5134090420

Committed 31 May 2023 03:12PM UTC coverage: 91.721% (-0.3%) from 91.995%

Build # 5134090420

Build Type

push

github

Committed by

randombit

Commit Message

Merge GH #3565 Disable noisy/pointless pylint warnings

Run Details

76048 of 82912 relevant lines covered (91.72%)

11755290.1 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

93.75

/src/tests/unit_tls_policy.cpp

/*
* TLS Policy tests
*
* (C) 2016 Juraj Somorovsky
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#include "tests.h"

#if defined(BOTAN_HAS_TLS)
   #include <botan/tls_exceptn.h>
   #include <botan/tls_policy.h>
#endif

#if defined(BOTAN_HAS_RSA)
   #include <botan/rsa.h>
#endif

#if defined(BOTAN_HAS_ECDH)
   #include <botan/ecdh.h>
#endif

#if defined(BOTAN_HAS_ECDSA)
   #include <botan/ecdsa.h>
#endif

#if defined(BOTAN_HAS_DIFFIE_HELLMAN)
   #include <botan/dh.h>
   #include <botan/dl_group.h>
#endif

namespace Botan_Tests {

namespace {

#if defined(BOTAN_HAS_TLS)
class TLS_Policy_Unit_Tests final : public Test {
   public:
      std::vector<Test::Result> run() override {
         std::vector<Test::Result> results;

         results.push_back(test_peer_key_acceptable_rsa());
         results.push_back(test_peer_key_acceptable_ecdh());
         results.push_back(test_peer_key_acceptable_ecdsa());
         results.push_back(test_peer_key_acceptable_dh());
         results.push_back(test_key_exchange_groups_to_offer());

         return results;
      }

   private:
      static Test::Result test_peer_key_acceptable_rsa() {
         Test::Result result("TLS Policy RSA key verification");
   #if defined(BOTAN_HAS_RSA)
         auto rsa_key_1024 = std::make_unique<Botan::RSA_PrivateKey>(Test::rng(), 1024);
         Botan::TLS::Policy policy;

         try {
            policy.check_peer_key_acceptable(*rsa_key_1024);
            result.test_failure("Incorrectly accepting 1024 bit RSA keys");
         } catch(Botan::TLS::TLS_Exception&) {
            result.test_success("Correctly rejecting 1024 bit RSA keys");
         }

         auto rsa_key_2048 = std::make_unique<Botan::RSA_PrivateKey>(Test::rng(), 2048);
         policy.check_peer_key_acceptable(*rsa_key_2048);
         result.test_success("Correctly accepting 2048 bit RSA keys");
   #endif
         return result;
      }

      static Test::Result test_peer_key_acceptable_ecdh() {
         Test::Result result("TLS Policy ECDH key verification");
   #if defined(BOTAN_HAS_ECDH)
         Botan::EC_Group group_192("secp192r1");
         auto ecdh_192 = std::make_unique<Botan::ECDH_PrivateKey>(Test::rng(), group_192);

         Botan::TLS::Policy policy;
         try {
            policy.check_peer_key_acceptable(*ecdh_192);
            result.test_failure("Incorrectly accepting 192 bit EC keys");
         } catch(Botan::TLS::TLS_Exception&) {
            result.test_success("Correctly rejecting 192 bit EC keys");
         }

         Botan::EC_Group group_256("secp256r1");
         auto ecdh_256 = std::make_unique<Botan::ECDH_PrivateKey>(Test::rng(), group_256);
         policy.check_peer_key_acceptable(*ecdh_256);
         result.test_success("Correctly accepting 256 bit EC keys");
   #endif
         return result;
      }

      static Test::Result test_peer_key_acceptable_ecdsa() {
         Test::Result result("TLS Policy ECDSA key verification");
   #if defined(BOTAN_HAS_ECDSA)
         Botan::EC_Group group_192("secp192r1");
         auto ecdsa_192 = std::make_unique<Botan::ECDSA_PrivateKey>(Test::rng(), group_192);

         Botan::TLS::Policy policy;
         try {
            policy.check_peer_key_acceptable(*ecdsa_192);
            result.test_failure("Incorrectly accepting 192 bit EC keys");
         } catch(Botan::TLS::TLS_Exception&) {
            result.test_success("Correctly rejecting 192 bit EC keys");
         }

         Botan::EC_Group group_256("secp256r1");
         auto ecdsa_256 = std::make_unique<Botan::ECDSA_PrivateKey>(Test::rng(), group_256);
         policy.check_peer_key_acceptable(*ecdsa_256);
         result.test_success("Correctly accepting 256 bit EC keys");
   #endif
         return result;
      }

      static Test::Result test_peer_key_acceptable_dh() {
         Test::Result result("TLS Policy DH key verification");
   #if defined(BOTAN_HAS_DIFFIE_HELLMAN)
         const BigInt g("2");
         const BigInt p("58458002095536094658683755258523362961421200751439456159756164191494576279467");
         const Botan::DL_Group grp(p, g);
         const Botan::BigInt x("46205663093589612668746163860870963912226379131190812163519349848291472898748");
         auto dhkey = std::make_unique<Botan::DH_PrivateKey>(grp, x);

         Botan::TLS::Policy policy;
         try {
            policy.check_peer_key_acceptable(*dhkey);
            result.test_failure("Incorrectly accepting short bit DH keys");
         } catch(Botan::TLS::TLS_Exception&) {
            result.test_success("Correctly rejecting short bit DH keys");
         }
   #endif
         return result;
      }

      static Test::Result test_key_exchange_groups_to_offer() {
         Test::Result result("TLS Policy key share offering");

         Botan::TLS::Policy default_policy;
         result.test_eq(
            "default TLS Policy offers exactly one", default_policy.key_exchange_groups_to_offer().size(), 1);
         result.confirm(
            "default TLS Policy offers preferred group",
            default_policy.key_exchange_groups().front() == default_policy.key_exchange_groups_to_offer().front());

         using TP = Botan::TLS::Text_Policy;

         result.test_eq("default behaviour from text policy (size)", TP("").key_exchange_groups_to_offer().size(), 1);
         result.confirm("default behaviour from text policy (preferred)",
                        TP("").key_exchange_groups().front() == TP("").key_exchange_groups_to_offer().front());

         result.confirm("no offerings",
                        TP("key_exchange_groups_to_offer = none").key_exchange_groups_to_offer().empty());

         const std::string two_groups = "key_exchange_groups_to_offer = secp256r1 ffdhe/ietf/4096";
         result.test_eq("list of offerings (size)", TP(two_groups).key_exchange_groups_to_offer().size(), 2);
         result.confirm("list of offerings (0)",
                        TP(two_groups).key_exchange_groups_to_offer()[0] == Botan::TLS::Group_Params::SECP256R1);
         result.confirm("list of offerings (1)",
                        TP(two_groups).key_exchange_groups_to_offer()[1] == Botan::TLS::Group_Params::FFDHE_4096);

         return result;
      }
};

BOTAN_REGISTER_TEST("tls", "tls_policy", TLS_Policy_Unit_Tests);

#endif

}  // namespace

}  // namespace Botan_Tests

1	/*
2	* TLS Policy tests
3	*
4	* (C) 2016 Juraj Somorovsky
5	*
6	* Botan is released under the Simplified BSD License (see license.txt)
7	*/
8
9	#include "tests.h"
10
11	#if defined(BOTAN_HAS_TLS)
12	#include <botan/tls_exceptn.h>
13	#include <botan/tls_policy.h>
14	#endif
15
16	#if defined(BOTAN_HAS_RSA)
17	#include <botan/rsa.h>
18	#endif
19
20	#if defined(BOTAN_HAS_ECDH)
21	#include <botan/ecdh.h>
22	#endif
23
24	#if defined(BOTAN_HAS_ECDSA)
25	#include <botan/ecdsa.h>
26	#endif
27
28	#if defined(BOTAN_HAS_DIFFIE_HELLMAN)
29	#include <botan/dh.h>
30	#include <botan/dl_group.h>
31	#endif
32
33	namespace Botan_Tests {
34
35	namespace {
36
37	#if defined(BOTAN_HAS_TLS)
38	class TLS_Policy_Unit_Tests final : public Test {	×
39	public:
40	std::vector<Test::Result> run() override {	1✔
41	std::vector<Test::Result> results;	1✔
42
43	results.push_back(test_peer_key_acceptable_rsa());	2✔
44	results.push_back(test_peer_key_acceptable_ecdh());	2✔
45	results.push_back(test_peer_key_acceptable_ecdsa());	2✔
46	results.push_back(test_peer_key_acceptable_dh());	2✔
47	results.push_back(test_key_exchange_groups_to_offer());	2✔
48
49	return results;	1✔
50	}	×
51
52	private:
53	static Test::Result test_peer_key_acceptable_rsa() {	1✔
54	Test::Result result("TLS Policy RSA key verification");	1✔
55	#if defined(BOTAN_HAS_RSA)
56	auto rsa_key_1024 = std::make_unique<Botan::RSA_PrivateKey>(Test::rng(), 1024);	1✔
57	Botan::TLS::Policy policy;	1✔
58
59	try {	1✔
60	policy.check_peer_key_acceptable(*rsa_key_1024);	1✔
61	result.test_failure("Incorrectly accepting 1024 bit RSA keys");	×
62	} catch(Botan::TLS::TLS_Exception&) {	1✔
63	result.test_success("Correctly rejecting 1024 bit RSA keys");	1✔
64	}	1✔
65
66	auto rsa_key_2048 = std::make_unique<Botan::RSA_PrivateKey>(Test::rng(), 2048);	1✔
67	policy.check_peer_key_acceptable(*rsa_key_2048);	1✔
68	result.test_success("Correctly accepting 2048 bit RSA keys");	1✔
69	#endif
70	return result;	1✔
71	}	1✔
72
73	static Test::Result test_peer_key_acceptable_ecdh() {	1✔
74	Test::Result result("TLS Policy ECDH key verification");	1✔
75	#if defined(BOTAN_HAS_ECDH)
76	Botan::EC_Group group_192("secp192r1");	1✔
77	auto ecdh_192 = std::make_unique<Botan::ECDH_PrivateKey>(Test::rng(), group_192);	1✔
78
79	Botan::TLS::Policy policy;	1✔
80	try {	1✔
81	policy.check_peer_key_acceptable(*ecdh_192);	1✔
82	result.test_failure("Incorrectly accepting 192 bit EC keys");	×
83	} catch(Botan::TLS::TLS_Exception&) {	1✔
84	result.test_success("Correctly rejecting 192 bit EC keys");	1✔
85	}	1✔
86
87	Botan::EC_Group group_256("secp256r1");	1✔
88	auto ecdh_256 = std::make_unique<Botan::ECDH_PrivateKey>(Test::rng(), group_256);	1✔
89	policy.check_peer_key_acceptable(*ecdh_256);	1✔
90	result.test_success("Correctly accepting 256 bit EC keys");	1✔
91	#endif
92	return result;	1✔
93	}	1✔
94
95	static Test::Result test_peer_key_acceptable_ecdsa() {	1✔
96	Test::Result result("TLS Policy ECDSA key verification");	1✔
97	#if defined(BOTAN_HAS_ECDSA)
98	Botan::EC_Group group_192("secp192r1");	1✔
99	auto ecdsa_192 = std::make_unique<Botan::ECDSA_PrivateKey>(Test::rng(), group_192);	1✔
100
101	Botan::TLS::Policy policy;	1✔
102	try {	1✔
103	policy.check_peer_key_acceptable(*ecdsa_192);	1✔
104	result.test_failure("Incorrectly accepting 192 bit EC keys");	×
105	} catch(Botan::TLS::TLS_Exception&) {	1✔
106	result.test_success("Correctly rejecting 192 bit EC keys");	1✔
107	}	1✔
108
109	Botan::EC_Group group_256("secp256r1");	1✔
110	auto ecdsa_256 = std::make_unique<Botan::ECDSA_PrivateKey>(Test::rng(), group_256);	1✔
111	policy.check_peer_key_acceptable(*ecdsa_256);	1✔
112	result.test_success("Correctly accepting 256 bit EC keys");	1✔
113	#endif
114	return result;	1✔
115	}	1✔
116
117	static Test::Result test_peer_key_acceptable_dh() {	1✔
118	Test::Result result("TLS Policy DH key verification");	1✔
119	#if defined(BOTAN_HAS_DIFFIE_HELLMAN)
120	const BigInt g("2");	1✔
121	const BigInt p("58458002095536094658683755258523362961421200751439456159756164191494576279467");	1✔
122	const Botan::DL_Group grp(p, g);	1✔
123	const Botan::BigInt x("46205663093589612668746163860870963912226379131190812163519349848291472898748");	1✔
124	auto dhkey = std::make_unique<Botan::DH_PrivateKey>(grp, x);	1✔
125
126	Botan::TLS::Policy policy;	1✔
127	try {	1✔
128	policy.check_peer_key_acceptable(*dhkey);	1✔
129	result.test_failure("Incorrectly accepting short bit DH keys");	×
130	} catch(Botan::TLS::TLS_Exception&) {	1✔
131	result.test_success("Correctly rejecting short bit DH keys");	1✔
132	}	1✔
133	#endif
134	return result;	1✔
135	}	5✔
136
137	static Test::Result test_key_exchange_groups_to_offer() {	1✔
138	Test::Result result("TLS Policy key share offering");	1✔
139
140	Botan::TLS::Policy default_policy;	1✔
141	result.test_eq(	2✔
142	"default TLS Policy offers exactly one", default_policy.key_exchange_groups_to_offer().size(), 1);	1✔
143	result.confirm(	2✔
144	"default TLS Policy offers preferred group",
145	default_policy.key_exchange_groups().front() == default_policy.key_exchange_groups_to_offer().front());	2✔
146
147	using TP = Botan::TLS::Text_Policy;	1✔
148
149	result.test_eq("default behaviour from text policy (size)", TP("").key_exchange_groups_to_offer().size(), 1);	3✔
150	result.confirm("default behaviour from text policy (preferred)",	3✔
151	TP("").key_exchange_groups().front() == TP("").key_exchange_groups_to_offer().front());	3✔
152
153	result.confirm("no offerings",	2✔
154	TP("key_exchange_groups_to_offer = none").key_exchange_groups_to_offer().empty());	2✔
155
156	const std::string two_groups = "key_exchange_groups_to_offer = secp256r1 ffdhe/ietf/4096";	2✔
157	result.test_eq("list of offerings (size)", TP(two_groups).key_exchange_groups_to_offer().size(), 2);	3✔
158	result.confirm("list of offerings (0)",	3✔
159	TP(two_groups).key_exchange_groups_to_offer()[0] == Botan::TLS::Group_Params::SECP256R1);	2✔
160	result.confirm("list of offerings (1)",	3✔
161	TP(two_groups).key_exchange_groups_to_offer()[1] == Botan::TLS::Group_Params::FFDHE_4096);	2✔
162
163	return result;	2✔
164	}	1✔
165	};
166
167	BOTAN_REGISTER_TEST("tls", "tls_policy", TLS_Policy_Unit_Tests);
168
169	#endif
170
171	} // namespace
172
173	} // namespace Botan_Tests

randombit / botan / 5134090420

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous