projects / strongswan.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
- implemented functionality to generate sa payload from
[strongswan.git] / Source / charon / testcases / parser_test.c
1 /**
2 * @file parser_test.c
3 *
4 * @brief Tests for the parser_t class.
5 *
6 */
7
8 /*
9 * Copyright (C) 2005 Jan Hutter, Martin Willi
10 * Hochschule fuer Technik Rapperswil
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
21 */
22
23 #include <string.h>
24
25 #include "parser_test.h"
26
27 #include <utils/allocator.h>
28 #include <utils/logger_manager.h>
29 #include <encoding/generator.h>
30 #include <encoding/parser.h>
31 #include <encoding/payloads/encodings.h>
32 #include <encoding/payloads/ike_header.h>
33 #include <encoding/payloads/sa_payload.h>
34 #include <encoding/payloads/nonce_payload.h>
35 #include <encoding/payloads/id_payload.h>
36 #include <encoding/payloads/ke_payload.h>
37 #include <encoding/payloads/notify_payload.h>
38 #include <encoding/payloads/auth_payload.h>
39 #include <encoding/payloads/ts_payload.h>
40
41
42 /*
43 * Described in Header
44 */
45 void test_parser_with_header_payload(tester_t *tester)
46 {
47 parser_t *parser;
48 ike_header_t *ike_header;
49 status_t status;
50 chunk_t header_chunk;
51
52 u_int8_t header_bytes[] = {
53 0x01,0x00,0x00,0x00,
54 0x00,0x00,0x00,0x00,
55 0x02,0x00,0x00,0x00,
56 0x00,0x00,0x00,0x00,
57 0x03,0x45,0x06,0x28,
58 0x00,0x00,0x00,0x07,
59 0x00,0x00,0x00,0x1C,
60 };
61 header_chunk.ptr = header_bytes;
62 header_chunk.len = sizeof(header_bytes);
63
64
65 parser = parser_create(header_chunk);
66 tester->assert_true(tester,(parser != NULL), "parser create check");
67 status = parser->parse_payload(parser, HEADER, (payload_t**)&ike_header);
68 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
69 parser->destroy(parser);
70
71 if (status != SUCCESS)
72 {
73 return;
74 }
75
76 tester->assert_true(tester,(ike_header->get_initiator_spi(ike_header) == 1),"parsed initiator_spi value");
77 tester->assert_true(tester,(ike_header->get_responder_spi(ike_header) == 2),"parsed responder_spi value");
78 tester->assert_true(tester,(ike_header->payload_interface.get_next_type((payload_t*)ike_header) == 3),"parsed next_payload value");
79 tester->assert_true(tester,(ike_header->get_maj_version(ike_header) == 4),"parsed maj_version value");
80 tester->assert_true(tester,(ike_header->get_min_version(ike_header) == 5),"parsed min_version value");
81 tester->assert_true(tester,(ike_header->get_exchange_type(ike_header) == 6),"parsed exchange_type value");
82 tester->assert_true(tester,(ike_header->get_initiator_flag(ike_header) == TRUE),"parsed flags.initiator value");
83 tester->assert_true(tester,(ike_header->get_version_flag(ike_header) == FALSE),"parsed flags.version value");
84 tester->assert_true(tester,(ike_header->get_response_flag(ike_header) == TRUE),"parsed flags.response value");
85 tester->assert_true(tester,(ike_header->get_message_id(ike_header) == 7),"parsed message_id value");
86 tester->assert_true(tester,(ike_header->payload_interface.get_length((payload_t*)ike_header) == 0x1C),"parsed length value");
87
88 ike_header->destroy(ike_header);
89 }
90
91 /*
92 * Described in Header
93 */
94 void test_parser_with_sa_payload(tester_t *tester)
95 {
96 parser_t *parser;
97 sa_payload_t *sa_payload;
98 status_t status;
99 chunk_t sa_chunk, sa_chunk2, sa_chunk3;
100 iterator_t *proposals, *transforms, *attributes;
101 ike_proposal_t *ike_proposals;
102 size_t ike_proposal_count;
103 child_proposal_t *child_proposals;
104 size_t child_proposal_count;
105
106 /* first test generic parsing functionality */
107
108 u_int8_t sa_bytes[] = {
109 0x00,0x80,0x00,0x24, /* payload header*/
110 0x00,0x00,0x00,0x20, /* a proposal */
111 0x01,0x02,0x04,0x05,
112 0x01,0x02,0x03,0x04, /* spi */
113 0x00,0x00,0x00,0x14, /* transform */
114 0x07,0x00,0x00,0x03,
115 0x80,0x01,0x00,0x05, /* attribute without length */
116 0x00,0x03,0x00,0x04, /* attribute with length */
117 0x01,0x02,0x03,0x04
118
119
120 };
121
122 sa_chunk.ptr = sa_bytes;
123 sa_chunk.len = sizeof(sa_bytes);
124
125
126 parser = parser_create(sa_chunk);
127 tester->assert_true(tester,(parser != NULL), "parser create check");
128 status = parser->parse_payload(parser, SECURITY_ASSOCIATION, (payload_t**)&sa_payload);
129 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
130 parser->destroy(parser);
131
132 if (status != SUCCESS)
133 {
134 return;
135 }
136
137
138 proposals = sa_payload->create_proposal_substructure_iterator(sa_payload, TRUE);
139 while (proposals->has_next(proposals))
140 {
141 proposal_substructure_t *proposal;
142 proposals->current(proposals, (void**)&proposal);
143 chunk_t spi;
144 u_int8_t spi_should[] = {0x01, 0x02, 0x03, 0x04};
145
146 tester->assert_true(tester,(proposal->get_proposal_number(proposal) == 1),"proposal number");
147 tester->assert_true(tester,(proposal->get_protocol_id(proposal) == 2),"proposal id");
148 spi = proposal->get_spi(proposal);
149 tester->assert_false(tester,(memcmp(&spi_should, spi.ptr, spi.len)),"proposal spi");
150
151 transforms = proposal->create_transform_substructure_iterator(proposal, TRUE);
152 while(transforms->has_next(transforms))
153 {
154 transform_substructure_t *transform;
155 int loopi;
156 transforms->current(transforms, (void**)&transform);
157 tester->assert_true(tester,(transform->get_transform_type(transform) == 7),"transform type");
158 tester->assert_true(tester,(transform->get_transform_id(transform) == 3),"transform id");
159 attributes = transform->create_transform_attribute_iterator(transform, TRUE);
160 loopi = 0;
161 while (attributes->has_next(attributes))
162 {
163 transform_attribute_t *attribute;
164 attributes->current(attributes, (void**)&attribute);
165 if (loopi == 0)
166 {
167 u_int8_t value[] = {0x05, 0x00};
168 chunk_t attribute_value;
169 tester->assert_true(tester,(attribute->get_attribute_type(attribute) == 1),"attribute 1 type");
170 attribute_value = attribute->get_value_chunk(attribute);
171 tester->assert_false(tester,(memcmp(&value, attribute_value.ptr, attribute_value.len)),"attribute 1 value");
172 }
173 if (loopi == 1)
174 {
175 u_int8_t value[] = {0x01, 0x02, 0x03, 0x04};
176 chunk_t attribute_value;
177 tester->assert_true(tester,(attribute->get_attribute_type(attribute) == 3),"attribute 2 type");
178 attribute_value = attribute->get_value_chunk(attribute);
179 tester->assert_false(tester,(memcmp(&value, attribute_value.ptr, attribute_value.len)),"attribute 2 value");
180 }
181 loopi++;
182 }
183 attributes->destroy(attributes);
184 }
185 transforms->destroy(transforms);
186 }
187 proposals->destroy(proposals);
188
189 sa_payload->destroy(sa_payload);
190
191
192
193 /* now test SA functionality after parsing an SA payload*/
194
195 u_int8_t sa_bytes2[] = {
196 0x00,0x00,0x00,0x6C, /* payload header*/
197 0x02,0x00,0x00,0x34, /* a proposal */
198 0x01,0x01,0x00,0x04,
199 0x03,0x00,0x00,0x0C, /* transform 1 */
200 0x01,0x00,0x00,0x01,
201 0x80,0x0E,0x00,0x14, /* keylength attribute with 20 bytes length */
202 0x03,0x00,0x00,0x0C, /* transform 2 */
203 0x02,0x00,0x00,0x01,
204 0x80,0x0E,0x00,0x14, /* keylength attribute with 20 bytes length */
205 0x03,0x00,0x00,0x0C, /* transform 3 */
206 0x03,0x00,0x00,0x01,
207 0x80,0x0E,0x00,0x14, /* keylength attribute with 20 bytes length */
208 0x00,0x00,0x00,0x08, /* transform 4 */
209 0x04,0x00,0x00,0x01,
210 0x00,0x00,0x00,0x34, /* a proposal */
211 0x01,0x01,0x00,0x04,
212 0x03,0x00,0x00,0x0C, /* transform 1 */
213 0x01,0x00,0x00,0x02,
214 0x80,0x0E,0x00,0x10, /* keylength attribute with 16 bytes length */
215 0x03,0x00,0x00,0x0C, /* transform 2 */
216 0x02,0x00,0x00,0x02,
217 0x80,0x0E,0x00,0x10, /* keylength attribute with 16 bytes length */
218 0x03,0x00,0x00,0x0C, /* transform 3 */
219 0x03,0x00,0x00,0x02,
220 0x80,0x0E,0x00,0x10, /* keylength attribute with 16 bytes length */
221 0x00,0x00,0x00,0x08, /* transform 4 */
222 0x04,0x00,0x00,0x02,
223 };
224
225 sa_chunk2.ptr = sa_bytes2;
226 sa_chunk2.len = sizeof(sa_bytes2);
227
228 parser = parser_create(sa_chunk2);
229 tester->assert_true(tester,(parser != NULL), "parser create check");
230 status = parser->parse_payload(parser, SECURITY_ASSOCIATION, (payload_t**)&sa_payload);
231 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
232 parser->destroy(parser);
233
234 if (status != SUCCESS)
235 {
236 return;
237 }
238
239 status = sa_payload->payload_interface.verify(&(sa_payload->payload_interface));
240 tester->assert_true(tester,(status == SUCCESS),"verify call check");
241
242 status = sa_payload->get_ike_proposals (sa_payload, &ike_proposals, &ike_proposal_count);
243 tester->assert_true(tester,(status == SUCCESS),"get ike proposals call check");
244
245 tester->assert_true(tester,(ike_proposal_count == 2),"ike proposal count check");
246 tester->assert_true(tester,(ike_proposals[0].encryption_algorithm == 1),"ike proposal content check");
247 tester->assert_true(tester,(ike_proposals[0].encryption_algorithm_key_length == 20),"ike proposal content check");
248 tester->assert_true(tester,(ike_proposals[0].integrity_algorithm == 1),"ike proposal content check");
249 tester->assert_true(tester,(ike_proposals[0].integrity_algorithm_key_length == 20),"ike proposal content check");
250 tester->assert_true(tester,(ike_proposals[0].pseudo_random_function == 1),"ike proposal content check");
251 tester->assert_true(tester,(ike_proposals[0].pseudo_random_function_key_length == 20),"ike proposal content check");
252 tester->assert_true(tester,(ike_proposals[0].diffie_hellman_group == 1),"ike proposal content check");
253
254 tester->assert_true(tester,(ike_proposals[1].encryption_algorithm == 2),"ike proposal content check");
255 tester->assert_true(tester,(ike_proposals[1].encryption_algorithm_key_length == 16),"ike proposal content check");
256 tester->assert_true(tester,(ike_proposals[1].integrity_algorithm == 2),"ike proposal content check");
257 tester->assert_true(tester,(ike_proposals[1].integrity_algorithm_key_length == 16),"ike proposal content check");
258 tester->assert_true(tester,(ike_proposals[1].pseudo_random_function == 2),"ike proposal content check");
259 tester->assert_true(tester,(ike_proposals[1].pseudo_random_function_key_length == 16),"ike proposal content check");
260 tester->assert_true(tester,(ike_proposals[1].diffie_hellman_group == 2),"ike proposal content check");
261
262
263 if (status == SUCCESS)
264 {
265 allocator_free(ike_proposals);
266 }
267 sa_payload->destroy(sa_payload);
268
269 /* now test SA functionality after parsing an SA payload with child sa proposals*/
270 u_int8_t sa_bytes3[] = {
271 0x00,0x00,0x00,0xA0, /* payload header*/
272
273 /* suite 1 */
274 0x02,0x00,0x00,0x28, /* a proposal */
275 0x01,0x02,0x04,0x03,
276 0x01,0x01,0x01,0x01,
277 0x03,0x00,0x00,0x0C, /* transform 1 */
278 0x03,0x00,0x00,0x01,
279 0x80,0x0E,0x00,0x14, /* keylength attribute with 20 bytes length */
280
281 0x03,0x00,0x00,0x08, /* transform 2 */
282 0x04,0x00,0x00,0x0E,
283
284 0x00,0x00,0x00,0x08, /* transform 3 */
285 0x05,0x00,0x00,0x01,
286
287
288 0x02,0x00,0x00,0x20, /* a proposal */
289 0x01,0x03,0x04,0x02,
290 0x02,0x02,0x02,0x02,
291
292 0x03,0x00,0x00,0x0C, /* transform 1 */
293 0x01,0x00,0x00,0x0C,
294 0x80,0x0E,0x00,0x20, /* keylength attribute with 32 bytes length */
295
296 0x00,0x00,0x00,0x08, /* transform 2 */
297 0x04,0x00,0x00,0x02,
298
299 /* suite 2 */
300 0x02,0x00,0x00,0x28, /* a proposal */
301 0x02,0x02,0x04,0x03,
302 0x01,0x01,0x01,0x01,
303 0x03,0x00,0x00,0x0C, /* transform 1 */
304 0x03,0x00,0x00,0x01,
305 0x80,0x0E,0x00,0x14, /* keylength attribute with 20 bytes length */
306
307 0x03,0x00,0x00,0x08, /* transform 2 */
308 0x04,0x00,0x00,0x0E,
309
310 0x00,0x00,0x00,0x08, /* transform 3 */
311 0x05,0x00,0x00,0x01,
312
313
314 0x00,0x00,0x00,0x2C, /* a proposal */
315 0x02,0x03,0x04,0x03,
316 0x02,0x02,0x02,0x02,
317
318 0x03,0x00,0x00,0x0C, /* transform 1 */
319 0x01,0x00,0x00,0x0C,
320 0x80,0x0E,0x00,0x20, /* keylength attribute with 32 bytes length */
321
322 0x03,0x00,0x00,0x0C, /* transform 2 */
323 0x03,0x00,0x00,0x01,
324 0x80,0x0E,0x00,0x14, /* keylength attribute with 20 bytes length */
325
326 0x00,0x00,0x00,0x08, /* transform 3 */
327 0x04,0x00,0x00,0x02,
328 };
329
330 sa_chunk3.ptr = sa_bytes3;
331 sa_chunk3.len = sizeof(sa_bytes3);
332
333 parser = parser_create(sa_chunk3);
334 tester->assert_true(tester,(parser != NULL), "parser create check");
335 status = parser->parse_payload(parser, SECURITY_ASSOCIATION, (payload_t**)&sa_payload);
336 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
337 parser->destroy(parser);
338
339 if (status != SUCCESS)
340 {
341 return;
342 }
343
344 status = sa_payload->payload_interface.verify(&(sa_payload->payload_interface));
345 tester->assert_true(tester,(status == SUCCESS),"verify call check");
346
347 status = sa_payload->get_ike_proposals (sa_payload, &ike_proposals, &ike_proposal_count);
348 tester->assert_false(tester,(status == SUCCESS),"get ike proposals call check");
349
350 status = sa_payload->get_child_proposals (sa_payload, &child_proposals, &child_proposal_count);
351 tester->assert_true(tester,(status == SUCCESS),"get child proposals call check");
352
353
354 tester->assert_true(tester,(child_proposal_count == 2),"child proposal count check");
355 tester->assert_true(tester,(child_proposals[0].ah.is_set == TRUE),"is ah set check");
356 tester->assert_true(tester,(child_proposals[0].ah.integrity_algorithm == AUTH_HMAC_MD5_96),"integrity_algorithm check");
357 tester->assert_true(tester,(child_proposals[0].ah.integrity_algorithm_key_size == 20),"integrity_algorithm_key_size check");
358 tester->assert_true(tester,(child_proposals[0].ah.diffie_hellman_group == MODP_2048_BIT),"diffie_hellman_group check");
359 tester->assert_true(tester,(child_proposals[0].ah.extended_sequence_numbers == EXT_SEQ_NUMBERS),"extended_sequence_numbers check");
360 tester->assert_true(tester,(child_proposals[0].ah.spi[0] == 1),"spi check");
361 tester->assert_true(tester,(child_proposals[0].ah.spi[1] == 1),"spi check");
362 tester->assert_true(tester,(child_proposals[0].ah.spi[2] == 1),"spi check");
363 tester->assert_true(tester,(child_proposals[0].ah.spi[3] == 1),"spi check");
364
365 tester->assert_true(tester,(child_proposals[0].esp.is_set == TRUE),"is ah set check");
366 tester->assert_true(tester,(child_proposals[0].esp.encryption_algorithm == ENCR_AES_CBC),"integrity_algorithm check");
367 tester->assert_true(tester,(child_proposals[0].esp.encryption_algorithm_key_size == 32),"integrity_algorithm_key_size check");
368 tester->assert_true(tester,(child_proposals[0].esp.diffie_hellman_group == MODP_1024_BIT),"diffie_hellman_group check");
369 tester->assert_true(tester,(child_proposals[0].esp.integrity_algorithm == AUTH_UNDEFINED),"integrity_algorithm check");
370 tester->assert_true(tester,(child_proposals[0].esp.spi[0] == 2),"spi check");
371 tester->assert_true(tester,(child_proposals[0].esp.spi[1] == 2),"spi check");
372 tester->assert_true(tester,(child_proposals[0].esp.spi[2] == 2),"spi check");
373 tester->assert_true(tester,(child_proposals[0].esp.spi[3] == 2),"spi check");
374
375 tester->assert_true(tester,(child_proposals[1].ah.is_set == TRUE),"is ah set check");
376 tester->assert_true(tester,(child_proposals[1].ah.integrity_algorithm == AUTH_HMAC_MD5_96),"integrity_algorithm check");
377 tester->assert_true(tester,(child_proposals[1].ah.integrity_algorithm_key_size == 20),"integrity_algorithm_key_size check");
378 tester->assert_true(tester,(child_proposals[1].ah.diffie_hellman_group == MODP_2048_BIT),"diffie_hellman_group check");
379 tester->assert_true(tester,(child_proposals[1].ah.extended_sequence_numbers == EXT_SEQ_NUMBERS),"extended_sequence_numbers check");
380 tester->assert_true(tester,(child_proposals[1].ah.spi[0] == 1),"spi check");
381 tester->assert_true(tester,(child_proposals[1].ah.spi[1] == 1),"spi check");
382 tester->assert_true(tester,(child_proposals[1].ah.spi[2] == 1),"spi check");
383 tester->assert_true(tester,(child_proposals[1].ah.spi[3] == 1),"spi check");
384
385 tester->assert_true(tester,(child_proposals[1].esp.is_set == TRUE),"is ah set check");
386 tester->assert_true(tester,(child_proposals[1].esp.encryption_algorithm == ENCR_AES_CBC),"integrity_algorithm check");
387 tester->assert_true(tester,(child_proposals[1].esp.encryption_algorithm_key_size == 32),"integrity_algorithm_key_size check");
388 tester->assert_true(tester,(child_proposals[1].esp.diffie_hellman_group == MODP_1024_BIT),"diffie_hellman_group check");
389 tester->assert_true(tester,(child_proposals[1].esp.integrity_algorithm == AUTH_HMAC_MD5_96),"integrity_algorithm check");
390 tester->assert_true(tester,(child_proposals[1].esp.integrity_algorithm_key_size == 20),"integrity_algorithm check");
391 tester->assert_true(tester,(child_proposals[1].esp.spi[0] == 2),"spi check");
392 tester->assert_true(tester,(child_proposals[1].esp.spi[1] == 2),"spi check");
393 tester->assert_true(tester,(child_proposals[1].esp.spi[2] == 2),"spi check");
394 tester->assert_true(tester,(child_proposals[1].esp.spi[3] == 2),"spi check");
395
396 if (status == SUCCESS)
397 {
398 allocator_free(child_proposals);
399 }
400
401
402 sa_payload->destroy(sa_payload);
403 }
404
405 /*
406 * Described in Header
407 */
408 void test_parser_with_nonce_payload(tester_t *tester)
409 {
410 parser_t *parser;
411 nonce_payload_t *nonce_payload;
412 status_t status;
413 chunk_t nonce_chunk, result;
414
415 u_int8_t nonce_bytes[] = {
416 0x00,0x00,0x00,0x14, /* payload header */
417 0x00,0x01,0x02,0x03, /* 16 Byte nonce */
418 0x04,0x05,0x06,0x07,
419 0x08,0x09,0x0A,0x2B,
420 0x0C,0x0D,0x0E,0x0F
421 };
422
423 nonce_chunk.ptr = nonce_bytes;
424 nonce_chunk.len = sizeof(nonce_bytes);
425
426 parser = parser_create(nonce_chunk);
427 tester->assert_true(tester,(parser != NULL), "parser create check");
428 status = parser->parse_payload(parser, NONCE, (payload_t**)&nonce_payload);
429 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
430 parser->destroy(parser);
431
432 if (status != SUCCESS)
433 {
434 return;
435 }
436 nonce_payload->get_nonce(nonce_payload, &result);
437 tester->assert_true(tester,(result.len == 16), "parsed nonce lenght");
438 tester->assert_false(tester,(memcmp(nonce_bytes + 4, result.ptr, result.len)), "parsed nonce data");
439 nonce_payload->destroy(nonce_payload);
440 allocator_free_chunk(&result);
441 }
442
443 /*
444 * Described in Header
445 */
446 void test_parser_with_id_payload(tester_t *tester)
447 {
448 parser_t *parser;
449 id_payload_t *id_payload;
450 status_t status;
451 chunk_t id_chunk, result;
452
453 u_int8_t id_bytes[] = {
454 0x00,0x00,0x00,0x14, /* payload header */
455 0x05,0x01,0x02,0x03,
456 0x04,0x05,0x06,0x07,/* 12 Byte nonce */
457 0x08,0x09,0x0A,0x2B,
458 0x0C,0x0D,0x0E,0x0F
459 };
460
461 id_chunk.ptr = id_bytes;
462 id_chunk.len = sizeof(id_bytes);
463
464 parser = parser_create(id_chunk);
465 tester->assert_true(tester,(parser != NULL), "parser create check");
466 status = parser->parse_payload(parser, ID_INITIATOR, (payload_t**)&id_payload);
467 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
468 parser->destroy(parser);
469
470 if (status != SUCCESS)
471 {
472 return;
473 }
474 result = id_payload->get_data(id_payload);
475 tester->assert_true(tester,(id_payload->get_initiator(id_payload) == TRUE), "is IDi payload");
476 tester->assert_true(tester,(id_payload->get_id_type(id_payload) == ID_IPV6_ADDR), "is ID_IPV6_ADDR ID type");
477 tester->assert_true(tester,(result.len == 12), "parsed data lenght");
478 tester->assert_false(tester,(memcmp(id_bytes + 8, result.ptr, result.len)), "parsed nonce data");
479 id_payload->destroy(id_payload);
480 allocator_free_chunk(&result);
481 }
482
483
484 /*
485 * Described in Header
486 */
487 void test_parser_with_ke_payload(tester_t *tester)
488 {
489 parser_t *parser;
490 ke_payload_t *ke_payload;
491 status_t status;
492 chunk_t ke_chunk, result;
493
494 u_int8_t ke_bytes[] = {
495 0x00,0x00,0x00,0x18, /* payload header */
496 0x00,0x03,0x00,0x00, /* dh group 3 */
497 0x01,0x02,0x03,0x03, /* 16 Byte dh data */
498 0x04,0x05,0x06,0x07,
499 0x08,0x09,0x0A,0x2B,
500 0x0C,0x0D,0x0E,0x0F
501 };
502
503 ke_chunk.ptr = ke_bytes;
504 ke_chunk.len = sizeof(ke_bytes);
505
506 parser = parser_create(ke_chunk);
507 tester->assert_true(tester,(parser != NULL), "parser create check");
508 status = parser->parse_payload(parser, KEY_EXCHANGE, (payload_t**)&ke_payload);
509 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
510 parser->destroy(parser);
511
512 if (status != SUCCESS)
513 {
514 return;
515 }
516 tester->assert_true(tester,(ke_payload->get_dh_group_number(ke_payload) == 3), "DH group");
517 result = ke_payload->get_key_exchange_data(ke_payload);
518 tester->assert_true(tester,(result.len == 16), "parsed key lenght");
519 tester->assert_false(tester,(memcmp(ke_bytes + 8, result.ptr, result.len)), "parsed key data");
520 ke_payload->destroy(ke_payload);
521 }
522
523
524 /*
525 * Described in Header
526 */
527 void test_parser_with_notify_payload(tester_t *tester)
528 {
529 parser_t *parser;
530 notify_payload_t *notify_payload;
531 status_t status;
532 chunk_t notify_chunk, result;
533
534 u_int8_t notify_bytes[] = {
535 0x00,0x00,0x00,0x1C, /* payload header */
536 0x03,0x04,0x00,0x01,
537 0x01,0x02,0x03,0x03, /* spi */
538 0x04,0x05,0x06,0x07, /* noti dati */
539 0x08,0x09,0x0A,0x2B,
540 0x0C,0x0D,0x0E,0x0F,
541 0x0C,0x0D,0x0E,0x0F
542 };
543
544 notify_chunk.ptr = notify_bytes;
545 notify_chunk.len = sizeof(notify_bytes);
546
547 parser = parser_create(notify_chunk);
548 tester->assert_true(tester,(parser != NULL), "parser create check");
549 status = parser->parse_payload(parser, NOTIFY, (payload_t**)&notify_payload);
550 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
551 parser->destroy(parser);
552
553 if (status != SUCCESS)
554 {
555 return;
556 }
557 tester->assert_true(tester,(notify_payload->get_protocol_id(notify_payload) == 3), "Protocol id");
558 tester->assert_true(tester,(notify_payload->get_notify_message_type(notify_payload) == 1), "notify message type");
559
560 result = notify_payload->get_spi(notify_payload);
561 tester->assert_false(tester,(memcmp(notify_bytes + 8, result.ptr, result.len)), "parsed spi");
562
563 result = notify_payload->get_notification_data(notify_payload);
564 tester->assert_false(tester,(memcmp(notify_bytes + 12, result.ptr, result.len)), "parsed notification data");
565
566 notify_payload->destroy(notify_payload);
567 }
568
569 /*
570 * Described in Header
571 */
572 void test_parser_with_auth_payload(tester_t *tester)
573 {
574 parser_t *parser;
575 auth_payload_t *auth_payload;
576 status_t status;
577 chunk_t auth_chunk, result;
578
579 u_int8_t auth_bytes[] = {
580 0x00,0x00,0x00,0x14, /* payload header */
581 0x03,0x01,0x02,0x03,
582 0x04,0x05,0x06,0x07,/* 12 Byte nonce */
583 0x08,0x09,0x0A,0x2B,
584 0x0C,0x0D,0x0E,0x0F
585 };
586
587 auth_chunk.ptr = auth_bytes;
588 auth_chunk.len = sizeof(auth_bytes);
589
590 parser = parser_create(auth_chunk);
591 tester->assert_true(tester,(parser != NULL), "parser create check");
592 status = parser->parse_payload(parser, AUTHENTICATION, (payload_t**)&auth_payload);
593 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
594 parser->destroy(parser);
595
596 if (status != SUCCESS)
597 {
598 return;
599 }
600 result = auth_payload->get_data(auth_payload);
601 tester->assert_true(tester,(auth_payload->get_auth_method(auth_payload) == DSS_DIGITAL_SIGNATURE), "is DSS_DIGITAL_SIGNATURE method");
602 tester->assert_true(tester,(result.len == 12), "parsed data lenght");
603 tester->assert_false(tester,(memcmp(auth_bytes + 8, result.ptr, result.len)), "parsed nonce data");
604 auth_payload->destroy(auth_payload);
605 allocator_free_chunk(&result);
606 }
607
608 /*
609 * Described in Header
610 */
611 void test_parser_with_ts_payload(tester_t *tester)
612 {
613 parser_t *parser;
614 ts_payload_t *ts_payload;
615 status_t status;
616 chunk_t ts_chunk;
617 traffic_selector_substructure_t *ts1, *ts2;
618 host_t *start_host1, *start_host2, *end_host1, *end_host2;
619 iterator_t *iterator;
620
621 u_int8_t ts_bytes[] = {
622 /* payload header */
623 0x00,0x00,0x00,0x28,
624 0x02,0x00,0x00,0x00,
625
626 /* traffic selector 1 */
627 0x07,0x00,0x00,0x10,
628 0x01,0xF4,0x01,0xF4,
629 0xC0,0xA8,0x01,0x00,
630 0xC0,0xA8,0x01,0xFF,
631
632 /* traffic selector 2 */
633 0x07,0x03,0x00,0x10,
634 0x00,0x00,0xFF,0xFF,
635 0x00,0x00,0x00,0x00,
636 0xFF,0xFF,0xFF,0xFF,
637 };
638
639 ts_chunk.ptr = ts_bytes;
640 ts_chunk.len = sizeof(ts_bytes);
641
642 parser = parser_create(ts_chunk);
643 tester->assert_true(tester,(parser != NULL), "parser create check");
644 status = parser->parse_payload(parser, TRAFFIC_SELECTOR_RESPONDER, (payload_t**)&ts_payload);
645 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
646 parser->destroy(parser);
647
648 if (status != SUCCESS)
649 {
650 return;
651 }
652
653 iterator = ts_payload->create_traffic_selector_substructure_iterator(ts_payload,TRUE);
654
655 tester->assert_true(tester,(iterator->has_next(iterator)), "has next check");
656
657 /* check first ts */
658 iterator->current(iterator,(void **)&ts1);
659 tester->assert_true(tester,(ts1->get_protocol_id(ts1) == 0), "ip protocol id check");
660 start_host1 = ts1->get_start_host(ts1);
661 end_host1 = ts1->get_end_host(ts1);
662 tester->assert_true(tester,(start_host1->get_port(start_host1) == 500), "start port check");
663 tester->assert_true(tester,(end_host1->get_port(end_host1) == 500), "start port check");
664 tester->assert_true(tester,(memcmp(start_host1->get_address(start_host1),"192.168.1.0",strlen("192.168.1.0")) == 0), "start address check");
665 tester->assert_true(tester,(memcmp(end_host1->get_address(end_host1),"192.168.1.255",strlen("192.168.1.255")) == 0), "end address check");
666
667 start_host1->destroy(start_host1);
668 end_host1->destroy(end_host1);
669
670 tester->assert_true(tester,(iterator->has_next(iterator)), "has next check");
671
672 /* check second ts */
673
674 iterator->current(iterator,(void **)&ts2);
675
676 tester->assert_true(tester,(ts2->get_protocol_id(ts2) == 3), "ip protocol id check");
677 start_host2 = ts2->get_start_host(ts2);
678 end_host2 = ts2->get_end_host(ts2);
679 tester->assert_true(tester,(start_host2->get_port(start_host2) == 0), "start port check");
680 tester->assert_true(tester,(end_host2->get_port(end_host2) == 65535), "start port check");
681 tester->assert_true(tester,(memcmp(start_host2->get_address(start_host2),"0.0.0.0",strlen("0.0.0.0")) == 0), "start address check");
682 tester->assert_true(tester,(memcmp(end_host2->get_address(end_host2),"255.255.255.255",strlen("255.255.255.255")) == 0), "end address check");
683 start_host2->destroy(start_host2);
684 end_host2->destroy(end_host2);
685
686
687
688 tester->assert_false(tester,(iterator->has_next(iterator)), "has next check");
689
690 iterator->destroy(iterator);
691
692 ts_payload->destroy(ts_payload);
693 }
strongSwan - IPsec VPN