tacet 0.4.2

Detect timing side channels in cryptographic code
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94

//! Test that the library is safe to use concurrently from multiple threads.

use std::thread;
use std::time::Duration;
use tacet::helpers::InputPair;
use tacet::{AttackerModel, Outcome, TimingOracle};

#[test]
fn library_is_thread_safe() {
    // Spawn 4 threads, each running an oracle test
    let handles: Vec<_> = (0..4)
        .map(|i| {
            thread::spawn(move || {
                let mut fixed = [0u8; 128];
                fixed[0] = i as u8;

                let inputs = InputPair::new(
                    move || fixed,
                    || {
                        let mut arr = [0u8; 128];
                        for byte in &mut arr {
                            *byte = rand::random();
                        }
                        arr
                    },
                );

                let outcome = TimingOracle::for_attacker(AttackerModel::AdjacentNetwork)
                    .time_budget(Duration::from_secs(10))
                    .test(inputs, |arr| {
                        let mut acc = 0u32;
                        for byte in arr {
                            acc = acc.wrapping_mul(31).wrapping_add(*byte as u32);
                        }
                        std::hint::black_box(acc);
                    });

                // Verify we got a result
                matches!(
                    outcome,
                    Outcome::Pass { .. }
                        | Outcome::Fail { .. }
                        | Outcome::Inconclusive { .. }
                        | Outcome::Unmeasurable { .. }
                )
            })
        })
        .collect();

    // All threads should complete successfully
    for handle in handles {
        assert!(handle.join().unwrap());
    }
}

#[test]
#[ignore] // Stress test - run manually with: cargo test library_works_with_many_sequential_calls -- --ignored
fn library_works_with_many_sequential_calls() {
    // Run 10 oracle tests sequentially - should never overflow
    // Use calibration() since we're just testing concurrency, not accuracy
    for i in 0..10 {
        let mut fixed = [0u8; 128];
        fixed[0] = i as u8;

        let inputs = InputPair::new(
            move || fixed,
            || {
                let mut arr = [0u8; 128];
                for byte in &mut arr {
                    *byte = rand::random();
                }
                arr
            },
        );

        let outcome = TimingOracle::for_attacker(AttackerModel::AdjacentNetwork)
            .time_budget(Duration::from_secs(5))
            .test(inputs, |arr| {
                let mut acc = 0u32;
                for byte in arr {
                    acc = acc.wrapping_mul(31).wrapping_add(*byte as u32);
                }
                std::hint::black_box(acc);
            });

        assert!(matches!(
            outcome,
            Outcome::Pass { .. }
                | Outcome::Fail { .. }
                | Outcome::Inconclusive { .. }
                | Outcome::Unmeasurable { .. }
        ));
    }
}