#!/usr/bin/perl -T # $RedRiver: keyring.t,v 1.23 2008/09/19 05:39:58 andrew Exp $ use strict; use warnings; use Test::More tests => 202; use Data::Dumper; BEGIN { use_ok('Palm::PDB'); use_ok('Palm::Keyring'); } my $file = 'Keys-test.pdb'; my $password = '12345'; my $new_password = '54321'; my @o = ( { version => 4, password => $password, }, { version => 5, password => $password, cipher => 1, }, ); my $acct = { 0 => { label => 'name', label_id => 0, data => 'test3', font => 0, }, 1 => { label => 'account', label_id => 1, data => 'atestaccount', font => 0, }, 2 => { label => 'password', label_id => 2, data => $password, font => 0, }, 3 => { label => 'lastchange', label_id => 3, data => { day => 2, month => 2, year => 99, }, font => 0, }, 255 => { label => 'notes', label_id => 255, data => 'now that really roxorZ!', font => 0, }, }; my %unchanging_date = %{ $acct->{3}->{data} }; my $bad_cipher = 999; my %crypt_1_details = ( 'default_iter' => 1000, 'keylen' => 24, 'blocksize' => 8, 'name' => 'DES_EDE3', 'alias' => 'DES-EDE3', 'DES_odd_parity' => 1 ); my $bad_label = 999; my $bad_label_name = 'not_a_label_name'; my %label_1_details = ( id => 1, name => 'account', ); my %label_not_found_details = ( id => $bad_label, name => undef, ); # Crypts is_deeply( Palm::Keyring::crypts(1), \%crypt_1_details, 'Got crypt 1' ); is_deeply( Palm::Keyring::crypts('DES-EDE3'), \%crypt_1_details, 'Got crypt DES-EDE3' ); is( Palm::Keyring::crypts(), undef, "Didn't get crypt empty cipher" ); is( Palm::Keyring::crypts($bad_cipher), undef, "Didn't get crypt $bad_cipher" ); # Bad Cipher eval { Palm::Keyring->new( { version => 5, cipher => $bad_cipher } ) }; like( $@, qr/^Unknown \s cipher \s $bad_cipher/xms, "Failed to create keyring with cipher $bad_cipher" ); # Labels is_deeply( Palm::Keyring::labels(1), \%label_1_details, 'Got label 1' ); is_deeply( Palm::Keyring::labels('account'), \%label_1_details, 'Got label account' ); is( Palm::Keyring::labels(), undef, "Didn't get label empty label" ); is_deeply( Palm::Keyring::labels($bad_label), \%label_not_found_details, "Got default label for $bad_label" ); is( Palm::Keyring::labels($bad_label_name), undef, "Didn't get label for $bad_label_name" ); my $pdb; eval { $pdb = new Palm::Keyring( -file => 't/Keys-invalid_version.pdb' ) }; like( $@, qr/^Unsupported \s Version \s 999/xms, 'Couldn\'t load pdb with invalid version' ); eval { $pdb = new Palm::Keyring( -file => 't/Keys-invalid_cipher.pdb' ) }; like( $@, qr/^Unknown \s cipher \s 999/xms, 'Couldn\'t load pdb with Unknown Cipher' ); eval { $pdb = new Palm::Keyring( -file => 't/Keys-invalid_appinfo.pdb' ) }; like( $@, qr/^Corrupt \s appinfo\? \s no \s {other}/xms, 'Couldn\'t load pdb with invalid appinfo' ); ok( $pdb = new Palm::Keyring( -file => 't/Keys-no_data.pdb', -password => $new_password ), 'Loaded Palm::Keyring file with no data' ); ok( $pdb = new Palm::Keyring( -file => 't/Keys-no_data.pdb' ), 'Loaded Palm::Keyring file with no data' ); my $record; ok( $record = $pdb->append_Record(), 'Append Record' ); eval{ $pdb->Encrypt() }; like( $@, qr/^Needed \s parameter \s \[record\] \s not \s passed!/xms, 'Encrypt account into record without record' ); eval{ $pdb->Encrypt( $record ) }; like( $@, qr/^password \s not \s set!/xms, 'Encrypt account into record without password' ); eval{ $pdb->Encrypt( $record, $password ) }; like( $@, qr/^Needed \s parameter \s \[plaintext\] \s not \s passed!/xms, 'Encrypt account into record without account' ); eval{ $pdb->Encrypt( $record, $new_password, $acct ) }; like( $@, qr/^Incorrect \s Password!/xms, 'Encrypt account into record with wrong password' ); my $ivec = pack("C*", 1..8); ok( $pdb->Encrypt( $record, $password, $acct, $ivec), 'Encrypt account into record (with custom ivec)' ); ok( $pdb->Encrypt( $record, $password, $acct), 'Encrypt account into record (with no changes)'); delete $record->{plaintext}; ok( $pdb->PackRecord($record), 'Pack Proper Record'); ok( $record = $pdb->ParseRecord(%{ $record }), 'Parse Proper Packed'); my $record2; ok( $record2 = $pdb->append_Record(), 'Append Record' ); eval{ $pdb->PackRecord($record2) }; like( $@, qr/^No \s encrypted \s data \s in \s record/xms, 'Pack Empty Record' ); $record2->{encrypted} = q{}; eval{ $pdb->PackRecord($record2) }; like( $@, qr/^No \s ivec/xms, 'Pack Empty Record with encrypted, but no ivec' ); $pdb->{version} = 4; delete $record->{encrypted}; delete $record->{data}; eval{ $pdb->PackRecord($record) }; like( $@, qr/^No \s data \s in \s record \s to \s pack/xms, 'Couldn\'t PackRecord without data' ); $pdb->{version} = 999; delete $record->{encrypted}; eval{ $pdb->Encrypt( $record, undef, $acct ) }; like( $@, qr/^Unsupported \s version \s 999/xms, 'Couldn\'t Encrypt with unsupported version' ); eval { $pdb->Write($file) }; like( $@, qr/^Unsupported \s Version \s 999/xms, 'Couldn\'t Write file with unsupported version' ); eval{ $pdb->PackRecord($record) }; like( $@, qr/^Unsupported \s Version \s 999/xms, 'Couldn\'t PackRecord with Invalid Version' ); $record2->{data} = q{nothing}; eval{ $pdb->ParseRecord(%{ $record2 }) }; like( $@, qr/^Unsupported \s Version \s 999/xms, 'Couldn\'t ParseRecord with Invalid Version' ); $pdb = undef; $record = undef; $record2 = undef; %{ $acct->{3}->{data} } = %unchanging_date; unlink $file; foreach my $options (@o) { foreach my $config_type ( 'hashref', 'cgi-style', 'list' ) { my $pdb; my $record; my $decrypted; my $Num_Tests_Left = 25; SKIP: { if ( defined $options->{cipher} && $options->{cipher} > 0 ) { my $crypt = Palm::Keyring::crypts( $options->{cipher} ); skip 'Crypt::CBC not installed', $Num_Tests_Left unless eval "require Crypt::CBC"; if ($crypt) { skip 'Crypt::' . $crypt->{name} . ' not installed', $Num_Tests_Left unless eval "require Crypt::$crypt->{name}"; } else { skip 'Unknown Crypt: ' . $options->{cipher}, $Num_Tests_Left; } } if ( $options->{version} == 4 ) { skip 'Crypt::DES not installed', $Num_Tests_Left unless eval "require Crypt::DES "; skip 'Digest::MD5 not installed', $Num_Tests_Left unless eval "require Digest::MD5 "; } elsif ( $options->{version} == 5 ) { skip 'Digest::HMAC_SHA1 not installed', $Num_Tests_Left unless eval "require Digest::HMAC_SHA1 "; } my @options = ($options); if ( $config_type eq 'cgi-style' ) { @options = ( '-version' => $options->{version}, '-password' => $options->{password}, ); if ( $options->{cipher} ) { push @options, '-cipher', $options->{cipher}; } } elsif ( $config_type eq 'list' ) { @options = ( $options->{password}, $options->{version} ); if ( $options->{cipher} ) { push @options, $options->{cipher}; } } ok( $pdb = new Palm::Keyring(@options), 'new Palm::Keyring v' . $options->{version} ); ok( $pdb->Write($file), 'Write "empty" file' ); #exit if $pdb->{version} == 5; ok( $record = $pdb->append_Record(), 'Append Record' ); ok( $pdb->Encrypt( $record, $password, $acct ), 'Encrypt account into record' ); ok( $pdb->Write($file), 'Write file' ); $pdb = undef; ok( $pdb = new Palm::Keyring(), 'new Palm::Keyring' ); ok( $pdb->Load($file), 'Load File' ); ok( $pdb->Password($password), 'Verify Password' ); my $rec_num = 0; ok( $decrypted = $pdb->Decrypt( $pdb->{records}->[$rec_num] ), 'Decrypt record' ); is( $decrypted->{2}->{data}, $password, 'Got password' ); is_deeply( $decrypted, $acct, 'Account Matches' ); my $old_date = $decrypted->{3}->{data}; ok( $pdb->Password( $password, $new_password ), 'Change PDB Password' ); ok( $decrypted = $pdb->Decrypt( $pdb->{'records'}->[$rec_num] ), 'Decrypt with new password' ); my $new_date = $decrypted->{3}->{data}; is_deeply( $old_date, $new_date, 'Date didn\'t change' ); $decrypted->{2}->{data} = $new_password; $pdb->{records}->[$rec_num]->{plaintext} = $decrypted; ok( $pdb->Encrypt( $pdb->{'records'}->[$rec_num] ), 'Change record' ); ok( $decrypted = $pdb->Decrypt( $pdb->{'records'}->[$rec_num] ), 'Decrypt new record' ); $new_date = $decrypted->{3}->{data}; my $od = join '/', map { $old_date->{$_} } sort keys %{$old_date}; my $nd = join '/', map { $new_date->{$_} } sort keys %{$new_date}; isnt( $od, $nd, 'Date changed' ); is( $decrypted->{2}->{data}, $new_password, 'Got new password' ); my $last_decrypted = $decrypted; $decrypted = {}; ok( $pdb->Password(), 'Forget password' ); eval { $decrypted = $pdb->Decrypt( $pdb->{'records'}->[$rec_num] ); }; ok( $@, 'Don\'t decrypt' ); isnt( $decrypted->{password}, $new_password, 'Didn\'t get new password' ); ok( $pdb->Unlock($new_password), 'Unlock' ); my @plaintext = map { $_->{plaintext} } @{ $pdb->{records} }; is_deeply( $plaintext[0], $last_decrypted, 'Account Matches' ); ok( $pdb->Lock(), 'Lock' ); my $cleared_decrypted = {}; $cleared_decrypted->{0} = $last_decrypted->{0}; @plaintext = map { $_->{plaintext} } @{ $pdb->{records} }; is_deeply( $plaintext[0], $cleared_decrypted, 'Cleared records' ); $pdb->{records}->[0]->{data} = undef; ok( $pdb->Write($file), 'Write file without data' ); ok( $pdb->Load($file), 'Load File without data' ); ok( unlink($file), 'Remove test pdb v' . $options->{version} ); } } } 1;