From f449f278dd3c70e479a035f50a9bb817a9b433ba Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 17:24:08 +0200 Subject: Adding upstream version 3.2.6. Signed-off-by: Daniel Baumann --- tests/libdnssec/test_nsec_hash.c | 114 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 114 insertions(+) create mode 100644 tests/libdnssec/test_nsec_hash.c (limited to 'tests/libdnssec/test_nsec_hash.c') diff --git a/tests/libdnssec/test_nsec_hash.c b/tests/libdnssec/test_nsec_hash.c new file mode 100644 index 0000000..595a314 --- /dev/null +++ b/tests/libdnssec/test_nsec_hash.c @@ -0,0 +1,114 @@ +/* Copyright (C) 2018 CZ.NIC, z.s.p.o. + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . + */ + +#include +#include + +#include "crypto.h" +#include "error.h" +#include "nsec.h" + +static const dnssec_binary_t RDATA = { .size = 9, .data = (uint8_t []) { + 0x01, // algorithm + 0x00, // flags + 0x00, 0x0a, // iterations + 0x04, // salt length + 'a', 'b', 'c', 'd' // salt +}}; + +static void test_length(void) +{ + ok(dnssec_nsec3_hash_length(DNSSEC_NSEC3_ALGORITHM_SHA1) == 20, + "dnssec_nsec3_hash_length() for SHA1"); +} + +static void test_parsing(void) +{ + + dnssec_nsec3_params_t params = { 0 }; + int result = dnssec_nsec3_params_from_rdata(¶ms, &RDATA); + ok(result == DNSSEC_EOK, "dnssec_nsec3_params_from_rdata()"); + + ok(params.algorithm == 1, "algorithm"); + ok(params.flags == 0, "flags"); + ok(params.iterations == 10, "iterations"); + ok(params.salt.size == 4, "salt length"); + ok(params.salt.data != NULL && memcmp(params.salt.data, "abcd", 4) == 0, + "salt content"); + + dnssec_nsec3_params_free(¶ms); + ok(params.salt.data == NULL, "dnssec_nsec3_params_free()"); +} + +static void test_hashing(void) +{ + const dnssec_binary_t dname = { + .size = 13, + .data = (uint8_t *) "\x08""knot-dns""\x02""cz" + }; + + const dnssec_nsec3_params_t params = { + .algorithm = DNSSEC_NSEC3_ALGORITHM_SHA1, + .flags = 0, + .iterations = 7, + .salt = { .size = 14, .data = (uint8_t *) "happywithnsec3" } + }; + + const dnssec_binary_t expected = { .size = 20, .data = (uint8_t []) { + 0x72, 0x40, 0x55, 0x83, 0x92, 0x93, 0x95, 0x28, 0xee, 0xa2, + 0xcc, 0xe1, 0x13, 0xbe, 0xcd, 0x41, 0xee, 0x8a, 0x71, 0xfd + }}; + + dnssec_binary_t hash = { 0 }; + + int result = dnssec_nsec3_hash(&dname, ¶ms, &hash); + ok(result == DNSSEC_EOK, "dnssec_nsec3_hash()"); + + ok(hash.size == expected.size && hash.data != NULL && + memcmp(hash.data, expected.data, expected.size) == 0, + "valid hash"); + + dnssec_binary_free(&hash); +} + +static void test_clear(void) +{ + const dnssec_nsec3_params_t empty = { 0 }; + dnssec_nsec3_params_t params = { 0 }; + + int result = dnssec_nsec3_params_from_rdata(¶ms, &RDATA); + ok(result == DNSSEC_EOK, "dnssec_nsec3_params_from_rdata()"); + + ok(memcmp(¶ms, &empty, sizeof(dnssec_nsec3_params_t)) != 0, + "non-empty after dnssec_nsec3_params_from_rdata()"); + + dnssec_nsec3_params_free(¶ms); + + ok(memcmp(¶ms, &empty, sizeof(dnssec_nsec3_params_t)) == 0, + "cleared after dnssec_nsec3_params_free()"); +} + +int main(void) +{ + plan_lazy(); + + test_length(); + test_parsing(); + test_hashing(); + test_clear(); + + return 0; +} -- cgit v1.2.3