From b93ad05dba3e3d2ceb79799a883ae43d42ba16e2 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Sun, 8 Jan 2017 00:09:08 +0000
Subject: Add new ssl_test option.

Add option ExpectedTmpKeyType to test the temporary key the server
sends is of the correct type.

Reviewed-by: Kurt Roeckx <kurt@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2191)
---
 test/handshake_helper.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

(limited to 'test/handshake_helper.c')

diff --git a/test/handshake_helper.c b/test/handshake_helper.c
index 24ea26f2c9..bf647f1690 100644
--- a/test/handshake_helper.c
+++ b/test/handshake_helper.c
@@ -879,6 +879,7 @@ static HANDSHAKE_RESULT *do_handshake_internal(
     const unsigned char *proto = NULL;
     /* API dictates unsigned int rather than size_t. */
     unsigned int proto_len = 0;
+    EVP_PKEY *tmp_key;
 
     memset(&server_ctx_data, 0, sizeof(server_ctx_data));
     memset(&server2_ctx_data, 0, sizeof(server2_ctx_data));
@@ -1038,6 +1039,19 @@ static HANDSHAKE_RESULT *do_handshake_internal(
     if (session_out != NULL)
         *session_out = SSL_get1_session(client.ssl);
 
+    if (SSL_get_server_tmp_key(client.ssl, &tmp_key)) {
+        int nid = EVP_PKEY_id(tmp_key);
+
+#ifndef OPENSSL_NO_EC
+        if (nid == EVP_PKEY_EC) {
+            EC_KEY *ec = EVP_PKEY_get0_EC_KEY(tmp_key);
+            nid = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
+        }
+#endif
+        EVP_PKEY_free(tmp_key);
+        ret->tmp_key_type = nid;
+    }
+
     ctx_data_free_data(&server_ctx_data);
     ctx_data_free_data(&server2_ctx_data);
     ctx_data_free_data(&client_ctx_data);
-- 
cgit v1.2.3