Exercises the Security Context front-end interface. More...
#include <stdlib.h>#include <stdio.h>#include <unity.h>#include <BPSecLib_Private.h>#include <mock_bpa/MockBPA.h>#include <CryptoInterface.h>#include <security_context/rfc9173.h>#include "bsl_test_utils.h"
Include dependency graph for test_BackendSecurityContext.c:Functions | |
| void | suiteSetUp (void) |
| int | suiteTearDown (int failures) |
| void | setUp (void) |
| void | tearDown (void) |
| void | test_SecurityContext_BIB_Source (void) |
| Purpose: Creates a BIB block and adds it to the bundle, confirms it matches the test vector in RFC9173. | |
| void | test_SecurityContext_BIB_Verifier (void) |
| Purpose: Tests that running as role VERIFIER passes correctly when the cryptographic material matches. | |
| void | test_SecurityContext_BIB_Verifier_Failure (void) |
| Purpose: Test that a BIB verification operation does not pass when the cryptographic material does not match. | |
| void | test_SecurityContext_BIB_Acceptor (void) |
| Tests that an acceptor will strip off the result and security block when the security operation validates correctly. | |
| void | test_RFC9173_AppendixA_Example3_Acceptor (void) |
| void | test_RFC9173_AppendixA_Example3_Source (void) |
| void | test_RFC9173_AppendixA_Example4_Acceptor (void) |
| void | test_RFC9173_AppendixA_Example4_Source (void) |
Variables | |
| static BSL_TestContext_t | LocalTestCtx |
Detailed Description
Exercises the Security Context front-end interface.
Notes:
- These tests exercise the security context front-end interface.
- They are mostly concerned with given bundles, blocks, and Policy Action Sets
- They test correctness mostly by verifying that operations modify the bundle as intended
- They are checked against test vectors in Appendix A of RFC9173.
Function Documentation
◆ setUp()
| void setUp | ( | void | ) |
◆ suiteSetUp()
| void suiteSetUp | ( | void | ) |
◆ suiteTearDown()
| int suiteTearDown | ( | int | failures | ) |
References BSL_HostDescriptors_Clear(), and mock_bpa_LogClose().
◆ tearDown()
| void tearDown | ( | void | ) |
◆ test_RFC9173_AppendixA_Example3_Acceptor()
| void test_RFC9173_AppendixA_Example3_Acceptor | ( | void | ) |
References BCBTestContext_Deinit(), BCBTestContext_Init(), BIBTestContext_Deinit(), BIBTestContext_Init(), BSL_PrimaryBlock_t::block_count, BSL_TestContext_t::bsl, BSL_BundleCtx_GetBundleMetadata(), BSL_calloc(), BSL_Crypto_SetRngGenerator(), BSL_free(), BSL_POLICYACTION_DROP_BLOCK, BSL_PrimaryBlock_deinit(), BSL_SECBLOCKTYPE_BCB, BSL_SECBLOCKTYPE_BIB, BSL_SecCtx_ExecutePolicyActionSet(), BSL_SecOper_AppendParam(), BSL_SecOper_Init(), BSL_SecOper_Populate(), BSL_SecParam_InitInt64(), BSL_SecParam_InitTextstr(), BSL_SECPARAM_TYPE_KEY_ID, BSL_SECPARAM_USE_KEY_WRAP, BSL_SECROLE_ACCEPTOR, BSL_SecurityAction_AppendSecOper(), BSL_SecurityAction_Deinit(), BSL_SecurityAction_Init(), BSL_SecurityAction_Sizeof(), BSL_SecurityActionSet_AppendAction(), BSL_SecurityActionSet_Deinit(), BSL_SecurityActionSet_Init(), BSL_SecurityActionSet_Sizeof(), BSL_SecurityResponseSet_Deinit(), BSL_SUCCESS, BSL_TestUtils_LoadBundleFromCBOR(), BSL_TestUtils_MallocEmptyPolicyResponse(), mock_bpa_ctr_t::bundle_ref, LocalTestCtx, BSL_TestContext_t::mock_bpa_ctr, BIBTestContext::param_test_key, BCBTestContext::param_test_key_id, rfc9173_byte_gen_fn_a4(), RFC9173_EXAMPLE_A1_KEY, RFC9173_EXAMPLE_A3_KEY, TEST_ASSERT_EQUAL(), BIBTestContext::use_key_wrap, and BCBTestContext::use_key_wrap.
◆ test_RFC9173_AppendixA_Example3_Source()
| void test_RFC9173_AppendixA_Example3_Source | ( | void | ) |
References BCBTestContext_Deinit(), BCBTestContext_Init(), BIBTestContext_Deinit(), BIBTestContext_Init(), BSL_PrimaryBlock_t::block_count, BSL_TestContext_t::bsl, BSL_BundleCtx_GetBundleMetadata(), BSL_calloc(), BSL_free(), BSL_POLICYACTION_DROP_BLOCK, BSL_PrimaryBlock_deinit(), BSL_SECBLOCKTYPE_BCB, BSL_SECBLOCKTYPE_BIB, BSL_SecCtx_ExecutePolicyActionSet(), BSL_SecOper_AppendParam(), BSL_SecOper_Init(), BSL_SecOper_Populate(), BSL_SecParam_InitInt64(), BSL_SecParam_InitTextstr(), BSL_SECPARAM_TYPE_KEY_ID, BSL_SECPARAM_USE_KEY_WRAP, BSL_SECROLE_SOURCE, BSL_SecurityAction_AppendSecOper(), BSL_SecurityAction_Deinit(), BSL_SecurityAction_Init(), BSL_SecurityAction_Sizeof(), BSL_SecurityActionSet_AppendAction(), BSL_SecurityActionSet_Deinit(), BSL_SecurityActionSet_Init(), BSL_SecurityActionSet_Sizeof(), BSL_SecurityResponseSet_CountResponses(), BSL_SecurityResponseSet_Deinit(), BSL_SecurityResponseSet_Init(), BSL_SUCCESS, BSL_TestUtils_LoadBundleFromCBOR(), BSL_TestUtils_MallocEmptyPolicyResponse(), mock_bpa_ctr_t::bundle_ref, LocalTestCtx, BSL_TestContext_t::mock_bpa_ctr, BCBTestContext::param_aes_variant, BIBTestContext::param_scope_flags, BCBTestContext::param_scope_flags, BIBTestContext::param_sha_variant, BIBTestContext::param_test_key, BCBTestContext::param_test_key_id, RFC9173_BCB_SECPARAM_AADSCOPE, RFC9173_BCB_SECPARAM_AESVARIANT, RFC9173_BIB_PARAMID_INTEG_SCOPE_FLAG, RFC9173_BIB_PARAMID_SHA_VARIANT, RFC9173_BIB_SHA_HMAC256, RFC9173_EXAMPLE_A1_KEY, RFC9173_EXAMPLE_A3_KEY, TEST_ASSERT_EQUAL(), BIBTestContext::use_key_wrap, and BCBTestContext::use_key_wrap.
◆ test_RFC9173_AppendixA_Example4_Acceptor()
| void test_RFC9173_AppendixA_Example4_Acceptor | ( | void | ) |
References BCBTestContext_Deinit(), BCBTestContext_Init(), BIBTestContext_Deinit(), BIBTestContext_Init(), BSL_PrimaryBlock_t::block_count, BSL_CanonicalBlock_t::block_num, BSL_TestContext_t::bsl, BSL_BundleCtx_GetBlockMetadata(), BSL_BundleCtx_GetBundleMetadata(), BSL_calloc(), BSL_Crypto_SetRngGenerator(), BSL_free(), BSL_POLICYACTION_DROP_BLOCK, BSL_PrimaryBlock_deinit(), BSL_SECBLOCKTYPE_BCB, BSL_SECBLOCKTYPE_BIB, BSL_SecCtx_ExecutePolicyActionSet(), BSL_SecOper_AppendParam(), BSL_SecOper_Init(), BSL_SecOper_Populate(), BSL_SecParam_InitInt64(), BSL_SecParam_InitTextstr(), BSL_SECPARAM_TYPE_KEY_ID, BSL_SECPARAM_USE_KEY_WRAP, BSL_SECROLE_ACCEPTOR, BSL_SecurityAction_AppendSecOper(), BSL_SecurityAction_Deinit(), BSL_SecurityAction_Init(), BSL_SecurityAction_Sizeof(), BSL_SecurityActionSet_AppendAction(), BSL_SecurityActionSet_Deinit(), BSL_SecurityActionSet_Init(), BSL_SecurityActionSet_Sizeof(), BSL_SecurityResponseSet_Deinit(), BSL_SUCCESS, BSL_TestUtils_IsB16StrEqualTo(), BSL_TestUtils_LoadBundleFromCBOR(), BSL_TestUtils_MallocEmptyPolicyResponse(), mock_bpa_ctr_t::bundle_ref, mock_bpa_ctr_t::encoded, BSL_CanonicalBlock_t::flags, LocalTestCtx, BSL_TestContext_t::mock_bpa_ctr, mock_bpa_encode(), BCBTestContext::param_aes_variant, BIBTestContext::param_scope_flags, BCBTestContext::param_scope_flags, BIBTestContext::param_sha_variant, BIBTestContext::param_test_key, BCBTestContext::param_test_key_id, RFC9173_BCB_AES_VARIANT_A256GCM, RFC9173_BCB_SECPARAM_AADSCOPE, RFC9173_BCB_SECPARAM_AESVARIANT, RFC9173_BIB_PARAMID_INTEG_SCOPE_FLAG, RFC9173_BIB_PARAMID_SHA_VARIANT, RFC9173_BIB_SHA_HMAC384, rfc9173_byte_gen_fn_a4(), RFC9173_EXAMPLE_A1_KEY, RFC9173_EXAMPLE_A4_BCB_KEY, TEST_ASSERT_EQUAL(), BSL_CanonicalBlock_t::type_code, BIBTestContext::use_key_wrap, and BCBTestContext::use_key_wrap.
◆ test_RFC9173_AppendixA_Example4_Source()
| void test_RFC9173_AppendixA_Example4_Source | ( | void | ) |
References BCBTestContext_Deinit(), BCBTestContext_Init(), BIBTestContext_Deinit(), BIBTestContext_Init(), BSL_PrimaryBlock_t::block_count, BSL_TestContext_t::bsl, BSL_BundleCtx_GetBundleMetadata(), BSL_calloc(), BSL_Crypto_SetRngGenerator(), BSL_free(), BSL_POLICYACTION_DROP_BLOCK, BSL_PrimaryBlock_deinit(), BSL_SECBLOCKTYPE_BCB, BSL_SECBLOCKTYPE_BIB, BSL_SecCtx_ExecutePolicyActionSet(), BSL_SecOper_AppendParam(), BSL_SecOper_Init(), BSL_SecOper_Populate(), BSL_SecParam_InitInt64(), BSL_SecParam_InitTextstr(), BSL_SECPARAM_TYPE_KEY_ID, BSL_SECPARAM_USE_KEY_WRAP, BSL_SECROLE_SOURCE, BSL_SecurityAction_AppendSecOper(), BSL_SecurityAction_Deinit(), BSL_SecurityAction_Init(), BSL_SecurityAction_Sizeof(), BSL_SecurityActionSet_AppendAction(), BSL_SecurityActionSet_Deinit(), BSL_SecurityActionSet_Init(), BSL_SecurityActionSet_Sizeof(), BSL_SecurityResponseSet_Deinit(), BSL_SUCCESS, BSL_TestUtils_LoadBundleFromCBOR(), BSL_TestUtils_MallocEmptyPolicyResponse(), mock_bpa_ctr_t::bundle_ref, LocalTestCtx, BSL_TestContext_t::mock_bpa_ctr, BCBTestContext::param_aes_variant, BIBTestContext::param_scope_flags, BCBTestContext::param_scope_flags, BIBTestContext::param_sha_variant, BIBTestContext::param_test_key, BCBTestContext::param_test_key_id, RFC9173_BCB_AES_VARIANT_A256GCM, RFC9173_BCB_SECPARAM_AADSCOPE, RFC9173_BCB_SECPARAM_AESVARIANT, RFC9173_BIB_PARAMID_INTEG_SCOPE_FLAG, RFC9173_BIB_PARAMID_SHA_VARIANT, RFC9173_BIB_SHA_HMAC384, rfc9173_byte_gen_fn_a4(), RFC9173_EXAMPLE_A1_KEY, RFC9173_EXAMPLE_A4_BCB_KEY, TEST_ASSERT_EQUAL(), BIBTestContext::use_key_wrap, and BCBTestContext::use_key_wrap.
◆ test_SecurityContext_BIB_Acceptor()
| void test_SecurityContext_BIB_Acceptor | ( | void | ) |
Tests that an acceptor will strip off the result and security block when the security operation validates correctly.
Steps:
- Get a BIB secured bundle from RFC9173 Appendix A1.4.
- Create a BIB-Acceptor security operation with hard-coded arguments (From RFC9173 A1 ASB)
- Use the high-level security context interface to create a security outcome.
- Confirm that the execution succeeds.
- Check that the BIB result was removed from the bundle (by making sure the encoding matches bundle in A1.1)
References BIBTestContext_Deinit(), BIBTestContext_Init(), BSL_TestContext_t::bsl, BSL_free(), BSL_SecCtx_ExecutePolicyActionSet(), BSL_SECROLE_ACCEPTOR, BSL_SecurityActionSet_Deinit(), BSL_SecurityResponseSet_Deinit(), BSL_TestUtils_InitBIB_AppendixA1(), BSL_TestUtils_InitMallocBIBActionSet(), BSL_TestUtils_IsB16StrEqualTo(), BSL_TestUtils_LoadBundleFromCBOR(), BSL_TestUtils_MallocEmptyPolicyResponse(), mock_bpa_ctr_t::bundle_ref, RFC9173_TestVectors_AppendixA1::cbor_bundle_bib, RFC9173_TestVectors_AppendixA1::cbor_bundle_original, mock_bpa_ctr_t::encoded, LocalTestCtx, BSL_TestContext_t::mock_bpa_ctr, mock_bpa_encode(), RFC9173_EXAMPLE_A1_KEY, and TEST_ASSERT_EQUAL().
◆ test_SecurityContext_BIB_Source()
| void test_SecurityContext_BIB_Source | ( | void | ) |
Purpose: Creates a BIB block and adds it to the bundle, confirms it matches the test vector in RFC9173.
Steps:
- Get an unsecured bundle with a primary and payload block (From RFC9173)
- Create a BIB security operation with hard-coded arguments (From RFC9173 A1 ASB)
- Use the high-level security context interface to apply the security operation
- Confirm the bundle has the BIB block applied by comparing its encoding to expect in RFC9173.
Notes:
- Common repeated patterns are in the process of being factored out
- All values are drawn from RFC9173 Appendix A.
References BIBTestContext_Deinit(), BIBTestContext_Init(), MockBPA_Bundle_t::blocks_num, BSL_TestContext_t::bsl, BSL_free(), BSL_SecCtx_ExecutePolicyActionSet(), BSL_SECROLE_SOURCE, BSL_SecurityActionSet_Deinit(), BSL_SecurityResponseSet_Deinit(), BSL_TestUtils_InitBIB_AppendixA1(), BSL_TestUtils_InitMallocBIBActionSet(), BSL_TestUtils_IsB16StrEqualTo(), BSL_TestUtils_LoadBundleFromCBOR(), BSL_TestUtils_MallocEmptyPolicyResponse(), mock_bpa_ctr_t::bundle, mock_bpa_ctr_t::bundle_ref, RFC9173_TestVectors_AppendixA1::cbor_bib_abs_sec_block, RFC9173_TestVectors_AppendixA1::cbor_bundle_bib, RFC9173_TestVectors_AppendixA1::cbor_bundle_original, mock_bpa_ctr_t::encoded, LocalTestCtx, BSL_TestContext_t::mock_bpa_ctr, mock_bpa_encode(), RFC9173_EXAMPLE_A1_KEY, and TEST_ASSERT_EQUAL().
◆ test_SecurityContext_BIB_Verifier()
| void test_SecurityContext_BIB_Verifier | ( | void | ) |
Purpose: Tests that running as role VERIFIER passes correctly when the cryptographic material matches.
Steps:
- Get a BIB secured bundle from RFC9173 Appendix A1.4.
- Create a BIB-Verify security operation with hard-coded arguments (From RFC9173 A1 ASB)
- Use the high-level security context interface to create a security outcome.
- Confirm the bundle's BIB HMAC matches the outcome's HMAC.
Notes:
- Common repeated patterns are in the process of being factored out
- All values are drawn from RFC9173 Appendix A.
References BIBTestContext_Deinit(), BIBTestContext_Init(), BSL_TestContext_t::bsl, BSL_free(), BSL_SecCtx_ExecutePolicyActionSet(), BSL_SECROLE_VERIFIER, BSL_SecurityActionSet_Deinit(), BSL_SecurityResponseSet_Deinit(), BSL_TestUtils_InitBIB_AppendixA1(), BSL_TestUtils_InitMallocBIBActionSet(), BSL_TestUtils_IsB16StrEqualTo(), BSL_TestUtils_LoadBundleFromCBOR(), BSL_TestUtils_MallocEmptyPolicyResponse(), mock_bpa_ctr_t::bundle_ref, RFC9173_TestVectors_AppendixA1::cbor_bundle_bib, mock_bpa_ctr_t::encoded, LocalTestCtx, BSL_TestContext_t::mock_bpa_ctr, mock_bpa_encode(), RFC9173_EXAMPLE_A1_KEY, and TEST_ASSERT_EQUAL().
◆ test_SecurityContext_BIB_Verifier_Failure()
| void test_SecurityContext_BIB_Verifier_Failure | ( | void | ) |
Purpose: Test that a BIB verification operation does not pass when the cryptographic material does not match.
Steps:
- Get a BIB secured bundle from RFC9173 Appendix A1.4.
- Create a BIB-Verify security operation with hard-coded arguments (From RFC9173 A1 ASB)
- Manipulate the arguments so they use a different key
- Use the high-level security context interface to create a security outcome.
- Confirm that the execution failed (return code != 0)
Notes:
- Check more than return code, look deeper into outcome.
References BIBTestContext_Deinit(), BIBTestContext_Init(), BSL_TestContext_t::bsl, BSL_free(), BSL_SecCtx_ExecutePolicyActionSet(), BSL_SECOP_CONCLUSION_FAILURE, BSL_SecParam_Deinit(), BSL_SecParam_GetId(), BSL_SecParam_InitTextstr(), BSL_SECROLE_VERIFIER, BSL_SecurityAction_GetSecOperAtIndex(), BSL_SecurityActionSet_Deinit(), BSL_SecurityActionSet_GetActionAtIndex(), BSL_SecurityResponseSet_Deinit(), BSL_SUCCESS, BSL_TestUtils_InitBIB_AppendixA1(), BSL_TestUtils_InitMallocBIBActionSet(), BSL_TestUtils_LoadBundleFromCBOR(), BSL_TestUtils_MallocEmptyPolicyResponse(), mock_bpa_ctr_t::bundle_ref, RFC9173_TestVectors_AppendixA1::cbor_bundle_bib, LocalTestCtx, BSL_TestContext_t::mock_bpa_ctr, BIBTestContext::param_test_key, RFC9173_EXAMPLE_A2_KEY, and TEST_ASSERT_EQUAL().
Variable Documentation
◆ LocalTestCtx
|
static |
Referenced by setUp(), tearDown(), test_RFC9173_AppendixA_Example3_Acceptor(), test_RFC9173_AppendixA_Example3_Source(), test_RFC9173_AppendixA_Example4_Acceptor(), test_RFC9173_AppendixA_Example4_Source(), test_SecurityContext_BIB_Acceptor(), test_SecurityContext_BIB_Source(), test_SecurityContext_BIB_Verifier(), and test_SecurityContext_BIB_Verifier_Failure().
