blob: d534c57e4284bff0f25bcdc8ccf5e950e0965959 [file] [log] [blame]
Jean-Paul Calderonec7b3c892011-03-02 19:40:02 -05001# Copyright (C) Jean-Paul Calderone
2# See LICENSE for details.
3
Jean-Paul Calderone19555b92008-02-19 22:29:57 -05004import sys
Jonathan Giannuzzi99eff822014-03-23 22:48:41 +01005import datetime
Jean-Paul Calderone19555b92008-02-19 22:29:57 -05006
Jean-Paul Calderone8e37f762011-09-14 10:00:50 -04007from OpenSSL.crypto import (
Jonathan Giannuzzi99eff822014-03-23 22:48:41 +01008 FILETYPE_PEM, TYPE_DSA, Error, PKey, X509, load_privatekey, CRL, Revoked)
Jean-Paul Calderone19555b92008-02-19 22:29:57 -05009
Jean-Paul Calderone8e37f762011-09-14 10:00:50 -040010
11
12class BaseChecker(object):
Jean-Paul Calderone19555b92008-02-19 22:29:57 -050013 def __init__(self, iterations):
14 self.iterations = iterations
15
16
Jean-Paul Calderone8e37f762011-09-14 10:00:50 -040017
18class Checker_X509_get_pubkey(BaseChecker):
19 """
20 Leak checks for L{X509.get_pubkey}.
21 """
Jean-Paul Calderone19555b92008-02-19 22:29:57 -050022 def check_exception(self):
23 """
24 Call the method repeatedly such that it will raise an exception.
25 """
26 for i in xrange(self.iterations):
27 cert = X509()
28 try:
29 cert.get_pubkey()
30 except Error:
31 pass
32
33
34 def check_success(self):
35 """
36 Call the method repeatedly such that it will return a PKey object.
37 """
38 small = xrange(3)
39 for i in xrange(self.iterations):
40 key = PKey()
41 key.generate_key(TYPE_DSA, 256)
42 for i in small:
43 cert = X509()
44 cert.set_pubkey(key)
45 for i in small:
46 cert.get_pubkey()
47
48
Jean-Paul Calderone8e37f762011-09-14 10:00:50 -040049
50class Checker_load_privatekey(BaseChecker):
51 """
52 Leak checks for :py:obj:`load_privatekey`.
53 """
54 ENCRYPTED_PEM = """\
55-----BEGIN RSA PRIVATE KEY-----
56Proc-Type: 4,ENCRYPTED
57DEK-Info: BF-CBC,3763C340F9B5A1D0
58
59a/DO10mLjHLCAOG8/Hc5Lbuh3pfjvcTZiCexShP+tupkp0VxW2YbZjML8uoXrpA6
60fSPUo7cEC+r96GjV03ZIVhjmsxxesdWMpfkzXRpG8rUbWEW2KcCJWdSX8bEkuNW3
61uvAXdXZwiOrm56ANDo/48gj27GcLwnlA8ld39+ylAzkUJ1tcMVzzTjfcyd6BMFpR
62Yjg23ikseug6iWEsZQormdl0ITdYzmFpM+YYsG7kmmmi4UjCEYfb9zFaqJn+WZT2
63qXxmo2ZPFzmEVkuB46mf5GCqMwLRN2QTbIZX2+Dljj1Hfo5erf5jROewE/yzcTwO
64FCB5K3c2kkTv2KjcCAimjxkE+SBKfHg35W0wB0AWkXpVFO5W/TbHg4tqtkpt/KMn
65/MPnSxvYr/vEqYMfW4Y83c45iqK0Cyr2pwY60lcn8Kk=
66-----END RSA PRIVATE KEY-----
67"""
68 def check_load_privatekey_callback(self):
69 """
70 Call the function with an encrypted PEM and a passphrase callback.
71 """
72 for i in xrange(self.iterations * 10):
73 load_privatekey(
74 FILETYPE_PEM, self.ENCRYPTED_PEM, lambda *args: "hello, secret")
75
76
77 def check_load_privatekey_callback_incorrect(self):
78 """
79 Call the function with an encrypted PEM and a passphrase callback which
80 returns the wrong passphrase.
81 """
82 for i in xrange(self.iterations * 10):
83 try:
84 load_privatekey(
85 FILETYPE_PEM, self.ENCRYPTED_PEM,
86 lambda *args: "hello, public")
87 except Error:
88 pass
89
90
91 def check_load_privatekey_callback_wrong_type(self):
92 """
93 Call the function with an encrypted PEM and a passphrase callback which
94 returns a non-string.
95 """
96 for i in xrange(self.iterations * 10):
97 try:
98 load_privatekey(
99 FILETYPE_PEM, self.ENCRYPTED_PEM,
100 lambda *args: {})
Jean-Paul Calderone2a864f12011-09-14 11:10:29 -0400101 except ValueError:
Jean-Paul Calderone8e37f762011-09-14 10:00:50 -0400102 pass
103
104
Jonathan Giannuzzi99eff822014-03-23 22:48:41 +0100105
106class Checker_CRL_get_revoked(BaseChecker):
107 """
108 Leak checks for L{CRL.get_revoked}.
109 """
110 def check_get_revoked(self):
111 """
112 Create a CRL object with 1000 Revoked objects, then call the
113 get_revoked method repeatedly.
114 """
115 crl = CRL()
116 for serial in xrange(1000):
117 revoked = Revoked()
118 revoked.set_serial(str(serial))
119 revoked.set_rev_date(datetime.datetime.utcnow().strftime('%Y%m%d%H%M%SZ'))
120 crl.add_revoked(revoked)
121 for i in xrange(self.iterations):
122 crl.get_revoked()
123
124
125
Jean-Paul Calderone19555b92008-02-19 22:29:57 -0500126def vmsize():
127 return [x for x in file('/proc/self/status').readlines() if 'VmSize' in x]
128
129
130def main(iterations='1000'):
131 iterations = int(iterations)
132 for klass in globals():
133 if klass.startswith('Checker_'):
134 klass = globals()[klass]
135 print klass
136 checker = klass(iterations)
137 for meth in dir(checker):
138 if meth.startswith('check_'):
139 print '\t', meth, vmsize(), '...',
140 getattr(checker, meth)()
141 print vmsize()
142
143
144if __name__ == '__main__':
145 main(*sys.argv[1:])