Imported Upstream version 5.3.4

5 files changed, 141 insertions, 33 deletions

diff --git a/src/libstrongswan/tests/suites/test_hasher.c b/src/libstrongswan/tests/suites/test_hasher.c
index 14cc32122..067abf0d9 100644
--- a/src/libstrongswan/tests/suites/test_hasher.c
+++ b/src/libstrongswan/tests/suites/test_hasher.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2013 Andreas Steffen
+ * Copyright (C) 2013-2015 Andreas Steffen
  * HSR Hochschule fuer Technik Rapperswil
  *
  * This program is free software; you can redistribute it and/or modify it
@@ -28,30 +28,38 @@ typedef struct {
 }hasher_oid_t;
 
 static hasher_oid_t oids[] = {
-	{ OID_MD2, HASH_MD2, KEY_ANY },
-	{ OID_MD5, HASH_MD5, KEY_ANY },
-	{ OID_SHA1, HASH_SHA1, KEY_ANY },
-	{ OID_SHA224, HASH_SHA224, KEY_ANY },
-	{ OID_SHA256, HASH_SHA256, KEY_ANY },
-	{ OID_SHA384, HASH_SHA384, KEY_ANY },
-	{ OID_SHA512, HASH_SHA512, KEY_ANY },
-	{ OID_UNKNOWN, HASH_UNKNOWN, KEY_ANY },
-	{ OID_MD2_WITH_RSA, HASH_MD2, KEY_RSA },
-	{ OID_MD5_WITH_RSA, HASH_MD5, KEY_RSA },
-	{ OID_SHA1_WITH_RSA, HASH_SHA1, KEY_RSA },
-	{ OID_SHA224_WITH_RSA, HASH_SHA224, KEY_RSA },
-	{ OID_SHA256_WITH_RSA, HASH_SHA256, KEY_RSA },
-	{ OID_SHA384_WITH_RSA, HASH_SHA384, KEY_RSA },
-	{ OID_SHA512_WITH_RSA, HASH_SHA512, KEY_RSA },
-	{ OID_UNKNOWN, HASH_UNKNOWN, KEY_RSA },
-	{ OID_ECDSA_WITH_SHA1, HASH_SHA1, KEY_ECDSA },
-	{ OID_ECDSA_WITH_SHA256, HASH_SHA256, KEY_ECDSA },
-	{ OID_ECDSA_WITH_SHA384, HASH_SHA384, KEY_ECDSA },
-	{ OID_ECDSA_WITH_SHA512, HASH_SHA512, KEY_ECDSA },
-	{ OID_BLISS_WITH_SHA256, HASH_SHA256, KEY_BLISS },
-	{ OID_BLISS_WITH_SHA384, HASH_SHA384, KEY_BLISS },
-	{ OID_BLISS_WITH_SHA512, HASH_SHA512, KEY_BLISS },
-	{ OID_UNKNOWN, HASH_UNKNOWN, KEY_ECDSA }
+	{ OID_MD2, HASH_MD2, KEY_ANY },                         /*  0 */
+	{ OID_MD5, HASH_MD5, KEY_ANY },                         /*  1 */
+	{ OID_SHA1, HASH_SHA1, KEY_ANY },                       /*  2 */
+	{ OID_SHA224, HASH_SHA224, KEY_ANY },                   /*  3 */
+	{ OID_SHA256, HASH_SHA256, KEY_ANY },                   /*  4 */
+	{ OID_SHA384, HASH_SHA384, KEY_ANY },                   /*  5 */
+	{ OID_SHA512, HASH_SHA512, KEY_ANY },                   /*  6 */
+	{ OID_SHA3_224, HASH_SHA3_224, KEY_ANY },               /*  7 */
+	{ OID_SHA3_256, HASH_SHA3_256, KEY_ANY },               /*  8 */
+	{ OID_SHA3_384, HASH_SHA3_384, KEY_ANY },               /*  9 */
+	{ OID_SHA3_512, HASH_SHA3_512, KEY_ANY },               /* 10 */
+	{ OID_UNKNOWN, HASH_UNKNOWN, KEY_ANY },                 /* 11 */
+	{ OID_MD2_WITH_RSA, HASH_MD2, KEY_RSA },                /* 12 */
+	{ OID_MD5_WITH_RSA, HASH_MD5, KEY_RSA },                /* 13 */
+	{ OID_SHA1_WITH_RSA, HASH_SHA1, KEY_RSA },              /* 14 */
+	{ OID_SHA224_WITH_RSA, HASH_SHA224, KEY_RSA },          /* 15 */
+	{ OID_SHA256_WITH_RSA, HASH_SHA256, KEY_RSA },          /* 16 */
+	{ OID_SHA384_WITH_RSA, HASH_SHA384, KEY_RSA },          /* 17 */
+	{ OID_SHA512_WITH_RSA, HASH_SHA512, KEY_RSA },          /* 18 */
+	{ OID_UNKNOWN, HASH_UNKNOWN, KEY_RSA },                 /* 19 */
+	{ OID_ECDSA_WITH_SHA1, HASH_SHA1, KEY_ECDSA },          /* 20 */
+	{ OID_ECDSA_WITH_SHA256, HASH_SHA256, KEY_ECDSA },      /* 21 */
+	{ OID_ECDSA_WITH_SHA384, HASH_SHA384, KEY_ECDSA },      /* 22 */
+	{ OID_ECDSA_WITH_SHA512, HASH_SHA512, KEY_ECDSA },      /* 23 */
+	{ OID_UNKNOWN, HASH_UNKNOWN, KEY_ECDSA },               /* 24 */
+	{ OID_BLISS_WITH_SHA2_256, HASH_SHA256, KEY_BLISS },    /* 25 */
+	{ OID_BLISS_WITH_SHA2_384, HASH_SHA384, KEY_BLISS },    /* 26 */
+	{ OID_BLISS_WITH_SHA2_512, HASH_SHA512, KEY_BLISS },    /* 27 */
+	{ OID_BLISS_WITH_SHA3_256, HASH_SHA3_256, KEY_BLISS },  /* 28 */
+	{ OID_BLISS_WITH_SHA3_384, HASH_SHA3_384, KEY_BLISS },  /* 29 */
+	{ OID_BLISS_WITH_SHA3_512, HASH_SHA3_512, KEY_BLISS },  /* 30 */
+	{ OID_UNKNOWN, HASH_UNKNOWN, KEY_BLISS }                /* 31 */
 };
 
 START_TEST(test_hasher_from_oid)
@@ -74,6 +82,44 @@ START_TEST(test_hasher_sig_to_oid)
 END_TEST
 
 typedef struct {
+	signature_scheme_t scheme;
+	hash_algorithm_t alg;
+}hasher_sig_scheme_t;
+
+static hasher_sig_scheme_t sig_schemes[] = {
+	{ SIGN_UNKNOWN,               HASH_UNKNOWN  },
+	{ SIGN_RSA_EMSA_PKCS1_NULL,   HASH_UNKNOWN  },
+	{ SIGN_RSA_EMSA_PKCS1_MD5,    HASH_MD5      },
+	{ SIGN_RSA_EMSA_PKCS1_SHA1,   HASH_SHA1     },
+	{ SIGN_RSA_EMSA_PKCS1_SHA224, HASH_SHA224   },
+	{ SIGN_RSA_EMSA_PKCS1_SHA256, HASH_SHA256   },
+	{ SIGN_RSA_EMSA_PKCS1_SHA384, HASH_SHA384   },
+	{ SIGN_RSA_EMSA_PKCS1_SHA512, HASH_SHA512   },
+	{ SIGN_ECDSA_WITH_SHA1_DER,   HASH_SHA1     },
+	{ SIGN_ECDSA_WITH_SHA256_DER, HASH_SHA256   },
+	{ SIGN_ECDSA_WITH_SHA384_DER, HASH_SHA384   },
+	{ SIGN_ECDSA_WITH_SHA512_DER, HASH_SHA512   },
+	{ SIGN_ECDSA_WITH_NULL,       HASH_UNKNOWN  },
+	{ SIGN_ECDSA_256,             HASH_SHA256   },
+	{ SIGN_ECDSA_384,             HASH_SHA384   },
+	{ SIGN_ECDSA_521,             HASH_SHA512   },
+	{ SIGN_BLISS_WITH_SHA2_256,   HASH_SHA256   },
+	{ SIGN_BLISS_WITH_SHA2_384,   HASH_SHA384   },
+	{ SIGN_BLISS_WITH_SHA2_512,   HASH_SHA512   },
+	{ SIGN_BLISS_WITH_SHA3_256,   HASH_SHA3_256 },
+	{ SIGN_BLISS_WITH_SHA3_384,   HASH_SHA3_384 },
+	{ SIGN_BLISS_WITH_SHA3_512,   HASH_SHA3_512 },
+	{ 30,						  HASH_UNKNOWN  }
+};
+
+START_TEST(test_hasher_from_sig_scheme)
+{
+	ck_assert(hasher_from_signature_scheme(sig_schemes[_i].scheme) ==
+										   sig_schemes[_i].alg);
+}
+END_TEST
+
+typedef struct {
 	pseudo_random_function_t prf;
 	hash_algorithm_t alg;
 }hasher_prf_t;
@@ -157,6 +203,35 @@ START_TEST(test_hasher_to_integrity)
 }
 END_TEST
 
+
+typedef struct {
+	hash_algorithm_t alg;
+	bool ikev2;
+}hasher_ikev2_t;
+
+static hasher_ikev2_t ikev2[] = {
+	{ HASH_SHA1,     TRUE  },
+	{ HASH_SHA256,   TRUE  },
+	{ HASH_SHA384,   TRUE  },
+	{ HASH_SHA512,   TRUE  },
+	{ HASH_UNKNOWN,  FALSE },
+	{ HASH_MD2,      FALSE },
+	{ HASH_MD4,      FALSE },
+	{ HASH_MD5,      FALSE },
+	{ HASH_SHA224,   FALSE },
+	{ HASH_SHA3_224, FALSE },
+	{ HASH_SHA3_256, FALSE },
+	{ HASH_SHA3_384, FALSE },
+	{ HASH_SHA3_512, FALSE },
+	{ 30,            FALSE }
+};
+
+START_TEST(test_hasher_for_ikev2)
+{
+	ck_assert(hasher_algorithm_for_ikev2(ikev2[_i].alg) == ikev2[_i].ikev2);
+}
+END_TEST
+
 Suite *hasher_suite_create()
 {
 	Suite *s;
@@ -169,11 +244,15 @@ Suite *hasher_suite_create()
 	suite_add_tcase(s, tc);
 
 	tc = tcase_create("to_oid");
-	tcase_add_loop_test(tc, test_hasher_to_oid, 0, 8);
+	tcase_add_loop_test(tc, test_hasher_to_oid, 0, 12);
 	suite_add_tcase(s, tc);
 
 	tc = tcase_create("sig_to_oid");
-	tcase_add_loop_test(tc, test_hasher_sig_to_oid, 7, countof(oids));
+	tcase_add_loop_test(tc, test_hasher_sig_to_oid, 11, countof(oids));
+	suite_add_tcase(s, tc);
+
+	tc = tcase_create("from_sig_scheme");
+	tcase_add_loop_test(tc, test_hasher_from_sig_scheme, 0, countof(sig_schemes));
 	suite_add_tcase(s, tc);
 
 	tc = tcase_create("from_prf");
@@ -188,5 +267,9 @@ Suite *hasher_suite_create()
 	tcase_add_loop_test(tc, test_hasher_to_integrity, 0, 17);
 	suite_add_tcase(s, tc);
 
+	tc = tcase_create("for_ikev2");
+	tcase_add_loop_test(tc, test_hasher_for_ikev2, 0, countof(ikev2));
+	suite_add_tcase(s, tc);
+
 	return s;
 }
diff --git a/src/libstrongswan/tests/suites/test_identification.c b/src/libstrongswan/tests/suites/test_identification.c
index ff14ba897..9554d2919 100644
--- a/src/libstrongswan/tests/suites/test_identification.c
+++ b/src/libstrongswan/tests/suites/test_identification.c
@@ -550,6 +550,7 @@ START_TEST(test_matches)
 	a = identification_create_from_string("C=CH, E=moon@strongswan.org, CN=moon");
 
 	ck_assert(id_matches(a, "C=CH, E=moon@strongswan.org, CN=moon", ID_MATCH_PERFECT));
+	ck_assert(id_matches(a, "C=CH, E=*@strongswan.org, CN=moon", ID_MATCH_NONE));
 	ck_assert(id_matches(a, "C=CH, E=*, CN=moon", ID_MATCH_ONE_WILDCARD));
 	ck_assert(id_matches(a, "C=CH, E=*, CN=*", ID_MATCH_ONE_WILDCARD - 1));
 	ck_assert(id_matches(a, "C=*, E=*, CN=*", ID_MATCH_ONE_WILDCARD - 2));
diff --git a/src/libstrongswan/tests/suites/test_settings.c b/src/libstrongswan/tests/suites/test_settings.c
index bead9d795..5ddd0bb9a 100644
--- a/src/libstrongswan/tests/suites/test_settings.c
+++ b/src/libstrongswan/tests/suites/test_settings.c
@@ -317,6 +317,26 @@ START_TEST(test_set_int)
 }
 END_TEST
 
+START_TEST(test_value_as_unit64)
+{
+	test_int_eq(1, settings_value_as_uint64(NULL, 1));
+	test_int_eq(1, settings_value_as_uint64("", 1));
+	test_int_eq(1, settings_value_as_uint64("2a", 1));
+	test_int_eq(1, settings_value_as_uint64("a2", 1));
+	test_int_eq(1, settings_value_as_uint64("2.0", 1));
+
+	test_int_eq(10, settings_value_as_uint64("10", 0));
+	test_int_eq(10, settings_value_as_uint64("010", 0));
+	test_int_eq(16, settings_value_as_uint64("0x010", 0));
+	test_int_eq(0x2a, settings_value_as_uint64("0x2a", 0));
+
+	test_int_eq(0xffffffffffffffffLL, settings_value_as_uint64("0xffffffffffffffff", 0));
+	test_int_eq(0xffffffff00000000LL, settings_value_as_uint64("0xffffffff00000000", 0));
+	test_int_eq(0xffffffff00000000LL, settings_value_as_uint64("18446744069414584320", 0));
+	test_int_eq(0xffffffff00000001LL, settings_value_as_uint64("18446744069414584321", 0));
+}
+END_TEST
+
 START_SETUP(setup_double_config)
 {
 	create_settings(chunk_from_str(
@@ -1158,6 +1178,10 @@ Suite *settings_suite_create()
 	tcase_add_test(tc, test_set_int);
 	suite_add_tcase(s, tc);
 
+	tc = tcase_create("settings_value_as_uint64");
+	tcase_add_test(tc, test_value_as_unit64);
+	suite_add_tcase(s, tc);
+
 	tc = tcase_create("get/set_double");
 	tcase_add_checked_fixture(tc, setup_double_config, teardown_config);
 	tcase_add_test(tc, test_get_double);
diff --git a/src/libstrongswan/tests/suites/test_traffic_selector.c b/src/libstrongswan/tests/suites/test_traffic_selector.c
index bec32d2d8..5c0fb754d 100644
--- a/src/libstrongswan/tests/suites/test_traffic_selector.c
+++ b/src/libstrongswan/tests/suites/test_traffic_selector.c
@@ -770,17 +770,17 @@ START_TEST(test_printf_hook_hash)
 	list = linked_list_create_with_items(
 				traffic_selector_create_from_cidr("10.1.0.0/16", 0, 0, 65535),
 				NULL);
-	verify_list("10.1.0.0/16 ", NULL, list);
+	verify_list("10.1.0.0/16", NULL, list);
 	list = linked_list_create_with_items(
 				traffic_selector_create_from_cidr("10.1.0.0/16", 0, 0, 65535),
 				traffic_selector_create_from_cidr("10.1.0.1/32", IPPROTO_UDP, 1234, 1235),
 				NULL);
-	verify_list("10.1.0.0/16 10.1.0.1/32[udp/1234-1235] ", "10.1.0.0/16 10.1.0.1/32[17/1234-1235] ", list);
+	verify_list("10.1.0.0/16 10.1.0.1/32[udp/1234-1235]", "10.1.0.0/16 10.1.0.1/32[17/1234-1235]", list);
 	list = linked_list_create_with_items(
 				traffic_selector_create_from_cidr("10.1.0.0/16", 0, 0, 65535),
 				traffic_selector_create_from_string(IPPROTO_UDP, TS_IPV4_ADDR_RANGE, "10.1.0.1", 1234, "10.1.0.99", 1235),
 				NULL);
-	verify_list("10.1.0.0/16 10.1.0.1..10.1.0.99[udp/1234-1235] ", "10.1.0.0/16 10.1.0.1..10.1.0.99[17/1234-1235] ", list);
+	verify_list("10.1.0.0/16 10.1.0.1..10.1.0.99[udp/1234-1235]", "10.1.0.0/16 10.1.0.1..10.1.0.99[17/1234-1235]", list);
 }
 END_TEST
 
diff --git a/src/libstrongswan/tests/suites/test_utils.c b/src/libstrongswan/tests/suites/test_utils.c
index b38f2cb52..104b0b2c0 100644
--- a/src/libstrongswan/tests/suites/test_utils.c
+++ b/src/libstrongswan/tests/suites/test_utils.c
@@ -789,9 +789,9 @@ static struct {
 	{KEY_ECDSA,  256, { SIGN_ECDSA_WITH_SHA256_DER, SIGN_ECDSA_WITH_SHA384_DER, SIGN_ECDSA_WITH_SHA512_DER, SIGN_UNKNOWN }},
 	{KEY_ECDSA,  384, { SIGN_ECDSA_WITH_SHA384_DER, SIGN_ECDSA_WITH_SHA512_DER, SIGN_UNKNOWN }},
 	{KEY_ECDSA,  512, { SIGN_ECDSA_WITH_SHA512_DER, SIGN_UNKNOWN }},
-	{KEY_BLISS,  128, { SIGN_BLISS_WITH_SHA256, SIGN_BLISS_WITH_SHA384, SIGN_BLISS_WITH_SHA512, SIGN_UNKNOWN }},
-	{KEY_BLISS,  192, { SIGN_BLISS_WITH_SHA384, SIGN_BLISS_WITH_SHA512, SIGN_UNKNOWN }},
-	{KEY_BLISS,  256, { SIGN_BLISS_WITH_SHA512, SIGN_UNKNOWN }},
+	{KEY_BLISS,  128, { SIGN_BLISS_WITH_SHA2_256, SIGN_BLISS_WITH_SHA2_384, SIGN_BLISS_WITH_SHA2_512, SIGN_UNKNOWN }},
+	{KEY_BLISS,  192, { SIGN_BLISS_WITH_SHA2_384, SIGN_BLISS_WITH_SHA2_512, SIGN_UNKNOWN }},
+	{KEY_BLISS,  256, { SIGN_BLISS_WITH_SHA2_512, SIGN_UNKNOWN }},
 };
 
 START_TEST(test_signature_schemes_for_key)