OpenDNSSEC-enforcer  1.4.9
test_ksm_key.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2008-2009 Nominet UK. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  * notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  * notice, this list of conditions and the following disclaimer in the
11  * documentation and/or other materials provided with the distribution.
12  *
13  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
14  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
15  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
17  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
19  * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
20  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
21  * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
22  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
23  * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24  *
25  */
26 
27 /*+
28  * Filename: test_ksm_key.c - Test Key Module
29  *
30  * Description:
31  * This is a short test module to check the function in the Ksm Key
32  * module.
33  *
34  * The test program makes use of the CUnit framework, as described in
35  * http://cunit.sourceforge.net
36 -*/
37 
38 #include <stdlib.h>
39 #include <stdio.h>
40 #include <string.h>
41 #include <time.h>
42 
43 #include "CUnit/Basic.h"
44 
45 #include "ksm/ksm.h"
46 #include "ksm/db_fields.h"
47 #include "ksm/datetime.h"
48 #include "ksm/string_util.h"
49 #include "test_routines.h"
50 
51 /*+
52  * testKeyClear - Clear KEYDATA Structure
53  *
54  * Description:
55  * Zeroes the contents of the passed KEYDATA structure.
56  *
57  * Arguments:
58  * KSM_KEYDATA* data
59  * Key data object to initialize.
60 -*/
61 
62 static void TestKeyClear(KSM_KEYDATA* data)
63 {
64  memset(data, 0, sizeof(KSM_KEYDATA));
65 
66  return;
67 }
68 
69 /*+
70  * TestKeyDefaults - Set Default Values
71  *
72  * Description:
73  * Sets up default values for the key data object.
74  *
75  * Arguments:
76  * KSM_KEYDATA* data
77  * Key data object to initialize.
78 -*/
79 
80 static void TestKeyDefaults(KSM_KEYDATA* data)
81 {
82  TestKeyClear(data);
83 
85  data->keytype = KSM_TYPE_ZSK;
86  data->siglifetime = 7 * 24 * 3600; /* 7 days */
87  data->state = KSM_STATE_GENERATE;
88 
91 
92  return;
93 }
94 
95 /*+
96  * TestKsmKeyPairCreate - Test KeyPair Create code
97  *
98  * Description:
99  * Tests that keys are created when requested
100 -*/
101 
102 static void TestKsmKeyPairCreate(void)
103 {
104 
105  DB_ID key_id; /* Created key ID */
106  int status = 0; /* Status return */
107  int rowcount; /* Number of rows returned */
108  char* sql; /* Constructed query */
109  int where = 0; /* WHERE clause count */
110 
111  /* variables to stick into table */
112  int policy_id = 2;
113  char* HSMKeyID = "0x1";
114  int smID = 1;
115  int size = 1024;
116  int alg = KSM_ALGORITHM_DSASHA1;
117  char* generate = DtParseDateTimeString("now");
118 
119  status = KsmKeyPairCreate(policy_id, HSMKeyID, smID, size, alg, generate, &key_id);
120 
121  CU_ASSERT_EQUAL(status, 0);
122 
123  /* Check that a key has been added */
124 
125  sql = DqsCountInit("keypairs");
126  DqsConditionInt(&sql, "ID", DQS_COMPARE_EQ, key_id, where++);
127  DqsEnd(&sql);
128  status = DbIntQuery(DbHandle(), &rowcount, sql);
129  DqsFree(sql);
130 
131  CU_ASSERT_EQUAL(status, 0);
132 
133  CU_ASSERT_EQUAL(rowcount, 1);
134 
135  StrFree(generate);
136 
137 }
138 
139 /*+
140  * TestKsmKeyCreate - Test Key Create code
141  *
142  * Description:
143  * Tests that keys are created when requested
144 -*/
145 
146 static void TestKsmDnssecKeyCreate(void)
147 {
148 
149  DB_ID keypair_id; /* Created key ID */
150  DB_ID dnsseckey_id; /* Created key ID */
151  int status = 0; /* Status return */
152  int rowcount; /* Number of rows returned */
153  char* sql; /* Constructed query */
154  int where = 0; /* WHERE clause count */
155  int zone_id = 1;
156 
157  /* Create a new keypair entry */
158  int policy_id = 2;
159  char* HSMKeyID = "0x1";
160  int smID = 1;
161  int size = 1024;
162  int alg = KSM_ALGORITHM_DSASHA1;
163  char* generate = "2009-01-01";
164 
165  status = KsmKeyPairCreate(policy_id, HSMKeyID, smID, size, alg, generate, &keypair_id);
166 
167  CU_ASSERT_EQUAL(status, 0);
168 
169  /* Now create a row in dnsseckeys for the above */
170 
171  status = KsmDnssecKeyCreate(zone_id, keypair_id, KSM_TYPE_ZSK, KSM_STATE_GENERATE, 0, generate, NULL, &dnsseckey_id);
172 
173  CU_ASSERT_EQUAL(status, 0);
174 
175  /* Check that a key has been added */
176 
177  sql = DqsCountInit("dnsseckeys");
178  DqsConditionInt(&sql, "ID", DQS_COMPARE_EQ, dnsseckey_id, where++);
179  DqsEnd(&sql);
180  status = DbIntQuery(DbHandle(), &rowcount, sql);
181  DqsFree(sql);
182 
183  CU_ASSERT_EQUAL(status, 0);
184 
185  CU_ASSERT_EQUAL(rowcount, 1);
186 
187 }
188 
189 /*+
190  * TestKsmKeyPredict - Test Key Predict code
191  *
192  * Description:
193  * Tests that key numbers can be predicted
194 -*/
195 
196 static void TestKsmKeyPredict(void)
197 {
198  int policy_id = 2;
199  int keytype = KSM_TYPE_KSK;
200  int keys_shared = KSM_KEYS_SHARED;
201  int interval = 86400*4; /* 4 days; lifetime == 1day */
202  int count;
203  int status;
204 
205  status = KsmKeyPredict(policy_id, keytype, keys_shared, interval, &count, KSM_ROLL_DEFAULT, 1);
206 
207  CU_ASSERT_EQUAL(status, 0);
208  CU_ASSERT_EQUAL(count, 7); /* 4 rollovers, 2 standby plus one to get ready */
209 
210  keytype = KSM_TYPE_ZSK;
211  status = KsmKeyPredict(policy_id, keytype, keys_shared, interval, &count, KSM_ROLL_DEFAULT, 1);
212 
213  CU_ASSERT_EQUAL(status, 0);
214  CU_ASSERT_EQUAL(count, 7);
215 }
216 
217 /*+
218  * TestKsmKeyCountQueue - Test Key Queue counting code
219  *
220  * Description:
221  * Tests that key numbers can be counted
222 -*/
223 
224 static void TestKsmKeyCountQueue(void)
225 {
226  int zone_id = 1;
227  int keytype = KSM_TYPE_KSK;
228  int count;
229  int status;
230 
231  status = KsmKeyCountQueue(keytype, &count, zone_id);
232 
233  CU_ASSERT_EQUAL(status, 0);
234  CU_ASSERT_EQUAL(count, 1);
235 
236  keytype = KSM_TYPE_ZSK;
237  status = KsmKeyCountQueue(keytype, &count, zone_id);
238 
239  CU_ASSERT_EQUAL(status, 0);
240  CU_ASSERT_EQUAL(count, 1);
241 }
242 
243 /*+
244  * TestKsmKeyCountUnallocated - Test Key Unallocated counting code
245  *
246  * Description:
247  * Tests that Unallocated key numbers can be counted
248 -*/
249 
250 static void TestKsmKeyCountUnallocated(void)
251 {
252  int policy_id = 2;
253  int sm = -1; /* count over all security modules */
254  int bits = -1; /* count over all sizes */
255  int algorithm = -1; /* count over all algorithms */
256  int count;
257  int status;
258 
259 /* status = KsmKeyCountStillGood(policy_id, sm, bits, algorithm, &count);
260 
261  CU_ASSERT_EQUAL(status, 0);
262  CU_ASSERT_EQUAL(count, 15);
263 
264  algorithm = KSM_ALGORITHM_RSASHA1;
265  status = KsmKeyCountStillGood(policy_id, sm, bits, algorithm, &count);*/
266 
267  CU_ASSERT_EQUAL(status, 0);
268  CU_ASSERT_EQUAL(count, 13);
269 }
270 
271 /*+
272  * TestKsmKeyGetUnallocated - Test Key Unallocated getting code
273  *
274  * Description:
275  * Tests that Unallocated keys can be found
276 -*/
277 
278 static void TestKsmKeyGetUnallocated(void)
279 {
280  int policy_id = 2;
281  int sm = 1; /* count over all security modules */
282  int bits = 1024; /* count over all sizes */
283  int algorithm = KSM_ALGORITHM_RSASHA1; /* count over all algorithms */
284  int keypair_id;
285  DB_ID dnsseckey_id;
286  int zone_id = 1;
287  int status;
288 
289  status = KsmKeyGetUnallocated(policy_id, sm, bits, algorithm, zone_id, 1, &keypair_id);
290 
291  CU_ASSERT_EQUAL(status, 0);
292  CU_ASSERT_EQUAL(keypair_id, 3);
293 
294  status = KsmDnssecKeyCreate(zone_id, keypair_id, KSM_TYPE_ZSK, KSM_STATE_GENERATE, 0, "now", NULL, &dnsseckey_id);
295  CU_ASSERT_EQUAL(status, 0);
296 
297  status = KsmKeyGetUnallocated(policy_id, sm, bits, algorithm, zone_id, 1, &keypair_id);
298 
299  CU_ASSERT_EQUAL(status, 0);
300  CU_ASSERT_EQUAL(keypair_id, 4);
301 }
302 
303 /*+
304  * TestKsmKeyCreateOnPolicy - Test Key Create code for shared key policies
305  *
306  * Description:
307  * Tests that keys are created when requested
308 -*/
309 
310 static void TestKsmDnssecKeyCreateOnPolicy(void)
311 {
312 
313  DB_ID key_pair_id; /* Created key ID */
314  int status = 0; /* Status return */
315  int rowcount; /* Number of rows returned */
316  char* sql; /* Constructed query */
317  int where = 0; /* WHERE clause count */
318 
319  /* Create a new keypair entry */
320  int policy_id = 2;
321  char* HSMKeyID = "0x1";
322  int smID = 1;
323  int size = 1024;
324  int alg = KSM_ALGORITHM_DSASHA1;
325  char* generate = "2009-01-01";
326 
327  /* make sure that sharing is turned on */
328  status = KsmParameterSet("zones_share_keys", "keys", 1, policy_id);
329  CU_ASSERT_EQUAL(status, 0);
330 
331  status = KsmKeyPairCreate(policy_id, HSMKeyID, smID, size, alg, generate, &key_pair_id);
332  CU_ASSERT_EQUAL(status, 0);
333 
334  /* Now create rows in dnsseckeys for the above */
335  /*status = KsmDnssecKeyCreateOnPolicy(policy_id, key_pair_id, KSM_TYPE_ZSK);*/
336  CU_ASSERT_EQUAL(status, 0);
337 
338  /* Check that a key has been added */
339 
340  sql = DqsCountInit("dnsseckeys");
341  DqsConditionInt(&sql, "keypair_id", DQS_COMPARE_EQ, key_pair_id, where++);
342  DqsEnd(&sql);
343  status = DbIntQuery(DbHandle(), &rowcount, sql);
344  DqsFree(sql);
345 
346  CU_ASSERT_EQUAL(status, 0);
347 
348  /* There are 2 zones on this policy */
349  CU_ASSERT_EQUAL(rowcount, 2);
350 
351 }
352 
353 /*
354  * TestKsmKey - Create Test Suite
355  *
356  * Description:
357  * Adds the test suite to the CUnit test registry and adds all the tests
358  * to it.
359  *
360  * Arguments:
361  * None.
362  *
363  * Returns:
364  * int
365  * Return status. 0 => Success.
366  */
367 
368 int TestKsmKey(void); /* Declaration */
369 int TestKsmKey(void)
370 {
371  struct test_testdef tests[] = {
372  {"KsmKeyPairCreate", TestKsmKeyPairCreate},
373  {"KsmDnssecKeyCreate", TestKsmDnssecKeyCreate},
374  {"KsmKeyPredict", TestKsmKeyPredict},
375  {"KsmKeyCountQueue", TestKsmKeyCountQueue},
376 /* {"KsmKeyCountUnallocated", TestKsmKeyCountUnallocated},*/
377  {"KsmKeyGetUnallocated", TestKsmKeyGetUnallocated},
378 /* {"KsmDnssecKeyCreateOnPolicy", TestKsmDnssecKeyCreateOnPolicy},*/
379  {NULL, NULL}
380  };
381 
382  /* TODO
383  * have been a bit lazy here and reuse TdbSetup etc...
384  * this has the consequence of all the setups running for each suite
385  * if this gets too slow then we will need to separate them out
386  * */
387  return TcuCreateSuite("KsmKey", TdbSetup, TdbTeardown, tests);
388 }
int siglifetime
Definition: ksm.h:105
#define KSM_TYPE_ZSK
Definition: ksm.h:362
#define StrFree(x)
Definition: string_util.h:66
int TestKsmKey(void)
Definition: test_ksm_key.c:369
#define KEYDATA_M_ALGORITHM
Definition: ksm.h:78
int flags
Definition: ksm.h:126
int KsmKeyCountQueue(int keytype, int *count, int zone_id)
Definition: ksm_key.c:664
int state
Definition: ksm.h:102
int TcuCreateSuite(const char *title, int(*init)(), int(*teardown)(), struct test_testdef *tests)
#define KSM_ROLL_DEFAULT
Definition: ksm.h:400
int KsmKeyPairCreate(int policy_id, const char *HSMKeyID, int smID, int size, int alg, const char *generate, DB_ID *id)
Definition: ksm_key.c:84
void DqsFree(char *query)
Definition: dq_string.c:320
#define KSM_ALGORITHM_DSASHA1
Definition: ksm.h:334
char * DqsCountInit(const char *table)
Definition: dq_string.c:90
DB_HANDLE DbHandle(void)
void DqsConditionInt(char **query, const char *field, DQS_COMPARISON compare, int value, int index)
Definition: dq_string.c:224
char * DtParseDateTimeString(const char *string)
Definition: datetime.c:614
unsigned long DB_ID
Definition: database.h:78
#define KSM_ALGORITHM_RSASHA1
Definition: ksm.h:336
#define KEYDATA_M_SIGLIFETIME
Definition: ksm.h:79
int KsmKeyPredict(int policy_id, int keytype, int shared_keys, int interval, int *count, int rollover_scheme, int zone_count)
Definition: ksm_key.c:571
int keytype
Definition: ksm.h:103
int algorithm
Definition: ksm.h:104
int DbIntQuery(DB_HANDLE handle, int *value, const char *query)
int TdbTeardown(void)
int KsmKeyGetUnallocated(int policy_id, int sm, int bits, int algorithm, int zone_id, int share_keys, int *keypair_id)
Definition: ksm_key.c:881
int KsmDnssecKeyCreate(int zone_id, int keypair_id, int keytype, int state, int rfc5011, const char *time, const char *retTime, DB_ID *id)
Definition: ksm_key.c:141
int TdbSetup(void)
#define KSM_KEYS_SHARED
Definition: ksm.h:398
#define KEYDATA_M_STATE
Definition: ksm.h:76
#define KSM_TYPE_KSK
Definition: ksm.h:360
int KsmParameterSet(const char *name, const char *category, int value, int policy_id)
#define KEYDATA_M_KEYTYPE
Definition: ksm.h:77
#define KSM_STATE_GENERATE
Definition: ksm.h:367
void DqsEnd(char **query)
Definition: dq_string.c:299