1 // Copyright 2023 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "ip_util.h"
6
7 #include <string.h>
8
9 #include <gtest/gtest.h>
10 #include "input.h"
11
12 namespace bssl {
13
TEST(IPUtilTest,IsValidNetmask)14 TEST(IPUtilTest, IsValidNetmask) {
15 uint8_t kWrongSize[3] = {0xff, 0xff, 0xff};
16 EXPECT_FALSE(IsValidNetmask(der::Input(kWrongSize)));
17
18 // All zeros is a valid netmask.
19 uint8_t kZeroIPv4[4] = {0};
20 EXPECT_TRUE(IsValidNetmask(der::Input(kZeroIPv4)));
21 uint8_t kZeroIPv6[16] = {0};
22 EXPECT_TRUE(IsValidNetmask(der::Input(kZeroIPv6)));
23
24 // Test all valid non-zero IPv4 netmasks.
25 for (int i = 0; i < 4; i++) {
26 uint8_t addr[4] = {0};
27 memset(addr, 0xff, i);
28 for (int shift = 0; shift < 8; shift++) {
29 addr[i] = 0xff << shift;
30 EXPECT_TRUE(IsValidNetmask(der::Input(addr)));
31 }
32 }
33
34 // Test all valid non-zero IPv6 netmasks.
35 for (int i = 0; i < 16; i++) {
36 uint8_t addr[16] = {0};
37 memset(addr, 0xff, i);
38 for (int shift = 0; shift < 8; shift++) {
39 addr[i] = 0xff << shift;
40 EXPECT_TRUE(IsValidNetmask(der::Input(addr)));
41 }
42 }
43
44 // Error within a byte.
45 uint8_t kInvalidIPv4[4] = {0xff, 0xff, 0x81, 0x00};
46 EXPECT_FALSE(IsValidNetmask(der::Input(kInvalidIPv4)));
47 uint8_t kInvalidIPv6[16] = {0xff, 0xff, 0x81, 0x00, 0x00, 0x00, 0x00, 0x00,
48 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
49 EXPECT_FALSE(IsValidNetmask(der::Input(kInvalidIPv6)));
50
51 // Error at the end.
52 uint8_t kInvalidIPv4_2[4] = {0xff, 0xff, 0x80, 0x01};
53 EXPECT_FALSE(IsValidNetmask(der::Input(kInvalidIPv4_2)));
54 uint8_t kInvalidIPv6_2[16] = {0xff, 0xff, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00,
55 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01};
56 EXPECT_FALSE(IsValidNetmask(der::Input(kInvalidIPv6_2)));
57
58 // Leading zero.
59 uint8_t kInvalidIPv4_3[4] = {0x00, 0xff, 0x80, 0x00};
60 EXPECT_FALSE(IsValidNetmask(der::Input(kInvalidIPv4_3)));
61 uint8_t kInvalidIPv6_3[16] = {0x00, 0xff, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00,
62 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01};
63 EXPECT_FALSE(IsValidNetmask(der::Input(kInvalidIPv6_3)));
64 }
65
TEST(IPUtilTest,IPAddressMatchesWithNetmask)66 TEST(IPUtilTest, IPAddressMatchesWithNetmask) {
67 // Under a zero mask, any two addresses are equal.
68 {
69 uint8_t kMask[4] = {0};
70 uint8_t kAddr1[4] = {1, 2, 3, 4};
71 uint8_t kAddr2[4] = {255, 254, 253, 252};
72 EXPECT_TRUE(IPAddressMatchesWithNetmask(
73 der::Input(kAddr1), der::Input(kAddr1), der::Input(kMask)));
74 EXPECT_TRUE(IPAddressMatchesWithNetmask(
75 der::Input(kAddr1), der::Input(kAddr2), der::Input(kMask)));
76 }
77
78 // Under an all ones mask, all bits of the address are checked.
79 {
80 uint8_t kMask[4] = {0xff, 0xff, 0xff, 0xff};
81 uint8_t kAddr1[4] = {1, 2, 3, 4};
82 uint8_t kAddr2[4] = {255, 254, 253, 252};
83 uint8_t kAddr3[4] = {1, 2, 3, 5};
84 EXPECT_TRUE(IPAddressMatchesWithNetmask(
85 der::Input(kAddr1), der::Input(kAddr1), der::Input(kMask)));
86 EXPECT_FALSE(IPAddressMatchesWithNetmask(
87 der::Input(kAddr1), der::Input(kAddr2), der::Input(kMask)));
88 EXPECT_FALSE(IPAddressMatchesWithNetmask(
89 der::Input(kAddr1), der::Input(kAddr3), der::Input(kMask)));
90 }
91
92 // In general, only masked bits are considered.
93 {
94 uint8_t kMask[4] = {0xff, 0xff, 0x80, 0x00};
95 uint8_t kAddr1[4] = {1, 2, 3, 4};
96 uint8_t kAddr2[4] = {1, 2, 0x7f, 0xff};
97 uint8_t kAddr3[4] = {2, 2, 3, 4};
98 EXPECT_TRUE(IPAddressMatchesWithNetmask(
99 der::Input(kAddr1), der::Input(kAddr1), der::Input(kMask)));
100 EXPECT_TRUE(IPAddressMatchesWithNetmask(
101 der::Input(kAddr1), der::Input(kAddr2), der::Input(kMask)));
102 EXPECT_FALSE(IPAddressMatchesWithNetmask(
103 der::Input(kAddr1), der::Input(kAddr3), der::Input(kMask)));
104 }
105 }
106
107 } // namespace bssl
108