CID update to RFC 9146
The DTLS 1.2 CID specification has been published as RFC 9146. This PR updates the implementation to match the RFC content.
Signed-off-by: Hannes Tschofenig <hannes.tschofenig@arm.com>
diff --git a/tests/ssl-opt.sh b/tests/ssl-opt.sh
index c4628b0..36cb479 100755
--- a/tests/ssl-opt.sh
+++ b/tests/ssl-opt.sh
@@ -440,6 +440,14 @@
requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" $1
}
+CID_MODE=$( get_config_value_or_default "MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT" )
+
+requires_cid_compat() {
+ if [ "$CID_MODE" = "0" ]; then
+ SKIP_NEXT="YES"
+ fi
+}
+
# skip next test if GnuTLS isn't available
requires_gnutls() {
if [ -z "${GNUTLS_AVAILABLE:-}" ]; then
@@ -2387,6 +2395,17 @@
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
+requires_cid_compat
+run_test "Context serialization, client serializes, with CID (legacy)" \
+ "$P_SRV dtls=1 serialize=0 exchanges=2 cid=1 cid_val=dead" \
+ "$P_CLI dtls=1 serialize=1 exchanges=2 cid=1 cid_val=beef" \
+ 0 \
+ -c "Deserializing connection..." \
+ -S "Deserializing connection..."
+
+
+requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
run_test "Context serialization, server serializes, CCM" \
"$P_SRV dtls=1 serialize=1 exchanges=2" \
"$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
@@ -2422,6 +2441,16 @@
-C "Deserializing connection..." \
-s "Deserializing connection..."
+requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
+requires_cid_compat
+run_test "Context serialization, server serializes, with CID (legacy)" \
+ "$P_SRV dtls=1 serialize=1 exchanges=2 cid=1 cid_val=dead" \
+ "$P_CLI dtls=1 serialize=0 exchanges=2 cid=1 cid_val=beef" \
+ 0 \
+ -C "Deserializing connection..." \
+ -s "Deserializing connection..."
+
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
run_test "Context serialization, both serialize, CCM" \
@@ -2461,6 +2490,17 @@
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
+requires_cid_compat
+run_test "Context serialization, both serialize, with CID (legacy)" \
+ "$P_SRV dtls=1 serialize=1 exchanges=2 cid=1 cid_val=dead" \
+ "$P_CLI dtls=1 serialize=1 exchanges=2 cid=1 cid_val=beef" \
+ 0 \
+ -c "Deserializing connection..." \
+ -s "Deserializing connection..."
+
+
+requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
run_test "Context serialization, re-init, client serializes, CCM" \
"$P_SRV dtls=1 serialize=0 exchanges=2" \
"$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
@@ -2498,6 +2538,16 @@
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
+requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
+requires_cid_compat
+run_test "Context serialization, re-init, client serializes, with CID (legacy)" \
+ "$P_SRV dtls=1 serialize=0 exchanges=2 cid=1 cid_val=dead" \
+ "$P_CLI dtls=1 serialize=2 exchanges=2 cid=1 cid_val=beef" \
+ 0 \
+ -c "Deserializing connection..." \
+ -S "Deserializing connection..."
+
+requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
run_test "Context serialization, re-init, server serializes, CCM" \
"$P_SRV dtls=1 serialize=2 exchanges=2" \
"$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \