11935120896

Committed 20 Nov 2024 02:11PM UTC coverage: 86.555% (+1.3%) from 85.242%

Build # 11935120896

Build Type

Pull #27

github

Committed by

web-flow

Commit Message

Merge d2b3d706b into 383248641

Pull Request Pull Request #27: ci: update grcov to latest stable version

Run Details

6116 of 7066 relevant lines covered (86.56%)

167.28 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

92.23

/src/token/cose/maced/mac0/tests.rs

/*
 * Copyright (c) 2024 The NAMIB Project Developers.
 * Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
 * https://www.apache.org/licenses/LICENSE-2.0> or the MIT license
 * <LICENSE-MIT or https://opensource.org/licenses/MIT>, at your
 * option. This file may not be copied, modified, or distributed
 * except according to those terms.
 *
 * SPDX-License-Identifier: MIT OR Apache-2.0
 */
use core::convert::Infallible;
use std::path::PathBuf;

use coset::iana::Algorithm;
use coset::{CoseError, CoseKey, CoseKeyBuilder, CoseMac0, CoseMac0Builder, Header};
use rstest::rstest;

use crate::token::cose::maced::mac0::{CoseMac0BuilderExt, CoseMac0Ext};
use crate::token::cose::maced::MacCryptoBackend;
use crate::token::cose::test_helper::{
    apply_attribute_failures, apply_header_failures, serialize_cose_with_failures,
    CoseStructTestHelper, TestCase,
};
use crate::token::cose::util::determine_algorithm;
use crate::token::cose::{test_helper, CryptoBackend};

#[cfg(feature = "openssl")]
use crate::token::cose::test_helper::openssl_ctx;
#[cfg(feature = "rustcrypto-hmac")]
use crate::token::cose::test_helper::rustcrypto_ctx;

impl<B: CryptoBackend + MacCryptoBackend> CoseStructTestHelper<B> for CoseMac0 {
    fn from_test_case(case: &TestCase, backend: &mut B) -> Self {
        let mac0_cfg = case
            .input
            .mac0
            .as_ref()
            .expect("expected a CoseMac0 test case, but it was not found");

        let mac0 = CoseMac0Builder::new();

        let recipient = mac0_cfg
            .recipients
            .first()
            .expect("test case has no recipient");

        let unprotected = mac0_cfg.unprotected.clone().unwrap_or_default();

        let enc_key = if recipient.alg == Some(coset::Algorithm::Assigned(Algorithm::Direct))
            || determine_algorithm::<Infallible>(
                None,
                recipient.protected.as_ref(),
                recipient.unprotected.as_ref(),
            ) == Ok(Algorithm::Direct)
        {
            recipient.key.clone()
        } else {
            CoseKeyBuilder::new_symmetric_key(
                case.intermediates
                    .as_ref()
                    .expect("CoseMac0 test case should have intermediates")
                    .cek
                    .clone(),
            )
            .build()
        };

        let mac0 = mac0
            .payload(case.input.plaintext.clone().into_bytes())
            .try_compute(
                backend,
                &enc_key,
                mac0_cfg.protected.clone(),
                Some(unprotected),
                mac0_cfg.external.as_slice(),
            )
            .expect("unable to encrypt Mac0 object");

        mac0.build()
    }

    fn serialize_and_apply_failures(mut self, case: &TestCase) -> Result<Vec<u8>, CoseError> {
        let failures = &case.input.failures;
        if let Some(1) = &failures.change_tag {
            let byte = self
                .payload
                .as_mut()
                .expect("Mac0 has no payload, can't apply failure")
                .first_mut()
                .unwrap();
            *byte = byte.wrapping_add(1);
        }

        apply_header_failures(&mut self.protected.header, failures);

        apply_attribute_failures(&mut self.unprotected, failures)?;
        Ok(serialize_cose_with_failures(self, failures))
    }

    fn check_against_test_case(&self, case: &TestCase, backend: &mut B) {
        let test_case = case
            .input
            .mac0
            .as_ref()
            .expect("CoseMac0 test case expected");
        let keys: Vec<CoseKey> = test_case
            .recipients
            .iter()
            .map(|v| {
                let mut key_with_alg = v.key.clone();
                if key_with_alg.alg.is_none() {
                    key_with_alg.alg.clone_from(&v.alg);
                }
                key_with_alg
            })
            .collect();
        let aad = test_case.external.as_slice();

        let verify_result = self.try_verify(backend, &keys, aad);

        if case.fail {
            verify_result.expect_err("invalid token was successfully verified");
        } else {
            verify_result.expect("unable to verify token");

            assert_eq!(
                &case.input.plaintext.as_bytes(),
                &self.payload.as_deref().unwrap_or(&[] as &[u8])
            );
            let empty_hdr = Header::default();
            assert_eq!(
                test_case.unprotected.as_ref().unwrap_or(&empty_hdr),
                &self.unprotected
            );
            assert_eq!(
                test_case.protected.as_ref().unwrap_or(&empty_hdr),
                &self.protected.header
            );
        }
    }
}

#[rstest]
#[cfg_attr(feature = "openssl", case::openssl(openssl_ctx()))]
#[cfg_attr(feature = "rustcrypto-hmac", case::rustcrypto(rustcrypto_ctx()))]
fn cose_examples_mac0_reference_output<B: MacCryptoBackend>(
    #[files("tests/cose_examples/mac0-tests/mac-*.json")] test_path: PathBuf,
    #[case] backend: B,
) {
    test_helper::perform_cose_reference_output_test::<CoseMac0, B>(test_path, backend);
}

#[rstest]
#[cfg_attr(feature = "openssl", case::openssl(openssl_ctx()))]
#[cfg_attr(feature = "rustcrypto-hmac", case::rustcrypto(rustcrypto_ctx()))]
fn cose_examples_mac0_self_signed<B: MacCryptoBackend>(
    #[files("tests/cose_examples/mac0-tests/mac-*.json")] test_path: PathBuf,
    #[case] backend: B,
) {
    test_helper::perform_cose_self_signed_test::<CoseMac0, B>(test_path, backend);
}

#[rstest]
#[cfg_attr(feature = "openssl", case::openssl(openssl_ctx()))]
#[cfg_attr(feature = "rustcrypto-hmac", case::rustcrypto(rustcrypto_ctx()))]
fn cose_examples_hmac_mac0_reference_output<B: MacCryptoBackend>(
    #[files("tests/cose_examples/hmac-examples/HMac-enc-0[0-4].json")] test_path: PathBuf,
    #[case] backend: B,
) {
    test_helper::perform_cose_reference_output_test::<CoseMac0, B>(test_path, backend);
}

#[rstest]
#[cfg_attr(feature = "openssl", case::openssl(openssl_ctx()))]
#[cfg_attr(feature = "rustcrypto-hmac", case::rustcrypto(rustcrypto_ctx()))]
fn cose_examples_hmac_mac0_self_signed<B: MacCryptoBackend>(
    #[files("tests/cose_examples/hmac-examples/HMac-enc-0[0-4].json")] test_path: PathBuf,
    #[case] backend: B,
) {
    test_helper::perform_cose_self_signed_test::<CoseMac0, B>(test_path, backend);
}

1	/*
2	* Copyright (c) 2024 The NAMIB Project Developers.
3	* Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
4	* https://www.apache.org/licenses/LICENSE-2.0> or the MIT license
5	* <LICENSE-MIT or https://opensource.org/licenses/MIT>, at your
6	* option. This file may not be copied, modified, or distributed
7	* except according to those terms.
8	*
9	* SPDX-License-Identifier: MIT OR Apache-2.0
10	*/
11	use core::convert::Infallible;
12	use std::path::PathBuf;
13
14	use coset::iana::Algorithm;
15	use coset::{CoseError, CoseKey, CoseKeyBuilder, CoseMac0, CoseMac0Builder, Header};
16	use rstest::rstest;
17
18	use crate::token::cose::maced::mac0::{CoseMac0BuilderExt, CoseMac0Ext};
19	use crate::token::cose::maced::MacCryptoBackend;
20	use crate::token::cose::test_helper::{
21	apply_attribute_failures, apply_header_failures, serialize_cose_with_failures,
22	CoseStructTestHelper, TestCase,
23	};
24	use crate::token::cose::util::determine_algorithm;
25	use crate::token::cose::{test_helper, CryptoBackend};
26
27	#[cfg(feature = "openssl")]
28	use crate::token::cose::test_helper::openssl_ctx;
29	#[cfg(feature = "rustcrypto-hmac")]
30	use crate::token::cose::test_helper::rustcrypto_ctx;
31
32	impl<B: CryptoBackend + MacCryptoBackend> CoseStructTestHelper<B> for CoseMac0 {
33	fn from_test_case(case: &TestCase, backend: &mut B) -> Self {	26✔
34	let mac0_cfg = case	26✔
35	.input	26✔
36	.mac0	26✔
37	.as_ref()	26✔
38	.expect("expected a CoseMac0 test case, but it was not found");	26✔
39		26✔
40	let mac0 = CoseMac0Builder::new();	26✔
41		26✔
42	let recipient = mac0_cfg	26✔
43	.recipients	26✔
44	.first()	26✔
45	.expect("test case has no recipient");	26✔
46		26✔
47	let unprotected = mac0_cfg.unprotected.clone().unwrap_or_default();	26✔
48
49	let enc_key = if recipient.alg == Some(coset::Algorithm::Assigned(Algorithm::Direct))	26✔
50	\|\| determine_algorithm::<Infallible>(	26✔
51	None,	26✔
52	recipient.protected.as_ref(),	26✔
53	recipient.unprotected.as_ref(),	26✔
54	) == Ok(Algorithm::Direct)	26✔
55	{
56	recipient.key.clone()	26✔
57	} else {
58	CoseKeyBuilder::new_symmetric_key(	×
59	case.intermediates	×
60	.as_ref()	×
61	.expect("CoseMac0 test case should have intermediates")	×
62	.cek	×
63	.clone(),	×
64	)	×
65	.build()	×
66	};
67
68	let mac0 = mac0	26✔
69	.payload(case.input.plaintext.clone().into_bytes())	26✔
70	.try_compute(	26✔
71	backend,	26✔
72	&enc_key,	26✔
73	mac0_cfg.protected.clone(),	26✔
74	Some(unprotected),	26✔
75	mac0_cfg.external.as_slice(),	26✔
76	)	26✔
77	.expect("unable to encrypt Mac0 object");	26✔
78		26✔
79	mac0.build()	26✔
80	}	26✔
81
82	fn serialize_and_apply_failures(mut self, case: &TestCase) -> Result<Vec<u8>, CoseError> {	26✔
83	let failures = &case.input.failures;	26✔
84	if let Some(1) = &failures.change_tag {	26✔
85	let byte = self	4✔
86	.payload	4✔
87	.as_mut()	4✔
88	.expect("Mac0 has no payload, can't apply failure")	4✔
89	.first_mut()	4✔
90	.unwrap();	4✔
91	*byte = byte.wrapping_add(1);	4✔
92	}	22✔
93
94	apply_header_failures(&mut self.protected.header, failures);	26✔
95		26✔
96	apply_attribute_failures(&mut self.unprotected, failures)?;	26✔
97	Ok(serialize_cose_with_failures(self, failures))	24✔
98	}	26✔
99
100	fn check_against_test_case(&self, case: &TestCase, backend: &mut B) {	44✔
101	let test_case = case	44✔
102	.input	44✔
103	.mac0	44✔
104	.as_ref()	44✔
105	.expect("CoseMac0 test case expected");	44✔
106	let keys: Vec<CoseKey> = test_case	44✔
107	.recipients	44✔
108	.iter()	44✔
109	.map(\|v\| {	44✔
110	let mut key_with_alg = v.key.clone();	44✔
111	if key_with_alg.alg.is_none() {	44✔
112	key_with_alg.alg.clone_from(&v.alg);	44✔
113	}	44✔
114	key_with_alg	44✔
115	})	44✔
116	.collect();	44✔
117	let aad = test_case.external.as_slice();	44✔
118		44✔
119	let verify_result = self.try_verify(backend, &keys, aad);	44✔
120		44✔
121	if case.fail {	44✔
122	verify_result.expect_err("invalid token was successfully verified");	20✔
123	} else {	20✔
124	verify_result.expect("unable to verify token");	24✔
125		24✔
126	assert_eq!(	24✔
127	&case.input.plaintext.as_bytes(),	24✔
128	&self.payload.as_deref().unwrap_or(&[] as &[u8])	24✔
129	);	24✔
130	let empty_hdr = Header::default();	24✔
131	assert_eq!(	24✔
132	test_case.unprotected.as_ref().unwrap_or(&empty_hdr),	24✔
133	&self.unprotected	24✔
134	);	24✔
135	assert_eq!(	24✔
136	test_case.protected.as_ref().unwrap_or(&empty_hdr),	24✔
137	&self.protected.header	24✔
138	);	24✔
139	}
140	}	44✔
141	}
142
143	#[rstest]	36✔
144	#[cfg_attr(feature = "openssl", case::openssl(openssl_ctx()))]
145	#[cfg_attr(feature = "rustcrypto-hmac", case::rustcrypto(rustcrypto_ctx()))]
146	fn cose_examples_mac0_reference_output<B: MacCryptoBackend>(
147	#[files("tests/cose_examples/mac0-tests/mac-*.json")] test_path: PathBuf,
148	#[case] backend: B,
149	) {
150	test_helper::perform_cose_reference_output_test::<CoseMac0, B>(test_path, backend);
151	}
152
153	#[rstest]	36✔
154	#[cfg_attr(feature = "openssl", case::openssl(openssl_ctx()))]
155	#[cfg_attr(feature = "rustcrypto-hmac", case::rustcrypto(rustcrypto_ctx()))]
156	fn cose_examples_mac0_self_signed<B: MacCryptoBackend>(
157	#[files("tests/cose_examples/mac0-tests/mac-*.json")] test_path: PathBuf,
158	#[case] backend: B,
159	) {
160	test_helper::perform_cose_self_signed_test::<CoseMac0, B>(test_path, backend);
161	}
162
163	#[rstest]	16✔
164	#[cfg_attr(feature = "openssl", case::openssl(openssl_ctx()))]
165	#[cfg_attr(feature = "rustcrypto-hmac", case::rustcrypto(rustcrypto_ctx()))]
166	fn cose_examples_hmac_mac0_reference_output<B: MacCryptoBackend>(
167	#[files("tests/cose_examples/hmac-examples/HMac-enc-0[0-4].json")] test_path: PathBuf,
168	#[case] backend: B,
169	) {
170	test_helper::perform_cose_reference_output_test::<CoseMac0, B>(test_path, backend);
171	}
172
173	#[rstest]	16✔
174	#[cfg_attr(feature = "openssl", case::openssl(openssl_ctx()))]
175	#[cfg_attr(feature = "rustcrypto-hmac", case::rustcrypto(rustcrypto_ctx()))]
176	fn cose_examples_hmac_mac0_self_signed<B: MacCryptoBackend>(
177	#[files("tests/cose_examples/hmac-examples/HMac-enc-0[0-4].json")] test_path: PathBuf,
178	#[case] backend: B,
179	) {
180	test_helper::perform_cose_self_signed_test::<CoseMac0, B>(test_path, backend);
181	}

namib-project / dcaf-rs / 11935120896

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous