Add constant-time tests

[dlongley]

Add some constant-time tests of the crypto-algorithms implemented by forge. Perhaps select random inputs and conduct long (enough) running tests to determine run time deviance -- and apply to other random inputs. Perhaps use specially-constructed inputs as well. Ensure that input does not impact run time in various browsers.

[jduncanator]

I'm not quite sure what you mean with this one. Mind clearing it up for me whilst I refactor the tests?

[dlongley]

If possible, it would be nice to have some tests that perform a basic crypto operation repeatedly on several random inputs to compare run time differences. For each random input (key + data), a single crypto operation should be performed (eg: AES encrypt/decrypt, RSA encrypt/decrypt) enough times to get a decent average run time. Each random input should be the same size -- and they should all have the same average completion time. The purpose of these tests is to see if any of the implementations are either not-constant time themselves (the code) or if they are being optimized in certain browsers in different ways (per input) such that they may make side channel (timing) attacks possible.

We want, if possible, some tests that show that forge's crypto algorithms complete in constant time -- that they don't run in different times based on the key or input data (but I'm talking about key/data value not key/data size). If we see a significant enough difference in run time then either our tests are faulty -- or an attacker could possibly use this information to weaken/break keys/inputs. Does this clarify?

[jduncanator]

@dlongley If the time is different based on the value of the key/data then the browser is the one doing optimizations and it is probably outside our control.

[dlongley]

@jduncanator -- yes, sometimes there will be nothing we can do about it. But the purpose is to at least know about potential vulnerabilities.

[jduncanator]

@dlongley Sure.