diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2017-01-08 19:30:41 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2017-01-15 00:23:33 +0000 |
commit | 7f5f35af223f9c1d641f46446f6bbf9d1493a9e6 (patch) | |
tree | ad1997b23e2dcb3df7b67358b2d378e271663316 /test/handshake_helper.c | |
parent | 5071824321e1bbe20b859c1a3609ea5ab09fb3f2 (diff) |
Add options to check certificate types.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2224)
Diffstat (limited to 'test/handshake_helper.c')
-rw-r--r-- | test/handshake_helper.c | 39 |
1 files changed, 30 insertions, 9 deletions
diff --git a/test/handshake_helper.c b/test/handshake_helper.c index 9ffd0bf427..01a30c850f 100644 --- a/test/handshake_helper.c +++ b/test/handshake_helper.c @@ -847,6 +847,32 @@ static char *dup_str(const unsigned char *in, size_t len) return ret; } +static int pkey_type(EVP_PKEY *pkey) +{ + int nid = EVP_PKEY_id(pkey); + +#ifndef OPENSSL_NO_EC + if (nid == EVP_PKEY_EC) { + const EC_KEY *ec = EVP_PKEY_get0_EC_KEY(pkey); + return EC_GROUP_get_curve_name(EC_KEY_get0_group(ec)); + } +#endif + return nid; +} + +static int peer_pkey_type(SSL *s) +{ + X509 *x = SSL_get_peer_certificate(s); + + if (x != NULL) { + int nid = pkey_type(X509_get0_pubkey(x)); + + X509_free(x); + return nid; + } + return NID_undef; +} + /* * Note that |extra| points to the correct client/server configuration * within |test_ctx|. When configuring the handshake, general mode settings @@ -1040,18 +1066,13 @@ static HANDSHAKE_RESULT *do_handshake_internal( *session_out = SSL_get1_session(client.ssl); if (SSL_get_server_tmp_key(client.ssl, &tmp_key)) { - int nid = EVP_PKEY_id(tmp_key); - -#ifndef OPENSSL_NO_EC - if (nid == EVP_PKEY_EC) { - EC_KEY *ec = EVP_PKEY_get0_EC_KEY(tmp_key); - nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec)); - } -#endif + ret->tmp_key_type = pkey_type(tmp_key); EVP_PKEY_free(tmp_key); - ret->tmp_key_type = nid; } + ret->server_cert_type = peer_pkey_type(client.ssl); + ret->client_cert_type = peer_pkey_type(server.ssl); + ctx_data_free_data(&server_ctx_data); ctx_data_free_data(&server2_ctx_data); ctx_data_free_data(&client_ctx_data); |