Przeglądaj źródła

Start adding tests for sendAsymmetricOPNMessage

Mark 7 lat temu
rodzic
commit
de7f8eeff3

+ 0 - 1
deps/mbedtls

@@ -1 +0,0 @@
-Subproject commit f2a597fa3dd1c7b15e0fee62f6932b253295803d

+ 6 - 0
src/ua_securechannel.c

@@ -290,6 +290,12 @@ hideBytesAsym(UA_SecureChannel *const channel, UA_Byte **const buf_start,
 UA_StatusCode
 UA_SecureChannel_sendAsymmetricOPNMessage(UA_SecureChannel *channel, UA_UInt32 requestId,
                                           const void *content, const UA_DataType *contentType) {
+    if(channel == NULL || content == NULL || contentType == NULL)
+        return UA_STATUSCODE_BADINTERNALERROR;
+
+    if(channel->securityMode == UA_MESSAGESECURITYMODE_INVALID)
+        return UA_STATUSCODE_BADSECURITYMODEREJECTED;
+
     const UA_SecurityPolicy *const securityPolicy = channel->securityPolicy;
     UA_Connection *connection = channel->connection;
     if(!connection)

+ 52 - 2
tests/CMakeLists.txt

@@ -40,7 +40,8 @@ set(test_plugin_sources ${PROJECT_SOURCE_DIR}/plugins/ua_network_tcp.c
                         ${PROJECT_SOURCE_DIR}/plugins/ua_nodestore_default.c
                         ${PROJECT_SOURCE_DIR}/tests/testing-plugins/testing_clock.c
                         ${PROJECT_SOURCE_DIR}/plugins/ua_securitypolicy_none.c
-                        ${PROJECT_SOURCE_DIR}/tests/testing-plugins/testing_policy.c)
+                        ${PROJECT_SOURCE_DIR}/tests/testing-plugins/testing_policy.c
+                        ${PROJECT_SOURCE_DIR}/tests/testing-plugins/testing_networklayers.c)
 
 add_library(open62541-testplugins OBJECT ${test_plugin_sources})
 add_dependencies(open62541-testplugins open62541)
@@ -159,7 +160,56 @@ endif()
 # Readspeed server
 add_executable(check_server_readspeed server/check_server_readspeed.c $<TARGET_OBJECTS:open62541-object> $<TARGET_OBJECTS:open62541-testplugins>)
 target_link_libraries(check_server_readspeed ${LIBS})
-add_test_valgrind(server_readspeed ${TESTS_BINARY_DIR}/check_server_readspeed)
+add_test_valgrind(check_server_readspeed ${TESTS_BINARY_DIR}/check_server_readspeed)
+
+# Test server with network dumps from files
+
+add_custom_command(OUTPUT ${CMAKE_CURRENT_BINARY_DIR}/client_HELOPN.bin
+                          ${CMAKE_CURRENT_BINARY_DIR}/client_CLO.bin
+                          ${CMAKE_CURRENT_BINARY_DIR}/client_CreateActivateSession.bin
+                          ${CMAKE_CURRENT_BINARY_DIR}/client_Browse.bin
+                          ${CMAKE_CURRENT_BINARY_DIR}/client_Read.bin
+                          ${CMAKE_CURRENT_BINARY_DIR}/client_Write.bin
+                  PRE_BUILD
+                  COMMAND python ${PROJECT_SOURCE_DIR}/tools/hex2bin.py
+                                 ${CMAKE_CURRENT_SOURCE_DIR}/dumps/client_HELOPN.hex
+                                 ${CMAKE_CURRENT_SOURCE_DIR}/dumps/client_CLO.hex
+                                 ${CMAKE_CURRENT_SOURCE_DIR}/dumps/client_CreateActivateSession.hex
+                                 ${CMAKE_CURRENT_SOURCE_DIR}/dumps/client_Browse.hex
+                                 ${CMAKE_CURRENT_SOURCE_DIR}/dumps/client_Read.hex
+                                 ${CMAKE_CURRENT_SOURCE_DIR}/dumps/client_Write.hex
+                  DEPENDS ${PROJECT_SOURCE_DIR}/tools/hex2bin.py
+                          ${CMAKE_CURRENT_SOURCE_DIR}/dumps/client_HELOPN.hex
+                          ${CMAKE_CURRENT_SOURCE_DIR}/dumps/client_CLO.hex
+                          ${CMAKE_CURRENT_SOURCE_DIR}/dumps/client_CreateActivateSession.hex
+                          ${CMAKE_CURRENT_SOURCE_DIR}/dumps/client_Browse.hex
+                          ${CMAKE_CURRENT_SOURCE_DIR}/dumps/client_Read.hex
+                          ${CMAKE_CURRENT_SOURCE_DIR}/dumps/client_Write.hex)
+add_custom_target(client_HELOPN.bin DEPENDS "${CMAKE_CURRENT_BINARY_DIR}/client_HELOPN.bin")
+add_custom_target(client_CreateActivateSession.bin DEPENDS "${CMAKE_CURRENT_BINARY_DIR}/client_CreateActivateSession.bin")
+
+add_executable(check_server_binary_messages server/check_server_binary_messages.c $<TARGET_OBJECTS:open62541-object> $<TARGET_OBJECTS:open62541-testplugins>)
+target_include_directories(check_server_binary_messages PRIVATE ${PROJECT_SOURCE_DIR}/src/server)
+target_link_libraries(check_server_binary_messages ${LIBS})
+add_dependencies(check_server_binary_messages client_HELOPN.bin)
+
+add_test_valgrind(check_server_binary_messages_browse ${TESTS_BINARY_DIR}/check_server_binary_messages
+                                             ${CMAKE_CURRENT_BINARY_DIR}/client_HELOPN.bin
+                                             ${CMAKE_CURRENT_BINARY_DIR}/client_CreateActivateSession.bin
+                                             ${CMAKE_CURRENT_BINARY_DIR}/client_Browse.bin
+                                             ${CMAKE_CURRENT_BINARY_DIR}/client_CLO.bin)
+
+add_test_valgrind(check_server_binary_messages_read ${TESTS_BINARY_DIR}/check_server_binary_messages
+                                           ${CMAKE_CURRENT_BINARY_DIR}/client_HELOPN.bin
+                                           ${CMAKE_CURRENT_BINARY_DIR}/client_CreateActivateSession.bin
+                                           ${CMAKE_CURRENT_BINARY_DIR}/client_Read.bin
+                                           ${CMAKE_CURRENT_BINARY_DIR}/client_CLO.bin)
+
+add_test_valgrind(check_server_binary_messages_write ${TESTS_BINARY_DIR}/check_server_binary_messages
+                                           ${CMAKE_CURRENT_BINARY_DIR}/client_HELOPN.bin
+                                           ${CMAKE_CURRENT_BINARY_DIR}/client_CreateActivateSession.bin
+                                           ${CMAKE_CURRENT_BINARY_DIR}/client_Write.bin
+                                           ${CMAKE_CURRENT_BINARY_DIR}/client_CLO.bin)
 
 # Test Client
 

+ 98 - 2
tests/check_securechannel.c

@@ -5,6 +5,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <src_generated/ua_types_generated.h>
+#include <testing_networklayers.h>
 
 #include "testing_policy.h"
 #include "ua_securechannel.h"
@@ -69,6 +70,8 @@ START_TEST(SecureChannel_initAndDelete)
 
         UA_SecureChannel_deleteMembersCleanup(&channel);
         ck_assert_msg(fCalled.deleteContext, "Expected deleteContext to have been called");
+
+        dummyPolicy.deleteMembers(&dummyPolicy);
     }
 END_TEST
 
@@ -130,11 +133,96 @@ START_TEST(SecureChannel_revolveTokens)
         UA_ChannelSecurityToken_init(&testToken);
 
         ck_assert_msg(memcmp(&testChannel.nextSecurityToken, &testToken, sizeof(UA_ChannelSecurityToken)) == 0,
-                     "Expected the next securityToken to be freshly initialized");
+                      "Expected the next securityToken to be freshly initialized");
         ck_assert_msg(testChannel.securityToken.tokenId == 10, "Expected token to have been copied");
     }
 END_TEST
 
+START_TEST(SecureChannel_sendAsymmetricOPNMessage_withoutConnection)
+    {
+        UA_OpenSecureChannelResponse dummyResponse;
+        UA_OpenSecureChannelResponse_init(&dummyResponse);
+
+        UA_StatusCode retval = UA_SecureChannel_sendAsymmetricOPNMessage(&testChannel,
+                                                                         42,
+                                                                         &dummyResponse,
+                                                                         &UA_TYPES[UA_TYPES_OPENSECURECHANNELRESPONSE]);
+
+        ck_assert_msg(retval != UA_STATUSCODE_GOOD, "Expected failure without a connection");
+    }
+END_TEST
+
+START_TEST(SecureChannel_sendAsymmetricOPNMessage_invalidParameters)
+    {
+        UA_OpenSecureChannelResponse dummyResponse;
+        UA_OpenSecureChannelResponse_init(&dummyResponse);
+
+        UA_StatusCode retval = UA_SecureChannel_sendAsymmetricOPNMessage(&testChannel,
+                                                                         42,
+                                                                         NULL,
+                                                                         &UA_TYPES[UA_TYPES_OPENSECURECHANNELRESPONSE]);
+        ck_assert_msg(retval != UA_STATUSCODE_GOOD, "Expected failure");
+
+        retval = UA_SecureChannel_sendAsymmetricOPNMessage(&testChannel,
+                                                           42,
+                                                           &dummyResponse,
+                                                           NULL);
+        ck_assert_msg(retval != UA_STATUSCODE_GOOD, "Expected failure");
+
+        retval = UA_SecureChannel_sendAsymmetricOPNMessage(NULL,
+                                                           42,
+                                                           &dummyResponse,
+                                                           &UA_TYPES[UA_TYPES_OPENSECURECHANNELRESPONSE]);
+        ck_assert_msg(retval != UA_STATUSCODE_GOOD, "Expected failure");
+    }
+END_TEST
+
+START_TEST(SecureChannel_sendAsymmetricOPNMessage)
+    {
+        // Configure our channel correctly for OPN messages and setup dummy message
+        UA_Connection testingConnection = createDummyConnection();
+        UA_Connection_attachSecureChannel(&testingConnection, &testChannel);
+
+        UA_OpenSecureChannelResponse dummyResponse;
+        UA_OpenSecureChannelResponse_init(&dummyResponse);
+
+        testChannel.securityMode = UA_MESSAGESECURITYMODE_INVALID;
+
+        UA_StatusCode retval = UA_SecureChannel_sendAsymmetricOPNMessage(&testChannel,
+                                                                         42,
+                                                                         &dummyResponse,
+                                                                         &UA_TYPES[UA_TYPES_OPENSECURECHANNELRESPONSE]);
+        ck_assert_msg(retval == UA_STATUSCODE_BADSECURITYMODEREJECTED, "Expected SecurityMode rejected error");
+
+        testChannel.securityMode = UA_MESSAGESECURITYMODE_NONE;
+        retval = UA_SecureChannel_sendAsymmetricOPNMessage(&testChannel,
+                                                           42,
+                                                           &dummyResponse,
+                                                           &UA_TYPES[UA_TYPES_OPENSECURECHANNELRESPONSE]);
+        ck_assert_msg(retval == UA_STATUSCODE_GOOD, "Expected function to succeed");
+        ck_assert_msg(!fCalled.asym_enc, "Message encryption was called but should not have been");
+        ck_assert_msg(!fCalled.asym_sign, "Message signing was called but should not have been");
+
+        testChannel.securityMode = UA_MESSAGESECURITYMODE_SIGN;
+        retval = UA_SecureChannel_sendAsymmetricOPNMessage(&testChannel,
+                                                           42,
+                                                           &dummyResponse,
+                                                           &UA_TYPES[UA_TYPES_OPENSECURECHANNELRESPONSE]);
+        ck_assert_msg(retval == UA_STATUSCODE_GOOD, "Expected function to succeed");
+        ck_assert_msg(fCalled.asym_enc, "Expected message to have been encrypted but it was not");
+        ck_assert_msg(fCalled.asym_sign, "Expected message to have been signed but it was not");
+
+        testChannel.securityMode = UA_MESSAGESECURITYMODE_SIGNANDENCRYPT;
+        retval = UA_SecureChannel_sendAsymmetricOPNMessage(&testChannel,
+                                                           42,
+                                                           &dummyResponse,
+                                                           &UA_TYPES[UA_TYPES_OPENSECURECHANNELRESPONSE]);
+        ck_assert_msg(retval == UA_STATUSCODE_GOOD, "Expected function to succeed");
+        ck_assert_msg(fCalled.asym_enc, "Expected message to have been encrypted but it was not");
+        ck_assert_msg(fCalled.asym_sign, "Expected message to have been signed but it was not");
+    }
+END_TEST
+
 static Suite *
 testSuite_SecureChannel(void) {
     Suite *s = suite_create("SecureChannel");
@@ -157,6 +245,14 @@ testSuite_SecureChannel(void) {
     tcase_add_test(tc_revolveTokens, SecureChannel_revolveTokens);
     suite_add_tcase(s, tc_revolveTokens);
 
+    TCase *tc_sendAsymmetricOPNMessage = tcase_create("Test sendAsymmetricOPNMessage function");
+    tcase_add_checked_fixture(tc_sendAsymmetricOPNMessage, setup_funcs_called, teardown_funcs_called);
+    tcase_add_checked_fixture(tc_sendAsymmetricOPNMessage, setup_secureChannel, teardown_secureChannel);
+    tcase_add_test(tc_sendAsymmetricOPNMessage, SecureChannel_sendAsymmetricOPNMessage_withoutConnection);
+    tcase_add_test(tc_sendAsymmetricOPNMessage, SecureChannel_sendAsymmetricOPNMessage);
+    tcase_add_test(tc_sendAsymmetricOPNMessage, SecureChannel_sendAsymmetricOPNMessage_invalidParameters);
+    suite_add_tcase(s, tc_sendAsymmetricOPNMessage);
+
     return s;
 }
 
@@ -165,7 +261,7 @@ main(void) {
     Suite *s = testSuite_SecureChannel();
     SRunner *sr = srunner_create(s);
     srunner_set_fork_status(sr, CK_NOFORK);
-    srunner_run_all(sr, CK_VERBOSE);
+    srunner_run_all(sr, CK_NORMAL);
     int number_failed = srunner_ntests_failed(sr);
     srunner_free(sr);
     return (number_failed == 0) ? EXIT_SUCCESS : EXIT_FAILURE;

+ 44 - 11
tests/testing-plugins/testing_policy.c

@@ -28,10 +28,28 @@ verify_testing(const UA_SecurityPolicy *securityPolicy,
 }
 
 static UA_StatusCode
-sign_testing(const UA_SecurityPolicy *securityPolicy,
-             const void *channelContext,
-             const UA_ByteString *message,
-             UA_ByteString *signature) {
+asym_sign_testing(const UA_SecurityPolicy *securityPolicy,
+                  const void *channelContext,
+                  const UA_ByteString *message,
+                  UA_ByteString *signature) {
+    SET_CALLED(asym_sign);
+    ck_assert(securityPolicy);
+    ck_assert(channelContext);
+    ck_assert(message);
+    ck_assert(signature);
+    return UA_STATUSCODE_GOOD;
+}
+
+static UA_StatusCode
+sym_sign_testing(const UA_SecurityPolicy *securityPolicy,
+                 const void *channelContext,
+                 const UA_ByteString *message,
+                 UA_ByteString *signature) {
+    SET_CALLED(sym_sign);
+    ck_assert(securityPolicy);
+    ck_assert(channelContext);
+    ck_assert(message);
+    ck_assert(signature);
     return UA_STATUSCODE_GOOD;
 }
 
@@ -86,9 +104,24 @@ sym_getRemoteEncryptionKeyLength_testing(const UA_SecurityPolicy *securityPolicy
 }
 
 static UA_StatusCode
-encrypt_testing(const UA_SecurityPolicy *securityPolicy,
-                const void *channelContext,
-                UA_ByteString *data) {
+sym_encrypt_testing(const UA_SecurityPolicy *securityPolicy,
+                    const void *channelContext,
+                    UA_ByteString *data) {
+    SET_CALLED(sym_enc);
+    ck_assert(securityPolicy);
+    ck_assert(channelContext);
+    ck_assert(data);
+    return UA_STATUSCODE_GOOD;
+}
+
+static UA_StatusCode
+asym_encrypt_testing(const UA_SecurityPolicy *securityPolicy,
+                     const void *channelContext,
+                     UA_ByteString *data) {
+    SET_CALLED(asym_enc);
+    ck_assert(securityPolicy);
+    ck_assert(channelContext);
+    ck_assert(data);
     return UA_STATUSCODE_GOOD;
 }
 
@@ -275,10 +308,10 @@ TestingPolicy(UA_SecurityPolicy *policy, const UA_ByteString localCertificate,
     policy->asymmetricModule.compareCertificateThumbprint = compareThumbprint_testing;
     policy->asymmetricModule.cryptoModule.signatureAlgorithmUri = UA_STRING_NULL;
     policy->asymmetricModule.cryptoModule.verify = verify_testing;
-    policy->asymmetricModule.cryptoModule.sign = sign_testing;
+    policy->asymmetricModule.cryptoModule.sign = asym_sign_testing;
     policy->asymmetricModule.cryptoModule.getLocalSignatureSize = asym_getLocalSignatureSize_testing;
     policy->asymmetricModule.cryptoModule.getRemoteSignatureSize = asym_getRemoteSignatureSize_testing;
-    policy->asymmetricModule.cryptoModule.encrypt = encrypt_testing;
+    policy->asymmetricModule.cryptoModule.encrypt = asym_encrypt_testing;
     policy->asymmetricModule.cryptoModule.decrypt = decrypt_testing;
     policy->asymmetricModule.cryptoModule.getLocalEncryptionKeyLength = asym_getLocalEncryptionKeyLength_testing;
     policy->asymmetricModule.cryptoModule.getRemoteEncryptionKeyLength = asym_getRemoteEncryptionKeyLength_testing;
@@ -287,10 +320,10 @@ TestingPolicy(UA_SecurityPolicy *policy, const UA_ByteString localCertificate,
     policy->symmetricModule.generateNonce = generateNonce_testing;
     policy->symmetricModule.cryptoModule.signatureAlgorithmUri = UA_STRING_NULL;
     policy->symmetricModule.cryptoModule.verify = verify_testing;
-    policy->symmetricModule.cryptoModule.sign = sign_testing;
+    policy->symmetricModule.cryptoModule.sign = sym_sign_testing;
     policy->symmetricModule.cryptoModule.getLocalSignatureSize = sym_getLocalSignatureSize_testing;
     policy->symmetricModule.cryptoModule.getRemoteSignatureSize = sym_getRemoteSignatureSize_testing;
-    policy->symmetricModule.cryptoModule.encrypt = encrypt_testing;
+    policy->symmetricModule.cryptoModule.encrypt = sym_encrypt_testing;
     policy->symmetricModule.cryptoModule.decrypt = decrypt_testing;
     policy->symmetricModule.cryptoModule.getLocalEncryptionKeyLength = sym_getLocalEncryptionKeyLength_testing;
     policy->symmetricModule.cryptoModule.getRemoteEncryptionKeyLength = sym_getRemoteEncryptionKeyLength_testing;