Compare commits

...

10 commits

9 changed files with 490 additions and 73 deletions

View file

@ -9,7 +9,7 @@ before_script:
- composer install -n - composer install -n
script: script:
- cd tst && phpunit - cd tst && ../vendor/phpunit/phpunit/phpunit
after_script: after_script:
- cd .. - cd ..

View file

@ -24,7 +24,8 @@
}, },
"require-dev": { "require-dev": {
"codacy/coverage": "dev-master", "codacy/coverage": "dev-master",
"codeclimate/php-test-reporter": "dev-master" "codeclimate/php-test-reporter": "dev-master",
"giorgiosironi/eris": "dev-master"
}, },
"autoload": { "autoload": {
"psr-4": { "psr-4": {

View file

@ -39,7 +39,9 @@ class Filter
/** /**
* format a given time string into a human readable label (localized) * format a given time string into a human readable label (localized)
* *
* accepts times in the format "[integer][time unit]" * accepts times in the format "[integer][time unit]", valid time units are:
* sec, second, seconds, min, minute, minutes, hour, hours, day, days, week,
* weeks, month, months, year, years
* *
* @access public * @access public
* @static * @static

View file

@ -80,7 +80,7 @@ class Vizhash16x16
*/ */
public function generate($text) public function generate($text)
{ {
if (!function_exists('gd_info')) { if (!function_exists('gd_info') || strlen($text) < 1) {
return ''; return '';
} }

View file

@ -1,5 +1,6 @@
<?php <?php
use Eris\Generator;
use PrivateBin\Persistence\ServerSalt; use PrivateBin\Persistence\ServerSalt;
error_reporting(E_ALL | E_STRICT); error_reporting(E_ALL | E_STRICT);
@ -110,7 +111,7 @@ class Helper
} }
/** /**
* get example paste * get example paste as JSON
* *
* @return array * @return array
*/ */
@ -129,6 +130,68 @@ class Helper
return json_encode($example); return json_encode($example);
} }
/**
* get paste generator
*
* @return array
*/
public static function getPasteGenerator($meta = array(), $withAttachment = false)
{
$generatedMeta = array(
'salt' => ServerSalt::generate(),
'formatter' => Generator\elements('plaintext', 'syntaxhighlighting', 'markdown'),
'postdate' => Generator\int(),
'opendiscussion' => Generator\elements(true, false),
);
$generatedMeta = array_merge($generatedMeta, $meta);
$example = array(
'data' => Generator\associative(array(
'iv' => Generator\vector(16, Generator\byte()),
'v' => 1,
'iter' => Generator\choose(100, 100000),
'ks' => Generator\elements(128, 192, 256),
'ts' => Generator\elements(64, 96, 128),
'mode' => Generator\elements('ccm', 'ocb2', 'gcm'),
'adata' => Generator\string(),
'cipher'=> 'aes',
'salt' => Generator\vector(8, Generator\byte()),
'ct' => Generator\seq(Generator\byte()),
)),
'meta' => Generator\associative($generatedMeta),
);
if ($withAttachment) {
$example['attachment'] = $example['attachmentname'] = $example['data'];
}
return Generator\associative($example);
}
/**
* get paste from generated random array
*
* @return array
*/
public static function getPasteFromGeneratedArray($paste)
{
$paste['data']['iv'] = self::byteArray2Base64($paste['data']['iv']);
$paste['data']['salt'] = self::byteArray2Base64($paste['data']['salt']);
// deflate cipher text to maximize entropy
$paste['data']['ct'] = self::byteArray2Base64($paste['data']['ct'], true);
$paste['data'] = json_encode($paste['data']);
if (array_key_exists('attachment', $paste)) {
$paste['attachment']['iv'] = self::byteArray2Base64($paste['attachment']['iv']);
$paste['attachment']['salt'] = self::byteArray2Base64($paste['attachment']['salt']);
$paste['attachment']['ct'] = self::byteArray2Base64($paste['attachment']['ct'], true);
$paste['attachment'] = json_encode($paste['attachment']);
}
if (array_key_exists('attachmentname', $paste)) {
$paste['attachmentname']['iv'] = self::byteArray2Base64($paste['attachmentname']['iv']);
$paste['attachmentname']['salt'] = self::byteArray2Base64($paste['attachmentname']['salt']);
$paste['attachmentname']['ct'] = self::byteArray2Base64($paste['attachmentname']['ct'], true);
$paste['attachmentname'] = json_encode($paste['attachmentname']);
}
return $paste;
}
/** /**
* get example paste ID * get example paste ID
* *
@ -282,6 +345,24 @@ class Helper
} }
} }
/**
* get example paste ID
*
* @param array $bytes
* @return string
*/
public static function byteArray2Base64($bytes, $deflate = false)
{
$string = implode(
array_map('chr', $bytes)
);
// optional deflate to maximize entropy
if ($deflate) {
$string = gzdeflate($string);
}
return base64_encode($string);
}
/** /**
* update all templates with the latest SRI hashes for all JS files * update all templates with the latest SRI hashes for all JS files
* *

View file

@ -1,9 +1,12 @@
<?php <?php
use Eris\Generator;
use PrivateBin\Filter; use PrivateBin\Filter;
class FilterTest extends PHPUnit_Framework_TestCase class FilterTest extends PHPUnit_Framework_TestCase
{ {
use Eris\TestTrait;
public function testFilterStripsSlashesDeeply() public function testFilterStripsSlashesDeeply()
{ {
$this->assertEquals( $this->assertEquals(
@ -14,10 +17,40 @@ class FilterTest extends PHPUnit_Framework_TestCase
public function testFilterMakesTimesHumanlyReadable() public function testFilterMakesTimesHumanlyReadable()
{ {
$this->assertEquals('5 minutes', Filter::formatHumanReadableTime('5min')); $this->forAll(
$this->assertEquals('90 seconds', Filter::formatHumanReadableTime('90sec')); Generator\nat(),
$this->assertEquals('1 week', Filter::formatHumanReadableTime('1week')); Generator\oneOf(
$this->assertEquals('6 months', Filter::formatHumanReadableTime('6months')); 'sec', 'second', 'seconds'
)
)->then(
function ($int, $unit) {
$suffix = $int === 1 ? '' : 's';
$this->assertEquals($int . ' second' . $suffix, Filter::formatHumanReadableTime($int . $unit));
}
);
$this->forAll(
Generator\nat(),
Generator\oneOf(
'min', 'minute', 'minutes'
)
)->then(
function ($int, $unit) {
$suffix = $int === 1 ? '' : 's';
$this->assertEquals($int . ' minute' . $suffix, Filter::formatHumanReadableTime($int . $unit));
}
);
$this->forAll(
Generator\nat(),
Generator\oneOf(
'hour', 'hours', 'day', 'days', 'week', 'weeks',
'month', 'months', 'year', 'years'
)
)->then(
function ($int, $unit) {
$suffix = $int === 1 ? '' : 's';
$this->assertEquals($int . ' ' . rtrim($unit, 's') . $suffix, Filter::formatHumanReadableTime($int . $unit));
}
);
} }
/** /**
@ -26,55 +59,228 @@ class FilterTest extends PHPUnit_Framework_TestCase
*/ */
public function testFilterFailTimesHumanlyReadable() public function testFilterFailTimesHumanlyReadable()
{ {
Filter::formatHumanReadableTime('five_minutes'); $this->forAll(
Generator\string()
)->then(
function ($string) {
Filter::formatHumanReadableTime($string);
}
);
} }
public function testFilterMakesSizesHumanlyReadable() public function testFilterMakesSizesHumanlyReadable()
{ {
$this->assertEquals('1 B', Filter::formatHumanReadableSize(1)); $this->forAll(
$this->assertEquals('1 000 B', Filter::formatHumanReadableSize(1000)); Generator\neg()
$this->assertEquals('1.00 KiB', Filter::formatHumanReadableSize(1024)); )->then(
$this->assertEquals('1.21 KiB', Filter::formatHumanReadableSize(1234)); function ($int) {
$this->assertEquals(number_format($int, 0, '.', ' ') . ' B', Filter::formatHumanReadableSize($int));
}
);
$from = 0;
$exponent = 1024; $exponent = 1024;
$this->assertEquals('1 000.00 KiB', Filter::formatHumanReadableSize(1000 * $exponent)); $to = $exponent - 1;
$this->assertEquals('1.00 MiB', Filter::formatHumanReadableSize(1024 * $exponent)); $this->forAll(
$this->assertEquals('1.21 MiB', Filter::formatHumanReadableSize(1234 * $exponent)); Generator\choose($from, $to)
)->then(
function ($int) {
$this->assertEquals(number_format($int, 0, '.', ' ') . ' B', Filter::formatHumanReadableSize($int));
}
);
$from = $exponent;
$exponent *= 1024; $exponent *= 1024;
$this->assertEquals('1 000.00 MiB', Filter::formatHumanReadableSize(1000 * $exponent)); $to = $exponent - 1;
$this->assertEquals('1.00 GiB', Filter::formatHumanReadableSize(1024 * $exponent)); $this->forAll(
$this->assertEquals('1.21 GiB', Filter::formatHumanReadableSize(1234 * $exponent)); Generator\choose($from, $to),
$from
)->then(
function ($int, $divisor) {
$this->assertEquals(number_format($int / $divisor, 2, '.', ' ') . ' KiB', Filter::formatHumanReadableSize($int));
}
);
$from = $exponent;
$exponent *= 1024; $exponent *= 1024;
$this->assertEquals('1 000.00 GiB', Filter::formatHumanReadableSize(1000 * $exponent)); $to = $exponent - 1;
$this->assertEquals('1.00 TiB', Filter::formatHumanReadableSize(1024 * $exponent)); $this->forAll(
$this->assertEquals('1.21 TiB', Filter::formatHumanReadableSize(1234 * $exponent)); Generator\choose($from, $to),
$from
)->then(
function ($int, $divisor) {
$this->assertEquals(number_format($int / $divisor, 2, '.', ' ') . ' MiB', Filter::formatHumanReadableSize($int));
}
);
$from = $exponent;
$exponent *= 1024; $exponent *= 1024;
$this->assertEquals('1 000.00 TiB', Filter::formatHumanReadableSize(1000 * $exponent)); $to = $exponent - 1;
$this->assertEquals('1.00 PiB', Filter::formatHumanReadableSize(1024 * $exponent)); $this->forAll(
$this->assertEquals('1.21 PiB', Filter::formatHumanReadableSize(1234 * $exponent)); Generator\choose($from, $to),
$from
)->then(
function ($int, $divisor) {
$this->assertEquals(number_format($int / $divisor, 2, '.', ' ') . ' GiB', Filter::formatHumanReadableSize($int));
}
);
$from = $exponent;
$exponent *= 1024; $exponent *= 1024;
$this->assertEquals('1 000.00 PiB', Filter::formatHumanReadableSize(1000 * $exponent)); $to = $exponent - 1;
$this->assertEquals('1.00 EiB', Filter::formatHumanReadableSize(1024 * $exponent)); $this->forAll(
$this->assertEquals('1.21 EiB', Filter::formatHumanReadableSize(1234 * $exponent)); Generator\choose($from, $to),
$from
)->then(
function ($int, $divisor) {
$this->assertEquals(number_format($int / $divisor, 2, '.', ' ') . ' TiB', Filter::formatHumanReadableSize($int));
}
);
$from = $exponent;
$exponent *= 1024; $exponent *= 1024;
$this->assertEquals('1 000.00 EiB', Filter::formatHumanReadableSize(1000 * $exponent)); $to = $exponent - 1;
$this->assertEquals('1.00 ZiB', Filter::formatHumanReadableSize(1024 * $exponent)); $this->forAll(
$this->assertEquals('1.21 ZiB', Filter::formatHumanReadableSize(1234 * $exponent)); Generator\choose($from, $to),
$from
)->then(
function ($int, $divisor) {
$this->assertEquals(number_format($int / $divisor, 2, '.', ' ') . ' PiB', Filter::formatHumanReadableSize($int));
}
);
$from = $exponent;
$exponent *= 1024; $exponent *= 1024;
$to = $exponent - 1;
// on 64bit systems, this gets larger then PHP_INT_MAX, so PHP casts it
// to double and the "choose" generator can't handle it
if ($to > PHP_INT_MAX) {
$this->assertEquals('1.00 EiB', Filter::formatHumanReadableSize($from));
$this->assertEquals('1.23 EiB', Filter::formatHumanReadableSize(1.234 * $from));
$this->assertEquals('1 000.00 EiB', Filter::formatHumanReadableSize(1000 * $from));
$this->assertEquals('1.00 ZiB', Filter::formatHumanReadableSize($exponent));
$this->assertEquals('1.23 ZiB', Filter::formatHumanReadableSize(1.234 * $exponent));
$this->assertEquals('1 000.00 ZiB', Filter::formatHumanReadableSize(1000 * $exponent)); $this->assertEquals('1 000.00 ZiB', Filter::formatHumanReadableSize(1000 * $exponent));
$this->assertEquals('1.00 YiB', Filter::formatHumanReadableSize(1024 * $exponent)); $exponent *= 1024;
$this->assertEquals('1.21 YiB', Filter::formatHumanReadableSize(1234 * $exponent)); $this->assertEquals('1.00 YiB', Filter::formatHumanReadableSize($exponent));
$this->assertEquals('1.23 YiB', Filter::formatHumanReadableSize(1.234 * $exponent));
} else {
$this->forAll(
Generator\choose($from, $to),
$from
)->then(
function ($int, $divisor) {
$this->assertEquals(number_format($int / $divisor, 2, '.', ' ') . ' EiB', Filter::formatHumanReadableSize($int));
}
);
$from = $exponent;
$exponent *= 1024;
$to = $exponent - 1;
$this->forAll(
Generator\choose($from, $to),
$from
)->then(
function ($int, $divisor) {
$this->assertEquals(number_format($int / $divisor, 2, '.', ' ') . ' ZiB', Filter::formatHumanReadableSize($int));
}
);
$from = $exponent;
$exponent *= 1024;
$to = $exponent - 1;
$this->forAll(
Generator\choose($from, $to),
$from
)->then(
function ($int, $divisor) {
$this->assertEquals(number_format($int / $divisor, 2, '.', ' ') . ' YiB', Filter::formatHumanReadableSize($int));
}
);
}
} }
public function testSlowEquals() public function testSlowEquals()
{ {
$this->assertTrue(Filter::slowEquals('foo', 'foo'), 'same string'); $this->forAll(
$this->assertFalse(Filter::slowEquals('foo', true), 'string and boolean'); Generator\string()
$this->assertFalse(Filter::slowEquals('foo', 0), 'string and integer'); )->then(
$this->assertFalse(Filter::slowEquals('123foo', 123), 'string and integer'); function ($string) {
$this->assertFalse(Filter::slowEquals('123foo', '123'), 'different strings'); $this->assertTrue(Filter::slowEquals($string, $string), 'same string');
$this->assertFalse(Filter::slowEquals('6', ' 6'), 'strings with space'); }
$this->assertFalse(Filter::slowEquals('4.2', '4.20'), 'floats as strings'); );
$this->assertFalse(Filter::slowEquals('1e3', '1000'), 'integers as strings'); $this->forAll(
Generator\int()
)->then(
function ($int) {
$this->assertTrue(Filter::slowEquals($int, $int), 'same integer');
}
);
$this->forAll(
Generator\float()
)->then(
function ($float) {
$this->assertTrue(Filter::slowEquals($float, $float), 'same float');
}
);
$this->forAll(
Generator\string()
)->then(
function ($string) {
$this->assertFalse(Filter::slowEquals($string, true), 'string and boolean true');
}
);
$this->forAll(
Generator\string()
)->then(
function ($string) {
// false is casted into an empty string
if ($string !== '') {
$this->assertFalse(Filter::slowEquals($string, false), 'string and boolean false');
}
}
);
$this->forAll(
Generator\string(),
Generator\int()
)->then(
function ($string, $int) {
$this->assertFalse(Filter::slowEquals($string, $int), 'string and integer');
}
);
$this->forAll(
Generator\string(),
Generator\float()
)->then(
function ($string, $float) {
$this->assertFalse(Filter::slowEquals($string, $float), 'string and float');
}
);
$this->forAll(
Generator\string(),
Generator\string()
)->then(
function ($string1, $string2) {
if ($string1 !== $string2) {
$this->assertFalse(Filter::slowEquals($string1, $string2), 'different strings');
}
}
);
$this->forAll(
Generator\string()
)->then(
function ($string) {
$this->assertFalse(Filter::slowEquals($string, ' ' . $string), 'strings with space');
}
);
$this->forAll(
Generator\float()
)->then(
function ($float) {
$this->assertFalse(Filter::slowEquals(strval($float), $float . '0'), 'floats as strings');
}
);
$this->forAll(
Generator\int()
)->then(
function ($int) {
$this->assertFalse(Filter::slowEquals($int . 'e3', $int . '000'), 'integers as strings');
}
);
// these two tests would be compared equal if casted to integers as they are larger then PHP_INT_MAX
$this->assertFalse(Filter::slowEquals('9223372036854775807', '9223372036854775808'), 'large integers as strings'); $this->assertFalse(Filter::slowEquals('9223372036854775807', '9223372036854775808'), 'large integers as strings');
$this->assertFalse(Filter::slowEquals('61529519452809720693702583126814', '61529519452809720000000000000000'), 'larger integers as strings'); $this->assertFalse(Filter::slowEquals('61529519452809720693702583126814', '61529519452809720000000000000000'), 'larger integers as strings');
} }

View file

@ -6,11 +6,15 @@ and its dependencies:
* phpunit * phpunit
* php-gd * php-gd
* php-sqlite3 * php-sqlite3
* php-xdebug (for code coverage reports) * php-curl (optional, for codeclimate test reporter)
* php-xdebug (optional, for code coverage reports)
* composer (to install eris property based unit tests)
Example for Debian and Ubuntu: Example for Debian and Ubuntu:
```console ```console
$ sudo apt install phpunit php-gd php-sqlite php-xdebug $ sudo apt install phpunit php-gd php-sqlite php-curl php-xdebug composer
$ cd PrivateBin
$ composer update
``` ```
To run the tests, just change into this directory and run phpunit: To run the tests, just change into this directory and run phpunit:
@ -19,6 +23,12 @@ $ cd PrivateBin/tst
$ phpunit $ phpunit
``` ```
Or you can also use the phpunit installed as dependency of eris by composer:
```console
$ cd PrivateBin/tst
$ ../vendor/phpunit/phpunit/phpunit
```
Running JavaScript unit tests Running JavaScript unit tests
============================= =============================

View file

@ -1,31 +1,88 @@
<?php <?php
use Eris\Generator;
use PrivateBin\Sjcl; use PrivateBin\Sjcl;
class SjclTest extends PHPUnit_Framework_TestCase class SjclTest extends PHPUnit_Framework_TestCase
{ {
use Eris\TestTrait;
public function testSjclValidatorValidatesCorrectly() public function testSjclValidatorValidatesCorrectly()
{ {
$paste = Helper::getPasteWithAttachment(); $this->minimumEvaluationRatio(0.01)->forAll(
Helper::getPasteGenerator(array(), true),
Generator\string(),
Generator\string(),
Generator\choose(0,100)
)->then(
function ($pasteArray, $key, $value, $lowInt) {
$paste = Helper::getPasteFromGeneratedArray($pasteArray);
$this->assertTrue(Sjcl::isValid($paste['data']), 'valid sjcl'); $this->assertTrue(Sjcl::isValid($paste['data']), 'valid sjcl');
$this->assertTrue(Sjcl::isValid($paste['attachment']), 'valid sjcl'); $this->assertTrue(Sjcl::isValid($paste['attachment']), 'valid sjcl');
$this->assertTrue(Sjcl::isValid($paste['attachmentname']), 'valid sjcl'); $this->assertTrue(Sjcl::isValid($paste['attachmentname']), 'valid sjcl');
$this->assertTrue(Sjcl::isValid(Helper::getComment()['data']), 'valid sjcl');
$this->assertTrue(Sjcl::isValid('{"iv":"83Ax/OdUav3SanDW9dcQPg","v":1,"iter":1000,"ks":128,"ts":64,"mode":"ccm","adata":"","cipher":"aes","salt":"Gx1vA2/gQ3U","ct":"j7ImByuE5xCqD2YXm6aSyA"}'), 'valid sjcl'); // common error cases
$this->assertFalse(Sjcl::isValid('{"iv":"$","v":1,"iter":1000,"ks":128,"ts":64,"mode":"ccm","adata":"","cipher":"aes","salt":"Gx1vA2/gQ3U","ct":"j7ImByuE5xCqD2YXm6aSyA"}'), 'invalid base64 encoding of iv'); $this->assertFalse(Sjcl::isValid($value), 'non-json data');
$this->assertFalse(Sjcl::isValid('{"iv":"83Ax/OdUav3SanDW9dcQPg","v":1,"iter":1000,"ks":128,"ts":64,"mode":"ccm","adata":"","cipher":"aes","salt":"$","ct":"j7ImByuE5xCqD2YXm6aSyA"}'), 'invalid base64 encoding of salt');
$this->assertFalse(Sjcl::isValid('{"iv":"83Ax/OdUav3SanDW9dcQPg","v":1,"iter":1000,"ks":128,"ts":64,"mode":"ccm","adata":"","cipher":"aes","salt":"Gx1vA2/gQ3U","ct":"$"}'), 'invalid base64 encoding of ct'); $sjclArray = json_decode($paste['data'], true);
$this->assertFalse(Sjcl::isValid('{"iv":"83Ax/OdUav3SanDW9dcQPg","v":1,"iter":1000,"ks":128,"ts":64,"mode":"ccm","adata":"","cipher":"aes","salt":"Gx1vA2/gQ3U","ct":"bm9kYXRhbm9kYXRhbm9kYXRhbm9kYXRhbm9kYXRhCg=="}'), 'low ct entropy'); $sjclError = $sjclArray;
$this->assertFalse(Sjcl::isValid('{"iv":"MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=","v":1,"iter":1000,"ks":128,"ts":64,"mode":"ccm","adata":"","cipher":"aes","salt":"Gx1vA2/gQ3U","ct":"j7ImByuE5xCqD2YXm6aSyA"}'), 'iv to long'); $sjclError['iv'] = '$' . $value;
$this->assertFalse(Sjcl::isValid('{"iv":"83Ax/OdUav3SanDW9dcQPg","v":1,"iter":1000,"ks":128,"ts":64,"mode":"ccm","adata":"","cipher":"aes","salt":"MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=","ct":"j7ImByuE5xCqD2YXm6aSyA"}'), 'salt to long'); $this->assertFalse(Sjcl::isValid(json_encode($sjclError)), 'invalid base64 encoding of iv');
$this->assertFalse(Sjcl::isValid('{"iv":"83Ax/OdUav3SanDW9dcQPg","v":1,"iter":1000,"ks":128,"ts":64,"mode":"ccm","adata":"","cipher":"aes","salt":"Gx1vA2/gQ3U","ct":"j7ImByuE5xCqD2YXm6aSyA","foo":"MTIzNDU2Nzg5MDEyMzQ1Njc4OTA="}'), 'invalid additional key');
$this->assertFalse(Sjcl::isValid('{"iv":"83Ax/OdUav3SanDW9dcQPg","v":0.9,"iter":1000,"ks":128,"ts":64,"mode":"ccm","adata":"","cipher":"aes","salt":"Gx1vA2/gQ3U","ct":"j7ImByuE5xCqD2YXm6aSyA"}'), 'unsupported version'); $sjclError = $sjclArray;
$this->assertFalse(Sjcl::isValid('{"iv":"83Ax/OdUav3SanDW9dcQPg","v":1,"iter":100,"ks":128,"ts":64,"mode":"ccm","adata":"","cipher":"aes","salt":"Gx1vA2/gQ3U","ct":"j7ImByuE5xCqD2YXm6aSyA"}'), 'not enough iterations'); $sjclError['salt'] = '$' . $value;
$this->assertFalse(Sjcl::isValid('{"iv":"83Ax/OdUav3SanDW9dcQPg","v":1,"iter":1000,"ks":127,"ts":64,"mode":"ccm","adata":"","cipher":"aes","salt":"Gx1vA2/gQ3U","ct":"j7ImByuE5xCqD2YXm6aSyA"}'), 'invalid key size'); $this->assertFalse(Sjcl::isValid(json_encode($sjclError)), 'invalid base64 encoding of salt');
$this->assertFalse(Sjcl::isValid('{"iv":"83Ax/OdUav3SanDW9dcQPg","v":1,"iter":1000,"ks":128,"ts":63,"mode":"ccm","adata":"","cipher":"aes","salt":"Gx1vA2/gQ3U","ct":"j7ImByuE5xCqD2YXm6aSyA"}'), 'invalid tag length');
$this->assertFalse(Sjcl::isValid('{"iv":"83Ax/OdUav3SanDW9dcQPg","v":1,"iter":1000,"ks":128,"ts":64,"mode":"!#@","adata":"","cipher":"aes","salt":"Gx1vA2/gQ3U","ct":"j7ImByuE5xCqD2YXm6aSyA"}'), 'invalid mode'); $sjclError = $sjclArray;
$this->assertFalse(Sjcl::isValid('{"iv":"83Ax/OdUav3SanDW9dcQPg","v":1,"iter":1000,"ks":128,"ts":64,"mode":"ccm","adata":"","cipher":"!#@","salt":"Gx1vA2/gQ3U","ct":"j7ImByuE5xCqD2YXm6aSyA"}'), 'invalid cipher'); $sjclError['ct'] = '$' . $value;
$this->assertFalse(Sjcl::isValid(json_encode($sjclError)), 'invalid base64 encoding of ct');
$sjclError = $sjclArray;
$sjclError['ct'] = 'bm9kYXRhbm9kYXRhbm9kYXRhbm9kYXRhbm9kYXRhCg==';
$this->assertFalse(Sjcl::isValid(json_encode($sjclError)), 'low ct entropy');
$sjclError = $sjclArray;
$sjclError['iv'] = 'MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=';
$this->assertFalse(Sjcl::isValid(json_encode($sjclError)), 'iv to long');
$sjclError = $sjclArray;
$sjclError['salt'] = 'MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=';
$this->assertFalse(Sjcl::isValid(json_encode($sjclError)), 'salt to long');
$sjclError = $sjclArray;
$sjclError[$key] = $value;
$this->assertFalse(Sjcl::isValid(json_encode($sjclError)), 'invalid additional key');
if (!in_array($key, array('1', 'ccm', 'ocb2', 'gcm', 'aes'))) {
$sjclError = $sjclArray;
$sjclError['v'] = $key;
$this->assertFalse(Sjcl::isValid(json_encode($sjclError)), 'unsupported version');
$sjclError = $sjclArray;
$sjclError['mode'] = $key;
$this->assertFalse(Sjcl::isValid(json_encode($sjclError)), 'invalid mode');
$sjclError = $sjclArray;
$sjclError['cipher'] = $key;
$this->assertFalse(Sjcl::isValid(json_encode($sjclError)), 'invalid cipher');
}
$sjclError = $sjclArray;
$sjclError['iter'] = $lowInt;
$this->assertFalse(Sjcl::isValid(json_encode($sjclError)), 'not enough iterations');
if (!in_array($lowInt, array(64, 96))) {
$sjclError = $sjclArray;
$sjclError['ks'] = $lowInt;
$this->assertFalse(Sjcl::isValid(json_encode($sjclError)), 'invalid key size');
$sjclError = $sjclArray;
$sjclError['ts'] = $lowInt;
$this->assertFalse(Sjcl::isValid(json_encode($sjclError)), 'invalid authentication strength');
}
// @note adata is not validated, except as part of the total message length // @note adata is not validated, except as part of the total message length
} }
);
$this->assertTrue(Sjcl::isValid(Helper::getComment()['data']), 'valid sjcl');
}
} }

View file

@ -1,10 +1,13 @@
<?php <?php
use Eris\Generator;
use PrivateBin\Persistence\ServerSalt; use PrivateBin\Persistence\ServerSalt;
use PrivateBin\Vizhash16x16; use PrivateBin\Vizhash16x16;
class Vizhash16x16Test extends PHPUnit_Framework_TestCase class Vizhash16x16Test extends PHPUnit_Framework_TestCase
{ {
use Eris\TestTrait;
private $_file; private $_file;
private $_path; private $_path;
@ -27,14 +30,71 @@ class Vizhash16x16Test extends PHPUnit_Framework_TestCase
Helper::rmDir($this->_path); Helper::rmDir($this->_path);
} }
public function testVizhashGeneratesUniquePngsPerIp() public function testVizhashGeneratesPngs()
{ {
$this->forAll(
Generator\string(),
Generator\string()
)->then(
function ($string1, $string2) {
$vz = new Vizhash16x16(); $vz = new Vizhash16x16();
$pngdata = $vz->generate(hash('sha512', '127.0.0.1')); $pngdata = $vz->generate($string1);
if (empty($string1)) {
$this->assertEquals($pngdata, '');
} else {
$this->assertNotEquals($pngdata, '');
file_put_contents($this->_file, $pngdata); file_put_contents($this->_file, $pngdata);
$finfo = new finfo(FILEINFO_MIME_TYPE); $finfo = new finfo(FILEINFO_MIME_TYPE);
$this->assertEquals('image/png', $finfo->file($this->_file)); $this->assertEquals('image/png', $finfo->file($this->_file));
$this->assertNotEquals($pngdata, $vz->generate(hash('sha512', '2001:1620:2057:dead:beef::cafe:babe'))); if ($string1 !== $string2) {
$this->assertEquals($pngdata, $vz->generate(hash('sha512', '127.0.0.1'))); $this->assertNotEquals($pngdata, $string2);
}
}
$this->assertEquals($pngdata, $vz->generate($string1));
}
);
}
public function testVizhashGeneratesUniquePngsPerIpv4Hash()
{
$this->forAll(
Generator\vector(2, Generator\vector(4, Generator\byte()))
)->then(
function ($ips) {
$hash1 = hash('sha512', implode('.', $ips[0]));
$hash2 = hash('sha512', implode('.', $ips[1]));
$vz = new Vizhash16x16();
$pngdata = $vz->generate($hash1);
file_put_contents($this->_file, $pngdata);
$finfo = new finfo(FILEINFO_MIME_TYPE);
$this->assertEquals('image/png', $finfo->file($this->_file));
if ($hash1 !== $hash2) {
$this->assertNotEquals($pngdata, $vz->generate($hash2));
}
$this->assertEquals($pngdata, $vz->generate($hash1));
}
);
}
public function testVizhashGeneratesUniquePngsPerIpv6Hash()
{
$this->forAll(
Generator\vector(2, Generator\vector(16, Generator\byte()))
)->then(
function ($ips) {
$hash1 = hash('sha512', inet_ntop(implode(array_map('chr', $ips[0]))));
$hash2 = hash('sha512', inet_ntop(implode(array_map('chr', $ips[1]))));
$vz = new Vizhash16x16();
$pngdata = $vz->generate($hash1);
file_put_contents($this->_file, $pngdata);
$finfo = new finfo(FILEINFO_MIME_TYPE);
$this->assertEquals('image/png', $finfo->file($this->_file));
if ($hash1 !== $hash2) {
$this->assertNotEquals($pngdata, $vz->generate($hash2));
}
$this->assertEquals($pngdata, $vz->generate($hash1));
}
);
} }
} }