/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #ifndef __clang_analyzer__ #include "ua_types.h" #include "ua_plugin_securitypolicy.h" #include "ua_log_stdout.h" #include "ua_types_generated_handling.h" #include "testing_policy.h" #include "check.h" #define SET_CALLED(func) funcsCalled->func = true static funcs_called *funcsCalled; static const key_sizes *keySizes; static UA_StatusCode verify_testing(const UA_SecurityPolicy *securityPolicy, void *channelContext, const UA_ByteString *message, const UA_ByteString *signature) { return UA_STATUSCODE_GOOD; } static UA_StatusCode asym_sign_testing(const UA_SecurityPolicy *securityPolicy, void *channelContext, const UA_ByteString *message, UA_ByteString *signature) { SET_CALLED(asym_sign); ck_assert(securityPolicy != NULL); ck_assert(channelContext != NULL); ck_assert(message != NULL); ck_assert(signature != NULL); ck_assert_msg(signature->length == keySizes->asym_lcl_sig_size, "Expected signature length to be %i but was %i", keySizes->asym_lcl_sig_size, signature->length); memset(signature->data, '*', signature->length); return UA_STATUSCODE_GOOD; } static UA_StatusCode sym_sign_testing(const UA_SecurityPolicy *securityPolicy, void *channelContext, const UA_ByteString *message, UA_ByteString *signature) { SET_CALLED(sym_sign); ck_assert(securityPolicy != NULL); ck_assert(channelContext != NULL); ck_assert(message != NULL); ck_assert(signature != NULL); ck_assert(signature->length != 0); ck_assert(signature->data != NULL); memset(signature->data, 'S', signature->length); return UA_STATUSCODE_GOOD; } static size_t asym_getLocalSignatureSize_testing(const UA_SecurityPolicy *securityPolicy, const void *channelContext) { ck_assert(securityPolicy != NULL); ck_assert(channelContext != NULL); return keySizes->asym_lcl_sig_size; } static size_t asym_getRemoteSignatureSize_testing(const UA_SecurityPolicy *securityPolicy, const void *channelContext) { ck_assert(securityPolicy != NULL); ck_assert(channelContext != NULL); return keySizes->asym_rmt_sig_size; } static size_t asym_getLocalEncryptionKeyLength_testing(const UA_SecurityPolicy *securityPolicy, const void *channelContext) { return keySizes->asym_lcl_enc_key_size; } static size_t asym_getRemoteEncryptionKeyLength_testing(const UA_SecurityPolicy *securityPolicy, const void *channelContext) { return keySizes->asym_rmt_enc_key_size; } static size_t sym_getLocalSignatureSize_testing(const UA_SecurityPolicy *securityPolicy, const void *channelContext) { return 0; } static size_t sym_getRemoteSignatureSize_testing(const UA_SecurityPolicy *securityPolicy, const void *channelContext) { return 0; } static size_t sym_getLocalEncryptionKeyLength_testing(const UA_SecurityPolicy *securityPolicy, const void *channelContext) { ck_assert(securityPolicy != NULL); ck_assert(channelContext != NULL); return keySizes->sym_enc_keyLen; } static size_t sym_getRemoteEncryptionKeyLength_testing(const UA_SecurityPolicy *securityPolicy, const void *channelContext) { return keySizes->sym_enc_keyLen; } static UA_StatusCode sym_encrypt_testing(const UA_SecurityPolicy *securityPolicy, void *channelContext, UA_ByteString *data) { SET_CALLED(sym_enc); ck_assert(securityPolicy != NULL); ck_assert(channelContext != NULL); ck_assert(data != NULL); return UA_STATUSCODE_GOOD; } static UA_StatusCode asym_encrypt_testing(const UA_SecurityPolicy *securityPolicy, void *channelContext, UA_ByteString *data) { SET_CALLED(asym_enc); ck_assert(securityPolicy != NULL); ck_assert(channelContext != NULL); ck_assert(data != NULL); size_t blockSize = securityPolicy->channelModule.getRemoteAsymPlainTextBlockSize(securityPolicy); ck_assert_msg(data->length % blockSize == 0, "Expected the length of the data to be encrypted to be a multiple of the plaintext block size (%i). " "Remainder was %i", blockSize, data->length % blockSize); for(size_t i = 0; i < data->length; ++i) { data->data[i] = (UA_Byte) ((data->data[i] + 1) % (UA_BYTE_MAX + 1)); } return UA_STATUSCODE_GOOD; } static UA_StatusCode decrypt_testing(const UA_SecurityPolicy *securityPolicy, void *channelContext, UA_ByteString *data) { return UA_STATUSCODE_GOOD; } static UA_StatusCode makeThumbprint_testing(const UA_SecurityPolicy *securityPolicy, const UA_ByteString *certificate, UA_ByteString *thumbprint) { SET_CALLED(makeCertificateThumbprint); ck_assert(securityPolicy != NULL); ck_assert(certificate != NULL); ck_assert(thumbprint != NULL); ck_assert_msg(thumbprint->length == 20, "Thumbprints have to be 20 bytes long (current specification)"); memset(thumbprint->data, 42, 20); return UA_STATUSCODE_GOOD; } static UA_StatusCode compareThumbprint_testing(const UA_SecurityPolicy *securityPolicy, const UA_ByteString *certificateThumbprint) { return UA_STATUSCODE_GOOD; } static UA_StatusCode generateKey_testing(const UA_SecurityPolicy *securityPolicy, const UA_ByteString *secret, const UA_ByteString *seed, UA_ByteString *out) { ck_assert(securityPolicy != NULL); ck_assert(secret != NULL); ck_assert(seed != NULL); ck_assert(out != NULL); SET_CALLED(generateKey); return UA_STATUSCODE_GOOD; } static UA_StatusCode generateNonce_testing(const UA_SecurityPolicy *securityPolicy, UA_ByteString *out) { ck_assert(securityPolicy != NULL); ck_assert(out != NULL); if(out->length != 0) ck_assert(out->data != NULL); memset(out->data, 'N', out->length); SET_CALLED(generateNonce); return UA_STATUSCODE_GOOD; } static UA_StatusCode newContext_testing(const UA_SecurityPolicy *securityPolicy, const UA_ByteString *remoteCertificate, void **channelContext) { SET_CALLED(newContext); ck_assert(securityPolicy != NULL); ck_assert(remoteCertificate != NULL); ck_assert(channelContext != NULL); ck_assert(funcsCalled != NULL); *channelContext = (void *) funcsCalled; return UA_STATUSCODE_GOOD; } static void deleteContext_testing(void *channelContext) { SET_CALLED(deleteContext); ck_assert(channelContext != NULL); } static UA_StatusCode setLocalSymEncryptingKey_testing(void *channelContext, const UA_ByteString *val) { SET_CALLED(setLocalSymEncryptingKey); ck_assert(channelContext != NULL); ck_assert(val != NULL); ck_assert(val->data != NULL); ck_assert_msg(val->length == keySizes->sym_enc_keyLen, "Expected length to be %i but got %i", keySizes->sym_enc_keyLen, val->length); return UA_STATUSCODE_GOOD; } static UA_StatusCode setLocalSymSigningKey_testing(void *channelContext, const UA_ByteString *val) { SET_CALLED(setLocalSymSigningKey); ck_assert(channelContext != NULL); ck_assert(val != NULL); ck_assert(val->data != NULL); ck_assert_msg(val->length == keySizes->sym_sig_keyLen, "Expected length to be %i but got %i", keySizes->sym_sig_keyLen, val->length); return UA_STATUSCODE_GOOD; } static UA_StatusCode setLocalSymIv_testing(void *channelContext, const UA_ByteString *val) { SET_CALLED(setLocalSymIv); ck_assert(channelContext != NULL); ck_assert(val != NULL); ck_assert(val->data != NULL); ck_assert_msg(val->length == keySizes->sym_enc_blockSize, "Expected length to be %i but got %i", keySizes->sym_enc_blockSize, val->length); return UA_STATUSCODE_GOOD; } static UA_StatusCode setRemoteSymEncryptingKey_testing(void *channelContext, const UA_ByteString *val) { SET_CALLED(setRemoteSymEncryptingKey); ck_assert(channelContext != NULL); ck_assert(val != NULL); ck_assert(val->data != NULL); ck_assert_msg(val->length == keySizes->sym_enc_keyLen, "Expected length to be %i but got %i", keySizes->sym_enc_keyLen, val->length); return UA_STATUSCODE_GOOD; } static UA_StatusCode setRemoteSymSigningKey_testing(void *channelContext, const UA_ByteString *val) { SET_CALLED(setRemoteSymSigningKey); ck_assert(channelContext != NULL); ck_assert(val != NULL); ck_assert(val->data != NULL); ck_assert_msg(val->length == keySizes->sym_sig_keyLen, "Expected length to be %i but got %i", keySizes->sym_sig_keyLen, val->length); return UA_STATUSCODE_GOOD; } static UA_StatusCode setRemoteSymIv_testing(void *channelContext, const UA_ByteString *val) { SET_CALLED(setRemoteSymIv); ck_assert(channelContext != NULL); ck_assert(val != NULL); ck_assert(val->data != NULL); ck_assert_msg(val->length == keySizes->sym_enc_blockSize, "Expected length to be %i but got %i", keySizes->sym_enc_blockSize, val->length); return UA_STATUSCODE_GOOD; } static size_t getRemoteAsymPlainTextBlockSize_testing(const void *channelContext) { return keySizes->asym_rmt_ptext_blocksize; } static size_t getRemoteAsymEncryptionBufferLengthOverhead_testing(const void *channelContext, size_t maxEncryptionLength) { return 0; } static UA_StatusCode compareCertificate_testing(const void *channelContext, const UA_ByteString *certificate) { return UA_STATUSCODE_GOOD; } static void policy_deletemembers_testing(UA_SecurityPolicy *policy) { UA_ByteString_deleteMembers(&policy->localCertificate); } UA_StatusCode TestingPolicy(UA_SecurityPolicy *policy, const UA_ByteString localCertificate, funcs_called *fCalled, const key_sizes *kSizes) { keySizes = kSizes; funcsCalled = fCalled; policy->policyContext = (void *) funcsCalled; policy->policyUri = UA_STRING("http://opcfoundation.org/UA/SecurityPolicy#Testing"); policy->logger = UA_Log_Stdout; policy->certificateVerification = NULL; UA_ByteString_copy(&localCertificate, &policy->localCertificate); policy->asymmetricModule.makeCertificateThumbprint = makeThumbprint_testing; policy->asymmetricModule.compareCertificateThumbprint = compareThumbprint_testing; policy->asymmetricModule.cryptoModule.signatureAlgorithmUri = UA_STRING_NULL; policy->asymmetricModule.cryptoModule.verify = verify_testing; policy->asymmetricModule.cryptoModule.sign = asym_sign_testing; policy->asymmetricModule.cryptoModule.getLocalSignatureSize = asym_getLocalSignatureSize_testing; policy->asymmetricModule.cryptoModule.getRemoteSignatureSize = asym_getRemoteSignatureSize_testing; policy->asymmetricModule.cryptoModule.encrypt = asym_encrypt_testing; policy->asymmetricModule.cryptoModule.decrypt = decrypt_testing; policy->asymmetricModule.cryptoModule.getLocalEncryptionKeyLength = asym_getLocalEncryptionKeyLength_testing; policy->asymmetricModule.cryptoModule.getRemoteEncryptionKeyLength = asym_getRemoteEncryptionKeyLength_testing; policy->symmetricModule.generateKey = generateKey_testing; policy->symmetricModule.generateNonce = generateNonce_testing; policy->symmetricModule.cryptoModule.signatureAlgorithmUri = UA_STRING_NULL; policy->symmetricModule.cryptoModule.verify = verify_testing; policy->symmetricModule.cryptoModule.sign = sym_sign_testing; policy->symmetricModule.cryptoModule.getLocalSignatureSize = sym_getLocalSignatureSize_testing; policy->symmetricModule.cryptoModule.getRemoteSignatureSize = sym_getRemoteSignatureSize_testing; policy->symmetricModule.cryptoModule.encrypt = sym_encrypt_testing; policy->symmetricModule.cryptoModule.decrypt = decrypt_testing; policy->symmetricModule.cryptoModule.getLocalEncryptionKeyLength = sym_getLocalEncryptionKeyLength_testing; policy->symmetricModule.cryptoModule.getRemoteEncryptionKeyLength = sym_getRemoteEncryptionKeyLength_testing; policy->symmetricModule.encryptionBlockSize = keySizes->sym_enc_blockSize; policy->symmetricModule.signingKeyLength = keySizes->sym_sig_keyLen; policy->channelModule.newContext = newContext_testing; policy->channelModule.deleteContext = deleteContext_testing; policy->channelModule.setLocalSymEncryptingKey = setLocalSymEncryptingKey_testing; policy->channelModule.setLocalSymSigningKey = setLocalSymSigningKey_testing; policy->channelModule.setLocalSymIv = setLocalSymIv_testing; policy->channelModule.setRemoteSymEncryptingKey = setRemoteSymEncryptingKey_testing; policy->channelModule.setRemoteSymSigningKey = setRemoteSymSigningKey_testing; policy->channelModule.setRemoteSymIv = setRemoteSymIv_testing; policy->channelModule.compareCertificate = compareCertificate_testing; policy->channelModule.getRemoteAsymPlainTextBlockSize = getRemoteAsymPlainTextBlockSize_testing; policy->channelModule.getRemoteAsymEncryptionBufferLengthOverhead = getRemoteAsymEncryptionBufferLengthOverhead_testing; policy->deleteMembers = policy_deletemembers_testing; return UA_STATUSCODE_GOOD; } #endif