gPass

gPass Commit Details

Date:2017-04-17 20:37:26 (2 years 6 months ago)
Author:Grégory Soutadé
Branch:master
Commit:136920404def25a8fbfae7d6529a3fc54c8acc91
Parents: ef82f2640f25145b6f269c79c7e88b08b9b544d9
Message:Add (QUnit) server tests

Changes:
Cserver/ref/gpass.bdd → server/tests/users/test-v7/gpass.bdd.init
Cserver/ref/index.php → server/tests/users/test-v7/index.php
Aserver/tests/test.js (full)
Aserver/tests/tests.html (full)

File differences

server/tests/test.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
server_url = "https://gpass.soutade.fr";
current_user = "test-v7";
pbkdf2_level = 1000;
CRYPTO_V1_COMPATIBLE = 1;
use_shadow_logins = false;
/*
Must contains :
URL login password masterkey
-----------------------------------------------------------------
v7 format
test test test test
test2 test2 test2 test2 (+shadow login)
test16 test16 testtesttesttest test16
test17 test17 testtesttesttestt test17
v8 format
testv8 testv8 testv8 testv8
testv8_2 testv8_2 testv8_2 testv8_2 (+shadow login)
testv8_16 testv8_16 testtesttesttest testv8_16
testv8_17 testv8_17 testtesttesttestt testv8_17
We assume shadow logins are enabled in server side
*/
function alert(a) {}
function nb_unciphered_passwords(passwords)
{
var nb_unciphered = 0;
for(i=0;i<passwords.length; i++)
{
if (passwords[i].unciphered)
nb_unciphered++;
}
return nb_unciphered;
}
function find_password(passwords, login)
{
for(i=0; i<passwords.length; i++)
{
if (passwords[i].clear_login == login)
return passwords[i];
}
return null;
}
async function decrypt_passwords(passwords, masterkey)
{
var nb_unciphered = 0;
for(nb_unciphered = 0, i=0;i<passwords.length; i++)
{
res = await passwords[i].decrypt(current_mkey);
if (res == true)
nb_unciphered++;
}
return nb_unciphered;
}
QUnit.test( "Testbench", async function( assert ) {
assert.ok( passwords == null, "Initial passwords null" );
list_all_entries(current_user);
assert.ok( passwords != null, "Retrieved passwords" );
assert.equal( passwords.length, 8, "8 passwords retrieved" );
var shadow_logins = 0;
for(i=0;i<passwords.length; i++)
if (passwords[i].shadow_login.length)
shadow_logins++;
assert.ok( shadow_logins == 2, "2 shadow logins" );
current_mkey = derive_mkey(current_user, "test");
var nb_unciphered = await decrypt_passwords(passwords, current_user);
assert.equal( nb_unciphered, 1, "test #1 decrypted" );
await get_ciphered_credentials(current_mkey);
res = nb_unciphered_passwords(passwords);
assert.equal(res, 1, "No more passwords unciphered with shadow logins");
current_mkey = derive_mkey(current_user, "test2");
// Get ciphered credentials for "test2"
await get_ciphered_credentials(current_mkey);
res = nb_unciphered_passwords(passwords);
nb_unciphered = await decrypt_passwords(passwords, current_user);
assert.equal(nb_unciphered, 1, "Shadow logins OK");
current_mkey = derive_mkey(current_user, "test16");
nb_unciphered = await decrypt_passwords(passwords, current_user);
assert.equal(nb_unciphered, 1, "Test16 OK");
current_mkey = derive_mkey(current_user, "test17");
nb_unciphered = await decrypt_passwords(passwords, current_user);
assert.equal(nb_unciphered, 1, "Test17 OK");
// V8
current_mkey = derive_mkey(current_user, "testv8");
nb_unciphered = await decrypt_passwords(passwords, current_user);
assert.equal(nb_unciphered, 1, "Testv8 OK");
current_mkey = derive_mkey(current_user, "testv8_2");
nb_unciphered = await decrypt_passwords(passwords, current_user);
assert.equal(nb_unciphered, 0, "Testv8_2 without shadow login");
await get_ciphered_credentials(current_mkey);
nb_unciphered = await decrypt_passwords(passwords, current_user);
assert.equal(nb_unciphered, 1, "Testv8_2 OK");
current_mkey = derive_mkey(current_user, "testv8_16");
nb_unciphered = await decrypt_passwords(passwords, current_user);
assert.equal(nb_unciphered, 1, "Testv8_16 OK");
current_mkey = derive_mkey(current_user, "testv8_17");
nb_unciphered = await decrypt_passwords(passwords, current_user);
assert.equal(nb_unciphered, 1, "Testv8_17 OK");
nb_unciphered = nb_unciphered_passwords(passwords);
assert.equal(nb_unciphered, 8, "All passwords unciphered");
password = find_password(passwords, "testv8");
var ok = remove_password_server(current_user, passwords[i].ciphered_login,
passwords[i].access_token);
assert.equal(ok, true, "Remove OK");
alert(passwords[i].ciphered_login);
ok = remove_password_server(current_user, passwords[i].ciphered_login,
passwords[i].access_token);
assert.equal(ok, true, "Double remove OK");
password = find_password(passwords, "testv8_2");
ok = remove_password_server(current_user, passwords[i].ciphered_login,
"");
assert.equal(ok, false, "Remove without access token OK");
ok = remove_password_server(current_user, passwords[i].ciphered_login,
"AAAAAAAAAAAAAAAA");
assert.equal(ok, false, "Remove Bad access token");
res = await construct_pentry(current_user, "testv8_new", "testv8_new", "testv8_new", "testv8_new", true).then(
function (pentry) {
if (pentry == null) return false;
return add_password_server(current_user, pentry);
});
assert.equal(res, false, "Add without access token OK");
use_shadow_logins = true;
res = await construct_pentry(current_user, "testv8_new", "testv8_new", "testv8_new", "testv8_new", true).then(
function (pentry) {
if (pentry == null) return false;
return add_password_server(current_user, pentry);
});
assert.equal(res, true, "Add with access token OK");
res = add_password_server(current_user, passwords[passwords.length-1]);
assert.equal(res, false, "Double add OK");
res = await construct_pentry(current_user, "testv8_new2", "testv8_new2", "testv8_new2", "testv8_new2", true).then(
function (pentry) {
if (pentry == null) return false;
pentry.shadow_login = "AAA";
return add_password_server(current_user, pentry);
});
assert.equal(res, false, "Add with truncated shadow login OK");
password = find_password(passwords, "test16");
ok = remove_password_server(current_user, password.ciphered_login,
password.access_token);
assert.equal(ok, true, "Remove v7");
password = find_password(passwords, "test16");
ok = remove_password_server(current_user, password.ciphered_login,
"AAAAAAAAAAAAAAAA");
assert.equal(ok, true, "Remove v7 bad access token");
});
QUnit.test( "Updated database", async function( assert ) {
passwords = null;
list_all_entries(current_user);
assert.ok( passwords != null, "Passed!" );
assert.equal( passwords.length, 7, "7 passwords retrieved" );
current_mkey = derive_mkey(current_user, "testv8");
var nb_unciphered = await decrypt_passwords(passwords, current_user);
assert.equal( nb_unciphered, 0, "Password removed" );
current_mkey = derive_mkey(current_user, "testv8_new");
await get_ciphered_credentials(current_mkey);
nb_unciphered = await decrypt_passwords(passwords, current_user);
assert.equal(nb_unciphered, 1, "Password added");
});
server/tests/tests.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width">
<title>QUnit Example</title>
<link rel="stylesheet" href="https://code.jquery.com/qunit/qunit-2.3.0.css">
</head>
<body>
<div id="qunit"></div>
<div id="qunit-fixture"></div>
<script src="https://code.jquery.com/qunit/qunit-2.3.0.js"></script>
<script src="../resources/misc.js"></script>
<script src="../resources/gpass.js"></script>
<script src="test.js"></script>
</body>
</html>
server/tests/users/test-v7/index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
<?php
/*
Copyright (C) 2013 Grégory Soutadé
This file is part of gPass.
gPass is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
gPass is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with gPass. If not, see <http://www.gnu.org/licenses/>.
*/
include "../../_user";
?>

Archive Download the corresponding diff file