xref: /freebsd/contrib/ntp/sntp/tests/crypto.c (revision f5f40dd6) 
1 #include "config.h"
2 #include "unity.h"
3 #include "ntp_types.h"
4 
5 #include "sntptest.h"
6 #include "crypto.h"
7 
8 #define CMAC "AES128CMAC"
9 
10 #define SHA1_LENGTH 20
11 #define CMAC_LENGTH 16
12 
13 
14 void test_MakeSHAKE128Mac(void);
15 void test_MakeSHA1Mac(void);
16 void test_MakeCMac(void);
17 void test_VerifySHAKE128(void);
18 void test_VerifySHA1(void);
19 void test_VerifyCMAC(void);
20 void test_VerifyFailure(void);
21 void test_PacketSizeNotMultipleOfFourBytes(void);
22 
23 void VerifyLocalCMAC(struct key *cmac);
24 void VerifyOpenSSLCMAC(struct key *cmac);
25 
26 
27 void
test_MakeSHAKE128Mac(void)28 test_MakeSHAKE128Mac(void)
29 {
30 #ifdef OPENSSL
31 
32 	const char KEY[] = "SHAKE128 unit test key";
33 	const u_char PAYLOAD[] = "packettestdata16";
34 	const size_t PAYLOAD_LEN = sizeof(PAYLOAD) - 1;
35 	const u_char EXPECTED_DIGEST[] =
36 		"\x62\x5A\x8F\xE4\x66\xCB\xF3\xA6"
37 		"\x73\x62\x68\x8D\x11\xB8\x42\xBB";
38 	u_char actual[sizeof(EXPECTED_DIGEST) - 1];
39 	struct key sk;
40 
41 	sk.next = NULL;
42 	sk.key_id = 10;
43 	sk.key_len = sizeof(KEY) - 1;
44 	memcpy(&sk.key_seq, KEY, min(sizeof(sk.key_seq), sk.key_len));
45 	strlcpy(sk.typen, "SHAKE128", sizeof(sk.typen));
46 	sk.typei = keytype_from_text(sk.typen, NULL);
47 
48 	TEST_ASSERT_EQUAL(sizeof(actual),
49 			  make_mac(PAYLOAD, PAYLOAD_LEN, &sk, actual,
50 				   sizeof(actual)));
51 
52 	TEST_ASSERT_EQUAL_HEX8_ARRAY(EXPECTED_DIGEST, actual, sizeof(actual));
53 #else
54 
55 	TEST_IGNORE_MESSAGE("OpenSSL not found, skipping...");
56 
57 #endif	/* OPENSSL */
58 }
59 
60 
61 void
test_MakeSHA1Mac(void)62 test_MakeSHA1Mac(void)
63 {
64 #ifdef OPENSSL
65 
66 	const char* PKT_DATA = "abcdefgh0123";
67 	const int PKT_LEN = strlen(PKT_DATA);
68 	const char* EXPECTED_DIGEST =
69 		"\x17\xaa\x82\x97\xc7\x17\x13\x6a\x9b\xa9"
70 		"\x63\x85\xb4\xce\xbe\x94\xa0\x97\x16\x1d";
71 	char actual[SHA1_LENGTH];
72 
73 	struct key sha1;
74 	sha1.next = NULL;
75 	sha1.key_id = 20;
76 	sha1.key_len = 7;
77 	memcpy(&sha1.key_seq, "sha1seq", sha1.key_len);
78 	strlcpy(sha1.typen, "SHA1", sizeof(sha1.typen));
79 	sha1.typei = keytype_from_text(sha1.typen, NULL);
80 
81 	TEST_ASSERT_EQUAL(SHA1_LENGTH,
82 			  make_mac(PKT_DATA, PKT_LEN, &sha1, actual,
83 				   SHA1_LENGTH));
84 
85 	TEST_ASSERT_EQUAL_MEMORY(EXPECTED_DIGEST, actual, SHA1_LENGTH);
86 
87 #else
88 
89 	TEST_IGNORE_MESSAGE("OpenSSL not found, skipping...");
90 
91 #endif	/* OPENSSL */
92 }
93 
94 
95 void
test_MakeCMac(void)96 test_MakeCMac(void)
97 {
98 #if defined(OPENSSL) && defined(ENABLE_CMAC)
99 
100 	const char* PKT_DATA = "abcdefgh0123";
101 	const int PKT_LEN = strlen(PKT_DATA);
102 	const char* EXPECTED_DIGEST =
103 		"\xdd\x35\xd5\xf5\x14\x23\xd9\xd6"
104 		"\x38\x5d\x29\x80\xfe\x51\xb9\x6b";
105 	char actual[CMAC_LENGTH];
106 	struct key cmac;
107 
108 	cmac.next = NULL;
109 	cmac.key_id = 30;
110 	cmac.key_len = CMAC_LENGTH;
111 	memcpy(&cmac.key_seq, "aes-128-cmac-seq", cmac.key_len);
112 	memcpy(&cmac.typen, CMAC, strlen(CMAC) + 1);
113 
114 	TEST_ASSERT_EQUAL(CMAC_LENGTH,
115 		    make_mac(PKT_DATA, PKT_LEN, &cmac, actual, CMAC_LENGTH));
116 
117 	TEST_ASSERT_EQUAL_MEMORY(EXPECTED_DIGEST, actual, CMAC_LENGTH);
118 
119 #else
120 
121 	TEST_IGNORE_MESSAGE("CMAC not enabled, skipping...");
122 
123 #endif	/* OPENSSL */
124 }
125 
126 
127 void
test_VerifySHAKE128(void)128 test_VerifySHAKE128(void)
129 {
130 #ifdef OPENSSL
131 	const char KEY[] = "SHAKE128 unit test key";
132 	const u_char PAYLOAD[] = "packettestdata16";
133 	const size_t PAYLOAD_LEN = sizeof(PAYLOAD) - 1;
134 	const u_char EXPECTED_DIGEST[] =
135 		"\x62\x5A\x8F\xE4\x66\xCB\xF3\xA6"
136 		"\x73\x62\x68\x8D\x11\xB8\x42\xBB";
137 	const size_t DIGEST_LEN = sizeof(EXPECTED_DIGEST) - 1;
138 	struct key sk;
139 	u_char PKT_DATA[  PAYLOAD_LEN + sizeof(sk.key_id)
140 			+ DIGEST_LEN];
141 	u_char *p;
142 
143 	sk.next = NULL;
144 	sk.key_id = 0;
145 	sk.key_len = sizeof(KEY) - 1;
146 	memcpy(&sk.key_seq, KEY, min(sizeof(sk.key_seq), sk.key_len));
147 	strlcpy(sk.typen, "SHAKE128", sizeof(sk.typen));
148 	sk.typei = keytype_from_text(sk.typen, NULL);
149 
150 	p = PKT_DATA;
151 	memcpy(p, PAYLOAD, PAYLOAD_LEN);	  p += PAYLOAD_LEN;
152 	memcpy(p, &sk.key_id, sizeof(sk.key_id)); p += sizeof(sk.key_id);
153 	memcpy(p, EXPECTED_DIGEST, DIGEST_LEN);	  p += DIGEST_LEN;
154 	TEST_ASSERT_TRUE(sizeof(PKT_DATA) == p - PKT_DATA);
155 
156 	TEST_ASSERT_TRUE(auth_md5(PKT_DATA, PAYLOAD_LEN, DIGEST_LEN, &sk));
157 #else
158 
159 	TEST_IGNORE_MESSAGE("OpenSSL not found, skipping...");
160 
161 #endif	/* OPENSSL */
162 }
163 
164 
165 void
test_VerifySHA1(void)166 test_VerifySHA1(void)
167 {
168 #ifdef OPENSSL
169 
170 	const char* PKT_DATA =
171 	    "sometestdata"				/* Data */
172 	    "\0\0\0\0"					/* Key-ID (unused) */
173 	    "\xad\x07\xde\x36\x39\xa6\x77\xfa\x5b\xce"	/* MAC */
174 	    "\x2d\x8a\x7d\x06\x96\xe6\x0c\xbc\xed\xe1";
175 	const int PKT_LEN = 12;
176 	struct key sha1;
177 
178 	sha1.next = NULL;
179 	sha1.key_id = 0;
180 	sha1.key_len = 7;
181 	memcpy(&sha1.key_seq, "sha1key", sha1.key_len);
182 	strlcpy(sha1.typen, "SHA1", sizeof(sha1.typen));
183 	sha1.typei = keytype_from_text(sha1.typen, NULL);
184 
185 	TEST_ASSERT_TRUE(auth_md5(PKT_DATA, PKT_LEN, SHA1_LENGTH, &sha1));
186 
187 #else
188 
189 	TEST_IGNORE_MESSAGE("OpenSSL not found, skipping...");
190 
191 #endif	/* OPENSSL */
192 }
193 
194 
195 void
test_VerifyCMAC(void)196 test_VerifyCMAC(void)
197 {
198 	struct key cmac;
199 
200 	cmac.next = NULL;
201 	cmac.key_id = 0;
202 	cmac.key_len = CMAC_LENGTH;
203 	memcpy(&cmac.key_seq, "aes-128-cmac-key", cmac.key_len);
204 	memcpy(&cmac.typen, CMAC, strlen(CMAC) + 1);
205 
206 	VerifyOpenSSLCMAC(&cmac);
207 	VerifyLocalCMAC(&cmac);
208 }
209 
210 
211 void
VerifyOpenSSLCMAC(struct key * cmac)212 VerifyOpenSSLCMAC(struct key *cmac)
213 {
214 #if defined(OPENSSL) && defined(ENABLE_CMAC)
215 
216 	/* XXX: HMS: auth_md5 must be renamed/incorrect. */
217 	// TEST_ASSERT_TRUE(auth_md5(PKT_DATA, PKT_LEN, CMAC_LENGTH, cmac));
218 	TEST_IGNORE_MESSAGE("VerifyOpenSSLCMAC needs to be implemented, skipping...");
219 
220 #else
221 
222 	TEST_IGNORE_MESSAGE("CMAC not enabled, skipping...");
223 
224 #endif	/* OPENSSL */
225 	return;
226 }
227 
228 
229 void
VerifyLocalCMAC(struct key * cmac)230 VerifyLocalCMAC(struct key *cmac)
231 {
232 
233 	/* XXX: HMS: auth_md5 must be renamed/incorrect. */
234 	// TEST_ASSERT_TRUE(auth_md5(PKT_DATA, PKT_LEN, CMAC_LENGTH, cmac));
235 
236 	TEST_IGNORE_MESSAGE("Hook in the local AES-128-CMAC check!");
237 
238 	return;
239 }
240 
241 
242 void
test_VerifyFailure(void)243 test_VerifyFailure(void)
244 {
245 	/*
246 	 * We use a copy of test_VerifySHAKE128(), but modify the
247 	 * last packet octet to make sure verification fails.
248 	 */
249 #ifdef OPENSSL
250 	const char KEY[] = "SHAKE128 unit test key";
251 	const u_char PAYLOAD[] = "packettestdata1_";
252 				/* last packet byte different */
253 	const size_t PAYLOAD_LEN = sizeof(PAYLOAD) - 1;
254 	const u_char EXPECTED_DIGEST[] =
255 		"\x62\x5A\x8F\xE4\x66\xCB\xF3\xA6"
256 		"\x73\x62\x68\x8D\x11\xB8\x42\xBB";
257 	const size_t DIGEST_LEN = sizeof(EXPECTED_DIGEST) - 1;
258 	struct key sk;
259 	u_char PKT_DATA[  PAYLOAD_LEN + sizeof(sk.key_id)
260 			+ DIGEST_LEN];
261 	u_char *p;
262 
263 	sk.next = NULL;
264 	sk.key_id = 0;
265 	sk.key_len = sizeof(KEY) - 1;
266 	memcpy(&sk.key_seq, KEY, min(sizeof(sk.key_seq), sk.key_len));
267 	strlcpy(sk.typen, "SHAKE128", sizeof(sk.typen));
268 	sk.typei = keytype_from_text(sk.typen, NULL);
269 
270 	p = PKT_DATA;
271 	memcpy(p, PAYLOAD, PAYLOAD_LEN);	  p += PAYLOAD_LEN;
272 	memcpy(p, &sk.key_id, sizeof(sk.key_id)); p += sizeof(sk.key_id);
273 	memcpy(p, EXPECTED_DIGEST, DIGEST_LEN);	  p += DIGEST_LEN;
274 	TEST_ASSERT_TRUE(sizeof(PKT_DATA) == p - PKT_DATA);
275 
276 	TEST_ASSERT_FALSE(auth_md5(PKT_DATA, PAYLOAD_LEN, DIGEST_LEN, &sk));
277 #else
278 
279 	TEST_IGNORE_MESSAGE("OpenSSL not found, skipping...");
280 
281 #endif	/* OPENSSL */
282 }
283 
284 
285 void
test_PacketSizeNotMultipleOfFourBytes(void)286 test_PacketSizeNotMultipleOfFourBytes(void)
287 {
288 	/*
289 	 * We use a copy of test_MakeSHAKE128Mac(), but modify
290 	 * the packet length to 17.
291 	 */
292 #ifdef OPENSSL
293 
294 	const char KEY[] = "SHAKE128 unit test key";
295 	const u_char PAYLOAD[] = "packettestdata_17";
296 	const size_t PAYLOAD_LEN = sizeof(PAYLOAD) - 1;
297 	const u_char EXPECTED_DIGEST[] =
298 		"\x62\x5A\x8F\xE4\x66\xCB\xF3\xA6"
299 		"\x73\x62\x68\x8D\x11\xB8\x42\xBB";
300 	u_char actual[sizeof(EXPECTED_DIGEST) - 1];
301 	struct key sk;
302 
303 	sk.next = NULL;
304 	sk.key_id = 10;
305 	sk.key_len = sizeof(KEY) - 1;
306 	memcpy(&sk.key_seq, KEY, min(sizeof(sk.key_seq), sk.key_len));
307 	strlcpy(sk.typen, "SHAKE128", sizeof(sk.typen));
308 	sk.typei = keytype_from_text(sk.typen, NULL);
309 
310 	TEST_ASSERT_EQUAL(0,
311 			  make_mac(PAYLOAD, PAYLOAD_LEN, &sk, actual,
312 				   sizeof(actual)));
313 #else
314 
315 	TEST_IGNORE_MESSAGE("OpenSSL not found, skipping...");
316 
317 #endif	/* OPENSSL */
318 }
319