BIND9 Internals: lib/dns/tests/private

00001 /*
00002  * Copyright (C) 2011, 2012  Internet Systems Consortium, Inc. ("ISC")
00003  *
00004  * Permission to use, copy, modify, and/or distribute this software for any
00005  * purpose with or without fee is hereby granted, provided that the above
00006  * copyright notice and this permission notice appear in all copies.
00007  *
00008  * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
00009  * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
00010  * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
00011  * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
00012  * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
00013  * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
00014  * PERFORMANCE OF THIS SOFTWARE.
00015  */
00016 
00017 /* $Id$ */
00018 
00019 /*! \file */
00020 
00021 #include <config.h>
00022 
00023 #include <atf-c.h>
00024 
00025 #include <unistd.h>
00026 
00027 #include <isc/buffer.h>
00028 
00029 #include <dns/nsec3.h>
00030 #include <dns/private.h>
00031 #include <dns/rdataclass.h>
00032 #include <dns/rdatatype.h>
00033 
00034 #include <dst/dst.h>
00035 
00036 #include "dnstest.h"
00037 
00038 static dns_rdatatype_t privatetype = 65534;
00039 
00040 typedef struct {
00041         unsigned char alg;
00042         dns_keytag_t keyid;
00043         isc_boolean_t remove;
00044         isc_boolean_t complete;
00045 } signing_testcase_t;
00046 
00047 typedef struct {
00048         unsigned char hash;
00049         unsigned char flags;
00050         unsigned int iterations;
00051         unsigned long salt;
00052         isc_boolean_t remove;
00053         isc_boolean_t pending;
00054         isc_boolean_t nonsec;
00055 } nsec3_testcase_t;
00056 
00057 /*
00058  * Helper functions
00059  */
00060 static void
00061 make_signing(signing_testcase_t *testcase, dns_rdata_t *private,
00062              unsigned char *buf, size_t len)
00063 {
00064         dns_rdata_init(private);
00065 
00066         buf[0] = testcase->alg;
00067         buf[1] = (testcase->keyid & 0xff00) >> 8;
00068         buf[2] = (testcase->keyid & 0xff);
00069         buf[3] = testcase->remove;
00070         buf[4] = testcase->complete;
00071         private->data = buf;
00072         private->length = len;
00073         private->type = privatetype;
00074         private->rdclass = dns_rdataclass_in;
00075 }
00076 
00077 static void
00078 make_nsec3(nsec3_testcase_t *testcase, dns_rdata_t *private,
00079            unsigned char *pbuf)
00080 {
00081         dns_rdata_nsec3param_t params;
00082         dns_rdata_t nsec3param = DNS_RDATA_INIT;
00083         unsigned char bufdata[BUFSIZ];
00084         isc_buffer_t buf;
00085         isc_uint32_t salt;
00086         unsigned char *sp;
00087         int slen = 4;
00088 
00089         /* for simplicity, we're using a maximum salt length of 4 */
00090         salt = htonl(testcase->salt);
00091         sp = (unsigned char *) &salt;
00092         while (*sp == '\0' && slen > 0) {
00093                 slen--;
00094                 sp++;
00095         }
00096 
00097         params.common.rdclass = dns_rdataclass_in;
00098         params.common.rdtype = dns_rdatatype_nsec3param;
00099         params.hash = testcase->hash;
00100         params.iterations = testcase->iterations;
00101         params.salt = sp;
00102         params.salt_length = slen;
00103 
00104         params.flags = testcase->flags;
00105         if (testcase->remove) {
00106                 params.flags |= DNS_NSEC3FLAG_REMOVE;
00107                 if (testcase->nonsec)
00108                         params.flags |= DNS_NSEC3FLAG_NONSEC;
00109         } else {
00110                 params.flags |= DNS_NSEC3FLAG_CREATE;
00111                 if (testcase->pending)
00112                         params.flags |= DNS_NSEC3FLAG_INITIAL;
00113         }
00114 
00115         isc_buffer_init(&buf, bufdata, sizeof(bufdata));
00116         dns_rdata_fromstruct(&nsec3param, dns_rdataclass_in,
00117                              dns_rdatatype_nsec3param, &params, &buf);
00118 
00119         dns_rdata_init(private);
00120 
00121         dns_nsec3param_toprivate(&nsec3param, private, privatetype,
00122                                  pbuf, DNS_NSEC3PARAM_BUFFERSIZE + 1);
00123 }
00124 
00125 /*
00126  * Individual unit tests
00127  */
00128 ATF_TC(private_signing_totext);
00129 ATF_TC_HEAD(private_signing_totext, tc) {
00130         atf_tc_set_md_var(tc, "descr",
00131                           "convert private signing records to text");
00132 }
00133 ATF_TC_BODY(private_signing_totext, tc) {
00134         isc_result_t result;
00135         dns_rdata_t private;
00136         int i;
00137 
00138         signing_testcase_t testcases[] = {
00139                 { DST_ALG_RSASHA512, 12345, 0, 0 },
00140                 { DST_ALG_RSASHA256, 54321, 1, 0 },
00141                 { DST_ALG_NSEC3RSASHA1, 22222, 0, 1 },
00142                 { DST_ALG_RSASHA1, 33333, 1, 1 }
00143         };
00144         const char *results[] = {
00145                 "Signing with key 12345/RSASHA512",
00146                 "Removing signatures for key 54321/RSASHA256",
00147                 "Done signing with key 22222/NSEC3RSASHA1",
00148                 "Done removing signatures for key 33333/RSASHA1"
00149         };
00150         int ncases = 4;
00151 
00152         UNUSED(tc);
00153 
00154         result = dns_test_begin(NULL, ISC_TRUE);
00155         ATF_REQUIRE_EQ(result, ISC_R_SUCCESS);
00156 
00157         for (i = 0; i < ncases; i++) {
00158                 unsigned char data[5];
00159                 char output[BUFSIZ];
00160                 isc_buffer_t buf;
00161 
00162                 isc_buffer_init(&buf, output, sizeof(output));
00163 
00164                 make_signing(&testcases[i], &private, data, sizeof(data));
00165                 dns_private_totext(&private, &buf);
00166                 ATF_CHECK_STREQ(output, results[i]);
00167         }
00168 
00169         dns_test_end();
00170 }
00171 
00172 ATF_TC(private_nsec3_totext);
00173 ATF_TC_HEAD(private_nsec3_totext, tc) {
00174         atf_tc_set_md_var(tc, "descr", "convert private chain records to text");
00175 }
00176 ATF_TC_BODY(private_nsec3_totext, tc) {
00177         isc_result_t result;
00178         dns_rdata_t private;
00179         int i;
00180 
00181         nsec3_testcase_t testcases[] = {
00182                 { 1, 0, 1, 0xbeef, 0, 0, 0 },
00183                 { 1, 1, 10, 0xdadd, 0, 0, 0 },
00184                 { 1, 0, 20, 0xbead, 0, 1, 0 },
00185                 { 1, 0, 30, 0xdeaf, 1, 0, 0 },
00186                 { 1, 0, 100, 0xfeedabee, 1, 0, 1 },
00187         };
00188         const char *results[] = {
00189                 "Creating NSEC3 chain 1 0 1 BEEF",
00190                 "Creating NSEC3 chain 1 1 10 DADD",
00191                 "Pending NSEC3 chain 1 0 20 BEAD",
00192                 "Removing NSEC3 chain 1 0 30 DEAF / creating NSEC chain",
00193                 "Removing NSEC3 chain 1 0 100 FEEDABEE"
00194         };
00195         int ncases = 5;
00196 
00197         UNUSED(tc);
00198 
00199         result = dns_test_begin(NULL, ISC_TRUE);
00200         ATF_REQUIRE_EQ(result, ISC_R_SUCCESS);
00201 
00202         for (i = 0; i < ncases; i++) {
00203                 unsigned char data[DNS_NSEC3PARAM_BUFFERSIZE + 1];
00204                 char output[BUFSIZ];
00205                 isc_buffer_t buf;
00206 
00207                 isc_buffer_init(&buf, output, sizeof(output));
00208 
00209                 make_nsec3(&testcases[i], &private, data);
00210                 dns_private_totext(&private, &buf);
00211                 ATF_CHECK_STREQ(output, results[i]);
00212         }
00213 
00214         dns_test_end();
00215 }
00216 
00217 /*
00218  * Main
00219  */
00220 ATF_TP_ADD_TCS(tp) {
00221         ATF_TP_ADD_TC(tp, private_signing_totext);
00222         ATF_TP_ADD_TC(tp, private_nsec3_totext);
00223         return (atf_no_error());
00224 }
00225
private_test.c
