Blame - tests/suites/test_suite_constant_time.function - mirror/mbed-tls

blob: aa605d2fe7c396627fa3be599581531abb1d0c6b [file] [log] [blame]

Gilles Peskine	3ffd6bc	2022-11-29 15:44:21 +0100	[diff] [blame]	1	/* BEGIN_HEADER */
				2	/** \file test_suite_constant_time.function
				3	*
				4	* Functional testing of functions in the constant_time module.
				5	*
				6	* The tests are instrumented with #TEST_CF_SECRET and #TEST_CF_PUBLIC
				7	* (see tests/include/test/constant_flow.h) so that running the tests
				8	* under MSan or Valgrind will detect a non-constant-time implementation.
				9	*/
				10
				11	#include <mbedtls/constant_time.h>
				12	#include <constant_time_internal.h>
				13	#include <constant_time_invasive.h>
				14
				15	#include <test/constant_flow.h>
				16	/* END_HEADER */
				17
Dave Rodgman	39188c0	2022-12-23 12:27:04 +0000	[diff] [blame]	18	/* BEGIN_CASE */
				19	void mbedtls_ct_memcmp_null()
				20	{
				21	uint32_t x;
				22	TEST_ASSERT(mbedtls_ct_memcmp(&x, NULL, 0) == 0);
				23	TEST_ASSERT(mbedtls_ct_memcmp(NULL, &x, 0) == 0);
				24	TEST_ASSERT(mbedtls_ct_memcmp(NULL, NULL, 0) == 0);
				25	}
				26	/* END_CASE */
				27
				28	/* BEGIN_CASE */
				29	void mbedtls_ct_memcmp(int same, int size, int offset)
				30	{
				31	uint8_t a = NULL, b = NULL;
				32	ASSERT_ALLOC(a, size + offset);
				33	ASSERT_ALLOC(b, size + offset);
				34
				35	TEST_CF_SECRET(a + offset, size);
				36	TEST_CF_SECRET(b + offset, size);
				37
				38	for (int i = 0; i < size + offset; i++) {
				39	a[i] = i & 0xff;
				40	b[i] = (i & 0xff) + (same ? 0 : 1);
				41	}
				42
				43	int reference = memcmp(a + offset, b + offset, size);
				44	int actual = mbedtls_ct_memcmp(a + offset, b + offset, size);
				45	TEST_CF_PUBLIC(a + offset, size);
				46	TEST_CF_PUBLIC(b + offset, size);
				47
				48	if (same != 0) {
				49	TEST_ASSERT(reference == 0);
				50	TEST_ASSERT(actual == 0);
				51	} else {
				52	TEST_ASSERT(reference != 0);
				53	TEST_ASSERT(actual != 0);
				54	}
				55	exit:
				56	mbedtls_free(a);
				57	mbedtls_free(b);
				58	}
				59	/* END_CASE */
				60
				61	/* BEGIN_CASE depends_on:MBEDTLS_SSL_SOME_SUITES_USE_MAC */
				62	void mbedtls_ct_memcpy_if_eq(int eq, int size, int offset)
				63	{
				64	uint8_t src = NULL, result = NULL, *expected = NULL;
				65	ASSERT_ALLOC(src, size + offset);
				66	ASSERT_ALLOC(result, size + offset);
				67	ASSERT_ALLOC(expected, size + offset);
				68
				69	for (int i = 0; i < size + offset; i++) {
				70	src[i] = 1;
				71	result[i] = 0xff;
				72	expected[i] = eq ? 1 : 0xff;
				73	}
				74
				75	mbedtls_ct_memcpy_if_eq(result + offset, src, size, eq, 1);
				76	ASSERT_COMPARE(expected, size, result + offset, size);
				77
				78	for (int i = 0; i < size + offset; i++) {
				79	src[i] = 1;
				80	result[i] = 0xff;
				81	expected[i] = eq ? 1 : 0xff;
				82	}
				83	mbedtls_ct_memcpy_if_eq(result, src + offset, size, eq, 1);
				84	ASSERT_COMPARE(expected, size, result, size);
				85
				86	exit:
				87	mbedtls_free(src);
				88	mbedtls_free(result);
				89	mbedtls_free(expected);
				90	}
				91	/* END_CASE */
				92
Gilles Peskine	3ffd6bc	2022-11-29 15:44:21 +0100	[diff] [blame]	93	/* BEGIN_CASE depends_on:MBEDTLS_SSL_SOME_SUITES_USE_TLS_CBC:MBEDTLS_TEST_HOOKS */
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	94	void ssl_cf_memcpy_offset(int offset_min, int offset_max, int len)
Gilles Peskine	3ffd6bc	2022-11-29 15:44:21 +0100	[diff] [blame]	95	{
				96	unsigned char *dst = NULL;
				97	unsigned char *src = NULL;
				98	size_t src_len = offset_max + len;
				99	size_t secret;
				100
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	101	ASSERT_ALLOC(dst, len);
				102	ASSERT_ALLOC(src, src_len);
Gilles Peskine	3ffd6bc	2022-11-29 15:44:21 +0100	[diff] [blame]	103
				104	/* Fill src in a way that we can detect if we copied the right bytes */
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	105	mbedtls_test_rnd_std_rand(NULL, src, src_len);
Gilles Peskine	3ffd6bc	2022-11-29 15:44:21 +0100	[diff] [blame]	106
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	107	for (secret = offset_min; secret <= (size_t) offset_max; secret++) {
				108	mbedtls_test_set_step((int) secret);
Gilles Peskine	3ffd6bc	2022-11-29 15:44:21 +0100	[diff] [blame]	109
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	110	TEST_CF_SECRET(&secret, sizeof(secret));
				111	mbedtls_ct_memcpy_offset(dst, src, secret,
				112	offset_min, offset_max, len);
				113	TEST_CF_PUBLIC(&secret, sizeof(secret));
				114	TEST_CF_PUBLIC(dst, len);
Gilles Peskine	3ffd6bc	2022-11-29 15:44:21 +0100	[diff] [blame]	115
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	116	ASSERT_COMPARE(dst, len, src + secret, len);
Gilles Peskine	3ffd6bc	2022-11-29 15:44:21 +0100	[diff] [blame]	117	}
				118
				119	exit:
Gilles Peskine	449bd83	2023-01-11 14:50:10 +0100	[diff] [blame]	120	mbedtls_free(dst);
				121	mbedtls_free(src);
Gilles Peskine	3ffd6bc	2022-11-29 15:44:21 +0100	[diff] [blame]	122	}
				123	/* END_CASE */