diff options
author | Jack Lloyd <[email protected]> | 2017-02-06 18:04:22 -0500 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2017-02-06 18:04:22 -0500 |
commit | 10f518b4acde0fc85612930dfc660723702704d8 (patch) | |
tree | dbdffbb58593467c66edb2c709c6bab8b3e4ed72 /src/tests/unit_tls_policy.cpp | |
parent | 147e50f1a5f1058871a77a7aeacde140c5fe4cdf (diff) | |
parent | 50ac2923b8190a69a34449b48973e64ac809105e (diff) |
Merge GH #870 Test DSA keys in TLS policy check tests
Diffstat (limited to 'src/tests/unit_tls_policy.cpp')
-rw-r--r-- | src/tests/unit_tls_policy.cpp | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/src/tests/unit_tls_policy.cpp b/src/tests/unit_tls_policy.cpp index bd8be6e03..66080a283 100644 --- a/src/tests/unit_tls_policy.cpp +++ b/src/tests/unit_tls_policy.cpp @@ -31,6 +31,10 @@ #include <botan/dh.h> #endif +#if defined(BOTAN_HAS_DSA) + #include <botan/dsa.h> +#endif + namespace Botan_Tests { namespace { @@ -47,6 +51,7 @@ class TLS_Policy_Unit_Tests : public Test results.push_back(test_peer_key_acceptable_ecdh()); results.push_back(test_peer_key_acceptable_ecdsa()); results.push_back(test_peer_key_acceptable_dh()); + results.push_back(test_peer_key_acceptable_dsa()); return results; } @@ -151,6 +156,33 @@ class TLS_Policy_Unit_Tests : public Test return result; } + Test::Result test_peer_key_acceptable_dsa() + { + Test::Result result("TLS Policy DSA key verification"); +#if defined(BOTAN_HAS_DSA) + const Botan::DL_Group grp_1024("modp/ietf/1024"); + std::unique_ptr<Botan::Private_Key> dsa_1024(new Botan::DSA_PrivateKey(Test::rng(), grp_1024)); + + Botan::TLS::Policy policy; + try + { + policy.check_peer_key_acceptable(*dsa_1024); + result.test_failure("Incorrectly accepting short bit DSA keys"); + } + catch(Botan::TLS::TLS_Exception&) + { + result.test_success("Correctly rejecting short bit DSA keys"); + } + + const Botan::DL_Group grp_2048("modp/ietf/2048"); + std::unique_ptr<Botan::Private_Key> dsa_2048(new Botan::DSA_PrivateKey(Test::rng(), grp_2048)); + policy.check_peer_key_acceptable(*dsa_2048); + result.test_success("Correctly accepting 2048 bit DSA keys"); +#endif + return result; + } + + }; BOTAN_REGISTER_TEST("tls_policy", TLS_Policy_Unit_Tests); |