diff options
Diffstat (limited to 'test/openssl')
-rw-r--r-- | test/openssl/test_ssl.rb | 23 | ||||
-rw-r--r-- | test/openssl/utils.rb | 1 |
2 files changed, 24 insertions, 0 deletions
diff --git a/test/openssl/test_ssl.rb b/test/openssl/test_ssl.rb index 28f5141cb0..b3f5661e5c 100644 --- a/test/openssl/test_ssl.rb +++ b/test/openssl/test_ssl.rb @@ -1169,6 +1169,29 @@ end } end + def test_get_ephemeral_key + return unless OpenSSL::SSL::SSLSocket.method_defined?(:tmp_key) + ciphers = { + 'ECDHE-RSA-AES128-SHA' => OpenSSL::PKey::EC, + 'DHE-RSA-AES128-SHA' => OpenSSL::PKey::DH, + 'AES128-SHA' => nil + } + conf_proc = Proc.new { |ctx| ctx.ciphers = 'ALL' } + start_server(OpenSSL::SSL::VERIFY_NONE, true, :ctx_proc => conf_proc) do |server, port| + ciphers.each do |cipher, ephemeral| + ctx = OpenSSL::SSL::SSLContext.new + ctx.ciphers = cipher + server_connect(port, ctx) do |ssl| + if ephemeral + assert_equal(ephemeral, ssl.tmp_key.class) + else + assert_nil(ssl.tmp_key) + end + end + end + end + end + private def start_server_version(version, ctx_proc=nil, server_proc=nil, &blk) diff --git a/test/openssl/utils.rb b/test/openssl/utils.rb index d4f0443511..6909854cad 100644 --- a/test/openssl/utils.rb +++ b/test/openssl/utils.rb @@ -277,6 +277,7 @@ AQjjxMXhwULlmuR/K+WwlaZPiLIBYalLAZQ7ZbOPeVkJ8ePao0eLAgEC ctx.cert = @svr_cert ctx.key = @svr_key ctx.tmp_dh_callback = proc { OpenSSL::TestUtils::TEST_KEY_DH1024 } + ctx.tmp_ecdh_callback = proc { OpenSSL::TestUtils::TEST_KEY_EC_P256V1 } ctx.verify_mode = verify_mode ctx_proc.call(ctx) if ctx_proc |