Specific low-level tests of the Default Security Context. More...

#include <stdlib.h>
#include <stdio.h>
#include <unity.h>
#include <BPSecLib_Private.h>
#include <mock_bpa/MockBPA.h>
#include <CryptoInterface.h>
#include <backend/PublicInterfaceImpl.h>
#include <security_context/DefaultSecContext.h>
#include <security_context/DefaultSecContext_Private.h>
#include <security_context/rfc9173.h>
#include "bsl_test_utils.h"

Include dependency graph for test_DefaultSecurityContext.c:

Functions
void	suiteSetUp (void)

int	suiteTearDown (int failures)

void	setUp (void)

void	tearDown (void)

void	test_RFC9173_AppendixA_Example1_BIB_Source (void)
	Purpose: Exercise BIB applying security to a target payload block.

void	test_RFC9173_AppendixA_Example2_BCB_Source (void)
	Purpose: Exercise BCB applying security to a target payload block.

void	test_RFC9173_AppendixA_Example2_BCB_Acceptor (void)

int	rfc3394_cek (unsigned char *buf, int len)

void	test_sec_source_keywrap (bool wrap, bool bib)

void	test_sec_accept_keyunwrap (bool bib)

Variables
static BSL_TestContext_t	LocalTestCtx

Detailed Description

Specific low-level tests of the Default Security Context.

Notes:

These tests use constructs defined in the BSL to exercise the Default Security Context
It uses test inputs and vectors from RFC9173 Appendix A.
It does NOT use any of the "Plumbing" inside the BSL.
It only directly calls the interfaces exposed by the Default Security Context.
BCB internally is functionally complete, however it needs better integration with BPA to overwrite BTSD.

Function Documentation

◆ rfc3394_cek()

int rfc3394_cek	(	unsigned char *	buf,
		int	len
	)

References buf.

Referenced by test_sec_accept_keyunwrap(), and test_sec_source_keywrap().

◆ setUp()

void setUp ( void )

References BSL_TestContext_t::bsl, BSL_API_InitLib(), BSL_CryptoInit(), BSL_TestUtils_SetupDefaultSecurityContext(), LocalTestCtx, BSL_TestContext_t::mock_bpa_ctr, mock_bpa_ctr_init(), and TEST_ASSERT_EQUAL().

◆ suiteSetUp()

void suiteSetUp ( void )

References BSL_HostDescriptors_Set(), mock_bpa_LogOpen(), mock_bpa_LogSetLeastSeverity(), MockBPA_Agent_Descriptors(), and TEST_ASSERT_EQUAL_INT().

◆ suiteTearDown()

int suiteTearDown ( int failures )

References BSL_HostDescriptors_Clear(), and mock_bpa_LogClose().

◆ tearDown()

void tearDown ( void )

References BSL_TestContext_t::bsl, BSL_API_DeinitLib(), BSL_CryptoDeinit(), LocalTestCtx, BSL_TestContext_t::mock_bpa_ctr, mock_bpa_ctr_deinit(), and TEST_ASSERT_EQUAL().

◆ test_RFC9173_AppendixA_Example1_BIB_Source()

void test_RFC9173_AppendixA_Example1_BIB_Source ( void )

Purpose: Exercise BIB applying security to a target payload block.

Steps:

Get an unsecured bundle with a primary and payload block (From RFC9173)
Decode it into a BSL_BundleCtx struct
Create a BIB security operation with hard-coded arguments (From RFC9173 A1 ASB)
Run the DefaultSecuritContext's BSLX_BIB_Execute function and confirm result is 0.
Capture the outcome from the above function to confirm 1 result (the authentication code)
Capture the auth code and ensure it matches the value in the test vector.

Notes:

Common repeated patterns are in the process of being factored out
All values are drawn from RFC9173 Appendix A.

Confirm running BIB as source executes without error

Confirm it produced only 1 result

Confirm the context and result result is the right ID (Defined in RFC)

Confirm the actual HMAC signature matches what is in the RFC

References ApxA1_HMAC, BIBTestContext_Deinit(), BIBTestContext_Init(), BSL_TestContext_t::bsl, BSL_calloc(), BSL_Crypto_SetRngGenerator(), BSL_free(), BSL_SecOutcome_CountResults(), BSL_SecOutcome_Deinit(), BSL_SecOutcome_GetResultAtIndex(), BSL_SecOutcome_Init(), BSL_SecOutcome_Sizeof(), BSL_SecResult_GetAsBytestr(), BSL_SECROLE_SOURCE, BSL_SUCCESS, BSL_TestUtils_InitBIB_AppendixA1(), BSL_TestUtils_LoadBundleFromCBOR(), BSLX_BIB_Execute(), mock_bpa_ctr_t::bundle_ref, RFC9173_TestVectors_AppendixA1::cbor_bundle_original, BSL_Data_t::len, LocalTestCtx, BSL_TestContext_t::mock_bpa_ctr, BSL_Data_t::ptr, RFC9173_BIB_RESULTID_HMAC, rfc9173_byte_gen_fn_a1(), RFC9173_CONTEXTID_BIB_HMAC_SHA2, RFC9173_EXAMPLE_A1_KEY, BIBTestContext::sec_oper, TEST_ASSERT_EQUAL(), and TEST_ASSERT_EQUAL_MEMORY().

◆ test_RFC9173_AppendixA_Example2_BCB_Acceptor()

void test_RFC9173_AppendixA_Example2_BCB_Acceptor ( void )

Confirm that BCB executes with SUCCESS

Confirm that running as ACCEPTOR consumes result.

Confirm that the target block is decrypted correctly.

References ApxA2_PayloadData, BCBTestContext_Deinit(), BCBTestContext_Init(), MockBPA_Bundle_t::blocks_num, BSL_TestContext_t::bsl, BSL_calloc(), BSL_free(), BSL_Log_DumpAsHexString(), BSL_LOG_INFO, BSL_SecOutcome_CountResults(), BSL_SecOutcome_Deinit(), BSL_SecOutcome_Init(), BSL_SecOutcome_Sizeof(), BSL_SECROLE_ACCEPTOR, BSL_SUCCESS, BSL_TestUtils_InitBCB_Appendix2(), BSL_TestUtils_LoadBundleFromCBOR(), BSLX_BCB_Execute(), MockBPA_CanonicalBlock_t::btsd, MockBPA_CanonicalBlock_t::btsd_len, mock_bpa_ctr_t::bundle, mock_bpa_ctr_t::bundle_ref, RFC9173_TestVectorsA2::cbor_bundle_bcb, LocalTestCtx, BSL_TestContext_t::mock_bpa_ctr, RFC9173_TestVectors_AppendixA2, BCBTestContext::sec_oper, TEST_ASSERT_EQUAL(), and TEST_ASSERT_EQUAL_MEMORY().

◆ test_RFC9173_AppendixA_Example2_BCB_Source()

void test_RFC9173_AppendixA_Example2_BCB_Source ( void )

Purpose: Exercise BCB applying security to a target payload block.

Steps:

Get an unsecured bundle with a primary and payload block (From RFC9173)
Decode it into a BSL_BundleCtx struct
Create a BCB security operation with hard-coded arguments (From RFC9173 A2 ASB)
Run the DefaultSecuritContext's BSLX_BCB_Execute function and confirm result is 0.
Capture the outcome from the above function to confirm 1 result (the auth tag) is present
Capture the auth tag and ensure it matches the value in the test vector.

Notes: