/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #ifndef __clang_analyzer__ #include "testing_policy.h" #include #include #define SET_CALLED(func) funcsCalled->func = true static funcs_called *funcsCalled; static const key_sizes *keySizes; static UA_StatusCode verify_testing(const UA_SecurityPolicy *securityPolicy, void *channelContext, const UA_ByteString *message, const UA_ByteString *signature) { return UA_STATUSCODE_GOOD; } static UA_StatusCode asym_sign_testing(const UA_SecurityPolicy *securityPolicy, void *channelContext, const UA_ByteString *message, UA_ByteString *signature) { SET_CALLED(asym_sign); ck_assert(securityPolicy != NULL); ck_assert(channelContext != NULL); ck_assert(message != NULL); ck_assert(signature != NULL); ck_assert_msg(signature->length == keySizes->asym_lcl_sig_size, "Expected signature length to be %i but was %i", keySizes->asym_lcl_sig_size, signature->length); memset(signature->data, '*', signature->length); return UA_STATUSCODE_GOOD; } static UA_StatusCode sym_sign_testing(const UA_SecurityPolicy *securityPolicy, void *channelContext, const UA_ByteString *message, UA_ByteString *signature) { SET_CALLED(sym_sign); ck_assert(securityPolicy != NULL); ck_assert(channelContext != NULL); ck_assert(message != NULL); ck_assert(signature != NULL); ck_assert(signature->length != 0); ck_assert(signature->data != NULL); memset(signature->data, 'S', signature->length); return UA_STATUSCODE_GOOD; } static size_t asym_getLocalSignatureSize_testing(const UA_SecurityPolicy *securityPolicy, const void *channelContext) { ck_assert(securityPolicy != NULL); ck_assert(channelContext != NULL); return keySizes->asym_lcl_sig_size; } static size_t asym_getRemoteSignatureSize_testing(const UA_SecurityPolicy *securityPolicy, const void *channelContext) { ck_assert(securityPolicy != NULL); ck_assert(channelContext != NULL); return keySizes->asym_rmt_sig_size; } static size_t asym_getLocalEncryptionKeyLength_testing(const UA_SecurityPolicy *securityPolicy, const void *channelContext) { ck_assert(securityPolicy != NULL); ck_assert(channelContext != NULL); return keySizes->asym_lcl_enc_key_size; } static size_t asym_getRemoteEncryptionKeyLength_testing(const UA_SecurityPolicy *securityPolicy, const void *channelContext) { ck_assert(securityPolicy != NULL); ck_assert(channelContext != NULL); return keySizes->asym_rmt_enc_key_size; } static size_t sym_getLocalSignatureSize_testing(const UA_SecurityPolicy *securityPolicy, const void *channelContext) { ck_assert(securityPolicy != NULL); ck_assert(channelContext != NULL); return keySizes->sym_sig_size; } static size_t sym_getRemoteSignatureSize_testing(const UA_SecurityPolicy *securityPolicy, const void *channelContext) { ck_assert(securityPolicy != NULL); ck_assert(channelContext != NULL); return keySizes->sym_sig_size; } static size_t sym_getLocalSigningKeyLength_testing(const UA_SecurityPolicy *securityPolicy, const void *channelContext) { ck_assert(securityPolicy != NULL); ck_assert(channelContext != NULL); return keySizes->sym_sig_keyLen; } static size_t sym_getRemoteSigningKeyLength_testing(const UA_SecurityPolicy *securityPolicy, const void *channelContext) { ck_assert(securityPolicy != NULL); ck_assert(channelContext != NULL); return keySizes->sym_sig_keyLen; // TODO: Remote sig key len } static size_t sym_getLocalEncryptionKeyLength_testing(const UA_SecurityPolicy *securityPolicy, const void *channelContext) { ck_assert(securityPolicy != NULL); ck_assert(channelContext != NULL); return keySizes->sym_enc_keyLen; } static size_t sym_getRemoteEncryptionKeyLength_testing(const UA_SecurityPolicy *securityPolicy, const void *channelContext) { ck_assert(securityPolicy != NULL); ck_assert(channelContext != NULL); return keySizes->sym_enc_keyLen; } static size_t sym_getLocalEncryptionBlockSize_testing(const UA_SecurityPolicy *securityPolicy, const void *channelContext) { ck_assert(securityPolicy != NULL); ck_assert(channelContext != NULL); return keySizes->sym_enc_blockSize; } static size_t sym_getRemoteEncryptionBlockSize_testing(const UA_SecurityPolicy *securityPolicy, const void *channelContext) { ck_assert(securityPolicy != NULL); ck_assert(channelContext != NULL); return keySizes->sym_enc_blockSize; // TODO: Different size for remote } static UA_StatusCode sym_encrypt_testing(const UA_SecurityPolicy *securityPolicy, void *channelContext, UA_ByteString *data) { SET_CALLED(sym_enc); ck_assert(securityPolicy != NULL); ck_assert(channelContext != NULL); ck_assert(data != NULL); return UA_STATUSCODE_GOOD; } static UA_StatusCode asym_encrypt_testing(const UA_SecurityPolicy *securityPolicy, void *channelContext, UA_ByteString *data) { SET_CALLED(asym_enc); ck_assert(securityPolicy != NULL); ck_assert(channelContext != NULL); ck_assert(data != NULL); size_t blockSize = securityPolicy->asymmetricModule.cryptoModule.encryptionAlgorithm.getRemotePlainTextBlockSize(securityPolicy, channelContext); ck_assert_msg(data->length % blockSize == 0, "Expected the length of the data to be encrypted to be a multiple of the plaintext block size (%i). " "Remainder was %i", blockSize, data->length % blockSize); for(size_t i = 0; i < data->length; ++i) { data->data[i] = (UA_Byte)((data->data[i] + 1) % (UA_BYTE_MAX + 1)); } return UA_STATUSCODE_GOOD; } static UA_StatusCode decrypt_testing(const UA_SecurityPolicy *securityPolicy, void *channelContext, UA_ByteString *data) { return UA_STATUSCODE_GOOD; } static UA_StatusCode makeThumbprint_testing(const UA_SecurityPolicy *securityPolicy, const UA_ByteString *certificate, UA_ByteString *thumbprint) { SET_CALLED(makeCertificateThumbprint); ck_assert(securityPolicy != NULL); ck_assert(certificate != NULL); ck_assert(thumbprint != NULL); ck_assert_msg(thumbprint->length == 20, "Thumbprints have to be 20 bytes long (current specification)"); memset(thumbprint->data, 42, 20); return UA_STATUSCODE_GOOD; } static UA_StatusCode compareThumbprint_testing(const UA_SecurityPolicy *securityPolicy, const UA_ByteString *certificateThumbprint) { return UA_STATUSCODE_GOOD; } static UA_StatusCode generateKey_testing(const UA_SecurityPolicy *securityPolicy, const UA_ByteString *secret, const UA_ByteString *seed, UA_ByteString *out) { ck_assert(securityPolicy != NULL); ck_assert(secret != NULL); ck_assert(seed != NULL); ck_assert(out != NULL); SET_CALLED(generateKey); return UA_STATUSCODE_GOOD; } static UA_StatusCode generateNonce_testing(const UA_SecurityPolicy *securityPolicy, UA_ByteString *out) { ck_assert(securityPolicy != NULL); ck_assert(out != NULL); memset(out->data, 'N', out->length); SET_CALLED(generateNonce); return UA_STATUSCODE_GOOD; } static UA_StatusCode newContext_testing(const UA_SecurityPolicy *securityPolicy, const UA_ByteString *remoteCertificate, void **channelContext) { SET_CALLED(newContext); ck_assert(securityPolicy != NULL); ck_assert(remoteCertificate != NULL); ck_assert(channelContext != NULL); ck_assert(funcsCalled != NULL); *channelContext = (void *)funcsCalled; return UA_STATUSCODE_GOOD; } static void deleteContext_testing(void *channelContext) { SET_CALLED(deleteContext); ck_assert(channelContext != NULL); } static UA_StatusCode setLocalSymEncryptingKey_testing(void *channelContext, const UA_ByteString *val) { SET_CALLED(setLocalSymEncryptingKey); ck_assert(channelContext != NULL); ck_assert(val != NULL); ck_assert(val->data != NULL); ck_assert_msg(val->length == keySizes->sym_enc_keyLen, "Expected length to be %i but got %i", keySizes->sym_enc_keyLen, val->length); return UA_STATUSCODE_GOOD; } static UA_StatusCode setLocalSymSigningKey_testing(void *channelContext, const UA_ByteString *val) { SET_CALLED(setLocalSymSigningKey); ck_assert(channelContext != NULL); ck_assert(val != NULL); ck_assert(val->data != NULL); ck_assert_msg(val->length == keySizes->sym_sig_keyLen, "Expected length to be %i but got %i", keySizes->sym_sig_keyLen, val->length); return UA_STATUSCODE_GOOD; } static UA_StatusCode setLocalSymIv_testing(void *channelContext, const UA_ByteString *val) { SET_CALLED(setLocalSymIv); ck_assert(channelContext != NULL); ck_assert(val != NULL); ck_assert(val->data != NULL); ck_assert_msg(val->length == keySizes->sym_enc_blockSize, "Expected length to be %i but got %i", keySizes->sym_enc_blockSize, val->length); return UA_STATUSCODE_GOOD; } static UA_StatusCode setRemoteSymEncryptingKey_testing(void *channelContext, const UA_ByteString *val) { SET_CALLED(setRemoteSymEncryptingKey); ck_assert(channelContext != NULL); ck_assert(val != NULL); ck_assert(val->data != NULL); ck_assert_msg(val->length == keySizes->sym_enc_keyLen, "Expected length to be %i but got %i", keySizes->sym_enc_keyLen, val->length); return UA_STATUSCODE_GOOD; } static UA_StatusCode setRemoteSymSigningKey_testing(void *channelContext, const UA_ByteString *val) { SET_CALLED(setRemoteSymSigningKey); ck_assert(channelContext != NULL); ck_assert(val != NULL); ck_assert(val->data != NULL); ck_assert_msg(val->length == keySizes->sym_sig_keyLen, "Expected length to be %i but got %i", keySizes->sym_sig_keyLen, val->length); return UA_STATUSCODE_GOOD; } static UA_StatusCode setRemoteSymIv_testing(void *channelContext, const UA_ByteString *val) { SET_CALLED(setRemoteSymIv); ck_assert(channelContext != NULL); ck_assert(val != NULL); ck_assert(val->data != NULL); ck_assert_msg(val->length == keySizes->sym_enc_blockSize, "Expected length to be %i but got %i", keySizes->sym_enc_blockSize, val->length); return UA_STATUSCODE_GOOD; } static size_t asym_getRemotePlainTextBlockSize_testing(const UA_SecurityPolicy *securityPolicy, const void *channelContext) { return keySizes->asym_rmt_ptext_blocksize; } static size_t asym_getRemoteBlockSize_testing(const UA_SecurityPolicy *securityPolicy, const void *channelContext) { return keySizes->asym_rmt_blocksize; } static UA_StatusCode compareCertificate_testing(const void *channelContext, const UA_ByteString *certificate) { return UA_STATUSCODE_GOOD; } static void policy_deletemembers_testing(UA_SecurityPolicy *policy) { UA_ByteString_deleteMembers(&policy->localCertificate); } UA_StatusCode TestingPolicy(UA_SecurityPolicy *policy, UA_ByteString localCertificate, funcs_called *fCalled, const key_sizes *kSizes) { keySizes = kSizes; funcsCalled = fCalled; policy->policyContext = (void *)funcsCalled; policy->policyUri = UA_STRING("http://opcfoundation.org/UA/SecurityPolicy#Testing"); policy->logger = UA_Log_Stdout; policy->certificateVerification = NULL; UA_ByteString_copy(&localCertificate, &policy->localCertificate); policy->asymmetricModule.makeCertificateThumbprint = makeThumbprint_testing; policy->asymmetricModule.compareCertificateThumbprint = compareThumbprint_testing; UA_SecurityPolicySignatureAlgorithm *asym_signatureAlgorithm = &policy->asymmetricModule.cryptoModule.signatureAlgorithm; asym_signatureAlgorithm->uri = UA_STRING_NULL; asym_signatureAlgorithm->verify = verify_testing; asym_signatureAlgorithm->sign = asym_sign_testing; asym_signatureAlgorithm->getLocalSignatureSize = asym_getLocalSignatureSize_testing; asym_signatureAlgorithm->getRemoteSignatureSize = asym_getRemoteSignatureSize_testing; UA_SecurityPolicyEncryptionAlgorithm *asym_encryptionAlgorithm = &policy->asymmetricModule.cryptoModule.encryptionAlgorithm; asym_encryptionAlgorithm->encrypt = asym_encrypt_testing; asym_encryptionAlgorithm->decrypt = decrypt_testing; asym_encryptionAlgorithm->getLocalKeyLength = asym_getLocalEncryptionKeyLength_testing; asym_encryptionAlgorithm->getRemoteKeyLength = asym_getRemoteEncryptionKeyLength_testing; asym_encryptionAlgorithm->getRemotePlainTextBlockSize = asym_getRemotePlainTextBlockSize_testing; asym_encryptionAlgorithm->getRemoteBlockSize = asym_getRemoteBlockSize_testing; policy->symmetricModule.generateKey = generateKey_testing; policy->symmetricModule.generateNonce = generateNonce_testing; UA_SecurityPolicySignatureAlgorithm *sym_signatureAlgorithm = &policy->symmetricModule.cryptoModule.signatureAlgorithm; sym_signatureAlgorithm->uri = UA_STRING_NULL; sym_signatureAlgorithm->verify = verify_testing; sym_signatureAlgorithm->sign = sym_sign_testing; sym_signatureAlgorithm->getLocalSignatureSize = sym_getLocalSignatureSize_testing; sym_signatureAlgorithm->getRemoteSignatureSize = sym_getRemoteSignatureSize_testing; sym_signatureAlgorithm->getLocalKeyLength = sym_getLocalSigningKeyLength_testing; sym_signatureAlgorithm->getRemoteKeyLength = sym_getRemoteSigningKeyLength_testing; UA_SecurityPolicyEncryptionAlgorithm *sym_encryptionAlgorithm = &policy->symmetricModule.cryptoModule.encryptionAlgorithm; sym_encryptionAlgorithm->encrypt = sym_encrypt_testing; sym_encryptionAlgorithm->decrypt = decrypt_testing; sym_encryptionAlgorithm->getLocalKeyLength = sym_getLocalEncryptionKeyLength_testing; sym_encryptionAlgorithm->getRemoteKeyLength = sym_getRemoteEncryptionKeyLength_testing; sym_encryptionAlgorithm->getLocalBlockSize = sym_getLocalEncryptionBlockSize_testing; sym_encryptionAlgorithm->getRemoteBlockSize = sym_getRemoteEncryptionBlockSize_testing; policy->channelModule.newContext = newContext_testing; policy->channelModule.deleteContext = deleteContext_testing; policy->channelModule.setLocalSymEncryptingKey = setLocalSymEncryptingKey_testing; policy->channelModule.setLocalSymSigningKey = setLocalSymSigningKey_testing; policy->channelModule.setLocalSymIv = setLocalSymIv_testing; policy->channelModule.setRemoteSymEncryptingKey = setRemoteSymEncryptingKey_testing; policy->channelModule.setRemoteSymSigningKey = setRemoteSymSigningKey_testing; policy->channelModule.setRemoteSymIv = setRemoteSymIv_testing; policy->channelModule.compareCertificate = compareCertificate_testing; policy->deleteMembers = policy_deletemembers_testing; return UA_STATUSCODE_GOOD; } #endif