self-talk setup

goatgoose · Sep 20, 2023 · 19e503c · 19e503c
1 parent d118ac1
commit 19e503c
Showing 1 changed file with 25 additions and 2 deletions.
diff --git a/tests/unit/s2n_client_hello_get_supported_groups_test.c b/tests/unit/s2n_client_hello_get_supported_groups_test.c
@@ -48,7 +48,9 @@ int s2n_client_hello_check_received_supported_groups(struct s2n_connection *conn
     EXPECT_SUCCESS(s2n_client_hello_get_supported_groups(client_hello, supported_groups,
             &supported_groups_count, s2n_array_len(supported_groups)));
 
+    EXPECT_TRUE(supported_groups_count > 0);
     EXPECT_EQUAL(supported_groups_count, context->ecc_preferences->count);
+
     for (size_t i = 0; i < supported_groups_count; i++) {
         const struct s2n_ecc_named_curve *curve = context->ecc_preferences->ecc_curves[i];
         EXPECT_EQUAL(supported_groups[i], curve->iana_id);
@@ -64,7 +66,6 @@ int main(int argc, char **argv)
     DEFER_CLEANUP(struct s2n_cert_chain_and_key *chain_and_key = NULL, s2n_cert_chain_and_key_ptr_free);
     EXPECT_SUCCESS(s2n_test_cert_chain_and_key_new(&chain_and_key,
             S2N_DEFAULT_TEST_CERT_CHAIN, S2N_DEFAULT_TEST_PRIVATE_KEY));
-
     /* Safety */
     {
         struct s2n_client_hello client_hello = { 0 };
@@ -319,8 +320,30 @@ int main(int argc, char **argv)
      * This test also ensures that s2n_client_hello_get_supported_groups is usable from within the
      * client hello callback.
      */
-    {
+    char *security_policies[] = {"20170210", "20190801", "20210816", "test_all"};
+    for (size_t i = 0; i < s2n_array_len(security_policies); i++) {
+        DEFER_CLEANUP(struct s2n_config *config = s2n_config_new(), s2n_config_ptr_free);
+        EXPECT_NOT_NULL(config);
+        EXPECT_SUCCESS(s2n_config_add_cert_chain_and_key_to_store(config, chain_and_key));
+        EXPECT_SUCCESS(s2n_config_set_verification_ca_location(config, S2N_DEFAULT_TEST_CERT_CHAIN, NULL));
+        EXPECT_SUCCESS(s2n_config_set_cipher_preferences(config, security_policies[i]));
+
+        DEFER_CLEANUP(struct s2n_connection *server_conn = s2n_connection_new(S2N_SERVER), s2n_connection_ptr_free);
+        EXPECT_NOT_NULL(server_conn);
+        EXPECT_SUCCESS(s2n_connection_set_config(server_conn, config));
+
+        DEFER_CLEANUP(struct s2n_connection *client_conn = s2n_connection_new(S2N_CLIENT), s2n_connection_ptr_free);
+        EXPECT_NOT_NULL(client_conn);
+        EXPECT_SUCCESS(s2n_connection_set_config(client_conn, config));
+        EXPECT_SUCCESS(s2n_connection_set_blinding(client_conn, S2N_SELF_SERVICE_BLINDING));
+        EXPECT_SUCCESS(s2n_set_server_name(client_conn, "s2nTestServer"));
+
+        DEFER_CLEANUP(struct s2n_test_io_pair io_pair = { 0 }, s2n_io_pair_close);
+        EXPECT_SUCCESS(s2n_io_pair_init_non_blocking(&io_pair));
+        EXPECT_SUCCESS(s2n_connection_set_io_pair(client_conn, &io_pair));
+        EXPECT_SUCCESS(s2n_connection_set_io_pair(server_conn, &io_pair));
 
+        EXPECT_SUCCESS(s2n_negotiate_test_server_and_client(server_conn, client_conn));
     }
 
     END_TEST();