Software / code / prosody
Annotate
spec/util_crypto_spec.lua @ 13801:a5d5fefb8b68 13.0
mod_tls: Enable Prosody's certificate checking for incoming s2s connections (fixes #1916) (thanks Damian, Zash)
Various options in Prosody allow control over the behaviour of the certificate
verification process For example, some deployments choose to allow falling
back to traditional "dialback" authentication (XEP-0220), while others verify
via DANE, hard-coded fingerprints, or other custom plugins.
Implementing this flexibility requires us to override OpenSSL's default
certificate verification, to allow Prosody to verify the certificate itself,
apply custom policies and make decisions based on the outcome.
To enable our custom logic, we have to suppress OpenSSL's default behaviour of
aborting the connection with a TLS alert message. With LuaSec, this can be
achieved by using the verifyext "lsec_continue" flag.
We also need to use the lsec_ignore_purpose flag, because XMPP s2s uses server
certificates as "client" certificates (for mutual TLS verification in outgoing
s2s connections).
Commit 99d2100d2918 moved these settings out of the defaults and into mod_s2s,
because we only really need these changes for s2s, and they should be opt-in,
rather than automatically applied to all TLS services we offer.
That commit was incomplete, because it only added the flags for incoming
direct TLS connections. StartTLS connections are handled by mod_tls, which was
not applying the lsec_* flags. It previously worked because they were already
in the defaults.
This resulted in incoming s2s connections with "invalid" certificates being
aborted early by OpenSSL, even if settings such as `s2s_secure_auth = false`
or DANE were present in the config.
Outgoing s2s connections inherit verify "none" from the defaults, which means
OpenSSL will receive the cert but will not terminate the connection when it is
deemed invalid. This means we don't need lsec_continue there, and we also
don't need lsec_ignore_purpose (because the remote peer is a "server").
Wondering why we can't just use verify "none" for incoming s2s? It's because
in that mode, OpenSSL won't request a certificate from the peer for incoming
connections. Setting verify "peer" is how you ask OpenSSL to request a
certificate from the client, but also what triggers its built-in verification.
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Tue, 01 Apr 2025 17:26:56 +0100 |
| parent | 13537:fb970df95374 |
| rev | line source |
|---|---|
|
12700
899c057781cd
spec: Move test crypto keys to a shared file for clarity and easy maintenance
Matthew Wild <mwild1@gmail.com>
parents:
12693
diff
changeset
|
1 local test_keys = require "spec.inputs.test_keys"; |
|
12693
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
2 |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
3 describe("util.crypto", function () |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
4 local crypto = require "util.crypto"; |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
5 local random = require "util.random"; |
|
13537
fb970df95374
util.crypto: Add more ECC methods
Stephen Paul Weber <singpolyma@singpolyma.net>
parents:
12837
diff
changeset
|
6 local encodings = require "util.encodings"; |
|
12693
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
7 |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
8 describe("generate_ed25519_keypair", function () |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
9 local keypair = crypto.generate_ed25519_keypair(); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
10 assert.is_not_nil(keypair); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
11 assert.equal("ED25519", keypair:get_type()); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
12 end) |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
13 |
|
13537
fb970df95374
util.crypto: Add more ECC methods
Stephen Paul Weber <singpolyma@singpolyma.net>
parents:
12837
diff
changeset
|
14 describe("generate_p256_keypair", function () |
|
fb970df95374
util.crypto: Add more ECC methods
Stephen Paul Weber <singpolyma@singpolyma.net>
parents:
12837
diff
changeset
|
15 local keypair = crypto.generate_p256_keypair(); |
|
fb970df95374
util.crypto: Add more ECC methods
Stephen Paul Weber <singpolyma@singpolyma.net>
parents:
12837
diff
changeset
|
16 assert.is_not_nil(keypair); |
|
fb970df95374
util.crypto: Add more ECC methods
Stephen Paul Weber <singpolyma@singpolyma.net>
parents:
12837
diff
changeset
|
17 assert.equal("id-ecPublicKey", keypair:get_type()); |
|
fb970df95374
util.crypto: Add more ECC methods
Stephen Paul Weber <singpolyma@singpolyma.net>
parents:
12837
diff
changeset
|
18 end) |
|
fb970df95374
util.crypto: Add more ECC methods
Stephen Paul Weber <singpolyma@singpolyma.net>
parents:
12837
diff
changeset
|
19 |
|
fb970df95374
util.crypto: Add more ECC methods
Stephen Paul Weber <singpolyma@singpolyma.net>
parents:
12837
diff
changeset
|
20 describe("export/import raw", function () |
|
fb970df95374
util.crypto: Add more ECC methods
Stephen Paul Weber <singpolyma@singpolyma.net>
parents:
12837
diff
changeset
|
21 local keypair = crypto.generate_p256_keypair(); |
|
fb970df95374
util.crypto: Add more ECC methods
Stephen Paul Weber <singpolyma@singpolyma.net>
parents:
12837
diff
changeset
|
22 assert.is_not_nil(keypair); |
|
fb970df95374
util.crypto: Add more ECC methods
Stephen Paul Weber <singpolyma@singpolyma.net>
parents:
12837
diff
changeset
|
23 local raw = keypair:public_raw() |
|
fb970df95374
util.crypto: Add more ECC methods
Stephen Paul Weber <singpolyma@singpolyma.net>
parents:
12837
diff
changeset
|
24 local imported = crypto.import_public_ec_raw(raw, "P-256") |
|
fb970df95374
util.crypto: Add more ECC methods
Stephen Paul Weber <singpolyma@singpolyma.net>
parents:
12837
diff
changeset
|
25 assert.equal(keypair:public_pem(), imported:public_pem()); |
|
fb970df95374
util.crypto: Add more ECC methods
Stephen Paul Weber <singpolyma@singpolyma.net>
parents:
12837
diff
changeset
|
26 end) |
|
fb970df95374
util.crypto: Add more ECC methods
Stephen Paul Weber <singpolyma@singpolyma.net>
parents:
12837
diff
changeset
|
27 |
|
fb970df95374
util.crypto: Add more ECC methods
Stephen Paul Weber <singpolyma@singpolyma.net>
parents:
12837
diff
changeset
|
28 describe("derive", function () |
|
fb970df95374
util.crypto: Add more ECC methods
Stephen Paul Weber <singpolyma@singpolyma.net>
parents:
12837
diff
changeset
|
29 local key = crypto.import_private_pem(test_keys.ecdsa_private_pem); |
|
fb970df95374
util.crypto: Add more ECC methods
Stephen Paul Weber <singpolyma@singpolyma.net>
parents:
12837
diff
changeset
|
30 local peer_key = crypto.import_public_pem(test_keys.ecdsa_public_pem); |
|
fb970df95374
util.crypto: Add more ECC methods
Stephen Paul Weber <singpolyma@singpolyma.net>
parents:
12837
diff
changeset
|
31 assert.equal("n1v4KeKmOVwjC67fiKtjJnqcEaasbpZa2fLPNHW51co=", encodings.base64.encode(key:derive(peer_key))) |
|
fb970df95374
util.crypto: Add more ECC methods
Stephen Paul Weber <singpolyma@singpolyma.net>
parents:
12837
diff
changeset
|
32 end) |
|
fb970df95374
util.crypto: Add more ECC methods
Stephen Paul Weber <singpolyma@singpolyma.net>
parents:
12837
diff
changeset
|
33 |
|
12693
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
34 describe("import_private_pem", function () |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
35 it("can import ECDSA keys", function () |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
36 local ecdsa_key = crypto.import_private_pem(test_keys.ecdsa_private_pem); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
37 assert.equal("id-ecPublicKey", ecdsa_key:get_type()); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
38 end); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
39 |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
40 it("can import EdDSA (Ed25519) keys", function () |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
41 local ed25519_key = crypto.import_private_pem(crypto.generate_ed25519_keypair():private_pem()); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
42 assert.equal("ED25519", ed25519_key:get_type()); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
43 end); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
44 |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
45 it("can import RSA keys", function () |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
46 -- TODO |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
47 end); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
48 |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
49 it("rejects invalid keys", function () |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
50 assert.is_nil(crypto.import_private_pem(test_keys.eddsa_public_pem)); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
51 assert.is_nil(crypto.import_private_pem(test_keys.ecdsa_public_pem)); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
52 assert.is_nil(crypto.import_private_pem("foo")); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
53 assert.is_nil(crypto.import_private_pem("")); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
54 end); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
55 end); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
56 |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
57 describe("import_public_pem", function () |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
58 it("can import ECDSA public keys", function () |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
59 local ecdsa_key = crypto.import_public_pem(test_keys.ecdsa_public_pem); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
60 assert.equal("id-ecPublicKey", ecdsa_key:get_type()); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
61 end); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
62 |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
63 it("can import EdDSA (Ed25519) public keys", function () |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
64 local ed25519_key = crypto.import_public_pem(test_keys.eddsa_public_pem); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
65 assert.equal("ED25519", ed25519_key:get_type()); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
66 end); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
67 |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
68 it("can import RSA public keys", function () |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
69 -- TODO |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
70 end); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
71 end); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
72 |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
73 describe("PEM export", function () |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
74 it("works", function () |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
75 local ecdsa_key = crypto.import_public_pem(test_keys.ecdsa_public_pem); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
76 assert.equal("id-ecPublicKey", ecdsa_key:get_type()); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
77 assert.equal(test_keys.ecdsa_public_pem, ecdsa_key:public_pem()); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
78 |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
79 assert.has_error(function () |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
80 -- Fails because private key is not available |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
81 ecdsa_key:private_pem(); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
82 end); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
83 |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
84 local ecdsa_private_key = crypto.import_private_pem(test_keys.ecdsa_private_pem); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
85 assert.equal(test_keys.ecdsa_private_pem, ecdsa_private_key:private_pem()); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
86 end); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
87 end); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
88 |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
89 describe("sign/verify with", function () |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
90 local test_cases = { |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
91 ed25519 = { |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
92 crypto.ed25519_sign, crypto.ed25519_verify; |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
93 key = crypto.import_private_pem(test_keys.eddsa_private_pem); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
94 sig_length = 64; |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
95 }; |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
96 ecdsa = { |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
97 crypto.ecdsa_sha256_sign, crypto.ecdsa_sha256_verify; |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
98 key = crypto.import_private_pem(test_keys.ecdsa_private_pem); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
99 }; |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
100 }; |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
101 for test_name, test in pairs(test_cases) do |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
102 local key = test.key; |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
103 describe(test_name, function () |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
104 it("works", function () |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
105 local sign, verify = test[1], test[2]; |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
106 local sig = assert(sign(key, "Hello world")); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
107 assert.is_string(sig); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
108 if test.sig_length then |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
109 assert.equal(test.sig_length, #sig); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
110 end |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
111 |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
112 do |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
113 local ok = verify(key, "Hello world", sig); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
114 assert.is_truthy(ok); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
115 end |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
116 do -- Incorrect signature |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
117 local ok = verify(key, "Hello world", sig:sub(1, -2)..string.char((sig:byte(-1)+1)%255)); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
118 assert.is_falsy(ok); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
119 end |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
120 do -- Incorrect message |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
121 local ok = verify(key, "Hello earth", sig); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
122 assert.is_falsy(ok); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
123 end |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
124 do -- Incorrect message (embedded NUL) |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
125 local ok = verify(key, "Hello world\0foo", sig); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
126 assert.is_falsy(ok); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
127 end |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
128 end); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
129 end); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
130 end |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
131 end); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
132 |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
133 describe("ECDSA signatures", function () |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
134 local hex = require "util.hex"; |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
135 local sig = hex.decode((([[ |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
136 304402203e936e7b0bc62887e0e9d675afd08531a930384cfcf301 |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
137 f25d13053a2ebf141d02205a5a7c7b7ac5878d004cb79b17b39346 |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
138 6b0cd1043718ffc31c153b971d213a8e |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
139 ]]):gsub("%s+", ""))); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
140 it("can be parsed", function () |
| 12737 | 141 local r, s = crypto.parse_ecdsa_signature(sig, 32); |
|
12693
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
142 assert.is_string(r); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
143 assert.is_string(s); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
144 assert.equal(32, #r); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
145 assert.equal(32, #s); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
146 end); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
147 it("fails to parse invalid signatures", function () |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
148 local invalid_sigs = { |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
149 ""; |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
150 "\000"; |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
151 string.rep("\000", 64); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
152 string.rep("\000", 72); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
153 string.rep("\000", 256); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
154 string.rep("\255", 72); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
155 string.rep("\255", 3); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
156 }; |
|
12703
5bda8598a2af
util.crypto: tests: fix some tests that didn't do much (thanks luacheck!)
Matthew Wild <mwild1@gmail.com>
parents:
12700
diff
changeset
|
157 for _, invalid_sig in ipairs(invalid_sigs) do |
| 12737 | 158 local r, s = crypto.parse_ecdsa_signature(invalid_sig, 32); |
|
12693
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
159 assert.is_nil(r); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
160 assert.is_nil(s); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
161 end |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
162 end); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
163 it("can be built", function () |
| 12737 | 164 local r, s = crypto.parse_ecdsa_signature(sig, 32); |
|
12693
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
165 local rebuilt_sig = crypto.build_ecdsa_signature(r, s); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
166 assert.equal(sig, rebuilt_sig); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
167 end); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
168 end); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
169 |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
170 describe("AES-GCM encryption", function () |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
171 it("works", function () |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
172 local message = "foo\0bar"; |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
173 local key_128_bit = random.bytes(16); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
174 local key_256_bit = random.bytes(32); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
175 local test_cases = { |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
176 { crypto.aes_128_gcm_encrypt, crypto.aes_128_gcm_decrypt, key = key_128_bit }; |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
177 { crypto.aes_256_gcm_encrypt, crypto.aes_256_gcm_decrypt, key = key_256_bit }; |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
178 }; |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
179 for _, params in pairs(test_cases) do |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
180 local iv = params.iv or random.bytes(12); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
181 local encrypted = params[1](params.key, iv, message); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
182 assert.not_equal(message, encrypted); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
183 local decrypted = params[2](params.key, iv, encrypted); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
184 assert.equal(message, decrypted); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
185 end |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
186 end); |
|
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
187 end); |
|
12837
d3ae47d8a7a7
util.crypto: Add support for AES-256-CTR
Matthew Wild <mwild1@gmail.com>
parents:
12737
diff
changeset
|
188 |
|
d3ae47d8a7a7
util.crypto: Add support for AES-256-CTR
Matthew Wild <mwild1@gmail.com>
parents:
12737
diff
changeset
|
189 describe("AES-CTR encryption", function () |
|
d3ae47d8a7a7
util.crypto: Add support for AES-256-CTR
Matthew Wild <mwild1@gmail.com>
parents:
12737
diff
changeset
|
190 it("works", function () |
|
d3ae47d8a7a7
util.crypto: Add support for AES-256-CTR
Matthew Wild <mwild1@gmail.com>
parents:
12737
diff
changeset
|
191 local message = "foo\0bar hello world"; |
|
d3ae47d8a7a7
util.crypto: Add support for AES-256-CTR
Matthew Wild <mwild1@gmail.com>
parents:
12737
diff
changeset
|
192 local key_256_bit = random.bytes(32); |
|
d3ae47d8a7a7
util.crypto: Add support for AES-256-CTR
Matthew Wild <mwild1@gmail.com>
parents:
12737
diff
changeset
|
193 local test_cases = { |
|
d3ae47d8a7a7
util.crypto: Add support for AES-256-CTR
Matthew Wild <mwild1@gmail.com>
parents:
12737
diff
changeset
|
194 { crypto.aes_256_ctr_decrypt, crypto.aes_256_ctr_decrypt, key = key_256_bit }; |
|
d3ae47d8a7a7
util.crypto: Add support for AES-256-CTR
Matthew Wild <mwild1@gmail.com>
parents:
12737
diff
changeset
|
195 }; |
|
d3ae47d8a7a7
util.crypto: Add support for AES-256-CTR
Matthew Wild <mwild1@gmail.com>
parents:
12737
diff
changeset
|
196 for _, params in pairs(test_cases) do |
|
d3ae47d8a7a7
util.crypto: Add support for AES-256-CTR
Matthew Wild <mwild1@gmail.com>
parents:
12737
diff
changeset
|
197 local iv = params.iv or random.bytes(16); |
|
d3ae47d8a7a7
util.crypto: Add support for AES-256-CTR
Matthew Wild <mwild1@gmail.com>
parents:
12737
diff
changeset
|
198 local encrypted = params[1](params.key, iv, message); |
|
d3ae47d8a7a7
util.crypto: Add support for AES-256-CTR
Matthew Wild <mwild1@gmail.com>
parents:
12737
diff
changeset
|
199 assert.not_equal(message, encrypted); |
|
d3ae47d8a7a7
util.crypto: Add support for AES-256-CTR
Matthew Wild <mwild1@gmail.com>
parents:
12737
diff
changeset
|
200 local decrypted = params[2](params.key, iv, encrypted); |
|
d3ae47d8a7a7
util.crypto: Add support for AES-256-CTR
Matthew Wild <mwild1@gmail.com>
parents:
12737
diff
changeset
|
201 assert.equal(message, decrypted); |
|
d3ae47d8a7a7
util.crypto: Add support for AES-256-CTR
Matthew Wild <mwild1@gmail.com>
parents:
12737
diff
changeset
|
202 end |
|
d3ae47d8a7a7
util.crypto: Add support for AES-256-CTR
Matthew Wild <mwild1@gmail.com>
parents:
12737
diff
changeset
|
203 end); |
|
d3ae47d8a7a7
util.crypto: Add support for AES-256-CTR
Matthew Wild <mwild1@gmail.com>
parents:
12737
diff
changeset
|
204 end); |
|
12693
7c5afbdcbc77
util.crypto: New wrapper for some operations in OpenSSL's libcrypto
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
205 end); |
