5111374265

Committed 29 May 2023 11:19AM UTC coverage: 92.227% (+0.5%) from 91.723%

Build # 5111374265

Build Type

push

github

Committed by

randombit

Commit Message

Next release will be 3.1.0. Update release notes

Run Details

75588 of 81959 relevant lines covered (92.23%)

11886470.91 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

91.3

/src/tests/test_passhash.cpp

/*
* (C) 2014,2015 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#include "tests.h"

#if defined(BOTAN_HAS_BCRYPT)
   #include <botan/bcrypt.h>
#endif

#if defined(BOTAN_HAS_PASSHASH9)
   #include <botan/passhash9.h>
#endif

#if defined(BOTAN_HAS_ARGON2_FMT)
   #include "test_rng.h"
   #include <botan/argon2fmt.h>
#endif

namespace Botan_Tests {

namespace {

#if defined(BOTAN_HAS_BCRYPT)
class Bcrypt_Tests final : public Text_Based_Test {
   public:
      Bcrypt_Tests() : Text_Based_Test("passhash/bcrypt.vec", "Password,Passhash") {}

      Test::Result run_one_test(const std::string& /*header*/, const VarMap& vars) override {
         // Encoded as binary so we can test binary inputs
         const std::vector<uint8_t> password_vec = vars.get_req_bin("Password");
         const std::string password(reinterpret_cast<const char*>(password_vec.data()), password_vec.size());

         const std::string passhash = vars.get_req_str("Passhash");

         Test::Result result("bcrypt");
         result.test_eq("correct hash accepted", Botan::check_bcrypt(password, passhash), true);

         // self-test low levels for each test password
         for(uint16_t level = 4; level <= 6; ++level) {
            const std::string gen_hash = Botan::generate_bcrypt(password, Test::rng(), level);
            result.test_eq("generated hash accepted", Botan::check_bcrypt(password, gen_hash), true);
         }

         return result;
      }

      std::vector<Test::Result> run_final_tests() override {
         Test::Result result("bcrypt");

         uint64_t start = Test::timestamp();

         const std::string password = "ag00d1_2BE5ur3";

         const uint16_t max_level = (Test::run_long_tests() ? 15 : 10);

         for(uint16_t level = 4; level <= max_level; ++level) {
            const std::string gen_hash = Botan::generate_bcrypt(password, Test::rng(), level);
            result.test_eq("generated hash accepted", Botan::check_bcrypt(password, gen_hash), true);
         }

         result.test_throws("Invalid bcrypt version rejected", "Unknown bcrypt version 'q'", []() {
            Botan::generate_bcrypt("pass", Test::rng(), 4, 'q');
         });

         result.set_ns_consumed(Test::timestamp() - start);

         return {result};
      }
};

BOTAN_REGISTER_TEST("pbkdf", "bcrypt", Bcrypt_Tests);

#endif

#if defined(BOTAN_HAS_ARGON2_FMT)
class Argon2_Tests final : public Text_Based_Test {
   public:
      Argon2_Tests() : Text_Based_Test("passhash/argon2.vec", "Password,Passhash", "Mode,M,T,P,Salt,OutLen") {}

      Test::Result run_one_test(const std::string& header, const VarMap& vars) override {
         const std::string password = vars.get_req_str("Password");
         const std::string passhash = vars.get_req_str("Passhash");

         Test::Result result("Argon2 password hash");

         if(header == "Verify") {
            const bool accepted = Botan::argon2_check_pwhash(password.data(), password.size(), passhash);
            result.test_eq("correct hash accepted", accepted, true);
         } else if(header == "Generate") {
            const std::vector<uint8_t> salt = vars.get_req_bin("Salt");
            const uint8_t y = vars.get_req_u8("Mode");
            const size_t M = vars.get_req_sz("M");
            const size_t t = vars.get_req_sz("T");
            const size_t p = vars.get_req_sz("P");
            const size_t out_len = vars.get_req_sz("OutLen");

            Fixed_Output_RNG rng(salt);

            const std::string generated =
               Botan::argon2_generate_pwhash(password.data(), password.size(), rng, p, M, t, y, salt.size(), out_len);

            result.test_eq("expected hash generated", generated, passhash);
            const bool accepted = Botan::argon2_check_pwhash(password.data(), password.size(), generated);
            result.test_eq("generated hash accepted", accepted, true);
         } else
            throw Test_Error("Unexpected header in Argon2 password hash test file");

         return result;
      }
};

BOTAN_REGISTER_TEST("pbkdf", "argon2_pass", Argon2_Tests);

#endif

#if defined(BOTAN_HAS_PASSHASH9)
class Passhash9_Tests final : public Text_Based_Test {
   public:
      Passhash9_Tests() : Text_Based_Test("passhash/passhash9.vec", "Password,Passhash,PRF") {}

      Test::Result run_one_test(const std::string& /*header*/, const VarMap& vars) override {
         // Encoded as binary so we can test binary inputs
         const std::vector<uint8_t> password_vec = vars.get_req_bin("Password");
         const std::string password(reinterpret_cast<const char*>(password_vec.data()), password_vec.size());

         const std::string passhash = vars.get_req_str("Passhash");
         const std::size_t prf = vars.get_req_sz("PRF");

         Test::Result result("passhash9");

         if(Botan::is_passhash9_alg_supported(uint8_t(prf))) {
            result.test_eq("correct hash accepted", Botan::check_passhash9(password, passhash), true);
         }

         for(uint8_t alg_id = 0; alg_id <= 4; ++alg_id) {
            if(Botan::is_passhash9_alg_supported(alg_id)) {
               const std::string gen_hash = Botan::generate_passhash9(password, Test::rng(), 2, alg_id);

               if(!result.test_eq("generated hash accepted", Botan::check_passhash9(password, gen_hash), true)) {
                  result.test_note("hash was " + gen_hash);
               }
            }
         }

         const uint16_t max_level = (Test::run_long_tests() ? 14 : 8);

         for(uint16_t level = 1; level <= max_level; ++level) {
            const uint8_t alg_id = 1;  // default used by generate_passhash9()
            if(Botan::is_passhash9_alg_supported(alg_id)) {
               const std::string gen_hash = Botan::generate_passhash9(password, Test::rng(), level, alg_id);
               if(!result.test_eq("generated hash accepted", Botan::check_passhash9(password, gen_hash), true)) {
                  result.test_note("hash was " + gen_hash);
               }
            }
         }

         return result;
      }

      std::vector<Test::Result> run_final_tests() override {
         Test::Result result("passhash9");

         result.confirm("Unknown algorithm is unknown", Botan::is_passhash9_alg_supported(255) == false);

         result.test_throws("Throws if algorithm not supported", "Passhash9: Algorithm id 255 is not defined", []() {
            Botan::generate_passhash9("pass", Test::rng(), 3, 255);
         });

         result.test_throws(
            "Throws if iterations is too high", "Requested passhash9 work factor 513 is too large", []() {
               Botan::check_passhash9("floof", "$9$AgIB3c5J3kvAuML84sZ5hWT9WzJtiYRPLCEARaujS7I6IKbNCwp0");
            });
         return {result};
      }
};

BOTAN_REGISTER_TEST("pbkdf", "passhash9", Passhash9_Tests);

#endif

}  // namespace

}  // namespace Botan_Tests

1	/*
2	* (C) 2014,2015 Jack Lloyd
3	*
4	* Botan is released under the Simplified BSD License (see license.txt)
5	*/
6
7	#include "tests.h"
8
9	#if defined(BOTAN_HAS_BCRYPT)
10	#include <botan/bcrypt.h>
11	#endif
12
13	#if defined(BOTAN_HAS_PASSHASH9)
14	#include <botan/passhash9.h>
15	#endif
16
17	#if defined(BOTAN_HAS_ARGON2_FMT)
18	#include "test_rng.h"
19	#include <botan/argon2fmt.h>
20	#endif
21
22	namespace Botan_Tests {
23
24	namespace {
25
26	#if defined(BOTAN_HAS_BCRYPT)
27	class Bcrypt_Tests final : public Text_Based_Test {	×
28	public:
29	Bcrypt_Tests() : Text_Based_Test("passhash/bcrypt.vec", "Password,Passhash") {}	3✔
30
31	Test::Result run_one_test(const std::string& /header/, const VarMap& vars) override {	93✔
32	// Encoded as binary so we can test binary inputs
33	const std::vector<uint8_t> password_vec = vars.get_req_bin("Password");	93✔
34	const std::string password(reinterpret_cast<const char*>(password_vec.data()), password_vec.size());	186✔
35
36	const std::string passhash = vars.get_req_str("Passhash");	93✔
37
38	Test::Result result("bcrypt");	93✔
39	result.test_eq("correct hash accepted", Botan::check_bcrypt(password, passhash), true);	93✔
40
41	// self-test low levels for each test password
42	for(uint16_t level = 4; level <= 6; ++level) {	372✔
43	const std::string gen_hash = Botan::generate_bcrypt(password, Test::rng(), level);	279✔
44	result.test_eq("generated hash accepted", Botan::check_bcrypt(password, gen_hash), true);	558✔
45	}	279✔
46
47	return result;	93✔
48	}	250✔
49
50	std::vector<Test::Result> run_final_tests() override {	1✔
51	Test::Result result("bcrypt");	1✔
52
53	uint64_t start = Test::timestamp();	1✔
54
55	const std::string password = "ag00d1_2BE5ur3";	1✔
56
57	const uint16_t max_level = (Test::run_long_tests() ? 15 : 10);	1✔
58
59	for(uint16_t level = 4; level <= max_level; ++level) {	13✔
60	const std::string gen_hash = Botan::generate_bcrypt(password, Test::rng(), level);	12✔
61	result.test_eq("generated hash accepted", Botan::check_bcrypt(password, gen_hash), true);	24✔
62	}	12✔
63
64	result.test_throws("Invalid bcrypt version rejected", "Unknown bcrypt version 'q'", []() {	3✔
65	Botan::generate_bcrypt("pass", Test::rng(), 4, 'q');	1✔
66	});	×
67
68	result.set_ns_consumed(Test::timestamp() - start);	1✔
69
70	return {result};	3✔
71	}	1✔
72	};
73
74	BOTAN_REGISTER_TEST("pbkdf", "bcrypt", Bcrypt_Tests);
75
76	#endif
77
78	#if defined(BOTAN_HAS_ARGON2_FMT)
79	class Argon2_Tests final : public Text_Based_Test {	×
80	public:
81	Argon2_Tests() : Text_Based_Test("passhash/argon2.vec", "Password,Passhash", "Mode,M,T,P,Salt,OutLen") {}	4✔
82
83	Test::Result run_one_test(const std::string& header, const VarMap& vars) override {	6✔
84	const std::string password = vars.get_req_str("Password");	6✔
85	const std::string passhash = vars.get_req_str("Passhash");	6✔
86
87	Test::Result result("Argon2 password hash");	6✔
88
89	if(header == "Verify") {	6✔
90	const bool accepted = Botan::argon2_check_pwhash(password.data(), password.size(), passhash);	3✔
91	result.test_eq("correct hash accepted", accepted, true);	6✔
92	} else if(header == "Generate") {	3✔
93	const std::vector<uint8_t> salt = vars.get_req_bin("Salt");	3✔
94	const uint8_t y = vars.get_req_u8("Mode");	3✔
95	const size_t M = vars.get_req_sz("M");	3✔
96	const size_t t = vars.get_req_sz("T");	3✔
97	const size_t p = vars.get_req_sz("P");	3✔
98	const size_t out_len = vars.get_req_sz("OutLen");	3✔
99
100	Fixed_Output_RNG rng(salt);	3✔
101
102	const std::string generated =	3✔
103	Botan::argon2_generate_pwhash(password.data(), password.size(), rng, p, M, t, y, salt.size(), out_len);	3✔
104
105	result.test_eq("expected hash generated", generated, passhash);	3✔
106	const bool accepted = Botan::argon2_check_pwhash(password.data(), password.size(), generated);	3✔
107	result.test_eq("generated hash accepted", accepted, true);	6✔
108	} else	6✔
109	throw Test_Error("Unexpected header in Argon2 password hash test file");	×
110
111	return result;	6✔
112	}	6✔
113	};
114
115	BOTAN_REGISTER_TEST("pbkdf", "argon2_pass", Argon2_Tests);
116
117	#endif
118
119	#if defined(BOTAN_HAS_PASSHASH9)
120	class Passhash9_Tests final : public Text_Based_Test {	×
121	public:
122	Passhash9_Tests() : Text_Based_Test("passhash/passhash9.vec", "Password,Passhash,PRF") {}	3✔
123
124	Test::Result run_one_test(const std::string& /header/, const VarMap& vars) override {	1✔
125	// Encoded as binary so we can test binary inputs
126	const std::vector<uint8_t> password_vec = vars.get_req_bin("Password");	1✔
127	const std::string password(reinterpret_cast<const char*>(password_vec.data()), password_vec.size());	2✔
128
129	const std::string passhash = vars.get_req_str("Passhash");	1✔
130	const std::size_t prf = vars.get_req_sz("PRF");	1✔
131
132	Test::Result result("passhash9");	1✔
133
134	if(Botan::is_passhash9_alg_supported(uint8_t(prf))) {	1✔
135	result.test_eq("correct hash accepted", Botan::check_passhash9(password, passhash), true);	2✔
136	}
137
138	for(uint8_t alg_id = 0; alg_id <= 4; ++alg_id) {	6✔
139	if(Botan::is_passhash9_alg_supported(alg_id)) {	5✔
140	const std::string gen_hash = Botan::generate_passhash9(password, Test::rng(), 2, alg_id);	5✔
141
142	if(!result.test_eq("generated hash accepted", Botan::check_passhash9(password, gen_hash), true)) {	10✔
143	result.test_note("hash was " + gen_hash);	×
144	}
145	}	5✔
146	}
147
148	const uint16_t max_level = (Test::run_long_tests() ? 14 : 8);	1✔
149
150	for(uint16_t level = 1; level <= max_level; ++level) {	15✔
151	const uint8_t alg_id = 1; // default used by generate_passhash9()	14✔
152	if(Botan::is_passhash9_alg_supported(alg_id)) {	14✔
153	const std::string gen_hash = Botan::generate_passhash9(password, Test::rng(), level, alg_id);	14✔
154	if(!result.test_eq("generated hash accepted", Botan::check_passhash9(password, gen_hash), true)) {	28✔
155	result.test_note("hash was " + gen_hash);	×
156	}
157	}	14✔
158	}
159
160	return result;	1✔
161	}	2✔
162
163	std::vector<Test::Result> run_final_tests() override {	1✔
164	Test::Result result("passhash9");	1✔
165
166	result.confirm("Unknown algorithm is unknown", Botan::is_passhash9_alg_supported(255) == false);	2✔
167
168	result.test_throws("Throws if algorithm not supported", "Passhash9: Algorithm id 255 is not defined", []() {	3✔
169	Botan::generate_passhash9("pass", Test::rng(), 3, 255);	1✔
170	});	×
171
172	result.test_throws(	3✔
173	"Throws if iterations is too high", "Requested passhash9 work factor 513 is too large", []() {	1✔
174	Botan::check_passhash9("floof", "$9$AgIB3c5J3kvAuML84sZ5hWT9WzJtiYRPLCEARaujS7I6IKbNCwp0");	1✔
175	});
176	return {result};	3✔
177	}	1✔
178	};
179
180	BOTAN_REGISTER_TEST("pbkdf", "passhash9", Passhash9_Tests);
181
182	#endif
183
184	} // namespace
185
186	} // namespace Botan_Tests

randombit / botan / 5111374265

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous