diff options
author | Jack Lloyd <[email protected]> | 2018-04-09 13:06:56 -0400 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2018-04-09 18:48:46 -0400 |
commit | 6cfe771a5ced6c87eda98bfdfcd0811490d45baa (patch) | |
tree | e02481416011bdb63398698da4da0c73324d764c /src/tests | |
parent | 3aa5aabc3c134a50c90dad87caccee7d2532088e (diff) |
Fix bug that broke session decryption (and thus resumption)
Introduced in 3657639ab. Add a test that would have caught this
Diffstat (limited to 'src/tests')
-rw-r--r-- | src/tests/test_tls.cpp | 48 | ||||
-rw-r--r-- | src/tests/unit_tls.cpp | 6 |
2 files changed, 54 insertions, 0 deletions
diff --git a/src/tests/test_tls.cpp b/src/tests/test_tls.cpp index ece5ef249..73400a964 100644 --- a/src/tests/test_tls.cpp +++ b/src/tests/test_tls.cpp @@ -11,6 +11,8 @@ #if defined(BOTAN_HAS_TLS) #include <botan/tls_alert.h> #include <botan/tls_policy.h> + #include <botan/tls_session.h> + #include <botan/tls_version.h> #if defined(BOTAN_HAS_TLS_CBC) #include <botan/internal/tls_cbc.h> @@ -22,6 +24,52 @@ namespace Botan_Tests { #if defined(BOTAN_HAS_TLS) +class TLS_Session_Tests final : public Test + { + public: + std::vector<Test::Result> run() override + { + Test::Result result("TLS::Session"); + + Botan::TLS::Session default_session; + + Botan::secure_vector<uint8_t> default_der = default_session.DER_encode(); + + result.test_gte("Encoded default session has size", default_der.size(), 0); + + Botan::TLS::Session decoded_default(default_der.data(), default_der.size()); + + Botan::TLS::Session session(std::vector<uint8_t>{0xAA, 0xBB}, + Botan::secure_vector<uint8_t>{0xCC, 0xDD}, + Botan::TLS::Protocol_Version::TLS_V12, + 0xFE0F, + Botan::TLS::CLIENT, + true, + false, + std::vector<Botan::X509_Certificate>(), + std::vector<uint8_t>(), + Botan::TLS::Server_Information("server"), + "SRP username", + 0x0000); + + const Botan::SymmetricKey key("ABCDEF"); + std::vector<uint8_t> ctext1 = session.encrypt(key, Test::rng()); + std::vector<uint8_t> ctext2 = session.encrypt(key, Test::rng()); + + result.test_ne("TLS session encryption is non-determinsitic", + ctext1.data(), ctext1.size(), + ctext2.data(), ctext2.size()); + + Botan::TLS::Session dsession = Botan::TLS::Session::decrypt(ctext1.data(), ctext1.size(), key); + + result.test_eq("Decrypted session access works", dsession.srp_identifier(), "SRP username"); + + return {result}; + } + }; + +BOTAN_REGISTER_TEST("tls_session", TLS_Session_Tests); + #if defined(BOTAN_HAS_TLS_CBC) class TLS_CBC_Padding_Tests final : public Text_Based_Test diff --git a/src/tests/unit_tls.cpp b/src/tests/unit_tls.cpp index 57d436ff4..a26c6e9f7 100644 --- a/src/tests/unit_tls.cpp +++ b/src/tests/unit_tls.cpp @@ -704,6 +704,12 @@ class TLS_Unit_Tests final : public Test version, creds, policy, policy, rng, client_ses, server_ses, client_auth); test.go(); results.push_back(test.results()); + + TLS_Handshake_Test test_resumption( + version.to_string() + " " + test_descr, + version, creds, policy, policy, rng, client_ses, server_ses, client_auth); + test_resumption.go(); + results.push_back(test_resumption.results()); } } catch(std::exception& e) |