mirrors/core-lightning
1
0
Fork 0
mirror of https://github.com/ElementsProject/lightning.git synced 2025-01-18 21:35:11 +01:00
Code Issues Projects Releases Wiki Activity

bitcoin/test: fix up constant time test for secret_eq.

Browse Source 
We check that memcmp *isn't* constant time, but that's only true under
-O2 or above: __OPTIMIZE__ doesn't distinguish.

So we need a finer-grained test.  Also reduce verbosity by default.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
This commit is contained in:
Rusty Russell 2019-05-16 13:17:36 +09:30 committed by neil saitug
parent 6b32b72dee
commit 664916e815
2 changed files with 17 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
bitcoin/test/Makefile
View File

@ -10,6 +10,8 @@ $(BITCOIN_TEST_OBJS): $(CCAN_HEADERS) $(BITCOIN_HEADERS) $(BITCOIN_SRC)
ALL_TEST_PROGRAMS += $(BITCOIN_TEST_PROGRAMS)
ALL_OBJS += $(BITCOIN_TEST_PROGRAMS:=.o)
# This needs to know what level of optimization we're using.
bitcoin/test/run-secret_eq_consttime.o: CFLAGS += -DCOPTFLAGS="\"${COPTFLAGS}\""
update-mocks: $(BITCOIN_TEST_SRC:%=update-mocks/%)
check: $(BITCOIN_TEST_PROGRAMS:%=unittest/%)

28
bitcoin/test/run-secret_eq_consttime.c
View File

@ -6,6 +6,7 @@
/* AUTOGENERATED MOCKS START */
/* AUTOGENERATED MOCKS END */
static bool verbose = false;
#define RUNS (256 * 10000)
static struct timerel const_time_test(struct secret *s1,
@ -82,9 +83,10 @@ static bool secret_time_test(struct timerel (*test)(struct secret *s1,
free(s1);
free(s2);
printf("First byte %u psec vs last byte %u psec\n",
(int)time_to_nsec(time_divide(firstbyte_time, RUNS / 1000)),
(int)time_to_nsec(time_divide(lastbyte_time, RUNS / 1000)));
if (verbose)
printf("First byte %u psec vs last byte %u psec\n",
(int)time_to_nsec(time_divide(firstbyte_time, RUNS/1000)),
(int)time_to_nsec(time_divide(lastbyte_time, RUNS/1000)));
/* If they differ by more than 5%, get upset. */
if (time_less(firstbyte_time, lastbyte_time))
@ -120,17 +122,17 @@ int main(void)
if (success < i/2)
errx(1, "Only const time %u/%u?", success, i);
/* This, should show measurable differences at least 1/2 the time. */
success = 0;
for (i = 0; i < 10; i++)
success += secret_time_test(nonconst_time_test, false);
printf("=> More than 5%% slower %u/%u times\n", success, i);
/* This fails without -O2 or above, at least here (x86 Ubuntu gcc 7.3) */
#ifdef __OPTIMIZE__
if (success < i/2)
errx(1, "memcmp seemed const time %u/%u?", success, i);
#endif
if (strstr(COPTFLAGS, "-O2") || strstr(COPTFLAGS, "-O3")) {
/* Should show measurable differences at least 1/2 the time. */
success = 0;
for (i = 0; i < 10; i++)
success += secret_time_test(nonconst_time_test, false);
printf("=> More than 5%% slower %u/%u times\n", success, i);
if (success < i/2)
errx(1, "memcmp seemed const time %u/%u?", success, i);
}
return 0;
}