summaryrefslogtreecommitdiff
path: root/src/test/test_sandbox.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/test/test_sandbox.c')
-rw-r--r--src/test/test_sandbox.c56
1 files changed, 56 insertions, 0 deletions
diff --git a/src/test/test_sandbox.c b/src/test/test_sandbox.c
index 7ec08a3546..64182ecc91 100644
--- a/src/test/test_sandbox.c
+++ b/src/test/test_sandbox.c
@@ -12,6 +12,8 @@
#include "orconfig.h"
#include "lib/sandbox/sandbox.h"
+#include "lib/crypt_ops/crypto_rand.h"
+#include "ext/equix/include/equix.h"
#ifdef USE_LIBSECCOMP
@@ -292,6 +294,58 @@ test_sandbox_stat_filename(void *arg)
(void)0;
}
+/** This is a simplified subset of test_crypto_equix(), running one solve
+ * and one verify from inside the sandbox. The sandbox restricts mprotect, and
+ * hashx will experience a failure at runtime which this test case exercises.
+ * The result of the solve and verify should both still be correct, since we
+ * expect it to cleanly fall back on an interpreted implementation which has
+ * no operating system dependencies. */
+static void
+test_sandbox_crypto_equix(void *arg)
+{
+ (void)arg;
+
+ const char *challenge_literal = "abce";
+ const size_t challenge_len = strlen(challenge_literal);
+ const size_t num_sols = 4;
+ static const equix_solution sols_expected[EQUIX_MAX_SOLS] = {
+ {{ 0x4fca, 0x72eb, 0x101f, 0xafab, 0x1add, 0x2d71, 0x75a3, 0xc978 }},
+ {{ 0x17f1, 0x7aa6, 0x23e3, 0xab00, 0x7e2f, 0x917e, 0x16da, 0xda9e }},
+ {{ 0x70ee, 0x7757, 0x8a54, 0xbd2b, 0x90e4, 0xe31e, 0x2085, 0xe47e }},
+ {{ 0x62c5, 0x86d1, 0x5752, 0xe1f0, 0x12da, 0x8f33, 0x7336, 0xf161 }},
+ };
+
+ equix_solutions_buffer output;
+ equix_ctx *solve_ctx = NULL, *verify_ctx = NULL;
+
+ solve_ctx = equix_alloc(EQUIX_CTX_SOLVE | EQUIX_CTX_TRY_COMPILE);
+ tt_ptr_op(solve_ctx, OP_NE, NULL);
+
+ equix_result result;
+ memset(&output, 0xEE, sizeof output);
+ result = equix_solve(solve_ctx, challenge_literal, challenge_len, &output);
+ tt_int_op(result, OP_EQ, EQUIX_OK);
+ tt_int_op(output.count, OP_EQ, num_sols);
+ tt_int_op(output.flags, OP_EQ, 0); /* EQUIX_SOLVER_DID_USE_COMPILER unset */
+ tt_mem_op(output.sols, OP_EQ, sols_expected,
+ num_sols * sizeof(equix_solution));
+
+ verify_ctx = equix_alloc(EQUIX_CTX_VERIFY | EQUIX_CTX_TRY_COMPILE);
+ tt_ptr_op(verify_ctx, OP_NE, NULL);
+
+ /* Test one of the solutions randomly */
+ const unsigned sol_i = crypto_rand_int(num_sols);
+ equix_solution *sol = &output.sols[sol_i];
+
+ result = equix_verify(verify_ctx, challenge_literal,
+ challenge_len, sol);
+ tt_int_op(EQUIX_OK, OP_EQ, result);
+
+ done:
+ equix_free(solve_ctx);
+ equix_free(verify_ctx);
+}
+
#define SANDBOX_TEST_SKIPPED(name) \
{ #name, test_sandbox_ ## name, TT_SKIP, NULL, NULL }
@@ -343,6 +397,8 @@ struct testcase_t sandbox_tests[] = {
#else
SANDBOX_TEST_SKIPPED(stat_filename),
#endif
+
+ SANDBOX_TEST_IN_SANDBOX(crypto_equix),
END_OF_TESTCASES
};
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion