testing_policy.c 16 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448
  1. /* This Source Code Form is subject to the terms of the Mozilla Public
  2. * License, v. 2.0. If a copy of the MPL was not distributed with this
  3. * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
  4. #ifndef __clang_analyzer__
  5. #include <ua_plugin_securitypolicy.h>
  6. #include "ua_types.h"
  7. #include "ua_plugin_securitypolicy.h"
  8. #include "ua_log_stdout.h"
  9. #include "ua_types_generated_handling.h"
  10. #include "testing_policy.h"
  11. #include "check.h"
  12. #define SET_CALLED(func) funcsCalled->func = true
  13. static funcs_called *funcsCalled;
  14. static const key_sizes *keySizes;
  15. static UA_StatusCode
  16. verify_testing(const UA_SecurityPolicy *securityPolicy,
  17. void *channelContext,
  18. const UA_ByteString *message,
  19. const UA_ByteString *signature) {
  20. return UA_STATUSCODE_GOOD;
  21. }
  22. static UA_StatusCode
  23. asym_sign_testing(const UA_SecurityPolicy *securityPolicy,
  24. void *channelContext,
  25. const UA_ByteString *message,
  26. UA_ByteString *signature) {
  27. SET_CALLED(asym_sign);
  28. ck_assert(securityPolicy != NULL);
  29. ck_assert(channelContext != NULL);
  30. ck_assert(message != NULL);
  31. ck_assert(signature != NULL);
  32. ck_assert_msg(signature->length == keySizes->asym_lcl_sig_size,
  33. "Expected signature length to be %i but was %i",
  34. keySizes->asym_lcl_sig_size,
  35. signature->length);
  36. memset(signature->data, '*', signature->length);
  37. return UA_STATUSCODE_GOOD;
  38. }
  39. static UA_StatusCode
  40. sym_sign_testing(const UA_SecurityPolicy *securityPolicy,
  41. void *channelContext,
  42. const UA_ByteString *message,
  43. UA_ByteString *signature) {
  44. SET_CALLED(sym_sign);
  45. ck_assert(securityPolicy != NULL);
  46. ck_assert(channelContext != NULL);
  47. ck_assert(message != NULL);
  48. ck_assert(signature != NULL);
  49. ck_assert(signature->length != 0);
  50. ck_assert(signature->data != NULL);
  51. memset(signature->data, 'S', signature->length);
  52. return UA_STATUSCODE_GOOD;
  53. }
  54. static size_t
  55. asym_getLocalSignatureSize_testing(const UA_SecurityPolicy *securityPolicy,
  56. const void *channelContext) {
  57. ck_assert(securityPolicy != NULL);
  58. ck_assert(channelContext != NULL);
  59. return keySizes->asym_lcl_sig_size;
  60. }
  61. static size_t
  62. asym_getRemoteSignatureSize_testing(const UA_SecurityPolicy *securityPolicy,
  63. const void *channelContext) {
  64. ck_assert(securityPolicy != NULL);
  65. ck_assert(channelContext != NULL);
  66. return keySizes->asym_rmt_sig_size;
  67. }
  68. static size_t
  69. asym_getLocalEncryptionKeyLength_testing(const UA_SecurityPolicy *securityPolicy,
  70. const void *channelContext) {
  71. ck_assert(securityPolicy != NULL);
  72. ck_assert(channelContext != NULL);
  73. return keySizes->asym_lcl_enc_key_size;
  74. }
  75. static size_t
  76. asym_getRemoteEncryptionKeyLength_testing(const UA_SecurityPolicy *securityPolicy,
  77. const void *channelContext) {
  78. ck_assert(securityPolicy != NULL);
  79. ck_assert(channelContext != NULL);
  80. return keySizes->asym_rmt_enc_key_size;
  81. }
  82. static size_t
  83. sym_getLocalSignatureSize_testing(const UA_SecurityPolicy *securityPolicy,
  84. const void *channelContext) {
  85. ck_assert(securityPolicy != NULL);
  86. ck_assert(channelContext != NULL);
  87. return keySizes->sym_sig_size;
  88. }
  89. static size_t
  90. sym_getRemoteSignatureSize_testing(const UA_SecurityPolicy *securityPolicy,
  91. const void *channelContext) {
  92. ck_assert(securityPolicy != NULL);
  93. ck_assert(channelContext != NULL);
  94. return keySizes->sym_sig_size;
  95. }
  96. static size_t
  97. sym_getLocalSigningKeyLength_testing(const UA_SecurityPolicy *securityPolicy,
  98. const void *channelContext) {
  99. ck_assert(securityPolicy != NULL);
  100. ck_assert(channelContext != NULL);
  101. return keySizes->sym_sig_keyLen;
  102. }
  103. static size_t
  104. sym_getRemoteSigningKeyLength_testing(const UA_SecurityPolicy *securityPolicy,
  105. const void *channelContext) {
  106. ck_assert(securityPolicy != NULL);
  107. ck_assert(channelContext != NULL);
  108. return keySizes->sym_sig_keyLen; // TODO: Remote sig key len
  109. }
  110. static size_t
  111. sym_getLocalEncryptionKeyLength_testing(const UA_SecurityPolicy *securityPolicy,
  112. const void *channelContext) {
  113. ck_assert(securityPolicy != NULL);
  114. ck_assert(channelContext != NULL);
  115. return keySizes->sym_enc_keyLen;
  116. }
  117. static size_t
  118. sym_getRemoteEncryptionKeyLength_testing(const UA_SecurityPolicy *securityPolicy,
  119. const void *channelContext) {
  120. ck_assert(securityPolicy != NULL);
  121. ck_assert(channelContext != NULL);
  122. return keySizes->sym_enc_keyLen;
  123. }
  124. static size_t
  125. sym_getLocalEncryptionBlockSize_testing(const UA_SecurityPolicy *securityPolicy,
  126. const void *channelContext) {
  127. ck_assert(securityPolicy != NULL);
  128. ck_assert(channelContext != NULL);
  129. return keySizes->sym_enc_blockSize;
  130. }
  131. static size_t
  132. sym_getRemoteEncryptionBlockSize_testing(const UA_SecurityPolicy *securityPolicy,
  133. const void *channelContext) {
  134. ck_assert(securityPolicy != NULL);
  135. ck_assert(channelContext != NULL);
  136. return keySizes->sym_enc_blockSize; // TODO: Different size for remote
  137. }
  138. static UA_StatusCode
  139. sym_encrypt_testing(const UA_SecurityPolicy *securityPolicy,
  140. void *channelContext,
  141. UA_ByteString *data) {
  142. SET_CALLED(sym_enc);
  143. ck_assert(securityPolicy != NULL);
  144. ck_assert(channelContext != NULL);
  145. ck_assert(data != NULL);
  146. return UA_STATUSCODE_GOOD;
  147. }
  148. static UA_StatusCode
  149. asym_encrypt_testing(const UA_SecurityPolicy *securityPolicy,
  150. void *channelContext,
  151. UA_ByteString *data) {
  152. SET_CALLED(asym_enc);
  153. ck_assert(securityPolicy != NULL);
  154. ck_assert(channelContext != NULL);
  155. ck_assert(data != NULL);
  156. size_t blockSize =
  157. securityPolicy->asymmetricModule.cryptoModule.encryptionAlgorithm.getRemotePlainTextBlockSize(securityPolicy,
  158. channelContext);
  159. ck_assert_msg(data->length % blockSize == 0,
  160. "Expected the length of the data to be encrypted to be a multiple of the plaintext block size (%i). "
  161. "Remainder was %i",
  162. blockSize,
  163. data->length % blockSize);
  164. for(size_t i = 0; i < data->length; ++i) {
  165. data->data[i] = (UA_Byte)((data->data[i] + 1) % (UA_BYTE_MAX + 1));
  166. }
  167. return UA_STATUSCODE_GOOD;
  168. }
  169. static UA_StatusCode
  170. decrypt_testing(const UA_SecurityPolicy *securityPolicy,
  171. void *channelContext,
  172. UA_ByteString *data) {
  173. return UA_STATUSCODE_GOOD;
  174. }
  175. static UA_StatusCode
  176. makeThumbprint_testing(const UA_SecurityPolicy *securityPolicy,
  177. const UA_ByteString *certificate,
  178. UA_ByteString *thumbprint) {
  179. SET_CALLED(makeCertificateThumbprint);
  180. ck_assert(securityPolicy != NULL);
  181. ck_assert(certificate != NULL);
  182. ck_assert(thumbprint != NULL);
  183. ck_assert_msg(thumbprint->length == 20, "Thumbprints have to be 20 bytes long (current specification)");
  184. memset(thumbprint->data, 42, 20);
  185. return UA_STATUSCODE_GOOD;
  186. }
  187. static UA_StatusCode
  188. compareThumbprint_testing(const UA_SecurityPolicy *securityPolicy,
  189. const UA_ByteString *certificateThumbprint) {
  190. return UA_STATUSCODE_GOOD;
  191. }
  192. static UA_StatusCode
  193. generateKey_testing(const UA_SecurityPolicy *securityPolicy,
  194. const UA_ByteString *secret,
  195. const UA_ByteString *seed,
  196. UA_ByteString *out) {
  197. ck_assert(securityPolicy != NULL);
  198. ck_assert(secret != NULL);
  199. ck_assert(seed != NULL);
  200. ck_assert(out != NULL);
  201. SET_CALLED(generateKey);
  202. return UA_STATUSCODE_GOOD;
  203. }
  204. static UA_StatusCode
  205. generateNonce_testing(const UA_SecurityPolicy *securityPolicy,
  206. UA_ByteString *out) {
  207. ck_assert(securityPolicy != NULL);
  208. ck_assert(out != NULL);
  209. memset(out->data, 'N', out->length);
  210. SET_CALLED(generateNonce);
  211. return UA_STATUSCODE_GOOD;
  212. }
  213. static UA_StatusCode
  214. newContext_testing(const UA_SecurityPolicy *securityPolicy,
  215. const UA_ByteString *remoteCertificate,
  216. void **channelContext) {
  217. SET_CALLED(newContext);
  218. ck_assert(securityPolicy != NULL);
  219. ck_assert(remoteCertificate != NULL);
  220. ck_assert(channelContext != NULL);
  221. ck_assert(funcsCalled != NULL);
  222. *channelContext = (void *)funcsCalled;
  223. return UA_STATUSCODE_GOOD;
  224. }
  225. static void
  226. deleteContext_testing(void *channelContext) {
  227. SET_CALLED(deleteContext);
  228. ck_assert(channelContext != NULL);
  229. }
  230. static UA_StatusCode
  231. setLocalSymEncryptingKey_testing(void *channelContext,
  232. const UA_ByteString *val) {
  233. SET_CALLED(setLocalSymEncryptingKey);
  234. ck_assert(channelContext != NULL);
  235. ck_assert(val != NULL);
  236. ck_assert(val->data != NULL);
  237. ck_assert_msg(val->length == keySizes->sym_enc_keyLen,
  238. "Expected length to be %i but got %i",
  239. keySizes->sym_enc_keyLen,
  240. val->length);
  241. return UA_STATUSCODE_GOOD;
  242. }
  243. static UA_StatusCode
  244. setLocalSymSigningKey_testing(void *channelContext,
  245. const UA_ByteString *val) {
  246. SET_CALLED(setLocalSymSigningKey);
  247. ck_assert(channelContext != NULL);
  248. ck_assert(val != NULL);
  249. ck_assert(val->data != NULL);
  250. ck_assert_msg(val->length == keySizes->sym_sig_keyLen,
  251. "Expected length to be %i but got %i",
  252. keySizes->sym_sig_keyLen,
  253. val->length);
  254. return UA_STATUSCODE_GOOD;
  255. }
  256. static UA_StatusCode
  257. setLocalSymIv_testing(void *channelContext,
  258. const UA_ByteString *val) {
  259. SET_CALLED(setLocalSymIv);
  260. ck_assert(channelContext != NULL);
  261. ck_assert(val != NULL);
  262. ck_assert(val->data != NULL);
  263. ck_assert_msg(val->length == keySizes->sym_enc_blockSize,
  264. "Expected length to be %i but got %i",
  265. keySizes->sym_enc_blockSize,
  266. val->length);
  267. return UA_STATUSCODE_GOOD;
  268. }
  269. static UA_StatusCode
  270. setRemoteSymEncryptingKey_testing(void *channelContext,
  271. const UA_ByteString *val) {
  272. SET_CALLED(setRemoteSymEncryptingKey);
  273. ck_assert(channelContext != NULL);
  274. ck_assert(val != NULL);
  275. ck_assert(val->data != NULL);
  276. ck_assert_msg(val->length == keySizes->sym_enc_keyLen,
  277. "Expected length to be %i but got %i",
  278. keySizes->sym_enc_keyLen,
  279. val->length);
  280. return UA_STATUSCODE_GOOD;
  281. }
  282. static UA_StatusCode
  283. setRemoteSymSigningKey_testing(void *channelContext,
  284. const UA_ByteString *val) {
  285. SET_CALLED(setRemoteSymSigningKey);
  286. ck_assert(channelContext != NULL);
  287. ck_assert(val != NULL);
  288. ck_assert(val->data != NULL);
  289. ck_assert_msg(val->length == keySizes->sym_sig_keyLen,
  290. "Expected length to be %i but got %i",
  291. keySizes->sym_sig_keyLen,
  292. val->length);
  293. return UA_STATUSCODE_GOOD;
  294. }
  295. static UA_StatusCode
  296. setRemoteSymIv_testing(void *channelContext,
  297. const UA_ByteString *val) {
  298. SET_CALLED(setRemoteSymIv);
  299. ck_assert(channelContext != NULL);
  300. ck_assert(val != NULL);
  301. ck_assert(val->data != NULL);
  302. ck_assert_msg(val->length == keySizes->sym_enc_blockSize,
  303. "Expected length to be %i but got %i",
  304. keySizes->sym_enc_blockSize,
  305. val->length);
  306. return UA_STATUSCODE_GOOD;
  307. }
  308. static size_t
  309. asym_getRemotePlainTextBlockSize_testing(const UA_SecurityPolicy *securityPolicy,
  310. const void *channelContext) {
  311. return keySizes->asym_rmt_ptext_blocksize;
  312. }
  313. static size_t
  314. asym_getRemoteBlockSize_testing(const UA_SecurityPolicy *securityPolicy,
  315. const void *channelContext) {
  316. return keySizes->asym_rmt_blocksize;
  317. }
  318. static UA_StatusCode
  319. compareCertificate_testing(const void *channelContext,
  320. const UA_ByteString *certificate) {
  321. return UA_STATUSCODE_GOOD;
  322. }
  323. static void
  324. policy_deletemembers_testing(UA_SecurityPolicy *policy) {
  325. UA_ByteString_deleteMembers(&policy->localCertificate);
  326. }
  327. UA_StatusCode
  328. TestingPolicy(UA_SecurityPolicy *policy, UA_ByteString localCertificate,
  329. funcs_called *fCalled, const key_sizes *kSizes) {
  330. keySizes = kSizes;
  331. funcsCalled = fCalled;
  332. policy->policyContext = (void *)funcsCalled;
  333. policy->policyUri = UA_STRING("http://opcfoundation.org/UA/SecurityPolicy#Testing");
  334. policy->logger = UA_Log_Stdout;
  335. policy->certificateVerification = NULL;
  336. UA_ByteString_copy(&localCertificate, &policy->localCertificate);
  337. policy->asymmetricModule.makeCertificateThumbprint = makeThumbprint_testing;
  338. policy->asymmetricModule.compareCertificateThumbprint = compareThumbprint_testing;
  339. UA_SecurityPolicySignatureAlgorithm *asym_signatureAlgorithm =
  340. &policy->asymmetricModule.cryptoModule.signatureAlgorithm;
  341. asym_signatureAlgorithm->uri = UA_STRING_NULL;
  342. asym_signatureAlgorithm->verify = verify_testing;
  343. asym_signatureAlgorithm->sign = asym_sign_testing;
  344. asym_signatureAlgorithm->getLocalSignatureSize = asym_getLocalSignatureSize_testing;
  345. asym_signatureAlgorithm->getRemoteSignatureSize = asym_getRemoteSignatureSize_testing;
  346. UA_SecurityPolicyEncryptionAlgorithm *asym_encryptionAlgorithm =
  347. &policy->asymmetricModule.cryptoModule.encryptionAlgorithm;
  348. asym_encryptionAlgorithm->encrypt = asym_encrypt_testing;
  349. asym_encryptionAlgorithm->decrypt = decrypt_testing;
  350. asym_encryptionAlgorithm->getLocalKeyLength = asym_getLocalEncryptionKeyLength_testing;
  351. asym_encryptionAlgorithm->getRemoteKeyLength = asym_getRemoteEncryptionKeyLength_testing;
  352. asym_encryptionAlgorithm->getRemotePlainTextBlockSize = asym_getRemotePlainTextBlockSize_testing;
  353. asym_encryptionAlgorithm->getRemoteBlockSize = asym_getRemoteBlockSize_testing;
  354. policy->symmetricModule.generateKey = generateKey_testing;
  355. policy->symmetricModule.generateNonce = generateNonce_testing;
  356. UA_SecurityPolicySignatureAlgorithm *sym_signatureAlgorithm =
  357. &policy->symmetricModule.cryptoModule.signatureAlgorithm;
  358. sym_signatureAlgorithm->uri = UA_STRING_NULL;
  359. sym_signatureAlgorithm->verify = verify_testing;
  360. sym_signatureAlgorithm->sign = sym_sign_testing;
  361. sym_signatureAlgorithm->getLocalSignatureSize = sym_getLocalSignatureSize_testing;
  362. sym_signatureAlgorithm->getRemoteSignatureSize = sym_getRemoteSignatureSize_testing;
  363. sym_signatureAlgorithm->getLocalKeyLength = sym_getLocalSigningKeyLength_testing;
  364. sym_signatureAlgorithm->getRemoteKeyLength = sym_getRemoteSigningKeyLength_testing;
  365. UA_SecurityPolicyEncryptionAlgorithm *sym_encryptionAlgorithm =
  366. &policy->symmetricModule.cryptoModule.encryptionAlgorithm;
  367. sym_encryptionAlgorithm->encrypt = sym_encrypt_testing;
  368. sym_encryptionAlgorithm->decrypt = decrypt_testing;
  369. sym_encryptionAlgorithm->getLocalKeyLength = sym_getLocalEncryptionKeyLength_testing;
  370. sym_encryptionAlgorithm->getRemoteKeyLength = sym_getRemoteEncryptionKeyLength_testing;
  371. sym_encryptionAlgorithm->getLocalBlockSize = sym_getLocalEncryptionBlockSize_testing;
  372. sym_encryptionAlgorithm->getRemoteBlockSize = sym_getRemoteEncryptionBlockSize_testing;
  373. policy->channelModule.newContext = newContext_testing;
  374. policy->channelModule.deleteContext = deleteContext_testing;
  375. policy->channelModule.setLocalSymEncryptingKey = setLocalSymEncryptingKey_testing;
  376. policy->channelModule.setLocalSymSigningKey = setLocalSymSigningKey_testing;
  377. policy->channelModule.setLocalSymIv = setLocalSymIv_testing;
  378. policy->channelModule.setRemoteSymEncryptingKey = setRemoteSymEncryptingKey_testing;
  379. policy->channelModule.setRemoteSymSigningKey = setRemoteSymSigningKey_testing;
  380. policy->channelModule.setRemoteSymIv = setRemoteSymIv_testing;
  381. policy->channelModule.compareCertificate = compareCertificate_testing;
  382. policy->deleteMembers = policy_deletemembers_testing;
  383. return UA_STATUSCODE_GOOD;
  384. }
  385. #endif