1139804Simp#include "config.h" 24Srgrimes#include "unity.h" 34Srgrimes#include "ntp_types.h" 4235407Savg 5235407Savg#include "sntptest.h" 6235407Savg#include "crypto.h" 74Srgrimes 84Srgrimes#define CMAC "AES128CMAC" 94Srgrimes 104Srgrimes#define SHA1_LENGTH 20 114Srgrimes#define CMAC_LENGTH 16 124Srgrimes 134Srgrimes 144Srgrimesvoid test_MakeSHAKE128Mac(void); 154Srgrimesvoid test_MakeSHA1Mac(void); 164Srgrimesvoid test_MakeCMac(void); 174Srgrimesvoid test_VerifySHAKE128(void); 184Srgrimesvoid test_VerifySHA1(void); 194Srgrimesvoid test_VerifyCMAC(void); 204Srgrimesvoid test_VerifyFailure(void); 214Srgrimesvoid test_PacketSizeNotMultipleOfFourBytes(void); 224Srgrimes 234Srgrimesvoid VerifyLocalCMAC(struct key *cmac); 244Srgrimesvoid VerifyOpenSSLCMAC(struct key *cmac); 254Srgrimes 264Srgrimes 274Srgrimesvoid 284Srgrimestest_MakeSHAKE128Mac(void) 294Srgrimes{ 304Srgrimes#ifdef OPENSSL 314Srgrimes 324Srgrimes const char KEY[] = "SHAKE128 unit test key"; 334Srgrimes const u_char PAYLOAD[] = "packettestdata16"; 344Srgrimes const size_t PAYLOAD_LEN = sizeof(PAYLOAD) - 1; 354Srgrimes const u_char EXPECTED_DIGEST[] = 364Srgrimes "\x62\x5A\x8F\xE4\x66\xCB\xF3\xA6" 37620Srgrimes "\x73\x62\x68\x8D\x11\xB8\x42\xBB"; 384Srgrimes u_char actual[sizeof(EXPECTED_DIGEST) - 1]; 394Srgrimes struct key sk; 40116182Sobrien 41116182Sobrien sk.next = NULL; 42116182Sobrien sk.key_id = 10; 4387649Sguido sk.key_len = sizeof(KEY) - 1; 4487649Sguido memcpy(&sk.key_seq, KEY, min(sizeof(sk.key_seq), sk.key_len)); 452056Swollman strlcpy(sk.typen, "SHAKE128", sizeof(sk.typen)); 461549Srgrimes sk.typei = keytype_from_text(sk.typen, NULL); 47163858Sjb 48163858Sjb TEST_ASSERT_EQUAL(sizeof(actual), 495764Sbde make_mac(PAYLOAD, PAYLOAD_LEN, &sk, actual, 5056525Sbde sizeof(actual))); 5185448Sjlemon 52131931Smarcel TEST_ASSERT_EQUAL_HEX8_ARRAY(EXPECTED_DIGEST, actual, sizeof(actual)); 5312675Sjulian#else 5485373Sjlemon 55116663Siedowse TEST_IGNORE_MESSAGE("OpenSSL not found, skipping..."); 5685373Sjlemon 57164033Srwatson#endif /* OPENSSL */ 5869929Sobrien} 5985373Sjlemon 6018951Sjulian 6112701Sphkvoid 62174905Swkoszektest_MakeSHA1Mac(void) 632056Swollman{ 6434924Sbde#ifdef OPENSSL 6585373Sjlemon 664Srgrimes const char* PKT_DATA = "abcdefgh0123"; 6787620Sguido const int PKT_LEN = strlen(PKT_DATA); 6887620Sguido const char* EXPECTED_DIGEST = 6912701Sphk "\x17\xaa\x82\x97\xc7\x17\x13\x6a\x9b\xa9" 70177642Sphk "\x63\x85\xb4\xce\xbe\x94\xa0\x97\x16\x1d"; 714Srgrimes char actual[SHA1_LENGTH]; 72179246Sed 73179246Sed struct key sha1; 7485373Sjlemon sha1.next = NULL; 7585373Sjlemon sha1.key_id = 20; 7685373Sjlemon sha1.key_len = 7; 7785373Sjlemon memcpy(&sha1.key_seq, "sha1seq", sha1.key_len); 7885373Sjlemon strlcpy(sha1.typen, "SHA1", sizeof(sha1.typen)); 7985373Sjlemon sha1.typei = keytype_from_text(sha1.typen, NULL); 8085373Sjlemon 8185373Sjlemon TEST_ASSERT_EQUAL(SHA1_LENGTH, 8285373Sjlemon make_mac(PKT_DATA, PKT_LEN, &sha1, actual, 8385373Sjlemon SHA1_LENGTH)); 8485373Sjlemon 85125467Skan TEST_ASSERT_EQUAL_MEMORY(EXPECTED_DIGEST, actual, SHA1_LENGTH); 86125467Skan 87125467Skan#else 88125467Skan 897680Sjoerg TEST_IGNORE_MESSAGE("OpenSSL not found, skipping..."); 9085373Sjlemon 91116663Siedowse#endif /* OPENSSL */ 92116663Siedowse} 93116663Siedowse 9487620Sguido 9587620Sguidovoid 9687620Sguidotest_MakeCMac(void) 97116663Siedowse{ 98163858Sjb#if defined(OPENSSL) && defined(ENABLE_CMAC) 99163858Sjb 1005764Sbde const char* PKT_DATA = "abcdefgh0123"; 101116663Siedowse const int PKT_LEN = strlen(PKT_DATA); 10285448Sjlemon const char* EXPECTED_DIGEST = 103158944Sphk "\xdd\x35\xd5\xf5\x14\x23\xd9\xd6" 104158944Sphk "\x38\x5d\x29\x80\xfe\x51\xb9\x6b"; 10578161Speter char actual[CMAC_LENGTH]; 10642373Syokota struct key cmac; 107798Swollman 10885373Sjlemon cmac.next = NULL; 1094Srgrimes cmac.key_id = 30; 11085373Sjlemon cmac.key_len = CMAC_LENGTH; 1114Srgrimes memcpy(&cmac.key_seq, "aes-128-cmac-seq", cmac.key_len); 1124Srgrimes memcpy(&cmac.typen, CMAC, strlen(CMAC) + 1); 11318951Sjulian 11418951Sjulian TEST_ASSERT_EQUAL(CMAC_LENGTH, 11518951Sjulian make_mac(PKT_DATA, PKT_LEN, &cmac, actual, CMAC_LENGTH)); 11618951Sjulian 11718951Sjulian TEST_ASSERT_EQUAL_MEMORY(EXPECTED_DIGEST, actual, CMAC_LENGTH); 11818951Sjulian 11918951Sjulian#else 12018951Sjulian 121138249Sscottl TEST_IGNORE_MESSAGE("CMAC not enabled, skipping..."); 12285373Sjlemon 12318951Sjulian#endif /* OPENSSL */ 12485373Sjlemon} 1254Srgrimes 12685373Sjlemon 12785373Sjlemonvoid 12885373Sjlemontest_VerifySHAKE128(void) 129101436Sjake{ 130196506Sed#ifdef OPENSSL 131196506Sed const char KEY[] = "SHAKE128 unit test key"; 13285373Sjlemon const u_char PAYLOAD[] = "packettestdata16"; 133196506Sed const size_t PAYLOAD_LEN = sizeof(PAYLOAD) - 1; 13485373Sjlemon const u_char EXPECTED_DIGEST[] = 13585373Sjlemon "\x62\x5A\x8F\xE4\x66\xCB\xF3\xA6" 13685373Sjlemon "\x73\x62\x68\x8D\x11\xB8\x42\xBB"; 13785373Sjlemon const size_t DIGEST_LEN = sizeof(EXPECTED_DIGEST) - 1; 13885373Sjlemon struct key sk; 13985373Sjlemon u_char PKT_DATA[ PAYLOAD_LEN + sizeof(sk.key_id) 14085373Sjlemon + DIGEST_LEN]; 14185373Sjlemon u_char *p; 142196506Sed 14385373Sjlemon sk.next = NULL; 14485373Sjlemon sk.key_id = 0; 14585373Sjlemon sk.key_len = sizeof(KEY) - 1; 14685373Sjlemon memcpy(&sk.key_seq, KEY, min(sizeof(sk.key_seq), sk.key_len)); 1474Srgrimes strlcpy(sk.typen, "SHAKE128", sizeof(sk.typen)); 14885373Sjlemon sk.typei = keytype_from_text(sk.typen, NULL); 149196506Sed 15085373Sjlemon p = PKT_DATA; 15110665Sbde memcpy(p, PAYLOAD, PAYLOAD_LEN); p += PAYLOAD_LEN; 15287620Sguido memcpy(p, &sk.key_id, sizeof(sk.key_id)); p += sizeof(sk.key_id); 15387620Sguido memcpy(p, EXPECTED_DIGEST, DIGEST_LEN); p += DIGEST_LEN; 1544Srgrimes TEST_ASSERT_TRUE(sizeof(PKT_DATA) == p - PKT_DATA); 15585373Sjlemon 15610665Sbde TEST_ASSERT_TRUE(auth_md5(PKT_DATA, PAYLOAD_LEN, DIGEST_LEN, &sk)); 15785373Sjlemon#else 15885373Sjlemon 15985373Sjlemon TEST_IGNORE_MESSAGE("OpenSSL not found, skipping..."); 16087620Sguido 16187620Sguido#endif /* OPENSSL */ 16287620Sguido} 16387620Sguido 16487620Sguido 16587620Sguidovoid 16685373Sjlemontest_VerifySHA1(void) 16785373Sjlemon{ 16885373Sjlemon#ifdef OPENSSL 16985373Sjlemon 17085373Sjlemon const char* PKT_DATA = 17185373Sjlemon "sometestdata" /* Data */ 17285373Sjlemon "\0\0\0\0" /* Key-ID (unused) */ 17385373Sjlemon "\xad\x07\xde\x36\x39\xa6\x77\xfa\x5b\xce" /* MAC */ 17485373Sjlemon "\x2d\x8a\x7d\x06\x96\xe6\x0c\xbc\xed\xe1"; 17585373Sjlemon const int PKT_LEN = 12; 17685373Sjlemon struct key sha1; 17785373Sjlemon 17885373Sjlemon sha1.next = NULL; 17985373Sjlemon sha1.key_id = 0; 18048104Syokota sha1.key_len = 7; 18185373Sjlemon memcpy(&sha1.key_seq, "sha1key", sha1.key_len); 18285373Sjlemon strlcpy(sha1.typen, "SHA1", sizeof(sha1.typen)); 18385373Sjlemon sha1.typei = keytype_from_text(sha1.typen, NULL); 184120456Sphk 185120456Sphk TEST_ASSERT_TRUE(auth_md5(PKT_DATA, PKT_LEN, SHA1_LENGTH, &sha1)); 186120456Sphk 187120456Sphk#else 18885373Sjlemon 189184521Sed TEST_IGNORE_MESSAGE("OpenSSL not found, skipping..."); 190184521Sed 191125467Skan#endif /* OPENSSL */ 192125467Skan} 193125467Skan 194125467Skan 19585373Sjlemonvoid 19610665Sbdetest_VerifyCMAC(void) 19710665Sbde{ 19810665Sbde struct key cmac; 19985373Sjlemon 20010665Sbde cmac.next = NULL; 20185373Sjlemon cmac.key_id = 0; 202125467Skan cmac.key_len = CMAC_LENGTH; 20310665Sbde memcpy(&cmac.key_seq, "aes-128-cmac-key", cmac.key_len); 20485373Sjlemon memcpy(&cmac.typen, CMAC, strlen(CMAC) + 1); 20585373Sjlemon 20685373Sjlemon VerifyOpenSSLCMAC(&cmac); 207184521Sed VerifyLocalCMAC(&cmac); 208184521Sed} 20985373Sjlemon 21085373Sjlemon 211125467Skanvoid 212125467SkanVerifyOpenSSLCMAC(struct key *cmac) 213125467Skan{ 214125467Skan#if defined(OPENSSL) && defined(ENABLE_CMAC) 215125467Skan 216125467Skan /* XXX: HMS: auth_md5 must be renamed/incorrect. */ 217125467Skan // TEST_ASSERT_TRUE(auth_md5(PKT_DATA, PKT_LEN, CMAC_LENGTH, cmac)); 21885373Sjlemon TEST_IGNORE_MESSAGE("VerifyOpenSSLCMAC needs to be implemented, skipping..."); 21985373Sjlemon 22085373Sjlemon#else 22185373Sjlemon 22285373Sjlemon TEST_IGNORE_MESSAGE("CMAC not enabled, skipping..."); 22385373Sjlemon 22485373Sjlemon#endif /* OPENSSL */ 225196506Sed return; 22685373Sjlemon} 22710665Sbde 22856582Sbde 2294Srgrimesvoid 2304SrgrimesVerifyLocalCMAC(struct key *cmac) 23185373Sjlemon{ 23285373Sjlemon 23327982Sjulian /* XXX: HMS: auth_md5 must be renamed/incorrect. */ 23485373Sjlemon // TEST_ASSERT_TRUE(auth_md5(PKT_DATA, PKT_LEN, CMAC_LENGTH, cmac)); 23527982Sjulian 23685373Sjlemon TEST_IGNORE_MESSAGE("Hook in the local AES-128-CMAC check!"); 23785373Sjlemon 23885373Sjlemon return; 23985373Sjlemon} 24085373Sjlemon 24185373Sjlemon 24285373Sjlemonvoid 243184521Sedtest_VerifyFailure(void) 24427982Sjulian{ 24585373Sjlemon /* 24685373Sjlemon * We use a copy of test_VerifySHAKE128(), but modify the 24727982Sjulian * last packet octet to make sure verification fails. 24885373Sjlemon */ 249125467Skan#ifdef OPENSSL 250125467Skan const char KEY[] = "SHAKE128 unit test key"; 251125467Skan const u_char PAYLOAD[] = "packettestdata1_"; 252125467Skan /* last packet byte different */ 253125467Skan const size_t PAYLOAD_LEN = sizeof(PAYLOAD) - 1; 254125467Skan const u_char EXPECTED_DIGEST[] = 255125467Skan "\x62\x5A\x8F\xE4\x66\xCB\xF3\xA6" 256125467Skan "\x73\x62\x68\x8D\x11\xB8\x42\xBB"; 257125467Skan const size_t DIGEST_LEN = sizeof(EXPECTED_DIGEST) - 1; 258125467Skan struct key sk; 259125467Skan u_char PKT_DATA[ PAYLOAD_LEN + sizeof(sk.key_id) 260125467Skan + DIGEST_LEN]; 261125467Skan u_char *p; 262125467Skan 263125467Skan sk.next = NULL; 264125467Skan sk.key_id = 0; 265125467Skan sk.key_len = sizeof(KEY) - 1; 266125467Skan memcpy(&sk.key_seq, KEY, min(sizeof(sk.key_seq), sk.key_len)); 267125467Skan strlcpy(sk.typen, "SHAKE128", sizeof(sk.typen)); 268125467Skan sk.typei = keytype_from_text(sk.typen, NULL); 269125487Skan 270125467Skan p = PKT_DATA; 271125487Skan memcpy(p, PAYLOAD, PAYLOAD_LEN); p += PAYLOAD_LEN; 272125467Skan memcpy(p, &sk.key_id, sizeof(sk.key_id)); p += sizeof(sk.key_id); 273125467Skan memcpy(p, EXPECTED_DIGEST, DIGEST_LEN); p += DIGEST_LEN; 274125467Skan TEST_ASSERT_TRUE(sizeof(PKT_DATA) == p - PKT_DATA); 275120456Sphk 276174905Swkoszek TEST_ASSERT_FALSE(auth_md5(PKT_DATA, PAYLOAD_LEN, DIGEST_LEN, &sk)); 277120456Sphk#else 27885373Sjlemon 27985373Sjlemon TEST_IGNORE_MESSAGE("OpenSSL not found, skipping..."); 28085373Sjlemon 28185373Sjlemon#endif /* OPENSSL */ 28285373Sjlemon} 283174905Swkoszek 284174905Swkoszek 285174905Swkoszekvoid 28685373Sjlemontest_PacketSizeNotMultipleOfFourBytes(void) 287174905Swkoszek{ 288174905Swkoszek /* 289174905Swkoszek * We use a copy of test_MakeSHAKE128Mac(), but modify 290174905Swkoszek * the packet length to 17. 29185373Sjlemon */ 292174905Swkoszek#ifdef OPENSSL 293174905Swkoszek 29485373Sjlemon const char KEY[] = "SHAKE128 unit test key"; 29585373Sjlemon const u_char PAYLOAD[] = "packettestdata_17"; 296120456Sphk const size_t PAYLOAD_LEN = sizeof(PAYLOAD) - 1; 297174905Swkoszek const u_char EXPECTED_DIGEST[] = 29885373Sjlemon "\x62\x5A\x8F\xE4\x66\xCB\xF3\xA6" 299174905Swkoszek "\x73\x62\x68\x8D\x11\xB8\x42\xBB"; 300174905Swkoszek u_char actual[sizeof(EXPECTED_DIGEST) - 1]; 30185373Sjlemon struct key sk; 302174905Swkoszek 30385373Sjlemon sk.next = NULL; 30485373Sjlemon sk.key_id = 10; 30585373Sjlemon sk.key_len = sizeof(KEY) - 1; 30685373Sjlemon memcpy(&sk.key_seq, KEY, min(sizeof(sk.key_seq), sk.key_len)); 30785373Sjlemon strlcpy(sk.typen, "SHAKE128", sizeof(sk.typen)); 30885373Sjlemon sk.typei = keytype_from_text(sk.typen, NULL); 30985373Sjlemon 31085373Sjlemon TEST_ASSERT_EQUAL(0, 311120456Sphk make_mac(PAYLOAD, PAYLOAD_LEN, &sk, actual, 31285373Sjlemon sizeof(actual))); 31385373Sjlemon#else 31485373Sjlemon 31585373Sjlemon TEST_IGNORE_MESSAGE("OpenSSL not found, skipping..."); 31685373Sjlemon 31785373Sjlemon#endif /* OPENSSL */ 31885373Sjlemon} 31985373Sjlemon