OpenDNSSEC-enforcer  1.3.9
test_ksm_key.c
Go to the documentation of this file.
1 /*
2  * $Id: test_ksm_key.c 5838 2011-11-08 14:28:05Z sion $
3  *
4  * Copyright (c) 2008-2009 Nominet UK. All rights reserved.
5  *
6  * Redistribution and use in source and binary forms, with or without
7  * modification, are permitted provided that the following conditions
8  * are met:
9  * 1. Redistributions of source code must retain the above copyright
10  * notice, this list of conditions and the following disclaimer.
11  * 2. Redistributions in binary form must reproduce the above copyright
12  * notice, this list of conditions and the following disclaimer in the
13  * documentation and/or other materials provided with the distribution.
14  *
15  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
17  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
19  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
21  * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
22  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
23  * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
24  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
25  * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26  *
27  */
28 
29 /*+
30  * Filename: test_ksm_key.c - Test Key Module
31  *
32  * Description:
33  * This is a short test module to check the function in the Ksm Key
34  * module.
35  *
36  * The test program makes use of the CUnit framework, as described in
37  * http://cunit.sourceforge.net
38 -*/
39 
40 #include <stdlib.h>
41 #include <stdio.h>
42 #include <string.h>
43 #include <time.h>
44 
45 #include "CUnit/Basic.h"
46 
47 #include "ksm/ksm.h"
48 #include "ksm/db_fields.h"
49 #include "ksm/datetime.h"
50 #include "ksm/string_util.h"
51 #include "test_routines.h"
52 
53 /*+
54  * testKeyClear - Clear KEYDATA Structure
55  *
56  * Description:
57  * Zeroes the contents of the passed KEYDATA structure.
58  *
59  * Arguments:
60  * KSM_KEYDATA* data
61  * Key data object to initialize.
62 -*/
63 
64 static void TestKeyClear(KSM_KEYDATA* data)
65 {
66  memset(data, 0, sizeof(KSM_KEYDATA));
67 
68  return;
69 }
70 
71 /*+
72  * TestKeyDefaults - Set Default Values
73  *
74  * Description:
75  * Sets up default values for the key data object.
76  *
77  * Arguments:
78  * KSM_KEYDATA* data
79  * Key data object to initialize.
80 -*/
81 
82 static void TestKeyDefaults(KSM_KEYDATA* data)
83 {
84  TestKeyClear(data);
85 
87  data->keytype = KSM_TYPE_ZSK;
88  data->siglifetime = 7 * 24 * 3600; /* 7 days */
89  data->state = KSM_STATE_GENERATE;
90 
93 
94  return;
95 }
96 
97 /*+
98  * TestKsmKeyPairCreate - Test KeyPair Create code
99  *
100  * Description:
101  * Tests that keys are created when requested
102 -*/
103 
104 static void TestKsmKeyPairCreate(void)
105 {
106 
107  DB_ID key_id; /* Created key ID */
108  int status = 0; /* Status return */
109  int rowcount; /* Number of rows returned */
110  char* sql; /* Constructed query */
111  int where = 0; /* WHERE clause count */
112 
113  /* variables to stick into table */
114  int policy_id = 2;
115  char* HSMKeyID = "0x1";
116  int smID = 1;
117  int size = 1024;
118  int alg = KSM_ALGORITHM_DSASHA1;
119  char* generate = DtParseDateTimeString("now");
120 
121  status = KsmKeyPairCreate(policy_id, HSMKeyID, smID, size, alg, generate, &key_id);
122 
123  CU_ASSERT_EQUAL(status, 0);
124 
125  /* Check that a key has been added */
126 
127  sql = DqsCountInit("keypairs");
128  DqsConditionInt(&sql, "ID", DQS_COMPARE_EQ, key_id, where++);
129  DqsEnd(&sql);
130  status = DbIntQuery(DbHandle(), &rowcount, sql);
131  DqsFree(sql);
132 
133  CU_ASSERT_EQUAL(status, 0);
134 
135  CU_ASSERT_EQUAL(rowcount, 1);
136 
137  StrFree(generate);
138 
139 }
140 
141 /*+
142  * TestKsmKeyCreate - Test Key Create code
143  *
144  * Description:
145  * Tests that keys are created when requested
146 -*/
147 
148 static void TestKsmDnssecKeyCreate(void)
149 {
150 
151  DB_ID keypair_id; /* Created key ID */
152  DB_ID dnsseckey_id; /* Created key ID */
153  int status = 0; /* Status return */
154  int rowcount; /* Number of rows returned */
155  char* sql; /* Constructed query */
156  int where = 0; /* WHERE clause count */
157  int zone_id = 1;
158 
159  /* Create a new keypair entry */
160  int policy_id = 2;
161  char* HSMKeyID = "0x1";
162  int smID = 1;
163  int size = 1024;
164  int alg = KSM_ALGORITHM_DSASHA1;
165  char* generate = "2009-01-01";
166 
167  status = KsmKeyPairCreate(policy_id, HSMKeyID, smID, size, alg, generate, &keypair_id);
168 
169  CU_ASSERT_EQUAL(status, 0);
170 
171  /* Now create a row in dnsseckeys for the above */
172 
173  status = KsmDnssecKeyCreate(zone_id, keypair_id, KSM_TYPE_ZSK, KSM_STATE_GENERATE, generate, NULL, &dnsseckey_id);
174 
175  CU_ASSERT_EQUAL(status, 0);
176 
177  /* Check that a key has been added */
178 
179  sql = DqsCountInit("dnsseckeys");
180  DqsConditionInt(&sql, "ID", DQS_COMPARE_EQ, dnsseckey_id, where++);
181  DqsEnd(&sql);
182  status = DbIntQuery(DbHandle(), &rowcount, sql);
183  DqsFree(sql);
184 
185  CU_ASSERT_EQUAL(status, 0);
186 
187  CU_ASSERT_EQUAL(rowcount, 1);
188 
189 }
190 
191 /*+
192  * TestKsmKeyPredict - Test Key Predict code
193  *
194  * Description:
195  * Tests that key numbers can be predicted
196 -*/
197 
198 static void TestKsmKeyPredict(void)
199 {
200  int policy_id = 2;
201  int keytype = KSM_TYPE_KSK;
202  int keys_shared = KSM_KEYS_SHARED;
203  int interval = 86400*4; /* 4 days; lifetime == 1day */
204  int count;
205  int status;
206 
207  status = KsmKeyPredict(policy_id, keytype, keys_shared, interval, &count, KSM_ROLL_DEFAULT, 1);
208 
209  CU_ASSERT_EQUAL(status, 0);
210  CU_ASSERT_EQUAL(count, 7); /* 4 rollovers, 2 standby plus one to get ready */
211 
212  keytype = KSM_TYPE_ZSK;
213  status = KsmKeyPredict(policy_id, keytype, keys_shared, interval, &count, KSM_ROLL_DEFAULT, 1);
214 
215  CU_ASSERT_EQUAL(status, 0);
216  CU_ASSERT_EQUAL(count, 7);
217 }
218 
219 /*+
220  * TestKsmKeyCountQueue - Test Key Queue counting code
221  *
222  * Description:
223  * Tests that key numbers can be counted
224 -*/
225 
226 static void TestKsmKeyCountQueue(void)
227 {
228  int zone_id = 1;
229  int keytype = KSM_TYPE_KSK;
230  int count;
231  int status;
232 
233  status = KsmKeyCountQueue(keytype, &count, zone_id);
234 
235  CU_ASSERT_EQUAL(status, 0);
236  CU_ASSERT_EQUAL(count, 1);
237 
238  keytype = KSM_TYPE_ZSK;
239  status = KsmKeyCountQueue(keytype, &count, zone_id);
240 
241  CU_ASSERT_EQUAL(status, 0);
242  CU_ASSERT_EQUAL(count, 1);
243 }
244 
245 /*+
246  * TestKsmKeyCountUnallocated - Test Key Unallocated counting code
247  *
248  * Description:
249  * Tests that Unallocated key numbers can be counted
250 -*/
251 
252 static void TestKsmKeyCountUnallocated(void)
253 {
254  int policy_id = 2;
255  int sm = -1; /* count over all security modules */
256  int bits = -1; /* count over all sizes */
257  int algorithm = -1; /* count over all algorithms */
258  int count;
259  int status;
260 
261 /* status = KsmKeyCountStillGood(policy_id, sm, bits, algorithm, &count);
262 
263  CU_ASSERT_EQUAL(status, 0);
264  CU_ASSERT_EQUAL(count, 15);
265 
266  algorithm = KSM_ALGORITHM_RSASHA1;
267  status = KsmKeyCountStillGood(policy_id, sm, bits, algorithm, &count);*/
268 
269  CU_ASSERT_EQUAL(status, 0);
270  CU_ASSERT_EQUAL(count, 13);
271 }
272 
273 /*+
274  * TestKsmKeyGetUnallocated - Test Key Unallocated getting code
275  *
276  * Description:
277  * Tests that Unallocated keys can be found
278 -*/
279 
280 static void TestKsmKeyGetUnallocated(void)
281 {
282  int policy_id = 2;
283  int sm = 1; /* count over all security modules */
284  int bits = 1024; /* count over all sizes */
285  int algorithm = KSM_ALGORITHM_RSASHA1; /* count over all algorithms */
286  int keypair_id;
287  DB_ID dnsseckey_id;
288  int zone_id = 1;
289  int status;
290 
291  status = KsmKeyGetUnallocated(policy_id, sm, bits, algorithm, zone_id, 1, &keypair_id);
292 
293  CU_ASSERT_EQUAL(status, 0);
294  CU_ASSERT_EQUAL(keypair_id, 3);
295 
296  status = KsmDnssecKeyCreate(zone_id, keypair_id, KSM_TYPE_ZSK, KSM_STATE_GENERATE, "now", NULL, &dnsseckey_id);
297  CU_ASSERT_EQUAL(status, 0);
298 
299  status = KsmKeyGetUnallocated(policy_id, sm, bits, algorithm, zone_id, 1, &keypair_id);
300 
301  CU_ASSERT_EQUAL(status, 0);
302  CU_ASSERT_EQUAL(keypair_id, 4);
303 }
304 
305 /*+
306  * TestKsmKeyCreateOnPolicy - Test Key Create code for shared key policies
307  *
308  * Description:
309  * Tests that keys are created when requested
310 -*/
311 
312 static void TestKsmDnssecKeyCreateOnPolicy(void)
313 {
314 
315  DB_ID key_pair_id; /* Created key ID */
316  int status = 0; /* Status return */
317  int rowcount; /* Number of rows returned */
318  char* sql; /* Constructed query */
319  int where = 0; /* WHERE clause count */
320 
321  /* Create a new keypair entry */
322  int policy_id = 2;
323  char* HSMKeyID = "0x1";
324  int smID = 1;
325  int size = 1024;
326  int alg = KSM_ALGORITHM_DSASHA1;
327  char* generate = "2009-01-01";
328 
329  /* make sure that sharing is turned on */
330  status = KsmParameterSet("zones_share_keys", "keys", 1, policy_id);
331  CU_ASSERT_EQUAL(status, 0);
332 
333  status = KsmKeyPairCreate(policy_id, HSMKeyID, smID, size, alg, generate, &key_pair_id);
334  CU_ASSERT_EQUAL(status, 0);
335 
336  /* Now create rows in dnsseckeys for the above */
337  /*status = KsmDnssecKeyCreateOnPolicy(policy_id, key_pair_id, KSM_TYPE_ZSK);*/
338  CU_ASSERT_EQUAL(status, 0);
339 
340  /* Check that a key has been added */
341 
342  sql = DqsCountInit("dnsseckeys");
343  DqsConditionInt(&sql, "keypair_id", DQS_COMPARE_EQ, key_pair_id, where++);
344  DqsEnd(&sql);
345  status = DbIntQuery(DbHandle(), &rowcount, sql);
346  DqsFree(sql);
347 
348  CU_ASSERT_EQUAL(status, 0);
349 
350  /* There are 2 zones on this policy */
351  CU_ASSERT_EQUAL(rowcount, 2);
352 
353 }
354 
355 /*
356  * TestKsmKey - Create Test Suite
357  *
358  * Description:
359  * Adds the test suite to the CUnit test registry and adds all the tests
360  * to it.
361  *
362  * Arguments:
363  * None.
364  *
365  * Returns:
366  * int
367  * Return status. 0 => Success.
368  */
369 
370 int TestKsmKey(void); /* Declaration */
371 int TestKsmKey(void)
372 {
373  struct test_testdef tests[] = {
374  {"KsmKeyPairCreate", TestKsmKeyPairCreate},
375  {"KsmDnssecKeyCreate", TestKsmDnssecKeyCreate},
376  {"KsmKeyPredict", TestKsmKeyPredict},
377  {"KsmKeyCountQueue", TestKsmKeyCountQueue},
378 /* {"KsmKeyCountUnallocated", TestKsmKeyCountUnallocated},*/
379  {"KsmKeyGetUnallocated", TestKsmKeyGetUnallocated},
380 /* {"KsmDnssecKeyCreateOnPolicy", TestKsmDnssecKeyCreateOnPolicy},*/
381  {NULL, NULL}
382  };
383 
384  /* TODO
385  * have been a bit lazy here and reuse TdbSetup etc...
386  * this has the consequence of all the setups running for each suite
387  * if this gets too slow then we will need to separate them out
388  * */
389  return TcuCreateSuite("KsmKey", TdbSetup, TdbTeardown, tests);
390 }