aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/lib/tls/tls_messages.h16
-rw-r--r--src/tests/data/tls/cert_status.vec17
-rw-r--r--src/tests/data/tls/cert_verify.vec2
-rw-r--r--src/tests/test_tls_messages.cpp40
4 files changed, 62 insertions, 13 deletions
diff --git a/src/lib/tls/tls_messages.h b/src/lib/tls/tls_messages.h
index 8e08b6e87..5a1f03a06 100644
--- a/src/lib/tls/tls_messages.h
+++ b/src/lib/tls/tls_messages.h
@@ -394,7 +394,7 @@ class BOTAN_DLL Server_Hello final : public Handshake_Message
/**
* Client Key Exchange Message
*/
-class Client_Key_Exchange final : public Handshake_Message
+class BOTAN_DLL Client_Key_Exchange final : public Handshake_Message
{
public:
Handshake_Type type() const override { return CLIENT_KEX; }
@@ -428,7 +428,7 @@ class Client_Key_Exchange final : public Handshake_Message
/**
* Certificate Message
*/
-class Certificate final : public Handshake_Message
+class BOTAN_DLL Certificate final : public Handshake_Message
{
public:
Handshake_Type type() const override { return CERTIFICATE; }
@@ -451,7 +451,7 @@ class Certificate final : public Handshake_Message
/**
* Certificate Status (RFC 6066)
*/
-class Certificate_Status final : public Handshake_Message
+class BOTAN_DLL Certificate_Status final : public Handshake_Message
{
public:
Handshake_Type type() const override { return CERTIFICATE_STATUS; }
@@ -472,7 +472,7 @@ class Certificate_Status final : public Handshake_Message
/**
* Certificate Request Message
*/
-class Certificate_Req final : public Handshake_Message
+class BOTAN_DLL Certificate_Req final : public Handshake_Message
{
public:
Handshake_Type type() const override { return CERTIFICATE_REQUEST; }
@@ -539,7 +539,7 @@ class BOTAN_DLL Certificate_Verify final : public Handshake_Message
/**
* Finished Message
*/
-class Finished final : public Handshake_Message
+class BOTAN_DLL Finished final : public Handshake_Message
{
public:
Handshake_Type type() const override { return FINISHED; }
@@ -578,7 +578,7 @@ class BOTAN_DLL Hello_Request final : public Handshake_Message
/**
* Server Key Exchange Message
*/
-class Server_Key_Exchange final : public Handshake_Message
+class BOTAN_DLL Server_Key_Exchange final : public Handshake_Message
{
public:
Handshake_Type type() const override { return SERVER_KEX; }
@@ -646,7 +646,7 @@ class Server_Key_Exchange final : public Handshake_Message
/**
* Server Hello Done Message
*/
-class Server_Hello_Done final : public Handshake_Message
+class BOTAN_DLL Server_Hello_Done final : public Handshake_Message
{
public:
Handshake_Type type() const override { return SERVER_HELLO_DONE; }
@@ -687,7 +687,7 @@ class BOTAN_DLL New_Session_Ticket final : public Handshake_Message
/**
* Change Cipher Spec
*/
-class Change_Cipher_Spec final : public Handshake_Message
+class BOTAN_DLL Change_Cipher_Spec final : public Handshake_Message
{
public:
Handshake_Type type() const override { return HANDSHAKE_CCS; }
diff --git a/src/tests/data/tls/cert_status.vec b/src/tests/data/tls/cert_status.vec
new file mode 100644
index 000000000..d93f800ab
--- /dev/null
+++ b/src/tests/data/tls/cert_status.vec
@@ -0,0 +1,17 @@
+
+[cert_status]
+Buffer = 00
+Exception = Invalid argument Decoding error: Invalid Certificate_Status message: too small
+
+Buffer = 01
+Exception = Invalid argument Decoding error: Invalid Certificate_Status message: too small
+
+Buffer = 01000000
+Exception = Invalid argument Decoding error: Invalid Certificate_Status message: too small
+
+Buffer = 010FFFF000
+Exception = Invalid argument Decoding error: Invalid Certificate_Status: invalid length field
+
+Buffer = 0100020F3082020B0A0100A08202043082020006092B0601050507300101048201F1308201ED3081D6A14C304A310B300906035504061302555331163014060355040A130D4C6574277320456E6372797074312330210603550403131A4C6574277320456E637279707420417574686F72697479205833180F32303136313131383132313630305A30753073304B300906052B0E03021A050004147EE66AE7729AB3FCF8A220646C16A12D6071085D0414A84A6A63047DDDBAE6D139B7A64565EFF3A8ECA1021203E89ED07A424B72A35FAD167F48A4F25AD28000180F32303136313131383132303030305AA011180F32303136313132353132303030305A300D06092A864886F70D01010B050003820101007CB8774D813E6E0FBFA816BE53F5F3131EF9DED7B0928BBE50AC628C90C811DBBFE0E43A98BF3FB608CC230EFE31FE98BE99016D98DE73028F6C1AE8C34B0F20DD7E688604322538E721EF9D0D353EADE8818BFB63DA8078A7E2BF9E637282DE6C79B2289F0C13807A9D3B7532970FF0AA77CE06A06299B02274ED6C62DFC672485405C1859FEBDFC3B5B2D81A0A45382FFABBF75D6EAC1AD1AF12701DCDF87F0EFEB41933AED08EF78B35F48362A792E55027F00B3EE4571F30212A3EB7BE4B934F67685A4AF2BBF428280BC20D1A42E75DBE42C459541B4E1EE5BB99E0CCA166C2E9C2E6054F147F2FDF33F104E9076061640EDDB12B62BEAA82E0D60ED128
+Name = Let's Encrypt Authority X3
+Exception =
diff --git a/src/tests/data/tls/cert_verify.vec b/src/tests/data/tls/cert_verify.vec
index f812d1c6a..7f09002ce 100644
--- a/src/tests/data/tls/cert_verify.vec
+++ b/src/tests/data/tls/cert_verify.vec
@@ -37,4 +37,4 @@ Exception = Invalid argument Decoding error: Invalid CertificateVerify: Expected
Buffer = 000200
Protocol = 0301
-Exception = Invalid argument Decoding error: Invalid CertificateVerify: Expected 2 bytes remaining, only 1 left \ No newline at end of file
+Exception = Invalid argument Decoding error: Invalid CertificateVerify: Expected 2 bytes remaining, only 1 left
diff --git a/src/tests/test_tls_messages.cpp b/src/tests/test_tls_messages.cpp
index d4a9a27fd..d04bea8a0 100644
--- a/src/tests/test_tls_messages.cpp
+++ b/src/tests/test_tls_messages.cpp
@@ -47,7 +47,7 @@ class TLS_Message_Parsing_Test : public Text_Based_Test
{
public:
TLS_Message_Parsing_Test() :
- Text_Based_Test("tls", "Buffer,Protocol,Ciphersuite,AdditionalData,Exception")
+ Text_Based_Test("tls", "Buffer,Protocol,Ciphersuite,AdditionalData,Name,Exception")
{}
Test::Result run_one_test(const std::string& algo, const VarMap& vars) override
@@ -56,6 +56,7 @@ class TLS_Message_Parsing_Test : public Text_Based_Test
const std::vector<uint8_t> protocol = get_opt_bin(vars, "Protocol");
const std::vector<uint8_t> ciphersuite = get_opt_bin(vars, "Ciphersuite");
const std::string exception = get_req_str(vars, "Exception");
+ const std::string expected_name = get_opt_str(vars, "Name", "");
const bool is_positive_test = exception.empty();
Test::Result result(algo + " parsing");
@@ -69,7 +70,7 @@ class TLS_Message_Parsing_Test : public Text_Based_Test
Botan::TLS::Protocol_Version pv(protocol[0], protocol[1]);
Botan::TLS::Certificate_Verify message(buffer, pv);
}
- if(algo == "client_hello")
+ else if(algo == "client_hello")
{
const std::string extensions = get_req_str(vars, "AdditionalData");
Botan::TLS::Protocol_Version pv(protocol[0], protocol[1]);
@@ -96,7 +97,7 @@ class TLS_Message_Parsing_Test : public Text_Based_Test
{
Botan::TLS::New_Session_Ticket message(buffer);
}
- if(algo == "server_hello")
+ else if(algo == "server_hello")
{
const std::string extensions = get_req_str(vars, "AdditionalData");
Botan::TLS::Protocol_Version pv(protocol[0], protocol[1]);
@@ -120,6 +121,26 @@ class TLS_Message_Parsing_Test : public Text_Based_Test
result.test_lt("Alert type vectors result to UNKNOWN_CA or ACCESS_DENIED, which is shorter than 15",
message.type_string().size(), 15);
}
+ else if(algo == "cert_status")
+ {
+ Botan::TLS::Certificate_Status message(buffer);
+ std::shared_ptr<const Botan::OCSP::Response> resp = message.response();
+
+ if(result.confirm("Decoded response", resp != nullptr))
+ {
+ const std::vector<std::string> CNs = resp->signer_name().get_attribute("CN");
+
+ // This is not requird by OCSP protocol, we are just using it as a test here
+ if(result.test_eq("OCSP response has signer name", CNs.size(), 1))
+ {
+ result.test_eq("Expected name", CNs[0], expected_name);
+ }
+ }
+ }
+ else
+ {
+ throw Test_Error("Unknown message type " + algo + " in TLS parsing tests");
+ }
result.test_success("Correct parsing");
}
catch(std::exception& e)
@@ -158,6 +179,13 @@ class TLS_Message_Parsing_Test : public Text_Based_Test
Botan::TLS::Hello_Request message(buffer);
});
}
+ else if(algo == "cert_status")
+ {
+ result.test_throws("invalid cert_status input", exception, [&buffer]()
+ {
+ Botan::TLS::Certificate_Status message(buffer);
+ });
+ }
else if(algo == "new_session_ticket")
{
result.test_throws("invalid new_session_ticket input", exception, [&buffer]()
@@ -180,11 +208,15 @@ class TLS_Message_Parsing_Test : public Text_Based_Test
Botan::TLS::Alert message(sb);
});
}
+ else
+ {
+ throw Test_Error("Unknown message type " + algo + " in TLS parsing tests");
+ }
}
return result;
}
-
+
std::vector<Test::Result> run_final_tests() override
{
std::vector<Test::Result> results;