Exercises the Security Context front-end interface. More...
#include <stdlib.h>#include <stdio.h>#include <unity.h>#include <BPSecLib_Private.h>#include <mock_bpa/MockBPA.h>#include <CryptoInterface.h>#include <security_context/rfc9173.h>#include "bsl_test_utils.h"
Include dependency graph for test_BackendSecurityContext.c:Functions | |
| void | suiteSetUp (void) |
| int | suiteTearDown (int failures) |
| void | setUp (void) |
| void | tearDown (void) |
| void | test_SecurityContext_BIB_Source (void) |
| Purpose: Creates a BIB block and adds it to the bundle, confirms it matches the test vector in RFC9173. | |
| void | test_SecurityContext_BIB_Verifier (void) |
| Purpose: Tests that running as role VERIFIER passes correctly when the cryptographic material matches. | |
| void | test_SecurityContext_BIB_Verifier_Failure (void) |
| Purpose: Test that a BIB verification operation does not pass when the cryptographic material does not match. | |
| void | test_SecurityContext_BIB_Acceptor (void) |
| Tests that an acceptor will strip off the result and security block when the security operation validates correctly. | |
| void | test_RFC9173_AppendixA_Example3_Acceptor (void) |
| void | test_RFC9173_AppendixA_Example3_Source (void) |
| void | test_RFC9173_AppendixA_Example4_Acceptor (void) |
| void | test_RFC9173_AppendixA_Example4_Source (void) |
Variables | |
| static BSL_TestContext_t | LocalTestCtx |
Detailed Description
Exercises the Security Context front-end interface.
Notes:
- These tests exercise the security context front-end interface.
- They are mostly concerned with given bundles, blocks, and Policy Action Sets
- They test correctness mostly by verifying that operations modify the bundle as intended
- They are checked against test vectors in Appendix A of RFC9173.
Function Documentation
◆ test_SecurityContext_BIB_Acceptor()
| void test_SecurityContext_BIB_Acceptor | ( | void | ) |
Tests that an acceptor will strip off the result and security block when the security operation validates correctly.
Steps:
- Get a BIB secured bundle from RFC9173 Appendix A1.4.
- Create a BIB-Acceptor security operation with hard-coded arguments (From RFC9173 A1 ASB)
- Use the high-level security context interface to create a security outcome.
- Confirm that the execution succeeds.
- Check that the BIB result was removed from the bundle (by making sure the encoding matches bundle in A1.1)
References BSL_FREE, BSL_SecCtx_ExecutePolicyActionSet(), BSL_SECROLE_ACCEPTOR, BSL_SecurityActionSet_Deinit(), BSL_SecurityResponseSet_Deinit(), mock_bpa_ctr_t::bundle_ref, and mock_bpa_ctr_t::encoded.
◆ test_SecurityContext_BIB_Source()
| void test_SecurityContext_BIB_Source | ( | void | ) |
Purpose: Creates a BIB block and adds it to the bundle, confirms it matches the test vector in RFC9173.
Steps:
- Get an unsecured bundle with a primary and payload block (From RFC9173)
- Create a BIB security operation with hard-coded arguments (From RFC9173 A1 ASB)
- Use the high-level security context interface to apply the security operation
- Confirm the bundle has the BIB block applied by comparing its encoding to expect in RFC9173.
Notes:
- Common repeated patterns are in the process of being factored out
- All values are drawn from RFC9173 Appendix A.
References BSL_BundleCtx_GetBlockMetadata(), BSL_FREE, BSL_SecCtx_ExecutePolicyActionSet(), BSL_SECROLE_SOURCE, BSL_SecurityActionSet_Deinit(), BSL_SecurityResponseSet_Deinit(), mock_bpa_ctr_t::bundle_ref, and mock_bpa_ctr_t::encoded.
◆ test_SecurityContext_BIB_Verifier()
| void test_SecurityContext_BIB_Verifier | ( | void | ) |
Purpose: Tests that running as role VERIFIER passes correctly when the cryptographic material matches.
Steps:
- Get a BIB secured bundle from RFC9173 Appendix A1.4.
- Create a BIB-Verify security operation with hard-coded arguments (From RFC9173 A1 ASB)
- Use the high-level security context interface to create a security outcome.
- Confirm the bundle's BIB HMAC matches the outcome's HMAC.
Notes:
- Common repeated patterns are in the process of being factored out
- All values are drawn from RFC9173 Appendix A.
References BSL_FREE, BSL_SecCtx_ExecutePolicyActionSet(), BSL_SECROLE_VERIFIER, BSL_SecurityActionSet_Deinit(), BSL_SecurityResponseSet_Deinit(), mock_bpa_ctr_t::bundle_ref, and mock_bpa_ctr_t::encoded.
◆ test_SecurityContext_BIB_Verifier_Failure()
| void test_SecurityContext_BIB_Verifier_Failure | ( | void | ) |
Purpose: Test that a BIB verification operation does not pass when the cryptographic material does not match.
Steps:
- Get a BIB secured bundle from RFC9173 Appendix A1.4.
- Create a BIB-Verify security operation with hard-coded arguments (From RFC9173 A1 ASB)
- Manipulate the arguments so they use a different key
- Use the high-level security context interface to create a security outcome.
- Confirm that the execution failed (return code != 0)
Notes:
- Check more than return code, look deeper into outcome.
References BSL_FREE, BSL_SecCtx_ExecutePolicyActionSet(), BSL_SECOP_CONCLUSION_FAILURE, BSL_SECROLE_VERIFIER, BSL_SecurityActionSet_Deinit(), BSL_SecurityActionSet_GetActionAtIndex(), BSL_SecurityResponseSet_Deinit(), BSL_SUCCESS, and mock_bpa_ctr_t::bundle_ref.
