- fixed alot of bugs in child_proposal
[strongswan.git] / Source / charon / testcases / parser_test.c
1 /**
2 * @file parser_test.c
3 *
4 * @brief Tests for the parser_t class.
5 *
6 */
7
8 /*
9 * Copyright (C) 2005 Jan Hutter, Martin Willi
10 * Hochschule fuer Technik Rapperswil
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
21 */
22
23 #include <string.h>
24
25 #include "parser_test.h"
26
27 #include <utils/allocator.h>
28 #include <utils/logger_manager.h>
29 #include <encoding/generator.h>
30 #include <encoding/parser.h>
31 #include <encoding/payloads/encodings.h>
32 #include <encoding/payloads/ike_header.h>
33 #include <encoding/payloads/sa_payload.h>
34 #include <encoding/payloads/nonce_payload.h>
35 #include <encoding/payloads/id_payload.h>
36 #include <encoding/payloads/ke_payload.h>
37 #include <encoding/payloads/notify_payload.h>
38 #include <encoding/payloads/auth_payload.h>
39 #include <encoding/payloads/cert_payload.h>
40 #include <encoding/payloads/certreq_payload.h>
41 #include <encoding/payloads/ts_payload.h>
42 #include <encoding/payloads/delete_payload.h>
43 #include <encoding/payloads/vendor_id_payload.h>
44 #include <encoding/payloads/cp_payload.h>
45 #include <encoding/payloads/eap_payload.h>
46
47
48 /*
49 * Described in Header
50 */
51 void test_parser_with_header_payload(protected_tester_t *tester)
52 {
53 parser_t *parser;
54 ike_header_t *ike_header;
55 status_t status;
56 chunk_t header_chunk;
57
58 u_int8_t header_bytes[] = {
59 0x01,0x00,0x00,0x00,
60 0x00,0x00,0x00,0x00,
61 0x02,0x00,0x00,0x00,
62 0x00,0x00,0x00,0x00,
63 0x03,0x45,0x06,0x28,
64 0x00,0x00,0x00,0x07,
65 0x00,0x00,0x00,0x1C,
66 };
67 header_chunk.ptr = header_bytes;
68 header_chunk.len = sizeof(header_bytes);
69
70
71 parser = parser_create(header_chunk);
72 tester->assert_true(tester,(parser != NULL), "parser create check");
73 status = parser->parse_payload(parser, HEADER, (payload_t**)&ike_header);
74 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
75 parser->destroy(parser);
76
77 if (status != SUCCESS)
78 {
79 return;
80 }
81
82 tester->assert_true(tester,(ike_header->get_initiator_spi(ike_header) == 1),"parsed initiator_spi value");
83 tester->assert_true(tester,(ike_header->get_responder_spi(ike_header) == 2),"parsed responder_spi value");
84 tester->assert_true(tester,(ike_header->payload_interface.get_next_type((payload_t*)ike_header) == 3),"parsed next_payload value");
85 tester->assert_true(tester,(ike_header->get_maj_version(ike_header) == 4),"parsed maj_version value");
86 tester->assert_true(tester,(ike_header->get_min_version(ike_header) == 5),"parsed min_version value");
87 tester->assert_true(tester,(ike_header->get_exchange_type(ike_header) == 6),"parsed exchange_type value");
88 tester->assert_true(tester,(ike_header->get_initiator_flag(ike_header) == TRUE),"parsed flags.initiator value");
89 tester->assert_true(tester,(ike_header->get_version_flag(ike_header) == FALSE),"parsed flags.version value");
90 tester->assert_true(tester,(ike_header->get_response_flag(ike_header) == TRUE),"parsed flags.response value");
91 tester->assert_true(tester,(ike_header->get_message_id(ike_header) == 7),"parsed message_id value");
92 tester->assert_true(tester,(ike_header->payload_interface.get_length((payload_t*)ike_header) == 0x1C),"parsed length value");
93
94 ike_header->destroy(ike_header);
95 }
96
97 /*
98 * Described in Header
99 */
100 void test_parser_with_sa_payload(protected_tester_t *tester)
101 {
102 parser_t *parser;
103 sa_payload_t *sa_payload;
104 status_t status;
105 chunk_t sa_chunk, sa_chunk2, sa_chunk3;
106 iterator_t *proposals, *transforms, *attributes;
107 ike_proposal_t *ike_proposals;
108 size_t ike_proposal_count;
109
110 /* first test generic parsing functionality */
111
112 u_int8_t sa_bytes[] = {
113 0x00,0x80,0x00,0x24, /* payload header*/
114 0x00,0x00,0x00,0x20, /* a proposal */
115 0x01,0x02,0x04,0x05,
116 0x01,0x02,0x03,0x04, /* spi */
117 0x00,0x00,0x00,0x14, /* transform */
118 0x07,0x00,0x00,0x03,
119 0x80,0x01,0x00,0x05, /* attribute without length */
120 0x00,0x03,0x00,0x04, /* attribute with length */
121 0x01,0x02,0x03,0x04
122
123
124 };
125
126 sa_chunk.ptr = sa_bytes;
127 sa_chunk.len = sizeof(sa_bytes);
128
129
130 parser = parser_create(sa_chunk);
131 tester->assert_true(tester,(parser != NULL), "parser create check");
132 status = parser->parse_payload(parser, SECURITY_ASSOCIATION, (payload_t**)&sa_payload);
133 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
134 parser->destroy(parser);
135
136 if (status != SUCCESS)
137 {
138 return;
139 }
140
141
142 proposals = sa_payload->create_proposal_substructure_iterator(sa_payload, TRUE);
143 while (proposals->has_next(proposals))
144 {
145 proposal_substructure_t *proposal;
146 proposals->current(proposals, (void**)&proposal);
147 chunk_t spi;
148 u_int8_t spi_should[] = {0x01, 0x02, 0x03, 0x04};
149
150 tester->assert_true(tester,(proposal->get_proposal_number(proposal) == 1),"proposal number");
151 tester->assert_true(tester,(proposal->get_protocol_id(proposal) == 2),"proposal id");
152 spi = proposal->get_spi(proposal);
153 tester->assert_false(tester,(memcmp(&spi_should, spi.ptr, spi.len)),"proposal spi");
154
155 transforms = proposal->create_transform_substructure_iterator(proposal, TRUE);
156 while(transforms->has_next(transforms))
157 {
158 transform_substructure_t *transform;
159 int loopi;
160 transforms->current(transforms, (void**)&transform);
161 tester->assert_true(tester,(transform->get_transform_type(transform) == 7),"transform type");
162 tester->assert_true(tester,(transform->get_transform_id(transform) == 3),"transform id");
163 attributes = transform->create_transform_attribute_iterator(transform, TRUE);
164 loopi = 0;
165 while (attributes->has_next(attributes))
166 {
167 transform_attribute_t *attribute;
168 attributes->current(attributes, (void**)&attribute);
169 if (loopi == 0)
170 {
171 u_int8_t value[] = {0x05, 0x00};
172 chunk_t attribute_value;
173 tester->assert_true(tester,(attribute->get_attribute_type(attribute) == 1),"attribute 1 type");
174 attribute_value = attribute->get_value_chunk(attribute);
175 tester->assert_false(tester,(memcmp(&value, attribute_value.ptr, attribute_value.len)),"attribute 1 value");
176 }
177 if (loopi == 1)
178 {
179 u_int8_t value[] = {0x01, 0x02, 0x03, 0x04};
180 chunk_t attribute_value;
181 tester->assert_true(tester,(attribute->get_attribute_type(attribute) == 3),"attribute 2 type");
182 attribute_value = attribute->get_value_chunk(attribute);
183 tester->assert_false(tester,(memcmp(&value, attribute_value.ptr, attribute_value.len)),"attribute 2 value");
184 }
185 loopi++;
186 }
187 attributes->destroy(attributes);
188 }
189 transforms->destroy(transforms);
190 }
191 proposals->destroy(proposals);
192
193 sa_payload->destroy(sa_payload);
194
195
196
197 /* now test SA functionality after parsing an SA payload*/
198
199 u_int8_t sa_bytes2[] = {
200 0x00,0x00,0x00,0x6C, /* payload header*/
201 0x02,0x00,0x00,0x34, /* a proposal */
202 0x01,0x01,0x00,0x04,
203 0x03,0x00,0x00,0x0C, /* transform 1 */
204 0x01,0x00,0x00,0x01,
205 0x80,0x0E,0x00,0x14, /* keylength attribute with 20 bytes length */
206 0x03,0x00,0x00,0x0C, /* transform 2 */
207 0x02,0x00,0x00,0x01,
208 0x80,0x0E,0x00,0x14, /* keylength attribute with 20 bytes length */
209 0x03,0x00,0x00,0x0C, /* transform 3 */
210 0x03,0x00,0x00,0x01,
211 0x80,0x0E,0x00,0x14, /* keylength attribute with 20 bytes length */
212 0x00,0x00,0x00,0x08, /* transform 4 */
213 0x04,0x00,0x00,0x01,
214 0x00,0x00,0x00,0x34, /* a proposal */
215 0x01,0x01,0x00,0x04,
216 0x03,0x00,0x00,0x0C, /* transform 1 */
217 0x01,0x00,0x00,0x02,
218 0x80,0x0E,0x00,0x10, /* keylength attribute with 16 bytes length */
219 0x03,0x00,0x00,0x0C, /* transform 2 */
220 0x02,0x00,0x00,0x02,
221 0x80,0x0E,0x00,0x10, /* keylength attribute with 16 bytes length */
222 0x03,0x00,0x00,0x0C, /* transform 3 */
223 0x03,0x00,0x00,0x02,
224 0x80,0x0E,0x00,0x10, /* keylength attribute with 16 bytes length */
225 0x00,0x00,0x00,0x08, /* transform 4 */
226 0x04,0x00,0x00,0x02,
227 };
228
229 sa_chunk2.ptr = sa_bytes2;
230 sa_chunk2.len = sizeof(sa_bytes2);
231
232 parser = parser_create(sa_chunk2);
233 tester->assert_true(tester,(parser != NULL), "parser create check");
234 status = parser->parse_payload(parser, SECURITY_ASSOCIATION, (payload_t**)&sa_payload);
235 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
236 parser->destroy(parser);
237
238 if (status != SUCCESS)
239 {
240 return;
241 }
242
243 status = sa_payload->payload_interface.verify(&(sa_payload->payload_interface));
244 tester->assert_true(tester,(status == SUCCESS),"verify call check");
245
246 status = sa_payload->get_ike_proposals (sa_payload, &ike_proposals, &ike_proposal_count);
247 tester->assert_true(tester,(status == SUCCESS),"get ike proposals call check");
248
249 tester->assert_true(tester,(ike_proposal_count == 2),"ike proposal count check");
250 tester->assert_true(tester,(ike_proposals[0].encryption_algorithm == 1),"ike proposal content check");
251 tester->assert_true(tester,(ike_proposals[0].encryption_algorithm_key_length == 20),"ike proposal content check");
252 tester->assert_true(tester,(ike_proposals[0].integrity_algorithm == 1),"ike proposal content check");
253 tester->assert_true(tester,(ike_proposals[0].integrity_algorithm_key_length == 20),"ike proposal content check");
254 tester->assert_true(tester,(ike_proposals[0].pseudo_random_function == 1),"ike proposal content check");
255 tester->assert_true(tester,(ike_proposals[0].pseudo_random_function_key_length == 20),"ike proposal content check");
256 tester->assert_true(tester,(ike_proposals[0].diffie_hellman_group == 1),"ike proposal content check");
257
258 tester->assert_true(tester,(ike_proposals[1].encryption_algorithm == 2),"ike proposal content check");
259 tester->assert_true(tester,(ike_proposals[1].encryption_algorithm_key_length == 16),"ike proposal content check");
260 tester->assert_true(tester,(ike_proposals[1].integrity_algorithm == 2),"ike proposal content check");
261 tester->assert_true(tester,(ike_proposals[1].integrity_algorithm_key_length == 16),"ike proposal content check");
262 tester->assert_true(tester,(ike_proposals[1].pseudo_random_function == 2),"ike proposal content check");
263 tester->assert_true(tester,(ike_proposals[1].pseudo_random_function_key_length == 16),"ike proposal content check");
264 tester->assert_true(tester,(ike_proposals[1].diffie_hellman_group == 2),"ike proposal content check");
265
266
267 if (status == SUCCESS)
268 {
269 allocator_free(ike_proposals);
270 }
271 sa_payload->destroy(sa_payload);
272
273 /* now test SA functionality after parsing an SA payload with child sa proposals*/
274 u_int8_t sa_bytes3[] = {
275 0x00,0x00,0x00,0xA0, /* payload header*/
276
277 /* suite 1 */
278 0x02,0x00,0x00,0x28, /* a proposal */
279 0x01,0x02,0x04,0x03,
280 0x01,0x01,0x01,0x01,
281 0x03,0x00,0x00,0x0C, /* transform 1 */
282 0x03,0x00,0x00,0x01,
283 0x80,0x0E,0x00,0x14, /* keylength attribute with 20 bytes length */
284
285 0x03,0x00,0x00,0x08, /* transform 2 */
286 0x04,0x00,0x00,0x0E,
287
288 0x00,0x00,0x00,0x08, /* transform 3 */
289 0x05,0x00,0x00,0x01,
290
291
292 0x02,0x00,0x00,0x20, /* a proposal */
293 0x01,0x03,0x04,0x02,
294 0x02,0x02,0x02,0x02,
295
296 0x03,0x00,0x00,0x0C, /* transform 1 */
297 0x01,0x00,0x00,0x0C,
298 0x80,0x0E,0x00,0x20, /* keylength attribute with 32 bytes length */
299
300 0x00,0x00,0x00,0x08, /* transform 2 */
301 0x04,0x00,0x00,0x02,
302
303 /* suite 2 */
304 0x02,0x00,0x00,0x28, /* a proposal */
305 0x02,0x02,0x04,0x03,
306 0x01,0x01,0x01,0x01,
307 0x03,0x00,0x00,0x0C, /* transform 1 */
308 0x03,0x00,0x00,0x01,
309 0x80,0x0E,0x00,0x14, /* keylength attribute with 20 bytes length */
310
311 0x03,0x00,0x00,0x08, /* transform 2 */
312 0x04,0x00,0x00,0x0E,
313
314 0x00,0x00,0x00,0x08, /* transform 3 */
315 0x05,0x00,0x00,0x01,
316
317
318 0x00,0x00,0x00,0x2C, /* a proposal */
319 0x02,0x03,0x04,0x03,
320 0x02,0x02,0x02,0x02,
321
322 0x03,0x00,0x00,0x0C, /* transform 1 */
323 0x01,0x00,0x00,0x0C,
324 0x80,0x0E,0x00,0x20, /* keylength attribute with 32 bytes length */
325
326 0x03,0x00,0x00,0x0C, /* transform 2 */
327 0x03,0x00,0x00,0x01,
328 0x80,0x0E,0x00,0x14, /* keylength attribute with 20 bytes length */
329
330 0x00,0x00,0x00,0x08, /* transform 3 */
331 0x04,0x00,0x00,0x02,
332 };
333
334 sa_chunk3.ptr = sa_bytes3;
335 sa_chunk3.len = sizeof(sa_bytes3);
336
337 parser = parser_create(sa_chunk3);
338 tester->assert_true(tester,(parser != NULL), "parser create check");
339 status = parser->parse_payload(parser, SECURITY_ASSOCIATION, (payload_t**)&sa_payload);
340 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
341 parser->destroy(parser);
342
343 if (status != SUCCESS)
344 {
345 return;
346 }
347
348 status = sa_payload->payload_interface.verify(&(sa_payload->payload_interface));
349 tester->assert_true(tester,(status == SUCCESS),"verify call check");
350
351 status = sa_payload->get_ike_proposals (sa_payload, &ike_proposals, &ike_proposal_count);
352 tester->assert_false(tester,(status == SUCCESS),"get ike proposals call check");
353 /*
354 status = sa_payload->get_child_proposals (sa_payload, &child_proposals, &child_proposal_count);
355 tester->assert_true(tester,(status == SUCCESS),"get child proposals call check");
356
357
358 tester->assert_true(tester,(child_proposal_count == 2),"child proposal count check");
359 tester->assert_true(tester,(child_proposals[0].ah.is_set == TRUE),"is ah set check");
360 tester->assert_true(tester,(child_proposals[0].ah.integrity_algorithm == AUTH_HMAC_MD5_96),"integrity_algorithm check");
361 tester->assert_true(tester,(child_proposals[0].ah.integrity_algorithm_key_size == 20),"integrity_algorithm_key_size check");
362 tester->assert_true(tester,(child_proposals[0].ah.diffie_hellman_group == MODP_2048_BIT),"diffie_hellman_group check");
363 tester->assert_true(tester,(child_proposals[0].ah.extended_sequence_numbers == EXT_SEQ_NUMBERS),"extended_sequence_numbers check");
364 tester->assert_true(tester,(child_proposals[0].ah.spi[0] == 1),"spi check");
365 tester->assert_true(tester,(child_proposals[0].ah.spi[1] == 1),"spi check");
366 tester->assert_true(tester,(child_proposals[0].ah.spi[2] == 1),"spi check");
367 tester->assert_true(tester,(child_proposals[0].ah.spi[3] == 1),"spi check");
368
369 tester->assert_true(tester,(child_proposals[0].esp.is_set == TRUE),"is ah set check");
370 tester->assert_true(tester,(child_proposals[0].esp.encryption_algorithm == ENCR_AES_CBC),"integrity_algorithm check");
371 tester->assert_true(tester,(child_proposals[0].esp.encryption_algorithm_key_size == 32),"integrity_algorithm_key_size check");
372 tester->assert_true(tester,(child_proposals[0].esp.diffie_hellman_group == MODP_1024_BIT),"diffie_hellman_group check");
373 tester->assert_true(tester,(child_proposals[0].esp.integrity_algorithm == AUTH_UNDEFINED),"integrity_algorithm check");
374 tester->assert_true(tester,(child_proposals[0].esp.spi[0] == 2),"spi check");
375 tester->assert_true(tester,(child_proposals[0].esp.spi[1] == 2),"spi check");
376 tester->assert_true(tester,(child_proposals[0].esp.spi[2] == 2),"spi check");
377 tester->assert_true(tester,(child_proposals[0].esp.spi[3] == 2),"spi check");
378
379 tester->assert_true(tester,(child_proposals[1].ah.is_set == TRUE),"is ah set check");
380 tester->assert_true(tester,(child_proposals[1].ah.integrity_algorithm == AUTH_HMAC_MD5_96),"integrity_algorithm check");
381 tester->assert_true(tester,(child_proposals[1].ah.integrity_algorithm_key_size == 20),"integrity_algorithm_key_size check");
382 tester->assert_true(tester,(child_proposals[1].ah.diffie_hellman_group == MODP_2048_BIT),"diffie_hellman_group check");
383 tester->assert_true(tester,(child_proposals[1].ah.extended_sequence_numbers == EXT_SEQ_NUMBERS),"extended_sequence_numbers check");
384 tester->assert_true(tester,(child_proposals[1].ah.spi[0] == 1),"spi check");
385 tester->assert_true(tester,(child_proposals[1].ah.spi[1] == 1),"spi check");
386 tester->assert_true(tester,(child_proposals[1].ah.spi[2] == 1),"spi check");
387 tester->assert_true(tester,(child_proposals[1].ah.spi[3] == 1),"spi check");
388
389 tester->assert_true(tester,(child_proposals[1].esp.is_set == TRUE),"is ah set check");
390 tester->assert_true(tester,(child_proposals[1].esp.encryption_algorithm == ENCR_AES_CBC),"integrity_algorithm check");
391 tester->assert_true(tester,(child_proposals[1].esp.encryption_algorithm_key_size == 32),"integrity_algorithm_key_size check");
392 tester->assert_true(tester,(child_proposals[1].esp.diffie_hellman_group == MODP_1024_BIT),"diffie_hellman_group check");
393 tester->assert_true(tester,(child_proposals[1].esp.integrity_algorithm == AUTH_HMAC_MD5_96),"integrity_algorithm check");
394 tester->assert_true(tester,(child_proposals[1].esp.integrity_algorithm_key_size == 20),"integrity_algorithm check");
395 tester->assert_true(tester,(child_proposals[1].esp.spi[0] == 2),"spi check");
396 tester->assert_true(tester,(child_proposals[1].esp.spi[1] == 2),"spi check");
397 tester->assert_true(tester,(child_proposals[1].esp.spi[2] == 2),"spi check");
398 tester->assert_true(tester,(child_proposals[1].esp.spi[3] == 2),"spi check");
399
400 if (status == SUCCESS)
401 {
402 allocator_free(child_proposals);
403 }
404 */
405
406 sa_payload->destroy(sa_payload);
407 }
408
409 /*
410 * Described in Header
411 */
412 void test_parser_with_nonce_payload(protected_tester_t *tester)
413 {
414 parser_t *parser;
415 nonce_payload_t *nonce_payload;
416 status_t status;
417 chunk_t nonce_chunk, result;
418
419 u_int8_t nonce_bytes[] = {
420 0x00,0x00,0x00,0x14, /* payload header */
421 0x00,0x01,0x02,0x03, /* 16 Byte nonce */
422 0x04,0x05,0x06,0x07,
423 0x08,0x09,0x0A,0x2B,
424 0x0C,0x0D,0x0E,0x0F
425 };
426
427 nonce_chunk.ptr = nonce_bytes;
428 nonce_chunk.len = sizeof(nonce_bytes);
429
430 parser = parser_create(nonce_chunk);
431 tester->assert_true(tester,(parser != NULL), "parser create check");
432 status = parser->parse_payload(parser, NONCE, (payload_t**)&nonce_payload);
433 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
434 parser->destroy(parser);
435
436 if (status != SUCCESS)
437 {
438 return;
439 }
440 result = nonce_payload->get_nonce(nonce_payload);
441 tester->assert_true(tester,(result.len == 16), "parsed nonce lenght");
442 tester->assert_false(tester,(memcmp(nonce_bytes + 4, result.ptr, result.len)), "parsed nonce data");
443 nonce_payload->destroy(nonce_payload);
444 allocator_free_chunk(&result);
445 }
446
447 /*
448 * Described in Header
449 */
450 void test_parser_with_id_payload(protected_tester_t *tester)
451 {
452 parser_t *parser;
453 id_payload_t *id_payload;
454 status_t status;
455 chunk_t id_chunk, result;
456
457 u_int8_t id_bytes[] = {
458 0x00,0x00,0x00,0x14, /* payload header */
459 0x05,0x01,0x02,0x03,
460 0x04,0x05,0x06,0x07,/* 12 Byte nonce */
461 0x08,0x09,0x0A,0x2B,
462 0x0C,0x0D,0x0E,0x0F
463 };
464
465 id_chunk.ptr = id_bytes;
466 id_chunk.len = sizeof(id_bytes);
467
468 parser = parser_create(id_chunk);
469 tester->assert_true(tester,(parser != NULL), "parser create check");
470 status = parser->parse_payload(parser, ID_INITIATOR, (payload_t**)&id_payload);
471 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
472 parser->destroy(parser);
473
474 if (status != SUCCESS)
475 {
476 return;
477 }
478 result = id_payload->get_data_clone(id_payload);
479 tester->assert_true(tester,(id_payload->get_initiator(id_payload) == TRUE), "is IDi payload");
480 tester->assert_true(tester,(id_payload->get_id_type(id_payload) == ID_IPV6_ADDR), "is ID_IPV6_ADDR ID type");
481 tester->assert_true(tester,(result.len == 12), "parsed data lenght");
482 tester->assert_false(tester,(memcmp(id_bytes + 8, result.ptr, result.len)), "parsed nonce data");
483 id_payload->destroy(id_payload);
484 allocator_free_chunk(&result);
485 }
486
487
488 /*
489 * Described in Header
490 */
491 void test_parser_with_ke_payload(protected_tester_t *tester)
492 {
493 parser_t *parser;
494 ke_payload_t *ke_payload;
495 status_t status;
496 chunk_t ke_chunk, result;
497
498 u_int8_t ke_bytes[] = {
499 0x00,0x00,0x00,0x18, /* payload header */
500 0x00,0x03,0x00,0x00, /* dh group 3 */
501 0x01,0x02,0x03,0x03, /* 16 Byte dh data */
502 0x04,0x05,0x06,0x07,
503 0x08,0x09,0x0A,0x2B,
504 0x0C,0x0D,0x0E,0x0F
505 };
506
507 ke_chunk.ptr = ke_bytes;
508 ke_chunk.len = sizeof(ke_bytes);
509
510 parser = parser_create(ke_chunk);
511 tester->assert_true(tester,(parser != NULL), "parser create check");
512 status = parser->parse_payload(parser, KEY_EXCHANGE, (payload_t**)&ke_payload);
513 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
514 parser->destroy(parser);
515
516 if (status != SUCCESS)
517 {
518 return;
519 }
520 tester->assert_true(tester,(ke_payload->get_dh_group_number(ke_payload) == 3), "DH group");
521 result = ke_payload->get_key_exchange_data(ke_payload);
522 tester->assert_true(tester,(result.len == 16), "parsed key lenght");
523 tester->assert_false(tester,(memcmp(ke_bytes + 8, result.ptr, result.len)), "parsed key data");
524 ke_payload->destroy(ke_payload);
525 }
526
527
528 /*
529 * Described in Header
530 */
531 void test_parser_with_notify_payload(protected_tester_t *tester)
532 {
533 parser_t *parser;
534 notify_payload_t *notify_payload;
535 status_t status;
536 chunk_t notify_chunk, result;
537
538 u_int8_t notify_bytes[] = {
539 0x00,0x00,0x00,0x1C, /* payload header */
540 0x03,0x04,0x00,0x01,
541 0x01,0x02,0x03,0x03, /* spi */
542 0x04,0x05,0x06,0x07, /* noti dati */
543 0x08,0x09,0x0A,0x2B,
544 0x0C,0x0D,0x0E,0x0F,
545 0x0C,0x0D,0x0E,0x0F
546 };
547
548 notify_chunk.ptr = notify_bytes;
549 notify_chunk.len = sizeof(notify_bytes);
550
551 parser = parser_create(notify_chunk);
552 tester->assert_true(tester,(parser != NULL), "parser create check");
553 status = parser->parse_payload(parser, NOTIFY, (payload_t**)&notify_payload);
554 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
555 parser->destroy(parser);
556
557 if (status != SUCCESS)
558 {
559 return;
560 }
561 tester->assert_true(tester,(notify_payload->get_protocol_id(notify_payload) == 3), "Protocol id");
562 tester->assert_true(tester,(notify_payload->get_notify_message_type(notify_payload) == 1), "notify message type");
563
564 result = notify_payload->get_spi(notify_payload);
565 tester->assert_false(tester,(memcmp(notify_bytes + 8, result.ptr, result.len)), "parsed spi");
566
567 result = notify_payload->get_notification_data(notify_payload);
568 tester->assert_false(tester,(memcmp(notify_bytes + 12, result.ptr, result.len)), "parsed notification data");
569
570 notify_payload->destroy(notify_payload);
571 }
572
573 /*
574 * Described in Header
575 */
576 void test_parser_with_auth_payload(protected_tester_t *tester)
577 {
578 parser_t *parser;
579 auth_payload_t *auth_payload;
580 status_t status;
581 chunk_t auth_chunk, result;
582
583 u_int8_t auth_bytes[] = {
584 0x00,0x00,0x00,0x14, /* payload header */
585 0x03,0x01,0x02,0x03,
586 0x04,0x05,0x06,0x07,/* 12 Byte nonce */
587 0x08,0x09,0x0A,0x2B,
588 0x0C,0x0D,0x0E,0x0F
589 };
590
591 auth_chunk.ptr = auth_bytes;
592 auth_chunk.len = sizeof(auth_bytes);
593
594 parser = parser_create(auth_chunk);
595 tester->assert_true(tester,(parser != NULL), "parser create check");
596 status = parser->parse_payload(parser, AUTHENTICATION, (payload_t**)&auth_payload);
597 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
598 parser->destroy(parser);
599
600 if (status != SUCCESS)
601 {
602 return;
603 }
604 result = auth_payload->get_data_clone(auth_payload);
605 tester->assert_true(tester,(auth_payload->get_auth_method(auth_payload) == DSS_DIGITAL_SIGNATURE), "is DSS_DIGITAL_SIGNATURE method");
606 tester->assert_true(tester,(result.len == 12), "parsed data lenght");
607 tester->assert_false(tester,(memcmp(auth_bytes + 8, result.ptr, result.len)), "parsed nonce data");
608 auth_payload->destroy(auth_payload);
609 allocator_free_chunk(&result);
610 }
611
612 /*
613 * Described in Header
614 */
615 void test_parser_with_ts_payload(protected_tester_t *tester)
616 {
617 parser_t *parser;
618 ts_payload_t *ts_payload;
619 status_t status;
620 chunk_t ts_chunk;
621 traffic_selector_substructure_t *ts1, *ts2;
622 host_t *start_host1, *start_host2, *end_host1, *end_host2;
623 iterator_t *iterator;
624
625 u_int8_t ts_bytes[] = {
626 /* payload header */
627 0x00,0x00,0x00,0x28,
628 0x02,0x00,0x00,0x00,
629
630 /* traffic selector 1 */
631 0x07,0x00,0x00,0x10,
632 0x01,0xF4,0x01,0xF4,
633 0xC0,0xA8,0x01,0x00,
634 0xC0,0xA8,0x01,0xFF,
635
636 /* traffic selector 2 */
637 0x07,0x03,0x00,0x10,
638 0x00,0x00,0xFF,0xFF,
639 0x00,0x00,0x00,0x00,
640 0xFF,0xFF,0xFF,0xFF,
641 };
642
643 ts_chunk.ptr = ts_bytes;
644 ts_chunk.len = sizeof(ts_bytes);
645
646 parser = parser_create(ts_chunk);
647 tester->assert_true(tester,(parser != NULL), "parser create check");
648 status = parser->parse_payload(parser, TRAFFIC_SELECTOR_RESPONDER, (payload_t**)&ts_payload);
649 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
650 parser->destroy(parser);
651
652 if (status != SUCCESS)
653 {
654 return;
655 }
656
657 iterator = ts_payload->create_traffic_selector_substructure_iterator(ts_payload,TRUE);
658
659 tester->assert_true(tester,(iterator->has_next(iterator)), "has next check");
660
661 /* check first ts */
662 iterator->current(iterator,(void **)&ts1);
663 tester->assert_true(tester,(ts1->get_protocol_id(ts1) == 0), "ip protocol id check");
664 start_host1 = ts1->get_start_host(ts1);
665 end_host1 = ts1->get_end_host(ts1);
666 tester->assert_true(tester,(start_host1->get_port(start_host1) == 500), "start port check");
667 tester->assert_true(tester,(end_host1->get_port(end_host1) == 500), "start port check");
668 tester->assert_true(tester,(memcmp(start_host1->get_address(start_host1),"192.168.1.0",strlen("192.168.1.0")) == 0), "start address check");
669 tester->assert_true(tester,(memcmp(end_host1->get_address(end_host1),"192.168.1.255",strlen("192.168.1.255")) == 0), "end address check");
670
671 start_host1->destroy(start_host1);
672 end_host1->destroy(end_host1);
673
674 tester->assert_true(tester,(iterator->has_next(iterator)), "has next check");
675
676 /* check second ts */
677
678 iterator->current(iterator,(void **)&ts2);
679
680 tester->assert_true(tester,(ts2->get_protocol_id(ts2) == 3), "ip protocol id check");
681 start_host2 = ts2->get_start_host(ts2);
682 end_host2 = ts2->get_end_host(ts2);
683 tester->assert_true(tester,(start_host2->get_port(start_host2) == 0), "start port check");
684 tester->assert_true(tester,(end_host2->get_port(end_host2) == 65535), "start port check");
685 tester->assert_true(tester,(memcmp(start_host2->get_address(start_host2),"0.0.0.0",strlen("0.0.0.0")) == 0), "start address check");
686 tester->assert_true(tester,(memcmp(end_host2->get_address(end_host2),"255.255.255.255",strlen("255.255.255.255")) == 0), "end address check");
687 start_host2->destroy(start_host2);
688 end_host2->destroy(end_host2);
689
690
691
692 tester->assert_false(tester,(iterator->has_next(iterator)), "has next check");
693
694 iterator->destroy(iterator);
695
696 ts_payload->destroy(ts_payload);
697 }
698
699 /*
700 * Described in Header
701 */
702 void test_parser_with_cert_payload(protected_tester_t *tester)
703 {
704 parser_t *parser;
705 cert_payload_t *cert_payload;
706 status_t status;
707 chunk_t cert_chunk, result;
708
709 u_int8_t cert_bytes[] = {
710 0x00,0x00,0x00,0x11, /* payload header */
711 0x03,
712 0x04,0x05,0x06,0x07,/* 12 Byte nonce */
713 0x08,0x09,0x0A,0x2B,
714 0x0C,0x0D,0x0E,0x0F
715 };
716
717 cert_chunk.ptr = cert_bytes;
718 cert_chunk.len = sizeof(cert_bytes);
719
720 parser = parser_create(cert_chunk);
721 tester->assert_true(tester,(parser != NULL), "parser create check");
722 status = parser->parse_payload(parser, CERTIFICATE, (payload_t**)&cert_payload);
723 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
724 parser->destroy(parser);
725
726 if (status != SUCCESS)
727 {
728 return;
729 }
730 result = cert_payload->get_data_clone(cert_payload);
731 tester->assert_true(tester,(cert_payload->get_cert_encoding(cert_payload) == DNS_SIGNED_KEY), "is DNS_SIGNED_KEY encoding");
732 tester->assert_true(tester,(result.len == 12), "parsed data lenght");
733 tester->assert_false(tester,(memcmp(cert_bytes + 5, result.ptr, result.len)), "parsed data");
734 cert_payload->destroy(cert_payload);
735 allocator_free_chunk(&result);
736 }
737
738 /*
739 * Described in Header
740 */
741 void test_parser_with_certreq_payload(protected_tester_t *tester)
742 {
743 parser_t *parser;
744 certreq_payload_t *certreq_payload;
745 status_t status;
746 chunk_t certreq_chunk, result;
747
748 u_int8_t certreq_bytes[] = {
749 0x00,0x00,0x00,0x11, /* payload header */
750 0x03,
751 0x04,0x05,0x06,0x07,/* 12 Byte data */
752 0x08,0x09,0x0A,0x2B,
753 0x0C,0x0D,0x0E,0x0F
754 };
755
756 certreq_chunk.ptr = certreq_bytes;
757 certreq_chunk.len = sizeof(certreq_bytes);
758
759 parser = parser_create(certreq_chunk);
760 tester->assert_true(tester,(parser != NULL), "parser create check");
761 status = parser->parse_payload(parser, CERTIFICATE_REQUEST, (payload_t**)&certreq_payload);
762 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
763 parser->destroy(parser);
764
765 if (status != SUCCESS)
766 {
767 return;
768 }
769 result = certreq_payload->get_data_clone(certreq_payload);
770 tester->assert_true(tester,(certreq_payload->get_cert_encoding(certreq_payload) == DNS_SIGNED_KEY), "is DNS_SIGNED_KEY encoding");
771 tester->assert_true(tester,(result.len == 12), "parsed data lenght");
772 tester->assert_false(tester,(memcmp(certreq_bytes + 5, result.ptr, result.len)), "parsed data");
773 certreq_payload->destroy(certreq_payload);
774 allocator_free_chunk(&result);
775 }
776
777 /*
778 * Described in Header
779 */
780 void test_parser_with_delete_payload(protected_tester_t *tester)
781 {
782 parser_t *parser;
783 delete_payload_t *delete_payload;
784 status_t status;
785 chunk_t delete_chunk, result;
786
787 u_int8_t delete_bytes[] = {
788 0x00,0x00,0x00,0x14, /* payload header */
789 0x03,0x03,0x00,0x04,
790 0x04,0x05,0x06,0x07,/* 12 Byte data */
791 0x08,0x09,0x0A,0x2B,
792 0x0C,0x0D,0x0E,0x0F
793 };
794
795 delete_chunk.ptr = delete_bytes;
796 delete_chunk.len = sizeof(delete_bytes);
797
798 parser = parser_create(delete_chunk);
799 tester->assert_true(tester,(parser != NULL), "parser create check");
800 status = parser->parse_payload(parser, DELETE, (payload_t**)&delete_payload);
801 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
802 parser->destroy(parser);
803
804 if (status != SUCCESS)
805 {
806 return;
807 }
808 result = delete_payload->get_spis(delete_payload);
809 tester->assert_true(tester,(delete_payload->get_protocol_id(delete_payload) == ESP), "is ESP protocol");
810 tester->assert_true(tester,(delete_payload->get_spi_size(delete_payload) == 3), "SPI size check");
811 tester->assert_true(tester,(delete_payload->get_spi_count(delete_payload) == 4), "SPI count check");
812 tester->assert_true(tester,(result.len == 12), "parsed data lenght");
813 tester->assert_false(tester,(memcmp(delete_bytes + 8, result.ptr, result.len)), "parsed data");
814 tester->assert_true(tester,(((payload_t *)delete_payload)->verify((payload_t *)delete_payload) == SUCCESS), "verify check");
815
816 delete_payload->destroy(delete_payload);
817 }
818
819
820 /*
821 * Described in Header
822 */
823 void test_parser_with_vendor_id_payload(protected_tester_t *tester)
824 {
825 parser_t *parser;
826 vendor_id_payload_t *vendor_id_payload;
827 status_t status;
828 chunk_t vendor_id_chunk, result;
829
830 u_int8_t vendor_id_bytes[] = {
831 0x00,0x00,0x00,0x10, /* payload header */
832 0x04,0x05,0x06,0x07,/* 12 Byte data */
833 0x08,0x09,0x0A,0x2B,
834 0x0C,0x0D,0x0E,0x0F
835 };
836
837 vendor_id_chunk.ptr = vendor_id_bytes;
838 vendor_id_chunk.len = sizeof(vendor_id_bytes);
839
840 parser = parser_create(vendor_id_chunk);
841 tester->assert_true(tester,(parser != NULL), "parser create check");
842 status = parser->parse_payload(parser, VENDOR_ID, (payload_t**)&vendor_id_payload);
843 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
844 parser->destroy(parser);
845
846 if (status != SUCCESS)
847 {
848 return;
849 }
850 result = vendor_id_payload->get_data(vendor_id_payload);
851 tester->assert_true(tester,(result.len == 12), "parsed data lenght");
852 tester->assert_false(tester,(memcmp(vendor_id_bytes + 4, result.ptr, result.len)), "parsed data");
853 tester->assert_true(tester,(((payload_t *)vendor_id_payload)->verify((payload_t *)vendor_id_payload) == SUCCESS), "verify check");
854
855 vendor_id_payload->destroy(vendor_id_payload);
856 }
857
858 /*
859 * Described in Header
860 */
861 void test_parser_with_cp_payload(protected_tester_t *tester)
862 {
863 parser_t *parser;
864 cp_payload_t *cp_payload;
865 configuration_attribute_t *attribute;
866 status_t status;
867 chunk_t cp_chunk;
868 iterator_t *iterator;
869
870 /* first test generic parsing functionality */
871
872 u_int8_t cp_bytes[] = {
873 /* cp payload header */
874 0x00,0x00,0x00,0x18,
875 0x05,0x00,0x00,0x00,
876 /* configuration attribute 1*/
877 0x00,0x03,0x00,0x04,
878 0x61,0x62,0x63,0x64,
879 /* configuration attribute 2*/
880 0x00,0x04,0x00,0x04,
881 0x65,0x66,0x67,0x68,
882 };
883
884 cp_chunk.ptr = cp_bytes;
885 cp_chunk.len = sizeof(cp_bytes);
886
887
888 parser = parser_create(cp_chunk);
889 tester->assert_true(tester,(parser != NULL), "parser create check");
890 status = parser->parse_payload(parser, CONFIGURATION, (payload_t**)&cp_payload);
891 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
892
893 iterator = cp_payload->create_configuration_attribute_iterator(cp_payload,TRUE);
894
895 tester->assert_true(tester,(iterator->has_next(iterator)),"has_next call check");
896
897 iterator->current(iterator,(void **)&attribute);
898
899
900 tester->assert_true(tester,(attribute->get_attribute_type(attribute) == 3),"get type check");
901 tester->assert_true(tester,(attribute->get_attribute_length(attribute) == 4),"get type check");
902
903 tester->assert_true(tester,(iterator->has_next(iterator)),"has_next call check");
904
905 iterator->current(iterator,(void **)&attribute);
906
907
908 tester->assert_true(tester,(attribute->get_attribute_type(attribute) == 4),"get type check");
909 tester->assert_true(tester,(attribute->get_attribute_length(attribute) == 4),"get type check");
910
911 iterator->current(iterator,(void **)&attribute);
912
913 tester->assert_false(tester,(iterator->has_next(iterator)),"has_next call check");
914
915
916 iterator->destroy(iterator);
917
918 if (status != SUCCESS)
919 {
920 return;
921 }
922
923 cp_payload->destroy(cp_payload);
924 parser->destroy(parser);
925
926 }
927
928 /*
929 * Described in Header
930 */
931 void test_parser_with_eap_payload(protected_tester_t *tester)
932 {
933 parser_t *parser;
934 eap_payload_t *eap_payload;
935 status_t status;
936 chunk_t eap_chunk, result;
937
938 u_int8_t eap_bytes[] = {
939 0x00,0x00,0x00,0x10, /* payload header */
940 0x04,0x05,0x06,0x07,/* 12 Byte data */
941 0x08,0x09,0x0A,0x2B,
942 0x0C,0x0D,0x0E,0x0F
943 };
944
945 eap_chunk.ptr = eap_bytes;
946 eap_chunk.len = sizeof(eap_bytes);
947
948 parser = parser_create(eap_chunk);
949 tester->assert_true(tester,(parser != NULL), "parser create check");
950 status = parser->parse_payload(parser, VENDOR_ID, (payload_t**)&eap_payload);
951 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
952 parser->destroy(parser);
953
954 if (status != SUCCESS)
955 {
956 return;
957 }
958 result = eap_payload->get_message(eap_payload);
959 tester->assert_true(tester,(result.len == 12), "parsed data lenght");
960 tester->assert_false(tester,(memcmp(eap_bytes + 4, result.ptr, result.len)), "parsed data");
961 tester->assert_true(tester,(((payload_t *)eap_payload)->verify((payload_t *)eap_payload) == SUCCESS), "verify check");
962
963 eap_payload->destroy(eap_payload);
964 }
965