Add tls_conn_cipher_strength() to gotls regress.

author: jsing <> 2019-11-02 13:56:17 +0000
committer: jsing <> 2019-11-02 13:56:17 +0000
commit: d92505c71f123a8d3b82dbac2cde08b9de1d02e8 (patch)
tree: e0597fc1fb4e5b269c4843efb8152e6e601a5eaa /src
parent: fe3c9dd220ea0b44c7bdd7e323437b1a60e827d7 (diff)
download: openbsd-d92505c71f123a8d3b82dbac2cde08b9de1d02e8.tar.gz
openbsd-d92505c71f123a8d3b82dbac2cde08b9de1d02e8.tar.bz2
openbsd-d92505c71f123a8d3b82dbac2cde08b9de1d02e8.zip
2 files changed, 20 insertions, 2 deletions
diff --git a/src/regress/lib/libtls/gotls/tls.go b/src/regress/lib/libtls/gotls/tls.go
index be75e71f4f..dbd3b717b0 100644
--- a/src/regress/lib/libtls/gotls/tls.go
+++ b/src/regress/lib/libtls/gotls/tls.go
@@ -256,6 +256,16 @@ func (t *TLS) ConnCipher() (string, error) {
        return C.GoString(cipher), nil
 }
+// ConnCipherStrength returns the strength in bits for the symmetric
+// cipher that is used for the connection.
+func (t *TLS) ConnCipherStrength() (int, error) {
+        strength := C.tls_conn_cipher_strength(t.ctx)
+        if strength == 0 {
+                return 0, errors.New("no connection cipher strength")
+        }
+        return int(strength), nil
+}
 // Connect attempts to establish an TLS connection to the specified host on
 // the given port. The host may optionally contain a colon separated port
 // value if the port string is specified as an empty string.
diff --git a/src/regress/lib/libtls/gotls/tls_test.go b/src/regress/lib/libtls/gotls/tls_test.go
index 077dd86e82..1a9f62eff8 100644
--- a/src/regress/lib/libtls/gotls/tls_test.go
+++ b/src/regress/lib/libtls/gotls/tls_test.go
@@ -336,6 +336,9 @@ func TestTLSInfo(t *testing.T) {
        if _, err := tls.ConnCipher(); err == nil {
                t.Error("ConnCipher() return nil error, want error")
        }
+        if _, err := tls.ConnCipherStrength(); err == nil {
+                t.Error("ConnCipherStrength() return nil error, want error")
+        }
        if got, want := tls.PeerCertProvided(), false; got != want {
                t.Errorf("PeerCertProvided() = %v, want %v", got, want)
@@ -368,15 +371,20 @@ func TestTLSInfo(t *testing.T) {
        }
        if version, err := tls.ConnVersion(); err != nil {
-                t.Errorf("ConnVersion() return error: %v", err)
+                t.Errorf("ConnVersion() returned error: %v", err)
        } else {
                t.Logf("Protocol version: %v", version)
        }
        if cipher, err := tls.ConnCipher(); err != nil {
-                t.Errorf("ConnCipher() return error: %v", err)
+                t.Errorf("ConnCipher() returned error: %v", err)
        } else {
                t.Logf("Cipher: %v", cipher)
        }
+        if strength, err := tls.ConnCipherStrength(); err != nil {
+                t.Errorf("ConnCipherStrength() return ederror: %v", err)
+        } else {
+                t.Logf("Cipher Strength: %v bits", strength)
+        }
        if got, want := tls.PeerCertProvided(), true; got != want {
                t.Errorf("PeerCertProvided() = %v, want %v", got, want)
author	jsing <>	2019-11-02 13:56:17 +0000
committer	jsing <>	2019-11-02 13:56:17 +0000
commit	d92505c71f123a8d3b82dbac2cde08b9de1d02e8 (patch)
tree	e0597fc1fb4e5b269c4843efb8152e6e601a5eaa /src
parent	fe3c9dd220ea0b44c7bdd7e323437b1a60e827d7 (diff)
download	openbsd-d92505c71f123a8d3b82dbac2cde08b9de1d02e8.tar.gz openbsd-d92505c71f123a8d3b82dbac2cde08b9de1d02e8.tar.bz2 openbsd-d92505c71f123a8d3b82dbac2cde08b9de1d02e8.zip