• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * replay_driver.c
3  *
4  * A driver for the replay_database implementation
5  *
6  * David A. McGrew
7  * Cisco Systems, Inc.
8  */
9 
10 /*
11  *
12  * Copyright (c) 2001-2017, Cisco Systems, Inc.
13  * All rights reserved.
14  *
15  * Redistribution and use in source and binary forms, with or without
16  * modification, are permitted provided that the following conditions
17  * are met:
18  *
19  *   Redistributions of source code must retain the above copyright
20  *   notice, this list of conditions and the following disclaimer.
21  *
22  *   Redistributions in binary form must reproduce the above
23  *   copyright notice, this list of conditions and the following
24  *   disclaimer in the documentation and/or other materials provided
25  *   with the distribution.
26  *
27  *   Neither the name of the Cisco Systems, Inc. nor the names of its
28  *   contributors may be used to endorse or promote products derived
29  *   from this software without specific prior written permission.
30  *
31  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
32  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
33  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
34  * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
35  * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
36  * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
37  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
38  * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
39  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
40  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
41  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
42  * OF THE POSSIBILITY OF SUCH DAMAGE.
43  *
44  */
45 
46 #ifdef HAVE_CONFIG_H
47 #include <config.h>
48 #endif
49 
50 #include <stdio.h>
51 
52 #include "rdb.h"
53 #include "ut_sim.h"
54 
55 #include "cipher_priv.h"
56 
57 /*
58  * num_trials defines the number of trials that are used in the
59  * validation functions below
60  */
61 
62 unsigned num_trials = 1 << 16;
63 
64 srtp_err_status_t test_rdb_db(void);
65 
66 double rdb_check_adds_per_second(void);
67 
main(void)68 int main(void)
69 {
70     srtp_err_status_t err;
71 
72     printf("testing anti-replay database (srtp_rdb_t)...\n");
73     err = test_rdb_db();
74     if (err) {
75         printf("failed\n");
76         exit(1);
77     }
78     printf("done\n");
79 
80     printf("rdb_check/rdb_adds per second: %e\n", rdb_check_adds_per_second());
81 
82     return 0;
83 }
84 
print_rdb(srtp_rdb_t * rdb)85 void print_rdb(srtp_rdb_t *rdb)
86 {
87     printf("rdb: {%u, %s}\n", rdb->window_start,
88            v128_bit_string(&rdb->bitmask));
89 }
90 
rdb_check_add(srtp_rdb_t * rdb,uint32_t idx)91 srtp_err_status_t rdb_check_add(srtp_rdb_t *rdb, uint32_t idx)
92 {
93     if (srtp_rdb_check(rdb, idx) != srtp_err_status_ok) {
94         printf("rdb_check failed at index %u\n", idx);
95         return srtp_err_status_fail;
96     }
97     if (srtp_rdb_add_index(rdb, idx) != srtp_err_status_ok) {
98         printf("rdb_add_index failed at index %u\n", idx);
99         return srtp_err_status_fail;
100     }
101 
102     return srtp_err_status_ok;
103 }
104 
rdb_check_expect_failure(srtp_rdb_t * rdb,uint32_t idx)105 srtp_err_status_t rdb_check_expect_failure(srtp_rdb_t *rdb, uint32_t idx)
106 {
107     srtp_err_status_t err;
108 
109     err = srtp_rdb_check(rdb, idx);
110     if ((err != srtp_err_status_replay_old) &&
111         (err != srtp_err_status_replay_fail)) {
112         printf("rdb_check failed at index %u (false positive)\n", idx);
113         return srtp_err_status_fail;
114     }
115 
116     return srtp_err_status_ok;
117 }
118 
rdb_check_add_unordered(srtp_rdb_t * rdb,uint32_t idx)119 srtp_err_status_t rdb_check_add_unordered(srtp_rdb_t *rdb, uint32_t idx)
120 {
121     srtp_err_status_t rstat;
122 
123     /* printf("index: %u\n", idx); */
124     rstat = srtp_rdb_check(rdb, idx);
125     if ((rstat != srtp_err_status_ok) &&
126         (rstat != srtp_err_status_replay_old)) {
127         printf("rdb_check_add_unordered failed at index %u\n", idx);
128         return rstat;
129     }
130     if (rstat == srtp_err_status_replay_old) {
131         return srtp_err_status_ok;
132     }
133     if (srtp_rdb_add_index(rdb, idx) != srtp_err_status_ok) {
134         printf("rdb_add_index failed at index %u\n", idx);
135         return srtp_err_status_fail;
136     }
137 
138     return srtp_err_status_ok;
139 }
140 
test_rdb_db()141 srtp_err_status_t test_rdb_db()
142 {
143     srtp_rdb_t rdb;
144     uint32_t idx, ircvd;
145     ut_connection utc;
146     srtp_err_status_t err;
147 
148     if (srtp_rdb_init(&rdb) != srtp_err_status_ok) {
149         printf("rdb_init failed\n");
150         return srtp_err_status_init_fail;
151     }
152 
153     /* test sequential insertion */
154     for (idx = 0; idx < num_trials; idx++) {
155         err = rdb_check_add(&rdb, idx);
156         if (err)
157             return err;
158     }
159 
160     /* test for false positives */
161     for (idx = 0; idx < num_trials; idx++) {
162         err = rdb_check_expect_failure(&rdb, idx);
163         if (err)
164             return err;
165     }
166 
167     /* re-initialize */
168     if (srtp_rdb_init(&rdb) != srtp_err_status_ok) {
169         printf("rdb_init failed\n");
170         return srtp_err_status_fail;
171     }
172 
173     /* test non-sequential insertion */
174     ut_init(&utc);
175 
176     for (idx = 0; idx < num_trials; idx++) {
177         ircvd = ut_next_index(&utc);
178         err = rdb_check_add_unordered(&rdb, ircvd);
179         if (err)
180             return err;
181         err = rdb_check_expect_failure(&rdb, ircvd);
182         if (err)
183             return err;
184     }
185 
186     /* re-initialize */
187     if (srtp_rdb_init(&rdb) != srtp_err_status_ok) {
188         printf("rdb_init failed\n");
189         return srtp_err_status_fail;
190     }
191 
192     /* test insertion with large gaps */
193     for (idx = 0, ircvd = 0; idx < num_trials;
194          idx++, ircvd += (1 << (srtp_cipher_rand_u32_for_tests() % 10))) {
195         err = rdb_check_add(&rdb, ircvd);
196         if (err)
197             return err;
198         err = rdb_check_expect_failure(&rdb, ircvd);
199         if (err)
200             return err;
201     }
202 
203     /* re-initialize */
204     if (srtp_rdb_init(&rdb) != srtp_err_status_ok) {
205         printf("rdb_init failed\n");
206         return srtp_err_status_fail;
207     }
208 
209     /* test loss of first 513 packets */
210     for (idx = 0; idx < num_trials; idx++) {
211         err = rdb_check_add(&rdb, idx + 513);
212         if (err)
213             return err;
214     }
215 
216     /* test for false positives */
217     for (idx = 0; idx < num_trials + 513; idx++) {
218         err = rdb_check_expect_failure(&rdb, idx);
219         if (err)
220             return err;
221     }
222 
223     /* test for key expired */
224     if (srtp_rdb_init(&rdb) != srtp_err_status_ok) {
225         printf("rdb_init failed\n");
226         return srtp_err_status_fail;
227     }
228     rdb.window_start = 0x7ffffffe;
229     if (srtp_rdb_increment(&rdb) != srtp_err_status_ok) {
230         printf("srtp_rdb_increment of 0x7ffffffe failed\n");
231         return srtp_err_status_fail;
232     }
233     if (srtp_rdb_get_value(&rdb) != 0x7fffffff) {
234         printf("rdb valiue was not 0x7fffffff\n");
235         return srtp_err_status_fail;
236     }
237     if (srtp_rdb_increment(&rdb) != srtp_err_status_key_expired) {
238         printf("srtp_rdb_increment of 0x7fffffff did not return "
239                "srtp_err_status_key_expired\n");
240         return srtp_err_status_fail;
241     }
242     if (srtp_rdb_get_value(&rdb) != 0x7fffffff) {
243         printf("rdb valiue was not 0x7fffffff\n");
244         return srtp_err_status_fail;
245     }
246 
247     return srtp_err_status_ok;
248 }
249 
250 #include <time.h>   /* for clock()  */
251 #include <stdlib.h> /* for random() */
252 
253 #define REPLAY_NUM_TRIALS 10000000
254 
rdb_check_adds_per_second(void)255 double rdb_check_adds_per_second(void)
256 {
257     uint32_t i;
258     srtp_rdb_t rdb;
259     clock_t timer;
260     int failures = 0; /* count number of failures        */
261 
262     if (srtp_rdb_init(&rdb) != srtp_err_status_ok) {
263         printf("rdb_init failed\n");
264         exit(1);
265     }
266 
267     timer = clock();
268     for (i = 0; i < REPLAY_NUM_TRIALS; i += 3) {
269         if (srtp_rdb_check(&rdb, i + 2) != srtp_err_status_ok)
270             ++failures;
271         if (srtp_rdb_add_index(&rdb, i + 2) != srtp_err_status_ok)
272             ++failures;
273         if (srtp_rdb_check(&rdb, i + 1) != srtp_err_status_ok)
274             ++failures;
275         if (srtp_rdb_add_index(&rdb, i + 1) != srtp_err_status_ok)
276             ++failures;
277         if (srtp_rdb_check(&rdb, i) != srtp_err_status_ok)
278             ++failures;
279         if (srtp_rdb_add_index(&rdb, i) != srtp_err_status_ok)
280             ++failures;
281     }
282     timer = clock() - timer;
283 
284     return (double)CLOCKS_PER_SEC * REPLAY_NUM_TRIALS / timer;
285 }
286