BSL v1.1.1 - 19.g31939de
AMMOS Bundle Protocol Security Library (BSL)
Loading...
Searching...
No Matches
test_DefaultSecurityContext.c File Reference

Specific low-level tests of the Default Security Context. More...

#include <stdlib.h>
#include <stdio.h>
#include <unity.h>
#include <BPSecLib_Private.h>
#include <mock_bpa/MockBPA.h>
#include <CryptoInterface.h>
#include <backend/PublicInterfaceImpl.h>
#include <default_sc/DefaultSecContext.h>
#include <default_sc/DefaultSecContext_Private.h>
#include "DefaultScUtils.h"
+ Include dependency graph for test_DefaultSecurityContext.c:

Functions

void suiteSetUp (void)
 
int suiteTearDown (int failures)
 
void setUp (void)
 
void tearDown (void)
 
void test_RFC9173_AppendixA_Example1_BIB_Source (void)
 Purpose: Exercise BIB applying security to a target payload block.
 
void test_RFC9173_AppendixA_Example2_BCB_Source (void)
 Purpose: Exercise BCB applying security to a target payload block.
 
void test_RFC9173_AppendixA_Example2_BCB_Acceptor (void)
 
int rfc3394_cek (unsigned char *buf, int len)
 
void test_sec_source_keywrap (bool wrap, bool bib)
 
void test_sec_accept_keyunwrap (bool bib)
 

Variables

static BSL_TestContext_t LocalTestCtx
 

Detailed Description

Specific low-level tests of the Default Security Context.

Notes:

  • These tests use constructs defined in the BSL to exercise each context.
  • It uses test inputs and vectors from RFC9173 Appendix A.
  • It does NOT use any of the "Plumbing" inside the BSL.
  • It only directly calls the interfaces exposed by the Default Security Context.

Function Documentation

◆ rfc3394_cek()

int rfc3394_cek ( unsigned char *  buf,
int  len 
)

◆ setUp()

◆ suiteSetUp()

◆ suiteTearDown()

int suiteTearDown ( int  failures)

◆ tearDown()

void tearDown ( void  )

◆ test_RFC9173_AppendixA_Example1_BIB_Source()

void test_RFC9173_AppendixA_Example1_BIB_Source ( void  )

Purpose: Exercise BIB applying security to a target payload block.

Steps:

  • Get an unsecured bundle with a primary and payload block (From RFC9173)
  • Decode it into a BSL_BundleCtx struct
  • Create a BIB security operation with hard-coded arguments (From RFC9173 A1 ASB)
  • Run the DefaultSecuritContext's BSLX_BIB_Execute function and confirm result is 0.
  • Capture the outcome from the above function to confirm 1 result (the authentication code)
  • Capture the auth code and ensure it matches the value in the test vector.

Notes:

  • Common repeated patterns are in the process of being factored out
  • All values are drawn from RFC9173 Appendix A.

Confirm running BIB as source executes without error

Confirm it produced only 1 result

Confirm the context and result result is the right ID (Defined in RFC)

Confirm the actual HMAC signature matches what is in the RFC

References BIBTestContext_Deinit(), BIBTestContext_Init(), BSL_TestContext_t::bsl, BSL_calloc(), BSL_Crypto_SetRngGenerator(), BSL_Data_Deinit(), BSL_free(), BSL_IdValPair_GetAsBytestr(), BSL_SecOutcome_CountResults(), BSL_SecOutcome_Deinit(), BSL_SecOutcome_GetResultAtIndex(), BSL_SecOutcome_Init(), BSL_SecOutcome_Sizeof(), BSL_SECROLE_SOURCE, BSL_SUCCESS, BSL_TestUtils_InitBIB_AppendixA1(), BSL_TestUtils_IsB16StrEqualTo(), BSL_TestUtils_LoadBundleFromCBOR(), BSLX_BIB_Execute(), mock_bpa_ctr_t::bundle_ref, RFC9173_TestVectors_AppendixA1::hex_bundle_original, RFC9173_TestVectors_AppendixA1::hex_hmac, LocalTestCtx, BSL_TestContext_t::mock_bpa_ctr, RFC9173_BIB_RESULTID_HMAC, rfc9173_byte_gen_fn_a1(), RFC9173_EXAMPLE_A1_KEY, BIBTestContext::sec_oper, and TEST_ASSERT_EQUAL().

◆ test_RFC9173_AppendixA_Example2_BCB_Acceptor()

◆ test_RFC9173_AppendixA_Example2_BCB_Source()

void test_RFC9173_AppendixA_Example2_BCB_Source ( void  )

Purpose: Exercise BCB applying security to a target payload block.

Steps:

  • Get an unsecured bundle with a primary and payload block (From RFC9173)
  • Decode it into a BSL_BundleCtx struct
  • Create a BCB security operation with hard-coded arguments (From RFC9173 A2 ASB)
  • Run the DefaultSecuritContext's BSLX_BCB_Execute function and confirm result is 0.
  • Capture the outcome from the above function to confirm 1 result (the auth tag) is present
  • Capture the auth tag and ensure it matches the value in the test vector.

Notes:

  • Incomplete since it does not modify the bundle BTSD (This still needs to be worked out)

References ApxA2_AuthTag, ApxA2_Ciphertext, BCBTestContext_Deinit(), BCBTestContext_Init(), MockBPA_Bundle_t::blocks_num, BSL_TestContext_t::bsl, BSL_calloc(), BSL_Crypto_SetRngGenerator(), BSL_free(), BSL_IdValPair_GetAsBytestr(), BSL_Log_DumpAsHexString(), BSL_LOG_INFO, BSL_SecOutcome_CountResults(), BSL_SecOutcome_Deinit(), BSL_SecOutcome_GetResultAtIndex(), BSL_SecOutcome_Init(), BSL_SecOutcome_Sizeof(), BSL_SECROLE_SOURCE, BSL_SUCCESS, BSL_TestUtils_InitBCB_Appendix2(), BSL_TestUtils_LoadBundleFromCBOR(), BSLX_BCB_Execute(), MockBPA_CanonicalBlock_t::btsd, MockBPA_CanonicalBlock_t::btsd_len, mock_bpa_ctr_t::bundle, mock_bpa_ctr_t::bundle_ref, RFC9173_TestVectors_AppendixA1::hex_bundle_original, BSL_Data_t::len, LocalTestCtx, BSL_TestContext_t::mock_bpa_ctr, BSL_Data_t::ptr, RFC9173_BCB_RESULTID_AUTHTAG, rfc9173_byte_gen_fn_a2_cek(), BCBTestContext::sec_oper, TEST_ASSERT_EQUAL(), and TEST_ASSERT_EQUAL_MEMORY().

◆ test_sec_accept_keyunwrap()

void test_sec_accept_keyunwrap ( bool  bib)

References BCBTestContext_Deinit(), BCBTestContext_Init(), BIBTestContext_Deinit(), BIBTestContext_Init(), MockBPA_Bundle_t::blocks_num, BSL_TestContext_t::bsl, BSL_calloc(), BSL_Crypto_AddRegistryKey(), BSL_Crypto_SetRngGenerator(), BSL_Data_Deinit(), BSL_Data_Init(), BSL_ExecBCBVerifierAcceptor(), BSL_ExecBIBVerifierAcceptor(), BSL_free(), BSL_IdValPair_SetInt64(), BSL_IdValPair_SetTextstr(), BSL_Log_DumpAsHexString(), BSL_LOG_INFO, BSL_POLICYACTION_DROP_BLOCK, BSL_SECBLOCKTYPE_BCB, BSL_SECBLOCKTYPE_BIB, BSL_SecOper_AppendOption(), BSL_SecOper_Populate(), BSL_SecOutcome_Deinit(), BSL_SecOutcome_Init(), BSL_SecOutcome_Sizeof(), BSL_SECROLE_ACCEPTOR, BSL_SUCCESS, BSL_TestUtils_DecodeBase16(), BSL_TestUtils_LoadBundleFromCBOR(), BSLX_BCB_Execute(), BSLX_BCB_OPT_AES_VARIANT, BSLX_BCB_OPT_KEY_ID, BSLX_BCB_OPT_SCOPE, BSLX_BCB_OPT_USE_KEY_WRAP, BSLX_BIB_Execute(), BSLX_BIB_OPT_KEY_ID, BSLX_BIB_OPT_SCOPE, BSLX_BIB_OPT_SHA_VARIANT, BSLX_BIB_OPT_USE_KEY_WRAP, MockBPA_CanonicalBlock_t::btsd, MockBPA_CanonicalBlock_t::btsd_len, mock_bpa_ctr_t::bundle, mock_bpa_ctr_t::bundle_ref, BSL_Data_t::len, LocalTestCtx, BSL_TestContext_t::mock_bpa_ctr, BCBTestContext::opt_aes_variant, BIBTestContext::opt_scope_flags, BCBTestContext::opt_scope_flags, BIBTestContext::opt_sha_variant, BIBTestContext::opt_test_key, BCBTestContext::opt_test_key_id, BIBTestContext::opt_use_key_wrap, BCBTestContext::opt_use_key_wrap, BSL_Data_t::ptr, rfc3394_cek(), RFC9173_BCB_AADSCOPEFLAGID_INC_NONE, RFC9173_BCB_AES_VARIANT_A128GCM, RFC9173_BIB_SHA_HMAC512, BIBTestContext::sec_oper, BCBTestContext::sec_oper, string_clear(), string_init_set_str(), TEST_ASSERT_EQUAL(), and TEST_ASSERT_EQUAL_MEMORY().

◆ test_sec_source_keywrap()

void test_sec_source_keywrap ( bool  wrap,
bool  bib 
)

References BCBTestContext_Deinit(), BCBTestContext_Init(), BIBTestContext_Deinit(), BIBTestContext_Init(), MockBPA_Bundle_t::blocks_num, BSL_TestContext_t::bsl, BSL_calloc(), BSL_Crypto_AddRegistryKey(), BSL_Crypto_SetRngGenerator(), BSL_Data_Deinit(), BSL_Data_Init(), BSL_free(), BSL_IdValPair_GetAsBytestr(), BSL_IdValPair_SetInt64(), BSL_IdValPair_SetTextstr(), BSL_Log_DumpAsHexString(), BSL_LOG_INFO, BSL_POLICYACTION_DROP_BLOCK, BSL_SECBLOCKTYPE_BCB, BSL_SECBLOCKTYPE_BIB, BSL_SecOper_AppendOption(), BSL_SecOper_Populate(), BSL_SecOutcome_CountParams(), BSL_SecOutcome_CountResults(), BSL_SecOutcome_Deinit(), BSL_SecOutcome_GetParamAt(), BSL_SecOutcome_GetResultAtIndex(), BSL_SecOutcome_Init(), BSL_SecOutcome_Sizeof(), BSL_SECROLE_SOURCE, BSL_SUCCESS, BSL_TestUtils_DecodeBase16(), BSL_TestUtils_LoadBundleFromCBOR(), BSLX_BCB_Execute(), BSLX_BCB_OPT_AES_VARIANT, BSLX_BCB_OPT_KEY_ID, BSLX_BCB_OPT_SCOPE, BSLX_BCB_OPT_USE_KEY_WRAP, BSLX_BIB_Execute(), BSLX_BIB_OPT_KEY_ID, BSLX_BIB_OPT_SCOPE, BSLX_BIB_OPT_SHA_VARIANT, BSLX_BIB_OPT_USE_KEY_WRAP, MockBPA_CanonicalBlock_t::btsd, MockBPA_CanonicalBlock_t::btsd_len, mock_bpa_ctr_t::bundle, mock_bpa_ctr_t::bundle_ref, RFC9173_TestVectors_AppendixA1::hex_bundle_original, BSL_Data_t::len, LocalTestCtx, BSL_TestContext_t::mock_bpa_ctr, BCBTestContext::opt_aes_variant, BIBTestContext::opt_scope_flags, BCBTestContext::opt_scope_flags, BIBTestContext::opt_sha_variant, BIBTestContext::opt_test_key, BCBTestContext::opt_test_key_id, BIBTestContext::opt_use_key_wrap, BCBTestContext::opt_use_key_wrap, BSL_Data_t::ptr, rfc3394_cek(), RFC9173_BCB_AADSCOPEFLAGID_INC_NONE, RFC9173_BCB_AES_VARIANT_A128GCM, RFC9173_BCB_RESULTID_AUTHTAG, RFC9173_BCB_SECPARAM_WRAPPEDKEY, RFC9173_BIB_PARAMID_WRAPPED_KEY, RFC9173_BIB_RESULTID_HMAC, RFC9173_BIB_SHA_HMAC512, BIBTestContext::sec_oper, BCBTestContext::sec_oper, string_clear(), string_init_set_str(), TEST_ASSERT_EQUAL(), TEST_ASSERT_EQUAL_INT(), and TEST_ASSERT_EQUAL_MEMORY().

Variable Documentation

◆ LocalTestCtx