diff options
author | Jack Lloyd <[email protected]> | 2019-11-23 07:38:01 -0500 |
---|---|---|
committer | Jack Lloyd <[email protected]> | 2019-11-23 07:38:01 -0500 |
commit | bc02bd3fb697e30fd6509da25b832447b46d9bb9 (patch) | |
tree | 6d9e357a8975489f8447c14f0251592970cf611f /src/tests | |
parent | b36dea33cb5c0552642a3ce0218b9bafd6f3e43b (diff) |
Add a test of TLS-SRP
Diffstat (limited to 'src/tests')
-rw-r--r-- | src/tests/unit_tls.cpp | 93 |
1 files changed, 92 insertions, 1 deletions
diff --git a/src/tests/unit_tls.cpp b/src/tests/unit_tls.cpp index 9c14ff5f1..d8c4fb9e3 100644 --- a/src/tests/unit_tls.cpp +++ b/src/tests/unit_tls.cpp @@ -32,6 +32,10 @@ #include <botan/dsa.h> #endif + #if defined(BOTAN_HAS_SRP6) + #include <botan/srp6.h> + #endif + #if defined(BOTAN_HAS_TLS_SQLITE3_SESSION_MANAGER) #include <botan/tls_session_manager_sqlite.h> #endif @@ -297,6 +301,88 @@ create_creds(Botan::RandomNumberGenerator& rng, return cmt; } +#if defined(BOTAN_HAS_SRP6) +Botan::Credentials_Manager* +create_srp6_creds(Botan::RandomNumberGenerator& rng) + { + class Credentials_Manager_SRP6 : public Botan::Credentials_Manager + { + public: + Credentials_Manager_SRP6(Botan::RandomNumberGenerator& rng) + { + m_group_id = "modp/srp/1024"; + m_username = "srp6_username"; + m_password = "srp6_password"; + m_salt.resize(16); + rng.randomize(m_salt.data(), m_salt.size()); + + m_verifier = Botan::generate_srp6_verifier(m_username, + m_password, + m_salt, + m_group_id, + "SHA-1"); + } + + bool attempt_srp(const std::string& /*type*/, + const std::string& /*context*/) + { + return true; + } + + std::string srp_identifier(const std::string& /*type*/, + const std::string& /*context*/) override + { + return m_username; + } + + std::string srp_password(const std::string& /*type*/, + const std::string& /*context*/, + const std::string& identifier) override + { + if(identifier == m_username) + return m_password; + return ""; + } + + bool srp_verifier(const std::string& /*type*/, + const std::string& /*context*/, + const std::string& identifier, + std::string& group_name, + Botan::BigInt& verifier, + std::vector<uint8_t>& salt, + bool generate_fake_on_unknown) override + { + // FIXME test generate_fake_on_unknown behavior + if(identifier == m_username) + { + group_name = m_group_id; + verifier = m_verifier; + salt = m_salt; + return true; + } + else if(generate_fake_on_unknown) + { + group_name = m_group_id; + verifier = m_verifier + 1; + salt = m_salt; + return true; + } + else + return false; + } + + std::string m_username; + std::string m_password; + std::vector<uint8_t> m_salt; + std::string m_group_id; + Botan::BigInt m_verifier; + }; + + return new Credentials_Manager_SRP6(rng); + } +#endif + + class TLS_Handshake_Test final { public: @@ -761,7 +847,7 @@ class TLS_Unit_Tests final : public Test policy.set("allow_dtls10", "true"); policy.set("allow_dtls12", "true"); - if(kex_policy.find("RSA") != std::string::npos) + if(kex_policy.find("RSA") != std::string::npos || kex_policy.find("SRP") != std::string::npos) { policy.set("signature_methods", "IMPLICIT"); } @@ -894,6 +980,11 @@ class TLS_Unit_Tests final : public Test { { "signature_methods", "DSA" } }); #endif +#if defined(BOTAN_HAS_SRP6) + std::unique_ptr<Botan::Credentials_Manager> srp6_creds(create_srp6_creds(rng)); + test_all_versions("SRP6 AES", results, *client_ses, *server_ses, *srp6_creds, "SRP_SHA", "AES-128", "SHA-1", "false"); +#endif + #endif Botan::TLS::Strict_Policy strict_policy; |