aboutsummaryrefslogtreecommitdiff
path: root/crypto/openssl/test/tls13groupselection_test.c
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/openssl/test/tls13groupselection_test.c')
-rw-r--r--crypto/openssl/test/tls13groupselection_test.c19
1 files changed, 16 insertions, 3 deletions
diff --git a/crypto/openssl/test/tls13groupselection_test.c b/crypto/openssl/test/tls13groupselection_test.c
index 01d1eded5f87..351b3102c70b 100644
--- a/crypto/openssl/test/tls13groupselection_test.c
+++ b/crypto/openssl/test/tls13groupselection_test.c
@@ -311,17 +311,17 @@ static const struct tls13groupselection_test_st tls13groupselection_tests[] =
{ "X25519:secp256r1:X448:secp521r1:-X448:-secp256r1:-X25519:-secp521r1",
"",
CLIENT_PREFERENCE,
- NEGOTIATION_FAILURE
+ NEGOTIATION_FAILURE, INIT
},
{ "secp384r1:secp521r1:X25519", /* test 39 */
"prime256v1:X448",
CLIENT_PREFERENCE,
- NEGOTIATION_FAILURE
+ NEGOTIATION_FAILURE, INIT
},
{ "secp521r1:secp384r1:X25519", /* test 40 */
"prime256v1:X448",
SERVER_PREFERENCE,
- NEGOTIATION_FAILURE
+ NEGOTIATION_FAILURE, INIT
},
/*
* These are allowed
@@ -340,6 +340,15 @@ static const struct tls13groupselection_test_st tls13groupselection_tests[] =
SERVER_PREFERENCE,
"secp521r1", SH
},
+ /*
+ * Not a syntax error, but invalid because brainpoolP256r1 is the only
+ * key share and is not valid in TLSv1.3
+ */
+ { "*brainpoolP256r1:X25519", /* test 43 */
+ "X25519",
+ SERVER_PREFERENCE,
+ NEGOTIATION_FAILURE, INIT
+ }
};
static void server_response_check_cb(int write_p, int version,
@@ -489,6 +498,10 @@ static int test_groupnegotiation(const struct tls13groupselection_test_st *curre
ok = 1;
} else {
TEST_false_or_end(create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE));
+ if (test_type == TEST_NEGOTIATION_FAILURE &&
+ !TEST_int_eq((int)current_test_vector->expected_server_response,
+ (int)server_response))
+ goto end;
ok = 1;
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-03 21:08:40 +0000