| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "crypto/p224_spake.h" | |
| 6 | |
| 7 #include <string> | |
| 8 | |
| 9 #include "base/logging.h" | |
| 10 #include "base/strings/string_number_conversions.h" | |
| 11 #include "testing/gtest/include/gtest/gtest.h" | |
| 12 | |
| 13 namespace crypto { | |
| 14 | |
| 15 namespace { | |
| 16 | |
| 17 std::string HexEncodeString(const std::string& binary_data) { | |
| 18 return base::HexEncode(binary_data.c_str(), binary_data.size()); | |
| 19 } | |
| 20 | |
| 21 bool RunExchange(P224EncryptedKeyExchange* client, | |
| 22 P224EncryptedKeyExchange* server, | |
| 23 bool is_password_same) { | |
| 24 for (;;) { | |
| 25 std::string client_message, server_message; | |
| 26 client_message = client->GetNextMessage(); | |
| 27 server_message = server->GetNextMessage(); | |
| 28 | |
| 29 P224EncryptedKeyExchange::Result client_result, server_result; | |
| 30 client_result = client->ProcessMessage(server_message); | |
| 31 server_result = server->ProcessMessage(client_message); | |
| 32 | |
| 33 // Check that we never hit the case where only one succeeds. | |
| 34 EXPECT_EQ(client_result == P224EncryptedKeyExchange::kResultSuccess, | |
| 35 server_result == P224EncryptedKeyExchange::kResultSuccess); | |
| 36 | |
| 37 if (client_result == P224EncryptedKeyExchange::kResultFailed || | |
| 38 server_result == P224EncryptedKeyExchange::kResultFailed) { | |
| 39 return false; | |
| 40 } | |
| 41 | |
| 42 EXPECT_EQ(is_password_same, | |
| 43 client->GetUnverifiedKey() == server->GetUnverifiedKey()); | |
| 44 | |
| 45 if (client_result == P224EncryptedKeyExchange::kResultSuccess && | |
| 46 server_result == P224EncryptedKeyExchange::kResultSuccess) { | |
| 47 return true; | |
| 48 } | |
| 49 | |
| 50 EXPECT_EQ(P224EncryptedKeyExchange::kResultPending, client_result); | |
| 51 EXPECT_EQ(P224EncryptedKeyExchange::kResultPending, server_result); | |
| 52 } | |
| 53 } | |
| 54 | |
| 55 const char kPassword[] = "foo"; | |
| 56 | |
| 57 } // namespace | |
| 58 | |
| 59 TEST(MutualAuth, CorrectAuth) { | |
| 60 P224EncryptedKeyExchange client( | |
| 61 P224EncryptedKeyExchange::kPeerTypeClient, kPassword); | |
| 62 P224EncryptedKeyExchange server( | |
| 63 P224EncryptedKeyExchange::kPeerTypeServer, kPassword); | |
| 64 | |
| 65 EXPECT_TRUE(RunExchange(&client, &server, true)); | |
| 66 EXPECT_EQ(client.GetKey(), server.GetKey()); | |
| 67 } | |
| 68 | |
| 69 TEST(MutualAuth, IncorrectPassword) { | |
| 70 P224EncryptedKeyExchange client( | |
| 71 P224EncryptedKeyExchange::kPeerTypeClient, | |
| 72 kPassword); | |
| 73 P224EncryptedKeyExchange server( | |
| 74 P224EncryptedKeyExchange::kPeerTypeServer, | |
| 75 "wrongpassword"); | |
| 76 | |
| 77 EXPECT_FALSE(RunExchange(&client, &server, false)); | |
| 78 } | |
| 79 | |
| 80 TEST(MutualAuth, ExpectedValues) { | |
| 81 P224EncryptedKeyExchange client(P224EncryptedKeyExchange::kPeerTypeClient, | |
| 82 kPassword); | |
| 83 client.SetXForTesting("Client x"); | |
| 84 P224EncryptedKeyExchange server(P224EncryptedKeyExchange::kPeerTypeServer, | |
| 85 kPassword); | |
| 86 server.SetXForTesting("Server x"); | |
| 87 | |
| 88 std::string client_message = client.GetNextMessage(); | |
| 89 EXPECT_EQ( | |
| 90 "3508EF7DECC8AB9F9C439FBB0154288BBECC0A82E8448F4CF29554EB" | |
| 91 "BE9D486686226255EAD1D077C635B1A41F46AC91D7F7F32CED9EC3E0", | |
| 92 HexEncodeString(client_message)); | |
| 93 | |
| 94 std::string server_message = server.GetNextMessage(); | |
| 95 EXPECT_EQ( | |
| 96 "A3088C18B75D2C2B107105661AEC85424777475EB29F1DDFB8C14AFB" | |
| 97 "F1603D0DF38413A00F420ACF2059E7997C935F5A957A193D09A2B584", | |
| 98 HexEncodeString(server_message)); | |
| 99 | |
| 100 EXPECT_EQ(P224EncryptedKeyExchange::kResultPending, | |
| 101 client.ProcessMessage(server_message)); | |
| 102 EXPECT_EQ(P224EncryptedKeyExchange::kResultPending, | |
| 103 server.ProcessMessage(client_message)); | |
| 104 | |
| 105 EXPECT_EQ(client.GetUnverifiedKey(), server.GetUnverifiedKey()); | |
| 106 // Must stay the same. External implementations should be able to pair with. | |
| 107 EXPECT_EQ( | |
| 108 "CE7CCFC435CDA4F01EC8826788B1F8B82EF7D550A34696B371096E64" | |
| 109 "C487D4FE193F7D1A6FF6820BC7F807796BA3889E8F999BBDEFC32FFA", | |
| 110 HexEncodeString(server.GetUnverifiedKey())); | |
| 111 | |
| 112 EXPECT_TRUE(RunExchange(&client, &server, true)); | |
| 113 EXPECT_EQ(client.GetKey(), server.GetKey()); | |
| 114 } | |
| 115 | |
| 116 TEST(MutualAuth, Fuzz) { | |
| 117 static const unsigned kIterations = 40; | |
| 118 | |
| 119 for (unsigned i = 0; i < kIterations; i++) { | |
| 120 P224EncryptedKeyExchange client( | |
| 121 P224EncryptedKeyExchange::kPeerTypeClient, kPassword); | |
| 122 P224EncryptedKeyExchange server( | |
| 123 P224EncryptedKeyExchange::kPeerTypeServer, kPassword); | |
| 124 | |
| 125 // We'll only be testing small values of i, but we don't want that to bias | |
| 126 // the test coverage. So we disperse the value of i by multiplying by the | |
| 127 // FNV, 32-bit prime, producing a poor-man's PRNG. | |
| 128 const uint32 rand = i * 16777619; | |
| 129 | |
| 130 for (unsigned round = 0;; round++) { | |
| 131 std::string client_message, server_message; | |
| 132 client_message = client.GetNextMessage(); | |
| 133 server_message = server.GetNextMessage(); | |
| 134 | |
| 135 if ((rand & 1) == round) { | |
| 136 const bool server_or_client = rand & 2; | |
| 137 std::string* m = server_or_client ? &server_message : &client_message; | |
| 138 if (rand & 4) { | |
| 139 // Truncate | |
| 140 *m = m->substr(0, (i >> 3) % m->size()); | |
| 141 } else { | |
| 142 // Corrupt | |
| 143 const size_t bits = m->size() * 8; | |
| 144 const size_t bit_to_corrupt = (rand >> 3) % bits; | |
| 145 const_cast<char*>(m->data())[bit_to_corrupt / 8] ^= | |
| 146 1 << (bit_to_corrupt % 8); | |
| 147 } | |
| 148 } | |
| 149 | |
| 150 P224EncryptedKeyExchange::Result client_result, server_result; | |
| 151 client_result = client.ProcessMessage(server_message); | |
| 152 server_result = server.ProcessMessage(client_message); | |
| 153 | |
| 154 // If we have corrupted anything, we expect the authentication to fail, | |
| 155 // although one side can succeed if we happen to corrupt the second round | |
| 156 // message to the other. | |
| 157 ASSERT_FALSE( | |
| 158 client_result == P224EncryptedKeyExchange::kResultSuccess && | |
| 159 server_result == P224EncryptedKeyExchange::kResultSuccess); | |
| 160 | |
| 161 if (client_result == P224EncryptedKeyExchange::kResultFailed || | |
| 162 server_result == P224EncryptedKeyExchange::kResultFailed) { | |
| 163 break; | |
| 164 } | |
| 165 | |
| 166 ASSERT_EQ(P224EncryptedKeyExchange::kResultPending, | |
| 167 client_result); | |
| 168 ASSERT_EQ(P224EncryptedKeyExchange::kResultPending, | |
| 169 server_result); | |
| 170 } | |
| 171 } | |
| 172 } | |
| 173 | |
| 174 } // namespace crypto | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 956613002:
Reland "Cut down /crypto and switch what is left of it to boringssl". (Closed)
Base URL: git@github.com:domokit/mojo.git@master