@@ -2724,3 +2724,82 @@ func TestMultipleServerCertificates(t *testing.T) {
2724
2724
})
2725
2725
}
2726
2726
}
2727
+
2728
+ func TestEllipticCurveConfiguration (t * testing.T ) {
2729
+ // Check for leaking routines
2730
+ report := test .CheckRoutines (t )
2731
+ defer report ()
2732
+
2733
+ for _ , test := range []struct {
2734
+ Name string
2735
+ ConfigCurves []elliptic.Curve
2736
+ HadnshakeCurves []elliptic.Curve
2737
+ }{
2738
+ {
2739
+ Name : "Curve defaulting" ,
2740
+ ConfigCurves : nil ,
2741
+ HadnshakeCurves : defaultCurves ,
2742
+ },
2743
+ {
2744
+ Name : "Single curve" ,
2745
+ ConfigCurves : []elliptic.Curve {elliptic .X25519 },
2746
+ HadnshakeCurves : []elliptic.Curve {elliptic .X25519 },
2747
+ },
2748
+ {
2749
+ Name : "Multiple curves" ,
2750
+ ConfigCurves : []elliptic.Curve {elliptic .P384 , elliptic .X25519 },
2751
+ HadnshakeCurves : []elliptic.Curve {elliptic .P384 , elliptic .X25519 },
2752
+ },
2753
+ } {
2754
+ ctx , cancel := context .WithTimeout (context .Background (), 10 * time .Second )
2755
+ defer cancel ()
2756
+
2757
+ ca , cb := dpipe .Pipe ()
2758
+ type result struct {
2759
+ c * Conn
2760
+ err error
2761
+ }
2762
+ c := make (chan result )
2763
+
2764
+ go func () {
2765
+ client , err := testClient (ctx , ca , & Config {CipherSuites : []CipherSuiteID {TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 }, EllipticCurves : test .ConfigCurves }, true )
2766
+ c <- result {client , err }
2767
+ }()
2768
+
2769
+ server , err := testServer (ctx , cb , & Config {CipherSuites : []CipherSuiteID {TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 }, EllipticCurves : test .ConfigCurves }, true )
2770
+ if err != nil {
2771
+ t .Fatalf ("Server error: %v" , err )
2772
+ }
2773
+
2774
+ if len (test .ConfigCurves ) == 0 && len (test .HadnshakeCurves ) != len (server .fsm .cfg .ellipticCurves ) {
2775
+ t .Fatalf ("Failed to default Elliptic curves, expected %d, got: %d" , len (test .HadnshakeCurves ), len (server .fsm .cfg .ellipticCurves ))
2776
+ }
2777
+
2778
+ if len (test .ConfigCurves ) != 0 {
2779
+ if len (test .HadnshakeCurves ) != len (server .fsm .cfg .ellipticCurves ) {
2780
+ t .Fatalf ("Failed to configure Elliptic curves, expect %d, got %d" , len (test .HadnshakeCurves ), len (server .fsm .cfg .ellipticCurves ))
2781
+ }
2782
+ for i , c := range test .ConfigCurves {
2783
+ if c != server .fsm .cfg .ellipticCurves [i ] {
2784
+ t .Fatalf ("Failed to maintain Elliptic curve order, expected %s, got %s" , c , server .fsm .cfg .ellipticCurves [i ])
2785
+ }
2786
+ }
2787
+ }
2788
+
2789
+ res := <- c
2790
+ if res .err != nil {
2791
+ t .Fatalf ("Client error; %v" , err )
2792
+ }
2793
+
2794
+ defer func () {
2795
+ err = server .Close ()
2796
+ if err != nil {
2797
+ t .Fatal (err )
2798
+ }
2799
+ err = res .c .Close ()
2800
+ if err != nil {
2801
+ t .Fatal (err )
2802
+ }
2803
+ }()
2804
+ }
2805
+ }
0 commit comments