From 6a60fe2603eca50769f940f8f9bf88792a6256c8 Mon Sep 17 00:00:00 2001 From: Sun Yimin Date: Tue, 19 Jul 2022 09:47:36 +0800 Subject: [PATCH] ccm: add unit test cases and support ignore --- .github/codecov.yaml | 6 ++++++ cipher/ccm_test.go | 33 +++++++++++++++++++++++++++++++++ pkcs8/pkcs8.go | 5 ----- 3 files changed, 39 insertions(+), 5 deletions(-) create mode 100644 .github/codecov.yaml diff --git a/.github/codecov.yaml b/.github/codecov.yaml new file mode 100644 index 0000000..a71a9e8 --- /dev/null +++ b/.github/codecov.yaml @@ -0,0 +1,6 @@ +codecov: + require_ci_to_pass: yes + +ignore: + - "sm2/gen_p256_table.go" + - "sm4/sm4ni_gcm_asm.go" diff --git a/cipher/ccm_test.go b/cipher/ccm_test.go index 8a02da4..a166b35 100644 --- a/cipher/ccm_test.go +++ b/cipher/ccm_test.go @@ -236,6 +236,19 @@ func TestCCMInvalidTagSize(t *testing.T) { } } +func TestCCMInvalidNonceSize(t *testing.T) { + key, _ := hex.DecodeString("ab72c77b97cb5fe9a382d9fe81ffdbed") + + c, _ := aes.NewCipher(key) + + for _, nonceSize := range []int{0, 1, c.BlockSize() + 1} { + aesccm, err := cipher.NewCCMWithNonceSize(c, nonceSize) + if aesccm != nil || err == nil { + t.Fatalf("NewCCMWithNonceSize was successful with an invalid %d-byte tag size", nonceSize) + } + } +} + func TestCCMTagFailureOverwrite(t *testing.T) { key, _ := hex.DecodeString("ab72c77b97cb5fe9a382d9fe81ffdbed") nonce, _ := hex.DecodeString("54cc7dc2c37ec006bcc6d1db") @@ -264,3 +277,23 @@ func TestCCMTagFailureOverwrite(t *testing.T) { } } } + +func TestCCMLongAd(t *testing.T) { + key, _ := hex.DecodeString("ab72c77b97cb5fe9a382d9fe81ffdbed") + nonce, _ := hex.DecodeString("54cc7dc2c37ec006bcc6d1db") + + c, _ := aes.NewCipher(key) + aesccm, _ := cipher.NewCCM(c) + + ad := make([]byte, 0x10000) + ct := aesccm.Seal(nil, nonce, nil, ad) + if hex.EncodeToString(ct) != "e1ad65c3bfaba94b1085aff8c6ea2698" { + t.Errorf("got %s, want e1ad65c3bfaba94b1085aff8c6ea2698", hex.EncodeToString(ct)) + } + + ad = make([]byte, 1<<32+1) + ct = aesccm.Seal(nil, nonce, nil, ad) + if hex.EncodeToString(ct) != "c1949a661c605ff5640a29dd3e285ddb" { + t.Errorf("got %s, want c1949a661c605ff5640a29dd3e285ddb", hex.EncodeToString(ct)) + } +} diff --git a/pkcs8/pkcs8.go b/pkcs8/pkcs8.go index 26819d1..83926ea 100644 --- a/pkcs8/pkcs8.go +++ b/pkcs8/pkcs8.go @@ -36,11 +36,6 @@ const ( SM3 ) -// HashFunc simply returns the value of h so that Hash implements SignerOpts. -func (h Hash) HashFunc() Hash { - return h -} - // New returns a new hash.Hash calculating the given hash function. New panics // if the hash function is not linked into the binary. func (h Hash) New() hash.Hash {