diff options
-rw-r--r-- | src/tests/test_ffi.cpp | 252 |
1 files changed, 149 insertions, 103 deletions
diff --git a/src/tests/test_ffi.cpp b/src/tests/test_ffi.cpp index d0ce8115e..7f5908834 100644 --- a/src/tests/test_ffi.cpp +++ b/src/tests/test_ffi.cpp @@ -5,10 +5,11 @@ */ #include "catchy/catchy_tests.h" -#include <botan/version.h> #if defined(BOTAN_HAS_FFI) +#include <botan/version.h> + #include <botan/hex.h> #include <botan/ffi.h> @@ -17,10 +18,10 @@ using Botan::hex_decode; TEST_CASE("FFI versioning", "[ffi]") { - CHECK(botan_ffi_api_version() == BOTAN_HAS_FFI); - CHECK(botan_version_major() == Botan::version_major()); - CHECK(botan_version_minor() == Botan::version_minor()); - CHECK(botan_version_patch() == Botan::version_patch()); + CHECK_THAT(botan_ffi_api_version(), Equals(BOTAN_HAS_FFI)); + CHECK_THAT(botan_version_major(), Equals(Botan::version_major())); + CHECK_THAT(botan_version_minor(), Equals(Botan::version_minor())); + CHECK_THAT(botan_version_patch(), Equals(Botan::version_patch())); } TEST_CASE("FFI hex", "[ffi]") @@ -29,11 +30,11 @@ TEST_CASE("FFI hex", "[ffi]") std::string out; out.resize(2*bin.size()); - CHECK(0 == botan_hex_encode(bin.data(), bin.size(), &out[0], 0)); - CHECK(out == "AADE01"); + CHECK_THAT(botan_hex_encode(bin.data(), bin.size(), &out[0], 0), Equals(0)); + CHECK_THAT(out, Equals("AADE01")); - CHECK(0 == botan_hex_encode(bin.data(), bin.size(), &out[0], BOTAN_FFI_HEX_LOWER_CASE)); - CHECK(out == "aade01"); + CHECK_THAT(botan_hex_encode(bin.data(), bin.size(), &out[0], BOTAN_FFI_HEX_LOWER_CASE), Equals(0)); + CHECK_THAT(out, Equals("aade01")); } TEST_CASE("FFI RNG", "[ffi]") @@ -43,14 +44,16 @@ TEST_CASE("FFI RNG", "[ffi]") CHECK(botan_rng_init(&rng, "bad_type") < 0); - const char* types[] = { "system", "user", nullptr }; + const std::vector<std::string> types = { "system", "user" }; - for(size_t i = 0; types[i]; ++i) + for(const auto type : types) { - REQUIRE(botan_rng_init(&rng, types[i]) == 0); - CHECK(0 == botan_rng_get(rng, buf, sizeof(buf))); - CHECK(0 == botan_rng_reseed(rng, 256)); - CHECK(0 == botan_rng_destroy(rng)); + REQUIRE_THAT(botan_rng_init(&rng, type.c_str()), Equals(0)); + CHECK_THAT(botan_rng_get(rng, buf, sizeof(buf)), Equals(0)); + CHECK_THAT(botan_rng_reseed(rng, 256), Equals(0)); + + int ret = botan_rng_destroy(rng); // Catch evalues expresstion multiple times + CHECK_THAT(ret, Equals(0)); } } @@ -58,62 +61,72 @@ TEST_CASE("FFI hash", "[ffi]") { botan_hash_t hash; CHECK(botan_hash_init(&hash, "SHA-256", 1) < 0); - REQUIRE(botan_hash_init(&hash, "SHA-256", 0) == 0); + REQUIRE_THAT(botan_hash_init(&hash, "SHA-256", 0), Equals(0)); /* char namebuf[32]; CHECK(botan_hash_name(hash, namebuf, 5) < 0); - CHECK(0 == botan_hash_name(hash, namebuf, 31)); + CHECK_THAT(botan_hash_name(hash, namebuf, 31)); CHECK(std::string(namebuf) == "SHA-256"); */ size_t ol; - CHECK(0 == botan_hash_output_length(hash, &ol)); - CHECK(ol == 32); + CHECK_THAT(botan_hash_output_length(hash, &ol), Equals(0)); + CHECK_THAT(ol, Equals(32)); const char* s = "ABC"; std::vector<uint8_t> outbuf(ol); - CHECK(0 == botan_hash_update(hash, reinterpret_cast<const uint8_t*>(s), 3)); - CHECK(0 == botan_hash_final(hash, outbuf.data())); - //CHECK_ARRAY(outbuf, "B5D4045C3F466FA91FE2CC6ABE79232A1A57CDF104F7A26E716E0A1E2789DF78"); - CHECK(hex_encode(outbuf) == "B5D4045C3F466FA91FE2CC6ABE79232A1A57CDF104F7A26E716E0A1E2789DF78"); + int retUpdate = botan_hash_update(hash, reinterpret_cast<const uint8_t*>(s), 3); + CHECK_THAT(retUpdate, Equals(0)); + + int retFinal = botan_hash_final(hash, outbuf.data()); + CHECK_THAT(retFinal, Equals(0)); - CHECK(0 == botan_hash_clear(hash)); + //CHECK_ARRAY(outbuf, "B5D4045C3F466FA91FE2CC6ABE79232A1A57CDF104F7A26E716E0A1E2789DF78"); + CHECK_THAT(hex_encode(outbuf), Equals("B5D4045C3F466FA91FE2CC6ABE79232A1A57CDF104F7A26E716E0A1E2789DF78")); - CHECK(0 == botan_hash_destroy(hash)); + CHECK_THAT(botan_hash_clear(hash), Equals(0)); + int ret = botan_hash_destroy(hash); + CHECK_THAT(ret, Equals(0)); } TEST_CASE("FFI mac", "[ffi]") { botan_mac_t mac; - CHECK(-1 == botan_mac_init(&mac, "HMAC(SHA-256)", 1)); // bad flag - CHECK(-2 == botan_mac_init(&mac, "HMAC(SHA-259)", 0)); // bad name - CHECK(0 == botan_mac_init(&mac, "HMAC(SHA-256)", 0)); + CHECK_THAT(botan_mac_init(&mac, "HMAC(SHA-256)", 1), Equals(-1)); // bad flag + CHECK_THAT(botan_mac_init(&mac, "HMAC(SHA-259)", 0), Equals(-2)); // bad name + CHECK_THAT(botan_mac_init(&mac, "HMAC(SHA-256)", 0), Equals(0)); //char namebuf[32]; //CHECK(botan_mac_name(mac, namebuf, 10) < 0); - //CHECK(0 == botan_mac_name(mac, namebuf, 31)); + //CHECK_THAT(botan_mac_name(mac, namebuf, 31), Equals(0)); //CHECK(std::string(namebuf) == "HMAC(SHA-256)"); size_t ol; - CHECK(0 == botan_mac_output_length(mac, &ol)); - CHECK(ol == 32); + CHECK_THAT(botan_mac_output_length(mac, &ol), Equals(0)); + CHECK_THAT(ol, Equals(32)); const uint8_t key[] = { 0xAA, 0xBB, 0xCC, 0xDD }; - CHECK(0 == botan_mac_set_key(mac, key, 4)); + CHECK_THAT(botan_mac_set_key(mac, key, 4), Equals(0)); const char* s = "ABC"; std::vector<uint8_t> outbuf(ol); - CHECK(0 == botan_mac_update(mac, reinterpret_cast<const uint8_t*>(s), 3)); - CHECK(0 == botan_mac_final(mac, outbuf.data())); - CHECK(hex_encode(outbuf) == "1A82EEA984BC4A7285617CC0D05F1FE1D6C96675924A81BC965EE8FF7B0697A7"); + int retUpdate = botan_mac_update(mac, reinterpret_cast<const uint8_t*>(s), 3); + CHECK_THAT(retUpdate, Equals(0)); - CHECK(0 == botan_mac_clear(mac)); - CHECK(0 == botan_mac_destroy(mac)); + int retFinal = botan_mac_final(mac, outbuf.data()); + CHECK_THAT(retFinal, Equals(0)); + + CHECK_THAT(hex_encode(outbuf), Equals("1A82EEA984BC4A7285617CC0D05F1FE1D6C96675924A81BC965EE8FF7B0697A7")); + + CHECK_THAT(botan_mac_clear(mac), Equals(0)); + + int retDestroy = botan_mac_destroy(mac); + CHECK_THAT(retDestroy, Equals(0)); } TEST_CASE("FFI PBKDF", "[ffi]") @@ -125,16 +138,19 @@ TEST_CASE("FFI PBKDF", "[ffi]") std::vector<uint8_t> outbuf(out_len); - CHECK(0 == botan_pbkdf("PBKDF2(SHA-1)", outbuf.data(), outbuf.size(), - passphrase.c_str(), salt.data(), salt.size(), iterations)); + CHECK_THAT(botan_pbkdf("PBKDF2(SHA-1)", outbuf.data(), outbuf.size(), + passphrase.c_str(), salt.data(), salt.size(), iterations), + Equals(0)); - CHECK(hex_encode(outbuf) == "027AFADD48F4BE8DCC4F"); + CHECK_THAT(hex_encode(outbuf), Equals("027AFADD48F4BE8DCC4F")); size_t iters_10ms, iters_100ms; - CHECK(0 == botan_pbkdf_timed("PBKDF2(SHA-1)", outbuf.data(), outbuf.size(), - passphrase.c_str(), salt.data(), salt.size(), 10, &iters_10ms)); - CHECK(0 == botan_pbkdf_timed("PBKDF2(SHA-1)", outbuf.data(), outbuf.size(), - passphrase.c_str(), salt.data(), salt.size(), 100, &iters_100ms)); + CHECK_THAT(botan_pbkdf_timed("PBKDF2(SHA-1)", outbuf.data(), outbuf.size(), + passphrase.c_str(), salt.data(), salt.size(), 10, &iters_10ms), + Equals(0)); + CHECK_THAT(botan_pbkdf_timed("PBKDF2(SHA-1)", outbuf.data(), outbuf.size(), + passphrase.c_str(), salt.data(), salt.size(), 100, &iters_100ms), + Equals(0)); CHECK(iters_10ms >= 10000); @@ -152,10 +168,11 @@ TEST_CASE("FFI KDF", "[ffi]") const size_t out_len = 18; std::vector<uint8_t> out_buf(out_len); - REQUIRE(botan_kdf("KDF2(SHA-1)", out_buf.data(), out_len, - secret.data(), secret.size(), salt.data(), salt.size()) == 0); + REQUIRE_THAT(botan_kdf("KDF2(SHA-1)", out_buf.data(), out_len, + secret.data(), secret.size(), salt.data(), salt.size()), + Equals(0)); - CHECK(hex_encode(out_buf) == "3A5DC9AA1C872B4744515AC2702D6396FC2A"); + CHECK_THAT(hex_encode(out_buf), Equals("3A5DC9AA1C872B4744515AC2702D6396FC2A")); } TEST_CASE("FFI bcrypt", "[ffi]") @@ -166,12 +183,11 @@ TEST_CASE("FFI bcrypt", "[ffi]") std::vector<uint8_t> outbuf(62); size_t ol = outbuf.size(); - CHECK(0 == botan_bcrypt_generate(outbuf.data(), &ol, "password", rng, 10, 0)); + CHECK_THAT(botan_bcrypt_generate(outbuf.data(), &ol, "password", rng, 10, 0), Equals(0)); botan_rng_destroy(rng); - CHECK(1 == botan_bcrypt_is_valid("wrong", reinterpret_cast<const char*>(outbuf.data()))); - CHECK(0 == botan_bcrypt_is_valid("password", reinterpret_cast<const char*>(outbuf.data()))); - + CHECK_THAT(botan_bcrypt_is_valid("wrong", reinterpret_cast<const char*>(outbuf.data())), Equals(1)); + CHECK_THAT(botan_bcrypt_is_valid("password", reinterpret_cast<const char*>(outbuf.data())), Equals(0)); } TEST_CASE("FFI RSA", "[ffi]") @@ -180,45 +196,49 @@ TEST_CASE("FFI RSA", "[ffi]") botan_rng_init(&rng, "system"); botan_privkey_t priv; - REQUIRE(0 == botan_privkey_create_rsa(&priv, rng, 2048)); + REQUIRE_THAT(botan_privkey_create_rsa(&priv, rng, 2048), Equals(0)); botan_pubkey_t pub; - CHECK(0 == botan_privkey_export_pubkey(&pub, priv)); + CHECK_THAT(botan_privkey_export_pubkey(&pub, priv), Equals(0)); std::string name(64, '\x00'); size_t name_len = name.size(); - CHECK(0 == botan_pubkey_algo_name(pub, &name[0], &name_len)); + CHECK_THAT(botan_pubkey_algo_name(pub, &name[0], &name_len), Equals(0)); name.resize(name_len - 1); - CHECK(name == "RSA"); + CHECK_THAT(name, Equals("RSA")); botan_pk_op_encrypt_t encrypt; - CHECK(0 == botan_pk_op_encrypt_create(&encrypt, pub, "OAEP(SHA-256)", 0)); + CHECK_THAT(botan_pk_op_encrypt_create(&encrypt, pub, "OAEP(SHA-256)", 0), Equals(0)); std::vector<uint8_t> plaintext(32); - CHECK(0 == botan_rng_get(rng, plaintext.data(), plaintext.size())); + CHECK_THAT(botan_rng_get(rng, plaintext.data(), plaintext.size()), Equals(0)); std::vector<uint8_t> ciphertext(256); // TODO: no way to know this size from API size_t ctext_len = ciphertext.size(); - CHECK(botan_pk_op_encrypt(encrypt, rng, ciphertext.data(), &ctext_len, - plaintext.data(), plaintext.size()) == 0); + CHECK_THAT(botan_pk_op_encrypt(encrypt, rng, ciphertext.data(), &ctext_len, + plaintext.data(), plaintext.size()), + Equals(0)); ciphertext.resize(ctext_len); - CHECK(0 == botan_pk_op_encrypt_destroy(encrypt)); + int retEncryptDestroy = botan_pk_op_encrypt_destroy(encrypt); + CHECK_THAT(retEncryptDestroy, Equals(0)); //CHECK(botan_pk_op_encrypt_destroy(encrypt) < 0); botan_pk_op_decrypt_t decrypt; - CHECK(0 == botan_pk_op_decrypt_create(&decrypt, priv, "OAEP(SHA-256)", 0)); + CHECK_THAT(botan_pk_op_decrypt_create(&decrypt, priv, "OAEP(SHA-256)", 0), Equals(0)); std::vector<uint8_t> decrypted(256); // TODO as with above size_t decrypted_len = decrypted.size(); - CHECK(botan_pk_op_decrypt(decrypt, decrypted.data(), &decrypted_len, - ciphertext.data(), ciphertext.size()) == 0); + CHECK_THAT(botan_pk_op_decrypt(decrypt, decrypted.data(), &decrypted_len, + ciphertext.data(), ciphertext.size()), + Equals(0)); decrypted.resize(decrypted_len); - CHECK(hex_encode(plaintext) == hex_encode(decrypted)); + CHECK_THAT(hex_encode(plaintext), Equals(hex_encode(decrypted))); - CHECK(0 == botan_pk_op_decrypt_destroy(decrypt)); + int retDecryptDestroy = botan_pk_op_decrypt_destroy(decrypt); + CHECK_THAT(retDecryptDestroy, Equals(0)); //CHECK(botan_pk_op_decrypt_destroy(decrypt) < 0); botan_rng_destroy(rng); @@ -233,58 +253,82 @@ TEST_CASE("FFI ECDSA", "[ffi]") int rc = botan_privkey_create_ecdsa(&priv, rng, "secp384r1"); botan_pubkey_t pub; - CHECK(0 == botan_privkey_export_pubkey(&pub, priv)); + CHECK_THAT(botan_privkey_export_pubkey(&pub, priv), Equals(0)); std::string name(64, '\x00'); size_t name_len = name.size(); - CHECK(0 == botan_pubkey_algo_name(pub, &name[0], &name_len)); + CHECK_THAT(botan_pubkey_algo_name(pub, &name[0], &name_len), Equals(0)); name.resize(name_len - 1); - CHECK(name == "ECDSA"); + CHECK_THAT(name, Equals("ECDSA")); botan_pk_op_sign_t signer; - CHECK(0 == botan_pk_op_sign_create(&signer, priv, "EMSA1(SHA-384)", 0)); + CHECK_THAT(botan_pk_op_sign_create(&signer, priv, "EMSA1(SHA-384)", 0), Equals(0)); std::vector<uint8_t> message(1280); - CHECK(0 == botan_rng_get(rng, message.data(), message.size())); + CHECK_THAT(botan_rng_get(rng, message.data(), message.size()), Equals(0)); // TODO: break input into multiple calls to update - CHECK(0 == botan_pk_op_sign_update(signer, message.data(), message.size())); + int retSignUpdate = botan_pk_op_sign_update(signer, message.data(), message.size()); + CHECK_THAT(retSignUpdate, Equals(0)); std::vector<uint8_t> signature(96); // TODO: no way to derive this from API size_t sig_len = signature.size(); - CHECK(0 == botan_pk_op_sign_finish(signer, rng, signature.data(), &sig_len)); + + int retSignFinish = botan_pk_op_sign_finish(signer, rng, signature.data(), &sig_len); + CHECK_THAT(retSignFinish, Equals(0)); + signature.resize(sig_len); - CHECK(0 == botan_pk_op_sign_destroy(signer)); + + int retSignDestroy = botan_pk_op_sign_destroy(signer); + CHECK_THAT(retSignDestroy, Equals(0)); botan_pk_op_verify_t verifier; - CHECK(0 == botan_pk_op_verify_create(&verifier, pub, "EMSA1(SHA-384)", 0)); + int retVerifyCreate = botan_pk_op_verify_create(&verifier, pub, "EMSA1(SHA-384)", 0); + CHECK_THAT(retVerifyCreate, Equals(0)); - CHECK(0 == botan_pk_op_verify_update(verifier, message.data(), message.size())); - CHECK(0 == botan_pk_op_verify_finish(verifier, signature.data(), signature.size())); + { + int retVerifyUpdate = botan_pk_op_verify_update(verifier, message.data(), message.size()); + CHECK_THAT(retVerifyUpdate, Equals(0)); + int retVerifyFinish = botan_pk_op_verify_finish(verifier, signature.data(), signature.size()); + CHECK_THAT(retVerifyFinish, Equals(0)); + } // TODO: randomize this signature[0] ^= 1; - - CHECK(0 == botan_pk_op_verify_update(verifier, message.data(), message.size())); - CHECK(1 == botan_pk_op_verify_finish(verifier, signature.data(), signature.size())); + { + int retVerifyUpdate = botan_pk_op_verify_update(verifier, message.data(), message.size()); + CHECK_THAT(retVerifyUpdate, Equals(0)); + int retVerifyFinish = botan_pk_op_verify_finish(verifier, signature.data(), signature.size()); + CHECK_THAT(retVerifyFinish, Equals(1)); + } message[0] ^= 1; - - CHECK(0 == botan_pk_op_verify_update(verifier, message.data(), message.size())); - CHECK(1 == botan_pk_op_verify_finish(verifier, signature.data(), signature.size())); + { + int retVerifyUpdate = botan_pk_op_verify_update(verifier, message.data(), message.size()); + CHECK_THAT(retVerifyUpdate, Equals(0)); + int retVerifyFinish = botan_pk_op_verify_finish(verifier, signature.data(), signature.size()); + CHECK_THAT(retVerifyFinish, Equals(1)); + } signature[0] ^= 1; - - CHECK(0 == botan_pk_op_verify_update(verifier, message.data(), message.size())); - CHECK(1 == botan_pk_op_verify_finish(verifier, signature.data(), signature.size())); + { + int retVerifyUpdate = botan_pk_op_verify_update(verifier, message.data(), message.size()); + CHECK_THAT(retVerifyUpdate, Equals(0)); + int retVerifyFinish = botan_pk_op_verify_finish(verifier, signature.data(), signature.size()); + CHECK_THAT(retVerifyFinish, Equals(1)); + } message[0] ^= 1; + { + int retVerifyUpdate = botan_pk_op_verify_update(verifier, message.data(), message.size()); + CHECK_THAT(retVerifyUpdate, Equals(0)); + int retVerifyFinish = botan_pk_op_verify_finish(verifier, signature.data(), signature.size()); + CHECK_THAT(retVerifyFinish, Equals(0)); + } - CHECK(0 == botan_pk_op_verify_update(verifier, message.data(), message.size())); - CHECK(0 == botan_pk_op_verify_finish(verifier, signature.data(), signature.size())); - - CHECK(0 == botan_pk_op_verify_destroy(verifier)); + int retVerifyDestroy = botan_pk_op_verify_destroy(verifier); + CHECK_THAT(retVerifyDestroy, Equals(0)); botan_rng_destroy(rng); } @@ -295,48 +339,50 @@ TEST_CASE("FFI ECDH", "[ffi]") botan_rng_init(&rng, "system"); botan_privkey_t priv1; - CHECK(0 == botan_privkey_create_ecdh(&priv1, rng, "secp256r1")); + CHECK_THAT(botan_privkey_create_ecdh(&priv1, rng, "secp256r1"), Equals(0)); botan_privkey_t priv2; - CHECK(0 == botan_privkey_create_ecdh(&priv2, rng, "secp256r1")); + CHECK_THAT(botan_privkey_create_ecdh(&priv2, rng, "secp256r1"), Equals(0)); botan_pubkey_t pub1; - CHECK(0 == botan_privkey_export_pubkey(&pub1, priv1)); + CHECK_THAT(botan_privkey_export_pubkey(&pub1, priv1), Equals(0)); botan_pubkey_t pub2; - CHECK(0 == botan_privkey_export_pubkey(&pub2, priv2)); + CHECK_THAT(botan_privkey_export_pubkey(&pub2, priv2), Equals(0)); botan_pk_op_ka_t ka1; - CHECK(0 == botan_pk_op_key_agreement_create(&ka1, priv1, "KDF2(SHA-256)", 0)); + CHECK_THAT(botan_pk_op_key_agreement_create(&ka1, priv1, "KDF2(SHA-256)", 0), Equals(0)); botan_pk_op_ka_t ka2; - CHECK(0 == botan_pk_op_key_agreement_create(&ka2, priv2, "KDF2(SHA-256)", 0)); + CHECK_THAT(botan_pk_op_key_agreement_create(&ka2, priv2, "KDF2(SHA-256)", 0), Equals(0)); std::vector<uint8_t> pubkey1(256); // length problem again size_t pubkey1_len = pubkey1.size(); - CHECK(0 == botan_pk_op_key_agreement_export_public(priv1, pubkey1.data(), &pubkey1_len)); + CHECK_THAT(botan_pk_op_key_agreement_export_public(priv1, pubkey1.data(), &pubkey1_len), Equals(0)); pubkey1.resize(pubkey1_len); std::vector<uint8_t> pubkey2(256); // length problem again size_t pubkey2_len = pubkey2.size(); - CHECK(0 == botan_pk_op_key_agreement_export_public(priv2, pubkey2.data(), &pubkey2_len)); + CHECK_THAT(botan_pk_op_key_agreement_export_public(priv2, pubkey2.data(), &pubkey2_len), Equals(0)); pubkey2.resize(pubkey2_len); std::vector<uint8_t> salt(32); - CHECK(0 == botan_rng_get(rng, salt.data(), salt.size())); + CHECK_THAT(botan_rng_get(rng, salt.data(), salt.size()), Equals(0)); const size_t shared_key_len = 64; std::vector<uint8_t> key1(shared_key_len); size_t key1_len = key1.size(); - CHECK(0 == botan_pk_op_key_agreement(ka1, key1.data(), &key1_len, + CHECK_THAT(botan_pk_op_key_agreement(ka1, key1.data(), &key1_len, pubkey2.data(), pubkey2.size(), - salt.data(), salt.size())); + salt.data(), salt.size()), + Equals(0)); std::vector<uint8_t> key2(shared_key_len); size_t key2_len = key2.size(); - CHECK(0 == botan_pk_op_key_agreement(ka2, key2.data(), &key2_len, + CHECK_THAT(botan_pk_op_key_agreement(ka2, key2.data(), &key2_len, pubkey1.data(), pubkey1.size(), - salt.data(), salt.size())); + salt.data(), salt.size()), + Equals(0)); - CHECK(hex_encode(key1) == hex_encode(key2)); + CHECK_THAT(hex_encode(key1), Equals(hex_encode(key2))); botan_rng_destroy(rng); } |