From patchwork Mon Apr 20 00:44:35 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Arne Schwabe <arne@rfc2549.org>
X-Patchwork-Id: 1093
Return-Path: <openvpn-devel-bounces@lists.sourceforge.net>
Delivered-To: patchwork@openvpn.net
Delivered-To: patchwork@openvpn.net
Received: from director12.mail.ord1d.rsapps.net ([172.30.191.6])
	by backend30.mail.ord1d.rsapps.net with LMTP id gJLqKlh9nV6PUwAAIUCqbw
	for <patchwork@openvpn.net>; Mon, 20 Apr 2020 06:45:44 -0400
Received: from proxy13.mail.ord1d.rsapps.net ([172.30.191.6])
	by director12.mail.ord1d.rsapps.net with LMTP id CAKyKlh9nV43JQAAIasKDg
	; Mon, 20 Apr 2020 06:45:44 -0400
Received: from smtp17.gate.ord1c ([172.30.191.6])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	by proxy13.mail.ord1d.rsapps.net with LMTP id KJZTKlh9nV6bUgAAgjf6aA
	; Mon, 20 Apr 2020 06:45:44 -0400
X-Spam-Threshold: 95
X-Spam-Score: 0
X-Spam-Flag: NO
X-Virus-Scanned: OK
X-Orig-To: openvpnslackdevel@openvpn.net
X-Originating-Ip: [216.105.38.7]
Authentication-Results: smtp17.gate.ord1c.rsapps.net;
 iprev=pass policy.iprev="216.105.38.7";
 spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net"
 smtp.helo="lists.sourceforge.net";
 dkim=fail (signature verification failed) header.d=sourceforge.net;
 dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil;
 dis=none) header.from=rfc2549.org
X-Suspicious-Flag: YES
X-Classification-ID: 15c0333e-82f4-11ea-8854-bc305beffb0c-1-1
Received: from [216.105.38.7] ([216.105.38.7:42174]
 helo=lists.sourceforge.net)
	by smtp17.gate.ord1c.rsapps.net (envelope-from
 <openvpn-devel-bounces@lists.sourceforge.net>)
	(ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384)
	id B1/33-11140-85D7D9E5; Mon, 20 Apr 2020 06:45:44 -0400
Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com)
	by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.90_1)
	(envelope-from <openvpn-devel-bounces@lists.sourceforge.net>)
	id 1jQTuw-0002jt-HH; Mon, 20 Apr 2020 10:44:46 +0000
Received: from [172.30.20.202] (helo=mx.sourceforge.net)
 by sfs-ml-2.v29.lw.sourceforge.com with esmtps
 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1)
 (envelope-from <arne@kamera.blinkt.de>) id 1jQTuv-0002jl-BA
 for openvpn-devel@lists.sourceforge.net; Mon, 20 Apr 2020 10:44:45 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:To:
 From:Sender:Reply-To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:
 Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender:
 Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:
 List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=ZEtTDCfxfOfsruSX0ocGVD6kABhc/0g5aeIOAKD9/YQ=; b=YTCNO95/o+cIH17NZWs4bJCr/x
 xeCOyRm7ap0GMc/VKzUaGMUXCYjab+dyaY9Fhg58p5ctICeKkxgcZDpaIc5yUTJbPyPpyDtTNVSly
 dMkH4RaiHOrPxA4++V6DZbr+r9k+FdAaVWP0FYYEX1Wr+dsoIB6AhExdhV0YC9OPapW0=;
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x
 ;
 h=References:In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc
 :MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID:
 Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
 :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe:
 List-Post:List-Owner:List-Archive;
 bh=ZEtTDCfxfOfsruSX0ocGVD6kABhc/0g5aeIOAKD9/YQ=; b=e+kBrU7YLoFMYY3qN7jiicKxuE
 3DgDyYaFM0j48lUzluVyS2Ca7ZGD1zy/CZ8WEchXKT6w0T/2B6zKg0fmsMvyNC+zxfPNB+cuVZy2D
 xDJI6o3mQ7OWy/VzZ+bfVGbWQVUEu3zGT3G6kh+LzB0MZ1sDxejQpGwNKdxszrbxVxY8=;
Received: from mail.blinkt.de ([192.26.174.232])
 by sfi-mx-4.v28.lw.sourceforge.com with esmtps
 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.2)
 id 1jQTut-007z2c-DG
 for openvpn-devel@lists.sourceforge.net; Mon, 20 Apr 2020 10:44:45 +0000
Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c])
 by mail.blinkt.de with smtp (Exim 4.92.3 (FreeBSD))
 (envelope-from <arne@kamera.blinkt.de>) id 1jQTul-000Ofp-SH
 for openvpn-devel@lists.sourceforge.net; Mon, 20 Apr 2020 12:44:35 +0200
Received: (nullmailer pid 7127 invoked by uid 10006);
 Mon, 20 Apr 2020 10:44:35 -0000
From: Arne Schwabe <arne@rfc2549.org>
To: openvpn-devel@lists.sourceforge.net
Date: Mon, 20 Apr 2020 12:44:35 +0200
Message-Id: <20200420104435.7082-1-arne@rfc2549.org>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <E1jLTnR-0005sV-FD@sfs-ml-2.v29.lw.sourceforge.com>
References: <E1jLTnR-0005sV-FD@sfs-ml-2.v29.lw.sourceforge.com>
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
 See http://spamassassin.org/tag/ for more details.
 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail
 domains are different
 0.0 SPF_NONE               SPF: sender does not publish an SPF Record
 0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
 0.1 AWL AWL: Adjusted score from AWL reputation of From: address
X-Headers-End: 1jQTut-007z2c-DG
Subject: [Openvpn-devel] [PATCH] Add tls-crypt-v2 test writing metadata
X-BeenThere: openvpn-devel@lists.sourceforge.net
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <openvpn-devel.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/options/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: 
 <http://sourceforge.net/mailarchive/forum.php?forum_name=openvpn-devel>
List-Post: <mailto:openvpn-devel@lists.sourceforge.net>
List-Help: <mailto:openvpn-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/openvpn-devel>,
 <mailto:openvpn-devel-request@lists.sourceforge.net?subject=subscribe>
MIME-Version: 1.0
Errors-To: openvpn-devel-bounces@lists.sourceforge.net
X-getmail-retrieved-from-mailbox: Inbox

---
 tests/unit_tests/openvpn/test_tls_crypt.c | 44 +++++++++++++++++++++--
 1 file changed, 41 insertions(+), 3 deletions(-)
Acked-by: Steffan Karger <steffan@karger.me>

diff --git a/tests/unit_tests/openvpn/test_tls_crypt.c b/tests/unit_tests/openvpn/test_tls_crypt.c
index b9e3a7a6..91a4d209 100644
--- a/tests/unit_tests/openvpn/test_tls_crypt.c
+++ b/tests/unit_tests/openvpn/test_tls_crypt.c
@@ -72,6 +72,24 @@ static const char *test_client_key = \
         "/Z5wtPCAZ0tOzj4ItTI77fBOYRTfEayzHgEr\n"
         "-----END OpenVPN tls-crypt-v2 client key-----\n";
 
+
+/* Has custom metadata of AABBCCDD (base64) */
+static const char *test_client_key_metadata= \
+        "-----BEGIN OpenVPN tls-crypt-v2 client key-----\n"
+        "AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4v\n"
+        "MDEyMzQ1Njc4OTo7PD0+P0BBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWltcXV5f\n"
+        "YGFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6e3x9fn+AgYKDhIWGh4iJiouMjY6P\n"
+        "kJGSk5SVlpeYmZqbnJ2en6ChoqOkpaanqKmqq6ytrq+wsbKztLW2t7i5uru8vb6/\n"
+        "wMHCw8TFxsfIycrLzM3Oz9DR0tPU1dbX2Nna29zd3t/g4eLj5OXm5+jp6uvs7e7v\n"
+        "8PHy8/T19vf4+fr7/P3+/2ntp1WCqhcLjJQY/igkjNt3Yb6i0neqFkfrOp2UCDcz\n"
+        "6RSJtPLZbvOOKUHk2qwxPYUsFCnz/IWV6/ZiLRrabzUpS8oSN1HS6P7qqAdrHKgf\n"
+        "hVTHasdSf2UdMTPC7HBgnP9Ll0FhKN0h7vSzbbt7QM7wH9mr1ecc/Mt0SYW2lpwA\n"
+        "aJObYGTyk6hTgWm0g/MLrworLrezTqUHBZzVsu+LDyqLWK1lzJNd66MuNOsGA4YF\n"
+        "fbCsDh8n3H+Cw1k5YNBZDYYJOtVUgBWXheO6vgoOmqDdI0dAQ3hVo9DE+SkCFjgf\n"
+        "l4FY2yLEh9ZVZZrl1eD1Owh/X178CkHrBJYl9LNQSyQEKlDGWwBLQ/pY3qtjctr3\n"
+        "pV62MPQdBo+1lcsjDCJVQA6XUyltas4BKQ==\n"
+        "-----END OpenVPN tls-crypt-v2 client key-----\n";
+
 int
 __wrap_parse_line(const char *line, char **p, const int n, const char *file,
                   const int line_num, int msglevel, struct gc_arena *gc)
@@ -520,21 +538,40 @@ test_tls_crypt_v2_write_server_key_file(void **state) {
 
 static void
 test_tls_crypt_v2_write_client_key_file(void **state) {
+  const char *filename = "testfilename.key";
+
+  /* Test writing the client key */
+  expect_string(__wrap_buffer_write_file, filename, filename);
+  expect_string(__wrap_buffer_write_file, pem, test_client_key);
+  will_return(__wrap_buffer_write_file, true);
+
+  /* Key generation re-reads the created file as a sanity check */
+  expect_string(__wrap_buffer_read_from_file, filename, filename);
+  will_return(__wrap_buffer_read_from_file, test_client_key);
+
+  tls_crypt_v2_write_client_key_file(filename, NULL, INLINE_FILE_TAG,
+                                     test_server_key);
+}
+
+static void
+test_tls_crypt_v2_write_client_key_file_metadata(void **state) {
     const char *filename = "testfilename.key";
+    const char *b64metadata = "AABBCCDD";
 
     /* Test writing the client key */
     expect_string(__wrap_buffer_write_file, filename, filename);
-    expect_string(__wrap_buffer_write_file, pem, test_client_key);
+    expect_string(__wrap_buffer_write_file, pem, test_client_key_metadata);
     will_return(__wrap_buffer_write_file, true);
 
     /* Key generation re-reads the created file as a sanity check */
     expect_string(__wrap_buffer_read_from_file, filename, filename);
-    will_return(__wrap_buffer_read_from_file, test_client_key);
+    will_return(__wrap_buffer_read_from_file, test_client_key_metadata);
 
-    tls_crypt_v2_write_client_key_file(filename, NULL, INLINE_FILE_TAG,
+    tls_crypt_v2_write_client_key_file(filename, b64metadata, INLINE_FILE_TAG,
                                        test_server_key);
 }
 
+
 int
 main(void) {
     const struct CMUnitTest tests[] = {
@@ -576,6 +613,7 @@ main(void) {
                                         test_tls_crypt_v2_teardown),
         cmocka_unit_test(test_tls_crypt_v2_write_server_key_file),
         cmocka_unit_test(test_tls_crypt_v2_write_client_key_file),
+        cmocka_unit_test(test_tls_crypt_v2_write_client_key_file_metadata),
     };
 
 #if defined(ENABLE_CRYPTO_OPENSSL)