5079590438

Committed 25 May 2023 12:28PM UTC coverage: 92.228% (+0.5%) from 91.723%

Build # 5079590438

Build Type

Pull #3502

github

Pull Request Pull Request #3502: Apply clang-format to the codebase

Run Details

75589 of 81959 relevant lines covered (92.23%)

12139530.51 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

93.18

/src/tests/unit_tls_policy.cpp

/*
* TLS Policy tests
*
* (C) 2016 Juraj Somorovsky
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#include "tests.h"

#if defined(BOTAN_HAS_TLS)
   #include <botan/tls_exceptn.h>
   #include <botan/tls_policy.h>
#endif

#if defined(BOTAN_HAS_RSA)
   #include <botan/rsa.h>
#endif

#if defined(BOTAN_HAS_ECDH)
   #include <botan/ecdh.h>
#endif

#if defined(BOTAN_HAS_ECDSA)
   #include <botan/ecdsa.h>
#endif

#if defined(BOTAN_HAS_DIFFIE_HELLMAN)
   #include <botan/dh.h>
   #include <botan/dl_group.h>
#endif

namespace Botan_Tests {

namespace {

#if defined(BOTAN_HAS_TLS)
class TLS_Policy_Unit_Tests final : public Test {
   public:
      std::vector<Test::Result> run() override {
         std::vector<Test::Result> results;

         results.push_back(test_peer_key_acceptable_rsa());
         results.push_back(test_peer_key_acceptable_ecdh());
         results.push_back(test_peer_key_acceptable_ecdsa());
         results.push_back(test_peer_key_acceptable_dh());
         results.push_back(test_key_exchange_groups_to_offer());

         return results;
      }

   private:
      static Test::Result test_peer_key_acceptable_rsa() {
         Test::Result result("TLS Policy RSA key verification");
   #if defined(BOTAN_HAS_RSA)
         auto rsa_key_1024 = std::make_unique<Botan::RSA_PrivateKey>(Test::rng(), 1024);
         Botan::TLS::Policy policy;

         try {
            policy.check_peer_key_acceptable(*rsa_key_1024);
            result.test_failure("Incorrectly accepting 1024 bit RSA keys");
         } catch(Botan::TLS::TLS_Exception&) { result.test_success("Correctly rejecting 1024 bit RSA keys"); }

         auto rsa_key_2048 = std::make_unique<Botan::RSA_PrivateKey>(Test::rng(), 2048);
         policy.check_peer_key_acceptable(*rsa_key_2048);
         result.test_success("Correctly accepting 2048 bit RSA keys");
   #endif
         return result;
      }

      static Test::Result test_peer_key_acceptable_ecdh() {
         Test::Result result("TLS Policy ECDH key verification");
   #if defined(BOTAN_HAS_ECDH)
         Botan::EC_Group group_192("secp192r1");
         auto ecdh_192 = std::make_unique<Botan::ECDH_PrivateKey>(Test::rng(), group_192);

         Botan::TLS::Policy policy;
         try {
            policy.check_peer_key_acceptable(*ecdh_192);
            result.test_failure("Incorrectly accepting 192 bit EC keys");
         } catch(Botan::TLS::TLS_Exception&) { result.test_success("Correctly rejecting 192 bit EC keys"); }

         Botan::EC_Group group_256("secp256r1");
         auto ecdh_256 = std::make_unique<Botan::ECDH_PrivateKey>(Test::rng(), group_256);
         policy.check_peer_key_acceptable(*ecdh_256);
         result.test_success("Correctly accepting 256 bit EC keys");
   #endif
         return result;
      }

      static Test::Result test_peer_key_acceptable_ecdsa() {
         Test::Result result("TLS Policy ECDSA key verification");
   #if defined(BOTAN_HAS_ECDSA)
         Botan::EC_Group group_192("secp192r1");
         auto ecdsa_192 = std::make_unique<Botan::ECDSA_PrivateKey>(Test::rng(), group_192);

         Botan::TLS::Policy policy;
         try {
            policy.check_peer_key_acceptable(*ecdsa_192);
            result.test_failure("Incorrectly accepting 192 bit EC keys");
         } catch(Botan::TLS::TLS_Exception&) { result.test_success("Correctly rejecting 192 bit EC keys"); }

         Botan::EC_Group group_256("secp256r1");
         auto ecdsa_256 = std::make_unique<Botan::ECDSA_PrivateKey>(Test::rng(), group_256);
         policy.check_peer_key_acceptable(*ecdsa_256);
         result.test_success("Correctly accepting 256 bit EC keys");
   #endif
         return result;
      }

      static Test::Result test_peer_key_acceptable_dh() {
         Test::Result result("TLS Policy DH key verification");
   #if defined(BOTAN_HAS_DIFFIE_HELLMAN)
         const BigInt g("2");
         const BigInt p("58458002095536094658683755258523362961421200751439456159756164191494576279467");
         const Botan::DL_Group grp(p, g);
         const Botan::BigInt x("46205663093589612668746163860870963912226379131190812163519349848291472898748");
         auto dhkey = std::make_unique<Botan::DH_PrivateKey>(grp, x);

         Botan::TLS::Policy policy;
         try {
            policy.check_peer_key_acceptable(*dhkey);
            result.test_failure("Incorrectly accepting short bit DH keys");
         } catch(Botan::TLS::TLS_Exception&) { result.test_success("Correctly rejecting short bit DH keys"); }
   #endif
         return result;
      }

      static Test::Result test_key_exchange_groups_to_offer() {
         Test::Result result("TLS Policy key share offering");

         Botan::TLS::Policy default_policy;
         result.test_eq(
            "default TLS Policy offers exactly one", default_policy.key_exchange_groups_to_offer().size(), 1);
         result.confirm(
            "default TLS Policy offers preferred group",
            default_policy.key_exchange_groups().front() == default_policy.key_exchange_groups_to_offer().front());

         using TP = Botan::TLS::Text_Policy;

         result.test_eq("default behaviour from text policy (size)", TP("").key_exchange_groups_to_offer().size(), 1);
         result.confirm("default behaviour from text policy (preferred)",
                        TP("").key_exchange_groups().front() == TP("").key_exchange_groups_to_offer().front());

         result.confirm("no offerings",
                        TP("key_exchange_groups_to_offer = none").key_exchange_groups_to_offer().empty());

         const std::string two_groups = "key_exchange_groups_to_offer = secp256r1 ffdhe/ietf/4096";
         result.test_eq("list of offerings (size)", TP(two_groups).key_exchange_groups_to_offer().size(), 2);
         result.confirm("list of offerings (0)",
                        TP(two_groups).key_exchange_groups_to_offer()[0] == Botan::TLS::Group_Params::SECP256R1);
         result.confirm("list of offerings (1)",
                        TP(two_groups).key_exchange_groups_to_offer()[1] == Botan::TLS::Group_Params::FFDHE_4096);

         return result;
      }
};

BOTAN_REGISTER_TEST("tls", "tls_policy", TLS_Policy_Unit_Tests);

#endif

}

}

1	/*
2	* TLS Policy tests
3	*
4	* (C) 2016 Juraj Somorovsky
5	*
6	* Botan is released under the Simplified BSD License (see license.txt)
7	*/
8
9	#include "tests.h"
10
11	#if defined(BOTAN_HAS_TLS)
12	#include <botan/tls_exceptn.h>
13	#include <botan/tls_policy.h>
14	#endif
15
16	#if defined(BOTAN_HAS_RSA)
17	#include <botan/rsa.h>
18	#endif
19
20	#if defined(BOTAN_HAS_ECDH)
21	#include <botan/ecdh.h>
22	#endif
23
24	#if defined(BOTAN_HAS_ECDSA)
25	#include <botan/ecdsa.h>
26	#endif
27
28	#if defined(BOTAN_HAS_DIFFIE_HELLMAN)
29	#include <botan/dh.h>
30	#include <botan/dl_group.h>
31	#endif
32
33	namespace Botan_Tests {
34
35	namespace {
36
37	#if defined(BOTAN_HAS_TLS)
38	class TLS_Policy_Unit_Tests final : public Test {	×
39	public:
40	std::vector<Test::Result> run() override {	1✔
41	std::vector<Test::Result> results;	1✔
42
43	results.push_back(test_peer_key_acceptable_rsa());	2✔
44	results.push_back(test_peer_key_acceptable_ecdh());	2✔
45	results.push_back(test_peer_key_acceptable_ecdsa());	2✔
46	results.push_back(test_peer_key_acceptable_dh());	2✔
47	results.push_back(test_key_exchange_groups_to_offer());	2✔
48
49	return results;	1✔
50	}	×
51
52	private:
53	static Test::Result test_peer_key_acceptable_rsa() {	1✔
54	Test::Result result("TLS Policy RSA key verification");	1✔
55	#if defined(BOTAN_HAS_RSA)
56	auto rsa_key_1024 = std::make_unique<Botan::RSA_PrivateKey>(Test::rng(), 1024);	1✔
57	Botan::TLS::Policy policy;	1✔
58
59	try {	1✔
60	policy.check_peer_key_acceptable(*rsa_key_1024);	1✔
61	result.test_failure("Incorrectly accepting 1024 bit RSA keys");	×
62	} catch(Botan::TLS::TLS_Exception&) { result.test_success("Correctly rejecting 1024 bit RSA keys"); }	2✔
63
64	auto rsa_key_2048 = std::make_unique<Botan::RSA_PrivateKey>(Test::rng(), 2048);	1✔
65	policy.check_peer_key_acceptable(*rsa_key_2048);	1✔
66	result.test_success("Correctly accepting 2048 bit RSA keys");	1✔
67	#endif
68	return result;	1✔
69	}	1✔
70
71	static Test::Result test_peer_key_acceptable_ecdh() {	1✔
72	Test::Result result("TLS Policy ECDH key verification");	1✔
73	#if defined(BOTAN_HAS_ECDH)
74	Botan::EC_Group group_192("secp192r1");	1✔
75	auto ecdh_192 = std::make_unique<Botan::ECDH_PrivateKey>(Test::rng(), group_192);	1✔
76
77	Botan::TLS::Policy policy;	1✔
78	try {	1✔
79	policy.check_peer_key_acceptable(*ecdh_192);	1✔
80	result.test_failure("Incorrectly accepting 192 bit EC keys");	×
81	} catch(Botan::TLS::TLS_Exception&) { result.test_success("Correctly rejecting 192 bit EC keys"); }	2✔
82
83	Botan::EC_Group group_256("secp256r1");	1✔
84	auto ecdh_256 = std::make_unique<Botan::ECDH_PrivateKey>(Test::rng(), group_256);	1✔
85	policy.check_peer_key_acceptable(*ecdh_256);	1✔
86	result.test_success("Correctly accepting 256 bit EC keys");	1✔
87	#endif
88	return result;	1✔
89	}	1✔
90
91	static Test::Result test_peer_key_acceptable_ecdsa() {	1✔
92	Test::Result result("TLS Policy ECDSA key verification");	1✔
93	#if defined(BOTAN_HAS_ECDSA)
94	Botan::EC_Group group_192("secp192r1");	1✔
95	auto ecdsa_192 = std::make_unique<Botan::ECDSA_PrivateKey>(Test::rng(), group_192);	1✔
96
97	Botan::TLS::Policy policy;	1✔
98	try {	1✔
99	policy.check_peer_key_acceptable(*ecdsa_192);	1✔
100	result.test_failure("Incorrectly accepting 192 bit EC keys");	×
101	} catch(Botan::TLS::TLS_Exception&) { result.test_success("Correctly rejecting 192 bit EC keys"); }	2✔
102
103	Botan::EC_Group group_256("secp256r1");	1✔
104	auto ecdsa_256 = std::make_unique<Botan::ECDSA_PrivateKey>(Test::rng(), group_256);	1✔
105	policy.check_peer_key_acceptable(*ecdsa_256);	1✔
106	result.test_success("Correctly accepting 256 bit EC keys");	1✔
107	#endif
108	return result;	1✔
109	}	1✔
110
111	static Test::Result test_peer_key_acceptable_dh() {	1✔
112	Test::Result result("TLS Policy DH key verification");	1✔
113	#if defined(BOTAN_HAS_DIFFIE_HELLMAN)
114	const BigInt g("2");	1✔
115	const BigInt p("58458002095536094658683755258523362961421200751439456159756164191494576279467");	1✔
116	const Botan::DL_Group grp(p, g);	1✔
117	const Botan::BigInt x("46205663093589612668746163860870963912226379131190812163519349848291472898748");	1✔
118	auto dhkey = std::make_unique<Botan::DH_PrivateKey>(grp, x);	1✔
119
120	Botan::TLS::Policy policy;	1✔
121	try {	1✔
122	policy.check_peer_key_acceptable(*dhkey);	1✔
123	result.test_failure("Incorrectly accepting short bit DH keys");	×
124	} catch(Botan::TLS::TLS_Exception&) { result.test_success("Correctly rejecting short bit DH keys"); }	2✔
125	#endif
126	return result;	1✔
127	}	5✔
128
129	static Test::Result test_key_exchange_groups_to_offer() {	1✔
130	Test::Result result("TLS Policy key share offering");	1✔
131
132	Botan::TLS::Policy default_policy;	1✔
133	result.test_eq(	2✔
134	"default TLS Policy offers exactly one", default_policy.key_exchange_groups_to_offer().size(), 1);	1✔
135	result.confirm(	2✔
136	"default TLS Policy offers preferred group",
137	default_policy.key_exchange_groups().front() == default_policy.key_exchange_groups_to_offer().front());	2✔
138
139	using TP = Botan::TLS::Text_Policy;	1✔
140
141	result.test_eq("default behaviour from text policy (size)", TP("").key_exchange_groups_to_offer().size(), 1);	3✔
142	result.confirm("default behaviour from text policy (preferred)",	3✔
143	TP("").key_exchange_groups().front() == TP("").key_exchange_groups_to_offer().front());	3✔
144
145	result.confirm("no offerings",	2✔
146	TP("key_exchange_groups_to_offer = none").key_exchange_groups_to_offer().empty());	2✔
147
148	const std::string two_groups = "key_exchange_groups_to_offer = secp256r1 ffdhe/ietf/4096";	1✔
149	result.test_eq("list of offerings (size)", TP(two_groups).key_exchange_groups_to_offer().size(), 2);	3✔
150	result.confirm("list of offerings (0)",	3✔
151	TP(two_groups).key_exchange_groups_to_offer()[0] == Botan::TLS::Group_Params::SECP256R1);	2✔
152	result.confirm("list of offerings (1)",	3✔
153	TP(two_groups).key_exchange_groups_to_offer()[1] == Botan::TLS::Group_Params::FFDHE_4096);	2✔
154
155	return result;	2✔
156	}	1✔
157	};
158
159	BOTAN_REGISTER_TEST("tls", "tls_policy", TLS_Policy_Unit_Tests);
160
161	#endif
162
163	}
164
165	}

randombit / botan / 5079590438

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous