wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-07-30 18:57:27 +02:00
Code Issues Packages Projects Releases Wiki Activity

Parameter sanity check and a unit test.

Browse Source
This commit is contained in:
Anthony Hu
2021-09-15 16:29:55 -04:00
parent 4f3c55988b
commit 07656e371c
2 changed files with 37 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/ssl.c
View File

@ -49183,6 +49183,11 @@ int wolfSSL_CTX_set1_curves_list(WOLFSSL_CTX* ctx, const char* names)
word16 curve; word16 curve;
char name[MAX_CURVE_NAME_SZ]; char name[MAX_CURVE_NAME_SZ];
if (ctx == NULL || names == NULL) {
WOLFSSL_MSG("ctx or names was NULL");
return WOLFSSL_FAILURE;
}
/* Disable all curves so that only the ones the user wants are enabled. */ /* Disable all curves so that only the ones the user wants are enabled. */
ctx->disabledCurves = 0xFFFFFFFFUL; ctx->disabledCurves = 0xFFFFFFFFUL;
for (idx = 1; names[idx-1] != '\0'; idx++) { for (idx = 1; names[idx-1] != '\0'; idx++) {

32
tests/api.c
View File

@ -33073,6 +33073,37 @@ static void test_wolfSSL_sk_SSL_CIPHER(void)
!defined(NO_FILESYSTEM) && !defined(NO_RSA) */ !defined(NO_FILESYSTEM) && !defined(NO_RSA) */
} }
static void test_wolfSSL_set1_curves_list(void)
{
#if defined(OPENSSL_EXTRA) && defined(HAVE_ECC)
SSL* ssl;
SSL_CTX* ctx;
#ifndef NO_WOLFSSL_SERVER
AssertNotNull(ctx = SSL_CTX_new(wolfSSLv23_server_method()));
#else
AssertNotNull(ctx = SSL_CTX_new(wolfSSLv23_client_method()));
#endif
AssertTrue(SSL_CTX_use_certificate_file(ctx, svrCertFile,
SSL_FILETYPE_PEM));
AssertTrue(SSL_CTX_use_PrivateKey_file(ctx, svrKeyFile, SSL_FILETYPE_PEM));
AssertNotNull(ssl = SSL_new(ctx));
AssertIntEQ(SSL_CTX_set1_curves_list(ctx, NULL), WOLFSSL_FAILURE);
AssertIntEQ(SSL_CTX_set1_curves_list(ctx, "P-25X"), WOLFSSL_FAILURE);
AssertIntEQ(SSL_CTX_set1_curves_list(ctx, "P-256"), WOLFSSL_SUCCESS);
AssertIntEQ(SSL_set1_curves_list(ssl, NULL), WOLFSSL_FAILURE);
AssertIntEQ(SSL_set1_curves_list(ssl, "P-25X"), WOLFSSL_FAILURE);
AssertIntEQ(SSL_set1_curves_list(ssl, "P-256"), WOLFSSL_SUCCESS);
SSL_free(ssl);
SSL_CTX_free(ctx);
printf(resultFmt, passed);
#endif
}
static void test_wolfSSL_set1_sigalgs_list(void) static void test_wolfSSL_set1_sigalgs_list(void)
{ {
#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_RSA) #if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) && !defined(NO_RSA)
@ -48696,6 +48727,7 @@ void ApiTest(void)
#endif #endif
test_wolfSSL_set_options(); test_wolfSSL_set_options();
test_wolfSSL_sk_SSL_CIPHER(); test_wolfSSL_sk_SSL_CIPHER();
test_wolfSSL_set1_curves_list();
test_wolfSSL_set1_sigalgs_list(); test_wolfSSL_set1_sigalgs_list();
test_wolfSSL_PKCS7_certs(); test_wolfSSL_PKCS7_certs();
test_wolfSSL_X509_STORE_CTX(); test_wolfSSL_X509_STORE_CTX();