public function testFileBasedAttachmentStoreWorks() { $this->_model->delete(helper::getPasteId()); $original = $paste = helper::getPasteWithAttachment(array('expire_date' => 1344803344)); $paste['meta']['attachment'] = $paste['attachment']; $paste['meta']['attachmentname'] = $paste['attachmentname']; unset($paste['attachment'], $paste['attachmentname']); $this->assertFalse($this->_model->exists(helper::getPasteId()), 'paste does not yet exist'); $this->assertTrue($this->_model->create(helper::getPasteId(), $paste), 'store new paste'); $this->assertTrue($this->_model->exists(helper::getPasteId()), 'paste exists after storing it'); $this->assertFalse($this->_model->create(helper::getPasteId(), $paste), 'unable to store the same paste twice'); $this->assertEquals(json_decode(json_encode($original)), $this->_model->read(helper::getPasteId())); }
public function testSjclValidatorValidatesCorrectly() { $paste = helper::getPasteWithAttachment(); $this->assertTrue(sjcl::isValid($paste['data']), 'valid sjcl'); $this->assertTrue(sjcl::isValid($paste['attachment']), 'valid sjcl'); $this->assertTrue(sjcl::isValid($paste['attachmentname']), 'valid sjcl'); $this->assertTrue(sjcl::isValid(helper::getComment()['data']), 'valid sjcl'); $this->assertTrue(sjcl::isValid('{"iv":"83Ax/OdUav3SanDW9dcQPg","v":1,"iter":1000,"ks":128,"ts":64,"mode":"ccm","adata":"","cipher":"aes","salt":"Gx1vA2/gQ3U","ct":"j7ImByuE5xCqD2YXm6aSyA"}'), 'valid sjcl'); $this->assertFalse(sjcl::isValid('{"iv":"$","v":1,"iter":1000,"ks":128,"ts":64,"mode":"ccm","adata":"","cipher":"aes","salt":"Gx1vA2/gQ3U","ct":"j7ImByuE5xCqD2YXm6aSyA"}'), 'invalid base64 encoding of iv'); $this->assertFalse(sjcl::isValid('{"iv":"83Ax/OdUav3SanDW9dcQPg","v":1,"iter":1000,"ks":128,"ts":64,"mode":"ccm","adata":"","cipher":"aes","salt":"$","ct":"j7ImByuE5xCqD2YXm6aSyA"}'), 'invalid base64 encoding of salt'); $this->assertFalse(sjcl::isValid('{"iv":"83Ax/OdUav3SanDW9dcQPg","salt":"Gx1vA2/gQ3U","ct":"$"}'), 'invalid base64 encoding of ct'); $this->assertFalse(sjcl::isValid('{"iv":"MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=","v":1,"iter":1000,"ks":128,"ts":64,"mode":"ccm","adata":"","cipher":"aes","salt":"Gx1vA2/gQ3U","ct":"j7ImByuE5xCqD2YXm6aSyA"}'), 'iv to long'); $this->assertFalse(sjcl::isValid('{"iv":"83Ax/OdUav3SanDW9dcQPg","v":1,"iter":1000,"ks":128,"ts":64,"mode":"ccm","adata":"","cipher":"aes","salt":"MTIzNDU2Nzg5MDEyMzQ1Njc4OTA=","ct":"j7ImByuE5xCqD2YXm6aSyA"}'), 'salt to long'); $this->assertFalse(sjcl::isValid('{"iv":"83Ax/OdUav3SanDW9dcQPg","v":1,"iter":1000,"ks":128,"ts":64,"mode":"ccm","adata":"","cipher":"aes","salt":"Gx1vA2/gQ3U","ct":"j7ImByuE5xCqD2YXm6aSyA","foo":"MTIzNDU2Nzg5MDEyMzQ1Njc4OTA="}'), 'invalid additional key'); $this->assertFalse(sjcl::isValid('{"iv":"83Ax/OdUav3SanDW9dcQPg","v":0.9,"iter":1000,"ks":128,"ts":64,"mode":"ccm","adata":"","cipher":"aes","salt":"Gx1vA2/gQ3U","ct":"j7ImByuE5xCqD2YXm6aSyA"}'), 'unsupported version'); $this->assertFalse(sjcl::isValid('{"iv":"83Ax/OdUav3SanDW9dcQPg","v":1,"iter":100,"ks":128,"ts":64,"mode":"ccm","adata":"","cipher":"aes","salt":"Gx1vA2/gQ3U","ct":"j7ImByuE5xCqD2YXm6aSyA"}'), 'not enough iterations'); $this->assertFalse(sjcl::isValid('{"iv":"83Ax/OdUav3SanDW9dcQPg","v":1,"iter":1000,"ks":127,"ts":64,"mode":"ccm","adata":"","cipher":"aes","salt":"Gx1vA2/gQ3U","ct":"j7ImByuE5xCqD2YXm6aSyA"}'), 'invalid key size'); $this->assertFalse(sjcl::isValid('{"iv":"83Ax/OdUav3SanDW9dcQPg","v":1,"iter":1000,"ks":128,"ts":63,"mode":"ccm","adata":"","cipher":"aes","salt":"Gx1vA2/gQ3U","ct":"j7ImByuE5xCqD2YXm6aSyA"}'), 'invalid tag length'); $this->assertFalse(sjcl::isValid('{"iv":"83Ax/OdUav3SanDW9dcQPg","v":1,"iter":1000,"ks":128,"ts":64,"mode":"!#@","adata":"","cipher":"aes","salt":"Gx1vA2/gQ3U","ct":"j7ImByuE5xCqD2YXm6aSyA"}'), 'invalid mode'); $this->assertFalse(sjcl::isValid('{"iv":"83Ax/OdUav3SanDW9dcQPg","v":1,"iter":1000,"ks":128,"ts":64,"mode":"ccm","adata":"","cipher":"!#@","salt":"Gx1vA2/gQ3U","ct":"j7ImByuE5xCqD2YXm6aSyA"}'), 'invalid cipher'); // @note adata is not validated, except as part of the total message length }
/** * @runInSeparateProcess */ public function testCreateAttachment() { $this->reset(); $options = parse_ini_file(CONF, true); $options['traffic']['limit'] = 0; $options['main']['fileupload'] = true; helper::confBackup(); helper::createIniFile(CONF, $options); $_POST = helper::getPasteWithAttachment(); $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; $_SERVER['REQUEST_METHOD'] = 'POST'; $_SERVER['REMOTE_ADDR'] = '::1'; $this->assertFalse($this->_model->exists(helper::getPasteId()), 'paste does not exists before posting data'); ob_start(); new zerobin(); $content = ob_get_contents(); $response = json_decode($content, true); $this->assertEquals(0, $response['status'], 'outputs status'); $this->assertEquals(hash_hmac('sha1', $response['id'], serversalt::get()), $response['deletetoken'], 'outputs valid delete token'); $this->assertTrue($this->_model->exists($response['id']), 'paste exists after posting data'); $original = json_decode(json_encode($_POST)); $stored = $this->_model->read($response['id']); foreach (array('data', 'attachment', 'attachmentname') as $key) { $this->assertEquals($original->{$key}, $stored->{$key}); } }
/** * @runInSeparateProcess */ public function testJsonLdInvalid() { $this->reset(); $paste = helper::getPasteWithAttachment(); $this->_model->create(helper::getPasteId(), $paste); $_GET['jsonld'] = '../cfg/conf.ini'; ob_start(); new zerobin(); $content = ob_get_contents(); $this->assertEquals('{}', $content, 'does not output nasty data'); }