Record enc/dec tests: Don't take turns in sending / receiving roles

Part of the record encryption/decryption tests is to gradually
increase the space available at the front and/or at the back of
a record and observe when encryption starts to succeed. If exactly
one of the two parameters is varied at a time, the expectation is
that encryption will continue to succeed once it has started
succeeding (that's not true if both pre- and post-space are varied
at the same time).

Moreover, previously the test would take turns when choosing which
transform should be used for encryption, and which for decryption.

With the introduction of the CID feaature, this switching of transforms
doesn't align with the expectation of eventual success of the encryption,
since the overhead of encryption might be different for the parties,
because both parties may use different CIDs for their outgoing records.

This commit modifies the tests to not take turns between transforms,
but to always use the same transforms for encryption and decryption
during a single round of the test.
This commit is contained in:
Hanno Becker 2019-04-29 17:24:44 +01:00
parent e83efe6d79
commit 36fb379f68

View File

@ -450,17 +450,8 @@ void ssl_crypt_record_small( int cipher_type, int hash_id,
for( offset=0; offset <= threshold; offset++ ) for( offset=0; offset <= threshold; offset++ )
{ {
mbedtls_ssl_transform *t_dec, *t_enc; mbedtls_ssl_transform *t_dec, *t_enc;
/* Take turns in who's sending and who's receiving. */
if( offset % 2 == 0 )
{
t_dec = &t0; t_dec = &t0;
t_enc = &t1; t_enc = &t1;
}
else
{
t_dec = &t1;
t_enc = &t0;
}
memset( rec.ctr, offset, sizeof( rec.ctr ) ); memset( rec.ctr, offset, sizeof( rec.ctr ) );
rec.type = 42; rec.type = 42;