]> git.saurik.com Git - apple/security.git/blobdiff - OSX/libsecurity_ssl/regressions/ssl-46-SSLGetSupportedCiphers.c
projects / apple / security.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Security-58286.20.16.tar.gz
[apple/security.git] / OSX / libsecurity_ssl / regressions / ssl-46-SSLGetSupportedCiphers.c
diff --git a/OSX/libsecurity_ssl/regressions/ssl-46-SSLGetSupportedCiphers.c b/OSX/libsecurity_ssl/regressions/ssl-46-SSLGetSupportedCiphers.c
index 2ed75a8bafd2028d1e42b27cb9ccdc8493a24412..ef0ef929b6bc370df2524ab0df3dfe3e3b322628 100644 (file)
--- a/OSX/libsecurity_ssl/regressions/ssl-46-SSLGetSupportedCiphers.c
+++ b/OSX/libsecurity_ssl/regressions/ssl-46-SSLGetSupportedCiphers.c
@@ -141,6 +141,27 @@ const SSLCipherSuite legacy_DHE_ciphersuites[] = {
 
 
 const SSLCipherSuite standard_ciphersuites[] = {
 
 
 const SSLCipherSuite standard_ciphersuites[] = {
+    TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
+    TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
+    TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
+    TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
+    TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
+    TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
+    TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+    TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
+    TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
+    TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
+    TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+    TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
+    TLS_RSA_WITH_AES_256_GCM_SHA384,
+    TLS_RSA_WITH_AES_128_GCM_SHA256,
+    TLS_RSA_WITH_AES_256_CBC_SHA256,
+    TLS_RSA_WITH_AES_128_CBC_SHA256,
+    TLS_RSA_WITH_AES_256_CBC_SHA,
+    TLS_RSA_WITH_AES_128_CBC_SHA,
+};
+
+const SSLCipherSuite default_ciphersuites[] = {
     TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
     TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
     TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
     TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
     TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
     TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
@@ -257,7 +278,6 @@ static int test_GetEnabledCiphers(SSLContextRef ssl, unsigned expected_num_ciphe
     size_t size;
     int fail=1;
     SSLCipherSuite *ciphers = NULL;
     size_t size;
     int fail=1;
     SSLCipherSuite *ciphers = NULL;
-    OSStatus err;
 
     require_noerr(SSLSetIOFuncs(ssl, &SocketRead, &SocketWrite), out);
     require_noerr(SSLSetConnection(ssl, NULL), out);
 
     require_noerr(SSLSetIOFuncs(ssl, &SocketRead, &SocketWrite), out);
     require_noerr(SSLSetConnection(ssl, NULL), out);
@@ -276,8 +296,7 @@ static int test_GetEnabledCiphers(SSLContextRef ssl, unsigned expected_num_ciphe
     free(ciphers);
     ciphers = NULL;
 
     free(ciphers);
     ciphers = NULL;
 
-    err = SSLHandshake(ssl);
-    require(err == errSSLWouldBlock, out);
+    require(SSLHandshake(ssl) == errSSLWouldBlock, out);
 
     require_noerr(SSLGetNumberEnabledCiphers(ssl, &num_ciphers), out);
     require_string(num_ciphers==expected_num_ciphers, out, "wrong ciphersuites number");
 
     require_noerr(SSLGetNumberEnabledCiphers(ssl, &num_ciphers), out);
     require_string(num_ciphers==expected_num_ciphers, out, "wrong ciphersuites number");
@@ -393,7 +412,7 @@ test_default(SSLProtocolSide side)
 
     /* The order of this tests does matter, be careful when adding tests */
     ok(!test_GetSupportedCiphers(ssl, server), "test_default: GetSupportedCiphers test failed (%s)", server?"server":"client");
 
     /* The order of this tests does matter, be careful when adding tests */
     ok(!test_GetSupportedCiphers(ssl, server), "test_default: GetSupportedCiphers test failed (%s)", server?"server":"client");
-    ok(!test_GetEnabledCiphers(ssl, sizeof(standard_ciphersuites)/sizeof(SSLCipherSuite), standard_ciphersuites), "test_default: GetEnabledCiphers test failed (%s)", server?"server":"client");
+    ok(!test_GetEnabledCiphers(ssl, sizeof(default_ciphersuites)/sizeof(SSLCipherSuite), default_ciphersuites), "test_default: GetEnabledCiphers test failed (%s)", server?"server":"client");
 
     CFRelease(ssl); ssl=NULL;
 
 
     CFRelease(ssl); ssl=NULL;
 
@@ -412,7 +431,7 @@ out:
 
 int ssl_46_SSLGetSupportedCiphers(int argc, char *const *argv)
 {
 
 int ssl_46_SSLGetSupportedCiphers(int argc, char *const *argv)
 {
-    plan_tests(154);
+    plan_tests(178);
 
     test_dhe(kSSLClientSide, true);
     test_dhe(kSSLServerSide, true);
 
     test_dhe(kSSLClientSide, true);
     test_dhe(kSSLServerSide, true);
@@ -433,10 +452,12 @@ int ssl_46_SSLGetSupportedCiphers(int argc, char *const *argv)
     TEST_CONFIG(kSSLSessionConfig_legacy_DHE, legacy_DHE_ciphersuites);
     TEST_CONFIG(kSSLSessionConfig_standard, standard_ciphersuites);
     TEST_CONFIG(kSSLSessionConfig_RC4_fallback, legacy_ciphersuites);
     TEST_CONFIG(kSSLSessionConfig_legacy_DHE, legacy_DHE_ciphersuites);
     TEST_CONFIG(kSSLSessionConfig_standard, standard_ciphersuites);
     TEST_CONFIG(kSSLSessionConfig_RC4_fallback, legacy_ciphersuites);
-    TEST_CONFIG(kSSLSessionConfig_TLSv1_fallback, standard_ciphersuites);
+    TEST_CONFIG(kSSLSessionConfig_TLSv1_fallback, default_ciphersuites);
     TEST_CONFIG(kSSLSessionConfig_TLSv1_RC4_fallback, legacy_ciphersuites);
     TEST_CONFIG(kSSLSessionConfig_TLSv1_RC4_fallback, legacy_ciphersuites);
-    TEST_CONFIG(kSSLSessionConfig_default, standard_ciphersuites);
+    TEST_CONFIG(kSSLSessionConfig_default, default_ciphersuites);
     TEST_CONFIG(kSSLSessionConfig_anonymous, anonymous_ciphersuites);
     TEST_CONFIG(kSSLSessionConfig_anonymous, anonymous_ciphersuites);
+    TEST_CONFIG(kSSLSessionConfig_3DES_fallback, default_ciphersuites);
+    TEST_CONFIG(kSSLSessionConfig_TLSv1_3DES_fallback, default_ciphersuites);
 
     return 0;
 }
 
     return 0;
 }
mirror of Security