aboutsummaryrefslogtreecommitdiffstats
path: root/src/tests/unit_tls_policy.cpp
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2017-02-06 18:04:22 -0500
committerJack Lloyd <[email protected]>2017-02-06 18:04:22 -0500
commit10f518b4acde0fc85612930dfc660723702704d8 (patch)
treedbdffbb58593467c66edb2c709c6bab8b3e4ed72 /src/tests/unit_tls_policy.cpp
parent147e50f1a5f1058871a77a7aeacde140c5fe4cdf (diff)
parent50ac2923b8190a69a34449b48973e64ac809105e (diff)
Merge GH #870 Test DSA keys in TLS policy check tests
Diffstat (limited to 'src/tests/unit_tls_policy.cpp')
-rw-r--r--src/tests/unit_tls_policy.cpp32
1 files changed, 32 insertions, 0 deletions
diff --git a/src/tests/unit_tls_policy.cpp b/src/tests/unit_tls_policy.cpp
index bd8be6e03..66080a283 100644
--- a/src/tests/unit_tls_policy.cpp
+++ b/src/tests/unit_tls_policy.cpp
@@ -31,6 +31,10 @@
#include <botan/dh.h>
#endif
+#if defined(BOTAN_HAS_DSA)
+ #include <botan/dsa.h>
+#endif
+
namespace Botan_Tests {
namespace {
@@ -47,6 +51,7 @@ class TLS_Policy_Unit_Tests : public Test
results.push_back(test_peer_key_acceptable_ecdh());
results.push_back(test_peer_key_acceptable_ecdsa());
results.push_back(test_peer_key_acceptable_dh());
+ results.push_back(test_peer_key_acceptable_dsa());
return results;
}
@@ -151,6 +156,33 @@ class TLS_Policy_Unit_Tests : public Test
return result;
}
+ Test::Result test_peer_key_acceptable_dsa()
+ {
+ Test::Result result("TLS Policy DSA key verification");
+#if defined(BOTAN_HAS_DSA)
+ const Botan::DL_Group grp_1024("modp/ietf/1024");
+ std::unique_ptr<Botan::Private_Key> dsa_1024(new Botan::DSA_PrivateKey(Test::rng(), grp_1024));
+
+ Botan::TLS::Policy policy;
+ try
+ {
+ policy.check_peer_key_acceptable(*dsa_1024);
+ result.test_failure("Incorrectly accepting short bit DSA keys");
+ }
+ catch(Botan::TLS::TLS_Exception&)
+ {
+ result.test_success("Correctly rejecting short bit DSA keys");
+ }
+
+ const Botan::DL_Group grp_2048("modp/ietf/2048");
+ std::unique_ptr<Botan::Private_Key> dsa_2048(new Botan::DSA_PrivateKey(Test::rng(), grp_2048));
+ policy.check_peer_key_acceptable(*dsa_2048);
+ result.test_success("Correctly accepting 2048 bit DSA keys");
+#endif
+ return result;
+ }
+
+
};
BOTAN_REGISTER_TEST("tls_policy", TLS_Policy_Unit_Tests);