aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatt Dunwoodie <ncon@noconroy.net>2020-02-26 00:54:22 +1100
committerMatt Dunwoodie <ncon@noconroy.net>2020-02-26 00:54:22 +1100
commit308b087448daa0226de10fd94035b1780453f5d0 (patch)
tree347e4dd5cbb66192e0de947b568b3bba46cd9cfa
parentFixup noise_counter bugs (identified by tests, to be committed) (diff)
downloadwireguard-openbsd-308b087448daa0226de10fd94035b1780453f5d0.tar.xz
wireguard-openbsd-308b087448daa0226de10fd94035b1780453f5d0.zip
Add test cases
-rw-r--r--src/Makefile5
-rw-r--r--src/if_wg.c8
-rw-r--r--src/wgtest.c138
3 files changed, 150 insertions, 1 deletions
diff --git a/src/Makefile b/src/Makefile
index f2d6447..c977c23 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -29,6 +29,9 @@ ifconfig: patch_ifconfig
/usr/src/sys/net/if_wg.h: if_wg.h
cp if_wg.h /usr/src/sys/net/if_wg.h
+/usr/src/sys/net/wgtest.c: wgtest.c
+ cp wgtest.c /usr/src/sys/net/wgtest.c
+
/usr/src/sys/crypto/noise.c: noise.c
cp noise.c /usr/src/sys/crypto/noise.c
@@ -98,7 +101,7 @@ ifconfig: patch_ifconfig
.PHONY:
-patch_kernel: /usr/src/sys/crypto/blake2s.c /usr/src/sys/crypto/blake2s.h /usr/src/sys/crypto/curve25519.c /usr/src/sys/crypto/curve25519.h /usr/src/sys/crypto/chacha_private.h /usr/src/sys/crypto/chachapoly.h /usr/src/sys/crypto/chachapoly.c /usr/src/sys/conf/files /usr/src/sys/conf/GENERIC /usr/src/sys/netinet/in_pcb.h /usr/src/sys/netinet/udp_usrreq.c /usr/src/sys/net/if_wg.c /usr/src/sys/net/if_wg.h /usr/src/sys/sys/mbuf.h /usr/src/sys/crypto/noise.c /usr/src/sys/crypto/noise.h /usr/src/sys/crypto/cookie.c /usr/src/sys/crypto/cookie.h
+patch_kernel: /usr/src/sys/crypto/blake2s.c /usr/src/sys/crypto/blake2s.h /usr/src/sys/crypto/curve25519.c /usr/src/sys/crypto/curve25519.h /usr/src/sys/crypto/chacha_private.h /usr/src/sys/crypto/chachapoly.h /usr/src/sys/crypto/chachapoly.c /usr/src/sys/conf/files /usr/src/sys/conf/GENERIC /usr/src/sys/netinet/in_pcb.h /usr/src/sys/netinet/udp_usrreq.c /usr/src/sys/net/if_wg.c /usr/src/sys/net/if_wg.h /usr/src/sys/sys/mbuf.h /usr/src/sys/crypto/noise.c /usr/src/sys/crypto/noise.h /usr/src/sys/crypto/cookie.c /usr/src/sys/crypto/cookie.h /usr/src/sys/net/wgtest.c
.PHONY:
patch_userspace: /usr/src/usr.bin/kdump/mkioctls /usr/src/usr.bin/kdump/Makefile /usr/src/distrib/sets/lists/comp/mi
diff --git a/src/if_wg.c b/src/if_wg.c
index a05fb94..ce9a567 100644
--- a/src/if_wg.c
+++ b/src/if_wg.c
@@ -2381,6 +2381,10 @@ wg_clone_destroy(struct ifnet *ifp)
return 0;
}
+#ifdef WGTEST
+#include "wgtest.c"
+#endif
+
void
wgattach(int nwg)
{
@@ -2389,4 +2393,8 @@ wgattach(int nwg)
pool_init(&wg_aip_pool, sizeof(struct wg_aip), 0, IPL_NET, 0, "wgaip", NULL);
pool_init(&wg_peer_pool, sizeof(struct wg_peer), 0, IPL_NET, 0, "wgpeer", NULL);
pool_init(&wg_keypair_pool, sizeof(struct wg_keypair), 0, IPL_NET, 0, "wgkeypair", NULL);
+
+#ifdef WGTEST
+ wgtest();
+#endif
}
diff --git a/src/wgtest.c b/src/wgtest.c
new file mode 100644
index 0000000..2ac6618
--- /dev/null
+++ b/src/wgtest.c
@@ -0,0 +1,138 @@
+/*
+ * Copyright (c) 2019 Matt Dunwoodie <ncon@noconroy.net>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ * ======== wgtest.c ========
+ *
+ * This file contains unit tests for the majority of WireGuard related code.
+ * It includes the noise.{c,h} and cookie.{c.h} files.
+ *
+ */
+
+#include <sys/types.h>
+#include <sys/mutex.h>
+
+#include <crypto/noise.h>
+
+/* proto */
+int noise_keypair_counter_recv(struct noise_keypair *, uint64_t);
+
+/* tests */
+int
+noise_counter_test()
+{
+ struct noise_keypair kp;
+ size_t test_num = 0, i;
+ int passed = 1;
+
+#define T_INIT do { \
+ bzero(&kp, sizeof(kp)); \
+ mtx_init(&kp.kp_ctr.c_mtx, 0); \
+ } while (0)
+#define T_LIM (COUNTER_WINDOW_SIZE + 1)
+#define T(n, v) do { \
+ test_num++; \
+ if (noise_keypair_counter_recv(&kp, n) != (v)) { \
+ printf("counter test %lu: failed\n", test_num); \
+ passed = 0; \
+ } \
+ } while (0)
+
+ T_INIT;
+ /* T(nonce, expected_response) */
+ /* 1 */ T(0, 0);
+ /* 2 */ T(1, 0);
+ /* 3 */ T(1, EEXIST);
+ /* 4 */ T(9, 0);
+ /* 5 */ T(8, 0);
+ /* 6 */ T(7, 0);
+ /* 7 */ T(7, EEXIST);
+ /* 8 */ T(T_LIM, 0);
+ /* 9 */ T(T_LIM - 1, 0);
+ /* 10 */ T(T_LIM - 1, EEXIST);
+ /* 11 */ T(T_LIM - 2, 0);
+ /* 12 */ T(2, 0);
+ /* 13 */ T(2, EEXIST);
+ /* 14 */ T(T_LIM + 16, 0);
+ /* 15 */ T(3, EEXIST);
+ /* 16 */ T(T_LIM + 16, EEXIST);
+ /* 17 */ T(T_LIM * 4, 0);
+ /* 18 */ T(T_LIM * 4 - (T_LIM - 1), 0);
+ /* 19 */ T(10, EEXIST);
+ /* 20 */ T(T_LIM * 4 - T_LIM, EEXIST);
+ /* 21 */ T(T_LIM * 4 - (T_LIM + 1), EEXIST);
+ /* 22 */ T(T_LIM * 4 - (T_LIM - 2), 0);
+ /* 23 */ T(T_LIM * 4 + 1 - T_LIM, EEXIST);
+ /* 24 */ T(0, EEXIST);
+ /* 25 */ T(REJECT_AFTER_MESSAGES, EEXIST);
+ /* 26 */ T(REJECT_AFTER_MESSAGES - 1, 0);
+ /* 27 */ T(REJECT_AFTER_MESSAGES, EEXIST);
+ /* 28 */ T(REJECT_AFTER_MESSAGES - 1, EEXIST);
+ /* 29 */ T(REJECT_AFTER_MESSAGES - 2, 0);
+ /* 30 */ T(REJECT_AFTER_MESSAGES + 1, EEXIST);
+ /* 31 */ T(REJECT_AFTER_MESSAGES + 2, EEXIST);
+ /* 32 */ T(REJECT_AFTER_MESSAGES - 2, EEXIST);
+ /* 33 */ T(REJECT_AFTER_MESSAGES - 3, 0);
+ /* 34 */ T(0, EEXIST);
+
+ T_INIT;
+ for (i = 1; i <= COUNTER_WINDOW_SIZE; ++i)
+ T(i, 0);
+ T(0, 0);
+ T(0, EEXIST);
+
+ T_INIT;
+ for (i = 2; i <= COUNTER_WINDOW_SIZE + 1; ++i)
+ T(i, 0);
+ T(1, 0);
+ T(0, EEXIST);
+
+ T_INIT;
+ for (i = COUNTER_WINDOW_SIZE + 1; i-- > 0;)
+ T(i, 0);
+
+ T_INIT;
+ for (i = COUNTER_WINDOW_SIZE + 2; i-- > 1;)
+ T(i, 0);
+ T(0, EEXIST);
+
+ T_INIT;
+ for (i = COUNTER_WINDOW_SIZE + 1; i-- > 1;)
+ T(i, 0);
+ T(COUNTER_WINDOW_SIZE + 1, 0);
+ T(0, EEXIST);
+
+ T_INIT;
+ for (i = COUNTER_WINDOW_SIZE + 1; i-- > 1;)
+ T(i, 0);
+ T(0, 0);
+ T(COUNTER_WINDOW_SIZE + 1, 0);
+
+#undef T
+#undef T_LIM
+#undef T_INIT
+
+ if (passed)
+ printf("noise counter: pass\n");
+ return passed;
+}
+
+void
+wgtest()
+{
+ int passed = 1;
+ printf("WireGuard tests: starting\n");
+ passed &= noise_counter_test();
+ printf("WireGuard tests: %s!\n", passed ? "passed" : "failed");
+}