TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls.git / 43aa905d1e0c5c3e8fbec98adc496bcd7d46b51f / . / tests / compat.sh
blob: 0eae1eab36051cd3daed09b7d32ea3dca59a05f9 [file] [log] [blame]
Gilles Peskine7dc97042020-02-26 19:48:43 +0100[diff] [blame]1#!/bin/sh
2
3# compat.sh
4#
5# This file is part of mbed TLS (https://tls.mbed.org)
6#
7# Copyright (c) 2012-2016, ARM Limited, All Rights Reserved
8#
9# Purpose
10#
11# Test interoperbility with OpenSSL, GnuTLS as well as itself.
12#
13# Check each common ciphersuite, with each version, both ways (client/server),
14# with and without client authentication.
15
16set -u
17
18# initialise counters
19TESTS=0
20FAILED=0
21SKIPPED=0
22SRVMEM=0
23
24# default commands, can be overridden by the environment
25: ${M_SRV:=../programs/ssl/ssl_server2}
26: ${M_CLI:=../programs/ssl/ssl_client2}
27: ${OPENSSL_CMD:=openssl} # OPENSSL would conflict with the build system
28: ${GNUTLS_CLI:=gnutls-cli}
29: ${GNUTLS_SERV:=gnutls-serv}
30
31# do we have a recent enough GnuTLS?
32if ( which $GNUTLS_CLI && which $GNUTLS_SERV ) >/dev/null 2>&1; then
33 G_VER="$( $GNUTLS_CLI --version | head -n1 )"
34 if echo "$G_VER" | grep '@VERSION@' > /dev/null; then # git version
35 PEER_GNUTLS=" GnuTLS"
36 else
37 eval $( echo $G_VER | sed 's/.* \([0-9]*\)\.\([0-9]\)*\.\([0-9]*\)$/MAJOR="\1" MINOR="\2" PATCH="\3"/' )
38 if [ $MAJOR -lt 3 -o \
39 \( $MAJOR -eq 3 -a $MINOR -lt 2 \) -o \
40 \( $MAJOR -eq 3 -a $MINOR -eq 2 -a $PATCH -lt 15 \) ]
41 then
42 PEER_GNUTLS=""
43 else
44 PEER_GNUTLS=" GnuTLS"
45 if [ $MINOR -lt 4 ]; then
46 GNUTLS_MINOR_LT_FOUR='x'
47 fi
48 fi
49 fi
50else
51 PEER_GNUTLS=""
52fi
53
54# default values for options
55MODES="tls1 tls1_1 tls1_2 dtls1 dtls1_2"
56VERIFIES="NO YES"
57TYPES="ECDSA RSA PSK"
58FILTER=""
59# exclude:
60# - NULL: excluded from our default config
61# - RC4, single-DES: requires legacy OpenSSL/GnuTLS versions
62# avoid plain DES but keep 3DES-EDE-CBC (mbedTLS), DES-CBC3 (OpenSSL)
63# - ARIA: not in default config.h + requires OpenSSL >= 1.1.1
64# - ChachaPoly: requires OpenSSL >= 1.1.0
65# - 3DES: not in default config
66EXCLUDE='NULL\|DES\|RC4\|ARCFOUR\|ARIA\|CHACHA20-POLY1305'
67VERBOSE=""
68MEMCHECK=0
69PEERS="OpenSSL$PEER_GNUTLS mbedTLS"
70
71# hidden option: skip DTLS with OpenSSL
72# (travis CI has a version that doesn't work for us)
73: ${OSSL_NO_DTLS:=0}
74
75print_usage() {
76 echo "Usage: $0"
77 printf " -h|--help\tPrint this help.\n"
78 printf " -f|--filter\tOnly matching ciphersuites are tested (Default: '$FILTER')\n"
79 printf " -e|--exclude\tMatching ciphersuites are excluded (Default: '$EXCLUDE')\n"
80 printf " -m|--modes\tWhich modes to perform (Default: '$MODES')\n"
81 printf " -t|--types\tWhich key exchange type to perform (Default: '$TYPES')\n"
82 printf " -V|--verify\tWhich verification modes to perform (Default: '$VERIFIES')\n"
83 printf " -p|--peers\tWhich peers to use (Default: '$PEERS')\n"
84 printf " \tAlso available: GnuTLS (needs v3.2.15 or higher)\n"
85 printf " -M|--memcheck\tCheck memory leaks and errors.\n"
86 printf " -v|--verbose\tSet verbose output.\n"
87}
88
89get_options() {
90 while [ $# -gt 0 ]; do
91 case "$1" in
92 -f|--filter)
93 shift; FILTER=$1
94 ;;
95 -e|--exclude)
96 shift; EXCLUDE=$1
97 ;;
98 -m|--modes)
99 shift; MODES=$1
100 ;;
101 -t|--types)
102 shift; TYPES=$1
103 ;;
104 -V|--verify)
105 shift; VERIFIES=$1
106 ;;
107 -p|--peers)
108 shift; PEERS=$1
109 ;;
110 -v|--verbose)
111 VERBOSE=1
112 ;;
113 -M|--memcheck)
114 MEMCHECK=1
115 ;;
116 -h|--help)
117 print_usage
118 exit 0
119 ;;
120 *)
121 echo "Unknown argument: '$1'"
122 print_usage
123 exit 1
124 ;;
125 esac
126 shift
127 done
128
129 # sanitize some options (modes checked later)
130 VERIFIES="$( echo $VERIFIES | tr [a-z] [A-Z] )"
131 TYPES="$( echo $TYPES | tr [a-z] [A-Z] )"
132}
133
134log() {
135 if [ "X" != "X$VERBOSE" ]; then
136 echo ""
137 echo "$@"
138 fi
139}
140
141# is_dtls <mode>
142is_dtls()
143{
144 test "$1" = "dtls1" -o "$1" = "dtls1_2"
145}
146
147# minor_ver <mode>
148minor_ver()
149{
150 case "$1" in
151 ssl3)
152 echo 0
153 ;;
154 tls1)
155 echo 1
156 ;;
157 tls1_1|dtls1)
158 echo 2
159 ;;
160 tls1_2|dtls1_2)
161 echo 3
162 ;;
163 *)
164 echo "error: invalid mode: $MODE" >&2
165 # exiting is no good here, typically called in a subshell
166 echo -1
167 esac
168}
169
170filter()
171{
172 LIST="$1"
173 NEW_LIST=""
174
175 if is_dtls "$MODE"; then
176 EXCLMODE="$EXCLUDE"'\|RC4\|ARCFOUR'
177 else
178 EXCLMODE="$EXCLUDE"
179 fi
180
181 for i in $LIST;
182 do
183 NEW_LIST="$NEW_LIST $( echo "$i" | grep "$FILTER" | grep -v "$EXCLMODE" )"
184 done
185
186 # normalize whitespace
187 echo "$NEW_LIST" | sed -e 's/[[:space:]][[:space:]]*/ /g' -e 's/^ //' -e 's/ $//'
188}
189
190# OpenSSL 1.0.1h with -Verify wants a ClientCertificate message even for
191# PSK ciphersuites with DTLS, which is incorrect, so disable them for now
192check_openssl_server_bug()
193{
194 if test "X$VERIFY" = "XYES" && is_dtls "$MODE" && \
195 echo "$1" | grep "^TLS-PSK" >/dev/null;
196 then
197 SKIP_NEXT="YES"
198 fi
199}
200
201filter_ciphersuites()
202{
203 if [ "X" != "X$FILTER" -o "X" != "X$EXCLUDE" ];
204 then
205 # Ciphersuite for mbed TLS
206 M_CIPHERS=$( filter "$M_CIPHERS" )
207
208 # Ciphersuite for OpenSSL
209 O_CIPHERS=$( filter "$O_CIPHERS" )
210
211 # Ciphersuite for GnuTLS
212 G_CIPHERS=$( filter "$G_CIPHERS" )
213 fi
214
215 # OpenSSL 1.0.1h doesn't support DTLS 1.2
216 if [ `minor_ver "$MODE"` -ge 3 ] && is_dtls "$MODE"; then
217 O_CIPHERS=""
218 case "$PEER" in
219 [Oo]pen*)
220 M_CIPHERS=""
221 ;;
222 esac
223 fi
224
225 # For GnuTLS client -> mbed TLS server,
226 # we need to force IPv4 by connecting to 127.0.0.1 but then auth fails
227 if [ "X$VERIFY" = "XYES" ] && is_dtls "$MODE"; then
228 G_CIPHERS=""
229 fi
230}
231
232reset_ciphersuites()
233{
234 M_CIPHERS=""
235 O_CIPHERS=""
236 G_CIPHERS=""
237}
238
239# Ciphersuites that can be used with all peers.
240# Since we currently have three possible peers, each ciphersuite should appear
241# three times: in each peer's list (with the name that this peer uses).
242add_common_ciphersuites()
243{
244 case $TYPE in
245
246 "ECDSA")
247 if [ `minor_ver "$MODE"` -gt 0 ]
248 then
249 M_CIPHERS="$M_CIPHERS \
250 TLS-ECDHE-ECDSA-WITH-NULL-SHA \
251 TLS-ECDHE-ECDSA-WITH-RC4-128-SHA \
252 TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA \
253 TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA \
254 TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA \
255 "
256 G_CIPHERS="$G_CIPHERS \
257 +ECDHE-ECDSA:+NULL:+SHA1 \
258 +ECDHE-ECDSA:+ARCFOUR-128:+SHA1 \
259 +ECDHE-ECDSA:+3DES-CBC:+SHA1 \
260 +ECDHE-ECDSA:+AES-128-CBC:+SHA1 \
261 +ECDHE-ECDSA:+AES-256-CBC:+SHA1 \
262 "
263 O_CIPHERS="$O_CIPHERS \
264 ECDHE-ECDSA-NULL-SHA \
265 ECDHE-ECDSA-RC4-SHA \
266 ECDHE-ECDSA-DES-CBC3-SHA \
267 ECDHE-ECDSA-AES128-SHA \
268 ECDHE-ECDSA-AES256-SHA \
269 "
270 fi
271 if [ `minor_ver "$MODE"` -ge 3 ]
272 then
273 M_CIPHERS="$M_CIPHERS \
274 TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 \
275 TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384 \
276 TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
277 TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 \
278 "
279 G_CIPHERS="$G_CIPHERS \
280 +ECDHE-ECDSA:+AES-128-CBC:+SHA256 \
281 +ECDHE-ECDSA:+AES-256-CBC:+SHA384 \
282 +ECDHE-ECDSA:+AES-128-GCM:+AEAD \
283 +ECDHE-ECDSA:+AES-256-GCM:+AEAD \
284 "
285 O_CIPHERS="$O_CIPHERS \
286 ECDHE-ECDSA-AES128-SHA256 \
287 ECDHE-ECDSA-AES256-SHA384 \
288 ECDHE-ECDSA-AES128-GCM-SHA256 \
289 ECDHE-ECDSA-AES256-GCM-SHA384 \
290 "
291 fi
292 ;;
293
294 "RSA")
295 M_CIPHERS="$M_CIPHERS \
296 TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
297 TLS-DHE-RSA-WITH-AES-256-CBC-SHA \
298 TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA \
299 TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA \
300 TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA \
301 TLS-RSA-WITH-AES-256-CBC-SHA \
302 TLS-RSA-WITH-CAMELLIA-256-CBC-SHA \
303 TLS-RSA-WITH-AES-128-CBC-SHA \
304 TLS-RSA-WITH-CAMELLIA-128-CBC-SHA \
305 TLS-RSA-WITH-3DES-EDE-CBC-SHA \
306 TLS-RSA-WITH-RC4-128-SHA \
307 TLS-RSA-WITH-RC4-128-MD5 \
308 TLS-RSA-WITH-NULL-MD5 \
309 TLS-RSA-WITH-NULL-SHA \
310 "
311 G_CIPHERS="$G_CIPHERS \
312 +DHE-RSA:+AES-128-CBC:+SHA1 \
313 +DHE-RSA:+AES-256-CBC:+SHA1 \
314 +DHE-RSA:+CAMELLIA-128-CBC:+SHA1 \
315 +DHE-RSA:+CAMELLIA-256-CBC:+SHA1 \
316 +DHE-RSA:+3DES-CBC:+SHA1 \
317 +RSA:+AES-256-CBC:+SHA1 \
318 +RSA:+CAMELLIA-256-CBC:+SHA1 \
319 +RSA:+AES-128-CBC:+SHA1 \
320 +RSA:+CAMELLIA-128-CBC:+SHA1 \
321 +RSA:+3DES-CBC:+SHA1 \
322 +RSA:+ARCFOUR-128:+SHA1 \
323 +RSA:+ARCFOUR-128:+MD5 \
324 +RSA:+NULL:+MD5 \
325 +RSA:+NULL:+SHA1 \
326 "
327 O_CIPHERS="$O_CIPHERS \
328 DHE-RSA-AES128-SHA \
329 DHE-RSA-AES256-SHA \
330 DHE-RSA-CAMELLIA128-SHA \
331 DHE-RSA-CAMELLIA256-SHA \
332 EDH-RSA-DES-CBC3-SHA \
333 AES256-SHA \
334 CAMELLIA256-SHA \
335 AES128-SHA \
336 CAMELLIA128-SHA \
337 DES-CBC3-SHA \
338 RC4-SHA \
339 RC4-MD5 \
340 NULL-MD5 \
341 NULL-SHA \
342 "
343 if [ `minor_ver "$MODE"` -gt 0 ]
344 then
345 M_CIPHERS="$M_CIPHERS \
346 TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA \
347 TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA \
348 TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA \
349 TLS-ECDHE-RSA-WITH-RC4-128-SHA \
350 TLS-ECDHE-RSA-WITH-NULL-SHA \
351 "
352 G_CIPHERS="$G_CIPHERS \
353 +ECDHE-RSA:+AES-128-CBC:+SHA1 \
354 +ECDHE-RSA:+AES-256-CBC:+SHA1 \
355 +ECDHE-RSA:+3DES-CBC:+SHA1 \
356 +ECDHE-RSA:+ARCFOUR-128:+SHA1 \
357 +ECDHE-RSA:+NULL:+SHA1 \
358 "
359 O_CIPHERS="$O_CIPHERS \
360 ECDHE-RSA-AES256-SHA \
361 ECDHE-RSA-AES128-SHA \
362 ECDHE-RSA-DES-CBC3-SHA \
363 ECDHE-RSA-RC4-SHA \
364 ECDHE-RSA-NULL-SHA \
365 "
366 fi
367 if [ `minor_ver "$MODE"` -ge 3 ]
368 then
369 M_CIPHERS="$M_CIPHERS \
370 TLS-RSA-WITH-AES-128-CBC-SHA256 \
371 TLS-DHE-RSA-WITH-AES-128-CBC-SHA256 \
372 TLS-RSA-WITH-AES-256-CBC-SHA256 \
373 TLS-DHE-RSA-WITH-AES-256-CBC-SHA256 \
374 TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256 \
375 TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384 \
376 TLS-RSA-WITH-AES-128-GCM-SHA256 \
377 TLS-RSA-WITH-AES-256-GCM-SHA384 \
378 TLS-DHE-RSA-WITH-AES-128-GCM-SHA256 \
379 TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 \
380 TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 \
381 TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384 \
382 "
383 G_CIPHERS="$G_CIPHERS \
384 +RSA:+AES-128-CBC:+SHA256 \
385 +DHE-RSA:+AES-128-CBC:+SHA256 \
386 +RSA:+AES-256-CBC:+SHA256 \
387 +DHE-RSA:+AES-256-CBC:+SHA256 \
388 +ECDHE-RSA:+AES-128-CBC:+SHA256 \
389 +ECDHE-RSA:+AES-256-CBC:+SHA384 \
390 +RSA:+AES-128-GCM:+AEAD \
391 +RSA:+AES-256-GCM:+AEAD \
392 +DHE-RSA:+AES-128-GCM:+AEAD \
393 +DHE-RSA:+AES-256-GCM:+AEAD \
394 +ECDHE-RSA:+AES-128-GCM:+AEAD \
395 +ECDHE-RSA:+AES-256-GCM:+AEAD \
396 "
397 O_CIPHERS="$O_CIPHERS \
398 NULL-SHA256 \
399 AES128-SHA256 \
400 DHE-RSA-AES128-SHA256 \
401 AES256-SHA256 \
402 DHE-RSA-AES256-SHA256 \
403 ECDHE-RSA-AES128-SHA256 \
404 ECDHE-RSA-AES256-SHA384 \
405 AES128-GCM-SHA256 \
406 DHE-RSA-AES128-GCM-SHA256 \
407 AES256-GCM-SHA384 \
408 DHE-RSA-AES256-GCM-SHA384 \
409 ECDHE-RSA-AES128-GCM-SHA256 \
410 ECDHE-RSA-AES256-GCM-SHA384 \
411 "
412 fi
413 ;;
414
415 "PSK")
416 M_CIPHERS="$M_CIPHERS \
417 TLS-PSK-WITH-RC4-128-SHA \
418 TLS-PSK-WITH-3DES-EDE-CBC-SHA \
419 TLS-PSK-WITH-AES-128-CBC-SHA \
420 TLS-PSK-WITH-AES-256-CBC-SHA \
421 "
422 G_CIPHERS="$G_CIPHERS \
423 +PSK:+ARCFOUR-128:+SHA1 \
424 +PSK:+3DES-CBC:+SHA1 \
425 +PSK:+AES-128-CBC:+SHA1 \
426 +PSK:+AES-256-CBC:+SHA1 \
427 "
428 O_CIPHERS="$O_CIPHERS \
429 PSK-RC4-SHA \
430 PSK-3DES-EDE-CBC-SHA \
431 PSK-AES128-CBC-SHA \
432 PSK-AES256-CBC-SHA \
433 "
434 ;;
435 esac
436}
437
438# Ciphersuites usable only with Mbed TLS and OpenSSL
439# Each ciphersuite should appear two times, once with its OpenSSL name, once
440# with its Mbed TLS name.
441#
442# NOTE: for some reason RSA-PSK doesn't work with OpenSSL,
443# so RSA-PSK ciphersuites need to go in other sections, see
444# https://github.com/ARMmbed/mbedtls/issues/1419
445#
446# ChachaPoly suites are here rather than in "common", as they were added in
447# GnuTLS in 3.5.0 and the CI only has 3.4.x so far.
448add_openssl_ciphersuites()
449{
450 case $TYPE in
451
452 "ECDSA")
453 if [ `minor_ver "$MODE"` -gt 0 ]
454 then
455 M_CIPHERS="$M_CIPHERS \
456 TLS-ECDH-ECDSA-WITH-NULL-SHA \
457 TLS-ECDH-ECDSA-WITH-RC4-128-SHA \
458 TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA \
459 TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA \
460 TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA \
461 "
462 O_CIPHERS="$O_CIPHERS \
463 ECDH-ECDSA-NULL-SHA \
464 ECDH-ECDSA-RC4-SHA \
465 ECDH-ECDSA-DES-CBC3-SHA \
466 ECDH-ECDSA-AES128-SHA \
467 ECDH-ECDSA-AES256-SHA \
468 "
469 fi
470 if [ `minor_ver "$MODE"` -ge 3 ]
471 then
472 M_CIPHERS="$M_CIPHERS \
473 TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256 \
474 TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384 \
475 TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256 \
476 TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384 \
477 TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384 \
478 TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256 \
479 TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256 \
480 "
481 O_CIPHERS="$O_CIPHERS \
482 ECDH-ECDSA-AES128-SHA256 \
483 ECDH-ECDSA-AES256-SHA384 \
484 ECDH-ECDSA-AES128-GCM-SHA256 \
485 ECDH-ECDSA-AES256-GCM-SHA384 \
486 ECDHE-ECDSA-ARIA256-GCM-SHA384 \
487 ECDHE-ECDSA-ARIA128-GCM-SHA256 \
488 ECDHE-ECDSA-CHACHA20-POLY1305 \
489 "
490 fi
491 ;;
492
493 "RSA")
494 M_CIPHERS="$M_CIPHERS \
495 TLS-RSA-WITH-DES-CBC-SHA \
496 TLS-DHE-RSA-WITH-DES-CBC-SHA \
497 "
498 O_CIPHERS="$O_CIPHERS \
499 DES-CBC-SHA \
500 EDH-RSA-DES-CBC-SHA \
501 "
502 if [ `minor_ver "$MODE"` -ge 3 ]
503 then
504 M_CIPHERS="$M_CIPHERS \
505 TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384 \
506 TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384 \
507 TLS-RSA-WITH-ARIA-256-GCM-SHA384 \
508 TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256 \
509 TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256 \
510 TLS-RSA-WITH-ARIA-128-GCM-SHA256 \
511 TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256 \
512 TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256 \
513 "
514 O_CIPHERS="$O_CIPHERS \
515 ECDHE-ARIA256-GCM-SHA384 \
516 DHE-RSA-ARIA256-GCM-SHA384 \
517 ARIA256-GCM-SHA384 \
518 ECDHE-ARIA128-GCM-SHA256 \
519 DHE-RSA-ARIA128-GCM-SHA256 \
520 ARIA128-GCM-SHA256 \
521 DHE-RSA-CHACHA20-POLY1305 \
522 ECDHE-RSA-CHACHA20-POLY1305 \
523 "
524 fi
525 ;;
526
527 "PSK")
528 if [ `minor_ver "$MODE"` -ge 3 ]
529 then
530 M_CIPHERS="$M_CIPHERS \
531 TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384 \
532 TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256 \
533 TLS-PSK-WITH-ARIA-256-GCM-SHA384 \
534 TLS-PSK-WITH-ARIA-128-GCM-SHA256 \
535 TLS-PSK-WITH-CHACHA20-POLY1305-SHA256 \
536 TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256 \
537 TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256 \
538 "
539 O_CIPHERS="$O_CIPHERS \
540 DHE-PSK-ARIA256-GCM-SHA384 \
541 DHE-PSK-ARIA128-GCM-SHA256 \
542 PSK-ARIA256-GCM-SHA384 \
543 PSK-ARIA128-GCM-SHA256 \
544 DHE-PSK-CHACHA20-POLY1305 \
545 ECDHE-PSK-CHACHA20-POLY1305 \
546 PSK-CHACHA20-POLY1305 \
547 "
548 fi
549 ;;
550 esac
551}
552
553# Ciphersuites usable only with Mbed TLS and GnuTLS
554# Each ciphersuite should appear two times, once with its GnuTLS name, once
555# with its Mbed TLS name.
556add_gnutls_ciphersuites()
557{
558 case $TYPE in
559
560 "ECDSA")
561 if [ `minor_ver "$MODE"` -ge 3 ]
562 then
563 M_CIPHERS="$M_CIPHERS \
564 TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256 \
565 TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 \
566 TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256 \
567 TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384 \
568 TLS-ECDHE-ECDSA-WITH-AES-128-CCM \
569 TLS-ECDHE-ECDSA-WITH-AES-256-CCM \
570 TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 \
571 TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8 \
572 "
573 G_CIPHERS="$G_CIPHERS \
574 +ECDHE-ECDSA:+CAMELLIA-128-CBC:+SHA256 \
575 +ECDHE-ECDSA:+CAMELLIA-256-CBC:+SHA384 \
576 +ECDHE-ECDSA:+CAMELLIA-128-GCM:+AEAD \
577 +ECDHE-ECDSA:+CAMELLIA-256-GCM:+AEAD \
578 +ECDHE-ECDSA:+AES-128-CCM:+AEAD \
579 +ECDHE-ECDSA:+AES-256-CCM:+AEAD \
580 +ECDHE-ECDSA:+AES-128-CCM-8:+AEAD \
581 +ECDHE-ECDSA:+AES-256-CCM-8:+AEAD \
582 "
583 fi
584 ;;
585
586 "RSA")
587 if [ `minor_ver "$MODE"` -gt 0 ]
588 then
589 M_CIPHERS="$M_CIPHERS \
590 TLS-RSA-WITH-NULL-SHA256 \
591 "
592 G_CIPHERS="$G_CIPHERS \
593 +RSA:+NULL:+SHA256 \
594 "
595 fi
596 if [ `minor_ver "$MODE"` -ge 3 ]
597 then
598 M_CIPHERS="$M_CIPHERS \
599 TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 \
600 TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384 \
601 TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256 \
602 TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256 \
603 TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 \
604 TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256 \
605 TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256 \
606 TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384 \
607 TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256 \
608 TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384 \
609 TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256 \
610 TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384 \
611 TLS-RSA-WITH-AES-128-CCM \
612 TLS-RSA-WITH-AES-256-CCM \
613 TLS-DHE-RSA-WITH-AES-128-CCM \
614 TLS-DHE-RSA-WITH-AES-256-CCM \
615 TLS-RSA-WITH-AES-128-CCM-8 \
616 TLS-RSA-WITH-AES-256-CCM-8 \
617 TLS-DHE-RSA-WITH-AES-128-CCM-8 \
618 TLS-DHE-RSA-WITH-AES-256-CCM-8 \
619 "
620 G_CIPHERS="$G_CIPHERS \
621 +ECDHE-RSA:+CAMELLIA-128-CBC:+SHA256 \
622 +ECDHE-RSA:+CAMELLIA-256-CBC:+SHA384 \
623 +RSA:+CAMELLIA-128-CBC:+SHA256 \
624 +RSA:+CAMELLIA-256-CBC:+SHA256 \
625 +DHE-RSA:+CAMELLIA-128-CBC:+SHA256 \
626 +DHE-RSA:+CAMELLIA-256-CBC:+SHA256 \
627 +ECDHE-RSA:+CAMELLIA-128-GCM:+AEAD \
628 +ECDHE-RSA:+CAMELLIA-256-GCM:+AEAD \
629 +DHE-RSA:+CAMELLIA-128-GCM:+AEAD \
630 +DHE-RSA:+CAMELLIA-256-GCM:+AEAD \
631 +RSA:+CAMELLIA-128-GCM:+AEAD \
632 +RSA:+CAMELLIA-256-GCM:+AEAD \
633 +RSA:+AES-128-CCM:+AEAD \
634 +RSA:+AES-256-CCM:+AEAD \
635 +RSA:+AES-128-CCM-8:+AEAD \
636 +RSA:+AES-256-CCM-8:+AEAD \
637 +DHE-RSA:+AES-128-CCM:+AEAD \
638 +DHE-RSA:+AES-256-CCM:+AEAD \
639 +DHE-RSA:+AES-128-CCM-8:+AEAD \
640 +DHE-RSA:+AES-256-CCM-8:+AEAD \
641 "
642 fi
643 ;;
644
645 "PSK")
646 M_CIPHERS="$M_CIPHERS \
647 TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA \
648 TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
649 TLS-DHE-PSK-WITH-AES-256-CBC-SHA \
650 TLS-DHE-PSK-WITH-RC4-128-SHA \
651 "
652 G_CIPHERS="$G_CIPHERS \
653 +DHE-PSK:+3DES-CBC:+SHA1 \
654 +DHE-PSK:+AES-128-CBC:+SHA1 \
655 +DHE-PSK:+AES-256-CBC:+SHA1 \
656 +DHE-PSK:+ARCFOUR-128:+SHA1 \
657 "
658 if [ `minor_ver "$MODE"` -gt 0 ]
659 then
660 M_CIPHERS="$M_CIPHERS \
661 TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA \
662 TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \
663 TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA \
664 TLS-ECDHE-PSK-WITH-RC4-128-SHA \
665 TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA \
666 TLS-RSA-PSK-WITH-AES-256-CBC-SHA \
667 TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
668 TLS-RSA-PSK-WITH-RC4-128-SHA \
669 "
670 G_CIPHERS="$G_CIPHERS \
671 +ECDHE-PSK:+3DES-CBC:+SHA1 \
672 +ECDHE-PSK:+AES-128-CBC:+SHA1 \
673 +ECDHE-PSK:+AES-256-CBC:+SHA1 \
674 +ECDHE-PSK:+ARCFOUR-128:+SHA1 \
675 +RSA-PSK:+3DES-CBC:+SHA1 \
676 +RSA-PSK:+AES-256-CBC:+SHA1 \
677 +RSA-PSK:+AES-128-CBC:+SHA1 \
678 +RSA-PSK:+ARCFOUR-128:+SHA1 \
679 "
680 fi
681 if [ `minor_ver "$MODE"` -ge 3 ]
682 then
683 M_CIPHERS="$M_CIPHERS \
684 TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
685 TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384 \
686 TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \
687 TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256 \
688 TLS-ECDHE-PSK-WITH-NULL-SHA384 \
689 TLS-ECDHE-PSK-WITH-NULL-SHA256 \
690 TLS-PSK-WITH-AES-128-CBC-SHA256 \
691 TLS-PSK-WITH-AES-256-CBC-SHA384 \
692 TLS-DHE-PSK-WITH-AES-128-CBC-SHA256 \
693 TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
694 TLS-PSK-WITH-NULL-SHA256 \
695 TLS-PSK-WITH-NULL-SHA384 \
696 TLS-DHE-PSK-WITH-NULL-SHA256 \
697 TLS-DHE-PSK-WITH-NULL-SHA384 \
698 TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
699 TLS-RSA-PSK-WITH-AES-128-CBC-SHA256 \
700 TLS-RSA-PSK-WITH-NULL-SHA256 \
701 TLS-RSA-PSK-WITH-NULL-SHA384 \
702 TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256 \
703 TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384 \
704 TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256 \
705 TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384 \
706 TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384 \
707 TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256 \
708 TLS-PSK-WITH-AES-128-GCM-SHA256 \
709 TLS-PSK-WITH-AES-256-GCM-SHA384 \
710 TLS-DHE-PSK-WITH-AES-128-GCM-SHA256 \
711 TLS-DHE-PSK-WITH-AES-256-GCM-SHA384 \
712 TLS-PSK-WITH-AES-128-CCM \
713 TLS-PSK-WITH-AES-256-CCM \
714 TLS-DHE-PSK-WITH-AES-128-CCM \
715 TLS-DHE-PSK-WITH-AES-256-CCM \
716 TLS-PSK-WITH-AES-128-CCM-8 \
717 TLS-PSK-WITH-AES-256-CCM-8 \
718 TLS-DHE-PSK-WITH-AES-128-CCM-8 \
719 TLS-DHE-PSK-WITH-AES-256-CCM-8 \
720 TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256 \
721 TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384 \
722 TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256 \
723 TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384 \
724 TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256 \
725 TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384 \
726 TLS-RSA-PSK-WITH-AES-256-GCM-SHA384 \
727 TLS-RSA-PSK-WITH-AES-128-GCM-SHA256 \
728 "
729 G_CIPHERS="$G_CIPHERS \
730 +ECDHE-PSK:+AES-256-CBC:+SHA384 \
731 +ECDHE-PSK:+CAMELLIA-256-CBC:+SHA384 \
732 +ECDHE-PSK:+AES-128-CBC:+SHA256 \
733 +ECDHE-PSK:+CAMELLIA-128-CBC:+SHA256 \
734 +PSK:+AES-128-CBC:+SHA256 \
735 +PSK:+AES-256-CBC:+SHA384 \
736 +DHE-PSK:+AES-128-CBC:+SHA256 \
737 +DHE-PSK:+AES-256-CBC:+SHA384 \
738 +RSA-PSK:+AES-256-CBC:+SHA384 \
739 +RSA-PSK:+AES-128-CBC:+SHA256 \
740 +DHE-PSK:+CAMELLIA-128-CBC:+SHA256 \
741 +DHE-PSK:+CAMELLIA-256-CBC:+SHA384 \
742 +PSK:+CAMELLIA-128-CBC:+SHA256 \
743 +PSK:+CAMELLIA-256-CBC:+SHA384 \
744 +RSA-PSK:+CAMELLIA-256-CBC:+SHA384 \
745 +RSA-PSK:+CAMELLIA-128-CBC:+SHA256 \
746 +PSK:+AES-128-GCM:+AEAD \
747 +PSK:+AES-256-GCM:+AEAD \
748 +DHE-PSK:+AES-128-GCM:+AEAD \
749 +DHE-PSK:+AES-256-GCM:+AEAD \
750 +PSK:+AES-128-CCM:+AEAD \
751 +PSK:+AES-256-CCM:+AEAD \
752 +DHE-PSK:+AES-128-CCM:+AEAD \
753 +DHE-PSK:+AES-256-CCM:+AEAD \
754 +PSK:+AES-128-CCM-8:+AEAD \
755 +PSK:+AES-256-CCM-8:+AEAD \
756 +DHE-PSK:+AES-128-CCM-8:+AEAD \
757 +DHE-PSK:+AES-256-CCM-8:+AEAD \
758 +RSA-PSK:+CAMELLIA-128-GCM:+AEAD \
759 +RSA-PSK:+CAMELLIA-256-GCM:+AEAD \
760 +PSK:+CAMELLIA-128-GCM:+AEAD \
761 +PSK:+CAMELLIA-256-GCM:+AEAD \
762 +DHE-PSK:+CAMELLIA-128-GCM:+AEAD \
763 +DHE-PSK:+CAMELLIA-256-GCM:+AEAD \
764 +RSA-PSK:+AES-256-GCM:+AEAD \
765 +RSA-PSK:+AES-128-GCM:+AEAD \
766 +ECDHE-PSK:+NULL:+SHA384 \
767 +ECDHE-PSK:+NULL:+SHA256 \
768 +PSK:+NULL:+SHA256 \
769 +PSK:+NULL:+SHA384 \
770 +DHE-PSK:+NULL:+SHA256 \
771 +DHE-PSK:+NULL:+SHA384 \
772 +RSA-PSK:+NULL:+SHA256 \
773 +RSA-PSK:+NULL:+SHA384 \
774 "
775 fi
776 ;;
777 esac
778}
779
780# Ciphersuites usable only with Mbed TLS (not currently supported by another
781# peer usable in this script). This provide only very rudimentaty testing, as
782# this is not interop testing, but it's better than nothing.
783add_mbedtls_ciphersuites()
784{
785 case $TYPE in
786
787 "ECDSA")
788 if [ `minor_ver "$MODE"` -gt 0 ]
789 then
790 M_CIPHERS="$M_CIPHERS \
791 TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256 \
792 TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 \
793 "
794 fi
795 if [ `minor_ver "$MODE"` -ge 3 ]
796 then
797 M_CIPHERS="$M_CIPHERS \
798 TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256 \
799 TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384 \
800 TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384 \
801 TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256 \
802 TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384 \
803 TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256 \
804 TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384 \
805 TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256 \
806 "
807 fi
808 ;;
809
810 "RSA")
811 if [ `minor_ver "$MODE"` -ge 3 ]
812 then
813 M_CIPHERS="$M_CIPHERS \
814 TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384 \
815 TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384 \
816 TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256 \
817 TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256 \
818 TLS-RSA-WITH-ARIA-256-CBC-SHA384 \
819 TLS-RSA-WITH-ARIA-128-CBC-SHA256 \
820 "
821 fi
822 ;;
823
824 "PSK")
825 # *PSK-NULL-SHA suites supported by GnuTLS 3.3.5 but not 3.2.15
826 M_CIPHERS="$M_CIPHERS \
827 TLS-PSK-WITH-NULL-SHA \
828 TLS-DHE-PSK-WITH-NULL-SHA \
829 "
830 if [ `minor_ver "$MODE"` -gt 0 ]
831 then
832 M_CIPHERS="$M_CIPHERS \
833 TLS-ECDHE-PSK-WITH-NULL-SHA \
834 TLS-RSA-PSK-WITH-NULL-SHA \
835 "
836 fi
837 if [ `minor_ver "$MODE"` -ge 3 ]
838 then
839 M_CIPHERS="$M_CIPHERS \
840 TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384 \
841 TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256 \
842 TLS-PSK-WITH-ARIA-256-CBC-SHA384 \
843 TLS-PSK-WITH-ARIA-128-CBC-SHA256 \
844 TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384 \
845 TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256 \
846 TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384 \
847 TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256 \
848 TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384 \
849 TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256 \
850 TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256 \
851 "
852 fi
853 ;;
854 esac
855}
856
857setup_arguments()
858{
859 G_MODE=""
860 case "$MODE" in
861 "ssl3")
862 G_PRIO_MODE="+VERS-SSL3.0"
863 ;;
864 "tls1")
865 G_PRIO_MODE="+VERS-TLS1.0"
866 ;;
867 "tls1_1")
868 G_PRIO_MODE="+VERS-TLS1.1"
869 ;;
870 "tls1_2")
871 G_PRIO_MODE="+VERS-TLS1.2"
872 ;;
873 "dtls1")
874 G_PRIO_MODE="+VERS-DTLS1.0"
875 G_MODE="-u"
876 ;;
877 "dtls1_2")
878 G_PRIO_MODE="+VERS-DTLS1.2"
879 G_MODE="-u"
880 ;;
881 *)
882 echo "error: invalid mode: $MODE" >&2
883 exit 1;
884 esac
885
886 # GnuTLS < 3.4 will choke if we try to allow CCM-8
887 if [ -z "${GNUTLS_MINOR_LT_FOUR-}" ]; then
888 G_PRIO_CCM="+AES-256-CCM-8:+AES-128-CCM-8:"
889 else
890 G_PRIO_CCM=""
891 fi
892
893 M_SERVER_ARGS="server_port=$PORT server_addr=0.0.0.0 force_version=$MODE arc4=1"
894 O_SERVER_ARGS="-accept $PORT -cipher NULL,ALL -$MODE -dhparam data_files/dhparams.pem"
895 G_SERVER_ARGS="-p $PORT --http $G_MODE"
896 G_SERVER_PRIO="NORMAL:${G_PRIO_CCM}+ARCFOUR-128:+NULL:+MD5:+PSK:+DHE-PSK:+ECDHE-PSK:+RSA-PSK:-VERS-TLS-ALL:$G_PRIO_MODE"
897
898 # with OpenSSL 1.0.1h, -www, -WWW and -HTTP break DTLS handshakes
899 if is_dtls "$MODE"; then
900 O_SERVER_ARGS="$O_SERVER_ARGS"
901 else
902 O_SERVER_ARGS="$O_SERVER_ARGS -www"
903 fi
904
905 M_CLIENT_ARGS="server_port=$PORT server_addr=127.0.0.1 force_version=$MODE"
906 O_CLIENT_ARGS="-connect localhost:$PORT -$MODE"
907 G_CLIENT_ARGS="-p $PORT --debug 3 $G_MODE"
908 G_CLIENT_PRIO="NONE:$G_PRIO_MODE:+COMP-NULL:+CURVE-ALL:+SIGN-ALL"
909
910 if [ "X$VERIFY" = "XYES" ];
911 then
912 M_SERVER_ARGS="$M_SERVER_ARGS ca_file=data_files/test-ca_cat12.crt auth_mode=required"
913 O_SERVER_ARGS="$O_SERVER_ARGS -CAfile data_files/test-ca_cat12.crt -Verify 10"
914 G_SERVER_ARGS="$G_SERVER_ARGS --x509cafile data_files/test-ca_cat12.crt --require-client-cert"
915
916 M_CLIENT_ARGS="$M_CLIENT_ARGS ca_file=data_files/test-ca_cat12.crt auth_mode=required"
917 O_CLIENT_ARGS="$O_CLIENT_ARGS -CAfile data_files/test-ca_cat12.crt -verify 10"
918 G_CLIENT_ARGS="$G_CLIENT_ARGS --x509cafile data_files/test-ca_cat12.crt"
919 else
920 # don't request a client cert at all
921 M_SERVER_ARGS="$M_SERVER_ARGS ca_file=none auth_mode=none"
922 G_SERVER_ARGS="$G_SERVER_ARGS --disable-client-cert"
923
924 M_CLIENT_ARGS="$M_CLIENT_ARGS ca_file=none auth_mode=none"
925 O_CLIENT_ARGS="$O_CLIENT_ARGS"
926 G_CLIENT_ARGS="$G_CLIENT_ARGS --insecure"
927 fi
928
929 case $TYPE in
930 "ECDSA")
931 M_SERVER_ARGS="$M_SERVER_ARGS crt_file=data_files/server5.crt key_file=data_files/server5.key"
932 O_SERVER_ARGS="$O_SERVER_ARGS -cert data_files/server5.crt -key data_files/server5.key"
933 G_SERVER_ARGS="$G_SERVER_ARGS --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key"
934
935 if [ "X$VERIFY" = "XYES" ]; then
936 M_CLIENT_ARGS="$M_CLIENT_ARGS crt_file=data_files/server6.crt key_file=data_files/server6.key"
937 O_CLIENT_ARGS="$O_CLIENT_ARGS -cert data_files/server6.crt -key data_files/server6.key"
938 G_CLIENT_ARGS="$G_CLIENT_ARGS --x509certfile data_files/server6.crt --x509keyfile data_files/server6.key"
939 else
940 M_CLIENT_ARGS="$M_CLIENT_ARGS crt_file=none key_file=none"
941 fi
942 ;;
943
944 "RSA")
945 M_SERVER_ARGS="$M_SERVER_ARGS crt_file=data_files/server2.crt key_file=data_files/server2.key"
946 O_SERVER_ARGS="$O_SERVER_ARGS -cert data_files/server2.crt -key data_files/server2.key"
947 G_SERVER_ARGS="$G_SERVER_ARGS --x509certfile data_files/server2.crt --x509keyfile data_files/server2.key"
948
949 if [ "X$VERIFY" = "XYES" ]; then
950 M_CLIENT_ARGS="$M_CLIENT_ARGS crt_file=data_files/server1.crt key_file=data_files/server1.key"
951 O_CLIENT_ARGS="$O_CLIENT_ARGS -cert data_files/server1.crt -key data_files/server1.key"
952 G_CLIENT_ARGS="$G_CLIENT_ARGS --x509certfile data_files/server1.crt --x509keyfile data_files/server1.key"
953 else
954 M_CLIENT_ARGS="$M_CLIENT_ARGS crt_file=none key_file=none"
955 fi
956
957 # Allow SHA-1. It's disabled by default for security reasons but
958 # our tests still use certificates signed with it.
959 M_SERVER_ARGS="$M_SERVER_ARGS allow_sha1=1"
960 M_CLIENT_ARGS="$M_CLIENT_ARGS allow_sha1=1"
961 ;;
962
963 "PSK")
964 # give RSA-PSK-capable server a RSA cert
965 # (should be a separate type, but harder to close with openssl)
966 M_SERVER_ARGS="$M_SERVER_ARGS psk=6162636465666768696a6b6c6d6e6f70 ca_file=none crt_file=data_files/server2.crt key_file=data_files/server2.key"
967 O_SERVER_ARGS="$O_SERVER_ARGS -psk 6162636465666768696a6b6c6d6e6f70 -nocert"
968 G_SERVER_ARGS="$G_SERVER_ARGS --x509certfile data_files/server2.crt --x509keyfile data_files/server2.key --pskpasswd data_files/passwd.psk"
969
970 M_CLIENT_ARGS="$M_CLIENT_ARGS psk=6162636465666768696a6b6c6d6e6f70 crt_file=none key_file=none"
971 O_CLIENT_ARGS="$O_CLIENT_ARGS -psk 6162636465666768696a6b6c6d6e6f70"
972 G_CLIENT_ARGS="$G_CLIENT_ARGS --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70"
973
974 # Allow SHA-1. It's disabled by default for security reasons but
975 # our tests still use certificates signed with it.
976 M_SERVER_ARGS="$M_SERVER_ARGS allow_sha1=1"
977 M_CLIENT_ARGS="$M_CLIENT_ARGS allow_sha1=1"
978 ;;
979 esac
980}
981
982# is_mbedtls <cmd_line>
983is_mbedtls() {
984 echo "$1" | grep 'ssl_server2\|ssl_client2' > /dev/null
985}
986
987# has_mem_err <log_file_name>
988has_mem_err() {
989 if ( grep -F 'All heap blocks were freed -- no leaks are possible' "$1" &&
990 grep -F 'ERROR SUMMARY: 0 errors from 0 contexts' "$1" ) > /dev/null
991 then
992 return 1 # false: does not have errors
993 else
994 return 0 # true: has errors
995 fi
996}
997
998# Wait for process $2 to be listening on port $1
999if type lsof >/dev/null 2>/dev/null; then
1000 wait_server_start() {
1001 START_TIME=$(date +%s)
1002 if is_dtls "$MODE"; then
1003 proto=UDP
1004 else
1005 proto=TCP
1006 fi
1007 while ! lsof -a -n -b -i "$proto:$1" -p "$2" >/dev/null 2>/dev/null; do
1008 if [ $(( $(date +%s) - $START_TIME )) -gt $DOG_DELAY ]; then
1009 echo "SERVERSTART TIMEOUT"
1010 echo "SERVERSTART TIMEOUT" >> $SRV_OUT
1011 break
1012 fi
1013 # Linux and *BSD support decimal arguments to sleep. On other
1014 # OSes this may be a tight loop.
1015 sleep 0.1 2>/dev/null || true
1016 done
1017 }
1018else
1019 echo "Warning: lsof not available, wait_server_start = sleep"
1020 wait_server_start() {
1021 sleep 2
1022 }
1023fi
1024
1025
1026# start_server <name>
1027# also saves name and command
1028start_server() {
1029 case $1 in
1030 [Oo]pen*)
1031 SERVER_CMD="$OPENSSL_CMD s_server $O_SERVER_ARGS"
1032 ;;
1033 [Gg]nu*)
1034 SERVER_CMD="$GNUTLS_SERV $G_SERVER_ARGS --priority $G_SERVER_PRIO"
1035 ;;
1036 mbed*)
1037 SERVER_CMD="$M_SRV $M_SERVER_ARGS"
1038 if [ "$MEMCHECK" -gt 0 ]; then
1039 SERVER_CMD="valgrind --leak-check=full $SERVER_CMD"
1040 fi
1041 ;;
1042 *)
1043 echo "error: invalid server name: $1" >&2
1044 exit 1
1045 ;;
1046 esac
1047 SERVER_NAME=$1
1048
1049 log "$SERVER_CMD"
1050 echo "$SERVER_CMD" > $SRV_OUT
1051 # for servers without -www or equivalent
1052 while :; do echo bla; sleep 1; done | $SERVER_CMD >> $SRV_OUT 2>&1 &
1053 PROCESS_ID=$!
1054
1055 wait_server_start "$PORT" "$PROCESS_ID"
1056}
1057
1058# terminate the running server
1059stop_server() {
1060 kill $PROCESS_ID 2>/dev/null
1061 wait $PROCESS_ID 2>/dev/null
1062
1063 if [ "$MEMCHECK" -gt 0 ]; then
1064 if is_mbedtls "$SERVER_CMD" && has_mem_err $SRV_OUT; then
1065 echo " ! Server had memory errors"
1066 SRVMEM=$(( $SRVMEM + 1 ))
1067 return
1068 fi
1069 fi
1070
1071 rm -f $SRV_OUT
1072}
1073
1074# kill the running server (used when killed by signal)
1075cleanup() {
1076 rm -f $SRV_OUT $CLI_OUT
1077 kill $PROCESS_ID >/dev/null 2>&1
1078 kill $WATCHDOG_PID >/dev/null 2>&1
1079 exit 1
1080}
1081
1082# wait for client to terminate and set EXIT
1083# must be called right after starting the client
1084wait_client_done() {
1085 CLI_PID=$!
1086
1087 ( sleep "$DOG_DELAY"; echo "TIMEOUT" >> $CLI_OUT; kill $CLI_PID ) &
1088 WATCHDOG_PID=$!
1089
1090 wait $CLI_PID
1091 EXIT=$?
1092
1093 kill $WATCHDOG_PID
1094 wait $WATCHDOG_PID
1095
1096 echo "EXIT: $EXIT" >> $CLI_OUT
1097}
1098
1099# run_client <name> <cipher>
1100run_client() {
1101 # announce what we're going to do
1102 TESTS=$(( $TESTS + 1 ))
1103 VERIF=$(echo $VERIFY | tr '[:upper:]' '[:lower:]')
1104 TITLE="`echo $1 | head -c1`->`echo $SERVER_NAME | head -c1`"
1105 TITLE="$TITLE $MODE,$VERIF $2"
1106 printf "$TITLE "
1107 LEN=$(( 72 - `echo "$TITLE" | wc -c` ))
1108 for i in `seq 1 $LEN`; do printf '.'; done; printf ' '
1109
1110 # should we skip?
1111 if [ "X$SKIP_NEXT" = "XYES" ]; then
1112 SKIP_NEXT="NO"
1113 echo "SKIP"
1114 SKIPPED=$(( $SKIPPED + 1 ))
1115 return
1116 fi
1117
1118 # run the command and interpret result
1119 case $1 in
1120 [Oo]pen*)
1121 CLIENT_CMD="$OPENSSL_CMD s_client $O_CLIENT_ARGS -cipher $2"
1122 log "$CLIENT_CMD"
1123 echo "$CLIENT_CMD" > $CLI_OUT
1124 printf 'GET HTTP/1.0\r\n\r\n' | $CLIENT_CMD >> $CLI_OUT 2>&1 &
1125 wait_client_done
1126
1127 if [ $EXIT -eq 0 ]; then
1128 RESULT=0
1129 else
1130 # If the cipher isn't supported...
1131 if grep 'Cipher is (NONE)' $CLI_OUT >/dev/null; then
1132 RESULT=1
1133 else
1134 RESULT=2
1135 fi
1136 fi
1137 ;;
1138
1139 [Gg]nu*)
1140 # need to force IPv4 with UDP, but keep localhost for auth
1141 if is_dtls "$MODE"; then
1142 G_HOST="127.0.0.1"
1143 else
1144 G_HOST="localhost"
1145 fi
1146 CLIENT_CMD="$GNUTLS_CLI $G_CLIENT_ARGS --priority $G_PRIO_MODE:$2 $G_HOST"
1147 log "$CLIENT_CMD"
1148 echo "$CLIENT_CMD" > $CLI_OUT
1149 printf 'GET HTTP/1.0\r\n\r\n' | $CLIENT_CMD >> $CLI_OUT 2>&1 &
1150 wait_client_done
1151
1152 if [ $EXIT -eq 0 ]; then
1153 RESULT=0
1154 else
1155 RESULT=2
1156 # interpret early failure, with a handshake_failure alert
1157 # before the server hello, as "no ciphersuite in common"
1158 if grep -F 'Received alert [40]: Handshake failed' $CLI_OUT; then
1159 if grep -i 'SERVER HELLO .* was received' $CLI_OUT; then :
1160 else
1161 RESULT=1
1162 fi
1163 fi >/dev/null
1164 fi
1165 ;;
1166
1167 mbed*)
1168 CLIENT_CMD="$M_CLI $M_CLIENT_ARGS force_ciphersuite=$2"
1169 if [ "$MEMCHECK" -gt 0 ]; then
1170 CLIENT_CMD="valgrind --leak-check=full $CLIENT_CMD"
1171 fi
1172 log "$CLIENT_CMD"
1173 echo "$CLIENT_CMD" > $CLI_OUT
1174 $CLIENT_CMD >> $CLI_OUT 2>&1 &
1175 wait_client_done
1176
1177 case $EXIT in
1178 # Success
1179 "0") RESULT=0 ;;
1180
1181 # Ciphersuite not supported
1182 "2") RESULT=1 ;;
1183
1184 # Error
1185 *) RESULT=2 ;;
1186 esac
1187
1188 if [ "$MEMCHECK" -gt 0 ]; then
1189 if is_mbedtls "$CLIENT_CMD" && has_mem_err $CLI_OUT; then
1190 RESULT=2
1191 fi
1192 fi
1193
1194 ;;
1195
1196 *)
1197 echo "error: invalid client name: $1" >&2
1198 exit 1
1199 ;;
1200 esac
1201
1202 echo "EXIT: $EXIT" >> $CLI_OUT
1203
1204 # report and count result
1205 case $RESULT in
1206 "0")
1207 echo PASS
1208 ;;
1209 "1")
1210 echo SKIP
1211 SKIPPED=$(( $SKIPPED + 1 ))
1212 ;;
1213 "2")
1214 echo FAIL
1215 cp $SRV_OUT c-srv-${TESTS}.log
1216 cp $CLI_OUT c-cli-${TESTS}.log
1217 echo " ! outputs saved to c-srv-${TESTS}.log, c-cli-${TESTS}.log"
1218
1219 if [ "X${USER:-}" = Xbuildbot -o "X${LOGNAME:-}" = Xbuildbot -o "${LOG_FAILURE_ON_STDOUT:-0}" != 0 ]; then
1220 echo " ! server output:"
1221 cat c-srv-${TESTS}.log
1222 echo " ! ==================================================="
1223 echo " ! client output:"
1224 cat c-cli-${TESTS}.log
1225 fi
1226
1227 FAILED=$(( $FAILED + 1 ))
1228 ;;
1229 esac
1230
1231 rm -f $CLI_OUT
1232}
1233
1234#
1235# MAIN
1236#
1237
1238if cd $( dirname $0 ); then :; else
1239 echo "cd $( dirname $0 ) failed" >&2
1240 exit 1
1241fi
1242
1243get_options "$@"
1244
1245# sanity checks, avoid an avalanche of errors
1246if [ ! -x "$M_SRV" ]; then
1247 echo "Command '$M_SRV' is not an executable file" >&2
1248 exit 1
1249fi
1250if [ ! -x "$M_CLI" ]; then
1251 echo "Command '$M_CLI' is not an executable file" >&2
1252 exit 1
1253fi
1254
1255if echo "$PEERS" | grep -i openssl > /dev/null; then
1256 if which "$OPENSSL_CMD" >/dev/null 2>&1; then :; else
1257 echo "Command '$OPENSSL_CMD' not found" >&2
1258 exit 1
1259 fi
1260fi
1261
1262if echo "$PEERS" | grep -i gnutls > /dev/null; then
1263 for CMD in "$GNUTLS_CLI" "$GNUTLS_SERV"; do
1264 if which "$CMD" >/dev/null 2>&1; then :; else
1265 echo "Command '$CMD' not found" >&2
1266 exit 1
1267 fi
1268 done
1269fi
1270
1271for PEER in $PEERS; do
1272 case "$PEER" in
1273 mbed*|[Oo]pen*|[Gg]nu*)
1274 ;;
1275 *)
1276 echo "Unknown peers: $PEER" >&2
1277 exit 1
1278 esac
1279done
1280
1281# Pick a "unique" port in the range 10000-19999.
1282PORT="0000$$"
1283PORT="1$(echo $PORT | tail -c 5)"
1284
1285# Also pick a unique name for intermediate files
1286SRV_OUT="srv_out.$$"
1287CLI_OUT="cli_out.$$"
1288
1289# client timeout delay: be more patient with valgrind
1290if [ "$MEMCHECK" -gt 0 ]; then
1291 DOG_DELAY=30
1292else
1293 DOG_DELAY=10
1294fi
1295
1296SKIP_NEXT="NO"
1297
1298trap cleanup INT TERM HUP
1299
1300for VERIFY in $VERIFIES; do
1301 for MODE in $MODES; do
1302 for TYPE in $TYPES; do
1303 for PEER in $PEERS; do
1304
1305 setup_arguments
1306
1307 case "$PEER" in
1308
1309 [Oo]pen*)
1310
1311 if test "$OSSL_NO_DTLS" -gt 0 && is_dtls "$MODE"; then
1312 continue;
1313 fi
1314
1315 reset_ciphersuites
1316 add_common_ciphersuites
1317 add_openssl_ciphersuites
1318 filter_ciphersuites
1319
1320 if [ "X" != "X$M_CIPHERS" ]; then
1321 start_server "OpenSSL"
1322 for i in $M_CIPHERS; do
1323 check_openssl_server_bug $i
1324 run_client mbedTLS $i
1325 done
1326 stop_server
1327 fi
1328
1329 if [ "X" != "X$O_CIPHERS" ]; then
1330 start_server "mbedTLS"
1331 for i in $O_CIPHERS; do
1332 run_client OpenSSL $i
1333 done
1334 stop_server
1335 fi
1336
1337 ;;
1338
1339 [Gg]nu*)
1340
1341 reset_ciphersuites
1342 add_common_ciphersuites
1343 add_gnutls_ciphersuites
1344 filter_ciphersuites
1345
1346 if [ "X" != "X$M_CIPHERS" ]; then
1347 start_server "GnuTLS"
1348 for i in $M_CIPHERS; do
1349 run_client mbedTLS $i
1350 done
1351 stop_server
1352 fi
1353
1354 if [ "X" != "X$G_CIPHERS" ]; then
1355 start_server "mbedTLS"
1356 for i in $G_CIPHERS; do
1357 run_client GnuTLS $i
1358 done
1359 stop_server
1360 fi
1361
1362 ;;
1363
1364 mbed*)
1365
1366 reset_ciphersuites
1367 add_common_ciphersuites
1368 add_openssl_ciphersuites
1369 add_gnutls_ciphersuites
1370 add_mbedtls_ciphersuites
1371 filter_ciphersuites
1372
1373 if [ "X" != "X$M_CIPHERS" ]; then
1374 start_server "mbedTLS"
1375 for i in $M_CIPHERS; do
1376 run_client mbedTLS $i
1377 done
1378 stop_server
1379 fi
1380
1381 ;;
1382
1383 *)
1384 echo "Unknown peer: $PEER" >&2
1385 exit 1
1386 ;;
1387
1388 esac
1389
1390 done
1391 done
1392 done
1393done
1394
1395echo "------------------------------------------------------------------------"
1396
1397if [ $FAILED -ne 0 -o $SRVMEM -ne 0 ];
1398then
1399 printf "FAILED"
1400else
1401 printf "PASSED"
1402fi
1403
1404if [ "$MEMCHECK" -gt 0 ]; then
1405 MEMREPORT=", $SRVMEM server memory errors"
1406else
1407 MEMREPORT=""
1408fi
1409
1410PASSED=$(( $TESTS - $FAILED ))
1411echo " ($PASSED / $TESTS tests ($SKIPPED skipped$MEMREPORT))"
1412
1413FAILED=$(( $FAILED + $SRVMEM ))
1414exit $FAILED