Add basic asymmetric roundtrip tests #4314
Draft
+304
−4
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Pull Request Dependencies
Description
This piggy-backs on the
PK_Key_Generation_Test
to perform basic roundtrip tests for Sign/Verify, Encrypt/Decrypt, Encaps/Decaps, and Key Agreement, depending on the capabilities of the keys.The goal is explicitly not to be an exhaustive test but rather be a centralized sanity-check for the PK_*** operators and their meta-data methods. We added it mostly to serve as a place for testing whether the new
set_associated_data()
setting survives multiple signature/verify operations; and figured that it doesn't hurt to roundtrip-test all the other flavors as well.This could probably also replace some of the roundtrip-tests in the new PQ implementations. We'll look into cleaning up their test harnesses after the FIPSes are implemented and merged.
Caveat
We'll have to have a look at whether that adds too much time to the test harness. Edit: it almost doubles the runtime of the entire unit test harness on my laptop. That's probably not okay! Hence, in test runs that don't set
--run-long-tests
we only run those roundtrips for the first parameter set of each algorithm.