1 /*
2  *
3  * Copyright 2018 gRPC authors.
4  *
5  * Licensed under the Apache License, Version 2.0 (the "License");
6  * you may not use this file except in compliance with the License.
7  * You may obtain a copy of the License at
8  *
9  *     http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in writing, software
12  * distributed under the License is distributed on an "AS IS" BASIS,
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  * See the License for the specific language governing permissions and
15  * limitations under the License.
16  *
17  */
18 
19 #include <grpc/support/alloc.h>
20 #include <grpc/support/log.h>
21 
22 #include "src/core/tsi/alts/frame_protector/alts_counter.h"
23 #include "test/core/tsi/alts/crypt/gsec_test_util.h"
24 
25 const size_t kSmallCounterSize = 4;
26 const size_t kSmallOverflowSize = 1;
27 const size_t kGcmCounterSize = 12;
28 const size_t kGcmOverflowSize = 5;
29 
do_bytes_represent_client(alts_counter * ctr,unsigned char * counter,size_t size)30 static bool do_bytes_represent_client(alts_counter* ctr, unsigned char* counter,
31                                       size_t size) {
32   return (ctr->counter[size - 1] & 0x80) == 0x80;
33 }
34 
alts_counter_test_input_sanity_check(size_t counter_size,size_t overflow_size)35 static void alts_counter_test_input_sanity_check(size_t counter_size,
36                                                  size_t overflow_size) {
37   alts_counter* ctr = nullptr;
38   char* error_details = nullptr;
39 
40   /* Input sanity check on alts_counter_create(). */
41   /* Invalid counter size. */
42   grpc_status_code status =
43       alts_counter_create(true, 0, overflow_size, &ctr, &error_details);
44   GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
45       status, GRPC_STATUS_INVALID_ARGUMENT, error_details,
46       "counter_size is invalid."));
47   gpr_free(error_details);
48 
49   /* Invalid overflow size. */
50   status = alts_counter_create(true, counter_size, 0, &ctr, &error_details);
51   GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
52       status, GRPC_STATUS_INVALID_ARGUMENT, error_details,
53       "overflow_size is invalid."));
54   gpr_free(error_details);
55 
56   /* alts_counter is nullptr. */
57   status = alts_counter_create(true, counter_size, overflow_size, nullptr,
58                                &error_details);
59   GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
60       status, GRPC_STATUS_INVALID_ARGUMENT, error_details,
61       "crypter_counter is nullptr."));
62   gpr_free(error_details);
63 
64   status = alts_counter_create(true, counter_size, overflow_size, &ctr,
65                                &error_details);
66   GPR_ASSERT(status == GRPC_STATUS_OK);
67 
68   /* Input sanity check on alts_counter_increment(). */
69   /* crypter_counter is nullptr. */
70   bool is_overflow = false;
71   status = alts_counter_increment(nullptr, &is_overflow, &error_details);
72   GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
73       status, GRPC_STATUS_INVALID_ARGUMENT, error_details,
74       "crypter_counter is nullptr."));
75   gpr_free(error_details);
76   /* is_overflow is nullptr. */
77   status = alts_counter_increment(ctr, nullptr, &error_details);
78   GPR_ASSERT(gsec_test_expect_compare_code_and_substr(
79       status, GRPC_STATUS_INVALID_ARGUMENT, error_details,
80       "is_overflow is nullptr."));
81   gpr_free(error_details);
82   alts_counter_destroy(ctr);
83 }
84 
alts_counter_test_overflow_full_range(bool is_client,size_t counter_size,size_t overflow_size)85 static void alts_counter_test_overflow_full_range(bool is_client,
86                                                   size_t counter_size,
87                                                   size_t overflow_size) {
88   alts_counter* ctr = nullptr;
89   char* error_details = nullptr;
90   grpc_status_code status = alts_counter_create(
91       is_client, counter_size, overflow_size, &ctr, &error_details);
92   GPR_ASSERT(status == GRPC_STATUS_OK);
93   unsigned char* expected =
94       static_cast<unsigned char*>(gpr_zalloc(counter_size));
95   if (is_client) {
96     expected[counter_size - 1] = 0x80;
97   }
98   /* Do a single iteration to ensure the counter is initialized as expected. */
99   GPR_ASSERT(do_bytes_represent_client(ctr, alts_counter_get_counter(ctr),
100                                        counter_size) == is_client);
101   GPR_ASSERT(memcmp(alts_counter_get_counter(ctr), expected, counter_size) ==
102              0);
103   bool is_overflow = false;
104   GPR_ASSERT(alts_counter_increment(ctr, &is_overflow, &error_details) ==
105              GRPC_STATUS_OK);
106   GPR_ASSERT(!is_overflow);
107   /**
108    * The counter can return 2^{overflow_size * 8} counters. The
109    * high-order bit is fixed to the client/server. The last call will yield a
110    * useable counter, but overflow the counter object.
111    */
112   int iterations = 1 << (overflow_size * 8);
113   int ind = 1;
114   for (ind = 1; ind < iterations - 1; ind++) {
115     GPR_ASSERT(do_bytes_represent_client(ctr, alts_counter_get_counter(ctr),
116                                          counter_size) == is_client);
117     GPR_ASSERT(alts_counter_increment(ctr, &is_overflow, &error_details) ==
118                GRPC_STATUS_OK);
119     GPR_ASSERT(!is_overflow);
120   }
121   GPR_ASSERT(do_bytes_represent_client(ctr, alts_counter_get_counter(ctr),
122                                        counter_size) == is_client);
123   GPR_ASSERT(alts_counter_increment(ctr, &is_overflow, &error_details) ==
124              GRPC_STATUS_FAILED_PRECONDITION);
125   GPR_ASSERT(is_overflow);
126   gpr_free(expected);
127   alts_counter_destroy(ctr);
128 }
129 
130 /* Set the counter manually and make sure it overflows as expected. */
alts_counter_test_overflow_single_increment(bool is_client,size_t counter_size,size_t overflow_size)131 static void alts_counter_test_overflow_single_increment(bool is_client,
132                                                         size_t counter_size,
133                                                         size_t overflow_size) {
134   alts_counter* ctr = nullptr;
135   char* error_details = nullptr;
136   grpc_status_code status = alts_counter_create(
137       is_client, counter_size, overflow_size, &ctr, &error_details);
138   GPR_ASSERT(status == GRPC_STATUS_OK);
139   unsigned char* expected =
140       static_cast<unsigned char*>(gpr_zalloc(counter_size));
141   memset(expected, 0xFF, overflow_size);
142   expected[0] = 0xFE;
143 
144   if (is_client) {
145     expected[counter_size - 1] = 0x80;
146   }
147   memcpy(ctr->counter, expected, counter_size);
148   GPR_ASSERT(do_bytes_represent_client(ctr, alts_counter_get_counter(ctr),
149                                        counter_size) == is_client);
150   GPR_ASSERT(memcmp(expected, alts_counter_get_counter(ctr), counter_size) ==
151              0);
152   bool is_overflow = false;
153   GPR_ASSERT(alts_counter_increment(ctr, &is_overflow, &error_details) ==
154              GRPC_STATUS_OK);
155   GPR_ASSERT(!is_overflow);
156   GPR_ASSERT(do_bytes_represent_client(ctr, alts_counter_get_counter(ctr),
157                                        counter_size) == is_client);
158   expected[0] = static_cast<unsigned char>(expected[0] + 1);
159   GPR_ASSERT(memcmp(expected, alts_counter_get_counter(ctr), counter_size) ==
160              0);
161   GPR_ASSERT(alts_counter_increment(ctr, &is_overflow, &error_details) ==
162              GRPC_STATUS_FAILED_PRECONDITION);
163   GPR_ASSERT(is_overflow);
164   gpr_free(expected);
165   alts_counter_destroy(ctr);
166 }
167 
main(int argc,char ** argv)168 int main(int argc, char** argv) {
169   alts_counter_test_input_sanity_check(kGcmCounterSize, kGcmOverflowSize);
170   alts_counter_test_overflow_full_range(true, kSmallCounterSize,
171                                         kSmallOverflowSize);
172   alts_counter_test_overflow_full_range(false, kSmallCounterSize,
173                                         kSmallOverflowSize);
174   alts_counter_test_overflow_single_increment(true, kGcmCounterSize,
175                                               kGcmOverflowSize);
176   alts_counter_test_overflow_single_increment(false, kGcmCounterSize,
177                                               kGcmOverflowSize);
178 
179   return 0;
180 }
181