Skip to content

Commit

Permalink
test: add and fix tests
Browse files Browse the repository at this point in the history
- add server mix version tests
- add test_import_pkcs8_encrypted_rsa_key
- fix ssl_conf_ca_cb.rs
- add bench test for pbkdf2_hmac
  • Loading branch information
Taowyoo committed Jun 26, 2023
1 parent 320e9f1 commit 78090be
Show file tree
Hide file tree
Showing 6 changed files with 104 additions and 0 deletions.
7 changes: 7 additions & 0 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

5 changes: 5 additions & 0 deletions mbedtls/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,7 @@ pin-project-lite = "0.2"
rstest = "0.17.0"
rstest_reuse = "0.5.0"
env_logger = "0.10"
bencher = "0.1.5"

[build-dependencies]
cc = "1.0"
Expand Down Expand Up @@ -111,3 +112,7 @@ required-features = ["std"]
name = "async_session"
path = "tests/async_session.rs"
required-features = ["async-rt"]

[[bench]]
name = "bench"
harness = false
42 changes: 42 additions & 0 deletions mbedtls/benches/bench.rs
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
/* Copyright (c) Fortanix, Inc.
*
* Licensed under the GNU General Public License, version 2 <LICENSE-GPL or
* https://www.gnu.org/licenses/gpl-2.0.html> or the Apache License, Version
* 2.0 <LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0>, at your
* option. This file may not be copied, modified, or distributed except
* according to those terms. */

#[macro_use]
extern crate bencher;

use bencher::{black_box, Bencher};

const PBKDF2_NUM_ITERATIONS: u32 = 100000;
const PBKDF2_SALT_LEN: usize = 32;
const PBKDF2_KEY_LEN: usize = 32;

use mbedtls::hash;

fn bench_pbkdf2_hmac(b: &mut Bencher) {
let password = "password".as_bytes();
let salt = vec![123u8; PBKDF2_SALT_LEN];

let mut key_val: Vec<u8> = vec![0; PBKDF2_KEY_LEN];

b.iter(|| {
// Inner closure, the actual test
black_box(
hash::pbkdf2_hmac(
hash::Type::Sha512,
password,
&salt,
PBKDF2_NUM_ITERATIONS,
key_val.as_mut_slice(),
)
.unwrap(),
);
});
}

benchmark_group!(benches, bench_pbkdf2_hmac);
benchmark_main!(benches);
21 changes: 21 additions & 0 deletions mbedtls/tests/async_session.rs
Original file line number Diff line number Diff line change
Expand Up @@ -255,6 +255,27 @@ mod test {
Version::Tls13,
Some(Version::Tls13)
))]
#[case::client1_2_server_mix(TestConfig::new(
Version::Tls12,
Version::Tls12,
Version::Tls12,
Version::Tls13,
Some(Version::Tls12)
))]
#[case::client1_3_server_mix(TestConfig::new(
Version::Tls13,
Version::Tls13,
Version::Tls12,
Version::Tls13,
Some(Version::Tls13)
))]
#[case::client_mix_server_mix(TestConfig::new(
Version::Tls12,
Version::Tls13,
Version::Tls12,
Version::Tls13,
Some(Version::Tls13)
))]
#[tokio::test]
async fn async_session_client_server_tls13_test(#[case] config: TestConfig) {
run_async_session_client_server_test(config).await;
Expand Down
21 changes: 21 additions & 0 deletions mbedtls/tests/client_server.rs
Original file line number Diff line number Diff line change
Expand Up @@ -378,6 +378,27 @@ mod test {
Version::Tls13,
Some(Version::Tls13)
))]
#[case::client1_2_server_mix(TestConfig::new(
Version::Tls12,
Version::Tls12,
Version::Tls12,
Version::Tls13,
Some(Version::Tls12)
))]
#[case::client1_3_server_mix(TestConfig::new(
Version::Tls13,
Version::Tls13,
Version::Tls12,
Version::Tls13,
Some(Version::Tls13)
))]
#[case::client_mix_server_mix(TestConfig::new(
Version::Tls12,
Version::Tls13,
Version::Tls12,
Version::Tls13,
Some(Version::Tls13)
))]
fn client_server_tls13_test(
#[case] config: TestConfig,
#[values(false, true)] use_psk: bool,
Expand Down
8 changes: 8 additions & 0 deletions mbedtls/tests/ssl_conf_ca_cb.rs
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,10 @@ where
let mut config = Config::new(Endpoint::Client, Transport::Stream, Preset::Default);
config.set_rng(rng);
config.set_ca_callback(ca_callback);
// The certificates in this test now only support TLS 1.2
// TODO: update tests to cover TLS 1.3
config.set_min_version(mbedtls::ssl::Version::Tls12)?;
config.set_max_version(mbedtls::ssl::Version::Tls12)?;
let mut ctx = Context::new(Arc::new(config));
ctx.establish(conn, None).map(|_| ())
}
Expand All @@ -47,6 +51,10 @@ fn server(conn: TcpStream, cert: &[u8], key: &[u8]) -> TlsResult<()> {
let mut config = Config::new(Endpoint::Server, Transport::Stream, Preset::Default);
config.set_rng(rng);
config.push_cert(cert, key)?;
// The certificates in this test now only support TLS 1.2
// TODO: update tests to cover TLS 1.3
config.set_min_version(mbedtls::ssl::Version::Tls12)?;
config.set_max_version(mbedtls::ssl::Version::Tls12)?;
let mut ctx = Context::new(Arc::new(config));

let _ = ctx.establish(conn, None);
Expand Down

0 comments on commit 78090be

Please sign in to comment.