From 6e98bf0568debeb9a8cd1403133fee63dee94bf1 Mon Sep 17 00:00:00 2001 From: Brian Smith Date: Thu, 15 Nov 2018 15:39:12 -1000 Subject: [PATCH] Reformat tests/, except AEAD tests. AEAD tests will be reformatted later. --- tests/agreement_tests.rs | 96 ++++++++++++++--------- tests/digest_tests.rs | 164 ++++++++++++++++++++++----------------- tests/ecdsa_tests.rs | 116 +++++++++++++++------------ tests/ed25519_tests.rs | 80 +++++++++++-------- tests/hkdf_tests.rs | 7 +- tests/hmac_tests.rs | 20 ++--- tests/pbkdf2_tests.rs | 26 +++---- tests/rsa_tests.rs | 106 ++++++++++++++----------- tests/signature_tests.rs | 3 +- 9 files changed, 352 insertions(+), 266 deletions(-) diff --git a/tests/agreement_tests.rs b/tests/agreement_tests.rs index 31d8d2695..885f2dc4d 100644 --- a/tests/agreement_tests.rs +++ b/tests/agreement_tests.rs @@ -28,7 +28,7 @@ unused_qualifications, unused_results, variant_size_differences, - warnings, + warnings )] extern crate ring; @@ -52,38 +52,48 @@ fn agreement_agree_ephemeral() { None => { let my_private = test_case.consume_bytes("D"); let rng = test::rand::FixedSliceRandom { bytes: &my_private }; - let my_private = - agreement::EphemeralPrivateKey::generate(alg, &rng)?; + let my_private = agreement::EphemeralPrivateKey::generate(alg, &rng)?; let my_public = test_case.consume_bytes("MyQ"); let output = test_case.consume_bytes("Output"); let mut computed_public = [0u8; agreement::PUBLIC_KEY_MAX_LEN]; - let computed_public = - &mut computed_public[..my_private.public_key_len()]; + let computed_public = &mut computed_public[..my_private.public_key_len()]; assert!(my_private.compute_public_key(computed_public).is_ok()); assert_eq!(computed_public, &my_public[..]); - assert!(agreement::agree_ephemeral(my_private, alg, peer_public, - (), |key_material| { - assert_eq!(key_material, &output[..]); - Ok(()) - }).is_ok()); + assert!(agreement::agree_ephemeral( + my_private, + alg, + peer_public, + (), + |key_material| { + assert_eq!(key_material, &output[..]); + Ok(()) + } + ) + .is_ok()); }, Some(_) => { // In the no-heap mode, some algorithms aren't supported so // we have to skip those algorithms' test cases. - let dummy_private_key = - agreement::EphemeralPrivateKey::generate(alg, &rng)?; + let dummy_private_key = agreement::EphemeralPrivateKey::generate(alg, &rng)?; fn kdf_not_called(_: &[u8]) -> Result<(), ()> { - panic!("The KDF was called during ECDH when the peer's \ - public key is invalid."); + panic!( + "The KDF was called during ECDH when the peer's \ + public key is invalid." + ); } - assert!(agreement::agree_ephemeral(dummy_private_key, alg, - peer_public, (), - kdf_not_called).is_err()); - } + assert!(agreement::agree_ephemeral( + dummy_private_key, + alg, + peer_public, + (), + kdf_not_called + ) + .is_err()); + }, } return Ok(()); @@ -92,13 +102,12 @@ fn agreement_agree_ephemeral() { #[test] fn test_agreement_ecdh_x25519_rfc_iterated() { - let mut k = - h("0900000000000000000000000000000000000000000000000000000000000000"); + let mut k = h("0900000000000000000000000000000000000000000000000000000000000000"); let mut u = k.clone(); - fn expect_iterated_x25519(expected_result: &str, - range: std::ops::Range, k: &mut Vec, - u: &mut Vec) { + fn expect_iterated_x25519( + expected_result: &str, range: std::ops::Range, k: &mut Vec, u: &mut Vec, + ) { for _ in range { let new_k = x25519(k, u); *u = k.clone(); @@ -109,22 +118,34 @@ fn test_agreement_ecdh_x25519_rfc_iterated() { expect_iterated_x25519( "422c8e7a6227d7bca1350b3e2bb7279f7897b87bb6854b783c60e80311ae3079", - 0..1, &mut k, &mut u); + 0..1, + &mut k, + &mut u, + ); expect_iterated_x25519( "684cf59ba83309552800ef566f2f4d3c1c3887c49360e3875f2eb94d99532c51", - 1..1_000, &mut k, &mut u); + 1..1_000, + &mut k, + &mut u, + ); // The spec gives a test vector for 1,000,000 iterations but it takes // too long to do 1,000,000 iterations by default right now. This // 10,000 iteration vector is self-computed. expect_iterated_x25519( "2c125a20f639d504a7703d2e223c79a79de48c4ee8c23379aa19a62ecd211815", - 1_000..10_000, &mut k, &mut u); + 1_000..10_000, + &mut k, + &mut u, + ); if cfg!(feature = "slow_tests") { - expect_iterated_x25519( - "7c3911e0ab2586fd864497297e575e6f3bc601c0883c30df5f4dd2d24f665424", - 10_000..1_000_000, &mut k, &mut u); + expect_iterated_x25519( + "7c3911e0ab2586fd864497297e575e6f3bc601c0883c30df5f4dd2d24f665424", + 10_000..1_000_000, + &mut k, + &mut u, + ); } } @@ -132,16 +153,17 @@ fn x25519(private_key: &[u8], public_key: &[u8]) -> Vec { x25519_(private_key, public_key).unwrap() } -fn x25519_(private_key: &[u8], public_key: &[u8]) - -> Result, error::Unspecified> { +fn x25519_(private_key: &[u8], public_key: &[u8]) -> Result, error::Unspecified> { let rng = test::rand::FixedSliceRandom { bytes: private_key }; - let private_key = - agreement::EphemeralPrivateKey::generate(&agreement::X25519, &rng)?; + let private_key = agreement::EphemeralPrivateKey::generate(&agreement::X25519, &rng)?; let public_key = untrusted::Input::from(public_key); - agreement::agree_ephemeral(private_key, &agreement::X25519, public_key, - error::Unspecified, |agreed_value| { - Ok(Vec::from(agreed_value)) - }) + agreement::agree_ephemeral( + private_key, + &agreement::X25519, + public_key, + error::Unspecified, + |agreed_value| Ok(Vec::from(agreed_value)), + ) } fn h(s: &str) -> Vec { diff --git a/tests/digest_tests.rs b/tests/digest_tests.rs index 6ea289612..99b73ba0d 100644 --- a/tests/digest_tests.rs +++ b/tests/digest_tests.rs @@ -28,13 +28,13 @@ unused_qualifications, unused_results, variant_size_differences, - warnings, + warnings )] extern crate ring; -use std::vec::Vec; use ring::{digest, test}; +use std::vec::Vec; /// Test vectors from BoringSSL, Go, and other sources. #[test] @@ -63,8 +63,8 @@ fn digest_misc() { } mod digest_shavs { - use std::vec::Vec; use ring::{digest, test}; + use std::vec::Vec; macro_rules! shavs_tests { ( $algorithm_name:ident ) => { @@ -77,31 +77,39 @@ mod digest_shavs { fn short_msg_known_answer_test() { run_known_answer_test( &digest::$algorithm_name, - &format!("third_party/NIST/SHAVS/{}ShortMsg.rsp", - stringify!($algorithm_name))); + &format!( + "third_party/NIST/SHAVS/{}ShortMsg.rsp", + stringify!($algorithm_name) + ), + ); } #[test] fn long_msg_known_answer_test() { run_known_answer_test( &digest::$algorithm_name, - &format!("third_party/NIST/SHAVS/{}LongMsg.rsp", - stringify!($algorithm_name))); + &format!( + "third_party/NIST/SHAVS/{}LongMsg.rsp", + stringify!($algorithm_name) + ), + ); } #[test] fn monte_carlo_test() { run_monte_carlo_test( &digest::$algorithm_name, - &format!("third_party/NIST/SHAVS/{}Monte.rsp", - stringify!($algorithm_name))); + &format!( + "third_party/NIST/SHAVS/{}Monte.rsp", + stringify!($algorithm_name) + ), + ); } } - } + }; } - fn run_known_answer_test(digest_alg: &'static digest::Algorithm, - file_name: &str) { + fn run_known_answer_test(digest_alg: &'static digest::Algorithm, file_name: &str) { let section_name = &format!("L = {}", digest_alg.output_len); test::from_file(file_name, |section, test_case| { assert_eq!(section_name, section); @@ -124,8 +132,7 @@ mod digest_shavs { }); } - fn run_monte_carlo_test(digest_alg: &'static digest::Algorithm, - file_name: &str) { + fn run_monte_carlo_test(digest_alg: &'static digest::Algorithm, file_name: &str) { let section_name = &format!("L = {}", digest_alg.output_len); let mut expected_count: isize = -1; @@ -196,8 +203,8 @@ macro_rules! test_i_u_f { for j in 0..max { for k in 0..max { let part1 = &input[..i]; - let part2 = &input[i..(i+j)]; - let part3 = &input[(i+j)..(i+j+k)]; + let part2 = &input[i..(i + j)]; + let part3 = &input[(i + j)..(i + j + k)]; let mut ctx = digest::Context::new(&$alg); ctx.update(part1); @@ -205,15 +212,14 @@ macro_rules! test_i_u_f { ctx.update(part3); let i_u_f = ctx.finish(); - let one_shot = - digest::digest(&$alg, &input[..(i + j + k)]); + let one_shot = digest::digest(&$alg, &input[..(i + j + k)]); assert_eq!(i_u_f.as_ref(), one_shot.as_ref()); } } } } - } + }; } test_i_u_f!(digest_test_i_u_f_sha1, digest::SHA1); test_i_u_f!(digest_test_i_u_f_sha256, digest::SHA256); @@ -262,41 +268,54 @@ macro_rules! test_large_digest { let expected: [u8; $len] = $expected; assert_eq!(&expected[..], calculated.as_ref()); } - } + }; } /// XXX: This test is too slow on Android ARM. #[cfg(any(not(target_os = "android"), not(target_arch = "arm")))] -test_large_digest!(digest_test_large_digest_sha1, digest::SHA1, 160 / 8, [ - 0xCA, 0xC3, 0x4C, 0x31, 0x90, 0x5B, 0xDE, 0x3B, - 0xE4, 0x0D, 0x46, 0x6D, 0x70, 0x76, 0xAD, 0x65, - 0x3C, 0x20, 0xE4, 0xBD -]); +test_large_digest!( + digest_test_large_digest_sha1, + digest::SHA1, + 160 / 8, + [ + 0xCA, 0xC3, 0x4C, 0x31, 0x90, 0x5B, 0xDE, 0x3B, 0xE4, 0x0D, 0x46, 0x6D, 0x70, 0x76, 0xAD, + 0x65, 0x3C, 0x20, 0xE4, 0xBD + ] +); -test_large_digest!(digest_test_large_digest_sha256, digest::SHA256, 256 / 8, [ - 0x8D, 0xD1, 0x6D, 0xD8, 0xB2, 0x5A, 0x29, 0xCB, - 0x7F, 0xB9, 0xAE, 0x86, 0x72, 0xE9, 0xCE, 0xD6, - 0x65, 0x4C, 0xB6, 0xC3, 0x5C, 0x58, 0x21, 0xA7, - 0x07, 0x97, 0xC5, 0xDD, 0xAE, 0x5C, 0x68, 0xBD -]); -test_large_digest!(digest_test_large_digest_sha384, digest::SHA384, 384 / 8, [ - 0x3D, 0xFE, 0xC1, 0xA9, 0xD0, 0x9F, 0x08, 0xD5, - 0xBB, 0xE8, 0x7C, 0x9E, 0xE0, 0x0A, 0x87, 0x0E, - 0xB0, 0xEA, 0x8E, 0xEA, 0xDB, 0x82, 0x36, 0xAE, - 0x74, 0xCF, 0x9F, 0xDC, 0x86, 0x1C, 0xE3, 0xE9, - 0xB0, 0x68, 0xCD, 0x19, 0x3E, 0x39, 0x90, 0x02, - 0xE1, 0x58, 0x5D, 0x66, 0xC4, 0x55, 0x11, 0x9B -]); -test_large_digest!(digest_test_large_digest_sha512, digest::SHA512, 512 / 8, [ - 0xFC, 0x8A, 0x98, 0x20, 0xFC, 0x82, 0xD8, 0x55, - 0xF8, 0xFF, 0x2F, 0x6E, 0xAE, 0x41, 0x60, 0x04, - 0x08, 0xE9, 0x49, 0xD7, 0xCD, 0x1A, 0xED, 0x22, - 0xEB, 0x55, 0xE1, 0xFD, 0x80, 0x50, 0x3B, 0x01, - 0x2F, 0xC6, 0xF4, 0x33, 0x86, 0xFB, 0x60, 0x75, - 0x2D, 0xA5, 0xA9, 0x93, 0xE7, 0x00, 0x45, 0xA8, - 0x49, 0x1A, 0x6B, 0xEC, 0x9C, 0x98, 0xC8, 0x19, - 0xA6, 0xA9, 0x88, 0x3E, 0x2F, 0x09, 0xB9, 0x9A -]); +test_large_digest!( + digest_test_large_digest_sha256, + digest::SHA256, + 256 / 8, + [ + 0x8D, 0xD1, 0x6D, 0xD8, 0xB2, 0x5A, 0x29, 0xCB, 0x7F, 0xB9, 0xAE, 0x86, 0x72, 0xE9, 0xCE, + 0xD6, 0x65, 0x4C, 0xB6, 0xC3, 0x5C, 0x58, 0x21, 0xA7, 0x07, 0x97, 0xC5, 0xDD, 0xAE, 0x5C, + 0x68, 0xBD + ] +); +test_large_digest!( + digest_test_large_digest_sha384, + digest::SHA384, + 384 / 8, + [ + 0x3D, 0xFE, 0xC1, 0xA9, 0xD0, 0x9F, 0x08, 0xD5, 0xBB, 0xE8, 0x7C, 0x9E, 0xE0, 0x0A, 0x87, + 0x0E, 0xB0, 0xEA, 0x8E, 0xEA, 0xDB, 0x82, 0x36, 0xAE, 0x74, 0xCF, 0x9F, 0xDC, 0x86, 0x1C, + 0xE3, 0xE9, 0xB0, 0x68, 0xCD, 0x19, 0x3E, 0x39, 0x90, 0x02, 0xE1, 0x58, 0x5D, 0x66, 0xC4, + 0x55, 0x11, 0x9B + ] +); +test_large_digest!( + digest_test_large_digest_sha512, + digest::SHA512, + 512 / 8, + [ + 0xFC, 0x8A, 0x98, 0x20, 0xFC, 0x82, 0xD8, 0x55, 0xF8, 0xFF, 0x2F, 0x6E, 0xAE, 0x41, 0x60, + 0x04, 0x08, 0xE9, 0x49, 0xD7, 0xCD, 0x1A, 0xED, 0x22, 0xEB, 0x55, 0xE1, 0xFD, 0x80, 0x50, + 0x3B, 0x01, 0x2F, 0xC6, 0xF4, 0x33, 0x86, 0xFB, 0x60, 0x75, 0x2D, 0xA5, 0xA9, 0x93, 0xE7, + 0x00, 0x45, 0xA8, 0x49, 0x1A, 0x6B, 0xEC, 0x9C, 0x98, 0xC8, 0x19, 0xA6, 0xA9, 0x88, 0x3E, + 0x2F, 0x09, 0xB9, 0x9A + ] +); // TODO: test_large_digest!(digest_test_large_digest_sha512_256, // digest::SHA512_256, 256 / 8, [ ... ]); @@ -312,26 +331,31 @@ fn test_fmt_algorithm() { #[test] fn digest_test_fmt() { - assert_eq!("SHA1:b7e23ec29af22b0b4e41da31e868d57226121c84", - &format!("{:?}", - digest::digest(&digest::SHA1, b"hello, world"))); - assert_eq!("SHA256:09ca7e4eaa6e8ae9c7d261167129184883644d\ - 07dfba7cbfbc4c8a2e08360d5b", - &format!("{:?}", - digest::digest(&digest::SHA256, b"hello, world"))); - assert_eq!("SHA384:1fcdb6059ce05172a26bbe2a3ccc88ed5a8cd5\ - fc53edfd9053304d429296a6da23b1cd9e5c9ed3bb34f0\ - 0418a70cdb7e", - &format!("{:?}", - digest::digest(&digest::SHA384, b"hello, world"))); - assert_eq!("SHA512:8710339dcb6814d0d9d2290ef422285c9322b7\ - 163951f9a0ca8f883d3305286f44139aa374848e4174f5\ - aada663027e4548637b6d19894aec4fb6c46a139fbf9", - &format!("{:?}", - digest::digest(&digest::SHA512, b"hello, world"))); + assert_eq!( + "SHA1:b7e23ec29af22b0b4e41da31e868d57226121c84", + &format!("{:?}", digest::digest(&digest::SHA1, b"hello, world")) + ); + assert_eq!( + "SHA256:09ca7e4eaa6e8ae9c7d261167129184883644d\ + 07dfba7cbfbc4c8a2e08360d5b", + &format!("{:?}", digest::digest(&digest::SHA256, b"hello, world")) + ); + assert_eq!( + "SHA384:1fcdb6059ce05172a26bbe2a3ccc88ed5a8cd5\ + fc53edfd9053304d429296a6da23b1cd9e5c9ed3bb34f0\ + 0418a70cdb7e", + &format!("{:?}", digest::digest(&digest::SHA384, b"hello, world")) + ); + assert_eq!( + "SHA512:8710339dcb6814d0d9d2290ef422285c9322b7\ + 163951f9a0ca8f883d3305286f44139aa374848e4174f5\ + aada663027e4548637b6d19894aec4fb6c46a139fbf9", + &format!("{:?}", digest::digest(&digest::SHA512, b"hello, world")) + ); - assert_eq!("SHA512_256:11f2c88c04f0a9c3d0970894ad2472505e\ - 0bc6e8c7ec46b5211cd1fa3e253e62", - &format!("{:?}", - digest::digest(&digest::SHA512_256, b"hello, world"))); + assert_eq!( + "SHA512_256:11f2c88c04f0a9c3d0970894ad2472505e\ + 0bc6e8c7ec46b5211cd1fa3e253e62", + &format!("{:?}", digest::digest(&digest::SHA512_256, b"hello, world")) + ); } diff --git a/tests/ecdsa_tests.rs b/tests/ecdsa_tests.rs index 84badf290..0c2355b0d 100644 --- a/tests/ecdsa_tests.rs +++ b/tests/ecdsa_tests.rs @@ -28,7 +28,7 @@ unused_qualifications, unused_results, variant_size_differences, - warnings, + warnings )] extern crate ring; @@ -44,18 +44,29 @@ fn ecdsa_from_pkcs8_test() { assert_eq!(section, ""); let curve_name = test_case.consume_string("Curve"); - let ((this_fixed, this_asn1), (other_fixed, other_asn1)) = - match curve_name.as_str() { - "P-256" => ((&signature::ECDSA_P256_SHA256_FIXED_SIGNING, - &signature::ECDSA_P256_SHA256_ASN1_SIGNING), - (&signature::ECDSA_P384_SHA384_FIXED_SIGNING, - &signature::ECDSA_P384_SHA384_ASN1_SIGNING)), - "P-384" => ((&signature::ECDSA_P384_SHA384_FIXED_SIGNING, - &signature::ECDSA_P384_SHA384_ASN1_SIGNING), - (&signature::ECDSA_P256_SHA256_FIXED_SIGNING, - &signature::ECDSA_P256_SHA256_ASN1_SIGNING)), - _ => unreachable!(), - }; + let ((this_fixed, this_asn1), (other_fixed, other_asn1)) = match curve_name.as_str() { + "P-256" => ( + ( + &signature::ECDSA_P256_SHA256_FIXED_SIGNING, + &signature::ECDSA_P256_SHA256_ASN1_SIGNING, + ), + ( + &signature::ECDSA_P384_SHA384_FIXED_SIGNING, + &signature::ECDSA_P384_SHA384_ASN1_SIGNING, + ), + ), + "P-384" => ( + ( + &signature::ECDSA_P384_SHA384_FIXED_SIGNING, + &signature::ECDSA_P384_SHA384_ASN1_SIGNING, + ), + ( + &signature::ECDSA_P256_SHA256_FIXED_SIGNING, + &signature::ECDSA_P256_SHA256_ASN1_SIGNING, + ), + ), + _ => unreachable!(), + }; let input = test_case.consume_bytes("Input"); let input = untrusted::Input::from(&input); @@ -64,14 +75,14 @@ fn ecdsa_from_pkcs8_test() { assert_eq!( signature::key_pair_from_pkcs8(this_fixed, input).is_ok(), - error.is_none()); + error.is_none() + ); assert_eq!( signature::key_pair_from_pkcs8(this_asn1, input).is_ok(), - error.is_none()); - assert!( - signature::key_pair_from_pkcs8(other_fixed, input).is_err()); - assert!( - signature::key_pair_from_pkcs8(other_asn1, input).is_err()); + error.is_none() + ); + assert!(signature::key_pair_from_pkcs8(other_fixed, input).is_err()); + assert!(signature::key_pair_from_pkcs8(other_asn1, input).is_err()); Ok(()) }); @@ -82,10 +93,12 @@ fn ecdsa_from_pkcs8_test() { fn ecdsa_generate_pkcs8_test() { let rng = rand::SystemRandom::new(); - for alg in &[&signature::ECDSA_P256_SHA256_ASN1_SIGNING, - &signature::ECDSA_P256_SHA256_FIXED_SIGNING, - &signature::ECDSA_P384_SHA384_ASN1_SIGNING, - &signature::ECDSA_P384_SHA384_FIXED_SIGNING] { + for alg in &[ + &signature::ECDSA_P256_SHA256_ASN1_SIGNING, + &signature::ECDSA_P256_SHA256_FIXED_SIGNING, + &signature::ECDSA_P384_SHA384_ASN1_SIGNING, + &signature::ECDSA_P384_SHA384_FIXED_SIGNING, + ] { let pkcs8 = signature::ECDSAKeyPair::generate_pkcs8(alg, &rng).unwrap(); println!(); for b in pkcs8.as_ref() { @@ -93,8 +106,8 @@ fn ecdsa_generate_pkcs8_test() { } println!(); println!(); - let _ = signature::key_pair_from_pkcs8( - *alg, untrusted::Input::from(pkcs8.as_ref())).unwrap(); + let _ = + signature::key_pair_from_pkcs8(*alg, untrusted::Input::from(pkcs8.as_ref())).unwrap(); } } @@ -123,9 +136,8 @@ fn signature_ecdsa_verify_asn1_test() { ("P-384", "SHA256") => &signature::ECDSA_P384_SHA256_ASN1, ("P-384", "SHA384") => &signature::ECDSA_P384_SHA384_ASN1, _ => { - panic!("Unsupported curve+digest: {}+{}", curve_name, - digest_name); - } + panic!("Unsupported curve+digest: {}+{}", curve_name, digest_name); + }, }; let actual_result = signature::verify(alg, public_key, msg, sig); @@ -137,35 +149,37 @@ fn signature_ecdsa_verify_asn1_test() { #[test] fn signature_ecdsa_verify_fixed_test() { - test::from_file("tests/ecdsa_verify_fixed_tests.txt", |section, test_case| { - assert_eq!(section, ""); + test::from_file( + "tests/ecdsa_verify_fixed_tests.txt", + |section, test_case| { + assert_eq!(section, ""); - let curve_name = test_case.consume_string("Curve"); - let digest_name = test_case.consume_string("Digest"); + let curve_name = test_case.consume_string("Curve"); + let digest_name = test_case.consume_string("Digest"); - let msg = test_case.consume_bytes("Msg"); - let msg = untrusted::Input::from(&msg); + let msg = test_case.consume_bytes("Msg"); + let msg = untrusted::Input::from(&msg); - let public_key = test_case.consume_bytes("Q"); - let public_key = untrusted::Input::from(&public_key); + let public_key = test_case.consume_bytes("Q"); + let public_key = untrusted::Input::from(&public_key); - let sig = test_case.consume_bytes("Sig"); - let sig = untrusted::Input::from(&sig); + let sig = test_case.consume_bytes("Sig"); + let sig = untrusted::Input::from(&sig); - let expected_result = test_case.consume_string("Result"); + let expected_result = test_case.consume_string("Result"); - let alg = match (curve_name.as_str(), digest_name.as_str()) { - ("P-256", "SHA256") => &signature::ECDSA_P256_SHA256_FIXED, - ("P-384", "SHA384") => &signature::ECDSA_P384_SHA384_FIXED, - _ => { - panic!("Unsupported curve+digest: {}+{}", curve_name, - digest_name); - } - }; + let alg = match (curve_name.as_str(), digest_name.as_str()) { + ("P-256", "SHA256") => &signature::ECDSA_P256_SHA256_FIXED, + ("P-384", "SHA384") => &signature::ECDSA_P384_SHA384_FIXED, + _ => { + panic!("Unsupported curve+digest: {}+{}", curve_name, digest_name); + }, + }; - let actual_result = signature::verify(alg, public_key, msg, sig); - assert_eq!(actual_result.is_ok(), expected_result == "P (0 )"); + let actual_result = signature::verify(alg, public_key, msg, sig); + assert_eq!(actual_result.is_ok(), expected_result == "P (0 )"); - Ok(()) - }); + Ok(()) + }, + ); } diff --git a/tests/ed25519_tests.rs b/tests/ed25519_tests.rs index 88b306a5d..5fb5240b2 100644 --- a/tests/ed25519_tests.rs +++ b/tests/ed25519_tests.rs @@ -28,7 +28,7 @@ unused_qualifications, unused_results, variant_size_differences, - warnings, + warnings )] extern crate ring; @@ -55,19 +55,17 @@ fn test_signature_ed25519() { let expected_sig = test_case.consume_bytes("SIG"); { - let key_pair = Ed25519KeyPair::from_seed_and_public_key( - seed, public_key).unwrap(); + let key_pair = Ed25519KeyPair::from_seed_and_public_key(seed, public_key).unwrap(); let actual_sig = key_pair.sign(&msg); assert_eq!(&expected_sig[..], actual_sig.as_ref()); } // Test PKCS#8 generation, parsing, and private-to-public calculations. let rng = test::rand::FixedSliceRandom { - bytes: seed.as_slice_less_safe() + bytes: seed.as_slice_less_safe(), }; let pkcs8 = Ed25519KeyPair::generate_pkcs8(&rng).unwrap(); - let key_pair = Ed25519KeyPair::from_pkcs8( - untrusted::Input::from(&pkcs8)).unwrap(); + let key_pair = Ed25519KeyPair::from_pkcs8(untrusted::Input::from(&pkcs8)).unwrap(); assert_eq!(public_key, key_pair.public_key_bytes()); // Test Signature generation. @@ -76,8 +74,12 @@ fn test_signature_ed25519() { // Test Signature verification. assert!(signature::verify( - &signature::ED25519, public_key, untrusted::Input::from(&msg), - untrusted::Input::from(&expected_sig)).is_ok()); + &signature::ED25519, + public_key, + untrusted::Input::from(&msg), + untrusted::Input::from(&expected_sig) + ) + .is_ok()); Ok(()) }); } @@ -89,50 +91,64 @@ fn test_ed25519_from_seed_and_public_key_misuse() { assert!(Ed25519KeyPair::from_seed_and_public_key( untrusted::Input::from(PRIVATE_KEY), - untrusted::Input::from(PUBLIC_KEY)).is_ok()); + untrusted::Input::from(PUBLIC_KEY) + ) + .is_ok()); // Truncated private key. assert!(Ed25519KeyPair::from_seed_and_public_key( untrusted::Input::from(&PRIVATE_KEY[..31]), - untrusted::Input::from(PUBLIC_KEY)).is_err()); + untrusted::Input::from(PUBLIC_KEY) + ) + .is_err()); // Truncated public key. assert!(Ed25519KeyPair::from_seed_and_public_key( untrusted::Input::from(PRIVATE_KEY), - untrusted::Input::from(&PUBLIC_KEY[..31])).is_err()); + untrusted::Input::from(&PUBLIC_KEY[..31]) + ) + .is_err()); // Swapped public and private key. assert!(Ed25519KeyPair::from_seed_and_public_key( untrusted::Input::from(PUBLIC_KEY), - untrusted::Input::from(PRIVATE_KEY)).is_err()); + untrusted::Input::from(PRIVATE_KEY) + ) + .is_err()); } #[test] fn test_ed25519_from_pkcs8_unchecked() { // Just test that we can parse the input. - test::from_file("tests/ed25519_from_pkcs8_unchecked_tests.txt", - |section, test_case| { - assert_eq!(section, ""); - let input = test_case.consume_bytes("Input"); - let error = test_case.consume_optional_string("Error"); - assert_eq!( - Ed25519KeyPair::from_pkcs8_maybe_unchecked( - untrusted::Input::from(&input)).is_ok(), - error.is_none()); - Ok(()) - }); + test::from_file( + "tests/ed25519_from_pkcs8_unchecked_tests.txt", + |section, test_case| { + assert_eq!(section, ""); + let input = test_case.consume_bytes("Input"); + let error = test_case.consume_optional_string("Error"); + assert_eq!( + Ed25519KeyPair::from_pkcs8_maybe_unchecked(untrusted::Input::from(&input)).is_ok(), + error.is_none() + ); + Ok(()) + }, + ); } #[test] fn test_ed25519_from_pkcs8() { // Just test that we can parse the input. - test::from_file("tests/ed25519_from_pkcs8_tests.txt", |section, test_case| { - assert_eq!(section, ""); - let input = test_case.consume_bytes("Input"); - let error = test_case.consume_optional_string("Error"); - assert_eq!( - Ed25519KeyPair::from_pkcs8(untrusted::Input::from(&input)).is_ok(), - error.is_none()); - Ok(()) - }); + test::from_file( + "tests/ed25519_from_pkcs8_tests.txt", + |section, test_case| { + assert_eq!(section, ""); + let input = test_case.consume_bytes("Input"); + let error = test_case.consume_optional_string("Error"); + assert_eq!( + Ed25519KeyPair::from_pkcs8(untrusted::Input::from(&input)).is_ok(), + error.is_none() + ); + Ok(()) + }, + ); } diff --git a/tests/hkdf_tests.rs b/tests/hkdf_tests.rs index 234b6cafe..621f347c2 100644 --- a/tests/hkdf_tests.rs +++ b/tests/hkdf_tests.rs @@ -28,7 +28,7 @@ unused_qualifications, unused_results, variant_size_differences, - warnings, + warnings )] extern crate ring; @@ -39,8 +39,9 @@ use ring::{error, hkdf, hmac, test}; fn hkdf_tests() { test::from_file("tests/hkdf_tests.txt", |section, test_case| { assert_eq!(section, ""); - let digest_alg = - test_case.consume_digest_alg("Hash").ok_or(error::Unspecified)?; + let digest_alg = test_case + .consume_digest_alg("Hash") + .ok_or(error::Unspecified)?; let secret = test_case.consume_bytes("IKM"); let salt = test_case.consume_bytes("salt"); let info = test_case.consume_bytes("info"); diff --git a/tests/hmac_tests.rs b/tests/hmac_tests.rs index 9622aa89e..211f5df48 100644 --- a/tests/hmac_tests.rs +++ b/tests/hmac_tests.rs @@ -28,7 +28,7 @@ unused_qualifications, unused_results, variant_size_differences, - warnings, + warnings )] extern crate ring; @@ -46,11 +46,12 @@ fn hmac_tests() { let digest_alg = match digest_alg { Some(digest_alg) => digest_alg, - None => { return Ok(()); }, // Unsupported digest algorithm + None => { + return Ok(()); + }, // Unsupported digest algorithm }; - hmac_test_case_inner(digest_alg, &key_value[..], &input[..], - &output[..], true)?; + hmac_test_case_inner(digest_alg, &key_value[..], &input[..], &output[..], true)?; // Tamper with the input and check that verification fails. if input.is_empty() { @@ -59,15 +60,14 @@ fn hmac_tests() { input[0] ^= 1; } - hmac_test_case_inner(digest_alg, &key_value[..], &input[..], - &output[..], false) + hmac_test_case_inner(digest_alg, &key_value[..], &input[..], &output[..], false) }); } -fn hmac_test_case_inner(digest_alg: &'static digest::Algorithm, - key_value: &[u8], input: &[u8], output: &[u8], - is_ok: bool) -> Result<(), error::Unspecified> { - +fn hmac_test_case_inner( + digest_alg: &'static digest::Algorithm, key_value: &[u8], input: &[u8], output: &[u8], + is_ok: bool, +) -> Result<(), error::Unspecified> { let s_key = hmac::SigningKey::new(digest_alg, key_value); let v_key = hmac::VerificationKey::new(digest_alg, key_value); diff --git a/tests/pbkdf2_tests.rs b/tests/pbkdf2_tests.rs index 69c0388a9..5317dda2b 100644 --- a/tests/pbkdf2_tests.rs +++ b/tests/pbkdf2_tests.rs @@ -28,7 +28,7 @@ unused_qualifications, unused_results, variant_size_differences, - warnings, + warnings )] extern crate ring; @@ -45,24 +45,22 @@ pub fn pbkdf2_tests() { let salt = test_case.consume_bytes("S"); let dk = test_case.consume_bytes("DK"); let verify_expected_result = test_case.consume_string("Verify"); - let verify_expected_result = - match verify_expected_result.as_str() { - "OK" => Ok(()), - "Err" => Err(error::Unspecified), - _ => panic!("Unsupported value of \"Verify\""), - }; + let verify_expected_result = match verify_expected_result.as_str() { + "OK" => Ok(()), + "Err" => Err(error::Unspecified), + _ => panic!("Unsupported value of \"Verify\""), + }; { let mut out = vec![0u8; dk.len()]; - pbkdf2::derive(digest_alg, iterations as u32, &salt, &secret, - &mut out); - assert_eq!(dk == out, - verify_expected_result.is_ok() || dk.is_empty()); + pbkdf2::derive(digest_alg, iterations as u32, &salt, &secret, &mut out); + assert_eq!(dk == out, verify_expected_result.is_ok() || dk.is_empty()); } - assert_eq!(pbkdf2::verify(digest_alg, iterations as u32, &salt, &secret, - &dk), - verify_expected_result); + assert_eq!( + pbkdf2::verify(digest_alg, iterations as u32, &salt, &secret, &dk), + verify_expected_result + ); Ok(()) }); diff --git a/tests/rsa_tests.rs b/tests/rsa_tests.rs index 42fa1bc20..f43c707b0 100644 --- a/tests/rsa_tests.rs +++ b/tests/rsa_tests.rs @@ -28,7 +28,7 @@ unused_qualifications, unused_results, variant_size_differences, - warnings, + warnings )] extern crate ring; @@ -39,7 +39,6 @@ use ring::{der, error, signature, test}; #[cfg(feature = "rsa_signing")] use ring::rand; - #[cfg(feature = "rsa_signing")] #[test] fn rsa_from_pkcs8_test() { @@ -51,8 +50,10 @@ fn rsa_from_pkcs8_test() { let error = test_case.consume_optional_string("Error"); - assert_eq!(signature::RSAKeyPair::from_pkcs8(input).is_ok(), - error.is_none()); + assert_eq!( + signature::RSAKeyPair::from_pkcs8(input).is_ok(), + error.is_none() + ); Ok(()) }); @@ -70,7 +71,7 @@ fn test_signature_rsa_pkcs1_sign() { "SHA256" => &signature::RSA_PKCS1_SHA256, "SHA384" => &signature::RSA_PKCS1_SHA384, "SHA512" => &signature::RSA_PKCS1_SHA512, - _ => { panic!("Unsupported digest: {}", digest_name) } + _ => panic!("Unsupported digest: {}", digest_name), }; let private_key = test_case.consume_bytes("Key"); @@ -89,11 +90,11 @@ fn test_signature_rsa_pkcs1_sign() { // XXX: This test is too slow on Android ARM Travis CI builds. // TODO: re-enable these tests on Android ARM. - let mut signing_state = - signature::RSASigningState::new(key_pair).unwrap(); - let mut actual = - vec![0u8; signing_state.key_pair().public_modulus_len()]; - signing_state.sign(alg, &rng, &msg, actual.as_mut_slice()).unwrap(); + let mut signing_state = signature::RSASigningState::new(key_pair).unwrap(); + let mut actual = vec![0u8; signing_state.key_pair().public_modulus_len()]; + signing_state + .sign(alg, &rng, &msg, actual.as_mut_slice()) + .unwrap(); assert_eq!(actual.as_slice() == &expected[..], result == "Pass"); Ok(()) }); @@ -110,7 +111,7 @@ fn test_signature_rsa_pss_sign() { "SHA256" => &signature::RSA_PSS_SHA256, "SHA384" => &signature::RSA_PSS_SHA384, "SHA512" => &signature::RSA_PSS_SHA512, - _ => { panic!("Unsupported digest: {}", digest_name) } + _ => panic!("Unsupported digest: {}", digest_name), }; let result = test_case.consume_string("Result"); @@ -128,10 +129,8 @@ fn test_signature_rsa_pss_sign() { let rng = test::rand::FixedSliceRandom { bytes: &salt }; - let mut signing_state = - signature::RSASigningState::new(key_pair).unwrap(); - let mut actual = - vec![0u8; signing_state.key_pair().public_modulus_len()]; + let mut signing_state = signature::RSASigningState::new(key_pair).unwrap(); + let mut actual = vec![0u8; signing_state.key_pair().public_modulus_len()]; signing_state.sign(alg, &rng, &msg, actual.as_mut_slice())?; assert_eq!(actual.as_slice() == &expected[..], result == "Pass"); Ok(()) @@ -148,7 +147,6 @@ fn test_rsa_key_pair_traits() { // TODO: Test that RSASigningState is NOT Sync. } - #[test] fn test_signature_rsa_pkcs1_verify() { test::from_file("tests/rsa_pkcs1_verify_tests.txt", |section, test_case| { @@ -160,7 +158,7 @@ fn test_signature_rsa_pkcs1_verify() { "SHA256" => &signature::RSA_PKCS1_2048_8192_SHA256, "SHA384" => &signature::RSA_PKCS1_2048_8192_SHA384, "SHA512" => &signature::RSA_PKCS1_2048_8192_SHA512, - _ => { panic!("Unsupported digest: {}", digest_name) } + _ => panic!("Unsupported digest: {}", digest_name), }; let public_key = test_case.consume_bytes("Key"); @@ -169,13 +167,18 @@ fn test_signature_rsa_pkcs1_verify() { // Sanity check that we correctly DER-encoded the originally- // provided separate (n, e) components. When we add test vectors // for improperly-encoded signatures, we'll have to revisit this. - assert!(public_key.read_all(error::Unspecified, |input| { - der::nested(input, der::Tag::Sequence, error::Unspecified, |input| { - let _ = der::positive_integer(input)?; - let _ = der::positive_integer(input)?; - Ok(()) - }) - }).is_ok()); + assert!(public_key + .read_all(error::Unspecified, |input| der::nested( + input, + der::Tag::Sequence, + error::Unspecified, + |input| { + let _ = der::positive_integer(input)?; + let _ = der::positive_integer(input)?; + Ok(()) + } + )) + .is_ok()); let msg = test_case.consume_bytes("Msg"); let msg = untrusted::Input::from(&msg); @@ -202,7 +205,7 @@ fn test_signature_rsa_pss_verify() { "SHA256" => &signature::RSA_PSS_2048_8192_SHA256, "SHA384" => &signature::RSA_PSS_2048_8192_SHA384, "SHA512" => &signature::RSA_PSS_2048_8192_SHA512, - _ => { panic!("Unsupported digest: {}", digest_name) } + _ => panic!("Unsupported digest: {}", digest_name), }; let public_key = test_case.consume_bytes("Key"); @@ -211,13 +214,18 @@ fn test_signature_rsa_pss_verify() { // Sanity check that we correctly DER-encoded the originally- // provided separate (n, e) components. When we add test vectors // for improperly-encoded signatures, we'll have to revisit this. - assert!(public_key.read_all(error::Unspecified, |input| { - der::nested(input, der::Tag::Sequence, error::Unspecified, |input| { - let _ = der::positive_integer(input)?; - let _ = der::positive_integer(input)?; - Ok(()) - }) - }).is_ok()); + assert!(public_key + .read_all(error::Unspecified, |input| der::nested( + input, + der::Tag::Sequence, + error::Unspecified, + |input| { + let _ = der::positive_integer(input)?; + let _ = der::positive_integer(input)?; + Ok(()) + } + )) + .is_ok()); let msg = test_case.consume_bytes("Msg"); let msg = untrusted::Input::from(&msg); @@ -238,19 +246,23 @@ fn test_signature_rsa_pss_verify() { // and use them to verify a signature. #[test] fn test_signature_rsa_primitive_verification() { - test::from_file("tests/rsa_primitive_verify_tests.txt", - |section, test_case| { - assert_eq!(section, ""); - let n = test_case.consume_bytes("n"); - let e = test_case.consume_bytes("e"); - let msg = test_case.consume_bytes("Msg"); - let sig = test_case.consume_bytes("Sig"); - let expected = test_case.consume_string("Result"); - let result = signature::primitive::verify_rsa( - &signature::RSA_PKCS1_2048_8192_SHA256, - (untrusted::Input::from(&n), untrusted::Input::from(&e)), - untrusted::Input::from(&msg), untrusted::Input::from(&sig)); - assert_eq!(result.is_ok(), expected == "Pass"); - Ok(()) - }) + test::from_file( + "tests/rsa_primitive_verify_tests.txt", + |section, test_case| { + assert_eq!(section, ""); + let n = test_case.consume_bytes("n"); + let e = test_case.consume_bytes("e"); + let msg = test_case.consume_bytes("Msg"); + let sig = test_case.consume_bytes("Sig"); + let expected = test_case.consume_string("Result"); + let result = signature::primitive::verify_rsa( + &signature::RSA_PKCS1_2048_8192_SHA256, + (untrusted::Input::from(&n), untrusted::Input::from(&e)), + untrusted::Input::from(&msg), + untrusted::Input::from(&sig), + ); + assert_eq!(result.is_ok(), expected == "Pass"); + Ok(()) + }, + ) } diff --git a/tests/signature_tests.rs b/tests/signature_tests.rs index 5cb272b3d..a5b114494 100644 --- a/tests/signature_tests.rs +++ b/tests/signature_tests.rs @@ -1,7 +1,6 @@ extern crate ring; -use ring::signature; -use ring::test; +use ring::{signature, test}; #[test] fn signature_impl_test() {