/* $NetBSD: crypto.c,v 1.5 2024/08/18 20:47:26 christos Exp $ */ #include "config.h" #include "unity.h" #include "ntp_types.h" #include "sntptest.h" #include "crypto.h" #define CMAC "AES128CMAC" #define SHA1_LENGTH 20 #define CMAC_LENGTH 16 void test_MakeSHAKE128Mac(void); void test_MakeSHA1Mac(void); void test_MakeCMac(void); void test_VerifySHAKE128(void); void test_VerifySHA1(void); void test_VerifyCMAC(void); void test_VerifyFailure(void); void test_PacketSizeNotMultipleOfFourBytes(void); void VerifyLocalCMAC(struct key *cmac); void VerifyOpenSSLCMAC(struct key *cmac); void test_MakeSHAKE128Mac(void) { #ifdef OPENSSL const char KEY[] = "SHAKE128 unit test key"; const u_char PAYLOAD[] = "packettestdata16"; const size_t PAYLOAD_LEN = sizeof(PAYLOAD) - 1; const u_char EXPECTED_DIGEST[] = "\x62\x5A\x8F\xE4\x66\xCB\xF3\xA6" "\x73\x62\x68\x8D\x11\xB8\x42\xBB"; u_char actual[sizeof(EXPECTED_DIGEST) - 1]; struct key sk; sk.next = NULL; sk.key_id = 10; sk.key_len = sizeof(KEY) - 1; memcpy(&sk.key_seq, KEY, min(sizeof(sk.key_seq), sk.key_len)); strlcpy(sk.typen, "SHAKE128", sizeof(sk.typen)); sk.typei = keytype_from_text(sk.typen, NULL); TEST_ASSERT_EQUAL(sizeof(actual), make_mac(PAYLOAD, PAYLOAD_LEN, &sk, actual, sizeof(actual))); TEST_ASSERT_EQUAL_HEX8_ARRAY(EXPECTED_DIGEST, actual, sizeof(actual)); #else TEST_IGNORE_MESSAGE("OpenSSL not found, skipping..."); #endif /* OPENSSL */ } void test_MakeSHA1Mac(void) { #ifdef OPENSSL const char* PKT_DATA = "abcdefgh0123"; const int PKT_LEN = strlen(PKT_DATA); const char* EXPECTED_DIGEST = "\x17\xaa\x82\x97\xc7\x17\x13\x6a\x9b\xa9" "\x63\x85\xb4\xce\xbe\x94\xa0\x97\x16\x1d"; char actual[SHA1_LENGTH]; struct key sha1; sha1.next = NULL; sha1.key_id = 20; sha1.key_len = 7; memcpy(&sha1.key_seq, "sha1seq", sha1.key_len); strlcpy(sha1.typen, "SHA1", sizeof(sha1.typen)); sha1.typei = keytype_from_text(sha1.typen, NULL); TEST_ASSERT_EQUAL(SHA1_LENGTH, make_mac(PKT_DATA, PKT_LEN, &sha1, actual, SHA1_LENGTH)); TEST_ASSERT_EQUAL_MEMORY(EXPECTED_DIGEST, actual, SHA1_LENGTH); #else TEST_IGNORE_MESSAGE("OpenSSL not found, skipping..."); #endif /* OPENSSL */ } void test_MakeCMac(void) { #if defined(OPENSSL) && defined(ENABLE_CMAC) const char* PKT_DATA = "abcdefgh0123"; const int PKT_LEN = strlen(PKT_DATA); const char* EXPECTED_DIGEST = "\xdd\x35\xd5\xf5\x14\x23\xd9\xd6" "\x38\x5d\x29\x80\xfe\x51\xb9\x6b"; char actual[CMAC_LENGTH]; struct key cmac; cmac.next = NULL; cmac.key_id = 30; cmac.key_len = CMAC_LENGTH; memcpy(&cmac.key_seq, "aes-128-cmac-seq", cmac.key_len); memcpy(&cmac.typen, CMAC, strlen(CMAC) + 1); TEST_ASSERT_EQUAL(CMAC_LENGTH, make_mac(PKT_DATA, PKT_LEN, &cmac, actual, CMAC_LENGTH)); TEST_ASSERT_EQUAL_MEMORY(EXPECTED_DIGEST, actual, CMAC_LENGTH); #else TEST_IGNORE_MESSAGE("CMAC not enabled, skipping..."); #endif /* OPENSSL */ } void test_VerifySHAKE128(void) { #ifdef OPENSSL const char KEY[] = "SHAKE128 unit test key"; const u_char PAYLOAD[] = "packettestdata16"; const size_t PAYLOAD_LEN = sizeof(PAYLOAD) - 1; const u_char EXPECTED_DIGEST[] = "\x62\x5A\x8F\xE4\x66\xCB\xF3\xA6" "\x73\x62\x68\x8D\x11\xB8\x42\xBB"; const size_t DIGEST_LEN = sizeof(EXPECTED_DIGEST) - 1; struct key sk; u_char PKT_DATA[ PAYLOAD_LEN + sizeof(sk.key_id) + DIGEST_LEN]; u_char *p; sk.next = NULL; sk.key_id = 0; sk.key_len = sizeof(KEY) - 1; memcpy(&sk.key_seq, KEY, min(sizeof(sk.key_seq), sk.key_len)); strlcpy(sk.typen, "SHAKE128", sizeof(sk.typen)); sk.typei = keytype_from_text(sk.typen, NULL); p = PKT_DATA; memcpy(p, PAYLOAD, PAYLOAD_LEN); p += PAYLOAD_LEN; memcpy(p, &sk.key_id, sizeof(sk.key_id)); p += sizeof(sk.key_id); memcpy(p, EXPECTED_DIGEST, DIGEST_LEN); p += DIGEST_LEN; TEST_ASSERT_TRUE(sizeof(PKT_DATA) == p - PKT_DATA); TEST_ASSERT_TRUE(auth_md5(PKT_DATA, PAYLOAD_LEN, DIGEST_LEN, &sk)); #else TEST_IGNORE_MESSAGE("OpenSSL not found, skipping..."); #endif /* OPENSSL */ } void test_VerifySHA1(void) { #ifdef OPENSSL const char* PKT_DATA = "sometestdata" /* Data */ "\0\0\0\0" /* Key-ID (unused) */ "\xad\x07\xde\x36\x39\xa6\x77\xfa\x5b\xce" /* MAC */ "\x2d\x8a\x7d\x06\x96\xe6\x0c\xbc\xed\xe1"; const int PKT_LEN = 12; struct key sha1; sha1.next = NULL; sha1.key_id = 0; sha1.key_len = 7; memcpy(&sha1.key_seq, "sha1key", sha1.key_len); strlcpy(sha1.typen, "SHA1", sizeof(sha1.typen)); sha1.typei = keytype_from_text(sha1.typen, NULL); TEST_ASSERT_TRUE(auth_md5(PKT_DATA, PKT_LEN, SHA1_LENGTH, &sha1)); #else TEST_IGNORE_MESSAGE("OpenSSL not found, skipping..."); #endif /* OPENSSL */ } void test_VerifyCMAC(void) { struct key cmac; cmac.next = NULL; cmac.key_id = 0; cmac.key_len = CMAC_LENGTH; memcpy(&cmac.key_seq, "aes-128-cmac-key", cmac.key_len); memcpy(&cmac.typen, CMAC, strlen(CMAC) + 1); VerifyOpenSSLCMAC(&cmac); VerifyLocalCMAC(&cmac); } void VerifyOpenSSLCMAC(struct key *cmac) { #if defined(OPENSSL) && defined(ENABLE_CMAC) /* XXX: HMS: auth_md5 must be renamed/incorrect. */ // TEST_ASSERT_TRUE(auth_md5(PKT_DATA, PKT_LEN, CMAC_LENGTH, cmac)); TEST_IGNORE_MESSAGE("VerifyOpenSSLCMAC needs to be implemented, skipping..."); #else TEST_IGNORE_MESSAGE("CMAC not enabled, skipping..."); #endif /* OPENSSL */ return; } void VerifyLocalCMAC(struct key *cmac) { /* XXX: HMS: auth_md5 must be renamed/incorrect. */ // TEST_ASSERT_TRUE(auth_md5(PKT_DATA, PKT_LEN, CMAC_LENGTH, cmac)); TEST_IGNORE_MESSAGE("Hook in the local AES-128-CMAC check!"); return; } void test_VerifyFailure(void) { /* * We use a copy of test_VerifySHAKE128(), but modify the * last packet octet to make sure verification fails. */ #ifdef OPENSSL const char KEY[] = "SHAKE128 unit test key"; const u_char PAYLOAD[] = "packettestdata1_"; /* last packet byte different */ const size_t PAYLOAD_LEN = sizeof(PAYLOAD) - 1; const u_char EXPECTED_DIGEST[] = "\x62\x5A\x8F\xE4\x66\xCB\xF3\xA6" "\x73\x62\x68\x8D\x11\xB8\x42\xBB"; const size_t DIGEST_LEN = sizeof(EXPECTED_DIGEST) - 1; struct key sk; u_char PKT_DATA[ PAYLOAD_LEN + sizeof(sk.key_id) + DIGEST_LEN]; u_char *p; sk.next = NULL; sk.key_id = 0; sk.key_len = sizeof(KEY) - 1; memcpy(&sk.key_seq, KEY, min(sizeof(sk.key_seq), sk.key_len)); strlcpy(sk.typen, "SHAKE128", sizeof(sk.typen)); sk.typei = keytype_from_text(sk.typen, NULL); p = PKT_DATA; memcpy(p, PAYLOAD, PAYLOAD_LEN); p += PAYLOAD_LEN; memcpy(p, &sk.key_id, sizeof(sk.key_id)); p += sizeof(sk.key_id); memcpy(p, EXPECTED_DIGEST, DIGEST_LEN); p += DIGEST_LEN; TEST_ASSERT_TRUE(sizeof(PKT_DATA) == p - PKT_DATA); TEST_ASSERT_FALSE(auth_md5(PKT_DATA, PAYLOAD_LEN, DIGEST_LEN, &sk)); #else TEST_IGNORE_MESSAGE("OpenSSL not found, skipping..."); #endif /* OPENSSL */ } void test_PacketSizeNotMultipleOfFourBytes(void) { /* * We use a copy of test_MakeSHAKE128Mac(), but modify * the packet length to 17. */ #ifdef OPENSSL const char KEY[] = "SHAKE128 unit test key"; const u_char PAYLOAD[] = "packettestdata_17"; const size_t PAYLOAD_LEN = sizeof(PAYLOAD) - 1; const u_char EXPECTED_DIGEST[] = "\x62\x5A\x8F\xE4\x66\xCB\xF3\xA6" "\x73\x62\x68\x8D\x11\xB8\x42\xBB"; u_char actual[sizeof(EXPECTED_DIGEST) - 1]; struct key sk; sk.next = NULL; sk.key_id = 10; sk.key_len = sizeof(KEY) - 1; memcpy(&sk.key_seq, KEY, min(sizeof(sk.key_seq), sk.key_len)); strlcpy(sk.typen, "SHAKE128", sizeof(sk.typen)); sk.typei = keytype_from_text(sk.typen, NULL); TEST_ASSERT_EQUAL(0, make_mac(PAYLOAD, PAYLOAD_LEN, &sk, actual, sizeof(actual))); #else TEST_IGNORE_MESSAGE("OpenSSL not found, skipping..."); #endif /* OPENSSL */ }