Commit 190cb11
authored
test(quic): add extended coverage tests for crypto module (#1002)
Adds 88 deterministic, public-API-only unit tests targeting the
lower-coverage branches in src/protocols/quic/crypto.cpp. Covers:
- HKDF extract/expand/expand_label edge cases including empty-salt
and empty-IKM error paths, zero-length expand, and label/context
isolation
- initial_keys::derive for QUIC v1 and v2 salts, version divergence,
empty and max-length DCIDs, and secret propagation into keys
- derive_keys with the is_client_keys flag verified as no-op
- Packet protection AEAD round-trip across many packet numbers,
empty and large payloads, and varying header sizes
- Unprotect failure paths: truncated packet, modified header,
wrong packet number, wrong key, wrong IV, corrupted tag,
corrupted ciphertext
- Header protection mask: short-sample rejection, key/sample
isolation, determinism
- Header protection protect/unprotect round-trip across long and
short headers with packet number lengths 1-4, self-inverse XOR
- quic_crypto public surface: set_keys monotonic level raising,
ALPN wire-format rejection of overlong protocols, 0-RTT ticket
and early-data gates, update_keys pre-handshake rejection, move
semantics preserving keys
- quic_keys / key_pair is_valid, clear, and equality operators
All tests run in under one second total with no real network IO
and no TLS handshake.
Closes #9931 parent df04502 commit 190cb11
2 files changed
Lines changed: 1289 additions & 0 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
4649 | 4649 | | |
4650 | 4650 | | |
4651 | 4651 | | |
| 4652 | + | |
4652 | 4653 | | |
4653 | 4654 | | |
4654 | 4655 | | |
| |||
0 commit comments