crypto.c revision 1.1.1.6.14.2
1 1.1.1.6.14.2 pgoyette /* $NetBSD: crypto.c,v 1.1.1.6.14.2 2018/09/30 01:45:27 pgoyette Exp $ */ 2 1.1.1.5 christos 3 1.1 christos #include "config.h" 4 1.1 christos #include "unity.h" 5 1.1 christos #include "ntp_types.h" 6 1.1 christos 7 1.1 christos #include "sntptest.h" 8 1.1 christos #include "crypto.h" 9 1.1 christos 10 1.1.1.6.14.1 pgoyette #define CMAC "AES128CMAC" 11 1.1.1.6.14.1 pgoyette 12 1.1 christos #define MD5_LENGTH 16 13 1.1 christos #define SHA1_LENGTH 20 14 1.1.1.6.14.1 pgoyette #define CMAC_LENGTH 16 15 1.1 christos 16 1.1.1.3 christos 17 1.1.1.3 christos void test_MakeMd5Mac(void); 18 1.1.1.3 christos void test_MakeSHA1Mac(void); 19 1.1.1.6.14.1 pgoyette void test_MakeCMac(void); 20 1.1.1.3 christos void test_VerifyCorrectMD5(void); 21 1.1.1.3 christos void test_VerifySHA1(void); 22 1.1.1.6.14.1 pgoyette void test_VerifyCMAC(void); 23 1.1.1.3 christos void test_VerifyFailure(void); 24 1.1.1.3 christos void test_PacketSizeNotMultipleOfFourBytes(void); 25 1.1.1.3 christos 26 1.1.1.6.14.1 pgoyette void VerifyLocalCMAC(struct key *cmac); 27 1.1.1.6.14.1 pgoyette void VerifyOpenSSLCMAC(struct key *cmac); 28 1.1.1.6.14.1 pgoyette 29 1.1.1.3 christos 30 1.1.1.3 christos void 31 1.1.1.6 christos test_MakeMd5Mac(void) 32 1.1.1.6 christos { 33 1.1 christos const char* PKT_DATA = "abcdefgh0123"; 34 1.1 christos const int PKT_LEN = strlen(PKT_DATA); 35 1.1 christos const char* EXPECTED_DIGEST = 36 1.1 christos "\x52\x6c\xb8\x38\xaf\x06\x5a\xfb\x6c\x98\xbb\xc0\x9b\x0a\x7a\x1b"; 37 1.1 christos char actual[MD5_LENGTH]; 38 1.1 christos 39 1.1 christos struct key md5; 40 1.1 christos md5.next = NULL; 41 1.1 christos md5.key_id = 10; 42 1.1 christos md5.key_len = 6; 43 1.1 christos memcpy(&md5.key_seq, "md5seq", md5.key_len); 44 1.1.1.6.14.1 pgoyette strlcpy(md5.typen, "MD5", sizeof(md5.typen)); 45 1.1.1.6.14.1 pgoyette md5.typei = keytype_from_text(md5.typen, NULL); 46 1.1.1.6.14.1 pgoyette 47 1.1 christos TEST_ASSERT_EQUAL(MD5_LENGTH, 48 1.1.1.6 christos make_mac(PKT_DATA, PKT_LEN, MD5_LENGTH, &md5, actual)); 49 1.1 christos 50 1.1 christos TEST_ASSERT_TRUE(memcmp(EXPECTED_DIGEST, actual, MD5_LENGTH) == 0); 51 1.1 christos } 52 1.1 christos 53 1.1 christos 54 1.1.1.3 christos void 55 1.1.1.6 christos test_MakeSHA1Mac(void) 56 1.1.1.6 christos { 57 1.1 christos #ifdef OPENSSL 58 1.1.1.6 christos 59 1.1 christos const char* PKT_DATA = "abcdefgh0123"; 60 1.1 christos const int PKT_LEN = strlen(PKT_DATA); 61 1.1 christos const char* EXPECTED_DIGEST = 62 1.1 christos "\x17\xaa\x82\x97\xc7\x17\x13\x6a\x9b\xa9" 63 1.1 christos "\x63\x85\xb4\xce\xbe\x94\xa0\x97\x16\x1d"; 64 1.1 christos char actual[SHA1_LENGTH]; 65 1.1 christos 66 1.1 christos struct key sha1; 67 1.1 christos sha1.next = NULL; 68 1.1 christos sha1.key_id = 20; 69 1.1 christos sha1.key_len = 7; 70 1.1 christos memcpy(&sha1.key_seq, "sha1seq", sha1.key_len); 71 1.1.1.6.14.1 pgoyette strlcpy(sha1.typen, "SHA1", sizeof(sha1.typen)); 72 1.1.1.6.14.1 pgoyette sha1.typei = keytype_from_text(sha1.typen, NULL); 73 1.1 christos 74 1.1 christos TEST_ASSERT_EQUAL(SHA1_LENGTH, 75 1.1.1.6 christos make_mac(PKT_DATA, PKT_LEN, SHA1_LENGTH, &sha1, actual)); 76 1.1 christos 77 1.1.1.3 christos TEST_ASSERT_EQUAL_MEMORY(EXPECTED_DIGEST, actual, SHA1_LENGTH); 78 1.1.1.6 christos 79 1.1 christos #else 80 1.1.1.6 christos 81 1.1 christos TEST_IGNORE_MESSAGE("OpenSSL not found, skipping..."); 82 1.1.1.6 christos 83 1.1 christos #endif /* OPENSSL */ 84 1.1 christos } 85 1.1 christos 86 1.1 christos 87 1.1.1.3 christos void 88 1.1.1.6.14.1 pgoyette test_MakeCMac(void) 89 1.1.1.6.14.1 pgoyette { 90 1.1.1.6.14.2 pgoyette #if defined(OPENSSL) && defined(ENABLE_CMAC) 91 1.1.1.6.14.1 pgoyette 92 1.1.1.6.14.1 pgoyette const char* PKT_DATA = "abcdefgh0123"; 93 1.1.1.6.14.1 pgoyette const int PKT_LEN = strlen(PKT_DATA); 94 1.1.1.6.14.1 pgoyette const char* EXPECTED_DIGEST = 95 1.1.1.6.14.1 pgoyette "\xdd\x35\xd5\xf5\x14\x23\xd9\xd6" 96 1.1.1.6.14.1 pgoyette "\x38\x5d\x29\x80\xfe\x51\xb9\x6b"; 97 1.1.1.6.14.1 pgoyette char actual[CMAC_LENGTH]; 98 1.1.1.6.14.1 pgoyette 99 1.1.1.6.14.1 pgoyette struct key cmac; 100 1.1.1.6.14.1 pgoyette cmac.next = NULL; 101 1.1.1.6.14.1 pgoyette cmac.key_id = 30; 102 1.1.1.6.14.1 pgoyette cmac.key_len = CMAC_LENGTH; 103 1.1.1.6.14.1 pgoyette memcpy(&cmac.key_seq, "aes-128-cmac-seq", cmac.key_len); 104 1.1.1.6.14.1 pgoyette memcpy(&cmac.typen, CMAC, strlen(CMAC) + 1); 105 1.1.1.6.14.1 pgoyette 106 1.1.1.6.14.1 pgoyette TEST_ASSERT_EQUAL(CMAC_LENGTH, 107 1.1.1.6.14.1 pgoyette make_mac(PKT_DATA, PKT_LEN, CMAC_LENGTH, &cmac, actual)); 108 1.1.1.6.14.1 pgoyette 109 1.1.1.6.14.1 pgoyette TEST_ASSERT_EQUAL_MEMORY(EXPECTED_DIGEST, actual, CMAC_LENGTH); 110 1.1.1.6.14.1 pgoyette 111 1.1.1.6.14.1 pgoyette #else 112 1.1.1.6.14.1 pgoyette 113 1.1.1.6.14.1 pgoyette TEST_IGNORE_MESSAGE("OpenSSL not found, skipping..."); 114 1.1.1.6.14.1 pgoyette 115 1.1.1.6.14.1 pgoyette #endif /* OPENSSL */ 116 1.1.1.6.14.1 pgoyette } 117 1.1.1.6.14.1 pgoyette 118 1.1.1.6.14.1 pgoyette 119 1.1.1.6.14.1 pgoyette void 120 1.1.1.6 christos test_VerifyCorrectMD5(void) 121 1.1.1.6 christos { 122 1.1 christos const char* PKT_DATA = 123 1.1.1.6 christos "sometestdata" /* Data */ 124 1.1.1.6 christos "\0\0\0\0" /* Key-ID (unused) */ 125 1.1.1.6 christos "\xc7\x58\x99\xdd\x99\x32\x0f\x71" /* MAC */ 126 1.1.1.6 christos "\x2b\x7b\xfe\x4f\xa2\x32\xcf\xac"; 127 1.1 christos const int PKT_LEN = 12; 128 1.1 christos 129 1.1 christos struct key md5; 130 1.1 christos md5.next = NULL; 131 1.1 christos md5.key_id = 0; 132 1.1 christos md5.key_len = 6; 133 1.1 christos memcpy(&md5.key_seq, "md5key", md5.key_len); 134 1.1.1.6.14.1 pgoyette strlcpy(md5.typen, "MD5", sizeof(md5.typen)); 135 1.1.1.6.14.1 pgoyette md5.typei = keytype_from_text(md5.typen, NULL); 136 1.1 christos 137 1.1.1.6 christos TEST_ASSERT_TRUE(auth_md5(PKT_DATA, PKT_LEN, MD5_LENGTH, &md5)); 138 1.1 christos } 139 1.1 christos 140 1.1 christos 141 1.1.1.3 christos void 142 1.1.1.6 christos test_VerifySHA1(void) 143 1.1.1.6 christos { 144 1.1 christos #ifdef OPENSSL 145 1.1.1.6 christos 146 1.1 christos const char* PKT_DATA = 147 1.1.1.6 christos "sometestdata" /* Data */ 148 1.1.1.6 christos "\0\0\0\0" /* Key-ID (unused) */ 149 1.1.1.6 christos "\xad\x07\xde\x36\x39\xa6\x77\xfa\x5b\xce" /* MAC */ 150 1.1.1.6 christos "\x2d\x8a\x7d\x06\x96\xe6\x0c\xbc\xed\xe1"; 151 1.1 christos const int PKT_LEN = 12; 152 1.1 christos 153 1.1 christos struct key sha1; 154 1.1 christos sha1.next = NULL; 155 1.1 christos sha1.key_id = 0; 156 1.1 christos sha1.key_len = 7; 157 1.1 christos memcpy(&sha1.key_seq, "sha1key", sha1.key_len); 158 1.1.1.6.14.1 pgoyette strlcpy(sha1.typen, "SHA1", sizeof(sha1.typen)); 159 1.1.1.6.14.1 pgoyette sha1.typei = keytype_from_text(sha1.typen, NULL); 160 1.1 christos 161 1.1.1.6 christos TEST_ASSERT_TRUE(auth_md5(PKT_DATA, PKT_LEN, SHA1_LENGTH, &sha1)); 162 1.1.1.6 christos 163 1.1 christos #else 164 1.1.1.6 christos 165 1.1 christos TEST_IGNORE_MESSAGE("OpenSSL not found, skipping..."); 166 1.1.1.6 christos 167 1.1 christos #endif /* OPENSSL */ 168 1.1 christos } 169 1.1 christos 170 1.1.1.6.14.1 pgoyette 171 1.1.1.6.14.1 pgoyette void 172 1.1.1.6.14.1 pgoyette test_VerifyCMAC(void) 173 1.1.1.6.14.1 pgoyette { 174 1.1.1.6.14.1 pgoyette const char* PKT_DATA = 175 1.1.1.6.14.1 pgoyette "sometestdata" /* Data */ 176 1.1.1.6.14.1 pgoyette "\0\0\0\0" /* Key-ID (unused) */ 177 1.1.1.6.14.1 pgoyette "\x4e\x0c\xf0\xe2\xc7\x8e\xbb\xbf" /* MAC */ 178 1.1.1.6.14.1 pgoyette "\x79\xfc\x87\xc7\x8b\xb7\x4a\x0b"; 179 1.1.1.6.14.1 pgoyette const int PKT_LEN = 12; 180 1.1.1.6.14.1 pgoyette struct key cmac; 181 1.1.1.6.14.1 pgoyette 182 1.1.1.6.14.1 pgoyette cmac.next = NULL; 183 1.1.1.6.14.1 pgoyette cmac.key_id = 0; 184 1.1.1.6.14.1 pgoyette cmac.key_len = CMAC_LENGTH; 185 1.1.1.6.14.1 pgoyette memcpy(&cmac.key_seq, "aes-128-cmac-key", cmac.key_len); 186 1.1.1.6.14.1 pgoyette memcpy(&cmac.typen, CMAC, strlen(CMAC) + 1); 187 1.1.1.6.14.1 pgoyette 188 1.1.1.6.14.1 pgoyette VerifyOpenSSLCMAC(&cmac); 189 1.1.1.6.14.1 pgoyette VerifyLocalCMAC(&cmac); 190 1.1.1.6.14.1 pgoyette } 191 1.1.1.6.14.1 pgoyette 192 1.1.1.6.14.1 pgoyette 193 1.1.1.6.14.1 pgoyette void 194 1.1.1.6.14.1 pgoyette VerifyOpenSSLCMAC(struct key *cmac) 195 1.1.1.6.14.1 pgoyette { 196 1.1.1.6.14.2 pgoyette #if defined(OPENSSL) && defined(ENABLE_CMAC) 197 1.1.1.6.14.1 pgoyette 198 1.1.1.6.14.1 pgoyette /* XXX: HMS: auth_md5 must be renamed/incorrect. */ 199 1.1.1.6.14.1 pgoyette // TEST_ASSERT_TRUE(auth_md5(PKT_DATA, PKT_LEN, CMAC_LENGTH, cmac)); 200 1.1.1.6.14.1 pgoyette TEST_IGNORE_MESSAGE("VerifyOpenSSLCMAC needs to be implemented, skipping..."); 201 1.1.1.6.14.1 pgoyette 202 1.1.1.6.14.1 pgoyette #else 203 1.1.1.6.14.1 pgoyette 204 1.1.1.6.14.1 pgoyette TEST_IGNORE_MESSAGE("OpenSSL not found, skipping..."); 205 1.1.1.6.14.1 pgoyette 206 1.1.1.6.14.1 pgoyette #endif /* OPENSSL */ 207 1.1.1.6.14.1 pgoyette return; 208 1.1.1.6.14.1 pgoyette } 209 1.1.1.6.14.1 pgoyette 210 1.1.1.6.14.1 pgoyette 211 1.1.1.6.14.1 pgoyette void 212 1.1.1.6.14.1 pgoyette VerifyLocalCMAC(struct key *cmac) 213 1.1.1.6.14.1 pgoyette { 214 1.1.1.6.14.1 pgoyette 215 1.1.1.6.14.1 pgoyette /* XXX: HMS: auth_md5 must be renamed/incorrect. */ 216 1.1.1.6.14.1 pgoyette // TEST_ASSERT_TRUE(auth_md5(PKT_DATA, PKT_LEN, CMAC_LENGTH, cmac)); 217 1.1.1.6.14.1 pgoyette 218 1.1.1.6.14.1 pgoyette TEST_IGNORE_MESSAGE("Hook in the local AES-128-CMAC check!"); 219 1.1.1.6.14.1 pgoyette 220 1.1.1.6.14.1 pgoyette return; 221 1.1.1.6.14.1 pgoyette } 222 1.1.1.6.14.1 pgoyette 223 1.1.1.6.14.1 pgoyette 224 1.1.1.3 christos void 225 1.1.1.6 christos test_VerifyFailure(void) 226 1.1.1.6 christos { 227 1.1.1.6 christos /* We use a copy of the MD5 verification code, but modify the 228 1.1.1.6 christos * last bit to make sure verification fails. 229 1.1.1.6 christos */ 230 1.1 christos const char* PKT_DATA = 231 1.1.1.6 christos "sometestdata" /* Data */ 232 1.1.1.6 christos "\0\0\0\0" /* Key-ID (unused) */ 233 1.1.1.6 christos "\xc7\x58\x99\xdd\x99\x32\x0f\x71" /* MAC */ 234 1.1.1.6 christos "\x2b\x7b\xfe\x4f\xa2\x32\xcf\x00"; /* Last byte is wrong! */ 235 1.1 christos const int PKT_LEN = 12; 236 1.1 christos 237 1.1 christos struct key md5; 238 1.1 christos md5.next = NULL; 239 1.1 christos md5.key_id = 0; 240 1.1 christos md5.key_len = 6; 241 1.1 christos memcpy(&md5.key_seq, "md5key", md5.key_len); 242 1.1.1.6.14.1 pgoyette strlcpy(md5.typen, "MD5", sizeof(md5.typen)); 243 1.1.1.6.14.1 pgoyette md5.typei = keytype_from_text(md5.typen, NULL); 244 1.1 christos 245 1.1.1.6 christos TEST_ASSERT_FALSE(auth_md5(PKT_DATA, PKT_LEN, MD5_LENGTH, &md5)); 246 1.1 christos } 247 1.1 christos 248 1.1.1.3 christos 249 1.1.1.3 christos void 250 1.1.1.6 christos test_PacketSizeNotMultipleOfFourBytes(void) 251 1.1.1.6 christos { 252 1.1 christos const char* PKT_DATA = "123456"; 253 1.1 christos const int PKT_LEN = 6; 254 1.1 christos char actual[MD5_LENGTH]; 255 1.1 christos 256 1.1 christos struct key md5; 257 1.1 christos md5.next = NULL; 258 1.1 christos md5.key_id = 10; 259 1.1 christos md5.key_len = 6; 260 1.1 christos memcpy(&md5.key_seq, "md5seq", md5.key_len); 261 1.1.1.6.14.1 pgoyette strlcpy(md5.typen, "MD5", sizeof(md5.typen)); 262 1.1.1.6.14.1 pgoyette md5.typei = keytype_from_text(md5.typen, NULL); 263 1.1 christos 264 1.1.1.6 christos TEST_ASSERT_EQUAL(0, make_mac(PKT_DATA, PKT_LEN, MD5_LENGTH, &md5, actual)); 265 1.1 christos } 266
Indexes created Tue Mar 24 00:24:13 UTC 2026