diff --git a/mk/travis.sh b/mk/travis.sh index 55b59cee72..20545eb387 100755 --- a/mk/travis.sh +++ b/mk/travis.sh @@ -110,21 +110,9 @@ armv7-linux-androideabi) find $target_dir -maxdepth 1 -name ring-* ! -name "*.*" \ -exec adb push {} /data/ring-test \; - for testfile in `find src crypto -name "*_test*.txt" -o -name "*test*.pk8"`; do - adb shell "mkdir -p /data/`dirname $testfile`" - adb push $testfile /data/$testfile - done - adb shell "mkdir -p /data/third_party/NIST" - adb push third_party/NIST/SHAVS /data/third_party/NIST/SHAVS adb shell "cd /data && ./ring-test" 2>&1 | tee /tmp/ring-test-log grep "test result: ok" /tmp/ring-test-log - # Run the integration/functional tests. - for testfile in `find tests -name "*_test*.txt" -o -name "*test*.pk8"`; do - adb shell "mkdir -p /data/`dirname $testfile`" - adb push $testfile /data/$testfile - done - for test_exe in `find $target_dir -maxdepth 1 -name "*test*" -type f ! -name "*.*" `; do adb push $test_exe /data/`basename $test_exe` adb shell "cd /data && ./`basename $test_exe`" 2>&1 | \ diff --git a/src/aead/aes.rs b/src/aead/aes.rs index 81162aac3f..0546b04687 100644 --- a/src/aead/aes.rs +++ b/src/aead/aes.rs @@ -291,7 +291,7 @@ mod tests { #[test] pub fn test_aes() { - test::from_file("src/aead/aes_tests.txt", |section, test_case| { + test::run(test_file!("aes_tests.txt"), |section, test_case| { assert_eq!(section, ""); let key = consume_key(test_case, "Key"); let input = test_case.consume_bytes("Input"); diff --git a/src/aead/chacha.rs b/src/aead/chacha.rs index a3d90ac820..0213f8c4e6 100644 --- a/src/aead/chacha.rs +++ b/src/aead/chacha.rs @@ -147,7 +147,7 @@ mod tests { // problem spreads to other platforms. #[test] pub fn chacha20_tests() { - test::from_file("src/aead/chacha_tests.txt", |section, test_case| { + test::run(test_file!("chacha_tests.txt"), |section, test_case| { assert_eq!(section, ""); let key = test_case.consume_bytes("Key"); diff --git a/src/aead/poly1305.rs b/src/aead/poly1305.rs index 851ae46587..4c810ca168 100644 --- a/src/aead/poly1305.rs +++ b/src/aead/poly1305.rs @@ -183,7 +183,7 @@ mod tests { // Adapted from BoringSSL's crypto/poly1305/poly1305_test.cc. #[test] pub fn test_poly1305() { - test::from_file("src/aead/poly1305_test.txt", |section, test_case| { + test::run(test_file!("poly1305_test.txt"), |section, test_case| { assert_eq!(section, ""); let key = test_case.consume_bytes("Key"); let key: &[u8; BLOCK_LEN * 2] = key.as_slice().try_into_().unwrap(); diff --git a/src/bssl.rs b/src/bssl.rs index e404225479..5837d6ce1a 100644 --- a/src/bssl.rs +++ b/src/bssl.rs @@ -52,7 +52,6 @@ macro_rules! bssl_test { } let _ = cpu::features(); - ::std::env::set_current_dir(crate::test::ring_src_path()).unwrap(); let result = unsafe { $bssl_test_main_fn_name() }; assert_eq!(result, 0); diff --git a/src/ec/suite_b/ecdsa/digest_scalar.rs b/src/ec/suite_b/ecdsa/digest_scalar.rs index 9b73b8e874..82662c0c41 100644 --- a/src/ec/suite_b/ecdsa/digest_scalar.rs +++ b/src/ec/suite_b/ecdsa/digest_scalar.rs @@ -88,8 +88,8 @@ mod tests { #[test] fn test() { - test::from_file( - "src/ec/suite_b/ecdsa/ecdsa_digest_scalar_tests.txt", + test::run( + test_file!("ecdsa_digest_scalar_tests.txt"), |section, test_case| { assert_eq!(section, ""); diff --git a/src/ec/suite_b/ecdsa/signing.rs b/src/ec/suite_b/ecdsa/signing.rs index 6034e8291f..4a8a4e1cac 100644 --- a/src/ec/suite_b/ecdsa/signing.rs +++ b/src/ec/suite_b/ecdsa/signing.rs @@ -387,8 +387,8 @@ mod tests { #[test] fn signature_ecdsa_sign_fixed_test() { - test::from_file( - "src/ec/suite_b/ecdsa/ecdsa_sign_fixed_tests.txt", + test::run( + test_file!("ecdsa_sign_fixed_tests.txt"), |section, test_case| { assert_eq!(section, ""); @@ -431,8 +431,8 @@ mod tests { #[test] fn signature_ecdsa_sign_asn1_test() { - test::from_file( - "src/ec/suite_b/ecdsa/ecdsa_sign_asn1_tests.txt", + test::run( + test_file!("ecdsa_sign_asn1_tests.txt"), |section, test_case| { assert_eq!(section, ""); diff --git a/src/ec/suite_b/ecdsa/verification.rs b/src/ec/suite_b/ecdsa/verification.rs index 5996ca06e7..28a1a20cc3 100644 --- a/src/ec/suite_b/ecdsa/verification.rs +++ b/src/ec/suite_b/ecdsa/verification.rs @@ -278,8 +278,8 @@ mod tests { #[test] fn test_digest_based_test_vectors() { - test::from_file( - "crypto/fipsmodule/ecdsa/ecdsa_verify_tests.txt", + test::run( + test_file!("../../../../crypto/fipsmodule/ecdsa/ecdsa_verify_tests.txt"), |section, test_case| { assert_eq!(section, ""); diff --git a/src/ec/suite_b/ops.rs b/src/ec/suite_b/ops.rs index 001bbac18e..10e7212281 100644 --- a/src/ec/suite_b/ops.rs +++ b/src/ec/suite_b/ops.rs @@ -473,7 +473,7 @@ mod tests { fn p256_elem_add_test() { elem_add_test( &p256::PUBLIC_SCALAR_OPS, - "src/ec/suite_b/ops/p256_elem_sum_tests.txt", + test_file!("ops/p256_elem_sum_tests.txt"), ); } @@ -481,12 +481,12 @@ mod tests { fn p384_elem_add_test() { elem_add_test( &p384::PUBLIC_SCALAR_OPS, - "src/ec/suite_b/ops/p384_elem_sum_tests.txt", + test_file!("ops/p384_elem_sum_tests.txt"), ); } - fn elem_add_test(ops: &PublicScalarOps, file_path: &str) { - test::from_file(file_path, |section, test_case| { + fn elem_add_test(ops: &PublicScalarOps, test_file: test::File) { + test::run(test_file, |section, test_case| { assert_eq!(section, ""); let cops = ops.public_key_ops.common; @@ -517,16 +517,16 @@ mod tests { elem_sub_test( &p384::COMMON_OPS, GFp_p384_elem_sub, - "src/ec/suite_b/ops/p384_elem_sum_tests.txt", + test_file!("ops/p384_elem_sum_tests.txt"), ); } fn elem_sub_test( ops: &CommonOps, elem_sub: unsafe extern "C" fn(r: *mut Limb, a: *const Limb, b: *const Limb), - file_path: &str, + test_file: test::File, ) { - test::from_file(file_path, |section, test_case| { + test::run(test_file, |section, test_case| { assert_eq!(section, ""); let a = consume_elem(ops, test_case, "a"); @@ -568,15 +568,15 @@ mod tests { elem_div_by_2_test( &p384::COMMON_OPS, GFp_p384_elem_div_by_2, - "src/ec/suite_b/ops/p384_elem_div_by_2_tests.txt", + test_file!("ops/p384_elem_div_by_2_tests.txt"), ); } fn elem_div_by_2_test( ops: &CommonOps, elem_div_by_2: unsafe extern "C" fn(r: *mut Limb, a: *const Limb), - file_path: &str, + test_file: test::File, ) { - test::from_file(file_path, |section, test_case| { + test::run(test_file, |section, test_case| { assert_eq!(section, ""); let a = consume_elem(ops, test_case, "a"); @@ -601,7 +601,7 @@ mod tests { elem_neg_test( &p256::COMMON_OPS, GFp_nistz256_neg, - "src/ec/suite_b/ops/p256_elem_neg_tests.txt", + test_file!("ops/p256_elem_neg_tests.txt"), ); } @@ -613,15 +613,15 @@ mod tests { elem_neg_test( &p384::COMMON_OPS, GFp_p384_elem_neg, - "src/ec/suite_b/ops/p384_elem_neg_tests.txt", + test_file!("ops/p384_elem_neg_tests.txt"), ); } fn elem_neg_test( ops: &CommonOps, elem_neg: unsafe extern "C" fn(r: *mut Limb, a: *const Limb), - file_path: &str, + test_file: test::File, ) { - test::from_file(file_path, |section, test_case| { + test::run(test_file, |section, test_case| { assert_eq!(section, ""); let a = consume_elem(ops, test_case, "a"); @@ -651,22 +651,16 @@ mod tests { #[test] fn p256_elem_mul_test() { - elem_mul_test( - &p256::COMMON_OPS, - "src/ec/suite_b/ops/p256_elem_mul_tests.txt", - ); + elem_mul_test(&p256::COMMON_OPS, test_file!("ops/p256_elem_mul_tests.txt")); } #[test] fn p384_elem_mul_test() { - elem_mul_test( - &p384::COMMON_OPS, - "src/ec/suite_b/ops/p384_elem_mul_tests.txt", - ); + elem_mul_test(&p384::COMMON_OPS, test_file!("ops/p384_elem_mul_tests.txt")); } - fn elem_mul_test(ops: &CommonOps, file_path: &str) { - test::from_file(file_path, |section, test_case| { + fn elem_mul_test(ops: &CommonOps, test_file: test::File) { + test::run(test_file, |section, test_case| { assert_eq!(section, ""); let mut a = consume_elem(ops, test_case, "a"); @@ -683,7 +677,7 @@ mod tests { fn p256_scalar_mul_test() { scalar_mul_test( &p256::SCALAR_OPS, - "src/ec/suite_b/ops/p256_scalar_mul_tests.txt", + test_file!("ops/p256_scalar_mul_tests.txt"), ); } @@ -691,12 +685,12 @@ mod tests { fn p384_scalar_mul_test() { scalar_mul_test( &p384::SCALAR_OPS, - "src/ec/suite_b/ops/p384_scalar_mul_tests.txt", + test_file!("ops/p384_scalar_mul_tests.txt"), ); } - fn scalar_mul_test(ops: &ScalarOps, file_path: &str) { - test::from_file(file_path, |section, test_case| { + fn scalar_mul_test(ops: &ScalarOps, test_file: test::File) { + test::run(test_file, |section, test_case| { assert_eq!(section, ""); let cops = ops.common; let mut a = consume_scalar(cops, test_case, "a"); @@ -717,7 +711,7 @@ mod tests { scalar_square_test( &p256::SCALAR_OPS, GFp_p256_scalar_sqr_rep_mont, - "src/ec/suite_b/ops/p256_scalar_square_tests.txt", + test_file!("ops/p256_scalar_square_tests.txt"), ); } @@ -726,9 +720,9 @@ mod tests { fn scalar_square_test( ops: &ScalarOps, sqr_rep: unsafe extern "C" fn(r: *mut Limb, a: *const Limb, rep: c::int), - file_path: &str, + test_file: test::File, ) { - test::from_file(file_path, |section, test_case| { + test::run(test_file, |section, test_case| { assert_eq!(section, ""); let cops = &ops.common; let a = consume_scalar(cops, test_case, "a"); @@ -771,7 +765,7 @@ mod tests { fn p256_point_sum_test() { point_sum_test( &p256::PRIVATE_KEY_OPS, - "src/ec/suite_b/ops/p256_point_sum_tests.txt", + test_file!("ops/p256_point_sum_tests.txt"), ); } @@ -779,12 +773,12 @@ mod tests { fn p384_point_sum_test() { point_sum_test( &p384::PRIVATE_KEY_OPS, - "src/ec/suite_b/ops/p384_point_sum_tests.txt", + test_file!("ops/p384_point_sum_tests.txt"), ); } - fn point_sum_test(ops: &PrivateKeyOps, file_path: &str) { - test::from_file(file_path, |section, test_case| { + fn point_sum_test(ops: &PrivateKeyOps, test_file: test::File) { + test::run(test_file, |section, test_case| { assert_eq!(section, ""); let a = consume_jacobian_point(ops, test_case, "a"); @@ -810,7 +804,7 @@ mod tests { point_sum_mixed_test( &p256::PRIVATE_KEY_OPS, GFp_nistz256_point_add_affine, - "src/ec/suite_b/ops/p256_point_sum_mixed_tests.txt", + test_file!("ops/p256_point_sum_mixed_tests.txt"), ); } @@ -823,9 +817,9 @@ mod tests { a: *const Limb, // [ops.num_limbs*3] b: *const Limb, // [ops.num_limbs*2] ), - file_path: &str, + test_file: test::File, ) { - test::from_file(file_path, |section, test_case| { + test::run(test_file, |section, test_case| { assert_eq!(section, ""); let a = consume_jacobian_point(ops, test_case, "a"); @@ -854,7 +848,7 @@ mod tests { point_double_test( &p256::PRIVATE_KEY_OPS, GFp_nistz256_point_double, - "src/ec/suite_b/ops/p256_point_double_tests.txt", + test_file!("ops/p256_point_double_tests.txt"), ); } @@ -869,7 +863,7 @@ mod tests { point_double_test( &p384::PRIVATE_KEY_OPS, GFp_nistz384_point_double, - "src/ec/suite_b/ops/p384_point_double_tests.txt", + test_file!("ops/p384_point_double_tests.txt"), ); } @@ -879,9 +873,9 @@ mod tests { r: *mut Limb, // [ops.num_limbs*3] a: *const Limb, // [ops.num_limbs*3] ), - file_path: &str, + test_file: test::File, ) { - test::from_file(file_path, |section, test_case| { + test::run(test_file, |section, test_case| { assert_eq!(section, ""); let a = consume_jacobian_point(ops, test_case, "a"); @@ -902,7 +896,7 @@ mod tests { fn p256_point_mul_test() { point_mul_tests( &p256::PRIVATE_KEY_OPS, - "src/ec/suite_b/ops/p256_point_mul_tests.txt", + test_file!("ops/p256_point_mul_tests.txt"), ); } @@ -910,12 +904,12 @@ mod tests { fn p384_point_mul_test() { point_mul_tests( &p384::PRIVATE_KEY_OPS, - "src/ec/suite_b/ops/p384_point_mul_tests.txt", + test_file!("ops/p384_point_mul_tests.txt"), ); } - fn point_mul_tests(ops: &PrivateKeyOps, file_path: &str) { - test::from_file(file_path, |section, test_case| { + fn point_mul_tests(ops: &PrivateKeyOps, test_file: test::File) { + test::run(test_file, |section, test_case| { assert_eq!(section, ""); let p_scalar = consume_scalar(ops.common, test_case, "p_scalar"); let (x, y) = match consume_point(ops, test_case, "p") { @@ -936,16 +930,16 @@ mod tests { point_mul_serialized_test( &p256::PRIVATE_KEY_OPS, &p256::PUBLIC_KEY_OPS, - "src/ec/suite_b/ops/p256_point_mul_serialized_tests.txt", + test_file!("ops/p256_point_mul_serialized_tests.txt"), ); } fn point_mul_serialized_test( - priv_ops: &PrivateKeyOps, pub_ops: &PublicKeyOps, file_path: &str, + priv_ops: &PrivateKeyOps, pub_ops: &PublicKeyOps, test_file: test::File, ) { let cops = pub_ops.common; - test::from_file(file_path, |section, test_case| { + test::run(test_file, |section, test_case| { assert_eq!(section, ""); let p_scalar = consume_scalar(cops, test_case, "p_scalar"); @@ -982,7 +976,7 @@ mod tests { fn p256_point_mul_base_test() { point_mul_base_tests( &p256::PRIVATE_KEY_OPS, - "src/ec/suite_b/ops/p256_point_mul_base_tests.txt", + test_file!("ops/p256_point_mul_base_tests.txt"), ); } @@ -990,12 +984,12 @@ mod tests { fn p384_point_mul_base_test() { point_mul_base_tests( &p384::PRIVATE_KEY_OPS, - "src/ec/suite_b/ops/p384_point_mul_base_tests.txt", + test_file!("ops/p384_point_mul_base_tests.txt"), ); } - fn point_mul_base_tests(ops: &PrivateKeyOps, file_path: &str) { - test::from_file(file_path, |section, test_case| { + fn point_mul_base_tests(ops: &PrivateKeyOps, test_file: test::File) { + test::run(test_file, |section, test_case| { assert_eq!(section, ""); let g_scalar = consume_scalar(ops.common, test_case, "g_scalar"); let expected_result = consume_point(ops, test_case, "r"); diff --git a/src/ec/suite_b/public_key.rs b/src/ec/suite_b/public_key.rs index fd655ddc7f..8cb571419c 100644 --- a/src/ec/suite_b/public_key.rs +++ b/src/ec/suite_b/public_key.rs @@ -72,8 +72,8 @@ mod tests { #[test] fn parse_uncompressed_point_test() { - test::from_file( - "src/ec/suite_b/suite_b_public_key_tests.txt", + test::run( + test_file!("suite_b_public_key_tests.txt"), |section, test_case| { assert_eq!(section, ""); diff --git a/src/hmac.rs b/src/hmac.rs index 116b31ce5d..151bb32d96 100644 --- a/src/hmac.rs +++ b/src/hmac.rs @@ -487,8 +487,8 @@ mod tests { // that the generated key fills the entire `key_bytes` parameter. #[test] pub fn generate_serializable_tests() { - test::from_file( - "src/hmac_generate_serializable_tests.txt", + test::run( + test_file!("hmac_generate_serializable_tests.txt"), |section, test_case| { assert_eq!(section, ""); let digest_alg = test_case.consume_digest_alg("HMAC").unwrap(); diff --git a/src/lib.rs b/src/lib.rs index 26c0af9c00..3455ef79b5 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -84,6 +84,10 @@ mod bssl; #[macro_use] mod polyfill; +#[cfg(any(test, feature = "use_heap"))] +#[macro_use] +pub mod test; + mod arithmetic; pub mod aead; @@ -113,9 +117,6 @@ mod rsa; pub mod signature; -#[cfg(any(test, feature = "use_heap"))] -pub mod test; - mod sealed { /// Traits that are designed to only be implemented internally in *ring*. // diff --git a/src/rsa/bigint.rs b/src/rsa/bigint.rs index b203d265d2..a3cdef37a3 100644 --- a/src/rsa/bigint.rs +++ b/src/rsa/bigint.rs @@ -1224,8 +1224,8 @@ mod tests { #[test] fn test_elem_exp_consttime() { - test::from_file( - "src/rsa/bigint_elem_exp_consttime_tests.txt", + test::run( + test_file!("bigint_elem_exp_consttime_tests.txt"), |section, test_case| { assert_eq!(section, ""); @@ -1253,28 +1253,31 @@ mod tests { // verification and signing tests. #[test] fn test_elem_mul() { - test::from_file("src/rsa/bigint_elem_mul_tests.txt", |section, test_case| { - assert_eq!(section, ""); + test::run( + test_file!("bigint_elem_mul_tests.txt"), + |section, test_case| { + assert_eq!(section, ""); - let m = consume_modulus::(test_case, "M"); - let expected_result = consume_elem(test_case, "ModMul", &m); - let a = consume_elem(test_case, "A", &m); - let b = consume_elem(test_case, "B", &m); + let m = consume_modulus::(test_case, "M"); + let expected_result = consume_elem(test_case, "ModMul", &m); + let a = consume_elem(test_case, "A", &m); + let b = consume_elem(test_case, "B", &m); - let b = into_encoded(b, &m); - let a = into_encoded(a, &m); - let actual_result = elem_mul(&a, b, &m); - let actual_result = actual_result.into_unencoded(&m); - assert_elem_eq(&actual_result, &expected_result); + let b = into_encoded(b, &m); + let a = into_encoded(a, &m); + let actual_result = elem_mul(&a, b, &m); + let actual_result = actual_result.into_unencoded(&m); + assert_elem_eq(&actual_result, &expected_result); - Ok(()) - }) + Ok(()) + }, + ) } #[test] fn test_elem_squared() { - test::from_file( - "src/rsa/bigint_elem_squared_tests.txt", + test::run( + test_file!("bigint_elem_squared_tests.txt"), |section, test_case| { assert_eq!(section, ""); @@ -1294,8 +1297,8 @@ mod tests { #[test] fn test_elem_reduced() { - test::from_file( - "src/rsa/bigint_elem_reduced_tests.txt", + test::run( + test_file!("bigint_elem_reduced_tests.txt"), |section, test_case| { assert_eq!(section, ""); @@ -1320,8 +1323,8 @@ mod tests { #[test] fn test_elem_reduced_once() { - test::from_file( - "src/rsa/bigint_elem_reduced_once_tests.txt", + test::run( + test_file!("bigint_elem_reduced_once_tests.txt"), |section, test_case| { assert_eq!(section, ""); diff --git a/src/rsa/padding.rs b/src/rsa/padding.rs index 712be3f03f..ffc8424487 100644 --- a/src/rsa/padding.rs +++ b/src/rsa/padding.rs @@ -498,72 +498,78 @@ mod test { #[test] fn test_pss_padding_verify() { - test::from_file("src/rsa/rsa_pss_padding_tests.txt", |section, test_case| { - assert_eq!(section, ""); - - let digest_name = test_case.consume_string("Digest"); - let alg = match digest_name.as_ref() { - "SHA256" => &RSA_PSS_SHA256, - "SHA384" => &RSA_PSS_SHA384, - "SHA512" => &RSA_PSS_SHA512, - _ => panic!("Unsupported digest: {}", digest_name), - }; - - let msg = test_case.consume_bytes("Msg"); - let msg = untrusted::Input::from(&msg); - let m_hash = digest::digest(alg.digest_alg(), msg.as_slice_less_safe()); - - let encoded = test_case.consume_bytes("EM"); - let encoded = untrusted::Input::from(&encoded); - - // Salt is recomputed in verification algorithm. - let _ = test_case.consume_bytes("Salt"); - - let bit_len = test_case.consume_usize_bits("Len"); - let expected_result = test_case.consume_string("Result"); - - let actual_result = - encoded.read_all(error::Unspecified, |m| alg.verify(&m_hash, m, bit_len)); - assert_eq!(actual_result.is_ok(), expected_result == "P"); - - Ok(()) - }); + test::run( + test_file!("rsa_pss_padding_tests.txt"), + |section, test_case| { + assert_eq!(section, ""); + + let digest_name = test_case.consume_string("Digest"); + let alg = match digest_name.as_ref() { + "SHA256" => &RSA_PSS_SHA256, + "SHA384" => &RSA_PSS_SHA384, + "SHA512" => &RSA_PSS_SHA512, + _ => panic!("Unsupported digest: {}", digest_name), + }; + + let msg = test_case.consume_bytes("Msg"); + let msg = untrusted::Input::from(&msg); + let m_hash = digest::digest(alg.digest_alg(), msg.as_slice_less_safe()); + + let encoded = test_case.consume_bytes("EM"); + let encoded = untrusted::Input::from(&encoded); + + // Salt is recomputed in verification algorithm. + let _ = test_case.consume_bytes("Salt"); + + let bit_len = test_case.consume_usize_bits("Len"); + let expected_result = test_case.consume_string("Result"); + + let actual_result = + encoded.read_all(error::Unspecified, |m| alg.verify(&m_hash, m, bit_len)); + assert_eq!(actual_result.is_ok(), expected_result == "P"); + + Ok(()) + }, + ); } // Tests PSS encoding for various public modulus lengths. #[cfg(feature = "use_heap")] #[test] fn test_pss_padding_encode() { - test::from_file("src/rsa/rsa_pss_padding_tests.txt", |section, test_case| { - assert_eq!(section, ""); - - let digest_name = test_case.consume_string("Digest"); - let alg = match digest_name.as_ref() { - "SHA256" => &RSA_PSS_SHA256, - "SHA384" => &RSA_PSS_SHA384, - "SHA512" => &RSA_PSS_SHA512, - _ => panic!("Unsupported digest: {}", digest_name), - }; - - let msg = test_case.consume_bytes("Msg"); - let salt = test_case.consume_bytes("Salt"); - let encoded = test_case.consume_bytes("EM"); - let bit_len = test_case.consume_usize_bits("Len"); - let expected_result = test_case.consume_string("Result"); - - // Only test the valid outputs - if expected_result != "P" { - return Ok(()); - } - - let rng = test::rand::FixedSliceRandom { bytes: &salt }; - - let mut m_out = vec![0u8; bit_len.as_usize_bytes_rounded_up()]; - let digest = digest::digest(alg.digest_alg(), &msg); - alg.encode(&digest, &mut m_out, bit_len, &rng).unwrap(); - assert_eq!(m_out, encoded); - - Ok(()) - }); + test::run( + test_file!("rsa_pss_padding_tests.txt"), + |section, test_case| { + assert_eq!(section, ""); + + let digest_name = test_case.consume_string("Digest"); + let alg = match digest_name.as_ref() { + "SHA256" => &RSA_PSS_SHA256, + "SHA384" => &RSA_PSS_SHA384, + "SHA512" => &RSA_PSS_SHA512, + _ => panic!("Unsupported digest: {}", digest_name), + }; + + let msg = test_case.consume_bytes("Msg"); + let salt = test_case.consume_bytes("Salt"); + let encoded = test_case.consume_bytes("EM"); + let bit_len = test_case.consume_usize_bits("Len"); + let expected_result = test_case.consume_string("Result"); + + // Only test the valid outputs + if expected_result != "P" { + return Ok(()); + } + + let rng = test::rand::FixedSliceRandom { bytes: &salt }; + + let mut m_out = vec![0u8; bit_len.as_usize_bytes_rounded_up()]; + let digest = digest::digest(alg.digest_alg(), &msg); + alg.encode(&digest, &mut m_out, bit_len, &rng).unwrap(); + assert_eq!(m_out, encoded); + + Ok(()) + }, + ); } } diff --git a/src/test.rs b/src/test.rs index 61666128de..cfa61e412b 100644 --- a/src/test.rs +++ b/src/test.rs @@ -53,7 +53,7 @@ //! ```ignore //! use ring::test; //! -//! test::from_file("src/hmac_tests.txt", |section, test_case| { +//! test::run(test::test_file!("hmac_tests.txt"), |section, test_case| { //! assert_eq!(section, ""); // This test doesn't use named sections. //! //! let digest_alg = test_case.consume_digest_alg("HMAC"); @@ -122,7 +122,7 @@ use crate::bits; use crate::{digest, error}; use core; -use std::{self, io::BufRead, string::String, vec::Vec}; +use std::{self, string::String, vec::Vec}; /// `compile_time_assert_clone::();` fails to compile if `T` doesn't /// implement `Clone`. @@ -276,43 +276,40 @@ impl TestCase { } } -/// Returns the path for *ring* source code root. -/// -/// On iOS, source are assumed to be copied in the application bundle, as -/// a "src" directory along the test runner. -#[cfg(target_os = "ios")] -pub fn ring_src_path() -> std::path::PathBuf { - std::env::current_exe() - .unwrap() - .parent() - .unwrap() - .join("src") +/// References a test input file. +#[macro_export] +macro_rules! test_file { + ($file_name:expr) => { + crate::test::File { + file_name: $file_name, + contents: include_str!($file_name), + } + }; } -/// Returns the path for *ring* source code root. -/// -/// On most platforms, the tests are run by cargo, so it's just the current -/// working directory. -#[cfg(not(target_os = "ios"))] -pub fn ring_src_path() -> std::path::PathBuf { std::path::PathBuf::from(".") } - -/// Reads test cases out of the file with the path given by -/// `test_data_relative_file_path`, calling `f` on each vector until `f` fails -/// or until all the test vectors have been read. `f` can indicate failure -/// either by returning `Err()` or by panicking. -pub fn from_file(test_data_relative_file_path: &str, mut f: F) +/// A test input file. +pub struct File<'a> { + /// The name (path) of the file. + pub file_name: &'a str, + + /// The contents of the file. + pub contents: &'a str, +} + +/// Parses test cases out of the given file, calling `f` on each vector until +/// `f` fails or until all the test vectors have been read. `f` can indicate +/// failure either by returning `Err()` or by panicking. +pub fn run(test_file: File, mut f: F) where F: FnMut(&str, &mut TestCase) -> Result<(), error::Unspecified>, { - let path = ring_src_path().join(test_data_relative_file_path); - let file = std::fs::File::open(path).unwrap(); - let mut lines = std::io::BufReader::new(&file).lines(); + let lines = &mut test_file.contents.lines(); let mut current_section = String::from(""); let mut failed = false; - +h #[allow(box_pointers)] - while let Some(mut test_case) = parse_test_case(&mut current_section, &mut lines) { + while let Some(mut test_case) = parse_test_case(&mut current_section, lines) { let result = std::panic::catch_unwind(std::panic::AssertUnwindSafe(|| { f(¤t_section, &mut test_case) })); @@ -336,7 +333,7 @@ where if let Err(msg) = result { failed = true; - println!("{}: {}", test_data_relative_file_path, msg); + println!("{}: {}", test_file.file_name, msg); for (name, value, consumed) in test_case.attributes { let consumed_str = if consumed { "" } else { " (unconsumed)" }; println!("{}{} = {}", name, consumed_str, value); @@ -379,17 +376,14 @@ fn from_hex_digit(d: u8) -> Result { } } -type FileLines<'a> = std::io::Lines>; - -fn parse_test_case(current_section: &mut String, lines: &mut FileLines) -> Option { +fn parse_test_case<'a>( + current_section: &mut String, lines: &mut Iterator, +) -> Option { let mut attributes = Vec::new(); let mut is_first_line = true; loop { - let line = match lines.next() { - None => None, - Some(result) => Some(result.unwrap()), - }; + let line = lines.next(); if cfg!(feature = "test_logging") { if let Some(text) = &line { @@ -539,7 +533,7 @@ mod tests { #[test] fn one_ok() { - test::from_file("src/test_1_tests.txt", |_, test_case| { + test::run(test_file!("test_1_tests.txt"), |_, test_case| { let _ = test_case.consume_string("Key"); Ok(()) }); @@ -548,7 +542,7 @@ mod tests { #[test] #[should_panic(expected = "Test failed.")] fn one_err() { - test::from_file("src/test_1_tests.txt", |_, test_case| { + test::run(test_file!("test_1_tests.txt"), |_, test_case| { let _ = test_case.consume_string("Key"); Err(error::Unspecified) }); @@ -557,7 +551,7 @@ mod tests { #[test] #[should_panic(expected = "Test failed.")] fn one_panics() { - test::from_file("src/test_1_tests.txt", |_, test_case| { + test::run(test_file!("test_1_tests.txt"), |_, test_case| { let _ = test_case.consume_string("Key"); panic!(""); }); @@ -577,7 +571,7 @@ mod tests { fn err_one(test_to_fail: usize) { let mut n = 0; - test::from_file("src/test_3_tests.txt", |_, test_case| { + test::run(test_file!("test_3_tests.txt"), |_, test_case| { let _ = test_case.consume_string("Key"); let result = if n != test_to_fail { Ok(()) @@ -603,7 +597,7 @@ mod tests { fn panic_one(test_to_fail: usize) { let mut n = 0; - test::from_file("src/test_3_tests.txt", |_, test_case| { + test::run(test_file!("test_3_tests.txt"), |_, test_case| { let _ = test_case.consume_string("Key"); if n == test_to_fail { panic!("Oh Noes!"); @@ -615,9 +609,5 @@ mod tests { #[test] #[should_panic(expected = "Syntax error: Expected Key = Value.")] - fn syntax_error() { test::from_file("src/test_1_syntax_error_tests.txt", |_, _| Ok(())); } - - #[test] - #[should_panic] - fn file_not_found() { test::from_file("src/test_file_not_found_tests.txt", |_, _| Ok(())); } + fn syntax_error() { test::run(test_file!("test_1_syntax_error_tests.txt"), |_, _| Ok(())); } } diff --git a/tests/aead_tests.rs b/tests/aead_tests.rs index 20944d2bdf..6a062d432c 100644 --- a/tests/aead_tests.rs +++ b/tests/aead_tests.rs @@ -31,26 +31,26 @@ warnings )] -use ring::{aead, error, test}; +use ring::{aead, error, test, test_file}; #[test] -fn aead_aes_gcm_128() { test_aead(&aead::AES_128_GCM, "tests/aead_aes_128_gcm_tests.txt"); } +fn aead_aes_gcm_128() { test_aead(&aead::AES_128_GCM, test_file!("aead_aes_128_gcm_tests.txt")); } #[test] -fn aead_aes_gcm_256() { test_aead(&aead::AES_256_GCM, "tests/aead_aes_256_gcm_tests.txt"); } +fn aead_aes_gcm_256() { test_aead(&aead::AES_256_GCM, test_file!("aead_aes_256_gcm_tests.txt")); } #[test] fn aead_chacha20_poly1305() { test_aead( &aead::CHACHA20_POLY1305, - "tests/aead_chacha20_poly1305_tests.txt", + test_file!("aead_chacha20_poly1305_tests.txt"), ); } -fn test_aead(aead_alg: &'static aead::Algorithm, file_path: &str) { +fn test_aead(aead_alg: &'static aead::Algorithm, test_file: test::File) { test_aead_key_sizes(aead_alg); - test::from_file(file_path, |section, test_case| { + test::run(test_file, |section, test_case| { assert_eq!(section, ""); let key_bytes = test_case.consume_bytes("KEY"); let nonce = test_case.consume_bytes("NONCE"); @@ -258,8 +258,8 @@ fn test_aead_nonce_sizes() -> Result<(), error::Unspecified> { fn aead_chacha20_poly1305_openssh() { // TODO: test_aead_key_sizes(...); - test::from_file( - "tests/aead_chacha20_poly1305_openssh_tests.txt", + test::run( + test_file!("aead_chacha20_poly1305_openssh_tests.txt"), |section, test_case| { assert_eq!(section, ""); diff --git a/tests/agreement_tests.rs b/tests/agreement_tests.rs index 3e1b5b725b..9a42dd3cbd 100644 --- a/tests/agreement_tests.rs +++ b/tests/agreement_tests.rs @@ -31,13 +31,13 @@ warnings )] -use ring::{agreement, error, rand, test}; +use ring::{agreement, error, rand, test, test_file}; #[test] fn agreement_agree_ephemeral() { let rng = rand::SystemRandom::new(); - test::from_file("tests/agreement_tests.txt", |section, test_case| { + test::run(test_file!("agreement_tests.txt"), |section, test_case| { assert_eq!(section, ""); let curve_name = test_case.consume_string("Curve"); diff --git a/tests/digest_tests.rs b/tests/digest_tests.rs index 4f3dfdd444..5a27d0f2f2 100644 --- a/tests/digest_tests.rs +++ b/tests/digest_tests.rs @@ -31,12 +31,12 @@ warnings )] -use ring::{digest, test}; +use ring::{digest, test, test_file}; /// Test vectors from BoringSSL, Go, and other sources. #[test] fn digest_misc() { - test::from_file("tests/digest_tests.txt", |section, test_case| { + test::run(test_file!("digest_tests.txt"), |section, test_case| { assert_eq!(section, ""); let digest_alg = test_case.consume_digest_alg("Hash").unwrap(); let input = test_case.consume_bytes("Input"); @@ -62,21 +62,45 @@ fn digest_misc() { mod digest_shavs { use ring::{digest, test}; + fn run_known_answer_test(digest_alg: &'static digest::Algorithm, test_file: test::File) { + let section_name = &format!("L = {}", digest_alg.output_len); + test::run(test_file, |section, test_case| { + assert_eq!(section_name, section); + let len_bits = test_case.consume_usize("Len"); + + let mut msg = test_case.consume_bytes("Msg"); + // The "msg" field contains the dummy value "00" when the + // length is zero. + if len_bits == 0 { + assert_eq!(msg, &[0u8]); + msg.truncate(0); + } + + assert_eq!(msg.len() * 8, len_bits); + let expected = test_case.consume_bytes("MD"); + let actual = digest::digest(digest_alg, &msg); + assert_eq!(&expected, &actual.as_ref()); + + Ok(()) + }); + } + macro_rules! shavs_tests { ( $algorithm_name:ident ) => { #[allow(non_snake_case)] mod $algorithm_name { use super::{run_known_answer_test, run_monte_carlo_test}; - use ring::digest; + use ring::{digest, test_file}; #[test] fn short_msg_known_answer_test() { run_known_answer_test( &digest::$algorithm_name, - &format!( - "third_party/NIST/SHAVS/{}ShortMsg.rsp", - stringify!($algorithm_name) - ), + test_file!(concat!( + "../third_party/NIST/SHAVS/", + stringify!($algorithm_name), + "ShortMsg.rsp" + )), ); } @@ -84,10 +108,11 @@ mod digest_shavs { fn long_msg_known_answer_test() { run_known_answer_test( &digest::$algorithm_name, - &format!( - "third_party/NIST/SHAVS/{}LongMsg.rsp", - stringify!($algorithm_name) - ), + test_file!(concat!( + "../third_party/NIST/SHAVS/", + stringify!($algorithm_name), + "LongMsg.rsp" + )), ); } @@ -95,46 +120,24 @@ mod digest_shavs { fn monte_carlo_test() { run_monte_carlo_test( &digest::$algorithm_name, - &format!( - "third_party/NIST/SHAVS/{}Monte.rsp", - stringify!($algorithm_name) - ), + test_file!(concat!( + "../third_party/NIST/SHAVS/", + stringify!($algorithm_name), + "Monte.rsp" + )), ); } } }; } - fn run_known_answer_test(digest_alg: &'static digest::Algorithm, file_name: &str) { - let section_name = &format!("L = {}", digest_alg.output_len); - test::from_file(file_name, |section, test_case| { - assert_eq!(section_name, section); - let len_bits = test_case.consume_usize("Len"); - - let mut msg = test_case.consume_bytes("Msg"); - // The "msg" field contains the dummy value "00" when the - // length is zero. - if len_bits == 0 { - assert_eq!(msg, &[0u8]); - msg.truncate(0); - } - - assert_eq!(msg.len() * 8, len_bits); - let expected = test_case.consume_bytes("MD"); - let actual = digest::digest(digest_alg, &msg); - assert_eq!(&expected, &actual.as_ref()); - - Ok(()) - }); - } - - fn run_monte_carlo_test(digest_alg: &'static digest::Algorithm, file_name: &str) { + fn run_monte_carlo_test(digest_alg: &'static digest::Algorithm, test_file: test::File) { let section_name = &format!("L = {}", digest_alg.output_len); let mut expected_count: isize = -1; let mut seed = Vec::with_capacity(digest_alg.output_len); - test::from_file(file_name, |section, test_case| { + test::run(test_file, |section, test_case| { assert_eq!(section_name, section); if expected_count == -1 { diff --git a/tests/ecdsa_tests.rs b/tests/ecdsa_tests.rs index 3914e858d8..8bcaf99d69 100644 --- a/tests/ecdsa_tests.rs +++ b/tests/ecdsa_tests.rs @@ -34,7 +34,7 @@ use ring::{ rand, signature::{self, KeyPair}, - test, + test, test_file, }; // ECDSA *signing* tests are in src/ec/ecdsa/signing.rs. @@ -42,66 +42,69 @@ use ring::{ #[cfg(feature = "use_heap")] #[test] fn ecdsa_from_pkcs8_test() { - test::from_file("tests/ecdsa_from_pkcs8_tests.txt", |section, test_case| { - use std::error::Error; + test::run( + test_file!("ecdsa_from_pkcs8_tests.txt"), + |section, test_case| { + use std::error::Error; - assert_eq!(section, ""); + assert_eq!(section, ""); - let curve_name = test_case.consume_string("Curve"); - let ((this_fixed, this_asn1), (other_fixed, other_asn1)) = match curve_name.as_str() { - "P-256" => ( - ( - &signature::ECDSA_P256_SHA256_FIXED_SIGNING, - &signature::ECDSA_P256_SHA256_ASN1_SIGNING, - ), - ( - &signature::ECDSA_P384_SHA384_FIXED_SIGNING, - &signature::ECDSA_P384_SHA384_ASN1_SIGNING, - ), - ), - "P-384" => ( - ( - &signature::ECDSA_P384_SHA384_FIXED_SIGNING, - &signature::ECDSA_P384_SHA384_ASN1_SIGNING, + let curve_name = test_case.consume_string("Curve"); + let ((this_fixed, this_asn1), (other_fixed, other_asn1)) = match curve_name.as_str() { + "P-256" => ( + ( + &signature::ECDSA_P256_SHA256_FIXED_SIGNING, + &signature::ECDSA_P256_SHA256_ASN1_SIGNING, + ), + ( + &signature::ECDSA_P384_SHA384_FIXED_SIGNING, + &signature::ECDSA_P384_SHA384_ASN1_SIGNING, + ), ), - ( - &signature::ECDSA_P256_SHA256_FIXED_SIGNING, - &signature::ECDSA_P256_SHA256_ASN1_SIGNING, + "P-384" => ( + ( + &signature::ECDSA_P384_SHA384_FIXED_SIGNING, + &signature::ECDSA_P384_SHA384_ASN1_SIGNING, + ), + ( + &signature::ECDSA_P256_SHA256_FIXED_SIGNING, + &signature::ECDSA_P256_SHA256_ASN1_SIGNING, + ), ), - ), - _ => unreachable!(), - }; - - let input = test_case.consume_bytes("Input"); - let input = untrusted::Input::from(&input); - - let error = test_case.consume_optional_string("Error"); - - match ( - signature::EcdsaKeyPair::from_pkcs8(this_fixed, input), - error.clone(), - ) { - (Ok(_), None) => (), - (Err(e), None) => panic!("Failed with error \"{}\", but expected to succeed", e), - (Ok(_), Some(e)) => panic!("Succeeded, but expected error \"{}\"", e), - (Err(actual), Some(expected)) => assert_eq!(actual.description(), expected), - }; - - match ( - signature::EcdsaKeyPair::from_pkcs8(this_asn1, input), - error.clone(), - ) { - (Ok(_), None) => (), - (Err(e), None) => panic!("Failed with error \"{}\", but expected to succeed", e), - (Ok(_), Some(e)) => panic!("Succeeded, but expected error \"{}\"", e), - (Err(actual), Some(expected)) => assert_eq!(actual.description(), expected), - }; - - assert!(signature::EcdsaKeyPair::from_pkcs8(other_fixed, input).is_err()); - assert!(signature::EcdsaKeyPair::from_pkcs8(other_asn1, input).is_err()); - - Ok(()) - }); + _ => unreachable!(), + }; + + let input = test_case.consume_bytes("Input"); + let input = untrusted::Input::from(&input); + + let error = test_case.consume_optional_string("Error"); + + match ( + signature::EcdsaKeyPair::from_pkcs8(this_fixed, input), + error.clone(), + ) { + (Ok(_), None) => (), + (Err(e), None) => panic!("Failed with error \"{}\", but expected to succeed", e), + (Ok(_), Some(e)) => panic!("Succeeded, but expected error \"{}\"", e), + (Err(actual), Some(expected)) => assert_eq!(actual.description(), expected), + }; + + match ( + signature::EcdsaKeyPair::from_pkcs8(this_asn1, input), + error.clone(), + ) { + (Ok(_), None) => (), + (Err(e), None) => panic!("Failed with error \"{}\", but expected to succeed", e), + (Ok(_), Some(e)) => panic!("Succeeded, but expected error \"{}\"", e), + (Err(actual), Some(expected)) => assert_eq!(actual.description(), expected), + }; + + assert!(signature::EcdsaKeyPair::from_pkcs8(other_fixed, input).is_err()); + assert!(signature::EcdsaKeyPair::from_pkcs8(other_asn1, input).is_err()); + + Ok(()) + }, + ); } // Verify that, at least, we generate PKCS#8 documents that we can read. @@ -131,44 +134,47 @@ fn ecdsa_generate_pkcs8_test() { #[test] fn signature_ecdsa_verify_asn1_test() { - test::from_file("tests/ecdsa_verify_asn1_tests.txt", |section, test_case| { - assert_eq!(section, ""); + test::run( + test_file!("ecdsa_verify_asn1_tests.txt"), + |section, test_case| { + assert_eq!(section, ""); - let curve_name = test_case.consume_string("Curve"); - let digest_name = test_case.consume_string("Digest"); + let curve_name = test_case.consume_string("Curve"); + let digest_name = test_case.consume_string("Digest"); - let msg = test_case.consume_bytes("Msg"); - let msg = untrusted::Input::from(&msg); + let msg = test_case.consume_bytes("Msg"); + let msg = untrusted::Input::from(&msg); - let public_key = test_case.consume_bytes("Q"); - let public_key = untrusted::Input::from(&public_key); + let public_key = test_case.consume_bytes("Q"); + let public_key = untrusted::Input::from(&public_key); - let sig = test_case.consume_bytes("Sig"); - let sig = untrusted::Input::from(&sig); + let sig = test_case.consume_bytes("Sig"); + let sig = untrusted::Input::from(&sig); - let expected_result = test_case.consume_string("Result"); + let expected_result = test_case.consume_string("Result"); - let alg = match (curve_name.as_str(), digest_name.as_str()) { - ("P-256", "SHA256") => &signature::ECDSA_P256_SHA256_ASN1, - ("P-256", "SHA384") => &signature::ECDSA_P256_SHA384_ASN1, - ("P-384", "SHA256") => &signature::ECDSA_P384_SHA256_ASN1, - ("P-384", "SHA384") => &signature::ECDSA_P384_SHA384_ASN1, - _ => { - panic!("Unsupported curve+digest: {}+{}", curve_name, digest_name); - }, - }; + let alg = match (curve_name.as_str(), digest_name.as_str()) { + ("P-256", "SHA256") => &signature::ECDSA_P256_SHA256_ASN1, + ("P-256", "SHA384") => &signature::ECDSA_P256_SHA384_ASN1, + ("P-384", "SHA256") => &signature::ECDSA_P384_SHA256_ASN1, + ("P-384", "SHA384") => &signature::ECDSA_P384_SHA384_ASN1, + _ => { + panic!("Unsupported curve+digest: {}+{}", curve_name, digest_name); + }, + }; - let actual_result = signature::verify(alg, public_key, msg, sig); - assert_eq!(actual_result.is_ok(), expected_result == "P (0 )"); + let actual_result = signature::verify(alg, public_key, msg, sig); + assert_eq!(actual_result.is_ok(), expected_result == "P (0 )"); - Ok(()) - }); + Ok(()) + }, + ); } #[test] fn signature_ecdsa_verify_fixed_test() { - test::from_file( - "tests/ecdsa_verify_fixed_tests.txt", + test::run( + test_file!("ecdsa_verify_fixed_tests.txt"), |section, test_case| { assert_eq!(section, ""); diff --git a/tests/ed25519_tests.rs b/tests/ed25519_tests.rs index fa1f65e0d4..209bb5627a 100644 --- a/tests/ed25519_tests.rs +++ b/tests/ed25519_tests.rs @@ -33,13 +33,13 @@ use ring::{ signature::{self, Ed25519KeyPair, KeyPair}, - test, + test, test_file, }; /// Test vectors from BoringSSL. #[test] fn test_signature_ed25519() { - test::from_file("tests/ed25519_tests.txt", |section, test_case| { + test::run(test_file!("ed25519_tests.txt"), |section, test_case| { assert_eq!(section, ""); let seed = test_case.consume_bytes("SEED"); assert_eq!(32, seed.len()); @@ -119,8 +119,8 @@ fn test_ed25519_from_seed_and_public_key_misuse() { #[test] fn test_ed25519_from_pkcs8_unchecked() { // Just test that we can parse the input. - test::from_file( - "tests/ed25519_from_pkcs8_unchecked_tests.txt", + test::run( + test_file!("ed25519_from_pkcs8_unchecked_tests.txt"), |section, test_case| { assert_eq!(section, ""); let input = test_case.consume_bytes("Input"); @@ -144,8 +144,8 @@ fn test_ed25519_from_pkcs8_unchecked() { #[test] fn test_ed25519_from_pkcs8() { // Just test that we can parse the input. - test::from_file( - "tests/ed25519_from_pkcs8_tests.txt", + test::run( + test_file!("ed25519_from_pkcs8_tests.txt"), |section, test_case| { assert_eq!(section, ""); let input = test_case.consume_bytes("Input"); diff --git a/tests/hkdf_tests.rs b/tests/hkdf_tests.rs index daa71c2a4e..0b78f963a1 100644 --- a/tests/hkdf_tests.rs +++ b/tests/hkdf_tests.rs @@ -31,11 +31,11 @@ warnings )] -use ring::{error, hkdf, hmac, test}; +use ring::{error, hkdf, hmac, test, test_file}; #[test] fn hkdf_tests() { - test::from_file("tests/hkdf_tests.txt", |section, test_case| { + test::run(test_file!("hkdf_tests.txt"), |section, test_case| { assert_eq!(section, ""); let digest_alg = test_case .consume_digest_alg("Hash") @@ -43,11 +43,7 @@ fn hkdf_tests() { let secret = test_case.consume_bytes("IKM"); let salt = test_case.consume_bytes("salt"); let info = test_case.consume_bytes("info"); - - // The PRK is an intermediate value that we can't test, but we - // have to consume it to make test_util::from_file happy. let _ = test_case.consume_bytes("PRK"); - let expected_out = test_case.consume_bytes("OKM"); let salt = hmac::SigningKey::new(digest_alg, &salt); diff --git a/tests/hmac_tests.rs b/tests/hmac_tests.rs index 0cd845c597..abdbf03ca9 100644 --- a/tests/hmac_tests.rs +++ b/tests/hmac_tests.rs @@ -31,11 +31,11 @@ warnings )] -use ring::{digest, error, hmac, test}; +use ring::{digest, error, hmac, test, test_file}; #[test] fn hmac_tests() { - test::from_file("tests/hmac_tests.txt", |section, test_case| { + test::run(test_file!("hmac_tests.txt"), |section, test_case| { assert_eq!(section, ""); let digest_alg = test_case.consume_digest_alg("HMAC"); let key_value = test_case.consume_bytes("Key"); diff --git a/tests/pbkdf2_tests.rs b/tests/pbkdf2_tests.rs index 4df828bc9d..70cb3f70bc 100644 --- a/tests/pbkdf2_tests.rs +++ b/tests/pbkdf2_tests.rs @@ -31,12 +31,12 @@ warnings )] -use ring::{digest, error, pbkdf2, test}; +use ring::{digest, error, pbkdf2, test, test_file}; use std::num::NonZeroU32; #[test] pub fn pbkdf2_tests() { - test::from_file("tests/pbkdf2_tests.txt", |section, test_case| { + test::run(test_file!("pbkdf2_tests.txt"), |section, test_case| { assert_eq!(section, ""); let digest_alg = &test_case.consume_digest_alg("Hash").unwrap(); let iterations = test_case.consume_usize("c"); diff --git a/tests/quic_tests.rs b/tests/quic_tests.rs index c3c6dac558..dcdf549fe8 100644 --- a/tests/quic_tests.rs +++ b/tests/quic_tests.rs @@ -31,21 +31,21 @@ warnings )] -use ring::{aead::quic, test}; +use ring::{aead::quic, test, test_file}; #[test] -fn quic_aes_128() { test_quic(&quic::AES_128, "tests/quic_aes_128_tests.txt"); } +fn quic_aes_128() { test_quic(&quic::AES_128, test_file!("quic_aes_128_tests.txt")); } #[test] -fn quic_aes_256() { test_quic(&quic::AES_256, "tests/quic_aes_256_tests.txt"); } +fn quic_aes_256() { test_quic(&quic::AES_256, test_file!("quic_aes_256_tests.txt")); } #[test] -fn quic_chacha20() { test_quic(&quic::CHACHA20, "tests/quic_chacha20_tests.txt"); } +fn quic_chacha20() { test_quic(&quic::CHACHA20, test_file!("quic_chacha20_tests.txt")); } -fn test_quic(alg: &'static quic::Algorithm, file_path: &str) { +fn test_quic(alg: &'static quic::Algorithm, test_file: test::File) { test_sample_len(alg); - test::from_file(file_path, |section, test_case| { + test::run(test_file, |section, test_case| { assert_eq!(section, ""); let key_bytes = test_case.consume_bytes("KEY"); let sample = test_case.consume_bytes("SAMPLE"); diff --git a/tests/rsa_tests.rs b/tests/rsa_tests.rs index 50c1bc1f05..daf2984268 100644 --- a/tests/rsa_tests.rs +++ b/tests/rsa_tests.rs @@ -37,203 +37,218 @@ use ring::{ io::der, rand, signature::{self, KeyPair}, - test, + test, test_file, }; #[cfg(feature = "use_heap")] #[test] fn rsa_from_pkcs8_test() { - test::from_file("tests/rsa_from_pkcs8_tests.txt", |section, test_case| { - use std::error::Error; + test::run( + test_file!("rsa_from_pkcs8_tests.txt"), + |section, test_case| { + use std::error::Error; - assert_eq!(section, ""); + assert_eq!(section, ""); - let input = test_case.consume_bytes("Input"); - let input = untrusted::Input::from(&input); + let input = test_case.consume_bytes("Input"); + let input = untrusted::Input::from(&input); - let error = test_case.consume_optional_string("Error"); + let error = test_case.consume_optional_string("Error"); - match (signature::RsaKeyPair::from_pkcs8(input), error) { - (Ok(_), None) => (), - (Err(e), None) => panic!("Failed with error \"{}\", but expected to succeed", e), - (Ok(_), Some(e)) => panic!("Succeeded, but expected error \"{}\"", e), - (Err(actual), Some(expected)) => assert_eq!(actual.description(), expected), - }; + match (signature::RsaKeyPair::from_pkcs8(input), error) { + (Ok(_), None) => (), + (Err(e), None) => panic!("Failed with error \"{}\", but expected to succeed", e), + (Ok(_), Some(e)) => panic!("Succeeded, but expected error \"{}\"", e), + (Err(actual), Some(expected)) => assert_eq!(actual.description(), expected), + }; - Ok(()) - }); + Ok(()) + }, + ); } #[cfg(feature = "use_heap")] #[test] fn test_signature_rsa_pkcs1_sign() { let rng = rand::SystemRandom::new(); - test::from_file("tests/rsa_pkcs1_sign_tests.txt", |section, test_case| { - assert_eq!(section, ""); - - let digest_name = test_case.consume_string("Digest"); - let alg = match digest_name.as_ref() { - "SHA256" => &signature::RSA_PKCS1_SHA256, - "SHA384" => &signature::RSA_PKCS1_SHA384, - "SHA512" => &signature::RSA_PKCS1_SHA512, - _ => panic!("Unsupported digest: {}", digest_name), - }; - - let private_key = test_case.consume_bytes("Key"); - let msg = test_case.consume_bytes("Msg"); - let expected = test_case.consume_bytes("Sig"); - let result = test_case.consume_string("Result"); - - let private_key = untrusted::Input::from(&private_key); - let key_pair = signature::RsaKeyPair::from_der(private_key); - if result == "Fail-Invalid-Key" { - assert!(key_pair.is_err()); - return Ok(()); - } - let key_pair = key_pair.unwrap(); - let key_pair = std::sync::Arc::new(key_pair); - - // XXX: This test is too slow on Android ARM Travis CI builds. - // TODO: re-enable these tests on Android ARM. - let mut actual = vec![0u8; key_pair.public_modulus_len()]; - key_pair - .sign(alg, &rng, &msg, actual.as_mut_slice()) - .unwrap(); - assert_eq!(actual.as_slice() == &expected[..], result == "Pass"); - Ok(()) - }); + test::run( + test_file!("rsa_pkcs1_sign_tests.txt"), + |section, test_case| { + assert_eq!(section, ""); + + let digest_name = test_case.consume_string("Digest"); + let alg = match digest_name.as_ref() { + "SHA256" => &signature::RSA_PKCS1_SHA256, + "SHA384" => &signature::RSA_PKCS1_SHA384, + "SHA512" => &signature::RSA_PKCS1_SHA512, + _ => panic!("Unsupported digest: {}", digest_name), + }; + + let private_key = test_case.consume_bytes("Key"); + let msg = test_case.consume_bytes("Msg"); + let expected = test_case.consume_bytes("Sig"); + let result = test_case.consume_string("Result"); + + let private_key = untrusted::Input::from(&private_key); + let key_pair = signature::RsaKeyPair::from_der(private_key); + if result == "Fail-Invalid-Key" { + assert!(key_pair.is_err()); + return Ok(()); + } + let key_pair = key_pair.unwrap(); + let key_pair = std::sync::Arc::new(key_pair); + + // XXX: This test is too slow on Android ARM Travis CI builds. + // TODO: re-enable these tests on Android ARM. + let mut actual = vec![0u8; key_pair.public_modulus_len()]; + key_pair + .sign(alg, &rng, &msg, actual.as_mut_slice()) + .unwrap(); + assert_eq!(actual.as_slice() == &expected[..], result == "Pass"); + Ok(()) + }, + ); } #[cfg(feature = "use_heap")] #[test] fn test_signature_rsa_pss_sign() { - test::from_file("tests/rsa_pss_sign_tests.txt", |section, test_case| { - assert_eq!(section, ""); - - let digest_name = test_case.consume_string("Digest"); - let alg = match digest_name.as_ref() { - "SHA256" => &signature::RSA_PSS_SHA256, - "SHA384" => &signature::RSA_PSS_SHA384, - "SHA512" => &signature::RSA_PSS_SHA512, - _ => panic!("Unsupported digest: {}", digest_name), - }; - - let result = test_case.consume_string("Result"); - let private_key = test_case.consume_bytes("Key"); - let private_key = untrusted::Input::from(&private_key); - let key_pair = signature::RsaKeyPair::from_der(private_key); - if key_pair.is_err() && result == "Fail-Invalid-Key" { - return Ok(()); - } - let key_pair = key_pair.unwrap(); - let msg = test_case.consume_bytes("Msg"); - let salt = test_case.consume_bytes("Salt"); - let expected = test_case.consume_bytes("Sig"); - - let rng = test::rand::FixedSliceRandom { bytes: &salt }; - - let mut actual = vec![0u8; key_pair.public_modulus_len()]; - key_pair.sign(alg, &rng, &msg, actual.as_mut_slice())?; - assert_eq!(actual.as_slice() == &expected[..], result == "Pass"); - Ok(()) - }); + test::run( + test_file!("rsa_pss_sign_tests.txt"), + |section, test_case| { + assert_eq!(section, ""); + + let digest_name = test_case.consume_string("Digest"); + let alg = match digest_name.as_ref() { + "SHA256" => &signature::RSA_PSS_SHA256, + "SHA384" => &signature::RSA_PSS_SHA384, + "SHA512" => &signature::RSA_PSS_SHA512, + _ => panic!("Unsupported digest: {}", digest_name), + }; + + let result = test_case.consume_string("Result"); + let private_key = test_case.consume_bytes("Key"); + let private_key = untrusted::Input::from(&private_key); + let key_pair = signature::RsaKeyPair::from_der(private_key); + if key_pair.is_err() && result == "Fail-Invalid-Key" { + return Ok(()); + } + let key_pair = key_pair.unwrap(); + let msg = test_case.consume_bytes("Msg"); + let salt = test_case.consume_bytes("Salt"); + let expected = test_case.consume_bytes("Sig"); + + let rng = test::rand::FixedSliceRandom { bytes: &salt }; + + let mut actual = vec![0u8; key_pair.public_modulus_len()]; + key_pair.sign(alg, &rng, &msg, actual.as_mut_slice())?; + assert_eq!(actual.as_slice() == &expected[..], result == "Pass"); + Ok(()) + }, + ); } #[cfg(feature = "use_heap")] #[test] fn test_signature_rsa_pkcs1_verify() { - test::from_file("tests/rsa_pkcs1_verify_tests.txt", |section, test_case| { - assert_eq!(section, ""); - - let digest_name = test_case.consume_string("Digest"); - let alg = match digest_name.as_ref() { - "SHA1" => &signature::RSA_PKCS1_2048_8192_SHA1, - "SHA256" => &signature::RSA_PKCS1_2048_8192_SHA256, - "SHA384" => &signature::RSA_PKCS1_2048_8192_SHA384, - "SHA512" => &signature::RSA_PKCS1_2048_8192_SHA512, - _ => panic!("Unsupported digest: {}", digest_name), - }; - - let public_key = test_case.consume_bytes("Key"); - let public_key = untrusted::Input::from(&public_key); - - // Sanity check that we correctly DER-encoded the originally- - // provided separate (n, e) components. When we add test vectors - // for improperly-encoded signatures, we'll have to revisit this. - assert!(public_key - .read_all(error::Unspecified, |input| der::nested( - input, - der::Tag::Sequence, - error::Unspecified, - |input| { - let _ = der::positive_integer(input)?; - let _ = der::positive_integer(input)?; - Ok(()) - } - )) - .is_ok()); - - let msg = test_case.consume_bytes("Msg"); - let msg = untrusted::Input::from(&msg); - - let sig = test_case.consume_bytes("Sig"); - let sig = untrusted::Input::from(&sig); - - let expected_result = test_case.consume_string("Result"); - - let actual_result = signature::verify(alg, public_key, msg, sig); - assert_eq!(actual_result.is_ok(), expected_result == "P"); - - Ok(()) - }); + test::run( + test_file!("rsa_pkcs1_verify_tests.txt"), + |section, test_case| { + assert_eq!(section, ""); + + let digest_name = test_case.consume_string("Digest"); + let alg = match digest_name.as_ref() { + "SHA1" => &signature::RSA_PKCS1_2048_8192_SHA1, + "SHA256" => &signature::RSA_PKCS1_2048_8192_SHA256, + "SHA384" => &signature::RSA_PKCS1_2048_8192_SHA384, + "SHA512" => &signature::RSA_PKCS1_2048_8192_SHA512, + _ => panic!("Unsupported digest: {}", digest_name), + }; + + let public_key = test_case.consume_bytes("Key"); + let public_key = untrusted::Input::from(&public_key); + + // Sanity check that we correctly DER-encoded the originally- + // provided separate (n, e) components. When we add test vectors + // for improperly-encoded signatures, we'll have to revisit this. + assert!(public_key + .read_all(error::Unspecified, |input| der::nested( + input, + der::Tag::Sequence, + error::Unspecified, + |input| { + let _ = der::positive_integer(input)?; + let _ = der::positive_integer(input)?; + Ok(()) + } + )) + .is_ok()); + + let msg = test_case.consume_bytes("Msg"); + let msg = untrusted::Input::from(&msg); + + let sig = test_case.consume_bytes("Sig"); + let sig = untrusted::Input::from(&sig); + + let expected_result = test_case.consume_string("Result"); + + let actual_result = signature::verify(alg, public_key, msg, sig); + assert_eq!(actual_result.is_ok(), expected_result == "P"); + + Ok(()) + }, + ); } #[cfg(feature = "use_heap")] #[test] fn test_signature_rsa_pss_verify() { - test::from_file("tests/rsa_pss_verify_tests.txt", |section, test_case| { - assert_eq!(section, ""); - - let digest_name = test_case.consume_string("Digest"); - let alg = match digest_name.as_ref() { - "SHA256" => &signature::RSA_PSS_2048_8192_SHA256, - "SHA384" => &signature::RSA_PSS_2048_8192_SHA384, - "SHA512" => &signature::RSA_PSS_2048_8192_SHA512, - _ => panic!("Unsupported digest: {}", digest_name), - }; - - let public_key = test_case.consume_bytes("Key"); - let public_key = untrusted::Input::from(&public_key); - - // Sanity check that we correctly DER-encoded the originally- - // provided separate (n, e) components. When we add test vectors - // for improperly-encoded signatures, we'll have to revisit this. - assert!(public_key - .read_all(error::Unspecified, |input| der::nested( - input, - der::Tag::Sequence, - error::Unspecified, - |input| { - let _ = der::positive_integer(input)?; - let _ = der::positive_integer(input)?; - Ok(()) - } - )) - .is_ok()); - - let msg = test_case.consume_bytes("Msg"); - let msg = untrusted::Input::from(&msg); - - let sig = test_case.consume_bytes("Sig"); - let sig = untrusted::Input::from(&sig); - - let expected_result = test_case.consume_string("Result"); - - let actual_result = signature::verify(alg, public_key, msg, sig); - assert_eq!(actual_result.is_ok(), expected_result == "P"); - - Ok(()) - }); + test::run( + test_file!("rsa_pss_verify_tests.txt"), + |section, test_case| { + assert_eq!(section, ""); + + let digest_name = test_case.consume_string("Digest"); + let alg = match digest_name.as_ref() { + "SHA256" => &signature::RSA_PSS_2048_8192_SHA256, + "SHA384" => &signature::RSA_PSS_2048_8192_SHA384, + "SHA512" => &signature::RSA_PSS_2048_8192_SHA512, + _ => panic!("Unsupported digest: {}", digest_name), + }; + + let public_key = test_case.consume_bytes("Key"); + let public_key = untrusted::Input::from(&public_key); + + // Sanity check that we correctly DER-encoded the originally- + // provided separate (n, e) components. When we add test vectors + // for improperly-encoded signatures, we'll have to revisit this. + assert!(public_key + .read_all(error::Unspecified, |input| der::nested( + input, + der::Tag::Sequence, + error::Unspecified, + |input| { + let _ = der::positive_integer(input)?; + let _ = der::positive_integer(input)?; + Ok(()) + } + )) + .is_ok()); + + let msg = test_case.consume_bytes("Msg"); + let msg = untrusted::Input::from(&msg); + + let sig = test_case.consume_bytes("Sig"); + let sig = untrusted::Input::from(&sig); + + let expected_result = test_case.consume_string("Result"); + + let actual_result = signature::verify(alg, public_key, msg, sig); + assert_eq!(actual_result.is_ok(), expected_result == "P"); + + Ok(()) + }, + ); } // Test for `primitive::verify()`. Read public key parts from a file @@ -241,8 +256,8 @@ fn test_signature_rsa_pss_verify() { #[cfg(feature = "use_heap")] #[test] fn test_signature_rsa_primitive_verification() { - test::from_file( - "tests/rsa_primitive_verify_tests.txt", + test::run( + test_file!("rsa_primitive_verify_tests.txt"), |section, test_case| { assert_eq!(section, ""); let n = test_case.consume_bytes("n");