diff options
author | Matt Dunwoodie <ncon@noconroy.net> | 2021-04-22 12:10:24 +1000 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2021-04-22 00:02:45 -0600 |
commit | b132f7d89d6bae0e704f0dc187859e2aa4916135 (patch) | |
tree | 83c4af7d956d9ce36d315fd0002decab69d59a49 /src | |
parent | wg_cookie: add selftest (diff) | |
download | wireguard-freebsd-b132f7d89d6bae0e704f0dc187859e2aa4916135.tar.xz wireguard-freebsd-b132f7d89d6bae0e704f0dc187859e2aa4916135.zip |
wg_noise: add selftest
Signed-off-by: Matt Dunwoodie <ncon@noconroy.net>
Diffstat (limited to 'src')
-rw-r--r-- | src/if_wg.c | 1 | ||||
-rw-r--r-- | src/selftest/counter.c | 91 | ||||
-rw-r--r-- | src/wg_noise.c | 4 | ||||
-rw-r--r-- | src/wg_noise.h | 4 |
4 files changed, 100 insertions, 0 deletions
diff --git a/src/if_wg.c b/src/if_wg.c index 519afe4..46a9910 100644 --- a/src/if_wg.c +++ b/src/if_wg.c @@ -2786,6 +2786,7 @@ wg_prison_remove(void *obj, void *data __unused) static void wg_run_selftests(void) { wg_allowedips_selftest(); + noise_counter_selftest(); cookie_selftest(); } #else diff --git a/src/selftest/counter.c b/src/selftest/counter.c new file mode 100644 index 0000000..62f38d2 --- /dev/null +++ b/src/selftest/counter.c @@ -0,0 +1,91 @@ +#define T_LIM (COUNTER_WINDOW_SIZE + 1) +#define T_INIT do { \ + bzero(&kp, sizeof(kp)); \ + rw_init(&kp.kp_nonce_lock, "counter"); \ +} while (0) +#define T(num, v, e) do { \ + if (noise_keypair_nonce_check(&kp, v) != e) { \ + printf("%s, test %d: fail\n", __func__, num); \ + return; \ + } \ +} while (0) +#define T_PASSED printf("%s: pass\n", __func__) + +void +noise_counter_selftest(void) +{ + struct noise_keypair kp; + int i; + + T_INIT; + /* T(test number, nonce, expected_response) */ + T( 1, 0, 0); + T( 2, 1, 0); + T( 3, 1, EEXIST); + T( 4, 9, 0); + T( 5, 8, 0); + T( 6, 7, 0); + T( 7, 7, EEXIST); + T( 8, T_LIM, 0); + T( 9, T_LIM - 1, 0); + T(10, T_LIM - 1, EEXIST); + T(11, T_LIM - 2, 0); + T(12, 2, 0); + T(13, 2, EEXIST); + T(14, T_LIM + 16, 0); + T(15, 3, EEXIST); + T(16, T_LIM + 16, EEXIST); + T(17, T_LIM * 4, 0); + T(18, T_LIM * 4 - (T_LIM - 1), 0); + T(19, 10, EEXIST); + T(20, T_LIM * 4 - T_LIM, EEXIST); + T(21, T_LIM * 4 - (T_LIM + 1), EEXIST); + T(22, T_LIM * 4 - (T_LIM - 2), 0); + T(23, T_LIM * 4 + 1 - T_LIM, EEXIST); + T(24, 0, EEXIST); + T(25, REJECT_AFTER_MESSAGES, EEXIST); + T(26, REJECT_AFTER_MESSAGES - 1, 0); + T(27, REJECT_AFTER_MESSAGES, EEXIST); + T(28, REJECT_AFTER_MESSAGES - 1, EEXIST); + T(29, REJECT_AFTER_MESSAGES - 2, 0); + T(30, REJECT_AFTER_MESSAGES + 1, EEXIST); + T(31, REJECT_AFTER_MESSAGES + 2, EEXIST); + T(32, REJECT_AFTER_MESSAGES - 2, EEXIST); + T(33, REJECT_AFTER_MESSAGES - 3, 0); + T(34, 0, EEXIST); + + T_INIT; + for (i = 1; i <= COUNTER_WINDOW_SIZE; ++i) + T(35, i, 0); + T(36, 0, 0); + T(37, 0, EEXIST); + + T_INIT; + for (i = 2; i <= COUNTER_WINDOW_SIZE + 1; ++i) + T(38, i, 0); + T(39, 1, 0); + T(40, 0, EEXIST); + + T_INIT; + for (i = COUNTER_WINDOW_SIZE + 1; i-- > 0;) + T(41, i, 0); + + T_INIT; + for (i = COUNTER_WINDOW_SIZE + 2; i-- > 1;) + T(42, i, 0); + T(43, 0, EEXIST); + + T_INIT; + for (i = COUNTER_WINDOW_SIZE + 1; i-- > 1;) + T(44, i, 0); + T(45, COUNTER_WINDOW_SIZE + 1, 0); + T(46, 0, EEXIST); + + T_INIT; + for (i = COUNTER_WINDOW_SIZE + 1; i-- > 1;) + T(47, i, 0); + T(48, 0, 0); + T(49, COUNTER_WINDOW_SIZE + 1, 0); + + T_PASSED; +} diff --git a/src/wg_noise.c b/src/wg_noise.c index 4595dc7..b996d3b 100644 --- a/src/wg_noise.c +++ b/src/wg_noise.c @@ -1343,3 +1343,7 @@ static uint64_t siphash24(const uint8_t key[SIPHASH_KEY_LENGTH], const void *src SIPHASH_CTX ctx; return (SipHashX(&ctx, 2, 4, key, src, len)); } + +#ifdef SELFTESTS +#include "selftest/counter.c" +#endif /* SELFTESTS */ diff --git a/src/wg_noise.h b/src/wg_noise.h index 8d7b54e..05ec22b 100644 --- a/src/wg_noise.h +++ b/src/wg_noise.h @@ -129,4 +129,8 @@ int noise_consume_response( uint8_t ue[NOISE_PUBLIC_KEY_LEN], uint8_t en[0 + NOISE_AUTHTAG_LEN]); +#ifdef SELFTESTS +void noise_counter_selftest(void); +#endif /* SELFTESTS */ + #endif /* __NOISE_H__ */ |