src/charon-tkm/tests/keymat_tests.c

   1 /*
   2  * Copyright (C) 2012 Reto Buerki
   3  * Copyright (C) 2012 Adrian-Ken Rueegsegger
   4  * Hochschule fuer Technik Rapperswil
   5  *
   6  * This program is free software; you can redistribute it and/or modify it
   7  * under the terms of the GNU General Public License as published by the
   8  * Free Software Foundation; either version 2 of the License, or (at your
   9  * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
  10  *
  11  * This program is distributed in the hope that it will be useful, but
  12  * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  13  * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * for more details.
  15  */
  16
  17 #include <check.h>
  18 #include <daemon.h>
  19 #include <hydra.h>
  20 #include <config/proposal.h>
  21 #include <encoding/payloads/ike_header.h>
  22 #include <plugins/kernel_netlink/kernel_netlink_net.h>
  23 #include <tkm/client.h>
  24
  25 #include "tkm.h"
  26 #include "tkm_nonceg.h"
  27 #include "tkm_diffie_hellman.h"
  28 #include "tkm_keymat.h"
  29 #include "tkm_kernel_ipsec.h"
  30
  31 START_TEST(test_derive_ike_keys)
  32 {
  33         fail_if(!library_init(NULL), "Unable to init library");
  34         fail_if(!libhydra_init("tkm-tests"), "Unable to init libhydra");
  35         fail_if(!libcharon_init("tkm-tests"), "Unable to init libcharon");
  36
  37         /* Register TKM specific plugins */
  38         static plugin_feature_t features[] = {
  39                 PLUGIN_REGISTER(NONCE_GEN, tkm_nonceg_create),
  40                         PLUGIN_PROVIDE(NONCE_GEN),
  41                 PLUGIN_REGISTER(DH, tkm_diffie_hellman_create),
  42                         PLUGIN_PROVIDE(DH, MODP_3072_BIT),
  43                         PLUGIN_PROVIDE(DH, MODP_4096_BIT),
  44                 PLUGIN_CALLBACK(kernel_ipsec_register, tkm_kernel_ipsec_create),
  45                         PLUGIN_PROVIDE(CUSTOM, "kernel-ipsec"),
  46                         PLUGIN_DEPENDS(RNG, RNG_WEAK),
  47                 PLUGIN_CALLBACK(kernel_net_register, kernel_netlink_net_create),
  48                         PLUGIN_PROVIDE(CUSTOM, "kernel-net"),
  49         };
  50         lib->plugins->add_static_features(lib->plugins, "tkm-tests", features,
  51                         countof(features), TRUE);
  52
  53         fail_if(!charon->initialize(charon, PLUGINS), "Unable to init charon");
  54
  55         proposal_t *proposal = proposal_create_from_string(PROTO_IKE,
  56                         "aes256-sha512-modp4096");
  57         fail_if(!proposal, "Unable to create proposal");
  58         ike_sa_id_t *ike_sa_id = ike_sa_id_create(IKEV2_MAJOR_VERSION,
  59                         123912312312, 32312313122, TRUE);
  60         fail_if(!ike_sa_id, "Unable to create IKE SA ID");
  61
  62         tkm_keymat_t *keymat = tkm_keymat_create(TRUE);
  63         fail_if(!keymat, "Unable to create keymat");
  64         fail_if(!keymat->get_isa_id(keymat), "Invalid ISA context id (0)");
  65
  66         chunk_t nonce;
  67         tkm_nonceg_t *ng = tkm_nonceg_create();
  68         fail_if(!ng, "Unable to create nonce generator");
  69         fail_unless(ng->nonce_gen.allocate_nonce(&ng->nonce_gen, 32, &nonce),
  70                         "Unable to allocate nonce");
  71         ng->nonce_gen.destroy(&ng->nonce_gen);
  72
  73         tkm_diffie_hellman_t *dh = tkm_diffie_hellman_create(MODP_4096_BIT);
  74         fail_if(!dh, "Unable to create DH");
  75
  76         /* Use the same pubvalue for both sides */
  77         chunk_t pubvalue;
  78         dh->dh.get_my_public_value(&dh->dh, &pubvalue);
  79         dh->dh.set_other_public_value(&dh->dh, pubvalue);
  80
  81         fail_unless(keymat->derive_ike_keys(keymat, proposal, &dh->dh, nonce, nonce,
  82                                 ike_sa_id, PRF_UNDEFINED, chunk_empty), "Key derivation failed");
  83         chunk_free(&nonce);
  84
  85         aead_t * const aead = keymat->keymat.get_aead(&keymat->keymat, TRUE);
  86         fail_if(!aead, "AEAD is NULL");
  87
  88         fail_if(aead->get_key_size(aead) != 96, "Key size mismatch %d",
  89                         aead->get_key_size(aead));
  90         fail_if(aead->get_block_size(aead) != 16, "Block size mismatch %d",
  91                         aead->get_block_size(aead));
  92
  93         proposal->destroy(proposal);
  94         dh->dh.destroy(&dh->dh);
  95         ike_sa_id->destroy(ike_sa_id);
  96         keymat->keymat.destroy(&keymat->keymat);
  97         chunk_free(&pubvalue);
  98
  99         libcharon_deinit();
 100         libhydra_deinit();
 101         library_deinit();
 102 }
 103 END_TEST
 104
 105 TCase *make_keymat_tests(void)
 106 {
 107         TCase *tc = tcase_create("Keymat tests");
 108         tcase_add_test(tc, test_derive_ike_keys);
 109
 110         return tc;
 111 }