Grcov report - dtls_pki_client_server

1

// SPDX-License-Identifier: BSD-2-Clause

2

/*

3

 * Copyright © The libcoap-rs Contributors, all rights reserved.

4

 * This file is part of the libcoap-rs project, see the README file for

5

 * general information on this project and the NOTICE.md and LICENSE files

6

 * for information regarding copyright ownership and terms of use.

7

8

 * tests/dtls_rpk_client_server_test.rs - Tests for DTLS PKI clients+servers.

9

*/

10

11

#![cfg(feature = "dtls-pki")]

12

13

use std::path::PathBuf;

14

15

use libcoap_rs::crypto::pki_rpk::{

16

    Asn1PrivateKeyType, DerFileKeyComponent, NonCertVerifying, Pki, PkiKeyDef, PkiRpkContextBuilder,

17

};

18

19

use crate::common::dtls::dtls_client_server_request_common;

20

21

mod common;

22

23

#[test]

24

2

pub fn dtls_pki_pem_file_client_server_request() {

25

2

    let manifest_dir = PathBuf::from(env!("CARGO_MANIFEST_DIR"));

26

2

    let key_storage = manifest_dir.join("./resources/test-keys");

27

2

    let client_key = PkiKeyDef::with_pem_files(

28

2

        Some(key_storage.join("./ca/ca.crt.pem")),

29

2

        key_storage.join("./client/client.crt.pem"),

30

2

        key_storage.join("./client/client.key.pem"),

31

);

32

2

    let server_key = PkiKeyDef::with_pem_files(

33

2

        Some(key_storage.join("./ca/ca.crt.pem")),

34

2

        key_storage.join("./server/server.crt.pem"),

35

2

        key_storage.join("./server/server.key.pem"),

36

);

37

38

4

    let ctx_configurator = |ctx: PkiRpkContextBuilder<'static, Pki, NonCertVerifying>| {

39

4

        ctx.verify_peer_cert().check_common_ca(true).build()

40

4

};

41

2

    dtls_client_server_request_common(client_key, server_key, ctx_configurator, ctx_configurator)

42

2

43

44

#[test]

45

2

pub fn dtls_pki_pem_memory_client_server_request() {

46

    const PEM_CA_CERT: &str = include_str!("../resources/test-keys/ca/ca.crt.pem");

47

    const PEM_CLIENT_PUBLIC_CERT: &str = include_str!("../resources/test-keys/client/client.crt.pem");

48

    const PEM_SERVER_PUBLIC_CERT: &str = include_str!("../resources/test-keys/server/server.crt.pem");

49

    const PEM_CLIENT_PRIVATE_KEY: &str = include_str!("../resources/test-keys/client/client.key.pem");

50

    const PEM_SERVER_PRIVATE_KEY: &str = include_str!("../resources/test-keys/server/server.key.pem");

51

2

    let client_key = PkiKeyDef::with_pem_memory(

52

2

        Some(Vec::from(PEM_CA_CERT)),

53

2

        Vec::from(PEM_CLIENT_PUBLIC_CERT),

54

2

        Vec::from(PEM_CLIENT_PRIVATE_KEY),

55

);

56

2

    let server_key = PkiKeyDef::with_pem_memory(

57

2

        Some(Vec::from(PEM_CA_CERT)),

58

2

        Vec::from(PEM_SERVER_PUBLIC_CERT),

59

2

        Vec::from(PEM_SERVER_PRIVATE_KEY),

60

);

61

62

4

    let ctx_configurator = |ctx: PkiRpkContextBuilder<'static, Pki, NonCertVerifying>| {

63

4

        ctx.verify_peer_cert().check_common_ca(true).build()

64

4

};

65

2

    dtls_client_server_request_common(client_key, server_key, ctx_configurator, ctx_configurator)

66

2

67

68

#[test]

69

2

pub fn dtls_pki_asn1_file_client_server_request() {

70

2

    let manifest_dir = PathBuf::from(env!("CARGO_MANIFEST_DIR"));

71

2

    let key_storage = manifest_dir.join("./resources/test-keys");

72

2

    let client_key = PkiKeyDef::with_asn1_files(

73

2

        None::<DerFileKeyComponent>,

74

2

        key_storage.join("./client/client.crt.der"),

75

2

        key_storage.join("./client/client.key.der"),

76

2

        Asn1PrivateKeyType::Ec,

77

);

78

2

    let server_key = PkiKeyDef::with_asn1_files(

79

        // For some inexplicable reason, setting the CA cert fails _only_ with ASN1 files using the

80

        // OpenSSL library.

81

        // I'm pretty sure this is a libcoap issue, so we'll not set the CA cert there for now.

82

        #[cfg(not(dtls_backend = "openssl"))]

83

1

        Some(key_storage.join("./ca/ca.crt.der")),

84

        #[cfg(dtls_backend = "openssl")]

85

1

        None::<DerFileKeyComponent>,

86

2

        key_storage.join("./server/server.crt.der"),

87

2

        key_storage.join("./server/server.key.der"),

88

2

        Asn1PrivateKeyType::Ec,

89

);

90

91

4

    let ctx_configurator = |ctx: PkiRpkContextBuilder<'static, Pki, NonCertVerifying>| {

92

4

        ctx.verify_peer_cert().check_common_ca(true).build()

93

4

};

94

2

    dtls_client_server_request_common(client_key, server_key, ctx_configurator, ctx_configurator)

95

2

96

97

#[test]

98

// GnuTLS does not like DER-encoded EC keys from memory (for some reason. Loading them from files as

99

// done in the test above works fine).

100

#[cfg_attr(dtls_backend = "gnutls", ignore)]

101

1

pub fn dtls_pki_asn1_memory_client_server_request() {

102

    const DER_CA_CERT: &[u8] = include_bytes!("../resources/test-keys/ca/ca.crt.der");

103

    const DER_CLIENT_PUBLIC_CERT: &[u8] = include_bytes!("../resources/test-keys/client/client.crt.der");

104

    const DER_SERVER_PUBLIC_CERT: &[u8] = include_bytes!("../resources/test-keys/server/server.crt.der");

105

    const DER_CLIENT_PRIVATE_KEY: &[u8] = include_bytes!("../resources/test-keys/client/client.key.der");

106

    const DER_SERVER_PRIVATE_KEY: &[u8] = include_bytes!("../resources/test-keys/server/server.key.der");

107

1

    let client_key = PkiKeyDef::with_asn1_memory(

108

1

        Some(Vec::from(DER_CA_CERT)),

109

1

        Vec::from(DER_CLIENT_PUBLIC_CERT),

110

1

        Vec::from(DER_CLIENT_PRIVATE_KEY),

111

1

        Asn1PrivateKeyType::Ec,

112

);

113

1

    let server_key = PkiKeyDef::with_asn1_memory(

114

1

        Some(Vec::from(DER_CA_CERT)),

115

1

        Vec::from(DER_SERVER_PUBLIC_CERT),

116

1

        Vec::from(DER_SERVER_PRIVATE_KEY),

117

1

        Asn1PrivateKeyType::Ec,

118

);

119

120

2

    let ctx_configurator = |ctx: PkiRpkContextBuilder<'static, Pki, NonCertVerifying>| {

121

2

        ctx.verify_peer_cert().check_common_ca(true).build()

122

2

};

123

1

    dtls_client_server_request_common(client_key, server_key, ctx_configurator, ctx_configurator)

124

1