Add checks in tests for the DHE prime and exponent size.

author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2014-03-26 09:45:10 +0100
committer: Nikos Mavrogiannopoulos <nmav@redhat.com> 2014-03-26 09:45:10 +0100
commit: 71b4ae6774fc08b80e30692ccce4e1bc00c9975f (patch)
tree: d61285e09ba0096f7e639b9a86147c8b6fb18fa3 /tests/anonself.c
parent: 83b050fe9f7e7262e3be5bdf02c801d318861324 (diff)
download: gnutls-71b4ae6774fc08b80e30692ccce4e1bc00c9975f.tar.gz
1 files changed, 20 insertions, 0 deletions
diff --git a/tests/anonself.c b/tests/anonself.c
index ac6df9fa3e..5749e416de 100644
--- a/tests/anonself.c
+++ b/tests/anonself.c
@@ -107,6 +107,16 @@ static void client(int sd)
 			success("client: Handshake was completed\n");
 	}
 
+	ret = gnutls_dh_get_prime_bits(session);
+	if (ret < 512) {
+		fail("server: too small prime size: %d\n", ret);
+	}
+
+	ret = gnutls_dh_get_secret_bits(session);
+	if (ret < 256) {
+		fail("server: too small secret key size: %d\n", ret);
+	}
+
 	if (debug)
 		success("client: TLS version is: %s\n",
 			gnutls_protocol_get_name
@@ -234,6 +244,16 @@ static void server(int sd)
 			gnutls_protocol_get_name
 			(gnutls_protocol_get_version(session)));
 
+	ret = gnutls_dh_get_prime_bits(session);
+	if (ret < 512) {
+		fail("server: too small prime size: %d\n", ret);
+	}
+
+	ret = gnutls_dh_get_secret_bits(session);
+	if (ret < 256) {
+		fail("server: too small secret key size: %d\n", ret);
+	}
+
 	/* see the Getting peer's information example */
 	/* print_info(session); */
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2014-03-26 09:45:10 +0100
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>	2014-03-26 09:45:10 +0100
commit	71b4ae6774fc08b80e30692ccce4e1bc00c9975f (patch)
tree	d61285e09ba0096f7e639b9a86147c8b6fb18fa3 /tests/anonself.c
parent	83b050fe9f7e7262e3be5bdf02c801d318861324 (diff)
download	gnutls-71b4ae6774fc08b80e30692ccce4e1bc00c9975f.tar.gz