commit feb7425a8ddc5b5a43adffca2e17bfc08a345cba
parent 5d2fc329673aa210bba716fa583fd6e7ecfcd6cb
Author: lash <dev@holbrook.no>
Date: Sun, 2 Mar 2025 12:56:01 +0000
Add cert test
Diffstat:
7 files changed, 159 insertions(+), 27 deletions(-)
diff --git a/src/asn1/defs.txt b/src/asn1/defs.txt
@@ -7,11 +7,15 @@ Qaeda DEFINITIONS EXPLICIT TAGS ::= BEGIN
}
Cert ::= SEQUENCE {
- parent Cert,
domain OCTET STRING,
request Msg,
request_sig OCTET STRING,
response Msg,
response_sig OCTET STRING
}
+
+ CertEntry ::= SEQUENCE {
+ parent Cert,
+ this Cert,
+ }
END
diff --git a/src/lq/cert.c b/src/lq/cert.c
@@ -1,19 +1,84 @@
+#include <stddef.h>
+#include <libtasn1.h>
+
#include "lq/cert.h"
#include "lq/mem.h"
+#include "lq/wire.h"
+#include "lq/err.h"
+static LQCert noparent;
+static LQMsg nomsg = {
+ .data = "",
+ .len = 0,
+ .time.tv_sec = 0,
+ .time.tv_nsec = 0,
+};
LQCert* lq_certificate_new(LQCert *parent, LQCtx *ctx, LQMsg *req, LQMsg *rsp) {
LQCert *cert;
cert = lq_alloc(sizeof(LQCert));
- cert->parent = parent;
+ if (parent != NULL) {
+ cert->parent = parent;
+ } else {
+ cert->parent = &noparent;
+ }
cert->request = req;
cert->response = rsp;
cert->ctx = ctx;
+ lq_set(cert->domain, 0, LQ_CERT_DOMAIN_LEN);
return cert;
}
+int lq_certificate_serialize(LQCert *cert, char *out, size_t *out_len) {
+ size_t c;
+ int r;
+ size_t mx;
+ char err[1024];
+ char buf[4096];
+ LQMsg *msg;
+ asn1_node node;
+
+ mx = *out_len;
+ *out_len = 0;
+ lq_set(&node, 0, sizeof(node));
+ r = asn1_array2tree(defs_asn1_tab, &node, err);
+ if (r != ASN1_SUCCESS) {
+ return ERR_INIT;
+ }
+
+ c = LQ_CERT_DOMAIN_LEN;
+ *out_len += c;
+ if (*out_len > mx) {
+ return ERR_OVERFLOW;
+ }
+ r = asn1_write_value(node, "Qaeda.Cert.domain", cert->domain, c);
+ if (r != ASN1_SUCCESS) {
+ return ERR_WRITE;
+ }
+
+ msg = cert->request;
+ if (msg == NULL) {
+ msg = &nomsg;
+ }
+ c = mx - LQ_CERT_DOMAIN_LEN;
+ r = lq_msg_serialize(msg, buf, &c);
+ if (r != ERR_OK) {
+ return r;
+ }
+ *out_len += c;
+ if (*out_len > mx) {
+ return ERR_OVERFLOW;
+ }
+ r = asn1_write_value(node, "Qaeda.Cert.request", buf, c);
+ if (r != ASN1_SUCCESS) {
+ return ERR_WRITE;
+ }
+
+ return ERR_OK;
+}
+
void lq_certificate_free(LQCert *cert) {
lq_free(cert);
}
diff --git a/src/lq/cert.h b/src/lq/cert.h
@@ -7,9 +7,14 @@
#include "lq/msg.h"
#include "lq/ctx.h"
+#ifndef LQ_CERT_DOMAIN_LEN
+#define LQ_CERT_DOMAIN_LEN 8
+#endif
+
typedef struct lq_certificate_t LQCert;
struct lq_certificate_t {
LQCert *parent;
+ char domain[LQ_CERT_DOMAIN_LEN];
LQMsg *request;
LQSig *request_sig;
LQMsg *response;
@@ -18,8 +23,8 @@ struct lq_certificate_t {
};
LQCert* lq_certificate_new(LQCert *parent, LQCtx *ctx, LQMsg *req, LQMsg *rsp);
-int lq_certificate_serialize(LQCert *cert, char *data, size_t *data_len);
-int lq_certificate_deserialize(LQCert *cert, char *data, size_t data_len);
+int lq_certificate_serialize(LQCert *cert, char *out, size_t *out_len);
+int lq_certificate_deserialize(LQCert *cert, char *in, size_t in_len);
int lq_certificate_verify(LQCert *cert);
void lq_certificate_free(LQCert *cert);
diff --git a/src/lq/msg.c b/src/lq/msg.c
@@ -4,11 +4,16 @@
#include "lq/msg.h"
#include "lq/mem.h"
+#include "lq/err.h"
#include "lq/crypto.h"
#include "lq/wire.h"
-#include "lq/err.h"
#include "endian.h"
+static LQPubKey nokey = {
+ .pk = 0,
+ .lokey = "",
+ .lolen = 0,
+};
LQMsg* lq_msg_new(const char *msg_data, size_t msg_len) {
LQMsg *msg;
@@ -97,10 +102,14 @@ int lq_msg_serialize(LQMsg *msg, char *out, size_t *out_len) {
return ERR_WRITE;
}
- c = msg->pubkey->lolen;
- *out_len += c;
- if (*out_len > mx) {
- return ERR_OVERFLOW;
+ if (msg->pubkey == NULL) {
+ msg->pubkey = &nokey;
+ } else {
+ c = msg->pubkey->lolen;
+ *out_len += c;
+ if (*out_len > mx) {
+ return ERR_OVERFLOW;
+ }
}
r = asn1_write_value(node, "Qaeda.Msg.pubkey", &msg->pubkey->lokey, c);
if (r != ASN1_SUCCESS) {
@@ -113,7 +122,7 @@ int lq_msg_serialize(LQMsg *msg, char *out, size_t *out_len) {
return ERR_ENCODING;
}
- return 0;
+ return ERR_OK;
}
int lq_msg_deserialize(LQMsg **msg, const char *in, size_t in_len) {
@@ -125,20 +134,20 @@ int lq_msg_deserialize(LQMsg **msg, const char *in, size_t in_len) {
asn1_node item;
lq_set(&node, 0, sizeof(node));
- lq_set(&item, 0, sizeof(node));
+ lq_set(&item, 0, sizeof(item));
r = asn1_array2tree(defs_asn1_tab, &node, err);
if (r != ASN1_SUCCESS) {
- return 3;
+ return ERR_INIT;
}
r = asn1_create_element(node, "Qaeda.Msg", &item);
if (r != ASN1_SUCCESS) {
- return 1;
+ return ERR_READ;
}
r = asn1_der_decoding(&item, in, in_len, err);
if (r != ASN1_SUCCESS) {
- return 1;
+ return ERR_ENCODING;
}
// \todo buffered read
@@ -146,7 +155,7 @@ int lq_msg_deserialize(LQMsg **msg, const char *in, size_t in_len) {
c = 1024;
r = asn1_read_value(item, "data", tmp, &c);
if (r != ASN1_SUCCESS) {
- return 1;
+ return ERR_READ;
}
*msg = lq_msg_new((const char*)tmp, (size_t)c);
@@ -154,7 +163,7 @@ int lq_msg_deserialize(LQMsg **msg, const char *in, size_t in_len) {
c = 8;
r = asn1_read_value(item, "timestamp", tmp, &c);
if (r != ASN1_SUCCESS) {
- return 1;
+ return ERR_READ;
}
if (is_le()) {
flip_endian(4, (char*)tmp);
@@ -166,8 +175,8 @@ int lq_msg_deserialize(LQMsg **msg, const char *in, size_t in_len) {
c = 65;
r = asn1_read_value(item, "pubkey", tmp, &c);
if (r != ASN1_SUCCESS) {
- return 1;
+ return ERR_READ;
}
- return 0;
+ return ERR_OK;
}
diff --git a/src/lq/msg.h b/src/lq/msg.h
@@ -6,10 +6,6 @@
#include "lq/crypto.h"
-#ifndef LQ_MSG_DOMAIN_LEN
-#define LQ_MSG_DOMAIN_LEN 8
-#endif
-
struct lq_msg_t {
char *data;
size_t len;
diff --git a/src/test/Makefile b/src/test/Makefile
@@ -4,18 +4,15 @@ CFLAGS += $(INCLUDES) -Wall -g3
LIBS := `pkg-config --libs libtasn1` -L../aux/lib -llash ../asn1/defs_asn1_tab.o
LDFLAGS += $(LIBS)
-#%.o: %.c
-# $(CC) $(CFLAGS) $< -o $*_bin $(LDFLAGS) ../crypto/dummy.o ../mem/std.o -lcheck
-# ./$*_bin
-
-#all: $(OBJS)
all: build
CK_FORK=no LD_LIBRARY_PATH=`realpath ../aux/lib` ./test_crypto_bin
CK_FORK=no LD_LIBRARY_PATH=`realpath ../aux/lib` ./test_msg_bin
+ CK_FORK=no LD_LIBRARY_PATH=`realpath ../aux/lib` ./test_cert_bin
test: all
build:
$(CC) $(CFLAGS) $(LDFLAGS) test_crypto.c -o test_crypto_bin ../crypto/dummy.o ../mem/std.o -lcheck
$(CC) $(CFLAGS) $(LDFLAGS) test_msg.c -o test_msg_bin ../crypto/dummy.o ../mem/std.o ../lq/msg.o -lcheck
+ $(CC) $(CFLAGS) $(LDFLAGS) test_cert.c -o test_cert_bin ../crypto/dummy.o ../mem/std.o ../lq/msg.o ../lq/cert.o -lcheck
diff --git a/src/test/test_cert.c b/src/test/test_cert.c
@@ -0,0 +1,56 @@
+#include <check.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "lq/msg.h"
+#include "lq/cert.h"
+#include "lq/mem.h"
+#include "lq/crypto.h"
+
+const char *data = "Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.";
+
+
+START_TEST(check_cert_symmetric) {
+ int r;
+ size_t c;
+ LQCert *cert;
+ LQCtx ctx;
+ char buf[4096];
+
+ lq_set(&ctx, 0, sizeof(LQCtx));
+ cert = lq_certificate_new(NULL, &ctx, NULL, NULL);
+ c = 4096;
+ r = lq_certificate_serialize(cert, buf, &c);
+ ck_assert_int_eq(r, 0);
+
+ lq_certificate_free(cert);
+}
+END_TEST
+
+Suite * common_suite(void) {
+ Suite *s;
+ TCase *tc;
+
+ s = suite_create("cert");
+ tc = tcase_create("serialize");
+ tcase_add_test(tc, check_cert_symmetric);
+ suite_add_tcase(s, tc);
+
+ return s;
+}
+
+int main(void) {
+ int n_fail;
+
+ Suite *s;
+ SRunner *sr;
+
+ s = common_suite();
+ sr = srunner_create(s);
+
+ srunner_run_all(sr, CK_VERBOSE);
+ n_fail = srunner_ntests_failed(sr);
+ srunner_free(sr);
+
+ return (n_fail == 0) ? EXIT_SUCCESS : EXIT_FAILURE;
+}
