diff options
| author | Tomasz Frydrych <[email protected]> | 2017-05-01 15:03:52 +0200 |
|---|---|---|
| committer | Tomasz Frydrych <[email protected]> | 2017-05-01 15:03:52 +0200 |
| commit | 87c0fae706140b0a2a7a3fda9dd813474172fa2a (patch) | |
| tree | 28930efab4d290dcebb89666d46050edd06703fd /src/tests | |
| parent | 29cc6bebe132a34f882d450b35a69bf71bb3e27b (diff) | |
Reformat code with astyle + fix code style
Diffstat (limited to 'src/tests')
71 files changed, 1904 insertions, 1320 deletions
diff --git a/src/tests/main.cpp b/src/tests/main.cpp index 19ddfb40f..bdd751e48 100644 --- a/src/tests/main.cpp +++ b/src/tests/main.cpp @@ -19,19 +19,19 @@ #include <botan/hash.h> #if defined(BOTAN_HAS_HMAC_DRBG) -#include <botan/hmac_drbg.h> + #include <botan/hmac_drbg.h> #endif #if defined(BOTAN_HAS_SYSTEM_RNG) -#include <botan/system_rng.h> + #include <botan/system_rng.h> #endif #if defined(BOTAN_HAS_AUTO_SEEDING_RNG) - #include <botan/auto_rng.h> + #include <botan/auto_rng.h> #endif #if defined(BOTAN_HAS_OPENSSL) - #include <botan/internal/openssl.h> + #include <botan/internal/openssl.h> #endif namespace { @@ -39,7 +39,9 @@ namespace { class Test_Runner : public Botan_CLI::Command { public: - Test_Runner() : Command("test --threads=0 --run-long-tests --run-online-tests --test-runs=1 --drbg-seed= --data-dir= --pkcs11-lib= --provider= --log-success *suites") {} + Test_Runner() + : Command("test --threads=0 --run-long-tests --run-online-tests --test-runs=1 --drbg-seed= --data-dir=" + " --pkcs11-lib= --provider= --log-success *suites") {} std::string help_text() const override { @@ -54,7 +56,7 @@ class Test_Runner : public Botan_CLI::Command size_t line_len = 0; - for(auto&& test : Botan_Tests::Test::registered_tests()) + for(auto const& test : Botan_Tests::Test::registered_tests()) { err << test << " "; line_len += test.size() + 1; @@ -96,7 +98,8 @@ class Test_Runner : public Botan_CLI::Command alphabetical order. */ req = {"block", "stream", "hash", "mac", "modes", "aead" - "kdf", "pbkdf", "hmac_drbg", "x931_rng", "util"}; + "kdf", "pbkdf", "hmac_drbg", "x931_rng", "util" + }; std::set<std::string> all_others = Botan_Tests::Test::registered_tests(); @@ -126,12 +129,13 @@ class Test_Runner : public Botan_CLI::Command else if(req.size() == 1 && req.at(0) == "pkcs11") { req = {"pkcs11-manage", "pkcs11-module", "pkcs11-slot", "pkcs11-session", "pkcs11-object", "pkcs11-rsa", - "pkcs11-ecdsa", "pkcs11-ecdh", "pkcs11-rng", "pkcs11-x509"}; + "pkcs11-ecdsa", "pkcs11-ecdh", "pkcs11-rng", "pkcs11-x509" + }; } else { std::set<std::string> all = Botan_Tests::Test::registered_tests(); - for(auto&& r : req) + for(auto const& r : req) { if(all.find(r) == all.end()) { @@ -144,7 +148,9 @@ class Test_Runner : public Botan_CLI::Command output() << "Starting tests"; if(threads > 1) + { output() << " threads:" << threads; + } if(!pkcs11_lib.empty()) { @@ -190,7 +196,9 @@ class Test_Runner : public Botan_CLI::Command #else if(drbg_seed != "") + { throw Botan_Tests::Test_Error("HMAC_DRBG disabled in build, cannot specify DRBG seed"); + } #if defined(BOTAN_HAS_SYSTEM_RNG) output() << " rng:system"; @@ -212,7 +220,9 @@ class Test_Runner : public Botan_CLI::Command // Throw so main returns an error if(failed) + { throw Botan_Tests::Test_Error("Test suite failure"); + } } } @@ -225,7 +235,7 @@ class Test_Runner : public Botan_CLI::Command std::ostringstream out; std::map<std::string, Botan_Tests::Test::Result> combined; - for(auto&& result : results) + for(auto const& result : results) { const std::string who = result.who(); auto i = combined.find(who); @@ -238,7 +248,7 @@ class Test_Runner : public Botan_CLI::Command i->second.merge(result); } - for(auto&& result : combined) + for(auto const& result : combined) { out << result.second.result_string(verbose()); tests_failed += result.second.tests_failed(); @@ -259,13 +269,14 @@ class Test_Runner : public Botan_CLI::Command if(threads <= 1) { - for(auto&& test_name : tests_to_run) + for(auto const& test_name : tests_to_run) { - try { + try + { out << test_name << ':' << std::endl; const auto results = Botan_Tests::Test::run_test(test_name, false); out << report_out(results, tests_failed, tests_ran) << std::flush; - } + } catch(std::exception& e) { out << "Test " << test_name << " failed with exception " << e.what() << std::flush; @@ -287,19 +298,21 @@ class Test_Runner : public Botan_CLI::Command typedef std::future<std::vector<Botan_Tests::Test::Result>> FutureResults; std::deque<FutureResults> fut_results; - for(auto&& test_name : tests_to_run) + for(auto const& test_name : tests_to_run) { - auto run_it = [test_name]() -> std::vector<Botan_Tests::Test::Result> { - try { + auto run_it = [test_name]() -> std::vector<Botan_Tests::Test::Result> + { + try + { return Botan_Tests::Test::run_test(test_name, false); - } + } catch(std::exception& e) { Botan_Tests::Test::Result r(test_name); r.test_failure("Exception thrown", e.what()); - return std::vector<Botan_Tests::Test::Result>{r}; + return std::vector<Botan_Tests::Test::Result> {r}; } - }; + }; fut_results.push_back(std::async(std::launch::async, run_it)); @@ -344,9 +357,7 @@ BOTAN_REGISTER_COMMAND("test", Test_Runner); int main(int argc, char* argv[]) { - std::cerr << Botan::runtime_version_check(BOTAN_VERSION_MAJOR, - BOTAN_VERSION_MINOR, - BOTAN_VERSION_PATCH); + std::cerr << Botan::runtime_version_check(BOTAN_VERSION_MAJOR, BOTAN_VERSION_MINOR, BOTAN_VERSION_PATCH); try { diff --git a/src/tests/test_aead.cpp b/src/tests/test_aead.cpp index c804949bb..f4da3ca57 100644 --- a/src/tests/test_aead.cpp +++ b/src/tests/test_aead.cpp @@ -8,7 +8,7 @@ #include "tests.h" #if defined(BOTAN_HAS_AEAD_MODES) - #include <botan/aead.h> + #include <botan/aead.h> #endif namespace Botan_Tests { diff --git a/src/tests/test_bigint.cpp b/src/tests/test_bigint.cpp index 901cd8039..0dc07aabf 100644 --- a/src/tests/test_bigint.cpp +++ b/src/tests/test_bigint.cpp @@ -7,10 +7,10 @@ #include "tests.h" #if defined(BOTAN_HAS_NUMBERTHEORY) - #include <botan/bigint.h> - #include <botan/numthry.h> - #include <botan/reducer.h> - #include <cmath> + #include <botan/bigint.h> + #include <botan/numthry.h> + #include <botan/reducer.h> + #include <cmath> #endif namespace Botan_Tests { @@ -65,10 +65,11 @@ class BigInt_Unit_Tests : public Test } else { - try { + try + { a.to_u32bit(); result.test_failure("BigInt::to_u32bit roundtripped out of range value"); - } + } catch(std::exception&) { result.test_success("BigInt::to_u32bit rejected out of range"); @@ -86,11 +87,11 @@ class BigInt_Unit_Tests : public Test { Test::Result result("BigInt prime generation"); - result.test_throws("Invalid arg", []{ Botan::random_prime(Test::rng(), 0); }); - result.test_throws("Invalid arg", []{ Botan::random_prime(Test::rng(), 1); }); - result.test_throws("Invalid arg", []{ Botan::random_prime(Test::rng(), 2, 0); }); - result.test_throws("Invalid arg", []{ Botan::random_prime(Test::rng(), 2, 1, 1, 3); }); - result.test_throws("Invalid arg", []{ Botan::random_prime(Test::rng(), 2, 1, 0, 2); }); + result.test_throws("Invalid arg", []() { Botan::random_prime(Test::rng(), 0); }); + result.test_throws("Invalid arg", []() { Botan::random_prime(Test::rng(), 1); }); + result.test_throws("Invalid arg", []() { Botan::random_prime(Test::rng(), 2, 0); }); + result.test_throws("Invalid arg", []() { Botan::random_prime(Test::rng(), 2, 1, 1, 3); }); + result.test_throws("Invalid arg", []() { Botan::random_prime(Test::rng(), 2, 1, 0, 2); }); BigInt p = Botan::random_prime(Test::rng(), 2); result.confirm("Only two 2-bit primes", p == 2 || p == 3); @@ -122,7 +123,7 @@ class BigInt_Unit_Tests : public Test const BigInt safe_prime = Botan::random_safe_prime(Test::rng(), safe_prime_bits); result.test_eq("Safe prime size", safe_prime.bits(), safe_prime_bits); result.confirm("P is prime", Botan::is_prime(safe_prime, Test::rng())); - result.confirm("(P-1)/2 is prime", Botan::is_prime((safe_prime-1)/2, Test::rng())); + result.confirm("(P-1)/2 is prime", Botan::is_prime((safe_prime - 1) / 2, Test::rng())); return result; } @@ -151,7 +152,9 @@ class BigInt_Unit_Tests : public Test for(size_t range_max : max_ranges) { if(range_min >= range_max) + { continue; + } std::vector<size_t> counts(range_max - range_min); @@ -200,12 +203,12 @@ class BigInt_Unit_Tests : public Test Botan::secure_vector<uint8_t> encoded_n1_n2 = BigInt::encode_fixed_length_int_pair(n1, n2, 256); result.test_eq("encode_fixed_length_int_pair", encoded_n1_n2, expected); - for (size_t i = 0; i < 256 - n1.bytes(); ++i) + for(size_t i = 0; i < 256 - n1.bytes(); ++i) { - if ( encoded_n1[i] != 0 ) - { - result.test_failure("encode_1363", "no zero byte"); - } + if(encoded_n1[i] != 0) + { + result.test_failure("encode_1363", "no zero byte"); + } } return result; @@ -215,13 +218,14 @@ class BigInt_Unit_Tests : public Test { Test::Result result("BigInt IO operators"); - const std::map<std::string, Botan::BigInt> str_to_val = { - { "-13", -Botan::BigInt(13) }, - { "0", Botan::BigInt(0) }, - { "0x13", Botan::BigInt(0x13) }, - { "1", Botan::BigInt(1) }, - { "4294967297", Botan::BigInt(2147483648)*2 + 1 } - }; + const std::map<std::string, Botan::BigInt> str_to_val = + { + { "-13", -Botan::BigInt(13) }, + { "0", Botan::BigInt(0) }, + { "0x13", Botan::BigInt(0x13) }, + { "1", Botan::BigInt(1) }, + { "4294967297", Botan::BigInt(2147483648) * 2 + 1 } + }; for(auto vec : str_to_val) { @@ -243,8 +247,7 @@ class BigInt_Unit_Tests : public Test oss << std::hex << n; result.test_eq("output 33 hex", oss.str(), "21"); - result.test_throws("octal output not supported", - [&]{ oss << std::oct << n; }); + result.test_throws("octal output not supported", [&]() { oss << std::oct << n; }); return result; } @@ -411,7 +414,7 @@ class BigInt_Mod_Test : public Text_Based_Test // if b fits into a Botan::word test %= operator for words if(b.bytes() <= sizeof(Botan::word)) { - Botan::word b_word = b.word_at( 0 ); + Botan::word b_word = b.word_at(0); e = a; e %= b_word; result.test_eq("a %= b (as word)", e, c); @@ -528,7 +531,9 @@ class BigInt_IsPrime_Test : public Text_Based_Test Test::Result run_one_test(const std::string& header, const VarMap& vars) override { if(header != "Prime" && header != "NonPrime") + { throw Test_Error("Bad header for prime test " + header); + } const BigInt value = get_req_bn(vars, "X"); const bool is_prime = (header == "Prime"); @@ -560,7 +565,7 @@ class BigInt_Ressol_Test : public Text_Based_Test if(a_sqrt > 1) { - const Botan::BigInt a_sqrt2 = (a_sqrt*a_sqrt) % p; + const Botan::BigInt a_sqrt2 = (a_sqrt * a_sqrt) % p; result.test_eq("square correct", a_sqrt2, a); } @@ -628,7 +633,9 @@ class DSA_ParamGen_Test : public Text_Based_Test const std::vector<std::string> header_parts = Botan::split_on(header, ','); if(header_parts.size() != 2) + { throw Test_Error("Unexpected header '" + header + "' in DSA param gen test"); + } const size_t p_bits = Botan::to_u32bit(header_parts[1]); const size_t q_bits = Botan::to_u32bit(header_parts[0]); @@ -637,9 +644,12 @@ class DSA_ParamGen_Test : public Text_Based_Test // These tests are very slow so skip in normal runs if(p_bits > 1024 && Test::run_long_tests() == false) + { return result; + } - try { + try + { Botan::BigInt gen_P, gen_Q; if(Botan::generate_dsa_primes(Test::rng(), gen_P, gen_Q, p_bits, q_bits, seed, offset)) { @@ -650,7 +660,7 @@ class DSA_ParamGen_Test : public Text_Based_Test { result.test_failure("Seed did not generate a DSA parameter"); } - } + } catch(Botan::Lookup_Error&) { } diff --git a/src/tests/test_block.cpp b/src/tests/test_block.cpp index 62f32c21c..7f4856374 100644 --- a/src/tests/test_block.cpp +++ b/src/tests/test_block.cpp @@ -35,7 +35,7 @@ class Block_Cipher_Tests : public Text_Based_Test return result; } - for(auto&& provider_ask : providers) + for(auto const& provider_ask : providers) { std::unique_ptr<Botan::BlockCipher> cipher(Botan::BlockCipher::create(algo, provider_ask)); diff --git a/src/tests/test_c25519.cpp b/src/tests/test_c25519.cpp index f5fab60f4..cb6c8a2d5 100644 --- a/src/tests/test_c25519.cpp +++ b/src/tests/test_c25519.cpp @@ -7,9 +7,9 @@ #include "tests.h" #if defined(BOTAN_HAS_CURVE_25519) - #include "test_pubkey.h" - #include <botan/curve25519.h> - #include <botan/pkcs8.h> + #include "test_pubkey.h" + #include <botan/curve25519.h> + #include <botan/pkcs8.h> #endif namespace Botan_Tests { @@ -20,9 +20,8 @@ class Curve25519_Sclarmult_Tests : public Text_Based_Test { public: Curve25519_Sclarmult_Tests() : Text_Based_Test( - "pubkey/c25519_scalar.vec", - "Secret,Basepoint,Out") - {} + "pubkey/c25519_scalar.vec", + "Secret,Basepoint,Out") {} Test::Result run_one_test(const std::string&, const VarMap& vars) override { @@ -111,8 +110,14 @@ class Curve25519_Roundtrip_Test : public Test class Curve25519_Keygen_Tests : public PK_Key_Generation_Test { public: - std::vector<std::string> keygen_params() const override { return { "" }; } - std::string algo_name() const override { return "Curve25519"; } + std::vector<std::string> keygen_params() const override + { + return { "" }; + } + std::string algo_name() const override + { + return "Curve25519"; + } }; BOTAN_REGISTER_TEST("curve25519_scalar", Curve25519_Sclarmult_Tests); diff --git a/src/tests/test_certstor.cpp b/src/tests/test_certstor.cpp index abe4a4ed0..bbf23da6c 100644 --- a/src/tests/test_certstor.cpp +++ b/src/tests/test_certstor.cpp @@ -45,7 +45,9 @@ Test::Result test_certstor_sqlite3_insert_find_remove_test(const std::vector<Cer Botan::Certificate_Store_In_SQLite store(":memory:", passwd, rng); for(const auto& a : certsandkeys) + { store.insert_key(a.certificate, *a.private_key); + } for(const auto certandkey : certsandkeys) { @@ -124,7 +126,9 @@ Test::Result test_certstor_sqlite3_crl_test(const std::vector<CertificateAndKey> Botan::Certificate_Store_In_SQLite store(":memory:", passwd, rng); for(const auto& a : certsandkeys) + { store.insert_cert(a.certificate); + } store.revoke_cert(certsandkeys[0].certificate, Botan::CA_COMPROMISE); store.revoke_cert(certsandkeys[3].certificate, Botan::CA_COMPROMISE); @@ -179,7 +183,9 @@ Test::Result test_certstor_sqlite3_all_subjects_test(const std::vector<Certifica Botan::Certificate_Store_In_SQLite store(":memory:", passwd, rng); for(const auto& a : certsandkeys) + { store.insert_cert(a.certificate); + } const auto subjects = store.all_subjects(); @@ -219,7 +225,9 @@ Test::Result test_certstor_find_hash_subject(const std::vector<CertificateAndKey Botan::Certificate_Store_In_Memory store; for(const auto& a : certsandkeys) + { store.add_certificate(a.certificate); + } for(const auto certandkey : certsandkeys) { @@ -236,7 +244,7 @@ Test::Result test_certstor_find_hash_subject(const std::vector<CertificateAndKey result.test_eq("Got wrong certificate", hash, found->raw_subject_dn_sha256()); } - const auto found = store.find_cert_by_raw_subject_dn_sha256(std::vector<uint8_t>(32,0)); + const auto found = store.find_cert_by_raw_subject_dn_sha256(std::vector<uint8_t>(32, 0)); if(found) { result.test_failure("Certificate found for dummy hash"); diff --git a/src/tests/test_compression.cpp b/src/tests/test_compression.cpp index ff3b03cbe..355ee0b2a 100644 --- a/src/tests/test_compression.cpp +++ b/src/tests/test_compression.cpp @@ -7,7 +7,7 @@ #include "tests.h" #if defined(BOTAN_HAS_COMPRESSION) - #include <botan/compression.h> + #include <botan/compression.h> #endif namespace Botan_Tests { diff --git a/src/tests/test_cryptobox.cpp b/src/tests/test_cryptobox.cpp index ad9ecdd41..97ac69f65 100644 --- a/src/tests/test_cryptobox.cpp +++ b/src/tests/test_cryptobox.cpp @@ -7,8 +7,8 @@ #include "tests.h" #if defined(BOTAN_HAS_CRYPTO_BOX) - #include <botan/cryptobox.h> - #include <botan/hex.h> + #include <botan/cryptobox.h> + #include <botan/hex.h> #endif namespace Botan_Tests { @@ -29,8 +29,8 @@ class Cryptobox_Tests : public Test const std::string password = "secret"; std::string ciphertext = Botan::CryptoBox::encrypt(msg.data(), msg.size(), - password, - Test::rng()); + password, + Test::rng()); try { diff --git a/src/tests/test_dh.cpp b/src/tests/test_dh.cpp index 7377fa1e4..028a4d1cc 100644 --- a/src/tests/test_dh.cpp +++ b/src/tests/test_dh.cpp @@ -7,9 +7,9 @@ #include "tests.h" #if defined(BOTAN_HAS_DIFFIE_HELLMAN) - #include "test_pubkey.h" - #include <botan/pubkey.h> - #include <botan/dh.h> + #include "test_pubkey.h" + #include <botan/pubkey.h> + #include <botan/dh.h> #endif namespace Botan_Tests { @@ -21,14 +21,17 @@ namespace { class Diffie_Hellman_KAT_Tests : public PK_Key_Agreement_Test { public: - Diffie_Hellman_KAT_Tests() : PK_Key_Agreement_Test( - "Diffie-Hellman", - "pubkey/dh.vec", - "P,G,X,Y,Msg,OutLen,K", - "Q,KDF") - {} - - std::string default_kdf(const VarMap&) const override { return "Raw"; } + Diffie_Hellman_KAT_Tests() + : PK_Key_Agreement_Test( + "Diffie-Hellman", + "pubkey/dh.vec", + "P,G,X,Y,Msg,OutLen,K", + "Q,KDF") {} + + std::string default_kdf(const VarMap&) const override + { + return "Raw"; + } std::unique_ptr<Botan::Private_Key> load_our_key(const std::string&, const VarMap& vars) override { @@ -114,7 +117,10 @@ class DH_Invalid_Key_Tests : public Text_Based_Test DH_Invalid_Key_Tests() : Text_Based_Test("pubkey/dh_invalid.vec", "P,Q,G,InvalidKey") {} - bool clear_between_callbacks() const override { return false; } + bool clear_between_callbacks() const override + { + return false; + } Test::Result run_one_test(const std::string&, const VarMap& vars) override { @@ -135,8 +141,14 @@ class DH_Invalid_Key_Tests : public Text_Based_Test class Diffie_Hellman_Keygen_Tests : public PK_Key_Generation_Test { public: - std::vector<std::string> keygen_params() const override { return { "modp/ietf/1024", "modp/ietf/2048" }; } - std::string algo_name() const override { return "DH"; } + std::vector<std::string> keygen_params() const override + { + return { "modp/ietf/1024", "modp/ietf/2048" }; + } + std::string algo_name() const override + { + return "DH"; + } }; BOTAN_REGISTER_TEST("dh_kat", Diffie_Hellman_KAT_Tests); diff --git a/src/tests/test_dl_group.cpp b/src/tests/test_dl_group.cpp index 9e3c09cb4..40615d840 100644 --- a/src/tests/test_dl_group.cpp +++ b/src/tests/test_dl_group.cpp @@ -7,7 +7,7 @@ #include "tests.h" #if defined(BOTAN_HAS_DL_GROUP) - #include <botan/dl_group.h> + #include <botan/dl_group.h> #endif namespace Botan_Tests { @@ -90,9 +90,9 @@ class DL_Group_Tests : public Test // From FIPS 186-3 test data const std::vector<uint8_t> seed = Botan::hex_decode("1F5DA0AF598EEADEE6E6665BF880E63D8B609BA2"); - result.test_throws("invalid params", [&] { Botan::DL_Group invalid(rng, seed, 1024, 224); }); - result.test_throws("invalid params", [&] { Botan::DL_Group invalid(rng, seed, 3072, 224); }); - result.test_throws("invalid params", [&] { Botan::DL_Group invalid(rng, seed, 2048, 256); }); + result.test_throws("invalid params", [&]() { Botan::DL_Group invalid(rng, seed, 1024, 224); }); + result.test_throws("invalid params", [&]() { Botan::DL_Group invalid(rng, seed, 3072, 224); }); + result.test_throws("invalid params", [&]() { Botan::DL_Group invalid(rng, seed, 2048, 256); }); Botan::DL_Group dsa_from_seed(rng, seed, 1024, 160); @@ -112,7 +112,8 @@ class DL_Group_Tests : public Test Test::Result test_dl_named(Botan::RandomNumberGenerator& rng) { - const std::vector<std::string> dl_named = { + const std::vector<std::string> dl_named = + { "modp/ietf/1024", "modp/ietf/1536", "modp/ietf/2048", @@ -132,7 +133,7 @@ class DL_Group_Tests : public Test "dsa/jce/1024", "dsa/botan/2048", "dsa/botan/3072", - }; + }; Test::Result result("DL_Group named"); result.start_timer(); diff --git a/src/tests/test_dlies.cpp b/src/tests/test_dlies.cpp index 9f19724b1..515f7a319 100644 --- a/src/tests/test_dlies.cpp +++ b/src/tests/test_dlies.cpp @@ -8,10 +8,10 @@ #include "tests.h" #if defined(BOTAN_HAS_DLIES) && defined(BOTAN_HAS_DIFFIE_HELLMAN) - #include "test_pubkey.h" - #include <botan/dlies.h> - #include <botan/dh.h> - #include <botan/pubkey.h> + #include "test_pubkey.h" + #include <botan/dlies.h> + #include <botan/dh.h> + #include <botan/pubkey.h> #endif namespace Botan_Tests { @@ -23,10 +23,10 @@ namespace { class DLIES_KAT_Tests : public Text_Based_Test { public: - DLIES_KAT_Tests() : Text_Based_Test( - "pubkey/dlies.vec", - "Kdf,Mac,MacKeyLen,IV,Group,X1,X2,Msg,Ciphertext") - {} + DLIES_KAT_Tests() + : Text_Based_Test( + "pubkey/dlies.vec", + "Kdf,Mac,MacKeyLen,IV,Group,X1,X2,Msg,Ciphertext") {} Test::Result run_one_test(const std::string& cipher_algo, const VarMap& vars) override { @@ -76,8 +76,10 @@ class DLIES_KAT_Tests : public Text_Based_Test Botan::DH_PrivateKey from(Test::rng(), domain, x1); Botan::DH_PrivateKey to(Test::rng(), domain, x2); - Botan::DLIES_Encryptor encryptor(from, Test::rng(), kdf->clone(), enc.release(), cipher_key_len, mac->clone(), mac_key_len); - Botan::DLIES_Decryptor decryptor(to, Test::rng(), kdf.release(), dec.release(), cipher_key_len, mac.release(), mac_key_len); + Botan::DLIES_Encryptor encryptor(from, Test::rng(), kdf->clone(), enc.release(), cipher_key_len, mac->clone(), + mac_key_len); + Botan::DLIES_Decryptor decryptor(to, Test::rng(), kdf.release(), dec.release(), cipher_key_len, mac.release(), + mac_key_len); if(!iv.empty()) { diff --git a/src/tests/test_dsa.cpp b/src/tests/test_dsa.cpp index 69680f477..b5ade8145 100644 --- a/src/tests/test_dsa.cpp +++ b/src/tests/test_dsa.cpp @@ -7,8 +7,8 @@ #include "tests.h" #if defined(BOTAN_HAS_DSA) - #include <botan/dsa.h> - #include "test_pubkey.h" + #include <botan/dsa.h> + #include "test_pubkey.h" #endif namespace Botan_Tests { @@ -21,18 +21,20 @@ class DSA_KAT_Tests : public PK_Signature_Generation_Test { public: DSA_KAT_Tests() : PK_Signature_Generation_Test( - "DSA", + "DSA", #if defined(BOTAN_HAS_RFC6979_GENERATOR) - "pubkey/dsa_rfc6979.vec", - "P,Q,G,X,Hash,Msg,Signature", + "pubkey/dsa_rfc6979.vec", + "P,Q,G,X,Hash,Msg,Signature", #else - "pubkey/dsa_prob.vec", - "P,Q,G,X,Hash,Msg,Nonce,Signature", + "pubkey/dsa_prob.vec", + "P,Q,G,X,Hash,Msg,Nonce,Signature", #endif - "") - {} + "") {} - bool clear_between_callbacks() const override { return false; } + bool clear_between_callbacks() const override + { + return false; + } std::unique_ptr<Botan::Private_Key> load_private_key(const VarMap& vars) override { @@ -56,8 +58,14 @@ class DSA_KAT_Tests : public PK_Signature_Generation_Test class DSA_Keygen_Tests : public PK_Key_Generation_Test { public: - std::vector<std::string> keygen_params() const override { return { "dsa/jce/1024", "dsa/botan/2048" }; } - std::string algo_name() const override { return "DSA"; } + std::vector<std::string> keygen_params() const override + { + return { "dsa/jce/1024", "dsa/botan/2048" }; + } + std::string algo_name() const override + { + return "DSA"; + } }; BOTAN_REGISTER_TEST("dsa_sign", DSA_KAT_Tests); diff --git a/src/tests/test_ecc_pointmul.cpp b/src/tests/test_ecc_pointmul.cpp index b3ba2396a..9517be400 100644 --- a/src/tests/test_ecc_pointmul.cpp +++ b/src/tests/test_ecc_pointmul.cpp @@ -7,10 +7,10 @@ #include "tests.h" #if defined(BOTAN_HAS_ECDSA) - #include "test_pubkey.h" - #include <botan/pubkey.h> - #include <botan/ecdsa.h> - #include <botan/oids.h> + #include "test_pubkey.h" + #include <botan/pubkey.h> + #include <botan/ecdsa.h> + #include <botan/oids.h> #endif namespace Botan_Tests { diff --git a/src/tests/test_ecdh.cpp b/src/tests/test_ecdh.cpp index 270e50db3..99c8665f2 100644 --- a/src/tests/test_ecdh.cpp +++ b/src/tests/test_ecdh.cpp @@ -7,9 +7,9 @@ #include "tests.h" #if defined(BOTAN_HAS_ECDH) - #include "test_pubkey.h" - #include <botan/pubkey.h> - #include <botan/ecdh.h> + #include "test_pubkey.h" + #include <botan/pubkey.h> + #include <botan/ecdh.h> #endif namespace Botan_Tests { @@ -21,17 +21,20 @@ namespace { class ECDH_KAT_Tests : public PK_Key_Agreement_Test { public: - ECDH_KAT_Tests() : PK_Key_Agreement_Test( - "ECDH", - "pubkey/ecdh.vec", - "Group,Secret,CounterKey,K", - "KDF") - {} + ECDH_KAT_Tests() + : PK_Key_Agreement_Test( + "ECDH", + "pubkey/ecdh.vec", + "Group,Secret,CounterKey,K", + "KDF") {} - std::string default_kdf(const VarMap&) const override { return "Raw"; } + std::string default_kdf(const VarMap&) const override + { + return "Raw"; + } std::unique_ptr<Botan::Private_Key> load_our_key(const std::string& group_id, - const VarMap& vars) override + const VarMap& vars) override { Botan::EC_Group group(group_id); const Botan::BigInt secret = get_req_bn(vars, "Secret"); @@ -53,7 +56,10 @@ class ECDH_Keygen_Tests : public PK_Key_Generation_Test return { "secp256r1", "secp384r1", "secp521r1", "brainpool256r1", "brainpool384r1", "brainpool512r1", "frp256v1" }; } - std::string algo_name() const override { return "ECDH"; } + std::string algo_name() const override + { + return "ECDH"; + } }; diff --git a/src/tests/test_ecdsa.cpp b/src/tests/test_ecdsa.cpp index 148abaacc..73c353b3c 100644 --- a/src/tests/test_ecdsa.cpp +++ b/src/tests/test_ecdsa.cpp @@ -10,9 +10,9 @@ #include "test_rng.h" #if defined(BOTAN_HAS_ECDSA) - #include "test_pubkey.h" - #include <botan/ecdsa.h> - #include <botan/oids.h> + #include "test_pubkey.h" + #include <botan/ecdsa.h> + #include <botan/oids.h> #endif namespace Botan_Tests { @@ -25,17 +25,19 @@ class ECDSA_Signature_KAT_Tests : public PK_Signature_Generation_Test { public: ECDSA_Signature_KAT_Tests() : PK_Signature_Generation_Test( - "ECDSA", + "ECDSA", #if defined(BOTAN_HAS_RFC6979_GENERATOR) - "pubkey/ecdsa_rfc6979.vec", - "Group,X,Hash,Msg,Signature") + "pubkey/ecdsa_rfc6979.vec", + "Group,X,Hash,Msg,Signature") {} #else - "pubkey/ecdsa_prob.vec", - "Group,X,Hash,Msg,Nonce,Signature") + "pubkey/ecdsa_prob.vec", + "Group,X,Hash,Msg,Nonce,Signature") {} #endif - {} - bool clear_between_callbacks() const override { return false; } + bool clear_between_callbacks() const override + { + return false; + } std::unique_ptr<Botan::Private_Key> load_private_key(const VarMap& vars) override { @@ -65,8 +67,14 @@ class ECDSA_Signature_KAT_Tests : public PK_Signature_Generation_Test class ECDSA_Keygen_Tests : public PK_Key_Generation_Test { public: - std::vector<std::string> keygen_params() const override { return { "secp256r1", "secp384r1", "secp521r1", "frp256v1" }; } - std::string algo_name() const override { return "ECDSA"; } + std::vector<std::string> keygen_params() const override + { + return { "secp256r1", "secp384r1", "secp521r1", "frp256v1" }; + } + std::string algo_name() const override + { + return "ECDSA"; + } }; class ECDSA_Invalid_Key_Tests : public Text_Based_Test @@ -75,7 +83,10 @@ class ECDSA_Invalid_Key_Tests : public Text_Based_Test ECDSA_Invalid_Key_Tests() : Text_Based_Test("pubkey/ecdsa_invalid.vec", "Group,InvalidKeyX,InvalidKeyY") {} - bool clear_between_callbacks() const override { return false; } + bool clear_between_callbacks() const override + { + return false; + } Test::Result run_one_test(const std::string&, const VarMap& vars) override { diff --git a/src/tests/test_ecgdsa.cpp b/src/tests/test_ecgdsa.cpp index e59b4dff6..25e4be0e2 100644 --- a/src/tests/test_ecgdsa.cpp +++ b/src/tests/test_ecgdsa.cpp @@ -9,9 +9,9 @@ #include "test_rng.h" #if defined(BOTAN_HAS_ECGDSA) - #include "test_pubkey.h" - #include <botan/ecgdsa.h> - #include <botan/oids.h> + #include "test_pubkey.h" + #include <botan/ecgdsa.h> + #include <botan/oids.h> #endif namespace Botan_Tests { @@ -24,12 +24,14 @@ class ECGDSA_Signature_KAT_Tests : public PK_Signature_Generation_Test { public: ECGDSA_Signature_KAT_Tests() : PK_Signature_Generation_Test( - "ECGDSA", - "pubkey/ecgdsa.vec", - "Group,X,Hash,Msg,Nonce,Signature") - {} + "ECGDSA", + "pubkey/ecgdsa.vec", + "Group,X,Hash,Msg,Nonce,Signature") {} - bool clear_between_callbacks() const override { return false; } + bool clear_between_callbacks() const override + { + return false; + } std::unique_ptr<Botan::Private_Key> load_private_key(const VarMap& vars) override { @@ -57,8 +59,14 @@ class ECGDSA_Signature_KAT_Tests : public PK_Signature_Generation_Test class ECGDSA_Keygen_Tests : public PK_Key_Generation_Test { public: - std::vector<std::string> keygen_params() const override { return { "secp256r1", "secp384r1", "secp521r1" }; } - std::string algo_name() const override { return "ECGDSA"; } + std::vector<std::string> keygen_params() const override + { + return { "secp256r1", "secp384r1", "secp521r1" }; + } + std::string algo_name() const override + { + return "ECGDSA"; + } }; BOTAN_REGISTER_TEST("ecgdsa_sign", ECGDSA_Signature_KAT_Tests); diff --git a/src/tests/test_ecies.cpp b/src/tests/test_ecies.cpp index cd68bec47..6b5f92b1e 100644 --- a/src/tests/test_ecies.cpp +++ b/src/tests/test_ecies.cpp @@ -106,8 +106,7 @@ class ECIES_ISO_Tests : public Text_Based_Test public: ECIES_ISO_Tests() : Text_Based_Test( "pubkey/ecies-18033.vec", - "format,p,a,b,mu,nu,gx,gy,hx,hy,x,r,C0,K") - {} + "format,p,a,b,mu,nu,gx,gy,hx,hy,x,r,C0,K") {} Test::Result run_one_test(const std::string&, const VarMap& vars) override { @@ -141,7 +140,7 @@ class ECIES_ISO_Tests : public Text_Based_Test const Botan::ECDH_PrivateKey eph_private_key(Test::rng(), domain, r); const Botan::PointGFp eph_public_key_point = eph_private_key.public_point(); const std::vector<uint8_t> eph_public_key_bin = Botan::unlock( - Botan::EC2OSP(eph_public_key_point, compression_type)); + Botan::EC2OSP(eph_public_key_point, compression_type)); result.test_eq("encoded (ephemeral) public key", eph_public_key_bin, c0); // test secret derivation: ISO 18033 test vectors use KDF1 from ISO 18033 @@ -173,11 +172,14 @@ class ECIES_ISO_Tests : public Text_Based_Test if(cofactor_mode + check_mode + old_cofactor_mode > 1) { - result.test_throws("throw on invalid ECIES_Flags", [&] + auto onThrow = [&]() { - Botan::ECIES_System_Params(eph_private_key.domain(), "KDF2(SHA-1)", "AES-256/CBC", - 32, "HMAC(SHA-1)", 20, gen_compression_type, flags); - }); + Botan::ECIES_System_Params( + eph_private_key.domain(), + "KDF2(SHA-1)", "AES-256/CBC", 32, "HMAC(SHA-1)", 20, + gen_compression_type, flags); + }; + result.test_throws("throw on invalid ECIES_Flags", onThrow); continue; } @@ -201,11 +203,11 @@ BOTAN_REGISTER_TEST("ecies_iso", ECIES_ISO_Tests); class ECIES_Tests : public Text_Based_Test { public: - ECIES_Tests() : Text_Based_Test( - "pubkey/ecies.vec", - "Curve,PrivateKey,OtherPrivateKey,Kdf,Dem,DemKeyLen,Iv,Mac,MacKeyLen,Format," - "CofactorMode,OldCofactorMode,CheckMode,SingleHashMode,Label,Plaintext,Ciphertext") - {} + ECIES_Tests() + : Text_Based_Test( + "pubkey/ecies.vec", + "Curve,PrivateKey,OtherPrivateKey,Kdf,Dem,DemKeyLen,Iv,Mac,MacKeyLen,Format," + "CofactorMode,OldCofactorMode,CheckMode,SingleHashMode,Label,Plaintext,Ciphertext") {} Test::Result run_one_test(const std::string&, const VarMap& vars) override { @@ -373,13 +375,13 @@ Test::Result test_system_params_short_ctor() // generated with botan const std::vector<uint8_t> ciphertext = Botan::hex_decode("0401519EAA0489FF9D51E98E4C22349463E2001CD06F8CE47D81D4007A" - "79ACF98E92C814686477CEA666EFC277DC84E15FC95E38AFF8E16D478A" - "44CD5C5F1517F8B1F300000591317F261C3D04A7207F01EAE3EC70F2360" - "0F82C53CC0B85BE7AC9F6CE79EF2AB416E5934D61BA9D346385D7545C57F" - "77C7EA7C58E18C70CBFB0A24AE1B9943EC5A8D0657522CCDF30BA95674D81" - "B397635D215178CD13BD9504AE957A9888F4128FFC0F0D3F1CEC646AEC8CE" - "3F2463D233B22A7A12B679F4C06501F584D4DEFF6D26592A8D873398BD892" - "B477B3468813C053DA43C4F3D49009F7A12D6EF7"); + "79ACF98E92C814686477CEA666EFC277DC84E15FC95E38AFF8E16D478A" + "44CD5C5F1517F8B1F300000591317F261C3D04A7207F01EAE3EC70F2360" + "0F82C53CC0B85BE7AC9F6CE79EF2AB416E5934D61BA9D346385D7545C57F" + "77C7EA7C58E18C70CBFB0A24AE1B9943EC5A8D0657522CCDF30BA95674D81" + "B397635D215178CD13BD9504AE957A9888F4128FFC0F0D3F1CEC646AEC8CE" + "3F2463D233B22A7A12B679F4C06501F584D4DEFF6D26592A8D873398BD892" + "B477B3468813C053DA43C4F3D49009F7A12D6EF7"); check_encrypt_decrypt(result, private_key, other_private_key, ecies_params, iv, label, plaintext, ciphertext); diff --git a/src/tests/test_eckcdsa.cpp b/src/tests/test_eckcdsa.cpp index 83db0364d..62adb8599 100644 --- a/src/tests/test_eckcdsa.cpp +++ b/src/tests/test_eckcdsa.cpp @@ -9,9 +9,9 @@ #include "test_rng.h" #if defined(BOTAN_HAS_ECKCDSA) - #include "test_pubkey.h" - #include <botan/eckcdsa.h> - #include <botan/oids.h> + #include "test_pubkey.h" + #include <botan/eckcdsa.h> + #include <botan/oids.h> #endif namespace Botan_Tests { @@ -23,13 +23,16 @@ namespace { class ECKCDSA_Signature_KAT_Tests : public PK_Signature_Generation_Test { public: - ECKCDSA_Signature_KAT_Tests() : PK_Signature_Generation_Test( - "ECKCDSA", - "pubkey/eckcdsa.vec", - "Group,X,Hash,Msg,Nonce,Signature") - {} + ECKCDSA_Signature_KAT_Tests() + : PK_Signature_Generation_Test( + "ECKCDSA", + "pubkey/eckcdsa.vec", + "Group,X,Hash,Msg,Nonce,Signature") {} - bool clear_between_callbacks() const override { return false; } + bool clear_between_callbacks() const override + { + return false; + } std::unique_ptr<Botan::Private_Key> load_private_key(const VarMap& vars) override { @@ -57,8 +60,14 @@ class ECKCDSA_Signature_KAT_Tests : public PK_Signature_Generation_Test class ECKCDSA_Keygen_Tests : public PK_Key_Generation_Test { public: - std::vector<std::string> keygen_params() const override { return { "secp256r1", "secp384r1", "secp521r1" }; } - std::string algo_name() const override { return "ECKCDSA"; } + std::vector<std::string> keygen_params() const override + { + return { "secp256r1", "secp384r1", "secp521r1" }; + } + std::string algo_name() const override + { + return "ECKCDSA"; + } }; BOTAN_REGISTER_TEST("eckcdsa_sign", ECKCDSA_Signature_KAT_Tests); diff --git a/src/tests/test_elg.cpp b/src/tests/test_elg.cpp index 8219b0490..9d024cb5a 100644 --- a/src/tests/test_elg.cpp +++ b/src/tests/test_elg.cpp @@ -7,8 +7,8 @@ #include "tests.h" #if defined(BOTAN_HAS_ELGAMAL) - #include <botan/elgamal.h> - #include "test_pubkey.h" + #include <botan/elgamal.h> + #include "test_pubkey.h" #endif namespace Botan_Tests { @@ -20,12 +20,12 @@ namespace { class ElGamal_KAT_Tests : public PK_Encryption_Decryption_Test { public: - ElGamal_KAT_Tests() : PK_Encryption_Decryption_Test( - "ElGamal", - "pubkey/elgamal.vec", - "P,G,X,Msg,Nonce,Ciphertext", - "Padding") - {} + ElGamal_KAT_Tests() + : PK_Encryption_Decryption_Test( + "ElGamal", + "pubkey/elgamal.vec", + "P,G,X,Msg,Nonce,Ciphertext", + "Padding") {} std::unique_ptr<Botan::Private_Key> load_private_key(const VarMap& vars) override { @@ -43,8 +43,14 @@ class ElGamal_KAT_Tests : public PK_Encryption_Decryption_Test class ElGamal_Keygen_Tests : public PK_Key_Generation_Test { public: - std::vector<std::string> keygen_params() const override { return { "modp/ietf/1024", "modp/ietf/2048" }; } - std::string algo_name() const override { return "ElGamal"; } + std::vector<std::string> keygen_params() const override + { + return { "modp/ietf/1024", "modp/ietf/2048" }; + } + std::string algo_name() const override + { + return "ElGamal"; + } }; BOTAN_REGISTER_TEST("elgamal_encrypt", ElGamal_KAT_Tests); diff --git a/src/tests/test_entropy.cpp b/src/tests/test_entropy.cpp index 0fc757612..232b30d7d 100644 --- a/src/tests/test_entropy.cpp +++ b/src/tests/test_entropy.cpp @@ -9,7 +9,7 @@ #include <botan/entropy_src.h> #if defined(BOTAN_HAS_COMPRESSION) - #include <botan/compression.h> + #include <botan/compression.h> #endif namespace Botan_Tests { @@ -27,7 +27,7 @@ class Entropy_Source_Tests : public Test std::vector<Test::Result> results; - for(auto&& src_name : src_names) + for(auto const& src_name : src_names) { Test::Result result("Entropy source " + src_name); @@ -104,7 +104,7 @@ class Entropy_Source_Tests : public Test size_t comp_diff = comp2_size - comp1_size; result.test_gte(comp_algo + " diff compressed entropy better than advertised", - comp_diff*8, bits2); + comp_diff * 8, bits2); } catch(std::exception& e) { diff --git a/src/tests/test_ffi.cpp b/src/tests/test_ffi.cpp index d5ddace04..c5fe3b908 100644 --- a/src/tests/test_ffi.cpp +++ b/src/tests/test_ffi.cpp @@ -9,8 +9,8 @@ #include <botan/version.h> #if defined(BOTAN_HAS_FFI) -#include <botan/hex.h> -#include <botan/ffi.h> + #include <botan/hex.h> + #include <botan/ffi.h> #endif namespace Botan_Tests { @@ -58,7 +58,7 @@ class FFI_Unit_Tests : public Test std::vector<uint8_t> outbuf; //char namebuf[32]; - outstr.resize(2*bin.size()); + outstr.resize(2 * bin.size()); TEST_FFI_OK(botan_hex_encode, (bin.data(), bin.size(), &outstr[0], 0)); result.test_eq("uppercase hex", outstr, "AADE01"); @@ -241,14 +241,14 @@ class FFI_Unit_Tests : public Test size_t date_len = 0; TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_x509_cert_get_time_starts, (cert, nullptr, &date_len)); - std::string date(date_len-1, '0'); + std::string date(date_len - 1, '0'); TEST_FFI_OK(botan_x509_cert_get_time_starts, (cert, &date[0], &date_len)); result.test_eq("cert valid from", date, "070719152718Z"); date_len = 0; TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_x509_cert_get_time_expires, (cert, nullptr, &date_len)); - date.resize(date_len-1); + date.resize(date_len - 1); TEST_FFI_OK(botan_x509_cert_get_time_expires, (cert, &date[0], &date_len)); result.test_eq("cert valid until", date, "280119151800Z"); @@ -261,28 +261,35 @@ class FFI_Unit_Tests : public Test result.test_int_eq(serial[0], 1, "cert serial"); size_t fingerprint_len = 0; - TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_x509_cert_get_fingerprint, (cert, "SHA-256", nullptr, &fingerprint_len)); + TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_x509_cert_get_fingerprint, (cert, "SHA-256", nullptr, + &fingerprint_len)); std::vector<uint8_t> fingerprint(fingerprint_len); TEST_FFI_OK(botan_x509_cert_get_fingerprint, (cert, "SHA-256", fingerprint.data(), &fingerprint_len)); - result.test_eq("cert fingerprint", reinterpret_cast<const char*>(fingerprint.data()), "3B:6C:99:1C:D6:5A:51:FC:EB:17:E3:AA:F6:3C:1A:DA:14:1F:82:41:30:6F:64:EE:FF:63:F3:1F:D6:07:14:9F"); + result.test_eq("cert fingerprint", reinterpret_cast<const char*>(fingerprint.data()), + "3B:6C:99:1C:D6:5A:51:FC:EB:17:E3:AA:F6:3C:1A:DA:14:1F:82:41:30:6F:64:EE:FF:63:F3:1F:D6:07:14:9F"); size_t key_id_len = 0; - TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_x509_cert_get_authority_key_id, (cert, nullptr, &key_id_len)); + TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_x509_cert_get_authority_key_id, (cert, nullptr, + &key_id_len)); std::vector<uint8_t> key_id(key_id_len); TEST_FFI_OK(botan_x509_cert_get_authority_key_id, (cert, key_id.data(), &key_id_len)); - result.test_eq("cert authority key id", Botan::hex_encode(key_id.data(), key_id.size(), true), "0096452DE588F966C4CCDF161DD1F3F5341B71E7"); + result.test_eq("cert authority key id", Botan::hex_encode(key_id.data(), key_id.size(), true), + "0096452DE588F966C4CCDF161DD1F3F5341B71E7"); key_id_len = 0; - TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_x509_cert_get_subject_key_id, (cert, nullptr, &key_id_len)); + TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_x509_cert_get_subject_key_id, (cert, nullptr, + &key_id_len)); key_id.resize(key_id_len); TEST_FFI_OK(botan_x509_cert_get_subject_key_id, (cert, key_id.data(), &key_id_len)); - result.test_eq("cert subject key id", Botan::hex_encode(key_id.data(), key_id.size(), true), "0096452DE588F966C4CCDF161DD1F3F5341B71E7"); + result.test_eq("cert subject key id", Botan::hex_encode(key_id.data(), key_id.size(), true), + "0096452DE588F966C4CCDF161DD1F3F5341B71E7"); size_t pubkey_len = 0; - TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_x509_cert_get_public_key_bits, (cert, nullptr, &pubkey_len)); + TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_x509_cert_get_public_key_bits, (cert, nullptr, + &pubkey_len)); std::vector<uint8_t> pubkey(pubkey_len); TEST_FFI_OK(botan_x509_cert_get_public_key_bits, (cert, pubkey.data(), &pubkey_len)); @@ -294,14 +301,16 @@ class FFI_Unit_Tests : public Test } size_t dn_len = 0; - TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_x509_cert_get_issuer_dn, (cert, "Name", 0, nullptr, &dn_len)); + TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_x509_cert_get_issuer_dn, (cert, "Name", 0, nullptr, + &dn_len)); std::vector<uint8_t> dn(dn_len); TEST_FFI_OK(botan_x509_cert_get_issuer_dn, (cert, "Name", 0, dn.data(), &dn_len)); result.test_eq("issuer dn", reinterpret_cast<const char*>(dn.data()), "csca-germany"); dn_len = 0; - TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_x509_cert_get_subject_dn, (cert, "Name", 0, nullptr, &dn_len)); + TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_x509_cert_get_subject_dn, (cert, "Name", 0, nullptr, + &dn_len)); dn.resize(dn_len); TEST_FFI_OK(botan_x509_cert_get_subject_dn, (cert, "Name", 0, dn.data(), &dn_len)); @@ -310,7 +319,7 @@ class FFI_Unit_Tests : public Test size_t printable_len = 0; TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_x509_cert_to_string, (cert, nullptr, &printable_len)); - std::string printable(printable_len-1, '0'); + std::string printable(printable_len - 1, '0'); TEST_FFI_OK(botan_x509_cert_to_string, (cert, &printable[0], &printable_len)); TEST_FFI_RC(0, botan_x509_cert_allowed_usage, (cert, KEY_CERT_SIGN)); @@ -373,10 +382,12 @@ class FFI_Unit_Tests : public Test result.test_int_eq(max_keylen, 16, "Max key length"); // from https://github.com/geertj/bluepass/blob/master/tests/vectors/aes-cbc-pkcs7.txt - const std::vector<uint8_t> plaintext = Botan::hex_decode("0397f4f6820b1f9386f14403be5ac16e50213bd473b4874b9bcbf5f318ee686b1d"); + const std::vector<uint8_t> plaintext = + Botan::hex_decode("0397f4f6820b1f9386f14403be5ac16e50213bd473b4874b9bcbf5f318ee686b1d"); const std::vector<uint8_t> symkey = Botan::hex_decode("898be9cc5004ed0fa6e117c9a3099d31"); const std::vector<uint8_t> nonce = Botan::hex_decode("9dea7621945988f96491083849b068df"); - const std::vector<uint8_t> exp_ciphertext = Botan::hex_decode("e232cd6ef50047801ee681ec30f61d53cfd6b0bca02fd03c1b234baa10ea82ac9dab8b960926433a19ce6dea08677e34"); + const std::vector<uint8_t> exp_ciphertext = + Botan::hex_decode("e232cd6ef50047801ee681ec30f61d53cfd6b0bca02fd03c1b234baa10ea82ac9dab8b960926433a19ce6dea08677e34"); std::vector<uint8_t> ciphertext(16 + plaintext.size()); // TODO: no way to know this size from API @@ -389,13 +400,14 @@ class FFI_Unit_Tests : public Test TEST_FFI_OK(botan_cipher_set_key, (cipher_encrypt, symkey.data(), symkey.size())); TEST_FFI_OK(botan_cipher_start, (cipher_encrypt, nonce.data(), nonce.size())); TEST_FFI_OK(botan_cipher_update, (cipher_encrypt, 0, ciphertext.data(), ciphertext.size(), &output_written, - plaintext.data(), plaintext.size(), &input_consumed)); + plaintext.data(), plaintext.size(), &input_consumed)); TEST_FFI_OK(botan_cipher_clear, (cipher_encrypt)); TEST_FFI_OK(botan_cipher_set_key, (cipher_encrypt, symkey.data(), symkey.size())); TEST_FFI_OK(botan_cipher_start, (cipher_encrypt, nonce.data(), nonce.size())); - TEST_FFI_OK(botan_cipher_update, (cipher_encrypt, BOTAN_CIPHER_UPDATE_FLAG_FINAL, ciphertext.data(), ciphertext.size(), &output_written, - plaintext.data(), plaintext.size(), &input_consumed)); + TEST_FFI_OK(botan_cipher_update, (cipher_encrypt, BOTAN_CIPHER_UPDATE_FLAG_FINAL, ciphertext.data(), ciphertext.size(), + &output_written, + plaintext.data(), plaintext.size(), &input_consumed)); ciphertext.resize(output_written); result.test_eq("AES/CBC ciphertext", ciphertext, exp_ciphertext); @@ -406,8 +418,9 @@ class FFI_Unit_Tests : public Test TEST_FFI_OK(botan_cipher_set_key, (cipher_decrypt, symkey.data(), symkey.size())); TEST_FFI_OK(botan_cipher_start, (cipher_decrypt, nonce.data(), nonce.size())); - TEST_FFI_OK(botan_cipher_update, (cipher_decrypt, BOTAN_CIPHER_UPDATE_FLAG_FINAL, decrypted.data(), decrypted.size(), &output_written, - ciphertext.data(), ciphertext.size(), &input_consumed)); + TEST_FFI_OK(botan_cipher_update, (cipher_decrypt, BOTAN_CIPHER_UPDATE_FLAG_FINAL, decrypted.data(), decrypted.size(), + &output_written, + ciphertext.data(), ciphertext.size(), &input_consumed)); result.test_eq("AES/CBC plaintext", decrypted, plaintext); @@ -457,7 +470,7 @@ class FFI_Unit_Tests : public Test const std::vector<uint8_t> symkey = Botan::hex_decode("FEFFE9928665731C6D6A8F9467308308"); const std::vector<uint8_t> nonce = Botan::hex_decode("CAFEBABEFACEDBADDECAF888"); const std::vector<uint8_t> exp_ciphertext = Botan::hex_decode( - "42831EC2217774244B7221B784D0D49CE3AA212F2C02A4E035C17E2329ACA12E21D514B25466931C7D8F6A5AAC84AA051BA30B396A0AAC973D58E0915BC94FBC3221A5DB94FAE95AE7121A47"); + "42831EC2217774244B7221B784D0D49CE3AA212F2C02A4E035C17E2329ACA12E21D514B25466931C7D8F6A5AAC84AA051BA30B396A0AAC973D58E0915BC94FBC3221A5DB94FAE95AE7121A47"); const std::vector<uint8_t> aad = Botan::hex_decode("FEEDFACEDEADBEEFFEEDFACEDEADBEEFABADDAD2"); std::vector<uint8_t> ciphertext(tag_len + plaintext.size()); @@ -520,9 +533,9 @@ class FFI_Unit_Tests : public Test const std::vector<uint8_t> key = Botan::hex_decode("2B7E151628AED2A6ABF7158809CF4F3C"); const std::vector<uint8_t> nonce = Botan::hex_decode("F0F1F2F3F4F5F6F7F8F9FAFBFCFDFF"); const std::vector<uint8_t> pt = Botan::hex_decode( - "AE2D8A571E03AC9C9EB76FAC45AF8E5130C81C46A35CE411E5FBC1191A0A52EFF69F2445DF4F9B17AD2B417BE66C3710"); + "AE2D8A571E03AC9C9EB76FAC45AF8E5130C81C46A35CE411E5FBC1191A0A52EFF69F2445DF4F9B17AD2B417BE66C3710"); const std::vector<uint8_t> exp_ct = Botan::hex_decode( - "9806F66B7970FDFF8617187BB9FFFDFF5AE4DF3EDBD5D35E5B4F09020DB03EAB1E031DDA2FBE03D1792170A0F3009CEE"); + "9806F66B7970FDFF8617187BB9FFFDFF5AE4DF3EDBD5D35E5B4F09020DB03EAB1E031DDA2FBE03D1792170A0F3009CEE"); botan_cipher_t ctr; @@ -629,45 +642,45 @@ class FFI_Unit_Tests : public Test TEST_FFI_RC(0, botan_mp_is_zero, (x)); - { - botan_mp_t zero; - botan_mp_init(&zero); - int cmp; - TEST_FFI_OK(botan_mp_cmp, (&cmp, x, zero)); - result.confirm("bigint_mp_cmp(+, 0)", cmp == 1); + { + botan_mp_t zero; + botan_mp_init(&zero); + int cmp; + TEST_FFI_OK(botan_mp_cmp, (&cmp, x, zero)); + result.confirm("bigint_mp_cmp(+, 0)", cmp == 1); - TEST_FFI_OK(botan_mp_cmp, (&cmp, zero, x)); - result.confirm("bigint_mp_cmp(0, +)", cmp == -1); + TEST_FFI_OK(botan_mp_cmp, (&cmp, zero, x)); + result.confirm("bigint_mp_cmp(0, +)", cmp == -1); - TEST_FFI_RC(0, botan_mp_is_negative, (x)); - TEST_FFI_RC(1, botan_mp_is_positive, (x)); - TEST_FFI_OK(botan_mp_flip_sign, (x)); - TEST_FFI_RC(1, botan_mp_is_negative, (x)); - TEST_FFI_RC(0, botan_mp_is_positive, (x)); + TEST_FFI_RC(0, botan_mp_is_negative, (x)); + TEST_FFI_RC(1, botan_mp_is_positive, (x)); + TEST_FFI_OK(botan_mp_flip_sign, (x)); + TEST_FFI_RC(1, botan_mp_is_negative, (x)); + TEST_FFI_RC(0, botan_mp_is_positive, (x)); - // test no negative zero - TEST_FFI_RC(0, botan_mp_is_negative, (zero)); - TEST_FFI_RC(1, botan_mp_is_positive, (zero)); - TEST_FFI_OK(botan_mp_flip_sign, (zero)); - TEST_FFI_RC(0, botan_mp_is_negative, (zero)); - TEST_FFI_RC(1, botan_mp_is_positive, (zero)); + // test no negative zero + TEST_FFI_RC(0, botan_mp_is_negative, (zero)); + TEST_FFI_RC(1, botan_mp_is_positive, (zero)); + TEST_FFI_OK(botan_mp_flip_sign, (zero)); + TEST_FFI_RC(0, botan_mp_is_negative, (zero)); + TEST_FFI_RC(1, botan_mp_is_positive, (zero)); - TEST_FFI_OK(botan_mp_cmp, (&cmp, x, zero)); - result.confirm("bigint_mp_cmp(-, 0)", cmp == -1); + TEST_FFI_OK(botan_mp_cmp, (&cmp, x, zero)); + result.confirm("bigint_mp_cmp(-, 0)", cmp == -1); - TEST_FFI_OK(botan_mp_cmp, (&cmp, zero, x)); - result.confirm("bigint_mp_cmp(0, -)", cmp == 1); + TEST_FFI_OK(botan_mp_cmp, (&cmp, zero, x)); + result.confirm("bigint_mp_cmp(0, -)", cmp == 1); - TEST_FFI_OK(botan_mp_cmp, (&cmp, zero, zero)); - result.confirm("bigint_mp_cmp(0, 0)", cmp == 0); + TEST_FFI_OK(botan_mp_cmp, (&cmp, zero, zero)); + result.confirm("bigint_mp_cmp(0, 0)", cmp == 0); - TEST_FFI_OK(botan_mp_cmp, (&cmp, x, x)); - result.confirm("bigint_mp_cmp(x, x)", cmp == 0); + TEST_FFI_OK(botan_mp_cmp, (&cmp, x, x)); + result.confirm("bigint_mp_cmp(x, x)", cmp == 0); - TEST_FFI_OK(botan_mp_flip_sign, (x)); + TEST_FFI_OK(botan_mp_flip_sign, (x)); - botan_mp_destroy(zero); - } + botan_mp_destroy(zero); + } size_t x_bits = 0; TEST_FFI_OK(botan_mp_num_bits, (x, &x_bits)); @@ -786,7 +799,7 @@ class FFI_Unit_Tests : public Test size_t x_bytes; botan_mp_rand_bits(x, rng, 512); TEST_FFI_OK(botan_mp_num_bytes, (x, &x_bytes)); - result.test_lte("botan_mp_num_bytes", x_bytes, 512/8); + result.test_lte("botan_mp_num_bytes", x_bytes, 512 / 8); TEST_FFI_OK(botan_mp_set_from_radix_str, (x, "909A", 16)); TEST_FFI_OK(botan_mp_to_uint32, (x, &x_32)); @@ -811,13 +824,15 @@ class FFI_Unit_Tests : public Test // export public key size_t pubkey_len = 0; - TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_pubkey_export, (pub, nullptr, &pubkey_len, BOTAN_PRIVKEY_EXPORT_FLAG_DER)); + TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_pubkey_export, (pub, nullptr, &pubkey_len, + BOTAN_PRIVKEY_EXPORT_FLAG_DER)); std::vector<uint8_t> pubkey(pubkey_len); TEST_FFI_OK(botan_pubkey_export, (pub, pubkey.data(), &pubkey_len, BOTAN_PRIVKEY_EXPORT_FLAG_DER)); pubkey_len = 0; - TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_pubkey_export, (pub, nullptr, &pubkey_len, BOTAN_PRIVKEY_EXPORT_FLAG_PEM)); + TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_pubkey_export, (pub, nullptr, &pubkey_len, + BOTAN_PRIVKEY_EXPORT_FLAG_PEM)); pubkey.resize(pubkey_len); TEST_FFI_OK(botan_pubkey_export, (pub, pubkey.data(), &pubkey_len, BOTAN_PRIVKEY_EXPORT_FLAG_PEM)); @@ -832,7 +847,8 @@ class FFI_Unit_Tests : public Test size_t privkey_len = 0; // call with nullptr to query the length - TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_privkey_export, (priv, nullptr, &privkey_len, BOTAN_PRIVKEY_EXPORT_FLAG_DER)); + TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_privkey_export, (priv, nullptr, &privkey_len, + BOTAN_PRIVKEY_EXPORT_FLAG_DER)); privkey.resize(privkey_len); privkey_len = privkey.size(); // set buffer size @@ -846,25 +862,30 @@ class FFI_Unit_Tests : public Test // Now again for PEM privkey_len = 0; - TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_privkey_export, (priv, nullptr, &privkey_len, BOTAN_PRIVKEY_EXPORT_FLAG_PEM)); + TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_privkey_export, (priv, nullptr, &privkey_len, + BOTAN_PRIVKEY_EXPORT_FLAG_PEM)); privkey.resize(privkey_len); TEST_FFI_OK(botan_privkey_export, (priv, privkey.data(), &privkey_len, BOTAN_PRIVKEY_EXPORT_FLAG_PEM)); // export private key encrypted privkey_len = 0; - TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_privkey_export_encrypted_pbkdf_iter, (priv, nullptr, &privkey_len, rng, "password", pbkdf_iter, "", "", BOTAN_PRIVKEY_EXPORT_FLAG_DER)); + TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_privkey_export_encrypted_pbkdf_iter, (priv, nullptr, + &privkey_len, rng, "password", pbkdf_iter, "", "", BOTAN_PRIVKEY_EXPORT_FLAG_DER)); privkey.resize(privkey_len); privkey_len = privkey.size(); - TEST_FFI_OK(botan_privkey_export_encrypted_pbkdf_iter, (priv, privkey.data(), &privkey_len, rng, "password", pbkdf_iter, "", "", BOTAN_PRIVKEY_EXPORT_FLAG_DER)); + TEST_FFI_OK(botan_privkey_export_encrypted_pbkdf_iter, (priv, privkey.data(), &privkey_len, rng, "password", pbkdf_iter, + "", "", BOTAN_PRIVKEY_EXPORT_FLAG_DER)); privkey_len = 0; - TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_privkey_export_encrypted_pbkdf_iter, (priv, nullptr, &privkey_len, rng, "password", pbkdf_iter, "", "", BOTAN_PRIVKEY_EXPORT_FLAG_PEM)); + TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_privkey_export_encrypted_pbkdf_iter, (priv, nullptr, + &privkey_len, rng, "password", pbkdf_iter, "", "", BOTAN_PRIVKEY_EXPORT_FLAG_PEM)); privkey.resize(privkey_len); - TEST_FFI_OK(botan_privkey_export_encrypted_pbkdf_iter, (priv, privkey.data(), &privkey_len, rng, "password", pbkdf_iter, "", "", BOTAN_PRIVKEY_EXPORT_FLAG_PEM)); + TEST_FFI_OK(botan_privkey_export_encrypted_pbkdf_iter, (priv, privkey.data(), &privkey_len, rng, "password", pbkdf_iter, + "", "", BOTAN_PRIVKEY_EXPORT_FLAG_PEM)); // calculate fingerprint size_t strength = 0; @@ -872,7 +893,8 @@ class FFI_Unit_Tests : public Test result.test_gte("estimated strength", strength, 1); size_t fingerprint_len = 0; - TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_pubkey_fingerprint, (pub, "SHA-512", nullptr, &fingerprint_len)); + TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_pubkey_fingerprint, (pub, "SHA-512", nullptr, + &fingerprint_len)); std::vector<uint8_t> fingerprint(fingerprint_len); TEST_FFI_OK(botan_pubkey_fingerprint, (pub, "SHA-512", fingerprint.data(), &fingerprint_len)); @@ -908,18 +930,18 @@ class FFI_Unit_Tests : public Test TEST_FFI_OK(botan_privkey_rsa_get_n, (n, priv)); // Confirm same (e,n) values in public key - { - botan_mp_t pub_e, pub_n; - botan_mp_init(&pub_e); - botan_mp_init(&pub_n); - TEST_FFI_OK(botan_pubkey_rsa_get_e, (pub_e, pub)); - TEST_FFI_OK(botan_pubkey_rsa_get_n, (pub_n, pub)); - - TEST_FFI_RC(1, botan_mp_equal, (pub_e, e)); - TEST_FFI_RC(1, botan_mp_equal, (pub_n, n)); - botan_mp_destroy(pub_e); - botan_mp_destroy(pub_n); - } + { + botan_mp_t pub_e, pub_n; + botan_mp_init(&pub_e); + botan_mp_init(&pub_n); + TEST_FFI_OK(botan_pubkey_rsa_get_e, (pub_e, pub)); + TEST_FFI_OK(botan_pubkey_rsa_get_n, (pub_n, pub)); + + TEST_FFI_RC(1, botan_mp_equal, (pub_e, e)); + TEST_FFI_RC(1, botan_mp_equal, (pub_n, n)); + botan_mp_destroy(pub_e); + botan_mp_destroy(pub_n); + } TEST_FFI_RC(1, botan_mp_is_prime, (p, rng, 64)); TEST_FFI_RC(1, botan_mp_is_prime, (q, rng, 64)); @@ -1060,14 +1082,14 @@ class FFI_Unit_Tests : public Test botan_pk_op_sign_t signer; std::vector<uint8_t> message(6, 6); - std::vector<uint8_t> signature(20*2); + std::vector<uint8_t> signature(20 * 2); if(TEST_FFI_OK(botan_pk_op_sign_create, (&signer, loaded_privkey, "EMSA1(SHA-256)", 0))) { // TODO: break input into multiple calls to update TEST_FFI_OK(botan_pk_op_sign_update, (signer, message.data(), message.size())); - signature.resize(20*2); // TODO: no way to derive this from API + signature.resize(20 * 2); // TODO: no way to derive this from API size_t sig_len = signature.size(); TEST_FFI_OK(botan_pk_op_sign_finish, (signer, rng, signature.data(), &sig_len)); signature.resize(sig_len); @@ -1250,7 +1272,7 @@ class FFI_Unit_Tests : public Test botan_privkey_t priv; #if defined(BOTAN_HAS_MCELIECE) - if (TEST_FFI_OK(botan_privkey_create_mceliece, (&priv, rng, 2048, 50))) + if(TEST_FFI_OK(botan_privkey_create_mceliece, (&priv, rng, 2048, 50))) { botan_pubkey_t pub; TEST_FFI_OK(botan_privkey_export_pubkey, (&pub, priv)); @@ -1259,7 +1281,7 @@ class FFI_Unit_Tests : public Test char namebuf[32] = { 0 }; size_t name_len = sizeof(namebuf); - if (TEST_FFI_OK(botan_pubkey_algo_name, (pub, namebuf, &name_len))) + if(TEST_FFI_OK(botan_pubkey_algo_name, (pub, namebuf, &name_len))) { result.test_eq("algo name", std::string(namebuf), "McEliece"); } @@ -1274,16 +1296,19 @@ class FFI_Unit_Tests : public Test size_t ciphertext_len = 0; // first calculate ciphertext length - TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_mceies_encrypt, (pub, rng, "AES-256/OCB", plaintext.data(), plaintext.size(), ad, ad_len, nullptr, &ciphertext_len)); + TEST_FFI_RC(BOTAN_FFI_ERROR_INSUFFICIENT_BUFFER_SPACE, botan_mceies_encrypt, (pub, rng, "AES-256/OCB", plaintext.data(), + plaintext.size(), ad, ad_len, nullptr, &ciphertext_len)); std::vector<uint8_t> ciphertext(ciphertext_len); // now encrypt - if (TEST_FFI_OK(botan_mceies_encrypt, (pub, rng, "AES-256/OCB", plaintext.data(), plaintext.size(), ad, ad_len, ciphertext.data(), &ciphertext_len))) + if(TEST_FFI_OK(botan_mceies_encrypt, (pub, rng, "AES-256/OCB", plaintext.data(), plaintext.size(), ad, ad_len, + ciphertext.data(), &ciphertext_len))) { std::vector<uint8_t> decrypted(plaintext.size()); size_t decrypted_len = plaintext_len; - TEST_FFI_OK(botan_mceies_decrypt, (priv, "AES-256/OCB", ciphertext.data(), ciphertext.size(), ad, ad_len, decrypted.data(), &decrypted_len)); + TEST_FFI_OK(botan_mceies_decrypt, (priv, "AES-256/OCB", ciphertext.data(), ciphertext.size(), ad, ad_len, + decrypted.data(), &decrypted_len)); result.test_eq("MCIES plaintext", decrypted, plaintext); } @@ -1323,7 +1348,7 @@ class FFI_Unit_Tests : public Test TEST_FFI_OK(botan_pubkey_get_field, (p, pub, "p")); TEST_FFI_OK(botan_pubkey_get_field, (g, pub, "g")); TEST_FFI_OK(botan_pubkey_get_field, (y, pub, "y")); - TEST_FFI_OK(botan_privkey_get_field,(x, priv,"x")); + TEST_FFI_OK(botan_privkey_get_field, (x, priv, "x")); size_t p_len = 0; TEST_FFI_OK(botan_mp_num_bytes, (p, &p_len)); @@ -1348,7 +1373,7 @@ class FFI_Unit_Tests : public Test // Test encryption botan_pk_op_encrypt_t op_enc; - size_t ct_len = ciphertext.size(); + size_t ct_len = ciphertext.size(); REQUIRE_FFI_OK(botan_pk_op_encrypt_create, (&op_enc, loaded_pubkey, "Raw", 0)); TEST_FFI_OK(botan_pk_op_encrypt, (op_enc, rng, ciphertext.data(), &ct_len, plaintext.data(), plaintext.size())); TEST_FFI_OK(botan_pk_op_encrypt_destroy, (op_enc)); diff --git a/src/tests/test_filters.cpp b/src/tests/test_filters.cpp index b9bd15ced..3c50d94ce 100644 --- a/src/tests/test_filters.cpp +++ b/src/tests/test_filters.cpp @@ -10,17 +10,17 @@ #include "tests.h" #if defined(BOTAN_HAS_FILTERS) - #include <botan/secqueue.h> - #include <botan/pipe.h> - #include <botan/filters.h> - #include <botan/data_snk.h> - #include <botan/comp_filter.h> - #include <botan/cipher_filter.h> + #include <botan/secqueue.h> + #include <botan/pipe.h> + #include <botan/filters.h> + #include <botan/data_snk.h> + #include <botan/comp_filter.h> + #include <botan/cipher_filter.h> #endif #if defined(BOTAN_HAS_CODEC_FILTERS) - #include <botan/hex_filt.h> - #include <botan/b64_filt.h> + #include <botan/hex_filt.h> + #include <botan/b64_filt.h> #endif namespace Botan_Tests { @@ -80,7 +80,7 @@ class Filter_Tests : public Test queue_a = queue_b; result.test_eq("bytes_read is set correctly", queue_a.get_bytes_read(), 0); } - catch (std::exception& e) + catch(std::exception& e) { result.test_failure("SecureQueue", e.what()); } @@ -117,29 +117,29 @@ class Filter_Tests : public Test } Test::Result test_data_src_sink_flush() - { - Test::Result result("DataSinkFlush"); + { + Test::Result result("DataSinkFlush"); #if defined(BOTAN_HAS_CODEC_FILTERS) - std::string tmp_name("botan_test_data_src_sink_flush.tmp"); - std::ofstream outfile(tmp_name); + std::string tmp_name("botan_test_data_src_sink_flush.tmp"); + std::ofstream outfile(tmp_name); - Botan::Pipe pipe(new Botan::Hex_Decoder, new Botan::DataSink_Stream(outfile)); + Botan::Pipe pipe(new Botan::Hex_Decoder, new Botan::DataSink_Stream(outfile)); - Botan::DataSource_Memory input_mem("65666768"); - pipe.process_msg(input_mem); + Botan::DataSource_Memory input_mem("65666768"); + pipe.process_msg(input_mem); - std::ifstream outfile_read(tmp_name); - std::stringstream ss; - ss << outfile_read.rdbuf(); - std::string foo = ss.str(); + std::ifstream outfile_read(tmp_name); + std::stringstream ss; + ss << outfile_read.rdbuf(); + std::string foo = ss.str(); - result.test_eq("output string", ss.str(), "efgh"); + result.test_eq("output string", ss.str(), "efgh"); - std::remove(tmp_name.c_str()); + std::remove(tmp_name.c_str()); #endif - return result; - } + return result; + } Test::Result test_pipe_io() { @@ -178,20 +178,20 @@ class Filter_Tests : public Test pipe.pop(); // empty pipe, so ignored // can't explicitly insert a queue into the pipe because they are implicit - result.test_throws("pipe error", "Invalid argument Pipe::append: SecureQueue cannot be used", - [&]() { pipe.append(new Botan::SecureQueue); }); - result.test_throws("pipe error", "Invalid argument Pipe::prepend: SecureQueue cannot be used", - [&]() { pipe.prepend(new Botan::SecureQueue); }); + result.test_throws("pipe error", "Invalid argument Pipe::append: SecureQueue cannot be used", [&]() + { pipe.append(new Botan::SecureQueue); }); + result.test_throws("pipe error", "Invalid argument Pipe::prepend: SecureQueue cannot be used", [&]() + { pipe.prepend(new Botan::SecureQueue); }); pipe.start_msg(); // now inside a message, cannot modify pipe structure - result.test_throws("pipe error", "Cannot append to a Pipe while it is processing", - [&]() { pipe.append(nullptr); }); - result.test_throws("pipe error", "Cannot prepend to a Pipe while it is processing", - [&]() { pipe.prepend(nullptr); }); - result.test_throws("pipe error", "Cannot pop off a Pipe while it is processing", - [&]() { pipe.pop(); }); + result.test_throws("pipe error", "Cannot append to a Pipe while it is processing", [&]() + { pipe.append(nullptr); }); + result.test_throws("pipe error", "Cannot prepend to a Pipe while it is processing", [&]() + { pipe.prepend(nullptr); }); + result.test_throws("pipe error", "Cannot pop off a Pipe while it is processing", [&]() + { pipe.pop(); }); pipe.end_msg(); @@ -290,7 +290,7 @@ class Filter_Tests : public Test result.test_eq("Cipher key length max", cipher->key_spec().maximum_keylength(), 16); result.test_eq("Cipher key length min", cipher->key_spec().minimum_keylength(), 16); - // takes ownership of cipher + // takes ownership of cipher Botan::Pipe pipe(cipher); cipher->set_key(Botan::SymmetricKey("AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA")); @@ -410,8 +410,8 @@ class Filter_Tests : public Test pipe.reset(); pipe.append(new Botan::Hex_Decoder); pipe.append(new Botan::Base64_Encoder(/*break_lines=*/true, - /*line_length=*/4, - /*trailing_newline=*/true)); + /*line_length=*/4, + /*trailing_newline=*/true)); pipe.process_msg("6dab1eeb8a2eb69bad"); result.test_eq("base64 with linebreaks and trailing newline", pipe.read_all_as_string(5), "base\n64ou\ntput\n\n"); @@ -488,7 +488,7 @@ class Filter_Tests : public Test new Botan::Fork( new Botan::Chain(new Botan::Hash_Filter("SHA-256"), new Botan::Hex_Encoder), new Botan::Chain(new Botan::Hash_Filter("SHA-512-256"), new Botan::Hex_Encoder) - )); + )); result.test_eq("Fork has a name", fork->name(), "Fork"); Botan::Pipe pipe(fork.release()); @@ -497,8 +497,10 @@ class Filter_Tests : public Test pipe.process_msg("OMG"); result.test_eq("Message count", pipe.message_count(), 2); - result.test_eq("Hash 1", pipe.read_all_as_string(0), "C00862D1C6C1CF7C1B49388306E7B3C1BB79D8D6EC978B41035B556DBB3797DF"); - result.test_eq("Hash 2", pipe.read_all_as_string(1), "610480FFA82F24F6926544B976FE387878E3D973C03DFD591C2E9896EFB903E0"); + result.test_eq("Hash 1", pipe.read_all_as_string(0), + "C00862D1C6C1CF7C1B49388306E7B3C1BB79D8D6EC978B41035B556DBB3797DF"); + result.test_eq("Hash 2", pipe.read_all_as_string(1), + "610480FFA82F24F6926544B976FE387878E3D973C03DFD591C2E9896EFB903E0"); #endif return result; @@ -507,11 +509,10 @@ class Filter_Tests : public Test Test::Result test_threaded_fork() { - Test::Result result("Threaded_Fork"); + Test::Result result("Threaded_Fork"); #if defined(BOTAN_TARGET_OS_HAS_THREADS) && defined(BOTAN_HAS_CODEC_FILTERS) && defined(BOTAN_HAS_SHA2_32) - Botan::Pipe pipe(new Botan::Threaded_Fork(new Botan::Hex_Encoder, - new Botan::Base64_Encoder)); + Botan::Pipe pipe(new Botan::Threaded_Fork(new Botan::Hex_Encoder, new Botan::Base64_Encoder)); result.test_eq("Message count", pipe.message_count(), 0); pipe.process_msg("woo"); @@ -526,7 +527,9 @@ class Filter_Tests : public Test const size_t filter_count = 5; Botan::Filter* filters[filter_count]; for(size_t i = 0; i != filter_count; ++i) + { filters[i] = new Botan::Hash_Filter("SHA-256"); + } pipe.append(new Botan::Threaded_Fork(filters, filter_count)); @@ -540,11 +543,12 @@ class Filter_Tests : public Test } pipe.end_msg(); - result.test_eq("Message count after end_msg", pipe.message_count(), 2+filter_count); + result.test_eq("Message count after end_msg", pipe.message_count(), 2 + filter_count); for(size_t i = 0; i != filter_count; ++i) - result.test_eq("Output " + std::to_string(i), - pipe.read_all(2+i), + { + result.test_eq("Output " + std::to_string(i), pipe.read_all(2 + i), "327AD8055223F5926693D8BEA40F7B35BDEEB535647DFB93F464E40EA01939A9"); + } #endif return result; } diff --git a/src/tests/test_fpe.cpp b/src/tests/test_fpe.cpp index a88b793c7..47070de86 100644 --- a/src/tests/test_fpe.cpp +++ b/src/tests/test_fpe.cpp @@ -7,7 +7,7 @@ #include "tests.h" #if defined(BOTAN_HAS_FPE_FE1) - #include <botan/fpe_fe1.h> + #include <botan/fpe_fe1.h> #endif namespace Botan_Tests { diff --git a/src/tests/test_fuzzer.cpp b/src/tests/test_fuzzer.cpp index 2be8e7c08..85dde5859 100644 --- a/src/tests/test_fuzzer.cpp +++ b/src/tests/test_fuzzer.cpp @@ -9,13 +9,13 @@ #include <botan/internal/filesystem.h> #if defined(BOTAN_HAS_X509_CERTIFICATES) - #include <botan/x509cert.h> - #include <botan/x509_crl.h> - #include <botan/base64.h> + #include <botan/x509cert.h> + #include <botan/x509_crl.h> + #include <botan/base64.h> #endif #if defined(BOTAN_HAS_PUBLIC_KEY_CRYPTO) - #include <botan/pkcs8.h> + #include <botan/pkcs8.h> #endif namespace Botan_Tests { @@ -57,7 +57,7 @@ class Fuzzer_Input_Tests : public Test return result; } - for(auto vec_file: files) + for(auto vec_file : files) { try { @@ -90,7 +90,7 @@ class Fuzzer_Input_Tests : public Test return result; } - for(auto vec_file: files) + for(auto vec_file : files) { auto start = std::chrono::steady_clock::now(); diff --git a/src/tests/test_gf2m.cpp b/src/tests/test_gf2m.cpp index 75bac705e..c8110034e 100644 --- a/src/tests/test_gf2m.cpp +++ b/src/tests/test_gf2m.cpp @@ -7,7 +7,7 @@ #include "tests.h" #if defined(BOTAN_HAS_MCELIECE) - #include <botan/gf2m_small_m.h> + #include <botan/gf2m_small_m.h> #endif namespace Botan_Tests { diff --git a/src/tests/test_gost_3410.cpp b/src/tests/test_gost_3410.cpp index 55750d416..bc036e037 100644 --- a/src/tests/test_gost_3410.cpp +++ b/src/tests/test_gost_3410.cpp @@ -7,9 +7,9 @@ #include "tests.h" #if defined(BOTAN_HAS_GOST_34_10_2001) - #include <botan/gost_3410.h> - #include <botan/oids.h> - #include "test_pubkey.h" + #include <botan/gost_3410.h> + #include <botan/oids.h> + #include "test_pubkey.h" #endif namespace Botan_Tests { @@ -22,10 +22,9 @@ class GOST_3410_2001_Verification_Tests : public PK_Signature_Verification_Test { public: GOST_3410_2001_Verification_Tests() : PK_Signature_Verification_Test( - "GOST 34.10-2001", - "pubkey/gost_3410_verify.vec", - "Group,Pubkey,Hash,Msg,Signature") - {} + "GOST 34.10-2001", + "pubkey/gost_3410_verify.vec", + "Group,Pubkey,Hash,Msg,Signature") {} std::unique_ptr<Botan::Public_Key> load_public_key(const VarMap& vars) override { @@ -47,10 +46,9 @@ class GOST_3410_2001_Signature_Tests : public PK_Signature_Generation_Test { public: GOST_3410_2001_Signature_Tests() : PK_Signature_Generation_Test( - "GOST 34.10-2001", - "pubkey/gost_3410_sign.vec", - "Group,Privkey,Hash,Nonce,Msg,Signature") - {} + "GOST 34.10-2001", + "pubkey/gost_3410_sign.vec", + "Group,Privkey,Hash,Nonce,Msg,Signature") {} std::unique_ptr<Botan::Private_Key> load_private_key(const VarMap& vars) override { @@ -76,8 +74,14 @@ class GOST_3410_2001_Signature_Tests : public PK_Signature_Generation_Test class GOST_3410_2001_Keygen_Tests : public PK_Key_Generation_Test { public: - std::vector<std::string> keygen_params() const override { return { "gost_256A", "secp256r1" }; } - std::string algo_name() const override { return "GOST-34.10"; } + std::vector<std::string> keygen_params() const override + { + return { "gost_256A", "secp256r1" }; + } + std::string algo_name() const override + { + return "GOST-34.10"; + } }; BOTAN_REGISTER_TEST("gost_3410_verify", GOST_3410_2001_Verification_Tests); diff --git a/src/tests/test_hash.cpp b/src/tests/test_hash.cpp index 6584a20d1..9c6051f49 100644 --- a/src/tests/test_hash.cpp +++ b/src/tests/test_hash.cpp @@ -37,7 +37,7 @@ class Hash_Function_Tests : public Text_Based_Test return result; } - for(auto&& provider_ask : providers) + for(auto const& provider_ask : providers) { std::unique_ptr<Botan::HashFunction> hash(Botan::HashFunction::create(algo, provider_ask)); diff --git a/src/tests/test_kdf.cpp b/src/tests/test_kdf.cpp index 2d58914fe..ef0d71fbb 100644 --- a/src/tests/test_kdf.cpp +++ b/src/tests/test_kdf.cpp @@ -7,7 +7,7 @@ #include "tests.h" #if defined(BOTAN_HAS_KDF_BASE) - #include <botan/kdf.h> + #include <botan/kdf.h> #endif namespace Botan_Tests { @@ -18,10 +18,7 @@ namespace { class KDF_KAT_Tests : public Text_Based_Test { public: - KDF_KAT_Tests() : Text_Based_Test("kdf", - "OutputLen,Salt,Secret,Label,Output", - "IKM,XTS") - {} + KDF_KAT_Tests() : Text_Based_Test("kdf", "OutputLen,Salt,Secret,Label,Output", "IKM,XTS") {} Test::Result run_one_test(const std::string& kdf_name, const VarMap& vars) override { diff --git a/src/tests/test_keywrap.cpp b/src/tests/test_keywrap.cpp index 46f37d4dd..3a036ba8f 100644 --- a/src/tests/test_keywrap.cpp +++ b/src/tests/test_keywrap.cpp @@ -9,7 +9,7 @@ #include <botan/hex.h> #if defined(BOTAN_HAS_RFC3394_KEYWRAP) - #include <botan/rfc3394.h> + #include <botan/rfc3394.h> #endif namespace Botan_Tests { diff --git a/src/tests/test_mac.cpp b/src/tests/test_mac.cpp index 2e12ee6ed..fd1c920ec 100644 --- a/src/tests/test_mac.cpp +++ b/src/tests/test_mac.cpp @@ -8,7 +8,7 @@ #include "tests.h" #if defined(BOTAN_HAS_MAC) - #include <botan/mac.h> + #include <botan/mac.h> #endif namespace Botan_Tests { @@ -44,7 +44,7 @@ class Message_Auth_Tests : public Text_Based_Test return result; } - for(auto&& provider_ask : providers) + for(auto const& provider_ask : providers) { std::unique_ptr<Botan::MessageAuthenticationCode> mac(Botan::MessageAuthenticationCode::create(algo, provider_ask)); @@ -67,8 +67,8 @@ class Message_Auth_Tests : public Text_Based_Test result.test_eq(provider, "correct mac", mac->final(), expected); // Test to make sure clear() resets what we need it to - mac->set_key( key ); - mac->update( "some discarded input"); + mac->set_key(key); + mac->update("some discarded input"); mac->clear(); // do the same to test verify_mac() @@ -92,7 +92,7 @@ class Message_Auth_Tests : public Text_Based_Test mac->update(input[0]); mac->update(&input[1], input.size() - 2); - mac->update(input[input.size()-1]); + mac->update(input[input.size() - 1]); result.test_eq(provider, "split mac", mac->final(), expected); diff --git a/src/tests/test_mceliece.cpp b/src/tests/test_mceliece.cpp index c8203e474..ad5fc9055 100644 --- a/src/tests/test_mceliece.cpp +++ b/src/tests/test_mceliece.cpp @@ -10,20 +10,20 @@ #if defined(BOTAN_HAS_MCELIECE) -#include <botan/mceliece.h> -#include <botan/pubkey.h> -#include <botan/oids.h> -#include <botan/loadstor.h> -#include <botan/hash.h> -#include <botan/hex.h> + #include <botan/mceliece.h> + #include <botan/pubkey.h> + #include <botan/oids.h> + #include <botan/loadstor.h> + #include <botan/hash.h> + #include <botan/hex.h> -#if defined(BOTAN_HAS_HMAC_DRBG) - #include <botan/hmac_drbg.h> -#endif + #if defined(BOTAN_HAS_HMAC_DRBG) + #include <botan/hmac_drbg.h> + #endif -#if defined(BOTAN_HAS_MCEIES) - #include <botan/mceies.h> -#endif + #if defined(BOTAN_HAS_MCEIES) + #include <botan/mceies.h> + #endif #endif @@ -37,12 +37,11 @@ namespace { class McEliece_Keygen_Encrypt_Test : public Text_Based_Test { public: - McEliece_Keygen_Encrypt_Test() : - Text_Based_Test("pubkey/mce.vec", - "McElieceSeed,KeyN,KeyT,PublicKeyFingerprint,PrivateKeyFingerprint," - "EncryptPRNGSeed,SharedKey,Ciphertext", - "") - {} + McEliece_Keygen_Encrypt_Test() + : Text_Based_Test("pubkey/mce.vec", + "McElieceSeed,KeyN,KeyT,PublicKeyFingerprint,PrivateKeyFingerprint," + "EncryptPRNGSeed,SharedKey,Ciphertext", + "") {} Test::Result run_one_test(const std::string&, const VarMap& vars) override { @@ -127,7 +126,9 @@ class McEliece_Tests : public Test { std::unique_ptr<Botan::HashFunction> hash(Botan::HashFunction::create(hash_algo)); if(!hash) + { throw Test_Error("Hash " + hash_algo + " not available"); + } hash->update(key.private_key_bits()); return Botan::hex_encode(hash->final()); @@ -137,7 +138,9 @@ class McEliece_Tests : public Test { std::unique_ptr<Botan::HashFunction> hash(Botan::HashFunction::create(hash_algo)); if(!hash) + { throw Test_Error("Hash " + hash_algo + " not available"); + } hash->update(key.public_key_bits()); return Botan::hex_encode(hash->final()); @@ -147,18 +150,23 @@ class McEliece_Tests : public Test { struct keygen_params { size_t code_length, t_min, t_max; }; - const keygen_params param_sets[] = { { 256, 5, 15 }, - { 512, 5, 33 }, - { 1024, 15, 35 }, - { 2048, 33, 50 }, - { 6624, 110, 115 } }; + const keygen_params param_sets[] = + { + { 256, 5, 15 }, + { 512, 5, 33 }, + { 1024, 15, 35 }, + { 2048, 33, 50 }, + { 6624, 110, 115 } + }; std::vector<Test::Result> results; - for(size_t i = 0; i < sizeof(param_sets)/sizeof(param_sets[0]); ++i) + for(size_t i = 0; i < sizeof(param_sets) / sizeof(param_sets[0]); ++i) { if(Test::run_long_tests() == false && param_sets[i].code_length >= 2048) + { continue; + } for(size_t t = param_sets[i].t_min; t <= param_sets[i].t_max; ++t) { diff --git a/src/tests/test_modes.cpp b/src/tests/test_modes.cpp index 63edba5f1..74b04f7ac 100644 --- a/src/tests/test_modes.cpp +++ b/src/tests/test_modes.cpp @@ -8,7 +8,7 @@ #include "tests.h" #if defined(BOTAN_HAS_MODES) - #include <botan/cipher_mode.h> + #include <botan/cipher_mode.h> #endif namespace Botan_Tests { @@ -18,9 +18,8 @@ namespace Botan_Tests { class Cipher_Mode_Tests : public Text_Based_Test { public: - Cipher_Mode_Tests() : - Text_Based_Test("modes", "Key,Nonce,In,Out") - {} + Cipher_Mode_Tests() + : Text_Based_Test("modes", "Key,Nonce,In,Out") {} std::vector<std::string> possible_providers(const std::string& algo) override { @@ -47,9 +46,9 @@ class Cipher_Mode_Tests : public Text_Based_Test for(auto&& provider_ask : providers) { std::unique_ptr<Botan::Cipher_Mode> enc(Botan::get_cipher_mode( - algo, Botan::ENCRYPTION, provider_ask)); + algo, Botan::ENCRYPTION, provider_ask)); std::unique_ptr<Botan::Cipher_Mode> dec(Botan::get_cipher_mode( - algo, Botan::DECRYPTION, provider_ask)); + algo, Botan::DECRYPTION, provider_ask)); if(!enc || !dec) { diff --git a/src/tests/test_mp.cpp b/src/tests/test_mp.cpp index cbaf465a4..16ca8b4ab 100644 --- a/src/tests/test_mp.cpp +++ b/src/tests/test_mp.cpp @@ -7,7 +7,7 @@ #include "tests.h" #if defined(BOTAN_HAS_BIGINT_MP) - #include <botan/internal/mp_core.h> + #include <botan/internal/mp_core.h> #endif namespace Botan_Tests { @@ -132,7 +132,7 @@ class MP_Unit_Tests : public Test for(size_t i = 0; i != 4; ++i) { - result.test_int_eq(x5[i], 3-i, "Swap x5"); + result.test_int_eq(x5[i], 3 - i, "Swap x5"); } result.test_int_eq(x5[4], 4, "Not touched"); diff --git a/src/tests/test_name_constraint.cpp b/src/tests/test_name_constraint.cpp index 11336bb1f..4fc6f437d 100644 --- a/src/tests/test_name_constraint.cpp +++ b/src/tests/test_name_constraint.cpp @@ -7,8 +7,8 @@ #include "tests.h" #if defined(BOTAN_HAS_X509_CERTIFICATES) - #include <botan/x509path.h> - #include <botan/calendar.h> + #include <botan/x509path.h> + #include <botan/calendar.h> #endif #include <algorithm> @@ -30,45 +30,46 @@ class Name_Constraint_Tests : public Test public: std::vector<Test::Result> run() override { - const std::vector<std::tuple<std::string,std::string,std::string,std::string>> test_cases = { - std::make_tuple( - "Root_Email_Name_Constraint.crt", - "Invalid_Email_Name_Constraint.crt", - "Invalid Email Name Constraint", - "Certificate does not pass name constraint"), - std::make_tuple( - "Root_DN_Name_Constraint.crt", - "Invalid_DN_Name_Constraint.crt", - "Invalid DN Name Constraint", - "Certificate does not pass name constraint"), - std::make_tuple( - "Root_DN_Name_Constraint.crt", - "Valid_DN_Name_Constraint.crt", - "Valid DN Name Constraint", - "Verified"), - std::make_tuple( - "Root_DNS_Name_Constraint.crt", - "Valid_DNS_Name_Constraint.crt", - "aexample.com", - "Verified"), - std::make_tuple( - "Root_IP_Name_Constraint.crt", - "Valid_IP_Name_Constraint.crt", - "Valid IP Name Constraint", - "Verified"), - std::make_tuple( - "Root_IP_Name_Constraint.crt", - "Invalid_IP_Name_Constraint.crt", - "Invalid IP Name Constraint", - "Certificate does not pass name constraint"), - }; + const std::vector<std::tuple<std::string, std::string, std::string, std::string>> test_cases = + { + std::make_tuple( + "Root_Email_Name_Constraint.crt", + "Invalid_Email_Name_Constraint.crt", + "Invalid Email Name Constraint", + "Certificate does not pass name constraint"), + std::make_tuple( + "Root_DN_Name_Constraint.crt", + "Invalid_DN_Name_Constraint.crt", + "Invalid DN Name Constraint", + "Certificate does not pass name constraint"), + std::make_tuple( + "Root_DN_Name_Constraint.crt", + "Valid_DN_Name_Constraint.crt", + "Valid DN Name Constraint", + "Verified"), + std::make_tuple( + "Root_DNS_Name_Constraint.crt", + "Valid_DNS_Name_Constraint.crt", + "aexample.com", + "Verified"), + std::make_tuple( + "Root_IP_Name_Constraint.crt", + "Valid_IP_Name_Constraint.crt", + "Valid IP Name Constraint", + "Verified"), + std::make_tuple( + "Root_IP_Name_Constraint.crt", + "Invalid_IP_Name_Constraint.crt", + "Invalid IP Name Constraint", + "Certificate does not pass name constraint"), + }; std::vector<Test::Result> results; const Botan::Path_Validation_Restrictions restrictions(false, 80); std::chrono::system_clock::time_point validation_time = - Botan::calendar_point(2016,10,21,4,20,0).to_std_timepoint(); + Botan::calendar_point(2016, 10, 21, 4, 20, 0).to_std_timepoint(); - for(const auto& t: test_cases) + for(const auto& t : test_cases) { Botan::X509_Certificate root(Test::data_file("name_constraint/" + std::get<0>(t))); Botan::X509_Certificate sub(Test::data_file("name_constraint/" + std::get<1>(t))); @@ -77,11 +78,13 @@ class Name_Constraint_Tests : public Test trusted.add_certificate(root); Botan::Path_Validation_Result path_result = Botan::x509_path_validate( - sub, restrictions, trusted, std::get<2>(t), Botan::Usage_Type::TLS_SERVER_AUTH, - validation_time); + sub, restrictions, trusted, std::get<2>(t), Botan::Usage_Type::TLS_SERVER_AUTH, + validation_time); if(path_result.successful_validation() && path_result.trust_root() != root) + { path_result = Botan::Path_Validation_Result(Botan::Certificate_Status_Code::CANNOT_ESTABLISH_TRUST); + } result.test_eq("validation result", path_result.result_string(), std::get<3>(t)); results.push_back(result); diff --git a/src/tests/test_newhope.cpp b/src/tests/test_newhope.cpp index ddd5a8101..112b1f4a7 100644 --- a/src/tests/test_newhope.cpp +++ b/src/tests/test_newhope.cpp @@ -7,10 +7,10 @@ #include "tests.h" #if defined(BOTAN_HAS_NEWHOPE) && defined(BOTAN_HAS_CHACHA) - #include <botan/newhope.h> - #include <botan/sha3.h> - #include <botan/chacha.h> - #include <botan/rng.h> + #include <botan/newhope.h> + #include <botan/sha3.h> + #include <botan/chacha.h> + #include <botan/rng.h> #endif namespace Botan_Tests { @@ -20,15 +20,23 @@ namespace Botan_Tests { class NEWHOPE_RNG : public Botan::RandomNumberGenerator { public: - std::string name() const override { return "NEWHOPE_RNG"; } - void clear() override { /* ignored */ } + std::string name() const override + { + return "NEWHOPE_RNG"; + } + void clear() override + { + /* ignored */ + } void randomize(uint8_t out[], size_t len) override { if(m_first.size() == len) { if(len != 32) + { throw Test_Error("NEWHOPE_RNG called in unexpected way, bad test?"); + } Botan::copy_mem(out, m_first.data(), m_first.size()); return; @@ -58,9 +66,15 @@ class NEWHOPE_RNG : public Botan::RandomNumberGenerator m_chacha.set_iv(nonce, 8); } - bool is_seeded() const override { return true; } + bool is_seeded() const override + { + return true; + } - void add_entropy(const uint8_t[], size_t) override { /* ignored */ } + void add_entropy(const uint8_t[], size_t) override + { + /* ignored */ + } NEWHOPE_RNG(const std::vector<uint8_t>& seed) { @@ -89,10 +103,10 @@ class NEWHOPE_RNG : public Botan::RandomNumberGenerator class NEWHOPE_Tests : public Text_Based_Test { public: - NEWHOPE_Tests() : Text_Based_Test( - "pubkey/newhope.vec", - "DRBG_SeedA,H_OutputA,DRBG_SeedB,H_OutputB,SharedKey") - {} + NEWHOPE_Tests() + : Text_Based_Test( + "pubkey/newhope.vec", + "DRBG_SeedA,H_OutputA,DRBG_SeedB,H_OutputB,SharedKey") {} Test::Result run_one_test(const std::string&, const VarMap& vars) override { diff --git a/src/tests/test_ocb.cpp b/src/tests/test_ocb.cpp index c477ed3a3..3b056fd12 100644 --- a/src/tests/test_ocb.cpp +++ b/src/tests/test_ocb.cpp @@ -7,8 +7,8 @@ #include "tests.h" #if defined(BOTAN_HAS_AEAD_OCB) - #include <botan/ocb.h> - #include <botan/loadstor.h> + #include <botan/ocb.h> + #include <botan/loadstor.h> #endif namespace Botan_Tests { @@ -20,8 +20,9 @@ namespace { class OCB_Long_KAT_Tests : public Text_Based_Test { public: - OCB_Long_KAT_Tests() : Text_Based_Test("ocb_long.vec", - "Keylen,Taglen,Output") {} + OCB_Long_KAT_Tests() + : Text_Based_Test("ocb_long.vec", + "Keylen,Taglen,Output") {} Test::Result run_one_test(const std::string&, const VarMap& vars) override { @@ -45,8 +46,8 @@ class OCB_Long_KAT_Tests : public Text_Based_Test Botan::OCB_Encryption enc(aes->clone(), taglen / 8); Botan::OCB_Decryption dec(aes->clone(), taglen / 8); - std::vector<uint8_t> key(keylen/8); - key[keylen/8-1] = taglen; + std::vector<uint8_t> key(keylen / 8); + key[keylen / 8 - 1] = taglen; enc.set_key(key); dec.set_key(key); @@ -59,12 +60,12 @@ class OCB_Long_KAT_Tests : public Text_Based_Test { const std::vector<uint8_t> S(i); - Botan::store_be(static_cast<uint32_t>(3*i+1), &N[8]); + Botan::store_be(static_cast<uint32_t>(3 * i + 1), &N[8]); ocb_encrypt(result, C, enc, dec, N, S, S); - Botan::store_be(static_cast<uint32_t>(3*i+2), &N[8]); + Botan::store_be(static_cast<uint32_t>(3 * i + 2), &N[8]); ocb_encrypt(result, C, enc, dec, N, S, empty); - Botan::store_be(static_cast<uint32_t>(3*i+3), &N[8]); + Botan::store_be(static_cast<uint32_t>(3 * i + 3), &N[8]); ocb_encrypt(result, C, enc, dec, N, empty, S); } @@ -118,4 +119,3 @@ BOTAN_REGISTER_TEST("ocb_long", OCB_Long_KAT_Tests); } } - diff --git a/src/tests/test_ocsp.cpp b/src/tests/test_ocsp.cpp index 587977149..18708ddf6 100644 --- a/src/tests/test_ocsp.cpp +++ b/src/tests/test_ocsp.cpp @@ -7,10 +7,10 @@ #include "tests.h" #if defined(BOTAN_HAS_OCSP) - #include <botan/ocsp.h> - #include <botan/x509path.h> - #include <botan/certstor.h> - #include <botan/calendar.h> + #include <botan/ocsp.h> + #include <botan/x509path.h> + #include <botan/certstor.h> + #include <botan/calendar.h> #endif namespace Botan_Tests { @@ -25,7 +25,9 @@ class OCSP_Tests : public Test const std::string fsname = Test::data_file(path); std::ifstream file(fsname.c_str(), std::ios::binary); if(!file.good()) + { throw Test_Error("Error reading from " + fsname); + } std::vector<uint8_t> contents; @@ -36,7 +38,9 @@ class OCSP_Tests : public Test size_t got = file.gcount(); if(got == 0 && file.eof()) + { break; + } contents.insert(contents.end(), buf.data(), buf.data() + got); } @@ -59,11 +63,12 @@ class OCSP_Tests : public Test Test::Result result("OCSP response parsing"); // Simple parsing tests - const std::vector<std::string> ocsp_input_paths = { + const std::vector<std::string> ocsp_input_paths = + { "ocsp/resp1.der", "ocsp/resp2.der", "ocsp/resp3.der" - }; + }; for(std::string ocsp_input_path : ocsp_input_paths) { @@ -99,7 +104,8 @@ class OCSP_Tests : public Test } - const std::string expected_request = "ME4wTKADAgEAMEUwQzBBMAkGBSsOAwIaBQAEFPLgavmFih2NcJtJGSN6qbUaKH5kBBRK3QYWG7z2aLV29YG2u2IaulqBLwIIQkg+DF+RYMY="; + const std::string expected_request = + "ME4wTKADAgEAMEUwQzBBMAkGBSsOAwIaBQAEFPLgavmFih2NcJtJGSN6qbUaKH5kBBRK3QYWG7z2aLV29YG2u2IaulqBLwIIQkg+DF+RYMY="; const Botan::OCSP::Request req1(issuer, end_entity); result.test_eq("Encoded OCSP request", @@ -130,13 +136,8 @@ class OCSP_Tests : public Test certstore.add_certificate(trust_root); // Some arbitrary time within the validity period of the test certs - const auto valid_time = Botan::calendar_point(2016,11,20,8,30,0).to_std_timepoint(); - - std::vector<std::set<Botan::Certificate_Status_Code>> ocsp_status = Botan::PKIX::check_ocsp( - cert_path, - { ocsp }, - { &certstore }, - valid_time); + const auto valid_time = Botan::calendar_point(2016, 11, 20, 8, 30, 0).to_std_timepoint(); + const auto ocsp_status = Botan::PKIX::check_ocsp(cert_path, { ocsp }, { &certstore }, valid_time); if(result.test_eq("Expected size of ocsp_status", ocsp_status.size(), 1)) { @@ -164,12 +165,9 @@ class OCSP_Tests : public Test Botan::Certificate_Store_In_Memory certstore; certstore.add_certificate(trust_root); - std::vector<std::set<Botan::Certificate_Status_Code>> ocsp_status = Botan::PKIX::check_ocsp_online( - cert_path, - { &certstore }, - std::chrono::system_clock::now(), - std::chrono::milliseconds(3000), - true); + typedef std::chrono::system_clock Clock; + const auto ocspTimeout = std::chrono::milliseconds(3000); + auto ocsp_status = Botan::PKIX::check_ocsp_online(cert_path, { &certstore }, Clock::now(), ocspTimeout, true); if(result.test_eq("Expected size of ocsp_status", ocsp_status.size(), 2)) { @@ -198,7 +196,9 @@ class OCSP_Tests : public Test #if defined(BOTAN_HAS_ONLINE_REVOCATION_CHECKS) if(Test::run_online_tests()) + { results.push_back(test_online_request()); + } #endif return results; diff --git a/src/tests/test_os_utils.cpp b/src/tests/test_os_utils.cpp index 5153338d7..881f65a56 100644 --- a/src/tests/test_os_utils.cpp +++ b/src/tests/test_os_utils.cpp @@ -11,7 +11,7 @@ // For __ud2 intrinsic #if defined(BOTAN_TARGET_COMPILER_IS_MSVC) - #include <intrin.h> + #include <intrin.h> #endif namespace Botan_Tests { @@ -78,9 +78,13 @@ class OS_Utils_Tests : public Test uint64_t proc_ts2 = Botan::OS::get_processor_timestamp(); if(proc_ts1 == 0) + { result.test_is_eq("Disabled processor timestamp stays at zero", proc_ts1, proc_ts2); + } else + { result.confirm("Processor timestamp does not duplicate", proc_ts1 != proc_ts2); + } return result; } @@ -180,7 +184,7 @@ class OS_Utils_Tests : public Test return result; } -}; + }; BOTAN_REGISTER_TEST("os_utils", OS_Utils_Tests); diff --git a/src/tests/test_package_transform.cpp b/src/tests/test_package_transform.cpp index 6ad6c51c7..880f2ac50 100644 --- a/src/tests/test_package_transform.cpp +++ b/src/tests/test_package_transform.cpp @@ -7,7 +7,7 @@ #include "tests.h" #if defined(BOTAN_HAS_PACKAGE_TRANSFORM) - #include <botan/package.h> + #include <botan/package.h> #endif namespace Botan_Tests { @@ -51,7 +51,7 @@ class Package_Transform_Tests : public Test // More tests including KATs would be useful for these functions - return std::vector<Test::Result>{result}; + return std::vector<Test::Result> {result}; } }; diff --git a/src/tests/test_pad.cpp b/src/tests/test_pad.cpp index 1eb8b615f..592ae660b 100644 --- a/src/tests/test_pad.cpp +++ b/src/tests/test_pad.cpp @@ -17,9 +17,7 @@ namespace Botan_Tests { class Cipher_Mode_Padding_Tests : public Text_Based_Test { public: - Cipher_Mode_Padding_Tests() : - Text_Based_Test("pad.vec", "In,Blocksize", "Out") - {} + Cipher_Mode_Padding_Tests() : Text_Based_Test("pad.vec", "In,Blocksize", "Out") {} Test::Result run_one_test(const std::string& header, const VarMap& vars) override { @@ -32,8 +30,10 @@ class Cipher_Mode_Padding_Tests : public Text_Based_Test auto underscore = algo.find('_'); if(underscore != std::string::npos) { - if(algo.substr(underscore+1,std::string::npos) != "Invalid") + if(algo.substr(underscore + 1, std::string::npos) != "Invalid") + { throw Test_Error("Unexpected padding header " + header); + } algo = algo.substr(0, underscore); } diff --git a/src/tests/test_passhash.cpp b/src/tests/test_passhash.cpp index 6eae25f8d..5497e35fc 100644 --- a/src/tests/test_passhash.cpp +++ b/src/tests/test_passhash.cpp @@ -7,11 +7,11 @@ #include "tests.h" #if defined(BOTAN_HAS_BCRYPT) - #include <botan/bcrypt.h> + #include <botan/bcrypt.h> #endif #if defined(BOTAN_HAS_PASSHASH9) - #include <botan/passhash9.h> + #include <botan/passhash9.h> #endif namespace Botan_Tests { diff --git a/src/tests/test_pbkdf.cpp b/src/tests/test_pbkdf.cpp index a4db5d8e0..bd2fd8f89 100644 --- a/src/tests/test_pbkdf.cpp +++ b/src/tests/test_pbkdf.cpp @@ -7,7 +7,7 @@ #include "tests.h" #if defined(BOTAN_HAS_PBKDF) - #include <botan/pbkdf.h> + #include <botan/pbkdf.h> #endif namespace Botan_Tests { @@ -18,9 +18,7 @@ namespace { class PBKDF_KAT_Tests : public Text_Based_Test { public: - PBKDF_KAT_Tests() : Text_Based_Test("pbkdf", - "OutputLen,Iterations,Salt,Passphrase,Output") - {} + PBKDF_KAT_Tests() : Text_Based_Test("pbkdf", "OutputLen,Iterations,Salt,Passphrase,Output") {} Test::Result run_one_test(const std::string& pbkdf_name, const VarMap& vars) override { diff --git a/src/tests/test_pk_pad.cpp b/src/tests/test_pk_pad.cpp index 33277da2b..f802bf048 100644 --- a/src/tests/test_pk_pad.cpp +++ b/src/tests/test_pk_pad.cpp @@ -7,8 +7,8 @@ #include "tests.h" #if defined(BOTAN_HAS_PK_PADDING) - #include <botan/emsa.h> - #include <botan/eme.h> + #include <botan/emsa.h> + #include <botan/eme.h> #endif namespace Botan_Tests { @@ -18,10 +18,11 @@ namespace Botan_Tests { class EME_Decoding_Tests : public Text_Based_Test { public: - EME_Decoding_Tests() : - Text_Based_Test("pk_pad_eme", - "RawCiphertext,ValidInput", - "Plaintext") {} + EME_Decoding_Tests() + : Text_Based_Test( + "pk_pad_eme", + "RawCiphertext,ValidInput", + "Plaintext") {} Test::Result run_one_test(const std::string& algo, const VarMap& vars) override { @@ -44,7 +45,9 @@ class EME_Decoding_Tests : public Text_Based_Test const bool is_valid = get_req_bool(vars, "ValidInput"); if(is_valid == false) + { result.test_eq("Plaintext value is empty for invalid EME inputs", plaintext.size(), 0); + } uint8_t valid_mask = 0; Botan::secure_vector<uint8_t> decoded = @@ -69,5 +72,3 @@ BOTAN_REGISTER_TEST("pk_pad_eme", EME_Decoding_Tests); #endif } - - diff --git a/src/tests/test_pkcs11.cpp b/src/tests/test_pkcs11.cpp index 85110cabf..289e34466 100644 --- a/src/tests/test_pkcs11.cpp +++ b/src/tests/test_pkcs11.cpp @@ -7,7 +7,7 @@ #include "test_pkcs11.h" namespace Botan_Tests { - + #if defined(BOTAN_HAS_PKCS11) using namespace Botan; diff --git a/src/tests/test_pkcs11_high_level.cpp b/src/tests/test_pkcs11_high_level.cpp index 5944a2b1d..0a170fda9 100644 --- a/src/tests/test_pkcs11_high_level.cpp +++ b/src/tests/test_pkcs11_high_level.cpp @@ -80,7 +80,10 @@ class TestSession m_session->login(UserType::User, PIN_SECVEC); } } - inline Session& session() const { return *m_session; } + inline Session& session() const + { + return *m_session; + } private: std::unique_ptr<Module> m_module = nullptr; @@ -565,7 +568,7 @@ Test::Result test_object_finder() Object obj_found(test_session.session(), search_result.at(0)); result.test_eq("found the object just created (same application)", - obj_found.get_attribute_value(AttributeType::Application) , data_obj.get_attribute_value(AttributeType::Application)); + obj_found.get_attribute_value(AttributeType::Application), data_obj.get_attribute_value(AttributeType::Application)); auto search_result2 = Object::search<Object>(test_session.session(), search_template.attributes()); result.test_eq("found the object just created (same label)", obj_found.get_attribute_value(AttributeType::Label), @@ -623,10 +626,10 @@ class Object_Tests : public PKCS11_Test { test_attribute_container #if defined(BOTAN_HAS_ASN1) - ,test_create_destroy_data_object - ,test_get_set_attribute_values - ,test_object_finder - ,test_object_copy + , test_create_destroy_data_object + , test_get_set_attribute_values + , test_object_finder + , test_object_copy #endif }; @@ -793,7 +796,7 @@ Test::Result test_rsa_encrypt_decrypt() // generate key pair PKCS11_RSA_KeyPair keypair = generate_rsa_keypair(test_session); - auto encrypt_and_decrypt = [&keypair, &result](const std::vector<uint8_t>& plaintext, const std::string& padding) -> void + auto encrypt_and_decrypt = [&keypair, &result](const std::vector<uint8_t>& plaintext, const std::string& padding) { Botan::PK_Encryptor_EME encryptor(keypair.first, Test::rng(), padding, "pkcs11"); auto encrypted = encryptor.encrypt(plaintext, Test::rng()); @@ -833,11 +836,11 @@ Test::Result test_rsa_sign_verify() std::vector<uint8_t> plaintext(256); std::iota(std::begin(plaintext), std::end(plaintext), 0); - auto sign_and_verify = [&keypair, &plaintext, &result](const std::string& emsa, bool multipart) -> void + auto sign_and_verify = [&keypair, &plaintext, &result](std::string const& emsa, bool multipart) { Botan::PK_Signer signer(keypair.second, Test::rng(), emsa, Botan::IEEE_1363, "pkcs11"); std::vector<uint8_t> signature; - if ( multipart ) + if(multipart) { signer.update(plaintext.data(), plaintext.size() / 2); signature = signer.sign_message(plaintext.data() + plaintext.size() / 2, plaintext.size() / 2, Test::rng()); @@ -847,13 +850,13 @@ Test::Result test_rsa_sign_verify() signature = signer.sign_message(plaintext, Test::rng()); } - Botan::PK_Verifier verifier(keypair.first, emsa, Botan::IEEE_1363, "pkcs11"); bool rsa_ok = false; - if ( multipart ) + if(multipart) { verifier.update(plaintext.data(), plaintext.size() / 2); - rsa_ok = verifier.verify_message(plaintext.data() + plaintext.size() / 2, plaintext.size() / 2, signature.data(), signature.size()); + rsa_ok = verifier.verify_message(plaintext.data() + plaintext.size() / 2, plaintext.size() / 2, + signature.data(), signature.size()); } else { @@ -1094,7 +1097,7 @@ Test::Result test_ecdsa_sign_verify() std::vector<uint8_t> plaintext(20, 0x01); - auto sign_and_verify = [ &keypair, &plaintext, &result ](const std::string& emsa) -> void + auto sign_and_verify = [ &keypair, &plaintext, &result ](const std::string& emsa) { Botan::PK_Signer signer(keypair.second, Test::rng(), emsa, Botan::IEEE_1363, "pkcs11"); auto signature = signer.sign_message(plaintext, Test::rng()); @@ -1436,9 +1439,9 @@ class PKCS11_RNG_Tests : public PKCS11_Test std::vector<std::function<Test::Result()>> fns = { test_rng_generate_random - ,test_rng_add_entropy + , test_rng_add_entropy #if defined(BOTAN_HAS_HMAC_DRBG )&& defined(BOTAN_HAS_SHA2_64) - ,test_pkcs11_hmac_drbg + , test_pkcs11_hmac_drbg #endif }; diff --git a/src/tests/test_pkcs11_low_level.cpp b/src/tests/test_pkcs11_low_level.cpp index 289ff5995..01933b359 100644 --- a/src/tests/test_pkcs11_low_level.cpp +++ b/src/tests/test_pkcs11_low_level.cpp @@ -573,9 +573,9 @@ Test::Result test_c_set_pin() const secure_vector<uint8_t>& new_pin) -> PKCS11_BoundTestFunction { return std::bind(static_cast< bool (LowLevel::*)(SessionHandle, const secure_vector<uint8_t>&, - const secure_vector<uint8_t>&, ReturnValue*) const> - (&LowLevel::C_SetPIN<secure_allocator<uint8_t>>), *p11_low_level.get(), session_handle, - old_pin, new_pin, std::placeholders::_1); + const secure_vector<uint8_t>&, ReturnValue*) const> + (&LowLevel::C_SetPIN<secure_allocator<uint8_t>>), *p11_low_level.get(), session_handle, + old_pin, new_pin, std::placeholders::_1); }; const std::string test_pin("654321"); @@ -799,28 +799,28 @@ class LowLevelTests : public Test std::vector<std::function<Test::Result()>> fns = { test_c_get_function_list - ,test_low_level_ctor - ,test_initialize_finalize - ,test_c_get_info - ,test_c_get_slot_list - ,test_c_get_slot_info - ,test_c_get_token_info - ,test_c_wait_for_slot_event - ,test_c_get_mechanism_list - ,test_c_get_mechanism_info - ,test_open_close_session - ,test_c_close_all_sessions - ,test_c_get_session_info - ,test_c_init_token - ,test_c_login_logout_security_officier /* only possible if token is initialized */ - ,test_c_init_pin - ,test_c_login_logout_user /* only possible if token is initialized and user pin is set */ - ,test_c_set_pin - ,test_c_create_object_c_destroy_object - ,test_c_get_object_size - ,test_c_get_attribute_value - ,test_c_set_attribute_value - ,test_c_copy_object + , test_low_level_ctor + , test_initialize_finalize + , test_c_get_info + , test_c_get_slot_list + , test_c_get_slot_info + , test_c_get_token_info + , test_c_wait_for_slot_event + , test_c_get_mechanism_list + , test_c_get_mechanism_info + , test_open_close_session + , test_c_close_all_sessions + , test_c_get_session_info + , test_c_init_token + , test_c_login_logout_security_officier /* only possible if token is initialized */ + , test_c_init_pin + , test_c_login_logout_user /* only possible if token is initialized and user pin is set */ + , test_c_set_pin + , test_c_create_object_c_destroy_object + , test_c_get_object_size + , test_c_get_attribute_value + , test_c_set_attribute_value + , test_c_copy_object }; for(size_t i = 0; i != fns.size(); ++i) diff --git a/src/tests/test_pubkey.cpp b/src/tests/test_pubkey.cpp index d392437c9..95cff74a3 100644 --- a/src/tests/test_pubkey.cpp +++ b/src/tests/test_pubkey.cpp @@ -111,7 +111,7 @@ PK_Signature_Generation_Test::run_one_test(const std::string&, const VarMap& var std::vector<std::unique_ptr<Botan::PK_Verifier>> verifiers; - for(std::string verify_provider : possible_providers(algo_name())) + for(auto const& verify_provider : possible_providers(algo_name())) { std::unique_ptr<Botan::PK_Verifier> verifier; @@ -131,7 +131,7 @@ PK_Signature_Generation_Test::run_one_test(const std::string&, const VarMap& var verifiers.push_back(std::move(verifier)); } - for(auto&& sign_provider : possible_providers(algo_name())) + for(auto const& sign_provider : possible_providers(algo_name())) { std::unique_ptr<Botan::RandomNumberGenerator> rng; if(vars.count("Nonce")) @@ -185,7 +185,7 @@ PK_Signature_Verification_Test::run_one_test(const std::string&, const VarMap& v Test::Result result(algo_name() + "/" + padding + " signature verification"); - for(auto&& verify_provider : possible_providers(algo_name())) + for(auto const& verify_provider : possible_providers(algo_name())) { std::unique_ptr<Botan::PK_Verifier> verifier; @@ -215,7 +215,7 @@ PK_Signature_NonVerification_Test::run_one_test(const std::string&, const VarMap Test::Result result(algo_name() + "/" + padding + " verify invalid signature"); - for(auto&& verify_provider : possible_providers(algo_name())) + for(auto const& verify_provider : possible_providers(algo_name())) { std::unique_ptr<Botan::PK_Verifier> verifier; @@ -251,7 +251,7 @@ PK_Encryption_Decryption_Test::run_one_test(const std::string&, const VarMap& va std::vector<std::unique_ptr<Botan::PK_Decryptor>> decryptors; - for(auto&& dec_provider : possible_providers(algo_name())) + for(auto const& dec_provider : possible_providers(algo_name())) { std::unique_ptr<Botan::PK_Decryptor> decryptor; @@ -269,13 +269,13 @@ PK_Encryption_Decryption_Test::run_one_test(const std::string&, const VarMap& va } - for(auto&& enc_provider : possible_providers(algo_name())) + for(auto const& enc_provider : possible_providers(algo_name())) { std::unique_ptr<Botan::PK_Encryptor> encryptor; try { - encryptor.reset(new Botan::PK_Encryptor_EME(*pubkey, Test::rng(),padding, enc_provider)); + encryptor.reset(new Botan::PK_Encryptor_EME(*pubkey, Test::rng(), padding, enc_provider)); } catch(Botan::Lookup_Error&) { @@ -384,7 +384,7 @@ Test::Result PK_Key_Agreement_Test::run_one_test(const std::string& header, cons const size_t key_len = get_opt_sz(vars, "OutLen", 0); - for(auto&& provider : possible_providers(algo_name())) + for(auto const& provider : possible_providers(algo_name())) { std::unique_ptr<Botan::PK_Key_Agreement> kas; @@ -406,7 +406,7 @@ std::vector<Test::Result> PK_Key_Generation_Test::run() { std::vector<Test::Result> results; - for(auto&& param : keygen_params()) + for(auto const& param : keygen_params()) { const std::string report_name = algo_name() + (param.empty() ? param : " " + param); diff --git a/src/tests/test_pubkey.h b/src/tests/test_pubkey.h index 7709f51c7..88a3d1c45 100644 --- a/src/tests/test_pubkey.h +++ b/src/tests/test_pubkey.h @@ -21,14 +21,15 @@ class PK_Test : public Text_Based_Test { public: PK_Test(const std::string& algo, - const std::string& test_src, - const std::string& required_keys, - const std::string& optional_keys = {}) : - Text_Based_Test(test_src, required_keys, optional_keys), - m_algo(algo) - {} + const std::string& test_src, + const std::string& required_keys, + const std::string& optional_keys = {}) + : Text_Based_Test(test_src, required_keys, optional_keys), m_algo(algo) {} - std::string algo_name() const { return m_algo; } + std::string algo_name() const + { + return m_algo; + } protected: std::vector<std::string> possible_providers(const std::string&) override; @@ -43,8 +44,8 @@ class PK_Signature_Generation_Test : public PK_Test PK_Signature_Generation_Test(const std::string& algo, const std::string& test_src, const std::string& required_keys, - const std::string& optional_keys = "") : - PK_Test(algo, test_src, required_keys, optional_keys) {} + const std::string& optional_keys = "") + : PK_Test(algo, test_src, required_keys, optional_keys) {} virtual std::string default_padding(const VarMap&) const { @@ -68,8 +69,8 @@ class PK_Signature_Verification_Test : public PK_Test PK_Signature_Verification_Test(const std::string& algo, const std::string& test_src, const std::string& required_keys, - const std::string& optional_keys = "") : - PK_Test(algo, test_src, required_keys, optional_keys) {} + const std::string& optional_keys = "") + : PK_Test(algo, test_src, required_keys, optional_keys) {} virtual std::string default_padding(const VarMap&) const { @@ -87,10 +88,13 @@ class PK_Signature_NonVerification_Test : public PK_Test PK_Signature_NonVerification_Test(const std::string& algo, const std::string& test_src, const std::string& required_keys, - const std::string& optional_keys = "") : - PK_Test(algo, test_src, required_keys, optional_keys) {} + const std::string& optional_keys = "") + : PK_Test(algo, test_src, required_keys, optional_keys) {} - bool clear_between_callbacks() const override { return false; } + bool clear_between_callbacks() const override + { + return false; + } virtual std::string default_padding(const VarMap&) const { @@ -108,15 +112,18 @@ class PK_Encryption_Decryption_Test : public PK_Test PK_Encryption_Decryption_Test(const std::string& algo, const std::string& test_src, const std::string& required_keys, - const std::string& optional_keys = "") : - PK_Test(algo, test_src, required_keys, optional_keys) {} + const std::string& optional_keys = "") + : PK_Test(algo, test_src, required_keys, optional_keys) {} virtual std::unique_ptr<Botan::Private_Key> load_private_key(const VarMap& vars) = 0; - virtual std::string default_padding(const VarMap&) const { return "Raw"; } + virtual std::string default_padding(const VarMap&) const + { + return "Raw"; + } private: Test::Result run_one_test(const std::string& header, const VarMap& vars) override final; -}; + }; class PK_Key_Agreement_Test : public PK_Test { @@ -124,16 +131,19 @@ class PK_Key_Agreement_Test : public PK_Test PK_Key_Agreement_Test(const std::string& algo, const std::string& test_src, const std::string& required_keys, - const std::string& optional_keys = "") : - PK_Test(algo, test_src, required_keys, optional_keys) {} + const std::string& optional_keys = "") + : PK_Test(algo, test_src, required_keys, optional_keys) {} virtual std::unique_ptr<Botan::Private_Key> load_our_key(const std::string& header, - const VarMap& vars) = 0; + const VarMap& vars) = 0; virtual std::vector<uint8_t> load_their_key(const std::string& header, - const VarMap& vars) = 0; + const VarMap& vars) = 0; - virtual std::string default_kdf(const VarMap&) const { return "Raw"; } + virtual std::string default_kdf(const VarMap&) const + { + return "Raw"; + } private: Test::Result run_one_test(const std::string& header, const VarMap& vars) override final; @@ -145,8 +155,8 @@ class PK_KEM_Test : public PK_Test PK_KEM_Test(const std::string& algo, const std::string& test_src, const std::string& required_keys, - const std::string& optional_keys = "") : - PK_Test(algo, test_src, required_keys, optional_keys) {} + const std::string& optional_keys = "") + : PK_Test(algo, test_src, required_keys, optional_keys) {} virtual std::unique_ptr<Botan::Private_Key> load_private_key(const VarMap& vars) = 0; private: diff --git a/src/tests/test_rfc6979.cpp b/src/tests/test_rfc6979.cpp index e7605b580..a9992b4f2 100644 --- a/src/tests/test_rfc6979.cpp +++ b/src/tests/test_rfc6979.cpp @@ -7,8 +7,8 @@ #include "tests.h" #if defined(BOTAN_HAS_RFC6979_GENERATOR) - #include <botan/rfc6979.h> - #include <botan/hex.h> + #include <botan/rfc6979.h> + #include <botan/hex.h> #endif #include <botan/hash.h> @@ -46,7 +46,7 @@ class RFC6979_KAT_Tests : public Text_Based_Test Botan::RFC6979_Nonce_Generator gen(hash, Q, X); result.test_eq("vector matches", gen.nonce_for(H), K); - result.test_ne("different output for H+1", gen.nonce_for(H+1), K); + result.test_ne("different output for H+1", gen.nonce_for(H + 1), K); result.test_eq("vector matches when run again", gen.nonce_for(H), K); return result; diff --git a/src/tests/test_rng.cpp b/src/tests/test_rng.cpp index d057f0e55..ed432944a 100644 --- a/src/tests/test_rng.cpp +++ b/src/tests/test_rng.cpp @@ -9,20 +9,20 @@ #include "test_rng.h" #if defined(BOTAN_HAS_HMAC_DRBG) - #include <botan/hmac_drbg.h> + #include <botan/hmac_drbg.h> #endif #if defined(BOTAN_HAS_AUTO_RNG) - #include <botan/auto_rng.h> + #include <botan/auto_rng.h> #endif #if defined(BOTAN_HAS_ENTROPY_SOURCE) - #include <botan/entropy_src.h> + #include <botan/entropy_src.h> #endif #if defined(BOTAN_TARGET_OS_TYPE_IS_UNIX) - #include <unistd.h> - #include <sys/wait.h> + #include <unistd.h> + #include <sys/wait.h> #endif #include <iostream> @@ -36,9 +36,10 @@ namespace { class HMAC_DRBG_Tests : public Text_Based_Test { public: - HMAC_DRBG_Tests() : Text_Based_Test("hmac_drbg.vec", - "EntropyInput,EntropyInputReseed,Out", - "AdditionalInput1,AdditionalInput2") {} + HMAC_DRBG_Tests() + : Text_Based_Test("hmac_drbg.vec", + "EntropyInput,EntropyInputReseed,Out", + "AdditionalInput1,AdditionalInput2") {} Test::Result run_one_test(const std::string& algo, const VarMap& vars) override { @@ -83,7 +84,10 @@ class HMAC_DRBG_Unit_Tests : public Test class Broken_Entropy_Source : public Botan::Entropy_Source { public: - std::string name() const override { return "Broken Entropy Source"; } + std::string name() const override + { + return "Broken Entropy Source"; + } size_t poll(Botan::RandomNumberGenerator&) override { @@ -94,7 +98,10 @@ class HMAC_DRBG_Unit_Tests : public Test class Insufficient_Entropy_Source : public Botan::Entropy_Source { public: - std::string name() const override { return "Insufficient Entropy Source"; } + std::string name() const override + { + return "Insufficient Entropy Source"; + } size_t poll(Botan::RandomNumberGenerator&) override { @@ -107,7 +114,10 @@ class HMAC_DRBG_Unit_Tests : public Test public: Request_Counting_RNG() : m_randomize_count(0) {} - bool is_seeded() const override { return true; } + bool is_seeded() const override + { + return true; + } void clear() override { @@ -121,9 +131,15 @@ class HMAC_DRBG_Unit_Tests : public Test void add_entropy(const uint8_t[], size_t) override {} - std::string name() const override { return "Request_Counting_RNG"; } + std::string name() const override + { + return "Request_Counting_RNG"; + } - size_t randomize_count() { return m_randomize_count; } + size_t randomize_count() + { + return m_randomize_count; + } private: size_t m_randomize_count; @@ -144,14 +160,18 @@ class HMAC_DRBG_Unit_Tests : public Test Request_Counting_RNG counting_rng; Botan::HMAC_DRBG rng(std::move(mac), counting_rng, Botan::Entropy_Sources::global_sources(), 2); Botan::secure_vector<uint8_t> seed_input( - {0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77,0x88,0x99,0xAA,0xBB,0xCC,0xDD,0xEE,0xFF, - 0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77,0x88,0x99,0xAA,0xBB,0xCC,0xDD,0xEE,0xFF}); + { + 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF, + 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF + }); Botan::secure_vector<uint8_t> output_after_initialization( - {0x48,0xD3,0xB4,0x5A,0xAB,0x65,0xEF,0x92,0xCC,0xFC,0xB9,0x42,0x7E,0xF2,0x0C,0x90, - 0x29,0x70,0x65,0xEC,0xC1,0xB8,0xA5,0x25,0xBF,0xE4,0xDC,0x6F,0xF3,0x6D,0x0E,0x38}); + { + 0x48, 0xD3, 0xB4, 0x5A, 0xAB, 0x65, 0xEF, 0x92, 0xCC, 0xFC, 0xB9, 0x42, 0x7E, 0xF2, 0x0C, 0x90, + 0x29, 0x70, 0x65, 0xEC, 0xC1, 0xB8, 0xA5, 0x25, 0xBF, 0xE4, 0xDC, 0x6F, 0xF3, 0x6D, 0x0E, 0x38 + }); Botan::secure_vector<uint8_t> output_without_reseed( - {0xC4,0x90,0x04,0x5B,0x35,0x4F,0x50,0x09,0x68,0x45,0xF0,0x4B,0x11,0x03,0x58,0xF0}); - result.test_eq("is_seeded",rng.is_seeded(),false); + {0xC4, 0x90, 0x04, 0x5B, 0x35, 0x4F, 0x50, 0x09, 0x68, 0x45, 0xF0, 0x4B, 0x11, 0x03, 0x58, 0xF0}); + result.test_eq("is_seeded", rng.is_seeded(), false); rng.initialize_with(seed_input.data(), seed_input.size()); @@ -200,10 +220,10 @@ class HMAC_DRBG_Unit_Tests : public Test result.test_eq("still second reseed", counting_rng.randomize_count(), 3); // request > max_number_of_bits_per_request, do reseeds occur? - rng.random_vec(64*1024 + 1); + rng.random_vec(64 * 1024 + 1); result.test_eq("request exceeds output limit", counting_rng.randomize_count(), 4); - rng.random_vec(9*64*1024 + 1); + rng.random_vec(9 * 64 * 1024 + 1); result.test_eq("request exceeds output limit", counting_rng.randomize_count(), 9); return result; @@ -283,7 +303,7 @@ class HMAC_DRBG_Unit_Tests : public Test Botan::Null_RNG broken_entropy_input_rng; Botan::HMAC_DRBG rng_with_broken_rng(std::move(mac), broken_entropy_input_rng, reseed_interval); - result.test_throws("broken underlying rng", [&rng_with_broken_rng] () { rng_with_broken_rng.random_vec(16); }); + result.test_throws("broken underlying rng", [&rng_with_broken_rng]() { rng_with_broken_rng.random_vec(16); }); // entropy_sources throw exception std::unique_ptr<Broken_Entropy_Source> broken_entropy_source_1(new Broken_Entropy_Source()); @@ -295,7 +315,7 @@ class HMAC_DRBG_Unit_Tests : public Test mac = Botan::MessageAuthenticationCode::create("HMAC(SHA-256)"); Botan::HMAC_DRBG rng_with_broken_es(std::move(mac), broken_entropy_sources, reseed_interval); - result.test_throws("broken entropy sources", [&rng_with_broken_es] () { rng_with_broken_es.random_vec(16); }); + result.test_throws("broken entropy sources", [&rng_with_broken_es]() { rng_with_broken_es.random_vec(16); }); // entropy source returns insufficient entropy Botan::Entropy_Sources insufficient_entropy_sources; @@ -304,24 +324,25 @@ class HMAC_DRBG_Unit_Tests : public Test mac = Botan::MessageAuthenticationCode::create("HMAC(SHA-256)"); Botan::HMAC_DRBG rng_with_insufficient_es(std::move(mac), insufficient_entropy_sources, reseed_interval); - result.test_throws("insufficient entropy source", [&rng_with_insufficient_es] () { rng_with_insufficient_es.random_vec(16); }); + result.test_throws("insufficient entropy source", [&rng_with_insufficient_es]() { rng_with_insufficient_es.random_vec(16); }); // one of or both underlying_rng and entropy_sources throw exception mac = Botan::MessageAuthenticationCode::create("HMAC(SHA-256)"); Botan::HMAC_DRBG rng_with_broken_rng_and_es(std::move(mac), broken_entropy_input_rng, Botan::Entropy_Sources::global_sources(), reseed_interval); - result.test_throws("broken underlying rng but good entropy sources", [&rng_with_broken_rng_and_es] () - { rng_with_broken_rng_and_es.random_vec(16); }); + result.test_throws("broken underlying rng but good entropy sources", [&rng_with_broken_rng_and_es]() + { rng_with_broken_rng_and_es.random_vec(16); }); mac = Botan::MessageAuthenticationCode::create("HMAC(SHA-256)"); Botan::HMAC_DRBG rng_with_rng_and_broken_es(std::move(mac), Test::rng(), broken_entropy_sources, reseed_interval); - result.test_throws("good underlying rng but broken entropy sources", [&rng_with_rng_and_broken_es] () - { rng_with_rng_and_broken_es.random_vec(16); }); + result.test_throws("good underlying rng but broken entropy sources", [&rng_with_rng_and_broken_es]() + { rng_with_rng_and_broken_es.random_vec(16); }); mac = Botan::MessageAuthenticationCode::create("HMAC(SHA-256)"); - Botan::HMAC_DRBG rng_with_broken_rng_and_broken_es(std::move(mac), broken_entropy_input_rng, broken_entropy_sources, reseed_interval); - result.test_throws("underlying rng and entropy sources broken", [&rng_with_broken_rng_and_broken_es] () - { rng_with_broken_rng_and_broken_es.random_vec(16); }); + Botan::HMAC_DRBG rng_with_broken_rng_and_broken_es(std::move(mac), broken_entropy_input_rng, broken_entropy_sources, + reseed_interval); + result.test_throws("underlying rng and entropy sources broken", [&rng_with_broken_rng_and_broken_es]() + { rng_with_broken_rng_and_broken_es.random_vec(16); }); return result; } @@ -340,7 +361,7 @@ class HMAC_DRBG_Unit_Tests : public Test // make sure the nonce has at least 1/2*security_strength bits // SHA-256 -> 256 bits security strength - for( auto nonce_size : { 0, 4, 8, 16, 31, 32, 34 } ) + for(auto nonce_size : { 0, 4, 8, 16, 31, 32, 34 }) { if(!mac) { @@ -355,7 +376,7 @@ class HMAC_DRBG_Unit_Tests : public Test if(nonce_size < 32) { result.test_eq("not seeded", rng.is_seeded(), false); - result.test_throws("invalid nonce size", [&rng, &nonce] () { rng.random_vec(32); }); + result.test_throws("invalid nonce size", [&rng, &nonce]() { rng.random_vec(32); }); } else { @@ -426,12 +447,12 @@ class HMAC_DRBG_Unit_Tests : public Test } pid_t pid = ::fork(); - if ( pid == -1 ) + if(pid == -1) { result.test_failure("failed to fork process"); return result; } - else if ( pid != 0 ) + else if(pid != 0) { // parent process, wait for randomize_count from child's rng ::close(fd[1]); // close write end in parent @@ -473,9 +494,10 @@ class HMAC_DRBG_Unit_Tests : public Test rng.randomize(&child_bytes[0], child_bytes.size()); count = counting_rng.randomize_count(); ssize_t written = ::write(fd[1], &count, sizeof(count)); - try { + try + { rng.randomize(&child_bytes[0], child_bytes.size()); - } + } catch(std::exception& e) { fprintf(stderr, "%s", e.what()); @@ -496,7 +518,7 @@ class HMAC_DRBG_Unit_Tests : public Test std::vector<std::string> approved_hash_fns { "SHA-160", "SHA-224", "SHA-256", "SHA-512/256", "SHA-384", "SHA-512" }; std::vector<uint32_t> security_strengths { 128, 192, 256, 256, 256, 256 }; - for( size_t i = 0; i < approved_hash_fns.size(); ++i ) + for(size_t i = 0; i < approved_hash_fns.size(); ++i) { std::string hash_fn = approved_hash_fns[i]; std::string mac_name = "HMAC(" + hash_fn + ")"; diff --git a/src/tests/test_rng.h b/src/tests/test_rng.h index 9086aaf12..1cfc3a254 100644 --- a/src/tests/test_rng.h +++ b/src/tests/test_rng.h @@ -24,12 +24,17 @@ namespace Botan_Tests { class Fixed_Output_RNG : public Botan::RandomNumberGenerator { public: - bool is_seeded() const override { return !m_buf.empty(); } + bool is_seeded() const override + { + return !m_buf.empty(); + } virtual uint8_t random() { if(!is_seeded()) + { throw Test_Error("Fixed output RNG ran out of bytes, test bug?"); + } uint8_t out = m_buf.front(); m_buf.pop_front(); @@ -38,12 +43,17 @@ class Fixed_Output_RNG : public Botan::RandomNumberGenerator size_t reseed(Botan::Entropy_Sources&, size_t, - std::chrono::milliseconds) override { return 0; } + std::chrono::milliseconds) override + { + return 0; + } void randomize(uint8_t out[], size_t len) override { for(size_t j = 0; j != len; j++) + { out[j] = random(); + } } void add_entropy(const uint8_t b[], size_t s) override @@ -51,7 +61,10 @@ class Fixed_Output_RNG : public Botan::RandomNumberGenerator m_buf.insert(m_buf.end(), b, b + s); } - std::string name() const override { return "Fixed_Output_RNG"; } + std::string name() const override + { + return "Fixed_Output_RNG"; + } void clear() BOTAN_NOEXCEPT override {} @@ -68,7 +81,10 @@ class Fixed_Output_RNG : public Botan::RandomNumberGenerator Fixed_Output_RNG() = default; protected: - size_t remaining() const { return m_buf.size(); } + size_t remaining() const + { + return m_buf.size(); + } std::deque<uint8_t> m_buf; }; @@ -80,7 +96,10 @@ class Fixed_Output_RNG : public Botan::RandomNumberGenerator class Fixed_Output_Position_RNG : public Fixed_Output_RNG { public: - bool is_seeded() const override { return !m_buf.empty() || Test::rng().is_seeded(); } + bool is_seeded() const override + { + return !m_buf.empty() || Test::rng().is_seeded(); + } uint8_t random() override { @@ -99,15 +118,17 @@ class Fixed_Output_Position_RNG : public Fixed_Output_RNG ++m_requests; if(m_requests == m_pos) - { // return fixed output + { + // return fixed output for(size_t j = 0; j != len; j++) { out[j] = random(); } } else - { // return random - Test::rng().randomize(out,len); + { + // return random + Test::rng().randomize(out, len); } } @@ -116,19 +137,18 @@ class Fixed_Output_Position_RNG : public Fixed_Output_RNG throw Botan::Exception("add_entropy() not supported by this RNG, test bug?"); } - std::string name() const override { return "Fixed_Output_Position_RNG"; } - - explicit Fixed_Output_Position_RNG(const std::vector<uint8_t>& in, uint32_t pos) : - Fixed_Output_RNG(in), - m_pos(pos) + std::string name() const override { + return "Fixed_Output_Position_RNG"; } - explicit Fixed_Output_Position_RNG(const std::string& in_str, uint32_t pos) : - Fixed_Output_RNG(in_str), - m_pos(pos) - { - } + explicit Fixed_Output_Position_RNG(const std::vector<uint8_t>& in, uint32_t pos) + : Fixed_Output_RNG(in) + , m_pos(pos) {} + + explicit Fixed_Output_Position_RNG(const std::string& in_str, uint32_t pos) + : Fixed_Output_RNG(in_str) + , m_pos(pos) {} private: uint32_t m_pos = 0; @@ -139,7 +159,9 @@ class SeedCapturing_RNG : public Botan::RandomNumberGenerator { public: void randomize(uint8_t[], size_t) override - { throw Botan::Exception("SeedCapturing_RNG has no output"); } + { + throw Botan::Exception("SeedCapturing_RNG has no output"); + } void add_entropy(const uint8_t input[], size_t len) override { @@ -148,12 +170,24 @@ class SeedCapturing_RNG : public Botan::RandomNumberGenerator } void clear() override {} - bool is_seeded() const override { return false; } - std::string name() const override { return "SeedCapturing"; } + bool is_seeded() const override + { + return false; + } + std::string name() const override + { + return "SeedCapturing"; + } - size_t samples() const { return m_samples; } + size_t samples() const + { + return m_samples; + } - const std::vector<uint8_t>& seed_material() const { return m_seed; } + const std::vector<uint8_t>& seed_material() const + { + return m_seed; + } private: std::vector<uint8_t> m_seed; diff --git a/src/tests/test_rsa.cpp b/src/tests/test_rsa.cpp index 80a0ca30b..48922f95f 100644 --- a/src/tests/test_rsa.cpp +++ b/src/tests/test_rsa.cpp @@ -8,8 +8,8 @@ #include "test_rng.h" #if defined(BOTAN_HAS_RSA) - #include <botan/rsa.h> - #include "test_pubkey.h" + #include <botan/rsa.h> + #include "test_pubkey.h" #endif namespace Botan_Tests { @@ -21,12 +21,12 @@ namespace { class RSA_ES_KAT_Tests : public PK_Encryption_Decryption_Test { public: - RSA_ES_KAT_Tests() : PK_Encryption_Decryption_Test( - "RSA", - "pubkey/rsaes.vec", - "E,P,Q,Msg,Ciphertext", - "Padding,Nonce") - {} + RSA_ES_KAT_Tests() + : PK_Encryption_Decryption_Test( + "RSA", + "pubkey/rsaes.vec", + "E,P,Q,Msg,Ciphertext", + "Padding,Nonce") {} std::unique_ptr<Botan::Private_Key> load_private_key(const VarMap& vars) override { @@ -42,11 +42,11 @@ class RSA_ES_KAT_Tests : public PK_Encryption_Decryption_Test class RSA_KEM_Tests : public PK_KEM_Test { public: - RSA_KEM_Tests() : PK_KEM_Test( - "RSA", - "pubkey/rsa_kem.vec", - "E,P,Q,R,C0,KDF,OutLen,K") - {} + RSA_KEM_Tests() + : PK_KEM_Test( + "RSA", + "pubkey/rsa_kem.vec", + "E,P,Q,R,C0,KDF,OutLen,K") {} std::unique_ptr<Botan::Private_Key> load_private_key(const VarMap& vars) override { @@ -63,14 +63,17 @@ class RSA_KEM_Tests : public PK_KEM_Test class RSA_Signature_KAT_Tests : public PK_Signature_Generation_Test { public: - RSA_Signature_KAT_Tests() : PK_Signature_Generation_Test( - "RSA", - "pubkey/rsa_sig.vec", - "E,P,Q,Msg,Signature", - "Padding,Nonce") - {} - - std::string default_padding(const VarMap&) const override { return "Raw"; } + RSA_Signature_KAT_Tests() + : PK_Signature_Generation_Test( + "RSA", + "pubkey/rsa_sig.vec", + "E,P,Q,Msg,Signature", + "Padding,Nonce") {} + + std::string default_padding(const VarMap&) const override + { + return "Raw"; + } std::unique_ptr<Botan::Private_Key> load_private_key(const VarMap& vars) override { @@ -86,14 +89,17 @@ class RSA_Signature_KAT_Tests : public PK_Signature_Generation_Test class RSA_Signature_Verify_Tests : public PK_Signature_Verification_Test { public: - RSA_Signature_Verify_Tests() : PK_Signature_Verification_Test( - "RSA", - "pubkey/rsa_verify.vec", - "E,N,Msg,Signature", - "Padding") - {} - - std::string default_padding(const VarMap&) const override { return "Raw"; } + RSA_Signature_Verify_Tests() + : PK_Signature_Verification_Test( + "RSA", + "pubkey/rsa_verify.vec", + "E,N,Msg,Signature", + "Padding") {} + + std::string default_padding(const VarMap&) const override + { + return "Raw"; + } std::unique_ptr<Botan::Public_Key> load_public_key(const VarMap& vars) override { @@ -108,13 +114,16 @@ class RSA_Signature_Verify_Tests : public PK_Signature_Verification_Test class RSA_Signature_Verify_Invalid_Tests : public PK_Signature_NonVerification_Test { public: - RSA_Signature_Verify_Invalid_Tests() : PK_Signature_NonVerification_Test( - "RSA", - "pubkey/rsa_invalid.vec", - "Padding,E,N,Msg,InvalidSignature") - {} + RSA_Signature_Verify_Invalid_Tests() + : PK_Signature_NonVerification_Test( + "RSA", + "pubkey/rsa_invalid.vec", + "Padding,E,N,Msg,InvalidSignature") {} - std::string default_padding(const VarMap&) const override { return "Raw"; } + std::string default_padding(const VarMap&) const override + { + return "Raw"; + } std::unique_ptr<Botan::Public_Key> load_public_key(const VarMap& vars) override { @@ -128,8 +137,14 @@ class RSA_Signature_Verify_Invalid_Tests : public PK_Signature_NonVerification_T class RSA_Keygen_Tests : public PK_Key_Generation_Test { public: - std::vector<std::string> keygen_params() const override { return { "1024", "1280" }; } - std::string algo_name() const override { return "RSA"; } + std::vector<std::string> keygen_params() const override + { + return { "1024", "1280" }; + } + std::string algo_name() const override + { + return "RSA"; + } }; class RSA_Blinding_Tests : public Test @@ -160,7 +175,7 @@ class RSA_Blinding_Tests : public Test for(size_t i = 1; i <= BOTAN_BLINDING_REINIT_INTERVAL * 6; ++i) { std::vector<uint8_t> input(16); - input[input.size()-1] = static_cast<uint8_t>(i); + input[input.size() - 1] = static_cast<uint8_t>(i); signer.update(input); @@ -207,7 +222,7 @@ class RSA_Blinding_Tests : public Test // one more decryption should trigger a blinder reinitialization result.test_throws("RSA blinding reinit", "Test error Fixed output RNG ran out of bytes, test bug?", - [&decryptor,&encryptor,&null_rng]() + [&decryptor, &encryptor, &null_rng]() { std::vector<uint8_t> ciphertext = encryptor.encrypt(std::vector<uint8_t>(16, 5), null_rng); decryptor.decrypt(ciphertext); @@ -215,7 +230,7 @@ class RSA_Blinding_Tests : public Test #endif - return std::vector<Test::Result>{result}; + return std::vector<Test::Result> {result}; } }; diff --git a/src/tests/test_simd.cpp b/src/tests/test_simd.cpp index 1465d9269..a502432f5 100644 --- a/src/tests/test_simd.cpp +++ b/src/tests/test_simd.cpp @@ -7,8 +7,8 @@ #include "tests.h" #if defined(BOTAN_HAS_SIMD_32) - #include <botan/internal/simd_32.h> - #include <botan/cpuid.h> + #include <botan/internal/simd_32.h> + #include <botan/cpuid.h> #endif namespace Botan_Tests { @@ -34,7 +34,7 @@ class SIMD_32_Tests : public Test const uint32_t pat4 = 0xC0D0E0F0; test_eq(result, "default init", Botan::SIMD_4x32(), 0, 0, 0, 0); - test_eq(result, "SIMD scalar constructor", Botan::SIMD_4x32(1,2,3,4), 1, 2, 3, 4); + test_eq(result, "SIMD scalar constructor", Botan::SIMD_4x32(1, 2, 3, 4), 1, 2, 3, 4); const Botan::SIMD_4x32 splat = Botan::SIMD_4x32::splat(pat1); @@ -61,21 +61,21 @@ class SIMD_32_Tests : public Test Botan::rotate_right(pat4, 9)); Botan::SIMD_4x32 add = input + splat; - test_eq(result, "add +", add, pat1+pat1, pat2+pat1, pat3+pat1, pat4+pat1); + test_eq(result, "add +", add, pat1 + pat1, pat2 + pat1, pat3 + pat1, pat4 + pat1); add -= splat; test_eq(result, "sub -=", add, pat1, pat2, pat3, pat4); add += splat; - test_eq(result, "add +=", add, pat1+pat1, pat2+pat1, pat3+pat1, pat4+pat1); + test_eq(result, "add +=", add, pat1 + pat1, pat2 + pat1, pat3 + pat1, pat4 + pat1); - test_eq(result, "xor", input ^ splat, 0, pat2^pat1, pat3^pat1, pat4^pat1); + test_eq(result, "xor", input ^ splat, 0, pat2 ^ pat1, pat3 ^ pat1, pat4 ^ pat1); test_eq(result, "or", input | splat, pat1, pat2 | pat1, pat3 | pat1, pat4 | pat1); test_eq(result, "and", input & splat, pat1, pat2 & pat1, pat3 & pat1, pat4 & pat1); Botan::SIMD_4x32 blender = input; blender |= splat; - test_eq(result, "|=", blender, pat1, pat2|pat1, pat3|pat1, pat4|pat1); + test_eq(result, "|=", blender, pat1, pat2 | pat1, pat3 | pat1, pat4 | pat1); blender &= splat; test_eq(result, "&=", blender, pat1, pat1, pat1, pat1); blender ^= splat; @@ -105,16 +105,16 @@ class SIMD_32_Tests : public Test Botan::reverse_bytes(pat4)); Botan::SIMD_4x32 t1(pat1, pat2, pat3, pat4); - Botan::SIMD_4x32 t2(pat1+1, pat2+1, pat3+1, pat4+1); - Botan::SIMD_4x32 t3(pat1+2, pat2+2, pat3+2, pat4+2); - Botan::SIMD_4x32 t4(pat1+3, pat2+3, pat3+3, pat4+3); + Botan::SIMD_4x32 t2(pat1 + 1, pat2 + 1, pat3 + 1, pat4 + 1); + Botan::SIMD_4x32 t3(pat1 + 2, pat2 + 2, pat3 + 2, pat4 + 2); + Botan::SIMD_4x32 t4(pat1 + 3, pat2 + 3, pat3 + 3, pat4 + 3); Botan::SIMD_4x32::transpose(t1, t2, t3, t4); - test_eq(result, "transpose t1", t1, pat1, pat1+1, pat1+2, pat1+3); - test_eq(result, "transpose t2", t2, pat2, pat2+1, pat2+2, pat2+3); - test_eq(result, "transpose t3", t3, pat3, pat3+1, pat3+2, pat3+3); - test_eq(result, "transpose t4", t4, pat4, pat4+1, pat4+2, pat4+3); + test_eq(result, "transpose t1", t1, pat1, pat1 + 1, pat1 + 2, pat1 + 3); + test_eq(result, "transpose t2", t2, pat2, pat2 + 1, pat2 + 2, pat2 + 3); + test_eq(result, "transpose t3", t3, pat3, pat3 + 1, pat3 + 2, pat3 + 3); + test_eq(result, "transpose t4", t4, pat4, pat4 + 1, pat4 + 2, pat4 + 3); return {result}; } @@ -127,10 +127,14 @@ class SIMD_32_Tests : public Test uint8_t mem_be[16]; simd.store_be(mem_be); - result.test_int_eq("SIMD_4x32 " + op + " elem0 BE", Botan::make_uint32(mem_be[ 0], mem_be[ 1], mem_be[ 2], mem_be[ 3]), exp0); - result.test_int_eq("SIMD_4x32 " + op + " elem1 BE", Botan::make_uint32(mem_be[ 4], mem_be[ 5], mem_be[ 6], mem_be[ 7]), exp1); - result.test_int_eq("SIMD_4x32 " + op + " elem2 BE", Botan::make_uint32(mem_be[ 8], mem_be[ 9], mem_be[10], mem_be[11]), exp2); - result.test_int_eq("SIMD_4x32 " + op + " elem3 BE", Botan::make_uint32(mem_be[12], mem_be[13], mem_be[14], mem_be[15]), exp3); + result.test_int_eq("SIMD_4x32 " + op + " elem0 BE", Botan::make_uint32(mem_be[ 0], mem_be[ 1], mem_be[ 2], mem_be[ 3]), + exp0); + result.test_int_eq("SIMD_4x32 " + op + " elem1 BE", Botan::make_uint32(mem_be[ 4], mem_be[ 5], mem_be[ 6], mem_be[ 7]), + exp1); + result.test_int_eq("SIMD_4x32 " + op + " elem2 BE", Botan::make_uint32(mem_be[ 8], mem_be[ 9], mem_be[10], mem_be[11]), + exp2); + result.test_int_eq("SIMD_4x32 " + op + " elem3 BE", Botan::make_uint32(mem_be[12], mem_be[13], mem_be[14], mem_be[15]), + exp3); // Check load_be+store_be results in same value const Botan::SIMD_4x32 reloaded_be = Botan::SIMD_4x32::load_be(mem_be); @@ -141,10 +145,14 @@ class SIMD_32_Tests : public Test uint8_t mem_le[16]; simd.store_le(mem_le); - result.test_int_eq("SIMD_4x32 " + op + " elem0 LE", Botan::make_uint32(mem_le[ 3], mem_le[ 2], mem_le[ 1], mem_le[ 0]), exp0); - result.test_int_eq("SIMD_4x32 " + op + " elem1 LE", Botan::make_uint32(mem_le[ 7], mem_le[ 6], mem_le[ 5], mem_le[ 4]), exp1); - result.test_int_eq("SIMD_4x32 " + op + " elem2 LE", Botan::make_uint32(mem_le[11], mem_le[10], mem_le[ 9], mem_le[ 8]), exp2); - result.test_int_eq("SIMD_4x32 " + op + " elem3 LE", Botan::make_uint32(mem_le[15], mem_le[14], mem_le[13], mem_le[12]), exp3); + result.test_int_eq("SIMD_4x32 " + op + " elem0 LE", Botan::make_uint32(mem_le[ 3], mem_le[ 2], mem_le[ 1], mem_le[ 0]), + exp0); + result.test_int_eq("SIMD_4x32 " + op + " elem1 LE", Botan::make_uint32(mem_le[ 7], mem_le[ 6], mem_le[ 5], mem_le[ 4]), + exp1); + result.test_int_eq("SIMD_4x32 " + op + " elem2 LE", Botan::make_uint32(mem_le[11], mem_le[10], mem_le[ 9], mem_le[ 8]), + exp2); + result.test_int_eq("SIMD_4x32 " + op + " elem3 LE", Botan::make_uint32(mem_le[15], mem_le[14], mem_le[13], mem_le[12]), + exp3); // Check load_le+store_le results in same value const Botan::SIMD_4x32 reloaded_le = Botan::SIMD_4x32::load_le(mem_le); diff --git a/src/tests/test_srp6.cpp b/src/tests/test_srp6.cpp index 82eea9266..fe3353571 100644 --- a/src/tests/test_srp6.cpp +++ b/src/tests/test_srp6.cpp @@ -7,7 +7,7 @@ #include "tests.h" #if defined(BOTAN_HAS_SRP6) - #include <botan/srp6.h> + #include <botan/srp6.h> #endif namespace Botan_Tests { diff --git a/src/tests/test_stream.cpp b/src/tests/test_stream.cpp index c2c7ce901..11c723166 100644 --- a/src/tests/test_stream.cpp +++ b/src/tests/test_stream.cpp @@ -7,7 +7,7 @@ #include "tests.h" #if defined(BOTAN_HAS_STREAM_CIPHER) -#include <botan/stream_cipher.h> + #include <botan/stream_cipher.h> #endif namespace Botan_Tests { @@ -28,7 +28,9 @@ class Stream_Cipher_Tests : public Text_Based_Test std::vector<uint8_t> input = get_opt_bin(vars, "In"); if(input.empty()) + { input.resize(expected.size()); + } Test::Result result(algo); @@ -41,7 +43,7 @@ class Stream_Cipher_Tests : public Text_Based_Test return result; } - for(auto&& provider_ask : providers) + for(auto const& provider_ask : providers) { std::unique_ptr<Botan::StreamCipher> cipher(Botan::StreamCipher::create(algo, provider_ask)); @@ -59,7 +61,9 @@ class Stream_Cipher_Tests : public Text_Based_Test if(nonce.size()) { if(!cipher->valid_iv_length(nonce.size())) + { throw Test_Error("Invalid nonce for " + algo); + } cipher->set_iv(nonce.data(), nonce.size()); } else @@ -70,12 +74,16 @@ class Stream_Cipher_Tests : public Text_Based_Test * set_iv accepts it. */ if(!cipher->valid_iv_length(0)) + { throw Test_Error("Stream cipher " + algo + " requires nonce but none provided"); + } cipher->set_iv(nullptr, 0); } - if (seek != 0) + if(seek != 0) + { cipher->seek(seek); + } // Test that clone works and does not affect parent object std::unique_ptr<Botan::StreamCipher> clone(cipher->clone()); diff --git a/src/tests/test_tls_messages.cpp b/src/tests/test_tls_messages.cpp index d04bea8a0..383959b19 100644 --- a/src/tests/test_tls_messages.cpp +++ b/src/tests/test_tls_messages.cpp @@ -7,48 +7,47 @@ #include "tests.h" #if defined(BOTAN_HAS_TLS) - #include <exception> - #include <botan/hex.h> - #include <botan/mac.h> - #include <botan/tls_ciphersuite.h> - #include <botan/tls_handshake_msg.h> - #include <botan/tls_messages.h> - #include <botan/tls_alert.h> + #include <exception> + #include <botan/hex.h> + #include <botan/mac.h> + #include <botan/tls_ciphersuite.h> + #include <botan/tls_handshake_msg.h> + #include <botan/tls_messages.h> + #include <botan/tls_alert.h> #endif namespace Botan_Tests { namespace { -#if defined(BOTAN_HAS_TLS) +#if defined(BOTAN_HAS_TLS) Test::Result test_hello_verify_request() { Test::Result result("hello_verify_request construction"); - + std::vector<uint8_t> test_data; std::vector<uint8_t> key_data(32); Botan::SymmetricKey sk(key_data); - + // Compute cookie over an empty string with an empty test data Botan::TLS::Hello_Verify_Request hfr(test_data, "", sk); - + // Compute HMAC std::unique_ptr<Botan::MessageAuthenticationCode> hmac(Botan::MessageAuthenticationCode::create("HMAC(SHA-256)")); hmac->set_key(sk); hmac->update_be(size_t(0)); hmac->update_be(size_t(0)); std::vector<uint8_t> test = unlock(hmac->final()); - + result.test_eq("Cookie comparison", hfr.cookie(), test); return result; } - + class TLS_Message_Parsing_Test : public Text_Based_Test { public: - TLS_Message_Parsing_Test() : - Text_Based_Test("tls", "Buffer,Protocol,Ciphersuite,AdditionalData,Name,Exception") - {} + TLS_Message_Parsing_Test() + : Text_Based_Test("tls", "Buffer,Protocol,Ciphersuite,AdditionalData,Name,Exception") {} Test::Result run_one_test(const std::string& algo, const VarMap& vars) override { @@ -58,9 +57,9 @@ class TLS_Message_Parsing_Test : public Text_Based_Test const std::string exception = get_req_str(vars, "Exception"); const std::string expected_name = get_opt_str(vars, "Name", ""); const bool is_positive_test = exception.empty(); - + Test::Result result(algo + " parsing"); - + if(is_positive_test) { try @@ -118,8 +117,8 @@ class TLS_Message_Parsing_Test : public Text_Based_Test { Botan::secure_vector<uint8_t> sb(buffer.begin(), buffer.end()); Botan::TLS::Alert message(sb); - result.test_lt("Alert type vectors result to UNKNOWN_CA or ACCESS_DENIED, which is shorter than 15", - message.type_string().size(), 15); + result.test_lt("Alert type vectors result to UNKNOWN_CA or ACCESS_DENIED, which is shorter than 15", + message.type_string().size(), 15); } else if(algo == "cert_status") { @@ -141,7 +140,7 @@ class TLS_Message_Parsing_Test : public Text_Based_Test { throw Test_Error("Unknown message type " + algo + " in TLS parsing tests"); } - result.test_success("Correct parsing"); + result.test_success("Correct parsing"); } catch(std::exception& e) { diff --git a/src/tests/test_tpm.cpp b/src/tests/test_tpm.cpp index d6d0158ca..039dd2551 100644 --- a/src/tests/test_tpm.cpp +++ b/src/tests/test_tpm.cpp @@ -7,7 +7,7 @@ #include "tests.h" #if defined(BOTAN_HAS_TPM) - #include <botan/tpm.h> + #include <botan/tpm.h> #endif namespace Botan_Tests { @@ -18,7 +18,7 @@ class TPM_Tests : public Test { public: - static std::string pin_cb(const std::string& ) + static std::string pin_cb(const std::string&) { return "123456"; } @@ -55,12 +55,14 @@ class TPM_Tests : public Test std::vector<uint8_t> blob = key.export_blob(); // Has to be at least as large as the key - result.test_gte("Blob size is reasonable", blob.size(), 1024/8); + result.test_gte("Blob size is reasonable", blob.size(), 1024 / 8); std::vector<std::string> registered_keys = Botan::TPM_PrivateKey::registered_keys(*ctx); for(auto url : registered_keys) + { result.test_note("TPM registered key " + url); + } // TODO export public key // TODO generate a signature, verify it diff --git a/src/tests/test_tss.cpp b/src/tests/test_tss.cpp index aacacd0bc..01e0da92f 100644 --- a/src/tests/test_tss.cpp +++ b/src/tests/test_tss.cpp @@ -7,10 +7,12 @@ #include "tests.h" #if defined(BOTAN_HAS_THRESHOLD_SECRET_SHARING) - #include <botan/tss.h> - #include <botan/hex.h> + #include <botan/tss.h> + #include <botan/hex.h> #endif +#include <numeric> + namespace Botan_Tests { namespace { @@ -26,8 +28,7 @@ class TSS_Tests : public Test Test::Result result("TSS"); uint8_t id[16]; - for(int i = 0; i != 16; ++i) - id[i] = i; + std::iota(id, id + sizeof(id), 0); const std::vector<uint8_t> S = Botan::hex_decode("7465737400"); @@ -35,7 +36,7 @@ class TSS_Tests : public Test Botan::RTSS_Share::split(2, 4, S.data(), S.size(), id, Test::rng()); result.test_eq("reconstruction", Botan::RTSS_Share::reconstruct(shares), S); - shares.resize(shares.size()-1); + shares.resize(shares.size() - 1); result.test_eq("reconstruction after removal", Botan::RTSS_Share::reconstruct(shares), S); results.push_back(result); diff --git a/src/tests/test_utils.cpp b/src/tests/test_utils.cpp index 8c1d353b4..a1e583cd8 100644 --- a/src/tests/test_utils.cpp +++ b/src/tests/test_utils.cpp @@ -16,7 +16,7 @@ #include <botan/parsing.h> #if defined(BOTAN_HAS_BASE64_CODEC) - #include <botan/base64.h> + #include <botan/base64.h> #endif namespace Botan_Tests { @@ -26,8 +26,7 @@ namespace { class Utility_Function_Tests : public Text_Based_Test { public: - Utility_Function_Tests() : Text_Based_Test("util.vec","In1,In2,Out") - {} + Utility_Function_Tests() : Text_Based_Test("util.vec", "In1,In2,Out") {} Test::Result run_one_test(const std::string& algo, const VarMap& vars) override { @@ -181,17 +180,18 @@ BOTAN_REGISTER_TEST("util", Utility_Function_Tests); class Date_Format_Tests : public Text_Based_Test { public: - Date_Format_Tests() : Text_Based_Test("dates.vec", "Date") - {} + Date_Format_Tests() : Text_Based_Test("dates.vec", "Date") {} std::vector<uint32_t> parse_date(const std::string& s) { const std::vector<std::string> parts = Botan::split_on(s, ','); if(parts.size() != 6) + { throw Test_Error("Bad date format '" + s + "'"); + } std::vector<uint32_t> u32s; - for(auto&& sub : parts) + for(auto const& sub : parts) { u32s.push_back(Botan::to_u32bit(sub)); } @@ -231,8 +231,7 @@ class Date_Format_Tests : public Text_Based_Test } else if(type == "invalid") { - result.test_throws("invalid date", - [d]() { Botan::calendar_point c(d[0], d[1], d[2], d[3], d[4], d[5]); }); + result.test_throws("invalid date", [d]() { Botan::calendar_point c(d[0], d[1], d[2], d[3], d[4], d[5]); }); } else { @@ -337,8 +336,7 @@ BOTAN_REGISTER_TEST("base64", Base64_Tests); class Charset_Tests : public Text_Based_Test { public: - Charset_Tests() : Text_Based_Test("charset.vec", "In,Out") - {} + Charset_Tests() : Text_Based_Test("charset.vec", "In,Out") {} Test::Result run_one_test(const std::string& type, const VarMap& vars) override { @@ -385,8 +383,8 @@ class Charset_Tests : public Text_Based_Test { // "abcdefŸabcdef" std::vector<uint8_t> input = { 0x00, 0x61, 0x00, 0x62, 0x00, 0x63, 0x00, 0x64, 0x00, 0x65, 0x00, 0x66, 0x01, - 0x78, 0x00, 0x61, 0x00, 0x62, 0x00, 0x63, 0x00, 0x64, 0x00, 0x65, 0x00, 0x66 - }; + 0x78, 0x00, 0x61, 0x00, 0x62, 0x00, 0x63, 0x00, 0x64, 0x00, 0x65, 0x00, 0x66 + }; Charset::transcode(std::string(input.begin(), input.end()), Character_Set::LATIN1_CHARSET, Character_Set::UCS2_CHARSET); @@ -413,8 +411,8 @@ class Charset_Tests : public Text_Based_Test { // "abcdefŸabcdef" std::vector<uint8_t> input = { 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0xC5, - 0xB8, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66 - }; + 0xB8, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66 + }; Charset::transcode(std::string(input.begin(), input.end()), Character_Set::LATIN1_CHARSET, Character_Set::UTF8_CHARSET); @@ -473,7 +471,7 @@ class Hostname_Tests : public Text_Based_Test const bool expected = (type == "Invalid") ? false : true; const std::string what = hostname + ((expected == true) ? - " matches " : " does not match ") + issued; + " matches " : " does not match ") + issued; result.test_eq(what, Botan::host_wildcard_match(issued, hostname), expected); return result; diff --git a/src/tests/test_workfactor.cpp b/src/tests/test_workfactor.cpp index a9f9fd062..fecda7d04 100644 --- a/src/tests/test_workfactor.cpp +++ b/src/tests/test_workfactor.cpp @@ -7,7 +7,7 @@ #include "tests.h" #if defined(BOTAN_HAS_PUBLIC_KEY_CRYPTO) - #include <botan/workfactor.h> + #include <botan/workfactor.h> #endif namespace Botan_Tests { @@ -17,8 +17,7 @@ class PK_Workfactor_Tests : public Text_Based_Test { public: PK_Workfactor_Tests() : - Text_Based_Test("pubkey/workfactor.vec", "ParamSize,Workfactor") - {} + Text_Based_Test("pubkey/workfactor.vec", "ParamSize,Workfactor") {} Test::Result run_one_test(const std::string& type, const VarMap& vars) override { @@ -30,9 +29,13 @@ class PK_Workfactor_Tests : public Text_Based_Test // TODO: test McEliece strength tests also if(type == "RSA_Strength") + { output = Botan::if_work_factor(param_size); + } else if(type == "DL_Exponent_Size") + { output = Botan::dl_exponent_size(param_size) / 2; + } Test::Result result(type + " work factor calculation"); result.test_eq("Calculated workfactor for " + std::to_string(param_size), diff --git a/src/tests/test_x509_dn.cpp b/src/tests/test_x509_dn.cpp index 3a2fdf7d0..f7a672a73 100644 --- a/src/tests/test_x509_dn.cpp +++ b/src/tests/test_x509_dn.cpp @@ -7,8 +7,8 @@ #include "tests.h" #if defined(BOTAN_HAS_ASN1) - #include <botan/x509_dn.h> - #include <botan/ber_dec.h> + #include <botan/x509_dn.h> + #include <botan/ber_dec.h> #endif namespace Botan_Tests { @@ -17,9 +17,7 @@ namespace Botan_Tests { class X509_DN_Comparisons_Tests : public Text_Based_Test { public: - X509_DN_Comparisons_Tests() : - Text_Based_Test("x509_dn.vec", "DN1,DN2") - {} + X509_DN_Comparisons_Tests() : Text_Based_Test("x509_dn.vec", "DN1,DN2") {} Test::Result run_one_test(const std::string& type, const VarMap& vars) override { diff --git a/src/tests/test_x509_path.cpp b/src/tests/test_x509_path.cpp index ff402bfa4..5fc20e3d7 100644 --- a/src/tests/test_x509_path.cpp +++ b/src/tests/test_x509_path.cpp @@ -7,9 +7,9 @@ #include "tests.h" #if defined(BOTAN_HAS_X509_CERTIFICATES) - #include <botan/x509path.h> - #include <botan/calendar.h> - #include <botan/internal/filesystem.h> + #include <botan/x509path.h> + #include <botan/calendar.h> + #include <botan/internal/filesystem.h> #endif #include <algorithm> @@ -30,7 +30,9 @@ std::map<std::string, std::string> read_results(const std::string& results_file) { std::ifstream in(results_file); if(!in.good()) + { throw Test_Error("Failed reading " + results_file); + } std::map<std::string, std::string> m; std::string line; @@ -38,14 +40,20 @@ std::map<std::string, std::string> read_results(const std::string& results_file) { std::getline(in, line); if(line == "") + { continue; + } if(line[0] == '#') + { continue; + } std::vector<std::string> parts = Botan::split_on(line, ':'); if(parts.size() != 2) + { throw Test_Error("Invalid line " + line); + } m[parts[0]] = parts[1]; } @@ -72,7 +80,7 @@ class X509test_Path_Validation_Tests : public Test Botan::Certificate_Store_In_Memory trusted; trusted.add_certificate(root); - auto validation_time = Botan::calendar_point(2016,10,21,4,20,0).to_std_timepoint(); + auto validation_time = Botan::calendar_point(2016, 10, 21, 4, 20, 0).to_std_timepoint(); for(auto i = expected.begin(); i != expected.end(); ++i) { @@ -85,15 +93,19 @@ class X509test_Path_Validation_Tests : public Test load_cert_file(Test::data_file("x509test/" + filename)); if(certs.empty()) + { throw Test_Error("Failed to read certs from " + filename); + } Botan::Path_Validation_Result path_result = Botan::x509_path_validate( - certs, restrictions, trusted, - "www.tls.test", Botan::Usage_Type::TLS_SERVER_AUTH, - validation_time); + certs, restrictions, trusted, + "www.tls.test", Botan::Usage_Type::TLS_SERVER_AUTH, + validation_time); if(path_result.successful_validation() && path_result.trust_root() != root) + { path_result = Botan::Path_Validation_Result(Botan::Certificate_Status_Code::CANNOT_ESTABLISH_TRUST); + } result.test_eq("test " + filename, path_result.result_string(), expected_result); result.end_timer(); @@ -112,9 +124,10 @@ class X509test_Path_Validation_Tests : public Test std::vector<Botan::X509_Certificate> certs; while(!in.end_of_data()) { - try { - certs.emplace_back(in); - } + try + { + certs.emplace_back(in); + } catch(Botan::Decoding_Error&) {} } @@ -190,7 +203,7 @@ std::vector<Test::Result> NIST_Path_Validation_Tests::run() store.add_certificate(root_cert); store.add_crl(root_crl); - for(auto&& file : all_files) + for(auto const& file : all_files) { if(file.find(".crt") != std::string::npos && file != "end.crt") { diff --git a/src/tests/test_xmss.cpp b/src/tests/test_xmss.cpp index da58057e2..5e3b7bab6 100644 --- a/src/tests/test_xmss.cpp +++ b/src/tests/test_xmss.cpp @@ -8,8 +8,8 @@ #include "tests.h" #if defined(BOTAN_HAS_XMSS) - #include <botan/xmss.h> - #include "test_pubkey.h" + #include <botan/xmss.h> + #include "test_pubkey.h" #endif namespace Botan_Tests { @@ -21,11 +21,11 @@ namespace { class XMSS_Signature_Tests : public PK_Signature_Generation_Test { public: - XMSS_Signature_Tests() : PK_Signature_Generation_Test( - "XMSS", - "pubkey/xmss_sig.vec", - "Params,Msg,PrivateKey,Signature") - {} + XMSS_Signature_Tests() + : PK_Signature_Generation_Test( + "XMSS", + "pubkey/xmss_sig.vec", + "Params,Msg,PrivateKey,Signature") {} bool skip_this_test(const std::string&, const VarMap& vars) override @@ -35,7 +35,9 @@ class XMSS_Signature_Tests : public PK_Signature_Generation_Test const std::string params = get_req_str(vars, "Params"); if(params == "SHAKE128_W16_H10") + { return false; + } return true; } @@ -61,11 +63,11 @@ class XMSS_Signature_Tests : public PK_Signature_Generation_Test class XMSS_Signature_Verify_Tests : public PK_Signature_Verification_Test { public: - XMSS_Signature_Verify_Tests() : PK_Signature_Verification_Test( - "XMSS", - "pubkey/xmss_verify.vec", - "Params,Msg,PublicKey,Signature") - {} + XMSS_Signature_Verify_Tests() + : PK_Signature_Verification_Test( + "XMSS", + "pubkey/xmss_verify.vec", + "Params,Msg,PublicKey,Signature") {} std::string default_padding(const VarMap& vars) const override { @@ -87,7 +89,10 @@ class XMSS_Keygen_Tests : public PK_Key_Generation_Test { return { "XMSS_SHA2-256_W16_H10" }; } - std::string algo_name() const override { return "XMSS"; } + std::string algo_name() const override + { + return "XMSS"; + } }; BOTAN_REGISTER_TEST("xmss_sign", XMSS_Signature_Tests); diff --git a/src/tests/tests.cpp b/src/tests/tests.cpp index a678c64ae..78c579140 100644 --- a/src/tests/tests.cpp +++ b/src/tests/tests.cpp @@ -30,7 +30,9 @@ Test::Registration::Registration(const std::string& name, Test* test) void Test::Result::merge(const Result& other) { if(who() != other.who()) + { throw Test_Error("Merging tests from different sources"); + } m_ns_taken += other.m_ns_taken; m_tests_passed += other.m_tests_passed; @@ -62,7 +64,9 @@ void Test::Result::test_note(const std::string& note, const char* extra) std::ostringstream out; out << who() << " " << note; if(extra) + { out << ": " << extra; + } m_log.push_back(out.str()); } } @@ -80,10 +84,11 @@ void Test::Result::note_missing(const std::string& whatever) bool Test::Result::test_throws(const std::string& what, std::function<void ()> fn) { - try { + try + { fn(); return test_failure(what + " failed to throw expected exception"); - } + } catch(std::exception& e) { return test_success(what + " threw exception " + e.what()); @@ -96,19 +101,21 @@ bool Test::Result::test_throws(const std::string& what, std::function<void ()> f bool Test::Result::test_throws(const std::string& what, const std::string& expected, std::function<void ()> fn) { - try { + try + { fn(); return test_failure(what + " failed to throw expected exception"); - } + } catch(std::exception& e) { - if(expected == e.what()) + if(expected == e.what()) { return test_success(what + " threw exception " + e.what()); } - else + else { - return test_failure(what + " failed to throw an exception with the expected text:\n Expected: " + expected + "\n Got: " + e.what()); + return test_failure(what + " failed to throw an exception with the expected text:\n Expected: " + expected + + "\n Got: " + e.what()); } } catch(...) @@ -150,7 +157,9 @@ bool Test::Result::test_ne(const std::string& what, const uint8_t expected[], size_t expected_len) { if(produced_len == expected_len && Botan::same_mem(produced, expected, expected_len)) + { return test_failure(who() + ": " + what + " produced matching"); + } return test_success(); } @@ -159,7 +168,9 @@ bool Test::Result::test_eq(const char* producer, const std::string& what, const uint8_t expected[], size_t expected_size) { if(produced_size == expected_size && Botan::same_mem(produced, expected, expected_size)) + { return test_success(); + } std::ostringstream err; @@ -201,7 +212,9 @@ bool Test::Result::test_eq(const char* producer, const std::string& what, bool Test::Result::test_is_nonempty(const std::string& what_is_it, const std::string& to_examine) { if(to_examine.empty()) + { return test_failure(what_is_it + " was empty"); + } return test_success(); } @@ -307,7 +320,9 @@ bool Test::Result::test_eq(const std::string& what, const BigInt& produced, cons bool Test::Result::test_ne(const std::string& what, const BigInt& produced, const BigInt& expected) { if(produced != expected) + { return test_success(); + } std::ostringstream err; err << who() << " " << what << " produced " << produced << " prohibited value"; @@ -321,7 +336,9 @@ bool Test::Result::test_eq(const std::string& what, { //return test_is_eq(what, a, b); if(a == b) + { return test_success(); + } std::ostringstream err; err << who() << " " << what << " a=(" << a.get_affine_x() << "," << a.get_affine_y() << ")" @@ -356,11 +373,11 @@ std::string Test::format_time(uint64_t ns) if(ns > 1000000000) { - o << std::setprecision(2) << std::fixed << ns/1000000000.0 << " sec"; + o << std::setprecision(2) << std::fixed << ns / 1000000000.0 << " sec"; } else { - o << std::setprecision(2) << std::fixed << ns/1000000.0 << " msec"; + o << std::setprecision(2) << std::fixed << ns / 1000000.0 << " msec"; } return o.str(); @@ -369,7 +386,9 @@ std::string Test::format_time(uint64_t ns) std::string Test::Result::result_string(bool verbose) const { if(tests_run() == 0 && !verbose) + { return ""; + } std::ostringstream report; @@ -403,34 +422,34 @@ std::string Test::Result::result_string(bool verbose) const for(size_t i = 0; i != m_fail_log.size(); ++i) { - report << "Failure " << (i+1) << ": " << m_fail_log[i] << "\n"; + report << "Failure " << (i + 1) << ": " << m_fail_log[i] << "\n"; } if(m_fail_log.size() > 0 || tests_run() == 0 || verbose) { for(size_t i = 0; i != m_log.size(); ++i) { - report << "Note " << (i+1) << ": " << m_log[i] << "\n"; + report << "Note " << (i + 1) << ": " << m_log[i] << "\n"; } } return report.str(); } -std::vector<std::string> Provider_Filter::filter(const std::vector<std::string> &in) const +std::vector<std::string> Provider_Filter::filter(const std::vector<std::string>& in) const { - if(m_provider.empty()) - { - return in; - } - for(auto&& provider : in) + if(m_provider.empty()) + { + return in; + } + for(auto&& provider : in) + { + if(provider == m_provider) { - if(provider == m_provider) - { - return std::vector<std::string> { provider }; - } + return std::vector<std::string> { provider }; } - return std::vector<std::string> {}; + } + return std::vector<std::string> {}; } // static Test:: functions @@ -459,7 +478,9 @@ Test* Test::get_test(const std::string& test_name) { auto i = Test::global_registry().find(test_name); if(i != Test::global_registry().end()) + { return i->second.get(); + } return nullptr; } @@ -479,9 +500,13 @@ std::vector<Test::Result> Test::run_test(const std::string& test_name, bool fail { Test::Result result(test_name); if(fail_if_missing) + { result.test_failure("Test missing or unavailable"); + } else + { result.test_note("Test missing or unavailable"); + } results.push_back(result); } } @@ -570,7 +595,9 @@ std::vector<std::string> Test::provider_filter(const std::vector<std::string>& i Botan::RandomNumberGenerator& Test::rng() { if(!m_test_rng) + { throw Test_Error("No usable RNG in build, and this test requires an RNG"); + } return *m_test_rng; } @@ -586,7 +613,9 @@ Text_Based_Test::Text_Based_Test(const std::string& data_src, m_data_src(data_src) { if(required_keys_str.empty()) + { throw Test_Error("Invalid test spec"); + } std::vector<std::string> required_keys = Botan::split_on(required_keys_str, ','); std::vector<std::string> optional_keys = Botan::split_on(optional_keys_str, ','); @@ -597,11 +626,13 @@ Text_Based_Test::Text_Based_Test(const std::string& data_src, } std::vector<uint8_t> Text_Based_Test::get_req_bin(const VarMap& vars, - const std::string& key) const + const std::string& key) const { auto i = vars.find(key); if(i == vars.end()) + { throw Test_Error("Test missing variable " + key); + } try { @@ -615,12 +646,14 @@ std::vector<uint8_t> Text_Based_Test::get_req_bin(const VarMap& vars, } std::string Text_Based_Test::get_opt_str(const VarMap& vars, - const std::string& key, const std::string& def_value) const + const std::string& key, const std::string& def_value) const { auto i = vars.find(key); if(i == vars.end()) + { return def_value; + } return i->second; } @@ -628,21 +661,31 @@ bool Text_Based_Test::get_req_bool(const VarMap& vars, const std::string& key) c { auto i = vars.find(key); if(i == vars.end()) + { throw Test_Error("Test missing variable " + key); + } if(i->second == "true") + { return true; + } else if(i->second == "false") + { return false; + } else + { throw Test_Error("Invalid boolean for key '" + key + "' value '" + i->second + "'"); + } } size_t Text_Based_Test::get_req_sz(const VarMap& vars, const std::string& key) const { auto i = vars.find(key); if(i == vars.end()) + { throw Test_Error("Test missing variable " + key); + } return Botan::to_u32bit(i->second); } @@ -650,16 +693,20 @@ size_t Text_Based_Test::get_opt_sz(const VarMap& vars, const std::string& key, c { auto i = vars.find(key); if(i == vars.end()) + { return def_value; + } return Botan::to_u32bit(i->second); } std::vector<uint8_t> Text_Based_Test::get_opt_bin(const VarMap& vars, - const std::string& key) const + const std::string& key) const { auto i = vars.find(key); if(i == vars.end()) + { return std::vector<uint8_t>(); + } try { @@ -668,7 +715,7 @@ std::vector<uint8_t> Text_Based_Test::get_opt_bin(const VarMap& vars, catch(std::exception&) { throw Test_Error("Test invalid hex input '" + i->second + "'" + - + " for key " + key); + + " for key " + key); } } @@ -676,17 +723,21 @@ std::string Text_Based_Test::get_req_str(const VarMap& vars, const std::string& { auto i = vars.find(key); if(i == vars.end()) + { throw Test_Error("Test missing variable " + key); + } return i->second; } #if defined(BOTAN_HAS_BIGINT) Botan::BigInt Text_Based_Test::get_req_bn(const VarMap& vars, - const std::string& key) const + const std::string& key) const { auto i = vars.find(key); if(i == vars.end()) + { throw Test_Error("Test missing variable " + key); + } try { @@ -699,8 +750,8 @@ Botan::BigInt Text_Based_Test::get_req_bn(const VarMap& vars, } Botan::BigInt Text_Based_Test::get_opt_bn(const VarMap& vars, - const std::string& key, - const Botan::BigInt& def_value) const + const std::string& key, + const Botan::BigInt& def_value) const { auto i = vars.find(key); @@ -740,7 +791,9 @@ std::string Text_Based_Test::get_next_line() const auto fs = Botan::get_files_recursive(full_path); m_srcs.assign(fs.begin(), fs.end()); if(m_srcs.empty()) + { throw Test_Error("Error reading test data dir " + full_path); + } } m_first = false; @@ -762,7 +815,9 @@ std::string Text_Based_Test::get_next_line() } if(!m_cur->good()) + { throw Test_Error("Could not open input file '" + m_cur_src_name); + } m_srcs.pop_front(); } @@ -773,14 +828,20 @@ std::string Text_Based_Test::get_next_line() std::getline(*m_cur, line); if(line.empty()) + { continue; + } if(line[0] == '#') { if(line.compare(0, 6, "#test ") == 0) + { return line; + } else + { continue; + } } return line; @@ -797,7 +858,9 @@ std::string strip_ws(const std::string& in) const auto first_c = in.find_first_not_of(whitespace); if(first_c == std::string::npos) + { return ""; + } const auto last_c = in.find_last_not_of(whitespace); @@ -872,17 +935,23 @@ std::vector<Test::Result> Text_Based_Test::run() { const std::string line = get_next_line(); if(line.empty()) // EOF + { break; + } if(line.compare(0, 6, "#test ") == 0) { std::vector<std::string> pragma_tokens = Botan::split_on(line.substr(6), ' '); if(pragma_tokens.empty()) + { throw Test_Error("Empty pragma found in " + m_cur_src_name); + } if(pragma_tokens[0] != "cpuid") + { throw Test_Error("Unknown test pragma '" + line + "' in " + m_cur_src_name); + } m_cpu_flags = parse_cpuid_bits(pragma_tokens); @@ -893,7 +962,7 @@ std::vector<Test::Result> Text_Based_Test::run() throw Test_Error("Unknown test pragma '" + line + "' in " + m_cur_src_name); } - if(line[0] == '[' && line[line.size()-1] == ']') + if(line[0] == '[' && line[line.size() - 1] == ']') { header = line.substr(1, line.size() - 2); header_or_name = header; @@ -927,7 +996,7 @@ std::vector<Test::Result> Text_Based_Test::run() try { if(possible_providers(header).empty() || - skip_this_test(header, vars)) + skip_this_test(header, vars)) { continue; } @@ -939,7 +1008,7 @@ std::vector<Test::Result> Text_Based_Test::run() Test::Result result = run_one_test(header, vars); if(m_cpu_flags.size() > 0) { - for(auto&& cpuid_bit : m_cpu_flags) + for(auto const& cpuid_bit : m_cpu_flags) { if(Botan::CPUID::has_cpuid_bit(cpuid_bit)) { @@ -953,7 +1022,9 @@ std::vector<Test::Result> Text_Based_Test::run() result.set_ns_consumed(Test::timestamp() - start); if(result.tests_failed()) + { result.test_note("Test #" + std::to_string(test_cnt) + " failed"); + } results.push_back(result); } catch(std::exception& e) @@ -990,4 +1061,3 @@ std::vector<Test::Result> Text_Based_Test::run() } } - diff --git a/src/tests/tests.h b/src/tests/tests.h index 406cff57a..4e992e0d6 100644 --- a/src/tests/tests.h +++ b/src/tests/tests.h @@ -15,11 +15,11 @@ #include <botan/cpuid.h> #if defined(BOTAN_HAS_BIGINT) - #include <botan/bigint.h> + #include <botan/bigint.h> #endif #if defined(BOTAN_HAS_EC_CURVE_GFP) - #include <botan/point_gfp.h> + #include <botan/point_gfp.h> #endif #include <fstream> @@ -35,7 +35,7 @@ namespace Botan_Tests { #if defined(BOTAN_HAS_BIGINT) -using Botan::BigInt; + using Botan::BigInt; #endif using Botan::OctetString; @@ -51,7 +51,7 @@ class Provider_Filter public: Provider_Filter() {} void set(const std::string& provider) { m_provider = provider; } - std::vector<std::string> filter(const std::vector<std::string> &) const; + std::vector<std::string> filter(const std::vector<std::string>&) const; private: std::string m_provider; }; @@ -75,12 +75,27 @@ class Test public: explicit Result(const std::string& who) : m_who(who) {} - size_t tests_passed() const { return m_tests_passed; } - size_t tests_failed() const { return m_fail_log.size(); } - size_t tests_run() const { return tests_passed() + tests_failed(); } - bool any_results() const { return tests_run() > 0; } + size_t tests_passed() const + { + return m_tests_passed; + } + size_t tests_failed() const + { + return m_fail_log.size(); + } + size_t tests_run() const + { + return tests_passed() + tests_failed(); + } + bool any_results() const + { + return tests_run() > 0; + } - const std::string& who() const { return m_who; } + const std::string& who() const + { + return m_who; + } std::string result_string(bool verbose) const; static Result Failure(const std::string& who, @@ -310,9 +325,12 @@ class Test bool test_throws(const std::string& what, std::function<void ()> fn); bool test_throws(const std::string& what, const std::string& expected, - std::function<void ()> fn); + std::function<void ()> fn); - void set_ns_consumed(uint64_t ns) { m_ns_taken = ns; } + void set_ns_consumed(uint64_t ns) + { + m_ns_taken = ns; + } void start_timer(); void end_timer(); @@ -432,7 +450,10 @@ class Text_Based_Test : public Test const std::string& required_keys, const std::string& optional_keys = ""); - virtual bool clear_between_callbacks() const { return true; } + virtual bool clear_between_callbacks() const + { + return true; + } std::vector<Test::Result> run() override; protected: @@ -446,7 +467,10 @@ class Text_Based_Test : public Test virtual bool skip_this_test(const std::string& header, const VarMap& vars); - virtual std::vector<Test::Result> run_final_tests() { return std::vector<Test::Result>(); } + virtual std::vector<Test::Result> run_final_tests() + { + return std::vector<Test::Result>(); + } bool get_req_bool(const VarMap& vars, const std::string& key) const; diff --git a/src/tests/unit_ecc.cpp b/src/tests/unit_ecc.cpp index 1672c289d..e1e1a15ab 100644 --- a/src/tests/unit_ecc.cpp +++ b/src/tests/unit_ecc.cpp @@ -9,17 +9,17 @@ #include "tests.h" #if defined(BOTAN_HAS_ECC_GROUP) - #include <botan/bigint.h> - #include <botan/numthry.h> - #include <botan/curve_gfp.h> - #include <botan/curve_nistp.h> - #include <botan/point_gfp.h> - #include <botan/ec_group.h> - #include <botan/reducer.h> - #include <botan/oids.h> - #include <botan/hex.h> - #include <botan/data_src.h> - #include <botan/x509_key.h> + #include <botan/bigint.h> + #include <botan/numthry.h> + #include <botan/curve_gfp.h> + #include <botan/curve_nistp.h> + #include <botan/point_gfp.h> + #include <botan/ec_group.h> + #include <botan/reducer.h> + #include <botan/oids.h> + #include <botan/hex.h> + #include <botan/data_src.h> + #include <botan/x509_key.h> #endif namespace Botan_Tests { @@ -28,31 +28,32 @@ namespace { #if defined(BOTAN_HAS_ECC_GROUP) -const std::vector<std::string> ec_groups = { - "brainpool160r1", - "brainpool192r1", - "brainpool224r1", - "brainpool256r1", - "brainpool320r1", - "brainpool384r1", - "brainpool512r1", - "gost_256A", - "secp160k1", - "secp160r1", - "secp160r2", - "secp192k1", - "secp192r1", - "secp224k1", - "secp224r1", - "secp256k1", - "secp256r1", - "secp384r1", - "secp521r1", - "x962_p192v2", - "x962_p192v3", - "x962_p239v1", - "x962_p239v2", - "x962_p239v3" +const std::vector<std::string> ec_groups = + { + "brainpool160r1", + "brainpool192r1", + "brainpool224r1", + "brainpool256r1", + "brainpool320r1", + "brainpool384r1", + "brainpool512r1", + "gost_256A", + "secp160k1", + "secp160r1", + "secp160r2", + "secp192k1", + "secp192r1", + "secp224k1", + "secp224r1", + "secp256k1", + "secp256r1", + "secp384r1", + "secp521r1", + "x962_p192v2", + "x962_p192v3", + "x962_p239v1", + "x962_p239v2", + "x962_p239v3" }; Botan::BigInt test_integer(Botan::RandomNumberGenerator& rng, size_t bits, BigInt max) @@ -63,15 +64,22 @@ Botan::BigInt test_integer(Botan::RandomNumberGenerator& rng, size_t bits, BigIn */ Botan::BigInt x = 0; - auto flip_prob = [](size_t i) -> double { + auto flip_prob = [](size_t i) -> double + { if(i % 64 == 0) + { return .5; + } if(i % 32 == 0) + { return .4; + } if(i % 8 == 0) + { return .05; + } return .01; - }; + }; bool active = rng.next_byte() % 2; for(size_t i = 0; i != bits; ++i) @@ -83,7 +91,9 @@ Botan::BigInt test_integer(Botan::RandomNumberGenerator& rng, size_t bits, BigIn const double sample = double(rng.next_byte() % 100) / 100.0; // biased if(sample < prob) + { active = !active; + } } if(max > 0) @@ -132,7 +142,7 @@ class ECC_Randomized_Tests : public Test std::vector<Test::Result> ECC_Randomized_Tests::run() { std::vector<Test::Result> results; - for(auto&& group_name : ec_groups) + for(auto const& group_name : ec_groups) { Test::Result result("ECC randomized " + group_name); @@ -217,7 +227,7 @@ class NIST_Curve_Reduction_Tests : public Test const Botan::BigInt& p, reducer_fn redc_fn) { - const Botan::BigInt p2 = p*p; + const Botan::BigInt p2 = p * p; const size_t p_bits = p.bits(); Botan::Modular_Reducer p_redc(p); @@ -230,7 +240,7 @@ class NIST_Curve_Reduction_Tests : public Test for(size_t i = 0; i <= trials; ++i) { - const Botan::BigInt x = test_integer(Test::rng(), 2*p_bits, p2); + const Botan::BigInt x = test_integer(Test::rng(), 2 * p_bits, p2); // TODO: time and report all three approaches const Botan::BigInt v1 = x % p; @@ -240,7 +250,7 @@ class NIST_Curve_Reduction_Tests : public Test redc_fn(v3, ws); if(!result.test_eq("reference redc", v1, v2) || - !result.test_eq("specialized redc", v2, v3)) + !result.test_eq("specialized redc", v2, v3)) { result.test_note("failing input" + Botan::hex_encode(Botan::BigInt::encode(x))); } @@ -287,7 +297,7 @@ Version 0.3; Section 2.1.2 -------- */ -Test::Result test_point_transformation () +Test::Result test_point_transformation() { Test::Result result("ECC Unit"); @@ -306,7 +316,7 @@ Test::Result test_point_transformation () return result; } -Test::Result test_point_mult () +Test::Result test_point_mult() { Test::Result result("ECC Unit"); @@ -348,8 +358,8 @@ Test::Result test_zeropoint() const Botan::CurveGFp& curve = secp160r1.get_curve(); Botan::PointGFp p1(curve, - Botan::BigInt("16984103820118642236896513183038186009872590470"), - Botan::BigInt("1373093393927139016463695321221277758035357890939")); + Botan::BigInt("16984103820118642236896513183038186009872590470"), + Botan::BigInt("1373093393927139016463695321221277758035357890939")); result.confirm("point is on the curve", p1.on_the_curve()); p1 -= p1; @@ -387,8 +397,8 @@ Test::Result test_calc_with_zeropoint() const Botan::CurveGFp& curve = secp160r1.get_curve(); Botan::PointGFp p(curve, - Botan::BigInt("16984103820118642236896513183038186009872590470"), - Botan::BigInt("1373093393927139016463695321221277758035357890939")); + Botan::BigInt("16984103820118642236896513183038186009872590470"), + Botan::BigInt("1373093393927139016463695321221277758035357890939")); result.confirm("point is on the curve", p.on_the_curve()); result.confirm("point is not zero", !p.is_zero()); @@ -422,8 +432,8 @@ Test::Result test_add_point() p1 += p0; Botan::PointGFp expected(curve, - Botan::BigInt("704859595002530890444080436569091156047721708633"), - Botan::BigInt("1147993098458695153857594941635310323215433166682")); + Botan::BigInt("704859595002530890444080436569091156047721708633"), + Botan::BigInt("1147993098458695153857594941635310323215433166682")); result.test_eq("point addition", p1, expected); return result; @@ -488,15 +498,15 @@ Test::Result test_basic_operations() const Botan::PointGFp simplePlus = p1 + p0; const Botan::PointGFp exp_simplePlus(curve, - Botan::BigInt("704859595002530890444080436569091156047721708633"), - Botan::BigInt("1147993098458695153857594941635310323215433166682")); + Botan::BigInt("704859595002530890444080436569091156047721708633"), + Botan::BigInt("1147993098458695153857594941635310323215433166682")); result.test_eq("point addition", simplePlus, exp_simplePlus); const Botan::PointGFp simpleMinus = p1 - p0; const Botan::PointGFp exp_simpleMinus(curve, - Botan::BigInt("425826231723888350446541592701409065913635568770"), - Botan::BigInt("203520114162904107873991457957346892027982641970")); + Botan::BigInt("425826231723888350446541592701409065913635568770"), + Botan::BigInt("203520114162904107873991457957346892027982641970")); result.test_eq("point subtraction", simpleMinus, exp_simpleMinus); @@ -538,18 +548,18 @@ Test::Result test_enc_dec_compressed_256() std::string b_secp = "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B"; std::string G_secp_comp = "036B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296"; - std::vector<uint8_t> sv_p_secp = Botan::hex_decode ( p_secp ); - std::vector<uint8_t> sv_a_secp = Botan::hex_decode ( a_secp ); - std::vector<uint8_t> sv_b_secp = Botan::hex_decode ( b_secp ); - std::vector<uint8_t> sv_G_secp_comp = Botan::hex_decode ( G_secp_comp ); + std::vector<uint8_t> sv_p_secp = Botan::hex_decode(p_secp); + std::vector<uint8_t> sv_a_secp = Botan::hex_decode(a_secp); + std::vector<uint8_t> sv_b_secp = Botan::hex_decode(b_secp); + std::vector<uint8_t> sv_G_secp_comp = Botan::hex_decode(G_secp_comp); - Botan::BigInt bi_p_secp = Botan::BigInt::decode ( sv_p_secp.data(), sv_p_secp.size() ); - Botan::BigInt bi_a_secp = Botan::BigInt::decode ( sv_a_secp.data(), sv_a_secp.size() ); - Botan::BigInt bi_b_secp = Botan::BigInt::decode ( sv_b_secp.data(), sv_b_secp.size() ); + Botan::BigInt bi_p_secp = Botan::BigInt::decode(sv_p_secp.data(), sv_p_secp.size()); + Botan::BigInt bi_a_secp = Botan::BigInt::decode(sv_a_secp.data(), sv_a_secp.size()); + Botan::BigInt bi_b_secp = Botan::BigInt::decode(sv_b_secp.data(), sv_b_secp.size()); Botan::CurveGFp curve(bi_p_secp, bi_a_secp, bi_b_secp); - Botan::PointGFp p_G = OS2ECP ( sv_G_secp_comp, curve ); + Botan::PointGFp p_G = OS2ECP(sv_G_secp_comp, curve); std::vector<uint8_t> sv_result = unlock(EC2OSP(p_G, Botan::PointGFp::COMPRESSED)); result.test_eq("compressed_256", sv_result, sv_G_secp_comp); @@ -568,18 +578,18 @@ Test::Result test_enc_dec_uncompressed_112() std::string b_secp = "51DEF1815DB5ED74FCC34C85D709"; std::string G_secp_uncomp = "044BA30AB5E892B4E1649DD0928643ADCD46F5882E3747DEF36E956E97"; - std::vector<uint8_t> sv_p_secp = Botan::hex_decode ( p_secp ); - std::vector<uint8_t> sv_a_secp = Botan::hex_decode ( a_secp ); - std::vector<uint8_t> sv_b_secp = Botan::hex_decode ( b_secp ); - std::vector<uint8_t> sv_G_secp_uncomp = Botan::hex_decode ( G_secp_uncomp ); + std::vector<uint8_t> sv_p_secp = Botan::hex_decode(p_secp); + std::vector<uint8_t> sv_a_secp = Botan::hex_decode(a_secp); + std::vector<uint8_t> sv_b_secp = Botan::hex_decode(b_secp); + std::vector<uint8_t> sv_G_secp_uncomp = Botan::hex_decode(G_secp_uncomp); - Botan::BigInt bi_p_secp = Botan::BigInt::decode ( sv_p_secp.data(), sv_p_secp.size() ); - Botan::BigInt bi_a_secp = Botan::BigInt::decode ( sv_a_secp.data(), sv_a_secp.size() ); - Botan::BigInt bi_b_secp = Botan::BigInt::decode ( sv_b_secp.data(), sv_b_secp.size() ); + Botan::BigInt bi_p_secp = Botan::BigInt::decode(sv_p_secp.data(), sv_p_secp.size()); + Botan::BigInt bi_a_secp = Botan::BigInt::decode(sv_a_secp.data(), sv_a_secp.size()); + Botan::BigInt bi_b_secp = Botan::BigInt::decode(sv_b_secp.data(), sv_b_secp.size()); Botan::CurveGFp curve(bi_p_secp, bi_a_secp, bi_b_secp); - Botan::PointGFp p_G = OS2ECP ( sv_G_secp_uncomp, curve ); + Botan::PointGFp p_G = OS2ECP(sv_G_secp_uncomp, curve); std::vector<uint8_t> sv_result = unlock(EC2OSP(p_G, Botan::PointGFp::UNCOMPRESSED)); result.test_eq("uncompressed_112", sv_result, sv_G_secp_uncomp); @@ -591,23 +601,27 @@ Test::Result test_enc_dec_uncompressed_521() Test::Result result("ECC Unit"); // Test for uncompressed conversion(04) with big values(521 bit) - std::string p_secp = "01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"; - std::string a_secp = "01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffFC"; - std::string b_secp = "0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00"; - std::string G_secp_uncomp = "0400C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2ffA8DE3348B3C1856A429BF97E7E31C2E5BD66011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650"; - - std::vector<uint8_t> sv_p_secp = Botan::hex_decode ( p_secp ); - std::vector<uint8_t> sv_a_secp = Botan::hex_decode ( a_secp ); - std::vector<uint8_t> sv_b_secp = Botan::hex_decode ( b_secp ); - std::vector<uint8_t> sv_G_secp_uncomp = Botan::hex_decode ( G_secp_uncomp ); - - Botan::BigInt bi_p_secp = Botan::BigInt::decode ( sv_p_secp.data(), sv_p_secp.size() ); - Botan::BigInt bi_a_secp = Botan::BigInt::decode ( sv_a_secp.data(), sv_a_secp.size() ); - Botan::BigInt bi_b_secp = Botan::BigInt::decode ( sv_b_secp.data(), sv_b_secp.size() ); + std::string p_secp = + "01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"; + std::string a_secp = + "01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffFC"; + std::string b_secp = + "0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00"; + std::string G_secp_uncomp = + "0400C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2ffA8DE3348B3C1856A429BF97E7E31C2E5BD66011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650"; + + std::vector<uint8_t> sv_p_secp = Botan::hex_decode(p_secp); + std::vector<uint8_t> sv_a_secp = Botan::hex_decode(a_secp); + std::vector<uint8_t> sv_b_secp = Botan::hex_decode(b_secp); + std::vector<uint8_t> sv_G_secp_uncomp = Botan::hex_decode(G_secp_uncomp); + + Botan::BigInt bi_p_secp = Botan::BigInt::decode(sv_p_secp.data(), sv_p_secp.size()); + Botan::BigInt bi_a_secp = Botan::BigInt::decode(sv_a_secp.data(), sv_a_secp.size()); + Botan::BigInt bi_b_secp = Botan::BigInt::decode(sv_b_secp.data(), sv_b_secp.size()); Botan::CurveGFp curve(bi_p_secp, bi_a_secp, bi_b_secp); - Botan::PointGFp p_G = Botan::OS2ECP ( sv_G_secp_uncomp, curve ); + Botan::PointGFp p_G = Botan::OS2ECP(sv_G_secp_uncomp, curve); std::vector<uint8_t> sv_result = unlock(EC2OSP(p_G, Botan::PointGFp::UNCOMPRESSED)); @@ -620,26 +634,30 @@ Test::Result test_enc_dec_uncompressed_521_prime_too_large() Test::Result result("ECC Unit"); // Test for uncompressed conversion(04) with big values(521 bit) - std::string p_secp = "01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"; // length increased by "ff" - std::string a_secp = "01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffFC"; - std::string b_secp = "0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00"; - std::string G_secp_uncomp = "0400C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2ffA8DE3348B3C1856A429BF97E7E31C2E5BD66011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650"; - - std::vector<uint8_t> sv_p_secp = Botan::hex_decode ( p_secp ); - std::vector<uint8_t> sv_a_secp = Botan::hex_decode ( a_secp ); - std::vector<uint8_t> sv_b_secp = Botan::hex_decode ( b_secp ); - std::vector<uint8_t> sv_G_secp_uncomp = Botan::hex_decode ( G_secp_uncomp ); - - Botan::BigInt bi_p_secp = Botan::BigInt::decode ( sv_p_secp.data(), sv_p_secp.size() ); - Botan::BigInt bi_a_secp = Botan::BigInt::decode ( sv_a_secp.data(), sv_a_secp.size() ); - Botan::BigInt bi_b_secp = Botan::BigInt::decode ( sv_b_secp.data(), sv_b_secp.size() ); - - Botan::CurveGFp secp521r1 (bi_p_secp, bi_a_secp, bi_b_secp); + std::string p_secp = + "01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff"; // length increased by "ff" + std::string a_secp = + "01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffFC"; + std::string b_secp = + "0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00"; + std::string G_secp_uncomp = + "0400C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2ffA8DE3348B3C1856A429BF97E7E31C2E5BD66011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650"; + + std::vector<uint8_t> sv_p_secp = Botan::hex_decode(p_secp); + std::vector<uint8_t> sv_a_secp = Botan::hex_decode(a_secp); + std::vector<uint8_t> sv_b_secp = Botan::hex_decode(b_secp); + std::vector<uint8_t> sv_G_secp_uncomp = Botan::hex_decode(G_secp_uncomp); + + Botan::BigInt bi_p_secp = Botan::BigInt::decode(sv_p_secp.data(), sv_p_secp.size()); + Botan::BigInt bi_a_secp = Botan::BigInt::decode(sv_a_secp.data(), sv_a_secp.size()); + Botan::BigInt bi_b_secp = Botan::BigInt::decode(sv_b_secp.data(), sv_b_secp.size()); + + Botan::CurveGFp secp521r1(bi_p_secp, bi_a_secp, bi_b_secp); std::unique_ptr<Botan::PointGFp> p_G; try { - p_G = std::unique_ptr<Botan::PointGFp>(new Botan::PointGFp(Botan::OS2ECP ( sv_G_secp_uncomp, secp521r1))); + p_G = std::unique_ptr<Botan::PointGFp>(new Botan::PointGFp(Botan::OS2ECP(sv_G_secp_uncomp, secp521r1))); result.test_failure("point decoding with too large value accepted"); } catch(std::exception&) @@ -671,16 +689,20 @@ Test::Result test_cdc_curve_33() { Test::Result result("ECC Unit"); - std::string G_secp_uncomp = "04081523d03d4f12cd02879dea4bf6a4f3a7df26ed888f10c5b2235a1274c386a2f218300dee6ed217841164533bcdc903f07a096f9fbf4ee95bac098a111f296f5830fe5c35b3e344d5df3a2256985f64fbe6d0edcc4c61d18bef681dd399df3d0194c5a4315e012e0245ecea56365baa9e8be1f7"; + std::string G_secp_uncomp = + "04081523d03d4f12cd02879dea4bf6a4f3a7df26ed888f10c5b2235a1274c386a2f218300dee6ed217841164533bcdc903f07a096f9fbf4ee95bac098a111f296f5830fe5c35b3e344d5df3a2256985f64fbe6d0edcc4c61d18bef681dd399df3d0194c5a4315e012e0245ecea56365baa9e8be1f7"; - std::vector<uint8_t> sv_G_uncomp = Botan::hex_decode ( G_secp_uncomp ); + std::vector<uint8_t> sv_G_uncomp = Botan::hex_decode(G_secp_uncomp); - Botan::BigInt bi_p_secp = Botan::BigInt("2117607112719756483104013348936480976596328609518055062007450442679169492999007105354629105748524349829824407773719892437896937279095106809"); - Botan::BigInt bi_a_secp("0xa377dede6b523333d36c78e9b0eaa3bf48ce93041f6d4fc34014d08f6833807498deedd4290101c5866e8dfb589485d13357b9e78c2d7fbe9fe"); - Botan::BigInt bi_b_secp("0xa9acf8c8ba617777e248509bcb4717d4db346202bf9e352cd5633731dd92a51b72a4dc3b3d17c823fcc8fbda4da08f25dea89046087342595a7"); + Botan::BigInt bi_p_secp = + Botan::BigInt("2117607112719756483104013348936480976596328609518055062007450442679169492999007105354629105748524349829824407773719892437896937279095106809"); + Botan::BigInt + bi_a_secp("0xa377dede6b523333d36c78e9b0eaa3bf48ce93041f6d4fc34014d08f6833807498deedd4290101c5866e8dfb589485d13357b9e78c2d7fbe9fe"); + Botan::BigInt + bi_b_secp("0xa9acf8c8ba617777e248509bcb4717d4db346202bf9e352cd5633731dd92a51b72a4dc3b3d17c823fcc8fbda4da08f25dea89046087342595a7"); Botan::CurveGFp curve(bi_p_secp, bi_a_secp, bi_b_secp); - Botan::PointGFp p_G = Botan::OS2ECP ( sv_G_uncomp, curve); + Botan::PointGFp p_G = Botan::OS2ECP(sv_G_uncomp, curve); result.confirm("point is on the curve", p_G.on_the_curve()); return result; } @@ -695,8 +717,8 @@ Test::Result test_more_zeropoint() const Botan::CurveGFp& curve = secp160r1.get_curve(); Botan::PointGFp p1(curve, - Botan::BigInt("16984103820118642236896513183038186009872590470"), - Botan::BigInt("1373093393927139016463695321221277758035357890939")); + Botan::BigInt("16984103820118642236896513183038186009872590470"), + Botan::BigInt("1373093393927139016463695321221277758035357890939")); result.confirm("point is on the curve", p1.on_the_curve()); Botan::PointGFp minus_p1 = -p1; @@ -760,7 +782,7 @@ Test::Result test_mult_sec_mass() Test::Result result("ECC Unit"); Botan::EC_Group dom_pars(Botan::OID("1.3.132.0.8")); - for(int i = 0; i<50; i++) + for(int i = 0; i < 50; i++) { try { @@ -806,8 +828,8 @@ class ECC_Unit_Tests : public Test std::vector<Test::Result> results; results.push_back(test_coordinates()); - results.push_back(test_point_transformation ()); - results.push_back(test_point_mult ()); + results.push_back(test_point_transformation()); + results.push_back(test_point_mult()); results.push_back(test_point_negative()); results.push_back(test_zeropoint()); results.push_back(test_zeropoint_enc_dec()); @@ -841,7 +863,10 @@ class ECC_Invalid_Key_Tests : public Text_Based_Test ECC_Invalid_Key_Tests() : Text_Based_Test("pubkey/ecc_invalid.vec", "SubjectPublicKey") {} - bool clear_between_callbacks() const override { return false; } + bool clear_between_callbacks() const override + { + return false; + } Test::Result run_one_test(const std::string&, const VarMap& vars) override { diff --git a/src/tests/unit_ecdh.cpp b/src/tests/unit_ecdh.cpp index 1f2786440..8489d00d4 100644 --- a/src/tests/unit_ecdh.cpp +++ b/src/tests/unit_ecdh.cpp @@ -10,8 +10,8 @@ #include "tests.h" #if defined(BOTAN_HAS_ECDH) - #include <botan/pubkey.h> - #include <botan/ecdh.h> + #include <botan/pubkey.h> + #include <botan/ecdh.h> #endif namespace Botan_Tests { @@ -38,7 +38,7 @@ class ECDH_Unit_Tests : public Test std::vector<std::string> params = { "secp256r1", "secp384r1", "secp521r1", "brainpool256r1" }; - for(auto&& param : params) + for(auto const& param : params) { try { diff --git a/src/tests/unit_ecdsa.cpp b/src/tests/unit_ecdsa.cpp index 96aa36969..fa77814ad 100644 --- a/src/tests/unit_ecdsa.cpp +++ b/src/tests/unit_ecdsa.cpp @@ -10,18 +10,19 @@ #include "tests.h" #include <botan/hex.h> +#include <numeric> #if defined(BOTAN_HAS_ECDSA) - #include <botan/pubkey.h> - #include <botan/ecdsa.h> - #include <botan/ec_group.h> - #include <botan/oids.h> - #include <botan/pkcs8.h> - #include <botan/hash.h> + #include <botan/pubkey.h> + #include <botan/ecdsa.h> + #include <botan/ec_group.h> + #include <botan/oids.h> + #include <botan/pkcs8.h> + #include <botan/hash.h> #endif #if defined(BOTAN_HAS_X509_CERTIFICATES) - #include <botan/x509cert.h> + #include <botan/x509cert.h> #endif namespace Botan_Tests { @@ -41,14 +42,13 @@ Test::Result test_hash_larger_than_n() Test::Result result("ECDSA Unit"); Botan::EC_Group dom_pars("secp160r1"); - + // n = 0x0100000000000000000001f4c8f927aed3ca752257 (21 bytes) Botan::ECDSA_PrivateKey priv_key(Test::rng(), dom_pars); std::vector<uint8_t> message(20); - for(size_t i = 0; i != message.size(); ++i) - message[i] = i; + std::iota(message.begin(), message.end(), 0); auto sha1 = Botan::HashFunction::create("SHA-1"); auto sha224 = Botan::HashFunction::create("SHA-224"); @@ -85,7 +85,8 @@ Test::Result test_decode_ecdsa_X509() result.test_eq("serial number", cert.serial_number(), Botan::hex_decode("01")); result.test_eq("authority key id", cert.authority_key_id(), cert.subject_key_id()); - result.test_eq("key fingerprint", cert.fingerprint("SHA-1"), "32:42:1C:C3:EC:54:D7:E9:43:EC:51:F0:19:23:BD:85:1D:F2:1B:B9"); + result.test_eq("key fingerprint", cert.fingerprint("SHA-1"), + "32:42:1C:C3:EC:54:D7:E9:43:EC:51:F0:19:23:BD:85:1D:F2:1B:B9"); std::unique_ptr<Botan::Public_Key> pubkey(cert.subject_public_key()); result.test_eq("verify self-signed signature", cert.check_signature(*pubkey), true); @@ -171,9 +172,11 @@ Test::Result test_ec_sign() // now check with original input, modified signature - sig[sig.size()/2]++; + sig[sig.size() / 2]++; for(size_t i = 0; i != 256; ++i) + { verifier.update(static_cast<uint8_t>(i)); + } result.test_eq("invalid ECDSA signature invalid", verifier.check_signature(sig), false); } @@ -227,17 +230,23 @@ Test::Result test_unusual_curve() Test::Result result("ECDSA Unit"); //calc a curve which is not in the registry - const std::string G_secp_comp = "04081523d03d4f12cd02879dea4bf6a4f3a7df26ed888f10c5b2235a1274c386a2f218300dee6ed217841164533bcdc903f07a096f9fbf4ee95bac098a111f296f5830fe5c35b3e344d5df3a2256985f64fbe6d0edcc4c61d18bef681dd399df3d0194c5a4315e012e0245ecea56365baa9e8be1f7"; - const Botan::BigInt bi_p_secp("2117607112719756483104013348936480976596328609518055062007450442679169492999007105354629105748524349829824407773719892437896937279095106809"); - const Botan::BigInt bi_a_secp("0x0a377dede6b523333d36c78e9b0eaa3bf48ce93041f6d4fc34014d08f6833807498deedd4290101c5866e8dfb589485d13357b9e78c2d7fbe9fe"); - const Botan::BigInt bi_b_secp("0x0a9acf8c8ba617777e248509bcb4717d4db346202bf9e352cd5633731dd92a51b72a4dc3b3d17c823fcc8fbda4da08f25dea89046087342595a7"); + const std::string G_secp_comp = + "04081523d03d4f12cd02879dea4bf6a4f3a7df26ed888f10c5b2235a1274c386a2f218300dee6ed217841164533bcdc903f07a096f9fbf4ee95bac098a111f296f5830fe5c35b3e344d5df3a2256985f64fbe6d0edcc4c61d18bef681dd399df3d0194c5a4315e012e0245ecea56365baa9e8be1f7"; + const Botan::BigInt + bi_p_secp("2117607112719756483104013348936480976596328609518055062007450442679169492999007105354629105748524349829824407773719892437896937279095106809"); + const Botan::BigInt + bi_a_secp("0x0a377dede6b523333d36c78e9b0eaa3bf48ce93041f6d4fc34014d08f6833807498deedd4290101c5866e8dfb589485d13357b9e78c2d7fbe9fe"); + const Botan::BigInt + bi_b_secp("0x0a9acf8c8ba617777e248509bcb4717d4db346202bf9e352cd5633731dd92a51b72a4dc3b3d17c823fcc8fbda4da08f25dea89046087342595a7"); Botan::BigInt bi_order_g("0x0e1a16196e6000000000bc7f1618d867b15bb86474418f"); Botan::CurveGFp curve(bi_p_secp, bi_a_secp, bi_b_secp); Botan::PointGFp p_G = Botan::OS2ECP(Botan::hex_decode(G_secp_comp), curve); Botan::EC_Group dom_params(curve, p_G, bi_order_g, Botan::BigInt(1)); if(!result.confirm("point is on curve", p_G.on_the_curve())) + { return result; + } Botan::ECDSA_PrivateKey key_odd_curve(Test::rng(), dom_params); std::string key_odd_curve_str = Botan::PKCS8::PEM_encode(key_odd_curve); @@ -258,11 +267,14 @@ Test::Result test_read_pkcs8() try { - std::unique_ptr<Botan::Private_Key> loaded_key_nodp(Botan::PKCS8::load_key(Test::data_file("ecc/nodompar_private.pkcs8.pem"), Test::rng())); + std::unique_ptr<Botan::Private_Key> loaded_key_nodp(Botan::PKCS8::load_key( + Test::data_file("ecc/nodompar_private.pkcs8.pem"), Test::rng())); // anew in each test with unregistered domain-parameters Botan::ECDSA_PrivateKey* ecdsa_nodp = dynamic_cast<Botan::ECDSA_PrivateKey*>(loaded_key_nodp.get()); if(!ecdsa_nodp) + { throw Test_Error("Unable to load valid PKCS8 ECDSA key"); + } Botan::PK_Signer signer(*ecdsa_nodp, Test::rng(), "EMSA1(SHA-256)"); Botan::PK_Verifier verifier(*ecdsa_nodp, "EMSA1(SHA-256)"); @@ -295,7 +307,8 @@ Test::Result test_read_pkcs8() Test::Result test_curve_registry() { - const std::vector<std::string> oids = { + const std::vector<std::string> oids = + { "1.3.132.0.8", "1.2.840.10045.3.1.1", "1.2.840.10045.3.1.2", @@ -323,7 +336,7 @@ Test::Result test_curve_registry() Test::Result result("ECDSA Unit"); - for(auto&& oid_str : oids) + for(auto const& oid_str : oids) { try { diff --git a/src/tests/unit_tls.cpp b/src/tests/unit_tls.cpp index 28152e624..5ec44331c 100644 --- a/src/tests/unit_tls.cpp +++ b/src/tests/unit_tls.cpp @@ -16,25 +16,25 @@ #if defined(BOTAN_HAS_TLS) -#include <botan/tls_client.h> -#include <botan/tls_server.h> - -#include <botan/ec_group.h> -#include <botan/hex.h> -#include <botan/pkcs10.h> -#include <botan/rsa.h> -#include <botan/ecdsa.h> -#include <botan/tls_handshake_msg.h> -#include <botan/x509_ca.h> -#include <botan/x509self.h> - -#if defined(BOTAN_HAS_DSA) - #include <botan/dsa.h> -#endif - -#if defined(BOTAN_HAS_TLS_SQLITE3_SESSION_MANAGER) - #include <botan/tls_session_manager_sqlite.h> -#endif + #include <botan/tls_client.h> + #include <botan/tls_server.h> + + #include <botan/ec_group.h> + #include <botan/hex.h> + #include <botan/pkcs10.h> + #include <botan/rsa.h> + #include <botan/ecdsa.h> + #include <botan/tls_handshake_msg.h> + #include <botan/x509_ca.h> + #include <botan/x509self.h> + + #if defined(BOTAN_HAS_DSA) + #include <botan/dsa.h> + #endif + + #if defined(BOTAN_HAS_TLS_SQLITE3_SESSION_MANAGER) + #include <botan/tls_session_manager_sqlite.h> + #endif #endif @@ -93,8 +93,10 @@ class Credentials_Manager_Test : public Botan::Credentials_Manager const std::string&) override { std::vector<Botan::Certificate_Store*> v; - for(auto&& store : m_stores) + for(auto const& store : m_stores) + { v.push_back(store.get()); + } return v; } @@ -107,7 +109,7 @@ class Credentials_Manager_Test : public Botan::Credentials_Manager if(type == "tls-server" || (type == "tls-client" && m_provides_client_certs)) { - for(auto&& key_type : cert_key_types) + for(auto const& key_type : cert_key_types) { if(key_type == "RSA") { @@ -146,11 +148,17 @@ class Credentials_Manager_Test : public Botan::Credentials_Manager const std::string&) override { if(crt == m_rsa_cert) + { return m_rsa_key.get(); + } if(crt == m_ecdsa_cert) + { return m_ecdsa_key.get(); + } if(crt == *m_dsa_cert) + { return m_dsa_key.get(); + } return nullptr; } @@ -159,13 +167,19 @@ class Credentials_Manager_Test : public Botan::Credentials_Manager const std::string&) override { if(type == "tls-server" && context == "session-ticket") + { return Botan::SymmetricKey("AABBCCDDEEFF012345678012345678"); + } if(context == "server.example.com" && type == "tls-client") + { return Botan::SymmetricKey("20B602D1475F2DF888FCB60D2AE03AFD"); + } if(context == "server.example.com" && type == "tls-server") + { return Botan::SymmetricKey("20B602D1475F2DF888FCB60D2AE03AFD"); + } throw Test_Error("No PSK set for " + type + "/" + context); } @@ -249,14 +263,14 @@ create_creds(Botan::RandomNumberGenerator& rng, dsa_ca_opts.CA_key(1); dsa_ca_cert.reset(new Botan::X509_Certificate( - Botan::X509::create_self_signed_cert(dsa_ca_opts, *dsa_ca_key, "SHA-256", rng))); + Botan::X509::create_self_signed_cert(dsa_ca_opts, *dsa_ca_key, "SHA-256", rng))); const Botan::PKCS10_Request dsa_req = - Botan::X509::create_cert_req(server_opts, *dsa_srv_key, "SHA-256", rng); + Botan::X509::create_cert_req(server_opts, *dsa_srv_key, "SHA-256", rng); Botan::X509_CA dsa_ca(*dsa_ca_cert, *dsa_ca_key, "SHA-256", rng); dsa_srv_cert.reset(new Botan::X509_Certificate( - dsa_ca.sign_request(dsa_req, rng, start_time, end_time))); + dsa_ca.sign_request(dsa_req, rng, start_time, end_time))); dsa_crl.reset(new Botan::X509_CRL(dsa_ca.new_crl(rng))); #endif @@ -301,7 +315,8 @@ Test::Result test_tls_handshake(Botan::TLS::Protocol_Version offer_version, result.test_note("Test round " + std::to_string(r)); - auto handshake_complete = [&](const Botan::TLS::Session& session) -> bool { + auto handshake_complete = [&](const Botan::TLS::Session& session) + { handshake_done = true; const std::string session_report = @@ -313,16 +328,18 @@ Test::Result test_tls_handshake(Botan::TLS::Protocol_Version offer_version, if(session.version() != offer_version) { - result.test_failure("Offered " + offer_version.to_string() + - " got " + session.version().to_string()); + result.test_failure("Offered " + offer_version.to_string() + " got " + session.version().to_string()); } if(r <= 2) + { return true; + } return false; - }; + }; - auto next_protocol_chooser = [&](std::vector<std::string> protos) -> std::string { + auto next_protocol_chooser = [&](std::vector<std::string> protos) -> std::string + { if(r <= 2) { result.test_eq("protocol count", protos.size(), 2); @@ -330,7 +347,7 @@ Test::Result test_tls_handshake(Botan::TLS::Protocol_Version offer_version, result.test_eq("protocol[1]", protos[1], "test/2"); } return "test/3"; - }; + }; const std::vector<std::string> protocols_offered = { "test/1", "test/2" }; @@ -339,12 +356,12 @@ Test::Result test_tls_handshake(Botan::TLS::Protocol_Version offer_version, std::vector<uint8_t> c2s_traffic, s2c_traffic, client_recv, server_recv, client_sent, server_sent; std::unique_ptr<Botan::TLS::Callbacks> server_cb(new Botan::TLS::Compat_Callbacks( - queue_inserter(s2c_traffic), - queue_inserter(server_recv), - std::function<void (Botan::TLS::Alert, const uint8_t[], size_t)>(alert_cb_with_data), - handshake_complete, - nullptr, - next_protocol_chooser)); + queue_inserter(s2c_traffic), + queue_inserter(server_recv), + std::function<void (Botan::TLS::Alert, const uint8_t[], size_t)>(alert_cb_with_data), + handshake_complete, + nullptr, + next_protocol_chooser)); // TLS::Server object constructed by new constructor using virtual callback interface. std::unique_ptr<Botan::TLS::Server> server( @@ -356,10 +373,10 @@ Test::Result test_tls_handshake(Botan::TLS::Protocol_Version offer_version, false)); std::unique_ptr<Botan::TLS::Callbacks> client_cb(new Botan::TLS::Compat_Callbacks( - queue_inserter(c2s_traffic), - queue_inserter(client_recv), - std::function<void (Botan::TLS::Alert, const uint8_t[], size_t)>(alert_cb_with_data), - handshake_complete)); + queue_inserter(c2s_traffic), + queue_inserter(client_recv), + std::function<void (Botan::TLS::Alert, const uint8_t[], size_t)>(alert_cb_with_data), + handshake_complete)); // TLS::Client object constructed by new constructor using virtual callback interface. std::unique_ptr<Botan::TLS::Client> client( @@ -428,7 +445,9 @@ Test::Result test_tls_handshake(Botan::TLS::Protocol_Version offer_version, } if(handshake_done && (client->is_closed() || server->is_closed())) + { break; + } if(client->is_active() && client_sent.empty()) { @@ -491,8 +510,8 @@ Test::Result test_tls_handshake(Botan::TLS::Protocol_Version offer_version, size_t total_consumed = needed; while(needed > 0 && - result.test_lt("Never requesting more than max protocol len", needed, Botan::TLS::MAX_CIPHERTEXT_SIZE+1) && - result.test_lt("Total requested is readonable", total_consumed, 128*1024)) + result.test_lt("Never requesting more than max protocol len", needed, Botan::TLS::MAX_CIPHERTEXT_SIZE + 1) && + result.test_lt("Total requested is readonable", total_consumed, 128 * 1024)) { input.resize(needed); rng.randomize(input.data(), input.size()); @@ -521,7 +540,8 @@ Test::Result test_tls_handshake(Botan::TLS::Protocol_Version offer_version, size_t total_consumed = 0; - while(needed > 0 && result.test_lt("Never requesting more than max protocol len", needed, Botan::TLS::MAX_CIPHERTEXT_SIZE+1)) + while(needed > 0 && + result.test_lt("Never requesting more than max protocol len", needed, Botan::TLS::MAX_CIPHERTEXT_SIZE + 1)) { input.resize(needed); rng.randomize(input.data(), input.size()); @@ -557,7 +577,9 @@ Test::Result test_tls_handshake(Botan::TLS::Protocol_Version offer_version, } if(client->is_closed() && server->is_closed()) + { break; + } if(server_recv.size() && client_recv.size()) { @@ -567,9 +589,13 @@ Test::Result test_tls_handshake(Botan::TLS::Protocol_Version offer_version, result.test_eq("TLS key material export", client_key.bits_of(), server_key.bits_of()); if(r % 2 == 0) + { client->close(); + } else + { server->close(); + } } } } @@ -621,19 +647,20 @@ Test::Result test_dtls_handshake(Botan::TLS::Protocol_Version offer_version, { bool handshake_done = false; - auto handshake_complete = [&](const Botan::TLS::Session& session) -> bool { + auto handshake_complete = [&](const Botan::TLS::Session & session) -> bool + { handshake_done = true; if(session.version() != offer_version) { - result.test_failure("Offered " + offer_version.to_string() + - " got " + session.version().to_string()); + result.test_failure("Offered " + offer_version.to_string() + " got " + session.version().to_string()); } return true; - }; + }; - auto next_protocol_chooser = [&](std::vector<std::string> protos) -> std::string { + auto next_protocol_chooser = [&](std::vector<std::string> protos) -> std::string + { if(r <= 2) { result.test_eq("protocol count", protos.size(), 2); @@ -641,7 +668,7 @@ Test::Result test_dtls_handshake(Botan::TLS::Protocol_Version offer_version, result.test_eq("protocol[1]", protos[1], "test/2"); } return "test/3"; - }; + }; const std::vector<std::string> protocols_offered = { "test/1", "test/2" }; @@ -650,18 +677,18 @@ Test::Result test_dtls_handshake(Botan::TLS::Protocol_Version offer_version, std::vector<uint8_t> c2s_traffic, s2c_traffic, client_recv, server_recv, client_sent, server_sent; std::unique_ptr<Botan::TLS::Callbacks> server_cb(new Botan::TLS::Compat_Callbacks( - queue_inserter(s2c_traffic), - queue_inserter(server_recv), - std::function<void (Botan::TLS::Alert)>(print_alert), - handshake_complete, - nullptr, - next_protocol_chooser)); + queue_inserter(s2c_traffic), + queue_inserter(server_recv), + std::function<void (Botan::TLS::Alert)>(print_alert), + handshake_complete, + nullptr, + next_protocol_chooser)); std::unique_ptr<Botan::TLS::Callbacks> client_cb(new Botan::TLS::Compat_Callbacks( - queue_inserter(c2s_traffic), - queue_inserter(client_recv), - std::function<void (Botan::TLS::Alert)>(print_alert), - handshake_complete)); + queue_inserter(c2s_traffic), + queue_inserter(client_recv), + std::function<void (Botan::TLS::Alert)>(print_alert), + handshake_complete)); // TLS::Server object constructed by new constructor using virtual callback interface. std::unique_ptr<Botan::TLS::Server> server( @@ -686,7 +713,7 @@ Test::Result test_dtls_handshake(Botan::TLS::Protocol_Version offer_version, size_t rounds = 0; // Test DTLS using both new and legacy constructors. - for(size_t ctor_sel = 0; ctor_sel < 2; ctor_sel++) + for(size_t ctor_sel = 0; ctor_sel < 2; ++ctor_sel) { if(ctor_sel == 1) { @@ -737,7 +764,9 @@ Test::Result test_dtls_handshake(Botan::TLS::Protocol_Version offer_version, } if(handshake_done && (client->is_closed() || server->is_closed())) + { break; + } if(client->is_active() && client_sent.empty()) { @@ -776,7 +805,8 @@ Test::Result test_dtls_handshake(Botan::TLS::Protocol_Version offer_version, input = Test::mutate_vec(input, true, 5); size_t needed = server->received_data(input.data(), input.size()); - if(needed > 0 && result.test_lt("Never requesting more than max protocol len", needed, Botan::TLS::MAX_CIPHERTEXT_SIZE+1)) + if(needed > 0 && + result.test_lt("Never requesting more than max protocol len", needed, Botan::TLS::MAX_CIPHERTEXT_SIZE + 1)) { input.resize(needed); rng.randomize(input.data(), input.size()); @@ -816,7 +846,8 @@ Test::Result test_dtls_handshake(Botan::TLS::Protocol_Version offer_version, input = Test::mutate_vec(input, true, 5); size_t needed = client->received_data(input.data(), input.size()); - if(needed > 0 && result.test_lt("Never requesting more than max protocol len", needed, Botan::TLS::MAX_CIPHERTEXT_SIZE+1)) + if(needed > 0 && + result.test_lt("Never requesting more than max protocol len", needed, Botan::TLS::MAX_CIPHERTEXT_SIZE + 1)) { input.resize(needed); rng.randomize(input.data(), input.size()); @@ -846,9 +877,13 @@ Test::Result test_dtls_handshake(Botan::TLS::Protocol_Version offer_version, // If we corrupted a DTLS application message, resend it: if(client->is_active() && corrupt_client_data && server_recv.empty()) + { client->send(client_sent); + } if(server->is_active() && corrupt_server_data && client_recv.empty()) + { server->send(server_sent); + } if(client_recv.size()) { @@ -861,7 +896,9 @@ Test::Result test_dtls_handshake(Botan::TLS::Protocol_Version offer_version, } if(client->is_closed() && server->is_closed()) + { break; + } if(server_recv.size() && client_recv.size()) { @@ -871,9 +908,13 @@ Test::Result test_dtls_handshake(Botan::TLS::Protocol_Version offer_version, result.test_eq("key material export", client_key.bits_of(), server_key.bits_of()); if(r % 2 == 0) + { client->close(); + } else + { server->close(); + } } } } @@ -909,22 +950,41 @@ class Test_Policy : public Botan::TLS::Text_Policy { public: Test_Policy() : Text_Policy("") {} - bool acceptable_protocol_version(Botan::TLS::Protocol_Version) const override { return true; } - bool send_fallback_scsv(Botan::TLS::Protocol_Version) const override { return false; } + bool acceptable_protocol_version(Botan::TLS::Protocol_Version) const override + { + return true; + } + bool send_fallback_scsv(Botan::TLS::Protocol_Version) const override + { + return false; + } - size_t dtls_initial_timeout() const override { return 1; } - size_t dtls_maximum_timeout() const override { return 8; } + size_t dtls_initial_timeout() const override + { + return 1; + } + size_t dtls_maximum_timeout() const override + { + return 8; + } - size_t minimum_rsa_bits() const override { return 1024; } + size_t minimum_rsa_bits() const override + { + return 1024; + } - size_t minimum_signature_strength() const override { return 80; } + size_t minimum_signature_strength() const override + { + return 80; + } }; Test::Result test_tls_alert_strings() { Test::Result result("TLS::Alert::type_string"); - const std::vector<Botan::TLS::Alert::Type> alert_types = { + const std::vector<Botan::TLS::Alert::Type> alert_types = + { Botan::TLS::Alert::CLOSE_NOTIFY, Botan::TLS::Alert::UNEXPECTED_MESSAGE, Botan::TLS::Alert::BAD_RECORD_MAC, @@ -957,7 +1017,7 @@ Test::Result test_tls_alert_strings() Botan::TLS::Alert::BAD_CERTIFICATE_HASH_VALUE, Botan::TLS::Alert::UNKNOWN_PSK_IDENTITY, Botan::TLS::Alert:: NO_APPLICATION_PROTOCOL, - }; + }; std::set<std::string> seen; @@ -968,7 +1028,7 @@ Test::Result test_tls_alert_strings() seen.insert(str); } - Botan::TLS::Alert unknown_alert = Botan::TLS::Alert(Botan::secure_vector<uint8_t>{01, 66}); + Botan::TLS::Alert unknown_alert = Botan::TLS::Alert({01, 66}); result.test_eq("Unknown alert str", unknown_alert.type_string(), "unrecognized_alert_66"); @@ -982,7 +1042,9 @@ std::string read_tls_policy(const std::string& policy_str) std::ifstream is(fspath.c_str()); if(!is.good()) + { throw Test_Error("Missing policy file " + fspath); + } Botan::TLS::Text_Policy policy(is); return policy.to_string(); @@ -992,17 +1054,29 @@ std::string tls_policy_string(const std::string& policy_str) { std::unique_ptr<Botan::TLS::Policy> policy; if(policy_str == "default") + { policy.reset(new Botan::TLS::Policy); + } else if(policy_str == "suiteb") + { policy.reset(new Botan::TLS::NSA_Suite_B_128); + } else if(policy_str == "bsi") + { policy.reset(new Botan::TLS::BSI_TR_02102_2); + } else if(policy_str == "strict") + { policy.reset(new Botan::TLS::Strict_Policy); + } else if(policy_str == "datagram") + { policy.reset(new Botan::TLS::Datagram_Policy); + } else + { throw Test_Error("Unknown TLS policy type '" + policy_str + "'"); + } return policy->to_string(); } @@ -1035,12 +1109,16 @@ class TLS_Unit_Tests : public Test { Botan::RandomNumberGenerator& rng = Test::rng(); - for(auto&& version : versions) + for(auto const& version : versions) { if(version.is_datagram_protocol()) + { results.push_back(test_dtls_handshake(version, creds, policy, rng, client_ses, server_ses)); + } else + { results.push_back(test_tls_handshake(version, creds, policy, rng, client_ses, server_ses)); + } } } @@ -1060,15 +1138,18 @@ class TLS_Unit_Tests : public Test policy.set("negotiate_encrypt_then_mac", etm_policy); if(kex_policy == "RSA") + { policy.set("signature_methods", "RSA"); + } - std::vector<Botan::TLS::Protocol_Version> versions = { + std::vector<Botan::TLS::Protocol_Version> versions = + { Botan::TLS::Protocol_Version::TLS_V10, Botan::TLS::Protocol_Version::TLS_V11, Botan::TLS::Protocol_Version::TLS_V12, Botan::TLS::Protocol_Version::DTLS_V10, Botan::TLS::Protocol_Version::DTLS_V12 - }; + }; return test_with_policy(results, client_ses, server_ses, creds, versions, policy); } @@ -1100,13 +1181,16 @@ class TLS_Unit_Tests : public Test policy.set("macs", mac_policy); policy.set("key_exchange_methods", kex_policy); - for(auto&& kv : extra_policies) + for(auto const& kv : extra_policies) + { policy.set(kv.first, kv.second); + } - std::vector<Botan::TLS::Protocol_Version> versions = { + std::vector<Botan::TLS::Protocol_Version> versions = + { Botan::TLS::Protocol_Version::TLS_V12, Botan::TLS::Protocol_Version::DTLS_V12 - }; + }; return test_with_policy(results, client_ses, server_ses, creds, versions, policy); } @@ -1124,9 +1208,13 @@ class TLS_Unit_Tests : public Test result.test_eq("Valid Ciphersuite is not SCSV", Botan::TLS::Ciphersuite::is_scsv(csuite_id), false); if(ciphersuite.cbc_ciphersuite() == false) + { result.test_eq("Expected MAC name for AEAD ciphersuites", ciphersuite.mac_algo(), "AEAD"); + } else + { result.test_eq("MAC algo and PRF algo same for CBC suites", ciphersuite.prf_algo(), ciphersuite.mac_algo()); + } // TODO more tests here } @@ -1151,10 +1239,10 @@ class TLS_Unit_Tests : public Test #if defined(BOTAN_HAS_TLS_SQLITE3_SESSION_MANAGER) client_ses.reset( new Botan::TLS::Session_Manager_SQLite("pass", rng, ":memory:", 5, - std::chrono::seconds(2))); + std::chrono::seconds(2))); server_ses.reset( new Botan::TLS::Session_Manager_SQLite("pass", rng, ":memory:", 10, - std::chrono::seconds(4))); + std::chrono::seconds(4))); #else client_ses.reset(new Botan::TLS::Session_Manager_In_Memory(rng)); server_ses.reset(new Botan::TLS::Session_Manager_In_Memory(rng)); @@ -1173,7 +1261,8 @@ class TLS_Unit_Tests : public Test #if defined(BOTAN_HAS_CAMELLIA) test_all_versions(results, *client_ses, *server_ses, *creds, "RSA", "Camellia-128", "SHA-256 SHA-1", etm_setting); - test_all_versions(results, *client_ses, *server_ses, *creds, "RSA", "Camellia-256", "SHA-256 SHA-384 SHA-1", etm_setting); + test_all_versions(results, *client_ses, *server_ses, *creds, "RSA", "Camellia-256", "SHA-256 SHA-384 SHA-1", + etm_setting); #endif #if defined(BOTAN_HAS_DES) @@ -1193,20 +1282,20 @@ class TLS_Unit_Tests : public Test #if defined(BOTAN_HAS_DSA) test_modern_versions(results, *client_ses, *server_ses, *creds, "DH", "AES-128", "SHA-256", - { { "signature_methods", "DSA" } }); + { { "signature_methods", "DSA" } }); test_modern_versions(results, *client_ses, *server_ses, *creds, "DH", "AES-256", "SHA-256", - { { "signature_methods", "DSA" } }); + { { "signature_methods", "DSA" } }); #endif #endif Botan::TLS::Strict_Policy strict_policy; test_with_policy(results, *client_ses, *server_ses, *creds, - {Botan::TLS::Protocol_Version::TLS_V12}, strict_policy); + {Botan::TLS::Protocol_Version::TLS_V12}, strict_policy); Botan::TLS::NSA_Suite_B_128 suiteb_128; test_with_policy(results, *client_ses, *server_ses, *creds, - {Botan::TLS::Protocol_Version::TLS_V12}, suiteb_128); + {Botan::TLS::Protocol_Version::TLS_V12}, suiteb_128); // Remove server sessions before client, so clients retry with session server doesn't know server_ses->remove_all(); @@ -1215,13 +1304,13 @@ class TLS_Unit_Tests : public Test test_modern_versions(results, *client_ses, *server_ses, *creds, "ECDH", "AES-128/GCM"); test_modern_versions(results, *client_ses, *server_ses, *creds, "ECDH", "AES-128/GCM", "AEAD", - { { "signature_methods", "RSA" } }); + { { "signature_methods", "RSA" } }); #if defined(BOTAN_HAS_DSA) test_modern_versions(results, *client_ses, *server_ses, *creds, "DH", "AES-128/GCM", "AEAD", - { { "signature_methods", "DSA" } }); + { { "signature_methods", "DSA" } }); test_modern_versions(results, *client_ses, *server_ses, *creds, "DH", "AES-256/GCM", "AEAD", - { { "signature_methods", "DSA" } }); + { { "signature_methods", "DSA" } }); #endif client_ses->remove_all(); @@ -1242,26 +1331,26 @@ class TLS_Unit_Tests : public Test #if defined(BOTAN_HAS_AES) && defined(BOTAN_HAS_AEAD_OCB) test_modern_versions(results, *client_ses, *server_ses, *creds, "CECPQ1", "AES-256/OCB(12)", "AEAD"); test_modern_versions(results, *client_ses, *server_ses, *creds, "CECPQ1", "AES-256/OCB(12)", "AEAD", - {{ "signature_methods", "RSA" }}); + {{ "signature_methods", "RSA" }}); #endif #if defined(BOTAN_HAS_AEAD_CHACHA20_POLY1305) test_modern_versions(results, *client_ses, *server_ses, *creds, "CECPQ1", "ChaCha20Poly1305", "AEAD", - { { "signature_methods", "RSA" }}); + { { "signature_methods", "RSA" }}); #endif #endif test_modern_versions(results, *client_ses, *server_ses, *creds, "ECDH", "AES-128/GCM", "AEAD", - { { "use_ecc_point_compression", "true" } }); + { { "use_ecc_point_compression", "true" } }); test_modern_versions(results, *client_ses, *server_ses, *creds, "ECDH", "AES-256/GCM", "AEAD", - { { "ecc_curves", "secp521r1" } }); + { { "ecc_curves", "secp521r1" } }); test_modern_versions(results, *client_ses, *server_ses, *creds, "ECDH", "AES-128/GCM", "AEAD", - { { "ecc_curves", "brainpool256r1" } }); + { { "ecc_curves", "brainpool256r1" } }); #if defined(BOTAN_HAS_CURVE_25519) test_modern_versions(results, *client_ses, *server_ses, *creds, "ECDH", "AES-128/GCM", "AEAD", - { { "ecc_curves", "x25519" } }); + { { "ecc_curves", "x25519" } }); #endif std::unique_ptr<Botan::Credentials_Manager> creds_with_client_cert(create_creds(rng, true)); @@ -1297,7 +1386,7 @@ class TLS_Unit_Tests : public Test #if defined(BOTAN_HOUSE_ECC_CURVE_NAME) test_modern_versions(results, *client_ses, *server_ses, *creds, "ECDH", "AES-128/GCM", "AEAD", - { { "ecc_curves", BOTAN_HOUSE_ECC_CURVE_NAME } }); + { { "ecc_curves", BOTAN_HOUSE_ECC_CURVE_NAME } }); #endif return results; diff --git a/src/tests/unit_tls_policy.cpp b/src/tests/unit_tls_policy.cpp index 66080a283..909a3cd57 100644 --- a/src/tests/unit_tls_policy.cpp +++ b/src/tests/unit_tls_policy.cpp @@ -9,30 +9,30 @@ #include "tests.h" #if defined(BOTAN_HAS_TLS) - #include <botan/pubkey.h> - #include <botan/oids.h> - #include <botan/tls_policy.h> - #include <botan/tls_exceptn.h> + #include <botan/pubkey.h> + #include <botan/oids.h> + #include <botan/tls_policy.h> + #include <botan/tls_exceptn.h> #endif #if defined(BOTAN_HAS_RSA) - #include <botan/rsa.h> + #include <botan/rsa.h> #endif #if defined(BOTAN_HAS_ECDH) - #include <botan/ecdh.h> + #include <botan/ecdh.h> #endif #if defined(BOTAN_HAS_ECDSA) - #include <botan/ecdsa.h> + #include <botan/ecdsa.h> #endif #if defined(BOTAN_HAS_DIFFIE_HELLMAN) - #include <botan/dh.h> + #include <botan/dh.h> #endif #if defined(BOTAN_HAS_DSA) - #include <botan/dsa.h> + #include <botan/dsa.h> #endif namespace Botan_Tests { @@ -60,9 +60,9 @@ class TLS_Policy_Unit_Tests : public Test { Test::Result result("TLS Policy RSA key verification"); #if defined(BOTAN_HAS_RSA) - std::unique_ptr<Botan::Private_Key> rsa_key_1024 (new Botan::RSA_PrivateKey(Test::rng(), 1024)); + std::unique_ptr<Botan::Private_Key> rsa_key_1024(new Botan::RSA_PrivateKey(Test::rng(), 1024)); Botan::TLS::Policy policy; - + try { policy.check_peer_key_acceptable(*rsa_key_1024); @@ -72,20 +72,20 @@ class TLS_Policy_Unit_Tests : public Test { result.test_success("Correctly rejecting 1024 bit RSA keys"); } - - std::unique_ptr<Botan::Private_Key> rsa_key_2048 (new Botan::RSA_PrivateKey(Test::rng(), 2048)); + + std::unique_ptr<Botan::Private_Key> rsa_key_2048(new Botan::RSA_PrivateKey(Test::rng(), 2048)); policy.check_peer_key_acceptable(*rsa_key_2048); result.test_success("Correctly accepting 2048 bit RSA keys"); #endif return result; } - + Test::Result test_peer_key_acceptable_ecdh() { Test::Result result("TLS Policy ECDH key verification"); -#if defined(BOTAN_HAS_ECDH) +#if defined(BOTAN_HAS_ECDH) Botan::EC_Group group_192("secp192r1"); - std::unique_ptr<Botan::Private_Key> ecdh_192 (new Botan::ECDH_PrivateKey(Test::rng(), group_192)); + std::unique_ptr<Botan::Private_Key> ecdh_192(new Botan::ECDH_PrivateKey(Test::rng(), group_192)); Botan::TLS::Policy policy; try @@ -97,21 +97,21 @@ class TLS_Policy_Unit_Tests : public Test { result.test_success("Correctly rejecting 192 bit EC keys"); } - + Botan::EC_Group group_256("secp256r1"); - std::unique_ptr<Botan::Private_Key> ecdh_256 (new Botan::ECDH_PrivateKey(Test::rng(), group_256)); + std::unique_ptr<Botan::Private_Key> ecdh_256(new Botan::ECDH_PrivateKey(Test::rng(), group_256)); policy.check_peer_key_acceptable(*ecdh_256); result.test_success("Correctly accepting 256 bit EC keys"); #endif return result; } - + Test::Result test_peer_key_acceptable_ecdsa() { Test::Result result("TLS Policy ECDSA key verification"); -#if defined(BOTAN_HAS_ECDSA) +#if defined(BOTAN_HAS_ECDSA) Botan::EC_Group group_192("secp192r1"); - std::unique_ptr<Botan::Private_Key> ecdsa_192 (new Botan::ECDSA_PrivateKey(Test::rng(), group_192)); + std::unique_ptr<Botan::Private_Key> ecdsa_192(new Botan::ECDSA_PrivateKey(Test::rng(), group_192)); Botan::TLS::Policy policy; try @@ -123,25 +123,25 @@ class TLS_Policy_Unit_Tests : public Test { result.test_success("Correctly rejecting 192 bit EC keys"); } - + Botan::EC_Group group_256("secp256r1"); - std::unique_ptr<Botan::Private_Key> ecdsa_256 (new Botan::ECDSA_PrivateKey(Test::rng(), group_256)); + std::unique_ptr<Botan::Private_Key> ecdsa_256(new Botan::ECDSA_PrivateKey(Test::rng(), group_256)); policy.check_peer_key_acceptable(*ecdsa_256); result.test_success("Correctly accepting 256 bit EC keys"); #endif return result; } - + Test::Result test_peer_key_acceptable_dh() { Test::Result result("TLS Policy DH key verification"); -#if defined(BOTAN_HAS_DIFFIE_HELLMAN) +#if defined(BOTAN_HAS_DIFFIE_HELLMAN) const BigInt g("2"); const BigInt p("58458002095536094658683755258523362961421200751439456159756164191494576279467"); const Botan::DL_Group grp(p, g); const Botan::BigInt x("46205663093589612668746163860870963912226379131190812163519349848291472898748"); - std::unique_ptr<Botan::Private_Key> dhkey (new Botan::DH_PrivateKey(Test::rng(), grp, x)); - + std::unique_ptr<Botan::Private_Key> dhkey(new Botan::DH_PrivateKey(Test::rng(), grp, x)); + Botan::TLS::Policy policy; try { diff --git a/src/tests/unit_x509.cpp b/src/tests/unit_x509.cpp index 981897ab0..89eef51d7 100644 --- a/src/tests/unit_x509.cpp +++ b/src/tests/unit_x509.cpp @@ -9,17 +9,17 @@ #if defined(BOTAN_HAS_X509_CERTIFICATES) -#include <botan/calendar.h> -#include <botan/pkcs8.h> -#include <botan/hash.h> -#include <botan/pkcs10.h> -#include <botan/x509self.h> -#include <botan/x509path.h> -#include <botan/x509_ca.h> -#include <botan/pk_algs.h> -#include <botan/ber_dec.h> -#include <botan/der_enc.h> -#include <botan/oids.h> + #include <botan/calendar.h> + #include <botan/pkcs8.h> + #include <botan/hash.h> + #include <botan/pkcs10.h> + #include <botan/x509self.h> + #include <botan/x509path.h> + #include <botan/x509_ca.h> + #include <botan/pk_algs.h> + #include <botan/ber_dec.h> + #include <botan/der_enc.h> + #include <botan/oids.h> #endif @@ -87,16 +87,23 @@ Botan::X509_Cert_Options req_opts2() std::unique_ptr<Botan::Private_Key> make_a_private_key(const std::string& algo) { - const std::string params = [&]{ + const std::string params = [&] + { // Here we override defaults as needed if(algo == "RSA") - return "1024"; + { + return "1024"; + } if(algo == "GOST-34.10") - return "gost_256A"; + { + return "gost_256A"; + } if(algo == "ECKCDSA" || algo == "ECGDSA") - return "brainpool256r1"; + { + return "brainpool256r1"; + } return ""; // default "" means choose acceptable algo-specific params - }(); + }(); return Botan::create_private_key(algo, Test::rng(), params); } @@ -112,7 +119,8 @@ Test::Result test_cert_status_strings() Botan::to_string(Botan::Certificate_Status_Code::OK), Botan::to_string(Botan::Certificate_Status_Code::VERIFIED)); - const Botan::Certificate_Status_Code codes[]{ + const Botan::Certificate_Status_Code codes[] + { Botan::Certificate_Status_Code::OCSP_RESPONSE_GOOD, Botan::Certificate_Status_Code::OCSP_SIGNATURE_OK, Botan::Certificate_Status_Code::VALID_CRL_CHECKED, @@ -150,7 +158,7 @@ Test::Result test_cert_status_strings() Botan::Certificate_Status_Code::CRL_BAD_SIGNATURE, Botan::Certificate_Status_Code::SIGNATURE_ERROR, Botan::Certificate_Status_Code::CERT_PUBKEY_INVALID, - }; + }; for(const auto code : codes) { @@ -179,16 +187,19 @@ Test::Result test_x509_dates() result.test_eq("UTC_TIME readable_string", time.readable_string(), "2020/03/05 10:03:50 UTC"); time = Botan::X509_Time("200305100350Z", Botan::ASN1_Tag::UTC_OR_GENERALIZED_TIME); - result.test_eq("UTC_OR_GENERALIZED_TIME from UTC_TIME readable_string", time.readable_string(), "2020/03/05 10:03:50 UTC"); + result.test_eq("UTC_OR_GENERALIZED_TIME from UTC_TIME readable_string", time.readable_string(), + "2020/03/05 10:03:50 UTC"); time = Botan::X509_Time("20200305100350Z", Botan::ASN1_Tag::UTC_OR_GENERALIZED_TIME); - result.test_eq("UTC_OR_GENERALIZED_TIME from GENERALIZED_TIME readable_string", time.readable_string(), "2020/03/05 10:03:50 UTC"); + result.test_eq("UTC_OR_GENERALIZED_TIME from GENERALIZED_TIME readable_string", time.readable_string(), + "2020/03/05 10:03:50 UTC"); time = Botan::X509_Time("20200305100350Z", Botan::ASN1_Tag::GENERALIZED_TIME); result.test_eq("GENERALIZED_TIME readable_string", time.readable_string(), "2020/03/05 10:03:50 UTC"); // Dates that are valid per X.500 but rejected as unsupported - const std::string valid_but_unsup[]{ + const std::string valid_but_unsup[] + { "0802010000-0000", "0802011724+0000", "0406142334-0500", @@ -202,18 +213,20 @@ Test::Result test_x509_dates() "990614233444+0500", "000614233455-0530", "000614233455+0530", - }; + }; // valid length 13 - const std::string valid_utc[]{ + const std::string valid_utc[] + { "080201000000Z", "080201172412Z", "040614233433Z", "990614233444Z", "000614233455Z", - }; + }; - const std::string invalid_utc[]{ + const std::string invalid_utc[] + { "", " ", "2008`02-01", @@ -282,14 +295,16 @@ Test::Result test_x509_dates() // Swapped type "20170217180154Z", - }; + }; // valid length 15 - const std::string valid_generalized_time[]{ + const std::string valid_generalized_time[] + { "20000305100350Z", - }; + }; - const std::string invalid_generalized[]{ + const std::string invalid_generalized[] + { // No trailing Z "20000305100350", @@ -313,7 +328,7 @@ Test::Result test_x509_dates() // Swapped type "170217180154Z", - }; + }; for(const auto& v : valid_but_unsup) { @@ -335,7 +350,7 @@ Test::Result test_x509_dates() result.test_throws("invalid", [v]() { Botan::X509_Time t(v, Botan::ASN1_Tag::UTC_TIME); }); } - for (const auto& v : invalid_generalized) + for(const auto& v : invalid_generalized) { result.test_throws("invalid", [v]() { Botan::X509_Time t(v, Botan::ASN1_Tag::GENERALIZED_TIME); }); } @@ -358,14 +373,12 @@ Test::Result test_x509_cert(const std::string& sig_algo, const std::string& hash } /* Create the self-signed cert */ - const Botan::X509_Certificate ca_cert = - Botan::X509::create_self_signed_cert(ca_opts(), - *ca_key, - hash_fn, - Test::rng()); + const auto ca_cert = Botan::X509::create_self_signed_cert(ca_opts(), *ca_key, hash_fn, Test::rng()); - result.test_eq("ca key usage", (ca_cert.constraints() & Botan::Key_Constraints(Botan::KEY_CERT_SIGN | Botan::CRL_SIGN)) == - Botan::Key_Constraints(Botan::KEY_CERT_SIGN | Botan::CRL_SIGN), true); + { + const auto constraints = Botan::Key_Constraints(Botan::KEY_CERT_SIGN | Botan::CRL_SIGN); + result.test_eq("ca key usage", (ca_cert.constraints() & constraints) == constraints, true); + } /* Create user #1's key and cert request */ std::unique_ptr<Botan::Private_Key> user1_key(make_a_private_key(sig_algo)); @@ -400,13 +413,12 @@ Test::Result test_x509_cert(const std::string& sig_algo, const std::string& hash from_date(2033, 01, 01)); // user#1 creates a self-signed cert on the side - Botan::X509_Certificate user1_ss_cert = - Botan::X509::create_self_signed_cert(req_opts1(sig_algo), - *user1_key, - hash_fn, - Test::rng()); + const auto user1_ss_cert = Botan::X509::create_self_signed_cert(req_opts1(sig_algo), *user1_key, hash_fn, Test::rng()); - result.test_eq("user1 key usage", (user1_cert.constraints() & req_opts1(sig_algo).constraints) == req_opts1(sig_algo).constraints, true); + { + auto constrains = req_opts1(sig_algo).constraints; + result.test_eq("user1 key usage", (user1_cert.constraints() & constrains) == constrains, true); + } /* Copy, assign and compare */ Botan::X509_Certificate user1_cert_copy(user1_cert); @@ -523,11 +535,11 @@ Test::Result test_usage(const std::string& sig_algo, const std::string& hash_fn } /* Create the self-signed cert */ - const Botan::X509_Certificate ca_cert = - Botan::X509::create_self_signed_cert(ca_opts(), - *ca_key, - hash_fn, - Test::rng()); + const Botan::X509_Certificate ca_cert = Botan::X509::create_self_signed_cert( + ca_opts(), + *ca_key, + hash_fn, + Test::rng()); /* Create the CA object */ const Botan::X509_CA ca(ca_cert, *ca_key, hash_fn, Test::rng()); @@ -537,55 +549,55 @@ Test::Result test_usage(const std::string& sig_algo, const std::string& hash_fn Botan::X509_Cert_Options opts("Test User 1/US/Botan Project/Testing"); opts.constraints = Key_Constraints::DIGITAL_SIGNATURE; - const Botan::PKCS10_Request user1_req = - Botan::X509::create_cert_req(opts, - *user1_key, - hash_fn, - Test::rng()); + const Botan::PKCS10_Request user1_req = Botan::X509::create_cert_req( + opts, + *user1_key, + hash_fn, + Test::rng()); - const Botan::X509_Certificate user1_cert = - ca.sign_request(user1_req, Test::rng(), - from_date(2008, 01, 01), - from_date(2033, 01, 01)); + const Botan::X509_Certificate user1_cert = ca.sign_request( + user1_req, + Test::rng(), + from_date(2008, 01, 01), + from_date(2033, 01, 01)); // cert only allows digitalSignature, but we check for both digitalSignature and cRLSign - result.test_eq("key usage cRLSign not allowed", user1_cert.allowed_usage(Key_Constraints(Key_Constraints::DIGITAL_SIGNATURE | - Key_Constraints::CRL_SIGN)), false); + result.test_eq("key usage cRLSign not allowed", + user1_cert.allowed_usage( + Key_Constraints(Key_Constraints::DIGITAL_SIGNATURE | Key_Constraints::CRL_SIGN)), false); // cert only allows digitalSignature, so checking for only that should be ok result.confirm("key usage digitalSignature allowed", user1_cert.allowed_usage(Key_Constraints::DIGITAL_SIGNATURE)); opts.constraints = Key_Constraints(Key_Constraints::DIGITAL_SIGNATURE | Key_Constraints::CRL_SIGN); - const Botan::PKCS10_Request mult_usage_req = - Botan::X509::create_cert_req(opts, - *user1_key, - hash_fn, - Test::rng()); + const Botan::PKCS10_Request mult_usage_req = Botan::X509::create_cert_req( + opts, + *user1_key, + hash_fn, + Test::rng()); - const Botan::X509_Certificate mult_usage_cert = - ca.sign_request(mult_usage_req, Test::rng(), - from_date(2008, 01, 01), - from_date(2033, 01, 01)); + const Botan::X509_Certificate mult_usage_cert = ca.sign_request( + mult_usage_req, + Test::rng(), + from_date(2008, 01, 01), + from_date(2033, 01, 01)); // cert allows multiple usages, so each one of them as well as both together should be allowed - result.confirm("key usage multiple digitalSignature allowed", mult_usage_cert.allowed_usage(Key_Constraints::DIGITAL_SIGNATURE)); + result.confirm("key usage multiple digitalSignature allowed", + mult_usage_cert.allowed_usage(Key_Constraints::DIGITAL_SIGNATURE)); result.confirm("key usage multiple cRLSign allowed", mult_usage_cert.allowed_usage(Key_Constraints::CRL_SIGN)); result.confirm("key usage multiple digitalSignature and cRLSign allowed", mult_usage_cert.allowed_usage( - Key_Constraints(Key_Constraints::DIGITAL_SIGNATURE | Key_Constraints::CRL_SIGN))); + Key_Constraints(Key_Constraints::DIGITAL_SIGNATURE | Key_Constraints::CRL_SIGN))); opts.constraints = Key_Constraints::NO_CONSTRAINTS; - const Botan::PKCS10_Request no_usage_req = - Botan::X509::create_cert_req(opts, - *user1_key, - hash_fn, - Test::rng()); + const Botan::PKCS10_Request no_usage_req = Botan::X509::create_cert_req(opts, *user1_key, hash_fn, Test::rng()); const Botan::X509_Certificate no_usage_cert = - ca.sign_request(no_usage_req, Test::rng(), - from_date(2008, 01, 01), - from_date(2033, 01, 01)); + ca.sign_request(no_usage_req, Test::rng(), + from_date(2008, 01, 01), + from_date(2033, 01, 01)); // cert allows every usage result.confirm("key usage digitalSignature allowed", no_usage_cert.allowed_usage(Key_Constraints::DIGITAL_SIGNATURE)); @@ -611,11 +623,8 @@ Test::Result test_self_issued(const std::string& sig_algo, const std::string& ha } // create the self-signed cert - const Botan::X509_Certificate ca_cert = - Botan::X509::create_self_signed_cert(ca_opts(), - *ca_key, - hash_fn, - Test::rng()); + const Botan::X509_Certificate ca_cert = Botan::X509::create_self_signed_cert( + ca_opts(), *ca_key, hash_fn, Test::rng()); /* Create the CA object */ const Botan::X509_CA ca(ca_cert, *ca_key, hash_fn, Test::rng()); @@ -627,26 +636,18 @@ Test::Result test_self_issued(const std::string& sig_algo, const std::string& ha Botan::X509_Cert_Options opts = ca_opts(); opts.constraints = Key_Constraints::DIGITAL_SIGNATURE; - const Botan::PKCS10_Request self_issued_req = - Botan::X509::create_cert_req(opts, - *user_key, - hash_fn, - Test::rng()); + const Botan::PKCS10_Request self_issued_req = Botan::X509::create_cert_req(opts, *user_key, hash_fn, Test::rng()); - const Botan::X509_Certificate self_issued_cert = - ca.sign_request(self_issued_req, Test::rng(), - from_date(2008, 01, 01), - from_date(2033, 01, 01)); + const Botan::X509_Certificate self_issued_cert = ca.sign_request( + self_issued_req, Test::rng(), from_date(2008, 01, 01), from_date(2033, 01, 01)); // check that this chain can can be verified successfully const Botan::Certificate_Store_In_Memory trusted(ca.ca_certificate()); const Botan::Path_Validation_Restrictions restrictions(false, 80); - const Botan::Path_Validation_Result validation_result = - Botan::x509_path_validate(self_issued_cert, - restrictions, - trusted); + const Botan::Path_Validation_Result validation_result = Botan::x509_path_validate( + self_issued_cert, restrictions, trusted); result.confirm("chain with self-issued cert validates", validation_result.successful_validation()); @@ -663,20 +664,35 @@ struct typical_usage_constraints { // ALL constraints are not typical at all, but we use them for a negative test Key_Constraints all = Key_Constraints( - Key_Constraints::DIGITAL_SIGNATURE | Key_Constraints::NON_REPUDIATION | Key_Constraints::KEY_ENCIPHERMENT | - Key_Constraints::DATA_ENCIPHERMENT | Key_Constraints::KEY_AGREEMENT | Key_Constraints::KEY_CERT_SIGN | - Key_Constraints::CRL_SIGN | Key_Constraints::ENCIPHER_ONLY | Key_Constraints::DECIPHER_ONLY); + Key_Constraints::DIGITAL_SIGNATURE | + Key_Constraints::NON_REPUDIATION | + Key_Constraints::KEY_ENCIPHERMENT | + Key_Constraints::DATA_ENCIPHERMENT | + Key_Constraints::KEY_AGREEMENT | + Key_Constraints::KEY_CERT_SIGN | + Key_Constraints::CRL_SIGN | + Key_Constraints::ENCIPHER_ONLY | + Key_Constraints::DECIPHER_ONLY); Key_Constraints ca = Key_Constraints(Key_Constraints::KEY_CERT_SIGN); Key_Constraints sign_data = Key_Constraints(Key_Constraints::DIGITAL_SIGNATURE); - Key_Constraints non_repudiation = Key_Constraints(Key_Constraints::NON_REPUDIATION | Key_Constraints::DIGITAL_SIGNATURE); + Key_Constraints non_repudiation = Key_Constraints( + Key_Constraints::NON_REPUDIATION | + Key_Constraints::DIGITAL_SIGNATURE); Key_Constraints key_encipherment = Key_Constraints(Key_Constraints::KEY_ENCIPHERMENT); Key_Constraints data_encipherment = Key_Constraints(Key_Constraints::DATA_ENCIPHERMENT); Key_Constraints key_agreement = Key_Constraints(Key_Constraints::KEY_AGREEMENT); - Key_Constraints key_agreement_encipher_only = Key_Constraints(Key_Constraints::KEY_AGREEMENT | Key_Constraints::ENCIPHER_ONLY); - Key_Constraints key_agreement_decipher_only = Key_Constraints(Key_Constraints::KEY_AGREEMENT | Key_Constraints::DECIPHER_ONLY); - Key_Constraints crl_sign = Key_Constraints(Key_Constraints::CRL_SIGN); - Key_Constraints sign_everything = Key_Constraints(Key_Constraints::DIGITAL_SIGNATURE | Key_Constraints::KEY_CERT_SIGN | Key_Constraints::CRL_SIGN); + Key_Constraints key_agreement_encipher_only = Key_Constraints( + Key_Constraints::KEY_AGREEMENT | + Key_Constraints::ENCIPHER_ONLY); + Key_Constraints key_agreement_decipher_only = Key_Constraints( + Key_Constraints::KEY_AGREEMENT | + Key_Constraints::DECIPHER_ONLY); + Key_Constraints crl_sign = Key_Constraints::CRL_SIGN; + Key_Constraints sign_everything = Key_Constraints( + Key_Constraints::DIGITAL_SIGNATURE | + Key_Constraints::KEY_CERT_SIGN | + Key_Constraints::CRL_SIGN); }; @@ -702,33 +718,51 @@ Test::Result test_valid_constraints(const std::string& pk_algo) if(pk_algo == "DH" || pk_algo == "ECDH") { // DH and ECDH only for key agreement - result.test_throws("all constraints not permitted", [&key, &typical_usage]() { verify_cert_constraints_valid_for_key_type(*key, - typical_usage.all); }); - result.test_throws("cert sign not permitted", [&key, &typical_usage]() { verify_cert_constraints_valid_for_key_type(*key, - typical_usage.ca); }); - result.test_throws("signature not permitted", [&key, &typical_usage]() { verify_cert_constraints_valid_for_key_type(*key, - typical_usage.sign_data); }); - result.test_throws("non repudiation not permitted", [&key, &typical_usage]() { verify_cert_constraints_valid_for_key_type(*key, - typical_usage.non_repudiation); }); - result.test_throws("key encipherment not permitted", [&key, &typical_usage]() { verify_cert_constraints_valid_for_key_type(*key, - typical_usage.key_encipherment); }); - result.test_throws("data encipherment not permitted", [&key, &typical_usage]() { verify_cert_constraints_valid_for_key_type(*key, - typical_usage.data_encipherment); }); + result.test_throws("all constraints not permitted", [&key, &typical_usage]() + { + verify_cert_constraints_valid_for_key_type(*key, typical_usage.all); + }); + result.test_throws("cert sign not permitted", [&key, &typical_usage]() + { + verify_cert_constraints_valid_for_key_type(*key, typical_usage.ca); + }); + result.test_throws("signature not permitted", [&key, &typical_usage]() + { + verify_cert_constraints_valid_for_key_type(*key, typical_usage.sign_data); + }); + result.test_throws("non repudiation not permitted", [&key, &typical_usage]() + { + verify_cert_constraints_valid_for_key_type(*key, typical_usage.non_repudiation); + }); + result.test_throws("key encipherment not permitted", [&key, &typical_usage]() + { + verify_cert_constraints_valid_for_key_type(*key, typical_usage.key_encipherment); + }); + result.test_throws("data encipherment not permitted", [&key, &typical_usage]() + { + verify_cert_constraints_valid_for_key_type(*key, typical_usage.data_encipherment); + }); verify_cert_constraints_valid_for_key_type(*key, typical_usage.key_agreement); verify_cert_constraints_valid_for_key_type(*key, typical_usage.key_agreement_encipher_only); verify_cert_constraints_valid_for_key_type(*key, typical_usage.key_agreement_decipher_only); - result.test_throws("crl sign not permitted", [&key, &typical_usage]() { verify_cert_constraints_valid_for_key_type(*key, - typical_usage.crl_sign); }); - result.test_throws("sign, cert sign, crl sign not permitted", [&key, &typical_usage]() { verify_cert_constraints_valid_for_key_type(*key, - typical_usage.sign_everything); }); + result.test_throws("crl sign not permitted", [&key, &typical_usage]() + { + verify_cert_constraints_valid_for_key_type(*key, typical_usage.crl_sign); + }); + result.test_throws("sign, cert sign, crl sign not permitted", [&key, &typical_usage]() + { + verify_cert_constraints_valid_for_key_type(*key, typical_usage.sign_everything); + }); } else if(pk_algo == "RSA") { // RSA can do everything except key agreement - result.test_throws("all constraints not permitted", [&key, &typical_usage]() { verify_cert_constraints_valid_for_key_type(*key, - typical_usage.all); }); + result.test_throws("all constraints not permitted", [&key, &typical_usage]() + { + verify_cert_constraints_valid_for_key_type(*key, typical_usage.all); + }); verify_cert_constraints_valid_for_key_type(*key, typical_usage.ca); verify_cert_constraints_valid_for_key_type(*key, typical_usage.sign_data); @@ -736,12 +770,18 @@ Test::Result test_valid_constraints(const std::string& pk_algo) verify_cert_constraints_valid_for_key_type(*key, typical_usage.key_encipherment); verify_cert_constraints_valid_for_key_type(*key, typical_usage.data_encipherment); - result.test_throws("key agreement not permitted", [&key, &typical_usage]() { verify_cert_constraints_valid_for_key_type(*key, - typical_usage.key_agreement); }); - result.test_throws("key agreement, encipher only not permitted", [&key, &typical_usage]() { verify_cert_constraints_valid_for_key_type(*key, - typical_usage.key_agreement_encipher_only); }); - result.test_throws("key agreement, decipher only not permitted", [&key, &typical_usage]() { verify_cert_constraints_valid_for_key_type(*key, - typical_usage.key_agreement_decipher_only); }); + result.test_throws("key agreement not permitted", [&key, &typical_usage]() + { + verify_cert_constraints_valid_for_key_type(*key, typical_usage.key_agreement); + }); + result.test_throws("key agreement, encipher only not permitted", [&key, &typical_usage]() + { + verify_cert_constraints_valid_for_key_type(*key, typical_usage.key_agreement_encipher_only); + }); + result.test_throws("key agreement, decipher only not permitted", [&key, &typical_usage]() + { + verify_cert_constraints_valid_for_key_type(*key, typical_usage.key_agreement_decipher_only); + }); verify_cert_constraints_valid_for_key_type(*key, typical_usage.crl_sign); verify_cert_constraints_valid_for_key_type(*key, typical_usage.sign_everything); @@ -749,45 +789,72 @@ Test::Result test_valid_constraints(const std::string& pk_algo) else if(pk_algo == "ElGamal") { // only ElGamal encryption is currently implemented - result.test_throws("all constraints not permitted", [&key, &typical_usage]() { verify_cert_constraints_valid_for_key_type(*key, - typical_usage.all); }); - result.test_throws("cert sign not permitted", [&key, &typical_usage]() { verify_cert_constraints_valid_for_key_type(*key, - typical_usage.ca); }); + result.test_throws("all constraints not permitted", [&key, &typical_usage]() + { + verify_cert_constraints_valid_for_key_type(*key, typical_usage.all); + }); + result.test_throws("cert sign not permitted", [&key, &typical_usage]() + { + verify_cert_constraints_valid_for_key_type(*key, typical_usage.ca); + }); verify_cert_constraints_valid_for_key_type(*key, typical_usage.data_encipherment); verify_cert_constraints_valid_for_key_type(*key, typical_usage.key_encipherment); - result.test_throws("key agreement not permitted", [&key, &typical_usage]() { verify_cert_constraints_valid_for_key_type(*key, - typical_usage.key_agreement); }); - result.test_throws("key agreement, encipher only not permitted", [&key, &typical_usage]() { verify_cert_constraints_valid_for_key_type(*key, - typical_usage.key_agreement_encipher_only); }); - result.test_throws("key agreement, decipher only not permitted", [&key, &typical_usage]() { verify_cert_constraints_valid_for_key_type(*key, - typical_usage.key_agreement_decipher_only); }); - result.test_throws("crl sign not permitted", [&key, &typical_usage]() { verify_cert_constraints_valid_for_key_type(*key, - typical_usage.crl_sign); }); - result.test_throws("sign, cert sign, crl sign not permitted not permitted", [&key, &typical_usage]() { verify_cert_constraints_valid_for_key_type(*key, - typical_usage.sign_everything); }); + result.test_throws("key agreement not permitted", [&key, &typical_usage]() + { + verify_cert_constraints_valid_for_key_type(*key, typical_usage.key_agreement); + }); + result.test_throws("key agreement, encipher only not permitted", [&key, &typical_usage]() + { + verify_cert_constraints_valid_for_key_type(*key, typical_usage.key_agreement_encipher_only); + }); + result.test_throws("key agreement, decipher only not permitted", [&key, &typical_usage]() + { + verify_cert_constraints_valid_for_key_type(*key, typical_usage.key_agreement_decipher_only); + }); + result.test_throws("crl sign not permitted", [&key, &typical_usage]() + { + verify_cert_constraints_valid_for_key_type(*key, typical_usage.crl_sign); + }); + result.test_throws("sign, cert sign, crl sign not permitted not permitted", [&key, &typical_usage]() + { + verify_cert_constraints_valid_for_key_type(*key, typical_usage.sign_everything); + }); } - else if(pk_algo == "DSA" || pk_algo == "ECDSA" || pk_algo == "ECGDSA" || pk_algo == "ECKCDSA" || pk_algo == "GOST-34.10") + else if(pk_algo == "DSA" || pk_algo == "ECDSA" || pk_algo == "ECGDSA" || pk_algo == "ECKCDSA" || + pk_algo == "GOST-34.10") { // these are signature algorithms only - result.test_throws("all constraints not permitted", [&key, &typical_usage]() { verify_cert_constraints_valid_for_key_type(*key, - typical_usage.all); }); + result.test_throws("all constraints not permitted", [&key, &typical_usage]() + { + verify_cert_constraints_valid_for_key_type(*key, typical_usage.all); + }); verify_cert_constraints_valid_for_key_type(*key, typical_usage.ca); verify_cert_constraints_valid_for_key_type(*key, typical_usage.sign_data); verify_cert_constraints_valid_for_key_type(*key, typical_usage.non_repudiation); - result.test_throws("key encipherment not permitted", [&key, &typical_usage]() { verify_cert_constraints_valid_for_key_type(*key, - typical_usage.key_encipherment); }); - result.test_throws("data encipherment not permitted", [&key, &typical_usage]() { verify_cert_constraints_valid_for_key_type(*key, - typical_usage.data_encipherment); }); - result.test_throws("key agreement not permitted", [&key, &typical_usage]() { verify_cert_constraints_valid_for_key_type(*key, - typical_usage.key_agreement); }); - result.test_throws("key agreement, encipher only not permitted", [&key, &typical_usage]() { verify_cert_constraints_valid_for_key_type(*key, - typical_usage.key_agreement_encipher_only); }); - result.test_throws("key agreement, decipher only not permitted", [&key, &typical_usage]() { verify_cert_constraints_valid_for_key_type(*key, - typical_usage.key_agreement_decipher_only); }); + result.test_throws("key encipherment not permitted", [&key, &typical_usage]() + { + verify_cert_constraints_valid_for_key_type(*key, typical_usage.key_encipherment); + }); + result.test_throws("data encipherment not permitted", [&key, &typical_usage]() + { + verify_cert_constraints_valid_for_key_type(*key, typical_usage.data_encipherment); + }); + result.test_throws("key agreement not permitted", [&key, &typical_usage]() + { + verify_cert_constraints_valid_for_key_type(*key, typical_usage.key_agreement); + }); + result.test_throws("key agreement, encipher only not permitted", [&key, &typical_usage]() + { + verify_cert_constraints_valid_for_key_type(*key, typical_usage.key_agreement_encipher_only); + }); + result.test_throws("key agreement, decipher only not permitted", [&key, &typical_usage]() + { + verify_cert_constraints_valid_for_key_type(*key, typical_usage.key_agreement_decipher_only); + }); verify_cert_constraints_valid_for_key_type(*key, typical_usage.crl_sign); verify_cert_constraints_valid_for_key_type(*key, typical_usage.sign_everything); @@ -805,26 +872,38 @@ class String_Extension : public Botan::Certificate_Extension String_Extension() = default; String_Extension(const std::string& val) : m_contents(val) {} - std::string value() const { return m_contents; } + std::string value() const + { + return m_contents; + } - String_Extension* copy() const override { return new String_Extension(m_contents); } + String_Extension* copy() const override + { + return new String_Extension(m_contents); + } - Botan::OID oid_of() const override { return m_oid; } - std::string oid_name() const override { return "String Extension"; } + Botan::OID oid_of() const override + { + return m_oid; + } + std::string oid_name() const override + { + return "String Extension"; + } void contents_to(Botan::Data_Store&, Botan::Data_Store&) const override {} std::vector<uint8_t> encode_inner() const override - { + { return Botan::DER_Encoder().encode(Botan::ASN1_String(m_contents, Botan::UTF8_STRING)).get_contents_unlocked(); - } + } void decode_inner(const std::vector<uint8_t>& in) override - { + { Botan::ASN1_String str; Botan::BER_Decoder(in).decode(str, Botan::UTF8_STRING).verify_end(); m_contents = str.value(); - } + } private: Botan::OID m_oid {"1.2.3.4.5.6.7.8.9.1"}; @@ -848,11 +927,7 @@ Test::Result test_x509_extensions(const std::string& sig_algo, const std::string } /* Create the self-signed cert */ - Botan::X509_Certificate ca_cert = - Botan::X509::create_self_signed_cert(ca_opts(), - *ca_key, - hash_fn, - Test::rng()); + Botan::X509_Certificate ca_cert = Botan::X509::create_self_signed_cert(ca_opts(), *ca_key, hash_fn, Test::rng()); /* Create the CA object */ Botan::X509_CA ca(ca_cert, *ca_key, hash_fn, Test::rng()); @@ -869,14 +944,15 @@ Test::Result test_x509_extensions(const std::string& sig_algo, const std::string opts.extensions = req_extensions; /* Create a self-signed certificate */ - const Botan::X509_Certificate self_signed_cert = Botan::X509::create_self_signed_cert(opts, *user_key, hash_fn, Test::rng()); + const Botan::X509_Certificate self_signed_cert = Botan::X509::create_self_signed_cert( + opts, *user_key, hash_fn, Test::rng()); // check if known Key_Usage extension is present in self-signed cert auto key_usage_ext = self_signed_cert.v3_extensions().get(Botan::OIDS::lookup("X509v3.KeyUsage")); if(result.confirm("Key_Usage extension present in self-signed certificate", key_usage_ext != nullptr)) { result.confirm("Key_Usage extension value matches in self-signed certificate", - dynamic_cast<Botan::Cert_Extension::Key_Usage&>(*key_usage_ext).get_constraints() == opts.constraints); + dynamic_cast<Botan::Cert_Extension::Key_Usage&>(*key_usage_ext).get_constraints() == opts.constraints); } // check if custom extension is present in self-signed cert @@ -887,24 +963,18 @@ Test::Result test_x509_extensions(const std::string& sig_algo, const std::string } - const Botan::PKCS10_Request user_req = - Botan::X509::create_cert_req(opts, - *user_key, - hash_fn, - Test::rng()); + const Botan::PKCS10_Request user_req = Botan::X509::create_cert_req(opts, *user_key, hash_fn, Test::rng()); /* Create a CA-signed certificate */ - const Botan::X509_Certificate user_cert = - ca.sign_request(user_req, Test::rng(), - from_date(2008, 01, 01), - from_date(2033, 01, 01)); + const Botan::X509_Certificate user_cert = ca.sign_request( + user_req, Test::rng(), from_date(2008, 01, 01), from_date(2033, 01, 01)); // check if known Key_Usage extension is present in CA-signed cert key_usage_ext = self_signed_cert.v3_extensions().get(Botan::OIDS::lookup("X509v3.KeyUsage")); if(result.confirm("Key_Usage extension present in user certificate", key_usage_ext != nullptr)) { result.confirm("Key_Usage extension value matches in user certificate", - dynamic_cast<Botan::Cert_Extension::Key_Usage&>(*key_usage_ext).get_constraints() == Botan::DIGITAL_SIGNATURE); + dynamic_cast<Botan::Cert_Extension::Key_Usage&>(*key_usage_ext).get_constraints() == Botan::DIGITAL_SIGNATURE); } // check if custom extension is present in CA-signed cert @@ -917,59 +987,70 @@ Test::Result test_x509_extensions(const std::string& sig_algo, const std::string return result; } -Test::Result test_hashes(const std::string &algo, const std::string &hash_fn = "SHA-256") +Test::Result test_hashes(const std::string& algo, const std::string& hash_fn = "SHA-256") { - Test::Result result("X509 Hashes"); - - const std::unique_ptr<Botan::Private_Key> key(make_a_private_key(algo)); - - struct TestData { - const std::string issuer, subject, issuer_hash, subject_hash; - } const cases[]{ - {"", - "", - "E4F60D0AA6D7F3D3B6A6494B1C861B99F649C6F9EC51ABAF201B20F297327C95", - "E4F60D0AA6D7F3D3B6A6494B1C861B99F649C6F9EC51ABAF201B20F297327C95"}, - {"a", - "b", - "BC2E013472F39AC579964880E422737C82BA812CB8BC2FD17E013060D71E6E19", - "5E31CFAA3FAFB1A5BA296A0D2BAB9CA44D7936E9BF0BBC54637D0C53DBC4A432"}, - {"A", - "B", - "4B3206201C4BC9B6CD6C36532A97687DF9238155D99ADB60C66BF2B2220643D8", - "FFF635A52A16618B4A0E9CD26B5E5A2FA573D343C051E6DE8B0811B1ACC89B86"}, - {"Test Issuer/US/Botan Project/Testing", - "Test Subject/US/Botan Project/Testing", - "E2407027922619C0673E0AA59A9CD3673730C36A39F891BCE0806D1DD225A937", - "42A63CB4FCCA81AC6D14D5E209B3156E033B90FF1007216927EA9324BA4EF2DB"}, - {"Test Subject/US/Botan Project/Testing", - "Test Issuer/US/Botan Project/Testing", - "42A63CB4FCCA81AC6D14D5E209B3156E033B90FF1007216927EA9324BA4EF2DB", - "E2407027922619C0673E0AA59A9CD3673730C36A39F891BCE0806D1DD225A937"}}; - - for (const auto& a : cases) - { - Botan::X509_Cert_Options opts{a.issuer}; - opts.CA_key(); - - const Botan::X509_Certificate issuer_cert = - Botan::X509::create_self_signed_cert(opts, *key, hash_fn, Test::rng()); - - result.test_eq(a.issuer, Botan::hex_encode(issuer_cert.raw_issuer_dn_sha256()), a.issuer_hash); - result.test_eq(a.issuer, Botan::hex_encode(issuer_cert.raw_subject_dn_sha256()), a.issuer_hash); - - const Botan::X509_CA ca(issuer_cert, *key, hash_fn, Test::rng()); - const Botan::PKCS10_Request req = - Botan::X509::create_cert_req(a.subject, *key, hash_fn, Test::rng()); - const Botan::X509_Certificate subject_cert = - ca.sign_request(req, Test::rng(), - from_date(2008, 01, 01), - from_date(2033, 01, 01)); - - result.test_eq(a.subject, Botan::hex_encode(subject_cert.raw_issuer_dn_sha256()), a.issuer_hash); - result.test_eq(a.subject, Botan::hex_encode(subject_cert.raw_subject_dn_sha256()), a.subject_hash); - } - return result; + Test::Result result("X509 Hashes"); + + const std::unique_ptr<Botan::Private_Key> key(make_a_private_key(algo)); + + struct TestData + { + const std::string issuer, subject, issuer_hash, subject_hash; + } const cases[] + { + { + "", + "", + "E4F60D0AA6D7F3D3B6A6494B1C861B99F649C6F9EC51ABAF201B20F297327C95", + "E4F60D0AA6D7F3D3B6A6494B1C861B99F649C6F9EC51ABAF201B20F297327C95" + }, + { + "a", + "b", + "BC2E013472F39AC579964880E422737C82BA812CB8BC2FD17E013060D71E6E19", + "5E31CFAA3FAFB1A5BA296A0D2BAB9CA44D7936E9BF0BBC54637D0C53DBC4A432" + }, + { + "A", + "B", + "4B3206201C4BC9B6CD6C36532A97687DF9238155D99ADB60C66BF2B2220643D8", + "FFF635A52A16618B4A0E9CD26B5E5A2FA573D343C051E6DE8B0811B1ACC89B86" + }, + { + "Test Issuer/US/Botan Project/Testing", + "Test Subject/US/Botan Project/Testing", + "E2407027922619C0673E0AA59A9CD3673730C36A39F891BCE0806D1DD225A937", + "42A63CB4FCCA81AC6D14D5E209B3156E033B90FF1007216927EA9324BA4EF2DB" + }, + { + "Test Subject/US/Botan Project/Testing", + "Test Issuer/US/Botan Project/Testing", + "42A63CB4FCCA81AC6D14D5E209B3156E033B90FF1007216927EA9324BA4EF2DB", + "E2407027922619C0673E0AA59A9CD3673730C36A39F891BCE0806D1DD225A937" + } + }; + + for(const auto& a : cases) + { + Botan::X509_Cert_Options opts{a.issuer}; + opts.CA_key(); + + const Botan::X509_Certificate issuer_cert = + Botan::X509::create_self_signed_cert(opts, *key, hash_fn, Test::rng()); + + result.test_eq(a.issuer, Botan::hex_encode(issuer_cert.raw_issuer_dn_sha256()), a.issuer_hash); + result.test_eq(a.issuer, Botan::hex_encode(issuer_cert.raw_subject_dn_sha256()), a.issuer_hash); + + const Botan::X509_CA ca(issuer_cert, *key, hash_fn, Test::rng()); + const Botan::PKCS10_Request req = + Botan::X509::create_cert_req(a.subject, *key, hash_fn, Test::rng()); + const Botan::X509_Certificate subject_cert = + ca.sign_request(req, Test::rng(), from_date(2008, 01, 01), from_date(2033, 01, 01)); + + result.test_eq(a.subject, Botan::hex_encode(subject_cert.raw_issuer_dn_sha256()), a.issuer_hash); + result.test_eq(a.subject, Botan::hex_encode(subject_cert.raw_subject_dn_sha256()), a.subject_hash); + } + return result; } class X509_Cert_Unit_Tests : public Test @@ -987,33 +1068,37 @@ class X509_Cert_Unit_Tests : public Test for(const auto& algo : sig_algos) { - try { + try + { cert_result.merge(test_x509_cert(algo)); - } + } catch(std::exception& e) { cert_result.test_failure("test_x509_cert " + algo, e.what()); } - try { - usage_result.merge(test_usage(algo)); - } + try + { + usage_result.merge(test_usage(algo)); + } catch(std::exception& e) { usage_result.test_failure("test_usage " + algo, e.what()); } - try { - self_issued_result.merge(test_self_issued(algo)); - } + try + { + self_issued_result.merge(test_self_issued(algo)); + } catch(std::exception& e) { self_issued_result.test_failure("test_self_issued " + algo, e.what()); } - try { - extensions_result.merge(test_x509_extensions(algo)); - } + try + { + extensions_result.merge(test_x509_extensions(algo)); + } catch(std::exception& e) { extensions_result.test_failure("test_extensions " + algo, e.what()); @@ -1025,8 +1110,11 @@ class X509_Cert_Unit_Tests : public Test results.push_back(self_issued_result); results.push_back(extensions_result); - const std::vector<std::string> pk_algos { "DH", "ECDH", "RSA", "ElGamal", "GOST-34.10", - "DSA", "ECDSA", "ECGDSA", "ECKCDSA" }; + const std::vector<std::string> pk_algos + { + "DH", "ECDH", "RSA", "ElGamal", "GOST-34.10", + "DSA", "ECDSA", "ECGDSA", "ECKCDSA" + }; Test::Result valid_constraints_result("X509 Valid Constraints"); for(const auto& algo : pk_algos) |