ietf-openpgp
[Top] [All Lists]

Re: [openpgp] The combinatorial complexity of OpenPGPv4

2015-03-16 08:46:45
David Leon Gil <coruus(_at_)gmail(_dot_)com> writes:

Suppose that I want to test whether an implementation
handles all OpenPGPv4 signed-then-encrypted messages
correctly. How many test cases do I need?

Generally?  One per packet-trail (which is, effectively, only a
handful).  If all you're doing is changing out the crypto and not the
packet structure then unit tests work perfectly for that.  You only need
to do integration tests for the packet formats!  That's the amazing
thing about how OpenPGP was designed.

Let's suppose, first, that I prove that handling of
PTag formats is independent of the rest of the code.

In that case, the packet composition is either:

    PKESK
    SEIPD
      COMPRESSED
      LITERAL
      SIGNATURE
    MDC

Or:

    PKESK
    SE
      COMPRESSED
      LITERAL
      SIGNATURE

How many different ways can I compose this message?

TWO!  See above.

You can unit-test the crypto.  Changing from AES to Blowfish doesn't
change any of your processing code, the only change is the crypto within
the decryptor module.  But you've already validating that the crypto
works, and you've validated that the decryption module works,
so... you're done.

-derek
-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord(_at_)MIT(_dot_)EDU                        PGP key available

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp