|
|
@@ -4670,6 +4670,61 @@ func addCurveTests() { |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
func addKeyExchangeInfoTests() { |
|
|
|
testCases = append(testCases, testCase{ |
|
|
|
name: "KeyExchangeInfo-RSA-Client", |
|
|
|
config: Config{ |
|
|
|
CipherSuites: []uint16{TLS_RSA_WITH_AES_128_GCM_SHA256}, |
|
|
|
}, |
|
|
|
// key.pem is a 1024-bit RSA key. |
|
|
|
flags: []string{"-expect-key-exchange-info", "1024"}, |
|
|
|
}) |
|
|
|
// TODO(davidben): key_exchange_info doesn't work for plain RSA on the |
|
|
|
// server. Either fix this or change the API as it's not very useful in |
|
|
|
// this case. |
|
|
|
|
|
|
|
testCases = append(testCases, testCase{ |
|
|
|
name: "KeyExchangeInfo-DHE-Client", |
|
|
|
config: Config{ |
|
|
|
CipherSuites: []uint16{TLS_DHE_RSA_WITH_AES_128_GCM_SHA256}, |
|
|
|
Bugs: ProtocolBugs{ |
|
|
|
// This is a 1234-bit prime number, generated |
|
|
|
// with: |
|
|
|
// openssl gendh 1234 | openssl asn1parse -i |
|
|
|
DHGroupPrime: bigFromHex("0215C589A86BE450D1255A86D7A08877A70E124C11F0C75E476BA6A2186B1C830D4A132555973F2D5881D5F737BB800B7F417C01EC5960AEBF79478F8E0BBB6A021269BD10590C64C57F50AD8169D5488B56EE38DC5E02DA1A16ED3B5F41FEB2AD184B78A31F3A5B2BEC8441928343DA35DE3D4F89F0D4CEDE0034045084A0D1E6182E5EF7FCA325DD33CE81BE7FA87D43613E8FA7A1457099AB53"), |
|
|
|
}, |
|
|
|
}, |
|
|
|
flags: []string{"-expect-key-exchange-info", "1234"}, |
|
|
|
}) |
|
|
|
testCases = append(testCases, testCase{ |
|
|
|
testType: serverTest, |
|
|
|
name: "KeyExchangeInfo-DHE-Server", |
|
|
|
config: Config{ |
|
|
|
CipherSuites: []uint16{TLS_DHE_RSA_WITH_AES_128_GCM_SHA256}, |
|
|
|
}, |
|
|
|
// bssl_shim as a server configures a 2048-bit DHE group. |
|
|
|
flags: []string{"-expect-key-exchange-info", "2048"}, |
|
|
|
}) |
|
|
|
|
|
|
|
testCases = append(testCases, testCase{ |
|
|
|
name: "KeyExchangeInfo-ECDHE-Client", |
|
|
|
config: Config{ |
|
|
|
CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256}, |
|
|
|
CurvePreferences: []CurveID{CurveX25519}, |
|
|
|
}, |
|
|
|
flags: []string{"-expect-key-exchange-info", "29", "-enable-all-curves"}, |
|
|
|
}) |
|
|
|
testCases = append(testCases, testCase{ |
|
|
|
testType: serverTest, |
|
|
|
name: "KeyExchangeInfo-ECDHE-Server", |
|
|
|
config: Config{ |
|
|
|
CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256}, |
|
|
|
CurvePreferences: []CurveID{CurveX25519}, |
|
|
|
}, |
|
|
|
flags: []string{"-expect-key-exchange-info", "29", "-enable-all-curves"}, |
|
|
|
}) |
|
|
|
} |
|
|
|
|
|
|
|
func worker(statusChan chan statusMsg, c chan *testCase, shimPath string, wg *sync.WaitGroup) { |
|
|
|
defer wg.Done() |
|
|
|
|
|
|
@@ -4768,6 +4823,7 @@ func main() { |
|
|
|
addCustomExtensionTests() |
|
|
|
addRSAClientKeyExchangeTests() |
|
|
|
addCurveTests() |
|
|
|
addKeyExchangeInfoTests() |
|
|
|
for _, async := range []bool{false, true} { |
|
|
|
for _, splitHandshake := range []bool{false, true} { |
|
|
|
for _, protocol := range []protocol{tls, dtls} { |
|
|
|