DH Unit Test



Introduction
    The DH Unit Test needs to be rewritten so as to improve maintenance and to
    eliminate crippling timing issues/race conditions.  The development
    approach selected is the tracer bullet method, which starts with a bare
    bones implementation and builds around that.

    

Design
    The basic design is to fork off a server which executes the true DH
    Negotiator code in an endless loop, and to fork off simulated clients and
    simulated aips to perform variations of the DH Exchange against the server
    process.

    This allows an extremely high degree of flexibility, as each test case can
    be executed concurrently or sequentially with any other test case.  This
    should allow a true coverage of the code and hopefully trigger any
    remaining race conditions in the code.

    The 2 main issues for this are result handling and key verification.  The
    first has been de-emphasized for now, and can be rudimentarily
    communicated via exit codes.  The second has been resolved by overloading
    the result handler in the server to send an encrypted buffer via UDP to
    the port which the client connected from.  Since the client will know what
    the buffer should be (all 1s), it can decrypt and thusly either report
    success or failure.

    

Proposed Tests
#1	Normal client/aip exchange
#2	Normal aip/aip exchange, initiator
#3	Normal aip/aip exchange, recipient
#4	Aip rejects initiation
#5	Two concurrent dh attempts - client
#6	Two concurrent dh attempts - aip
#7	Client aborts after initiation
#8	Aip aborts after initiation
#9	Exception after initiation
#10	Client aborts after sending
#11	Initiator AIP aborts after sending
#12	Recipient AIP aborts after receiving
#13	Exception after receiving
#14	Exception after sending
#15	Exception before key fetch
#16	Aip bad signature
#17	Aip sig key not found
#18	Aip sig key not in cache


    

Current Status
    Architecture has been implemented, and basic tests work.  I have
implemented 3 tests.  The main bug seems to be some sort of issue caused by
aborted DH Exchanges.
    

Last modified: Mon Mar 12 21:00:14 EST 2001