diff --git a/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp b/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp index dea8db3c..4925fb91 100644 --- a/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp +++ b/libwvdrmengine/oemcrypto/test/oemcrypto_test.cpp @@ -1699,18 +1699,18 @@ TEST_F(OEMCryptoClientTest, PreventNonceFlood) { uint32_t nonce; time_t test_start = time(NULL); // More than 20 nonces per second should generate an error. - // To allow for some slop, we actually test for more than 40. - for (int i = 0; i < 60; i++) { + // To allow for some slop, we actually test for more. + const int kFloodCount = 80; + for (int i = 0; i < kFloodCount; i++) { s.GenerateNonce(&nonce, &error_counter); } time_t test_end = time(NULL); - // Either there should be a two second delay, or there should have been - // at least 20 errors. - if (20 > error_counter) { - EXPECT_LE(2, test_end - test_start); - } else { - EXPECT_LE(20, error_counter); - } + int valid_counter = kFloodCount - error_counter; + // Either oemcrypto should enforce a delay, or it should return an error from + // GenerateNonce -- in either case the number of valid nonces is rate + // limited. We add two seconds to allow for round off error in both + // test_start and test_end. + EXPECT_LE(valid_counter, 20 * (test_end - test_start + 2)); error_counter = 0; sleep(2); // After a pause, we should be able to regenerate nonces. s.GenerateNonce(&nonce, &error_counter); @@ -1723,21 +1723,21 @@ TEST_F(OEMCryptoClientTest, PreventNonceFlood2) { uint32_t nonce; time_t test_start = time(NULL); // More than 20 nonces per second should generate an error. - // To allow for some slop, we actually test for more than 40. - for (int i = 0; i < 60; i++) { + // To allow for some slop, we actually test for more. + const int kFloodCount = 80; + for (int i = 0; i < kFloodCount; i++) { Session s; s.open(); EXPECT_TRUE(s.isOpen()); s.GenerateNonce(&nonce, &error_counter); } time_t test_end = time(NULL); - // Either there should be a two second delay, or there should have been - // at least 20 errors. - if (20 > error_counter) { - EXPECT_LE(2, test_end - test_start); - } else { - EXPECT_LE(20, error_counter); - } + int valid_counter = kFloodCount - error_counter; + // Either oemcrypto should enforce a delay, or it should return an error from + // GenerateNonce -- in either case the number of valid nonces is rate + // limited. We add two seconds to allow for round off error in both + // test_start and test_end. + EXPECT_LE(valid_counter, 20 * (test_end - test_start + 2)); error_counter = 0; sleep(2); // After a pause, we should be able to regenerate nonces. Session s; @@ -1751,27 +1751,28 @@ TEST_F(OEMCryptoClientTest, PreventNonceFlood2) { // the same time. We want to make sure you can't get a flood of nonces by // opening a flood of sessions. TEST_F(OEMCryptoClientTest, PreventNonceFlood3) { + int request_counter = 0; int error_counter = 0; uint32_t nonce; time_t test_start = time(NULL); // More than 20 nonces per second should generate an error. - // To allow for some slop, we actually test for more than 40. - Session s[6]; - for (int i = 0; i < 6; i++) { + // To allow for some slop, we actually test for more. + Session s[8]; + for (int i = 0; i < 8; i++) { s[i].open(); EXPECT_TRUE(s[i].isOpen()); for (int j = 0; j < 10; j++) { + request_counter++; s[i].GenerateNonce(&nonce, &error_counter); } } time_t test_end = time(NULL); - // Either there should be a two second delay, or there should have been - // at least 20 errors. - if (20 > error_counter) { - EXPECT_LE(2, test_end - test_start); - } else { - EXPECT_LE(20, error_counter); - } + int valid_counter = request_counter - error_counter; + // Either oemcrypto should enforce a delay, or it should return an error from + // GenerateNonce -- in either case the number of valid nonces is rate + // limited. We add two seconds to allow for round off error in both + // test_start and test_end. + EXPECT_LE(valid_counter, 20 * (test_end - test_start + 2)); error_counter = 0; sleep(2); // After a pause, we should be able to regenerate nonces. Session s7;