[Nfd-dev] ndn-cxx Bug 4808
Ernest Andrew McCracken (emccrckn)
emccrckn at memphis.edu
Mon Jan 21 14:39:17 PST 2019
Opinion B. We shouldn't be in the business of writing unit tests for trusted 3rd party libraries within our code.
________________________________
From: Nfd-dev <nfd-dev-bounces at lists.cs.ucla.edu> on behalf of Junxiao Shi <shijunxiao at email.arizona.edu>
Sent: Monday, January 21, 2019 2:57:39 PM
To: Alex Afanasyev
Cc: nfd-dev at lists.cs.ucla.edu
Subject: Re: [Nfd-dev] ndn-cxx Bug 4808
Hi Alex
The existence of every line of code requires a failing test. What test prevents one from writing "return 0;" or "static uint32_t i; return i++;" as the random number generator function?
https://gerrit.named-data.net/5134 has fixed the test such that its failure rate is less than 0.01%. I see no reason rejecting it.
There are tests that checks that the encryption/decryption can accept a hard-coded ciphertext, and that the SHA256 digest equals a value specified in the standard.
https://github.com/named-data/ndn-cxx/blob/c53df03ff33bcfc59d6630b6f8aaa9e3d5eaada9/tests/unit/security/transform/private-key.t.cpp#L292-L316
https://github.com/named-data/ndn-cxx/blob/c53df03ff33bcfc59d6630b6f8aaa9e3d5eaada9/tests/unit/security/transform/digest-filter.t.cpp#L59-L64
Yours, Junxiao
On Mon, Jan 21, 2019 at 3:31 PM Alex Afanasyev <aa at cs.fiu.edu<mailto:aa at cs.fiu.edu>> wrote:
Such a test does not really belong to our library. Yes, we need to know that random generator on a platform behaves correctly, but given that we are using a 3rd party library for that (and ndn-cxx is merely a convenience interface to openssl), we are relying on a 3rd party to do the job correctly. If we extend this "disagreement" further, we can have a tons of other ridiculous tests: that encrypted value is indeed encrypted and cannot be decoded; that signature cannot be easily cracked; that SHA256 digest has proper entropy properties; and so on and so forth. So far, the test we had "in a soft" state had no meaning and even if "fixed" would have little meaning (there is nothing we can change, really); the failed hard test only hinders other meaningful checks.
--
Alex
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.lists.cs.ucla.edu/pipermail/nfd-dev/attachments/20190121/2c68e408/attachment.html>
More information about the Nfd-dev
mailing list