From 8263f8916a8003671eafcc374f4466a715a6bf97 Mon Sep 17 00:00:00 2001 From: Wiktor Kwapisiewicz Date: Mon, 3 Oct 2022 11:50:14 +0200 Subject: openpgp: Adjust test suite to filter out unsupported AEAD algorithms. --- openpgp/src/packet/skesk.rs | 6 ++++-- openpgp/src/parse.rs | 34 ++++++++++++++++++++++++++++++++++ 2 files changed, 38 insertions(+), 2 deletions(-) diff --git a/openpgp/src/packet/skesk.rs b/openpgp/src/packet/skesk.rs index 1a3a74f7..f4acb916 100644 --- a/openpgp/src/packet/skesk.rs +++ b/openpgp/src/packet/skesk.rs @@ -566,7 +566,7 @@ impl From for Packet { #[cfg(test)] impl Arbitrary for SKESK5 { fn arbitrary(g: &mut Gen) -> Self { - let algo = AEADAlgorithm::EAX; // The only one we dig. + let algo = AEADAlgorithm::const_default(); let mut iv = vec![0u8; algo.nonce_size().unwrap()]; for b in iv.iter_mut() { *b = u8::arbitrary(g); @@ -633,9 +633,11 @@ mod test { &[0xb2, 0x55, 0x69, 0xb9, 0x54, 0x32, 0x45, 0x66, 0x45, 0x27, 0xc4, 0x97, 0x6e, 0x7a, 0x5d, 0x6e][..]); - assert_eq!(&s.decrypt(&password).unwrap().1[..], + if AEADAlgorithm::EAX.is_supported() { + assert_eq!(&s.decrypt(&password).unwrap().1[..], &[0x86, 0xf1, 0xef, 0xb8, 0x69, 0x52, 0x32, 0x9f, 0x24, 0xac, 0xd3, 0xbf, 0xd0, 0xe5, 0x34, 0x6d][..]); + } } else { panic!("bad packet"); } diff --git a/openpgp/src/parse.rs b/openpgp/src/parse.rs index 85c372f7..9b90c751 100644 --- a/openpgp/src/parse.rs +++ b/openpgp/src/parse.rs @@ -5413,6 +5413,7 @@ mod test { struct DecryptTest<'a> { filename: &'a str, algo: SymmetricAlgorithm, + aead_algo: Option, key_hex: &'a str, plaintext: Data<'a>, paths: &'a[ (Tag, &'a[ usize ] ) ], @@ -5427,6 +5428,7 @@ mod test { DecryptTest { filename: "encrypted-aes256-password-123.gpg", algo: SymmetricAlgorithm::AES256, + aead_algo: None, key_hex: "7EF4F08C44F780BEA866961423306166B8912C43352F3D9617F745E4E3939710", plaintext: Data::File("a-cypherpunks-manifesto.txt"), paths: &[ @@ -5439,6 +5441,7 @@ mod test { DecryptTest { filename: "encrypted-aes192-password-123456.gpg", algo: SymmetricAlgorithm::AES192, + aead_algo: None, key_hex: "B2F747F207EFF198A6C826F1D398DE037986218ED468DB61", plaintext: Data::File("a-cypherpunks-manifesto.txt"), paths: &[ @@ -5451,6 +5454,7 @@ mod test { DecryptTest { filename: "encrypted-aes128-password-123456789.gpg", algo: SymmetricAlgorithm::AES128, + aead_algo: None, key_hex: "AC0553096429260B4A90B1CEC842D6A0", plaintext: Data::File("a-cypherpunks-manifesto.txt"), paths: &[ @@ -5463,6 +5467,7 @@ mod test { DecryptTest { filename: "encrypted-twofish-password-red-fish-blue-fish.gpg", algo: SymmetricAlgorithm::Twofish, + aead_algo: None, key_hex: "96AFE1EDFA7C9CB7E8B23484C718015E5159CFA268594180D4DB68B2543393CB", plaintext: Data::File("a-cypherpunks-manifesto.txt"), paths: &[ @@ -5482,6 +5487,7 @@ mod test { DecryptTest { filename: "seip/msg-compression-not-signed-password-123.pgp", algo: SymmetricAlgorithm::AES128, + aead_algo: None, key_hex: "86A8C1C7961F55A3BE181A990D0ABB2A", plaintext: Data::String(b"compression, not signed\n"), paths: &[ @@ -5496,6 +5502,7 @@ mod test { DecryptTest { filename: "seip/msg-compression-signed-password-123.pgp", algo: SymmetricAlgorithm::AES128, + aead_algo: None, key_hex: "1B195CD35CAD4A99D9399B4CDA4CDA4E", plaintext: Data::String(b"compression, signed\n"), paths: &[ @@ -5511,6 +5518,7 @@ mod test { DecryptTest { filename: "seip/msg-no-compression-not-signed-password-123.pgp", algo: SymmetricAlgorithm::AES128, + aead_algo: None, key_hex: "AFB43B83A4B9D971E4B4A4C53749076A", plaintext: Data::String(b"no compression, not signed\n"), paths: &[ @@ -5523,6 +5531,7 @@ mod test { DecryptTest { filename: "seip/msg-no-compression-signed-password-123.pgp", algo: SymmetricAlgorithm::AES128, + aead_algo: None, key_hex: "9D5DB92F77F0E4A356EE53813EF2C3DC", plaintext: Data::String(b"no compression, signed\n"), paths: &[ @@ -5539,6 +5548,7 @@ mod test { DecryptTest { filename: "aed/msg-aes128-eax-chunk-size-64-password-123.pgp", algo: SymmetricAlgorithm::AES128, + aead_algo: Some(AEADAlgorithm::EAX), key_hex: "E88151F2B6F6F6F0AE6B56ED247AA61B", plaintext: Data::File("a-cypherpunks-manifesto.txt"), paths: &[ @@ -5550,6 +5560,7 @@ mod test { DecryptTest { filename: "aed/msg-aes128-eax-chunk-size-4194304-password-123.pgp", algo: SymmetricAlgorithm::AES128, + aead_algo: Some(AEADAlgorithm::EAX), key_hex: "918E6BF5C6CE4320D014735AF27BFA76", plaintext: Data::File("a-cypherpunks-manifesto.txt"), paths: &[ @@ -5610,6 +5621,14 @@ mod test { continue; } + if let Some(aead_algo) = test.aead_algo { + if !aead_algo.is_supported() { + eprintln!("AEAD algorithm {} unsupported by + selected crypto backend, skipping", aead_algo); + continue; + } + } + eprintln!("Decrypting {}, streaming content: {}", test.filename, stream); @@ -5692,6 +5711,14 @@ mod test { continue; } + if let Some(aead_algo) = test.aead_algo { + if !aead_algo.is_supported() { + eprintln!("AEAD algorithm {} unsupported by + selected crypto backend, skipping", aead_algo); + continue; + } + } + let mut buf = Vec::new(); if marker_before { Packet::Marker(Default::default()).serialize(&mut buf).unwrap(); @@ -5858,6 +5885,13 @@ mod test { continue; } + if let Some(aead_algo) = test.aead_algo { + if !aead_algo.is_supported() { + eprintln!("AEAD algorithm {} unsupported, skipping", aead_algo); + continue; + } + } + eprintln!("Decrypting {}", test.filename); let mut ppr = PacketParserBuilder::from_bytes( -- cgit v1.2.3