wg_noise: add selftest

Signed-off-by: Matt Dunwoodie <ncon@noconroy.net>

4 files changed, 100 insertions, 0 deletions

diff --git a/src/if_wg.c b/src/if_wg.c
index 519afe4..46a9910 100644
--- a/src/if_wg.c
+++ b/src/if_wg.c
@@ -2786,6 +2786,7 @@ wg_prison_remove(void *obj, void *data __unused)
 static void wg_run_selftests(void)
 {
 	wg_allowedips_selftest();
+	noise_counter_selftest();
 	cookie_selftest();
 }
 #else
diff --git a/src/selftest/counter.c b/src/selftest/counter.c
new file mode 100644
index 0000000..62f38d2
--- /dev/null
+++ b/src/selftest/counter.c
@@ -0,0 +1,91 @@
+#define T_LIM (COUNTER_WINDOW_SIZE + 1)
+#define T_INIT do {				\
+	bzero(&kp, sizeof(kp));			\
+	rw_init(&kp.kp_nonce_lock, "counter");	\
+} while (0)
+#define T(num, v, e) do {						\
+	if (noise_keypair_nonce_check(&kp, v) != e) {			\
+		printf("%s, test %d: fail\n", __func__, num);	\
+		return;							\
+	}								\
+} while (0)
+#define T_PASSED printf("%s: pass\n", __func__)
+
+void
+noise_counter_selftest(void)
+{
+	struct noise_keypair kp;
+	int i;
+
+	T_INIT;
+	/* T(test number, nonce, expected_response) */
+	T( 1, 0, 0);
+	T( 2, 1, 0);
+	T( 3, 1, EEXIST);
+	T( 4, 9, 0);
+	T( 5, 8, 0);
+	T( 6, 7, 0);
+	T( 7, 7, EEXIST);
+	T( 8, T_LIM, 0);
+	T( 9, T_LIM - 1, 0);
+	T(10, T_LIM - 1, EEXIST);
+	T(11, T_LIM - 2, 0);
+	T(12, 2, 0);
+	T(13, 2, EEXIST);
+	T(14, T_LIM + 16, 0);
+	T(15, 3, EEXIST);
+	T(16, T_LIM + 16, EEXIST);
+	T(17, T_LIM * 4, 0);
+	T(18, T_LIM * 4 - (T_LIM - 1), 0);
+	T(19, 10, EEXIST);
+	T(20, T_LIM * 4 - T_LIM, EEXIST);
+	T(21, T_LIM * 4 - (T_LIM + 1), EEXIST);
+	T(22, T_LIM * 4 - (T_LIM - 2), 0);
+	T(23, T_LIM * 4 + 1 - T_LIM, EEXIST);
+	T(24, 0, EEXIST);
+	T(25, REJECT_AFTER_MESSAGES, EEXIST);
+	T(26, REJECT_AFTER_MESSAGES - 1, 0);
+	T(27, REJECT_AFTER_MESSAGES, EEXIST);
+	T(28, REJECT_AFTER_MESSAGES - 1, EEXIST);
+	T(29, REJECT_AFTER_MESSAGES - 2, 0);
+	T(30, REJECT_AFTER_MESSAGES + 1, EEXIST);
+	T(31, REJECT_AFTER_MESSAGES + 2, EEXIST);
+	T(32, REJECT_AFTER_MESSAGES - 2, EEXIST);
+	T(33, REJECT_AFTER_MESSAGES - 3, 0);
+	T(34, 0, EEXIST);
+
+	T_INIT;
+	for (i = 1; i <= COUNTER_WINDOW_SIZE; ++i)
+		T(35, i, 0);
+	T(36, 0, 0);
+	T(37, 0, EEXIST);
+
+	T_INIT;
+	for (i = 2; i <= COUNTER_WINDOW_SIZE + 1; ++i)
+		T(38, i, 0);
+	T(39, 1, 0);
+	T(40, 0, EEXIST);
+
+	T_INIT;
+	for (i = COUNTER_WINDOW_SIZE + 1; i-- > 0;)
+		T(41, i, 0);
+
+	T_INIT;
+	for (i = COUNTER_WINDOW_SIZE + 2; i-- > 1;)
+		T(42, i, 0);
+	T(43, 0, EEXIST);
+
+	T_INIT;
+	for (i = COUNTER_WINDOW_SIZE + 1; i-- > 1;)
+		T(44, i, 0);
+	T(45, COUNTER_WINDOW_SIZE + 1, 0);
+	T(46, 0, EEXIST);
+
+	T_INIT;
+	for (i = COUNTER_WINDOW_SIZE + 1; i-- > 1;)
+		T(47, i, 0);
+	T(48, 0, 0);
+	T(49, COUNTER_WINDOW_SIZE + 1, 0);
+
+	T_PASSED;
+}
diff --git a/src/wg_noise.c b/src/wg_noise.c
index 4595dc7..b996d3b 100644
--- a/src/wg_noise.c
+++ b/src/wg_noise.c
@@ -1343,3 +1343,7 @@ static uint64_t siphash24(const uint8_t key[SIPHASH_KEY_LENGTH], const void *src
 	SIPHASH_CTX ctx;
 	return (SipHashX(&ctx, 2, 4, key, src, len));
 }
+
+#ifdef SELFTESTS
+#include "selftest/counter.c"
+#endif /* SELFTESTS */
diff --git a/src/wg_noise.h b/src/wg_noise.h
index 8d7b54e..05ec22b 100644
--- a/src/wg_noise.h
+++ b/src/wg_noise.h
@@ -129,4 +129,8 @@ int	noise_consume_response(
 	    uint8_t ue[NOISE_PUBLIC_KEY_LEN],
 	    uint8_t en[0 + NOISE_AUTHTAG_LEN]);
 
+#ifdef SELFTESTS
+void	noise_counter_selftest(void);
+#endif /* SELFTESTS */
+
 #endif /* __NOISE_H__ */