testing_policy.c 16 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446
  1. /* This Source Code Form is subject to the terms of the Mozilla Public
  2. * License, v. 2.0. If a copy of the MPL was not distributed with this
  3. * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
  4. #ifndef __clang_analyzer__
  5. #include "testing_policy.h"
  6. #include <open62541/plugin/log_stdout.h>
  7. #include <check.h>
  8. #define SET_CALLED(func) funcsCalled->func = true
  9. static funcs_called *funcsCalled;
  10. static const key_sizes *keySizes;
  11. static UA_StatusCode
  12. verify_testing(const UA_SecurityPolicy *securityPolicy,
  13. void *channelContext,
  14. const UA_ByteString *message,
  15. const UA_ByteString *signature) {
  16. return UA_STATUSCODE_GOOD;
  17. }
  18. static UA_StatusCode
  19. asym_sign_testing(const UA_SecurityPolicy *securityPolicy,
  20. void *channelContext,
  21. const UA_ByteString *message,
  22. UA_ByteString *signature) {
  23. SET_CALLED(asym_sign);
  24. ck_assert(securityPolicy != NULL);
  25. ck_assert(channelContext != NULL);
  26. ck_assert(message != NULL);
  27. ck_assert(signature != NULL);
  28. ck_assert_msg(signature->length == keySizes->asym_lcl_sig_size,
  29. "Expected signature length to be %i but was %i",
  30. keySizes->asym_lcl_sig_size,
  31. signature->length);
  32. memset(signature->data, '*', signature->length);
  33. return UA_STATUSCODE_GOOD;
  34. }
  35. static UA_StatusCode
  36. sym_sign_testing(const UA_SecurityPolicy *securityPolicy,
  37. void *channelContext,
  38. const UA_ByteString *message,
  39. UA_ByteString *signature) {
  40. SET_CALLED(sym_sign);
  41. ck_assert(securityPolicy != NULL);
  42. ck_assert(channelContext != NULL);
  43. ck_assert(message != NULL);
  44. ck_assert(signature != NULL);
  45. ck_assert(signature->length != 0);
  46. ck_assert(signature->data != NULL);
  47. memset(signature->data, 'S', signature->length);
  48. return UA_STATUSCODE_GOOD;
  49. }
  50. static size_t
  51. asym_getLocalSignatureSize_testing(const UA_SecurityPolicy *securityPolicy,
  52. const void *channelContext) {
  53. ck_assert(securityPolicy != NULL);
  54. ck_assert(channelContext != NULL);
  55. return keySizes->asym_lcl_sig_size;
  56. }
  57. static size_t
  58. asym_getRemoteSignatureSize_testing(const UA_SecurityPolicy *securityPolicy,
  59. const void *channelContext) {
  60. ck_assert(securityPolicy != NULL);
  61. ck_assert(channelContext != NULL);
  62. return keySizes->asym_rmt_sig_size;
  63. }
  64. static size_t
  65. asym_getLocalEncryptionKeyLength_testing(const UA_SecurityPolicy *securityPolicy,
  66. const void *channelContext) {
  67. ck_assert(securityPolicy != NULL);
  68. ck_assert(channelContext != NULL);
  69. return keySizes->asym_lcl_enc_key_size;
  70. }
  71. static size_t
  72. asym_getRemoteEncryptionKeyLength_testing(const UA_SecurityPolicy *securityPolicy,
  73. const void *channelContext) {
  74. ck_assert(securityPolicy != NULL);
  75. ck_assert(channelContext != NULL);
  76. return keySizes->asym_rmt_enc_key_size;
  77. }
  78. static size_t
  79. sym_getLocalSignatureSize_testing(const UA_SecurityPolicy *securityPolicy,
  80. const void *channelContext) {
  81. ck_assert(securityPolicy != NULL);
  82. ck_assert(channelContext != NULL);
  83. return keySizes->sym_sig_size;
  84. }
  85. static size_t
  86. sym_getRemoteSignatureSize_testing(const UA_SecurityPolicy *securityPolicy,
  87. const void *channelContext) {
  88. ck_assert(securityPolicy != NULL);
  89. ck_assert(channelContext != NULL);
  90. return keySizes->sym_sig_size;
  91. }
  92. static size_t
  93. sym_getLocalSigningKeyLength_testing(const UA_SecurityPolicy *securityPolicy,
  94. const void *channelContext) {
  95. ck_assert(securityPolicy != NULL);
  96. ck_assert(channelContext != NULL);
  97. return keySizes->sym_sig_keyLen;
  98. }
  99. static size_t
  100. sym_getRemoteSigningKeyLength_testing(const UA_SecurityPolicy *securityPolicy,
  101. const void *channelContext) {
  102. ck_assert(securityPolicy != NULL);
  103. ck_assert(channelContext != NULL);
  104. return keySizes->sym_sig_keyLen; // TODO: Remote sig key len
  105. }
  106. static size_t
  107. sym_getLocalEncryptionKeyLength_testing(const UA_SecurityPolicy *securityPolicy,
  108. const void *channelContext) {
  109. ck_assert(securityPolicy != NULL);
  110. ck_assert(channelContext != NULL);
  111. return keySizes->sym_enc_keyLen;
  112. }
  113. static size_t
  114. sym_getRemoteEncryptionKeyLength_testing(const UA_SecurityPolicy *securityPolicy,
  115. const void *channelContext) {
  116. ck_assert(securityPolicy != NULL);
  117. ck_assert(channelContext != NULL);
  118. return keySizes->sym_enc_keyLen;
  119. }
  120. static size_t
  121. sym_getLocalEncryptionBlockSize_testing(const UA_SecurityPolicy *securityPolicy,
  122. const void *channelContext) {
  123. ck_assert(securityPolicy != NULL);
  124. ck_assert(channelContext != NULL);
  125. return keySizes->sym_enc_blockSize;
  126. }
  127. static size_t
  128. sym_getRemoteEncryptionBlockSize_testing(const UA_SecurityPolicy *securityPolicy,
  129. const void *channelContext) {
  130. ck_assert(securityPolicy != NULL);
  131. ck_assert(channelContext != NULL);
  132. return keySizes->sym_enc_blockSize; // TODO: Different size for remote
  133. }
  134. static UA_StatusCode
  135. sym_encrypt_testing(const UA_SecurityPolicy *securityPolicy,
  136. void *channelContext,
  137. UA_ByteString *data) {
  138. SET_CALLED(sym_enc);
  139. ck_assert(securityPolicy != NULL);
  140. ck_assert(channelContext != NULL);
  141. ck_assert(data != NULL);
  142. return UA_STATUSCODE_GOOD;
  143. }
  144. static UA_StatusCode
  145. asym_encrypt_testing(const UA_SecurityPolicy *securityPolicy,
  146. void *channelContext,
  147. UA_ByteString *data) {
  148. SET_CALLED(asym_enc);
  149. ck_assert(securityPolicy != NULL);
  150. ck_assert(channelContext != NULL);
  151. ck_assert(data != NULL);
  152. size_t blockSize =
  153. securityPolicy->asymmetricModule.cryptoModule.encryptionAlgorithm.getRemotePlainTextBlockSize(securityPolicy,
  154. channelContext);
  155. ck_assert_msg(data->length % blockSize == 0,
  156. "Expected the length of the data to be encrypted to be a multiple of the plaintext block size (%i). "
  157. "Remainder was %i",
  158. blockSize,
  159. data->length % blockSize);
  160. for(size_t i = 0; i < data->length; ++i) {
  161. data->data[i] = (UA_Byte)((data->data[i] + 1) % (UA_BYTE_MAX + 1));
  162. }
  163. return UA_STATUSCODE_GOOD;
  164. }
  165. static UA_StatusCode
  166. decrypt_testing(const UA_SecurityPolicy *securityPolicy,
  167. void *channelContext,
  168. UA_ByteString *data) {
  169. return UA_STATUSCODE_GOOD;
  170. }
  171. static UA_StatusCode
  172. makeThumbprint_testing(const UA_SecurityPolicy *securityPolicy,
  173. const UA_ByteString *certificate,
  174. UA_ByteString *thumbprint) {
  175. SET_CALLED(makeCertificateThumbprint);
  176. ck_assert(securityPolicy != NULL);
  177. ck_assert(certificate != NULL);
  178. ck_assert(thumbprint != NULL);
  179. ck_assert_msg(thumbprint->length == 20, "Thumbprints have to be 20 bytes long (current specification)");
  180. memset(thumbprint->data, 42, 20);
  181. return UA_STATUSCODE_GOOD;
  182. }
  183. static UA_StatusCode
  184. compareThumbprint_testing(const UA_SecurityPolicy *securityPolicy,
  185. const UA_ByteString *certificateThumbprint) {
  186. return UA_STATUSCODE_GOOD;
  187. }
  188. static UA_StatusCode
  189. generateKey_testing(const UA_SecurityPolicy *securityPolicy,
  190. const UA_ByteString *secret,
  191. const UA_ByteString *seed,
  192. UA_ByteString *out) {
  193. ck_assert(securityPolicy != NULL);
  194. ck_assert(secret != NULL);
  195. ck_assert(seed != NULL);
  196. ck_assert(out != NULL);
  197. SET_CALLED(generateKey);
  198. return UA_STATUSCODE_GOOD;
  199. }
  200. static UA_StatusCode
  201. generateNonce_testing(const UA_SecurityPolicy *securityPolicy,
  202. UA_ByteString *out) {
  203. ck_assert(securityPolicy != NULL);
  204. ck_assert(out != NULL);
  205. memset(out->data, 'N', out->length);
  206. SET_CALLED(generateNonce);
  207. return UA_STATUSCODE_GOOD;
  208. }
  209. static UA_StatusCode
  210. newContext_testing(const UA_SecurityPolicy *securityPolicy,
  211. const UA_ByteString *remoteCertificate,
  212. void **channelContext) {
  213. SET_CALLED(newContext);
  214. ck_assert(securityPolicy != NULL);
  215. ck_assert(remoteCertificate != NULL);
  216. ck_assert(channelContext != NULL);
  217. ck_assert(funcsCalled != NULL);
  218. *channelContext = (void *)funcsCalled;
  219. return UA_STATUSCODE_GOOD;
  220. }
  221. static void
  222. deleteContext_testing(void *channelContext) {
  223. SET_CALLED(deleteContext);
  224. ck_assert(channelContext != NULL);
  225. }
  226. static UA_StatusCode
  227. setLocalSymEncryptingKey_testing(void *channelContext,
  228. const UA_ByteString *val) {
  229. SET_CALLED(setLocalSymEncryptingKey);
  230. ck_assert(channelContext != NULL);
  231. ck_assert(val != NULL);
  232. ck_assert(val->data != NULL);
  233. ck_assert_msg(val->length == keySizes->sym_enc_keyLen,
  234. "Expected length to be %i but got %i",
  235. keySizes->sym_enc_keyLen,
  236. val->length);
  237. return UA_STATUSCODE_GOOD;
  238. }
  239. static UA_StatusCode
  240. setLocalSymSigningKey_testing(void *channelContext,
  241. const UA_ByteString *val) {
  242. SET_CALLED(setLocalSymSigningKey);
  243. ck_assert(channelContext != NULL);
  244. ck_assert(val != NULL);
  245. ck_assert(val->data != NULL);
  246. ck_assert_msg(val->length == keySizes->sym_sig_keyLen,
  247. "Expected length to be %i but got %i",
  248. keySizes->sym_sig_keyLen,
  249. val->length);
  250. return UA_STATUSCODE_GOOD;
  251. }
  252. static UA_StatusCode
  253. setLocalSymIv_testing(void *channelContext,
  254. const UA_ByteString *val) {
  255. SET_CALLED(setLocalSymIv);
  256. ck_assert(channelContext != NULL);
  257. ck_assert(val != NULL);
  258. ck_assert(val->data != NULL);
  259. ck_assert_msg(val->length == keySizes->sym_enc_blockSize,
  260. "Expected length to be %i but got %i",
  261. keySizes->sym_enc_blockSize,
  262. val->length);
  263. return UA_STATUSCODE_GOOD;
  264. }
  265. static UA_StatusCode
  266. setRemoteSymEncryptingKey_testing(void *channelContext,
  267. const UA_ByteString *val) {
  268. SET_CALLED(setRemoteSymEncryptingKey);
  269. ck_assert(channelContext != NULL);
  270. ck_assert(val != NULL);
  271. ck_assert(val->data != NULL);
  272. ck_assert_msg(val->length == keySizes->sym_enc_keyLen,
  273. "Expected length to be %i but got %i",
  274. keySizes->sym_enc_keyLen,
  275. val->length);
  276. return UA_STATUSCODE_GOOD;
  277. }
  278. static UA_StatusCode
  279. setRemoteSymSigningKey_testing(void *channelContext,
  280. const UA_ByteString *val) {
  281. SET_CALLED(setRemoteSymSigningKey);
  282. ck_assert(channelContext != NULL);
  283. ck_assert(val != NULL);
  284. ck_assert(val->data != NULL);
  285. ck_assert_msg(val->length == keySizes->sym_sig_keyLen,
  286. "Expected length to be %i but got %i",
  287. keySizes->sym_sig_keyLen,
  288. val->length);
  289. return UA_STATUSCODE_GOOD;
  290. }
  291. static UA_StatusCode
  292. setRemoteSymIv_testing(void *channelContext,
  293. const UA_ByteString *val) {
  294. SET_CALLED(setRemoteSymIv);
  295. ck_assert(channelContext != NULL);
  296. ck_assert(val != NULL);
  297. ck_assert(val->data != NULL);
  298. ck_assert_msg(val->length == keySizes->sym_enc_blockSize,
  299. "Expected length to be %i but got %i",
  300. keySizes->sym_enc_blockSize,
  301. val->length);
  302. return UA_STATUSCODE_GOOD;
  303. }
  304. static size_t
  305. asym_getRemotePlainTextBlockSize_testing(const UA_SecurityPolicy *securityPolicy,
  306. const void *channelContext) {
  307. return keySizes->asym_rmt_ptext_blocksize;
  308. }
  309. static size_t
  310. asym_getRemoteBlockSize_testing(const UA_SecurityPolicy *securityPolicy,
  311. const void *channelContext) {
  312. return keySizes->asym_rmt_blocksize;
  313. }
  314. static UA_StatusCode
  315. compareCertificate_testing(const void *channelContext,
  316. const UA_ByteString *certificate) {
  317. return UA_STATUSCODE_GOOD;
  318. }
  319. static void
  320. policy_clear_testing(UA_SecurityPolicy *policy) {
  321. UA_ByteString_deleteMembers(&policy->localCertificate);
  322. }
  323. UA_StatusCode
  324. TestingPolicy(UA_SecurityPolicy *policy, UA_ByteString localCertificate,
  325. funcs_called *fCalled, const key_sizes *kSizes) {
  326. keySizes = kSizes;
  327. funcsCalled = fCalled;
  328. policy->policyContext = (void *)funcsCalled;
  329. policy->policyUri = UA_STRING("http://opcfoundation.org/UA/SecurityPolicy#Testing");
  330. policy->logger = UA_Log_Stdout;
  331. policy->certificateVerification = NULL;
  332. UA_ByteString_copy(&localCertificate, &policy->localCertificate);
  333. policy->asymmetricModule.makeCertificateThumbprint = makeThumbprint_testing;
  334. policy->asymmetricModule.compareCertificateThumbprint = compareThumbprint_testing;
  335. UA_SecurityPolicySignatureAlgorithm *asym_signatureAlgorithm =
  336. &policy->asymmetricModule.cryptoModule.signatureAlgorithm;
  337. asym_signatureAlgorithm->uri = UA_STRING_NULL;
  338. asym_signatureAlgorithm->verify = verify_testing;
  339. asym_signatureAlgorithm->sign = asym_sign_testing;
  340. asym_signatureAlgorithm->getLocalSignatureSize = asym_getLocalSignatureSize_testing;
  341. asym_signatureAlgorithm->getRemoteSignatureSize = asym_getRemoteSignatureSize_testing;
  342. UA_SecurityPolicyEncryptionAlgorithm *asym_encryptionAlgorithm =
  343. &policy->asymmetricModule.cryptoModule.encryptionAlgorithm;
  344. asym_encryptionAlgorithm->encrypt = asym_encrypt_testing;
  345. asym_encryptionAlgorithm->decrypt = decrypt_testing;
  346. asym_encryptionAlgorithm->getLocalKeyLength = asym_getLocalEncryptionKeyLength_testing;
  347. asym_encryptionAlgorithm->getRemoteKeyLength = asym_getRemoteEncryptionKeyLength_testing;
  348. asym_encryptionAlgorithm->getRemotePlainTextBlockSize = asym_getRemotePlainTextBlockSize_testing;
  349. asym_encryptionAlgorithm->getRemoteBlockSize = asym_getRemoteBlockSize_testing;
  350. policy->symmetricModule.generateKey = generateKey_testing;
  351. policy->symmetricModule.generateNonce = generateNonce_testing;
  352. UA_SecurityPolicySignatureAlgorithm *sym_signatureAlgorithm =
  353. &policy->symmetricModule.cryptoModule.signatureAlgorithm;
  354. sym_signatureAlgorithm->uri = UA_STRING_NULL;
  355. sym_signatureAlgorithm->verify = verify_testing;
  356. sym_signatureAlgorithm->sign = sym_sign_testing;
  357. sym_signatureAlgorithm->getLocalSignatureSize = sym_getLocalSignatureSize_testing;
  358. sym_signatureAlgorithm->getRemoteSignatureSize = sym_getRemoteSignatureSize_testing;
  359. sym_signatureAlgorithm->getLocalKeyLength = sym_getLocalSigningKeyLength_testing;
  360. sym_signatureAlgorithm->getRemoteKeyLength = sym_getRemoteSigningKeyLength_testing;
  361. UA_SecurityPolicyEncryptionAlgorithm *sym_encryptionAlgorithm =
  362. &policy->symmetricModule.cryptoModule.encryptionAlgorithm;
  363. sym_encryptionAlgorithm->encrypt = sym_encrypt_testing;
  364. sym_encryptionAlgorithm->decrypt = decrypt_testing;
  365. sym_encryptionAlgorithm->getLocalKeyLength = sym_getLocalEncryptionKeyLength_testing;
  366. sym_encryptionAlgorithm->getRemoteKeyLength = sym_getRemoteEncryptionKeyLength_testing;
  367. sym_encryptionAlgorithm->getLocalBlockSize = sym_getLocalEncryptionBlockSize_testing;
  368. sym_encryptionAlgorithm->getRemoteBlockSize = sym_getRemoteEncryptionBlockSize_testing;
  369. policy->channelModule.newContext = newContext_testing;
  370. policy->channelModule.deleteContext = deleteContext_testing;
  371. policy->channelModule.setLocalSymEncryptingKey = setLocalSymEncryptingKey_testing;
  372. policy->channelModule.setLocalSymSigningKey = setLocalSymSigningKey_testing;
  373. policy->channelModule.setLocalSymIv = setLocalSymIv_testing;
  374. policy->channelModule.setRemoteSymEncryptingKey = setRemoteSymEncryptingKey_testing;
  375. policy->channelModule.setRemoteSymSigningKey = setRemoteSymSigningKey_testing;
  376. policy->channelModule.setRemoteSymIv = setRemoteSymIv_testing;
  377. policy->channelModule.compareCertificate = compareCertificate_testing;
  378. policy->clear = policy_clear_testing;
  379. return UA_STATUSCODE_GOOD;
  380. }
  381. #endif