aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMagnus Henoch <[email protected]>2016-09-12 17:00:26 +0100
committerMagnus Henoch <[email protected]>2016-09-28 15:09:42 +0100
commit96cc0088baa6bba5eb018897dd9bd095a5ac70db (patch)
tree81757e31c33a0c36c1bc4318b79e366cbf91a012
parent275224b036c1713bd3162484d17b160ca8203116 (diff)
downloadotp-96cc0088baa6bba5eb018897dd9bd095a5ac70db.tar.gz
otp-96cc0088baa6bba5eb018897dd9bd095a5ac70db.tar.bz2
otp-96cc0088baa6bba5eb018897dd9bd095a5ac70db.zip
Use proper test data for FIPS mode negative tests
block_crypt_nif does some sanity tests on its arguments before trying to initialise the cipher. This made some of the tests in crypto_SUITE fail, since they were expecting notsup, not badarg. Fix this by passing the same test data as for the positive tests.
-rw-r--r--lib/crypto/test/crypto_SUITE.erl33
1 files changed, 22 insertions, 11 deletions
diff --git a/lib/crypto/test/crypto_SUITE.erl b/lib/crypto/test/crypto_SUITE.erl
index 02b25ce62f..ab4aa76b93 100644
--- a/lib/crypto/test/crypto_SUITE.erl
+++ b/lib/crypto/test/crypto_SUITE.erl
@@ -159,7 +159,7 @@ groups() ->
{no_blowfish_cfb64, [], [no_support, no_block]},
{no_blowfish_ofb64, [], [no_support, no_block]},
{no_aes_ige256, [], [no_support, no_block]},
- {no_chacha20_poly1305, [], [no_support, no_block]},
+ {no_chacha20_poly1305, [], [no_support, no_aead]},
{no_rc2_cbc, [], [no_support, no_block]},
{no_rc4, [], [no_support, no_stream]}
].
@@ -222,7 +222,8 @@ init_per_group(GroupName, Config) ->
"no_" ++ TypeStr ->
%% Negated test case: check the algorithm is not supported
%% (e.g. due to FIPS mode limitations)
- [{type, list_to_atom(TypeStr)} | Config];
+ TypeAtom = list_to_atom(TypeStr),
+ [{type, TypeAtom} | group_config(TypeAtom, Config)];
_Other ->
%% Regular test case: skip if the algorithm is not supported
case is_supported(GroupName) of
@@ -340,19 +341,29 @@ block(Config) when is_list(Config) ->
no_block() ->
[{doc, "Test disabled block ciphers"}].
no_block(Config) when is_list(Config) ->
- Type = ?config(type, Config),
- Args = case Type of
- des_ecb ->
- [Type, <<"Key">>, <<"Hi There">>];
- blowfish_ecb ->
- [Type, <<"Key">>, <<"Hi There">>];
- _ ->
- [Type, <<"Key">>, <<"Ivec">>, <<"Hi There">>]
- end,
+ Blocks = proplists:get_value(block, Config),
+ Args = case Blocks of
+ [{_Type, _Key, _PlainText} = A | _] ->
+ tuple_to_list(A);
+ [{_Type, _Key, _IV, _PlainText} = A | _] ->
+ tuple_to_list(A);
+ [{Type, Key, IV, PlainText, _CipherText} | _] ->
+ [Type, Key, IV, PlainText]
+ end,
N = length(Args),
notsup(fun crypto:block_encrypt/N, Args),
notsup(fun crypto:block_decrypt/N, Args).
%%--------------------------------------------------------------------
+no_aead() ->
+ [{doc, "Test disabled aead ciphers"}].
+no_aead(Config) when is_list(Config) ->
+ [{Type, Key, PlainText, Nonce, AAD, CipherText, CipherTag} | _] =
+ proplists:get_value(aead, Config),
+ EncryptArgs = [Type, Key, Nonce, {AAD, PlainText}],
+ DecryptArgs = [Type, Key, Nonce, {AAD, CipherText, CipherTag}],
+ notsup(fun crypto:block_encrypt/4, EncryptArgs),
+ notsup(fun crypto:block_decrypt/4, DecryptArgs).
+%%--------------------------------------------------------------------
stream() ->
[{doc, "Test stream ciphers"}].
stream(Config) when is_list(Config) ->