1 /* $NetBSD: crypto.c,v 1.1.1.3 2015/10/23 17:47:43 christos Exp $ */ 2 3 #include "config.h" 4 #include "unity.h" 5 #include "ntp_types.h" 6 7 #include "sntptest.h" 8 #include "crypto.h" 9 10 #define MD5_LENGTH 16 11 #define SHA1_LENGTH 20 12 13 14 void test_MakeMd5Mac(void); 15 void test_MakeSHA1Mac(void); 16 void test_VerifyCorrectMD5(void); 17 void test_VerifySHA1(void); 18 void test_VerifyFailure(void); 19 void test_PacketSizeNotMultipleOfFourBytes(void); 20 21 22 void 23 test_MakeMd5Mac(void) { 24 25 const char* PKT_DATA = "abcdefgh0123"; 26 const int PKT_LEN = strlen(PKT_DATA); 27 const char* EXPECTED_DIGEST = 28 "\x52\x6c\xb8\x38\xaf\x06\x5a\xfb\x6c\x98\xbb\xc0\x9b\x0a\x7a\x1b"; 29 char actual[MD5_LENGTH]; 30 31 struct key md5; 32 md5.next = NULL; 33 md5.key_id = 10; 34 md5.key_len = 6; 35 memcpy(&md5.key_seq, "md5seq", md5.key_len); 36 memcpy(&md5.type, "MD5", 4); 37 38 TEST_ASSERT_EQUAL(MD5_LENGTH, 39 make_mac((char*)PKT_DATA, PKT_LEN, MD5_LENGTH, &md5, actual)); 40 41 TEST_ASSERT_TRUE(memcmp(EXPECTED_DIGEST, actual, MD5_LENGTH) == 0); 42 } 43 44 45 void 46 test_MakeSHA1Mac(void) { 47 #ifdef OPENSSL 48 const char* PKT_DATA = "abcdefgh0123"; 49 const int PKT_LEN = strlen(PKT_DATA); 50 const char* EXPECTED_DIGEST = 51 "\x17\xaa\x82\x97\xc7\x17\x13\x6a\x9b\xa9" 52 "\x63\x85\xb4\xce\xbe\x94\xa0\x97\x16\x1d"; 53 char actual[SHA1_LENGTH]; 54 55 struct key sha1; 56 sha1.next = NULL; 57 sha1.key_id = 20; 58 sha1.key_len = 7; 59 memcpy(&sha1.key_seq, "sha1seq", sha1.key_len); 60 memcpy(&sha1.type, "SHA1", 5); 61 62 TEST_ASSERT_EQUAL(SHA1_LENGTH, 63 make_mac((char*)PKT_DATA, PKT_LEN, SHA1_LENGTH, &sha1, actual)); 64 65 TEST_ASSERT_EQUAL_MEMORY(EXPECTED_DIGEST, actual, SHA1_LENGTH); 66 #else 67 TEST_IGNORE_MESSAGE("OpenSSL not found, skipping..."); 68 #endif /* OPENSSL */ 69 } 70 71 72 void 73 test_VerifyCorrectMD5(void) { 74 const char* PKT_DATA = 75 "sometestdata" // Data 76 "\0\0\0\0" // Key-ID (unused) 77 "\xc7\x58\x99\xdd\x99\x32\x0f\x71" // MAC 78 "\x2b\x7b\xfe\x4f\xa2\x32\xcf\xac"; 79 const int PKT_LEN = 12; 80 81 struct key md5; 82 md5.next = NULL; 83 md5.key_id = 0; 84 md5.key_len = 6; 85 memcpy(&md5.key_seq, "md5key", md5.key_len); 86 memcpy(&md5.type, "MD5", 4); 87 88 TEST_ASSERT_TRUE(auth_md5((char*)PKT_DATA, PKT_LEN, MD5_LENGTH, &md5)); 89 } 90 91 92 void 93 test_VerifySHA1(void) { 94 #ifdef OPENSSL 95 const char* PKT_DATA = 96 "sometestdata" // Data 97 "\0\0\0\0" // Key-ID (unused) 98 "\xad\x07\xde\x36\x39\xa6\x77\xfa\x5b\xce" // MAC 99 "\x2d\x8a\x7d\x06\x96\xe6\x0c\xbc\xed\xe1"; 100 const int PKT_LEN = 12; 101 102 struct key sha1; 103 sha1.next = NULL; 104 sha1.key_id = 0; 105 sha1.key_len = 7; 106 memcpy(&sha1.key_seq, "sha1key", sha1.key_len); 107 memcpy(&sha1.type, "SHA1", 5); 108 109 TEST_ASSERT_TRUE(auth_md5((char*)PKT_DATA, PKT_LEN, SHA1_LENGTH, &sha1)); 110 #else 111 TEST_IGNORE_MESSAGE("OpenSSL not found, skipping..."); 112 #endif /* OPENSSL */ 113 } 114 115 void 116 test_VerifyFailure(void) { 117 /* We use a copy of the MD5 verification code, but modify 118 * the last bit to make sure verification fails. */ 119 const char* PKT_DATA = 120 "sometestdata" // Data 121 "\0\0\0\0" // Key-ID (unused) 122 "\xc7\x58\x99\xdd\x99\x32\x0f\x71" // MAC 123 "\x2b\x7b\xfe\x4f\xa2\x32\xcf\x00"; // Last byte is wrong! 124 const int PKT_LEN = 12; 125 126 struct key md5; 127 md5.next = NULL; 128 md5.key_id = 0; 129 md5.key_len = 6; 130 memcpy(&md5.key_seq, "md5key", md5.key_len); 131 memcpy(&md5.type, "MD5", 4); 132 133 TEST_ASSERT_FALSE(auth_md5((char*)PKT_DATA, PKT_LEN, MD5_LENGTH, &md5)); 134 } 135 136 137 void 138 test_PacketSizeNotMultipleOfFourBytes(void) { 139 const char* PKT_DATA = "123456"; 140 const int PKT_LEN = 6; 141 char actual[MD5_LENGTH]; 142 143 struct key md5; 144 md5.next = NULL; 145 md5.key_id = 10; 146 md5.key_len = 6; 147 memcpy(&md5.key_seq, "md5seq", md5.key_len); 148 memcpy(&md5.type, "MD5", 4); 149 150 TEST_ASSERT_EQUAL(0, make_mac((char*)PKT_DATA, PKT_LEN, MD5_LENGTH, &md5, actual)); 151 } 152