spideroak-crypto 0.7.0

SpiderOak's cryptography library
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158

//! [`Kdf`] tests.

extern crate alloc;

use alloc::vec;

use more_asserts::assert_ge;

use super::assert_ct_eq;
use crate::kdf::{Kdf, KdfError};

/// Invokes `callback` for each KDF test.
///
/// # Example
///
/// ```
/// use spideroak_crypto::rust::HkdfSha256;
///
/// macro_rules! run_test {
///     ($test:ident) => {
///         spideroak_crypto::test_util::kdf::$test::<HkdfSha256>();
///     }
/// }
/// spideroak_crypto::for_each_kdf_test!(run_test);
/// ```
#[macro_export]
macro_rules! for_each_kdf_test {
    ($callback:ident) => {
        $crate::__apply! {
            $callback,
            test_arbitrary_len,
            test_max_output,
        }
    };
}

/// Performs all of the tests in this module.
///
/// This macro expands into a bunch of individual `#[test]`
/// functions.
///
/// # Example
///
/// ```
/// use spideroak_crypto::{test_kdf, rust::HkdfSha256};
///
/// // Without test vectors.
/// test_kdf!(hkdf_sha256, HkdfSha256);
///
/// // With test vectors.
/// test_kdf!(hkdf_sha256_with_vecs, HkdfSha256, HkdfTest::HkdfSha256);
/// ```
#[macro_export]
macro_rules! test_kdf {
    ($name:ident, $kdf:ty $(, HkdfTest::$vectors:ident)?) => {
        mod $name {
            #[allow(unused_imports)]
            use super::*;

            $crate::test_kdf!($kdf $(, HkdfTest::$vectors)?);
        }
    };
    ($kdf:ty $(, HkdfTest::$vectors:ident)?) => {
        macro_rules! __kdf_test {
            ($test:ident) => {
                #[test]
                fn $test() {
                    $crate::test_util::kdf::$test::<$kdf>()
                }
            };
        }
        $crate::for_each_kdf_test!(__kdf_test);

        $(
            #[test]
            fn vectors() {
                $crate::test_util::vectors::test_hkdf::<$kdf>(
                    $crate::test_util::vectors::HkdfTest::$vectors,
                );
            }
        )?
    };
}
pub use test_kdf;

/// Asserts the following:
///
/// - invoking [`Kdf::extract`] twice results in the same PRK
/// - invoking [`Kdf::expand`] twice results in the same key
/// - [`Kdf::extract_and_expand`] is the same as invoking
///   both [`Kdf::extract`] and [`Kdf::expand`].
fn check<T: Kdf>(out1: &mut [u8], out2: &mut [u8], ikm: &[u8], salt: &[u8], info: &[u8]) {
    // extract should return the same output
    assert_ct_eq!(
        T::extract(ikm, salt),
        T::extract(ikm, salt),
        "extract returned different outputs"
    );

    // expand should also return the same ouput
    let prk = T::extract(ikm, salt);
    T::expand(out1, &prk, info).expect("expand failed");
    T::expand(out2, &prk, info).expect("expand failed");
    assert_eq!(out1, out2, "expand returned different outputs");

    let tmp = out1.to_vec();

    // and so should extract_and_expand
    T::extract_and_expand(out1, ikm, salt, info).expect("extract_and_expand failed");
    T::extract_and_expand(out2, ikm, salt, info).expect("extract_and_expand failed");
    assert_eq!(out1, out2, "extract_and_expand returned different outputs");

    assert_eq!(
        out1,
        &tmp[..],
        "extract_and_expand differs from extract+expand"
    );
}

/// Tests that we can use arbitrary length IKM, salts, and
/// infos.
pub fn test_arbitrary_len<T: Kdf>() {
    const N: usize = 255 * 64;

    let mut out1 = [0u8; 517];
    let mut out2 = [0u8; 517];

    // Must support arbitrary length IKMs, salts, and infos.
    let ikm = [0u8; N];
    let salt = [0u8; N];
    let info = [0u8; N];
    for i in (0..ikm.len()).step_by(77) {
        check::<T>(&mut out1, &mut out2, &ikm[..i], &salt[..i], &info[..i]);
    }
}

/// Tests that we can't exceed [`Kdf::MAX_OUTPUT`].
pub fn test_max_output<T: Kdf>() {
    // Must support at least 512 bits of output.
    assert_ge!(T::MAX_OUTPUT, 64);

    // It's possible that `MAX_OUTPUT` is something silly,
    // like 2 GiB. If this is the case, we have to assume it
    // does the Right Thing.
    const TOO_LARGE: usize = 500 * 1024 * 1024;
    if T::MAX_OUTPUT > TOO_LARGE {
        #[cfg(any(test, feature = "std"))]
        eprintln!(
            "skipping 'test_max_output': MAX_OUTPUT too large: {}",
            T::MAX_OUTPUT
        );
        return;
    }
    let mut out = vec![0u8; T::MAX_OUTPUT + 1];
    let err = T::extract_and_expand(&mut out[..], &[], &[], &[])
        .expect_err("output larger than MAX_OUTPUT, but no error");
    assert_eq!(err, KdfError::OutputTooLong);
}