crypto: tests, errors, and descriptor computation

This changes the crypto package so it now builds in light of the changes to the util and metadata package. This commit also improves the error handling, adds tests, and makes it so recovery keys now correspond to Policy keys (as they are used to recover a directory in the absence of any metadata). The only feature addition here is the ability to compute descriptors. For backwards compatibility, we keep the same descriptor algorithm used before (double SHA512). Change-Id: Ia2b53c6e85ce65c57595e6823d3c4c92219bc8dc
author: Joe Richey joerichey@google.com <joerichey@google.com> 2017-05-23 18:41:36 -0700
committer: Joe Richey joerichey@google.com <joerichey@google.com> 2017-05-31 12:37:35 -0700
commit: bc66b8a56ee7ae4f703cf30502aff8b7d68953d0 (patch)
tree: ed58e8e175e3edb86234df5772858adaffe9cab2 /crypto/recovery_test.go
parent: 44c2c7aeda3de09a405ed06aadacbc2c0c7f2a67 (diff)
1 files changed, 40 insertions, 10 deletions
diff --git a/crypto/recovery_test.go b/crypto/recovery_test.go
index 2ee18f0..3e3a50f 100644
--- a/crypto/recovery_test.go
+++ b/crypto/recovery_test.go
@@ -23,12 +23,13 @@ package crypto
 import (
 	"bytes"
 	"fmt"
+	"fscrypt/metadata"
 	"testing"
 )
 
-const fakeSecretRecoveryCode = "EYTCMJRG-EYTCMJRG-EYTCMJRG-EYTCMJRG-EYTCMJRG-EYTCMJRG-EYTA===="
+const fakeSecretRecoveryCode = "EYTCMJRG-EYTCMJRG-EYTCMJRG-EYTCMJRG-EYTCMJRG-EYTCMJRG-EYTCMJRG-EYTCMJRG-EYTCMJRG-EYTCMJRG-EYTCMJRG-EYTCMJRG-EYTCMJQ="
 
-var fakeSecretKey, _ = makeKey(38, InternalKeyLen)
+var fakeSecretKey, _ = makeKey(38, metadata.PolicyKeyLen)
 
 // Note that this function is INSECURE. FOR TESTING ONLY
 func getRecoveryCodeFromKey(key *Key) ([]byte, error) {
@@ -40,10 +41,11 @@ func getRecoveryCodeFromKey(key *Key) ([]byte, error) {
 }
 
 func getRandomRecoveryCodeBuffer() ([]byte, error) {
-	key, err := NewRandomKey(InternalKeyLen)
+	key, err := NewRandomKey(metadata.PolicyKeyLen)
 	if err != nil {
 		return nil, err
 	}
+	defer key.Wipe()
 	return getRecoveryCodeFromKey(key)
 }
 
@@ -63,6 +65,7 @@ func testKeyEncodeDecode(key *Key) error {
 	if err != nil {
 		return err
 	}
+	defer key2.Wipe()
 
 	if !bytes.Equal(key.data, key2.data) {
 		return fmt.Errorf("encoding then decoding %x didn't yield the same key", key.data)
@@ -77,6 +80,7 @@ func testRecoveryDecodeEncode(buf []byte) error {
 	if err != nil {
 		return err
 	}
+	defer key.Wipe()
 
 	buf2, err := getRecoveryCodeFromKey(key)
 	if err != nil {
@@ -112,10 +116,11 @@ func TestFakeSecretKey(t *testing.T) {
 }
 
 func TestEncodeDecode(t *testing.T) {
-	key, err := NewRandomKey(InternalKeyLen)
+	key, err := NewRandomKey(metadata.PolicyKeyLen)
 	if err != nil {
 		t.Fatal(err)
 	}
+	defer key.Wipe()
 
 	if err = testKeyEncodeDecode(key); err != nil {
 		t.Error(err)
@@ -134,10 +139,11 @@ func TestDecodeEncode(t *testing.T) {
 }
 
 func TestWrongLengthError(t *testing.T) {
-	key, err := NewRandomKey(InternalKeyLen - 1)
+	key, err := NewRandomKey(metadata.PolicyKeyLen - 1)
 	if err != nil {
 		t.Fatal(err)
 	}
+	defer key.Wipe()
 
 	if _, err = getRecoveryCodeFromKey(key); err == nil {
 		t.Error("key with wrong length should have failed to encode")
@@ -146,28 +152,40 @@ func TestWrongLengthError(t *testing.T) {
 
 func TestBadCharacterError(t *testing.T) {
 	buf, err := getRandomRecoveryCodeBuffer()
+	if err != nil {
+		t.Fatal(err)
+	}
 	// Lowercase letters not allowed
 	buf[3] = 'k'
-	if _, err = getKeyFromRecoveryCode(buf); err == nil {
+	if key, err := getKeyFromRecoveryCode(buf); err == nil {
+		key.Wipe()
 		t.Error("lowercase letters should make decoding fail")
 	}
 }
 
 func TestBadEndCharacterError(t *testing.T) {
 	buf, err := getRandomRecoveryCodeBuffer()
+	if err != nil {
+		t.Fatal(err)
+	}
 	// Separator must be '-'
 	buf[blockSize] = '_'
-	if _, err = getKeyFromRecoveryCode(buf); err == nil {
+	if key, err := getKeyFromRecoveryCode(buf); err == nil {
+		key.Wipe()
 		t.Error("any separator that isn't '-' should make decoding fail")
 	}
 }
 
 func BenchmarkEncode(b *testing.B) {
-	key, err := NewRandomKey(InternalKeyLen)
+	b.StopTimer()
+
+	key, err := NewRandomKey(metadata.PolicyKeyLen)
 	if err != nil {
 		b.Fatal(err)
 	}
+	defer key.Wipe()
 
+	b.StartTimer()
 	for n := 0; n < b.N; n++ {
 		if _, err = getRecoveryCodeFromKey(key); err != nil {
 			b.Fatal(err)
@@ -176,24 +194,33 @@ func BenchmarkEncode(b *testing.B) {
 }
 
 func BenchmarkDecode(b *testing.B) {
+	b.StopTimer()
+
 	buf, err := getRandomRecoveryCodeBuffer()
 	if err != nil {
 		b.Fatal(err)
 	}
 
+	b.StartTimer()
 	for n := 0; n < b.N; n++ {
-		if _, err = getKeyFromRecoveryCode(buf); err != nil {
+		key, err := getKeyFromRecoveryCode(buf)
+		if err != nil {
 			b.Fatal(err)
 		}
+		key.Wipe()
 	}
 }
 
 func BenchmarkEncodeDecode(b *testing.B) {
-	key, err := NewRandomKey(InternalKeyLen)
+	b.StopTimer()
+
+	key, err := NewRandomKey(metadata.PolicyKeyLen)
 	if err != nil {
 		b.Fatal(err)
 	}
+	defer key.Wipe()
 
+	b.StartTimer()
 	for n := 0; n < b.N; n++ {
 		if err = testKeyEncodeDecode(key); err != nil {
 			b.Fatal(err)
@@ -202,11 +229,14 @@ func BenchmarkEncodeDecode(b *testing.B) {
 }
 
 func BenchmarkDecodeEncode(b *testing.B) {
+	b.StopTimer()
+
 	buf, err := getRandomRecoveryCodeBuffer()
 	if err != nil {
 		b.Fatal(err)
 	}
 
+	b.StartTimer()
 	for n := 0; n < b.N; n++ {
 		if err = testRecoveryDecodeEncode(buf); err != nil {
 			b.Fatal(err)
author	Joe Richey joerichey@google.com <joerichey@google.com>	2017-05-23 18:41:36 -0700
committer	Joe Richey joerichey@google.com <joerichey@google.com>	2017-05-31 12:37:35 -0700
commit	bc66b8a56ee7ae4f703cf30502aff8b7d68953d0 (patch)
tree	ed58e8e175e3edb86234df5772858adaffe9cab2 /crypto/recovery_test.go
parent	44c2c7aeda3de09a405ed06aadacbc2c0c7f2a67 (diff)