assert_int_eq(r_jwe_set_full_unprotected_header_json_t(NULL, j_header), RHN_ERROR_PARAM);
ck_assert_int_eq(r_jwe_set_full_unprotected_header_json_t(jwe, j_header), RHN_OK);
r_jwe_free(jwe);
-
+
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwe_set_full_unprotected_header_json_str(jwe, "[4, 8, 15, 16, 23, 42]"), RHN_ERROR_PARAM);
ck_assert_int_eq(r_jwe_set_full_unprotected_header_json_str(jwe, NULL), RHN_ERROR_PARAM);
ck_assert_int_eq(r_jwe_set_full_unprotected_header_json_str(NULL, str_header), RHN_ERROR_PARAM);
ck_assert_int_eq(r_jwe_set_full_unprotected_header_json_str(jwe, str_header), RHN_OK);
r_jwe_free(jwe);
-
+
o_free(str_header);
json_decref(j_header);
}
@@ -483,10 +495,10 @@ START_TEST(test_rhonabwy_get_full_unprotected_header)
jwe_t * jwe;
json_t * j_header = json_pack("{sssiso}", "str", CLAIM_STR, "int", CLAIM_INT, "obj", json_true()), * j_header_get;
char * str_header_get;
-
+
ck_assert_ptr_ne(j_header, NULL);
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
-
+
ck_assert_int_eq(r_jwe_set_full_unprotected_header_json_t(jwe, j_header), RHN_OK);
ck_assert_ptr_ne(NULL, j_header_get = r_jwe_get_full_unprotected_header_json_t(jwe));
ck_assert_int_eq(1, json_equal(j_header_get, j_header));
@@ -494,7 +506,7 @@ START_TEST(test_rhonabwy_get_full_unprotected_header)
ck_assert_ptr_ne(NULL, str_header_get = r_jwe_get_full_unprotected_header_str(jwe));
ck_assert_ptr_ne(NULL, j_header_get = json_loads(str_header_get, JSON_DECODE_ANY, NULL));
ck_assert_int_eq(1, json_equal(j_header_get, j_header));
-
+
o_free(str_header_get);
json_decref(j_header);
json_decref(j_header_get);
@@ -506,14 +518,14 @@ START_TEST(test_rhonabwy_set_keys)
{
jwe_t * jwe;
jwk_t * jwk_pubkey_ecdsa, * jwk_privkey_ecdsa, * jwk_pubkey_rsa, * jwk_privkey_rsa, * jwk_key_symmetric;
-
+
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwk_init(&jwk_pubkey_ecdsa), RHN_OK);
ck_assert_int_eq(r_jwk_init(&jwk_privkey_ecdsa), RHN_OK);
ck_assert_int_eq(r_jwk_init(&jwk_pubkey_rsa), RHN_OK);
ck_assert_int_eq(r_jwk_init(&jwk_privkey_rsa), RHN_OK);
ck_assert_int_eq(r_jwk_init(&jwk_key_symmetric), RHN_OK);
-
+
ck_assert_int_eq(r_jwk_import_from_json_str(jwk_pubkey_ecdsa, jwk_pubkey_ecdsa_str), RHN_OK);
ck_assert_int_eq(r_jwk_import_from_json_str(jwk_privkey_ecdsa, jwk_privkey_ecdsa_str), RHN_OK);
ck_assert_int_eq(r_jwe_add_keys(jwe, jwk_pubkey_ecdsa, jwk_privkey_ecdsa), RHN_OK);
@@ -524,7 +536,7 @@ START_TEST(test_rhonabwy_set_keys)
ck_assert_int_eq(r_jwe_add_keys(jwe, jwk_key_symmetric, NULL), RHN_OK);
ck_assert_int_eq(r_jwe_add_keys(NULL, jwk_pubkey_ecdsa, jwk_privkey_ecdsa), RHN_ERROR_PARAM);
ck_assert_int_eq(r_jwe_add_keys(jwe, NULL, NULL), RHN_ERROR_PARAM);
-
+
r_jwk_free(jwk_pubkey_ecdsa);
r_jwk_free(jwk_privkey_ecdsa);
r_jwk_free(jwk_pubkey_rsa);
@@ -539,7 +551,7 @@ START_TEST(test_rhonabwy_set_jwks)
jwe_t * jwe;
jwk_t * jwk_pubkey_ecdsa, * jwk_privkey_ecdsa, * jwk_pubkey_rsa, * jwk_privkey_rsa;
jwks_t * jwks_pubkey, * jwks_privkey, * jwks;
-
+
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwks_init(&jwks_pubkey), RHN_OK);
ck_assert_int_eq(r_jwks_init(&jwks_privkey), RHN_OK);
@@ -547,7 +559,7 @@ START_TEST(test_rhonabwy_set_jwks)
ck_assert_int_eq(r_jwk_init(&jwk_privkey_ecdsa), RHN_OK);
ck_assert_int_eq(r_jwk_init(&jwk_pubkey_rsa), RHN_OK);
ck_assert_int_eq(r_jwk_init(&jwk_privkey_rsa), RHN_OK);
-
+
ck_assert_int_eq(r_jwk_import_from_json_str(jwk_pubkey_ecdsa, jwk_pubkey_ecdsa_str), RHN_OK);
ck_assert_int_eq(r_jwks_append_jwk(jwks_pubkey, jwk_pubkey_ecdsa), RHN_OK);
ck_assert_int_eq(r_jwk_import_from_json_str(jwk_pubkey_rsa, jwk_pubkey_rsa_str), RHN_OK);
@@ -556,29 +568,29 @@ START_TEST(test_rhonabwy_set_jwks)
ck_assert_int_eq(r_jwks_append_jwk(jwks_privkey, jwk_privkey_ecdsa), RHN_OK);
ck_assert_int_eq(r_jwk_import_from_json_str(jwk_privkey_rsa, jwk_privkey_rsa_str), RHN_OK);
ck_assert_int_eq(r_jwks_append_jwk(jwks_privkey, jwk_privkey_rsa), RHN_OK);
-
+
jwks = r_jwe_get_jwks_privkey(jwe);
ck_assert_int_eq(0, r_jwks_size(jwks));
r_jwks_free(jwks);
-
+
jwks = r_jwe_get_jwks_pubkey(jwe);
ck_assert_int_eq(0, r_jwks_size(jwks));
r_jwks_free(jwks);
-
+
ck_assert_int_eq(0, r_jwks_size(jwe->jwks_privkey));
ck_assert_int_eq(0, r_jwks_size(jwe->jwks_pubkey));
ck_assert_int_eq(r_jwe_add_jwks(jwe, jwks_privkey, jwks_pubkey), RHN_OK);
ck_assert_int_eq(2, r_jwks_size(jwe->jwks_privkey));
ck_assert_int_eq(2, r_jwks_size(jwe->jwks_pubkey));
-
+
jwks = r_jwe_get_jwks_privkey(jwe);
ck_assert_int_eq(2, r_jwks_size(jwks));
r_jwks_free(jwks);
-
+
jwks = r_jwe_get_jwks_pubkey(jwe);
ck_assert_int_eq(2, r_jwks_size(jwks));
r_jwks_free(jwks);
-
+
r_jwk_free(jwk_pubkey_ecdsa);
r_jwk_free(jwk_privkey_ecdsa);
r_jwk_free(jwk_pubkey_rsa);
@@ -599,7 +611,7 @@ START_TEST(test_rhonabwy_add_keys_by_content)
gnutls_pubkey_t g_pubkey;
#endif
json_t * j_privkey, * j_pubkey;
-
+
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwk_init(&jwk_priv), RHN_OK);
ck_assert_int_eq(r_jwk_init(&jwk_pub), RHN_OK);
@@ -611,67 +623,67 @@ START_TEST(test_rhonabwy_add_keys_by_content)
#endif
ck_assert_ptr_ne(j_privkey = r_jwk_export_to_json_t(jwk_priv), NULL);
ck_assert_ptr_ne(j_pubkey = r_jwk_export_to_json_t(jwk_pub), NULL);
-
+
jwks = r_jwe_get_jwks_privkey(jwe);
ck_assert_int_eq(0, r_jwks_size(jwks));
r_jwks_free(jwks);
-
+
jwks = r_jwe_get_jwks_pubkey(jwe);
ck_assert_int_eq(0, r_jwks_size(jwks));
r_jwks_free(jwks);
-
+
ck_assert_int_eq(r_jwe_add_keys_json_str(jwe, jwk_privkey_rsa_str, jwk_pubkey_rsa_str), RHN_OK);
-
+
jwks = r_jwe_get_jwks_privkey(jwe);
ck_assert_int_eq(1, r_jwks_size(jwks));
r_jwks_free(jwks);
-
+
jwks = r_jwe_get_jwks_pubkey(jwe);
ck_assert_int_eq(1, r_jwks_size(jwks));
r_jwks_free(jwks);
-
+
ck_assert_int_eq(r_jwe_add_keys_json_t(jwe, j_privkey, j_pubkey), RHN_OK);
-
+
jwks = r_jwe_get_jwks_privkey(jwe);
ck_assert_int_eq(2, r_jwks_size(jwks));
r_jwks_free(jwks);
-
+
jwks = r_jwe_get_jwks_pubkey(jwe);
ck_assert_int_eq(2, r_jwks_size(jwks));
r_jwks_free(jwks);
-
+
ck_assert_int_eq(r_jwe_add_keys_pem_der(jwe, R_FORMAT_PEM, rsa_2048_priv, sizeof(rsa_2048_priv), rsa_2048_pub, sizeof(rsa_2048_pub)), RHN_OK);
-
+
jwks = r_jwe_get_jwks_privkey(jwe);
ck_assert_int_eq(3, r_jwks_size(jwks));
r_jwks_free(jwks);
-
+
jwks = r_jwe_get_jwks_pubkey(jwe);
ck_assert_int_eq(3, r_jwks_size(jwks));
r_jwks_free(jwks);
-
+
ck_assert_int_eq(r_jwe_add_key_symmetric(jwe, symmetric_key, sizeof(symmetric_key)), RHN_OK);
-
+
jwks = r_jwe_get_jwks_privkey(jwe);
ck_assert_int_eq(4, r_jwks_size(jwks));
r_jwks_free(jwks);
-
+
jwks = r_jwe_get_jwks_pubkey(jwe);
ck_assert_int_eq(4, r_jwks_size(jwks));
r_jwks_free(jwks);
-
+
#if GNUTLS_VERSION_NUMBER >= 0x030600
ck_assert_int_eq(r_jwe_add_keys_gnutls(jwe, g_privkey, g_pubkey), RHN_OK);
-
+
jwks = r_jwe_get_jwks_privkey(jwe);
ck_assert_int_eq(5, r_jwks_size(jwks));
r_jwks_free(jwks);
-
+
jwks = r_jwe_get_jwks_pubkey(jwe);
ck_assert_int_eq(5, r_jwks_size(jwks));
r_jwks_free(jwks);
#endif
-
+
r_jwe_free(jwe);
#if GNUTLS_VERSION_NUMBER >= 0x030600
gnutls_privkey_deinit(g_privkey);
@@ -692,7 +704,7 @@ START_TEST(test_rhonabwy_set_properties_error)
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwk_init(&jwk), RHN_OK);
ck_assert_int_eq(r_jwk_import_from_json_str(jwk, jwk_privkey_ecdsa_str), RHN_OK);
-
+
ck_assert_int_eq(r_jwe_set_properties(jwe, RHN_OPT_CLAIM_FULL_JSON_STR, json_true(),
RHN_OPT_NONE), RHN_ERROR_PARAM);
ck_assert_int_eq(r_jwe_set_properties(jwe, RHN_OPT_CLAIM_FULL_JSON_STR, "{}",
@@ -728,7 +740,7 @@ START_TEST(test_rhonabwy_set_properties)
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwk_init(&jwk), RHN_OK);
ck_assert_int_eq(r_jwk_import_from_json_str(jwk, jwk_privkey_ecdsa_str), RHN_OK);
-
+
ck_assert_int_eq(r_jwe_set_properties(jwe, RHN_OPT_HEADER_INT_VALUE, "int", CLAIM_INT,
RHN_OPT_HEADER_RHN_INT_VALUE, "rhn_int", (rhn_int_t)CLAIM_INT,
RHN_OPT_HEADER_STR_VALUE, "str", CLAIM_STR,
@@ -766,7 +778,7 @@ START_TEST(test_rhonabwy_set_properties)
ck_assert_int_eq(0, memcmp(key_iv_aad, aad, key_iv_aad_len));
ck_assert_int_eq(1, r_jwks_size(jwe->jwks_privkey));
ck_assert_int_eq(1, r_jwks_size(jwe->jwks_pubkey));
-
+
json_decref(j_un_header);
json_decref(j_un_header_resp);
r_jwe_free(jwe);
@@ -779,7 +791,7 @@ START_TEST(test_rhonabwy_copy)
jwe_t * jwe, * jwe_copy;
jwk_t * jwk_privkey, * jwk_pubkey;
char * token = NULL, * token_copy;
-
+
ck_assert_int_eq(r_jwk_init(&jwk_privkey), RHN_OK);
ck_assert_int_eq(r_jwk_init(&jwk_pubkey), RHN_OK);
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
@@ -787,14 +799,14 @@ START_TEST(test_rhonabwy_copy)
ck_assert_int_eq(r_jwk_import_from_json_str(jwk_pubkey, jwk_pubkey_rsa_str), RHN_OK);
ck_assert_int_eq(r_jwe_set_payload(jwe, (const unsigned char *)PAYLOAD, o_strlen(PAYLOAD)), RHN_OK);
ck_assert_int_eq(r_jwe_add_keys(jwe, jwk_privkey, jwk_pubkey), RHN_OK);
-
+
ck_assert_int_eq(r_jwe_set_alg(jwe, R_JWA_ALG_RSA1_5), RHN_OK);
ck_assert_int_eq(r_jwe_set_enc(jwe, R_JWA_ENC_A128CBC), RHN_OK);
ck_assert_ptr_ne((token = r_jwe_serialize(jwe, NULL, 0)), NULL);
-
+
ck_assert_ptr_ne((jwe_copy = r_jwe_copy(jwe)), NULL);
ck_assert_ptr_ne((token_copy = r_jwe_serialize(jwe_copy, NULL, 0)), NULL);
-
+
o_free(token);
o_free(token_copy);
r_jwk_free(jwk_privkey);
@@ -808,15 +820,15 @@ START_TEST(test_rhonabwy_generate_cypher_key)
{
jwe_t * jwe;
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
-
+
ck_assert_int_eq(r_jwe_generate_cypher_key(NULL), RHN_ERROR_PARAM);
ck_assert_int_eq(r_jwe_generate_cypher_key(jwe), RHN_ERROR_PARAM);
ck_assert_int_eq(r_jwe_set_enc(jwe, R_JWA_ENC_A128CBC), RHN_OK);
-
+
ck_assert_int_eq(r_jwe_generate_cypher_key(jwe), RHN_OK);
ck_assert_int_gt(jwe->key_len, 0);
ck_assert_ptr_ne(jwe->key, NULL);
-
+
r_jwe_free(jwe);
}
END_TEST
@@ -825,15 +837,15 @@ START_TEST(test_rhonabwy_generate_iv)
{
jwe_t * jwe;
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
-
+
ck_assert_int_eq(r_jwe_generate_iv(NULL), RHN_ERROR_PARAM);
ck_assert_int_eq(r_jwe_generate_iv(jwe), RHN_ERROR_PARAM);
ck_assert_int_eq(r_jwe_set_enc(jwe, R_JWA_ENC_A128CBC), RHN_OK);
-
+
ck_assert_int_eq(r_jwe_generate_iv(jwe), RHN_OK);
ck_assert_int_gt(jwe->iv_len, 0);
ck_assert_ptr_ne(jwe->iv, NULL);
-
+
r_jwe_free(jwe);
}
END_TEST
@@ -873,7 +885,7 @@ START_TEST(test_rhonabwy_encrypt_payload_invalid)
ck_assert_int_eq(r_jwe_set_iv(jwe, NULL, 0), RHN_OK);
ck_assert_int_eq(r_jwe_set_payload(jwe, (const unsigned char *)PAYLOAD, o_strlen(PAYLOAD)), RHN_OK);
ck_assert_int_eq(r_jwe_encrypt_payload(jwe), RHN_ERROR_PARAM);
-
+
r_jwe_free(jwe);
}
END_TEST
@@ -891,7 +903,7 @@ START_TEST(test_rhonabwy_encrypt_payload)
ck_assert_ptr_ne(jwe->ciphertext_b64url, NULL);
ck_assert_int_eq(r_jwe_decrypt_payload(jwe), RHN_OK);
ck_assert_int_eq(0, o_strncmp(PAYLOAD, (const char *)r_jwe_get_payload(jwe, NULL), o_strlen(PAYLOAD)));
-
+
r_jwe_free(jwe);
}
END_TEST
@@ -911,7 +923,7 @@ START_TEST(test_rhonabwy_encrypt_payload_all_format)
ck_assert_int_eq(r_jwe_decrypt_payload(jwe), RHN_OK);
ck_assert_int_eq(0, o_strncmp(PAYLOAD, (const char *)r_jwe_get_payload(jwe, NULL), o_strlen(PAYLOAD)));
r_jwe_free(jwe);
-
+
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwe_set_enc(jwe, R_JWA_ENC_A192CBC), RHN_OK);
ck_assert_int_eq(r_jwe_generate_cypher_key(jwe), RHN_OK);
@@ -923,7 +935,7 @@ START_TEST(test_rhonabwy_encrypt_payload_all_format)
ck_assert_int_eq(r_jwe_decrypt_payload(jwe), RHN_OK);
ck_assert_int_eq(0, o_strncmp(PAYLOAD, (const char *)r_jwe_get_payload(jwe, NULL), o_strlen(PAYLOAD)));
r_jwe_free(jwe);
-
+
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwe_set_enc(jwe, R_JWA_ENC_A256CBC), RHN_OK);
ck_assert_int_eq(r_jwe_generate_cypher_key(jwe), RHN_OK);
@@ -935,7 +947,7 @@ START_TEST(test_rhonabwy_encrypt_payload_all_format)
ck_assert_int_eq(r_jwe_decrypt_payload(jwe), RHN_OK);
ck_assert_int_eq(0, o_strncmp(PAYLOAD, (const char *)r_jwe_get_payload(jwe, NULL), o_strlen(PAYLOAD)));
r_jwe_free(jwe);
-
+
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwe_set_enc(jwe, R_JWA_ENC_A128GCM), RHN_OK);
ck_assert_int_eq(r_jwe_generate_cypher_key(jwe), RHN_OK);
@@ -947,7 +959,7 @@ START_TEST(test_rhonabwy_encrypt_payload_all_format)
ck_assert_int_eq(r_jwe_decrypt_payload(jwe), RHN_OK);
ck_assert_int_eq(0, o_strncmp(PAYLOAD, (const char *)r_jwe_get_payload(jwe, NULL), o_strlen(PAYLOAD)));
r_jwe_free(jwe);
-
+
// R_JWA_ENC_A192GCM not supported by GnuTLS until 3.6.14
#if GNUTLS_VERSION_NUMBER >= 0x03060e
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
@@ -959,7 +971,7 @@ START_TEST(test_rhonabwy_encrypt_payload_all_format)
ck_assert_int_eq(r_jwe_encrypt_payload(jwe), RHN_OK);
r_jwe_free(jwe);
#endif
-
+
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwe_set_enc(jwe, R_JWA_ENC_A256GCM), RHN_OK);
ck_assert_int_eq(r_jwe_generate_cypher_key(jwe), RHN_OK);
@@ -989,7 +1001,7 @@ START_TEST(test_rhonabwy_decrypt_payload_invalid_key_no_tag)
jwe->key[18]++;
ck_assert_int_eq(r_jwe_decrypt_payload(jwe), RHN_OK);
ck_assert_int_ne(memcmp(payload_control, jwe->payload, jwe->payload_len), 0);
-
+
r_jwe_free(jwe);
}
END_TEST
@@ -1003,28 +1015,28 @@ START_TEST(test_rhonabwy_encrypt_payload_zip)
ck_assert_int_eq(r_jwe_generate_iv(jwe), RHN_OK);
ck_assert_int_eq(r_jwe_set_payload(jwe, (const unsigned char *)PAYLOAD, o_strlen(PAYLOAD)), RHN_OK);
ck_assert_ptr_eq(jwe->ciphertext_b64url, NULL);
-
+
r_jwe_set_header_str_value(jwe, "zip", "DEF");
ck_assert_int_eq(r_jwe_encrypt_payload(jwe), RHN_OK);
ck_assert_ptr_ne(jwe->ciphertext_b64url, NULL);
ck_assert_int_eq(r_jwe_decrypt_payload(jwe), RHN_OK);
ck_assert_int_eq(0, o_strncmp(PAYLOAD, (const char *)r_jwe_get_payload(jwe, NULL), o_strlen(PAYLOAD)));
-
+
r_jwe_free(jwe);
-
+
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwe_set_enc(jwe, R_JWA_ENC_A128CBC), RHN_OK);
ck_assert_int_eq(r_jwe_generate_cypher_key(jwe), RHN_OK);
ck_assert_int_eq(r_jwe_generate_iv(jwe), RHN_OK);
ck_assert_int_eq(r_jwe_set_payload(jwe, (const unsigned char *)HUGE_PAYLOAD, o_strlen(HUGE_PAYLOAD)), RHN_OK);
ck_assert_ptr_eq(jwe->ciphertext_b64url, NULL);
-
+
r_jwe_set_header_str_value(jwe, "zip", "DEF");
ck_assert_int_eq(r_jwe_encrypt_payload(jwe), RHN_OK);
ck_assert_ptr_ne(jwe->ciphertext_b64url, NULL);
ck_assert_int_eq(r_jwe_decrypt_payload(jwe), RHN_OK);
ck_assert_int_eq(0, o_strncmp(HUGE_PAYLOAD, (const char *)r_jwe_get_payload(jwe, NULL), o_strlen(HUGE_PAYLOAD)));
-
+
r_jwe_free(jwe);
}
END_TEST
@@ -1033,7 +1045,7 @@ START_TEST(test_rhonabwy_encrypt_key_invalid)
{
jwe_t * jwe;
jwk_t * jwk_pubkey_rsa;
-
+
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwk_init(&jwk_pubkey_rsa), RHN_OK);
ck_assert_int_eq(r_jwk_import_from_json_str(jwk_pubkey_rsa, jwk_pubkey_rsa_str), RHN_OK);
@@ -1042,7 +1054,7 @@ START_TEST(test_rhonabwy_encrypt_key_invalid)
ck_assert_int_eq(r_jwe_set_alg(jwe, R_JWA_ALG_RSA1_5), RHN_OK);
ck_assert_int_eq(r_jwe_generate_cypher_key(jwe), RHN_OK);
ck_assert_int_eq(r_jwe_encrypt_key(jwe, NULL, 0), RHN_ERROR_PARAM);
-
+
r_jwe_free(jwe);
r_jwk_free(jwk_pubkey_rsa);
}
@@ -1052,7 +1064,7 @@ START_TEST(test_rhonabwy_encrypt_key_valid)
{
jwe_t * jwe;
jwk_t * jwk_pubkey_rsa;
-
+
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwk_init(&jwk_pubkey_rsa), RHN_OK);
ck_assert_int_eq(r_jwk_import_from_json_str(jwk_pubkey_rsa, jwk_pubkey_rsa_str), RHN_OK);
@@ -1062,7 +1074,7 @@ START_TEST(test_rhonabwy_encrypt_key_valid)
ck_assert_int_eq(o_strlen((const char *)jwe->encrypted_key_b64url), 0);
ck_assert_int_eq(r_jwe_encrypt_key(jwe, jwk_pubkey_rsa, 0), RHN_OK);
ck_assert_int_gt(o_strlen((const char *)jwe->encrypted_key_b64url), 0);
-
+
r_jwe_free(jwe);
r_jwk_free(jwk_pubkey_rsa);
}
@@ -1073,7 +1085,7 @@ START_TEST(test_rhonabwy_decrypt_key_invalid_encrypted_key)
{
jwe_t * jwe;
jwk_t * jwk_pubkey_rsa, * jwk_privkey_rsa;
-
+
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwk_init(&jwk_pubkey_rsa), RHN_OK);
ck_assert_int_eq(r_jwk_init(&jwk_privkey_rsa), RHN_OK);
@@ -1092,7 +1104,7 @@ START_TEST(test_rhonabwy_decrypt_key_invalid_encrypted_key)
jwe->encrypted_key_b64url[2] = 'a';
}
ck_assert_int_eq(r_jwe_decrypt_key(jwe, jwk_privkey_rsa, 0), RHN_ERROR_INVALID);
-
+
r_jwe_free(jwe);
r_jwk_free(jwk_pubkey_rsa);
r_jwk_free(jwk_privkey_rsa);
@@ -1105,7 +1117,7 @@ START_TEST(test_rhonabwy_jwk_in_header_invalid)
jwk_t * jwk_pubkey_rsa;
json_t * j_jwk;
char * str_jwe;
-
+
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwk_init(&jwk_pubkey_rsa), RHN_OK);
ck_assert_int_eq(r_jwe_init(&jwe_parsed), RHN_OK);
@@ -1116,9 +1128,9 @@ START_TEST(test_rhonabwy_jwk_in_header_invalid)
ck_assert_ptr_ne(NULL, j_jwk = json_loads(jwk_privkey_rsa_str, JSON_DECODE_ANY, 0));
ck_assert_int_eq(r_jwe_set_header_json_t_value(jwe, "jwk", j_jwk), RHN_OK);
ck_assert_ptr_ne(NULL, str_jwe = r_jwe_serialize(jwe, jwk_pubkey_rsa, 0));
-
+
ck_assert_int_eq(r_jwe_parse(jwe_parsed, str_jwe, 0), RHN_ERROR_PARAM);
-
+
r_jwe_free(jwe);
r_jwe_free(jwe_parsed);
r_jwk_free(jwk_pubkey_rsa);
@@ -1135,7 +1147,7 @@ START_TEST(test_rhonabwy_decrypt_key_valid)
jwk_t * jwk_pubkey_rsa, * jwk_privkey_rsa;
unsigned char key[512];
size_t key_len = 0;
-
+
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwk_init(&jwk_pubkey_rsa), RHN_OK);
ck_assert_int_eq(r_jwk_init(&jwk_privkey_rsa), RHN_OK);
@@ -1157,7 +1169,7 @@ START_TEST(test_rhonabwy_decrypt_key_valid)
ck_assert_ptr_ne(jwe->key, NULL);
ck_assert_int_eq(jwe->key_len, key_len);
ck_assert_int_eq(0, memcmp(jwe->key, key, key_len));
-
+
r_jwe_free(jwe);
r_jwk_free(jwk_pubkey_rsa);
r_jwk_free(jwk_privkey_rsa);
@@ -1172,12 +1184,12 @@ START_TEST(test_rhonabwy_decrypt_updated_header_cbc)
unsigned char header[256] = {0}, header_reb64[256] = {0};
size_t header_len = 0, header_reb64_len = 0;
json_t * j_header = NULL;
-
+
ck_assert_int_eq(r_jwk_init(&jwk_pubkey_rsa), RHN_OK);
ck_assert_int_eq(r_jwk_init(&jwk_privkey_rsa), RHN_OK);
ck_assert_int_eq(r_jwk_import_from_json_str(jwk_pubkey_rsa, jwk_pubkey_rsa_str), RHN_OK);
ck_assert_int_eq(r_jwk_import_from_json_str(jwk_privkey_rsa, jwk_privkey_rsa_str), RHN_OK);
-
+
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwe_init(&jwe_dec), RHN_OK);
ck_assert_int_eq(r_jwe_set_enc(jwe, R_JWA_ENC_A128CBC), RHN_OK);
@@ -1203,7 +1215,7 @@ START_TEST(test_rhonabwy_decrypt_updated_header_cbc)
r_jwe_free(jwe);
r_jwe_free(jwe_dec);
json_decref(j_header);
-
+
r_jwk_free(jwk_pubkey_rsa);
r_jwk_free(jwk_privkey_rsa);
}
@@ -1217,12 +1229,12 @@ START_TEST(test_rhonabwy_decrypt_updated_header_gcm)
unsigned char header[256] = {0}, header_reb64[256] = {0};
size_t header_len = 0, header_reb64_len = 0;
json_t * j_header = NULL;
-
+
ck_assert_int_eq(r_jwk_init(&jwk_pubkey_rsa), RHN_OK);
ck_assert_int_eq(r_jwk_init(&jwk_privkey_rsa), RHN_OK);
ck_assert_int_eq(r_jwk_import_from_json_str(jwk_pubkey_rsa, jwk_pubkey_rsa_str), RHN_OK);
ck_assert_int_eq(r_jwk_import_from_json_str(jwk_privkey_rsa, jwk_privkey_rsa_str), RHN_OK);
-
+
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwe_init(&jwe_dec), RHN_OK);
ck_assert_int_eq(r_jwe_set_enc(jwe, R_JWA_ENC_A128GCM), RHN_OK);
@@ -1248,7 +1260,7 @@ START_TEST(test_rhonabwy_decrypt_updated_header_gcm)
r_jwe_free(jwe);
r_jwe_free(jwe_dec);
json_decref(j_header);
-
+
r_jwk_free(jwk_pubkey_rsa);
r_jwk_free(jwk_privkey_rsa);
}
@@ -1278,7 +1290,7 @@ static char * get_file_content(const char * file_path) {
} else {
fprintf(stderr, "error opening file %s\n", file_path);
}
-
+
return buffer;
}
@@ -1301,59 +1313,59 @@ START_TEST(test_rhonabwy_advanced_parse)
jwe_t * jwe;
struct _u_instance instance;
char * http_key, * http_cert;
-
+
ck_assert_ptr_ne(NULL, http_key = get_file_content(HTTPS_CERT_KEY));
ck_assert_ptr_ne(NULL, http_cert = get_file_content(HTTPS_CERT_PEM));
-
+
ck_assert_int_eq(ulfius_init_instance(&instance, 7468, NULL, NULL), U_OK);
ck_assert_int_eq(ulfius_add_endpoint_by_val(&instance, "GET", "/x5u", NULL, 0, &callback_x5u_ecdsa_crt, NULL), U_OK);
ck_assert_int_eq(ulfius_add_endpoint_by_val(&instance, "GET", "/jku", NULL, 0, &callback_jku_ecdsa_crt, NULL), U_OK);
-
+
ck_assert_int_eq(ulfius_start_secure_framework(&instance, http_key, http_cert), U_OK);
-
+
ck_assert_int_eq(r_jwk_init(&jwk_pub), RHN_OK);
ck_assert_int_eq(r_jwk_import_from_json_str(jwk_pub, jwk_pubkey_ecdsa_str), RHN_OK);
-
+
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwe_parse(jwe, ADVANCED_TOKEN, R_FLAG_IGNORE_SERVER_CERTIFICATE), RHN_OK);
ck_assert_int_eq(r_jwks_size(jwe->jwks_pubkey), 4);
r_jwe_free(jwe);
-
+
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwe_advanced_parse(jwe, ADVANCED_TOKEN, R_PARSE_NONE, R_FLAG_IGNORE_SERVER_CERTIFICATE), RHN_OK);
ck_assert_int_eq(r_jwks_size(jwe->jwks_pubkey), 0);
r_jwe_free(jwe);
-
+
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwe_advanced_parse(jwe, ADVANCED_TOKEN, R_PARSE_HEADER_JKU, R_FLAG_IGNORE_SERVER_CERTIFICATE), RHN_OK);
ck_assert_int_eq(r_jwks_size(jwe->jwks_pubkey), 1);
r_jwe_free(jwe);
-
+
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwe_advanced_parse(jwe, ADVANCED_TOKEN, R_PARSE_HEADER_JWK, R_FLAG_IGNORE_SERVER_CERTIFICATE), RHN_OK);
ck_assert_int_eq(r_jwks_size(jwe->jwks_pubkey), 1);
r_jwe_free(jwe);
-
+
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwe_advanced_parse(jwe, ADVANCED_TOKEN, R_PARSE_HEADER_X5C, R_FLAG_IGNORE_SERVER_CERTIFICATE), RHN_OK);
ck_assert_int_eq(r_jwks_size(jwe->jwks_pubkey), 1);
r_jwe_free(jwe);
-
+
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwe_advanced_parse(jwe, ADVANCED_TOKEN, R_PARSE_HEADER_X5U, R_FLAG_IGNORE_SERVER_CERTIFICATE), RHN_OK);
ck_assert_int_eq(r_jwks_size(jwe->jwks_pubkey), 1);
r_jwe_free(jwe);
-
+
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwe_advanced_parse(jwe, ADVANCED_TOKEN, R_PARSE_HEADER_X5U|R_PARSE_HEADER_X5C, R_FLAG_IGNORE_SERVER_CERTIFICATE), RHN_OK);
ck_assert_int_eq(r_jwks_size(jwe->jwks_pubkey), 2);
r_jwe_free(jwe);
-
+
ck_assert_int_eq(r_jwe_init(&jwe), RHN_OK);
ck_assert_int_eq(r_jwe_advanced_parse(jwe, ADVANCED_TOKEN, R_PARSE_HEADER_ALL, R_FLAG_IGNORE_SERVER_CERTIFICATE), RHN_OK);
ck_assert_int_eq(r_jwks_size(jwe->jwks_pubkey), 4);
r_jwe_free(jwe);
-
+
r_jwk_free(jwk_pub);
o_free(http_key);
o_free(http_cert);
@@ -1369,16 +1381,16 @@ START_TEST(test_rhonabwy_quick_parse)
jwk_t * jwk;
struct _u_instance instance;
char * http_key, * http_cert;
-
+
ck_assert_ptr_ne(NULL, http_key = get_file_content(HTTPS_CERT_KEY));
ck_assert_ptr_ne(NULL, http_cert = get_file_content(HTTPS_CERT_PEM));
-
+
ck_assert_int_eq(ulfius_init_instance(&instance, 7468, NULL, NULL), U_OK);
ck_assert_int_eq(ulfius_add_endpoint_by_val(&instance, "GET", "/x5u", NULL, 0, &callback_x5u_ecdsa_crt, NULL), U_OK);
ck_assert_int_eq(ulfius_add_endpoint_by_val(&instance, "GET", "/jku", NULL, 0, &callback_jku_ecdsa_crt, NULL), U_OK);
-
+
ck_assert_int_eq(ulfius_start_secure_framework(&instance, http_key, http_cert), U_OK);
-
+
ck_assert_int_eq(r_jwk_init(&jwk_pub), RHN_OK);
ck_assert_int_eq(r_jwk_import_from_json_str(jwk_pub, jwk_pubkey_ecdsa_str), RHN_OK);
@@ -1389,6 +1401,12 @@ START_TEST(test_rhonabwy_quick_parse)
ck_assert_ptr_ne(NULL, jwe = r_jwe_quick_parse(TOKEN_OVERSIZE_IV, R_PARSE_NONE, R_FLAG_IGNORE_SERVER_CERTIFICATE));
ck_assert_int_eq(r_jwe_decrypt(jwe, jwk, 0), RHN_ERROR_INVALID);
r_jwe_free(jwe);
+ r_jwk_free(jwk);
+
+ ck_assert_ptr_ne(NULL, jwk = r_jwk_quick_import(R_IMPORT_JSON_STR, jwk_key_128_1));
+ ck_assert_ptr_ne(NULL, jwe = r_jwe_quick_parse(TOKEN_INVALID_CIPHER_LEN, R_PARSE_NONE, R_FLAG_IGNORE_SERVER_CERTIFICATE));
+ ck_assert_int_eq(r_jwe_decrypt(jwe, jwk, 0), RHN_ERROR_INVALID);
+ r_jwe_free(jwe);
ck_assert_ptr_ne(NULL, jwe = r_jwe_quick_parse(TOKEN_OVERSIZE_TAG, R_PARSE_NONE, R_FLAG_IGNORE_SERVER_CERTIFICATE));
ck_assert_int_eq(r_jwe_decrypt(jwe, jwk, 0), RHN_ERROR_INVALID);
@@ -1429,6 +1447,74 @@ START_TEST(test_rhonabwy_quick_parse)
ulfius_clean_instance(&instance);
}
END_TEST
+
+START_TEST(test_rhonabwy_cipher_length)
+{
+ jwe_t * jwe;
+ jwk_t * jwk;
+
+ ck_assert_ptr_ne(NULL, jwk = r_jwk_quick_import(R_IMPORT_JSON_STR, jwk_key_128_1));
+ ck_assert_ptr_ne(NULL, jwe = r_jwe_quick_parse(TOKEN_VALID_CIPHER_LEN_1, R_PARSE_NONE, R_FLAG_IGNORE_SERVER_CERTIFICATE));
+ ck_assert_int_eq(r_jwe_decrypt(jwe, jwk, 0), RHN_OK);
+ r_jwe_free(jwe);
+ r_jwk_free(jwk);
+
+ ck_assert_ptr_ne(NULL, jwk = r_jwk_quick_import(R_IMPORT_JSON_STR, jwk_key_128_1));
+ ck_assert_ptr_ne(NULL, jwe = r_jwe_quick_parse(TOKEN_INVALID_CIPHER_LEN_1, R_PARSE_NONE, R_FLAG_IGNORE_SERVER_CERTIFICATE));
+ ck_assert_int_eq(r_jwe_decrypt(jwe, jwk, 0), RHN_ERROR_INVALID);
+ r_jwe_free(jwe);
+ r_jwk_free(jwk);
+
+ ck_assert_ptr_ne(NULL, jwk = r_jwk_quick_import(R_IMPORT_JSON_STR, jwk_key_128_1));
+ ck_assert_ptr_ne(NULL, jwe = r_jwe_quick_parse(TOKEN_INVALID_CIPHER_LEN_1_2, R_PARSE_NONE, R_FLAG_IGNORE_SERVER_CERTIFICATE));
+ ck_assert_int_eq(r_jwe_decrypt(jwe, jwk, 0), RHN_ERROR_INVALID);
+ r_jwe_free(jwe);
+ r_jwk_free(jwk);
+
+ ck_assert_ptr_ne(NULL, jwk = r_jwk_quick_import(R_IMPORT_JSON_STR, jwk_key_128_1));
+ ck_assert_ptr_ne(NULL, jwe = r_jwe_quick_parse(TOKEN_INVALID_CIPHER_LEN_1_3, R_PARSE_NONE, R_FLAG_IGNORE_SERVER_CERTIFICATE));
+ ck_assert_int_eq(r_jwe_decrypt(jwe, jwk, 0), RHN_ERROR_INVALID);
+ r_jwe_free(jwe);
+ r_jwk_free(jwk);
+
+ ck_assert_ptr_ne(NULL, jwk = r_jwk_quick_import(R_IMPORT_JSON_STR, jwk_key_128_1));
+ ck_assert_ptr_ne(NULL, jwe = r_jwe_quick_parse(TOKEN_INVALID_CIPHER_LEN_1_4, R_PARSE_NONE, R_FLAG_IGNORE_SERVER_CERTIFICATE));
+ ck_assert_int_eq(r_jwe_decrypt(jwe, jwk, 0), RHN_ERROR_INVALID);
+ r_jwe_free(jwe);
+ r_jwk_free(jwk);
+
+ ck_assert_ptr_ne(NULL, jwk = r_jwk_quick_import(R_IMPORT_JSON_STR, jwk_key_128_1));
+ ck_assert_ptr_ne(NULL, jwe = r_jwe_quick_parse(TOKEN_VALID_CIPHER_LEN_2, R_PARSE_NONE, R_FLAG_IGNORE_SERVER_CERTIFICATE));
+ ck_assert_int_eq(r_jwe_decrypt(jwe, jwk, 0), RHN_OK);
+ r_jwe_free(jwe);
+ r_jwk_free(jwk);
+
+ ck_assert_ptr_ne(NULL, jwk = r_jwk_quick_import(R_IMPORT_JSON_STR, jwk_key_128_1));
+ ck_assert_ptr_ne(NULL, jwe = r_jwe_quick_parse(TOKEN_INVALID_CIPHER_LEN_2, R_PARSE_NONE, R_FLAG_IGNORE_SERVER_CERTIFICATE));
+ ck_assert_int_eq(r_jwe_decrypt(jwe, jwk, 0), RHN_ERROR_INVALID);
+ r_jwe_free(jwe);
+ r_jwk_free(jwk);
+
+ ck_assert_ptr_ne(NULL, jwk = r_jwk_quick_import(R_IMPORT_JSON_STR, jwk_key_128_1));
+ ck_assert_ptr_ne(NULL, jwe = r_jwe_quick_parse(TOKEN_INVALID_CIPHER_LEN_2_2, R_PARSE_NONE, R_FLAG_IGNORE_SERVER_CERTIFICATE));
+ ck_assert_int_eq(r_jwe_decrypt(jwe, jwk, 0), RHN_ERROR_INVALID);
+ r_jwe_free(jwe);
+ r_jwk_free(jwk);
+
+ ck_assert_ptr_ne(NULL, jwk = r_jwk_quick_import(R_IMPORT_JSON_STR, jwk_key_128_1));
+ ck_assert_ptr_ne(NULL, jwe = r_jwe_quick_parse(TOKEN_INVALID_CIPHER_LEN_2_3, R_PARSE_NONE, R_FLAG_IGNORE_SERVER_CERTIFICATE));
+ ck_assert_int_eq(r_jwe_decrypt(jwe, jwk, 0), RHN_ERROR_INVALID);
+ r_jwe_free(jwe);
+ r_jwk_free(jwk);
+
+ ck_assert_ptr_ne(NULL, jwk = r_jwk_quick_import(R_IMPORT_JSON_STR, jwk_key_128_1));
+ ck_assert_ptr_ne(NULL, jwe = r_jwe_quick_parse(TOKEN_INVALID_CIPHER_LEN_2_4, R_PARSE_NONE, R_FLAG_IGNORE_SERVER_CERTIFICATE));
+ ck_assert_int_eq(r_jwe_decrypt(jwe, jwk, 0), RHN_ERROR_INVALID);
+ r_jwe_free(jwe);
+ r_jwk_free(jwk);
+
+}
+END_TEST
#endif
static Suite *rhonabwy_suite(void)
@@ -1474,6 +1560,7 @@ static Suite *rhonabwy_suite(void)
#if GNUTLS_VERSION_NUMBER >= 0x030600 && defined(R_WITH_CURL)
tcase_add_test(tc_core, test_rhonabwy_advanced_parse);
tcase_add_test(tc_core, test_rhonabwy_quick_parse);
+ tcase_add_test(tc_core, test_rhonabwy_cipher_length);
#endif
tcase_set_timeout(tc_core, 30);
suite_add_tcase(s, tc_core);
@@ -1494,7 +1581,7 @@ int main(int argc, char *argv[])
srunner_run_all(sr, CK_VERBOSE);
number_failed = srunner_ntests_failed(sr);
srunner_free(sr);
-
+
r_global_close();
//y_close_logs();
return (number_failed == 0) ? EXIT_SUCCESS : EXIT_FAILURE;
diff --git a/test/jwe_ecdh.c b/test/jwe_ecdh.c
index 6d759b1..5cd2f9e 100644
--- a/test/jwe_ecdh.c
+++ b/test/jwe_ecdh.c
@@ -21,6 +21,8 @@ Aenean vitae tortor quam. Praesent pulvinar nulla a nisi egestas, laoreet tempus
#define TOKEN_INVALID_HEADER "eyJhbGciOiJFQ0RILUVTK0ExMjhLVyIsImVuYyI6IkExMjhDQkMtSFMyNTYiLCJhcHUiOiJjR3h2Y0FvIiwiYXB2IjoiWjNKMWRBbyIsImtpZCI6IjEiLCJlcGsiOnsia3R5IjoiRUMiLCJ4IjoiQU13cm02anpoX2d3M1Zmb0xZNE4zSmktSU55aU9NNEZYbnJHODhqOUdodWEiLCJ5IjoiUlJOUFV3dlhDRUV3TVhmOElOcW9GYnYwWHpaNTVGSEN3dEV5cGhReFIwMCIsImNydiI6IlAtMgo.Izru9wTpv5FPlPp7jpDZkueMZ3luMjXBaI2s0YgUtMiDPBAgXw8_GA.aKgPGQYvpPwHsQiDOeTFoQ.3syjxFimN-u5zY8t-mwIcZwVshIfYbzcxXID7FTbqdAKPWKlWfOdkXpk6V_u5p25U73Izv9qgr1UaWQAzaLli-LqFXptmCyciipYJc2BRhw.OwcQLpd3_PZ8wi2GGHqzww"
#define TOKEN_INVALID_DOTS "eyJhbGciOiJFQ0RILUVTK0ExMjhLVyIsImVuYyI6IkExMjhDQkMtSFMyNTYiLCJhcHUiOiJjR3h2Y0FvIiwiYXB2IjoiWjNKMWRBbyIsImtpZCI6IjEiLCJlcGsiOnsia3R5IjoiRUMiLCJ4IjoiQU13cm02anpoX2d3M1Zmb0xZNE4zSmktSU55aU9NNEZYbnJHODhqOUdodWEiLCJ5IjoiUlJOUFV3dlhDRUV3TVhmOElOcW9GYnYwWHpaNTVGSEN3dEV5cGhReFIwMCIsImNydiI6IlAtMjU2In19Izru9wTpv5FPlPp7jpDZkueMZ3luMjXBaI2s0YgUtMiDPBAgXw8_GA.aKgPGQYvpPwHsQiDOeTFoQ.3syjxFimN-u5zY8t-mwIcZwVshIfYbzcxXID7FTbqdAKPWKlWfOdkXpk6V_u5p25U73Izv9qgr1UaWQAzaLli-LqFXptmCyciipYJc2BRhw.OwcQLpd3_PZ8wi2GGHqzww"
#define TOKEN_INVALID_CIPHER_KEY "eyJhbGciOiJFQ0RILUVTK0ExMjhLVyIsImVuYyI6IkExMjhDQkMtSFMyNTYiLCJhcHUiOiJjR3h2Y0FvIiwiYXB2IjoiWjNKMWRBbyIsImtpZCI6IjEiLCJlcGsiOnsia3R5IjoiRUMiLCJ4IjoiQU13cm02anpoX2d3M1Zmb0xZNE4zSmktSU55aU9NNEZYbnJHODhqOUdodWEiLCJ5IjoiUlJOUFV3dlhDRUV3TVhmOElOcW9GYnYwWHpaNTVGSEN3dEV5cGhReFIwMCIsImNydiI6IlAtMjU2In19.IEru9wTpv5FPlPp7jpDZkueMZ3luMjXBaI2s0YgUtMiDPBAgXw8_GA.aKgPGQYvpPwHsQiDOeTFoQ.3syjxFimN-u5zY8t-mwIcZwVshIfYbzcxXID7FTbqdAKPWKlWfOdkXpk6V_u5p25U73Izv9qgr1UaWQAzaLli-LqFXptmCyciipYJc2BRhw.OwcQLpd3_PZ8wi2GGHqzww"
+#define TOKEN_INVALID_CIPHER_KEY_SMALL "eyJhbGciOiJFQ0RILUVTK0ExMjhLVyIsImVuYyI6IkExMjhDQkMtSFMyNTYiLCJhcHUiOiJjR3h2Y0FvIiwiYXB2IjoiWjNKMWRBbyIsImtpZCI6IjEiLCJlcGsiOnsia3R5IjoiRUMiLCJ4IjoiQU13cm02anpoX2d3M1Zmb0xZNE4zSmktSU55aU9NNEZYbnJHODhqOUdodWEiLCJ5IjoiUlJOUFV3dlhDRUV3TVhmOElOcW9GYnYwWHpaNTVGSEN3dEV5cGhReFIwMCIsImNydiI6IlAtMjU2In19.Izru9wTpv5FPlPp7jpDZkueMZ3luMjXBaI2s0YgUtMiDPBAgXw8_.aKgPGQYvpPwHsQiDOeTFoQ.3syjxFimN-u5zY8t-mwIcZwVshIfYbzcxXID7FTbqdAKPWKlWfOdkXpk6V_u5p25U73Izv9qgr1UaWQAzaLli-LqFXptmCyciipYJc2BRhw.OwcQLpd3_PZ8wi2GGHqzww"
+#define TOKEN_INVALID_CIPHER_KEY_LARGE "eyJhbGciOiJFQ0RILUVTK0ExMjhLVyIsImVuYyI6IkExMjhDQkMtSFMyNTYiLCJhcHUiOiJjR3h2Y0FvIiwiYXB2IjoiWjNKMWRBbyIsImtpZCI6IjEiLCJlcGsiOnsia3R5IjoiRUMiLCJ4IjoiQU13cm02anpoX2d3M1Zmb0xZNE4zSmktSU55aU9NNEZYbnJHODhqOUdodWEiLCJ5IjoiUlJOUFV3dlhDRUV3TVhmOElOcW9GYnYwWHpaNTVGSEN3dEV5cGhReFIwMCIsImNydiI6IlAtMjU2In19.Izru9wTpv5FPlPp7jpDZkueMZ3luMjXBaI2s0YgUtMiDPBAgXw8_GAed.aKgPGQYvpPwHsQiDOeTFoQ.3syjxFimN-u5zY8t-mwIcZwVshIfYbzcxXID7FTbqdAKPWKlWfOdkXpk6V_u5p25U73Izv9qgr1UaWQAzaLli-LqFXptmCyciipYJc2BRhw.OwcQLpd3_PZ8wi2GGHqzww"
#define TOKEN_INVALID_IV "eyJhbGciOiJFQ0RILUVTK0ExMjhLVyIsImVuYyI6IkExMjhDQkMtSFMyNTYiLCJhcHUiOiJjR3h2Y0FvIiwiYXB2IjoiWjNKMWRBbyIsImtpZCI6IjEiLCJlcGsiOnsia3R5IjoiRUMiLCJ4IjoiQU13cm02anpoX2d3M1Zmb0xZNE4zSmktSU55aU9NNEZYbnJHODhqOUdodWEiLCJ5IjoiUlJOUFV3dlhDRUV3TVhmOElOcW9GYnYwWHpaNTVGSEN3dEV5cGhReFIwMCIsImNydiI6IlAtMjU2In19.Izru9wTpv5FPlPp7jpDZkueMZ3luMjXBaI2s0YgUtMiDPBAgXw8_GA.aKgPEQYvpPwHsQiDOeTFoQ.3syjxFimN-u5zY8t-mwIcZwVshIfYbzcxXID7FTbqdAKPWKlWfOdkXpk6V_u5p25U73Izv9qgr1UaWQAzaLli-LqFXptmCyciipYJc2BRhw.OwcQLpd3_PZ8wi2GGHqzww"
#define TOKEN_INVALID_CIPHER "eyJhbGciOiJFQ0RILUVTK0ExMjhLVyIsImVuYyI6IkExMjhDQkMtSFMyNTYiLCJhcHUiOiJjR3h2Y0FvIiwiYXB2IjoiWjNKMWRBbyIsImtpZCI6IjEiLCJlcGsiOnsia3R5IjoiRUMiLCJ4IjoiQU13cm02anpoX2d3M1Zmb0xZNE4zSmktSU55aU9NNEZYbnJHODhqOUdodWEiLCJ5IjoiUlJOUFV3dlhDRUV3TVhmOElOcW9GYnYwWHpaNTVGSEN3dEV5cGhReFIwMCIsImNydiI6IlAtMjU2In19.Izru9wTpv5FPlPp7jpDZkueMZ3luMjXBaI2s0YgUtMiDPBAgXw8_GA.aKgPGQYvpPwHsQiDOeTFoQ.3syjxFimN-u5zY8t-mwIcZwVshIfYbzcxXID7FEbqdAKPWKlWfOdkXpk6V_u5p25U73Izv9qgr1UaWQAzaLli-LqFXptmCyciipYJc2BRhw.OwcQLpd3_PZ8wi2GGHqzww"
#define TOKEN_INVALID_TAG "eyJhbGciOiJFQ0RILUVTK0ExMjhLVyIsImVuYyI6IkExMjhDQkMtSFMyNTYiLCJhcHUiOiJjR3h2Y0FvIiwiYXB2IjoiWjNKMWRBbyIsImtpZCI6IjEiLCJlcGsiOnsia3R5IjoiRUMiLCJ4IjoiQU13cm02anpoX2d3M1Zmb0xZNE4zSmktSU55aU9NNEZYbnJHODhqOUdodWEiLCJ5IjoiUlJOUFV3dlhDRUV3TVhmOElOcW9GYnYwWHpaNTVGSEN3dEV5cGhReFIwMCIsImNydiI6IlAtMjU2In19.Izru9wTpv5FPlPp7jpDZkueMZ3luMjXBaI2s0YgUtMiDPBAgXw8_GA.aKgPGQYvpPwHsQiDOeTFoQ.3syjxFimN-u5zY8t-mwIcZwVshIfYbzcxXID7FTbqdAKPWKlWfOdkXpk6V_u5p25U73Izv9qgr1UaWQAzaLli-LqFXptmCyciipYJc2BRhw.OwcQLpd3_PE8wi2GGHqzww"
@@ -511,6 +513,16 @@ START_TEST(test_rhonabwy_decrypt_token_invalid)
ck_assert_int_eq(r_jwe_parse(jwe_decrypt, TOKEN_INVALID_APV, 0), RHN_ERROR_PARAM);
ck_assert_int_eq(r_jwe_decrypt(jwe_decrypt, jwk_privkey, 0), RHN_ERROR_PARAM);
r_jwe_free(jwe_decrypt);
+
+ ck_assert_int_eq(r_jwe_init(&jwe_decrypt), RHN_OK);
+ ck_assert_int_eq(r_jwe_parse(jwe_decrypt, TOKEN_INVALID_CIPHER_KEY_SMALL, 0), RHN_OK);
+ ck_assert_int_eq(r_jwe_decrypt(jwe_decrypt, jwk_privkey, 0), RHN_ERROR_INVALID);
+ r_jwe_free(jwe_decrypt);
+
+ ck_assert_int_eq(r_jwe_init(&jwe_decrypt), RHN_OK);
+ ck_assert_int_eq(r_jwe_parse(jwe_decrypt, TOKEN_INVALID_CIPHER_KEY_LARGE, 0), RHN_OK);
+ ck_assert_int_eq(r_jwe_decrypt(jwe_decrypt, jwk_privkey, 0), RHN_ERROR_INVALID);
+ r_jwe_free(jwe_decrypt);
r_jwk_free(jwk_privkey);
}
diff --git a/test/jwe_kw.c b/test/jwe_kw.c
index e81c837..b73c11b 100644
--- a/test/jwe_kw.c
+++ b/test/jwe_kw.c
@@ -22,6 +22,8 @@
#define TOKEN_INVALID_TAG_B64 "eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.S7OUaa-1ekDy8cPPo1Rzq81vwaEfk3yBL5Xw9FnfRtGikBSwH0OC6Q.29q9_PdnK2jXwG4gJvgDoQ.BuhbHPZczZ_XqNm8JwoW_B8rczVdVYO4o7pflVAcT0ojJg_m8Eo79F2W7FgLUEKVxrOoOz6-tuQjCzWfZkrE3g.;error;Z3gDEpAMD_79pOw"
#define TOKEN_INVALID_DOTS "eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0S7OUaa-1ekDy8cPPo1Rzq81vwaEfk3yBL5Xw9FnfRtGikBSwH0OC6Q.29q9_PdnK2jXwG4gJvgDoQ.BuhbHPZczZ_XqNm8JwoW_B8rczVdVYO4o7pflVAcT0ojJg_m8Eo79F2W7FgLUEKVxrOoOz6-tuQjCzWfZkrE3g.p28K0cxZ3gDEpAMD_79pOw"
#define TOKEN_INVALID_ENC "eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIn0.S7OUaa-1ekDy8cPPo1Rzq81vwaEfk3yBL5Xw9FnfRtGikBSwH0OC6Q.29q9_PdnK2jXwG4gJvgDoQ.BuhbHPZczZ_XqNm8JwoW_B8rczVdVYO4o7pflVAcT0ojJg_m8Eo79F2W7FgLUEKVxrOoOz6-tuQjCzWfZkrE3g.p28K0cxZ3gDEpAMD_79pOw"
+#define TOKEN_INVAlID_ENCRYPTED_KEY_LENGTH_SMALL "eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.S7OUaa-1ekDy8cPPo1Rzq81vwaEfk3yBL5Xw9FnfRtGikBSwH0OC.29q9_PdnK2jXwG4gJvgDoQ.BuhbHPZczZ_XqNm8JwoW_B8rczVdVYO4o7pflVAcT0ojJg_m8Eo79F2W7FgLUEKVxrOoOz6-tuQjCzWfZkrE3g.p28K0cxZ3gDEpAMD_79pOw"
+#define TOKEN_INVAlID_ENCRYPTED_KEY_LENGTH_LARGE "eyJhbGciOiJBMTI4S1ciLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.S7OUaa-1ekDy8cPPo1Rzq81vwaEfk3yBL5Xw9FnfRtGikBSwH0OC6Qee.29q9_PdnK2jXwG4gJvgDoQ.BuhbHPZczZ_XqNm8JwoW_B8rczVdVYO4o7pflVAcT0ojJg_m8Eo79F2W7FgLUEKVxrOoOz6-tuQjCzWfZkrE3g.p28K0cxZ3gDEpAMD_79pOw"
const char jwk_key_invalid_small[] = "{\"kty\":\"oct\",\"k\":\"Z3J1dAo\"}";
const char jwk_key_invalid_large[] = "{\"kty\":\"oct\",\"k\":\"Z3J1dHBsb3Bjb2luZ25hYWdydXRwbG9wY29pbmduYWFncnV0cGxvcGNvaW5nbmFhZ3J1dHBsb3Bjb2luZ25hYQo\"}";
@@ -74,8 +76,14 @@ START_TEST(test_rhonabwy_decrypt_token_invalid)
ck_assert_int_eq(r_jwe_decrypt(jwe_decrypt, NULL, 0), RHN_ERROR_INVALID);
ck_assert_int_eq(r_jwe_parse(jwe_decrypt, TOKEN_INVALID_ENC, 0), RHN_OK);
- ck_assert_int_eq(r_jwe_decrypt(jwe_decrypt, NULL, 0), RHN_ERROR_PARAM);
-
+ ck_assert_int_eq(r_jwe_decrypt(jwe_decrypt, NULL, 0), RHN_ERROR_INVALID);
+
+ ck_assert_int_eq(r_jwe_parse(jwe_decrypt, TOKEN_INVAlID_ENCRYPTED_KEY_LENGTH_SMALL, 0), RHN_OK);
+ ck_assert_int_eq(r_jwe_decrypt(jwe_decrypt, NULL, 0), RHN_ERROR_INVALID);
+
+ ck_assert_int_eq(r_jwe_parse(jwe_decrypt, TOKEN_INVAlID_ENCRYPTED_KEY_LENGTH_LARGE, 0), RHN_OK);
+ ck_assert_int_eq(r_jwe_decrypt(jwe_decrypt, NULL, 0), RHN_ERROR_INVALID);
+
r_jwk_free(jwk_privkey);
r_jwe_free(jwe_decrypt);
}
diff --git a/test/jwe_rsa_oaep.c b/test/jwe_rsa_oaep.c
index 056ff5f..061d343 100644
--- a/test/jwe_rsa_oaep.c
+++ b/test/jwe_rsa_oaep.c
@@ -719,7 +719,7 @@ static Suite *rhonabwy_suite(void)
tcase_add_test(tc_core, test_rhonabwy_variable_key_length_rsa256);
tcase_add_test(tc_core, test_rhonabwy_decrypt_rfc_ok);
#endif
- tcase_set_timeout(tc_core, 30);
+ tcase_set_timeout(tc_core, 90);
suite_add_tcase(s, tc_core);
return s;
More details
Historical runs
- failed: Ulfius version required: 2.7.13 - version installed: 2.7.12
- nothing-to-do: Last upstream version 1.1.5 already imported.
- nothing-to-do: Last upstream version 1.1.4 already imported.
- command-failed: Command 'SCHROOT=unstable-amd64-sbuild PYTHONPATH=/:/code:/code/breezy:/code/dulwich:/code/lintian-brush:/code/ognibuild:/code/silver-platter:/code/buildlog-consultant:/code/upstream-ontologist:/code/debmutate:/code/python-debian/lib:/usr/lib/python39.zip:/usr/lib/python3.9:/usr/lib/python3.9/lib-dynload:/usr/local/lib/python3.9/dist-packages:/usr/lib/python3/dist-packages /usr/bin/python3 -m janitor.dist --packaging=/tmp/janitor1ne7gd0x/rhonabwy/debian' returned non-zero exit status 1.