From 1bb907b38e1fefdfb4ad66f1d423a607477deb3c Mon Sep 17 00:00:00 2001 From: Jakob Unterwurzacher Date: Wed, 4 May 2016 19:51:58 +0200 Subject: cryptocore: add API tests --- internal/cryptocore/crypto_api.go | 56 --------------------------------- internal/cryptocore/cryptocore.go | 57 ++++++++++++++++++++++++++++++++++ internal/cryptocore/cryptocore_test.go | 35 +++++++++++++++++++++ 3 files changed, 92 insertions(+), 56 deletions(-) delete mode 100644 internal/cryptocore/crypto_api.go create mode 100644 internal/cryptocore/cryptocore.go create mode 100644 internal/cryptocore/cryptocore_test.go (limited to 'internal/cryptocore') diff --git a/internal/cryptocore/crypto_api.go b/internal/cryptocore/crypto_api.go deleted file mode 100644 index 0db9bbb..0000000 --- a/internal/cryptocore/crypto_api.go +++ /dev/null @@ -1,56 +0,0 @@ -package cryptocore - -import ( - "crypto/aes" - "crypto/cipher" - "fmt" -) - -const ( - KeyLen = 32 // AES-256 - AuthTagLen = 16 -) - -type CryptoCore struct { - BlockCipher cipher.Block - Gcm cipher.AEAD - GcmIVGen *nonceGenerator - IVLen int -} - -func New(key []byte, useOpenssl bool, GCMIV128 bool) *CryptoCore { - - if len(key) != KeyLen { - panic(fmt.Sprintf("Unsupported key length %d", len(key))) - } - - // We want the IV size in bytes - IVLen := 96 / 8 - if GCMIV128 { - IVLen = 128 / 8 - } - - // We always use built-in Go crypto for blockCipher because it is not - // performance-critical. - blockCipher, err := aes.NewCipher(key) - if err != nil { - panic(err) - } - - var gcm cipher.AEAD - if useOpenssl { - gcm = opensslGCM{key} - } else { - gcm, err = goGCMWrapper(blockCipher, IVLen) - if err != nil { - panic(err) - } - } - - return &CryptoCore{ - BlockCipher: blockCipher, - Gcm: gcm, - GcmIVGen: &nonceGenerator{nonceLen: IVLen}, - IVLen: IVLen, - } -} diff --git a/internal/cryptocore/cryptocore.go b/internal/cryptocore/cryptocore.go new file mode 100644 index 0000000..f286896 --- /dev/null +++ b/internal/cryptocore/cryptocore.go @@ -0,0 +1,57 @@ +package cryptocore + +import ( + "crypto/aes" + "crypto/cipher" + "fmt" +) + +const ( + KeyLen = 32 // AES-256 + AuthTagLen = 16 +) + +type CryptoCore struct { + BlockCipher cipher.Block + Gcm cipher.AEAD + GcmIVGen *nonceGenerator + IVLen int +} + +// "New" returns a new CryptoCore object or panics. +func New(key []byte, useOpenssl bool, GCMIV128 bool) *CryptoCore { + + if len(key) != KeyLen { + panic(fmt.Sprintf("Unsupported key length %d", len(key))) + } + + // We want the IV size in bytes + IVLen := 96 / 8 + if GCMIV128 { + IVLen = 128 / 8 + } + + // We always use built-in Go crypto for blockCipher because it is not + // performance-critical. + blockCipher, err := aes.NewCipher(key) + if err != nil { + panic(err) + } + + var gcm cipher.AEAD + if useOpenssl { + gcm = opensslGCM{key} + } else { + gcm, err = goGCMWrapper(blockCipher, IVLen) + if err != nil { + panic(err) + } + } + + return &CryptoCore{ + BlockCipher: blockCipher, + Gcm: gcm, + GcmIVGen: &nonceGenerator{nonceLen: IVLen}, + IVLen: IVLen, + } +} diff --git a/internal/cryptocore/cryptocore_test.go b/internal/cryptocore/cryptocore_test.go new file mode 100644 index 0000000..fd6a300 --- /dev/null +++ b/internal/cryptocore/cryptocore_test.go @@ -0,0 +1,35 @@ +package cryptocore + +import ( + "testing" +) + +// "New" should accept all param combinations +func TestCryptoCoreNew(t *testing.T) { + key := make([]byte, 32) + + c := New(key, true, true) + if c.IVLen != 16 { + t.Fail() + } + c = New(key, true, false) + if c.IVLen != 12 { + t.Fail() + } + c = New(key, false, true) + if c.IVLen != 16 { + t.Fail() + } +} + +// "New" should panic on any key not 32 bytes long +func TestNewPanic(t *testing.T) { + defer func() { + if r := recover(); r == nil { + t.Errorf("The code did not panic") + } + }() + + key := make([]byte, 16) + New(key, true, true) +} -- cgit v1.2.3