From 68df5fccbe2517349396e34c2891a02d0989fe54 Mon Sep 17 00:00:00 2001 From: Claudio Jeker Date: Tue, 18 Jun 2019 12:09:08 +0000 Subject: Use the test-files from rpki-client and some files from the rpki cache to implement a basic regress test. Needs more work but should be a start. --- regress/usr.sbin/rpki-client/Makefile | 41 +++++++ .../2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer | Bin 0 -> 1259 bytes .../cer/aaI5ikDRYL7nJH9kwrv4b80iIAI.cer | Bin 0 -> 1288 bytes .../mft/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft | Bin 0 -> 1980 bytes .../mft/RjQZ5pSL7riIcFGhdm4iFtIalko.mft | Bin 0 -> 2212 bytes regress/usr.sbin/rpki-client/mft/ripe-ncc-ta.mft | Bin 0 -> 1796 bytes .../roa/4DAr1VXnjh69GoQkxjmIQdkRVtQ.roa | Bin 0 -> 1730 bytes .../roa/Hf1ZR31W9DN5QSF6xJEO5qgH4ac.roa | Bin 0 -> 1769 bytes .../roa/Zs_svFDVb-_DZnjgkN8DLKk_IRI.roa | Bin 0 -> 1729 bytes .../roa/xZEe_HUX98kANKreh2ZIpdaDnAI.roa | Bin 0 -> 1729 bytes regress/usr.sbin/rpki-client/ta/AfriNIC.cer | Bin 0 -> 1160 bytes .../rpki-client/ta/apnic-rpki-root-iana-origin.cer | Bin 0 -> 1211 bytes regress/usr.sbin/rpki-client/ta/ripe-ncc-ta.cer | Bin 0 -> 1038 bytes regress/usr.sbin/rpki-client/tal/apnic.tal | 9 ++ regress/usr.sbin/rpki-client/tal/ripe.tal | 9 ++ regress/usr.sbin/rpki-client/test-cert.c | 136 +++++++++++++++++++++ regress/usr.sbin/rpki-client/test-ip.c | 128 +++++++++++++++++++ regress/usr.sbin/rpki-client/test-mft.c | 92 ++++++++++++++ regress/usr.sbin/rpki-client/test-roa.c | 94 ++++++++++++++ regress/usr.sbin/rpki-client/test-tal.c | 84 +++++++++++++ 20 files changed, 593 insertions(+) create mode 100644 regress/usr.sbin/rpki-client/Makefile create mode 100644 regress/usr.sbin/rpki-client/cer/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer create mode 100644 regress/usr.sbin/rpki-client/cer/aaI5ikDRYL7nJH9kwrv4b80iIAI.cer create mode 100644 regress/usr.sbin/rpki-client/mft/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft create mode 100644 regress/usr.sbin/rpki-client/mft/RjQZ5pSL7riIcFGhdm4iFtIalko.mft create mode 100644 regress/usr.sbin/rpki-client/mft/ripe-ncc-ta.mft create mode 100644 regress/usr.sbin/rpki-client/roa/4DAr1VXnjh69GoQkxjmIQdkRVtQ.roa create mode 100644 regress/usr.sbin/rpki-client/roa/Hf1ZR31W9DN5QSF6xJEO5qgH4ac.roa create mode 100644 regress/usr.sbin/rpki-client/roa/Zs_svFDVb-_DZnjgkN8DLKk_IRI.roa create mode 100644 regress/usr.sbin/rpki-client/roa/xZEe_HUX98kANKreh2ZIpdaDnAI.roa create mode 100644 regress/usr.sbin/rpki-client/ta/AfriNIC.cer create mode 100644 regress/usr.sbin/rpki-client/ta/apnic-rpki-root-iana-origin.cer create mode 100644 regress/usr.sbin/rpki-client/ta/ripe-ncc-ta.cer create mode 100644 regress/usr.sbin/rpki-client/tal/apnic.tal create mode 100644 regress/usr.sbin/rpki-client/tal/ripe.tal create mode 100644 regress/usr.sbin/rpki-client/test-cert.c create mode 100644 regress/usr.sbin/rpki-client/test-ip.c create mode 100644 regress/usr.sbin/rpki-client/test-mft.c create mode 100644 regress/usr.sbin/rpki-client/test-roa.c create mode 100644 regress/usr.sbin/rpki-client/test-tal.c (limited to 'regress') diff --git a/regress/usr.sbin/rpki-client/Makefile b/regress/usr.sbin/rpki-client/Makefile new file mode 100644 index 00000000000..7c67f2207e7 --- /dev/null +++ b/regress/usr.sbin/rpki-client/Makefile @@ -0,0 +1,41 @@ +# $OpenBSD: Makefile,v 1.1 2019/06/18 12:09:07 claudio Exp $ + +.PATH: ${.CURDIR}/../../../usr.sbin/rpki-client + +PROGS += test-ip +PROGS += test-cert +PROGS += test-mft +PROGS += test-roa +PROGS += test-tal + +. for p in ${PROGS} +REGRESS_TARGETS += run-regress-$p +.endfor + +CFLAGS+= -I${.CURDIR} -I${.CURDIR}/../../../usr.sbin/rpki-client \ + -I/usr/local/include/eopenssl +LDADD+= /usr/local/lib/eopenssl/libssl.a \ + /usr/local/lib/eopenssl/libcrypto.a + +SRCS_test-ip= test-ip.c ip.c io.c +run-regress-test-ip: test-ip + ./test-ip + +SRCS_test-cert= test-cert.c cert.c x509.c ip.c as.c rsync.c io.c log.c +run-regress-test-cert: test-cert + ./test-cert -v ${.CURDIR}/cer/* + ./test-cert -vt ${.CURDIR}/ta/* + +SRCS_test-mft= test-mft.c mft.c cms.c x509.c io.c log.c +run-regress-test-mft: test-mft + ./test-mft -v ${.CURDIR}/mft/* + +SRCS_test-roa= test-roa.c roa.c cms.c x509.c ip.c as.c io.c log.c +run-regress-test-roa: test-roa + ./test-roa -v ${.CURDIR}/roa/* + +SRCS_test-tal= test-tal.c tal.c rsync.c io.c log.c +run-regress-test-tal: test-tal + ./test-tal -v ${.CURDIR}/tal/*.tal + +.include diff --git a/regress/usr.sbin/rpki-client/cer/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer b/regress/usr.sbin/rpki-client/cer/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer new file mode 100644 index 00000000000..64d53307989 Binary files /dev/null and b/regress/usr.sbin/rpki-client/cer/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer differ diff --git a/regress/usr.sbin/rpki-client/cer/aaI5ikDRYL7nJH9kwrv4b80iIAI.cer b/regress/usr.sbin/rpki-client/cer/aaI5ikDRYL7nJH9kwrv4b80iIAI.cer new file mode 100644 index 00000000000..61c9160cdf4 Binary files /dev/null and b/regress/usr.sbin/rpki-client/cer/aaI5ikDRYL7nJH9kwrv4b80iIAI.cer differ diff --git a/regress/usr.sbin/rpki-client/mft/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft b/regress/usr.sbin/rpki-client/mft/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft new file mode 100644 index 00000000000..f90b31a617d Binary files /dev/null and b/regress/usr.sbin/rpki-client/mft/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft differ diff --git a/regress/usr.sbin/rpki-client/mft/RjQZ5pSL7riIcFGhdm4iFtIalko.mft b/regress/usr.sbin/rpki-client/mft/RjQZ5pSL7riIcFGhdm4iFtIalko.mft new file mode 100644 index 00000000000..6ebfa8ad8d4 Binary files /dev/null and b/regress/usr.sbin/rpki-client/mft/RjQZ5pSL7riIcFGhdm4iFtIalko.mft differ diff --git a/regress/usr.sbin/rpki-client/mft/ripe-ncc-ta.mft b/regress/usr.sbin/rpki-client/mft/ripe-ncc-ta.mft new file mode 100644 index 00000000000..ed854d348cb Binary files /dev/null and b/regress/usr.sbin/rpki-client/mft/ripe-ncc-ta.mft differ diff --git a/regress/usr.sbin/rpki-client/roa/4DAr1VXnjh69GoQkxjmIQdkRVtQ.roa b/regress/usr.sbin/rpki-client/roa/4DAr1VXnjh69GoQkxjmIQdkRVtQ.roa new file mode 100644 index 00000000000..f6126eb6572 Binary files /dev/null and b/regress/usr.sbin/rpki-client/roa/4DAr1VXnjh69GoQkxjmIQdkRVtQ.roa differ diff --git a/regress/usr.sbin/rpki-client/roa/Hf1ZR31W9DN5QSF6xJEO5qgH4ac.roa b/regress/usr.sbin/rpki-client/roa/Hf1ZR31W9DN5QSF6xJEO5qgH4ac.roa new file mode 100644 index 00000000000..8abe8f19a95 Binary files /dev/null and b/regress/usr.sbin/rpki-client/roa/Hf1ZR31W9DN5QSF6xJEO5qgH4ac.roa differ diff --git a/regress/usr.sbin/rpki-client/roa/Zs_svFDVb-_DZnjgkN8DLKk_IRI.roa b/regress/usr.sbin/rpki-client/roa/Zs_svFDVb-_DZnjgkN8DLKk_IRI.roa new file mode 100644 index 00000000000..e8773eb398b Binary files /dev/null and b/regress/usr.sbin/rpki-client/roa/Zs_svFDVb-_DZnjgkN8DLKk_IRI.roa differ diff --git a/regress/usr.sbin/rpki-client/roa/xZEe_HUX98kANKreh2ZIpdaDnAI.roa b/regress/usr.sbin/rpki-client/roa/xZEe_HUX98kANKreh2ZIpdaDnAI.roa new file mode 100644 index 00000000000..aa29c798201 Binary files /dev/null and b/regress/usr.sbin/rpki-client/roa/xZEe_HUX98kANKreh2ZIpdaDnAI.roa differ diff --git a/regress/usr.sbin/rpki-client/ta/AfriNIC.cer b/regress/usr.sbin/rpki-client/ta/AfriNIC.cer new file mode 100644 index 00000000000..87db75d1c63 Binary files /dev/null and b/regress/usr.sbin/rpki-client/ta/AfriNIC.cer differ diff --git a/regress/usr.sbin/rpki-client/ta/apnic-rpki-root-iana-origin.cer b/regress/usr.sbin/rpki-client/ta/apnic-rpki-root-iana-origin.cer new file mode 100644 index 00000000000..56939f85858 Binary files /dev/null and b/regress/usr.sbin/rpki-client/ta/apnic-rpki-root-iana-origin.cer differ diff --git a/regress/usr.sbin/rpki-client/ta/ripe-ncc-ta.cer b/regress/usr.sbin/rpki-client/ta/ripe-ncc-ta.cer new file mode 100644 index 00000000000..6a0994aa712 Binary files /dev/null and b/regress/usr.sbin/rpki-client/ta/ripe-ncc-ta.cer differ diff --git a/regress/usr.sbin/rpki-client/tal/apnic.tal b/regress/usr.sbin/rpki-client/tal/apnic.tal new file mode 100644 index 00000000000..fc781ee2240 --- /dev/null +++ b/regress/usr.sbin/rpki-client/tal/apnic.tal @@ -0,0 +1,9 @@ +rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer + +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9RWSL61YAAYumEiU8z8 +qH2ETVIL01ilxZlzIL9JYSORMN5Cmtf8V2JblIealSqgOTGjvSjEsiV73s67zYQI +7C/iSOb96uf3/s86NqbxDiFQGN8qG7RNcdgVuUlAidl8WxvLNI8VhqbAB5uSg/Mr +LeSOvXRja041VptAxIhcGzDMvlAJRwkrYK/Mo8P4E2rSQgwqCgae0ebY1CsJ3Cjf +i67C1nw7oXqJJovvXJ4apGmEv8az23OLC6Ki54Ul/E6xk227BFttqFV3YMtKx42H +cCcDVZZy01n7JjzvO8ccaXmHIgR7utnqhBRNNq5Xc5ZhbkrUsNtiJmrZzVlgU6Ou +0wIDAQAB diff --git a/regress/usr.sbin/rpki-client/tal/ripe.tal b/regress/usr.sbin/rpki-client/tal/ripe.tal new file mode 100644 index 00000000000..acdb1731307 --- /dev/null +++ b/regress/usr.sbin/rpki-client/tal/ripe.tal @@ -0,0 +1,9 @@ +rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer + +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0URYSGqUz2myBsOzeW1j +Q6NsxNvlLMyhWknvnl8NiBCs/T/S2XuNKQNZ+wBZxIgPPV2pFBFeQAvoH/WK83Hw +A26V2siwm/MY2nKZ+Olw+wlpzlZ1p3Ipj2eNcKrmit8BwBC8xImzuCGaV0jkRB0G +Z0hoH6Ml03umLprRsn6v0xOP0+l6Qc1ZHMFVFb385IQ7FQQTcVIxrdeMsoyJq9eM +kE6DoclHhF/NlSllXubASQ9KUWqJ0+Ot3QCXr4LXECMfkpkVR2TZT+v5v658bHVs +6ZxRD1b6Uk1uQKAyHUbn/tXvP8lrjAibGzVsXDT2L0x4Edx+QdixPgOji3gBMyL2 +VwIDAQAB diff --git a/regress/usr.sbin/rpki-client/test-cert.c b/regress/usr.sbin/rpki-client/test-cert.c new file mode 100644 index 00000000000..733f1da4219 --- /dev/null +++ b/regress/usr.sbin/rpki-client/test-cert.c @@ -0,0 +1,136 @@ +/* $Id: test-cert.c,v 1.1 2019/06/18 12:09:07 claudio Exp $ */ +/* + * Copyright (c) 2019 Kristaps Dzonsons + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include +#include + +#include +#include +#include +#include +#include +#include +#include + +#include +#include + +#include "extern.h" + +static void +cert_print(const struct cert *p) +{ + size_t i; + char buf1[64], buf2[64]; + int sockt; + + assert(p != NULL); + + printf("Manifest: %s\n", p->mft); + if (p->crl != NULL) + printf("Revocation list: %s\n", p->crl); + printf("Subject key identifier: %s\n", p->ski); + if (p->aki != NULL) + printf("Authority key identifier: %s\n", p->aki); + + for (i = 0; i < p->asz; i++) + switch (p->as[i].type) { + case CERT_AS_ID: + printf("%5zu: AS: %" + PRIu32 "\n", i + 1, p->as[i].id); + break; + case CERT_AS_INHERIT: + printf("%5zu: AS: inherit\n", i + 1); + break; + case CERT_AS_RANGE: + printf("%5zu: AS: %" + PRIu32 "--%" PRIu32 "\n", i + 1, + p->as[i].range.min, p->as[i].range.max); + break; + } + + for (i = 0; i < p->ipsz; i++) + switch (p->ips[i].type) { + case CERT_IP_INHERIT: + printf("%5zu: IP: inherit\n", i + 1); + break; + case CERT_IP_ADDR: + ip_addr_print(&p->ips[i].ip, + p->ips[i].afi, buf1, sizeof(buf1)); + printf("%5zu: IP: %s\n", i + 1, buf1); + break; + case CERT_IP_RANGE: + sockt = (p->ips[i].afi == AFI_IPV4) ? + AF_INET : AF_INET6; + inet_ntop(sockt, p->ips[i].min, buf1, sizeof(buf1)); + inet_ntop(sockt, p->ips[i].max, buf2, sizeof(buf2)); + printf("%5zu: IP: %s--%s\n", i + 1, buf1, buf2); + break; + } +} + +int +main(int argc, char *argv[]) +{ + int c, i, verb = 0, ta = 0; + X509 *xp = NULL; + struct cert *p; + + SSL_library_init(); + SSL_load_error_strings(); + + while ((c = getopt(argc, argv, "tv")) != -1) + switch (c) { + case 't': + ta = 1; + break; + case 'v': + verb++; + break; + default: + errx(1, "bad argument %c", c); + } + + argv += optind; + argc -= optind; + + if (argc == 0) + errx(1, "argument missing"); + + for (i = 0; i < argc; i++) { + p = ta ? + ta_parse(&xp, argv[i], NULL, 0) : + cert_parse(&xp, argv[i], NULL); + if (p == NULL) + break; + if (verb) + cert_print(p); + cert_free(p); + X509_free(xp); + } + + EVP_cleanup(); + CRYPTO_cleanup_all_ex_data(); + ERR_remove_state(0); + ERR_free_strings(); + + if (i < argc) + errx(1, "test failed for %s", argv[i]); + + printf("OK\n"); + return 0; +} diff --git a/regress/usr.sbin/rpki-client/test-ip.c b/regress/usr.sbin/rpki-client/test-ip.c new file mode 100644 index 00000000000..5a417fcce5d --- /dev/null +++ b/regress/usr.sbin/rpki-client/test-ip.c @@ -0,0 +1,128 @@ +/* $Id: test-ip.c,v 1.1 2019/06/18 12:09:07 claudio Exp $ */ +/* + * Copyright (c) 2019 Kristaps Dzonsons + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include +#include + +#include +#include +#include +#include +#include +#include + +#include +#include + +#include "extern.h" + +static void +test(const char *res, uint16_t afiv, size_t sz, size_t unused, ...) +{ + va_list ap; + struct ip_addr addr; + char buf[64]; + size_t i; + enum afi afi; + struct cert_ip ip; + int rc; + + afi = (afiv == 1) ? AFI_IPV4 : AFI_IPV6; + + memset(&addr, 0, sizeof(struct ip_addr)); + + va_start(ap, unused); + for (i = 0; i < sz - 1; i++) + addr.addr[i] = (unsigned char)va_arg(ap, int); + va_end(ap); + + addr.sz = sz - 1; + addr.unused = unused; + ip_addr_print(&addr, afi, buf, sizeof(buf)); + if (res != NULL && strcmp(res, buf)) + errx(EXIT_FAILURE, "fail: %s != %s\n", res, buf); + else if (res != NULL) + warnx("pass: %s", buf); + else + warnx("check: %s", buf); + + ip.afi = afi; + ip.type = CERT_IP_ADDR; + ip.ip = addr; + rc = ip_cert_compose_ranges(&ip); + + inet_ntop((afiv == 1) ? AF_INET : AF_INET6, ip.min, buf, sizeof(buf)); + warnx("minimum: %s", buf); + inet_ntop((afiv == 1) ? AF_INET : AF_INET6, ip.max, buf, sizeof(buf)); + warnx("maximum: %s", buf); + if (!rc) + errx(EXIT_FAILURE, "fail: minimum > maximum"); +} + +int +main(int argc, char *argv[]) +{ + + SSL_library_init(); + SSL_load_error_strings(); + + test("10.5.0.4/32", + 1, 0x05, 0x00, 0x0a, 0x05, 0x00, 0x04); + + test("10.5.0.0/23", + 1, 0x04, 0x01, 0x0a, 0x05, 0x00); + + test("2001:0:200:3:0:0:0:1/128", + 2, 0x11, 0x00, 0x20, 0x01, 0x00, 0x00, 0x02, 0x00, 0x00, 0x03, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01); + + test("2001:0:200::/39", + 2, 0x06, 0x01, 0x20, 0x01, 0x00, 0x00, 0x02); + + test(NULL, + 1, 0x03, 0x00, 0x0a, 0x05); + + test(NULL, + 1, 0x04, 0x01, 0x0a, 0x05, 0x00); + + test(NULL, + 2, 0x06, 0x01, 0x20, 0x01, 0x00, 0x00, 0x02); + + test(NULL, + 2, 0x06, 0x02, 0x20, 0x01, 0x00, 0x00, 0x00); + + test("0.0.0.0/0", + 1, 0x01, 0x00); + + test("10.64.0.0/12", + 1, 0x03, 0x04, 0x0a, 0x40); + + test("10.64.0.0/20", + 1, 0x04, 0x04, 0x0a, 0x40, 0x00); + + test(NULL, + 1, 0x02, 0x04, 0x80); + test(NULL, + 1, 0x03, 0x06, 0x81, 0x40); + test(NULL, + 1, 0x02, 0x04, 0x80); + + ERR_free_strings(); + + printf("OK\n"); + return 0; +} diff --git a/regress/usr.sbin/rpki-client/test-mft.c b/regress/usr.sbin/rpki-client/test-mft.c new file mode 100644 index 00000000000..4df01911444 --- /dev/null +++ b/regress/usr.sbin/rpki-client/test-mft.c @@ -0,0 +1,92 @@ +/* $Id: test-mft.c,v 1.1 2019/06/18 12:09:07 claudio Exp $ */ +/* + * Copyright (c) 2019 Kristaps Dzonsons + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include +#include +#include +#include +#include +#include +#include + +#include +#include + +#include "extern.h" + +static void +mft_print(const struct mft *p) +{ + size_t i; + + assert(p != NULL); + + printf("Subject key identifier: %s\n", p->ski); + printf("Authority key identifier: %s\n", p->aki); + for (i = 0; i < p->filesz; i++) + printf("%5zu: %s\n", i + 1, p->files[i].file); +} + + +int +main(int argc, char *argv[]) +{ + int c, i, verb = 0, force = 0; + struct mft *p; + X509 *xp = NULL; + + SSL_library_init(); + SSL_load_error_strings(); + + while (-1 != (c = getopt(argc, argv, "fv"))) + switch (c) { + case 'f': + force = 1; + break; + case 'v': + verb++; + break; + default: + errx(1, "bad argument %c", c); + } + + argv += optind; + argc -= optind; + + if (argc == 0) + errx(1, "argument missing"); + + for (i = 0; i < argc; i++) { + if ((p = mft_parse(&xp, argv[i], force)) == NULL) + break; + if (verb) + mft_print(p); + mft_free(p); + X509_free(xp); + } + + EVP_cleanup(); + CRYPTO_cleanup_all_ex_data(); + ERR_remove_state(0); + ERR_free_strings(); + + if (i < argc) + errx(1, "test failed for %s", argv[i]); + + printf("OK\n"); + return 0; +} diff --git a/regress/usr.sbin/rpki-client/test-roa.c b/regress/usr.sbin/rpki-client/test-roa.c new file mode 100644 index 00000000000..dba1c66d6fd --- /dev/null +++ b/regress/usr.sbin/rpki-client/test-roa.c @@ -0,0 +1,94 @@ +/* $Id: test-roa.c,v 1.1 2019/06/18 12:09:07 claudio Exp $ */ +/* + * Copyright (c) 2019 Kristaps Dzonsons + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include +#include +#include +#include +#include +#include +#include + +#include +#include + +#include "extern.h" + +static void +roa_print(const struct roa *p) +{ + char buf[128]; + size_t i; + + assert(p != NULL); + + printf("Subject key identifier: %s\n", p->ski); + printf("Authority key identifier: %s\n", p->aki); + printf("asID: %" PRIu32 "\n", p->asid); + for (i = 0; i < p->ipsz; i++) { + ip_addr_print(&p->ips[i].addr, + p->ips[i].afi, buf, sizeof(buf)); + printf("%5zu: %s (max: %zu)\n", i + 1, + buf, p->ips[i].maxlength); + } +} + +int +main(int argc, char *argv[]) +{ + int c, i, verb = 0; + X509 *xp = NULL; + struct roa *p; + + SSL_library_init(); + SSL_load_error_strings(); + + while ((c = getopt(argc, argv, "v")) != -1) + switch (c) { + case 'v': + verb++; + break; + default: + errx(1, "bad argument %c", c); + } + + argv += optind; + argc -= optind; + + if (argc == 0) + errx(1, "argument missing"); + + for (i = 0; i < argc; i++) { + if ((p = roa_parse(&xp, argv[i], NULL)) == NULL) + break; + if (verb) + roa_print(p); + roa_free(p); + X509_free(xp); + } + + EVP_cleanup(); + CRYPTO_cleanup_all_ex_data(); + ERR_remove_state(0); + ERR_free_strings(); + + if (i < argc) + errx(1, "test failed for %s", argv[i]); + + printf("OK\n"); + return 0; +} diff --git a/regress/usr.sbin/rpki-client/test-tal.c b/regress/usr.sbin/rpki-client/test-tal.c new file mode 100644 index 00000000000..d8e99f089fd --- /dev/null +++ b/regress/usr.sbin/rpki-client/test-tal.c @@ -0,0 +1,84 @@ +/* $Id: test-tal.c,v 1.1 2019/06/18 12:09:07 claudio Exp $ */ +/* + * Copyright (c) 2019 Kristaps Dzonsons + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include +#include +#include +#include +#include +#include +#include + +#include +#include + +#include "extern.h" + +static void +tal_print(const struct tal *p) +{ + size_t i; + + assert(p != NULL); + + for (i = 0; i < p->urisz; i++) + printf("%5zu: URI: %s\n", i + 1, p->uri[i]); +} + +int +main(int argc, char *argv[]) +{ + int c, i, verb = 0; + struct tal *tal; + + SSL_library_init(); + SSL_load_error_strings(); + + while (-1 != (c = getopt(argc, argv, "v"))) + switch (c) { + case 'v': + verb++; + break; + default: + errx(1, "bad argument %c", c); + } + + argv += optind; + argc -= optind; + + if (argc == 0) + errx(1, "argument missing"); + + for (i = 0; i < argc; i++) { + if ((tal = tal_parse(argv[i])) == NULL) + break; + if (verb) + tal_print(tal); + tal_free(tal); + } + + EVP_cleanup(); + CRYPTO_cleanup_all_ex_data(); + ERR_remove_state(0); + ERR_free_strings(); + + if (i < argc) + errx(1, "test failed for %s", argv[i]); + + printf("OK\n"); + return 0; +} -- cgit v1.2.3