crypto/mutual_auth_unittest.cc - Issue 8499032: net: add low-entropy, shared secret authentication protocol.

Side by Side Diff: crypto/mutual_auth_unittest.cc

Issue 8499032: net: add low-entropy, shared secret authentication protocol. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Created 9 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
(Empty)
	1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #include <crypto/mutual_auth.h>

	6

	7 #include "base/logging.h"

	8 #include "testing/gtest/include/gtest/gtest.h"

	9

	10 using namespace crypto;

	11

	12 bool RunExchange(SharedSecretMutualAuthentication* client,

	13 SharedSecretMutualAuthentication* server) {
	Wez 2011/11/09 22:43:46 This method checks that one or other side of the a This method checks that one or other side of the authentication exchange fails; it doesn't verify that _both_ sides fail, which I think is something we should check given the mutual-auth goal. We also don't have a test for a malicious peer sending a scalar chosen to b0rk us (presumably something not on the curve?)? agl 2011/11/10 17:18:19 Done. Show quoted text On 2011/11/09 22:43:46, Wez wrote: > This method checks that one or other side of the authentication exchange fails; > it doesn't verify that _both_ sides fail, which I think is something we should > check given the mutual-auth goal. Done. Show quoted text > We also don't have a test for a malicious peer sending a scalar chosen to b0rk > us (presumably something not on the curve?)? See fuzz test, below.
	14 for (;;) {

	15 std::string clients_message, servers_message;
	Wez 2011/11/09 22:43:46 nit: Clearer to lose the 's's, since you don't hav nit: Clearer to lose the 's's, since you don't have the luxury of apostrophes. agl 2011/11/10 17:18:19 Done. Show quoted text On 2011/11/09 22:43:46, Wez wrote: > nit: Clearer to lose the 's's, since you don't have the luxury of apostrophes. Done.
	16 clients_message = client->GetMessage();

	17 servers_message = server->GetMessage();

	18

	19 SharedSecretMutualAuthentication::Result client_result, server_result;

	20 client_result = client->ProcessMessage(servers_message);

	21 server_result = server->ProcessMessage(clients_message);

	22

	23 if (client_result == SharedSecretMutualAuthentication::kResultFailed \|\|

	24 server_result == SharedSecretMutualAuthentication::kResultFailed) {

	25 return false;

	26 }

	27

	28 if (client_result == SharedSecretMutualAuthentication::kResultSuccess &&

	29 server_result == SharedSecretMutualAuthentication::kResultSuccess) {

	30 return true;

	31 }

	32

	33 CHECK(SharedSecretMutualAuthentication::kResultPending == client_result);
	Wez 2011/11/09 22:43:46 CHECK -> CHECK_EQ? CHECK -> CHECK_EQ? agl 2011/11/10 17:18:19 Done. Show quoted text On 2011/11/09 22:43:46, Wez wrote: > CHECK -> CHECK_EQ? Done.
	34 CHECK(SharedSecretMutualAuthentication::kResultPending == server_result);

	35 }

	36 }

	37

	38 TEST(MutualAuth, CorrectAuth) {

	39 std::string password = "foo";

	40 std::string session = "bar";
	Wez 2011/11/09 22:43:46 nit: Consider moving the \|password\| and \|session\| nit: Consider moving the \|password\| and \|session\| constants to static const char* \|password1\| ("foo"), \|password2\| ("foo2") and similarly \|session1\|, \|session2\|. agl 2011/11/10 17:18:19 Done. Show quoted text On 2011/11/09 22:43:46, Wez wrote: > nit: Consider moving the \|password\| and \|session\| constants to static const > char* \|password1\| ("foo"), \|password2\| ("foo2") and similarly \|session1\|, > \|session2\|. Done.
	41

	42 SharedSecretMutualAuthentication client(

	43 SharedSecretMutualAuthentication::kClient,

	44 password, session);

	45 SharedSecretMutualAuthentication server(

	46 SharedSecretMutualAuthentication::kServer,

	47 password, session);

	48

	49 EXPECT_TRUE(RunExchange(&client, &server));

	50 }

	51

	52 TEST(MutualAuth, IncorrectPassword) {

	53 std::string session = "bar";

	54

	55 SharedSecretMutualAuthentication client(

	56 SharedSecretMutualAuthentication::kClient,

	57 "foo", session);

	58 SharedSecretMutualAuthentication server(

	59 SharedSecretMutualAuthentication::kServer,

	60 "foo2", session);

	61

	62 EXPECT_FALSE(RunExchange(&client, &server));

	63 }

	64

	65 TEST(MutualAuth, IncorrectSession) {

	66 std::string password = "foo";

	67

	68 SharedSecretMutualAuthentication client(

	69 SharedSecretMutualAuthentication::kClient,

	70 password, "bar");

	71 SharedSecretMutualAuthentication server(

	72 SharedSecretMutualAuthentication::kServer,

	73 password, "bar2");

	74

	75 EXPECT_FALSE(RunExchange(&client, &server));

	76 }

OLD	NEW

« crypto/mutual_auth.cc ('K') | « crypto/mutual_auth.cc ('k') | crypto/p224.h » ('j') | no next file with comments »