2019-12-25 01:21:43 -05:00
|
|
|
#!/bin/bash
|
2019-12-26 15:46:55 -05:00
|
|
|
|
2019-12-29 00:47:36 -05:00
|
|
|
export dummy_file="$1"
|
|
|
|
|
shift
|
|
|
|
|
export dummy_mb="$1"
|
|
|
|
|
|
2019-12-27 01:00:10 -05:00
|
|
|
[ "$dummy_file" = "" ] && export dummy_file='/tmp/randombytes'
|
2019-12-29 00:47:36 -05:00
|
|
|
[ "$dummy_mb" = "" ] && export dummy_mb='100'
|
|
|
|
|
|
2019-12-27 01:00:10 -05:00
|
|
|
[ "$TEST_BINS" = "" ] && TEST_BINS="./pegh.openssl ./pegh.libsodium"
|
|
|
|
|
|
|
|
|
|
set -euxo pipefail
|
2019-12-26 15:46:55 -05:00
|
|
|
|
2019-12-25 01:21:43 -05:00
|
|
|
# try different size files to encrypt/decrypt
|
2019-12-29 00:47:36 -05:00
|
|
|
[ -e "$dummy_file" ] || dd if=/dev/urandom bs=1M "count=$dummy_mb" of="$dummy_file"
|
2019-12-25 01:21:43 -05:00
|
|
|
|
2019-12-26 15:46:55 -05:00
|
|
|
# try make if it's installed, otherwise fall back to cc
|
2019-12-27 01:00:10 -05:00
|
|
|
rm -f pegh
|
2019-12-29 00:47:36 -05:00
|
|
|
|
|
|
|
|
# compile against openssl
|
|
|
|
|
make PEGH_OPENSSL=1 || cc pegh.c -DPEGH_OPENSSL -lcrypto -O3 -o pegh
|
|
|
|
|
mv pegh pegh.openssl
|
2019-12-25 01:21:43 -05:00
|
|
|
|
2019-12-29 00:47:36 -05:00
|
|
|
# compile against libsodium
|
|
|
|
|
make PEGH_LIBSODIUM=1 || cc pegh.c -DPEGH_LIBSODIUM -lsodium -O3 -o pegh
|
|
|
|
|
mv pegh pegh.libsodium
|
|
|
|
|
|
|
|
|
|
export key="$(< /dev/urandom tr -dc 'a-z0-9' | head -c12)"
|
2019-12-25 01:21:43 -05:00
|
|
|
|
|
|
|
|
echo "key: $key"
|
|
|
|
|
|
|
|
|
|
test () {
|
2019-12-26 15:46:55 -05:00
|
|
|
bin="$1"
|
2019-12-29 00:47:36 -05:00
|
|
|
bin_decrypt="${2:-$bin}"
|
|
|
|
|
|
2019-12-27 01:00:10 -05:00
|
|
|
echo "testing binaries bin: $bin bin_decrypt: $bin_decrypt"
|
2019-12-26 15:46:55 -05:00
|
|
|
|
|
|
|
|
echo 'encrypting then decrypting with the same key should succeed'
|
2019-12-29 00:47:36 -05:00
|
|
|
"$bin" -e "$key" < "$dummy_file" | "$bin_decrypt" -d "$key" | cmp - "$dummy_file"
|
2019-12-26 15:46:55 -05:00
|
|
|
|
|
|
|
|
echo 'test with -s 32 requiring 2gb of ram should succeed'
|
|
|
|
|
# can send -s 32 or -m 2048 to decrypt command with identical effect
|
2019-12-27 01:00:10 -05:00
|
|
|
#"$bin" -e "$key" -s 32 < "$dummy_file" | "$bin_decrypt" -d "$key" -m 2048 | cmp - "$dummy_file"
|
2019-12-26 15:46:55 -05:00
|
|
|
|
|
|
|
|
set +e
|
|
|
|
|
# these should fail
|
|
|
|
|
echo 'encrypting with one key and decrypting with another should fail'
|
2019-12-29 00:47:36 -05:00
|
|
|
"$bin" -e "$key" -i "$dummy_file" | "$bin_decrypt" -d "$key-wrongkey" | cmp - "$dummy_file" && echo "ERROR: appending -wrongkey to key somehow still worked" && exit 1
|
2019-12-26 15:46:55 -05:00
|
|
|
|
|
|
|
|
echo 'large values of N without enough memory should fail'
|
2019-12-29 00:47:36 -05:00
|
|
|
"$bin" -e "$key" -N 2000000 -i "$dummy_file" >/dev/null && echo "ERROR: N of 2 million without extra memory worked" && exit 1
|
|
|
|
|
"$bin_decrypt" -d "$key" -N 2000000 -i "$dummy_file" >/dev/null && echo "ERROR: N of 2 million without extra memory worked" && exit 1
|
2019-12-26 15:46:55 -05:00
|
|
|
|
|
|
|
|
# todo: can we also make this the case for stdout? needs some buffering...
|
|
|
|
|
echo 'bad decryption should result in output file being deleted'
|
2019-12-29 00:47:36 -05:00
|
|
|
echo 'hopefully this doesnt make it to disk' | "$bin" "$key" | cat - <(echo -n a) | "$bin_decrypt" -d "$key" -o bla.txt && exit 1
|
2019-12-28 16:39:38 -05:00
|
|
|
[ -s bla.txt ] && echo "ERROR: bla.txt should not exist" && exit 1
|
2019-12-26 15:46:55 -05:00
|
|
|
set -e
|
2019-12-25 01:21:43 -05:00
|
|
|
}
|
|
|
|
|
|
2019-12-27 01:00:10 -05:00
|
|
|
for bin in $TEST_BINS
|
2019-12-29 00:47:36 -05:00
|
|
|
do
|
2019-12-27 01:00:10 -05:00
|
|
|
for bin_decrypt in $TEST_BINS
|
2019-12-29 00:47:36 -05:00
|
|
|
do
|
|
|
|
|
time test $bin $bin_decrypt
|
|
|
|
|
done
|
|
|
|
|
done
|
2019-12-26 15:46:55 -05:00
|
|
|
|
|
|
|
|
echo "successful test run!"
|
|
|
|
|
|
