bind/lib/dns/tests/dh_test.c

/*
 * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
 *
 * This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
 *
 * See the COPYRIGHT file distributed with this work for additional
 * information regarding copyright ownership.
 */

/* $Id$ */

/* ! \file */

#include <config.h>

#include <atf-c.h>

#include <unistd.h>

#include <isc/util.h>
#include <isc/string.h>

#include <pk11/site.h>

#include <dns/name.h>
#include <dst/result.h>

#include "../dst_internal.h"

#include "dnstest.h"

#if defined(OPENSSL) && !defined(PK11_DH_DISABLE)

ATF_TC(isc_dh_computesecret);
ATF_TC_HEAD(isc_dh_computesecret, tc) {
	atf_tc_set_md_var(tc, "descr", "OpenSSL DH_compute_key() failure");
}
ATF_TC_BODY(isc_dh_computesecret, tc) {
	dst_key_t *key = NULL;
	isc_buffer_t buf;
	unsigned char array[1024];
	isc_result_t ret;
	dns_fixedname_t fname;
	dns_name_t *name;

	UNUSED(tc);

	ret = dns_test_begin(NULL, ISC_FALSE);
	ATF_REQUIRE_EQ(ret, ISC_R_SUCCESS);

	name = dns_fixedname_initname(&fname);
	isc_buffer_constinit(&buf, "dh.", 3);
	isc_buffer_add(&buf, 3);
	ret = dns_name_fromtext(name, &buf, NULL, 0, NULL);
	ATF_REQUIRE_EQ(ret, ISC_R_SUCCESS);

	ret = dst_key_fromfile(name, 18602, DST_ALG_DH,
			       DST_TYPE_PUBLIC | DST_TYPE_KEY,
			       "./", mctx, &key);
	ATF_REQUIRE_EQ(ret, ISC_R_SUCCESS);

	isc_buffer_init(&buf, array, sizeof(array));
	ret = dst_key_computesecret(key, key, &buf);
	ATF_REQUIRE_EQ(ret, DST_R_NOTPRIVATEKEY);
	ret = key->func->computesecret(key, key, &buf);
	ATF_REQUIRE_EQ(ret, DST_R_COMPUTESECRETFAILURE);

	dst_key_free(&key);
	dns_test_end();
}
#else
ATF_TC(untested);
ATF_TC_HEAD(untested, tc) {
	atf_tc_set_md_var(tc, "descr", "skipping OpenSSL DH test");
}
ATF_TC_BODY(untested, tc) {
	UNUSED(tc);
	atf_tc_skip("OpenSSL DH not compiled in");
}
#endif
/*
 * Main
 */
ATF_TP_ADD_TCS(tp) {
#if defined(OPENSSL) && !defined(PK11_DH_DISABLE)
	ATF_TP_ADD_TC(tp, isc_dh_computesecret);
#else
	ATF_TP_ADD_TC(tp, untested);
#endif
	return (atf_no_error());
}
[master] add diffie-hellman key unit test 3978. [test] Added a unit test for Diffie-Hellman key computation, completing change #3974. [RT #37477] 2014-10-17 15:55:37 -07:00			`/*`
Update license headers to not include years in copyright in all applicable files 2018-02-23 09:53:12 +01:00			`* Copyright (C) Internet Systems Consortium, Inc. ("ISC")`
[master] add diffie-hellman key unit test 3978. [test] Added a unit test for Diffie-Hellman key computation, completing change #3974. [RT #37477] 2014-10-17 15:55:37 -07:00			`*`
4401. [misc] Change LICENSE to MPL 2.0. 2016-06-27 14:56:38 +10:00			`* This Source Code Form is subject to the terms of the Mozilla Public`
			`* License, v. 2.0. If a copy of the MPL was not distributed with this`
			`* file, You can obtain one at http://mozilla.org/MPL/2.0/.`
Update license headers to not include years in copyright in all applicable files 2018-02-23 09:53:12 +01:00			`*`
			`* See the COPYRIGHT file distributed with this work for additional`
			`* information regarding copyright ownership.`
[master] add diffie-hellman key unit test 3978. [test] Added a unit test for Diffie-Hellman key computation, completing change #3974. [RT #37477] 2014-10-17 15:55:37 -07:00			`*/`

			`/* $Id$ */`

			`/* ! \file */`

			`#include <config.h>`

			`#include <atf-c.h>`

			`#include <unistd.h>`

			`#include <isc/util.h>`
			`#include <isc/string.h>`

4450. [port] Provide more nuanced HSM support which better matches the specific PKCS11 providers capabilities. [RT #42458] 2016-08-19 08:02:51 +10:00			`#include <pk11/site.h>`

[master] add diffie-hellman key unit test 3978. [test] Added a unit test for Diffie-Hellman key computation, completing change #3974. [RT #37477] 2014-10-17 15:55:37 -07:00			`#include <dns/name.h>`
			`#include <dst/result.h>`

			`#include "../dst_internal.h"`

			`#include "dnstest.h"`

4450. [port] Provide more nuanced HSM support which better matches the specific PKCS11 providers capabilities. [RT #42458] 2016-08-19 08:02:51 +10:00			`#if defined(OPENSSL) && !defined(PK11_DH_DISABLE)`
[master] add diffie-hellman key unit test 3978. [test] Added a unit test for Diffie-Hellman key computation, completing change #3974. [RT #37477] 2014-10-17 15:55:37 -07:00
			`ATF_TC(isc_dh_computesecret);`
			`ATF_TC_HEAD(isc_dh_computesecret, tc) {`
			`atf_tc_set_md_var(tc, "descr", "OpenSSL DH_compute_key() failure");`
			`}`
			`ATF_TC_BODY(isc_dh_computesecret, tc) {`
			`dst_key_t *key = NULL;`
			`isc_buffer_t buf;`
			`unsigned char array[1024];`
			`isc_result_t ret;`
			`dns_fixedname_t fname;`
			`dns_name_t *name;`

			`UNUSED(tc);`

			`ret = dns_test_begin(NULL, ISC_FALSE);`
			`ATF_REQUIRE_EQ(ret, ISC_R_SUCCESS);`

Use dns_fixedname_initname() where possible Replace dns_fixedname_init() calls followed by dns_fixedname_name() calls with calls to dns_fixedname_initname() where it is possible without affecting current behavior and/or performance. This patch was mostly prepared using Coccinelle and the following semantic patch: @@ expression fixedname, name; @@ - dns_fixedname_init(&fixedname); ... - name = dns_fixedname_name(&fixedname); + name = dns_fixedname_initname(&fixedname); The resulting set of changes was then manually reviewed to exclude false positives and apply minor tweaks. It is likely that more occurrences of this pattern can be refactored in an identical way. This commit only takes care of the low-hanging fruit. 2018-03-28 14:38:09 +02:00			`name = dns_fixedname_initname(&fname);`
[master] add diffie-hellman key unit test 3978. [test] Added a unit test for Diffie-Hellman key computation, completing change #3974. [RT #37477] 2014-10-17 15:55:37 -07:00			`isc_buffer_constinit(&buf, "dh.", 3);`
			`isc_buffer_add(&buf, 3);`
			`ret = dns_name_fromtext(name, &buf, NULL, 0, NULL);`
			`ATF_REQUIRE_EQ(ret, ISC_R_SUCCESS);`

			`ret = dst_key_fromfile(name, 18602, DST_ALG_DH,`
			`DST_TYPE_PUBLIC \| DST_TYPE_KEY,`
			`"./", mctx, &key);`
			`ATF_REQUIRE_EQ(ret, ISC_R_SUCCESS);`

			`isc_buffer_init(&buf, array, sizeof(array));`
			`ret = dst_key_computesecret(key, key, &buf);`
			`ATF_REQUIRE_EQ(ret, DST_R_NOTPRIVATEKEY);`
			`ret = key->func->computesecret(key, key, &buf);`
			`ATF_REQUIRE_EQ(ret, DST_R_COMPUTESECRETFAILURE);`

			`dst_key_free(&key);`
			`dns_test_end();`
			`}`
			`#else`
			`ATF_TC(untested);`
			`ATF_TC_HEAD(untested, tc) {`
			`atf_tc_set_md_var(tc, "descr", "skipping OpenSSL DH test");`
			`}`
			`ATF_TC_BODY(untested, tc) {`
			`UNUSED(tc);`
			`atf_tc_skip("OpenSSL DH not compiled in");`
			`}`
			`#endif`
			`/*`
			`* Main`
			`*/`
			`ATF_TP_ADD_TCS(tp) {`
4450. [port] Provide more nuanced HSM support which better matches the specific PKCS11 providers capabilities. [RT #42458] 2016-08-19 08:02:51 +10:00			`#if defined(OPENSSL) && !defined(PK11_DH_DISABLE)`
[master] add diffie-hellman key unit test 3978. [test] Added a unit test for Diffie-Hellman key computation, completing change #3974. [RT #37477] 2014-10-17 15:55:37 -07:00			`ATF_TP_ADD_TC(tp, isc_dh_computesecret);`
			`#else`
			`ATF_TP_ADD_TC(tp, untested);`
			`#endif`
			`return (atf_no_error());`
			`}`