diff options
| author | jsing <> | 2020-01-30 17:10:04 +0000 |
|---|---|---|
| committer | jsing <> | 2020-01-30 17:10:04 +0000 |
| commit | 24bfdec58b7ef34d27dd08e7e09e3bfa4385bada (patch) | |
| tree | d56347d4ac2d27895eb3550836dd370fa14aa970 | |
| parent | f0f131814afdbc818e8b7b88541fca62af421a5d (diff) | |
| download | openbsd-24bfdec58b7ef34d27dd08e7e09e3bfa4385bada.tar.gz openbsd-24bfdec58b7ef34d27dd08e7e09e3bfa4385bada.tar.bz2 openbsd-24bfdec58b7ef34d27dd08e7e09e3bfa4385bada.zip | |
Revise for TLSv1.3 key share changes.
| -rw-r--r-- | src/regress/lib/libssl/tlsext/tlsexttest.c | 35 |
1 files changed, 27 insertions, 8 deletions
diff --git a/src/regress/lib/libssl/tlsext/tlsexttest.c b/src/regress/lib/libssl/tlsext/tlsexttest.c index 47766faf3b..1cc6e45c7e 100644 --- a/src/regress/lib/libssl/tlsext/tlsexttest.c +++ b/src/regress/lib/libssl/tlsext/tlsexttest.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tlsexttest.c,v 1.31 2020/01/26 03:24:36 beck Exp $ */ | 1 | /* $OpenBSD: tlsexttest.c,v 1.32 2020/01/30 17:10:04 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2017 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2017 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> | 4 | * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> |
| @@ -3126,6 +3126,12 @@ test_tlsext_keyshare_client(void) | |||
| 3126 | if ((ssl = SSL_new(ssl_ctx)) == NULL) | 3126 | if ((ssl = SSL_new(ssl_ctx)) == NULL) |
| 3127 | errx(1, "failed to create SSL"); | 3127 | errx(1, "failed to create SSL"); |
| 3128 | 3128 | ||
| 3129 | if ((S3I(ssl)->hs_tls13.key_share = | ||
| 3130 | tls13_key_share_new(NID_X25519)) == NULL) | ||
| 3131 | errx(1, "failed to create key share"); | ||
| 3132 | if (!tls13_key_share_generate(S3I(ssl)->hs_tls13.key_share)) | ||
| 3133 | errx(1, "failed to generate key share"); | ||
| 3134 | |||
| 3129 | S3I(ssl)->hs_tls13.max_version = 0; | 3135 | S3I(ssl)->hs_tls13.max_version = 0; |
| 3130 | 3136 | ||
| 3131 | if (tlsext_keyshare_client_needs(ssl)) { | 3137 | if (tlsext_keyshare_client_needs(ssl)) { |
| @@ -3205,10 +3211,11 @@ test_tlsext_keyshare_server(void) | |||
| 3205 | CBB cbb; | 3211 | CBB cbb; |
| 3206 | CBS cbs; | 3212 | CBS cbs; |
| 3207 | uint8_t bogokey[] = { | 3213 | uint8_t bogokey[] = { |
| 3214 | 0x00, 0x20, | ||
| 3208 | 0xe5, 0xe8, 0x5a, 0xb9, 0x7e, 0x12, 0x62, 0xe3, | 3215 | 0xe5, 0xe8, 0x5a, 0xb9, 0x7e, 0x12, 0x62, 0xe3, |
| 3209 | 0xd8, 0x7f, 0x6e, 0x3c, 0xec, 0xa6, 0x8b, 0x99, | 3216 | 0xd8, 0x7f, 0x6e, 0x3c, 0xec, 0xa6, 0x8b, 0x99, |
| 3210 | 0x45, 0x77, 0x8e, 0x11, 0xb3, 0xb9, 0x12, 0xb6, | 3217 | 0x45, 0x77, 0x8e, 0x11, 0xb3, 0xb9, 0x12, 0xb6, |
| 3211 | 0xbe, 0x35, 0xca, 0x51, 0x76, 0x1e, 0xe8, 0x22 | 3218 | 0xbe, 0x35, 0xca, 0x51, 0x76, 0x1e, 0xe8, 0x22, |
| 3212 | }; | 3219 | }; |
| 3213 | 3220 | ||
| 3214 | CBB_init(&cbb, 0); | 3221 | CBB_init(&cbb, 0); |
| @@ -3239,8 +3246,11 @@ test_tlsext_keyshare_server(void) | |||
| 3239 | goto done; | 3246 | goto done; |
| 3240 | } | 3247 | } |
| 3241 | 3248 | ||
| 3242 | if (tls_extension_find(TLSEXT_TYPE_key_share, &idx) == NULL) | 3249 | if (tls_extension_find(TLSEXT_TYPE_key_share, &idx) == NULL) { |
| 3243 | FAIL("Can't find keyshare extension"); | 3250 | FAIL("failed to find keyshare extension"); |
| 3251 | failure = 1; | ||
| 3252 | goto done; | ||
| 3253 | } | ||
| 3244 | S3I(ssl)->hs.extensions_seen |= (1 << idx); | 3254 | S3I(ssl)->hs.extensions_seen |= (1 << idx); |
| 3245 | 3255 | ||
| 3246 | if (!tlsext_keyshare_server_needs(ssl)) { | 3256 | if (!tlsext_keyshare_server_needs(ssl)) { |
| @@ -3255,10 +3265,19 @@ test_tlsext_keyshare_server(void) | |||
| 3255 | goto done; | 3265 | goto done; |
| 3256 | } | 3266 | } |
| 3257 | 3267 | ||
| 3258 | if ((S3I(ssl)->hs_tls13.x25519_peer_public = | 3268 | if ((S3I(ssl)->hs_tls13.key_share = |
| 3259 | malloc(sizeof(bogokey))) == NULL) | 3269 | tls13_key_share_new(NID_X25519)) == NULL) |
| 3260 | errx(1, "malloc failed"); | 3270 | errx(1, "failed to create key share"); |
| 3261 | memcpy(S3I(ssl)->hs_tls13.x25519_peer_public, bogokey, sizeof(bogokey)); | 3271 | if (!tls13_key_share_generate(S3I(ssl)->hs_tls13.key_share)) |
| 3272 | errx(1, "failed to generate key share"); | ||
| 3273 | |||
| 3274 | CBS_init(&cbs, bogokey, sizeof(bogokey)); | ||
| 3275 | if (!tls13_key_share_peer_public(S3I(ssl)->hs_tls13.key_share, | ||
| 3276 | 0x001d, &cbs)) { | ||
| 3277 | FAIL("failed to load peer public key"); | ||
| 3278 | failure = 1; | ||
| 3279 | goto done; | ||
| 3280 | } | ||
| 3262 | 3281 | ||
| 3263 | if (!tlsext_keyshare_server_build(ssl, &cbb)) { | 3282 | if (!tlsext_keyshare_server_build(ssl, &cbb)) { |
| 3264 | FAIL("server should be able to build a keyshare response"); | 3283 | FAIL("server should be able to build a keyshare response"); |