net: add low-entropy, shared secret authentication protocol.

crypto/mutual_auth_unittest.cc

Index: crypto/mutual_auth_unittest.cc
diff --git a/crypto/mutual_auth_unittest.cc b/crypto/mutual_auth_unittest.cc
new file mode 100644
index 0000000000000000000000000000000000000000..4ae98efec796891d61f3975a9c8849540ed4a4fa
--- /dev/null
+++ b/crypto/mutual_auth_unittest.cc
@@ -0,0 +1,76 @@
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include <crypto/mutual_auth.h>
+
+#include "base/logging.h"
+#include "testing/gtest/include/gtest/gtest.h"
+
+using namespace crypto;
+
+bool RunExchange(SharedSecretMutualAuthentication* client,
+                 SharedSecretMutualAuthentication* server) {

[Wez, 2011/11/09 22:43:46]

This method checks that one or other side of the authentication exchange fails;
it doesn't verify that _both_ sides fail, which I think is something we should
check given the mutual-auth goal.

We also don't have a test for a malicious peer sending a scalar chosen to b0rk
us (presumably something not on the curve?)?

[agl, 2011/11/10 17:18:19]

Done.
See fuzz test, below.

+  for (;;) {
+    std::string clients_message, servers_message;

[Wez, 2011/11/09 22:43:46]

nit: Clearer to lose the 's's, since you don't have the luxury of apostrophes.

[agl, 2011/11/10 17:18:19]

Done.

+    clients_message = client->GetMessage();
+    servers_message = server->GetMessage();
+
+    SharedSecretMutualAuthentication::Result client_result, server_result;
+    client_result = client->ProcessMessage(servers_message);
+    server_result = server->ProcessMessage(clients_message);
+
+    if (client_result == SharedSecretMutualAuthentication::kResultFailed ||
+        server_result == SharedSecretMutualAuthentication::kResultFailed) {
+      return false;
+    }
+
+    if (client_result == SharedSecretMutualAuthentication::kResultSuccess &&
+        server_result == SharedSecretMutualAuthentication::kResultSuccess) {
+      return true;
+    }
+
+    CHECK(SharedSecretMutualAuthentication::kResultPending == client_result);

[Wez, 2011/11/09 22:43:46]

CHECK -> CHECK_EQ?

[agl, 2011/11/10 17:18:19]

Done.

+    CHECK(SharedSecretMutualAuthentication::kResultPending == server_result);
+  }
+}
+
+TEST(MutualAuth, CorrectAuth) {
+  std::string password = "foo";
+  std::string session = "bar";

[Wez, 2011/11/09 22:43:46]

nit: Consider moving the |password| and |session| constants to static const
char* |password1| ("foo"), |password2| ("foo2") and similarly |session1|,
|session2|.

[agl, 2011/11/10 17:18:19]

Done.

+
+  SharedSecretMutualAuthentication client(
+      SharedSecretMutualAuthentication::kClient,
+      password, session);
+  SharedSecretMutualAuthentication server(
+      SharedSecretMutualAuthentication::kServer,
+      password, session);
+
+  EXPECT_TRUE(RunExchange(&client, &server));
+}
+
+TEST(MutualAuth, IncorrectPassword) {
+  std::string session = "bar";
+
+  SharedSecretMutualAuthentication client(
+      SharedSecretMutualAuthentication::kClient,
+      "foo", session);
+  SharedSecretMutualAuthentication server(
+      SharedSecretMutualAuthentication::kServer,
+      "foo2", session);
+
+  EXPECT_FALSE(RunExchange(&client, &server));
+}
+
+TEST(MutualAuth, IncorrectSession) {
+  std::string password = "foo";
+
+  SharedSecretMutualAuthentication client(
+      SharedSecretMutualAuthentication::kClient,
+      password, "bar");
+  SharedSecretMutualAuthentication server(
+      SharedSecretMutualAuthentication::kServer,
+      password, "bar2");
+
+  EXPECT_FALSE(RunExchange(&client, &server));
+}