diff options
Diffstat (limited to 'Source/charon')
| -rw-r--r-- | Source/charon/encoding/generator.c | 14 | ||||
| -rw-r--r-- | Source/charon/encoding/parser.c | 12 | ||||
| -rw-r--r-- | Source/charon/encoding/payloads/Makefile.payloads | 4 | ||||
| -rw-r--r-- | Source/charon/encoding/payloads/auth_payload.c | 271 | ||||
| -rw-r--r-- | Source/charon/encoding/payloads/auth_payload.h | 138 | ||||
| -rw-r--r-- | Source/charon/encoding/payloads/encodings.c | 1 | ||||
| -rw-r--r-- | Source/charon/encoding/payloads/encodings.h | 10 | ||||
| -rw-r--r-- | Source/charon/encoding/payloads/id_payload.c | 22 | ||||
| -rw-r--r-- | Source/charon/encoding/payloads/payload.c | 3 | ||||
| -rw-r--r-- | Source/charon/testcases/generator_test.c | 53 | ||||
| -rw-r--r-- | Source/charon/testcases/generator_test.h | 9 | ||||
| -rw-r--r-- | Source/charon/testcases/parser_test.c | 40 | ||||
| -rw-r--r-- | Source/charon/testcases/parser_test.h | 10 | ||||
| -rw-r--r-- | Source/charon/testcases/testcases.c | 4 |
14 files changed, 570 insertions, 21 deletions
diff --git a/Source/charon/encoding/generator.c b/Source/charon/encoding/generator.c index cfe8b815f..a8e02316f 100644 --- a/Source/charon/encoding/generator.c +++ b/Source/charon/encoding/generator.c @@ -41,6 +41,7 @@ #include <encoding/payloads/notify_payload.h> #include <encoding/payloads/nonce_payload.h> #include <encoding/payloads/id_payload.h> +#include <encoding/payloads/auth_payload.h> typedef struct private_generator_t private_generator_t; @@ -773,6 +774,19 @@ static void generate_payload (private_generator_t *this,payload_t *payload) this->write_bytes_to_buffer_at_offset(this,&int16_val,sizeof(u_int16_t),payload_length_position_offset); break; } + case AUTH_DATA: + { + /* the AUTH Data value is generated from chunk */ + this->generate_from_chunk(this, rules[i].offset); + + u_int32_t payload_length_position_offset = this->last_payload_length_position_offset; + /* Length of nonce PAYLOAD is calculated */ + u_int16_t length_of_auth_payload = AUTH_PAYLOAD_HEADER_LENGTH + ((chunk_t *)(this->data_struct + rules[i].offset))->len; + u_int16_t int16_val = htons(length_of_auth_payload); + + this->write_bytes_to_buffer_at_offset(this,&int16_val,sizeof(u_int16_t),payload_length_position_offset); + break; + } case PROPOSALS: { /* before iterative generate the transforms, store the current payload length position */ diff --git a/Source/charon/encoding/parser.c b/Source/charon/encoding/parser.c index 1bfb98d1e..b69819873 100644 --- a/Source/charon/encoding/parser.c +++ b/Source/charon/encoding/parser.c @@ -42,7 +42,7 @@ #include <encoding/payloads/id_payload.h> #include <encoding/payloads/notify_payload.h> #include <encoding/payloads/encryption_payload.h> - +#include <encoding/payloads/auth_payload.h> typedef struct private_parser_t private_parser_t; @@ -815,6 +815,16 @@ static status_t parse_payload(private_parser_t *this, payload_type_t payload_typ } break; } + case AUTH_DATA: + { + size_t data_length = payload_length - AUTH_PAYLOAD_HEADER_LENGTH; + if (this->parse_chunk(this, rule_number, output + rule->offset, data_length) != SUCCESS) + { + pld->destroy(pld); + return PARSE_ERROR; + } + break; + } case KEY_EXCHANGE_DATA: { size_t keydata_length = payload_length - KE_PAYLOAD_HEADER_LENGTH; diff --git a/Source/charon/encoding/payloads/Makefile.payloads b/Source/charon/encoding/payloads/Makefile.payloads index 0f71d189f..da2587eb8 100644 --- a/Source/charon/encoding/payloads/Makefile.payloads +++ b/Source/charon/encoding/payloads/Makefile.payloads @@ -37,6 +37,10 @@ $(BUILD_DIR)notify_payload.o : $(PAYLOADS_DIR)notify_payload.c $(PAYLOADS_DIR) OBJS+= $(BUILD_DIR)id_payload.o $(BUILD_DIR)id_payload.o : $(PAYLOADS_DIR)id_payload.c $(PAYLOADS_DIR)id_payload.h $(CC) $(CFLAGS) -c -o $@ $< + +OBJS+= $(BUILD_DIR)auth_payload.o +$(BUILD_DIR)auth_payload.o : $(PAYLOADS_DIR)auth_payload.c $(PAYLOADS_DIR)auth_payload.h + $(CC) $(CFLAGS) -c -o $@ $< OBJS+= $(BUILD_DIR)payload.o $(BUILD_DIR)payload.o : $(PAYLOADS_DIR)payload.c $(PAYLOADS_DIR)payload.h diff --git a/Source/charon/encoding/payloads/auth_payload.c b/Source/charon/encoding/payloads/auth_payload.c new file mode 100644 index 000000000..d5af17ff5 --- /dev/null +++ b/Source/charon/encoding/payloads/auth_payload.c @@ -0,0 +1,271 @@ +/** + * @file auth_payload.h + * + * @brief Interface of auth_payload_t. + * + */ + +/* + * Copyright (C) 2005 Jan Hutter, Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "auth_payload.h" + +#include <encoding/payloads/encodings.h> +#include <utils/allocator.h> + +/** + * String mappings for auth_method_t. + */ +mapping_t auth_method_m[] = { +{RSA_DIGITAL_SIGNATURE, "RSA_DIGITAL_SIGNATURE"}, +{SHARED_KEY_MESSAGE_INTEGRITY_CODE, "SHARED_KEY_MESSAGE_INTEGRITY_CODE"}, +{DSS_DIGITAL_SIGNATURE, "DSS_DIGITAL_SIGNATURE"}, +{MAPPING_END, NULL} +}; + + +typedef struct private_auth_payload_t private_auth_payload_t; + +/** + * Private data of an auth_payload_t object. + * + */ +struct private_auth_payload_t { + /** + * Public auth_payload_t interface. + */ + auth_payload_t public; + + /** + * Next payload type. + */ + u_int8_t next_payload; + + /** + * Critical flag. + */ + bool critical; + + /** + * Length of this payload. + */ + u_int16_t payload_length; + + /** + * Method of the AUTH Data. + */ + u_int8_t auth_method; + + /** + * The contained auth data value. + */ + chunk_t auth_data; +}; + +/** + * Encoding rules to parse or generate a AUTH payload + * + * The defined offsets are the positions in a object of type + * private_auth_payload_t. + * + */ +encoding_rule_t auth_payload_encodings[] = { + /* 1 Byte next payload type, stored in the field next_payload */ + { U_INT_8, offsetof(private_auth_payload_t, next_payload) }, + /* the critical bit */ + { FLAG, offsetof(private_auth_payload_t, critical) }, + /* 7 Bit reserved bits, nowhere stored */ + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + /* Length of the whole payload*/ + { PAYLOAD_LENGTH, offsetof(private_auth_payload_t, payload_length)}, + /* 1 Byte AUTH type*/ + { U_INT_8, offsetof(private_auth_payload_t, auth_method) }, + /* 3 reserved bytes */ + { RESERVED_BYTE, 0 }, + { RESERVED_BYTE, 0 }, + { RESERVED_BYTE, 0 }, + /* some auth data bytes, length is defined in PAYLOAD_LENGTH */ + { AUTH_DATA, offsetof(private_auth_payload_t, auth_data) } +}; + +/* + 1 2 3 + 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + ! Next Payload !C! RESERVED ! Payload Length ! + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + ! Auth Method ! RESERVED ! + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + ! ! + ~ Authentication Data ~ + ! ! + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +*/ + +/** + * Implementation of payload_t.verify. + */ +static status_t verify(private_auth_payload_t *this) +{ + if (this->critical) + { + /* critical bit is set! */ + return FAILED; + } + if ((this->auth_method == 0) || + ((this->auth_method >= 4) && (this->auth_method <= 200))) + { + /* reserved IDs */ + return FAILED; + } + return SUCCESS; +} + +/** + * Implementation of auth_payload_t.get_encoding_rules. + */ +static void get_encoding_rules(private_auth_payload_t *this, encoding_rule_t **rules, size_t *rule_count) +{ + *rules = auth_payload_encodings; + *rule_count = sizeof(auth_payload_encodings) / sizeof(encoding_rule_t); +} + +/** + * Implementation of payload_t.get_type. + */ +static payload_type_t get_payload_type(private_auth_payload_t *this) +{ + return AUTHENTICATION; +} + +/** + * Implementation of payload_t.get_next_type. + */ +static payload_type_t get_next_type(private_auth_payload_t *this) +{ + return (this->next_payload); +} + +/** + * Implementation of payload_t.set_next_type. + */ +static void set_next_type(private_auth_payload_t *this,payload_type_t type) +{ + this->next_payload = type; +} + +/** + * Implementation of payload_t.get_length. + */ +static size_t get_length(private_auth_payload_t *this) +{ + return this->payload_length; +} + +/** + * Implementation of auth_payload_t.set_auth_method. + */ +static void set_auth_method (private_auth_payload_t *this, auth_method_t method) +{ + this->auth_method = method; +} + +/** + * Implementation of auth_payload_t.get_auth_method. + */ +static auth_method_t get_auth_method (private_auth_payload_t *this) +{ + return (this->auth_method); +} + +/** + * Implementation of auth_payload_t.set_data. + */ +static void set_data (private_auth_payload_t *this, chunk_t data) +{ + if (this->auth_data.ptr != NULL) + { + allocator_free_chunk(&(this->auth_data)); + } + this->auth_data.ptr = allocator_clone_bytes(data.ptr,data.len); + this->auth_data.len = data.len; + this->payload_length = AUTH_PAYLOAD_HEADER_LENGTH + this->auth_data.len; +} + +/** + * Implementation of auth_payload_t.get_data. + */ +static chunk_t get_data (private_auth_payload_t *this) +{ + chunk_t cloned_data; + if (this->auth_data.ptr == NULL) + { + return (this->auth_data); + } + cloned_data.ptr = allocator_clone_bytes(this->auth_data.ptr,this->auth_data.len); + cloned_data.len = this->auth_data.len; + return cloned_data; +} + +/** + * Implementation of payload_t.destroy and auth_payload_t.destroy. + */ +static void destroy(private_auth_payload_t *this) +{ + if (this->auth_data.ptr != NULL) + { + allocator_free_chunk(&(this->auth_data)); + } + + allocator_free(this); +} + +/* + * Described in header + */ +auth_payload_t *auth_payload_create() +{ + private_auth_payload_t *this = allocator_alloc_thing(private_auth_payload_t); + + /* interface functions */ + this->public.payload_interface.verify = (status_t (*) (payload_t *))verify; + this->public.payload_interface.get_encoding_rules = (void (*) (payload_t *, encoding_rule_t **, size_t *) ) get_encoding_rules; + this->public.payload_interface.get_length = (size_t (*) (payload_t *)) get_length; + this->public.payload_interface.get_next_type = (payload_type_t (*) (payload_t *)) get_next_type; + this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; + this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_payload_type; + this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; + + /* public functions */ + this->public.destroy = (void (*) (auth_payload_t *)) destroy; + this->public.set_auth_method = (void (*) (auth_payload_t *,auth_method_t)) set_auth_method; + this->public.get_auth_method = (auth_method_t (*) (auth_payload_t *)) get_auth_method; + this->public.set_data = (void (*) (auth_payload_t *,chunk_t)) set_data; + this->public.get_data = (chunk_t (*) (auth_payload_t *)) get_data; + + /* private variables */ + this->critical = FALSE; + this->next_payload = NO_PAYLOAD; + this->payload_length =AUTH_PAYLOAD_HEADER_LENGTH; + this->auth_data = CHUNK_INITIALIZER; + + return (&(this->public)); +} diff --git a/Source/charon/encoding/payloads/auth_payload.h b/Source/charon/encoding/payloads/auth_payload.h new file mode 100644 index 000000000..3a2d4459d --- /dev/null +++ b/Source/charon/encoding/payloads/auth_payload.h @@ -0,0 +1,138 @@ +/** + * @file auth_payload.h + * + * @brief Interface of auth_payload_t. + * + */ + +/* + * Copyright (C) 2005 Jan Hutter, Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + + +#ifndef _AUTH_PAYLOAD_H_ +#define _AUTH_PAYLOAD_H_ + +#include <types.h> +#include <encoding/payloads/payload.h> + +/** + * Length of a auth payload without the auth data in bytes. + * + * @ingroup payloads + */ +#define AUTH_PAYLOAD_HEADER_LENGTH 8 + + +typedef enum auth_method_t auth_method_t; + +/** + * AUTH Method of a AUTH payload. + * + * @ingroup payloads + */ +enum auth_method_t { + /** + * Computed as specified in section 2.15 of draft using + * an RSA private key over a PKCS#1 padded hash. + */ + RSA_DIGITAL_SIGNATURE = 1, + + /* Computed as specified in + * section 2.15 of draft using the shared key associated with the identity + * in the ID payload and the negotiated prf function + */ + SHARED_KEY_MESSAGE_INTEGRITY_CODE = 2, + + /* Computed as specified in section + * 2.15 of draft using a DSS private key over a SHA-1 hash. + */ + DSS_DIGITAL_SIGNATURE = 3, +}; + +extern mapping_t auth_method_m[]; + + +typedef struct auth_payload_t auth_payload_t; + +/** + * Object representing an IKEv2 AUTH payload. + * + * The AUTH payload format is described in draft section 3.8. + * + * @ingroup payloads + * + */ +struct auth_payload_t { + /** + * The payload_t interface. + */ + payload_t payload_interface; + + /** + * @brief Set the AUTH method. + * + * + * @param this calling auth_payload_t object + * @param method Method of AUTH + */ + void (*set_auth_method) (auth_payload_t *this, auth_method_t method); + + /** + * @brief Get the AUTH method. + * + * @param this calling auth_payload_t object + * @return Method of the AUTH + */ + auth_method_t (*get_auth_method) (auth_payload_t *this); + + /** + * @brief Set the AUTH data. + * + * Data are getting cloned. + * + * @param this calling auth_payload_t object + * @param data AUTH data as chunk_t + */ + void (*set_data) (auth_payload_t *this, chunk_t data); + + /** + * @brief Get the AUTH data. + * + * Returned data are a copy of the internal one + * + * @param this calling auth_payload_t object + * @return AUTH data as chunk_t + */ + chunk_t (*get_data) (auth_payload_t *this); + + /** + * @brief Destroys an auth_payload_t object. + * + * @param this auth_payload_t object to destroy + */ + void (*destroy) (auth_payload_t *this); +}; + +/** + * @brief Creates an empty auth_payload_t object. + * + * @return created auth_payload_t object + * + * @ingroup payloads + */ +auth_payload_t *auth_payload_create(); + + +#endif //_AUTH_PAYLOAD_H_ diff --git a/Source/charon/encoding/payloads/encodings.c b/Source/charon/encoding/payloads/encodings.c index 5d42542f7..1619dde49 100644 --- a/Source/charon/encoding/payloads/encodings.c +++ b/Source/charon/encoding/payloads/encodings.c @@ -49,6 +49,7 @@ mapping_t encoding_type_m[] = { {ATTRIBUTE_VALUE, "ATTRIBUTE_VALUE"}, {NONCE_DATA, "NONCE_DATA"}, {ID_DATA, "ID_DATA"}, + {AUTH_DATA, "AUTH_DATA"}, {ENCRYPTED_DATA, "ENCRYPTED_DATA"}, {MAPPING_END, NULL} }; diff --git a/Source/charon/encoding/payloads/encodings.h b/Source/charon/encoding/payloads/encodings.h index d39453a49..106419bf2 100644 --- a/Source/charon/encoding/payloads/encodings.h +++ b/Source/charon/encoding/payloads/encodings.h @@ -318,6 +318,16 @@ enum encoding_type_t{ * When parsing (Payload Length - 8) bytes are read and written into the chunk pointing to. */ ID_DATA, + + /** + * Representating a AUTH Data field. + * + * When generating the content of the chunkt pointing to + * is written. + * + * When parsing (Payload Length - 8) bytes are read and written into the chunk pointing to. + */ + AUTH_DATA, /** * Representating an IKE_SPI field in an IKEv2 Header. diff --git a/Source/charon/encoding/payloads/id_payload.c b/Source/charon/encoding/payloads/id_payload.c index 9691522f0..6201dcce1 100644 --- a/Source/charon/encoding/payloads/id_payload.c +++ b/Source/charon/encoding/payloads/id_payload.c @@ -81,13 +81,6 @@ struct private_id_payload_t { * The contained id data value. */ chunk_t id_data; - - /** - * @brief Computes the length of this payload. - * - * @param this calling private_id_payload_t object - */ - void (*compute_length) (private_id_payload_t *this); }; /** @@ -196,7 +189,6 @@ static void set_next_type(private_id_payload_t *this,payload_type_t type) */ static size_t get_length(private_id_payload_t *this) { - this->compute_length(this); return this->payload_length; } @@ -227,6 +219,7 @@ static void set_data (private_id_payload_t *this, chunk_t data) } this->id_data.ptr = allocator_clone_bytes(data.ptr,data.len); this->id_data.len = data.len; + this->payload_length = ID_PAYLOAD_HEADER_LENGTH + this->id_data.len; } /** @@ -261,14 +254,6 @@ static void set_initiator (private_id_payload_t *this,bool is_initiator) } /** - * Implementation of private_id_payload_t.compute_length. - */ -static void compute_length(private_id_payload_t *this) -{ - this->payload_length = ID_PAYLOAD_HEADER_LENGTH + this->id_data.len; -} - -/** * Implementation of payload_t.destroy and id_payload_t.destroy. */ static void destroy(private_id_payload_t *this) @@ -305,10 +290,7 @@ id_payload_t *id_payload_create(bool is_initiator) this->public.get_data = (chunk_t (*) (id_payload_t *)) get_data; this->public.get_initiator = (bool (*) (id_payload_t *)) get_initiator; this->public.set_initiator = (void (*) (id_payload_t *,bool)) set_initiator; - - /* private functions */ - this->compute_length = compute_length; - + /* private variables */ this->critical = FALSE; this->next_payload = NO_PAYLOAD; diff --git a/Source/charon/encoding/payloads/payload.c b/Source/charon/encoding/payloads/payload.c index 845250da4..fd25aa4c6 100644 --- a/Source/charon/encoding/payloads/payload.c +++ b/Source/charon/encoding/payloads/payload.c @@ -30,6 +30,7 @@ #include <encoding/payloads/id_payload.h> #include <encoding/payloads/ke_payload.h> #include <encoding/payloads/notify_payload.h> +#include <encoding/payloads/auth_payload.h> @@ -86,6 +87,8 @@ payload_t *payload_create(payload_type_t type) return (payload_t*)id_payload_create(TRUE); case ID_RESPONDER: return (payload_t*)id_payload_create(FALSE); + case AUTHENTICATION: + return (payload_t*)auth_payload_create(); case KEY_EXCHANGE: return (payload_t*)ke_payload_create(); case NOTIFY: diff --git a/Source/charon/testcases/generator_test.c b/Source/charon/testcases/generator_test.c index b3faa9966..d53a8e7ce 100644 --- a/Source/charon/testcases/generator_test.c +++ b/Source/charon/testcases/generator_test.c @@ -39,6 +39,7 @@ #include <encoding/payloads/notify_payload.h> #include <encoding/payloads/nonce_payload.h> #include <encoding/payloads/id_payload.h> +#include <encoding/payloads/auth_payload.h> /* * Described in Header @@ -785,3 +786,55 @@ void test_generator_with_id_payload(tester_t *tester) charon->logger_manager->destroy_logger(charon->logger_manager,logger); } +/* + * Described in header. + */ +void test_generator_with_auth_payload(tester_t *tester) +{ + generator_t *generator; + auth_payload_t *auth_payload; + logger_t *logger; + chunk_t generated_data; + chunk_t auth; + + logger = charon->logger_manager->create_logger(charon->logger_manager,TESTER,"Message with AUTH Payload"); + + /* create generator */ + generator = generator_create(); + tester->assert_true(tester,(generator != NULL), "generator create check"); + + auth_payload = auth_payload_create(FALSE); + + + auth.ptr = "123456789012"; + auth.len = strlen(auth.ptr); + + auth_payload->set_auth_method(auth_payload,SHARED_KEY_MESSAGE_INTEGRITY_CODE); + auth_payload->set_data(auth_payload,auth); + + generator->generate_payload(generator,(payload_t *)auth_payload); + generator->write_to_chunk(generator,&generated_data); + logger->log_chunk(logger,RAW,"generated payload",&generated_data); + + + u_int8_t expected_generation[] = { + /* payload header */ + 0x00,0x00,0x00,0x14, + 0x02,0x00,0x00,0x00, + /* auth data */ + 0x31,0x32,0x33,0x34, + 0x35,0x36,0x37,0x38, + 0x39,0x30,0x31,0x32, + }; + + logger->log_bytes(logger,RAW,"expected payload",expected_generation,sizeof(expected_generation)); + + tester->assert_true(tester,(memcmp(expected_generation,generated_data.ptr,sizeof(expected_generation)) == 0), "compare generated data"); + + allocator_free_chunk(&generated_data); + + auth_payload->destroy(auth_payload); + generator->destroy(generator); + + charon->logger_manager->destroy_logger(charon->logger_manager,logger); +} diff --git a/Source/charon/testcases/generator_test.h b/Source/charon/testcases/generator_test.h index 02b050fd8..c0f2a6206 100644 --- a/Source/charon/testcases/generator_test.h +++ b/Source/charon/testcases/generator_test.h @@ -107,5 +107,14 @@ void test_generator_with_nonce_payload(tester_t *tester); */ void test_generator_with_id_payload(tester_t *tester); +/** + * @brief Test function used to test the generator with AUTH payload. + * + * @param tester associated tester_t object + * + * @ingroup testcases + */ +void test_generator_with_auth_payload(tester_t *tester); + #endif /*GENERATOR_TEST_H_*/ diff --git a/Source/charon/testcases/parser_test.c b/Source/charon/testcases/parser_test.c index 928d96959..f07773504 100644 --- a/Source/charon/testcases/parser_test.c +++ b/Source/charon/testcases/parser_test.c @@ -35,6 +35,7 @@ #include <encoding/payloads/id_payload.h> #include <encoding/payloads/ke_payload.h> #include <encoding/payloads/notify_payload.h> +#include <encoding/payloads/auth_payload.h> @@ -345,3 +346,42 @@ void test_parser_with_notify_payload(tester_t *tester) notify_payload->destroy(notify_payload); } + +/* + * Described in Header + */ +void test_parser_with_auth_payload(tester_t *tester) +{ + parser_t *parser; + auth_payload_t *auth_payload; + status_t status; + chunk_t auth_chunk, result; + + u_int8_t auth_bytes[] = { + 0x00,0x00,0x00,0x14, /* payload header */ + 0x03,0x01,0x02,0x03, + 0x04,0x05,0x06,0x07,/* 12 Byte nonce */ + 0x08,0x09,0x0A,0x2B, + 0x0C,0x0D,0x0E,0x0F + }; + + auth_chunk.ptr = auth_bytes; + auth_chunk.len = sizeof(auth_bytes); + + parser = parser_create(auth_chunk); + tester->assert_true(tester,(parser != NULL), "parser create check"); + status = parser->parse_payload(parser, AUTHENTICATION, (payload_t**)&auth_payload); + tester->assert_true(tester,(status == SUCCESS),"parse_payload call check"); + parser->destroy(parser); + + if (status != SUCCESS) + { + return; + } + result = auth_payload->get_data(auth_payload); + tester->assert_true(tester,(auth_payload->get_auth_method(auth_payload) == DSS_DIGITAL_SIGNATURE), "is DSS_DIGITAL_SIGNATURE method"); + tester->assert_true(tester,(result.len == 12), "parsed data lenght"); + tester->assert_false(tester,(memcmp(auth_bytes + 8, result.ptr, result.len)), "parsed nonce data"); + auth_payload->destroy(auth_payload); + allocator_free_chunk(&result); +} diff --git a/Source/charon/testcases/parser_test.h b/Source/charon/testcases/parser_test.h index a80888fe8..e25e0356d 100644 --- a/Source/charon/testcases/parser_test.h +++ b/Source/charon/testcases/parser_test.h @@ -85,4 +85,14 @@ void test_parser_with_ke_payload(tester_t *tester); */ void test_parser_with_notify_payload(tester_t *tester); +/** + * @brief Test function used to test the parser_t functionality when + * parsing a AUTH payload. + * + * @param tester associated tester_t object + * + * @ingroup testcases + */ +void test_parser_with_auth_payload(tester_t *tester); + #endif /*PARSER_TEST_H_*/ diff --git a/Source/charon/testcases/testcases.c b/Source/charon/testcases/testcases.c index 9d5b2e00d..65af490c7 100644 --- a/Source/charon/testcases/testcases.c +++ b/Source/charon/testcases/testcases.c @@ -82,12 +82,14 @@ test_t generator_test6 = {test_generator_with_ke_payload,"Generator: KE Payload" test_t generator_test7 = {test_generator_with_notify_payload,"Generator: Notify Payload"}; test_t generator_test8 = {test_generator_with_nonce_payload,"Generator: Nonce Payload"}; test_t generator_test9 = {test_generator_with_id_payload,"Generator: ID Payload"}; +test_t generator_test10 = {test_generator_with_auth_payload,"Generator: AUTH Payload"}; test_t parser_test1 = {test_parser_with_header_payload, "Parser: header payload"}; test_t parser_test2 = {test_parser_with_sa_payload, "Parser: sa payload"}; test_t parser_test3 = {test_parser_with_nonce_payload, "Parser: nonce payload"}; test_t parser_test4 = {test_parser_with_ke_payload, "Parser: key exchange payload"}; test_t parser_test5 = {test_parser_with_notify_payload, "Parser: notify payload"}; test_t parser_test6 = {test_parser_with_id_payload, "Parser: ID payload"}; +test_t parser_test7 = {test_parser_with_auth_payload, "Parser: AUTH payload"}; test_t packet_test = {test_packet,"Packet"}; test_t diffie_hellman_test = {test_diffie_hellman,"Diffie Hellman"}; test_t sha1_hasher_test = {test_sha1_hasher,"SHA1 hasher"}; @@ -168,6 +170,7 @@ int main() &parser_test4, &parser_test5, &parser_test6, + &parser_test7, &generator_test3, &generator_test4, &generator_test5, @@ -175,6 +178,7 @@ int main() &generator_test7, &generator_test8, &generator_test9, + &generator_test10, &ike_sa_manager_test, &packet_test, &diffie_hellman_test, |