1 /* $NetBSD: a_md5encrypt.c,v 1.4 2024/08/18 20:47:26 christos Exp $ */
2
3 #include "config.h"
4 #include "unity.h"
5
6 #ifdef OPENSSL
7 # include "openssl/err.h"
8 # include "openssl/rand.h"
9 # include "openssl/evp.h"
10 #endif
11 #include "ntp.h"
12 #include "ntp_stdlib.h"
13
14
15 /*
16 * Example packet with SHA1 hash calculated manually:
17 * echo -n abcdefghijklmnopqrstuvwx | openssl sha1 -
18 */
19 #ifdef OPENSSL
20 const keyid_t keyId = 42;
21 const int keytype = NID_sha1;
22 const u_char key[] = "abcdefgh";
23 const size_t keyLength = sizeof(key) - 1;
24 const u_char payload[] = "ijklmnopqrstuvwx";
25 #define payloadLength (sizeof(payload) - 1)
26 #define keyIdLength (sizeof(keyid_t))
27 #define digestLength SHA1_LENGTH
28 #define packetLength (payloadLength + keyIdLength + digestLength)
29 union {
30 u_char u8 [packetLength];
31 uint32_t u32[1];
32 } expectedPacket =
33 {
34 {
35 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p',
36 'q', 'r', 's', 't', 'u', 'v', 'w', 'x',
37 0x00, 0x00, 0x00, 0x00,
38 0xd7, 0x17, 0xe2, 0x2e,
39 0x16, 0x59, 0x30, 0x5f,
40 0xad, 0x6e, 0xf0, 0x88,
41 0x64, 0x92, 0x3d, 0xb6,
42 0x4a, 0xba, 0x9c, 0x08
43 }
44 };
45 union {
46 u_char u8 [packetLength];
47 uint32_t u32[1];
48 } invalidPacket =
49 {
50 {
51 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p',
52 'q', 'r', 's', 't', 'u', 'v', 'w', 'x',
53 0x00, 0x00, 0x00, 0x00,
54 0xd7, 0x17, 0xe2, 0x2e,
55 0x16, 0x59, 0x30, 0x5f,
56 0xad, 0x6e, 0xf0, 0x88,
57 0x64, 0x92, 0x3d, 0xb6,
58 0x4a, 0xba, 0x9c, 0xff
59 }
60 }; /* same as expectedPacket but with last octet modified */
61 #endif /* OPENSSL */
62
63 u_long current_time = 4;
64
65 void test_Encrypt(void);
66 void test_DecryptValid(void);
67 void test_DecryptInvalid(void);
68 void test_IPv4AddressToRefId(void);
69 void test_IPv6AddressToRefId(void);
70
71
72 void
test_Encrypt(void)73 test_Encrypt(void)
74 {
75 #ifndef OPENSSL
76 TEST_IGNORE_MESSAGE("non-SSL build");
77 #else
78 u_int32 *packetPtr;
79 size_t length;
80
81 packetPtr = emalloc_zero(packetLength);
82 memcpy(packetPtr, payload, payloadLength);
83
84 length = MD5authencrypt(keytype, key, keyLength,
85 packetPtr, payloadLength);
86
87 TEST_ASSERT_EQUAL(MAX_SHA1_LEN, length);
88
89 TEST_ASSERT_TRUE(MD5authdecrypt(keytype, key, keyLength, packetPtr,
90 payloadLength, MAX_SHA1_LEN, keyId));
91 TEST_ASSERT_EQUAL_MEMORY(expectedPacket.u8, packetPtr, packetLength);
92
93 free(packetPtr);
94 #endif /* OPENSSL */
95 }
96
97 void
test_DecryptValid(void)98 test_DecryptValid(void)
99 {
100 #ifndef OPENSSL
101 TEST_IGNORE_MESSAGE("non-SSL build");
102 #else
103 TEST_ASSERT_TRUE(MD5authdecrypt(keytype, key, keyLength,
104 expectedPacket.u32, payloadLength,
105 MAX_SHA1_LEN, keyId));
106 #endif /* OPENSSL */
107 }
108
109 void
test_DecryptInvalid(void)110 test_DecryptInvalid(void)
111 {
112 #ifndef OPENSSL
113 TEST_IGNORE_MESSAGE("non-SSL build");
114 #else
115 TEST_ASSERT_FALSE(MD5authdecrypt(keytype, key, keyLength,
116 invalidPacket.u32, payloadLength,
117 MAX_SHA1_LEN, keyId));
118 #endif /* OPENSSL */
119 }
120
121 void
test_IPv4AddressToRefId(void)122 test_IPv4AddressToRefId(void)
123 {
124 sockaddr_u addr;
125 u_int32 addr4n;
126
127 AF(&addr) = AF_INET;
128 SET_PORT(&addr, htons(80));
129 addr4n = inet_addr("192.0.2.1");
130 NSRCADR(&addr) = addr4n;
131
132 TEST_ASSERT_EQUAL_UINT32(addr4n, addr2refid(&addr));
133 }
134
135 void
test_IPv6AddressToRefId(void)136 test_IPv6AddressToRefId(void) {
137 const int expected = 0x75cffd52;
138 const struct in6_addr address = { { {
139 0x20, 0x01, 0x0d, 0xb8,
140 0x85, 0xa3, 0x08, 0xd3,
141 0x13, 0x19, 0x8a, 0x2e,
142 0x03, 0x70, 0x73, 0x34
143 } } };
144 sockaddr_u addr;
145
146 AF(&addr) = AF_INET6;
147 SOCK_ADDR6(&addr) = address;
148
149 TEST_ASSERT_EQUAL(expected, addr2refid(&addr));
150 }
151