Add test for export keys functionality

Add test in `ssl-opts.sh` that the export keys callback
is actually called.
This commit is contained in:
Ron Eldor 2019-05-14 20:38:49 +03:00
parent cf28009839
commit f75e252909
3 changed files with 24 additions and 6 deletions

View File

@ -482,14 +482,17 @@ static int eap_tls_key_derivation ( void *p_expkey,
eap_tls_keys *keys = (eap_tls_keys *)p_expkey;
( ( void ) kb );
( ( void ) maclen );
( ( void ) keylen );
( ( void ) ivlen );
memcpy( keys->master_secret, ms, sizeof( keys->master_secret ) );
memcpy( keys->randbytes, client_random, 32 );
memcpy( keys->randbytes + 32, server_random, 32 );
keys->tls_prf_type = tls_prf_type;
if( opt.debug_level > 2 )
{
mbedtls_printf("exported maclen is %zu\n",maclen);
mbedtls_printf("exported keylen is %zu\n",keylen);
mbedtls_printf("exported ivlen is %zu\n",ivlen);
}
return( 0 );
}
#endif

View File

@ -598,14 +598,17 @@ static int eap_tls_key_derivation ( void *p_expkey,
eap_tls_keys *keys = (eap_tls_keys *)p_expkey;
( ( void ) kb );
( ( void ) maclen );
( ( void ) keylen );
( ( void ) ivlen );
memcpy( keys->master_secret, ms, sizeof( keys->master_secret ) );
memcpy( keys->randbytes, client_random, 32 );
memcpy( keys->randbytes + 32, server_random, 32 );
keys->tls_prf_type = tls_prf_type;
if( opt.debug_level > 2 )
{
mbedtls_printf("exported maclen is %zu\n",maclen);
mbedtls_printf("exported keylen is %zu\n",keylen);
mbedtls_printf("exported ivlen is %zu\n",ivlen);
}
return( 0 );
}
#endif

View File

@ -7939,6 +7939,18 @@ run_test "DTLS proxy: 3d, gnutls server, fragmentation, nbio" \
-s "Extra-header:" \
-c "Extra-header:"
requires_config_enabled MBEDTLS_SSL_EXPORT_KEYS
run_test "export keys functionality" \
"$P_SRV eap_tls=1 debug_level=3" \
"$P_CLI eap_tls=1 debug_level=3" \
0 \
-s "exported maclen is " \
-s "exported keylen is " \
-s "exported ivlen is " \
-c "exported maclen is " \
-c "exported keylen is " \
-c "exported ivlen is "
# Final report
echo "------------------------------------------------------------------------"