#include "config.h"

/* $NetBSD: digests.c,v 1.2 2024/08/18 20:47:26 christos Exp $ */

#include "config.h"

#include <fcntl.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <unistd.h>

#include "unity.h"
#include "ntp.h"
#include "ntp_stdlib.h"

/*
* tests/libntp/data/ntp.keys has two keys for each algorithm, 50 keyids apart.
* The first is 20 random ASCII chars, the 2nd 40 random hex values.
*/
#define HEX_KEYID_OFFSET 50

/* in generated srcdir.c */
extern const char srcdir[];

/* needed by authtrust() */
u_long current_time;

static bool setup;
static u_int32 * pkt;
static size_t pkt_sz;
static u_char * mac;

/* helper routine */
void dump_mac(keyid_t keyid, u_char *pmac, size_t octets);

/* unity calls setUp before each test routine */
void setUp(void);
void
setUp(void)
{
static bool done_once;
const char msg_rel_fname[] = "data/mills,david-03.jpg";
const char keys_rel_fname[] = "data/ntp.keys";
char msg_fname[PATH_MAX];
char keys_fname[PATH_MAX];
int msgf;
int result;
struct stat msg_stat;
u_char * msg;
size_t msg_sz;
size_t pad_sz;
ssize_t octets;

if (done_once) {
return;
}
done_once = TRUE;

init_auth();

snprintf(keys_fname, sizeof(keys_fname), "%s/%s", srcdir,
keys_rel_fname);
if (! authreadkeys(keys_fname)) {
fprintf(stderr, "could not load keys %s\n", keys_fname);
return;
}

snprintf(msg_fname, sizeof(msg_fname), "%s/%s", srcdir, msg_rel_fname);
msgf = open(msg_fname, O_RDONLY);
if (msgf < 0) {
fprintf(stderr, "could not open msg file %s\n", msg_fname);
return;
}

result = fstat(msgf, &msg_stat);
if (result < 0) {
fprintf(stderr, "could not get msg file %s size\n", msg_fname);
return;
}

msg_sz = msg_stat.st_size;
/* round up to next multiple of 4 as needed by MD5authencrypt() */
pad_sz = sizeof(u_int32) - (msg_sz % sizeof(u_int32));
if (sizeof(u_int32) == pad_sz) {
pad_sz = 0;
}
/* allocate room for the message, key ID, and MAC */
msg = emalloc_zero(msg_sz + pad_sz + MAX_MAC_LEN);
octets = read(msgf, msg, msg_sz);
if (octets != msg_sz) {
fprintf(stderr, "could not read msg from file %s, %u != %u\n",
msg_fname, (u_int)octets, (u_int)msg_sz);
return;
}
zero_mem(msg + msg_sz, pad_sz);
pkt_sz = msg_sz + pad_sz;
mac = (void *)((u_char *)msg + pkt_sz);
pkt = (void *)msg;

setup = TRUE;
}

/* reduce code duplication with an ugly macro */
#define TEST_ONE_DIGEST(key, exp_sz, exp_mac) \
do { \
size_t res_sz; \
\
zero_mem(mac, MAX_MAC_LEN); \
if (!auth_findkey(key)) { \
TEST_IGNORE_MESSAGE("MAC unsupported on this system"); \
return; \
} \
authtrust((key), 1); \
\
res_sz = authencrypt((key), pkt, pkt_sz); \
if (0 == res_sz) { \
TEST_IGNORE_MESSAGE("Likely OpenSSL 3 failed digest " \
"init."); \
return; \
} \
TEST_ASSERT_EQUAL_UINT((u_int)((exp_sz) + KEY_MAC_LEN), res_sz);\
dump_mac((key), mac, res_sz); \
TEST_ASSERT_EQUAL_HEX8_ARRAY((exp_mac), mac, MAX_MAC_LEN); \
} while (FALSE)

#define AES128CMAC_KEYID 1
#undef KEYID_A
#define KEYID_A AES128CMAC_KEYID
#undef DG_SZ
#define DG_SZ 16
#undef KEYID_B
#define KEYID_B (KEYID_A + HEX_KEYID_OFFSET)
void test_Digest_AES128CMAC(void);
void test_Digest_AES128CMAC(void)
{
#if defined(OPENSSL) && defined(ENABLE_CMAC)
u_char expectedA[MAX_MAC_LEN] =
{
0, 0, 0, KEYID_A,
0x34, 0x5b, 0xcf, 0xa8,
0x85, 0x6e, 0x9d, 0x01,
0xeb, 0x81, 0x25, 0xc2,
0xa4, 0xb8, 0x1b, 0xe0
};
u_char expectedB[MAX_MAC_LEN] =
{
0, 0, 0, KEYID_B,
0xd1, 0x04, 0x4e, 0xbf,
0x79, 0x2d, 0x3a, 0x40,
0xcd, 0xdc, 0x5a, 0x44,
0xde, 0xe0, 0x0c, 0x84
};

TEST_ASSERT(setup);
TEST_ONE_DIGEST(KEYID_A, DG_SZ, expectedA);
TEST_ONE_DIGEST(KEYID_B, DG_SZ, expectedB);
#else /* ! (OPENSSL && ENABLE_CMAC) follows */
TEST_IGNORE_MESSAGE("Skipping, no OPENSSL or not ENABLE_CMAC");
#endif
}

#define MD4_KEYID 2
#undef KEYID_A
#define KEYID_A MD4_KEYID
#undef DG_SZ
#define DG_SZ 16
#undef KEYID_B
#define KEYID_B (KEYID_A + HEX_KEYID_OFFSET)
void test_Digest_MD4(void);
void test_Digest_MD4(void)
{
#ifdef OPENSSL
u_char expectedA[MAX_MAC_LEN] =
{
0, 0, 0, KEYID_A,
0xf3, 0x39, 0x34, 0xca,
0xe0, 0x48, 0x26, 0x0f,
0x13, 0xca, 0x56, 0x9e,
0xbc, 0x53, 0x9c, 0x66
};
u_char expectedB[MAX_MAC_LEN] =
{
0, 0, 0, KEYID_B,
0x5e, 0xe6, 0x81, 0xf2,
0x57, 0x57, 0x8a, 0x2b,
0xa8, 0x76, 0x8e, 0x7a,
0xc4, 0xf4, 0x34, 0x7e
};

TEST_ASSERT(setup);
TEST_ONE_DIGEST(KEYID_A, DG_SZ, expectedA);
TEST_ONE_DIGEST(KEYID_B, DG_SZ, expectedB);
#else /* ! OPENSSL follows */
TEST_IGNORE_MESSAGE("Skipping, no OPENSSL");
#endif
}

#define MD5_KEYID 3
#undef KEYID_A
#define KEYID_A MD5_KEYID
#undef DG_SZ
#define DG_SZ 16
#undef KEYID_B
#define KEYID_B (KEYID_A + HEX_KEYID_OFFSET)
void test_Digest_MD5(void);
void test_Digest_MD5(void)
{
u_char expectedA[MAX_MAC_LEN] =
{
0, 0, 0, KEYID_A,
0xa6, 0x8d, 0x3a, 0xfe,
0x52, 0xe5, 0xf7, 0xe9,
0x4c, 0x97, 0x72, 0x16,
0x7c, 0x28, 0x18, 0xaf
};
u_char expectedB[MAX_MAC_LEN] =
{
0, 0, 0, KEYID_B,
0xd4, 0x11, 0x2c, 0xc6,
0x66, 0x74, 0x46, 0x8b,
0x12, 0xb1, 0x8c, 0x49,
0xb0, 0x06, 0xda, 0x34
};

TEST_ASSERT(setup);
TEST_ONE_DIGEST(KEYID_A, DG_SZ, expectedA);
TEST_ONE_DIGEST(KEYID_B, DG_SZ, expectedB);
}

#define MDC2_KEYID 4
#undef KEYID_A
#define KEYID_A MDC2_KEYID
#undef DG_SZ
#define DG_SZ 16
#undef KEYID_B
#define KEYID_B (KEYID_A + HEX_KEYID_OFFSET)
void test_Digest_MDC2(void);
void test_Digest_MDC2(void)
{
#ifdef OPENSSL
u_char expectedA[MAX_MAC_LEN] =
{
0, 0, 0, KEYID_A,
0xa0, 0xfc, 0x18, 0xb6,
0xea, 0xba, 0xa5, 0x27,
0xc9, 0x64, 0x0e, 0x41,
0x95, 0x90, 0x5d, 0xf5
};
u_char expectedB[MAX_MAC_LEN] =
{
0, 0, 0, KEYID_B,
0xe3, 0x2c, 0x1e, 0x64,
0x7f, 0x85, 0x81, 0xe7,
0x3b, 0xc3, 0x93, 0x5e,
0xcd, 0x0e, 0x89, 0xeb
};

TEST_ASSERT(setup);
TEST_ONE_DIGEST(KEYID_A, DG_SZ, expectedA);
TEST_ONE_DIGEST(KEYID_B, DG_SZ, expectedB);
#else /* ! OPENSSL follows */
TEST_IGNORE_MESSAGE("Skipping, no OPENSSL");
#endif
}

#define RIPEMD160_KEYID 5
#undef KEYID_A
#define KEYID_A RIPEMD160_KEYID
#undef DG_SZ
#define DG_SZ 20
#undef KEYID_B
#define KEYID_B (KEYID_A + HEX_KEYID_OFFSET)
void test_Digest_RIPEMD160(void);
void test_Digest_RIPEMD160(void)
{
#ifdef OPENSSL
u_char expectedA[MAX_MAC_LEN] =
{
0, 0, 0, KEYID_A,
0x8c, 0x3e, 0x55, 0xbb,
0xec, 0x7c, 0xf6, 0x30,
0xef, 0xd1, 0x45, 0x8c,
0xdd, 0x29, 0x32, 0x7e,
0x04, 0x87, 0x6c, 0xd7
};
u_char expectedB[MAX_MAC_LEN] =
{
0, 0, 0, KEYID_B,
0x2d, 0x4a, 0x48, 0xdd,
0x28, 0x02, 0xb4, 0x9d,
0xe3, 0x6d, 0x1b, 0x90,
0x2b, 0xc4, 0x3f, 0xe5,
0x19, 0x60, 0x12, 0xbc
};

TEST_ASSERT(setup);
TEST_ONE_DIGEST(KEYID_A, DG_SZ, expectedA);
TEST_ONE_DIGEST(KEYID_B, DG_SZ, expectedB);
#else /* ! OPENSSL follows */
TEST_IGNORE_MESSAGE("Skipping, no OPENSSL");
#endif
}

#define SHA1_KEYID 6
#undef KEYID_A
#define KEYID_A SHA1_KEYID
#undef DG_SZ
#define DG_SZ 20
#undef KEYID_B
#define KEYID_B (KEYID_A + HEX_KEYID_OFFSET)
void test_Digest_SHA1(void);
void test_Digest_SHA1(void)
{
#ifdef OPENSSL
u_char expectedA[MAX_MAC_LEN] =
{
0, 0, 0, KEYID_A,
0xe2, 0xc6, 0x17, 0x71,
0x03, 0xc1, 0x85, 0x56,
0x35, 0xc7, 0x4e, 0x75,
0x79, 0x82, 0x9d, 0xcb,
0x2d, 0x06, 0x0e, 0xfa
};
u_char expectedB[MAX_MAC_LEN] =
{
0, 0, 0, KEYID_B,
0x01, 0x16, 0x37, 0xb4,
0xf5, 0x2d, 0xe0, 0x97,
0xaf, 0xd8, 0x58, 0xf7,
0xad, 0xb3, 0x7e, 0x38,
0x86, 0x85, 0x78, 0x44
};

TEST_ASSERT(setup);
TEST_ONE_DIGEST(KEYID_A, DG_SZ, expectedA);
TEST_ONE_DIGEST(KEYID_B, DG_SZ, expectedB);
#else /* ! OPENSSL follows */
TEST_IGNORE_MESSAGE("Skipping, no OPENSSL");
#endif
}

#define SHAKE128_KEYID 7
#undef KEYID_A
#define KEYID_A SHAKE128_KEYID
#undef DG_SZ
#define DG_SZ 16
#undef KEYID_B
#define KEYID_B (KEYID_A + HEX_KEYID_OFFSET)
void test_Digest_SHAKE128(void);
void test_Digest_SHAKE128(void)
{
#ifdef OPENSSL
u_char expectedA[MAX_MAC_LEN] =
{
0, 0, 0, KEYID_A,
0x5c, 0x0c, 0x1a, 0x85,
0xad, 0x03, 0xb2, 0x9a,
0xe4, 0x75, 0x37, 0x93,
0xaa, 0xa6, 0xcd, 0x76
};
u_char expectedB[MAX_MAC_LEN] =
{
0, 0, 0, KEYID_B,
0x07, 0x04, 0x63, 0xcc,
0x46, 0xaf, 0xca, 0x00,
0x7d, 0xd1, 0x5a, 0x39,
0xfd, 0x34, 0xca, 0x10
};

TEST_ASSERT(setup);
TEST_ONE_DIGEST(KEYID_A, DG_SZ, expectedA);
TEST_ONE_DIGEST(KEYID_B, DG_SZ, expectedB);
#else /* ! OPENSSL follows */
TEST_IGNORE_MESSAGE("Skipping, no OPENSSL");
#endif
}

#define DSA_KEYID 8
#undef KEYID_A
#define KEYID_A DSA_KEYID
#undef DG_SZ
#define DG_SZ 20
#undef KEYID_B
#define KEYID_B (KEYID_A + HEX_KEYID_OFFSET)
void test_Digest_DSA(void);
void test_Digest_DSA(void)
{
#ifdef OPENSSL
u_char expectedA[MAX_MAC_LEN] =
{
0, 0, 0, KEYID_A,
0xaf, 0xa0, 0x1d, 0x0c,
0x92, 0xcb, 0xca, 0x95,
0x0d, 0x57, 0x60, 0x49,
0xe5, 0x28, 0x03, 0xf2,
0x7b, 0x5b, 0xb1, 0x4a
};
u_char expectedB[MAX_MAC_LEN] =
{
0, 0, 0, KEYID_B,
0x77, 0xcd, 0x88, 0xc2,
0xed, 0x5d, 0x57, 0xc5,
0x28, 0x92, 0xf0, 0x21,
0x2b, 0xb9, 0x48, 0xac,
0xfe, 0x9f, 0xf5, 0x1c
};

TEST_ASSERT(setup);
TEST_ONE_DIGEST(KEYID_A, DG_SZ, expectedA);
TEST_ONE_DIGEST(KEYID_B, DG_SZ, expectedB);
#else /* ! OPENSSL follows */
TEST_IGNORE_MESSAGE("Skipping, no OPENSSL");
#endif
}

#define DSA_SHA_KEYID 9
#undef KEYID_A
#define KEYID_A DSA_SHA_KEYID
#undef DG_SZ
#define DG_SZ 20
#undef KEYID_B
#define KEYID_B (KEYID_A + HEX_KEYID_OFFSET)
void test_Digest_DSA_SHA(void);
void test_Digest_DSA_SHA(void)
{
#ifdef OPENSSL
u_char expectedA[MAX_MAC_LEN] =
{
0, 0, 0, KEYID_A,
0x7c, 0xb5, 0x79, 0xd0,
0xf2, 0xcd, 0x47, 0xc0,
0x21, 0xf3, 0xf5, 0x04,
0x10, 0xc4, 0x59, 0x5c,
0xd9, 0xa4, 0x4f, 0x3b
};
u_char expectedB[MAX_MAC_LEN] =
{
0, 0, 0, KEYID_B,
0xb9, 0xca, 0xa6, 0x8e,
0xd3, 0xcb, 0x94, 0x6a,
0x6d, 0xae, 0xb4, 0xc8,
0x0e, 0xc9, 0xf6, 0xed,
0x58, 0x1a, 0xed, 0x22
};

TEST_ASSERT(setup);
TEST_ONE_DIGEST(KEYID_A, DG_SZ, expectedA);
TEST_ONE_DIGEST(KEYID_B, DG_SZ, expectedB);
#else /* ! OPENSSL follows */
TEST_IGNORE_MESSAGE("Skipping, no OPENSSL");
#endif
}

#define SHA_KEYID 10
#undef KEYID_A
#define KEYID_A SHA_KEYID
#undef DG_SZ
#define DG_SZ 20
#undef KEYID_B
#define KEYID_B (KEYID_A + HEX_KEYID_OFFSET)
void test_Digest_SHA(void);
void test_Digest_SHA(void)
{
#ifdef OPENSSL
u_char expectedA[MAX_MAC_LEN] =
{
0, 0, 0, KEYID_A,
0xd5, 0xbd, 0xb8, 0x55,
0x9b, 0x9e, 0x5e, 0x8f,
0x1a, 0x3d, 0x99, 0x60,
0xbd, 0x70, 0x0c, 0x5c,
0x68, 0xae, 0xb0, 0xbd
};
u_char expectedB[MAX_MAC_LEN] =
{
0, 0, 0, KEYID_B,
0x63, 0x05, 0x41, 0x45,
0xe9, 0x61, 0x84, 0xe7,
0xc6, 0x94, 0x24, 0xa4,
0x84, 0x76, 0xc7, 0xc9,
0xdd, 0x80, 0x80, 0x89
};

TEST_ASSERT(setup);
TEST_ONE_DIGEST(KEYID_A, DG_SZ, expectedA);
TEST_ONE_DIGEST(KEYID_B, DG_SZ, expectedB);
#else /* ! OPENSSL follows */
TEST_IGNORE_MESSAGE("Skipping, no OPENSSL");
#endif
}

/*
* Dump a MAC in a form easy to cut and paste into the expected declaration.
*/
void dump_mac(
keyid_t keyid,
u_char * pmac,
size_t octets
)
{
char dump[128];
size_t dc = 0;
size_t idx;

dc += snprintf(dump + dc, sizeof(dump) - dc, "digest with key %u { ", keyid);

for (idx = 4; idx < octets; idx++) {
if (14 == idx) {
msyslog(LOG_DEBUG, "%s", dump);
dc = 0;
}
if (dc < sizeof(dump)) {
dc += snprintf(dump + dc, sizeof(dump) - dc,
"0x%02x, ", pmac[idx]);
}
}

if (dc < sizeof(dump)) {
dc += snprintf(dump + dc, sizeof(dump) - dc, "}");
}

msyslog(LOG_DEBUG, "%s", dump);
}