check_securechannel.c 22 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451
  1. /* This Source Code Form is subject to the terms of the Mozilla Public
  2. * License, v. 2.0. If a copy of the MPL was not distributed with this
  3. * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
  4. #include <stdio.h>
  5. #include <stdlib.h>
  6. #include <src_generated/ua_types_generated.h>
  7. #include <ua_types_encoding_binary.h>
  8. #include <src_generated/ua_transport_generated_encoding_binary.h>
  9. #include <src_generated/ua_transport_generated.h>
  10. #include <ua_types.h>
  11. #include <src_generated/ua_types_generated_encoding_binary.h>
  12. #include <ua_plugin_securitypolicy.h>
  13. #include <src_generated/ua_transport_generated_handling.h>
  14. #include "testing_networklayers.h"
  15. #include "testing_policy.h"
  16. #include "ua_securechannel.h"
  17. #include "check.h"
  18. #define UA_BYTESTRING_STATIC(s) {sizeof(s)-1, (UA_Byte*)(s)}
  19. // Some default testing sizes. Can be overwritten in testing functions.
  20. #define DEFAULT_SYM_ENCRYPTION_BLOCK_SIZE 2
  21. #define DEFAULT_SYM_SIGNING_KEY_LENGTH 3
  22. #define DEFAULT_SYM_ENCRYPTION_KEY_LENGTH 5
  23. #define DEFAULT_ASYM_REMOTE_SIGNATURE_SIZE 7
  24. #define DEFAULT_ASYM_LOCAL_SIGNATURE_SIZE 11
  25. #define DEFAULT_ASYM_REMOTE_PLAINTEXT_BLOCKSIZE 256
  26. UA_SecureChannel testChannel;
  27. UA_ByteString dummyCertificate = UA_BYTESTRING_STATIC("DUMMY CERTIFICATE DUMMY CERTIFICATE DUMMY CERTIFICATE");
  28. UA_SecurityPolicy dummyPolicy;
  29. UA_Connection testingConnection;
  30. UA_ByteString sentData;
  31. static funcs_called fCalled;
  32. static key_sizes keySizes;
  33. static void
  34. setup_secureChannel(void) {
  35. TestingPolicy(&dummyPolicy, dummyCertificate, &fCalled, &keySizes);
  36. UA_SecureChannel_init(&testChannel, &dummyPolicy, &dummyCertificate);
  37. testingConnection = createDummyConnection(65535, &sentData);
  38. UA_Connection_attachSecureChannel(&testingConnection, &testChannel);
  39. testChannel.connection = &testingConnection;
  40. }
  41. static void
  42. teardown_secureChannel(void) {
  43. UA_SecureChannel_deleteMembersCleanup(&testChannel);
  44. dummyPolicy.deleteMembers(&dummyPolicy);
  45. testingConnection.close(&testingConnection);
  46. }
  47. static void
  48. setup_funcs_called(void) {
  49. memset(&fCalled, 0, sizeof(struct funcs_called));
  50. }
  51. static void
  52. teardown_funcs_called(void) {
  53. memset(&fCalled, 0, sizeof(struct funcs_called));
  54. }
  55. static void
  56. setup_key_sizes(void) {
  57. memset(&keySizes, 0, sizeof(struct key_sizes));
  58. keySizes.sym_sig_keyLen = DEFAULT_SYM_SIGNING_KEY_LENGTH;
  59. keySizes.sym_enc_blockSize = DEFAULT_SYM_ENCRYPTION_BLOCK_SIZE;
  60. keySizes.sym_enc_keyLen = DEFAULT_SYM_ENCRYPTION_KEY_LENGTH;
  61. keySizes.asym_lcl_sig_size = DEFAULT_ASYM_LOCAL_SIGNATURE_SIZE;
  62. keySizes.asym_rmt_sig_size = DEFAULT_ASYM_REMOTE_SIGNATURE_SIZE;
  63. keySizes.asym_rmt_ptext_blocksize = DEFAULT_ASYM_REMOTE_PLAINTEXT_BLOCKSIZE;
  64. keySizes.asym_rmt_enc_key_size = 2048;
  65. keySizes.asym_lcl_enc_key_size = 1024;
  66. }
  67. static void
  68. teardown_key_sizes(void) {
  69. memset(&keySizes, 0, sizeof(struct key_sizes));
  70. }
  71. START_TEST(SecureChannel_initAndDelete) {
  72. TestingPolicy(&dummyPolicy, dummyCertificate, &fCalled, &keySizes);
  73. UA_StatusCode retval;
  74. UA_SecureChannel channel;
  75. retval = UA_SecureChannel_init(&channel, &dummyPolicy, &dummyCertificate);
  76. ck_assert_msg(retval == UA_STATUSCODE_GOOD, "Expected StatusCode to be good");
  77. ck_assert_msg(channel.state == UA_SECURECHANNELSTATE_FRESH, "Expected state to be fresh");
  78. ck_assert_msg(fCalled.newContext, "Expected newContext to have been called");
  79. ck_assert_msg(fCalled.makeCertificateThumbprint, "Expected makeCertificateThumbprint to have been called");
  80. ck_assert_msg(channel.securityPolicy == &dummyPolicy, "SecurityPolicy not set correctly");
  81. UA_SecureChannel_deleteMembersCleanup(&channel);
  82. ck_assert_msg(fCalled.deleteContext, "Expected deleteContext to have been called");
  83. dummyPolicy.deleteMembers(&dummyPolicy);
  84. } END_TEST
  85. START_TEST(SecureChannel_generateNewKeys) {
  86. UA_StatusCode retval = UA_SecureChannel_generateNewKeys(&testChannel);
  87. ck_assert_msg(retval == UA_STATUSCODE_GOOD, "Expected Statuscode to be good");
  88. ck_assert_msg(fCalled.generateKey, "Expected generateKey to have been called");
  89. ck_assert_msg(fCalled.setLocalSymEncryptingKey, "Expected setLocalSymEncryptingKey to have been called");
  90. ck_assert_msg(fCalled.setLocalSymSigningKey, "Expected setLocalSymSigningKey to have been called");
  91. ck_assert_msg(fCalled.setLocalSymIv, "Expected setLocalSymIv to have been called");
  92. ck_assert_msg(fCalled.setRemoteSymEncryptingKey, "Expected setRemoteSymEncryptingKey to have been called");
  93. ck_assert_msg(fCalled.setRemoteSymSigningKey, "Expected setRemoteSymSigningKey to have been called");
  94. ck_assert_msg(fCalled.setRemoteSymIv, "Expected setRemoteSymIv to have been called");
  95. } END_TEST
  96. START_TEST(SecureChannel_revolveTokens) {
  97. // Fake that no token was issued by setting 0
  98. testChannel.nextSecurityToken.tokenId = 0;
  99. UA_StatusCode retval = UA_SecureChannel_revolveTokens(&testChannel);
  100. ck_assert_msg(retval == UA_STATUSCODE_BADSECURECHANNELTOKENUNKNOWN,
  101. "Expected failure because tokenId 0 signifies that no token was issued");
  102. // Fake an issued token by setting an id
  103. testChannel.nextSecurityToken.tokenId = 10;
  104. retval = UA_SecureChannel_revolveTokens(&testChannel);
  105. ck_assert_msg(retval == UA_STATUSCODE_GOOD, "Expected function to return GOOD");
  106. ck_assert_msg(fCalled.generateKey,
  107. "Expected generateKey to be called because new keys need to be generated,"
  108. "when switching to the next token.");
  109. UA_ChannelSecurityToken testToken;
  110. UA_ChannelSecurityToken_init(&testToken);
  111. ck_assert_msg(memcmp(&testChannel.nextSecurityToken, &testToken, sizeof(UA_ChannelSecurityToken)) == 0,
  112. "Expected the next securityToken to be freshly initialized");
  113. ck_assert_msg(testChannel.securityToken.tokenId == 10, "Expected token to have been copied");
  114. } END_TEST
  115. static void
  116. createDummyResponse(UA_OpenSecureChannelResponse *response) {
  117. UA_OpenSecureChannelResponse_init(response);
  118. memset(response, 0, sizeof(UA_OpenSecureChannelResponse));
  119. }
  120. START_TEST(SecureChannel_sendAsymmetricOPNMessage_withoutConnection) {
  121. UA_OpenSecureChannelResponse dummyResponse;
  122. createDummyResponse(&dummyResponse);
  123. testChannel.securityMode = UA_MESSAGESECURITYMODE_NONE;
  124. // Remove connection to provoke error
  125. UA_Connection_detachSecureChannel(testChannel.connection);
  126. testChannel.connection = NULL;
  127. UA_StatusCode retval = UA_SecureChannel_sendAsymmetricOPNMessage(&testChannel, 42, &dummyResponse,
  128. &UA_TYPES[UA_TYPES_OPENSECURECHANNELRESPONSE]);
  129. ck_assert_msg(retval != UA_STATUSCODE_GOOD, "Expected failure without a connection");
  130. } END_TEST
  131. START_TEST(SecureChannel_sendAsymmetricOPNMessage_invalidParameters) {
  132. UA_OpenSecureChannelResponse dummyResponse;
  133. createDummyResponse(&dummyResponse);
  134. UA_StatusCode retval = UA_SecureChannel_sendAsymmetricOPNMessage(&testChannel, 42, NULL,
  135. &UA_TYPES[UA_TYPES_OPENSECURECHANNELRESPONSE]);
  136. ck_assert_msg(retval != UA_STATUSCODE_GOOD, "Expected failure");
  137. retval = UA_SecureChannel_sendAsymmetricOPNMessage(&testChannel, 42, &dummyResponse, NULL);
  138. ck_assert_msg(retval != UA_STATUSCODE_GOOD, "Expected failure");
  139. } END_TEST
  140. START_TEST(SecureChannel_sendAsymmetricOPNMessage_SecurityModeInvalid) {
  141. // Configure our channel correctly for OPN messages and setup dummy message
  142. UA_OpenSecureChannelResponse dummyResponse;
  143. createDummyResponse(&dummyResponse);
  144. testChannel.securityMode = UA_MESSAGESECURITYMODE_INVALID;
  145. UA_StatusCode retval = UA_SecureChannel_sendAsymmetricOPNMessage(&testChannel, 42, &dummyResponse,
  146. &UA_TYPES[UA_TYPES_OPENSECURECHANNELRESPONSE]);
  147. ck_assert_msg(retval == UA_STATUSCODE_BADSECURITYMODEREJECTED, "Expected SecurityMode rejected error");
  148. }
  149. END_TEST
  150. START_TEST(SecureChannel_sendAsymmetricOPNMessage_SecurityModeNone) {
  151. // Configure our channel correctly for OPN messages and setup dummy message
  152. UA_OpenSecureChannelResponse dummyResponse;
  153. createDummyResponse(&dummyResponse);
  154. testChannel.securityMode = UA_MESSAGESECURITYMODE_NONE;
  155. UA_StatusCode retval = UA_SecureChannel_sendAsymmetricOPNMessage(&testChannel, 42, &dummyResponse,
  156. &UA_TYPES[UA_TYPES_OPENSECURECHANNELRESPONSE]);
  157. ck_assert_msg(retval == UA_STATUSCODE_GOOD, "Expected function to succeed");
  158. ck_assert_msg(!fCalled.asym_enc, "Message encryption was called but should not have been");
  159. ck_assert_msg(!fCalled.asym_sign, "Message signing was called but should not have been");
  160. }
  161. END_TEST
  162. START_TEST(SecureChannel_sendAsymmetricOPNMessage_SecurityModeSign) {
  163. // Configure our channel correctly for OPN messages and setup dummy message
  164. UA_OpenSecureChannelResponse dummyResponse;
  165. createDummyResponse(&dummyResponse);
  166. testChannel.securityMode = UA_MESSAGESECURITYMODE_SIGN;
  167. UA_StatusCode retval = UA_SecureChannel_sendAsymmetricOPNMessage(&testChannel, 42, &dummyResponse,
  168. &UA_TYPES[UA_TYPES_OPENSECURECHANNELRESPONSE]);
  169. ck_assert_msg(retval == UA_STATUSCODE_GOOD, "Expected function to succeed");
  170. ck_assert_msg(fCalled.asym_enc, "Expected message to have been encrypted but it was not");
  171. ck_assert_msg(fCalled.asym_sign, "Expected message to have been signed but it was not");
  172. } END_TEST
  173. START_TEST(SecureChannel_sendAsymmetricOPNMessage_SecurityModeSignAndEncrypt) {
  174. // Configure our channel correctly for OPN messages and setup dummy message
  175. UA_OpenSecureChannelResponse dummyResponse;
  176. createDummyResponse(&dummyResponse);
  177. testChannel.securityMode = UA_MESSAGESECURITYMODE_SIGNANDENCRYPT;
  178. UA_StatusCode retval = UA_SecureChannel_sendAsymmetricOPNMessage(&testChannel, 42, &dummyResponse,
  179. &UA_TYPES[UA_TYPES_OPENSECURECHANNELRESPONSE]);
  180. ck_assert_msg(retval == UA_STATUSCODE_GOOD, "Expected function to succeed");
  181. ck_assert_msg(fCalled.asym_enc, "Expected message to have been encrypted but it was not");
  182. ck_assert_msg(fCalled.asym_sign, "Expected message to have been signed but it was not");
  183. } END_TEST
  184. START_TEST(SecureChannel_sendAsymmetricOPNMessage_sentDataIsValid) {
  185. UA_OpenSecureChannelResponse dummyResponse;
  186. createDummyResponse(&dummyResponse);
  187. testChannel.securityMode = UA_MESSAGESECURITYMODE_SIGNANDENCRYPT;
  188. UA_UInt32 requestId = UA_UInt32_random();
  189. UA_StatusCode retval = UA_SecureChannel_sendAsymmetricOPNMessage(&testChannel, requestId, &dummyResponse,
  190. &UA_TYPES[UA_TYPES_OPENSECURECHANNELRESPONSE]);
  191. ck_assert_msg(retval == UA_STATUSCODE_GOOD, "Expected function to succeed");
  192. size_t offset = 0;
  193. UA_SecureConversationMessageHeader header;
  194. UA_SecureConversationMessageHeader_decodeBinary(&sentData, &offset, &header);
  195. UA_AsymmetricAlgorithmSecurityHeader asymSecurityHeader;
  196. UA_AsymmetricAlgorithmSecurityHeader_decodeBinary(&sentData, &offset, &asymSecurityHeader);
  197. ck_assert_msg(UA_ByteString_equal(&dummyCertificate, &asymSecurityHeader.senderCertificate),
  198. "Expected the certificate to be equal to the one used by the secureChannel");
  199. ck_assert_msg(UA_ByteString_equal(&testChannel.securityPolicy->policyUri,
  200. &asymSecurityHeader.securityPolicyUri),
  201. "Expected securityPolicyUri to be equal to the one used by the secureChannel");
  202. UA_ByteString thumbPrint = {20, testChannel.remoteCertificateThumbprint};
  203. ck_assert_msg(UA_ByteString_equal(&thumbPrint,
  204. &asymSecurityHeader.receiverCertificateThumbprint),
  205. "Expected receiverCertificateThumbprint to be equal to the one set in the secureChannel");
  206. for(size_t i = offset; i < header.messageHeader.messageSize; ++i) {
  207. sentData.data[i] = (UA_Byte) ((sentData.data[i] - 1) % (UA_BYTE_MAX + 1));
  208. }
  209. UA_SequenceHeader sequenceHeader;
  210. UA_SequenceHeader_decodeBinary(&sentData, &offset, &sequenceHeader);
  211. ck_assert_msg(sequenceHeader.requestId == requestId, "Expected requestId to be %i but was %i",
  212. requestId,
  213. sequenceHeader.requestId);
  214. UA_NodeId original = UA_NODEID_NUMERIC(0, UA_TYPES[UA_TYPES_OPENSECURECHANNELRESPONSE].binaryEncodingId);
  215. UA_NodeId requestTypeId;
  216. UA_NodeId_decodeBinary(&sentData, &offset, &requestTypeId);
  217. ck_assert_msg(UA_NodeId_equal(&original, &requestTypeId), "Expected nodeIds to be equal");
  218. UA_OpenSecureChannelResponse sentResponse;
  219. UA_OpenSecureChannelResponse_decodeBinary(&sentData, &offset, &sentResponse);
  220. ck_assert_msg(memcmp(&sentResponse, &dummyResponse, sizeof(UA_OpenSecureChannelResponse)) == 0,
  221. "Expected the sent response to be equal to the one supplied to the send function");
  222. UA_Byte paddingByte = sentData.data[offset];
  223. size_t paddingSize = (size_t) paddingByte;
  224. for(size_t i = 0; i <= paddingSize; ++i) {
  225. ck_assert_msg(sentData.data[offset + i] == paddingByte,
  226. "Expected padding byte %i to be %i but got value %i",
  227. i, paddingByte, sentData.data[offset + i]);
  228. }
  229. ck_assert_msg(sentData.data[offset + paddingSize + 1] == '*', "Expected first byte of signature");
  230. UA_SecureConversationMessageHeader_deleteMembers(&header);
  231. UA_AsymmetricAlgorithmSecurityHeader_deleteMembers(&asymSecurityHeader);
  232. UA_SequenceHeader_deleteMembers(&sequenceHeader);
  233. UA_OpenSecureChannelResponse_deleteMembers(&sentResponse);
  234. }
  235. END_TEST
  236. START_TEST(Securechannel_sendAsymmetricOPNMessage_extraPaddingPresentWhenKeyLargerThan2048Bits) {
  237. keySizes.asym_rmt_enc_key_size = 4096;
  238. keySizes.asym_rmt_ptext_blocksize = 4096;
  239. UA_OpenSecureChannelResponse dummyResponse;
  240. createDummyResponse(&dummyResponse);
  241. testChannel.securityMode = UA_MESSAGESECURITYMODE_SIGNANDENCRYPT;
  242. UA_UInt32 requestId = UA_UInt32_random();
  243. UA_StatusCode retval = UA_SecureChannel_sendAsymmetricOPNMessage(&testChannel, requestId, &dummyResponse,
  244. &UA_TYPES[UA_TYPES_OPENSECURECHANNELRESPONSE]);
  245. ck_assert_msg(retval == UA_STATUSCODE_GOOD, "Expected function to succeed");
  246. size_t offset = 0;
  247. UA_SecureConversationMessageHeader header;
  248. UA_SecureConversationMessageHeader_decodeBinary(&sentData, &offset, &header);
  249. UA_AsymmetricAlgorithmSecurityHeader asymSecurityHeader;
  250. UA_AsymmetricAlgorithmSecurityHeader_decodeBinary(&sentData, &offset, &asymSecurityHeader);
  251. ck_assert_msg(UA_ByteString_equal(&dummyCertificate, &asymSecurityHeader.senderCertificate),
  252. "Expected the certificate to be equal to the one used by the secureChannel");
  253. ck_assert_msg(UA_ByteString_equal(&testChannel.securityPolicy->policyUri,
  254. &asymSecurityHeader.securityPolicyUri),
  255. "Expected securityPolicyUri to be equal to the one used by the secureChannel");
  256. UA_ByteString thumbPrint = {20, testChannel.remoteCertificateThumbprint};
  257. ck_assert_msg(UA_ByteString_equal(&thumbPrint,
  258. &asymSecurityHeader.receiverCertificateThumbprint),
  259. "Expected receiverCertificateThumbprint to be equal to the one set in the secureChannel");
  260. for(size_t i = offset; i < header.messageHeader.messageSize; ++i) {
  261. sentData.data[i] = (UA_Byte) ((sentData.data[i] - 1) % (UA_BYTE_MAX + 1));
  262. }
  263. UA_SequenceHeader sequenceHeader;
  264. UA_SequenceHeader_decodeBinary(&sentData, &offset, &sequenceHeader);
  265. ck_assert_msg(sequenceHeader.requestId == requestId, "Expected requestId to be %i but was %i",
  266. requestId,
  267. sequenceHeader.requestId);
  268. UA_NodeId original = UA_NODEID_NUMERIC(0, UA_TYPES[UA_TYPES_OPENSECURECHANNELRESPONSE].binaryEncodingId);
  269. UA_NodeId requestTypeId;
  270. UA_NodeId_decodeBinary(&sentData, &offset, &requestTypeId);
  271. ck_assert_msg(UA_NodeId_equal(&original, &requestTypeId), "Expected nodeIds to be equal");
  272. UA_OpenSecureChannelResponse sentResponse;
  273. UA_OpenSecureChannelResponse_decodeBinary(&sentData, &offset, &sentResponse);
  274. ck_assert_msg(memcmp(&sentResponse, &dummyResponse, sizeof(UA_OpenSecureChannelResponse)) == 0,
  275. "Expected the sent response to be equal to the one supplied to the send function");
  276. UA_Byte paddingByte = sentData.data[offset];
  277. UA_Byte extraPaddingByte = sentData.data[sentData.length - keySizes.asym_lcl_sig_size - 1];
  278. size_t paddingSize = (size_t) paddingByte;
  279. paddingSize |= extraPaddingByte << 8;
  280. for(size_t i = 0; i <= paddingSize; ++i) {
  281. ck_assert_msg(sentData.data[offset + i] == paddingByte,
  282. "Expected padding byte %i to be %i but got value %i",
  283. i,
  284. paddingByte,
  285. sentData.data[offset + i]);
  286. }
  287. ck_assert_msg(sentData.data[offset + paddingSize + 1] == extraPaddingByte,
  288. "Expected extra padding byte to be %i but got %i",
  289. extraPaddingByte, sentData.data[offset + paddingSize + 1]);
  290. ck_assert_msg(sentData.data[offset + paddingSize + 2] == '*',
  291. "Expected first byte 42 of signature but got %i",
  292. sentData.data[offset + paddingSize + 2]);
  293. UA_SecureConversationMessageHeader_deleteMembers(&header);
  294. UA_AsymmetricAlgorithmSecurityHeader_deleteMembers(&asymSecurityHeader);
  295. UA_SequenceHeader_deleteMembers(&sequenceHeader);
  296. UA_OpenSecureChannelResponse_deleteMembers(&sentResponse);
  297. } END_TEST
  298. START_TEST(SecureChannel_generateNonce) {
  299. UA_ByteString myNonce;
  300. UA_ByteString_init(&myNonce);
  301. for(size_t i = 0; i < 129; ++i) {
  302. i = (i == 128) ? 65536 : i; // large edge case
  303. UA_StatusCode retval = UA_SecureChannel_generateNonce(&testChannel, i, &myNonce);
  304. ck_assert_msg(retval == UA_STATUSCODE_GOOD, "Expected retval to be good");
  305. ck_assert_msg(myNonce.length == i, "Expected nonce length to be %i but was %i", i, myNonce.length);
  306. ck_assert_msg(fCalled.generateNonce, "Expected generateNonce to have been called");
  307. }
  308. UA_ByteString_deleteMembers(&myNonce);
  309. } END_TEST
  310. static Suite *
  311. testSuite_SecureChannel(void) {
  312. Suite *s = suite_create("SecureChannel");
  313. TCase *tc_initAndDelete = tcase_create("Initialize and delete Securechannel");
  314. tcase_add_checked_fixture(tc_initAndDelete, setup_funcs_called, teardown_funcs_called);
  315. tcase_add_checked_fixture(tc_initAndDelete, setup_key_sizes, teardown_key_sizes);
  316. tcase_add_test(tc_initAndDelete, SecureChannel_initAndDelete);
  317. suite_add_tcase(s, tc_initAndDelete);
  318. TCase *tc_generateNewKeys = tcase_create("Test generateNewKeys function");
  319. tcase_add_checked_fixture(tc_generateNewKeys, setup_funcs_called, teardown_funcs_called);
  320. tcase_add_checked_fixture(tc_generateNewKeys, setup_key_sizes, teardown_key_sizes);
  321. tcase_add_checked_fixture(tc_generateNewKeys, setup_secureChannel, teardown_secureChannel);
  322. tcase_add_test(tc_generateNewKeys, SecureChannel_generateNewKeys);
  323. suite_add_tcase(s, tc_generateNewKeys);
  324. TCase *tc_revolveTokens = tcase_create("Test revolveTokens function");
  325. tcase_add_checked_fixture(tc_revolveTokens, setup_funcs_called, teardown_funcs_called);
  326. tcase_add_checked_fixture(tc_revolveTokens, setup_key_sizes, teardown_key_sizes);
  327. tcase_add_checked_fixture(tc_revolveTokens, setup_secureChannel, teardown_secureChannel);
  328. tcase_add_test(tc_revolveTokens, SecureChannel_revolveTokens);
  329. suite_add_tcase(s, tc_revolveTokens);
  330. TCase *tc_sendAsymmetricOPNMessage = tcase_create("Test sendAsymmetricOPNMessage function");
  331. tcase_add_checked_fixture(tc_sendAsymmetricOPNMessage, setup_funcs_called, teardown_funcs_called);
  332. tcase_add_checked_fixture(tc_sendAsymmetricOPNMessage, setup_key_sizes, teardown_key_sizes);
  333. tcase_add_checked_fixture(tc_sendAsymmetricOPNMessage, setup_secureChannel, teardown_secureChannel);
  334. tcase_add_test(tc_sendAsymmetricOPNMessage, SecureChannel_sendAsymmetricOPNMessage_withoutConnection);
  335. tcase_add_test(tc_sendAsymmetricOPNMessage, SecureChannel_sendAsymmetricOPNMessage_invalidParameters);
  336. tcase_add_test(tc_sendAsymmetricOPNMessage, SecureChannel_sendAsymmetricOPNMessage_SecurityModeInvalid);
  337. tcase_add_test(tc_sendAsymmetricOPNMessage, SecureChannel_sendAsymmetricOPNMessage_SecurityModeNone);
  338. tcase_add_test(tc_sendAsymmetricOPNMessage, SecureChannel_sendAsymmetricOPNMessage_SecurityModeSign);
  339. tcase_add_test(tc_sendAsymmetricOPNMessage, SecureChannel_sendAsymmetricOPNMessage_SecurityModeSignAndEncrypt);
  340. tcase_add_test(tc_sendAsymmetricOPNMessage, SecureChannel_sendAsymmetricOPNMessage_sentDataIsValid);
  341. tcase_add_test(tc_sendAsymmetricOPNMessage,
  342. Securechannel_sendAsymmetricOPNMessage_extraPaddingPresentWhenKeyLargerThan2048Bits);
  343. suite_add_tcase(s, tc_sendAsymmetricOPNMessage);
  344. TCase *tc_generateNonce = tcase_create("Test generateNonce function");
  345. tcase_add_checked_fixture(tc_generateNonce, setup_funcs_called, teardown_funcs_called);
  346. tcase_add_checked_fixture(tc_generateNonce, setup_key_sizes, teardown_key_sizes);
  347. tcase_add_checked_fixture(tc_generateNonce, setup_secureChannel, teardown_secureChannel);
  348. tcase_add_test(tc_generateNonce, SecureChannel_generateNonce);
  349. suite_add_tcase(s, tc_generateNonce);
  350. return s;
  351. }
  352. int
  353. main(void) {
  354. Suite *s = testSuite_SecureChannel();
  355. SRunner *sr = srunner_create(s);
  356. srunner_set_fork_status(sr, CK_NOFORK);
  357. srunner_run_all(sr, CK_NORMAL);
  358. int number_failed = srunner_ntests_failed(sr);
  359. srunner_free(sr);
  360. return (number_failed == 0) ? EXIT_SUCCESS : EXIT_FAILURE;
  361. }