From 74e564de620177ff92b7f125e54b8010a10809e0 Mon Sep 17 00:00:00 2001 From: Hans Nilsson Date: Thu, 7 May 2020 11:23:55 +0200 Subject: crypto/test: Remove bad option in rsa enc/dec test The padding rsa_x931_padding is not valid for enc/dec. This was not reported as an error on openssl < 3.0 --- lib/crypto/test/crypto_SUITE.erl | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/lib/crypto/test/crypto_SUITE.erl b/lib/crypto/test/crypto_SUITE.erl index ca72601bef..5adf4b6b6e 100644 --- a/lib/crypto/test/crypto_SUITE.erl +++ b/lib/crypto/test/crypto_SUITE.erl @@ -2239,12 +2239,13 @@ gen_rsa_sign_verify_tests(Hashs, Msg, Public, Private, Opts) -> gen_rsa_pub_priv_tests(Public, Private, Msg, OptsToTry) -> - SupOpts = proplists:get_value(rsa_opts, crypto:supports(), []), + SupOpts = proplists:get_value(rsa_opts, crypto:supports(), []) -- + [rsa_x931_padding], lists:foldr(fun(Opt, Acc) -> case rsa_opt_is_supported(Opt, SupOpts) of true -> [{rsa, Public, Private, Msg, Opt} | Acc]; - false -> + false -> Acc end end, [], OptsToTry). -- cgit v1.2.1 From d25939277f8e3e02bb8d1d53c1035f953917e059 Mon Sep 17 00:00:00 2001 From: Hans Nilsson Date: Thu, 7 May 2020 14:23:03 +0200 Subject: crypto/test: Minor fixes --- lib/crypto/test/crypto_SUITE.erl | 41 ++++++++++++++++++++++------------------ 1 file changed, 23 insertions(+), 18 deletions(-) diff --git a/lib/crypto/test/crypto_SUITE.erl b/lib/crypto/test/crypto_SUITE.erl index 5adf4b6b6e..682ceefdc8 100644 --- a/lib/crypto/test/crypto_SUITE.erl +++ b/lib/crypto/test/crypto_SUITE.erl @@ -1648,6 +1648,9 @@ do_generate_compute({srp = Type, UserPrivate, UserGenParams, UserComParams, UserComParams), SessionKey = crypto:compute_key(Type, UserPublic, {HostPublic, HostPrivate}, HostComParam); + + + do_generate_compute({dh, P, G}) -> {UserPub, UserPriv} = crypto:generate_key(dh, [P, G]), {HostPub, HostPriv} = crypto:generate_key(dh, [P, G]), @@ -1655,6 +1658,7 @@ do_generate_compute({dh, P, G}) -> SharedSecret = crypto:compute_key(dh, UserPub, HostPriv, [P, G]). do_compute({ecdh = Type, Pub, Priv, Curve, SharedSecret}) -> + ct:log("~p ~p", [Type,Curve]), Secret = crypto:compute_key(Type, Pub, Priv, Curve), case Secret of SharedSecret -> @@ -1664,6 +1668,7 @@ do_compute({ecdh = Type, Pub, Priv, Curve, SharedSecret}) -> end. do_generate({Type, Curve, Priv, Pub}) when Type == ecdh ; Type == eddsa -> + ct:log("~p ~p", [Type,Curve]), case crypto:generate_key(Type, Curve, Priv) of {Pub, _} -> ok; @@ -1671,6 +1676,7 @@ do_generate({Type, Curve, Priv, Pub}) when Type == ecdh ; Type == eddsa -> ct:fail({{crypto, generate_key, [Type, Priv, Curve]}, {expected, Pub}, {got, Other}}) end; do_generate({rsa = Type, Mod, Exp}) -> + ct:log("~p", [Type]), case crypto:info_fips() of enabled when Mod < 3072 -> ct:log("SKIP do_generate ~p FIPS=~p, Mod=~p Exp=~p", [Type, enabled, Mod, Exp]), @@ -3976,11 +3982,13 @@ eddsa(ed448) -> ecdh() -> %% http://csrc.nist.gov/groups/STM/cavp/ - Curves = crypto:ec_curves() ++ - [X || X <- proplists:get_value(curves, crypto:supports(), []), - lists:member(X, [x25519,x448])], - TestCases = - [{ecdh, hexstr2point("42ea6dd9969dd2a61fea1aac7f8e98edcc896c6e55857cc0", "dfbe5d7c61fac88b11811bde328e8a0d12bf01a9d204b523"), + Curves = crypto:supports(curves), + lists:filter( + fun ({_Type, _Pub, _Priv, Curve, _SharedSecret}) -> + lists:member(Curve, Curves) + end, + + [{ecdh, hexstr2point("42ea6dd9969dd2a61fea1aac7f8e98edcc896c6e55857cc0", "dfbe5d7c61fac88b11811bde328e8a0d12bf01a9d204b523"), hexstr2bin("f17d3fea367b74d340851ca4270dcb24c271f445bed9d527"), secp192r1, hexstr2bin("803d8ab2e5b6e6fca715737c3a82f7ce3c783124f6d51cd0")}, @@ -4086,11 +4094,8 @@ ecdh() -> 16#9a8f4925d1519f5775cf46b04b5800d4ee9ee8bae8bc5565d498c28dd9c9baf574a9419744897391006382a6f127ab1d9ac2d8c0a598726b, x448, hexstr2bin("07fff4181ac6cc95ec1c16a94a0f74d12da232ce40a77552281d282bb60c0b56fd2464c335543936521c24403085d59a449a5037514a879d")} - ], - lists:filter(fun ({_Type, _Pub, _Priv, Curve, _SharedSecret}) -> - lists:member(Curve, Curves) - end, - TestCases). + ] + ). dh() -> {dh, 90970053988169282502023478715631717259407236400413906591937635666709823903223997309250405131675572047545403771567755831138144089197560332757755059848492919215391041119286178688014693040542889497092308638580104031455627238700168892909539193174537248629499995652186913900511641708112112482297874449292467498403, 2}. @@ -4144,8 +4149,11 @@ ecc() -> %% information about the curves see %% http://csrc.nist.gov/encryption/dss/ecdsa/NISTReCur.pdf %% - Curves = crypto:ec_curves(), - TestCases = + Curves = crypto:supports(curves), + lists:filter( + fun ({_Type, Curve, _Priv, _Pub}) -> + lists:member(Curve, Curves) + end, [{ecdh,secp192r1,1, hexstr2point("188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012", "07192B95FFC8DA78631011ED6B24CDD573F977A11E794811")}, @@ -4175,12 +4183,9 @@ ecc() -> hexstr2bin("8520f0098930a754748b7ddcb43ef75a0dbf3a0d26381af4eba4a98eaa9b4e6a")}, {ecdh, x25519, hexstr2bin("5dab087e624a8a4b79e17f8b83800ee66f3bb1292618b6fd1c2f8b27ff88e0eb"), - hexstr2bin("de9edb7d7b7dc1b4d35b61c2ece435373f8343c85b78674dadfc7e146f882b4f")}], - lists:filter(fun ({_Type, Curve, _Priv, _Pub}) -> - lists:member(Curve, Curves) - end, - TestCases). - + hexstr2bin("de9edb7d7b7dc1b4d35b61c2ece435373f8343c85b78674dadfc7e146f882b4f")} + ] + ). int_to_bin(X) when X < 0 -> int_to_bin_neg(X, []); int_to_bin(X) -> int_to_bin_pos(X, []). -- cgit v1.2.1 From 3946ed7fb410c29a052a7afe61739b8d1d6aa6d0 Mon Sep 17 00:00:00 2001 From: Hans Nilsson Date: Thu, 7 May 2020 16:32:39 +0200 Subject: crypto/test: Better coverage for edward curves --- lib/crypto/test/crypto_SUITE.erl | 62 ++++++++++++++++++++++++++++++++++------ 1 file changed, 53 insertions(+), 9 deletions(-) diff --git a/lib/crypto/test/crypto_SUITE.erl b/lib/crypto/test/crypto_SUITE.erl index 682ceefdc8..f55433b90c 100644 --- a/lib/crypto/test/crypto_SUITE.erl +++ b/lib/crypto/test/crypto_SUITE.erl @@ -217,7 +217,7 @@ groups() -> {dss, [], [sign_verify %% Does not work yet: ,public_encrypt, private_encrypt ]}, - {ecdsa, [], [sign_verify + {ecdsa, [], [sign_verify, use_all_ec_sign_verify %% Does not work yet: ,public_encrypt, private_encrypt ]}, {ed25519, [], [sign_verify, @@ -229,7 +229,7 @@ groups() -> generate ]}, {dh, [], [generate_compute, compute_bug]}, - {ecdh, [], [use_all_elliptic_curves, compute, generate]}, + {ecdh, [], [compute, generate, use_all_ecdh_generate_compute]}, {srp, [], [generate_compute]}, {des_cbc, [], [block, api_ng, api_ng_one_shot, api_ng_tls]}, {des_cfb, [], [block, api_ng, api_ng_one_shot, api_ng_tls]}, @@ -604,7 +604,7 @@ api_ng_cipher_increment_loop(Ref, InTexts) -> Bin catch error:Error -> - ct:pal("Txt = ~p",[Txt]), + ct:log("Txt = ~p",[Txt]), ct:fail("~p",[Error]) end end, InTexts). @@ -961,9 +961,7 @@ compute(Config) when is_list(Config) -> Gen = proplists:get_value(compute, Config), lists:foreach(fun do_compute/1, Gen). %%-------------------------------------------------------------------- -use_all_elliptic_curves() -> - [{doc, " Test that all curves from crypto:ec_curves/0"}]. -use_all_elliptic_curves(_Config) -> +use_all_ec_sign_verify(_Config) -> Msg = <<"hello world!">>, Sups = crypto:supports(), Curves = proplists:get_value(curves, Sups), @@ -975,6 +973,7 @@ use_all_elliptic_curves(_Config) -> Results = [{{Curve,Hash}, try + ct:log("~p ~p",[Curve,Hash]), {Pub,Priv} = crypto:generate_key(ecdh, Curve), true = is_binary(Pub), true = is_binary(Priv), @@ -999,6 +998,50 @@ use_all_elliptic_curves(_Config) -> ct:fail("Bad curve(s)",[]) end. +%%-------------------------------------------------------------------- +use_all_ecdh_generate_compute(_Config) -> + Sups = crypto:supports(), + Curves = proplists:get_value(curves, Sups), + ct:log("Lib: ~p~nFIPS: ~p~nCurves:~n~p", [crypto:info_lib(), + crypto:info_fips(), + Curves]), + Results = + [{Curve, + try + ct:log("~p",[Curve]), + {APub,APriv} = crypto:generate_key(ecdh, Curve), + {BPub,BPriv} = crypto:generate_key(ecdh, Curve), + true = is_binary(APub), + true = is_binary(APriv), + true = is_binary(BPub), + true = is_binary(BPriv), + + ACommonSecret = crypto:compute_key(ecdh, BPub, APriv, Curve), + BCommonSecret = crypto:compute_key(ecdh, APub, BPriv, Curve), + ACommonSecret == BCommonSecret + catch + C:E -> + {C,E} + end} + || Curve <- [ed25519, ed448, x25519, x448], + lists:member(Curve, Curves) + ], + Fails0 = + lists:filter(fun({_,true}) -> false; + (_) -> true + end, Results), + case Fails0 of + [{ed25519,_}, {ed448,_}] -> + ok; + _ -> + Fails = lists:filter(fun({ed25519,_}) -> true; + ({ed448,_}) -> true; + (_) -> false + end, Fails0), + ct:log("Fails:~n~p",[Fails]), + ct:fail("Bad curve(s)",[]) + end. + %%-------------------------------------------------------------------- generate() -> [{doc, " Test crypto:generate_key"}]. @@ -1065,13 +1108,14 @@ cipher_info(Config) when is_list(Config) -> of _ -> Ok catch Cls:Exc -> - ct:pal("~p:~p ~p",[Cls,Exc,C]), + ct:log("~p:~p ~p",[Cls,Exc,C]), false end end, true, -crypto:supports(ciphers)) of -%% proplists:get_value(ciphers, crypto:supports())) of + crypto:supports(ciphers) + ) + of true -> ok; false -> -- cgit v1.2.1 From 75821c5b61220e1061fde315871e7eee4c5a7213 Mon Sep 17 00:00:00 2001 From: Hans Nilsson Date: Thu, 14 May 2020 14:45:30 +0200 Subject: crypto/test: Fresh-up ecdh and add eddh groups --- lib/crypto/test/crypto_SUITE.erl | 41 +++++++++++++++++++++++++--------------- 1 file changed, 26 insertions(+), 15 deletions(-) diff --git a/lib/crypto/test/crypto_SUITE.erl b/lib/crypto/test/crypto_SUITE.erl index f55433b90c..079637c4b1 100644 --- a/lib/crypto/test/crypto_SUITE.erl +++ b/lib/crypto/test/crypto_SUITE.erl @@ -135,6 +135,7 @@ groups() -> {group, dh}, {group, ecdh}, + {group, eddh}, {group, srp}, {group, chacha20_poly1305}, @@ -230,6 +231,7 @@ groups() -> ]}, {dh, [], [generate_compute, compute_bug]}, {ecdh, [], [compute, generate, use_all_ecdh_generate_compute]}, + {eddh, [], [compute, generate, use_all_eddh_generate_compute]}, {srp, [], [generate_compute]}, {des_cbc, [], [block, api_ng, api_ng_one_shot, api_ng_tls]}, {des_cfb, [], [block, api_ng, api_ng_one_shot, api_ng_tls]}, @@ -999,12 +1001,20 @@ use_all_ec_sign_verify(_Config) -> end. %%-------------------------------------------------------------------- -use_all_ecdh_generate_compute(_Config) -> - Sups = crypto:supports(), - Curves = proplists:get_value(curves, Sups), - ct:log("Lib: ~p~nFIPS: ~p~nCurves:~n~p", [crypto:info_lib(), - crypto:info_fips(), - Curves]), +use_all_ecdh_generate_compute(Config) -> + Curves = crypto:supports(curves) -- [ed25519, ed448, x25519, x448], + do_dh_curves(Config, Curves). + +use_all_eddh_generate_compute(Config) -> + AllCurves = crypto:supports(curves), + Curves = [C || C <- [x25519, x448], + lists:member(C, AllCurves)], + do_dh_curves(Config, Curves). + +do_dh_curves(_Config, Curves) -> + ct:log("Lib: ~p~nFIPS: ~p~nCurves:~n~p~n", [crypto:info_lib(), + crypto:info_fips(), + Curves]), Results = [{Curve, try @@ -1023,21 +1033,20 @@ use_all_ecdh_generate_compute(_Config) -> C:E -> {C,E} end} - || Curve <- [ed25519, ed448, x25519, x448], - lists:member(Curve, Curves) + || Curve <- Curves ], - Fails0 = + + Fails = lists:filter(fun({_,true}) -> false; (_) -> true end, Results), - case Fails0 of - [{ed25519,_}, {ed448,_}] -> + + case Fails of + [] -> + ct:comment("All ~p passed",[length(Results)]), ok; _ -> - Fails = lists:filter(fun({ed25519,_}) -> true; - ({ed448,_}) -> true; - (_) -> false - end, Fails0), + ct:comment("passed: ~p, failed: ~p",[length(Results),length(Fails)]), ct:log("Fails:~n~p",[Fails]), ct:fail("Bad curve(s)",[]) end. @@ -2151,6 +2160,8 @@ group_config(ecdh, Config) -> Compute = ecdh(), Generate = ecc(), [{compute, Compute}, {generate, Generate} | Config]; +group_config(eddh, Config) -> + [{compute, []}, {generate, []} | Config]; group_config(dh, Config) -> GenerateCompute = [dh()], [{generate_compute, GenerateCompute} | Config]; -- cgit v1.2.1 From fc26658ea277e893fe14587aedcb87986fa8091a Mon Sep 17 00:00:00 2001 From: Hans Nilsson Date: Fri, 15 Nov 2019 12:29:04 +0100 Subject: crypto/test: Add logging to rsa encrypt/decrypt --- lib/crypto/test/crypto_SUITE.erl | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/lib/crypto/test/crypto_SUITE.erl b/lib/crypto/test/crypto_SUITE.erl index 079637c4b1..d1e66afaa0 100644 --- a/lib/crypto/test/crypto_SUITE.erl +++ b/lib/crypto/test/crypto_SUITE.erl @@ -904,6 +904,7 @@ no_sign_verify(Config) when is_list(Config) -> public_encrypt() -> [{doc, "Test public_encrypt/decrypt "}]. public_encrypt(Config) when is_list(Config) -> + ct:log("public_encrypt", []), Params = proplists:get_value(pub_pub_encrypt, Config, []), lists:foreach(fun do_public_encrypt/1, Params). @@ -1651,45 +1652,65 @@ negative_verify(Type, Hash, Msg, Signature, Public, Options) -> end. do_public_encrypt({Type, Public, Private, Msg, Padding}) -> + ct:log("do_public_encrypt Type=~p, Padding=~p,~nPublic = ~p,~nPrivate = ~p,~nMsg = ~p.", + [Type, Padding, Public, Private, Msg]), + timer:sleep(100), try crypto:public_encrypt(Type, Msg, Public, Padding) of PublicEcn -> + ct:log("private_decrypt~nPublicEcn = ~p.", [PublicEcn]), + timer:sleep(100), try crypto:private_decrypt(Type, PublicEcn, Private, Padding) of Msg -> + ct:log("~p:~p ok", [?MODULE,?LINE]), + timer:sleep(100), ok; Other -> + ct:log("~p:~p Other = ~p", [?MODULE,?LINE,Other]), + timer:sleep(100), ct:fail({{crypto, private_decrypt, [Type, PublicEcn, Private, Padding]}, {expected, Msg}, {got, Other}}) catch CC:EE -> + ct:log("~p:~p EXC. ~p:~p", [?MODULE,?LINE,CC,EE]), + timer:sleep(100), ct:fail({{crypto, private_decrypt, [Type, PublicEcn, Private, Padding]}, {expected, Msg}, {got, {CC,EE}}}) end catch CC:EE -> + ct:log("~p:~p EXC 2. ~p:~p", [?MODULE,?LINE,CC,EE]), + timer:sleep(100), ct:fail({{crypto, public_encrypt, [Type, Msg, Public, Padding]}, {got, {CC,EE}}}) end. do_private_encrypt({Type, Public, Private, Msg, Padding}) -> + ct:log("do_private_encrypt Type=~p, Padding=~p,~nPublic = ~p,~nPrivate = ~p,~nMsg = ~p.", + [Type, Padding, Public, Private, Msg]), try crypto:private_encrypt(Type, Msg, Private, Padding) of PrivEcn -> try + ct:log("public_decrypt~nPrivEcn = ~p.", [PrivEcn]), crypto:public_decrypt(Type, PrivEcn, Public, Padding) of Msg -> + ct:log("~p:~p ok", [?MODULE,?LINE]), ok; Other -> + ct:log("~p:~p Other = ~p", [?MODULE,?LINE,Other]), ct:fail({{crypto, public_decrypt, [Type, PrivEcn, Public, Padding]}, {expected, Msg}, {got, Other}}) catch CC:EE -> + ct:log("~p:~p EXC. ~p:~p", [?MODULE,?LINE,CC,EE]), ct:fail({{crypto, public_decrypt, [Type, PrivEcn, Public, Padding]}, {expected, Msg}, {got, {CC,EE}}}) end catch CC:EE -> + ct:log("~p:~p EXC 2. ~p:~p", [?MODULE,?LINE,CC,EE]), ct:fail({{crypto, private_encrypt, [Type, Msg, Private, Padding]}, {got, {CC,EE}}}) end. -- cgit v1.2.1 From f1c12926145fd0b0b31d02da7cc5fe9d741ed974 Mon Sep 17 00:00:00 2001 From: Hans Nilsson Date: Tue, 12 May 2020 14:59:23 +0200 Subject: crypto/test: Better logging --- lib/crypto/test/crypto_SUITE.erl | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/lib/crypto/test/crypto_SUITE.erl b/lib/crypto/test/crypto_SUITE.erl index d1e66afaa0..617ca9b760 100644 --- a/lib/crypto/test/crypto_SUITE.erl +++ b/lib/crypto/test/crypto_SUITE.erl @@ -678,17 +678,16 @@ api_ng_tls(Config) when is_list(Config) -> lists:foreach(fun do_api_ng_tls/1, Ciphers). -do_api_ng_tls({Type, Key, PlainTexts}=_X) -> - ct:log("~p",[_X]), +do_api_ng_tls({Type, Key, PlainTexts}) -> do_api_ng_tls({Type, Key, <<>>, PlainTexts}); -do_api_ng_tls({Type, Key, IV, PlainTexts}=_X) -> - ct:log("~p",[_X]), +do_api_ng_tls({Type, Key, IV, PlainTexts}) -> do_api_ng_tls({Type, Key, IV, PlainTexts, undefined}); -do_api_ng_tls({Type, Key, IV, PlainText0, ExpectedEncText}=_X) -> - ct:log("~p",[_X]), +do_api_ng_tls({Type, Key, IV, PlainText0, ExpectedEncText}) -> PlainText = iolist_to_binary(lazy_eval(PlainText0)), + ct:log("Type = ~p~nKey = ~p~nIV = ~p~nPlainText = ~p~nExpectedEncText = ~p", + [Type, Key, IV, PlainText, ExpectedEncText]), Renc = crypto:crypto_dyn_iv_init(Type, Key, true), Rdec = crypto:crypto_dyn_iv_init(Type, Key, false), EncTxt = crypto:crypto_dyn_iv_update(Renc, PlainText, IV), -- cgit v1.2.1 From 6bc08d2dd7fd224088f538297ae657113c2a575d Mon Sep 17 00:00:00 2001 From: Hans Nilsson Date: Wed, 13 May 2020 16:35:30 +0200 Subject: crypto/test: Re-write tests --- lib/crypto/test/crypto_SUITE.erl | 319 +++++++++++++++------------------------ 1 file changed, 119 insertions(+), 200 deletions(-) diff --git a/lib/crypto/test/crypto_SUITE.erl b/lib/crypto/test/crypto_SUITE.erl index 617ca9b760..ed67ecd0b3 100644 --- a/lib/crypto/test/crypto_SUITE.erl +++ b/lib/crypto/test/crypto_SUITE.erl @@ -473,8 +473,7 @@ hmac() -> [{doc, "Test hmac function"}]. hmac(Config) when is_list(Config) -> Tuples = lazy_eval(proplists:get_value(hmac, Config)), - lists:foreach(fun hmac_check/1, Tuples), - lists:foreach(fun hmac_check/1, mac_listify(Tuples)). + do_cipher_tests(fun hmac_check/1, Tuples++mac_listify(Tuples)). %%-------------------------------------------------------------------- no_hmac() -> @@ -502,8 +501,7 @@ cmac() -> [{doc, "Test all different cmac functions"}]. cmac(Config) when is_list(Config) -> Pairs = lazy_eval(proplists:get_value(cmac, Config)), - lists:foreach(fun cmac_check/1, Pairs), - lists:foreach(fun cmac_check/1, mac_listify(Pairs)). + do_cipher_tests(fun cmac_check/1, Pairs ++ mac_listify(Pairs)). %%-------------------------------------------------------------------- poly1305() -> @@ -533,8 +531,7 @@ block() -> [{doc, "Test block ciphers"}]. block(Config) when is_list(Config) -> [_|_] = Blocks = lazy_eval(proplists:get_value(cipher, Config)), - lists:foreach(fun block_cipher/1, Blocks), - lists:foreach(fun block_cipher/1, block_iolistify(Blocks)), + do_cipher_tests(fun block_cipher/1, Blocks++block_iolistify(Blocks)), lists:foreach(fun block_cipher_increment/1, block_iolistify(Blocks)). %%-------------------------------------------------------------------- @@ -833,8 +830,6 @@ no_stream_ivec(Config) when is_list(Config) -> notsup(fun crypto:stream_init/3, [Type, <<"Key">>, <<"Ivec">>]). %%-------------------------------------------------------------------- -aead() -> - [{doc, "Test AEAD ciphers"}]. aead(Config) when is_list(Config) -> [_|_] = AEADs = lazy_eval(proplists:get_value(cipher, Config)), FilteredAEADs = @@ -849,7 +844,7 @@ aead(Config) when is_list(Config) -> IVLen >= 12 end, AEADs) end, - lists:foreach(fun aead_cipher/1, FilteredAEADs). + do_cipher_tests(fun aead_cipher/1, FilteredAEADs). %%-------------------------------------------------------------------- aead_ng(Config) when is_list(Config) -> @@ -866,7 +861,7 @@ aead_ng(Config) when is_list(Config) -> IVLen >= 12 end, AEADs) end, - lists:foreach(fun aead_cipher_ng/1, FilteredAEADs ++ spec_0_bytes(Config)). + do_cipher_tests(fun aead_cipher_ng/1, FilteredAEADs ++ spec_0_bytes(Config)). %%-------------------------------------------------------------------- aead_bad_tag(Config) -> @@ -883,7 +878,7 @@ aead_bad_tag(Config) -> IVLen >= 12 end, AEADs) end, - lists:foreach(fun aead_cipher_bad_tag/1, FilteredAEADs). + do_cipher_tests(fun aead_cipher_bad_tag/1, FilteredAEADs). %%-------------------------------------------------------------------- sign_verify() -> @@ -1228,76 +1223,49 @@ hmac_increment(State0, [Increment | Rest]) -> hmac_increment(State, Rest). %%%---------------------------------------------------------------- -cmac_check({cmac, Type, Key, Text, CMac}) -> +cmac_check({cmac, Type, Key, Text, CMac}=T) -> ExpCMac = iolist_to_binary(CMac), - case crypto:cmac(Type, Key, Text) of - ExpCMac -> - ok; - Other -> - ct:fail({{crypto, cmac, [Type, Key, Text]}, {expected, ExpCMac}, {got, Other}}) - end; -cmac_check({cmac, Type, Key, Text, Size, CMac}) -> + cipher_test(T, + fun() -> crypto:cmac(Type, Key, Text) end, + ExpCMac); +cmac_check({cmac, Type, Key, Text, Size, CMac}=T) -> ExpCMac = iolist_to_binary(CMac), - case crypto:cmac(Type, Key, Text, Size) of - ExpCMac -> - ok; - Other -> - ct:fail({{crypto, cmac, [Type, Key, Text, Size]}, {expected, ExpCMac}, {got, Other}}) - end. - + cipher_test(T, + fun() -> crypto:cmac(Type, Key, Text, Size) end, + ExpCMac). -mac_check({MacType, SubType, Key, Text, Mac}) -> +mac_check({MacType, SubType, Key, Text, Mac}=T) -> ExpMac = iolist_to_binary(Mac), - case crypto:mac(MacType, SubType, Key, Text) of - ExpMac -> - ok; - Other -> - ct:fail({{crypto, mac, [MacType, SubType, Key, Text]}, {expected, ExpMac}, {got, Other}}) - end; -mac_check({MacType, SubType, Key, Text, Size, Mac}) -> + cipher_test(T, + fun() -> crypto:mac(MacType, SubType, Key, Text) end, + ExpMac); +mac_check({MacType, SubType, Key, Text, Size, Mac}=T) -> ExpMac = iolist_to_binary(Mac), - case crypto:mac(MacType, SubType, Key, Text, Size) of - ExpMac -> - ok; - Other -> - ct:fail({{crypto, mac, [MacType, SubType, Key, Text]}, {expected, ExpMac}, {got, Other}}) - end. + cipher_test(T, + fun() -> crypto:mac(MacType, SubType, Key, Text, Size) end, + ExpMac). - -block_cipher({Type, Key, PlainText}) -> +block_cipher({Type, Key, PlainText}=T) -> Plain = iolist_to_binary(PlainText), CipherText = crypto:block_encrypt(Type, Key, PlainText), - case crypto:block_decrypt(Type, Key, CipherText) of - Plain -> - ok; - Other -> - ct:fail({{crypto, block_decrypt, [Type, Key, CipherText]}, {expected, Plain}, {got, Other}}) - end; + cipher_test(T, + fun() -> crypto:block_decrypt(Type, Key, CipherText) end, + Plain); -block_cipher({Type, Key, IV, PlainText}) -> +block_cipher({Type, Key, IV, PlainText}=T) -> Plain = iolist_to_binary(PlainText), CipherText = crypto:block_encrypt(Type, Key, IV, PlainText), - case crypto:block_decrypt(Type, Key, IV, CipherText) of - Plain -> - ok; - Other -> - ct:fail({{crypto, block_decrypt, [Type, Key, IV, CipherText]}, {expected, Plain}, {got, Other}}) - end; + cipher_test(T, + fun() -> crypto:block_decrypt(Type, Key, IV, CipherText) end, + Plain); -block_cipher({Type, Key, IV, PlainText, CipherText}) -> +block_cipher({Type, Key, IV, PlainText, CipherText}=T) -> Plain = iolist_to_binary(PlainText), - case crypto:block_encrypt(Type, Key, IV, Plain) of - CipherText -> - ok; - Other0 -> - ct:fail({{crypto, block_encrypt, [Type, Key, IV, Plain]}, {expected, CipherText}, {got, Other0}}) - end, - case crypto:block_decrypt(Type, Key, IV, CipherText) of - Plain -> - ok; - Other1 -> - ct:fail({{crypto, block_decrypt, [Type, Key, IV, CipherText]}, {expected, Plain}, {got, Other1}}) - end. + cipher_test(T, + fun() -> crypto:block_encrypt(Type, Key, IV, Plain) end, + CipherText, + fun() -> crypto:block_decrypt(Type, Key, IV, CipherText) end, + Plain). block_cipher_increment({Type, Key, IV, PlainTexts}) when Type == des_cbc ; Type == des3_cbc ; @@ -1418,124 +1386,99 @@ stream_cipher_incment_loop(State0, OrigState, [PlainText | PlainTexts], Acc, Pla {State, CipherText} = crypto:stream_encrypt(State0, PlainText), stream_cipher_incment_loop(State, OrigState, PlainTexts, [CipherText | Acc], Plain). -aead_cipher({Type, Key, PlainText, IV, AAD, CipherText, CipherTag, Info}) -> +aead_cipher({Type, Key, PlainText, IV, AAD, CipherText, CipherTag, _Info}=T) -> Plain = iolist_to_binary(PlainText), - case crypto:block_encrypt(Type, Key, IV, {AAD, Plain}) of - {CipherText, CipherTag} -> - ok; - Other0 -> - ct:fail({{crypto, - block_encrypt, - [{info,Info}, {key,Key}, {pt,PlainText}, {iv,IV}, {aad,AAD}, {ct,CipherText}, {tag,CipherTag}]}, - {expected, {CipherText, CipherTag}}, - {got, Other0}}) - end, - case crypto:block_decrypt(Type, Key, IV, {AAD, CipherText, CipherTag}) of - Plain -> - ok; - Other1 -> - ct:fail({{crypto, - block_decrypt, - [{info,Info}, {key,Key}, {pt,PlainText}, {iv,IV}, {aad,AAD}, {ct,CipherText}, {tag,CipherTag}]}, - {expected, Plain}, - {got, Other1}}) - end; -aead_cipher({Type, Key, PlainText, IV, AAD, CipherText, CipherTag, TagLen, Info}) -> + cipher_test(T, + fun() -> crypto:block_encrypt(Type, Key, IV, {AAD, Plain}) end, + {CipherText, CipherTag}, + fun() -> crypto:block_decrypt(Type, Key, IV, {AAD, CipherText, CipherTag}) end, + Plain); +aead_cipher({Type, Key, PlainText, IV, AAD, CipherText, CipherTag, TagLen, _Info}=T) -> <> = CipherTag, Plain = iolist_to_binary(PlainText), - try crypto:block_encrypt(Type, Key, IV, {AAD, Plain, TagLen}) of - {CipherText, TruncatedCipherTag} -> - ok; - Other0 -> - ct:fail({{crypto, - block_encrypt, - [{info,Info}, {key,Key}, {pt,PlainText}, {iv,IV}, {aad,AAD}, {ct,CipherText}, {tag,CipherTag}, {taglen,TagLen}]}, - {expected, {CipherText, TruncatedCipherTag}}, - {got, Other0}}) - catch - error:E -> - ct:log("~p",[{Type, Key, PlainText, IV, AAD, CipherText, CipherTag, TagLen, Info}]), - try crypto:crypto_one_time_aead(Type, Key, IV, PlainText, AAD, TagLen, true) - of - RR -> - ct:log("Works: ~p",[RR]) - catch - CC:EE -> - ct:log("~p:~p", [CC,EE]) - end, - ct:fail("~p",[E]) - end, - case crypto:block_decrypt(Type, Key, IV, {AAD, CipherText, TruncatedCipherTag}) of - Plain -> - ok; - Other1 -> - ct:fail({{crypto, - block_decrypt, - [{info,Info}, {key,Key}, {pt,PlainText}, {iv,IV}, {aad,AAD}, {ct,CipherText}, {tag,CipherTag}, - {truncated,TruncatedCipherTag}]}, - {expected, Plain}, - {got, Other1}}) - end. + cipher_test(T, + fun() -> crypto:block_encrypt(Type, Key, IV, {AAD, Plain, TagLen}) end, + {CipherText, TruncatedCipherTag}, + fun() -> crypto:block_decrypt(Type, Key, IV, {AAD, CipherText, TruncatedCipherTag}) end, + Plain). -aead_cipher_ng({Type, Key, PlainText, IV, AAD, CipherText, CipherTag, Info}) -> +aead_cipher_ng({Type, Key, PlainText, IV, AAD, CipherText, CipherTag, _Info}=T) -> Plain = iolist_to_binary(PlainText), - case crypto:crypto_one_time_aead(Type, Key, IV, PlainText, AAD, true) of - {CipherText, CipherTag} -> - ok; - Other0 -> - ct:fail({{crypto, - block_encrypt, - [{info,Info}, {key,Key}, {pt,PlainText}, {iv,IV}, {aad,AAD}, {ct,CipherText}, {tag,CipherTag}]}, - {expected, {CipherText, CipherTag}}, - {got, Other0}}) - end, - case crypto:crypto_one_time_aead(Type, Key, IV, CipherText, AAD, CipherTag, false) of - Plain -> - ok; - Other1 -> - ct:fail({{crypto, - block_decrypt, - [{info,Info}, {key,Key}, {pt,PlainText}, {iv,IV}, {aad,AAD}, {ct,CipherText}, {tag,CipherTag}]}, - {expected, Plain}, - {got, Other1}}) - end; -aead_cipher_ng({Type, Key, PlainText, IV, AAD, CipherText, CipherTag, TagLen, Info}) -> + cipher_test(T, + fun() -> crypto:crypto_one_time_aead(Type, Key, IV, PlainText, AAD, true) end, + {CipherText, CipherTag}, + fun() -> crypto:crypto_one_time_aead(Type, Key, IV, CipherText, AAD, CipherTag, false) end, + Plain); +aead_cipher_ng({Type, Key, PlainText, IV, AAD, CipherText, CipherTag, TagLen, _Info}=T) -> <> = CipherTag, Plain = iolist_to_binary(PlainText), - try crypto:crypto_one_time_aead(Type, Key, IV, PlainText, AAD, TagLen, true) of - {CipherText, TruncatedCipherTag} -> - ok; - Other0 -> - ct:fail({{crypto, - block_encrypt, - [{info,Info}, {key,Key}, {pt,PlainText}, {iv,IV}, {aad,AAD}, {ct,CipherText}, {tag,CipherTag}, {taglen,TagLen}]}, - {expected, {CipherText, TruncatedCipherTag}}, - {got, Other0}}) + cipher_test(T, + fun() -> crypto:crypto_one_time_aead(Type, Key, IV, PlainText, AAD, TagLen, true) end, + {CipherText, TruncatedCipherTag}, + fun() -> crypto:crypto_one_time_aead(Type, Key, IV, CipherText, AAD, TruncatedCipherTag, false) end, + Plain). + +aead_cipher_bad_tag({Type, Key, _PlainText, IV, AAD, CipherText, CipherTag, _Info}=T) -> + BadTag = mk_bad_tag(CipherTag), + cipher_test(T, + fun() -> crypto:crypto_one_time_aead(Type, Key, IV, CipherText, AAD, BadTag, false) end, + error); +aead_cipher_bad_tag({Type, Key, _PlainText, IV, AAD, CipherText, CipherTag, TagLen, _Info}=T) -> + <> = CipherTag, + BadTruncatedTag = mk_bad_tag(TruncatedCipherTag), + cipher_test(T, + fun() -> crypto:crypto_one_time_aead(Type, Key, IV, CipherText, AAD, BadTruncatedTag, false) end, + error). + + +cipher_test(T, Fe, Ee, Fd, Ed) -> + %% Test encrypt + Re = cipher_test(encrypt, T, Fe, Ee), + %% Test decrypt + Rd = cipher_test(decrypt, T, Fd, Ed), + case {Re, Rd} of + {ok,ok} -> ok; + {ok,_} -> Rd; + {_,ok} -> Re; + _ -> {Re,Rd} + end. + +cipher_test(T, F, E) -> + cipher_test(notag, T, F, E). + +cipher_test(Tag, T, F, E) -> + try F() of + E -> ok; + Other -> {other, {Tag,T,Other}} catch - error:E -> - ct:log("~p",[{Type, Key, PlainText, IV, AAD, CipherText, CipherTag, TagLen, Info}]), - try crypto:crypto_one_time_aead(Type, Key, IV, PlainText, AAD, TagLen, true) - of - RR -> - ct:log("Works: ~p",[RR]) - catch - CC:EE -> - ct:log("~p:~p", [CC,EE]) - end, - ct:fail("~p",[E]) - end, - case crypto:crypto_one_time_aead(Type, Key, IV, CipherText, AAD, TruncatedCipherTag, false) of - Plain -> - ok; - Other1 -> - ct:fail({{crypto, - block_decrypt, - [{info,Info}, {key,Key}, {pt,PlainText}, {iv,IV}, {aad,AAD}, {ct,CipherText}, {tag,CipherTag}, - {truncated,TruncatedCipherTag}]}, - {expected, Plain}, - {got, Other1}}) + error:Error -> {error, {Tag,T,Error}} + end. + +do_cipher_tests(F, TestVectors) when is_function(F,1) -> + {Passed,Failed} = + lists:partition( + fun(R) -> R == ok end, + lists:map(F, TestVectors) + ), + BothFailed = lists:filter(fun({ok,_}) -> false; + ({_,ok}) -> false; + (ok) -> false; + (_) -> true + end, + Failed), + ct:log("Passed: ~p, BothFailed: ~p OnlyOneFailed: ~p", + [length(Passed), length(BothFailed), length(Failed)-length(BothFailed)]), + case Failed of + [] -> + ct:comment("All ~p passed", [length(Passed)]); + _ -> + ct:log("~p",[hd(Failed)]), + ct:comment("Passed: ~p, BothFailed: ~p OnlyOneFailed: ~p", + [length(Passed), length(BothFailed), length(Failed)-length(BothFailed)]), + ct:fail("Failed", []) end. + mk_bad_tag(CipherTag) -> case <<0:(size(CipherTag))/unit:8>> of CipherTag -> % The correct tag may happen to be a suite of zeroes @@ -1544,30 +1487,6 @@ mk_bad_tag(CipherTag) -> X end. -aead_cipher_bad_tag({Type, Key, PlainText, IV, AAD, CipherText, CipherTag, Info}) -> - Plain = iolist_to_binary(PlainText), - BadTag = mk_bad_tag(CipherTag), - case crypto:crypto_one_time_aead(Type, Key, IV, CipherText, AAD, BadTag, false) of - error -> - ok; - Plain -> - ct:log("~p:~p~n info: ~p~n key: ~p~n pt: ~p~n iv: ~p~n aad: ~p~n ct: ~p~n tag: ~p~n bad tag: ~p~n", - [?MODULE,?LINE,Info, Key, PlainText, IV, AAD, CipherText, CipherTag, BadTag]), - ct:fail("Didn't fail on bad tag") - end; -aead_cipher_bad_tag({Type, Key, PlainText, IV, AAD, CipherText, CipherTag, TagLen, Info}) -> - Plain = iolist_to_binary(PlainText), - <> = CipherTag, - BadTruncatedTag = mk_bad_tag(TruncatedCipherTag), - case crypto:crypto_one_time_aead(Type, Key, IV, CipherText, AAD, BadTruncatedTag, false) of - error -> - ok; - Plain -> - ct:log("~p:~p~n info: ~p~n key: ~p~n pt: ~p~n iv: ~p~n aad: ~p~n ct: ~p~n tag: ~p~n bad tag: ~p~n", - [Info, Key, PlainText, IV, AAD, CipherText, TruncatedCipherTag, BadTruncatedTag]), - ct:fail("Didn't fail on bad tag") - end. - do_sign_verify({Type, undefined=Hash, Private, Public, Msg, Signature}) -> case crypto:sign(eddsa, Hash, Msg, [Private,Type]) of Signature -> -- cgit v1.2.1 From c5036f3e29dab086b2dd5c75b4cc42e0d5ec837e Mon Sep 17 00:00:00 2001 From: Hans Nilsson Date: Mon, 18 May 2020 11:58:33 +0200 Subject: crypto/test: Update check for crypto started --- lib/crypto/test/crypto_SUITE.erl | 12 ++++++++++-- lib/crypto/test/crypto_property_test_SUITE.erl | 1 + 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/lib/crypto/test/crypto_SUITE.erl b/lib/crypto/test/crypto_SUITE.erl index ed67ecd0b3..df830b32f6 100644 --- a/lib/crypto/test/crypto_SUITE.erl +++ b/lib/crypto/test/crypto_SUITE.erl @@ -332,7 +332,7 @@ init_per_suite(Config) -> {ok, _} = zip:unzip("cmactestvectors.zip"), {ok, _} = zip:unzip("gcmtestvectors.zip"), - try crypto:start() of + try is_ok(crypto:start()) of ok -> catch ct:comment("~s",[element(3,hd(crypto:info_lib()))]), catch ct:log("crypto:info_lib() -> ~p~n" @@ -355,10 +355,18 @@ init_per_suite(Config) -> crypto:rand_seed(<< <> || _ <- lists:seq(1,16) >>), Config end - catch _:_ -> + + catch C:E:S -> + ct:log("~p ~p~n~p", [C,E,S]), {fail, "Crypto did not start"} end. +is_ok(ok) -> ok; +is_ok({error, already_started}) -> ok; +is_ok({error,{already_started,crypto}}) -> ok. + + + end_per_suite(_Config) -> application:stop(crypto). diff --git a/lib/crypto/test/crypto_property_test_SUITE.erl b/lib/crypto/test/crypto_property_test_SUITE.erl index bf137363e8..9c958007c7 100644 --- a/lib/crypto/test/crypto_property_test_SUITE.erl +++ b/lib/crypto/test/crypto_property_test_SUITE.erl @@ -35,6 +35,7 @@ init_per_suite(Config) -> try crypto:start() of ok -> true; {error, already_started} -> true; + {error,{already_started,crypto}} -> true; _ -> false catch _:_ -> false -- cgit v1.2.1