C++程序  |  275行  |  8.95 KB

/*
 * Copyright (C) 2018 The Android Open Source Project
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

#include <gtest/gtest.h>

#include "../confirmationui_rate_limiting.h"
#include <keymaster/logger.h>

using std::vector;

namespace keystore {

namespace test {

namespace {

class StdoutLogger : public ::keymaster::Logger {
  public:
    StdoutLogger() { set_instance(this); }

    int log_msg(LogLevel level, const char* fmt, va_list args) const {
        int output_len = 0;
        switch (level) {
        case DEBUG_LVL:
            output_len = printf("DEBUG: ");
            break;
        case INFO_LVL:
            output_len = printf("INFO: ");
            break;
        case WARNING_LVL:
            output_len = printf("WARNING: ");
            break;
        case ERROR_LVL:
            output_len = printf("ERROR: ");
            break;
        case SEVERE_LVL:
            output_len = printf("SEVERE: ");
            break;
        }

        output_len += vprintf(fmt, args);
        output_len += printf("\n");
        return output_len;
    }
};

StdoutLogger logger;

class FakeClock : public std::chrono::steady_clock {
  private:
    static time_point sNow;

  public:
    static void setNow(time_point newNow) { sNow = newNow; }
    static time_point now() noexcept { return sNow; }
};

FakeClock::time_point FakeClock::sNow;

}  // namespace

/*
 * Test that there are no residual slots when various apps receive successful confirmations.
 */
TEST(ConfirmationUIRateLimitingTest, noPenaltyTest) {
    auto now = std::chrono::steady_clock::now();
    RateLimiting<FakeClock> rateLimiting;
    FakeClock::setNow(now);

    for (int i = 0; i < 10000; ++i) {
        ASSERT_TRUE(rateLimiting.tryPrompt(rand()));
        rateLimiting.processResult(ConfirmationResponseCode::OK);
    }

    ASSERT_EQ(0U, rateLimiting.usedSlots());
}

TEST(ConfirmationUIRateLimitingTest, policyTest) {
    using namespace std::chrono_literals;
    auto now = std::chrono::steady_clock::now();
    RateLimiting<FakeClock> rateLimiting;
    FakeClock::setNow(now);

    // first three tries are free
    for (int i = 0; i < 3; ++i) {
        ASSERT_TRUE(rateLimiting.tryPrompt(20));
        rateLimiting.processResult(ConfirmationResponseCode::Canceled);
    }

    // throw in a couple of successful confirmations by other apps to make sure there
    // is not cross talk
    for (int i = 0; i < 10000; ++i) {
        uid_t id = rand();
        if (id == 20) continue;
        ASSERT_TRUE(rateLimiting.tryPrompt(id));
        rateLimiting.processResult(ConfirmationResponseCode::OK);
    }

    // the next three tries get a 30s penalty
    for (int i = 3; i < 6; ++i) {
        FakeClock::setNow(FakeClock::now() + 29s);
        ASSERT_FALSE(rateLimiting.tryPrompt(20));
        FakeClock::setNow(FakeClock::now() + 1s);
        ASSERT_TRUE(rateLimiting.tryPrompt(20));
        rateLimiting.processResult(ConfirmationResponseCode::Canceled);
    }

    // throw in a couple of successful confirmations by other apps to make sure there
    // is not cross talk
    for (int i = 0; i < 10000; ++i) {
        uid_t id = rand();
        if (id == 20) continue;
        ASSERT_TRUE(rateLimiting.tryPrompt(id));
        rateLimiting.processResult(ConfirmationResponseCode::OK);
    }

    // there after the penalty doubles with each cancellation
    for (int i = 6; i < 17; ++i) {
        FakeClock::setNow((FakeClock::now() + 60s * (1ULL << (i - 6))) - 1s);
        ASSERT_FALSE(rateLimiting.tryPrompt(20));
        FakeClock::setNow(FakeClock::now() + 1s);
        ASSERT_TRUE(rateLimiting.tryPrompt(20));
        rateLimiting.processResult(ConfirmationResponseCode::Canceled);
    }

    // throw in a couple of successful confirmations by other apps to make sure there
    // is not cross talk
    for (int i = 0; i < 10000; ++i) {
        uid_t id = rand();
        if (id == 20) continue;
        ASSERT_TRUE(rateLimiting.tryPrompt(id));
        rateLimiting.processResult(ConfirmationResponseCode::OK);
    }

    ASSERT_EQ(1U, rateLimiting.usedSlots());

    FakeClock::setNow(FakeClock::now() + 24h - 1s);
    ASSERT_FALSE(rateLimiting.tryPrompt(20));

    // after 24h the counter is forgotten
    FakeClock::setNow(FakeClock::now() + 1s);
    ASSERT_TRUE(rateLimiting.tryPrompt(20));
    rateLimiting.processResult(ConfirmationResponseCode::Canceled);

    // throw in a couple of successful confirmations by other apps to make sure there
    // is not cross talk
    for (int i = 0; i < 10000; ++i) {
        uid_t id = rand();
        if (id == 20) continue;
        ASSERT_TRUE(rateLimiting.tryPrompt(id));
        rateLimiting.processResult(ConfirmationResponseCode::OK);
    }

    for (int i = 1; i < 3; ++i) {
        ASSERT_TRUE(rateLimiting.tryPrompt(20));
        rateLimiting.processResult(ConfirmationResponseCode::Canceled);
    }

    // throw in a couple of successful confirmations by other apps to make sure there
    // is not cross talk
    for (int i = 0; i < 10000; ++i) {
        uid_t id = rand();
        if (id == 20) continue;
        ASSERT_TRUE(rateLimiting.tryPrompt(id));
        rateLimiting.processResult(ConfirmationResponseCode::OK);
    }

    for (int i = 3; i < 6; ++i) {
        FakeClock::setNow(FakeClock::now() + 29s);
        ASSERT_FALSE(rateLimiting.tryPrompt(20));
        FakeClock::setNow(FakeClock::now() + 1s);
        ASSERT_TRUE(rateLimiting.tryPrompt(20));
        rateLimiting.processResult(ConfirmationResponseCode::Canceled);
    }

    // throw in a couple of successful confirmations by other apps to make sure there
    // is not cross talk
    for (int i = 0; i < 10000; ++i) {
        uid_t id = rand();
        if (id == 20) continue;
        ASSERT_TRUE(rateLimiting.tryPrompt(id));
        rateLimiting.processResult(ConfirmationResponseCode::OK);
    }

    for (int i = 6; i < 17; ++i) {
        FakeClock::setNow((FakeClock::now() + 60s * (1ULL << (i - 6))) - 1s);
        ASSERT_FALSE(rateLimiting.tryPrompt(20));
        FakeClock::setNow(FakeClock::now() + 1s);
        ASSERT_TRUE(rateLimiting.tryPrompt(20));
        rateLimiting.processResult(ConfirmationResponseCode::Canceled);
    }

    // throw in a couple of successful confirmations by other apps to make sure there
    // is not cross talk
    for (int i = 0; i < 10000; ++i) {
        uid_t id = rand();
        if (id == 20) continue;
        ASSERT_TRUE(rateLimiting.tryPrompt(id));
        rateLimiting.processResult(ConfirmationResponseCode::OK);
    }

    ASSERT_EQ(1U, rateLimiting.usedSlots());
}

TEST(ConfirmationUIRateLimitingTest, rewindTest) {
    using namespace std::chrono_literals;
    auto now = std::chrono::steady_clock::now();
    RateLimiting<FakeClock> rateLimiting;

    // first three tries are free
    for (int i = 0; i < 3; ++i) {
        FakeClock::setNow(now);
        ASSERT_TRUE(rateLimiting.tryPrompt(20));
        rateLimiting.processResult(ConfirmationResponseCode::Canceled);
    }

    for (int i = 3; i < 6; ++i) {
        FakeClock::setNow(FakeClock::now() + 29s);
        ASSERT_FALSE(rateLimiting.tryPrompt(20));
        FakeClock::setNow(FakeClock::now() + 1s);
        ASSERT_TRUE(rateLimiting.tryPrompt(20));
        rateLimiting.processResult(ConfirmationResponseCode::Canceled);
    }

    FakeClock::setNow(FakeClock::now() + 59s);
    ASSERT_FALSE(rateLimiting.tryPrompt(20));
    FakeClock::setNow(FakeClock::now() + 1s);
    ASSERT_TRUE(rateLimiting.tryPrompt(20));
    rateLimiting.processResult(ConfirmationResponseCode::Aborted);

    FakeClock::setNow(FakeClock::now() - 1s);
    ASSERT_FALSE(rateLimiting.tryPrompt(20));
    FakeClock::setNow(FakeClock::now() + 1s);
    ASSERT_TRUE(rateLimiting.tryPrompt(20));
    rateLimiting.processResult(ConfirmationResponseCode::SystemError);

    // throw in a couple of successful confirmations by other apps to make sure there
    // is not cross talk
    for (int i = 0; i < 10000; ++i) {
        uid_t id = rand();
        if (id == 20) continue;
        ASSERT_TRUE(rateLimiting.tryPrompt(id));
        rateLimiting.processResult(ConfirmationResponseCode::OK);
    }

    FakeClock::setNow(FakeClock::now() - 1s);
    ASSERT_FALSE(rateLimiting.tryPrompt(20));
    FakeClock::setNow(FakeClock::now() + 1s);
    ASSERT_TRUE(rateLimiting.tryPrompt(20));
    rateLimiting.processResult(ConfirmationResponseCode::UIError);

    FakeClock::setNow(FakeClock::now() - 1s);
    ASSERT_FALSE(rateLimiting.tryPrompt(20));
    FakeClock::setNow(FakeClock::now() + 1s);
    ASSERT_TRUE(rateLimiting.tryPrompt(20));

    ASSERT_EQ(1U, rateLimiting.usedSlots());
}

}  // namespace test
}  // namespace keystore