From patchwork Thu Aug 17 14:15:46 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Storm, Christian" X-Patchwork-Id: 802695 X-Patchwork-Delegate: sbabic@denx.de Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=googlegroups.com (client-ip=2a00:1450:400c:c0c::23f; helo=mail-wr0-x23f.google.com; envelope-from=swupdate+bncbdd6bwv65qpbby6l23gakgqe4i4lx3y@googlegroups.com; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=googlegroups.com header.i=@googlegroups.com header.b="iTpD5q/D"; dkim-atps=neutral Received: from mail-wr0-x23f.google.com (mail-wr0-x23f.google.com [IPv6:2a00:1450:400c:c0c::23f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3xY7d30hlGz9t4V for ; Fri, 18 Aug 2017 00:19:18 +1000 (AEST) Received: by mail-wr0-x23f.google.com with SMTP id z91sf674716wrc.2 for ; Thu, 17 Aug 2017 07:19:18 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1502979555; cv=pass; d=google.com; s=arc-20160816; b=s50qdTOLAUPVSoojMPxnQnF0i9eh6bbbVbIZGC3eFJr+q6jGt8o02wWzj+ysIfNRwa 8WvT9vhNVOhLz0rCaTqq77PKBE9UP+3MhzXt0qU9Qql1663gcqUXv6MJM9GLNKX5FLmV XzLbP2jFM5NpIlNOk/YaEd/HoycPG+kXX6Wn5bOakQhNHjWpaYd6I/uI29eHVSGCE1In u+o4R8Yv+HK6ivCQreMeK9Qlyf1VJD51Rn+P7c8wwyP0AsnzNtdHhRQGkwUiBPY1cT6G WHNx+pyXcG7wYmgsyEiSSUWIwt5t25WuPkM4w3AfIE4cSZJdONLBflSmqrlc/DwezAT4 cqkA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:arc-authentication-results :arc-message-signature:mime-version:sender:dkim-signature :arc-authentication-results; bh=MmI8kj03YZ63RtWL3z4GOuPIAKPF3+oBxGbtBfz2ios=; b=dIb0/65fzlROIGYYdzkCNfzcma2slTjA6Sm6mwgNO2pT5lJYAw9vP3A2at/2NvoR8a 7J2EbEUQmO9r4rg2+x0/tGpl/N1m1fiB2BA3OVQkLn7kQKES0e+SsOwkBZHNM/vRj5IP KEnpg/lnlFUVQyyz9Nqhoa3RQT8kfW9/juGyMaBwFLMpLIMMAaCguorgbxRkVQRavB1Y kS4pqpXc6wpk+yAR/saj+Cc90Q0HRavk1cCDamSMGKN9Hxp1yI9zyJWrBe7cksHcGCHa SlSP9o3pJEEU00Yu1YRMbTGBggjC0nh3U4P7HnTh8iYPKGrYI1xDtDpx9gURAQvJ2U9K ovHA== ARC-Authentication-Results: i=2; gmr-mx.google.com; spf=neutral (google.com: 192.35.17.28 is neither permitted nor denied by best guess record for domain of christian.storm@siemens.com) smtp.mailfrom=christian.storm@siemens.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20161025; h=sender:mime-version:from:to:cc:subject:date:message-id:in-reply-to :references:x-original-sender:x-original-authentication-results :precedence:mailing-list:list-id:list-post:list-help:list-archive :list-subscribe:list-unsubscribe; bh=MmI8kj03YZ63RtWL3z4GOuPIAKPF3+oBxGbtBfz2ios=; b=iTpD5q/DJ8UFSjTZZ9VNtnFj4RR9pN6LU5y0A4TRGjLD9TaV9g5BfAIyWWCSlZkSzG XY6luXyH39DBmwcmVN2RRA0UgSDDWWDq/dROix4yO+36t1zPz6zv6AbudUtoyKnHTfVc zo+i/rhHtw+ObP/8T9k5QBaVxORroSYYqTnxPj6aIZjRYZTnHGlHY+1VMyJIrld/NlvB pAOam6C+vI0YFbmN+RqLP41/j//CUxBVpv+uRt+lhjFvK2YXo5RJMM0SEhQNjQpsPXz6 OTEK2bhIegLksORJHhA31CzLdJUgmQE2dRDoPcUD/HRD3l+ywmTkaM0YpFwY3/83p8/Y yoxA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=sender:x-gm-message-state:mime-version:from:to:cc:subject:date :message-id:in-reply-to:references:x-original-sender :x-original-authentication-results:precedence:mailing-list:list-id :x-spam-checked-in-group:list-post:list-help:list-archive :list-subscribe:list-unsubscribe; bh=MmI8kj03YZ63RtWL3z4GOuPIAKPF3+oBxGbtBfz2ios=; b=j22IFJD0uYSlZ0pjzkV+8WksxhX/16vNMOzArS2nKr7jrHSAhyaVtkmJk4hE7arMEx pzVQc5iCRxnWRoNKiYbO2Dk7zjLUy996z5OaL8/CnWR7dXlgndWp4zSNVxHBdIZzgJp5 WsMlZSo0LKpV6PJvRpzTU3UkL1DzJZ7/o8Y4pYNWiD84eWI/nIvDINSQd5eKuq58ES9u mqfaSmtNQC3+8LoZJWXrPWXIc8S/JncLVHExfzwX+rN1b5V1vUKcmIQsXTMnjR0aiIXq ZnmDxc2Ja1QazdXVTP33QbMMcRPr5l+g5z+eCigUytNz205THsbf7/go10IyVVR4OFVM 3htg== Sender: swupdate@googlegroups.com X-Gm-Message-State: AHYfb5gi9OfmkcXRARQCVQ34SvoNGNoja3dc2hfy48rfiAgCKIqnY7fz tMQsFSFuvkAGwg== X-Received: by 10.28.209.199 with SMTP id i190mr3058wmg.11.1502979555748; Thu, 17 Aug 2017 07:19:15 -0700 (PDT) MIME-Version: 1.0 X-BeenThere: swupdate@googlegroups.com Received: by 10.28.24.143 with SMTP id 137ls797754wmy.4.gmail; Thu, 17 Aug 2017 07:19:15 -0700 (PDT) X-Received: by 10.223.172.172 with SMTP id o41mr56612wrc.19.1502979555335; Thu, 17 Aug 2017 07:19:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1502979555; cv=none; d=google.com; s=arc-20160816; b=n6G6g6Vi3kFscZ+pu7iyQqSPqCvSsUhWQKNGirjiVPka7DeMEMfjOrU8nxR7AUkyrY MvbkB6nVzaVF43/ZWjf5kddHfa9twJJpBRCj4yZtaE4sPuElwEgNS9NSl9Pqog6dRL8L KcKo3M6NwqemFfbga4wridpTKNyRlBV0lR+mTncFQSHMMUbC9lMfKONJQHj7riRpJtap yAnN3jPG5U/F70xg879kahbWSrAlmxPZYE6TxouKU8wo4QDOQzi0Cu9nsB/rNV9Ou/aV gYMxVCdkrMbyWyzs0ZdTG7mm9oIPAAA1yNls5r6AQwNRO+9uP+h51lyoi/7ajrl8BS4P spbA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=references:in-reply-to:message-id:date:subject:cc:to:from :arc-authentication-results; bh=OqwiRtw8WIFge6Q8dUMWeuFvc4AcEmBIMx9gtdb9f7s=; b=VnVpBkoaIoNz9eAiL7j758E2YHpJ/pq7iSr2vzu827pOKv6IYHoL2OlUUQ9SktTMTz a9VE/YiilFUGHv4LkQPF/8BQhyBWB4jcWIfEnwh5LFgcHh/azWjFxmLNSF+IVXAT5yOn XCc2i4fMOOSQhroS/sfvQYi5KCrjkQUqoJpcA47CuXDaFd1dsgDFAHrlp7+i3sZ9tRNr Xdm6NOj/JQNXfPCSODc6LDKXEpKkL86tzJ/wn6rMmHLdSJ1nLK7UyMR01DucGgYmUh7E /CPzdDxHQbDwUl1fvBNzsGC/MiMWHrkM1XY2r8GR5yaDD7WQEYox4SSzQ3+t+9iQw7jj 4EFA== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=neutral (google.com: 192.35.17.28 is neither permitted nor denied by best guess record for domain of christian.storm@siemens.com) smtp.mailfrom=christian.storm@siemens.com Received: from goliath.siemens.de (goliath.siemens.de. [192.35.17.28]) by gmr-mx.google.com with ESMTPS id k84si6493wmh.5.2017.08.17.07.19.15 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 17 Aug 2017 07:19:15 -0700 (PDT) Received-SPF: neutral (google.com: 192.35.17.28 is neither permitted nor denied by best guess record for domain of christian.storm@siemens.com) client-ip=192.35.17.28; Received: from mail2.siemens.de (mail2.siemens.de [139.25.208.11]) by goliath.siemens.de (8.15.2/8.15.2) with ESMTPS id v7HEJEKJ019039 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Thu, 17 Aug 2017 16:19:15 +0200 Received: from MD1KR9XC.ww002.siemens.net ([139.25.68.253]) by mail2.siemens.de (8.15.2/8.15.2) with ESMTP id v7HEJEvd031432; Thu, 17 Aug 2017 16:19:14 +0200 From: Christian Storm To: swupdate@googlegroups.com Cc: Christian Storm Subject: [swupdate] [PATCH resent 2/2] crypt: add unit tests for crypt functions Date: Thu, 17 Aug 2017 16:15:46 +0200 Message-Id: <20170817141546.31426-2-christian.storm@siemens.com> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20170817141546.31426-1-christian.storm@siemens.com> References: <20170817141546.31426-1-christian.storm@siemens.com> X-Original-Sender: christian.storm@siemens.com X-Original-Authentication-Results: gmr-mx.google.com; spf=neutral (google.com: 192.35.17.28 is neither permitted nor denied by best guess record for domain of christian.storm@siemens.com) smtp.mailfrom=christian.storm@siemens.com Precedence: list Mailing-list: list swupdate@googlegroups.com; contact swupdate+owners@googlegroups.com List-ID: X-Spam-Checked-In-Group: swupdate@googlegroups.com X-Google-Group-Id: 605343134186 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , Signed-off-by: Christian Storm --- Makefile | 7 ++- corelib/test/Makefile | 64 ++++++++++++++++++++ corelib/test/test_crypt.c | 148 ++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 218 insertions(+), 1 deletion(-) create mode 100644 corelib/test/Makefile create mode 100644 corelib/test/test_crypt.c diff --git a/Makefile b/Makefile index 0edb03a..92cc500 100644 --- a/Makefile +++ b/Makefile @@ -406,7 +406,8 @@ install: all PHONY += run-tests tests: \ acceptance-tests \ - suricatta-tests + suricatta-tests \ + corelib-tests PHONY += acceptance-tests acceptance-tests: FORCE @@ -416,6 +417,10 @@ PHONY += suricatta-tests suricatta-tests: FORCE $(Q)$(MAKE) $(build)=suricatta/test SWOBJS="$(swupdate-objs)" SWLIBS="$(swupdate-libs)" LDLIBS="$(LDLIBS)" tests +PHONY += corelib-tests +corelib-tests: FORCE + $(Q)$(MAKE) $(build)=corelib/test SWOBJS="$(swupdate-objs)" SWLIBS="$(swupdate-libs)" LDLIBS="$(LDLIBS)" tests + # The actual objects are generated when descending, # make sure no implicit rule kicks in $(sort $(swupdate-all)): $(swupdate-dirs) ; diff --git a/corelib/test/Makefile b/corelib/test/Makefile new file mode 100644 index 0000000..b071177 --- /dev/null +++ b/corelib/test/Makefile @@ -0,0 +1,64 @@ +## Author: Christian Storm +## Copyright (C) 2017, Siemens AG +## +## This program is free software; you can redistribute it and/or +## modify it under the terms of the GNU General Public License as +## published by the Free Software Foundation; either version 2 of +## the License, or (at your option) any later version. +## +## This program is distributed in the hope that it will be useful, +## but WITHOUT ANY WARRANTY; without even the implied warranty of +## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +## GNU General Public License for more details. +## +## You should have received a copy of the GNU General Public License +## along with this program; if not, write to the Free Software +## Foundation, Inc. + +tests-$(CONFIG_ENCRYPTED_IMAGES) += test_crypt + +ccflags-y += -I$(src)/../ + +TARGETS = $(addprefix $(obj)/, $(tests-y)) +tests-objs = $(addsuffix .o, $(TARGETS)) +tests-lnk = $(addsuffix .lnk, $(TARGETS)) +targets += $(addsuffix .o, $(tests-y)) + +ifneq ($(CONFIG_EXTRA_LDFLAGS),) +EXTRA_LDFLAGS += $(strip $(subst ",,$(CONFIG_EXTRA_LDFLAGS)))#")) +endif + +## transfer __mock_*() functions to according linker flags via rudimentary regex awk parsing +LDMOCKS = `/usr/bin/awk '/^[^(extern)|(static)]*([\*_[:alnum:]]+[[:blank:]]+)+[\*]*__wrap_/{where = match($$0,"__wrap_[_[:alnum:]]+"); if (RSTART > 0) { print "-Wl,--wrap=" substr($$0, RSTART+7, RLENGTH-7);}}' $(basename $@).c` + +quiet_cmd_linktestexe = LD $(basename $@) + cmd_linktestexe = $(srctree)/scripts/trylink \ + "$(basename $@)" \ + "$(CC)" \ + "$(KBUILD_CFLAGS)" \ + "$(LDFLAGS) $(EXTRA_LDFLAGS) $(LDMOCKS)" \ + "$(basename $@).o $(subst core/built-in.o,core/built-in.o.tmp,$(SWOBJS))" \ + "$(SWLIBS)" \ + "$(LDLIBS) cmocka" + +EXECUTE_TEST = echo "RUN $(subst $(obj)/,,$(var))"; CMOCKA_MESSAGE_OUTPUT=TAP $(var) + +PHONY += default +default: + $(info please run 'make corelib-tests' in swupdate main directory) + +PHONY += tests +ifneq "$(tests-y)" "" +tests: $(tests-objs) $(tests-lnk) + @+$(foreach var,$(TARGETS),$(EXECUTE_TEST);) +else +tests: + @$(info crypto functions are disabled, nothing to test.) + @: +endif + +$(obj)/%.lnk: $(objtree)/core/built-in.o + $(Q)strip -N main -o $(objtree)/core/built-in.o.tmp $(objtree)/core/built-in.o + $(Q)$(call cmd,linktestexe) + +.PHONY: $(PHONY) diff --git a/corelib/test/test_crypt.c b/corelib/test/test_crypt.c new file mode 100644 index 0000000..84ac6ed --- /dev/null +++ b/corelib/test/test_crypt.c @@ -0,0 +1,148 @@ +/* + * Author: Christian Storm + * Copyright (C) 2017, Siemens AG + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published by the Free Software Foundation; either version 2 of + * the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc. + */ + +#include +#include +#include +#include +#include +#include +#include + +struct cryptdata { + unsigned char *key; + unsigned char *iv; + unsigned char *salt; + unsigned char *crypttext; +}; + +static void hex2bin(unsigned char *dest, const unsigned char *source) +{ + unsigned int val; + for (unsigned int i = 0; i < strlen((const char *)source); i += 2) { + val = from_ascii((const char *)&source[i], 2, LG_16); + dest[i / 2] = val; + } +} + +static void do_crypt(struct cryptdata *crypt, unsigned char *CRYPTTEXT, unsigned char *PLAINTEXT) +{ + int len; + void *dcrypt = swupdate_DECRYPT_init(crypt->key, crypt->iv, crypt->salt); + assert_non_null(dcrypt); + + unsigned char *buffer = calloc(1, strlen((const char *)CRYPTTEXT) + EVP_MAX_BLOCK_LENGTH); + int ret = swupdate_DECRYPT_update(dcrypt, buffer, &len, crypt->crypttext, strlen((const char *)CRYPTTEXT) / 2); + assert_true(ret >= 0); + assert_true(len == 0); + + ret = swupdate_DECRYPT_final(dcrypt, crypt->crypttext, &len); + assert_true(ret == 0); + assert_true(len == (int)strlen((const char *)PLAINTEXT)); + assert_true(strncmp((const char *)buffer, (const char *)PLAINTEXT, len) == 0); + free(buffer); +} + +static void test_crypt_nosalt(void **state) +{ + (void)state; + + unsigned char KEY[] = "E5E9FA1BA31ECD1AE84F75CAAA474F3A663F05F412028F81DA65D26EE56424B2"; + unsigned char IV[] = "E93DA465B309C53FEC5FF93C9637DA58"; + unsigned char CRYPTTEXT[] = "E4B7745CA14039555CECD548BB33E0C3"; + unsigned char PLAINTEXT[] = "CRYPTTEST"; + + struct cryptdata crypt; + hex2bin((crypt.key = calloc(1, strlen((const char *)KEY))), KEY); + hex2bin((crypt.iv = calloc(1, strlen((const char *)IV))), IV); + crypt.salt = NULL; + hex2bin((crypt.crypttext = calloc(1, strlen((const char *)CRYPTTEXT))), CRYPTTEXT); + + do_crypt(&crypt, &CRYPTTEXT[0], &PLAINTEXT[0]); + + free(crypt.key); + free(crypt.iv); + free(crypt.crypttext); +} + +static void test_crypt_salt(void **state) +{ + (void)state; + + unsigned char KEY[] = "69D54287F856D30B51B812FDF714556778CF31E1B104D9C68BD90C669C37D1AB"; + unsigned char IV[] = "E7039ABFCA63EB8EB1D320F7918275B2"; + unsigned char SALT[] = "F75A9C11F7F63C08"; + unsigned char CRYPTTEXT[] = "A17EBBB1A28459352FE3A994404E35AA"; + unsigned char PLAINTEXT[] = "CRYPTTEST"; + + struct cryptdata crypt; + hex2bin((crypt.key = calloc(1, strlen((const char *)KEY))), KEY); + hex2bin((crypt.iv = calloc(1, strlen((const char *)IV))), IV); + hex2bin((crypt.salt = calloc(1, strlen((const char *)SALT))), SALT); + hex2bin((crypt.crypttext = calloc(1, strlen((const char *)CRYPTTEXT))), CRYPTTEXT); + + do_crypt(&crypt, &CRYPTTEXT[0], &PLAINTEXT[0]); + + free(crypt.key); + free(crypt.iv); + free(crypt.salt); + free(crypt.crypttext); +} + +static void test_crypt_failure(void **state) +{ + (void)state; + + unsigned char KEY[] = "E5E9FA1BA31ECD1AE84F75CAAA474F3A663F05F412028F81DA65D26EE56424B2"; + unsigned char IV[] = "E93DA465B309C53FEC5FF93C9637DA58"; + unsigned char CRYPTTEXT[] = "CAFECAFECAFECAFECAFECAFECAFECAFE"; + + struct cryptdata crypt; + hex2bin((crypt.key = calloc(1, strlen((const char *)KEY))), KEY); + hex2bin((crypt.iv = calloc(1, strlen((const char *)IV))), IV); + crypt.salt = NULL; + hex2bin((crypt.crypttext = calloc(1, strlen((const char *)CRYPTTEXT))), CRYPTTEXT); + + int len; + void *dcrypt = swupdate_DECRYPT_init(crypt.key, crypt.iv, crypt.salt); + assert_non_null(dcrypt); + + unsigned char *buffer = calloc(1, strlen((const char *)CRYPTTEXT) + EVP_MAX_BLOCK_LENGTH); + int ret = swupdate_DECRYPT_update(dcrypt, buffer, &len, crypt.crypttext, strlen((const char *)CRYPTTEXT) / 2); + ret = swupdate_DECRYPT_final(dcrypt, crypt.crypttext, &len); + assert_true(ret != 0); + free(buffer); + + free(crypt.key); + free(crypt.iv); + free(crypt.salt); + free(crypt.crypttext); +} + +int main(void) +{ + int error_count = 0; + const struct CMUnitTest crypt_tests[] = { + cmocka_unit_test(test_crypt_nosalt), + cmocka_unit_test(test_crypt_failure), + cmocka_unit_test(test_crypt_salt) + }; + error_count += cmocka_run_group_tests_name("crypt", crypt_tests, NULL, NULL); + return error_count; +}