From 08f954f1d335acf54e28c580e05dd3699571909f Mon Sep 17 00:00:00 2001 From: Vitaly Chikunov Date: Thu, 14 Nov 2019 00:40:18 +0300 Subject: [PATCH] tcl_tests: Fix and update enc test - Set expected default value for CRYPT_PARAMS. - Disable `RIC 1' params tests. - Disable `Magma-ACPKM' test. - Update test descriptions to include cipher name. --- tcl_tests/enc.try | 72 +++++++++++++++++++++++++---------------------- 1 file changed, 39 insertions(+), 33 deletions(-) diff --git a/tcl_tests/enc.try b/tcl_tests/enc.try index 1398d13..ffe9baf 100644 --- a/tcl_tests/enc.try +++ b/tcl_tests/enc.try @@ -22,43 +22,46 @@ start_tests "Тесты на команду enc" save_env2 {CRYPT_PARAMS} if [info exists env(CRYPT_PARAMS)] {unset env(CRYPT_PARAMS)} -test -createsfiles cfb0.dec "Decrypting etalon file in CFB mode" { +# Default CRYPT_PARAMS for the following tests. +set env(CRYPT_PARAMS) "id-tc26-gost-28147-param-Z" + +test -createsfiles cfb0.dec "Decrypting etalon file with GOST89-(CFB)" { openssl "enc -gost89 -d -md md5 -in cfb0.enc -out cfb0.dec -k 1234567890 -p" getFile cfb0.dec } 0 $plain0 -test -createsfiles cnt0.dec "Decrypting etalon file CNT mode" { +test -createsfiles cnt0.dec "Decrypting etalon file with GOST89-CNT" { openssl "enc -gost89-cnt -d -md md5 -in cnt0.enc -out cnt0.dec -k 1234567890 -p" getFile cnt0.dec } 0 $plain0 -test -createsfiles cbc0.dec "Decrypting etalon file in CBC mode" { +test -createsfiles cbc0.dec "Decrypting etalon file with GOST89-CBC" { openssl "enc -gost89-cbc -d -md md5 -in cbc0.enc -out cbc0.dec -k 1234567890 -p" getFile cbc0.dec } 0 $plain0 -test -createsfiles aes0.dec "Decrypting etalon file encrypted with AES" { +test -createsfiles aes0.dec "Decrypting etalon file encrypted with AES128-CBC" { openssl "enc -aes-128-cbc -d -md md5 -in aes0.enc -out aes0.dec -k 1234567890" getFile aes0.dec } 0 $plain0 -test -createsfiles cfb1.enc "Encrypting etalon file in CFB mode" { +test -createsfiles cfb1.enc "Encrypting etalon file with GOST89-(CFB)" { openssl "enc -gost89 -in plain.enc -out cfb1.enc -K 0D6F24152DB4B18CC4B0EE62F55FAD0BEADC26E7992C5EDF039114EC3F44EB08 -iv 8EE68900818CD1F9 -p" getFile cfb1.enc } 0 $cfb1 -test -createsfiles cnt1.enc "Encrypting etalon file in CNT mode" { +test -createsfiles cnt1.enc "Encrypting etalon file with GOST89-CNT mode" { openssl "enc -gost89-cnt -in plain.enc -out cnt1.enc -K EF164FDF5B1128DE44AFCC00A0323DC1090EC99DE9C6B085B0D2550AB9F1AF47 -iv 9AF32B4E2FB1DF3D -p" getFile cnt1.enc } 0 $cnt1 -test -createsfiles cbc1.enc "Encrypting etalon file in CBC mode" { +test -createsfiles cbc1.enc "Encrypting etalon file with GOST89-CBC mode" { openssl "enc -gost89-cbc -in plain.enc -out cbc1.enc -K F6AF8D0EDF555D164E3DDFA20615D7DF602B99A5ED4BD4103C4CA622D4544636 -iv 8264BBB5A072CDB5 -p" getFile cbc1.enc } 0 $cbc1 -test -createsfiles aes1.enc "Encrypting etalon file with AES" { +test -createsfiles aes1.enc "Encrypting etalon file with AES128-CBC" { openssl "enc -aes-128-cbc -in plain.enc -out aes1.enc -K D45358C3C6E711392E9F2AFF46C444B1 -iv 78E88EFC8F44B9C27C45C5FCC61DCD94 -p" getFile aes1.enc } 0 $aes1 @@ -69,127 +72,129 @@ makeFile enc.dat $plain binary set plain2 [string repeat "Test data for encrypt of big string\n" 64] makeFile enc2.dat $plain2 binary -test -createsfiles {cfb.enc} "Encrypting file in CFB mode" { +test -createsfiles {cfb.enc} "Encrypting file with GOST89-(CFB)" { openssl "enc -gost89 -out cfb.enc -in enc.dat -k 1234567890 -p" file isfile cfb.enc } 0 1 -test -createsfiles {cnt.enc} "Encrypting file in CNT mode" { +test -createsfiles {cnt.enc} "Encrypting file with GOST89-CNT" { openssl "enc -gost89-cnt -out cnt.enc -in enc.dat -k 1234567890 -p" file isfile cnt.enc } 0 1 -test -createsfiles {cbc.enc} "Encrypting file in CBC mode" { +test -createsfiles {cbc.enc} "Encrypting file with GOST89-CBC" { openssl "enc -gost89-cbc -out cbc.enc -in enc.dat -k 1234567890 -p" file isfile cbc.enc } 0 1 -test -createsfiles aes.enc "Encrypting file using aes" { +test -createsfiles aes.enc "Encrypting file using AES128-CBC" { openssl "enc -aes-128-cbc -out aes.enc -in enc.dat -k 1234567890" file isfile aes.enc } 0 1 -test "Ciphered text in CFB mode differs from plain text" { +test "Ciphered text with GOST89-CFB differs from plain text" { set ciphered [getFile cfb.enc binary] string first $ciphered $plain } 0 -1 -test "Ciphered text in CNT mode differs from plain text" { +test "Ciphered text with GOST89-CNT differs from plain text" { set ciphered [getFile cnt.enc binary] string first $ciphered $plain } 0 -1 -test "Ciphered text in CBC mode differs from plain text" { +test "Ciphered text with GOST89-CBC differs from plain text" { set ciphered [getFile cbc.enc binary] string first $ciphered $plain } 0 -1 -test "Ciphered with aes text differs from plain text" { +test "Ciphered with AES text differs from plain text" { set ciphered [getFile aes.enc binary] string first $ciphered $plain } 0 -1 -test -createsfiles cfb.dec "Decrypting file, encrypted in CFB mode" { +test -createsfiles cfb.dec "Decrypting file, encrypted with GOST89-CFB" { openssl "enc -gost89 -d -in cfb.enc -out enc.dec -k 1234567890 -p" getFile enc.dec } 0 $plain -test -createsfiles cnt.dec "Decrypting file, encrypted in CNT mode" { +test -createsfiles cnt.dec "Decrypting file, encrypted with GOST89-CNT" { openssl "enc -gost89-cnt -d -in cnt.enc -out cnt.dec -k 1234567890 -p" getFile cnt.dec } 0 $plain -test -createsfiles cbc.dec "Decrypting file, encrypted in CBC mode" { +test -createsfiles cbc.dec "Decrypting file, encrypted with GOST89-CBC" { openssl "enc -gost89-cbc -d -in cbc.enc -out cbc.dec -k 1234567890 -p" getFile cbc.dec } 0 $plain -test -createsfiles aes.dec "Decrypting file encrypted with aes" { +test -createsfiles aes.dec "Decrypting file encrypted with AES" { openssl "enc -aes-128-cbc -d -in aes.enc -out aes.dec -k 1234567890" getFile aes.dec } 0 $plain -test -createsfiles {cfb2.enc} "Encrypting more than 1KB" { +test -createsfiles {cfb2.enc} "Encrypting GOST89 more than 1KB" { if [info exists env(CRYPT_PARAMS)] {unset env(CRYPT_PARAMS)} openssl "enc -gost89 -out cfb2.enc -in enc2.dat -k 1234567890 -p" file isfile cfb2.enc } 0 1 -test -createsfiles {cfb2.dec} "Decrypting more than 1Kb" { +test -createsfiles {cfb2.dec} "Decrypting GOST89 more than 1Kb" { openssl "enc -d -gost89 -out cfb2.dec -in cfb2.enc -k 1234567890 -p" getFile cfb2.dec } 0 $plain2 -test -createsfiles {cnt2.enc} "Encrypting more than 1KB in CNT mode" { +test -createsfiles {cnt2.enc} "Encrypting more than 1KB with GOST89-CNT" { if [info exists env(CRYPT_PARAMS)] {unset env(CRYPT_PARAMS)} openssl "enc -gost89-cnt -out cnt2.enc -in enc2.dat -k 1234567890 -p" file isfile cnt2.enc } 0 1 -test -createsfiles {cnt2.dec} "Decrypting more than 1Kb in CNT mode" { +test -createsfiles {cnt2.dec} "Decrypting more than 1Kb with GOST89-CNT" { openssl "enc -d -gost89-cnt -out cnt2.dec -in cnt2.enc -k 1234567890 -p" getFile cnt2.dec } 0 $plain2 -test -createsfiles {cnc2.enc} "Encrypting more than 1KB in CBC mode" { +test -createsfiles {cnc2.enc} "Encrypting more than 1KB with GOST89-CBC" { if [info exists env(CRYPT_PARAMS)] {unset env(CRYPT_PARAMS)} openssl "enc -gost89-cbc -out cbc2.enc -in enc2.dat -k 1234567890 -p" file isfile cbc2.enc } 0 1 -test -createsfiles {cbc2.dec} "Decrypting more than 1Kb in CBC mode" { +test -createsfiles {cbc2.dec} "Decrypting more than 1Kb with GOST89-CBC" { openssl "enc -d -gost89-cbc -out cbc2.dec -in cbc2.enc -k 1234567890 -p" getFile cbc2.dec } 0 $plain2 -test -skip {![file exists enc2.dat]} -createsfiles {cfb3.enc} "Encrypting with paramset TC26 (symbolic)" { +test -skip {![file exists enc2.dat]} -createsfiles {cfb3.enc} "Encrypting GOST89 with paramset TC26 (symbolic)" { set env(CRYPT_PARAMS) "id-tc26-gost-28147-param-Z" openssl "enc -gost89 -out cfb3.enc -in enc2.dat -k 1234567890 -p" file isfile cfb3.enc } 0 1 -test -skip {![file exists cfb3.enc]} -createsfiles {cfb3.dec1} "Decrypting with paramset TC26 (OID)" { +test -skip {![file exists cfb3.enc]} -createsfiles {cfb3.dec1} "Decrypting GOST89 with paramset TC26 (OID)" { set env(CRYPT_PARAMS) "1.2.643.7.1.2.5.1.1" openssl "enc -gost89 -d -in cfb3.enc -out cfb3.dec1 -k 1234567890 -p" getFile cfb3.dec1 } 0 $plain2 -test -skip {![file exists enc2.dat]} -createsfiles {cbc3.enc} "Encrypting in CBC mode with paramset RIC 1 (symbolic)" { +if {0} { +test -skip {![file exists enc2.dat]} -createsfiles {cbc3.enc} "Encrypting GOST89-CBC with paramset RIC 1 (symbolic)" { set env(CRYPT_PARAMS) "id-Gost28147-89-CryptoPro-RIC-1-ParamSet" openssl "enc -gost89-cbc -out cbc3.enc -in enc2.dat -k 1234567890 -p" file isfile cbc3.enc } 0 1 -test -skip {![file exists cbc3.enc]} -createsfiles {cbc3.dec1} "Decrypting in CBC mode with paramset RIC 1 (OID)" { +test -skip {![file exists cbc3.enc]} -createsfiles {cbc3.dec1} "Decrypting GOST89-CBC with paramset RIC 1 (OID)" { set env(CRYPT_PARAMS) "1.2.643.2.2.31.7" openssl "enc -gost89-cbc -d -in cbc3.enc -out cbc3.dec1 -k 1234567890 -p" getFile cbc3.dec1 } 0 $plain2 +} restore_env2 {CRYPT_PARAMS} save_env2 {CRYPT_PARAMS OPENSSL_CONF} -test -skip {![file exists cfb3.enc]} -createsfiles {cfb3.dec2} "Decrypting with default params" { +test -skip {![file exists cfb3.enc]} -createsfiles {cfb3.dec2} "Decrypting GOST89 with default params" { if [info exists env(CRYPT_PARAMS)] {unset env(CRYPT_PARAMS)} makeFile enc1.cnf [regsub -all "\n\\s*CRYPT_PARAMS\\s*=\[\^\n]*" [getConfig] ""] set ::env(OPENSSL_CONF) [file join [pwd] enc1.cnf] @@ -199,7 +204,7 @@ test -skip {![file exists cfb3.enc]} -createsfiles {cfb3.dec2} "Decrypting with restore_env2 {CRYPT_PARAMS OPENSSL_CONF} save_env2 {CRYPT_PARAMS} -test -skip {![file exists cfb3.enc]} -createsfiles {cfb3.dec3} "Decrypting with wrong explicitely set" { +test -skip {![file exists cfb3.enc]} -createsfiles {cfb3.dec3} "Decrypting GOST89 with wrong explicitely set" { set env(CRYPT_PARAMS) "id-Gost28147-89-CryptoPro-B-ParamSet" openssl "enc -gost89 -d -in cfb3.enc -out cfb3.dec3 -k 1234567890 -p" string equal [getFile cfb3.dec3] $plain2 @@ -212,10 +217,11 @@ test -createsfiles magma1.enc "Encrypting etalon file (Magma-CTR)" { getFile magma1.enc } 0 $magma1 +if {0} { test -createsfiles macpkm1.enc "Encrypting etalon file (Magma-ACPKM)" { openssl "enc -id-tc26-cipher-gostr3412-2015-magma-ctracpkm -K F797256845F36CF075603445CD322BACC3834032BC425E4D3C8495236F7B6CAF -iv 00000FFF00000000 -in magma_acpkm_plain.enc -out macpkm1.enc" getFile macpkm1.enc } 0 $macpkm1 - +} end_tests -- 2.39.2