1 /*        $NetBSD: a_md5encrypt.c,v 1.4 2024/08/18 20:47:26 christos Exp $      */
2 
3 #include "config.h"
4 #include "unity.h"
5 
6 #ifdef OPENSSL
7 # include "openssl/err.h"
8 # include "openssl/rand.h"
9 # include "openssl/evp.h"
10 #endif
11 #include "ntp.h"
12 #include "ntp_stdlib.h"
13 
14 
15 /*
16  * Example packet with SHA1 hash calculated manually:
17  * echo -n abcdefghijklmnopqrstuvwx | openssl sha1 -
18  */
19 #ifdef OPENSSL
20 const keyid_t keyId = 42;
21 const int keytype = NID_sha1;
22 const u_char key[] = "abcdefgh";
23 const size_t keyLength = sizeof(key) - 1;
24 const u_char payload[] = "ijklmnopqrstuvwx";
25 #define payloadLength (sizeof(payload) - 1)
26 #define keyIdLength  (sizeof(keyid_t))
27 #define digestLength SHA1_LENGTH
28 #define packetLength (payloadLength + keyIdLength + digestLength)
29 union {
30           u_char              u8 [packetLength];
31           uint32_t  u32[1];
32 } expectedPacket =
33 {
34     {
35           'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p',
36           'q', 'r', 's', 't', 'u', 'v', 'w', 'x',
37           0x00, 0x00, 0x00, 0x00,
38           0xd7, 0x17, 0xe2, 0x2e,
39           0x16, 0x59, 0x30, 0x5f,
40           0xad, 0x6e, 0xf0, 0x88,
41           0x64, 0x92, 0x3d, 0xb6,
42           0x4a, 0xba, 0x9c, 0x08
43     }
44 };
45 union {
46           u_char              u8 [packetLength];
47           uint32_t  u32[1];
48 } invalidPacket =
49 {
50     {
51           'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p',
52           'q', 'r', 's', 't', 'u', 'v', 'w', 'x',
53           0x00, 0x00, 0x00, 0x00,
54           0xd7, 0x17, 0xe2, 0x2e,
55           0x16, 0x59, 0x30, 0x5f,
56           0xad, 0x6e, 0xf0, 0x88,
57           0x64, 0x92, 0x3d, 0xb6,
58           0x4a, 0xba, 0x9c, 0xff
59     }
60 }; /* same as expectedPacket but with last octet modified */
61 #endif    /* OPENSSL */
62 
63 u_long current_time = 4;
64 
65 void test_Encrypt(void);
66 void test_DecryptValid(void);
67 void test_DecryptInvalid(void);
68 void test_IPv4AddressToRefId(void);
69 void test_IPv6AddressToRefId(void);
70 
71 
72 void
test_Encrypt(void)73 test_Encrypt(void)
74 {
75 #ifndef OPENSSL
76           TEST_IGNORE_MESSAGE("non-SSL build");
77 #else
78           u_int32 *packetPtr;
79           size_t length;
80 
81           packetPtr = emalloc_zero(packetLength);
82           memcpy(packetPtr, payload, payloadLength);
83 
84           length = MD5authencrypt(keytype, key, keyLength,
85                                         packetPtr, payloadLength);
86 
87           TEST_ASSERT_EQUAL(MAX_SHA1_LEN, length);
88 
89           TEST_ASSERT_TRUE(MD5authdecrypt(keytype, key, keyLength, packetPtr,
90                                                 payloadLength, MAX_SHA1_LEN, keyId));
91           TEST_ASSERT_EQUAL_MEMORY(expectedPacket.u8, packetPtr, packetLength);
92 
93           free(packetPtr);
94 #endif    /* OPENSSL */
95 }
96 
97 void
test_DecryptValid(void)98 test_DecryptValid(void)
99 {
100 #ifndef OPENSSL
101           TEST_IGNORE_MESSAGE("non-SSL build");
102 #else
103           TEST_ASSERT_TRUE(MD5authdecrypt(keytype, key, keyLength,
104                                                   expectedPacket.u32, payloadLength,
105                                                   MAX_SHA1_LEN, keyId));
106 #endif    /* OPENSSL */
107 }
108 
109 void
test_DecryptInvalid(void)110 test_DecryptInvalid(void)
111 {
112 #ifndef OPENSSL
113           TEST_IGNORE_MESSAGE("non-SSL build");
114 #else
115           TEST_ASSERT_FALSE(MD5authdecrypt(keytype, key, keyLength,
116                                                    invalidPacket.u32, payloadLength,
117                                                    MAX_SHA1_LEN, keyId));
118 #endif    /* OPENSSL */
119 }
120 
121 void
test_IPv4AddressToRefId(void)122 test_IPv4AddressToRefId(void)
123 {
124           sockaddr_u          addr;
125           u_int32             addr4n;
126 
127           AF(&addr) = AF_INET;
128           SET_PORT(&addr, htons(80));
129           addr4n = inet_addr("192.0.2.1");
130           NSRCADR(&addr) = addr4n;
131 
132           TEST_ASSERT_EQUAL_UINT32(addr4n, addr2refid(&addr));
133 }
134 
135 void
test_IPv6AddressToRefId(void)136 test_IPv6AddressToRefId(void) {
137           const int expected = 0x75cffd52;
138           const struct in6_addr address = { { {
139                     0x20, 0x01, 0x0d, 0xb8,
140                     0x85, 0xa3, 0x08, 0xd3,
141                     0x13, 0x19, 0x8a, 0x2e,
142                     0x03, 0x70, 0x73, 0x34
143           } } };
144           sockaddr_u addr;
145 
146           AF(&addr) = AF_INET6;
147           SOCK_ADDR6(&addr) = address;
148 
149           TEST_ASSERT_EQUAL(expected, addr2refid(&addr));
150 }
151