diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2017-01-08 19:30:41 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2017-01-15 00:23:33 +0000 |
commit | 7f5f35af223f9c1d641f46446f6bbf9d1493a9e6 (patch) | |
tree | ad1997b23e2dcb3df7b67358b2d378e271663316 /test/ssl_test.c | |
parent | 5071824321e1bbe20b859c1a3609ea5ab09fb3f2 (diff) |
Add options to check certificate types.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2224)
Diffstat (limited to 'test/ssl_test.c')
-rw-r--r-- | test/ssl_test.c | 35 |
1 files changed, 29 insertions, 6 deletions
diff --git a/test/ssl_test.c b/test/ssl_test.c index 61850eb9f6..af92aa13cf 100644 --- a/test/ssl_test.c +++ b/test/ssl_test.c @@ -187,17 +187,38 @@ static int check_resumption(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) return 1; } -static int check_tmp_key(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) +static int check_key_type(const char *name,int expected_key_type, int key_type) { - if (test_ctx->expected_tmp_key_type == 0 - || test_ctx->expected_tmp_key_type == result->tmp_key_type) + if (expected_key_type == 0 || expected_key_type == key_type) return 1; - fprintf(stderr, "Tmp key type mismatch, %s vs %s\n", - OBJ_nid2ln(test_ctx->expected_tmp_key_type), - OBJ_nid2ln(result->tmp_key_type)); + fprintf(stderr, "%s type mismatch, %s vs %s\n", + name, OBJ_nid2ln(expected_key_type), + key_type == NID_undef ? "absent" : OBJ_nid2ln(key_type)); return 0; } +static int check_tmp_key(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) +{ + return check_key_type("Tmp key", test_ctx->expected_tmp_key_type, + result->tmp_key_type); +} + +static int check_server_cert_type(HANDSHAKE_RESULT *result, + SSL_TEST_CTX *test_ctx) +{ + return check_key_type("Server certificate", + test_ctx->expected_server_cert_type, + result->server_cert_type); +} + +static int check_client_cert_type(HANDSHAKE_RESULT *result, + SSL_TEST_CTX *test_ctx) +{ + return check_key_type("Client certificate", + test_ctx->expected_client_cert_type, + result->client_cert_type); +} + /* * This could be further simplified by constructing an expected * HANDSHAKE_RESULT, and implementing comparison methods for @@ -219,6 +240,8 @@ static int check_test(HANDSHAKE_RESULT *result, SSL_TEST_CTX *test_ctx) ret &= check_alpn(result, test_ctx); ret &= check_resumption(result, test_ctx); ret &= check_tmp_key(result, test_ctx); + ret &= check_server_cert_type(result, test_ctx); + ret &= check_client_cert_type(result, test_ctx); } return ret; } |