Google Git
Sign in
go / go / f1d669aee994b28e1afcfe974680565932d25b70^! / . / src / crypto / tls / handshake_client_test.go
commitf1d669aee994b28e1afcfe974680565932d25b70[log] [tgz]
authorJacob H. Haven <jacob@cloudflare.com>Tue Feb 03 16:15:18 2015 -0800
committerAdam Langley <agl@golang.org>Wed Feb 04 00:18:14 2015 +0000
treef1b1f2b34980f8dc5bdffbc24b0332b846477db6
parent16e933c26697a884834f7f5f86c86f14e51e4fae [diff] [blame]
crypto/tls: add support for AES_256_GCM_SHA384 cipher suites specified in RFC5289

Generalizes PRF calculation for TLS 1.2 to support arbitrary hashes (SHA-384 instead of SHA-256).
Testdata were all updated to correspond with the new cipher suites in the handshake.

Change-Id: I3d9fc48c19d1043899e38255a53c80dc952ee08f
Reviewed-on: https://go-review.googlesource.com/3265
Reviewed-by: Adam Langley <agl@golang.org>

diff --git a/src/crypto/tls/handshake_client_test.go b/src/crypto/tls/handshake_client_test.go
index e5eaa7d..96b63cd 100644
--- a/src/crypto/tls/handshake_client_test.go
+++ b/src/crypto/tls/handshake_client_test.go

@@ -127,7 +127,6 @@
 	// connection.
 	var tcpConn net.Conn
 	for i := uint(0); i < 5; i++ {
-		var err error
 		tcpConn, err = net.DialTCP("tcp", nil, &net.TCPAddr{
 			IP:   net.IPv4(127, 0, 0, 1),
 			Port: serverPort,
@@ -137,7 +136,7 @@
 		}
 		time.Sleep((1 << i) * 5 * time.Millisecond)
 	}
-	if tcpConn == nil {
+	if err != nil {
 		close(stdin)
 		out.WriteTo(os.Stdout)
 		cmd.Process.Kill()
@@ -190,7 +189,7 @@
 	doneChan := make(chan bool)
 	go func() {
 		if _, err := client.Write([]byte("hello\n")); err != nil {
-			t.Logf("Client.Write failed: %s", err)
+			t.Errorf("Client.Write failed: %s", err)
 		}
 		if test.validate != nil {
 			if err := test.validate(client.ConnectionState()); err != nil {
@@ -311,6 +310,16 @@
 	runClientTestTLS12(t, test)
 }
 
+func TestHandshakeClientAES256GCMSHA384(t *testing.T) {
+	test := &clientTest{
+		name:    "ECDHE-ECDSA-AES256-GCM-SHA384",
+		command: []string{"openssl", "s_server", "-cipher", "ECDHE-ECDSA-AES256-GCM-SHA384"},
+		cert:    testECDSACertificate,
+		key:     testECDSAPrivateKey,
+	}
+	runClientTestTLS12(t, test)
+}
+
 func TestHandshakeClientCertRSA(t *testing.T) {
 	config := *testConfig
 	cert, _ := X509KeyPair([]byte(clientCertificatePEM), []byte(clientKeyPEM))