- tested encryption payload
authorMartin Willi <martin@strongswan.org>
Tue, 29 Nov 2005 15:58:09 +0000 (15:58 -0000)
committerMartin Willi <martin@strongswan.org>
Tue, 29 Nov 2005 15:58:09 +0000 (15:58 -0000)
Source/charon/encoding/message.c
Source/charon/encoding/parser.c
Source/charon/encoding/payloads/encryption_payload.c
Source/charon/encoding/payloads/encryption_payload.h
Source/charon/encoding/payloads/payload.c
Source/charon/testcases/Makefile.testcases
Source/charon/testcases/encryption_payload_test.c [new file with mode: 0644]
Source/charon/testcases/encryption_payload_test.h [new file with mode: 0644]
Source/charon/testcases/testcases.c

index 9e96232..389b333 100644 (file)
@@ -496,8 +496,8 @@ static status_t generate(private_message_t *this, crypter_t *crypter, signer_t*
        if (payload->get_type(payload) == ENCRYPTED)
        {
                encryption_payload_t *encryption_payload = (encryption_payload_t*)payload;
-               encryption_payload->set_signer(encryption_payload, signer);
-               status = encryption_payload->encrypt(encryption_payload, crypter);
+               encryption_payload->set_transforms(encryption_payload, crypter, signer);
+               status = encryption_payload->encrypt(encryption_payload);
                if (status != SUCCESS)
                {
                        generator->destroy(generator);
@@ -623,7 +623,7 @@ static status_t parse_body(private_message_t *this, crypter_t *crypter, signer_t
                if (current_payload->get_type(current_payload) == ENCRYPTED)
                {
                        encryption_payload_t *encryption_payload = (encryption_payload_t*)current_payload;
-                       encryption_payload->set_signer(encryption_payload, signer);
+                       encryption_payload->set_transforms(encryption_payload, crypter, signer);
                        status = encryption_payload->verify_signature(encryption_payload, this->packet->data);
                        if (status != SUCCESS)
                        {
@@ -631,7 +631,7 @@ static status_t parse_body(private_message_t *this, crypter_t *crypter, signer_t
                                current_payload->destroy(current_payload);
                                return status;
                        }
-                       status = encryption_payload->decrypt(encryption_payload, crypter);
+                       status = encryption_payload->decrypt(encryption_payload);
                        if (status != SUCCESS)
                        {
                                this->logger->log(this->logger, ERROR, "parsing decrypted encryption payload failed");
index 076157c..e3fbd46 100644 (file)
@@ -849,7 +849,7 @@ static status_t parse_payload(private_parser_t *this, payload_type_t payload_typ
                        }
                        case ENCRYPTED_DATA:
                        {                               
-                               size_t data_length = payload_length - ENCRYPTION_PAYLOAD_HEADER_LENGTH ;
+                               size_t data_length = payload_length - ENCRYPTION_PAYLOAD_HEADER_LENGTH;
                                if (this->parse_chunk(this, rule_number, output + rule->offset, data_length) != SUCCESS) 
                                {
                                        pld->destroy(pld);
index db4b441..4acfa61 100644 (file)
@@ -68,16 +68,6 @@ struct private_encryption_payload_t {
        u_int16_t payload_length;
        
        /**
-        * Initialization vector.
-        */
-       chunk_t iv;
-       
-       /**
-        * Integrity checksum.
-        */
-       chunk_t checksum;
-       
-       /**
         * Chunk containing the iv, data, padding,
         * and (an eventually not calculated) signature.
         */
@@ -94,6 +84,11 @@ struct private_encryption_payload_t {
        signer_t *signer;
        
        /**
+        * Crypter, supplied by encrypt/decrypt
+        */
+       crypter_t *crypter;
+       
+       /**
         * Contained payloads of this encrpytion_payload.
         */
        linked_list_t *payloads;
@@ -232,11 +227,8 @@ static void destroy(private_encryption_payload_t *this)
                current_payload->destroy(current_payload);
        }
        this->payloads->destroy(this->payloads);
-               
-       allocator_free(this->iv.ptr);
        allocator_free(this->encrypted.ptr);
        allocator_free(this->decrypted.ptr);
-       allocator_free(this->checksum.ptr);
        allocator_free(this);
 }
 
@@ -301,30 +293,28 @@ static void add_payload(private_encryption_payload_t *this, payload_t *payload)
        if (this->payloads->get_count(this->payloads) > 0)
        {
                this->payloads->get_last(this->payloads,(void **) &last_payload);
-       }
-       
-       if (this->payloads->get_count(this->payloads) == 1)
-       {
-               this->next_payload = payload->get_type(payload);
+               last_payload->set_next_type(last_payload, payload->get_type(payload));
        }
        else
        {
-               last_payload->set_next_type(last_payload, payload->get_type(payload));
+               this->next_payload = payload->get_type(payload);
        }
        payload->set_next_type(payload, NO_PAYLOAD);
+       this->payloads->insert_last(this->payloads, (void*)payload);
        this->compute_length(this);
 }
 
 /**
  * Implementation of encryption_payload_t.encrypt.
  */
-static status_t encrypt(private_encryption_payload_t *this, crypter_t *crypter)
+static status_t encrypt(private_encryption_payload_t *this)
 {
-       chunk_t iv, padding, concatenated;
+       chunk_t iv, padding, to_crypt, result;
        randomizer_t *randomizer;
        status_t status;
+       size_t block_size;
        
-       if (this->signer == NULL)
+       if (this->signer == NULL || this->crypter == NULL)
        {
                return INVALID_STATE;
        }
@@ -336,67 +326,70 @@ static status_t encrypt(private_encryption_payload_t *this, crypter_t *crypter)
        this->generate(this);
        
        /* build padding */
-       padding.len = (this->decrypted.len + 1) % crypter->get_block_size(crypter);
-       status = randomizer->allocate_pseudo_random_bytes(randomizer, padding.len, &padding);
-       if (status != SUCCESS)
-       {
-               randomizer->destroy(randomizer);
-               return status;
-       }
+       block_size = this->crypter->get_block_size(this->crypter);
+       padding.len = block_size - ((this->decrypted.len + 1) %  block_size);
+       randomizer->allocate_pseudo_random_bytes(randomizer, padding.len, &padding);
        
        /* concatenate payload data, padding, padding len */
-       concatenated.len = this->decrypted.len + padding.len + 1;
-       concatenated.ptr = allocator_alloc(concatenated.len);
-
-       memcpy(concatenated.ptr, this->decrypted.ptr, this->decrypted.len);
-       memcpy(concatenated.ptr + this->decrypted.len, padding.ptr, padding.len);
-       *(concatenated.ptr + concatenated.len - 1) = padding.len;
+       to_crypt.len = this->decrypted.len + padding.len + 1;
+       to_crypt.ptr = allocator_alloc(to_crypt.len);
 
+       memcpy(to_crypt.ptr, this->decrypted.ptr, this->decrypted.len);
+       memcpy(to_crypt.ptr + this->decrypted.len, padding.ptr, padding.len);
+       *(to_crypt.ptr + to_crypt.len - 1) = padding.len;
                
        /* build iv */
-       iv.len = crypter->get_block_size(crypter);
+       iv.len = block_size;
        randomizer->allocate_pseudo_random_bytes(randomizer, iv.len, &iv);
        randomizer->destroy(randomizer);
                
-       /* encrypt concatenated chunk */
+       /* encrypt to_crypt chunk */
        allocator_free(this->encrypted.ptr);
-       status = crypter->encrypt(crypter, concatenated, iv, &(this->encrypted));
+       status = this->crypter->encrypt(this->crypter, to_crypt, iv, &result);
        allocator_free(padding.ptr);
-       allocator_free(concatenated.ptr);
-       allocator_free(iv.ptr);
+       allocator_free(to_crypt.ptr);
        if (status != SUCCESS)
        {
+               allocator_free(iv.ptr);
                return status;
        }
        
-       /* append an empty signature */
-       this->encrypted.len += this->signer->get_block_size(this->signer);
-       allocator_realloc(this->encrypted.ptr, this->encrypted.len);
+       /* build encrypted result with iv and signature */
+       this->encrypted.len = iv.len + result.len + this->signer->get_block_size(this->signer);
+       allocator_free(this->encrypted.ptr);
+       this->encrypted.ptr = allocator_alloc(this->encrypted.len);
+       
+       /* fill in result, signature is left out */
+       memcpy(this->encrypted.ptr, iv.ptr, iv.len);
+       memcpy(this->encrypted.ptr + iv.len, result.ptr, result.len);
+       
+       allocator_free(result.ptr);
+       allocator_free(iv.ptr);
        return SUCCESS;
 }
 
 /**
  * Implementation of encryption_payload_t.encrypt.
  */
-static status_t decrypt(private_encryption_payload_t *this, crypter_t *crypter)
+static status_t decrypt(private_encryption_payload_t *this)
 {
        chunk_t iv, concatenated;
        u_int8_t padding_length;
        status_t status;
        
-       if (this->signer == NULL)
+       if (this->signer == NULL || this->crypter == NULL)
        {
                return INVALID_STATE;
        }
-       
+               
        /* get IV */
-       iv.len = crypter->get_block_size(crypter);
+       iv.len = this->crypter->get_block_size(this->crypter);
        iv.ptr = this->encrypted.ptr;
        
        /* point concatenated to data + padding + padding_length*/
        concatenated.ptr = this->encrypted.ptr + iv.len;
        concatenated.len = this->encrypted.len - iv.len - this->signer->get_block_size(this->signer);
-       
+               
        /* check the size of input:
         * concatenated  must be at least on block_size of crypter
         */
@@ -408,7 +401,7 @@ static status_t decrypt(private_encryption_payload_t *this, crypter_t *crypter)
        /* free previus data, if any */
        allocator_free(this->decrypted.ptr);
        
-       status = crypter->decrypt(crypter, concatenated, iv, &(this->decrypted));
+       status = this->crypter->decrypt(this->crypter, concatenated, iv, &(this->decrypted));
        if (status != SUCCESS)
        {
                return FAILED;
@@ -416,6 +409,8 @@ static status_t decrypt(private_encryption_payload_t *this, crypter_t *crypter)
        
        /* get padding length, sits just bevore signature */
        padding_length = *(this->decrypted.ptr + this->decrypted.len - 1);
+       /* add one byte to the padding length, since the padding_length field is not included */
+       padding_length++;
        this->decrypted.len -= padding_length;
        
        /* check size again */
@@ -427,20 +422,19 @@ static status_t decrypt(private_encryption_payload_t *this, crypter_t *crypter)
        
        /* free padding */
        this->decrypted.ptr = allocator_realloc(this->decrypted.ptr, this->decrypted.len);
-       if (this->decrypted.ptr == NULL)
-       {
-               return OUT_OF_RES;
-       }
+       
+       this->parse(this);
        
        return SUCCESS;
 }
 
 /**
- * Implementation of encryption_payload_t.set_signer.
+ * Implementation of encryption_payload_t.set_transforms.
  */
-static void set_signer(private_encryption_payload_t *this, signer_t* signer)
+static void set_transforms(private_encryption_payload_t *this, crypter_t* crypter, signer_t* signer)
 {
        this->signer = signer;
+       this->crypter = crypter;
 }
 
 /**
@@ -505,6 +499,9 @@ static void generate(private_encryption_payload_t *this)
        generator_t *generator;
        iterator_t *iterator;
        
+       /* recalculate length before generating */
+       this->compute_length(this);
+       
        /* create iterator */
        iterator = this->payloads->create_iterator(this->payloads, TRUE);
        
@@ -530,7 +527,6 @@ static void generate(private_encryption_payload_t *this)
        {
                iterator->current(iterator, (void**)&next_payload);
                current_payload->set_next_type(current_payload, next_payload->get_type(next_payload));
-               
                generator->generate_payload(generator, current_payload);
                current_payload = next_payload;
        }
@@ -574,12 +570,14 @@ static status_t parse(private_encryption_payload_t *this)
                status = parser->parse_payload(parser, current_payload_type, (payload_t**)&current_payload);
                if (status != SUCCESS)
                {
+                       parser->destroy(parser);
                        return PARSE_ERROR;
                }
                
                status = current_payload->verify(current_payload);
                if (status != SUCCESS)
                {
+                       parser->destroy(parser);
                        return VERIFY_ERROR;
                }
 
@@ -588,6 +586,7 @@ static status_t parse(private_encryption_payload_t *this)
                
                this->payloads->insert_last(this->payloads,current_payload);
        }
+       parser->destroy(parser);
        return SUCCESS;
 }
 
@@ -597,9 +596,10 @@ static status_t parse(private_encryption_payload_t *this)
 static void compute_length(private_encryption_payload_t *this)
 {
        iterator_t *iterator;
-       size_t length = ENCRYPTION_PAYLOAD_HEADER_LENGTH;
+       size_t block_size, length = 0;
        iterator = this->payloads->create_iterator(this->payloads, TRUE);
 
+       /* count payload length */
        while (iterator->has_next(iterator))
        {
                payload_t *current_payload;
@@ -608,8 +608,20 @@ static void compute_length(private_encryption_payload_t *this)
        }
        iterator->destroy(iterator);
        
+       if (this->crypter && this->signer)
+       {
+               /* append one byte for padding length */
+               length++;
+               /* append padding */
+               block_size = this->crypter->get_block_size(this->crypter);
+               length += block_size - length % block_size;
+               /* add iv */
+               length += block_size;
+               /* add signature */
+               length += this->signer->get_block_size(this->signer);
+       }
+       length += ENCRYPTION_PAYLOAD_HEADER_LENGTH;
        this->payload_length = length;
-
 }
 
 /*
@@ -631,9 +643,9 @@ encryption_payload_t *encryption_payload_create()
        /* public functions */
        this->public.create_payload_iterator = (iterator_t * (*) (encryption_payload_t *,bool)) create_payload_iterator;
        this->public.add_payload = (void (*) (encryption_payload_t *,payload_t *)) add_payload;
-       this->public.encrypt = (status_t (*) (encryption_payload_t *, crypter_t*)) encrypt;
-       this->public.decrypt = (status_t (*) (encryption_payload_t *, crypter_t*)) decrypt;
-       this->public.set_signer = (void (*) (encryption_payload_t *,signer_t*)) set_signer;
+       this->public.encrypt = (status_t (*) (encryption_payload_t *)) encrypt;
+       this->public.decrypt = (status_t (*) (encryption_payload_t *)) decrypt;
+       this->public.set_transforms = (void (*) (encryption_payload_t*,crypter_t*,signer_t*)) set_transforms;
        this->public.build_signature = (status_t (*) (encryption_payload_t*, chunk_t)) build_signature;
        this->public.verify_signature = (status_t (*) (encryption_payload_t*, chunk_t)) verify_signature;
        this->public.destroy = (void (*) (encryption_payload_t *)) destroy;
@@ -647,11 +659,10 @@ encryption_payload_t *encryption_payload_create()
        this->critical = TRUE;
        this->next_payload = NO_PAYLOAD;
        this->payload_length = ENCRYPTION_PAYLOAD_HEADER_LENGTH;
-       this->iv = CHUNK_INITIALIZER;
        this->encrypted = CHUNK_INITIALIZER;
        this->decrypted = CHUNK_INITIALIZER;
-       this->checksum = CHUNK_INITIALIZER;
        this->signer = NULL;
+       this->crypter = NULL;
        this->payloads = linked_list_create();
        
        return (&(this->public));
index caf7e6b..8b2f061 100644 (file)
@@ -67,24 +67,77 @@ struct encryption_payload_t {
        void (*add_payload) (encryption_payload_t *this, payload_t *payload);
        
        /**
-        * @brief Decrypt and return contained data.
+        * @brief Set transforms to use.
         * 
-        * Decrypt the contained data (encoded payloads) using supplied crypter.
+        * To decryption, encryption, signature building and verifying,
+        * the payload needs a crypter and a signer object.
+        * 
+        * @warning Do NOT call this function twice!
         *
         * @param this                  calling encryption_payload_t
-        * @param crypter               crypter_t to use for data decryption
-        * @param[out]data              resulting data in decrypted and unpadded form
-        * @return                              
-        *                                              - SUCCESS, or
-        *                                              - FAILED if crypter does not match data
+        * @param crypter               crypter_t to use for data de-/encryption
+        * @param signer                signer_t to use for data signing/verifying
         */
+       void (*set_transforms) (encryption_payload_t *this, crypter_t *crypter, signer_t *signer);
        
-       void (*set_signer) (encryption_payload_t *this, signer_t *signer); 
+       /**
+        * @brief Generate and encrypt contained payloads.
+        * 
+        * This function generates the content for added payloads
+        * and encrypts them. Signature is not built, since we need
+        * additional data (the full message).
+        *
+        * @param this                  calling encryption_payload_t
+        * @return
+        *                                              - SUCCESS, or
+        *                                              - INVALID_STATE if transforms not set
+        */
+       status_t (*encrypt) (encryption_payload_t *this);
        
-       status_t (*encrypt) (encryption_payload_t *this, crypter_t *crypter);
-       status_t (*decrypt) (encryption_payload_t *this, crypter_t *crypter);
+       /**
+        * @brief Decrypt and parse contained payloads.
+        * 
+        * This function decrypts the contained data. After, 
+        * the payloads are parsed internally and are accessible
+        * via the iterator.
+        *
+        * @param this                  calling encryption_payload_t
+        * @return
+        *                                              - SUCCESS, or
+        *                                              - INVALID_STATE if transforms not set, or
+        *                                              - FAILED if data is invalid
+        */
+       status_t (*decrypt) (encryption_payload_t *this);
        
+       /**
+        * @brief Build the signature.
+        * 
+        * The signature is built over the FULL message, so the header
+        * and every payload (inclusive this one) must already be generated.
+        * The generated message is supplied via the data paramater.
+        * 
+        * @param this                  calling encryption_payload_t
+        * @param data                  chunk contains the already generated message
+        * @return
+        *                                              - SUCCESS, or
+        *                                              - INVALID_STATE if transforms not set
+        */
        status_t (*build_signature) (encryption_payload_t *this, chunk_t data);
+               
+       /**
+        * @brief Verify the signature.
+        * 
+        * Since the signature is built over the full message, we need
+        * this data to do the verification. The message data
+        * is supplied via the data argument.
+        * 
+        * @param this                  calling encryption_payload_t
+        * @param data                  chunk contains the message 
+        * @return
+        *                                              - SUCCESS, or
+        *                                              - FAILED if signature invalid, or
+        *                                              - INVALID_STATE if transforms not set
+        */
        status_t (*verify_signature) (encryption_payload_t *this, chunk_t data);
 
        /**
index bc68cb1..edc4479 100644 (file)
@@ -31,6 +31,7 @@
 #include <encoding/payloads/ke_payload.h>
 #include <encoding/payloads/notify_payload.h>
 #include <encoding/payloads/auth_payload.h>
+#include <encoding/payloads/encryption_payload.h>
 #include <encoding/payloads/ts_payload.h>
 
 /*
@@ -97,6 +98,8 @@ payload_t *payload_create(payload_type_t type)
                        return (payload_t*)ke_payload_create();
                case NOTIFY:
                        return (payload_t*)notify_payload_create();
+               case ENCRYPTED:
+                       return (payload_t*)encryption_payload_create();
                default:
                        return NULL;
        }
index bc1a537..abee371 100644 (file)
@@ -103,5 +103,9 @@ $(BUILD_DIR)sender_test.o :                 $(TESTCASES_DIR)sender_test.c $(TESTCASES_DIR)send
 TEST_OBJS+= $(BUILD_DIR)thread_pool_test.o
 $(BUILD_DIR)thread_pool_test.o :       $(TESTCASES_DIR)thread_pool_test.c $(TESTCASES_DIR)thread_pool_test.h
                                                                        $(CC) $(CFLAGS) -c -o $@ $<
+                                                                       
+TEST_OBJS+= $(BUILD_DIR)encryption_payload_test.o
+$(BUILD_DIR)encryption_payload_test.o :        $(TESTCASES_DIR)encryption_payload_test.c $(TESTCASES_DIR)encryption_payload_test.h
+                                                                       $(CC) $(CFLAGS) -c -o $@ $<
 
 
diff --git a/Source/charon/testcases/encryption_payload_test.c b/Source/charon/testcases/encryption_payload_test.c
new file mode 100644 (file)
index 0000000..c824fe4
--- /dev/null
@@ -0,0 +1,138 @@
+/**
+ * @file encryption_payload_test.c
+ * 
+ * @brief Tests for the encryption_payload_t class.
+ * 
+ */
+
+/*
+ * Copyright (C) 2005 Jan Hutter, Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+#include "encryption_payload_test.h"
+
+#include <daemon.h>
+#include <utils/logger_manager.h>
+#include <utils/allocator.h>
+#include <encoding/generator.h>
+#include <encoding/parser.h>
+#include <encoding/payloads/encryption_payload.h>
+#include <encoding/payloads/nonce_payload.h>
+#include <transforms/crypters/crypter.h>
+#include <transforms/signers/signer.h>
+
+/* 
+ * described in Header-File
+ */
+void test_encryption_payload(tester_t *tester)
+{
+       encryption_payload_t *encryption_payload;
+       nonce_payload_t *nonce_payload; 
+       crypter_t *crypter;
+       signer_t *signer;
+       chunk_t nonce, got_nonce;
+       chunk_t data;
+       chunk_t key;
+       generator_t *generator;
+       parser_t *parser;
+       status_t status;
+       logger_t *logger;
+       iterator_t *iterator;
+       
+       
+       u_int8_t key_bytes[]  = {
+               0x01,0x01,0x01,0x01,
+               0x01,0x01,0x01,0x01,
+               0x01,0x01,0x01,0x01,
+               0x01,0x01,0x01,0x01
+       };
+       key.ptr = key_bytes;
+       key.len = sizeof(key_bytes);
+       
+       logger = charon->logger_manager->create_logger(charon->logger_manager, TESTER, NULL);
+       
+       nonce.ptr = "test text und so...";
+       nonce.len = strlen(nonce.ptr) +1;
+       
+       logger->log_chunk(logger, RAW, "nonce", &nonce);
+       
+       encryption_payload = encryption_payload_create();
+       nonce_payload = nonce_payload_create();
+       nonce_payload->set_nonce(nonce_payload, nonce);
+       
+       encryption_payload->add_payload(encryption_payload, (payload_t*)nonce_payload);
+       signer = signer_create(AUTH_HMAC_SHA1_96);
+       crypter = crypter_create(ENCR_AES_CBC, 16);
+       
+       signer->set_key(signer, key);
+       crypter->set_key(crypter, key);
+       
+       
+       
+       /* generating */
+               
+       encryption_payload->set_transforms(encryption_payload, crypter, signer);
+       
+       logger->log(logger, RAW, "encrypt");
+       status = encryption_payload->encrypt(encryption_payload);
+       tester->assert_true(tester, (status == SUCCESS), "encryption");
+       
+       generator = generator_create();
+       generator->generate_payload(generator, (payload_t*)encryption_payload);
+       
+       generator->write_to_chunk(generator, &data);
+       logger->log_chunk(logger, RAW, "generated data", &data);
+       
+       encryption_payload->build_signature(encryption_payload, data);
+       logger->log_chunk(logger, RAW, "generated data", &data);
+       
+       encryption_payload->destroy(encryption_payload);
+       
+       
+       /* parsing */
+       
+       parser = parser_create(data);
+       status = parser->parse_payload(parser, ENCRYPTED, (payload_t**)&encryption_payload);
+       tester->assert_true(tester, (status == SUCCESS), "parsing");
+       
+       encryption_payload->set_transforms(encryption_payload, crypter, signer);
+       status = encryption_payload->verify_signature(encryption_payload, data);
+       tester->assert_true(tester, (status == SUCCESS), "signature verification");
+       
+       status = encryption_payload->decrypt(encryption_payload);
+       tester->assert_true(tester, (status == SUCCESS), "decryption");
+       
+       
+       iterator = encryption_payload->create_payload_iterator(encryption_payload, TRUE);
+       while (iterator->has_next(iterator))
+       {
+               iterator->current(iterator, (void**)&nonce_payload);
+               nonce_payload->get_nonce(nonce_payload, &got_nonce);
+       }
+       iterator->destroy(iterator);
+       
+       
+       tester->assert_true(tester, (got_nonce.len == nonce.len), "decrypted nonce");
+       tester->assert_false(tester, memcmp(nonce.ptr, got_nonce.ptr, nonce.len), "decrypted nonce");
+       
+       logger->log_chunk(logger, RAW, "nonce", &got_nonce);
+       
+       allocator_free(data.ptr);
+       allocator_free(got_nonce.ptr);
+       encryption_payload->destroy(encryption_payload);
+       crypter->destroy(crypter);
+       signer->destroy(signer);
+       generator->destroy(generator);
+       parser->destroy(parser);
+}
diff --git a/Source/charon/testcases/encryption_payload_test.h b/Source/charon/testcases/encryption_payload_test.h
new file mode 100644 (file)
index 0000000..3bc72ce
--- /dev/null
@@ -0,0 +1,37 @@
+/**
+ * @file encryption_payload_test.h
+ * 
+ * @brief Tests for the encryption_payload_t class.
+ * 
+ */
+
+/*
+ * Copyright (C) 2005 Jan Hutter, Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef ENCRYPTION_PAYLOAD_TEST_H_
+#define ENCRYPTION_PAYLOAD_TEST_H_
+
+#include <utils/tester.h>
+
+/**
+ * @brief Test function used to test the encryption_payload_t functionality.
+ *
+ * @param tester associated tester object
+ * 
+ * @ingroup testcases
+ */
+void test_encryption_payload(tester_t *tester);
+
+#endif /*ENCRYPTION_PAYLOAD_TEST_H_*/
index 6a8ddcd..e62ba5f 100644 (file)
@@ -55,6 +55,7 @@
 #include <testcases/prf_plus_test.h>
 #include <testcases/aes_cbc_crypter_test.h>
 #include <testcases/hmac_signer_test.h>
+#include <testcases/encryption_payload_test.h>
 
 /* output for test messages */
 extern FILE * stderr;
@@ -102,6 +103,7 @@ test_t prf_plus_test = {test_prf_plus, "prf+"};
 test_t aes_cbc_crypter_test = {test_aes_cbc_crypter, "AES CBC"};
 test_t hmac_signer_test1 = {test_hmac_md5_signer, "HMAC MD5 signer test"};
 test_t hmac_signer_test2 = {test_hmac_sha1_signer, "HMAC SHA1 signer test"};
+test_t encryption_payload_test = {test_encryption_payload, "encryption payload test"};
 
 
 daemon_t* charon;
@@ -194,19 +196,20 @@ int main()
                &aes_cbc_crypter_test,
                &hmac_signer_test1,
                &hmac_signer_test2,
+               &encryption_payload_test,
                NULL
        };
  
        daemon_create();
  
        charon->logger_manager->disable_logger_level(charon->logger_manager,TESTER,FULL);
-       charon->logger_manager->enable_logger_level(charon->logger_manager,TESTER,RAW);
+       //charon->logger_manager->enable_logger_level(charon->logger_manager,TESTER,RAW);
        
        tester_t *tester = tester_create(test_output, FALSE);
        
+       tester->perform_tests(tester,all_tests);
+       //tester->perform_test(tester,&encryption_payload_test); 
        
-//     tester->perform_tests(tester,all_tests);
-       tester->perform_test(tester,&parser_test8); 
        
        
        tester->destroy(tester);