summaryrefslogtreecommitdiff
path: root/src/test/test.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/test/test.c')
-rw-r--r--src/test/test.c21
1 files changed, 18 insertions, 3 deletions
diff --git a/src/test/test.c b/src/test/test.c
index 3a1054decf..2f18346660 100644
--- a/src/test/test.c
+++ b/src/test/test.c
@@ -178,20 +178,26 @@ test_bad_onion_handshake(void *arg)
s_buf, s_keys, 40));
/* Client: Case 1: The server sent back junk. */
+ const char *msg = NULL;
s_buf[64] ^= 33;
tt_int_op(-1, OP_EQ,
- onion_skin_TAP_client_handshake(c_dh, s_buf, c_keys, 40, NULL));
+ onion_skin_TAP_client_handshake(c_dh, s_buf, c_keys, 40, &msg));
s_buf[64] ^= 33;
+ tt_str_op(msg, OP_EQ, "Digest DOES NOT MATCH on onion handshake. "
+ "Bug or attack.");
/* Let the client finish; make sure it can. */
+ msg = NULL;
tt_int_op(0, OP_EQ,
- onion_skin_TAP_client_handshake(c_dh, s_buf, c_keys, 40, NULL));
+ onion_skin_TAP_client_handshake(c_dh, s_buf, c_keys, 40, &msg));
tt_mem_op(s_keys,OP_EQ, c_keys, 40);
+ tt_ptr_op(msg, OP_EQ, NULL);
/* Client: Case 2: The server sent back a degenerate DH. */
memset(s_buf, 0, sizeof(s_buf));
tt_int_op(-1, OP_EQ,
- onion_skin_TAP_client_handshake(c_dh, s_buf, c_keys, 40, NULL));
+ onion_skin_TAP_client_handshake(c_dh, s_buf, c_keys, 40, &msg));
+ tt_str_op(msg, OP_EQ, "DH computation failed.");
done:
crypto_dh_free(c_dh);
@@ -246,6 +252,15 @@ test_ntor_handshake(void *arg)
memset(s_buf, 0, 40);
tt_mem_op(c_keys,OP_NE, s_buf, 40);
+ /* Now try with a bogus server response. Zero input should trigger
+ * All The Problems. */
+ memset(c_keys, 0, 400);
+ memset(s_buf, 0, NTOR_REPLY_LEN);
+ const char *msg = NULL;
+ tt_int_op(-1, OP_EQ, onion_skin_ntor_client_handshake(c_state, s_buf,
+ c_keys, 400, &msg));
+ tt_str_op(msg, OP_EQ, "Zero output from curve25519 handshake");
+
done:
ntor_handshake_state_free(c_state);
dimap_free(s_keymap, NULL);