11 files changed, 1460 insertions, 0 deletions
diff --git a/src/charon/plugins/unit_tester/tests/test_aes.c b/src/charon/plugins/unit_tester/tests/test_aes.c
new file mode 100644
index 000000000..06e891d83
--- /dev/null
+++ b/src/charon/plugins/unit_tester/tests/test_aes.c
@@ -0,0 +1,467 @@
+/*
+ * Copyright (C) 2008 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <daemon.h>
+#include <library.h>
+#include <utils/mutex.h>
+
+#include <unistd.h>
+#include <sched.h>
+#include <pthread.h>
+
+/**
+ * run a test using given values
+ */
+static bool do_aes_test(u_char *key, int keysize, u_char *iv, 
+						u_char *plain, u_char *cipher, int len)
+{
+	crypter_t *crypter;
+	chunk_t enc, dec;
+	bool good = TRUE;
+	
+	crypter = lib->crypto->create_crypter(lib->crypto, ENCR_AES_CBC, keysize);
+	if (!crypter)
+	{
+		return FALSE;
+	}
+	crypter->set_key(crypter, chunk_create(key, keysize));
+	crypter->encrypt(crypter,
+					 chunk_create(plain, len), chunk_create(iv, 16), &enc);
+	if (!memeq(enc.ptr, cipher, len))
+	{
+		good = FALSE;
+	}
+	crypter->decrypt(crypter, enc, chunk_create(iv, 16), &dec);
+	if (!memeq(dec.ptr, plain, len))
+	{
+		good = FALSE;
+	}
+	free(enc.ptr);
+	free(dec.ptr);
+	crypter->destroy(crypter);
+	return good;
+}
+
+/*******************************************************************************
+ * AES-128 test
+ ******************************************************************************/
+bool test_aes128()
+{
+	/*
+	 * Test 1 of RFC3602
+	 * Key       : 0x06a9214036b8a15b512e03d534120006
+	 * IV        : 0x3dafba429d9eb430b422da802c9fac41
+	 * Plaintext : "Single block msg"
+	 * Ciphertext: 0xe353779c1079aeb82708942dbe77181a	
+	 */
+	u_char key1[] = {
+		0x06,0xa9,0x21,0x40,0x36,0xb8,0xa1,0x5b,
+		0x51,0x2e,0x03,0xd5,0x34,0x12,0x00,0x06
+	};
+	u_char iv1[] = {
+		0x3d,0xaf,0xba,0x42,0x9d,0x9e,0xb4,0x30,
+		0xb4,0x22,0xda,0x80,0x2c,0x9f,0xac,0x41
+	};
+	u_char plain1[] = {
+		'S','i','n','g','l','e',' ','b','l','o','c','k',' ','m','s','g'
+	};
+	u_char cipher1[] = {
+		0xe3,0x53,0x77,0x9c,0x10,0x79,0xae,0xb8,
+		0x27,0x08,0x94,0x2d,0xbe,0x77,0x18,0x1a
+	};
+	if (!do_aes_test(key1, 16, iv1, plain1, cipher1, sizeof(plain1)))
+	{
+		return FALSE;
+	}
+	
+	/*
+	 * Test 2 of RFC3602
+	 * Key       : 0xc286696d887c9aa0611bbb3e2025a45a
+	 * IV        : 0x562e17996d093d28ddb3ba695a2e6f58
+	 * Plaintext : 0x000102030405060708090a0b0c0d0e0f
+	 *              101112131415161718191a1b1c1d1e1f
+	 * Ciphertext: 0xd296cd94c2cccf8a3a863028b5e1dc0a
+     *		        7586602d253cfff91b8266bea6d61ab1	
+	 */
+	u_char key2[] = {
+		0xc2,0x86,0x69,0x6d,0x88,0x7c,0x9a,0xa0,
+		0x61,0x1b,0xbb,0x3e,0x20,0x25,0xa4,0x5a
+	};
+	u_char iv2[] = {
+		0x56,0x2e,0x17,0x99,0x6d,0x09,0x3d,0x28,
+		0xdd,0xb3,0xba,0x69,0x5a,0x2e,0x6f,0x58
+	};
+	u_char plain2[] = {
+		0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
+		0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,
+		0x10,0x11,0x12,0x13,0x14,0x15,0x16,0x17,
+		0x18,0x19,0x1a,0x1b,0x1c,0x1d,0x1e,0x1f
+	};
+	u_char cipher2[] = {
+		0xd2,0x96,0xcd,0x94,0xc2,0xcc,0xcf,0x8a,
+		0x3a,0x86,0x30,0x28,0xb5,0xe1,0xdc,0x0a,
+		0x75,0x86,0x60,0x2d,0x25,0x3c,0xff,0xf9,
+		0x1b,0x82,0x66,0xbe,0xa6,0xd6,0x1a,0xb1
+	};
+	if (!do_aes_test(key2, 16, iv2, plain2, cipher2, sizeof(plain2)))
+	{
+		return FALSE;
+	}
+	 
+	/*
+	 * Test 3 of RFC3603
+	 * Key       : 0x56e47a38c5598974bc46903dba290349
+	 * IV        : 0x8ce82eefbea0da3c44699ed7db51b7d9
+	 * Plaintext : 0xa0a1a2a3a4a5a6a7a8a9aaabacadaeaf
+     *		       b0b1b2b3b4b5b6b7b8b9babbbcbdbebf
+     *             c0c1c2c3c4c5c6c7c8c9cacbcccdcecf
+     *             d0d1d2d3d4d5d6d7d8d9dadbdcdddedf
+	 * Ciphertext: 0xc30e32ffedc0774e6aff6af0869f71aa
+     *             0f3af07a9a31a9c684db207eb0ef8e4e
+     *             35907aa632c3ffdf868bb7b29d3d46ad
+     *             83ce9f9a102ee99d49a53e87f4c3da55	
+	 */
+	u_char key3[] = {
+		0x56,0xe4,0x7a,0x38,0xc5,0x59,0x89,0x74,
+		0xbc,0x46,0x90,0x3d,0xba,0x29,0x03,0x49
+	};
+	u_char iv3[] = {
+		0x8c,0xe8,0x2e,0xef,0xbe,0xa0,0xda,0x3c,
+		0x44,0x69,0x9e,0xd7,0xdb,0x51,0xb7,0xd9
+	};
+	u_char plain3[] = {
+		0xa0,0xa1,0xa2,0xa3,0xa4,0xa5,0xa6,0xa7,
+		0xa8,0xa9,0xaa,0xab,0xac,0xad,0xae,0xaf,
+		0xb0,0xb1,0xb2,0xb3,0xb4,0xb5,0xb6,0xb7,
+		0xb8,0xb9,0xba,0xbb,0xbc,0xbd,0xbe,0xbf,
+		0xc0,0xc1,0xc2,0xc3,0xc4,0xc5,0xc6,0xc7,
+		0xc8,0xc9,0xca,0xcb,0xcc,0xcd,0xce,0xcf,
+		0xd0,0xd1,0xd2,0xd3,0xd4,0xd5,0xd6,0xd7,
+		0xd8,0xd9,0xda,0xdb,0xdc,0xdd,0xde,0xdf
+	};
+	u_char cipher3[] = {
+		0xc3,0x0e,0x32,0xff,0xed,0xc0,0x77,0x4e,
+		0x6a,0xff,0x6a,0xf0,0x86,0x9f,0x71,0xaa,
+		0x0f,0x3a,0xf0,0x7a,0x9a,0x31,0xa9,0xc6,
+		0x84,0xdb,0x20,0x7e,0xb0,0xef,0x8e,0x4e,
+		0x35,0x90,0x7a,0xa6,0x32,0xc3,0xff,0xdf,
+		0x86,0x8b,0xb7,0xb2,0x9d,0x3d,0x46,0xad,
+		0x83,0xce,0x9f,0x9a,0x10,0x2e,0xe9,0x9d,
+		0x49,0xa5,0x3e,0x87,0xf4,0xc3,0xda,0x55
+	};
+	if (!do_aes_test(key3, 16, iv3, plain3, cipher3, sizeof(plain3)))
+	{
+		return FALSE;
+	}
+	return TRUE;
+}
+
+/**
+ * run a single xcbc test for prf and signer
+ */
+static bool do_xcbc_test(u_int8_t *key, size_t keylen, u_int8_t *mac,
+						 u_int8_t *plain, size_t len)
+{
+	signer_t *signer;
+	prf_t *prf;
+	u_int8_t res[16];
+	
+	prf = lib->crypto->create_prf(lib->crypto, PRF_AES128_XCBC);
+	if (!prf)
+	{
+		return FALSE;
+	}
+	prf->set_key(prf, chunk_create(key, keylen));
+	prf->get_bytes(prf, chunk_create(plain, len), res);
+	if (!memeq(res, mac, 16))
+	{
+		DBG1(DBG_CFG, "expected %b\ngot %b", mac, 16, res, 16);
+		prf->destroy(prf);
+		return FALSE;
+	}
+	prf->destroy(prf);
+	
+	signer = lib->crypto->create_signer(lib->crypto, AUTH_AES_XCBC_96);
+	if (!signer)
+	{
+		return FALSE;
+	}
+	signer->set_key(signer, chunk_create(key, keylen));
+	if (!signer->verify_signature(signer, chunk_create(plain, len),
+								  chunk_create(mac, 12)))
+	{
+		return FALSE;
+	}
+	signer->destroy(signer);
+	return TRUE;
+}
+
+
+/*******************************************************************************
+ * AES_XCBC mac test
+ ******************************************************************************/
+bool test_aes_xcbc()
+{
+	/*  Vectors from RFC 3566 */
+
+	/* Test Case #1   : AES-XCBC-MAC-96 with 0-byte input
+	 * Key (K)        : 000102030405060708090a0b0c0d0e0f
+	 * Message (M)    : <empty string>
+	 * AES-XCBC-MAC   : 75f0251d528ac01c4573dfd584d79f29
+	 * AES-XCBC-MAC-96: 75f0251d528ac01c4573dfd5
+	 */
+	u_char key1[] = {
+		0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
+		0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f
+	};
+	u_char plain1[] = {
+	};
+	u_char mac1[] = {
+		0x75,0xf0,0x25,0x1d,0x52,0x8a,0xc0,0x1c,
+		0x45,0x73,0xdf,0xd5,0x84,0xd7,0x9f,0x29
+	};
+	if (!do_xcbc_test(key1, 16,  mac1, plain1, sizeof(plain1)))
+	{
+		return FALSE;
+	}
+	
+	/*
+	 * Test Case #2   : AES-XCBC-MAC-96 with 3-byte input
+	 * Key (K)        : 000102030405060708090a0b0c0d0e0f
+	 * Message (M)    : 000102
+	 * AES-XCBC-MAC   : 5b376580ae2f19afe7219ceef172756f
+	 * AES-XCBC-MAC-96: 5b376580ae2f19afe7219cee
+	 */
+	u_char key2[] = {
+		0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
+		0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f
+	};
+	u_char plain2[] = {
+		0x00,0x01,0x02
+	};
+	u_char mac2[] = {
+		0x5b,0x37,0x65,0x80,0xae,0x2f,0x19,0xaf,
+		0xe7,0x21,0x9c,0xee,0xf1,0x72,0x75,0x6f
+	};
+	if (!do_xcbc_test(key2, 16,  mac2, plain2, sizeof(plain2)))
+	{
+		return FALSE;
+	}
+
+	/* Test Case #3   : AES-XCBC-MAC-96 with 16-byte input
+	 * Key (K)        : 000102030405060708090a0b0c0d0e0f
+	 * Message (M)    : 000102030405060708090a0b0c0d0e0f
+	 * AES-XCBC-MAC   : d2a246fa349b68a79998a4394ff7a263
+	 * AES-XCBC-MAC-96: d2a246fa349b68a79998a439
+	 */
+	u_char key3[] = {
+		0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
+		0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f
+	};
+	u_char plain3[] = {
+		0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
+		0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f
+	};
+	u_char mac3[] = {
+		0xd2,0xa2,0x46,0xfa,0x34,0x9b,0x68,0xa7,
+		0x99,0x98,0xa4,0x39,0x4f,0xf7,0xa2,0x63
+	};
+	if (!do_xcbc_test(key3, 16,  mac3, plain3, sizeof(plain3)))
+	{
+		return FALSE;
+	}
+
+	/* Test Case #4   : AES-XCBC-MAC-96 with 20-byte input
+	 * Key (K)        : 000102030405060708090a0b0c0d0e0f
+	 * Message (M)    : 000102030405060708090a0b0c0d0e0f10111213
+	 * AES-XCBC-MAC   : 47f51b4564966215b8985c63055ed308
+	 * AES-XCBC-MAC-96: 47f51b4564966215b8985c63
+	 */
+	u_char key4[] = {
+		0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
+		0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f
+	};
+	u_char plain4[] = {
+		0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
+		0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,
+		0x10,0x11,0x12,0x13
+	};
+	u_char mac4[] = {
+		0x47,0xf5,0x1b,0x45,0x64,0x96,0x62,0x15,
+		0xb8,0x98,0x5c,0x63,0x05,0x5e,0xd3,0x08
+	};
+	if (!do_xcbc_test(key4, 16,  mac4, plain4, sizeof(plain4)))
+	{
+		return FALSE;
+	}
+
+	/* Test Case #5   : AES-XCBC-MAC-96 with 32-byte input
+	 * Key (K)        : 000102030405060708090a0b0c0d0e0f
+	 * Message (M)    : 000102030405060708090a0b0c0d0e0f10111213141516171819
+	 * 	                1a1b1c1d1e1f
+	 * AES-XCBC-MAC   : f54f0ec8d2b9f3d36807734bd5283fd4
+	 * AES-XCBC-MAC-96: f54f0ec8d2b9f3d36807734b
+	 */
+	u_char key5[] = {
+		0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
+		0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f
+	};
+	u_char plain5[] = {
+		0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
+		0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,
+		0x10,0x11,0x12,0x13,0x14,0x15,0x16,0x17,
+		0x18,0x19,0x1a,0x1b,0x1c,0x1d,0x1e,0x1f
+	};
+	u_char mac5[] = {
+		0xf5,0x4f,0x0e,0xc8,0xd2,0xb9,0xf3,0xd3,
+		0x68,0x07,0x73,0x4b,0xd5,0x28,0x3f,0xd4
+	};
+	if (!do_xcbc_test(key5, 16,  mac5, plain5, sizeof(plain5)))
+	{
+		return FALSE;
+	}
+	
+	/* Test Case #7   : AES-XCBC-MAC-96 with 1000-byte input
+	 * Key (K)        : 000102030405060708090a0b0c0d0e0f
+	 * Message (M)    : 00000000000000000000 ... 00000000000000000000
+	 *                  [1000 bytes]
+	 * AES-XCBC-MAC   : f0dafee895db30253761103b5d84528f
+	 * AES-XCBC-MAC-96: f0dafee895db30253761103b
+	 */
+	u_char key7[] = {
+		0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
+		0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f
+	};
+	u_char plain7[1000];
+	memset(plain7, 0, 1000);
+	u_char mac7[] = {
+		0xf0,0xda,0xfe,0xe8,0x95,0xdb,0x30,0x25,
+		0x37,0x61,0x10,0x3b,0x5d,0x84,0x52,0x8f
+	};
+	if (!do_xcbc_test(key7, 16, mac7, plain7, sizeof(plain7)))
+	{
+		return FALSE;
+	}
+	
+	/* variable key test, RFC4434 */
+	
+	/* Test Case AES-XCBC-PRF-128 with 20-byte input
+	 * Key        : 00010203040506070809
+	 * Message    : 000102030405060708090a0b0c0d0e0f10111213
+	 * PRF Output : 0fa087af7d866e7653434e602fdde835
+	 */
+	u_char key8[] = {
+		0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
+		0x08,0x09,
+	};
+	u_char plain8[] = {
+		0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
+		0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,
+		0x10,0x11,0x12,0x13
+	};
+	u_char mac8[] = {
+		0x0f,0xa0,0x87,0xaf,0x7d,0x86,0x6e,0x76,
+		0x53,0x43,0x4e,0x60,0x2f,0xdd,0xe8,0x35
+	};
+	if (!do_xcbc_test(key8, 10, mac8, plain8, sizeof(plain8)))
+	{
+		return FALSE;
+	}
+
+	/* Test Case AES-XCBC-PRF-128 with 20-byte input
+	 * Key        : 000102030405060708090a0b0c0d0e0fedcb
+	 * Message    : 000102030405060708090a0b0c0d0e0f10111213
+	 * PRF Output : 8cd3c93ae598a9803006ffb67c40e9e4
+	 */
+	u_char key9[] = {
+		0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
+		0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,
+		0xed,0xcb
+	};
+	u_char plain9[] = {
+		0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
+		0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,
+		0x10,0x11,0x12,0x13
+	};
+	u_char mac9[] = {
+		0x8c,0xd3,0xc9,0x3a,0xe5,0x98,0xa9,0x80,
+		0x30,0x06,0xff,0xb6,0x7c,0x40,0xe9,0xe4
+	};
+	if (!do_xcbc_test(key9, 18, mac9, plain9, sizeof(plain9)))
+	{
+		return FALSE;
+	}
+	
+	
+	/* Test Case #10  : AES-XCBC-MAC-96 with 32-byte input using append mode
+	 * Key (K)        : 000102030405060708090a0b0c0d0e0f
+	 * Message (M)    : 000102030405060708090a0b0c0d0e0f10111213141516171819
+	 * 	                1a1b1c1d1e1f
+	 * AES-XCBC-MAC   : f54f0ec8d2b9f3d36807734bd5283fd4
+	 * AES-XCBC-MAC-96: f54f0ec8d2b9f3d36807734b
+	 */
+	u_char key10[] = {
+		0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
+		0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f
+	};
+	u_char plain10[] = {
+		0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
+		0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,
+		0x10,0x11,0x12,0x13,0x14,0x15,0x16,0x17,
+		0x18,0x19,0x1a,0x1b,0x1c,0x1d,0x1e,0x1f
+	};
+	u_char mac10[] = {
+		0xf5,0x4f,0x0e,0xc8,0xd2,0xb9,0xf3,0xd3,
+		0x68,0x07,0x73,0x4b,0xd5,0x28,0x3f,0xd4
+	};
+	int i;
+	prf_t *prf = lib->crypto->create_prf(lib->crypto, PRF_AES128_XCBC);
+	u_char res[16];
+	if (!prf)
+	{
+		return FALSE;
+	}
+	prf->set_key(prf, chunk_create(key10, sizeof(key10)));
+	for (i = 0; i < 4; i++)
+	{	/* bytes 0 - 3, 1 byte at once */
+		prf->get_bytes(prf, chunk_create(plain10 + i, 1), NULL);
+	}
+	for (i = 4; i < 5; i+=8)
+	{	/* bytes 4 - 11, at once */
+		prf->get_bytes(prf, chunk_create(plain10 + i, 8), NULL);
+	}
+	for (i = 12; i < 24; i+=4)
+	{	/* bytes 12 - 23, in blocks of 4 */
+		prf->get_bytes(prf, chunk_create(plain10 + i, 4), NULL);
+	}
+	for (i = 0; i < 4; i++)
+	{	/* 4 zero blobs */
+		prf->get_bytes(prf, chunk_create(NULL, 0), NULL);
+	}
+	for (i = 24; i < 25; i+=8)
+	{	/* bytes 24 - 32, at once */
+		prf->get_bytes(prf, chunk_create(plain10 + i, 8), res);
+	}
+	if (!memeq(res, mac10, 16))
+	{
+		DBG1(DBG_CFG, "expected %b\ngot %b", mac10, 16, res, 16);
+		prf->destroy(prf);
+		return FALSE;
+	}
+	prf->destroy(prf);
+	
+	return TRUE; 
+}
+
diff --git a/src/charon/plugins/unit_tester/tests/test_auth_info.c b/src/charon/plugins/unit_tester/tests/test_auth_info.c
new file mode 100644
index 000000000..2640c951c
--- /dev/null
+++ b/src/charon/plugins/unit_tester/tests/test_auth_info.c
@@ -0,0 +1,142 @@
+/*
+ * Copyright (C) 2007 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <daemon.h>
+#include <library.h>
+#include <credentials/auth_info.h>
+
+
+char buf[] = {0x01,0x02,0x03,0x04};
+chunk_t chunk = chunk_from_buf(buf);
+char certbuf[] = {
+	0x30,0x82,0x02,0xfa,0x30,0x82,0x01,0xe2,0xa0,0x03,0x02,0x01,0x02,0x02,0x10,0x5a,
+	0xf2,0x65,0xae,0x78,0xff,0x23,0xde,0xf7,0xa6,0xa3,0x94,0x8c,0x3f,0xa0,0xc1,0x30,
+	0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x30,0x39,
+	0x31,0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x43,0x48,0x31,0x19,0x30,
+	0x17,0x06,0x03,0x55,0x04,0x0a,0x13,0x10,0x4c,0x69,0x6e,0x75,0x78,0x20,0x73,0x74,
+	0x72,0x6f,0x6e,0x67,0x53,0x77,0x61,0x6e,0x31,0x0f,0x30,0x0d,0x06,0x03,0x55,0x04,
+	0x03,0x13,0x06,0x6d,0x61,0x72,0x74,0x69,0x6e,0x30,0x1e,0x17,0x0d,0x30,0x37,0x30,
+	0x34,0x32,0x37,0x30,0x37,0x31,0x34,0x32,0x36,0x5a,0x17,0x0d,0x31,0x32,0x30,0x34,
+	0x32,0x35,0x30,0x37,0x31,0x34,0x32,0x36,0x5a,0x30,0x39,0x31,0x0b,0x30,0x09,0x06,
+	0x03,0x55,0x04,0x06,0x13,0x02,0x43,0x48,0x31,0x19,0x30,0x17,0x06,0x03,0x55,0x04,
+	0x0a,0x13,0x10,0x4c,0x69,0x6e,0x75,0x78,0x20,0x73,0x74,0x72,0x6f,0x6e,0x67,0x53,
+	0x77,0x61,0x6e,0x31,0x0f,0x30,0x0d,0x06,0x03,0x55,0x04,0x03,0x13,0x06,0x6d,0x61,
+	0x72,0x74,0x69,0x6e,0x30,0x82,0x01,0x22,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,
+	0xf7,0x0d,0x01,0x01,0x01,0x05,0x00,0x03,0x82,0x01,0x0f,0x00,0x30,0x82,0x01,0x0a,
+	0x02,0x82,0x01,0x01,0x00,0xd7,0xb9,0xba,0x4d,0xe2,0x3b,0x3d,0x35,0x7a,0x3f,0x88,
+	0x67,0x95,0xe7,0xfd,0x9f,0xe9,0x0a,0x0d,0x79,0x3a,0x9e,0x21,0x8f,0xcb,0xe4,0x67,
+	0x24,0xae,0x0c,0xda,0xb3,0xcc,0xec,0x36,0xb4,0xa8,0x4d,0xf1,0x3d,0xad,0xe4,0x8c,
+	0x63,0x92,0x54,0xb7,0xb2,0x02,0xa2,0x00,0x62,0x8b,0x04,0xac,0xa0,0x17,0xad,0x17,
+	0x9a,0x05,0x0d,0xd7,0xb3,0x08,0x02,0xc5,0x26,0xcf,0xdd,0x05,0x42,0xfc,0x13,0x6d,
+	0x9f,0xb1,0xf3,0x4f,0x82,0x1d,0xef,0x01,0xc9,0x91,0xea,0x37,0x1b,0x79,0x28,0xfa,
+	0xbf,0x9f,0xb3,0xeb,0x82,0x4f,0x10,0xc6,0x4b,0xa4,0x08,0xf7,0x8e,0xf2,0x00,0xea,
+	0x04,0x97,0x80,0x9f,0x65,0x86,0xde,0x6b,0xc7,0xda,0x83,0xfc,0xad,0x4a,0xaf,0x52,
+	0x8b,0x4d,0x33,0xee,0x49,0x87,0x2f,0x3b,0x60,0x45,0x66,0x8f,0xe6,0x89,0xcc,0xb1,
+	0x92,0x02,0x17,0x2b,0x7b,0x8e,0x90,0x47,0x84,0x84,0x59,0x95,0x81,0xd8,0xe0,0xf3,
+	0x87,0xe0,0x04,0x09,0xfd,0xcc,0x3a,0x21,0x34,0xfa,0xec,0xbe,0xf5,0x9c,0xcf,0x55,
+	0x80,0x7b,0xe3,0x75,0x9d,0x36,0x68,0xab,0x83,0xe3,0xad,0x01,0x53,0x0d,0x8a,0x9a,
+	0xa6,0xb0,0x15,0xc9,0xc5,0xf8,0x9b,0x51,0x32,0xcf,0x97,0x6c,0xfe,0x4a,0x56,0x3c,
+	0xc8,0x8f,0x4a,0x70,0x23,0x4f,0xf6,0xf7,0xe6,0x9f,0x09,0xcd,0x8f,0xea,0x20,0x7d,
+	0x34,0xc0,0xc5,0xc0,0x34,0x06,0x6f,0x8b,0xeb,0x04,0x54,0x3f,0x0e,0xcd,0xe2,0x85,
+	0xab,0x94,0x3e,0x91,0x6c,0x18,0x6f,0x96,0x5d,0xf2,0x8b,0x10,0xe9,0x90,0x43,0xb0,
+	0x61,0x52,0xac,0xcf,0x75,0x02,0x03,0x01,0x00,0x01,0x30,0x0d,0x06,0x09,0x2a,0x86,
+	0x48,0x86,0xf7,0x0d,0x01,0x01,0x05,0x05,0x00,0x03,0x82,0x01,0x01,0x00,0x09,0x63,
+	0x42,0xad,0xe5,0xa3,0xf6,0xc9,0x5d,0x08,0xf2,0x78,0x7b,0xeb,0x8a,0xef,0x50,0x00,
+	0xc8,0xeb,0xe9,0x26,0x94,0xcb,0x84,0x10,0x7e,0x42,0x6b,0x86,0x38,0x57,0xa6,0x02,
+	0x98,0x5a,0x2c,0x8f,0x44,0x32,0x1b,0x97,0x8c,0x7e,0x4b,0xd8,0xe8,0xe8,0x0f,0x4a,
+	0xb9,0x31,0x9f,0xf6,0x9f,0x0e,0x67,0x26,0x05,0x2a,0x99,0x14,0x35,0x41,0x47,0x9a,
+	0xfa,0x12,0x94,0x0b,0xe9,0x27,0x7c,0x71,0x20,0xd7,0x8d,0x3b,0x97,0x19,0x2d,0x15,
+	0xff,0xa4,0xf3,0x89,0x8d,0x29,0x5f,0xf6,0x3f,0x93,0xaf,0x78,0x61,0xe4,0xe1,0x2e,
+	0x75,0xc1,0x2c,0xc4,0x76,0x95,0x19,0xf8,0x37,0xdc,0xd8,0x00,0x7a,0x3c,0x0f,0x49,
+	0x2e,0x88,0x09,0x16,0xb3,0x92,0x33,0xdf,0x77,0x83,0x4f,0xb5,0x9e,0x30,0x8c,0x48,
+	0x1d,0xd8,0x84,0xfb,0xf1,0xb9,0xa0,0xbe,0x25,0xff,0x4c,0xeb,0xef,0x2b,0xcd,0xfa,
+	0x0b,0x94,0x66,0x3b,0x28,0x08,0x3f,0x3a,0xda,0x41,0xd0,0x6b,0xab,0x5e,0xbb,0x8a,
+	0x9f,0xdc,0x98,0x3e,0x59,0x37,0x48,0xbe,0x69,0xde,0x85,0x82,0xf2,0x53,0x8b,0xe4,
+	0x44,0xe4,0x71,0x91,0x14,0x85,0x0e,0x1e,0x79,0xdd,0x62,0xf5,0xdc,0x25,0x89,0xab,
+	0x50,0x5b,0xaa,0xae,0xe3,0x64,0x6a,0x23,0x34,0xd7,0x30,0xe2,0x2a,0xc8,0x81,0x0c,
+	0xec,0xd2,0x31,0xc6,0x1e,0xb6,0xc0,0x57,0xd9,0xe1,0x14,0x06,0x9b,0xf8,0x51,0x69,
+	0x47,0xf0,0x9c,0xcd,0x69,0xef,0x8e,0x5f,0x62,0xda,0x10,0xf7,0x3c,0x6d,0x0f,0x33,
+	0xec,0x6f,0xfd,0x94,0x07,0x16,0x41,0x32,0x06,0xa4,0xe1,0x08,0x31,0x87,
+};
+chunk_t certchunk = chunk_from_buf(certbuf);
+
+/*******************************************************************************
+ * auth info test
+ ******************************************************************************/
+bool test_auth_info()
+{
+	auth_info_t *auth = auth_info_create(), *auth2;
+	certificate_t *c1, *c2;
+	enumerator_t *enumerator;
+	int round = 0;
+	void *value;
+	auth_item_t type;
+	
+	c1 = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
+							BUILD_BLOB_ASN1_DER, chunk_clone(certchunk),
+							BUILD_END);
+	if (!c1)
+	{
+		return FALSE;
+	}
+	
+	auth->add_item(auth, AUTHN_SUBJECT_CERT, c1);
+	if (!auth->get_item(auth, AUTHN_SUBJECT_CERT, (void**)&c2))
+	{
+		return FALSE;
+	}
+	if (!c1->equals(c1, c2))
+	{
+		return FALSE;
+	}
+	
+	enumerator = auth->create_item_enumerator(auth);
+	while (enumerator->enumerate(enumerator, &type, &value))
+	{
+		round++;
+		if (round == 1 && type == AUTHN_SUBJECT_CERT && value == c1)
+		{
+			continue;
+		}
+		return FALSE;
+	}
+	enumerator->destroy(enumerator);
+	
+	auth2 = auth_info_create();
+	auth2->add_item(auth2, AUTHN_CA_CERT, c1);
+	auth2->merge(auth2, auth);
+	
+	round = 0;
+	enumerator = auth2->create_item_enumerator(auth2);
+	while (enumerator->enumerate(enumerator, &type, &value))
+	{
+		round++;
+		if (round == 1 && type == AUTHN_CA_CERT && value == c1)
+		{
+			continue;
+		}
+		if (round == 2 && type == AUTHN_SUBJECT_CERT && value == c1)
+		{
+			continue;
+		}
+		return FALSE;
+	}
+	enumerator->destroy(enumerator);
+	auth->destroy(auth);
+	auth2->destroy(auth2);
+	c1->destroy(c1);
+	return TRUE;
+}
+
diff --git a/src/charon/plugins/unit_tester/tests/test_chunk.c b/src/charon/plugins/unit_tester/tests/test_chunk.c
new file mode 100644
index 000000000..e7a8586c9
--- /dev/null
+++ b/src/charon/plugins/unit_tester/tests/test_chunk.c
@@ -0,0 +1,84 @@
+/*
+ * Copyright (C) 2008 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <library.h>
+#include <daemon.h>
+
+#define countof(array) (sizeof(array)/sizeof(typeof(array[0])))
+
+/*******************************************************************************
+ * Base64 encoding/decoding test
+ ******************************************************************************/
+bool test_chunk_base64()
+{
+	/* test vectors from RFC4648:
+	 *
+	 * BASE64("") = ""
+	 * BASE64("f") = "Zg=="
+	 * BASE64("fo") = "Zm8="
+	 * BASE64("foo") = "Zm9v"
+	 * BASE64("foob") = "Zm9vYg=="
+	 * BASE64("fooba") = "Zm9vYmE="
+	 * BASE64("foobar") = "Zm9vYmFy"
+	 */
+	
+	typedef struct {
+		char *in;
+		char *out;
+	} testdata_t;
+	
+	testdata_t test[] = {
+		{"", ""},
+		{"f", "Zg=="},
+		{"fo", "Zm8="},
+		{"foo", "Zm9v"},
+		{"foob", "Zm9vYg=="},
+		{"fooba", "Zm9vYmE="},
+		{"foobar", "Zm9vYmFy"},
+	};
+	int i;
+	
+	for (i = 0; i < countof(test); i++)
+	{
+		chunk_t out;
+		
+		out = chunk_to_base64(chunk_create(test[i].in, strlen(test[i].in)), NULL);
+		
+		if (!streq(out.ptr, test[i].out))
+		{
+			DBG1(DBG_CFG, "base64 conversion error - should %s, is %s", 
+				test[i].out, out.ptr);
+			return FALSE;
+		}
+		free(out.ptr);
+	}
+	
+	for (i = 0; i < countof(test); i++)
+	{
+		chunk_t out;
+		
+		out = chunk_from_base64(chunk_create(test[i].out, strlen(test[i].out)), NULL);
+		
+		if (!strneq(out.ptr, test[i].in, out.len))
+		{
+			DBG1(DBG_CFG, "base64 conversion error - should %s, is %#B", 
+				test[i].in, &out);
+			return FALSE;
+		}
+		free(out.ptr);
+	}
+	return TRUE;
+}
+
diff --git a/src/charon/plugins/unit_tester/tests/test_curl.c b/src/charon/plugins/unit_tester/tests/test_curl.c
new file mode 100644
index 000000000..c011617a7
--- /dev/null
+++ b/src/charon/plugins/unit_tester/tests/test_curl.c
@@ -0,0 +1,44 @@
+/*
+ * Copyright (C) 2007 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <daemon.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netdb.h>
+
+/*******************************************************************************
+ * curl get test
+ ******************************************************************************/
+
+bool test_curl_get()
+{
+	chunk_t chunk;
+	
+	if (lib->fetcher->fetch(lib->fetcher, "http://www.strongswan.org",
+							&chunk, FETCH_END) != SUCCESS)
+	{
+		return FALSE;
+	}
+	free(chunk.ptr);
+	
+	if (lib->fetcher->fetch(lib->fetcher, "http://www.google.com",
+							&chunk, FETCH_END) != SUCCESS)
+	{
+		return FALSE;
+	}
+	free(chunk.ptr);
+	return TRUE;
+}
+
diff --git a/src/charon/plugins/unit_tester/tests/test_enumerator.c b/src/charon/plugins/unit_tester/tests/test_enumerator.c
new file mode 100644
index 000000000..d17d62bef
--- /dev/null
+++ b/src/charon/plugins/unit_tester/tests/test_enumerator.c
@@ -0,0 +1,214 @@
+/*
+ * Copyright (C) 2007 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <utils/linked_list.h>
+
+
+/*******************************************************************************
+ * linked list remove test
+ ******************************************************************************/
+bool test_list_remove()
+{
+	void *a = (void*)1, *b = (void*)2;
+	linked_list_t *list;
+	
+	list = linked_list_create();
+	list->insert_last(list, a);
+	if (list->remove(list, a, NULL) != 1)
+	{
+		return FALSE;
+	}
+	list->insert_last(list, a);
+	list->insert_first(list, a);
+	list->insert_last(list, a);
+	list->insert_last(list, b);
+	if (list->remove(list, a, NULL) != 3)
+	{
+		return FALSE;
+	}
+	if (list->remove(list, a, NULL) != 0)
+	{
+		return FALSE;
+	}
+	if (list->get_count(list) != 1)
+	{
+		return FALSE;
+	}
+	if (list->remove(list, b, NULL) != 1)
+	{
+		return FALSE;
+	}
+	if (list->remove(list, b, NULL) != 0)
+	{
+		return FALSE;
+	}
+	list->destroy(list);
+	return TRUE;
+}
+
+/*******************************************************************************
+ * Simple insert first/last and enumerate test
+ ******************************************************************************/
+bool test_enumerate()
+{
+	int round, x;
+	void *a = (void*)4, *b = (void*)3, *c = (void*)2, *d = (void*)5, *e = (void*)1;
+	linked_list_t *list;
+	enumerator_t *enumerator;
+	
+	list = linked_list_create();
+	
+	list->insert_last(list, a);
+	list->insert_first(list, b);
+	list->insert_first(list, c);
+	list->insert_last(list, d);
+	list->insert_first(list, e);
+	
+	round = 1;
+	enumerator = list->create_enumerator(list);
+	while (enumerator->enumerate(enumerator, &x))
+	{
+		if (round != x)
+		{
+			return FALSE;
+		}
+		round++;
+	}
+	enumerator->destroy(enumerator);
+	
+	list->destroy(list);
+	return TRUE;
+}
+
+/*******************************************************************************
+ * nested enumerator test
+ ******************************************************************************/
+
+static bool bad_data;
+
+static enumerator_t* create_inner(linked_list_t *outer, void *data)
+{
+	if (data != (void*)101)
+	{
+		bad_data = TRUE;
+	}
+	return outer->create_enumerator(outer);
+}
+
+
+static void destroy_data(void *data)
+{
+	if (data != (void*)101)
+	{
+		bad_data = TRUE;
+	}
+}
+
+bool test_enumerate_nested()
+{
+	int round, x;
+	void *a = (void*)1, *b = (void*)2, *c = (void*)3, *d = (void*)4, *e = (void*)5;
+	linked_list_t *list, *l1, *l2, *l3;
+	enumerator_t *enumerator;
+	
+	bad_data = FALSE;
+	list = linked_list_create();
+	l1 = linked_list_create();
+	l2 = linked_list_create();
+	l3 = linked_list_create();
+	list->insert_last(list, l1);
+	list->insert_last(list, l2);
+	list->insert_last(list, l3);
+	
+	l1->insert_last(l1, a);
+	l1->insert_last(l1, b);
+	l3->insert_last(l3, c);
+	l3->insert_last(l3, d);
+	l3->insert_last(l3, e);
+	
+	round = 1;
+	enumerator = enumerator_create_nested(list->create_enumerator(list),
+					(void*)create_inner, (void*)101, destroy_data);
+	while (enumerator->enumerate(enumerator, &x))
+	{
+		if (round != x)
+		{
+			return FALSE;
+		}
+		round++;
+	}
+	enumerator->destroy(enumerator);
+	
+	list->destroy(list);
+	l1->destroy(l1);
+	l2->destroy(l2);
+	l3->destroy(l3);
+	return !bad_data;
+}
+
+
+/*******************************************************************************
+ * filtered enumerator test
+ ******************************************************************************/
+static bool filter(void *data, int *v, int *vo, int *w, int *wo,
+				   int *x, int *xo, int *y, int *yo, int *z, int *zo)
+{
+	int val = *v;
+
+	*vo = val++;
+	*wo = val++;
+	*xo = val++;
+	*yo = val++;
+	*zo = val++;
+	if (data != (void*)101)
+	{
+		return FALSE;
+	}
+	return TRUE;
+}
+
+bool test_enumerate_filtered()
+{
+	int round, v, w, x, y, z;
+	void *a = (void*)1, *b = (void*)2, *c = (void*)3, *d = (void*)4, *e = (void*)5;
+	linked_list_t *list;
+	enumerator_t *enumerator;
+	
+	bad_data = FALSE;
+	list = linked_list_create();
+	
+	list->insert_last(list, a);
+	list->insert_last(list, b);
+	list->insert_last(list, c);
+	list->insert_last(list, d);
+	list->insert_last(list, e);
+	
+	round = 1;
+	enumerator = enumerator_create_filter(list->create_enumerator(list),
+									(void*)filter, (void*)101, destroy_data);
+	while (enumerator->enumerate(enumerator, &v, &w, &x, &y, &z))
+	{
+		if (v != round || w != round + 1 || x != round + 2 ||
+			y != round + 3 || z != round + 4)
+		{
+			return FALSE;
+		}
+		round++;
+	}
+	enumerator->destroy(enumerator);
+	
+	list->destroy(list);
+	return !bad_data;
+}
diff --git a/src/charon/plugins/unit_tester/tests/test_fips_prf.c b/src/charon/plugins/unit_tester/tests/test_fips_prf.c
new file mode 100644
index 000000000..29612143e
--- /dev/null
+++ b/src/charon/plugins/unit_tester/tests/test_fips_prf.c
@@ -0,0 +1,64 @@
+/*
+ * Copyright (C) 2007 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <utils/linked_list.h>
+#include <daemon.h>
+
+/*******************************************************************************
+ * fips prf known value test
+ ******************************************************************************/
+bool fips_prf_test()
+{
+	prf_t *prf;
+	u_int8_t key_buf[] = {
+		0xbd, 0x02, 0x9b, 0xbe, 0x7f, 0x51, 0x96, 0x0b,
+		0xcf, 0x9e, 0xdb, 0x2b, 0x61, 0xf0, 0x6f, 0x0f,
+		0xeb, 0x5a, 0x38, 0xb6
+	};
+	u_int8_t seed_buf[] = {
+		0x00	
+	};
+	u_int8_t result_buf[] = {
+		0x20, 0x70, 0xb3, 0x22, 0x3d, 0xba, 0x37, 0x2f,
+		0xde, 0x1c, 0x0f, 0xfc, 0x7b, 0x2e, 0x3b, 0x49,
+		0x8b, 0x26, 0x06, 0x14, 0x3c, 0x6c, 0x18, 0xba,
+		0xcb, 0x0f, 0x6c, 0x55, 0xba, 0xbb, 0x13, 0x78,
+		0x8e, 0x20, 0xd7, 0x37, 0xa3, 0x27, 0x51, 0x16
+	};
+	chunk_t key = chunk_from_buf(key_buf);
+	chunk_t seed = chunk_from_buf(seed_buf);
+	chunk_t expected = chunk_from_buf(result_buf);
+	chunk_t result;
+	
+	prf = lib->crypto->create_prf(lib->crypto, PRF_FIPS_SHA1_160);
+	if (prf == NULL)
+	{
+		DBG1(DBG_CFG, "FIPS PRF implementation not found");
+		return FALSE;
+	}
+	prf->set_key(prf, key);
+	prf->allocate_bytes(prf, seed, &result);
+	prf->destroy(prf);
+	if (!chunk_equals(result, expected))
+	{
+		DBG1(DBG_CFG, "FIPS PRF result invalid:\nexpected: %Bresult: %B",
+			 &expected, &result);
+		chunk_free(&result);
+		return FALSE;
+	}
+	chunk_free(&result);
+	return TRUE;
+}
+
diff --git a/src/charon/plugins/unit_tester/tests/test_med_db.c b/src/charon/plugins/unit_tester/tests/test_med_db.c
new file mode 100644
index 000000000..d65eb0cc4
--- /dev/null
+++ b/src/charon/plugins/unit_tester/tests/test_med_db.c
@@ -0,0 +1,52 @@
+/*
+ * Copyright (C) 2008 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <library.h>
+#include <daemon.h>
+#include <utils/enumerator.h>
+
+#include <unistd.h>
+
+/*******************************************************************************
+ * fetch public key from mediation database
+ ******************************************************************************/
+
+bool test_med_db()
+{
+	char keyid_buf[] = {
+		0xed,0x90,0xe6,0x4f,0xec,0xa2,0x1f,0x4b,
+		0x68,0x97,0x99,0x24,0x22,0xe0,0xde,0x21,
+		0xb9,0xd6,0x26,0x29
+	};
+	chunk_t keyid = chunk_from_buf(keyid_buf);
+	identification_t *id, *found;
+	enumerator_t *enumerator;
+	auth_info_t *auth;
+	public_key_t *public;
+	bool good = FALSE;
+	
+	id = identification_create_from_encoding(ID_KEY_ID, keyid);
+	enumerator = charon->credentials->create_public_enumerator(
+									charon->credentials, KEY_ANY, id, NULL);
+	while (enumerator->enumerate(enumerator, &public, &auth))
+	{
+		found = public->get_id(public, ID_PUBKEY_SHA1);
+		good = chunk_equals(id->get_encoding(id), found->get_encoding(found));
+	}
+	enumerator->destroy(enumerator);
+	id->destroy(id);
+	return good;
+}
+
diff --git a/src/charon/plugins/unit_tester/tests/test_mutex.c b/src/charon/plugins/unit_tester/tests/test_mutex.c
new file mode 100644
index 000000000..a305d5082
--- /dev/null
+++ b/src/charon/plugins/unit_tester/tests/test_mutex.c
@@ -0,0 +1,100 @@
+/*
+ * Copyright (C) 2008 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <library.h>
+#include <utils/mutex.h>
+
+#include <unistd.h>
+#include <sched.h>
+#include <pthread.h>
+
+
+static mutex_t *mutex;
+
+static int locked = 0;
+
+static bool failed = FALSE;
+
+static pthread_barrier_t barrier;
+
+static void* run(void* null)
+{
+	int i;
+
+	/* wait for all threads before getting in action */
+	pthread_barrier_wait(&barrier);
+
+	for (i = 0; i < 100; i++)
+	{
+		mutex->lock(mutex);
+		mutex->lock(mutex);
+		mutex->lock(mutex);
+		locked++;
+		sched_yield();
+		if (locked > 1)
+		{
+			failed = TRUE;
+		}	
+		locked--;
+		mutex->unlock(mutex);
+		mutex->unlock(mutex);
+		mutex->unlock(mutex);
+	}
+	return NULL;
+}
+
+#define THREADS 20
+
+/*******************************************************************************
+ * mutex test
+ ******************************************************************************/
+bool test_mutex()
+{
+	int i;
+	pthread_t threads[THREADS];
+	
+	mutex = mutex_create(MUTEX_RECURSIVE);
+	
+	for (i = 0; i < 10; i++)
+	{
+		mutex->lock(mutex);
+		mutex->unlock(mutex);
+	}
+	for (i = 0; i < 10; i++)
+	{
+		mutex->lock(mutex);
+	}
+	for (i = 0; i < 10; i++)
+	{
+		mutex->unlock(mutex);
+	}
+	
+	pthread_barrier_init(&barrier, NULL, THREADS);
+	
+	for (i = 0; i < THREADS; i++)
+	{
+		pthread_create(&threads[i], NULL, run, NULL);
+	}
+	for (i = 0; i < THREADS; i++)
+	{
+		pthread_join(threads[i], NULL);
+	}
+	pthread_barrier_destroy(&barrier);
+	
+	mutex->destroy(mutex);
+	
+	return !failed;
+}
+
diff --git a/src/charon/plugins/unit_tester/tests/test_mysql.c b/src/charon/plugins/unit_tester/tests/test_mysql.c
new file mode 100644
index 000000000..ff3d38ad8
--- /dev/null
+++ b/src/charon/plugins/unit_tester/tests/test_mysql.c
@@ -0,0 +1,90 @@
+/*
+ * Copyright (C) 2008 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <library.h>
+#include <daemon.h>
+#include <utils/enumerator.h>
+
+/*******************************************************************************
+ * mysql simple test
+ ******************************************************************************/
+bool test_mysql()
+{
+	database_t *db;
+	char *txt = "I'm a superduper test";
+	char buf[] = {0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08};
+	chunk_t data = chunk_from_buf(buf);
+	int row;
+	chunk_t qdata;
+	char *qtxt;
+	bool good = FALSE;
+	enumerator_t *enumerator;
+	
+	db = lib->db->create(lib->db, "mysql://testuser:testpass@localhost/test");
+	if (!db)
+	{
+		return FALSE;
+	}
+	if (db->execute(db, NULL, "CREATE TABLE test ("
+								"id INT NOT NULL AUTO_INCREMENT PRIMARY KEY, "
+								"txt TEXT, data BLOB)") < 0)
+	{
+		return FALSE;
+	}
+	if (db->execute(db, &row, "INSERT INTO test (txt, data) VALUES (?,?)",
+					DB_TEXT, txt, DB_BLOB, data) < 0)
+	{
+		return FALSE;
+	}
+	if (row != 1)
+	{
+		return FALSE;
+	}
+	enumerator = db->query(db, "SELECT txt, data FROM test WHERE id = ?",
+						   DB_INT, row,
+						   DB_TEXT, DB_BLOB);
+	if (!enumerator)
+	{
+		return FALSE;
+	}
+	while (enumerator->enumerate(enumerator, &qtxt, &qdata))
+	{
+		if (good)
+		{	/* only one row */
+			good = FALSE;
+			break;
+		}
+		if (streq(qtxt, txt) && chunk_equals(data, qdata))
+		{
+			good = TRUE;
+		}
+	}
+	enumerator->destroy(enumerator);
+	if (!good)
+	{
+		return FALSE;
+	}
+	if (db->execute(db, NULL, "DELETE FROM test WHERE id = ?", DB_INT, row) != 1)
+	{
+		return FALSE;
+	}
+	if (db->execute(db, NULL, "DROP TABLE test") < 0)
+	{
+		return FALSE;
+	}
+	db->destroy(db);
+	return TRUE;
+}
+
diff --git a/src/charon/plugins/unit_tester/tests/test_rsa_gen.c b/src/charon/plugins/unit_tester/tests/test_rsa_gen.c
new file mode 100644
index 000000000..783a4c913
--- /dev/null
+++ b/src/charon/plugins/unit_tester/tests/test_rsa_gen.c
@@ -0,0 +1,109 @@
+/*
+ * Copyright (C) 2008 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <library.h>
+#include <daemon.h>
+
+/*******************************************************************************
+ * RSA key generation and signature
+ ******************************************************************************/
+bool test_rsa_gen()
+{
+	char buf[] = {0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08};
+	chunk_t data = chunk_from_buf(buf), sig;
+	private_key_t *private;
+	public_key_t *public;
+	u_int key_size;
+	
+	for (key_size = 512; key_size <= 2048; key_size *= 2)
+	{
+		private = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_RSA,
+									 BUILD_KEY_SIZE, key_size, BUILD_END);
+		if (!private)
+		{
+			DBG1(DBG_CFG, "generating %d bit RSA key failed");
+			return FALSE;
+		}
+		public = private->get_public_key(private);
+		if (!public)
+		{
+			DBG1(DBG_CFG, "generating public from private key failed");
+			return FALSE;
+		}
+		if (!private->sign(private, SIGN_RSA_EMSA_PKCS1_SHA1, data, &sig))
+		{
+			DBG1(DBG_CFG, "creating RSA signature failed");
+			return FALSE;
+		}
+		if (!public->verify(public, SIGN_RSA_EMSA_PKCS1_SHA1, data, sig))
+		{
+			DBG1(DBG_CFG, "verifying RSA signature failed");
+			return FALSE;
+		}
+		sig.ptr[sig.len-1]++;
+		if (public->verify(public, SIGN_RSA_EMSA_PKCS1_SHA1, data, sig))
+		{
+			DBG1(DBG_CFG, "verifying faked RSA signature succeeded!");
+			return FALSE;
+		}
+		free(sig.ptr);
+		public->destroy(public);
+		private->destroy(private);
+	}
+	return TRUE;
+}
+
+
+/*******************************************************************************
+ * Load a subjectPubkeyInfo wrapped key (RSA in this case)
+ ******************************************************************************/
+static char public_any[] = {
+  0x30,0x82,0x01,0x20,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,
+  0x01,0x05,0x00,0x03,0x82,0x01,0x0d,0x00,0x30,0x82,0x01,0x08,0x02,0x82,0x01,0x01,
+  0x00,0xc6,0x68,0x99,0x1d,0xc8,0x06,0xdb,0xcf,0x1c,0x66,0xbb,0x91,0xc3,0xd4,0x10,
+  0xb2,0x08,0xa9,0xc5,0x71,0x39,0x1c,0xbe,0x5b,0x1d,0xce,0xfd,0x1b,0xfa,0xec,0x04,
+  0x89,0x9f,0x79,0xc8,0x46,0x00,0xd2,0x71,0xfb,0x22,0x16,0x52,0x2f,0xda,0xbf,0x0f,
+  0xe7,0x16,0xb1,0xd7,0x6a,0xa5,0xa5,0xfc,0xee,0xff,0x84,0x4c,0x81,0x3f,0xab,0x84,
+  0x0e,0xed,0x4a,0x26,0x59,0xd0,0x9b,0xb5,0xe1,0xec,0x61,0xc4,0xd3,0x15,0x4c,0x29,
+  0x51,0xa0,0xde,0x33,0x07,0x58,0x6c,0x36,0x1b,0x18,0x61,0xd9,0x56,0x18,0x39,0x54,
+  0x8b,0xd2,0xea,0x4e,0x87,0x28,0x58,0xb9,0x88,0x3d,0x30,0xbc,0xfc,0x6d,0xad,0xab,
+  0x43,0x26,0x09,0x48,0x4e,0x6e,0x8a,0x8b,0x88,0xb3,0xf0,0x29,0x25,0x79,0xb6,0xb6,
+  0x71,0x3c,0x93,0x59,0xd2,0x36,0x94,0xd5,0xfc,0xf3,0x62,0x2b,0x69,0xa3,0x7a,0x47,
+  0x4e,0x53,0xa2,0x35,0x1b,0x26,0x89,0xaa,0x09,0xfd,0x56,0xd7,0x75,0x2a,0xd4,0x91,
+  0xc0,0xf2,0x78,0xd7,0x05,0xca,0x12,0x1d,0xd9,0xd4,0x81,0x23,0xb2,0x3c,0x38,0xd9,
+  0xb4,0xdc,0x21,0xe0,0xe5,0x2d,0xd4,0xbe,0x61,0x39,0x8a,0x46,0x90,0x46,0x73,0x31,
+  0xba,0x48,0xbb,0x51,0xbb,0x91,0xd5,0x62,0xad,0xd1,0x53,0x5b,0x85,0xc9,0x1d,0xa7,
+  0xf6,0xa0,0xe1,0x0e,0x6c,0x22,0x5d,0x29,0x9a,0xe7,0x0f,0xe8,0x0a,0x50,0xa7,0x19,
+  0x11,0xc2,0x8b,0xe0,0x8a,0xfd,0x2b,0x94,0x31,0x7a,0x78,0x9c,0x9b,0x75,0x63,0x49,
+  0xa9,0xe5,0x58,0xe6,0x3a,0x99,0xcb,0x2b,0xdd,0x0e,0xdc,0x7d,0x1b,0x98,0x80,0xc3,
+  0x9f,0x02,0x01,0x23,
+};
+
+bool test_rsa_load_any()
+{
+	chunk_t chunk = chunk_from_buf(public_any);
+	public_key_t *public;
+	
+	public = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ANY,
+								BUILD_BLOB_ASN1_DER, chunk_clone(chunk),
+								BUILD_END);
+	if (!public || public->get_keysize(public) != 256)
+	{
+		return FALSE;
+	}
+	public->destroy(public);
+	return TRUE;
+}
+
diff --git a/src/charon/plugins/unit_tester/tests/test_sqlite.c b/src/charon/plugins/unit_tester/tests/test_sqlite.c
new file mode 100644
index 000000000..d152fc594
--- /dev/null
+++ b/src/charon/plugins/unit_tester/tests/test_sqlite.c
@@ -0,0 +1,94 @@
+/*
+ * Copyright (C) 2008 Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <library.h>
+#include <daemon.h>
+#include <utils/enumerator.h>
+
+#include <unistd.h>
+
+
+#define DBFILE "/tmp/strongswan-test.db"
+
+/*******************************************************************************
+ * sqlite simple test
+ ******************************************************************************/
+bool test_sqlite()
+{
+	database_t *db;
+	char *txt = "I'm a superduper test";
+	char buf[] = {0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08};
+	chunk_t data = chunk_from_buf(buf);
+	int row;
+	chunk_t qdata;
+	char *qtxt;
+	bool good = FALSE;
+	enumerator_t *enumerator;
+	
+	db = lib->db->create(lib->db, "sqlite://" DBFILE);
+	if (!db)
+	{
+		return FALSE;
+	}
+	if (db->execute(db, NULL, "CREATE TABLE test (txt TEXT, data BLOB)") < 0)
+	{
+		return FALSE;
+	}
+	if (db->execute(db, &row, "INSERT INTO test (txt, data) VALUES (?,?)",
+					DB_TEXT, txt, DB_BLOB, data) < 0)
+	{
+		return FALSE;
+	}
+	if (row != 1)
+	{
+		return FALSE;
+	}
+	enumerator = db->query(db, "SELECT txt, data FROM test WHERE oid = ?",
+						   DB_INT, row,
+						   DB_TEXT, DB_BLOB);
+	if (!enumerator)
+	{
+		return FALSE;
+	}
+	while (enumerator->enumerate(enumerator, &qtxt, &qdata))
+	{
+		if (good)
+		{	/* only one row */
+			good = FALSE;
+			break;
+		}
+		if (streq(qtxt, txt) && chunk_equals(data, qdata))
+		{
+			good = TRUE;
+		}
+	}
+	enumerator->destroy(enumerator);
+	if (!good)
+	{
+		return FALSE;
+	}
+	if (db->execute(db, NULL, "DELETE FROM test WHERE oid = ?", DB_INT, row) != 1)
+	{
+		return FALSE;
+	}
+	if (db->execute(db, NULL, "DROP TABLE test") < 0)
+	{
+		return FALSE;
+	}
+	db->destroy(db);
+	unlink(DBFILE);
+	return TRUE;
+}
+