diff options
author | evitayan <evitayan@google.com> | 2018-10-23 13:49:29 -0700 |
---|---|---|
committer | evitayan <evitayan@google.com> | 2018-11-28 14:57:48 -0800 |
commit | 8dfc82cc11c5d8e19357d741a925fdca5861e9f2 (patch) | |
tree | ed5259ece77258793ef8c7952e4b3e18c01aa5af /tests/iketests/src/java/com/android | |
parent | 6ee9837e14cf1ba51ac94a8c83e962ab435300b9 (diff) | |
download | ike-8dfc82cc11c5d8e19357d741a925fdca5861e9f2.tar.gz |
Decrypt IKE message
This commit:
- Create SkPayload
- Add decode method in IkeMessage for decoding encrypted message
- Add check for payload length field in generic payload header
Bug: 112041656
Test: FrameworksIkeTests
Change-Id: I25658f5988c00212931f76563e4040cf14567bd2
Diffstat (limited to 'tests/iketests/src/java/com/android')
-rw-r--r-- | tests/iketests/src/java/com/android/ike/ikev2/message/IkeHeaderTest.java | 55 | ||||
-rw-r--r-- | tests/iketests/src/java/com/android/ike/ikev2/message/IkeMessageTest.java | 70 |
2 files changed, 95 insertions, 30 deletions
diff --git a/tests/iketests/src/java/com/android/ike/ikev2/message/IkeHeaderTest.java b/tests/iketests/src/java/com/android/ike/ikev2/message/IkeHeaderTest.java index 70b2d651..1bc52c3b 100644 --- a/tests/iketests/src/java/com/android/ike/ikev2/message/IkeHeaderTest.java +++ b/tests/iketests/src/java/com/android/ike/ikev2/message/IkeHeaderTest.java @@ -20,6 +20,10 @@ import static org.junit.Assert.assertArrayEquals; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; +import static org.junit.Assert.fail; + +import com.android.ike.ikev2.exceptions.InvalidMajorVersionException; +import com.android.ike.ikev2.exceptions.InvalidSyntaxException; import org.junit.Test; @@ -59,6 +63,13 @@ public final class IkeHeaderTest { private static final int IKE_MSG_ID = 0; private static final int IKE_MSG_LENGTH = 336; + // Byte offsets of version field in IKE message header. + private static final int VERSION_OFFSET = 17; + // Byte offsets of exchange type in IKE message header. + private static final int EXCHANGE_TYPE_OFFSET = 18; + // Byte offsets of message length in IKE message header. + private static final int MESSAGE_LENGTH_OFFSET = 24; + @Test public void testDecodeIkeHeader() throws Exception { byte[] inputPacket = TestUtils.hexStringToByteArray(IKE_SA_INIT_RAW_PACKET); @@ -82,6 +93,50 @@ public final class IkeHeaderTest { } @Test + public void testDecodeIkeHeaderWithInvalidMajorVersion() throws Exception { + byte[] inputPacket = TestUtils.hexStringToByteArray(IKE_SA_INIT_RAW_PACKET); + // Set major version 3. + inputPacket[VERSION_OFFSET] = (byte) 0x30; + // Set Exchange type 0 + inputPacket[EXCHANGE_TYPE_OFFSET] = (byte) 0x00; + IkeHeader header = new IkeHeader(inputPacket); + try { + IkeMessage.decode(header, inputPacket); + fail( + "Expected InvalidMajorVersionException: major version is 3" + + "and exchange type is 0"); + } catch (InvalidMajorVersionException expected) { + assertEquals(3, expected.receivedMajorVersion); + } + } + + @Test + public void testDecodeIkeHeaderWithInvalidExchangeType() throws Exception { + byte[] inputPacket = TestUtils.hexStringToByteArray(IKE_SA_INIT_RAW_PACKET); + // Set Exchange type 0 + inputPacket[EXCHANGE_TYPE_OFFSET] = (byte) 0x00; + IkeHeader header = new IkeHeader(inputPacket); + try { + IkeMessage.decode(header, inputPacket); + fail("Expected InvalidSyntaxException: exchange type is 0"); + } catch (InvalidSyntaxException expected) { + } + } + + @Test + public void testDecodeIkeHeaderWithInvalidPacketLength() throws Exception { + byte[] inputPacket = TestUtils.hexStringToByteArray(IKE_SA_INIT_RAW_PACKET); + // Set Exchange type 0 + inputPacket[MESSAGE_LENGTH_OFFSET] = (byte) 0x01; + IkeHeader header = new IkeHeader(inputPacket); + try { + IkeMessage.decode(header, inputPacket); + fail("Expected InvalidSyntaxException: IKE message length."); + } catch (InvalidSyntaxException expected) { + } + } + + @Test public void testEncodeIkeHeader() throws Exception { byte[] inputPacket = TestUtils.hexStringToByteArray(IKE_SA_INIT_RAW_PACKET); IkeHeader header = new IkeHeader(inputPacket); diff --git a/tests/iketests/src/java/com/android/ike/ikev2/message/IkeMessageTest.java b/tests/iketests/src/java/com/android/ike/ikev2/message/IkeMessageTest.java index e2a1c9e1..8ba35560 100644 --- a/tests/iketests/src/java/com/android/ike/ikev2/message/IkeMessageTest.java +++ b/tests/iketests/src/java/com/android/ike/ikev2/message/IkeMessageTest.java @@ -21,7 +21,6 @@ import static org.junit.Assert.assertEquals; import static org.junit.Assert.fail; import com.android.ike.ikev2.exceptions.IkeException; -import com.android.ike.ikev2.exceptions.InvalidMajorVersionException; import com.android.ike.ikev2.exceptions.InvalidSyntaxException; import com.android.ike.ikev2.exceptions.UnsupportedCriticalPayloadException; @@ -50,10 +49,14 @@ public final class IkeMessageTest { private static final String IKE_SA_INIT_RAW_PACKET = IKE_SA_INIT_HEADER_RAW_PACKET + IKE_SA_INIT_BODY_RAW_PACKET; - private static final int FIRST_PAYLOAD_TYPE_POSITION = 16; - private static final int VERSION_POSITION = 17; - private static final int EXCHANGE_TYPE_POSITION = 18; - private static final int PAYLOAD_CRITICAL_BIT_POSITION = 1; + // Byte offsets of first payload type in IKE message header. + private static final int FIRST_PAYLOAD_TYPE_OFFSET = 16; + // Byte offsets of first payload's critical bit in IKE message body. + private static final int PAYLOAD_CRITICAL_BIT_OFFSET = 1; + // Byte offsets of first payload length in IKE message body. + private static final int FIRST_PAYLOAD_LENGTH_OFFSET = 2; + // Byte offsets of last payload length in IKE message body. + private static final int LAST_PAYLOAD_LENGTH_OFFSET = 278; private static final int[] SUPPORTED_PAYLOAD_LIST = { IkePayload.PAYLOAD_TYPE_SA, @@ -120,7 +123,7 @@ public final class IkeMessageTest { public void testDecodeMessageWithUnsupportedUncriticalPayload() throws Exception { byte[] inputPacket = TestUtils.hexStringToByteArray(IKE_SA_INIT_RAW_PACKET); // Set first payload unsupported uncritical - inputPacket[FIRST_PAYLOAD_TYPE_POSITION] = (byte) 0xff; + inputPacket[FIRST_PAYLOAD_TYPE_OFFSET] = (byte) 0xff; IkeHeader header = new IkeHeader(inputPacket); IkeMessage message = IkeMessage.decode(header, inputPacket); assertEquals(SUPPORTED_PAYLOAD_LIST.length - 1, message.ikePayloadList.size()); @@ -130,51 +133,58 @@ public final class IkeMessageTest { } @Test - public void testThrowInvalidMajorVersionException() throws Exception { + public void testThrowUnsupportedCriticalPayloadException() throws Exception { byte[] inputPacket = TestUtils.hexStringToByteArray(IKE_SA_INIT_RAW_PACKET); - // Set major version 3. - inputPacket[VERSION_POSITION] = (byte) 0x30; - // Set Exchange type 0 - inputPacket[EXCHANGE_TYPE_POSITION] = (byte) 0x00; + // Set first payload unsupported critical + inputPacket[FIRST_PAYLOAD_TYPE_OFFSET] = (byte) 0xff; + inputPacket[IkeHeader.IKE_HEADER_LENGTH + PAYLOAD_CRITICAL_BIT_OFFSET] = (byte) 0x80; + IkeHeader header = new IkeHeader(inputPacket); try { IkeMessage.decode(header, inputPacket); fail( - "Expected InvalidMajorVersionException: major version is 3" - + "and packet length is 0"); - } catch (InvalidMajorVersionException expected) { - assertEquals(3, expected.receivedMajorVersion); + "Expected UnsupportedCriticalPayloadException: first" + + "payload is unsupported critical."); + } catch (UnsupportedCriticalPayloadException expected) { + assertEquals(1, expected.payloadTypeList.size()); } } @Test - public void testThrowInvalidSyntaxException() throws Exception { + public void testDecodeMessageWithTooShortPayloadLength() throws Exception { byte[] inputPacket = TestUtils.hexStringToByteArray(IKE_SA_INIT_RAW_PACKET); - // Set Exchange type 0 - inputPacket[EXCHANGE_TYPE_POSITION] = (byte) 0x00; + // Set first payload length to 0 + inputPacket[IkeHeader.IKE_HEADER_LENGTH + FIRST_PAYLOAD_LENGTH_OFFSET] = (byte) 0; + inputPacket[IkeHeader.IKE_HEADER_LENGTH + FIRST_PAYLOAD_LENGTH_OFFSET + 1] = (byte) 0; IkeHeader header = new IkeHeader(inputPacket); try { - IkeMessage.decode(header, inputPacket); - fail("Expected InvalidSyntaxException: packet length is 0"); + IkeMessage message = IkeMessage.decode(header, inputPacket); + fail("Expected InvalidSyntaxException: Payload length is too short."); } catch (InvalidSyntaxException expected) { } } @Test - public void testThrowUnsupportedCriticalPayloadException() throws Exception { + public void testDecodeMessageWithTooLongPayloadLength() throws Exception { byte[] inputPacket = TestUtils.hexStringToByteArray(IKE_SA_INIT_RAW_PACKET); - // Set first payload unsupported critical - inputPacket[FIRST_PAYLOAD_TYPE_POSITION] = (byte) 0xff; - inputPacket[IkeHeader.IKE_HEADER_LENGTH + PAYLOAD_CRITICAL_BIT_POSITION] = (byte) 0x80; + // Increase last payload length by one byte + inputPacket[IkeHeader.IKE_HEADER_LENGTH + LAST_PAYLOAD_LENGTH_OFFSET]++; + IkeHeader header = new IkeHeader(inputPacket); + try { + IkeMessage message = IkeMessage.decode(header, inputPacket); + fail("Expected InvalidSyntaxException: Payload length is too long."); + } catch (InvalidSyntaxException expected) { + } + } + @Test + public void testDecodeMessageWithExpectedBytesInTheEnd() throws Exception { + byte[] inputPacket = TestUtils.hexStringToByteArray(IKE_SA_INIT_RAW_PACKET + "0000"); IkeHeader header = new IkeHeader(inputPacket); try { - IkeMessage.decode(header, inputPacket); - fail( - "Expected UnsupportedCriticalPayloadException: first" - + "payload is unsupported critical."); - } catch (UnsupportedCriticalPayloadException expected) { - assertEquals(1, expected.payloadTypeList.size()); + IkeMessage message = IkeMessage.decode(header, inputPacket); + fail("Expected InvalidSyntaxException: Unexpected bytes in the end of packet."); + } catch (InvalidSyntaxException expected) { } } |