Merge pull request #54 from brycx/test-organization

v0.12.4
orion-rs · Jan 30, 2019 · 05c15ba · 05c15ba
2 parents e3671b1 + 0bac2a2
commit 05c15ba
Show file tree

Hide file tree

Showing 22 changed files with 5,114 additions and 2,161 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "orion"
-version = "0.12.3"
+version = "0.12.4"
 authors = ["brycx <[email protected]>"]
 description = "Easy and usable rust crypto"
 keywords = [ "cryptography", "blake2", "aead", "sha2", "xchacha20_poly1305" ]
@@ -34,7 +34,7 @@ no_std = [ "clear_on_drop/nightly", "subtle/nightly" ]
 [dev-dependencies]
 hex = "0.3.2"
 serde_json = "1.0.37"
-
+quickcheck = "0.8.0"
 
 [profile.dev]
 opt-level = 1

diff --git a/fuzz/Cargo.toml b/fuzz/Cargo.toml
@@ -9,9 +9,9 @@ publish = false
 cargo-fuzz = true
 
 [dependencies]
-ring = "0.13.5"
+ring = "0.14.3"
 sp800-185 = "0.2.0"
-chacha = "0.2.0"
+chacha = "0.3.0"
 sodiumoxide = { git = "https://github.com/sodiumoxide/sodiumoxide" }
 blake2-rfc = "0.2.18"
 

diff --git a/fuzz/fuzz_targets/chacha20_poly1305_compare.rs b/fuzz/fuzz_targets/chacha20_poly1305_compare.rs
@@ -35,14 +35,20 @@ fuzz_target!(|data: &[u8]| {
 
 	let enc_key = ring::aead::SealingKey::new(&ring::aead::CHACHA20_POLY1305, &key).unwrap();
 	let dec_key = ring::aead::OpeningKey::new(&ring::aead::CHACHA20_POLY1305, &key).unwrap();
+
+	let ring_nonce_enc = ring::aead::Nonce::try_assume_unique_for_key(&nonce).unwrap();
+	let ring_aad_enc = ring::aead::Aad::from(&aad);
+
+	let ring_nonce_dec = ring::aead::Nonce::try_assume_unique_for_key(&nonce).unwrap();
+	let ring_aad_dec = ring::aead::Aad::from(&aad);
 
 	let mut ciphertext_with_tag_ring: Vec<u8> = vec![0u8; plaintext.len() + 16];
 	let mut plaintext_out_ring = Vec::new();
 	// Insert plaintext
 	ciphertext_with_tag_ring[..plaintext.len()].copy_from_slice(&plaintext);
 
 	let index =
-		ring::aead::seal_in_place(&enc_key, &nonce, &aad, &mut ciphertext_with_tag_ring, 16)
+		ring::aead::seal_in_place(&enc_key, ring_nonce_enc, ring_aad_enc, &mut ciphertext_with_tag_ring, 16)
 			.unwrap();
 	assert_eq!(
 		&ciphertext_with_tag_ring[..index].as_ref(),
@@ -53,7 +59,7 @@ fuzz_target!(|data: &[u8]| {
 		&ciphertext_with_tag_ring[index - 16..index].as_ref(),
 		&ciphertext_with_tag_orion[plaintext.len()..].as_ref()
 	);
-	ring::aead::open_in_place(&dec_key, &nonce, &aad, 0, &mut ciphertext_with_tag_ring).unwrap();
+	ring::aead::open_in_place(&dec_key, ring_nonce_dec, ring_aad_dec, 0, &mut ciphertext_with_tag_ring).unwrap();
 	plaintext_out_ring.extend_from_slice(&ciphertext_with_tag_ring);
 	assert_eq!(
 		&ciphertext_with_tag_ring[..plaintext.len()].as_ref(),

diff --git a/fuzz/fuzz_targets/ring_compare.rs b/fuzz/fuzz_targets/ring_compare.rs
@@ -56,7 +56,7 @@ fn ro_pbkdf2(data: &[u8]) {
 	pbkdf2::derive_key(&orion_password, &salt, iter, &mut dk_out_orion).unwrap();
 	ring_pbkdf2::derive(
 		&digest::SHA512,
-		iter as u32,
+		std::num::NonZeroU32::new(iter as u32).unwrap(),
 		&salt,
 		&password,
 		&mut dk_out_ring,
@@ -65,7 +65,7 @@ fn ro_pbkdf2(data: &[u8]) {
 	assert_eq!(&dk_out_ring, &dk_out_orion);
 	assert!(ring_pbkdf2::verify(
 		&digest::SHA512,
-		iter as u32,
+		std::num::NonZeroU32::new(iter as u32).unwrap(),
 		&salt,
 		&password,
 		&dk_out_orion

diff --git a/src/aead.rs b/src/aead.rs
@@ -130,85 +130,140 @@ pub fn open(
 	Ok(dst_out)
 }
 
-#[test]
-fn auth_enc_encryption_decryption() {
-	let key = SecretKey::default();
-	let plaintext = "Secret message".as_bytes().to_vec();
-
-	let dst_ciphertext = seal(&key, &plaintext).unwrap();
-	assert!(dst_ciphertext.len() == plaintext.len() + (24 + 16));
-	let dst_plaintext = open(&key, &dst_ciphertext).unwrap();
-	assert!(dst_plaintext.len() == plaintext.len());
-	assert_eq!(plaintext, dst_plaintext);
-}
+// Testing public functions in the module.
+#[cfg(test)]
+mod public {
+	use super::*;
 
-#[test]
-fn auth_enc_plaintext_empty_err() {
-	let key = SecretKey::default();
-	let plaintext = "".as_bytes().to_vec();
+	mod test_seal_open {
+		use super::*;
+		#[test]
+		fn test_auth_enc_encryption_decryption() {
+			let key = SecretKey::default();
+			let plaintext = "Secret message".as_bytes().to_vec();
 
-	assert!(seal(&key, &plaintext).is_err());
-}
+			let dst_ciphertext = seal(&key, &plaintext).unwrap();
+			assert!(dst_ciphertext.len() == plaintext.len() + (24 + 16));
+			let dst_plaintext = open(&key, &dst_ciphertext).unwrap();
+			assert!(dst_plaintext.len() == plaintext.len());
+			assert_eq!(plaintext, dst_plaintext);
+		}
 
-#[test]
-fn auth_enc_ciphertext_less_than_41_err() {
-	let key = SecretKey::default();
-	let ciphertext = [0u8; 40];
+		#[test]
+		fn test_auth_enc_plaintext_empty_err() {
+			let key = SecretKey::default();
+			let plaintext = "".as_bytes().to_vec();
 
-	assert!(open(&key, &ciphertext).is_err());
-}
+			assert!(seal(&key, &plaintext).is_err());
+		}
 
-#[test]
-fn test_modified_nonce_err() {
-	let key = SecretKey::default();
-	let plaintext = "Secret message".as_bytes().to_vec();
+		#[test]
+		fn test_auth_enc_ciphertext_less_than_41_err() {
+			let key = SecretKey::default();
+			let ciphertext = [0u8; 40];
 
-	let mut dst_ciphertext = seal(&key, &plaintext).unwrap();
-	// Modify nonce
-	dst_ciphertext[10] ^= 1;
-	assert!(open(&key, &dst_ciphertext).is_err());
-}
+			assert!(open(&key, &ciphertext).is_err());
+		}
 
-#[test]
-fn test_modified_ciphertext_err() {
-	let key = SecretKey::default();
-	let plaintext = "Secret message".as_bytes().to_vec();
+		#[test]
+		fn test_modified_nonce_err() {
+			let key = SecretKey::default();
+			let plaintext = "Secret message".as_bytes().to_vec();
 
-	let mut dst_ciphertext = seal(&key, &plaintext).unwrap();
-	// Modify ciphertext
-	dst_ciphertext[25] ^= 1;
-	assert!(open(&key, &dst_ciphertext).is_err());
-}
+			let mut dst_ciphertext = seal(&key, &plaintext).unwrap();
+			// Modify nonce
+			dst_ciphertext[10] ^= 1;
+			assert!(open(&key, &dst_ciphertext).is_err());
+		}
 
-#[test]
-fn test_modified_tag_err() {
-	let key = SecretKey::default();
-	let plaintext = "Secret message".as_bytes().to_vec();
+		#[test]
+		fn test_modified_ciphertext_err() {
+			let key = SecretKey::default();
+			let plaintext = "Secret message".as_bytes().to_vec();
 
-	let mut dst_ciphertext = seal(&key, &plaintext).unwrap();
-	let dst_ciphertext_len = dst_ciphertext.len();
-	// Modify tag
-	dst_ciphertext[dst_ciphertext_len - 6] ^= 1;
-	assert!(open(&key, &dst_ciphertext).is_err());
-}
+			let mut dst_ciphertext = seal(&key, &plaintext).unwrap();
+			// Modify ciphertext
+			dst_ciphertext[25] ^= 1;
+			assert!(open(&key, &dst_ciphertext).is_err());
+		}
 
-#[test]
-fn test_diff_secret_key_err() {
-	let key = SecretKey::default();
-	let plaintext = "Secret message".as_bytes().to_vec();
+		#[test]
+		fn test_modified_tag_err() {
+			let key = SecretKey::default();
+			let plaintext = "Secret message".as_bytes().to_vec();
 
-	let dst_ciphertext = seal(&key, &plaintext).unwrap();
-	let bad_key = SecretKey::default();
-	assert!(open(&bad_key, &dst_ciphertext).is_err());
-}
+			let mut dst_ciphertext = seal(&key, &plaintext).unwrap();
+			let dst_ciphertext_len = dst_ciphertext.len();
+			// Modify tag
+			dst_ciphertext[dst_ciphertext_len - 6] ^= 1;
+			assert!(open(&key, &dst_ciphertext).is_err());
+		}
+
+		#[test]
+		fn test_diff_secret_key_err() {
+			let key = SecretKey::default();
+			let plaintext = "Secret message".as_bytes().to_vec();
 
-#[test]
-fn test_secret_length_err() {
-	let key = SecretKey::generate(31).unwrap();
-	let plaintext = "Secret message Secret message Secret message Secret message "
-		.as_bytes()
-		.to_vec();
+			let dst_ciphertext = seal(&key, &plaintext).unwrap();
+			let bad_key = SecretKey::default();
+			assert!(open(&bad_key, &dst_ciphertext).is_err());
+		}
 
-	assert!(seal(&key, &plaintext).is_err());
-	assert!(open(&key, &plaintext).is_err());
+		#[test]
+		fn test_secret_length_err() {
+			let key = SecretKey::generate(31).unwrap();
+			let plaintext = "Secret message Secret message Secret message Secret message "
+				.as_bytes()
+				.to_vec();
+
+			assert!(seal(&key, &plaintext).is_err());
+			assert!(open(&key, &plaintext).is_err());
+		}
+	}
+
+	// Proptests. Only exectued when NOT testing no_std.
+	#[cfg(feature = "safe_api")]
+	mod proptest {
+		use super::*;
+
+		quickcheck! {
+			// Sealing input, and then opening should always yield the same input.
+			fn prop_seal_open_same_input(input: Vec<u8>) -> bool {
+				let pt = if input.is_empty() {
+					vec![1u8; 10]
+				} else {
+					input
+				};
+
+				let sk = SecretKey::default();
+
+				let ct = seal(&sk, &pt).unwrap();
+				let pt_decrypted = open(&sk, &ct).unwrap();
+
+				(pt == pt_decrypted)
+			}
+		}
+
+		quickcheck! {
+			// Sealing input, modifying the tag and then opening should
+			// always fail due to authentication.
+			fn prop_fail_on_diff_key(input: Vec<u8>) -> bool {
+				let pt = if input.is_empty() {
+					vec![1u8; 10]
+				} else {
+					input
+				};
+
+				let sk = SecretKey::default();
+				let sk2 = SecretKey::default();
+
+				let ct = seal(&sk, &pt).unwrap();
+				if open(&sk2, &ct).is_err() {
+					true
+				} else {
+					false
+				}
+			}
+		}
+	}
 }