Add options to check TLS signing hashes

[openssl.git] / test / ssl_test_ctx.c

diff --git a/test/ssl_test_ctx.c b/test/ssl_test_ctx.c
index 2c5ba1e5bb851018a79ef25f574d4d28de041077..242602d88ed8f47c2572ead5495e363058ddfa22 100644 (file)
--- a/test/ssl_test_ctx.c
+++ b/test/ssl_test_ctx.c
@@ -433,17 +433,21 @@ IMPLEMENT_SSL_TEST_INT_OPTION(SSL_TEST_CTX, test, app_data_size)
 IMPLEMENT_SSL_TEST_INT_OPTION(SSL_TEST_CTX, test, max_fragment_size)
 
 /***********************/
-/* ExpectedTmpKeyType  */
+/* Expected key types  */
 /***********************/
 
-__owur static int parse_expected_tmp_key_type(SSL_TEST_CTX *test_ctx,
-                                              const char *value)
+__owur static int parse_expected_key_type(int *ptype, const char *value)
 {
     int nid;
+    const EVP_PKEY_ASN1_METHOD *ameth;
 
     if (value == NULL)
         return 0;
-    nid = OBJ_sn2nid(value);
+    ameth = EVP_PKEY_asn1_find_str(NULL, value, -1);
+    if (ameth != NULL)
+        EVP_PKEY_asn1_get0_info(&nid, NULL, NULL, NULL, NULL, ameth);
+    else
+        nid = OBJ_sn2nid(value);
     if (nid == NID_undef)
         nid = OBJ_ln2nid(value);
 #ifndef OPENSSL_NO_EC
@@ -452,10 +456,63 @@ __owur static int parse_expected_tmp_key_type(SSL_TEST_CTX *test_ctx,
 #endif
     if (nid == NID_undef)
         return 0;
-    test_ctx->expected_tmp_key_type = nid;
+    *ptype = nid;
+    return 1;
+}
+
+__owur static int parse_expected_tmp_key_type(SSL_TEST_CTX *test_ctx,
+                                              const char *value)
+{
+    return parse_expected_key_type(&test_ctx->expected_tmp_key_type, value);
+}
+
+__owur static int parse_expected_server_cert_type(SSL_TEST_CTX *test_ctx,
+                                                  const char *value)
+{
+    return parse_expected_key_type(&test_ctx->expected_server_cert_type,
+                                   value);
+}
+
+__owur static int parse_expected_client_cert_type(SSL_TEST_CTX *test_ctx,
+                                                  const char *value)
+{
+    return parse_expected_key_type(&test_ctx->expected_client_cert_type,
+                                   value);
+}
+
+/*************************/
+/* Expected signing hash */
+/*************************/
+
+__owur static int parse_expected_sign_hash(int *ptype, const char *value)
+{
+    int nid;
+
+    if (value == NULL)
+        return 0;
+    nid = OBJ_sn2nid(value);
+    if (nid == NID_undef)
+        nid = OBJ_ln2nid(value);
+    if (nid == NID_undef)
+        return 0;
+    *ptype = nid;
     return 1;
 }
 
+__owur static int parse_expected_server_sign_hash(SSL_TEST_CTX *test_ctx,
+                                                  const char *value)
+{
+    return parse_expected_sign_hash(&test_ctx->expected_server_sign_hash,
+                                    value);
+}
+
+__owur static int parse_expected_client_sign_hash(SSL_TEST_CTX *test_ctx,
+                                                  const char *value)
+{
+    return parse_expected_sign_hash(&test_ctx->expected_server_sign_hash,
+                                    value);
+}
+
 /*************************************************************/
 /* Known test options and their corresponding parse methods. */
 /*************************************************************/
@@ -481,6 +538,10 @@ static const ssl_test_ctx_option ssl_test_ctx_options[] = {
     { "ApplicationData", &parse_test_app_data_size },
     { "MaxFragmentSize", &parse_test_max_fragment_size },
     { "ExpectedTmpKeyType", &parse_expected_tmp_key_type },
+    { "ExpectedServerCertType", &parse_expected_server_cert_type },
+    { "ExpectedServerSignHash", &parse_expected_server_sign_hash },
+    { "ExpectedClientCertType", &parse_expected_client_cert_type },
+    { "ExpectedClientSignHash", &parse_expected_client_sign_hash },
 };
 
 /* Nested client options. */