passwordbasedauthentication_tests.c File Reference

#include "authutils.h"
#include "passwordbasedauthentication.c"
#include <cgreen/cgreen.h>
#include <cgreen/mocks.h>
#include <string.h>

Include dependency graph for passwordbasedauthentication_tests.c:

Go to the source code of this file.

Functions
	Describe (PBA)
	BeforeEach (PBA)
	AfterEach (PBA)
	Ensure (PBA, returns_false_on_not_phc_compliant_setting)
	Ensure (PBA, returns_true_on_phc_compliant_setting)
	Ensure (PBA, returns_NULL_on_unsupport_settings)
	Ensure (PBA, unique_hash_without_adding_used_pepper)
	Ensure (PBA, verify_hash)
	Ensure (PBA, verify_hash_returns_invalid_on_np_hash_np_password)
	Ensure (PBA, defaults)
	Ensure (PBA, initialization)
	Ensure (PBA, handle_md5_hash)
int	main (int argc, char **argv)

Function Documentation

AfterEach()

AfterEach

(

PBA

)

Definition at line 16 of file passwordbasedauthentication_tests.c.

{
}

BeforeEach()

BeforeEach

(

PBA

)

Definition at line 13 of file passwordbasedauthentication_tests.c.

{
}

Describe()

Describe

(

PBA

)

Ensure() [1/9]

Ensure	(	PBA	,
		defaults	)

Definition at line 75 of file passwordbasedauthentication_tests.c.

{
  int i;
  struct PBASettings *settings = pba_init (NULL, 0, 0, NULL);
  assert_equal (settings->count, 20000);
  for (i = 0; i < MAX_PEPPER_SIZE; i++)
    assert_equal_with_message (settings->pepper[i], 0,
                               "init_without_pepper_should_not_have_pepper");
  assert_string_equal (settings->prefix, "$6$");
  pba_finalize (settings);
}

References PBASettings::count, MAX_PEPPER_SIZE, pba_finalize(), pba_init(), PBASettings::pepper, and PBASettings::prefix.

Here is the call graph for this function:

Ensure() [2/9]

Ensure	(	PBA	,
		handle_md5_hash	)

Definition at line 106 of file passwordbasedauthentication_tests.c.

{
  struct PBASettings *settings = pba_init (NULL, 0, 0, NULL);
  char *hash;
  assert_equal (gvm_auth_init (), 0);
  hash = get_password_hashes ("admin");
  assert_equal (pba_verify_hash (settings, hash, "admin"), UPDATE_RECOMMENDED);
  pba_finalize (settings);
  g_free (hash);
}

References get_password_hashes(), gvm_auth_init(), pba_finalize(), pba_init(), pba_verify_hash(), and UPDATE_RECOMMENDED.

Here is the call graph for this function:

Ensure() [3/9]

Ensure	(	PBA	,
		initialization	)

Definition at line 86 of file passwordbasedauthentication_tests.c.

{
  int i;
  struct PBASettings *settings = pba_init ("444", 3, 1, "$6$");
  assert_equal (settings->count, 1);
  for (i = 0; i < MAX_PEPPER_SIZE - 1; i++)
    assert_equal_with_message (settings->pepper[i], '4',
                               "init_with_pepper_should_be_set");
  assert_equal_with_message (settings->pepper[MAX_PEPPER_SIZE - 1], '\0',
                             "last_pepper_should_be_unset_by_pepper_3");
  assert_string_equal (settings->prefix, "$6$");
  pba_finalize (settings);
  settings = pba_init ("444", MAX_PEPPER_SIZE + 1, 1, "$6$");
  assert_equal_with_message (settings, NULL,
                             "should_fail_due_to_too_much_pepper");
  settings = pba_init ("444", MAX_PEPPER_SIZE, 1, "$WALDFEE$");
  assert_equal_with_message (settings, NULL,
                             "should_fail_due_to_unknown_prefix");
}

References PBASettings::count, MAX_PEPPER_SIZE, pba_finalize(), pba_init(), PBASettings::pepper, and PBASettings::prefix.

Here is the call graph for this function:

Ensure() [4/9]

Ensure	(	PBA	,
		returns_false_on_not_phc_compliant_setting	)

Definition at line 20 of file passwordbasedauthentication_tests.c.

{
  assert_false (pba_is_phc_compliant ("$"));
  assert_false (pba_is_phc_compliant ("password"));
}

References pba_is_phc_compliant().

Here is the call graph for this function:

Ensure() [5/9]

Ensure	(	PBA	,
		returns_NULL_on_unsupport_settings	)

Definition at line 29 of file passwordbasedauthentication_tests.c.

{
  struct PBASettings setting = {"0000", 20000, "$6$"};
  assert_false (pba_hash (NULL, "*password"));
  assert_false (pba_hash (&setting, NULL));
  setting.prefix = "$1$";
  assert_false (pba_hash (&setting, "*password"));
}

References pba_hash(), and PBASettings::prefix.

Here is the call graph for this function:

Ensure() [6/9]

Ensure	(	PBA	,
		returns_true_on_phc_compliant_setting	)

Definition at line 25 of file passwordbasedauthentication_tests.c.

{
  assert_true (pba_is_phc_compliant ("$password"));
}

References pba_is_phc_compliant().

Here is the call graph for this function:

Ensure() [7/9]

Ensure	(	PBA	,
		unique_hash_without_adding_used_pepper	)

Definition at line 37 of file passwordbasedauthentication_tests.c.

{
  struct PBASettings setting = {"4242", 20000, "$6$"};
  char *cmp_hash, *hash;
  hash = pba_hash (&setting, "*password");
  assert_not_equal (hash, NULL);
  assert_false (string_contains (hash, setting.pepper));
  cmp_hash = pba_hash (&setting, "*password");
  assert_string_not_equal (hash, cmp_hash);
  free (hash);
  free (cmp_hash);
}

References pba_hash(), and PBASettings::pepper.

Here is the call graph for this function:

Ensure() [8/9]

Ensure	(	PBA	,
		verify_hash	)

Definition at line 49 of file passwordbasedauthentication_tests.c.

{
  struct PBASettings setting = {"4242", 20000, "$6$"};
  char *hash;
  hash = pba_hash (&setting, "*password");
  assert_not_equal (hash, NULL);
  assert_equal (pba_verify_hash (&setting, hash, "*password"), VALID);
  assert_equal (pba_verify_hash (&setting, hash, "*password1"), INVALID);
  free (hash);
  struct PBASettings setting_wo_pepper = {"\0\0\0\0", 20000, "$6$"};
  hash = pba_hash (&setting_wo_pepper, "*password");
  assert_equal (pba_verify_hash (&setting_wo_pepper, hash, "*password"), VALID);
  free (hash);
}

References INVALID, pba_hash(), pba_verify_hash(), and VALID.

Here is the call graph for this function:

Ensure() [9/9]

Ensure	(	PBA	,
		verify_hash_returns_invalid_on_np_hash_np_password	)

Definition at line 64 of file passwordbasedauthentication_tests.c.

{
  struct PBASettings setting = {"4242", 20000, "$6$"};
  char *hash;
  hash = pba_hash (&setting, "*password");
  assert_not_equal (hash, NULL);
  assert_equal (pba_verify_hash (&setting, NULL, "*password"), INVALID);
  assert_equal (pba_verify_hash (&setting, hash, NULL), INVALID);
  free (hash);
}

References INVALID, pba_hash(), and pba_verify_hash().

Here is the call graph for this function:

main()

int main	(	int	argc,
		char **	argv )

Definition at line 118 of file passwordbasedauthentication_tests.c.

{
  int ret;
  TestSuite *suite;
 
  suite = create_test_suite ();
 
  add_test_with_context (suite, PBA,
                         returns_false_on_not_phc_compliant_setting);
  add_test_with_context (suite, PBA, returns_true_on_phc_compliant_setting);
  add_test_with_context (suite, PBA, returns_NULL_on_unsupport_settings);
  add_test_with_context (suite, PBA, unique_hash_without_adding_used_pepper);
  add_test_with_context (suite, PBA, verify_hash);
  add_test_with_context (suite, PBA,
                         verify_hash_returns_invalid_on_np_hash_np_password);
  add_test_with_context (suite, PBA, handle_md5_hash);
  add_test_with_context (suite, PBA, defaults);
  add_test_with_context (suite, PBA, initialization);
 
  if (argc > 1)
    ret = run_single_test (suite, argv[1], create_text_reporter ());
  else
    ret = run_test_suite (suite, create_text_reporter ());
 
  destroy_test_suite (suite);
 
  return ret;
}