test: add test for auto DH security level meets the minimum

author Pauli <pauli@openssl.org>

Sat, 19 Jun 2021 06:17:38 +0000 (16:17 +1000)

committer Pauli <pauli@openssl.org>

Thu, 8 Jul 2021 11:55:00 +0000 (21:55 +1000)
author Pauli <pauli@openssl.org>
Sat, 19 Jun 2021 06:17:38 +0000 (16:17 +1000)
committer Pauli <pauli@openssl.org>
Thu, 8 Jul 2021 11:55:00 +0000 (21:55 +1000)
diff --git a/test/recipes/80-test_ssl_old.t b/test/recipes/80-test_ssl_old.t

index 377bf090baae6b09a976efc5a8f476d6e12b2e3d..35cf0a7af87db89cbb2cb541e4ba0b73ef72eb42 100644 (file)
--- a/test/recipes/80-test_ssl_old.t
+++ b/test/recipes/80-test_ssl_old.t
@@ -476,10 +476,10 @@ sub testssl {
      subtest 'RSA/(EC)DHE/PSK tests' => sub {
         ######################################################################
  
-       plan tests => 5;
+       plan tests => 6;
  
        SKIP: {
-         skip "TLSv1.0 is not supported by this OpenSSL build", 5
+         skip "TLSv1.0 is not supported by this OpenSSL build", 6
               if $no_tls1;
  
         SKIP: {
@@ -514,6 +514,14 @@ sub testssl {
             ok(run(test([@ssltest, "-bio_pair", "-tls1", "-cipher", "PSK", "-psk", "abc123"])),
                'test tls1 with PSK via BIO pair');
           }
+
+       SKIP: {
+           skip "skipping auto PSK tests", 1
+               if ($no_dh || $no_psk || $no_ec);
+
+           ok(run(test(['ssltest_old', '-psk', '0102030405', '-cipher', '@SECLEVEL=2:DHE-PSK-AES128-CCM'])),
+              'test auto DH meets security strength');
+         }
         }
  
      };
author	Pauli <pauli@openssl.org>
	Sat, 19 Jun 2021 06:17:38 +0000 (16:17 +1000)
committer	Pauli <pauli@openssl.org>
	Thu, 8 Jul 2021 11:55:00 +0000 (21:55 +1000)