mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-31 19:21:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Create a separate test suite for constant-time functions

Browse Source 
This is the first step in arranging that functions from constant_time.c are
tested in test_suite_constant_time.function.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2022-11-29 15:44:21 +01:00
parent 77e68c3176
commit 3ffd6bce81
4 changed files with 60 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
tests/suites/test_suite_constant_time.data Normal file
View File

@ -0,0 +1,11 @@
# these are the numbers we'd get with an empty plaintext and truncated HMAC
Constant-flow memcpy from offset: small
ssl_cf_memcpy_offset:0:5:10
# we could get this with 255-bytes plaintext and untruncated SHA-256
Constant-flow memcpy from offset: medium
ssl_cf_memcpy_offset:0:255:32
# we could get this with 255-bytes plaintext and untruncated SHA-384
Constant-flow memcpy from offset: large
ssl_cf_memcpy_offset:100:339:48

49
tests/suites/test_suite_constant_time.function Normal file
View File

@ -0,0 +1,49 @@
/* BEGIN_HEADER */
/** \file test_suite_constant_time.function
*
* Functional testing of functions in the constant_time module.
*
* The tests are instrumented with #TEST_CF_SECRET and #TEST_CF_PUBLIC
* (see tests/include/test/constant_flow.h) so that running the tests
* under MSan or Valgrind will detect a non-constant-time implementation.
*/
#include <mbedtls/constant_time.h>
#include <constant_time_internal.h>
#include <constant_time_invasive.h>
#include <test/constant_flow.h>
/* END_HEADER */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC:MBEDTLS_TEST_HOOKS */
void ssl_cf_memcpy_offset( int offset_min, int offset_max, int len )
{
unsigned char *dst = NULL;
unsigned char *src = NULL;
size_t src_len = offset_max + len;
size_t secret;
ASSERT_ALLOC( dst, len );
ASSERT_ALLOC( src, src_len );
/* Fill src in a way that we can detect if we copied the right bytes */
mbedtls_test_rnd_std_rand( NULL, src, src_len );
for( secret = offset_min; secret <= (size_t) offset_max; secret++ )
{
mbedtls_test_set_step( (int) secret );
TEST_CF_SECRET( &secret, sizeof( secret ) );
mbedtls_ct_memcpy_offset( dst, src, secret,
offset_min, offset_max, len );
TEST_CF_PUBLIC( &secret, sizeof( secret ) );
TEST_CF_PUBLIC( dst, len );
ASSERT_COMPARE( dst, len, src + secret, len );
}
exit:
mbedtls_free( dst );
mbedtls_free( src );
}
/* END_CASE */

12
tests/suites/test_suite_ssl.data
View File

@ -3378,18 +3378,6 @@ TLS 1.3: SRV: Session serialization, load buffer size
depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_SRV_C depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_SRV_C
ssl_serialize_session_load_buf_size:0:"":MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_3 ssl_serialize_session_load_buf_size:0:"":MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_VERSION_TLS1_3
# these are the numbers we'd get with an empty plaintext and truncated HMAC
Constant-flow memcpy from offset: small
ssl_cf_memcpy_offset:0:5:10
# we could get this with 255-bytes plaintext and untruncated SHA-256
Constant-flow memcpy from offset: medium
ssl_cf_memcpy_offset:0:255:32
# we could get this with 255-bytes plaintext and untruncated SHA-384
Constant-flow memcpy from offset: large
ssl_cf_memcpy_offset:100:339:48
Test configuration of groups for DHE through mbedtls_ssl_conf_curves() Test configuration of groups for DHE through mbedtls_ssl_conf_curves()
conf_curve: conf_curve:

33
tests/suites/test_suite_ssl.function
View File

@ -5438,39 +5438,6 @@ void resize_buffers_renegotiate_mfl( int mfl, int legacy_renegotiation,
} }
/* END_CASE */ /* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC:MBEDTLS_TEST_HOOKS */
void ssl_cf_memcpy_offset( int offset_min, int offset_max, int len )
{
unsigned char *dst = NULL;
unsigned char *src = NULL;
size_t src_len = offset_max + len;
size_t secret;
ASSERT_ALLOC( dst, len );
ASSERT_ALLOC( src, src_len );
/* Fill src in a way that we can detect if we copied the right bytes */
mbedtls_test_rnd_std_rand( NULL, src, src_len );
for( secret = offset_min; secret <= (size_t) offset_max; secret++ )
{
mbedtls_test_set_step( (int) secret );
TEST_CF_SECRET( &secret, sizeof( secret ) );
mbedtls_ct_memcpy_offset( dst, src, secret,
offset_min, offset_max, len );
TEST_CF_PUBLIC( &secret, sizeof( secret ) );
TEST_CF_PUBLIC( dst, len );
ASSERT_COMPARE( dst, len, src + secret, len );
}
exit:
mbedtls_free( dst );
mbedtls_free( src );
}
/* END_CASE */
/* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */ /* BEGIN_CASE depends_on:MBEDTLS_SSL_HANDSHAKE_WITH_PSK_ENABLED */
void test_multiple_psks() void test_multiple_psks()
{ {