void check_invalid_signatures(Test::Result& result,
Botan::PK_Verifier& verifier,
const std::vector<uint8_t>& message,
const std::vector<uint8_t>& signature)
{
const size_t tests_to_run = (Test::run_long_tests() ? 20 : 5);
const std::vector<uint8_t> zero_sig(signature.size());
result.test_eq("all zero signature invalid", verifier.verify_message(message, zero_sig), false);
for(size_t i = 0; i < tests_to_run; ++i)
{
const std::vector<uint8_t> bad_sig = Test::mutate_vec(signature);
try
{
if(!result.test_eq("incorrect signature invalid",
verifier.verify_message(message, bad_sig), false))
{
result.test_note("Accepted invalid signature " + Botan::hex_encode(bad_sig));
}
}
catch(std::exception& e)
{
result.test_note("Accepted invalid signature " + Botan::hex_encode(bad_sig));
result.test_failure("Modified signature rejected with exception", e.what());
}
}
}
void check_invalid_ciphertexts(Test::Result& result,
Botan::PK_Decryptor& decryptor,
const std::vector<uint8_t>& plaintext,
const std::vector<uint8_t>& ciphertext)
{
std::vector<uint8_t> bad_ctext = ciphertext;
size_t ciphertext_accepted = 0, ciphertext_rejected = 0;
for(size_t i = 0; i <= Test::soak_level(); ++i)
{
while(bad_ctext == ciphertext)
bad_ctext = Test::mutate_vec(bad_ctext, true);
try
{
const Botan::secure_vector<uint8_t> decrypted = decryptor.decrypt(bad_ctext);
++ciphertext_accepted;
if(!result.test_ne("incorrect ciphertext different", decrypted, plaintext))
{
result.test_eq("used corrupted ciphertext", bad_ctext, ciphertext);
}
}
catch(std::exception&)
{
++ciphertext_rejected;
}
}
result.test_note("Accepted " + std::to_string(ciphertext_accepted) +
" invalid ciphertexts, rejected " + std::to_string(ciphertext_rejected));
}
void ocb_encrypt(Test::Result& result,
std::vector<uint8_t>& output_to,
Botan::OCB_Encryption& enc,
Botan::OCB_Decryption& dec,
const std::vector<uint8_t>& nonce,
const std::vector<uint8_t>& pt,
const std::vector<uint8_t>& ad)
{
enc.set_associated_data(ad.data(), ad.size());
enc.start(nonce.data(), nonce.size());
Botan::secure_vector<uint8_t> buf(pt.begin(), pt.end());
enc.finish(buf, 0);
output_to.insert(output_to.end(), buf.begin(), buf.end());
try
{
dec.set_associated_data(ad.data(), ad.size());
dec.start(nonce.data(), nonce.size());
dec.finish(buf, 0);
result.test_eq("OCB round tripped", buf, pt);
}
catch(std::exception& e)
{
result.test_failure("OCB round trip error", e.what());
}
}
void check_invalid_signatures(Test::Result& result,
Botan::PK_Verifier& verifier,
const std::vector<uint8_t>& message,
const std::vector<uint8_t>& signature)
{
const std::vector<uint8_t> zero_sig(signature.size());
result.test_eq("all zero signature invalid", verifier.verify_message(message, zero_sig), false);
std::vector<uint8_t> bad_sig = signature;
for(size_t i = 0; i <= Test::soak_level(); ++i)
{
while(bad_sig == signature)
bad_sig = Test::mutate_vec(bad_sig, true);
if(!result.test_eq("incorrect signature invalid", verifier.verify_message(message, bad_sig), false))
{
result.test_note("Accepted invalid signature " + Botan::hex_encode(bad_sig));
}
}
}
void test_entry(Test::Result& result,
std::shared_ptr<Botan::SQL_Database> db,
const std::string& table,
const std::string& expected_name,
const std::string& expected_value)
{
auto stmt = db->new_statement("select psk_value from " + table + " where psk_name='" + expected_name + "'");
bool got_it = stmt->step();
result.confirm("Had expected name", got_it);
if(got_it)
{
result.test_eq("Had expected value", stmt->get_str(0), expected_value);
}
}