keepassxc/tests/TestTools.cpp

275 lines
12 KiB
C++
Raw Permalink Normal View History

/*
Passkeys improvements (#10318) Refactors the Passkey implementation to include more checks and a structure that is more aligned with the official specification. Notable changes: - _BrowserService_ no longer does the checks by itself. A new class _BrowserPasskeysClient_ constructs the relevant objects, acting as a client. _BrowserService_ only acts as a bridge between the client and _BrowserPasskeys_ (authenticator) and calls the relevant popups for user interaction. - A new helper class _PasskeyUtils_ includes the actual checks and parses the objects. - _BrowserPasskeys_ is pretty much intact, but some functions have been moved to PasskeyUtils. - Fixes Ed25519 encoding in _BrowserCBOR_. - Adds new error messages. - User confirmation for Passkey retrieval is also asked even if `discouraged` is used. This goes against the specification, but currently there's no other way to verify the user. - `cross-platform` is also accepted for compatibility. This could be removed if there's a potential issue with it. - Extension data is now handled correctly during Authentication. - Allowed and excluded credentials are now handled correctly. - `KPEX_PASSKEY_GENERATED_USER_ID` is renamed to `KPEX_PASSKEY_CREDENTIAL_ID` - Adds a new option "Allow localhost with Passkeys" to Browser Integration -> Advanced tab. By default it's not allowed to access HTTP sites, but `http://localhost` can be allowed for debugging and testing purposes for local servers. - Add tag `Passkey` to a Passkey entry, or an entry with an imported Passkey. Fixes #10287.
2024-03-06 07:42:01 -05:00
* Copyright (C) 2024 KeePassXC Team <team@keepassxc.org>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 2 or (at your option)
* version 3 of the License.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "TestTools.h"
#include "core/Clock.h"
#include <QRegularExpression>
#include <QTest>
Fix syntax issue & add a missing header (#7160) * Fix syntax to prevent compilation issue Fix build failure with AppleClang 7 & 8. Error was: src/core/CustomData.cpp:30:41: error: default initialization of an object of const type 'const CustomData::CustomDataItem' without a user-provided default constructor static const CustomData::CustomDataItem NULL_ITEM; ^ {} src/core/Metadata.cpp:32:39: error: default initialization of an object of const type 'const Metadata::CustomIconData' without a user-provided default constructor static const Metadata::CustomIconData NULL_ICON; ^ src/core/Metadata.cpp:32:48: note: add an explicit initializer to initialize 'NULL_ICON' static const Metadata::CustomIconData NULL_ICON; ^ {} * Add missing QUuid header Fixes this compilation issue with LLVM clang 9, possibly also due to an old QT5 tests/TestTools.cpp:96:39: error: incomplete type 'QUuid' named in nested name specifier auto validUuid = Tools::uuidToHex(QUuid::createUuid()); ^~~~~~~ /opt/local/libexec/qt5/lib/QtCore.framework/Headers/qmetatype.h:1887:1: note: forward declaration of 'QUuid' QT_FOR_EACH_STATIC_CORE_CLASS(QT_FORWARD_DECLARE_STATIC_TYPES_ITER) ^ /opt/local/libexec/qt5/lib/QtCore.framework/Headers/qmetatype.h:108:18: note: expanded from macro 'QT_FOR_EACH_STATIC_CORE_CLASS' F(QUuid, 30, QUuid) \ ^ tests/TestTools.cpp:101:40: error: incomplete type 'QUuid' named in nested name specifier auto nonHexUuid = Tools::uuidToHex(QUuid::createUuid()).replace(0, 1, 'p'); ^~~~~~~ /opt/local/libexec/qt5/lib/QtCore.framework/Headers/qmetatype.h:1887:1: note: forward declaration of 'QUuid' QT_FOR_EACH_STATIC_CORE_CLASS(QT_FORWARD_DECLARE_STATIC_TYPES_ITER) ^ /opt/local/libexec/qt5/lib/QtCore.framework/Headers/qmetatype.h:108:18: note: expanded from macro 'QT_FOR_EACH_STATIC_CORE_CLASS' F(QUuid, 30, QUuid) \ ^
2021-11-24 22:36:31 -05:00
#include <QUuid>
QTEST_GUILESS_MAIN(TestTools)
namespace
{
QString createDecimal(QString wholes, QString fractions, QString unit)
{
return wholes + QLocale().decimalPoint() + fractions + " " + unit;
}
} // namespace
void TestTools::testHumanReadableFileSize()
{
constexpr auto kibibyte = 1024u;
using namespace Tools;
QCOMPARE(QString("1 B"), humanReadableFileSize(1));
QCOMPARE(createDecimal("1", "00", "KiB"), humanReadableFileSize(kibibyte));
QCOMPARE(createDecimal("1", "00", "MiB"), humanReadableFileSize(kibibyte * kibibyte));
QCOMPARE(createDecimal("1", "00", "GiB"), humanReadableFileSize(kibibyte * kibibyte * kibibyte));
QCOMPARE(QString("100 B"), humanReadableFileSize(100, 0));
QCOMPARE(createDecimal("1", "10", "KiB"), humanReadableFileSize(kibibyte + 100));
QCOMPARE(createDecimal("1", "001", "KiB"), humanReadableFileSize(kibibyte + 1, 3));
QCOMPARE(createDecimal("15", "00", "KiB"), humanReadableFileSize(kibibyte * 15));
}
void TestTools::testIsHex()
{
QVERIFY(Tools::isHex("0123456789abcdefABCDEF"));
QVERIFY(!Tools::isHex(QByteArray("0xnothex")));
}
void TestTools::testIsBase64()
{
QVERIFY(Tools::isBase64(QByteArray("1234")));
QVERIFY(Tools::isBase64(QByteArray("123=")));
QVERIFY(Tools::isBase64(QByteArray("12==")));
QVERIFY(Tools::isBase64(QByteArray("abcd9876MN==")));
QVERIFY(Tools::isBase64(QByteArray("abcd9876DEFGhijkMNO=")));
QVERIFY(Tools::isBase64(QByteArray("abcd987/DEFGh+jk/NO=")));
QVERIFY(!Tools::isBase64(QByteArray("abcd123==")));
QVERIFY(!Tools::isBase64(QByteArray("abc_")));
QVERIFY(!Tools::isBase64(QByteArray("123")));
}
Passkeys improvements (#10318) Refactors the Passkey implementation to include more checks and a structure that is more aligned with the official specification. Notable changes: - _BrowserService_ no longer does the checks by itself. A new class _BrowserPasskeysClient_ constructs the relevant objects, acting as a client. _BrowserService_ only acts as a bridge between the client and _BrowserPasskeys_ (authenticator) and calls the relevant popups for user interaction. - A new helper class _PasskeyUtils_ includes the actual checks and parses the objects. - _BrowserPasskeys_ is pretty much intact, but some functions have been moved to PasskeyUtils. - Fixes Ed25519 encoding in _BrowserCBOR_. - Adds new error messages. - User confirmation for Passkey retrieval is also asked even if `discouraged` is used. This goes against the specification, but currently there's no other way to verify the user. - `cross-platform` is also accepted for compatibility. This could be removed if there's a potential issue with it. - Extension data is now handled correctly during Authentication. - Allowed and excluded credentials are now handled correctly. - `KPEX_PASSKEY_GENERATED_USER_ID` is renamed to `KPEX_PASSKEY_CREDENTIAL_ID` - Adds a new option "Allow localhost with Passkeys" to Browser Integration -> Advanced tab. By default it's not allowed to access HTTP sites, but `http://localhost` can be allowed for debugging and testing purposes for local servers. - Add tag `Passkey` to a Passkey entry, or an entry with an imported Passkey. Fixes #10287.
2024-03-06 07:42:01 -05:00
void TestTools::testIsAsciiString()
{
QVERIFY(Tools::isAsciiString("abcd9876DEFGhijkMNO"));
QVERIFY(Tools::isAsciiString("-!&5a?`~"));
QVERIFY(!Tools::isAsciiString("Štest"));
QVERIFY(!Tools::isAsciiString("Ãß"));
}
void TestTools::testEnvSubstitute()
{
QProcessEnvironment environment;
#if defined(Q_OS_WIN)
environment.insert("HOMEDRIVE", "C:");
environment.insert("HOMEPATH", "\\Users\\User");
environment.insert("USERPROFILE", "C:\\Users\\User");
QCOMPARE(Tools::envSubstitute("%HOMEDRIVE%%HOMEPATH%\\.ssh\\id_rsa", environment),
QString("C:\\Users\\User\\.ssh\\id_rsa"));
QCOMPARE(Tools::envSubstitute("start%EMPTY%%EMPTY%%%HOMEDRIVE%%end", environment), QString("start%C:%end"));
QCOMPARE(Tools::envSubstitute("%USERPROFILE%\\.ssh\\id_rsa", environment),
QString("C:\\Users\\User\\.ssh\\id_rsa"));
QCOMPARE(Tools::envSubstitute("~\\.ssh\\id_rsa", environment), QString("C:\\Users\\User\\.ssh\\id_rsa"));
#else
environment.insert("HOME", QString("/home/user"));
environment.insert("USER", QString("user"));
QCOMPARE(Tools::envSubstitute("~/.ssh/id_rsa", environment), QString("/home/user/.ssh/id_rsa"));
QCOMPARE(Tools::envSubstitute("$HOME/.ssh/id_rsa", environment), QString("/home/user/.ssh/id_rsa"));
QCOMPARE(Tools::envSubstitute("start/$EMPTY$$EMPTY$HOME/end", environment), QString("start/$/home/user/end"));
#endif
}
void TestTools::testValidUuid()
{
auto validUuid = Tools::uuidToHex(QUuid::createUuid());
auto nonRfc4122Uuid = "1234567890abcdef1234567890abcdef";
auto emptyUuid = QString();
auto shortUuid = validUuid.left(10);
auto longUuid = validUuid + "baddata";
auto nonHexUuid = Tools::uuidToHex(QUuid::createUuid()).replace(0, 1, 'p');
QVERIFY(Tools::isValidUuid(validUuid));
/* Before https://github.com/keepassxreboot/keepassxc/pull/1770/, entry
* UUIDs are simply random 16-byte strings. Such older entries should be
* accepted as well. */
QVERIFY(Tools::isValidUuid(nonRfc4122Uuid));
QVERIFY(!Tools::isValidUuid(emptyUuid));
QVERIFY(!Tools::isValidUuid(shortUuid));
QVERIFY(!Tools::isValidUuid(longUuid));
QVERIFY(!Tools::isValidUuid(nonHexUuid));
}
void TestTools::testBackupFilePatternSubstitution_data()
{
QTest::addColumn<QString>("pattern");
QTest::addColumn<QString>("dbFilePath");
QTest::addColumn<QString>("expectedSubstitution");
static const auto DEFAULT_DB_FILE_NAME = QStringLiteral("KeePassXC");
static const auto DEFAULT_DB_FILE_PATH = QStringLiteral("/tmp/") + DEFAULT_DB_FILE_NAME + QStringLiteral(".kdbx");
static const auto NOW = Clock::currentDateTime();
auto DEFAULT_FORMATTED_TIME = NOW.toString("dd_MM_yyyy_hh-mm-ss");
QTest::newRow("Null pattern") << QString() << DEFAULT_DB_FILE_PATH << QString();
QTest::newRow("Empty pattern") << QString("") << DEFAULT_DB_FILE_PATH << QString("");
QTest::newRow("Null database path") << "valid_pattern" << QString() << QString();
QTest::newRow("Empty database path") << "valid_pattern" << QString("") << QString();
QTest::newRow("Unclosed/invalid pattern") << "{DB_FILENAME" << DEFAULT_DB_FILE_PATH << "{DB_FILENAME";
QTest::newRow("Unknown pattern") << "{NO_MATCH}" << DEFAULT_DB_FILE_PATH << "{NO_MATCH}";
QTest::newRow("Do not replace escaped patterns (filename)")
<< "\\{DB_FILENAME\\}" << DEFAULT_DB_FILE_PATH << "{DB_FILENAME}";
QTest::newRow("Do not replace escaped patterns (time)")
<< "\\{TIME:dd.MM.yyyy\\}" << DEFAULT_DB_FILE_PATH << "{TIME:dd.MM.yyyy}";
QTest::newRow("Multiple patterns should be replaced")
<< "{DB_FILENAME} {TIME} {DB_FILENAME}" << DEFAULT_DB_FILE_PATH
<< DEFAULT_DB_FILE_NAME + QStringLiteral(" ") + DEFAULT_FORMATTED_TIME + QStringLiteral(" ")
+ DEFAULT_DB_FILE_NAME;
QTest::newRow("Default time pattern") << "{TIME}" << DEFAULT_DB_FILE_PATH << DEFAULT_FORMATTED_TIME;
QTest::newRow("Default time pattern (empty formatter)")
<< "{TIME:}" << DEFAULT_DB_FILE_PATH << DEFAULT_FORMATTED_TIME;
QTest::newRow("Custom time pattern") << "{TIME:dd-ss}" << DEFAULT_DB_FILE_PATH << NOW.toString("dd-ss");
QTest::newRow("Time pattern twice") << "{TIME:yy} {TIME}" << DEFAULT_DB_FILE_PATH
<< NOW.toString("yy") + QStringLiteral(" ") + DEFAULT_FORMATTED_TIME;
QTest::newRow("Complex custom time pattern")
<< "./{TIME:yy}/{DB_FILENAME}_{TIME:yyyyMMdd_HHmmss}.old.kdbx" << DEFAULT_DB_FILE_PATH
<< QStringLiteral("./") + NOW.toString("yy") + QStringLiteral("/") + DEFAULT_DB_FILE_NAME + QStringLiteral("_")
+ NOW.toString("yyyyMMdd_HHmmss") + QStringLiteral(".old.kdbx");
QTest::newRow("Invalid custom time pattern") << "{TIME:dd/-ss}" << DEFAULT_DB_FILE_PATH << NOW.toString("dd/-ss");
QTest::newRow("Recursive substitution") << "{TIME:'{TIME}'}" << DEFAULT_DB_FILE_PATH << DEFAULT_FORMATTED_TIME;
QTest::newRow("{DB_FILENAME} substitution")
<< "some {DB_FILENAME} thing" << DEFAULT_DB_FILE_PATH
<< QStringLiteral("some ") + DEFAULT_DB_FILE_NAME + QStringLiteral(" thing");
QTest::newRow("{DB_FILENAME} substitution with multiple extensions")
<< "some {DB_FILENAME} thing" << "/tmp/KeePassXC.kdbx.ext" << "some KeePassXC.kdbx thing";
// Not relevant right now, added test anyway
QTest::newRow("There should be no substitution loops")
<< "{DB_FILENAME}" << "{TIME:'{DB_FILENAME}'}.ext" << "{TIME:'{DB_FILENAME}'}";
}
void TestTools::testBackupFilePatternSubstitution()
{
QFETCH(QString, pattern);
QFETCH(QString, dbFilePath);
QFETCH(QString, expectedSubstitution);
QCOMPARE(Tools::substituteBackupFilePath(pattern, dbFilePath), expectedSubstitution);
}
void TestTools::testEscapeRegex_data()
{
QTest::addColumn<QString>("input");
QTest::addColumn<QString>("expected");
QString all_regular_characters = "0123456789";
for (char c = 'a'; c != 'z'; ++c) {
all_regular_characters += QChar::fromLatin1(c);
}
for (char c = 'A'; c != 'Z'; ++c) {
all_regular_characters += QChar::fromLatin1(c);
}
QTest::newRow("Regular characters should not be escaped") << all_regular_characters << all_regular_characters;
QTest::newRow("Special characters should be escaped")
<< R"(.^$*+-?()[]{}|\)" << R"(\.\^\$\*\+\-\?\(\)\[\]\{\}\|\\)";
QTest::newRow("Null character") << QString::fromLatin1("ab\0c", 4) << "ab\\0c";
}
void TestTools::testEscapeRegex()
{
QFETCH(QString, input);
QFETCH(QString, expected);
auto actual = Tools::escapeRegex(input);
QCOMPARE(actual, expected);
}
void TestTools::testConvertToRegex()
{
QFETCH(QString, input);
QFETCH(int, options);
QFETCH(QString, expected);
auto regex = Tools::convertToRegex(input, options).pattern();
QCOMPARE(regex, expected);
}
void TestTools::testConvertToRegex_data()
{
const QString input = R"(te|st*t?[5]^(test);',.)";
QTest::addColumn<QString>("input");
QTest::addColumn<int>("options");
QTest::addColumn<QString>("expected");
QTest::newRow("No Options") << input << static_cast<int>(Tools::RegexConvertOpts::DEFAULT)
<< QString(R"(te|st*t?[5]^(test);',.)");
// Escape regex
QTest::newRow("Escape Regex") << input << static_cast<int>(Tools::RegexConvertOpts::ESCAPE_REGEX)
<< Tools::escapeRegex(input);
QTest::newRow("Escape Regex and exact match")
<< input << static_cast<int>(Tools::RegexConvertOpts::ESCAPE_REGEX | Tools::RegexConvertOpts::EXACT_MATCH)
<< "^(?:" + Tools::escapeRegex(input) + ")$";
// Exact match does not escape the pattern
QTest::newRow("Exact Match") << input << static_cast<int>(Tools::RegexConvertOpts::EXACT_MATCH)
<< QString(R"(^(?:te|st*t?[5]^(test);',.)$)");
// Exact match with improper regex
QTest::newRow("Exact Match") << ")av(" << static_cast<int>(Tools::RegexConvertOpts::EXACT_MATCH)
<< QString(R"(^(?:)av()$)");
QTest::newRow("Exact Match & Wildcard")
<< input << static_cast<int>(Tools::RegexConvertOpts::EXACT_MATCH | Tools::RegexConvertOpts::WILDCARD_ALL)
<< QString(R"(^(?:te|st.*t.\[5\]\^\(test\)\;\'\,\.)$)");
QTest::newRow("Wildcard Single Match") << input << static_cast<int>(Tools::RegexConvertOpts::WILDCARD_SINGLE_MATCH)
<< QString(R"(te\|st\*t.\[5\]\^\(test\)\;\'\,\.)");
QTest::newRow("Wildcard OR") << input << static_cast<int>(Tools::RegexConvertOpts::WILDCARD_LOGICAL_OR)
<< QString(R"(te|st\*t\?\[5\]\^\(test\)\;\'\,\.)");
QTest::newRow("Wildcard Unlimited Match")
<< input << static_cast<int>(Tools::RegexConvertOpts::WILDCARD_UNLIMITED_MATCH)
<< QString(R"(te\|st.*t\?\[5\]\^\(test\)\;\'\,\.)");
}
void TestTools::testArrayContainsValues()
{
const auto values = QStringList() << "first" << "second" << "third";
// One missing
const auto result1 =
Tools::getMissingValuesFromList<QString>(values, QStringList() << "first" << "second" << "none");
QCOMPARE(result1.length(), 1);
QCOMPARE(result1.first(), QString("none"));
// All found
const auto result2 =
Tools::getMissingValuesFromList<QString>(values, QStringList() << "first" << "second" << "third");
QCOMPARE(result2.length(), 0);
// None are found
const auto numberValues = QList<int>({1, 2, 3, 4, 5});
const auto result3 = Tools::getMissingValuesFromList<int>(numberValues, QList<int>({6, 7, 8}));
QCOMPARE(result3.length(), 3);
}