widevine-partner/android
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Simplify Nonce Flood Test

Browse Source 
Merge from widevine of http://go/wvgerrit/14134

This CL adjusts the nonce flood test so that the timing is more
explicit.  Also, if the test fails, the error message should tell us
exactly how many nonces were generated and the duration of the test.
Thus we'll be able to tell if the test almost passed.

b/19081206

Change-Id: I2c59755466b017910b86f6b02f2883a771d0ccb7
This commit is contained in:
Fred Gylys-Colwell
2015-04-20 11:38:59 -07:00
parent 96f5d1bef3
commit 39a86c688a
1 changed files with 29 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp
View File

@@ -1699,18 +1699,18 @@ TEST_F(OEMCryptoClientTest, PreventNonceFlood) {
uint32_t nonce;
time_t test_start = time(NULL);
// More than 20 nonces per second should generate an error.
// To allow for some slop, we actually test for more than 40.
for (int i = 0; i < 60; i++) {
// To allow for some slop, we actually test for more.
const int kFloodCount = 80;
for (int i = 0; i < kFloodCount; i++) {
s.GenerateNonce(&nonce, &error_counter);
}
time_t test_end = time(NULL);
// Either there should be a two second delay, or there should have been
// at least 20 errors.
if (20 > error_counter) {
EXPECT_LE(2, test_end - test_start);
} else {
EXPECT_LE(20, error_counter);
}
int valid_counter = kFloodCount - error_counter;
// Either oemcrypto should enforce a delay, or it should return an error from
// GenerateNonce -- in either case the number of valid nonces is rate
// limited. We add two seconds to allow for round off error in both
// test_start and test_end.
EXPECT_LE(valid_counter, 20 * (test_end - test_start + 2));
error_counter = 0;
sleep(2); // After a pause, we should be able to regenerate nonces.
s.GenerateNonce(&nonce, &error_counter);
@@ -1723,21 +1723,21 @@ TEST_F(OEMCryptoClientTest, PreventNonceFlood2) {
uint32_t nonce;
time_t test_start = time(NULL);
// More than 20 nonces per second should generate an error.
// To allow for some slop, we actually test for more than 40.
for (int i = 0; i < 60; i++) {
// To allow for some slop, we actually test for more.
const int kFloodCount = 80;
for (int i = 0; i < kFloodCount; i++) {
Session s;
s.open();
EXPECT_TRUE(s.isOpen());
s.GenerateNonce(&nonce, &error_counter);
}
time_t test_end = time(NULL);
// Either there should be a two second delay, or there should have been
// at least 20 errors.
if (20 > error_counter) {
EXPECT_LE(2, test_end - test_start);
} else {
EXPECT_LE(20, error_counter);
}
int valid_counter = kFloodCount - error_counter;
// Either oemcrypto should enforce a delay, or it should return an error from
// GenerateNonce -- in either case the number of valid nonces is rate
// limited. We add two seconds to allow for round off error in both
// test_start and test_end.
EXPECT_LE(valid_counter, 20 * (test_end - test_start + 2));
error_counter = 0;
sleep(2); // After a pause, we should be able to regenerate nonces.
Session s;
@@ -1751,27 +1751,28 @@ TEST_F(OEMCryptoClientTest, PreventNonceFlood2) {
// the same time. We want to make sure you can't get a flood of nonces by
// opening a flood of sessions.
TEST_F(OEMCryptoClientTest, PreventNonceFlood3) {
int request_counter = 0;
int error_counter = 0;
uint32_t nonce;
time_t test_start = time(NULL);
// More than 20 nonces per second should generate an error.
// To allow for some slop, we actually test for more than 40.
Session s[6];
for (int i = 0; i < 6; i++) {
// To allow for some slop, we actually test for more.
Session s[8];
for (int i = 0; i < 8; i++) {
s[i].open();
EXPECT_TRUE(s[i].isOpen());
for (int j = 0; j < 10; j++) {
request_counter++;
s[i].GenerateNonce(&nonce, &error_counter);
}
}
time_t test_end = time(NULL);
// Either there should be a two second delay, or there should have been
// at least 20 errors.
if (20 > error_counter) {
EXPECT_LE(2, test_end - test_start);
} else {
EXPECT_LE(20, error_counter);
}
int valid_counter = request_counter - error_counter;
// Either oemcrypto should enforce a delay, or it should return an error from
// GenerateNonce -- in either case the number of valid nonces is rate
// limited. We add two seconds to allow for round off error in both
// test_start and test_end.
EXPECT_LE(valid_counter, 20 * (test_end - test_start + 2));
error_counter = 0;
sleep(2); // After a pause, we should be able to regenerate nonces.
Session s7;