checkpoint
This commit is contained in:
John Smith
@@ -1,37 +1,21 @@
|
||||
use super::*;
|
||||
use crate::tests::common::test_veilid_config::*;
|
||||
|
||||
static LOREM_IPSUM:&[u8] = b"Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum. ";
|
||||
|
||||
async fn startup() -> VeilidAPI {
|
||||
trace!("test_table_store: starting");
|
||||
let (update_callback, config_callback) = setup_veilid_core();
|
||||
let api = api_startup(update_callback, config_callback)
|
||||
.await
|
||||
.expect("startup failed");
|
||||
api
|
||||
}
|
||||
|
||||
async fn shutdown(api: VeilidAPI) {
|
||||
trace!("test_table_store: shutting down");
|
||||
api.shutdown().await;
|
||||
trace!("test_table_store: finished");
|
||||
}
|
||||
|
||||
pub async fn test_aead() {
|
||||
pub async fn test_aead(vcrypto: CryptoSystemVersion) {
|
||||
trace!("test_aead");
|
||||
|
||||
let n1 = Crypto::get_random_nonce();
|
||||
let n1 = vcrypto.random_nonce();
|
||||
let n2 = loop {
|
||||
let n = Crypto::get_random_nonce();
|
||||
let n = vcrypto.random_nonce();
|
||||
if n != n1 {
|
||||
break n;
|
||||
}
|
||||
};
|
||||
|
||||
let ss1 = Crypto::get_random_secret();
|
||||
let ss1 = vcrypto.random_shared_secret();
|
||||
let ss2 = loop {
|
||||
let ss = Crypto::get_random_secret();
|
||||
let ss = vcrypto.random_shared_secret();
|
||||
if ss != ss1 {
|
||||
break ss;
|
||||
}
|
||||
@@ -41,67 +25,77 @@ pub async fn test_aead() {
|
||||
let body2 = body.clone();
|
||||
let size_before_encrypt = body.len();
|
||||
assert!(
|
||||
Crypto::encrypt_in_place_aead(&mut body, &n1, &ss1, None).is_ok(),
|
||||
vcrypto
|
||||
.encrypt_in_place_aead(&mut body, &n1, &ss1, None)
|
||||
.is_ok(),
|
||||
"encrypt should succeed"
|
||||
);
|
||||
let size_after_encrypt = body.len();
|
||||
assert!(
|
||||
size_after_encrypt - size_before_encrypt == AEAD_OVERHEAD,
|
||||
size_after_encrypt - size_before_encrypt == vcrypto.aead_overhead(),
|
||||
"overhead should match"
|
||||
);
|
||||
let mut body3 = body.clone();
|
||||
let mut body4 = body.clone();
|
||||
let mut body5 = body.clone();
|
||||
assert!(
|
||||
Crypto::decrypt_in_place_aead(&mut body, &n1, &ss1, None).is_ok(),
|
||||
vcrypto
|
||||
.decrypt_in_place_aead(&mut body, &n1, &ss1, None)
|
||||
.is_ok(),
|
||||
"decrypt should succeed"
|
||||
);
|
||||
assert_eq!(body, body2, "results should be the same");
|
||||
|
||||
assert!(
|
||||
Crypto::decrypt_in_place_aead(&mut body3, &n2, &ss1, None).is_err(),
|
||||
vcrypto
|
||||
.decrypt_in_place_aead(&mut body3, &n2, &ss1, None)
|
||||
.is_err(),
|
||||
"decrypt with wrong nonce should fail"
|
||||
);
|
||||
assert_ne!(body3, body, "failure changes data");
|
||||
|
||||
assert!(
|
||||
Crypto::decrypt_in_place_aead(&mut body4, &n1, &ss2, None).is_err(),
|
||||
vcrypto
|
||||
.decrypt_in_place_aead(&mut body4, &n1, &ss2, None)
|
||||
.is_err(),
|
||||
"decrypt with wrong secret should fail"
|
||||
);
|
||||
assert_ne!(body4, body, "failure changes data");
|
||||
|
||||
assert!(
|
||||
Crypto::decrypt_in_place_aead(&mut body5, &n1, &ss2, Some(b"foobar")).is_err(),
|
||||
vcrypto
|
||||
.decrypt_in_place_aead(&mut body5, &n1, &ss2, Some(b"foobar"))
|
||||
.is_err(),
|
||||
"decrypt with wrong associated data should fail"
|
||||
);
|
||||
assert_ne!(body5, body, "failure changes data");
|
||||
|
||||
assert!(
|
||||
Crypto::decrypt_aead(LOREM_IPSUM, &n1, &ss1, None).is_err(),
|
||||
vcrypto.decrypt_aead(LOREM_IPSUM, &n1, &ss1, None).is_err(),
|
||||
"should fail authentication"
|
||||
);
|
||||
|
||||
let body5 = Crypto::encrypt_aead(LOREM_IPSUM, &n1, &ss1, None).unwrap();
|
||||
let body6 = Crypto::decrypt_aead(&body5, &n1, &ss1, None).unwrap();
|
||||
let body7 = Crypto::encrypt_aead(LOREM_IPSUM, &n1, &ss1, None).unwrap();
|
||||
let body5 = vcrypto.encrypt_aead(LOREM_IPSUM, &n1, &ss1, None).unwrap();
|
||||
let body6 = vcrypto.decrypt_aead(&body5, &n1, &ss1, None).unwrap();
|
||||
let body7 = vcrypto.encrypt_aead(LOREM_IPSUM, &n1, &ss1, None).unwrap();
|
||||
assert_eq!(body6, LOREM_IPSUM);
|
||||
assert_eq!(body5, body7);
|
||||
}
|
||||
|
||||
pub async fn test_no_auth() {
|
||||
pub async fn test_no_auth(vcrypto: CryptoSystemVersion) {
|
||||
trace!("test_no_auth");
|
||||
|
||||
let n1 = Crypto::get_random_nonce();
|
||||
let n1 = vcrypto.random_nonce();
|
||||
let n2 = loop {
|
||||
let n = Crypto::get_random_nonce();
|
||||
let n = vcrypto.random_nonce();
|
||||
if n != n1 {
|
||||
break n;
|
||||
}
|
||||
};
|
||||
|
||||
let ss1 = Crypto::get_random_secret();
|
||||
let ss1 = vcrypto.random_shared_secret();
|
||||
let ss2 = loop {
|
||||
let ss = Crypto::get_random_secret();
|
||||
let ss = vcrypto.random_shared_secret();
|
||||
if ss != ss1 {
|
||||
break ss;
|
||||
}
|
||||
@@ -110,7 +104,7 @@ pub async fn test_no_auth() {
|
||||
let mut body = LOREM_IPSUM.to_vec();
|
||||
let body2 = body.clone();
|
||||
let size_before_encrypt = body.len();
|
||||
Crypto::crypt_in_place_no_auth(&mut body, &n1, &ss1);
|
||||
vcrypto.crypt_in_place_no_auth(&mut body, &n1, &ss1);
|
||||
|
||||
let size_after_encrypt = body.len();
|
||||
assert_eq!(
|
||||
@@ -120,41 +114,47 @@ pub async fn test_no_auth() {
|
||||
let mut body3 = body.clone();
|
||||
let mut body4 = body.clone();
|
||||
|
||||
Crypto::crypt_in_place_no_auth(&mut body, &n1, &ss1);
|
||||
vcrypto.crypt_in_place_no_auth(&mut body, &n1, &ss1);
|
||||
assert_eq!(body, body2, "result after decrypt should be the same");
|
||||
|
||||
Crypto::crypt_in_place_no_auth(&mut body3, &n2, &ss1);
|
||||
vcrypto.crypt_in_place_no_auth(&mut body3, &n2, &ss1);
|
||||
assert_ne!(body3, body, "decrypt should not be equal with wrong nonce");
|
||||
|
||||
Crypto::crypt_in_place_no_auth(&mut body4, &n1, &ss2);
|
||||
vcrypto.crypt_in_place_no_auth(&mut body4, &n1, &ss2);
|
||||
assert_ne!(body4, body, "decrypt should not be equal with wrong secret");
|
||||
|
||||
let body5 = Crypto::crypt_no_auth(LOREM_IPSUM, &n1, &ss1);
|
||||
let body6 = Crypto::crypt_no_auth(&body5, &n1, &ss1);
|
||||
let body7 = Crypto::crypt_no_auth(LOREM_IPSUM, &n1, &ss1);
|
||||
let body5 = vcrypto.crypt_no_auth_unaligned(LOREM_IPSUM, &n1, &ss1);
|
||||
let body6 = vcrypto.crypt_no_auth_unaligned(&body5, &n1, &ss1);
|
||||
let body7 = vcrypto.crypt_no_auth_unaligned(LOREM_IPSUM, &n1, &ss1);
|
||||
assert_eq!(body6, LOREM_IPSUM);
|
||||
assert_eq!(body5, body7);
|
||||
|
||||
let body5 = vcrypto.crypt_no_auth_aligned_8(LOREM_IPSUM, &n1, &ss1);
|
||||
let body6 = vcrypto.crypt_no_auth_aligned_8(&body5, &n1, &ss1);
|
||||
let body7 = vcrypto.crypt_no_auth_aligned_8(LOREM_IPSUM, &n1, &ss1);
|
||||
assert_eq!(body6, LOREM_IPSUM);
|
||||
assert_eq!(body5, body7);
|
||||
}
|
||||
|
||||
pub async fn test_dh(crypto: Crypto) {
|
||||
pub async fn test_dh(vcrypto: CryptoSystemVersion) {
|
||||
trace!("test_dh");
|
||||
let (dht_key, dht_key_secret) = key::generate_secret();
|
||||
let (dht_key2, dht_key_secret2) = key::generate_secret();
|
||||
let (dht_key, dht_key_secret) = vcrypto.generate_keypair();
|
||||
let (dht_key2, dht_key_secret2) = vcrypto.generate_keypair();
|
||||
|
||||
let r1 = Crypto::compute_dh(&dht_key, &dht_key_secret2).unwrap();
|
||||
let r2 = Crypto::compute_dh(&dht_key2, &dht_key_secret).unwrap();
|
||||
let r3 = Crypto::compute_dh(&dht_key, &dht_key_secret2).unwrap();
|
||||
let r4 = Crypto::compute_dh(&dht_key2, &dht_key_secret).unwrap();
|
||||
let r1 = vcrypto.compute_dh(&dht_key, &dht_key_secret2).unwrap();
|
||||
let r2 = vcrypto.compute_dh(&dht_key2, &dht_key_secret).unwrap();
|
||||
let r3 = vcrypto.compute_dh(&dht_key, &dht_key_secret2).unwrap();
|
||||
let r4 = vcrypto.compute_dh(&dht_key2, &dht_key_secret).unwrap();
|
||||
assert_eq!(r1, r2);
|
||||
assert_eq!(r3, r4);
|
||||
assert_eq!(r2, r3);
|
||||
trace!("dh: {:?}", r1);
|
||||
|
||||
// test cache
|
||||
let r5 = crypto.cached_dh(&dht_key, &dht_key_secret2).unwrap();
|
||||
let r6 = crypto.cached_dh(&dht_key2, &dht_key_secret).unwrap();
|
||||
let r7 = crypto.cached_dh(&dht_key, &dht_key_secret2).unwrap();
|
||||
let r8 = crypto.cached_dh(&dht_key2, &dht_key_secret).unwrap();
|
||||
let r5 = vcrypto.cached_dh(&dht_key, &dht_key_secret2).unwrap();
|
||||
let r6 = vcrypto.cached_dh(&dht_key2, &dht_key_secret).unwrap();
|
||||
let r7 = vcrypto.cached_dh(&dht_key, &dht_key_secret2).unwrap();
|
||||
let r8 = vcrypto.cached_dh(&dht_key2, &dht_key_secret).unwrap();
|
||||
assert_eq!(r1, r5);
|
||||
assert_eq!(r2, r6);
|
||||
assert_eq!(r3, r7);
|
||||
@@ -163,11 +163,17 @@ pub async fn test_dh(crypto: Crypto) {
|
||||
}
|
||||
|
||||
pub async fn test_all() {
|
||||
let api = startup().await;
|
||||
let api = crypto_tests_startup().await;
|
||||
let crypto = api.crypto().unwrap();
|
||||
test_aead().await;
|
||||
test_no_auth().await;
|
||||
test_dh(crypto).await;
|
||||
shutdown(api.clone()).await;
|
||||
|
||||
// Test versions
|
||||
for v in MIN_CRYPTO_VERSION..=MAX_CRYPTO_VERSION {
|
||||
let vcrypto = crypto.get(v).unwrap();
|
||||
test_aead(vcrypto.clone()).await;
|
||||
test_no_auth(vcrypto.clone()).await;
|
||||
test_dh(vcrypto).await;
|
||||
}
|
||||
|
||||
crypto_tests_shutdown(api.clone()).await;
|
||||
assert!(api.is_shutdown());
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user