View Javadoc
1   /*
2    * Copyright (C) 2015, Google Inc.
3    *
4    * This program and the accompanying materials are made available
5    * under the terms of the Eclipse Distribution License v1.0 which
6    * accompanies this distribution, is reproduced below, and is
7    * available at http://www.eclipse.org/org/documents/edl-v10.php
8    *
9    * All rights reserved.
10   *
11   * Redistribution and use in source and binary forms, with or
12   * without modification, are permitted provided that the following
13   * conditions are met:
14   *
15   * - Redistributions of source code must retain the above copyright
16   *	 notice, this list of conditions and the following disclaimer.
17   *
18   * - Redistributions in binary form must reproduce the above
19   *	 copyright notice, this list of conditions and the following
20   *	 disclaimer in the documentation and/or other materials provided
21   *	 with the distribution.
22   *
23   * - Neither the name of the Eclipse Foundation, Inc. nor the
24   *	 names of its contributors may be used to endorse or promote
25   *	 products derived from this software without specific prior
26   *	 written permission.
27   *
28   * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
29   * CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
30   * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
31   * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
32   * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
33   * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
34   * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
35   * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
36   * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
37   * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
38   * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
39   * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
40   * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
41   */
42  
43  package org.eclipse.jgit.transport;
44  
45  import static org.junit.Assert.assertEquals;
46  import static org.junit.Assert.assertNotEquals;
47  
48  import org.eclipse.jgit.internal.storage.dfs.DfsRepositoryDescription;
49  import org.eclipse.jgit.internal.storage.dfs.InMemoryRepository;
50  import org.eclipse.jgit.lib.Repository;
51  import org.eclipse.jgit.transport.PushCertificate.NonceStatus;
52  import org.junit.Before;
53  import org.junit.Test;
54  
55  /** Test for HMAC SHA-1 certificate verifier. */
56  public class HMACSHA1NonceGeneratorTest {
57  	private static final long TS = 1433954361;
58  
59  	private HMACSHA1NonceGenerator gen;
60  	private Repository db;
61  
62  	@Before
63  	public void setUp() {
64  		gen = new HMACSHA1NonceGenerator("sekret");
65  		db = new InMemoryRepository(new DfsRepositoryDescription("db"));
66  	}
67  
68  	@Test
69  	public void missing() throws Exception {
70  		assertEquals(NonceStatus.MISSING, gen.verify("", "1234", db, false, 0));
71  	}
72  
73  	@Test
74  	public void unsolicited() throws Exception {
75  		assertEquals(NonceStatus.UNSOLICITED, gen.verify("1234", "", db, false, 0));
76  	}
77  
78  	@Test
79  	public void invalidFormat() throws Exception {
80  		String sent = gen.createNonce(db, TS);
81  		int idx = sent.indexOf('-');
82  		String sig = sent.substring(idx, sent.length() - idx);
83  		assertEquals(NonceStatus.BAD,
84  				gen.verify(Long.toString(TS), sent, db, true, 100));
85  		assertEquals(NonceStatus.BAD, gen.verify(sig, sent, db, true, 100));
86  		assertEquals(NonceStatus.BAD, gen.verify("xxx-" + sig, sent, db, true, 100));
87  		assertEquals(NonceStatus.BAD, gen.verify(sent, "xxx-" + sig, db, true, 100));
88  	}
89  
90  	@Test
91  	public void slop() throws Exception {
92  		String sent = gen.createNonce(db, TS - 10);
93  		String received = gen.createNonce(db, TS);
94  		assertEquals(NonceStatus.BAD,
95  				gen.verify(received, sent, db, false, 0));
96  		assertEquals(NonceStatus.BAD,
97  				gen.verify(received, sent, db, false, 11));
98  		assertEquals(NonceStatus.SLOP,
99  				gen.verify(received, sent, db, true, 0));
100 		assertEquals(NonceStatus.SLOP,
101 				gen.verify(received, sent, db, true, 9));
102 		assertEquals(NonceStatus.OK,
103 				gen.verify(received, sent, db, true, 10));
104 		assertEquals(NonceStatus.OK,
105 				gen.verify(received, sent, db, true, 11));
106 	}
107 
108 	@Test
109 	public void ok() throws Exception {
110 		String sent = gen.createNonce(db, TS);
111 		assertEquals(NonceStatus.OK, gen.verify(sent, sent, db, false, 0));
112 	}
113 
114 	@Test
115 	public void signedByDifferentKey() throws Exception {
116 		HMACSHA1NonceGenerator other = new HMACSHA1NonceGenerator("other");
117 		String sent = gen.createNonce(db, TS);
118 		String received = other.createNonce(db, TS);
119 		assertNotEquals(received, sent);
120 		assertEquals(NonceStatus.BAD,
121 				gen.verify(received, sent, db, false, 0));
122 	}
123 
124 	@Test
125 	public void signedByDifferentKeyWithSlop() throws Exception {
126 		HMACSHA1NonceGenerator other = new HMACSHA1NonceGenerator("other");
127 		String sent = gen.createNonce(db, TS - 10);
128 		String received = other.createNonce(db, TS);
129 		assertEquals(NonceStatus.BAD, gen.verify(received, sent, db, true, 100));
130 	}
131 }