xref: /netbsd-src/external/mpl/bind/dist/tests/dns/rsa_test.c (revision 0a3071956a3a9fdebdbf7f338cf2d439b45fc728) 
1 /*	$NetBSD: rsa_test.c,v 1.2 2024/02/21 22:52:50 christos Exp $	*/
2 
3 /*
4  * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
5  *
6  * SPDX-License-Identifier: MPL-2.0
7  *
8  * This Source Code Form is subject to the terms of the Mozilla Public
9  * License, v. 2.0. If a copy of the MPL was not distributed with this
10  * file, you can obtain one at https://mozilla.org/MPL/2.0/.
11  *
12  * See the COPYRIGHT file distributed with this work for additional
13  * information regarding copyright ownership.
14  */
15 
16 #include <inttypes.h>
17 #include <sched.h> /* IWYU pragma: keep */
18 #include <setjmp.h>
19 #include <stdarg.h>
20 #include <stddef.h>
21 #include <stdio.h>
22 #include <stdlib.h>
23 #include <string.h>
24 #include <unistd.h>
25 
26 /*
27  * As a workaround, include an OpenSSL header file before including cmocka.h,
28  * because OpenSSL 3.1.0 uses __attribute__(malloc), conflicting with a
29  * redefined malloc in cmocka.h.
30  */
31 #include <openssl/err.h>
32 
33 #define UNIT_TESTING
34 #include <cmocka.h>
35 
36 #include <isc/print.h>
37 #include <isc/util.h>
38 
39 #include "dst_internal.h"
40 
41 #include <tests/dns.h>
42 
43 static int
44 setup_test(void **state) {
45 	isc_result_t result;
46 
47 	UNUSED(state);
48 
49 	result = dst_lib_init(mctx, NULL);
50 
51 	if (result != ISC_R_SUCCESS) {
52 		return (1);
53 	}
54 
55 	return (0);
56 }
57 
58 static int
59 teardown_test(void **state) {
60 	UNUSED(state);
61 
62 	dst_lib_destroy();
63 
64 	return (0);
65 }
66 
67 static unsigned char d[10] = { 0xa,  0x10, 0xbb, 0,    0xfe,
68 			       0x15, 0x1,  0x88, 0xcc, 0x7d };
69 
70 static unsigned char sigsha1[256] = {
71 	0x45, 0x55, 0xd6, 0xf8, 0x05, 0xd2, 0x2e, 0x79, 0x14, 0x2b, 0x1b, 0xd1,
72 	0x4b, 0xb7, 0xcd, 0xc0, 0xa2, 0xf3, 0x85, 0x32, 0x1f, 0xa3, 0xfd, 0x1f,
73 	0x30, 0xe0, 0xde, 0xb2, 0x6f, 0x3c, 0x8e, 0x2b, 0x82, 0x92, 0xcd, 0x1c,
74 	0x1b, 0xdf, 0xe6, 0xd5, 0x4d, 0x93, 0xe6, 0xaa, 0x40, 0x28, 0x1b, 0x7b,
75 	0x2e, 0x40, 0x4d, 0xb5, 0x4d, 0x43, 0xe8, 0xfc, 0x93, 0x86, 0x68, 0xe3,
76 	0xbf, 0x73, 0x9a, 0x1e, 0x6b, 0x5d, 0x52, 0xb8, 0x98, 0x1c, 0x94, 0xe1,
77 	0x85, 0x8b, 0xee, 0xb1, 0x4f, 0x22, 0x71, 0xcb, 0xfd, 0xb2, 0xa8, 0x88,
78 	0x64, 0xb4, 0xb1, 0x4a, 0xa1, 0x7a, 0xce, 0x52, 0x83, 0xd8, 0xf2, 0x9e,
79 	0x67, 0x4c, 0xc3, 0x37, 0x74, 0xfe, 0xe0, 0x25, 0x2a, 0xfd, 0xa3, 0x09,
80 	0xff, 0x8a, 0x92, 0x0d, 0xa9, 0xb3, 0x90, 0x23, 0xbe, 0x6a, 0x2c, 0x9e,
81 	0x5c, 0x6d, 0xb4, 0xa7, 0xd7, 0x97, 0xdd, 0xc6, 0xb8, 0xae, 0xd4, 0x88,
82 	0x64, 0x63, 0x1e, 0x85, 0x20, 0x09, 0xea, 0xc4, 0x0b, 0xca, 0xbf, 0x83,
83 	0x5c, 0x89, 0xae, 0x64, 0x15, 0x76, 0x06, 0x51, 0xb6, 0xa1, 0x99, 0xb2,
84 	0x3c, 0x50, 0x99, 0x86, 0x7d, 0xc7, 0xca, 0x4e, 0x1d, 0x2c, 0x17, 0xbb,
85 	0x6c, 0x7a, 0xc9, 0x3f, 0x5e, 0x28, 0x57, 0x2c, 0xda, 0x01, 0x1d, 0xe8,
86 	0x01, 0xf8, 0xf6, 0x37, 0xe1, 0x34, 0x56, 0xae, 0x6e, 0xb1, 0xd4, 0xa2,
87 	0xc4, 0x02, 0xc1, 0xca, 0x96, 0xb0, 0x06, 0x72, 0x2a, 0x27, 0xaa, 0xc8,
88 	0xd5, 0x50, 0x81, 0x49, 0x46, 0x33, 0xf8, 0xf7, 0x6b, 0xf4, 0x9c, 0x30,
89 	0x90, 0x50, 0xf6, 0x16, 0x76, 0x9d, 0xc6, 0x73, 0xb5, 0xbc, 0x8a, 0xb6,
90 	0x1d, 0x98, 0xcb, 0xce, 0x36, 0x6f, 0x60, 0xec, 0x96, 0x49, 0x08, 0x85,
91 	0x5b, 0xc1, 0x8e, 0xb0, 0xea, 0x9e, 0x1f, 0xd6, 0x27, 0x7f, 0xb6, 0xe0,
92 	0x04, 0x12, 0xd2, 0x81
93 };
94 
95 static unsigned char sigsha256[256] = {
96 	0x83, 0x53, 0x15, 0xfc, 0xca, 0xdb, 0xf6, 0x0d, 0x53, 0x24, 0x5b, 0x5a,
97 	0x8e, 0xd0, 0xbe, 0x5e, 0xbc, 0xe8, 0x9e, 0x92, 0x3c, 0xfa, 0x93, 0x03,
98 	0xce, 0x2f, 0xc7, 0x6d, 0xd0, 0xbb, 0x9d, 0x06, 0x83, 0xc6, 0xd3, 0xc0,
99 	0xc1, 0x57, 0x9c, 0x82, 0x17, 0x7f, 0xb5, 0xf8, 0x31, 0x18, 0xda, 0x46,
100 	0x05, 0x2c, 0xf8, 0xea, 0xaa, 0xcd, 0x99, 0x18, 0xff, 0x23, 0x5e, 0xef,
101 	0xf0, 0x87, 0x47, 0x6e, 0x91, 0xfd, 0x19, 0x0b, 0x39, 0x19, 0x6a, 0xc8,
102 	0xdf, 0x71, 0x66, 0x8e, 0xa9, 0xa0, 0x79, 0x5c, 0x2c, 0x52, 0x00, 0x61,
103 	0x17, 0x86, 0x66, 0x03, 0x52, 0xad, 0xec, 0x06, 0x53, 0xd9, 0x6d, 0xe3,
104 	0xe3, 0xea, 0x28, 0x15, 0xb3, 0x75, 0xf4, 0x61, 0x7d, 0xed, 0x69, 0x2c,
105 	0x24, 0xf3, 0x21, 0xb1, 0x8a, 0xea, 0x60, 0xa2, 0x9e, 0x6a, 0xa6, 0x53,
106 	0x12, 0xf6, 0x5c, 0xef, 0xd7, 0x49, 0x4a, 0x02, 0xe7, 0xf8, 0x64, 0x89,
107 	0x13, 0xac, 0xd5, 0x1e, 0x58, 0xff, 0xa1, 0x63, 0xdd, 0xa0, 0x1f, 0x44,
108 	0x99, 0x6a, 0x59, 0x7f, 0x35, 0xbd, 0xf1, 0xf3, 0x7a, 0x28, 0x44, 0xe3,
109 	0x4c, 0x68, 0xb1, 0xb3, 0x97, 0x3c, 0x46, 0xe3, 0xc2, 0x12, 0x9e, 0x68,
110 	0x0b, 0xa6, 0x6c, 0x8f, 0x58, 0x48, 0x44, 0xa4, 0xf7, 0xa7, 0xc2, 0x91,
111 	0x8f, 0xbf, 0x00, 0xd0, 0x01, 0x35, 0xd4, 0x86, 0x6e, 0x1f, 0xea, 0x42,
112 	0x60, 0xb1, 0x84, 0x27, 0xf4, 0x99, 0x36, 0x06, 0x98, 0x12, 0x83, 0x32,
113 	0x9f, 0xcd, 0x50, 0x5a, 0x5e, 0xb8, 0x8e, 0xfe, 0x8d, 0x8d, 0x33, 0x2d,
114 	0x45, 0xe1, 0xc9, 0xdf, 0x2a, 0xd8, 0x38, 0x1d, 0x95, 0xd4, 0x42, 0xee,
115 	0x93, 0x5b, 0x0f, 0x1e, 0x07, 0x06, 0x3a, 0x92, 0xf1, 0x59, 0x1d, 0x6e,
116 	0x1c, 0x31, 0xf3, 0xce, 0xa9, 0x1f, 0xad, 0x4d, 0x76, 0x4d, 0x24, 0x98,
117 	0xe2, 0x0e, 0x8c, 0x35
118 };
119 
120 static unsigned char sigsha512[512] = {
121 	0x4e, 0x2f, 0x63, 0x42, 0xc5, 0xf3, 0x05, 0x4a, 0xa6, 0x3a, 0x93, 0xa0,
122 	0xd9, 0x33, 0xa0, 0xd1, 0x46, 0x33, 0x42, 0xe8, 0x74, 0xeb, 0x3b, 0x10,
123 	0x82, 0xd7, 0xcf, 0x39, 0x23, 0xb3, 0xe9, 0x23, 0x53, 0x87, 0x8c, 0xee,
124 	0x78, 0xcb, 0xb3, 0xd9, 0xd2, 0x6d, 0x1a, 0x7c, 0x01, 0x4f, 0xed, 0x8d,
125 	0xf2, 0x72, 0xe4, 0x6a, 0x00, 0x8a, 0x60, 0xa6, 0xd5, 0x9c, 0x43, 0x6c,
126 	0xef, 0x38, 0x0c, 0x74, 0x82, 0x5d, 0x22, 0xaa, 0x87, 0x81, 0x90, 0x9c,
127 	0x64, 0x07, 0x9b, 0x13, 0x51, 0xe0, 0xa5, 0xc2, 0x83, 0x78, 0x2b, 0x9b,
128 	0xb3, 0x8a, 0x9d, 0x36, 0x33, 0xbd, 0x0d, 0x53, 0x84, 0xae, 0xe8, 0x13,
129 	0x36, 0xf6, 0xdf, 0x96, 0xe9, 0xda, 0xc3, 0xd7, 0xa9, 0x2f, 0xf3, 0x5e,
130 	0x5f, 0x1f, 0x7f, 0x38, 0x7e, 0x8d, 0xbe, 0x90, 0x5e, 0x13, 0xb2, 0x20,
131 	0xbb, 0x9d, 0xfe, 0xe1, 0x52, 0xce, 0xe6, 0x80, 0xa7, 0x95, 0x24, 0x59,
132 	0xe3, 0xac, 0x24, 0xc4, 0xfa, 0x1c, 0x44, 0x34, 0x29, 0x8d, 0xb1, 0xd0,
133 	0xd9, 0x4c, 0xff, 0xc4, 0xdb, 0xca, 0xc4, 0x3f, 0x38, 0xf9, 0xe4, 0xaf,
134 	0x75, 0x0a, 0x67, 0x4d, 0xa0, 0x2b, 0xb0, 0x83, 0xce, 0x53, 0xc4, 0xb9,
135 	0x2e, 0x61, 0xb6, 0x64, 0xe5, 0xb5, 0xe5, 0xac, 0x9d, 0x51, 0xec, 0x58,
136 	0x42, 0x90, 0x78, 0xf6, 0x46, 0x96, 0xef, 0xb6, 0x97, 0xb7, 0x54, 0x28,
137 	0x1a, 0x4c, 0x29, 0xf4, 0x7a, 0x33, 0xc6, 0x07, 0xfd, 0xec, 0x97, 0x36,
138 	0x1d, 0x42, 0x88, 0x94, 0x27, 0xc2, 0xa3, 0xe1, 0xd4, 0x87, 0xa1, 0x8a,
139 	0x2b, 0xff, 0x47, 0x60, 0xfe, 0x1f, 0xaf, 0xc2, 0xeb, 0x17, 0xdd, 0x56,
140 	0xc5, 0x94, 0x5c, 0xcb, 0x23, 0xe5, 0x49, 0x4d, 0x99, 0x06, 0x02, 0x5a,
141 	0xfc, 0xfc, 0xdc, 0xee, 0x49, 0xbc, 0x47, 0x60, 0xff, 0x6a, 0x63, 0x8b,
142 	0xe1, 0x2e, 0xa3, 0xa7
143 };
144 
145 /* RSA verify */
146 ISC_RUN_TEST_IMPL(isc_rsa_verify) {
147 	isc_result_t ret;
148 	dns_fixedname_t fname;
149 	isc_buffer_t buf;
150 	dns_name_t *name;
151 	dst_key_t *key = NULL;
152 	dst_context_t *ctx = NULL;
153 	isc_region_t r;
154 
155 	UNUSED(state);
156 
157 	name = dns_fixedname_initname(&fname);
158 	isc_buffer_constinit(&buf, "rsa.", 4);
159 	isc_buffer_add(&buf, 4);
160 	ret = dns_name_fromtext(name, &buf, NULL, 0, NULL);
161 	assert_int_equal(ret, ISC_R_SUCCESS);
162 
163 	ret = dst_key_fromfile(name, 29238, DST_ALG_RSASHA256, DST_TYPE_PUBLIC,
164 			       TESTS_DIR, mctx, &key);
165 	assert_int_equal(ret, ISC_R_SUCCESS);
166 
167 	/* RSASHA1 - May not be supported by the OS */
168 	if (dst_algorithm_supported(DST_ALG_RSASHA1)) {
169 		key->key_alg = DST_ALG_RSASHA1;
170 
171 		ret = dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC,
172 					 false, 0, &ctx);
173 		assert_int_equal(ret, ISC_R_SUCCESS);
174 
175 		r.base = d;
176 		r.length = 10;
177 		ret = dst_context_adddata(ctx, &r);
178 		assert_int_equal(ret, ISC_R_SUCCESS);
179 
180 		r.base = sigsha1;
181 		r.length = 256;
182 		ret = dst_context_verify(ctx, &r);
183 		assert_int_equal(ret, ISC_R_SUCCESS);
184 
185 		dst_context_destroy(&ctx);
186 	}
187 
188 	/* RSASHA256 */
189 
190 	key->key_alg = DST_ALG_RSASHA256;
191 
192 	ret = dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, false, 0,
193 				 &ctx);
194 	assert_int_equal(ret, ISC_R_SUCCESS);
195 
196 	r.base = d;
197 	r.length = 10;
198 	ret = dst_context_adddata(ctx, &r);
199 	assert_int_equal(ret, ISC_R_SUCCESS);
200 
201 	r.base = sigsha256;
202 	r.length = 256;
203 	ret = dst_context_verify(ctx, &r);
204 	assert_int_equal(ret, ISC_R_SUCCESS);
205 
206 	dst_context_destroy(&ctx);
207 
208 	/* RSASHA512 */
209 
210 	key->key_alg = DST_ALG_RSASHA512;
211 
212 	ret = dst_context_create(key, mctx, DNS_LOGCATEGORY_DNSSEC, false, 0,
213 				 &ctx);
214 	assert_int_equal(ret, ISC_R_SUCCESS);
215 
216 	r.base = d;
217 	r.length = 10;
218 	ret = dst_context_adddata(ctx, &r);
219 	assert_int_equal(ret, ISC_R_SUCCESS);
220 
221 	r.base = sigsha512;
222 	r.length = 256;
223 	ret = dst_context_verify(ctx, &r);
224 	assert_int_equal(ret, ISC_R_SUCCESS);
225 
226 	dst_context_destroy(&ctx);
227 
228 	dst_key_free(&key);
229 }
230 
231 ISC_TEST_LIST_START
232 ISC_TEST_ENTRY_CUSTOM(isc_rsa_verify, setup_test, teardown_test)
233 ISC_TEST_LIST_END
234 
235 ISC_TEST_MAIN
236