TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / f75e252909fccf27818b63fbc8e10994ce714d2b^! / .
commitf75e252909fccf27818b63fbc8e10994ce714d2b[log] [tgz]
authorRon Eldor <Ron.Eldor@arm.com>Tue May 14 20:38:49 2019 +0300
committerRon Eldor <Ron.Eldor@arm.com>Wed May 15 13:57:39 2019 +0300
tree59904c20cd7259934384ce68474baa7189567d57
parentcf28009839be2bc5f9ed2de1f68180d71c64a3a1 [diff]
Add test for export keys functionality

Add test in `ssl-opts.sh` that the export keys callback
is actually called.

diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c
index a9bcd01..a33cfb5 100644
--- a/programs/ssl/ssl_client2.c
+++ b/programs/ssl/ssl_client2.c

@@ -482,14 +482,17 @@
     eap_tls_keys *keys = (eap_tls_keys *)p_expkey;
 
     ( ( void ) kb );
-    ( ( void ) maclen );
-    ( ( void ) keylen );
-    ( ( void ) ivlen );
     memcpy( keys->master_secret, ms, sizeof( keys->master_secret ) );
     memcpy( keys->randbytes, client_random, 32 );
     memcpy( keys->randbytes + 32, server_random, 32 );
     keys->tls_prf_type = tls_prf_type;
 
+    if( opt.debug_level > 2 )
+    {
+        mbedtls_printf("exported maclen is %zu\n",maclen);
+        mbedtls_printf("exported keylen is %zu\n",keylen);
+        mbedtls_printf("exported ivlen is %zu\n",ivlen);
+    }
     return( 0 );
 }
 #endif

diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c
index 363b2dc..d246988 100644
--- a/programs/ssl/ssl_server2.c
+++ b/programs/ssl/ssl_server2.c

@@ -598,14 +598,17 @@
     eap_tls_keys *keys = (eap_tls_keys *)p_expkey;
 
     ( ( void ) kb );
-    ( ( void ) maclen );
-    ( ( void ) keylen );
-    ( ( void ) ivlen );
     memcpy( keys->master_secret, ms, sizeof( keys->master_secret ) );
     memcpy( keys->randbytes, client_random, 32 );
     memcpy( keys->randbytes + 32, server_random, 32 );
     keys->tls_prf_type = tls_prf_type;
 
+    if( opt.debug_level > 2 )
+    {
+        mbedtls_printf("exported maclen is %zu\n",maclen);
+        mbedtls_printf("exported keylen is %zu\n",keylen);
+        mbedtls_printf("exported ivlen is %zu\n",ivlen);
+    }
     return( 0 );
 }
 #endif

diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index 08d4be3..cef87bc 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh

@@ -7939,6 +7939,18 @@
             -s "Extra-header:" \
             -c "Extra-header:"
 
+requires_config_enabled MBEDTLS_SSL_EXPORT_KEYS
+run_test    "export keys functionality" \
+            "$P_SRV eap_tls=1 debug_level=3" \
+            "$P_CLI eap_tls=1 debug_level=3" \
+            0 \
+            -s "exported maclen is " \
+            -s "exported keylen is " \
+            -s "exported ivlen is "  \
+            -c "exported maclen is " \
+            -c "exported keylen is " \
+            -c "exported ivlen is "
+
 # Final report
 
 echo "------------------------------------------------------------------------"