diff options
-rw-r--r-- | src/tests/unit_tls_policy.cpp | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/src/tests/unit_tls_policy.cpp b/src/tests/unit_tls_policy.cpp index bd8be6e03..66080a283 100644 --- a/src/tests/unit_tls_policy.cpp +++ b/src/tests/unit_tls_policy.cpp @@ -31,6 +31,10 @@ #include <botan/dh.h> #endif +#if defined(BOTAN_HAS_DSA) + #include <botan/dsa.h> +#endif + namespace Botan_Tests { namespace { @@ -47,6 +51,7 @@ class TLS_Policy_Unit_Tests : public Test results.push_back(test_peer_key_acceptable_ecdh()); results.push_back(test_peer_key_acceptable_ecdsa()); results.push_back(test_peer_key_acceptable_dh()); + results.push_back(test_peer_key_acceptable_dsa()); return results; } @@ -151,6 +156,33 @@ class TLS_Policy_Unit_Tests : public Test return result; } + Test::Result test_peer_key_acceptable_dsa() + { + Test::Result result("TLS Policy DSA key verification"); +#if defined(BOTAN_HAS_DSA) + const Botan::DL_Group grp_1024("modp/ietf/1024"); + std::unique_ptr<Botan::Private_Key> dsa_1024(new Botan::DSA_PrivateKey(Test::rng(), grp_1024)); + + Botan::TLS::Policy policy; + try + { + policy.check_peer_key_acceptable(*dsa_1024); + result.test_failure("Incorrectly accepting short bit DSA keys"); + } + catch(Botan::TLS::TLS_Exception&) + { + result.test_success("Correctly rejecting short bit DSA keys"); + } + + const Botan::DL_Group grp_2048("modp/ietf/2048"); + std::unique_ptr<Botan::Private_Key> dsa_2048(new Botan::DSA_PrivateKey(Test::rng(), grp_2048)); + policy.check_peer_key_acceptable(*dsa_2048); + result.test_success("Correctly accepting 2048 bit DSA keys"); +#endif + return result; + } + + }; BOTAN_REGISTER_TEST("tls_policy", TLS_Policy_Unit_Tests); |