#
#  Tests for the EAP-SIM/AKA/AKA' encoder and decoder
#

# Only run the tests if we have TLS support
need-feature tls
# Load the EAP-AKA/SIM encoder/decoder
proto eap-aka-sim
proto-dictionary eap-aka-sim eap/aka-sim

# Boolean attribute
encode-pair.sim_tp_encode Any-ID-Req = yes
match 0d 01 00 00

# False Boolean attribute (should produce no data)
encode-pair.sim_tp_encode Any-ID-Req = no
match

# Short
encode-pair.sim_tp_encode Selected-Version = 1
match 10 01 00 01

# Octets
encode-pair.sim_tp_encode RAND = 0x00112233445566770011223344556677
match 01 05 00 00 00 11 22 33 44 55 66 77 00 11 22 33 44 55 66 77

encode-pair.sim_tp_encode RAND = 0x00112233445566770011223344556677, RAND = 0x00112233445566770011223344556678
match 01 09 00 00 00 11 22 33 44 55 66 77 00 11 22 33 44 55 66 77 00 11 22 33 44 55 66 77 00 11 22 33 44 55 66 78

# Octets (autopad)
encode-pair.sim_tp_encode RAND = 0x11
match 01 05 00 00 11 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

# Empty octets
encode-pair.sim_tp_encode RAND = 0x
match 01 01 00 00

# Aliased
encode-pair.sim_tp_encode Notification = Temporarily-Denied
match 0c 01 04 02

# No string padding
encode-pair.sim_tp_encode Identity = "testing123@simfi"
match 0e 05 00 10 74 65 73 74 69 6e 67 31 32 33 40 73 69 6d 66 69

# Three bytes string padding
encode-pair.sim_tp_encode Identity = "testing123@si"
match 0e 05 00 0d 74 65 73 74 69 6e 67 31 32 33 40 73 69 00 00 00

# Two bytes string padding
encode-pair.sim_tp_encode Identity = "testing123@sim"
match 0e 05 00 0e 74 65 73 74 69 6e 67 31 32 33 40 73 69 6d 00 00

# One byte string padding
encode-pair.sim_tp_encode Identity = "testing123@simf"
match 0e 05 00 0f 74 65 73 74 69 6e 67 31 32 33 40 73 69 6d 66 00

# Empty string
encode-pair.sim_tp_encode Identity = ""
match 0e 01 00 00

# Two attributes
encode-pair.sim_tp_encode Identity = "testing123@simfi", Any-ID-Req = yes
match 0e 05 00 10 74 65 73 74 69 6e 67 31 32 33 40 73 69 6d 66 69 0d 01 00 00

# A single encrypted attribute
encode-pair.sim_tp_encode Encr-Data.Next-Pseudonym = "testing123"
match 82 05 00 00 3f b8 34 1f f8 26 e0 4d 4a f3 f9 61 3c a9 84 26

decode-pair.sim_tp_decode -
match Encr-Data = { Next-Pseudonym = "testing123" }

# Encrypt attribute requiring padding
encode-pair.sim_tp_encode Encr-Data.Counter-Too-Small = yes
match 82 05 00 00 5a f8 99 3c 02 f5 6c 04 b8 6e bb 54 3a af 74 32

decode-pair.sim_tp_decode -
match Encr-Data = { Counter-Too-Small = yes }

# Two encrypted attributes, one bool to extend plaintext so it's not a multiple block of block length
encode-pair.sim_tp_encode Encr-data.Next-Pseudonym = "testing123", Encr-Data.Counter-Too-Small = yes
match 82 09 00 00 3f b8 34 1f f8 26 e0 4d 4a f3 f9 61 3c a9 84 26 0f 4a 53 ce 33 99 9e 4f 29 df a4 79 18 a9 57 dd

decode-pair.sim_tp_decode -
match Encr-Data = { Next-Pseudonym = "testing123", Counter-Too-Small = yes }

pair Encr-Data.Next-Pseudonym = "testing123", Any-ID-Req = yes, Encr-Data.Counter-Too-Small = yes
match Encr-Data = { Next-Pseudonym = "testing123", Counter-Too-Small = yes }, Any-ID-Req = yes

# Plaintext and encrypted attributes interleaved (this shouldn't happen usually, due to sorting)
encode-pair.sim_tp_encode Encr-Data.Next-Pseudonym = "testing123", Any-ID-Req = yes, Encr-Data.Counter-Too-Small = yes
match 82 09 00 00 3f b8 34 1f f8 26 e0 4d 4a f3 f9 61 3c a9 84 26 0f 4a 53 ce 33 99 9e 4f 29 df a4 79 18 a9 57 dd 0d 01 00 00

#
#  Old style: NOT nested.  So we put the children of the TLV 82 into different top-level TLVs.
#
#match 82 05 00 00 3f b8 34 1f f8 26 e0 4d 4a f3 f9 61 3c a9 84 26 0d 01 00 00 82 05 00 00 5a f8 99 3c 02 f5 6c 04 b8 6e bb 54 3a af 74 32

decode-pair.sim_tp_decode -
match Encr-Data = { Next-Pseudonym = "testing123", Counter-Too-Small = yes }, Any-ID-Req = yes

# Array (one element)
encode-pair.sim_tp_encode Version-List = 1
match 0f 02 00 02 00 01 00 00

# Array (multiple elements, with padding)
encode-pair.sim_tp_encode Version-List = 1, Version-List = 2, Version-List = 3
match 0f 03 00 06 00 01 00 02 00 03 00 00

# Array (multiple elements, with no padding)
encode-pair.sim_tp_encode Version-List = 1, Version-List = 2, Version-List = 3, Version-List = 4
match 0f 03 00 08 00 01 00 02 00 03 00 04

# RFC4186 A.3. example
encode-pair.sim_tp_encode_rfc4186 Version-List = 1
match 0f 02 00 02 00 01 00 00

# RFC4186 A.4. example
encode-pair.sim_tp_encode_rfc4186 Nonce-MT = 0x0123456789abcdeffedcba9876543210, Selected-Version = 1
match 07 05 00 00 01 23 45 67 89 ab cd ef fe dc ba 98 76 54 32 10 10 01 00 01

# RFC4186 A.5. example
encode-pair.sim_tp_encode_rfc4186 RAND = 0x101112131415161718191a1b1c1d1e1f, RAND = 0x202122232425262728292a2b2c2d2e2f, RAND = 0x303132333435363738393a3b3c3d3e3f, IV = 0x9e18b0c29a652263c06efb54dd00a895, Encr-Data.Next-Pseudonym = "w8w49PexCazWJ&xCIARmxuMKht5S1sxRDqXSEFBEg3DcZP9cIxTe5J4OyIwNGVzxeJOU1G", Encr-Data.Next-Reauth-ID = "Y24fNSrz8BP274jOJaF17WfxI8YO7QX00pMXk9XMMVOw7broaNhTczuFq53aEpOkk3L0dm@eapsim.foo"
match 01 0d 00 00 10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f 20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f 30 31 32 33 34 35 36 37 38 39 3a 3b 3c 3d 3e 3f 81 05 00 00 9e 18 b0 c2 9a 65 22 63 c0 6e fb 54 dd 00 a8 95 82 2d 00 00 55 f2 93 9b bd b1 b1 9e a1 b4 7f c0 b3 e0 be 4c ab 2c f7 37 2d 98 e3 02 3c 6b b9 24 15 72 3d 58 ba d6 6c e0 84 e1 01 b6 0f 53 58 35 4b d4 21 82 78 ae a7 bf 2c ba ce 33 10 6a ed dc 62 5b 0c 1d 5a a6 7a 41 73 9a e5 b5 79 50 97 3f c7 ff 83 01 07 3c 6f 95 31 50 fc 30 3e a1 52 d1 e1 0a 2d 1f 4f 52 26 da a1 ee 90 05 47 22 52 bd b3 b7 1d 6f 0c 3a 34 90 31 6c 46 92 98 71 bd 45 cd fd bc a6 11 2f 07 f8 be 71 79 90 d2 5f 6d d7 f2 b7 b3 20 bf 4d 5a 99 2e 88 03 31 d7 29 94 5a ec 75 ae 5d 43 c8 ed a5 fe 62 33 fc ac 49 4e e6 7a 0d 50 4d

# RFC4186 A.9. example
encode-pair.sim_tp_encode_rfc4186 IV = 0xd585ac7786b90336657c77b46575b9c4, Encr-Data.Counter = 1, Encr-Data.Nonce-S = 0x0123456789abcdeffedcba9876543210, Encr-Data.Next-Reauth-ID = "uta0M0iyIsMwWp5TTdSdnOLvg2XDVf21OYt1vnfiMcs5dnIDHOIFVavIRzMRyzW6vFzdHW@eapsim.foo"
match 81 05 00 00 d5 85 ac 77 86 b9 03 36 65 7c 77 b4 65 75 b9 c4 82 1d 00 00 68 62 91 a9 d2 ab c5 8c aa 32 94 b6 e8 5b 44 84 6c 44 e5 dc b2 de 8b 9e 80 d6 9d 49 85 8a 5d b8 4c dc 1c 9b c9 5c 01 b9 6b 6e ca 31 34 74 ae a6 d3 14 16 e1 9d aa 9d f7 0f 05 00 88 41 ca 80 14 96 4d 3b 30 a4 9b cf 43 e4 d3 f1 8e 86 29 5a 4a 2b 38 d9 6c 97 05 c2 bb b0 5c 4a ac e9 7d 5e af f5 64 04 6c 8b d3 0b c3 9b e5 e1 7a ce 2b 10 a6

# RFC4186 A.10. example
encode-pair.sim_tp_encode_rfc4186 IV = 0xcdf7ffa65de04c026b56c86b76b102ea, Encr-Data.Counter = 1
match 81 05 00 00 cd f7 ff a6 5d e0 4c 02 6b 56 c8 6b 76 b1 02 ea 82 05 00 00 b6 ed d3 82 79 e2 a1 42 3c 1a fc 5c 45 5c 7d 56

count
match 64
