From 824b2e56ca886585cc2dfd363bb1913c6d416904 Mon Sep 17 00:00:00 2001
From: René Korthaus <r.korthaus@sirrix.com>
Date: Tue, 17 Oct 2017 16:22:07 +0200
Subject: Add supported groups TLS extension (RFC 7919)

---
 src/tests/data/tls-policy/bsi.txt    | 1 +
 src/tests/data/tls-policy/suiteb.txt | 1 +
 src/tests/data/tls/client_hello.vec  | 8 ++++----
 3 files changed, 6 insertions(+), 4 deletions(-)

(limited to 'src/tests/data')

diff --git a/src/tests/data/tls-policy/bsi.txt b/src/tests/data/tls-policy/bsi.txt
index 763c05219..9879b87f5 100644
--- a/src/tests/data/tls-policy/bsi.txt
+++ b/src/tests/data/tls-policy/bsi.txt
@@ -10,6 +10,7 @@ macs=AEAD SHA-384 SHA-256
 key_exchange_methods=ECDH DH PSK ECDHE_PSK DHE_PSK 
 signature_methods=ECDSA RSA DSA
 ecc_curves=brainpool512r1 brainpool384r1 brainpool256r1 secp384r1 secp256r1
+groups=brainpool512r1 brainpool384r1 brainpool256r1 secp384r1 secp256r1 ffdhe/ietf/8192 ffdhe/ietf/6144 ffdhe/ietf/4096 ffdhe/ietf/3072 ffdhe/ietf/2048
 minimum_dh_group_size=2000
 minimum_dsa_group_size=2000
 minimum_ecdh_group_size=250
diff --git a/src/tests/data/tls-policy/suiteb.txt b/src/tests/data/tls-policy/suiteb.txt
index 51d8fec12..7c0b3e7d8 100644
--- a/src/tests/data/tls-policy/suiteb.txt
+++ b/src/tests/data/tls-policy/suiteb.txt
@@ -17,6 +17,7 @@ server_uses_own_ciphersuite_preferences = true
 negotiate_encrypt_then_mac = true
 session_ticket_lifetime = 86400
 dh_group = modp/ietf/2048
+groups = secp256r1
 minimum_dh_group_size = 2048
 minimum_ecdh_group_size = 255
 minimum_rsa_bits = 2048
diff --git a/src/tests/data/tls/client_hello.vec b/src/tests/data/tls/client_hello.vec
index aa8c03258..827f2ea4d 100644
--- a/src/tests/data/tls/client_hello.vec
+++ b/src/tests/data/tls/client_hello.vec
@@ -47,15 +47,15 @@ Buffer = 030320f3dc33f90be6509e6133a1819f2b80fe6ccc6268d9195ca4ead7504ffe7e2a000
 Protocol = 0303
 Exception = Invalid argument Decoding error: Bad extension size
 
-#invalid length of the elliptic curve extension (0xf01c instead of 0x001c)
+#invalid length of the supported groups  extension (0xf01c instead of 0x001c)
 Buffer = 0303871e18983024eaee1be8ae6607d5ecad941d33fd7fc1d8554a9e1fbfda8d30880000aac030c02cc028c024c014c00a00a500a300a1009f006b006a0069006800390038003700360088008700860085c032c02ec02ac026c00fc005009d003d00350084c02fc02bc027c023c013c00900a400a200a0009e00670040003f003e0033003200310030009a0099009800970045004400430042c031c02dc029c025c00ec004009c003c002f00960041c011c007c00cc00200050004c012c008001600130010000dc00dc003000a00ff01000055000b000403000102000af01c001a00170019001c001b0018001a0016000e000d000b000c0009000a00230000000d0020001e060106020603050105020503040104020403030103020303020102020203000f000101
 Protocol = 0303
-Exception = Invalid argument Decoding error: Inconsistent length field in elliptic curve list
+Exception = Invalid argument Decoding error: Inconsistent length field in supported groups list
 
-#invalid length of the elliptic curve extension (0xf01a instead of 0x001a)
+#invalid length of the supported groups  extension (0xf01a instead of 0x001a)
 Buffer = 0303871e18983024eaee1be8ae6607d5ecad941d33fd7fc1d8554a9e1fbfda8d30880000aac030c02cc028c024c014c00a00a500a300a1009f006b006a0069006800390038003700360088008700860085c032c02ec02ac026c00fc005009d003d00350084c02fc02bc027c023c013c00900a400a200a0009e00670040003f003e0033003200310030009a0099009800970045004400430042c031c02dc029c025c00ec004009c003c002f00960041c011c007c00cc00200050004c012c008001600130010000dc00dc003000a00ff01000055000b000403000102000a001cf01a00170019001c001b0018001a0016000e000d000b000c0009000a00230000000d0020001e060106020603050105020503040104020403030103020303020102020203000f000101
 Protocol = 0303
-Exception = Invalid argument Decoding error: Inconsistent length field in elliptic curve list
+Exception = Invalid argument Decoding error: Inconsistent length field in supported groups list
 
 #invalid length of the session ticket extension
 Buffer = 0303871e18983024eaee1be8ae6607d5ecad941d33fd7fc1d8554a9e1fbfda8d30880000aac030c02cc028c024c014c00a00a500a300a1009f006b006a0069006800390038003700360088008700860085c032c02ec02ac026c00fc005009d003d00350084c02fc02bc027c023c013c00900a400a200a0009e00670040003f003e0033003200310030009a0099009800970045004400430042c031c02dc029c025c00ec004009c003c002f00960041c011c007c00cc00200050004c012c008001600130010000dc00dc003000a00ff01000055000b000403000102000a001c001a00170019001c001b0018001a0016000e000d000b000c0009000a002300ff000d0020001e060106020603050105020503040104020403030103020303020102020203000f000101
-- 
cgit v1.2.3