[tor-commits] [tor/master] test coverage on onion_fast: 0%->100%
nickm at torproject.org
nickm at torproject.org
Wed Jul 6 17:43:16 UTC 2016
commit acba4cc9546f66be95353e37fc22b81d0dc91732
Author: Nick Mathewson <nickm at torproject.org>
Date: Wed Jul 6 13:43:12 2016 -0400
test coverage on onion_fast: 0%->100%
---
src/or/onion_fast.c | 8 +++++---
src/test/test.c | 38 ++++++++++++++++++++++++++++++++++++++
2 files changed, 43 insertions(+), 3 deletions(-)
diff --git a/src/or/onion_fast.c b/src/or/onion_fast.c
index 1f79860..6b5d12e 100644
--- a/src/or/onion_fast.c
+++ b/src/or/onion_fast.c
@@ -59,8 +59,8 @@ fast_server_handshake(const uint8_t *key_in, /* DIGEST_LEN bytes */
memcpy(tmp+DIGEST_LEN, handshake_reply_out, DIGEST_LEN);
out_len = key_out_len+DIGEST_LEN;
out = tor_malloc(out_len);
- if (crypto_expand_key_material_TAP(tmp, sizeof(tmp), out, out_len)) {
- goto done;
+ if (BUG(crypto_expand_key_material_TAP(tmp, sizeof(tmp), out, out_len))) {
+ goto done; // LCOV_EXCL_LINE
}
memcpy(handshake_reply_out+DIGEST_LEN, out, DIGEST_LEN);
memcpy(key_out, out+DIGEST_LEN, key_out_len);
@@ -100,10 +100,12 @@ fast_client_handshake(const fast_handshake_state_t *handshake_state,
memcpy(tmp+DIGEST_LEN, handshake_reply_out, DIGEST_LEN);
out_len = key_out_len+DIGEST_LEN;
out = tor_malloc(out_len);
- if (crypto_expand_key_material_TAP(tmp, sizeof(tmp), out, out_len)) {
+ if (BUG(crypto_expand_key_material_TAP(tmp, sizeof(tmp), out, out_len))) {
+ /* LCOV_EXCL_START */
if (msg_out)
*msg_out = "Failed to expand key material";
goto done;
+ /* LCOV_EXCL_STOP */
}
if (tor_memneq(out, handshake_reply_out+DIGEST_LEN, DIGEST_LEN)) {
/* H(K) does *not* match. Something fishy. */
diff --git a/src/test/test.c b/src/test/test.c
index 2f18346..f861016 100644
--- a/src/test/test.c
+++ b/src/test/test.c
@@ -55,6 +55,7 @@ double fabs(double x);
#include "memarea.h"
#include "onion.h"
#include "onion_ntor.h"
+#include "onion_fast.h"
#include "onion_tap.h"
#include "policies.h"
#include "rephist.h"
@@ -266,6 +267,42 @@ test_ntor_handshake(void *arg)
dimap_free(s_keymap, NULL);
}
+static void
+test_fast_handshake(void *arg)
+{
+ /* tests for the obsolete "CREATE_FAST" handshake. */
+ (void) arg;
+ fast_handshake_state_t *state = NULL;
+ uint8_t client_handshake[CREATE_FAST_LEN];
+ uint8_t server_handshake[CREATED_FAST_LEN];
+ uint8_t s_keys[100], c_keys[100];
+
+ /* First, test an entire handshake. */
+ memset(client_handshake, 0, sizeof(client_handshake));
+ tt_int_op(0, OP_EQ, fast_onionskin_create(&state, client_handshake));
+ tt_assert(! tor_mem_is_zero((char*)client_handshake,
+ sizeof(client_handshake)));
+
+ tt_int_op(0, OP_EQ,
+ fast_server_handshake(client_handshake, server_handshake,
+ s_keys, 100));
+ const char *msg = NULL;
+ tt_int_op(0, OP_EQ,
+ fast_client_handshake(state, server_handshake, c_keys, 100, &msg));
+ tt_ptr_op(msg, OP_EQ, NULL);
+ tt_mem_op(s_keys, OP_EQ, c_keys, 100);
+
+ /* Now test a failing handshake. */
+ server_handshake[0] ^= 3;
+ tt_int_op(-1, OP_EQ,
+ fast_client_handshake(state, server_handshake, c_keys, 100, &msg));
+ tt_str_op(msg, OP_EQ, "Digest DOES NOT MATCH on fast handshake. "
+ "Bug or attack.");
+
+ done:
+ fast_handshake_state_free(state);
+}
+
/** Run unit tests for the onion queues. */
static void
test_onion_queues(void *arg)
@@ -1130,6 +1167,7 @@ static struct testcase_t test_array[] = {
{ "bad_onion_handshake", test_bad_onion_handshake, 0, NULL, NULL },
ENT(onion_queues),
{ "ntor_handshake", test_ntor_handshake, 0, NULL, NULL },
+ { "fast_handshake", test_fast_handshake, 0, NULL, NULL },
FORK(circuit_timeout),
FORK(rend_fns),
ENT(geoip),
More information about the tor-commits
mailing list