1 /*
2 *
3 * Copyright 2018 gRPC authors.
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 */
18
19 #include <grpc/support/alloc.h>
20 #include <grpc/support/log.h>
21
22 #include "src/core/tsi/alts/frame_protector/alts_counter.h"
23 #include "test/core/tsi/alts/crypt/gsec_test_util.h"
24
25 const size_t kSmallCounterSize = 4;
26 const size_t kSmallOverflowSize = 1;
27 const size_t kGcmCounterSize = 12;
28 const size_t kGcmOverflowSize = 5;
29
do_bytes_represent_client(alts_counter * ctr,unsigned char * counter,size_t size)30 static bool do_bytes_represent_client(alts_counter* ctr, unsigned char* counter,
31 size_t size) {
32 return (ctr->counter[size - 1] & 0x80) == 0x80;
33 }
34
alts_counter_test_input_sanity_check(size_t counter_size,size_t overflow_size)35 static void alts_counter_test_input_sanity_check(size_t counter_size,
36 size_t overflow_size) {
37 alts_counter* ctr = nullptr;
38 char* error_details = nullptr;
39
40 /* Input sanity check on alts_counter_create(). */
41 /* Invalid counter size. */
42 grpc_status_code status =
43 alts_counter_create(true, 0, overflow_size, &ctr, &error_details);
44 GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
45 status, GRPC_STATUS_INVALID_ARGUMENT, error_details,
46 "counter_size is invalid."));
47 gpr_free(error_details);
48
49 /* Invalid overflow size. */
50 status = alts_counter_create(true, counter_size, 0, &ctr, &error_details);
51 GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
52 status, GRPC_STATUS_INVALID_ARGUMENT, error_details,
53 "overflow_size is invalid."));
54 gpr_free(error_details);
55
56 /* alts_counter is nullptr. */
57 status = alts_counter_create(true, counter_size, overflow_size, nullptr,
58 &error_details);
59 GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
60 status, GRPC_STATUS_INVALID_ARGUMENT, error_details,
61 "crypter_counter is nullptr."));
62 gpr_free(error_details);
63
64 status = alts_counter_create(true, counter_size, overflow_size, &ctr,
65 &error_details);
66 GPR_ASSERT(status == GRPC_STATUS_OK);
67
68 /* Input sanity check on alts_counter_increment(). */
69 /* crypter_counter is nullptr. */
70 bool is_overflow = false;
71 status = alts_counter_increment(nullptr, &is_overflow, &error_details);
72 GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
73 status, GRPC_STATUS_INVALID_ARGUMENT, error_details,
74 "crypter_counter is nullptr."));
75 gpr_free(error_details);
76 /* is_overflow is nullptr. */
77 status = alts_counter_increment(ctr, nullptr, &error_details);
78 GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
79 status, GRPC_STATUS_INVALID_ARGUMENT, error_details,
80 "is_overflow is nullptr."));
81 gpr_free(error_details);
82 alts_counter_destroy(ctr);
83 }
84
alts_counter_test_overflow_full_range(bool is_client,size_t counter_size,size_t overflow_size)85 static void alts_counter_test_overflow_full_range(bool is_client,
86 size_t counter_size,
87 size_t overflow_size) {
88 alts_counter* ctr = nullptr;
89 char* error_details = nullptr;
90 grpc_status_code status = alts_counter_create(
91 is_client, counter_size, overflow_size, &ctr, &error_details);
92 GPR_ASSERT(status == GRPC_STATUS_OK);
93 unsigned char* expected =
94 static_cast<unsigned char*>(gpr_zalloc(counter_size));
95 if (is_client) {
96 expected[counter_size - 1] = 0x80;
97 }
98 /* Do a single iteration to ensure the counter is initialized as expected. */
99 GPR_ASSERT(do_bytes_represent_client(ctr, alts_counter_get_counter(ctr),
100 counter_size) == is_client);
101 GPR_ASSERT(memcmp(alts_counter_get_counter(ctr), expected, counter_size) ==
102 0);
103 bool is_overflow = false;
104 GPR_ASSERT(alts_counter_increment(ctr, &is_overflow, &error_details) ==
105 GRPC_STATUS_OK);
106 GPR_ASSERT(!is_overflow);
107 /**
108 * The counter can return 2^{overflow_size * 8} counters. The
109 * high-order bit is fixed to the client/server. The last call will yield a
110 * useable counter, but overflow the counter object.
111 */
112 int iterations = 1 << (overflow_size * 8);
113 int ind = 1;
114 for (ind = 1; ind < iterations - 1; ind++) {
115 GPR_ASSERT(do_bytes_represent_client(ctr, alts_counter_get_counter(ctr),
116 counter_size) == is_client);
117 GPR_ASSERT(alts_counter_increment(ctr, &is_overflow, &error_details) ==
118 GRPC_STATUS_OK);
119 GPR_ASSERT(!is_overflow);
120 }
121 GPR_ASSERT(do_bytes_represent_client(ctr, alts_counter_get_counter(ctr),
122 counter_size) == is_client);
123 GPR_ASSERT(alts_counter_increment(ctr, &is_overflow, &error_details) ==
124 GRPC_STATUS_FAILED_PRECONDITION);
125 GPR_ASSERT(is_overflow);
126 gpr_free(expected);
127 alts_counter_destroy(ctr);
128 }
129
130 /* Set the counter manually and make sure it overflows as expected. */
alts_counter_test_overflow_single_increment(bool is_client,size_t counter_size,size_t overflow_size)131 static void alts_counter_test_overflow_single_increment(bool is_client,
132 size_t counter_size,
133 size_t overflow_size) {
134 alts_counter* ctr = nullptr;
135 char* error_details = nullptr;
136 grpc_status_code status = alts_counter_create(
137 is_client, counter_size, overflow_size, &ctr, &error_details);
138 GPR_ASSERT(status == GRPC_STATUS_OK);
139 unsigned char* expected =
140 static_cast<unsigned char*>(gpr_zalloc(counter_size));
141 memset(expected, 0xFF, overflow_size);
142 expected[0] = 0xFE;
143
144 if (is_client) {
145 expected[counter_size - 1] = 0x80;
146 }
147 memcpy(ctr->counter, expected, counter_size);
148 GPR_ASSERT(do_bytes_represent_client(ctr, alts_counter_get_counter(ctr),
149 counter_size) == is_client);
150 GPR_ASSERT(memcmp(expected, alts_counter_get_counter(ctr), counter_size) ==
151 0);
152 bool is_overflow = false;
153 GPR_ASSERT(alts_counter_increment(ctr, &is_overflow, &error_details) ==
154 GRPC_STATUS_OK);
155 GPR_ASSERT(!is_overflow);
156 GPR_ASSERT(do_bytes_represent_client(ctr, alts_counter_get_counter(ctr),
157 counter_size) == is_client);
158 expected[0] = static_cast<unsigned char>(expected[0] + 1);
159 GPR_ASSERT(memcmp(expected, alts_counter_get_counter(ctr), counter_size) ==
160 0);
161 GPR_ASSERT(alts_counter_increment(ctr, &is_overflow, &error_details) ==
162 GRPC_STATUS_FAILED_PRECONDITION);
163 GPR_ASSERT(is_overflow);
164 gpr_free(expected);
165 alts_counter_destroy(ctr);
166 }
167
main(int argc,char ** argv)168 int main(int argc, char** argv) {
169 alts_counter_test_input_sanity_check(kGcmCounterSize, kGcmOverflowSize);
170 alts_counter_test_overflow_full_range(true, kSmallCounterSize,
171 kSmallOverflowSize);
172 alts_counter_test_overflow_full_range(false, kSmallCounterSize,
173 kSmallOverflowSize);
174 alts_counter_test_overflow_single_increment(true, kGcmCounterSize,
175 kGcmOverflowSize);
176 alts_counter_test_overflow_single_increment(false, kGcmCounterSize,
177 kGcmOverflowSize);
178
179 return 0;
180 }
181