8 #define CMAC "AES128CMAC"
11 #define SHA1_LENGTH 20
12 #define CMAC_LENGTH 16
15 void test_MakeMd5Mac(void);
16 void test_MakeSHA1Mac(void);
17 void test_MakeCMac(void);
18 void test_VerifyCorrectMD5(void);
19 void test_VerifySHA1(void);
20 void test_VerifyCMAC(void);
21 void test_VerifyFailure(void);
22 void test_PacketSizeNotMultipleOfFourBytes(void);
24 void VerifyLocalCMAC(struct key *cmac);
25 void VerifyOpenSSLCMAC(struct key *cmac);
31 const char* PKT_DATA = "abcdefgh0123";
32 const int PKT_LEN = strlen(PKT_DATA);
33 const char* EXPECTED_DIGEST =
34 "\x52\x6c\xb8\x38\xaf\x06\x5a\xfb\x6c\x98\xbb\xc0\x9b\x0a\x7a\x1b";
35 char actual[MD5_LENGTH];
41 memcpy(&md5.key_seq, "md5seq", md5.key_len);
42 strlcpy(md5.typen, "MD5", sizeof(md5.typen));
43 md5.typei = keytype_from_text(md5.typen, NULL);
45 TEST_ASSERT_EQUAL(MD5_LENGTH,
46 make_mac(PKT_DATA, PKT_LEN, MD5_LENGTH, &md5, actual));
48 TEST_ASSERT_TRUE(memcmp(EXPECTED_DIGEST, actual, MD5_LENGTH) == 0);
53 test_MakeSHA1Mac(void)
57 const char* PKT_DATA = "abcdefgh0123";
58 const int PKT_LEN = strlen(PKT_DATA);
59 const char* EXPECTED_DIGEST =
60 "\x17\xaa\x82\x97\xc7\x17\x13\x6a\x9b\xa9"
61 "\x63\x85\xb4\xce\xbe\x94\xa0\x97\x16\x1d";
62 char actual[SHA1_LENGTH];
68 memcpy(&sha1.key_seq, "sha1seq", sha1.key_len);
69 strlcpy(sha1.typen, "SHA1", sizeof(sha1.typen));
70 sha1.typei = keytype_from_text(sha1.typen, NULL);
72 TEST_ASSERT_EQUAL(SHA1_LENGTH,
73 make_mac(PKT_DATA, PKT_LEN, SHA1_LENGTH, &sha1, actual));
75 TEST_ASSERT_EQUAL_MEMORY(EXPECTED_DIGEST, actual, SHA1_LENGTH);
79 TEST_IGNORE_MESSAGE("OpenSSL not found, skipping...");
88 #if defined(OPENSSL) && defined(ENABLE_CMAC)
90 const char* PKT_DATA = "abcdefgh0123";
91 const int PKT_LEN = strlen(PKT_DATA);
92 const char* EXPECTED_DIGEST =
93 "\xdd\x35\xd5\xf5\x14\x23\xd9\xd6"
94 "\x38\x5d\x29\x80\xfe\x51\xb9\x6b";
95 char actual[CMAC_LENGTH];
100 cmac.key_len = CMAC_LENGTH;
101 memcpy(&cmac.key_seq, "aes-128-cmac-seq", cmac.key_len);
102 memcpy(&cmac.typen, CMAC, strlen(CMAC) + 1);
104 TEST_ASSERT_EQUAL(CMAC_LENGTH,
105 make_mac(PKT_DATA, PKT_LEN, CMAC_LENGTH, &cmac, actual));
107 TEST_ASSERT_EQUAL_MEMORY(EXPECTED_DIGEST, actual, CMAC_LENGTH);
111 TEST_IGNORE_MESSAGE("OpenSSL not found, skipping...");
118 test_VerifyCorrectMD5(void)
120 const char* PKT_DATA =
121 "sometestdata" /* Data */
122 "\0\0\0\0" /* Key-ID (unused) */
123 "\xc7\x58\x99\xdd\x99\x32\x0f\x71" /* MAC */
124 "\x2b\x7b\xfe\x4f\xa2\x32\xcf\xac";
125 const int PKT_LEN = 12;
131 memcpy(&md5.key_seq, "md5key", md5.key_len);
132 strlcpy(md5.typen, "MD5", sizeof(md5.typen));
133 md5.typei = keytype_from_text(md5.typen, NULL);
135 TEST_ASSERT_TRUE(auth_md5(PKT_DATA, PKT_LEN, MD5_LENGTH, &md5));
140 test_VerifySHA1(void)
144 const char* PKT_DATA =
145 "sometestdata" /* Data */
146 "\0\0\0\0" /* Key-ID (unused) */
147 "\xad\x07\xde\x36\x39\xa6\x77\xfa\x5b\xce" /* MAC */
148 "\x2d\x8a\x7d\x06\x96\xe6\x0c\xbc\xed\xe1";
149 const int PKT_LEN = 12;
155 memcpy(&sha1.key_seq, "sha1key", sha1.key_len);
156 strlcpy(sha1.typen, "SHA1", sizeof(sha1.typen));
157 sha1.typei = keytype_from_text(sha1.typen, NULL);
159 TEST_ASSERT_TRUE(auth_md5(PKT_DATA, PKT_LEN, SHA1_LENGTH, &sha1));
163 TEST_IGNORE_MESSAGE("OpenSSL not found, skipping...");
170 test_VerifyCMAC(void)
172 const char* PKT_DATA =
173 "sometestdata" /* Data */
174 "\0\0\0\0" /* Key-ID (unused) */
175 "\x4e\x0c\xf0\xe2\xc7\x8e\xbb\xbf" /* MAC */
176 "\x79\xfc\x87\xc7\x8b\xb7\x4a\x0b";
177 const int PKT_LEN = 12;
182 cmac.key_len = CMAC_LENGTH;
183 memcpy(&cmac.key_seq, "aes-128-cmac-key", cmac.key_len);
184 memcpy(&cmac.typen, CMAC, strlen(CMAC) + 1);
186 VerifyOpenSSLCMAC(&cmac);
187 VerifyLocalCMAC(&cmac);
192 VerifyOpenSSLCMAC(struct key *cmac)
194 #if defined(OPENSSL) && defined(ENABLE_CMAC)
196 /* XXX: HMS: auth_md5 must be renamed/incorrect. */
197 // TEST_ASSERT_TRUE(auth_md5(PKT_DATA, PKT_LEN, CMAC_LENGTH, cmac));
198 TEST_IGNORE_MESSAGE("VerifyOpenSSLCMAC needs to be implemented, skipping...");
202 TEST_IGNORE_MESSAGE("OpenSSL not found, skipping...");
210 VerifyLocalCMAC(struct key *cmac)
213 /* XXX: HMS: auth_md5 must be renamed/incorrect. */
214 // TEST_ASSERT_TRUE(auth_md5(PKT_DATA, PKT_LEN, CMAC_LENGTH, cmac));
216 TEST_IGNORE_MESSAGE("Hook in the local AES-128-CMAC check!");
223 test_VerifyFailure(void)
225 /* We use a copy of the MD5 verification code, but modify the
226 * last bit to make sure verification fails.
228 const char* PKT_DATA =
229 "sometestdata" /* Data */
230 "\0\0\0\0" /* Key-ID (unused) */
231 "\xc7\x58\x99\xdd\x99\x32\x0f\x71" /* MAC */
232 "\x2b\x7b\xfe\x4f\xa2\x32\xcf\x00"; /* Last byte is wrong! */
233 const int PKT_LEN = 12;
239 memcpy(&md5.key_seq, "md5key", md5.key_len);
240 strlcpy(md5.typen, "MD5", sizeof(md5.typen));
241 md5.typei = keytype_from_text(md5.typen, NULL);
243 TEST_ASSERT_FALSE(auth_md5(PKT_DATA, PKT_LEN, MD5_LENGTH, &md5));
248 test_PacketSizeNotMultipleOfFourBytes(void)
250 const char* PKT_DATA = "123456";
251 const int PKT_LEN = 6;
252 char actual[MD5_LENGTH];
258 memcpy(&md5.key_seq, "md5seq", md5.key_len);
259 strlcpy(md5.typen, "MD5", sizeof(md5.typen));
260 md5.typei = keytype_from_text(md5.typen, NULL);
262 TEST_ASSERT_EQUAL(0, make_mac(PKT_DATA, PKT_LEN, MD5_LENGTH, &md5, actual));