diff options
Diffstat (limited to 'tests/libdnssec/test_sign_der.c')
| -rw-r--r-- | tests/libdnssec/test_sign_der.c | 203 |
1 files changed, 203 insertions, 0 deletions
diff --git a/tests/libdnssec/test_sign_der.c b/tests/libdnssec/test_sign_der.c new file mode 100644 index 0000000..18745a9 --- /dev/null +++ b/tests/libdnssec/test_sign_der.c @@ -0,0 +1,203 @@ +/* Copyright (C) 2019 CZ.NIC, z.s.p.o. <knot-dns@labs.nic.cz> + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <https://www.gnu.org/licenses/>. + */ + +#include <tap/basic.h> +#include <stdint.h> +#include <string.h> +#include <stdbool.h> + +#include "bignum.c" +#include "binary.h" +#include "error.h" +#include "sign/der.c" + +static int binary_eq(const dnssec_binary_t *a, const dnssec_binary_t *b) +{ + return a && b && + a->size == b->size && + memcmp(a->data, b->data, a->size) == 0; +} + +#define DECODE_OK(der, r, s, message) \ + dnssec_binary_t __der = { .data = der, .size = sizeof(der) }; \ + dnssec_binary_t __r = { .data = r, .size = sizeof(r) }; \ + dnssec_binary_t __s = { .data = s, .size = sizeof(s) }; \ + dnssec_binary_t __out_s = { 0 }; \ + dnssec_binary_t __out_r = { 0 }; \ + int _result = dss_sig_value_decode(&__der, &__out_r, &__out_s); \ + ok(_result == DNSSEC_EOK && \ + binary_eq(&__r, &__out_r) && \ + binary_eq(&__s, &__out_s), \ + "decode ok, " message) + +#define DECODE_FAIL(der, message) \ + dnssec_binary_t __der = { .data = der, .size = sizeof(der) }; \ + dnssec_binary_t __out_r = { 0 }; \ + dnssec_binary_t __out_s = { 0 }; \ + int _result = dss_sig_value_decode(&__der, &__out_r, &__out_s); \ + ok(_result != DNSSEC_EOK, \ + "decode fail, " message) + +#define ENCODE_OK(r, s, der, message) \ + dnssec_binary_t __r = { .data = r, .size = sizeof(r) }; \ + dnssec_binary_t __s = { .data = s, .size = sizeof(s) }; \ + dnssec_binary_t __der = { .data = der, .size = sizeof(der) }; \ + dnssec_binary_t __out_der = { 0 }; \ + int _result = dss_sig_value_encode(&__r, &__s, &__out_der); \ + ok(_result == DNSSEC_EOK && \ + binary_eq(&__der, &__out_der), \ + "encode ok, " message); \ + dnssec_binary_free(&__out_der) + +#define ENCODE_FAIL(r, s, message) \ + dnssec_binary_t __r = { .data = r, .size = sizeof(r) }; \ + dnssec_binary_t __s = { .data = s, .size = sizeof(s) }; \ + dnssec_binary_t __out_der = { 0 }; \ + int _result = dss_sig_value_encode(&__r, &__s, &__out_der); \ + ok(_result != DNSSEC_EOK, \ + "encode fail, " message); \ + dnssec_binary_free(&__out_der) + +#define ONE_64_TIMES \ + 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, \ + 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, \ + 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, \ + 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, \ + 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, \ + 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, \ + 0x01,0x01,0x01,0x01 + +#define ONE_128_TIMES \ + ONE_64_TIMES, ONE_64_TIMES + +int main(void) +{ + plan_lazy(); + + { + uint8_t der[] = { 0x30,0x08, 0x02,0x02,0x1a,0x2b, 0x02,0x02,0x3c,0x4d }; + uint8_t r[] = { 0x1a, 0x2b }; + uint8_t s[] = { 0x3c, 0x4d }; + DECODE_OK(der, r, s, "simple without MSB"); + } + + { + uint8_t der[] = { 0x30,0x08, 0x02,0x02,0xff,0xff, 0x02,0x02,0x80,0x00 }; + uint8_t r[] = { 0xff, 0xff }; + uint8_t s[] = { 0x80, 0x00 }; + DECODE_OK(der, r, s, "simple with MSB"); + } + + { + uint8_t der[] = { 0x30,0x09, 0x02,0x04,0x00,0x00,0x00,0xfa, 0x02,0x01,0x07 }; + uint8_t r[] = { 0xfa }; + uint8_t s[] = { 0x07 }; + DECODE_OK(der, r, s, "leading zeros"); + } + + { + uint8_t der[] = { 0x30,0x07, 0x02,0x01,0x00, 0x02,0x02,0x00,0x00 }; + uint8_t r[] = { 0x00 }; + uint8_t s[] = { 0x00 }; + DECODE_OK(der, r, s, "zero values" ); + } + + { + uint8_t der[] = { }; + DECODE_FAIL(der, "empty input"); + } + + { + uint8_t der[] = { 0x30,0x04, 0x02,0x01,0x01 }; + DECODE_FAIL(der, "partial sequence"); + } + + { + uint8_t der[] = { 0x30,0x06, 0x02,0x01,0x01, 0x02,0x02,0x01 }; + DECODE_FAIL(der, "partial integer"); + } + + { + uint8_t der[] = { 0x30,0x00 }; + DECODE_FAIL(der, "zero-length sequence"); + } + + { + uint8_t der[] = { 0x30,0x05, 0x02,0x01,0xff, 0x02,0x00 }; + DECODE_FAIL(der, "zero-length integer"); + } + + { + uint8_t der[] = { 0x30,0x84, 0x02,0x40,ONE_64_TIMES, 0x02,0x40,ONE_64_TIMES }; + DECODE_FAIL(der, "unsupported size"); + } + + { + uint8_t r[] = { 0x01, }; + uint8_t s[] = { 0x02,0x03 }; + uint8_t der[] = { 0x30,0x07, 0x02,0x01,0x01, 0x02,0x02,0x02,0x03 }; + ENCODE_OK(r, s, der, "simple"); + } + + { + uint8_t r[] = { 0x00,0x01, }; + uint8_t s[] = { 0x00,0x00,0x02,0x03 }; + uint8_t der[] = { 0x30,0x07, 0x02,0x01,0x01, 0x02,0x02,0x02,0x03 }; + ENCODE_OK(r, s, der, "unnecessary leading zeros"); + } + + { + uint8_t r[] = { 0x00,0x8f }; + uint8_t s[] = { 0x00,0x00,0xff }; + uint8_t der[] = { 0x30,0x08, 0x02,0x02,0x00,0x8f, 0x02,0x02,0x00,0xff }; + ENCODE_OK(r, s, der, "required zero not removed"); + } + + { + uint8_t r[] = { 0x8c }; + uint8_t s[] = { 0xff,0xee }; + uint8_t der[] = { 0x30,0x09, 0x02,0x02,0x00,0x8c, 0x02,0x03,0x00,0xff,0xee }; + ENCODE_OK(r, s, der, "implicitly added zero"); + } + + { + uint8_t r[] = { 0x00 }; + uint8_t s[] = { 0x00,0x00 }; + uint8_t der[] = { 0x30,0x06, 0x02,0x01,0x00, 0x02,0x01,0x00 }; + ENCODE_OK(r, s, der, "zero"); + } + + { + uint8_t r[] = { 0x01 }; + uint8_t s[] = { }; + uint8_t der[] = { 0x30,0x06, 0x02,0x01,0x01, 0x02,0x01,0x00 }; + ENCODE_OK(r, s, der, "zero-length input"); + } + + { + uint8_t r[] = { ONE_128_TIMES }; + uint8_t s[] = { 0x01 }; + ENCODE_FAIL(r, s, "input too long"); + } + + { + uint8_t r[] = { ONE_64_TIMES }; + uint8_t s[] = { ONE_64_TIMES }; + ENCODE_FAIL(r, s, "result too long"); + } + + return 0; +} |