ssl-opt.sh (715053B)
1 #!/bin/sh 2 3 # ssl-opt.sh 4 # 5 # Copyright The Mbed TLS Contributors 6 # SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 7 # 8 # Purpose 9 # 10 # Executes tests to prove various TLS/SSL options and extensions. 11 # 12 # The goal is not to cover every ciphersuite/version, but instead to cover 13 # specific options (max fragment length, truncated hmac, etc) or procedures 14 # (session resumption from cache or ticket, renego, etc). 15 # 16 # The tests assume a build with default options, with exceptions expressed 17 # with a dependency. The tests focus on functionality and do not consider 18 # performance. 19 # 20 21 set -u 22 23 # Limit the size of each log to 10 GiB, in case of failures with this script 24 # where it may output seemingly unlimited length error logs. 25 ulimit -f 20971520 26 27 ORIGINAL_PWD=$PWD 28 if ! cd "$(dirname "$0")"; then 29 exit 125 30 fi 31 32 DATA_FILES_PATH=../framework/data_files 33 34 # default values, can be overridden by the environment 35 : ${P_SRV:=../programs/ssl/ssl_server2} 36 : ${P_CLI:=../programs/ssl/ssl_client2} 37 : ${P_PXY:=../programs/test/udp_proxy} 38 : ${P_QUERY:=../programs/test/query_compile_time_config} 39 : ${OPENSSL:=openssl} 40 : ${GNUTLS_CLI:=gnutls-cli} 41 : ${GNUTLS_SERV:=gnutls-serv} 42 : ${PERL:=perl} 43 44 # The OPENSSL variable used to be OPENSSL_CMD for historical reasons. 45 # To help the migration, error out if the old variable is set, 46 # but only if it has a different value than the new one. 47 if [ "${OPENSSL_CMD+set}" = set ]; then 48 # the variable is set, we can now check its value 49 if [ "$OPENSSL_CMD" != "$OPENSSL" ]; then 50 echo "Please use OPENSSL instead of OPENSSL_CMD." >&2 51 exit 125 52 fi 53 fi 54 55 guess_config_name() { 56 if git diff --quiet ../include/mbedtls/mbedtls_config.h 2>/dev/null; then 57 echo "default" 58 else 59 echo "unknown" 60 fi 61 } 62 : ${MBEDTLS_TEST_OUTCOME_FILE=} 63 : ${MBEDTLS_TEST_CONFIGURATION:="$(guess_config_name)"} 64 : ${MBEDTLS_TEST_PLATFORM:="$(uname -s | tr -c \\n0-9A-Za-z _)-$(uname -m | tr -c \\n0-9A-Za-z _)"} 65 : ${EARLY_DATA_INPUT:="$DATA_FILES_PATH/tls13_early_data.txt"} 66 67 O_SRV="$OPENSSL s_server -www -cert $DATA_FILES_PATH/server5.crt -key $DATA_FILES_PATH/server5.key" 68 O_CLI="echo 'GET / HTTP/1.0' | $OPENSSL s_client" 69 G_SRV="$GNUTLS_SERV --x509certfile $DATA_FILES_PATH/server5.crt --x509keyfile $DATA_FILES_PATH/server5.key" 70 G_CLI="echo 'GET / HTTP/1.0' | $GNUTLS_CLI --x509cafile $DATA_FILES_PATH/test-ca_cat12.crt" 71 72 # alternative versions of OpenSSL and GnuTLS (no default path) 73 74 # If $OPENSSL is at least 1.1.1, use it as OPENSSL_NEXT as well. 75 if [ -z "${OPENSSL_NEXT:-}" ]; then 76 case $($OPENSSL version) in 77 OpenSSL\ 1.1.[1-9]*) OPENSSL_NEXT=$OPENSSL;; 78 OpenSSL\ [3-9]*) OPENSSL_NEXT=$OPENSSL;; 79 esac 80 fi 81 82 # If $GNUTLS_CLI is at least 3.7, use it as GNUTLS_NEXT_CLI as well. 83 if [ -z "${GNUTLS_NEXT_CLI:-}" ]; then 84 case $($GNUTLS_CLI --version) in 85 gnutls-cli\ 3.[1-9][0-9]*) GNUTLS_NEXT_CLI=$GNUTLS_CLI;; 86 gnutls-cli\ 3.[7-9].*) GNUTLS_NEXT_CLI=$GNUTLS_CLI;; 87 gnutls-cli\ [4-9]*) GNUTLS_NEXT_CLI=$GNUTLS_CLI;; 88 esac 89 fi 90 91 # If $GNUTLS_SERV is at least 3.7, use it as GNUTLS_NEXT_SERV as well. 92 if [ -z "${GNUTLS_NEXT_SERV:-}" ]; then 93 case $($GNUTLS_SERV --version) in 94 gnutls-cli\ 3.[1-9][0-9]*) GNUTLS_NEXT_SERV=$GNUTLS_SERV;; 95 gnutls-cli\ 3.[7-9].*) GNUTLS_NEXT_SERV=$GNUTLS_SERV;; 96 gnutls-cli\ [4-9]*) GNUTLS_NEXT_SERV=$GNUTLS_SERV;; 97 esac 98 fi 99 100 if [ -n "${OPENSSL_NEXT:-}" ]; then 101 O_NEXT_SRV="$OPENSSL_NEXT s_server -www -cert $DATA_FILES_PATH/server5.crt -key $DATA_FILES_PATH/server5.key" 102 O_NEXT_SRV_EARLY_DATA="$OPENSSL_NEXT s_server -early_data -cert $DATA_FILES_PATH/server5.crt -key $DATA_FILES_PATH/server5.key" 103 O_NEXT_SRV_NO_CERT="$OPENSSL_NEXT s_server -www " 104 O_NEXT_CLI="echo 'GET / HTTP/1.0' | $OPENSSL_NEXT s_client -CAfile $DATA_FILES_PATH/test-ca_cat12.crt" 105 O_NEXT_CLI_NO_CERT="echo 'GET / HTTP/1.0' | $OPENSSL_NEXT s_client" 106 O_NEXT_CLI_RENEGOTIATE="echo 'R' | $OPENSSL_NEXT s_client -cert $DATA_FILES_PATH/server5.crt -key $DATA_FILES_PATH/server5.key" 107 else 108 O_NEXT_SRV=false 109 O_NEXT_SRV_NO_CERT=false 110 O_NEXT_SRV_EARLY_DATA=false 111 O_NEXT_CLI_NO_CERT=false 112 O_NEXT_CLI=false 113 O_NEXT_CLI_RENEGOTIATE=false 114 fi 115 116 if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then 117 G_NEXT_SRV="$GNUTLS_NEXT_SERV --x509certfile $DATA_FILES_PATH/server5.crt --x509keyfile $DATA_FILES_PATH/server5.key" 118 G_NEXT_SRV_NO_CERT="$GNUTLS_NEXT_SERV" 119 else 120 G_NEXT_SRV=false 121 G_NEXT_SRV_NO_CERT=false 122 fi 123 124 if [ -n "${GNUTLS_NEXT_CLI:-}" ]; then 125 G_NEXT_CLI="echo 'GET / HTTP/1.0' | $GNUTLS_NEXT_CLI --x509cafile $DATA_FILES_PATH/test-ca_cat12.crt" 126 G_NEXT_CLI_NO_CERT="echo 'GET / HTTP/1.0' | $GNUTLS_NEXT_CLI" 127 else 128 G_NEXT_CLI=false 129 G_NEXT_CLI_NO_CERT=false 130 fi 131 132 TESTS=0 133 FAILS=0 134 SKIPS=0 135 136 CONFIG_H='../include/mbedtls/mbedtls_config.h' 137 138 MEMCHECK=0 139 FILTER='.*' 140 EXCLUDE='^$' 141 142 SHOW_TEST_NUMBER=0 143 LIST_TESTS=0 144 RUN_TEST_NUMBER='' 145 RUN_TEST_SUITE='' 146 147 MIN_TESTS=1 148 PRESERVE_LOGS=0 149 150 # Pick a "unique" server port in the range 10000-19999, and a proxy 151 # port which is this plus 10000. Each port number may be independently 152 # overridden by a command line option. 153 SRV_PORT=$(($$ % 10000 + 10000)) 154 PXY_PORT=$((SRV_PORT + 10000)) 155 156 print_usage() { 157 echo "Usage: $0 [options]" 158 printf " -h|--help\tPrint this help.\n" 159 printf " -m|--memcheck\tCheck memory leaks and errors.\n" 160 printf " -f|--filter\tOnly matching tests are executed (substring or BRE)\n" 161 printf " -e|--exclude\tMatching tests are excluded (substring or BRE)\n" 162 printf " -n|--number\tExecute only numbered test (comma-separated, e.g. '245,256')\n" 163 printf " -s|--show-numbers\tShow test numbers in front of test names\n" 164 printf " -p|--preserve-logs\tPreserve logs of successful tests as well\n" 165 printf " --list-test-cases\tList all potential test cases (No Execution)\n" 166 printf " --min \tMinimum number of non-skipped tests (default 1)\n" 167 printf " --outcome-file\tFile where test outcomes are written\n" 168 printf " \t(default: \$MBEDTLS_TEST_OUTCOME_FILE, none if empty)\n" 169 printf " --port \tTCP/UDP port (default: randomish 1xxxx)\n" 170 printf " --proxy-port\tTCP/UDP proxy port (default: randomish 2xxxx)\n" 171 printf " --seed \tInteger seed value to use for this test run\n" 172 printf " --test-suite\tOnly matching test suites are executed\n" 173 printf " \t(comma-separated, e.g. 'ssl-opt,tls13-compat')\n\n" 174 } 175 176 get_options() { 177 while [ $# -gt 0 ]; do 178 case "$1" in 179 -f|--filter) 180 shift; FILTER=$1 181 ;; 182 -e|--exclude) 183 shift; EXCLUDE=$1 184 ;; 185 -m|--memcheck) 186 MEMCHECK=1 187 ;; 188 -n|--number) 189 shift; RUN_TEST_NUMBER=$1 190 ;; 191 -s|--show-numbers) 192 SHOW_TEST_NUMBER=1 193 ;; 194 -l|--list-test-cases) 195 LIST_TESTS=1 196 ;; 197 -p|--preserve-logs) 198 PRESERVE_LOGS=1 199 ;; 200 --min) 201 shift; MIN_TESTS=$1 202 ;; 203 --outcome-file) 204 shift; MBEDTLS_TEST_OUTCOME_FILE=$1 205 ;; 206 --port) 207 shift; SRV_PORT=$1 208 ;; 209 --proxy-port) 210 shift; PXY_PORT=$1 211 ;; 212 --seed) 213 shift; SEED="$1" 214 ;; 215 --test-suite) 216 shift; RUN_TEST_SUITE="$1" 217 ;; 218 -h|--help) 219 print_usage 220 exit 0 221 ;; 222 *) 223 echo "Unknown argument: '$1'" 224 print_usage 225 exit 1 226 ;; 227 esac 228 shift 229 done 230 } 231 232 get_options "$@" 233 234 # Read boolean configuration options from mbedtls_config.h for easy and quick 235 # testing. Skip non-boolean options (with something other than spaces 236 # and a comment after "#define SYMBOL"). The variable contains a 237 # space-separated list of symbols. 238 if [ "$LIST_TESTS" -eq 0 ];then 239 CONFIGS_ENABLED=" $(echo `$P_QUERY -l` )" 240 else 241 P_QUERY=":" 242 CONFIGS_ENABLED="" 243 fi 244 # Skip next test; use this macro to skip tests which are legitimate 245 # in theory and expected to be re-introduced at some point, but 246 # aren't expected to succeed at the moment due to problems outside 247 # our control (such as bugs in other TLS implementations). 248 skip_next_test() { 249 SKIP_NEXT="YES" 250 } 251 252 # Check if the required configuration ($1) is enabled 253 is_config_enabled() 254 { 255 case $CONFIGS_ENABLED in 256 *" $1"[\ =]*) return 0;; 257 *) return 1;; 258 esac 259 } 260 261 # skip next test if the flag is not enabled in mbedtls_config.h 262 requires_config_enabled() { 263 case $CONFIGS_ENABLED in 264 *" $1"[\ =]*) :;; 265 *) SKIP_NEXT="YES";; 266 esac 267 } 268 269 # skip next test if the flag is enabled in mbedtls_config.h 270 requires_config_disabled() { 271 case $CONFIGS_ENABLED in 272 *" $1"[\ =]*) SKIP_NEXT="YES";; 273 esac 274 } 275 276 requires_all_configs_enabled() { 277 for x in "$@"; do 278 if ! is_config_enabled "$x"; then 279 SKIP_NEXT="YES" 280 return 281 fi 282 done 283 } 284 285 requires_all_configs_disabled() { 286 for x in "$@"; do 287 if is_config_enabled "$x"; then 288 SKIP_NEXT="YES" 289 return 290 fi 291 done 292 } 293 294 requires_any_configs_enabled() { 295 for x in "$@"; do 296 if is_config_enabled "$x"; then 297 return 298 fi 299 done 300 SKIP_NEXT="YES" 301 } 302 303 requires_any_configs_disabled() { 304 for x in "$@"; do 305 if ! is_config_enabled "$x"; then 306 return 307 fi 308 done 309 SKIP_NEXT="YES" 310 } 311 312 TLS1_2_KEY_EXCHANGES_WITH_CERT="MBEDTLS_KEY_EXCHANGE_RSA_ENABLED \ 313 MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED \ 314 MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \ 315 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED \ 316 MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \ 317 MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED \ 318 MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED" 319 320 TLS1_2_KEY_EXCHANGES_WITH_ECDSA_CERT="MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED \ 321 MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED" 322 323 TLS1_2_KEY_EXCHANGES_WITH_CERT_WO_ECDH="MBEDTLS_KEY_EXCHANGE_RSA_ENABLED \ 324 MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED \ 325 MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \ 326 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED \ 327 MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED" 328 329 requires_certificate_authentication () { 330 if is_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 331 then 332 # TLS 1.3 is negotiated by default, so check whether it supports 333 # certificate-based authentication. 334 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 335 else # Only TLS 1.2 is enabled. 336 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 337 fi 338 } 339 340 get_config_value_or_default() { 341 # This function uses the query_config command line option to query the 342 # required Mbed TLS compile time configuration from the ssl_server2 343 # program. The command will always return a success value if the 344 # configuration is defined and the value will be printed to stdout. 345 # 346 # Note that if the configuration is not defined or is defined to nothing, 347 # the output of this function will be an empty string. 348 if [ "$LIST_TESTS" -eq 0 ];then 349 ${P_SRV} "query_config=${1}" 350 else 351 echo "1" 352 fi 353 354 } 355 356 requires_config_value_at_least() { 357 VAL="$( get_config_value_or_default "$1" )" 358 if [ -z "$VAL" ]; then 359 # Should never happen 360 echo "Mbed TLS configuration $1 is not defined" 361 exit 1 362 elif [ "$VAL" -lt "$2" ]; then 363 SKIP_NEXT="YES" 364 fi 365 } 366 367 requires_config_value_at_most() { 368 VAL=$( get_config_value_or_default "$1" ) 369 if [ -z "$VAL" ]; then 370 # Should never happen 371 echo "Mbed TLS configuration $1 is not defined" 372 exit 1 373 elif [ "$VAL" -gt "$2" ]; then 374 SKIP_NEXT="YES" 375 fi 376 } 377 378 requires_config_value_equals() { 379 VAL=$( get_config_value_or_default "$1" ) 380 if [ -z "$VAL" ]; then 381 # Should never happen 382 echo "Mbed TLS configuration $1 is not defined" 383 exit 1 384 elif [ "$VAL" -ne "$2" ]; then 385 SKIP_NEXT="YES" 386 fi 387 } 388 389 # Require Mbed TLS to support the given protocol version. 390 # 391 # Inputs: 392 # * $1: protocol version in mbedtls syntax (argument to force_version=) 393 requires_protocol_version() { 394 # Support for DTLS is detected separately in detect_dtls(). 395 case "$1" in 396 tls12|dtls12) requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2;; 397 tls13|dtls13) requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3;; 398 *) echo "Unknown required protocol version: $1"; exit 1;; 399 esac 400 } 401 402 # Space-separated list of ciphersuites supported by this build of 403 # Mbed TLS. 404 P_CIPHERSUITES="" 405 if [ "$LIST_TESTS" -eq 0 ]; then 406 P_CIPHERSUITES=" $($P_CLI help_ciphersuites 2>/dev/null | 407 grep 'TLS-\|TLS1-3' | 408 tr -s ' \n' ' ')" 409 410 if [ -z "${P_CIPHERSUITES# }" ]; then 411 echo >&2 "$0: fatal error: no cipher suites found!" 412 exit 125 413 fi 414 fi 415 416 requires_ciphersuite_enabled() { 417 case $P_CIPHERSUITES in 418 *" $1 "*) :;; 419 *) SKIP_NEXT="YES";; 420 esac 421 } 422 423 requires_cipher_enabled() { 424 KEY_TYPE=$1 425 MODE=${2:-} 426 if is_config_enabled MBEDTLS_USE_PSA_CRYPTO; then 427 case "$KEY_TYPE" in 428 CHACHA20) 429 requires_config_enabled PSA_WANT_ALG_CHACHA20_POLY1305 430 requires_config_enabled PSA_WANT_KEY_TYPE_CHACHA20 431 ;; 432 *) 433 requires_config_enabled PSA_WANT_ALG_${MODE} 434 requires_config_enabled PSA_WANT_KEY_TYPE_${KEY_TYPE} 435 ;; 436 esac 437 else 438 case "$KEY_TYPE" in 439 CHACHA20) 440 requires_config_enabled MBEDTLS_CHACHA20_C 441 requires_config_enabled MBEDTLS_CHACHAPOLY_C 442 ;; 443 *) 444 requires_config_enabled MBEDTLS_${MODE}_C 445 requires_config_enabled MBEDTLS_${KEY_TYPE}_C 446 ;; 447 esac 448 fi 449 } 450 451 # Automatically detect required features based on command line parameters. 452 # Parameters are: 453 # - $1 = command line (call to a TLS client or server program) 454 # - $2 = client/server 455 # - $3 = TLS version (TLS12 or TLS13) 456 # - $4 = Use an external tool without ECDH support 457 # - $5 = run test options 458 detect_required_features() { 459 CMD_LINE=$1 460 ROLE=$2 461 TLS_VERSION=$3 462 EXT_WO_ECDH=$4 463 TEST_OPTIONS=${5:-} 464 465 case "$CMD_LINE" in 466 *\ force_version=*) 467 tmp="${CMD_LINE##*\ force_version=}" 468 tmp="${tmp%%[!-0-9A-Z_a-z]*}" 469 requires_protocol_version "$tmp";; 470 esac 471 472 case "$CMD_LINE" in 473 *\ force_ciphersuite=*) 474 tmp="${CMD_LINE##*\ force_ciphersuite=}" 475 tmp="${tmp%%[!-0-9A-Z_a-z]*}" 476 requires_ciphersuite_enabled "$tmp";; 477 esac 478 479 case " $CMD_LINE " in 480 *[-_\ =]tickets=[^0]*) 481 requires_config_enabled MBEDTLS_SSL_TICKET_C;; 482 esac 483 case " $CMD_LINE " in 484 *[-_\ =]alpn=*) 485 requires_config_enabled MBEDTLS_SSL_ALPN;; 486 esac 487 488 case " $CMD_LINE " in 489 *\ auth_mode=*|*[-_\ =]crt[_=]*) 490 # The test case involves certificates (crt), or a relevant 491 # aspect of it is the (certificate-based) authentication mode. 492 requires_certificate_authentication;; 493 esac 494 495 case " $CMD_LINE " in 496 *\ ca_callback=1\ *) 497 requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK;; 498 esac 499 500 case " $CMD_LINE " in 501 *"programs/ssl/dtls_client "*|\ 502 *"programs/ssl/ssl_client1 "*) 503 requires_config_enabled MBEDTLS_CTR_DRBG_C 504 requires_config_enabled MBEDTLS_ENTROPY_C 505 requires_config_enabled MBEDTLS_PEM_PARSE_C 506 requires_config_enabled MBEDTLS_SSL_CLI_C 507 requires_certificate_authentication 508 ;; 509 *"programs/ssl/dtls_server "*|\ 510 *"programs/ssl/ssl_fork_server "*|\ 511 *"programs/ssl/ssl_pthread_server "*|\ 512 *"programs/ssl/ssl_server "*) 513 requires_config_enabled MBEDTLS_CTR_DRBG_C 514 requires_config_enabled MBEDTLS_ENTROPY_C 515 requires_config_enabled MBEDTLS_PEM_PARSE_C 516 requires_config_enabled MBEDTLS_SSL_SRV_C 517 requires_certificate_authentication 518 # The actual minimum depends on the configuration since it's 519 # mostly about the certificate size. 520 # In config-suite-b.h, for the test certificates (server5.crt), 521 # 1024 is not enough. 522 requires_config_value_at_least MBEDTLS_SSL_OUT_CONTENT_LEN 2000 523 ;; 524 esac 525 526 case " $CMD_LINE " in 527 *"programs/ssl/ssl_pthread_server "*) 528 requires_config_enabled MBEDTLS_THREADING_PTHREAD;; 529 esac 530 531 case "$CMD_LINE" in 532 *[-_\ =]psk*|*[-_\ =]PSK*) :;; # No certificate requirement with PSK 533 */server5*|\ 534 */server7*|\ 535 */dir-maxpath*) 536 requires_certificate_authentication 537 if [ "$TLS_VERSION" = "TLS13" ]; then 538 # In case of TLS13 the support for ECDSA is enough 539 requires_pk_alg "ECDSA" 540 else 541 # For TLS12 requirements are different between server and client 542 if [ "$ROLE" = "server" ]; then 543 # If the server uses "server5*" certificates, then an ECDSA based 544 # key exchange is required. However gnutls also does not 545 # support ECDH, so this limit the choice to ECDHE-ECDSA 546 if [ "$EXT_WO_ECDH" = "yes" ]; then 547 requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED 548 else 549 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_ECDSA_CERT 550 fi 551 elif [ "$ROLE" = "client" ]; then 552 # On the client side it is enough to have any certificate 553 # based authentication together with support for ECDSA. 554 # Of course the GnuTLS limitation mentioned above applies 555 # also here. 556 if [ "$EXT_WO_ECDH" = "yes" ]; then 557 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT_WO_ECDH 558 else 559 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 560 fi 561 requires_pk_alg "ECDSA" 562 fi 563 fi 564 ;; 565 esac 566 567 case "$CMD_LINE" in 568 *[-_\ =]psk*|*[-_\ =]PSK*) :;; # No certificate requirement with PSK 569 */server1*|\ 570 */server2*|\ 571 */server7*) 572 requires_certificate_authentication 573 # Certificates with an RSA key. The algorithm requirement is 574 # some subset of {PKCS#1v1.5 encryption, PKCS#1v1.5 signature, 575 # PSS signature}. We can't easily tell which subset works, and 576 # we aren't currently running ssl-opt.sh in configurations 577 # where partial RSA support is a problem, so generically, we 578 # just require RSA and it works out for our tests so far. 579 requires_config_enabled "MBEDTLS_RSA_C" 580 esac 581 582 unset tmp 583 } 584 585 adapt_cmd_for_psk () { 586 case "$2" in 587 *openssl*s_server*) s='-psk 73776f726466697368 -nocert';; 588 *openssl*) s='-psk 73776f726466697368';; 589 *gnutls-cli*) s='--pskusername=Client_identity --pskkey=73776f726466697368';; 590 *gnutls-serv*) s='--pskpasswd=../framework/data_files/simplepass.psk';; 591 *) s='psk=73776f726466697368';; 592 esac 593 eval $1='"$2 $s"' 594 unset s 595 } 596 597 # maybe_adapt_for_psk [RUN_TEST_OPTION...] 598 # If running in a PSK-only build, maybe adapt the test to use a pre-shared key. 599 # 600 # If not running in a PSK-only build, do nothing. 601 # If the test looks like it doesn't use a pre-shared key but can run with a 602 # pre-shared key, pass a pre-shared key. If the test looks like it can't run 603 # with a pre-shared key, skip it. If the test looks like it's already using 604 # a pre-shared key, do nothing. 605 # 606 # This code does not consider builds with ECDHE-PSK or RSA-PSK. 607 # 608 # Inputs: 609 # * $CLI_CMD, $SRV_CMD, $PXY_CMD: client/server/proxy commands. 610 # * $PSK_ONLY: YES if running in a PSK-only build (no asymmetric key exchanges). 611 # * "$@": options passed to run_test. 612 # 613 # Outputs: 614 # * $CLI_CMD, $SRV_CMD: may be modified to add PSK-relevant arguments. 615 # * $SKIP_NEXT: set to YES if the test can't run with PSK. 616 maybe_adapt_for_psk() { 617 if [ "$PSK_ONLY" != "YES" ]; then 618 return 619 fi 620 if [ "$SKIP_NEXT" = "YES" ]; then 621 return 622 fi 623 case "$CLI_CMD $SRV_CMD" in 624 *[-_\ =]psk*|*[-_\ =]PSK*) 625 return;; 626 *force_ciphersuite*) 627 # The test case forces a non-PSK cipher suite. In some cases, a 628 # PSK cipher suite could be substituted, but we're not ready for 629 # that yet. 630 SKIP_NEXT="YES" 631 return;; 632 *\ auth_mode=*|*[-_\ =]crt[_=]*) 633 # The test case involves certificates. PSK won't do. 634 SKIP_NEXT="YES" 635 return;; 636 esac 637 adapt_cmd_for_psk CLI_CMD "$CLI_CMD" 638 adapt_cmd_for_psk SRV_CMD "$SRV_CMD" 639 } 640 641 # PSK_PRESENT="YES" if at least one protocol versions supports at least 642 # one PSK key exchange mode. 643 PSK_PRESENT="NO" 644 # PSK_ONLY="YES" if all the available key exchange modes are PSK-based 645 # (pure-PSK or PSK-ephemeral, possibly both). 646 PSK_ONLY="" 647 for c in $CONFIGS_ENABLED; do 648 case $c in 649 MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) PSK_PRESENT="YES";; 650 MBEDTLS_KEY_EXCHANGE_*_PSK_ENABLED) PSK_PRESENT="YES";; 651 MBEDTLS_KEY_EXCHANGE_*_ENABLED) PSK_ONLY="NO";; 652 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED) PSK_PRESENT="YES";; 653 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_*_ENABLED) PSK_PRESENT="YES";; 654 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_*_ENABLED) PSK_ONLY="NO";; 655 esac 656 done 657 # At this stage, $PSK_ONLY is empty if we haven't detected a non-PSK 658 # key exchange, i.e. if we're in a PSK-only build or a build with no 659 # key exchanges at all. We avoid triggering PSK-only adaptation code in 660 # the edge case of no key exchanges. 661 : ${PSK_ONLY:=$PSK_PRESENT} 662 unset c 663 664 HAS_ALG_MD5="NO" 665 HAS_ALG_SHA_1="NO" 666 HAS_ALG_SHA_224="NO" 667 HAS_ALG_SHA_256="NO" 668 HAS_ALG_SHA_384="NO" 669 HAS_ALG_SHA_512="NO" 670 671 check_for_hash_alg() 672 { 673 CURR_ALG="INVALID"; 674 USE_PSA="NO" 675 if is_config_enabled "MBEDTLS_USE_PSA_CRYPTO"; then 676 USE_PSA="YES"; 677 fi 678 if [ $USE_PSA = "YES" ]; then 679 CURR_ALG=PSA_WANT_ALG_${1} 680 else 681 CURR_ALG=MBEDTLS_${1}_C 682 # Remove the second underscore to match MBEDTLS_* naming convention 683 # MD5 is an exception to this convention 684 if [ "${1}" != "MD5" ]; then 685 CURR_ALG=$(echo "$CURR_ALG" | sed 's/_//2') 686 fi 687 fi 688 689 case $CONFIGS_ENABLED in 690 *" $CURR_ALG"[\ =]*) 691 return 0 692 ;; 693 *) :;; 694 esac 695 return 1 696 } 697 698 populate_enabled_hash_algs() 699 { 700 for hash_alg in SHA_1 SHA_224 SHA_256 SHA_384 SHA_512 MD5; do 701 if check_for_hash_alg "$hash_alg"; then 702 hash_alg_variable=HAS_ALG_${hash_alg} 703 eval ${hash_alg_variable}=YES 704 fi 705 done 706 } 707 708 # skip next test if the given hash alg is not supported 709 requires_hash_alg() { 710 HASH_DEFINE="Invalid" 711 HAS_HASH_ALG="NO" 712 case $1 in 713 MD5):;; 714 SHA_1):;; 715 SHA_224):;; 716 SHA_256):;; 717 SHA_384):;; 718 SHA_512):;; 719 *) 720 echo "Unsupported hash alg - $1" 721 exit 1 722 ;; 723 esac 724 725 HASH_DEFINE=HAS_ALG_${1} 726 eval "HAS_HASH_ALG=\${${HASH_DEFINE}}" 727 if [ "$HAS_HASH_ALG" = "NO" ] 728 then 729 SKIP_NEXT="YES" 730 fi 731 } 732 733 # Skip next test if the given pk alg is not enabled 734 requires_pk_alg() { 735 case $1 in 736 ECDSA) 737 if is_config_enabled MBEDTLS_USE_PSA_CRYPTO; then 738 requires_config_enabled PSA_WANT_ALG_ECDSA 739 else 740 requires_config_enabled MBEDTLS_ECDSA_C 741 fi 742 ;; 743 *) 744 echo "Unknown/unimplemented case $1 in requires_pk_alg" 745 exit 1 746 ;; 747 esac 748 } 749 750 # skip next test if OpenSSL doesn't support FALLBACK_SCSV 751 requires_openssl_with_fallback_scsv() { 752 if [ -z "${OPENSSL_HAS_FBSCSV:-}" ]; then 753 if $OPENSSL s_client -help 2>&1 | grep fallback_scsv >/dev/null 754 then 755 OPENSSL_HAS_FBSCSV="YES" 756 else 757 OPENSSL_HAS_FBSCSV="NO" 758 fi 759 fi 760 if [ "$OPENSSL_HAS_FBSCSV" = "NO" ]; then 761 SKIP_NEXT="YES" 762 fi 763 } 764 765 # skip next test if either IN_CONTENT_LEN or MAX_CONTENT_LEN are below a value 766 requires_max_content_len() { 767 requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" $1 768 requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" $1 769 } 770 771 # skip next test if GnuTLS isn't available 772 requires_gnutls() { 773 if [ -z "${GNUTLS_AVAILABLE:-}" ]; then 774 if ( which "$GNUTLS_CLI" && which "$GNUTLS_SERV" ) >/dev/null 2>&1; then 775 GNUTLS_AVAILABLE="YES" 776 else 777 GNUTLS_AVAILABLE="NO" 778 fi 779 fi 780 if [ "$GNUTLS_AVAILABLE" = "NO" ]; then 781 SKIP_NEXT="YES" 782 fi 783 } 784 785 # skip next test if GnuTLS-next isn't available 786 requires_gnutls_next() { 787 if [ -z "${GNUTLS_NEXT_AVAILABLE:-}" ]; then 788 if ( which "${GNUTLS_NEXT_CLI:-}" && which "${GNUTLS_NEXT_SERV:-}" ) >/dev/null 2>&1; then 789 GNUTLS_NEXT_AVAILABLE="YES" 790 else 791 GNUTLS_NEXT_AVAILABLE="NO" 792 fi 793 fi 794 if [ "$GNUTLS_NEXT_AVAILABLE" = "NO" ]; then 795 SKIP_NEXT="YES" 796 fi 797 } 798 799 requires_openssl_next() { 800 if [ -z "${OPENSSL_NEXT_AVAILABLE:-}" ]; then 801 if which "${OPENSSL_NEXT:-}" >/dev/null 2>&1; then 802 OPENSSL_NEXT_AVAILABLE="YES" 803 else 804 OPENSSL_NEXT_AVAILABLE="NO" 805 fi 806 fi 807 if [ "$OPENSSL_NEXT_AVAILABLE" = "NO" ]; then 808 SKIP_NEXT="YES" 809 fi 810 } 811 812 # skip next test if openssl version is lower than 3.0 813 requires_openssl_3_x() { 814 requires_openssl_next 815 if [ "$OPENSSL_NEXT_AVAILABLE" = "NO" ]; then 816 OPENSSL_3_X_AVAILABLE="NO" 817 fi 818 if [ -z "${OPENSSL_3_X_AVAILABLE:-}" ]; then 819 if $OPENSSL_NEXT version 2>&1 | grep "OpenSSL 3." >/dev/null 820 then 821 OPENSSL_3_X_AVAILABLE="YES" 822 else 823 OPENSSL_3_X_AVAILABLE="NO" 824 fi 825 fi 826 if [ "$OPENSSL_3_X_AVAILABLE" = "NO" ]; then 827 SKIP_NEXT="YES" 828 fi 829 } 830 831 # skip next test if openssl does not support ffdh keys 832 requires_openssl_tls1_3_with_ffdh() { 833 requires_openssl_3_x 834 } 835 836 # skip next test if openssl cannot handle ephemeral key exchange 837 requires_openssl_tls1_3_with_compatible_ephemeral() { 838 requires_openssl_next 839 840 if !(is_config_enabled "PSA_WANT_ALG_ECDH"); then 841 requires_openssl_tls1_3_with_ffdh 842 fi 843 } 844 845 # skip next test if tls1_3 is not available 846 requires_openssl_tls1_3() { 847 requires_openssl_next 848 if [ "$OPENSSL_NEXT_AVAILABLE" = "NO" ]; then 849 OPENSSL_TLS1_3_AVAILABLE="NO" 850 fi 851 if [ -z "${OPENSSL_TLS1_3_AVAILABLE:-}" ]; then 852 if $OPENSSL_NEXT s_client -help 2>&1 | grep tls1_3 >/dev/null 853 then 854 OPENSSL_TLS1_3_AVAILABLE="YES" 855 else 856 OPENSSL_TLS1_3_AVAILABLE="NO" 857 fi 858 fi 859 if [ "$OPENSSL_TLS1_3_AVAILABLE" = "NO" ]; then 860 SKIP_NEXT="YES" 861 fi 862 } 863 864 # OpenSSL servers forbid client renegotiation by default since OpenSSL 3.0. 865 # Older versions always allow it and have no command-line option. 866 OPENSSL_S_SERVER_CLIENT_RENEGOTIATION= 867 case $($OPENSSL s_server -help 2>&1) in 868 *-client_renegotiation*) 869 OPENSSL_S_SERVER_CLIENT_RENEGOTIATION=-client_renegotiation;; 870 esac 871 872 # skip next test if tls1_3 is not available 873 requires_gnutls_tls1_3() { 874 requires_gnutls_next 875 if [ "$GNUTLS_NEXT_AVAILABLE" = "NO" ]; then 876 GNUTLS_TLS1_3_AVAILABLE="NO" 877 fi 878 if [ -z "${GNUTLS_TLS1_3_AVAILABLE:-}" ]; then 879 if $GNUTLS_NEXT_CLI -l 2>&1 | grep VERS-TLS1.3 >/dev/null 880 then 881 GNUTLS_TLS1_3_AVAILABLE="YES" 882 else 883 GNUTLS_TLS1_3_AVAILABLE="NO" 884 fi 885 fi 886 if [ "$GNUTLS_TLS1_3_AVAILABLE" = "NO" ]; then 887 SKIP_NEXT="YES" 888 fi 889 } 890 891 # Check %NO_TICKETS option 892 requires_gnutls_next_no_ticket() { 893 requires_gnutls_next 894 if [ "$GNUTLS_NEXT_AVAILABLE" = "NO" ]; then 895 GNUTLS_NO_TICKETS_AVAILABLE="NO" 896 fi 897 if [ -z "${GNUTLS_NO_TICKETS_AVAILABLE:-}" ]; then 898 if $GNUTLS_NEXT_CLI --priority-list 2>&1 | grep NO_TICKETS >/dev/null 899 then 900 GNUTLS_NO_TICKETS_AVAILABLE="YES" 901 else 902 GNUTLS_NO_TICKETS_AVAILABLE="NO" 903 fi 904 fi 905 if [ "$GNUTLS_NO_TICKETS_AVAILABLE" = "NO" ]; then 906 SKIP_NEXT="YES" 907 fi 908 } 909 910 # Check %DISABLE_TLS13_COMPAT_MODE option 911 requires_gnutls_next_disable_tls13_compat() { 912 requires_gnutls_next 913 if [ "$GNUTLS_NEXT_AVAILABLE" = "NO" ]; then 914 GNUTLS_DISABLE_TLS13_COMPAT_MODE_AVAILABLE="NO" 915 fi 916 if [ -z "${GNUTLS_DISABLE_TLS13_COMPAT_MODE_AVAILABLE:-}" ]; then 917 if $GNUTLS_NEXT_CLI --priority-list 2>&1 | grep DISABLE_TLS13_COMPAT_MODE >/dev/null 918 then 919 GNUTLS_DISABLE_TLS13_COMPAT_MODE_AVAILABLE="YES" 920 else 921 GNUTLS_DISABLE_TLS13_COMPAT_MODE_AVAILABLE="NO" 922 fi 923 fi 924 if [ "$GNUTLS_DISABLE_TLS13_COMPAT_MODE_AVAILABLE" = "NO" ]; then 925 SKIP_NEXT="YES" 926 fi 927 } 928 929 # skip next test if GnuTLS does not support the record size limit extension 930 requires_gnutls_record_size_limit() { 931 requires_gnutls_next 932 if [ "$GNUTLS_NEXT_AVAILABLE" = "NO" ]; then 933 GNUTLS_RECORD_SIZE_LIMIT_AVAILABLE="NO" 934 else 935 GNUTLS_RECORD_SIZE_LIMIT_AVAILABLE="YES" 936 fi 937 if [ "$GNUTLS_RECORD_SIZE_LIMIT_AVAILABLE" = "NO" ]; then 938 SKIP_NEXT="YES" 939 fi 940 } 941 942 # skip next test if IPv6 isn't available on this host 943 requires_ipv6() { 944 if [ -z "${HAS_IPV6:-}" ]; then 945 $P_SRV server_addr='::1' > $SRV_OUT 2>&1 & 946 SRV_PID=$! 947 sleep 1 948 kill $SRV_PID >/dev/null 2>&1 949 if grep "NET - Binding of the socket failed" $SRV_OUT >/dev/null; then 950 HAS_IPV6="NO" 951 else 952 HAS_IPV6="YES" 953 fi 954 rm -r $SRV_OUT 955 fi 956 957 if [ "$HAS_IPV6" = "NO" ]; then 958 SKIP_NEXT="YES" 959 fi 960 } 961 962 # skip next test if it's i686 or uname is not available 963 requires_not_i686() { 964 if [ -z "${IS_I686:-}" ]; then 965 IS_I686="YES" 966 if which "uname" >/dev/null 2>&1; then 967 if [ -z "$(uname -a | grep i686)" ]; then 968 IS_I686="NO" 969 fi 970 fi 971 fi 972 if [ "$IS_I686" = "YES" ]; then 973 SKIP_NEXT="YES" 974 fi 975 } 976 977 MAX_CONTENT_LEN=16384 978 MAX_IN_LEN=$( get_config_value_or_default "MBEDTLS_SSL_IN_CONTENT_LEN" ) 979 MAX_OUT_LEN=$( get_config_value_or_default "MBEDTLS_SSL_OUT_CONTENT_LEN" ) 980 if [ "$LIST_TESTS" -eq 0 ];then 981 # Calculate the input & output maximum content lengths set in the config 982 983 # Calculate the maximum content length that fits both 984 if [ "$MAX_IN_LEN" -lt "$MAX_CONTENT_LEN" ]; then 985 MAX_CONTENT_LEN="$MAX_IN_LEN" 986 fi 987 if [ "$MAX_OUT_LEN" -lt "$MAX_CONTENT_LEN" ]; then 988 MAX_CONTENT_LEN="$MAX_OUT_LEN" 989 fi 990 fi 991 # skip the next test if the SSL output buffer is less than 16KB 992 requires_full_size_output_buffer() { 993 if [ "$MAX_OUT_LEN" -ne 16384 ]; then 994 SKIP_NEXT="YES" 995 fi 996 } 997 998 # Skip the next test if called by all.sh in a component with MSan 999 # (which we also call MemSan) or Valgrind. 1000 not_with_msan_or_valgrind() { 1001 case "_${MBEDTLS_TEST_CONFIGURATION:-}_" in 1002 *_msan_*|*_memsan_*|*_valgrind_*) SKIP_NEXT="YES";; 1003 esac 1004 } 1005 1006 # skip the next test if valgrind is in use 1007 not_with_valgrind() { 1008 if [ "$MEMCHECK" -gt 0 ]; then 1009 SKIP_NEXT="YES" 1010 fi 1011 } 1012 1013 # skip the next test if valgrind is NOT in use 1014 only_with_valgrind() { 1015 if [ "$MEMCHECK" -eq 0 ]; then 1016 SKIP_NEXT="YES" 1017 fi 1018 } 1019 1020 # multiply the client timeout delay by the given factor for the next test 1021 client_needs_more_time() { 1022 CLI_DELAY_FACTOR=$1 1023 } 1024 1025 # wait for the given seconds after the client finished in the next test 1026 server_needs_more_time() { 1027 SRV_DELAY_SECONDS=$1 1028 } 1029 1030 # print_name <name> 1031 print_name() { 1032 TESTS=$(( $TESTS + 1 )) 1033 LINE="" 1034 1035 if [ "$SHOW_TEST_NUMBER" -gt 0 ]; then 1036 LINE="$TESTS " 1037 fi 1038 1039 LINE="$LINE$1" 1040 1041 printf "%s " "$LINE" 1042 LEN=$(( 72 - `echo "$LINE" | wc -c` )) 1043 for i in `seq 1 $LEN`; do printf '.'; done 1044 printf ' ' 1045 1046 } 1047 1048 # record_outcome <outcome> [<failure-reason>] 1049 # The test name must be in $NAME. 1050 # Use $TEST_SUITE_NAME as the test suite name if set. 1051 record_outcome() { 1052 echo "$1" 1053 if [ -n "$MBEDTLS_TEST_OUTCOME_FILE" ]; then 1054 printf '%s;%s;%s;%s;%s;%s\n' \ 1055 "$MBEDTLS_TEST_PLATFORM" "$MBEDTLS_TEST_CONFIGURATION" \ 1056 "${TEST_SUITE_NAME:-ssl-opt}" "$NAME" \ 1057 "$1" "${2-}" \ 1058 >>"$MBEDTLS_TEST_OUTCOME_FILE" 1059 fi 1060 } 1061 unset TEST_SUITE_NAME 1062 1063 # True if the presence of the given pattern in a log definitely indicates 1064 # that the test has failed. False if the presence is inconclusive. 1065 # 1066 # Inputs: 1067 # * $1: pattern found in the logs 1068 # * $TIMES_LEFT: >0 if retrying is an option 1069 # 1070 # Outputs: 1071 # * $outcome: set to a retry reason if the pattern is inconclusive, 1072 # unchanged otherwise. 1073 # * Return value: 1 if the pattern is inconclusive, 1074 # 0 if the failure is definitive. 1075 log_pattern_presence_is_conclusive() { 1076 # If we've run out of attempts, then don't retry no matter what. 1077 if [ $TIMES_LEFT -eq 0 ]; then 1078 return 0 1079 fi 1080 case $1 in 1081 "resend") 1082 # An undesired resend may have been caused by the OS dropping or 1083 # delaying a packet at an inopportune time. 1084 outcome="RETRY(resend)" 1085 return 1;; 1086 esac 1087 } 1088 1089 # fail <message> 1090 fail() { 1091 record_outcome "FAIL" "$1" 1092 echo " ! $1" 1093 1094 mv $SRV_OUT o-srv-${TESTS}.log 1095 mv $CLI_OUT o-cli-${TESTS}.log 1096 if [ -n "$PXY_CMD" ]; then 1097 mv $PXY_OUT o-pxy-${TESTS}.log 1098 fi 1099 echo " ! outputs saved to o-XXX-${TESTS}.log" 1100 1101 if [ "${LOG_FAILURE_ON_STDOUT:-0}" != 0 ]; then 1102 echo " ! server output:" 1103 cat o-srv-${TESTS}.log 1104 echo " ! ========================================================" 1105 echo " ! client output:" 1106 cat o-cli-${TESTS}.log 1107 if [ -n "$PXY_CMD" ]; then 1108 echo " ! ========================================================" 1109 echo " ! proxy output:" 1110 cat o-pxy-${TESTS}.log 1111 fi 1112 echo "" 1113 fi 1114 1115 FAILS=$(( $FAILS + 1 )) 1116 } 1117 1118 # is_polar <cmd_line> 1119 is_polar() { 1120 case "$1" in 1121 *ssl_client2*) true;; 1122 *ssl_server2*) true;; 1123 *) false;; 1124 esac 1125 } 1126 1127 # openssl s_server doesn't have -www with DTLS 1128 check_osrv_dtls() { 1129 case "$SRV_CMD" in 1130 *s_server*-dtls*) 1131 NEEDS_INPUT=1 1132 SRV_CMD="$( echo $SRV_CMD | sed s/-www// )";; 1133 *) NEEDS_INPUT=0;; 1134 esac 1135 } 1136 1137 # provide input to commands that need it 1138 provide_input() { 1139 if [ $NEEDS_INPUT -eq 0 ]; then 1140 return 1141 fi 1142 1143 while true; do 1144 echo "HTTP/1.0 200 OK" 1145 sleep 1 1146 done 1147 } 1148 1149 # has_mem_err <log_file_name> 1150 has_mem_err() { 1151 if ( grep -F 'All heap blocks were freed -- no leaks are possible' "$1" && 1152 grep -F 'ERROR SUMMARY: 0 errors from 0 contexts' "$1" ) > /dev/null 1153 then 1154 return 1 # false: does not have errors 1155 else 1156 return 0 # true: has errors 1157 fi 1158 } 1159 1160 # Wait for process $2 named $3 to be listening on port $1. Print error to $4. 1161 if type lsof >/dev/null 2>/dev/null; then 1162 wait_app_start() { 1163 newline=' 1164 ' 1165 START_TIME=$(date +%s) 1166 if [ "$DTLS" -eq 1 ]; then 1167 proto=UDP 1168 else 1169 proto=TCP 1170 fi 1171 # Make a tight loop, server normally takes less than 1s to start. 1172 while true; do 1173 SERVER_PIDS=$(lsof -a -n -b -i "$proto:$1" -t) 1174 # When we use a proxy, it will be listening on the same port we 1175 # are checking for as well as the server and lsof will list both. 1176 case ${newline}${SERVER_PIDS}${newline} in 1177 *${newline}${2}${newline}*) break;; 1178 esac 1179 if [ $(( $(date +%s) - $START_TIME )) -gt $DOG_DELAY ]; then 1180 echo "$3 START TIMEOUT" 1181 echo "$3 START TIMEOUT" >> $4 1182 break 1183 fi 1184 # Linux and *BSD support decimal arguments to sleep. On other 1185 # OSes this may be a tight loop. 1186 sleep 0.1 2>/dev/null || true 1187 done 1188 } 1189 else 1190 echo "Warning: lsof not available, wait_app_start = sleep" 1191 wait_app_start() { 1192 sleep "$START_DELAY" 1193 } 1194 fi 1195 1196 # Wait for server process $2 to be listening on port $1. 1197 wait_server_start() { 1198 wait_app_start $1 $2 "SERVER" $SRV_OUT 1199 } 1200 1201 # Wait for proxy process $2 to be listening on port $1. 1202 wait_proxy_start() { 1203 wait_app_start $1 $2 "PROXY" $PXY_OUT 1204 } 1205 1206 # Given the client or server debug output, parse the unix timestamp that is 1207 # included in the first 4 bytes of the random bytes and check that it's within 1208 # acceptable bounds 1209 check_server_hello_time() { 1210 # Extract the time from the debug (lvl 3) output of the client 1211 SERVER_HELLO_TIME="$(sed -n 's/.*server hello, current time: //p' < "$1")" 1212 # Get the Unix timestamp for now 1213 CUR_TIME=$(date +'%s') 1214 THRESHOLD_IN_SECS=300 1215 1216 # Check if the ServerHello time was printed 1217 if [ -z "$SERVER_HELLO_TIME" ]; then 1218 return 1 1219 fi 1220 1221 # Check the time in ServerHello is within acceptable bounds 1222 if [ $SERVER_HELLO_TIME -lt $(( $CUR_TIME - $THRESHOLD_IN_SECS )) ]; then 1223 # The time in ServerHello is at least 5 minutes before now 1224 return 1 1225 elif [ $SERVER_HELLO_TIME -gt $(( $CUR_TIME + $THRESHOLD_IN_SECS )) ]; then 1226 # The time in ServerHello is at least 5 minutes later than now 1227 return 1 1228 else 1229 return 0 1230 fi 1231 } 1232 1233 # Extract the exported key from the output. 1234 get_exported_key() { 1235 OUTPUT="$1" 1236 EXPORTED_KEY1=$(sed -n '/Exporting key of length 20 with label ".*": /s/.*: //p' $OUTPUT) 1237 } 1238 1239 # Check that the exported key from the output matches the one obtained in get_exported_key(). 1240 check_exported_key() { 1241 OUTPUT="$1" 1242 EXPORTED_KEY2=$(sed -n '/Exporting key of length 20 with label ".*": /s/.*: //p' $OUTPUT) 1243 test "$EXPORTED_KEY1" = "$EXPORTED_KEY2" 1244 } 1245 1246 # Check that the exported key from the output matches the one obtained in get_exported_key(). 1247 check_exported_key_openssl() { 1248 OUTPUT="$1" 1249 EXPORTED_KEY2=0x$(sed -n '/Keying material: /s/.*: //p' $OUTPUT) 1250 test "$EXPORTED_KEY1" = "$EXPORTED_KEY2" 1251 } 1252 1253 # Get handshake memory usage from server or client output and put it into the variable specified by the first argument 1254 handshake_memory_get() { 1255 OUTPUT_VARIABLE="$1" 1256 OUTPUT_FILE="$2" 1257 1258 # Get memory usage from a pattern like "Heap memory usage after handshake: 23112 bytes. Peak memory usage was 33112" 1259 MEM_USAGE=$(sed -n 's/.*Heap memory usage after handshake: //p' < "$OUTPUT_FILE" | grep -o "[0-9]*" | head -1) 1260 1261 # Check if memory usage was read 1262 if [ -z "$MEM_USAGE" ]; then 1263 echo "Error: Can not read the value of handshake memory usage" 1264 return 1 1265 else 1266 eval "$OUTPUT_VARIABLE=$MEM_USAGE" 1267 return 0 1268 fi 1269 } 1270 1271 # Get handshake memory usage from server or client output and check if this value 1272 # is not higher than the maximum given by the first argument 1273 handshake_memory_check() { 1274 MAX_MEMORY="$1" 1275 OUTPUT_FILE="$2" 1276 1277 # Get memory usage 1278 if ! handshake_memory_get "MEMORY_USAGE" "$OUTPUT_FILE"; then 1279 return 1 1280 fi 1281 1282 # Check if memory usage is below max value 1283 if [ "$MEMORY_USAGE" -gt "$MAX_MEMORY" ]; then 1284 echo "\nFailed: Handshake memory usage was $MEMORY_USAGE bytes," \ 1285 "but should be below $MAX_MEMORY bytes" 1286 return 1 1287 else 1288 return 0 1289 fi 1290 } 1291 1292 # wait for client to terminate and set CLI_EXIT 1293 # must be called right after starting the client 1294 wait_client_done() { 1295 CLI_PID=$! 1296 1297 CLI_DELAY=$(( $DOG_DELAY * $CLI_DELAY_FACTOR )) 1298 CLI_DELAY_FACTOR=1 1299 1300 ( sleep $CLI_DELAY; echo "===CLIENT_TIMEOUT===" >> $CLI_OUT; kill $CLI_PID ) & 1301 DOG_PID=$! 1302 1303 # For Ubuntu 22.04, `Terminated` message is outputed by wait command. 1304 # To remove it from stdout, redirect stdout/stderr to CLI_OUT 1305 wait $CLI_PID >> $CLI_OUT 2>&1 1306 CLI_EXIT=$? 1307 1308 kill $DOG_PID >/dev/null 2>&1 1309 wait $DOG_PID >> $CLI_OUT 2>&1 1310 1311 echo "EXIT: $CLI_EXIT" >> $CLI_OUT 1312 1313 sleep $SRV_DELAY_SECONDS 1314 SRV_DELAY_SECONDS=0 1315 } 1316 1317 # check if the given command uses dtls and sets global variable DTLS 1318 detect_dtls() { 1319 case "$1" in 1320 *dtls=1*|*-dtls*|*-u*|*/dtls_*) DTLS=1;; 1321 *) DTLS=0;; 1322 esac 1323 } 1324 1325 # check if the given command uses gnutls and sets global variable CMD_IS_GNUTLS 1326 is_gnutls() { 1327 case "$1" in 1328 *gnutls-cli*) 1329 CMD_IS_GNUTLS=1 1330 ;; 1331 *gnutls-serv*) 1332 CMD_IS_GNUTLS=1 1333 ;; 1334 *) 1335 CMD_IS_GNUTLS=0 1336 ;; 1337 esac 1338 } 1339 1340 # Some external tools (gnutls or openssl) might not have support for static ECDH 1341 # and this limit the tests that can be run with them. This function checks server 1342 # and client command lines, given as input, to verify if the current test 1343 # is using one of these tools. 1344 use_ext_tool_without_ecdh_support() { 1345 case "$1" in 1346 *$GNUTLS_SERV*|\ 1347 *${GNUTLS_NEXT_SERV:-"gnutls-serv-dummy"}*|\ 1348 *${OPENSSL_NEXT:-"openssl-dummy"}*) 1349 echo "yes" 1350 return;; 1351 esac 1352 case "$2" in 1353 *$GNUTLS_CLI*|\ 1354 *${GNUTLS_NEXT_CLI:-"gnutls-cli-dummy"}*|\ 1355 *${OPENSSL_NEXT:-"openssl-dummy"}*) 1356 echo "yes" 1357 return;; 1358 esac 1359 echo "no" 1360 } 1361 1362 # Generate random psk_list argument for ssl_server2 1363 get_srv_psk_list () 1364 { 1365 case $(( TESTS % 3 )) in 1366 0) echo "psk_list=abc,dead,def,beef,Client_identity,6162636465666768696a6b6c6d6e6f70";; 1367 1) echo "psk_list=abc,dead,Client_identity,6162636465666768696a6b6c6d6e6f70,def,beef";; 1368 2) echo "psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef";; 1369 esac 1370 } 1371 1372 # Determine what calc_verify trace is to be expected, if any. 1373 # 1374 # calc_verify is only called for two things: to calculate the 1375 # extended master secret, and to process client authentication. 1376 # 1377 # Warning: the current implementation assumes that extended_ms is not 1378 # disabled on the client or on the server. 1379 # 1380 # Inputs: 1381 # * $1: the value of the server auth_mode parameter. 1382 # 'required' if client authentication is expected, 1383 # 'none' or absent if not. 1384 # * $CONFIGS_ENABLED 1385 # 1386 # Outputs: 1387 # * $maybe_calc_verify: set to a trace expected in the debug logs 1388 set_maybe_calc_verify() { 1389 maybe_calc_verify= 1390 case $CONFIGS_ENABLED in 1391 *\ MBEDTLS_SSL_EXTENDED_MASTER_SECRET\ *) :;; 1392 *) 1393 case ${1-} in 1394 ''|none) return;; 1395 required) :;; 1396 *) echo "Bad parameter 1 to set_maybe_calc_verify: $1"; exit 1;; 1397 esac 1398 esac 1399 case $CONFIGS_ENABLED in 1400 *\ MBEDTLS_USE_PSA_CRYPTO\ *) maybe_calc_verify="PSA calc verify";; 1401 *) maybe_calc_verify="<= calc verify";; 1402 esac 1403 } 1404 1405 # Compare file content 1406 # Usage: find_in_both pattern file1 file2 1407 # extract from file1 the first line matching the pattern 1408 # check in file2 that the same line can be found 1409 find_in_both() { 1410 srv_pattern=$(grep -m 1 "$1" "$2"); 1411 if [ -z "$srv_pattern" ]; then 1412 return 1; 1413 fi 1414 1415 if grep "$srv_pattern" $3 >/dev/null; then : 1416 return 0; 1417 else 1418 return 1; 1419 fi 1420 } 1421 1422 SKIP_HANDSHAKE_CHECK="NO" 1423 skip_handshake_stage_check() { 1424 SKIP_HANDSHAKE_CHECK="YES" 1425 } 1426 1427 # Analyze the commands that will be used in a test. 1428 # 1429 # Analyze and possibly instrument $PXY_CMD, $CLI_CMD, $SRV_CMD to pass 1430 # extra arguments or go through wrappers. 1431 # 1432 # Inputs: 1433 # * $@: supplemental options to run_test() (after the mandatory arguments). 1434 # * $CLI_CMD, $PXY_CMD, $SRV_CMD: the client, proxy and server commands. 1435 # * $DTLS: 1 if DTLS, otherwise 0. 1436 # 1437 # Outputs: 1438 # * $CLI_CMD, $PXY_CMD, $SRV_CMD: may be tweaked. 1439 analyze_test_commands() { 1440 # If the test uses DTLS, does not force a specific port, and does not 1441 # specify a custom proxy, add a simple proxy. 1442 # It provides timing info that's useful to debug failures. 1443 if [ "$DTLS" -eq 1 ] && 1444 [ "$THIS_SRV_PORT" = "$SRV_PORT" ] && 1445 [ -z "$PXY_CMD" ] 1446 then 1447 PXY_CMD="$P_PXY" 1448 case " $SRV_CMD " in 1449 *' server_addr=::1 '*) 1450 PXY_CMD="$PXY_CMD server_addr=::1 listen_addr=::1";; 1451 esac 1452 fi 1453 1454 # update CMD_IS_GNUTLS variable 1455 is_gnutls "$SRV_CMD" 1456 1457 # if the server uses gnutls but doesn't set priority, explicitly 1458 # set the default priority 1459 if [ "$CMD_IS_GNUTLS" -eq 1 ]; then 1460 case "$SRV_CMD" in 1461 *--priority*) :;; 1462 *) SRV_CMD="$SRV_CMD --priority=NORMAL";; 1463 esac 1464 fi 1465 1466 # update CMD_IS_GNUTLS variable 1467 is_gnutls "$CLI_CMD" 1468 1469 # if the client uses gnutls but doesn't set priority, explicitly 1470 # set the default priority 1471 if [ "$CMD_IS_GNUTLS" -eq 1 ]; then 1472 case "$CLI_CMD" in 1473 *--priority*) :;; 1474 *) CLI_CMD="$CLI_CMD --priority=NORMAL";; 1475 esac 1476 fi 1477 1478 # fix client port 1479 if [ -n "$PXY_CMD" ]; then 1480 CLI_CMD=$( echo "$CLI_CMD" | sed s/+SRV_PORT/$PXY_PORT/g ) 1481 else 1482 CLI_CMD=$( echo "$CLI_CMD" | sed s/+SRV_PORT/$THIS_SRV_PORT/g ) 1483 fi 1484 1485 # If the test forces a specific port and the server is OpenSSL or 1486 # GnuTLS, override its port specification. 1487 if [ "$THIS_SRV_PORT" != "$SRV_PORT" ]; then 1488 case "$SRV_CMD" in 1489 "$G_SRV"*|"$G_NEXT_SRV"*) 1490 SRV_CMD=$( 1491 printf %s "$SRV_CMD " | 1492 sed -e "s/ -p $SRV_PORT / -p $THIS_SRV_PORT /" 1493 );; 1494 "$O_SRV"*|"$O_NEXT_SRV"*) SRV_CMD="$SRV_CMD -accept $THIS_SRV_PORT";; 1495 esac 1496 fi 1497 1498 # prepend valgrind to our commands if active 1499 if [ "$MEMCHECK" -gt 0 ]; then 1500 if is_polar "$SRV_CMD"; then 1501 SRV_CMD="valgrind --leak-check=full $SRV_CMD" 1502 fi 1503 if is_polar "$CLI_CMD"; then 1504 CLI_CMD="valgrind --leak-check=full $CLI_CMD" 1505 fi 1506 fi 1507 } 1508 1509 # Check for failure conditions after a test case. 1510 # 1511 # Inputs from run_test: 1512 # * positional parameters: test options (see run_test documentation) 1513 # * $CLI_EXIT: client return code 1514 # * $CLI_EXPECT: expected client return code 1515 # * $SRV_RET: server return code 1516 # * $CLI_OUT, $SRV_OUT, $PXY_OUT: files containing client/server/proxy logs 1517 # * $TIMES_LEFT: if nonzero, a RETRY outcome is allowed 1518 # 1519 # Outputs: 1520 # * $outcome: one of PASS/RETRY*/FAIL 1521 check_test_failure() { 1522 outcome=FAIL 1523 1524 if [ $TIMES_LEFT -gt 0 ] && 1525 grep '===CLIENT_TIMEOUT===' $CLI_OUT >/dev/null 1526 then 1527 outcome="RETRY(client-timeout)" 1528 return 1529 fi 1530 1531 # check if the client and server went at least to the handshake stage 1532 # (useful to avoid tests with only negative assertions and non-zero 1533 # expected client exit to incorrectly succeed in case of catastrophic 1534 # failure) 1535 if [ "X$SKIP_HANDSHAKE_CHECK" != "XYES" ] 1536 then 1537 if is_polar "$SRV_CMD"; then 1538 if grep "Performing the SSL/TLS handshake" $SRV_OUT >/dev/null; then :; 1539 else 1540 fail "server or client failed to reach handshake stage" 1541 return 1542 fi 1543 fi 1544 if is_polar "$CLI_CMD"; then 1545 if grep "Performing the SSL/TLS handshake" $CLI_OUT >/dev/null; then :; 1546 else 1547 fail "server or client failed to reach handshake stage" 1548 return 1549 fi 1550 fi 1551 fi 1552 1553 SKIP_HANDSHAKE_CHECK="NO" 1554 # Check server exit code (only for Mbed TLS: GnuTLS and OpenSSL don't 1555 # exit with status 0 when interrupted by a signal, and we don't really 1556 # care anyway), in case e.g. the server reports a memory leak. 1557 if [ $SRV_RET != 0 ] && is_polar "$SRV_CMD"; then 1558 fail "Server exited with status $SRV_RET" 1559 return 1560 fi 1561 1562 # check client exit code 1563 if [ \( "$CLI_EXPECT" = 0 -a "$CLI_EXIT" != 0 \) -o \ 1564 \( "$CLI_EXPECT" != 0 -a "$CLI_EXIT" = 0 \) ] 1565 then 1566 fail "bad client exit code (expected $CLI_EXPECT, got $CLI_EXIT)" 1567 return 1568 fi 1569 1570 # check other assertions 1571 # lines beginning with == are added by valgrind, ignore them 1572 # lines with 'Serious error when reading debug info', are valgrind issues as well 1573 while [ $# -gt 0 ] 1574 do 1575 case $1 in 1576 "-s") 1577 if grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then :; else 1578 fail "pattern '$2' MUST be present in the Server output" 1579 return 1580 fi 1581 ;; 1582 1583 "-c") 1584 if grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then :; else 1585 fail "pattern '$2' MUST be present in the Client output" 1586 return 1587 fi 1588 ;; 1589 1590 "-S") 1591 if grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then 1592 if log_pattern_presence_is_conclusive "$2"; then 1593 fail "pattern '$2' MUST NOT be present in the Server output" 1594 fi 1595 return 1596 fi 1597 ;; 1598 1599 "-C") 1600 if grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then 1601 if log_pattern_presence_is_conclusive "$2"; then 1602 fail "pattern '$2' MUST NOT be present in the Client output" 1603 fi 1604 return 1605 fi 1606 ;; 1607 1608 # The filtering in the following two options (-u and -U) do the following 1609 # - ignore valgrind output 1610 # - filter out everything but lines right after the pattern occurrences 1611 # - keep one of each non-unique line 1612 # - count how many lines remain 1613 # A line with '--' will remain in the result from previous outputs, so the number of lines in the result will be 1 1614 # if there were no duplicates. 1615 "-U") 1616 if [ $(grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep -A1 "$2" | grep -v "$2" | sort | uniq -d | wc -l) -gt 1 ]; then 1617 fail "lines following pattern '$2' must be unique in Server output" 1618 return 1619 fi 1620 ;; 1621 1622 "-u") 1623 if [ $(grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep -A1 "$2" | grep -v "$2" | sort | uniq -d | wc -l) -gt 1 ]; then 1624 fail "lines following pattern '$2' must be unique in Client output" 1625 return 1626 fi 1627 ;; 1628 "-F") 1629 if ! $2 "$SRV_OUT"; then 1630 fail "function call to '$2' failed on Server output" 1631 return 1632 fi 1633 ;; 1634 "-f") 1635 if ! $2 "$CLI_OUT"; then 1636 fail "function call to '$2' failed on Client output" 1637 return 1638 fi 1639 ;; 1640 "-g") 1641 if ! eval "$2 '$SRV_OUT' '$CLI_OUT'"; then 1642 fail "function call to '$2' failed on Server and Client output" 1643 return 1644 fi 1645 ;; 1646 1647 *) 1648 echo "Unknown test: $1" >&2 1649 exit 1 1650 esac 1651 shift 2 1652 done 1653 1654 # check valgrind's results 1655 if [ "$MEMCHECK" -gt 0 ]; then 1656 if is_polar "$SRV_CMD" && has_mem_err $SRV_OUT; then 1657 fail "Server has memory errors" 1658 return 1659 fi 1660 if is_polar "$CLI_CMD" && has_mem_err $CLI_OUT; then 1661 fail "Client has memory errors" 1662 return 1663 fi 1664 fi 1665 1666 # if we're here, everything is ok 1667 outcome=PASS 1668 } 1669 1670 # Run the current test case: start the server and if applicable the proxy, run 1671 # the client, wait for all processes to finish or time out. 1672 # 1673 # Inputs: 1674 # * $NAME: test case name 1675 # * $CLI_CMD, $SRV_CMD, $PXY_CMD: commands to run 1676 # * $CLI_OUT, $SRV_OUT, $PXY_OUT: files to contain client/server/proxy logs 1677 # 1678 # Outputs: 1679 # * $CLI_EXIT: client return code 1680 # * $SRV_RET: server return code 1681 do_run_test_once() { 1682 # run the commands 1683 if [ -n "$PXY_CMD" ]; then 1684 printf "# %s\n%s\n" "$NAME" "$PXY_CMD" > $PXY_OUT 1685 $PXY_CMD >> $PXY_OUT 2>&1 & 1686 PXY_PID=$! 1687 wait_proxy_start "$PXY_PORT" "$PXY_PID" 1688 fi 1689 1690 check_osrv_dtls 1691 printf '# %s\n%s\n' "$NAME" "$SRV_CMD" > $SRV_OUT 1692 provide_input | $SRV_CMD >> $SRV_OUT 2>&1 & 1693 SRV_PID=$! 1694 wait_server_start "$THIS_SRV_PORT" "$SRV_PID" 1695 1696 printf '# %s\n%s\n' "$NAME" "$CLI_CMD" > $CLI_OUT 1697 # The client must be a subprocess of the script in order for killing it to 1698 # work properly, that's why the ampersand is placed inside the eval command, 1699 # not at the end of the line: the latter approach will spawn eval as a 1700 # subprocess, and the $CLI_CMD as a grandchild. 1701 eval "$CLI_CMD &" >> $CLI_OUT 2>&1 1702 wait_client_done 1703 1704 sleep 0.05 1705 1706 # terminate the server (and the proxy) 1707 kill $SRV_PID 1708 # For Ubuntu 22.04, `Terminated` message is outputed by wait command. 1709 # To remove it from stdout, redirect stdout/stderr to SRV_OUT 1710 wait $SRV_PID >> $SRV_OUT 2>&1 1711 SRV_RET=$? 1712 1713 if [ -n "$PXY_CMD" ]; then 1714 kill $PXY_PID >/dev/null 2>&1 1715 wait $PXY_PID >> $PXY_OUT 2>&1 1716 fi 1717 } 1718 1719 # Detect if the current test is going to use TLS 1.3 or TLS 1.2. 1720 # $1 and $2 contain the server and client command lines, respectively. 1721 # 1722 # Note: this function only provides some guess about TLS version by simply 1723 # looking at the server/client command lines. Even though this works 1724 # for the sake of tests' filtering (especially in conjunction with the 1725 # detect_required_features() function), it does NOT guarantee that the 1726 # result is accurate. It does not check other conditions, such as: 1727 # - we can force a ciphersuite which contains "WITH" in its name, meaning 1728 # that we are going to use TLS 1.2 1729 # - etc etc 1730 get_tls_version() { 1731 # First check if the version is forced on an Mbed TLS peer 1732 case $1 in 1733 *tls12*) 1734 echo "TLS12" 1735 return;; 1736 *tls13*) 1737 echo "TLS13" 1738 return;; 1739 esac 1740 case $2 in 1741 *tls12*) 1742 echo "TLS12" 1743 return;; 1744 *tls13*) 1745 echo "TLS13" 1746 return;; 1747 esac 1748 # Second check if the version is forced on an OpenSSL or GnuTLS peer 1749 case $1 in 1750 tls1_2*) 1751 echo "TLS12" 1752 return;; 1753 *tls1_3) 1754 echo "TLS13" 1755 return;; 1756 esac 1757 case $2 in 1758 *tls1_2) 1759 echo "TLS12" 1760 return;; 1761 *tls1_3) 1762 echo "TLS13" 1763 return;; 1764 esac 1765 # Third if the version is not forced, if TLS 1.3 is enabled then the test 1766 # is aimed to run a TLS 1.3 handshake. 1767 if is_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 1768 then 1769 echo "TLS13" 1770 else 1771 echo "TLS12" 1772 fi 1773 } 1774 1775 # Usage: run_test name [-p proxy_cmd] srv_cmd cli_cmd cli_exit [option [...]] 1776 # Options: -s pattern pattern that must be present in server output 1777 # -c pattern pattern that must be present in client output 1778 # -u pattern lines after pattern must be unique in client output 1779 # -f call shell function on client output 1780 # -S pattern pattern that must be absent in server output 1781 # -C pattern pattern that must be absent in client output 1782 # -U pattern lines after pattern must be unique in server output 1783 # -F call shell function on server output 1784 # -g call shell function on server and client output 1785 run_test() { 1786 NAME="$1" 1787 shift 1 1788 1789 if is_excluded "$NAME"; then 1790 SKIP_NEXT="NO" 1791 # There was no request to run the test, so don't record its outcome. 1792 return 1793 fi 1794 1795 if [ "$LIST_TESTS" -gt 0 ]; then 1796 printf "%s\n" "${TEST_SUITE_NAME:-ssl-opt};$NAME" 1797 return 1798 fi 1799 1800 # Use ssl-opt as default test suite name. Also see record_outcome function 1801 if is_excluded_test_suite "${TEST_SUITE_NAME:-ssl-opt}"; then 1802 # Do not skip next test and skip current test. 1803 SKIP_NEXT="NO" 1804 return 1805 fi 1806 1807 print_name "$NAME" 1808 1809 # Do we only run numbered tests? 1810 if [ -n "$RUN_TEST_NUMBER" ]; then 1811 case ",$RUN_TEST_NUMBER," in 1812 *",$TESTS,"*) :;; 1813 *) SKIP_NEXT="YES";; 1814 esac 1815 fi 1816 1817 # Does this test specify a proxy? 1818 if [ "X$1" = "X-p" ]; then 1819 PXY_CMD="$2" 1820 shift 2 1821 else 1822 PXY_CMD="" 1823 fi 1824 1825 # Does this test force a specific port? 1826 if [ "$1" = "-P" ]; then 1827 THIS_SRV_PORT="$2" 1828 shift 2 1829 else 1830 THIS_SRV_PORT="$SRV_PORT" 1831 fi 1832 1833 # get commands and client output 1834 SRV_CMD="$1" 1835 CLI_CMD="$2" 1836 CLI_EXPECT="$3" 1837 shift 3 1838 1839 # Check if test uses files 1840 case "$SRV_CMD $CLI_CMD" in 1841 *$DATA_FILES_PATH/*) 1842 requires_config_enabled MBEDTLS_FS_IO;; 1843 esac 1844 1845 # Check if the test uses DTLS. 1846 detect_dtls "$SRV_CMD" 1847 if [ "$DTLS" -eq 1 ]; then 1848 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 1849 fi 1850 1851 # Check if we are trying to use an external tool which does not support ECDH 1852 EXT_WO_ECDH=$(use_ext_tool_without_ecdh_support "$SRV_CMD" "$CLI_CMD") 1853 1854 # Guess the TLS version which is going to be used. 1855 # Note that this detection is wrong in some cases, which causes unduly 1856 # skipped test cases in builds with TLS 1.3 but not TLS 1.2. 1857 # https://github.com/Mbed-TLS/mbedtls/issues/9560 1858 if [ "$EXT_WO_ECDH" = "no" ]; then 1859 TLS_VERSION=$(get_tls_version "$SRV_CMD" "$CLI_CMD") 1860 else 1861 TLS_VERSION="TLS12" 1862 fi 1863 1864 # If we're in a PSK-only build and the test can be adapted to PSK, do that. 1865 maybe_adapt_for_psk "$@" 1866 1867 # If the client or server requires certain features that can be detected 1868 # from their command-line arguments, check whether they're enabled. 1869 detect_required_features "$SRV_CMD" "server" "$TLS_VERSION" "$EXT_WO_ECDH" "$@" 1870 detect_required_features "$CLI_CMD" "client" "$TLS_VERSION" "$EXT_WO_ECDH" "$@" 1871 1872 # should we skip? 1873 if [ "X$SKIP_NEXT" = "XYES" ]; then 1874 SKIP_NEXT="NO" 1875 record_outcome "SKIP" 1876 SKIPS=$(( $SKIPS + 1 )) 1877 return 1878 fi 1879 1880 analyze_test_commands "$@" 1881 1882 # One regular run and two retries 1883 TIMES_LEFT=3 1884 while [ $TIMES_LEFT -gt 0 ]; do 1885 TIMES_LEFT=$(( $TIMES_LEFT - 1 )) 1886 1887 do_run_test_once 1888 1889 check_test_failure "$@" 1890 case $outcome in 1891 PASS) break;; 1892 RETRY*) printf "$outcome ";; 1893 FAIL) return;; 1894 esac 1895 done 1896 1897 # If we get this far, the test case passed. 1898 record_outcome "PASS" 1899 if [ "$PRESERVE_LOGS" -gt 0 ]; then 1900 mv $SRV_OUT o-srv-${TESTS}.log 1901 mv $CLI_OUT o-cli-${TESTS}.log 1902 if [ -n "$PXY_CMD" ]; then 1903 mv $PXY_OUT o-pxy-${TESTS}.log 1904 fi 1905 fi 1906 1907 rm -f $SRV_OUT $CLI_OUT $PXY_OUT 1908 } 1909 1910 run_test_psa() { 1911 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 1912 set_maybe_calc_verify none 1913 run_test "PSA-supported ciphersuite: $1" \ 1914 "$P_SRV debug_level=3 force_version=tls12" \ 1915 "$P_CLI debug_level=3 force_ciphersuite=$1" \ 1916 0 \ 1917 -c "$maybe_calc_verify" \ 1918 -c "calc PSA finished" \ 1919 -s "$maybe_calc_verify" \ 1920 -s "calc PSA finished" \ 1921 -s "Protocol is TLSv1.2" \ 1922 -c "Perform PSA-based ECDH computation."\ 1923 -c "Perform PSA-based computation of digest of ServerKeyExchange" \ 1924 -S "error" \ 1925 -C "error" 1926 unset maybe_calc_verify 1927 } 1928 1929 run_test_psa_force_curve() { 1930 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 1931 set_maybe_calc_verify none 1932 run_test "PSA - ECDH with $1" \ 1933 "$P_SRV debug_level=4 force_version=tls12 groups=$1" \ 1934 "$P_CLI debug_level=4 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 groups=$1" \ 1935 0 \ 1936 -c "$maybe_calc_verify" \ 1937 -c "calc PSA finished" \ 1938 -s "$maybe_calc_verify" \ 1939 -s "calc PSA finished" \ 1940 -s "Protocol is TLSv1.2" \ 1941 -c "Perform PSA-based ECDH computation."\ 1942 -c "Perform PSA-based computation of digest of ServerKeyExchange" \ 1943 -S "error" \ 1944 -C "error" 1945 unset maybe_calc_verify 1946 } 1947 1948 # Test that the server's memory usage after a handshake is reduced when a client specifies 1949 # a maximum fragment length. 1950 # first argument ($1) is MFL for SSL client 1951 # second argument ($2) is memory usage for SSL client with default MFL (16k) 1952 run_test_memory_after_handshake_with_mfl() 1953 { 1954 # The test passes if the difference is around 2*(16k-MFL) 1955 MEMORY_USAGE_LIMIT="$(( $2 - ( 2 * ( 16384 - $1 )) ))" 1956 1957 # Leave some margin for robustness 1958 MEMORY_USAGE_LIMIT="$(( ( MEMORY_USAGE_LIMIT * 110 ) / 100 ))" 1959 1960 run_test "Handshake memory usage (MFL $1)" \ 1961 "$P_SRV debug_level=3 auth_mode=required force_version=tls12" \ 1962 "$P_CLI debug_level=3 \ 1963 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \ 1964 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM max_frag_len=$1" \ 1965 0 \ 1966 -F "handshake_memory_check $MEMORY_USAGE_LIMIT" 1967 } 1968 1969 1970 # Test that the server's memory usage after a handshake is reduced when a client specifies 1971 # different values of Maximum Fragment Length: default (16k), 4k, 2k, 1k and 512 bytes 1972 run_tests_memory_after_handshake() 1973 { 1974 # all tests in this sequence requires the same configuration (see requires_config_enabled()) 1975 SKIP_THIS_TESTS="$SKIP_NEXT" 1976 1977 # first test with default MFU is to get reference memory usage 1978 MEMORY_USAGE_MFL_16K=0 1979 run_test "Handshake memory usage initial (MFL 16384 - default)" \ 1980 "$P_SRV debug_level=3 auth_mode=required force_version=tls12" \ 1981 "$P_CLI debug_level=3 \ 1982 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \ 1983 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM" \ 1984 0 \ 1985 -F "handshake_memory_get MEMORY_USAGE_MFL_16K" 1986 1987 SKIP_NEXT="$SKIP_THIS_TESTS" 1988 run_test_memory_after_handshake_with_mfl 4096 "$MEMORY_USAGE_MFL_16K" 1989 1990 SKIP_NEXT="$SKIP_THIS_TESTS" 1991 run_test_memory_after_handshake_with_mfl 2048 "$MEMORY_USAGE_MFL_16K" 1992 1993 SKIP_NEXT="$SKIP_THIS_TESTS" 1994 run_test_memory_after_handshake_with_mfl 1024 "$MEMORY_USAGE_MFL_16K" 1995 1996 SKIP_NEXT="$SKIP_THIS_TESTS" 1997 run_test_memory_after_handshake_with_mfl 512 "$MEMORY_USAGE_MFL_16K" 1998 } 1999 2000 run_test_export_keying_material() { 2001 unset EXPORTED_KEY1 2002 unset EXPORTED_KEY2 2003 TLS_VERSION="$1" 2004 2005 case $TLS_VERSION in 2006 tls12) TLS_VERSION_PRINT="TLS 1.2";; 2007 tls13) TLS_VERSION_PRINT="TLS 1.3";; 2008 esac 2009 2010 run_test "$TLS_VERSION_PRINT: Export keying material" \ 2011 "$P_SRV debug_level=4 force_version=$TLS_VERSION exp_label=test-label" \ 2012 "$P_CLI debug_level=4 force_version=$TLS_VERSION exp_label=test-label" \ 2013 0 \ 2014 -s "Exporting key of length 20 with label \".*\": 0x" \ 2015 -c "Exporting key of length 20 with label \".*\": 0x" \ 2016 -f get_exported_key \ 2017 -F check_exported_key 2018 } 2019 2020 run_test_export_keying_material_openssl_compat() { 2021 unset EXPORTED_KEY1 2022 unset EXPORTED_KEY2 2023 TLS_VERSION="$1" 2024 2025 case $TLS_VERSION in 2026 tls12) TLS_VERSION_PRINT="TLS 1.2"; OPENSSL_CLIENT="$O_CLI";; 2027 tls13) TLS_VERSION_PRINT="TLS 1.3"; OPENSSL_CLIENT="$O_NEXT_CLI";; 2028 esac 2029 2030 run_test "$TLS_VERSION_PRINT: Export keying material (OpenSSL compatibility)" \ 2031 "$P_SRV debug_level=4 force_version=$TLS_VERSION exp_label=test-label" \ 2032 "$OPENSSL_CLIENT -keymatexport test-label" \ 2033 0 \ 2034 -s "Exporting key of length 20 with label \".*\": 0x" \ 2035 -c "Keying material exporter:" \ 2036 -F get_exported_key \ 2037 -f check_exported_key_openssl 2038 } 2039 2040 cleanup() { 2041 rm -f $CLI_OUT $SRV_OUT $PXY_OUT $SESSION 2042 rm -f context_srv.txt 2043 rm -f context_cli.txt 2044 test -n "${SRV_PID:-}" && kill $SRV_PID >/dev/null 2>&1 2045 test -n "${PXY_PID:-}" && kill $PXY_PID >/dev/null 2>&1 2046 test -n "${CLI_PID:-}" && kill $CLI_PID >/dev/null 2>&1 2047 test -n "${DOG_PID:-}" && kill $DOG_PID >/dev/null 2>&1 2048 exit 1 2049 } 2050 2051 # 2052 # MAIN 2053 # 2054 2055 # Make the outcome file path relative to the original directory, not 2056 # to .../tests 2057 case "$MBEDTLS_TEST_OUTCOME_FILE" in 2058 [!/]*) 2059 MBEDTLS_TEST_OUTCOME_FILE="$ORIGINAL_PWD/$MBEDTLS_TEST_OUTCOME_FILE" 2060 ;; 2061 esac 2062 2063 populate_enabled_hash_algs 2064 2065 # Optimize filters: if $FILTER and $EXCLUDE can be expressed as shell 2066 # patterns rather than regular expressions, use a case statement instead 2067 # of calling grep. To keep the optimizer simple, it is incomplete and only 2068 # detects simple cases: plain substring, everything, nothing. 2069 # 2070 # As an exception, the character '.' is treated as an ordinary character 2071 # if it is the only special character in the string. This is because it's 2072 # rare to need "any one character", but needing a literal '.' is common 2073 # (e.g. '-f "DTLS 1.2"'). 2074 need_grep= 2075 case "$FILTER" in 2076 '^$') simple_filter=;; 2077 '.*') simple_filter='*';; 2078 *[][$+*?\\^{\|}]*) # Regexp special characters (other than .), we need grep 2079 need_grep=1;; 2080 *) # No regexp or shell-pattern special character 2081 simple_filter="*$FILTER*";; 2082 esac 2083 case "$EXCLUDE" in 2084 '^$') simple_exclude=;; 2085 '.*') simple_exclude='*';; 2086 *[][$+*?\\^{\|}]*) # Regexp special characters (other than .), we need grep 2087 need_grep=1;; 2088 *) # No regexp or shell-pattern special character 2089 simple_exclude="*$EXCLUDE*";; 2090 esac 2091 if [ -n "$need_grep" ]; then 2092 is_excluded () { 2093 ! echo "$1" | grep "$FILTER" | grep -q -v "$EXCLUDE" 2094 } 2095 else 2096 is_excluded () { 2097 case "$1" in 2098 $simple_exclude) true;; 2099 $simple_filter) false;; 2100 *) true;; 2101 esac 2102 } 2103 fi 2104 2105 # Filter tests according to TEST_SUITE_NAME 2106 is_excluded_test_suite () { 2107 if [ -n "$RUN_TEST_SUITE" ] 2108 then 2109 case ",$RUN_TEST_SUITE," in 2110 *",$1,"*) false;; 2111 *) true;; 2112 esac 2113 else 2114 false 2115 fi 2116 2117 } 2118 2119 2120 if [ "$LIST_TESTS" -eq 0 ];then 2121 2122 # sanity checks, avoid an avalanche of errors 2123 P_SRV_BIN="${P_SRV%%[ ]*}" 2124 P_CLI_BIN="${P_CLI%%[ ]*}" 2125 P_PXY_BIN="${P_PXY%%[ ]*}" 2126 if [ ! -x "$P_SRV_BIN" ]; then 2127 echo "Command '$P_SRV_BIN' is not an executable file" 2128 exit 1 2129 fi 2130 if [ ! -x "$P_CLI_BIN" ]; then 2131 echo "Command '$P_CLI_BIN' is not an executable file" 2132 exit 1 2133 fi 2134 if [ ! -x "$P_PXY_BIN" ]; then 2135 echo "Command '$P_PXY_BIN' is not an executable file" 2136 exit 1 2137 fi 2138 if [ "$MEMCHECK" -gt 0 ]; then 2139 if which valgrind >/dev/null 2>&1; then :; else 2140 echo "Memcheck not possible. Valgrind not found" 2141 exit 1 2142 fi 2143 fi 2144 if which $OPENSSL >/dev/null 2>&1; then :; else 2145 echo "Command '$OPENSSL' not found" 2146 exit 1 2147 fi 2148 2149 # used by watchdog 2150 MAIN_PID="$$" 2151 2152 # We use somewhat arbitrary delays for tests: 2153 # - how long do we wait for the server to start (when lsof not available)? 2154 # - how long do we allow for the client to finish? 2155 # (not to check performance, just to avoid waiting indefinitely) 2156 # Things are slower with valgrind, so give extra time here. 2157 # 2158 # Note: without lsof, there is a trade-off between the running time of this 2159 # script and the risk of spurious errors because we didn't wait long enough. 2160 # The watchdog delay on the other hand doesn't affect normal running time of 2161 # the script, only the case where a client or server gets stuck. 2162 if [ "$MEMCHECK" -gt 0 ]; then 2163 START_DELAY=6 2164 DOG_DELAY=60 2165 else 2166 START_DELAY=2 2167 DOG_DELAY=20 2168 fi 2169 2170 # some particular tests need more time: 2171 # - for the client, we multiply the usual watchdog limit by a factor 2172 # - for the server, we sleep for a number of seconds after the client exits 2173 # see client_need_more_time() and server_needs_more_time() 2174 CLI_DELAY_FACTOR=1 2175 SRV_DELAY_SECONDS=0 2176 2177 # fix commands to use this port, force IPv4 while at it 2178 # +SRV_PORT will be replaced by either $SRV_PORT or $PXY_PORT later 2179 # Note: Using 'localhost' rather than 127.0.0.1 here is unwise, as on many 2180 # machines that will resolve to ::1, and we don't want ipv6 here. 2181 P_SRV="$P_SRV server_addr=127.0.0.1 server_port=$SRV_PORT" 2182 P_CLI="$P_CLI server_addr=127.0.0.1 server_port=+SRV_PORT" 2183 P_PXY="$P_PXY server_addr=127.0.0.1 server_port=$SRV_PORT listen_addr=127.0.0.1 listen_port=$PXY_PORT ${SEED:+"seed=$SEED"}" 2184 O_SRV="$O_SRV -accept $SRV_PORT" 2185 O_CLI="$O_CLI -connect 127.0.0.1:+SRV_PORT" 2186 G_SRV="$G_SRV -p $SRV_PORT" 2187 G_CLI="$G_CLI -p +SRV_PORT" 2188 2189 # Newer versions of OpenSSL have a syntax to enable all "ciphers", even 2190 # low-security ones. This covers not just cipher suites but also protocol 2191 # versions. It is necessary, for example, to use (D)TLS 1.0/1.1 on 2192 # OpenSSL 1.1.1f from Ubuntu 20.04. The syntax was only introduced in 2193 # OpenSSL 1.1.0 (21e0c1d23afff48601eb93135defddae51f7e2e3) and I can't find 2194 # a way to discover it from -help, so check the openssl version. 2195 case $($OPENSSL version) in 2196 "OpenSSL 0"*|"OpenSSL 1.0"*) :;; 2197 *) 2198 O_CLI="$O_CLI -cipher ALL@SECLEVEL=0" 2199 O_SRV="$O_SRV -cipher ALL@SECLEVEL=0" 2200 ;; 2201 esac 2202 2203 if [ -n "${OPENSSL_NEXT:-}" ]; then 2204 O_NEXT_SRV="$O_NEXT_SRV -accept $SRV_PORT" 2205 O_NEXT_SRV_NO_CERT="$O_NEXT_SRV_NO_CERT -accept $SRV_PORT" 2206 O_NEXT_SRV_EARLY_DATA="$O_NEXT_SRV_EARLY_DATA -accept $SRV_PORT" 2207 O_NEXT_CLI="$O_NEXT_CLI -connect 127.0.0.1:+SRV_PORT" 2208 O_NEXT_CLI_NO_CERT="$O_NEXT_CLI_NO_CERT -connect 127.0.0.1:+SRV_PORT" 2209 fi 2210 2211 if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then 2212 G_NEXT_SRV="$G_NEXT_SRV -p $SRV_PORT" 2213 G_NEXT_SRV_NO_CERT="$G_NEXT_SRV_NO_CERT -p $SRV_PORT" 2214 fi 2215 2216 if [ -n "${GNUTLS_NEXT_CLI:-}" ]; then 2217 G_NEXT_CLI="$G_NEXT_CLI -p +SRV_PORT" 2218 G_NEXT_CLI_NO_CERT="$G_NEXT_CLI_NO_CERT -p +SRV_PORT localhost" 2219 fi 2220 2221 # Allow SHA-1, because many of our test certificates use it 2222 P_SRV="$P_SRV allow_sha1=1" 2223 P_CLI="$P_CLI allow_sha1=1" 2224 2225 fi 2226 # Also pick a unique name for intermediate files 2227 SRV_OUT="srv_out.$$" 2228 CLI_OUT="cli_out.$$" 2229 PXY_OUT="pxy_out.$$" 2230 SESSION="session.$$" 2231 2232 SKIP_NEXT="NO" 2233 2234 trap cleanup INT TERM HUP 2235 2236 # Basic test 2237 2238 # Checks that: 2239 # - things work with all ciphersuites active (used with config-full in all.sh) 2240 # - the expected parameters are selected 2241 requires_ciphersuite_enabled TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256 2242 requires_hash_alg SHA_512 # "signature_algorithm ext: 6" 2243 requires_any_configs_enabled MBEDTLS_ECP_DP_CURVE25519_ENABLED \ 2244 PSA_WANT_ECC_MONTGOMERY_255 2245 run_test "Default, TLS 1.2" \ 2246 "$P_SRV debug_level=3" \ 2247 "$P_CLI force_version=tls12" \ 2248 0 \ 2249 -s "Protocol is TLSv1.2" \ 2250 -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256" \ 2251 -s "client hello v3, signature_algorithm ext: 6" \ 2252 -s "ECDHE curve: x25519" \ 2253 -S "error" \ 2254 -C "error" 2255 2256 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 2257 requires_ciphersuite_enabled TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256 2258 run_test "Default, DTLS" \ 2259 "$P_SRV dtls=1" \ 2260 "$P_CLI dtls=1" \ 2261 0 \ 2262 -s "Protocol is DTLSv1.2" \ 2263 -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256" 2264 2265 run_test "TLS client auth: required" \ 2266 "$P_SRV auth_mode=required" \ 2267 "$P_CLI" \ 2268 0 \ 2269 -s "Verifying peer X.509 certificate... ok" 2270 2271 run_test "key size: TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \ 2272 "$P_SRV" \ 2273 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \ 2274 0 \ 2275 -c "Ciphersuite is TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \ 2276 -c "Key size is 256" 2277 2278 run_test "key size: TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ 2279 "$P_SRV" \ 2280 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ 2281 0 \ 2282 -c "Ciphersuite is TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ 2283 -c "Key size is 128" 2284 2285 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C 2286 # server5.key.enc is in PEM format and AES-256-CBC crypted. Unfortunately PEM 2287 # module does not support PSA dispatching so we need builtin support. 2288 requires_config_enabled MBEDTLS_CIPHER_MODE_CBC 2289 requires_config_enabled MBEDTLS_AES_C 2290 requires_hash_alg MD5 2291 requires_hash_alg SHA_256 2292 run_test "TLS: password protected client key" \ 2293 "$P_SRV force_version=tls12 auth_mode=required" \ 2294 "$P_CLI crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key.enc key_pwd=PolarSSLTest" \ 2295 0 2296 2297 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C 2298 # server5.key.enc is in PEM format and AES-256-CBC crypted. Unfortunately PEM 2299 # module does not support PSA dispatching so we need builtin support. 2300 requires_config_enabled MBEDTLS_CIPHER_MODE_CBC 2301 requires_config_enabled MBEDTLS_AES_C 2302 requires_hash_alg MD5 2303 requires_hash_alg SHA_256 2304 run_test "TLS: password protected server key" \ 2305 "$P_SRV crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key.enc key_pwd=PolarSSLTest" \ 2306 "$P_CLI force_version=tls12" \ 2307 0 2308 2309 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C 2310 requires_config_enabled MBEDTLS_RSA_C 2311 # server5.key.enc is in PEM format and AES-256-CBC crypted. Unfortunately PEM 2312 # module does not support PSA dispatching so we need builtin support. 2313 requires_config_enabled MBEDTLS_CIPHER_MODE_CBC 2314 requires_config_enabled MBEDTLS_AES_C 2315 requires_hash_alg MD5 2316 requires_hash_alg SHA_256 2317 run_test "TLS: password protected server key, two certificates" \ 2318 "$P_SRV force_version=tls12\ 2319 key_file=$DATA_FILES_PATH/server5.key.enc key_pwd=PolarSSLTest crt_file=$DATA_FILES_PATH/server5.crt \ 2320 key_file2=$DATA_FILES_PATH/server2.key.enc key_pwd2=PolarSSLTest crt_file2=$DATA_FILES_PATH/server2.crt" \ 2321 "$P_CLI" \ 2322 0 2323 2324 run_test "CA callback on client" \ 2325 "$P_SRV debug_level=3" \ 2326 "$P_CLI ca_callback=1 debug_level=3 " \ 2327 0 \ 2328 -c "use CA callback for X.509 CRT verification" \ 2329 -S "error" \ 2330 -C "error" 2331 2332 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C 2333 requires_hash_alg SHA_256 2334 run_test "CA callback on server" \ 2335 "$P_SRV auth_mode=required" \ 2336 "$P_CLI ca_callback=1 debug_level=3 crt_file=$DATA_FILES_PATH/server5.crt \ 2337 key_file=$DATA_FILES_PATH/server5.key" \ 2338 0 \ 2339 -c "use CA callback for X.509 CRT verification" \ 2340 -s "Verifying peer X.509 certificate... ok" \ 2341 -S "error" \ 2342 -C "error" 2343 2344 # Test using an EC opaque private key for client authentication 2345 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 2346 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C 2347 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED 2348 requires_hash_alg SHA_256 2349 run_test "Opaque key for client authentication: ECDHE-ECDSA" \ 2350 "$P_SRV force_version=tls12 auth_mode=required crt_file=$DATA_FILES_PATH/server5.crt \ 2351 key_file=$DATA_FILES_PATH/server5.key" \ 2352 "$P_CLI key_opaque=1 crt_file=$DATA_FILES_PATH/server5.crt \ 2353 key_file=$DATA_FILES_PATH/server5.key key_opaque_algs=ecdsa-sign,none" \ 2354 0 \ 2355 -c "key type: Opaque" \ 2356 -c "Ciphersuite is TLS-ECDHE-ECDSA" \ 2357 -s "Verifying peer X.509 certificate... ok" \ 2358 -s "Ciphersuite is TLS-ECDHE-ECDSA" \ 2359 -S "error" \ 2360 -C "error" 2361 2362 # Test using a RSA opaque private key for client authentication 2363 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 2364 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C 2365 requires_config_enabled MBEDTLS_RSA_C 2366 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED 2367 requires_hash_alg SHA_256 2368 run_test "Opaque key for client authentication: ECDHE-RSA" \ 2369 "$P_SRV force_version=tls12 auth_mode=required crt_file=$DATA_FILES_PATH/server2-sha256.crt \ 2370 key_file=$DATA_FILES_PATH/server2.key" \ 2371 "$P_CLI key_opaque=1 crt_file=$DATA_FILES_PATH/server2-sha256.crt \ 2372 key_file=$DATA_FILES_PATH/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \ 2373 0 \ 2374 -c "key type: Opaque" \ 2375 -c "Ciphersuite is TLS-ECDHE-RSA" \ 2376 -s "Verifying peer X.509 certificate... ok" \ 2377 -s "Ciphersuite is TLS-ECDHE-RSA" \ 2378 -S "error" \ 2379 -C "error" 2380 2381 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 2382 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C 2383 requires_config_enabled MBEDTLS_RSA_C 2384 requires_hash_alg SHA_256 2385 run_test "Opaque key for client authentication: DHE-RSA" \ 2386 "$P_SRV force_version=tls12 auth_mode=required crt_file=$DATA_FILES_PATH/server2-sha256.crt \ 2387 key_file=$DATA_FILES_PATH/server2.key" \ 2388 "$P_CLI key_opaque=1 crt_file=$DATA_FILES_PATH/server2-sha256.crt \ 2389 key_file=$DATA_FILES_PATH/server2.key force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ 2390 key_opaque_algs=rsa-sign-pkcs1,none" \ 2391 0 \ 2392 -c "key type: Opaque" \ 2393 -c "Ciphersuite is TLS-DHE-RSA" \ 2394 -s "Verifying peer X.509 certificate... ok" \ 2395 -s "Ciphersuite is TLS-DHE-RSA" \ 2396 -S "error" \ 2397 -C "error" 2398 2399 # Test using an EC opaque private key for server authentication 2400 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 2401 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C 2402 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED 2403 requires_hash_alg SHA_256 2404 run_test "Opaque key for server authentication: ECDHE-ECDSA" \ 2405 "$P_SRV key_opaque=1 crt_file=$DATA_FILES_PATH/server5.crt \ 2406 key_file=$DATA_FILES_PATH/server5.key key_opaque_algs=ecdsa-sign,none" \ 2407 "$P_CLI force_version=tls12" \ 2408 0 \ 2409 -c "Verifying peer X.509 certificate... ok" \ 2410 -c "Ciphersuite is TLS-ECDHE-ECDSA" \ 2411 -s "key types: Opaque, none" \ 2412 -s "Ciphersuite is TLS-ECDHE-ECDSA" \ 2413 -S "error" \ 2414 -C "error" 2415 2416 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 2417 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C 2418 requires_hash_alg SHA_256 2419 run_test "Opaque key for server authentication: ECDH-" \ 2420 "$P_SRV auth_mode=required key_opaque=1\ 2421 crt_file=$DATA_FILES_PATH/server5.ku-ka.crt\ 2422 key_file=$DATA_FILES_PATH/server5.key key_opaque_algs=ecdh,none" \ 2423 "$P_CLI force_version=tls12" \ 2424 0 \ 2425 -c "Verifying peer X.509 certificate... ok" \ 2426 -c "Ciphersuite is TLS-ECDH-" \ 2427 -s "key types: Opaque, none" \ 2428 -s "Ciphersuite is TLS-ECDH-" \ 2429 -S "error" \ 2430 -C "error" 2431 2432 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 2433 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C 2434 requires_config_disabled MBEDTLS_SSL_ASYNC_PRIVATE 2435 requires_hash_alg SHA_256 2436 run_test "Opaque key for server authentication: invalid key: decrypt with ECC key, no async" \ 2437 "$P_SRV key_opaque=1 crt_file=$DATA_FILES_PATH/server5.crt \ 2438 key_file=$DATA_FILES_PATH/server5.key key_opaque_algs=rsa-decrypt,none \ 2439 debug_level=1" \ 2440 "$P_CLI force_version=tls12" \ 2441 1 \ 2442 -s "key types: Opaque, none" \ 2443 -s "error" \ 2444 -c "error" \ 2445 -c "Public key type mismatch" 2446 2447 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 2448 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C 2449 requires_config_enabled MBEDTLS_ECDSA_C 2450 requires_config_enabled MBEDTLS_RSA_C 2451 requires_config_disabled MBEDTLS_SSL_ASYNC_PRIVATE 2452 requires_hash_alg SHA_256 2453 run_test "Opaque key for server authentication: invalid key: ecdh with RSA key, no async" \ 2454 "$P_SRV key_opaque=1 crt_file=$DATA_FILES_PATH/server2-sha256.crt \ 2455 key_file=$DATA_FILES_PATH/server2.key key_opaque_algs=ecdh,none \ 2456 debug_level=1" \ 2457 "$P_CLI force_version=tls12" \ 2458 1 \ 2459 -s "key types: Opaque, none" \ 2460 -s "error" \ 2461 -c "error" \ 2462 -c "Public key type mismatch" 2463 2464 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 2465 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C 2466 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE 2467 requires_hash_alg SHA_256 2468 run_test "Opaque key for server authentication: invalid alg: decrypt with ECC key, async" \ 2469 "$P_SRV key_opaque=1 crt_file=$DATA_FILES_PATH/server5.crt \ 2470 key_file=$DATA_FILES_PATH/server5.key key_opaque_algs=rsa-decrypt,none \ 2471 debug_level=1" \ 2472 "$P_CLI force_version=tls12" \ 2473 1 \ 2474 -s "key types: Opaque, none" \ 2475 -s "got ciphersuites in common, but none of them usable" \ 2476 -s "error" \ 2477 -c "error" 2478 2479 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 2480 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C 2481 requires_config_enabled MBEDTLS_RSA_C 2482 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE 2483 requires_hash_alg SHA_256 2484 run_test "Opaque key for server authentication: invalid alg: ecdh with RSA key, async" \ 2485 "$P_SRV key_opaque=1 crt_file=$DATA_FILES_PATH/server2-sha256.crt \ 2486 key_file=$DATA_FILES_PATH/server2.key key_opaque_algs=ecdh,none \ 2487 debug_level=1" \ 2488 "$P_CLI force_version=tls12" \ 2489 1 \ 2490 -s "key types: Opaque, none" \ 2491 -s "got ciphersuites in common, but none of them usable" \ 2492 -s "error" \ 2493 -c "error" 2494 2495 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 2496 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C 2497 requires_hash_alg SHA_256 2498 run_test "Opaque key for server authentication: invalid alg: ECDHE-ECDSA with ecdh" \ 2499 "$P_SRV key_opaque=1 crt_file=$DATA_FILES_PATH/server5.crt \ 2500 key_file=$DATA_FILES_PATH/server5.key key_opaque_algs=ecdh,none \ 2501 debug_level=1" \ 2502 "$P_CLI force_version=tls12 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \ 2503 1 \ 2504 -s "key types: Opaque, none" \ 2505 -s "got ciphersuites in common, but none of them usable" \ 2506 -s "error" \ 2507 -c "error" 2508 2509 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 2510 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C 2511 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED 2512 requires_hash_alg SHA_256 2513 requires_config_disabled MBEDTLS_X509_REMOVE_INFO 2514 run_test "Opaque keys for server authentication: EC keys with different algs, force ECDHE-ECDSA" \ 2515 "$P_SRV force_version=tls12 key_opaque=1 crt_file=$DATA_FILES_PATH/server7.crt \ 2516 key_file=$DATA_FILES_PATH/server7.key key_opaque_algs=ecdh,none \ 2517 crt_file2=$DATA_FILES_PATH/server5.crt key_file2=$DATA_FILES_PATH/server5.key \ 2518 key_opaque_algs2=ecdsa-sign,none" \ 2519 "$P_CLI force_version=tls12" \ 2520 0 \ 2521 -c "Verifying peer X.509 certificate... ok" \ 2522 -c "Ciphersuite is TLS-ECDHE-ECDSA" \ 2523 -c "CN=Polarssl Test EC CA" \ 2524 -s "key types: Opaque, Opaque" \ 2525 -s "Ciphersuite is TLS-ECDHE-ECDSA" \ 2526 -S "error" \ 2527 -C "error" 2528 2529 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 2530 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C 2531 requires_hash_alg SHA_384 2532 requires_config_disabled MBEDTLS_X509_REMOVE_INFO 2533 run_test "Opaque keys for server authentication: EC keys with different algs, force ECDH-ECDSA" \ 2534 "$P_SRV key_opaque=1 crt_file=$DATA_FILES_PATH/server7.crt \ 2535 key_file=$DATA_FILES_PATH/server7.key key_opaque_algs=ecdsa-sign,none \ 2536 crt_file2=$DATA_FILES_PATH/server5.crt key_file2=$DATA_FILES_PATH/server5.key \ 2537 key_opaque_algs2=ecdh,none debug_level=3" \ 2538 "$P_CLI force_version=tls12 force_ciphersuite=TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384" \ 2539 0 \ 2540 -c "Verifying peer X.509 certificate... ok" \ 2541 -c "Ciphersuite is TLS-ECDH-ECDSA" \ 2542 -c "CN=Polarssl Test EC CA" \ 2543 -s "key types: Opaque, Opaque" \ 2544 -s "Ciphersuite is TLS-ECDH-ECDSA" \ 2545 -S "error" \ 2546 -C "error" 2547 2548 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 2549 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C 2550 requires_hash_alg SHA_384 2551 requires_config_disabled MBEDTLS_X509_REMOVE_INFO 2552 run_test "Opaque keys for server authentication: EC + RSA, force ECDHE-ECDSA" \ 2553 "$P_SRV key_opaque=1 crt_file=$DATA_FILES_PATH/server5.crt \ 2554 key_file=$DATA_FILES_PATH/server5.key key_opaque_algs=ecdsa-sign,none \ 2555 crt_file2=$DATA_FILES_PATH/server2-sha256.crt \ 2556 key_file2=$DATA_FILES_PATH/server2.key key_opaque_algs2=rsa-sign-pkcs1,none" \ 2557 "$P_CLI force_version=tls12 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \ 2558 0 \ 2559 -c "Verifying peer X.509 certificate... ok" \ 2560 -c "Ciphersuite is TLS-ECDHE-ECDSA" \ 2561 -c "CN=Polarssl Test EC CA" \ 2562 -s "key types: Opaque, Opaque" \ 2563 -s "Ciphersuite is TLS-ECDHE-ECDSA" \ 2564 -S "error" \ 2565 -C "error" 2566 2567 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2568 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 2569 requires_config_enabled MBEDTLS_RSA_C 2570 requires_config_enabled MBEDTLS_SSL_SRV_C 2571 requires_config_enabled MBEDTLS_SSL_CLI_C 2572 run_test "TLS 1.3 opaque key: no suitable algorithm found" \ 2573 "$P_SRV debug_level=4 auth_mode=required key_opaque=1 key_opaque_algs=rsa-decrypt,none" \ 2574 "$P_CLI debug_level=4 key_opaque=1 key_opaque_algs=rsa-decrypt,rsa-sign-pss" \ 2575 1 \ 2576 -c "key type: Opaque" \ 2577 -s "key types: Opaque, Opaque" \ 2578 -c "error" \ 2579 -s "no suitable signature algorithm" 2580 2581 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2582 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 2583 requires_config_enabled MBEDTLS_RSA_C 2584 requires_config_enabled MBEDTLS_SSL_SRV_C 2585 requires_config_enabled MBEDTLS_SSL_CLI_C 2586 run_test "TLS 1.3 opaque key: suitable algorithm found" \ 2587 "$P_SRV debug_level=4 auth_mode=required key_opaque=1 key_opaque_algs=rsa-decrypt,rsa-sign-pss" \ 2588 "$P_CLI debug_level=4 key_opaque=1 key_opaque_algs=rsa-decrypt,rsa-sign-pss" \ 2589 0 \ 2590 -c "key type: Opaque" \ 2591 -s "key types: Opaque, Opaque" \ 2592 -C "error" \ 2593 -S "error" 2594 2595 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2596 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 2597 requires_config_enabled MBEDTLS_RSA_C 2598 requires_config_enabled MBEDTLS_SSL_SRV_C 2599 requires_config_enabled MBEDTLS_SSL_CLI_C 2600 run_test "TLS 1.3 opaque key: first client sig alg not suitable" \ 2601 "$P_SRV debug_level=4 auth_mode=required key_opaque=1 key_opaque_algs=rsa-sign-pss-sha512,none" \ 2602 "$P_CLI debug_level=4 sig_algs=rsa_pss_rsae_sha256,rsa_pss_rsae_sha512" \ 2603 0 \ 2604 -s "key types: Opaque, Opaque" \ 2605 -s "CertificateVerify signature failed with rsa_pss_rsae_sha256" \ 2606 -s "CertificateVerify signature with rsa_pss_rsae_sha512" \ 2607 -C "error" \ 2608 -S "error" \ 2609 2610 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 2611 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 2612 requires_config_enabled MBEDTLS_RSA_C 2613 requires_config_enabled MBEDTLS_SSL_SRV_C 2614 requires_config_enabled MBEDTLS_SSL_CLI_C 2615 run_test "TLS 1.3 opaque key: 2 keys on server, suitable algorithm found" \ 2616 "$P_SRV debug_level=4 auth_mode=required key_opaque=1 key_opaque_algs2=ecdsa-sign,none key_opaque_algs=rsa-decrypt,rsa-sign-pss" \ 2617 "$P_CLI debug_level=4 key_opaque=1 key_opaque_algs=rsa-decrypt,rsa-sign-pss" \ 2618 0 \ 2619 -c "key type: Opaque" \ 2620 -s "key types: Opaque, Opaque" \ 2621 -C "error" \ 2622 -S "error" \ 2623 2624 # Test using a RSA opaque private key for server authentication 2625 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 2626 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C 2627 requires_config_enabled MBEDTLS_RSA_C 2628 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED 2629 requires_hash_alg SHA_256 2630 run_test "Opaque key for server authentication: ECDHE-RSA" \ 2631 "$P_SRV key_opaque=1 crt_file=$DATA_FILES_PATH/server2-sha256.crt \ 2632 key_file=$DATA_FILES_PATH/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \ 2633 "$P_CLI force_version=tls12" \ 2634 0 \ 2635 -c "Verifying peer X.509 certificate... ok" \ 2636 -c "Ciphersuite is TLS-ECDHE-RSA" \ 2637 -s "key types: Opaque, none" \ 2638 -s "Ciphersuite is TLS-ECDHE-RSA" \ 2639 -S "error" \ 2640 -C "error" 2641 2642 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 2643 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C 2644 requires_config_enabled MBEDTLS_RSA_C 2645 requires_hash_alg SHA_256 2646 run_test "Opaque key for server authentication: DHE-RSA" \ 2647 "$P_SRV key_opaque=1 crt_file=$DATA_FILES_PATH/server2-sha256.crt \ 2648 key_file=$DATA_FILES_PATH/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \ 2649 "$P_CLI force_version=tls12 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ 2650 0 \ 2651 -c "Verifying peer X.509 certificate... ok" \ 2652 -c "Ciphersuite is TLS-DHE-RSA" \ 2653 -s "key types: Opaque, none" \ 2654 -s "Ciphersuite is TLS-DHE-RSA" \ 2655 -S "error" \ 2656 -C "error" 2657 2658 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 2659 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C 2660 requires_config_enabled MBEDTLS_RSA_C 2661 requires_hash_alg SHA_256 2662 run_test "Opaque key for server authentication: RSA-PSK" \ 2663 "$P_SRV debug_level=1 key_opaque=1 key_opaque_algs=rsa-decrypt,none \ 2664 psk=73776f726466697368 psk_identity=foo" \ 2665 "$P_CLI force_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256 \ 2666 psk=73776f726466697368 psk_identity=foo" \ 2667 0 \ 2668 -c "Verifying peer X.509 certificate... ok" \ 2669 -c "Ciphersuite is TLS-RSA-PSK-" \ 2670 -s "key types: Opaque, Opaque" \ 2671 -s "Ciphersuite is TLS-RSA-PSK-" \ 2672 -S "error" \ 2673 -C "error" 2674 2675 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 2676 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C 2677 requires_config_enabled MBEDTLS_RSA_C 2678 requires_hash_alg SHA_256 2679 run_test "Opaque key for server authentication: RSA-" \ 2680 "$P_SRV debug_level=3 key_opaque=1 key_opaque_algs=rsa-decrypt,none " \ 2681 "$P_CLI force_version=tls12 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA256" \ 2682 0 \ 2683 -c "Verifying peer X.509 certificate... ok" \ 2684 -c "Ciphersuite is TLS-RSA-" \ 2685 -s "key types: Opaque, Opaque" \ 2686 -s "Ciphersuite is TLS-RSA-" \ 2687 -S "error" \ 2688 -C "error" 2689 2690 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 2691 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C 2692 requires_config_enabled MBEDTLS_RSA_C 2693 requires_hash_alg SHA_256 2694 run_test "Opaque key for server authentication: DHE-RSA, PSS instead of PKCS1" \ 2695 "$P_SRV auth_mode=required key_opaque=1 crt_file=$DATA_FILES_PATH/server2-sha256.crt \ 2696 key_file=$DATA_FILES_PATH/server2.key key_opaque_algs=rsa-sign-pss,none debug_level=1" \ 2697 "$P_CLI crt_file=$DATA_FILES_PATH/server2-sha256.crt \ 2698 key_file=$DATA_FILES_PATH/server2.key force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ 2699 1 \ 2700 -s "key types: Opaque, none" \ 2701 -s "got ciphersuites in common, but none of them usable" \ 2702 -s "error" \ 2703 -c "error" 2704 2705 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 2706 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C 2707 requires_config_enabled MBEDTLS_RSA_C 2708 requires_hash_alg SHA_256 2709 requires_config_disabled MBEDTLS_X509_REMOVE_INFO 2710 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED 2711 run_test "Opaque keys for server authentication: RSA keys with different algs" \ 2712 "$P_SRV force_version=tls12 auth_mode=required key_opaque=1 crt_file=$DATA_FILES_PATH/server2-sha256.crt \ 2713 key_file=$DATA_FILES_PATH/server2.key key_opaque_algs=rsa-sign-pss,none \ 2714 crt_file2=$DATA_FILES_PATH/server4.crt \ 2715 key_file2=$DATA_FILES_PATH/server4.key key_opaque_algs2=rsa-sign-pkcs1,none" \ 2716 "$P_CLI force_version=tls12" \ 2717 0 \ 2718 -c "Verifying peer X.509 certificate... ok" \ 2719 -c "Ciphersuite is TLS-ECDHE-RSA" \ 2720 -c "CN=Polarssl Test EC CA" \ 2721 -s "key types: Opaque, Opaque" \ 2722 -s "Ciphersuite is TLS-ECDHE-RSA" \ 2723 -S "error" \ 2724 -C "error" 2725 2726 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 2727 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C 2728 requires_config_enabled MBEDTLS_RSA_C 2729 requires_hash_alg SHA_384 2730 requires_config_disabled MBEDTLS_X509_REMOVE_INFO 2731 run_test "Opaque keys for server authentication: EC + RSA, force DHE-RSA" \ 2732 "$P_SRV auth_mode=required key_opaque=1 crt_file=$DATA_FILES_PATH/server5.crt \ 2733 key_file=$DATA_FILES_PATH/server5.key key_opaque_algs=ecdsa-sign,none \ 2734 crt_file2=$DATA_FILES_PATH/server4.crt \ 2735 key_file2=$DATA_FILES_PATH/server4.key key_opaque_algs2=rsa-sign-pkcs1,none" \ 2736 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ 2737 0 \ 2738 -c "Verifying peer X.509 certificate... ok" \ 2739 -c "Ciphersuite is TLS-DHE-RSA" \ 2740 -c "CN=Polarssl Test EC CA" \ 2741 -s "key types: Opaque, Opaque" \ 2742 -s "Ciphersuite is TLS-DHE-RSA" \ 2743 -S "error" \ 2744 -C "error" 2745 2746 # Test using an EC opaque private key for client/server authentication 2747 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 2748 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C 2749 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED 2750 requires_hash_alg SHA_256 2751 run_test "Opaque key for client/server authentication: ECDHE-ECDSA" \ 2752 "$P_SRV force_version=tls12 auth_mode=required key_opaque=1 crt_file=$DATA_FILES_PATH/server5.crt \ 2753 key_file=$DATA_FILES_PATH/server5.key key_opaque_algs=ecdsa-sign,none" \ 2754 "$P_CLI key_opaque=1 crt_file=$DATA_FILES_PATH/server5.crt \ 2755 key_file=$DATA_FILES_PATH/server5.key key_opaque_algs=ecdsa-sign,none" \ 2756 0 \ 2757 -c "key type: Opaque" \ 2758 -c "Verifying peer X.509 certificate... ok" \ 2759 -c "Ciphersuite is TLS-ECDHE-ECDSA" \ 2760 -s "key types: Opaque, none" \ 2761 -s "Verifying peer X.509 certificate... ok" \ 2762 -s "Ciphersuite is TLS-ECDHE-ECDSA" \ 2763 -S "error" \ 2764 -C "error" 2765 2766 # Test using a RSA opaque private key for client/server authentication 2767 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 2768 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C 2769 requires_config_enabled MBEDTLS_RSA_C 2770 requires_hash_alg SHA_256 2771 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED 2772 run_test "Opaque key for client/server authentication: ECDHE-RSA" \ 2773 "$P_SRV auth_mode=required key_opaque=1 crt_file=$DATA_FILES_PATH/server2-sha256.crt \ 2774 key_file=$DATA_FILES_PATH/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \ 2775 "$P_CLI force_version=tls12 key_opaque=1 crt_file=$DATA_FILES_PATH/server2-sha256.crt \ 2776 key_file=$DATA_FILES_PATH/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \ 2777 0 \ 2778 -c "key type: Opaque" \ 2779 -c "Verifying peer X.509 certificate... ok" \ 2780 -c "Ciphersuite is TLS-ECDHE-RSA" \ 2781 -s "key types: Opaque, none" \ 2782 -s "Verifying peer X.509 certificate... ok" \ 2783 -s "Ciphersuite is TLS-ECDHE-RSA" \ 2784 -S "error" \ 2785 -C "error" 2786 2787 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 2788 requires_config_enabled MBEDTLS_X509_CRT_PARSE_C 2789 requires_config_enabled MBEDTLS_RSA_C 2790 requires_hash_alg SHA_256 2791 run_test "Opaque key for client/server authentication: DHE-RSA" \ 2792 "$P_SRV auth_mode=required key_opaque=1 crt_file=$DATA_FILES_PATH/server2-sha256.crt \ 2793 key_file=$DATA_FILES_PATH/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \ 2794 "$P_CLI key_opaque=1 crt_file=$DATA_FILES_PATH/server2-sha256.crt \ 2795 key_file=$DATA_FILES_PATH/server2.key key_opaque_algs=rsa-sign-pkcs1,none \ 2796 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ 2797 0 \ 2798 -c "key type: Opaque" \ 2799 -c "Verifying peer X.509 certificate... ok" \ 2800 -c "Ciphersuite is TLS-DHE-RSA" \ 2801 -s "key types: Opaque, none" \ 2802 -s "Verifying peer X.509 certificate... ok" \ 2803 -s "Ciphersuite is TLS-DHE-RSA" \ 2804 -S "error" \ 2805 -C "error" 2806 2807 2808 # Test ciphersuites which we expect to be fully supported by PSA Crypto 2809 # and check that we don't fall back to Mbed TLS' internal crypto primitives. 2810 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CCM 2811 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 2812 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CCM 2813 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8 2814 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 2815 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 2816 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA 2817 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 2818 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384 2819 2820 requires_config_enabled PSA_WANT_ECC_SECP_R1_521 2821 run_test_psa_force_curve "secp521r1" 2822 requires_config_enabled PSA_WANT_ECC_BRAINPOOL_P_R1_512 2823 run_test_psa_force_curve "brainpoolP512r1" 2824 requires_config_enabled PSA_WANT_ECC_SECP_R1_384 2825 run_test_psa_force_curve "secp384r1" 2826 requires_config_enabled PSA_WANT_ECC_BRAINPOOL_P_R1_384 2827 run_test_psa_force_curve "brainpoolP384r1" 2828 requires_config_enabled PSA_WANT_ECC_SECP_R1_256 2829 run_test_psa_force_curve "secp256r1" 2830 requires_config_enabled PSA_WANT_ECC_SECP_K1_256 2831 run_test_psa_force_curve "secp256k1" 2832 requires_config_enabled PSA_WANT_ECC_BRAINPOOL_P_R1_256 2833 run_test_psa_force_curve "brainpoolP256r1" 2834 requires_config_enabled PSA_WANT_ECC_SECP_R1_224 2835 run_test_psa_force_curve "secp224r1" 2836 ## SECP224K1 is buggy via the PSA API 2837 ## (https://github.com/Mbed-TLS/mbedtls/issues/3541), 2838 ## so it is disabled in PSA even when it's enabled in Mbed TLS. 2839 ## The proper dependency would be on PSA_WANT_ECC_SECP_K1_224 but 2840 ## dependencies on PSA symbols in ssl-opt.sh are not implemented yet. 2841 #requires_config_enabled PSA_WANT_ECC_SECP_K1_224 2842 #run_test_psa_force_curve "secp224k1" 2843 requires_config_enabled PSA_WANT_ECC_SECP_R1_192 2844 run_test_psa_force_curve "secp192r1" 2845 requires_config_enabled PSA_WANT_ECC_SECP_K1_192 2846 run_test_psa_force_curve "secp192k1" 2847 2848 # Test current time in ServerHello 2849 requires_config_enabled MBEDTLS_HAVE_TIME 2850 run_test "ServerHello contains gmt_unix_time" \ 2851 "$P_SRV debug_level=3" \ 2852 "$P_CLI force_version=tls12 debug_level=3" \ 2853 0 \ 2854 -f "check_server_hello_time" \ 2855 -F "check_server_hello_time" 2856 2857 # Test for uniqueness of IVs in AEAD ciphersuites 2858 run_test "Unique IV in GCM" \ 2859 "$P_SRV exchanges=20 debug_level=4" \ 2860 "$P_CLI exchanges=20 debug_level=4 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \ 2861 0 \ 2862 -u "IV used" \ 2863 -U "IV used" 2864 2865 # Test for correctness of sent single supported algorithm 2866 requires_any_configs_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED \ 2867 PSA_WANT_ECC_SECP_R1_256 2868 requires_config_enabled MBEDTLS_DEBUG_C 2869 requires_config_enabled MBEDTLS_SSL_CLI_C 2870 requires_config_enabled MBEDTLS_SSL_SRV_C 2871 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 2872 requires_pk_alg "ECDSA" 2873 requires_hash_alg SHA_256 2874 run_test "Single supported algorithm sending: mbedtls client" \ 2875 "$P_SRV sig_algs=ecdsa_secp256r1_sha256 auth_mode=required" \ 2876 "$P_CLI force_version=tls12 sig_algs=ecdsa_secp256r1_sha256 debug_level=3" \ 2877 0 \ 2878 -c "Supported Signature Algorithm found: 04 03" 2879 2880 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 2881 requires_config_enabled MBEDTLS_SSL_SRV_C 2882 requires_any_configs_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED \ 2883 PSA_WANT_ECC_SECP_R1_256 2884 requires_hash_alg SHA_256 2885 run_test "Single supported algorithm sending: openssl client" \ 2886 "$P_SRV sig_algs=ecdsa_secp256r1_sha256 auth_mode=required" \ 2887 "$O_CLI -cert $DATA_FILES_PATH/server6.crt \ 2888 -key $DATA_FILES_PATH/server6.key" \ 2889 0 2890 2891 # Tests for certificate verification callback 2892 run_test "Configuration-specific CRT verification callback" \ 2893 "$P_SRV debug_level=3" \ 2894 "$P_CLI context_crt_cb=0 debug_level=3" \ 2895 0 \ 2896 -S "error" \ 2897 -c "Verify requested for " \ 2898 -c "Use configuration-specific verification callback" \ 2899 -C "Use context-specific verification callback" \ 2900 -C "error" 2901 2902 run_test "Context-specific CRT verification callback" \ 2903 "$P_SRV debug_level=3" \ 2904 "$P_CLI context_crt_cb=1 debug_level=3" \ 2905 0 \ 2906 -S "error" \ 2907 -c "Verify requested for " \ 2908 -c "Use context-specific verification callback" \ 2909 -C "Use configuration-specific verification callback" \ 2910 -C "error" 2911 2912 # Tests for SHA-1 support 2913 requires_hash_alg SHA_1 2914 run_test "SHA-1 forbidden by default in server certificate" \ 2915 "$P_SRV key_file=$DATA_FILES_PATH/server2.key crt_file=$DATA_FILES_PATH/server2.crt" \ 2916 "$P_CLI debug_level=2 force_version=tls12 allow_sha1=0" \ 2917 1 \ 2918 -c "The certificate is signed with an unacceptable hash" 2919 2920 requires_hash_alg SHA_1 2921 run_test "SHA-1 explicitly allowed in server certificate" \ 2922 "$P_SRV key_file=$DATA_FILES_PATH/server2.key crt_file=$DATA_FILES_PATH/server2.crt" \ 2923 "$P_CLI force_version=tls12 allow_sha1=1" \ 2924 0 2925 2926 run_test "SHA-256 allowed by default in server certificate" \ 2927 "$P_SRV key_file=$DATA_FILES_PATH/server2.key crt_file=$DATA_FILES_PATH/server2-sha256.crt" \ 2928 "$P_CLI force_version=tls12 allow_sha1=0" \ 2929 0 2930 2931 requires_hash_alg SHA_1 2932 requires_config_enabled MBEDTLS_RSA_C 2933 run_test "SHA-1 forbidden by default in client certificate" \ 2934 "$P_SRV force_version=tls12 auth_mode=required allow_sha1=0" \ 2935 "$P_CLI key_file=$DATA_FILES_PATH/cli-rsa.key crt_file=$DATA_FILES_PATH/cli-rsa-sha1.crt" \ 2936 1 \ 2937 -s "The certificate is signed with an unacceptable hash" 2938 2939 requires_hash_alg SHA_1 2940 requires_config_enabled MBEDTLS_RSA_C 2941 run_test "SHA-1 explicitly allowed in client certificate" \ 2942 "$P_SRV force_version=tls12 auth_mode=required allow_sha1=1" \ 2943 "$P_CLI key_file=$DATA_FILES_PATH/cli-rsa.key crt_file=$DATA_FILES_PATH/cli-rsa-sha1.crt" \ 2944 0 2945 2946 requires_config_enabled MBEDTLS_RSA_C 2947 requires_hash_alg SHA_256 2948 run_test "SHA-256 allowed by default in client certificate" \ 2949 "$P_SRV force_version=tls12 auth_mode=required allow_sha1=0" \ 2950 "$P_CLI key_file=$DATA_FILES_PATH/cli-rsa.key crt_file=$DATA_FILES_PATH/cli-rsa-sha256.crt" \ 2951 0 2952 2953 # Tests for datagram packing 2954 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 2955 run_test "DTLS: multiple records in same datagram, client and server" \ 2956 "$P_SRV dtls=1 dgram_packing=1 debug_level=2" \ 2957 "$P_CLI dtls=1 dgram_packing=1 debug_level=2" \ 2958 0 \ 2959 -c "next record in same datagram" \ 2960 -s "next record in same datagram" 2961 2962 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 2963 run_test "DTLS: multiple records in same datagram, client only" \ 2964 "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \ 2965 "$P_CLI dtls=1 dgram_packing=1 debug_level=2" \ 2966 0 \ 2967 -s "next record in same datagram" \ 2968 -C "next record in same datagram" 2969 2970 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 2971 run_test "DTLS: multiple records in same datagram, server only" \ 2972 "$P_SRV dtls=1 dgram_packing=1 debug_level=2" \ 2973 "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \ 2974 0 \ 2975 -S "next record in same datagram" \ 2976 -c "next record in same datagram" 2977 2978 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 2979 run_test "DTLS: multiple records in same datagram, neither client nor server" \ 2980 "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \ 2981 "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \ 2982 0 \ 2983 -S "next record in same datagram" \ 2984 -C "next record in same datagram" 2985 2986 # Tests for Context serialization 2987 2988 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION 2989 run_test "Context serialization, client serializes, CCM" \ 2990 "$P_SRV dtls=1 serialize=0 exchanges=2" \ 2991 "$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ 2992 0 \ 2993 -c "Deserializing connection..." \ 2994 -S "Deserializing connection..." 2995 2996 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION 2997 run_test "Context serialization, client serializes, ChaChaPoly" \ 2998 "$P_SRV dtls=1 serialize=0 exchanges=2" \ 2999 "$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \ 3000 0 \ 3001 -c "Deserializing connection..." \ 3002 -S "Deserializing connection..." 3003 3004 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION 3005 run_test "Context serialization, client serializes, GCM" \ 3006 "$P_SRV dtls=1 serialize=0 exchanges=2" \ 3007 "$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \ 3008 0 \ 3009 -c "Deserializing connection..." \ 3010 -S "Deserializing connection..." 3011 3012 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3013 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION 3014 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3015 run_test "Context serialization, client serializes, with CID" \ 3016 "$P_SRV dtls=1 serialize=0 exchanges=2 cid=1 cid_val=dead" \ 3017 "$P_CLI dtls=1 serialize=1 exchanges=2 cid=1 cid_val=beef" \ 3018 0 \ 3019 -c "Deserializing connection..." \ 3020 -S "Deserializing connection..." 3021 3022 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION 3023 run_test "Context serialization, server serializes, CCM" \ 3024 "$P_SRV dtls=1 serialize=1 exchanges=2" \ 3025 "$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ 3026 0 \ 3027 -C "Deserializing connection..." \ 3028 -s "Deserializing connection..." 3029 3030 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION 3031 run_test "Context serialization, server serializes, ChaChaPoly" \ 3032 "$P_SRV dtls=1 serialize=1 exchanges=2" \ 3033 "$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \ 3034 0 \ 3035 -C "Deserializing connection..." \ 3036 -s "Deserializing connection..." 3037 3038 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION 3039 run_test "Context serialization, server serializes, GCM" \ 3040 "$P_SRV dtls=1 serialize=1 exchanges=2" \ 3041 "$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \ 3042 0 \ 3043 -C "Deserializing connection..." \ 3044 -s "Deserializing connection..." 3045 3046 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3047 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION 3048 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3049 run_test "Context serialization, server serializes, with CID" \ 3050 "$P_SRV dtls=1 serialize=1 exchanges=2 cid=1 cid_val=dead" \ 3051 "$P_CLI dtls=1 serialize=0 exchanges=2 cid=1 cid_val=beef" \ 3052 0 \ 3053 -C "Deserializing connection..." \ 3054 -s "Deserializing connection..." 3055 3056 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION 3057 run_test "Context serialization, both serialize, CCM" \ 3058 "$P_SRV dtls=1 serialize=1 exchanges=2" \ 3059 "$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ 3060 0 \ 3061 -c "Deserializing connection..." \ 3062 -s "Deserializing connection..." 3063 3064 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION 3065 run_test "Context serialization, both serialize, ChaChaPoly" \ 3066 "$P_SRV dtls=1 serialize=1 exchanges=2" \ 3067 "$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \ 3068 0 \ 3069 -c "Deserializing connection..." \ 3070 -s "Deserializing connection..." 3071 3072 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION 3073 run_test "Context serialization, both serialize, GCM" \ 3074 "$P_SRV dtls=1 serialize=1 exchanges=2" \ 3075 "$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \ 3076 0 \ 3077 -c "Deserializing connection..." \ 3078 -s "Deserializing connection..." 3079 3080 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3081 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION 3082 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3083 run_test "Context serialization, both serialize, with CID" \ 3084 "$P_SRV dtls=1 serialize=1 exchanges=2 cid=1 cid_val=dead" \ 3085 "$P_CLI dtls=1 serialize=1 exchanges=2 cid=1 cid_val=beef" \ 3086 0 \ 3087 -c "Deserializing connection..." \ 3088 -s "Deserializing connection..." 3089 3090 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION 3091 run_test "Context serialization, re-init, client serializes, CCM" \ 3092 "$P_SRV dtls=1 serialize=0 exchanges=2" \ 3093 "$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ 3094 0 \ 3095 -c "Deserializing connection..." \ 3096 -S "Deserializing connection..." 3097 3098 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3099 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION 3100 run_test "Context serialization, re-init, client serializes, ChaChaPoly" \ 3101 "$P_SRV dtls=1 serialize=0 exchanges=2" \ 3102 "$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \ 3103 0 \ 3104 -c "Deserializing connection..." \ 3105 -S "Deserializing connection..." 3106 3107 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION 3108 run_test "Context serialization, re-init, client serializes, GCM" \ 3109 "$P_SRV dtls=1 serialize=0 exchanges=2" \ 3110 "$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \ 3111 0 \ 3112 -c "Deserializing connection..." \ 3113 -S "Deserializing connection..." 3114 3115 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3116 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION 3117 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3118 run_test "Context serialization, re-init, client serializes, with CID" \ 3119 "$P_SRV dtls=1 serialize=0 exchanges=2 cid=1 cid_val=dead" \ 3120 "$P_CLI dtls=1 serialize=2 exchanges=2 cid=1 cid_val=beef" \ 3121 0 \ 3122 -c "Deserializing connection..." \ 3123 -S "Deserializing connection..." 3124 3125 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION 3126 run_test "Context serialization, re-init, server serializes, CCM" \ 3127 "$P_SRV dtls=1 serialize=2 exchanges=2" \ 3128 "$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ 3129 0 \ 3130 -C "Deserializing connection..." \ 3131 -s "Deserializing connection..." 3132 3133 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION 3134 run_test "Context serialization, re-init, server serializes, ChaChaPoly" \ 3135 "$P_SRV dtls=1 serialize=2 exchanges=2" \ 3136 "$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \ 3137 0 \ 3138 -C "Deserializing connection..." \ 3139 -s "Deserializing connection..." 3140 3141 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION 3142 run_test "Context serialization, re-init, server serializes, GCM" \ 3143 "$P_SRV dtls=1 serialize=2 exchanges=2" \ 3144 "$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \ 3145 0 \ 3146 -C "Deserializing connection..." \ 3147 -s "Deserializing connection..." 3148 3149 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3150 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION 3151 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3152 run_test "Context serialization, re-init, server serializes, with CID" \ 3153 "$P_SRV dtls=1 serialize=2 exchanges=2 cid=1 cid_val=dead" \ 3154 "$P_CLI dtls=1 serialize=0 exchanges=2 cid=1 cid_val=beef" \ 3155 0 \ 3156 -C "Deserializing connection..." \ 3157 -s "Deserializing connection..." 3158 3159 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION 3160 run_test "Context serialization, re-init, both serialize, CCM" \ 3161 "$P_SRV dtls=1 serialize=2 exchanges=2" \ 3162 "$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ 3163 0 \ 3164 -c "Deserializing connection..." \ 3165 -s "Deserializing connection..." 3166 3167 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION 3168 run_test "Context serialization, re-init, both serialize, ChaChaPoly" \ 3169 "$P_SRV dtls=1 serialize=2 exchanges=2" \ 3170 "$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \ 3171 0 \ 3172 -c "Deserializing connection..." \ 3173 -s "Deserializing connection..." 3174 3175 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION 3176 run_test "Context serialization, re-init, both serialize, GCM" \ 3177 "$P_SRV dtls=1 serialize=2 exchanges=2" \ 3178 "$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \ 3179 0 \ 3180 -c "Deserializing connection..." \ 3181 -s "Deserializing connection..." 3182 3183 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3184 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION 3185 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3186 run_test "Context serialization, re-init, both serialize, with CID" \ 3187 "$P_SRV dtls=1 serialize=2 exchanges=2 cid=1 cid_val=dead" \ 3188 "$P_CLI dtls=1 serialize=2 exchanges=2 cid=1 cid_val=beef" \ 3189 0 \ 3190 -c "Deserializing connection..." \ 3191 -s "Deserializing connection..." 3192 3193 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3194 requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION 3195 run_test "Saving the serialized context to a file" \ 3196 "$P_SRV dtls=1 serialize=1 context_file=context_srv.txt" \ 3197 "$P_CLI dtls=1 serialize=1 context_file=context_cli.txt" \ 3198 0 \ 3199 -s "Save serialized context to a file... ok" \ 3200 -c "Save serialized context to a file... ok" 3201 3202 requires_config_enabled MBEDTLS_SSL_KEYING_MATERIAL_EXPORT 3203 requires_protocol_version tls12 3204 run_test_export_keying_material tls12 3205 3206 requires_config_enabled MBEDTLS_SSL_KEYING_MATERIAL_EXPORT 3207 requires_protocol_version tls12 3208 run_test_export_keying_material_openssl_compat tls12 3209 3210 requires_config_enabled MBEDTLS_SSL_KEYING_MATERIAL_EXPORT 3211 requires_protocol_version tls13 3212 run_test_export_keying_material tls13 3213 3214 requires_config_enabled MBEDTLS_SSL_KEYING_MATERIAL_EXPORT 3215 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 3216 requires_openssl_tls1_3_with_compatible_ephemeral 3217 run_test_export_keying_material_openssl_compat tls13 3218 3219 rm -f context_srv.txt 3220 rm -f context_cli.txt 3221 3222 # Tests for DTLS Connection ID extension 3223 3224 # So far, the CID API isn't implemented, so we can't 3225 # grep for output witnessing its use. This needs to be 3226 # changed once the CID extension is implemented. 3227 3228 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3229 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3230 run_test "Connection ID: Cli enabled, Srv disabled" \ 3231 "$P_SRV debug_level=3 dtls=1 cid=0" \ 3232 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \ 3233 0 \ 3234 -s "Disable use of CID extension." \ 3235 -s "found CID extension" \ 3236 -s "Client sent CID extension, but CID disabled" \ 3237 -c "Enable use of CID extension." \ 3238 -c "client hello, adding CID extension" \ 3239 -S "server hello, adding CID extension" \ 3240 -C "found CID extension" \ 3241 -S "Copy CIDs into SSL transform" \ 3242 -C "Copy CIDs into SSL transform" \ 3243 -c "Use of Connection ID was rejected by the server" 3244 3245 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3246 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3247 run_test "Connection ID: Cli disabled, Srv enabled" \ 3248 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \ 3249 "$P_CLI debug_level=3 dtls=1 cid=0" \ 3250 0 \ 3251 -c "Disable use of CID extension." \ 3252 -C "client hello, adding CID extension" \ 3253 -S "found CID extension" \ 3254 -s "Enable use of CID extension." \ 3255 -S "server hello, adding CID extension" \ 3256 -C "found CID extension" \ 3257 -S "Copy CIDs into SSL transform" \ 3258 -C "Copy CIDs into SSL transform" \ 3259 -s "Use of Connection ID was not offered by client" 3260 3261 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3262 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3263 run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID nonempty" \ 3264 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead" \ 3265 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef" \ 3266 0 \ 3267 -c "Enable use of CID extension." \ 3268 -s "Enable use of CID extension." \ 3269 -c "client hello, adding CID extension" \ 3270 -s "found CID extension" \ 3271 -s "Use of CID extension negotiated" \ 3272 -s "server hello, adding CID extension" \ 3273 -c "found CID extension" \ 3274 -c "Use of CID extension negotiated" \ 3275 -s "Copy CIDs into SSL transform" \ 3276 -c "Copy CIDs into SSL transform" \ 3277 -c "Peer CID (length 2 Bytes): de ad" \ 3278 -s "Peer CID (length 2 Bytes): be ef" \ 3279 -s "Use of Connection ID has been negotiated" \ 3280 -c "Use of Connection ID has been negotiated" 3281 3282 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3283 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3284 run_test "Connection ID, 3D: Cli+Srv enabled, Cli+Srv CID nonempty" \ 3285 -p "$P_PXY drop=5 delay=5 duplicate=5 bad_cid=1" \ 3286 "$P_SRV debug_level=3 dtls=1 cid=1 dgram_packing=0 cid_val=dead" \ 3287 "$P_CLI debug_level=3 dtls=1 cid=1 dgram_packing=0 cid_val=beef" \ 3288 0 \ 3289 -c "Enable use of CID extension." \ 3290 -s "Enable use of CID extension." \ 3291 -c "client hello, adding CID extension" \ 3292 -s "found CID extension" \ 3293 -s "Use of CID extension negotiated" \ 3294 -s "server hello, adding CID extension" \ 3295 -c "found CID extension" \ 3296 -c "Use of CID extension negotiated" \ 3297 -s "Copy CIDs into SSL transform" \ 3298 -c "Copy CIDs into SSL transform" \ 3299 -c "Peer CID (length 2 Bytes): de ad" \ 3300 -s "Peer CID (length 2 Bytes): be ef" \ 3301 -s "Use of Connection ID has been negotiated" \ 3302 -c "Use of Connection ID has been negotiated" \ 3303 -c "ignoring unexpected CID" \ 3304 -s "ignoring unexpected CID" 3305 3306 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3307 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3308 run_test "Connection ID, MTU: Cli+Srv enabled, Cli+Srv CID nonempty" \ 3309 -p "$P_PXY mtu=800" \ 3310 "$P_SRV debug_level=3 mtu=800 dtls=1 cid=1 cid_val=dead" \ 3311 "$P_CLI debug_level=3 mtu=800 dtls=1 cid=1 cid_val=beef" \ 3312 0 \ 3313 -c "Enable use of CID extension." \ 3314 -s "Enable use of CID extension." \ 3315 -c "client hello, adding CID extension" \ 3316 -s "found CID extension" \ 3317 -s "Use of CID extension negotiated" \ 3318 -s "server hello, adding CID extension" \ 3319 -c "found CID extension" \ 3320 -c "Use of CID extension negotiated" \ 3321 -s "Copy CIDs into SSL transform" \ 3322 -c "Copy CIDs into SSL transform" \ 3323 -c "Peer CID (length 2 Bytes): de ad" \ 3324 -s "Peer CID (length 2 Bytes): be ef" \ 3325 -s "Use of Connection ID has been negotiated" \ 3326 -c "Use of Connection ID has been negotiated" 3327 3328 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3329 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3330 run_test "Connection ID, 3D+MTU: Cli+Srv enabled, Cli+Srv CID nonempty" \ 3331 -p "$P_PXY mtu=800 drop=5 delay=5 duplicate=5 bad_cid=1" \ 3332 "$P_SRV debug_level=3 mtu=800 dtls=1 cid=1 cid_val=dead" \ 3333 "$P_CLI debug_level=3 mtu=800 dtls=1 cid=1 cid_val=beef" \ 3334 0 \ 3335 -c "Enable use of CID extension." \ 3336 -s "Enable use of CID extension." \ 3337 -c "client hello, adding CID extension" \ 3338 -s "found CID extension" \ 3339 -s "Use of CID extension negotiated" \ 3340 -s "server hello, adding CID extension" \ 3341 -c "found CID extension" \ 3342 -c "Use of CID extension negotiated" \ 3343 -s "Copy CIDs into SSL transform" \ 3344 -c "Copy CIDs into SSL transform" \ 3345 -c "Peer CID (length 2 Bytes): de ad" \ 3346 -s "Peer CID (length 2 Bytes): be ef" \ 3347 -s "Use of Connection ID has been negotiated" \ 3348 -c "Use of Connection ID has been negotiated" \ 3349 -c "ignoring unexpected CID" \ 3350 -s "ignoring unexpected CID" 3351 3352 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3353 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3354 run_test "Connection ID: Cli+Srv enabled, Cli CID empty" \ 3355 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \ 3356 "$P_CLI debug_level=3 dtls=1 cid=1" \ 3357 0 \ 3358 -c "Enable use of CID extension." \ 3359 -s "Enable use of CID extension." \ 3360 -c "client hello, adding CID extension" \ 3361 -s "found CID extension" \ 3362 -s "Use of CID extension negotiated" \ 3363 -s "server hello, adding CID extension" \ 3364 -c "found CID extension" \ 3365 -c "Use of CID extension negotiated" \ 3366 -s "Copy CIDs into SSL transform" \ 3367 -c "Copy CIDs into SSL transform" \ 3368 -c "Peer CID (length 4 Bytes): de ad be ef" \ 3369 -s "Peer CID (length 0 Bytes):" \ 3370 -s "Use of Connection ID has been negotiated" \ 3371 -c "Use of Connection ID has been negotiated" 3372 3373 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3374 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3375 run_test "Connection ID: Cli+Srv enabled, Srv CID empty" \ 3376 "$P_SRV debug_level=3 dtls=1 cid=1" \ 3377 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \ 3378 0 \ 3379 -c "Enable use of CID extension." \ 3380 -s "Enable use of CID extension." \ 3381 -c "client hello, adding CID extension" \ 3382 -s "found CID extension" \ 3383 -s "Use of CID extension negotiated" \ 3384 -s "server hello, adding CID extension" \ 3385 -c "found CID extension" \ 3386 -c "Use of CID extension negotiated" \ 3387 -s "Copy CIDs into SSL transform" \ 3388 -c "Copy CIDs into SSL transform" \ 3389 -s "Peer CID (length 4 Bytes): de ad be ef" \ 3390 -c "Peer CID (length 0 Bytes):" \ 3391 -s "Use of Connection ID has been negotiated" \ 3392 -c "Use of Connection ID has been negotiated" 3393 3394 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3395 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3396 run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID empty" \ 3397 "$P_SRV debug_level=3 dtls=1 cid=1" \ 3398 "$P_CLI debug_level=3 dtls=1 cid=1" \ 3399 0 \ 3400 -c "Enable use of CID extension." \ 3401 -s "Enable use of CID extension." \ 3402 -c "client hello, adding CID extension" \ 3403 -s "found CID extension" \ 3404 -s "Use of CID extension negotiated" \ 3405 -s "server hello, adding CID extension" \ 3406 -c "found CID extension" \ 3407 -c "Use of CID extension negotiated" \ 3408 -s "Copy CIDs into SSL transform" \ 3409 -c "Copy CIDs into SSL transform" \ 3410 -S "Use of Connection ID has been negotiated" \ 3411 -C "Use of Connection ID has been negotiated" 3412 3413 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3414 run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID nonempty, AES-128-CCM-8" \ 3415 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead" \ 3416 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ 3417 0 \ 3418 -c "Enable use of CID extension." \ 3419 -s "Enable use of CID extension." \ 3420 -c "client hello, adding CID extension" \ 3421 -s "found CID extension" \ 3422 -s "Use of CID extension negotiated" \ 3423 -s "server hello, adding CID extension" \ 3424 -c "found CID extension" \ 3425 -c "Use of CID extension negotiated" \ 3426 -s "Copy CIDs into SSL transform" \ 3427 -c "Copy CIDs into SSL transform" \ 3428 -c "Peer CID (length 2 Bytes): de ad" \ 3429 -s "Peer CID (length 2 Bytes): be ef" \ 3430 -s "Use of Connection ID has been negotiated" \ 3431 -c "Use of Connection ID has been negotiated" 3432 3433 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3434 run_test "Connection ID: Cli+Srv enabled, Cli CID empty, AES-128-CCM-8" \ 3435 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \ 3436 "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ 3437 0 \ 3438 -c "Enable use of CID extension." \ 3439 -s "Enable use of CID extension." \ 3440 -c "client hello, adding CID extension" \ 3441 -s "found CID extension" \ 3442 -s "Use of CID extension negotiated" \ 3443 -s "server hello, adding CID extension" \ 3444 -c "found CID extension" \ 3445 -c "Use of CID extension negotiated" \ 3446 -s "Copy CIDs into SSL transform" \ 3447 -c "Copy CIDs into SSL transform" \ 3448 -c "Peer CID (length 4 Bytes): de ad be ef" \ 3449 -s "Peer CID (length 0 Bytes):" \ 3450 -s "Use of Connection ID has been negotiated" \ 3451 -c "Use of Connection ID has been negotiated" 3452 3453 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3454 run_test "Connection ID: Cli+Srv enabled, Srv CID empty, AES-128-CCM-8" \ 3455 "$P_SRV debug_level=3 dtls=1 cid=1" \ 3456 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ 3457 0 \ 3458 -c "Enable use of CID extension." \ 3459 -s "Enable use of CID extension." \ 3460 -c "client hello, adding CID extension" \ 3461 -s "found CID extension" \ 3462 -s "Use of CID extension negotiated" \ 3463 -s "server hello, adding CID extension" \ 3464 -c "found CID extension" \ 3465 -c "Use of CID extension negotiated" \ 3466 -s "Copy CIDs into SSL transform" \ 3467 -c "Copy CIDs into SSL transform" \ 3468 -s "Peer CID (length 4 Bytes): de ad be ef" \ 3469 -c "Peer CID (length 0 Bytes):" \ 3470 -s "Use of Connection ID has been negotiated" \ 3471 -c "Use of Connection ID has been negotiated" 3472 3473 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3474 run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID empty, AES-128-CCM-8" \ 3475 "$P_SRV debug_level=3 dtls=1 cid=1" \ 3476 "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ 3477 0 \ 3478 -c "Enable use of CID extension." \ 3479 -s "Enable use of CID extension." \ 3480 -c "client hello, adding CID extension" \ 3481 -s "found CID extension" \ 3482 -s "Use of CID extension negotiated" \ 3483 -s "server hello, adding CID extension" \ 3484 -c "found CID extension" \ 3485 -c "Use of CID extension negotiated" \ 3486 -s "Copy CIDs into SSL transform" \ 3487 -c "Copy CIDs into SSL transform" \ 3488 -S "Use of Connection ID has been negotiated" \ 3489 -C "Use of Connection ID has been negotiated" 3490 3491 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3492 run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID nonempty, AES-128-CBC" \ 3493 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead" \ 3494 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ 3495 0 \ 3496 -c "Enable use of CID extension." \ 3497 -s "Enable use of CID extension." \ 3498 -c "client hello, adding CID extension" \ 3499 -s "found CID extension" \ 3500 -s "Use of CID extension negotiated" \ 3501 -s "server hello, adding CID extension" \ 3502 -c "found CID extension" \ 3503 -c "Use of CID extension negotiated" \ 3504 -s "Copy CIDs into SSL transform" \ 3505 -c "Copy CIDs into SSL transform" \ 3506 -c "Peer CID (length 2 Bytes): de ad" \ 3507 -s "Peer CID (length 2 Bytes): be ef" \ 3508 -s "Use of Connection ID has been negotiated" \ 3509 -c "Use of Connection ID has been negotiated" 3510 3511 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3512 run_test "Connection ID: Cli+Srv enabled, Cli CID empty, AES-128-CBC" \ 3513 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \ 3514 "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ 3515 0 \ 3516 -c "Enable use of CID extension." \ 3517 -s "Enable use of CID extension." \ 3518 -c "client hello, adding CID extension" \ 3519 -s "found CID extension" \ 3520 -s "Use of CID extension negotiated" \ 3521 -s "server hello, adding CID extension" \ 3522 -c "found CID extension" \ 3523 -c "Use of CID extension negotiated" \ 3524 -s "Copy CIDs into SSL transform" \ 3525 -c "Copy CIDs into SSL transform" \ 3526 -c "Peer CID (length 4 Bytes): de ad be ef" \ 3527 -s "Peer CID (length 0 Bytes):" \ 3528 -s "Use of Connection ID has been negotiated" \ 3529 -c "Use of Connection ID has been negotiated" 3530 3531 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3532 run_test "Connection ID: Cli+Srv enabled, Srv CID empty, AES-128-CBC" \ 3533 "$P_SRV debug_level=3 dtls=1 cid=1" \ 3534 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ 3535 0 \ 3536 -c "Enable use of CID extension." \ 3537 -s "Enable use of CID extension." \ 3538 -c "client hello, adding CID extension" \ 3539 -s "found CID extension" \ 3540 -s "Use of CID extension negotiated" \ 3541 -s "server hello, adding CID extension" \ 3542 -c "found CID extension" \ 3543 -c "Use of CID extension negotiated" \ 3544 -s "Copy CIDs into SSL transform" \ 3545 -c "Copy CIDs into SSL transform" \ 3546 -s "Peer CID (length 4 Bytes): de ad be ef" \ 3547 -c "Peer CID (length 0 Bytes):" \ 3548 -s "Use of Connection ID has been negotiated" \ 3549 -c "Use of Connection ID has been negotiated" 3550 3551 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3552 run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID empty, AES-128-CBC" \ 3553 "$P_SRV debug_level=3 dtls=1 cid=1" \ 3554 "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ 3555 0 \ 3556 -c "Enable use of CID extension." \ 3557 -s "Enable use of CID extension." \ 3558 -c "client hello, adding CID extension" \ 3559 -s "found CID extension" \ 3560 -s "Use of CID extension negotiated" \ 3561 -s "server hello, adding CID extension" \ 3562 -c "found CID extension" \ 3563 -c "Use of CID extension negotiated" \ 3564 -s "Copy CIDs into SSL transform" \ 3565 -c "Copy CIDs into SSL transform" \ 3566 -S "Use of Connection ID has been negotiated" \ 3567 -C "Use of Connection ID has been negotiated" 3568 3569 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3570 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3571 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 3572 run_test "Connection ID: Cli+Srv enabled, renegotiate without change of CID" \ 3573 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead renegotiation=1" \ 3574 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef renegotiation=1 renegotiate=1" \ 3575 0 \ 3576 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \ 3577 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \ 3578 -s "(initial handshake) Use of Connection ID has been negotiated" \ 3579 -c "(initial handshake) Use of Connection ID has been negotiated" \ 3580 -c "(after renegotiation) Peer CID (length 2 Bytes): de ad" \ 3581 -s "(after renegotiation) Peer CID (length 2 Bytes): be ef" \ 3582 -s "(after renegotiation) Use of Connection ID has been negotiated" \ 3583 -c "(after renegotiation) Use of Connection ID has been negotiated" 3584 3585 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3586 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3587 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 3588 run_test "Connection ID: Cli+Srv enabled, renegotiate with different CID" \ 3589 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead cid_val_renego=beef renegotiation=1" \ 3590 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef cid_val_renego=dead renegotiation=1 renegotiate=1" \ 3591 0 \ 3592 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \ 3593 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \ 3594 -s "(initial handshake) Use of Connection ID has been negotiated" \ 3595 -c "(initial handshake) Use of Connection ID has been negotiated" \ 3596 -c "(after renegotiation) Peer CID (length 2 Bytes): be ef" \ 3597 -s "(after renegotiation) Peer CID (length 2 Bytes): de ad" \ 3598 -s "(after renegotiation) Use of Connection ID has been negotiated" \ 3599 -c "(after renegotiation) Use of Connection ID has been negotiated" 3600 3601 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3602 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3603 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 3604 run_test "Connection ID, no packing: Cli+Srv enabled, renegotiate with different CID" \ 3605 "$P_SRV debug_level=3 dtls=1 cid=1 dgram_packing=0 cid_val=dead cid_val_renego=beef renegotiation=1" \ 3606 "$P_CLI debug_level=3 dtls=1 cid=1 dgram_packing=0 cid_val=beef cid_val_renego=dead renegotiation=1 renegotiate=1" \ 3607 0 \ 3608 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \ 3609 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \ 3610 -s "(initial handshake) Use of Connection ID has been negotiated" \ 3611 -c "(initial handshake) Use of Connection ID has been negotiated" \ 3612 -c "(after renegotiation) Peer CID (length 2 Bytes): be ef" \ 3613 -s "(after renegotiation) Peer CID (length 2 Bytes): de ad" \ 3614 -s "(after renegotiation) Use of Connection ID has been negotiated" \ 3615 -c "(after renegotiation) Use of Connection ID has been negotiated" 3616 3617 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3618 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3619 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 3620 run_test "Connection ID, 3D+MTU: Cli+Srv enabled, renegotiate with different CID" \ 3621 -p "$P_PXY mtu=800 drop=5 delay=5 duplicate=5 bad_cid=1" \ 3622 "$P_SRV debug_level=3 mtu=800 dtls=1 cid=1 cid_val=dead cid_val_renego=beef renegotiation=1" \ 3623 "$P_CLI debug_level=3 mtu=800 dtls=1 cid=1 cid_val=beef cid_val_renego=dead renegotiation=1 renegotiate=1" \ 3624 0 \ 3625 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \ 3626 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \ 3627 -s "(initial handshake) Use of Connection ID has been negotiated" \ 3628 -c "(initial handshake) Use of Connection ID has been negotiated" \ 3629 -c "(after renegotiation) Peer CID (length 2 Bytes): be ef" \ 3630 -s "(after renegotiation) Peer CID (length 2 Bytes): de ad" \ 3631 -s "(after renegotiation) Use of Connection ID has been negotiated" \ 3632 -c "(after renegotiation) Use of Connection ID has been negotiated" \ 3633 -c "ignoring unexpected CID" \ 3634 -s "ignoring unexpected CID" 3635 3636 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3637 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3638 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 3639 run_test "Connection ID: Cli+Srv enabled, renegotiate without CID" \ 3640 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead cid_renego=0 renegotiation=1" \ 3641 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef cid_renego=0 renegotiation=1 renegotiate=1" \ 3642 0 \ 3643 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \ 3644 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \ 3645 -s "(initial handshake) Use of Connection ID has been negotiated" \ 3646 -c "(initial handshake) Use of Connection ID has been negotiated" \ 3647 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \ 3648 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \ 3649 -C "(after renegotiation) Use of Connection ID has been negotiated" \ 3650 -S "(after renegotiation) Use of Connection ID has been negotiated" 3651 3652 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3653 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3654 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 3655 run_test "Connection ID, no packing: Cli+Srv enabled, renegotiate without CID" \ 3656 "$P_SRV debug_level=3 dtls=1 dgram_packing=0 cid=1 cid_val=dead cid_renego=0 renegotiation=1" \ 3657 "$P_CLI debug_level=3 dtls=1 dgram_packing=0 cid=1 cid_val=beef cid_renego=0 renegotiation=1 renegotiate=1" \ 3658 0 \ 3659 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \ 3660 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \ 3661 -s "(initial handshake) Use of Connection ID has been negotiated" \ 3662 -c "(initial handshake) Use of Connection ID has been negotiated" \ 3663 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \ 3664 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \ 3665 -C "(after renegotiation) Use of Connection ID has been negotiated" \ 3666 -S "(after renegotiation) Use of Connection ID has been negotiated" 3667 3668 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3669 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3670 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 3671 run_test "Connection ID, 3D+MTU: Cli+Srv enabled, renegotiate without CID" \ 3672 -p "$P_PXY drop=5 delay=5 duplicate=5 bad_cid=1" \ 3673 "$P_SRV debug_level=3 mtu=800 dtls=1 cid=1 cid_val=dead cid_renego=0 renegotiation=1" \ 3674 "$P_CLI debug_level=3 mtu=800 dtls=1 cid=1 cid_val=beef cid_renego=0 renegotiation=1 renegotiate=1" \ 3675 0 \ 3676 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \ 3677 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \ 3678 -s "(initial handshake) Use of Connection ID has been negotiated" \ 3679 -c "(initial handshake) Use of Connection ID has been negotiated" \ 3680 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \ 3681 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \ 3682 -C "(after renegotiation) Use of Connection ID has been negotiated" \ 3683 -S "(after renegotiation) Use of Connection ID has been negotiated" \ 3684 -c "ignoring unexpected CID" \ 3685 -s "ignoring unexpected CID" 3686 3687 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3688 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3689 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 3690 run_test "Connection ID: Cli+Srv enabled, CID on renegotiation" \ 3691 "$P_SRV debug_level=3 dtls=1 cid=0 cid_renego=1 cid_val_renego=dead renegotiation=1" \ 3692 "$P_CLI debug_level=3 dtls=1 cid=0 cid_renego=1 cid_val_renego=beef renegotiation=1 renegotiate=1" \ 3693 0 \ 3694 -S "(initial handshake) Use of Connection ID has been negotiated" \ 3695 -C "(initial handshake) Use of Connection ID has been negotiated" \ 3696 -c "(after renegotiation) Peer CID (length 2 Bytes): de ad" \ 3697 -s "(after renegotiation) Peer CID (length 2 Bytes): be ef" \ 3698 -c "(after renegotiation) Use of Connection ID has been negotiated" \ 3699 -s "(after renegotiation) Use of Connection ID has been negotiated" 3700 3701 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3702 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3703 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 3704 run_test "Connection ID, no packing: Cli+Srv enabled, CID on renegotiation" \ 3705 "$P_SRV debug_level=3 dtls=1 dgram_packing=0 cid=0 cid_renego=1 cid_val_renego=dead renegotiation=1" \ 3706 "$P_CLI debug_level=3 dtls=1 dgram_packing=0 cid=0 cid_renego=1 cid_val_renego=beef renegotiation=1 renegotiate=1" \ 3707 0 \ 3708 -S "(initial handshake) Use of Connection ID has been negotiated" \ 3709 -C "(initial handshake) Use of Connection ID has been negotiated" \ 3710 -c "(after renegotiation) Peer CID (length 2 Bytes): de ad" \ 3711 -s "(after renegotiation) Peer CID (length 2 Bytes): be ef" \ 3712 -c "(after renegotiation) Use of Connection ID has been negotiated" \ 3713 -s "(after renegotiation) Use of Connection ID has been negotiated" 3714 3715 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3716 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3717 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 3718 run_test "Connection ID, 3D+MTU: Cli+Srv enabled, CID on renegotiation" \ 3719 -p "$P_PXY mtu=800 drop=5 delay=5 duplicate=5 bad_cid=1" \ 3720 "$P_SRV debug_level=3 mtu=800 dtls=1 dgram_packing=1 cid=0 cid_renego=1 cid_val_renego=dead renegotiation=1" \ 3721 "$P_CLI debug_level=3 mtu=800 dtls=1 dgram_packing=1 cid=0 cid_renego=1 cid_val_renego=beef renegotiation=1 renegotiate=1" \ 3722 0 \ 3723 -S "(initial handshake) Use of Connection ID has been negotiated" \ 3724 -C "(initial handshake) Use of Connection ID has been negotiated" \ 3725 -c "(after renegotiation) Peer CID (length 2 Bytes): de ad" \ 3726 -s "(after renegotiation) Peer CID (length 2 Bytes): be ef" \ 3727 -c "(after renegotiation) Use of Connection ID has been negotiated" \ 3728 -s "(after renegotiation) Use of Connection ID has been negotiated" \ 3729 -c "ignoring unexpected CID" \ 3730 -s "ignoring unexpected CID" 3731 3732 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3733 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3734 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 3735 run_test "Connection ID: Cli+Srv enabled, Cli disables on renegotiation" \ 3736 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead renegotiation=1" \ 3737 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef cid_renego=0 renegotiation=1 renegotiate=1" \ 3738 0 \ 3739 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \ 3740 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \ 3741 -s "(initial handshake) Use of Connection ID has been negotiated" \ 3742 -c "(initial handshake) Use of Connection ID has been negotiated" \ 3743 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \ 3744 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \ 3745 -C "(after renegotiation) Use of Connection ID has been negotiated" \ 3746 -S "(after renegotiation) Use of Connection ID has been negotiated" \ 3747 -s "(after renegotiation) Use of Connection ID was not offered by client" 3748 3749 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3750 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3751 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 3752 run_test "Connection ID, 3D: Cli+Srv enabled, Cli disables on renegotiation" \ 3753 -p "$P_PXY drop=5 delay=5 duplicate=5 bad_cid=1" \ 3754 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead renegotiation=1" \ 3755 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef cid_renego=0 renegotiation=1 renegotiate=1" \ 3756 0 \ 3757 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \ 3758 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \ 3759 -s "(initial handshake) Use of Connection ID has been negotiated" \ 3760 -c "(initial handshake) Use of Connection ID has been negotiated" \ 3761 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \ 3762 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \ 3763 -C "(after renegotiation) Use of Connection ID has been negotiated" \ 3764 -S "(after renegotiation) Use of Connection ID has been negotiated" \ 3765 -s "(after renegotiation) Use of Connection ID was not offered by client" \ 3766 -c "ignoring unexpected CID" \ 3767 -s "ignoring unexpected CID" 3768 3769 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3770 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3771 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 3772 run_test "Connection ID: Cli+Srv enabled, Srv disables on renegotiation" \ 3773 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead cid_renego=0 renegotiation=1" \ 3774 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef renegotiation=1 renegotiate=1" \ 3775 0 \ 3776 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \ 3777 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \ 3778 -s "(initial handshake) Use of Connection ID has been negotiated" \ 3779 -c "(initial handshake) Use of Connection ID has been negotiated" \ 3780 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \ 3781 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \ 3782 -C "(after renegotiation) Use of Connection ID has been negotiated" \ 3783 -S "(after renegotiation) Use of Connection ID has been negotiated" \ 3784 -c "(after renegotiation) Use of Connection ID was rejected by the server" 3785 3786 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3787 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3788 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 3789 run_test "Connection ID, 3D: Cli+Srv enabled, Srv disables on renegotiation" \ 3790 -p "$P_PXY drop=5 delay=5 duplicate=5 bad_cid=1" \ 3791 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead cid_renego=0 renegotiation=1" \ 3792 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef renegotiation=1 renegotiate=1" \ 3793 0 \ 3794 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \ 3795 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \ 3796 -s "(initial handshake) Use of Connection ID has been negotiated" \ 3797 -c "(initial handshake) Use of Connection ID has been negotiated" \ 3798 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \ 3799 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \ 3800 -C "(after renegotiation) Use of Connection ID has been negotiated" \ 3801 -S "(after renegotiation) Use of Connection ID has been negotiated" \ 3802 -c "(after renegotiation) Use of Connection ID was rejected by the server" \ 3803 -c "ignoring unexpected CID" \ 3804 -s "ignoring unexpected CID" 3805 3806 # This and the test below it require MAX_CONTENT_LEN to be at least MFL+1, because the 3807 # tests check that the buffer contents are reallocated when the message is 3808 # larger than the buffer. 3809 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3810 requires_config_enabled MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH 3811 requires_max_content_len 513 3812 run_test "Connection ID: Cli+Srv enabled, variable buffer lengths, MFL=512" \ 3813 "$P_SRV dtls=1 cid=1 cid_val=dead debug_level=2" \ 3814 "$P_CLI force_ciphersuite="TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" max_frag_len=512 dtls=1 cid=1 cid_val=beef" \ 3815 0 \ 3816 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \ 3817 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \ 3818 -s "(initial handshake) Use of Connection ID has been negotiated" \ 3819 -c "(initial handshake) Use of Connection ID has been negotiated" \ 3820 -s "Reallocating in_buf" \ 3821 -s "Reallocating out_buf" 3822 3823 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 3824 requires_config_enabled MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH 3825 requires_max_content_len 1025 3826 run_test "Connection ID: Cli+Srv enabled, variable buffer lengths, MFL=1024" \ 3827 "$P_SRV dtls=1 cid=1 cid_val=dead debug_level=2" \ 3828 "$P_CLI force_ciphersuite="TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" max_frag_len=1024 dtls=1 cid=1 cid_val=beef" \ 3829 0 \ 3830 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \ 3831 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \ 3832 -s "(initial handshake) Use of Connection ID has been negotiated" \ 3833 -c "(initial handshake) Use of Connection ID has been negotiated" \ 3834 -s "Reallocating in_buf" \ 3835 -s "Reallocating out_buf" 3836 3837 # Tests for Encrypt-then-MAC extension 3838 3839 run_test "Encrypt then MAC: default" \ 3840 "$P_SRV debug_level=3 \ 3841 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ 3842 "$P_CLI debug_level=3" \ 3843 0 \ 3844 -c "client hello, adding encrypt_then_mac extension" \ 3845 -s "found encrypt then mac extension" \ 3846 -s "server hello, adding encrypt then mac extension" \ 3847 -c "found encrypt_then_mac extension" \ 3848 -c "using encrypt then mac" \ 3849 -s "using encrypt then mac" 3850 3851 run_test "Encrypt then MAC: client enabled, server disabled" \ 3852 "$P_SRV debug_level=3 etm=0 \ 3853 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ 3854 "$P_CLI debug_level=3 etm=1" \ 3855 0 \ 3856 -c "client hello, adding encrypt_then_mac extension" \ 3857 -s "found encrypt then mac extension" \ 3858 -S "server hello, adding encrypt then mac extension" \ 3859 -C "found encrypt_then_mac extension" \ 3860 -C "using encrypt then mac" \ 3861 -S "using encrypt then mac" 3862 3863 run_test "Encrypt then MAC: client enabled, aead cipher" \ 3864 "$P_SRV debug_level=3 etm=1 \ 3865 force_ciphersuite=TLS-RSA-WITH-AES-128-GCM-SHA256" \ 3866 "$P_CLI debug_level=3 etm=1" \ 3867 0 \ 3868 -c "client hello, adding encrypt_then_mac extension" \ 3869 -s "found encrypt then mac extension" \ 3870 -S "server hello, adding encrypt then mac extension" \ 3871 -C "found encrypt_then_mac extension" \ 3872 -C "using encrypt then mac" \ 3873 -S "using encrypt then mac" 3874 3875 run_test "Encrypt then MAC: client disabled, server enabled" \ 3876 "$P_SRV debug_level=3 etm=1 \ 3877 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ 3878 "$P_CLI debug_level=3 etm=0" \ 3879 0 \ 3880 -C "client hello, adding encrypt_then_mac extension" \ 3881 -S "found encrypt then mac extension" \ 3882 -S "server hello, adding encrypt then mac extension" \ 3883 -C "found encrypt_then_mac extension" \ 3884 -C "using encrypt then mac" \ 3885 -S "using encrypt then mac" 3886 3887 # Tests for Extended Master Secret extension 3888 3889 requires_config_enabled MBEDTLS_SSL_EXTENDED_MASTER_SECRET 3890 run_test "Extended Master Secret: default" \ 3891 "$P_SRV debug_level=3" \ 3892 "$P_CLI force_version=tls12 debug_level=3" \ 3893 0 \ 3894 -c "client hello, adding extended_master_secret extension" \ 3895 -s "found extended master secret extension" \ 3896 -s "server hello, adding extended master secret extension" \ 3897 -c "found extended_master_secret extension" \ 3898 -c "session hash for extended master secret" \ 3899 -s "session hash for extended master secret" 3900 3901 requires_config_enabled MBEDTLS_SSL_EXTENDED_MASTER_SECRET 3902 run_test "Extended Master Secret: client enabled, server disabled" \ 3903 "$P_SRV debug_level=3 extended_ms=0" \ 3904 "$P_CLI force_version=tls12 debug_level=3 extended_ms=1" \ 3905 0 \ 3906 -c "client hello, adding extended_master_secret extension" \ 3907 -s "found extended master secret extension" \ 3908 -S "server hello, adding extended master secret extension" \ 3909 -C "found extended_master_secret extension" \ 3910 -C "session hash for extended master secret" \ 3911 -S "session hash for extended master secret" 3912 3913 requires_config_enabled MBEDTLS_SSL_EXTENDED_MASTER_SECRET 3914 run_test "Extended Master Secret: client disabled, server enabled" \ 3915 "$P_SRV force_version=tls12 debug_level=3 extended_ms=1" \ 3916 "$P_CLI debug_level=3 extended_ms=0" \ 3917 0 \ 3918 -C "client hello, adding extended_master_secret extension" \ 3919 -S "found extended master secret extension" \ 3920 -S "server hello, adding extended master secret extension" \ 3921 -C "found extended_master_secret extension" \ 3922 -C "session hash for extended master secret" \ 3923 -S "session hash for extended master secret" 3924 3925 # Test sending and receiving empty application data records 3926 3927 run_test "Encrypt then MAC: empty application data record" \ 3928 "$P_SRV auth_mode=none debug_level=4 etm=1" \ 3929 "$P_CLI auth_mode=none etm=1 request_size=0 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \ 3930 0 \ 3931 -S "0000: 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f" \ 3932 -s "dumping 'input payload after decrypt' (0 bytes)" \ 3933 -c "0 bytes written in 1 fragments" 3934 3935 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3936 run_test "Encrypt then MAC: disabled, empty application data record" \ 3937 "$P_SRV auth_mode=none debug_level=4 etm=0" \ 3938 "$P_CLI auth_mode=none etm=0 request_size=0" \ 3939 0 \ 3940 -s "dumping 'input payload after decrypt' (0 bytes)" \ 3941 -c "0 bytes written in 1 fragments" 3942 3943 run_test "Encrypt then MAC, DTLS: empty application data record" \ 3944 "$P_SRV auth_mode=none debug_level=4 etm=1 dtls=1" \ 3945 "$P_CLI auth_mode=none etm=1 request_size=0 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA dtls=1" \ 3946 0 \ 3947 -S "0000: 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f" \ 3948 -s "dumping 'input payload after decrypt' (0 bytes)" \ 3949 -c "0 bytes written in 1 fragments" 3950 3951 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 3952 run_test "Encrypt then MAC, DTLS: disabled, empty application data record" \ 3953 "$P_SRV auth_mode=none debug_level=4 etm=0 dtls=1" \ 3954 "$P_CLI auth_mode=none etm=0 request_size=0 dtls=1" \ 3955 0 \ 3956 -s "dumping 'input payload after decrypt' (0 bytes)" \ 3957 -c "0 bytes written in 1 fragments" 3958 3959 # Tests for CBC 1/n-1 record splitting 3960 3961 run_test "CBC Record splitting: TLS 1.2, no splitting" \ 3962 "$P_SRV force_version=tls12" \ 3963 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \ 3964 request_size=123" \ 3965 0 \ 3966 -s "Read from client: 123 bytes read" \ 3967 -S "Read from client: 1 bytes read" \ 3968 -S "122 bytes read" 3969 3970 # Tests for Session Tickets 3971 3972 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 3973 run_test "Session resume using tickets: basic" \ 3974 "$P_SRV debug_level=3 tickets=1" \ 3975 "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 3976 0 \ 3977 -c "client hello, adding session ticket extension" \ 3978 -s "found session ticket extension" \ 3979 -s "server hello, adding session ticket extension" \ 3980 -c "found session_ticket extension" \ 3981 -c "parse new session ticket" \ 3982 -S "session successfully restored from cache" \ 3983 -s "session successfully restored from ticket" \ 3984 -s "a session has been resumed" \ 3985 -c "a session has been resumed" 3986 3987 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 3988 run_test "Session resume using tickets: manual rotation" \ 3989 "$P_SRV debug_level=3 tickets=1 ticket_rotate=1" \ 3990 "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 3991 0 \ 3992 -c "client hello, adding session ticket extension" \ 3993 -s "found session ticket extension" \ 3994 -s "server hello, adding session ticket extension" \ 3995 -c "found session_ticket extension" \ 3996 -c "parse new session ticket" \ 3997 -S "session successfully restored from cache" \ 3998 -s "session successfully restored from ticket" \ 3999 -s "a session has been resumed" \ 4000 -c "a session has been resumed" 4001 4002 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 4003 run_test "Session resume using tickets: cache disabled" \ 4004 "$P_SRV debug_level=3 tickets=1 cache_max=0" \ 4005 "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 4006 0 \ 4007 -c "client hello, adding session ticket extension" \ 4008 -s "found session ticket extension" \ 4009 -s "server hello, adding session ticket extension" \ 4010 -c "found session_ticket extension" \ 4011 -c "parse new session ticket" \ 4012 -S "session successfully restored from cache" \ 4013 -s "session successfully restored from ticket" \ 4014 -s "a session has been resumed" \ 4015 -c "a session has been resumed" 4016 4017 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 4018 run_test "Session resume using tickets: timeout" \ 4019 "$P_SRV debug_level=3 tickets=1 cache_max=0 ticket_timeout=1" \ 4020 "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1 reco_delay=2000" \ 4021 0 \ 4022 -c "client hello, adding session ticket extension" \ 4023 -s "found session ticket extension" \ 4024 -s "server hello, adding session ticket extension" \ 4025 -c "found session_ticket extension" \ 4026 -c "parse new session ticket" \ 4027 -S "session successfully restored from cache" \ 4028 -S "session successfully restored from ticket" \ 4029 -S "a session has been resumed" \ 4030 -C "a session has been resumed" 4031 4032 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 4033 run_test "Session resume using tickets: session copy" \ 4034 "$P_SRV debug_level=3 tickets=1 cache_max=0" \ 4035 "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1 reco_mode=0" \ 4036 0 \ 4037 -c "client hello, adding session ticket extension" \ 4038 -s "found session ticket extension" \ 4039 -s "server hello, adding session ticket extension" \ 4040 -c "found session_ticket extension" \ 4041 -c "parse new session ticket" \ 4042 -S "session successfully restored from cache" \ 4043 -s "session successfully restored from ticket" \ 4044 -s "a session has been resumed" \ 4045 -c "a session has been resumed" 4046 4047 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 4048 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 4049 run_test "Session resume using tickets: openssl server" \ 4050 "$O_SRV -tls1_2" \ 4051 "$P_CLI debug_level=3 tickets=1 new_session_tickets=1 reconnect=1" \ 4052 0 \ 4053 -c "client hello, adding session ticket extension" \ 4054 -c "found session_ticket extension" \ 4055 -c "parse new session ticket" \ 4056 -c "a session has been resumed" 4057 4058 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 4059 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 4060 run_test "Session resume using tickets: openssl client" \ 4061 "$P_SRV force_version=tls12 debug_level=3 tickets=1" \ 4062 "( $O_CLI -sess_out $SESSION; \ 4063 $O_CLI -sess_in $SESSION; \ 4064 rm -f $SESSION )" \ 4065 0 \ 4066 -s "found session ticket extension" \ 4067 -s "server hello, adding session ticket extension" \ 4068 -S "session successfully restored from cache" \ 4069 -s "session successfully restored from ticket" \ 4070 -s "a session has been resumed" 4071 4072 requires_cipher_enabled "AES" "GCM" 4073 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 4074 run_test "Session resume using tickets: AES-128-GCM" \ 4075 "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-128-GCM" \ 4076 "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 4077 0 \ 4078 -c "client hello, adding session ticket extension" \ 4079 -s "found session ticket extension" \ 4080 -s "server hello, adding session ticket extension" \ 4081 -c "found session_ticket extension" \ 4082 -c "parse new session ticket" \ 4083 -S "session successfully restored from cache" \ 4084 -s "session successfully restored from ticket" \ 4085 -s "a session has been resumed" \ 4086 -c "a session has been resumed" 4087 4088 requires_cipher_enabled "AES" "GCM" 4089 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 4090 run_test "Session resume using tickets: AES-192-GCM" \ 4091 "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-192-GCM" \ 4092 "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 4093 0 \ 4094 -c "client hello, adding session ticket extension" \ 4095 -s "found session ticket extension" \ 4096 -s "server hello, adding session ticket extension" \ 4097 -c "found session_ticket extension" \ 4098 -c "parse new session ticket" \ 4099 -S "session successfully restored from cache" \ 4100 -s "session successfully restored from ticket" \ 4101 -s "a session has been resumed" \ 4102 -c "a session has been resumed" 4103 4104 requires_cipher_enabled "AES" "CCM" 4105 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 4106 run_test "Session resume using tickets: AES-128-CCM" \ 4107 "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-128-CCM" \ 4108 "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 4109 0 \ 4110 -c "client hello, adding session ticket extension" \ 4111 -s "found session ticket extension" \ 4112 -s "server hello, adding session ticket extension" \ 4113 -c "found session_ticket extension" \ 4114 -c "parse new session ticket" \ 4115 -S "session successfully restored from cache" \ 4116 -s "session successfully restored from ticket" \ 4117 -s "a session has been resumed" \ 4118 -c "a session has been resumed" 4119 4120 requires_cipher_enabled "AES" "CCM" 4121 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 4122 run_test "Session resume using tickets: AES-192-CCM" \ 4123 "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-192-CCM" \ 4124 "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 4125 0 \ 4126 -c "client hello, adding session ticket extension" \ 4127 -s "found session ticket extension" \ 4128 -s "server hello, adding session ticket extension" \ 4129 -c "found session_ticket extension" \ 4130 -c "parse new session ticket" \ 4131 -S "session successfully restored from cache" \ 4132 -s "session successfully restored from ticket" \ 4133 -s "a session has been resumed" \ 4134 -c "a session has been resumed" 4135 4136 requires_cipher_enabled "AES" "CCM" 4137 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 4138 run_test "Session resume using tickets: AES-256-CCM" \ 4139 "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-256-CCM" \ 4140 "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 4141 0 \ 4142 -c "client hello, adding session ticket extension" \ 4143 -s "found session ticket extension" \ 4144 -s "server hello, adding session ticket extension" \ 4145 -c "found session_ticket extension" \ 4146 -c "parse new session ticket" \ 4147 -S "session successfully restored from cache" \ 4148 -s "session successfully restored from ticket" \ 4149 -s "a session has been resumed" \ 4150 -c "a session has been resumed" 4151 4152 requires_cipher_enabled "CAMELLIA" "CCM" 4153 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 4154 run_test "Session resume using tickets: CAMELLIA-128-CCM" \ 4155 "$P_SRV debug_level=3 tickets=1 ticket_aead=CAMELLIA-128-CCM" \ 4156 "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 4157 0 \ 4158 -c "client hello, adding session ticket extension" \ 4159 -s "found session ticket extension" \ 4160 -s "server hello, adding session ticket extension" \ 4161 -c "found session_ticket extension" \ 4162 -c "parse new session ticket" \ 4163 -S "session successfully restored from cache" \ 4164 -s "session successfully restored from ticket" \ 4165 -s "a session has been resumed" \ 4166 -c "a session has been resumed" 4167 4168 requires_cipher_enabled "CAMELLIA" "CCM" 4169 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 4170 run_test "Session resume using tickets: CAMELLIA-192-CCM" \ 4171 "$P_SRV debug_level=3 tickets=1 ticket_aead=CAMELLIA-192-CCM" \ 4172 "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 4173 0 \ 4174 -c "client hello, adding session ticket extension" \ 4175 -s "found session ticket extension" \ 4176 -s "server hello, adding session ticket extension" \ 4177 -c "found session_ticket extension" \ 4178 -c "parse new session ticket" \ 4179 -S "session successfully restored from cache" \ 4180 -s "session successfully restored from ticket" \ 4181 -s "a session has been resumed" \ 4182 -c "a session has been resumed" 4183 4184 requires_cipher_enabled "CAMELLIA" "CCM" 4185 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 4186 run_test "Session resume using tickets: CAMELLIA-256-CCM" \ 4187 "$P_SRV debug_level=3 tickets=1 ticket_aead=CAMELLIA-256-CCM" \ 4188 "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 4189 0 \ 4190 -c "client hello, adding session ticket extension" \ 4191 -s "found session ticket extension" \ 4192 -s "server hello, adding session ticket extension" \ 4193 -c "found session_ticket extension" \ 4194 -c "parse new session ticket" \ 4195 -S "session successfully restored from cache" \ 4196 -s "session successfully restored from ticket" \ 4197 -s "a session has been resumed" \ 4198 -c "a session has been resumed" 4199 4200 requires_cipher_enabled "ARIA" "GCM" 4201 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 4202 run_test "Session resume using tickets: ARIA-128-GCM" \ 4203 "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-128-GCM" \ 4204 "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 4205 0 \ 4206 -c "client hello, adding session ticket extension" \ 4207 -s "found session ticket extension" \ 4208 -s "server hello, adding session ticket extension" \ 4209 -c "found session_ticket extension" \ 4210 -c "parse new session ticket" \ 4211 -S "session successfully restored from cache" \ 4212 -s "session successfully restored from ticket" \ 4213 -s "a session has been resumed" \ 4214 -c "a session has been resumed" 4215 4216 requires_cipher_enabled "ARIA" "GCM" 4217 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 4218 run_test "Session resume using tickets: ARIA-192-GCM" \ 4219 "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-192-GCM" \ 4220 "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 4221 0 \ 4222 -c "client hello, adding session ticket extension" \ 4223 -s "found session ticket extension" \ 4224 -s "server hello, adding session ticket extension" \ 4225 -c "found session_ticket extension" \ 4226 -c "parse new session ticket" \ 4227 -S "session successfully restored from cache" \ 4228 -s "session successfully restored from ticket" \ 4229 -s "a session has been resumed" \ 4230 -c "a session has been resumed" 4231 4232 requires_cipher_enabled "ARIA" "GCM" 4233 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 4234 run_test "Session resume using tickets: ARIA-256-GCM" \ 4235 "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-256-GCM" \ 4236 "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 4237 0 \ 4238 -c "client hello, adding session ticket extension" \ 4239 -s "found session ticket extension" \ 4240 -s "server hello, adding session ticket extension" \ 4241 -c "found session_ticket extension" \ 4242 -c "parse new session ticket" \ 4243 -S "session successfully restored from cache" \ 4244 -s "session successfully restored from ticket" \ 4245 -s "a session has been resumed" \ 4246 -c "a session has been resumed" 4247 4248 requires_cipher_enabled "ARIA" "CCM" 4249 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 4250 run_test "Session resume using tickets: ARIA-128-CCM" \ 4251 "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-128-CCM" \ 4252 "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 4253 0 \ 4254 -c "client hello, adding session ticket extension" \ 4255 -s "found session ticket extension" \ 4256 -s "server hello, adding session ticket extension" \ 4257 -c "found session_ticket extension" \ 4258 -c "parse new session ticket" \ 4259 -S "session successfully restored from cache" \ 4260 -s "session successfully restored from ticket" \ 4261 -s "a session has been resumed" \ 4262 -c "a session has been resumed" 4263 4264 requires_cipher_enabled "ARIA" "CCM" 4265 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 4266 run_test "Session resume using tickets: ARIA-192-CCM" \ 4267 "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-192-CCM" \ 4268 "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 4269 0 \ 4270 -c "client hello, adding session ticket extension" \ 4271 -s "found session ticket extension" \ 4272 -s "server hello, adding session ticket extension" \ 4273 -c "found session_ticket extension" \ 4274 -c "parse new session ticket" \ 4275 -S "session successfully restored from cache" \ 4276 -s "session successfully restored from ticket" \ 4277 -s "a session has been resumed" \ 4278 -c "a session has been resumed" 4279 4280 requires_cipher_enabled "ARIA" "CCM" 4281 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 4282 run_test "Session resume using tickets: ARIA-256-CCM" \ 4283 "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-256-CCM" \ 4284 "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 4285 0 \ 4286 -c "client hello, adding session ticket extension" \ 4287 -s "found session ticket extension" \ 4288 -s "server hello, adding session ticket extension" \ 4289 -c "found session_ticket extension" \ 4290 -c "parse new session ticket" \ 4291 -S "session successfully restored from cache" \ 4292 -s "session successfully restored from ticket" \ 4293 -s "a session has been resumed" \ 4294 -c "a session has been resumed" 4295 4296 requires_cipher_enabled "CHACHA20" 4297 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 4298 run_test "Session resume using tickets: CHACHA20-POLY1305" \ 4299 "$P_SRV debug_level=3 tickets=1 ticket_aead=CHACHA20-POLY1305" \ 4300 "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 4301 0 \ 4302 -c "client hello, adding session ticket extension" \ 4303 -s "found session ticket extension" \ 4304 -s "server hello, adding session ticket extension" \ 4305 -c "found session_ticket extension" \ 4306 -c "parse new session ticket" \ 4307 -S "session successfully restored from cache" \ 4308 -s "session successfully restored from ticket" \ 4309 -s "a session has been resumed" \ 4310 -c "a session has been resumed" 4311 4312 # Tests for Session Tickets with DTLS 4313 4314 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 4315 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 4316 run_test "Session resume using tickets, DTLS: basic" \ 4317 "$P_SRV debug_level=3 dtls=1 tickets=1" \ 4318 "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1 skip_close_notify=1" \ 4319 0 \ 4320 -c "client hello, adding session ticket extension" \ 4321 -s "found session ticket extension" \ 4322 -s "server hello, adding session ticket extension" \ 4323 -c "found session_ticket extension" \ 4324 -c "parse new session ticket" \ 4325 -S "session successfully restored from cache" \ 4326 -s "session successfully restored from ticket" \ 4327 -s "a session has been resumed" \ 4328 -c "a session has been resumed" 4329 4330 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 4331 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 4332 run_test "Session resume using tickets, DTLS: cache disabled" \ 4333 "$P_SRV debug_level=3 dtls=1 tickets=1 cache_max=0" \ 4334 "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1 skip_close_notify=1" \ 4335 0 \ 4336 -c "client hello, adding session ticket extension" \ 4337 -s "found session ticket extension" \ 4338 -s "server hello, adding session ticket extension" \ 4339 -c "found session_ticket extension" \ 4340 -c "parse new session ticket" \ 4341 -S "session successfully restored from cache" \ 4342 -s "session successfully restored from ticket" \ 4343 -s "a session has been resumed" \ 4344 -c "a session has been resumed" 4345 4346 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 4347 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 4348 run_test "Session resume using tickets, DTLS: timeout" \ 4349 "$P_SRV debug_level=3 dtls=1 tickets=1 cache_max=0 ticket_timeout=1" \ 4350 "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1 skip_close_notify=1 reco_delay=2000" \ 4351 0 \ 4352 -c "client hello, adding session ticket extension" \ 4353 -s "found session ticket extension" \ 4354 -s "server hello, adding session ticket extension" \ 4355 -c "found session_ticket extension" \ 4356 -c "parse new session ticket" \ 4357 -S "session successfully restored from cache" \ 4358 -S "session successfully restored from ticket" \ 4359 -S "a session has been resumed" \ 4360 -C "a session has been resumed" 4361 4362 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 4363 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 4364 run_test "Session resume using tickets, DTLS: session copy" \ 4365 "$P_SRV debug_level=3 dtls=1 tickets=1 cache_max=0" \ 4366 "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1 skip_close_notify=1 reco_mode=0" \ 4367 0 \ 4368 -c "client hello, adding session ticket extension" \ 4369 -s "found session ticket extension" \ 4370 -s "server hello, adding session ticket extension" \ 4371 -c "found session_ticket extension" \ 4372 -c "parse new session ticket" \ 4373 -S "session successfully restored from cache" \ 4374 -s "session successfully restored from ticket" \ 4375 -s "a session has been resumed" \ 4376 -c "a session has been resumed" 4377 4378 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 4379 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 4380 run_test "Session resume using tickets, DTLS: openssl server" \ 4381 "$O_SRV -dtls" \ 4382 "$P_CLI dtls=1 debug_level=3 tickets=1 reconnect=1" \ 4383 0 \ 4384 -c "client hello, adding session ticket extension" \ 4385 -c "found session_ticket extension" \ 4386 -c "parse new session ticket" \ 4387 -c "a session has been resumed" 4388 4389 # For reasons that aren't fully understood, this test randomly fails with high 4390 # probability with OpenSSL 1.0.2g on the CI, see #5012. 4391 requires_openssl_next 4392 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 4393 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 4394 run_test "Session resume using tickets, DTLS: openssl client" \ 4395 "$P_SRV dtls=1 debug_level=3 tickets=1" \ 4396 "( $O_NEXT_CLI -dtls -sess_out $SESSION; \ 4397 $O_NEXT_CLI -dtls -sess_in $SESSION; \ 4398 rm -f $SESSION )" \ 4399 0 \ 4400 -s "found session ticket extension" \ 4401 -s "server hello, adding session ticket extension" \ 4402 -S "session successfully restored from cache" \ 4403 -s "session successfully restored from ticket" \ 4404 -s "a session has been resumed" 4405 4406 # Tests for Session Resume based on session-ID and cache 4407 4408 requires_config_enabled MBEDTLS_SSL_CACHE_C 4409 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 4410 run_test "Session resume using cache: tickets enabled on client" \ 4411 "$P_SRV debug_level=3 tickets=0" \ 4412 "$P_CLI force_version=tls12 debug_level=3 tickets=1 reconnect=1" \ 4413 0 \ 4414 -c "client hello, adding session ticket extension" \ 4415 -s "found session ticket extension" \ 4416 -S "server hello, adding session ticket extension" \ 4417 -C "found session_ticket extension" \ 4418 -C "parse new session ticket" \ 4419 -s "session successfully restored from cache" \ 4420 -S "session successfully restored from ticket" \ 4421 -s "a session has been resumed" \ 4422 -c "a session has been resumed" 4423 4424 requires_config_enabled MBEDTLS_SSL_CACHE_C 4425 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 4426 run_test "Session resume using cache: tickets enabled on server" \ 4427 "$P_SRV debug_level=3 tickets=1" \ 4428 "$P_CLI force_version=tls12 debug_level=3 tickets=0 reconnect=1" \ 4429 0 \ 4430 -C "client hello, adding session ticket extension" \ 4431 -S "found session ticket extension" \ 4432 -S "server hello, adding session ticket extension" \ 4433 -C "found session_ticket extension" \ 4434 -C "parse new session ticket" \ 4435 -s "session successfully restored from cache" \ 4436 -S "session successfully restored from ticket" \ 4437 -s "a session has been resumed" \ 4438 -c "a session has been resumed" 4439 4440 requires_config_enabled MBEDTLS_SSL_CACHE_C 4441 run_test "Session resume using cache: cache_max=0" \ 4442 "$P_SRV debug_level=3 tickets=0 cache_max=0" \ 4443 "$P_CLI force_version=tls12 debug_level=3 tickets=0 reconnect=1" \ 4444 0 \ 4445 -S "session successfully restored from cache" \ 4446 -S "session successfully restored from ticket" \ 4447 -S "a session has been resumed" \ 4448 -C "a session has been resumed" 4449 4450 requires_config_enabled MBEDTLS_SSL_CACHE_C 4451 run_test "Session resume using cache: cache_max=1" \ 4452 "$P_SRV debug_level=3 tickets=0 cache_max=1" \ 4453 "$P_CLI force_version=tls12 debug_level=3 tickets=0 reconnect=1" \ 4454 0 \ 4455 -s "session successfully restored from cache" \ 4456 -S "session successfully restored from ticket" \ 4457 -s "a session has been resumed" \ 4458 -c "a session has been resumed" 4459 4460 requires_config_enabled MBEDTLS_SSL_CACHE_C 4461 run_test "Session resume using cache: cache removed" \ 4462 "$P_SRV debug_level=3 tickets=0 cache_remove=1" \ 4463 "$P_CLI force_version=tls12 debug_level=3 tickets=0 reconnect=1" \ 4464 0 \ 4465 -C "client hello, adding session ticket extension" \ 4466 -S "found session ticket extension" \ 4467 -S "server hello, adding session ticket extension" \ 4468 -C "found session_ticket extension" \ 4469 -C "parse new session ticket" \ 4470 -S "session successfully restored from cache" \ 4471 -S "session successfully restored from ticket" \ 4472 -S "a session has been resumed" \ 4473 -C "a session has been resumed" 4474 4475 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 4476 requires_config_enabled MBEDTLS_SSL_CACHE_C 4477 run_test "Session resume using cache: timeout > delay" \ 4478 "$P_SRV debug_level=3 tickets=0" \ 4479 "$P_CLI force_version=tls12 debug_level=3 tickets=0 reconnect=1 reco_delay=0" \ 4480 0 \ 4481 -s "session successfully restored from cache" \ 4482 -S "session successfully restored from ticket" \ 4483 -s "a session has been resumed" \ 4484 -c "a session has been resumed" 4485 4486 requires_config_enabled MBEDTLS_SSL_CACHE_C 4487 run_test "Session resume using cache: timeout < delay" \ 4488 "$P_SRV debug_level=3 tickets=0 cache_timeout=1" \ 4489 "$P_CLI force_version=tls12 debug_level=3 tickets=0 reconnect=1 reco_delay=2000" \ 4490 0 \ 4491 -S "session successfully restored from cache" \ 4492 -S "session successfully restored from ticket" \ 4493 -S "a session has been resumed" \ 4494 -C "a session has been resumed" 4495 4496 requires_config_enabled MBEDTLS_SSL_CACHE_C 4497 run_test "Session resume using cache: no timeout" \ 4498 "$P_SRV debug_level=3 tickets=0 cache_timeout=0" \ 4499 "$P_CLI force_version=tls12 debug_level=3 tickets=0 reconnect=1 reco_delay=2000" \ 4500 0 \ 4501 -s "session successfully restored from cache" \ 4502 -S "session successfully restored from ticket" \ 4503 -s "a session has been resumed" \ 4504 -c "a session has been resumed" 4505 4506 requires_config_enabled MBEDTLS_SSL_CACHE_C 4507 run_test "Session resume using cache: session copy" \ 4508 "$P_SRV debug_level=3 tickets=0" \ 4509 "$P_CLI force_version=tls12 debug_level=3 tickets=0 reconnect=1 reco_mode=0" \ 4510 0 \ 4511 -s "session successfully restored from cache" \ 4512 -S "session successfully restored from ticket" \ 4513 -s "a session has been resumed" \ 4514 -c "a session has been resumed" 4515 4516 requires_config_enabled MBEDTLS_SSL_CACHE_C 4517 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 4518 run_test "Session resume using cache: openssl client" \ 4519 "$P_SRV force_version=tls12 debug_level=3 tickets=0" \ 4520 "( $O_CLI -sess_out $SESSION; \ 4521 $O_CLI -sess_in $SESSION; \ 4522 rm -f $SESSION )" \ 4523 0 \ 4524 -s "found session ticket extension" \ 4525 -S "server hello, adding session ticket extension" \ 4526 -s "session successfully restored from cache" \ 4527 -S "session successfully restored from ticket" \ 4528 -s "a session has been resumed" 4529 4530 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 4531 requires_config_enabled MBEDTLS_SSL_CACHE_C 4532 run_test "Session resume using cache: openssl server" \ 4533 "$O_SRV -tls1_2" \ 4534 "$P_CLI debug_level=3 tickets=0 reconnect=1" \ 4535 0 \ 4536 -C "found session_ticket extension" \ 4537 -C "parse new session ticket" \ 4538 -c "a session has been resumed" 4539 4540 # Tests for Session resume and extensions 4541 4542 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 4543 requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID 4544 run_test "Session resume and connection ID" \ 4545 "$P_SRV debug_level=3 cid=1 cid_val=dead dtls=1 tickets=0" \ 4546 "$P_CLI debug_level=3 cid=1 cid_val=beef dtls=1 tickets=0 reconnect=1" \ 4547 0 \ 4548 -c "Enable use of CID extension." \ 4549 -s "Enable use of CID extension." \ 4550 -c "client hello, adding CID extension" \ 4551 -s "found CID extension" \ 4552 -s "Use of CID extension negotiated" \ 4553 -s "server hello, adding CID extension" \ 4554 -c "found CID extension" \ 4555 -c "Use of CID extension negotiated" \ 4556 -s "Copy CIDs into SSL transform" \ 4557 -c "Copy CIDs into SSL transform" \ 4558 -c "Peer CID (length 2 Bytes): de ad" \ 4559 -s "Peer CID (length 2 Bytes): be ef" \ 4560 -s "Use of Connection ID has been negotiated" \ 4561 -c "Use of Connection ID has been negotiated" 4562 4563 # Tests for Session Resume based on session-ID and cache, DTLS 4564 4565 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 4566 requires_config_enabled MBEDTLS_SSL_CACHE_C 4567 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 4568 run_test "Session resume using cache, DTLS: tickets enabled on client" \ 4569 "$P_SRV dtls=1 debug_level=3 tickets=0" \ 4570 "$P_CLI dtls=1 debug_level=3 tickets=1 reconnect=1 skip_close_notify=1" \ 4571 0 \ 4572 -c "client hello, adding session ticket extension" \ 4573 -s "found session ticket extension" \ 4574 -S "server hello, adding session ticket extension" \ 4575 -C "found session_ticket extension" \ 4576 -C "parse new session ticket" \ 4577 -s "session successfully restored from cache" \ 4578 -S "session successfully restored from ticket" \ 4579 -s "a session has been resumed" \ 4580 -c "a session has been resumed" 4581 4582 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 4583 requires_config_enabled MBEDTLS_SSL_CACHE_C 4584 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 4585 run_test "Session resume using cache, DTLS: tickets enabled on server" \ 4586 "$P_SRV dtls=1 debug_level=3 tickets=1" \ 4587 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1" \ 4588 0 \ 4589 -C "client hello, adding session ticket extension" \ 4590 -S "found session ticket extension" \ 4591 -S "server hello, adding session ticket extension" \ 4592 -C "found session_ticket extension" \ 4593 -C "parse new session ticket" \ 4594 -s "session successfully restored from cache" \ 4595 -S "session successfully restored from ticket" \ 4596 -s "a session has been resumed" \ 4597 -c "a session has been resumed" 4598 4599 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 4600 requires_config_enabled MBEDTLS_SSL_CACHE_C 4601 run_test "Session resume using cache, DTLS: cache_max=0" \ 4602 "$P_SRV dtls=1 debug_level=3 tickets=0 cache_max=0" \ 4603 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1" \ 4604 0 \ 4605 -S "session successfully restored from cache" \ 4606 -S "session successfully restored from ticket" \ 4607 -S "a session has been resumed" \ 4608 -C "a session has been resumed" 4609 4610 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 4611 requires_config_enabled MBEDTLS_SSL_CACHE_C 4612 run_test "Session resume using cache, DTLS: cache_max=1" \ 4613 "$P_SRV dtls=1 debug_level=3 tickets=0 cache_max=1" \ 4614 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1" \ 4615 0 \ 4616 -s "session successfully restored from cache" \ 4617 -S "session successfully restored from ticket" \ 4618 -s "a session has been resumed" \ 4619 -c "a session has been resumed" 4620 4621 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 4622 requires_config_enabled MBEDTLS_SSL_CACHE_C 4623 run_test "Session resume using cache, DTLS: timeout > delay" \ 4624 "$P_SRV dtls=1 debug_level=3 tickets=0" \ 4625 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1 reco_delay=0" \ 4626 0 \ 4627 -s "session successfully restored from cache" \ 4628 -S "session successfully restored from ticket" \ 4629 -s "a session has been resumed" \ 4630 -c "a session has been resumed" 4631 4632 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 4633 requires_config_enabled MBEDTLS_SSL_CACHE_C 4634 run_test "Session resume using cache, DTLS: timeout < delay" \ 4635 "$P_SRV dtls=1 debug_level=3 tickets=0 cache_timeout=1" \ 4636 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1 reco_delay=2000" \ 4637 0 \ 4638 -S "session successfully restored from cache" \ 4639 -S "session successfully restored from ticket" \ 4640 -S "a session has been resumed" \ 4641 -C "a session has been resumed" 4642 4643 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 4644 requires_config_enabled MBEDTLS_SSL_CACHE_C 4645 run_test "Session resume using cache, DTLS: no timeout" \ 4646 "$P_SRV dtls=1 debug_level=3 tickets=0 cache_timeout=0" \ 4647 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1 reco_delay=2000" \ 4648 0 \ 4649 -s "session successfully restored from cache" \ 4650 -S "session successfully restored from ticket" \ 4651 -s "a session has been resumed" \ 4652 -c "a session has been resumed" 4653 4654 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 4655 requires_config_enabled MBEDTLS_SSL_CACHE_C 4656 run_test "Session resume using cache, DTLS: session copy" \ 4657 "$P_SRV dtls=1 debug_level=3 tickets=0" \ 4658 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1 reco_mode=0" \ 4659 0 \ 4660 -s "session successfully restored from cache" \ 4661 -S "session successfully restored from ticket" \ 4662 -s "a session has been resumed" \ 4663 -c "a session has been resumed" 4664 4665 # For reasons that aren't fully understood, this test randomly fails with high 4666 # probability with OpenSSL 1.0.2g on the CI, see #5012. 4667 requires_openssl_next 4668 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 4669 requires_config_enabled MBEDTLS_SSL_CACHE_C 4670 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 4671 run_test "Session resume using cache, DTLS: openssl client" \ 4672 "$P_SRV dtls=1 debug_level=3 tickets=0" \ 4673 "( $O_NEXT_CLI -dtls -sess_out $SESSION; \ 4674 $O_NEXT_CLI -dtls -sess_in $SESSION; \ 4675 rm -f $SESSION )" \ 4676 0 \ 4677 -s "found session ticket extension" \ 4678 -S "server hello, adding session ticket extension" \ 4679 -s "session successfully restored from cache" \ 4680 -S "session successfully restored from ticket" \ 4681 -s "a session has been resumed" 4682 4683 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 4684 requires_config_enabled MBEDTLS_SSL_CACHE_C 4685 run_test "Session resume using cache, DTLS: openssl server" \ 4686 "$O_SRV -dtls" \ 4687 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1" \ 4688 0 \ 4689 -C "found session_ticket extension" \ 4690 -C "parse new session ticket" \ 4691 -c "a session has been resumed" 4692 4693 # Tests for Max Fragment Length extension 4694 4695 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 4696 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 4697 run_test "Max fragment length: enabled, default" \ 4698 "$P_SRV debug_level=3 force_version=tls12" \ 4699 "$P_CLI debug_level=3" \ 4700 0 \ 4701 -c "Maximum incoming record payload length is $MAX_CONTENT_LEN" \ 4702 -c "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \ 4703 -s "Maximum incoming record payload length is $MAX_CONTENT_LEN" \ 4704 -s "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \ 4705 -C "client hello, adding max_fragment_length extension" \ 4706 -S "found max fragment length extension" \ 4707 -S "server hello, max_fragment_length extension" \ 4708 -C "found max_fragment_length extension" 4709 4710 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 4711 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 4712 run_test "Max fragment length: enabled, default, larger message" \ 4713 "$P_SRV debug_level=3 force_version=tls12" \ 4714 "$P_CLI debug_level=3 request_size=$(( $MAX_CONTENT_LEN + 1))" \ 4715 0 \ 4716 -c "Maximum incoming record payload length is $MAX_CONTENT_LEN" \ 4717 -c "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \ 4718 -s "Maximum incoming record payload length is $MAX_CONTENT_LEN" \ 4719 -s "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \ 4720 -C "client hello, adding max_fragment_length extension" \ 4721 -S "found max fragment length extension" \ 4722 -S "server hello, max_fragment_length extension" \ 4723 -C "found max_fragment_length extension" \ 4724 -c "$(( $MAX_CONTENT_LEN + 1)) bytes written in 2 fragments" \ 4725 -s "$MAX_CONTENT_LEN bytes read" \ 4726 -s "1 bytes read" 4727 4728 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 4729 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 4730 run_test "Max fragment length, DTLS: enabled, default, larger message" \ 4731 "$P_SRV debug_level=3 dtls=1" \ 4732 "$P_CLI debug_level=3 dtls=1 request_size=$(( $MAX_CONTENT_LEN + 1))" \ 4733 1 \ 4734 -c "Maximum incoming record payload length is $MAX_CONTENT_LEN" \ 4735 -c "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \ 4736 -s "Maximum incoming record payload length is $MAX_CONTENT_LEN" \ 4737 -s "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \ 4738 -C "client hello, adding max_fragment_length extension" \ 4739 -S "found max fragment length extension" \ 4740 -S "server hello, max_fragment_length extension" \ 4741 -C "found max_fragment_length extension" \ 4742 -c "fragment larger than.*maximum " 4743 4744 # Run some tests with MBEDTLS_SSL_MAX_FRAGMENT_LENGTH disabled 4745 # (session fragment length will be 16384 regardless of mbedtls 4746 # content length configuration.) 4747 4748 requires_config_disabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 4749 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 4750 run_test "Max fragment length: disabled, larger message" \ 4751 "$P_SRV debug_level=3 force_version=tls12" \ 4752 "$P_CLI debug_level=3 request_size=$(( $MAX_CONTENT_LEN + 1))" \ 4753 0 \ 4754 -C "Maximum incoming record payload length is 16384" \ 4755 -C "Maximum outgoing record payload length is 16384" \ 4756 -S "Maximum incoming record payload length is 16384" \ 4757 -S "Maximum outgoing record payload length is 16384" \ 4758 -c "$(( $MAX_CONTENT_LEN + 1)) bytes written in 2 fragments" \ 4759 -s "$MAX_CONTENT_LEN bytes read" \ 4760 -s "1 bytes read" 4761 4762 requires_config_disabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 4763 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 4764 run_test "Max fragment length, DTLS: disabled, larger message" \ 4765 "$P_SRV debug_level=3 dtls=1 force_version=tls12" \ 4766 "$P_CLI debug_level=3 dtls=1 request_size=$(( $MAX_CONTENT_LEN + 1))" \ 4767 1 \ 4768 -C "Maximum incoming record payload length is 16384" \ 4769 -C "Maximum outgoing record payload length is 16384" \ 4770 -S "Maximum incoming record payload length is 16384" \ 4771 -S "Maximum outgoing record payload length is 16384" \ 4772 -c "fragment larger than.*maximum " 4773 4774 requires_max_content_len 4096 4775 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 4776 run_test "Max fragment length: used by client" \ 4777 "$P_SRV debug_level=3" \ 4778 "$P_CLI force_version=tls12 debug_level=3 max_frag_len=4096" \ 4779 0 \ 4780 -c "Maximum incoming record payload length is 4096" \ 4781 -c "Maximum outgoing record payload length is 4096" \ 4782 -s "Maximum incoming record payload length is 4096" \ 4783 -s "Maximum outgoing record payload length is 4096" \ 4784 -c "client hello, adding max_fragment_length extension" \ 4785 -s "found max fragment length extension" \ 4786 -s "server hello, max_fragment_length extension" \ 4787 -c "found max_fragment_length extension" 4788 4789 requires_max_content_len 1024 4790 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 4791 run_test "Max fragment length: client 512, server 1024" \ 4792 "$P_SRV debug_level=3 max_frag_len=1024" \ 4793 "$P_CLI force_version=tls12 debug_level=3 max_frag_len=512" \ 4794 0 \ 4795 -c "Maximum incoming record payload length is 512" \ 4796 -c "Maximum outgoing record payload length is 512" \ 4797 -s "Maximum incoming record payload length is 512" \ 4798 -s "Maximum outgoing record payload length is 512" \ 4799 -c "client hello, adding max_fragment_length extension" \ 4800 -s "found max fragment length extension" \ 4801 -s "server hello, max_fragment_length extension" \ 4802 -c "found max_fragment_length extension" 4803 4804 requires_max_content_len 2048 4805 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 4806 run_test "Max fragment length: client 512, server 2048" \ 4807 "$P_SRV debug_level=3 max_frag_len=2048" \ 4808 "$P_CLI force_version=tls12 debug_level=3 max_frag_len=512" \ 4809 0 \ 4810 -c "Maximum incoming record payload length is 512" \ 4811 -c "Maximum outgoing record payload length is 512" \ 4812 -s "Maximum incoming record payload length is 512" \ 4813 -s "Maximum outgoing record payload length is 512" \ 4814 -c "client hello, adding max_fragment_length extension" \ 4815 -s "found max fragment length extension" \ 4816 -s "server hello, max_fragment_length extension" \ 4817 -c "found max_fragment_length extension" 4818 4819 requires_max_content_len 4096 4820 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 4821 run_test "Max fragment length: client 512, server 4096" \ 4822 "$P_SRV debug_level=3 max_frag_len=4096" \ 4823 "$P_CLI force_version=tls12 debug_level=3 max_frag_len=512" \ 4824 0 \ 4825 -c "Maximum incoming record payload length is 512" \ 4826 -c "Maximum outgoing record payload length is 512" \ 4827 -s "Maximum incoming record payload length is 512" \ 4828 -s "Maximum outgoing record payload length is 512" \ 4829 -c "client hello, adding max_fragment_length extension" \ 4830 -s "found max fragment length extension" \ 4831 -s "server hello, max_fragment_length extension" \ 4832 -c "found max_fragment_length extension" 4833 4834 requires_max_content_len 1024 4835 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 4836 run_test "Max fragment length: client 1024, server 512" \ 4837 "$P_SRV force_version=tls12 debug_level=3 max_frag_len=512" \ 4838 "$P_CLI debug_level=3 max_frag_len=1024" \ 4839 0 \ 4840 -c "Maximum incoming record payload length is 1024" \ 4841 -c "Maximum outgoing record payload length is 1024" \ 4842 -s "Maximum incoming record payload length is 1024" \ 4843 -s "Maximum outgoing record payload length is 512" \ 4844 -c "client hello, adding max_fragment_length extension" \ 4845 -s "found max fragment length extension" \ 4846 -s "server hello, max_fragment_length extension" \ 4847 -c "found max_fragment_length extension" 4848 4849 requires_max_content_len 2048 4850 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 4851 run_test "Max fragment length: client 1024, server 2048" \ 4852 "$P_SRV debug_level=3 max_frag_len=2048" \ 4853 "$P_CLI force_version=tls12 debug_level=3 max_frag_len=1024" \ 4854 0 \ 4855 -c "Maximum incoming record payload length is 1024" \ 4856 -c "Maximum outgoing record payload length is 1024" \ 4857 -s "Maximum incoming record payload length is 1024" \ 4858 -s "Maximum outgoing record payload length is 1024" \ 4859 -c "client hello, adding max_fragment_length extension" \ 4860 -s "found max fragment length extension" \ 4861 -s "server hello, max_fragment_length extension" \ 4862 -c "found max_fragment_length extension" 4863 4864 requires_max_content_len 4096 4865 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 4866 run_test "Max fragment length: client 1024, server 4096" \ 4867 "$P_SRV debug_level=3 max_frag_len=4096" \ 4868 "$P_CLI force_version=tls12 debug_level=3 max_frag_len=1024" \ 4869 0 \ 4870 -c "Maximum incoming record payload length is 1024" \ 4871 -c "Maximum outgoing record payload length is 1024" \ 4872 -s "Maximum incoming record payload length is 1024" \ 4873 -s "Maximum outgoing record payload length is 1024" \ 4874 -c "client hello, adding max_fragment_length extension" \ 4875 -s "found max fragment length extension" \ 4876 -s "server hello, max_fragment_length extension" \ 4877 -c "found max_fragment_length extension" 4878 4879 requires_max_content_len 2048 4880 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 4881 run_test "Max fragment length: client 2048, server 512" \ 4882 "$P_SRV force_version=tls12 debug_level=3 max_frag_len=512" \ 4883 "$P_CLI debug_level=3 max_frag_len=2048" \ 4884 0 \ 4885 -c "Maximum incoming record payload length is 2048" \ 4886 -c "Maximum outgoing record payload length is 2048" \ 4887 -s "Maximum incoming record payload length is 2048" \ 4888 -s "Maximum outgoing record payload length is 512" \ 4889 -c "client hello, adding max_fragment_length extension" \ 4890 -s "found max fragment length extension" \ 4891 -s "server hello, max_fragment_length extension" \ 4892 -c "found max_fragment_length extension" 4893 4894 requires_max_content_len 2048 4895 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 4896 run_test "Max fragment length: client 2048, server 1024" \ 4897 "$P_SRV force_version=tls12 debug_level=3 max_frag_len=1024" \ 4898 "$P_CLI debug_level=3 max_frag_len=2048" \ 4899 0 \ 4900 -c "Maximum incoming record payload length is 2048" \ 4901 -c "Maximum outgoing record payload length is 2048" \ 4902 -s "Maximum incoming record payload length is 2048" \ 4903 -s "Maximum outgoing record payload length is 1024" \ 4904 -c "client hello, adding max_fragment_length extension" \ 4905 -s "found max fragment length extension" \ 4906 -s "server hello, max_fragment_length extension" \ 4907 -c "found max_fragment_length extension" 4908 4909 requires_max_content_len 4096 4910 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 4911 run_test "Max fragment length: client 2048, server 4096" \ 4912 "$P_SRV debug_level=3 max_frag_len=4096" \ 4913 "$P_CLI force_version=tls12 debug_level=3 max_frag_len=2048" \ 4914 0 \ 4915 -c "Maximum incoming record payload length is 2048" \ 4916 -c "Maximum outgoing record payload length is 2048" \ 4917 -s "Maximum incoming record payload length is 2048" \ 4918 -s "Maximum outgoing record payload length is 2048" \ 4919 -c "client hello, adding max_fragment_length extension" \ 4920 -s "found max fragment length extension" \ 4921 -s "server hello, max_fragment_length extension" \ 4922 -c "found max_fragment_length extension" 4923 4924 requires_max_content_len 4096 4925 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 4926 run_test "Max fragment length: client 4096, server 512" \ 4927 "$P_SRV force_version=tls12 debug_level=3 max_frag_len=512" \ 4928 "$P_CLI debug_level=3 max_frag_len=4096" \ 4929 0 \ 4930 -c "Maximum incoming record payload length is 4096" \ 4931 -c "Maximum outgoing record payload length is 4096" \ 4932 -s "Maximum incoming record payload length is 4096" \ 4933 -s "Maximum outgoing record payload length is 512" \ 4934 -c "client hello, adding max_fragment_length extension" \ 4935 -s "found max fragment length extension" \ 4936 -s "server hello, max_fragment_length extension" \ 4937 -c "found max_fragment_length extension" 4938 4939 requires_max_content_len 4096 4940 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 4941 run_test "Max fragment length: client 4096, server 1024" \ 4942 "$P_SRV force_version=tls12 debug_level=3 max_frag_len=1024" \ 4943 "$P_CLI debug_level=3 max_frag_len=4096" \ 4944 0 \ 4945 -c "Maximum incoming record payload length is 4096" \ 4946 -c "Maximum outgoing record payload length is 4096" \ 4947 -s "Maximum incoming record payload length is 4096" \ 4948 -s "Maximum outgoing record payload length is 1024" \ 4949 -c "client hello, adding max_fragment_length extension" \ 4950 -s "found max fragment length extension" \ 4951 -s "server hello, max_fragment_length extension" \ 4952 -c "found max_fragment_length extension" 4953 4954 requires_max_content_len 4096 4955 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 4956 run_test "Max fragment length: client 4096, server 2048" \ 4957 "$P_SRV force_version=tls12 debug_level=3 max_frag_len=2048" \ 4958 "$P_CLI debug_level=3 max_frag_len=4096" \ 4959 0 \ 4960 -c "Maximum incoming record payload length is 4096" \ 4961 -c "Maximum outgoing record payload length is 4096" \ 4962 -s "Maximum incoming record payload length is 4096" \ 4963 -s "Maximum outgoing record payload length is 2048" \ 4964 -c "client hello, adding max_fragment_length extension" \ 4965 -s "found max fragment length extension" \ 4966 -s "server hello, max_fragment_length extension" \ 4967 -c "found max_fragment_length extension" 4968 4969 requires_max_content_len 4096 4970 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 4971 run_test "Max fragment length: used by server" \ 4972 "$P_SRV force_version=tls12 debug_level=3 max_frag_len=4096" \ 4973 "$P_CLI debug_level=3" \ 4974 0 \ 4975 -c "Maximum incoming record payload length is $MAX_CONTENT_LEN" \ 4976 -c "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \ 4977 -s "Maximum incoming record payload length is $MAX_CONTENT_LEN" \ 4978 -s "Maximum outgoing record payload length is 4096" \ 4979 -C "client hello, adding max_fragment_length extension" \ 4980 -S "found max fragment length extension" \ 4981 -S "server hello, max_fragment_length extension" \ 4982 -C "found max_fragment_length extension" 4983 4984 requires_max_content_len 4096 4985 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 4986 requires_gnutls 4987 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 4988 run_test "Max fragment length: gnutls server" \ 4989 "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2" \ 4990 "$P_CLI debug_level=3 max_frag_len=4096" \ 4991 0 \ 4992 -c "Maximum incoming record payload length is 4096" \ 4993 -c "Maximum outgoing record payload length is 4096" \ 4994 -c "client hello, adding max_fragment_length extension" \ 4995 -c "found max_fragment_length extension" 4996 4997 requires_max_content_len 2048 4998 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 4999 run_test "Max fragment length: client, message just fits" \ 5000 "$P_SRV debug_level=3" \ 5001 "$P_CLI force_version=tls12 debug_level=3 max_frag_len=2048 request_size=2048" \ 5002 0 \ 5003 -c "Maximum incoming record payload length is 2048" \ 5004 -c "Maximum outgoing record payload length is 2048" \ 5005 -s "Maximum incoming record payload length is 2048" \ 5006 -s "Maximum outgoing record payload length is 2048" \ 5007 -c "client hello, adding max_fragment_length extension" \ 5008 -s "found max fragment length extension" \ 5009 -s "server hello, max_fragment_length extension" \ 5010 -c "found max_fragment_length extension" \ 5011 -c "2048 bytes written in 1 fragments" \ 5012 -s "2048 bytes read" 5013 5014 requires_max_content_len 2048 5015 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 5016 run_test "Max fragment length: client, larger message" \ 5017 "$P_SRV debug_level=3" \ 5018 "$P_CLI force_version=tls12 debug_level=3 max_frag_len=2048 request_size=2345" \ 5019 0 \ 5020 -c "Maximum incoming record payload length is 2048" \ 5021 -c "Maximum outgoing record payload length is 2048" \ 5022 -s "Maximum incoming record payload length is 2048" \ 5023 -s "Maximum outgoing record payload length is 2048" \ 5024 -c "client hello, adding max_fragment_length extension" \ 5025 -s "found max fragment length extension" \ 5026 -s "server hello, max_fragment_length extension" \ 5027 -c "found max_fragment_length extension" \ 5028 -c "2345 bytes written in 2 fragments" \ 5029 -s "2048 bytes read" \ 5030 -s "297 bytes read" 5031 5032 requires_max_content_len 2048 5033 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 5034 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 5035 run_test "Max fragment length: DTLS client, larger message" \ 5036 "$P_SRV debug_level=3 dtls=1" \ 5037 "$P_CLI debug_level=3 dtls=1 max_frag_len=2048 request_size=2345" \ 5038 1 \ 5039 -c "Maximum incoming record payload length is 2048" \ 5040 -c "Maximum outgoing record payload length is 2048" \ 5041 -s "Maximum incoming record payload length is 2048" \ 5042 -s "Maximum outgoing record payload length is 2048" \ 5043 -c "client hello, adding max_fragment_length extension" \ 5044 -s "found max fragment length extension" \ 5045 -s "server hello, max_fragment_length extension" \ 5046 -c "found max_fragment_length extension" \ 5047 -c "fragment larger than.*maximum" 5048 5049 # Tests for Record Size Limit extension 5050 5051 requires_gnutls_tls1_3 5052 requires_gnutls_record_size_limit 5053 requires_config_enabled MBEDTLS_SSL_SRV_C 5054 requires_config_enabled MBEDTLS_DEBUG_C 5055 requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT 5056 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 5057 run_test "Record Size Limit: TLS 1.3: Server-side parsing and debug output" \ 5058 "$P_SRV debug_level=3 force_version=tls13" \ 5059 "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4" \ 5060 0 \ 5061 -s "RecordSizeLimit: 16385 Bytes" \ 5062 -s "ClientHello: record_size_limit(28) extension exists." \ 5063 -s "Maximum outgoing record payload length is 16383" \ 5064 -s "bytes written in 1 fragments" 5065 5066 requires_gnutls_tls1_3 5067 requires_gnutls_record_size_limit 5068 requires_config_enabled MBEDTLS_SSL_CLI_C 5069 requires_config_enabled MBEDTLS_DEBUG_C 5070 requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT 5071 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 5072 run_test "Record Size Limit: TLS 1.3: Client-side parsing and debug output" \ 5073 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL --disable-client-cert -d 4" \ 5074 "$P_CLI debug_level=4 force_version=tls13" \ 5075 0 \ 5076 -c "Sent RecordSizeLimit: 16384 Bytes" \ 5077 -c "ClientHello: record_size_limit(28) extension exists." \ 5078 -c "EncryptedExtensions: record_size_limit(28) extension received." \ 5079 -c "RecordSizeLimit: 16385 Bytes" \ 5080 5081 # In the following tests, --recordsize is the value used by the G_NEXT_CLI (3.7.2) to configure the 5082 # maximum record size using gnutls_record_set_max_size() 5083 # (https://gnutls.org/reference/gnutls-gnutls.html#gnutls-record-set-max-size). 5084 # There is currently a lower limit of 512, caused by gnutls_record_set_max_size() 5085 # not respecting the "%ALLOW_SMALL_RECORDS" priority string and not using the 5086 # more recent function gnutls_record_set_max_recv_size() 5087 # (https://gnutls.org/reference/gnutls-gnutls.html#gnutls-record-set-max-recv-size). 5088 # There is currently an upper limit of 4096, caused by the cli arg parser: 5089 # https://gitlab.com/gnutls/gnutls/-/blob/3.7.2/src/cli-args.def#L395. 5090 # Thus, these tests are currently limited to the value range 512-4096. 5091 # Also, the value sent in the extension will be one larger than the value 5092 # set at the command line: 5093 # https://gitlab.com/gnutls/gnutls/-/blob/3.7.2/lib/ext/record_size_limit.c#L142 5094 5095 # Currently test certificates being used do not fit in 513 record size limit 5096 # so for 513 record size limit tests we use preshared key to avoid sending 5097 # the certificate. 5098 5099 requires_gnutls_tls1_3 5100 requires_gnutls_record_size_limit 5101 requires_config_enabled MBEDTLS_SSL_SRV_C 5102 requires_config_enabled MBEDTLS_DEBUG_C 5103 requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT 5104 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 5105 run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (513), 1 fragment" \ 5106 "$P_SRV debug_level=3 force_version=tls13 tls13_kex_modes=psk \ 5107 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70 \ 5108 response_size=256" \ 5109 "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK --recordsize 512 \ 5110 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70" \ 5111 0 \ 5112 -s "RecordSizeLimit: 513 Bytes" \ 5113 -s "ClientHello: record_size_limit(28) extension exists." \ 5114 -s "Sent RecordSizeLimit: 16384 Bytes" \ 5115 -s "EncryptedExtensions: record_size_limit(28) extension exists." \ 5116 -s "Maximum outgoing record payload length is 511" \ 5117 -s "256 bytes written in 1 fragments" 5118 5119 requires_gnutls_tls1_3 5120 requires_gnutls_record_size_limit 5121 requires_config_enabled MBEDTLS_SSL_SRV_C 5122 requires_config_enabled MBEDTLS_DEBUG_C 5123 requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT 5124 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 5125 run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (513), 2 fragments" \ 5126 "$P_SRV debug_level=3 force_version=tls13 tls13_kex_modes=psk \ 5127 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70 \ 5128 response_size=768" \ 5129 "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK --recordsize 512 \ 5130 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70" \ 5131 0 \ 5132 -s "RecordSizeLimit: 513 Bytes" \ 5133 -s "ClientHello: record_size_limit(28) extension exists." \ 5134 -s "Sent RecordSizeLimit: 16384 Bytes" \ 5135 -s "EncryptedExtensions: record_size_limit(28) extension exists." \ 5136 -s "Maximum outgoing record payload length is 511" \ 5137 -s "768 bytes written in 2 fragments" 5138 5139 requires_gnutls_tls1_3 5140 requires_gnutls_record_size_limit 5141 requires_config_enabled MBEDTLS_SSL_SRV_C 5142 requires_config_enabled MBEDTLS_DEBUG_C 5143 requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT 5144 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 5145 run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (513), 3 fragments" \ 5146 "$P_SRV debug_level=3 force_version=tls13 tls13_kex_modes=psk \ 5147 psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70 \ 5148 response_size=1280" \ 5149 "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK --recordsize 512 \ 5150 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70" \ 5151 0 \ 5152 -s "RecordSizeLimit: 513 Bytes" \ 5153 -s "ClientHello: record_size_limit(28) extension exists." \ 5154 -s "Sent RecordSizeLimit: 16384 Bytes" \ 5155 -s "EncryptedExtensions: record_size_limit(28) extension exists." \ 5156 -s "Maximum outgoing record payload length is 511" \ 5157 -s "1280 bytes written in 3 fragments" 5158 5159 requires_gnutls_tls1_3 5160 requires_gnutls_record_size_limit 5161 requires_config_enabled MBEDTLS_SSL_SRV_C 5162 requires_config_enabled MBEDTLS_DEBUG_C 5163 requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT 5164 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 5165 run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (1024), 1 fragment" \ 5166 "$P_SRV debug_level=3 force_version=tls13 response_size=512" \ 5167 "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 1023" \ 5168 0 \ 5169 -s "RecordSizeLimit: 1024 Bytes" \ 5170 -s "ClientHello: record_size_limit(28) extension exists." \ 5171 -s "Sent RecordSizeLimit: 16384 Bytes" \ 5172 -s "EncryptedExtensions: record_size_limit(28) extension exists." \ 5173 -s "Maximum outgoing record payload length is 1023" \ 5174 -s "512 bytes written in 1 fragments" 5175 5176 requires_gnutls_tls1_3 5177 requires_gnutls_record_size_limit 5178 requires_config_enabled MBEDTLS_SSL_SRV_C 5179 requires_config_enabled MBEDTLS_DEBUG_C 5180 requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT 5181 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 5182 run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (1024), 2 fragments" \ 5183 "$P_SRV debug_level=3 force_version=tls13 response_size=1536" \ 5184 "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 1023" \ 5185 0 \ 5186 -s "RecordSizeLimit: 1024 Bytes" \ 5187 -s "ClientHello: record_size_limit(28) extension exists." \ 5188 -s "Sent RecordSizeLimit: 16384 Bytes" \ 5189 -s "EncryptedExtensions: record_size_limit(28) extension exists." \ 5190 -s "Maximum outgoing record payload length is 1023" \ 5191 -s "1536 bytes written in 2 fragments" 5192 5193 requires_gnutls_tls1_3 5194 requires_gnutls_record_size_limit 5195 requires_config_enabled MBEDTLS_SSL_SRV_C 5196 requires_config_enabled MBEDTLS_DEBUG_C 5197 requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT 5198 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 5199 run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (1024), 3 fragments" \ 5200 "$P_SRV debug_level=3 force_version=tls13 response_size=2560" \ 5201 "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 1023" \ 5202 0 \ 5203 -s "RecordSizeLimit: 1024 Bytes" \ 5204 -s "ClientHello: record_size_limit(28) extension exists." \ 5205 -s "Sent RecordSizeLimit: 16384 Bytes" \ 5206 -s "EncryptedExtensions: record_size_limit(28) extension exists." \ 5207 -s "Maximum outgoing record payload length is 1023" \ 5208 -s "2560 bytes written in 3 fragments" 5209 5210 requires_gnutls_tls1_3 5211 requires_gnutls_record_size_limit 5212 requires_config_enabled MBEDTLS_SSL_SRV_C 5213 requires_config_enabled MBEDTLS_DEBUG_C 5214 requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT 5215 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 5216 run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (4096), 1 fragment" \ 5217 "$P_SRV debug_level=3 force_version=tls13 response_size=2048" \ 5218 "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 4095" \ 5219 0 \ 5220 -s "RecordSizeLimit: 4096 Bytes" \ 5221 -s "ClientHello: record_size_limit(28) extension exists." \ 5222 -s "Sent RecordSizeLimit: 16384 Bytes" \ 5223 -s "EncryptedExtensions: record_size_limit(28) extension exists." \ 5224 -s "Maximum outgoing record payload length is 4095" \ 5225 -s "2048 bytes written in 1 fragments" 5226 5227 requires_gnutls_tls1_3 5228 requires_gnutls_record_size_limit 5229 requires_config_enabled MBEDTLS_SSL_SRV_C 5230 requires_config_enabled MBEDTLS_DEBUG_C 5231 requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT 5232 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 5233 run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (4096), 2 fragments" \ 5234 "$P_SRV debug_level=3 force_version=tls13 response_size=6144" \ 5235 "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 4095" \ 5236 0 \ 5237 -s "RecordSizeLimit: 4096 Bytes" \ 5238 -s "ClientHello: record_size_limit(28) extension exists." \ 5239 -s "Sent RecordSizeLimit: 16384 Bytes" \ 5240 -s "EncryptedExtensions: record_size_limit(28) extension exists." \ 5241 -s "Maximum outgoing record payload length is 4095" \ 5242 -s "6144 bytes written in 2 fragments" 5243 5244 requires_gnutls_tls1_3 5245 requires_gnutls_record_size_limit 5246 requires_config_enabled MBEDTLS_SSL_SRV_C 5247 requires_config_enabled MBEDTLS_DEBUG_C 5248 requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT 5249 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 5250 run_test "Record Size Limit: TLS 1.3: Server complies with record size limit (4096), 3 fragments" \ 5251 "$P_SRV debug_level=3 force_version=tls13 response_size=10240" \ 5252 "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 4095" \ 5253 0 \ 5254 -s "RecordSizeLimit: 4096 Bytes" \ 5255 -s "ClientHello: record_size_limit(28) extension exists." \ 5256 -s "Sent RecordSizeLimit: 16384 Bytes" \ 5257 -s "EncryptedExtensions: record_size_limit(28) extension exists." \ 5258 -s "Maximum outgoing record payload length is 4095" \ 5259 -s "10240 bytes written in 3 fragments" 5260 5261 requires_gnutls_tls1_3 5262 requires_gnutls_record_size_limit 5263 requires_config_enabled MBEDTLS_SSL_CLI_C 5264 requires_config_enabled MBEDTLS_DEBUG_C 5265 requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT 5266 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 5267 run_test "Record Size Limit: TLS 1.3: Client complies with record size limit (513), 1 fragment" \ 5268 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --disable-client-cert --recordsize 512" \ 5269 "$P_CLI debug_level=4 force_version=tls13 request_size=256" \ 5270 0 \ 5271 -c "Sent RecordSizeLimit: 16384 Bytes" \ 5272 -c "ClientHello: record_size_limit(28) extension exists." \ 5273 -c "RecordSizeLimit: 513 Bytes" \ 5274 -c "EncryptedExtensions: record_size_limit(28) extension exists." \ 5275 -c "Maximum outgoing record payload length is 511" \ 5276 -c "256 bytes written in 1 fragments" 5277 5278 requires_gnutls_tls1_3 5279 requires_gnutls_record_size_limit 5280 requires_config_enabled MBEDTLS_SSL_CLI_C 5281 requires_config_enabled MBEDTLS_DEBUG_C 5282 requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT 5283 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 5284 run_test "Record Size Limit: TLS 1.3: Client complies with record size limit (513), 2 fragments" \ 5285 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --disable-client-cert --recordsize 512" \ 5286 "$P_CLI debug_level=4 force_version=tls13 request_size=768" \ 5287 0 \ 5288 -c "Sent RecordSizeLimit: 16384 Bytes" \ 5289 -c "ClientHello: record_size_limit(28) extension exists." \ 5290 -c "RecordSizeLimit: 513 Bytes" \ 5291 -c "EncryptedExtensions: record_size_limit(28) extension exists." \ 5292 -c "Maximum outgoing record payload length is 511" \ 5293 -c "768 bytes written in 2 fragments" 5294 5295 requires_gnutls_tls1_3 5296 requires_gnutls_record_size_limit 5297 requires_config_enabled MBEDTLS_SSL_CLI_C 5298 requires_config_enabled MBEDTLS_DEBUG_C 5299 requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT 5300 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 5301 run_test "Record Size Limit: TLS 1.3: Client complies with record size limit (513), 3 fragments" \ 5302 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --disable-client-cert --recordsize 512" \ 5303 "$P_CLI debug_level=4 force_version=tls13 request_size=1280" \ 5304 0 \ 5305 -c "Sent RecordSizeLimit: 16384 Bytes" \ 5306 -c "ClientHello: record_size_limit(28) extension exists." \ 5307 -c "RecordSizeLimit: 513 Bytes" \ 5308 -c "EncryptedExtensions: record_size_limit(28) extension exists." \ 5309 -c "Maximum outgoing record payload length is 511" \ 5310 -c "1280 bytes written in 3 fragments" 5311 5312 requires_gnutls_tls1_3 5313 requires_gnutls_record_size_limit 5314 requires_config_enabled MBEDTLS_SSL_CLI_C 5315 requires_config_enabled MBEDTLS_DEBUG_C 5316 requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT 5317 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 5318 run_test "Record Size Limit: TLS 1.3: Client complies with record size limit (1024), 1 fragment" \ 5319 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --recordsize 1023" \ 5320 "$P_CLI debug_level=4 force_version=tls13 request_size=512" \ 5321 0 \ 5322 -c "Sent RecordSizeLimit: 16384 Bytes" \ 5323 -c "ClientHello: record_size_limit(28) extension exists." \ 5324 -c "RecordSizeLimit: 1024 Bytes" \ 5325 -c "EncryptedExtensions: record_size_limit(28) extension exists." \ 5326 -c "Maximum outgoing record payload length is 1023" \ 5327 -c "512 bytes written in 1 fragments" 5328 5329 requires_gnutls_tls1_3 5330 requires_gnutls_record_size_limit 5331 requires_config_enabled MBEDTLS_SSL_CLI_C 5332 requires_config_enabled MBEDTLS_DEBUG_C 5333 requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT 5334 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 5335 run_test "Record Size Limit: TLS 1.3: Client complies with record size limit (1024), 2 fragments" \ 5336 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --recordsize 1023" \ 5337 "$P_CLI debug_level=4 force_version=tls13 request_size=1536" \ 5338 0 \ 5339 -c "Sent RecordSizeLimit: 16384 Bytes" \ 5340 -c "ClientHello: record_size_limit(28) extension exists." \ 5341 -c "RecordSizeLimit: 1024 Bytes" \ 5342 -c "EncryptedExtensions: record_size_limit(28) extension exists." \ 5343 -c "Maximum outgoing record payload length is 1023" \ 5344 -c "1536 bytes written in 2 fragments" 5345 5346 requires_gnutls_tls1_3 5347 requires_gnutls_record_size_limit 5348 requires_config_enabled MBEDTLS_SSL_CLI_C 5349 requires_config_enabled MBEDTLS_DEBUG_C 5350 requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT 5351 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 5352 run_test "Record Size Limit: TLS 1.3: Client complies with record size limit (1024), 3 fragments" \ 5353 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --recordsize 1023" \ 5354 "$P_CLI debug_level=4 force_version=tls13 request_size=2560" \ 5355 0 \ 5356 -c "Sent RecordSizeLimit: 16384 Bytes" \ 5357 -c "ClientHello: record_size_limit(28) extension exists." \ 5358 -c "RecordSizeLimit: 1024 Bytes" \ 5359 -c "EncryptedExtensions: record_size_limit(28) extension exists." \ 5360 -c "Maximum outgoing record payload length is 1023" \ 5361 -c "2560 bytes written in 3 fragments" 5362 5363 requires_gnutls_tls1_3 5364 requires_gnutls_record_size_limit 5365 requires_config_enabled MBEDTLS_SSL_CLI_C 5366 requires_config_enabled MBEDTLS_DEBUG_C 5367 requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT 5368 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 5369 run_test "Record Size Limit: TLS 1.3: Client complies with record size limit (4096), 1 fragment" \ 5370 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --recordsize 4095" \ 5371 "$P_CLI debug_level=4 force_version=tls13 request_size=2048" \ 5372 0 \ 5373 -c "Sent RecordSizeLimit: 16384 Bytes" \ 5374 -c "ClientHello: record_size_limit(28) extension exists." \ 5375 -c "RecordSizeLimit: 4096 Bytes" \ 5376 -c "EncryptedExtensions: record_size_limit(28) extension exists." \ 5377 -c "Maximum outgoing record payload length is 4095" \ 5378 -c "2048 bytes written in 1 fragments" 5379 5380 requires_gnutls_tls1_3 5381 requires_gnutls_record_size_limit 5382 requires_config_enabled MBEDTLS_SSL_CLI_C 5383 requires_config_enabled MBEDTLS_DEBUG_C 5384 requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT 5385 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 5386 run_test "Record Size Limit: TLS 1.3: Client complies with record size limit (4096), 2 fragments" \ 5387 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --recordsize 4095" \ 5388 "$P_CLI debug_level=4 force_version=tls13 request_size=6144" \ 5389 0 \ 5390 -c "Sent RecordSizeLimit: 16384 Bytes" \ 5391 -c "ClientHello: record_size_limit(28) extension exists." \ 5392 -c "RecordSizeLimit: 4096 Bytes" \ 5393 -c "EncryptedExtensions: record_size_limit(28) extension exists." \ 5394 -c "Maximum outgoing record payload length is 4095" \ 5395 -c "6144 bytes written in 2 fragments" 5396 5397 requires_gnutls_tls1_3 5398 requires_gnutls_record_size_limit 5399 requires_config_enabled MBEDTLS_SSL_CLI_C 5400 requires_config_enabled MBEDTLS_DEBUG_C 5401 requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT 5402 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 5403 run_test "Record Size Limit: TLS 1.3: Client complies with record size limit (4096), 3 fragments" \ 5404 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --recordsize 4095" \ 5405 "$P_CLI debug_level=4 force_version=tls13 request_size=10240" \ 5406 0 \ 5407 -c "Sent RecordSizeLimit: 16384 Bytes" \ 5408 -c "ClientHello: record_size_limit(28) extension exists." \ 5409 -c "RecordSizeLimit: 4096 Bytes" \ 5410 -c "EncryptedExtensions: record_size_limit(28) extension exists." \ 5411 -c "Maximum outgoing record payload length is 4095" \ 5412 -c "10240 bytes written in 3 fragments" 5413 5414 # TODO: For time being, we send fixed value of RecordSizeLimit defined by 5415 # MBEDTLS_SSL_IN_CONTENT_LEN. Once we support variable buffer length of 5416 # RecordSizeLimit, we need to modify value of RecordSizeLimit in below test. 5417 requires_config_value_equals "MBEDTLS_SSL_IN_CONTENT_LEN" 16384 5418 requires_config_enabled MBEDTLS_SSL_CLI_C 5419 requires_config_enabled MBEDTLS_SSL_SRV_C 5420 requires_config_enabled MBEDTLS_DEBUG_C 5421 requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT 5422 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 5423 run_test "Record Size Limit: TLS 1.3 m->m: both peer comply with record size limit (default)" \ 5424 "$P_SRV debug_level=4 force_version=tls13" \ 5425 "$P_CLI debug_level=4" \ 5426 0 \ 5427 -c "Sent RecordSizeLimit: $MAX_IN_LEN Bytes" \ 5428 -c "RecordSizeLimit: $MAX_IN_LEN Bytes" \ 5429 -s "RecordSizeLimit: $MAX_IN_LEN Bytes" \ 5430 -s "Sent RecordSizeLimit: $MAX_IN_LEN Bytes" \ 5431 -s "Maximum outgoing record payload length is 16383" \ 5432 -s "Maximum incoming record payload length is 16384" 5433 5434 # End of Record size limit tests 5435 5436 # Tests for renegotiation 5437 5438 # G_NEXT_SRV is used in renegotiation tests becuase of the increased 5439 # extensions limit since we exceed the limit in G_SRV when we send 5440 # TLS 1.3 extensions in the initial handshake. 5441 5442 # Renegotiation SCSV always added, regardless of SSL_RENEGOTIATION 5443 run_test "Renegotiation: none, for reference" \ 5444 "$P_SRV debug_level=3 exchanges=2 auth_mode=optional" \ 5445 "$P_CLI force_version=tls12 debug_level=3 exchanges=2" \ 5446 0 \ 5447 -C "client hello, adding renegotiation extension" \ 5448 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 5449 -S "found renegotiation extension" \ 5450 -s "server hello, secure renegotiation extension" \ 5451 -c "found renegotiation extension" \ 5452 -C "=> renegotiate" \ 5453 -S "=> renegotiate" \ 5454 -S "write hello request" 5455 5456 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5457 run_test "Renegotiation: client-initiated" \ 5458 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional" \ 5459 "$P_CLI force_version=tls12 debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \ 5460 0 \ 5461 -c "client hello, adding renegotiation extension" \ 5462 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 5463 -s "found renegotiation extension" \ 5464 -s "server hello, secure renegotiation extension" \ 5465 -c "found renegotiation extension" \ 5466 -c "=> renegotiate" \ 5467 -s "=> renegotiate" \ 5468 -S "write hello request" 5469 5470 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5471 run_test "Renegotiation: server-initiated" \ 5472 "$P_SRV force_version=tls12 debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1" \ 5473 "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \ 5474 0 \ 5475 -c "client hello, adding renegotiation extension" \ 5476 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 5477 -s "found renegotiation extension" \ 5478 -s "server hello, secure renegotiation extension" \ 5479 -c "found renegotiation extension" \ 5480 -c "=> renegotiate" \ 5481 -s "=> renegotiate" \ 5482 -s "write hello request" 5483 5484 # Checks that no Signature Algorithm with SHA-1 gets negotiated. Negotiating SHA-1 would mean that 5485 # the server did not parse the Signature Algorithm extension. This test is valid only if an MD 5486 # algorithm stronger than SHA-1 is enabled in mbedtls_config.h 5487 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5488 run_test "Renegotiation: Signature Algorithms parsing, client-initiated" \ 5489 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional" \ 5490 "$P_CLI force_version=tls12 debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \ 5491 0 \ 5492 -c "client hello, adding renegotiation extension" \ 5493 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 5494 -s "found renegotiation extension" \ 5495 -s "server hello, secure renegotiation extension" \ 5496 -c "found renegotiation extension" \ 5497 -c "=> renegotiate" \ 5498 -s "=> renegotiate" \ 5499 -S "write hello request" \ 5500 -S "client hello v3, signature_algorithm ext: 2" # Is SHA-1 negotiated? 5501 5502 # Checks that no Signature Algorithm with SHA-1 gets negotiated. Negotiating SHA-1 would mean that 5503 # the server did not parse the Signature Algorithm extension. This test is valid only if an MD 5504 # algorithm stronger than SHA-1 is enabled in mbedtls_config.h 5505 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5506 run_test "Renegotiation: Signature Algorithms parsing, server-initiated" \ 5507 "$P_SRV force_version=tls12 debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1" \ 5508 "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \ 5509 0 \ 5510 -c "client hello, adding renegotiation extension" \ 5511 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 5512 -s "found renegotiation extension" \ 5513 -s "server hello, secure renegotiation extension" \ 5514 -c "found renegotiation extension" \ 5515 -c "=> renegotiate" \ 5516 -s "=> renegotiate" \ 5517 -s "write hello request" \ 5518 -S "client hello v3, signature_algorithm ext: 2" # Is SHA-1 negotiated? 5519 5520 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5521 run_test "Renegotiation: double" \ 5522 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1" \ 5523 "$P_CLI force_version=tls12 debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \ 5524 0 \ 5525 -c "client hello, adding renegotiation extension" \ 5526 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 5527 -s "found renegotiation extension" \ 5528 -s "server hello, secure renegotiation extension" \ 5529 -c "found renegotiation extension" \ 5530 -c "=> renegotiate" \ 5531 -s "=> renegotiate" \ 5532 -s "write hello request" 5533 5534 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5535 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 5536 requires_max_content_len 2048 5537 run_test "Renegotiation with max fragment length: client 2048, server 512" \ 5538 "$P_SRV force_version=tls12 debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1 max_frag_len=512" \ 5539 "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 max_frag_len=2048 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ 5540 0 \ 5541 -c "Maximum incoming record payload length is 2048" \ 5542 -c "Maximum outgoing record payload length is 2048" \ 5543 -s "Maximum incoming record payload length is 2048" \ 5544 -s "Maximum outgoing record payload length is 512" \ 5545 -c "client hello, adding max_fragment_length extension" \ 5546 -s "found max fragment length extension" \ 5547 -s "server hello, max_fragment_length extension" \ 5548 -c "found max_fragment_length extension" \ 5549 -c "client hello, adding renegotiation extension" \ 5550 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 5551 -s "found renegotiation extension" \ 5552 -s "server hello, secure renegotiation extension" \ 5553 -c "found renegotiation extension" \ 5554 -c "=> renegotiate" \ 5555 -s "=> renegotiate" \ 5556 -s "write hello request" 5557 5558 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5559 run_test "Renegotiation: client-initiated, server-rejected" \ 5560 "$P_SRV debug_level=3 exchanges=2 renegotiation=0 auth_mode=optional" \ 5561 "$P_CLI force_version=tls12 debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \ 5562 1 \ 5563 -c "client hello, adding renegotiation extension" \ 5564 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 5565 -S "found renegotiation extension" \ 5566 -s "server hello, secure renegotiation extension" \ 5567 -c "found renegotiation extension" \ 5568 -c "=> renegotiate" \ 5569 -S "=> renegotiate" \ 5570 -S "write hello request" \ 5571 -c "SSL - Unexpected message at ServerHello in renegotiation" \ 5572 -c "failed" 5573 5574 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5575 run_test "Renegotiation: server-initiated, client-rejected, default" \ 5576 "$P_SRV force_version=tls12 debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 auth_mode=optional" \ 5577 "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \ 5578 0 \ 5579 -C "client hello, adding renegotiation extension" \ 5580 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 5581 -S "found renegotiation extension" \ 5582 -s "server hello, secure renegotiation extension" \ 5583 -c "found renegotiation extension" \ 5584 -C "=> renegotiate" \ 5585 -S "=> renegotiate" \ 5586 -s "write hello request" \ 5587 -S "SSL - An unexpected message was received from our peer" \ 5588 -S "failed" 5589 5590 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5591 run_test "Renegotiation: server-initiated, client-rejected, not enforced" \ 5592 "$P_SRV force_version=tls12 debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \ 5593 renego_delay=-1 auth_mode=optional" \ 5594 "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \ 5595 0 \ 5596 -C "client hello, adding renegotiation extension" \ 5597 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 5598 -S "found renegotiation extension" \ 5599 -s "server hello, secure renegotiation extension" \ 5600 -c "found renegotiation extension" \ 5601 -C "=> renegotiate" \ 5602 -S "=> renegotiate" \ 5603 -s "write hello request" \ 5604 -S "SSL - An unexpected message was received from our peer" \ 5605 -S "failed" 5606 5607 # delay 2 for 1 alert record + 1 application data record 5608 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5609 run_test "Renegotiation: server-initiated, client-rejected, delay 2" \ 5610 "$P_SRV force_version=tls12 debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \ 5611 renego_delay=2 auth_mode=optional" \ 5612 "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \ 5613 0 \ 5614 -C "client hello, adding renegotiation extension" \ 5615 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 5616 -S "found renegotiation extension" \ 5617 -s "server hello, secure renegotiation extension" \ 5618 -c "found renegotiation extension" \ 5619 -C "=> renegotiate" \ 5620 -S "=> renegotiate" \ 5621 -s "write hello request" \ 5622 -S "SSL - An unexpected message was received from our peer" \ 5623 -S "failed" 5624 5625 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5626 run_test "Renegotiation: server-initiated, client-rejected, delay 0" \ 5627 "$P_SRV force_version=tls12 debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \ 5628 renego_delay=0 auth_mode=optional" \ 5629 "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \ 5630 0 \ 5631 -C "client hello, adding renegotiation extension" \ 5632 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 5633 -S "found renegotiation extension" \ 5634 -s "server hello, secure renegotiation extension" \ 5635 -c "found renegotiation extension" \ 5636 -C "=> renegotiate" \ 5637 -S "=> renegotiate" \ 5638 -s "write hello request" \ 5639 -s "SSL - An unexpected message was received from our peer" 5640 5641 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5642 run_test "Renegotiation: server-initiated, client-accepted, delay 0" \ 5643 "$P_SRV force_version=tls12 debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \ 5644 renego_delay=0 auth_mode=optional" \ 5645 "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \ 5646 0 \ 5647 -c "client hello, adding renegotiation extension" \ 5648 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 5649 -s "found renegotiation extension" \ 5650 -s "server hello, secure renegotiation extension" \ 5651 -c "found renegotiation extension" \ 5652 -c "=> renegotiate" \ 5653 -s "=> renegotiate" \ 5654 -s "write hello request" \ 5655 -S "SSL - An unexpected message was received from our peer" \ 5656 -S "failed" 5657 5658 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5659 run_test "Renegotiation: periodic, just below period" \ 5660 "$P_SRV debug_level=3 exchanges=9 renegotiation=1 renego_period=3 auth_mode=optional" \ 5661 "$P_CLI force_version=tls12 debug_level=3 exchanges=2 renegotiation=1" \ 5662 0 \ 5663 -C "client hello, adding renegotiation extension" \ 5664 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 5665 -S "found renegotiation extension" \ 5666 -s "server hello, secure renegotiation extension" \ 5667 -c "found renegotiation extension" \ 5668 -S "record counter limit reached: renegotiate" \ 5669 -C "=> renegotiate" \ 5670 -S "=> renegotiate" \ 5671 -S "write hello request" \ 5672 -S "SSL - An unexpected message was received from our peer" \ 5673 -S "failed" 5674 5675 # one extra exchange to be able to complete renego 5676 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5677 run_test "Renegotiation: periodic, just above period" \ 5678 "$P_SRV force_version=tls12 debug_level=3 exchanges=9 renegotiation=1 renego_period=3 auth_mode=optional" \ 5679 "$P_CLI debug_level=3 exchanges=4 renegotiation=1" \ 5680 0 \ 5681 -c "client hello, adding renegotiation extension" \ 5682 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 5683 -s "found renegotiation extension" \ 5684 -s "server hello, secure renegotiation extension" \ 5685 -c "found renegotiation extension" \ 5686 -s "record counter limit reached: renegotiate" \ 5687 -c "=> renegotiate" \ 5688 -s "=> renegotiate" \ 5689 -s "write hello request" \ 5690 -S "SSL - An unexpected message was received from our peer" \ 5691 -S "failed" 5692 5693 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5694 run_test "Renegotiation: periodic, two times period" \ 5695 "$P_SRV debug_level=3 exchanges=9 renegotiation=1 renego_period=3 auth_mode=optional" \ 5696 "$P_CLI force_version=tls12 debug_level=3 exchanges=7 renegotiation=1" \ 5697 0 \ 5698 -c "client hello, adding renegotiation extension" \ 5699 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 5700 -s "found renegotiation extension" \ 5701 -s "server hello, secure renegotiation extension" \ 5702 -c "found renegotiation extension" \ 5703 -s "record counter limit reached: renegotiate" \ 5704 -c "=> renegotiate" \ 5705 -s "=> renegotiate" \ 5706 -s "write hello request" \ 5707 -S "SSL - An unexpected message was received from our peer" \ 5708 -S "failed" 5709 5710 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5711 run_test "Renegotiation: periodic, above period, disabled" \ 5712 "$P_SRV force_version=tls12 debug_level=3 exchanges=9 renegotiation=0 renego_period=3 auth_mode=optional" \ 5713 "$P_CLI debug_level=3 exchanges=4 renegotiation=1" \ 5714 0 \ 5715 -C "client hello, adding renegotiation extension" \ 5716 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 5717 -S "found renegotiation extension" \ 5718 -s "server hello, secure renegotiation extension" \ 5719 -c "found renegotiation extension" \ 5720 -S "record counter limit reached: renegotiate" \ 5721 -C "=> renegotiate" \ 5722 -S "=> renegotiate" \ 5723 -S "write hello request" \ 5724 -S "SSL - An unexpected message was received from our peer" \ 5725 -S "failed" 5726 5727 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5728 run_test "Renegotiation: nbio, client-initiated" \ 5729 "$P_SRV debug_level=3 nbio=2 exchanges=2 renegotiation=1 auth_mode=optional" \ 5730 "$P_CLI force_version=tls12 debug_level=3 nbio=2 exchanges=2 renegotiation=1 renegotiate=1" \ 5731 0 \ 5732 -c "client hello, adding renegotiation extension" \ 5733 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 5734 -s "found renegotiation extension" \ 5735 -s "server hello, secure renegotiation extension" \ 5736 -c "found renegotiation extension" \ 5737 -c "=> renegotiate" \ 5738 -s "=> renegotiate" \ 5739 -S "write hello request" 5740 5741 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5742 run_test "Renegotiation: nbio, server-initiated" \ 5743 "$P_SRV force_version=tls12 debug_level=3 nbio=2 exchanges=2 renegotiation=1 renegotiate=1 auth_mode=optional" \ 5744 "$P_CLI debug_level=3 nbio=2 exchanges=2 renegotiation=1" \ 5745 0 \ 5746 -c "client hello, adding renegotiation extension" \ 5747 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 5748 -s "found renegotiation extension" \ 5749 -s "server hello, secure renegotiation extension" \ 5750 -c "found renegotiation extension" \ 5751 -c "=> renegotiate" \ 5752 -s "=> renegotiate" \ 5753 -s "write hello request" 5754 5755 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5756 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 5757 run_test "Renegotiation: openssl server, client-initiated" \ 5758 "$O_SRV -www $OPENSSL_S_SERVER_CLIENT_RENEGOTIATION -tls1_2" \ 5759 "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \ 5760 0 \ 5761 -c "client hello, adding renegotiation extension" \ 5762 -c "found renegotiation extension" \ 5763 -c "=> renegotiate" \ 5764 -C "ssl_handshake() returned" \ 5765 -C "error" \ 5766 -c "HTTP/1.0 200 [Oo][Kk]" 5767 5768 requires_gnutls 5769 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5770 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 5771 run_test "Renegotiation: gnutls server strict, client-initiated" \ 5772 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%SAFE_RENEGOTIATION" \ 5773 "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \ 5774 0 \ 5775 -c "client hello, adding renegotiation extension" \ 5776 -c "found renegotiation extension" \ 5777 -c "=> renegotiate" \ 5778 -C "ssl_handshake() returned" \ 5779 -C "error" \ 5780 -c "HTTP/1.0 200 [Oo][Kk]" 5781 5782 requires_gnutls 5783 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5784 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 5785 run_test "Renegotiation: gnutls server unsafe, client-initiated default" \ 5786 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \ 5787 "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \ 5788 1 \ 5789 -c "client hello, adding renegotiation extension" \ 5790 -C "found renegotiation extension" \ 5791 -c "=> renegotiate" \ 5792 -c "mbedtls_ssl_handshake() returned" \ 5793 -c "error" \ 5794 -C "HTTP/1.0 200 [Oo][Kk]" 5795 5796 requires_gnutls 5797 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5798 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 5799 run_test "Renegotiation: gnutls server unsafe, client-inititated no legacy" \ 5800 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \ 5801 "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1 \ 5802 allow_legacy=0" \ 5803 1 \ 5804 -c "client hello, adding renegotiation extension" \ 5805 -C "found renegotiation extension" \ 5806 -c "=> renegotiate" \ 5807 -c "mbedtls_ssl_handshake() returned" \ 5808 -c "error" \ 5809 -C "HTTP/1.0 200 [Oo][Kk]" 5810 5811 requires_gnutls 5812 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5813 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 5814 run_test "Renegotiation: gnutls server unsafe, client-inititated legacy" \ 5815 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \ 5816 "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1 \ 5817 allow_legacy=1" \ 5818 0 \ 5819 -c "client hello, adding renegotiation extension" \ 5820 -C "found renegotiation extension" \ 5821 -c "=> renegotiate" \ 5822 -C "ssl_handshake() returned" \ 5823 -C "error" \ 5824 -c "HTTP/1.0 200 [Oo][Kk]" 5825 5826 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5827 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 5828 run_test "Renegotiation: DTLS, client-initiated" \ 5829 "$P_SRV debug_level=3 dtls=1 exchanges=2 renegotiation=1" \ 5830 "$P_CLI debug_level=3 dtls=1 exchanges=2 renegotiation=1 renegotiate=1" \ 5831 0 \ 5832 -c "client hello, adding renegotiation extension" \ 5833 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 5834 -s "found renegotiation extension" \ 5835 -s "server hello, secure renegotiation extension" \ 5836 -c "found renegotiation extension" \ 5837 -c "=> renegotiate" \ 5838 -s "=> renegotiate" \ 5839 -S "write hello request" 5840 5841 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5842 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 5843 run_test "Renegotiation: DTLS, server-initiated" \ 5844 "$P_SRV debug_level=3 dtls=1 exchanges=2 renegotiation=1 renegotiate=1" \ 5845 "$P_CLI debug_level=3 dtls=1 exchanges=2 renegotiation=1 \ 5846 read_timeout=1000 max_resend=2" \ 5847 0 \ 5848 -c "client hello, adding renegotiation extension" \ 5849 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 5850 -s "found renegotiation extension" \ 5851 -s "server hello, secure renegotiation extension" \ 5852 -c "found renegotiation extension" \ 5853 -c "=> renegotiate" \ 5854 -s "=> renegotiate" \ 5855 -s "write hello request" 5856 5857 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5858 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 5859 run_test "Renegotiation: DTLS, renego_period overflow" \ 5860 "$P_SRV debug_level=3 dtls=1 exchanges=4 renegotiation=1 renego_period=18446462598732840962 auth_mode=optional" \ 5861 "$P_CLI debug_level=3 dtls=1 exchanges=4 renegotiation=1" \ 5862 0 \ 5863 -c "client hello, adding renegotiation extension" \ 5864 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 5865 -s "found renegotiation extension" \ 5866 -s "server hello, secure renegotiation extension" \ 5867 -s "record counter limit reached: renegotiate" \ 5868 -c "=> renegotiate" \ 5869 -s "=> renegotiate" \ 5870 -s "write hello request" 5871 5872 requires_gnutls 5873 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5874 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 5875 run_test "Renegotiation: DTLS, gnutls server, client-initiated" \ 5876 "$G_NEXT_SRV -u --mtu 4096" \ 5877 "$P_CLI debug_level=3 dtls=1 exchanges=1 renegotiation=1 renegotiate=1" \ 5878 0 \ 5879 -c "client hello, adding renegotiation extension" \ 5880 -c "found renegotiation extension" \ 5881 -c "=> renegotiate" \ 5882 -C "mbedtls_ssl_handshake returned" \ 5883 -C "error" \ 5884 -s "Extra-header:" 5885 5886 # Test for the "secure renegotiation" extension only (no actual renegotiation) 5887 5888 requires_gnutls 5889 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5890 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 5891 run_test "Renego ext: gnutls server strict, client default" \ 5892 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%SAFE_RENEGOTIATION" \ 5893 "$P_CLI debug_level=3" \ 5894 0 \ 5895 -c "found renegotiation extension" \ 5896 -C "error" \ 5897 -c "HTTP/1.0 200 [Oo][Kk]" 5898 5899 requires_gnutls 5900 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5901 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 5902 run_test "Renego ext: gnutls server unsafe, client default" \ 5903 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \ 5904 "$P_CLI debug_level=3" \ 5905 0 \ 5906 -C "found renegotiation extension" \ 5907 -C "error" \ 5908 -c "HTTP/1.0 200 [Oo][Kk]" 5909 5910 requires_gnutls 5911 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5912 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 5913 run_test "Renego ext: gnutls server unsafe, client break legacy" \ 5914 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \ 5915 "$P_CLI debug_level=3 allow_legacy=-1" \ 5916 1 \ 5917 -C "found renegotiation extension" \ 5918 -c "error" \ 5919 -C "HTTP/1.0 200 [Oo][Kk]" 5920 5921 requires_gnutls 5922 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5923 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 5924 run_test "Renego ext: gnutls client strict, server default" \ 5925 "$P_SRV debug_level=3" \ 5926 "$G_CLI --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%SAFE_RENEGOTIATION localhost" \ 5927 0 \ 5928 -s "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \ 5929 -s "server hello, secure renegotiation extension" 5930 5931 requires_gnutls 5932 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5933 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 5934 run_test "Renego ext: gnutls client unsafe, server default" \ 5935 "$P_SRV debug_level=3" \ 5936 "$G_CLI --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION localhost" \ 5937 0 \ 5938 -S "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \ 5939 -S "server hello, secure renegotiation extension" 5940 5941 requires_gnutls 5942 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 5943 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 5944 run_test "Renego ext: gnutls client unsafe, server break legacy" \ 5945 "$P_SRV debug_level=3 allow_legacy=-1" \ 5946 "$G_CLI --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION localhost" \ 5947 1 \ 5948 -S "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \ 5949 -S "server hello, secure renegotiation extension" 5950 5951 # Tests for silently dropping trailing extra bytes in .der certificates 5952 5953 requires_gnutls 5954 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 5955 run_test "DER format: no trailing bytes" \ 5956 "$P_SRV crt_file=$DATA_FILES_PATH/server5-der0.crt \ 5957 key_file=$DATA_FILES_PATH/server5.key" \ 5958 "$G_CLI localhost" \ 5959 0 \ 5960 -c "Handshake was completed" \ 5961 5962 requires_gnutls 5963 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 5964 run_test "DER format: with a trailing zero byte" \ 5965 "$P_SRV crt_file=$DATA_FILES_PATH/server5-der1a.crt \ 5966 key_file=$DATA_FILES_PATH/server5.key" \ 5967 "$G_CLI localhost" \ 5968 0 \ 5969 -c "Handshake was completed" \ 5970 5971 requires_gnutls 5972 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 5973 run_test "DER format: with a trailing random byte" \ 5974 "$P_SRV crt_file=$DATA_FILES_PATH/server5-der1b.crt \ 5975 key_file=$DATA_FILES_PATH/server5.key" \ 5976 "$G_CLI localhost" \ 5977 0 \ 5978 -c "Handshake was completed" \ 5979 5980 requires_gnutls 5981 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 5982 run_test "DER format: with 2 trailing random bytes" \ 5983 "$P_SRV crt_file=$DATA_FILES_PATH/server5-der2.crt \ 5984 key_file=$DATA_FILES_PATH/server5.key" \ 5985 "$G_CLI localhost" \ 5986 0 \ 5987 -c "Handshake was completed" \ 5988 5989 requires_gnutls 5990 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 5991 run_test "DER format: with 4 trailing random bytes" \ 5992 "$P_SRV crt_file=$DATA_FILES_PATH/server5-der4.crt \ 5993 key_file=$DATA_FILES_PATH/server5.key" \ 5994 "$G_CLI localhost" \ 5995 0 \ 5996 -c "Handshake was completed" \ 5997 5998 requires_gnutls 5999 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 6000 run_test "DER format: with 8 trailing random bytes" \ 6001 "$P_SRV crt_file=$DATA_FILES_PATH/server5-der8.crt \ 6002 key_file=$DATA_FILES_PATH/server5.key" \ 6003 "$G_CLI localhost" \ 6004 0 \ 6005 -c "Handshake was completed" \ 6006 6007 requires_gnutls 6008 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 6009 run_test "DER format: with 9 trailing random bytes" \ 6010 "$P_SRV crt_file=$DATA_FILES_PATH/server5-der9.crt \ 6011 key_file=$DATA_FILES_PATH/server5.key" \ 6012 "$G_CLI localhost" \ 6013 0 \ 6014 -c "Handshake was completed" \ 6015 6016 # Tests for auth_mode, there are duplicated tests using ca callback for authentication 6017 # When updating these tests, modify the matching authentication tests accordingly 6018 6019 # The next 4 cases test the 3 auth modes with a badly signed server cert. 6020 run_test "Authentication: server badcert, client required" \ 6021 "$P_SRV crt_file=$DATA_FILES_PATH/server5-badsign.crt \ 6022 key_file=$DATA_FILES_PATH/server5.key" \ 6023 "$P_CLI debug_level=3 auth_mode=required" \ 6024 1 \ 6025 -c "x509_verify_cert() returned" \ 6026 -c "! The certificate is not correctly signed by the trusted CA" \ 6027 -c "! mbedtls_ssl_handshake returned" \ 6028 -c "send alert level=2 message=48" \ 6029 -c "X509 - Certificate verification failed" 6030 # MBEDTLS_X509_BADCERT_NOT_TRUSTED -> MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA 6031 # We don't check that the server receives the alert because it might 6032 # detect that its write end of the connection is closed and abort 6033 # before reading the alert message. 6034 6035 run_test "Authentication: server badcert, client required (1.2)" \ 6036 "$P_SRV crt_file=$DATA_FILES_PATH/server5-badsign.crt \ 6037 key_file=$DATA_FILES_PATH/server5.key" \ 6038 "$P_CLI force_version=tls12 debug_level=3 auth_mode=required" \ 6039 1 \ 6040 -c "x509_verify_cert() returned" \ 6041 -c "! The certificate is not correctly signed by the trusted CA" \ 6042 -c "! mbedtls_ssl_handshake returned" \ 6043 -c "send alert level=2 message=48" \ 6044 -c "X509 - Certificate verification failed" 6045 # MBEDTLS_X509_BADCERT_NOT_TRUSTED -> MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA 6046 6047 run_test "Authentication: server badcert, client optional" \ 6048 "$P_SRV crt_file=$DATA_FILES_PATH/server5-badsign.crt \ 6049 key_file=$DATA_FILES_PATH/server5.key" \ 6050 "$P_CLI force_version=tls13 debug_level=3 auth_mode=optional" \ 6051 0 \ 6052 -c "x509_verify_cert() returned" \ 6053 -c "! The certificate is not correctly signed by the trusted CA" \ 6054 -C "! mbedtls_ssl_handshake returned" \ 6055 -C "send alert level=2 message=48" \ 6056 -C "X509 - Certificate verification failed" 6057 6058 run_test "Authentication: server badcert, client optional (1.2)" \ 6059 "$P_SRV crt_file=$DATA_FILES_PATH/server5-badsign.crt \ 6060 key_file=$DATA_FILES_PATH/server5.key" \ 6061 "$P_CLI force_version=tls12 debug_level=3 auth_mode=optional" \ 6062 0 \ 6063 -c "x509_verify_cert() returned" \ 6064 -c "! The certificate is not correctly signed by the trusted CA" \ 6065 -C "! mbedtls_ssl_handshake returned" \ 6066 -C "send alert level=2 message=48" \ 6067 -C "X509 - Certificate verification failed" 6068 6069 run_test "Authentication: server badcert, client none" \ 6070 "$P_SRV crt_file=$DATA_FILES_PATH/server5-badsign.crt \ 6071 key_file=$DATA_FILES_PATH/server5.key" \ 6072 "$P_CLI debug_level=3 auth_mode=none" \ 6073 0 \ 6074 -C "x509_verify_cert() returned" \ 6075 -C "! The certificate is not correctly signed by the trusted CA" \ 6076 -C "! mbedtls_ssl_handshake returned" \ 6077 -C "send alert level=2 message=48" \ 6078 -C "X509 - Certificate verification failed" 6079 6080 run_test "Authentication: server badcert, client none (1.2)" \ 6081 "$P_SRV crt_file=$DATA_FILES_PATH/server5-badsign.crt \ 6082 key_file=$DATA_FILES_PATH/server5.key" \ 6083 "$P_CLI force_version=tls12 debug_level=3 auth_mode=none" \ 6084 0 \ 6085 -C "x509_verify_cert() returned" \ 6086 -C "! The certificate is not correctly signed by the trusted CA" \ 6087 -C "! mbedtls_ssl_handshake returned" \ 6088 -C "send alert level=2 message=48" \ 6089 -C "X509 - Certificate verification failed" 6090 6091 run_test "Authentication: server goodcert, client required, no trusted CA" \ 6092 "$P_SRV" \ 6093 "$P_CLI debug_level=3 auth_mode=required ca_file=none ca_path=none" \ 6094 1 \ 6095 -c "x509_verify_cert() returned" \ 6096 -c "! The certificate is not correctly signed by the trusted CA" \ 6097 -c "! Certificate verification flags"\ 6098 -c "! mbedtls_ssl_handshake returned" \ 6099 -c "SSL - No CA Chain is set, but required to operate" 6100 6101 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 6102 run_test "Authentication: server goodcert, client required, no trusted CA (1.2)" \ 6103 "$P_SRV force_version=tls12" \ 6104 "$P_CLI debug_level=3 auth_mode=required ca_file=none ca_path=none" \ 6105 1 \ 6106 -c "x509_verify_cert() returned" \ 6107 -c "! The certificate is not correctly signed by the trusted CA" \ 6108 -c "! Certificate verification flags"\ 6109 -c "! mbedtls_ssl_handshake returned" \ 6110 -c "SSL - No CA Chain is set, but required to operate" 6111 6112 run_test "Authentication: server goodcert, client optional, no trusted CA" \ 6113 "$P_SRV" \ 6114 "$P_CLI debug_level=3 auth_mode=optional ca_file=none ca_path=none" \ 6115 0 \ 6116 -c "x509_verify_cert() returned" \ 6117 -c "! The certificate is not correctly signed by the trusted CA" \ 6118 -c "! Certificate verification flags"\ 6119 -C "! mbedtls_ssl_handshake returned" \ 6120 -C "X509 - Certificate verification failed" \ 6121 -C "SSL - No CA Chain is set, but required to operate" 6122 6123 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 6124 run_test "Authentication: server goodcert, client optional, no trusted CA (1.2)" \ 6125 "$P_SRV" \ 6126 "$P_CLI force_version=tls12 debug_level=3 auth_mode=optional ca_file=none ca_path=none" \ 6127 0 \ 6128 -c "x509_verify_cert() returned" \ 6129 -c "! The certificate is not correctly signed by the trusted CA" \ 6130 -c "! Certificate verification flags"\ 6131 -C "! mbedtls_ssl_handshake returned" \ 6132 -C "X509 - Certificate verification failed" \ 6133 -C "SSL - No CA Chain is set, but required to operate" 6134 6135 run_test "Authentication: server goodcert, client none, no trusted CA" \ 6136 "$P_SRV" \ 6137 "$P_CLI debug_level=3 auth_mode=none ca_file=none ca_path=none" \ 6138 0 \ 6139 -C "x509_verify_cert() returned" \ 6140 -C "! The certificate is not correctly signed by the trusted CA" \ 6141 -C "! Certificate verification flags"\ 6142 -C "! mbedtls_ssl_handshake returned" \ 6143 -C "X509 - Certificate verification failed" \ 6144 -C "SSL - No CA Chain is set, but required to operate" 6145 6146 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 6147 run_test "Authentication: server goodcert, client none, no trusted CA (1.2)" \ 6148 "$P_SRV" \ 6149 "$P_CLI force_version=tls12 debug_level=3 auth_mode=none ca_file=none ca_path=none" \ 6150 0 \ 6151 -C "x509_verify_cert() returned" \ 6152 -C "! The certificate is not correctly signed by the trusted CA" \ 6153 -C "! Certificate verification flags"\ 6154 -C "! mbedtls_ssl_handshake returned" \ 6155 -C "X509 - Certificate verification failed" \ 6156 -C "SSL - No CA Chain is set, but required to operate" 6157 6158 # The next few tests check what happens if the server has a valid certificate 6159 # that does not match its name (impersonation). 6160 6161 run_test "Authentication: hostname match, client required" \ 6162 "$P_SRV" \ 6163 "$P_CLI auth_mode=required server_name=localhost debug_level=2" \ 6164 0 \ 6165 -C "does not match with the expected CN" \ 6166 -C "Certificate verification without having set hostname" \ 6167 -C "Certificate verification without CN verification" \ 6168 -C "x509_verify_cert() returned -" \ 6169 -C "! mbedtls_ssl_handshake returned" \ 6170 -C "X509 - Certificate verification failed" 6171 6172 run_test "Authentication: hostname match, client required, CA callback" \ 6173 "$P_SRV" \ 6174 "$P_CLI auth_mode=required server_name=localhost debug_level=3 ca_callback=1" \ 6175 0 \ 6176 -C "does not match with the expected CN" \ 6177 -C "Certificate verification without having set hostname" \ 6178 -C "Certificate verification without CN verification" \ 6179 -c "use CA callback for X.509 CRT verification" \ 6180 -C "x509_verify_cert() returned -" \ 6181 -C "! mbedtls_ssl_handshake returned" \ 6182 -C "X509 - Certificate verification failed" 6183 6184 run_test "Authentication: hostname mismatch (wrong), client required" \ 6185 "$P_SRV" \ 6186 "$P_CLI auth_mode=required server_name=wrong-name debug_level=1" \ 6187 1 \ 6188 -c "does not match with the expected CN" \ 6189 -c "x509_verify_cert() returned -" \ 6190 -c "! mbedtls_ssl_handshake returned" \ 6191 -c "X509 - Certificate verification failed" 6192 6193 run_test "Authentication: hostname mismatch (empty), client required" \ 6194 "$P_SRV" \ 6195 "$P_CLI auth_mode=required server_name= debug_level=1" \ 6196 1 \ 6197 -c "does not match with the expected CN" \ 6198 -c "x509_verify_cert() returned -" \ 6199 -c "! mbedtls_ssl_handshake returned" \ 6200 -c "X509 - Certificate verification failed" 6201 6202 run_test "Authentication: hostname mismatch (truncated), client required" \ 6203 "$P_SRV" \ 6204 "$P_CLI auth_mode=required server_name=localhos debug_level=1" \ 6205 1 \ 6206 -c "does not match with the expected CN" \ 6207 -c "x509_verify_cert() returned -" \ 6208 -c "! mbedtls_ssl_handshake returned" \ 6209 -c "X509 - Certificate verification failed" 6210 6211 run_test "Authentication: hostname mismatch (last char), client required" \ 6212 "$P_SRV" \ 6213 "$P_CLI auth_mode=required server_name=localhoss debug_level=1" \ 6214 1 \ 6215 -c "does not match with the expected CN" \ 6216 -c "x509_verify_cert() returned -" \ 6217 -c "! mbedtls_ssl_handshake returned" \ 6218 -c "X509 - Certificate verification failed" 6219 6220 run_test "Authentication: hostname mismatch (trailing), client required" \ 6221 "$P_SRV" \ 6222 "$P_CLI auth_mode=required server_name=localhostt debug_level=1" \ 6223 1 \ 6224 -c "does not match with the expected CN" \ 6225 -c "x509_verify_cert() returned -" \ 6226 -c "! mbedtls_ssl_handshake returned" \ 6227 -c "X509 - Certificate verification failed" 6228 6229 run_test "Authentication: hostname mismatch, client optional" \ 6230 "$P_SRV" \ 6231 "$P_CLI auth_mode=optional server_name=wrong-name debug_level=2" \ 6232 0 \ 6233 -c "does not match with the expected CN" \ 6234 -c "x509_verify_cert() returned -" \ 6235 -C "X509 - Certificate verification failed" 6236 6237 run_test "Authentication: hostname mismatch, client none" \ 6238 "$P_SRV" \ 6239 "$P_CLI auth_mode=none server_name=wrong-name debug_level=2" \ 6240 0 \ 6241 -C "does not match with the expected CN" \ 6242 -C "Certificate verification without having set hostname" \ 6243 -C "Certificate verification without CN verification" \ 6244 -C "x509_verify_cert() returned -" \ 6245 -C "X509 - Certificate verification failed" 6246 6247 run_test "Authentication: hostname null, client required" \ 6248 "$P_SRV" \ 6249 "$P_CLI auth_mode=required set_hostname=NULL debug_level=2" \ 6250 0 \ 6251 -C "does not match with the expected CN" \ 6252 -C "Certificate verification without having set hostname" \ 6253 -c "Certificate verification without CN verification" \ 6254 -C "x509_verify_cert() returned -" \ 6255 -C "! mbedtls_ssl_handshake returned" \ 6256 -C "X509 - Certificate verification failed" 6257 6258 run_test "Authentication: hostname null, client optional" \ 6259 "$P_SRV" \ 6260 "$P_CLI auth_mode=optional set_hostname=NULL debug_level=2" \ 6261 0 \ 6262 -C "does not match with the expected CN" \ 6263 -C "Certificate verification without having set hostname" \ 6264 -c "Certificate verification without CN verification" \ 6265 -C "x509_verify_cert() returned -" \ 6266 -C "X509 - Certificate verification failed" 6267 6268 run_test "Authentication: hostname null, client none" \ 6269 "$P_SRV" \ 6270 "$P_CLI auth_mode=none set_hostname=NULL debug_level=2" \ 6271 0 \ 6272 -C "does not match with the expected CN" \ 6273 -C "Certificate verification without having set hostname" \ 6274 -C "Certificate verification without CN verification" \ 6275 -C "x509_verify_cert() returned -" \ 6276 -C "X509 - Certificate verification failed" 6277 6278 requires_config_disabled MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME 6279 run_test "Authentication: hostname unset, client required, secure config" \ 6280 "$P_SRV" \ 6281 "$P_CLI auth_mode=required set_hostname=no debug_level=2" \ 6282 1 \ 6283 -C "does not match with the expected CN" \ 6284 -c "Certificate verification without having set hostname" \ 6285 -C "Certificate verification without CN verification" \ 6286 -c "get_hostname_for_verification() returned -" \ 6287 -C "x509_verify_cert() returned -" \ 6288 -c "! mbedtls_ssl_handshake returned" \ 6289 -C "X509 - Certificate verification failed" 6290 6291 requires_config_enabled MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME 6292 run_test "Authentication: hostname unset, client required, historical config" \ 6293 "$P_SRV" \ 6294 "$P_CLI auth_mode=required set_hostname=no debug_level=2" \ 6295 0 \ 6296 -C "does not match with the expected CN" \ 6297 -c "Certificate verification without having set hostname" \ 6298 -c "Certificate verification without CN verification" \ 6299 -C "get_hostname_for_verification() returned -" \ 6300 -C "x509_verify_cert() returned -" \ 6301 -C "! mbedtls_ssl_handshake returned" \ 6302 -C "X509 - Certificate verification failed" 6303 6304 requires_config_disabled MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME 6305 run_test "Authentication: hostname unset, client required, secure config, CA callback" \ 6306 "$P_SRV" \ 6307 "$P_CLI auth_mode=required set_hostname=no debug_level=3 ca_callback=1" \ 6308 1 \ 6309 -C "does not match with the expected CN" \ 6310 -c "Certificate verification without having set hostname" \ 6311 -C "Certificate verification without CN verification" \ 6312 -c "get_hostname_for_verification() returned -" \ 6313 -C "use CA callback for X.509 CRT verification" \ 6314 -C "x509_verify_cert() returned -" \ 6315 -c "! mbedtls_ssl_handshake returned" \ 6316 -C "X509 - Certificate verification failed" 6317 6318 requires_config_enabled MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME 6319 run_test "Authentication: hostname unset, client required, historical config, CA callback" \ 6320 "$P_SRV" \ 6321 "$P_CLI auth_mode=required set_hostname=no debug_level=3 ca_callback=1" \ 6322 0 \ 6323 -C "does not match with the expected CN" \ 6324 -c "Certificate verification without having set hostname" \ 6325 -c "Certificate verification without CN verification" \ 6326 -C "get_hostname_for_verification() returned -" \ 6327 -c "use CA callback for X.509 CRT verification" \ 6328 -C "x509_verify_cert() returned -" \ 6329 -C "! mbedtls_ssl_handshake returned" \ 6330 -C "X509 - Certificate verification failed" 6331 6332 run_test "Authentication: hostname unset, client optional" \ 6333 "$P_SRV" \ 6334 "$P_CLI auth_mode=optional set_hostname=no debug_level=2" \ 6335 0 \ 6336 -C "does not match with the expected CN" \ 6337 -c "Certificate verification without having set hostname" \ 6338 -c "Certificate verification without CN verification" \ 6339 -C "x509_verify_cert() returned -" \ 6340 -C "X509 - Certificate verification failed" 6341 6342 run_test "Authentication: hostname unset, client none" \ 6343 "$P_SRV" \ 6344 "$P_CLI auth_mode=none set_hostname=no debug_level=2" \ 6345 0 \ 6346 -C "does not match with the expected CN" \ 6347 -C "Certificate verification without having set hostname" \ 6348 -C "Certificate verification without CN verification" \ 6349 -C "x509_verify_cert() returned -" \ 6350 -C "X509 - Certificate verification failed" 6351 6352 requires_config_disabled MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME 6353 run_test "Authentication: hostname unset, client default, secure config, server picks cert, 1.2" \ 6354 "$P_SRV force_version=tls12 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ 6355 "$P_CLI psk=73776f726466697368 psk_identity=foo set_hostname=no debug_level=2" \ 6356 1 \ 6357 -C "does not match with the expected CN" \ 6358 -c "Certificate verification without having set hostname" \ 6359 -C "Certificate verification without CN verification" \ 6360 -c "get_hostname_for_verification() returned -" \ 6361 -C "x509_verify_cert() returned -" \ 6362 -C "X509 - Certificate verification failed" 6363 6364 requires_config_disabled MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME 6365 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 6366 run_test "Authentication: hostname unset, client default, secure config, server picks cert, 1.3" \ 6367 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral" \ 6368 "$P_CLI psk=73776f726466697368 psk_identity=foo set_hostname=no debug_level=2" \ 6369 1 \ 6370 -C "does not match with the expected CN" \ 6371 -c "Certificate verification without having set hostname" \ 6372 -C "Certificate verification without CN verification" \ 6373 -c "get_hostname_for_verification() returned -" \ 6374 -C "x509_verify_cert() returned -" \ 6375 -C "X509 - Certificate verification failed" 6376 6377 requires_config_enabled MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME 6378 run_test "Authentication: hostname unset, client default, historical config, server picks cert, 1.2" \ 6379 "$P_SRV force_version=tls12 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \ 6380 "$P_CLI psk=73776f726466697368 psk_identity=foo set_hostname=no debug_level=2" \ 6381 0 \ 6382 -C "does not match with the expected CN" \ 6383 -c "Certificate verification without having set hostname" \ 6384 -c "Certificate verification without CN verification" \ 6385 -C "get_hostname_for_verification() returned -" \ 6386 -C "x509_verify_cert() returned -" \ 6387 -C "X509 - Certificate verification failed" 6388 6389 requires_config_enabled MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME 6390 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 6391 run_test "Authentication: hostname unset, client default, historical config, server picks cert, 1.3" \ 6392 "$P_SRV force_version=tls13 tls13_kex_modes=ephemeral" \ 6393 "$P_CLI psk=73776f726466697368 psk_identity=foo set_hostname=no debug_level=2" \ 6394 0 \ 6395 -C "does not match with the expected CN" \ 6396 -c "Certificate verification without having set hostname" \ 6397 -c "Certificate verification without CN verification" \ 6398 -C "get_hostname_for_verification() returned -" \ 6399 -C "x509_verify_cert() returned -" \ 6400 -C "X509 - Certificate verification failed" 6401 6402 run_test "Authentication: hostname unset, client default, server picks PSK, 1.2" \ 6403 "$P_SRV force_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8 psk=73776f726466697368 psk_identity=foo" \ 6404 "$P_CLI psk=73776f726466697368 psk_identity=foo set_hostname=no debug_level=2" \ 6405 0 \ 6406 -C "does not match with the expected CN" \ 6407 -C "Certificate verification without having set hostname" \ 6408 -C "Certificate verification without CN verification" \ 6409 -C "x509_verify_cert() returned -" \ 6410 -C "X509 - Certificate verification failed" 6411 6412 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 6413 run_test "Authentication: hostname unset, client default, server picks PSK, 1.3" \ 6414 "$P_SRV force_version=tls13 tls13_kex_modes=psk psk=73776f726466697368 psk_identity=foo" \ 6415 "$P_CLI psk=73776f726466697368 psk_identity=foo set_hostname=no debug_level=2" \ 6416 0 \ 6417 -C "does not match with the expected CN" \ 6418 -C "Certificate verification without having set hostname" \ 6419 -C "Certificate verification without CN verification" \ 6420 -C "x509_verify_cert() returned -" \ 6421 -C "X509 - Certificate verification failed" 6422 6423 # The purpose of the next two tests is to test the client's behaviour when receiving a server 6424 # certificate with an unsupported elliptic curve. This should usually not happen because 6425 # the client informs the server about the supported curves - it does, though, in the 6426 # corner case of a static ECDH suite, because the server doesn't check the curve on that 6427 # occasion (to be fixed). If that bug's fixed, the test needs to be altered to use a 6428 # different means to have the server ignoring the client's supported curve list. 6429 6430 run_test "Authentication: server ECDH p256v1, client required, p256v1 unsupported" \ 6431 "$P_SRV debug_level=1 key_file=$DATA_FILES_PATH/server5.key \ 6432 crt_file=$DATA_FILES_PATH/server5.ku-ka.crt" \ 6433 "$P_CLI force_version=tls12 debug_level=3 auth_mode=required groups=secp521r1" \ 6434 1 \ 6435 -c "bad certificate (EC key curve)"\ 6436 -c "! Certificate verification flags"\ 6437 -C "bad server certificate (ECDH curve)" # Expect failure at earlier verification stage 6438 6439 run_test "Authentication: server ECDH p256v1, client optional, p256v1 unsupported" \ 6440 "$P_SRV debug_level=1 key_file=$DATA_FILES_PATH/server5.key \ 6441 crt_file=$DATA_FILES_PATH/server5.ku-ka.crt" \ 6442 "$P_CLI force_version=tls12 debug_level=3 auth_mode=optional groups=secp521r1" \ 6443 1 \ 6444 -c "bad certificate (EC key curve)"\ 6445 -c "! Certificate verification flags"\ 6446 -c "bad server certificate (ECDH curve)" # Expect failure only at ECDH params check 6447 6448 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 6449 run_test "Authentication: client SHA256, server required" \ 6450 "$P_SRV auth_mode=required" \ 6451 "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/server6.crt \ 6452 key_file=$DATA_FILES_PATH/server6.key \ 6453 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \ 6454 0 \ 6455 -c "Supported Signature Algorithm found: 04 " \ 6456 -c "Supported Signature Algorithm found: 05 " 6457 6458 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 6459 run_test "Authentication: client SHA384, server required" \ 6460 "$P_SRV auth_mode=required" \ 6461 "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/server6.crt \ 6462 key_file=$DATA_FILES_PATH/server6.key \ 6463 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \ 6464 0 \ 6465 -c "Supported Signature Algorithm found: 04 " \ 6466 -c "Supported Signature Algorithm found: 05 " 6467 6468 run_test "Authentication: client has no cert, server required (TLS)" \ 6469 "$P_SRV debug_level=3 auth_mode=required" \ 6470 "$P_CLI debug_level=3 crt_file=none \ 6471 key_file=$DATA_FILES_PATH/server5.key" \ 6472 1 \ 6473 -S "skip write certificate request" \ 6474 -C "skip parse certificate request" \ 6475 -c "got a certificate request" \ 6476 -c "= write certificate$" \ 6477 -C "skip write certificate$" \ 6478 -S "x509_verify_cert() returned" \ 6479 -s "peer has no certificate" \ 6480 -s "! mbedtls_ssl_handshake returned" \ 6481 -s "No client certification received from the client, but required by the authentication mode" 6482 6483 run_test "Authentication: client badcert, server required" \ 6484 "$P_SRV debug_level=3 auth_mode=required" \ 6485 "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/server5-badsign.crt \ 6486 key_file=$DATA_FILES_PATH/server5.key" \ 6487 1 \ 6488 -S "skip write certificate request" \ 6489 -C "skip parse certificate request" \ 6490 -c "got a certificate request" \ 6491 -C "skip write certificate" \ 6492 -C "skip write certificate verify" \ 6493 -S "skip parse certificate verify" \ 6494 -s "x509_verify_cert() returned" \ 6495 -s "! The certificate is not correctly signed by the trusted CA" \ 6496 -s "! mbedtls_ssl_handshake returned" \ 6497 -s "send alert level=2 message=48" \ 6498 -s "X509 - Certificate verification failed" 6499 # We don't check that the client receives the alert because it might 6500 # detect that its write end of the connection is closed and abort 6501 # before reading the alert message. 6502 6503 run_test "Authentication: client cert self-signed and trusted, server required" \ 6504 "$P_SRV debug_level=3 auth_mode=required ca_file=$DATA_FILES_PATH/server5-selfsigned.crt" \ 6505 "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/server5-selfsigned.crt \ 6506 key_file=$DATA_FILES_PATH/server5.key" \ 6507 0 \ 6508 -S "skip write certificate request" \ 6509 -C "skip parse certificate request" \ 6510 -c "got a certificate request" \ 6511 -C "skip write certificate" \ 6512 -C "skip write certificate verify" \ 6513 -S "skip parse certificate verify" \ 6514 -S "x509_verify_cert() returned" \ 6515 -S "! The certificate is not correctly signed" \ 6516 -S "X509 - Certificate verification failed" 6517 6518 run_test "Authentication: client cert not trusted, server required" \ 6519 "$P_SRV debug_level=3 auth_mode=required" \ 6520 "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/server5-selfsigned.crt \ 6521 key_file=$DATA_FILES_PATH/server5.key" \ 6522 1 \ 6523 -S "skip write certificate request" \ 6524 -C "skip parse certificate request" \ 6525 -c "got a certificate request" \ 6526 -C "skip write certificate" \ 6527 -C "skip write certificate verify" \ 6528 -S "skip parse certificate verify" \ 6529 -s "x509_verify_cert() returned" \ 6530 -s "! The certificate is not correctly signed by the trusted CA" \ 6531 -s "! mbedtls_ssl_handshake returned" \ 6532 -s "X509 - Certificate verification failed" 6533 6534 run_test "Authentication: client badcert, server optional" \ 6535 "$P_SRV debug_level=3 auth_mode=optional" \ 6536 "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/server5-badsign.crt \ 6537 key_file=$DATA_FILES_PATH/server5.key" \ 6538 0 \ 6539 -S "skip write certificate request" \ 6540 -C "skip parse certificate request" \ 6541 -c "got a certificate request" \ 6542 -C "skip write certificate" \ 6543 -C "skip write certificate verify" \ 6544 -S "skip parse certificate verify" \ 6545 -s "x509_verify_cert() returned" \ 6546 -s "! The certificate is not correctly signed by the trusted CA" \ 6547 -S "! mbedtls_ssl_handshake returned" \ 6548 -C "! mbedtls_ssl_handshake returned" \ 6549 -S "X509 - Certificate verification failed" 6550 6551 run_test "Authentication: client badcert, server none" \ 6552 "$P_SRV debug_level=3 auth_mode=none" \ 6553 "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/server5-badsign.crt \ 6554 key_file=$DATA_FILES_PATH/server5.key" \ 6555 0 \ 6556 -s "skip write certificate request" \ 6557 -C "skip parse certificate request" \ 6558 -c "got no certificate request" \ 6559 -c "skip write certificate" \ 6560 -c "skip write certificate verify" \ 6561 -s "skip parse certificate verify" \ 6562 -S "x509_verify_cert() returned" \ 6563 -S "! The certificate is not correctly signed by the trusted CA" \ 6564 -S "! mbedtls_ssl_handshake returned" \ 6565 -C "! mbedtls_ssl_handshake returned" \ 6566 -S "X509 - Certificate verification failed" 6567 6568 run_test "Authentication: client no cert, server optional" \ 6569 "$P_SRV debug_level=3 auth_mode=optional" \ 6570 "$P_CLI debug_level=3 crt_file=none key_file=none" \ 6571 0 \ 6572 -S "skip write certificate request" \ 6573 -C "skip parse certificate request" \ 6574 -c "got a certificate request" \ 6575 -C "skip write certificate$" \ 6576 -C "got no certificate to send" \ 6577 -c "skip write certificate verify" \ 6578 -s "skip parse certificate verify" \ 6579 -s "! Certificate was missing" \ 6580 -S "! mbedtls_ssl_handshake returned" \ 6581 -C "! mbedtls_ssl_handshake returned" \ 6582 -S "X509 - Certificate verification failed" 6583 6584 requires_openssl_tls1_3_with_compatible_ephemeral 6585 run_test "Authentication: openssl client no cert, server optional" \ 6586 "$P_SRV debug_level=3 auth_mode=optional" \ 6587 "$O_NEXT_CLI_NO_CERT -no_middlebox" \ 6588 0 \ 6589 -S "skip write certificate request" \ 6590 -s "skip parse certificate verify" \ 6591 -s "! Certificate was missing" \ 6592 -S "! mbedtls_ssl_handshake returned" \ 6593 -S "X509 - Certificate verification failed" 6594 6595 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 6596 run_test "Authentication: client no cert, openssl server optional" \ 6597 "$O_SRV -verify 10 -tls1_2" \ 6598 "$P_CLI debug_level=3 crt_file=none key_file=none" \ 6599 0 \ 6600 -C "skip parse certificate request" \ 6601 -c "got a certificate request" \ 6602 -C "skip write certificate$" \ 6603 -c "skip write certificate verify" \ 6604 -C "! mbedtls_ssl_handshake returned" 6605 6606 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 6607 run_test "Authentication: client no cert, openssl server required" \ 6608 "$O_SRV -Verify 10 -tls1_2" \ 6609 "$P_CLI debug_level=3 crt_file=none key_file=none" \ 6610 1 \ 6611 -C "skip parse certificate request" \ 6612 -c "got a certificate request" \ 6613 -C "skip write certificate$" \ 6614 -c "skip write certificate verify" \ 6615 -c "! mbedtls_ssl_handshake returned" 6616 6617 # This script assumes that MBEDTLS_X509_MAX_INTERMEDIATE_CA has its default 6618 # value, defined here as MAX_IM_CA. Some test cases will be skipped if the 6619 # library is configured with a different value. 6620 6621 MAX_IM_CA='8' 6622 6623 # The tests for the max_int tests can pass with any number higher than MAX_IM_CA 6624 # because only a chain of MAX_IM_CA length is tested. Equally, the max_int+1 6625 # tests can pass with any number less than MAX_IM_CA. However, stricter preconditions 6626 # are in place so that the semantics are consistent with the test description. 6627 requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA 6628 requires_full_size_output_buffer 6629 run_test "Authentication: server max_int chain, client default" \ 6630 "$P_SRV crt_file=$DATA_FILES_PATH/dir-maxpath/c09.pem \ 6631 key_file=$DATA_FILES_PATH/dir-maxpath/09.key" \ 6632 "$P_CLI server_name=CA09 ca_file=$DATA_FILES_PATH/dir-maxpath/00.crt" \ 6633 0 \ 6634 -C "X509 - A fatal error occurred" 6635 6636 requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA 6637 requires_full_size_output_buffer 6638 run_test "Authentication: server max_int+1 chain, client default" \ 6639 "$P_SRV crt_file=$DATA_FILES_PATH/dir-maxpath/c10.pem \ 6640 key_file=$DATA_FILES_PATH/dir-maxpath/10.key" \ 6641 "$P_CLI server_name=CA10 ca_file=$DATA_FILES_PATH/dir-maxpath/00.crt" \ 6642 1 \ 6643 -c "X509 - A fatal error occurred" 6644 6645 requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA 6646 requires_full_size_output_buffer 6647 run_test "Authentication: server max_int+1 chain, client optional" \ 6648 "$P_SRV crt_file=$DATA_FILES_PATH/dir-maxpath/c10.pem \ 6649 key_file=$DATA_FILES_PATH/dir-maxpath/10.key" \ 6650 "$P_CLI server_name=CA10 ca_file=$DATA_FILES_PATH/dir-maxpath/00.crt \ 6651 auth_mode=optional" \ 6652 1 \ 6653 -c "X509 - A fatal error occurred" 6654 6655 requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA 6656 requires_full_size_output_buffer 6657 run_test "Authentication: server max_int+1 chain, client none" \ 6658 "$P_SRV crt_file=$DATA_FILES_PATH/dir-maxpath/c10.pem \ 6659 key_file=$DATA_FILES_PATH/dir-maxpath/10.key" \ 6660 "$P_CLI force_version=tls12 server_name=CA10 ca_file=$DATA_FILES_PATH/dir-maxpath/00.crt \ 6661 auth_mode=none" \ 6662 0 \ 6663 -C "X509 - A fatal error occurred" 6664 6665 requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA 6666 requires_full_size_output_buffer 6667 run_test "Authentication: client max_int+1 chain, server default" \ 6668 "$P_SRV ca_file=$DATA_FILES_PATH/dir-maxpath/00.crt" \ 6669 "$P_CLI crt_file=$DATA_FILES_PATH/dir-maxpath/c10.pem \ 6670 key_file=$DATA_FILES_PATH/dir-maxpath/10.key" \ 6671 0 \ 6672 -S "X509 - A fatal error occurred" 6673 6674 requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA 6675 requires_full_size_output_buffer 6676 run_test "Authentication: client max_int+1 chain, server optional" \ 6677 "$P_SRV ca_file=$DATA_FILES_PATH/dir-maxpath/00.crt auth_mode=optional" \ 6678 "$P_CLI crt_file=$DATA_FILES_PATH/dir-maxpath/c10.pem \ 6679 key_file=$DATA_FILES_PATH/dir-maxpath/10.key" \ 6680 1 \ 6681 -s "X509 - A fatal error occurred" 6682 6683 requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA 6684 requires_full_size_output_buffer 6685 run_test "Authentication: client max_int+1 chain, server required" \ 6686 "$P_SRV ca_file=$DATA_FILES_PATH/dir-maxpath/00.crt auth_mode=required" \ 6687 "$P_CLI crt_file=$DATA_FILES_PATH/dir-maxpath/c10.pem \ 6688 key_file=$DATA_FILES_PATH/dir-maxpath/10.key" \ 6689 1 \ 6690 -s "X509 - A fatal error occurred" 6691 6692 requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA 6693 requires_full_size_output_buffer 6694 run_test "Authentication: client max_int chain, server required" \ 6695 "$P_SRV ca_file=$DATA_FILES_PATH/dir-maxpath/00.crt auth_mode=required" \ 6696 "$P_CLI crt_file=$DATA_FILES_PATH/dir-maxpath/c09.pem \ 6697 key_file=$DATA_FILES_PATH/dir-maxpath/09.key" \ 6698 0 \ 6699 -S "X509 - A fatal error occurred" 6700 6701 # Tests for CA list in CertificateRequest messages 6702 6703 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 6704 run_test "Authentication: send CA list in CertificateRequest (default)" \ 6705 "$P_SRV debug_level=3 auth_mode=required" \ 6706 "$P_CLI force_version=tls12 crt_file=$DATA_FILES_PATH/server6.crt \ 6707 key_file=$DATA_FILES_PATH/server6.key" \ 6708 0 \ 6709 -s "requested DN" 6710 6711 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 6712 run_test "Authentication: do not send CA list in CertificateRequest" \ 6713 "$P_SRV debug_level=3 auth_mode=required cert_req_ca_list=0" \ 6714 "$P_CLI force_version=tls12 crt_file=$DATA_FILES_PATH/server6.crt \ 6715 key_file=$DATA_FILES_PATH/server6.key" \ 6716 0 \ 6717 -S "requested DN" 6718 6719 run_test "Authentication: send CA list in CertificateRequest, client self signed" \ 6720 "$P_SRV force_version=tls12 debug_level=3 auth_mode=required cert_req_ca_list=0" \ 6721 "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/server5-selfsigned.crt \ 6722 key_file=$DATA_FILES_PATH/server5.key" \ 6723 1 \ 6724 -S "requested DN" \ 6725 -s "x509_verify_cert() returned" \ 6726 -s "! The certificate is not correctly signed by the trusted CA" \ 6727 -s "! mbedtls_ssl_handshake returned" \ 6728 -c "! mbedtls_ssl_handshake returned" \ 6729 -s "X509 - Certificate verification failed" 6730 6731 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 6732 run_test "Authentication: send alt conf DN hints in CertificateRequest" \ 6733 "$P_SRV debug_level=3 auth_mode=optional cert_req_ca_list=2 \ 6734 crt_file2=$DATA_FILES_PATH/server1.crt \ 6735 key_file2=$DATA_FILES_PATH/server1.key" \ 6736 "$P_CLI force_version=tls12 debug_level=3 auth_mode=optional \ 6737 crt_file=$DATA_FILES_PATH/server6.crt \ 6738 key_file=$DATA_FILES_PATH/server6.key" \ 6739 0 \ 6740 -c "DN hint: C=NL, O=PolarSSL, CN=PolarSSL Server 1" 6741 6742 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 6743 run_test "Authentication: send alt conf DN hints in CertificateRequest (2)" \ 6744 "$P_SRV debug_level=3 auth_mode=optional cert_req_ca_list=2 \ 6745 crt_file2=$DATA_FILES_PATH/server2.crt \ 6746 key_file2=$DATA_FILES_PATH/server2.key" \ 6747 "$P_CLI force_version=tls12 debug_level=3 auth_mode=optional \ 6748 crt_file=$DATA_FILES_PATH/server6.crt \ 6749 key_file=$DATA_FILES_PATH/server6.key" \ 6750 0 \ 6751 -c "DN hint: C=NL, O=PolarSSL, CN=localhost" 6752 6753 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 6754 run_test "Authentication: send alt hs DN hints in CertificateRequest" \ 6755 "$P_SRV debug_level=3 auth_mode=optional cert_req_ca_list=3 \ 6756 crt_file2=$DATA_FILES_PATH/server1.crt \ 6757 key_file2=$DATA_FILES_PATH/server1.key" \ 6758 "$P_CLI force_version=tls12 debug_level=3 auth_mode=optional \ 6759 crt_file=$DATA_FILES_PATH/server6.crt \ 6760 key_file=$DATA_FILES_PATH/server6.key" \ 6761 0 \ 6762 -c "DN hint: C=NL, O=PolarSSL, CN=PolarSSL Server 1" 6763 6764 # Tests for auth_mode, using CA callback, these are duplicated from the authentication tests 6765 # When updating these tests, modify the matching authentication tests accordingly 6766 6767 run_test "Authentication, CA callback: server badcert, client required" \ 6768 "$P_SRV crt_file=$DATA_FILES_PATH/server5-badsign.crt \ 6769 key_file=$DATA_FILES_PATH/server5.key" \ 6770 "$P_CLI ca_callback=1 debug_level=3 auth_mode=required" \ 6771 1 \ 6772 -c "use CA callback for X.509 CRT verification" \ 6773 -c "x509_verify_cert() returned" \ 6774 -c "! The certificate is not correctly signed by the trusted CA" \ 6775 -c "! mbedtls_ssl_handshake returned" \ 6776 -c "X509 - Certificate verification failed" 6777 6778 run_test "Authentication, CA callback: server badcert, client optional" \ 6779 "$P_SRV crt_file=$DATA_FILES_PATH/server5-badsign.crt \ 6780 key_file=$DATA_FILES_PATH/server5.key" \ 6781 "$P_CLI ca_callback=1 debug_level=3 auth_mode=optional" \ 6782 0 \ 6783 -c "use CA callback for X.509 CRT verification" \ 6784 -c "x509_verify_cert() returned" \ 6785 -c "! The certificate is not correctly signed by the trusted CA" \ 6786 -C "! mbedtls_ssl_handshake returned" \ 6787 -C "X509 - Certificate verification failed" 6788 6789 run_test "Authentication, CA callback: server badcert, client none" \ 6790 "$P_SRV crt_file=$DATA_FILES_PATH/server5-badsign.crt \ 6791 key_file=$DATA_FILES_PATH/server5.key" \ 6792 "$P_CLI ca_callback=1 debug_level=3 auth_mode=none" \ 6793 0 \ 6794 -C "use CA callback for X.509 CRT verification" \ 6795 -C "x509_verify_cert() returned" \ 6796 -C "! The certificate is not correctly signed by the trusted CA" \ 6797 -C "! mbedtls_ssl_handshake returned" \ 6798 -C "X509 - Certificate verification failed" 6799 6800 # The purpose of the next two tests is to test the client's behaviour when receiving a server 6801 # certificate with an unsupported elliptic curve. This should usually not happen because 6802 # the client informs the server about the supported curves - it does, though, in the 6803 # corner case of a static ECDH suite, because the server doesn't check the curve on that 6804 # occasion (to be fixed). If that bug's fixed, the test needs to be altered to use a 6805 # different means to have the server ignoring the client's supported curve list. 6806 6807 run_test "Authentication, CA callback: server ECDH p256v1, client required, p256v1 unsupported" \ 6808 "$P_SRV debug_level=1 key_file=$DATA_FILES_PATH/server5.key \ 6809 crt_file=$DATA_FILES_PATH/server5.ku-ka.crt" \ 6810 "$P_CLI force_version=tls12 ca_callback=1 debug_level=3 auth_mode=required groups=secp521r1" \ 6811 1 \ 6812 -c "use CA callback for X.509 CRT verification" \ 6813 -c "bad certificate (EC key curve)" \ 6814 -c "! Certificate verification flags" \ 6815 -C "bad server certificate (ECDH curve)" # Expect failure at earlier verification stage 6816 6817 run_test "Authentication, CA callback: server ECDH p256v1, client optional, p256v1 unsupported" \ 6818 "$P_SRV debug_level=1 key_file=$DATA_FILES_PATH/server5.key \ 6819 crt_file=$DATA_FILES_PATH/server5.ku-ka.crt" \ 6820 "$P_CLI force_version=tls12 ca_callback=1 debug_level=3 auth_mode=optional groups=secp521r1" \ 6821 1 \ 6822 -c "use CA callback for X.509 CRT verification" \ 6823 -c "bad certificate (EC key curve)"\ 6824 -c "! Certificate verification flags"\ 6825 -c "bad server certificate (ECDH curve)" # Expect failure only at ECDH params check 6826 6827 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 6828 run_test "Authentication, CA callback: client SHA384, server required" \ 6829 "$P_SRV ca_callback=1 debug_level=3 auth_mode=required" \ 6830 "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/server6.crt \ 6831 key_file=$DATA_FILES_PATH/server6.key \ 6832 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \ 6833 0 \ 6834 -s "use CA callback for X.509 CRT verification" \ 6835 -c "Supported Signature Algorithm found: 04 " \ 6836 -c "Supported Signature Algorithm found: 05 " 6837 6838 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 6839 run_test "Authentication, CA callback: client SHA256, server required" \ 6840 "$P_SRV ca_callback=1 debug_level=3 auth_mode=required" \ 6841 "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/server6.crt \ 6842 key_file=$DATA_FILES_PATH/server6.key \ 6843 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \ 6844 0 \ 6845 -s "use CA callback for X.509 CRT verification" \ 6846 -c "Supported Signature Algorithm found: 04 " \ 6847 -c "Supported Signature Algorithm found: 05 " 6848 6849 run_test "Authentication, CA callback: client badcert, server required" \ 6850 "$P_SRV ca_callback=1 debug_level=3 auth_mode=required" \ 6851 "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/server5-badsign.crt \ 6852 key_file=$DATA_FILES_PATH/server5.key" \ 6853 1 \ 6854 -s "use CA callback for X.509 CRT verification" \ 6855 -S "skip write certificate request" \ 6856 -C "skip parse certificate request" \ 6857 -c "got a certificate request" \ 6858 -C "skip write certificate" \ 6859 -C "skip write certificate verify" \ 6860 -S "skip parse certificate verify" \ 6861 -s "x509_verify_cert() returned" \ 6862 -s "! The certificate is not correctly signed by the trusted CA" \ 6863 -s "! mbedtls_ssl_handshake returned" \ 6864 -s "send alert level=2 message=48" \ 6865 -s "X509 - Certificate verification failed" 6866 # We don't check that the client receives the alert because it might 6867 # detect that its write end of the connection is closed and abort 6868 # before reading the alert message. 6869 6870 run_test "Authentication, CA callback: client cert not trusted, server required" \ 6871 "$P_SRV ca_callback=1 debug_level=3 auth_mode=required" \ 6872 "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/server5-selfsigned.crt \ 6873 key_file=$DATA_FILES_PATH/server5.key" \ 6874 1 \ 6875 -s "use CA callback for X.509 CRT verification" \ 6876 -S "skip write certificate request" \ 6877 -C "skip parse certificate request" \ 6878 -c "got a certificate request" \ 6879 -C "skip write certificate" \ 6880 -C "skip write certificate verify" \ 6881 -S "skip parse certificate verify" \ 6882 -s "x509_verify_cert() returned" \ 6883 -s "! The certificate is not correctly signed by the trusted CA" \ 6884 -s "! mbedtls_ssl_handshake returned" \ 6885 -s "X509 - Certificate verification failed" 6886 6887 run_test "Authentication, CA callback: client badcert, server optional" \ 6888 "$P_SRV ca_callback=1 debug_level=3 auth_mode=optional" \ 6889 "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/server5-badsign.crt \ 6890 key_file=$DATA_FILES_PATH/server5.key" \ 6891 0 \ 6892 -s "use CA callback for X.509 CRT verification" \ 6893 -S "skip write certificate request" \ 6894 -C "skip parse certificate request" \ 6895 -c "got a certificate request" \ 6896 -C "skip write certificate" \ 6897 -C "skip write certificate verify" \ 6898 -S "skip parse certificate verify" \ 6899 -s "x509_verify_cert() returned" \ 6900 -s "! The certificate is not correctly signed by the trusted CA" \ 6901 -S "! mbedtls_ssl_handshake returned" \ 6902 -C "! mbedtls_ssl_handshake returned" \ 6903 -S "X509 - Certificate verification failed" 6904 6905 requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA 6906 requires_full_size_output_buffer 6907 run_test "Authentication, CA callback: server max_int chain, client default" \ 6908 "$P_SRV crt_file=$DATA_FILES_PATH/dir-maxpath/c09.pem \ 6909 key_file=$DATA_FILES_PATH/dir-maxpath/09.key" \ 6910 "$P_CLI ca_callback=1 debug_level=3 server_name=CA09 ca_file=$DATA_FILES_PATH/dir-maxpath/00.crt" \ 6911 0 \ 6912 -c "use CA callback for X.509 CRT verification" \ 6913 -C "X509 - A fatal error occurred" 6914 6915 requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA 6916 requires_full_size_output_buffer 6917 run_test "Authentication, CA callback: server max_int+1 chain, client default" \ 6918 "$P_SRV crt_file=$DATA_FILES_PATH/dir-maxpath/c10.pem \ 6919 key_file=$DATA_FILES_PATH/dir-maxpath/10.key" \ 6920 "$P_CLI debug_level=3 ca_callback=1 server_name=CA10 ca_file=$DATA_FILES_PATH/dir-maxpath/00.crt" \ 6921 1 \ 6922 -c "use CA callback for X.509 CRT verification" \ 6923 -c "X509 - A fatal error occurred" 6924 6925 requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA 6926 requires_full_size_output_buffer 6927 run_test "Authentication, CA callback: server max_int+1 chain, client optional" \ 6928 "$P_SRV crt_file=$DATA_FILES_PATH/dir-maxpath/c10.pem \ 6929 key_file=$DATA_FILES_PATH/dir-maxpath/10.key" \ 6930 "$P_CLI ca_callback=1 server_name=CA10 ca_file=$DATA_FILES_PATH/dir-maxpath/00.crt \ 6931 debug_level=3 auth_mode=optional" \ 6932 1 \ 6933 -c "use CA callback for X.509 CRT verification" \ 6934 -c "X509 - A fatal error occurred" 6935 6936 requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA 6937 requires_full_size_output_buffer 6938 run_test "Authentication, CA callback: client max_int+1 chain, server optional" \ 6939 "$P_SRV ca_callback=1 debug_level=3 ca_file=$DATA_FILES_PATH/dir-maxpath/00.crt auth_mode=optional" \ 6940 "$P_CLI crt_file=$DATA_FILES_PATH/dir-maxpath/c10.pem \ 6941 key_file=$DATA_FILES_PATH/dir-maxpath/10.key" \ 6942 1 \ 6943 -s "use CA callback for X.509 CRT verification" \ 6944 -s "X509 - A fatal error occurred" 6945 6946 requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA 6947 requires_full_size_output_buffer 6948 run_test "Authentication, CA callback: client max_int+1 chain, server required" \ 6949 "$P_SRV ca_callback=1 debug_level=3 ca_file=$DATA_FILES_PATH/dir-maxpath/00.crt auth_mode=required" \ 6950 "$P_CLI crt_file=$DATA_FILES_PATH/dir-maxpath/c10.pem \ 6951 key_file=$DATA_FILES_PATH/dir-maxpath/10.key" \ 6952 1 \ 6953 -s "use CA callback for X.509 CRT verification" \ 6954 -s "X509 - A fatal error occurred" 6955 6956 requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA 6957 requires_full_size_output_buffer 6958 run_test "Authentication, CA callback: client max_int chain, server required" \ 6959 "$P_SRV ca_callback=1 debug_level=3 ca_file=$DATA_FILES_PATH/dir-maxpath/00.crt auth_mode=required" \ 6960 "$P_CLI crt_file=$DATA_FILES_PATH/dir-maxpath/c09.pem \ 6961 key_file=$DATA_FILES_PATH/dir-maxpath/09.key" \ 6962 0 \ 6963 -s "use CA callback for X.509 CRT verification" \ 6964 -S "X509 - A fatal error occurred" 6965 6966 # Tests for certificate selection based on SHA version 6967 6968 requires_config_disabled MBEDTLS_X509_REMOVE_INFO 6969 run_test "Certificate hash: client TLS 1.2 -> SHA-2" \ 6970 "$P_SRV force_version=tls12 crt_file=$DATA_FILES_PATH/server5.crt \ 6971 key_file=$DATA_FILES_PATH/server5.key \ 6972 crt_file2=$DATA_FILES_PATH/server5-sha1.crt \ 6973 key_file2=$DATA_FILES_PATH/server5.key" \ 6974 "$P_CLI" \ 6975 0 \ 6976 -c "signed using.*ECDSA with SHA256" \ 6977 -C "signed using.*ECDSA with SHA1" 6978 6979 # tests for SNI 6980 6981 requires_config_disabled MBEDTLS_X509_REMOVE_INFO 6982 run_test "SNI: no SNI callback" \ 6983 "$P_SRV debug_level=3 \ 6984 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key" \ 6985 "$P_CLI server_name=localhost" \ 6986 0 \ 6987 -c "issuer name *: C=NL, O=PolarSSL, CN=Polarssl Test EC CA" \ 6988 -c "subject name *: C=NL, O=PolarSSL, CN=localhost" 6989 6990 requires_config_disabled MBEDTLS_X509_REMOVE_INFO 6991 run_test "SNI: matching cert 1" \ 6992 "$P_SRV debug_level=3 \ 6993 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \ 6994 sni=localhost,$DATA_FILES_PATH/server2.crt,$DATA_FILES_PATH/server2.key,-,-,-,polarssl.example,$DATA_FILES_PATH/server1-nospace.crt,$DATA_FILES_PATH/server1.key,-,-,-" \ 6995 "$P_CLI server_name=localhost" \ 6996 0 \ 6997 -s "parse ServerName extension" \ 6998 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \ 6999 -c "subject name *: C=NL, O=PolarSSL, CN=localhost" 7000 7001 requires_config_disabled MBEDTLS_X509_REMOVE_INFO 7002 run_test "SNI: matching cert 2" \ 7003 "$P_SRV debug_level=3 \ 7004 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \ 7005 sni=localhost,$DATA_FILES_PATH/server2.crt,$DATA_FILES_PATH/server2.key,-,-,-,polarssl.example,$DATA_FILES_PATH/server1-nospace.crt,$DATA_FILES_PATH/server1.key,-,-,-" \ 7006 "$P_CLI server_name=polarssl.example" \ 7007 0 \ 7008 -s "parse ServerName extension" \ 7009 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \ 7010 -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example" 7011 7012 requires_config_disabled MBEDTLS_X509_REMOVE_INFO 7013 run_test "SNI: no matching cert" \ 7014 "$P_SRV debug_level=3 \ 7015 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \ 7016 sni=localhost,$DATA_FILES_PATH/server2.crt,$DATA_FILES_PATH/server2.key,-,-,-,polarssl.example,$DATA_FILES_PATH/server1-nospace.crt,$DATA_FILES_PATH/server1.key,-,-,-" \ 7017 "$P_CLI server_name=nonesuch.example" \ 7018 1 \ 7019 -s "parse ServerName extension" \ 7020 -s "ssl_sni_wrapper() returned" \ 7021 -s "mbedtls_ssl_handshake returned" \ 7022 -c "mbedtls_ssl_handshake returned" \ 7023 -c "SSL - A fatal alert message was received from our peer" 7024 7025 run_test "SNI: client auth no override: optional" \ 7026 "$P_SRV debug_level=3 auth_mode=optional \ 7027 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \ 7028 sni=localhost,$DATA_FILES_PATH/server2.crt,$DATA_FILES_PATH/server2.key,-,-,-" \ 7029 "$P_CLI debug_level=3 server_name=localhost" \ 7030 0 \ 7031 -S "skip write certificate request" \ 7032 -C "skip parse certificate request" \ 7033 -c "got a certificate request" \ 7034 -C "skip write certificate" \ 7035 -C "skip write certificate verify" \ 7036 -S "skip parse certificate verify" 7037 7038 run_test "SNI: client auth override: none -> optional" \ 7039 "$P_SRV debug_level=3 auth_mode=none \ 7040 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \ 7041 sni=localhost,$DATA_FILES_PATH/server2.crt,$DATA_FILES_PATH/server2.key,-,-,optional" \ 7042 "$P_CLI debug_level=3 server_name=localhost" \ 7043 0 \ 7044 -S "skip write certificate request" \ 7045 -C "skip parse certificate request" \ 7046 -c "got a certificate request" \ 7047 -C "skip write certificate" \ 7048 -C "skip write certificate verify" \ 7049 -S "skip parse certificate verify" 7050 7051 run_test "SNI: client auth override: optional -> none" \ 7052 "$P_SRV debug_level=3 auth_mode=optional \ 7053 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \ 7054 sni=localhost,$DATA_FILES_PATH/server2.crt,$DATA_FILES_PATH/server2.key,-,-,none" \ 7055 "$P_CLI debug_level=3 server_name=localhost" \ 7056 0 \ 7057 -s "skip write certificate request" \ 7058 -C "skip parse certificate request" \ 7059 -c "got no certificate request" \ 7060 -c "skip write certificate" 7061 7062 run_test "SNI: CA no override" \ 7063 "$P_SRV debug_level=3 auth_mode=optional \ 7064 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \ 7065 ca_file=$DATA_FILES_PATH/test-ca.crt \ 7066 sni=localhost,$DATA_FILES_PATH/server2.crt,$DATA_FILES_PATH/server2.key,-,-,required" \ 7067 "$P_CLI debug_level=3 server_name=localhost \ 7068 crt_file=$DATA_FILES_PATH/server6.crt key_file=$DATA_FILES_PATH/server6.key" \ 7069 1 \ 7070 -S "skip write certificate request" \ 7071 -C "skip parse certificate request" \ 7072 -c "got a certificate request" \ 7073 -C "skip write certificate" \ 7074 -C "skip write certificate verify" \ 7075 -S "skip parse certificate verify" \ 7076 -s "x509_verify_cert() returned" \ 7077 -s "! The certificate is not correctly signed by the trusted CA" \ 7078 -S "The certificate has been revoked (is on a CRL)" 7079 7080 run_test "SNI: CA override" \ 7081 "$P_SRV debug_level=3 auth_mode=optional \ 7082 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \ 7083 ca_file=$DATA_FILES_PATH/test-ca.crt \ 7084 sni=localhost,$DATA_FILES_PATH/server2.crt,$DATA_FILES_PATH/server2.key,$DATA_FILES_PATH/test-ca2.crt,-,required" \ 7085 "$P_CLI debug_level=3 server_name=localhost \ 7086 crt_file=$DATA_FILES_PATH/server6.crt key_file=$DATA_FILES_PATH/server6.key" \ 7087 0 \ 7088 -S "skip write certificate request" \ 7089 -C "skip parse certificate request" \ 7090 -c "got a certificate request" \ 7091 -C "skip write certificate" \ 7092 -C "skip write certificate verify" \ 7093 -S "skip parse certificate verify" \ 7094 -S "x509_verify_cert() returned" \ 7095 -S "! The certificate is not correctly signed by the trusted CA" \ 7096 -S "The certificate has been revoked (is on a CRL)" 7097 7098 run_test "SNI: CA override with CRL" \ 7099 "$P_SRV debug_level=3 auth_mode=optional \ 7100 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \ 7101 ca_file=$DATA_FILES_PATH/test-ca.crt \ 7102 sni=localhost,$DATA_FILES_PATH/server2.crt,$DATA_FILES_PATH/server2.key,$DATA_FILES_PATH/test-ca2.crt,$DATA_FILES_PATH/crl-ec-sha256.pem,required" \ 7103 "$P_CLI debug_level=3 server_name=localhost \ 7104 crt_file=$DATA_FILES_PATH/server6.crt key_file=$DATA_FILES_PATH/server6.key" \ 7105 1 \ 7106 -S "skip write certificate request" \ 7107 -C "skip parse certificate request" \ 7108 -c "got a certificate request" \ 7109 -C "skip write certificate" \ 7110 -C "skip write certificate verify" \ 7111 -S "skip parse certificate verify" \ 7112 -s "x509_verify_cert() returned" \ 7113 -S "! The certificate is not correctly signed by the trusted CA" \ 7114 -s "send alert level=2 message=44" \ 7115 -s "The certificate has been revoked (is on a CRL)" 7116 # MBEDTLS_X509_BADCERT_REVOKED -> MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED 7117 7118 # Tests for SNI and DTLS 7119 7120 requires_config_disabled MBEDTLS_X509_REMOVE_INFO 7121 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7122 run_test "SNI: DTLS, no SNI callback" \ 7123 "$P_SRV debug_level=3 dtls=1 \ 7124 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key" \ 7125 "$P_CLI server_name=localhost dtls=1" \ 7126 0 \ 7127 -c "issuer name *: C=NL, O=PolarSSL, CN=Polarssl Test EC CA" \ 7128 -c "subject name *: C=NL, O=PolarSSL, CN=localhost" 7129 7130 requires_config_disabled MBEDTLS_X509_REMOVE_INFO 7131 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7132 run_test "SNI: DTLS, matching cert 1" \ 7133 "$P_SRV debug_level=3 dtls=1 \ 7134 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \ 7135 sni=localhost,$DATA_FILES_PATH/server2.crt,$DATA_FILES_PATH/server2.key,-,-,-,polarssl.example,$DATA_FILES_PATH/server1-nospace.crt,$DATA_FILES_PATH/server1.key,-,-,-" \ 7136 "$P_CLI server_name=localhost dtls=1" \ 7137 0 \ 7138 -s "parse ServerName extension" \ 7139 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \ 7140 -c "subject name *: C=NL, O=PolarSSL, CN=localhost" 7141 7142 requires_config_disabled MBEDTLS_X509_REMOVE_INFO 7143 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7144 run_test "SNI: DTLS, matching cert 2" \ 7145 "$P_SRV debug_level=3 dtls=1 \ 7146 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \ 7147 sni=localhost,$DATA_FILES_PATH/server2.crt,$DATA_FILES_PATH/server2.key,-,-,-,polarssl.example,$DATA_FILES_PATH/server1-nospace.crt,$DATA_FILES_PATH/server1.key,-,-,-" \ 7148 "$P_CLI server_name=polarssl.example dtls=1" \ 7149 0 \ 7150 -s "parse ServerName extension" \ 7151 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \ 7152 -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example" 7153 7154 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7155 run_test "SNI: DTLS, no matching cert" \ 7156 "$P_SRV debug_level=3 dtls=1 \ 7157 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \ 7158 sni=localhost,$DATA_FILES_PATH/server2.crt,$DATA_FILES_PATH/server2.key,-,-,-,polarssl.example,$DATA_FILES_PATH/server1-nospace.crt,$DATA_FILES_PATH/server1.key,-,-,-" \ 7159 "$P_CLI server_name=nonesuch.example dtls=1" \ 7160 1 \ 7161 -s "parse ServerName extension" \ 7162 -s "ssl_sni_wrapper() returned" \ 7163 -s "mbedtls_ssl_handshake returned" \ 7164 -c "mbedtls_ssl_handshake returned" \ 7165 -c "SSL - A fatal alert message was received from our peer" 7166 7167 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7168 run_test "SNI: DTLS, client auth no override: optional" \ 7169 "$P_SRV debug_level=3 auth_mode=optional dtls=1 \ 7170 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \ 7171 sni=localhost,$DATA_FILES_PATH/server2.crt,$DATA_FILES_PATH/server2.key,-,-,-" \ 7172 "$P_CLI debug_level=3 server_name=localhost dtls=1" \ 7173 0 \ 7174 -S "skip write certificate request" \ 7175 -C "skip parse certificate request" \ 7176 -c "got a certificate request" \ 7177 -C "skip write certificate" \ 7178 -C "skip write certificate verify" \ 7179 -S "skip parse certificate verify" 7180 7181 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7182 run_test "SNI: DTLS, client auth override: none -> optional" \ 7183 "$P_SRV debug_level=3 auth_mode=none dtls=1 \ 7184 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \ 7185 sni=localhost,$DATA_FILES_PATH/server2.crt,$DATA_FILES_PATH/server2.key,-,-,optional" \ 7186 "$P_CLI debug_level=3 server_name=localhost dtls=1" \ 7187 0 \ 7188 -S "skip write certificate request" \ 7189 -C "skip parse certificate request" \ 7190 -c "got a certificate request" \ 7191 -C "skip write certificate" \ 7192 -C "skip write certificate verify" \ 7193 -S "skip parse certificate verify" 7194 7195 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7196 run_test "SNI: DTLS, client auth override: optional -> none" \ 7197 "$P_SRV debug_level=3 auth_mode=optional dtls=1 \ 7198 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \ 7199 sni=localhost,$DATA_FILES_PATH/server2.crt,$DATA_FILES_PATH/server2.key,-,-,none" \ 7200 "$P_CLI debug_level=3 server_name=localhost dtls=1" \ 7201 0 \ 7202 -s "skip write certificate request" \ 7203 -C "skip parse certificate request" \ 7204 -c "got no certificate request" \ 7205 -c "skip write certificate" \ 7206 -c "skip write certificate verify" \ 7207 -s "skip parse certificate verify" 7208 7209 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7210 run_test "SNI: DTLS, CA no override" \ 7211 "$P_SRV debug_level=3 auth_mode=optional dtls=1 \ 7212 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \ 7213 ca_file=$DATA_FILES_PATH/test-ca.crt \ 7214 sni=localhost,$DATA_FILES_PATH/server2.crt,$DATA_FILES_PATH/server2.key,-,-,required" \ 7215 "$P_CLI debug_level=3 server_name=localhost dtls=1 \ 7216 crt_file=$DATA_FILES_PATH/server6.crt key_file=$DATA_FILES_PATH/server6.key" \ 7217 1 \ 7218 -S "skip write certificate request" \ 7219 -C "skip parse certificate request" \ 7220 -c "got a certificate request" \ 7221 -C "skip write certificate" \ 7222 -C "skip write certificate verify" \ 7223 -S "skip parse certificate verify" \ 7224 -s "x509_verify_cert() returned" \ 7225 -s "! The certificate is not correctly signed by the trusted CA" \ 7226 -S "The certificate has been revoked (is on a CRL)" 7227 7228 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7229 run_test "SNI: DTLS, CA override" \ 7230 "$P_SRV debug_level=3 auth_mode=optional dtls=1 \ 7231 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \ 7232 ca_file=$DATA_FILES_PATH/test-ca.crt \ 7233 sni=localhost,$DATA_FILES_PATH/server2.crt,$DATA_FILES_PATH/server2.key,$DATA_FILES_PATH/test-ca2.crt,-,required" \ 7234 "$P_CLI debug_level=3 server_name=localhost dtls=1 \ 7235 crt_file=$DATA_FILES_PATH/server6.crt key_file=$DATA_FILES_PATH/server6.key" \ 7236 0 \ 7237 -S "skip write certificate request" \ 7238 -C "skip parse certificate request" \ 7239 -c "got a certificate request" \ 7240 -C "skip write certificate" \ 7241 -C "skip write certificate verify" \ 7242 -S "skip parse certificate verify" \ 7243 -S "x509_verify_cert() returned" \ 7244 -S "! The certificate is not correctly signed by the trusted CA" \ 7245 -S "The certificate has been revoked (is on a CRL)" 7246 7247 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7248 run_test "SNI: DTLS, CA override with CRL" \ 7249 "$P_SRV debug_level=3 auth_mode=optional \ 7250 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key dtls=1 \ 7251 ca_file=$DATA_FILES_PATH/test-ca.crt \ 7252 sni=localhost,$DATA_FILES_PATH/server2.crt,$DATA_FILES_PATH/server2.key,$DATA_FILES_PATH/test-ca2.crt,$DATA_FILES_PATH/crl-ec-sha256.pem,required" \ 7253 "$P_CLI debug_level=3 server_name=localhost dtls=1 \ 7254 crt_file=$DATA_FILES_PATH/server6.crt key_file=$DATA_FILES_PATH/server6.key" \ 7255 1 \ 7256 -S "skip write certificate request" \ 7257 -C "skip parse certificate request" \ 7258 -c "got a certificate request" \ 7259 -C "skip write certificate" \ 7260 -C "skip write certificate verify" \ 7261 -S "skip parse certificate verify" \ 7262 -s "x509_verify_cert() returned" \ 7263 -S "! The certificate is not correctly signed by the trusted CA" \ 7264 -s "send alert level=2 message=44" \ 7265 -s "The certificate has been revoked (is on a CRL)" 7266 # MBEDTLS_X509_BADCERT_REVOKED -> MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED 7267 7268 # Tests for non-blocking I/O: exercise a variety of handshake flows 7269 7270 run_test "Non-blocking I/O: basic handshake" \ 7271 "$P_SRV nbio=2 tickets=0 auth_mode=none" \ 7272 "$P_CLI nbio=2 tickets=0" \ 7273 0 \ 7274 -S "mbedtls_ssl_handshake returned" \ 7275 -C "mbedtls_ssl_handshake returned" \ 7276 -c "Read from server: .* bytes read" 7277 7278 run_test "Non-blocking I/O: client auth" \ 7279 "$P_SRV nbio=2 tickets=0 auth_mode=required" \ 7280 "$P_CLI nbio=2 tickets=0" \ 7281 0 \ 7282 -S "mbedtls_ssl_handshake returned" \ 7283 -C "mbedtls_ssl_handshake returned" \ 7284 -c "Read from server: .* bytes read" 7285 7286 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 7287 run_test "Non-blocking I/O: ticket" \ 7288 "$P_SRV nbio=2 tickets=1 auth_mode=none" \ 7289 "$P_CLI nbio=2 tickets=1 new_session_tickets=1" \ 7290 0 \ 7291 -S "mbedtls_ssl_handshake returned" \ 7292 -C "mbedtls_ssl_handshake returned" \ 7293 -c "Read from server: .* bytes read" 7294 7295 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 7296 run_test "Non-blocking I/O: ticket + client auth" \ 7297 "$P_SRV nbio=2 tickets=1 auth_mode=required" \ 7298 "$P_CLI nbio=2 tickets=1 new_session_tickets=1" \ 7299 0 \ 7300 -S "mbedtls_ssl_handshake returned" \ 7301 -C "mbedtls_ssl_handshake returned" \ 7302 -c "Read from server: .* bytes read" 7303 7304 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 7305 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 7306 run_test "Non-blocking I/O: TLS 1.2 + ticket + client auth + resume" \ 7307 "$P_SRV nbio=2 tickets=1 auth_mode=required" \ 7308 "$P_CLI force_version=tls12 nbio=2 tickets=1 reconnect=1" \ 7309 0 \ 7310 -S "mbedtls_ssl_handshake returned" \ 7311 -C "mbedtls_ssl_handshake returned" \ 7312 -c "Read from server: .* bytes read" 7313 7314 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 7315 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 7316 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 7317 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 7318 run_test "Non-blocking I/O: TLS 1.3 + ticket + client auth + resume" \ 7319 "$P_SRV nbio=2 tickets=1 auth_mode=required" \ 7320 "$P_CLI nbio=2 tickets=1 new_session_tickets=1 reconnect=1" \ 7321 0 \ 7322 -S "mbedtls_ssl_handshake returned" \ 7323 -C "mbedtls_ssl_handshake returned" \ 7324 -c "Read from server: .* bytes read" 7325 7326 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 7327 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 7328 run_test "Non-blocking I/O: TLS 1.2 + ticket + resume" \ 7329 "$P_SRV nbio=2 tickets=1 auth_mode=none" \ 7330 "$P_CLI force_version=tls12 nbio=2 tickets=1 reconnect=1" \ 7331 0 \ 7332 -S "mbedtls_ssl_handshake returned" \ 7333 -C "mbedtls_ssl_handshake returned" \ 7334 -c "Read from server: .* bytes read" 7335 7336 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 7337 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 7338 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 7339 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 7340 run_test "Non-blocking I/O: TLS 1.3 + ticket + resume" \ 7341 "$P_SRV nbio=2 tickets=1 auth_mode=none" \ 7342 "$P_CLI nbio=2 tickets=1 new_session_tickets=1 reconnect=1" \ 7343 0 \ 7344 -S "mbedtls_ssl_handshake returned" \ 7345 -C "mbedtls_ssl_handshake returned" \ 7346 -c "Read from server: .* bytes read" 7347 7348 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 7349 run_test "Non-blocking I/O: session-id resume" \ 7350 "$P_SRV nbio=2 tickets=0 auth_mode=none" \ 7351 "$P_CLI force_version=tls12 nbio=2 tickets=0 reconnect=1" \ 7352 0 \ 7353 -S "mbedtls_ssl_handshake returned" \ 7354 -C "mbedtls_ssl_handshake returned" \ 7355 -c "Read from server: .* bytes read" 7356 7357 # Tests for event-driven I/O: exercise a variety of handshake flows 7358 7359 run_test "Event-driven I/O: basic handshake" \ 7360 "$P_SRV event=1 tickets=0 auth_mode=none" \ 7361 "$P_CLI event=1 tickets=0" \ 7362 0 \ 7363 -S "mbedtls_ssl_handshake returned" \ 7364 -C "mbedtls_ssl_handshake returned" \ 7365 -c "Read from server: .* bytes read" 7366 7367 run_test "Event-driven I/O: client auth" \ 7368 "$P_SRV event=1 tickets=0 auth_mode=required" \ 7369 "$P_CLI event=1 tickets=0" \ 7370 0 \ 7371 -S "mbedtls_ssl_handshake returned" \ 7372 -C "mbedtls_ssl_handshake returned" \ 7373 -c "Read from server: .* bytes read" 7374 7375 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 7376 run_test "Event-driven I/O: ticket" \ 7377 "$P_SRV event=1 tickets=1 auth_mode=none" \ 7378 "$P_CLI event=1 tickets=1 new_session_tickets=1" \ 7379 0 \ 7380 -S "mbedtls_ssl_handshake returned" \ 7381 -C "mbedtls_ssl_handshake returned" \ 7382 -c "Read from server: .* bytes read" 7383 7384 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 7385 run_test "Event-driven I/O: ticket + client auth" \ 7386 "$P_SRV event=1 tickets=1 auth_mode=required" \ 7387 "$P_CLI event=1 tickets=1 new_session_tickets=1" \ 7388 0 \ 7389 -S "mbedtls_ssl_handshake returned" \ 7390 -C "mbedtls_ssl_handshake returned" \ 7391 -c "Read from server: .* bytes read" 7392 7393 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 7394 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 7395 run_test "Event-driven I/O: TLS 1.2 + ticket + client auth + resume" \ 7396 "$P_SRV event=1 tickets=1 auth_mode=required" \ 7397 "$P_CLI force_version=tls12 event=1 tickets=1 reconnect=1" \ 7398 0 \ 7399 -S "mbedtls_ssl_handshake returned" \ 7400 -C "mbedtls_ssl_handshake returned" \ 7401 -c "Read from server: .* bytes read" 7402 7403 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 7404 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 7405 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 7406 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 7407 run_test "Event-driven I/O: TLS 1.3 + ticket + client auth + resume" \ 7408 "$P_SRV event=1 tickets=1 auth_mode=required" \ 7409 "$P_CLI event=1 tickets=1 new_session_tickets=1 reconnect=1" \ 7410 0 \ 7411 -S "mbedtls_ssl_handshake returned" \ 7412 -C "mbedtls_ssl_handshake returned" \ 7413 -c "Read from server: .* bytes read" 7414 7415 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 7416 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 7417 run_test "Event-driven I/O: TLS 1.2 + ticket + resume" \ 7418 "$P_SRV event=1 tickets=1 auth_mode=none" \ 7419 "$P_CLI force_version=tls12 event=1 tickets=1 reconnect=1" \ 7420 0 \ 7421 -S "mbedtls_ssl_handshake returned" \ 7422 -C "mbedtls_ssl_handshake returned" \ 7423 -c "Read from server: .* bytes read" 7424 7425 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 7426 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 7427 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED 7428 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 7429 run_test "Event-driven I/O: TLS 1.3 + ticket + resume" \ 7430 "$P_SRV event=1 tickets=1 auth_mode=none" \ 7431 "$P_CLI event=1 tickets=1 new_session_tickets=1 reconnect=1" \ 7432 0 \ 7433 -S "mbedtls_ssl_handshake returned" \ 7434 -C "mbedtls_ssl_handshake returned" \ 7435 -c "Read from server: .* bytes read" 7436 7437 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 7438 run_test "Event-driven I/O: session-id resume" \ 7439 "$P_SRV event=1 tickets=0 auth_mode=none" \ 7440 "$P_CLI force_version=tls12 event=1 tickets=0 reconnect=1" \ 7441 0 \ 7442 -S "mbedtls_ssl_handshake returned" \ 7443 -C "mbedtls_ssl_handshake returned" \ 7444 -c "Read from server: .* bytes read" 7445 7446 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7447 run_test "Event-driven I/O, DTLS: basic handshake" \ 7448 "$P_SRV dtls=1 event=1 tickets=0 auth_mode=none" \ 7449 "$P_CLI dtls=1 event=1 tickets=0" \ 7450 0 \ 7451 -c "Read from server: .* bytes read" 7452 7453 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7454 run_test "Event-driven I/O, DTLS: client auth" \ 7455 "$P_SRV dtls=1 event=1 tickets=0 auth_mode=required" \ 7456 "$P_CLI dtls=1 event=1 tickets=0" \ 7457 0 \ 7458 -c "Read from server: .* bytes read" 7459 7460 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7461 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 7462 run_test "Event-driven I/O, DTLS: ticket" \ 7463 "$P_SRV dtls=1 event=1 tickets=1 auth_mode=none" \ 7464 "$P_CLI dtls=1 event=1 tickets=1" \ 7465 0 \ 7466 -c "Read from server: .* bytes read" 7467 7468 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7469 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 7470 run_test "Event-driven I/O, DTLS: ticket + client auth" \ 7471 "$P_SRV dtls=1 event=1 tickets=1 auth_mode=required" \ 7472 "$P_CLI dtls=1 event=1 tickets=1" \ 7473 0 \ 7474 -c "Read from server: .* bytes read" 7475 7476 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7477 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 7478 run_test "Event-driven I/O, DTLS: ticket + client auth + resume" \ 7479 "$P_SRV dtls=1 event=1 tickets=1 auth_mode=required" \ 7480 "$P_CLI dtls=1 event=1 tickets=1 reconnect=1 skip_close_notify=1" \ 7481 0 \ 7482 -c "Read from server: .* bytes read" 7483 7484 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7485 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 7486 run_test "Event-driven I/O, DTLS: ticket + resume" \ 7487 "$P_SRV dtls=1 event=1 tickets=1 auth_mode=none" \ 7488 "$P_CLI dtls=1 event=1 tickets=1 reconnect=1 skip_close_notify=1" \ 7489 0 \ 7490 -c "Read from server: .* bytes read" 7491 7492 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7493 run_test "Event-driven I/O, DTLS: session-id resume" \ 7494 "$P_SRV dtls=1 event=1 tickets=0 auth_mode=none" \ 7495 "$P_CLI dtls=1 event=1 tickets=0 reconnect=1 skip_close_notify=1" \ 7496 0 \ 7497 -c "Read from server: .* bytes read" 7498 7499 # This test demonstrates the need for the mbedtls_ssl_check_pending function. 7500 # During session resumption, the client will send its ApplicationData record 7501 # within the same datagram as the Finished messages. In this situation, the 7502 # server MUST NOT idle on the underlying transport after handshake completion, 7503 # because the ApplicationData request has already been queued internally. 7504 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7505 run_test "Event-driven I/O, DTLS: session-id resume, UDP packing" \ 7506 -p "$P_PXY pack=50" \ 7507 "$P_SRV dtls=1 event=1 tickets=0 auth_mode=required" \ 7508 "$P_CLI dtls=1 event=1 tickets=0 reconnect=1 skip_close_notify=1" \ 7509 0 \ 7510 -c "Read from server: .* bytes read" 7511 7512 # Tests for version negotiation. Some information to ease the understanding 7513 # of the version negotiation test titles below: 7514 # . 1.2/1.3 means that only TLS 1.2/TLS 1.3 is enabled. 7515 # . 1.2+1.3 means that both TLS 1.2 and TLS 1.3 are enabled. 7516 # . 1.2+(1.3)/(1.2)+1.3 means that TLS 1.2/1.3 is enabled and that 7517 # TLS 1.3/1.2 may be enabled or not. 7518 # . max=1.2 means that both TLS 1.2 and TLS 1.3 are enabled at build time but 7519 # TLS 1.3 is disabled at runtime (maximum negotiable version is TLS 1.2). 7520 # . min=1.3 means that both TLS 1.2 and TLS 1.3 are enabled at build time but 7521 # TLS 1.2 is disabled at runtime (minimum negotiable version is TLS 1.3). 7522 7523 # Tests for version negotiation, MbedTLS client and server 7524 7525 requires_config_enabled MBEDTLS_SSL_CLI_C 7526 requires_config_enabled MBEDTLS_SSL_SRV_C 7527 requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_3 7528 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 7529 run_test "Version nego m->m: cli 1.2, srv 1.2 -> 1.2" \ 7530 "$P_SRV" \ 7531 "$P_CLI" \ 7532 0 \ 7533 -S "mbedtls_ssl_handshake returned" \ 7534 -C "mbedtls_ssl_handshake returned" \ 7535 -s "Protocol is TLSv1.2" \ 7536 -c "Protocol is TLSv1.2" 7537 7538 requires_config_enabled MBEDTLS_SSL_CLI_C 7539 requires_config_enabled MBEDTLS_SSL_SRV_C 7540 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7541 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 7542 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 7543 run_test "Version nego m->m: cli max=1.2, srv max=1.2 -> 1.2" \ 7544 "$P_SRV max_version=tls12" \ 7545 "$P_CLI max_version=tls12" \ 7546 0 \ 7547 -S "mbedtls_ssl_handshake returned" \ 7548 -C "mbedtls_ssl_handshake returned" \ 7549 -s "Protocol is TLSv1.2" \ 7550 -c "Protocol is TLSv1.2" 7551 7552 requires_config_enabled MBEDTLS_SSL_CLI_C 7553 requires_config_enabled MBEDTLS_SSL_SRV_C 7554 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 7555 requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2 7556 run_test "Version nego m->m: cli 1.3, srv 1.3 -> 1.3" \ 7557 "$P_SRV" \ 7558 "$P_CLI" \ 7559 0 \ 7560 -S "mbedtls_ssl_handshake returned" \ 7561 -C "mbedtls_ssl_handshake returned" \ 7562 -s "Protocol is TLSv1.3" \ 7563 -c "Protocol is TLSv1.3" 7564 7565 requires_config_enabled MBEDTLS_SSL_CLI_C 7566 requires_config_enabled MBEDTLS_SSL_SRV_C 7567 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7568 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 7569 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 7570 run_test "Version nego m->m: cli min=1.3, srv min=1.3 -> 1.3" \ 7571 "$P_SRV min_version=tls13" \ 7572 "$P_CLI min_version=tls13" \ 7573 0 \ 7574 -S "mbedtls_ssl_handshake returned" \ 7575 -C "mbedtls_ssl_handshake returned" \ 7576 -s "Protocol is TLSv1.3" \ 7577 -c "Protocol is TLSv1.3" 7578 7579 requires_config_enabled MBEDTLS_SSL_CLI_C 7580 requires_config_enabled MBEDTLS_SSL_SRV_C 7581 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7582 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 7583 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 7584 run_test "Version nego m->m: cli 1.2+1.3, srv 1.2+1.3 -> 1.3" \ 7585 "$P_SRV" \ 7586 "$P_CLI" \ 7587 0 \ 7588 -S "mbedtls_ssl_handshake returned" \ 7589 -C "mbedtls_ssl_handshake returned" \ 7590 -s "Protocol is TLSv1.3" \ 7591 -c "Protocol is TLSv1.3" 7592 7593 requires_config_enabled MBEDTLS_SSL_CLI_C 7594 requires_config_enabled MBEDTLS_SSL_SRV_C 7595 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7596 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 7597 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 7598 run_test "Version nego m->m: cli 1.2+1.3, srv min=1.3 -> 1.3" \ 7599 "$P_SRV min_version=tls13" \ 7600 "$P_CLI" \ 7601 0 \ 7602 -S "mbedtls_ssl_handshake returned" \ 7603 -C "mbedtls_ssl_handshake returned" \ 7604 -s "Protocol is TLSv1.3" \ 7605 -c "Protocol is TLSv1.3" 7606 7607 requires_config_enabled MBEDTLS_SSL_CLI_C 7608 requires_config_enabled MBEDTLS_SSL_SRV_C 7609 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7610 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 7611 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 7612 run_test "Version nego m->m: cli 1.2+1.3, srv max=1.2 -> 1.2" \ 7613 "$P_SRV max_version=tls12" \ 7614 "$P_CLI" \ 7615 0 \ 7616 -S "mbedtls_ssl_handshake returned" \ 7617 -C "mbedtls_ssl_handshake returned" \ 7618 -s "Protocol is TLSv1.2" \ 7619 -c "Protocol is TLSv1.2" 7620 7621 requires_config_enabled MBEDTLS_SSL_CLI_C 7622 requires_config_enabled MBEDTLS_SSL_SRV_C 7623 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7624 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 7625 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 7626 run_test "Version nego m->m: cli max=1.2, srv 1.2+1.3 -> 1.2" \ 7627 "$P_SRV" \ 7628 "$P_CLI max_version=tls12" \ 7629 0 \ 7630 -S "mbedtls_ssl_handshake returned" \ 7631 -C "mbedtls_ssl_handshake returned" \ 7632 -s "Protocol is TLSv1.2" \ 7633 -c "Protocol is TLSv1.2" 7634 7635 requires_config_enabled MBEDTLS_SSL_CLI_C 7636 requires_config_enabled MBEDTLS_SSL_SRV_C 7637 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7638 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 7639 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 7640 run_test "Version nego m->m: cli min=1.3, srv 1.2+1.3 -> 1.3" \ 7641 "$P_SRV" \ 7642 "$P_CLI min_version=tls13" \ 7643 0 \ 7644 -S "mbedtls_ssl_handshake returned" \ 7645 -C "mbedtls_ssl_handshake returned" \ 7646 -s "Protocol is TLSv1.3" \ 7647 -c "Protocol is TLSv1.3" 7648 7649 requires_config_enabled MBEDTLS_SSL_CLI_C 7650 requires_config_enabled MBEDTLS_SSL_SRV_C 7651 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7652 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 7653 run_test "Not supported version m->m: cli max=1.2, srv min=1.3" \ 7654 "$P_SRV min_version=tls13" \ 7655 "$P_CLI max_version=tls12" \ 7656 1 \ 7657 -s "Handshake protocol not within min/max boundaries" \ 7658 -S "Protocol is TLSv1.2" \ 7659 -C "Protocol is TLSv1.2" \ 7660 -S "Protocol is TLSv1.3" \ 7661 -C "Protocol is TLSv1.3" 7662 7663 requires_config_enabled MBEDTLS_SSL_CLI_C 7664 requires_config_enabled MBEDTLS_SSL_SRV_C 7665 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7666 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 7667 run_test "Not supported version m->m: cli min=1.3, srv max=1.2" \ 7668 "$P_SRV max_version=tls12" \ 7669 "$P_CLI min_version=tls13" \ 7670 1 \ 7671 -s "The handshake negotiation failed" \ 7672 -S "Protocol is TLSv1.2" \ 7673 -C "Protocol is TLSv1.2" \ 7674 -S "Protocol is TLSv1.3" \ 7675 -C "Protocol is TLSv1.3" 7676 7677 # Tests of version negotiation on server side against GnuTLS client 7678 7679 requires_config_enabled MBEDTLS_SSL_SRV_C 7680 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7681 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 7682 run_test "Server version nego G->m: cli 1.2, srv 1.2+(1.3) -> 1.2" \ 7683 "$P_SRV" \ 7684 "$G_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2" \ 7685 0 \ 7686 -S "mbedtls_ssl_handshake returned" \ 7687 -s "Protocol is TLSv1.2" 7688 7689 requires_config_enabled MBEDTLS_SSL_SRV_C 7690 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7691 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 7692 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 7693 run_test "Server version nego G->m: cli 1.2, srv max=1.2 -> 1.2" \ 7694 "$P_SRV max_version=tls12" \ 7695 "$G_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2" \ 7696 0 \ 7697 -S "mbedtls_ssl_handshake returned" \ 7698 -s "Protocol is TLSv1.2" 7699 7700 requires_config_enabled MBEDTLS_SSL_SRV_C 7701 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 7702 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 7703 run_test "Server version nego G->m: cli 1.3, srv (1.2)+1.3 -> 1.3" \ 7704 "$P_SRV" \ 7705 "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3" \ 7706 0 \ 7707 -S "mbedtls_ssl_handshake returned" \ 7708 -s "Protocol is TLSv1.3" 7709 7710 requires_config_enabled MBEDTLS_SSL_SRV_C 7711 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7712 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 7713 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 7714 run_test "Server version nego G->m: cli 1.3, srv min=1.3 -> 1.3" \ 7715 "$P_SRV min_version=tls13" \ 7716 "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3" \ 7717 0 \ 7718 -S "mbedtls_ssl_handshake returned" \ 7719 -s "Protocol is TLSv1.3" 7720 7721 requires_config_enabled MBEDTLS_SSL_SRV_C 7722 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 7723 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 7724 run_test "Server version nego G->m: cli 1.2+1.3, srv (1.2)+1.3 -> 1.3" \ 7725 "$P_SRV" \ 7726 "$G_NEXT_CLI localhost --priority=NORMAL" \ 7727 0 \ 7728 -S "mbedtls_ssl_handshake returned" \ 7729 -s "Protocol is TLSv1.3" 7730 7731 requires_gnutls_next_disable_tls13_compat 7732 requires_config_enabled MBEDTLS_SSL_SRV_C 7733 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 7734 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 7735 run_test "Server version nego G->m (no compat): cli 1.2+1.3, srv (1.2)+1.3 -> 1.3" \ 7736 "$P_SRV" \ 7737 "$G_NEXT_CLI localhost --priority=NORMAL:%DISABLE_TLS13_COMPAT_MODE" \ 7738 0 \ 7739 -S "mbedtls_ssl_handshake returned" \ 7740 -s "Protocol is TLSv1.3" 7741 7742 # GnuTLS can be setup to send a ClientHello containing a supported versions 7743 # extension proposing TLS 1.2 (preferred) and then TLS 1.3. In that case, 7744 # a TLS 1.3 and TLS 1.2 capable server is supposed to negotiate TLS 1.2 and 7745 # to indicate in the ServerHello that it downgrades from TLS 1.3. The GnuTLS 7746 # client then detects the downgrade indication and aborts the handshake even 7747 # if TLS 1.2 was its preferred version. Keeping the test even if the 7748 # handshake fails eventually as it exercices parts of the Mbed TLS 7749 # implementation that are otherwise not exercised. 7750 requires_config_enabled MBEDTLS_SSL_SRV_C 7751 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7752 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 7753 run_test "Server version nego G->m: cli 1.2+1.3 (1.2 preferred!), srv 1.2+1.3 -> 1.2" \ 7754 "$P_SRV" \ 7755 "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:+VERS-TLS1.3" \ 7756 1 \ 7757 -c "Detected downgrade to TLS 1.2 from TLS 1.3" 7758 7759 requires_config_enabled MBEDTLS_SSL_SRV_C 7760 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7761 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 7762 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 7763 run_test "Server version nego G->m: cli 1.2+1.3, srv min=1.3 -> 1.3" \ 7764 "$P_SRV min_version=tls13" \ 7765 "$G_NEXT_CLI localhost --priority=NORMAL" \ 7766 0 \ 7767 -S "mbedtls_ssl_handshake returned" \ 7768 -s "Protocol is TLSv1.3" 7769 7770 requires_config_enabled MBEDTLS_SSL_SRV_C 7771 requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_3 7772 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 7773 run_test "Server version nego G->m: cli 1.2+1.3, srv 1.2 -> 1.2" \ 7774 "$P_SRV" \ 7775 "$G_NEXT_CLI localhost --priority=NORMAL" \ 7776 0 \ 7777 -S "mbedtls_ssl_handshake returned" \ 7778 -s "Protocol is TLSv1.2" 7779 7780 requires_config_enabled MBEDTLS_SSL_SRV_C 7781 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7782 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 7783 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 7784 run_test "Server version nego G->m: cli 1.2+1.3, max=1.2 -> 1.2" \ 7785 "$P_SRV max_version=tls12" \ 7786 "$G_NEXT_CLI localhost --priority=NORMAL" \ 7787 0 \ 7788 -S "mbedtls_ssl_handshake returned" \ 7789 -s "Protocol is TLSv1.2" 7790 7791 requires_config_enabled MBEDTLS_SSL_SRV_C 7792 run_test "Not supported version G->m: cli 1.0, (1.2)+(1.3)" \ 7793 "$P_SRV" \ 7794 "$G_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.0" \ 7795 1 \ 7796 -s "Handshake protocol not within min/max boundaries" \ 7797 -S "Protocol is TLSv1.0" 7798 7799 requires_config_enabled MBEDTLS_SSL_SRV_C 7800 run_test "Not supported version G->m: cli 1.1, (1.2)+(1.3)" \ 7801 "$P_SRV" \ 7802 "$G_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.1" \ 7803 1 \ 7804 -s "Handshake protocol not within min/max boundaries" \ 7805 -S "Protocol is TLSv1.1" 7806 7807 requires_config_enabled MBEDTLS_SSL_SRV_C 7808 requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2 7809 run_test "Not supported version G->m: cli 1.2, srv 1.3" \ 7810 "$P_SRV" \ 7811 "$G_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2" \ 7812 1 \ 7813 -s "Handshake protocol not within min/max boundaries" \ 7814 -S "Protocol is TLSv1.2" 7815 7816 requires_config_enabled MBEDTLS_SSL_SRV_C 7817 requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_3 7818 run_test "Not supported version G->m: cli 1.3, srv 1.2" \ 7819 "$P_SRV" \ 7820 "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3" \ 7821 1 \ 7822 -S "Handshake protocol not within min/max boundaries" \ 7823 -s "The handshake negotiation failed" \ 7824 -S "Protocol is TLSv1.3" 7825 7826 requires_config_enabled MBEDTLS_SSL_SRV_C 7827 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7828 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 7829 run_test "Not supported version G->m: cli 1.2, srv min=1.3" \ 7830 "$P_SRV min_version=tls13" \ 7831 "$G_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2" \ 7832 1 \ 7833 -s "Handshake protocol not within min/max boundaries" \ 7834 -S "Protocol is TLSv1.2" 7835 7836 requires_config_enabled MBEDTLS_SSL_SRV_C 7837 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7838 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 7839 run_test "Not supported version G->m: cli 1.3, srv max=1.2" \ 7840 "$P_SRV max_version=tls12" \ 7841 "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3" \ 7842 1 \ 7843 -S "Handshake protocol not within min/max boundaries" \ 7844 -s "The handshake negotiation failed" \ 7845 -S "Protocol is TLSv1.3" 7846 7847 # Tests of version negotiation on server side against OpenSSL client 7848 7849 requires_config_enabled MBEDTLS_SSL_SRV_C 7850 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7851 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 7852 run_test "Server version nego O->m: cli 1.2, srv 1.2+(1.3) -> 1.2" \ 7853 "$P_SRV" \ 7854 "$O_NEXT_CLI -tls1_2" \ 7855 0 \ 7856 -S "mbedtls_ssl_handshake returned" \ 7857 -s "Protocol is TLSv1.2" 7858 7859 requires_config_enabled MBEDTLS_SSL_SRV_C 7860 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7861 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 7862 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 7863 run_test "Server version nego O->m: cli 1.2, srv max=1.2 -> 1.2" \ 7864 "$P_SRV max_version=tls12" \ 7865 "$O_NEXT_CLI -tls1_2" \ 7866 0 \ 7867 -S "mbedtls_ssl_handshake returned" \ 7868 -s "Protocol is TLSv1.2" 7869 7870 requires_openssl_tls1_3_with_compatible_ephemeral 7871 requires_config_enabled MBEDTLS_SSL_SRV_C 7872 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 7873 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 7874 run_test "Server version nego O->m: cli 1.3, srv (1.2)+1.3 -> 1.3" \ 7875 "$P_SRV" \ 7876 "$O_NEXT_CLI -tls1_3" \ 7877 0 \ 7878 -S "mbedtls_ssl_handshake returned" \ 7879 -s "Protocol is TLSv1.3" 7880 7881 requires_openssl_tls1_3_with_compatible_ephemeral 7882 requires_config_enabled MBEDTLS_SSL_SRV_C 7883 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7884 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 7885 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 7886 run_test "Server version nego O->m: cli 1.3, srv min=1.3 -> 1.3" \ 7887 "$P_SRV min_version=tls13" \ 7888 "$O_NEXT_CLI -tls1_3" \ 7889 0 \ 7890 -S "mbedtls_ssl_handshake returned" \ 7891 -s "Protocol is TLSv1.3" 7892 7893 requires_openssl_tls1_3_with_compatible_ephemeral 7894 requires_config_enabled MBEDTLS_SSL_SRV_C 7895 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 7896 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 7897 run_test "Server version nego O->m: cli 1.2+1.3, srv (1.2)+1.3 -> 1.3" \ 7898 "$P_SRV" \ 7899 "$O_NEXT_CLI" \ 7900 0 \ 7901 -S "mbedtls_ssl_handshake returned" \ 7902 -s "Protocol is TLSv1.3" 7903 7904 requires_openssl_tls1_3_with_compatible_ephemeral 7905 requires_config_enabled MBEDTLS_SSL_SRV_C 7906 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 7907 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 7908 run_test "Server version nego O->m (no compat): cli 1.2+1.3, srv (1.2)+1.3 -> 1.3" \ 7909 "$P_SRV" \ 7910 "$O_NEXT_CLI -no_middlebox" \ 7911 0 \ 7912 -S "mbedtls_ssl_handshake returned" \ 7913 -s "Protocol is TLSv1.3" 7914 7915 requires_openssl_tls1_3_with_compatible_ephemeral 7916 requires_config_enabled MBEDTLS_SSL_SRV_C 7917 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7918 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 7919 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 7920 run_test "Server version nego O->m: cli 1.2+1.3, srv min=1.3 -> 1.3" \ 7921 "$P_SRV min_version=tls13" \ 7922 "$O_NEXT_CLI" \ 7923 0 \ 7924 -S "mbedtls_ssl_handshake returned" \ 7925 -s "Protocol is TLSv1.3" 7926 7927 requires_config_enabled MBEDTLS_SSL_SRV_C 7928 requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_3 7929 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 7930 run_test "Server version nego O->m: cli 1.2+1.3, srv 1.2 -> 1.2" \ 7931 "$P_SRV" \ 7932 "$O_NEXT_CLI" \ 7933 0 \ 7934 -S "mbedtls_ssl_handshake returned" \ 7935 -s "Protocol is TLSv1.2" 7936 7937 requires_config_enabled MBEDTLS_SSL_SRV_C 7938 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7939 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 7940 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 7941 run_test "Server version nego O->m: cli 1.2+1.3, srv max=1.2 -> 1.2" \ 7942 "$P_SRV max_version=tls12" \ 7943 "$O_NEXT_CLI" \ 7944 0 \ 7945 -S "mbedtls_ssl_handshake returned" \ 7946 -s "Protocol is TLSv1.2" 7947 7948 requires_config_enabled MBEDTLS_SSL_SRV_C 7949 run_test "Not supported version O->m: cli 1.0, srv (1.2)+(1.3)" \ 7950 "$P_SRV" \ 7951 "$O_CLI -tls1" \ 7952 1 \ 7953 -s "Handshake protocol not within min/max boundaries" \ 7954 -S "Protocol is TLSv1.0" 7955 7956 requires_config_enabled MBEDTLS_SSL_SRV_C 7957 run_test "Not supported version O->m: cli 1.1, srv (1.2)+(1.3)" \ 7958 "$P_SRV" \ 7959 "$O_CLI -tls1_1" \ 7960 1 \ 7961 -s "Handshake protocol not within min/max boundaries" \ 7962 -S "Protocol is TLSv1.1" 7963 7964 requires_config_enabled MBEDTLS_SSL_SRV_C 7965 requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_2 7966 run_test "Not supported version O->m: cli 1.2, srv 1.3" \ 7967 "$P_SRV" \ 7968 "$O_NEXT_CLI -tls1_2" \ 7969 1 \ 7970 -s "Handshake protocol not within min/max boundaries" \ 7971 -S "Protocol is TLSv1.2" 7972 7973 requires_config_enabled MBEDTLS_SSL_SRV_C 7974 requires_config_disabled MBEDTLS_SSL_PROTO_TLS1_3 7975 run_test "Not supported version O->m: cli 1.3, srv 1.2" \ 7976 "$P_SRV" \ 7977 "$O_NEXT_CLI -tls1_3" \ 7978 1 \ 7979 -S "Handshake protocol not within min/max boundaries" \ 7980 -s "The handshake negotiation failed" \ 7981 -S "Protocol is TLSv1.3" 7982 7983 requires_config_enabled MBEDTLS_SSL_SRV_C 7984 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7985 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 7986 run_test "Not supported version O->m: cli 1.2, srv min=1.3" \ 7987 "$P_SRV min_version=tls13" \ 7988 "$O_NEXT_CLI -tls1_2" \ 7989 1 \ 7990 -s "Handshake protocol not within min/max boundaries" \ 7991 -S "Protocol is TLSv1.2" 7992 7993 requires_config_enabled MBEDTLS_SSL_SRV_C 7994 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 7995 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 7996 run_test "Not supported version O->m: cli 1.3, srv max=1.2" \ 7997 "$P_SRV max_version=tls12" \ 7998 "$O_NEXT_CLI -tls1_3" \ 7999 1 \ 8000 -S "Handshake protocol not within min/max boundaries" \ 8001 -s "The handshake negotiation failed" \ 8002 -S "Protocol is TLSv1.3" 8003 8004 # Tests of version negotiation on client side against GnuTLS and OpenSSL server 8005 8006 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 8007 run_test "Not supported version: srv max TLS 1.0" \ 8008 "$G_SRV --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0" \ 8009 "$P_CLI" \ 8010 1 \ 8011 -s "Error in protocol version" \ 8012 -c "Handshake protocol not within min/max boundaries" \ 8013 -S "Version: TLS1.0" \ 8014 -C "Protocol is TLSv1.0" 8015 8016 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 8017 run_test "Not supported version: srv max TLS 1.1" \ 8018 "$G_SRV --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1" \ 8019 "$P_CLI" \ 8020 1 \ 8021 -s "Error in protocol version" \ 8022 -c "Handshake protocol not within min/max boundaries" \ 8023 -S "Version: TLS1.1" \ 8024 -C "Protocol is TLSv1.1" 8025 8026 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 8027 requires_config_enabled MBEDTLS_DEBUG_C 8028 requires_config_enabled MBEDTLS_SSL_CLI_C 8029 skip_handshake_stage_check 8030 requires_gnutls_tls1_3 8031 run_test "TLS 1.3: Not supported version:gnutls: srv max TLS 1.0" \ 8032 "$G_NEXT_SRV --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0 -d 4" \ 8033 "$P_CLI debug_level=4" \ 8034 1 \ 8035 -s "Client's version: 3.3" \ 8036 -S "Version: TLS1.0" \ 8037 -C "Protocol is TLSv1.0" 8038 8039 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 8040 requires_config_enabled MBEDTLS_DEBUG_C 8041 requires_config_enabled MBEDTLS_SSL_CLI_C 8042 skip_handshake_stage_check 8043 requires_gnutls_tls1_3 8044 run_test "TLS 1.3: Not supported version:gnutls: srv max TLS 1.1" \ 8045 "$G_NEXT_SRV --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1 -d 4" \ 8046 "$P_CLI debug_level=4" \ 8047 1 \ 8048 -s "Client's version: 3.3" \ 8049 -S "Version: TLS1.1" \ 8050 -C "Protocol is TLSv1.1" 8051 8052 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 8053 requires_config_enabled MBEDTLS_DEBUG_C 8054 requires_config_enabled MBEDTLS_SSL_CLI_C 8055 skip_handshake_stage_check 8056 requires_gnutls_tls1_3 8057 run_test "TLS 1.3: Not supported version:gnutls: srv max TLS 1.2" \ 8058 "$G_NEXT_SRV --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2 -d 4" \ 8059 "$P_CLI force_version=tls13 debug_level=4" \ 8060 1 \ 8061 -s "Client's version: 3.3" \ 8062 -c "is a fatal alert message (msg 40)" \ 8063 -S "Version: TLS1.2" \ 8064 -C "Protocol is TLSv1.2" 8065 8066 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 8067 requires_config_enabled MBEDTLS_DEBUG_C 8068 requires_config_enabled MBEDTLS_SSL_CLI_C 8069 skip_handshake_stage_check 8070 requires_openssl_next 8071 run_test "TLS 1.3: Not supported version:openssl: srv max TLS 1.0" \ 8072 "$O_NEXT_SRV -msg -tls1" \ 8073 "$P_CLI debug_level=4" \ 8074 1 \ 8075 -s "fatal protocol_version" \ 8076 -c "is a fatal alert message (msg 70)" \ 8077 -S "Version: TLS1.0" \ 8078 -C "Protocol : TLSv1.0" 8079 8080 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 8081 requires_config_enabled MBEDTLS_DEBUG_C 8082 requires_config_enabled MBEDTLS_SSL_CLI_C 8083 skip_handshake_stage_check 8084 requires_openssl_next 8085 run_test "TLS 1.3: Not supported version:openssl: srv max TLS 1.1" \ 8086 "$O_NEXT_SRV -msg -tls1_1" \ 8087 "$P_CLI debug_level=4" \ 8088 1 \ 8089 -s "fatal protocol_version" \ 8090 -c "is a fatal alert message (msg 70)" \ 8091 -S "Version: TLS1.1" \ 8092 -C "Protocol : TLSv1.1" 8093 8094 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 8095 requires_config_enabled MBEDTLS_DEBUG_C 8096 requires_config_enabled MBEDTLS_SSL_CLI_C 8097 skip_handshake_stage_check 8098 requires_openssl_next 8099 run_test "TLS 1.3: Not supported version:openssl: srv max TLS 1.2" \ 8100 "$O_NEXT_SRV -msg -tls1_2" \ 8101 "$P_CLI force_version=tls13 debug_level=4" \ 8102 1 \ 8103 -s "fatal protocol_version" \ 8104 -c "is a fatal alert message (msg 70)" \ 8105 -S "Version: TLS1.2" \ 8106 -C "Protocol : TLSv1.2" 8107 8108 # Tests for ALPN extension 8109 8110 run_test "ALPN: none" \ 8111 "$P_SRV debug_level=3" \ 8112 "$P_CLI debug_level=3" \ 8113 0 \ 8114 -C "client hello, adding alpn extension" \ 8115 -S "found alpn extension" \ 8116 -C "got an alert message, type: \\[2:120]" \ 8117 -S "server side, adding alpn extension" \ 8118 -C "found alpn extension " \ 8119 -C "Application Layer Protocol is" \ 8120 -S "Application Layer Protocol is" 8121 8122 run_test "ALPN: client only" \ 8123 "$P_SRV debug_level=3" \ 8124 "$P_CLI debug_level=3 alpn=abc,1234" \ 8125 0 \ 8126 -c "client hello, adding alpn extension" \ 8127 -s "found alpn extension" \ 8128 -C "got an alert message, type: \\[2:120]" \ 8129 -S "server side, adding alpn extension" \ 8130 -C "found alpn extension " \ 8131 -c "Application Layer Protocol is (none)" \ 8132 -S "Application Layer Protocol is" 8133 8134 run_test "ALPN: server only" \ 8135 "$P_SRV debug_level=3 alpn=abc,1234" \ 8136 "$P_CLI debug_level=3" \ 8137 0 \ 8138 -C "client hello, adding alpn extension" \ 8139 -S "found alpn extension" \ 8140 -C "got an alert message, type: \\[2:120]" \ 8141 -S "server side, adding alpn extension" \ 8142 -C "found alpn extension " \ 8143 -C "Application Layer Protocol is" \ 8144 -s "Application Layer Protocol is (none)" 8145 8146 run_test "ALPN: both, common cli1-srv1" \ 8147 "$P_SRV debug_level=3 alpn=abc,1234" \ 8148 "$P_CLI debug_level=3 alpn=abc,1234" \ 8149 0 \ 8150 -c "client hello, adding alpn extension" \ 8151 -s "found alpn extension" \ 8152 -C "got an alert message, type: \\[2:120]" \ 8153 -s "server side, adding alpn extension" \ 8154 -c "found alpn extension" \ 8155 -c "Application Layer Protocol is abc" \ 8156 -s "Application Layer Protocol is abc" 8157 8158 run_test "ALPN: both, common cli2-srv1" \ 8159 "$P_SRV debug_level=3 alpn=abc,1234" \ 8160 "$P_CLI debug_level=3 alpn=1234,abc" \ 8161 0 \ 8162 -c "client hello, adding alpn extension" \ 8163 -s "found alpn extension" \ 8164 -C "got an alert message, type: \\[2:120]" \ 8165 -s "server side, adding alpn extension" \ 8166 -c "found alpn extension" \ 8167 -c "Application Layer Protocol is abc" \ 8168 -s "Application Layer Protocol is abc" 8169 8170 run_test "ALPN: both, common cli1-srv2" \ 8171 "$P_SRV debug_level=3 alpn=abc,1234" \ 8172 "$P_CLI debug_level=3 alpn=1234,abcde" \ 8173 0 \ 8174 -c "client hello, adding alpn extension" \ 8175 -s "found alpn extension" \ 8176 -C "got an alert message, type: \\[2:120]" \ 8177 -s "server side, adding alpn extension" \ 8178 -c "found alpn extension" \ 8179 -c "Application Layer Protocol is 1234" \ 8180 -s "Application Layer Protocol is 1234" 8181 8182 run_test "ALPN: both, no common" \ 8183 "$P_SRV debug_level=3 alpn=abc,123" \ 8184 "$P_CLI debug_level=3 alpn=1234,abcde" \ 8185 1 \ 8186 -c "client hello, adding alpn extension" \ 8187 -s "found alpn extension" \ 8188 -c "got an alert message, type: \\[2:120]" \ 8189 -S "server side, adding alpn extension" \ 8190 -C "found alpn extension" \ 8191 -C "Application Layer Protocol is 1234" \ 8192 -S "Application Layer Protocol is 1234" 8193 8194 8195 # Tests for keyUsage in leaf certificates, part 1: 8196 # server-side certificate/suite selection 8197 # 8198 # This is only about 1.2 (for 1.3, all key exchanges use signatures). 8199 # In 4.0 this will probably go away as all TLS 1.2 key exchanges will use 8200 # signatures too, following the removal of RSA #8170 and static ECDH #9201. 8201 8202 run_test "keyUsage srv 1.2: RSA, digitalSignature -> (EC)DHE-RSA" \ 8203 "$P_SRV force_version=tls12 key_file=$DATA_FILES_PATH/server2.key \ 8204 crt_file=$DATA_FILES_PATH/server2.ku-ds.crt" \ 8205 "$P_CLI" \ 8206 0 \ 8207 -c "Ciphersuite is TLS-[EC]*DHE-RSA-WITH-" 8208 8209 run_test "keyUsage srv 1.2: RSA, keyEncipherment -> RSA" \ 8210 "$P_SRV force_version=tls12 key_file=$DATA_FILES_PATH/server2.key \ 8211 crt_file=$DATA_FILES_PATH/server2.ku-ke.crt" \ 8212 "$P_CLI" \ 8213 0 \ 8214 -c "Ciphersuite is TLS-RSA-WITH-" 8215 8216 run_test "keyUsage srv 1.2: RSA, keyAgreement -> fail" \ 8217 "$P_SRV force_version=tls12 key_file=$DATA_FILES_PATH/server2.key \ 8218 crt_file=$DATA_FILES_PATH/server2.ku-ka.crt" \ 8219 "$P_CLI" \ 8220 1 \ 8221 -C "Ciphersuite is " 8222 8223 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED 8224 run_test "keyUsage srv 1.2: ECC, digitalSignature -> ECDHE-ECDSA" \ 8225 "$P_SRV force_version=tls12 key_file=$DATA_FILES_PATH/server5.key \ 8226 crt_file=$DATA_FILES_PATH/server5.ku-ds.crt" \ 8227 "$P_CLI" \ 8228 0 \ 8229 -c "Ciphersuite is TLS-ECDHE-ECDSA-WITH-" 8230 8231 8232 run_test "keyUsage srv 1.2: ECC, keyAgreement -> ECDH-" \ 8233 "$P_SRV force_version=tls12 key_file=$DATA_FILES_PATH/server5.key \ 8234 crt_file=$DATA_FILES_PATH/server5.ku-ka.crt" \ 8235 "$P_CLI" \ 8236 0 \ 8237 -c "Ciphersuite is TLS-ECDH-" 8238 8239 run_test "keyUsage srv 1.2: ECC, keyEncipherment -> fail" \ 8240 "$P_SRV force_version=tls12 key_file=$DATA_FILES_PATH/server5.key \ 8241 crt_file=$DATA_FILES_PATH/server5.ku-ke.crt" \ 8242 "$P_CLI" \ 8243 1 \ 8244 -C "Ciphersuite is " 8245 8246 # Tests for keyUsage in leaf certificates, part 2: 8247 # client-side checking of server cert 8248 # 8249 # TLS 1.3 uses only signature, but for 1.2 it depends on the key exchange. 8250 # In 4.0 this will probably change as all TLS 1.2 key exchanges will use 8251 # signatures too, following the removal of RSA #8170 and static ECDH #9201. 8252 8253 run_test "keyUsage cli 1.2: DigitalSignature+KeyEncipherment, RSA: OK" \ 8254 "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \ 8255 -cert $DATA_FILES_PATH/server2.ku-ds_ke.crt" \ 8256 "$P_CLI debug_level=1 \ 8257 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ 8258 0 \ 8259 -C "bad certificate (usage extensions)" \ 8260 -C "Processing of the Certificate handshake message failed" \ 8261 -c "Ciphersuite is TLS-" 8262 8263 run_test "keyUsage cli 1.2: DigitalSignature+KeyEncipherment, DHE-RSA: OK" \ 8264 "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \ 8265 -cert $DATA_FILES_PATH/server2.ku-ds_ke.crt" \ 8266 "$P_CLI debug_level=1 \ 8267 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ 8268 0 \ 8269 -C "bad certificate (usage extensions)" \ 8270 -C "Processing of the Certificate handshake message failed" \ 8271 -c "Ciphersuite is TLS-" 8272 8273 run_test "keyUsage cli 1.2: KeyEncipherment, RSA: OK" \ 8274 "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \ 8275 -cert $DATA_FILES_PATH/server2.ku-ke.crt" \ 8276 "$P_CLI debug_level=1 \ 8277 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ 8278 0 \ 8279 -C "bad certificate (usage extensions)" \ 8280 -C "Processing of the Certificate handshake message failed" \ 8281 -c "Ciphersuite is TLS-" 8282 8283 run_test "keyUsage cli 1.2: KeyEncipherment, DHE-RSA: fail (hard)" \ 8284 "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \ 8285 -cert $DATA_FILES_PATH/server2.ku-ke.crt" \ 8286 "$P_CLI debug_level=3 \ 8287 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ 8288 1 \ 8289 -c "bad certificate (usage extensions)" \ 8290 -c "Processing of the Certificate handshake message failed" \ 8291 -C "Ciphersuite is TLS-" \ 8292 -c "send alert level=2 message=43" \ 8293 -c "! Usage does not match the keyUsage extension" 8294 # MBEDTLS_X509_BADCERT_KEY_USAGE -> MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT 8295 8296 run_test "keyUsage cli 1.2: KeyEncipherment, DHE-RSA: fail (soft)" \ 8297 "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \ 8298 -cert $DATA_FILES_PATH/server2.ku-ke.crt" \ 8299 "$P_CLI debug_level=3 auth_mode=optional \ 8300 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ 8301 0 \ 8302 -c "bad certificate (usage extensions)" \ 8303 -C "Processing of the Certificate handshake message failed" \ 8304 -c "Ciphersuite is TLS-" \ 8305 -C "send alert level=2 message=43" \ 8306 -c "! Usage does not match the keyUsage extension" 8307 8308 run_test "keyUsage cli 1.2: DigitalSignature, DHE-RSA: OK" \ 8309 "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \ 8310 -cert $DATA_FILES_PATH/server2.ku-ds.crt" \ 8311 "$P_CLI debug_level=1 \ 8312 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \ 8313 0 \ 8314 -C "bad certificate (usage extensions)" \ 8315 -C "Processing of the Certificate handshake message failed" \ 8316 -c "Ciphersuite is TLS-" 8317 8318 run_test "keyUsage cli 1.2: DigitalSignature, RSA: fail (hard)" \ 8319 "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \ 8320 -cert $DATA_FILES_PATH/server2.ku-ds.crt" \ 8321 "$P_CLI debug_level=3 \ 8322 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ 8323 1 \ 8324 -c "bad certificate (usage extensions)" \ 8325 -c "Processing of the Certificate handshake message failed" \ 8326 -C "Ciphersuite is TLS-" \ 8327 -c "send alert level=2 message=43" \ 8328 -c "! Usage does not match the keyUsage extension" 8329 # MBEDTLS_X509_BADCERT_KEY_USAGE -> MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT 8330 8331 run_test "keyUsage cli 1.2: DigitalSignature, RSA: fail (soft)" \ 8332 "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server2.key \ 8333 -cert $DATA_FILES_PATH/server2.ku-ds.crt" \ 8334 "$P_CLI debug_level=3 auth_mode=optional \ 8335 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ 8336 0 \ 8337 -c "bad certificate (usage extensions)" \ 8338 -C "Processing of the Certificate handshake message failed" \ 8339 -c "Ciphersuite is TLS-" \ 8340 -C "send alert level=2 message=43" \ 8341 -c "! Usage does not match the keyUsage extension" 8342 8343 requires_openssl_tls1_3_with_compatible_ephemeral 8344 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 8345 run_test "keyUsage cli 1.3: DigitalSignature, RSA: OK" \ 8346 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key $DATA_FILES_PATH/server2.key \ 8347 -cert $DATA_FILES_PATH/server2-sha256.ku-ds.crt" \ 8348 "$P_CLI debug_level=3" \ 8349 0 \ 8350 -C "bad certificate (usage extensions)" \ 8351 -C "Processing of the Certificate handshake message failed" \ 8352 -c "Ciphersuite is" 8353 8354 requires_openssl_tls1_3_with_compatible_ephemeral 8355 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 8356 run_test "keyUsage cli 1.3: DigitalSignature+KeyEncipherment, RSA: OK" \ 8357 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key $DATA_FILES_PATH/server2.key \ 8358 -cert $DATA_FILES_PATH/server2-sha256.ku-ds_ke.crt" \ 8359 "$P_CLI debug_level=3" \ 8360 0 \ 8361 -C "bad certificate (usage extensions)" \ 8362 -C "Processing of the Certificate handshake message failed" \ 8363 -c "Ciphersuite is" 8364 8365 requires_openssl_tls1_3_with_compatible_ephemeral 8366 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 8367 run_test "keyUsage cli 1.3: KeyEncipherment, RSA: fail (hard)" \ 8368 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key $DATA_FILES_PATH/server2.key \ 8369 -cert $DATA_FILES_PATH/server2-sha256.ku-ke.crt" \ 8370 "$P_CLI debug_level=3" \ 8371 1 \ 8372 -c "bad certificate (usage extensions)" \ 8373 -c "Processing of the Certificate handshake message failed" \ 8374 -C "Ciphersuite is" \ 8375 -c "send alert level=2 message=43" \ 8376 -c "! Usage does not match the keyUsage extension" 8377 # MBEDTLS_X509_BADCERT_KEY_USAGE -> MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT 8378 8379 requires_openssl_tls1_3_with_compatible_ephemeral 8380 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 8381 run_test "keyUsage cli 1.3: KeyAgreement, RSA: fail (hard)" \ 8382 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key $DATA_FILES_PATH/server2.key \ 8383 -cert $DATA_FILES_PATH/server2-sha256.ku-ka.crt" \ 8384 "$P_CLI debug_level=3" \ 8385 1 \ 8386 -c "bad certificate (usage extensions)" \ 8387 -c "Processing of the Certificate handshake message failed" \ 8388 -C "Ciphersuite is" \ 8389 -c "send alert level=2 message=43" \ 8390 -c "! Usage does not match the keyUsage extension" 8391 # MBEDTLS_X509_BADCERT_KEY_USAGE -> MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT 8392 8393 requires_openssl_tls1_3_with_compatible_ephemeral 8394 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 8395 run_test "keyUsage cli 1.3: DigitalSignature, ECDSA: OK" \ 8396 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key $DATA_FILES_PATH/server5.key \ 8397 -cert $DATA_FILES_PATH/server5.ku-ds.crt" \ 8398 "$P_CLI debug_level=3" \ 8399 0 \ 8400 -C "bad certificate (usage extensions)" \ 8401 -C "Processing of the Certificate handshake message failed" \ 8402 -c "Ciphersuite is" 8403 8404 requires_openssl_tls1_3_with_compatible_ephemeral 8405 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 8406 run_test "keyUsage cli 1.3: KeyEncipherment, ECDSA: fail (hard)" \ 8407 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key $DATA_FILES_PATH/server5.key \ 8408 -cert $DATA_FILES_PATH/server5.ku-ke.crt" \ 8409 "$P_CLI debug_level=3" \ 8410 1 \ 8411 -c "bad certificate (usage extensions)" \ 8412 -c "Processing of the Certificate handshake message failed" \ 8413 -C "Ciphersuite is" \ 8414 -c "send alert level=2 message=43" \ 8415 -c "! Usage does not match the keyUsage extension" 8416 # MBEDTLS_X509_BADCERT_KEY_USAGE -> MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT 8417 8418 requires_openssl_tls1_3_with_compatible_ephemeral 8419 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 8420 run_test "keyUsage cli 1.3: KeyAgreement, ECDSA: fail (hard)" \ 8421 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key $DATA_FILES_PATH/server5.key \ 8422 -cert $DATA_FILES_PATH/server5.ku-ka.crt" \ 8423 "$P_CLI debug_level=3" \ 8424 1 \ 8425 -c "bad certificate (usage extensions)" \ 8426 -c "Processing of the Certificate handshake message failed" \ 8427 -C "Ciphersuite is" \ 8428 -c "send alert level=2 message=43" \ 8429 -c "! Usage does not match the keyUsage extension" 8430 # MBEDTLS_X509_BADCERT_KEY_USAGE -> MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT 8431 8432 # Tests for keyUsage in leaf certificates, part 3: 8433 # server-side checking of client cert 8434 # 8435 # Here, both 1.2 and 1.3 only use signatures. 8436 8437 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 8438 run_test "keyUsage cli-auth 1.2: RSA, DigitalSignature: OK" \ 8439 "$P_SRV debug_level=1 auth_mode=optional" \ 8440 "$O_CLI -tls1_2 -key $DATA_FILES_PATH/server2.key \ 8441 -cert $DATA_FILES_PATH/server2.ku-ds.crt" \ 8442 0 \ 8443 -s "Verifying peer X.509 certificate... ok" \ 8444 -S "bad certificate (usage extensions)" \ 8445 -S "Processing of the Certificate handshake message failed" 8446 8447 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 8448 run_test "keyUsage cli-auth 1.2: RSA, DigitalSignature+KeyEncipherment: OK" \ 8449 "$P_SRV debug_level=1 auth_mode=optional" \ 8450 "$O_CLI -tls1_2 -key $DATA_FILES_PATH/server2.key \ 8451 -cert $DATA_FILES_PATH/server2.ku-ds_ke.crt" \ 8452 0 \ 8453 -s "Verifying peer X.509 certificate... ok" \ 8454 -S "bad certificate (usage extensions)" \ 8455 -S "Processing of the Certificate handshake message failed" 8456 8457 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 8458 run_test "keyUsage cli-auth 1.2: RSA, KeyEncipherment: fail (soft)" \ 8459 "$P_SRV debug_level=3 auth_mode=optional" \ 8460 "$O_CLI -tls1_2 -key $DATA_FILES_PATH/server2.key \ 8461 -cert $DATA_FILES_PATH/server2.ku-ke.crt" \ 8462 0 \ 8463 -s "bad certificate (usage extensions)" \ 8464 -S "send alert level=2 message=43" \ 8465 -s "! Usage does not match the keyUsage extension" \ 8466 -S "Processing of the Certificate handshake message failed" 8467 8468 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 8469 run_test "keyUsage cli-auth 1.2: RSA, KeyEncipherment: fail (hard)" \ 8470 "$P_SRV debug_level=3 force_version=tls12 auth_mode=required" \ 8471 "$O_CLI -tls1_2 -key $DATA_FILES_PATH/server2.key \ 8472 -cert $DATA_FILES_PATH/server2.ku-ke.crt" \ 8473 1 \ 8474 -s "bad certificate (usage extensions)" \ 8475 -s "send alert level=2 message=43" \ 8476 -s "! Usage does not match the keyUsage extension" \ 8477 -s "Processing of the Certificate handshake message failed" 8478 # MBEDTLS_X509_BADCERT_KEY_USAGE -> MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT 8479 8480 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 8481 run_test "keyUsage cli-auth 1.2: ECDSA, DigitalSignature: OK" \ 8482 "$P_SRV debug_level=1 auth_mode=optional" \ 8483 "$O_CLI -tls1_2 -key $DATA_FILES_PATH/server5.key \ 8484 -cert $DATA_FILES_PATH/server5.ku-ds.crt" \ 8485 0 \ 8486 -s "Verifying peer X.509 certificate... ok" \ 8487 -S "bad certificate (usage extensions)" \ 8488 -S "Processing of the Certificate handshake message failed" 8489 8490 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 8491 run_test "keyUsage cli-auth 1.2: ECDSA, KeyAgreement: fail (soft)" \ 8492 "$P_SRV debug_level=3 auth_mode=optional" \ 8493 "$O_CLI -tls1_2 -key $DATA_FILES_PATH/server5.key \ 8494 -cert $DATA_FILES_PATH/server5.ku-ka.crt" \ 8495 0 \ 8496 -s "bad certificate (usage extensions)" \ 8497 -S "send alert level=2 message=43" \ 8498 -s "! Usage does not match the keyUsage extension" \ 8499 -S "Processing of the Certificate handshake message failed" 8500 8501 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 8502 run_test "keyUsage cli-auth 1.2: ECDSA, KeyAgreement: fail (hard)" \ 8503 "$P_SRV debug_level=3 auth_mode=required" \ 8504 "$O_CLI -tls1_2 -key $DATA_FILES_PATH/server5.key \ 8505 -cert $DATA_FILES_PATH/server5.ku-ka.crt" \ 8506 1 \ 8507 -s "bad certificate (usage extensions)" \ 8508 -s "send alert level=2 message=43" \ 8509 -s "! Usage does not match the keyUsage extension" \ 8510 -s "Processing of the Certificate handshake message failed" 8511 # MBEDTLS_X509_BADCERT_KEY_USAGE -> MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT 8512 8513 requires_openssl_tls1_3_with_compatible_ephemeral 8514 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 8515 run_test "keyUsage cli-auth 1.3: RSA, DigitalSignature: OK" \ 8516 "$P_SRV debug_level=1 force_version=tls13 auth_mode=optional" \ 8517 "$O_NEXT_CLI_NO_CERT -key $DATA_FILES_PATH/server2.key \ 8518 -cert $DATA_FILES_PATH/server2-sha256.ku-ds.crt" \ 8519 0 \ 8520 -s "Verifying peer X.509 certificate... ok" \ 8521 -S "bad certificate (usage extensions)" \ 8522 -S "Processing of the Certificate handshake message failed" 8523 8524 requires_openssl_tls1_3_with_compatible_ephemeral 8525 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 8526 run_test "keyUsage cli-auth 1.3: RSA, DigitalSignature+KeyEncipherment: OK" \ 8527 "$P_SRV debug_level=1 force_version=tls13 auth_mode=optional" \ 8528 "$O_NEXT_CLI_NO_CERT -key $DATA_FILES_PATH/server2.key \ 8529 -cert $DATA_FILES_PATH/server2-sha256.ku-ds_ke.crt" \ 8530 0 \ 8531 -s "Verifying peer X.509 certificate... ok" \ 8532 -S "bad certificate (usage extensions)" \ 8533 -S "Processing of the Certificate handshake message failed" 8534 8535 requires_openssl_tls1_3_with_compatible_ephemeral 8536 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 8537 run_test "keyUsage cli-auth 1.3: RSA, KeyEncipherment: fail (soft)" \ 8538 "$P_SRV debug_level=3 force_version=tls13 auth_mode=optional" \ 8539 "$O_NEXT_CLI_NO_CERT -key $DATA_FILES_PATH/server2.key \ 8540 -cert $DATA_FILES_PATH/server2-sha256.ku-ke.crt" \ 8541 0 \ 8542 -s "bad certificate (usage extensions)" \ 8543 -S "send alert level=2 message=43" \ 8544 -s "! Usage does not match the keyUsage extension" \ 8545 -S "Processing of the Certificate handshake message failed" 8546 8547 requires_openssl_tls1_3_with_compatible_ephemeral 8548 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 8549 run_test "keyUsage cli-auth 1.3: RSA, KeyEncipherment: fail (hard)" \ 8550 "$P_SRV debug_level=3 force_version=tls13 auth_mode=required" \ 8551 "$P_CLI key_file=$DATA_FILES_PATH/server2.key \ 8552 crt_file=$DATA_FILES_PATH/server2-sha256.ku-ke.crt" \ 8553 1 \ 8554 -s "bad certificate (usage extensions)" \ 8555 -s "Processing of the Certificate handshake message failed" \ 8556 -s "send alert level=2 message=43" \ 8557 -s "! Usage does not match the keyUsage extension" \ 8558 -s "! mbedtls_ssl_handshake returned" 8559 # MBEDTLS_X509_BADCERT_KEY_USAGE -> MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT 8560 8561 requires_openssl_tls1_3_with_compatible_ephemeral 8562 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 8563 run_test "keyUsage cli-auth 1.3: ECDSA, DigitalSignature: OK" \ 8564 "$P_SRV debug_level=1 force_version=tls13 auth_mode=optional" \ 8565 "$O_NEXT_CLI_NO_CERT -key $DATA_FILES_PATH/server5.key \ 8566 -cert $DATA_FILES_PATH/server5.ku-ds.crt" \ 8567 0 \ 8568 -s "Verifying peer X.509 certificate... ok" \ 8569 -S "bad certificate (usage extensions)" \ 8570 -S "Processing of the Certificate handshake message failed" 8571 8572 requires_openssl_tls1_3_with_compatible_ephemeral 8573 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 8574 run_test "keyUsage cli-auth 1.3: ECDSA, KeyAgreement: fail (soft)" \ 8575 "$P_SRV debug_level=3 force_version=tls13 auth_mode=optional" \ 8576 "$O_NEXT_CLI_NO_CERT -key $DATA_FILES_PATH/server5.key \ 8577 -cert $DATA_FILES_PATH/server5.ku-ka.crt" \ 8578 0 \ 8579 -s "bad certificate (usage extensions)" \ 8580 -s "! Usage does not match the keyUsage extension" \ 8581 -S "Processing of the Certificate handshake message failed" 8582 8583 requires_openssl_tls1_3_with_compatible_ephemeral 8584 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 8585 run_test "keyUsage cli-auth 1.3: ECDSA, KeyAgreement: fail (hard)" \ 8586 "$P_SRV debug_level=3 force_version=tls13 auth_mode=required" \ 8587 "$P_CLI key_file=$DATA_FILES_PATH/server5.key \ 8588 crt_file=$DATA_FILES_PATH/server5.ku-ka.crt" \ 8589 1 \ 8590 -s "bad certificate (usage extensions)" \ 8591 -s "Processing of the Certificate handshake message failed" \ 8592 -s "send alert level=2 message=43" \ 8593 -s "! Usage does not match the keyUsage extension" \ 8594 -s "! mbedtls_ssl_handshake returned" 8595 # MBEDTLS_X509_BADCERT_KEY_USAGE -> MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT 8596 8597 # Tests for extendedKeyUsage, part 1: server-side certificate/suite selection 8598 8599 run_test "extKeyUsage srv: serverAuth -> OK" \ 8600 "$P_SRV key_file=$DATA_FILES_PATH/server5.key \ 8601 crt_file=$DATA_FILES_PATH/server5.eku-srv.crt" \ 8602 "$P_CLI" \ 8603 0 8604 8605 run_test "extKeyUsage srv: serverAuth,clientAuth -> OK" \ 8606 "$P_SRV key_file=$DATA_FILES_PATH/server5.key \ 8607 crt_file=$DATA_FILES_PATH/server5.eku-srv.crt" \ 8608 "$P_CLI" \ 8609 0 8610 8611 run_test "extKeyUsage srv: codeSign,anyEKU -> OK" \ 8612 "$P_SRV key_file=$DATA_FILES_PATH/server5.key \ 8613 crt_file=$DATA_FILES_PATH/server5.eku-cs_any.crt" \ 8614 "$P_CLI" \ 8615 0 8616 8617 run_test "extKeyUsage srv: codeSign -> fail" \ 8618 "$P_SRV key_file=$DATA_FILES_PATH/server5.key \ 8619 crt_file=$DATA_FILES_PATH/server5.eku-cli.crt" \ 8620 "$P_CLI" \ 8621 1 8622 8623 # Tests for extendedKeyUsage, part 2: client-side checking of server cert 8624 8625 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 8626 run_test "extKeyUsage cli 1.2: serverAuth -> OK" \ 8627 "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server5.key \ 8628 -cert $DATA_FILES_PATH/server5.eku-srv.crt" \ 8629 "$P_CLI debug_level=1" \ 8630 0 \ 8631 -C "bad certificate (usage extensions)" \ 8632 -C "Processing of the Certificate handshake message failed" \ 8633 -c "Ciphersuite is TLS-" 8634 8635 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 8636 run_test "extKeyUsage cli 1.2: serverAuth,clientAuth -> OK" \ 8637 "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server5.key \ 8638 -cert $DATA_FILES_PATH/server5.eku-srv_cli.crt" \ 8639 "$P_CLI debug_level=1" \ 8640 0 \ 8641 -C "bad certificate (usage extensions)" \ 8642 -C "Processing of the Certificate handshake message failed" \ 8643 -c "Ciphersuite is TLS-" 8644 8645 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 8646 run_test "extKeyUsage cli 1.2: codeSign,anyEKU -> OK" \ 8647 "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server5.key \ 8648 -cert $DATA_FILES_PATH/server5.eku-cs_any.crt" \ 8649 "$P_CLI debug_level=1" \ 8650 0 \ 8651 -C "bad certificate (usage extensions)" \ 8652 -C "Processing of the Certificate handshake message failed" \ 8653 -c "Ciphersuite is TLS-" 8654 8655 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 8656 run_test "extKeyUsage cli 1.2: codeSign -> fail (soft)" \ 8657 "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server5.key \ 8658 -cert $DATA_FILES_PATH/server5.eku-cs.crt" \ 8659 "$P_CLI debug_level=3 auth_mode=optional" \ 8660 0 \ 8661 -c "bad certificate (usage extensions)" \ 8662 -C "Processing of the Certificate handshake message failed" \ 8663 -c "Ciphersuite is TLS-" \ 8664 -C "send alert level=2 message=43" \ 8665 -c "! Usage does not match the extendedKeyUsage extension" 8666 # MBEDTLS_X509_BADCERT_EXT_KEY_USAGE -> MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT 8667 8668 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 8669 run_test "extKeyUsage cli 1.2: codeSign -> fail (hard)" \ 8670 "$O_SRV -tls1_2 -key $DATA_FILES_PATH/server5.key \ 8671 -cert $DATA_FILES_PATH/server5.eku-cs.crt" \ 8672 "$P_CLI debug_level=3" \ 8673 1 \ 8674 -c "bad certificate (usage extensions)" \ 8675 -c "Processing of the Certificate handshake message failed" \ 8676 -C "Ciphersuite is TLS-" \ 8677 -c "send alert level=2 message=43" \ 8678 -c "! Usage does not match the extendedKeyUsage extension" 8679 # MBEDTLS_X509_BADCERT_EXT_KEY_USAGE -> MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT 8680 8681 requires_openssl_tls1_3_with_compatible_ephemeral 8682 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 8683 run_test "extKeyUsage cli 1.3: serverAuth -> OK" \ 8684 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key $DATA_FILES_PATH/server5.key \ 8685 -cert $DATA_FILES_PATH/server5.eku-srv.crt" \ 8686 "$P_CLI debug_level=1" \ 8687 0 \ 8688 -C "bad certificate (usage extensions)" \ 8689 -C "Processing of the Certificate handshake message failed" \ 8690 -c "Ciphersuite is" 8691 8692 requires_openssl_tls1_3_with_compatible_ephemeral 8693 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 8694 run_test "extKeyUsage cli 1.3: serverAuth,clientAuth -> OK" \ 8695 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key $DATA_FILES_PATH/server5.key \ 8696 -cert $DATA_FILES_PATH/server5.eku-srv_cli.crt" \ 8697 "$P_CLI debug_level=1" \ 8698 0 \ 8699 -C "bad certificate (usage extensions)" \ 8700 -C "Processing of the Certificate handshake message failed" \ 8701 -c "Ciphersuite is" 8702 8703 requires_openssl_tls1_3_with_compatible_ephemeral 8704 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 8705 run_test "extKeyUsage cli 1.3: codeSign,anyEKU -> OK" \ 8706 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key $DATA_FILES_PATH/server5.key \ 8707 -cert $DATA_FILES_PATH/server5.eku-cs_any.crt" \ 8708 "$P_CLI debug_level=1" \ 8709 0 \ 8710 -C "bad certificate (usage extensions)" \ 8711 -C "Processing of the Certificate handshake message failed" \ 8712 -c "Ciphersuite is" 8713 8714 requires_openssl_tls1_3_with_compatible_ephemeral 8715 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 8716 run_test "extKeyUsage cli 1.3: codeSign -> fail (hard)" \ 8717 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key $DATA_FILES_PATH/server5.key \ 8718 -cert $DATA_FILES_PATH/server5.eku-cs.crt" \ 8719 "$P_CLI debug_level=3" \ 8720 1 \ 8721 -c "bad certificate (usage extensions)" \ 8722 -c "Processing of the Certificate handshake message failed" \ 8723 -C "Ciphersuite is" \ 8724 -c "send alert level=2 message=43" \ 8725 -c "! Usage does not match the extendedKeyUsage extension" 8726 # MBEDTLS_X509_BADCERT_EXT_KEY_USAGE -> MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT 8727 8728 # Tests for extendedKeyUsage, part 3: server-side checking of client cert 8729 8730 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 8731 run_test "extKeyUsage cli-auth 1.2: clientAuth -> OK" \ 8732 "$P_SRV debug_level=1 auth_mode=optional" \ 8733 "$O_CLI -tls1_2 -key $DATA_FILES_PATH/server5.key \ 8734 -cert $DATA_FILES_PATH/server5.eku-cli.crt" \ 8735 0 \ 8736 -S "bad certificate (usage extensions)" \ 8737 -S "Processing of the Certificate handshake message failed" 8738 8739 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 8740 run_test "extKeyUsage cli-auth 1.2: serverAuth,clientAuth -> OK" \ 8741 "$P_SRV debug_level=1 auth_mode=optional" \ 8742 "$O_CLI -tls1_2 -key $DATA_FILES_PATH/server5.key \ 8743 -cert $DATA_FILES_PATH/server5.eku-srv_cli.crt" \ 8744 0 \ 8745 -S "bad certificate (usage extensions)" \ 8746 -S "Processing of the Certificate handshake message failed" 8747 8748 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 8749 run_test "extKeyUsage cli-auth 1.2: codeSign,anyEKU -> OK" \ 8750 "$P_SRV debug_level=1 auth_mode=optional" \ 8751 "$O_CLI -tls1_2 -key $DATA_FILES_PATH/server5.key \ 8752 -cert $DATA_FILES_PATH/server5.eku-cs_any.crt" \ 8753 0 \ 8754 -S "bad certificate (usage extensions)" \ 8755 -S "Processing of the Certificate handshake message failed" 8756 8757 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 8758 run_test "extKeyUsage cli-auth 1.2: codeSign -> fail (soft)" \ 8759 "$P_SRV debug_level=3 auth_mode=optional" \ 8760 "$O_CLI -tls1_2 -key $DATA_FILES_PATH/server5.key \ 8761 -cert $DATA_FILES_PATH/server5.eku-cs.crt" \ 8762 0 \ 8763 -s "bad certificate (usage extensions)" \ 8764 -S "send alert level=2 message=43" \ 8765 -s "! Usage does not match the extendedKeyUsage extension" \ 8766 -S "Processing of the Certificate handshake message failed" \ 8767 8768 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 8769 run_test "extKeyUsage cli-auth 1.2: codeSign -> fail (hard)" \ 8770 "$P_SRV debug_level=3 auth_mode=required" \ 8771 "$O_CLI -tls1_2 -key $DATA_FILES_PATH/server5.key \ 8772 -cert $DATA_FILES_PATH/server5.eku-cs.crt" \ 8773 1 \ 8774 -s "bad certificate (usage extensions)" \ 8775 -s "send alert level=2 message=43" \ 8776 -s "! Usage does not match the extendedKeyUsage extension" \ 8777 -s "Processing of the Certificate handshake message failed" 8778 # MBEDTLS_X509_BADCERT_EXT_KEY_USAGE -> MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT 8779 8780 requires_openssl_tls1_3_with_compatible_ephemeral 8781 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 8782 run_test "extKeyUsage cli-auth 1.3: clientAuth -> OK" \ 8783 "$P_SRV debug_level=1 force_version=tls13 auth_mode=optional" \ 8784 "$O_NEXT_CLI_NO_CERT -key $DATA_FILES_PATH/server5.key \ 8785 -cert $DATA_FILES_PATH/server5.eku-cli.crt" \ 8786 0 \ 8787 -S "bad certificate (usage extensions)" \ 8788 -S "Processing of the Certificate handshake message failed" 8789 8790 requires_openssl_tls1_3_with_compatible_ephemeral 8791 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 8792 run_test "extKeyUsage cli-auth 1.3: serverAuth,clientAuth -> OK" \ 8793 "$P_SRV debug_level=1 force_version=tls13 auth_mode=optional" \ 8794 "$O_NEXT_CLI_NO_CERT -key $DATA_FILES_PATH/server5.key \ 8795 -cert $DATA_FILES_PATH/server5.eku-srv_cli.crt" \ 8796 0 \ 8797 -S "bad certificate (usage extensions)" \ 8798 -S "Processing of the Certificate handshake message failed" 8799 8800 requires_openssl_tls1_3_with_compatible_ephemeral 8801 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 8802 run_test "extKeyUsage cli-auth 1.3: codeSign,anyEKU -> OK" \ 8803 "$P_SRV debug_level=1 force_version=tls13 auth_mode=optional" \ 8804 "$O_NEXT_CLI_NO_CERT -key $DATA_FILES_PATH/server5.key \ 8805 -cert $DATA_FILES_PATH/server5.eku-cs_any.crt" \ 8806 0 \ 8807 -S "bad certificate (usage extensions)" \ 8808 -S "Processing of the Certificate handshake message failed" 8809 8810 requires_openssl_tls1_3_with_compatible_ephemeral 8811 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 8812 run_test "extKeyUsage cli-auth 1.3: codeSign -> fail (soft)" \ 8813 "$P_SRV debug_level=3 force_version=tls13 auth_mode=optional" \ 8814 "$O_NEXT_CLI_NO_CERT -key $DATA_FILES_PATH/server5.key \ 8815 -cert $DATA_FILES_PATH/server5.eku-cs.crt" \ 8816 0 \ 8817 -s "bad certificate (usage extensions)" \ 8818 -S "send alert level=2 message=43" \ 8819 -s "! Usage does not match the extendedKeyUsage extension" \ 8820 -S "Processing of the Certificate handshake message failed" 8821 8822 requires_openssl_tls1_3_with_compatible_ephemeral 8823 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 8824 run_test "extKeyUsage cli-auth 1.3: codeSign -> fail (hard)" \ 8825 "$P_SRV debug_level=3 force_version=tls13 auth_mode=required" \ 8826 "$P_CLI key_file=$DATA_FILES_PATH/server5.key \ 8827 crt_file=$DATA_FILES_PATH/server5.eku-cs.crt" \ 8828 1 \ 8829 -s "bad certificate (usage extensions)" \ 8830 -s "send alert level=2 message=43" \ 8831 -s "! Usage does not match the extendedKeyUsage extension" \ 8832 -s "Processing of the Certificate handshake message failed" 8833 # MBEDTLS_X509_BADCERT_EXT_KEY_USAGE -> MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT 8834 8835 # Tests for DHM parameters loading 8836 8837 run_test "DHM parameters: reference" \ 8838 "$P_SRV" \ 8839 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ 8840 debug_level=3" \ 8841 0 \ 8842 -c "value of 'DHM: P ' (2048 bits)" \ 8843 -c "value of 'DHM: G ' (2 bits)" 8844 8845 run_test "DHM parameters: other parameters" \ 8846 "$P_SRV dhm_file=$DATA_FILES_PATH/dhparams.pem" \ 8847 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ 8848 debug_level=3" \ 8849 0 \ 8850 -c "value of 'DHM: P ' (1024 bits)" \ 8851 -c "value of 'DHM: G ' (2 bits)" 8852 8853 # Tests for DHM client-side size checking 8854 8855 run_test "DHM size: server default, client default, OK" \ 8856 "$P_SRV" \ 8857 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ 8858 debug_level=1" \ 8859 0 \ 8860 -C "DHM prime too short:" 8861 8862 run_test "DHM size: server default, client 2048, OK" \ 8863 "$P_SRV" \ 8864 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ 8865 debug_level=1 dhmlen=2048" \ 8866 0 \ 8867 -C "DHM prime too short:" 8868 8869 run_test "DHM size: server 1024, client default, OK" \ 8870 "$P_SRV dhm_file=$DATA_FILES_PATH/dhparams.pem" \ 8871 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ 8872 debug_level=1" \ 8873 0 \ 8874 -C "DHM prime too short:" 8875 8876 run_test "DHM size: server 999, client 999, OK" \ 8877 "$P_SRV dhm_file=$DATA_FILES_PATH/dh.999.pem" \ 8878 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ 8879 debug_level=1 dhmlen=999" \ 8880 0 \ 8881 -C "DHM prime too short:" 8882 8883 run_test "DHM size: server 1000, client 1000, OK" \ 8884 "$P_SRV dhm_file=$DATA_FILES_PATH/dh.1000.pem" \ 8885 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ 8886 debug_level=1 dhmlen=1000" \ 8887 0 \ 8888 -C "DHM prime too short:" 8889 8890 run_test "DHM size: server 1000, client default, rejected" \ 8891 "$P_SRV dhm_file=$DATA_FILES_PATH/dh.1000.pem" \ 8892 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ 8893 debug_level=1" \ 8894 1 \ 8895 -c "DHM prime too short:" 8896 8897 run_test "DHM size: server 1000, client 1001, rejected" \ 8898 "$P_SRV dhm_file=$DATA_FILES_PATH/dh.1000.pem" \ 8899 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ 8900 debug_level=1 dhmlen=1001" \ 8901 1 \ 8902 -c "DHM prime too short:" 8903 8904 run_test "DHM size: server 999, client 1000, rejected" \ 8905 "$P_SRV dhm_file=$DATA_FILES_PATH/dh.999.pem" \ 8906 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ 8907 debug_level=1 dhmlen=1000" \ 8908 1 \ 8909 -c "DHM prime too short:" 8910 8911 run_test "DHM size: server 998, client 999, rejected" \ 8912 "$P_SRV dhm_file=$DATA_FILES_PATH/dh.998.pem" \ 8913 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ 8914 debug_level=1 dhmlen=999" \ 8915 1 \ 8916 -c "DHM prime too short:" 8917 8918 run_test "DHM size: server default, client 2049, rejected" \ 8919 "$P_SRV" \ 8920 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ 8921 debug_level=1 dhmlen=2049" \ 8922 1 \ 8923 -c "DHM prime too short:" 8924 8925 # Tests for PSK callback 8926 8927 run_test "PSK callback: psk, no callback" \ 8928 "$P_SRV psk=73776f726466697368 psk_identity=foo" \ 8929 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ 8930 psk_identity=foo psk=73776f726466697368" \ 8931 0 \ 8932 -S "SSL - The handshake negotiation failed" \ 8933 -S "SSL - Unknown identity received" \ 8934 -S "SSL - Verification of the message MAC failed" 8935 8936 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 8937 run_test "PSK callback: opaque psk on client, no callback" \ 8938 "$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo" \ 8939 "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ 8940 psk_identity=foo psk=73776f726466697368 psk_opaque=1" \ 8941 0 \ 8942 -C "session hash for extended master secret"\ 8943 -S "session hash for extended master secret"\ 8944 -S "SSL - The handshake negotiation failed" \ 8945 -S "SSL - Unknown identity received" \ 8946 -S "SSL - Verification of the message MAC failed" 8947 8948 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 8949 run_test "PSK callback: opaque psk on client, no callback, SHA-384" \ 8950 "$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo" \ 8951 "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ 8952 psk_identity=foo psk=73776f726466697368 psk_opaque=1" \ 8953 0 \ 8954 -C "session hash for extended master secret"\ 8955 -S "session hash for extended master secret"\ 8956 -S "SSL - The handshake negotiation failed" \ 8957 -S "SSL - Unknown identity received" \ 8958 -S "SSL - Verification of the message MAC failed" 8959 8960 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 8961 run_test "PSK callback: opaque psk on client, no callback, EMS" \ 8962 "$P_SRV extended_ms=1 debug_level=3 psk=73776f726466697368 psk_identity=foo" \ 8963 "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ 8964 psk_identity=foo psk=73776f726466697368 psk_opaque=1" \ 8965 0 \ 8966 -c "session hash for extended master secret"\ 8967 -s "session hash for extended master secret"\ 8968 -S "SSL - The handshake negotiation failed" \ 8969 -S "SSL - Unknown identity received" \ 8970 -S "SSL - Verification of the message MAC failed" 8971 8972 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 8973 run_test "PSK callback: opaque psk on client, no callback, SHA-384, EMS" \ 8974 "$P_SRV extended_ms=1 debug_level=3 psk=73776f726466697368 psk_identity=foo" \ 8975 "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ 8976 psk_identity=foo psk=73776f726466697368 psk_opaque=1" \ 8977 0 \ 8978 -c "session hash for extended master secret"\ 8979 -s "session hash for extended master secret"\ 8980 -S "SSL - The handshake negotiation failed" \ 8981 -S "SSL - Unknown identity received" \ 8982 -S "SSL - Verification of the message MAC failed" 8983 8984 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 8985 run_test "PSK callback: opaque rsa-psk on client, no callback" \ 8986 "$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo" \ 8987 "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256 \ 8988 psk_identity=foo psk=73776f726466697368 psk_opaque=1" \ 8989 0 \ 8990 -C "session hash for extended master secret"\ 8991 -S "session hash for extended master secret"\ 8992 -S "SSL - The handshake negotiation failed" \ 8993 -S "SSL - Unknown identity received" \ 8994 -S "SSL - Verification of the message MAC failed" 8995 8996 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 8997 run_test "PSK callback: opaque rsa-psk on client, no callback, SHA-384" \ 8998 "$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo" \ 8999 "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \ 9000 psk_identity=foo psk=73776f726466697368 psk_opaque=1" \ 9001 0 \ 9002 -C "session hash for extended master secret"\ 9003 -S "session hash for extended master secret"\ 9004 -S "SSL - The handshake negotiation failed" \ 9005 -S "SSL - Unknown identity received" \ 9006 -S "SSL - Verification of the message MAC failed" 9007 9008 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9009 run_test "PSK callback: opaque rsa-psk on client, no callback, EMS" \ 9010 "$P_SRV extended_ms=1 debug_level=3 psk=73776f726466697368 psk_identity=foo" \ 9011 "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \ 9012 psk_identity=foo psk=73776f726466697368 psk_opaque=1" \ 9013 0 \ 9014 -c "session hash for extended master secret"\ 9015 -s "session hash for extended master secret"\ 9016 -S "SSL - The handshake negotiation failed" \ 9017 -S "SSL - Unknown identity received" \ 9018 -S "SSL - Verification of the message MAC failed" 9019 9020 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9021 run_test "PSK callback: opaque rsa-psk on client, no callback, SHA-384, EMS" \ 9022 "$P_SRV extended_ms=1 debug_level=3 psk=73776f726466697368 psk_identity=foo" \ 9023 "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \ 9024 psk_identity=foo psk=73776f726466697368 psk_opaque=1" \ 9025 0 \ 9026 -c "session hash for extended master secret"\ 9027 -s "session hash for extended master secret"\ 9028 -S "SSL - The handshake negotiation failed" \ 9029 -S "SSL - Unknown identity received" \ 9030 -S "SSL - Verification of the message MAC failed" 9031 9032 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9033 run_test "PSK callback: opaque ecdhe-psk on client, no callback" \ 9034 "$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo" \ 9035 "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \ 9036 psk_identity=foo psk=73776f726466697368 psk_opaque=1" \ 9037 0 \ 9038 -C "session hash for extended master secret"\ 9039 -S "session hash for extended master secret"\ 9040 -S "SSL - The handshake negotiation failed" \ 9041 -S "SSL - Unknown identity received" \ 9042 -S "SSL - Verification of the message MAC failed" 9043 9044 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9045 run_test "PSK callback: opaque ecdhe-psk on client, no callback, SHA-384" \ 9046 "$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo" \ 9047 "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \ 9048 psk_identity=foo psk=73776f726466697368 psk_opaque=1" \ 9049 0 \ 9050 -C "session hash for extended master secret"\ 9051 -S "session hash for extended master secret"\ 9052 -S "SSL - The handshake negotiation failed" \ 9053 -S "SSL - Unknown identity received" \ 9054 -S "SSL - Verification of the message MAC failed" 9055 9056 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9057 run_test "PSK callback: opaque ecdhe-psk on client, no callback, EMS" \ 9058 "$P_SRV extended_ms=1 debug_level=3 psk=73776f726466697368 psk_identity=foo" \ 9059 "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \ 9060 psk_identity=foo psk=73776f726466697368 psk_opaque=1" \ 9061 0 \ 9062 -c "session hash for extended master secret"\ 9063 -s "session hash for extended master secret"\ 9064 -S "SSL - The handshake negotiation failed" \ 9065 -S "SSL - Unknown identity received" \ 9066 -S "SSL - Verification of the message MAC failed" 9067 9068 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9069 run_test "PSK callback: opaque ecdhe-psk on client, no callback, SHA-384, EMS" \ 9070 "$P_SRV extended_ms=1 debug_level=3 psk=73776f726466697368 psk_identity=foo" \ 9071 "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \ 9072 psk_identity=foo psk=73776f726466697368 psk_opaque=1" \ 9073 0 \ 9074 -c "session hash for extended master secret"\ 9075 -s "session hash for extended master secret"\ 9076 -S "SSL - The handshake negotiation failed" \ 9077 -S "SSL - Unknown identity received" \ 9078 -S "SSL - Verification of the message MAC failed" 9079 9080 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9081 run_test "PSK callback: opaque dhe-psk on client, no callback" \ 9082 "$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo" \ 9083 "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA256 \ 9084 psk_identity=foo psk=73776f726466697368 psk_opaque=1" \ 9085 0 \ 9086 -C "session hash for extended master secret"\ 9087 -S "session hash for extended master secret"\ 9088 -S "SSL - The handshake negotiation failed" \ 9089 -S "SSL - Unknown identity received" \ 9090 -S "SSL - Verification of the message MAC failed" 9091 9092 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9093 run_test "PSK callback: opaque dhe-psk on client, no callback, SHA-384" \ 9094 "$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo" \ 9095 "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \ 9096 psk_identity=foo psk=73776f726466697368 psk_opaque=1" \ 9097 0 \ 9098 -C "session hash for extended master secret"\ 9099 -S "session hash for extended master secret"\ 9100 -S "SSL - The handshake negotiation failed" \ 9101 -S "SSL - Unknown identity received" \ 9102 -S "SSL - Verification of the message MAC failed" 9103 9104 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9105 run_test "PSK callback: opaque dhe-psk on client, no callback, EMS" \ 9106 "$P_SRV extended_ms=1 debug_level=3 psk=73776f726466697368 psk_identity=foo" \ 9107 "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \ 9108 psk_identity=foo psk=73776f726466697368 psk_opaque=1" \ 9109 0 \ 9110 -c "session hash for extended master secret"\ 9111 -s "session hash for extended master secret"\ 9112 -S "SSL - The handshake negotiation failed" \ 9113 -S "SSL - Unknown identity received" \ 9114 -S "SSL - Verification of the message MAC failed" 9115 9116 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9117 run_test "PSK callback: opaque dhe-psk on client, no callback, SHA-384, EMS" \ 9118 "$P_SRV extended_ms=1 debug_level=3 psk=73776f726466697368 psk_identity=foo" \ 9119 "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \ 9120 psk_identity=foo psk=73776f726466697368 psk_opaque=1" \ 9121 0 \ 9122 -c "session hash for extended master secret"\ 9123 -s "session hash for extended master secret"\ 9124 -S "SSL - The handshake negotiation failed" \ 9125 -S "SSL - Unknown identity received" \ 9126 -S "SSL - Verification of the message MAC failed" 9127 9128 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9129 run_test "PSK callback: raw psk on client, static opaque on server, no callback" \ 9130 "$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ 9131 "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ 9132 psk_identity=foo psk=73776f726466697368" \ 9133 0 \ 9134 -C "session hash for extended master secret"\ 9135 -S "session hash for extended master secret"\ 9136 -S "SSL - The handshake negotiation failed" \ 9137 -S "SSL - Unknown identity received" \ 9138 -S "SSL - Verification of the message MAC failed" 9139 9140 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9141 run_test "PSK callback: raw psk on client, static opaque on server, no callback, SHA-384" \ 9142 "$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \ 9143 "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ 9144 psk_identity=foo psk=73776f726466697368" \ 9145 0 \ 9146 -C "session hash for extended master secret"\ 9147 -S "session hash for extended master secret"\ 9148 -S "SSL - The handshake negotiation failed" \ 9149 -S "SSL - Unknown identity received" \ 9150 -S "SSL - Verification of the message MAC failed" 9151 9152 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9153 run_test "PSK callback: raw psk on client, static opaque on server, no callback, EMS" \ 9154 "$P_SRV debug_level=3 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 \ 9155 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ 9156 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ 9157 psk_identity=foo psk=73776f726466697368 extended_ms=1" \ 9158 0 \ 9159 -c "session hash for extended master secret"\ 9160 -s "session hash for extended master secret"\ 9161 -S "SSL - The handshake negotiation failed" \ 9162 -S "SSL - Unknown identity received" \ 9163 -S "SSL - Verification of the message MAC failed" 9164 9165 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9166 run_test "PSK callback: raw psk on client, static opaque on server, no callback, EMS, SHA384" \ 9167 "$P_SRV debug_level=3 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 \ 9168 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ 9169 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ 9170 psk_identity=foo psk=73776f726466697368 extended_ms=1" \ 9171 0 \ 9172 -c "session hash for extended master secret"\ 9173 -s "session hash for extended master secret"\ 9174 -S "SSL - The handshake negotiation failed" \ 9175 -S "SSL - Unknown identity received" \ 9176 -S "SSL - Verification of the message MAC failed" 9177 9178 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9179 run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback" \ 9180 "$P_SRV extended_ms=0 debug_level=5 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA" \ 9181 "$P_CLI extended_ms=0 debug_level=5 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \ 9182 psk_identity=foo psk=73776f726466697368" \ 9183 0 \ 9184 -C "session hash for extended master secret"\ 9185 -S "session hash for extended master secret"\ 9186 -S "SSL - The handshake negotiation failed" \ 9187 -S "SSL - Unknown identity received" \ 9188 -S "SSL - Verification of the message MAC failed" 9189 9190 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9191 run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback, SHA-384" \ 9192 "$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384" \ 9193 "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \ 9194 psk_identity=foo psk=73776f726466697368" \ 9195 0 \ 9196 -C "session hash for extended master secret"\ 9197 -S "session hash for extended master secret"\ 9198 -S "SSL - The handshake negotiation failed" \ 9199 -S "SSL - Unknown identity received" \ 9200 -S "SSL - Verification of the message MAC failed" 9201 9202 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9203 run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback, EMS" \ 9204 "$P_SRV debug_level=3 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 \ 9205 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ 9206 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \ 9207 psk_identity=foo psk=73776f726466697368 extended_ms=1" \ 9208 0 \ 9209 -c "session hash for extended master secret"\ 9210 -s "session hash for extended master secret"\ 9211 -S "SSL - The handshake negotiation failed" \ 9212 -S "SSL - Unknown identity received" \ 9213 -S "SSL - Verification of the message MAC failed" 9214 9215 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9216 run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback, EMS, SHA384" \ 9217 "$P_SRV debug_level=3 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 \ 9218 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ 9219 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \ 9220 psk_identity=foo psk=73776f726466697368 extended_ms=1" \ 9221 0 \ 9222 -c "session hash for extended master secret"\ 9223 -s "session hash for extended master secret"\ 9224 -S "SSL - The handshake negotiation failed" \ 9225 -S "SSL - Unknown identity received" \ 9226 -S "SSL - Verification of the message MAC failed" 9227 9228 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9229 run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback" \ 9230 "$P_SRV extended_ms=0 debug_level=5 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA" \ 9231 "$P_CLI extended_ms=0 debug_level=5 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \ 9232 psk_identity=foo psk=73776f726466697368" \ 9233 0 \ 9234 -C "session hash for extended master secret"\ 9235 -S "session hash for extended master secret"\ 9236 -S "SSL - The handshake negotiation failed" \ 9237 -S "SSL - Unknown identity received" \ 9238 -S "SSL - Verification of the message MAC failed" 9239 9240 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9241 run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback, SHA-384" \ 9242 "$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384" \ 9243 "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \ 9244 psk_identity=foo psk=73776f726466697368" \ 9245 0 \ 9246 -C "session hash for extended master secret"\ 9247 -S "session hash for extended master secret"\ 9248 -S "SSL - The handshake negotiation failed" \ 9249 -S "SSL - Unknown identity received" \ 9250 -S "SSL - Verification of the message MAC failed" 9251 9252 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9253 run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback, EMS" \ 9254 "$P_SRV debug_level=3 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 \ 9255 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ 9256 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \ 9257 psk_identity=foo psk=73776f726466697368 extended_ms=1" \ 9258 0 \ 9259 -c "session hash for extended master secret"\ 9260 -s "session hash for extended master secret"\ 9261 -S "SSL - The handshake negotiation failed" \ 9262 -S "SSL - Unknown identity received" \ 9263 -S "SSL - Verification of the message MAC failed" 9264 9265 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9266 run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback, EMS, SHA384" \ 9267 "$P_SRV debug_level=3 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 \ 9268 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ 9269 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \ 9270 psk_identity=foo psk=73776f726466697368 extended_ms=1" \ 9271 0 \ 9272 -c "session hash for extended master secret"\ 9273 -s "session hash for extended master secret"\ 9274 -S "SSL - The handshake negotiation failed" \ 9275 -S "SSL - Unknown identity received" \ 9276 -S "SSL - Verification of the message MAC failed" 9277 9278 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9279 run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback" \ 9280 "$P_SRV extended_ms=0 debug_level=5 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA" \ 9281 "$P_CLI extended_ms=0 debug_level=5 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \ 9282 psk_identity=foo psk=73776f726466697368" \ 9283 0 \ 9284 -C "session hash for extended master secret"\ 9285 -S "session hash for extended master secret"\ 9286 -S "SSL - The handshake negotiation failed" \ 9287 -S "SSL - Unknown identity received" \ 9288 -S "SSL - Verification of the message MAC failed" 9289 9290 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9291 run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback, SHA-384" \ 9292 "$P_SRV extended_ms=0 debug_level=1 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384" \ 9293 "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \ 9294 psk_identity=foo psk=73776f726466697368" \ 9295 0 \ 9296 -C "session hash for extended master secret"\ 9297 -S "session hash for extended master secret"\ 9298 -S "SSL - The handshake negotiation failed" \ 9299 -S "SSL - Unknown identity received" \ 9300 -S "SSL - Verification of the message MAC failed" 9301 9302 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9303 run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback, EMS" \ 9304 "$P_SRV debug_level=3 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 \ 9305 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ 9306 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \ 9307 psk_identity=foo psk=73776f726466697368 extended_ms=1" \ 9308 0 \ 9309 -c "session hash for extended master secret"\ 9310 -s "session hash for extended master secret"\ 9311 -S "SSL - The handshake negotiation failed" \ 9312 -S "SSL - Unknown identity received" \ 9313 -S "SSL - Verification of the message MAC failed" 9314 9315 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9316 run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback, EMS, SHA384" \ 9317 "$P_SRV debug_level=3 psk=73776f726466697368 psk_identity=foo psk_opaque=1 min_version=tls12 \ 9318 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ 9319 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \ 9320 psk_identity=foo psk=73776f726466697368 extended_ms=1" \ 9321 0 \ 9322 -c "session hash for extended master secret"\ 9323 -s "session hash for extended master secret"\ 9324 -S "SSL - The handshake negotiation failed" \ 9325 -S "SSL - Unknown identity received" \ 9326 -S "SSL - Verification of the message MAC failed" 9327 9328 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9329 run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback" \ 9330 "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ 9331 "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ 9332 psk_identity=def psk=beef" \ 9333 0 \ 9334 -C "session hash for extended master secret"\ 9335 -S "session hash for extended master secret"\ 9336 -S "SSL - The handshake negotiation failed" \ 9337 -S "SSL - Unknown identity received" \ 9338 -S "SSL - Verification of the message MAC failed" 9339 9340 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9341 run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, SHA-384" \ 9342 "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \ 9343 "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ 9344 psk_identity=def psk=beef" \ 9345 0 \ 9346 -C "session hash for extended master secret"\ 9347 -S "session hash for extended master secret"\ 9348 -S "SSL - The handshake negotiation failed" \ 9349 -S "SSL - Unknown identity received" \ 9350 -S "SSL - Verification of the message MAC failed" 9351 9352 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9353 run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, EMS" \ 9354 "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \ 9355 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ 9356 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ 9357 psk_identity=abc psk=dead extended_ms=1" \ 9358 0 \ 9359 -c "session hash for extended master secret"\ 9360 -s "session hash for extended master secret"\ 9361 -S "SSL - The handshake negotiation failed" \ 9362 -S "SSL - Unknown identity received" \ 9363 -S "SSL - Verification of the message MAC failed" 9364 9365 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9366 run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, EMS, SHA384" \ 9367 "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \ 9368 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ 9369 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \ 9370 psk_identity=abc psk=dead extended_ms=1" \ 9371 0 \ 9372 -c "session hash for extended master secret"\ 9373 -s "session hash for extended master secret"\ 9374 -S "SSL - The handshake negotiation failed" \ 9375 -S "SSL - Unknown identity received" \ 9376 -S "SSL - Verification of the message MAC failed" 9377 9378 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9379 run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from callback" \ 9380 "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA" \ 9381 "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \ 9382 psk_identity=def psk=beef" \ 9383 0 \ 9384 -C "session hash for extended master secret"\ 9385 -S "session hash for extended master secret"\ 9386 -S "SSL - The handshake negotiation failed" \ 9387 -S "SSL - Unknown identity received" \ 9388 -S "SSL - Verification of the message MAC failed" 9389 9390 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9391 run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from callback, SHA-384" \ 9392 "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384" \ 9393 "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \ 9394 psk_identity=def psk=beef" \ 9395 0 \ 9396 -C "session hash for extended master secret"\ 9397 -S "session hash for extended master secret"\ 9398 -S "SSL - The handshake negotiation failed" \ 9399 -S "SSL - Unknown identity received" \ 9400 -S "SSL - Verification of the message MAC failed" 9401 9402 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9403 run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from callback, EMS" \ 9404 "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \ 9405 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ 9406 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \ 9407 psk_identity=abc psk=dead extended_ms=1" \ 9408 0 \ 9409 -c "session hash for extended master secret"\ 9410 -s "session hash for extended master secret"\ 9411 -S "SSL - The handshake negotiation failed" \ 9412 -S "SSL - Unknown identity received" \ 9413 -S "SSL - Verification of the message MAC failed" 9414 9415 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9416 run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from callback, EMS, SHA384" \ 9417 "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \ 9418 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ 9419 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \ 9420 psk_identity=abc psk=dead extended_ms=1" \ 9421 0 \ 9422 -c "session hash for extended master secret"\ 9423 -s "session hash for extended master secret"\ 9424 -S "SSL - The handshake negotiation failed" \ 9425 -S "SSL - Unknown identity received" \ 9426 -S "SSL - Verification of the message MAC failed" 9427 9428 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9429 run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK from callback" \ 9430 "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA" \ 9431 "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \ 9432 psk_identity=def psk=beef" \ 9433 0 \ 9434 -C "session hash for extended master secret"\ 9435 -S "session hash for extended master secret"\ 9436 -S "SSL - The handshake negotiation failed" \ 9437 -S "SSL - Unknown identity received" \ 9438 -S "SSL - Verification of the message MAC failed" 9439 9440 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9441 run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK from callback, SHA-384" \ 9442 "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384" \ 9443 "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \ 9444 psk_identity=def psk=beef" \ 9445 0 \ 9446 -C "session hash for extended master secret"\ 9447 -S "session hash for extended master secret"\ 9448 -S "SSL - The handshake negotiation failed" \ 9449 -S "SSL - Unknown identity received" \ 9450 -S "SSL - Verification of the message MAC failed" 9451 9452 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9453 run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK from callback, EMS" \ 9454 "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \ 9455 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ 9456 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \ 9457 psk_identity=abc psk=dead extended_ms=1" \ 9458 0 \ 9459 -c "session hash for extended master secret"\ 9460 -s "session hash for extended master secret"\ 9461 -S "SSL - The handshake negotiation failed" \ 9462 -S "SSL - Unknown identity received" \ 9463 -S "SSL - Verification of the message MAC failed" 9464 9465 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9466 run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK from callback, EMS, SHA384" \ 9467 "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \ 9468 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ 9469 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \ 9470 psk_identity=abc psk=dead extended_ms=1" \ 9471 0 \ 9472 -c "session hash for extended master secret"\ 9473 -s "session hash for extended master secret"\ 9474 -S "SSL - The handshake negotiation failed" \ 9475 -S "SSL - Unknown identity received" \ 9476 -S "SSL - Verification of the message MAC failed" 9477 9478 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9479 run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from callback" \ 9480 "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA" \ 9481 "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \ 9482 psk_identity=def psk=beef" \ 9483 0 \ 9484 -C "session hash for extended master secret"\ 9485 -S "session hash for extended master secret"\ 9486 -S "SSL - The handshake negotiation failed" \ 9487 -S "SSL - Unknown identity received" \ 9488 -S "SSL - Verification of the message MAC failed" 9489 9490 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9491 run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from callback, SHA-384" \ 9492 "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384" \ 9493 "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \ 9494 psk_identity=def psk=beef" \ 9495 0 \ 9496 -C "session hash for extended master secret"\ 9497 -S "session hash for extended master secret"\ 9498 -S "SSL - The handshake negotiation failed" \ 9499 -S "SSL - Unknown identity received" \ 9500 -S "SSL - Verification of the message MAC failed" 9501 9502 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9503 run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from callback, EMS" \ 9504 "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \ 9505 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \ 9506 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \ 9507 psk_identity=abc psk=dead extended_ms=1" \ 9508 0 \ 9509 -c "session hash for extended master secret"\ 9510 -s "session hash for extended master secret"\ 9511 -S "SSL - The handshake negotiation failed" \ 9512 -S "SSL - Unknown identity received" \ 9513 -S "SSL - Verification of the message MAC failed" 9514 9515 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9516 run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from callback, EMS, SHA384" \ 9517 "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \ 9518 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \ 9519 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \ 9520 psk_identity=abc psk=dead extended_ms=1" \ 9521 0 \ 9522 -c "session hash for extended master secret"\ 9523 -s "session hash for extended master secret"\ 9524 -S "SSL - The handshake negotiation failed" \ 9525 -S "SSL - Unknown identity received" \ 9526 -S "SSL - Verification of the message MAC failed" 9527 9528 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9529 run_test "PSK callback: raw psk on client, mismatching static raw PSK on server, opaque PSK from callback" \ 9530 "$P_SRV extended_ms=0 psk_identity=foo psk=73776f726466697368 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ 9531 "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ 9532 psk_identity=def psk=beef" \ 9533 0 \ 9534 -C "session hash for extended master secret"\ 9535 -S "session hash for extended master secret"\ 9536 -S "SSL - The handshake negotiation failed" \ 9537 -S "SSL - Unknown identity received" \ 9538 -S "SSL - Verification of the message MAC failed" 9539 9540 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9541 run_test "PSK callback: raw psk on client, mismatching static opaque PSK on server, opaque PSK from callback" \ 9542 "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=73776f726466697368 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ 9543 "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ 9544 psk_identity=def psk=beef" \ 9545 0 \ 9546 -C "session hash for extended master secret"\ 9547 -S "session hash for extended master secret"\ 9548 -S "SSL - The handshake negotiation failed" \ 9549 -S "SSL - Unknown identity received" \ 9550 -S "SSL - Verification of the message MAC failed" 9551 9552 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9553 run_test "PSK callback: raw psk on client, mismatching static opaque PSK on server, raw PSK from callback" \ 9554 "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=73776f726466697368 debug_level=3 psk_list=abc,dead,def,beef min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ 9555 "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ 9556 psk_identity=def psk=beef" \ 9557 0 \ 9558 -C "session hash for extended master secret"\ 9559 -S "session hash for extended master secret"\ 9560 -S "SSL - The handshake negotiation failed" \ 9561 -S "SSL - Unknown identity received" \ 9562 -S "SSL - Verification of the message MAC failed" 9563 9564 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9565 run_test "PSK callback: raw psk on client, id-matching but wrong raw PSK on server, opaque PSK from callback" \ 9566 "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=73776f726466697368 debug_level=3 psk_list=abc,dead,def,beef min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ 9567 "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ 9568 psk_identity=def psk=beef" \ 9569 0 \ 9570 -C "session hash for extended master secret"\ 9571 -S "session hash for extended master secret"\ 9572 -S "SSL - The handshake negotiation failed" \ 9573 -S "SSL - Unknown identity received" \ 9574 -S "SSL - Verification of the message MAC failed" 9575 9576 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9577 run_test "PSK callback: raw psk on client, matching opaque PSK on server, wrong opaque PSK from callback" \ 9578 "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=beef debug_level=3 psk_list=abc,dead,def,73776f726466697368 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \ 9579 "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ 9580 psk_identity=def psk=beef" \ 9581 1 \ 9582 -s "SSL - Verification of the message MAC failed" 9583 9584 run_test "PSK callback: no psk, no callback" \ 9585 "$P_SRV" \ 9586 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ 9587 psk_identity=foo psk=73776f726466697368" \ 9588 1 \ 9589 -s "SSL - The handshake negotiation failed" \ 9590 -S "SSL - Unknown identity received" \ 9591 -S "SSL - Verification of the message MAC failed" 9592 9593 run_test "PSK callback: callback overrides other settings" \ 9594 "$P_SRV psk=73776f726466697368 psk_identity=foo psk_list=abc,dead,def,beef" \ 9595 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ 9596 psk_identity=foo psk=73776f726466697368" \ 9597 1 \ 9598 -S "SSL - The handshake negotiation failed" \ 9599 -s "SSL - Unknown identity received" \ 9600 -S "SSL - Verification of the message MAC failed" 9601 9602 run_test "PSK callback: first id matches" \ 9603 "$P_SRV psk_list=abc,dead,def,beef" \ 9604 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ 9605 psk_identity=abc psk=dead" \ 9606 0 \ 9607 -S "SSL - The handshake negotiation failed" \ 9608 -S "SSL - Unknown identity received" \ 9609 -S "SSL - Verification of the message MAC failed" 9610 9611 run_test "PSK callback: second id matches" \ 9612 "$P_SRV psk_list=abc,dead,def,beef" \ 9613 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ 9614 psk_identity=def psk=beef" \ 9615 0 \ 9616 -S "SSL - The handshake negotiation failed" \ 9617 -S "SSL - Unknown identity received" \ 9618 -S "SSL - Verification of the message MAC failed" 9619 9620 run_test "PSK callback: no match" \ 9621 "$P_SRV psk_list=abc,dead,def,beef" \ 9622 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ 9623 psk_identity=ghi psk=beef" \ 9624 1 \ 9625 -S "SSL - The handshake negotiation failed" \ 9626 -s "SSL - Unknown identity received" \ 9627 -S "SSL - Verification of the message MAC failed" 9628 9629 run_test "PSK callback: wrong key" \ 9630 "$P_SRV psk_list=abc,dead,def,beef" \ 9631 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \ 9632 psk_identity=abc psk=beef" \ 9633 1 \ 9634 -S "SSL - The handshake negotiation failed" \ 9635 -S "SSL - Unknown identity received" \ 9636 -s "SSL - Verification of the message MAC failed" 9637 9638 # Tests for EC J-PAKE 9639 9640 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED 9641 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 9642 run_test "ECJPAKE: client not configured" \ 9643 "$P_SRV debug_level=3" \ 9644 "$P_CLI debug_level=3" \ 9645 0 \ 9646 -C "add ciphersuite: 0xc0ff" \ 9647 -C "adding ecjpake_kkpp extension" \ 9648 -S "found ecjpake kkpp extension" \ 9649 -S "skip ecjpake kkpp extension" \ 9650 -S "ciphersuite mismatch: ecjpake not configured" \ 9651 -S "server hello, ecjpake kkpp extension" \ 9652 -C "found ecjpake_kkpp extension" \ 9653 -S "SSL - The handshake negotiation failed" 9654 9655 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED 9656 run_test "ECJPAKE: server not configured" \ 9657 "$P_SRV debug_level=3" \ 9658 "$P_CLI debug_level=3 ecjpake_pw=bla \ 9659 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ 9660 1 \ 9661 -c "add ciphersuite: c0ff" \ 9662 -c "adding ecjpake_kkpp extension" \ 9663 -s "found ecjpake kkpp extension" \ 9664 -s "skip ecjpake kkpp extension" \ 9665 -s "ciphersuite mismatch: ecjpake not configured" \ 9666 -S "server hello, ecjpake kkpp extension" \ 9667 -C "found ecjpake_kkpp extension" \ 9668 -s "SSL - The handshake negotiation failed" 9669 9670 # Note: if the name of this test is changed, then please adjust the corresponding 9671 # filtering label in "test_tls1_2_ecjpake_compatibility" (in "all.sh") 9672 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED 9673 run_test "ECJPAKE: working, TLS" \ 9674 "$P_SRV debug_level=3 ecjpake_pw=bla" \ 9675 "$P_CLI debug_level=3 ecjpake_pw=bla \ 9676 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ 9677 0 \ 9678 -c "add ciphersuite: c0ff" \ 9679 -c "adding ecjpake_kkpp extension" \ 9680 -C "re-using cached ecjpake parameters" \ 9681 -s "found ecjpake kkpp extension" \ 9682 -S "skip ecjpake kkpp extension" \ 9683 -S "ciphersuite mismatch: ecjpake not configured" \ 9684 -s "server hello, ecjpake kkpp extension" \ 9685 -c "found ecjpake_kkpp extension" \ 9686 -S "SSL - The handshake negotiation failed" \ 9687 -S "SSL - Verification of the message MAC failed" 9688 9689 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED 9690 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9691 run_test "ECJPAKE: opaque password client+server, working, TLS" \ 9692 "$P_SRV debug_level=3 ecjpake_pw=bla ecjpake_pw_opaque=1" \ 9693 "$P_CLI debug_level=3 ecjpake_pw=bla ecjpake_pw_opaque=1\ 9694 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ 9695 0 \ 9696 -c "add ciphersuite: c0ff" \ 9697 -c "adding ecjpake_kkpp extension" \ 9698 -c "using opaque password" \ 9699 -s "using opaque password" \ 9700 -C "re-using cached ecjpake parameters" \ 9701 -s "found ecjpake kkpp extension" \ 9702 -S "skip ecjpake kkpp extension" \ 9703 -S "ciphersuite mismatch: ecjpake not configured" \ 9704 -s "server hello, ecjpake kkpp extension" \ 9705 -c "found ecjpake_kkpp extension" \ 9706 -S "SSL - The handshake negotiation failed" \ 9707 -S "SSL - Verification of the message MAC failed" 9708 9709 # Note: if the name of this test is changed, then please adjust the corresponding 9710 # filtering label in "test_tls1_2_ecjpake_compatibility" (in "all.sh") 9711 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED 9712 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9713 run_test "ECJPAKE: opaque password client only, working, TLS" \ 9714 "$P_SRV debug_level=3 ecjpake_pw=bla" \ 9715 "$P_CLI debug_level=3 ecjpake_pw=bla ecjpake_pw_opaque=1\ 9716 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ 9717 0 \ 9718 -c "add ciphersuite: c0ff" \ 9719 -c "adding ecjpake_kkpp extension" \ 9720 -c "using opaque password" \ 9721 -S "using opaque password" \ 9722 -C "re-using cached ecjpake parameters" \ 9723 -s "found ecjpake kkpp extension" \ 9724 -S "skip ecjpake kkpp extension" \ 9725 -S "ciphersuite mismatch: ecjpake not configured" \ 9726 -s "server hello, ecjpake kkpp extension" \ 9727 -c "found ecjpake_kkpp extension" \ 9728 -S "SSL - The handshake negotiation failed" \ 9729 -S "SSL - Verification of the message MAC failed" 9730 9731 # Note: if the name of this test is changed, then please adjust the corresponding 9732 # filtering label in "test_tls1_2_ecjpake_compatibility" (in "all.sh") 9733 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED 9734 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9735 run_test "ECJPAKE: opaque password server only, working, TLS" \ 9736 "$P_SRV debug_level=3 ecjpake_pw=bla ecjpake_pw_opaque=1" \ 9737 "$P_CLI debug_level=3 ecjpake_pw=bla\ 9738 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ 9739 0 \ 9740 -c "add ciphersuite: c0ff" \ 9741 -c "adding ecjpake_kkpp extension" \ 9742 -C "using opaque password" \ 9743 -s "using opaque password" \ 9744 -C "re-using cached ecjpake parameters" \ 9745 -s "found ecjpake kkpp extension" \ 9746 -S "skip ecjpake kkpp extension" \ 9747 -S "ciphersuite mismatch: ecjpake not configured" \ 9748 -s "server hello, ecjpake kkpp extension" \ 9749 -c "found ecjpake_kkpp extension" \ 9750 -S "SSL - The handshake negotiation failed" \ 9751 -S "SSL - Verification of the message MAC failed" 9752 9753 server_needs_more_time 1 9754 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED 9755 run_test "ECJPAKE: password mismatch, TLS" \ 9756 "$P_SRV debug_level=3 ecjpake_pw=bla" \ 9757 "$P_CLI debug_level=3 ecjpake_pw=bad \ 9758 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ 9759 1 \ 9760 -C "re-using cached ecjpake parameters" \ 9761 -s "SSL - Verification of the message MAC failed" 9762 9763 server_needs_more_time 1 9764 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED 9765 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 9766 run_test "ECJPAKE_OPAQUE_PW: opaque password mismatch, TLS" \ 9767 "$P_SRV debug_level=3 ecjpake_pw=bla ecjpake_pw_opaque=1" \ 9768 "$P_CLI debug_level=3 ecjpake_pw=bad ecjpake_pw_opaque=1 \ 9769 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ 9770 1 \ 9771 -c "using opaque password" \ 9772 -s "using opaque password" \ 9773 -C "re-using cached ecjpake parameters" \ 9774 -s "SSL - Verification of the message MAC failed" 9775 9776 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED 9777 run_test "ECJPAKE: working, DTLS" \ 9778 "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \ 9779 "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bla \ 9780 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ 9781 0 \ 9782 -c "re-using cached ecjpake parameters" \ 9783 -S "SSL - Verification of the message MAC failed" 9784 9785 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED 9786 run_test "ECJPAKE: working, DTLS, no cookie" \ 9787 "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla cookies=0" \ 9788 "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bla \ 9789 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ 9790 0 \ 9791 -C "re-using cached ecjpake parameters" \ 9792 -S "SSL - Verification of the message MAC failed" 9793 9794 server_needs_more_time 1 9795 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED 9796 run_test "ECJPAKE: password mismatch, DTLS" \ 9797 "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \ 9798 "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bad \ 9799 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ 9800 1 \ 9801 -c "re-using cached ecjpake parameters" \ 9802 -s "SSL - Verification of the message MAC failed" 9803 9804 # for tests with configs/config-thread.h 9805 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED 9806 run_test "ECJPAKE: working, DTLS, nolog" \ 9807 "$P_SRV dtls=1 ecjpake_pw=bla" \ 9808 "$P_CLI dtls=1 ecjpake_pw=bla \ 9809 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \ 9810 0 9811 9812 # Test for ClientHello without extensions 9813 9814 # Without extensions, ECC is impossible (no curve negotiation). 9815 requires_config_enabled MBEDTLS_RSA_C 9816 requires_gnutls 9817 run_test "ClientHello without extensions: RSA" \ 9818 "$P_SRV force_version=tls12 debug_level=3" \ 9819 "$G_CLI --priority=NORMAL:%NO_EXTENSIONS:%DISABLE_SAFE_RENEGOTIATION localhost" \ 9820 0 \ 9821 -s "Ciphersuite is .*-RSA-WITH-.*" \ 9822 -S "Ciphersuite is .*-EC.*" \ 9823 -s "dumping 'client hello extensions' (0 bytes)" 9824 9825 requires_config_enabled MBEDTLS_KEY_EXCHANGE_PSK_ENABLED 9826 requires_gnutls 9827 run_test "ClientHello without extensions: PSK" \ 9828 "$P_SRV force_version=tls12 debug_level=3 psk=73776f726466697368" \ 9829 "$G_CLI --priority=NORMAL:+PSK:-RSA:-DHE-RSA:%NO_EXTENSIONS:%DISABLE_SAFE_RENEGOTIATION --pskusername=Client_identity --pskkey=73776f726466697368 localhost" \ 9830 0 \ 9831 -s "Ciphersuite is .*-PSK-.*" \ 9832 -S "Ciphersuite is .*-EC.*" \ 9833 -s "dumping 'client hello extensions' (0 bytes)" 9834 9835 # Tests for mbedtls_ssl_get_bytes_avail() 9836 9837 # The server first reads buffer_size-1 bytes, then reads the remainder. 9838 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 9839 run_test "mbedtls_ssl_get_bytes_avail: no extra data" \ 9840 "$P_SRV buffer_size=100" \ 9841 "$P_CLI request_size=100" \ 9842 0 \ 9843 -s "Read from client: 100 bytes read$" 9844 9845 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 9846 run_test "mbedtls_ssl_get_bytes_avail: extra data (+1)" \ 9847 "$P_SRV buffer_size=100" \ 9848 "$P_CLI request_size=101" \ 9849 0 \ 9850 -s "Read from client: 101 bytes read (100 + 1)" 9851 9852 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 9853 requires_max_content_len 200 9854 run_test "mbedtls_ssl_get_bytes_avail: extra data (*2)" \ 9855 "$P_SRV buffer_size=100" \ 9856 "$P_CLI request_size=200" \ 9857 0 \ 9858 -s "Read from client: 200 bytes read (100 + 100)" 9859 9860 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 9861 run_test "mbedtls_ssl_get_bytes_avail: extra data (max)" \ 9862 "$P_SRV buffer_size=100 force_version=tls12" \ 9863 "$P_CLI request_size=$MAX_CONTENT_LEN" \ 9864 0 \ 9865 -s "Read from client: $MAX_CONTENT_LEN bytes read (100 + $((MAX_CONTENT_LEN - 100)))" 9866 9867 # Tests for small client packets 9868 9869 run_test "Small client packet TLS 1.2 BlockCipher" \ 9870 "$P_SRV force_version=tls12" \ 9871 "$P_CLI request_size=1 \ 9872 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ 9873 0 \ 9874 -s "Read from client: 1 bytes read" 9875 9876 run_test "Small client packet TLS 1.2 BlockCipher, without EtM" \ 9877 "$P_SRV force_version=tls12" \ 9878 "$P_CLI request_size=1 \ 9879 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \ 9880 0 \ 9881 -s "Read from client: 1 bytes read" 9882 9883 run_test "Small client packet TLS 1.2 BlockCipher larger MAC" \ 9884 "$P_SRV force_version=tls12" \ 9885 "$P_CLI request_size=1 \ 9886 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \ 9887 0 \ 9888 -s "Read from client: 1 bytes read" 9889 9890 run_test "Small client packet TLS 1.2 AEAD" \ 9891 "$P_SRV force_version=tls12" \ 9892 "$P_CLI request_size=1 \ 9893 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \ 9894 0 \ 9895 -s "Read from client: 1 bytes read" 9896 9897 run_test "Small client packet TLS 1.2 AEAD shorter tag" \ 9898 "$P_SRV force_version=tls12" \ 9899 "$P_CLI request_size=1 \ 9900 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \ 9901 0 \ 9902 -s "Read from client: 1 bytes read" 9903 9904 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 9905 run_test "Small client packet TLS 1.3 AEAD" \ 9906 "$P_SRV" \ 9907 "$P_CLI request_size=1 \ 9908 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \ 9909 0 \ 9910 -s "Read from client: 1 bytes read" 9911 9912 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 9913 run_test "Small client packet TLS 1.3 AEAD shorter tag" \ 9914 "$P_SRV" \ 9915 "$P_CLI request_size=1 \ 9916 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \ 9917 0 \ 9918 -s "Read from client: 1 bytes read" 9919 9920 # Tests for small client packets in DTLS 9921 9922 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 9923 run_test "Small client packet DTLS 1.2" \ 9924 "$P_SRV dtls=1 force_version=dtls12" \ 9925 "$P_CLI dtls=1 request_size=1 \ 9926 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ 9927 0 \ 9928 -s "Read from client: 1 bytes read" 9929 9930 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 9931 run_test "Small client packet DTLS 1.2, without EtM" \ 9932 "$P_SRV dtls=1 force_version=dtls12 etm=0" \ 9933 "$P_CLI dtls=1 request_size=1 \ 9934 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ 9935 0 \ 9936 -s "Read from client: 1 bytes read" 9937 9938 # Tests for small server packets 9939 9940 run_test "Small server packet TLS 1.2 BlockCipher" \ 9941 "$P_SRV response_size=1 force_version=tls12" \ 9942 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ 9943 0 \ 9944 -c "Read from server: 1 bytes read" 9945 9946 run_test "Small server packet TLS 1.2 BlockCipher, without EtM" \ 9947 "$P_SRV response_size=1 force_version=tls12" \ 9948 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \ 9949 0 \ 9950 -c "Read from server: 1 bytes read" 9951 9952 run_test "Small server packet TLS 1.2 BlockCipher larger MAC" \ 9953 "$P_SRV response_size=1 force_version=tls12" \ 9954 "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \ 9955 0 \ 9956 -c "Read from server: 1 bytes read" 9957 9958 run_test "Small server packet TLS 1.2 AEAD" \ 9959 "$P_SRV response_size=1 force_version=tls12" \ 9960 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \ 9961 0 \ 9962 -c "Read from server: 1 bytes read" 9963 9964 run_test "Small server packet TLS 1.2 AEAD shorter tag" \ 9965 "$P_SRV response_size=1 force_version=tls12" \ 9966 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \ 9967 0 \ 9968 -c "Read from server: 1 bytes read" 9969 9970 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 9971 run_test "Small server packet TLS 1.3 AEAD" \ 9972 "$P_SRV response_size=1" \ 9973 "$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \ 9974 0 \ 9975 -c "Read from server: 1 bytes read" 9976 9977 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 9978 run_test "Small server packet TLS 1.3 AEAD shorter tag" \ 9979 "$P_SRV response_size=1" \ 9980 "$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \ 9981 0 \ 9982 -c "Read from server: 1 bytes read" 9983 9984 # Tests for small server packets in DTLS 9985 9986 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 9987 run_test "Small server packet DTLS 1.2" \ 9988 "$P_SRV dtls=1 response_size=1 force_version=dtls12" \ 9989 "$P_CLI dtls=1 \ 9990 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ 9991 0 \ 9992 -c "Read from server: 1 bytes read" 9993 9994 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 9995 run_test "Small server packet DTLS 1.2, without EtM" \ 9996 "$P_SRV dtls=1 response_size=1 force_version=dtls12 etm=0" \ 9997 "$P_CLI dtls=1 \ 9998 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ 9999 0 \ 10000 -c "Read from server: 1 bytes read" 10001 10002 # Test for large client packets 10003 10004 # How many fragments do we expect to write $1 bytes? 10005 fragments_for_write() { 10006 echo "$(( ( $1 + $MAX_OUT_LEN - 1 ) / $MAX_OUT_LEN ))" 10007 } 10008 10009 run_test "Large client packet TLS 1.2 BlockCipher" \ 10010 "$P_SRV force_version=tls12" \ 10011 "$P_CLI request_size=16384 \ 10012 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ 10013 0 \ 10014 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ 10015 -s "Read from client: $MAX_CONTENT_LEN bytes read" 10016 10017 run_test "Large client packet TLS 1.2 BlockCipher, without EtM" \ 10018 "$P_SRV force_version=tls12" \ 10019 "$P_CLI request_size=16384 etm=0 \ 10020 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ 10021 0 \ 10022 -s "Read from client: $MAX_CONTENT_LEN bytes read" 10023 10024 run_test "Large client packet TLS 1.2 BlockCipher larger MAC" \ 10025 "$P_SRV force_version=tls12" \ 10026 "$P_CLI request_size=16384 \ 10027 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \ 10028 0 \ 10029 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ 10030 -s "Read from client: $MAX_CONTENT_LEN bytes read" 10031 10032 run_test "Large client packet TLS 1.2 AEAD" \ 10033 "$P_SRV force_version=tls12" \ 10034 "$P_CLI request_size=16384 \ 10035 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \ 10036 0 \ 10037 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ 10038 -s "Read from client: $MAX_CONTENT_LEN bytes read" 10039 10040 run_test "Large client packet TLS 1.2 AEAD shorter tag" \ 10041 "$P_SRV force_version=tls12" \ 10042 "$P_CLI request_size=16384 \ 10043 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \ 10044 0 \ 10045 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \ 10046 -s "Read from client: $MAX_CONTENT_LEN bytes read" 10047 10048 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 10049 run_test "Large client packet TLS 1.3 AEAD" \ 10050 "$P_SRV" \ 10051 "$P_CLI request_size=16383 \ 10052 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \ 10053 0 \ 10054 -c "16383 bytes written in $(fragments_for_write 16383) fragments" \ 10055 -s "Read from client: 16383 bytes read" 10056 10057 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 10058 run_test "Large client packet TLS 1.3 AEAD shorter tag" \ 10059 "$P_SRV" \ 10060 "$P_CLI request_size=16383 \ 10061 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \ 10062 0 \ 10063 -c "16383 bytes written in $(fragments_for_write 16383) fragments" \ 10064 -s "Read from client: 16383 bytes read" 10065 10066 # The tests below fail when the server's OUT_CONTENT_LEN is less than 16384. 10067 run_test "Large server packet TLS 1.2 BlockCipher" \ 10068 "$P_SRV response_size=16384 force_version=tls12" \ 10069 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ 10070 0 \ 10071 -c "Read from server: 16384 bytes read" 10072 10073 run_test "Large server packet TLS 1.2 BlockCipher, without EtM" \ 10074 "$P_SRV response_size=16384 force_version=tls12" \ 10075 "$P_CLI etm=0 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \ 10076 0 \ 10077 -s "16384 bytes written in 1 fragments" \ 10078 -c "Read from server: 16384 bytes read" 10079 10080 run_test "Large server packet TLS 1.2 BlockCipher larger MAC" \ 10081 "$P_SRV response_size=16384 force_version=tls12" \ 10082 "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \ 10083 0 \ 10084 -c "Read from server: 16384 bytes read" 10085 10086 run_test "Large server packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \ 10087 "$P_SRV response_size=16384 trunc_hmac=1 force_version=tls12" \ 10088 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \ 10089 0 \ 10090 -s "16384 bytes written in 1 fragments" \ 10091 -c "Read from server: 16384 bytes read" 10092 10093 run_test "Large server packet TLS 1.2 AEAD" \ 10094 "$P_SRV response_size=16384 force_version=tls12" \ 10095 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \ 10096 0 \ 10097 -c "Read from server: 16384 bytes read" 10098 10099 run_test "Large server packet TLS 1.2 AEAD shorter tag" \ 10100 "$P_SRV response_size=16384 force_version=tls12" \ 10101 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \ 10102 0 \ 10103 -c "Read from server: 16384 bytes read" 10104 10105 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 10106 run_test "Large server packet TLS 1.3 AEAD" \ 10107 "$P_SRV response_size=16383" \ 10108 "$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \ 10109 0 \ 10110 -c "Read from server: 16383 bytes read" 10111 10112 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 10113 run_test "Large server packet TLS 1.3 AEAD shorter tag" \ 10114 "$P_SRV response_size=16383" \ 10115 "$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \ 10116 0 \ 10117 -c "Read from server: 16383 bytes read" 10118 10119 # Tests for restartable ECC 10120 10121 # Force the use of a curve that supports restartable ECC (secp256r1). 10122 10123 requires_config_enabled MBEDTLS_ECP_RESTARTABLE 10124 requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED 10125 run_test "EC restart: TLS, default" \ 10126 "$P_SRV groups=secp256r1 auth_mode=required" \ 10127 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ 10128 key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \ 10129 debug_level=1" \ 10130 0 \ 10131 -C "x509_verify_cert.*4b00" \ 10132 -C "mbedtls_pk_verify.*4b00" \ 10133 -C "mbedtls_ecdh_make_public.*4b00" \ 10134 -C "mbedtls_pk_sign.*4b00" 10135 10136 requires_config_enabled MBEDTLS_ECP_RESTARTABLE 10137 requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED 10138 run_test "EC restart: TLS, max_ops=0" \ 10139 "$P_SRV groups=secp256r1 auth_mode=required" \ 10140 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ 10141 key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \ 10142 debug_level=1 ec_max_ops=0" \ 10143 0 \ 10144 -C "x509_verify_cert.*4b00" \ 10145 -C "mbedtls_pk_verify.*4b00" \ 10146 -C "mbedtls_ecdh_make_public.*4b00" \ 10147 -C "mbedtls_pk_sign.*4b00" 10148 10149 requires_config_enabled MBEDTLS_ECP_RESTARTABLE 10150 requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED 10151 run_test "EC restart: TLS, max_ops=65535" \ 10152 "$P_SRV groups=secp256r1 auth_mode=required" \ 10153 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ 10154 key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \ 10155 debug_level=1 ec_max_ops=65535" \ 10156 0 \ 10157 -C "x509_verify_cert.*4b00" \ 10158 -C "mbedtls_pk_verify.*4b00" \ 10159 -C "mbedtls_ecdh_make_public.*4b00" \ 10160 -C "mbedtls_pk_sign.*4b00" 10161 10162 # With USE_PSA disabled we expect full restartable behaviour. 10163 requires_config_enabled MBEDTLS_ECP_RESTARTABLE 10164 requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED 10165 requires_config_disabled MBEDTLS_USE_PSA_CRYPTO 10166 run_test "EC restart: TLS, max_ops=1000 (no USE_PSA)" \ 10167 "$P_SRV groups=secp256r1 auth_mode=required" \ 10168 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ 10169 key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \ 10170 debug_level=1 ec_max_ops=1000" \ 10171 0 \ 10172 -c "x509_verify_cert.*4b00" \ 10173 -c "mbedtls_pk_verify.*4b00" \ 10174 -c "mbedtls_ecdh_make_public.*4b00" \ 10175 -c "mbedtls_pk_sign.*4b00" 10176 10177 # With USE_PSA enabled we expect only partial restartable behaviour: 10178 # everything except ECDH (where TLS calls PSA directly). 10179 requires_config_enabled MBEDTLS_ECP_RESTARTABLE 10180 requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED 10181 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 10182 run_test "EC restart: TLS, max_ops=1000 (USE_PSA)" \ 10183 "$P_SRV groups=secp256r1 auth_mode=required" \ 10184 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ 10185 key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \ 10186 debug_level=1 ec_max_ops=1000" \ 10187 0 \ 10188 -c "x509_verify_cert.*4b00" \ 10189 -c "mbedtls_pk_verify.*4b00" \ 10190 -C "mbedtls_ecdh_make_public.*4b00" \ 10191 -c "mbedtls_pk_sign.*4b00" 10192 10193 # This works the same with & without USE_PSA as we never get to ECDH: 10194 # we abort as soon as we determined the cert is bad. 10195 requires_config_enabled MBEDTLS_ECP_RESTARTABLE 10196 requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED 10197 run_test "EC restart: TLS, max_ops=1000, badsign" \ 10198 "$P_SRV groups=secp256r1 auth_mode=required \ 10199 crt_file=$DATA_FILES_PATH/server5-badsign.crt \ 10200 key_file=$DATA_FILES_PATH/server5.key" \ 10201 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ 10202 key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \ 10203 debug_level=1 ec_max_ops=1000" \ 10204 1 \ 10205 -c "x509_verify_cert.*4b00" \ 10206 -C "mbedtls_pk_verify.*4b00" \ 10207 -C "mbedtls_ecdh_make_public.*4b00" \ 10208 -C "mbedtls_pk_sign.*4b00" \ 10209 -c "! The certificate is not correctly signed by the trusted CA" \ 10210 -c "! mbedtls_ssl_handshake returned" \ 10211 -c "X509 - Certificate verification failed" 10212 10213 # With USE_PSA disabled we expect full restartable behaviour. 10214 requires_config_enabled MBEDTLS_ECP_RESTARTABLE 10215 requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED 10216 requires_config_disabled MBEDTLS_USE_PSA_CRYPTO 10217 run_test "EC restart: TLS, max_ops=1000, auth_mode=optional badsign (no USE_PSA)" \ 10218 "$P_SRV groups=secp256r1 auth_mode=required \ 10219 crt_file=$DATA_FILES_PATH/server5-badsign.crt \ 10220 key_file=$DATA_FILES_PATH/server5.key" \ 10221 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ 10222 key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \ 10223 debug_level=1 ec_max_ops=1000 auth_mode=optional" \ 10224 0 \ 10225 -c "x509_verify_cert.*4b00" \ 10226 -c "mbedtls_pk_verify.*4b00" \ 10227 -c "mbedtls_ecdh_make_public.*4b00" \ 10228 -c "mbedtls_pk_sign.*4b00" \ 10229 -c "! The certificate is not correctly signed by the trusted CA" \ 10230 -C "! mbedtls_ssl_handshake returned" \ 10231 -C "X509 - Certificate verification failed" 10232 10233 # With USE_PSA enabled we expect only partial restartable behaviour: 10234 # everything except ECDH (where TLS calls PSA directly). 10235 requires_config_enabled MBEDTLS_ECP_RESTARTABLE 10236 requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED 10237 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 10238 run_test "EC restart: TLS, max_ops=1000, auth_mode=optional badsign (USE_PSA)" \ 10239 "$P_SRV groups=secp256r1 auth_mode=required \ 10240 crt_file=$DATA_FILES_PATH/server5-badsign.crt \ 10241 key_file=$DATA_FILES_PATH/server5.key" \ 10242 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ 10243 key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \ 10244 debug_level=1 ec_max_ops=1000 auth_mode=optional" \ 10245 0 \ 10246 -c "x509_verify_cert.*4b00" \ 10247 -c "mbedtls_pk_verify.*4b00" \ 10248 -C "mbedtls_ecdh_make_public.*4b00" \ 10249 -c "mbedtls_pk_sign.*4b00" \ 10250 -c "! The certificate is not correctly signed by the trusted CA" \ 10251 -C "! mbedtls_ssl_handshake returned" \ 10252 -C "X509 - Certificate verification failed" 10253 10254 # With USE_PSA disabled we expect full restartable behaviour. 10255 requires_config_enabled MBEDTLS_ECP_RESTARTABLE 10256 requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED 10257 requires_config_disabled MBEDTLS_USE_PSA_CRYPTO 10258 run_test "EC restart: TLS, max_ops=1000, auth_mode=none badsign (no USE_PSA)" \ 10259 "$P_SRV groups=secp256r1 auth_mode=required \ 10260 crt_file=$DATA_FILES_PATH/server5-badsign.crt \ 10261 key_file=$DATA_FILES_PATH/server5.key" \ 10262 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ 10263 key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \ 10264 debug_level=1 ec_max_ops=1000 auth_mode=none" \ 10265 0 \ 10266 -C "x509_verify_cert.*4b00" \ 10267 -c "mbedtls_pk_verify.*4b00" \ 10268 -c "mbedtls_ecdh_make_public.*4b00" \ 10269 -c "mbedtls_pk_sign.*4b00" \ 10270 -C "! The certificate is not correctly signed by the trusted CA" \ 10271 -C "! mbedtls_ssl_handshake returned" \ 10272 -C "X509 - Certificate verification failed" 10273 10274 # With USE_PSA enabled we expect only partial restartable behaviour: 10275 # everything except ECDH (where TLS calls PSA directly). 10276 requires_config_enabled MBEDTLS_ECP_RESTARTABLE 10277 requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED 10278 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 10279 run_test "EC restart: TLS, max_ops=1000, auth_mode=none badsign (USE_PSA)" \ 10280 "$P_SRV groups=secp256r1 auth_mode=required \ 10281 crt_file=$DATA_FILES_PATH/server5-badsign.crt \ 10282 key_file=$DATA_FILES_PATH/server5.key" \ 10283 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ 10284 key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \ 10285 debug_level=1 ec_max_ops=1000 auth_mode=none" \ 10286 0 \ 10287 -C "x509_verify_cert.*4b00" \ 10288 -c "mbedtls_pk_verify.*4b00" \ 10289 -C "mbedtls_ecdh_make_public.*4b00" \ 10290 -c "mbedtls_pk_sign.*4b00" \ 10291 -C "! The certificate is not correctly signed by the trusted CA" \ 10292 -C "! mbedtls_ssl_handshake returned" \ 10293 -C "X509 - Certificate verification failed" 10294 10295 # With USE_PSA disabled we expect full restartable behaviour. 10296 requires_config_enabled MBEDTLS_ECP_RESTARTABLE 10297 requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED 10298 requires_config_disabled MBEDTLS_USE_PSA_CRYPTO 10299 run_test "EC restart: DTLS, max_ops=1000 (no USE_PSA)" \ 10300 "$P_SRV groups=secp256r1 auth_mode=required dtls=1" \ 10301 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ 10302 key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \ 10303 dtls=1 debug_level=1 ec_max_ops=1000" \ 10304 0 \ 10305 -c "x509_verify_cert.*4b00" \ 10306 -c "mbedtls_pk_verify.*4b00" \ 10307 -c "mbedtls_ecdh_make_public.*4b00" \ 10308 -c "mbedtls_pk_sign.*4b00" 10309 10310 # With USE_PSA enabled we expect only partial restartable behaviour: 10311 # everything except ECDH (where TLS calls PSA directly). 10312 requires_config_enabled MBEDTLS_ECP_RESTARTABLE 10313 requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED 10314 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 10315 run_test "EC restart: DTLS, max_ops=1000 (USE_PSA)" \ 10316 "$P_SRV groups=secp256r1 auth_mode=required dtls=1" \ 10317 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ 10318 key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \ 10319 dtls=1 debug_level=1 ec_max_ops=1000" \ 10320 0 \ 10321 -c "x509_verify_cert.*4b00" \ 10322 -c "mbedtls_pk_verify.*4b00" \ 10323 -C "mbedtls_ecdh_make_public.*4b00" \ 10324 -c "mbedtls_pk_sign.*4b00" 10325 10326 # With USE_PSA disabled we expect full restartable behaviour. 10327 requires_config_enabled MBEDTLS_ECP_RESTARTABLE 10328 requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED 10329 requires_config_disabled MBEDTLS_USE_PSA_CRYPTO 10330 run_test "EC restart: TLS, max_ops=1000 no client auth (no USE_PSA)" \ 10331 "$P_SRV groups=secp256r1" \ 10332 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ 10333 debug_level=1 ec_max_ops=1000" \ 10334 0 \ 10335 -c "x509_verify_cert.*4b00" \ 10336 -c "mbedtls_pk_verify.*4b00" \ 10337 -c "mbedtls_ecdh_make_public.*4b00" \ 10338 -C "mbedtls_pk_sign.*4b00" 10339 10340 10341 # With USE_PSA enabled we expect only partial restartable behaviour: 10342 # everything except ECDH (where TLS calls PSA directly). 10343 requires_config_enabled MBEDTLS_ECP_RESTARTABLE 10344 requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED 10345 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 10346 run_test "EC restart: TLS, max_ops=1000 no client auth (USE_PSA)" \ 10347 "$P_SRV groups=secp256r1" \ 10348 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ 10349 debug_level=1 ec_max_ops=1000" \ 10350 0 \ 10351 -c "x509_verify_cert.*4b00" \ 10352 -c "mbedtls_pk_verify.*4b00" \ 10353 -C "mbedtls_ecdh_make_public.*4b00" \ 10354 -C "mbedtls_pk_sign.*4b00" 10355 10356 # Restartable is only for ECDHE-ECDSA, with another ciphersuite we expect no 10357 # restartable behaviour at all (not even client auth). 10358 # This is the same as "EC restart: TLS, max_ops=1000" except with ECDHE-RSA, 10359 # and all 4 assertions negated. 10360 requires_config_enabled MBEDTLS_ECP_RESTARTABLE 10361 requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED 10362 run_test "EC restart: TLS, max_ops=1000, ECDHE-RSA" \ 10363 "$P_SRV groups=secp256r1 auth_mode=required" \ 10364 "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 \ 10365 key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \ 10366 debug_level=1 ec_max_ops=1000" \ 10367 0 \ 10368 -C "x509_verify_cert.*4b00" \ 10369 -C "mbedtls_pk_verify.*4b00" \ 10370 -C "mbedtls_ecdh_make_public.*4b00" \ 10371 -C "mbedtls_pk_sign.*4b00" 10372 10373 # Tests of asynchronous private key support in SSL 10374 10375 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE 10376 run_test "SSL async private: sign, delay=0" \ 10377 "$P_SRV force_version=tls12 \ 10378 async_operations=s async_private_delay1=0 async_private_delay2=0" \ 10379 "$P_CLI" \ 10380 0 \ 10381 -s "Async sign callback: using key slot " \ 10382 -s "Async resume (slot [0-9]): sign done, status=0" 10383 10384 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE 10385 run_test "SSL async private: sign, delay=1" \ 10386 "$P_SRV force_version=tls12 \ 10387 async_operations=s async_private_delay1=1 async_private_delay2=1" \ 10388 "$P_CLI" \ 10389 0 \ 10390 -s "Async sign callback: using key slot " \ 10391 -s "Async resume (slot [0-9]): call 0 more times." \ 10392 -s "Async resume (slot [0-9]): sign done, status=0" 10393 10394 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE 10395 run_test "SSL async private: sign, delay=2" \ 10396 "$P_SRV force_version=tls12 \ 10397 async_operations=s async_private_delay1=2 async_private_delay2=2" \ 10398 "$P_CLI" \ 10399 0 \ 10400 -s "Async sign callback: using key slot " \ 10401 -U "Async sign callback: using key slot " \ 10402 -s "Async resume (slot [0-9]): call 1 more times." \ 10403 -s "Async resume (slot [0-9]): call 0 more times." \ 10404 -s "Async resume (slot [0-9]): sign done, status=0" 10405 10406 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE 10407 requires_config_disabled MBEDTLS_X509_REMOVE_INFO 10408 run_test "SSL async private: sign, SNI" \ 10409 "$P_SRV force_version=tls12 debug_level=3 \ 10410 async_operations=s async_private_delay1=0 async_private_delay2=0 \ 10411 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \ 10412 sni=localhost,$DATA_FILES_PATH/server2.crt,$DATA_FILES_PATH/server2.key,-,-,-,polarssl.example,$DATA_FILES_PATH/server1-nospace.crt,$DATA_FILES_PATH/server1.key,-,-,-" \ 10413 "$P_CLI server_name=polarssl.example" \ 10414 0 \ 10415 -s "Async sign callback: using key slot " \ 10416 -s "Async resume (slot [0-9]): sign done, status=0" \ 10417 -s "parse ServerName extension" \ 10418 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \ 10419 -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example" 10420 10421 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE 10422 run_test "SSL async private: decrypt, delay=0" \ 10423 "$P_SRV \ 10424 async_operations=d async_private_delay1=0 async_private_delay2=0" \ 10425 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ 10426 0 \ 10427 -s "Async decrypt callback: using key slot " \ 10428 -s "Async resume (slot [0-9]): decrypt done, status=0" 10429 10430 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE 10431 run_test "SSL async private: decrypt, delay=1" \ 10432 "$P_SRV \ 10433 async_operations=d async_private_delay1=1 async_private_delay2=1" \ 10434 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ 10435 0 \ 10436 -s "Async decrypt callback: using key slot " \ 10437 -s "Async resume (slot [0-9]): call 0 more times." \ 10438 -s "Async resume (slot [0-9]): decrypt done, status=0" 10439 10440 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE 10441 run_test "SSL async private: decrypt RSA-PSK, delay=0" \ 10442 "$P_SRV psk=73776f726466697368 \ 10443 async_operations=d async_private_delay1=0 async_private_delay2=0" \ 10444 "$P_CLI psk=73776f726466697368 \ 10445 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256" \ 10446 0 \ 10447 -s "Async decrypt callback: using key slot " \ 10448 -s "Async resume (slot [0-9]): decrypt done, status=0" 10449 10450 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE 10451 run_test "SSL async private: decrypt RSA-PSK, delay=1" \ 10452 "$P_SRV psk=73776f726466697368 \ 10453 async_operations=d async_private_delay1=1 async_private_delay2=1" \ 10454 "$P_CLI psk=73776f726466697368 \ 10455 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256" \ 10456 0 \ 10457 -s "Async decrypt callback: using key slot " \ 10458 -s "Async resume (slot [0-9]): call 0 more times." \ 10459 -s "Async resume (slot [0-9]): decrypt done, status=0" 10460 10461 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE 10462 run_test "SSL async private: sign callback not present" \ 10463 "$P_SRV \ 10464 async_operations=d async_private_delay1=1 async_private_delay2=1" \ 10465 "$P_CLI force_version=tls12; [ \$? -eq 1 ] && 10466 $P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ 10467 0 \ 10468 -S "Async sign callback" \ 10469 -s "! mbedtls_ssl_handshake returned" \ 10470 -s "The own private key or pre-shared key is not set, but needed" \ 10471 -s "Async resume (slot [0-9]): decrypt done, status=0" \ 10472 -s "Successful connection" 10473 10474 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE 10475 run_test "SSL async private: decrypt callback not present" \ 10476 "$P_SRV debug_level=1 \ 10477 async_operations=s async_private_delay1=1 async_private_delay2=1" \ 10478 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA; 10479 [ \$? -eq 1 ] && $P_CLI force_version=tls12" \ 10480 0 \ 10481 -S "Async decrypt callback" \ 10482 -s "! mbedtls_ssl_handshake returned" \ 10483 -s "got no RSA private key" \ 10484 -s "Async resume (slot [0-9]): sign done, status=0" \ 10485 -s "Successful connection" 10486 10487 # key1: ECDSA, key2: RSA; use key1 from slot 0 10488 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE 10489 run_test "SSL async private: slot 0 used with key1" \ 10490 "$P_SRV \ 10491 async_operations=s async_private_delay1=1 \ 10492 key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \ 10493 key_file2=$DATA_FILES_PATH/server2.key crt_file2=$DATA_FILES_PATH/server2.crt" \ 10494 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ 10495 0 \ 10496 -s "Async sign callback: using key slot 0," \ 10497 -s "Async resume (slot 0): call 0 more times." \ 10498 -s "Async resume (slot 0): sign done, status=0" 10499 10500 # key1: ECDSA, key2: RSA; use key2 from slot 0 10501 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE 10502 run_test "SSL async private: slot 0 used with key2" \ 10503 "$P_SRV \ 10504 async_operations=s async_private_delay2=1 \ 10505 key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \ 10506 key_file2=$DATA_FILES_PATH/server2.key crt_file2=$DATA_FILES_PATH/server2.crt" \ 10507 "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \ 10508 0 \ 10509 -s "Async sign callback: using key slot 0," \ 10510 -s "Async resume (slot 0): call 0 more times." \ 10511 -s "Async resume (slot 0): sign done, status=0" 10512 10513 # key1: ECDSA, key2: RSA; use key2 from slot 1 10514 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE 10515 run_test "SSL async private: slot 1 used with key2" \ 10516 "$P_SRV \ 10517 async_operations=s async_private_delay1=1 async_private_delay2=1 \ 10518 key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \ 10519 key_file2=$DATA_FILES_PATH/server2.key crt_file2=$DATA_FILES_PATH/server2.crt" \ 10520 "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \ 10521 0 \ 10522 -s "Async sign callback: using key slot 1," \ 10523 -s "Async resume (slot 1): call 0 more times." \ 10524 -s "Async resume (slot 1): sign done, status=0" 10525 10526 # key1: ECDSA, key2: RSA; use key2 directly 10527 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE 10528 run_test "SSL async private: fall back to transparent key" \ 10529 "$P_SRV \ 10530 async_operations=s async_private_delay1=1 \ 10531 key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \ 10532 key_file2=$DATA_FILES_PATH/server2.key crt_file2=$DATA_FILES_PATH/server2.crt " \ 10533 "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \ 10534 0 \ 10535 -s "Async sign callback: no key matches this certificate." 10536 10537 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE 10538 run_test "SSL async private: sign, error in start" \ 10539 "$P_SRV force_version=tls12 \ 10540 async_operations=s async_private_delay1=1 async_private_delay2=1 \ 10541 async_private_error=1" \ 10542 "$P_CLI" \ 10543 1 \ 10544 -s "Async sign callback: injected error" \ 10545 -S "Async resume" \ 10546 -S "Async cancel" \ 10547 -s "! mbedtls_ssl_handshake returned" 10548 10549 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE 10550 run_test "SSL async private: sign, cancel after start" \ 10551 "$P_SRV force_version=tls12 \ 10552 async_operations=s async_private_delay1=1 async_private_delay2=1 \ 10553 async_private_error=2" \ 10554 "$P_CLI" \ 10555 1 \ 10556 -s "Async sign callback: using key slot " \ 10557 -S "Async resume" \ 10558 -s "Async cancel" 10559 10560 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE 10561 run_test "SSL async private: sign, error in resume" \ 10562 "$P_SRV force_version=tls12 \ 10563 async_operations=s async_private_delay1=1 async_private_delay2=1 \ 10564 async_private_error=3" \ 10565 "$P_CLI" \ 10566 1 \ 10567 -s "Async sign callback: using key slot " \ 10568 -s "Async resume callback: sign done but injected error" \ 10569 -S "Async cancel" \ 10570 -s "! mbedtls_ssl_handshake returned" 10571 10572 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE 10573 run_test "SSL async private: decrypt, error in start" \ 10574 "$P_SRV \ 10575 async_operations=d async_private_delay1=1 async_private_delay2=1 \ 10576 async_private_error=1" \ 10577 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ 10578 1 \ 10579 -s "Async decrypt callback: injected error" \ 10580 -S "Async resume" \ 10581 -S "Async cancel" \ 10582 -s "! mbedtls_ssl_handshake returned" 10583 10584 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE 10585 run_test "SSL async private: decrypt, cancel after start" \ 10586 "$P_SRV \ 10587 async_operations=d async_private_delay1=1 async_private_delay2=1 \ 10588 async_private_error=2" \ 10589 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ 10590 1 \ 10591 -s "Async decrypt callback: using key slot " \ 10592 -S "Async resume" \ 10593 -s "Async cancel" 10594 10595 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE 10596 run_test "SSL async private: decrypt, error in resume" \ 10597 "$P_SRV \ 10598 async_operations=d async_private_delay1=1 async_private_delay2=1 \ 10599 async_private_error=3" \ 10600 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ 10601 1 \ 10602 -s "Async decrypt callback: using key slot " \ 10603 -s "Async resume callback: decrypt done but injected error" \ 10604 -S "Async cancel" \ 10605 -s "! mbedtls_ssl_handshake returned" 10606 10607 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE 10608 run_test "SSL async private: cancel after start then operate correctly" \ 10609 "$P_SRV force_version=tls12 \ 10610 async_operations=s async_private_delay1=1 async_private_delay2=1 \ 10611 async_private_error=-2" \ 10612 "$P_CLI; [ \$? -eq 1 ] && $P_CLI" \ 10613 0 \ 10614 -s "Async cancel" \ 10615 -s "! mbedtls_ssl_handshake returned" \ 10616 -s "Async resume" \ 10617 -s "Successful connection" 10618 10619 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE 10620 run_test "SSL async private: error in resume then operate correctly" \ 10621 "$P_SRV force_version=tls12 \ 10622 async_operations=s async_private_delay1=1 async_private_delay2=1 \ 10623 async_private_error=-3" \ 10624 "$P_CLI; [ \$? -eq 1 ] && $P_CLI" \ 10625 0 \ 10626 -s "! mbedtls_ssl_handshake returned" \ 10627 -s "Async resume" \ 10628 -s "Successful connection" 10629 10630 # key1: ECDSA, key2: RSA; use key1 through async, then key2 directly 10631 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE 10632 # Note: the function "detect_required_features()" is not able to detect more than 10633 # one "force_ciphersuite" per client/server and it only picks the 2nd one. 10634 # Therefore the 1st one is added explicitly here 10635 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED 10636 run_test "SSL async private: cancel after start then fall back to transparent key" \ 10637 "$P_SRV \ 10638 async_operations=s async_private_delay1=1 async_private_error=-2 \ 10639 key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \ 10640 key_file2=$DATA_FILES_PATH/server2.key crt_file2=$DATA_FILES_PATH/server2.crt" \ 10641 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256; 10642 [ \$? -eq 1 ] && 10643 $P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \ 10644 0 \ 10645 -s "Async sign callback: using key slot 0" \ 10646 -S "Async resume" \ 10647 -s "Async cancel" \ 10648 -s "! mbedtls_ssl_handshake returned" \ 10649 -s "Async sign callback: no key matches this certificate." \ 10650 -s "Successful connection" 10651 10652 # key1: ECDSA, key2: RSA; use key1 through async, then key2 directly 10653 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE 10654 # Note: the function "detect_required_features()" is not able to detect more than 10655 # one "force_ciphersuite" per client/server and it only picks the 2nd one. 10656 # Therefore the 1st one is added explicitly here 10657 requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED 10658 run_test "SSL async private: sign, error in resume then fall back to transparent key" \ 10659 "$P_SRV \ 10660 async_operations=s async_private_delay1=1 async_private_error=-3 \ 10661 key_file=$DATA_FILES_PATH/server5.key crt_file=$DATA_FILES_PATH/server5.crt \ 10662 key_file2=$DATA_FILES_PATH/server2.key crt_file2=$DATA_FILES_PATH/server2.crt" \ 10663 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256; 10664 [ \$? -eq 1 ] && 10665 $P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \ 10666 0 \ 10667 -s "Async resume" \ 10668 -s "! mbedtls_ssl_handshake returned" \ 10669 -s "Async sign callback: no key matches this certificate." \ 10670 -s "Successful connection" 10671 10672 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE 10673 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 10674 run_test "SSL async private: renegotiation: client-initiated, sign" \ 10675 "$P_SRV force_version=tls12 \ 10676 async_operations=s async_private_delay1=1 async_private_delay2=1 \ 10677 exchanges=2 renegotiation=1" \ 10678 "$P_CLI exchanges=2 renegotiation=1 renegotiate=1" \ 10679 0 \ 10680 -s "Async sign callback: using key slot " \ 10681 -s "Async resume (slot [0-9]): sign done, status=0" 10682 10683 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE 10684 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 10685 run_test "SSL async private: renegotiation: server-initiated, sign" \ 10686 "$P_SRV force_version=tls12 \ 10687 async_operations=s async_private_delay1=1 async_private_delay2=1 \ 10688 exchanges=2 renegotiation=1 renegotiate=1" \ 10689 "$P_CLI exchanges=2 renegotiation=1" \ 10690 0 \ 10691 -s "Async sign callback: using key slot " \ 10692 -s "Async resume (slot [0-9]): sign done, status=0" 10693 10694 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE 10695 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 10696 run_test "SSL async private: renegotiation: client-initiated, decrypt" \ 10697 "$P_SRV \ 10698 async_operations=d async_private_delay1=1 async_private_delay2=1 \ 10699 exchanges=2 renegotiation=1" \ 10700 "$P_CLI exchanges=2 renegotiation=1 renegotiate=1 \ 10701 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ 10702 0 \ 10703 -s "Async decrypt callback: using key slot " \ 10704 -s "Async resume (slot [0-9]): decrypt done, status=0" 10705 10706 requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE 10707 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 10708 run_test "SSL async private: renegotiation: server-initiated, decrypt" \ 10709 "$P_SRV \ 10710 async_operations=d async_private_delay1=1 async_private_delay2=1 \ 10711 exchanges=2 renegotiation=1 renegotiate=1" \ 10712 "$P_CLI exchanges=2 renegotiation=1 \ 10713 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ 10714 0 \ 10715 -s "Async decrypt callback: using key slot " \ 10716 -s "Async resume (slot [0-9]): decrypt done, status=0" 10717 10718 # Tests for ECC extensions (rfc 4492) 10719 10720 requires_hash_alg SHA_256 10721 requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED 10722 run_test "Force a non ECC ciphersuite in the client side" \ 10723 "$P_SRV debug_level=3" \ 10724 "$P_CLI debug_level=3 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \ 10725 0 \ 10726 -C "client hello, adding supported_groups extension" \ 10727 -C "client hello, adding supported_point_formats extension" \ 10728 -S "found supported elliptic curves extension" \ 10729 -S "found supported point formats extension" 10730 10731 requires_hash_alg SHA_256 10732 requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED 10733 run_test "Force a non ECC ciphersuite in the server side" \ 10734 "$P_SRV debug_level=3 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \ 10735 "$P_CLI debug_level=3" \ 10736 0 \ 10737 -C "found supported_point_formats extension" \ 10738 -S "server hello, supported_point_formats extension" 10739 10740 requires_hash_alg SHA_256 10741 run_test "Force an ECC ciphersuite in the client side" \ 10742 "$P_SRV debug_level=3" \ 10743 "$P_CLI debug_level=3 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ 10744 0 \ 10745 -c "client hello, adding supported_groups extension" \ 10746 -c "client hello, adding supported_point_formats extension" \ 10747 -s "found supported elliptic curves extension" \ 10748 -s "found supported point formats extension" 10749 10750 requires_hash_alg SHA_256 10751 run_test "Force an ECC ciphersuite in the server side" \ 10752 "$P_SRV debug_level=3 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \ 10753 "$P_CLI debug_level=3" \ 10754 0 \ 10755 -c "found supported_point_formats extension" \ 10756 -s "server hello, supported_point_formats extension" 10757 10758 # Tests for DTLS HelloVerifyRequest 10759 10760 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 10761 run_test "DTLS cookie: enabled" \ 10762 "$P_SRV dtls=1 debug_level=2" \ 10763 "$P_CLI dtls=1 debug_level=2" \ 10764 0 \ 10765 -s "cookie verification failed" \ 10766 -s "cookie verification passed" \ 10767 -S "cookie verification skipped" \ 10768 -c "received hello verify request" \ 10769 -s "hello verification requested" \ 10770 -S "SSL - The requested feature is not available" 10771 10772 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 10773 run_test "DTLS cookie: disabled" \ 10774 "$P_SRV dtls=1 debug_level=2 cookies=0" \ 10775 "$P_CLI dtls=1 debug_level=2" \ 10776 0 \ 10777 -S "cookie verification failed" \ 10778 -S "cookie verification passed" \ 10779 -s "cookie verification skipped" \ 10780 -C "received hello verify request" \ 10781 -S "hello verification requested" \ 10782 -S "SSL - The requested feature is not available" 10783 10784 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 10785 run_test "DTLS cookie: default (failing)" \ 10786 "$P_SRV dtls=1 debug_level=2 cookies=-1" \ 10787 "$P_CLI dtls=1 debug_level=2 hs_timeout=100-400" \ 10788 1 \ 10789 -s "cookie verification failed" \ 10790 -S "cookie verification passed" \ 10791 -S "cookie verification skipped" \ 10792 -C "received hello verify request" \ 10793 -S "hello verification requested" \ 10794 -s "SSL - The requested feature is not available" 10795 10796 requires_ipv6 10797 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 10798 run_test "DTLS cookie: enabled, IPv6" \ 10799 "$P_SRV dtls=1 debug_level=2 server_addr=::1" \ 10800 "$P_CLI dtls=1 debug_level=2 server_addr=::1" \ 10801 0 \ 10802 -s "cookie verification failed" \ 10803 -s "cookie verification passed" \ 10804 -S "cookie verification skipped" \ 10805 -c "received hello verify request" \ 10806 -s "hello verification requested" \ 10807 -S "SSL - The requested feature is not available" 10808 10809 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 10810 run_test "DTLS cookie: enabled, nbio" \ 10811 "$P_SRV dtls=1 nbio=2 debug_level=2" \ 10812 "$P_CLI dtls=1 nbio=2 debug_level=2" \ 10813 0 \ 10814 -s "cookie verification failed" \ 10815 -s "cookie verification passed" \ 10816 -S "cookie verification skipped" \ 10817 -c "received hello verify request" \ 10818 -s "hello verification requested" \ 10819 -S "SSL - The requested feature is not available" 10820 10821 # Tests for client reconnecting from the same port with DTLS 10822 10823 not_with_valgrind # spurious resend 10824 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 10825 run_test "DTLS client reconnect from same port: reference" \ 10826 "$P_SRV dtls=1 exchanges=2 read_timeout=20000 hs_timeout=10000-20000" \ 10827 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=10000-20000" \ 10828 0 \ 10829 -C "resend" \ 10830 -S "The operation timed out" \ 10831 -S "Client initiated reconnection from same port" 10832 10833 not_with_valgrind # spurious resend 10834 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 10835 run_test "DTLS client reconnect from same port: reconnect" \ 10836 "$P_SRV dtls=1 exchanges=2 read_timeout=20000 hs_timeout=10000-20000" \ 10837 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=10000-20000 reconnect_hard=1" \ 10838 0 \ 10839 -C "resend" \ 10840 -S "The operation timed out" \ 10841 -s "Client initiated reconnection from same port" 10842 10843 not_with_valgrind # server/client too slow to respond in time (next test has higher timeouts) 10844 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 10845 run_test "DTLS client reconnect from same port: reconnect, nbio, no valgrind" \ 10846 "$P_SRV dtls=1 exchanges=2 read_timeout=1000 nbio=2" \ 10847 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-1000 reconnect_hard=1" \ 10848 0 \ 10849 -S "The operation timed out" \ 10850 -s "Client initiated reconnection from same port" 10851 10852 only_with_valgrind # Only with valgrind, do previous test but with higher read_timeout and hs_timeout 10853 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 10854 run_test "DTLS client reconnect from same port: reconnect, nbio, valgrind" \ 10855 "$P_SRV dtls=1 exchanges=2 read_timeout=2000 nbio=2 hs_timeout=1500-6000" \ 10856 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=1500-3000 reconnect_hard=1" \ 10857 0 \ 10858 -S "The operation timed out" \ 10859 -s "Client initiated reconnection from same port" 10860 10861 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 10862 run_test "DTLS client reconnect from same port: no cookies" \ 10863 "$P_SRV dtls=1 exchanges=2 read_timeout=1000 cookies=0" \ 10864 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-8000 reconnect_hard=1" \ 10865 0 \ 10866 -s "The operation timed out" \ 10867 -S "Client initiated reconnection from same port" 10868 10869 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 10870 run_test "DTLS client reconnect from same port: attacker-injected" \ 10871 -p "$P_PXY inject_clihlo=1" \ 10872 "$P_SRV dtls=1 exchanges=2 debug_level=1" \ 10873 "$P_CLI dtls=1 exchanges=2" \ 10874 0 \ 10875 -s "possible client reconnect from the same port" \ 10876 -S "Client initiated reconnection from same port" 10877 10878 # Tests for various cases of client authentication with DTLS 10879 # (focused on handshake flows and message parsing) 10880 10881 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 10882 run_test "DTLS client auth: required" \ 10883 "$P_SRV dtls=1 auth_mode=required" \ 10884 "$P_CLI dtls=1" \ 10885 0 \ 10886 -s "Verifying peer X.509 certificate... ok" 10887 10888 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 10889 run_test "DTLS client auth: optional, client has no cert" \ 10890 "$P_SRV dtls=1 auth_mode=optional" \ 10891 "$P_CLI dtls=1 crt_file=none key_file=none" \ 10892 0 \ 10893 -s "! Certificate was missing" 10894 10895 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 10896 run_test "DTLS client auth: none, client has no cert" \ 10897 "$P_SRV dtls=1 auth_mode=none" \ 10898 "$P_CLI dtls=1 crt_file=none key_file=none debug_level=2" \ 10899 0 \ 10900 -c "skip write certificate$" \ 10901 -s "! Certificate verification was skipped" 10902 10903 run_test "DTLS wrong PSK: badmac alert" \ 10904 "$P_SRV dtls=1 psk=73776f726466697368 force_ciphersuite=TLS-PSK-WITH-AES-128-GCM-SHA256" \ 10905 "$P_CLI dtls=1 psk=73776f726466697374" \ 10906 1 \ 10907 -s "SSL - Verification of the message MAC failed" \ 10908 -c "SSL - A fatal alert message was received from our peer" 10909 10910 # Tests for receiving fragmented handshake messages with DTLS 10911 10912 requires_gnutls 10913 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 10914 run_test "DTLS reassembly: no fragmentation (gnutls server)" \ 10915 "$G_SRV -u --mtu 2048 -a" \ 10916 "$P_CLI dtls=1 debug_level=2" \ 10917 0 \ 10918 -C "found fragmented DTLS handshake message" \ 10919 -C "error" 10920 10921 requires_gnutls 10922 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 10923 run_test "DTLS reassembly: some fragmentation (gnutls server)" \ 10924 "$G_SRV -u --mtu 512" \ 10925 "$P_CLI dtls=1 debug_level=2" \ 10926 0 \ 10927 -c "found fragmented DTLS handshake message" \ 10928 -C "error" 10929 10930 requires_gnutls 10931 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 10932 run_test "DTLS reassembly: more fragmentation (gnutls server)" \ 10933 "$G_SRV -u --mtu 128" \ 10934 "$P_CLI dtls=1 debug_level=2" \ 10935 0 \ 10936 -c "found fragmented DTLS handshake message" \ 10937 -C "error" 10938 10939 requires_gnutls 10940 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 10941 run_test "DTLS reassembly: more fragmentation, nbio (gnutls server)" \ 10942 "$G_SRV -u --mtu 128" \ 10943 "$P_CLI dtls=1 nbio=2 debug_level=2" \ 10944 0 \ 10945 -c "found fragmented DTLS handshake message" \ 10946 -C "error" 10947 10948 requires_gnutls 10949 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 10950 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 10951 run_test "DTLS reassembly: fragmentation, renego (gnutls server)" \ 10952 "$G_SRV -u --mtu 256" \ 10953 "$P_CLI debug_level=3 dtls=1 renegotiation=1 renegotiate=1" \ 10954 0 \ 10955 -c "found fragmented DTLS handshake message" \ 10956 -c "client hello, adding renegotiation extension" \ 10957 -c "found renegotiation extension" \ 10958 -c "=> renegotiate" \ 10959 -C "mbedtls_ssl_handshake returned" \ 10960 -C "error" \ 10961 -s "Extra-header:" 10962 10963 requires_gnutls 10964 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 10965 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 10966 run_test "DTLS reassembly: fragmentation, nbio, renego (gnutls server)" \ 10967 "$G_SRV -u --mtu 256" \ 10968 "$P_CLI debug_level=3 nbio=2 dtls=1 renegotiation=1 renegotiate=1" \ 10969 0 \ 10970 -c "found fragmented DTLS handshake message" \ 10971 -c "client hello, adding renegotiation extension" \ 10972 -c "found renegotiation extension" \ 10973 -c "=> renegotiate" \ 10974 -C "mbedtls_ssl_handshake returned" \ 10975 -C "error" \ 10976 -s "Extra-header:" 10977 10978 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 10979 run_test "DTLS reassembly: no fragmentation (openssl server)" \ 10980 "$O_SRV -dtls -mtu 2048" \ 10981 "$P_CLI dtls=1 debug_level=2" \ 10982 0 \ 10983 -C "found fragmented DTLS handshake message" \ 10984 -C "error" 10985 10986 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 10987 run_test "DTLS reassembly: some fragmentation (openssl server)" \ 10988 "$O_SRV -dtls -mtu 256" \ 10989 "$P_CLI dtls=1 debug_level=2" \ 10990 0 \ 10991 -c "found fragmented DTLS handshake message" \ 10992 -C "error" 10993 10994 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 10995 run_test "DTLS reassembly: more fragmentation (openssl server)" \ 10996 "$O_SRV -dtls -mtu 256" \ 10997 "$P_CLI dtls=1 debug_level=2" \ 10998 0 \ 10999 -c "found fragmented DTLS handshake message" \ 11000 -C "error" 11001 11002 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 11003 run_test "DTLS reassembly: fragmentation, nbio (openssl server)" \ 11004 "$O_SRV -dtls -mtu 256" \ 11005 "$P_CLI dtls=1 nbio=2 debug_level=2" \ 11006 0 \ 11007 -c "found fragmented DTLS handshake message" \ 11008 -C "error" 11009 11010 # Tests for sending fragmented handshake messages with DTLS 11011 # 11012 # Use client auth when we need the client to send large messages, 11013 # and use large cert chains on both sides too (the long chains we have all use 11014 # both RSA and ECDSA, but ideally we should have long chains with either). 11015 # Sizes reached (UDP payload): 11016 # - 2037B for server certificate 11017 # - 1542B for client certificate 11018 # - 1013B for newsessionticket 11019 # - all others below 512B 11020 # All those tests assume MAX_CONTENT_LEN is at least 2048 11021 11022 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11023 requires_config_enabled MBEDTLS_RSA_C 11024 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 11025 requires_max_content_len 4096 11026 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 11027 run_test "DTLS fragmenting: none (for reference)" \ 11028 "$P_SRV dtls=1 debug_level=2 auth_mode=required \ 11029 crt_file=$DATA_FILES_PATH/server7_int-ca.crt \ 11030 key_file=$DATA_FILES_PATH/server7.key \ 11031 hs_timeout=2500-60000 \ 11032 max_frag_len=4096" \ 11033 "$P_CLI dtls=1 debug_level=2 \ 11034 crt_file=$DATA_FILES_PATH/server8_int-ca2.crt \ 11035 key_file=$DATA_FILES_PATH/server8.key \ 11036 hs_timeout=2500-60000 \ 11037 max_frag_len=4096" \ 11038 0 \ 11039 -S "found fragmented DTLS handshake message" \ 11040 -C "found fragmented DTLS handshake message" \ 11041 -C "error" 11042 11043 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11044 requires_config_enabled MBEDTLS_RSA_C 11045 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 11046 requires_max_content_len 2048 11047 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 11048 run_test "DTLS fragmenting: server only (max_frag_len)" \ 11049 "$P_SRV dtls=1 debug_level=2 auth_mode=required \ 11050 crt_file=$DATA_FILES_PATH/server7_int-ca.crt \ 11051 key_file=$DATA_FILES_PATH/server7.key \ 11052 hs_timeout=2500-60000 \ 11053 max_frag_len=1024" \ 11054 "$P_CLI dtls=1 debug_level=2 \ 11055 crt_file=$DATA_FILES_PATH/server8_int-ca2.crt \ 11056 key_file=$DATA_FILES_PATH/server8.key \ 11057 hs_timeout=2500-60000 \ 11058 max_frag_len=2048" \ 11059 0 \ 11060 -S "found fragmented DTLS handshake message" \ 11061 -c "found fragmented DTLS handshake message" \ 11062 -C "error" 11063 11064 # With the MFL extension, the server has no way of forcing 11065 # the client to not exceed a certain MTU; hence, the following 11066 # test can't be replicated with an MTU proxy such as the one 11067 # `client-initiated, server only (max_frag_len)` below. 11068 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11069 requires_config_enabled MBEDTLS_RSA_C 11070 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 11071 requires_max_content_len 4096 11072 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 11073 run_test "DTLS fragmenting: server only (more) (max_frag_len)" \ 11074 "$P_SRV dtls=1 debug_level=2 auth_mode=required \ 11075 crt_file=$DATA_FILES_PATH/server7_int-ca.crt \ 11076 key_file=$DATA_FILES_PATH/server7.key \ 11077 hs_timeout=2500-60000 \ 11078 max_frag_len=512" \ 11079 "$P_CLI dtls=1 debug_level=2 \ 11080 crt_file=$DATA_FILES_PATH/server8_int-ca2.crt \ 11081 key_file=$DATA_FILES_PATH/server8.key \ 11082 hs_timeout=2500-60000 \ 11083 max_frag_len=4096" \ 11084 0 \ 11085 -S "found fragmented DTLS handshake message" \ 11086 -c "found fragmented DTLS handshake message" \ 11087 -C "error" 11088 11089 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11090 requires_config_enabled MBEDTLS_RSA_C 11091 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 11092 requires_max_content_len 2048 11093 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 11094 run_test "DTLS fragmenting: client-initiated, server only (max_frag_len)" \ 11095 "$P_SRV dtls=1 debug_level=2 auth_mode=none \ 11096 crt_file=$DATA_FILES_PATH/server7_int-ca.crt \ 11097 key_file=$DATA_FILES_PATH/server7.key \ 11098 hs_timeout=2500-60000 \ 11099 max_frag_len=2048" \ 11100 "$P_CLI dtls=1 debug_level=2 \ 11101 crt_file=$DATA_FILES_PATH/server8_int-ca2.crt \ 11102 key_file=$DATA_FILES_PATH/server8.key \ 11103 hs_timeout=2500-60000 \ 11104 max_frag_len=1024" \ 11105 0 \ 11106 -S "found fragmented DTLS handshake message" \ 11107 -c "found fragmented DTLS handshake message" \ 11108 -C "error" 11109 11110 # While not required by the standard defining the MFL extension 11111 # (according to which it only applies to records, not to datagrams), 11112 # Mbed TLS will never send datagrams larger than MFL + { Max record expansion }, 11113 # as otherwise there wouldn't be any means to communicate MTU restrictions 11114 # to the peer. 11115 # The next test checks that no datagrams significantly larger than the 11116 # negotiated MFL are sent. 11117 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11118 requires_config_enabled MBEDTLS_RSA_C 11119 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 11120 requires_max_content_len 2048 11121 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 11122 run_test "DTLS fragmenting: client-initiated, server only (max_frag_len), proxy MTU" \ 11123 -p "$P_PXY mtu=1110" \ 11124 "$P_SRV dtls=1 debug_level=2 auth_mode=none \ 11125 crt_file=$DATA_FILES_PATH/server7_int-ca.crt \ 11126 key_file=$DATA_FILES_PATH/server7.key \ 11127 hs_timeout=2500-60000 \ 11128 max_frag_len=2048" \ 11129 "$P_CLI dtls=1 debug_level=2 \ 11130 crt_file=$DATA_FILES_PATH/server8_int-ca2.crt \ 11131 key_file=$DATA_FILES_PATH/server8.key \ 11132 hs_timeout=2500-60000 \ 11133 max_frag_len=1024" \ 11134 0 \ 11135 -S "found fragmented DTLS handshake message" \ 11136 -c "found fragmented DTLS handshake message" \ 11137 -C "error" 11138 11139 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11140 requires_config_enabled MBEDTLS_RSA_C 11141 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 11142 requires_max_content_len 2048 11143 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 11144 run_test "DTLS fragmenting: client-initiated, both (max_frag_len)" \ 11145 "$P_SRV dtls=1 debug_level=2 auth_mode=required \ 11146 crt_file=$DATA_FILES_PATH/server7_int-ca.crt \ 11147 key_file=$DATA_FILES_PATH/server7.key \ 11148 hs_timeout=2500-60000 \ 11149 max_frag_len=2048" \ 11150 "$P_CLI dtls=1 debug_level=2 \ 11151 crt_file=$DATA_FILES_PATH/server8_int-ca2.crt \ 11152 key_file=$DATA_FILES_PATH/server8.key \ 11153 hs_timeout=2500-60000 \ 11154 max_frag_len=1024" \ 11155 0 \ 11156 -s "found fragmented DTLS handshake message" \ 11157 -c "found fragmented DTLS handshake message" \ 11158 -C "error" 11159 11160 # While not required by the standard defining the MFL extension 11161 # (according to which it only applies to records, not to datagrams), 11162 # Mbed TLS will never send datagrams larger than MFL + { Max record expansion }, 11163 # as otherwise there wouldn't be any means to communicate MTU restrictions 11164 # to the peer. 11165 # The next test checks that no datagrams significantly larger than the 11166 # negotiated MFL are sent. 11167 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11168 requires_config_enabled MBEDTLS_RSA_C 11169 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 11170 requires_max_content_len 2048 11171 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 11172 run_test "DTLS fragmenting: client-initiated, both (max_frag_len), proxy MTU" \ 11173 -p "$P_PXY mtu=1110" \ 11174 "$P_SRV dtls=1 debug_level=2 auth_mode=required \ 11175 crt_file=$DATA_FILES_PATH/server7_int-ca.crt \ 11176 key_file=$DATA_FILES_PATH/server7.key \ 11177 hs_timeout=2500-60000 \ 11178 max_frag_len=2048" \ 11179 "$P_CLI dtls=1 debug_level=2 \ 11180 crt_file=$DATA_FILES_PATH/server8_int-ca2.crt \ 11181 key_file=$DATA_FILES_PATH/server8.key \ 11182 hs_timeout=2500-60000 \ 11183 max_frag_len=1024" \ 11184 0 \ 11185 -s "found fragmented DTLS handshake message" \ 11186 -c "found fragmented DTLS handshake message" \ 11187 -C "error" 11188 11189 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11190 requires_config_enabled MBEDTLS_RSA_C 11191 requires_max_content_len 4096 11192 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 11193 run_test "DTLS fragmenting: none (for reference) (MTU)" \ 11194 "$P_SRV dtls=1 debug_level=2 auth_mode=required \ 11195 crt_file=$DATA_FILES_PATH/server7_int-ca.crt \ 11196 key_file=$DATA_FILES_PATH/server7.key \ 11197 hs_timeout=2500-60000 \ 11198 mtu=4096" \ 11199 "$P_CLI dtls=1 debug_level=2 \ 11200 crt_file=$DATA_FILES_PATH/server8_int-ca2.crt \ 11201 key_file=$DATA_FILES_PATH/server8.key \ 11202 hs_timeout=2500-60000 \ 11203 mtu=4096" \ 11204 0 \ 11205 -S "found fragmented DTLS handshake message" \ 11206 -C "found fragmented DTLS handshake message" \ 11207 -C "error" 11208 11209 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11210 requires_config_enabled MBEDTLS_RSA_C 11211 requires_max_content_len 4096 11212 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 11213 run_test "DTLS fragmenting: client (MTU)" \ 11214 "$P_SRV dtls=1 debug_level=2 auth_mode=required \ 11215 crt_file=$DATA_FILES_PATH/server7_int-ca.crt \ 11216 key_file=$DATA_FILES_PATH/server7.key \ 11217 hs_timeout=3500-60000 \ 11218 mtu=4096" \ 11219 "$P_CLI dtls=1 debug_level=2 \ 11220 crt_file=$DATA_FILES_PATH/server8_int-ca2.crt \ 11221 key_file=$DATA_FILES_PATH/server8.key \ 11222 hs_timeout=3500-60000 \ 11223 mtu=1024" \ 11224 0 \ 11225 -s "found fragmented DTLS handshake message" \ 11226 -C "found fragmented DTLS handshake message" \ 11227 -C "error" 11228 11229 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11230 requires_config_enabled MBEDTLS_RSA_C 11231 requires_max_content_len 2048 11232 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 11233 run_test "DTLS fragmenting: server (MTU)" \ 11234 "$P_SRV dtls=1 debug_level=2 auth_mode=required \ 11235 crt_file=$DATA_FILES_PATH/server7_int-ca.crt \ 11236 key_file=$DATA_FILES_PATH/server7.key \ 11237 hs_timeout=2500-60000 \ 11238 mtu=512" \ 11239 "$P_CLI dtls=1 debug_level=2 \ 11240 crt_file=$DATA_FILES_PATH/server8_int-ca2.crt \ 11241 key_file=$DATA_FILES_PATH/server8.key \ 11242 hs_timeout=2500-60000 \ 11243 mtu=2048" \ 11244 0 \ 11245 -S "found fragmented DTLS handshake message" \ 11246 -c "found fragmented DTLS handshake message" \ 11247 -C "error" 11248 11249 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11250 requires_config_enabled MBEDTLS_RSA_C 11251 requires_max_content_len 2048 11252 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 11253 run_test "DTLS fragmenting: both (MTU=1024)" \ 11254 -p "$P_PXY mtu=1024" \ 11255 "$P_SRV dtls=1 debug_level=2 auth_mode=required \ 11256 crt_file=$DATA_FILES_PATH/server7_int-ca.crt \ 11257 key_file=$DATA_FILES_PATH/server7.key \ 11258 hs_timeout=2500-60000 \ 11259 mtu=1024" \ 11260 "$P_CLI dtls=1 debug_level=2 \ 11261 crt_file=$DATA_FILES_PATH/server8_int-ca2.crt \ 11262 key_file=$DATA_FILES_PATH/server8.key \ 11263 hs_timeout=2500-60000 \ 11264 mtu=1024" \ 11265 0 \ 11266 -s "found fragmented DTLS handshake message" \ 11267 -c "found fragmented DTLS handshake message" \ 11268 -C "error" 11269 11270 # Forcing ciphersuite for this test to fit the MTU of 512 with full config. 11271 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11272 requires_config_enabled MBEDTLS_RSA_C 11273 requires_hash_alg SHA_256 11274 requires_max_content_len 2048 11275 run_test "DTLS fragmenting: both (MTU=512)" \ 11276 -p "$P_PXY mtu=512" \ 11277 "$P_SRV dtls=1 debug_level=2 auth_mode=required \ 11278 crt_file=$DATA_FILES_PATH/server7_int-ca.crt \ 11279 key_file=$DATA_FILES_PATH/server7.key \ 11280 hs_timeout=2500-60000 \ 11281 mtu=512" \ 11282 "$P_CLI dtls=1 debug_level=2 \ 11283 crt_file=$DATA_FILES_PATH/server8_int-ca2.crt \ 11284 key_file=$DATA_FILES_PATH/server8.key \ 11285 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ 11286 hs_timeout=2500-60000 \ 11287 mtu=512" \ 11288 0 \ 11289 -s "found fragmented DTLS handshake message" \ 11290 -c "found fragmented DTLS handshake message" \ 11291 -C "error" 11292 11293 # Test for automatic MTU reduction on repeated resend. 11294 # Forcing ciphersuite for this test to fit the MTU of 508 with full config. 11295 # The ratio of max/min timeout should ideally equal 4 to accept two 11296 # retransmissions, but in some cases (like both the server and client using 11297 # fragmentation and auto-reduction) an extra retransmission might occur, 11298 # hence the ratio of 8. 11299 not_with_valgrind 11300 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11301 requires_config_enabled MBEDTLS_RSA_C 11302 requires_max_content_len 2048 11303 run_test "DTLS fragmenting: proxy MTU: auto-reduction (not valgrind)" \ 11304 -p "$P_PXY mtu=508" \ 11305 "$P_SRV dtls=1 debug_level=2 auth_mode=required \ 11306 crt_file=$DATA_FILES_PATH/server7_int-ca.crt \ 11307 key_file=$DATA_FILES_PATH/server7.key \ 11308 hs_timeout=400-3200" \ 11309 "$P_CLI dtls=1 debug_level=2 \ 11310 crt_file=$DATA_FILES_PATH/server8_int-ca2.crt \ 11311 key_file=$DATA_FILES_PATH/server8.key \ 11312 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ 11313 hs_timeout=400-3200" \ 11314 0 \ 11315 -s "found fragmented DTLS handshake message" \ 11316 -c "found fragmented DTLS handshake message" \ 11317 -C "error" 11318 11319 # Forcing ciphersuite for this test to fit the MTU of 508 with full config. 11320 only_with_valgrind 11321 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11322 requires_config_enabled MBEDTLS_RSA_C 11323 requires_max_content_len 2048 11324 run_test "DTLS fragmenting: proxy MTU: auto-reduction (with valgrind)" \ 11325 -p "$P_PXY mtu=508" \ 11326 "$P_SRV dtls=1 debug_level=2 auth_mode=required \ 11327 crt_file=$DATA_FILES_PATH/server7_int-ca.crt \ 11328 key_file=$DATA_FILES_PATH/server7.key \ 11329 hs_timeout=250-10000" \ 11330 "$P_CLI dtls=1 debug_level=2 \ 11331 crt_file=$DATA_FILES_PATH/server8_int-ca2.crt \ 11332 key_file=$DATA_FILES_PATH/server8.key \ 11333 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ 11334 hs_timeout=250-10000" \ 11335 0 \ 11336 -s "found fragmented DTLS handshake message" \ 11337 -c "found fragmented DTLS handshake message" \ 11338 -C "error" 11339 11340 # the proxy shouldn't drop or mess up anything, so we shouldn't need to resend 11341 # OTOH the client might resend if the server is to slow to reset after sending 11342 # a HelloVerifyRequest, so only check for no retransmission server-side 11343 not_with_valgrind # spurious autoreduction due to timeout 11344 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11345 requires_config_enabled MBEDTLS_RSA_C 11346 requires_max_content_len 2048 11347 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 11348 run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=1024)" \ 11349 -p "$P_PXY mtu=1024" \ 11350 "$P_SRV dtls=1 debug_level=2 auth_mode=required \ 11351 crt_file=$DATA_FILES_PATH/server7_int-ca.crt \ 11352 key_file=$DATA_FILES_PATH/server7.key \ 11353 hs_timeout=10000-60000 \ 11354 mtu=1024" \ 11355 "$P_CLI dtls=1 debug_level=2 \ 11356 crt_file=$DATA_FILES_PATH/server8_int-ca2.crt \ 11357 key_file=$DATA_FILES_PATH/server8.key \ 11358 hs_timeout=10000-60000 \ 11359 mtu=1024" \ 11360 0 \ 11361 -S "autoreduction" \ 11362 -s "found fragmented DTLS handshake message" \ 11363 -c "found fragmented DTLS handshake message" \ 11364 -C "error" 11365 11366 # Forcing ciphersuite for this test to fit the MTU of 512 with full config. 11367 # the proxy shouldn't drop or mess up anything, so we shouldn't need to resend 11368 # OTOH the client might resend if the server is to slow to reset after sending 11369 # a HelloVerifyRequest, so only check for no retransmission server-side 11370 not_with_valgrind # spurious autoreduction due to timeout 11371 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11372 requires_config_enabled MBEDTLS_RSA_C 11373 requires_max_content_len 2048 11374 run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=512)" \ 11375 -p "$P_PXY mtu=512" \ 11376 "$P_SRV dtls=1 debug_level=2 auth_mode=required \ 11377 crt_file=$DATA_FILES_PATH/server7_int-ca.crt \ 11378 key_file=$DATA_FILES_PATH/server7.key \ 11379 hs_timeout=10000-60000 \ 11380 mtu=512" \ 11381 "$P_CLI dtls=1 debug_level=2 \ 11382 crt_file=$DATA_FILES_PATH/server8_int-ca2.crt \ 11383 key_file=$DATA_FILES_PATH/server8.key \ 11384 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ 11385 hs_timeout=10000-60000 \ 11386 mtu=512" \ 11387 0 \ 11388 -S "autoreduction" \ 11389 -s "found fragmented DTLS handshake message" \ 11390 -c "found fragmented DTLS handshake message" \ 11391 -C "error" 11392 11393 not_with_valgrind # spurious autoreduction due to timeout 11394 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11395 requires_config_enabled MBEDTLS_RSA_C 11396 requires_max_content_len 2048 11397 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 11398 run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=1024)" \ 11399 -p "$P_PXY mtu=1024" \ 11400 "$P_SRV dtls=1 debug_level=2 auth_mode=required \ 11401 crt_file=$DATA_FILES_PATH/server7_int-ca.crt \ 11402 key_file=$DATA_FILES_PATH/server7.key \ 11403 hs_timeout=10000-60000 \ 11404 mtu=1024 nbio=2" \ 11405 "$P_CLI dtls=1 debug_level=2 \ 11406 crt_file=$DATA_FILES_PATH/server8_int-ca2.crt \ 11407 key_file=$DATA_FILES_PATH/server8.key \ 11408 hs_timeout=10000-60000 \ 11409 mtu=1024 nbio=2" \ 11410 0 \ 11411 -S "autoreduction" \ 11412 -s "found fragmented DTLS handshake message" \ 11413 -c "found fragmented DTLS handshake message" \ 11414 -C "error" 11415 11416 # Forcing ciphersuite for this test to fit the MTU of 512 with full config. 11417 not_with_valgrind # spurious autoreduction due to timeout 11418 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11419 requires_config_enabled MBEDTLS_RSA_C 11420 requires_max_content_len 2048 11421 run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=512)" \ 11422 -p "$P_PXY mtu=512" \ 11423 "$P_SRV dtls=1 debug_level=2 auth_mode=required \ 11424 crt_file=$DATA_FILES_PATH/server7_int-ca.crt \ 11425 key_file=$DATA_FILES_PATH/server7.key \ 11426 hs_timeout=10000-60000 \ 11427 mtu=512 nbio=2" \ 11428 "$P_CLI dtls=1 debug_level=2 \ 11429 crt_file=$DATA_FILES_PATH/server8_int-ca2.crt \ 11430 key_file=$DATA_FILES_PATH/server8.key \ 11431 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ 11432 hs_timeout=10000-60000 \ 11433 mtu=512 nbio=2" \ 11434 0 \ 11435 -S "autoreduction" \ 11436 -s "found fragmented DTLS handshake message" \ 11437 -c "found fragmented DTLS handshake message" \ 11438 -C "error" 11439 11440 # Forcing ciphersuite for this test to fit the MTU of 1450 with full config. 11441 # This ensures things still work after session_reset(). 11442 # It also exercises the "resumed handshake" flow. 11443 # Since we don't support reading fragmented ClientHello yet, 11444 # up the MTU to 1450 (larger than ClientHello with session ticket, 11445 # but still smaller than client's Certificate to ensure fragmentation). 11446 # An autoreduction on the client-side might happen if the server is 11447 # slow to reset, therefore omitting '-C "autoreduction"' below. 11448 # reco_delay avoids races where the client reconnects before the server has 11449 # resumed listening, which would result in a spurious autoreduction. 11450 not_with_valgrind # spurious autoreduction due to timeout 11451 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11452 requires_config_enabled MBEDTLS_RSA_C 11453 requires_max_content_len 2048 11454 run_test "DTLS fragmenting: proxy MTU, resumed handshake" \ 11455 -p "$P_PXY mtu=1450" \ 11456 "$P_SRV dtls=1 debug_level=2 auth_mode=required \ 11457 crt_file=$DATA_FILES_PATH/server7_int-ca.crt \ 11458 key_file=$DATA_FILES_PATH/server7.key \ 11459 hs_timeout=10000-60000 \ 11460 mtu=1450" \ 11461 "$P_CLI dtls=1 debug_level=2 \ 11462 crt_file=$DATA_FILES_PATH/server8_int-ca2.crt \ 11463 key_file=$DATA_FILES_PATH/server8.key \ 11464 hs_timeout=10000-60000 \ 11465 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ 11466 mtu=1450 reconnect=1 skip_close_notify=1 reco_delay=1000" \ 11467 0 \ 11468 -S "autoreduction" \ 11469 -s "found fragmented DTLS handshake message" \ 11470 -c "found fragmented DTLS handshake message" \ 11471 -C "error" 11472 11473 # An autoreduction on the client-side might happen if the server is 11474 # slow to reset, therefore omitting '-C "autoreduction"' below. 11475 not_with_valgrind # spurious autoreduction due to timeout 11476 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11477 requires_config_enabled MBEDTLS_RSA_C 11478 requires_hash_alg SHA_256 11479 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 11480 requires_max_content_len 2048 11481 run_test "DTLS fragmenting: proxy MTU, ChachaPoly renego" \ 11482 -p "$P_PXY mtu=512" \ 11483 "$P_SRV dtls=1 debug_level=2 auth_mode=required \ 11484 crt_file=$DATA_FILES_PATH/server7_int-ca.crt \ 11485 key_file=$DATA_FILES_PATH/server7.key \ 11486 exchanges=2 renegotiation=1 \ 11487 hs_timeout=10000-60000 \ 11488 mtu=512" \ 11489 "$P_CLI dtls=1 debug_level=2 \ 11490 crt_file=$DATA_FILES_PATH/server8_int-ca2.crt \ 11491 key_file=$DATA_FILES_PATH/server8.key \ 11492 exchanges=2 renegotiation=1 renegotiate=1 \ 11493 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256 \ 11494 hs_timeout=10000-60000 \ 11495 mtu=512" \ 11496 0 \ 11497 -S "autoreduction" \ 11498 -s "found fragmented DTLS handshake message" \ 11499 -c "found fragmented DTLS handshake message" \ 11500 -C "error" 11501 11502 # An autoreduction on the client-side might happen if the server is 11503 # slow to reset, therefore omitting '-C "autoreduction"' below. 11504 not_with_valgrind # spurious autoreduction due to timeout 11505 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11506 requires_config_enabled MBEDTLS_RSA_C 11507 requires_hash_alg SHA_256 11508 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 11509 requires_max_content_len 2048 11510 run_test "DTLS fragmenting: proxy MTU, AES-GCM renego" \ 11511 -p "$P_PXY mtu=512" \ 11512 "$P_SRV dtls=1 debug_level=2 auth_mode=required \ 11513 crt_file=$DATA_FILES_PATH/server7_int-ca.crt \ 11514 key_file=$DATA_FILES_PATH/server7.key \ 11515 exchanges=2 renegotiation=1 \ 11516 hs_timeout=10000-60000 \ 11517 mtu=512" \ 11518 "$P_CLI dtls=1 debug_level=2 \ 11519 crt_file=$DATA_FILES_PATH/server8_int-ca2.crt \ 11520 key_file=$DATA_FILES_PATH/server8.key \ 11521 exchanges=2 renegotiation=1 renegotiate=1 \ 11522 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ 11523 hs_timeout=10000-60000 \ 11524 mtu=512" \ 11525 0 \ 11526 -S "autoreduction" \ 11527 -s "found fragmented DTLS handshake message" \ 11528 -c "found fragmented DTLS handshake message" \ 11529 -C "error" 11530 11531 # An autoreduction on the client-side might happen if the server is 11532 # slow to reset, therefore omitting '-C "autoreduction"' below. 11533 not_with_valgrind # spurious autoreduction due to timeout 11534 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11535 requires_config_enabled MBEDTLS_RSA_C 11536 requires_hash_alg SHA_256 11537 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 11538 requires_max_content_len 2048 11539 run_test "DTLS fragmenting: proxy MTU, AES-CCM renego" \ 11540 -p "$P_PXY mtu=1024" \ 11541 "$P_SRV dtls=1 debug_level=2 auth_mode=required \ 11542 crt_file=$DATA_FILES_PATH/server7_int-ca.crt \ 11543 key_file=$DATA_FILES_PATH/server7.key \ 11544 exchanges=2 renegotiation=1 \ 11545 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 \ 11546 hs_timeout=10000-60000 \ 11547 mtu=1024" \ 11548 "$P_CLI dtls=1 debug_level=2 \ 11549 crt_file=$DATA_FILES_PATH/server8_int-ca2.crt \ 11550 key_file=$DATA_FILES_PATH/server8.key \ 11551 exchanges=2 renegotiation=1 renegotiate=1 \ 11552 hs_timeout=10000-60000 \ 11553 mtu=1024" \ 11554 0 \ 11555 -S "autoreduction" \ 11556 -s "found fragmented DTLS handshake message" \ 11557 -c "found fragmented DTLS handshake message" \ 11558 -C "error" 11559 11560 # An autoreduction on the client-side might happen if the server is 11561 # slow to reset, therefore omitting '-C "autoreduction"' below. 11562 not_with_valgrind # spurious autoreduction due to timeout 11563 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11564 requires_config_enabled MBEDTLS_RSA_C 11565 requires_hash_alg SHA_256 11566 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 11567 requires_config_enabled MBEDTLS_SSL_ENCRYPT_THEN_MAC 11568 requires_max_content_len 2048 11569 run_test "DTLS fragmenting: proxy MTU, AES-CBC EtM renego" \ 11570 -p "$P_PXY mtu=1024" \ 11571 "$P_SRV dtls=1 debug_level=2 auth_mode=required \ 11572 crt_file=$DATA_FILES_PATH/server7_int-ca.crt \ 11573 key_file=$DATA_FILES_PATH/server7.key \ 11574 exchanges=2 renegotiation=1 \ 11575 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 \ 11576 hs_timeout=10000-60000 \ 11577 mtu=1024" \ 11578 "$P_CLI dtls=1 debug_level=2 \ 11579 crt_file=$DATA_FILES_PATH/server8_int-ca2.crt \ 11580 key_file=$DATA_FILES_PATH/server8.key \ 11581 exchanges=2 renegotiation=1 renegotiate=1 \ 11582 hs_timeout=10000-60000 \ 11583 mtu=1024" \ 11584 0 \ 11585 -S "autoreduction" \ 11586 -s "found fragmented DTLS handshake message" \ 11587 -c "found fragmented DTLS handshake message" \ 11588 -C "error" 11589 11590 # An autoreduction on the client-side might happen if the server is 11591 # slow to reset, therefore omitting '-C "autoreduction"' below. 11592 not_with_valgrind # spurious autoreduction due to timeout 11593 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11594 requires_config_enabled MBEDTLS_RSA_C 11595 requires_hash_alg SHA_256 11596 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 11597 requires_max_content_len 2048 11598 run_test "DTLS fragmenting: proxy MTU, AES-CBC non-EtM renego" \ 11599 -p "$P_PXY mtu=1024" \ 11600 "$P_SRV dtls=1 debug_level=2 auth_mode=required \ 11601 crt_file=$DATA_FILES_PATH/server7_int-ca.crt \ 11602 key_file=$DATA_FILES_PATH/server7.key \ 11603 exchanges=2 renegotiation=1 \ 11604 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 etm=0 \ 11605 hs_timeout=10000-60000 \ 11606 mtu=1024" \ 11607 "$P_CLI dtls=1 debug_level=2 \ 11608 crt_file=$DATA_FILES_PATH/server8_int-ca2.crt \ 11609 key_file=$DATA_FILES_PATH/server8.key \ 11610 exchanges=2 renegotiation=1 renegotiate=1 \ 11611 hs_timeout=10000-60000 \ 11612 mtu=1024" \ 11613 0 \ 11614 -S "autoreduction" \ 11615 -s "found fragmented DTLS handshake message" \ 11616 -c "found fragmented DTLS handshake message" \ 11617 -C "error" 11618 11619 # Forcing ciphersuite for this test to fit the MTU of 512 with full config. 11620 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11621 requires_config_enabled MBEDTLS_RSA_C 11622 client_needs_more_time 2 11623 requires_max_content_len 2048 11624 run_test "DTLS fragmenting: proxy MTU + 3d" \ 11625 -p "$P_PXY mtu=512 drop=8 delay=8 duplicate=8" \ 11626 "$P_SRV dgram_packing=0 dtls=1 debug_level=2 auth_mode=required \ 11627 crt_file=$DATA_FILES_PATH/server7_int-ca.crt \ 11628 key_file=$DATA_FILES_PATH/server7.key \ 11629 hs_timeout=250-10000 mtu=512" \ 11630 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ 11631 crt_file=$DATA_FILES_PATH/server8_int-ca2.crt \ 11632 key_file=$DATA_FILES_PATH/server8.key \ 11633 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ 11634 hs_timeout=250-10000 mtu=512" \ 11635 0 \ 11636 -s "found fragmented DTLS handshake message" \ 11637 -c "found fragmented DTLS handshake message" \ 11638 -C "error" 11639 11640 # Forcing ciphersuite for this test to fit the MTU of 512 with full config. 11641 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11642 requires_config_enabled MBEDTLS_RSA_C 11643 client_needs_more_time 2 11644 requires_max_content_len 2048 11645 run_test "DTLS fragmenting: proxy MTU + 3d, nbio" \ 11646 -p "$P_PXY mtu=512 drop=8 delay=8 duplicate=8" \ 11647 "$P_SRV dtls=1 debug_level=2 auth_mode=required \ 11648 crt_file=$DATA_FILES_PATH/server7_int-ca.crt \ 11649 key_file=$DATA_FILES_PATH/server7.key \ 11650 hs_timeout=250-10000 mtu=512 nbio=2" \ 11651 "$P_CLI dtls=1 debug_level=2 \ 11652 crt_file=$DATA_FILES_PATH/server8_int-ca2.crt \ 11653 key_file=$DATA_FILES_PATH/server8.key \ 11654 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ 11655 hs_timeout=250-10000 mtu=512 nbio=2" \ 11656 0 \ 11657 -s "found fragmented DTLS handshake message" \ 11658 -c "found fragmented DTLS handshake message" \ 11659 -C "error" 11660 11661 # interop tests for DTLS fragmentating with reliable connection 11662 # 11663 # here and below we just want to test that the we fragment in a way that 11664 # pleases other implementations, so we don't need the peer to fragment 11665 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11666 requires_config_enabled MBEDTLS_RSA_C 11667 requires_gnutls 11668 requires_max_content_len 2048 11669 run_test "DTLS fragmenting: gnutls server, DTLS 1.2" \ 11670 "$G_SRV -u" \ 11671 "$P_CLI dtls=1 debug_level=2 \ 11672 crt_file=$DATA_FILES_PATH/server8_int-ca2.crt \ 11673 key_file=$DATA_FILES_PATH/server8.key \ 11674 mtu=512 force_version=dtls12" \ 11675 0 \ 11676 -c "fragmenting handshake message" \ 11677 -C "error" 11678 11679 # We use --insecure for the GnuTLS client because it expects 11680 # the hostname / IP it connects to to be the name used in the 11681 # certificate obtained from the server. Here, however, it 11682 # connects to 127.0.0.1 while our test certificates use 'localhost' 11683 # as the server name in the certificate. This will make the 11684 # certificate validation fail, but passing --insecure makes 11685 # GnuTLS continue the connection nonetheless. 11686 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11687 requires_config_enabled MBEDTLS_RSA_C 11688 requires_gnutls 11689 requires_not_i686 11690 requires_max_content_len 2048 11691 run_test "DTLS fragmenting: gnutls client, DTLS 1.2" \ 11692 "$P_SRV dtls=1 debug_level=2 \ 11693 crt_file=$DATA_FILES_PATH/server7_int-ca.crt \ 11694 key_file=$DATA_FILES_PATH/server7.key \ 11695 mtu=512 force_version=dtls12" \ 11696 "$G_CLI -u --insecure 127.0.0.1" \ 11697 0 \ 11698 -s "fragmenting handshake message" 11699 11700 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11701 requires_config_enabled MBEDTLS_RSA_C 11702 requires_max_content_len 2048 11703 run_test "DTLS fragmenting: openssl server, DTLS 1.2" \ 11704 "$O_SRV -dtls1_2 -verify 10" \ 11705 "$P_CLI dtls=1 debug_level=2 \ 11706 crt_file=$DATA_FILES_PATH/server8_int-ca2.crt \ 11707 key_file=$DATA_FILES_PATH/server8.key \ 11708 mtu=512 force_version=dtls12" \ 11709 0 \ 11710 -c "fragmenting handshake message" \ 11711 -C "error" 11712 11713 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11714 requires_config_enabled MBEDTLS_RSA_C 11715 requires_max_content_len 2048 11716 run_test "DTLS fragmenting: openssl client, DTLS 1.2" \ 11717 "$P_SRV dtls=1 debug_level=2 \ 11718 crt_file=$DATA_FILES_PATH/server7_int-ca.crt \ 11719 key_file=$DATA_FILES_PATH/server7.key \ 11720 mtu=512 force_version=dtls12" \ 11721 "$O_CLI -dtls1_2" \ 11722 0 \ 11723 -s "fragmenting handshake message" 11724 11725 # interop tests for DTLS fragmentating with unreliable connection 11726 # 11727 # again we just want to test that the we fragment in a way that 11728 # pleases other implementations, so we don't need the peer to fragment 11729 requires_gnutls_next 11730 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11731 requires_config_enabled MBEDTLS_RSA_C 11732 client_needs_more_time 4 11733 requires_max_content_len 2048 11734 run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.2" \ 11735 -p "$P_PXY drop=8 delay=8 duplicate=8" \ 11736 "$G_NEXT_SRV -u" \ 11737 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ 11738 crt_file=$DATA_FILES_PATH/server8_int-ca2.crt \ 11739 key_file=$DATA_FILES_PATH/server8.key \ 11740 hs_timeout=250-60000 mtu=512 force_version=dtls12" \ 11741 0 \ 11742 -c "fragmenting handshake message" \ 11743 -C "error" 11744 11745 requires_gnutls_next 11746 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11747 requires_config_enabled MBEDTLS_RSA_C 11748 client_needs_more_time 4 11749 requires_max_content_len 2048 11750 run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.2" \ 11751 -p "$P_PXY drop=8 delay=8 duplicate=8" \ 11752 "$P_SRV dtls=1 debug_level=2 \ 11753 crt_file=$DATA_FILES_PATH/server7_int-ca.crt \ 11754 key_file=$DATA_FILES_PATH/server7.key \ 11755 hs_timeout=250-60000 mtu=512 force_version=dtls12" \ 11756 "$G_NEXT_CLI -u --insecure 127.0.0.1" \ 11757 0 \ 11758 -s "fragmenting handshake message" 11759 11760 ## The test below requires 1.1.1a or higher version of openssl, otherwise 11761 ## it might trigger a bug due to openssl server (https://github.com/openssl/openssl/issues/6902) 11762 requires_openssl_next 11763 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11764 requires_config_enabled MBEDTLS_RSA_C 11765 client_needs_more_time 4 11766 requires_max_content_len 2048 11767 run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.2" \ 11768 -p "$P_PXY drop=8 delay=8 duplicate=8" \ 11769 "$O_NEXT_SRV -dtls1_2 -verify 10" \ 11770 "$P_CLI dtls=1 debug_level=2 \ 11771 crt_file=$DATA_FILES_PATH/server8_int-ca2.crt \ 11772 key_file=$DATA_FILES_PATH/server8.key \ 11773 hs_timeout=250-60000 mtu=512 force_version=dtls12" \ 11774 0 \ 11775 -c "fragmenting handshake message" \ 11776 -C "error" 11777 11778 ## the test below will time out with certain seed. 11779 ## The cause is an openssl bug (https://github.com/openssl/openssl/issues/18887) 11780 skip_next_test 11781 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS 11782 requires_config_enabled MBEDTLS_RSA_C 11783 client_needs_more_time 4 11784 requires_max_content_len 2048 11785 run_test "DTLS fragmenting: 3d, openssl client, DTLS 1.2" \ 11786 -p "$P_PXY drop=8 delay=8 duplicate=8" \ 11787 "$P_SRV dtls=1 debug_level=2 \ 11788 crt_file=$DATA_FILES_PATH/server7_int-ca.crt \ 11789 key_file=$DATA_FILES_PATH/server7.key \ 11790 hs_timeout=250-60000 mtu=512 force_version=dtls12" \ 11791 "$O_CLI -dtls1_2" \ 11792 0 \ 11793 -s "fragmenting handshake message" 11794 11795 # Tests for DTLS-SRTP (RFC 5764) 11796 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 11797 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 11798 run_test "DTLS-SRTP all profiles supported" \ 11799 "$P_SRV dtls=1 use_srtp=1 debug_level=3" \ 11800 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \ 11801 0 \ 11802 -s "found use_srtp extension" \ 11803 -s "found srtp profile" \ 11804 -s "selected srtp profile" \ 11805 -s "server hello, adding use_srtp extension" \ 11806 -s "DTLS-SRTP key material is"\ 11807 -c "client hello, adding use_srtp extension" \ 11808 -c "found use_srtp extension" \ 11809 -c "found srtp profile" \ 11810 -c "selected srtp profile" \ 11811 -c "DTLS-SRTP key material is"\ 11812 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\ 11813 -C "error" 11814 11815 11816 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 11817 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 11818 run_test "DTLS-SRTP server supports all profiles. Client supports one profile." \ 11819 "$P_SRV dtls=1 use_srtp=1 debug_level=3" \ 11820 "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=5 debug_level=3" \ 11821 0 \ 11822 -s "found use_srtp extension" \ 11823 -s "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" \ 11824 -s "selected srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" \ 11825 -s "server hello, adding use_srtp extension" \ 11826 -s "DTLS-SRTP key material is"\ 11827 -c "client hello, adding use_srtp extension" \ 11828 -c "found use_srtp extension" \ 11829 -c "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" \ 11830 -c "selected srtp profile" \ 11831 -c "DTLS-SRTP key material is"\ 11832 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\ 11833 -C "error" 11834 11835 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 11836 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 11837 run_test "DTLS-SRTP server supports one profile. Client supports all profiles." \ 11838 "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=6 debug_level=3" \ 11839 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \ 11840 0 \ 11841 -s "found use_srtp extension" \ 11842 -s "found srtp profile" \ 11843 -s "selected srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" \ 11844 -s "server hello, adding use_srtp extension" \ 11845 -s "DTLS-SRTP key material is"\ 11846 -c "client hello, adding use_srtp extension" \ 11847 -c "found use_srtp extension" \ 11848 -c "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" \ 11849 -c "selected srtp profile" \ 11850 -c "DTLS-SRTP key material is"\ 11851 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\ 11852 -C "error" 11853 11854 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 11855 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 11856 run_test "DTLS-SRTP server and Client support only one matching profile." \ 11857 "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \ 11858 "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \ 11859 0 \ 11860 -s "found use_srtp extension" \ 11861 -s "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \ 11862 -s "selected srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \ 11863 -s "server hello, adding use_srtp extension" \ 11864 -s "DTLS-SRTP key material is"\ 11865 -c "client hello, adding use_srtp extension" \ 11866 -c "found use_srtp extension" \ 11867 -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \ 11868 -c "selected srtp profile" \ 11869 -c "DTLS-SRTP key material is"\ 11870 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\ 11871 -C "error" 11872 11873 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 11874 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 11875 run_test "DTLS-SRTP server and Client support only one different profile." \ 11876 "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \ 11877 "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=6 debug_level=3" \ 11878 0 \ 11879 -s "found use_srtp extension" \ 11880 -s "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" \ 11881 -S "selected srtp profile" \ 11882 -S "server hello, adding use_srtp extension" \ 11883 -S "DTLS-SRTP key material is"\ 11884 -c "client hello, adding use_srtp extension" \ 11885 -C "found use_srtp extension" \ 11886 -C "found srtp profile" \ 11887 -C "selected srtp profile" \ 11888 -C "DTLS-SRTP key material is"\ 11889 -C "error" 11890 11891 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 11892 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 11893 run_test "DTLS-SRTP server doesn't support use_srtp extension." \ 11894 "$P_SRV dtls=1 debug_level=3" \ 11895 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \ 11896 0 \ 11897 -s "found use_srtp extension" \ 11898 -S "server hello, adding use_srtp extension" \ 11899 -S "DTLS-SRTP key material is"\ 11900 -c "client hello, adding use_srtp extension" \ 11901 -C "found use_srtp extension" \ 11902 -C "found srtp profile" \ 11903 -C "selected srtp profile" \ 11904 -C "DTLS-SRTP key material is"\ 11905 -C "error" 11906 11907 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 11908 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 11909 run_test "DTLS-SRTP all profiles supported. mki used" \ 11910 "$P_SRV dtls=1 use_srtp=1 support_mki=1 debug_level=3" \ 11911 "$P_CLI dtls=1 use_srtp=1 mki=542310ab34290481 debug_level=3" \ 11912 0 \ 11913 -s "found use_srtp extension" \ 11914 -s "found srtp profile" \ 11915 -s "selected srtp profile" \ 11916 -s "server hello, adding use_srtp extension" \ 11917 -s "dumping 'using mki' (8 bytes)" \ 11918 -s "DTLS-SRTP key material is"\ 11919 -c "client hello, adding use_srtp extension" \ 11920 -c "found use_srtp extension" \ 11921 -c "found srtp profile" \ 11922 -c "selected srtp profile" \ 11923 -c "dumping 'sending mki' (8 bytes)" \ 11924 -c "dumping 'received mki' (8 bytes)" \ 11925 -c "DTLS-SRTP key material is"\ 11926 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\ 11927 -g "find_in_both '^ *DTLS-SRTP mki value: [0-9A-F]*$'"\ 11928 -C "error" 11929 11930 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 11931 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 11932 run_test "DTLS-SRTP all profiles supported. server doesn't support mki." \ 11933 "$P_SRV dtls=1 use_srtp=1 debug_level=3" \ 11934 "$P_CLI dtls=1 use_srtp=1 mki=542310ab34290481 debug_level=3" \ 11935 0 \ 11936 -s "found use_srtp extension" \ 11937 -s "found srtp profile" \ 11938 -s "selected srtp profile" \ 11939 -s "server hello, adding use_srtp extension" \ 11940 -s "DTLS-SRTP key material is"\ 11941 -s "DTLS-SRTP no mki value negotiated"\ 11942 -S "dumping 'using mki' (8 bytes)" \ 11943 -c "client hello, adding use_srtp extension" \ 11944 -c "found use_srtp extension" \ 11945 -c "found srtp profile" \ 11946 -c "selected srtp profile" \ 11947 -c "DTLS-SRTP key material is"\ 11948 -c "DTLS-SRTP no mki value negotiated"\ 11949 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\ 11950 -c "dumping 'sending mki' (8 bytes)" \ 11951 -C "dumping 'received mki' (8 bytes)" \ 11952 -C "error" 11953 11954 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 11955 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 11956 run_test "DTLS-SRTP all profiles supported. openssl client." \ 11957 "$P_SRV dtls=1 use_srtp=1 debug_level=3" \ 11958 "$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ 11959 0 \ 11960 -s "found use_srtp extension" \ 11961 -s "found srtp profile" \ 11962 -s "selected srtp profile" \ 11963 -s "server hello, adding use_srtp extension" \ 11964 -s "DTLS-SRTP key material is"\ 11965 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\ 11966 -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_80" 11967 11968 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 11969 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 11970 run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, in different order. openssl client." \ 11971 "$P_SRV dtls=1 use_srtp=1 debug_level=3" \ 11972 "$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_32:SRTP_AES128_CM_SHA1_80 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ 11973 0 \ 11974 -s "found use_srtp extension" \ 11975 -s "found srtp profile" \ 11976 -s "selected srtp profile" \ 11977 -s "server hello, adding use_srtp extension" \ 11978 -s "DTLS-SRTP key material is"\ 11979 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\ 11980 -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32" 11981 11982 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 11983 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 11984 run_test "DTLS-SRTP server supports all profiles. Client supports one profile. openssl client." \ 11985 "$P_SRV dtls=1 use_srtp=1 debug_level=3" \ 11986 "$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ 11987 0 \ 11988 -s "found use_srtp extension" \ 11989 -s "found srtp profile" \ 11990 -s "selected srtp profile" \ 11991 -s "server hello, adding use_srtp extension" \ 11992 -s "DTLS-SRTP key material is"\ 11993 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\ 11994 -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32" 11995 11996 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 11997 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 11998 run_test "DTLS-SRTP server supports one profile. Client supports all profiles. openssl client." \ 11999 "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \ 12000 "$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ 12001 0 \ 12002 -s "found use_srtp extension" \ 12003 -s "found srtp profile" \ 12004 -s "selected srtp profile" \ 12005 -s "server hello, adding use_srtp extension" \ 12006 -s "DTLS-SRTP key material is"\ 12007 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\ 12008 -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32" 12009 12010 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 12011 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12012 run_test "DTLS-SRTP server and Client support only one matching profile. openssl client." \ 12013 "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \ 12014 "$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ 12015 0 \ 12016 -s "found use_srtp extension" \ 12017 -s "found srtp profile" \ 12018 -s "selected srtp profile" \ 12019 -s "server hello, adding use_srtp extension" \ 12020 -s "DTLS-SRTP key material is"\ 12021 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\ 12022 -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32" 12023 12024 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 12025 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12026 run_test "DTLS-SRTP server and Client support only one different profile. openssl client." \ 12027 "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=1 debug_level=3" \ 12028 "$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ 12029 0 \ 12030 -s "found use_srtp extension" \ 12031 -s "found srtp profile" \ 12032 -S "selected srtp profile" \ 12033 -S "server hello, adding use_srtp extension" \ 12034 -S "DTLS-SRTP key material is"\ 12035 -C "SRTP Extension negotiated, profile" 12036 12037 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 12038 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12039 run_test "DTLS-SRTP server doesn't support use_srtp extension. openssl client" \ 12040 "$P_SRV dtls=1 debug_level=3" \ 12041 "$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ 12042 0 \ 12043 -s "found use_srtp extension" \ 12044 -S "server hello, adding use_srtp extension" \ 12045 -S "DTLS-SRTP key material is"\ 12046 -C "SRTP Extension negotiated, profile" 12047 12048 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 12049 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12050 run_test "DTLS-SRTP all profiles supported. openssl server" \ 12051 "$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ 12052 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \ 12053 0 \ 12054 -c "client hello, adding use_srtp extension" \ 12055 -c "found use_srtp extension" \ 12056 -c "found srtp profile" \ 12057 -c "selected srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80" \ 12058 -c "DTLS-SRTP key material is"\ 12059 -C "error" 12060 12061 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 12062 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12063 run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, in different order. openssl server." \ 12064 "$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_32:SRTP_AES128_CM_SHA1_80 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ 12065 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \ 12066 0 \ 12067 -c "client hello, adding use_srtp extension" \ 12068 -c "found use_srtp extension" \ 12069 -c "found srtp profile" \ 12070 -c "selected srtp profile" \ 12071 -c "DTLS-SRTP key material is"\ 12072 -C "error" 12073 12074 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 12075 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12076 run_test "DTLS-SRTP server supports all profiles. Client supports one profile. openssl server." \ 12077 "$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ 12078 "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \ 12079 0 \ 12080 -c "client hello, adding use_srtp extension" \ 12081 -c "found use_srtp extension" \ 12082 -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \ 12083 -c "selected srtp profile" \ 12084 -c "DTLS-SRTP key material is"\ 12085 -C "error" 12086 12087 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 12088 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12089 run_test "DTLS-SRTP server supports one profile. Client supports all profiles. openssl server." \ 12090 "$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ 12091 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \ 12092 0 \ 12093 -c "client hello, adding use_srtp extension" \ 12094 -c "found use_srtp extension" \ 12095 -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \ 12096 -c "selected srtp profile" \ 12097 -c "DTLS-SRTP key material is"\ 12098 -C "error" 12099 12100 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 12101 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12102 run_test "DTLS-SRTP server and Client support only one matching profile. openssl server." \ 12103 "$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ 12104 "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \ 12105 0 \ 12106 -c "client hello, adding use_srtp extension" \ 12107 -c "found use_srtp extension" \ 12108 -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \ 12109 -c "selected srtp profile" \ 12110 -c "DTLS-SRTP key material is"\ 12111 -C "error" 12112 12113 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 12114 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12115 run_test "DTLS-SRTP server and Client support only one different profile. openssl server." \ 12116 "$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ 12117 "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=6 debug_level=3" \ 12118 0 \ 12119 -c "client hello, adding use_srtp extension" \ 12120 -C "found use_srtp extension" \ 12121 -C "found srtp profile" \ 12122 -C "selected srtp profile" \ 12123 -C "DTLS-SRTP key material is"\ 12124 -C "error" 12125 12126 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 12127 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12128 run_test "DTLS-SRTP server doesn't support use_srtp extension. openssl server" \ 12129 "$O_SRV -dtls" \ 12130 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \ 12131 0 \ 12132 -c "client hello, adding use_srtp extension" \ 12133 -C "found use_srtp extension" \ 12134 -C "found srtp profile" \ 12135 -C "selected srtp profile" \ 12136 -C "DTLS-SRTP key material is"\ 12137 -C "error" 12138 12139 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 12140 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12141 run_test "DTLS-SRTP all profiles supported. server doesn't support mki. openssl server." \ 12142 "$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \ 12143 "$P_CLI dtls=1 use_srtp=1 mki=542310ab34290481 debug_level=3" \ 12144 0 \ 12145 -c "client hello, adding use_srtp extension" \ 12146 -c "found use_srtp extension" \ 12147 -c "found srtp profile" \ 12148 -c "selected srtp profile" \ 12149 -c "DTLS-SRTP key material is"\ 12150 -c "DTLS-SRTP no mki value negotiated"\ 12151 -c "dumping 'sending mki' (8 bytes)" \ 12152 -C "dumping 'received mki' (8 bytes)" \ 12153 -C "error" 12154 12155 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 12156 requires_gnutls 12157 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12158 run_test "DTLS-SRTP all profiles supported. gnutls client." \ 12159 "$P_SRV dtls=1 use_srtp=1 debug_level=3" \ 12160 "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32 --insecure 127.0.0.1" \ 12161 0 \ 12162 -s "found use_srtp extension" \ 12163 -s "found srtp profile" \ 12164 -s "selected srtp profile" \ 12165 -s "server hello, adding use_srtp extension" \ 12166 -s "DTLS-SRTP key material is"\ 12167 -c "SRTP profile: SRTP_AES128_CM_HMAC_SHA1_80" 12168 12169 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 12170 requires_gnutls 12171 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12172 run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, in different order. gnutls client." \ 12173 "$P_SRV dtls=1 use_srtp=1 debug_level=3" \ 12174 "$G_CLI -u --srtp-profiles=SRTP_NULL_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_80:SRTP_NULL_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_32 --insecure 127.0.0.1" \ 12175 0 \ 12176 -s "found use_srtp extension" \ 12177 -s "found srtp profile" \ 12178 -s "selected srtp profile" \ 12179 -s "server hello, adding use_srtp extension" \ 12180 -s "DTLS-SRTP key material is"\ 12181 -c "SRTP profile: SRTP_NULL_HMAC_SHA1_80" 12182 12183 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 12184 requires_gnutls 12185 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12186 run_test "DTLS-SRTP server supports all profiles. Client supports one profile. gnutls client." \ 12187 "$P_SRV dtls=1 use_srtp=1 debug_level=3" \ 12188 "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32 --insecure 127.0.0.1" \ 12189 0 \ 12190 -s "found use_srtp extension" \ 12191 -s "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \ 12192 -s "selected srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \ 12193 -s "server hello, adding use_srtp extension" \ 12194 -s "DTLS-SRTP key material is"\ 12195 -c "SRTP profile: SRTP_AES128_CM_HMAC_SHA1_32" 12196 12197 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 12198 requires_gnutls 12199 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12200 run_test "DTLS-SRTP server supports one profile. Client supports all profiles. gnutls client." \ 12201 "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=6 debug_level=3" \ 12202 "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32 --insecure 127.0.0.1" \ 12203 0 \ 12204 -s "found use_srtp extension" \ 12205 -s "found srtp profile" \ 12206 -s "selected srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" \ 12207 -s "server hello, adding use_srtp extension" \ 12208 -s "DTLS-SRTP key material is"\ 12209 -c "SRTP profile: SRTP_NULL_SHA1_32" 12210 12211 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 12212 requires_gnutls 12213 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12214 run_test "DTLS-SRTP server and Client support only one matching profile. gnutls client." \ 12215 "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \ 12216 "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32 --insecure 127.0.0.1" \ 12217 0 \ 12218 -s "found use_srtp extension" \ 12219 -s "found srtp profile" \ 12220 -s "selected srtp profile" \ 12221 -s "server hello, adding use_srtp extension" \ 12222 -s "DTLS-SRTP key material is"\ 12223 -c "SRTP profile: SRTP_AES128_CM_HMAC_SHA1_32" 12224 12225 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 12226 requires_gnutls 12227 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12228 run_test "DTLS-SRTP server and Client support only one different profile. gnutls client." \ 12229 "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=1 debug_level=3" \ 12230 "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32 --insecure 127.0.0.1" \ 12231 0 \ 12232 -s "found use_srtp extension" \ 12233 -s "found srtp profile" \ 12234 -S "selected srtp profile" \ 12235 -S "server hello, adding use_srtp extension" \ 12236 -S "DTLS-SRTP key material is"\ 12237 -C "SRTP profile:" 12238 12239 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 12240 requires_gnutls 12241 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12242 run_test "DTLS-SRTP server doesn't support use_srtp extension. gnutls client" \ 12243 "$P_SRV dtls=1 debug_level=3" \ 12244 "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32 --insecure 127.0.0.1" \ 12245 0 \ 12246 -s "found use_srtp extension" \ 12247 -S "server hello, adding use_srtp extension" \ 12248 -S "DTLS-SRTP key material is"\ 12249 -C "SRTP profile:" 12250 12251 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 12252 requires_gnutls 12253 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12254 run_test "DTLS-SRTP all profiles supported. gnutls server" \ 12255 "$G_SRV -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32" \ 12256 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \ 12257 0 \ 12258 -c "client hello, adding use_srtp extension" \ 12259 -c "found use_srtp extension" \ 12260 -c "found srtp profile" \ 12261 -c "selected srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80" \ 12262 -c "DTLS-SRTP key material is"\ 12263 -C "error" 12264 12265 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 12266 requires_gnutls 12267 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12268 run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, in different order. gnutls server." \ 12269 "$G_SRV -u --srtp-profiles=SRTP_NULL_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_80:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32" \ 12270 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \ 12271 0 \ 12272 -c "client hello, adding use_srtp extension" \ 12273 -c "found use_srtp extension" \ 12274 -c "found srtp profile" \ 12275 -c "selected srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80" \ 12276 -c "DTLS-SRTP key material is"\ 12277 -C "error" 12278 12279 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 12280 requires_gnutls 12281 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12282 run_test "DTLS-SRTP server supports all profiles. Client supports one profile. gnutls server." \ 12283 "$G_SRV -u --srtp-profiles=SRTP_NULL_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_80:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32" \ 12284 "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \ 12285 0 \ 12286 -c "client hello, adding use_srtp extension" \ 12287 -c "found use_srtp extension" \ 12288 -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \ 12289 -c "selected srtp profile" \ 12290 -c "DTLS-SRTP key material is"\ 12291 -C "error" 12292 12293 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 12294 requires_gnutls 12295 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12296 run_test "DTLS-SRTP server supports one profile. Client supports all profiles. gnutls server." \ 12297 "$G_SRV -u --srtp-profiles=SRTP_NULL_HMAC_SHA1_80" \ 12298 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \ 12299 0 \ 12300 -c "client hello, adding use_srtp extension" \ 12301 -c "found use_srtp extension" \ 12302 -c "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" \ 12303 -c "selected srtp profile" \ 12304 -c "DTLS-SRTP key material is"\ 12305 -C "error" 12306 12307 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 12308 requires_gnutls 12309 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12310 run_test "DTLS-SRTP server and Client support only one matching profile. gnutls server." \ 12311 "$G_SRV -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32" \ 12312 "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \ 12313 0 \ 12314 -c "client hello, adding use_srtp extension" \ 12315 -c "found use_srtp extension" \ 12316 -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \ 12317 -c "selected srtp profile" \ 12318 -c "DTLS-SRTP key material is"\ 12319 -C "error" 12320 12321 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 12322 requires_gnutls 12323 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12324 run_test "DTLS-SRTP server and Client support only one different profile. gnutls server." \ 12325 "$G_SRV -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32" \ 12326 "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=6 debug_level=3" \ 12327 0 \ 12328 -c "client hello, adding use_srtp extension" \ 12329 -C "found use_srtp extension" \ 12330 -C "found srtp profile" \ 12331 -C "selected srtp profile" \ 12332 -C "DTLS-SRTP key material is"\ 12333 -C "error" 12334 12335 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 12336 requires_gnutls 12337 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12338 run_test "DTLS-SRTP server doesn't support use_srtp extension. gnutls server" \ 12339 "$G_SRV -u" \ 12340 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \ 12341 0 \ 12342 -c "client hello, adding use_srtp extension" \ 12343 -C "found use_srtp extension" \ 12344 -C "found srtp profile" \ 12345 -C "selected srtp profile" \ 12346 -C "DTLS-SRTP key material is"\ 12347 -C "error" 12348 12349 requires_config_enabled MBEDTLS_SSL_DTLS_SRTP 12350 requires_gnutls 12351 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12352 run_test "DTLS-SRTP all profiles supported. mki used. gnutls server." \ 12353 "$G_SRV -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32" \ 12354 "$P_CLI dtls=1 use_srtp=1 mki=542310ab34290481 debug_level=3" \ 12355 0 \ 12356 -c "client hello, adding use_srtp extension" \ 12357 -c "found use_srtp extension" \ 12358 -c "found srtp profile" \ 12359 -c "selected srtp profile" \ 12360 -c "DTLS-SRTP key material is"\ 12361 -c "DTLS-SRTP mki value:"\ 12362 -c "dumping 'sending mki' (8 bytes)" \ 12363 -c "dumping 'received mki' (8 bytes)" \ 12364 -C "error" 12365 12366 # Tests for specific things with "unreliable" UDP connection 12367 12368 not_with_valgrind # spurious resend due to timeout 12369 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12370 run_test "DTLS proxy: reference" \ 12371 -p "$P_PXY" \ 12372 "$P_SRV dtls=1 debug_level=2 hs_timeout=10000-20000" \ 12373 "$P_CLI dtls=1 debug_level=2 hs_timeout=10000-20000" \ 12374 0 \ 12375 -C "replayed record" \ 12376 -S "replayed record" \ 12377 -C "Buffer record from epoch" \ 12378 -S "Buffer record from epoch" \ 12379 -C "ssl_buffer_message" \ 12380 -S "ssl_buffer_message" \ 12381 -C "discarding invalid record" \ 12382 -S "discarding invalid record" \ 12383 -S "resend" \ 12384 -s "Extra-header:" \ 12385 -c "HTTP/1.0 200 OK" 12386 12387 not_with_valgrind # spurious resend due to timeout 12388 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12389 run_test "DTLS proxy: duplicate every packet" \ 12390 -p "$P_PXY duplicate=1" \ 12391 "$P_SRV dtls=1 dgram_packing=0 debug_level=2 hs_timeout=10000-20000" \ 12392 "$P_CLI dtls=1 dgram_packing=0 debug_level=2 hs_timeout=10000-20000" \ 12393 0 \ 12394 -c "replayed record" \ 12395 -s "replayed record" \ 12396 -c "record from another epoch" \ 12397 -s "record from another epoch" \ 12398 -S "resend" \ 12399 -s "Extra-header:" \ 12400 -c "HTTP/1.0 200 OK" 12401 12402 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12403 run_test "DTLS proxy: duplicate every packet, server anti-replay off" \ 12404 -p "$P_PXY duplicate=1" \ 12405 "$P_SRV dtls=1 dgram_packing=0 debug_level=2 anti_replay=0" \ 12406 "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \ 12407 0 \ 12408 -c "replayed record" \ 12409 -S "replayed record" \ 12410 -c "record from another epoch" \ 12411 -s "record from another epoch" \ 12412 -c "resend" \ 12413 -s "resend" \ 12414 -s "Extra-header:" \ 12415 -c "HTTP/1.0 200 OK" 12416 12417 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12418 run_test "DTLS proxy: multiple records in same datagram" \ 12419 -p "$P_PXY pack=50" \ 12420 "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \ 12421 "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \ 12422 0 \ 12423 -c "next record in same datagram" \ 12424 -s "next record in same datagram" 12425 12426 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12427 run_test "DTLS proxy: multiple records in same datagram, duplicate every packet" \ 12428 -p "$P_PXY pack=50 duplicate=1" \ 12429 "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \ 12430 "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \ 12431 0 \ 12432 -c "next record in same datagram" \ 12433 -s "next record in same datagram" 12434 12435 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12436 run_test "DTLS proxy: inject invalid AD record, default badmac_limit" \ 12437 -p "$P_PXY bad_ad=1" \ 12438 "$P_SRV dtls=1 dgram_packing=0 debug_level=1" \ 12439 "$P_CLI dtls=1 dgram_packing=0 debug_level=1 read_timeout=100" \ 12440 0 \ 12441 -c "discarding invalid record (mac)" \ 12442 -s "discarding invalid record (mac)" \ 12443 -s "Extra-header:" \ 12444 -c "HTTP/1.0 200 OK" \ 12445 -S "too many records with bad MAC" \ 12446 -S "Verification of the message MAC failed" 12447 12448 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12449 run_test "DTLS proxy: inject invalid AD record, badmac_limit 1" \ 12450 -p "$P_PXY bad_ad=1" \ 12451 "$P_SRV dtls=1 dgram_packing=0 debug_level=1 badmac_limit=1" \ 12452 "$P_CLI dtls=1 dgram_packing=0 debug_level=1 read_timeout=100" \ 12453 1 \ 12454 -C "discarding invalid record (mac)" \ 12455 -S "discarding invalid record (mac)" \ 12456 -S "Extra-header:" \ 12457 -C "HTTP/1.0 200 OK" \ 12458 -s "too many records with bad MAC" \ 12459 -s "Verification of the message MAC failed" 12460 12461 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12462 run_test "DTLS proxy: inject invalid AD record, badmac_limit 2" \ 12463 -p "$P_PXY bad_ad=1" \ 12464 "$P_SRV dtls=1 dgram_packing=0 debug_level=1 badmac_limit=2" \ 12465 "$P_CLI dtls=1 dgram_packing=0 debug_level=1 read_timeout=100" \ 12466 0 \ 12467 -c "discarding invalid record (mac)" \ 12468 -s "discarding invalid record (mac)" \ 12469 -s "Extra-header:" \ 12470 -c "HTTP/1.0 200 OK" \ 12471 -S "too many records with bad MAC" \ 12472 -S "Verification of the message MAC failed" 12473 12474 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12475 run_test "DTLS proxy: inject invalid AD record, badmac_limit 2, exchanges 2"\ 12476 -p "$P_PXY bad_ad=1" \ 12477 "$P_SRV dtls=1 dgram_packing=0 debug_level=1 badmac_limit=2 exchanges=2" \ 12478 "$P_CLI dtls=1 dgram_packing=0 debug_level=1 read_timeout=100 exchanges=2" \ 12479 1 \ 12480 -c "discarding invalid record (mac)" \ 12481 -s "discarding invalid record (mac)" \ 12482 -s "Extra-header:" \ 12483 -c "HTTP/1.0 200 OK" \ 12484 -s "too many records with bad MAC" \ 12485 -s "Verification of the message MAC failed" 12486 12487 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12488 run_test "DTLS proxy: delay ChangeCipherSpec" \ 12489 -p "$P_PXY delay_ccs=1" \ 12490 "$P_SRV dtls=1 debug_level=1 dgram_packing=0" \ 12491 "$P_CLI dtls=1 debug_level=1 dgram_packing=0" \ 12492 0 \ 12493 -c "record from another epoch" \ 12494 -s "record from another epoch" \ 12495 -s "Extra-header:" \ 12496 -c "HTTP/1.0 200 OK" 12497 12498 # Tests for reordering support with DTLS 12499 12500 requires_certificate_authentication 12501 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12502 run_test "DTLS reordering: Buffer out-of-order handshake message on client" \ 12503 -p "$P_PXY delay_srv=ServerHello" \ 12504 "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \ 12505 hs_timeout=2500-60000" \ 12506 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ 12507 hs_timeout=2500-60000" \ 12508 0 \ 12509 -c "Buffering HS message" \ 12510 -c "Next handshake message has been buffered - load"\ 12511 -S "Buffering HS message" \ 12512 -S "Next handshake message has been buffered - load"\ 12513 -C "Injecting buffered CCS message" \ 12514 -C "Remember CCS message" \ 12515 -S "Injecting buffered CCS message" \ 12516 -S "Remember CCS message" 12517 12518 requires_certificate_authentication 12519 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12520 run_test "DTLS reordering: Buffer out-of-order handshake message fragment on client" \ 12521 -p "$P_PXY delay_srv=ServerHello" \ 12522 "$P_SRV mtu=512 dgram_packing=0 cookies=0 dtls=1 debug_level=2 \ 12523 hs_timeout=2500-60000" \ 12524 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ 12525 hs_timeout=2500-60000" \ 12526 0 \ 12527 -c "Buffering HS message" \ 12528 -c "found fragmented DTLS handshake message"\ 12529 -c "Next handshake message 1 not or only partially bufffered" \ 12530 -c "Next handshake message has been buffered - load"\ 12531 -S "Buffering HS message" \ 12532 -S "Next handshake message has been buffered - load"\ 12533 -C "Injecting buffered CCS message" \ 12534 -C "Remember CCS message" \ 12535 -S "Injecting buffered CCS message" \ 12536 -S "Remember CCS message" 12537 12538 # The client buffers the ServerKeyExchange before receiving the fragmented 12539 # Certificate message; at the time of writing, together these are aroudn 1200b 12540 # in size, so that the bound below ensures that the certificate can be reassembled 12541 # while keeping the ServerKeyExchange. 12542 requires_certificate_authentication 12543 requires_config_value_at_least "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 1300 12544 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12545 run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling next" \ 12546 -p "$P_PXY delay_srv=Certificate delay_srv=Certificate" \ 12547 "$P_SRV mtu=512 dgram_packing=0 cookies=0 dtls=1 debug_level=2 \ 12548 hs_timeout=2500-60000" \ 12549 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ 12550 hs_timeout=2500-60000" \ 12551 0 \ 12552 -c "Buffering HS message" \ 12553 -c "Next handshake message has been buffered - load"\ 12554 -C "attempt to make space by freeing buffered messages" \ 12555 -S "Buffering HS message" \ 12556 -S "Next handshake message has been buffered - load"\ 12557 -C "Injecting buffered CCS message" \ 12558 -C "Remember CCS message" \ 12559 -S "Injecting buffered CCS message" \ 12560 -S "Remember CCS message" 12561 12562 # The size constraints ensure that the delayed certificate message can't 12563 # be reassembled while keeping the ServerKeyExchange message, but it can 12564 # when dropping it first. 12565 requires_certificate_authentication 12566 requires_config_value_at_least "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 900 12567 requires_config_value_at_most "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 1299 12568 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12569 run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling next, free buffered msg" \ 12570 -p "$P_PXY delay_srv=Certificate delay_srv=Certificate" \ 12571 "$P_SRV mtu=512 dgram_packing=0 cookies=0 dtls=1 debug_level=2 \ 12572 hs_timeout=2500-60000" \ 12573 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ 12574 hs_timeout=2500-60000" \ 12575 0 \ 12576 -c "Buffering HS message" \ 12577 -c "attempt to make space by freeing buffered future messages" \ 12578 -c "Enough space available after freeing buffered HS messages" \ 12579 -S "Buffering HS message" \ 12580 -S "Next handshake message has been buffered - load"\ 12581 -C "Injecting buffered CCS message" \ 12582 -C "Remember CCS message" \ 12583 -S "Injecting buffered CCS message" \ 12584 -S "Remember CCS message" 12585 12586 requires_certificate_authentication 12587 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12588 run_test "DTLS reordering: Buffer out-of-order handshake message on server" \ 12589 -p "$P_PXY delay_cli=Certificate" \ 12590 "$P_SRV dgram_packing=0 auth_mode=required cookies=0 dtls=1 debug_level=2 \ 12591 hs_timeout=2500-60000" \ 12592 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ 12593 hs_timeout=2500-60000" \ 12594 0 \ 12595 -C "Buffering HS message" \ 12596 -C "Next handshake message has been buffered - load"\ 12597 -s "Buffering HS message" \ 12598 -s "Next handshake message has been buffered - load" \ 12599 -C "Injecting buffered CCS message" \ 12600 -C "Remember CCS message" \ 12601 -S "Injecting buffered CCS message" \ 12602 -S "Remember CCS message" 12603 12604 requires_certificate_authentication 12605 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12606 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 12607 run_test "DTLS reordering: Buffer out-of-order CCS message on client"\ 12608 -p "$P_PXY delay_srv=NewSessionTicket" \ 12609 "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \ 12610 hs_timeout=2500-60000" \ 12611 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ 12612 hs_timeout=2500-60000" \ 12613 0 \ 12614 -C "Buffering HS message" \ 12615 -C "Next handshake message has been buffered - load"\ 12616 -S "Buffering HS message" \ 12617 -S "Next handshake message has been buffered - load" \ 12618 -c "Injecting buffered CCS message" \ 12619 -c "Remember CCS message" \ 12620 -S "Injecting buffered CCS message" \ 12621 -S "Remember CCS message" 12622 12623 requires_certificate_authentication 12624 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12625 run_test "DTLS reordering: Buffer out-of-order CCS message on server"\ 12626 -p "$P_PXY delay_cli=ClientKeyExchange" \ 12627 "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \ 12628 hs_timeout=2500-60000" \ 12629 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ 12630 hs_timeout=2500-60000" \ 12631 0 \ 12632 -C "Buffering HS message" \ 12633 -C "Next handshake message has been buffered - load"\ 12634 -S "Buffering HS message" \ 12635 -S "Next handshake message has been buffered - load" \ 12636 -C "Injecting buffered CCS message" \ 12637 -C "Remember CCS message" \ 12638 -s "Injecting buffered CCS message" \ 12639 -s "Remember CCS message" 12640 12641 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12642 run_test "DTLS reordering: Buffer encrypted Finished message" \ 12643 -p "$P_PXY delay_ccs=1" \ 12644 "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \ 12645 hs_timeout=2500-60000" \ 12646 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \ 12647 hs_timeout=2500-60000" \ 12648 0 \ 12649 -s "Buffer record from epoch 1" \ 12650 -s "Found buffered record from current epoch - load" \ 12651 -c "Buffer record from epoch 1" \ 12652 -c "Found buffered record from current epoch - load" 12653 12654 # In this test, both the fragmented NewSessionTicket and the ChangeCipherSpec 12655 # from the server are delayed, so that the encrypted Finished message 12656 # is received and buffered. When the fragmented NewSessionTicket comes 12657 # in afterwards, the encrypted Finished message must be freed in order 12658 # to make space for the NewSessionTicket to be reassembled. 12659 # This works only in very particular circumstances: 12660 # - MBEDTLS_SSL_DTLS_MAX_BUFFERING must be large enough to allow buffering 12661 # of the NewSessionTicket, but small enough to also allow buffering of 12662 # the encrypted Finished message. 12663 # - The MTU setting on the server must be so small that the NewSessionTicket 12664 # needs to be fragmented. 12665 # - All messages sent by the server must be small enough to be either sent 12666 # without fragmentation or be reassembled within the bounds of 12667 # MBEDTLS_SSL_DTLS_MAX_BUFFERING. Achieve this by testing with a PSK-based 12668 # handshake, omitting CRTs. 12669 requires_config_value_at_least "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 190 12670 requires_config_value_at_most "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 230 12671 run_test "DTLS reordering: Buffer encrypted Finished message, drop for fragmented NewSessionTicket" \ 12672 -p "$P_PXY delay_srv=NewSessionTicket delay_srv=NewSessionTicket delay_ccs=1" \ 12673 "$P_SRV mtu=140 response_size=90 dgram_packing=0 psk=73776f726466697368 psk_identity=foo cookies=0 dtls=1 debug_level=2" \ 12674 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8 psk=73776f726466697368 psk_identity=foo" \ 12675 0 \ 12676 -s "Buffer record from epoch 1" \ 12677 -s "Found buffered record from current epoch - load" \ 12678 -c "Buffer record from epoch 1" \ 12679 -C "Found buffered record from current epoch - load" \ 12680 -c "Enough space available after freeing future epoch record" 12681 12682 # Tests for "randomly unreliable connection": try a variety of flows and peers 12683 12684 client_needs_more_time 2 12685 run_test "DTLS proxy: 3d (drop, delay, duplicate), \"short\" PSK handshake" \ 12686 -p "$P_PXY drop=5 delay=5 duplicate=5" \ 12687 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 \ 12688 psk=73776f726466697368" \ 12689 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=73776f726466697368 \ 12690 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \ 12691 0 \ 12692 -s "Extra-header:" \ 12693 -c "HTTP/1.0 200 OK" 12694 12695 client_needs_more_time 2 12696 run_test "DTLS proxy: 3d, \"short\" RSA handshake" \ 12697 -p "$P_PXY drop=5 delay=5 duplicate=5" \ 12698 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none" \ 12699 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 \ 12700 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \ 12701 0 \ 12702 -s "Extra-header:" \ 12703 -c "HTTP/1.0 200 OK" 12704 12705 client_needs_more_time 2 12706 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12707 run_test "DTLS proxy: 3d, \"short\" (no ticket, no cli_auth) FS handshake" \ 12708 -p "$P_PXY drop=5 delay=5 duplicate=5" \ 12709 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none" \ 12710 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0" \ 12711 0 \ 12712 -s "Extra-header:" \ 12713 -c "HTTP/1.0 200 OK" 12714 12715 client_needs_more_time 2 12716 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12717 run_test "DTLS proxy: 3d, FS, client auth" \ 12718 -p "$P_PXY drop=5 delay=5 duplicate=5" \ 12719 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=required" \ 12720 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0" \ 12721 0 \ 12722 -s "Extra-header:" \ 12723 -c "HTTP/1.0 200 OK" 12724 12725 client_needs_more_time 2 12726 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12727 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 12728 run_test "DTLS proxy: 3d, FS, ticket" \ 12729 -p "$P_PXY drop=5 delay=5 duplicate=5" \ 12730 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1 auth_mode=none" \ 12731 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1" \ 12732 0 \ 12733 -s "Extra-header:" \ 12734 -c "HTTP/1.0 200 OK" 12735 12736 client_needs_more_time 2 12737 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12738 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 12739 run_test "DTLS proxy: 3d, max handshake (FS, ticket + client auth)" \ 12740 -p "$P_PXY drop=5 delay=5 duplicate=5" \ 12741 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1 auth_mode=required" \ 12742 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1" \ 12743 0 \ 12744 -s "Extra-header:" \ 12745 -c "HTTP/1.0 200 OK" 12746 12747 client_needs_more_time 2 12748 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12749 requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS 12750 run_test "DTLS proxy: 3d, max handshake, nbio" \ 12751 -p "$P_PXY drop=5 delay=5 duplicate=5" \ 12752 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 nbio=2 tickets=1 \ 12753 auth_mode=required" \ 12754 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 nbio=2 tickets=1" \ 12755 0 \ 12756 -s "Extra-header:" \ 12757 -c "HTTP/1.0 200 OK" 12758 12759 client_needs_more_time 4 12760 requires_config_enabled MBEDTLS_SSL_CACHE_C 12761 run_test "DTLS proxy: 3d, min handshake, resumption" \ 12762 -p "$P_PXY drop=5 delay=5 duplicate=5" \ 12763 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \ 12764 psk=73776f726466697368 debug_level=3" \ 12765 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=73776f726466697368 \ 12766 debug_level=3 reconnect=1 skip_close_notify=1 read_timeout=1000 max_resend=10 \ 12767 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \ 12768 0 \ 12769 -s "a session has been resumed" \ 12770 -c "a session has been resumed" \ 12771 -s "Extra-header:" \ 12772 -c "HTTP/1.0 200 OK" 12773 12774 client_needs_more_time 4 12775 requires_config_enabled MBEDTLS_SSL_CACHE_C 12776 run_test "DTLS proxy: 3d, min handshake, resumption, nbio" \ 12777 -p "$P_PXY drop=5 delay=5 duplicate=5" \ 12778 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \ 12779 psk=73776f726466697368 debug_level=3 nbio=2" \ 12780 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=73776f726466697368 \ 12781 debug_level=3 reconnect=1 skip_close_notify=1 read_timeout=1000 max_resend=10 \ 12782 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8 nbio=2" \ 12783 0 \ 12784 -s "a session has been resumed" \ 12785 -c "a session has been resumed" \ 12786 -s "Extra-header:" \ 12787 -c "HTTP/1.0 200 OK" 12788 12789 client_needs_more_time 4 12790 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 12791 run_test "DTLS proxy: 3d, min handshake, client-initiated renego" \ 12792 -p "$P_PXY drop=5 delay=5 duplicate=5" \ 12793 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \ 12794 psk=73776f726466697368 renegotiation=1 debug_level=2" \ 12795 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=73776f726466697368 \ 12796 renegotiate=1 debug_level=2 \ 12797 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \ 12798 0 \ 12799 -c "=> renegotiate" \ 12800 -s "=> renegotiate" \ 12801 -s "Extra-header:" \ 12802 -c "HTTP/1.0 200 OK" 12803 12804 client_needs_more_time 4 12805 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 12806 run_test "DTLS proxy: 3d, min handshake, client-initiated renego, nbio" \ 12807 -p "$P_PXY drop=5 delay=5 duplicate=5" \ 12808 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \ 12809 psk=73776f726466697368 renegotiation=1 debug_level=2" \ 12810 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=73776f726466697368 \ 12811 renegotiate=1 debug_level=2 \ 12812 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \ 12813 0 \ 12814 -c "=> renegotiate" \ 12815 -s "=> renegotiate" \ 12816 -s "Extra-header:" \ 12817 -c "HTTP/1.0 200 OK" 12818 12819 client_needs_more_time 4 12820 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 12821 run_test "DTLS proxy: 3d, min handshake, server-initiated renego" \ 12822 -p "$P_PXY drop=5 delay=5 duplicate=5" \ 12823 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \ 12824 psk=73776f726466697368 renegotiate=1 renegotiation=1 exchanges=4 \ 12825 debug_level=2" \ 12826 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=73776f726466697368 \ 12827 renegotiation=1 exchanges=4 debug_level=2 \ 12828 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \ 12829 0 \ 12830 -c "=> renegotiate" \ 12831 -s "=> renegotiate" \ 12832 -s "Extra-header:" \ 12833 -c "HTTP/1.0 200 OK" 12834 12835 client_needs_more_time 4 12836 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 12837 run_test "DTLS proxy: 3d, min handshake, server-initiated renego, nbio" \ 12838 -p "$P_PXY drop=5 delay=5 duplicate=5" \ 12839 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \ 12840 psk=73776f726466697368 renegotiate=1 renegotiation=1 exchanges=4 \ 12841 debug_level=2 nbio=2" \ 12842 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=73776f726466697368 \ 12843 renegotiation=1 exchanges=4 debug_level=2 nbio=2 \ 12844 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \ 12845 0 \ 12846 -c "=> renegotiate" \ 12847 -s "=> renegotiate" \ 12848 -s "Extra-header:" \ 12849 -c "HTTP/1.0 200 OK" 12850 12851 ## The three tests below require 1.1.1a or higher version of openssl, otherwise 12852 ## it might trigger a bug due to openssl (https://github.com/openssl/openssl/issues/6902) 12853 ## Besides, openssl should use dtls1_2 or dtls, otherwise it will cause "SSL alert number 70" error 12854 requires_openssl_next 12855 client_needs_more_time 6 12856 not_with_valgrind # risk of non-mbedtls peer timing out 12857 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12858 run_test "DTLS proxy: 3d, openssl server" \ 12859 -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \ 12860 "$O_NEXT_SRV -dtls1_2 -mtu 2048" \ 12861 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 tickets=0" \ 12862 0 \ 12863 -c "HTTP/1.0 200 OK" 12864 12865 requires_openssl_next 12866 client_needs_more_time 8 12867 not_with_valgrind # risk of non-mbedtls peer timing out 12868 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12869 run_test "DTLS proxy: 3d, openssl server, fragmentation" \ 12870 -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \ 12871 "$O_NEXT_SRV -dtls1_2 -mtu 768" \ 12872 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 tickets=0" \ 12873 0 \ 12874 -c "HTTP/1.0 200 OK" 12875 12876 requires_openssl_next 12877 client_needs_more_time 8 12878 not_with_valgrind # risk of non-mbedtls peer timing out 12879 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12880 run_test "DTLS proxy: 3d, openssl server, fragmentation, nbio" \ 12881 -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \ 12882 "$O_NEXT_SRV -dtls1_2 -mtu 768" \ 12883 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 nbio=2 tickets=0" \ 12884 0 \ 12885 -c "HTTP/1.0 200 OK" 12886 12887 requires_gnutls 12888 client_needs_more_time 6 12889 not_with_valgrind # risk of non-mbedtls peer timing out 12890 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12891 run_test "DTLS proxy: 3d, gnutls server" \ 12892 -p "$P_PXY drop=5 delay=5 duplicate=5" \ 12893 "$G_SRV -u --mtu 2048 -a" \ 12894 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000" \ 12895 0 \ 12896 -s "Extra-header:" \ 12897 -c "Extra-header:" 12898 12899 requires_gnutls_next 12900 client_needs_more_time 8 12901 not_with_valgrind # risk of non-mbedtls peer timing out 12902 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12903 run_test "DTLS proxy: 3d, gnutls server, fragmentation" \ 12904 -p "$P_PXY drop=5 delay=5 duplicate=5" \ 12905 "$G_NEXT_SRV -u --mtu 512" \ 12906 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000" \ 12907 0 \ 12908 -s "Extra-header:" \ 12909 -c "Extra-header:" 12910 12911 requires_gnutls_next 12912 client_needs_more_time 8 12913 not_with_valgrind # risk of non-mbedtls peer timing out 12914 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12915 run_test "DTLS proxy: 3d, gnutls server, fragmentation, nbio" \ 12916 -p "$P_PXY drop=5 delay=5 duplicate=5" \ 12917 "$G_NEXT_SRV -u --mtu 512" \ 12918 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 nbio=2" \ 12919 0 \ 12920 -s "Extra-header:" \ 12921 -c "Extra-header:" 12922 12923 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12924 run_test "export keys functionality" \ 12925 "$P_SRV eap_tls=1 debug_level=3" \ 12926 "$P_CLI force_version=tls12 eap_tls=1 debug_level=3" \ 12927 0 \ 12928 -c "EAP-TLS key material is:"\ 12929 -s "EAP-TLS key material is:"\ 12930 -c "EAP-TLS IV is:" \ 12931 -s "EAP-TLS IV is:" 12932 12933 # openssl feature tests: check if tls1.3 exists. 12934 requires_openssl_tls1_3 12935 run_test "TLS 1.3: Test openssl tls1_3 feature" \ 12936 "$O_NEXT_SRV -tls1_3 -msg" \ 12937 "$O_NEXT_CLI -tls1_3 -msg" \ 12938 0 \ 12939 -c "TLS 1.3" \ 12940 -s "TLS 1.3" 12941 12942 # gnutls feature tests: check if TLS 1.3 is supported as well as the NO_TICKETS and DISABLE_TLS13_COMPAT_MODE options. 12943 requires_gnutls_tls1_3 12944 requires_gnutls_next_no_ticket 12945 requires_gnutls_next_disable_tls13_compat 12946 run_test "TLS 1.3: Test gnutls tls1_3 feature" \ 12947 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE --disable-client-cert " \ 12948 "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \ 12949 0 \ 12950 -s "Version: TLS1.3" \ 12951 -c "Version: TLS1.3" 12952 12953 # TLS1.3 test cases 12954 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 12955 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 12956 requires_ciphersuite_enabled TLS1-3-CHACHA20-POLY1305-SHA256 12957 requires_any_configs_enabled "PSA_WANT_ECC_MONTGOMERY_255" 12958 requires_any_configs_enabled "PSA_WANT_ECC_SECP_R1_256" 12959 run_test "TLS 1.3: Default" \ 12960 "$P_SRV allow_sha1=0 debug_level=3 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key force_version=tls13" \ 12961 "$P_CLI allow_sha1=0" \ 12962 0 \ 12963 -s "Protocol is TLSv1.3" \ 12964 -s "Ciphersuite is TLS1-3-CHACHA20-POLY1305-SHA256" \ 12965 -s "ECDH/FFDH group: " \ 12966 -s "selected signature algorithm ecdsa_secp256r1_sha256" 12967 12968 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12969 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 12970 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 12971 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 12972 run_test "Establish TLS 1.2 then TLS 1.3 session" \ 12973 "$P_SRV" \ 12974 "( $P_CLI force_version=tls12; \ 12975 $P_CLI force_version=tls13 )" \ 12976 0 \ 12977 -s "Protocol is TLSv1.2" \ 12978 -s "Protocol is TLSv1.3" \ 12979 12980 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 12981 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 12982 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 12983 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT 12984 run_test "Establish TLS 1.3 then TLS 1.2 session" \ 12985 "$P_SRV" \ 12986 "( $P_CLI force_version=tls13; \ 12987 $P_CLI force_version=tls12 )" \ 12988 0 \ 12989 -s "Protocol is TLSv1.3" \ 12990 -s "Protocol is TLSv1.2" \ 12991 12992 requires_openssl_tls1_3_with_compatible_ephemeral 12993 requires_config_enabled MBEDTLS_DEBUG_C 12994 requires_config_enabled MBEDTLS_SSL_CLI_C 12995 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 12996 run_test "TLS 1.3: minimal feature sets - openssl" \ 12997 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ 12998 "$P_CLI debug_level=3" \ 12999 0 \ 13000 -c "client state: MBEDTLS_SSL_HELLO_REQUEST" \ 13001 -c "client state: MBEDTLS_SSL_SERVER_HELLO" \ 13002 -c "client state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \ 13003 -c "client state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \ 13004 -c "client state: MBEDTLS_SSL_SERVER_CERTIFICATE" \ 13005 -c "client state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \ 13006 -c "client state: MBEDTLS_SSL_SERVER_FINISHED" \ 13007 -c "client state: MBEDTLS_SSL_CLIENT_FINISHED" \ 13008 -c "client state: MBEDTLS_SSL_FLUSH_BUFFERS" \ 13009 -c "client state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \ 13010 -c "<= ssl_tls13_process_server_hello" \ 13011 -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \ 13012 -c "DHE group name: " \ 13013 -c "=> ssl_tls13_process_server_hello" \ 13014 -c "<= parse encrypted extensions" \ 13015 -c "Certificate verification flags clear" \ 13016 -c "=> parse certificate verify" \ 13017 -c "<= parse certificate verify" \ 13018 -c "mbedtls_ssl_tls13_process_certificate_verify() returned 0" \ 13019 -c "<= parse finished message" \ 13020 -c "Protocol is TLSv1.3" \ 13021 -c "HTTP/1.0 200 ok" 13022 13023 requires_gnutls_tls1_3 13024 requires_gnutls_next_no_ticket 13025 requires_config_enabled MBEDTLS_DEBUG_C 13026 requires_config_enabled MBEDTLS_SSL_CLI_C 13027 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13028 run_test "TLS 1.3: minimal feature sets - gnutls" \ 13029 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS --disable-client-cert" \ 13030 "$P_CLI debug_level=3" \ 13031 0 \ 13032 -s "SERVER HELLO was queued" \ 13033 -c "client state: MBEDTLS_SSL_HELLO_REQUEST" \ 13034 -c "client state: MBEDTLS_SSL_SERVER_HELLO" \ 13035 -c "client state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \ 13036 -c "client state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \ 13037 -c "client state: MBEDTLS_SSL_SERVER_CERTIFICATE" \ 13038 -c "client state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \ 13039 -c "client state: MBEDTLS_SSL_SERVER_FINISHED" \ 13040 -c "client state: MBEDTLS_SSL_CLIENT_FINISHED" \ 13041 -c "client state: MBEDTLS_SSL_FLUSH_BUFFERS" \ 13042 -c "client state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \ 13043 -c "<= ssl_tls13_process_server_hello" \ 13044 -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \ 13045 -c "DHE group name: " \ 13046 -c "=> ssl_tls13_process_server_hello" \ 13047 -c "<= parse encrypted extensions" \ 13048 -c "Certificate verification flags clear" \ 13049 -c "=> parse certificate verify" \ 13050 -c "<= parse certificate verify" \ 13051 -c "mbedtls_ssl_tls13_process_certificate_verify() returned 0" \ 13052 -c "<= parse finished message" \ 13053 -c "Protocol is TLSv1.3" \ 13054 -c "HTTP/1.0 200 OK" 13055 13056 requires_openssl_tls1_3_with_compatible_ephemeral 13057 requires_config_enabled MBEDTLS_DEBUG_C 13058 requires_config_enabled MBEDTLS_SSL_CLI_C 13059 requires_config_enabled MBEDTLS_SSL_ALPN 13060 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13061 run_test "TLS 1.3: alpn - openssl" \ 13062 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -alpn h2" \ 13063 "$P_CLI debug_level=3 alpn=h2" \ 13064 0 \ 13065 -c "client state: MBEDTLS_SSL_HELLO_REQUEST" \ 13066 -c "client state: MBEDTLS_SSL_SERVER_HELLO" \ 13067 -c "client state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \ 13068 -c "client state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \ 13069 -c "client state: MBEDTLS_SSL_SERVER_CERTIFICATE" \ 13070 -c "client state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \ 13071 -c "client state: MBEDTLS_SSL_SERVER_FINISHED" \ 13072 -c "client state: MBEDTLS_SSL_CLIENT_FINISHED" \ 13073 -c "client state: MBEDTLS_SSL_FLUSH_BUFFERS" \ 13074 -c "client state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \ 13075 -c "<= ssl_tls13_process_server_hello" \ 13076 -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \ 13077 -c "DHE group name: " \ 13078 -c "=> ssl_tls13_process_server_hello" \ 13079 -c "<= parse encrypted extensions" \ 13080 -c "Certificate verification flags clear" \ 13081 -c "=> parse certificate verify" \ 13082 -c "<= parse certificate verify" \ 13083 -c "mbedtls_ssl_tls13_process_certificate_verify() returned 0" \ 13084 -c "<= parse finished message" \ 13085 -c "Protocol is TLSv1.3" \ 13086 -c "HTTP/1.0 200 ok" \ 13087 -c "Application Layer Protocol is h2" 13088 13089 requires_gnutls_tls1_3 13090 requires_gnutls_next_no_ticket 13091 requires_config_enabled MBEDTLS_DEBUG_C 13092 requires_config_enabled MBEDTLS_SSL_CLI_C 13093 requires_config_enabled MBEDTLS_SSL_ALPN 13094 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13095 run_test "TLS 1.3: alpn - gnutls" \ 13096 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS --disable-client-cert --alpn=h2" \ 13097 "$P_CLI debug_level=3 alpn=h2" \ 13098 0 \ 13099 -s "SERVER HELLO was queued" \ 13100 -c "client state: MBEDTLS_SSL_HELLO_REQUEST" \ 13101 -c "client state: MBEDTLS_SSL_SERVER_HELLO" \ 13102 -c "client state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \ 13103 -c "client state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \ 13104 -c "client state: MBEDTLS_SSL_SERVER_CERTIFICATE" \ 13105 -c "client state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \ 13106 -c "client state: MBEDTLS_SSL_SERVER_FINISHED" \ 13107 -c "client state: MBEDTLS_SSL_CLIENT_FINISHED" \ 13108 -c "client state: MBEDTLS_SSL_FLUSH_BUFFERS" \ 13109 -c "client state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \ 13110 -c "<= ssl_tls13_process_server_hello" \ 13111 -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \ 13112 -c "DHE group name: " \ 13113 -c "=> ssl_tls13_process_server_hello" \ 13114 -c "<= parse encrypted extensions" \ 13115 -c "Certificate verification flags clear" \ 13116 -c "=> parse certificate verify" \ 13117 -c "<= parse certificate verify" \ 13118 -c "mbedtls_ssl_tls13_process_certificate_verify() returned 0" \ 13119 -c "<= parse finished message" \ 13120 -c "Protocol is TLSv1.3" \ 13121 -c "HTTP/1.0 200 OK" \ 13122 -c "Application Layer Protocol is h2" 13123 13124 requires_openssl_tls1_3_with_compatible_ephemeral 13125 requires_config_enabled MBEDTLS_DEBUG_C 13126 requires_config_enabled MBEDTLS_SSL_SRV_C 13127 requires_config_enabled MBEDTLS_SSL_ALPN 13128 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13129 run_test "TLS 1.3: server alpn - openssl" \ 13130 "$P_SRV debug_level=3 tickets=0 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key alpn=h2" \ 13131 "$O_NEXT_CLI -msg -tls1_3 -no_middlebox -alpn h2" \ 13132 0 \ 13133 -s "found alpn extension" \ 13134 -s "server side, adding alpn extension" \ 13135 -s "Protocol is TLSv1.3" \ 13136 -s "HTTP/1.0 200 OK" \ 13137 -s "Application Layer Protocol is h2" 13138 13139 requires_gnutls_tls1_3 13140 requires_config_enabled MBEDTLS_DEBUG_C 13141 requires_config_enabled MBEDTLS_SSL_SRV_C 13142 requires_config_enabled MBEDTLS_SSL_ALPN 13143 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13144 run_test "TLS 1.3: server alpn - gnutls" \ 13145 "$P_SRV debug_level=3 tickets=0 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key alpn=h2" \ 13146 "$G_NEXT_CLI localhost -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V --alpn h2" \ 13147 0 \ 13148 -s "found alpn extension" \ 13149 -s "server side, adding alpn extension" \ 13150 -s "Protocol is TLSv1.3" \ 13151 -s "HTTP/1.0 200 OK" \ 13152 -s "Application Layer Protocol is h2" 13153 13154 requires_openssl_tls1_3_with_compatible_ephemeral 13155 requires_config_enabled MBEDTLS_DEBUG_C 13156 requires_config_enabled MBEDTLS_SSL_CLI_C 13157 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13158 run_test "TLS 1.3: Client authentication, no client certificate - openssl" \ 13159 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -verify 10" \ 13160 "$P_CLI debug_level=4 crt_file=none key_file=none" \ 13161 0 \ 13162 -c "got a certificate request" \ 13163 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13164 -s "TLS 1.3" \ 13165 -c "HTTP/1.0 200 ok" \ 13166 -c "Protocol is TLSv1.3" 13167 13168 requires_gnutls_tls1_3 13169 requires_gnutls_next_no_ticket 13170 requires_config_enabled MBEDTLS_DEBUG_C 13171 requires_config_enabled MBEDTLS_SSL_CLI_C 13172 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13173 run_test "TLS 1.3: Client authentication, no client certificate - gnutls" \ 13174 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS --verify-client-cert" \ 13175 "$P_CLI debug_level=3 crt_file=none key_file=none" \ 13176 0 \ 13177 -c "got a certificate request" \ 13178 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE"\ 13179 -s "Version: TLS1.3" \ 13180 -c "HTTP/1.0 200 OK" \ 13181 -c "Protocol is TLSv1.3" 13182 13183 13184 requires_openssl_tls1_3_with_compatible_ephemeral 13185 requires_config_enabled MBEDTLS_DEBUG_C 13186 requires_config_enabled MBEDTLS_SSL_CLI_C 13187 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13188 run_test "TLS 1.3: Client authentication, no server middlebox compat - openssl" \ 13189 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10 -no_middlebox" \ 13190 "$P_CLI debug_level=4 crt_file=$DATA_FILES_PATH/cli2.crt key_file=$DATA_FILES_PATH/cli2.key" \ 13191 0 \ 13192 -c "got a certificate request" \ 13193 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13194 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ 13195 -c "Protocol is TLSv1.3" 13196 13197 requires_gnutls_tls1_3 13198 requires_gnutls_next_no_ticket 13199 requires_config_enabled MBEDTLS_DEBUG_C 13200 requires_config_enabled MBEDTLS_SSL_CLI_C 13201 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13202 run_test "TLS 1.3: Client authentication, no server middlebox compat - gnutls" \ 13203 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \ 13204 "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/cli2.crt \ 13205 key_file=$DATA_FILES_PATH/cli2.key" \ 13206 0 \ 13207 -c "got a certificate request" \ 13208 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13209 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ 13210 -c "Protocol is TLSv1.3" 13211 13212 requires_openssl_tls1_3_with_compatible_ephemeral 13213 requires_config_enabled MBEDTLS_DEBUG_C 13214 requires_config_enabled MBEDTLS_SSL_CLI_C 13215 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13216 run_test "TLS 1.3: Client authentication, ecdsa_secp256r1_sha256 - openssl" \ 13217 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \ 13218 "$P_CLI debug_level=4 crt_file=$DATA_FILES_PATH/ecdsa_secp256r1.crt \ 13219 key_file=$DATA_FILES_PATH/ecdsa_secp256r1.key" \ 13220 0 \ 13221 -c "got a certificate request" \ 13222 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13223 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ 13224 -c "Protocol is TLSv1.3" 13225 13226 requires_gnutls_tls1_3 13227 requires_gnutls_next_no_ticket 13228 requires_config_enabled MBEDTLS_DEBUG_C 13229 requires_config_enabled MBEDTLS_SSL_CLI_C 13230 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13231 run_test "TLS 1.3: Client authentication, ecdsa_secp256r1_sha256 - gnutls" \ 13232 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \ 13233 "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/ecdsa_secp256r1.crt \ 13234 key_file=$DATA_FILES_PATH/ecdsa_secp256r1.key" \ 13235 0 \ 13236 -c "got a certificate request" \ 13237 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13238 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ 13239 -c "Protocol is TLSv1.3" 13240 13241 requires_openssl_tls1_3_with_compatible_ephemeral 13242 requires_config_enabled MBEDTLS_DEBUG_C 13243 requires_config_enabled MBEDTLS_SSL_CLI_C 13244 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13245 run_test "TLS 1.3: Client authentication, ecdsa_secp384r1_sha384 - openssl" \ 13246 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \ 13247 "$P_CLI debug_level=4 crt_file=$DATA_FILES_PATH/ecdsa_secp384r1.crt \ 13248 key_file=$DATA_FILES_PATH/ecdsa_secp384r1.key" \ 13249 0 \ 13250 -c "got a certificate request" \ 13251 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13252 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ 13253 -c "Protocol is TLSv1.3" 13254 13255 requires_gnutls_tls1_3 13256 requires_gnutls_next_no_ticket 13257 requires_config_enabled MBEDTLS_DEBUG_C 13258 requires_config_enabled MBEDTLS_SSL_CLI_C 13259 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13260 run_test "TLS 1.3: Client authentication, ecdsa_secp384r1_sha384 - gnutls" \ 13261 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \ 13262 "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/ecdsa_secp384r1.crt \ 13263 key_file=$DATA_FILES_PATH/ecdsa_secp384r1.key" \ 13264 0 \ 13265 -c "got a certificate request" \ 13266 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13267 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ 13268 -c "Protocol is TLSv1.3" 13269 13270 requires_openssl_tls1_3_with_compatible_ephemeral 13271 requires_config_enabled MBEDTLS_DEBUG_C 13272 requires_config_enabled MBEDTLS_SSL_CLI_C 13273 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13274 run_test "TLS 1.3: Client authentication, ecdsa_secp521r1_sha512 - openssl" \ 13275 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \ 13276 "$P_CLI debug_level=4 crt_file=$DATA_FILES_PATH/ecdsa_secp521r1.crt \ 13277 key_file=$DATA_FILES_PATH/ecdsa_secp521r1.key" \ 13278 0 \ 13279 -c "got a certificate request" \ 13280 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13281 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ 13282 -c "Protocol is TLSv1.3" 13283 13284 requires_gnutls_tls1_3 13285 requires_gnutls_next_no_ticket 13286 requires_config_enabled MBEDTLS_DEBUG_C 13287 requires_config_enabled MBEDTLS_SSL_CLI_C 13288 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13289 run_test "TLS 1.3: Client authentication, ecdsa_secp521r1_sha512 - gnutls" \ 13290 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \ 13291 "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/ecdsa_secp521r1.crt \ 13292 key_file=$DATA_FILES_PATH/ecdsa_secp521r1.key" \ 13293 0 \ 13294 -c "got a certificate request" \ 13295 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13296 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ 13297 -c "Protocol is TLSv1.3" 13298 13299 requires_openssl_tls1_3_with_compatible_ephemeral 13300 requires_config_enabled MBEDTLS_DEBUG_C 13301 requires_config_enabled MBEDTLS_SSL_CLI_C 13302 requires_config_enabled MBEDTLS_RSA_C 13303 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13304 run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha256 - openssl" \ 13305 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \ 13306 "$P_CLI debug_level=4 crt_file=$DATA_FILES_PATH/cert_sha256.crt \ 13307 key_file=$DATA_FILES_PATH/server1.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha256" \ 13308 0 \ 13309 -c "got a certificate request" \ 13310 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13311 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ 13312 -c "Protocol is TLSv1.3" 13313 13314 requires_gnutls_tls1_3 13315 requires_gnutls_next_no_ticket 13316 requires_config_enabled MBEDTLS_DEBUG_C 13317 requires_config_enabled MBEDTLS_SSL_CLI_C 13318 requires_config_enabled MBEDTLS_RSA_C 13319 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13320 run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha256 - gnutls" \ 13321 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \ 13322 "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/server2-sha256.crt \ 13323 key_file=$DATA_FILES_PATH/server2.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha256" \ 13324 0 \ 13325 -c "got a certificate request" \ 13326 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13327 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ 13328 -c "Protocol is TLSv1.3" 13329 13330 requires_openssl_tls1_3_with_compatible_ephemeral 13331 requires_config_enabled MBEDTLS_DEBUG_C 13332 requires_config_enabled MBEDTLS_SSL_CLI_C 13333 requires_config_enabled MBEDTLS_RSA_C 13334 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13335 run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha384 - openssl" \ 13336 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \ 13337 "$P_CLI debug_level=4 crt_file=$DATA_FILES_PATH/cert_sha256.crt \ 13338 key_file=$DATA_FILES_PATH/server1.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha384" \ 13339 0 \ 13340 -c "got a certificate request" \ 13341 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13342 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ 13343 -c "Protocol is TLSv1.3" 13344 13345 requires_gnutls_tls1_3 13346 requires_gnutls_next_no_ticket 13347 requires_config_enabled MBEDTLS_DEBUG_C 13348 requires_config_enabled MBEDTLS_SSL_CLI_C 13349 requires_config_enabled MBEDTLS_RSA_C 13350 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13351 run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha384 - gnutls" \ 13352 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \ 13353 "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/server2-sha256.crt \ 13354 key_file=$DATA_FILES_PATH/server2.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha384" \ 13355 0 \ 13356 -c "got a certificate request" \ 13357 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13358 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ 13359 -c "Protocol is TLSv1.3" 13360 13361 requires_openssl_tls1_3_with_compatible_ephemeral 13362 requires_config_enabled MBEDTLS_DEBUG_C 13363 requires_config_enabled MBEDTLS_SSL_CLI_C 13364 requires_config_enabled MBEDTLS_RSA_C 13365 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13366 run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha512 - openssl" \ 13367 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \ 13368 "$P_CLI debug_level=4 crt_file=$DATA_FILES_PATH/cert_sha256.crt \ 13369 key_file=$DATA_FILES_PATH/server1.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha512" \ 13370 0 \ 13371 -c "got a certificate request" \ 13372 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13373 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ 13374 -c "Protocol is TLSv1.3" 13375 13376 requires_gnutls_tls1_3 13377 requires_gnutls_next_no_ticket 13378 requires_config_enabled MBEDTLS_DEBUG_C 13379 requires_config_enabled MBEDTLS_SSL_CLI_C 13380 requires_config_enabled MBEDTLS_RSA_C 13381 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13382 run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha512 - gnutls" \ 13383 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \ 13384 "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/server2-sha256.crt \ 13385 key_file=$DATA_FILES_PATH/server2.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha512" \ 13386 0 \ 13387 -c "got a certificate request" \ 13388 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13389 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ 13390 -c "Protocol is TLSv1.3" 13391 13392 requires_openssl_tls1_3_with_compatible_ephemeral 13393 requires_config_enabled MBEDTLS_DEBUG_C 13394 requires_config_enabled MBEDTLS_SSL_CLI_C 13395 requires_config_enabled MBEDTLS_RSA_C 13396 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13397 run_test "TLS 1.3: Client authentication, client alg not in server list - openssl" \ 13398 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10 13399 -sigalgs ecdsa_secp256r1_sha256" \ 13400 "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/ecdsa_secp521r1.crt \ 13401 key_file=$DATA_FILES_PATH/ecdsa_secp521r1.key sig_algs=ecdsa_secp256r1_sha256,ecdsa_secp521r1_sha512" \ 13402 1 \ 13403 -c "got a certificate request" \ 13404 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13405 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ 13406 -c "no suitable signature algorithm" 13407 13408 requires_gnutls_tls1_3 13409 requires_gnutls_next_no_ticket 13410 requires_config_enabled MBEDTLS_DEBUG_C 13411 requires_config_enabled MBEDTLS_SSL_CLI_C 13412 requires_config_enabled MBEDTLS_RSA_C 13413 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13414 run_test "TLS 1.3: Client authentication, client alg not in server list - gnutls" \ 13415 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:-SIGN-ALL:+SIGN-ECDSA-SECP256R1-SHA256:%NO_TICKETS" \ 13416 "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/ecdsa_secp521r1.crt \ 13417 key_file=$DATA_FILES_PATH/ecdsa_secp521r1.key sig_algs=ecdsa_secp256r1_sha256,ecdsa_secp521r1_sha512" \ 13418 1 \ 13419 -c "got a certificate request" \ 13420 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13421 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ 13422 -c "no suitable signature algorithm" 13423 13424 # Test using an opaque private key for client authentication 13425 requires_openssl_tls1_3_with_compatible_ephemeral 13426 requires_config_enabled MBEDTLS_DEBUG_C 13427 requires_config_enabled MBEDTLS_SSL_CLI_C 13428 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 13429 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13430 run_test "TLS 1.3: Client authentication - opaque key, no server middlebox compat - openssl" \ 13431 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10 -no_middlebox" \ 13432 "$P_CLI debug_level=4 crt_file=$DATA_FILES_PATH/cli2.crt key_file=$DATA_FILES_PATH/cli2.key key_opaque=1" \ 13433 0 \ 13434 -c "got a certificate request" \ 13435 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13436 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ 13437 -c "Protocol is TLSv1.3" 13438 13439 requires_gnutls_tls1_3 13440 requires_gnutls_next_no_ticket 13441 requires_config_enabled MBEDTLS_DEBUG_C 13442 requires_config_enabled MBEDTLS_SSL_CLI_C 13443 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 13444 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13445 run_test "TLS 1.3: Client authentication - opaque key, no server middlebox compat - gnutls" \ 13446 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \ 13447 "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/cli2.crt \ 13448 key_file=$DATA_FILES_PATH/cli2.key key_opaque=1" \ 13449 0 \ 13450 -c "got a certificate request" \ 13451 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13452 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ 13453 -c "Protocol is TLSv1.3" 13454 13455 requires_openssl_tls1_3_with_compatible_ephemeral 13456 requires_config_enabled MBEDTLS_DEBUG_C 13457 requires_config_enabled MBEDTLS_SSL_CLI_C 13458 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 13459 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13460 run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp256r1_sha256 - openssl" \ 13461 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \ 13462 "$P_CLI debug_level=4 crt_file=$DATA_FILES_PATH/ecdsa_secp256r1.crt \ 13463 key_file=$DATA_FILES_PATH/ecdsa_secp256r1.key key_opaque=1" \ 13464 0 \ 13465 -c "got a certificate request" \ 13466 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13467 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ 13468 -c "Protocol is TLSv1.3" 13469 13470 requires_gnutls_tls1_3 13471 requires_gnutls_next_no_ticket 13472 requires_config_enabled MBEDTLS_DEBUG_C 13473 requires_config_enabled MBEDTLS_SSL_CLI_C 13474 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 13475 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13476 run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp256r1_sha256 - gnutls" \ 13477 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \ 13478 "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/ecdsa_secp256r1.crt \ 13479 key_file=$DATA_FILES_PATH/ecdsa_secp256r1.key key_opaque=1" \ 13480 0 \ 13481 -c "got a certificate request" \ 13482 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13483 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ 13484 -c "Protocol is TLSv1.3" 13485 13486 requires_openssl_tls1_3_with_compatible_ephemeral 13487 requires_config_enabled MBEDTLS_DEBUG_C 13488 requires_config_enabled MBEDTLS_SSL_CLI_C 13489 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 13490 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13491 run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp384r1_sha384 - openssl" \ 13492 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \ 13493 "$P_CLI debug_level=4 crt_file=$DATA_FILES_PATH/ecdsa_secp384r1.crt \ 13494 key_file=$DATA_FILES_PATH/ecdsa_secp384r1.key key_opaque=1" \ 13495 0 \ 13496 -c "got a certificate request" \ 13497 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13498 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ 13499 -c "Protocol is TLSv1.3" 13500 13501 requires_gnutls_tls1_3 13502 requires_gnutls_next_no_ticket 13503 requires_config_enabled MBEDTLS_DEBUG_C 13504 requires_config_enabled MBEDTLS_SSL_CLI_C 13505 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 13506 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13507 run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp384r1_sha384 - gnutls" \ 13508 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \ 13509 "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/ecdsa_secp384r1.crt \ 13510 key_file=$DATA_FILES_PATH/ecdsa_secp384r1.key key_opaque=1" \ 13511 0 \ 13512 -c "got a certificate request" \ 13513 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13514 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ 13515 -c "Protocol is TLSv1.3" 13516 13517 requires_openssl_tls1_3_with_compatible_ephemeral 13518 requires_config_enabled MBEDTLS_DEBUG_C 13519 requires_config_enabled MBEDTLS_SSL_CLI_C 13520 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 13521 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13522 run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp521r1_sha512 - openssl" \ 13523 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \ 13524 "$P_CLI debug_level=4 crt_file=$DATA_FILES_PATH/ecdsa_secp521r1.crt \ 13525 key_file=$DATA_FILES_PATH/ecdsa_secp521r1.key key_opaque=1" \ 13526 0 \ 13527 -c "got a certificate request" \ 13528 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13529 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ 13530 -c "Protocol is TLSv1.3" 13531 13532 requires_gnutls_tls1_3 13533 requires_gnutls_next_no_ticket 13534 requires_config_enabled MBEDTLS_DEBUG_C 13535 requires_config_enabled MBEDTLS_SSL_CLI_C 13536 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 13537 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13538 run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp521r1_sha512 - gnutls" \ 13539 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \ 13540 "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/ecdsa_secp521r1.crt \ 13541 key_file=$DATA_FILES_PATH/ecdsa_secp521r1.key key_opaque=1" \ 13542 0 \ 13543 -c "got a certificate request" \ 13544 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13545 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ 13546 -c "Protocol is TLSv1.3" 13547 13548 requires_openssl_tls1_3_with_compatible_ephemeral 13549 requires_config_enabled MBEDTLS_DEBUG_C 13550 requires_config_enabled MBEDTLS_SSL_CLI_C 13551 requires_config_enabled MBEDTLS_RSA_C 13552 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 13553 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13554 run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha256 - openssl" \ 13555 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \ 13556 "$P_CLI debug_level=4 crt_file=$DATA_FILES_PATH/cert_sha256.crt \ 13557 key_file=$DATA_FILES_PATH/server1.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha256 key_opaque=1" \ 13558 0 \ 13559 -c "got a certificate request" \ 13560 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13561 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ 13562 -c "Protocol is TLSv1.3" 13563 13564 requires_gnutls_tls1_3 13565 requires_gnutls_next_no_ticket 13566 requires_config_enabled MBEDTLS_DEBUG_C 13567 requires_config_enabled MBEDTLS_SSL_CLI_C 13568 requires_config_enabled MBEDTLS_RSA_C 13569 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 13570 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13571 run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha256 - gnutls" \ 13572 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \ 13573 "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/server2-sha256.crt \ 13574 key_file=$DATA_FILES_PATH/server2.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha256 key_opaque=1" \ 13575 0 \ 13576 -c "got a certificate request" \ 13577 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13578 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ 13579 -c "Protocol is TLSv1.3" 13580 13581 requires_openssl_tls1_3_with_compatible_ephemeral 13582 requires_config_enabled MBEDTLS_DEBUG_C 13583 requires_config_enabled MBEDTLS_SSL_CLI_C 13584 requires_config_enabled MBEDTLS_RSA_C 13585 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 13586 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13587 run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha384 - openssl" \ 13588 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \ 13589 "$P_CLI debug_level=4 crt_file=$DATA_FILES_PATH/cert_sha256.crt \ 13590 key_file=$DATA_FILES_PATH/server1.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha384 key_opaque=1" \ 13591 0 \ 13592 -c "got a certificate request" \ 13593 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13594 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ 13595 -c "Protocol is TLSv1.3" 13596 13597 requires_gnutls_tls1_3 13598 requires_gnutls_next_no_ticket 13599 requires_config_enabled MBEDTLS_DEBUG_C 13600 requires_config_enabled MBEDTLS_SSL_CLI_C 13601 requires_config_enabled MBEDTLS_RSA_C 13602 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 13603 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13604 run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha384 - gnutls" \ 13605 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \ 13606 "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/server2-sha256.crt \ 13607 key_file=$DATA_FILES_PATH/server2.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha384 key_opaque=1" \ 13608 0 \ 13609 -c "got a certificate request" \ 13610 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13611 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ 13612 -c "Protocol is TLSv1.3" 13613 13614 requires_openssl_tls1_3_with_compatible_ephemeral 13615 requires_config_enabled MBEDTLS_DEBUG_C 13616 requires_config_enabled MBEDTLS_SSL_CLI_C 13617 requires_config_enabled MBEDTLS_RSA_C 13618 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 13619 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13620 run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha512 - openssl" \ 13621 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \ 13622 "$P_CLI debug_level=4 crt_file=$DATA_FILES_PATH/cert_sha256.crt \ 13623 key_file=$DATA_FILES_PATH/server1.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha512 key_opaque=1" \ 13624 0 \ 13625 -c "got a certificate request" \ 13626 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13627 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ 13628 -c "Protocol is TLSv1.3" 13629 13630 requires_gnutls_tls1_3 13631 requires_gnutls_next_no_ticket 13632 requires_config_enabled MBEDTLS_DEBUG_C 13633 requires_config_enabled MBEDTLS_SSL_CLI_C 13634 requires_config_enabled MBEDTLS_RSA_C 13635 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 13636 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13637 run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha512 - gnutls" \ 13638 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \ 13639 "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/server2-sha256.crt \ 13640 key_file=$DATA_FILES_PATH/server2.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha512 key_opaque=1" \ 13641 0 \ 13642 -c "got a certificate request" \ 13643 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13644 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ 13645 -c "Protocol is TLSv1.3" 13646 13647 requires_openssl_tls1_3_with_compatible_ephemeral 13648 requires_config_enabled MBEDTLS_DEBUG_C 13649 requires_config_enabled MBEDTLS_SSL_CLI_C 13650 requires_config_enabled MBEDTLS_RSA_C 13651 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 13652 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13653 run_test "TLS 1.3: Client authentication - opaque key, client alg not in server list - openssl" \ 13654 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10 13655 -sigalgs ecdsa_secp256r1_sha256" \ 13656 "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/ecdsa_secp521r1.crt \ 13657 key_file=$DATA_FILES_PATH/ecdsa_secp521r1.key sig_algs=ecdsa_secp256r1_sha256,ecdsa_secp521r1_sha512 key_opaque=1" \ 13658 1 \ 13659 -c "got a certificate request" \ 13660 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13661 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ 13662 -c "no suitable signature algorithm" 13663 13664 requires_gnutls_tls1_3 13665 requires_gnutls_next_no_ticket 13666 requires_config_enabled MBEDTLS_DEBUG_C 13667 requires_config_enabled MBEDTLS_SSL_CLI_C 13668 requires_config_enabled MBEDTLS_RSA_C 13669 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO 13670 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13671 run_test "TLS 1.3: Client authentication - opaque key, client alg not in server list - gnutls" \ 13672 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:-SIGN-ALL:+SIGN-ECDSA-SECP256R1-SHA256:%NO_TICKETS" \ 13673 "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/ecdsa_secp521r1.crt \ 13674 key_file=$DATA_FILES_PATH/ecdsa_secp521r1.key sig_algs=ecdsa_secp256r1_sha256,ecdsa_secp521r1_sha512 key_opaque=1" \ 13675 1 \ 13676 -c "got a certificate request" \ 13677 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \ 13678 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \ 13679 -c "no suitable signature algorithm" 13680 13681 requires_openssl_tls1_3_with_compatible_ephemeral 13682 requires_config_enabled MBEDTLS_DEBUG_C 13683 requires_config_enabled MBEDTLS_SSL_CLI_C 13684 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13685 run_test "TLS 1.3: HRR check, ciphersuite TLS_AES_128_GCM_SHA256 - openssl" \ 13686 "$O_NEXT_SRV -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ 13687 "$P_CLI debug_level=4" \ 13688 0 \ 13689 -c "received HelloRetryRequest message" \ 13690 -c "<= ssl_tls13_process_server_hello ( HelloRetryRequest )" \ 13691 -c "client state: MBEDTLS_SSL_CLIENT_HELLO" \ 13692 -c "Protocol is TLSv1.3" \ 13693 -c "HTTP/1.0 200 ok" 13694 13695 requires_openssl_tls1_3_with_compatible_ephemeral 13696 requires_config_enabled MBEDTLS_DEBUG_C 13697 requires_config_enabled MBEDTLS_SSL_CLI_C 13698 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13699 run_test "TLS 1.3: HRR check, ciphersuite TLS_AES_256_GCM_SHA384 - openssl" \ 13700 "$O_NEXT_SRV -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ 13701 "$P_CLI debug_level=4" \ 13702 0 \ 13703 -c "received HelloRetryRequest message" \ 13704 -c "<= ssl_tls13_process_server_hello ( HelloRetryRequest )" \ 13705 -c "client state: MBEDTLS_SSL_CLIENT_HELLO" \ 13706 -c "Protocol is TLSv1.3" \ 13707 -c "HTTP/1.0 200 ok" 13708 13709 requires_gnutls_tls1_3 13710 requires_gnutls_next_no_ticket 13711 requires_config_enabled MBEDTLS_DEBUG_C 13712 requires_config_enabled MBEDTLS_SSL_CLI_C 13713 requires_config_enabled PSA_WANT_ALG_ECDH 13714 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13715 run_test "TLS 1.3: HRR check, ciphersuite TLS_AES_128_GCM_SHA256 - gnutls" \ 13716 "$G_NEXT_SRV -d 4 --priority=NONE:+GROUP-SECP256R1:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS --disable-client-cert" \ 13717 "$P_CLI debug_level=4" \ 13718 0 \ 13719 -c "received HelloRetryRequest message" \ 13720 -c "<= ssl_tls13_process_server_hello ( HelloRetryRequest )" \ 13721 -c "client state: MBEDTLS_SSL_CLIENT_HELLO" \ 13722 -c "Protocol is TLSv1.3" \ 13723 -c "HTTP/1.0 200 OK" 13724 13725 requires_gnutls_tls1_3 13726 requires_gnutls_next_no_ticket 13727 requires_config_enabled MBEDTLS_DEBUG_C 13728 requires_config_enabled MBEDTLS_SSL_CLI_C 13729 requires_config_enabled PSA_WANT_ALG_ECDH 13730 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13731 run_test "TLS 1.3: HRR check, ciphersuite TLS_AES_256_GCM_SHA384 - gnutls" \ 13732 "$G_NEXT_SRV -d 4 --priority=NONE:+GROUP-SECP256R1:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS --disable-client-cert" \ 13733 "$P_CLI debug_level=4" \ 13734 0 \ 13735 -c "received HelloRetryRequest message" \ 13736 -c "<= ssl_tls13_process_server_hello ( HelloRetryRequest )" \ 13737 -c "client state: MBEDTLS_SSL_CLIENT_HELLO" \ 13738 -c "Protocol is TLSv1.3" \ 13739 -c "HTTP/1.0 200 OK" 13740 13741 requires_openssl_tls1_3_with_compatible_ephemeral 13742 requires_config_enabled MBEDTLS_DEBUG_C 13743 requires_config_enabled MBEDTLS_SSL_SRV_C 13744 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13745 run_test "TLS 1.3: Server side check - openssl" \ 13746 "$P_SRV debug_level=4 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key tickets=0" \ 13747 "$O_NEXT_CLI -msg -debug -tls1_3 -no_middlebox" \ 13748 0 \ 13749 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \ 13750 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \ 13751 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \ 13752 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \ 13753 -s "tls13 server state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \ 13754 -s "tls13 server state: MBEDTLS_SSL_SERVER_FINISHED" \ 13755 -s "tls13 server state: MBEDTLS_SSL_CLIENT_FINISHED" \ 13756 -s "tls13 server state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" 13757 13758 requires_openssl_tls1_3_with_compatible_ephemeral 13759 requires_config_enabled MBEDTLS_DEBUG_C 13760 requires_config_enabled MBEDTLS_SSL_SRV_C 13761 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13762 run_test "TLS 1.3: Server side check - openssl with client authentication" \ 13763 "$P_SRV debug_level=4 auth_mode=required crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key tickets=0" \ 13764 "$O_NEXT_CLI -msg -debug -cert $DATA_FILES_PATH/server5.crt -key $DATA_FILES_PATH/server5.key -tls1_3 -no_middlebox" \ 13765 0 \ 13766 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \ 13767 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \ 13768 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \ 13769 -s "tls13 server state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \ 13770 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \ 13771 -s "tls13 server state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \ 13772 -s "tls13 server state: MBEDTLS_SSL_SERVER_FINISHED" \ 13773 -s "=> write certificate request" \ 13774 -s "=> parse client hello" \ 13775 -s "<= parse client hello" 13776 13777 requires_gnutls_tls1_3 13778 requires_gnutls_next_no_ticket 13779 requires_config_enabled MBEDTLS_DEBUG_C 13780 requires_config_enabled MBEDTLS_SSL_SRV_C 13781 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13782 run_test "TLS 1.3: Server side check - gnutls" \ 13783 "$P_SRV debug_level=4 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key tickets=0" \ 13784 "$G_NEXT_CLI localhost -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \ 13785 0 \ 13786 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \ 13787 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \ 13788 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \ 13789 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \ 13790 -s "tls13 server state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \ 13791 -s "tls13 server state: MBEDTLS_SSL_SERVER_FINISHED" \ 13792 -s "tls13 server state: MBEDTLS_SSL_CLIENT_FINISHED" \ 13793 -s "tls13 server state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \ 13794 -c "HTTP/1.0 200 OK" 13795 13796 requires_gnutls_tls1_3 13797 requires_gnutls_next_no_ticket 13798 requires_config_enabled MBEDTLS_DEBUG_C 13799 requires_config_enabled MBEDTLS_SSL_SRV_C 13800 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13801 run_test "TLS 1.3: Server side check - gnutls with client authentication" \ 13802 "$P_SRV debug_level=4 auth_mode=required crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key tickets=0" \ 13803 "$G_NEXT_CLI localhost -d 4 --x509certfile $DATA_FILES_PATH/server5.crt --x509keyfile $DATA_FILES_PATH/server5.key --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \ 13804 0 \ 13805 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \ 13806 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \ 13807 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \ 13808 -s "tls13 server state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \ 13809 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \ 13810 -s "tls13 server state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \ 13811 -s "tls13 server state: MBEDTLS_SSL_SERVER_FINISHED" \ 13812 -s "=> write certificate request" \ 13813 -s "=> parse client hello" \ 13814 -s "<= parse client hello" 13815 13816 requires_config_enabled MBEDTLS_DEBUG_C 13817 requires_config_enabled MBEDTLS_SSL_SRV_C 13818 requires_config_enabled MBEDTLS_SSL_CLI_C 13819 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13820 run_test "TLS 1.3: Server side check - mbedtls" \ 13821 "$P_SRV debug_level=4 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key tickets=0" \ 13822 "$P_CLI debug_level=4" \ 13823 0 \ 13824 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \ 13825 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \ 13826 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \ 13827 -s "tls13 server state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \ 13828 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \ 13829 -s "tls13 server state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \ 13830 -s "tls13 server state: MBEDTLS_SSL_SERVER_FINISHED" \ 13831 -s "tls13 server state: MBEDTLS_SSL_CLIENT_FINISHED" \ 13832 -s "tls13 server state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \ 13833 -c "HTTP/1.0 200 OK" 13834 13835 requires_config_enabled MBEDTLS_DEBUG_C 13836 requires_config_enabled MBEDTLS_SSL_SRV_C 13837 requires_config_enabled MBEDTLS_SSL_CLI_C 13838 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13839 run_test "TLS 1.3: Server side check - mbedtls with client authentication" \ 13840 "$P_SRV debug_level=4 auth_mode=required crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key tickets=0" \ 13841 "$P_CLI debug_level=4 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key" \ 13842 0 \ 13843 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \ 13844 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \ 13845 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \ 13846 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \ 13847 -s "=> write certificate request" \ 13848 -c "client state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \ 13849 -s "=> parse client hello" \ 13850 -s "<= parse client hello" 13851 13852 requires_config_enabled MBEDTLS_DEBUG_C 13853 requires_config_enabled MBEDTLS_SSL_SRV_C 13854 requires_config_enabled MBEDTLS_SSL_CLI_C 13855 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13856 run_test "TLS 1.3: Server side check - mbedtls with client empty certificate" \ 13857 "$P_SRV debug_level=4 auth_mode=required crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key tickets=0" \ 13858 "$P_CLI debug_level=4 crt_file=none key_file=none" \ 13859 1 \ 13860 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \ 13861 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \ 13862 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \ 13863 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \ 13864 -s "=> write certificate request" \ 13865 -s "SSL - No client certification received from the client, but required by the authentication mode" \ 13866 -c "client state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \ 13867 -s "=> parse client hello" \ 13868 -s "<= parse client hello" 13869 13870 requires_config_enabled MBEDTLS_DEBUG_C 13871 requires_config_enabled MBEDTLS_SSL_SRV_C 13872 requires_config_enabled MBEDTLS_SSL_CLI_C 13873 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13874 run_test "TLS 1.3: Server side check - mbedtls with optional client authentication" \ 13875 "$P_SRV debug_level=4 auth_mode=optional crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key tickets=0" \ 13876 "$P_CLI debug_level=4 crt_file=none key_file=none" \ 13877 0 \ 13878 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \ 13879 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \ 13880 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \ 13881 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \ 13882 -s "=> write certificate request" \ 13883 -c "client state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \ 13884 -s "=> parse client hello" \ 13885 -s "<= parse client hello" 13886 13887 requires_config_enabled MBEDTLS_DEBUG_C 13888 requires_config_enabled MBEDTLS_SSL_CLI_C 13889 requires_config_enabled MBEDTLS_SSL_SRV_C 13890 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13891 requires_config_enabled PSA_WANT_ALG_ECDH 13892 run_test "TLS 1.3: server: HRR check - mbedtls" \ 13893 "$P_SRV debug_level=4 groups=secp384r1" \ 13894 "$P_CLI debug_level=4 groups=secp256r1,secp384r1" \ 13895 0 \ 13896 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \ 13897 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \ 13898 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \ 13899 -s "tls13 server state: MBEDTLS_SSL_HELLO_RETRY_REQUEST" \ 13900 -c "client state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \ 13901 -s "selected_group: secp384r1" \ 13902 -s "=> write hello retry request" \ 13903 -s "<= write hello retry request" 13904 13905 requires_config_enabled MBEDTLS_DEBUG_C 13906 requires_config_enabled MBEDTLS_SSL_SRV_C 13907 requires_config_enabled MBEDTLS_SSL_CLI_C 13908 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13909 run_test "TLS 1.3: Server side check, no server certificate available" \ 13910 "$P_SRV debug_level=4 crt_file=none key_file=none" \ 13911 "$P_CLI debug_level=4" \ 13912 1 \ 13913 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \ 13914 -s "No certificate available." 13915 13916 requires_openssl_tls1_3_with_compatible_ephemeral 13917 requires_config_enabled MBEDTLS_DEBUG_C 13918 requires_config_enabled MBEDTLS_SSL_SRV_C 13919 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13920 run_test "TLS 1.3: Server side check - openssl with sni" \ 13921 "$P_SRV debug_level=4 auth_mode=required crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key tickets=0 \ 13922 sni=localhost,$DATA_FILES_PATH/server5.crt,$DATA_FILES_PATH/server5.key,$DATA_FILES_PATH/test-ca_cat12.crt,-,-,polarssl.example,$DATA_FILES_PATH/server1-nospace.crt,$DATA_FILES_PATH/server1.key,-,-,-" \ 13923 "$O_NEXT_CLI -msg -debug -servername localhost -CAfile $DATA_FILES_PATH/test-ca_cat12.crt -cert $DATA_FILES_PATH/server5.crt -key $DATA_FILES_PATH/server5.key -tls1_3" \ 13924 0 \ 13925 -s "parse ServerName extension" \ 13926 -s "HTTP/1.0 200 OK" 13927 13928 requires_gnutls_tls1_3 13929 requires_config_enabled MBEDTLS_DEBUG_C 13930 requires_config_enabled MBEDTLS_SSL_SRV_C 13931 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13932 run_test "TLS 1.3: Server side check - gnutls with sni" \ 13933 "$P_SRV debug_level=4 auth_mode=required crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key tickets=0 \ 13934 sni=localhost,$DATA_FILES_PATH/server5.crt,$DATA_FILES_PATH/server5.key,$DATA_FILES_PATH/test-ca_cat12.crt,-,-,polarssl.example,$DATA_FILES_PATH/server1-nospace.crt,$DATA_FILES_PATH/server1.key,-,-,-" \ 13935 "$G_NEXT_CLI localhost -d 4 --sni-hostname=localhost --x509certfile $DATA_FILES_PATH/server5.crt --x509keyfile $DATA_FILES_PATH/server5.key --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS -V" \ 13936 0 \ 13937 -s "parse ServerName extension" \ 13938 -s "HTTP/1.0 200 OK" 13939 13940 requires_config_enabled MBEDTLS_DEBUG_C 13941 requires_config_enabled MBEDTLS_SSL_SRV_C 13942 requires_config_enabled MBEDTLS_SSL_CLI_C 13943 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13944 run_test "TLS 1.3: Server side check - mbedtls with sni" \ 13945 "$P_SRV debug_level=4 auth_mode=required crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key tickets=0 \ 13946 sni=localhost,$DATA_FILES_PATH/server2.crt,$DATA_FILES_PATH/server2.key,-,-,-,polarssl.example,$DATA_FILES_PATH/server1-nospace.crt,$DATA_FILES_PATH/server1.key,-,-,-" \ 13947 "$P_CLI debug_level=4 server_name=localhost crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key" \ 13948 0 \ 13949 -s "parse ServerName extension" \ 13950 -s "HTTP/1.0 200 OK" 13951 13952 for i in opt-testcases/*.sh 13953 do 13954 TEST_SUITE_NAME=${i##*/} 13955 TEST_SUITE_NAME=${TEST_SUITE_NAME%.*} 13956 . "$i" 13957 done 13958 unset TEST_SUITE_NAME 13959 13960 # Test 1.3 compatibility mode 13961 requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 13962 requires_config_enabled MBEDTLS_DEBUG_C 13963 requires_config_enabled MBEDTLS_SSL_SRV_C 13964 requires_config_enabled MBEDTLS_SSL_CLI_C 13965 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13966 run_test "TLS 1.3 m->m both peers do not support middlebox compatibility" \ 13967 "$P_SRV debug_level=4 tickets=0" \ 13968 "$P_CLI debug_level=4" \ 13969 0 \ 13970 -s "Protocol is TLSv1.3" \ 13971 -c "Protocol is TLSv1.3" \ 13972 -S "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO" \ 13973 -C "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode" 13974 13975 requires_config_enabled MBEDTLS_DEBUG_C 13976 requires_config_enabled MBEDTLS_SSL_SRV_C 13977 requires_config_enabled MBEDTLS_SSL_CLI_C 13978 requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 13979 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13980 run_test "TLS 1.3 m->m both with middlebox compat support" \ 13981 "$P_SRV debug_level=4 tickets=0" \ 13982 "$P_CLI debug_level=4" \ 13983 0 \ 13984 -s "Protocol is TLSv1.3" \ 13985 -c "Protocol is TLSv1.3" \ 13986 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO" \ 13987 -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode" 13988 13989 requires_openssl_tls1_3_with_compatible_ephemeral 13990 requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 13991 requires_config_enabled MBEDTLS_DEBUG_C 13992 requires_config_enabled MBEDTLS_SSL_CLI_C 13993 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 13994 run_test "TLS 1.3 m->O both peers do not support middlebox compatibility" \ 13995 "$O_NEXT_SRV -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \ 13996 "$P_CLI debug_level=4" \ 13997 0 \ 13998 -c "Protocol is TLSv1.3" \ 13999 -C "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode" \ 14000 -C "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode" 14001 14002 requires_openssl_tls1_3_with_compatible_ephemeral 14003 requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 14004 requires_config_enabled MBEDTLS_DEBUG_C 14005 requires_config_enabled MBEDTLS_SSL_CLI_C 14006 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14007 run_test "TLS 1.3 m->O server with middlebox compat support, not client" \ 14008 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ 14009 "$P_CLI debug_level=4" \ 14010 0 \ 14011 -c "Protocol is TLSv1.3" \ 14012 -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode" 14013 14014 requires_openssl_tls1_3_with_compatible_ephemeral 14015 requires_config_enabled MBEDTLS_DEBUG_C 14016 requires_config_enabled MBEDTLS_SSL_CLI_C 14017 requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 14018 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14019 run_test "TLS 1.3 m->O both with middlebox compat support" \ 14020 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \ 14021 "$P_CLI debug_level=4" \ 14022 0 \ 14023 -c "Protocol is TLSv1.3" \ 14024 -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode" 14025 14026 requires_gnutls_tls1_3 14027 requires_gnutls_next_no_ticket 14028 requires_gnutls_next_disable_tls13_compat 14029 requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 14030 requires_config_enabled MBEDTLS_DEBUG_C 14031 requires_config_enabled MBEDTLS_SSL_CLI_C 14032 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14033 run_test "TLS 1.3 m->G both peers do not support middlebox compatibility" \ 14034 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE --disable-client-cert" \ 14035 "$P_CLI debug_level=4" \ 14036 0 \ 14037 -c "Protocol is TLSv1.3" \ 14038 -C "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode" \ 14039 -C "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode" 14040 14041 requires_gnutls_tls1_3 14042 requires_gnutls_next_no_ticket 14043 requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 14044 requires_config_enabled MBEDTLS_DEBUG_C 14045 requires_config_enabled MBEDTLS_SSL_CLI_C 14046 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14047 run_test "TLS 1.3 m->G server with middlebox compat support, not client" \ 14048 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS --disable-client-cert" \ 14049 "$P_CLI debug_level=4" \ 14050 0 \ 14051 -c "Protocol is TLSv1.3" \ 14052 -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode" 14053 14054 requires_gnutls_tls1_3 14055 requires_gnutls_next_no_ticket 14056 requires_config_enabled MBEDTLS_DEBUG_C 14057 requires_config_enabled MBEDTLS_SSL_CLI_C 14058 requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 14059 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14060 run_test "TLS 1.3 m->G both with middlebox compat support" \ 14061 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS --disable-client-cert" \ 14062 "$P_CLI debug_level=4" \ 14063 0 \ 14064 -c "Protocol is TLSv1.3" \ 14065 -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode" 14066 14067 requires_openssl_tls1_3_with_compatible_ephemeral 14068 requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 14069 requires_config_enabled MBEDTLS_DEBUG_C 14070 requires_config_enabled MBEDTLS_SSL_SRV_C 14071 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14072 run_test "TLS 1.3 O->m both peers do not support middlebox compatibility" \ 14073 "$P_SRV debug_level=4 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key tickets=0" \ 14074 "$O_NEXT_CLI -msg -debug -no_middlebox" \ 14075 0 \ 14076 -s "Protocol is TLSv1.3" \ 14077 -S "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO" \ 14078 -C "14 03 03 00 01" 14079 14080 requires_openssl_tls1_3_with_compatible_ephemeral 14081 requires_config_enabled MBEDTLS_DEBUG_C 14082 requires_config_enabled MBEDTLS_SSL_SRV_C 14083 requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 14084 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14085 run_test "TLS 1.3 O->m server with middlebox compat support, not client" \ 14086 "$P_SRV debug_level=4 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key tickets=0" \ 14087 "$O_NEXT_CLI -msg -debug -no_middlebox" \ 14088 0 \ 14089 -s "Protocol is TLSv1.3" \ 14090 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO" 14091 14092 requires_openssl_tls1_3_with_compatible_ephemeral 14093 requires_config_enabled MBEDTLS_DEBUG_C 14094 requires_config_enabled MBEDTLS_SSL_SRV_C 14095 requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 14096 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14097 run_test "TLS 1.3 O->m both with middlebox compat support" \ 14098 "$P_SRV debug_level=4 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key tickets=0" \ 14099 "$O_NEXT_CLI -msg -debug" \ 14100 0 \ 14101 -s "Protocol is TLSv1.3" \ 14102 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO" \ 14103 -c "14 03 03 00 01" 14104 14105 requires_gnutls_tls1_3 14106 requires_gnutls_next_no_ticket 14107 requires_gnutls_next_disable_tls13_compat 14108 requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 14109 requires_config_enabled MBEDTLS_DEBUG_C 14110 requires_config_enabled MBEDTLS_SSL_SRV_C 14111 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14112 run_test "TLS 1.3 G->m both peers do not support middlebox compatibility" \ 14113 "$P_SRV debug_level=4 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key tickets=0" \ 14114 "$G_NEXT_CLI localhost --priority=NORMAL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \ 14115 0 \ 14116 -s "Protocol is TLSv1.3" \ 14117 -S "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO" \ 14118 -C "SSL 3.3 ChangeCipherSpec packet received" 14119 14120 requires_gnutls_tls1_3 14121 requires_gnutls_next_no_ticket 14122 requires_gnutls_next_disable_tls13_compat 14123 requires_config_enabled MBEDTLS_DEBUG_C 14124 requires_config_enabled MBEDTLS_SSL_SRV_C 14125 requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 14126 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14127 run_test "TLS 1.3 G->m server with middlebox compat support, not client" \ 14128 "$P_SRV debug_level=4 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key tickets=0" \ 14129 "$G_NEXT_CLI localhost --debug=10 --priority=NORMAL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \ 14130 0 \ 14131 -s "Protocol is TLSv1.3" \ 14132 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO" \ 14133 -c "SSL 3.3 ChangeCipherSpec packet received" \ 14134 -c "discarding change cipher spec in TLS1.3" 14135 14136 requires_gnutls_tls1_3 14137 requires_gnutls_next_no_ticket 14138 requires_gnutls_next_disable_tls13_compat 14139 requires_config_enabled MBEDTLS_DEBUG_C 14140 requires_config_enabled MBEDTLS_SSL_SRV_C 14141 requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 14142 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14143 run_test "TLS 1.3 G->m both with middlebox compat support" \ 14144 "$P_SRV debug_level=4 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key tickets=0" \ 14145 "$G_NEXT_CLI localhost --debug=10 --priority=NORMAL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \ 14146 0 \ 14147 -s "Protocol is TLSv1.3" \ 14148 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO" \ 14149 -c "SSL 3.3 ChangeCipherSpec packet received" 14150 14151 requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 14152 requires_config_enabled MBEDTLS_DEBUG_C 14153 requires_config_enabled MBEDTLS_SSL_SRV_C 14154 requires_config_enabled MBEDTLS_SSL_CLI_C 14155 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14156 run_test "TLS 1.3 m->m HRR both peers do not support middlebox compatibility" \ 14157 "$P_SRV debug_level=4 groups=secp384r1 tickets=0" \ 14158 "$P_CLI debug_level=4 groups=secp256r1,secp384r1" \ 14159 0 \ 14160 -s "Protocol is TLSv1.3" \ 14161 -c "Protocol is TLSv1.3" \ 14162 -s "tls13 server state: MBEDTLS_SSL_HELLO_RETRY_REQUEST" \ 14163 -S "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \ 14164 -C "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode" 14165 14166 requires_config_enabled MBEDTLS_DEBUG_C 14167 requires_config_enabled MBEDTLS_SSL_SRV_C 14168 requires_config_enabled MBEDTLS_SSL_CLI_C 14169 requires_config_enabled PSA_WANT_ALG_ECDH 14170 requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 14171 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14172 run_test "TLS 1.3 m->m HRR both with middlebox compat support" \ 14173 "$P_SRV debug_level=4 groups=secp384r1 tickets=0" \ 14174 "$P_CLI debug_level=4 groups=secp256r1,secp384r1" \ 14175 0 \ 14176 -s "Protocol is TLSv1.3" \ 14177 -c "Protocol is TLSv1.3" \ 14178 -s "tls13 server state: MBEDTLS_SSL_HELLO_RETRY_REQUEST" \ 14179 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \ 14180 -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode" 14181 14182 requires_openssl_tls1_3_with_compatible_ephemeral 14183 requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 14184 requires_config_enabled MBEDTLS_DEBUG_C 14185 requires_config_enabled MBEDTLS_SSL_CLI_C 14186 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14187 run_test "TLS 1.3 m->O HRR both peers do not support middlebox compatibility" \ 14188 "$O_NEXT_SRV -msg -tls1_3 -groups P-384 -no_middlebox -num_tickets 0 -no_cache" \ 14189 "$P_CLI debug_level=4 groups=secp256r1,secp384r1" \ 14190 0 \ 14191 -c "Protocol is TLSv1.3" \ 14192 -c "received HelloRetryRequest message" \ 14193 -C "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode" \ 14194 -C "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode" 14195 14196 requires_openssl_tls1_3_with_compatible_ephemeral 14197 requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 14198 requires_config_enabled MBEDTLS_DEBUG_C 14199 requires_config_enabled MBEDTLS_SSL_CLI_C 14200 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14201 run_test "TLS 1.3 m->O HRR server with middlebox compat support, not client" \ 14202 "$O_NEXT_SRV -msg -tls1_3 -groups P-384 -num_tickets 0 -no_cache" \ 14203 "$P_CLI debug_level=4 groups=secp256r1,secp384r1" \ 14204 0 \ 14205 -c "received HelloRetryRequest message" \ 14206 -c "Protocol is TLSv1.3" \ 14207 -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode" 14208 14209 requires_openssl_tls1_3_with_compatible_ephemeral 14210 requires_config_enabled MBEDTLS_DEBUG_C 14211 requires_config_enabled MBEDTLS_SSL_CLI_C 14212 requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 14213 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14214 run_test "TLS 1.3 m->O HRR both with middlebox compat support" \ 14215 "$O_NEXT_SRV -msg -tls1_3 -groups P-384 -num_tickets 0 -no_resume_ephemeral -no_cache" \ 14216 "$P_CLI debug_level=4 groups=secp256r1,secp384r1" \ 14217 0 \ 14218 -c "Protocol is TLSv1.3" \ 14219 -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode" 14220 14221 requires_gnutls_tls1_3 14222 requires_gnutls_next_no_ticket 14223 requires_gnutls_next_disable_tls13_compat 14224 requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 14225 requires_config_enabled MBEDTLS_DEBUG_C 14226 requires_config_enabled MBEDTLS_SSL_CLI_C 14227 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14228 run_test "TLS 1.3 m->G HRR both peers do not support middlebox compatibility" \ 14229 "$G_NEXT_SRV --priority=NORMAL:-GROUP-ALL:+GROUP-SECP384R1:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE --disable-client-cert" \ 14230 "$P_CLI debug_level=4 groups=secp256r1,secp384r1" \ 14231 0 \ 14232 -c "Protocol is TLSv1.3" \ 14233 -c "received HelloRetryRequest message" \ 14234 -C "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode" \ 14235 -C "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode" 14236 14237 requires_gnutls_tls1_3 14238 requires_gnutls_next_no_ticket 14239 requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 14240 requires_config_enabled MBEDTLS_DEBUG_C 14241 requires_config_enabled MBEDTLS_SSL_CLI_C 14242 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14243 run_test "TLS 1.3 m->G HRR server with middlebox compat support, not client" \ 14244 "$G_NEXT_SRV --priority=NORMAL:-GROUP-ALL:+GROUP-SECP384R1:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS --disable-client-cert" \ 14245 "$P_CLI debug_level=4 groups=secp256r1,secp384r1" \ 14246 0 \ 14247 -c "received HelloRetryRequest message" \ 14248 -c "Protocol is TLSv1.3" \ 14249 -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode" 14250 14251 requires_gnutls_tls1_3 14252 requires_gnutls_next_no_ticket 14253 requires_config_enabled MBEDTLS_DEBUG_C 14254 requires_config_enabled MBEDTLS_SSL_CLI_C 14255 requires_config_enabled PSA_WANT_ALG_ECDH 14256 requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 14257 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14258 run_test "TLS 1.3 m->G HRR both with middlebox compat support" \ 14259 "$G_NEXT_SRV --priority=NORMAL:-GROUP-ALL:+GROUP-SECP384R1:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS --disable-client-cert" \ 14260 "$P_CLI debug_level=4 groups=secp256r1,secp384r1" \ 14261 0 \ 14262 -c "Protocol is TLSv1.3" \ 14263 -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode" 14264 14265 requires_openssl_tls1_3_with_compatible_ephemeral 14266 requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 14267 requires_config_enabled MBEDTLS_DEBUG_C 14268 requires_config_enabled MBEDTLS_SSL_SRV_C 14269 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14270 run_test "TLS 1.3 O->m HRR both peers do not support middlebox compatibility" \ 14271 "$P_SRV debug_level=4 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key groups=secp384r1 tickets=0" \ 14272 "$O_NEXT_CLI -msg -debug -groups P-256:P-384 -no_middlebox" \ 14273 0 \ 14274 -s "Protocol is TLSv1.3" \ 14275 -S "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \ 14276 -C "14 03 03 00 01" 14277 14278 requires_openssl_tls1_3_with_compatible_ephemeral 14279 requires_config_enabled MBEDTLS_DEBUG_C 14280 requires_config_enabled MBEDTLS_SSL_SRV_C 14281 requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 14282 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14283 run_test "TLS 1.3 O->m HRR server with middlebox compat support, not client" \ 14284 "$P_SRV debug_level=4 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key groups=secp384r1 tickets=0" \ 14285 "$O_NEXT_CLI -msg -debug -groups P-256:P-384 -no_middlebox" \ 14286 0 \ 14287 -s "Protocol is TLSv1.3" \ 14288 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \ 14289 14290 requires_openssl_tls1_3_with_compatible_ephemeral 14291 requires_config_enabled MBEDTLS_DEBUG_C 14292 requires_config_enabled MBEDTLS_SSL_SRV_C 14293 requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 14294 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14295 run_test "TLS 1.3 O->m HRR both with middlebox compat support" \ 14296 "$P_SRV debug_level=4 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key groups=secp384r1 tickets=0" \ 14297 "$O_NEXT_CLI -msg -debug -groups P-256:P-384" \ 14298 0 \ 14299 -s "Protocol is TLSv1.3" \ 14300 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \ 14301 -c "14 03 03 00 01" 14302 14303 requires_gnutls_tls1_3 14304 requires_gnutls_next_no_ticket 14305 requires_gnutls_next_disable_tls13_compat 14306 requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 14307 requires_config_enabled MBEDTLS_DEBUG_C 14308 requires_config_enabled MBEDTLS_SSL_SRV_C 14309 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14310 run_test "TLS 1.3 G->m HRR both peers do not support middlebox compatibility" \ 14311 "$P_SRV debug_level=4 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key groups=secp384r1 tickets=0" \ 14312 "$G_NEXT_CLI localhost --priority=NORMAL:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \ 14313 0 \ 14314 -s "Protocol is TLSv1.3" \ 14315 -S "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \ 14316 -C "SSL 3.3 ChangeCipherSpec packet received" 14317 14318 requires_gnutls_tls1_3 14319 requires_gnutls_next_no_ticket 14320 requires_gnutls_next_disable_tls13_compat 14321 requires_config_enabled MBEDTLS_DEBUG_C 14322 requires_config_enabled MBEDTLS_SSL_SRV_C 14323 requires_config_enabled PSA_WANT_ALG_ECDH 14324 requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 14325 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14326 run_test "TLS 1.3 G->m HRR server with middlebox compat support, not client" \ 14327 "$P_SRV debug_level=4 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key groups=secp384r1 tickets=0" \ 14328 "$G_NEXT_CLI localhost --debug=10 --priority=NORMAL:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \ 14329 0 \ 14330 -s "Protocol is TLSv1.3" \ 14331 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \ 14332 -c "SSL 3.3 ChangeCipherSpec packet received" \ 14333 -c "discarding change cipher spec in TLS1.3" 14334 14335 requires_gnutls_tls1_3 14336 requires_gnutls_next_no_ticket 14337 requires_gnutls_next_disable_tls13_compat 14338 requires_config_enabled MBEDTLS_DEBUG_C 14339 requires_config_enabled MBEDTLS_SSL_SRV_C 14340 requires_config_enabled PSA_WANT_ALG_ECDH 14341 requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE 14342 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14343 run_test "TLS 1.3 G->m HRR both with middlebox compat support" \ 14344 "$P_SRV debug_level=4 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key groups=secp384r1 tickets=0" \ 14345 "$G_NEXT_CLI localhost --debug=10 --priority=NORMAL:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \ 14346 0 \ 14347 -s "Protocol is TLSv1.3" \ 14348 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \ 14349 -c "SSL 3.3 ChangeCipherSpec packet received" 14350 14351 requires_openssl_tls1_3_with_compatible_ephemeral 14352 requires_config_enabled MBEDTLS_DEBUG_C 14353 requires_config_enabled MBEDTLS_SSL_CLI_C 14354 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14355 run_test "TLS 1.3: Check signature algorithm order, m->O" \ 14356 "$O_NEXT_SRV_NO_CERT -cert $DATA_FILES_PATH/server2-sha256.crt -key $DATA_FILES_PATH/server2.key 14357 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache 14358 -Verify 10 -sigalgs rsa_pkcs1_sha512:rsa_pss_rsae_sha512:rsa_pss_rsae_sha384:ecdsa_secp256r1_sha256" \ 14359 "$P_CLI debug_level=4 crt_file=$DATA_FILES_PATH/server2-sha256.crt key_file=$DATA_FILES_PATH/server2.key \ 14360 sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp256r1_sha256" \ 14361 0 \ 14362 -c "Protocol is TLSv1.3" \ 14363 -c "CertificateVerify signature with rsa_pss_rsae_sha512" \ 14364 -c "HTTP/1.0 200 [Oo][Kk]" 14365 14366 requires_gnutls_tls1_3 14367 requires_config_enabled MBEDTLS_DEBUG_C 14368 requires_config_enabled MBEDTLS_SSL_CLI_C 14369 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14370 run_test "TLS 1.3: Check signature algorithm order, m->G" \ 14371 "$G_NEXT_SRV_NO_CERT --x509certfile $DATA_FILES_PATH/server2-sha256.crt --x509keyfile $DATA_FILES_PATH/server2.key 14372 -d 4 14373 --priority=NORMAL:-VERS-ALL:-SIGN-ALL:+SIGN-RSA-SHA512:+SIGN-RSA-PSS-RSAE-SHA512:+SIGN-RSA-PSS-RSAE-SHA384:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS " \ 14374 "$P_CLI debug_level=4 crt_file=$DATA_FILES_PATH/server2-sha256.crt key_file=$DATA_FILES_PATH/server2.key \ 14375 sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp256r1_sha256" \ 14376 0 \ 14377 -c "Protocol is TLSv1.3" \ 14378 -c "CertificateVerify signature with rsa_pss_rsae_sha512" \ 14379 -c "HTTP/1.0 200 [Oo][Kk]" 14380 14381 requires_config_enabled MBEDTLS_DEBUG_C 14382 requires_config_enabled MBEDTLS_SSL_SRV_C 14383 requires_config_enabled MBEDTLS_SSL_CLI_C 14384 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14385 run_test "TLS 1.3: Check signature algorithm order, m->m" \ 14386 "$P_SRV debug_level=4 auth_mode=required 14387 crt_file2=$DATA_FILES_PATH/server2-sha256.crt key_file2=$DATA_FILES_PATH/server2.key 14388 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key 14389 sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp256r1_sha256 " \ 14390 "$P_CLI debug_level=4 crt_file=$DATA_FILES_PATH/server2-sha256.crt key_file=$DATA_FILES_PATH/server2.key \ 14391 sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp256r1_sha256" \ 14392 0 \ 14393 -c "Protocol is TLSv1.3" \ 14394 -c "CertificateVerify signature with rsa_pss_rsae_sha512" \ 14395 -s "CertificateVerify signature with rsa_pss_rsae_sha512" \ 14396 -s "ssl_tls13_pick_key_cert:selected signature algorithm rsa_pss_rsae_sha512" \ 14397 -c "HTTP/1.0 200 [Oo][Kk]" 14398 14399 requires_openssl_tls1_3_with_compatible_ephemeral 14400 requires_config_enabled MBEDTLS_DEBUG_C 14401 requires_config_enabled MBEDTLS_SSL_SRV_C 14402 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14403 run_test "TLS 1.3: Check signature algorithm order, O->m" \ 14404 "$P_SRV debug_level=4 auth_mode=required 14405 crt_file2=$DATA_FILES_PATH/server2-sha256.crt key_file2=$DATA_FILES_PATH/server2.key 14406 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key 14407 sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp256r1_sha256 " \ 14408 "$O_NEXT_CLI_NO_CERT -msg -CAfile $DATA_FILES_PATH/test-ca_cat12.crt \ 14409 -cert $DATA_FILES_PATH/server2-sha256.crt -key $DATA_FILES_PATH/server2.key \ 14410 -sigalgs rsa_pkcs1_sha512:rsa_pss_rsae_sha512:rsa_pss_rsae_sha384:ecdsa_secp256r1_sha256" \ 14411 0 \ 14412 -c "TLSv1.3" \ 14413 -s "CertificateVerify signature with rsa_pss_rsae_sha512" \ 14414 -s "ssl_tls13_pick_key_cert:selected signature algorithm rsa_pss_rsae_sha512" 14415 14416 requires_gnutls_tls1_3 14417 requires_config_enabled MBEDTLS_DEBUG_C 14418 requires_config_enabled MBEDTLS_SSL_SRV_C 14419 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14420 run_test "TLS 1.3: Check signature algorithm order, G->m" \ 14421 "$P_SRV debug_level=4 auth_mode=required 14422 crt_file2=$DATA_FILES_PATH/server2-sha256.crt key_file2=$DATA_FILES_PATH/server2.key 14423 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key 14424 sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp256r1_sha256 " \ 14425 "$G_NEXT_CLI_NO_CERT localhost -d 4 --x509cafile $DATA_FILES_PATH/test-ca_cat12.crt \ 14426 --x509certfile $DATA_FILES_PATH/server2-sha256.crt --x509keyfile $DATA_FILES_PATH/server2.key \ 14427 --priority=NORMAL:-SIGN-ALL:+SIGN-RSA-SHA512:+SIGN-RSA-PSS-RSAE-SHA512:+SIGN-RSA-PSS-RSAE-SHA384" \ 14428 0 \ 14429 -c "Negotiated version: 3.4" \ 14430 -c "HTTP/1.0 200 [Oo][Kk]" \ 14431 -s "CertificateVerify signature with rsa_pss_rsae_sha512" \ 14432 -s "ssl_tls13_pick_key_cert:selected signature algorithm rsa_pss_rsae_sha512" 14433 14434 requires_gnutls_tls1_3 14435 requires_config_enabled MBEDTLS_DEBUG_C 14436 requires_config_enabled MBEDTLS_SSL_SRV_C 14437 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14438 run_test "TLS 1.3: Check server no suitable signature algorithm, G->m" \ 14439 "$P_SRV debug_level=4 auth_mode=required 14440 crt_file2=$DATA_FILES_PATH/server2-sha256.crt key_file2=$DATA_FILES_PATH/server2.key 14441 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key 14442 sig_algs=rsa_pkcs1_sha512,ecdsa_secp256r1_sha256 " \ 14443 "$G_NEXT_CLI_NO_CERT localhost -d 4 --x509cafile $DATA_FILES_PATH/test-ca_cat12.crt \ 14444 --x509certfile $DATA_FILES_PATH/server2-sha256.crt --x509keyfile $DATA_FILES_PATH/server2.key \ 14445 --priority=NORMAL:-SIGN-ALL:+SIGN-RSA-SHA512:+SIGN-RSA-PSS-RSAE-SHA512:+SIGN-ECDSA-SECP521R1-SHA512" \ 14446 1 \ 14447 -S "ssl_tls13_pick_key_cert:check signature algorithm" 14448 14449 requires_openssl_tls1_3_with_compatible_ephemeral 14450 requires_config_enabled MBEDTLS_DEBUG_C 14451 requires_config_enabled MBEDTLS_SSL_SRV_C 14452 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14453 run_test "TLS 1.3: Check server no suitable signature algorithm, O->m" \ 14454 "$P_SRV debug_level=4 auth_mode=required 14455 crt_file2=$DATA_FILES_PATH/server2-sha256.crt key_file2=$DATA_FILES_PATH/server2.key 14456 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key 14457 sig_algs=rsa_pkcs1_sha512,ecdsa_secp256r1_sha256" \ 14458 "$O_NEXT_CLI_NO_CERT -msg -CAfile $DATA_FILES_PATH/test-ca_cat12.crt \ 14459 -cert $DATA_FILES_PATH/server2-sha256.crt -key $DATA_FILES_PATH/server2.key \ 14460 -sigalgs rsa_pkcs1_sha512:rsa_pss_rsae_sha512:ecdsa_secp521r1_sha512" \ 14461 1 \ 14462 -S "ssl_tls13_pick_key_cert:check signature algorithm" 14463 14464 requires_config_enabled MBEDTLS_DEBUG_C 14465 requires_config_enabled MBEDTLS_SSL_SRV_C 14466 requires_config_enabled MBEDTLS_SSL_CLI_C 14467 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14468 run_test "TLS 1.3: Check server no suitable signature algorithm, m->m" \ 14469 "$P_SRV debug_level=4 auth_mode=required 14470 crt_file2=$DATA_FILES_PATH/server2-sha256.crt key_file2=$DATA_FILES_PATH/server2.key 14471 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key 14472 sig_algs=rsa_pkcs1_sha512,ecdsa_secp256r1_sha256 " \ 14473 "$P_CLI allow_sha1=0 debug_level=4 crt_file=$DATA_FILES_PATH/server2-sha256.crt key_file=$DATA_FILES_PATH/server2.key \ 14474 sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,ecdsa_secp521r1_sha512" \ 14475 1 \ 14476 -S "ssl_tls13_pick_key_cert:check signature algorithm" 14477 14478 requires_gnutls_tls1_3 14479 requires_config_enabled MBEDTLS_DEBUG_C 14480 requires_config_enabled MBEDTLS_SSL_SRV_C 14481 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14482 run_test "TLS 1.3: Check server no suitable certificate, G->m" \ 14483 "$P_SRV debug_level=4 14484 crt_file=$DATA_FILES_PATH/server2-sha256.crt key_file=$DATA_FILES_PATH/server2.key 14485 sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp256r1_sha256 " \ 14486 "$G_NEXT_CLI_NO_CERT localhost -d 4 --x509cafile $DATA_FILES_PATH/test-ca_cat12.crt \ 14487 --priority=NORMAL:-SIGN-ALL:+SIGN-ECDSA-SECP521R1-SHA512:+SIGN-ECDSA-SECP256R1-SHA256" \ 14488 1 \ 14489 -s "ssl_tls13_pick_key_cert:no suitable certificate found" 14490 14491 requires_openssl_tls1_3_with_compatible_ephemeral 14492 requires_config_enabled MBEDTLS_DEBUG_C 14493 requires_config_enabled MBEDTLS_SSL_SRV_C 14494 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14495 run_test "TLS 1.3: Check server no suitable certificate, O->m" \ 14496 "$P_SRV debug_level=4 14497 crt_file=$DATA_FILES_PATH/server2-sha256.crt key_file=$DATA_FILES_PATH/server2.key 14498 sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp256r1_sha256 " \ 14499 "$O_NEXT_CLI_NO_CERT -msg -CAfile $DATA_FILES_PATH/test-ca_cat12.crt \ 14500 -sigalgs ecdsa_secp521r1_sha512:ecdsa_secp256r1_sha256" \ 14501 1 \ 14502 -s "ssl_tls13_pick_key_cert:no suitable certificate found" 14503 14504 requires_config_enabled MBEDTLS_DEBUG_C 14505 requires_config_enabled MBEDTLS_SSL_SRV_C 14506 requires_config_enabled MBEDTLS_SSL_CLI_C 14507 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14508 run_test "TLS 1.3: Check server no suitable certificate, m->m" \ 14509 "$P_SRV debug_level=4 14510 crt_file=$DATA_FILES_PATH/server2-sha256.crt key_file=$DATA_FILES_PATH/server2.key 14511 sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp256r1_sha256 " \ 14512 "$P_CLI allow_sha1=0 debug_level=4 \ 14513 sig_algs=ecdsa_secp521r1_sha512,ecdsa_secp256r1_sha256" \ 14514 1 \ 14515 -s "ssl_tls13_pick_key_cert:no suitable certificate found" 14516 14517 requires_openssl_tls1_3_with_compatible_ephemeral 14518 requires_config_enabled MBEDTLS_DEBUG_C 14519 requires_config_enabled MBEDTLS_SSL_CLI_C 14520 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14521 run_test "TLS 1.3: Check client no signature algorithm, m->O" \ 14522 "$O_NEXT_SRV_NO_CERT -cert $DATA_FILES_PATH/server2-sha256.crt -key $DATA_FILES_PATH/server2.key 14523 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache 14524 -Verify 10 -sigalgs rsa_pkcs1_sha512:rsa_pss_rsae_sha512:rsa_pss_rsae_sha384:ecdsa_secp521r1_sha512" \ 14525 "$P_CLI debug_level=4 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \ 14526 sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp256r1_sha256" \ 14527 1 \ 14528 -c "no suitable signature algorithm" 14529 14530 requires_gnutls_tls1_3 14531 requires_config_enabled MBEDTLS_DEBUG_C 14532 requires_config_enabled MBEDTLS_SSL_CLI_C 14533 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14534 run_test "TLS 1.3: Check client no signature algorithm, m->G" \ 14535 "$G_NEXT_SRV_NO_CERT --x509certfile $DATA_FILES_PATH/server2-sha256.crt --x509keyfile $DATA_FILES_PATH/server2.key 14536 -d 4 14537 --priority=NORMAL:-VERS-ALL:-SIGN-ALL:+SIGN-RSA-SHA512:+SIGN-RSA-PSS-RSAE-SHA512:+SIGN-RSA-PSS-RSAE-SHA384:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS " \ 14538 "$P_CLI debug_level=4 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \ 14539 sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp256r1_sha256" \ 14540 1 \ 14541 -c "no suitable signature algorithm" 14542 14543 requires_config_enabled MBEDTLS_DEBUG_C 14544 requires_config_enabled MBEDTLS_SSL_SRV_C 14545 requires_config_enabled MBEDTLS_SSL_CLI_C 14546 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14547 run_test "TLS 1.3: Check client no signature algorithm, m->m" \ 14548 "$P_SRV debug_level=4 auth_mode=required 14549 crt_file2=$DATA_FILES_PATH/server2-sha256.crt key_file2=$DATA_FILES_PATH/server2.key 14550 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key 14551 sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp521r1_sha512" \ 14552 "$P_CLI debug_level=4 crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \ 14553 sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp256r1_sha256" \ 14554 1 \ 14555 -c "no suitable signature algorithm" 14556 14557 requires_openssl_tls1_3_with_compatible_ephemeral 14558 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 14559 requires_config_enabled MBEDTLS_DEBUG_C 14560 requires_config_enabled MBEDTLS_SSL_CLI_C 14561 run_test "TLS 1.2: Check rsa_pss_rsae compatibility issue, m->O" \ 14562 "$O_NEXT_SRV_NO_CERT -cert $DATA_FILES_PATH/server2-sha256.crt -key $DATA_FILES_PATH/server2.key 14563 -msg -tls1_2 14564 -Verify 10 " \ 14565 "$P_CLI debug_level=4 crt_file=$DATA_FILES_PATH/server2-sha256.crt key_file=$DATA_FILES_PATH/server2.key 14566 sig_algs=rsa_pss_rsae_sha512,rsa_pkcs1_sha512 14567 min_version=tls12 max_version=tls13 " \ 14568 0 \ 14569 -c "Protocol is TLSv1.2" \ 14570 -c "HTTP/1.0 200 [Oo][Kk]" 14571 14572 14573 requires_gnutls_tls1_3 14574 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 14575 requires_config_enabled MBEDTLS_DEBUG_C 14576 requires_config_enabled MBEDTLS_SSL_CLI_C 14577 run_test "TLS 1.2: Check rsa_pss_rsae compatibility issue, m->G" \ 14578 "$G_NEXT_SRV_NO_CERT --x509certfile $DATA_FILES_PATH/server2-sha256.crt --x509keyfile $DATA_FILES_PATH/server2.key 14579 -d 4 14580 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2" \ 14581 "$P_CLI debug_level=4 crt_file=$DATA_FILES_PATH/server2-sha256.crt key_file=$DATA_FILES_PATH/server2.key 14582 sig_algs=rsa_pss_rsae_sha512,rsa_pkcs1_sha512 14583 min_version=tls12 max_version=tls13 " \ 14584 0 \ 14585 -c "Protocol is TLSv1.2" \ 14586 -c "HTTP/1.0 200 [Oo][Kk]" 14587 14588 requires_config_enabled MBEDTLS_SSL_SRV_C 14589 requires_config_enabled MBEDTLS_DEBUG_C 14590 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14591 requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT 14592 requires_config_enabled PSA_WANT_ALG_FFDH 14593 requires_config_enabled PSA_WANT_DH_RFC7919_3072 14594 requires_gnutls_tls1_3 14595 requires_gnutls_next_no_ticket 14596 requires_gnutls_next_disable_tls13_compat 14597 run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,ffdhe3072,rsa_pss_rsae_sha256" \ 14598 "$P_SRV crt_file=$DATA_FILES_PATH/server2-sha256.crt key_file=$DATA_FILES_PATH/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe3072 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ 14599 "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile $DATA_FILES_PATH/test-ca_cat12.crt --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE3072:+VERS-TLS1.3:%NO_TICKETS" \ 14600 0 \ 14601 -s "Protocol is TLSv1.3" \ 14602 -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ 14603 -s "received signature algorithm: 0x804" \ 14604 -s "got named group: ffdhe3072(0101)" \ 14605 -s "Certificate verification was skipped" \ 14606 -C "received HelloRetryRequest message" 14607 14608 14609 requires_gnutls_tls1_3 14610 requires_gnutls_next_no_ticket 14611 requires_gnutls_next_disable_tls13_compat 14612 requires_config_enabled MBEDTLS_SSL_CLI_C 14613 requires_config_enabled MBEDTLS_DEBUG_C 14614 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14615 requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT 14616 requires_config_enabled PSA_WANT_ALG_FFDH 14617 requires_config_enabled PSA_WANT_DH_RFC7919_3072 14618 run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,ffdhe3072,rsa_pss_rsae_sha256" \ 14619 "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile $DATA_FILES_PATH/server2-sha256.crt --x509keyfile $DATA_FILES_PATH/server2.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE3072:+VERS-TLS1.3:%NO_TICKETS" \ 14620 "$P_CLI ca_file=$DATA_FILES_PATH/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe3072" \ 14621 0 \ 14622 -c "HTTP/1.0 200 OK" \ 14623 -c "Protocol is TLSv1.3" \ 14624 -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \ 14625 -c "Certificate Verify: Signature algorithm ( 0804 )" \ 14626 -c "NamedGroup: ffdhe3072 ( 101 )" \ 14627 -c "Verifying peer X.509 certificate... ok" \ 14628 -C "received HelloRetryRequest message" 14629 14630 requires_config_enabled MBEDTLS_SSL_SRV_C 14631 requires_config_enabled MBEDTLS_DEBUG_C 14632 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14633 requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT 14634 requires_config_enabled PSA_WANT_ALG_FFDH 14635 requires_config_enabled PSA_WANT_DH_RFC7919_4096 14636 requires_gnutls_tls1_3 14637 requires_gnutls_next_no_ticket 14638 requires_gnutls_next_disable_tls13_compat 14639 run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,ffdhe4096,rsa_pss_rsae_sha256" \ 14640 "$P_SRV crt_file=$DATA_FILES_PATH/server2-sha256.crt key_file=$DATA_FILES_PATH/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe4096 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ 14641 "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile $DATA_FILES_PATH/test-ca_cat12.crt --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE4096:+VERS-TLS1.3:%NO_TICKETS" \ 14642 0 \ 14643 -s "Protocol is TLSv1.3" \ 14644 -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ 14645 -s "received signature algorithm: 0x804" \ 14646 -s "got named group: ffdhe4096(0102)" \ 14647 -s "Certificate verification was skipped" \ 14648 -C "received HelloRetryRequest message" 14649 14650 14651 requires_gnutls_tls1_3 14652 requires_gnutls_next_no_ticket 14653 requires_gnutls_next_disable_tls13_compat 14654 requires_config_enabled MBEDTLS_SSL_CLI_C 14655 requires_config_enabled MBEDTLS_DEBUG_C 14656 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14657 requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT 14658 requires_config_enabled PSA_WANT_ALG_FFDH 14659 requires_config_enabled PSA_WANT_DH_RFC7919_4096 14660 run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,ffdhe4096,rsa_pss_rsae_sha256" \ 14661 "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile $DATA_FILES_PATH/server2-sha256.crt --x509keyfile $DATA_FILES_PATH/server2.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE4096:+VERS-TLS1.3:%NO_TICKETS" \ 14662 "$P_CLI ca_file=$DATA_FILES_PATH/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe4096" \ 14663 0 \ 14664 -c "HTTP/1.0 200 OK" \ 14665 -c "Protocol is TLSv1.3" \ 14666 -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \ 14667 -c "Certificate Verify: Signature algorithm ( 0804 )" \ 14668 -c "NamedGroup: ffdhe4096 ( 102 )" \ 14669 -c "Verifying peer X.509 certificate... ok" \ 14670 -C "received HelloRetryRequest message" 14671 14672 requires_config_enabled MBEDTLS_SSL_SRV_C 14673 requires_config_enabled MBEDTLS_DEBUG_C 14674 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14675 requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT 14676 requires_config_enabled PSA_WANT_ALG_FFDH 14677 requires_config_enabled PSA_WANT_DH_RFC7919_6144 14678 requires_gnutls_tls1_3 14679 requires_gnutls_next_no_ticket 14680 requires_gnutls_next_disable_tls13_compat 14681 # Tests using FFDH with a large prime take a long time to run with a memory 14682 # sanitizer. GnuTLS <=3.8.1 has a hard-coded timeout and gives up after 14683 # 30s (since 3.8.1, it can be configured with --timeout). We've observed 14684 # 8192-bit FFDH test cases failing intermittently on heavily loaded CI 14685 # executors (https://github.com/Mbed-TLS/mbedtls/issues/9742), 14686 # when using MSan. As a workaround, skip them. 14687 # Also skip 6144-bit FFDH to have a bit of safety margin. 14688 not_with_msan_or_valgrind 14689 run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,ffdhe6144,rsa_pss_rsae_sha256" \ 14690 "$P_SRV crt_file=$DATA_FILES_PATH/server2-sha256.crt key_file=$DATA_FILES_PATH/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe6144 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ 14691 "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile $DATA_FILES_PATH/test-ca_cat12.crt --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE6144:+VERS-TLS1.3:%NO_TICKETS" \ 14692 0 \ 14693 -s "Protocol is TLSv1.3" \ 14694 -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ 14695 -s "received signature algorithm: 0x804" \ 14696 -s "got named group: ffdhe6144(0103)" \ 14697 -s "Certificate verification was skipped" \ 14698 -C "received HelloRetryRequest message" 14699 14700 requires_gnutls_tls1_3 14701 requires_gnutls_next_no_ticket 14702 requires_gnutls_next_disable_tls13_compat 14703 requires_config_enabled MBEDTLS_SSL_CLI_C 14704 requires_config_enabled MBEDTLS_DEBUG_C 14705 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14706 requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT 14707 requires_config_enabled PSA_WANT_ALG_FFDH 14708 requires_config_enabled PSA_WANT_DH_RFC7919_6144 14709 not_with_msan_or_valgrind 14710 run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,ffdhe6144,rsa_pss_rsae_sha256" \ 14711 "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile $DATA_FILES_PATH/server2-sha256.crt --x509keyfile $DATA_FILES_PATH/server2.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE6144:+VERS-TLS1.3:%NO_TICKETS" \ 14712 "$P_CLI ca_file=$DATA_FILES_PATH/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe6144" \ 14713 0 \ 14714 -c "HTTP/1.0 200 OK" \ 14715 -c "Protocol is TLSv1.3" \ 14716 -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \ 14717 -c "Certificate Verify: Signature algorithm ( 0804 )" \ 14718 -c "NamedGroup: ffdhe6144 ( 103 )" \ 14719 -c "Verifying peer X.509 certificate... ok" \ 14720 -C "received HelloRetryRequest message" 14721 14722 requires_config_enabled MBEDTLS_SSL_SRV_C 14723 requires_config_enabled MBEDTLS_DEBUG_C 14724 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14725 requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT 14726 requires_config_enabled PSA_WANT_ALG_FFDH 14727 requires_config_enabled PSA_WANT_DH_RFC7919_8192 14728 requires_gnutls_tls1_3 14729 requires_gnutls_next_no_ticket 14730 requires_gnutls_next_disable_tls13_compat 14731 not_with_msan_or_valgrind 14732 client_needs_more_time 4 14733 run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,ffdhe8192,rsa_pss_rsae_sha256" \ 14734 "$P_SRV crt_file=$DATA_FILES_PATH/server2-sha256.crt key_file=$DATA_FILES_PATH/server2.key debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe8192 tls13_kex_modes=ephemeral cookies=0 tickets=0" \ 14735 "$G_NEXT_CLI_NO_CERT --debug=4 --single-key-share --x509cafile $DATA_FILES_PATH/test-ca_cat12.crt --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE8192:+VERS-TLS1.3:%NO_TICKETS" \ 14736 0 \ 14737 -s "Protocol is TLSv1.3" \ 14738 -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \ 14739 -s "received signature algorithm: 0x804" \ 14740 -s "got named group: ffdhe8192(0104)" \ 14741 -s "Certificate verification was skipped" \ 14742 -C "received HelloRetryRequest message" 14743 14744 requires_gnutls_tls1_3 14745 requires_gnutls_next_no_ticket 14746 requires_gnutls_next_disable_tls13_compat 14747 requires_config_enabled MBEDTLS_SSL_CLI_C 14748 requires_config_enabled MBEDTLS_DEBUG_C 14749 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14750 requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT 14751 requires_config_enabled PSA_WANT_ALG_FFDH 14752 requires_config_enabled PSA_WANT_DH_RFC7919_8192 14753 not_with_msan_or_valgrind 14754 client_needs_more_time 4 14755 run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,ffdhe8192,rsa_pss_rsae_sha256" \ 14756 "$G_NEXT_SRV_NO_CERT --http --disable-client-cert --debug=4 --x509certfile $DATA_FILES_PATH/server2-sha256.crt --x509keyfile $DATA_FILES_PATH/server2.key --priority=NONE:+AES-128-GCM:+SHA256:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:+GROUP-FFDHE8192:+VERS-TLS1.3:%NO_TICKETS" \ 14757 "$P_CLI ca_file=$DATA_FILES_PATH/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 sig_algs=rsa_pss_rsae_sha256 groups=ffdhe8192" \ 14758 0 \ 14759 -c "HTTP/1.0 200 OK" \ 14760 -c "Protocol is TLSv1.3" \ 14761 -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \ 14762 -c "Certificate Verify: Signature algorithm ( 0804 )" \ 14763 -c "NamedGroup: ffdhe8192 ( 104 )" \ 14764 -c "Verifying peer X.509 certificate... ok" \ 14765 -C "received HelloRetryRequest message" 14766 14767 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 14768 requires_config_enabled MBEDTLS_SSL_SRV_C 14769 requires_config_enabled MBEDTLS_SSL_CLI_C 14770 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED 14771 requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED 14772 run_test "TLS 1.3: no HRR in case of PSK key exchange mode" \ 14773 "$P_SRV nbio=2 psk=73776f726466697368 psk_identity=0a0b0c tls13_kex_modes=psk groups=none" \ 14774 "$P_CLI nbio=2 debug_level=3 psk=73776f726466697368 psk_identity=0a0b0c tls13_kex_modes=all" \ 14775 0 \ 14776 -C "received HelloRetryRequest message" \ 14777 -c "Selected key exchange mode: psk$" \ 14778 -c "HTTP/1.0 200 OK" 14779 14780 # Legacy_compression_methods testing 14781 14782 requires_gnutls 14783 requires_config_enabled MBEDTLS_SSL_SRV_C 14784 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 14785 run_test "TLS 1.2 ClientHello indicating support for deflate compression method" \ 14786 "$P_SRV debug_level=3" \ 14787 "$G_CLI --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:+COMP-DEFLATE localhost" \ 14788 0 \ 14789 -c "Handshake was completed" \ 14790 -s "dumping .client hello, compression. (2 bytes)" 14791 14792 # Handshake defragmentation testing 14793 14794 # Most test cases are in opt-testcases/handshake-generated.sh 14795 14796 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 14797 requires_certificate_authentication 14798 run_test "Handshake defragmentation on server: len=32, TLS 1.2 ClientHello (unsupported)" \ 14799 "$P_SRV debug_level=4 force_version=tls12 auth_mode=required" \ 14800 "$O_NEXT_CLI -tls1_2 -split_send_frag 32 -cert $DATA_FILES_PATH/server5.crt -key $DATA_FILES_PATH/server5.key" \ 14801 1 \ 14802 -s "The SSL configuration is tls12 only" \ 14803 -s "bad client hello message" \ 14804 -s "SSL - A message could not be parsed due to a syntactic error" 14805 14806 # Test server-side buffer resizing with fragmented handshake on TLS1.2 14807 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 14808 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 14809 requires_config_enabled MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH 14810 requires_max_content_len 1025 14811 run_test "Handshake defragmentation on server: len=256, buffer resizing with MFL=1024" \ 14812 "$P_SRV debug_level=4 auth_mode=required" \ 14813 "$O_NEXT_CLI -tls1_2 -split_send_frag 256 -maxfraglen 1024 -cert $DATA_FILES_PATH/server5.crt -key $DATA_FILES_PATH/server5.key" \ 14814 0 \ 14815 -s "Reallocating in_buf" \ 14816 -s "Reallocating out_buf" \ 14817 -s "reassembled record" \ 14818 -s "initial handshake fragment: 256, 0\\.\\.256 of [0-9]\\+" \ 14819 -s "Prepare: waiting for more handshake fragments 256/" \ 14820 -s "Consume: waiting for more handshake fragments 256/" 14821 14822 # Test client-initiated renegotiation with fragmented handshake on TLS1.2 14823 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 14824 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 14825 run_test "Handshake defragmentation on server: len=512, client-initiated renegotiation" \ 14826 "$P_SRV debug_level=4 exchanges=2 renegotiation=1 auth_mode=required" \ 14827 "$O_NEXT_CLI_RENEGOTIATE -tls1_2 -split_send_frag 512 -connect 127.0.0.1:+$SRV_PORT" \ 14828 0 \ 14829 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 14830 -s "found renegotiation extension" \ 14831 -s "server hello, secure renegotiation extension" \ 14832 -s "=> renegotiate" \ 14833 -S "write hello request" \ 14834 -s "reassembled record" \ 14835 -s "initial handshake fragment: 512, 0\\.\\.512 of [0-9]\\+" \ 14836 -s "Prepare: waiting for more handshake fragments 512/" \ 14837 -s "Consume: waiting for more handshake fragments 512/" \ 14838 14839 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 14840 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 14841 run_test "Handshake defragmentation on server: len=256, client-initiated renegotiation" \ 14842 "$P_SRV debug_level=4 exchanges=2 renegotiation=1 auth_mode=required" \ 14843 "$O_NEXT_CLI_RENEGOTIATE -tls1_2 -split_send_frag 256 -connect 127.0.0.1:+$SRV_PORT" \ 14844 0 \ 14845 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 14846 -s "found renegotiation extension" \ 14847 -s "server hello, secure renegotiation extension" \ 14848 -s "=> renegotiate" \ 14849 -S "write hello request" \ 14850 -s "reassembled record" \ 14851 -s "initial handshake fragment: 256, 0\\.\\.256 of [0-9]\\+" \ 14852 -s "Prepare: waiting for more handshake fragments 256/" \ 14853 -s "Consume: waiting for more handshake fragments 256/" \ 14854 14855 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 14856 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 14857 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 14858 run_test "Handshake defragmentation on server: len=128, client-initiated renegotiation" \ 14859 "$P_SRV debug_level=4 exchanges=2 renegotiation=1 auth_mode=required" \ 14860 "$O_NEXT_CLI_RENEGOTIATE -tls1_2 -split_send_frag 128 -connect 127.0.0.1:+$SRV_PORT" \ 14861 0 \ 14862 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 14863 -s "found renegotiation extension" \ 14864 -s "server hello, secure renegotiation extension" \ 14865 -s "=> renegotiate" \ 14866 -S "write hello request" \ 14867 -s "reassembled record" \ 14868 -s "initial handshake fragment: 128, 0\\.\\.128 of [0-9]\\+" \ 14869 -s "Prepare: waiting for more handshake fragments 128/" \ 14870 -s "Consume: waiting for more handshake fragments 128/" \ 14871 14872 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 14873 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 14874 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 14875 run_test "Handshake defragmentation on server: len=4, client-initiated renegotiation" \ 14876 "$P_SRV debug_level=4 exchanges=2 renegotiation=1 auth_mode=required" \ 14877 "$O_NEXT_CLI_RENEGOTIATE -tls1_2 -split_send_frag 4 -connect 127.0.0.1:+$SRV_PORT" \ 14878 0 \ 14879 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 14880 -s "found renegotiation extension" \ 14881 -s "server hello, secure renegotiation extension" \ 14882 -s "=> renegotiate" \ 14883 -S "write hello request" \ 14884 -s "reassembled record" \ 14885 -s "initial handshake fragment: 4, 0\\.\\.4 of [0-9]\\+" \ 14886 -s "Prepare: waiting for more handshake fragments 4/" \ 14887 -s "Consume: waiting for more handshake fragments 4/" \ 14888 14889 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 14890 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3 14891 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 14892 run_test "Handshake defragmentation on server: len=4, client-initiated server-rejected renegotiation" \ 14893 "$P_SRV debug_level=4 exchanges=2 renegotiation=0 auth_mode=required" \ 14894 "$O_NEXT_CLI_RENEGOTIATE -tls1_2 -split_send_frag 4 -connect 127.0.0.1:+$SRV_PORT" \ 14895 1 \ 14896 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \ 14897 -s "refusing renegotiation, sending alert" \ 14898 -s "server hello, secure renegotiation extension" \ 14899 -s "initial handshake fragment: 4, 0\\.\\.4 of [0-9]\\+" \ 14900 -s "Prepare: waiting for more handshake fragments 4/" \ 14901 -s "Consume: waiting for more handshake fragments 4/" \ 14902 14903 # Test server-initiated renegotiation with fragmented handshake on TLS1.2 14904 14905 # Note: The /reneg endpoint serves as a directive for OpenSSL's s_server 14906 # to initiate a handshake renegotiation. 14907 # Note: Adjusting the renegotiation delay beyond the library's default 14908 # value of 16 is necessary. This parameter defines the maximum 14909 # number of records received before renegotiation is completed. 14910 # By fragmenting records and thereby increasing their quantity, 14911 # the default threshold can be reached more quickly. 14912 # Setting it to -1 disables that policy's enforment. 14913 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 14914 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 14915 run_test "Handshake defragmentation on client: len=512, server-initiated renegotiation" \ 14916 "$O_NEXT_SRV -tls1_2 -split_send_frag 512 -cert $DATA_FILES_PATH/server5.crt -key $DATA_FILES_PATH/server5.key" \ 14917 "$P_CLI debug_level=3 renegotiation=1 request_page=/reneg" \ 14918 0 \ 14919 -c "initial handshake fragment: 512, 0\\.\\.512 of [0-9]\\+" \ 14920 -c "Prepare: waiting for more handshake fragments 512/" \ 14921 -c "Consume: waiting for more handshake fragments 512/" \ 14922 -c "client hello, adding renegotiation extension" \ 14923 -c "found renegotiation extension" \ 14924 -c "=> renegotiate" 14925 14926 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 14927 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 14928 run_test "Handshake defragmentation on client: len=256, server-initiated renegotiation" \ 14929 "$O_NEXT_SRV -tls1_2 -split_send_frag 256 -cert $DATA_FILES_PATH/server5.crt -key $DATA_FILES_PATH/server5.key" \ 14930 "$P_CLI debug_level=3 renegotiation=1 renego_delay=-1 request_page=/reneg" \ 14931 0 \ 14932 -c "initial handshake fragment: 256, 0\\.\\.256 of [0-9]\\+" \ 14933 -c "Prepare: waiting for more handshake fragments 256/" \ 14934 -c "Consume: waiting for more handshake fragments 256/" \ 14935 -c "client hello, adding renegotiation extension" \ 14936 -c "found renegotiation extension" \ 14937 -c "=> renegotiate" 14938 14939 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 14940 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 14941 run_test "Handshake defragmentation on client: len=128, server-initiated renegotiation" \ 14942 "$O_NEXT_SRV -tls1_2 -split_send_frag 128 -cert $DATA_FILES_PATH/server5.crt -key $DATA_FILES_PATH/server5.key" \ 14943 "$P_CLI debug_level=3 renegotiation=1 renego_delay=-1 request_page=/reneg" \ 14944 0 \ 14945 -c "initial handshake fragment: 128, 0\\.\\.128 of [0-9]\\+" \ 14946 -c "Prepare: waiting for more handshake fragments 128/" \ 14947 -c "Consume: waiting for more handshake fragments 128/" \ 14948 -c "client hello, adding renegotiation extension" \ 14949 -c "found renegotiation extension" \ 14950 -c "=> renegotiate" 14951 14952 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 14953 requires_config_enabled MBEDTLS_SSL_RENEGOTIATION 14954 run_test "Handshake defragmentation on client: len=4, server-initiated renegotiation" \ 14955 "$O_NEXT_SRV -tls1_2 -split_send_frag 4 -cert $DATA_FILES_PATH/server5.crt -key $DATA_FILES_PATH/server5.key" \ 14956 "$P_CLI debug_level=3 renegotiation=1 renego_delay=-1 request_page=/reneg" \ 14957 0 \ 14958 -c "initial handshake fragment: 4, 0\\.\\.4 of [0-9]\\+" \ 14959 -c "Prepare: waiting for more handshake fragments 4/" \ 14960 -c "Consume: waiting for more handshake fragments 4/" \ 14961 -c "client hello, adding renegotiation extension" \ 14962 -c "found renegotiation extension" \ 14963 -c "=> renegotiate" 14964 14965 # Test heap memory usage after handshake 14966 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 14967 requires_config_enabled MBEDTLS_MEMORY_DEBUG 14968 requires_config_enabled MBEDTLS_MEMORY_BUFFER_ALLOC_C 14969 requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH 14970 requires_max_content_len 16384 14971 run_tests_memory_after_handshake 14972 14973 if [ "$LIST_TESTS" -eq 0 ]; then 14974 14975 # Final report 14976 14977 echo "------------------------------------------------------------------------" 14978 14979 if [ $FAILS = 0 ]; then 14980 printf "PASSED" 14981 else 14982 printf "FAILED" 14983 fi 14984 PASSES=$(( $TESTS - $FAILS )) 14985 echo " ($PASSES / $TESTS tests ($SKIPS skipped))" 14986 14987 if [ $((TESTS - SKIPS)) -lt $MIN_TESTS ]; then 14988 cat <<EOF 14989 Error: Expected to run at least $MIN_TESTS, but only ran $((TESTS - SKIPS)). 14990 Maybe a bad filter ('$FILTER') or a bad configuration? 14991 EOF 14992 if [ $FAILS -eq 0 ]; then 14993 FAILS=1 14994 fi 14995 fi 14996 fi 14997 14998 if [ $FAILS -gt 255 ]; then 14999 # Clamp at 255 as caller gets exit code & 0xFF 15000 # (so 256 would be 0, or success, etc) 15001 FAILS=255 15002 fi 15003 exit $FAILS