Commit b2e584aa authored by Sabrina Dubroca's avatar Sabrina Dubroca Committed by David S. Miller
Browse files

selftests: tls: add key_generation argument to tls_crypto_info_init 



This allows us to generate different keys, so that we can test that
rekey is using the correct one.

Signed-off-by: default avatarSabrina Dubroca <sd@queasysnail.net>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 5aa97a43

tools/testing/selftests/net/tls.c

+11 −9
Original line number Diff line number Diff line
@@ -44,9 +44,11 @@ struct tls_crypto_info_keys { 
};



static void tls_crypto_info_init(uint16_t tls_version, uint16_t cipher_type,

				 struct tls_crypto_info_keys *tls12)

				 struct tls_crypto_info_keys *tls12,

				 char key_generation)

{

	memset(tls12, 0, sizeof(*tls12));

	memset(tls12, key_generation, sizeof(*tls12));

	memset(tls12, 0, sizeof(struct tls_crypto_info));



	switch (cipher_type) {

	case TLS_CIPHER_CHACHA20_POLY1305:
@@ -275,7 +277,7 @@ TEST_F(tls_basic, recseq_wrap) 
	if (self->notls)

		SKIP(return, "no TLS support");



	tls_crypto_info_init(TLS_1_2_VERSION, TLS_CIPHER_AES_GCM_128, &tls12);

	tls_crypto_info_init(TLS_1_2_VERSION, TLS_CIPHER_AES_GCM_128, &tls12, 0);

	memset(&tls12.aes128.rec_seq, 0xff, sizeof(tls12.aes128.rec_seq));



	ASSERT_EQ(setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12, tls12.len), 0);
@@ -391,7 +393,7 @@ FIXTURE_SETUP(tls) 
		SKIP(return, "Unsupported cipher in FIPS mode");



	tls_crypto_info_init(variant->tls_version, variant->cipher_type,

			     &tls12);

			     &tls12, 0);



	ulp_sock_pair(_metadata, &self->fd, &self->cfd, &self->notls);
@@ -1175,7 +1177,7 @@ TEST_F(tls, bidir) 
		struct tls_crypto_info_keys tls12;



		tls_crypto_info_init(variant->tls_version, variant->cipher_type,

				     &tls12);

				     &tls12, 0);



		ret = setsockopt(self->fd, SOL_TLS, TLS_RX, &tls12,

				 tls12.len);
@@ -1614,7 +1616,7 @@ TEST_F(tls, getsockopt) 
	EXPECT_EQ(get.crypto_info.cipher_type, variant->cipher_type);



	/* get the full crypto_info */

	tls_crypto_info_init(variant->tls_version, variant->cipher_type, &expect);

	tls_crypto_info_init(variant->tls_version, variant->cipher_type, &expect, 0);

	len = expect.len;

	memrnd(&get, sizeof(get));

	EXPECT_EQ(getsockopt(self->fd, SOL_TLS, TLS_TX, &get, &len), 0);
@@ -1696,7 +1698,7 @@ FIXTURE_SETUP(tls_err) 
	int ret;



	tls_crypto_info_init(variant->tls_version, TLS_CIPHER_AES_GCM_128,

			     &tls12);

			     &tls12, 0);



	ulp_sock_pair(_metadata, &self->fd, &self->cfd, &self->notls);

	ulp_sock_pair(_metadata, &self->fd2, &self->cfd2, &self->notls);
@@ -2118,7 +2120,7 @@ TEST(tls_v6ops) { 
	int sfd, ret, fd;

	socklen_t len, len2;



	tls_crypto_info_init(TLS_1_2_VERSION, TLS_CIPHER_AES_GCM_128, &tls12);

	tls_crypto_info_init(TLS_1_2_VERSION, TLS_CIPHER_AES_GCM_128, &tls12, 0);



	addr.sin6_family = AF_INET6;

	addr.sin6_addr = in6addr_any;
@@ -2177,7 +2179,7 @@ TEST(prequeue) { 
	len = sizeof(addr);

	memrnd(buf, sizeof(buf));



	tls_crypto_info_init(TLS_1_2_VERSION, TLS_CIPHER_AES_GCM_256, &tls12);

	tls_crypto_info_init(TLS_1_2_VERSION, TLS_CIPHER_AES_GCM_256, &tls12, 0);



	addr.sin_family = AF_INET;

	addr.sin_addr.s_addr = htonl(INADDR_ANY);