d3ec5dd1a3762d4523fb419d6a90785b939830b9
[strongswan.git] / Source / charon / testcases / parser_test.c
1 /**
2 * @file parser_test.c
3 *
4 * @brief Tests for the parser_t class.
5 *
6 */
7
8 /*
9 * Copyright (C) 2005 Jan Hutter, Martin Willi
10 * Hochschule fuer Technik Rapperswil
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
21 */
22
23 #include <string.h>
24
25 #include "parser_test.h"
26
27 #include <utils/allocator.h>
28 #include <utils/logger_manager.h>
29 #include <encoding/generator.h>
30 #include <encoding/parser.h>
31 #include <encoding/payloads/encodings.h>
32 #include <encoding/payloads/ike_header.h>
33 #include <encoding/payloads/sa_payload.h>
34 #include <encoding/payloads/nonce_payload.h>
35 #include <encoding/payloads/id_payload.h>
36 #include <encoding/payloads/ke_payload.h>
37 #include <encoding/payloads/notify_payload.h>
38 #include <encoding/payloads/auth_payload.h>
39 #include <encoding/payloads/cert_payload.h>
40 #include <encoding/payloads/ts_payload.h>
41
42
43 /*
44 * Described in Header
45 */
46 void test_parser_with_header_payload(tester_t *tester)
47 {
48 parser_t *parser;
49 ike_header_t *ike_header;
50 status_t status;
51 chunk_t header_chunk;
52
53 u_int8_t header_bytes[] = {
54 0x01,0x00,0x00,0x00,
55 0x00,0x00,0x00,0x00,
56 0x02,0x00,0x00,0x00,
57 0x00,0x00,0x00,0x00,
58 0x03,0x45,0x06,0x28,
59 0x00,0x00,0x00,0x07,
60 0x00,0x00,0x00,0x1C,
61 };
62 header_chunk.ptr = header_bytes;
63 header_chunk.len = sizeof(header_bytes);
64
65
66 parser = parser_create(header_chunk);
67 tester->assert_true(tester,(parser != NULL), "parser create check");
68 status = parser->parse_payload(parser, HEADER, (payload_t**)&ike_header);
69 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
70 parser->destroy(parser);
71
72 if (status != SUCCESS)
73 {
74 return;
75 }
76
77 tester->assert_true(tester,(ike_header->get_initiator_spi(ike_header) == 1),"parsed initiator_spi value");
78 tester->assert_true(tester,(ike_header->get_responder_spi(ike_header) == 2),"parsed responder_spi value");
79 tester->assert_true(tester,(ike_header->payload_interface.get_next_type((payload_t*)ike_header) == 3),"parsed next_payload value");
80 tester->assert_true(tester,(ike_header->get_maj_version(ike_header) == 4),"parsed maj_version value");
81 tester->assert_true(tester,(ike_header->get_min_version(ike_header) == 5),"parsed min_version value");
82 tester->assert_true(tester,(ike_header->get_exchange_type(ike_header) == 6),"parsed exchange_type value");
83 tester->assert_true(tester,(ike_header->get_initiator_flag(ike_header) == TRUE),"parsed flags.initiator value");
84 tester->assert_true(tester,(ike_header->get_version_flag(ike_header) == FALSE),"parsed flags.version value");
85 tester->assert_true(tester,(ike_header->get_response_flag(ike_header) == TRUE),"parsed flags.response value");
86 tester->assert_true(tester,(ike_header->get_message_id(ike_header) == 7),"parsed message_id value");
87 tester->assert_true(tester,(ike_header->payload_interface.get_length((payload_t*)ike_header) == 0x1C),"parsed length value");
88
89 ike_header->destroy(ike_header);
90 }
91
92 /*
93 * Described in Header
94 */
95 void test_parser_with_sa_payload(tester_t *tester)
96 {
97 parser_t *parser;
98 sa_payload_t *sa_payload;
99 status_t status;
100 chunk_t sa_chunk, sa_chunk2, sa_chunk3;
101 iterator_t *proposals, *transforms, *attributes;
102 ike_proposal_t *ike_proposals;
103 size_t ike_proposal_count;
104 child_proposal_t *child_proposals;
105 size_t child_proposal_count;
106
107 /* first test generic parsing functionality */
108
109 u_int8_t sa_bytes[] = {
110 0x00,0x80,0x00,0x24, /* payload header*/
111 0x00,0x00,0x00,0x20, /* a proposal */
112 0x01,0x02,0x04,0x05,
113 0x01,0x02,0x03,0x04, /* spi */
114 0x00,0x00,0x00,0x14, /* transform */
115 0x07,0x00,0x00,0x03,
116 0x80,0x01,0x00,0x05, /* attribute without length */
117 0x00,0x03,0x00,0x04, /* attribute with length */
118 0x01,0x02,0x03,0x04
119
120
121 };
122
123 sa_chunk.ptr = sa_bytes;
124 sa_chunk.len = sizeof(sa_bytes);
125
126
127 parser = parser_create(sa_chunk);
128 tester->assert_true(tester,(parser != NULL), "parser create check");
129 status = parser->parse_payload(parser, SECURITY_ASSOCIATION, (payload_t**)&sa_payload);
130 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
131 parser->destroy(parser);
132
133 if (status != SUCCESS)
134 {
135 return;
136 }
137
138
139 proposals = sa_payload->create_proposal_substructure_iterator(sa_payload, TRUE);
140 while (proposals->has_next(proposals))
141 {
142 proposal_substructure_t *proposal;
143 proposals->current(proposals, (void**)&proposal);
144 chunk_t spi;
145 u_int8_t spi_should[] = {0x01, 0x02, 0x03, 0x04};
146
147 tester->assert_true(tester,(proposal->get_proposal_number(proposal) == 1),"proposal number");
148 tester->assert_true(tester,(proposal->get_protocol_id(proposal) == 2),"proposal id");
149 spi = proposal->get_spi(proposal);
150 tester->assert_false(tester,(memcmp(&spi_should, spi.ptr, spi.len)),"proposal spi");
151
152 transforms = proposal->create_transform_substructure_iterator(proposal, TRUE);
153 while(transforms->has_next(transforms))
154 {
155 transform_substructure_t *transform;
156 int loopi;
157 transforms->current(transforms, (void**)&transform);
158 tester->assert_true(tester,(transform->get_transform_type(transform) == 7),"transform type");
159 tester->assert_true(tester,(transform->get_transform_id(transform) == 3),"transform id");
160 attributes = transform->create_transform_attribute_iterator(transform, TRUE);
161 loopi = 0;
162 while (attributes->has_next(attributes))
163 {
164 transform_attribute_t *attribute;
165 attributes->current(attributes, (void**)&attribute);
166 if (loopi == 0)
167 {
168 u_int8_t value[] = {0x05, 0x00};
169 chunk_t attribute_value;
170 tester->assert_true(tester,(attribute->get_attribute_type(attribute) == 1),"attribute 1 type");
171 attribute_value = attribute->get_value_chunk(attribute);
172 tester->assert_false(tester,(memcmp(&value, attribute_value.ptr, attribute_value.len)),"attribute 1 value");
173 }
174 if (loopi == 1)
175 {
176 u_int8_t value[] = {0x01, 0x02, 0x03, 0x04};
177 chunk_t attribute_value;
178 tester->assert_true(tester,(attribute->get_attribute_type(attribute) == 3),"attribute 2 type");
179 attribute_value = attribute->get_value_chunk(attribute);
180 tester->assert_false(tester,(memcmp(&value, attribute_value.ptr, attribute_value.len)),"attribute 2 value");
181 }
182 loopi++;
183 }
184 attributes->destroy(attributes);
185 }
186 transforms->destroy(transforms);
187 }
188 proposals->destroy(proposals);
189
190 sa_payload->destroy(sa_payload);
191
192
193
194 /* now test SA functionality after parsing an SA payload*/
195
196 u_int8_t sa_bytes2[] = {
197 0x00,0x00,0x00,0x6C, /* payload header*/
198 0x02,0x00,0x00,0x34, /* a proposal */
199 0x01,0x01,0x00,0x04,
200 0x03,0x00,0x00,0x0C, /* transform 1 */
201 0x01,0x00,0x00,0x01,
202 0x80,0x0E,0x00,0x14, /* keylength attribute with 20 bytes length */
203 0x03,0x00,0x00,0x0C, /* transform 2 */
204 0x02,0x00,0x00,0x01,
205 0x80,0x0E,0x00,0x14, /* keylength attribute with 20 bytes length */
206 0x03,0x00,0x00,0x0C, /* transform 3 */
207 0x03,0x00,0x00,0x01,
208 0x80,0x0E,0x00,0x14, /* keylength attribute with 20 bytes length */
209 0x00,0x00,0x00,0x08, /* transform 4 */
210 0x04,0x00,0x00,0x01,
211 0x00,0x00,0x00,0x34, /* a proposal */
212 0x01,0x01,0x00,0x04,
213 0x03,0x00,0x00,0x0C, /* transform 1 */
214 0x01,0x00,0x00,0x02,
215 0x80,0x0E,0x00,0x10, /* keylength attribute with 16 bytes length */
216 0x03,0x00,0x00,0x0C, /* transform 2 */
217 0x02,0x00,0x00,0x02,
218 0x80,0x0E,0x00,0x10, /* keylength attribute with 16 bytes length */
219 0x03,0x00,0x00,0x0C, /* transform 3 */
220 0x03,0x00,0x00,0x02,
221 0x80,0x0E,0x00,0x10, /* keylength attribute with 16 bytes length */
222 0x00,0x00,0x00,0x08, /* transform 4 */
223 0x04,0x00,0x00,0x02,
224 };
225
226 sa_chunk2.ptr = sa_bytes2;
227 sa_chunk2.len = sizeof(sa_bytes2);
228
229 parser = parser_create(sa_chunk2);
230 tester->assert_true(tester,(parser != NULL), "parser create check");
231 status = parser->parse_payload(parser, SECURITY_ASSOCIATION, (payload_t**)&sa_payload);
232 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
233 parser->destroy(parser);
234
235 if (status != SUCCESS)
236 {
237 return;
238 }
239
240 status = sa_payload->payload_interface.verify(&(sa_payload->payload_interface));
241 tester->assert_true(tester,(status == SUCCESS),"verify call check");
242
243 status = sa_payload->get_ike_proposals (sa_payload, &ike_proposals, &ike_proposal_count);
244 tester->assert_true(tester,(status == SUCCESS),"get ike proposals call check");
245
246 tester->assert_true(tester,(ike_proposal_count == 2),"ike proposal count check");
247 tester->assert_true(tester,(ike_proposals[0].encryption_algorithm == 1),"ike proposal content check");
248 tester->assert_true(tester,(ike_proposals[0].encryption_algorithm_key_length == 20),"ike proposal content check");
249 tester->assert_true(tester,(ike_proposals[0].integrity_algorithm == 1),"ike proposal content check");
250 tester->assert_true(tester,(ike_proposals[0].integrity_algorithm_key_length == 20),"ike proposal content check");
251 tester->assert_true(tester,(ike_proposals[0].pseudo_random_function == 1),"ike proposal content check");
252 tester->assert_true(tester,(ike_proposals[0].pseudo_random_function_key_length == 20),"ike proposal content check");
253 tester->assert_true(tester,(ike_proposals[0].diffie_hellman_group == 1),"ike proposal content check");
254
255 tester->assert_true(tester,(ike_proposals[1].encryption_algorithm == 2),"ike proposal content check");
256 tester->assert_true(tester,(ike_proposals[1].encryption_algorithm_key_length == 16),"ike proposal content check");
257 tester->assert_true(tester,(ike_proposals[1].integrity_algorithm == 2),"ike proposal content check");
258 tester->assert_true(tester,(ike_proposals[1].integrity_algorithm_key_length == 16),"ike proposal content check");
259 tester->assert_true(tester,(ike_proposals[1].pseudo_random_function == 2),"ike proposal content check");
260 tester->assert_true(tester,(ike_proposals[1].pseudo_random_function_key_length == 16),"ike proposal content check");
261 tester->assert_true(tester,(ike_proposals[1].diffie_hellman_group == 2),"ike proposal content check");
262
263
264 if (status == SUCCESS)
265 {
266 allocator_free(ike_proposals);
267 }
268 sa_payload->destroy(sa_payload);
269
270 /* now test SA functionality after parsing an SA payload with child sa proposals*/
271 u_int8_t sa_bytes3[] = {
272 0x00,0x00,0x00,0xA0, /* payload header*/
273
274 /* suite 1 */
275 0x02,0x00,0x00,0x28, /* a proposal */
276 0x01,0x02,0x04,0x03,
277 0x01,0x01,0x01,0x01,
278 0x03,0x00,0x00,0x0C, /* transform 1 */
279 0x03,0x00,0x00,0x01,
280 0x80,0x0E,0x00,0x14, /* keylength attribute with 20 bytes length */
281
282 0x03,0x00,0x00,0x08, /* transform 2 */
283 0x04,0x00,0x00,0x0E,
284
285 0x00,0x00,0x00,0x08, /* transform 3 */
286 0x05,0x00,0x00,0x01,
287
288
289 0x02,0x00,0x00,0x20, /* a proposal */
290 0x01,0x03,0x04,0x02,
291 0x02,0x02,0x02,0x02,
292
293 0x03,0x00,0x00,0x0C, /* transform 1 */
294 0x01,0x00,0x00,0x0C,
295 0x80,0x0E,0x00,0x20, /* keylength attribute with 32 bytes length */
296
297 0x00,0x00,0x00,0x08, /* transform 2 */
298 0x04,0x00,0x00,0x02,
299
300 /* suite 2 */
301 0x02,0x00,0x00,0x28, /* a proposal */
302 0x02,0x02,0x04,0x03,
303 0x01,0x01,0x01,0x01,
304 0x03,0x00,0x00,0x0C, /* transform 1 */
305 0x03,0x00,0x00,0x01,
306 0x80,0x0E,0x00,0x14, /* keylength attribute with 20 bytes length */
307
308 0x03,0x00,0x00,0x08, /* transform 2 */
309 0x04,0x00,0x00,0x0E,
310
311 0x00,0x00,0x00,0x08, /* transform 3 */
312 0x05,0x00,0x00,0x01,
313
314
315 0x00,0x00,0x00,0x2C, /* a proposal */
316 0x02,0x03,0x04,0x03,
317 0x02,0x02,0x02,0x02,
318
319 0x03,0x00,0x00,0x0C, /* transform 1 */
320 0x01,0x00,0x00,0x0C,
321 0x80,0x0E,0x00,0x20, /* keylength attribute with 32 bytes length */
322
323 0x03,0x00,0x00,0x0C, /* transform 2 */
324 0x03,0x00,0x00,0x01,
325 0x80,0x0E,0x00,0x14, /* keylength attribute with 20 bytes length */
326
327 0x00,0x00,0x00,0x08, /* transform 3 */
328 0x04,0x00,0x00,0x02,
329 };
330
331 sa_chunk3.ptr = sa_bytes3;
332 sa_chunk3.len = sizeof(sa_bytes3);
333
334 parser = parser_create(sa_chunk3);
335 tester->assert_true(tester,(parser != NULL), "parser create check");
336 status = parser->parse_payload(parser, SECURITY_ASSOCIATION, (payload_t**)&sa_payload);
337 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
338 parser->destroy(parser);
339
340 if (status != SUCCESS)
341 {
342 return;
343 }
344
345 status = sa_payload->payload_interface.verify(&(sa_payload->payload_interface));
346 tester->assert_true(tester,(status == SUCCESS),"verify call check");
347
348 status = sa_payload->get_ike_proposals (sa_payload, &ike_proposals, &ike_proposal_count);
349 tester->assert_false(tester,(status == SUCCESS),"get ike proposals call check");
350
351 status = sa_payload->get_child_proposals (sa_payload, &child_proposals, &child_proposal_count);
352 tester->assert_true(tester,(status == SUCCESS),"get child proposals call check");
353
354
355 tester->assert_true(tester,(child_proposal_count == 2),"child proposal count check");
356 tester->assert_true(tester,(child_proposals[0].ah.is_set == TRUE),"is ah set check");
357 tester->assert_true(tester,(child_proposals[0].ah.integrity_algorithm == AUTH_HMAC_MD5_96),"integrity_algorithm check");
358 tester->assert_true(tester,(child_proposals[0].ah.integrity_algorithm_key_size == 20),"integrity_algorithm_key_size check");
359 tester->assert_true(tester,(child_proposals[0].ah.diffie_hellman_group == MODP_2048_BIT),"diffie_hellman_group check");
360 tester->assert_true(tester,(child_proposals[0].ah.extended_sequence_numbers == EXT_SEQ_NUMBERS),"extended_sequence_numbers check");
361 tester->assert_true(tester,(child_proposals[0].ah.spi[0] == 1),"spi check");
362 tester->assert_true(tester,(child_proposals[0].ah.spi[1] == 1),"spi check");
363 tester->assert_true(tester,(child_proposals[0].ah.spi[2] == 1),"spi check");
364 tester->assert_true(tester,(child_proposals[0].ah.spi[3] == 1),"spi check");
365
366 tester->assert_true(tester,(child_proposals[0].esp.is_set == TRUE),"is ah set check");
367 tester->assert_true(tester,(child_proposals[0].esp.encryption_algorithm == ENCR_AES_CBC),"integrity_algorithm check");
368 tester->assert_true(tester,(child_proposals[0].esp.encryption_algorithm_key_size == 32),"integrity_algorithm_key_size check");
369 tester->assert_true(tester,(child_proposals[0].esp.diffie_hellman_group == MODP_1024_BIT),"diffie_hellman_group check");
370 tester->assert_true(tester,(child_proposals[0].esp.integrity_algorithm == AUTH_UNDEFINED),"integrity_algorithm check");
371 tester->assert_true(tester,(child_proposals[0].esp.spi[0] == 2),"spi check");
372 tester->assert_true(tester,(child_proposals[0].esp.spi[1] == 2),"spi check");
373 tester->assert_true(tester,(child_proposals[0].esp.spi[2] == 2),"spi check");
374 tester->assert_true(tester,(child_proposals[0].esp.spi[3] == 2),"spi check");
375
376 tester->assert_true(tester,(child_proposals[1].ah.is_set == TRUE),"is ah set check");
377 tester->assert_true(tester,(child_proposals[1].ah.integrity_algorithm == AUTH_HMAC_MD5_96),"integrity_algorithm check");
378 tester->assert_true(tester,(child_proposals[1].ah.integrity_algorithm_key_size == 20),"integrity_algorithm_key_size check");
379 tester->assert_true(tester,(child_proposals[1].ah.diffie_hellman_group == MODP_2048_BIT),"diffie_hellman_group check");
380 tester->assert_true(tester,(child_proposals[1].ah.extended_sequence_numbers == EXT_SEQ_NUMBERS),"extended_sequence_numbers check");
381 tester->assert_true(tester,(child_proposals[1].ah.spi[0] == 1),"spi check");
382 tester->assert_true(tester,(child_proposals[1].ah.spi[1] == 1),"spi check");
383 tester->assert_true(tester,(child_proposals[1].ah.spi[2] == 1),"spi check");
384 tester->assert_true(tester,(child_proposals[1].ah.spi[3] == 1),"spi check");
385
386 tester->assert_true(tester,(child_proposals[1].esp.is_set == TRUE),"is ah set check");
387 tester->assert_true(tester,(child_proposals[1].esp.encryption_algorithm == ENCR_AES_CBC),"integrity_algorithm check");
388 tester->assert_true(tester,(child_proposals[1].esp.encryption_algorithm_key_size == 32),"integrity_algorithm_key_size check");
389 tester->assert_true(tester,(child_proposals[1].esp.diffie_hellman_group == MODP_1024_BIT),"diffie_hellman_group check");
390 tester->assert_true(tester,(child_proposals[1].esp.integrity_algorithm == AUTH_HMAC_MD5_96),"integrity_algorithm check");
391 tester->assert_true(tester,(child_proposals[1].esp.integrity_algorithm_key_size == 20),"integrity_algorithm check");
392 tester->assert_true(tester,(child_proposals[1].esp.spi[0] == 2),"spi check");
393 tester->assert_true(tester,(child_proposals[1].esp.spi[1] == 2),"spi check");
394 tester->assert_true(tester,(child_proposals[1].esp.spi[2] == 2),"spi check");
395 tester->assert_true(tester,(child_proposals[1].esp.spi[3] == 2),"spi check");
396
397 if (status == SUCCESS)
398 {
399 allocator_free(child_proposals);
400 }
401
402
403 sa_payload->destroy(sa_payload);
404 }
405
406 /*
407 * Described in Header
408 */
409 void test_parser_with_nonce_payload(tester_t *tester)
410 {
411 parser_t *parser;
412 nonce_payload_t *nonce_payload;
413 status_t status;
414 chunk_t nonce_chunk, result;
415
416 u_int8_t nonce_bytes[] = {
417 0x00,0x00,0x00,0x14, /* payload header */
418 0x00,0x01,0x02,0x03, /* 16 Byte nonce */
419 0x04,0x05,0x06,0x07,
420 0x08,0x09,0x0A,0x2B,
421 0x0C,0x0D,0x0E,0x0F
422 };
423
424 nonce_chunk.ptr = nonce_bytes;
425 nonce_chunk.len = sizeof(nonce_bytes);
426
427 parser = parser_create(nonce_chunk);
428 tester->assert_true(tester,(parser != NULL), "parser create check");
429 status = parser->parse_payload(parser, NONCE, (payload_t**)&nonce_payload);
430 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
431 parser->destroy(parser);
432
433 if (status != SUCCESS)
434 {
435 return;
436 }
437 nonce_payload->get_nonce(nonce_payload, &result);
438 tester->assert_true(tester,(result.len == 16), "parsed nonce lenght");
439 tester->assert_false(tester,(memcmp(nonce_bytes + 4, result.ptr, result.len)), "parsed nonce data");
440 nonce_payload->destroy(nonce_payload);
441 allocator_free_chunk(&result);
442 }
443
444 /*
445 * Described in Header
446 */
447 void test_parser_with_id_payload(tester_t *tester)
448 {
449 parser_t *parser;
450 id_payload_t *id_payload;
451 status_t status;
452 chunk_t id_chunk, result;
453
454 u_int8_t id_bytes[] = {
455 0x00,0x00,0x00,0x14, /* payload header */
456 0x05,0x01,0x02,0x03,
457 0x04,0x05,0x06,0x07,/* 12 Byte nonce */
458 0x08,0x09,0x0A,0x2B,
459 0x0C,0x0D,0x0E,0x0F
460 };
461
462 id_chunk.ptr = id_bytes;
463 id_chunk.len = sizeof(id_bytes);
464
465 parser = parser_create(id_chunk);
466 tester->assert_true(tester,(parser != NULL), "parser create check");
467 status = parser->parse_payload(parser, ID_INITIATOR, (payload_t**)&id_payload);
468 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
469 parser->destroy(parser);
470
471 if (status != SUCCESS)
472 {
473 return;
474 }
475 result = id_payload->get_data_clone(id_payload);
476 tester->assert_true(tester,(id_payload->get_initiator(id_payload) == TRUE), "is IDi payload");
477 tester->assert_true(tester,(id_payload->get_id_type(id_payload) == ID_IPV6_ADDR), "is ID_IPV6_ADDR ID type");
478 tester->assert_true(tester,(result.len == 12), "parsed data lenght");
479 tester->assert_false(tester,(memcmp(id_bytes + 8, result.ptr, result.len)), "parsed nonce data");
480 id_payload->destroy(id_payload);
481 allocator_free_chunk(&result);
482 }
483
484
485 /*
486 * Described in Header
487 */
488 void test_parser_with_ke_payload(tester_t *tester)
489 {
490 parser_t *parser;
491 ke_payload_t *ke_payload;
492 status_t status;
493 chunk_t ke_chunk, result;
494
495 u_int8_t ke_bytes[] = {
496 0x00,0x00,0x00,0x18, /* payload header */
497 0x00,0x03,0x00,0x00, /* dh group 3 */
498 0x01,0x02,0x03,0x03, /* 16 Byte dh data */
499 0x04,0x05,0x06,0x07,
500 0x08,0x09,0x0A,0x2B,
501 0x0C,0x0D,0x0E,0x0F
502 };
503
504 ke_chunk.ptr = ke_bytes;
505 ke_chunk.len = sizeof(ke_bytes);
506
507 parser = parser_create(ke_chunk);
508 tester->assert_true(tester,(parser != NULL), "parser create check");
509 status = parser->parse_payload(parser, KEY_EXCHANGE, (payload_t**)&ke_payload);
510 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
511 parser->destroy(parser);
512
513 if (status != SUCCESS)
514 {
515 return;
516 }
517 tester->assert_true(tester,(ke_payload->get_dh_group_number(ke_payload) == 3), "DH group");
518 result = ke_payload->get_key_exchange_data(ke_payload);
519 tester->assert_true(tester,(result.len == 16), "parsed key lenght");
520 tester->assert_false(tester,(memcmp(ke_bytes + 8, result.ptr, result.len)), "parsed key data");
521 ke_payload->destroy(ke_payload);
522 }
523
524
525 /*
526 * Described in Header
527 */
528 void test_parser_with_notify_payload(tester_t *tester)
529 {
530 parser_t *parser;
531 notify_payload_t *notify_payload;
532 status_t status;
533 chunk_t notify_chunk, result;
534
535 u_int8_t notify_bytes[] = {
536 0x00,0x00,0x00,0x1C, /* payload header */
537 0x03,0x04,0x00,0x01,
538 0x01,0x02,0x03,0x03, /* spi */
539 0x04,0x05,0x06,0x07, /* noti dati */
540 0x08,0x09,0x0A,0x2B,
541 0x0C,0x0D,0x0E,0x0F,
542 0x0C,0x0D,0x0E,0x0F
543 };
544
545 notify_chunk.ptr = notify_bytes;
546 notify_chunk.len = sizeof(notify_bytes);
547
548 parser = parser_create(notify_chunk);
549 tester->assert_true(tester,(parser != NULL), "parser create check");
550 status = parser->parse_payload(parser, NOTIFY, (payload_t**)&notify_payload);
551 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
552 parser->destroy(parser);
553
554 if (status != SUCCESS)
555 {
556 return;
557 }
558 tester->assert_true(tester,(notify_payload->get_protocol_id(notify_payload) == 3), "Protocol id");
559 tester->assert_true(tester,(notify_payload->get_notify_message_type(notify_payload) == 1), "notify message type");
560
561 result = notify_payload->get_spi(notify_payload);
562 tester->assert_false(tester,(memcmp(notify_bytes + 8, result.ptr, result.len)), "parsed spi");
563
564 result = notify_payload->get_notification_data(notify_payload);
565 tester->assert_false(tester,(memcmp(notify_bytes + 12, result.ptr, result.len)), "parsed notification data");
566
567 notify_payload->destroy(notify_payload);
568 }
569
570 /*
571 * Described in Header
572 */
573 void test_parser_with_auth_payload(tester_t *tester)
574 {
575 parser_t *parser;
576 auth_payload_t *auth_payload;
577 status_t status;
578 chunk_t auth_chunk, result;
579
580 u_int8_t auth_bytes[] = {
581 0x00,0x00,0x00,0x14, /* payload header */
582 0x03,0x01,0x02,0x03,
583 0x04,0x05,0x06,0x07,/* 12 Byte nonce */
584 0x08,0x09,0x0A,0x2B,
585 0x0C,0x0D,0x0E,0x0F
586 };
587
588 auth_chunk.ptr = auth_bytes;
589 auth_chunk.len = sizeof(auth_bytes);
590
591 parser = parser_create(auth_chunk);
592 tester->assert_true(tester,(parser != NULL), "parser create check");
593 status = parser->parse_payload(parser, AUTHENTICATION, (payload_t**)&auth_payload);
594 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
595 parser->destroy(parser);
596
597 if (status != SUCCESS)
598 {
599 return;
600 }
601 result = auth_payload->get_data_clone(auth_payload);
602 tester->assert_true(tester,(auth_payload->get_auth_method(auth_payload) == DSS_DIGITAL_SIGNATURE), "is DSS_DIGITAL_SIGNATURE method");
603 tester->assert_true(tester,(result.len == 12), "parsed data lenght");
604 tester->assert_false(tester,(memcmp(auth_bytes + 8, result.ptr, result.len)), "parsed nonce data");
605 auth_payload->destroy(auth_payload);
606 allocator_free_chunk(&result);
607 }
608
609 /*
610 * Described in Header
611 */
612 void test_parser_with_ts_payload(tester_t *tester)
613 {
614 parser_t *parser;
615 ts_payload_t *ts_payload;
616 status_t status;
617 chunk_t ts_chunk;
618 traffic_selector_substructure_t *ts1, *ts2;
619 host_t *start_host1, *start_host2, *end_host1, *end_host2;
620 iterator_t *iterator;
621
622 u_int8_t ts_bytes[] = {
623 /* payload header */
624 0x00,0x00,0x00,0x28,
625 0x02,0x00,0x00,0x00,
626
627 /* traffic selector 1 */
628 0x07,0x00,0x00,0x10,
629 0x01,0xF4,0x01,0xF4,
630 0xC0,0xA8,0x01,0x00,
631 0xC0,0xA8,0x01,0xFF,
632
633 /* traffic selector 2 */
634 0x07,0x03,0x00,0x10,
635 0x00,0x00,0xFF,0xFF,
636 0x00,0x00,0x00,0x00,
637 0xFF,0xFF,0xFF,0xFF,
638 };
639
640 ts_chunk.ptr = ts_bytes;
641 ts_chunk.len = sizeof(ts_bytes);
642
643 parser = parser_create(ts_chunk);
644 tester->assert_true(tester,(parser != NULL), "parser create check");
645 status = parser->parse_payload(parser, TRAFFIC_SELECTOR_RESPONDER, (payload_t**)&ts_payload);
646 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
647 parser->destroy(parser);
648
649 if (status != SUCCESS)
650 {
651 return;
652 }
653
654 iterator = ts_payload->create_traffic_selector_substructure_iterator(ts_payload,TRUE);
655
656 tester->assert_true(tester,(iterator->has_next(iterator)), "has next check");
657
658 /* check first ts */
659 iterator->current(iterator,(void **)&ts1);
660 tester->assert_true(tester,(ts1->get_protocol_id(ts1) == 0), "ip protocol id check");
661 start_host1 = ts1->get_start_host(ts1);
662 end_host1 = ts1->get_end_host(ts1);
663 tester->assert_true(tester,(start_host1->get_port(start_host1) == 500), "start port check");
664 tester->assert_true(tester,(end_host1->get_port(end_host1) == 500), "start port check");
665 tester->assert_true(tester,(memcmp(start_host1->get_address(start_host1),"192.168.1.0",strlen("192.168.1.0")) == 0), "start address check");
666 tester->assert_true(tester,(memcmp(end_host1->get_address(end_host1),"192.168.1.255",strlen("192.168.1.255")) == 0), "end address check");
667
668 start_host1->destroy(start_host1);
669 end_host1->destroy(end_host1);
670
671 tester->assert_true(tester,(iterator->has_next(iterator)), "has next check");
672
673 /* check second ts */
674
675 iterator->current(iterator,(void **)&ts2);
676
677 tester->assert_true(tester,(ts2->get_protocol_id(ts2) == 3), "ip protocol id check");
678 start_host2 = ts2->get_start_host(ts2);
679 end_host2 = ts2->get_end_host(ts2);
680 tester->assert_true(tester,(start_host2->get_port(start_host2) == 0), "start port check");
681 tester->assert_true(tester,(end_host2->get_port(end_host2) == 65535), "start port check");
682 tester->assert_true(tester,(memcmp(start_host2->get_address(start_host2),"0.0.0.0",strlen("0.0.0.0")) == 0), "start address check");
683 tester->assert_true(tester,(memcmp(end_host2->get_address(end_host2),"255.255.255.255",strlen("255.255.255.255")) == 0), "end address check");
684 start_host2->destroy(start_host2);
685 end_host2->destroy(end_host2);
686
687
688
689 tester->assert_false(tester,(iterator->has_next(iterator)), "has next check");
690
691 iterator->destroy(iterator);
692
693 ts_payload->destroy(ts_payload);
694 }
695
696 /*
697 * Described in Header
698 */
699 void test_parser_with_cert_payload(tester_t *tester)
700 {
701 parser_t *parser;
702 cert_payload_t *cert_payload;
703 status_t status;
704 chunk_t cert_chunk, result;
705
706 u_int8_t cert_bytes[] = {
707 0x00,0x00,0x00,0x11, /* payload header */
708 0x03,
709 0x04,0x05,0x06,0x07,/* 12 Byte nonce */
710 0x08,0x09,0x0A,0x2B,
711 0x0C,0x0D,0x0E,0x0F
712 };
713
714 cert_chunk.ptr = cert_bytes;
715 cert_chunk.len = sizeof(cert_bytes);
716
717 parser = parser_create(cert_chunk);
718 tester->assert_true(tester,(parser != NULL), "parser create check");
719 status = parser->parse_payload(parser, CERTIFICATE, (payload_t**)&cert_payload);
720 tester->assert_true(tester,(status == SUCCESS),"parse_payload call check");
721 parser->destroy(parser);
722
723 if (status != SUCCESS)
724 {
725 return;
726 }
727 result = cert_payload->get_data_clone(cert_payload);
728 tester->assert_true(tester,(cert_payload->get_cert_encoding(cert_payload) == DNS_SIGNED_KEY), "is DNS_SIGNED_KEY encoding");
729 tester->assert_true(tester,(result.len == 12), "parsed data lenght");
730 tester->assert_false(tester,(memcmp(cert_bytes + 5, result.ptr, result.len)), "parsed data");
731 cert_payload->destroy(cert_payload);
732 allocator_free_chunk(&result);
733 }
734