Go to the documentation of this file.
44 static const char testtext[] =
"Dummy text to test PEM encoding";
60 assert_true(
BLEN(&src_buf) <
BLEN(&pem_buf));
66 assert_int_equal(
BLEN(&src_buf),
BLEN(&dec_buf));
67 assert_memory_equal(
BPTR(&src_buf),
BPTR(&dec_buf),
BLEN(&src_buf));
85 assert_string_equal(kt_name, openvpn_name);
98 for (
int i = 0; i < strlen(ciphername); i++)
100 upper[i] = toupper(ciphername[i]);
101 lower[i] = tolower(ciphername[i]);
104 random_case[i] = upper[i];
108 random_case[i] = lower[i];
114 openvpn_name = upper;
140 static uint8_t
good_prf[32] = {0xd9, 0x8c, 0x85, 0x18, 0xc8, 0x5e, 0x94, 0x69,
141 0x27, 0x91, 0x6a, 0xcf, 0xc2, 0xd5, 0x92, 0xfb,
142 0xb1, 0x56, 0x7e, 0x4b, 0x4b, 0x14, 0x59, 0xe6,
143 0xa9, 0x04, 0xac, 0x2d, 0xda, 0xb7, 0x2d, 0x67};
145 static const char *
ipsumlorem =
"Lorem ipsum dolor sit amet, consectetur "
146 "adipisici elit, sed eiusmod tempor incidunt "
147 "ut labore et dolore magna aliqua.";
152 const char *seedstr =
"Quis aute iure reprehenderit in voluptate "
153 "velit esse cillum dolore";
154 const unsigned char *seed = (
const unsigned char *)seedstr;
155 const size_t seed_len = strlen(seedstr);
158 const unsigned char *secret = (
const unsigned char *)
ipsumlorem;
159 size_t secret_len = strlen((
const char *)secret);
163 ssl_tls1_PRF(seed, seed_len, secret, secret_len, out,
sizeof(out));
165 assert_memory_equal(
good_prf, out,
sizeof(out));
169 static uint8_t
goodhash[20] = {0x58, 0xea, 0x5a, 0xf0, 0x42, 0x94, 0xe9, 0x17,
170 0xed, 0x84, 0xb9, 0xf0, 0x83, 0x30, 0x23, 0xae,
171 0x8b, 0xa7, 0x7e, 0xb8};
202 memset(
key, 0x55,
sizeof(
key));
233 assert_int_equal(linkmtu, 1400);
242 assert_int_equal(linkmtu, 1408);
248 assert_int_equal(linkmtu, 1440);
254 assert_int_equal(linkmtu, 1440);
260 assert_int_equal(linkmtu, 1444);
265 assert_int_equal(linkmtu, 1446);
269 #if defined(USE_COMP)
274 assert_int_equal(linkmtu, 1445);
276 #if defined(ENABLE_FRAGMENT)
280 assert_int_equal(linkmtu, 1449);
298 assert_int_equal(linkmtu, 1457);
304 assert_int_equal(linkmtu, 1457);
311 assert_int_equal(linkmtu, 1405);
317 assert_int_equal(linkmtu, 1449);
320 #if defined(USE_COMP) && defined(ENABLE_FRAGMENT)
326 assert_int_equal(linkmtu, 1454);
331 assert_int_equal(linkmtu, 1464);
358 assert_int_equal(
f.mss_fix, 952);
368 assert_int_equal(
f.mss_fix, 952);
375 for (
int i = 990; i <= 1010; i++)
384 assert_int_equal(
f.mss_fix, 911);
388 assert_int_equal(
f.mss_fix, 943);
392 assert_int_equal(
f.mss_fix, 927);
401 for (
int i = 990; i <= 1010; i++)
410 assert_int_equal(
f.mss_fix, 910);
414 assert_int_equal(
f.mss_fix, 942);
418 assert_int_equal(
f.mss_fix, 926);
432 for (
int i = 900; i <= 1200; i++)
440 assert_int_equal(
f.mss_fix, i - 4 - 4 - 16 - 40);
450 const struct CMUnitTest tests[] = {
459 #if defined(ENABLE_CRYPTO_OPENSSL)
460 OpenSSL_add_all_algorithms();
463 int ret = cmocka_run_group_tests_name(
"crypto tests", tests, NULL, NULL);
465 #if defined(ENABLE_CRYPTO_OPENSSL)
static bool cipher_valid(const char *ciphername)
Returns if the cipher is valid, based on the given cipher name.
void hmac_ctx_cleanup(hmac_ctx_t *ctx)
static struct gc_arena gc_new(void)
mbedtls_md_context_t hmac_ctx_t
Generic HMAC context.
const char * socks_proxy_server
static void crypto_test_tls_prf(void **state)
static void openvpn_unit_test_setup()
Sets up the environment for unit tests like making both stderr and stdout non-buffered to avoid messa...
const char * shared_secret_file
static const char testtext[]
struct connection_entry ce
void hmac_ctx_update(hmac_ctx_t *ctx, const uint8_t *src, int src_len)
const char * cipher_kt_name(const char *ciphername)
Retrieve a normalised string describing the cipher (e.g.
Packet geometry parameters.
static void test_occ_mtu_calculation(void **state)
Container for unidirectional cipher and HMAC key material.
static const char * ipsumlorem
char * string_alloc(const char *str, struct gc_arena *gc)
static void test_translate_cipher(const char *ciphername, const char *openvpn_name)
static uint8_t testkey[20]
static void test_cipher_names(const char *ciphername, const char *openvpn_name)
struct compress_options comp
size_t calc_options_string_link_mtu(const struct options *o, const struct frame *frame)
Calculate the link-mtu to advertise to our peer.
void frame_calculate_dynamic(struct frame *frame, struct key_type *kt, const struct options *options, struct link_socket_info *lsi)
Set the –mssfix option.
static void crypto_translate_cipher_names(void **state)
const char * tls_auth_file
static uint8_t goodhash[20]
unsigned char md_kt_size(const char *mdname)
Returns the size of the message digest, in bytes.
static void crypto_pem_encode_decode_loopback(void **state)
void hmac_ctx_final(hmac_ctx_t *ctx, uint8_t *dst)
Wrapper structure for dynamically allocated memory.
void hmac_ctx_reset(hmac_ctx_t *ctx)
void hmac_ctx_free(hmac_ctx_t *ctx)
Garbage collection arena used to keep track of dynamically allocated memory.
bool crypto_pem_encode(const char *name, struct buffer *dst, const struct buffer *src, struct gc_arena *gc)
Encode binary data as PEM.
static void buf_set_write(struct buffer *buf, uint8_t *data, int size)
bool crypto_pem_decode(const char *name, struct buffer *dst, const struct buffer *src)
Decode a PEM buffer to binary data.
static void gc_free(struct gc_arena *a)
hmac_ctx_t * hmac_ctx_new(void)
void hmac_ctx_init(hmac_ctx_t *ctx, const uint8_t *key, const char *mdname)
void init_key_type(struct key_type *kt, const char *ciphername, const char *authname, bool tls_mode, bool warn)
Initialize a key_type structure with.
static void crypto_test_hmac(void **state)
static void test_mssfix_mtu_calculation(void **state)
bool ssl_tls1_PRF(const uint8_t *seed, int seed_len, const uint8_t *secret, int secret_len, uint8_t *output, int output_len)
Calculates the TLS 1.0-1.1 PRF function.
static void buf_set_read(struct buffer *buf, const uint8_t *data, size_t size)
static uint8_t good_prf[32]