blob: eb4e58deebf7aab3ded797dd3b099cc3282b0ad9 [file] [log] [blame]
Manuel Pégourié-Gonnardadad4762025-03-04 10:18:30 +01001# (Minimal) ClientHello breakdown:
2# 160303rlrl - record header, 2-byte record contents len
3# 01hlhlhl - handshake header, 3-byte handshake message len
4# 0303 - protocol version: 1.2
5# 0123456789abcdef (repeated, 4 times total) - 32-byte "random"
6# 00 - session ID (empty)
7# 0002cvcv - ciphersuite list: 2-byte len + list of 2-byte values (see below)
8# 0100 - compression methods: 1-byte len then "null" (only legal value now)
9# [then end, or extensions, see notes below]
10# elel - 2-byte extensions length
11# ...
12# 000a - elliptic_curves aka supported_groups
13# 0004 - extension length
14# 0002 - length of named_curve_list / named_group_list
15# 0017 - secp256r1 aka NIST P-256
16# ...
17# 002b - supported version (for TLS 1.3)
18# 0003 - extension length
19# 02 - length of versions
20# 0304 - TLS 1.3 ("SSL 3.4")
21# ...
22# 000d - signature algorithms
23# 0004 - extension length
24# 0002 - SignatureSchemeList length
25# 0403 - ecdsa_secp256r1_sha256
26# ...
27# 0033 - key share
28# 0002 - extension length
29# 0000 - length of client_shares (empty is valid)
30#
31# Note: currently our TLS "1.3 or 1.2" code requires extension length to be
32# present even it it's 0. This is not strictly compliant but doesn't matter
33# much in practice as these days everyone wants to use signature_algorithms
34# (for hashes better than SHA-1), secure_renego (even if you have renego
35# disabled), and most people want either ECC or PSK related extensions.
36# See https://github.com/Mbed-TLS/mbedtls/issues/9963
37#
38# Also, currently we won't negotiate ECC ciphersuites unless at least the
39# supported_groups extension is present, see
40# https://github.com/Mbed-TLS/mbedtls/issues/7458
41#
42# For TLS 1.3 with ephemeral key exchange, mandatory extensions are:
43# - supported versions (as for all of TLS 1.3)
44# - supported groups
45# - key share
46# - signature algorithms
47# (see ssl_tls13_client_hello_has_exts_for_ephemeral_key_exchange()).
48#
49# Note: cccc is currently not assigned, so can be used get a consistent
50# "no matching ciphersuite" behaviour regardless of the configuration.
51# c02b is MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (1.2)
52# 1301 is MBEDTLS_TLS1_3_AES_128_GCM_SHA256 (1.3)
53
54# See "ClientHello breakdown" above
55# MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 with secp256r1
56Inject ClientHello - TLS 1.2 good (for reference)
57depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:MBEDTLS_SSL_HAVE_AES:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA1
58inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"16030300370100003303030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef000002c02b01000008000a000400020017":"<= parse client hello":0
59
60# See "ClientHello breakdown" above
61# Same as the above test with s/c02b/cccc/ as the ciphersuite
62Inject ClientHello - TLS 1.2 unknown ciphersuite (for reference)
63depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED:MBEDTLS_SSL_HAVE_AES:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_MD_CAN_SHA1
64inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"160303002f0100002b03030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef000002cccc01000000":"got no ciphersuites in common":MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE
65
66# See "ClientHello breakdown" above
67# ephemeral with secp256r1 + MBEDTLS_TLS1_3_AES_128_GCM_SHA256
68Inject ClientHello - TLS 1.3 good (for reference)
69depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_SSL_HAVE_AES:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_PK_CAN_ECDSA_VERIFY
70inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"160303004c0100004803030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef00000213010100001d000a000400020017002b0003020304000d000400020403003300020000":"key exchange mode\: ephemeral":0
71
72# See "ClientHello breakdown" above
73# Same as the above test with s/1301/cccc/ as the ciphersuite
74Inject ClientHello - TLS 1.3 unknown ciphersuite (for reference)
75depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_SSL_HAVE_AES:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_PK_CAN_ECDSA_VERIFY
76inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"160303004c0100004803030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef000002cccc0100001d000a000400020017002b0003020304000d000400020403003300020000":"No matched ciphersuite":MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE
77
78# See "ClientHello breakdown" above
79# ephemeral with secp256r1 + MBEDTLS_TLS1_3_AES_128_GCM_SHA256
80Inject ClientHello - TLS 1.3 fragmented 4 + 72 OK
81depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_SSL_HAVE_AES:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_PK_CAN_ECDSA_VERIFY
82inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"160303000401000048160303004803030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef00000213010100001d000a000400020017002b0003020304000d000400020403003300020000":"reassembled record":0
83
84# See "ClientHello breakdown" above
85# ephemeral with secp256r1 + MBEDTLS_TLS1_3_AES_128_GCM_SHA256
86Inject ClientHello - TLS 1.3 fragmented 3 + 73 rejected
87depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_SSL_HAVE_AES:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_PK_CAN_ECDSA_VERIFY
88inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"160303000301000016030300494803030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef00000213010100001d000a000400020017002b0003020304000d000400020403003300020000":"handshake message too short":MBEDTLS_ERR_SSL_INVALID_RECORD
89
90# See "ClientHello breakdown" above
91# ephemeral with secp256r1 + MBEDTLS_TLS1_3_AES_128_GCM_SHA256
92Inject ClientHello - TLS 1.3 fragmented 2 + 74 rejected
93depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_SSL_HAVE_AES:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_PK_CAN_ECDSA_VERIFY
94inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"16030300020100160303004a004803030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef00000213010100001d000a000400020017002b0003020304000d000400020403003300020000":"handshake message too short":MBEDTLS_ERR_SSL_INVALID_RECORD
95
96# See "ClientHello breakdown" above
97# ephemeral with secp256r1 + MBEDTLS_TLS1_3_AES_128_GCM_SHA256
98Inject ClientHello - TLS 1.3 fragmented 1 + 75 rejected
99depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_SSL_HAVE_AES:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_PK_CAN_ECDSA_VERIFY
100inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"160303000101160303004b00004803030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef00000213010100001d000a000400020017002b0003020304000d000400020403003300020000":"handshake message too short":MBEDTLS_ERR_SSL_INVALID_RECORD
101
102# See "ClientHello breakdown" above
103# ephemeral with secp256r1 + MBEDTLS_TLS1_3_AES_128_GCM_SHA256
104Inject ClientHello - TLS 1.3 fragmented 0 + 76 rejected
105depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_SSL_HAVE_AES:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_PK_CAN_ECDSA_VERIFY
106inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"1603030000160303004c0100004803030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef00000213010100001d000a000400020017002b0003020304000d000400020403003300020000":"ssl_get_next_record() returned":MBEDTLS_ERR_SSL_INVALID_RECORD
107
108# See "ClientHello breakdown" above
109# ephemeral with secp256r1 + MBEDTLS_TLS1_3_AES_128_GCM_SHA256
110Inject ClientHello - TLS 1.3 fragmented 72 + 4 OK
111depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_SSL_HAVE_AES:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_PK_CAN_ECDSA_VERIFY
112inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"16030300480100004803030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef00000213010100001d000a000400020017002b0003020304000d0004000204030033160303000400020000":"reassembled record":0
113
114# See "ClientHello breakdown" above
115# ephemeral with secp256r1 + MBEDTLS_TLS1_3_AES_128_GCM_SHA256
116Inject ClientHello - TLS 1.3 fragmented 73 + 3 OK
117depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_SSL_HAVE_AES:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_PK_CAN_ECDSA_VERIFY
118inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"16030300490100004803030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef00000213010100001d000a000400020017002b0003020304000d0004000204030033001603030003020000":"reassembled record":0
119
120# See "ClientHello breakdown" above
121# ephemeral with secp256r1 + MBEDTLS_TLS1_3_AES_128_GCM_SHA256
122Inject ClientHello - TLS 1.3 fragmented 74 + 2 OK
123depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_SSL_HAVE_AES:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_PK_CAN_ECDSA_VERIFY
124inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"160303004a0100004803030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef00000213010100001d000a000400020017002b0003020304000d0004000204030033000216030300020000":"reassembled record":0
125
126# See "ClientHello breakdown" above
127# ephemeral with secp256r1 + MBEDTLS_TLS1_3_AES_128_GCM_SHA256
128Inject ClientHello - TLS 1.3 fragmented 73 + 1 OK
129depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_SSL_HAVE_AES:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_PK_CAN_ECDSA_VERIFY
130inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"160303004b0100004803030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef00000213010100001d000a000400020017002b0003020304000d0004000204030033000200160303000100":"reassembled record":0
131
132# See "ClientHello breakdown" above
133# ephemeral with secp256r1 + MBEDTLS_TLS1_3_AES_128_GCM_SHA256
134Inject ClientHello - TLS 1.3 fragmented 4 + appdata + 72 rejected
135depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_SSL_HAVE_AES:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_PK_CAN_ECDSA_VERIFY
Manuel Pégourié-Gonnardc6cf7e52025-03-05 12:52:18 +0100136inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"16030300040100004817030300020102160303004803030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef00000213010100001d000a000400020017002b0003020304000d000400020403003300020000":"non-handshake message in the middle of a fragmented handshake message":MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE
Manuel Pégourié-Gonnardadad4762025-03-04 10:18:30 +0100137
138# See "ClientHello breakdown" above
139# ephemeral with secp256r1 + MBEDTLS_TLS1_3_AES_128_GCM_SHA256
Manuel Pégourié-Gonnardc6cf7e52025-03-05 12:52:18 +0100140Inject ClientHello - TLS 1.3 fragmented 4 + alert(warn) + 72 rejected
141depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_SSL_HAVE_AES:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_PK_CAN_ECDSA_VERIFY
142inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"1603030004010000481503030002015a160303004803030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef00000213010100001d000a000400020017002b0003020304000d000400020403003300020000":"non-handshake message in the middle of a fragmented handshake message":MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE
Manuel Pégourié-Gonnardadad4762025-03-04 10:18:30 +0100143
144# See "ClientHello breakdown" above
145# ephemeral with secp256r1 + MBEDTLS_TLS1_3_AES_128_GCM_SHA256
146Inject ClientHello - TLS 1.3 fragmented 4 + alert(fatal) + 72 rejected
147depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_SSL_HAVE_AES:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_PK_CAN_ECDSA_VERIFY
Manuel Pégourié-Gonnardc6cf7e52025-03-05 12:52:18 +0100148inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"1603030004010000481503030002025a160303004803030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef00000213010100001d000a000400020017002b0003020304000d000400020403003300020000":"non-handshake message in the middle of a fragmented handshake message":MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE
Manuel Pégourié-Gonnardadad4762025-03-04 10:18:30 +0100149
150# See "ClientHello breakdown" above
151# ephemeral with secp256r1 + MBEDTLS_TLS1_3_AES_128_GCM_SHA256
Manuel Pégourié-Gonnardc6cf7e52025-03-05 12:52:18 +0100152Inject ClientHello - TLS 1.3 fragmented 4 + CCS + 72 rejected
153depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_SSL_HAVE_AES:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_PK_CAN_ECDSA_VERIFY
154inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"160303000401000048140303000101160303004803030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef00000213010100001d000a000400020017002b0003020304000d000400020403003300020000":"non-handshake message in the middle of a fragmented handshake message":MBEDTLS_ERR_SSL_UNEXPECTED_MESSAGE
Manuel Pégourié-Gonnardadad4762025-03-04 10:18:30 +0100155
156# See "ClientHello breakdown" above
157# ephemeral with secp256r1 + MBEDTLS_TLS1_3_AES_128_GCM_SHA256
158Inject ClientHello - TLS 1.3 fragmented 4 + invalid type + 72 rejected
159depends_on:MBEDTLS_SSL_PROTO_TLS1_3:MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED:MBEDTLS_SSL_HAVE_AES:MBEDTLS_MD_CAN_SHA256:MBEDTLS_SSL_HAVE_GCM:MBEDTLS_ECP_HAVE_SECP256R1:MBEDTLS_ECP_HAVE_SECP384R1:MBEDTLS_PK_CAN_ECDSA_SIGN:MBEDTLS_PK_CAN_ECDSA_VERIFY
160inject_client_content_on_the_wire:MBEDTLS_PK_ECDSA:MBEDTLS_SSL_CLIENT_HELLO:"1603030004010000481003030002015a160303004803030123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef00000213010100001d000a000400020017002b0003020304000d000400020403003300020000":"unknown record type":MBEDTLS_ERR_SSL_INVALID_RECORD
161
162Send large fragmented ClientHello: 4 bytes too large
163send_large_fragmented_hello:MBEDTLS_SSL_IN_CONTENT_LEN:0:"requesting more data than fits":MBEDTLS_ERR_SSL_BAD_INPUT_DATA
164
165Send large fragmented ClientHello: 1 byte too large
166send_large_fragmented_hello:MBEDTLS_SSL_IN_CONTENT_LEN - 3:0:"requesting more data than fits":MBEDTLS_ERR_SSL_BAD_INPUT_DATA
167
168Send large fragmented ClientHello: would fit without overhead #1
169send_large_fragmented_hello:MBEDTLS_SSL_IN_CONTENT_LEN - 4:0:"requesting more data than fits":MBEDTLS_ERR_SSL_BAD_INPUT_DATA
170
171Send large fragmented ClientHello: would fit without overhead #2
172send_large_fragmented_hello:MBEDTLS_SSL_IN_CONTENT_LEN - 4:1:"requesting more data than fits":MBEDTLS_ERR_SSL_BAD_INPUT_DATA
173
174Send large fragmented ClientHello: would fit without overhead #3
175send_large_fragmented_hello:MBEDTLS_SSL_IN_CONTENT_LEN - 4:2:"requesting more data than fits":MBEDTLS_ERR_SSL_BAD_INPUT_DATA
176
177Send large fragmented ClientHello: would fit without overhead #4
178send_large_fragmented_hello:MBEDTLS_SSL_IN_CONTENT_LEN - 4:3:"requesting more data than fits":MBEDTLS_ERR_SSL_BAD_INPUT_DATA
179
180Send large fragmented ClientHello: would fit without overhead #5
181send_large_fragmented_hello:MBEDTLS_SSL_IN_CONTENT_LEN - 4:4:"requesting more data than fits":MBEDTLS_ERR_SSL_BAD_INPUT_DATA