chrony/test/unit/nts_ntp_server.c - chrony - Git at Google

 /*
  **********************************************************************
  * Copyright (C) Miroslav Lichvar  2020
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of version 2 of the GNU General Public License as
  * published by the Free Software Foundation.
  *
  * This program is distributed in the hope that it will be useful, but
  * WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  * General Public License for more details.
  *
  * You should have received a copy of the GNU General Public License along
  * with this program; if not, write to the Free Software Foundation, Inc.,
  * 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  *
  **********************************************************************
  */

 #include <config.h>
 #include "test.h"

 #ifdef FEAT_NTS

 #include <local.h>
 #include <sched.h>

 #include <nts_ntp_server.c>

 static void
 prepare_request(NTP_Packet *packet, NTP_PacketInfo *info, int valid, int nak)
 {
   unsigned char uniq_id[NTS_MIN_UNIQ_ID_LENGTH], nonce[NTS_MIN_UNPADDED_NONCE_LENGTH];
   SIV_Instance siv;
   NKE_Context context;
   NKE_Cookie cookie;
   int i, index, cookie_start, auth_start;

   context.algorithm = SERVER_SIV;
   context.c2s.length = SIV_GetKeyLength(context.algorithm);
   UTI_GetRandomBytes(&context.c2s.key, context.c2s.length);
   context.s2c.length = SIV_GetKeyLength(context.algorithm);
   UTI_GetRandomBytes(&context.s2c.key, context.s2c.length);

   TEST_CHECK(NKS_GenerateCookie(&context, &cookie));

   UTI_GetRandomBytes(uniq_id, sizeof (uniq_id));
   UTI_GetRandomBytes(nonce, sizeof (nonce));

   memset(packet, 0, sizeof (*packet));
   packet->lvm = NTP_LVM(0, 4, MODE_CLIENT);
   memset(info, 0, sizeof (*info));
   info->version = 4;
   info->mode = MODE_CLIENT;
   info->length = NTP_HEADER_LENGTH;

   if (valid)
     index = -1;
   else
     index = random() % 3;

   DEBUG_LOG("valid=%d nak=%d index=%d", valid, nak, index);

   if (index != 0)
     TEST_CHECK(NEF_AddField(packet, info, NTP_EF_NTS_UNIQUE_IDENTIFIER,
                             uniq_id, sizeof (uniq_id)));

   cookie_start = info->length;

   if (index != 1)
     TEST_CHECK(NEF_AddField(packet, info, NTP_EF_NTS_COOKIE,
                             cookie.cookie, cookie.length));

   for (i = random() % 4; i > 0; i--)
     TEST_CHECK(NEF_AddField(packet, info, NTP_EF_NTS_COOKIE_PLACEHOLDER,
                             cookie.cookie, cookie.length));

   auth_start = info->length;

   if (index != 2) {
     siv = SIV_CreateInstance(context.algorithm);
     TEST_CHECK(SIV_SetKey(siv, context.c2s.key, context.c2s.length));
     TEST_CHECK(NNA_GenerateAuthEF(packet, info, siv, nonce, sizeof (nonce),
                                   (const unsigned char *)"", 0, 0));
     SIV_DestroyInstance(siv);
   }

   if (nak)
     ((unsigned char *)packet)[(index == 2 ? cookie_start :
                                (index == 1 ? auth_start :
                                 (random() % 2 ? cookie_start : auth_start))) +
                               4 + random() % 16]++;
 }

 static void
 init_response(NTP_Packet *packet, NTP_PacketInfo *info)
 {
   memset(packet, 0, sizeof (*packet));
   packet->lvm = NTP_LVM(0, 4, MODE_SERVER);
   memset(info, 0, sizeof (*info));
   info->version = 4;
   info->mode = MODE_SERVER;
   info->length = NTP_HEADER_LENGTH;
 }

 void
 test_unit(void)
 {
   NTP_PacketInfo req_info, res_info;
   NTP_Packet request, response;
   int i, valid, nak;
   uint32_t kod;

   char conf[][100] = {
     "ntsport 0",
     "ntsprocesses 0",
     "ntsserverkey nts_ke.key",
     "ntsservercert nts_ke.crt",
   };

   CNF_Initialise(0, 0);
   for (i = 0; i < sizeof conf / sizeof conf[0]; i++)
     CNF_ParseLine(NULL, i + 1, conf[i]);

   LCL_Initialise();
   TST_RegisterDummyDrivers();
   SCH_Initialise();
   NKS_PreInitialise(0, 0, 0);
   NKS_Initialise();
   NNS_Initialise();

   for (i = 0; i < 50000; i++) {
     valid = random() % 2;
     nak = random() % 2;
     prepare_request(&request, &req_info, valid, nak);

     TEST_CHECK(NNS_CheckRequestAuth(&request, &req_info, &kod) == (valid && !nak));

     if (valid && !nak) {
       TEST_CHECK(kod == 0);
       TEST_CHECK(server->num_cookies > 0);

       init_response(&response, &res_info);
       TEST_CHECK(NNS_GenerateResponseAuth(&request, &req_info, &response, &res_info, kod));

       TEST_CHECK(res_info.ext_fields == 2);
       TEST_CHECK(server->num_cookies == 0);
     } else if (valid && nak) {
       TEST_CHECK(kod == NTP_KOD_NTS_NAK);
       TEST_CHECK(server->num_cookies == 0);

       init_response(&response, &res_info);
       TEST_CHECK(NNS_GenerateResponseAuth(&request, &req_info, &response, &res_info, kod));

       TEST_CHECK(res_info.ext_fields == 1);
       TEST_CHECK(server->num_cookies == 0);
     } else {
       TEST_CHECK(kod == 0);
       TEST_CHECK(server->num_cookies == 0);
     }
   }

   NNS_Finalise();
   NKS_Finalise();
   SCH_Finalise();
   LCL_Finalise();
   CNF_Finalise();
 }
 #else
 void
 test_unit(void)
 {
   TEST_REQUIRE(0);
 }
 #endif
	/*
	**********************************************************************
	* Copyright (C) Miroslav Lichvar 2020
	*
	* This program is free software; you can redistribute it and/or modify
	* it under the terms of version 2 of the GNU General Public License as
	* published by the Free Software Foundation.
	*
	* This program is distributed in the hope that it will be useful, but
	* WITHOUT ANY WARRANTY; without even the implied warranty of
	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	* General Public License for more details.
	*
	* You should have received a copy of the GNU General Public License along
	* with this program; if not, write to the Free Software Foundation, Inc.,
	* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
	*
	**********************************************************************
	*/

	#include <config.h>
	#include "test.h"

	#ifdef FEAT_NTS

	#include <local.h>
	#include <sched.h>

	#include <nts_ntp_server.c>

	static void
	prepare_request(NTP_Packet packet, NTP_PacketInfo info, int valid, int nak)
	{
	unsigned char uniq_id[NTS_MIN_UNIQ_ID_LENGTH], nonce[NTS_MIN_UNPADDED_NONCE_LENGTH];
	SIV_Instance siv;
	NKE_Context context;
	NKE_Cookie cookie;
	int i, index, cookie_start, auth_start;

	context.algorithm = SERVER_SIV;
	context.c2s.length = SIV_GetKeyLength(context.algorithm);
	UTI_GetRandomBytes(&context.c2s.key, context.c2s.length);
	context.s2c.length = SIV_GetKeyLength(context.algorithm);
	UTI_GetRandomBytes(&context.s2c.key, context.s2c.length);

	TEST_CHECK(NKS_GenerateCookie(&context, &cookie));

	UTI_GetRandomBytes(uniq_id, sizeof (uniq_id));
	UTI_GetRandomBytes(nonce, sizeof (nonce));

	memset(packet, 0, sizeof (*packet));
	packet->lvm = NTP_LVM(0, 4, MODE_CLIENT);
	memset(info, 0, sizeof (*info));
	info->version = 4;
	info->mode = MODE_CLIENT;
	info->length = NTP_HEADER_LENGTH;

	if (valid)
	index = -1;
	else
	index = random() % 3;

	DEBUG_LOG("valid=%d nak=%d index=%d", valid, nak, index);

	if (index != 0)
	TEST_CHECK(NEF_AddField(packet, info, NTP_EF_NTS_UNIQUE_IDENTIFIER,
	uniq_id, sizeof (uniq_id)));

	cookie_start = info->length;

	if (index != 1)
	TEST_CHECK(NEF_AddField(packet, info, NTP_EF_NTS_COOKIE,
	cookie.cookie, cookie.length));

	for (i = random() % 4; i > 0; i--)
	TEST_CHECK(NEF_AddField(packet, info, NTP_EF_NTS_COOKIE_PLACEHOLDER,
	cookie.cookie, cookie.length));

	auth_start = info->length;

	if (index != 2) {
	siv = SIV_CreateInstance(context.algorithm);
	TEST_CHECK(SIV_SetKey(siv, context.c2s.key, context.c2s.length));
	TEST_CHECK(NNA_GenerateAuthEF(packet, info, siv, nonce, sizeof (nonce),
	(const unsigned char *)"", 0, 0));
	SIV_DestroyInstance(siv);
	}

	if (nak)
	((unsigned char *)packet)[(index == 2 ? cookie_start :
	(index == 1 ? auth_start :
	(random() % 2 ? cookie_start : auth_start))) +
	4 + random() % 16]++;
	}

	static void
	init_response(NTP_Packet packet, NTP_PacketInfo info)
	{
	memset(packet, 0, sizeof (*packet));
	packet->lvm = NTP_LVM(0, 4, MODE_SERVER);
	memset(info, 0, sizeof (*info));
	info->version = 4;
	info->mode = MODE_SERVER;
	info->length = NTP_HEADER_LENGTH;
	}

	void
	test_unit(void)
	{
	NTP_PacketInfo req_info, res_info;
	NTP_Packet request, response;
	int i, valid, nak;
	uint32_t kod;

	char conf[][100] = {
	"ntsport 0",
	"ntsprocesses 0",
	"ntsserverkey nts_ke.key",
	"ntsservercert nts_ke.crt",
	};

	CNF_Initialise(0, 0);
	for (i = 0; i < sizeof conf / sizeof conf[0]; i++)
	CNF_ParseLine(NULL, i + 1, conf[i]);

	LCL_Initialise();
	TST_RegisterDummyDrivers();
	SCH_Initialise();
	NKS_PreInitialise(0, 0, 0);
	NKS_Initialise();
	NNS_Initialise();

	for (i = 0; i < 50000; i++) {
	valid = random() % 2;
	nak = random() % 2;
	prepare_request(&request, &req_info, valid, nak);

	TEST_CHECK(NNS_CheckRequestAuth(&request, &req_info, &kod) == (valid && !nak));

	if (valid && !nak) {
	TEST_CHECK(kod == 0);
	TEST_CHECK(server->num_cookies > 0);

	init_response(&response, &res_info);
	TEST_CHECK(NNS_GenerateResponseAuth(&request, &req_info, &response, &res_info, kod));

	TEST_CHECK(res_info.ext_fields == 2);
	TEST_CHECK(server->num_cookies == 0);
	} else if (valid && nak) {
	TEST_CHECK(kod == NTP_KOD_NTS_NAK);
	TEST_CHECK(server->num_cookies == 0);

	init_response(&response, &res_info);
	TEST_CHECK(NNS_GenerateResponseAuth(&request, &req_info, &response, &res_info, kod));

	TEST_CHECK(res_info.ext_fields == 1);
	TEST_CHECK(server->num_cookies == 0);
	} else {
	TEST_CHECK(kod == 0);
	TEST_CHECK(server->num_cookies == 0);
	}
	}

	NNS_Finalise();
	NKS_Finalise();
	SCH_Finalise();
	LCL_Finalise();
	CNF_Finalise();
	}
	#else
	void
	test_unit(void)
	{
	TEST_REQUIRE(0);
	}
	#endif