1 // Copyright 2023 The Chromium Authors
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 // https://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14
15 #include "ip_util.h"
16
17 #include <string.h>
18
19 #include <gtest/gtest.h>
20 #include "input.h"
21
22 BSSL_NAMESPACE_BEGIN
23
TEST(IPUtilTest,IsValidNetmask)24 TEST(IPUtilTest, IsValidNetmask) {
25 uint8_t kWrongSize[3] = {0xff, 0xff, 0xff};
26 EXPECT_FALSE(IsValidNetmask(der::Input(kWrongSize)));
27
28 // All zeros is a valid netmask.
29 uint8_t kZeroIPv4[4] = {0};
30 EXPECT_TRUE(IsValidNetmask(der::Input(kZeroIPv4)));
31 uint8_t kZeroIPv6[16] = {0};
32 EXPECT_TRUE(IsValidNetmask(der::Input(kZeroIPv6)));
33
34 // Test all valid non-zero IPv4 netmasks.
35 for (int i = 0; i < 4; i++) {
36 uint8_t addr[4] = {0};
37 memset(addr, 0xff, i);
38 for (int shift = 0; shift < 8; shift++) {
39 addr[i] = 0xff << shift;
40 EXPECT_TRUE(IsValidNetmask(der::Input(addr)));
41 }
42 }
43
44 // Test all valid non-zero IPv6 netmasks.
45 for (int i = 0; i < 16; i++) {
46 uint8_t addr[16] = {0};
47 memset(addr, 0xff, i);
48 for (int shift = 0; shift < 8; shift++) {
49 addr[i] = 0xff << shift;
50 EXPECT_TRUE(IsValidNetmask(der::Input(addr)));
51 }
52 }
53
54 // Error within a byte.
55 uint8_t kInvalidIPv4[4] = {0xff, 0xff, 0x81, 0x00};
56 EXPECT_FALSE(IsValidNetmask(der::Input(kInvalidIPv4)));
57 uint8_t kInvalidIPv6[16] = {0xff, 0xff, 0x81, 0x00, 0x00, 0x00, 0x00, 0x00,
58 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
59 EXPECT_FALSE(IsValidNetmask(der::Input(kInvalidIPv6)));
60
61 // Error at the end.
62 uint8_t kInvalidIPv4_2[4] = {0xff, 0xff, 0x80, 0x01};
63 EXPECT_FALSE(IsValidNetmask(der::Input(kInvalidIPv4_2)));
64 uint8_t kInvalidIPv6_2[16] = {0xff, 0xff, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00,
65 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01};
66 EXPECT_FALSE(IsValidNetmask(der::Input(kInvalidIPv6_2)));
67
68 // Leading zero.
69 uint8_t kInvalidIPv4_3[4] = {0x00, 0xff, 0x80, 0x00};
70 EXPECT_FALSE(IsValidNetmask(der::Input(kInvalidIPv4_3)));
71 uint8_t kInvalidIPv6_3[16] = {0x00, 0xff, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00,
72 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01};
73 EXPECT_FALSE(IsValidNetmask(der::Input(kInvalidIPv6_3)));
74 }
75
TEST(IPUtilTest,IPAddressMatchesWithNetmask)76 TEST(IPUtilTest, IPAddressMatchesWithNetmask) {
77 // Under a zero mask, any two addresses are equal.
78 {
79 uint8_t kMask[4] = {0};
80 uint8_t kAddr1[4] = {1, 2, 3, 4};
81 uint8_t kAddr2[4] = {255, 254, 253, 252};
82 EXPECT_TRUE(IPAddressMatchesWithNetmask(
83 der::Input(kAddr1), der::Input(kAddr1), der::Input(kMask)));
84 EXPECT_TRUE(IPAddressMatchesWithNetmask(
85 der::Input(kAddr1), der::Input(kAddr2), der::Input(kMask)));
86 }
87
88 // Under an all ones mask, all bits of the address are checked.
89 {
90 uint8_t kMask[4] = {0xff, 0xff, 0xff, 0xff};
91 uint8_t kAddr1[4] = {1, 2, 3, 4};
92 uint8_t kAddr2[4] = {255, 254, 253, 252};
93 uint8_t kAddr3[4] = {1, 2, 3, 5};
94 EXPECT_TRUE(IPAddressMatchesWithNetmask(
95 der::Input(kAddr1), der::Input(kAddr1), der::Input(kMask)));
96 EXPECT_FALSE(IPAddressMatchesWithNetmask(
97 der::Input(kAddr1), der::Input(kAddr2), der::Input(kMask)));
98 EXPECT_FALSE(IPAddressMatchesWithNetmask(
99 der::Input(kAddr1), der::Input(kAddr3), der::Input(kMask)));
100 }
101
102 // In general, only masked bits are considered.
103 {
104 uint8_t kMask[4] = {0xff, 0xff, 0x80, 0x00};
105 uint8_t kAddr1[4] = {1, 2, 3, 4};
106 uint8_t kAddr2[4] = {1, 2, 0x7f, 0xff};
107 uint8_t kAddr3[4] = {2, 2, 3, 4};
108 EXPECT_TRUE(IPAddressMatchesWithNetmask(
109 der::Input(kAddr1), der::Input(kAddr1), der::Input(kMask)));
110 EXPECT_TRUE(IPAddressMatchesWithNetmask(
111 der::Input(kAddr1), der::Input(kAddr2), der::Input(kMask)));
112 EXPECT_FALSE(IPAddressMatchesWithNetmask(
113 der::Input(kAddr1), der::Input(kAddr3), der::Input(kMask)));
114 }
115 }
116
117 BSSL_NAMESPACE_END
118