lukechilds
/
lightning
mirror of https://github.com/lukechilds/lightning.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

bitcoin/test: fix up constant time test for secret_eq. 

We check that memcmp *isn't* constant time, but that's only true under
-O2 or above: __OPTIMIZE__ doesn't distinguish.

So we need a finer-grained test.  Also reduce verbosity by default.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
htlc_accepted_hook
Rusty Russell 6 years ago
committed by neil saitug
parent
6b32b72dee
commit
664916e815
2 changed files with 17 additions and 13 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      bitcoin/test/Makefile
  2. 14
      bitcoin/test/run-secret_eq_consttime.c

2
bitcoin/test/Makefile
View File

@ -10,6 +10,8 @@ $(BITCOIN_TEST_OBJS): $(CCAN_HEADERS) $(BITCOIN_HEADERS) $(BITCOIN_SRC)
ALL_TEST_PROGRAMS += $(BITCOIN_TEST_PROGRAMS)
ALL_OBJS += $(BITCOIN_TEST_PROGRAMS:=.o)
# This needs to know what level of optimization we're using.
bitcoin/test/run-secret_eq_consttime.o: CFLAGS += -DCOPTFLAGS="\"${COPTFLAGS}\""
update-mocks: $(BITCOIN_TEST_SRC:%=update-mocks/%)
check: $(BITCOIN_TEST_PROGRAMS:%=unittest/%)

14
bitcoin/test/run-secret_eq_consttime.c
View File

@ -6,6 +6,7 @@
/* AUTOGENERATED MOCKS START */
/* AUTOGENERATED MOCKS END */
static bool verbose = false;
#define RUNS (256 * 10000)
static struct timerel const_time_test(struct secret *s1,
@ -82,9 +83,10 @@ static bool secret_time_test(struct timerel (*test)(struct secret *s1,
free(s1);
free(s2);
if (verbose)
printf("First byte %u psec vs last byte %u psec\n",
(int)time_to_nsec(time_divide(firstbyte_time, RUNS / 1000)),
(int)time_to_nsec(time_divide(lastbyte_time, RUNS / 1000)));
(int)time_to_nsec(time_divide(firstbyte_time, RUNS/1000)),
(int)time_to_nsec(time_divide(lastbyte_time, RUNS/1000)));
/* If they differ by more than 5%, get upset. */
if (time_less(firstbyte_time, lastbyte_time))
@ -120,17 +122,17 @@ int main(void)
if (success < i/2)
errx(1, "Only const time %u/%u?", success, i);
/* This, should show measurable differences at least 1/2 the time. */
/* This fails without -O2 or above, at least here (x86 Ubuntu gcc 7.3) */
if (strstr(COPTFLAGS, "-O2") || strstr(COPTFLAGS, "-O3")) {
/* Should show measurable differences at least 1/2 the time. */
success = 0;
for (i = 0; i < 10; i++)
success += secret_time_test(nonconst_time_test, false);
printf("=> More than 5%% slower %u/%u times\n", success, i);
/* This fails without -O2 or above, at least here (x86 Ubuntu gcc 7.3) */
#ifdef __OPTIMIZE__
if (success < i/2)
errx(1, "memcmp seemed const time %u/%u?", success, i);
#endif
}
return 0;
}

Write Preview
Loading…
Cancel
Save