commit 2e16f6ba819f275a76536ee1789fa8d37da2f486
author David Benjamin <davidben@google.com> Tue Mar 27 12:10:01 2018 -0400
committer CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Tue Mar 27 16:22:47 2018 +0000
tree dd36c3196d4dd50cf7e93545bf069679064ca337
parent 2a19a17ca754a178c74ce5736adaf30f3ca6465b

Add a test for CRYPTO_memcmp.

This test is written in honor of CVE-2018-0733.

Change-Id: I8a41f917b08496870037f745f19bdcdb65b3d623
Reviewed-on: https://boringssl-review.googlesource.com/26845
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

crypto/constant_time_test.cc

diff --git a/crypto/constant_time_test.cc b/crypto/constant_time_test.cc
index 3cb5866..59a7bb1 100644
--- a/crypto/constant_time_test.cc
+++ b/crypto/constant_time_test.cc
@@ -53,6 +53,9 @@
 
 #include <gtest/gtest.h>
 
+#include <openssl/mem.h>
+#include <openssl/rand.h>
+
 
 static uint8_t FromBool8(bool b) {
   return b ? CONSTTIME_TRUE_8 : CONSTTIME_FALSE_8;
@@ -134,3 +137,19 @@
     }
   }
 }
+
+TEST(ConstantTimeTest, MemCmp) {
+  uint8_t buf[256], copy[256];
+  RAND_bytes(buf, sizeof(buf));
+
+  OPENSSL_memcpy(copy, buf, sizeof(buf));
+  EXPECT_EQ(0, CRYPTO_memcmp(buf, copy, sizeof(buf)));
+
+  for (size_t i = 0; i < sizeof(buf); i++) {
+    for (uint8_t bit = 1; bit != 0; bit <<= 1) {
+      OPENSSL_memcpy(copy, buf, sizeof(buf));
+      copy[i] ^= bit;
+      EXPECT_NE(0, CRYPTO_memcmp(buf, copy, sizeof(buf)));
+    }
+  }
+}