1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include <crypto/p224_spake.h>
7 #include "base/logging.h"
8 #include "testing/gtest/include/gtest/gtest.h"
10 using namespace crypto
;
12 bool RunExchange(P224EncryptedKeyExchange
* client
,
13 P224EncryptedKeyExchange
* server
) {
16 std::string client_message
, server_message
;
17 client_message
= client
->GetMessage();
18 server_message
= server
->GetMessage();
20 P224EncryptedKeyExchange::Result client_result
, server_result
;
21 client_result
= client
->ProcessMessage(server_message
);
22 server_result
= server
->ProcessMessage(client_message
);
24 // Check that we never hit the case where only one succeeds.
25 if ((client_result
== P224EncryptedKeyExchange::kResultSuccess
) ^
26 (server_result
== P224EncryptedKeyExchange::kResultSuccess
)) {
27 CHECK(false) << "Parties differ on whether authentication was successful";
30 if (client_result
== P224EncryptedKeyExchange::kResultFailed
||
31 server_result
== P224EncryptedKeyExchange::kResultFailed
) {
35 if (client_result
== P224EncryptedKeyExchange::kResultSuccess
&&
36 server_result
== P224EncryptedKeyExchange::kResultSuccess
) {
40 CHECK_EQ(P224EncryptedKeyExchange::kResultPending
, client_result
);
41 CHECK_EQ(P224EncryptedKeyExchange::kResultPending
, server_result
);
45 static const char kPassword
[] = "foo";
47 TEST(MutualAuth
, CorrectAuth
) {
48 P224EncryptedKeyExchange
client(
49 P224EncryptedKeyExchange::kPeerTypeClient
, kPassword
);
50 P224EncryptedKeyExchange
server(
51 P224EncryptedKeyExchange::kPeerTypeServer
, kPassword
);
53 EXPECT_TRUE(RunExchange(&client
, &server
));
54 EXPECT_EQ(client
.GetKey(), server
.GetKey());
57 TEST(MutualAuth
, IncorrectPassword
) {
58 P224EncryptedKeyExchange
client(
59 P224EncryptedKeyExchange::kPeerTypeClient
,
61 P224EncryptedKeyExchange
server(
62 P224EncryptedKeyExchange::kPeerTypeServer
,
65 EXPECT_FALSE(RunExchange(&client
, &server
));
68 TEST(MutualAuth
, Fuzz
) {
69 static const unsigned kIterations
= 40;
71 for (unsigned i
= 0; i
< kIterations
; i
++) {
72 P224EncryptedKeyExchange
client(
73 P224EncryptedKeyExchange::kPeerTypeClient
, kPassword
);
74 P224EncryptedKeyExchange
server(
75 P224EncryptedKeyExchange::kPeerTypeServer
, kPassword
);
77 // We'll only be testing small values of i, but we don't want that to bias
78 // the test coverage. So we disperse the value of i by multiplying by the
79 // FNV, 32-bit prime, producing a poor-man's PRNG.
80 const uint32 rand
= i
* 16777619;
82 for (unsigned round
= 0;; round
++) {
83 std::string client_message
, server_message
;
84 client_message
= client
.GetMessage();
85 server_message
= server
.GetMessage();
87 if ((rand
& 1) == round
) {
88 const bool server_or_client
= rand
& 2;
89 std::string
* m
= server_or_client
? &server_message
: &client_message
;
92 *m
= m
->substr(0, (i
>> 3) % m
->size());
95 const size_t bits
= m
->size() * 8;
96 const size_t bit_to_corrupt
= (rand
>> 3) % bits
;
97 const_cast<char*>(m
->data())[bit_to_corrupt
/ 8] ^=
98 1 << (bit_to_corrupt
% 8);
102 P224EncryptedKeyExchange::Result client_result
, server_result
;
103 client_result
= client
.ProcessMessage(server_message
);
104 server_result
= server
.ProcessMessage(client_message
);
106 // If we have corrupted anything, we expect the authentication to fail,
107 // although one side can succeed if we happen to corrupt the second round
108 // message to the other.
110 client_result
== P224EncryptedKeyExchange::kResultSuccess
&&
111 server_result
== P224EncryptedKeyExchange::kResultSuccess
);
113 if (client_result
== P224EncryptedKeyExchange::kResultFailed
||
114 server_result
== P224EncryptedKeyExchange::kResultFailed
) {
118 ASSERT_EQ(P224EncryptedKeyExchange::kResultPending
,
120 ASSERT_EQ(P224EncryptedKeyExchange::kResultPending
,