diff options
| author | Michael Baentsch <info@baentsch.ch> | 2021-01-07 09:09:32 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2021-01-08 17:04:46 +0000 |
| commit | becbacd705170952725571ae4404846b0ecee86a (patch) | |
| tree | f7be4e390ca3736c25c5a5b8c500cce9aeb20615 /test | |
| parent | 22aa4a3afb53984201c84970ec03b251d0117f00 (diff) | |
Adding TLS group name retrieval
Function SSL_group_to_name() added, together with documentation and tests.
This now permits displaying names of internal and external
provider-implemented groups.
Partial fix of #13767
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13785)
Diffstat (limited to 'test')
| -rw-r--r-- | test/sslapitest.c | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/test/sslapitest.c b/test/sslapitest.c index 915387a87c..984c6a8764 100644 --- a/test/sslapitest.c +++ b/test/sslapitest.c @@ -4318,6 +4318,7 @@ static int test_key_exchange(int idx) int *kexch_groups = &kexch_alg; int kexch_groups_size = 1; int max_version = TLS1_3_VERSION; + char *kexch_name0 = NULL; switch (idx) { # ifndef OPENSSL_NO_EC @@ -4329,47 +4330,60 @@ static int test_key_exchange(int idx) case 0: kexch_groups = ecdhe_kexch_groups; kexch_groups_size = OSSL_NELEM(ecdhe_kexch_groups); + kexch_name0 = "secp256r1"; break; case 1: kexch_alg = NID_X9_62_prime256v1; + kexch_name0 = "secp256r1"; break; case 2: kexch_alg = NID_secp384r1; + kexch_name0 = "secp384r1"; break; case 3: kexch_alg = NID_secp521r1; + kexch_name0 = "secp521r1"; break; case 4: kexch_alg = NID_X25519; + kexch_name0 = "x25519"; break; case 5: kexch_alg = NID_X448; + kexch_name0 = "x448"; break; # endif # ifndef OPENSSL_NO_DH # ifndef OPENSSL_NO_TLS1_2 case 13: max_version = TLS1_2_VERSION; + kexch_name0 = "ffdhe2048"; # endif /* Fall through */ case 6: kexch_groups = ffdhe_kexch_groups; kexch_groups_size = OSSL_NELEM(ffdhe_kexch_groups); + kexch_name0 = "ffdhe2048"; break; case 7: kexch_alg = NID_ffdhe2048; + kexch_name0 = "ffdhe2048"; break; case 8: kexch_alg = NID_ffdhe3072; + kexch_name0 = "ffdhe3072"; break; case 9: kexch_alg = NID_ffdhe4096; + kexch_name0 = "ffdhe4096"; break; case 10: kexch_alg = NID_ffdhe6144; + kexch_name0 = "ffdhe6144"; break; case 11: kexch_alg = NID_ffdhe8192; + kexch_name0 = "ffdhe8192"; break; # endif default: @@ -4425,6 +4439,11 @@ static int test_key_exchange(int idx) if (!TEST_int_eq(SSL_get_shared_group(serverssl, 0), idx == 13 ? 0 : kexch_groups[0])) goto end; + + if (!TEST_str_eq(SSL_group_to_name(serverssl, kexch_groups[0]), + kexch_name0)) + goto end; + if (max_version == TLS1_3_VERSION) { if (!TEST_int_eq(SSL_get_negotiated_group(serverssl), kexch_groups[0])) goto end; @@ -8000,6 +8019,10 @@ static int test_pluggable_group(int idx) if (!TEST_true(create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE))) goto end; + if (!TEST_str_eq(group_name, + SSL_group_to_name(serverssl, SSL_get_shared_group(serverssl, 0)))) + goto end; + testresult = 1; end: |