Skip to content

Commit 0d84c8e

Browse files
qmuntalqmuntal
committed
skip tls1prf test if hash is not supported
1 parent 92e55a9 commit 0d84c8e

File tree

1 file changed

+20
-14
lines changed

1 file changed

+20
-14
lines changed

tls1prf_test.go

+20-14
Original file line numberDiff line numberDiff line change
@@ -4,14 +4,14 @@ package openssl_test
44

55
import (
66
"bytes"
7-
"hash"
7+
"crypto"
88
"testing"
99

1010
"github.com/golang-fips/openssl/v2"
1111
)
1212

1313
type tls1prfTest struct {
14-
hash func() hash.Hash
14+
hash crypto.Hash
1515
secret []byte
1616
label []byte
1717
seed []byte
@@ -22,7 +22,7 @@ var tls1prfTests = []tls1prfTest{
2222
// TLS 1.0/1.1 test generated with OpenSSL and cross-validated
2323
// with Windows CNG.
2424
{
25-
nil,
25+
crypto.MD5SHA1,
2626
[]byte{
2727
0x9b, 0xbe, 0x43, 0x6b, 0xa9, 0x40, 0xf0, 0x17,
2828
0xb1, 0x76, 0x52, 0x84, 0x9a, 0x71, 0xdb, 0x35,
@@ -40,7 +40,7 @@ var tls1prfTests = []tls1prfTest{
4040
},
4141
// Tests from https://mailarchive.ietf.org/arch/msg/tls/fzVCzk-z3FShgGJ6DOXqM1ydxms/
4242
{
43-
openssl.NewSHA256,
43+
crypto.SHA256,
4444
[]byte{
4545
0x9b, 0xbe, 0x43, 0x6b, 0xa9, 0x40, 0xf0, 0x17,
4646
0xb1, 0x76, 0x52, 0x84, 0x9a, 0x71, 0xdb, 0x35,
@@ -69,7 +69,7 @@ var tls1prfTests = []tls1prfTest{
6969
},
7070
},
7171
{
72-
openssl.NewSHA384,
72+
crypto.SHA384,
7373
[]byte{
7474
0xb8, 0x0b, 0x73, 0x3d, 0x6c, 0xee, 0xfc, 0xdc,
7575
0x71, 0x56, 0x6e, 0xa4, 0x8e, 0x55, 0x67, 0xdf,
@@ -104,7 +104,7 @@ var tls1prfTests = []tls1prfTest{
104104
},
105105
},
106106
{
107-
openssl.NewSHA512,
107+
crypto.SHA512,
108108
[]byte{
109109
0xb0, 0x32, 0x35, 0x23, 0xc1, 0x85, 0x35, 0x99,
110110
0x58, 0x4d, 0x88, 0x56, 0x8b, 0xbb, 0x05, 0xeb,
@@ -151,13 +151,19 @@ func TestTLS1PRF(t *testing.T) {
151151
if !openssl.SupportsTLS1PRF() {
152152
t.Skip("TLS 1.2 PRF is not supported")
153153
}
154-
for i, tt := range tls1prfTests {
155-
out, err := openssl.TLS1PRF(tt.secret, tt.label, tt.seed, len(tt.out), tt.hash)
156-
if err != nil {
157-
t.Errorf("test %d: error deriving TLS 1.2 PRF: %v.", i, err)
158-
}
159-
if !bytes.Equal(out, tt.out) {
160-
t.Errorf("test %d: incorrect key output: have %v, need %v.", i, out, tt.out)
161-
}
154+
for _, tt := range tls1prfTests {
155+
tt := tt
156+
t.Run(tt.hash.String(), func(t *testing.T) {
157+
if !openssl.SupportsHash(tt.hash) {
158+
t.Skip("skipping: hash not supported")
159+
}
160+
out, err := openssl.TLS1PRF(tt.secret, tt.label, tt.seed, len(tt.out), cryptoToHash(tt.hash))
161+
if err != nil {
162+
t.Fatalf("error deriving TLS 1.2 PRF: %v.", err)
163+
}
164+
if !bytes.Equal(out, tt.out) {
165+
t.Errorf("incorrect key output: have %v, need %v.", out, tt.out)
166+
}
167+
})
162168
}
163169
}

0 commit comments

Comments
 (0)