Reformat tests/, except AEAD tests.
AEAD tests will be reformatted later.
This commit is contained in:
Brian Smith
parent
730a46f665
commit
6e98bf0568
@ -28,7 +28,7 @@
|
|||||||
unused_qualifications,
|
unused_qualifications,
|
||||||
unused_results,
|
unused_results,
|
||||||
variant_size_differences,
|
variant_size_differences,
|
||||||
warnings,
|
warnings
|
||||||
)]
|
)]
|
||||||
|
|
||||||
extern crate ring;
|
extern crate ring;
|
||||||
@ -52,38 +52,48 @@ fn agreement_agree_ephemeral() {
|
|||||||
None => {
|
None => {
|
||||||
let my_private = test_case.consume_bytes("D");
|
let my_private = test_case.consume_bytes("D");
|
||||||
let rng = test::rand::FixedSliceRandom { bytes: &my_private };
|
let rng = test::rand::FixedSliceRandom { bytes: &my_private };
|
||||||
let my_private =
|
let my_private = agreement::EphemeralPrivateKey::generate(alg, &rng)?;
|
||||||
agreement::EphemeralPrivateKey::generate(alg, &rng)?;
|
|
||||||
|
|
||||||
let my_public = test_case.consume_bytes("MyQ");
|
let my_public = test_case.consume_bytes("MyQ");
|
||||||
let output = test_case.consume_bytes("Output");
|
let output = test_case.consume_bytes("Output");
|
||||||
|
|
||||||
let mut computed_public = [0u8; agreement::PUBLIC_KEY_MAX_LEN];
|
let mut computed_public = [0u8; agreement::PUBLIC_KEY_MAX_LEN];
|
||||||
let computed_public =
|
let computed_public = &mut computed_public[..my_private.public_key_len()];
|
||||||
&mut computed_public[..my_private.public_key_len()];
|
|
||||||
assert!(my_private.compute_public_key(computed_public).is_ok());
|
assert!(my_private.compute_public_key(computed_public).is_ok());
|
||||||
assert_eq!(computed_public, &my_public[..]);
|
assert_eq!(computed_public, &my_public[..]);
|
||||||
|
|
||||||
assert!(agreement::agree_ephemeral(my_private, alg, peer_public,
|
assert!(agreement::agree_ephemeral(
|
||||||
(), |key_material| {
|
my_private,
|
||||||
assert_eq!(key_material, &output[..]);
|
alg,
|
||||||
Ok(())
|
peer_public,
|
||||||
}).is_ok());
|
(),
|
||||||
|
|key_material| {
|
||||||
|
assert_eq!(key_material, &output[..]);
|
||||||
|
Ok(())
|
||||||
|
}
|
||||||
|
)
|
||||||
|
.is_ok());
|
||||||
},
|
},
|
||||||
|
|
||||||
Some(_) => {
|
Some(_) => {
|
||||||
// In the no-heap mode, some algorithms aren't supported so
|
// In the no-heap mode, some algorithms aren't supported so
|
||||||
// we have to skip those algorithms' test cases.
|
// we have to skip those algorithms' test cases.
|
||||||
let dummy_private_key =
|
let dummy_private_key = agreement::EphemeralPrivateKey::generate(alg, &rng)?;
|
||||||
agreement::EphemeralPrivateKey::generate(alg, &rng)?;
|
|
||||||
fn kdf_not_called(_: &[u8]) -> Result<(), ()> {
|
fn kdf_not_called(_: &[u8]) -> Result<(), ()> {
|
||||||
panic!("The KDF was called during ECDH when the peer's \
|
panic!(
|
||||||
public key is invalid.");
|
"The KDF was called during ECDH when the peer's \
|
||||||
|
public key is invalid."
|
||||||
|
);
|
||||||
}
|
}
|
||||||
assert!(agreement::agree_ephemeral(dummy_private_key, alg,
|
assert!(agreement::agree_ephemeral(
|
||||||
peer_public, (),
|
dummy_private_key,
|
||||||
kdf_not_called).is_err());
|
alg,
|
||||||
}
|
peer_public,
|
||||||
|
(),
|
||||||
|
kdf_not_called
|
||||||
|
)
|
||||||
|
.is_err());
|
||||||
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
return Ok(());
|
return Ok(());
|
||||||
@ -92,13 +102,12 @@ fn agreement_agree_ephemeral() {
|
|||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_agreement_ecdh_x25519_rfc_iterated() {
|
fn test_agreement_ecdh_x25519_rfc_iterated() {
|
||||||
let mut k =
|
let mut k = h("0900000000000000000000000000000000000000000000000000000000000000");
|
||||||
h("0900000000000000000000000000000000000000000000000000000000000000");
|
|
||||||
let mut u = k.clone();
|
let mut u = k.clone();
|
||||||
|
|
||||||
fn expect_iterated_x25519(expected_result: &str,
|
fn expect_iterated_x25519(
|
||||||
range: std::ops::Range<usize>, k: &mut Vec<u8>,
|
expected_result: &str, range: std::ops::Range<usize>, k: &mut Vec<u8>, u: &mut Vec<u8>,
|
||||||
u: &mut Vec<u8>) {
|
) {
|
||||||
for _ in range {
|
for _ in range {
|
||||||
let new_k = x25519(k, u);
|
let new_k = x25519(k, u);
|
||||||
*u = k.clone();
|
*u = k.clone();
|
||||||
@ -109,22 +118,34 @@ fn test_agreement_ecdh_x25519_rfc_iterated() {
|
|||||||
|
|
||||||
expect_iterated_x25519(
|
expect_iterated_x25519(
|
||||||
"422c8e7a6227d7bca1350b3e2bb7279f7897b87bb6854b783c60e80311ae3079",
|
"422c8e7a6227d7bca1350b3e2bb7279f7897b87bb6854b783c60e80311ae3079",
|
||||||
0..1, &mut k, &mut u);
|
0..1,
|
||||||
|
&mut k,
|
||||||
|
&mut u,
|
||||||
|
);
|
||||||
expect_iterated_x25519(
|
expect_iterated_x25519(
|
||||||
"684cf59ba83309552800ef566f2f4d3c1c3887c49360e3875f2eb94d99532c51",
|
"684cf59ba83309552800ef566f2f4d3c1c3887c49360e3875f2eb94d99532c51",
|
||||||
1..1_000, &mut k, &mut u);
|
1..1_000,
|
||||||
|
&mut k,
|
||||||
|
&mut u,
|
||||||
|
);
|
||||||
|
|
||||||
// The spec gives a test vector for 1,000,000 iterations but it takes
|
// The spec gives a test vector for 1,000,000 iterations but it takes
|
||||||
// too long to do 1,000,000 iterations by default right now. This
|
// too long to do 1,000,000 iterations by default right now. This
|
||||||
// 10,000 iteration vector is self-computed.
|
// 10,000 iteration vector is self-computed.
|
||||||
expect_iterated_x25519(
|
expect_iterated_x25519(
|
||||||
"2c125a20f639d504a7703d2e223c79a79de48c4ee8c23379aa19a62ecd211815",
|
"2c125a20f639d504a7703d2e223c79a79de48c4ee8c23379aa19a62ecd211815",
|
||||||
1_000..10_000, &mut k, &mut u);
|
1_000..10_000,
|
||||||
|
&mut k,
|
||||||
|
&mut u,
|
||||||
|
);
|
||||||
|
|
||||||
if cfg!(feature = "slow_tests") {
|
if cfg!(feature = "slow_tests") {
|
||||||
expect_iterated_x25519(
|
expect_iterated_x25519(
|
||||||
"7c3911e0ab2586fd864497297e575e6f3bc601c0883c30df5f4dd2d24f665424",
|
"7c3911e0ab2586fd864497297e575e6f3bc601c0883c30df5f4dd2d24f665424",
|
||||||
10_000..1_000_000, &mut k, &mut u);
|
10_000..1_000_000,
|
||||||
|
&mut k,
|
||||||
|
&mut u,
|
||||||
|
);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -132,16 +153,17 @@ fn x25519(private_key: &[u8], public_key: &[u8]) -> Vec<u8> {
|
|||||||
x25519_(private_key, public_key).unwrap()
|
x25519_(private_key, public_key).unwrap()
|
||||||
}
|
}
|
||||||
|
|
||||||
fn x25519_(private_key: &[u8], public_key: &[u8])
|
fn x25519_(private_key: &[u8], public_key: &[u8]) -> Result<Vec<u8>, error::Unspecified> {
|
||||||
-> Result<Vec<u8>, error::Unspecified> {
|
|
||||||
let rng = test::rand::FixedSliceRandom { bytes: private_key };
|
let rng = test::rand::FixedSliceRandom { bytes: private_key };
|
||||||
let private_key =
|
let private_key = agreement::EphemeralPrivateKey::generate(&agreement::X25519, &rng)?;
|
||||||
agreement::EphemeralPrivateKey::generate(&agreement::X25519, &rng)?;
|
|
||||||
let public_key = untrusted::Input::from(public_key);
|
let public_key = untrusted::Input::from(public_key);
|
||||||
agreement::agree_ephemeral(private_key, &agreement::X25519, public_key,
|
agreement::agree_ephemeral(
|
||||||
error::Unspecified, |agreed_value| {
|
private_key,
|
||||||
Ok(Vec::from(agreed_value))
|
&agreement::X25519,
|
||||||
})
|
public_key,
|
||||||
|
error::Unspecified,
|
||||||
|
|agreed_value| Ok(Vec::from(agreed_value)),
|
||||||
|
)
|
||||||
}
|
}
|
||||||
|
|
||||||
fn h(s: &str) -> Vec<u8> {
|
fn h(s: &str) -> Vec<u8> {
|
||||||
|
|||||||
@ -28,13 +28,13 @@
|
|||||||
unused_qualifications,
|
unused_qualifications,
|
||||||
unused_results,
|
unused_results,
|
||||||
variant_size_differences,
|
variant_size_differences,
|
||||||
warnings,
|
warnings
|
||||||
)]
|
)]
|
||||||
|
|
||||||
extern crate ring;
|
extern crate ring;
|
||||||
|
|
||||||
use std::vec::Vec;
|
|
||||||
use ring::{digest, test};
|
use ring::{digest, test};
|
||||||
|
use std::vec::Vec;
|
||||||
|
|
||||||
/// Test vectors from BoringSSL, Go, and other sources.
|
/// Test vectors from BoringSSL, Go, and other sources.
|
||||||
#[test]
|
#[test]
|
||||||
@ -63,8 +63,8 @@ fn digest_misc() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
mod digest_shavs {
|
mod digest_shavs {
|
||||||
use std::vec::Vec;
|
|
||||||
use ring::{digest, test};
|
use ring::{digest, test};
|
||||||
|
use std::vec::Vec;
|
||||||
|
|
||||||
macro_rules! shavs_tests {
|
macro_rules! shavs_tests {
|
||||||
( $algorithm_name:ident ) => {
|
( $algorithm_name:ident ) => {
|
||||||
@ -77,31 +77,39 @@ mod digest_shavs {
|
|||||||
fn short_msg_known_answer_test() {
|
fn short_msg_known_answer_test() {
|
||||||
run_known_answer_test(
|
run_known_answer_test(
|
||||||
&digest::$algorithm_name,
|
&digest::$algorithm_name,
|
||||||
&format!("third_party/NIST/SHAVS/{}ShortMsg.rsp",
|
&format!(
|
||||||
stringify!($algorithm_name)));
|
"third_party/NIST/SHAVS/{}ShortMsg.rsp",
|
||||||
|
stringify!($algorithm_name)
|
||||||
|
),
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn long_msg_known_answer_test() {
|
fn long_msg_known_answer_test() {
|
||||||
run_known_answer_test(
|
run_known_answer_test(
|
||||||
&digest::$algorithm_name,
|
&digest::$algorithm_name,
|
||||||
&format!("third_party/NIST/SHAVS/{}LongMsg.rsp",
|
&format!(
|
||||||
stringify!($algorithm_name)));
|
"third_party/NIST/SHAVS/{}LongMsg.rsp",
|
||||||
|
stringify!($algorithm_name)
|
||||||
|
),
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn monte_carlo_test() {
|
fn monte_carlo_test() {
|
||||||
run_monte_carlo_test(
|
run_monte_carlo_test(
|
||||||
&digest::$algorithm_name,
|
&digest::$algorithm_name,
|
||||||
&format!("third_party/NIST/SHAVS/{}Monte.rsp",
|
&format!(
|
||||||
stringify!($algorithm_name)));
|
"third_party/NIST/SHAVS/{}Monte.rsp",
|
||||||
|
stringify!($algorithm_name)
|
||||||
|
),
|
||||||
|
);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
fn run_known_answer_test(digest_alg: &'static digest::Algorithm,
|
fn run_known_answer_test(digest_alg: &'static digest::Algorithm, file_name: &str) {
|
||||||
file_name: &str) {
|
|
||||||
let section_name = &format!("L = {}", digest_alg.output_len);
|
let section_name = &format!("L = {}", digest_alg.output_len);
|
||||||
test::from_file(file_name, |section, test_case| {
|
test::from_file(file_name, |section, test_case| {
|
||||||
assert_eq!(section_name, section);
|
assert_eq!(section_name, section);
|
||||||
@ -124,8 +132,7 @@ mod digest_shavs {
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
fn run_monte_carlo_test(digest_alg: &'static digest::Algorithm,
|
fn run_monte_carlo_test(digest_alg: &'static digest::Algorithm, file_name: &str) {
|
||||||
file_name: &str) {
|
|
||||||
let section_name = &format!("L = {}", digest_alg.output_len);
|
let section_name = &format!("L = {}", digest_alg.output_len);
|
||||||
|
|
||||||
let mut expected_count: isize = -1;
|
let mut expected_count: isize = -1;
|
||||||
@ -196,8 +203,8 @@ macro_rules! test_i_u_f {
|
|||||||
for j in 0..max {
|
for j in 0..max {
|
||||||
for k in 0..max {
|
for k in 0..max {
|
||||||
let part1 = &input[..i];
|
let part1 = &input[..i];
|
||||||
let part2 = &input[i..(i+j)];
|
let part2 = &input[i..(i + j)];
|
||||||
let part3 = &input[(i+j)..(i+j+k)];
|
let part3 = &input[(i + j)..(i + j + k)];
|
||||||
|
|
||||||
let mut ctx = digest::Context::new(&$alg);
|
let mut ctx = digest::Context::new(&$alg);
|
||||||
ctx.update(part1);
|
ctx.update(part1);
|
||||||
@ -205,15 +212,14 @@ macro_rules! test_i_u_f {
|
|||||||
ctx.update(part3);
|
ctx.update(part3);
|
||||||
let i_u_f = ctx.finish();
|
let i_u_f = ctx.finish();
|
||||||
|
|
||||||
let one_shot =
|
let one_shot = digest::digest(&$alg, &input[..(i + j + k)]);
|
||||||
digest::digest(&$alg, &input[..(i + j + k)]);
|
|
||||||
|
|
||||||
assert_eq!(i_u_f.as_ref(), one_shot.as_ref());
|
assert_eq!(i_u_f.as_ref(), one_shot.as_ref());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
};
|
||||||
}
|
}
|
||||||
test_i_u_f!(digest_test_i_u_f_sha1, digest::SHA1);
|
test_i_u_f!(digest_test_i_u_f_sha1, digest::SHA1);
|
||||||
test_i_u_f!(digest_test_i_u_f_sha256, digest::SHA256);
|
test_i_u_f!(digest_test_i_u_f_sha256, digest::SHA256);
|
||||||
@ -262,41 +268,54 @@ macro_rules! test_large_digest {
|
|||||||
let expected: [u8; $len] = $expected;
|
let expected: [u8; $len] = $expected;
|
||||||
assert_eq!(&expected[..], calculated.as_ref());
|
assert_eq!(&expected[..], calculated.as_ref());
|
||||||
}
|
}
|
||||||
}
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
/// XXX: This test is too slow on Android ARM.
|
/// XXX: This test is too slow on Android ARM.
|
||||||
#[cfg(any(not(target_os = "android"), not(target_arch = "arm")))]
|
#[cfg(any(not(target_os = "android"), not(target_arch = "arm")))]
|
||||||
test_large_digest!(digest_test_large_digest_sha1, digest::SHA1, 160 / 8, [
|
test_large_digest!(
|
||||||
0xCA, 0xC3, 0x4C, 0x31, 0x90, 0x5B, 0xDE, 0x3B,
|
digest_test_large_digest_sha1,
|
||||||
0xE4, 0x0D, 0x46, 0x6D, 0x70, 0x76, 0xAD, 0x65,
|
digest::SHA1,
|
||||||
0x3C, 0x20, 0xE4, 0xBD
|
160 / 8,
|
||||||
]);
|
[
|
||||||
|
0xCA, 0xC3, 0x4C, 0x31, 0x90, 0x5B, 0xDE, 0x3B, 0xE4, 0x0D, 0x46, 0x6D, 0x70, 0x76, 0xAD,
|
||||||
|
0x65, 0x3C, 0x20, 0xE4, 0xBD
|
||||||
|
]
|
||||||
|
);
|
||||||
|
|
||||||
test_large_digest!(digest_test_large_digest_sha256, digest::SHA256, 256 / 8, [
|
test_large_digest!(
|
||||||
0x8D, 0xD1, 0x6D, 0xD8, 0xB2, 0x5A, 0x29, 0xCB,
|
digest_test_large_digest_sha256,
|
||||||
0x7F, 0xB9, 0xAE, 0x86, 0x72, 0xE9, 0xCE, 0xD6,
|
digest::SHA256,
|
||||||
0x65, 0x4C, 0xB6, 0xC3, 0x5C, 0x58, 0x21, 0xA7,
|
256 / 8,
|
||||||
0x07, 0x97, 0xC5, 0xDD, 0xAE, 0x5C, 0x68, 0xBD
|
[
|
||||||
]);
|
0x8D, 0xD1, 0x6D, 0xD8, 0xB2, 0x5A, 0x29, 0xCB, 0x7F, 0xB9, 0xAE, 0x86, 0x72, 0xE9, 0xCE,
|
||||||
test_large_digest!(digest_test_large_digest_sha384, digest::SHA384, 384 / 8, [
|
0xD6, 0x65, 0x4C, 0xB6, 0xC3, 0x5C, 0x58, 0x21, 0xA7, 0x07, 0x97, 0xC5, 0xDD, 0xAE, 0x5C,
|
||||||
0x3D, 0xFE, 0xC1, 0xA9, 0xD0, 0x9F, 0x08, 0xD5,
|
0x68, 0xBD
|
||||||
0xBB, 0xE8, 0x7C, 0x9E, 0xE0, 0x0A, 0x87, 0x0E,
|
]
|
||||||
0xB0, 0xEA, 0x8E, 0xEA, 0xDB, 0x82, 0x36, 0xAE,
|
);
|
||||||
0x74, 0xCF, 0x9F, 0xDC, 0x86, 0x1C, 0xE3, 0xE9,
|
test_large_digest!(
|
||||||
0xB0, 0x68, 0xCD, 0x19, 0x3E, 0x39, 0x90, 0x02,
|
digest_test_large_digest_sha384,
|
||||||
0xE1, 0x58, 0x5D, 0x66, 0xC4, 0x55, 0x11, 0x9B
|
digest::SHA384,
|
||||||
]);
|
384 / 8,
|
||||||
test_large_digest!(digest_test_large_digest_sha512, digest::SHA512, 512 / 8, [
|
[
|
||||||
0xFC, 0x8A, 0x98, 0x20, 0xFC, 0x82, 0xD8, 0x55,
|
0x3D, 0xFE, 0xC1, 0xA9, 0xD0, 0x9F, 0x08, 0xD5, 0xBB, 0xE8, 0x7C, 0x9E, 0xE0, 0x0A, 0x87,
|
||||||
0xF8, 0xFF, 0x2F, 0x6E, 0xAE, 0x41, 0x60, 0x04,
|
0x0E, 0xB0, 0xEA, 0x8E, 0xEA, 0xDB, 0x82, 0x36, 0xAE, 0x74, 0xCF, 0x9F, 0xDC, 0x86, 0x1C,
|
||||||
0x08, 0xE9, 0x49, 0xD7, 0xCD, 0x1A, 0xED, 0x22,
|
0xE3, 0xE9, 0xB0, 0x68, 0xCD, 0x19, 0x3E, 0x39, 0x90, 0x02, 0xE1, 0x58, 0x5D, 0x66, 0xC4,
|
||||||
0xEB, 0x55, 0xE1, 0xFD, 0x80, 0x50, 0x3B, 0x01,
|
0x55, 0x11, 0x9B
|
||||||
0x2F, 0xC6, 0xF4, 0x33, 0x86, 0xFB, 0x60, 0x75,
|
]
|
||||||
0x2D, 0xA5, 0xA9, 0x93, 0xE7, 0x00, 0x45, 0xA8,
|
);
|
||||||
0x49, 0x1A, 0x6B, 0xEC, 0x9C, 0x98, 0xC8, 0x19,
|
test_large_digest!(
|
||||||
0xA6, 0xA9, 0x88, 0x3E, 0x2F, 0x09, 0xB9, 0x9A
|
digest_test_large_digest_sha512,
|
||||||
]);
|
digest::SHA512,
|
||||||
|
512 / 8,
|
||||||
|
[
|
||||||
|
0xFC, 0x8A, 0x98, 0x20, 0xFC, 0x82, 0xD8, 0x55, 0xF8, 0xFF, 0x2F, 0x6E, 0xAE, 0x41, 0x60,
|
||||||
|
0x04, 0x08, 0xE9, 0x49, 0xD7, 0xCD, 0x1A, 0xED, 0x22, 0xEB, 0x55, 0xE1, 0xFD, 0x80, 0x50,
|
||||||
|
0x3B, 0x01, 0x2F, 0xC6, 0xF4, 0x33, 0x86, 0xFB, 0x60, 0x75, 0x2D, 0xA5, 0xA9, 0x93, 0xE7,
|
||||||
|
0x00, 0x45, 0xA8, 0x49, 0x1A, 0x6B, 0xEC, 0x9C, 0x98, 0xC8, 0x19, 0xA6, 0xA9, 0x88, 0x3E,
|
||||||
|
0x2F, 0x09, 0xB9, 0x9A
|
||||||
|
]
|
||||||
|
);
|
||||||
|
|
||||||
// TODO: test_large_digest!(digest_test_large_digest_sha512_256,
|
// TODO: test_large_digest!(digest_test_large_digest_sha512_256,
|
||||||
// digest::SHA512_256, 256 / 8, [ ... ]);
|
// digest::SHA512_256, 256 / 8, [ ... ]);
|
||||||
@ -312,26 +331,31 @@ fn test_fmt_algorithm() {
|
|||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn digest_test_fmt() {
|
fn digest_test_fmt() {
|
||||||
assert_eq!("SHA1:b7e23ec29af22b0b4e41da31e868d57226121c84",
|
assert_eq!(
|
||||||
&format!("{:?}",
|
"SHA1:b7e23ec29af22b0b4e41da31e868d57226121c84",
|
||||||
digest::digest(&digest::SHA1, b"hello, world")));
|
&format!("{:?}", digest::digest(&digest::SHA1, b"hello, world"))
|
||||||
assert_eq!("SHA256:09ca7e4eaa6e8ae9c7d261167129184883644d\
|
);
|
||||||
07dfba7cbfbc4c8a2e08360d5b",
|
assert_eq!(
|
||||||
&format!("{:?}",
|
"SHA256:09ca7e4eaa6e8ae9c7d261167129184883644d\
|
||||||
digest::digest(&digest::SHA256, b"hello, world")));
|
07dfba7cbfbc4c8a2e08360d5b",
|
||||||
assert_eq!("SHA384:1fcdb6059ce05172a26bbe2a3ccc88ed5a8cd5\
|
&format!("{:?}", digest::digest(&digest::SHA256, b"hello, world"))
|
||||||
fc53edfd9053304d429296a6da23b1cd9e5c9ed3bb34f0\
|
);
|
||||||
0418a70cdb7e",
|
assert_eq!(
|
||||||
&format!("{:?}",
|
"SHA384:1fcdb6059ce05172a26bbe2a3ccc88ed5a8cd5\
|
||||||
digest::digest(&digest::SHA384, b"hello, world")));
|
fc53edfd9053304d429296a6da23b1cd9e5c9ed3bb34f0\
|
||||||
assert_eq!("SHA512:8710339dcb6814d0d9d2290ef422285c9322b7\
|
0418a70cdb7e",
|
||||||
163951f9a0ca8f883d3305286f44139aa374848e4174f5\
|
&format!("{:?}", digest::digest(&digest::SHA384, b"hello, world"))
|
||||||
aada663027e4548637b6d19894aec4fb6c46a139fbf9",
|
);
|
||||||
&format!("{:?}",
|
assert_eq!(
|
||||||
digest::digest(&digest::SHA512, b"hello, world")));
|
"SHA512:8710339dcb6814d0d9d2290ef422285c9322b7\
|
||||||
|
163951f9a0ca8f883d3305286f44139aa374848e4174f5\
|
||||||
|
aada663027e4548637b6d19894aec4fb6c46a139fbf9",
|
||||||
|
&format!("{:?}", digest::digest(&digest::SHA512, b"hello, world"))
|
||||||
|
);
|
||||||
|
|
||||||
assert_eq!("SHA512_256:11f2c88c04f0a9c3d0970894ad2472505e\
|
assert_eq!(
|
||||||
0bc6e8c7ec46b5211cd1fa3e253e62",
|
"SHA512_256:11f2c88c04f0a9c3d0970894ad2472505e\
|
||||||
&format!("{:?}",
|
0bc6e8c7ec46b5211cd1fa3e253e62",
|
||||||
digest::digest(&digest::SHA512_256, b"hello, world")));
|
&format!("{:?}", digest::digest(&digest::SHA512_256, b"hello, world"))
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|||||||
@ -28,7 +28,7 @@
|
|||||||
unused_qualifications,
|
unused_qualifications,
|
||||||
unused_results,
|
unused_results,
|
||||||
variant_size_differences,
|
variant_size_differences,
|
||||||
warnings,
|
warnings
|
||||||
)]
|
)]
|
||||||
|
|
||||||
extern crate ring;
|
extern crate ring;
|
||||||
@ -44,18 +44,29 @@ fn ecdsa_from_pkcs8_test() {
|
|||||||
assert_eq!(section, "");
|
assert_eq!(section, "");
|
||||||
|
|
||||||
let curve_name = test_case.consume_string("Curve");
|
let curve_name = test_case.consume_string("Curve");
|
||||||
let ((this_fixed, this_asn1), (other_fixed, other_asn1)) =
|
let ((this_fixed, this_asn1), (other_fixed, other_asn1)) = match curve_name.as_str() {
|
||||||
match curve_name.as_str() {
|
"P-256" => (
|
||||||
"P-256" => ((&signature::ECDSA_P256_SHA256_FIXED_SIGNING,
|
(
|
||||||
&signature::ECDSA_P256_SHA256_ASN1_SIGNING),
|
&signature::ECDSA_P256_SHA256_FIXED_SIGNING,
|
||||||
(&signature::ECDSA_P384_SHA384_FIXED_SIGNING,
|
&signature::ECDSA_P256_SHA256_ASN1_SIGNING,
|
||||||
&signature::ECDSA_P384_SHA384_ASN1_SIGNING)),
|
),
|
||||||
"P-384" => ((&signature::ECDSA_P384_SHA384_FIXED_SIGNING,
|
(
|
||||||
&signature::ECDSA_P384_SHA384_ASN1_SIGNING),
|
&signature::ECDSA_P384_SHA384_FIXED_SIGNING,
|
||||||
(&signature::ECDSA_P256_SHA256_FIXED_SIGNING,
|
&signature::ECDSA_P384_SHA384_ASN1_SIGNING,
|
||||||
&signature::ECDSA_P256_SHA256_ASN1_SIGNING)),
|
),
|
||||||
_ => unreachable!(),
|
),
|
||||||
};
|
"P-384" => (
|
||||||
|
(
|
||||||
|
&signature::ECDSA_P384_SHA384_FIXED_SIGNING,
|
||||||
|
&signature::ECDSA_P384_SHA384_ASN1_SIGNING,
|
||||||
|
),
|
||||||
|
(
|
||||||
|
&signature::ECDSA_P256_SHA256_FIXED_SIGNING,
|
||||||
|
&signature::ECDSA_P256_SHA256_ASN1_SIGNING,
|
||||||
|
),
|
||||||
|
),
|
||||||
|
_ => unreachable!(),
|
||||||
|
};
|
||||||
|
|
||||||
let input = test_case.consume_bytes("Input");
|
let input = test_case.consume_bytes("Input");
|
||||||
let input = untrusted::Input::from(&input);
|
let input = untrusted::Input::from(&input);
|
||||||
@ -64,14 +75,14 @@ fn ecdsa_from_pkcs8_test() {
|
|||||||
|
|
||||||
assert_eq!(
|
assert_eq!(
|
||||||
signature::key_pair_from_pkcs8(this_fixed, input).is_ok(),
|
signature::key_pair_from_pkcs8(this_fixed, input).is_ok(),
|
||||||
error.is_none());
|
error.is_none()
|
||||||
|
);
|
||||||
assert_eq!(
|
assert_eq!(
|
||||||
signature::key_pair_from_pkcs8(this_asn1, input).is_ok(),
|
signature::key_pair_from_pkcs8(this_asn1, input).is_ok(),
|
||||||
error.is_none());
|
error.is_none()
|
||||||
assert!(
|
);
|
||||||
signature::key_pair_from_pkcs8(other_fixed, input).is_err());
|
assert!(signature::key_pair_from_pkcs8(other_fixed, input).is_err());
|
||||||
assert!(
|
assert!(signature::key_pair_from_pkcs8(other_asn1, input).is_err());
|
||||||
signature::key_pair_from_pkcs8(other_asn1, input).is_err());
|
|
||||||
|
|
||||||
Ok(())
|
Ok(())
|
||||||
});
|
});
|
||||||
@ -82,10 +93,12 @@ fn ecdsa_from_pkcs8_test() {
|
|||||||
fn ecdsa_generate_pkcs8_test() {
|
fn ecdsa_generate_pkcs8_test() {
|
||||||
let rng = rand::SystemRandom::new();
|
let rng = rand::SystemRandom::new();
|
||||||
|
|
||||||
for alg in &[&signature::ECDSA_P256_SHA256_ASN1_SIGNING,
|
for alg in &[
|
||||||
&signature::ECDSA_P256_SHA256_FIXED_SIGNING,
|
&signature::ECDSA_P256_SHA256_ASN1_SIGNING,
|
||||||
&signature::ECDSA_P384_SHA384_ASN1_SIGNING,
|
&signature::ECDSA_P256_SHA256_FIXED_SIGNING,
|
||||||
&signature::ECDSA_P384_SHA384_FIXED_SIGNING] {
|
&signature::ECDSA_P384_SHA384_ASN1_SIGNING,
|
||||||
|
&signature::ECDSA_P384_SHA384_FIXED_SIGNING,
|
||||||
|
] {
|
||||||
let pkcs8 = signature::ECDSAKeyPair::generate_pkcs8(alg, &rng).unwrap();
|
let pkcs8 = signature::ECDSAKeyPair::generate_pkcs8(alg, &rng).unwrap();
|
||||||
println!();
|
println!();
|
||||||
for b in pkcs8.as_ref() {
|
for b in pkcs8.as_ref() {
|
||||||
@ -93,8 +106,8 @@ fn ecdsa_generate_pkcs8_test() {
|
|||||||
}
|
}
|
||||||
println!();
|
println!();
|
||||||
println!();
|
println!();
|
||||||
let _ = signature::key_pair_from_pkcs8(
|
let _ =
|
||||||
*alg, untrusted::Input::from(pkcs8.as_ref())).unwrap();
|
signature::key_pair_from_pkcs8(*alg, untrusted::Input::from(pkcs8.as_ref())).unwrap();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -123,9 +136,8 @@ fn signature_ecdsa_verify_asn1_test() {
|
|||||||
("P-384", "SHA256") => &signature::ECDSA_P384_SHA256_ASN1,
|
("P-384", "SHA256") => &signature::ECDSA_P384_SHA256_ASN1,
|
||||||
("P-384", "SHA384") => &signature::ECDSA_P384_SHA384_ASN1,
|
("P-384", "SHA384") => &signature::ECDSA_P384_SHA384_ASN1,
|
||||||
_ => {
|
_ => {
|
||||||
panic!("Unsupported curve+digest: {}+{}", curve_name,
|
panic!("Unsupported curve+digest: {}+{}", curve_name, digest_name);
|
||||||
digest_name);
|
},
|
||||||
}
|
|
||||||
};
|
};
|
||||||
|
|
||||||
let actual_result = signature::verify(alg, public_key, msg, sig);
|
let actual_result = signature::verify(alg, public_key, msg, sig);
|
||||||
@ -137,35 +149,37 @@ fn signature_ecdsa_verify_asn1_test() {
|
|||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn signature_ecdsa_verify_fixed_test() {
|
fn signature_ecdsa_verify_fixed_test() {
|
||||||
test::from_file("tests/ecdsa_verify_fixed_tests.txt", |section, test_case| {
|
test::from_file(
|
||||||
assert_eq!(section, "");
|
"tests/ecdsa_verify_fixed_tests.txt",
|
||||||
|
|section, test_case| {
|
||||||
|
assert_eq!(section, "");
|
||||||
|
|
||||||
let curve_name = test_case.consume_string("Curve");
|
let curve_name = test_case.consume_string("Curve");
|
||||||
let digest_name = test_case.consume_string("Digest");
|
let digest_name = test_case.consume_string("Digest");
|
||||||
|
|
||||||
let msg = test_case.consume_bytes("Msg");
|
let msg = test_case.consume_bytes("Msg");
|
||||||
let msg = untrusted::Input::from(&msg);
|
let msg = untrusted::Input::from(&msg);
|
||||||
|
|
||||||
let public_key = test_case.consume_bytes("Q");
|
let public_key = test_case.consume_bytes("Q");
|
||||||
let public_key = untrusted::Input::from(&public_key);
|
let public_key = untrusted::Input::from(&public_key);
|
||||||
|
|
||||||
let sig = test_case.consume_bytes("Sig");
|
let sig = test_case.consume_bytes("Sig");
|
||||||
let sig = untrusted::Input::from(&sig);
|
let sig = untrusted::Input::from(&sig);
|
||||||
|
|
||||||
let expected_result = test_case.consume_string("Result");
|
let expected_result = test_case.consume_string("Result");
|
||||||
|
|
||||||
let alg = match (curve_name.as_str(), digest_name.as_str()) {
|
let alg = match (curve_name.as_str(), digest_name.as_str()) {
|
||||||
("P-256", "SHA256") => &signature::ECDSA_P256_SHA256_FIXED,
|
("P-256", "SHA256") => &signature::ECDSA_P256_SHA256_FIXED,
|
||||||
("P-384", "SHA384") => &signature::ECDSA_P384_SHA384_FIXED,
|
("P-384", "SHA384") => &signature::ECDSA_P384_SHA384_FIXED,
|
||||||
_ => {
|
_ => {
|
||||||
panic!("Unsupported curve+digest: {}+{}", curve_name,
|
panic!("Unsupported curve+digest: {}+{}", curve_name, digest_name);
|
||||||
digest_name);
|
},
|
||||||
}
|
};
|
||||||
};
|
|
||||||
|
|
||||||
let actual_result = signature::verify(alg, public_key, msg, sig);
|
let actual_result = signature::verify(alg, public_key, msg, sig);
|
||||||
assert_eq!(actual_result.is_ok(), expected_result == "P (0 )");
|
assert_eq!(actual_result.is_ok(), expected_result == "P (0 )");
|
||||||
|
|
||||||
Ok(())
|
Ok(())
|
||||||
});
|
},
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|||||||
@ -28,7 +28,7 @@
|
|||||||
unused_qualifications,
|
unused_qualifications,
|
||||||
unused_results,
|
unused_results,
|
||||||
variant_size_differences,
|
variant_size_differences,
|
||||||
warnings,
|
warnings
|
||||||
)]
|
)]
|
||||||
|
|
||||||
extern crate ring;
|
extern crate ring;
|
||||||
@ -55,19 +55,17 @@ fn test_signature_ed25519() {
|
|||||||
let expected_sig = test_case.consume_bytes("SIG");
|
let expected_sig = test_case.consume_bytes("SIG");
|
||||||
|
|
||||||
{
|
{
|
||||||
let key_pair = Ed25519KeyPair::from_seed_and_public_key(
|
let key_pair = Ed25519KeyPair::from_seed_and_public_key(seed, public_key).unwrap();
|
||||||
seed, public_key).unwrap();
|
|
||||||
let actual_sig = key_pair.sign(&msg);
|
let actual_sig = key_pair.sign(&msg);
|
||||||
assert_eq!(&expected_sig[..], actual_sig.as_ref());
|
assert_eq!(&expected_sig[..], actual_sig.as_ref());
|
||||||
}
|
}
|
||||||
|
|
||||||
// Test PKCS#8 generation, parsing, and private-to-public calculations.
|
// Test PKCS#8 generation, parsing, and private-to-public calculations.
|
||||||
let rng = test::rand::FixedSliceRandom {
|
let rng = test::rand::FixedSliceRandom {
|
||||||
bytes: seed.as_slice_less_safe()
|
bytes: seed.as_slice_less_safe(),
|
||||||
};
|
};
|
||||||
let pkcs8 = Ed25519KeyPair::generate_pkcs8(&rng).unwrap();
|
let pkcs8 = Ed25519KeyPair::generate_pkcs8(&rng).unwrap();
|
||||||
let key_pair = Ed25519KeyPair::from_pkcs8(
|
let key_pair = Ed25519KeyPair::from_pkcs8(untrusted::Input::from(&pkcs8)).unwrap();
|
||||||
untrusted::Input::from(&pkcs8)).unwrap();
|
|
||||||
assert_eq!(public_key, key_pair.public_key_bytes());
|
assert_eq!(public_key, key_pair.public_key_bytes());
|
||||||
|
|
||||||
// Test Signature generation.
|
// Test Signature generation.
|
||||||
@ -76,8 +74,12 @@ fn test_signature_ed25519() {
|
|||||||
|
|
||||||
// Test Signature verification.
|
// Test Signature verification.
|
||||||
assert!(signature::verify(
|
assert!(signature::verify(
|
||||||
&signature::ED25519, public_key, untrusted::Input::from(&msg),
|
&signature::ED25519,
|
||||||
untrusted::Input::from(&expected_sig)).is_ok());
|
public_key,
|
||||||
|
untrusted::Input::from(&msg),
|
||||||
|
untrusted::Input::from(&expected_sig)
|
||||||
|
)
|
||||||
|
.is_ok());
|
||||||
Ok(())
|
Ok(())
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
@ -89,50 +91,64 @@ fn test_ed25519_from_seed_and_public_key_misuse() {
|
|||||||
|
|
||||||
assert!(Ed25519KeyPair::from_seed_and_public_key(
|
assert!(Ed25519KeyPair::from_seed_and_public_key(
|
||||||
untrusted::Input::from(PRIVATE_KEY),
|
untrusted::Input::from(PRIVATE_KEY),
|
||||||
untrusted::Input::from(PUBLIC_KEY)).is_ok());
|
untrusted::Input::from(PUBLIC_KEY)
|
||||||
|
)
|
||||||
|
.is_ok());
|
||||||
|
|
||||||
// Truncated private key.
|
// Truncated private key.
|
||||||
assert!(Ed25519KeyPair::from_seed_and_public_key(
|
assert!(Ed25519KeyPair::from_seed_and_public_key(
|
||||||
untrusted::Input::from(&PRIVATE_KEY[..31]),
|
untrusted::Input::from(&PRIVATE_KEY[..31]),
|
||||||
untrusted::Input::from(PUBLIC_KEY)).is_err());
|
untrusted::Input::from(PUBLIC_KEY)
|
||||||
|
)
|
||||||
|
.is_err());
|
||||||
|
|
||||||
// Truncated public key.
|
// Truncated public key.
|
||||||
assert!(Ed25519KeyPair::from_seed_and_public_key(
|
assert!(Ed25519KeyPair::from_seed_and_public_key(
|
||||||
untrusted::Input::from(PRIVATE_KEY),
|
untrusted::Input::from(PRIVATE_KEY),
|
||||||
untrusted::Input::from(&PUBLIC_KEY[..31])).is_err());
|
untrusted::Input::from(&PUBLIC_KEY[..31])
|
||||||
|
)
|
||||||
|
.is_err());
|
||||||
|
|
||||||
// Swapped public and private key.
|
// Swapped public and private key.
|
||||||
assert!(Ed25519KeyPair::from_seed_and_public_key(
|
assert!(Ed25519KeyPair::from_seed_and_public_key(
|
||||||
untrusted::Input::from(PUBLIC_KEY),
|
untrusted::Input::from(PUBLIC_KEY),
|
||||||
untrusted::Input::from(PRIVATE_KEY)).is_err());
|
untrusted::Input::from(PRIVATE_KEY)
|
||||||
|
)
|
||||||
|
.is_err());
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_ed25519_from_pkcs8_unchecked() {
|
fn test_ed25519_from_pkcs8_unchecked() {
|
||||||
// Just test that we can parse the input.
|
// Just test that we can parse the input.
|
||||||
test::from_file("tests/ed25519_from_pkcs8_unchecked_tests.txt",
|
test::from_file(
|
||||||
|section, test_case| {
|
"tests/ed25519_from_pkcs8_unchecked_tests.txt",
|
||||||
assert_eq!(section, "");
|
|section, test_case| {
|
||||||
let input = test_case.consume_bytes("Input");
|
assert_eq!(section, "");
|
||||||
let error = test_case.consume_optional_string("Error");
|
let input = test_case.consume_bytes("Input");
|
||||||
assert_eq!(
|
let error = test_case.consume_optional_string("Error");
|
||||||
Ed25519KeyPair::from_pkcs8_maybe_unchecked(
|
assert_eq!(
|
||||||
untrusted::Input::from(&input)).is_ok(),
|
Ed25519KeyPair::from_pkcs8_maybe_unchecked(untrusted::Input::from(&input)).is_ok(),
|
||||||
error.is_none());
|
error.is_none()
|
||||||
Ok(())
|
);
|
||||||
});
|
Ok(())
|
||||||
|
},
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_ed25519_from_pkcs8() {
|
fn test_ed25519_from_pkcs8() {
|
||||||
// Just test that we can parse the input.
|
// Just test that we can parse the input.
|
||||||
test::from_file("tests/ed25519_from_pkcs8_tests.txt", |section, test_case| {
|
test::from_file(
|
||||||
assert_eq!(section, "");
|
"tests/ed25519_from_pkcs8_tests.txt",
|
||||||
let input = test_case.consume_bytes("Input");
|
|section, test_case| {
|
||||||
let error = test_case.consume_optional_string("Error");
|
assert_eq!(section, "");
|
||||||
assert_eq!(
|
let input = test_case.consume_bytes("Input");
|
||||||
Ed25519KeyPair::from_pkcs8(untrusted::Input::from(&input)).is_ok(),
|
let error = test_case.consume_optional_string("Error");
|
||||||
error.is_none());
|
assert_eq!(
|
||||||
Ok(())
|
Ed25519KeyPair::from_pkcs8(untrusted::Input::from(&input)).is_ok(),
|
||||||
});
|
error.is_none()
|
||||||
|
);
|
||||||
|
Ok(())
|
||||||
|
},
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|||||||
@ -28,7 +28,7 @@
|
|||||||
unused_qualifications,
|
unused_qualifications,
|
||||||
unused_results,
|
unused_results,
|
||||||
variant_size_differences,
|
variant_size_differences,
|
||||||
warnings,
|
warnings
|
||||||
)]
|
)]
|
||||||
|
|
||||||
extern crate ring;
|
extern crate ring;
|
||||||
@ -39,8 +39,9 @@ use ring::{error, hkdf, hmac, test};
|
|||||||
fn hkdf_tests() {
|
fn hkdf_tests() {
|
||||||
test::from_file("tests/hkdf_tests.txt", |section, test_case| {
|
test::from_file("tests/hkdf_tests.txt", |section, test_case| {
|
||||||
assert_eq!(section, "");
|
assert_eq!(section, "");
|
||||||
let digest_alg =
|
let digest_alg = test_case
|
||||||
test_case.consume_digest_alg("Hash").ok_or(error::Unspecified)?;
|
.consume_digest_alg("Hash")
|
||||||
|
.ok_or(error::Unspecified)?;
|
||||||
let secret = test_case.consume_bytes("IKM");
|
let secret = test_case.consume_bytes("IKM");
|
||||||
let salt = test_case.consume_bytes("salt");
|
let salt = test_case.consume_bytes("salt");
|
||||||
let info = test_case.consume_bytes("info");
|
let info = test_case.consume_bytes("info");
|
||||||
|
|||||||
@ -28,7 +28,7 @@
|
|||||||
unused_qualifications,
|
unused_qualifications,
|
||||||
unused_results,
|
unused_results,
|
||||||
variant_size_differences,
|
variant_size_differences,
|
||||||
warnings,
|
warnings
|
||||||
)]
|
)]
|
||||||
|
|
||||||
extern crate ring;
|
extern crate ring;
|
||||||
@ -46,11 +46,12 @@ fn hmac_tests() {
|
|||||||
|
|
||||||
let digest_alg = match digest_alg {
|
let digest_alg = match digest_alg {
|
||||||
Some(digest_alg) => digest_alg,
|
Some(digest_alg) => digest_alg,
|
||||||
None => { return Ok(()); }, // Unsupported digest algorithm
|
None => {
|
||||||
|
return Ok(());
|
||||||
|
}, // Unsupported digest algorithm
|
||||||
};
|
};
|
||||||
|
|
||||||
hmac_test_case_inner(digest_alg, &key_value[..], &input[..],
|
hmac_test_case_inner(digest_alg, &key_value[..], &input[..], &output[..], true)?;
|
||||||
&output[..], true)?;
|
|
||||||
|
|
||||||
// Tamper with the input and check that verification fails.
|
// Tamper with the input and check that verification fails.
|
||||||
if input.is_empty() {
|
if input.is_empty() {
|
||||||
@ -59,15 +60,14 @@ fn hmac_tests() {
|
|||||||
input[0] ^= 1;
|
input[0] ^= 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
hmac_test_case_inner(digest_alg, &key_value[..], &input[..],
|
hmac_test_case_inner(digest_alg, &key_value[..], &input[..], &output[..], false)
|
||||||
&output[..], false)
|
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
fn hmac_test_case_inner(digest_alg: &'static digest::Algorithm,
|
fn hmac_test_case_inner(
|
||||||
key_value: &[u8], input: &[u8], output: &[u8],
|
digest_alg: &'static digest::Algorithm, key_value: &[u8], input: &[u8], output: &[u8],
|
||||||
is_ok: bool) -> Result<(), error::Unspecified> {
|
is_ok: bool,
|
||||||
|
) -> Result<(), error::Unspecified> {
|
||||||
let s_key = hmac::SigningKey::new(digest_alg, key_value);
|
let s_key = hmac::SigningKey::new(digest_alg, key_value);
|
||||||
let v_key = hmac::VerificationKey::new(digest_alg, key_value);
|
let v_key = hmac::VerificationKey::new(digest_alg, key_value);
|
||||||
|
|
||||||
|
|||||||
@ -28,7 +28,7 @@
|
|||||||
unused_qualifications,
|
unused_qualifications,
|
||||||
unused_results,
|
unused_results,
|
||||||
variant_size_differences,
|
variant_size_differences,
|
||||||
warnings,
|
warnings
|
||||||
)]
|
)]
|
||||||
|
|
||||||
extern crate ring;
|
extern crate ring;
|
||||||
@ -45,24 +45,22 @@ pub fn pbkdf2_tests() {
|
|||||||
let salt = test_case.consume_bytes("S");
|
let salt = test_case.consume_bytes("S");
|
||||||
let dk = test_case.consume_bytes("DK");
|
let dk = test_case.consume_bytes("DK");
|
||||||
let verify_expected_result = test_case.consume_string("Verify");
|
let verify_expected_result = test_case.consume_string("Verify");
|
||||||
let verify_expected_result =
|
let verify_expected_result = match verify_expected_result.as_str() {
|
||||||
match verify_expected_result.as_str() {
|
"OK" => Ok(()),
|
||||||
"OK" => Ok(()),
|
"Err" => Err(error::Unspecified),
|
||||||
"Err" => Err(error::Unspecified),
|
_ => panic!("Unsupported value of \"Verify\""),
|
||||||
_ => panic!("Unsupported value of \"Verify\""),
|
};
|
||||||
};
|
|
||||||
|
|
||||||
{
|
{
|
||||||
let mut out = vec![0u8; dk.len()];
|
let mut out = vec![0u8; dk.len()];
|
||||||
pbkdf2::derive(digest_alg, iterations as u32, &salt, &secret,
|
pbkdf2::derive(digest_alg, iterations as u32, &salt, &secret, &mut out);
|
||||||
&mut out);
|
assert_eq!(dk == out, verify_expected_result.is_ok() || dk.is_empty());
|
||||||
assert_eq!(dk == out,
|
|
||||||
verify_expected_result.is_ok() || dk.is_empty());
|
|
||||||
}
|
}
|
||||||
|
|
||||||
assert_eq!(pbkdf2::verify(digest_alg, iterations as u32, &salt, &secret,
|
assert_eq!(
|
||||||
&dk),
|
pbkdf2::verify(digest_alg, iterations as u32, &salt, &secret, &dk),
|
||||||
verify_expected_result);
|
verify_expected_result
|
||||||
|
);
|
||||||
|
|
||||||
Ok(())
|
Ok(())
|
||||||
});
|
});
|
||||||
|
|||||||
@ -28,7 +28,7 @@
|
|||||||
unused_qualifications,
|
unused_qualifications,
|
||||||
unused_results,
|
unused_results,
|
||||||
variant_size_differences,
|
variant_size_differences,
|
||||||
warnings,
|
warnings
|
||||||
)]
|
)]
|
||||||
|
|
||||||
extern crate ring;
|
extern crate ring;
|
||||||
@ -39,7 +39,6 @@ use ring::{der, error, signature, test};
|
|||||||
#[cfg(feature = "rsa_signing")]
|
#[cfg(feature = "rsa_signing")]
|
||||||
use ring::rand;
|
use ring::rand;
|
||||||
|
|
||||||
|
|
||||||
#[cfg(feature = "rsa_signing")]
|
#[cfg(feature = "rsa_signing")]
|
||||||
#[test]
|
#[test]
|
||||||
fn rsa_from_pkcs8_test() {
|
fn rsa_from_pkcs8_test() {
|
||||||
@ -51,8 +50,10 @@ fn rsa_from_pkcs8_test() {
|
|||||||
|
|
||||||
let error = test_case.consume_optional_string("Error");
|
let error = test_case.consume_optional_string("Error");
|
||||||
|
|
||||||
assert_eq!(signature::RSAKeyPair::from_pkcs8(input).is_ok(),
|
assert_eq!(
|
||||||
error.is_none());
|
signature::RSAKeyPair::from_pkcs8(input).is_ok(),
|
||||||
|
error.is_none()
|
||||||
|
);
|
||||||
|
|
||||||
Ok(())
|
Ok(())
|
||||||
});
|
});
|
||||||
@ -70,7 +71,7 @@ fn test_signature_rsa_pkcs1_sign() {
|
|||||||
"SHA256" => &signature::RSA_PKCS1_SHA256,
|
"SHA256" => &signature::RSA_PKCS1_SHA256,
|
||||||
"SHA384" => &signature::RSA_PKCS1_SHA384,
|
"SHA384" => &signature::RSA_PKCS1_SHA384,
|
||||||
"SHA512" => &signature::RSA_PKCS1_SHA512,
|
"SHA512" => &signature::RSA_PKCS1_SHA512,
|
||||||
_ => { panic!("Unsupported digest: {}", digest_name) }
|
_ => panic!("Unsupported digest: {}", digest_name),
|
||||||
};
|
};
|
||||||
|
|
||||||
let private_key = test_case.consume_bytes("Key");
|
let private_key = test_case.consume_bytes("Key");
|
||||||
@ -89,11 +90,11 @@ fn test_signature_rsa_pkcs1_sign() {
|
|||||||
|
|
||||||
// XXX: This test is too slow on Android ARM Travis CI builds.
|
// XXX: This test is too slow on Android ARM Travis CI builds.
|
||||||
// TODO: re-enable these tests on Android ARM.
|
// TODO: re-enable these tests on Android ARM.
|
||||||
let mut signing_state =
|
let mut signing_state = signature::RSASigningState::new(key_pair).unwrap();
|
||||||
signature::RSASigningState::new(key_pair).unwrap();
|
let mut actual = vec![0u8; signing_state.key_pair().public_modulus_len()];
|
||||||
let mut actual =
|
signing_state
|
||||||
vec![0u8; signing_state.key_pair().public_modulus_len()];
|
.sign(alg, &rng, &msg, actual.as_mut_slice())
|
||||||
signing_state.sign(alg, &rng, &msg, actual.as_mut_slice()).unwrap();
|
.unwrap();
|
||||||
assert_eq!(actual.as_slice() == &expected[..], result == "Pass");
|
assert_eq!(actual.as_slice() == &expected[..], result == "Pass");
|
||||||
Ok(())
|
Ok(())
|
||||||
});
|
});
|
||||||
@ -110,7 +111,7 @@ fn test_signature_rsa_pss_sign() {
|
|||||||
"SHA256" => &signature::RSA_PSS_SHA256,
|
"SHA256" => &signature::RSA_PSS_SHA256,
|
||||||
"SHA384" => &signature::RSA_PSS_SHA384,
|
"SHA384" => &signature::RSA_PSS_SHA384,
|
||||||
"SHA512" => &signature::RSA_PSS_SHA512,
|
"SHA512" => &signature::RSA_PSS_SHA512,
|
||||||
_ => { panic!("Unsupported digest: {}", digest_name) }
|
_ => panic!("Unsupported digest: {}", digest_name),
|
||||||
};
|
};
|
||||||
|
|
||||||
let result = test_case.consume_string("Result");
|
let result = test_case.consume_string("Result");
|
||||||
@ -128,10 +129,8 @@ fn test_signature_rsa_pss_sign() {
|
|||||||
|
|
||||||
let rng = test::rand::FixedSliceRandom { bytes: &salt };
|
let rng = test::rand::FixedSliceRandom { bytes: &salt };
|
||||||
|
|
||||||
let mut signing_state =
|
let mut signing_state = signature::RSASigningState::new(key_pair).unwrap();
|
||||||
signature::RSASigningState::new(key_pair).unwrap();
|
let mut actual = vec![0u8; signing_state.key_pair().public_modulus_len()];
|
||||||
let mut actual =
|
|
||||||
vec![0u8; signing_state.key_pair().public_modulus_len()];
|
|
||||||
signing_state.sign(alg, &rng, &msg, actual.as_mut_slice())?;
|
signing_state.sign(alg, &rng, &msg, actual.as_mut_slice())?;
|
||||||
assert_eq!(actual.as_slice() == &expected[..], result == "Pass");
|
assert_eq!(actual.as_slice() == &expected[..], result == "Pass");
|
||||||
Ok(())
|
Ok(())
|
||||||
@ -148,7 +147,6 @@ fn test_rsa_key_pair_traits() {
|
|||||||
// TODO: Test that RSASigningState is NOT Sync.
|
// TODO: Test that RSASigningState is NOT Sync.
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_signature_rsa_pkcs1_verify() {
|
fn test_signature_rsa_pkcs1_verify() {
|
||||||
test::from_file("tests/rsa_pkcs1_verify_tests.txt", |section, test_case| {
|
test::from_file("tests/rsa_pkcs1_verify_tests.txt", |section, test_case| {
|
||||||
@ -160,7 +158,7 @@ fn test_signature_rsa_pkcs1_verify() {
|
|||||||
"SHA256" => &signature::RSA_PKCS1_2048_8192_SHA256,
|
"SHA256" => &signature::RSA_PKCS1_2048_8192_SHA256,
|
||||||
"SHA384" => &signature::RSA_PKCS1_2048_8192_SHA384,
|
"SHA384" => &signature::RSA_PKCS1_2048_8192_SHA384,
|
||||||
"SHA512" => &signature::RSA_PKCS1_2048_8192_SHA512,
|
"SHA512" => &signature::RSA_PKCS1_2048_8192_SHA512,
|
||||||
_ => { panic!("Unsupported digest: {}", digest_name) }
|
_ => panic!("Unsupported digest: {}", digest_name),
|
||||||
};
|
};
|
||||||
|
|
||||||
let public_key = test_case.consume_bytes("Key");
|
let public_key = test_case.consume_bytes("Key");
|
||||||
@ -169,13 +167,18 @@ fn test_signature_rsa_pkcs1_verify() {
|
|||||||
// Sanity check that we correctly DER-encoded the originally-
|
// Sanity check that we correctly DER-encoded the originally-
|
||||||
// provided separate (n, e) components. When we add test vectors
|
// provided separate (n, e) components. When we add test vectors
|
||||||
// for improperly-encoded signatures, we'll have to revisit this.
|
// for improperly-encoded signatures, we'll have to revisit this.
|
||||||
assert!(public_key.read_all(error::Unspecified, |input| {
|
assert!(public_key
|
||||||
der::nested(input, der::Tag::Sequence, error::Unspecified, |input| {
|
.read_all(error::Unspecified, |input| der::nested(
|
||||||
let _ = der::positive_integer(input)?;
|
input,
|
||||||
let _ = der::positive_integer(input)?;
|
der::Tag::Sequence,
|
||||||
Ok(())
|
error::Unspecified,
|
||||||
})
|
|input| {
|
||||||
}).is_ok());
|
let _ = der::positive_integer(input)?;
|
||||||
|
let _ = der::positive_integer(input)?;
|
||||||
|
Ok(())
|
||||||
|
}
|
||||||
|
))
|
||||||
|
.is_ok());
|
||||||
|
|
||||||
let msg = test_case.consume_bytes("Msg");
|
let msg = test_case.consume_bytes("Msg");
|
||||||
let msg = untrusted::Input::from(&msg);
|
let msg = untrusted::Input::from(&msg);
|
||||||
@ -202,7 +205,7 @@ fn test_signature_rsa_pss_verify() {
|
|||||||
"SHA256" => &signature::RSA_PSS_2048_8192_SHA256,
|
"SHA256" => &signature::RSA_PSS_2048_8192_SHA256,
|
||||||
"SHA384" => &signature::RSA_PSS_2048_8192_SHA384,
|
"SHA384" => &signature::RSA_PSS_2048_8192_SHA384,
|
||||||
"SHA512" => &signature::RSA_PSS_2048_8192_SHA512,
|
"SHA512" => &signature::RSA_PSS_2048_8192_SHA512,
|
||||||
_ => { panic!("Unsupported digest: {}", digest_name) }
|
_ => panic!("Unsupported digest: {}", digest_name),
|
||||||
};
|
};
|
||||||
|
|
||||||
let public_key = test_case.consume_bytes("Key");
|
let public_key = test_case.consume_bytes("Key");
|
||||||
@ -211,13 +214,18 @@ fn test_signature_rsa_pss_verify() {
|
|||||||
// Sanity check that we correctly DER-encoded the originally-
|
// Sanity check that we correctly DER-encoded the originally-
|
||||||
// provided separate (n, e) components. When we add test vectors
|
// provided separate (n, e) components. When we add test vectors
|
||||||
// for improperly-encoded signatures, we'll have to revisit this.
|
// for improperly-encoded signatures, we'll have to revisit this.
|
||||||
assert!(public_key.read_all(error::Unspecified, |input| {
|
assert!(public_key
|
||||||
der::nested(input, der::Tag::Sequence, error::Unspecified, |input| {
|
.read_all(error::Unspecified, |input| der::nested(
|
||||||
let _ = der::positive_integer(input)?;
|
input,
|
||||||
let _ = der::positive_integer(input)?;
|
der::Tag::Sequence,
|
||||||
Ok(())
|
error::Unspecified,
|
||||||
})
|
|input| {
|
||||||
}).is_ok());
|
let _ = der::positive_integer(input)?;
|
||||||
|
let _ = der::positive_integer(input)?;
|
||||||
|
Ok(())
|
||||||
|
}
|
||||||
|
))
|
||||||
|
.is_ok());
|
||||||
|
|
||||||
let msg = test_case.consume_bytes("Msg");
|
let msg = test_case.consume_bytes("Msg");
|
||||||
let msg = untrusted::Input::from(&msg);
|
let msg = untrusted::Input::from(&msg);
|
||||||
@ -238,19 +246,23 @@ fn test_signature_rsa_pss_verify() {
|
|||||||
// and use them to verify a signature.
|
// and use them to verify a signature.
|
||||||
#[test]
|
#[test]
|
||||||
fn test_signature_rsa_primitive_verification() {
|
fn test_signature_rsa_primitive_verification() {
|
||||||
test::from_file("tests/rsa_primitive_verify_tests.txt",
|
test::from_file(
|
||||||
|section, test_case| {
|
"tests/rsa_primitive_verify_tests.txt",
|
||||||
assert_eq!(section, "");
|
|section, test_case| {
|
||||||
let n = test_case.consume_bytes("n");
|
assert_eq!(section, "");
|
||||||
let e = test_case.consume_bytes("e");
|
let n = test_case.consume_bytes("n");
|
||||||
let msg = test_case.consume_bytes("Msg");
|
let e = test_case.consume_bytes("e");
|
||||||
let sig = test_case.consume_bytes("Sig");
|
let msg = test_case.consume_bytes("Msg");
|
||||||
let expected = test_case.consume_string("Result");
|
let sig = test_case.consume_bytes("Sig");
|
||||||
let result = signature::primitive::verify_rsa(
|
let expected = test_case.consume_string("Result");
|
||||||
&signature::RSA_PKCS1_2048_8192_SHA256,
|
let result = signature::primitive::verify_rsa(
|
||||||
(untrusted::Input::from(&n), untrusted::Input::from(&e)),
|
&signature::RSA_PKCS1_2048_8192_SHA256,
|
||||||
untrusted::Input::from(&msg), untrusted::Input::from(&sig));
|
(untrusted::Input::from(&n), untrusted::Input::from(&e)),
|
||||||
assert_eq!(result.is_ok(), expected == "Pass");
|
untrusted::Input::from(&msg),
|
||||||
Ok(())
|
untrusted::Input::from(&sig),
|
||||||
})
|
);
|
||||||
|
assert_eq!(result.is_ok(), expected == "Pass");
|
||||||
|
Ok(())
|
||||||
|
},
|
||||||
|
)
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,7 +1,6 @@
|
|||||||
extern crate ring;
|
extern crate ring;
|
||||||
|
|
||||||
use ring::signature;
|
use ring::{signature, test};
|
||||||
use ring::test;
|
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn signature_impl_test() {
|
fn signature_impl_test() {
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user