Fix box_seal/2 and box_seal_open/3.

* Call the functions `box_seal` and `box_seal_open` to match the libsodium names in module `enacl`. * Fix a bug in the C NIF: We should fail if the input is `<` SEALBYTES but not on `<=` SEALBYTES. The latter made it impossible to encode empty messages. * Add variants which run directly on the interpreter scheduler for small messages. Also: * Provide full EQC functions for the testing purposes. This generated around 13000 random test cases in a 5 minute run, all passing.# Please enter the commit message for your changes. Lines starting
2015-08-14 22:03:33 +02:00
parent 4676328efa
commit f444d1e4ac
4 changed files with 84 additions and 13 deletions
@@ -129,6 +129,20 @@ box(Msg, Nonce , PK, SK) ->
        error:badarg -> badarg
    end.

+box_seal(Msg, PK) ->
+    try
+        enacl:box_seal(Msg, PK)
+    catch
+       error:badarg -> badarg
+    end.
+
+box_seal_open(Cph, PK, SK) ->
+    try
+        enacl:box_seal_open(Cph, PK, SK)
+    catch
+        error:badarg -> badarg
+    end.
+
 box_open(CphText, Nonce, PK, SK) ->
    try
        enacl:box_open(CphText, Nonce, PK, SK)
@@ -137,7 +151,8 @@ box_open(CphText, Nonce, PK, SK) ->
    end.

 failure(badarg) -> true;
-failure(_) -> false.
+failure({error, failed_verification}) -> true;
+failure(X) -> {failure, X}.

 prop_box_correct() ->
    ?FORALL({Msg, Nonce, {PK1, SK1}, {PK2, SK2}},
@@ -188,6 +203,41 @@ prop_box_failure_integrity() ->
                    end
            end
        end).
+        
+prop_seal_box_failure_integrity() ->
+    ?FORALL({Msg, {PK1, SK1}}, {fault_rate(1,40,g_iodata()), fault_rate(1,40,keypair())},
+      begin
+         case v_iodata(Msg) andalso keypair_valid(PK1, SK1) of
+           true ->
+             CT = enacl:box_seal(Msg, PK1),
+             Err = enacl:box_seal_open([<<"x">>, CT], PK1, SK1),
+             equals(Err, {error, failed_verification});
+           false ->
+             case box_seal(Msg, PK1) of
+                 badarg -> true;
+                 Res ->
+                    failure(box_seal_open(Res, PK1, SK1))
+            end
+        end
+    end).
+
+prop_seal_box_correct() ->
+    ?FORALL({Msg, {PK1, SK1}},
+        {fault_rate(1, 40, g_iodata()),
+         fault_rate(1, 40, keypair())},
+     begin
+         case v_iodata(Msg) andalso keypair_valid(PK1, SK1) of
+             true ->
+                 SealedCipherText = enacl:box_seal(Msg, PK1),
+                 {ok, DecodedMsg} = enacl:box_seal_open(SealedCipherText, PK1, SK1),
+                 equals(iolist_to_binary(Msg), DecodedMsg);
+             false ->
+                case box_seal(Msg, PK1) of
+                    badarg -> true;
+                    Res -> failure(box_seal_open(Res, PK1, SK1))
+                end
+         end
+     end).

 %% PRECOMPUTATIONS
 beforenm_key() ->