diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2020-01-30 17:10:05 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2020-01-30 17:10:05 +0000 |
| commit | e84d42a6cdc3a380aa88501c2ffc0e47898141cb (patch) | |
| tree | 48d7cc1e3c30d1d698c6b870d794eb5595b4ad8a /regress | |
| parent | 7a5ff4c962e7b906c57fe3a1a59128ab1a3ceec4 (diff) | |
Revise for TLSv1.3 key share changes.
Diffstat (limited to 'regress')
| -rw-r--r-- | regress/lib/libssl/tlsext/tlsexttest.c | 35 |
1 files changed, 27 insertions, 8 deletions
diff --git a/regress/lib/libssl/tlsext/tlsexttest.c b/regress/lib/libssl/tlsext/tlsexttest.c index 47766faf3b8..1cc6e45c7ef 100644 --- a/regress/lib/libssl/tlsext/tlsexttest.c +++ b/regress/lib/libssl/tlsext/tlsexttest.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tlsexttest.c,v 1.31 2020/01/26 03:24:36 beck Exp $ */ +/* $OpenBSD: tlsexttest.c,v 1.32 2020/01/30 17:10:04 jsing Exp $ */ /* * Copyright (c) 2017 Joel Sing <jsing@openbsd.org> * Copyright (c) 2017 Doug Hogan <doug@openbsd.org> @@ -3126,6 +3126,12 @@ test_tlsext_keyshare_client(void) if ((ssl = SSL_new(ssl_ctx)) == NULL) errx(1, "failed to create SSL"); + if ((S3I(ssl)->hs_tls13.key_share = + tls13_key_share_new(NID_X25519)) == NULL) + errx(1, "failed to create key share"); + if (!tls13_key_share_generate(S3I(ssl)->hs_tls13.key_share)) + errx(1, "failed to generate key share"); + S3I(ssl)->hs_tls13.max_version = 0; if (tlsext_keyshare_client_needs(ssl)) { @@ -3205,10 +3211,11 @@ test_tlsext_keyshare_server(void) CBB cbb; CBS cbs; uint8_t bogokey[] = { + 0x00, 0x20, 0xe5, 0xe8, 0x5a, 0xb9, 0x7e, 0x12, 0x62, 0xe3, 0xd8, 0x7f, 0x6e, 0x3c, 0xec, 0xa6, 0x8b, 0x99, 0x45, 0x77, 0x8e, 0x11, 0xb3, 0xb9, 0x12, 0xb6, - 0xbe, 0x35, 0xca, 0x51, 0x76, 0x1e, 0xe8, 0x22 + 0xbe, 0x35, 0xca, 0x51, 0x76, 0x1e, 0xe8, 0x22, }; CBB_init(&cbb, 0); @@ -3239,8 +3246,11 @@ test_tlsext_keyshare_server(void) goto done; } - if (tls_extension_find(TLSEXT_TYPE_key_share, &idx) == NULL) - FAIL("Can't find keyshare extension"); + if (tls_extension_find(TLSEXT_TYPE_key_share, &idx) == NULL) { + FAIL("failed to find keyshare extension"); + failure = 1; + goto done; + } S3I(ssl)->hs.extensions_seen |= (1 << idx); if (!tlsext_keyshare_server_needs(ssl)) { @@ -3255,10 +3265,19 @@ test_tlsext_keyshare_server(void) goto done; } - if ((S3I(ssl)->hs_tls13.x25519_peer_public = - malloc(sizeof(bogokey))) == NULL) - errx(1, "malloc failed"); - memcpy(S3I(ssl)->hs_tls13.x25519_peer_public, bogokey, sizeof(bogokey)); + if ((S3I(ssl)->hs_tls13.key_share = + tls13_key_share_new(NID_X25519)) == NULL) + errx(1, "failed to create key share"); + if (!tls13_key_share_generate(S3I(ssl)->hs_tls13.key_share)) + errx(1, "failed to generate key share"); + + CBS_init(&cbs, bogokey, sizeof(bogokey)); + if (!tls13_key_share_peer_public(S3I(ssl)->hs_tls13.key_share, + 0x001d, &cbs)) { + FAIL("failed to load peer public key"); + failure = 1; + goto done; + } if (!tlsext_keyshare_server_build(ssl, &cbb)) { FAIL("server should be able to build a keyshare response"); |