From 9b31754e1f3c456e15b81490b95604edf0c64cd7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michal=20Josef=20=C5=A0pa=C4=8Dek?= Date: Mon, 11 Mar 2024 20:56:17 +0100 Subject: [PATCH 06/11] Split usm.t to two parts --- MANIFEST | 3 +- t/usm-md5-des.t | 153 ++++++++++++++++++++++++++++++++++++ t/{usm.t => usm-sha1-des.t} | 121 +--------------------------- 3 files changed, 159 insertions(+), 118 deletions(-) create mode 100644 t/usm-md5-des.t rename t/{usm.t => usm-sha1-des.t} (58%) diff --git a/MANIFEST b/MANIFEST index 358e859..c750573 100644 --- a/MANIFEST +++ b/MANIFEST @@ -35,4 +35,5 @@ snmpkey.PL t/ber.t t/dsp.t t/mp.t -t/usm.t +t/usm-md5-des.t +t/usm-sha1-des.t diff --git a/t/usm-md5-des.t b/t/usm-md5-des.t new file mode 100644 index 0000000..2d8d8c0 --- /dev/null +++ b/t/usm-md5-des.t @@ -0,0 +1,153 @@ +# -*- mode: perl -*- +# ============================================================================ + +# Test of the SNMPv3 User-based Security Model. + +# Copyright (c) 2001-2009 David M. Town . +# All rights reserved. + +# This program is free software; you may redistribute it and/or modify it +# under the same terms as the Perl 5 programming language system itself. + +# ============================================================================ + +use strict; +use Test; + +BEGIN +{ + $| = 1; + $^W = 1; + plan tests => 7 +} + +use Net::SNMP::Message qw(SEQUENCE OCTET_STRING FALSE); + +# +# Load the Net::SNMP::Security::USM module +# + +eval 'use Net::SNMP::Security::USM'; + +my $skip = ($@ =~ /locate (:?\S+\.pm)/) ? $@ : FALSE; + +# +# 1. Create the Net::SNMP::Security::USM object +# + +my ($u, $e); + +eval +{ + ($u, $e) = Net::SNMP::Security::USM->new( + -username => 'dtown', + -authpassword => 'maplesyrup', + -privpassword => 'maplesyrup', + -privprotocol => 'des', + ); + + # "Perform" discovery... + $u->_engine_id_discovery(pack 'x11H2', '02'); + + # ...and synchronization + $u->_synchronize(10, time); +}; + +skip( + $skip, ($@ || $e), q{}, 'Failed to create Net::SNMP::Security::USM object' +); + +# +# 2. Check the localized authKey +# + +eval +{ + $e = unpack 'H*', $u->auth_key(); +}; + +skip( + $skip, + ($@ || $e), + '526f5eed9fcce26f8964c2930787d82b', # RFC 3414 - A.3.1 + 'Invalid authKey calculated' +); + +# +# 3. Check the localized privKey +# + +eval +{ + $e = unpack 'H*', $u->priv_key(); +}; + +skip( + $skip, + ($@ || $e), + '526f5eed9fcce26f8964c2930787d82b', + 'Invalid privKey calculated' +); + +# +# 4. Create and initalize a Message +# + +my $m; + +eval +{ + ($m, $e) = Net::SNMP::Message->new(); + $m->prepare(SEQUENCE, pack('H*', 'deadbeef') x 8); + $e = $m->error(); +}; + +skip($skip, ($@ || $e), q{}, 'Failed to create Net::SNMP::Message object'); + +# +# 5. Calculate the HMAC +# + +my $h; + +eval +{ + $h = unpack 'H*', $u->_auth_hmac($m); +}; + +skip($skip, $@, q{}, 'Calculate the HMAC failed'); + +# +# 6. Encrypt/descrypt the Message +# + +eval +{ + my $salt; + my $len = $m->length(); + my $buff = $m->clear(); + $m->append($u->_encrypt_data($m, $salt, $buff)); + $u->_decrypt_data($m, $salt, $m->process(OCTET_STRING)); + $e = $u->error(); + # Remove padding if necessary + if ($len -= $m->length()) { + substr ${$m->reference()}, $len, -$len, q{}; + } +}; + +skip($skip, ($@ || $e), q{}, 'Privacy failed'); + +# +# 7. Check the HMAC +# + +my $h2; + +eval +{ + $h2 = unpack 'H*', $u->_auth_hmac($m); +}; + +skip($skip, ($@ || $h2), $h, 'Authentication failed'); + +# ============================================================================ diff --git a/t/usm.t b/t/usm-sha1-des.t similarity index 58% rename from t/usm.t rename to t/usm-sha1-des.t index 1a0d5a8..2efff7f 100644 --- a/t/usm.t +++ b/t/usm-sha1-des.t @@ -1,8 +1,6 @@ # -*- mode: perl -*- # ============================================================================ -# $Id: usm.t,v 6.0 2009/09/09 15:07:49 dtown Rel $ - # Test of the SNMPv3 User-based Security Model. # Copyright (c) 2001-2009 David M. Town . @@ -20,7 +18,7 @@ BEGIN { $| = 1; $^W = 1; - plan tests => 14 + plan tests => 7 } use Net::SNMP::Message qw(SEQUENCE OCTET_STRING FALSE); @@ -44,6 +42,7 @@ eval ($u, $e) = Net::SNMP::Security::USM->new( -username => 'dtown', -authpassword => 'maplesyrup', + -authprotocol => 'sha', -privpassword => 'maplesyrup', -privprotocol => 'des', ); @@ -71,7 +70,7 @@ eval skip( $skip, ($@ || $e), - '526f5eed9fcce26f8964c2930787d82b', # RFC 3414 - A.3.1 + '6695febc9288e36282235fc7151f128497b38f3f', # RFC 3414 - A.3.2 'Invalid authKey calculated' ); @@ -87,7 +86,7 @@ eval skip( $skip, ($@ || $e), - '526f5eed9fcce26f8964c2930787d82b', + '6695febc9288e36282235fc7151f1284', 'Invalid privKey calculated' ); @@ -152,116 +151,4 @@ eval skip($skip, ($@ || $h2), $h, 'Authentication failed'); -# -# 8. Create the Net::SNMP::Security::USM object -# - -eval -{ - ($u, $e) = Net::SNMP::Security::USM->new( - -username => 'dtown', - -authpassword => 'maplesyrup', - -authprotocol => 'sha', - -privpassword => 'maplesyrup', - -privprotocol => 'des', - ); - - # "Perform" discovery... - $u->_engine_id_discovery(pack 'x11H2', '02'); - - # ...and synchronization - $u->_synchronize(10, time); -}; - -skip( - $skip, ($@ || $e), q{}, 'Failed to create Net::SNMP::Security::USM object' -); - -# -# 9. Check the localized authKey -# - -eval -{ - $e = unpack 'H*', $u->auth_key(); -}; - -skip( - $skip, - ($@ || $e), - '6695febc9288e36282235fc7151f128497b38f3f', # RFC 3414 - A.3.2 - 'Invalid authKey calculated' -); - -# -# 10. Check the localized privKey -# - -eval -{ - $e = unpack 'H*', $u->priv_key(); -}; - -skip( - $skip, - ($@ || $e), - '6695febc9288e36282235fc7151f1284', - 'Invalid privKey calculated' -); - -# -# 11. Create and initalize a Message -# - -eval -{ - ($m, $e) = Net::SNMP::Message->new(); - $m->prepare(SEQUENCE, pack('H*', 'deadbeef') x 8); - $e = $m->error(); -}; - -skip($skip, ($@ || $e), q{}, 'Failed to create Net::SNMP::Message object'); - -# -# 12. Calculate the HMAC -# - -eval -{ - $h = unpack 'H*', $u->_auth_hmac($m); -}; - -skip($skip, $@, q{}, 'Calculate the HMAC failed'); - -# -# 13. Encrypt/descrypt the Message -# - -eval -{ - my $salt; - my $len = $m->length(); - my $buff = $m->clear(); - $m->append($u->_encrypt_data($m, $salt, $buff)); - $u->_decrypt_data($m, $salt, $m->process(OCTET_STRING)); - $e = $u->error(); - # Remove padding if necessary - if ($len -= $m->length()) { - substr ${$m->reference()}, $len, -$len, q{}; - } -}; - -skip($skip, ($@ || $e), q{}, 'Privacy failed'); - -# -# 14. Check the HMAC -# - -eval -{ - $h2 = unpack 'H*', $u->_auth_hmac($m); -}; - -skip($skip, ($@ || $h2), $h, 'Authentication failed'); - # ============================================================================ -- 2.45.1