[go] crypto: add tests for the Block interface

[Manuel Sabin (Gerrit)]

Attention needed from Garrett

New activity on the change

Open in Gerrit

Related details

Attention is currently required from:

• Garrett

Submit Requirements:

• Code-Review
• No-Unresolved-Comments
• Review-Enforcement
• TryBots-Pass

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

Gerrit-MessageType: comment

Gerrit-Project: go

Gerrit-Branch: master

Gerrit-Change-Id: Ieea3752147c8163fc73a849cfcb8fa011205d2c2

Gerrit-Change-Number: 594018

Gerrit-PatchSet: 3

Gerrit-Owner: Manuel Sabin <msab...@gmail.com>

Gerrit-Reviewer: Garrett <garrett...@gmail.com>

Gerrit-Attention: Garrett <garrett...@gmail.com>

Gerrit-Comment-Date: Fri, 21 Jun 2024 21:24:28 +0000

Gerrit-HasComments: No

Gerrit-Has-Labels: No

[Manuel Sabin (Gerrit)]

Attention needed from Filippo Valsorda, Garrett and Roland Shoemaker

Manuel Sabin uploaded new patchset

Manuel Sabin uploaded patch set #4 to this change.

Open in Gerrit

Related details

Attention is currently required from:

• Filippo Valsorda
• Garrett
• Roland Shoemaker

Submit Requirements:

• Code-Review
• No-Unresolved-Comments
• Review-Enforcement
• TryBots-Pass

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

Gerrit-MessageType: newpatchset

Gerrit-Project: go

Gerrit-Branch: master

Gerrit-Change-Id: Ieea3752147c8163fc73a849cfcb8fa011205d2c2

Gerrit-Change-Number: 594018

Gerrit-PatchSet: 4

Gerrit-Owner: Manuel Sabin <msab...@gmail.com>

Gerrit-Reviewer: Filippo Valsorda <fil...@golang.org>

Gerrit-Reviewer: Garrett <garrett...@gmail.com>

Gerrit-Reviewer: Roland Shoemaker <rol...@golang.org>

Gerrit-Attention: Garrett <garrett...@gmail.com>

Gerrit-Attention: Roland Shoemaker <rol...@golang.org>

Gerrit-Attention: Filippo Valsorda <fil...@golang.org>

[Manuel Sabin (Gerrit)]

Attention needed from Filippo Valsorda, Garrett and Roland Shoemaker

Manuel Sabin uploaded new patchset

Manuel Sabin uploaded patch set #5 to this change.

Open in Gerrit

Related details

Attention is currently required from:

• Filippo Valsorda
• Garrett
• Roland Shoemaker

Submit Requirements:

• Code-Review
• No-Unresolved-Comments
• Review-Enforcement
• TryBots-Pass

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

Gerrit-MessageType: newpatchset

Gerrit-Project: go

Gerrit-Branch: master

Gerrit-Change-Id: Ieea3752147c8163fc73a849cfcb8fa011205d2c2

Gerrit-Change-Number: 594018

Gerrit-PatchSet: 5

Gerrit-Owner: Manuel Sabin <msab...@gmail.com>

Gerrit-Reviewer: Filippo Valsorda <fil...@golang.org>

Gerrit-Reviewer: Garrett <garrett...@gmail.com>

Gerrit-Reviewer: Roland Shoemaker <rol...@golang.org>

Gerrit-CC: Russell Webb <russel...@protonmail.com>

[Manuel Sabin (Gerrit)]

Attention needed from Filippo Valsorda and Garrett

Manuel Sabin uploaded new patchset

Manuel Sabin uploaded patch set #6 to this change.

Open in Gerrit

Related details

Attention is currently required from:

• Filippo Valsorda
• Garrett

Submit Requirements:

• Code-Review
• No-Unresolved-Comments
• Review-Enforcement
• TryBots-Pass

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

Gerrit-MessageType: newpatchset

Gerrit-Project: go

Gerrit-Branch: master

Gerrit-Change-Id: Ieea3752147c8163fc73a849cfcb8fa011205d2c2

Gerrit-Change-Number: 594018

Gerrit-PatchSet: 6

Gerrit-Owner: Manuel Sabin <msab...@gmail.com>

Gerrit-Reviewer: Filippo Valsorda <fil...@golang.org>

Gerrit-CC: Clide Stefani <cstefan...@gmail.com>

Gerrit-CC: Esra Al <esra....@gmail.com>

Gerrit-CC: Garrett <garrett...@gmail.com>

Gerrit-CC: Russell Webb <russel...@protonmail.com>

Gerrit-Attention: Garrett <garrett...@gmail.com>

Gerrit-Attention: Filippo Valsorda <fil...@golang.org>

[Manuel Sabin (Gerrit)]

Attention needed from Filippo Valsorda and Garrett

Manuel Sabin uploaded new patchset

Manuel Sabin uploaded patch set #7 to this change.

Open in Gerrit

Related details

Attention is currently required from:

• Filippo Valsorda
• Garrett

Submit Requirements:

• Code-Review
• No-Unresolved-Comments
• Review-Enforcement
• TryBots-Pass

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

Gerrit-MessageType: newpatchset

Gerrit-Project: go

Gerrit-Branch: master

Gerrit-Change-Id: Ieea3752147c8163fc73a849cfcb8fa011205d2c2

Gerrit-Change-Number: 594018

Gerrit-PatchSet: 7

[Manuel Sabin (Gerrit)]

Attention needed from Filippo Valsorda and Garrett

Manuel Sabin added 1 comment

File src/crypto/internal/cryptotest/block.go

Line 42, Patchset 6: t.Run("InvertibleEncryptDecrypt", func(t *testing.T) {

Manuel Sabin . resolved

Maybe call this Cycle to match with cipher.BlockMode tester name

Open in Gerrit

Related details

Attention is currently required from:

• Filippo Valsorda
• Garrett

Submit Requirements:

• Code-Review
• No-Unresolved-Comments
• Review-Enforcement
• TryBots-Pass

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

Gerrit-MessageType: comment

Gerrit-Project: go

Gerrit-Branch: master

Gerrit-Change-Id: Ieea3752147c8163fc73a849cfcb8fa011205d2c2

Gerrit-Change-Number: 594018

Gerrit-PatchSet: 7

Gerrit-Owner: Manuel Sabin <msab...@gmail.com>

Gerrit-Reviewer: Filippo Valsorda <fil...@golang.org>

Gerrit-CC: Clide Stefani <cstefan...@gmail.com>

Gerrit-CC: Esra Al <esra....@gmail.com>

Gerrit-CC: Garrett <garrett...@gmail.com>

Gerrit-CC: Russell Webb <russel...@protonmail.com>

Gerrit-Attention: Garrett <garrett...@gmail.com>

Gerrit-Attention: Filippo Valsorda <fil...@golang.org>

Gerrit-Comment-Date: Wed, 26 Jun 2024 21:36:21 +0000

Gerrit-HasComments: Yes

Gerrit-Has-Labels: No

[Russell Webb (Gerrit)]

Attention needed from Filippo Valsorda, Garrett and Manuel Sabin

Russell Webb added 8 comments

File src/crypto/internal/cryptotest/block.go

Line 18, Patchset 7 (Latest): rng := newRandReader(t)

Russell Webb . unresolved

Call this in each test case.

Line 42, Patchset 7 (Latest): t.Run("Cycle", func(t *testing.T) {
// Check Decrypt inverts Encrypt
before, ciphertext, after := make([]byte, blockSize), make([]byte, blockSize), make([]byte, blockSize)

rng.Read(before)

block.Encrypt(ciphertext, before)
block.Decrypt(after, ciphertext)

expectEqual(t, after, before, "plaintext is different after an encrypt/decrypt cycle")

// Check Encrypt inverts Decrypt (assumes block ciphers are deterministic)
before, plaintext, after := make([]byte, blockSize), make([]byte, blockSize), make([]byte, blockSize)

rng.Read(before)

block.Decrypt(plaintext, before)
block.Encrypt(after, plaintext)

expectEqual(t, after, before, "ciphertext is different after a decrypt/encrypt cycle")
})

Russell Webb . unresolved

I recommend splitting these up into two separate test cases. In this case it's not crucial, but:

In the abstract, each test case should verify one desired behavior.
In the concrete, if the merged test case fails on the first expect, the second expect will never run, so the person running the test won't know if it would have passed or failed.

Line 68, Patchset 7 (Latest): src, dst, before := make([]byte, blockSize*2), make([]byte, blockSize*2), make([]byte, blockSize*2)

rng.Read(src)
copy(before, src)
cipher(dst[:blockSize], src[:blockSize])
expectEqual(t, src, before, "block cipher modified src")

// cipher on the same src data should yield same output even if dst=src
copy(src, before)
cipher(src[:blockSize], src[:blockSize])
expectEqual(t, src[:blockSize], dst[:blockSize], "block cipher behaves differently when dst = src")

rng.Read(src)
rng.Read(dst)
copy(before, dst)
cipher(dst, src[:blockSize])
expectEqual(t, dst[blockSize:], before[blockSize:], "block cipher modified dst past BlockSize bytes")

// cipher should yield same dst when given same src even if src is longer
// than BlockSize
copy(before, dst)
cipher(dst, src) // src unchanged from last cipher call except longer
expectEqual(t, dst[:blockSize], before[:blockSize], "block cipher affected by src data beyond BlockSize bytes")

Russell Webb . unresolved

In this case, having four separate test cases is probably even more valuable - if I'm debugging my cipher.Block, I probably want to know whether each test is passing/failing, rather than just which is the first to fail.

Line 100, Patchset 7 (Latest): copy(beforePrefix, dst[:blockSize])

Russell Webb . unresolved

Optional: Consider giving your indices into dst (blocksize, blocksize*2) semantically meaningful names (maybe startOfBlock and startOfSuffix?)

Line 130, Patchset 7 (Latest): t.Run("BufferOverlap", func(t *testing.T) {
// Make src and dst slices point to same array with inexact overlap
src := make([]byte, blockSize+1)
rng.Read(src)
dst := src[1:]

mustPanic(t, "invalid buffer overlap", func() { cipher(dst, src) })
})

Russell Webb . unresolved

Optional: also test single-byte overlaps (off-by-one is a mischievous beast).

Line 130, Patchset 7 (Latest): t.Run("BufferOverlap", func(t *testing.T) {
// Make src and dst slices point to same array with inexact overlap
src := make([]byte, blockSize+1)
rng.Read(src)
dst := src[1:]

mustPanic(t, "invalid buffer overlap", func() { cipher(dst, src) })
})

Russell Webb . unresolved

Optional: also test overlap where src starts later in the underlying array than dst. (Defining both src and dst as slices into a common buffer might make this easier)

Line 143, Patchset 7 (Latest): bytes := func(n int) []byte { return make([]byte, n+1)[0:n] }

Russell Webb . unresolved

Optional: rename this (perhaps subslice?) to avoid confusion with https://pkg.go.dev/bytes

Line 146, Patchset 7 (Latest): mustPanic(t, "output not full block", func() { cipher(bytes(blockSize-1), bytes(blockSize)) })

Russell Webb . unresolved

I'm guessing the cipher function can't reasonably extend the dst slice here because it's not returning the updated dst slice?

Open in Gerrit

Related details

Attention is currently required from:

• Filippo Valsorda
• Garrett
• Manuel Sabin

Submit Requirements:

• Code-Review

• No-Unresolved-Comments

• Review-Enforcement
• TryBots-Pass

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

Gerrit-MessageType: comment

Gerrit-Project: go

Gerrit-Branch: master

Gerrit-Change-Id: Ieea3752147c8163fc73a849cfcb8fa011205d2c2

Gerrit-Change-Number: 594018

Gerrit-PatchSet: 7

Gerrit-Owner: Manuel Sabin <msab...@gmail.com>

Gerrit-Reviewer: Filippo Valsorda <fil...@golang.org>

Gerrit-Reviewer: Russell Webb <russel...@protonmail.com>

Gerrit-CC: Clide Stefani <cstefan...@gmail.com>

Gerrit-CC: Esra Al <esra....@gmail.com>

Gerrit-CC: Garrett <garrett...@gmail.com>

Gerrit-Attention: Garrett <garrett...@gmail.com>

Gerrit-Attention: Manuel Sabin <msab...@gmail.com>

Gerrit-Attention: Filippo Valsorda <fil...@golang.org>

Gerrit-Comment-Date: Fri, 28 Jun 2024 00:40:44 +0000

Gerrit-HasComments: Yes

Gerrit-Has-Labels: No

[Manuel Sabin (Gerrit)]

Attention needed from Filippo Valsorda, Garrett and Russell Webb

Manuel Sabin added 8 comments

File src/crypto/internal/cryptotest/block.go

Line 18, Patchset 7: rng := newRandReader(t)

Russell Webb . resolved

Call this in each test case.

Manuel Sabin

Done

Line 42, Patchset 7: t.Run("Cycle", func(t *testing.T) {


// Check Decrypt inverts Encrypt
before, ciphertext, after := make([]byte, blockSize), make([]byte, blockSize), make([]byte, blockSize)

rng.Read(before)

block.Encrypt(ciphertext, before)
block.Decrypt(after, ciphertext)

expectEqual(t, after, before, "plaintext is different after an encrypt/decrypt cycle")

// Check Encrypt inverts Decrypt (assumes block ciphers are deterministic)
before, plaintext, after := make([]byte, blockSize), make([]byte, blockSize), make([]byte, blockSize)

rng.Read(before)

block.Decrypt(plaintext, before)
block.Encrypt(after, plaintext)

expectEqual(t, after, before, "ciphertext is different after a decrypt/encrypt cycle")
})

Russell Webb . unresolved

I recommend splitting these up into two separate test cases. In this case it's not crucial, but:

In the abstract, each test case should verify one desired behavior.
In the concrete, if the merged test case fails on the first expect, the second expect will never run, so the person running the test won't know if it would have passed or failed.

Manuel Sabin

The tests actually all run even if an earlier one fails. When breaking the tests I can get these errors to all print out in one test run.

Happy to split tests but I've also been grouping some tests based on patterns I've seen in the pre-existing crypto tests and Filippo's drafts for BlockMode/Stream tests. I'm still getting a sense of Go's idioms, so I'm not sure which is more idiomatic.
Do you have leanings given that all the tests do in fact run and print (hopefully descriptive error msgs) even if an early one fails?

Line 68, Patchset 7: src, dst, before := make([]byte, blockSize*2), make([]byte, blockSize*2), make([]byte, blockSize*2)



rng.Read(src)
copy(before, src)
cipher(dst[:blockSize], src[:blockSize])
expectEqual(t, src, before, "block cipher modified src")

// cipher on the same src data should yield same output even if dst=src
copy(src, before)
cipher(src[:blockSize], src[:blockSize])
expectEqual(t, src[:blockSize], dst[:blockSize], "block cipher behaves differently when dst = src")

rng.Read(src)
rng.Read(dst)
copy(before, dst)
cipher(dst, src[:blockSize])
expectEqual(t, dst[blockSize:], before[blockSize:], "block cipher modified dst past BlockSize bytes")

// cipher should yield same dst when given same src even if src is longer
// than BlockSize
copy(before, dst)
cipher(dst, src) // src unchanged from last cipher call except longer
expectEqual(t, dst[:blockSize], before[:blockSize], "block cipher affected by src data beyond BlockSize bytes")

Russell Webb . unresolved

In this case, having four separate test cases is probably even more valuable - if I'm debugging my cipher.Block, I probably want to know whether each test is passing/failing, rather than just which is the first to fail.

Manuel Sabin

See above comment on Cycle

Line 100, Patchset 7: copy(beforePrefix, dst[:blockSize])

Russell Webb . resolved

Optional: Consider giving your indices into dst (blocksize, blocksize*2) semantically meaningful names (maybe startOfBlock and startOfSuffix?)

Manuel Sabin

Done

Line 130, Patchset 7: t.Run("BufferOverlap", func(t *testing.T) {


// Make src and dst slices point to same array with inexact overlap
src := make([]byte, blockSize+1)
rng.Read(src)
dst := src[1:]

mustPanic(t, "invalid buffer overlap", func() { cipher(dst, src) })
})

Russell Webb . resolved

Optional: also test single-byte overlaps (off-by-one is a mischievous beast).

Manuel Sabin

Done

Line 130, Patchset 7: t.Run("BufferOverlap", func(t *testing.T) {


// Make src and dst slices point to same array with inexact overlap
src := make([]byte, blockSize+1)
rng.Read(src)
dst := src[1:]

mustPanic(t, "invalid buffer overlap", func() { cipher(dst, src) })
})

Russell Webb . resolved

Optional: also test overlap where src starts later in the underlying array than dst. (Defining both src and dst as slices into a common buffer might make this easier)

Manuel Sabin

Done

Line 143, Patchset 7: bytes := func(n int) []byte { return make([]byte, n+1)[0:n] }

Russell Webb . resolved

Optional: rename this (perhaps subslice?) to avoid confusion with https://pkg.go.dev/bytes

Manuel Sabin

Done

Line 146, Patchset 7: mustPanic(t, "output not full block", func() { cipher(bytes(blockSize-1), bytes(blockSize)) })

Russell Webb . unresolved

I'm guessing the cipher function can't reasonably extend the dst slice here because it's not returning the updated dst slice?

Manuel Sabin

Probably not, unless it does some shenanigans with the slice header. But I think this test is just enforcing that cipher will panic if given too small of a dst slice

Open in Gerrit

Related details

Attention is currently required from:

• Filippo Valsorda
• Garrett
• Russell Webb

Submit Requirements:

• Code-Review
• No-Unresolved-Comments
• Review-Enforcement
• TryBots-Pass

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

Gerrit-MessageType: comment

Gerrit-Project: go

Gerrit-Branch: master

Gerrit-Change-Id: Ieea3752147c8163fc73a849cfcb8fa011205d2c2

Gerrit-Change-Number: 594018

Gerrit-PatchSet: 8

Gerrit-Owner: Manuel Sabin <msab...@gmail.com>

Gerrit-Reviewer: Filippo Valsorda <fil...@golang.org>

Gerrit-Reviewer: Russell Webb <russel...@protonmail.com>

Gerrit-CC: Clide Stefani <cstefan...@gmail.com>

Gerrit-CC: Esra Al <esra....@gmail.com>

Gerrit-CC: Garrett <garrett...@gmail.com>

Gerrit-Attention: Garrett <garrett...@gmail.com>

Gerrit-Attention: Russell Webb <russel...@protonmail.com>

Gerrit-Attention: Filippo Valsorda <fil...@golang.org>

Gerrit-Comment-Date: Fri, 28 Jun 2024 13:59:21 +0000

Gerrit-HasComments: Yes

Gerrit-Has-Labels: No

Comment-In-Reply-To: Russell Webb <russel...@protonmail.com>

[Manuel Sabin (Gerrit)]

Attention needed from Filippo Valsorda, Garrett and Russell Webb

Manuel Sabin uploaded new patchset

Manuel Sabin uploaded patch set #8 to this change.

Open in Gerrit

Related details

Attention is currently required from:

• Filippo Valsorda
• Garrett
• Russell Webb

Submit Requirements:

• Code-Review
• No-Unresolved-Comments
• Review-Enforcement
• TryBots-Pass

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

Gerrit-MessageType: newpatchset

[Manuel Sabin (Gerrit)]

Attention needed from Filippo Valsorda, Garrett and Russell Webb

Manuel Sabin uploaded new patchset

Manuel Sabin uploaded patch set #9 to this change.

Open in Gerrit

Related details

Attention is currently required from:

• Filippo Valsorda
• Garrett
• Russell Webb

Submit Requirements:

• Code-Review
• No-Unresolved-Comments
• Review-Enforcement
• TryBots-Pass

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

Gerrit-MessageType: newpatchset

Gerrit-Project: go

Gerrit-Branch: master

Gerrit-Change-Id: Ieea3752147c8163fc73a849cfcb8fa011205d2c2

Gerrit-Change-Number: 594018

Gerrit-PatchSet: 9

[Manuel Sabin (Gerrit)]

Attention needed from Filippo Valsorda, Garrett and Russell Webb

Manuel Sabin uploaded new patchset

Manuel Sabin uploaded patch set #10 to this change.

Open in Gerrit

Related details

Attention is currently required from:

• Filippo Valsorda
• Garrett
• Russell Webb

Submit Requirements:

• Code-Review
• No-Unresolved-Comments
• Review-Enforcement
• TryBots-Pass

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

Gerrit-MessageType: newpatchset

Gerrit-Project: go

Gerrit-Branch: master

Gerrit-Change-Id: Ieea3752147c8163fc73a849cfcb8fa011205d2c2

Gerrit-Change-Number: 594018

Gerrit-PatchSet: 10

[Manuel Sabin (Gerrit)]

Attention needed from Filippo Valsorda, Garrett and Russell Webb

Manuel Sabin added 1 comment

File src/crypto/aes/aes_test.go

Line 324, Patchset 10 (Latest): cryptotest.TestBlock(t, keylen/8, NewCipher)

Manuel Sabin . unresolved

NewCipher seems to conditionally return different implementations.
Should we call each implementation individually here instead? i.e. boring.NewAESCipher, newCipherGeneric, and newCipher?

Open in Gerrit

Related details

Attention is currently required from:

• Filippo Valsorda
• Garrett
• Russell Webb

Submit Requirements:

• Code-Review
• No-Unresolved-Comments
• Review-Enforcement
• TryBots-Pass

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

Gerrit-MessageType: comment

Gerrit-Project: go

Gerrit-Branch: master

Gerrit-Change-Id: Ieea3752147c8163fc73a849cfcb8fa011205d2c2

Gerrit-Change-Number: 594018

Gerrit-PatchSet: 10

Gerrit-Owner: Manuel Sabin <msab...@gmail.com>

Gerrit-Reviewer: Filippo Valsorda <fil...@golang.org>

Gerrit-Reviewer: Russell Webb <russel...@protonmail.com>

Gerrit-CC: Clide Stefani <cstefan...@gmail.com>

Gerrit-CC: Esra Al <esra....@gmail.com>

Gerrit-CC: Garrett <garrett...@gmail.com>

Gerrit-Attention: Garrett <garrett...@gmail.com>

Gerrit-Attention: Russell Webb <russel...@protonmail.com>

Gerrit-Attention: Filippo Valsorda <fil...@golang.org>

Gerrit-Comment-Date: Fri, 28 Jun 2024 15:14:59 +0000

Gerrit-HasComments: Yes

Gerrit-Has-Labels: No

[Manuel Sabin (Gerrit)]

Attention needed from Filippo Valsorda and Russell Webb

Manuel Sabin uploaded new patchset

Manuel Sabin uploaded patch set #11 to this change.

Open in Gerrit

Related details

Attention is currently required from:

• Filippo Valsorda
• Russell Webb

Submit Requirements:

• Code-Review
• No-Unresolved-Comments
• Review-Enforcement
• TryBots-Pass

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

Gerrit-MessageType: newpatchset

Gerrit-Project: go

Gerrit-Branch: master

Gerrit-Change-Id: Ieea3752147c8163fc73a849cfcb8fa011205d2c2

Gerrit-Change-Number: 594018

Gerrit-PatchSet: 11

Gerrit-Owner: Manuel Sabin <msab...@gmail.com>

Gerrit-Reviewer: Filippo Valsorda <fil...@golang.org>

Gerrit-Reviewer: Russell Webb <russel...@protonmail.com>

Gerrit-CC: Clide Stefani <cstefan...@gmail.com>

Gerrit-CC: Esra Al <esra....@gmail.com>

Gerrit-CC: Garrett <garrett...@gmail.com>

[Russell Webb (Gerrit)]

Attention needed from Filippo Valsorda and Manuel Sabin

Russell Webb voted and added 8 comments

Votes added by Russell Webb

Code-Review

+1

8 comments

File src/crypto/internal/cryptotest/block.go

Line 42, Patchset 7: t.Run("Cycle", func(t *testing.T) {
// Check Decrypt inverts Encrypt
before, ciphertext, after := make([]byte, blockSize), make([]byte, blockSize), make([]byte, blockSize)

rng.Read(before)

block.Encrypt(ciphertext, before)
block.Decrypt(after, ciphertext)

expectEqual(t, after, before, "plaintext is different after an encrypt/decrypt cycle")

// Check Encrypt inverts Decrypt (assumes block ciphers are deterministic)
before, plaintext, after := make([]byte, blockSize), make([]byte, blockSize), make([]byte, blockSize)

rng.Read(before)

block.Decrypt(plaintext, before)
block.Encrypt(after, plaintext)

expectEqual(t, after, before, "ciphertext is different after a decrypt/encrypt cycle")
})

Russell Webb . resolved

I recommend splitting these up into two separate test cases. In this case it's not crucial, but:

In the abstract, each test case should verify one desired behavior.
In the concrete, if the merged test case fails on the first expect, the second expect will never run, so the person running the test won't know if it would have passed or failed.

Manuel Sabin

The tests actually all run even if an earlier one fails. When breaking the tests I can get these errors to all print out in one test run.

Happy to split tests but I've also been grouping some tests based on patterns I've seen in the pre-existing crypto tests and Filippo's drafts for BlockMode/Stream tests. I'm still getting a sense of Go's idioms, so I'm not sure which is more idiomatic.
Do you have leanings given that all the tests do in fact run and print (hopefully descriptive error msgs) even if an early one fails?

Russell Webb

Good catch; I stand corrected. I do still like isolating test cases from each other in terms of cognitive load and state leak between them, but I don't think it's as critical. I'll leave it to Filippo's preferences.

Line 68, Patchset 11 (Latest): t.Run("Aliasing", func(t *testing.T) {

Russell Webb . unresolved

I really do think this would be better as separate test cases, particularly because the cognitive load of thinking about how they interact is non-trivial.

For example, figuring out that the "dst" value calculated in the first test case is being used as the expected value for the second was not immediately obvious - it'd be easier to understand if it was called "expectedCryptext" or something.

Line 80, Patchset 11 (Latest): // cipher on the same src data should yield same output even if dst=src

Russell Webb . unresolved

This is confusing to me because "dst" is overloaded - it refers to both the first argument of cipher and the variable defined on line 71, where the former is correct and the latter is the "obvious" interpretation.

Can we say "input and output locations are the same" or something to that effect?

Line 84, Patchset 11 (Latest): t.Errorf("block cipher behaves differently when dst = src; got %x, want %x", src[:blockSize], dst[:blockSize])

Russell Webb . unresolved

Nit: I'd describe this as 'different cryptext produced when...'

Line 68, Patchset 7: src, dst, before := make([]byte, blockSize*2), make([]byte, blockSize*2), make([]byte, blockSize*2)

rng.Read(src)
copy(before, src)
cipher(dst[:blockSize], src[:blockSize])
expectEqual(t, src, before, "block cipher modified src")

// cipher on the same src data should yield same output even if dst=src
copy(src, before)
cipher(src[:blockSize], src[:blockSize])
expectEqual(t, src[:blockSize], dst[:blockSize], "block cipher behaves differently when dst = src")

rng.Read(src)
rng.Read(dst)
copy(before, dst)
cipher(dst, src[:blockSize])
expectEqual(t, dst[blockSize:], before[blockSize:], "block cipher modified dst past BlockSize bytes")

// cipher should yield same dst when given same src even if src is longer
// than BlockSize
copy(before, dst)
cipher(dst, src) // src unchanged from last cipher call except longer
expectEqual(t, dst[:blockSize], before[:blockSize], "block cipher affected by src data beyond BlockSize bytes")

Russell Webb . resolved

In this case, having four separate test cases is probably even more valuable - if I'm debugging my cipher.Block, I probably want to know whether each test is passing/failing, rather than just which is the first to fail.

Manuel Sabin

See above comment on Cycle

Russell Webb

Acknowledged

Line 135, Patchset 11 (Latest): ctrlDst := make([]byte, blockSize) // Record a control ciphertext

Russell Webb . unresolved

nit: expectedDst?

Line 146, Patchset 7: mustPanic(t, "output not full block", func() { cipher(bytes(blockSize-1), bytes(blockSize)) })

Russell Webb . resolved

I'm guessing the cipher function can't reasonably extend the dst slice here because it's not returning the updated dst slice?

Manuel Sabin

Probably not, unless it does some shenanigans with the slice header. But I think this test is just enforcing that cipher will panic if given too small of a dst slice

Russell Webb

Acknowledged

Line 170, Patchset 11 (Latest): // src comes after dst with inexact overlap

Russell Webb . unresolved

Would it be accurate to say "one byte overlap" here?

Open in Gerrit

Related details

Attention is currently required from:

• Filippo Valsorda
• Manuel Sabin

Submit Requirements:

• Code-Review
• No-Unresolved-Comments
• Review-Enforcement
• TryBots-Pass

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

Gerrit-MessageType: comment

Gerrit-Project: go

Gerrit-Branch: master

Gerrit-Change-Id: Ieea3752147c8163fc73a849cfcb8fa011205d2c2

Gerrit-Change-Number: 594018

Gerrit-PatchSet: 11

Gerrit-Owner: Manuel Sabin <msab...@gmail.com>

Gerrit-Reviewer: Filippo Valsorda <fil...@golang.org>

Gerrit-Reviewer: Russell Webb <russel...@protonmail.com>

Gerrit-CC: Clide Stefani <cstefan...@gmail.com>

Gerrit-CC: Esra Al <esra....@gmail.com>

Gerrit-CC: Garrett <garrett...@gmail.com>

Gerrit-Attention: Manuel Sabin <msab...@gmail.com>

Gerrit-Attention: Filippo Valsorda <fil...@golang.org>

Gerrit-Comment-Date: Wed, 03 Jul 2024 22:12:16 +0000

Gerrit-HasComments: Yes

Gerrit-Has-Labels: Yes

Comment-In-Reply-To: Russell Webb <russel...@protonmail.com>

Comment-In-Reply-To: Manuel Sabin <msab...@gmail.com>