diff options
| author | Wiktor Kwapisiewicz <wiktor@metacode.biz> | 2022-10-28 12:25:07 +0200 |
|---|---|---|
| committer | Wiktor Kwapisiewicz <wiktor@metacode.biz> | 2022-12-21 10:50:48 +0100 |
| commit | 31564c1c6e5b5ff4ff3596bb755ba2f7395f83df (patch) | |
| tree | bf453da95e34f2c0d9d8fda377238beef351bbbc | |
| parent | 620903fa33a3f2f3b2aa5ac0b5d4731251aee157 (diff) | |
openpgp: Check for supported AEAD ciphersuite in tests.
- Previously the AEAD roundtrip test checked supported symmetric
ciphers and AEAD algorithms separately but only certain combinations
of them are valid in some libraries.
- See: https://openpgp-wg.gitlab.io/rfc4880bis/#name-preferred-aead-ciphersuites
| -rw-r--r-- | openpgp/src/crypto/aead.rs | 9 | ||||
| -rw-r--r-- | openpgp/src/crypto/backend/cng.rs | 18 | ||||
| -rw-r--r-- | openpgp/src/crypto/backend/nettle.rs | 18 | ||||
| -rw-r--r-- | openpgp/src/crypto/backend/rust.rs | 19 |
4 files changed, 56 insertions, 8 deletions
diff --git a/openpgp/src/crypto/aead.rs b/openpgp/src/crypto/aead.rs index 6b35fec1..43a1aaad 100644 --- a/openpgp/src/crypto/aead.rs +++ b/openpgp/src/crypto/aead.rs @@ -832,17 +832,10 @@ mod tests { .iter() .filter(|algo| algo.is_supported()) { - if cfg!(feature = "crypto-rust") - && sym_algo == &SymmetricAlgorithm::Twofish { - eprintln!("XXX: Skipping Twofish until Twofish \ - implements Clone"); - continue; - } - for aead in [ AEADAlgorithm::EAX, AEADAlgorithm::OCB, - ].iter().filter(|algo| algo.is_supported()) { + ].iter().filter(|algo| algo.is_supported() && algo.supports_symmetric_algo(sym_algo)) { let chunk_size = 64; let mut key = vec![0; sym_algo.key_size().unwrap()]; crate::crypto::random(&mut key); diff --git a/openpgp/src/crypto/backend/cng.rs b/openpgp/src/crypto/backend/cng.rs index b2a47e74..607b0414 100644 --- a/openpgp/src/crypto/backend/cng.rs +++ b/openpgp/src/crypto/backend/cng.rs @@ -67,4 +67,22 @@ impl AEADAlgorithm { => false, } } + + #[cfg(test)] + pub(crate) fn supports_symmetric_algo(&self, algo: &SymmetricAlgorithm) -> bool { + match &self { + AEADAlgorithm::EAX => + match algo { + SymmetricAlgorithm::AES128 | + SymmetricAlgorithm::AES192 | + SymmetricAlgorithm::AES256 | + SymmetricAlgorithm::Twofish | + SymmetricAlgorithm::Camellia128 | + SymmetricAlgorithm::Camellia192 | + SymmetricAlgorithm::Camellia256 => true, + _ => false, + }, + _ => false + } + } } diff --git a/openpgp/src/crypto/backend/nettle.rs b/openpgp/src/crypto/backend/nettle.rs index 716ec5e1..d2197493 100644 --- a/openpgp/src/crypto/backend/nettle.rs +++ b/openpgp/src/crypto/backend/nettle.rs @@ -66,4 +66,22 @@ impl AEADAlgorithm { => false, } } + + #[cfg(test)] + pub(crate) fn supports_symmetric_algo(&self, algo: &SymmetricAlgorithm) -> bool { + match &self { + AEADAlgorithm::EAX => + match algo { + SymmetricAlgorithm::AES128 | + SymmetricAlgorithm::AES192 | + SymmetricAlgorithm::AES256 | + SymmetricAlgorithm::Twofish | + SymmetricAlgorithm::Camellia128 | + SymmetricAlgorithm::Camellia192 | + SymmetricAlgorithm::Camellia256 => true, + _ => false, + }, + _ => false + } + } } diff --git a/openpgp/src/crypto/backend/rust.rs b/openpgp/src/crypto/backend/rust.rs index 61784b2c..7fe567ef 100644 --- a/openpgp/src/crypto/backend/rust.rs +++ b/openpgp/src/crypto/backend/rust.rs @@ -73,4 +73,23 @@ impl AEADAlgorithm { => false, } } + + #[cfg(test)] + pub(crate) fn supports_symmetric_algo(&self, algo: &SymmetricAlgorithm) -> bool { + match &self { + AEADAlgorithm::EAX => + match algo { + SymmetricAlgorithm::AES128 | + SymmetricAlgorithm::AES192 | + SymmetricAlgorithm::AES256 | + // XXX: Skipping Twofish until Twofish implements Clone + // SymmetricAlgorithm::Twofish | + SymmetricAlgorithm::Camellia128 | + SymmetricAlgorithm::Camellia192 | + SymmetricAlgorithm::Camellia256 => true, + _ => false, + }, + _ => false + } + } } |