diff options
author | Matt Caswell <matt@openssl.org> | 2017-02-15 09:25:52 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2017-02-17 10:28:01 +0000 |
commit | 9b92f161708e31de87cf8df0d58e3f99bd7d1724 (patch) | |
tree | 4439bb9f660184cef9a8d1a2530a8e5fb51e296b /test/handshake_helper.c | |
parent | 398206375688f053774ab0622a59db69fb2e2b99 (diff) | |
download | openssl-9b92f161708e31de87cf8df0d58e3f99bd7d1724.zip openssl-9b92f161708e31de87cf8df0d58e3f99bd7d1724.tar.gz openssl-9b92f161708e31de87cf8df0d58e3f99bd7d1724.tar.bz2 |
Add some KeyUpdate tests
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2609)
Diffstat (limited to 'test/handshake_helper.c')
-rw-r--r-- | test/handshake_helper.c | 44 |
1 files changed, 41 insertions, 3 deletions
diff --git a/test/handshake_helper.c b/test/handshake_helper.c index 2b869a4..c82581c 100644 --- a/test/handshake_helper.c +++ b/test/handshake_helper.c @@ -590,7 +590,14 @@ static void do_reneg_setup_step(const SSL_TEST_CTX *test_ctx, PEER *peer) TEST_check(peer->status == PEER_RETRY); TEST_check(test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RENEG_SERVER - || test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RENEG_CLIENT); + || test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RENEG_CLIENT + || test_ctx->handshake_mode + == SSL_TEST_HANDSHAKE_KEY_UPDATE_SERVER + || test_ctx->handshake_mode + == SSL_TEST_HANDSHAKE_KEY_UPDATE_CLIENT); + + /* Reset the count of the amount of app data we need to read/write */ + peer->bytes_to_write = peer->bytes_to_read = test_ctx->app_data_size; /* Check if we are the peer that is going to initiate */ if ((test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RENEG_SERVER @@ -642,6 +649,29 @@ static void do_reneg_setup_step(const SSL_TEST_CTX *test_ctx, PEER *peer) peer->status = PEER_RETRY; return; } + } else if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_KEY_UPDATE_SERVER + || test_ctx->handshake_mode + == SSL_TEST_HANDSHAKE_KEY_UPDATE_CLIENT) { + if (SSL_is_server(peer->ssl) + != (test_ctx->handshake_mode + == SSL_TEST_HANDSHAKE_KEY_UPDATE_SERVER)) { + peer->status = PEER_SUCCESS; + return; + } + + ret = SSL_key_update(peer->ssl, test_ctx->key_update_type); + if (!ret) { + peer->status = PEER_ERROR; + return; + } + do_handshake_step(peer); + /* + * This is a one step handshake. We shouldn't get anything other than + * PEER_SUCCESS + */ + if (peer->status != PEER_SUCCESS) + peer->status = PEER_ERROR; + return; } /* @@ -663,7 +693,7 @@ static void do_reneg_setup_step(const SSL_TEST_CTX *test_ctx, PEER *peer) peer->status = PEER_ERROR; return; } - /* If we're no in init yet then we're not done with setup yet */ + /* If we're not in init yet then we're not done with setup yet */ if (!SSL_in_init(peer->ssl)) return; } @@ -720,12 +750,20 @@ static connect_phase_t next_phase(const SSL_TEST_CTX *test_ctx, switch (phase) { case HANDSHAKE: if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RENEG_SERVER - || test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RENEG_CLIENT) + || test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RENEG_CLIENT + || test_ctx->handshake_mode + == SSL_TEST_HANDSHAKE_KEY_UPDATE_CLIENT + || test_ctx->handshake_mode + == SSL_TEST_HANDSHAKE_KEY_UPDATE_SERVER) return RENEG_APPLICATION_DATA; return APPLICATION_DATA; case RENEG_APPLICATION_DATA: return RENEG_SETUP; case RENEG_SETUP: + if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_KEY_UPDATE_SERVER + || test_ctx->handshake_mode + == SSL_TEST_HANDSHAKE_KEY_UPDATE_CLIENT) + return APPLICATION_DATA; return RENEG_HANDSHAKE; case RENEG_HANDSHAKE: return APPLICATION_DATA; |