From: Casey Bodley Date: Mon, 21 Nov 2022 19:56:13 +0000 (-0500) Subject: test/aws_sigv4: test cases for content-sha256 X-Git-Tag: curl-7_87_0~110 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=fcf8f68546336e066c3151c0f932b65446038dbf;p=thirdparty%2Fcurl.git test/aws_sigv4: test cases for content-sha256 1956 adds the sha256 value corresponding to an empty buffer 1957 adds an arbitrary value and confirms that the signature differs from 1956 1958 adds whitespace to 1957 and confirms that the signature matches 1957 1959 adds a value longer than 'char sha_hex[65]' in Curl_output_aws_sigv4() Signed-off-by: Casey Bodley Closes #9804 --- diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc index 90c273aeaa..8d8d66e334 100644 --- a/tests/data/Makefile.inc +++ b/tests/data/Makefile.inc @@ -224,7 +224,7 @@ test1916 test1917 test1918 test1919 \ \ test1933 test1934 test1935 test1936 test1937 test1938 test1939 test1940 \ test1941 test1942 test1943 test1944 test1945 test1946 test1947 test1948 \ -test1955 \ +test1955 test1956 test1957 test1958 test1959 \ \ test2000 test2001 test2002 test2003 test2004 \ \ diff --git a/tests/data/test1955 b/tests/data/test1955 index 5ebbc54bc8..342b7b703c 100644 --- a/tests/data/test1955 +++ b/tests/data/test1955 @@ -43,14 +43,14 @@ CURL_FORCEHOST=1 -HTTP AWS_SIGV4 with X-Xxx-Content-Sha256 +HTTP AWS_SIGV4 without X-Xxx-Content-Sha256 lib%TESTNUMBER -http://exam.ple.com:9000/%TESTNUMBER/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPPORT +http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPPORT @@ -62,9 +62,9 @@ http://exam.ple.com:9000/%TESTNUMBER/testapi/test exam.ple.com:9000:%HOSTIP:%HTT ^Accept:.* -GET /%TESTNUMBER/testapi/test HTTP/1.1 +GET /aws_sigv4/testapi/test HTTP/1.1 Host: exam.ple.com:9000 -Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/ple/exam/xxx4_request, SignedHeaders=content-type;host;tesmixcase;test0;test1;test2;test_space;x-xxx-date, Signature=819251feec8de52dfaa992320241f23d27cefa979c93e039ae7df03ac486ed16 +Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/ple/exam/xxx4_request, SignedHeaders=content-type;host;tesmixcase;test0;test1;test2;test_space;x-xxx-date, Signature=779a8ff876528aece8bf03b1296702af0644a4745aa5feabb6ebb1a7bb0d907e X-Xxx-Date: 19700101T000000Z test2: 1234 test_space: t s m end diff --git a/tests/data/test1956 b/tests/data/test1956 new file mode 100644 index 0000000000..76aaa93abe --- /dev/null +++ b/tests/data/test1956 @@ -0,0 +1,73 @@ + + + +HTTP +CURLOPT_AWS_SIGV4 + + + +# Server-side + + +HTTP/1.1 302 OK +Date: Thu, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Type: text/html +Content-Length: 0 +Location: /%TESTNUMBER + + + +HTTP/1.1 200 OK +Date: Thu, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Type: text/html +Content-Length: 0 + + + + +# Client-side + + +http + +# this relies on the debug feature which allow to set the time + +SSL +debug +crypto + + +CURL_FORCEHOST=1 + + + +HTTP AWS_SIGV4 with X-Xxx-Content-Sha256 of empty payload + + +lib%TESTNUMBER + + + +http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPPORT + + + +# Verify data after the test has been "shot" + + +^User-Agent:.* +^Content-Type:.* +^Accept:.* + + +GET /aws_sigv4/testapi/test HTTP/1.1 +Host: exam.ple.com:9000 +Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/ple/exam/xxx4_request, SignedHeaders=content-type;host;x-xxx-content-sha256;x-xxx-date, Signature=dfe78c8846a9b7d65d1eb4c1d6ea7bc886650d03f3568088cb8d5b4c3778287f +X-Xxx-Date: 19700101T000000Z +X-Xxx-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 + + + + diff --git a/tests/data/test1957 b/tests/data/test1957 new file mode 100644 index 0000000000..add27db0ff --- /dev/null +++ b/tests/data/test1957 @@ -0,0 +1,73 @@ + + + +HTTP +CURLOPT_AWS_SIGV4 + + + +# Server-side + + +HTTP/1.1 302 OK +Date: Thu, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Type: text/html +Content-Length: 0 +Location: /%TESTNUMBER + + + +HTTP/1.1 200 OK +Date: Thu, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Type: text/html +Content-Length: 0 + + + + +# Client-side + + +http + +# this relies on the debug feature which allow to set the time + +SSL +debug +crypto + + +CURL_FORCEHOST=1 + + + +HTTP AWS_SIGV4 with X-Xxx-Content-Sha256 of arbitrary payload + + +lib%TESTNUMBER + + + +http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPPORT + + + +# Verify data after the test has been "shot" + + +^User-Agent:.* +^Content-Type:.* +^Accept:.* + + +GET /aws_sigv4/testapi/test HTTP/1.1 +Host: exam.ple.com:9000 +Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/ple/exam/xxx4_request, SignedHeaders=content-type;host;x-xxx-content-sha256;x-xxx-date, Signature=25b4cac711ea8f65010c485d3778885f5f3870d0b8ff0b3ab58a8d7eeab991ff +X-Xxx-Date: 19700101T000000Z +X-Xxx-Content-Sha256: arbitrary + + + + diff --git a/tests/data/test1958 b/tests/data/test1958 new file mode 100644 index 0000000000..c54b17962e --- /dev/null +++ b/tests/data/test1958 @@ -0,0 +1,73 @@ + + + +HTTP +CURLOPT_AWS_SIGV4 + + + +# Server-side + + +HTTP/1.1 302 OK +Date: Thu, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Type: text/html +Content-Length: 0 +Location: /%TESTNUMBER + + + +HTTP/1.1 200 OK +Date: Thu, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Type: text/html +Content-Length: 0 + + + + +# Client-side + + +http + +# this relies on the debug feature which allow to set the time + +SSL +debug +crypto + + +CURL_FORCEHOST=1 + + + +HTTP AWS_SIGV4 with X-Xxx-Content-Sha256 of arbitrary payload with whitespace + + +lib%TESTNUMBER + + + +http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPPORT + + + +# Verify data after the test has been "shot" + + +^User-Agent:.* +^Content-Type:.* +^Accept:.* + + +GET /aws_sigv4/testapi/test HTTP/1.1 +Host: exam.ple.com:9000 +Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/ple/exam/xxx4_request, SignedHeaders=content-type;host;x-xxx-content-sha256;x-xxx-date, Signature=25b4cac711ea8f65010c485d3778885f5f3870d0b8ff0b3ab58a8d7eeab991ff +X-Xxx-Date: 19700101T000000Z +X-Xxx-Content-Sha256: arbitrary + + + + diff --git a/tests/data/test1959 b/tests/data/test1959 new file mode 100644 index 0000000000..2be813b080 --- /dev/null +++ b/tests/data/test1959 @@ -0,0 +1,73 @@ + + + +HTTP +CURLOPT_AWS_SIGV4 + + + +# Server-side + + +HTTP/1.1 302 OK +Date: Thu, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Type: text/html +Content-Length: 0 +Location: /%TESTNUMBER + + + +HTTP/1.1 200 OK +Date: Thu, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Type: text/html +Content-Length: 0 + + + + +# Client-side + + +http + +# this relies on the debug feature which allow to set the time + +SSL +debug +crypto + + +CURL_FORCEHOST=1 + + + +HTTP AWS_SIGV4 with long value for X-Xxx-Content-Sha256 + + +lib%TESTNUMBER + + + +http://exam.ple.com:9000/aws_sigv4/testapi/test exam.ple.com:9000:%HOSTIP:%HTTPPORT + + + +# Verify data after the test has been "shot" + + +^User-Agent:.* +^Content-Type:.* +^Accept:.* + + +GET /aws_sigv4/testapi/test HTTP/1.1 +Host: exam.ple.com:9000 +Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/ple/exam/xxx4_request, SignedHeaders=content-type;host;x-xxx-content-sha256;x-xxx-date, Signature=7b343a4aa55d73ffc05005d84480bc705a3367373ed8cae1a1c0fbd2b3aa0483 +X-Xxx-Date: 19700101T000000Z +X-Xxx-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 + + + + diff --git a/tests/libtest/Makefile.inc b/tests/libtest/Makefile.inc index 04f24ab849..4681a982a4 100644 --- a/tests/libtest/Makefile.inc +++ b/tests/libtest/Makefile.inc @@ -68,7 +68,7 @@ noinst_PROGRAMS = chkhostname libauthretry libntlmconnect \ lib1905 lib1906 lib1907 lib1908 lib1910 lib1911 lib1912 lib1913 \ lib1915 lib1916 lib1917 lib1918 lib1919 \ lib1933 lib1934 lib1935 lib1936 lib1937 lib1938 lib1939 lib1940 \ - lib1945 lib1946 lib1947 lib1948 lib1955 \ + lib1945 lib1946 lib1947 lib1948 lib1955 lib1956 lib1957 lib1958 lib1959 \ lib2301 lib2302 \ lib3010 lib3025 lib3026 lib3027 \ lib3100 lib3101 @@ -773,6 +773,22 @@ lib1955_SOURCES = lib1955.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS) lib1955_LDADD = $(TESTUTIL_LIBS) lib1955_CPPFLAGS = $(AM_CPPFLAGS) +lib1956_SOURCES = lib1956.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS) +lib1956_LDADD = $(TESTUTIL_LIBS) +lib1956_CPPFLAGS = $(AM_CPPFLAGS) + +lib1957_SOURCES = lib1957.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS) +lib1957_LDADD = $(TESTUTIL_LIBS) +lib1957_CPPFLAGS = $(AM_CPPFLAGS) + +lib1958_SOURCES = lib1958.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS) +lib1958_LDADD = $(TESTUTIL_LIBS) +lib1958_CPPFLAGS = $(AM_CPPFLAGS) + +lib1959_SOURCES = lib1959.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS) +lib1959_LDADD = $(TESTUTIL_LIBS) +lib1959_CPPFLAGS = $(AM_CPPFLAGS) + lib2301_SOURCES = lib2301.c $(SUPPORTFILES) lib2301_LDADD = $(TESTUTIL_LIBS) diff --git a/tests/libtest/lib1956.c b/tests/libtest/lib1956.c new file mode 100644 index 0000000000..319fb5f7d6 --- /dev/null +++ b/tests/libtest/lib1956.c @@ -0,0 +1,73 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 1998 - 2022, Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + * SPDX-License-Identifier: curl + * + ***************************************************************************/ +#include "test.h" + +#include "memdebug.h" + +int test(char *URL) +{ + CURL *curl; + CURLcode res = TEST_ERR_MAJOR_BAD; + struct curl_slist *list = NULL; + struct curl_slist *connect_to = NULL; + + if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) { + fprintf(stderr, "curl_global_init() failed\n"); + return TEST_ERR_MAJOR_BAD; + } + + curl = curl_easy_init(); + if(!curl) { + fprintf(stderr, "curl_easy_init() failed\n"); + curl_global_cleanup(); + return TEST_ERR_MAJOR_BAD; + } + + test_setopt(curl, CURLOPT_VERBOSE, 1L); + test_setopt(curl, CURLOPT_AWS_SIGV4, "xxx"); + test_setopt(curl, CURLOPT_USERPWD, "xxx"); + test_setopt(curl, CURLOPT_HEADER, 0L); + test_setopt(curl, CURLOPT_URL, URL); + list = curl_slist_append(list, "Content-Type: application/json"); + if(!list) + goto test_cleanup; + if(libtest_arg2) { + connect_to = curl_slist_append(connect_to, libtest_arg2); + } + test_setopt(curl, CURLOPT_CONNECT_TO, connect_to); + curl_slist_append(list, "X-Xxx-Content-Sha256: " + "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"); + test_setopt(curl, CURLOPT_HTTPHEADER, list); + + res = curl_easy_perform(curl); + +test_cleanup: + + curl_slist_free_all(connect_to); + curl_slist_free_all(list); + curl_easy_cleanup(curl); + curl_global_cleanup(); + + return res; +} diff --git a/tests/libtest/lib1957.c b/tests/libtest/lib1957.c new file mode 100644 index 0000000000..34dca23fff --- /dev/null +++ b/tests/libtest/lib1957.c @@ -0,0 +1,72 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 1998 - 2022, Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + * SPDX-License-Identifier: curl + * + ***************************************************************************/ +#include "test.h" + +#include "memdebug.h" + +int test(char *URL) +{ + CURL *curl; + CURLcode res = TEST_ERR_MAJOR_BAD; + struct curl_slist *list = NULL; + struct curl_slist *connect_to = NULL; + + if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) { + fprintf(stderr, "curl_global_init() failed\n"); + return TEST_ERR_MAJOR_BAD; + } + + curl = curl_easy_init(); + if(!curl) { + fprintf(stderr, "curl_easy_init() failed\n"); + curl_global_cleanup(); + return TEST_ERR_MAJOR_BAD; + } + + test_setopt(curl, CURLOPT_VERBOSE, 1L); + test_setopt(curl, CURLOPT_AWS_SIGV4, "xxx"); + test_setopt(curl, CURLOPT_USERPWD, "xxx"); + test_setopt(curl, CURLOPT_HEADER, 0L); + test_setopt(curl, CURLOPT_URL, URL); + list = curl_slist_append(list, "Content-Type: application/json"); + if(!list) + goto test_cleanup; + if(libtest_arg2) { + connect_to = curl_slist_append(connect_to, libtest_arg2); + } + test_setopt(curl, CURLOPT_CONNECT_TO, connect_to); + curl_slist_append(list, "X-Xxx-Content-Sha256: arbitrary"); + test_setopt(curl, CURLOPT_HTTPHEADER, list); + + res = curl_easy_perform(curl); + +test_cleanup: + + curl_slist_free_all(connect_to); + curl_slist_free_all(list); + curl_easy_cleanup(curl); + curl_global_cleanup(); + + return res; +} diff --git a/tests/libtest/lib1958.c b/tests/libtest/lib1958.c new file mode 100644 index 0000000000..aecc68b7af --- /dev/null +++ b/tests/libtest/lib1958.c @@ -0,0 +1,72 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 1998 - 2022, Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + * SPDX-License-Identifier: curl + * + ***************************************************************************/ +#include "test.h" + +#include "memdebug.h" + +int test(char *URL) +{ + CURL *curl; + CURLcode res = TEST_ERR_MAJOR_BAD; + struct curl_slist *list = NULL; + struct curl_slist *connect_to = NULL; + + if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) { + fprintf(stderr, "curl_global_init() failed\n"); + return TEST_ERR_MAJOR_BAD; + } + + curl = curl_easy_init(); + if(!curl) { + fprintf(stderr, "curl_easy_init() failed\n"); + curl_global_cleanup(); + return TEST_ERR_MAJOR_BAD; + } + + test_setopt(curl, CURLOPT_VERBOSE, 1L); + test_setopt(curl, CURLOPT_AWS_SIGV4, "xxx"); + test_setopt(curl, CURLOPT_USERPWD, "xxx"); + test_setopt(curl, CURLOPT_HEADER, 0L); + test_setopt(curl, CURLOPT_URL, URL); + list = curl_slist_append(list, "Content-Type: application/json"); + if(!list) + goto test_cleanup; + if(libtest_arg2) { + connect_to = curl_slist_append(connect_to, libtest_arg2); + } + test_setopt(curl, CURLOPT_CONNECT_TO, connect_to); + curl_slist_append(list, "X-Xxx-Content-Sha256: \tarbitrary "); + test_setopt(curl, CURLOPT_HTTPHEADER, list); + + res = curl_easy_perform(curl); + +test_cleanup: + + curl_slist_free_all(connect_to); + curl_slist_free_all(list); + curl_easy_cleanup(curl); + curl_global_cleanup(); + + return res; +} diff --git a/tests/libtest/lib1959.c b/tests/libtest/lib1959.c new file mode 100644 index 0000000000..ee25846363 --- /dev/null +++ b/tests/libtest/lib1959.c @@ -0,0 +1,74 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 1998 - 2022, Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + * SPDX-License-Identifier: curl + * + ***************************************************************************/ +#include "test.h" + +#include "memdebug.h" + +int test(char *URL) +{ + CURL *curl; + CURLcode res = TEST_ERR_MAJOR_BAD; + struct curl_slist *list = NULL; + struct curl_slist *connect_to = NULL; + + if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) { + fprintf(stderr, "curl_global_init() failed\n"); + return TEST_ERR_MAJOR_BAD; + } + + curl = curl_easy_init(); + if(!curl) { + fprintf(stderr, "curl_easy_init() failed\n"); + curl_global_cleanup(); + return TEST_ERR_MAJOR_BAD; + } + + test_setopt(curl, CURLOPT_VERBOSE, 1L); + test_setopt(curl, CURLOPT_AWS_SIGV4, "xxx"); + test_setopt(curl, CURLOPT_USERPWD, "xxx"); + test_setopt(curl, CURLOPT_HEADER, 0L); + test_setopt(curl, CURLOPT_URL, URL); + list = curl_slist_append(list, "Content-Type: application/json"); + if(!list) + goto test_cleanup; + if(libtest_arg2) { + connect_to = curl_slist_append(connect_to, libtest_arg2); + } + test_setopt(curl, CURLOPT_CONNECT_TO, connect_to); + curl_slist_append(list, "X-Xxx-Content-Sha256: " + "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" + "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"); + test_setopt(curl, CURLOPT_HTTPHEADER, list); + + res = curl_easy_perform(curl); + +test_cleanup: + + curl_slist_free_all(connect_to); + curl_slist_free_all(list); + curl_easy_cleanup(curl); + curl_global_cleanup(); + + return res; +}