e2e_tests: Add key types to the test setup

gowthamsk-arm · tgonzalezorlandoarm · commit 2fb177b7d737 · 2024-05-15T21:12:35.000+01:00
Signed-off-by: Gowtham Suresh Kumar &lt;gowtham.sureshkumar@arm.com&gt;
diff --git a/parsec-openssl-provider-shared/e2e_tests/src/lib.rs b/parsec-openssl-provider-shared/e2e_tests/src/lib.rs
@@ -13,7 +13,6 @@ pub use std::io::{Read, Write};
 pub use std::net::{SocketAddr, TcpListener, TcpStream};
 pub use std::thread::{self, JoinHandle};
 
-const RSA: &[u8; 8] = b"RSA-PSS\0";
 use openssl::pkey::Private;
 use parsec_openssl_provider::parsec_openssl2::ossl_param;
 use parsec_openssl_provider::PARSEC_PROVIDER_KEY_NAME;
@@ -137,7 +136,7 @@ impl Client {
     }
 
     // Creates a TCP stream and initiates a TLS handshake to the server
-    pub fn connect(self, addr: SocketAddr) {
+    pub fn connect(self, addr: SocketAddr, key_type: &[u8]) {
         unsafe {
             let provider_path = String::from("../../target/debug/");
             let provider_name = String::from("libparsec_openssl_provider_shared");
@@ -150,7 +149,7 @@ impl Client {
 
             if let Some(key) = &self.private_key_name {
                 let mut param = ossl_param!(PARSEC_PROVIDER_KEY_NAME, OSSL_PARAM_UTF8_PTR, key);
-                load_key(&lib_ctx, &mut param, &mut parsec_pkey, RSA);
+                load_key(&lib_ctx, &mut param, &mut parsec_pkey, key_type);
 
                 let key: openssl::pkey::PKey<Private> =
                     openssl::pkey::PKey::from_ptr(parsec_pkey as _);
@@ -177,7 +176,7 @@ impl Client {
     }
 }
 
-pub fn check_mismatched_key_certificate(key: String, certificate: String) {
+pub fn check_mismatched_key_certificate(key: String, certificate: String, key_type: &[u8]) {
     unsafe {
         let provider_path = String::from("../../target/debug/");
         let provider_name = String::from("libparsec_openssl_provider_shared");
@@ -193,7 +192,7 @@ pub fn check_mismatched_key_certificate(key: String, certificate: String) {
             .unwrap();
 
         let mut param = ossl_param!(PARSEC_PROVIDER_KEY_NAME, OSSL_PARAM_UTF8_PTR, key);
-        load_key(&lib_ctx, &mut param, &mut parsec_pkey, RSA);
+        load_key(&lib_ctx, &mut param, &mut parsec_pkey, key_type);
 
         let key: openssl::pkey::PKey<Private> = openssl::pkey::PKey::from_ptr(parsec_pkey as _);
 
diff --git a/parsec-openssl-provider-shared/e2e_tests/tests/handshake.rs b/parsec-openssl-provider-shared/e2e_tests/tests/handshake.rs
@@ -1,6 +1,9 @@
 // Copyright 2024 Contributors to the Parsec project.
 // SPDX-License-Identifier: Apache-2.0
 use e2e_tests::*;
+const RSA: &[u8; 8] = b"RSA-PSS\0";
+const ECDSA: &[u8; 3] = b"EC\0";
+const NONE: &[u8; 5] = b"None\0";
 
 #[test]
 fn test_handshake_no_authentication() {
@@ -16,7 +19,7 @@ fn test_handshake_no_authentication() {
     server.accept(listener);
 
     let client = Client::new(None, None, None, SslVerifyMode::NONE);
-    client.connect(addr);
+    client.connect(addr, NONE);
 }
 
 #[should_panic]
@@ -34,7 +37,7 @@ fn test_handshake_server_authentication_no_client_ca() {
     server.accept(listener);
 
     let client = Client::new(None, None, None, SslVerifyMode::PEER);
-    client.connect(addr);
+    client.connect(addr, NONE);
 }
 
 #[test]
@@ -56,7 +59,7 @@ fn test_handshake_server_authentication_with_client_ca() {
         Some(String::from("../../tests/tls/ca/ca_cert.pem")),
         SslVerifyMode::PEER,
     );
-    client.connect(addr);
+    client.connect(addr, NONE);
 }
 
 #[should_panic]
@@ -79,7 +82,7 @@ fn test_handshake_client_authentication_with_no_client_settings() {
         Some(String::from("../../tests/tls/ca/ca_cert.pem")),
         SslVerifyMode::PEER,
     );
-    client.connect(addr);
+    client.connect(addr, NONE);
 }
 
 #[should_panic]
@@ -102,7 +105,7 @@ fn test_handshake_client_authentication_with_no_rsa_client_key() {
         Some(String::from("../../tests/tls/ca/ca_cert.pem")),
         SslVerifyMode::PEER,
     );
-    client.connect(addr);
+    client.connect(addr, RSA);
 }
 
 #[should_panic]
@@ -125,7 +128,7 @@ fn test_handshake_client_authentication_with_no_ecdsa_client_key() {
         Some(String::from("../../tests/tls/ca/ca_cert.pem")),
         SslVerifyMode::PEER,
     );
-    client.connect(addr);
+    client.connect(addr, ECDSA);
 }
 
 #[test]
@@ -147,7 +150,7 @@ fn test_handshake_client_authentication_rsa() {
         Some(String::from("../../tests/tls/ca/ca_cert.pem")),
         SslVerifyMode::PEER,
     );
-    client.connect(addr);
+    client.connect(addr, RSA);
 }
 
 #[test]
@@ -169,7 +172,7 @@ fn test_handshake_client_authentication_ecdsa() {
         Some(String::from("../../tests/tls/ca/ca_cert.pem")),
         SslVerifyMode::PEER,
     );
-    client.connect(addr);
+    client.connect(addr, ECDSA);
 }
 
 #[should_panic]
@@ -192,7 +195,7 @@ fn test_handshake_client_authentication_with_fake_ca() {
         Some(String::from("../../tests/tls/fake_ca/ca_cert.pem")),
         SslVerifyMode::PEER,
     );
-    client.connect(addr);
+    client.connect(addr, RSA);
 }
 
 // This is a negative test case. When a client is configured with a wrong certificate for a private
@@ -203,6 +206,7 @@ fn test_client_with_mismatched_rsa_key_and_certificate() {
     check_mismatched_key_certificate(
         String::from("PARSEC_TEST_RSA_KEY"),
         String::from("../../tests/tls/fake_client/parsec_rsa.pem"),
+        RSA,
     );
 }
 
@@ -214,5 +218,6 @@ fn test_client_with_mismatched_ecdsa_key_and_certificate() {
     check_mismatched_key_certificate(
         String::from("PARSEC_TEST_ECDSA_KEY"),
         String::from("../../tests/tls/fake_client/parsec_ecdsa.pem"),
+        ECDSA,
     );
 }
