actions: generate a config file for fscrypt

This commit adds in the actions package. This package will be the
highest-level interface to the fscrypt packages. The public functions
in this package will be called directly from cmd/fscrypt.

The actions added in this commit pertain to creating and reading the
fscrypt global config file "fscrypt.conf". The challenging part about
creating this file is finding the correct hashing parameters for the
desired time target.

The getHashingCosts() function finds the desired costs by doubling the
costs and running the passphrase hash until the target is exceeded.
Then, a cost estimate is obtained using a linear interpolation between
the last two costs (and their time results).

Change-Id: I4a0eaf4856ec4ff49eb4360da3267f7caa9d07b2

1 files changed, 105 insertions, 0 deletions

diff --git a/actions/config_test.go b/actions/config_test.go
new file mode 100644
index 0000000..2b10c10
--- /dev/null
+++ b/actions/config_test.go
@@ -0,0 +1,105 @@
+/*
+ * config_test.go - tests for setting up the config file
+ *
+ * Copyright 2017 Google Inc.
+ * Author: Joe Richey (joerichey@google.com)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not
+ * use this file except in compliance with the License. You may obtain a copy of
+ * the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ */
+
+package actions
+
+import (
+	"io/ioutil"
+	"log"
+	"os"
+	"testing"
+	"time"
+)
+
+const testTime = 10 * time.Millisecond
+
+func init() {
+	// All our testing uses an alternative config file location, so we don't
+	// need root to run the tests
+	ConfigFileLocation = "fscrypt_test.conf"
+}
+
+// Tests that we can make the config files with and without legacy settings
+func TestMakeConfig(t *testing.T) {
+	defer os.RemoveAll(ConfigFileLocation)
+
+	err := NewConfigFile(testTime, true)
+	if err != nil {
+		t.Error(err)
+	}
+	os.RemoveAll(ConfigFileLocation)
+
+	err = NewConfigFile(testTime, false)
+	if err != nil {
+		t.Error(err)
+	}
+}
+
+// Tests that we can find valid hashing costs for various time targets and the
+// estimations are somewhat close to the targets.
+func TestCostsSearch(t *testing.T) {
+	for _, target := range []time.Duration{
+		100 * time.Microsecond,
+		1 * time.Millisecond,
+		10 * time.Millisecond,
+		100 * time.Millisecond,
+	} {
+		costs, err := getHashingCosts(target)
+		if err != nil {
+			t.Error(err)
+		}
+		actual, err := timeHashingCosts(costs)
+		if err != nil {
+			t.Error(err)
+		}
+
+		// Timing tests are only reliable for sufficiently long targets.
+		if target > time.Millisecond {
+			if actual*2 < target {
+				t.Errorf("actual=%v is too small (target=%v)", actual, target)
+			}
+			if target*2 < actual {
+				t.Errorf("actual=%v is too big (target=%v)", actual, target)
+			}
+		}
+	}
+}
+
+func benchmarkCostsSearch(b *testing.B, target time.Duration) {
+	// Disable logging for benchmarks
+	log.SetOutput(ioutil.Discard)
+	for i := 0; i < b.N; i++ {
+		_, err := getHashingCosts(target)
+		if err != nil {
+			b.Fatal(err)
+		}
+	}
+}
+
+func BenchmarkCostsSearch10ms(b *testing.B) {
+	benchmarkCostsSearch(b, 10*time.Millisecond)
+}
+
+func BenchmarkCostsSearch100ms(b *testing.B) {
+	benchmarkCostsSearch(b, 100*time.Millisecond)
+}
+
+func BenchmarkCostsSearch1s(b *testing.B) {
+	benchmarkCostsSearch(b, time.Second)
+}