Add unit tests for SSL calls

This commit is contained in:
matt335672 2022-01-20 16:44:49 +00:00
parent d02059d967
commit fde161bac3
4 changed files with 437 additions and 2 deletions

View File

@ -13,7 +13,8 @@ test_common_SOURCES = \
test_common.h \
test_common_main.c \
test_string_calls.c \
test_os_calls.c
test_os_calls.c \
test_ssl_calls.c
test_common_CFLAGS = \
@CHECK_CFLAGS@ \

View File

@ -6,5 +6,6 @@
Suite *make_suite_test_string(void);
Suite *make_suite_test_os_calls(void);
Suite *make_suite_test_ssl_calls(void);
#endif /* TEST_COMMON_H */

View File

@ -4,7 +4,10 @@
#endif
#include <stdlib.h>
#include <check.h>
#include "log.h"
#include "ssl_calls.h"
#include "test_common.h"
int main (void)
@ -14,11 +17,24 @@ int main (void)
sr = srunner_create (make_suite_test_string());
srunner_add_suite(sr, make_suite_test_os_calls());
srunner_add_suite(sr, make_suite_test_ssl_calls());
// srunner_add_suite(sr, make_list_suite());
srunner_set_tap(sr, "-");
/*
* Set up console logging */
struct log_config *lc = log_config_init_for_console(LOG_LEVEL_INFO, NULL);
log_start_from_param(lc);
log_config_free(lc);
/* Initialise the ssl module */
ssl_init();
srunner_run_all (sr, CK_ENV);
number_failed = srunner_ntests_failed(sr);
srunner_free(sr);
ssl_finish();
log_end();
return (number_failed == 0) ? EXIT_SUCCESS : EXIT_FAILURE;
}

View File

@ -0,0 +1,417 @@
#if defined(HAVE_CONFIG_H)
#include "config_ac.h"
#endif
#include "os_calls.h"
#include "string_calls.h"
#include "ssl_calls.h"
#include "test_common.h"
static
char *bin_to_hex(const char *input, int length)
{
int i;
char *result = (char *)g_malloc(length * 2 + 1, 0);
if (result != NULL)
{
char *p = result;
const char *hexdigit = "0123456789abcdef";
for (i = 0 ; i < length ; ++i)
{
int c = input[i];
if (c < 0)
{
c += 256;
}
*p++ = hexdigit[ c / 16];
*p++ = hexdigit[ c % 16];
}
*p = '\0';
}
return result;
}
START_TEST(test_rc4_enc_ok)
{
const char *key = "16_byte_key-----";
char text[] = "xrdp-test-suite-rc4-encryption";
char *result;
void *info = ssl_rc4_info_create();
ssl_rc4_set_key(info, key, g_strlen(key));
ssl_rc4_crypt(info, text, sizeof(text) - 1);
ssl_rc4_info_delete(info);
result = bin_to_hex(text, sizeof(text) - 1);
ck_assert(result != NULL);
/* Result should be the same as
* echo -n '<text>' | \
* openssl rc4 -K <hex-key> -e [-provider legacy] | \
* xxd -g0
*
* where <hex-key> is the string above in hexadecimal */
ck_assert_str_eq(result, "c080f175b2d85802dbf1042f07180ddc4be1d9bd4a44158f0aebf11c961b");
g_free(result);
}
END_TEST
START_TEST(test_rc4_enc_tv0_ok)
{
/*
* This is one of the 5 original RC4 test vectors posted in response to
* the 'RC4 Algorithm revealed' sci.crypt usenet posting */
unsigned char key[] = {0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef};
unsigned char text[] = {0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef};
const char *expected = "75b7878099e0c596";
char *result;
void *info = ssl_rc4_info_create();
ssl_rc4_set_key(info, (char *)key, sizeof(key));
ssl_rc4_crypt(info, (char *)text, sizeof(text));
ssl_rc4_info_delete(info);
result = bin_to_hex((char *)text, sizeof(text));
ck_assert(result != NULL);
ck_assert_str_eq(result, expected);
g_free(result);
}
END_TEST
START_TEST(test_rc4_enc_tv1_ok)
{
/*
* This is one of the 5 original RC4 test vectors posted in response to
* the 'RC4 Algorithm revealed' sci.crypt usenet posting */
unsigned char key[] = {0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef};
unsigned char text[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
const char *expected = "7494c2e7104b0879";
char *result;
void *info = ssl_rc4_info_create();
ssl_rc4_set_key(info, (char *)key, sizeof(key));
ssl_rc4_crypt(info, (char *)text, sizeof(text));
ssl_rc4_info_delete(info);
result = bin_to_hex((char *)text, sizeof(text));
ck_assert(result != NULL);
ck_assert_str_eq(result, expected);
g_free(result);
}
END_TEST
START_TEST(test_rc4_enc_tv2_ok)
{
/*
* This is one of the 5 original RC4 test vectors posted in response to
* the 'RC4 Algorithm revealed' sci.crypt usenet posting */
unsigned char key[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
unsigned char text[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
const char *expected = "de188941a3375d3a";
char *result;
void *info = ssl_rc4_info_create();
ssl_rc4_set_key(info, (char *)key, sizeof(key));
ssl_rc4_crypt(info, (char *)text, sizeof(text));
ssl_rc4_info_delete(info);
result = bin_to_hex((char *)text, sizeof(text));
ck_assert(result != NULL);
ck_assert_str_eq(result, expected);
g_free(result);
}
END_TEST
START_TEST(test_rc4_enc_tv3_ok)
{
/*
* This is one of the 5 original RC4 test vectors posted in response to
* the 'RC4 Algorithm revealed' sci.crypt usenet posting */
unsigned char key[] = {0xef, 0x01, 0x23, 0x45};
unsigned char text[] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
const char *expected = "d6a141a7ec3c38dfbd61";
char *result;
void *info = ssl_rc4_info_create();
ssl_rc4_set_key(info, (char *)key, sizeof(key));
ssl_rc4_crypt(info, (char *)text, sizeof(text));
ssl_rc4_info_delete(info);
result = bin_to_hex((char *)text, sizeof(text));
ck_assert(result != NULL);
ck_assert_str_eq(result, expected);
g_free(result);
}
END_TEST
START_TEST(test_rc4_enc_tv4_ok)
{
/*
* This is one of the 5 original RC4 test vectors posted in response to
* the 'RC4 Algorithm revealed' sci.crypt usenet posting */
unsigned char key[] = {0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef};
unsigned char text[] =
{
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
0x01, 0x01
};
const char *expected =
"7595c3e6114a09780c4ad452338e1ffd9a1be9498f813d76533449b6778dca"
"d8c78a8d2ba9ac66085d0e53d59c26c2d1c490c1ebbe0ce66d1b6b1b13b6"
"b919b847c25a91447a95e75e4ef16779cde8bf0a95850e32af9689444fd3"
"77108f98fdcbd4e726567500990bcc7e0ca3c4aaa304a387d20f3b8fbbcd"
"42a1bd311d7a4303dda5ab078896ae80c18b0af66dff319616eb784e495a"
"d2ce90d7f772a81747b65f62093b1e0db9e5ba532fafec47508323e67132"
"7df9444432cb7367cec82f5d44c0d00b67d650a075cd4b70dedd77eb9b10"
"231b6b5b741347396d62897421d43df9b42e446e358e9c11a9b2184ecbef"
"0cd8e7a877ef968f1390ec9b3d35a5585cb009290e2fcde7b5ec66d9084b"
"e44055a619d9dd7fc3166f9487f7cb272912426445998514c15d53a18c86"
"4ce3a2b7555793988126520eacf2e3066e230c91bee4dd5304f5fd0405b3"
"5bd99c73135d3d9bc335ee049ef69b3867bf2d7bd1eaa595d8bfc0066ff8"
"d31509eb0c6caa006c807a623ef84c3d33c195d23ee320c40de0558157c8"
"22d4b8c569d849aed59d4e0fd7f379586b4b7ff684ed6a189f7486d49b9c"
"4bad9ba24b96abf924372c8a8fffb10d55354900a77a3db5f205e1b99fcd"
"8660863a159ad4abe40fa48934163ddde542a6585540fd683cbfd8c00f12"
"129a284deacc4cdefe58be7137541c047126c8d49e2755ab181ab7e940b0c0";
char *result;
void *info = ssl_rc4_info_create();
ssl_rc4_set_key(info, (char *)key, sizeof(key));
ssl_rc4_crypt(info, (char *)text, sizeof(text));
ssl_rc4_info_delete(info);
result = bin_to_hex((char *)text, sizeof(text));
ck_assert(result != NULL);
ck_assert_str_eq(result, expected);
g_free(result);
}
END_TEST
START_TEST(test_sha1_hash_ok)
{
const char *hash_string = "xrdp-test-suite-sha1-hash";
char digest[20];
char *result1;
char *result2;
void *info = ssl_sha1_info_create();
ssl_sha1_clear(info);
ssl_sha1_transform(info, hash_string, g_strlen(hash_string));
ssl_sha1_complete(info, digest);
result1 = bin_to_hex(digest, sizeof(digest));
ck_assert(result1 != NULL);
/* Check result with echo -n '<hash_string>' | sha1sum */
ck_assert_str_eq(result1, "3ea0ae84e97e6262c7cfe79ccd7ad2094c06885d");
/* Check a clear has the desired effect */
ssl_sha1_clear(info);
ssl_sha1_transform(info, hash_string, g_strlen(hash_string));
ssl_sha1_complete(info, digest);
result2 = bin_to_hex(digest, sizeof(digest));
ck_assert(result2 != NULL);
ck_assert_str_eq(result1, result2);
ssl_sha1_info_delete(info);
g_free(result1);
g_free(result2);
}
END_TEST
START_TEST(test_md5_hash_ok)
{
const char *hash_string = "xrdp-test-suite-md5-hash";
char digest[16];
char *result1;
char *result2;
void *info = ssl_md5_info_create();
ssl_md5_clear(info);
ssl_md5_transform(info, hash_string, g_strlen(hash_string));
ssl_md5_complete(info, digest);
result1 = bin_to_hex(digest, sizeof(digest));
ck_assert(result1 != NULL);
/* Check result with echo -n '<hash_string>' | md5sum */
ck_assert_str_eq(result1, "ddc599dc7ec62b8f78760b071704c007");
/* Check a clear has the desired effect */
ssl_md5_clear(info);
ssl_md5_transform(info, hash_string, g_strlen(hash_string));
ssl_md5_complete(info, digest);
result2 = bin_to_hex(digest, sizeof(digest));
ck_assert(result2 != NULL);
ck_assert_str_eq(result1, result2);
ssl_md5_info_delete(info);
g_free(result1);
g_free(result2);
}
END_TEST
START_TEST(test_des3_enc_ok)
{
const char *key = "24_byte_key-------------";
char plaintext[] = "xrdp-test-suite-des3-encryption-must-be-multiple-of-8-chars-long--------";
char ciphertext[sizeof(plaintext) - 1]; /* No terminator needed */
char plaintext2[sizeof(plaintext)];
char *result;
void *info = ssl_des3_encrypt_info_create(key, 0);
ssl_des3_encrypt(info, sizeof(plaintext) - 1, plaintext, ciphertext);
ssl_des3_info_delete(info);
result = bin_to_hex(ciphertext, sizeof(ciphertext));
ck_assert(result != NULL);
/* Result should be the same as
* echo -n '<text>' | \
* openssl des3 -iv 0000000000000000 -K <hex-key> -e -nopad | \
* od -t x1
*
* where <hex-key> is the string above in hexadecimal */
ck_assert_str_eq(result,
"856d70861827365e188781616e4f9dcc3009b2c5dc7785edcbc05fa825a4ea5e10b23735c0e971ca20f895f455b8845418963af6dd8e649719790eed6cbcee0fb97b743c60e32e8b");
g_free(result);
/* Let's go back again */
info = ssl_des3_decrypt_info_create(key, 0);
ssl_des3_decrypt(info, sizeof(ciphertext), ciphertext, plaintext2);
ssl_des3_info_delete(info);
plaintext2[sizeof(plaintext2) - 1] = '\0';
ck_assert_str_eq(plaintext, plaintext2);
}
END_TEST
START_TEST(test_hmac_sha1_dgst_ok)
{
const char *key = "20_byte_key---------";
const char *hash_string = "xrdp-test-suite-hmac-sha1-dgst";
char hmac[20];
char *result;
void *info = ssl_hmac_info_create();
ssl_hmac_sha1_init(info, key, g_strlen(key));
ssl_hmac_transform(info, hash_string, g_strlen(hash_string));
ssl_hmac_complete(info, hmac, sizeof(hmac));
ssl_hmac_info_delete(info);
result = bin_to_hex(hmac, sizeof(hmac));
ck_assert(result != NULL);
/* Result should be the same as
* echo -n '<text>' | openssl dgst -sha1 -hmac '<key>'
*
* or:-
*
* echo -n '<text>' | openssl mac -digest sha1 -macopt key:'<key>' hmac
*/
ck_assert_str_eq(result, "af8c04e609e9f3cba53ad7815b60160dc69a9936");
g_free(result);
}
END_TEST
START_TEST(test_gen_key_xrdp1)
{
#define RSA_TEST_BITS 2048
char modulus[RSA_TEST_BITS / 8] = {0};
char private_key[RSA_TEST_BITS / 8] = {0};
unsigned char exponent[4] =
{
0x01, 0x00, 0x01, 0x00 /* 65537 in little-endian format */
};
/*
* We can't do much here because of the nature of the call, but we can
* at least check it completes without error */
int error;
error = ssl_gen_key_xrdp1(RSA_TEST_BITS,
(const char *)exponent, sizeof(exponent),
modulus, sizeof(modulus),
private_key, sizeof(private_key));
ck_assert(error == 0);
/* Both the modulus and the privatekey should be odd */
ck_assert((modulus[0] & 1) == 1);
ck_assert((private_key[0] & 1) == 1);
#undef RSA_TEST_BITS
}
END_TEST
/******************************************************************************/
Suite *
make_suite_test_ssl_calls(void)
{
Suite *s;
TCase *tc_ssl_calls;
s = suite_create("SSL-Calls");
tc_ssl_calls = tcase_create("ssl_calls");
suite_add_tcase(s, tc_ssl_calls);
tcase_add_test(tc_ssl_calls, test_rc4_enc_ok);
tcase_add_test(tc_ssl_calls, test_rc4_enc_tv0_ok);
tcase_add_test(tc_ssl_calls, test_rc4_enc_tv1_ok);
tcase_add_test(tc_ssl_calls, test_rc4_enc_tv2_ok);
tcase_add_test(tc_ssl_calls, test_rc4_enc_tv3_ok);
tcase_add_test(tc_ssl_calls, test_rc4_enc_tv4_ok);
tcase_add_test(tc_ssl_calls, test_sha1_hash_ok);
tcase_add_test(tc_ssl_calls, test_md5_hash_ok);
tcase_add_test(tc_ssl_calls, test_des3_enc_ok);
tcase_add_test(tc_ssl_calls, test_hmac_sha1_dgst_ok);
tcase_add_test(tc_ssl_calls, test_gen_key_xrdp1);
return s;
}