diff options
author | Martin Holst Swende <martin@swende.se> | 2018-09-25 21:54:58 +0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-09-25 21:54:58 +0800 |
commit | d3441ebb563439bac0837d70591f92e2c6080303 (patch) | |
tree | cec46689f8ec4fd4570322e79ad7167c3b792c74 /signer/storage/aes_gcm_storage_test.go | |
parent | a95a601f35c49be6045de522138f639fbb68c885 (diff) | |
download | go-tangerine-d3441ebb563439bac0837d70591f92e2c6080303.tar.gz go-tangerine-d3441ebb563439bac0837d70591f92e2c6080303.tar.zst go-tangerine-d3441ebb563439bac0837d70591f92e2c6080303.zip |
cmd/clef, signer: security fixes (#17554)
* signer: remove local path disclosure from extapi
* signer: show more data in cli ui
* rpc: make http server forward UA and Origin via Context
* signer, clef/core: ui changes + display UA and Origin
* signer: cliui - indicate less trust in remote headers, see https://github.com/ethereum/go-ethereum/issues/17637
* signer: prevent possibility swap KV-entries in aes_gcm storage, fixes #17635
* signer: remove ecrecover from external API
* signer,clef: default reject instead of warn + valideate new passwords. fixes #17632 and #17631
* signer: check calldata length even if no ABI signature is present
* signer: fix failing testcase
* clef: remove account import from external api
* signer: allow space in passwords, improve error messsage
* signer/storage: fix typos
Diffstat (limited to 'signer/storage/aes_gcm_storage_test.go')
-rw-r--r-- | signer/storage/aes_gcm_storage_test.go | 53 |
1 files changed, 51 insertions, 2 deletions
diff --git a/signer/storage/aes_gcm_storage_test.go b/signer/storage/aes_gcm_storage_test.go index 77804905a..a421a8449 100644 --- a/signer/storage/aes_gcm_storage_test.go +++ b/signer/storage/aes_gcm_storage_test.go @@ -18,6 +18,7 @@ package storage import ( "bytes" + "encoding/json" "fmt" "io/ioutil" "testing" @@ -33,13 +34,13 @@ func TestEncryption(t *testing.T) { key := []byte("AES256Key-32Characters1234567890") plaintext := []byte("exampleplaintext") - c, iv, err := encrypt(key, plaintext) + c, iv, err := encrypt(key, plaintext, nil) if err != nil { t.Fatal(err) } fmt.Printf("Ciphertext %x, nonce %x\n", c, iv) - p, err := decrypt(key, iv, c) + p, err := decrypt(key, iv, c, nil) if err != nil { t.Fatal(err) } @@ -113,3 +114,51 @@ func TestEnd2End(t *testing.T) { t.Errorf("Expected bazonk->foobar, got '%v'", v) } } + +func TestSwappedKeys(t *testing.T) { + // It should not be possible to swap the keys/values, so that + // K1:V1, K2:V2 can be swapped into K1:V2, K2:V1 + log.Root().SetHandler(log.LvlFilterHandler(log.Lvl(3), log.StreamHandler(colorable.NewColorableStderr(), log.TerminalFormat(true)))) + + d, err := ioutil.TempDir("", "eth-encrypted-storage-test") + if err != nil { + t.Fatal(err) + } + + s1 := &AESEncryptedStorage{ + filename: fmt.Sprintf("%v/vault.json", d), + key: []byte("AES256Key-32Characters1234567890"), + } + s1.Put("k1", "v1") + s1.Put("k2", "v2") + // Now make a modified copy + + creds := make(map[string]storedCredential) + raw, err := ioutil.ReadFile(s1.filename) + if err != nil { + t.Fatal(err) + } + if err = json.Unmarshal(raw, &creds); err != nil { + t.Fatal(err) + } + swap := func() { + // Turn it into K1:V2, K2:V2 + v1, v2 := creds["k1"], creds["k2"] + creds["k2"], creds["k1"] = v1, v2 + raw, err = json.Marshal(creds) + if err != nil { + t.Fatal(err) + } + if err = ioutil.WriteFile(s1.filename, raw, 0600); err != nil { + t.Fatal(err) + } + } + swap() + if v := s1.Get("k1"); v != "" { + t.Errorf("swapped value should return empty") + } + swap() + if v := s1.Get("k1"); v != "v1" { + t.Errorf("double-swapped value should work fine") + } +} |