diff options
author | Vsevolod Stakhov <vsevolod@rspamd.com> | 2024-08-09 11:12:23 +0100 |
---|---|---|
committer | Vsevolod Stakhov <vsevolod@rspamd.com> | 2024-08-09 11:12:23 +0100 |
commit | 12c12bdf0c00438d0cb37d02dae5a34f41066865 (patch) | |
tree | d186aac0d2a8557fc191939339ed141e8d84c334 /test | |
parent | 96cd1f0968158e5b3d0460cf364138d22f3d22e3 (diff) | |
download | rspamd-12c12bdf0c00438d0cb37d02dae5a34f41066865.tar.gz rspamd-12c12bdf0c00438d0cb37d02dae5a34f41066865.zip |
[Project] Remove NIST mode from everywhere
Diffstat (limited to 'test')
-rw-r--r-- | test/rspamd_cryptobox_test.c | 57 | ||||
-rw-r--r-- | test/rspamd_cxx_unit_cryptobox.hxx | 60 |
2 files changed, 26 insertions, 91 deletions
diff --git a/test/rspamd_cryptobox_test.c b/test/rspamd_cryptobox_test.c index b32b2822b..03b833404 100644 --- a/test/rspamd_cryptobox_test.c +++ b/test/rspamd_cryptobox_test.c @@ -1,11 +1,11 @@ -/*- - * Copyright 2016 Vsevolod Stakhov +/* + * Copyright 2024 Vsevolod Stakhov * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -24,7 +24,6 @@ static const int mapping_size = 64 * 8192 + 1; static const int max_seg = 32; static const int random_fuzz_cnt = 10000; -enum rspamd_cryptobox_mode mode = RSPAMD_CRYPTOBOX_MODE_25519; static void * create_mapping(int mapping_len, unsigned char **beg, unsigned char **end) @@ -52,7 +51,7 @@ check_result(const rspamd_nm_t key, const rspamd_nonce_t nonce, uint64_t *t = (uint64_t *) begin; g_assert(rspamd_cryptobox_decrypt_nm_inplace(begin, end - begin, nonce, key, - mac, mode)); + mac)); while (t < (uint64_t *) end) { g_assert(*t == 0); @@ -174,33 +173,17 @@ void rspamd_cryptobox_test_func(void) /* Test baseline */ t1 = rspamd_get_ticks(TRUE); - rspamd_cryptobox_encrypt_nm_inplace(begin, end - begin, nonce, key, mac, - mode); + rspamd_cryptobox_encrypt_nm_inplace(begin, end - begin, nonce, key, mac); t2 = rspamd_get_ticks(TRUE); check_result(key, nonce, mac, begin, end); msg_info("baseline encryption: %.0f", t2 - t1); - mode = RSPAMD_CRYPTOBOX_MODE_NIST; - t1 = rspamd_get_ticks(TRUE); - rspamd_cryptobox_encrypt_nm_inplace(begin, - end - begin, - nonce, - key, - mac, - mode); - t2 = rspamd_get_ticks(TRUE); - check_result(key, nonce, mac, begin, end); - - msg_info("openssl baseline encryption: %.0f", t2 - t1); - mode = RSPAMD_CRYPTOBOX_MODE_25519; - -start: /* A single chunk as vector */ seg[0].data = begin; seg[0].len = end - begin; t1 = rspamd_get_ticks(TRUE); - rspamd_cryptobox_encryptv_nm_inplace(seg, 1, nonce, key, mac, mode); + rspamd_cryptobox_encryptv_nm_inplace(seg, 1, nonce, key, mac); t2 = rspamd_get_ticks(TRUE); check_result(key, nonce, mac, begin, end); @@ -213,7 +196,7 @@ start: seg[1].data = begin + seg[0].len; seg[1].len = (end - begin) - seg[0].len; t1 = rspamd_get_ticks(TRUE); - rspamd_cryptobox_encryptv_nm_inplace(seg, 2, nonce, key, mac, mode); + rspamd_cryptobox_encryptv_nm_inplace(seg, 2, nonce, key, mac); t2 = rspamd_get_ticks(TRUE); check_result(key, nonce, mac, begin, end); @@ -225,7 +208,7 @@ start: seg[1].data = begin + seg[0].len; seg[1].len = (end - begin) - seg[0].len; t1 = rspamd_get_ticks(TRUE); - rspamd_cryptobox_encryptv_nm_inplace(seg, 2, nonce, key, mac, mode); + rspamd_cryptobox_encryptv_nm_inplace(seg, 2, nonce, key, mac); t2 = rspamd_get_ticks(TRUE); check_result(key, nonce, mac, begin, end); @@ -237,7 +220,7 @@ start: seg[1].data = begin + seg[0].len; seg[1].len = (end - begin) - seg[0].len; t1 = rspamd_get_ticks(TRUE); - rspamd_cryptobox_encryptv_nm_inplace(seg, 2, nonce, key, mac, mode); + rspamd_cryptobox_encryptv_nm_inplace(seg, 2, nonce, key, mac); t2 = rspamd_get_ticks(TRUE); check_result(key, nonce, mac, begin, end); @@ -250,7 +233,7 @@ start: seg[1].data = begin + seg[0].len; seg[1].len = (end - begin) - seg[0].len; t1 = rspamd_get_ticks(TRUE); - rspamd_cryptobox_encryptv_nm_inplace(seg, 2, nonce, key, mac, mode); + rspamd_cryptobox_encryptv_nm_inplace(seg, 2, nonce, key, mac); t2 = rspamd_get_ticks(TRUE); check_result(key, nonce, mac, begin, end); @@ -265,7 +248,7 @@ start: seg[2].data = begin + seg[0].len + seg[1].len; seg[2].len = (end - begin) - seg[0].len - seg[1].len; t1 = rspamd_get_ticks(TRUE); - rspamd_cryptobox_encryptv_nm_inplace(seg, 3, nonce, key, mac, mode); + rspamd_cryptobox_encryptv_nm_inplace(seg, 3, nonce, key, mac); t2 = rspamd_get_ticks(TRUE); check_result(key, nonce, mac, begin, end); @@ -274,7 +257,7 @@ start: cnt = create_random_split(seg, max_seg, begin, end); t1 = rspamd_get_ticks(TRUE); - rspamd_cryptobox_encryptv_nm_inplace(seg, cnt, nonce, key, mac, mode); + rspamd_cryptobox_encryptv_nm_inplace(seg, cnt, nonce, key, mac); t2 = rspamd_get_ticks(TRUE); check_result(key, nonce, mac, begin, end); @@ -283,7 +266,7 @@ start: cnt = create_realistic_split(seg, max_seg, begin, end); t1 = rspamd_get_ticks(TRUE); - rspamd_cryptobox_encryptv_nm_inplace(seg, cnt, nonce, key, mac, mode); + rspamd_cryptobox_encryptv_nm_inplace(seg, cnt, nonce, key, mac); t2 = rspamd_get_ticks(TRUE); check_result(key, nonce, mac, begin, end); @@ -292,7 +275,7 @@ start: cnt = create_constrained_split(seg, max_seg + 1, 32, begin, end); t1 = rspamd_get_ticks(TRUE); - rspamd_cryptobox_encryptv_nm_inplace(seg, cnt, nonce, key, mac, mode); + rspamd_cryptobox_encryptv_nm_inplace(seg, cnt, nonce, key, mac); t2 = rspamd_get_ticks(TRUE); check_result(key, nonce, mac, begin, end); @@ -303,7 +286,7 @@ start: ms = ottery_rand_range(i % max_seg * 2) + 1; cnt = create_random_split(seg, ms, begin, end); t1 = rspamd_get_ticks(TRUE); - rspamd_cryptobox_encryptv_nm_inplace(seg, cnt, nonce, key, mac, mode); + rspamd_cryptobox_encryptv_nm_inplace(seg, cnt, nonce, key, mac); t2 = rspamd_get_ticks(TRUE); check_result(key, nonce, mac, begin, end); @@ -316,7 +299,7 @@ start: ms = ottery_rand_range(i % max_seg * 2) + 1; cnt = create_realistic_split(seg, ms, begin, end); t1 = rspamd_get_ticks(TRUE); - rspamd_cryptobox_encryptv_nm_inplace(seg, cnt, nonce, key, mac, mode); + rspamd_cryptobox_encryptv_nm_inplace(seg, cnt, nonce, key, mac); t2 = rspamd_get_ticks(TRUE); check_result(key, nonce, mac, begin, end); @@ -329,7 +312,7 @@ start: ms = ottery_rand_range(i % max_seg * 10) + 1; cnt = create_constrained_split(seg, ms, i, begin, end); t1 = rspamd_get_ticks(TRUE); - rspamd_cryptobox_encryptv_nm_inplace(seg, cnt, nonce, key, mac, mode); + rspamd_cryptobox_encryptv_nm_inplace(seg, cnt, nonce, key, mac); t2 = rspamd_get_ticks(TRUE); check_result(key, nonce, mac, begin, end); @@ -338,10 +321,4 @@ start: msg_info("constrained fuzz iterations: %d", i); } } - - if (!checked_openssl) { - checked_openssl = TRUE; - mode = RSPAMD_CRYPTOBOX_MODE_NIST; - goto start; - } } diff --git a/test/rspamd_cxx_unit_cryptobox.hxx b/test/rspamd_cxx_unit_cryptobox.hxx index cfa95dc61..3f3cab697 100644 --- a/test/rspamd_cxx_unit_cryptobox.hxx +++ b/test/rspamd_cxx_unit_cryptobox.hxx @@ -26,20 +26,18 @@ TEST_SUITE("rspamd_cryptobox") TEST_CASE("rspamd_cryptobox_keypair") { - enum rspamd_cryptobox_mode mode = RSPAMD_CRYPTOBOX_MODE_NIST; rspamd_sk_t sk; rspamd_pk_t pk; - rspamd_cryptobox_keypair(pk, sk, mode); + rspamd_cryptobox_keypair(pk, sk); } TEST_CASE("rspamd_cryptobox_keypair_sig") { - enum rspamd_cryptobox_mode mode = RSPAMD_CRYPTOBOX_MODE_NIST; rspamd_sig_sk_t sk; rspamd_sig_pk_t pk; - rspamd_cryptobox_keypair_sig(pk, sk, mode); + rspamd_cryptobox_keypair_sig(pk, sk); } TEST_CASE("rspamd_cryptobox_hash") @@ -124,73 +122,33 @@ TEST_SUITE("rspamd_cryptobox") rspamd_pk_t pk; rspamd_sk_t sk; rspamd_mac_t sig; - enum rspamd_cryptobox_mode mode = RSPAMD_CRYPTOBOX_MODE_25519; ottery_rand_bytes(nonce, sizeof(nonce)); - rspamd_cryptobox_keypair(pk, sk, mode); + rspamd_cryptobox_keypair(pk, sk); memset(sig, 0, sizeof(sig)); - rspamd_cryptobox_encrypt_inplace(data, len, nonce, pk, sk, sig, mode); + rspamd_cryptobox_encrypt_inplace(data, len, nonce, pk, sk, sig); - CHECK(rspamd_cryptobox_decrypt_inplace(data, len, nonce, pk, sk, sig, mode)); - } - - TEST_CASE("rspamd_cryptobox_encrypt_inplace_p256") - { - unsigned char data[256]; - gsize len = sizeof(data); - rspamd_nonce_t nonce; - rspamd_pk_t pk; - rspamd_sk_t sk; - rspamd_mac_t sig; - enum rspamd_cryptobox_mode mode = RSPAMD_CRYPTOBOX_MODE_NIST; - - ottery_rand_bytes(nonce, sizeof(nonce)); - - rspamd_cryptobox_keypair(pk, sk, mode); - - memset(sig, 0, sizeof(sig)); - - rspamd_cryptobox_encrypt_inplace(data, len, nonce, pk, sk, sig, mode); - - CHECK(rspamd_cryptobox_decrypt_inplace(data, len, nonce, pk, sk, sig, mode)); + CHECK(rspamd_cryptobox_decrypt_inplace(data, len, nonce, pk, sk, sig)); } TEST_CASE("rspamd_cryptobox_sign_25519") { - enum rspamd_cryptobox_mode mode = RSPAMD_CRYPTOBOX_MODE_25519; - rspamd_sig_sk_t sk; - rspamd_sig_pk_t pk; - unsigned char sig[256]; - unsigned long long siglen; - std::string m{"data to be signed"}; - - rspamd_cryptobox_keypair_sig(pk, sk, mode); - - rspamd_cryptobox_sign(sig, &siglen, - reinterpret_cast<const unsigned char *>(m.data()), m.size(), sk, mode); - bool check_result = rspamd_cryptobox_verify(sig, siglen, - reinterpret_cast<const unsigned char *>(m.data()), m.size(), pk, mode); - CHECK(check_result == true); - } - - TEST_CASE("rspamd_cryptobox_sign_nist") - { - enum rspamd_cryptobox_mode mode = RSPAMD_CRYPTOBOX_MODE_NIST; rspamd_sig_sk_t sk; rspamd_sig_pk_t pk; unsigned char sig[256]; unsigned long long siglen; std::string m{"data to be signed"}; - rspamd_cryptobox_keypair_sig(pk, sk, mode); + rspamd_cryptobox_keypair_sig(pk, sk); rspamd_cryptobox_sign(sig, &siglen, - reinterpret_cast<const unsigned char *>(m.data()), m.size(), sk, mode); + reinterpret_cast<const unsigned char *>(m.data()), m.size(), sk); bool check_result = rspamd_cryptobox_verify(sig, siglen, - reinterpret_cast<const unsigned char *>(m.data()), m.size(), pk, mode); + reinterpret_cast<const unsigned char *>(m.data()), m.size(), + pk); CHECK(check_result == true); } } |