Merge pull request #5099 from rspamd/vstakhov-remove-nist-cryptobox

Remove NIST mode from cryptobox
author: Vsevolod Stakhov <vsevolod@rspamd.com> 2024-08-09 18:39:05 +0600
committer: GitHub <noreply@github.com> 2024-08-09 18:39:05 +0600
commit: 8996bc1e16da4ae6775415a7b668904211f0e22a (patch)
tree: c3a2cd1ccb3a4eae0571744d5e3b61cb67aa75fd /test/rspamd_cryptobox_test.c
parent: 2b3ed07bca8c6e1afb2716a7dc933b8ba1bf3c6c (diff)
parent: 03aa3490726177fb3cf9da5b80f63dc9bf5993dc (diff)
download: rspamd-8996bc1e16da4ae6775415a7b668904211f0e22a.tar.gz
rspamd-8996bc1e16da4ae6775415a7b668904211f0e22a.zip
1 files changed, 17 insertions, 40 deletions
diff --git a/test/rspamd_cryptobox_test.c b/test/rspamd_cryptobox_test.c
index b32b2822b..03b833404 100644
--- a/test/rspamd_cryptobox_test.c
+++ b/test/rspamd_cryptobox_test.c
@@ -1,11 +1,11 @@
-/*-
- * Copyright 2016 Vsevolod Stakhov
+/*
+ * Copyright 2024 Vsevolod Stakhov
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
- *   http://www.apache.org/licenses/LICENSE-2.0
+ *    http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
@@ -24,7 +24,6 @@
 static const int mapping_size = 64 * 8192 + 1;
 static const int max_seg = 32;
 static const int random_fuzz_cnt = 10000;
-enum rspamd_cryptobox_mode mode = RSPAMD_CRYPTOBOX_MODE_25519;
 
 static void *
 create_mapping(int mapping_len, unsigned char **beg, unsigned char **end)
@@ -52,7 +51,7 @@ check_result(const rspamd_nm_t key, const rspamd_nonce_t nonce,
 	uint64_t *t = (uint64_t *) begin;
 
 	g_assert(rspamd_cryptobox_decrypt_nm_inplace(begin, end - begin, nonce, key,
-												 mac, mode));
+												 mac));
 
 	while (t < (uint64_t *) end) {
 		g_assert(*t == 0);
@@ -174,33 +173,17 @@ void rspamd_cryptobox_test_func(void)
 
 	/* Test baseline */
 	t1 = rspamd_get_ticks(TRUE);
-	rspamd_cryptobox_encrypt_nm_inplace(begin, end - begin, nonce, key, mac,
-										mode);
+	rspamd_cryptobox_encrypt_nm_inplace(begin, end - begin, nonce, key, mac);
 	t2 = rspamd_get_ticks(TRUE);
 	check_result(key, nonce, mac, begin, end);
 
 	msg_info("baseline encryption: %.0f", t2 - t1);
 
-	mode = RSPAMD_CRYPTOBOX_MODE_NIST;
-	t1 = rspamd_get_ticks(TRUE);
-	rspamd_cryptobox_encrypt_nm_inplace(begin,
-										end - begin,
-										nonce,
-										key,
-										mac,
-										mode);
-	t2 = rspamd_get_ticks(TRUE);
-	check_result(key, nonce, mac, begin, end);
-
-	msg_info("openssl baseline encryption: %.0f", t2 - t1);
-	mode = RSPAMD_CRYPTOBOX_MODE_25519;
-
-start:
 	/* A single chunk as vector */
 	seg[0].data = begin;
 	seg[0].len = end - begin;
 	t1 = rspamd_get_ticks(TRUE);
-	rspamd_cryptobox_encryptv_nm_inplace(seg, 1, nonce, key, mac, mode);
+	rspamd_cryptobox_encryptv_nm_inplace(seg, 1, nonce, key, mac);
 	t2 = rspamd_get_ticks(TRUE);
 
 	check_result(key, nonce, mac, begin, end);
@@ -213,7 +196,7 @@ start:
 	seg[1].data = begin + seg[0].len;
 	seg[1].len = (end - begin) - seg[0].len;
 	t1 = rspamd_get_ticks(TRUE);
-	rspamd_cryptobox_encryptv_nm_inplace(seg, 2, nonce, key, mac, mode);
+	rspamd_cryptobox_encryptv_nm_inplace(seg, 2, nonce, key, mac);
 	t2 = rspamd_get_ticks(TRUE);
 
 	check_result(key, nonce, mac, begin, end);
@@ -225,7 +208,7 @@ start:
 	seg[1].data = begin + seg[0].len;
 	seg[1].len = (end - begin) - seg[0].len;
 	t1 = rspamd_get_ticks(TRUE);
-	rspamd_cryptobox_encryptv_nm_inplace(seg, 2, nonce, key, mac, mode);
+	rspamd_cryptobox_encryptv_nm_inplace(seg, 2, nonce, key, mac);
 	t2 = rspamd_get_ticks(TRUE);
 
 	check_result(key, nonce, mac, begin, end);
@@ -237,7 +220,7 @@ start:
 	seg[1].data = begin + seg[0].len;
 	seg[1].len = (end - begin) - seg[0].len;
 	t1 = rspamd_get_ticks(TRUE);
-	rspamd_cryptobox_encryptv_nm_inplace(seg, 2, nonce, key, mac, mode);
+	rspamd_cryptobox_encryptv_nm_inplace(seg, 2, nonce, key, mac);
 	t2 = rspamd_get_ticks(TRUE);
 
 	check_result(key, nonce, mac, begin, end);
@@ -250,7 +233,7 @@ start:
 	seg[1].data = begin + seg[0].len;
 	seg[1].len = (end - begin) - seg[0].len;
 	t1 = rspamd_get_ticks(TRUE);
-	rspamd_cryptobox_encryptv_nm_inplace(seg, 2, nonce, key, mac, mode);
+	rspamd_cryptobox_encryptv_nm_inplace(seg, 2, nonce, key, mac);
 	t2 = rspamd_get_ticks(TRUE);
 
 	check_result(key, nonce, mac, begin, end);
@@ -265,7 +248,7 @@ start:
 	seg[2].data = begin + seg[0].len + seg[1].len;
 	seg[2].len = (end - begin) - seg[0].len - seg[1].len;
 	t1 = rspamd_get_ticks(TRUE);
-	rspamd_cryptobox_encryptv_nm_inplace(seg, 3, nonce, key, mac, mode);
+	rspamd_cryptobox_encryptv_nm_inplace(seg, 3, nonce, key, mac);
 	t2 = rspamd_get_ticks(TRUE);
 
 	check_result(key, nonce, mac, begin, end);
@@ -274,7 +257,7 @@ start:
 
 	cnt = create_random_split(seg, max_seg, begin, end);
 	t1 = rspamd_get_ticks(TRUE);
-	rspamd_cryptobox_encryptv_nm_inplace(seg, cnt, nonce, key, mac, mode);
+	rspamd_cryptobox_encryptv_nm_inplace(seg, cnt, nonce, key, mac);
 	t2 = rspamd_get_ticks(TRUE);
 
 	check_result(key, nonce, mac, begin, end);
@@ -283,7 +266,7 @@ start:
 
 	cnt = create_realistic_split(seg, max_seg, begin, end);
 	t1 = rspamd_get_ticks(TRUE);
-	rspamd_cryptobox_encryptv_nm_inplace(seg, cnt, nonce, key, mac, mode);
+	rspamd_cryptobox_encryptv_nm_inplace(seg, cnt, nonce, key, mac);
 	t2 = rspamd_get_ticks(TRUE);
 
 	check_result(key, nonce, mac, begin, end);
@@ -292,7 +275,7 @@ start:
 
 	cnt = create_constrained_split(seg, max_seg + 1, 32, begin, end);
 	t1 = rspamd_get_ticks(TRUE);
-	rspamd_cryptobox_encryptv_nm_inplace(seg, cnt, nonce, key, mac, mode);
+	rspamd_cryptobox_encryptv_nm_inplace(seg, cnt, nonce, key, mac);
 	t2 = rspamd_get_ticks(TRUE);
 
 	check_result(key, nonce, mac, begin, end);
@@ -303,7 +286,7 @@ start:
 		ms = ottery_rand_range(i % max_seg * 2) + 1;
 		cnt = create_random_split(seg, ms, begin, end);
 		t1 = rspamd_get_ticks(TRUE);
-		rspamd_cryptobox_encryptv_nm_inplace(seg, cnt, nonce, key, mac, mode);
+		rspamd_cryptobox_encryptv_nm_inplace(seg, cnt, nonce, key, mac);
 		t2 = rspamd_get_ticks(TRUE);
 
 		check_result(key, nonce, mac, begin, end);
@@ -316,7 +299,7 @@ start:
 		ms = ottery_rand_range(i % max_seg * 2) + 1;
 		cnt = create_realistic_split(seg, ms, begin, end);
 		t1 = rspamd_get_ticks(TRUE);
-		rspamd_cryptobox_encryptv_nm_inplace(seg, cnt, nonce, key, mac, mode);
+		rspamd_cryptobox_encryptv_nm_inplace(seg, cnt, nonce, key, mac);
 		t2 = rspamd_get_ticks(TRUE);
 
 		check_result(key, nonce, mac, begin, end);
@@ -329,7 +312,7 @@ start:
 		ms = ottery_rand_range(i % max_seg * 10) + 1;
 		cnt = create_constrained_split(seg, ms, i, begin, end);
 		t1 = rspamd_get_ticks(TRUE);
-		rspamd_cryptobox_encryptv_nm_inplace(seg, cnt, nonce, key, mac, mode);
+		rspamd_cryptobox_encryptv_nm_inplace(seg, cnt, nonce, key, mac);
 		t2 = rspamd_get_ticks(TRUE);
 
 		check_result(key, nonce, mac, begin, end);
@@ -338,10 +321,4 @@ start:
 			msg_info("constrained fuzz iterations: %d", i);
 		}
 	}
-
-	if (!checked_openssl) {
-		checked_openssl = TRUE;
-		mode = RSPAMD_CRYPTOBOX_MODE_NIST;
-		goto start;
-	}
 }
author	Vsevolod Stakhov <vsevolod@rspamd.com>	2024-08-09 18:39:05 +0600
committer	GitHub <noreply@github.com>	2024-08-09 18:39:05 +0600
commit	8996bc1e16da4ae6775415a7b668904211f0e22a (patch)
tree	c3a2cd1ccb3a4eae0571744d5e3b61cb67aa75fd /test/rspamd_cryptobox_test.c
parent	2b3ed07bca8c6e1afb2716a7dc933b8ba1bf3c6c (diff)
parent	03aa3490726177fb3cf9da5b80f63dc9bf5993dc (diff)
download	rspamd-8996bc1e16da4ae6775415a7b668904211f0e22a.tar.gz rspamd-8996bc1e16da4ae6775415a7b668904211f0e22a.zip