Bug 627097: Audit usage of js-ctypes in Sync/WeaveCrypto. r=philiKON
authorRichard Newman <rnewman@mozilla.com>
Tue, 25 Jan 2011 21:31:41 -0800
changeset 61479 9bff5fa7cab3833d9a4fb79f28b2cccb16aa227c
parent 61478 53e6fd558a14a4838247d153c268465a82a5b01f
child 61480 1c9bdb06d07af6863735848255907f0f223ae4fb
push id1
push userroot
push dateTue, 10 Dec 2013 15:46:25 +0000
reviewersphiliKON
bugs627097
Bug 627097: Audit usage of js-ctypes in Sync/WeaveCrypto. r=philiKON
services/crypto/tests/unit/test_crypto_crypt.js
services/crypto/tests/unit/test_crypto_random.js
services/sync/tests/unit/test_utils_deriveKey.js
--- a/services/crypto/tests/unit/test_crypto_crypt.js
+++ b/services/crypto/tests/unit/test_crypto_crypt.js
@@ -3,16 +3,31 @@ try {
   Components.utils.import("resource://services-crypto/WeaveCrypto.js");
   cryptoSvc = new WeaveCrypto();
 } catch (ex) {
   // Fallback to binary WeaveCrypto
   cryptoSvc = Cc["@labs.mozilla.com/Weave/Crypto;1"]
                 .getService(Ci.IWeaveCrypto);
 }
 
+function run_test() {
+  
+  if ("makeSECItem" in cryptoSvc)   // Only for js-ctypes WeaveCrypto.
+    test_makeSECItem();
+  
+  if (this.gczeal) {
+    _("Running crypto tests with gczeal(2).");
+    gczeal(2);
+  }
+  test_bug_617650();
+  test_encrypt_decrypt();
+  if (this.gczeal)
+    gczeal(0);
+}
+
 function multiple_decrypts(iterations) {
   let iv = cryptoSvc.generateRandomIV();
   let key = cryptoSvc.generateRandomKey();
   let cipherText = cryptoSvc.encrypt("Hello, world.", key, iv);
   
   for (let i = 0; i < iterations; ++i) {
     let clearText = cryptoSvc.decrypt(cipherText, key, iv);
     do_check_eq(clearText + " " + i, "Hello, world. " + i);
@@ -40,23 +55,18 @@ function test_makeSECItem() {
   
   let item1 = cryptoSvc.makeSECItem("abcdefghi", false);
   do_check_true(!item1.isNull());
   let intData = ctypes.cast(item1.contents.data, ctypes.uint8_t.array(8).ptr).contents;
   for (let i = 0; i < 8; ++i)
     do_check_eq(intData[i], "abcdefghi".charCodeAt(i));
 }
 
-function run_test() {
-  
-  if ("makeSECItem" in cryptoSvc)   // Only for js-ctypes WeaveCrypto.
-    test_makeSECItem();
-  
-  test_bug_617650();
-  
+function test_encrypt_decrypt() {
+
   // First, do a normal run with expected usage... Generate a random key and
   // iv, encrypt and decrypt a string.
   var iv = cryptoSvc.generateRandomIV();
   do_check_eq(iv.length, 24);
 
   var key = cryptoSvc.generateRandomKey();
   do_check_eq(key.length, 44);
 
--- a/services/crypto/tests/unit/test_crypto_random.js
+++ b/services/crypto/tests/unit/test_crypto_random.js
@@ -4,16 +4,21 @@ try {
   cryptoSvc = new WeaveCrypto();
 } catch (ex) {
   // Fallback to binary WeaveCrypto
   cryptoSvc = Cc["@labs.mozilla.com/Weave/Crypto;1"]
                 .getService(Ci.IWeaveCrypto);
 }
 
 function run_test() {
+  if (this.gczeal) {
+    _("Running crypto random tests with gczeal(2).");
+    gczeal(2);
+  }
+
   // Test salt generation.
   var salt;
 
   salt = cryptoSvc.generateRandomBytes(0);
   do_check_eq(salt.length, 0);
   salt = cryptoSvc.generateRandomBytes(1);
   do_check_eq(salt.length, 4);
   salt = cryptoSvc.generateRandomBytes(2);
@@ -64,9 +69,12 @@ function run_test() {
 
   cryptoSvc.algorithm = Ci.IWeaveCrypto.AES_128_CBC;
   keydata  = cryptoSvc.generateRandomKey();
   do_check_eq(keydata.length, 24);
   keydata2 = cryptoSvc.generateRandomKey();
   do_check_neq(keydata, keydata2); // sanity check for randomness
   iv = cryptoSvc.generateRandomIV();
   do_check_eq(iv.length, 24);
+
+  if (this.gczeal)
+    gczeal(0);
 }
--- a/services/sync/tests/unit/test_utils_deriveKey.js
+++ b/services/sync/tests/unit/test_utils_deriveKey.js
@@ -6,16 +6,23 @@ try {
   // Fallback to binary WeaveCrypto
   cryptoSvc = Cc["@labs.mozilla.com/Weave/Crypto;1"]
                 .getService(Ci.IWeaveCrypto);
 }
 
 Cu.import("resource://services-sync/util.js");
 
 function run_test() {
+  if (this.gczeal) {
+    _("Running deriveKey tests with gczeal(2).");
+    gczeal(2);
+  } else {
+    _("Running deriveKey tests with default gczeal.");
+  }
+
   var iv = cryptoSvc.generateRandomIV();
   var der_passphrase = "secret phrase";
   var der_salt = "RE5YUHpQcGl3bg==";   // btoa("DNXPzPpiwn")
   
   _("Testing deriveKeyFromPassphrase. Input is \"" + der_passphrase + "\", \"" + der_salt + "\" (base64-encoded).");
   
   // Test friendly-ing.
   do_check_eq("abcdefghijk8mn9pqrstuvwxyz234567",
@@ -32,30 +39,35 @@ function run_test() {
   do_check_true(Utils.isPassphrase(
       Utils.normalizePassphrase("9-5WMNU-95TQC-78Z2H-AMKBW-IZQZI")));
     
   // Base64. We don't actually use this in anger, particularly not with a 32-byte key.
   var der_key = Utils.deriveEncodedKeyFromPassphrase(der_passphrase, der_salt);
   _("Derived key in base64: " + der_key);
   do_check_eq(cryptoSvc.decrypt(cryptoSvc.encrypt("bacon", der_key, iv), der_key, iv), "bacon");
   
-  // Test the equivalence of our NSS and JS versions.
-  // Will only work on FF4, of course.
-  do_check_eq(
-      Utils.deriveEncodedKeyFromPassphrase(der_passphrase, der_salt, 16, false),
-      Utils.deriveEncodedKeyFromPassphrase(der_passphrase, der_salt, 16, true));
-  
   // Base64, 16-byte output.
   var der_key = Utils.deriveEncodedKeyFromPassphrase(der_passphrase, der_salt, 16);
   _("Derived key in base64: " + der_key);
   do_check_eq("d2zG0d2cBfXnRwMUGyMwyg==", der_key);
   do_check_eq(cryptoSvc.decrypt(cryptoSvc.encrypt("bacon", der_key, iv), der_key, iv), "bacon");
 
   // Base32. Again, specify '16' to avoid it generating a 256-bit key string.
   var b32key = Utils.derivePresentableKeyFromPassphrase(der_passphrase, der_salt, 16);
   var hyphenated = Utils.hyphenatePassphrase(b32key);
   do_check_true(Utils.isPassphrase(b32key));
   
   _("Derived key in base32: " + b32key);
   do_check_eq(b32key.length, 26);
   do_check_eq(hyphenated.length, 31);  // 1 char, plus 5 groups of 5, hyphenated = 5 + (5*5) + 1 = 31.
   do_check_eq(hyphenated, "9-5wmnu-95tqc-78z2h-amkbw-izqzi");
+
+  if (this.gczeal)
+    gczeal(0);
+
+  // Test the equivalence of our NSS and JS versions.
+  // Will only work on FF4, of course.
+  // Note that we don't add gczeal here: the pure-JS implementation is
+  // astonishingly slow, and this check takes five minutes to run.
+  do_check_eq(
+      Utils.deriveEncodedKeyFromPassphrase(der_passphrase, der_salt, 16, false),
+      Utils.deriveEncodedKeyFromPassphrase(der_passphrase, der_salt, 16, true));
 }