diff options
author | Yusuke Endoh <mame@ruby-lang.org> | 2020-02-16 19:55:19 +0900 |
---|---|---|
committer | Yusuke Endoh <mame@ruby-lang.org> | 2020-02-16 19:55:19 +0900 |
commit | 01138f5853a16068fb5a45ea39d3fc35fe664cb7 (patch) | |
tree | 832f7eaa20155f4507a4dc8ccbc182a4ed5a024b /test/openssl | |
parent | 0b55f8a14f28b070177ee0ddcd76edb46af9a395 (diff) |
Make OpenSSL::OSSL#test_memcmp_timing robust
The test was too fragile. Actually, it fails on one of our CIs
immediately after it was merged to ruby/ruby.
https://gist.github.com/ko1/7ea4a5826641f79e2f9e041d83e45dba#file-brlog-trunk_clang_40-20200216-101730-L532-L535
https://gist.github.com/ko1/1c657746092b871359d8bf9e0ad28921#file-brlog-trunk-test4-20200216-104518-L473-L476
* Two measurements, a-b and a-c, must be interative instead of
sequential; the execution time will be easily affected by disturbance
(say, cron job or some external process invoked during measurement)
* The comparison of the two results must be relative instead of
absolute; slow machine may take several tens of seconds for each
execution, and one delta second is too small. The test cases of a, b,
and c are very extreme, so if the target method has a bug, the two
execution times would be very different. So I think it is enough to
check if the difference is less than 10 times.
This change is the same as https://github.com/ruby/openssl/pull/332
Diffstat (limited to 'test/openssl')
-rw-r--r-- | test/openssl/test_ossl.rb | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/test/openssl/test_ossl.rb b/test/openssl/test_ossl.rb index f517b1d83d..f83e8136fa 100644 --- a/test/openssl/test_ossl.rb +++ b/test/openssl/test_ossl.rb @@ -52,10 +52,13 @@ class OpenSSL::OSSL < OpenSSL::SSLTestCase c = "y#{a}" a = "#{a}x" - n = 10_000 - a_b_time = Benchmark.measure { n.times { OpenSSL.fixed_length_secure_compare(a, b) } }.real - a_c_time = Benchmark.measure { n.times { OpenSSL.fixed_length_secure_compare(a, c) } }.real - assert_in_delta(a_b_time, a_c_time, 1, "fixed_length_secure_compare timing test failed") + a_b_time = a_c_time = 0 + 100.times do + a_b_time += Benchmark.measure { 100.times { OpenSSL.fixed_length_secure_compare(a, b) } }.real + a_c_time += Benchmark.measure { 100.times { OpenSSL.fixed_length_secure_compare(a, c) } }.real + end + assert_operator(a_b_time, :<, a_c_time * 10, "fixed_length_secure_compare timing test failed") + assert_operator(a_c_time, :<, a_b_time * 10, "fixed_length_secure_compare timing test failed") end end |