From: Matt Caswell <matt@openssl.org>
Date: Fri, 5 May 2017 09:30:07 +0000 (+0100)
Subject: Add a test for supported_groups in the EE message
X-Git-Tag: OpenSSL_1_1_1-pre1~1572
X-Git-Url: https://git.openssl.org/?p=openssl.git;a=commitdiff_plain;h=de65f7b93a79ea952a7f08e0b8b3f36d1136ae7a;hp=6af87546375953d5937fb4bdaac6a887765af615

Add a test for supported_groups in the EE message

Check we send supported_groups in EE if there is a group we prefer instead
of the one sent in the key_share.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3395)
---

diff --git a/test/recipes/70-test_tls13messages.t b/test/recipes/70-test_tls13messages.t
index c9603de56f..c21185167f 100644
--- a/test/recipes/70-test_tls13messages.t
+++ b/test/recipes/70-test_tls13messages.t
@@ -123,6 +123,8 @@ $ENV{CTLOG_FILE} = srctop_file("test", "ct", "log_list.conf");
         checkhandshake::SERVER_NAME_SRV_EXTENSION],
     [TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS, TLSProxy::Message::EXT_ALPN,
         checkhandshake::ALPN_SRV_EXTENSION],
+    [TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS, TLSProxy::Message::EXT_SUPPORTED_GROUPS,
+        checkhandshake::SUPPORTED_GROUPS_SRV_EXTENSION],
 
     [TLSProxy::Message::MT_CERTIFICATE, TLSProxy::Message::EXT_STATUS_REQUEST,
         checkhandshake::STATUS_REQUEST_SRV_EXTENSION],
@@ -145,7 +147,7 @@ $proxy->serverconnects(2);
 $proxy->clientflags("-sess_out ".$session);
 $proxy->sessionfile($session);
 $proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
-plan tests => 15;
+plan tests => 16;
 checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE,
                checkhandshake::DEFAULT_EXTENSIONS,
                "Default handshake test");
@@ -303,4 +305,14 @@ checkhandshake($proxy, checkhandshake::HRR_RESUME_HANDSHAKE,
                | checkhandshake::PSK_CLI_EXTENSION
                | checkhandshake::PSK_SRV_EXTENSION,
                "Resumption handshake with HRR test");
+
+#Test 16: Acceptable but non preferred key_share
+$proxy->clear();
+$proxy->clientflags("-curves P-256");
+$proxy->start();
+checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE,
+               checkhandshake::DEFAULT_EXTENSIONS
+               | checkhandshake::SUPPORTED_GROUPS_SRV_EXTENSION,
+               "Default handshake test");
+
 unlink $session;
diff --git a/test/testlib/checkhandshake.pm b/test/testlib/checkhandshake.pm
index d5d0e29ee5..65c5135a1e 100644
--- a/test/testlib/checkhandshake.pm
+++ b/test/testlib/checkhandshake.pm
@@ -52,7 +52,8 @@ use constant {
     PSK_SRV_EXTENSION => 0x00010000,
     KEY_SHARE_SRV_EXTENSION => 0x00020000,
     PSK_KEX_MODES_EXTENSION => 0x00040000,
-    KEY_SHARE_HRR_EXTENSION => 0x00080000
+    KEY_SHARE_HRR_EXTENSION => 0x00080000,
+    SUPPORTED_GROUPS_SRV_EXTENSION => 0x00100000
 };
 
 our @handmessages = ();