Skip to content

Created draft proof for s2n_constant_time_equals #2072

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Jul 7, 2020
Merged

Created draft proof for s2n_constant_time_equals #2072

merged 5 commits into from
Jul 7, 2020

Conversation

azcwagner
Copy link
Contributor

Please note that while we are transitioning from travis-ci to AWS CodeBuild, some tests are run on each platform. Non-AWS contributors will temporarily be unable to see CodeBuild results. We apologize for the inconvenience.

Resolved issues:

N/A

Description of changes:

  • Changed the return type of s2n_constant_time_equals to bool from int.
  • Created a proof harness for the s2n_constant_time_equals function.
  • Harness checks that if s2n_constant_time_equals returns true, all elements in the argument arrays must be equal; .

Call-outs:

  • A corresponding test for dis-equality is commented due to an unforeseen error with the __CPROVER_exists construct. An issue has been opened on the CBMC repository.

Testing:

N/A

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@azcwagner azcwagner mentioned this pull request Jun 25, 2020
Closed
@feliperodri feliperodri added the CBMC Anything related to CBMC proofs. label Jun 29, 2020
feliperodri
feliperodri suggested changes Jul 1, 2020
View reviewed changes
@azcwagner azcwagner force-pushed the s2n_constant_time_equals_proof branch from d180bb2 to 7611c02 Compare July 2, 2020 17:13
feliperodri
feliperodri suggested changes Jul 2, 2020
View reviewed changes
@feliperodri feliperodri requested a review from danielsn July 2, 2020 17:40
@codecov-commenter
Copy link

codecov-commenter commented Jul 2, 2020
edited
Loading

Codecov Report

Merging #2072 into master will increase coverage by 0.00%.
The diff coverage is 100.00%.

@@           Coverage Diff           @@
##           master    #2072   +/-   ##
=======================================
  Coverage   80.40%   80.40%           
=======================================
  Files         233      233           
  Lines       17634    17635    +1     
=======================================
+ Hits        14179    14180    +1     
  Misses       3455     3455

Impacted file tree graph

@feliperodri feliperodri marked this pull request as ready for review July 2, 2020 21:43
danielsn
danielsn approved these changes Jul 7, 2020
View reviewed changes
tests/cbmc/proofs/s2n_safety_constant_time_equals/s2n_safety_constant_time_equals_harness.c
/* Check logical equivalence of s2n_constant_time_equals against element equality */
if(s2n_constant_time_equals(a, b, len)) {
assert(__CPROVER_forall {size_t i; (i >=0 && i < len) ==> (a[i] == b[i])});
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We concluded that checking that it gets it right for inequality wasn't working, right?

@danielsn danielsn merged commit bed806f into aws:master Jul 7, 2020
@camshaft camshaft mentioned this pull request Jul 18, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
2 more reviewers

@feliperodri feliperodri feliperodri approved these changes

@danielsn danielsn danielsn approved these changes

Reviewers whose approvals may not affect merge requirements
Assignees

@azcwagner azcwagner

Labels
CBMC Anything related to CBMC proofs.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@azcwagner @codecov-commenter @feliperodri @danielsn