spake25519_test.cc
Go to the documentation of this file.
1 /* Copyright (c) 2016, Google Inc.
2  *
3  * Permission to use, copy, modify, and/or distribute this software for any
4  * purpose with or without fee is hereby granted, provided that the above
5  * copyright notice and this permission notice appear in all copies.
6  *
7  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
8  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
9  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
10  * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
11  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
12  * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
13  * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */
14 
15 #include <openssl/curve25519.h>
16 
17 #include <string>
18 
19 #include <stdint.h>
20 #include <stdio.h>
21 #include <string.h>
22 
23 #include <gtest/gtest.h>
24 
25 #include "../internal.h"
26 #include "./internal.h"
27 
28 
29 // TODO(agl): add tests with fixed vectors once SPAKE2 is nailed down.
30 
31 struct SPAKE2Run {
32  bool Run() {
33  bssl::UniquePtr<SPAKE2_CTX> alice(SPAKE2_CTX_new(
34  spake2_role_alice,
35  reinterpret_cast<const uint8_t *>(alice_names.first.data()),
36  alice_names.first.size(),
37  reinterpret_cast<const uint8_t *>(alice_names.second.data()),
38  alice_names.second.size()));
39  bssl::UniquePtr<SPAKE2_CTX> bob(SPAKE2_CTX_new(
40  spake2_role_bob,
41  reinterpret_cast<const uint8_t *>(bob_names.first.data()),
42  bob_names.first.size(),
43  reinterpret_cast<const uint8_t *>(bob_names.second.data()),
44  bob_names.second.size()));
45 
46  if (!alice || !bob) {
47  return false;
48  }
49 
50  if (alice_disable_password_scalar_hack) {
51  alice->disable_password_scalar_hack = 1;
52  }
53  if (bob_disable_password_scalar_hack) {
54  bob->disable_password_scalar_hack = 1;
55  }
56 
57  uint8_t alice_msg[SPAKE2_MAX_MSG_SIZE];
58  uint8_t bob_msg[SPAKE2_MAX_MSG_SIZE];
59  size_t alice_msg_len, bob_msg_len;
60 
61  if (!SPAKE2_generate_msg(
62  alice.get(), alice_msg, &alice_msg_len, sizeof(alice_msg),
63  reinterpret_cast<const uint8_t *>(alice_password.data()),
64  alice_password.size()) ||
65  !SPAKE2_generate_msg(
66  bob.get(), bob_msg, &bob_msg_len, sizeof(bob_msg),
67  reinterpret_cast<const uint8_t *>(bob_password.data()),
68  bob_password.size())) {
69  return false;
70  }
71 
72  if (alice_corrupt_msg_bit >= 0 &&
73  static_cast<size_t>(alice_corrupt_msg_bit) < 8 * alice_msg_len) {
74  alice_msg[alice_corrupt_msg_bit/8] ^= 1 << (alice_corrupt_msg_bit & 7);
75  }
76 
77  uint8_t alice_key[64], bob_key[64];
78  size_t alice_key_len, bob_key_len;
79 
80  if (!SPAKE2_process_msg(alice.get(), alice_key, &alice_key_len,
81  sizeof(alice_key), bob_msg, bob_msg_len) ||
82  !SPAKE2_process_msg(bob.get(), bob_key, &bob_key_len, sizeof(bob_key),
83  alice_msg, alice_msg_len)) {
84  return false;
85  }
86 
87  key_matches_ = (alice_key_len == bob_key_len &&
88  OPENSSL_memcmp(alice_key, bob_key, alice_key_len) == 0);
89 
90  return true;
91  }
92 
93  bool key_matches() const {
94  return key_matches_;
95  }
96 
97  std::string alice_password = "password";
98  std::string bob_password = "password";
99  std::pair<std::string, std::string> alice_names = {"alice", "bob"};
100  std::pair<std::string, std::string> bob_names = {"bob", "alice"};
101  bool alice_disable_password_scalar_hack = false;
102  bool bob_disable_password_scalar_hack = false;
103  int alice_corrupt_msg_bit = -1;
104 
105  private:
106  bool key_matches_ = false;
107 };
108 
109 TEST(SPAKE25519Test, SPAKE2) {
110  for (unsigned i = 0; i < 20; i++) {
111  SPAKE2Run spake2;
112  ASSERT_TRUE(spake2.Run());
113  EXPECT_TRUE(spake2.key_matches());
114  }
115 }
116 
117 TEST(SPAKE25519Test, OldAlice) {
118  for (unsigned i = 0; i < 20; i++) {
119  SPAKE2Run spake2;
120  spake2.alice_disable_password_scalar_hack = true;
121  ASSERT_TRUE(spake2.Run());
122  EXPECT_TRUE(spake2.key_matches());
123  }
124 }
125 
126 TEST(SPAKE25519Test, OldBob) {
127  for (unsigned i = 0; i < 20; i++) {
128  SPAKE2Run spake2;
129  spake2.bob_disable_password_scalar_hack = true;
130  ASSERT_TRUE(spake2.Run());
131  EXPECT_TRUE(spake2.key_matches());
132  }
133 }
134 
135 TEST(SPAKE25519Test, WrongPassword) {
136  SPAKE2Run spake2;
137  spake2.bob_password = "wrong password";
138  ASSERT_TRUE(spake2.Run());
139  EXPECT_FALSE(spake2.key_matches()) << "Key matched for unequal passwords.";
140 }
141 
142 TEST(SPAKE25519Test, WrongNames) {
143  SPAKE2Run spake2;
144  spake2.alice_names.second = "charlie";
145  spake2.bob_names.second = "charlie";
146  ASSERT_TRUE(spake2.Run());
147  EXPECT_FALSE(spake2.key_matches()) << "Key matched for unequal names.";
148 }
149 
150 TEST(SPAKE25519Test, CorruptMessages) {
151  for (int i = 0; i < 8 * SPAKE2_MAX_MSG_SIZE; i++) {
152  SPAKE2Run spake2;
153  spake2.alice_corrupt_msg_bit = i;
154  EXPECT_FALSE(spake2.Run() && spake2.key_matches())
155  << "Passed after corrupting Alice's message, bit " << i;
156  }
157 }
EXPECT_FALSE
#define EXPECT_FALSE(condition)
Definition: bloaty/third_party/googletest/googletest/include/gtest/gtest.h:1970
SPAKE2Run::bob_disable_password_scalar_hack
bool bob_disable_password_scalar_hack
Definition: spake25519_test.cc:102
OPENSSL_memcmp
static int OPENSSL_memcmp(const void *s1, const void *s2, size_t n)
Definition: third_party/boringssl-with-bazel/src/crypto/internal.h:811
string.h
SPAKE2_CTX_new
#define SPAKE2_CTX_new
Definition: boringssl_prefix_symbols.h:2175
testing::internal::string
::std::string string
Definition: bloaty/third_party/protobuf/third_party/googletest/googletest/include/gtest/internal/gtest-port.h:881
SPAKE2_process_msg
#define SPAKE2_process_msg
Definition: boringssl_prefix_symbols.h:2177
TEST
TEST(SPAKE25519Test, SPAKE2)
Definition: spake25519_test.cc:109
SPAKE2Run::bob_password
std::string bob_password
Definition: spake25519_test.cc:98
uint8_t
unsigned char uint8_t
Definition: stdint-msvc2008.h:78
SPAKE2Run::alice_names
std::pair< std::string, std::string > alice_names
Definition: spake25519_test.cc:99
spake2_role_alice
@ spake2_role_alice
Definition: curve25519.h:117
SPAKE2Run::key_matches_
bool key_matches_
Definition: spake25519_test.cc:106
spake2_role_bob
@ spake2_role_bob
Definition: curve25519.h:118
stdint.h
SPAKE2Run::bob_names
std::pair< std::string, std::string > bob_names
Definition: spake25519_test.cc:100
SPAKE2Run::key_matches
bool key_matches() const
Definition: spake25519_test.cc:93
SPAKE2_MAX_MSG_SIZE
#define SPAKE2_MAX_MSG_SIZE
Definition: curve25519.h:139
SPAKE2Run::alice_corrupt_msg_bit
int alice_corrupt_msg_bit
Definition: spake25519_test.cc:103
internal.h
SPAKE2Run::Run
bool Run()
Definition: spake25519_test.cc:32
SPAKE2Run
Definition: spake25519_test.cc:31
curve25519.h
ASSERT_TRUE
#define ASSERT_TRUE(condition)
Definition: bloaty/third_party/googletest/googletest/include/gtest/gtest.h:1973
EXPECT_TRUE
#define EXPECT_TRUE(condition)
Definition: bloaty/third_party/googletest/googletest/include/gtest/gtest.h:1967
SPAKE2Run::alice_disable_password_scalar_hack
bool alice_disable_password_scalar_hack
Definition: spake25519_test.cc:101
SPAKE2_generate_msg
#define SPAKE2_generate_msg
Definition: boringssl_prefix_symbols.h:2176
SPAKE2Run::alice_password
std::string alice_password
Definition: spake25519_test.cc:97
i
uint64_t i
Definition: abseil-cpp/absl/container/btree_benchmark.cc:230

grpc
Author(s):
autogenerated on Fri May 16 2025 03:00:14