- Updated to new upstream revision.

4 files changed, 377 insertions, 6 deletions

diff --git a/src/charon/plugins/unit_tester/tests/test_cert.c b/src/charon/plugins/unit_tester/tests/test_cert.c
new file mode 100644
index 000000000..95ab289df
--- /dev/null
+++ b/src/charon/plugins/unit_tester/tests/test_cert.c
@@ -0,0 +1,108 @@
+/*
+ * Copyright (C) 2008 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <library.h>
+#include <daemon.h>
+#include <credentials/certificates/x509.h>
+
+/*******************************************************************************
+ * X509 certificate generation and parsing
+ ******************************************************************************/
+bool test_cert_x509()
+{
+	private_key_t *ca_key, *peer_key;
+	public_key_t *public;
+	certificate_t *ca_cert, *peer_cert, *parsed;
+	identification_t *issuer, *subject;
+	u_int32_t serial = htonl(0);
+	chunk_t encoding;
+	
+	issuer = identification_create_from_string("CN=CA, OU=Test, O=strongSwan");
+	subject = identification_create_from_string("CN=Peer, OU=Test, O=strongSwan");
+	
+	ca_key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_RSA,
+						BUILD_KEY_SIZE, 1024, BUILD_END);
+	peer_key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_RSA,
+						BUILD_KEY_SIZE, 1024, BUILD_END);
+	if (!ca_key)
+	{
+		return FALSE;
+	}
+	ca_cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
+						BUILD_SIGNING_KEY, ca_key,
+						BUILD_SUBJECT, issuer,
+						BUILD_SERIAL, chunk_from_thing(serial),
+						BUILD_X509_FLAG, X509_CA,
+						BUILD_END);
+	if (!ca_cert)
+	{
+		return FALSE;
+	}
+	
+	encoding = ca_cert->get_encoding(ca_cert);
+	parsed = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
+						BUILD_BLOB_ASN1_DER, encoding,
+						BUILD_END);
+	chunk_free(&encoding);
+	if (!parsed)
+	{
+		return FALSE;
+	}
+	if (!parsed->issued_by(parsed, ca_cert))
+	{
+		return FALSE;
+	}
+	parsed->destroy(parsed);
+	
+	serial = htonl(ntohl(serial) + 1);
+	public = peer_key->get_public_key(peer_key);
+	peer_cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
+						BUILD_SIGNING_KEY, ca_key,
+						BUILD_SIGNING_CERT, ca_cert,
+						BUILD_PUBLIC_KEY, public,
+						BUILD_SUBJECT, subject,
+						BUILD_SERIAL, chunk_from_thing(serial),
+						BUILD_END);
+	public->destroy(public);
+	if (!peer_cert)
+	{
+		return FALSE;
+	}
+	
+	encoding = peer_cert->get_encoding(peer_cert);
+	parsed = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
+						BUILD_BLOB_ASN1_DER, encoding,
+						BUILD_END);
+	chunk_free(&encoding);
+	if (!parsed)
+	{
+		return FALSE;
+	}
+	if (!parsed->issued_by(parsed, ca_cert))
+	{
+		return FALSE;
+	}
+	parsed->destroy(parsed);
+	
+	ca_cert->destroy(ca_cert);
+	ca_key->destroy(ca_key);
+	peer_cert->destroy(peer_cert);
+	peer_key->destroy(peer_key);
+	issuer->destroy(issuer);
+	subject->destroy(subject);
+	return TRUE;
+}
+
+
diff --git a/src/charon/plugins/unit_tester/tests/test_enumerator.c b/src/charon/plugins/unit_tester/tests/test_enumerator.c
index a7f3dd822..6898084fc 100644
--- a/src/charon/plugins/unit_tester/tests/test_enumerator.c
+++ b/src/charon/plugins/unit_tester/tests/test_enumerator.c
@@ -226,18 +226,26 @@ bool test_enumerate_token()
 		char *string;
 		char *sep;
 		char *trim;
-	} tests[] = {
+	} tests1[] = {
 		{"abc, cde, efg", ",", " "},
 		{" abc 1:2 cde;3  4efg5.  ", ":;.,", " 12345"},
 		{"abc.cde,efg", ",.", ""},
 		{"  abc   cde  efg  ", " ", " "},
+		{"a'abc' c 'cde' cefg", " ", " abcd"},
+		{"'abc' abc 'cde'd 'efg'", " ", " abcd"},
+	}, tests2[] = {
+		{"a, b, c", ",", " "},
+		{"a,b,c", ",", " "},
+		{" a 1:2 b;3  4c5.  ", ":;.,", " 12345"},
+		{"a.b,c", ",.", ""},
+		{"  a   b  c  ", " ", " "},
 	};
 	
-	for (num = 0; num < countof(tests); num++)
+	for (num = 0; num < countof(tests1); num++)
 	{
 		i = 0;
-		enumerator = enumerator_create_token(
-							tests[num].string, tests[num].sep, tests[num].trim);
+		enumerator = enumerator_create_token(tests1[num].string,
+											 tests1[num].sep, tests1[num].trim);
 		while (enumerator->enumerate(enumerator, &token))
 		{
 			switch (i)
@@ -256,9 +264,43 @@ bool test_enumerate_token()
 			}
 			i++;
 		}
+		if (i != 3)
+		{
+			return FALSE;
+		}
 		enumerator->destroy(enumerator);
 	}
-
+	
+	for (num = 0; num < countof(tests2); num++)
+	{
+		i = 0;
+		enumerator = enumerator_create_token(tests2[num].string,
+											 tests2[num].sep, tests2[num].trim);
+		while (enumerator->enumerate(enumerator, &token))
+		{
+			switch (i)
+			{
+				case 0:
+					if (!streq(token, "a")) return FALSE;
+					break;
+				case 1:
+					if (!streq(token, "b")) return FALSE;
+					break;
+				case 2:
+					if (!streq(token, "c")) return FALSE;
+					break;
+				default:
+					return FALSE;
+			}
+			i++;
+		}
+		if (i != 3)
+		{
+			return FALSE;
+		}
+		enumerator->destroy(enumerator);
+	}
+	
 	return TRUE;
 }
 
diff --git a/src/charon/plugins/unit_tester/tests/test_pool.c b/src/charon/plugins/unit_tester/tests/test_pool.c
index 40334335d..b11f71704 100644
--- a/src/charon/plugins/unit_tester/tests/test_pool.c
+++ b/src/charon/plugins/unit_tester/tests/test_pool.c
@@ -60,7 +60,7 @@ static void* testing(void *thread)
 	/* release addresses */
 	for (i = 0; i < ALLOCS; i++)
 	{
-		charon->attributes->release_address(charon->attributes, "test", addr[i]);
+		charon->attributes->release_address(charon->attributes, "test", addr[i], id[i]);
 	}
 	
 	/* cleanup */
diff --git a/src/charon/plugins/unit_tester/tests/test_rng.c b/src/charon/plugins/unit_tester/tests/test_rng.c
new file mode 100644
index 000000000..60cbf2d36
--- /dev/null
+++ b/src/charon/plugins/unit_tester/tests/test_rng.c
@@ -0,0 +1,221 @@
+/*
+ * Copyright (C) 2008 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <daemon.h>
+#include <library.h>
+#include <utils/mutex.h>
+
+#include <unistd.h>
+#include <sched.h>
+#include <pthread.h>
+
+static bool test_monobit(chunk_t data)
+{
+	int i, j, bits = 0;
+	
+	for (i = 0; i < data.len; i++)
+	{
+		for (j = 0; j < 8; j++)
+		{
+			if (data.ptr[i] & (1<<j))
+			{
+				bits++;
+			}
+		}
+	}
+	DBG1(DBG_CFG, "  Monobit: %d/%d bits set", bits, data.len * 8);
+	if (bits > 9654 && bits < 10346)
+	{
+		return TRUE;
+	}
+	return FALSE;
+}
+
+static bool test_poker(chunk_t data)
+{
+	int i, counter[16];
+	double sum = 0.0;
+	
+	memset(counter, 0, sizeof(counter));
+	
+	for (i = 0; i < data.len; i++)
+	{
+		counter[data.ptr[i] & 0x0F]++;
+		counter[(data.ptr[i] & 0xF0) >> 4]++;
+	}
+	
+	for (i = 0; i < countof(counter); i++)
+	{
+		sum += (counter[i] * counter[i]) / 5000.0 * 16.0;
+	}
+	sum -= 5000.0;
+	DBG1(DBG_CFG, "  Poker: %f", sum);
+	if (sum > 1.03 && sum < 57.4)
+	{
+		return TRUE;
+	}
+	return FALSE;
+}
+
+static bool test_runs(chunk_t data)
+{
+	int i, j, zero_runs[7], one_runs[7], zero = 0, one = 0, longrun = 0;
+	bool ok = TRUE;
+	
+	memset(one_runs, 0, sizeof(zero_runs));
+	memset(zero_runs, 0, sizeof(one_runs));
+	
+	for (i = 0; i < data.len; i++)
+	{
+		for (j = 0; j < 8; j++)
+		{
+			if (data.ptr[i] & (1<<j))
+			{
+				if (one)
+				{
+					if (++one >= 34)
+					{
+						longrun++;
+						break;
+					}
+				}
+				else
+				{
+					zero_runs[min(6, zero)]++;
+					zero = 0;
+					one = 1;
+				}
+			}
+			else
+			{
+				if (zero)
+				{
+					if (++zero >= 34)
+					{
+						longrun++;
+						break;
+					}
+				}
+				else
+				{
+					one_runs[min(6, one)]++;
+					one = 0;
+					zero = 1;
+				}
+			}
+		}
+	}
+	
+	DBG1(DBG_CFG, "  Runs: zero: %d/%d/%d/%d/%d/%d, one: %d/%d/%d/%d/%d/%d, "
+		 "longruns: %d",
+		 zero_runs[1], zero_runs[2], zero_runs[3],
+		 zero_runs[4], zero_runs[5], zero_runs[6],
+		 one_runs[1], one_runs[2], one_runs[3],
+		 one_runs[4], one_runs[5], one_runs[6],
+		 longrun);
+	
+	if (longrun)
+	{
+		return FALSE;
+	}
+	
+	for (i = 1; i < countof(zero_runs); i++)
+	{
+		switch (i)
+		{
+			case 1:
+				ok &= zero_runs[i] > 2267 && zero_runs[i] < 2733;
+				ok &= one_runs[i] > 2267 && one_runs[i] < 2733;
+				break;
+			case 2:
+				ok &= zero_runs[i] > 1079 && zero_runs[i] < 1421;
+				ok &= one_runs[i] > 1079 && one_runs[i] < 1421;
+				break;
+			case 3:
+				ok &= zero_runs[i] > 502 && zero_runs[i] < 748;
+				ok &= one_runs[i] > 502 && one_runs[i] < 748;
+				break;
+			case 4:
+				ok &= zero_runs[i] > 223 && zero_runs[i] < 402;
+				ok &= one_runs[i] > 223 && one_runs[i] < 402;
+				break;
+			case 5:
+				ok &= zero_runs[i] > 90 && zero_runs[i] < 223;
+				ok &= one_runs[i] > 90 && one_runs[i] < 223;
+				break;
+			case 6:
+				ok &= zero_runs[i] > 90 && zero_runs[i] < 223;
+				ok &= one_runs[i] > 90 && one_runs[i] < 223;
+				break;
+		}
+		if (!ok)
+		{
+			return FALSE;
+		}
+	}
+	return TRUE;
+}
+
+static bool test_rng_quality(rng_quality_t quality)
+{
+	rng_t *rng;
+	chunk_t chunk;
+	
+	rng = lib->crypto->create_rng(lib->crypto, quality);
+	if (!rng)
+	{
+		return FALSE;
+	}
+	DBG1(DBG_CFG, "%N", rng_quality_names, quality);
+	rng->allocate_bytes(rng, 2500, &chunk);
+	
+	if (!test_monobit(chunk))
+	{
+		return FALSE;
+	}
+	if (!test_poker(chunk))
+	{
+		return FALSE;
+	}
+	if (!test_runs(chunk))
+	{
+		return FALSE;
+	}
+	
+	free(chunk.ptr);
+	rng->destroy(rng);
+	return TRUE;
+}
+
+/**
+ * run a test using given values
+ */
+bool test_rng()
+{
+	if (!test_rng_quality(RNG_WEAK))
+	{
+		return FALSE;
+	}
+	if (!test_rng_quality(RNG_STRONG))
+	{
+		return FALSE;
+	}
+	if (!test_rng_quality(RNG_REAL))
+	{
+		return FALSE;
+	}
+	return TRUE; 
+}
+