1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
|
/*
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
* A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed
* on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
* express or implied. See the License for the specific language governing
* permissions and limitations under the License.
*/
#include "tls/s2n_signature_scheme.c"
#include "s2n_test.h"
int main(int argc, char **argv)
{
BEGIN_TEST();
/* Test all signature schemes */
size_t policy_i = 0;
while (security_policy_selection[policy_i].version != NULL) {
const struct s2n_signature_preferences *sig_prefs =
security_policy_selection[policy_i].security_policy->signature_preferences;
for (size_t sig_i = 0; sig_i < sig_prefs->count; sig_i++) {
const struct s2n_signature_scheme *const sig_scheme = sig_prefs->signature_schemes[sig_i];
EXPECT_NOT_EQUAL(sig_scheme->iana_value, 0);
EXPECT_NOT_EQUAL(sig_scheme->hash_alg, S2N_HASH_NONE);
EXPECT_NOT_EQUAL(sig_scheme->sig_alg, S2N_SIGNATURE_ANONYMOUS);
EXPECT_NOT_EQUAL(sig_scheme->libcrypto_nid, 0);
if (sig_scheme->sig_alg == S2N_SIGNATURE_ECDSA
&& sig_scheme->maximum_protocol_version != S2N_TLS12) {
EXPECT_NOT_NULL(sig_scheme->signature_curve);
} else {
EXPECT_NULL(sig_scheme->signature_curve);
}
/* No duplicate signature schemes are allowed */
for (size_t dup_i = 0; dup_i < sig_prefs->count; dup_i++) {
if (dup_i == sig_i) {
continue;
}
const struct s2n_signature_scheme *const potential_duplicate =
sig_prefs->signature_schemes[dup_i];
EXPECT_NOT_EQUAL(sig_scheme->iana_value, potential_duplicate->iana_value);
}
}
policy_i++;
}
END_TEST();
}
|
