| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 25 Aug 2023 23:35:08 +0200
From: Sabrina Dubroca <sd@...asysnail.net>
To: netdev@...r.kernel.org
Cc: borisp@...dia.com,
john.fastabend@...il.com,
kuba@...nel.org,
Shuah Khan <shuah@...nel.org>,
linux-kselftest@...r.kernel.org,
Sabrina Dubroca <sd@...asysnail.net>
Subject: [PATCH net-next 03/17] selftests: tls: test some invalid inputs for setsockopt
This test will need to be updated if new ciphers are added.
Signed-off-by: Sabrina Dubroca <sd@...asysnail.net>
---
tools/testing/selftests/net/tls.c | 25 +++++++++++++++++++++++++
1 file changed, 25 insertions(+)
diff --git a/tools/testing/selftests/net/tls.c b/tools/testing/selftests/net/tls.c
index 0da6952a047a..297d972558fb 100644
--- a/tools/testing/selftests/net/tls.c
+++ b/tools/testing/selftests/net/tls.c
@@ -241,6 +241,31 @@ TEST_F(tls_basic, base_base)
EXPECT_EQ(memcmp(buf, test_str, send_len), 0);
};
+TEST_F(tls_basic, bad_cipher)
+{
+ struct tls_crypto_info_keys tls12;
+
+ tls12.crypto_info.version = 200;
+ tls12.crypto_info.cipher_type = TLS_CIPHER_AES_GCM_128;
+ EXPECT_EQ(setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12, sizeof(struct tls12_crypto_info_aes_gcm_128)), -1);
+
+ tls12.crypto_info.version = TLS_1_2_VERSION;
+ tls12.crypto_info.cipher_type = 50;
+ EXPECT_EQ(setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12, sizeof(struct tls12_crypto_info_aes_gcm_128)), -1);
+
+ tls12.crypto_info.version = TLS_1_2_VERSION;
+ tls12.crypto_info.cipher_type = 59;
+ EXPECT_EQ(setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12, sizeof(struct tls12_crypto_info_aes_gcm_128)), -1);
+
+ tls12.crypto_info.version = TLS_1_2_VERSION;
+ tls12.crypto_info.cipher_type = 10;
+ EXPECT_EQ(setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12, sizeof(struct tls12_crypto_info_aes_gcm_128)), -1);
+
+ tls12.crypto_info.version = TLS_1_2_VERSION;
+ tls12.crypto_info.cipher_type = 70;
+ EXPECT_EQ(setsockopt(self->fd, SOL_TLS, TLS_TX, &tls12, sizeof(struct tls12_crypto_info_aes_gcm_128)), -1);
+}
+
FIXTURE(tls)
{
int fd, cfd;
--
2.40.1
Powered by blists - more mailing lists