summaryrefslogtreecommitdiffstats
path: root/contrib/ntp/sntp/tests/crypto.c
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/ntp/sntp/tests/crypto.c')
-rw-r--r--contrib/ntp/sntp/tests/crypto.c114
1 files changed, 107 insertions, 7 deletions
diff --git a/contrib/ntp/sntp/tests/crypto.c b/contrib/ntp/sntp/tests/crypto.c
index fb2dc62..64c784d 100644
--- a/contrib/ntp/sntp/tests/crypto.c
+++ b/contrib/ntp/sntp/tests/crypto.c
@@ -5,17 +5,25 @@
#include "sntptest.h"
#include "crypto.h"
+#define CMAC "AES128CMAC"
+
#define MD5_LENGTH 16
#define SHA1_LENGTH 20
+#define CMAC_LENGTH 16
void test_MakeMd5Mac(void);
void test_MakeSHA1Mac(void);
+void test_MakeCMac(void);
void test_VerifyCorrectMD5(void);
void test_VerifySHA1(void);
+void test_VerifyCMAC(void);
void test_VerifyFailure(void);
void test_PacketSizeNotMultipleOfFourBytes(void);
+void VerifyLocalCMAC(struct key *cmac);
+void VerifyOpenSSLCMAC(struct key *cmac);
+
void
test_MakeMd5Mac(void)
@@ -31,8 +39,9 @@ test_MakeMd5Mac(void)
md5.key_id = 10;
md5.key_len = 6;
memcpy(&md5.key_seq, "md5seq", md5.key_len);
- memcpy(&md5.type, "MD5", 4);
-
+ strlcpy(md5.typen, "MD5", sizeof(md5.typen));
+ md5.typei = keytype_from_text(md5.typen, NULL);
+
TEST_ASSERT_EQUAL(MD5_LENGTH,
make_mac(PKT_DATA, PKT_LEN, MD5_LENGTH, &md5, actual));
@@ -57,7 +66,8 @@ test_MakeSHA1Mac(void)
sha1.key_id = 20;
sha1.key_len = 7;
memcpy(&sha1.key_seq, "sha1seq", sha1.key_len);
- memcpy(&sha1.type, "SHA1", 5);
+ strlcpy(sha1.typen, "SHA1", sizeof(sha1.typen));
+ sha1.typei = keytype_from_text(sha1.typen, NULL);
TEST_ASSERT_EQUAL(SHA1_LENGTH,
make_mac(PKT_DATA, PKT_LEN, SHA1_LENGTH, &sha1, actual));
@@ -73,6 +83,38 @@ test_MakeSHA1Mac(void)
void
+test_MakeCMac(void)
+{
+#ifdef OPENSSL
+
+ const char* PKT_DATA = "abcdefgh0123";
+ const int PKT_LEN = strlen(PKT_DATA);
+ const char* EXPECTED_DIGEST =
+ "\xdd\x35\xd5\xf5\x14\x23\xd9\xd6"
+ "\x38\x5d\x29\x80\xfe\x51\xb9\x6b";
+ char actual[CMAC_LENGTH];
+
+ struct key cmac;
+ cmac.next = NULL;
+ cmac.key_id = 30;
+ cmac.key_len = CMAC_LENGTH;
+ memcpy(&cmac.key_seq, "aes-128-cmac-seq", cmac.key_len);
+ memcpy(&cmac.typen, CMAC, strlen(CMAC) + 1);
+
+ TEST_ASSERT_EQUAL(CMAC_LENGTH,
+ make_mac(PKT_DATA, PKT_LEN, CMAC_LENGTH, &cmac, actual));
+
+ TEST_ASSERT_EQUAL_MEMORY(EXPECTED_DIGEST, actual, CMAC_LENGTH);
+
+#else
+
+ TEST_IGNORE_MESSAGE("OpenSSL not found, skipping...");
+
+#endif /* OPENSSL */
+}
+
+
+void
test_VerifyCorrectMD5(void)
{
const char* PKT_DATA =
@@ -87,7 +129,8 @@ test_VerifyCorrectMD5(void)
md5.key_id = 0;
md5.key_len = 6;
memcpy(&md5.key_seq, "md5key", md5.key_len);
- memcpy(&md5.type, "MD5", 4);
+ strlcpy(md5.typen, "MD5", sizeof(md5.typen));
+ md5.typei = keytype_from_text(md5.typen, NULL);
TEST_ASSERT_TRUE(auth_md5(PKT_DATA, PKT_LEN, MD5_LENGTH, &md5));
}
@@ -110,7 +153,8 @@ test_VerifySHA1(void)
sha1.key_id = 0;
sha1.key_len = 7;
memcpy(&sha1.key_seq, "sha1key", sha1.key_len);
- memcpy(&sha1.type, "SHA1", 5);
+ strlcpy(sha1.typen, "SHA1", sizeof(sha1.typen));
+ sha1.typei = keytype_from_text(sha1.typen, NULL);
TEST_ASSERT_TRUE(auth_md5(PKT_DATA, PKT_LEN, SHA1_LENGTH, &sha1));
@@ -121,6 +165,60 @@ test_VerifySHA1(void)
#endif /* OPENSSL */
}
+
+void
+test_VerifyCMAC(void)
+{
+ const char* PKT_DATA =
+ "sometestdata" /* Data */
+ "\0\0\0\0" /* Key-ID (unused) */
+ "\x4e\x0c\xf0\xe2\xc7\x8e\xbb\xbf" /* MAC */
+ "\x79\xfc\x87\xc7\x8b\xb7\x4a\x0b";
+ const int PKT_LEN = 12;
+ struct key cmac;
+
+ cmac.next = NULL;
+ cmac.key_id = 0;
+ cmac.key_len = CMAC_LENGTH;
+ memcpy(&cmac.key_seq, "aes-128-cmac-key", cmac.key_len);
+ memcpy(&cmac.typen, CMAC, strlen(CMAC) + 1);
+
+ VerifyOpenSSLCMAC(&cmac);
+ VerifyLocalCMAC(&cmac);
+}
+
+
+void
+VerifyOpenSSLCMAC(struct key *cmac)
+{
+#ifdef OPENSSL
+
+ /* XXX: HMS: auth_md5 must be renamed/incorrect. */
+ // TEST_ASSERT_TRUE(auth_md5(PKT_DATA, PKT_LEN, CMAC_LENGTH, cmac));
+ TEST_IGNORE_MESSAGE("VerifyOpenSSLCMAC needs to be implemented, skipping...");
+
+#else
+
+ TEST_IGNORE_MESSAGE("OpenSSL not found, skipping...");
+
+#endif /* OPENSSL */
+ return;
+}
+
+
+void
+VerifyLocalCMAC(struct key *cmac)
+{
+
+ /* XXX: HMS: auth_md5 must be renamed/incorrect. */
+ // TEST_ASSERT_TRUE(auth_md5(PKT_DATA, PKT_LEN, CMAC_LENGTH, cmac));
+
+ TEST_IGNORE_MESSAGE("Hook in the local AES-128-CMAC check!");
+
+ return;
+}
+
+
void
test_VerifyFailure(void)
{
@@ -139,7 +237,8 @@ test_VerifyFailure(void)
md5.key_id = 0;
md5.key_len = 6;
memcpy(&md5.key_seq, "md5key", md5.key_len);
- memcpy(&md5.type, "MD5", 4);
+ strlcpy(md5.typen, "MD5", sizeof(md5.typen));
+ md5.typei = keytype_from_text(md5.typen, NULL);
TEST_ASSERT_FALSE(auth_md5(PKT_DATA, PKT_LEN, MD5_LENGTH, &md5));
}
@@ -157,7 +256,8 @@ test_PacketSizeNotMultipleOfFourBytes(void)
md5.key_id = 10;
md5.key_len = 6;
memcpy(&md5.key_seq, "md5seq", md5.key_len);
- memcpy(&md5.type, "MD5", 4);
+ strlcpy(md5.typen, "MD5", sizeof(md5.typen));
+ md5.typei = keytype_from_text(md5.typen, NULL);
TEST_ASSERT_EQUAL(0, make_mac(PKT_DATA, PKT_LEN, MD5_LENGTH, &md5, actual));
}
OpenPOWER on IntegriCloud