Merge branch 'feature/fix_deps' into develop

2023-08-18 22:25:01 +02:00 · 2023-08-18 22:25:01 +02:00 · 12ccf169ac
parent 743915a30b c66bc0ecb5
commit 12ccf169ac
5 changed files with 43 additions and 32 deletions
--- a/14
+++ b/14
@ -21,6 +21,9 @@ run_test_file = env \

 all: test

+clean:
+	rm -rf target/*
+
 test: test-env
 	${run_test_file} ${ROOT_DIR}/test/aes.utest.lua
 	${run_test_file} ${ROOT_DIR}/test/random.utest.lua
@ -52,7 +55,7 @@ test: test-env
 	${run_test_file} ${ROOT_DIR}/test/portal4.ctest.lua
 	${run_test_file} ${ROOT_DIR}/test/portal5.ctest.lua

-test-env: run-env target/dist/etc/nginx/ssso ${lua_cmods}/bit32.so ${lua_cmods}/cjson.so ${lua_mods}/resty/easy-crypto.lua ${lua_mods}/luaunit.lua
+test-env: run-env target/dist/etc/nginx/ssso ${lua_mods}/base64.lua ${lua_cmods}/bit32.so ${lua_cmods}/cjson.so ${lua_cmods}/luagcrypt.so ${lua_mods}/luaunit.lua

 target/dist/etc/nginx/ssso: src test/global.json test/login test/portal test/sites
 	rm -rf target/dist/etc/nginx/ssso; \
@ -82,14 +85,17 @@ ${lua_root}/bin/luarocks: target/src/luarocks/luarocks-${luarocks_version}.tar.g
 		make install \
 	)

+${lua_mods}/base64.lua: ${lua_root}/bin/luarocks
+	${lua_root}/bin/luarocks install base64
+
 ${lua_cmods}/bit32.so: ${lua_root}/bin/luarocks
 	${lua_root}/bin/luarocks install bit32

 ${lua_cmods}/cjson.so: ${lua_root}/bin/luarocks
 	${lua_root}/bin/luarocks install lua-cjson

-${lua_mods}/resty/easy-crypto.lua: ${lua_root}/bin/luarocks
-	${lua_root}/bin/luarocks install lua-easy-crypto
+${lua_cmods}/luagcrypt.so: ${lua_root}/bin/luarocks
+	${lua_root}/bin/luarocks install luagcrypt

 ${lua_mods}/luaunit.lua: ${lua_root}/bin/luarocks
 	${lua_root}/bin/luarocks install luaunit
@ -102,4 +108,4 @@ target/src/luarocks/luarocks-${luarocks_version}.tar.gz:
 	mkdir -p target/src/luarocks; \
 	curl -so target/src/luarocks/luarocks-${luarocks_version}.tar.gz "${luarocks_src}"

-.PHONY: all run-env test-env test
+.PHONY: all clean run-env test-env test
--- a/test/aes.utest.lua
+++ b/test/aes.utest.lua
@ -2,10 +2,12 @@ local lu = require("luaunit")
 local aes = require("resty.openssl.cipher")

 function test_aes()
+  local key1 = "0a123456789a123456789a1234567890"
+  local key2 = "0b123456789b123456789b1234567890"
  local aes1 = aes.new(nil)
  local aes2 = aes.new(nil)
-  local enc1 = assert(aes1:encrypt("a", nil, "test", nil, nil))
-  local enc2 = assert(aes2:encrypt("b", nil, "other", nil, nil))
+  local enc1 = assert(aes1:encrypt(key1, "iv", "test", nil, "test"))
+  local enc2 = assert(aes2:encrypt(key2, "iv", "other", nil, "test"))
  local tag1 = aes1:get_aead_tag()
  local tag2 = aes2:get_aead_tag()
  local aes3 = aes.new(nil)
@ -16,8 +18,8 @@ function test_aes()
  lu.assertNotEquals(enc2, "other")
  lu.assertNotEquals(enc1 .. tag1, "test")
  lu.assertNotEquals(enc2 .. tag2, "other")
-  lu.assertEquals(aes3:decrypt("a", nil, enc1, nil, nil, tag1), "test")
-  lu.assertEquals(aes4:decrypt("b", nil, enc2, nil, nil, tag2), "other")
+  lu.assertEquals(aes3:decrypt(key1, "iv", enc1, nil, "test", tag1), "test")
+  lu.assertEquals(aes4:decrypt(key2, "iv", enc2, nil, "test", tag2), "other")
 end

 os.exit(lu.LuaUnit.run())
--- a/test/alt/resty/openssl/cipher.lua
+++ b/test/alt/resty/openssl/cipher.lua
@ -1,30 +1,30 @@
-local real_aes = require("resty.easy-crypto")
+local gcrypt = require("luagcrypt")

 local function new(_)
  local fake_instance = {}

-  function fake_instance:encrypt(key, _, data, _, _)
-    local aes = real_aes:new({
-      saltSize = 16,
-      ivSize = 12,
-      iterationCount = 2,
-    })
-    local encrypted = assert(aes:encrypt(key, data))
-    self.tag = encrypted:sub(-16)
-    return encrypted:sub(1, -17), nil
+  function fake_instance:encrypt(key, iv, data, _, auth)
+    local cipher = gcrypt.Cipher(gcrypt.CIPHER_AES256, gcrypt.CIPHER_MODE_GCM)
+    cipher:setkey(key)
+    cipher:setiv(iv)
+    cipher:authenticate(auth)
+    local encrypted = assert(cipher:encrypt(data))
+    self.tag = cipher:gettag()
+    return encrypted, nil
  end

  function fake_instance:get_aead_tag()
    return self.tag
  end

-  function fake_instance:decrypt(key, _, data, _, _, tag)
-    local aes = real_aes:new({
-      saltSize = 16,
-      ivSize = 12,
-      iterationCount = 2,
-    })
-    return aes:decrypt(key, data .. tag)
+  function fake_instance:decrypt(key, iv, data, _, auth, tag)
+    local cipher = gcrypt.Cipher(gcrypt.CIPHER_AES256, gcrypt.CIPHER_MODE_GCM)
+    cipher:setkey(key)
+    cipher:setiv(iv)
+    cipher:authenticate(auth)
+    local decrypted = assert(cipher:decrypt(data))
+    cipher:checktag(tag)
+    return decrypted
  end

  return fake_instance
--- a/test/alt/resty/random.lua
+++ b/test/alt/resty/random.lua
@ -1,7 +1,9 @@
-local ssl_rand = require("openssl.rand")
-
 local function bytes(count, _)
-  return ssl_rand.bytes(count)
+  local b = ""
+  for i = 1, count do
+    b = b .. string.char(math.random(0, 255))
+  end
+  return b
 end

 return {
--- a/test/alt/resty/sha256.lua
+++ b/test/alt/resty/sha256.lua
@ -1,17 +1,18 @@
-local real_sha = require("bgcrypto.sha256")
+local gcrypt = require("luagcrypt")
 local sha_proxy = {}

 function sha_proxy:new()
  local fake_instance = {
-    data = "",
+    sha = gcrypt.Hash(gcrypt.MD_SHA256),
  }

  function fake_instance:update(data)
-    self.data = self.data .. data
+    self.sha:write(data)
  end

  function fake_instance:final()
-    return real_sha.digest(self.data, true)
+    local str = self.sha:read(gcrypt.MD_SHA256)
+    return (str:gsub(".", function(char) return string.format("%02x", char:byte()) end))
  end

  return fake_instance