Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SigV4_GenerateHTTPAuthorization unit tests #29

Merged
merged 50 commits into from
Aug 15, 2021
Merged

SigV4_GenerateHTTPAuthorization unit tests #29

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
50 commits
Select commit Hold shift + click to select a range
cc45898
Link OpenSSL to the test
yourslab Aug 3, 2021
5d60836
Add unit tests attaining branch coverage of 71%
yourslab Aug 4, 2021
9a688f5
Output authBufLen when complete
yourslab Aug 4, 2021
6174e8d
Fix test case
yourslab Aug 4, 2021
fa4a976
Revert changes to sigv4 sources
yourslab Aug 4, 2021
1e95193
SigV4_GenerateHTTPAuthorization Implementation
amazon-auto Feb 3, 2021
e1d370f
Merge doxygen
yourslab Aug 6, 2021
5140fa6
Create SigV4ConstString_t type
yourslab Aug 6, 2021
7cb9491
Fix checks
yourslab Aug 6, 2021
43258d6
Hygiene improvements in URI encoding logic
aggarw13 Aug 7, 2021
bcd8e72
Hygiene improvements in Authorization Header prefix value logic
aggarw13 Aug 7, 2021
962a2f7
Minor improvements
aggarw13 Aug 7, 2021
ab889d5
Resolve compiler warning
yourslab Aug 9, 2021
0a81e65
Fix checks
yourslab Aug 9, 2021
613363d
Address review comments
aggarw13 Aug 10, 2021
2380cab
More comment changes
aggarw13 Aug 10, 2021
dea0cc9
Merge branch 'generate-auth-header' into sigv4-unit-tests
aggarw13 Aug 10, 2021
098f715
Fix build errors
aggarw13 Aug 10, 2021
999a91d
Fix unit test run failures
aggarw13 Aug 10, 2021
080469e
Merge remote-tracking branch 'origin/main' into sigv4-unit-tests
aggarw13 Aug 10, 2021
aebaf44
Add test case for sorting corner cases
aggarw13 Aug 11, 2021
412c972
Minor coverage increment and hygiene of redundant length check in lib…
aggarw13 Aug 11, 2021
d8d5c9a
Prune API to remove unused members of struct, and add test coverage f…
aggarw13 Aug 11, 2021
90addaf
More code coverage on logic of trimmable spaces & header count > thre…
aggarw13 Aug 11, 2021
5a107b4
Hygiene improvements in build configuration
aggarw13 Aug 11, 2021
eb051de
Small refactor in implementation and complete testing coverage of enc…
aggarw13 Aug 12, 2021
74aa6d7
Fix bugs in encodeURI implementation when handling special characters…
aggarw13 Aug 12, 2021
49a150f
Fix some CI checks
aggarw13 Aug 12, 2021
160a31c
Disable asserts from unit test coverage
aggarw13 Aug 12, 2021
32d2bf5
Fix some doxygen failures
aggarw13 Aug 12, 2021
c27dfec
Merge branch 'main' into sigv4-unit-tests
muneebahmed10 Aug 12, 2021
ebdc1d4
Merge remote-tracking branch 'origin/main' into sigv4-unit-tests
aggarw13 Aug 12, 2021
532fbad
Address minor review comments
aggarw13 Aug 12, 2021
4e725e7
Merge branch 'sigv4-unit-tests' of github.com:yourslab/SigV4-for-AWS-…
aggarw13 Aug 12, 2021
ea007d9
Add error code for invalid HTTP headers and increment test coverage
aggarw13 Aug 13, 2021
d6909ac
Hygiene improvement in sigv4.c and test coverage increment
aggarw13 Aug 13, 2021
5ef01b9
Minor hygiene refactor in implementation and test coverage for canoni…
aggarw13 Aug 13, 2021
7c070fe
Complete test coverage for canonical functions
aggarw13 Aug 13, 2021
644d961
Merge remote-tracking branch 'origin/main' into sigv4-unit-tests
aggarw13 Aug 13, 2021
2bc887c
Fix some CI check failures
aggarw13 Aug 13, 2021
d43b903
Make more hygiene improvements and increase test coverage
aggarw13 Aug 13, 2021
0db41aa
Achieve 100% coverage
aggarw13 Aug 14, 2021
b2bc43f
Hygiene improvements
aggarw13 Aug 14, 2021
5a12d8c
Minor README.md update
aggarw13 Aug 14, 2021
3eaad85
Merge remote-tracking branch 'origin/main' into sigv4-unit-tests
aggarw13 Aug 14, 2021
f8d62ee
Address review comments
aggarw13 Aug 14, 2021
26b26bd
Quicksort: Remove unnecessary branches of invalid array or elements a…
aggarw13 Aug 14, 2021
6c04aba
100% coverage again
aggarw13 Aug 14, 2021
faafb73
Apply suggestions from code review
aggarw13 Aug 15, 2021
a87b4f3
Fix complexity and hygiene improvements
aggarw13 Aug 15, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 0 additions & 2 deletions source/include/sigv4_internal.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,8 +28,6 @@
#ifndef SIGV4_INTERNAL_H_
#define SIGV4_INTERNAL_H_

#include <stdbool.h>

/* SIGV4_DO_NOT_USE_CUSTOM_CONFIG allows building of the SigV4 library without a
* config file. If a config file is provided, the SIGV4_DO_NOT_USE_CUSTOM_CONFIG
* macro must not be defined.
Expand Down
24 changes: 10 additions & 14 deletions source/sigv4.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2272,6 +2272,11 @@ static int32_t hmacAddKey( HmacContext_t * pHmacContext,
}
else
{
/* To reduce the key length to less than the hash block size, this branch performs
* hash operations. We want to perform hash operations only when we have received the
* entire key. */
assert( isKeyPrefix == false );

returnStatus = pCryptoInterface->hashInit( pCryptoInterface->pHashContext );

/* Has part of the key that is cached in the HMAC context. */
Expand Down Expand Up @@ -2813,6 +2818,7 @@ static SigV4Status_t generateSigningKey( const SigV4Parameters_t * pSigV4Params,
SIGV4_HMAC_SIGNING_KEY_PREFIX,
SIGV4_HMAC_SIGNING_KEY_PREFIX_LEN,
true /* Is key prefix. */ );
/* The above call should always succeed as it only populates the HMAC key cache. */
assert( hmacStatus == 0 );
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why assert this? That may certainly not be the case depending on how the hash functions are implemented.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Adding the prefix does not involve hashing operations but only involves adding the prefix string to the cache. Thus, I added the assert.

}

Expand Down Expand Up @@ -2988,20 +2994,9 @@ SigV4Status_t SigV4_GenerateHTTPAuthorization( const SigV4Parameters_t * pParams

if( returnStatus == SigV4Success )
{
authPrefixLen = *authBufLen;

/* Default arguments. */
if( ( pParams->pAlgorithm == NULL ) || ( pParams->algorithmLen == 0U ) )
{
/* The default algorithm is AWS4-HMAC-SHA256. */
pAlgorithm = SIGV4_AWS4_HMAC_SHA256;
algorithmLen = SIGV4_AWS4_HMAC_SHA256_LENGTH;
}
else
{
pAlgorithm = pParams->pAlgorithm;
algorithmLen = pParams->algorithmLen;
}
/* If the SigV4 algorithm is not specified, use "AWS4-HMAC-256" as the default algorithm. */
pAlgorithm = ( pParams->pAlgorithm == NULL ) ? SIGV4_AWS4_HMAC_SHA256 : pParams->pAlgorithm;
algorithmLen = ( pParams->pAlgorithm == NULL ) ? SIGV4_AWS4_HMAC_SHA256_LENGTH : pParams->algorithmLen;
}

if( returnStatus == SigV4Success )
Expand All @@ -3025,6 +3020,7 @@ SigV4Status_t SigV4_GenerateHTTPAuthorization( const SigV4Parameters_t * pParams
/* Write the prefix of the Authorizaton header value. */
if( returnStatus == SigV4Success )
{
authPrefixLen = *authBufLen;
returnStatus = generateAuthorizationValuePrefix( pParams,
pAlgorithm, algorithmLen,
pSignedHeaders, signedHeadersLen,
Expand Down
16 changes: 8 additions & 8 deletions source/sigv4_quicksort.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -147,8 +147,7 @@ static void quickSortHelper( void * pArray,
/* Calculate length of the left partition containing items smaller
* than the pivot element.
* The length is zero if either:
* 1. The pivoted item is the smallest in the
* the array before partitioning.
* 1. The pivoted item is the smallest in the the array before partitioning.
* OR
* 2. The left partition is only of single length which can be treated as
* sorted, and thus, of zero length for avoided adding to the stack. */
Expand All @@ -157,7 +156,7 @@ static void quickSortHelper( void * pArray,
/* Calculate length of the right partition containing items greater than
* or equal to the pivot item.
* The calculated length is zero if either:
* 1. The pivoted item is the smallest in the the array before partitioning.
* 1. The pivoted item is the greatest in the the array before partitioning.
* OR
* 2. The right partition contains only a single length which can be treated as
* sorted, and thereby, of zero length to avoid adding to the stack. */
Expand Down Expand Up @@ -202,31 +201,32 @@ static size_t partition( void * pArray,
size_t itemSize,
ComparisonFunc_t comparator )
{
void * pivot;
uint8_t * pivot;
uint8_t * pArrayLocal = ( uint8_t * ) pArray;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This addresses the warnings generated (by gcc-7.5.0) for using arithmetic operations on void *

/home/ubuntu/Repos/SigV4-for-AWS-IoT-embedded-sdk/source/sigv4_quicksort.c:212:20: warning: pointer of type ‘void *’ used in arithmetic [-Wpointer-arith]
     pivot = pArray + ( high * itemSize );
                    ^
/home/ubuntu/Repos/SigV4-for-AWS-IoT-embedded-sdk/source/sigv4_quicksort.c:220:32: warning: pointer of type ‘void *’ used in arithmetic [-Wpointer-arith]
         if( comparator( pArray + ( j * itemSize ), pivot ) < 0 )
                                ^
/home/ubuntu/Repos/SigV4-for-AWS-IoT-embedded-sdk/source/sigv4_quicksort.c:223:26: warning: pointer of type ‘void *’ used in arithmetic [-Wpointer-arith]
             swap( pArray + ( i * itemSize ), pArray + ( j * itemSize ), itemSize );
                          ^
/home/ubuntu/Repos/SigV4-for-AWS-IoT-embedded-sdk/source/sigv4_quicksort.c:223:53: warning: pointer of type ‘void *’ used in arithmetic [-Wpointer-arith]
             swap( pArray + ( i * itemSize ), pArray + ( j * itemSize ), itemSize );
                                                     ^
/home/ubuntu/Repos/SigV4-for-AWS-IoT-embedded-sdk/source/sigv4_quicksort.c:229:18: warning: pointer of type ‘void *’ used in arithmetic [-Wpointer-arith]
     swap( pArray + ( ( i + 1U ) * itemSize ), pivot, itemSize );
                  ^

size_t i = low - 1U, j = low;

assert( pArray != NULL );
assert( comparator != NULL );

/* Choose pivot as the highest indexed item in the current partition. */
pivot = pArray + ( high * itemSize );
pivot = pArrayLocal + ( high * itemSize );

/* Iterate over all elements of the current array to partition it
* in comparison to the chosen pivot with smaller items on the left
* and larger or equal to items on the right. */
for( ; j < high; j++ )
{
/* Use comparator function to check current element is smaller than the pivot */
if( comparator( pArray + ( j * itemSize ), pivot ) < 0 )
if( comparator( pArrayLocal + ( j * itemSize ), pivot ) < 0 )
{
++i;
swap( pArray + ( i * itemSize ), pArray + ( j * itemSize ), itemSize );
swap( pArrayLocal + ( i * itemSize ), pArrayLocal + ( j * itemSize ), itemSize );
}
}

/* Place the pivot between the smaller and larger item chunks of
* the array. This represents the 2 partitions of the array. */
swap( pArray + ( ( i + 1U ) * itemSize ), pivot, itemSize );
swap( pArrayLocal + ( ( i + 1U ) * itemSize ), pivot, itemSize );

/* Return the pivot item's index. */
return i + 1U;
Expand Down
4 changes: 2 additions & 2 deletions test/CMakeLists.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ include( ${MODULE_ROOT_DIR}/sigv4FilePaths.cmake )

# Target for Coverity analysis that builds the library.
add_library( coverity_analysis
${SIGV4_SOURCES} )
${SIGV4_SOURCES} )

# Build SigV4 library target without custom config dependencies.
target_compile_definitions( coverity_analysis PUBLIC SIGV4_DO_NOT_USE_CUSTOM_CONFIG=1 )
Expand Down Expand Up @@ -83,4 +83,4 @@ if(${BUILD_UNIT_TESTS})
DEPENDS cmock unity sigv4_utest
WORKING_DIRECTORY ${CMAKE_BINARY_DIR}
)
endif()
endif()
42 changes: 9 additions & 33 deletions test/unit-test/sigv4_utest.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -245,37 +245,9 @@ static int32_t valid_sha256_final( void * pHashContext,
return -1;
}

/*==================== Echo Implementation of Crypto Interface ===================== */

static uint8_t hashEchoBuffer[ SIGV4_HASH_MAX_BLOCK_LENGTH ];
static size_t hashInputLen;

/* These hash functions simply take the input and write it back to the output.
* The purpose of which is make it possible to write tests without having to
* know the computed hash of the string to sign. */
static int32_t echo_hash_init( void * pHashContext )
{
return 0;
}

static int32_t echo_hash_update( void * pHashContext,
const uint8_t * pInput,
size_t inputLen )
{
hashInputLen = inputLen;
( void ) memcpy( hashEchoBuffer, pInput, inputLen );
}

static int32_t echo_hash_final( void * pHashContext,
uint8_t * pOutput,
size_t outputLen )
{
( void ) memcpy( pOutput, hashEchoBuffer, hashInputLen );
}

/*==================== Failable Implementation of Crypto Interface ===================== */

#define HAPPY_PATH_HASH_ITERATIONS 12U
#define HASH_ERROR_BRANCH_COVERAGE_ITERATIONS 12U

static size_t hashInitCalledCount = 0U, hashInitCallToFail = SIZE_MAX;
static size_t updateHashCalledCount = 0U, updateHashCallToFail = SIZE_MAX;
Expand Down Expand Up @@ -1186,24 +1158,28 @@ void test_SigV4_GenerateHTTPAuthorization_Hash_Errors()

params.pCredentials->pSecretAccessKey = SECRET_KEY_LONGER_THAN_HASH_BLOCK;
params.pCredentials->secretAccessKeyLen = strlen( SECRET_KEY_LONGER_THAN_HASH_BLOCK );
char failureMessage[ 250 ];

for( i = 0U; i < HAPPY_PATH_HASH_ITERATIONS; i++ )
for( i = 0U; i < HASH_ERROR_BRANCH_COVERAGE_ITERATIONS; i++ )
{
resetFailableHashParams();
hashInitCallToFail = i;
params.pCryptoInterface->hashInit = hash_init_failable;
returnStatus = SigV4_GenerateHTTPAuthorization( &params, authBuf, &authBufLen, &signature, &signatureLen );
TEST_ASSERT_EQUAL( SigV4HashError, returnStatus );
snprintf( failureMessage, sizeof( failureMessage ), "Expected SigV4HashError from hashInit failure at call count %ld", i );
TEST_ASSERT_EQUAL_MESSAGE( SigV4HashError, returnStatus, failureMessage );

resetFailableHashParams();
updateHashCallToFail = i;
returnStatus = SigV4_GenerateHTTPAuthorization( &params, authBuf, &authBufLen, &signature, &signatureLen );
TEST_ASSERT_EQUAL( SigV4HashError, returnStatus );
snprintf( failureMessage, sizeof( failureMessage ), "Expected SigV4HashError from hashUpdate failure at call count %ld", i );
TEST_ASSERT_EQUAL_MESSAGE( SigV4HashError, returnStatus, failureMessage );

resetFailableHashParams();
finalHashCallToFail = i;
returnStatus = SigV4_GenerateHTTPAuthorization( &params, authBuf, &authBufLen, &signature, &signatureLen );
TEST_ASSERT_EQUAL( SigV4HashError, returnStatus );
snprintf( failureMessage, sizeof( failureMessage ), "Expected SigV4HashError from hashFinal failure at call count %ld", i );
TEST_ASSERT_EQUAL_MESSAGE( SigV4HashError, returnStatus, failureMessage );
}
}

Expand Down