diff options
author | Matt Caswell <matt@openssl.org> | 2016-12-28 15:01:57 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2016-12-29 13:32:54 +0000 |
commit | 397f4f78760480f982adaeed98ccb10bda4d3fbb (patch) | |
tree | e585c2b778e89cf433a41633e04a825e5130c5e4 /test | |
parent | 3b58c54f26b826abd55a513494ef892e7ad069ad (diff) |
Add a test to check the EC point formats extension appears when we expect
The previous commit fixed a bug where the EC point formats extensions did
not appear in the ServerHello. This should have been caught by
70-test_sslmessages but that test never tries an EC ciphersuite. This
updates the test to do that.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2153)
Diffstat (limited to 'test')
-rwxr-xr-x | test/recipes/70-test_sslmessages.t | 32 | ||||
-rw-r--r-- | test/testlib/checkhandshake.pm | 5 |
2 files changed, 31 insertions, 6 deletions
diff --git a/test/recipes/70-test_sslmessages.t b/test/recipes/70-test_sslmessages.t index fb4ec61b49..de8b0bcf2d 100755 --- a/test/recipes/70-test_sslmessages.t +++ b/test/recipes/70-test_sslmessages.t @@ -46,6 +46,9 @@ my $proxy = TLSProxy::Proxy->new( [TLSProxy::Message::MT_CERTIFICATE, checkhandshake::ALL_HANDSHAKES & ~checkhandshake::RESUME_HANDSHAKE], + (disabled("ec") ? () : + [TLSProxy::Message::MT_SERVER_KEY_EXCHANGE, + checkhandshake::EC_HANDSHAKE]), [TLSProxy::Message::MT_CERTIFICATE_STATUS, checkhandshake::OCSP_HANDSHAKE], #ServerKeyExchange handshakes not currently supported by TLSProxy @@ -94,10 +97,14 @@ my $proxy = TLSProxy::Proxy->new( checkhandshake::SERVER_NAME_CLI_EXTENSION], [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST, checkhandshake::STATUS_REQUEST_CLI_EXTENSION], - [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_GROUPS, - checkhandshake::DEFAULT_EXTENSIONS], - [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EC_POINT_FORMATS, - checkhandshake::DEFAULT_EXTENSIONS], + (disabled("ec") ? () : + [TLSProxy::Message::MT_CLIENT_HELLO, + TLSProxy::Message::EXT_SUPPORTED_GROUPS, + checkhandshake::DEFAULT_EXTENSIONS]), + (disabled("ec") ? () : + [TLSProxy::Message::MT_CLIENT_HELLO, + TLSProxy::Message::EXT_EC_POINT_FORMATS, + checkhandshake::DEFAULT_EXTENSIONS]), [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SIG_ALGS, checkhandshake::DEFAULT_EXTENSIONS], [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ALPN, @@ -135,6 +142,8 @@ my $proxy = TLSProxy::Proxy->new( checkhandshake::SCT_SRV_EXTENSION], [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_NPN, checkhandshake::NPN_SRV_EXTENSION], + [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_EC_POINT_FORMATS, + checkhandshake::EC_POINT_FORMAT_SRV_EXTENSION], [0,0,0] ); @@ -143,7 +152,7 @@ my $proxy = TLSProxy::Proxy->new( $proxy->serverconnects(2); $proxy->clientflags("-no_tls1_3 -sess_out ".$session); $proxy->start() or plan skip_all => "Unable to start up Proxy for tests"; -plan tests => 20; +plan tests => 21; checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, checkhandshake::DEFAULT_EXTENSIONS, "Default handshake test"); @@ -358,3 +367,16 @@ checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE, checkhandshake::DEFAULT_EXTENSIONS | checkhandshake::SRP_CLI_EXTENSION, "SRP extension test"); + +#Test 21: EC handshake +SKIP: { + skip "No EC support in this OpenSSL build", 1 if disabled("ec"); + $proxy->clear(); + $proxy->clientflags("-no_tls1_3"); + $proxy->ciphers("ECDHE-RSA-AES128-SHA"); + $proxy->start(); + checkhandshake($proxy, checkhandshake::EC_HANDSHAKE, + checkhandshake::DEFAULT_EXTENSIONS + | checkhandshake::EC_POINT_FORMAT_SRV_EXTENSION, + "EC handshake test"); +} diff --git a/test/testlib/checkhandshake.pm b/test/testlib/checkhandshake.pm index eb34fff622..9529b949bd 100644 --- a/test/testlib/checkhandshake.pm +++ b/test/testlib/checkhandshake.pm @@ -23,8 +23,9 @@ use constant { CLIENT_AUTH_HANDSHAKE => 8, RENEG_HANDSHAKE => 16, NPN_HANDSHAKE => 32, + EC_HANDSHAKE => 64, - ALL_HANDSHAKES => 63 + ALL_HANDSHAKES => 127 }; use constant { @@ -43,6 +44,8 @@ use constant { NPN_CLI_EXTENSION => 0x00000800, NPN_SRV_EXTENSION => 0x00001000, SRP_CLI_EXTENSION => 0x00002000, + #Client side for ec point formats is a default extension + EC_POINT_FORMAT_SRV_EXTENSION => 0x00004000, }; our @handmessages = (); |