tests: added unit test for _gnutls_record_overhead()

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

5 files changed, 110 insertions, 3 deletions

diff --git a/lib/algorithms.h b/lib/algorithms.h
index 7479a3f00c..ebdef8880f 100644
--- a/lib/algorithms.h
+++ b/lib/algorithms.h
@@ -189,7 +189,8 @@ _gnutls_cipher_suite_get_id(gnutls_kx_algorithm_t kx_algorithm,
 const gnutls_cipher_suite_entry_st *ciphersuite_to_entry(const uint8_t suite[2]);
 
 /* Functions for ciphers. */
-const cipher_entry_st *cipher_to_entry(gnutls_cipher_algorithm_t c);
+const cipher_entry_st *_gnutls_cipher_to_entry(gnutls_cipher_algorithm_t c);
+#define cipher_to_entry(x) _gnutls_cipher_to_entry(x)
 const cipher_entry_st *cipher_name_to_entry(const char *name);
 
 inline static cipher_type_t _gnutls_cipher_type(const cipher_entry_st * e)
diff --git a/lib/algorithms/ciphers.c b/lib/algorithms/ciphers.c
index 04d675acda..acfb3450a7 100644
--- a/lib/algorithms/ciphers.c
+++ b/lib/algorithms/ciphers.c
@@ -224,7 +224,7 @@ static const cipher_entry_st algorithms[] = {
 
 /* CIPHER functions */
 
-const cipher_entry_st *cipher_to_entry(gnutls_cipher_algorithm_t c)
+const cipher_entry_st *_gnutls_cipher_to_entry(gnutls_cipher_algorithm_t c)
 {
 	GNUTLS_CIPHER_LOOP(if (c == p->id) return p);
 
diff --git a/lib/libgnutls.map b/lib/libgnutls.map
index 9a65108feb..72764ebab1 100644
--- a/lib/libgnutls.map
+++ b/lib/libgnutls.map
@@ -1249,7 +1249,10 @@ GNUTLS_PRIVATE_3_4 {
 	_gnutls_mpi_ops;
 	_gnutls_mpi_log;
 	_gnutls_mpi_release;
+
 	# Internal symbols needed by tests/:
+	_gnutls_record_overhead;
+	_gnutls_cipher_to_entry;
 	_gnutls_pkcs11_token_get_url;
 	_gnutls_pkcs12_string_to_key;
 	_gnutls_bin2hex;
diff --git a/tests/Makefile.am b/tests/Makefile.am
index c389046eb2..95f7f8db96 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -169,8 +169,9 @@ endif
 if HAVE_CMOCKA
 CMOCKA_LDADD = $(COMMON_LDADD) $(CMOCKA_LIBS)
 ctests += dtls-sliding-window ip-utils name-constraints-ip conv-utf8 str-unicode str-idna \
-	tls10-prf tls12-prf
+	tls10-prf tls12-prf gnutls_record_overhead
 
+gnutls_record_overhead_LDADD = $(CMOCKA_LDADD)
 dtls_sliding_window_LDADD = $(CMOCKA_LDADD)
 ip_utils_LDADD = $(CMOCKA_LDADD)
 name_constraints_ip_LDADD = $(CMOCKA_LDADD)
@@ -180,6 +181,11 @@ str_idna_LDADD = $(CMOCKA_LDADD)
 tls10_prf_LDADD = $(CMOCKA_LDADD)
 tls12_prf_LDADD = $(CMOCKA_LDADD)
 
+gnutls_record_overhead_CPPFLAGS = $(AM_CPPFLAGS) \
+	-I$(top_srcdir)/gl	\
+	-I$(top_builddir)/gl	\
+	$(NETTLE_CFLAGS)
+
 endif
 
 mini_dtls_pthread_LDADD = $(LDADD) -lpthread
diff --git a/tests/gnutls_record_overhead.c b/tests/gnutls_record_overhead.c
new file mode 100644
index 0000000000..48fca72a28
--- /dev/null
+++ b/tests/gnutls_record_overhead.c
@@ -0,0 +1,97 @@
+/*
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * GnuTLS is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GnuTLS is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with GnuTLS.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+/* This is a unit test of _gnutls_record_overhead. */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/time.h>
+#include <errno.h>
+#include <stdint.h>
+#include <stddef.h>
+#include <setjmp.h>
+#include <cmocka.h>
+
+
+#include <gnutls/gnutls.h>
+#include "../lib/gnutls_int.h"
+
+#undef _gnutls_debug_log
+#undef gnutls_assert
+#undef gnutls_assert_val
+#define _gnutls_debug_log printf
+#define gnutls_assert()
+#define gnutls_assert_val(val) val
+
+#include "../lib/algorithms.h"
+
+
+int _gnutls_record_overhead(const cipher_entry_st * cipher,
+			    const mac_entry_st * mac,
+			    unsigned max);
+
+#define OVERHEAD(c, m) \
+	_gnutls_record_overhead(cipher_to_entry(c), mac_to_entry(m), \
+				0)
+
+#define MAX_OVERHEAD(c, m) \
+	_gnutls_record_overhead(cipher_to_entry(c), mac_to_entry(m), \
+				1)
+
+static void check_aes_gcm(void **glob_state)
+{
+	const unsigned ov = 16+8;
+	/* Under AES-GCM the overhead is constant */
+	assert_int_equal(OVERHEAD(GNUTLS_CIPHER_AES_128_GCM, GNUTLS_MAC_AEAD), ov);
+	assert_int_equal(MAX_OVERHEAD(GNUTLS_CIPHER_AES_128_GCM, GNUTLS_MAC_AEAD), ov);
+}
+
+static void check_aes_sha1_min(void **glob_state)
+{
+	const unsigned mac = 20;
+	const unsigned block = 16;
+	assert_int_equal(OVERHEAD(GNUTLS_CIPHER_AES_128_CBC, GNUTLS_MAC_SHA1), 1+mac+block);
+}
+
+static void check_aes_sha1_max(void **glob_state)
+{
+	const unsigned mac = 20;
+	const unsigned block = 16;
+
+	assert_int_equal(MAX_OVERHEAD(GNUTLS_CIPHER_AES_128_CBC, GNUTLS_MAC_SHA1), block+mac+block);
+}
+
+int main(void)
+{
+	const struct CMUnitTest tests[] = {
+		cmocka_unit_test(check_aes_gcm),
+		cmocka_unit_test(check_aes_sha1_min),
+		cmocka_unit_test(check_aes_sha1_max)
+	};
+	return cmocka_run_group_tests(tests, NULL, NULL);
+}