DH Unit Test
Introduction
The DH Unit Test needs to be rewritten so as to improve maintenance and to
eliminate crippling timing issues/race conditions. The development
approach selected is the tracer bullet method, which starts with a bare
bones implementation and builds around that.
Design
The basic design is to fork off a server which executes the true DH
Negotiator code in an endless loop, and to fork off simulated clients and
simulated aips to perform variations of the DH Exchange against the server
process.
This allows an extremely high degree of flexibility, as each test case can
be executed concurrently or sequentially with any other test case. This
should allow a true coverage of the code and hopefully trigger any
remaining race conditions in the code.
The 2 main issues for this are result handling and key verification. The
first has been de-emphasized for now, and can be rudimentarily
communicated via exit codes. The second has been resolved by overloading
the result handler in the server to send an encrypted buffer via UDP to
the port which the client connected from. Since the client will know what
the buffer should be (all 1s), it can decrypt and thusly either report
success or failure.
Proposed Tests
#1 Normal client/aip exchange
#2 Normal aip/aip exchange, initiator
#3 Normal aip/aip exchange, recipient
#4 Aip rejects initiation
#5 Two concurrent dh attempts - client
#6 Two concurrent dh attempts - aip
#7 Client aborts after initiation
#8 Aip aborts after initiation
#9 Exception after initiation
#10 Client aborts after sending
#11 Initiator AIP aborts after sending
#12 Recipient AIP aborts after receiving
#13 Exception after receiving
#14 Exception after sending
#15 Exception before key fetch
#16 Aip bad signature
#17 Aip sig key not found
#18 Aip sig key not in cache
Current Status
Architecture has been implemented, and basic tests work. I have
implemented 3 tests. The main bug seems to be some sort of issue caused by
aborted DH Exchanges.
Last modified: Mon Mar 12 21:00:14 EST 2001