OpenDNSSEC-enforcer
1.3.8
|
00001 /* 00002 * $Id: test_ksm_key.c 5838 2011-11-08 14:28:05Z sion $ 00003 * 00004 * Copyright (c) 2008-2009 Nominet UK. All rights reserved. 00005 * 00006 * Redistribution and use in source and binary forms, with or without 00007 * modification, are permitted provided that the following conditions 00008 * are met: 00009 * 1. Redistributions of source code must retain the above copyright 00010 * notice, this list of conditions and the following disclaimer. 00011 * 2. Redistributions in binary form must reproduce the above copyright 00012 * notice, this list of conditions and the following disclaimer in the 00013 * documentation and/or other materials provided with the distribution. 00014 * 00015 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 00016 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 00017 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 00018 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY 00019 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 00020 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE 00021 * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 00022 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER 00023 * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 00024 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN 00025 * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 00026 * 00027 */ 00028 00029 /*+ 00030 * Filename: test_ksm_key.c - Test Key Module 00031 * 00032 * Description: 00033 * This is a short test module to check the function in the Ksm Key 00034 * module. 00035 * 00036 * The test program makes use of the CUnit framework, as described in 00037 * http://cunit.sourceforge.net 00038 -*/ 00039 00040 #include <stdlib.h> 00041 #include <stdio.h> 00042 #include <string.h> 00043 #include <time.h> 00044 00045 #include "CUnit/Basic.h" 00046 00047 #include "ksm/ksm.h" 00048 #include "ksm/db_fields.h" 00049 #include "ksm/datetime.h" 00050 #include "ksm/string_util.h" 00051 #include "test_routines.h" 00052 00053 /*+ 00054 * testKeyClear - Clear KEYDATA Structure 00055 * 00056 * Description: 00057 * Zeroes the contents of the passed KEYDATA structure. 00058 * 00059 * Arguments: 00060 * KSM_KEYDATA* data 00061 * Key data object to initialize. 00062 -*/ 00063 00064 static void TestKeyClear(KSM_KEYDATA* data) 00065 { 00066 memset(data, 0, sizeof(KSM_KEYDATA)); 00067 00068 return; 00069 } 00070 00071 /*+ 00072 * TestKeyDefaults - Set Default Values 00073 * 00074 * Description: 00075 * Sets up default values for the key data object. 00076 * 00077 * Arguments: 00078 * KSM_KEYDATA* data 00079 * Key data object to initialize. 00080 -*/ 00081 00082 static void TestKeyDefaults(KSM_KEYDATA* data) 00083 { 00084 TestKeyClear(data); 00085 00086 data->algorithm = KSM_ALGORITHM_RSASHA1; 00087 data->keytype = KSM_TYPE_ZSK; 00088 data->siglifetime = 7 * 24 * 3600; /* 7 days */ 00089 data->state = KSM_STATE_GENERATE; 00090 00091 data->flags |= (KEYDATA_M_ALGORITHM | KEYDATA_M_KEYTYPE | 00092 KEYDATA_M_SIGLIFETIME | KEYDATA_M_STATE); 00093 00094 return; 00095 } 00096 00097 /*+ 00098 * TestKsmKeyPairCreate - Test KeyPair Create code 00099 * 00100 * Description: 00101 * Tests that keys are created when requested 00102 -*/ 00103 00104 static void TestKsmKeyPairCreate(void) 00105 { 00106 00107 DB_ID key_id; /* Created key ID */ 00108 int status = 0; /* Status return */ 00109 int rowcount; /* Number of rows returned */ 00110 char* sql; /* Constructed query */ 00111 int where = 0; /* WHERE clause count */ 00112 00113 /* variables to stick into table */ 00114 int policy_id = 2; 00115 char* HSMKeyID = "0x1"; 00116 int smID = 1; 00117 int size = 1024; 00118 int alg = KSM_ALGORITHM_DSASHA1; 00119 char* generate = DtParseDateTimeString("now"); 00120 00121 status = KsmKeyPairCreate(policy_id, HSMKeyID, smID, size, alg, generate, &key_id); 00122 00123 CU_ASSERT_EQUAL(status, 0); 00124 00125 /* Check that a key has been added */ 00126 00127 sql = DqsCountInit("keypairs"); 00128 DqsConditionInt(&sql, "ID", DQS_COMPARE_EQ, key_id, where++); 00129 DqsEnd(&sql); 00130 status = DbIntQuery(DbHandle(), &rowcount, sql); 00131 DqsFree(sql); 00132 00133 CU_ASSERT_EQUAL(status, 0); 00134 00135 CU_ASSERT_EQUAL(rowcount, 1); 00136 00137 StrFree(generate); 00138 00139 } 00140 00141 /*+ 00142 * TestKsmKeyCreate - Test Key Create code 00143 * 00144 * Description: 00145 * Tests that keys are created when requested 00146 -*/ 00147 00148 static void TestKsmDnssecKeyCreate(void) 00149 { 00150 00151 DB_ID keypair_id; /* Created key ID */ 00152 DB_ID dnsseckey_id; /* Created key ID */ 00153 int status = 0; /* Status return */ 00154 int rowcount; /* Number of rows returned */ 00155 char* sql; /* Constructed query */ 00156 int where = 0; /* WHERE clause count */ 00157 int zone_id = 1; 00158 00159 /* Create a new keypair entry */ 00160 int policy_id = 2; 00161 char* HSMKeyID = "0x1"; 00162 int smID = 1; 00163 int size = 1024; 00164 int alg = KSM_ALGORITHM_DSASHA1; 00165 char* generate = "2009-01-01"; 00166 00167 status = KsmKeyPairCreate(policy_id, HSMKeyID, smID, size, alg, generate, &keypair_id); 00168 00169 CU_ASSERT_EQUAL(status, 0); 00170 00171 /* Now create a row in dnsseckeys for the above */ 00172 00173 status = KsmDnssecKeyCreate(zone_id, keypair_id, KSM_TYPE_ZSK, KSM_STATE_GENERATE, generate, NULL, &dnsseckey_id); 00174 00175 CU_ASSERT_EQUAL(status, 0); 00176 00177 /* Check that a key has been added */ 00178 00179 sql = DqsCountInit("dnsseckeys"); 00180 DqsConditionInt(&sql, "ID", DQS_COMPARE_EQ, dnsseckey_id, where++); 00181 DqsEnd(&sql); 00182 status = DbIntQuery(DbHandle(), &rowcount, sql); 00183 DqsFree(sql); 00184 00185 CU_ASSERT_EQUAL(status, 0); 00186 00187 CU_ASSERT_EQUAL(rowcount, 1); 00188 00189 } 00190 00191 /*+ 00192 * TestKsmKeyPredict - Test Key Predict code 00193 * 00194 * Description: 00195 * Tests that key numbers can be predicted 00196 -*/ 00197 00198 static void TestKsmKeyPredict(void) 00199 { 00200 int policy_id = 2; 00201 int keytype = KSM_TYPE_KSK; 00202 int keys_shared = KSM_KEYS_SHARED; 00203 int interval = 86400*4; /* 4 days; lifetime == 1day */ 00204 int count; 00205 int status; 00206 00207 status = KsmKeyPredict(policy_id, keytype, keys_shared, interval, &count, KSM_ROLL_DEFAULT, 1); 00208 00209 CU_ASSERT_EQUAL(status, 0); 00210 CU_ASSERT_EQUAL(count, 7); /* 4 rollovers, 2 standby plus one to get ready */ 00211 00212 keytype = KSM_TYPE_ZSK; 00213 status = KsmKeyPredict(policy_id, keytype, keys_shared, interval, &count, KSM_ROLL_DEFAULT, 1); 00214 00215 CU_ASSERT_EQUAL(status, 0); 00216 CU_ASSERT_EQUAL(count, 7); 00217 } 00218 00219 /*+ 00220 * TestKsmKeyCountQueue - Test Key Queue counting code 00221 * 00222 * Description: 00223 * Tests that key numbers can be counted 00224 -*/ 00225 00226 static void TestKsmKeyCountQueue(void) 00227 { 00228 int zone_id = 1; 00229 int keytype = KSM_TYPE_KSK; 00230 int count; 00231 int status; 00232 00233 status = KsmKeyCountQueue(keytype, &count, zone_id); 00234 00235 CU_ASSERT_EQUAL(status, 0); 00236 CU_ASSERT_EQUAL(count, 1); 00237 00238 keytype = KSM_TYPE_ZSK; 00239 status = KsmKeyCountQueue(keytype, &count, zone_id); 00240 00241 CU_ASSERT_EQUAL(status, 0); 00242 CU_ASSERT_EQUAL(count, 1); 00243 } 00244 00245 /*+ 00246 * TestKsmKeyCountUnallocated - Test Key Unallocated counting code 00247 * 00248 * Description: 00249 * Tests that Unallocated key numbers can be counted 00250 -*/ 00251 00252 static void TestKsmKeyCountUnallocated(void) 00253 { 00254 int policy_id = 2; 00255 int sm = -1; /* count over all security modules */ 00256 int bits = -1; /* count over all sizes */ 00257 int algorithm = -1; /* count over all algorithms */ 00258 int count; 00259 int status; 00260 00261 /* status = KsmKeyCountStillGood(policy_id, sm, bits, algorithm, &count); 00262 00263 CU_ASSERT_EQUAL(status, 0); 00264 CU_ASSERT_EQUAL(count, 15); 00265 00266 algorithm = KSM_ALGORITHM_RSASHA1; 00267 status = KsmKeyCountStillGood(policy_id, sm, bits, algorithm, &count);*/ 00268 00269 CU_ASSERT_EQUAL(status, 0); 00270 CU_ASSERT_EQUAL(count, 13); 00271 } 00272 00273 /*+ 00274 * TestKsmKeyGetUnallocated - Test Key Unallocated getting code 00275 * 00276 * Description: 00277 * Tests that Unallocated keys can be found 00278 -*/ 00279 00280 static void TestKsmKeyGetUnallocated(void) 00281 { 00282 int policy_id = 2; 00283 int sm = 1; /* count over all security modules */ 00284 int bits = 1024; /* count over all sizes */ 00285 int algorithm = KSM_ALGORITHM_RSASHA1; /* count over all algorithms */ 00286 int keypair_id; 00287 DB_ID dnsseckey_id; 00288 int zone_id = 1; 00289 int status; 00290 00291 status = KsmKeyGetUnallocated(policy_id, sm, bits, algorithm, zone_id, 1, &keypair_id); 00292 00293 CU_ASSERT_EQUAL(status, 0); 00294 CU_ASSERT_EQUAL(keypair_id, 3); 00295 00296 status = KsmDnssecKeyCreate(zone_id, keypair_id, KSM_TYPE_ZSK, KSM_STATE_GENERATE, "now", NULL, &dnsseckey_id); 00297 CU_ASSERT_EQUAL(status, 0); 00298 00299 status = KsmKeyGetUnallocated(policy_id, sm, bits, algorithm, zone_id, 1, &keypair_id); 00300 00301 CU_ASSERT_EQUAL(status, 0); 00302 CU_ASSERT_EQUAL(keypair_id, 4); 00303 } 00304 00305 /*+ 00306 * TestKsmKeyCreateOnPolicy - Test Key Create code for shared key policies 00307 * 00308 * Description: 00309 * Tests that keys are created when requested 00310 -*/ 00311 00312 static void TestKsmDnssecKeyCreateOnPolicy(void) 00313 { 00314 00315 DB_ID key_pair_id; /* Created key ID */ 00316 int status = 0; /* Status return */ 00317 int rowcount; /* Number of rows returned */ 00318 char* sql; /* Constructed query */ 00319 int where = 0; /* WHERE clause count */ 00320 00321 /* Create a new keypair entry */ 00322 int policy_id = 2; 00323 char* HSMKeyID = "0x1"; 00324 int smID = 1; 00325 int size = 1024; 00326 int alg = KSM_ALGORITHM_DSASHA1; 00327 char* generate = "2009-01-01"; 00328 00329 /* make sure that sharing is turned on */ 00330 status = KsmParameterSet("zones_share_keys", "keys", 1, policy_id); 00331 CU_ASSERT_EQUAL(status, 0); 00332 00333 status = KsmKeyPairCreate(policy_id, HSMKeyID, smID, size, alg, generate, &key_pair_id); 00334 CU_ASSERT_EQUAL(status, 0); 00335 00336 /* Now create rows in dnsseckeys for the above */ 00337 /*status = KsmDnssecKeyCreateOnPolicy(policy_id, key_pair_id, KSM_TYPE_ZSK);*/ 00338 CU_ASSERT_EQUAL(status, 0); 00339 00340 /* Check that a key has been added */ 00341 00342 sql = DqsCountInit("dnsseckeys"); 00343 DqsConditionInt(&sql, "keypair_id", DQS_COMPARE_EQ, key_pair_id, where++); 00344 DqsEnd(&sql); 00345 status = DbIntQuery(DbHandle(), &rowcount, sql); 00346 DqsFree(sql); 00347 00348 CU_ASSERT_EQUAL(status, 0); 00349 00350 /* There are 2 zones on this policy */ 00351 CU_ASSERT_EQUAL(rowcount, 2); 00352 00353 } 00354 00355 /* 00356 * TestKsmKey - Create Test Suite 00357 * 00358 * Description: 00359 * Adds the test suite to the CUnit test registry and adds all the tests 00360 * to it. 00361 * 00362 * Arguments: 00363 * None. 00364 * 00365 * Returns: 00366 * int 00367 * Return status. 0 => Success. 00368 */ 00369 00370 int TestKsmKey(void); /* Declaration */ 00371 int TestKsmKey(void) 00372 { 00373 struct test_testdef tests[] = { 00374 {"KsmKeyPairCreate", TestKsmKeyPairCreate}, 00375 {"KsmDnssecKeyCreate", TestKsmDnssecKeyCreate}, 00376 {"KsmKeyPredict", TestKsmKeyPredict}, 00377 {"KsmKeyCountQueue", TestKsmKeyCountQueue}, 00378 /* {"KsmKeyCountUnallocated", TestKsmKeyCountUnallocated},*/ 00379 {"KsmKeyGetUnallocated", TestKsmKeyGetUnallocated}, 00380 /* {"KsmDnssecKeyCreateOnPolicy", TestKsmDnssecKeyCreateOnPolicy},*/ 00381 {NULL, NULL} 00382 }; 00383 00384 /* TODO 00385 * have been a bit lazy here and reuse TdbSetup etc... 00386 * this has the consequence of all the setups running for each suite 00387 * if this gets too slow then we will need to separate them out 00388 * */ 00389 return TcuCreateSuite("KsmKey", TdbSetup, TdbTeardown, tests); 00390 }