add a test that uses EC p256 keys
```
$ openssl ecparam -genkey -name prime256v1 -noout -out ec256-key-pair.pem
$ openssl ec -in ec256-key-pair.pem -pubout -out ec256-pub.pem
```
diff --git a/t/assets/ec256-key-pair.pem b/t/assets/ec256-key-pair.pem
new file mode 100644
index 0000000..ce786ed
--- /dev/null
+++ b/t/assets/ec256-key-pair.pem
@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIBswGBU5+SsrFYQupnJ/GVf1bYhBEmJiBpxLL4jXZRrpoAoGCCqGSM49
+AwEHoUQDQgAEWF0BvlHl/ZVaoApefcN5+emI6cjSDbR3aP843VWgMLfxNqvmWut0
+KsoRQC2OHJ+Z8HoLZcNnA7Mc3/ypHSUqrw==
+-----END EC PRIVATE KEY-----
diff --git a/t/assets/ec256-pub.pem b/t/assets/ec256-pub.pem
new file mode 100644
index 0000000..76a3396
--- /dev/null
+++ b/t/assets/ec256-pub.pem
@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEWF0BvlHl/ZVaoApefcN5+emI6cjS
+DbR3aP843VWgMLfxNqvmWut0KsoRQC2OHJ+Z8HoLZcNnA7Mc3/ypHSUqrw==
+-----END PUBLIC KEY-----
diff --git a/t/e2e.t b/t/e2e.t
index 10d2ce6..e6a4ff9 100755
--- a/t/e2e.t
+++ b/t/e2e.t
@@ -16,7 +16,7 @@
my $tempdir = tempdir(CLEANUP => 1);
subtest "hello" => sub {
- my $guard = spawn_server(qw(-i t/assets/hello.txt));
+ my $guard = spawn_server("rsa", qw(-i t/assets/hello.txt));
subtest "full-handshake" => sub {
my $resp = `$cli 127.0.0.1 $port 2> /dev/null`;
is $resp, "hello";
@@ -35,7 +35,7 @@
subtest "success" => sub {
plan skip_all => "faketime not found"
unless system("which faketime > /dev/null 2>&1") == 0;
- my $guard = spawn_server(qw(-i t/assets/hello.txt -l), "$tempdir/events");
+ my $guard = spawn_server("rsa", qw(-i t/assets/hello.txt -l), "$tempdir/events");
my $resp = `$cli -s $tempdir/session 127.0.0.1 $port`;
is $resp, "hello";
$resp = `$cli -e -s $tempdir/session 127.0.0.1 $port`;
@@ -63,26 +63,41 @@
subtest "certificate-compression" => sub {
plan skip_all => "feature disabled"
unless system("$cli -b -h > /dev/null 2>&1") == 0;
- my $guard = spawn_server(qw(-i t/assets/hello.txt -b));
+ my $guard = spawn_server("rsa", qw(-i t/assets/hello.txt -b));
my $resp = `$cli 127.0.0.1 $port 2> /dev/null`;
is $resp, "hello";
$resp = `$cli -b 127.0.0.1 $port 2> /dev/null`;
is $resp, "hello";
};
-subtest "raw-certificates" => sub {
- my $guard = spawn_server(qw(-r - -i t/assets/hello.txt));
+subtest "raw-certificates-rsa" => sub {
+ my $guard = spawn_server("rsa", qw(-r - -i t/assets/hello.txt));
my $resp = `$cli -v -r t/assets/server.pub 127.0.0.1 $port 2> /dev/null`;
is $resp, "hello";
};
+subtest "raw-certificates-ec" => sub {
+ my $guard = spawn_server("ec", qw(-r - -i t/assets/hello.txt));
+ my $resp = `$cli -v -r t/assets/ec256-pub.pem 127.0.0.1 $port 2> /dev/null`;
+ is $resp, "hello";
+};
+
+
done_testing;
sub spawn_server {
- my $ext = "crt";
- $ext = "pub" if (grep(/^-r$/, @_));
- my @cmd = ($cli, "-k", "t/assets/server.key", "-c", "t/assets/server.$ext", @_, "127.0.0.1", $port);
+ my $key_type = shift;
+ my @cmd;
+ if ($key_type eq "rsa") {
+ my $ext = "crt";
+ $ext = "pub" if (grep(/^-r$/, @_));
+ @cmd = ($cli, "-k", "t/assets/server.key", "-c", "t/assets/server.$ext", @_, "127.0.0.1", $port);
+ } elsif ($key_type eq "ec") {
+ @cmd = ($cli, "-k", "t/assets/ec256-key-pair.pem", "-c", "t/assets/ec256-pub.pem", @_, "127.0.0.1", $port);
+ } else {
+ die "Unexpected key type: $key_type";
+ }
my $pid = fork;
die "fork failed:$!"
unless defined $pid;
