diff options
| author | Magnus Henoch <[email protected]> | 2016-09-12 17:00:26 +0100 |
|---|---|---|
| committer | Magnus Henoch <[email protected]> | 2016-09-28 15:09:42 +0100 |
| commit | 96cc0088baa6bba5eb018897dd9bd095a5ac70db (patch) | |
| tree | 81757e31c33a0c36c1bc4318b79e366cbf91a012 /lib/crypto/test | |
| parent | 275224b036c1713bd3162484d17b160ca8203116 (diff) | |
| download | otp-96cc0088baa6bba5eb018897dd9bd095a5ac70db.tar.gz otp-96cc0088baa6bba5eb018897dd9bd095a5ac70db.tar.bz2 otp-96cc0088baa6bba5eb018897dd9bd095a5ac70db.zip | |
Use proper test data for FIPS mode negative tests
block_crypt_nif does some sanity tests on its arguments before trying
to initialise the cipher. This made some of the tests in crypto_SUITE
fail, since they were expecting notsup, not badarg. Fix this by
passing the same test data as for the positive tests.
Diffstat (limited to 'lib/crypto/test')
| -rw-r--r-- | lib/crypto/test/crypto_SUITE.erl | 33 |
1 files changed, 22 insertions, 11 deletions
diff --git a/lib/crypto/test/crypto_SUITE.erl b/lib/crypto/test/crypto_SUITE.erl index 02b25ce62f..ab4aa76b93 100644 --- a/lib/crypto/test/crypto_SUITE.erl +++ b/lib/crypto/test/crypto_SUITE.erl @@ -159,7 +159,7 @@ groups() -> {no_blowfish_cfb64, [], [no_support, no_block]}, {no_blowfish_ofb64, [], [no_support, no_block]}, {no_aes_ige256, [], [no_support, no_block]}, - {no_chacha20_poly1305, [], [no_support, no_block]}, + {no_chacha20_poly1305, [], [no_support, no_aead]}, {no_rc2_cbc, [], [no_support, no_block]}, {no_rc4, [], [no_support, no_stream]} ]. @@ -222,7 +222,8 @@ init_per_group(GroupName, Config) -> "no_" ++ TypeStr -> %% Negated test case: check the algorithm is not supported %% (e.g. due to FIPS mode limitations) - [{type, list_to_atom(TypeStr)} | Config]; + TypeAtom = list_to_atom(TypeStr), + [{type, TypeAtom} | group_config(TypeAtom, Config)]; _Other -> %% Regular test case: skip if the algorithm is not supported case is_supported(GroupName) of @@ -340,19 +341,29 @@ block(Config) when is_list(Config) -> no_block() -> [{doc, "Test disabled block ciphers"}]. no_block(Config) when is_list(Config) -> - Type = ?config(type, Config), - Args = case Type of - des_ecb -> - [Type, <<"Key">>, <<"Hi There">>]; - blowfish_ecb -> - [Type, <<"Key">>, <<"Hi There">>]; - _ -> - [Type, <<"Key">>, <<"Ivec">>, <<"Hi There">>] - end, + Blocks = proplists:get_value(block, Config), + Args = case Blocks of + [{_Type, _Key, _PlainText} = A | _] -> + tuple_to_list(A); + [{_Type, _Key, _IV, _PlainText} = A | _] -> + tuple_to_list(A); + [{Type, Key, IV, PlainText, _CipherText} | _] -> + [Type, Key, IV, PlainText] + end, N = length(Args), notsup(fun crypto:block_encrypt/N, Args), notsup(fun crypto:block_decrypt/N, Args). %%-------------------------------------------------------------------- +no_aead() -> + [{doc, "Test disabled aead ciphers"}]. +no_aead(Config) when is_list(Config) -> + [{Type, Key, PlainText, Nonce, AAD, CipherText, CipherTag} | _] = + proplists:get_value(aead, Config), + EncryptArgs = [Type, Key, Nonce, {AAD, PlainText}], + DecryptArgs = [Type, Key, Nonce, {AAD, CipherText, CipherTag}], + notsup(fun crypto:block_encrypt/4, EncryptArgs), + notsup(fun crypto:block_decrypt/4, DecryptArgs). +%%-------------------------------------------------------------------- stream() -> [{doc, "Test stream ciphers"}]. stream(Config) when is_list(Config) -> |