1 import os, random, struct
2 from zope.interface import implements
3 from twisted.internet import defer
4 from twisted.internet.interfaces import IPullProducer
5 from twisted.python import failure
6 from twisted.application import service
7 from twisted.web.error import Error as WebError
8 from foolscap.api import flushEventualQueue, fireEventually
9 from allmydata import uri, dirnode, client
10 from allmydata.introducer.server import IntroducerNode
11 from allmydata.interfaces import IMutableFileNode, IImmutableFileNode,\
12 NotEnoughSharesError, ICheckable, \
13 IMutableUploadable, SDMF_VERSION, \
15 from allmydata.check_results import CheckResults, CheckAndRepairResults, \
16 DeepCheckResults, DeepCheckAndRepairResults
17 from allmydata.mutable.layout import unpack_header
18 from allmydata.mutable.publish import MutableData
19 from allmydata.storage.mutable import MutableShareFile
20 from allmydata.util import hashutil, log, fileutil, pollmixin
21 from allmydata.util.assertutil import precondition
22 from allmydata.util.consumer import download_to_data
23 from allmydata.stats import StatsGathererService
24 from allmydata.key_generator import KeyGeneratorService
25 import allmydata.test.common_util as testutil
26 from allmydata import immutable
28 TEST_RSA_KEY_SIZE = 522
30 def flush_but_dont_ignore(res):
31 d = flushEventualQueue()
38 implements(IPullProducer)
39 def resumeProducing(self):
42 class FakeCHKFileNode:
43 """I provide IImmutableFileNode, but all of my data is stored in a
44 class-level dictionary."""
45 implements(IImmutableFileNode)
48 def __init__(self, filecap):
49 precondition(isinstance(filecap, (uri.CHKFileURI, uri.LiteralFileURI)), filecap)
51 self.storage_index = self.my_uri.get_storage_index()
54 return self.my_uri.to_string()
55 def get_write_uri(self):
57 def get_readonly_uri(self):
58 return self.my_uri.to_string()
61 def get_verify_cap(self):
62 return self.my_uri.get_verify_cap()
63 def get_repair_cap(self):
64 return self.my_uri.get_verify_cap()
65 def get_storage_index(self):
66 return self.storage_index
68 def check(self, monitor, verify=False, add_lease=False):
69 r = CheckResults(self.my_uri, self.storage_index)
71 data["count-shares-needed"] = 3
72 data["count-shares-expected"] = 10
73 data["count-good-share-hosts"] = 10
74 data["count-wrong-shares"] = 0
76 data["list-corrupt-shares"] = []
77 data["sharemap"] = {1: [nodeid]}
78 data["servers-responding"] = [nodeid]
79 data["count-recoverable-versions"] = 1
80 data["count-unrecoverable-versions"] = 0
82 r.set_recoverable(True)
83 data["count-shares-good"] = 10
86 r.set_needs_rebalancing(False)
87 return defer.succeed(r)
88 def check_and_repair(self, monitor, verify=False, add_lease=False):
89 d = self.check(verify)
91 r = CheckAndRepairResults(self.storage_index)
92 r.pre_repair_results = r.post_repair_results = cr
99 def is_readonly(self):
101 def is_unknown(self):
103 def is_allowed_in_immutable_directory(self):
105 def raise_error(self):
109 if isinstance(self.my_uri, uri.LiteralFileURI):
110 return self.my_uri.get_size()
112 data = self.all_contents[self.my_uri.to_string()]
114 raise NotEnoughSharesError(le, 0, 3)
117 def read(self, consumer, offset=0, size=None):
118 # we don't bother to call registerProducer/unregisterProducer,
119 # because it's a hassle to write a dummy Producer that does the right
120 # thing (we have to make sure that DummyProducer.resumeProducing
121 # writes the data into the consumer immediately, otherwise it will
124 d = defer.succeed(None)
125 d.addCallback(self._read, consumer, offset, size)
128 def _read(self, ignored, consumer, offset, size):
129 if isinstance(self.my_uri, uri.LiteralFileURI):
130 data = self.my_uri.data
132 if self.my_uri.to_string() not in self.all_contents:
133 raise NotEnoughSharesError(None, 0, 3)
134 data = self.all_contents[self.my_uri.to_string()]
140 consumer.write(data[start:end])
144 def get_best_readable_version(self):
145 return defer.succeed(self)
148 def download_to_data(self):
149 return download_to_data(self)
152 download_best_version = download_to_data
155 def get_size_of_best_version(self):
156 return defer.succeed(self.get_size)
159 def make_chk_file_cap(size):
160 return uri.CHKFileURI(key=os.urandom(16),
161 uri_extension_hash=os.urandom(32),
165 def make_chk_file_uri(size):
166 return make_chk_file_cap(size).to_string()
168 def create_chk_filenode(contents):
169 filecap = make_chk_file_cap(len(contents))
170 n = FakeCHKFileNode(filecap)
171 FakeCHKFileNode.all_contents[filecap.to_string()] = contents
175 class FakeMutableFileNode:
176 """I provide IMutableFileNode, but all of my data is stored in a
177 class-level dictionary."""
179 implements(IMutableFileNode, ICheckable)
180 MUTABLE_SIZELIMIT = 10000
182 file_types = {} # storage index => MDMF_VERSION or SDMF_VERSION
184 def __init__(self, storage_broker, secret_holder,
185 default_encoding_parameters, history):
186 self.init_from_cap(make_mutable_file_cap())
187 self._k = default_encoding_parameters['k']
188 self._segsize = default_encoding_parameters['max_segment_size']
189 def create(self, contents, key_generator=None, keysize=None,
190 version=SDMF_VERSION):
191 if version == MDMF_VERSION and \
192 isinstance(self.my_uri, (uri.ReadonlySSKFileURI,
193 uri.WriteableSSKFileURI)):
194 self.init_from_cap(make_mdmf_mutable_file_cap())
195 self.file_types[self.storage_index] = version
196 initial_contents = self._get_initial_contents(contents)
197 data = initial_contents.read(initial_contents.get_size())
199 self.all_contents[self.storage_index] = data
200 return defer.succeed(self)
201 def _get_initial_contents(self, contents):
203 return MutableData("")
205 if IMutableUploadable.providedBy(contents):
208 assert callable(contents), "%s should be callable, not %s" % \
209 (contents, type(contents))
210 return contents(self)
211 def init_from_cap(self, filecap):
212 assert isinstance(filecap, (uri.WriteableSSKFileURI,
213 uri.ReadonlySSKFileURI,
214 uri.WriteableMDMFFileURI,
215 uri.ReadonlyMDMFFileURI))
216 self.my_uri = filecap
217 self.storage_index = self.my_uri.get_storage_index()
218 if isinstance(filecap, (uri.WriteableMDMFFileURI,
219 uri.ReadonlyMDMFFileURI)):
220 self.file_types[self.storage_index] = MDMF_VERSION
223 self.file_types[self.storage_index] = SDMF_VERSION
228 def get_readcap(self):
229 return self.my_uri.get_readonly()
231 return self.my_uri.to_string()
232 def get_write_uri(self):
233 if self.is_readonly():
235 return self.my_uri.to_string()
236 def get_readonly(self):
237 return self.my_uri.get_readonly()
238 def get_readonly_uri(self):
239 return self.my_uri.get_readonly().to_string()
240 def get_verify_cap(self):
241 return self.my_uri.get_verify_cap()
242 def get_repair_cap(self):
243 if self.my_uri.is_readonly():
246 def is_readonly(self):
247 return self.my_uri.is_readonly()
248 def is_mutable(self):
249 return self.my_uri.is_mutable()
250 def is_unknown(self):
252 def is_allowed_in_immutable_directory(self):
253 return not self.my_uri.is_mutable()
254 def raise_error(self):
256 def get_writekey(self):
259 return len(self.all_contents[self.storage_index])
260 def get_current_size(self):
261 return self.get_size_of_best_version()
262 def get_size_of_best_version(self):
263 return defer.succeed(len(self.all_contents[self.storage_index]))
265 def get_storage_index(self):
266 return self.storage_index
268 def get_servermap(self, mode):
269 return defer.succeed(None)
271 def get_version(self):
272 assert self.storage_index in self.file_types
273 return self.file_types[self.storage_index]
275 def check(self, monitor, verify=False, add_lease=False):
276 r = CheckResults(self.my_uri, self.storage_index)
278 data["count-shares-needed"] = 3
279 data["count-shares-expected"] = 10
280 data["count-good-share-hosts"] = 10
281 data["count-wrong-shares"] = 0
282 data["list-corrupt-shares"] = []
284 data["sharemap"] = {"seq1-abcd-sh0": [nodeid]}
285 data["servers-responding"] = [nodeid]
286 data["count-recoverable-versions"] = 1
287 data["count-unrecoverable-versions"] = 0
289 r.set_recoverable(True)
290 data["count-shares-good"] = 10
293 r.set_needs_rebalancing(False)
294 return defer.succeed(r)
296 def check_and_repair(self, monitor, verify=False, add_lease=False):
297 d = self.check(verify)
299 r = CheckAndRepairResults(self.storage_index)
300 r.pre_repair_results = r.post_repair_results = cr
305 def deep_check(self, verify=False, add_lease=False):
306 d = self.check(verify)
308 dr = DeepCheckResults(self.storage_index)
314 def deep_check_and_repair(self, verify=False, add_lease=False):
315 d = self.check_and_repair(verify)
317 dr = DeepCheckAndRepairResults(self.storage_index)
323 def download_best_version(self):
324 return defer.succeed(self._download_best_version())
327 def _download_best_version(self, ignored=None):
328 if isinstance(self.my_uri, uri.LiteralFileURI):
329 return self.my_uri.data
330 if self.storage_index not in self.all_contents:
331 raise NotEnoughSharesError(None, 0, 3)
332 return self.all_contents[self.storage_index]
335 def overwrite(self, new_contents):
336 assert not self.is_readonly()
337 new_data = new_contents.read(new_contents.get_size())
338 new_data = "".join(new_data)
339 self.all_contents[self.storage_index] = new_data
340 return defer.succeed(None)
341 def modify(self, modifier):
342 # this does not implement FileTooLargeError, but the real one does
343 return defer.maybeDeferred(self._modify, modifier)
344 def _modify(self, modifier):
345 assert not self.is_readonly()
346 old_contents = self.all_contents[self.storage_index]
347 new_data = modifier(old_contents, None, True)
348 self.all_contents[self.storage_index] = new_data
351 # As actually implemented, MutableFilenode and MutableFileVersion
352 # are distinct. However, nothing in the webapi uses (yet) that
353 # distinction -- it just uses the unified download interface
354 # provided by get_best_readable_version and read. When we start
355 # doing cooler things like LDMF, we will want to revise this code to
356 # be less simplistic.
357 def get_best_readable_version(self):
358 return defer.succeed(self)
361 def get_best_mutable_version(self):
362 return defer.succeed(self)
364 # Ditto for this, which is an implementation of IWriteable.
365 # XXX: Declare that the same is implemented.
366 def update(self, data, offset):
367 assert not self.is_readonly()
368 def modifier(old, servermap, first_time):
369 new = old[:offset] + "".join(data.read(data.get_size()))
370 new += old[len(new):]
372 return self.modify(modifier)
375 def read(self, consumer, offset=0, size=None):
376 data = self._download_best_version()
378 data = data[offset:offset+size]
380 return defer.succeed(consumer)
383 def make_mutable_file_cap():
384 return uri.WriteableSSKFileURI(writekey=os.urandom(16),
385 fingerprint=os.urandom(32))
387 def make_mdmf_mutable_file_cap():
388 return uri.WriteableMDMFFileURI(writekey=os.urandom(16),
389 fingerprint=os.urandom(32))
391 def make_mutable_file_uri(mdmf=False):
393 uri = make_mdmf_mutable_file_cap()
395 uri = make_mutable_file_cap()
397 return uri.to_string()
399 def make_verifier_uri():
400 return uri.SSKVerifierURI(storage_index=os.urandom(16),
401 fingerprint=os.urandom(32)).to_string()
403 def create_mutable_filenode(contents, mdmf=False):
404 # XXX: All of these arguments are kind of stupid.
406 cap = make_mdmf_mutable_file_cap()
408 cap = make_mutable_file_cap()
411 encoding_params['k'] = 3
412 encoding_params['max_segment_size'] = 128*1024
414 filenode = FakeMutableFileNode(None, None, encoding_params, None)
415 filenode.init_from_cap(cap)
417 filenode.create(MutableData(contents), version=MDMF_VERSION)
419 filenode.create(MutableData(contents), version=SDMF_VERSION)
423 class FakeDirectoryNode(dirnode.DirectoryNode):
424 """This offers IDirectoryNode, but uses a FakeMutableFileNode for the
425 backing store, so it doesn't go to the grid. The child data is still
426 encrypted and serialized, so this isn't useful for tests that want to
427 look inside the dirnodes and check their contents.
429 filenode_class = FakeMutableFileNode
431 class LoggingServiceParent(service.MultiService):
432 def log(self, *args, **kwargs):
433 return log.msg(*args, **kwargs)
435 class SystemTestMixin(pollmixin.PollMixin, testutil.StallMixin):
437 # SystemTestMixin tests tend to be a lot of work, and we have a few
438 # buildslaves that are pretty slow, and every once in a while these tests
439 # run up against the default 120 second timeout. So increase the default
440 # timeout. Individual test cases can override this, of course.
444 self.sparent = service.MultiService()
445 self.sparent.startService()
447 self.stats_gatherer = None
448 self.stats_gatherer_furl = None
449 self.key_generator_svc = None
450 self.key_generator_furl = None
453 log.msg("shutting down SystemTest services")
454 d = self.sparent.stopService()
455 d.addBoth(flush_but_dont_ignore)
458 def getdir(self, subdir):
459 return os.path.join(self.basedir, subdir)
461 def add_service(self, s):
462 s.setServiceParent(self.sparent)
465 def set_up_nodes(self, NUMCLIENTS=5,
466 use_stats_gatherer=False, use_key_generator=False):
467 self.numclients = NUMCLIENTS
468 iv_dir = self.getdir("introducer")
469 if not os.path.isdir(iv_dir):
470 fileutil.make_dirs(iv_dir)
471 fileutil.write(os.path.join(iv_dir, 'tahoe.cfg'), \
473 "web.port = tcp:0:interface=127.0.0.1\n")
474 if SYSTEM_TEST_CERTS:
475 os.mkdir(os.path.join(iv_dir, "private"))
476 f = open(os.path.join(iv_dir, "private", "node.pem"), "w")
477 f.write(SYSTEM_TEST_CERTS[0])
479 iv = IntroducerNode(basedir=iv_dir)
480 self.introducer = self.add_service(iv)
481 d = self.introducer.when_tub_ready()
482 d.addCallback(self._get_introducer_web)
483 if use_stats_gatherer:
484 d.addCallback(self._set_up_stats_gatherer)
485 if use_key_generator:
486 d.addCallback(self._set_up_key_generator)
487 d.addCallback(self._set_up_nodes_2)
488 if use_stats_gatherer:
489 d.addCallback(self._grab_stats)
492 def _get_introducer_web(self, res):
493 f = open(os.path.join(self.getdir("introducer"), "node.url"), "r")
494 self.introweb_url = f.read().strip()
497 def _set_up_stats_gatherer(self, res):
498 statsdir = self.getdir("stats_gatherer")
499 fileutil.make_dirs(statsdir)
500 self.stats_gatherer_svc = StatsGathererService(statsdir)
501 self.stats_gatherer = self.stats_gatherer_svc.stats_gatherer
502 self.add_service(self.stats_gatherer_svc)
505 sgf = os.path.join(statsdir, 'stats_gatherer.furl')
506 def check_for_furl():
507 return os.path.exists(sgf)
508 d.addCallback(lambda junk: self.poll(check_for_furl, timeout=30))
510 self.stats_gatherer_furl = file(sgf, 'rb').read().strip()
511 d.addCallback(get_furl)
514 def _set_up_key_generator(self, res):
515 kgsdir = self.getdir("key_generator")
516 fileutil.make_dirs(kgsdir)
518 self.key_generator_svc = KeyGeneratorService(kgsdir,
520 default_key_size=TEST_RSA_KEY_SIZE)
521 self.key_generator_svc.key_generator.pool_size = 4
522 self.key_generator_svc.key_generator.pool_refresh_delay = 60
523 self.add_service(self.key_generator_svc)
526 def check_for_furl():
527 return os.path.exists(os.path.join(kgsdir, 'key_generator.furl'))
528 d.addCallback(lambda junk: self.poll(check_for_furl, timeout=30))
530 kgf = os.path.join(kgsdir, 'key_generator.furl')
531 self.key_generator_furl = file(kgf, 'rb').read().strip()
532 d.addCallback(get_furl)
535 def _set_up_nodes_2(self, res):
537 self.introducer_furl = q.introducer_url
540 for i in range(self.numclients):
541 basedir = self.getdir("client%d" % i)
542 basedirs.append(basedir)
543 fileutil.make_dirs(os.path.join(basedir, "private"))
544 if len(SYSTEM_TEST_CERTS) > (i+1):
545 f = open(os.path.join(basedir, "private", "node.pem"), "w")
546 f.write(SYSTEM_TEST_CERTS[i+1])
549 config = "[client]\n"
550 config += "introducer.furl = %s\n" % self.introducer_furl
551 if self.stats_gatherer_furl:
552 config += "stats_gatherer.furl = %s\n" % self.stats_gatherer_furl
555 # clients[0] runs a webserver and a helper, no key_generator
557 config += "web.port = tcp:0:interface=127.0.0.1\n"
558 config += "timeout.keepalive = 600\n"
559 config += "[helper]\n"
560 config += "enabled = True\n"
562 # clients[3] runs a webserver and uses a helper, uses
564 if self.key_generator_furl:
565 config += "key_generator.furl = %s\n" % self.key_generator_furl
567 config += "web.port = tcp:0:interface=127.0.0.1\n"
568 config += "timeout.disconnect = 1800\n"
570 fileutil.write(os.path.join(basedir, 'tahoe.cfg'), config)
572 # give subclasses a chance to append lines to the node's tahoe.cfg
573 # files before they are launched.
574 self._set_up_nodes_extra_config()
576 # start clients[0], wait for it's tub to be ready (at which point it
577 # will have registered the helper furl).
578 c = self.add_service(client.Client(basedir=basedirs[0]))
579 self.clients.append(c)
580 c.set_default_mutable_keysize(TEST_RSA_KEY_SIZE)
581 d = c.when_tub_ready()
583 f = open(os.path.join(basedirs[0],"private","helper.furl"), "r")
584 helper_furl = f.read()
586 self.helper_furl = helper_furl
587 if self.numclients >= 4:
588 f = open(os.path.join(basedirs[3], 'tahoe.cfg'), 'ab+')
591 "helper.furl = %s\n" % helper_furl)
594 # this starts the rest of the clients
595 for i in range(1, self.numclients):
596 c = self.add_service(client.Client(basedir=basedirs[i]))
597 self.clients.append(c)
598 c.set_default_mutable_keysize(TEST_RSA_KEY_SIZE)
600 return self.wait_for_connections()
601 d.addCallback(_ready)
604 # now find out where the web port was
605 self.webish_url = self.clients[0].getServiceNamed("webish").getURL()
606 if self.numclients >=4:
607 # and the helper-using webport
608 self.helper_webish_url = self.clients[3].getServiceNamed("webish").getURL()
609 d.addCallback(_connected)
612 def _set_up_nodes_extra_config(self):
613 # for overriding by subclasses
616 def _grab_stats(self, res):
617 d = self.stats_gatherer.poll()
620 def bounce_client(self, num):
621 c = self.clients[num]
622 d = c.disownServiceParent()
623 # I think windows requires a moment to let the connection really stop
624 # and the port number made available for re-use. TODO: examine the
625 # behavior, see if this is really the problem, see if we can do
626 # better than blindly waiting for a second.
627 d.addCallback(self.stall, 1.0)
629 new_c = client.Client(basedir=self.getdir("client%d" % num))
630 self.clients[num] = new_c
631 new_c.set_default_mutable_keysize(TEST_RSA_KEY_SIZE)
632 self.add_service(new_c)
633 return new_c.when_tub_ready()
634 d.addCallback(_stopped)
635 d.addCallback(lambda res: self.wait_for_connections())
636 def _maybe_get_webport(res):
638 # now find out where the web port was
639 self.webish_url = self.clients[0].getServiceNamed("webish").getURL()
640 d.addCallback(_maybe_get_webport)
643 def add_extra_node(self, client_num, helper_furl=None,
644 add_to_sparent=False):
645 # usually this node is *not* parented to our self.sparent, so we can
646 # shut it down separately from the rest, to exercise the
647 # connection-lost code
648 basedir = self.getdir("client%d" % client_num)
649 if not os.path.isdir(basedir):
650 fileutil.make_dirs(basedir)
651 config = "[client]\n"
652 config += "introducer.furl = %s\n" % self.introducer_furl
654 config += "helper.furl = %s\n" % helper_furl
655 fileutil.write(os.path.join(basedir, 'tahoe.cfg'), config)
657 c = client.Client(basedir=basedir)
658 self.clients.append(c)
659 c.set_default_mutable_keysize(TEST_RSA_KEY_SIZE)
662 c.setServiceParent(self.sparent)
665 d = self.wait_for_connections()
666 d.addCallback(lambda res: c)
669 def _check_connections(self):
670 for c in self.clients:
671 if not c.connected_to_introducer():
673 sb = c.get_storage_broker()
674 if len(sb.get_connected_servers()) != self.numclients:
678 def wait_for_connections(self, ignored=None):
679 # TODO: replace this with something that takes a list of peerids and
680 # fires when they've all been heard from, instead of using a count
682 return self.poll(self._check_connections, timeout=200)
685 # our system test uses the same Tub certificates each time, to avoid the
686 # overhead of key generation
687 SYSTEM_TEST_CERTS = [
688 """-----BEGIN CERTIFICATE-----
689 MIIBnjCCAQcCAgCEMA0GCSqGSIb3DQEBBAUAMBcxFTATBgNVBAMUDG5ld3BiX3Ro
690 aW5neTAeFw0wODA3MjUyMjQyMDVaFw0wOTA3MjUyMjQyMDVaMBcxFTATBgNVBAMU
691 DG5ld3BiX3RoaW5neTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxHCWajrR
692 2h/iurw8k93m8WUdE3xypJiiAITw7GkKlKbCLD+dEce2MXwVVYca0n/MZZsj89Cu
693 Ko0lLjksMseoSDoj98iEmVpaY5mc2ntpQ+FXdoEmPP234XRWEg2HQ+EaK6+WkGQg
694 DDXQvFJCVCQk/n1MdAwZZ6vqf2ITzSuD44kCAwEAATANBgkqhkiG9w0BAQQFAAOB
695 gQBn6qPKGdFjWJy7sOOTUFfm/THhHQqAh1pBDLkjR+OtzuobCoP8n8J1LNG3Yxds
696 Jj7NWQL7X5TfOlfoi7e9jK0ujGgWh3yYU6PnHzJLkDiDT3LCSywQuGXCjh0tOStS
697 2gaCmmAK2cfxSStKzNcewl2Zs8wHMygq8TLFoZ6ozN1+xQ==
698 -----END CERTIFICATE-----
699 -----BEGIN RSA PRIVATE KEY-----
700 MIICXQIBAAKBgQDEcJZqOtHaH+K6vDyT3ebxZR0TfHKkmKIAhPDsaQqUpsIsP50R
701 x7YxfBVVhxrSf8xlmyPz0K4qjSUuOSwyx6hIOiP3yISZWlpjmZzae2lD4Vd2gSY8
702 /bfhdFYSDYdD4Rorr5aQZCAMNdC8UkJUJCT+fUx0DBlnq+p/YhPNK4PjiQIDAQAB
703 AoGAZyDMdrymiyMOPwavrtlicvyohSBid3MCKc+hRBvpSB0790r2RO1aAySndp1V
704 QYmCXx1RhKDbrs8m49t0Dryu5T+sQrFl0E3usAP3vvXWeh4jwJ9GyiRWy4xOEuEQ
705 3ewjbEItHqA/bRJF0TNtbOmZTDC7v9FRPf2bTAyFfTZep5kCQQD33q1RA8WUYtmQ
706 IArgHqt69i421lpXlOgqotFHwTx4FiGgVzDQCDuXU6txB9EeKRM340poissav/n6
707 bkLZ7/VDAkEAyuIPkeI59sE5NnmW+N47NbCfdM1Smy1YxZpv942EmP9Veub5N0dw
708 iK5bLAgEguUIjpTsh3BRmsE9Xd+ItmnRQwJBAMZhbg19G1EbnE0BmDKv2UbcaThy
709 bnPSNc6J6T2opqDl9ZvCrMqTDD6dNIWOYAvni/4a556sFsoeBBAu10peBskCQE6S
710 cB86cuJagLLVMh/dySaI6ahNoFFSpY+ZuQUxfInYUR2Q+DFtbGqyw8JwtHaRBthZ
711 WqU1XZVGg2KooISsxIsCQQD1PS7//xHLumBb0jnpL7n6W8gmiTyzblT+0otaCisP
712 fN6rTlwV1o8VsOUAz0rmKO5RArCbkmb01WtMgPCDBYkk
713 -----END RSA PRIVATE KEY-----
715 """-----BEGIN CERTIFICATE-----
716 MIIBnjCCAQcCAgCEMA0GCSqGSIb3DQEBBAUAMBcxFTATBgNVBAMUDG5ld3BiX3Ro
717 aW5neTAeFw0wODA3MjUyMjQyMDVaFw0wOTA3MjUyMjQyMDVaMBcxFTATBgNVBAMU
718 DG5ld3BiX3RoaW5neTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAs9CALdmW
719 kJ6r0KPSLdGCA8rzQKxWayrMckT22ZtbRv3aw6VA96dWclpY+T2maV0LrAzmMSL8
720 n61ydJHM33iYDOyWbwHWN45XCjY/e20PL54XUl/DmbBHEhQVQLIfCldcRcnWEfoO
721 iOhDJfWpDO1dmP/aOYLdkZCZvBtPAfyUqRcCAwEAATANBgkqhkiG9w0BAQQFAAOB
722 gQAN9eaCREkzzk4yPIaWYkWHg3Igs1vnOR/iDw3OjyxO/xJFP2lkA2WtrwL2RTRq
723 dxA8gwdPyrWgdiZElwZH8mzTJ4OdUXLSMclLOg9kvH6gtSvhLztfEDwDP1wRhikh
724 OeWWu2GIC+uqFCI1ftoGgU+aIa6yrHswf66rrQvBSSvJPQ==
725 -----END CERTIFICATE-----
726 -----BEGIN RSA PRIVATE KEY-----
727 MIICXQIBAAKBgQCz0IAt2ZaQnqvQo9It0YIDyvNArFZrKsxyRPbZm1tG/drDpUD3
728 p1ZyWlj5PaZpXQusDOYxIvyfrXJ0kczfeJgM7JZvAdY3jlcKNj97bQ8vnhdSX8OZ
729 sEcSFBVAsh8KV1xFydYR+g6I6EMl9akM7V2Y/9o5gt2RkJm8G08B/JSpFwIDAQAB
730 AoGBAIUy5zCPpSP+FeJY6CG+t6Pdm/IFd4KtUoM3KPCrT6M3+uzApm6Ny9Crsor2
731 qyYTocjSSVaOxzn1fvpw4qWLrH1veUf8ozMs8Z0VuPHD1GYUGjOXaBPXb5o1fQL9
732 h7pS5/HrDDPN6wwDNTsxRf/fP58CnfwQUhwdoxcx8TnVmDQxAkEA6N3jBXt/Lh0z
733 UbXHhv3QBOcqLZA2I4tY7wQzvUvKvVmCJoW1tfhBdYQWeQv0jzjL5PzrrNY8hC4l
734 8+sFM3h5TwJBAMWtbFIEZfRSG1JhHK3evYHDTZnr/j+CdoWuhzP5RkjkIKsiLEH7
735 2ZhA7CdFQLZF14oXy+g1uVCzzfB2WELtUbkCQQDKrb1XWzrBlzbAipfkXWs9qTmj
736 uJ32Z+V6+0xRGPOXxJ0sDDqw7CeFMfchWg98zLFiV+SEZV78qPHtkAPR3ayvAkB+
737 hUMhM4N13t9x2IoclsXAOhp++9bdG0l0woHyuAdOPATUw6iECwf4NQVxFRgYEZek
738 4Ro3Y7taddrHn1dabr6xAkAic47OoLOROYLpljmJJO0eRe3Z5IFe+0D2LfhAW3LQ
739 JU+oGq5pCjfnoaDElRRZn0+GmunnWeQEYKoflTi/lI9d
740 -----END RSA PRIVATE KEY-----
742 """-----BEGIN CERTIFICATE-----
743 MIIBnjCCAQcCAgCEMA0GCSqGSIb3DQEBBAUAMBcxFTATBgNVBAMUDG5ld3BiX3Ro
744 aW5neTAeFw0wODA3MjUyMjQyMDZaFw0wOTA3MjUyMjQyMDZaMBcxFTATBgNVBAMU
745 DG5ld3BiX3RoaW5neTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsxG7LTrz
746 DF+9wegOR/BRJhjSumPUbYQnNAUKtPraFsGjAJILP44AHdnHt1MONLgTeX1ynapo
747 q6O/q5cdKtBB7uEh7FpkLCCwpZt/m0y79cynn8AmWoQVgl8oS0567UmPeJnTzFPv
748 dmT5dlaQALeX5YGceAsEvhmAsdOMttaor38CAwEAATANBgkqhkiG9w0BAQQFAAOB
749 gQA345rxotfvh2kfgrmRzAyGewVBV4r23Go30GSZir8X2GoH3qKNwO4SekAohuSw
750 AiXzLUbwIdSRSqaLFxSC7Duqc9eIeFDAWjeEmpfFLBNiw3K8SLA00QrHCUXnECTD
751 b/Kk6OGuvPOiuuONVjEuEcRdCH3/Li30D0AhJaMynjhQJQ==
752 -----END CERTIFICATE-----
753 -----BEGIN RSA PRIVATE KEY-----
754 MIICXQIBAAKBgQCzEbstOvMMX73B6A5H8FEmGNK6Y9RthCc0BQq0+toWwaMAkgs/
755 jgAd2ce3Uw40uBN5fXKdqmiro7+rlx0q0EHu4SHsWmQsILClm3+bTLv1zKefwCZa
756 hBWCXyhLTnrtSY94mdPMU+92ZPl2VpAAt5flgZx4CwS+GYCx04y21qivfwIDAQAB
757 AoGBAIlhFg/aRPL+VM9539LzHN60dp8GzceDdqwjHhbAySZiQlLCuJx2rcI4/U65
758 CpIJku9G/fLV9N2RkA/trDPXeGyqCTJfnNzyZcvvMscRMFqSGyc21Y0a+GS8bIxt
759 1R2B18epSVMsWSWWMypeEgsfv29LV7oSWG8UKaqQ9+0h63DhAkEA4i2L/rori/Fb
760 wpIBfA+xbXL/GmWR7xPW+3nG3LdLQpVzxz4rIsmtO9hIXzvYpcufQbwgVACyMmRf
761 TMABeSDM7wJBAMquEdTaVXjGfH0EJ7z95Ys2rYTiCXjBfyEOi6RXXReqV9SXNKlN
762 aKsO22zYecpkAjY1EdUdXWP/mNVEybjpZnECQQCcuh0JPS5RwcTo9c2rjyBOjGIz
763 g3B1b5UIG2FurmCrWe6pgO3ZJFEzZ/L2cvz0Hj5UCa2JKBZTDvRutZoPumfnAkAb
764 nSW+y1Rz1Q8m9Ub4v9rjYbq4bRd/RVWtyk6KQIDldYbr5wH8wxgsniSVKtVFFuUa
765 P5bDY3HS6wMGo42cTOhxAkAcdweQSQ3j7mfc5vh71HeAC1v/VAKGehGOUdeEIQNl
766 Sb2WuzpZkbfsrVzW6MdlgY6eE7ufRswhDPLWPC8MP0d1
767 -----END RSA PRIVATE KEY-----
769 """-----BEGIN CERTIFICATE-----
770 MIIBnjCCAQcCAgCEMA0GCSqGSIb3DQEBBAUAMBcxFTATBgNVBAMUDG5ld3BiX3Ro
771 aW5neTAeFw0wODA3MjUyMjQyMDZaFw0wOTA3MjUyMjQyMDZaMBcxFTATBgNVBAMU
772 DG5ld3BiX3RoaW5neTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxnH+pbOS
773 qlJlsHpKUQtV0oN1Mv+ESG+yUDxStFFGjkJv/UIRzpxqFqY/6nJ3D03kZsDdcXyi
774 CfV9hPYQaVNMn6z+puPmIagfBQ0aOyuI+nUhCttZIYD9071BjW5bCMX5NZWL/CZm
775 E0HdAZ77H6UrRckJ7VR8wAFpihBxD5WliZcCAwEAATANBgkqhkiG9w0BAQQFAAOB
776 gQAwXqY1Sjvp9JSTHKklu7s0T6YmH/BKSXrHpS2xO69svK+ze5/+5td3jPn4Qe50
777 xwRNZSFmSLuJLfCO32QJSJTB7Vs5D3dNTZ2i8umsaodm97t8hit7L75nXRGHKH//
778 xDVWAFB9sSgCQyPMRkL4wB4YSfRhoSKVwMvaz+XRZDUU0A==
779 -----END CERTIFICATE-----
780 -----BEGIN RSA PRIVATE KEY-----
781 MIICXAIBAAKBgQDGcf6ls5KqUmWwekpRC1XSg3Uy/4RIb7JQPFK0UUaOQm/9QhHO
782 nGoWpj/qcncPTeRmwN1xfKIJ9X2E9hBpU0yfrP6m4+YhqB8FDRo7K4j6dSEK21kh
783 gP3TvUGNblsIxfk1lYv8JmYTQd0BnvsfpStFyQntVHzAAWmKEHEPlaWJlwIDAQAB
784 AoGAdHNMlXwtItm7ZrY8ihZ2xFP0IHsk60TwhHkBp2LSXoTKJvnwbSgIcUYZ18BX
785 8Zkp4MpoqEIU7HcssyuaMdR572huV2w0D/2gYJQLQ5JapaR3hMox3YG4wjXasN1U
786 1iZt7JkhKlOy+ElL5T9mKTE1jDsX2RAv4WALzMpYFo7vs4ECQQDxqrPaqRQ5uYS/
787 ejmIk05nM3Q1zmoLtMDrfRqrjBhaf/W3hqGihiqN2kL3PIIYcxSRWiyNlYXjElsR
788 2sllBTe3AkEA0jcMHVThwKt1+Ce5VcE7N6hFfbsgISTjfJ+Q3K2NkvJkmtE8ZRX5
789 XprssnPN8owkfF5yuKbcSZL3uvaaSGN9IQJAfTVnN9wwOXQwHhDSbDt9/KRBCnum
790 n+gHqDrKLaVJHOJ9SZf8eLswoww5c+UqtkYxmtlwie61Tp+9BXQosilQ4wJBAIZ1
791 XVNZmriBM4jR59L5MOZtxF0ilu98R+HLsn3kqLyIPF9mXCoQPxwLHkEan213xFKk
792 mt6PJDIPRlOZLqAEuuECQFQMCrn0VUwPg8E40pxMwgMETvVflPs/oZK1Iu+b7+WY
793 vBptAyhMu31fHQFnJpiUOyHqSZnOZyEn1Qu2lszNvUg=
794 -----END RSA PRIVATE KEY-----
796 """-----BEGIN CERTIFICATE-----
797 MIIBnjCCAQcCAgCEMA0GCSqGSIb3DQEBBAUAMBcxFTATBgNVBAMUDG5ld3BiX3Ro
798 aW5neTAeFw0wODA3MjUyMjQyMDZaFw0wOTA3MjUyMjQyMDZaMBcxFTATBgNVBAMU
799 DG5ld3BiX3RoaW5neTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAnjiOwipn
800 jigDuNMfNG/tBJhPwYUHhSbQdvrTubhsxw1oOq5XpNqUwRtC8hktOKM3hghyqExP
801 62EOi0aJBkRhtwtPSLBCINptArZLfkog/nTIqVv4eLEzJ19nTi/llHHWKcgA6XTI
802 sU/snUhGlySA3RpETvXqIJTauQRZz0kToSUCAwEAATANBgkqhkiG9w0BAQQFAAOB
803 gQCQ+u/CsX5WC5m0cLrpyIS6qZa62lrB3mj9H1aIQhisT5kRsMz3FJ1aOaS8zPRz
804 w0jhyRmamCcSsWf5WK539iOtsXbKMdAyjNtkQO3g+fnsLgmznAjjst24jfr+XU59
805 0amiy1U6TY93gtEBZHtiLldPdUMsTuFbBlqbcMBQ50x9rA==
806 -----END CERTIFICATE-----
807 -----BEGIN RSA PRIVATE KEY-----
808 MIICXAIBAAKBgQCeOI7CKmeOKAO40x80b+0EmE/BhQeFJtB2+tO5uGzHDWg6rlek
809 2pTBG0LyGS04ozeGCHKoTE/rYQ6LRokGRGG3C09IsEIg2m0Ctkt+SiD+dMipW/h4
810 sTMnX2dOL+WUcdYpyADpdMixT+ydSEaXJIDdGkRO9eoglNq5BFnPSROhJQIDAQAB
811 AoGAAPrst3s3xQOucjismtCOsVaYN+SxFTwWUoZfRWlFEz6cBLELzfOktEWM9p79
812 TrqEH4px22UNobGqO2amdql5yXwEFVhYQkRB8uDA8uVaqpL8NLWTGPRXxZ2DSU+n
813 7/FLf/TWT3ti/ZtXaPVRj6E2/Mq9AVEVOjUYzkNjM02OxcECQQDKEqmPbdZq2URU
814 7RbUxkq5aTp8nzAgbpUsgBGQ9PDAymhj60BDEP0q28Ssa7tU70pRnQ3AZs9txgmL
815 kK2g97FNAkEAyHH9cIb6qXOAJPIr/xamFGr5uuYw9TJPz/hfVkVimW/aZnBB+e6Q
816 oALJBDKJWeYPzdNbouJYg8MeU0qWdZ5DOQJADUk+1sxc/bd9U6wnBSRog1pU2x7I
817 VkmPC1b8ULCaJ8LnLDKqjf5O9wNuIfwPXB1DoKwX3F+mIcyUkhWYJO5EPQJAUj5D
818 KMqZSrGzYHVlC/M1Daee88rDR7fu+3wDUhiCDkbQq7tftrbl7GF4LRq3NIWq8l7I
819 eJq6isWiSbaO6Y+YMQJBAJFBpVhlY5Px2BX5+Hsfq6dSP3sVVc0eHkdsoZFFxq37
820 fksL/q2vlPczvBihgcxt+UzW/UrNkelOuX3i57PDvFs=
821 -----END RSA PRIVATE KEY-----
823 """-----BEGIN CERTIFICATE-----
824 MIIBnjCCAQcCAgCEMA0GCSqGSIb3DQEBBAUAMBcxFTATBgNVBAMUDG5ld3BiX3Ro
825 aW5neTAeFw0wODA3MjUyMjQyMDZaFw0wOTA3MjUyMjQyMDZaMBcxFTATBgNVBAMU
826 DG5ld3BiX3RoaW5neTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsCQuudDF
827 zgmY5tDpT0TkUo8fpJ5JcvgCkLFpSDD8REpXhLFkHWhTmTj3CAxfv4lA3sQzHZxe
828 4S9YCb5c/VTbFEdgwc/wlxMmJiz2jYghdmWPBb8pBEk31YihIhC+u4kex6gJBH5y
829 ixiZ3PPRRMaOBBo+ZfM50XIyWbFOOM/7FwcCAwEAATANBgkqhkiG9w0BAQQFAAOB
830 gQB4cFURaiiUx6n8eS4j4Vxrii5PtsaNEI4acANFSYknGd0xTP4vnmoivNmo5fWE
831 Q4hYtGezNu4a9MnNhcQmI20KzXmvhLJtkwWCgGOVJtMem8hDWXSALV1Ih8hmVkGS
832 CI1elfr9eyguunGp9eMMQfKhWH52WHFA0NYa0Kpv5BY33A==
833 -----END CERTIFICATE-----
834 -----BEGIN RSA PRIVATE KEY-----
835 MIICWwIBAAKBgQCwJC650MXOCZjm0OlPRORSjx+knkly+AKQsWlIMPxESleEsWQd
836 aFOZOPcIDF+/iUDexDMdnF7hL1gJvlz9VNsUR2DBz/CXEyYmLPaNiCF2ZY8FvykE
837 STfViKEiEL67iR7HqAkEfnKLGJnc89FExo4EGj5l8znRcjJZsU44z/sXBwIDAQAB
838 AoGABA7xXKqoxBSIh1js5zypHhXaHsre2l1Igdj0mgs25MPpvE7yBZNvyan8Vx0h
839 36Hj8r4Gh3og3YNfvem67sNTwNwONY0ep+Xho/3vG0jFATGduSXdcT04DusgZNqg
840 UJqW75cqxrD6o/nya5wUoN9NL5pcd5AgVMdOYvJGbrwQuaECQQDiCs/5dsUkUkeC
841 Tlur1wh0wJpW4Y2ctO3ncRdnAoAA9y8dELHXMqwKE4HtlyzHY7Bxds/BDh373EVK
842 rsdl+v9JAkEAx3xTmsOQvWa1tf/O30sdItVpGogKDvYqkLCNthUzPaL85BWB03E2
843 xunHcVVlqAOE5tFuw0/UEyEkOaGlNTJTzwJAPIVel9FoCUiKYuYt/z1swy3KZRaw
844 /tMmm4AZHvh5Y0jLcYHFy/OCQpRkhkOitqQHWunPyEXKW2PnnY5cTv68GQJAHG7H
845 B88KCUTjb25nkQIGxBlA4swzCtDhXkAb4rEA3a8mdmfuWjHPyeg2ShwO4jSmM7P0
846 Iph1NMjLff9hKcTjlwJARpItOFkYEdtSODC7FMm7KRKQnNB27gFAizsOYWD4D2b7
847 w1FTEZ/kSA9wSNhyNGt7dgUo6zFhm2u973HBCUb3dg==
848 -----END RSA PRIVATE KEY-----
850 """-----BEGIN CERTIFICATE-----
851 MIIBnjCCAQcCAgCEMA0GCSqGSIb3DQEBBAUAMBcxFTATBgNVBAMUDG5ld3BiX3Ro
852 aW5neTAeFw0wODA3MjUyMjQ3NThaFw0wOTA3MjUyMjQ3NThaMBcxFTATBgNVBAMU
853 DG5ld3BiX3RoaW5neTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvhTRj1dA
854 NOfse/UBeTfMekZKxZHsNPr+qBYaveWAHDded/BMyMgaMV2n6HQdiDaRjJkzjHCF
855 3xBtpIJeEGUqfrF0ob8BIZXy3qk68eX/0CVUbgmjSBN44ahlo63NshyXmZtEAkRV
856 VE/+cRKw3N2wtuTed5xwfNcL6dg4KTOEYEkCAwEAATANBgkqhkiG9w0BAQQFAAOB
857 gQCN+CLuVwLeWjSdVbdizYyrOVckqtwiIHG9BbGMlcIdm0qpvD7V7/sN2csk5LaT
858 BNiHi1t5628/4UHqqodYmFw8ri8ItFwB+MmTJi11CX6dIP9OUhS0qO8Z/BKtot7H
859 j04oNwl+WqZZfHIYwTIEL0HBn60nOvCQPDtnWG2BhpUxMA==
860 -----END CERTIFICATE-----
861 -----BEGIN RSA PRIVATE KEY-----
862 MIICXQIBAAKBgQC+FNGPV0A05+x79QF5N8x6RkrFkew0+v6oFhq95YAcN1538EzI
863 yBoxXafodB2INpGMmTOMcIXfEG2kgl4QZSp+sXShvwEhlfLeqTrx5f/QJVRuCaNI
864 E3jhqGWjrc2yHJeZm0QCRFVUT/5xErDc3bC25N53nHB81wvp2DgpM4RgSQIDAQAB
865 AoGALl2BqIdN4Bnac3oV++2CcSkIQB0SEvJOf820hDGhCEDxSCxTbn5w9S21MVxx
866 f7Jf2n3cNxuTbA/jzscGDtW+gXCs+WAbAr5aOqHLUPGEobhKQrQT2hrxQHyv3UFp
867 0tIl9eXFknOyVAaUJ3athK5tyjSiCZQQHLGzeLaDSKVAPqECQQD1GK7DkTcLaSvw
868 hoTJ3dBK3JoKT2HHLitfEE0QV58mkqFMjofpe+nyeKWvEb/oB4WBp/cfTvtf7DJK
869 zl1OSf11AkEAxomWmJeub0xpqksCmnVI1Jt1mvmcE4xpIcXq8sxzLHRc2QOv0kTw
870 IcFl4QcN6EQBmE+8kl7Tx8SPAVKfJMoZBQJAGsUFYYrczjxAdlba7glyFJsfn/yn
871 m0+poQpwwFYxpc7iGzB+G7xTAw62WfbAVSFtLYog7aR8xC9SFuWPP1vJeQJBAILo
872 xBj3ovgWTXIRJbVM8mnl28UFI0msgsHXK9VOw/6i93nMuYkPFbtcN14KdbwZ42dX
873 5EIrLr+BNr4riW4LqDUCQQCbsEEpTmj3upKUOONPt+6CH/OOMjazUzYHZ/3ORHGp
874 Q3Wt+I4IrR/OsiACSIQAhS4kBfk/LGggnj56DrWt+oBl
875 -----END RSA PRIVATE KEY-----
877 """-----BEGIN CERTIFICATE-----
878 MIIBnjCCAQcCAgCEMA0GCSqGSIb3DQEBBAUAMBcxFTATBgNVBAMUDG5ld3BiX3Ro
879 aW5neTAeFw0wODA3MjUyMjQ3NThaFw0wOTA3MjUyMjQ3NThaMBcxFTATBgNVBAMU
880 DG5ld3BiX3RoaW5neTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtKhx6sEA
881 jn6HWc6T2klwlPn0quyHtATIw8V3ezP46v6g2rRS7dTywo4GTP4vX58l+sC9z9Je
882 qhQ1rWSwMK4FmnDMZCu7AVO7oMIXpXdSz7l0bgCnNjvbpkA2pOfbB1Z8oj8iebff
883 J33ID5DdkmCzqYVtKpII1o/5z7Jo292JYy8CAwEAATANBgkqhkiG9w0BAQQFAAOB
884 gQA0PYMA07wo9kEH4fv9TCfo+zz42Px6lUxrQBPxBvDiGYhk2kME/wX0IcoZPKTV
885 WyBGmDAYWvFaHWbrbbTOfzlLWfYrDD913hCi9cO8iF8oBqRjIlkKcxAoe7vVg5Az
886 ydVcrY+zqULJovWwyNmH1QNIQfMat0rj7fylwjiS1y/YsA==
887 -----END CERTIFICATE-----
888 -----BEGIN RSA PRIVATE KEY-----
889 MIICXAIBAAKBgQC0qHHqwQCOfodZzpPaSXCU+fSq7Ie0BMjDxXd7M/jq/qDatFLt
890 1PLCjgZM/i9fnyX6wL3P0l6qFDWtZLAwrgWacMxkK7sBU7ugwheld1LPuXRuAKc2
891 O9umQDak59sHVnyiPyJ5t98nfcgPkN2SYLOphW0qkgjWj/nPsmjb3YljLwIDAQAB
892 AoGAU4CYRv22mCZ7wVLunDLdyr5ODMMPZnHfqj2XoGbBYz0WdIBs5GlNXAfxeZzz
893 oKsbDvAPzANcphh5RxAHMDj/dT8rZOez+eJrs1GEV+crl1T9p83iUkAuOJFtgUgf
894 TtQBL9vHaj7DfvCEXcBPmN/teDFmAAOyUNbtuhTkRa3PbuECQQDwaqZ45Kr0natH
895 V312dqlf9ms8I6e873pAu+RvA3BAWczk65eGcRjEBxVpTvNEcYKFrV8O5ZYtolrr
896 VJl97AfdAkEAwF4w4KJ32fLPVoPnrYlgLw86NejMpAkixblm8cn51avPQmwbtahb
897 BZUuca22IpgDpjeEk5SpEMixKe/UjzxMewJBALy4q2cY8U3F+u6sshLtAPYQZIs3
898 3fNE9W2dUKsIQvRwyZMlkLN7UhqHCPq6e+HNTM0MlCMIfAPkf4Rdy4N6ZY0CQCKE
899 BAMaQ6TwgzFDw5sIjiCDe+9WUPmRxhJyHL1/fvtOs4Z4fVRP290ZklbFU2vLmMQH
900 LBuKzfb7+4XJyXrV1+cCQBqfPFQQZLr5UgccABYQ2jnWVbJPISJ5h2b0cwXt+pz/
901 8ODEYLjqWr9K8dtbgwdpzwbkaGhQYpyvsguMvNPMohs=
902 -----END RSA PRIVATE KEY-----
904 """-----BEGIN CERTIFICATE-----
905 MIIBnjCCAQcCAgCEMA0GCSqGSIb3DQEBBAUAMBcxFTATBgNVBAMUDG5ld3BiX3Ro
906 aW5neTAeFw0wODA3MjUyMjQ3NThaFw0wOTA3MjUyMjQ3NThaMBcxFTATBgNVBAMU
907 DG5ld3BiX3RoaW5neTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAnBfNHycn
908 5RnYzDN4EWTk2q1BBxA6ZYtlG1WPkj5iKeaYKzUk58zBL7mNOA0ucq+yTwh9C4IC
909 EutWPaKBSKY5XI+Rdebh+Efq+urtOLgfJHlfcCraEx7hYN+tqqMVgEgnO/MqIsn1
910 I1Fvnp89mSYbQ9tmvhSH4Hm+nbeK6iL2tIsCAwEAATANBgkqhkiG9w0BAQQFAAOB
911 gQBt9zxfsKWoyyV764rRb6XThuTDMNSDaVofqePEWjudAbDu6tp0pHcrL0XpIrnT
912 3iPgD47pdlwQNbGJ7xXwZu2QTOq+Lv62E6PCL8FljDVoYqR3WwJFFUigNvBT2Zzu
913 Pxx7KUfOlm/M4XUSMu31sNJ0kQniBwpkW43YmHVNFb/R7g==
914 -----END CERTIFICATE-----
915 -----BEGIN RSA PRIVATE KEY-----
916 MIICXQIBAAKBgQCcF80fJyflGdjMM3gRZOTarUEHEDpli2UbVY+SPmIp5pgrNSTn
917 zMEvuY04DS5yr7JPCH0LggIS61Y9ooFIpjlcj5F15uH4R+r66u04uB8keV9wKtoT
918 HuFg362qoxWASCc78yoiyfUjUW+enz2ZJhtD22a+FIfgeb6dt4rqIva0iwIDAQAB
919 AoGBAIHstcnWd7iUeQYPWUNxLaRvTY8pjNH04yWLZEOgNWkXDVX5mExw++RTmB4t
920 qpm/cLWkJSEtB7jjthb7ao0j/t2ljqfr6kAbClDv3zByAEDhOu8xB/5ne6Ioo+k2
921 dygC+GcVcobhv8qRU+z0fpeXSP8yS1bQQHOaa17bSGsncvHRAkEAzwsn8jBTOqaW
922 6Iymvr7Aql++LiwEBrqMMRVyBZlkux4hiKa2P7XXEL6/mOPR0aI2LuCqE2COrO7R
923 0wAFZ54bjwJBAMEAe6cs0zI3p3STHwA3LoSZB81lzLhGUnYBvOq1yoDSlJCOYpld
924 YM1y3eC0vwiOnEu3GG1bhkW+h6Kx0I/qyUUCQBiH9NqwORxI4rZ4+8S76y4EnA7y
925 biOx9KxYIyNgslutTUHYpt1TmUDFqQPfclvJQWw6eExFc4Iv5bJ/XSSSyicCQGyY
926 5PrwEfYTsrm5fpwUcKxTnzxHp6WYjBWybKZ0m/lYhBfCxmAdVrbDh21Exqj99Zv0
927 7l26PhdIWfGFtCEGrzECQQCtPyXa3ostSceR7zEKxyn9QBCNXKARfNNTBja6+VRE
928 qDC6jLqzu/SoOYaqa13QzCsttO2iZk8Ygfy3Yz0n37GE
929 -----END RSA PRIVATE KEY-----
931 """-----BEGIN CERTIFICATE-----
932 MIIBnjCCAQcCAgCEMA0GCSqGSIb3DQEBBAUAMBcxFTATBgNVBAMUDG5ld3BiX3Ro
933 aW5neTAeFw0wODA3MjUyMjQ3NThaFw0wOTA3MjUyMjQ3NThaMBcxFTATBgNVBAMU
934 DG5ld3BiX3RoaW5neTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4mnLf+x0
935 CWKDKP5PLZ87t2ReSDE/J5QoI5VhE0bXaahdhPrQTC2wvOpT+N9nzEpI9ASh/ejV
936 kYGlc03nNKRL7zyVM1UyGduEwsRssFMqfyJhI1p+VmxDMWNplex7mIAheAdskPj3
937 pwi2CP4VIMjOj368AXvXItPzeCfAhYhEVaMCAwEAATANBgkqhkiG9w0BAQQFAAOB
938 gQAEzmwq5JFI5Z0dX20m9rq7NKgwRyAH3h5aE8bdjO8nEc69qscfDRx79Lws3kK8
939 A0LG0DhxKB8cTNu3u+jy81tjcC4pLNQ5IKap9ksmP7RtIHfTA55G8M3fPl2ZgDYQ
940 ZzsWAZvTNXd/eme0SgOzD10rfntA6ZIgJTWHx3E0RkdwKw==
941 -----END CERTIFICATE-----
942 -----BEGIN RSA PRIVATE KEY-----
943 MIICXQIBAAKBgQDiact/7HQJYoMo/k8tnzu3ZF5IMT8nlCgjlWETRtdpqF2E+tBM
944 LbC86lP432fMSkj0BKH96NWRgaVzTec0pEvvPJUzVTIZ24TCxGywUyp/ImEjWn5W
945 bEMxY2mV7HuYgCF4B2yQ+PenCLYI/hUgyM6PfrwBe9ci0/N4J8CFiERVowIDAQAB
946 AoGAQYTl+8XcKl8Un4dAOG6M5FwqIHAH25c3Klzu85obehrbvUCriG/sZi7VT/6u
947 VeLlS6APlJ+NNgczbrOLhaNJyYzjICSt8BI96PldFUzCEkVlgE+29pO7RNoZmDYB
948 dSGyIDrWdVYfdzpir6kC0KDcrpA16Sc+/bK6Q8ALLRpC7QECQQD7F7fhIQ03CKSk
949 lS4mgDuBQrB/52jXgBumtjp71ANNeaWR6+06KDPTLysM+olsh97Q7YOGORbrBnBg
950 Y2HPnOgjAkEA5taZaMfdFa8V1SPcX7mgCLykYIujqss0AmauZN/24oLdNE8HtTBF
951 OLaxE6PnQ0JWfx9KGIy3E0V3aFk5FWb0gQJBAO4KFEaXgOG1jfCBhNj3JHJseMso
952 5Nm4F366r0MJQYBHXNGzqphB2K/Svat2MKX1QSUspk2u/a0d05dtYCLki6UCQHWS
953 sChyQ+UbfF9HGKOZBC3vBzo1ZXNEdIUUj5bJjBHq3YgbCK38nAU66A482TmkvDGb
954 Wj4OzeB+7Ua0yyJfggECQQDVlAa8HqdAcrbEwI/YfPydFsavBJ0KtcIGK2owQ+dk
955 dhlDnpXDud/AtX4Ft2LaquQ15fteRrYjjwI9SFGytjtp
956 -----END RSA PRIVATE KEY-----
958 """-----BEGIN CERTIFICATE-----
959 MIIBnjCCAQcCAgCEMA0GCSqGSIb3DQEBBAUAMBcxFTATBgNVBAMUDG5ld3BiX3Ro
960 aW5neTAeFw0wODA3MjUyMjQ3NThaFw0wOTA3MjUyMjQ3NThaMBcxFTATBgNVBAMU
961 DG5ld3BiX3RoaW5neTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAueLfowPT
962 kXXtHeU2FZSz2mJhHmjqeyI1oMoyyggonccx65vMxaRfljnz2dOjVVYpCOn/LrdP
963 wVxHO8KNDsmQeWPRjnnBa2dFqqOnp/8gEJFJBW7K/gI9se6o+xe9QIWBq6d/fKVR
964 BURJe5TycLogzZuxQn1xHHILa3XleYuHAbMCAwEAATANBgkqhkiG9w0BAQQFAAOB
965 gQBEC1lfC3XK0galQC96B7faLpnQmhn5lX2FUUoFIQQtBTetoE+gTqnLSOIZcOK4
966 pkT3YvxUvgOV0LOLClryo2IknMMGWRSAcXtVUBBLRHVTSSuVUyyLr5kdRU7B4E+l
967 OU0j8Md/dzlkm//K1bzLyUaPq204ofH8su2IEX4b3IGmAQ==
968 -----END CERTIFICATE-----
969 -----BEGIN RSA PRIVATE KEY-----
970 MIICWwIBAAKBgQC54t+jA9ORde0d5TYVlLPaYmEeaOp7IjWgyjLKCCidxzHrm8zF
971 pF+WOfPZ06NVVikI6f8ut0/BXEc7wo0OyZB5Y9GOecFrZ0Wqo6en/yAQkUkFbsr+
972 Aj2x7qj7F71AhYGrp398pVEFREl7lPJwuiDNm7FCfXEccgtrdeV5i4cBswIDAQAB
973 AoGAO4PnJHNaLs16AMNdgKVevEIZZDolMQ1v7C4w+ryH/JRFaHE2q+UH8bpWV9zK
974 A82VT9RTrqpkb71S1VBiB2UDyz263XdAI/N2HcIVMmfKb72oV4gCI1KOv4DfFwZv
975 tVVcIdVEDBOZ2TgqK4opGOgWMDqgIAl2z3PbsIoNylZHEJECQQDtQeJFhEJGH4Qz
976 BGpdND0j2nnnJyhOFHJqikJNdul3uBwmxTK8FPEUUH/rtpyUan3VMOyDx3kX4OQg
977 GDNSb32rAkEAyJIZIJ0EMRHVedyWsfqR0zTGKRQ+qsc3sCfyUhFksWms9jsSS0DT
978 tVeTdC3F6EIAdpKOGhSyfBTU4jxwbFc0GQJADI4L9znEeAl66Wg2aLA2/Aq3oK/F
979 xjv2wgSG9apxOFCZzMNqp+FD0Jth6YtEReZMuldYbLDFi6nu6HPfY2Fa+QJAdpm1
980 lAxk6yMxiZK/5VRWoH6HYske2Vtd+aNVbePtF992ME/z3F3kEkpL3hom+dT1cyfs
981 MU3l0Ot8ip7Ul6vlGQJAegNzpcfl2GFSdWQMxQ+nN3woKnPqpR1M3jgnqvo7L4Xe
982 JW3vRxvfdrUuzdlvZ/Pbsu/vOd+cuIa4h0yD5q3N+g==
983 -----END RSA PRIVATE KEY-----
985 """-----BEGIN CERTIFICATE-----
986 MIIBnjCCAQcCAgCEMA0GCSqGSIb3DQEBBAUAMBcxFTATBgNVBAMUDG5ld3BiX3Ro
987 aW5neTAeFw0wODA3MjUyMjQ3NThaFw0wOTA3MjUyMjQ3NThaMBcxFTATBgNVBAMU
988 DG5ld3BiX3RoaW5neTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAruBhwk+J
989 XdlwfKXXN8K+43JyEYCV7Fp7ZiES4t4AEJuQuBqJVMxpzeZzu2t/vVb59ThaxxtY
990 NGD3Xy6Og5dTv//ztWng8P7HwwvfbrUICU6zo6JAhg7kfaNa116krCYOkC/cdJWt
991 o5W+zsDmI1jUVGH0D73h29atc1gn6wLpAsMCAwEAATANBgkqhkiG9w0BAQQFAAOB
992 gQAEJ/ITGJ9lK/rk0yHcenW8SHsaSTlZMuJ4yEiIgrJ2t71Rd6mtCC/ljx9USvvK
993 bF500whTiZlnWgKi02boBEKa44z/DytF6pljeNPefBQSqZyUByGEb/8Mn58Idyls
994 q4/d9iKXMPvbpQdcesOzgOffFZevLQSWyPRaIdYBOOiYUA==
995 -----END CERTIFICATE-----
996 -----BEGIN RSA PRIVATE KEY-----
997 MIICXQIBAAKBgQCu4GHCT4ld2XB8pdc3wr7jcnIRgJXsWntmIRLi3gAQm5C4GolU
998 zGnN5nO7a3+9Vvn1OFrHG1g0YPdfLo6Dl1O///O1aeDw/sfDC99utQgJTrOjokCG
999 DuR9o1rXXqSsJg6QL9x0la2jlb7OwOYjWNRUYfQPveHb1q1zWCfrAukCwwIDAQAB
1000 AoGAcZAXC/dYrlBpIxkTRQu7qLqGZuVI9t7fabgqqpceFargdR4Odrn0L5jrKRer
1001 MYrM8bjyAoC4a/NYUUBLnhrkcCQWO9q5fSQuFKFVWHY53SM63Qdqk8Y9Fmy/h/4c
1002 UtwZ5BWkUWItvnTMgb9bFcvSiIhEcNQauypnMpgNknopu7kCQQDlSQT10LkX2IGT
1003 bTUhPcManx92gucaKsPONKq2mP+1sIciThevRTZWZsxyIuoBBY43NcKKi8NlZCtj
1004 hhSbtzYdAkEAw0B93CXfso8g2QIMj/HJJz/wNTLtg+rriXp6jh5HWe6lKWRVrce+
1005 1w8Qz6OI/ZP6xuQ9HNeZxJ/W6rZPW6BGXwJAHcTuRPA1p/fvUvHh7Q/0zfcNAbkb
1006 QlV9GL/TzmNtB+0EjpqvDo2g8XTlZIhN85YCEf8D5DMjSn3H+GMHN/SArQJBAJlW
1007 MIGPjNoh5V4Hae4xqBOW9wIQeM880rUo5s5toQNTk4mqLk9Hquwh/MXUXGUora08
1008 2XGpMC1midXSTwhaGmkCQQCdivptFEYl33PrVbxY9nzHynpp4Mi89vQF0cjCmaYY
1009 N8L+bvLd4BU9g6hRS8b59lQ6GNjryx2bUnCVtLcey4Jd
1010 -----END RSA PRIVATE KEY-----
1014 # To disable the pre-computed tub certs, uncomment this line.
1015 #SYSTEM_TEST_CERTS = []
1017 TEST_DATA="\x02"*(immutable.upload.Uploader.URI_LIT_SIZE_THRESHOLD+1)
1019 class ShouldFailMixin:
1020 def shouldFail(self, expected_failure, which, substring,
1021 callable, *args, **kwargs):
1022 """Assert that a function call raises some exception. This is a
1023 Deferred-friendly version of TestCase.assertRaises() .
1025 Suppose you want to verify the following function:
1027 def broken(a, b, c):
1029 raise TypeError('a must not be negative')
1030 return defer.succeed(b+c)
1033 d = self.shouldFail(TypeError, 'test name',
1034 'a must not be negative',
1035 broken, -4, 5, c=12)
1036 in your test method. The 'test name' string will be included in the
1037 error message, if any, because Deferred chains frequently make it
1038 difficult to tell which assertion was tripped.
1040 The substring= argument, if not None, must appear in the 'repr'
1041 of the message wrapped by this Failure, or the test will fail.
1044 assert substring is None or isinstance(substring, str)
1045 d = defer.maybeDeferred(callable, *args, **kwargs)
1047 if isinstance(res, failure.Failure):
1048 res.trap(expected_failure)
1050 message = repr(res.value.args[0])
1051 self.failUnless(substring in message,
1052 "%s: substring '%s' not in '%s'"
1053 % (which, substring, message))
1055 self.fail("%s was supposed to raise %s, not get '%s'" %
1056 (which, expected_failure, res))
1060 class WebErrorMixin:
1061 def explain_web_error(self, f):
1062 # an error on the server side causes the client-side getPage() to
1063 # return a failure(t.web.error.Error), and its str() doesn't show the
1064 # response body, which is where the useful information lives. Attach
1065 # this method as an errback handler, and it will reveal the hidden
1068 print "Web Error:", f.value, ":", f.value.response
1071 def _shouldHTTPError(self, res, which, validator):
1072 if isinstance(res, failure.Failure):
1074 return validator(res)
1076 self.fail("%s was supposed to Error, not get '%s'" % (which, res))
1078 def shouldHTTPError(self, which,
1079 code=None, substring=None, response_substring=None,
1080 callable=None, *args, **kwargs):
1081 # returns a Deferred with the response body
1082 assert substring is None or isinstance(substring, str)
1085 if code is not None:
1086 self.failUnlessEqual(f.value.status, str(code), which)
1088 code_string = str(f)
1089 self.failUnless(substring in code_string,
1090 "%s: substring '%s' not in '%s'"
1091 % (which, substring, code_string))
1092 response_body = f.value.response
1093 if response_substring:
1094 self.failUnless(response_substring in response_body,
1095 "%s: response substring '%s' not in '%s'"
1096 % (which, response_substring, response_body))
1097 return response_body
1098 d = defer.maybeDeferred(callable, *args, **kwargs)
1099 d.addBoth(self._shouldHTTPError, which, _validate)
1102 class ErrorMixin(WebErrorMixin):
1103 def explain_error(self, f):
1104 if f.check(defer.FirstError):
1105 print "First Error:", f.value.subFailure
1108 def corrupt_field(data, offset, size, debug=False):
1109 if random.random() < 0.5:
1110 newdata = testutil.flip_one_bit(data, offset, size)
1112 log.msg("testing: corrupting offset %d, size %d flipping one bit orig: %r, newdata: %r" % (offset, size, data[offset:offset+size], newdata[offset:offset+size]))
1115 newval = testutil.insecurerandstr(size)
1117 log.msg("testing: corrupting offset %d, size %d randomizing field, orig: %r, newval: %r" % (offset, size, data[offset:offset+size], newval))
1118 return data[:offset]+newval+data[offset+size:]
1120 def _corrupt_nothing(data, debug=False):
1121 """Leave the data pristine. """
1124 def _corrupt_file_version_number(data, debug=False):
1125 """Scramble the file data -- the share file version number have one bit
1126 flipped or else will be changed to a random value."""
1127 return corrupt_field(data, 0x00, 4)
1129 def _corrupt_size_of_file_data(data, debug=False):
1130 """Scramble the file data -- the field showing the size of the share data
1131 within the file will be set to one smaller."""
1132 return corrupt_field(data, 0x04, 4)
1134 def _corrupt_sharedata_version_number(data, debug=False):
1135 """Scramble the file data -- the share data version number will have one
1136 bit flipped or else will be changed to a random value, but not 1 or 2."""
1137 return corrupt_field(data, 0x0c, 4)
1138 sharevernum = struct.unpack(">L", data[0x0c:0x0c+4])[0]
1139 assert sharevernum in (1, 2), "This test is designed to corrupt immutable shares of v1 or v2 in specific ways."
1140 newsharevernum = sharevernum
1141 while newsharevernum in (1, 2):
1142 newsharevernum = random.randrange(0, 2**32)
1143 newsharevernumbytes = struct.pack(">L", newsharevernum)
1144 return data[:0x0c] + newsharevernumbytes + data[0x0c+4:]
1146 def _corrupt_sharedata_version_number_to_plausible_version(data, debug=False):
1147 """Scramble the file data -- the share data version number will be
1148 changed to 2 if it is 1 or else to 1 if it is 2."""
1149 sharevernum = struct.unpack(">L", data[0x0c:0x0c+4])[0]
1150 assert sharevernum in (1, 2), "This test is designed to corrupt immutable shares of v1 or v2 in specific ways."
1151 if sharevernum == 1:
1155 newsharevernumbytes = struct.pack(">L", newsharevernum)
1156 return data[:0x0c] + newsharevernumbytes + data[0x0c+4:]
1158 def _corrupt_segment_size(data, debug=False):
1159 """Scramble the file data -- the field showing the size of the segment
1160 will have one bit flipped or else be changed to a random value."""
1161 sharevernum = struct.unpack(">L", data[0x0c:0x0c+4])[0]
1162 assert sharevernum in (1, 2), "This test is designed to corrupt immutable shares of v1 or v2 in specific ways."
1163 if sharevernum == 1:
1164 return corrupt_field(data, 0x0c+0x04, 4, debug=False)
1166 return corrupt_field(data, 0x0c+0x04, 8, debug=False)
1168 def _corrupt_size_of_sharedata(data, debug=False):
1169 """Scramble the file data -- the field showing the size of the data
1170 within the share data will have one bit flipped or else will be changed
1171 to a random value."""
1172 sharevernum = struct.unpack(">L", data[0x0c:0x0c+4])[0]
1173 assert sharevernum in (1, 2), "This test is designed to corrupt immutable shares of v1 or v2 in specific ways."
1174 if sharevernum == 1:
1175 return corrupt_field(data, 0x0c+0x08, 4)
1177 return corrupt_field(data, 0x0c+0x0c, 8)
1179 def _corrupt_offset_of_sharedata(data, debug=False):
1180 """Scramble the file data -- the field showing the offset of the data
1181 within the share data will have one bit flipped or else be changed to a
1183 sharevernum = struct.unpack(">L", data[0x0c:0x0c+4])[0]
1184 assert sharevernum in (1, 2), "This test is designed to corrupt immutable shares of v1 or v2 in specific ways."
1185 if sharevernum == 1:
1186 return corrupt_field(data, 0x0c+0x0c, 4)
1188 return corrupt_field(data, 0x0c+0x14, 8)
1190 def _corrupt_offset_of_ciphertext_hash_tree(data, debug=False):
1191 """Scramble the file data -- the field showing the offset of the
1192 ciphertext hash tree within the share data will have one bit flipped or
1193 else be changed to a random value.
1195 sharevernum = struct.unpack(">L", data[0x0c:0x0c+4])[0]
1196 assert sharevernum in (1, 2), "This test is designed to corrupt immutable shares of v1 or v2 in specific ways."
1197 if sharevernum == 1:
1198 return corrupt_field(data, 0x0c+0x14, 4, debug=False)
1200 return corrupt_field(data, 0x0c+0x24, 8, debug=False)
1202 def _corrupt_offset_of_block_hashes(data, debug=False):
1203 """Scramble the file data -- the field showing the offset of the block
1204 hash tree within the share data will have one bit flipped or else will be
1205 changed to a random value."""
1206 sharevernum = struct.unpack(">L", data[0x0c:0x0c+4])[0]
1207 assert sharevernum in (1, 2), "This test is designed to corrupt immutable shares of v1 or v2 in specific ways."
1208 if sharevernum == 1:
1209 return corrupt_field(data, 0x0c+0x18, 4)
1211 return corrupt_field(data, 0x0c+0x2c, 8)
1213 def _corrupt_offset_of_block_hashes_to_truncate_crypttext_hashes(data, debug=False):
1214 """Scramble the file data -- the field showing the offset of the block
1215 hash tree within the share data will have a multiple of hash size
1216 subtracted from it, thus causing the downloader to download an incomplete
1217 crypttext hash tree."""
1218 sharevernum = struct.unpack(">L", data[0x0c:0x0c+4])[0]
1219 assert sharevernum in (1, 2), "This test is designed to corrupt immutable shares of v1 or v2 in specific ways."
1220 if sharevernum == 1:
1221 curval = struct.unpack(">L", data[0x0c+0x18:0x0c+0x18+4])[0]
1222 newval = random.randrange(0, max(1, (curval/hashutil.CRYPTO_VAL_SIZE)/2))*hashutil.CRYPTO_VAL_SIZE
1223 newvalstr = struct.pack(">L", newval)
1224 return data[:0x0c+0x18]+newvalstr+data[0x0c+0x18+4:]
1226 curval = struct.unpack(">Q", data[0x0c+0x2c:0x0c+0x2c+8])[0]
1227 newval = random.randrange(0, max(1, (curval/hashutil.CRYPTO_VAL_SIZE)/2))*hashutil.CRYPTO_VAL_SIZE
1228 newvalstr = struct.pack(">Q", newval)
1229 return data[:0x0c+0x2c]+newvalstr+data[0x0c+0x2c+8:]
1231 def _corrupt_offset_of_share_hashes(data, debug=False):
1232 """Scramble the file data -- the field showing the offset of the share
1233 hash tree within the share data will have one bit flipped or else will be
1234 changed to a random value."""
1235 sharevernum = struct.unpack(">L", data[0x0c:0x0c+4])[0]
1236 assert sharevernum in (1, 2), "This test is designed to corrupt immutable shares of v1 or v2 in specific ways."
1237 if sharevernum == 1:
1238 return corrupt_field(data, 0x0c+0x1c, 4)
1240 return corrupt_field(data, 0x0c+0x34, 8)
1242 def _corrupt_offset_of_uri_extension(data, debug=False):
1243 """Scramble the file data -- the field showing the offset of the uri
1244 extension will have one bit flipped or else will be changed to a random
1246 sharevernum = struct.unpack(">L", data[0x0c:0x0c+4])[0]
1247 assert sharevernum in (1, 2), "This test is designed to corrupt immutable shares of v1 or v2 in specific ways."
1248 if sharevernum == 1:
1249 return corrupt_field(data, 0x0c+0x20, 4)
1251 return corrupt_field(data, 0x0c+0x3c, 8)
1253 def _corrupt_offset_of_uri_extension_to_force_short_read(data, debug=False):
1254 """Scramble the file data -- the field showing the offset of the uri
1255 extension will be set to the size of the file minus 3. This means when
1256 the client tries to read the length field from that location it will get
1257 a short read -- the result string will be only 3 bytes long, not the 4 or
1258 8 bytes necessary to do a successful struct.unpack."""
1259 sharevernum = struct.unpack(">L", data[0x0c:0x0c+4])[0]
1260 assert sharevernum in (1, 2), "This test is designed to corrupt immutable shares of v1 or v2 in specific ways."
1261 # The "-0x0c" in here is to skip the server-side header in the share
1262 # file, which the client doesn't see when seeking and reading.
1263 if sharevernum == 1:
1265 log.msg("testing: corrupting offset %d, size %d, changing %d to %d (len(data) == %d)" % (0x2c, 4, struct.unpack(">L", data[0x2c:0x2c+4])[0], len(data)-0x0c-3, len(data)))
1266 return data[:0x2c] + struct.pack(">L", len(data)-0x0c-3) + data[0x2c+4:]
1269 log.msg("testing: corrupting offset %d, size %d, changing %d to %d (len(data) == %d)" % (0x48, 8, struct.unpack(">Q", data[0x48:0x48+8])[0], len(data)-0x0c-3, len(data)))
1270 return data[:0x48] + struct.pack(">Q", len(data)-0x0c-3) + data[0x48+8:]
1272 def _corrupt_mutable_share_data(data, debug=False):
1274 assert prefix == MutableShareFile.MAGIC, "This function is designed to corrupt mutable shares of v1, and the magic number doesn't look right: %r vs %r" % (prefix, MutableShareFile.MAGIC)
1275 data_offset = MutableShareFile.DATA_OFFSET
1276 sharetype = data[data_offset:data_offset+1]
1277 assert sharetype == "\x00", "non-SDMF mutable shares not supported"
1278 (version, ig_seqnum, ig_roothash, ig_IV, ig_k, ig_N, ig_segsize,
1279 ig_datalen, offsets) = unpack_header(data[data_offset:])
1280 assert version == 0, "this function only handles v0 SDMF files"
1281 start = data_offset + offsets["share_data"]
1282 length = data_offset + offsets["enc_privkey"] - start
1283 return corrupt_field(data, start, length)
1285 def _corrupt_share_data(data, debug=False):
1286 """Scramble the file data -- the field containing the share data itself
1287 will have one bit flipped or else will be changed to a random value."""
1288 sharevernum = struct.unpack(">L", data[0x0c:0x0c+4])[0]
1289 assert sharevernum in (1, 2), "This test is designed to corrupt immutable shares of v1 or v2 in specific ways, not v%d." % sharevernum
1290 if sharevernum == 1:
1291 sharedatasize = struct.unpack(">L", data[0x0c+0x08:0x0c+0x08+4])[0]
1293 return corrupt_field(data, 0x0c+0x24, sharedatasize)
1295 sharedatasize = struct.unpack(">Q", data[0x0c+0x08:0x0c+0x0c+8])[0]
1297 return corrupt_field(data, 0x0c+0x44, sharedatasize)
1299 def _corrupt_share_data_last_byte(data, debug=False):
1300 """Scramble the file data -- flip all bits of the last byte."""
1301 sharevernum = struct.unpack(">L", data[0x0c:0x0c+4])[0]
1302 assert sharevernum in (1, 2), "This test is designed to corrupt immutable shares of v1 or v2 in specific ways, not v%d." % sharevernum
1303 if sharevernum == 1:
1304 sharedatasize = struct.unpack(">L", data[0x0c+0x08:0x0c+0x08+4])[0]
1305 offset = 0x0c+0x24+sharedatasize-1
1307 sharedatasize = struct.unpack(">Q", data[0x0c+0x08:0x0c+0x0c+8])[0]
1308 offset = 0x0c+0x44+sharedatasize-1
1310 newdata = data[:offset] + chr(ord(data[offset])^0xFF) + data[offset+1:]
1312 log.msg("testing: flipping all bits of byte at offset %d: %r, newdata: %r" % (offset, data[offset], newdata[offset]))
1315 def _corrupt_crypttext_hash_tree(data, debug=False):
1316 """Scramble the file data -- the field containing the crypttext hash tree
1317 will have one bit flipped or else will be changed to a random value.
1319 sharevernum = struct.unpack(">L", data[0x0c:0x0c+4])[0]
1320 assert sharevernum in (1, 2), "This test is designed to corrupt immutable shares of v1 or v2 in specific ways."
1321 if sharevernum == 1:
1322 crypttexthashtreeoffset = struct.unpack(">L", data[0x0c+0x14:0x0c+0x14+4])[0]
1323 blockhashesoffset = struct.unpack(">L", data[0x0c+0x18:0x0c+0x18+4])[0]
1325 crypttexthashtreeoffset = struct.unpack(">Q", data[0x0c+0x24:0x0c+0x24+8])[0]
1326 blockhashesoffset = struct.unpack(">Q", data[0x0c+0x2c:0x0c+0x2c+8])[0]
1328 return corrupt_field(data, 0x0c+crypttexthashtreeoffset, blockhashesoffset-crypttexthashtreeoffset, debug=debug)
1330 def _corrupt_crypttext_hash_tree_byte_x221(data, debug=False):
1331 """Scramble the file data -- the byte at offset 0x221 will have its 7th
1334 sharevernum = struct.unpack(">L", data[0x0c:0x0c+4])[0]
1335 assert sharevernum in (1, 2), "This test is designed to corrupt immutable shares of v1 or v2 in specific ways."
1337 log.msg("original data: %r" % (data,))
1338 return data[:0x0c+0x221] + chr(ord(data[0x0c+0x221])^0x02) + data[0x0c+0x2210+1:]
1340 def _corrupt_block_hashes(data, debug=False):
1341 """Scramble the file data -- the field containing the block hash tree
1342 will have one bit flipped or else will be changed to a random value.
1344 sharevernum = struct.unpack(">L", data[0x0c:0x0c+4])[0]
1345 assert sharevernum in (1, 2), "This test is designed to corrupt immutable shares of v1 or v2 in specific ways."
1346 if sharevernum == 1:
1347 blockhashesoffset = struct.unpack(">L", data[0x0c+0x18:0x0c+0x18+4])[0]
1348 sharehashesoffset = struct.unpack(">L", data[0x0c+0x1c:0x0c+0x1c+4])[0]
1350 blockhashesoffset = struct.unpack(">Q", data[0x0c+0x2c:0x0c+0x2c+8])[0]
1351 sharehashesoffset = struct.unpack(">Q", data[0x0c+0x34:0x0c+0x34+8])[0]
1353 return corrupt_field(data, 0x0c+blockhashesoffset, sharehashesoffset-blockhashesoffset)
1355 def _corrupt_share_hashes(data, debug=False):
1356 """Scramble the file data -- the field containing the share hash chain
1357 will have one bit flipped or else will be changed to a random value.
1359 sharevernum = struct.unpack(">L", data[0x0c:0x0c+4])[0]
1360 assert sharevernum in (1, 2), "This test is designed to corrupt immutable shares of v1 or v2 in specific ways."
1361 if sharevernum == 1:
1362 sharehashesoffset = struct.unpack(">L", data[0x0c+0x1c:0x0c+0x1c+4])[0]
1363 uriextoffset = struct.unpack(">L", data[0x0c+0x20:0x0c+0x20+4])[0]
1365 sharehashesoffset = struct.unpack(">Q", data[0x0c+0x34:0x0c+0x34+8])[0]
1366 uriextoffset = struct.unpack(">Q", data[0x0c+0x3c:0x0c+0x3c+8])[0]
1368 return corrupt_field(data, 0x0c+sharehashesoffset, uriextoffset-sharehashesoffset)
1370 def _corrupt_length_of_uri_extension(data, debug=False):
1371 """Scramble the file data -- the field showing the length of the uri
1372 extension will have one bit flipped or else will be changed to a random
1374 sharevernum = struct.unpack(">L", data[0x0c:0x0c+4])[0]
1375 assert sharevernum in (1, 2), "This test is designed to corrupt immutable shares of v1 or v2 in specific ways."
1376 if sharevernum == 1:
1377 uriextoffset = struct.unpack(">L", data[0x0c+0x20:0x0c+0x20+4])[0]
1378 return corrupt_field(data, uriextoffset, 4)
1380 uriextoffset = struct.unpack(">Q", data[0x0c+0x3c:0x0c+0x3c+8])[0]
1381 return corrupt_field(data, 0x0c+uriextoffset, 8)
1383 def _corrupt_uri_extension(data, debug=False):
1384 """Scramble the file data -- the field containing the uri extension will
1385 have one bit flipped or else will be changed to a random value."""
1386 sharevernum = struct.unpack(">L", data[0x0c:0x0c+4])[0]
1387 assert sharevernum in (1, 2), "This test is designed to corrupt immutable shares of v1 or v2 in specific ways."
1388 if sharevernum == 1:
1389 uriextoffset = struct.unpack(">L", data[0x0c+0x20:0x0c+0x20+4])[0]
1390 uriextlen = struct.unpack(">L", data[0x0c+uriextoffset:0x0c+uriextoffset+4])[0]
1392 uriextoffset = struct.unpack(">Q", data[0x0c+0x3c:0x0c+0x3c+8])[0]
1393 uriextlen = struct.unpack(">Q", data[0x0c+uriextoffset:0x0c+uriextoffset+8])[0]
1395 return corrupt_field(data, 0x0c+uriextoffset, uriextlen)