| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <string> | 5 #include <string> |
| 6 #include <crypto/p224_spake.h> | 6 #include <crypto/p224_spake.h> |
| 7 | 7 |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "testing/gtest/include/gtest/gtest.h" | 9 #include "testing/gtest/include/gtest/gtest.h" |
| 10 | 10 |
| 11 namespace crypto { | 11 namespace crypto { |
| 12 | 12 |
| 13 namespace { | 13 namespace { |
| 14 | 14 |
| 15 bool RunExchange(P224EncryptedKeyExchange* client, | 15 bool RunExchange(P224EncryptedKeyExchange* client, |
| 16 P224EncryptedKeyExchange* server) { | 16 P224EncryptedKeyExchange* server, |
| 17 bool is_password_same) { |
| 17 for (;;) { | 18 for (;;) { |
| 18 std::string client_message, server_message; | 19 std::string client_message, server_message; |
| 19 client_message = client->GetMessage(); | 20 client_message = client->GetMessage(); |
| 20 server_message = server->GetMessage(); | 21 server_message = server->GetMessage(); |
| 21 | 22 |
| 22 P224EncryptedKeyExchange::Result client_result, server_result; | 23 P224EncryptedKeyExchange::Result client_result, server_result; |
| 23 client_result = client->ProcessMessage(server_message); | 24 client_result = client->ProcessMessage(server_message); |
| 24 server_result = server->ProcessMessage(client_message); | 25 server_result = server->ProcessMessage(client_message); |
| 25 | 26 |
| 26 // Check that we never hit the case where only one succeeds. | 27 // Check that we never hit the case where only one succeeds. |
| 27 if ((client_result == P224EncryptedKeyExchange::kResultSuccess) ^ | 28 EXPECT_EQ(client_result == P224EncryptedKeyExchange::kResultSuccess, |
| 28 (server_result == P224EncryptedKeyExchange::kResultSuccess)) { | 29 server_result == P224EncryptedKeyExchange::kResultSuccess); |
| 29 CHECK(false) << "Parties differ on whether authentication was successful"; | |
| 30 } | |
| 31 | 30 |
| 32 if (client_result == P224EncryptedKeyExchange::kResultFailed || | 31 if (client_result == P224EncryptedKeyExchange::kResultFailed || |
| 33 server_result == P224EncryptedKeyExchange::kResultFailed) { | 32 server_result == P224EncryptedKeyExchange::kResultFailed) { |
| 34 return false; | 33 return false; |
| 35 } | 34 } |
| 36 | 35 |
| 36 EXPECT_EQ(is_password_same, |
| 37 client->GetUnverifiedKey() == server->GetUnverifiedKey()); |
| 38 |
| 37 if (client_result == P224EncryptedKeyExchange::kResultSuccess && | 39 if (client_result == P224EncryptedKeyExchange::kResultSuccess && |
| 38 server_result == P224EncryptedKeyExchange::kResultSuccess) { | 40 server_result == P224EncryptedKeyExchange::kResultSuccess) { |
| 39 return true; | 41 return true; |
| 40 } | 42 } |
| 41 | 43 |
| 42 CHECK_EQ(P224EncryptedKeyExchange::kResultPending, client_result); | 44 EXPECT_EQ(P224EncryptedKeyExchange::kResultPending, client_result); |
| 43 CHECK_EQ(P224EncryptedKeyExchange::kResultPending, server_result); | 45 EXPECT_EQ(P224EncryptedKeyExchange::kResultPending, server_result); |
| 44 } | 46 } |
| 45 } | 47 } |
| 46 | 48 |
| 47 const char kPassword[] = "foo"; | 49 const char kPassword[] = "foo"; |
| 48 | 50 |
| 49 } // namespace | 51 } // namespace |
| 50 | 52 |
| 51 TEST(MutualAuth, CorrectAuth) { | 53 TEST(MutualAuth, CorrectAuth) { |
| 52 P224EncryptedKeyExchange client( | 54 P224EncryptedKeyExchange client( |
| 53 P224EncryptedKeyExchange::kPeerTypeClient, kPassword); | 55 P224EncryptedKeyExchange::kPeerTypeClient, kPassword); |
| 54 P224EncryptedKeyExchange server( | 56 P224EncryptedKeyExchange server( |
| 55 P224EncryptedKeyExchange::kPeerTypeServer, kPassword); | 57 P224EncryptedKeyExchange::kPeerTypeServer, kPassword); |
| 56 | 58 |
| 57 EXPECT_TRUE(RunExchange(&client, &server)); | 59 EXPECT_TRUE(RunExchange(&client, &server, true)); |
| 58 EXPECT_EQ(client.GetKey(), server.GetKey()); | 60 EXPECT_EQ(client.GetKey(), server.GetKey()); |
| 59 } | 61 } |
| 60 | 62 |
| 61 TEST(MutualAuth, IncorrectPassword) { | 63 TEST(MutualAuth, IncorrectPassword) { |
| 62 P224EncryptedKeyExchange client( | 64 P224EncryptedKeyExchange client( |
| 63 P224EncryptedKeyExchange::kPeerTypeClient, | 65 P224EncryptedKeyExchange::kPeerTypeClient, |
| 64 kPassword); | 66 kPassword); |
| 65 P224EncryptedKeyExchange server( | 67 P224EncryptedKeyExchange server( |
| 66 P224EncryptedKeyExchange::kPeerTypeServer, | 68 P224EncryptedKeyExchange::kPeerTypeServer, |
| 67 "wrongpassword"); | 69 "wrongpassword"); |
| 68 | 70 |
| 69 EXPECT_FALSE(RunExchange(&client, &server)); | 71 EXPECT_FALSE(RunExchange(&client, &server, false)); |
| 70 } | 72 } |
| 71 | 73 |
| 72 TEST(MutualAuth, Fuzz) { | 74 TEST(MutualAuth, Fuzz) { |
| 73 static const unsigned kIterations = 40; | 75 static const unsigned kIterations = 40; |
| 74 | 76 |
| 75 for (unsigned i = 0; i < kIterations; i++) { | 77 for (unsigned i = 0; i < kIterations; i++) { |
| 76 P224EncryptedKeyExchange client( | 78 P224EncryptedKeyExchange client( |
| 77 P224EncryptedKeyExchange::kPeerTypeClient, kPassword); | 79 P224EncryptedKeyExchange::kPeerTypeClient, kPassword); |
| 78 P224EncryptedKeyExchange server( | 80 P224EncryptedKeyExchange server( |
| 79 P224EncryptedKeyExchange::kPeerTypeServer, kPassword); | 81 P224EncryptedKeyExchange::kPeerTypeServer, kPassword); |
| (...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 121 | 123 |
| 122 ASSERT_EQ(P224EncryptedKeyExchange::kResultPending, | 124 ASSERT_EQ(P224EncryptedKeyExchange::kResultPending, |
| 123 client_result); | 125 client_result); |
| 124 ASSERT_EQ(P224EncryptedKeyExchange::kResultPending, | 126 ASSERT_EQ(P224EncryptedKeyExchange::kResultPending, |
| 125 server_result); | 127 server_result); |
| 126 } | 128 } |
| 127 } | 129 } |
| 128 } | 130 } |
| 129 | 131 |
| 130 } // namespace crypto | 132 } // namespace crypto |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 761663004:
Allow to get key from SPAKE2 after the first round trip. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master