125 lines
3.4 KiB
C
125 lines
3.4 KiB
C
/* BEGIN_HEADER */
|
|
/** \file test_suite_constant_time.function
|
|
*
|
|
* Functional testing of functions in the constant_time module.
|
|
*
|
|
* The tests are instrumented with #TEST_CF_SECRET and #TEST_CF_PUBLIC
|
|
* (see tests/include/test/constant_flow.h) so that running the tests
|
|
* under MSan or Valgrind will detect a non-constant-time implementation.
|
|
*/
|
|
|
|
#include <mbedtls/constant_time.h>
|
|
#include <constant_time_internal.h>
|
|
#include <constant_time_invasive.h>
|
|
|
|
#include <test/constant_flow.h>
|
|
/* END_HEADER */
|
|
|
|
#include <stdio.h>
|
|
|
|
/* BEGIN_CASE */
|
|
void mbedtls_ct_memcmp_null()
|
|
{
|
|
uint32_t x;
|
|
TEST_ASSERT(mbedtls_ct_memcmp(&x, NULL, 0) == 0);
|
|
TEST_ASSERT(mbedtls_ct_memcmp(NULL, &x, 0) == 0);
|
|
TEST_ASSERT(mbedtls_ct_memcmp(NULL, NULL, 0) == 0);
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE */
|
|
void mbedtls_ct_memcmp(int same, int size, int offset)
|
|
{
|
|
uint8_t *a = NULL, *b = NULL;
|
|
ASSERT_ALLOC(a, size + offset);
|
|
ASSERT_ALLOC(b, size + offset);
|
|
|
|
TEST_CF_SECRET(a + offset, size);
|
|
TEST_CF_SECRET(b + offset, size);
|
|
|
|
for (int i = 0; i < size + offset; i++) {
|
|
a[i] = i & 0xff;
|
|
b[i] = (i & 0xff) + (same ? 0 : 1);
|
|
}
|
|
|
|
int reference = memcmp(a + offset, b + offset, size);
|
|
int actual = mbedtls_ct_memcmp(a + offset, b + offset, size);
|
|
TEST_CF_PUBLIC(a + offset, size);
|
|
TEST_CF_PUBLIC(b + offset, size);
|
|
|
|
if (same != 0) {
|
|
TEST_ASSERT(reference == 0);
|
|
TEST_ASSERT(actual == 0);
|
|
} else {
|
|
TEST_ASSERT(reference != 0);
|
|
TEST_ASSERT(actual != 0);
|
|
}
|
|
exit:
|
|
mbedtls_free(a);
|
|
mbedtls_free(b);
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_SSL_SOME_SUITES_USE_MAC */
|
|
void mbedtls_ct_memcpy_if_eq(int eq, int size, int offset)
|
|
{
|
|
uint8_t *src = NULL, *result = NULL, *expected = NULL;
|
|
ASSERT_ALLOC(src, size + offset);
|
|
ASSERT_ALLOC(result, size + offset);
|
|
ASSERT_ALLOC(expected, size + offset);
|
|
|
|
for (int i = 0; i < size + offset; i++) {
|
|
src[i] = 1;
|
|
result[i] = 0xff;
|
|
expected[i] = eq ? 1 : 0xff;
|
|
}
|
|
|
|
mbedtls_ct_memcpy_if_eq(result + offset, src, size, eq, 1);
|
|
ASSERT_COMPARE(expected, size, result + offset, size);
|
|
|
|
for (int i = 0; i < size + offset; i++) {
|
|
src[i] = 1;
|
|
result[i] = 0xff;
|
|
expected[i] = eq ? 1 : 0xff;
|
|
}
|
|
mbedtls_ct_memcpy_if_eq(result, src + offset, size, eq, 1);
|
|
ASSERT_COMPARE(expected, size, result, size);
|
|
|
|
exit:
|
|
mbedtls_free(src);
|
|
mbedtls_free(result);
|
|
mbedtls_free(expected);
|
|
}
|
|
/* END_CASE */
|
|
|
|
/* BEGIN_CASE depends_on:MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC:MBEDTLS_TEST_HOOKS */
|
|
void ssl_cf_memcpy_offset(int offset_min, int offset_max, int len)
|
|
{
|
|
unsigned char *dst = NULL;
|
|
unsigned char *src = NULL;
|
|
size_t src_len = offset_max + len;
|
|
size_t secret;
|
|
|
|
ASSERT_ALLOC(dst, len);
|
|
ASSERT_ALLOC(src, src_len);
|
|
|
|
/* Fill src in a way that we can detect if we copied the right bytes */
|
|
mbedtls_test_rnd_std_rand(NULL, src, src_len);
|
|
|
|
for (secret = offset_min; secret <= (size_t) offset_max; secret++) {
|
|
mbedtls_test_set_step((int) secret);
|
|
|
|
TEST_CF_SECRET(&secret, sizeof(secret));
|
|
mbedtls_ct_memcpy_offset(dst, src, secret,
|
|
offset_min, offset_max, len);
|
|
TEST_CF_PUBLIC(&secret, sizeof(secret));
|
|
TEST_CF_PUBLIC(dst, len);
|
|
|
|
ASSERT_COMPARE(dst, len, src + secret, len);
|
|
}
|
|
|
|
exit:
|
|
mbedtls_free(dst);
|
|
mbedtls_free(src);
|
|
}
|
|
/* END_CASE */
|