HIPL

Merge lp:~rene-hummen/hipl/midauth-hipd into lp:hipl

midauth-hipd
Merge into trunk

Proposed by René Hummen on 2011-07-19

Status:	Superseded
Proposed branch:	lp:~rene-hummen/hipl/midauth-hipd
Merge into:	lp:hipl
Diff against target:	1770 lines (+1191/-259) 25 files modified .bzrignore (+1/-0) Makefile.am (+16/-4) firewall/midauth.h (+2/-1) hipd/hipd.c (+2/-47) hipd/hipd.h (+3/-0) hipd/main.c (+84/-0) hipd/output.c (+0/-10) lib/core/builder.c (+8/-100) lib/core/builder.h (+0/-10) lib/core/protodefs.h (+0/-23) lib/core/solve.c (+1/-57) lib/core/solve.h (+1/-4) modules/heartbeat/Makefile.am (+1/-1) modules/heartbeat_update/Makefile.am (+1/-1) modules/midauth/Makefile.am (+32/-0) modules/midauth/hipd/midauth.c (+229/-0) modules/midauth/hipd/midauth.h (+34/-0) modules/midauth/lib/midauth_builder.c (+184/-0) modules/midauth/lib/midauth_builder.h (+79/-0) modules/midauth/module_info.xml (+47/-0) modules/update/Makefile.am (+1/-1) test/check_modules_midauth.c (+46/-0) test/modules/midauth/hipd/midauth.c (+120/-0) test/modules/midauth/lib/midauth_builder.c (+265/-0) test/modules/midauth/test_suites.h (+34/-0)
To merge this branch:	bzr merge lp:~rene-hummen/hipl/midauth-hipd
Related bugs:	Link a bug report

Reviewer	Date Requested	Status
Stefan Götz (community)		Needs Fixing on 2011-08-04
Diego Biurrun	2011-07-19	Needs Fixing on 2011-07-25
Christof Mroz		Approve on 2011-07-22
Review via email: mp+68431@code.launchpad.net

This proposal has been superseded by a proposal from 2011-08-08.

Description of the change

This branch re-implements the hipd-related part of http://tools.ietf.org/html/draft-heer-hip-middle-auth-02. I moved the existing functionality from the respective files in HIPL into modules/midauth as a basis for the re-implementation.

Short intro to HIP middlebox authentication:
1) The firewall intercepts R1, I2, U1 and U2 messages and adds a nonce that needs to be echoed back to the firewall by the respective end-host in the signed part of the reply. This enables the firewall to evaluate the freshness of the exchange.
2) In order to mitigate DoS attacks targeting the signature verification at the firewall, the nonce is additionally used as the input for a puzzle that the end-host needs to solve and send back to the firewall in the reply as well.

Review guidance:
1) I have broken down the midauth code into hipd- and firewall-related functionality. Hopefully, this will decrease the review effort.
2) You can ignore the code removed in hipd/*.c. This code has been moved to modules/midauth and has mostly been rewritten.
3) modules/midauth/lib/*.c contains functions that are either used by the hipd or the firewall. I will move these functions as close to the caller as possible as soon as both the hipd- and the firewall-related (next merge request) code have been merged to trunk. I already have the commit in one of my local branches. This fact should not cause any review pain though.
4) There are no unit-tests for the hipd-related functionality as of now. However, we have tested the code extensively in three demos and I will add the tests at a later point in time.

Revision history for this message

Diego Biurrun (diego-biurrun) wrote on 2011-07-19:

review needs-fixing

review: Needs Fixing

lp:~rene-hummen/hipl/midauth-hipd updated on 2011-07-21

6021. By Diego Biurrun on 2011-07-20

Fix moduels ---> modules typo.

6022. By Diego Biurrun on 2011-07-20

build: clean up .bzrignore

Restore alphabetical order, remove duplicates, use wildcard for config.foo
entries, do not globally ignore .lo and .la files.

6023. By Diego Biurrun on 2011-07-21

create_ecdsa_key(): bandaid compilation fix for gcc 4.6

The err variable was write-only since the function returns EC_KEY* and not int.
Change err variable to type EC_KEY* and return it instead of NULL.

6024. By Diego Biurrun on 2011-07-21

cosmetics: remove some unnecessary parentheses from pointer expressions

The struct member selection operators '.' and '->' have higher precedence than
the address operator '&'. Remove parentheses made unnecessary by this order
in cases where they add no readability or even impair readability.

6025. By René Hummen on 2011-07-21

replace code with hip_ifel abuse

6026. By Diego Biurrun on 2011-07-21

doxygen: exclude directory generated by 'make dist' from list of source files

6027. By Diego Biurrun on 2011-07-21

build: ignore directory generated by 'make dist'

6028. By Diego Biurrun on 2011-07-21

Merge vestigial locking macros removal branch.

Revision history for this message

Christof Mroz (christof-mroz) wrote on 2011-07-22:

Aside from Diego's comment's, it looks good to me. Minor point:

> + static const size_t min_length = sizeof(*request)
> + - sizeof(request->tlv)
> + - sizeof(request->opaque);

This exact same computation is used in other functions, so it could be refactored into a global... But OTOH this is unlikely to change anyway.

More ideally, a separate branch could rewrite all HIPL structures to utilize zero-length arrays (a C99 feature AFAIK), which would lead to a simpler length calculations and more flexibility when working with preallocated packet buffers (by not fixing their length in the struct itself).
This was already briefly discussed on the list before though.

review: Approve

Revision history for this message

René Hummen (rene-hummen) wrote on 2011-07-25:

On 23.07.2011, at 00:59, Christof Mroz wrote:
> Review: Approve
> Aside from Diego's comment's, it looks good to me. Minor point:
>
>> + static const size_t min_length = sizeof(*request)
>> + - sizeof(request->tlv)
>> + - sizeof(request->opaque);
>
> This exact same computation is used in other functions, so it could be refactored into a global... But OTOH this is unlikely to change anyway.

This code is just repeated once for request and response respectively. I'm leaving it as it is.

René

--
Dipl.-Inform. Rene Hummen, Ph.D. Student
Chair of Communication and Distributed Systems
RWTH Aachen University, Germany
tel: +49 241 80 20772
web: http://www.comsys.rwth-aachen.de/team/rene-hummen/

Revision history for this message

René Hummen (rene-hummen) wrote on 2011-07-25:

Diego, I have addressed the issues that you mentioned. Can you please approve the merge or give further feedback.

Revision history for this message

Diego Biurrun (diego-biurrun) wrote on 2011-07-25:

On Mon, Jul 25, 2011 at 09:06:20AM +0000, René Hummen wrote:
> Diego, I have addressed the issues that you mentioned.

Where? I have not seen any commits from you nor an updated merge
proposal...

Diego

Revision history for this message

Diego Biurrun (diego-biurrun) wrote on 2011-07-25:

Download full text (3.5 KiB)

review needs-fixing

On Tue, Jul 19, 2011 at 05:18:19PM +0000, René Hummen wrote:
> René Hummen has proposed merging lp:~rene-hummen/hipl/midauth-hipd into lp:hipl.
>
> --- modules/midauth/hipd/midauth.c 1970-01-01 00:00:00 +0000
> +++ modules/midauth/hipd/midauth.c 2011-07-19 17:18:04 +0000
> @@ -0,0 +1,257 @@
> +
> +#include <errno.h>
> +#include <string.h>

You should add stdint.h for the POSIX integer types you use.

> +/**
> + * Handle the CHALLENGE_REQUEST parameter.
> + *
> + * @param packet_type The packet type of the control message (RFC 5201, 5.3.)
> + * @param ha_state The host association state (RFC 5201, 4.4.1.)
> + * @param ctx Pointer to the packet context, containing all information for
> + * the packet handling (received message, source and destination
> + * address, the ports and the corresponding entry from the host
> + * association database).

nit: The one-space indentation for the description block looks weird.

more below

HIP_IFEL abuse

> --- modules/midauth/lib/midauth_builder.c 1970-01-01 00:00:00 +0000
> +++ modules/midauth/lib/midauth_builder.c 2011-07-19 17:18:04 +0000
> @@ -0,0 +1,199 @@
> +
> +#include <string.h>

stdint.h

nit: These would IMO look slightly more readable with the '-' at the
end of the line.

review needs-fixing

On Tue, Jul 19, 2011 at 05:18:19PM +0000, René Hummen wrote:
> René Hummen has proposed merging lp:~rene-hummen/hipl/midauth-hipd into lp:hipl.
> 
> --- modules/midauth/hipd/midauth.c	1970-01-01 00:00:00 +0000
> +++ modules/midauth/hipd/midauth.c	2011-07-19 17:18:04 +0000
> @@ -0,0 +1,257 @@
> +
> +#include <errno.h>
> +#include <string.h>

You should add stdint.h for the POSIX integer types you use.

> +/**
> + * Handle the CHALLENGE_REQUEST parameter.
> + *
> + * @param packet_type The packet type of the control message (RFC 5201, 5.3.)
> + * @param ha_state The host association state (RFC 5201, 4.4.1.)
> + * @param ctx Pointer to the packet context, containing all information for
> + *             the packet handling (received message, source and destination
> + *             address, the ports and the corresponding entry from the host
> + *             association database).

nit: The one-space indentation for the description block looks weird.

more below

> +int hip_midauth_init(void)
> +{
> +    int err = 0;
> +
> +    HIP_IFEL(lmod_register_parameter_type(HIP_PARAM_CHALLENGE_REQUEST,
> +                                          "HIP_PARAM_CHALLENGE_REQUEST"),
> +             -1, "failed to register parameter type\n");
> +    HIP_IFEL(lmod_register_parameter_type(HIP_PARAM_CHALLENGE_RESPONSE,
> +                                          "HIP_PARAM_CHALLENGE_RESPONSE"),
> +             -1, "failed to register parameter type\n");
> +
> +    HIP_IFEL(hip_register_handle_function(HIP_UPDATE,
> +                                          HIP_STATE_R2_SENT,
> +                                          &hip_add_host_id_param_update,
> +                                          20750),
> +             -1, "Error on registering MIDAUTH handle function.\n");
> +    HIP_IFEL(hip_register_handle_function(HIP_UPDATE,
> +                                          HIP_STATE_ESTABLISHED,
> +                                          &hip_add_host_id_param_update,
> +                                          20750),
> +             -1, "Error on registering MIDAUTH handle function.\n");
> +
> +out_err:
> +    return err;
> +}

HIP_IFEL abuse

> --- modules/midauth/lib/midauth_builder.c	1970-01-01 00:00:00 +0000
> +++ modules/midauth/lib/midauth_builder.c	2011-07-19 17:18:04 +0000
> @@ -0,0 +1,199 @@
> +
> +#include <string.h>

stdint.h

> +    static const size_t min_length = sizeof(*request)
> +                                     - sizeof(request->tlv)
> +                                     - sizeof(request->opaque);
> +
> +
> +    static const size_t min_length = sizeof(response)
> +                                     - sizeof(response.tlv)
> +                                     - sizeof(response.opaque);

nit: These would IMO look slightly more readable with the '-' at the
end of the line.

> +    /* note: the length cannot be calculated with calc_param_len() */
> +    hip_set_param_contents_len(&response.tlv, min_length + opaque_len);
> +    hip_set_param_type(&response.tlv, HIP_PARAM_CHALLENGE_RESPONSE);
> +
> +    memcpy(response.J, val_J, PUZZLE_LENGTH);
> +    response.K        = request->K;
> +    response.lifetime = request->lifetime;
> +    memcpy(response.opaque, request->opaque, opaque_len);
> +
> +    HIP_IFEL(hip_build_param(msg, &response), -1, "failed to build parameter\n");
> +
> +out_err:
> +    return err;
> +}

more HIP_IFEL abuse

> +/**
> + * Compute length of opaque field in CHALLENGE_RESPONSE parameter

I would end sentences in a period in Doxygen comments; here and
everywhere else.

Diego

review: Needs Fixing

lp:~rene-hummen/hipl/midauth-hipd updated on 2011-07-29

6029. By Diego Biurrun on 2011-07-28

uncrustify: force END_TEST to be treated as macro-close token

This allows uncrustify to deal with the unit test code without completely
messing up its formatting.

6030. By Diego Biurrun on 2011-07-28

unit tests: reformat struct declaration in a way that survives uncrustify

6031. By Diego Biurrun on 2011-07-28

stylecheck: fix description of this pre-commit hook's dependencies

There is nothing GNU in the way diff/patch are used; mention both diff and
patch as dependencies; remove some stray trailing whitespace.

6032. By Diego Biurrun on 2011-07-28

cosmetics: drop some redundant ';' pointed out by uncrustify; merge two lines

6033. By Diego Biurrun on 2011-07-28

stylecheck.py: fix some typos

6034. By Diego Biurrun on 2011-07-29

cosmetics: fix some incorrect spacing found while playing with uncrustify

Revision history for this message

Stefan Götz (stefan.goetz-deactivatedaccount) wrote on 2011-07-30:

Download full text (11.2 KiB)

Hi Rene!

> 4) There are no unit-tests for the hipd-related functionality as of now.
> However, we have tested the code extensively in three demos and I will add the
> tests at a later point in time.

Sorry, but I'm skeptical :-) As per our current policy, I cannot approve this without unit tests.

> === modified file 'firewall/midauth.h'
> === modified file 'lib/core/solve.c'
> === modified file 'lib/core/solve.h'

Please don't forget to update the Copyright dates when you modify files with
Copyright headers. Scatterbrains like myself may want to try out the pre-commit
hook in https://code.launchpad.net/~stefan.goetz/hipl/commitguard that
automatically checks for that.

> === added file 'modules/midauth/Makefile.am'

This file lacks a copyright statement.

> === added file 'modules/midauth/hipd/midauth.c'
> +/**
> + * Handle the CHALLENGE_REQUEST parameter.
> + *
> + * @param packet_type The packet type of the control message (RFC 5201, 5.3.)
> + * @param ha_state The host association state (RFC 5201, 4.4.1.)
> + * @param ctx Pointer to the packet context, containing all information for
> + * the packet handling (received message, source and destination
> + * address, the ports and the corresponding entry from the host
> + * association database).
> + *
> + * @return zero if the challenge was processed correctly or no challenge was
> + * attached to the packet, negative value otherwise

So it is not an error for a CHALLENGE_REQUEST parameter to be present but an actual challenge to be missing at the same time? Sounds like a protocol violation to me, though I haven't checked the RFC.

> +static int handle_challenge_request_param(UNUSED const uint8_t packet_type,
> + UNUSED const uint32_t ha_state,
> + struct hip_packet_context *ctx)

[M] policy: please ensure full const correctness for the 'ctx' function argument

> +{
> + const struct hip_challenge_request *request = NULL;
> +
> + request = hip_get_param(ctx->input_msg, HIP_PARAM_CHALLENGE_REQUEST);
> + if (!request) {
> + return 0;
> + }
> + // each on-path middlebox may add a challenge on its own
> + do {

> + // process next challenge parameter, if available
> + request = (const struct hip_challenge_request *)
> + hip_get_next_param(ctx->input_msg, &request->tlv);
> + } while (request && hip_get_param_type(request) == HIP_PARAM_CHALLENGE_REQUEST);

[L] simplicity: the 'if' check for '!request' and its extra 'return' statement could be avoided if a 'while(){}' loop was used instead of the 'do {} while ()' loop. That would make the code more readable in my opinion.

Hi Rene!

> 4) There are no unit-tests for the hipd-related functionality as of now.
> However, we have tested the code extensively in three demos and I will add the
> tests at a later point in time.

Sorry, but I'm skeptical :-) As per our current policy, I cannot approve this without unit tests.

> === modified file 'firewall/midauth.h'
> === modified file 'lib/core/solve.c'
> === modified file 'lib/core/solve.h'

> === added file 'modules/midauth/Makefile.am'

This file lacks a copyright statement.

> === added file 'modules/midauth/hipd/midauth.c'
> +/**
> + * Handle the CHALLENGE_REQUEST parameter.
> + *
> + * @param packet_type The packet type of the control message (RFC 5201, 5.3.)
> + * @param ha_state The host association state (RFC 5201, 4.4.1.)
> + * @param ctx Pointer to the packet context, containing all information for
> + *             the packet handling (received message, source and destination
> + *             address, the ports and the corresponding entry from the host
> + *             association database).
> + *
> + * @return zero if the challenge was processed correctly or no challenge was
> + * attached to the packet, negative value otherwise

So it is not an error for a CHALLENGE_REQUEST parameter to be present but an actual challenge to be missing at the same time? Sounds like a protocol violation to me, though I haven't checked the RFC.

> +static int handle_challenge_request_param(UNUSED const uint8_t packet_type,
> +                                          UNUSED const uint32_t ha_state,
> +                                          struct hip_packet_context *ctx)

[M] policy: please ensure full const correctness for the 'ctx' function argument

> +{
> +    const struct hip_challenge_request *request = NULL;
> +
> +    request = hip_get_param(ctx->input_msg, HIP_PARAM_CHALLENGE_REQUEST);
> +    if (!request) {
> +        return 0;
> +    }
> +    // each on-path middlebox may add a challenge on its own
> +    do {

> +        // process next challenge parameter, if available
> +        request = (const struct hip_challenge_request *)
> +                  hip_get_next_param(ctx->input_msg, &request->tlv);
> +    } while (request && hip_get_param_type(request) == HIP_PARAM_CHALLENGE_REQUEST);

> +/**
> + * Add a HOST_ID parameter corresponding to the local HIT of the association to
> + * an UPDATE packet.
> + *
> + * @param packet_type The packet type of the control message (RFC 5201, 5.3.)
> + * @param ha_state The host association state (RFC 5201, 4.4.1.)
> + * @param ctx Pointer to the packet context, containing all information for
> + *             the packet handling (received message, source and destination
> + *             address, the ports and the corresponding entry from the host
> + *             association database).
> + *
> + * @return zero on success, negative value otherwise
> + */
> +static int add_host_id_param_update(UNUSED const uint8_t packet_type,
> +                                    UNUSED const uint32_t ha_state,
> +                                    struct hip_packet_context *ctx)

[M] policy: please ensure full const correctness for the 'ctx' function argument

> +{
> +    const struct hip_challenge_request *challenge_request = NULL;
> +    struct local_host_id               *host_id_entry     = NULL;
> +
> +    challenge_request = hip_get_param(ctx->input_msg,
> +                                      HIP_PARAM_CHALLENGE_REQUEST);

[L] const correctness paranoia: by merging the declaration and assignment of 'challenge_request', it could be declared as a 'const' pointer.
[L] 'local_host_id' is only used within the 'if' scope below - thus it should be declared within that scope, not outside of it.

> +    // add HOST_ID to packets containing a CHALLENGE_RESPONSE
> +    if (challenge_request) {
> +        if (!(host_id_entry = hip_get_hostid_entry_by_lhi_and_algo(HIP_DB_LOCAL_HID,
> +                                                                   &ctx->input_msg->hitr,
> +                                                                   HIP_ANY_ALGO,
> +                                                                   -1))) {
> +            HIP_ERROR("Unknown HIT\n");
> +            return -1;
> +        }
> +
> +        if (hip_build_param_host_id(ctx->output_msg, &host_id_entry->host_id)) {
> +            HIP_ERROR("Building of host id failed\n");
> +            return -1;
> +        }
> +    }
> +
> +    return 0;
> +}
> +

> === added file 'modules/midauth/lib/midauth_builder.c'
> +/**
> + * Build and append a HIP CHALLENGE_REQUEST to the message.
> + *
> + * @param msg           the message where the CHALLENGE_REQUEST is appended
> + * @param val_K         the difficulty for the CHALLENGE_REQUEST

[M] is there an important reason for this cryptic name? I would find 'difficulty' much more intuitive. What are the semantics of this value? The sentence 'difficulty for the CHALLENGE_REQUEST' does not really document anything much, i.e., after reading it, I still don't know how to use this function.

> + * @param lifetime      lifetime of the CHALLENGE_REQUEST

[M] same as above: what are the semantics of 'lifetime'? At least: in which unit/interval does it need to be specified?

> + * @param opaque        the opaque data of the CHALLENGE_REQUEST

[M] same as above: huh?

> + * @param opaque_len    the length of the opaque data
> + *
> + * @return zero for success, or non-zero on error
> + */
> +int hip_build_param_challenge_request(struct hip_common *msg,
> +                                      uint8_t val_K,
> +                                      uint8_t lifetime,
> +                                      uint8_t *opaque,
> +                                      uint8_t opaque_len)

[M] policy: lack of const correctness.

> +{
> +    struct hip_challenge_request request;
> +
> +    HIP_ASSERT(val_K <= 8);

[L] some justification of this assertion would be useful to the reader.

> +/**
> + * Build and append a HIP CHALLENGE_RESPONSE into the message.

[L] nit: 'append to' instead of 'append into'

> + * @param msg       the message where the CHALLENGE_RESPONSE is appended
> + * @param request   the corresponding CHALLENGE_REQUEST parameter
> + * @param val_J     value for the solution (in host byte order)

[M] cryptic "documentation", please provide more helpful information.

> + * @return zero for success, or non-zero on error
> + */
> +int hip_build_param_challenge_response(struct hip_common *msg,
> +                                       const struct hip_challenge_request *request,
> +                                       uint8_t val_J[PUZZLE_LENGTH])

[M] policy: lack of const correctness

> +{
> +    struct hip_challenge_response response;
> +    int                           opaque_len = 0;
> +    int                           err        = 0;
> +
> +    opaque_len = hip_challenge_request_opaque_len(request);

[L] const correctness paranoia: by merging the declaration and assignment of 'opaque_len', it could be declared as 'const'.

> +
> +    static const size_t min_length = sizeof(response)
> +                                     - sizeof(response.tlv)
> +                                     - sizeof(response.opaque);
> +
> +    /* note: the length cannot be calculated with calc_param_len() */
> +    hip_set_param_contents_len(&response.tlv, min_length + opaque_len);
> +    hip_set_param_type(&response.tlv, HIP_PARAM_CHALLENGE_RESPONSE);
> +
> +    memcpy(response.J, val_J, PUZZLE_LENGTH);
> +    response.K        = request->K;
> +    response.lifetime = request->lifetime;
> +    memcpy(response.opaque, request->opaque, opaque_len);
> +
> +    HIP_IFEL(hip_build_param(msg, &response), -1, "failed to build parameter\n");

[L] HIP_IFEL() abuse

> +
> +out_err:
> +    return err;
> +}
> +
> +/**
> + * Compute length of opaque field in CHALLENGE_RESPONSE parameter
> + *
> + * @param response  the CHALLENGE_RESPONSE parameter
> + * @return length of the opaque field
> + */
> +uint8_t hip_challenge_response_opaque_len(const struct hip_challenge_response *response)

[M] lack of const correctness

> +{
> +    static const size_t min_len = sizeof(*response) -
> +                                  sizeof(response->tlv) -
> +                                  sizeof(response->opaque);
> +
> +    return hip_get_param_contents_len(&response->tlv) - min_len;

[L] Personally, I don't like the unchecked implicit cast of the result of this subtraction to 'uint8_t' - it might lead to over/underflows. Also, I don't see the point of the return type of this function being 'uint8_t' - the function returns a length so shouldn't the return type be 'unsigned'?

> +/**
> + * Compute length of opaque field in CHALLENGE_REQUEST parameter
> + *
> + * @param request  the CHALLENGE_REQUEST parameter
> + * @return length of the opaque field
> + */
> +uint8_t hip_challenge_request_opaque_len(const struct hip_challenge_request *request)

[M] lack of const correctness
> +{
> +    static const size_t min_len = sizeof(*request) -
> +                                  sizeof(request->tlv) -
> +                                  sizeof(request->opaque);
> +
> +    return hip_get_param_contents_len(&request->tlv) - min_len;
> +}

[L] same 'uint8_t' issues as above

> +/**
> + * Convert opaque value in the CHALLENGE_REQUEST to seed value I of a HIP puzzle
> + *
> + * @param opaque            the opaque value in the CHALLENGE_REQUEST
> + * @param opaque_len        length of the opaque value
> + * @param[out] puzzle_value the generated puzzle value
> + * @return zero on success, -1 in case of an error
> + */

[L] I don't find this documentation particularly helpful. Please also use full English sentences for readability and clarity.

[M] consistency: please do not use doxygen's [in]/[out] tags - this has been discussed before on the list.

> +int hip_midauth_puzzle_seed(const uint8_t opaque[],
> +                            const uint8_t opaque_len,
> +                            uint8_t puzzle_value[PUZZLE_LENGTH])

[M] lack of const correctness

> +{
> +    unsigned char sha_digest[SHA_DIGEST_LENGTH];
> +
> +    // the hashed opaque field is used as puzzle seed
> +    if (hip_build_digest(HIP_DIGEST_SHA1,
> +                         opaque,
> +                         opaque_len,
> +                         sha_digest)) {
> +        HIP_ERROR("Building of SHA1 Random seed I failed\n");

[L] nit: 'random'

> === added file 'modules/midauth/lib/midauth_builder.h'
> --- modules/midauth/lib/midauth_builder.h	1970-01-01 00:00:00 +0000
> +++ modules/midauth/lib/midauth_builder.h	2011-07-25 08:58:34 +0000
> @@ -0,0 +1,86 @@
> +/*
> + * Copyright (c) 2010 Aalto University and RWTH Aachen University.

[L] the year seems odd - maybe 2010-2011?

> +//
> +// TODO: flexible arrays

[L] what do you mean? If no one but the original implementer understands this comment, it should either be elaborated or removed.

Stefan

review: Needs Fixing

Revision history for this message

Christof Mroz (christof-mroz) wrote on 2011-07-30:

On Sat, 30 Jul 2011 17:01:37 +0200, Stefan Götz
<email address hidden> wrote:

>> +{
>> + const struct hip_challenge_request *request = NULL;
>> +
>> + request = hip_get_param(ctx->input_msg,
>> HIP_PARAM_CHALLENGE_REQUEST);
>> + if (!request) {
>> + return 0;
>> + }
>> + // each on-path middlebox may add a challenge on its own
>> + do {
>
>> + // process next challenge parameter, if available
>> + request = (const struct hip_challenge_request *)
>> + hip_get_next_param(ctx->input_msg, &request->tlv);
>> + } while (request && hip_get_param_type(request) ==
>> HIP_PARAM_CHALLENGE_REQUEST);
>
> [L] simplicity: the 'if' check for '!request' and its extra 'return'
> statement could be avoided if a 'while(){}' loop was used instead of the
> 'do {} while ()' loop. That would make the code more readable in my
> opinion.

Could you elaborate? I originally wrote it this way because of the
"asymmetry" between hip_get_param() and hip_get_next_param().

Revision history for this message

Stefan Götz (stefan.goetz-deactivatedaccount) wrote on 2011-07-31:

> Could you elaborate? I originally wrote it this way because of the
> "asymmetry" between hip_get_param() and hip_get_next_param().

Something like:

request = hip_get_param(ctx->input_msg, HIP_PARAM_CHALLENGE_REQUEST);
while (request && hip_get_param_type(request) == HIP_PARAM_CHALLENGE_REQUEST) {
    [...]
    request = (const struct hip_challenge_request *)
              hip_get_next_param(ctx->input_msg, &request->tlv);
}

Perfectly valid, but less common would also be

for (request = hip_get_param(ctx->input_msg, HIP_PARAM_CHALLENGE_REQUEST); request && hip_get_param_type(request) == HIP_PARAM_CHALLENGE_REQUEST; request = (const struct hip_challenge_request *) hip_get_next_param(ctx->input_msg, &request->tlv)) {
[...]
}

Stefan

lp:~rene-hummen/hipl/midauth-hipd updated on 2011-08-01

6035. By Diego Biurrun on 2011-08-01: INSTALL: add a short sentence on contributing; mention HACKING

Revision history for this message

Diego Biurrun (diego-biurrun) wrote on 2011-08-01:

On Sat, Jul 30, 2011 at 03:01:37PM +0000, Stefan Götz wrote:
>
> > === added file 'modules/midauth/Makefile.am'
>
> This file lacks a copyright statement.

All subdirectory Makefile.am snippets do. It is part of the modularization
silliness. I have a patch pending that merges the snippets into the
top-level Makefile.am.

Diego

lp:~rene-hummen/hipl/midauth-hipd updated on 2011-08-02

6036. By Diego Biurrun on 2011-08-01

Drop unnecessary return statements at the end of void functions.

6037. By Miika Komu on 2011-08-02

Added a note on an experimental bzr hook to the HACKING file

Stefan Götz has developed a pre-commit hook for the Copyright. While
the pre-commit has not been merged yet, it pops up on the mailing list
every now and then. Therefore, I decided to note it on the HACKING
instructions and advocate Stefan to merge it!

Revision history for this message

René Hummen (rene-hummen) wrote on 2011-08-03:

Thanks for your extensive review!

On 30.07.2011, at 17:01, Stefan Götz wrote:
> Review: Needs Fixing
> Hi Rene!
>
>> 4) There are no unit-tests for the hipd-related functionality as of now.
>> However, we have tested the code extensively in three demos and I will add the
>> tests at a later point in time.
>
> Sorry, but I'm skeptical :-) As per our current policy, I cannot approve this without unit tests.

Well, you are right. I'll add them now.

>> === modified file 'firewall/midauth.h'
>> === modified file 'lib/core/solve.c'
>> === modified file 'lib/core/solve.h'
>
> Please don't forget to update the Copyright dates when you modify files with
> Copyright headers. Scatterbrains like myself may want to try out the pre-commit
> hook in https://code.launchpad.net/~stefan.goetz/hipl/commitguard that
> automatically checks for that.

I just started using your commit guard after finishing this branch. Future commit should be bullet proof.

>> +static int handle_challenge_request_param(UNUSED const uint8_t packet_type,
>> + UNUSED const uint32_t ha_state,
>> + struct hip_packet_context *ctx)
>
> [M] policy: please ensure full const correctness for the 'ctx' function argument

Handle functions currently require the non-constness. This should be fixed in trunk.

>> +int hip_midauth_puzzle_seed(const uint8_t opaque[],
>> + const uint8_t opaque_len,
>> + uint8_t puzzle_value[PUZZLE_LENGTH])
>
> [M] lack of const correctness

I don't know how to make this more const correct. The prototype uses the pointer notation with complete const-correctness instead of arrays though.

René

lp:~rene-hummen/hipl/midauth-hipd updated on 2011-08-03

6038. By Diego Biurrun on 2011-08-03: Merge uncrustify improvements branch.

Revision history for this message

René Hummen (rene-hummen) wrote on 2011-08-04:

On 30.07.2011, at 17:01, Stefan Götz wrote:

> Review: Needs Fixing
> Hi Rene!
>
>> 4) There are no unit-tests for the hipd-related functionality as of now.
>> However, we have tested the code extensively in three demos and I will add the
>> tests at a later point in time.
>
> Sorry, but I'm skeptical :-) As per our current policy, I cannot approve this without unit tests.

I have added unit tests for all but the function below:

static int add_host_id_param_update(UNUSED const uint8_t packet_type,
UNUSED const uint32_t ha_state,
struct hip_packet_context *ctx)

The problem here is that hip_init_host_ids() is needed to set up the host id db for host id lookup within add_host_id_param_update(). However, hip_init_host_ids() requires root access to the file system. I have appended the unit test that I have written already, but is not included in my latest changes due to the restrictions I just explained.

START_TEST(test_midauth_add_host_id_param_update_CORRECT)
{
    const uint8_t opaque[] = "\x01\x41\x01\x14\x05\x00\x48\x49\x0b"
                              "\x02\x42\x02\x15\x06\x08\x49\x50\x0c";
    struct hip_packet_context ctx = { 0 };

ctx.input_msg = hip_msg_alloc();
ctx.output_msg = hip_msg_alloc();

    hip_init_hostid_db();
    hip_init_host_ids();
    hip_get_default_hit(&ctx.input_msg->hitr);

    fail_unless(hip_build_param_challenge_request(ctx.input_msg, 0, 0, opaque,
                                                  MIDAUTH_DEFAULT_NONCE_LENGTH) ==
                0, NULL);
    fail_unless(add_host_id_param_update(0, 0, &ctx) == 0, NULL);
    fail_unless((hip_get_param(ctx.output_msg,
                                         HIP_PARAM_HOST_ID)) != NULL,
                    NULL);
}
END_TEST

Ciao,
René

On 30.07.2011, at 17:01, Stefan Götz wrote:

> Review: Needs Fixing
> Hi Rene!
> 
>> 4) There are no unit-tests for the hipd-related functionality as of now.
>> However, we have tested the code extensively in three demos and I will add the
>> tests at a later point in time.
> 
> Sorry, but I'm skeptical :-) As per our current policy, I cannot approve this without unit tests.

I have added unit tests for all but the function below:

static int add_host_id_param_update(UNUSED const uint8_t packet_type,
                                    UNUSED const uint32_t ha_state,
                                    struct hip_packet_context *ctx)

ctx.input_msg = hip_msg_alloc();
    ctx.output_msg = hip_msg_alloc();

hip_init_hostid_db();
    hip_init_host_ids();
    hip_get_default_hit(&ctx.input_msg->hitr);

Ciao,
René

Revision history for this message

Stefan Götz (stefan.goetz-deactivatedaccount) wrote on 2011-08-04:

Download full text (4.3 KiB)

Hi Rene!

Thanks for all the not so trivial improvements! Almost happy now :)

> === modified file 'Makefile.am'
> --- Makefile.am 2011-07-11 12:50:33 +0000
> +++ Makefile.am 2011-08-04 17:15:48 +0000
> @@ -215,10 +220,16 @@
> test/lib/tool/checksum.c \
> test/lib/tool/pk.c
>
> +test_check_modules_midauth_SOURCES = test/check_modules_midauth.c \
> + test/modules/midauth/lib/midauth_builder.c \
> + test/modules/midauth/hipd/midauth.c \
> + $(hipd_hipd_sources)
> +
> # Include module Makefile.am's.
> # TODO: Make this inclusion dynamic
> include modules/heartbeat/Makefile.am
> include modules/heartbeat_update/Makefile.am
> +include modules/midauth/Makefile.am
> include modules/update/Makefile.am

[L] I think with Diego's recent change, the contents of the module Makefile.am should be moved into the top-level Makefile.am? Not sure.

> === added file 'modules/midauth/hipd/midauth.c'
> +/**
> + * Initialization function for the midauth module.
> + *
> + * @return zero on success, negative value otherwise
> + */
> +int hip_midauth_init(void)

[L] I don't like the code duplication in this function very much, even if it's just boiler plate code. Here are some optional suggestions for improvement.

> +{
> + int err = 0;

[L] Get rid of this and don't use HIP_IFEL at all because there is no cleanup.

> +
> + HIP_IFEL(lmod_register_parameter_type(HIP_PARAM_CHALLENGE_REQUEST,
> + "HIP_PARAM_CHALLENGE_REQUEST"),
> + -1, "failed to register parameter type\n");
> + HIP_IFEL(lmod_register_parameter_type(HIP_PARAM_CHALLENGE_RESPONSE,
> + "HIP_PARAM_CHALLENGE_RESPONSE"),
> + -1, "failed to register parameter type\n");

[L] Is the second parameter always the string version of the the first? If so, a macro with stringification would avoid that duplication.

Unmerged revisions

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

HIPL core team

René Hummen

 === modified file '.bzrignore'
 --- .bzrignore	2011-07-21 17:27:23 +0000
 +++ .bzrignore	2011-08-05 09:02:54 +0000
@@ -56,6 +56,7 @@
  test/check_firewall
  test/check_lib_core
  test/check_lib_tool
++test/check_modules_midauth
  test/dh_performance
  test/fw_port_bindings_performance
  test/hc_performance
 === modified file 'Makefile.am'
 --- Makefile.am	2011-05-25 09:26:26 +0000
 +++ Makefile.am	2011-08-05 09:02:54 +0000
@@ -70,10 +70,12 @@
  if HIP_UNITTESTS
  TESTS           = test/check_firewall \
                    test/check_lib_core \
--                  test/check_lib_tool
++                  test/check_lib_tool \
++                  test/check_modules_midauth
  check_PROGRAMS  = test/check_firewall \
                    test/check_lib_core \
--                  test/check_lib_tool
++                  test/check_lib_tool \
++                  test/check_modules_midauth
  endif
@@ -91,7 +93,7 @@
  tools_hipconf_SOURCES  = tools/hipconf.c
  tools_pisacert_SOURCES = tools/pisacert.c
--hipd_hipd_SOURCES = hipd/accessor.c              \
++hipd_hipd_sources = hipd/accessor.c              \
                      hipd/cert.c                  \
                      hipd/close.c                 \
                      hipd/configfilereader.c      \
@@ -122,9 +124,12 @@
                      hipd/user_ipsec_sadb_api.c
  if HIP_MIDAUTH
--hipd_hipd_SOURCES +=  hipd/pisa.c
++hipd_hipd_sources += hipd/pisa.c
  endif
++hipd_hipd_SOURCES = $(hipd_hipd_sources)        \
++                    hipd/main.c
++
  firewall_hipfw_sources = firewall/cache.c               \
                           firewall/dlist.c               \
                           firewall/esp_prot_api.c        \
@@ -214,10 +219,16 @@
                                test/lib/tool/checksum.c       \
                                test/lib/tool/pk.c
++test_check_modules_midauth_SOURCES = test/check_modules_midauth.c               \
++                                     test/modules/midauth/lib/midauth_builder.c \
++                                     test/modules/midauth/hipd/midauth.c        \
++                                     $(hipd_hipd_sources)
++
  # Include module Makefile.am's.
  # TODO: Make this inclusion dynamic
  include modules/heartbeat/Makefile.am
  include modules/heartbeat_update/Makefile.am
++include modules/midauth/Makefile.am
  include modules/update/Makefile.am
  ### static library dependencies ###
@@ -228,6 +239,7 @@
  test_check_firewall_LDADD                = lib/core/libhipcore.la
  test_check_lib_core_LDADD                = lib/core/libhipcore.la
  test_check_lib_tool_LDADD                = lib/core/libhipcore.la
++test_check_modules_midauth_LDADD         = lib/core/libhipcore.la
  test_certteststub_LDADD                  = lib/core/libhipcore.la
  test_dh_performance_LDADD                = lib/core/libhipcore.la
  test_fw_port_bindings_performance_LDADD  = lib/core/libhipcore.la
 === modified file 'firewall/midauth.h'
 --- firewall/midauth.h	2011-04-20 09:10:18 +0000
 +++ firewall/midauth.h	2011-08-05 09:02:54 +0000
@@ -1,5 +1,5 @@
  /*
-- * Copyright (c) 2010 Aalto University and RWTH Aachen University.
++ * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University.
+  *
   * Permission is hereby granted, free of charge, to any person
   * obtaining a copy of this software and associated documentation
@@ -36,6 +36,7 @@
  #include <stdint.h>
  #include "lib/core/protodefs.h"
++#include "modules/midauth/lib/midauth_builder.h"
  #include "firewall_defines.h"
  typedef int (*midauth_handler)(struct hip_fw_context *ctx);
 === modified file 'hipd/hipd.c'
 --- hipd/hipd.c	2011-05-16 11:39:06 +0000
 +++ hipd/hipd.c	2011-08-05 09:02:54 +0000
@@ -205,7 +205,7 @@
   * @param flags pointer to the startup flags container
   * @return      nonzero if the caller should exit, 0 otherwise
   */
--static int hipd_parse_cmdline_opts(int argc, char *argv[], uint64_t *flags)
++int hipd_parse_cmdline_opts(int argc, char *argv[], uint64_t *flags)
+ {
      int c;
@@ -276,7 +276,7 @@
   * @param flags startup flags
   * @return      0 on success, negative error code otherwise
   */
--static int hipd_main(uint64_t flags)
++int hipd_main(uint64_t flags)
+ {
      int                       highest_descriptor = 0, err = 0;
      struct timeval            timeout;
@@ -422,48 +422,3 @@
      return err;
+ }
--
--/**
-- * the main function for hipd
-- *
-- * @param argc number of command line arguments
-- * @param argv the command line arguments
-- * @return zero on success or negative on error
-- */
--int main(int argc, char *argv[])
--{
--    uint64_t sflags = HIPD_START_FOREGROUND | HIPD_START_LOWCAP;
--
--    /* The flushing is enabled by default. The reason for this is that
--     * people are doing some very experimental features on some branches
--     * that may crash the daemon and leave the SAs floating around to
--     * disturb further base exchanges. Use -N flag to disable this. */
--    sflags |= HIPD_START_FLUSH_IPSEC;
--
--    /* The default behaviour is to allow hipd to load the required modules
--     * and unload them when exiting.
--     */
--    sflags |= HIPD_START_LOAD_KMOD;
--
--    /* set the initial verbosity level */
--    hip_set_logdebug(LOGDEBUG_MEDIUM);
--
--    /* One should be able to check the hipd version and usage,
--     * even without having root privileges.
--     */
--    if (hipd_parse_cmdline_opts(argc, argv, &sflags)) {
--        return EXIT_SUCCESS;
--    }
--
--    /* We need to recreate the NAT UDP sockets to bind to the new port. */
--    if (getuid()) {
--        HIP_ERROR("hipd must be started as root!\n");
--        return EXIT_FAILURE;
--    }
--
--    if (hipd_main(sflags)) {
--        return EXIT_FAILURE;
--    }
--
--    return EXIT_SUCCESS;
--}
 === modified file 'hipd/hipd.h'
 --- hipd/hipd.h	2011-05-16 11:00:04 +0000
 +++ hipd/hipd.h	2011-08-05 09:02:54 +0000
@@ -112,4 +112,7 @@
  /* Functions for handling outgoing packets. */
  int hip_sendto_firewall(const struct hip_common *msg);
++int hipd_parse_cmdline_opts(int argc, char *argv[], uint64_t * flags);
++int hipd_main(uint64_t flags);
++
  #endif /* HIP_HIPD_HIPD_H */
 === added file 'hipd/main.c'
 --- hipd/main.c	1970-01-01 00:00:00 +0000
 +++ hipd/main.c	2011-08-05 09:02:54 +0000
@@ -0,0 +1,84 @@
++/*
++ * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University.
++ *
++ * Permission is hereby granted, free of charge, to any person
++ * obtaining a copy of this software and associated documentation
++ * files (the "Software"), to deal in the Software without
++ * restriction, including without limitation the rights to use,
++ * copy, modify, merge, publish, distribute, sublicense, and/or sell
++ * copies of the Software, and to permit persons to whom the
++ * Software is furnished to do so, subject to the following
++ * conditions:
++ *
++ * The above copyright notice and this permission notice shall be
++ * included in all copies or substantial portions of the Software.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
++ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
++ * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
++ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
++ * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
++ * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
++ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
++ * OTHER DEALINGS IN THE SOFTWARE.
++ */
++
++/**
++ * @file
++ * The HIPL main file containing the daemon main function.
++ */
++
++#include <stdint.h>
++#include <unistd.h>
++#include <sys/types.h>
++
++
++#include "hipd/hipd.h"
++#include "init.h"
++#include "lib/core/debug.h"
++
++
++/**
++ * the main function for hipd
++ *
++ * @param argc number of command line arguments
++ * @param argv the command line arguments
++ * @return zero on success or negative on error
++ */
++int main(int argc, char *argv[])
++{
++    uint64_t sflags = HIPD_START_FOREGROUND | HIPD_START_LOWCAP;
++
++    /* The flushing is enabled by default. The reason for this is that
++     * people are doing some very experimental features on some branches
++     * that may crash the daemon and leave the SAs floating around to
++     * disturb further base exchanges. Use -N flag to disable this. */
++    sflags |= HIPD_START_FLUSH_IPSEC;
++
++    /* The default behaviour is to allow hipd to load the required modules
++     * and unload them when exiting.
++     */
++    sflags |= HIPD_START_LOAD_KMOD;
++
++    /* set the initial verbosity level */
++    hip_set_logdebug(LOGDEBUG_MEDIUM);
++
++    /* One should be able to check the hipd version and usage,
++     * even without having root privileges.
++     */
++    if (hipd_parse_cmdline_opts(argc, argv, &sflags)) {
++        return EXIT_SUCCESS;
++    }
++
++    /* We need to recreate the NAT UDP sockets to bind to the new port. */
++    if (getuid()) {
++        HIP_ERROR("hipd must be started as root!\n");
++        return EXIT_FAILURE;
++    }
++
++    if (hipd_main(sflags)) {
++        return EXIT_FAILURE;
++    }
++
++    return EXIT_SUCCESS;
++}
 === modified file 'hipd/output.c'
 --- hipd/output.c	2011-07-29 18:50:43 +0000
 +++ hipd/output.c	2011-08-05 09:02:54 +0000
@@ -1050,16 +1050,6 @@
      /********** CHALLENGE_RESPONSE **********/
  #ifdef CONFIG_HIP_MIDAUTH
--    /** @todo no caching is done for PUZZLE_M parameters. This may be
--     *        a DOS attack vector.
--     */
--    HIP_IFEL(hip_solve_puzzle_m(ctx->output_msg, ctx->input_msg),
--             -1, "Building of Challenge_Response failed\n");
--    midauth_cert = hip_pisa_get_certificate();
--
--    HIP_IFEL(hip_build_param(ctx->output_msg, ctx->hadb_entry->our_pub), -1,
--             "Building of host id failed\n");
--
      /* For now we just add some random data to see if it works */
      HIP_IFEL(hip_build_param_cert(ctx->output_msg, 1, 1, 1, 1, midauth_cert,
                                    strlen(midauth_cert)),
 === modified file 'lib/core/builder.c'
 --- lib/core/builder.c	2011-07-29 12:55:51 +0000
 +++ lib/core/builder.c	2011-08-05 09:02:54 +0000
@@ -679,13 +679,6 @@
          HIP_PARAM_ESP_PROT_BRANCH,
          HIP_PARAM_ESP_PROT_SECRET,
          HIP_PARAM_ESP_PROT_ROOT
--#ifdef CONFIG_HIP_MIDAUTH
--        ,
--        HIP_PARAM_ECHO_REQUEST_M,
--        HIP_PARAM_ECHO_RESPONSE_M,
--        HIP_PARAM_CHALLENGE_REQUEST,
--        HIP_PARAM_CHALLENGE_RESPONSE
--#endif /* CONFIG_HIP_MIDAUTH */
      };
      hip_tlv type = hip_get_param_type(param);
@@ -1175,10 +1168,8 @@
      case HIP_PARAM_DST_ADDR:        return "HIP_PARAM_DST_ADDR";
      case HIP_PARAM_ECHO_REQUEST:    return "HIP_PARAM_ECHO_REQUEST";
      case HIP_PARAM_ECHO_REQUEST_SIGN: return "HIP_PARAM_ECHO_REQUEST_SIGN";
--    case HIP_PARAM_ECHO_REQUEST_M:  return "HIP_PARAM_ECHO_REQUEST_M";
      case HIP_PARAM_ECHO_RESPONSE:   return "HIP_PARAM_ECHO_RESPONSE";
      case HIP_PARAM_ECHO_RESPONSE_SIGN: return "HIP_PARAM_ECHO_RESPONSE_SIGN";
--    case HIP_PARAM_ECHO_RESPONSE_M: return "HIP_PARAM_ECHO_RESPONSE_M";
      case HIP_PARAM_EID_ADDR:        return "HIP_PARAM_EID_ADDR";
      case HIP_PARAM_EID_ENDPOINT:    return "HIP_PARAM_EID_ENDPOINT";
      case HIP_PARAM_EID_IFACE:       return "HIP_PARAM_EID_IFACE";
@@ -1209,7 +1200,6 @@
      case HIP_PARAM_NOTIFICATION:    return "HIP_PARAM_NOTIFICATION";
      case HIP_PARAM_PORTPAIR:        return "HIP_PARAM_PORTPAIR";
      case HIP_PARAM_PUZZLE:          return "HIP_PARAM_PUZZLE";
--    case HIP_PARAM_CHALLENGE_REQUEST:       return "HIP_PARAM_CHALLENGE_REQUEST";
      case HIP_PARAM_R1_COUNTER:      return "HIP_PARAM_R1_COUNTER";
      case HIP_PARAM_REG_FAILED:      return "HIP_PARAM_REG_FAILED";
      case HIP_PARAM_REG_FROM:        return "HIP_PARAM_REG_FROM";
@@ -1222,7 +1212,6 @@
      case HIP_PARAM_RVS_HMAC:        return "HIP_PARAM_RVS_HMAC";
      case HIP_PARAM_SEQ:             return "HIP_PARAM_SEQ";
      case HIP_PARAM_SOLUTION:        return "HIP_PARAM_SOLUTION";
--    case HIP_PARAM_CHALLENGE_RESPONSE:      return "HIP_PARAM_CHALLENGE_RESPONSE";
      case HIP_PARAM_SRC_ADDR:        return "HIP_PARAM_SRC_ADDR";
      case HIP_PARAM_TO_PEER:         return "HIP_PARAM_TO_PEER";
      case HIP_PARAM_UINT:            return "HIP_PARAM_UINT";
@@ -2400,95 +2389,6 @@
      return err;
+ }
--#ifdef CONFIG_HIP_MIDAUTH
--/**
-- * Build and append a HIP challenge_request to the message.
-- *
-- * The puzzle mechanism assumes that every value is in network byte order
-- * except for the hip_birthday_cookie.cv union, where the value is in
-- * host byte order. This is an exception to the normal builder rules, where
-- * input arguments are normally always in host byte order.
-- *
-- * @param msg the message where the puzzle_m is to be appended
-- * @param val_K the K value for the puzzle_m
-- * @param lifetime lifetime field of the puzzle_m
-- * @param opaque the opaque data filed of the puzzle_m
-- * @param opaque_len the length uf the opaque data field
-- *
-- * @return zero for success, or non-zero on error
-- */
--int hip_build_param_challenge_request(struct hip_common *msg,
--                                      uint8_t val_K,
--                                      uint8_t lifetime,
--                                      uint8_t *opaque,
--                                      uint8_t opaque_len)
--{
--    struct hip_challenge_request puzzle;
--    int                          err = 0;
--
--    /* note: the length cannot be calculated with calc_param_len() */
--    hip_set_param_contents_len((struct hip_tlv_common *) &puzzle,
--                               sizeof(struct hip_challenge_request) -
--                               sizeof(struct hip_tlv_common));
--    /* Type 2 (in R1) or 3 (in I2) */
--    hip_set_param_type((struct hip_tlv_common *) &puzzle,
--                       HIP_PARAM_CHALLENGE_REQUEST);
--
--    /* only the random_j_k is in host byte order */
--    puzzle.K        = val_K;
--    puzzle.lifetime = lifetime;
--    memcpy(&puzzle.opaque, opaque, opaque_len);
--
--    err = hip_build_generic_param(msg,
--                                  &puzzle,
--                                  sizeof(struct hip_tlv_common),
--                                  hip_get_param_contents_direct(&puzzle));
--    return err;
--}
--
--/**
-- * Build and append a HIP solution into the message.
-- *
-- * The puzzle mechanism assumes that every value is in network byte order
-- * except for the hip_birthday_cookie.cv union, where the value is in
-- * host byte order. This is an exception to the normal builder rules, where
-- * input arguments are normally always in host byte order.
-- *
-- * @param msg       the message where the solution is to be appended
-- * @param pz        values from the corresponding hip_challenge_request copied to the solution
-- * @param solution  value for the solution (in host byte order)
-- *
-- * @return zero for success, or non-zero on error
-- */
--int hip_build_param_challenge_response(struct hip_common *const msg,
--                                       const struct hip_challenge_request *const pz,
--                                       const uint8_t solution[PUZZLE_LENGTH])
--{
--    struct hip_challenge_response cookie;
--    int                           err = 0, opaque_len = 0;
--
--    /* note: the length cannot be calculated with calc_param_len() */
--    hip_set_param_contents_len((struct hip_tlv_common *) &cookie,
--                               sizeof(struct hip_challenge_response) -
--                               sizeof(struct hip_tlv_common));
--    /* Type 2 (in R1) or 3 (in I2) */
--    hip_set_param_type((struct hip_tlv_common *) &cookie, HIP_PARAM_CHALLENGE_RESPONSE);
--
--    memcpy(cookie.J, solution, PUZZLE_LENGTH);
--    cookie.K        = pz->K;
--    cookie.lifetime = pz->K;
--    opaque_len      = sizeof(pz->opaque) / sizeof(pz->opaque[0]);
--    memcpy(&cookie.opaque, pz->opaque, opaque_len);
--
--    err = hip_build_generic_param(msg,
--                                  &cookie,
--                                  sizeof(struct hip_tlv_common),
--                                  hip_get_param_contents_direct(&cookie));
--    return err;
--}
--
--#endif /* CONFIG_HIP_MIDAUTH */
--
  /**
   * Build and append a HIP solution into the message.
+  *
@@ -3962,6 +3862,14 @@
      SHA_CTX sha;
      MD5_CTX md5;
++    HIP_ASSERT(in != NULL);
++    HIP_ASSERT(out != NULL);
++
++    if (in_len <= 0) {
++        HIP_ERROR("invalid input length: %i\n", in_len);
++        return -1;
++    }
++
      switch (type) {
      case HIP_DIGEST_SHA1:
          SHA1_Init(&sha);
 === modified file 'lib/core/builder.h'
 --- lib/core/builder.h	2011-07-18 13:10:26 +0000
 +++ lib/core/builder.h	2011-08-05 09:02:54 +0000
@@ -133,12 +133,6 @@
                             const uint32_t opaque,
                             const uint8_t *const random_i);
--int hip_build_param_challenge_request(struct hip_common *,
--                                      uint8_t,
--                                      uint8_t,
--                                      uint8_t *,
--                                      uint8_t);
--
  int hip_build_param_r1_counter(struct hip_common *, uint64_t);
  int hip_build_param_signature2_contents(struct hip_common *,
@@ -153,10 +147,6 @@
                               const struct hip_puzzle *,
                               uint8_t *const);
--int hip_build_param_challenge_response(struct hip_common *const msg,
--                                       const struct hip_challenge_request *const pz,
--                                       const uint8_t *const solution);
--
  int hip_build_param(struct hip_common *, const void *);
  void hip_set_msg_response(struct hip_common *msg, uint8_t on);
  uint8_t hip_get_msg_response(struct hip_common *msg);
 === modified file 'lib/core/protodefs.h'
 --- lib/core/protodefs.h	2011-07-28 18:11:17 +0000
 +++ lib/core/protodefs.h	2011-08-05 09:02:54 +0000
@@ -140,7 +140,6 @@
  #define HIP_PARAM_LOCATOR              193
  #define HIP_PARAM_PUZZLE               257
  #define HIP_PARAM_SOLUTION             321
--#define HIP_PARAM_CHALLENGE_RESPONSE   322
  #define HIP_PARAM_SEQ                  385
  #define HIP_PARAM_ACK                  449
  #define HIP_PARAM_DIFFIE_HELLMAN       513
@@ -156,7 +155,6 @@
  #define HIP_PARAM_REG_FAILED           936
  #define HIP_PARAM_REG_FROM             950
  #define HIP_PARAM_ECHO_RESPONSE_SIGN   961
--#define HIP_PARAM_ECHO_RESPONSE_M      962
  #define HIP_PARAM_ESP_TRANSFORM        4095
  #define HIP_PARAM_ESP_PROT_TRANSFORMS  4120
  #define HIP_PARAM_ESP_PROT_ANCHOR      4121
@@ -230,8 +228,6 @@
  //#define HIP_PARAM_REG_FROM            64010
  #define HIP_PARAM_TO_PEER               64006
  #define HIP_PARAM_FROM_PEER             64008
--#define HIP_PARAM_ECHO_REQUEST_M        65332
--#define HIP_PARAM_CHALLENGE_REQUEST     65334
  #define HIP_PARAM_FROM                  65498
  #define HIP_PARAM_RVS_HMAC              65500
  #define HIP_PARAM_VIA_RVS               65502
@@ -783,25 +779,6 @@
      uint8_t     J[PUZZLE_LENGTH];
  } __attribute__((packed));
--
--
--struct hip_challenge_request {
--    hip_tlv     type;
--    hip_tlv_len length;
--    uint8_t     K;
--    uint8_t     lifetime;
--    uint8_t     opaque[24];           /**< variable length */
--} __attribute__((packed));
--
--struct hip_challenge_response {
--    hip_tlv     type;
--    hip_tlv_len length;
--    uint8_t     K;
--    uint8_t     lifetime;
--    uint8_t     J[PUZZLE_LENGTH];
--    uint8_t     opaque[24];           /**< variable length */
--} __attribute__((packed));
--
  struct hip_dh_public_value {
      uint8_t  group_id;
      uint16_t pub_len;
 === modified file 'lib/core/solve.c'
 --- lib/core/solve.c	2011-04-20 09:38:33 +0000
 +++ lib/core/solve.c	2011-08-05 09:02:54 +0000
@@ -1,5 +1,5 @@
  /*
-- * Copyright (c) 2010 Aalto University and RWTH Aachen University.
++ * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University.
+  *
   * Permission is hereby granted, free of charge, to any person
   * obtaining a copy of this software and associated documentation
@@ -174,59 +174,3 @@
      return 0;
+ }
--
--#ifdef CONFIG_HIP_MIDAUTH
--/**
-- * solve a midauth puzzle which is essentially a normal HIP cookie
-- * with some extra whipped cream on the top
-- *
-- * @param out the received R1 message
-- * @param in an I2 message where the solution will be written
-- * @return zero on success and negative on error
-- * @see <a
-- * href="http://tools.ietf.org/id/draft-heer-hip-middle-auth">Heer et
-- * al, End-Host Authentication for HIP Middleboxes, Internet draft,
-- * work in progress, February 2009</a>
-- */
--int hip_solve_puzzle_m(struct hip_common *const out,
--                       const struct hip_common *const in)
--{
--    struct puzzle_hash_input            puzzle_input;
--    const struct hip_challenge_request *pz;
--    uint8_t                             digest[HIP_AH_SHA_LEN];
--
--    pz = hip_get_param(in, HIP_PARAM_CHALLENGE_REQUEST);
--    while (pz) {
--        if (hip_get_param_type(pz) != HIP_PARAM_CHALLENGE_REQUEST) {
--            break;
--        }
--
--        if (hip_build_digest(HIP_DIGEST_SHA1, pz->opaque, 24, digest) < 0) {
--            HIP_ERROR("Building of SHA1 Random seed I failed\n");
--            return -1;
--        }
--
--        memcpy(puzzle_input.puzzle,
--               &digest[HIP_AH_SHA_LEN - PUZZLE_LENGTH],
--               PUZZLE_LENGTH);
--        puzzle_input.initiator_hit = out->hits;
--        puzzle_input.responder_hit = out->hitr;
--        RAND_bytes(puzzle_input.solution, PUZZLE_LENGTH);
--
--        if ((hip_solve_puzzle(&puzzle_input, pz->K))) {
--            HIP_ERROR("Solving of puzzle failed\n");
--            return -EINVAL;
--        }
--
--        if (hip_build_param_challenge_response(out, pz, puzzle_input.solution) < 0) {
--            HIP_ERROR("Error while creating solution_m reply parameter\n");
--            return -1;
--        }
--        pz = (const struct hip_challenge_request *)
--             hip_get_next_param(in, (const struct hip_tlv_common *) pz);
--    }
--
--    return 0;
--}
--
--#endif /* CONFIG_HIP_MIDAUTH */
 === modified file 'lib/core/solve.h'
 --- lib/core/solve.h	2011-07-28 18:11:17 +0000
 +++ lib/core/solve.h	2011-08-05 09:02:54 +0000
@@ -1,5 +1,5 @@
  /*
-- * Copyright (c) 2010 Aalto University and RWTH Aachen University.
++ * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University.
+  *
   * Permission is hereby granted, free of charge, to any person
   * obtaining a copy of this software and associated documentation
@@ -55,7 +55,4 @@
  int hip_verify_puzzle_solution(const struct puzzle_hash_input *const puzzle_input,
                                 const uint8_t difficulty);
--int hip_solve_puzzle_m(struct hip_common *const out,
--                       const struct hip_common *const in);
--
  #endif /* HIP_LIB_CORE_SOLVE_H */
 === modified file 'modules/heartbeat/Makefile.am'
 --- modules/heartbeat/Makefile.am	2011-01-13 09:45:20 +0000
 +++ modules/heartbeat/Makefile.am	2011-08-05 09:02:54 +0000
@@ -1,1 +1,1 @@
--hipd_hipd_SOURCES += modules/heartbeat/hipd/heartbeat.c
++hipd_hipd_sources += modules/heartbeat/hipd/heartbeat.c
 === modified file 'modules/heartbeat_update/Makefile.am'
 --- modules/heartbeat_update/Makefile.am	2011-01-13 09:45:20 +0000
 +++ modules/heartbeat_update/Makefile.am	2011-08-05 09:02:54 +0000
@@ -1,1 +1,1 @@
--hipd_hipd_SOURCES += modules/heartbeat_update/hipd/hb_update.c
++hipd_hipd_sources += modules/heartbeat_update/hipd/hb_update.c
 === added directory 'modules/midauth'
 === added file 'modules/midauth/Makefile.am'
 --- modules/midauth/Makefile.am	1970-01-01 00:00:00 +0000
 +++ modules/midauth/Makefile.am	2011-08-05 09:02:54 +0000
@@ -0,0 +1,32 @@
++# Copyright (c) 2010-2011 Aalto University and RWTH Aachen University.
++#
++# Permission is hereby granted, free of charge, to any person
++# obtaining a copy of this software and associated documentation
++# files (the "Software"), to deal in the Software without
++# restriction, including without limitation the rights to use,
++# copy, modify, merge, publish, distribute, sublicense, and/or sell
++# copies of the Software, and to permit persons to whom the
++# Software is furnished to do so, subject to the following
++# conditions:
++#
++# The above copyright notice and this permission notice shall be
++# included in all copies or substantial portions of the Software.
++#
++# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
++# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
++# OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
++# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
++# HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
++# WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
++# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
++# OTHER DEALINGS IN THE SOFTWARE.
++
++
++hipd_hipd_SOURCES += modules/midauth/hipd/midauth.c          \
++                     modules/midauth/lib/midauth_builder.c
++
++firewall_hipfw_SOURCES += modules/midauth/lib/midauth_builder.c
++
++test_check_firewall_SOURCES += modules/midauth/lib/midauth_builder.c
++
++test_check_modules_midauth_SOURCES += modules/midauth/lib/midauth_builder.c
 === added directory 'modules/midauth/hipd'
 === added file 'modules/midauth/hipd/midauth.c'
 --- modules/midauth/hipd/midauth.c	1970-01-01 00:00:00 +0000
 +++ modules/midauth/hipd/midauth.c	2011-08-05 09:02:54 +0000
@@ -0,0 +1,229 @@
++/*
++ * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University.
++ *
++ * Permission is hereby granted, free of charge, to any person
++ * obtaining a copy of this software and associated documentation
++ * files (the "Software"), to deal in the Software without
++ * restriction, including without limitation the rights to use,
++ * copy, modify, merge, publish, distribute, sublicense, and/or sell
++ * copies of the Software, and to permit persons to whom the
++ * Software is furnished to do so, subject to the following
++ * conditions:
++ *
++ * The above copyright notice and this permission notice shall be
++ * included in all copies or substantial portions of the Software.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
++ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
++ * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
++ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
++ * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
++ * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
++ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
++ * OTHER DEALINGS IN THE SOFTWARE.
++ */
++
++/**
++ * @file
++ * This file contains the implementation for the middlebox authentication
++ * extension.
++ *
++ * @author Rene Hummen
++ */
++
++#include <errno.h>
++#include <stdint.h>
++#include <string.h>
++
++#include "hipd/hidb.h"
++#include "hipd/pkt_handling.h"
++#include "lib/core/builder.h"
++#include "lib/core/common.h"
++#include "lib/core/ife.h"
++#include "lib/core/modularization.h"
++#include "lib/core/protodefs.h"
++#include "lib/core/solve.h"
++#include "modules/midauth/lib/midauth_builder.h"
++#include "modules/update/hipd/update.h"
++#include "midauth.h"
++
++
++/**
++ * Handle the CHALLENGE_REQUEST parameter.
++ *
++ * @param packet_type The packet type of the control message (RFC 5201, 5.3.)
++ * @param ha_state The host association state (RFC 5201, 4.4.1.)
++ * @param ctx Pointer to the packet context, containing all information for
++ *            the packet handling (received message, source and destination
++ *            address, the ports and the corresponding entry from the host
++ *            association database).
++ *
++ * @return zero if the challenge was processed correctly or no challenge
++ * parameter was attached to the packet, negative value otherwise.
++ */
++static int handle_challenge_request_param(UNUSED const uint8_t packet_type,
++                                          UNUSED const uint32_t ha_state,
++                                          struct hip_packet_context *ctx)
++{
++    const struct hip_challenge_request *request = NULL;
++
++    request = hip_get_param(ctx->input_msg, HIP_PARAM_CHALLENGE_REQUEST);
++
++    // each on-path middlebox may add a challenge on its own
++    while (request &&
++           hip_get_param_type(request) == HIP_PARAM_CHALLENGE_REQUEST) {
++        struct puzzle_hash_input tmp_puzzle;
++        const unsigned int       len = hip_challenge_request_opaque_len(request);
++
++        if (hip_midauth_puzzle_seed(request->opaque, len, tmp_puzzle.puzzle)) {
++            HIP_ERROR("failed to derive midauth puzzle\n");
++            return -1;
++        }
++
++        tmp_puzzle.initiator_hit = ctx->input_msg->hitr;
++        tmp_puzzle.responder_hit = ctx->input_msg->hits;
++
++        if (hip_solve_puzzle(&tmp_puzzle, request->K)) {
++            HIP_ERROR("Solving of middlebox challenge failed\n");
++            return -EINVAL;
++        }
++
++        if (hip_build_param_challenge_response(ctx->output_msg,
++                                               request,
++                                               tmp_puzzle.solution) < 0) {
++            HIP_ERROR("Error while creating CHALLENGE_RESPONSE parameter\n");
++            return -1;
++        }
++
++        // process next challenge parameter, if available
++        request = (const struct hip_challenge_request *)
++                  hip_get_next_param(ctx->input_msg, &request->tlv);
++    }
++
++    return 0;
++}
++
++/**
++ * Add a HOST_ID parameter corresponding to the local HIT of the association to
++ * an UPDATE packet.
++ *
++ * @param packet_type The packet type of the control message (RFC 5201, 5.3.)
++ * @param ha_state The host association state (RFC 5201, 4.4.1.)
++ * @param ctx Pointer to the packet context, containing all information for
++ *            the packet handling (received message, source and destination
++ *            address, the ports and the corresponding entry from the host
++ *            association database).
++ *
++ * @return zero on success, negative value otherwise
++ */
++static int add_host_id_param_update(UNUSED const uint8_t packet_type,
++                                    UNUSED const uint32_t ha_state,
++                                    struct hip_packet_context *ctx)
++{
++    const struct hip_challenge_request *const challenge_request =
++        hip_get_param(ctx->input_msg, HIP_PARAM_CHALLENGE_REQUEST);
++
++    // add HOST_ID to packets containing a CHALLENGE_RESPONSE
++    if (challenge_request) {
++        const struct local_host_id *const host_id_entry =
++            hip_get_hostid_entry_by_lhi_and_algo(HIP_DB_LOCAL_HID,
++                                                 &ctx->input_msg->hitr,
++                                                 HIP_ANY_ALGO,
++                                                 -1);
++        if (!host_id_entry) {
++            HIP_ERROR("Unknown HIT\n");
++            return -1;
++        }
++
++        if (hip_build_param_host_id(ctx->output_msg, &host_id_entry->host_id)) {
++            HIP_ERROR("Building of host id failed\n");
++            return -1;
++        }
++    }
++
++    return 0;
++}
++
++/**
++ * Initialization function for the midauth module.
++ *
++ * @return zero on success, negative value otherwise
++ */
++int hip_midauth_init(void)
++{
++    if (lmod_register_parameter_type(HIP_PARAM_CHALLENGE_REQUEST,
++                                     "HIP_PARAM_CHALLENGE_REQUEST")) {
++        HIP_ERROR("failed to register parameter type\n");
++        return -1;
++    }
++
++    if (lmod_register_parameter_type(HIP_PARAM_CHALLENGE_RESPONSE,
++                                     "HIP_PARAM_CHALLENGE_RESPONSE")) {
++        HIP_ERROR("failed to register parameter type\n");
++        return -1;
++    }
++
++    const int challenge_request_R1_states[] = { HIP_STATE_I1_SENT,
++                                                HIP_STATE_I2_SENT,
++                                                HIP_STATE_CLOSING,
++                                                HIP_STATE_CLOSED };
++    for (unsigned i = 0; i < ARRAY_SIZE(challenge_request_R1_states); i++) {
++        if (hip_register_handle_function(HIP_R1,
++                                         challenge_request_R1_states[i],
++                                         &handle_challenge_request_param,
++                                         32500)) {
++            HIP_ERROR("Error on registering MIDAUTH handle function.\n");
++            return -1;
++        }
++    }
++
++    //
++    // we hook on every occasion that causes an R2 to get sent.
++    // R2 packet is first allocated at 40000, so we use a higher
++    // base priority here.
++    //
++    const int challenge_request_I2_states[] = { HIP_STATE_UNASSOCIATED,
++                                                HIP_STATE_I1_SENT,
++                                                HIP_STATE_I2_SENT,
++                                                HIP_STATE_R2_SENT,
++                                                HIP_STATE_ESTABLISHED,
++                                                HIP_STATE_CLOSING,
++                                                HIP_STATE_CLOSED,
++                                                HIP_STATE_NONE };
++    for (unsigned i = 0; i < ARRAY_SIZE(challenge_request_I2_states); i++) {
++        if (hip_register_handle_function(HIP_I2,
++                                         challenge_request_I2_states[i],
++                                         &handle_challenge_request_param,
++                                         40322)) {
++            HIP_ERROR("Error on registering MIDAUTH handle function.\n");
++            return -1;
++        }
++    }
++
++    //
++    // Priority computed the same as above, but UPDATE response is sent at
++    // priority 30000 already (checking is 20000) and we must add our
++    // CHALLENGE_REQUEST verification in between, hence a lower base priority.
++    //
++    const int challenge_request_UPDATE_states[] = { HIP_STATE_R2_SENT,
++                                                    HIP_STATE_ESTABLISHED };
++    for (unsigned i = 0; i < ARRAY_SIZE(challenge_request_UPDATE_states); i++) {
++        if (hip_register_handle_function(HIP_UPDATE,
++                                         challenge_request_UPDATE_states[i],
++                                         &handle_challenge_request_param,
++                                         20322)) {
++            HIP_ERROR("Error on registering MIDAUTH handle function.\n");
++            return -1;
++        }
++
++        if (hip_register_handle_function(HIP_UPDATE,
++                                         challenge_request_UPDATE_states[i],
++                                         &add_host_id_param_update,
++                                         20750)) {
++            HIP_ERROR("Error on registering MIDAUTH handle function.\n");
++            return -1;
++        }
++    }
++
++    return 0;
++}
 === added file 'modules/midauth/hipd/midauth.h'
 --- modules/midauth/hipd/midauth.h	1970-01-01 00:00:00 +0000
 +++ modules/midauth/hipd/midauth.h	2011-08-05 09:02:54 +0000
@@ -0,0 +1,34 @@
++/*
++ * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University.
++ *
++ * Permission is hereby granted, free of charge, to any person
++ * obtaining a copy of this software and associated documentation
++ * files (the "Software"), to deal in the Software without
++ * restriction, including without limitation the rights to use,
++ * copy, modify, merge, publish, distribute, sublicense, and/or sell
++ * copies of the Software, and to permit persons to whom the
++ * Software is furnished to do so, subject to the following
++ * conditions:
++ *
++ * The above copyright notice and this permission notice shall be
++ * included in all copies or substantial portions of the Software.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
++ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
++ * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
++ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
++ * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
++ * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
++ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
++ * OTHER DEALINGS IN THE SOFTWARE.
++ */
++
++#ifndef MODULES_MIDAUTH_HIPD_MIDAUTH_H
++#define MODULES_MIDAUTH_HIPD_MIDAUTH_H
++
++#define HIP_PARAM_CHALLENGE_REQUEST  65334
++#define HIP_PARAM_CHALLENGE_RESPONSE 322
++
++int hip_midauth_init(void);
++
++#endif /* MODULES_MIDAUTH_HIPD_MIDAUTH_H */
 === added directory 'modules/midauth/lib'
 === added file 'modules/midauth/lib/midauth_builder.c'
 --- modules/midauth/lib/midauth_builder.c	1970-01-01 00:00:00 +0000
 +++ modules/midauth/lib/midauth_builder.c	2011-08-05 09:02:54 +0000
@@ -0,0 +1,184 @@
++/*
++ * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University.
++ *
++ * Permission is hereby granted, free of charge, to any person
++ * obtaining a copy of this software and associated documentation
++ * files (the "Software"), to deal in the Software without
++ * restriction, including without limitation the rights to use,
++ * copy, modify, merge, publish, distribute, sublicense, and/or sell
++ * copies of the Software, and to permit persons to whom the
++ * Software is furnished to do so, subject to the following
++ * conditions:
++ *
++ * The above copyright notice and this permission notice shall be
++ * included in all copies or substantial portions of the Software.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
++ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
++ * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
++ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
++ * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
++ * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
++ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
++ * OTHER DEALINGS IN THE SOFTWARE.
++ */
++
++/**
++ * @file
++ * This file contains parameter handling functionality for the middlebox
++ * authentication extension.
++ *
++ * @author Rene Hummen
++ * @author Christof Mroz <christof.mroz@rwth-aachen.de>
++ */
++
++#include <stdint.h>
++#include <string.h>
++
++#include "lib/core/ife.h"
++#include "modules/midauth/hipd/midauth.h"
++#include "midauth_builder.h"
++
++
++/**
++ * Build and append a HIP CHALLENGE_REQUEST to the message.
++ *
++ * @param msg           the message where the CHALLENGE_REQUEST is appended
++ * @param difficulty    the puzzle difficulty for the CHALLENGE_REQUEST
++ * @param lifetime      lifetime the puzzle nonce
++ * @param opaque        the nonce (challenge) of the CHALLENGE_REQUEST
++ * @param opaque_len    the length of the nonce
++ *
++ * @return zero for success, or negative value on error
++ */
++int hip_build_param_challenge_request(struct hip_common *const msg,
++                                      const uint8_t difficulty,
++                                      const uint8_t lifetime,
++                                      const uint8_t *opaque,
++                                      const uint8_t opaque_len)
++{
++    struct hip_challenge_request request;
++    static const size_t          min_length = sizeof(request) -
++                                              sizeof(request.tlv) -
++                                              sizeof(request.opaque);
++
++    HIP_ASSERT(opaque);
++
++    /* note: the length cannot be calculated with calc_param_len() */
++    hip_set_param_contents_len(&request.tlv, min_length + opaque_len);
++    hip_set_param_type(&request.tlv, HIP_PARAM_CHALLENGE_REQUEST);
++
++    /* only the random_j_k is in host byte order */
++    request.K        = difficulty;
++    request.lifetime = lifetime;
++    memcpy(&request.opaque, opaque, opaque_len);
++
++    if (hip_build_param(msg, &request) != 0) {
++        HIP_ERROR("failed to build parameter\n");
++        return -1;
++    }
++
++    return 0;
++}
++
++/**
++ * Build and append a HIP CHALLENGE_RESPONSE to the message.
++ *
++ * @param msg       the message where the CHALLENGE_RESPONSE is appended
++ * @param request   the received CHALLENGE_REQUEST parameter for this response
++ * @param solution  the solution for the puzzle in the CHALLENGE_REQUEST
++ *
++ * @return zero for success, or negative value on error
++ */
++int hip_build_param_challenge_response(struct hip_common *const msg,
++                                       const struct hip_challenge_request *const request,
++                                       const uint8_t solution[PUZZLE_LENGTH])
++{
++    struct hip_challenge_response response;
++    static const size_t           min_length = sizeof(response) -
++                                               sizeof(response.tlv) -
++                                               sizeof(response.opaque);
++
++    if (!request || !solution) {
++        HIP_ERROR("Unexpected input parameter values (NULL).\n");
++        return -1;
++    }
++
++    const int opaque_len = hip_challenge_request_opaque_len(request);
++
++    /* note: the length cannot be calculated with calc_param_len() */
++    hip_set_param_contents_len(&response.tlv, min_length + opaque_len);
++    hip_set_param_type(&response.tlv, HIP_PARAM_CHALLENGE_RESPONSE);
++
++    memcpy(response.J, solution, PUZZLE_LENGTH);
++    response.K        = request->K;
++    response.lifetime = request->lifetime;
++    memcpy(response.opaque, request->opaque, opaque_len);
++
++    if (hip_build_param(msg, &response)) {
++        HIP_ERROR("failed to build parameter\n");
++        return -1;
++    }
++
++    return 0;
++}
++
++/**
++ * Compute length of opaque field in CHALLENGE_REQUEST parameter.
++ *
++ * @param request  the CHALLENGE_REQUEST parameter
++ * @return length of the opaque field; 0 in case of error or if length equals 0
++ */
++unsigned int hip_challenge_request_opaque_len(const struct hip_challenge_request *const request)
++{
++    if (!request) {
++        return 0;
++    }
++
++    static const size_t min_len = sizeof(*request) -
++                                  sizeof(request->tlv) -
++                                  sizeof(request->opaque);
++
++    return hip_get_param_contents_len(&request->tlv) - min_len;
++}
++
++/**
++ * Convert the opaque value in the CHALLENGE_REQUEST to the seed value I of a
++ * HIP puzzle.
++ *
++ * The opaque value plays a dual role in a CHALLENGE_REQUEST:
++ * i)  it is a challenge that needs to be echoed back by the responder and
++ * ii) it is used to derive the seed value for a cryptographic puzzle. The
++ *     puzzle is defined in RFC5201.
++ *
++ * @param opaque            the nonce (challenge) in the CHALLENGE_REQUEST
++ * @param opaque_len        the length of the nonce
++ * @param puzzle_value      the puzzle value generated from the nonce
++ * @return zero on success, -1 in case of an error
++ */
++int hip_midauth_puzzle_seed(const uint8_t opaque[],
++                            const unsigned int opaque_len,
++                            uint8_t puzzle_value[PUZZLE_LENGTH])
++{
++    unsigned char sha_digest[SHA_DIGEST_LENGTH];
++
++    if (!puzzle_value) {
++        HIP_ERROR("Parameter puzzle_value is not allocated\n");
++        return -1;
++    }
++
++    // the hashed opaque field is used as puzzle seed
++    if (hip_build_digest(HIP_DIGEST_SHA1,
++                         opaque,
++                         opaque_len,
++                         sha_digest)) {
++        HIP_ERROR("Building of SHA1 random seed I failed\n");
++        return -1;
++    }
++
++    memcpy(puzzle_value,
++           &sha_digest[SHA_DIGEST_LENGTH - PUZZLE_LENGTH],
++           PUZZLE_LENGTH);
++
++    return 0;
++}
 === added file 'modules/midauth/lib/midauth_builder.h'
 --- modules/midauth/lib/midauth_builder.h	1970-01-01 00:00:00 +0000
 +++ modules/midauth/lib/midauth_builder.h	2011-08-05 09:02:54 +0000
@@ -0,0 +1,79 @@
++/*
++ * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University.
++ *
++ * Permission is hereby granted, free of charge, to any person
++ * obtaining a copy of this software and associated documentation
++ * files (the "Software"), to deal in the Software without
++ * restriction, including without limitation the rights to use,
++ * copy, modify, merge, publish, distribute, sublicense, and/or sell
++ * copies of the Software, and to permit persons to whom the
++ * Software is furnished to do so, subject to the following
++ * conditions:
++ *
++ * The above copyright notice and this permission notice shall be
++ * included in all copies or substantial portions of the Software.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
++ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
++ * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
++ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
++ * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
++ * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
++ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
++ * OTHER DEALINGS IN THE SOFTWARE.
++ */
++
++/**
++ * @file
++ * This file contains parameter handling functionality for the middlebox
++ * authentication extension.
++ *
++ * @author Rene Hummen
++ * @author Christof Mroz <christof.mroz@rwth-aachen.de>
++ */
++
++#ifndef MODULES_MIDAUTH_HIPD_MIDAUTH_BUILDER_H
++#define MODULES_MIDAUTH_HIPD_MIDAUTH_BUILDER_H
++
++#include <stdint.h>
++
++#include "lib/core/builder.h"
++#include "lib/core/protodefs.h"
++
++
++#define MAX_CHALLENGE_LENGTH 256
++
++
++struct hip_challenge_request {
++    struct hip_tlv_common tlv;
++    uint8_t               K;
++    uint8_t               lifetime;
++    uint8_t               opaque[MAX_CHALLENGE_LENGTH];           /**< variable length */
++} __attribute__ ((packed));
++
++struct hip_challenge_response {
++    struct hip_tlv_common tlv;
++    uint8_t               K;
++    uint8_t               lifetime;
++    uint8_t               J[PUZZLE_LENGTH];
++    uint8_t               opaque[MAX_CHALLENGE_LENGTH]; /**< variable length */
++} __attribute__ ((packed));
++
++
++int hip_build_param_challenge_request(struct hip_common *const msg,
++                                      const uint8_t difficulty,
++                                      const uint8_t lifetime,
++                                      const uint8_t *opaque,
++                                      const uint8_t opaque_len);
++
++int hip_build_param_challenge_response(struct hip_common *const msg,
++                                       const struct hip_challenge_request *const request,
++                                       const uint8_t *const solution);
++
++unsigned int hip_challenge_request_opaque_len(const struct hip_challenge_request *const request);
++
++int hip_midauth_puzzle_seed(const uint8_t *const opaque,
++                            const unsigned int opaque_len,
++                            uint8_t *const puzzle_value);
++
++#endif /* MODULES_MIDAUTH_HIPD_MIDAUTH_BUILDER_H */
 === added file 'modules/midauth/module_info.xml'
 --- modules/midauth/module_info.xml	1970-01-01 00:00:00 +0000
 +++ modules/midauth/module_info.xml	2011-08-05 09:02:54 +0000
@@ -0,0 +1,47 @@
++<!--
++Copyright (c) 2010-2011 Aalto University and RWTH Aachen University.
++
++Permission is hereby granted, free of charge, to any person
++obtaining a copy of this software and associated documentation
++files (the "Software"), to deal in the Software without
++restriction, including without limitation the rights to use,
++copy, modify, merge, publish, distribute, sublicense, and/or sell
++copies of the Software, and to permit persons to whom the
++Software is furnished to do so, subject to the following
++conditions:
++
++The above copyright notice and this permission notice shall be
++included in all copies or substantial portions of the Software.
++
++THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
++EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
++OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
++NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
++HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
++WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
++FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
++OTHER DEALINGS IN THE SOFTWARE.
++-->
++
++<?xml version="1.0" encoding="UTF-8"?>
++
++<!-- Mandatory: name, version -->
++<module
++    name="midauth"
++    version="0.0.1"
++    description="Middlebox authentication functionality for the hip daemon."
++    developer=""
++    bugaddress="hipl-users@freelists.org"
++    webpage="http://infrahip.hiit.fi/">
++
++    <requires>
++        <module name="update" minversion="0.0.1" />
++    </requires>
++
++    <!-- Mandatory: name, header_file, init_function -->
++    <application
++        name="hipd"
++        header_file="modules/midauth/hipd/midauth.h"
++        init_function="hip_midauth_init" />
++</module>
++
 === modified file 'modules/update/Makefile.am'
 --- modules/update/Makefile.am	2011-04-13 13:28:58 +0000
 +++ modules/update/Makefile.am	2011-08-05 09:02:54 +0000
@@ -1,4 +1,4 @@
--hipd_hipd_SOURCES += modules/update/hipd/update.c                   \
++hipd_hipd_sources += modules/update/hipd/update.c                   \
                       modules/update/hipd/update_builder.c           \
                       modules/update/hipd/update_locator.c           \
                       modules/update/hipd/update_param_handling.c
 === added file 'test/check_modules_midauth.c'
 --- test/check_modules_midauth.c	1970-01-01 00:00:00 +0000
 +++ test/check_modules_midauth.c	2011-08-05 09:02:54 +0000
@@ -0,0 +1,46 @@
++/*
++ * Copyright (c) 2010-2011 Aalto University and RWTH Aachen University.
++ *
++ * Permission is hereby granted, free of charge, to any person
++ * obtaining a copy of this software and associated documentation
++ * files (the "Software"), to deal in the Software without
++ * restriction, including without limitation the rights to use,
++ * copy, modify, merge, publish, distribute, sublicense, and/or sell
++ * copies of the Software, and to permit persons to whom the
++ * Software is furnished to do so, subject to the following
++ * conditions:
++ *
++ * The above copyright notice and this permission notice shall be
++ * included in all copies or substantial portions of the Software.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
++ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
++ * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
++ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
++ * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
++ * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
++ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
++ * OTHER DEALINGS IN THE SOFTWARE.
++ */
++
++/**
++ * @file
++ * @brief Unit tests of modules/midauth (see doc/HACKING on unit tests).
++ */
++
++#include <stdlib.h>
++#include <check.h>
++
++#include "test/modules/midauth/test_suites.h"
++
++int main(void)
++{
++    int      number_failed;
++    SRunner *sr = srunner_create(modules_midauth_lib_builder());
++    srunner_add_suite(sr, modules_midauth_hipd_midauth());
++
++    srunner_run_all(sr, CK_NORMAL);
++    number_failed = srunner_ntests_failed(sr);
++    srunner_free(sr);
++    return (number_failed == 0) ? EXIT_SUCCESS : EXIT_FAILURE;
++}
 === added directory 'test/modules'
 === added directory 'test/modules/midauth'
 === added directory 'test/modules/midauth/hipd'
 === added file 'test/modules/midauth/hipd/midauth.c'
 --- test/modules/midauth/hipd/midauth.c	1970-01-01 00:00:00 +0000
 +++ test/modules/midauth/hipd/midauth.c	2011-08-05 09:02:54 +0000
@@ -0,0 +1,120 @@
++/*
++ * Copyright (c) 2011 Aalto University and RWTH Aachen University.
++ *
++ * Permission is hereby granted, free of charge, to any person
++ * obtaining a copy of this software and associated documentation
++ * files (the "Software"), to deal in the Software without
++ * restriction, including without limitation the rights to use,
++ * copy, modify, merge, publish, distribute, sublicense, and/or sell
++ * copies of the Software, and to permit persons to whom the
++ * Software is furnished to do so, subject to the following
++ * conditions:
++ *
++ * The above copyright notice and this permission notice shall be
++ * included in all copies or substantial portions of the Software.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
++ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
++ * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
++ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
++ * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
++ * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
++ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
++ * OTHER DEALINGS IN THE SOFTWARE.
++ */
++
++#include <check.h>
++#include <stdint.h>
++
++#include "modules/midauth/hipd/midauth.c"
++#include "modules/midauth/lib/midauth_builder.h"
++#include "../test_suites.h"
++
++#define MIDAUTH_DEFAULT_NONCE_LENGTH 18
++
++/* Test where the HIP packet does not contain any CHALLANGE_REQUESTs */
++START_TEST(test_midauth_handle_challenge_request_param_0_CORRECT)
++{
++    struct hip_packet_context ctx = { 0 };
++    const struct hip_challenge_response *response = NULL;
++
++    ctx.input_msg = hip_msg_alloc();
++    ctx.output_msg = hip_msg_alloc();
++
++    fail_unless(handle_challenge_request_param(0, 0, &ctx) == 0, NULL);
++
++    /* NOTE we can only check for the existance of the response parameter here
++     *      as the puzzle solution differs for each run. */
++    fail_unless((response = hip_get_param(ctx.output_msg,
++                                          HIP_PARAM_CHALLENGE_RESPONSE)) == NULL,
++                NULL);
++}
++END_TEST
++
++START_TEST(test_midauth_handle_challenge_request_param_1_CORRECT)
++{
++    const uint8_t opaque1[] = "\x01\x41\x01\x14\x05\x00\x48\x49\x0b"
++                              "\x02\x42\x02\x15\x06\x08\x49\x50\x0c";
++    struct hip_packet_context ctx = { 0 };
++    const struct hip_challenge_response *response = NULL;
++
++    ctx.input_msg = hip_msg_alloc();
++    ctx.output_msg = hip_msg_alloc();
++
++    fail_unless(hip_build_param_challenge_request(ctx.input_msg, 0, 0, opaque1,
++                                                  MIDAUTH_DEFAULT_NONCE_LENGTH) ==
++                0, NULL);
++    fail_unless(handle_challenge_request_param(0, 0, &ctx) == 0, NULL);
++
++    /* NOTE we can only check for the existance of the response parameter here
++     *      as the puzzle solution differs for each run. */
++    fail_unless((response = hip_get_param(ctx.output_msg,
++                                          HIP_PARAM_CHALLENGE_RESPONSE)) != NULL,
++                NULL);
++}
++END_TEST
++
++START_TEST(test_midauth_handle_challenge_request_param_2_CORRECT)
++{
++    const uint8_t opaque1[] = "\x01\x41\x01\x14\x05\x00\x48\x49\x0b"
++                              "\x02\x42\x02\x15\x06\x08\x49\x50\x0c";
++    const uint8_t opaque2[] = "\x01\x41\x01\x14\x05\x00\x48\x49\x0b"
++                              "\x02\x42\x02\x15\x06\x08\x49\x50\x0d";
++    struct hip_packet_context ctx = { 0 };
++    const struct hip_challenge_response *response = NULL;
++
++    ctx.input_msg = hip_msg_alloc();
++    ctx.output_msg = hip_msg_alloc();
++
++    fail_unless(hip_build_param_challenge_request(ctx.input_msg, 0, 0, opaque1,
++                                                  MIDAUTH_DEFAULT_NONCE_LENGTH) ==
++                0, NULL);
++    fail_unless(hip_build_param_challenge_request(ctx.input_msg, 0, 0, opaque2,
++                                                  MIDAUTH_DEFAULT_NONCE_LENGTH) ==
++                0, NULL);
++    fail_unless(handle_challenge_request_param(0, 0, &ctx) == 0, NULL);
++
++    /* NOTE we can only check for the existance of the response parameter here
++     *      as the puzzle solution differs for each run. */
++    fail_unless((response = hip_get_param(ctx.output_msg,
++                                          HIP_PARAM_CHALLENGE_RESPONSE)) != NULL,
++                NULL);
++    fail_unless(hip_get_next_param(ctx.output_msg,
++                                   (const struct hip_tlv_common *) response) !=
++                NULL, NULL);
++}
++END_TEST
++
++Suite *modules_midauth_hipd_midauth(void)
++{
++    Suite *s = suite_create("modules/midauth/hipd/midauth");
++    TCase *tc_midauth = tcase_create("Midauth");
++
++    tcase_add_test(tc_midauth, test_midauth_handle_challenge_request_param_0_CORRECT);
++    tcase_add_test(tc_midauth, test_midauth_handle_challenge_request_param_1_CORRECT);
++    tcase_add_test(tc_midauth, test_midauth_handle_challenge_request_param_2_CORRECT);
++
++    suite_add_tcase(s, tc_midauth);
++
++    return s;
++}
 === added directory 'test/modules/midauth/lib'
 === added file 'test/modules/midauth/lib/midauth_builder.c'
 --- test/modules/midauth/lib/midauth_builder.c	1970-01-01 00:00:00 +0000
 +++ test/modules/midauth/lib/midauth_builder.c	2011-08-05 09:02:54 +0000
@@ -0,0 +1,265 @@
++/*
++ * Copyright (c) 2011 Aalto University and RWTH Aachen University.
++ *
++ * Permission is hereby granted, free of charge, to any person
++ * obtaining a copy of this software and associated documentation
++ * files (the "Software"), to deal in the Software without
++ * restriction, including without limitation the rights to use,
++ * copy, modify, merge, publish, distribute, sublicense, and/or sell
++ * copies of the Software, and to permit persons to whom the
++ * Software is furnished to do so, subject to the following
++ * conditions:
++ *
++ * The above copyright notice and this permission notice shall be
++ * included in all copies or substantial portions of the Software.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
++ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
++ * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
++ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
++ * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
++ * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
++ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
++ * OTHER DEALINGS IN THE SOFTWARE.
++ */
++
++#include <check.h>
++#include <stdint.h>
++
++#include "lib/core/protodefs.h"
++#include "modules/midauth/hipd/midauth.h"
++#include "modules/midauth/lib/midauth_builder.h"
++#include "../test_suites.h"
++
++#define MIDAUTH_DEFAULT_NONCE_LENGTH 18
++
++START_TEST(test_midauth_builder_build_param_challenge_request_NULL_msg)
++{
++    const uint8_t opaque[] = "\x01\x41\x01\x14\x05\x00\x48\x49\x0b"
++                             "\x02\x42\x02\x15\x06\x08\x49\x50\x0c";
++
++    fail_unless(hip_build_param_challenge_request(NULL, 0, 0, opaque,
++                                                  MIDAUTH_DEFAULT_NONCE_LENGTH) ==
++                -1, NULL);
++}
++END_TEST
++
++#ifdef HAVE_TCASE_ADD_EXIT_TEST
++START_TEST(test_midauth_builder_build_param_challenge_request_NULL_opaque)
++{
++    struct hip_common *const msg = hip_msg_alloc();
++
++    hip_build_param_challenge_request(msg, 0, 0, NULL,
++                                      MIDAUTH_DEFAULT_NONCE_LENGTH);
++}
++END_TEST
++#endif /* HAVE_TCASE_ADD_EXIT_TEST */
++
++START_TEST(test_midauth_builder_build_param_challenge_request_0_opaque_len)
++{
++    const uint8_t opaque[] = "\x01\x41\x01\x14\x05\x00\x48\x49\x0b"
++                             "\x02\x42\x02\x15\x06\x08\x49\x50\x0c";
++    struct hip_common *const msg = hip_msg_alloc();
++
++    fail_unless(hip_build_param_challenge_request(msg, 0, 0, opaque,
++                                                  0) == 0, NULL);
++}
++END_TEST
++
++START_TEST(test_midauth_builder_build_param_challenge_request_CORRECT)
++{
++    const uint8_t opaque[] = "\x01\x41\x01\x14\x05\x00\x48\x49\x0b"
++                             "\x02\x42\x02\x15\x06\x08\x49\x50\x0c";
++    const char cmp_challenge_request[] = "\xff\x36\x00\x14\x00\x00\x01\x41\x01"
++                                         "\x14\x05\x00\x48\x49\x0b\x02\x42\x02"
++                                         "\x15\x06\x08\x49\x50\x0C";
++    const struct hip_challenge_request *request = NULL;
++    struct hip_common *const msg = hip_msg_alloc();
++
++    fail_unless(hip_build_param_challenge_request(msg, 0, 0, opaque,
++                                                  MIDAUTH_DEFAULT_NONCE_LENGTH) ==
++                0, NULL);
++    fail_unless((request = hip_get_param(msg, HIP_PARAM_CHALLENGE_REQUEST)) != NULL,
++                NULL);
++    fail_unless(memcmp(request, &cmp_challenge_request,
++                       hip_get_param_total_len(request)) == 0, NULL);
++}
++END_TEST
++
++START_TEST(test_midauth_builder_build_param_challenge_response_NULL_msg)
++{
++    const char challenge_request[] = "\xff\x36\x00\x14\x00\x00\x01\x41\x01"
++                                     "\x14\x05\x00\x48\x49\x0b\x02\x42\x02"
++                                     "\x15\x06\x08\x49\x50\x0C";
++    const uint8_t solution[] = "\x01\x41\x01\x14\x05\x00\x48\x49";
++    const struct hip_challenge_request *request =
++            (const struct hip_challenge_request *) challenge_request;
++
++    fail_unless(hip_build_param_challenge_response(NULL, request, solution) == -1,
++                NULL);
++}
++END_TEST
++
++START_TEST(test_midauth_builder_build_param_challenge_response_NULL_request)
++{
++    const uint8_t solution[] = "\x01\x41\x01\x14\x05\x00\x48\x49";
++    const struct hip_challenge_request *request = NULL;
++    struct hip_common *const msg = hip_msg_alloc();
++
++    fail_unless(hip_build_param_challenge_response(msg, request, solution) == -1,
++                NULL);
++}
++END_TEST
++
++START_TEST(test_midauth_builder_build_param_challenge_response_NULL_solution)
++{
++    const char challenge_request[] = "\xff\x36\x00\x14\x00\x00\x01\x41\x01"
++                                     "\x14\x05\x00\x48\x49\x0b\x02\x42\x02"
++                                     "\x15\x06\x08\x49\x50\x0C";
++    const struct hip_challenge_request *request =
++            (const struct hip_challenge_request *) challenge_request;
++    struct hip_common *const msg = hip_msg_alloc();
++
++    fail_unless(hip_build_param_challenge_response(msg, request, NULL) == -1,
++                NULL);
++}
++END_TEST
++
++START_TEST(test_midauth_builder_build_param_challenge_response_CORRECT)
++{
++    const char challenge_request[] = "\xff\x36\x00\x14\x00\x00\x01\x41\x01"
++                                     "\x14\x05\x00\x48\x49\x0b\x02\x42\x02"
++                                     "\x15\x06\x08\x49\x50\x0C";
++    const char cmp_challenge_response[] = "\x01\x42\x00\x1C\x00\x00\x01\x41\x01"
++                                          "\x14\x05\x00\x48\x49\x01\x41\x01\x14"
++                                          "\x05\x00\x48\x49\x0b\x02\x42\x02\x15"
++                                          "\x06\x08\x49\x50\x0c";
++    const uint8_t solution[] = "\x01\x41\x01\x14\x05\x00\x48\x49";
++    const struct hip_challenge_request *request =
++            (const struct hip_challenge_request *) challenge_request;
++    const struct hip_challenge_response *response = NULL;
++    struct hip_common *const msg = hip_msg_alloc();
++
++    fail_unless(hip_build_param_challenge_response(msg, request, solution) == 0,
++                NULL);
++    fail_unless((response = hip_get_param(msg, HIP_PARAM_CHALLENGE_RESPONSE)) != NULL,
++                NULL);
++    fail_unless(memcmp(response, &cmp_challenge_response,
++                       hip_get_param_total_len(response)) == 0, NULL);
++}
++END_TEST
++
++START_TEST(test_midauth_builder_challenge_request_opaque_len_NULL)
++{
++    fail_unless(hip_challenge_request_opaque_len(NULL) == 0, NULL);
++}
++END_TEST
++
++START_TEST(test_midauth_builder_challenge_request_opaque_len_CORRECT)
++{
++    const uint8_t opaque[] = "\x01\x41\x01\x14\x05\x00\x48\x49\x0b"
++                             "\x02\x42\x02\x15\x06\x08\x49\x50\x0c";
++    const struct hip_challenge_request *request = NULL;
++    struct hip_common *const msg = hip_msg_alloc();
++
++    fail_unless(hip_build_param_challenge_request(msg, 0, 0, opaque,
++                                                  MIDAUTH_DEFAULT_NONCE_LENGTH) ==
++                0, NULL);
++    fail_unless((request = hip_get_param(msg, HIP_PARAM_CHALLENGE_REQUEST)) != NULL,
++                NULL);
++    fail_unless(hip_challenge_request_opaque_len(request) ==
++                MIDAUTH_DEFAULT_NONCE_LENGTH, NULL);
++}
++END_TEST
++
++#ifdef HAVE_TCASE_ADD_EXIT_TEST
++START_TEST(test_midauth_builder_puzzle_seed_NULL_opaque)
++{
++    const uint8_t *const opaque = NULL;
++    uint8_t puzzle_value[PUZZLE_LENGTH];
++
++    hip_midauth_puzzle_seed(opaque, MIDAUTH_DEFAULT_NONCE_LENGTH, puzzle_value);
++}
++END_TEST
++#endif /* HAVE_TCASE_ADD_EXIT_TEST */
++
++START_TEST(test_midauth_builder_puzzle_seed_0_opaque_len)
++{
++    const uint8_t opaque[] = "\x01\x41\x00\x14\x05\x00\x48\x49\x0b";
++    uint8_t puzzle_value[PUZZLE_LENGTH];
++
++    fail_unless(hip_midauth_puzzle_seed(opaque,
++                                        0,
++                                        puzzle_value) == -1, NULL);
++}
++END_TEST
++
++START_TEST(test_midauth_builder_puzzle_seed_NULL_puzzle_value)
++{
++    const uint8_t opaque[] = "\x01\x41\x00\x14\x05\x00\x48\x49\x0b";
++
++    fail_unless(hip_midauth_puzzle_seed(opaque,
++                                        MIDAUTH_DEFAULT_NONCE_LENGTH,
++                                        NULL) == -1, NULL);
++}
++END_TEST
++
++START_TEST(test_midauth_builder_puzzle_seed_CORRECT)
++{
++    const uint8_t opaque[] = "\x01\x41\x01\x14\x05\x00\x48\x49\x0b"
++                             "\x02\x42\x02\x15\x06\x08\x49\x50\x0c";
++    uint8_t puzzle_value[PUZZLE_LENGTH];
++    uint8_t correct_puzzle_value[] = "\x43\x03\x8F\xD7\x2F\xC7\xD2\xF3";
++
++    fail_unless(hip_midauth_puzzle_seed(opaque,
++                                        MIDAUTH_DEFAULT_NONCE_LENGTH,
++                                        puzzle_value) == 0, NULL);
++    fail_unless(memcmp(correct_puzzle_value, puzzle_value, PUZZLE_LENGTH) == 0,
++                NULL);
++}
++END_TEST
++
++Suite *modules_midauth_lib_builder(void)
++{
++    Suite *s = suite_create("modules/midauth/lib/midauth_builder");
++    TCase *tc_midauth_builder = tcase_create("Midauth_builder");
++
++    tcase_add_test(tc_midauth_builder,
++                   test_midauth_builder_build_param_challenge_request_NULL_msg);
++// the tcase_add_exit_test macro is only available in check 0.9.8 or later but
++// scratchbox uses an older version of checkc so we try to avoid this macro
++#ifdef HAVE_TCASE_ADD_EXIT_TEST
++    tcase_add_exit_test(tc_midauth_builder,
++                        test_midauth_builder_build_param_challenge_request_NULL_opaque,
++                        1);
++#endif
++    tcase_add_test(tc_midauth_builder,
++                   test_midauth_builder_build_param_challenge_request_0_opaque_len);
++    tcase_add_test(tc_midauth_builder,
++                   test_midauth_builder_build_param_challenge_request_CORRECT);
++    tcase_add_test(tc_midauth_builder,
++                   test_midauth_builder_build_param_challenge_response_NULL_msg);
++    tcase_add_test(tc_midauth_builder,
++                   test_midauth_builder_build_param_challenge_response_NULL_request);
++    tcase_add_test(tc_midauth_builder,
++                   test_midauth_builder_build_param_challenge_response_NULL_solution);
++    tcase_add_test(tc_midauth_builder,
++                   test_midauth_builder_build_param_challenge_response_CORRECT);
++    tcase_add_test(tc_midauth_builder,
++                   test_midauth_builder_challenge_request_opaque_len_NULL);
++    tcase_add_test(tc_midauth_builder,
++                   test_midauth_builder_challenge_request_opaque_len_CORRECT);
++
++#ifdef HAVE_TCASE_ADD_EXIT_TEST
++    tcase_add_exit_test(tc_midauth_builder,
++                        test_midauth_builder_puzzle_seed_NULL_opaque, 1);
++#endif
++    tcase_add_test(tc_midauth_builder, test_midauth_builder_puzzle_seed_0_opaque_len);
++    tcase_add_test(tc_midauth_builder,
++                   test_midauth_builder_puzzle_seed_NULL_puzzle_value);
++    tcase_add_test(tc_midauth_builder, test_midauth_builder_puzzle_seed_CORRECT);
++
++    suite_add_tcase(s, tc_midauth_builder);
++
++    return s;
++}
 === added file 'test/modules/midauth/test_suites.h'
 --- test/modules/midauth/test_suites.h	1970-01-01 00:00:00 +0000
 +++ test/modules/midauth/test_suites.h	2011-08-05 09:02:54 +0000
@@ -0,0 +1,34 @@
++/*
++ * Copyright (c) 2010 Aalto University and RWTH Aachen University.
++ *
++ * Permission is hereby granted, free of charge, to any person
++ * obtaining a copy of this software and associated documentation
++ * files (the "Software"), to deal in the Software without
++ * restriction, including without limitation the rights to use,
++ * copy, modify, merge, publish, distribute, sublicense, and/or sell
++ * copies of the Software, and to permit persons to whom the
++ * Software is furnished to do so, subject to the following
++ * conditions:
++ *
++ * The above copyright notice and this permission notice shall be
++ * included in all copies or substantial portions of the Software.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
++ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
++ * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
++ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
++ * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
++ * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
++ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
++ * OTHER DEALINGS IN THE SOFTWARE.
++ */
++
++#ifndef HIP_TEST_MODULES_MIDAUTH_TEST_SUITES_H
++#define HIP_TEST_MODULES_MIDAUTH_TEST_SUITES_H
++
++#include <check.h>
++
++Suite *modules_midauth_lib_builder(void);
++Suite *modules_midauth_hipd_midauth(void);
++
++#endif /* HIP_TEST_MODULES_MIDAUTH_TEST_SUITES_H */

HIPL

Merge lp:~rene-hummen/hipl/midauth-hipd into lp:hipl

Commit message

Description of the change

Unmerged revisions

Preview Diff

Subscribers