diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2019-11-02 13:56:18 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2019-11-02 13:56:18 +0000 |
| commit | 65cf0ef9a143b061517642be123803a66fb5ded1 (patch) | |
| tree | c5f5dbb55621113fb9b54646c7b92d54334e37d5 | |
| parent | fafa3025587f472049479fcef0760ebf66ddc80d (diff) | |
Add tls_conn_cipher_strength() to gotls regress.
| -rw-r--r-- | regress/lib/libtls/gotls/tls.go | 10 | ||||
| -rw-r--r-- | regress/lib/libtls/gotls/tls_test.go | 12 |
2 files changed, 20 insertions, 2 deletions
diff --git a/regress/lib/libtls/gotls/tls.go b/regress/lib/libtls/gotls/tls.go index be75e71f4fb..dbd3b717b06 100644 --- a/regress/lib/libtls/gotls/tls.go +++ b/regress/lib/libtls/gotls/tls.go @@ -256,6 +256,16 @@ func (t *TLS) ConnCipher() (string, error) { return C.GoString(cipher), nil } +// ConnCipherStrength returns the strength in bits for the symmetric +// cipher that is used for the connection. +func (t *TLS) ConnCipherStrength() (int, error) { + strength := C.tls_conn_cipher_strength(t.ctx) + if strength == 0 { + return 0, errors.New("no connection cipher strength") + } + return int(strength), nil +} + // Connect attempts to establish an TLS connection to the specified host on // the given port. The host may optionally contain a colon separated port // value if the port string is specified as an empty string. diff --git a/regress/lib/libtls/gotls/tls_test.go b/regress/lib/libtls/gotls/tls_test.go index 077dd86e82c..1a9f62eff8f 100644 --- a/regress/lib/libtls/gotls/tls_test.go +++ b/regress/lib/libtls/gotls/tls_test.go @@ -336,6 +336,9 @@ func TestTLSInfo(t *testing.T) { if _, err := tls.ConnCipher(); err == nil { t.Error("ConnCipher() return nil error, want error") } + if _, err := tls.ConnCipherStrength(); err == nil { + t.Error("ConnCipherStrength() return nil error, want error") + } if got, want := tls.PeerCertProvided(), false; got != want { t.Errorf("PeerCertProvided() = %v, want %v", got, want) @@ -368,15 +371,20 @@ func TestTLSInfo(t *testing.T) { } if version, err := tls.ConnVersion(); err != nil { - t.Errorf("ConnVersion() return error: %v", err) + t.Errorf("ConnVersion() returned error: %v", err) } else { t.Logf("Protocol version: %v", version) } if cipher, err := tls.ConnCipher(); err != nil { - t.Errorf("ConnCipher() return error: %v", err) + t.Errorf("ConnCipher() returned error: %v", err) } else { t.Logf("Cipher: %v", cipher) } + if strength, err := tls.ConnCipherStrength(); err != nil { + t.Errorf("ConnCipherStrength() return ederror: %v", err) + } else { + t.Logf("Cipher Strength: %v bits", strength) + } if got, want := tls.PeerCertProvided(), true; got != want { t.Errorf("PeerCertProvided() = %v, want %v", got, want) |