blob: 56db0545b8348ad1dad02ff9adf045628d5a9ec9 [file] [log] [blame]
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +01001#!/bin/sh
2
Simon Butcher58eddef2016-05-19 23:43:11 +01003# ssl-opt.sh
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +01004#
Simon Butcher58eddef2016-05-19 23:43:11 +01005# This file is part of mbed TLS (https://tls.mbed.org)
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +01006#
Simon Butcher58eddef2016-05-19 23:43:11 +01007# Copyright (c) 2016, ARM Limited, All Rights Reserved
8#
9# Purpose
10#
11# Executes tests to prove various TLS/SSL options and extensions.
12#
13# The goal is not to cover every ciphersuite/version, but instead to cover
14# specific options (max fragment length, truncated hmac, etc) or procedures
15# (session resumption from cache or ticket, renego, etc).
16#
17# The tests assume a build with default options, with exceptions expressed
18# with a dependency. The tests focus on functionality and do not consider
19# performance.
20#
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +010021
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +010022set -u
23
Angus Grattonc4dd0732018-04-11 16:28:39 +100024if cd $( dirname $0 ); then :; else
25 echo "cd $( dirname $0 ) failed" >&2
26 exit 1
27fi
28
Antonin Décimod5f47592019-01-23 15:24:37 +010029# default values, can be overridden by the environment
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +010030: ${P_SRV:=../programs/ssl/ssl_server2}
31: ${P_CLI:=../programs/ssl/ssl_client2}
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +020032: ${P_PXY:=../programs/test/udp_proxy}
Manuel Pégourié-Gonnard74faf3c2014-03-13 18:47:44 +010033: ${OPENSSL_CMD:=openssl} # OPENSSL would conflict with the build system
Manuel Pégourié-Gonnardbaa7f072014-08-20 20:15:53 +020034: ${GNUTLS_CLI:=gnutls-cli}
35: ${GNUTLS_SERV:=gnutls-serv}
Gilles Peskined50177f2017-05-16 17:53:03 +020036: ${PERL:=perl}
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +010037
Manuel Pégourié-Gonnardfa60f122014-09-26 16:07:29 +020038O_SRV="$OPENSSL_CMD s_server -www -cert data_files/server5.crt -key data_files/server5.key"
Manuel Pégourié-Gonnard74faf3c2014-03-13 18:47:44 +010039O_CLI="echo 'GET / HTTP/1.0' | $OPENSSL_CMD s_client"
Manuel Pégourié-Gonnardbaa7f072014-08-20 20:15:53 +020040G_SRV="$GNUTLS_SERV --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key"
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +010041G_CLI="echo 'GET / HTTP/1.0' | $GNUTLS_CLI --x509cafile data_files/test-ca_cat12.crt"
Gilles Peskined50177f2017-05-16 17:53:03 +020042TCP_CLIENT="$PERL scripts/tcp_client.pl"
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +010043
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +020044# alternative versions of OpenSSL and GnuTLS (no default path)
45
46if [ -n "${OPENSSL_LEGACY:-}" ]; then
47 O_LEGACY_SRV="$OPENSSL_LEGACY s_server -www -cert data_files/server5.crt -key data_files/server5.key"
48 O_LEGACY_CLI="echo 'GET / HTTP/1.0' | $OPENSSL_LEGACY s_client"
49else
50 O_LEGACY_SRV=false
51 O_LEGACY_CLI=false
52fi
53
Hanno Becker58e9dc32018-08-17 15:53:21 +010054if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +020055 G_NEXT_SRV="$GNUTLS_NEXT_SERV --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key"
56else
57 G_NEXT_SRV=false
58fi
59
Hanno Becker58e9dc32018-08-17 15:53:21 +010060if [ -n "${GNUTLS_NEXT_CLI:-}" ]; then
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +020061 G_NEXT_CLI="echo 'GET / HTTP/1.0' | $GNUTLS_NEXT_CLI --x509cafile data_files/test-ca_cat12.crt"
62else
63 G_NEXT_CLI=false
64fi
65
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +010066TESTS=0
67FAILS=0
Manuel Pégourié-Gonnard6f4fbbb2014-08-14 14:31:29 +020068SKIPS=0
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +010069
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +000070CONFIG_H='../include/mbedtls/config.h'
Manuel Pégourié-Gonnard83d8c732014-04-07 13:24:21 +020071
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +010072MEMCHECK=0
Manuel Pégourié-Gonnard417d46c2014-03-13 19:17:53 +010073FILTER='.*'
Manuel Pégourié-Gonnard6f4fbbb2014-08-14 14:31:29 +020074EXCLUDE='^$'
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +010075
Paul Bakkere20310a2016-05-10 11:18:17 +010076SHOW_TEST_NUMBER=0
Paul Bakkerb7584a52016-05-10 10:50:43 +010077RUN_TEST_NUMBER=''
78
Paul Bakkeracaac852016-05-10 11:47:13 +010079PRESERVE_LOGS=0
80
Gilles Peskinef93c7d32017-04-14 17:55:28 +020081# Pick a "unique" server port in the range 10000-19999, and a proxy
82# port which is this plus 10000. Each port number may be independently
83# overridden by a command line option.
84SRV_PORT=$(($$ % 10000 + 10000))
85PXY_PORT=$((SRV_PORT + 10000))
86
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +010087print_usage() {
88 echo "Usage: $0 [options]"
Manuel Pégourié-Gonnardf46f1282014-12-11 11:51:28 +010089 printf " -h|--help\tPrint this help.\n"
90 printf " -m|--memcheck\tCheck memory leaks and errors.\n"
Gilles Peskinef93c7d32017-04-14 17:55:28 +020091 printf " -f|--filter\tOnly matching tests are executed (BRE; default: '$FILTER')\n"
92 printf " -e|--exclude\tMatching tests are excluded (BRE; default: '$EXCLUDE')\n"
Paul Bakkerb7584a52016-05-10 10:50:43 +010093 printf " -n|--number\tExecute only numbered test (comma-separated, e.g. '245,256')\n"
Paul Bakkere20310a2016-05-10 11:18:17 +010094 printf " -s|--show-numbers\tShow test numbers in front of test names\n"
Paul Bakkeracaac852016-05-10 11:47:13 +010095 printf " -p|--preserve-logs\tPreserve logs of successful tests as well\n"
Gilles Peskinef93c7d32017-04-14 17:55:28 +020096 printf " --port\tTCP/UDP port (default: randomish 1xxxx)\n"
97 printf " --proxy-port\tTCP/UDP proxy port (default: randomish 2xxxx)\n"
Andres AGf04f54d2016-10-10 15:46:20 +010098 printf " --seed\tInteger seed value to use for this test run\n"
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +010099}
100
101get_options() {
102 while [ $# -gt 0 ]; do
103 case "$1" in
Manuel Pégourié-Gonnard417d46c2014-03-13 19:17:53 +0100104 -f|--filter)
105 shift; FILTER=$1
106 ;;
107 -e|--exclude)
108 shift; EXCLUDE=$1
109 ;;
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100110 -m|--memcheck)
111 MEMCHECK=1
112 ;;
Paul Bakkerb7584a52016-05-10 10:50:43 +0100113 -n|--number)
114 shift; RUN_TEST_NUMBER=$1
115 ;;
Paul Bakkere20310a2016-05-10 11:18:17 +0100116 -s|--show-numbers)
117 SHOW_TEST_NUMBER=1
118 ;;
Paul Bakkeracaac852016-05-10 11:47:13 +0100119 -p|--preserve-logs)
120 PRESERVE_LOGS=1
121 ;;
Gilles Peskinef93c7d32017-04-14 17:55:28 +0200122 --port)
123 shift; SRV_PORT=$1
124 ;;
125 --proxy-port)
126 shift; PXY_PORT=$1
127 ;;
Andres AGf04f54d2016-10-10 15:46:20 +0100128 --seed)
129 shift; SEED="$1"
130 ;;
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100131 -h|--help)
132 print_usage
133 exit 0
134 ;;
135 *)
Paul Bakker1ebc0c52014-05-22 15:47:58 +0200136 echo "Unknown argument: '$1'"
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100137 print_usage
138 exit 1
139 ;;
140 esac
141 shift
142 done
143}
144
Hanno Becker3b8b40c2018-08-28 10:25:41 +0100145# Skip next test; use this macro to skip tests which are legitimate
146# in theory and expected to be re-introduced at some point, but
147# aren't expected to succeed at the moment due to problems outside
148# our control (such as bugs in other TLS implementations).
149skip_next_test() {
150 SKIP_NEXT="YES"
151}
152
Manuel Pégourié-Gonnard988209f2015-03-24 10:43:55 +0100153# skip next test if the flag is not enabled in config.h
154requires_config_enabled() {
155 if grep "^#define $1" $CONFIG_H > /dev/null; then :; else
156 SKIP_NEXT="YES"
157 fi
158}
159
Manuel Pégourié-Gonnardaf63c212017-06-08 17:51:08 +0200160# skip next test if the flag is enabled in config.h
161requires_config_disabled() {
162 if grep "^#define $1" $CONFIG_H > /dev/null; then
163 SKIP_NEXT="YES"
164 fi
165}
166
Hanno Becker91900362019-07-03 13:22:59 +0100167requires_ciphersuite_enabled() {
168 if [ -z "$($P_CLI --help | grep "$1")" ]; then
169 SKIP_NEXT="YES"
170 fi
171}
172
Hanno Becker7c48dd12018-08-28 16:09:22 +0100173get_config_value_or_default() {
Andres Amaya Garcia06446782018-10-16 21:29:07 +0100174 # This function uses the query_config command line option to query the
175 # required Mbed TLS compile time configuration from the ssl_server2
176 # program. The command will always return a success value if the
177 # configuration is defined and the value will be printed to stdout.
178 #
179 # Note that if the configuration is not defined or is defined to nothing,
180 # the output of this function will be an empty string.
181 ${P_SRV} "query_config=${1}"
Hanno Becker7c48dd12018-08-28 16:09:22 +0100182}
183
184requires_config_value_at_least() {
Andres Amaya Garcia06446782018-10-16 21:29:07 +0100185 VAL="$( get_config_value_or_default "$1" )"
186 if [ -z "$VAL" ]; then
187 # Should never happen
188 echo "Mbed TLS configuration $1 is not defined"
189 exit 1
190 elif [ "$VAL" -lt "$2" ]; then
Hanno Becker5cd017f2018-08-24 14:40:12 +0100191 SKIP_NEXT="YES"
192 fi
193}
194
195requires_config_value_at_most() {
Hanno Becker7c48dd12018-08-28 16:09:22 +0100196 VAL=$( get_config_value_or_default "$1" )
Andres Amaya Garcia06446782018-10-16 21:29:07 +0100197 if [ -z "$VAL" ]; then
198 # Should never happen
199 echo "Mbed TLS configuration $1 is not defined"
200 exit 1
201 elif [ "$VAL" -gt "$2" ]; then
Hanno Becker5cd017f2018-08-24 14:40:12 +0100202 SKIP_NEXT="YES"
203 fi
204}
205
Manuel Pégourié-Gonnard1cbd39d2014-10-20 13:34:59 +0200206# skip next test if OpenSSL doesn't support FALLBACK_SCSV
207requires_openssl_with_fallback_scsv() {
208 if [ -z "${OPENSSL_HAS_FBSCSV:-}" ]; then
209 if $OPENSSL_CMD s_client -help 2>&1 | grep fallback_scsv >/dev/null
210 then
211 OPENSSL_HAS_FBSCSV="YES"
212 else
213 OPENSSL_HAS_FBSCSV="NO"
214 fi
215 fi
216 if [ "$OPENSSL_HAS_FBSCSV" = "NO" ]; then
217 SKIP_NEXT="YES"
218 fi
219}
220
Manuel Pégourié-Gonnardbaa7f072014-08-20 20:15:53 +0200221# skip next test if GnuTLS isn't available
222requires_gnutls() {
223 if [ -z "${GNUTLS_AVAILABLE:-}" ]; then
Manuel Pégourié-Gonnard03db6b02015-06-26 15:45:30 +0200224 if ( which "$GNUTLS_CLI" && which "$GNUTLS_SERV" ) >/dev/null 2>&1; then
Manuel Pégourié-Gonnardbaa7f072014-08-20 20:15:53 +0200225 GNUTLS_AVAILABLE="YES"
226 else
227 GNUTLS_AVAILABLE="NO"
228 fi
229 fi
230 if [ "$GNUTLS_AVAILABLE" = "NO" ]; then
231 SKIP_NEXT="YES"
232 fi
233}
234
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +0200235# skip next test if GnuTLS-next isn't available
236requires_gnutls_next() {
237 if [ -z "${GNUTLS_NEXT_AVAILABLE:-}" ]; then
238 if ( which "${GNUTLS_NEXT_CLI:-}" && which "${GNUTLS_NEXT_SERV:-}" ) >/dev/null 2>&1; then
239 GNUTLS_NEXT_AVAILABLE="YES"
240 else
241 GNUTLS_NEXT_AVAILABLE="NO"
242 fi
243 fi
244 if [ "$GNUTLS_NEXT_AVAILABLE" = "NO" ]; then
245 SKIP_NEXT="YES"
246 fi
247}
248
249# skip next test if OpenSSL-legacy isn't available
250requires_openssl_legacy() {
251 if [ -z "${OPENSSL_LEGACY_AVAILABLE:-}" ]; then
252 if which "${OPENSSL_LEGACY:-}" >/dev/null 2>&1; then
253 OPENSSL_LEGACY_AVAILABLE="YES"
254 else
255 OPENSSL_LEGACY_AVAILABLE="NO"
256 fi
257 fi
258 if [ "$OPENSSL_LEGACY_AVAILABLE" = "NO" ]; then
259 SKIP_NEXT="YES"
260 fi
261}
262
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +0200263# skip next test if IPv6 isn't available on this host
264requires_ipv6() {
265 if [ -z "${HAS_IPV6:-}" ]; then
266 $P_SRV server_addr='::1' > $SRV_OUT 2>&1 &
267 SRV_PID=$!
268 sleep 1
269 kill $SRV_PID >/dev/null 2>&1
270 if grep "NET - Binding of the socket failed" $SRV_OUT >/dev/null; then
271 HAS_IPV6="NO"
272 else
273 HAS_IPV6="YES"
274 fi
275 rm -r $SRV_OUT
276 fi
277
278 if [ "$HAS_IPV6" = "NO" ]; then
279 SKIP_NEXT="YES"
280 fi
281}
282
Andrzej Kurekb4593462018-10-11 08:43:30 -0400283# skip next test if it's i686 or uname is not available
284requires_not_i686() {
285 if [ -z "${IS_I686:-}" ]; then
286 IS_I686="YES"
287 if which "uname" >/dev/null 2>&1; then
288 if [ -z "$(uname -a | grep i686)" ]; then
289 IS_I686="NO"
290 fi
291 fi
292 fi
293 if [ "$IS_I686" = "YES" ]; then
294 SKIP_NEXT="YES"
295 fi
296}
297
Angus Grattonc4dd0732018-04-11 16:28:39 +1000298# Calculate the input & output maximum content lengths set in the config
299MAX_CONTENT_LEN=$( ../scripts/config.pl get MBEDTLS_SSL_MAX_CONTENT_LEN || echo "16384")
300MAX_IN_LEN=$( ../scripts/config.pl get MBEDTLS_SSL_IN_CONTENT_LEN || echo "$MAX_CONTENT_LEN")
301MAX_OUT_LEN=$( ../scripts/config.pl get MBEDTLS_SSL_OUT_CONTENT_LEN || echo "$MAX_CONTENT_LEN")
302
303if [ "$MAX_IN_LEN" -lt "$MAX_CONTENT_LEN" ]; then
304 MAX_CONTENT_LEN="$MAX_IN_LEN"
305fi
306if [ "$MAX_OUT_LEN" -lt "$MAX_CONTENT_LEN" ]; then
307 MAX_CONTENT_LEN="$MAX_OUT_LEN"
308fi
309
310# skip the next test if the SSL output buffer is less than 16KB
311requires_full_size_output_buffer() {
312 if [ "$MAX_OUT_LEN" -ne 16384 ]; then
313 SKIP_NEXT="YES"
314 fi
315}
316
Manuel Pégourié-Gonnard76fe9e42014-09-24 15:17:31 +0200317# skip the next test if valgrind is in use
318not_with_valgrind() {
319 if [ "$MEMCHECK" -gt 0 ]; then
320 SKIP_NEXT="YES"
321 fi
322}
323
Paul Bakker362689d2016-05-13 10:33:25 +0100324# skip the next test if valgrind is NOT in use
325only_with_valgrind() {
326 if [ "$MEMCHECK" -eq 0 ]; then
327 SKIP_NEXT="YES"
328 fi
329}
330
Manuel Pégourié-Gonnarda0719722014-09-20 12:46:27 +0200331# multiply the client timeout delay by the given factor for the next test
Janos Follath74537a62016-09-02 13:45:28 +0100332client_needs_more_time() {
Manuel Pégourié-Gonnarda0719722014-09-20 12:46:27 +0200333 CLI_DELAY_FACTOR=$1
334}
335
Janos Follath74537a62016-09-02 13:45:28 +0100336# wait for the given seconds after the client finished in the next test
337server_needs_more_time() {
338 SRV_DELAY_SECONDS=$1
339}
340
Manuel Pégourié-Gonnardf8bdbb52014-02-21 09:20:14 +0100341# print_name <name>
342print_name() {
Paul Bakkere20310a2016-05-10 11:18:17 +0100343 TESTS=$(( $TESTS + 1 ))
344 LINE=""
345
346 if [ "$SHOW_TEST_NUMBER" -gt 0 ]; then
347 LINE="$TESTS "
348 fi
349
350 LINE="$LINE$1"
351 printf "$LINE "
352 LEN=$(( 72 - `echo "$LINE" | wc -c` ))
Manuel Pégourié-Gonnardf46f1282014-12-11 11:51:28 +0100353 for i in `seq 1 $LEN`; do printf '.'; done
354 printf ' '
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +0100355
Manuel Pégourié-Gonnardf8bdbb52014-02-21 09:20:14 +0100356}
357
358# fail <message>
359fail() {
360 echo "FAIL"
Manuel Pégourié-Gonnard3eec6042014-02-27 15:37:24 +0100361 echo " ! $1"
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +0100362
Manuel Pégourié-Gonnardc2b00922014-08-31 16:46:04 +0200363 mv $SRV_OUT o-srv-${TESTS}.log
364 mv $CLI_OUT o-cli-${TESTS}.log
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200365 if [ -n "$PXY_CMD" ]; then
366 mv $PXY_OUT o-pxy-${TESTS}.log
367 fi
368 echo " ! outputs saved to o-XXX-${TESTS}.log"
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +0100369
Azim Khan19d13732018-03-29 11:04:20 +0100370 if [ "X${USER:-}" = Xbuildbot -o "X${LOGNAME:-}" = Xbuildbot -o "${LOG_FAILURE_ON_STDOUT:-0}" != 0 ]; then
Manuel Pégourié-Gonnard7fa67722014-08-31 17:42:53 +0200371 echo " ! server output:"
372 cat o-srv-${TESTS}.log
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200373 echo " ! ========================================================"
Manuel Pégourié-Gonnard7fa67722014-08-31 17:42:53 +0200374 echo " ! client output:"
375 cat o-cli-${TESTS}.log
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200376 if [ -n "$PXY_CMD" ]; then
377 echo " ! ========================================================"
378 echo " ! proxy output:"
379 cat o-pxy-${TESTS}.log
380 fi
381 echo ""
Manuel Pégourié-Gonnard7fa67722014-08-31 17:42:53 +0200382 fi
383
Manuel Pégourié-Gonnard72e51ee2014-08-31 10:22:11 +0200384 FAILS=$(( $FAILS + 1 ))
Manuel Pégourié-Gonnardf8bdbb52014-02-21 09:20:14 +0100385}
386
Manuel Pégourié-Gonnard677884d2014-02-25 16:42:31 +0100387# is_polar <cmd_line>
388is_polar() {
389 echo "$1" | grep 'ssl_server2\|ssl_client2' > /dev/null
390}
391
Manuel Pégourié-Gonnardfa60f122014-09-26 16:07:29 +0200392# openssl s_server doesn't have -www with DTLS
393check_osrv_dtls() {
394 if echo "$SRV_CMD" | grep 's_server.*-dtls' >/dev/null; then
395 NEEDS_INPUT=1
396 SRV_CMD="$( echo $SRV_CMD | sed s/-www// )"
397 else
398 NEEDS_INPUT=0
399 fi
400}
401
402# provide input to commands that need it
403provide_input() {
404 if [ $NEEDS_INPUT -eq 0 ]; then
405 return
406 fi
407
408 while true; do
409 echo "HTTP/1.0 200 OK"
410 sleep 1
411 done
412}
413
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100414# has_mem_err <log_file_name>
415has_mem_err() {
416 if ( grep -F 'All heap blocks were freed -- no leaks are possible' "$1" &&
417 grep -F 'ERROR SUMMARY: 0 errors from 0 contexts' "$1" ) > /dev/null
418 then
419 return 1 # false: does not have errors
420 else
421 return 0 # true: has errors
422 fi
423}
424
Gilles Peskine418b5362017-12-14 18:58:42 +0100425# Wait for process $2 to be listening on port $1
426if type lsof >/dev/null 2>/dev/null; then
427 wait_server_start() {
428 START_TIME=$(date +%s)
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +0200429 if [ "$DTLS" -eq 1 ]; then
Gilles Peskine418b5362017-12-14 18:58:42 +0100430 proto=UDP
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +0200431 else
Gilles Peskine418b5362017-12-14 18:58:42 +0100432 proto=TCP
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +0200433 fi
Gilles Peskine418b5362017-12-14 18:58:42 +0100434 # Make a tight loop, server normally takes less than 1s to start.
435 while ! lsof -a -n -b -i "$proto:$1" -p "$2" >/dev/null 2>/dev/null; do
436 if [ $(( $(date +%s) - $START_TIME )) -gt $DOG_DELAY ]; then
437 echo "SERVERSTART TIMEOUT"
438 echo "SERVERSTART TIMEOUT" >> $SRV_OUT
439 break
440 fi
441 # Linux and *BSD support decimal arguments to sleep. On other
442 # OSes this may be a tight loop.
443 sleep 0.1 2>/dev/null || true
444 done
445 }
446else
Gilles Peskinea9312652018-06-29 15:48:13 +0200447 echo "Warning: lsof not available, wait_server_start = sleep"
Gilles Peskine418b5362017-12-14 18:58:42 +0100448 wait_server_start() {
Manuel Pégourié-Gonnard0c1ec472014-06-20 18:41:11 +0200449 sleep "$START_DELAY"
Gilles Peskine418b5362017-12-14 18:58:42 +0100450 }
451fi
Manuel Pégourié-Gonnard0c1ec472014-06-20 18:41:11 +0200452
Andres Amaya Garciab84c40b2017-09-06 15:44:01 +0100453# Given the client or server debug output, parse the unix timestamp that is
Andres Amaya Garcia3b1bdff2017-09-14 12:41:29 +0100454# included in the first 4 bytes of the random bytes and check that it's within
Andres Amaya Garciab84c40b2017-09-06 15:44:01 +0100455# acceptable bounds
456check_server_hello_time() {
457 # Extract the time from the debug (lvl 3) output of the client
Andres Amaya Garcia67d8da52017-09-15 15:49:24 +0100458 SERVER_HELLO_TIME="$(sed -n 's/.*server hello, current time: //p' < "$1")"
Andres Amaya Garciab84c40b2017-09-06 15:44:01 +0100459 # Get the Unix timestamp for now
460 CUR_TIME=$(date +'%s')
461 THRESHOLD_IN_SECS=300
462
463 # Check if the ServerHello time was printed
464 if [ -z "$SERVER_HELLO_TIME" ]; then
465 return 1
466 fi
467
468 # Check the time in ServerHello is within acceptable bounds
469 if [ $SERVER_HELLO_TIME -lt $(( $CUR_TIME - $THRESHOLD_IN_SECS )) ]; then
470 # The time in ServerHello is at least 5 minutes before now
471 return 1
472 elif [ $SERVER_HELLO_TIME -gt $(( $CUR_TIME + $THRESHOLD_IN_SECS )) ]; then
Andres Amaya Garcia3b1bdff2017-09-14 12:41:29 +0100473 # The time in ServerHello is at least 5 minutes later than now
Andres Amaya Garciab84c40b2017-09-06 15:44:01 +0100474 return 1
475 else
476 return 0
477 fi
478}
479
Manuel Pégourié-Gonnardc0f6a692014-08-30 22:41:47 +0200480# wait for client to terminate and set CLI_EXIT
481# must be called right after starting the client
482wait_client_done() {
483 CLI_PID=$!
484
Manuel Pégourié-Gonnarda0719722014-09-20 12:46:27 +0200485 CLI_DELAY=$(( $DOG_DELAY * $CLI_DELAY_FACTOR ))
486 CLI_DELAY_FACTOR=1
487
Manuel Pégourié-Gonnarda365add2015-08-04 20:57:59 +0200488 ( sleep $CLI_DELAY; echo "===CLIENT_TIMEOUT===" >> $CLI_OUT; kill $CLI_PID ) &
Manuel Pégourié-Gonnarda6189f02014-09-20 13:15:43 +0200489 DOG_PID=$!
Manuel Pégourié-Gonnardc0f6a692014-08-30 22:41:47 +0200490
491 wait $CLI_PID
492 CLI_EXIT=$?
493
Manuel Pégourié-Gonnarda6189f02014-09-20 13:15:43 +0200494 kill $DOG_PID >/dev/null 2>&1
495 wait $DOG_PID
Manuel Pégourié-Gonnardc0f6a692014-08-30 22:41:47 +0200496
497 echo "EXIT: $CLI_EXIT" >> $CLI_OUT
Janos Follath74537a62016-09-02 13:45:28 +0100498
499 sleep $SRV_DELAY_SECONDS
500 SRV_DELAY_SECONDS=0
Manuel Pégourié-Gonnardc0f6a692014-08-30 22:41:47 +0200501}
502
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +0200503# check if the given command uses dtls and sets global variable DTLS
504detect_dtls() {
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200505 if echo "$1" | grep 'dtls=1\|-dtls1\|-u' >/dev/null; then
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +0200506 DTLS=1
507 else
508 DTLS=0
509 fi
510}
511
Hanno Beckeraf5ab912019-06-21 12:59:46 +0100512# Strip off a particular parameter from the command line
513# and return its value.
514# Parameter 1: Command line parameter to strip off
515# ENV I/O: CMD command line to search and modify
516extract_cmdline_argument() {
517 __ARG=$(echo "$CMD" | sed -n "s/^.* $1=\([^ ]*\).*$/\1/p")
518 CMD=$(echo "$CMD" | sed "s/$1=\([^ ]*\)//")
519}
520
521# Check compatibility of the ssl_client2/ssl_server2 command-line
522# with a particular compile-time configurable option.
523# Parameter 1: Command-line argument (e.g. extended_ms)
524# Parameter 2: Corresponding compile-time configuration
525# (e.g. MBEDTLS_SSL_CONF_EXTENDED_MASTER_SECRET)
526# ENV I/O: CMD command line to search and modify
527# SKIP_NEXT set to "YES" on a mismatch
528check_cmdline_param_compat() {
529 __VAL="$( get_config_value_or_default "$2" )"
530 if [ ! -z "$__VAL" ]; then
531 extract_cmdline_argument "$1"
532 if [ ! -z "$__ARG" ] && [ "$__ARG" != "$__VAL" ]; then
533 SKIP_NEXT="YES"
534 fi
535 fi
536}
537
Hanno Beckeracd4fc02019-06-12 16:40:50 +0100538check_cmdline_authmode_compat() {
539 __VAL="$( get_config_value_or_default "MBEDTLS_SSL_CONF_AUTHMODE" )"
540 if [ ! -z "$__VAL" ]; then
541 extract_cmdline_argument "auth_mode"
542 if [ "$__ARG" = "none" ] && [ "$__VAL" != "0" ]; then
543 SKIP_NEXT="YES";
544 elif [ "$__ARG" = "optional" ] && [ "$__VAL" != "1" ]; then
545 SKIP_NEXT="YES"
546 elif [ "$__ARG" = "required" ] && [ "$__VAL" != "2" ]; then
547 SKIP_NEXT="YES"
548 fi
549 fi
550}
551
Hanno Beckerb0b2b672019-06-12 16:58:10 +0100552check_cmdline_legacy_renego_compat() {
553 __VAL="$( get_config_value_or_default "MBEDTLS_SSL_CONF_ALLOW_LEGACY_RENEGOTIATION" )"
554 if [ ! -z "$__VAL" ]; then
555 extract_cmdline_argument "allow_legacy"
556 if [ "$__ARG" = "-1" ] && [ "$__VAL" != "2" ]; then
557 SKIP_NEXT="YES";
558 elif [ "$__ARG" = "0" ] && [ "$__VAL" != "0" ]; then
559 SKIP_NEXT="YES"
560 elif [ "$__ARG" = "1" ] && [ "$__VAL" != "1" ]; then
561 SKIP_NEXT="YES"
562 fi
563 fi
564}
565
Hanno Beckerd82a0302019-07-05 11:40:52 +0100566check_cmdline_min_minor_version_compat() {
567 __VAL="$( get_config_value_or_default "MBEDTLS_SSL_CONF_MIN_MINOR_VER" )"
568 if [ ! -z "$__VAL" ]; then
569 extract_cmdline_argument "min_version"
570 if [ "$__ARG" = "ssl3" ] && [ "$__VAL" != "0" ]; then
571 SKIP_NEXT="YES";
572 elif [ "$__ARG" = "tls1" ] && [ "$__VAL" != "1" ]; then
573 SKIP_NEXT="YES"
574 elif [ "$__ARG" = "tls1_1" ] && [ "$__VAL" != "2" ]; then
575 SKIP_NEXT="YES"
576 elif [ "$__ARG" = "tls1_2" ] && [ "$__VAL" != "3" ]; then
577 SKIP_NEXT="YES"
578 fi
579 fi
580}
581
582check_cmdline_max_minor_version_compat() {
583 __VAL="$( get_config_value_or_default "MBEDTLS_SSL_CONF_MAX_MINOR_VER" )"
584 if [ ! -z "$__VAL" ]; then
585 extract_cmdline_argument "max_version"
586 if [ "$__ARG" = "ssl3" ] && [ "$__VAL" != "0" ]; then
587 SKIP_NEXT="YES";
588 elif [ "$__ARG" = "tls1" ] && [ "$__VAL" != "1" ]; then
589 SKIP_NEXT="YES"
590 elif [ "$__ARG" = "tls1_1" ] && [ "$__VAL" != "2" ]; then
591 SKIP_NEXT="YES"
592 elif [ "$__ARG" = "tls1_2" ] && [ "$__VAL" != "3" ]; then
593 SKIP_NEXT="YES"
594 fi
595 fi
596}
597
598check_cmdline_force_version_compat() {
599 __VAL_MAX="$( get_config_value_or_default "MBEDTLS_SSL_CONF_MAX_MINOR_VER" )"
600 __VAL_MIN="$( get_config_value_or_default "MBEDTLS_SSL_CONF_MIN_MINOR_VER" )"
601 if [ ! -z "$__VAL_MIN" ]; then
602
603 # SSL cli/srv cmd line
604
605 extract_cmdline_argument "force_version"
606 if [ "$__ARG" = "ssl3" ] && \
607 ( [ "$__VAL_MIN" != "0" ] || [ "$__VAL_MAX" != "0" ] ); then
608 SKIP_NEXT="YES";
609 elif [ "$__ARG" = "tls1" ] && \
610 ( [ "$__VAL_MIN" != "1" ] || [ "$__VAL_MAX" != "1" ] ); then
611 SKIP_NEXT="YES"
612 elif ( [ "$__ARG" = "tls1_1" ] || [ "$__ARG" = "dtls1" ] ) && \
613 ( [ "$__VAL_MIN" != "2" ] || [ "$__VAL_MAX" != "2" ] ); then
614 SKIP_NEXT="YES"
615 elif ( [ "$__ARG" = "tls1_2" ] || [ "$__ARG" = "dtls1_2" ] ) && \
616 ( [ "$__VAL_MIN" != "3" ] || [ "$__VAL_MAX" != "3" ] ); then
617 echo "FORCE SKIP"
618 SKIP_NEXT="YES"
619 fi
620
621 # OpenSSL cmd line
622
623 if echo "$CMD" | grep -e "-tls1\($\|[^_]\)" > /dev/null; then
624 if [ "$__VAL_MIN" != "1" ] || [ "$__VAL_MAX" != "1" ]; then
625 SKIP_NEXT="YES"
626 fi
627 fi
628
629 if echo "$CMD" | grep -e "-\(dtls1\($\|[^_]\)\|tls1_1\)" > /dev/null; then
630 if [ "$__VAL_MIN" != "2" ] || [ "$__VAL_MAX" != "2" ]; then
631 SKIP_NEXT="YES"
632 fi
633 fi
634
635 if echo "$CMD" | grep -e "-\(dtls1_2\($\|[^_]\)\|tls1_2\)" > /dev/null; then
636 if [ "$__VAL_MIN" != "3" ] || [ "$__VAL_MAX" != "3" ]; then
637 SKIP_NEXT="YES"
638 fi
639 fi
640
641 fi
642}
643
Hanno Beckeraf5ab912019-06-21 12:59:46 +0100644# Go through all options that can be hardcoded at compile-time and
645# detect whether the command line configures them in a conflicting
646# way. If so, skip the test. Otherwise, remove the corresponding
647# entry.
648# Parameter 1: Command line to inspect
649# Output: Modified command line
650# ENV I/O: SKIP_TEST set to 1 on mismatch.
651check_cmdline_compat() {
652 CMD="$1"
653
654 # ExtendedMasterSecret configuration
655 check_cmdline_param_compat "extended_ms" \
656 "MBEDTLS_SSL_CONF_EXTENDED_MASTER_SECRET"
657 check_cmdline_param_compat "enforce_extended_master_secret" \
658 "MBEDTLS_SSL_CONF_ENFORCE_EXTENDED_MASTER_SECRET"
Hanno Becker7f376f42019-06-12 16:20:48 +0100659
660 # DTLS anti replay protection configuration
661 check_cmdline_param_compat "anti_replay" \
662 "MBEDTLS_SSL_CONF_ANTI_REPLAY"
663
Hanno Beckerde671542019-06-12 16:30:46 +0100664 # DTLS bad MAC limit
665 check_cmdline_param_compat "badmac_limit" \
666 "MBEDTLS_SSL_CONF_BADMAC_LIMIT"
Hanno Beckeracd4fc02019-06-12 16:40:50 +0100667
668 # Authentication mode
669 check_cmdline_authmode_compat
Hanno Beckerb0b2b672019-06-12 16:58:10 +0100670
671 # Legacy renegotiation
672 check_cmdline_legacy_renego_compat
Hanno Beckerd82a0302019-07-05 11:40:52 +0100673
674 # Version configuration
675 check_cmdline_min_minor_version_compat
676 check_cmdline_max_minor_version_compat
677 check_cmdline_force_version_compat
Hanno Beckeraf5ab912019-06-21 12:59:46 +0100678}
679
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200680# Usage: run_test name [-p proxy_cmd] srv_cmd cli_cmd cli_exit [option [...]]
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100681# Options: -s pattern pattern that must be present in server output
682# -c pattern pattern that must be present in client output
Simon Butcher8e004102016-10-14 00:48:33 +0100683# -u pattern lines after pattern must be unique in client output
Andres Amaya Garcia93993de2017-09-06 15:38:07 +0100684# -f call shell function on client output
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100685# -S pattern pattern that must be absent in server output
686# -C pattern pattern that must be absent in client output
Simon Butcher8e004102016-10-14 00:48:33 +0100687# -U pattern lines after pattern must be unique in server output
Andres Amaya Garcia93993de2017-09-06 15:38:07 +0100688# -F call shell function on server output
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100689run_test() {
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +0100690 NAME="$1"
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200691 shift 1
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +0100692
Manuel Pégourié-Gonnard417d46c2014-03-13 19:17:53 +0100693 if echo "$NAME" | grep "$FILTER" | grep -v "$EXCLUDE" >/dev/null; then :
694 else
Manuel Pégourié-Gonnard74a13782014-10-14 22:34:08 +0200695 SKIP_NEXT="NO"
Manuel Pégourié-Gonnard417d46c2014-03-13 19:17:53 +0100696 return
697 fi
698
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +0100699 print_name "$NAME"
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100700
Paul Bakkerb7584a52016-05-10 10:50:43 +0100701 # Do we only run numbered tests?
702 if [ "X$RUN_TEST_NUMBER" = "X" ]; then :
703 elif echo ",$RUN_TEST_NUMBER," | grep ",$TESTS," >/dev/null; then :
704 else
705 SKIP_NEXT="YES"
706 fi
707
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200708 # does this test use a proxy?
709 if [ "X$1" = "X-p" ]; then
710 PXY_CMD="$2"
711 shift 2
712 else
713 PXY_CMD=""
714 fi
715
716 # get commands and client output
717 SRV_CMD="$1"
718 CLI_CMD="$2"
719 CLI_EXPECT="$3"
720 shift 3
721
Hanno Beckeraf5ab912019-06-21 12:59:46 +0100722 check_cmdline_compat "$SRV_CMD"
723 SRV_CMD="$CMD"
724
725 check_cmdline_compat "$CLI_CMD"
726 CLI_CMD="$CMD"
727
Hanno Becker7a11e722019-05-10 14:38:42 +0100728 # Check if test uses files
729 TEST_USES_FILES=$(echo "$SRV_CMD $CLI_CMD" | grep "\.\(key\|crt\|pem\)" )
730 if [ ! -z "$TEST_USES_FILES" ]; then
731 requires_config_enabled MBEDTLS_FS_IO
732 fi
733
734 # should we skip?
735 if [ "X$SKIP_NEXT" = "XYES" ]; then
736 SKIP_NEXT="NO"
737 echo "SKIP"
738 SKIPS=$(( $SKIPS + 1 ))
739 return
740 fi
741
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200742 # fix client port
743 if [ -n "$PXY_CMD" ]; then
744 CLI_CMD=$( echo "$CLI_CMD" | sed s/+SRV_PORT/$PXY_PORT/g )
745 else
746 CLI_CMD=$( echo "$CLI_CMD" | sed s/+SRV_PORT/$SRV_PORT/g )
747 fi
748
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +0200749 # update DTLS variable
750 detect_dtls "$SRV_CMD"
751
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100752 # prepend valgrind to our commands if active
753 if [ "$MEMCHECK" -gt 0 ]; then
754 if is_polar "$SRV_CMD"; then
755 SRV_CMD="valgrind --leak-check=full $SRV_CMD"
756 fi
757 if is_polar "$CLI_CMD"; then
758 CLI_CMD="valgrind --leak-check=full $CLI_CMD"
759 fi
760 fi
761
Manuel Pégourié-Gonnarda365add2015-08-04 20:57:59 +0200762 TIMES_LEFT=2
763 while [ $TIMES_LEFT -gt 0 ]; do
Manuel Pégourié-Gonnardab5f7b42015-08-04 21:01:37 +0200764 TIMES_LEFT=$(( $TIMES_LEFT - 1 ))
Manuel Pégourié-Gonnarda365add2015-08-04 20:57:59 +0200765
Manuel Pégourié-Gonnardab5f7b42015-08-04 21:01:37 +0200766 # run the commands
767 if [ -n "$PXY_CMD" ]; then
768 echo "$PXY_CMD" > $PXY_OUT
769 $PXY_CMD >> $PXY_OUT 2>&1 &
770 PXY_PID=$!
771 # assume proxy starts faster than server
772 fi
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200773
Manuel Pégourié-Gonnardab5f7b42015-08-04 21:01:37 +0200774 check_osrv_dtls
775 echo "$SRV_CMD" > $SRV_OUT
776 provide_input | $SRV_CMD >> $SRV_OUT 2>&1 &
777 SRV_PID=$!
Gilles Peskine418b5362017-12-14 18:58:42 +0100778 wait_server_start "$SRV_PORT" "$SRV_PID"
Manuel Pégourié-Gonnardc0f6a692014-08-30 22:41:47 +0200779
Manuel Pégourié-Gonnardab5f7b42015-08-04 21:01:37 +0200780 echo "$CLI_CMD" > $CLI_OUT
781 eval "$CLI_CMD" >> $CLI_OUT 2>&1 &
782 wait_client_done
Manuel Pégourié-Gonnarde01af4c2014-03-25 14:16:44 +0100783
Hanno Beckercadb5bb2017-05-26 13:56:10 +0100784 sleep 0.05
785
Manuel Pégourié-Gonnardab5f7b42015-08-04 21:01:37 +0200786 # terminate the server (and the proxy)
787 kill $SRV_PID
788 wait $SRV_PID
Hanno Beckerd82d8462017-05-29 21:37:46 +0100789
Manuel Pégourié-Gonnardab5f7b42015-08-04 21:01:37 +0200790 if [ -n "$PXY_CMD" ]; then
791 kill $PXY_PID >/dev/null 2>&1
792 wait $PXY_PID
793 fi
Manuel Pégourié-Gonnard677884d2014-02-25 16:42:31 +0100794
Manuel Pégourié-Gonnardab5f7b42015-08-04 21:01:37 +0200795 # retry only on timeouts
796 if grep '===CLIENT_TIMEOUT===' $CLI_OUT >/dev/null; then
797 printf "RETRY "
798 else
799 TIMES_LEFT=0
800 fi
Manuel Pégourié-Gonnarda365add2015-08-04 20:57:59 +0200801 done
802
Manuel Pégourié-Gonnard677884d2014-02-25 16:42:31 +0100803 # check if the client and server went at least to the handshake stage
Paul Bakker1ebc0c52014-05-22 15:47:58 +0200804 # (useful to avoid tests with only negative assertions and non-zero
Manuel Pégourié-Gonnard677884d2014-02-25 16:42:31 +0100805 # expected client exit to incorrectly succeed in case of catastrophic
806 # failure)
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +0100807 if is_polar "$SRV_CMD"; then
Manuel Pégourié-Gonnardbc3b16c2014-05-28 23:06:50 +0200808 if grep "Performing the SSL/TLS handshake" $SRV_OUT >/dev/null; then :;
Manuel Pégourié-Gonnard677884d2014-02-25 16:42:31 +0100809 else
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +0100810 fail "server or client failed to reach handshake stage"
Manuel Pégourié-Gonnard677884d2014-02-25 16:42:31 +0100811 return
812 fi
813 fi
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +0100814 if is_polar "$CLI_CMD"; then
Manuel Pégourié-Gonnardbc3b16c2014-05-28 23:06:50 +0200815 if grep "Performing the SSL/TLS handshake" $CLI_OUT >/dev/null; then :;
Manuel Pégourié-Gonnard677884d2014-02-25 16:42:31 +0100816 else
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +0100817 fail "server or client failed to reach handshake stage"
Manuel Pégourié-Gonnard677884d2014-02-25 16:42:31 +0100818 return
819 fi
820 fi
821
Manuel Pégourié-Gonnardf8bdbb52014-02-21 09:20:14 +0100822 # check server exit code
823 if [ $? != 0 ]; then
824 fail "server fail"
825 return
826 fi
827
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100828 # check client exit code
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +0100829 if [ \( "$CLI_EXPECT" = 0 -a "$CLI_EXIT" != 0 \) -o \
830 \( "$CLI_EXPECT" != 0 -a "$CLI_EXIT" = 0 \) ]
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +0100831 then
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200832 fail "bad client exit code (expected $CLI_EXPECT, got $CLI_EXIT)"
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100833 return
834 fi
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100835
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100836 # check other assertions
Manuel Pégourié-Gonnard480905d2014-08-21 19:38:32 +0200837 # lines beginning with == are added by valgrind, ignore them
Paul Bakker1f650922016-05-13 10:16:46 +0100838 # lines with 'Serious error when reading debug info', are valgrind issues as well
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100839 while [ $# -gt 0 ]
840 do
841 case $1 in
842 "-s")
Paul Bakker1f650922016-05-13 10:16:46 +0100843 if grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then :; else
Simon Butcher8e004102016-10-14 00:48:33 +0100844 fail "pattern '$2' MUST be present in the Server output"
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100845 return
846 fi
847 ;;
848
849 "-c")
Paul Bakker1f650922016-05-13 10:16:46 +0100850 if grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then :; else
Simon Butcher8e004102016-10-14 00:48:33 +0100851 fail "pattern '$2' MUST be present in the Client output"
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100852 return
853 fi
854 ;;
855
856 "-S")
Paul Bakker1f650922016-05-13 10:16:46 +0100857 if grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then
Simon Butcher8e004102016-10-14 00:48:33 +0100858 fail "pattern '$2' MUST NOT be present in the Server output"
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100859 return
860 fi
861 ;;
862
863 "-C")
Paul Bakker1f650922016-05-13 10:16:46 +0100864 if grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then
Simon Butcher8e004102016-10-14 00:48:33 +0100865 fail "pattern '$2' MUST NOT be present in the Client output"
866 return
867 fi
868 ;;
869
870 # The filtering in the following two options (-u and -U) do the following
871 # - ignore valgrind output
Antonin Décimod5f47592019-01-23 15:24:37 +0100872 # - filter out everything but lines right after the pattern occurrences
Simon Butcher8e004102016-10-14 00:48:33 +0100873 # - keep one of each non-unique line
874 # - count how many lines remain
875 # A line with '--' will remain in the result from previous outputs, so the number of lines in the result will be 1
876 # if there were no duplicates.
877 "-U")
878 if [ $(grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep -A1 "$2" | grep -v "$2" | sort | uniq -d | wc -l) -gt 1 ]; then
879 fail "lines following pattern '$2' must be unique in Server output"
880 return
881 fi
882 ;;
883
884 "-u")
885 if [ $(grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep -A1 "$2" | grep -v "$2" | sort | uniq -d | wc -l) -gt 1 ]; then
886 fail "lines following pattern '$2' must be unique in Client output"
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100887 return
888 fi
889 ;;
Andres Amaya Garcia93993de2017-09-06 15:38:07 +0100890 "-F")
891 if ! $2 "$SRV_OUT"; then
892 fail "function call to '$2' failed on Server output"
893 return
894 fi
895 ;;
896 "-f")
897 if ! $2 "$CLI_OUT"; then
898 fail "function call to '$2' failed on Client output"
899 return
900 fi
901 ;;
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100902
903 *)
Paul Bakker1ebc0c52014-05-22 15:47:58 +0200904 echo "Unknown test: $1" >&2
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100905 exit 1
906 esac
907 shift 2
908 done
909
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100910 # check valgrind's results
911 if [ "$MEMCHECK" -gt 0 ]; then
Manuel Pégourié-Gonnardbc3b16c2014-05-28 23:06:50 +0200912 if is_polar "$SRV_CMD" && has_mem_err $SRV_OUT; then
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100913 fail "Server has memory errors"
914 return
915 fi
Manuel Pégourié-Gonnardbc3b16c2014-05-28 23:06:50 +0200916 if is_polar "$CLI_CMD" && has_mem_err $CLI_OUT; then
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100917 fail "Client has memory errors"
918 return
919 fi
920 fi
921
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100922 # if we're here, everything is ok
923 echo "PASS"
Paul Bakkeracaac852016-05-10 11:47:13 +0100924 if [ "$PRESERVE_LOGS" -gt 0 ]; then
925 mv $SRV_OUT o-srv-${TESTS}.log
926 mv $CLI_OUT o-cli-${TESTS}.log
Hanno Becker7be2e5b2018-08-20 12:21:35 +0100927 if [ -n "$PXY_CMD" ]; then
928 mv $PXY_OUT o-pxy-${TESTS}.log
929 fi
Paul Bakkeracaac852016-05-10 11:47:13 +0100930 fi
931
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200932 rm -f $SRV_OUT $CLI_OUT $PXY_OUT
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100933}
934
Manuel Pégourié-Gonnarda9062e92014-02-25 16:21:22 +0100935cleanup() {
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200936 rm -f $CLI_OUT $SRV_OUT $PXY_OUT $SESSION
Manuel Pégourié-Gonnarda6189f02014-09-20 13:15:43 +0200937 test -n "${SRV_PID:-}" && kill $SRV_PID >/dev/null 2>&1
938 test -n "${PXY_PID:-}" && kill $PXY_PID >/dev/null 2>&1
939 test -n "${CLI_PID:-}" && kill $CLI_PID >/dev/null 2>&1
940 test -n "${DOG_PID:-}" && kill $DOG_PID >/dev/null 2>&1
Manuel Pégourié-Gonnarda9062e92014-02-25 16:21:22 +0100941 exit 1
942}
943
Manuel Pégourié-Gonnard9dea8bd2014-02-26 18:21:02 +0100944#
945# MAIN
946#
947
Manuel Pégourié-Gonnard913030c2014-03-28 10:12:38 +0100948get_options "$@"
949
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +0100950# sanity checks, avoid an avalanche of errors
Hanno Becker4ac73e72017-10-23 15:27:37 +0100951P_SRV_BIN="${P_SRV%%[ ]*}"
952P_CLI_BIN="${P_CLI%%[ ]*}"
953P_PXY_BIN="${P_PXY%%[ ]*}"
Hanno Becker17c04932017-10-10 14:44:53 +0100954if [ ! -x "$P_SRV_BIN" ]; then
955 echo "Command '$P_SRV_BIN' is not an executable file"
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +0100956 exit 1
957fi
Hanno Becker17c04932017-10-10 14:44:53 +0100958if [ ! -x "$P_CLI_BIN" ]; then
959 echo "Command '$P_CLI_BIN' is not an executable file"
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +0100960 exit 1
961fi
Hanno Becker17c04932017-10-10 14:44:53 +0100962if [ ! -x "$P_PXY_BIN" ]; then
963 echo "Command '$P_PXY_BIN' is not an executable file"
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200964 exit 1
965fi
Simon Butcher3c0d7b82016-05-23 11:13:17 +0100966if [ "$MEMCHECK" -gt 0 ]; then
967 if which valgrind >/dev/null 2>&1; then :; else
968 echo "Memcheck not possible. Valgrind not found"
969 exit 1
970 fi
971fi
Manuel Pégourié-Gonnard74faf3c2014-03-13 18:47:44 +0100972if which $OPENSSL_CMD >/dev/null 2>&1; then :; else
973 echo "Command '$OPENSSL_CMD' not found"
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +0100974 exit 1
975fi
976
Manuel Pégourié-Gonnard32f8f4d2014-05-29 11:31:20 +0200977# used by watchdog
978MAIN_PID="$$"
979
Manuel Pégourié-Gonnard0d225da2018-01-22 10:22:09 +0100980# We use somewhat arbitrary delays for tests:
981# - how long do we wait for the server to start (when lsof not available)?
982# - how long do we allow for the client to finish?
983# (not to check performance, just to avoid waiting indefinitely)
984# Things are slower with valgrind, so give extra time here.
985#
986# Note: without lsof, there is a trade-off between the running time of this
987# script and the risk of spurious errors because we didn't wait long enough.
988# The watchdog delay on the other hand doesn't affect normal running time of
989# the script, only the case where a client or server gets stuck.
Manuel Pégourié-Gonnard0c1ec472014-06-20 18:41:11 +0200990if [ "$MEMCHECK" -gt 0 ]; then
Manuel Pégourié-Gonnard0d225da2018-01-22 10:22:09 +0100991 START_DELAY=6
992 DOG_DELAY=60
Manuel Pégourié-Gonnard0c1ec472014-06-20 18:41:11 +0200993else
Manuel Pégourié-Gonnard0d225da2018-01-22 10:22:09 +0100994 START_DELAY=2
995 DOG_DELAY=20
Manuel Pégourié-Gonnard0c1ec472014-06-20 18:41:11 +0200996fi
Manuel Pégourié-Gonnard0d225da2018-01-22 10:22:09 +0100997
998# some particular tests need more time:
999# - for the client, we multiply the usual watchdog limit by a factor
1000# - for the server, we sleep for a number of seconds after the client exits
1001# see client_need_more_time() and server_needs_more_time()
Manuel Pégourié-Gonnarda0719722014-09-20 12:46:27 +02001002CLI_DELAY_FACTOR=1
Janos Follath74537a62016-09-02 13:45:28 +01001003SRV_DELAY_SECONDS=0
Manuel Pégourié-Gonnard0c1ec472014-06-20 18:41:11 +02001004
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02001005# fix commands to use this port, force IPv4 while at it
Manuel Pégourié-Gonnard0af1ba32015-01-21 11:44:33 +00001006# +SRV_PORT will be replaced by either $SRV_PORT or $PXY_PORT later
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +02001007P_SRV="$P_SRV server_addr=127.0.0.1 server_port=$SRV_PORT"
1008P_CLI="$P_CLI server_addr=127.0.0.1 server_port=+SRV_PORT"
Andres AGf04f54d2016-10-10 15:46:20 +01001009P_PXY="$P_PXY server_addr=127.0.0.1 server_port=$SRV_PORT listen_addr=127.0.0.1 listen_port=$PXY_PORT ${SEED:+"seed=$SEED"}"
Manuel Pégourié-Gonnard61957672015-06-18 17:54:58 +02001010O_SRV="$O_SRV -accept $SRV_PORT -dhparam data_files/dhparams.pem"
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +02001011O_CLI="$O_CLI -connect localhost:+SRV_PORT"
1012G_SRV="$G_SRV -p $SRV_PORT"
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02001013G_CLI="$G_CLI -p +SRV_PORT"
Manuel Pégourié-Gonnard8066b812014-05-28 22:59:30 +02001014
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02001015if [ -n "${OPENSSL_LEGACY:-}" ]; then
1016 O_LEGACY_SRV="$O_LEGACY_SRV -accept $SRV_PORT -dhparam data_files/dhparams.pem"
1017 O_LEGACY_CLI="$O_LEGACY_CLI -connect localhost:+SRV_PORT"
1018fi
1019
Hanno Becker58e9dc32018-08-17 15:53:21 +01001020if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02001021 G_NEXT_SRV="$G_NEXT_SRV -p $SRV_PORT"
1022fi
1023
Hanno Becker58e9dc32018-08-17 15:53:21 +01001024if [ -n "${GNUTLS_NEXT_CLI:-}" ]; then
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02001025 G_NEXT_CLI="$G_NEXT_CLI -p +SRV_PORT"
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02001026fi
Manuel Pégourié-Gonnardc1da6642014-02-25 14:18:30 +01001027
Gilles Peskine62469d92017-05-10 10:13:59 +02001028# Allow SHA-1, because many of our test certificates use it
1029P_SRV="$P_SRV allow_sha1=1"
1030P_CLI="$P_CLI allow_sha1=1"
1031
Manuel Pégourié-Gonnardbc3b16c2014-05-28 23:06:50 +02001032# Also pick a unique name for intermediate files
1033SRV_OUT="srv_out.$$"
1034CLI_OUT="cli_out.$$"
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +02001035PXY_OUT="pxy_out.$$"
Manuel Pégourié-Gonnardbc3b16c2014-05-28 23:06:50 +02001036SESSION="session.$$"
1037
Manuel Pégourié-Gonnard6f4fbbb2014-08-14 14:31:29 +02001038SKIP_NEXT="NO"
1039
Manuel Pégourié-Gonnardc1da6642014-02-25 14:18:30 +01001040trap cleanup INT TERM HUP
1041
Manuel Pégourié-Gonnarde73b2632014-07-12 04:00:00 +02001042# Basic test
1043
Hanno Becker91900362019-07-03 13:22:59 +01001044run_test "Default" \
1045 "$P_SRV debug_level=3" \
1046 "$P_CLI" \
1047 0
1048
1049run_test "Default, DTLS" \
1050 "$P_SRV dtls=1" \
1051 "$P_CLI dtls=1" \
1052 0
1053
Manuel Pégourié-Gonnard480905d2014-08-21 19:38:32 +02001054# Checks that:
1055# - things work with all ciphersuites active (used with config-full in all.sh)
1056# - the expected (highest security) parameters are selected
1057# ("signature_algorithm ext: 6" means SHA-512 (highest common hash))
Hanno Becker91900362019-07-03 13:22:59 +01001058requires_ciphersuite_enabled "TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256"
1059requires_config_enabled MBEDTLS_SHA512_C
1060requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
1061requires_config_enabled MBEDTLS_ECP_DP_SECP521R1_ENABLED
1062run_test "Default, choose highest security suite and hash" \
Manuel Pégourié-Gonnard480905d2014-08-21 19:38:32 +02001063 "$P_SRV debug_level=3" \
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03001064 "$P_CLI" \
Manuel Pégourié-Gonnarde73b2632014-07-12 04:00:00 +02001065 0 \
Manuel Pégourié-Gonnard480905d2014-08-21 19:38:32 +02001066 -s "Protocol is TLSv1.2" \
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +02001067 -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256" \
Manuel Pégourié-Gonnard480905d2014-08-21 19:38:32 +02001068 -s "client hello v3, signature_algorithm ext: 6" \
1069 -s "ECDHE curve: secp521r1" \
1070 -S "error" \
1071 -C "error"
Manuel Pégourié-Gonnarde73b2632014-07-12 04:00:00 +02001072
Hanno Becker91900362019-07-03 13:22:59 +01001073requires_ciphersuite_enabled "TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256"
1074requires_config_enabled MBEDTLS_SHA512_C
1075requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
1076requires_config_enabled MBEDTLS_ECP_DP_SECP521R1_ENABLED
1077run_test "Default, choose highest security suite and hash, DTLS" \
1078 "$P_SRV debug_level=3 dtls=1" \
Manuel Pégourié-Gonnard3bb08012015-01-22 13:34:21 +00001079 "$P_CLI dtls=1" \
1080 0 \
1081 -s "Protocol is DTLSv1.2" \
Hanno Becker91900362019-07-03 13:22:59 +01001082 -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256" \
1083 -s "client hello v3, signature_algorithm ext: 6" \
1084 -s "ECDHE curve: secp521r1"
Manuel Pégourié-Gonnard3bb08012015-01-22 13:34:21 +00001085
Andres Amaya Garciab84c40b2017-09-06 15:44:01 +01001086# Test current time in ServerHello
1087requires_config_enabled MBEDTLS_HAVE_TIME
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +02001088run_test "ServerHello contains gmt_unix_time" \
Andres Amaya Garciab84c40b2017-09-06 15:44:01 +01001089 "$P_SRV debug_level=3" \
1090 "$P_CLI debug_level=3" \
1091 0 \
Andres Amaya Garciab84c40b2017-09-06 15:44:01 +01001092 -f "check_server_hello_time" \
1093 -F "check_server_hello_time"
1094
Simon Butcher8e004102016-10-14 00:48:33 +01001095# Test for uniqueness of IVs in AEAD ciphersuites
1096run_test "Unique IV in GCM" \
1097 "$P_SRV exchanges=20 debug_level=4" \
1098 "$P_CLI exchanges=20 debug_level=4 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \
1099 0 \
1100 -u "IV used" \
1101 -U "IV used"
1102
Manuel Pégourié-Gonnardbd47a582015-01-12 13:43:29 +01001103# Tests for rc4 option
1104
Simon Butchera410af52016-05-19 22:12:18 +01001105requires_config_enabled MBEDTLS_REMOVE_ARC4_CIPHERSUITES
Manuel Pégourié-Gonnardbd47a582015-01-12 13:43:29 +01001106run_test "RC4: server disabled, client enabled" \
1107 "$P_SRV" \
1108 "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
1109 1 \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01001110 -s "SSL - The server has no ciphersuites in common"
1111
Simon Butchera410af52016-05-19 22:12:18 +01001112requires_config_enabled MBEDTLS_REMOVE_ARC4_CIPHERSUITES
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01001113run_test "RC4: server half, client enabled" \
1114 "$P_SRV arc4=1" \
1115 "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
1116 1 \
1117 -s "SSL - The server has no ciphersuites in common"
Manuel Pégourié-Gonnardbd47a582015-01-12 13:43:29 +01001118
1119run_test "RC4: server enabled, client disabled" \
1120 "$P_SRV force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
1121 "$P_CLI" \
1122 1 \
1123 -s "SSL - The server has no ciphersuites in common"
1124
1125run_test "RC4: both enabled" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01001126 "$P_SRV force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnardbd47a582015-01-12 13:43:29 +01001127 "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
1128 0 \
Manuel Pégourié-Gonnard51d81662015-01-14 17:20:46 +01001129 -S "SSL - None of the common ciphersuites is usable" \
Manuel Pégourié-Gonnardbd47a582015-01-12 13:43:29 +01001130 -S "SSL - The server has no ciphersuites in common"
1131
Hanno Beckerd26bb202018-08-17 09:54:10 +01001132# Test empty CA list in CertificateRequest in TLS 1.1 and earlier
1133
1134requires_gnutls
1135requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
1136run_test "CertificateRequest with empty CA list, TLS 1.1 (GnuTLS server)" \
1137 "$G_SRV"\
1138 "$P_CLI force_version=tls1_1" \
1139 0
1140
1141requires_gnutls
1142requires_config_enabled MBEDTLS_SSL_PROTO_TLS1
1143run_test "CertificateRequest with empty CA list, TLS 1.0 (GnuTLS server)" \
1144 "$G_SRV"\
1145 "$P_CLI force_version=tls1" \
1146 0
1147
Gilles Peskinebc70a182017-05-09 15:59:24 +02001148# Tests for SHA-1 support
1149
Manuel Pégourié-Gonnardaf63c212017-06-08 17:51:08 +02001150requires_config_disabled MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
Hanno Becker4a156fc2019-06-14 17:07:06 +01001151requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Gilles Peskinebc70a182017-05-09 15:59:24 +02001152run_test "SHA-1 forbidden by default in server certificate" \
1153 "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt" \
1154 "$P_CLI debug_level=2 allow_sha1=0" \
1155 1 \
1156 -c "The certificate is signed with an unacceptable hash"
1157
Manuel Pégourié-Gonnardaf63c212017-06-08 17:51:08 +02001158requires_config_enabled MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
1159run_test "SHA-1 forbidden by default in server certificate" \
1160 "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt" \
1161 "$P_CLI debug_level=2 allow_sha1=0" \
1162 0
1163
Gilles Peskinebc70a182017-05-09 15:59:24 +02001164run_test "SHA-1 explicitly allowed in server certificate" \
1165 "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt" \
1166 "$P_CLI allow_sha1=1" \
1167 0
1168
1169run_test "SHA-256 allowed by default in server certificate" \
1170 "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2-sha256.crt" \
1171 "$P_CLI allow_sha1=0" \
1172 0
1173
Manuel Pégourié-Gonnardaf63c212017-06-08 17:51:08 +02001174requires_config_disabled MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
Hanno Becker4a156fc2019-06-14 17:07:06 +01001175requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Gilles Peskinebc70a182017-05-09 15:59:24 +02001176run_test "SHA-1 forbidden by default in client certificate" \
1177 "$P_SRV auth_mode=required allow_sha1=0" \
1178 "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha1.crt" \
1179 1 \
1180 -s "The certificate is signed with an unacceptable hash"
1181
Manuel Pégourié-Gonnardaf63c212017-06-08 17:51:08 +02001182requires_config_enabled MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
1183run_test "SHA-1 forbidden by default in client certificate" \
1184 "$P_SRV auth_mode=required allow_sha1=0" \
1185 "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha1.crt" \
1186 0
1187
Gilles Peskinebc70a182017-05-09 15:59:24 +02001188run_test "SHA-1 explicitly allowed in client certificate" \
1189 "$P_SRV auth_mode=required allow_sha1=1" \
1190 "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha1.crt" \
1191 0
1192
1193run_test "SHA-256 allowed by default in client certificate" \
1194 "$P_SRV auth_mode=required allow_sha1=0" \
1195 "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha256.crt" \
1196 0
1197
Hanno Becker7ae8a762018-08-14 15:43:35 +01001198# Tests for datagram packing
1199run_test "DTLS: multiple records in same datagram, client and server" \
1200 "$P_SRV dtls=1 dgram_packing=1 debug_level=2" \
1201 "$P_CLI dtls=1 dgram_packing=1 debug_level=2" \
1202 0 \
1203 -c "next record in same datagram" \
1204 -s "next record in same datagram"
1205
1206run_test "DTLS: multiple records in same datagram, client only" \
1207 "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \
1208 "$P_CLI dtls=1 dgram_packing=1 debug_level=2" \
1209 0 \
1210 -s "next record in same datagram" \
1211 -C "next record in same datagram"
1212
1213run_test "DTLS: multiple records in same datagram, server only" \
1214 "$P_SRV dtls=1 dgram_packing=1 debug_level=2" \
1215 "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \
1216 0 \
1217 -S "next record in same datagram" \
1218 -c "next record in same datagram"
1219
1220run_test "DTLS: multiple records in same datagram, neither client nor server" \
1221 "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \
1222 "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \
1223 0 \
1224 -S "next record in same datagram" \
1225 -C "next record in same datagram"
1226
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01001227# Tests for Truncated HMAC extension
1228
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001229run_test "Truncated HMAC: client default, server default" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02001230 "$P_SRV debug_level=4" \
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001231 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01001232 0 \
Hanno Becker992b6872017-11-09 18:57:39 +00001233 -s "dumping 'expected mac' (20 bytes)" \
1234 -S "dumping 'expected mac' (10 bytes)"
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01001235
Hanno Becker32c55012017-11-10 08:42:54 +00001236requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001237run_test "Truncated HMAC: client disabled, server default" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02001238 "$P_SRV debug_level=4" \
Hanno Becker909f9a32017-11-21 17:10:12 +00001239 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=0" \
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +01001240 0 \
Hanno Becker992b6872017-11-09 18:57:39 +00001241 -s "dumping 'expected mac' (20 bytes)" \
1242 -S "dumping 'expected mac' (10 bytes)"
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001243
Hanno Becker32c55012017-11-10 08:42:54 +00001244requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001245run_test "Truncated HMAC: client enabled, server default" \
1246 "$P_SRV debug_level=4" \
Hanno Becker909f9a32017-11-21 17:10:12 +00001247 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001248 0 \
Hanno Becker992b6872017-11-09 18:57:39 +00001249 -s "dumping 'expected mac' (20 bytes)" \
1250 -S "dumping 'expected mac' (10 bytes)"
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001251
Hanno Becker32c55012017-11-10 08:42:54 +00001252requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001253run_test "Truncated HMAC: client enabled, server disabled" \
1254 "$P_SRV debug_level=4 trunc_hmac=0" \
Hanno Becker909f9a32017-11-21 17:10:12 +00001255 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001256 0 \
Hanno Becker992b6872017-11-09 18:57:39 +00001257 -s "dumping 'expected mac' (20 bytes)" \
1258 -S "dumping 'expected mac' (10 bytes)"
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001259
Hanno Becker32c55012017-11-10 08:42:54 +00001260requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Hanno Becker34d0c3f2017-11-17 15:46:24 +00001261run_test "Truncated HMAC: client disabled, server enabled" \
1262 "$P_SRV debug_level=4 trunc_hmac=1" \
Hanno Becker909f9a32017-11-21 17:10:12 +00001263 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=0" \
Hanno Becker34d0c3f2017-11-17 15:46:24 +00001264 0 \
1265 -s "dumping 'expected mac' (20 bytes)" \
1266 -S "dumping 'expected mac' (10 bytes)"
1267
1268requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001269run_test "Truncated HMAC: client enabled, server enabled" \
1270 "$P_SRV debug_level=4 trunc_hmac=1" \
Hanno Becker909f9a32017-11-21 17:10:12 +00001271 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001272 0 \
Hanno Becker992b6872017-11-09 18:57:39 +00001273 -S "dumping 'expected mac' (20 bytes)" \
1274 -s "dumping 'expected mac' (10 bytes)"
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +01001275
Hanno Becker4c4f4102017-11-10 09:16:05 +00001276run_test "Truncated HMAC, DTLS: client default, server default" \
1277 "$P_SRV dtls=1 debug_level=4" \
1278 "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
1279 0 \
1280 -s "dumping 'expected mac' (20 bytes)" \
1281 -S "dumping 'expected mac' (10 bytes)"
1282
1283requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
1284run_test "Truncated HMAC, DTLS: client disabled, server default" \
1285 "$P_SRV dtls=1 debug_level=4" \
Hanno Becker909f9a32017-11-21 17:10:12 +00001286 "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=0" \
Hanno Becker4c4f4102017-11-10 09:16:05 +00001287 0 \
1288 -s "dumping 'expected mac' (20 bytes)" \
1289 -S "dumping 'expected mac' (10 bytes)"
1290
1291requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
1292run_test "Truncated HMAC, DTLS: client enabled, server default" \
1293 "$P_SRV dtls=1 debug_level=4" \
Hanno Becker909f9a32017-11-21 17:10:12 +00001294 "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \
Hanno Becker4c4f4102017-11-10 09:16:05 +00001295 0 \
1296 -s "dumping 'expected mac' (20 bytes)" \
1297 -S "dumping 'expected mac' (10 bytes)"
1298
1299requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
1300run_test "Truncated HMAC, DTLS: client enabled, server disabled" \
1301 "$P_SRV dtls=1 debug_level=4 trunc_hmac=0" \
Hanno Becker909f9a32017-11-21 17:10:12 +00001302 "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \
Hanno Becker4c4f4102017-11-10 09:16:05 +00001303 0 \
1304 -s "dumping 'expected mac' (20 bytes)" \
1305 -S "dumping 'expected mac' (10 bytes)"
1306
1307requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
1308run_test "Truncated HMAC, DTLS: client disabled, server enabled" \
1309 "$P_SRV dtls=1 debug_level=4 trunc_hmac=1" \
Hanno Becker909f9a32017-11-21 17:10:12 +00001310 "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=0" \
Hanno Becker4c4f4102017-11-10 09:16:05 +00001311 0 \
1312 -s "dumping 'expected mac' (20 bytes)" \
1313 -S "dumping 'expected mac' (10 bytes)"
1314
1315requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
1316run_test "Truncated HMAC, DTLS: client enabled, server enabled" \
1317 "$P_SRV dtls=1 debug_level=4 trunc_hmac=1" \
Hanno Becker909f9a32017-11-21 17:10:12 +00001318 "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +01001319 0 \
1320 -S "dumping 'expected mac' (20 bytes)" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +01001321 -s "dumping 'expected mac' (10 bytes)"
1322
Jarno Lamsafa45e602019-06-04 11:33:23 +03001323# Tests for Context serialization
1324
Jarno Lamsa8a91c062019-06-06 10:44:14 +03001325skip_next_test
Jarno Lamsafa45e602019-06-04 11:33:23 +03001326requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
Jarno Lamsa8a91c062019-06-06 10:44:14 +03001327run_test "(STUB) Context serialization, client serializes" \
Jarno Lamsafa45e602019-06-04 11:33:23 +03001328 "$P_SRV serialize=0 exchanges=2" \
1329 "$P_CLI serialize=1 exchanges=2" \
1330 0 \
Jarno Lamsadcfc2a72019-06-04 15:18:19 +03001331 -c "Deserializing connection..." \
Jarno Lamsafa45e602019-06-04 11:33:23 +03001332 -S "Deserializing connection..."
1333
Jarno Lamsa8a91c062019-06-06 10:44:14 +03001334skip_next_test
Jarno Lamsafa45e602019-06-04 11:33:23 +03001335requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
Jarno Lamsa8a91c062019-06-06 10:44:14 +03001336run_test "(STUB) Context serialization, server serializes" \
Jarno Lamsafa45e602019-06-04 11:33:23 +03001337 "$P_SRV serialize=1 exchanges=2" \
1338 "$P_CLI serialize=0 exchanges=2" \
1339 0 \
Jarno Lamsadcfc2a72019-06-04 15:18:19 +03001340 -C "Deserializing connection..." \
Jarno Lamsafa45e602019-06-04 11:33:23 +03001341 -s "Deserializing connection..."
1342
Jarno Lamsa8a91c062019-06-06 10:44:14 +03001343skip_next_test
Jarno Lamsafa45e602019-06-04 11:33:23 +03001344requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
Jarno Lamsa8a91c062019-06-06 10:44:14 +03001345run_test "(STUB) Context serialization, both serialize" \
Jarno Lamsafa45e602019-06-04 11:33:23 +03001346 "$P_SRV serialize=1 exchanges=2" \
1347 "$P_CLI serialize=1 exchanges=2" \
1348 0 \
Jarno Lamsadcfc2a72019-06-04 15:18:19 +03001349 -c "Deserializing connection..." \
Jarno Lamsafa45e602019-06-04 11:33:23 +03001350 -s "Deserializing connection..."
1351
Jarno Lamsa8a91c062019-06-06 10:44:14 +03001352skip_next_test
1353requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
1354run_test "(STUB) Context serialization, re-init, client serializes" \
1355 "$P_SRV serialize=0 exchanges=2" \
1356 "$P_CLI serialize=2 exchanges=2" \
1357 0 \
1358 -c "Deserializing connection..." \
1359 -S "Deserializing connection..."
1360
1361skip_next_test
1362requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
1363run_test "(STUB) Context serialization, re-init, server serializes" \
1364 "$P_SRV serialize=2 exchanges=2" \
1365 "$P_CLI serialize=0 exchanges=2" \
1366 0 \
1367 -C "Deserializing connection..." \
1368 -s "Deserializing connection..."
1369
1370skip_next_test
1371requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
1372run_test "(STUB) Context serialization, re-init, both serialize" \
1373 "$P_SRV serialize=2 exchanges=2" \
1374 "$P_CLI serialize=2 exchanges=2" \
1375 0 \
1376 -c "Deserializing connection..." \
1377 -s "Deserializing connection..."
1378
Hanno Becker2dcdc922019-04-09 18:08:47 +01001379# Tests for DTLS Connection ID extension
1380
Hanno Becker2dcdc922019-04-09 18:08:47 +01001381# So far, the CID API isn't implemented, so we can't
1382# grep for output witnessing its use. This needs to be
1383# changed once the CID extension is implemented.
1384
Hanno Beckera5a2b082019-05-15 14:03:01 +01001385requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker04ca04c2019-05-08 13:31:15 +01001386run_test "Connection ID: Cli enabled, Srv disabled" \
Hanno Becker9dae9fd2019-04-25 16:05:45 +01001387 "$P_SRV debug_level=3 dtls=1 cid=0" \
1388 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
1389 0 \
1390 -s "Disable use of CID extension." \
Hanno Beckerc008cb52019-04-26 14:17:56 +01001391 -s "found CID extension" \
1392 -s "Client sent CID extension, but CID disabled" \
Hanno Becker73455992019-04-25 17:01:43 +01001393 -c "Enable use of CID extension." \
Hanno Becker4eb05872019-04-26 16:00:29 +01001394 -c "client hello, adding CID extension" \
Hanno Beckercf2a5652019-04-26 16:13:31 +01001395 -S "server hello, adding CID extension" \
Hanno Becker5e2cd142019-04-26 16:23:52 +01001396 -C "found CID extension" \
1397 -S "Copy CIDs into SSL transform" \
Hanno Becker6a3ff282019-04-26 17:19:46 +01001398 -C "Copy CIDs into SSL transform" \
1399 -c "Use of Connection ID was rejected by the server"
Hanno Becker2dcdc922019-04-09 18:08:47 +01001400
Hanno Beckera5a2b082019-05-15 14:03:01 +01001401requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker04ca04c2019-05-08 13:31:15 +01001402run_test "Connection ID: Cli disabled, Srv enabled" \
Hanno Becker9dae9fd2019-04-25 16:05:45 +01001403 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
1404 "$P_CLI debug_level=3 dtls=1 cid=0" \
1405 0 \
1406 -c "Disable use of CID extension." \
Hanno Becker73455992019-04-25 17:01:43 +01001407 -C "client hello, adding CID extension" \
Hanno Beckerc008cb52019-04-26 14:17:56 +01001408 -S "found CID extension" \
Hanno Becker4eb05872019-04-26 16:00:29 +01001409 -s "Enable use of CID extension." \
Hanno Beckercf2a5652019-04-26 16:13:31 +01001410 -S "server hello, adding CID extension" \
Hanno Becker5e2cd142019-04-26 16:23:52 +01001411 -C "found CID extension" \
1412 -S "Copy CIDs into SSL transform" \
Hanno Becker6a3ff282019-04-26 17:19:46 +01001413 -C "Copy CIDs into SSL transform" \
Hanno Beckerad8e2c92019-05-08 13:19:53 +01001414 -s "Use of Connection ID was not offered by client"
Hanno Becker2dcdc922019-04-09 18:08:47 +01001415
Hanno Beckera5a2b082019-05-15 14:03:01 +01001416requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker04ca04c2019-05-08 13:31:15 +01001417run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID nonempty" \
Hanno Becker9dae9fd2019-04-25 16:05:45 +01001418 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead" \
1419 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef" \
1420 0 \
1421 -c "Enable use of CID extension." \
Hanno Becker73455992019-04-25 17:01:43 +01001422 -s "Enable use of CID extension." \
Hanno Beckerc008cb52019-04-26 14:17:56 +01001423 -c "client hello, adding CID extension" \
1424 -s "found CID extension" \
Hanno Becker4eb05872019-04-26 16:00:29 +01001425 -s "Use of CID extension negotiated" \
Hanno Beckercf2a5652019-04-26 16:13:31 +01001426 -s "server hello, adding CID extension" \
1427 -c "found CID extension" \
Hanno Becker5e2cd142019-04-26 16:23:52 +01001428 -c "Use of CID extension negotiated" \
1429 -s "Copy CIDs into SSL transform" \
Hanno Beckerb7f9e9c2019-05-03 17:04:23 +01001430 -c "Copy CIDs into SSL transform" \
1431 -c "Peer CID (length 2 Bytes): de ad" \
1432 -s "Peer CID (length 2 Bytes): be ef" \
1433 -s "Use of Connection ID has been negotiated" \
1434 -c "Use of Connection ID has been negotiated"
Hanno Becker2dcdc922019-04-09 18:08:47 +01001435
Hanno Beckera5a2b082019-05-15 14:03:01 +01001436requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker04ca04c2019-05-08 13:31:15 +01001437run_test "Connection ID, 3D: Cli+Srv enabled, Cli+Srv CID nonempty" \
Hanno Beckerf6fb4ea2019-05-24 10:11:23 +01001438 -p "$P_PXY drop=5 delay=5 duplicate=5 bad_cid=1" \
Hanno Becker04ca04c2019-05-08 13:31:15 +01001439 "$P_SRV debug_level=3 dtls=1 cid=1 dgram_packing=0 cid_val=dead" \
1440 "$P_CLI debug_level=3 dtls=1 cid=1 dgram_packing=0 cid_val=beef" \
1441 0 \
1442 -c "Enable use of CID extension." \
1443 -s "Enable use of CID extension." \
1444 -c "client hello, adding CID extension" \
1445 -s "found CID extension" \
1446 -s "Use of CID extension negotiated" \
1447 -s "server hello, adding CID extension" \
1448 -c "found CID extension" \
1449 -c "Use of CID extension negotiated" \
1450 -s "Copy CIDs into SSL transform" \
1451 -c "Copy CIDs into SSL transform" \
1452 -c "Peer CID (length 2 Bytes): de ad" \
1453 -s "Peer CID (length 2 Bytes): be ef" \
1454 -s "Use of Connection ID has been negotiated" \
Hanno Beckerf6fb4ea2019-05-24 10:11:23 +01001455 -c "Use of Connection ID has been negotiated" \
1456 -c "ignoring unexpected CID" \
1457 -s "ignoring unexpected CID"
Hanno Becker04ca04c2019-05-08 13:31:15 +01001458
Hanno Beckera5a2b082019-05-15 14:03:01 +01001459requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker04ca04c2019-05-08 13:31:15 +01001460run_test "Connection ID, MTU: Cli+Srv enabled, Cli+Srv CID nonempty" \
1461 -p "$P_PXY mtu=800" \
1462 "$P_SRV debug_level=3 mtu=800 dtls=1 cid=1 cid_val=dead" \
1463 "$P_CLI debug_level=3 mtu=800 dtls=1 cid=1 cid_val=beef" \
1464 0 \
1465 -c "Enable use of CID extension." \
1466 -s "Enable use of CID extension." \
1467 -c "client hello, adding CID extension" \
1468 -s "found CID extension" \
1469 -s "Use of CID extension negotiated" \
1470 -s "server hello, adding CID extension" \
1471 -c "found CID extension" \
1472 -c "Use of CID extension negotiated" \
1473 -s "Copy CIDs into SSL transform" \
1474 -c "Copy CIDs into SSL transform" \
1475 -c "Peer CID (length 2 Bytes): de ad" \
1476 -s "Peer CID (length 2 Bytes): be ef" \
1477 -s "Use of Connection ID has been negotiated" \
1478 -c "Use of Connection ID has been negotiated"
1479
Hanno Beckera5a2b082019-05-15 14:03:01 +01001480requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker04ca04c2019-05-08 13:31:15 +01001481run_test "Connection ID, 3D+MTU: Cli+Srv enabled, Cli+Srv CID nonempty" \
Hanno Beckerf6fb4ea2019-05-24 10:11:23 +01001482 -p "$P_PXY mtu=800 drop=5 delay=5 duplicate=5 bad_cid=1" \
Hanno Becker04ca04c2019-05-08 13:31:15 +01001483 "$P_SRV debug_level=3 mtu=800 dtls=1 cid=1 cid_val=dead" \
1484 "$P_CLI debug_level=3 mtu=800 dtls=1 cid=1 cid_val=beef" \
1485 0 \
1486 -c "Enable use of CID extension." \
1487 -s "Enable use of CID extension." \
1488 -c "client hello, adding CID extension" \
1489 -s "found CID extension" \
1490 -s "Use of CID extension negotiated" \
1491 -s "server hello, adding CID extension" \
1492 -c "found CID extension" \
1493 -c "Use of CID extension negotiated" \
1494 -s "Copy CIDs into SSL transform" \
1495 -c "Copy CIDs into SSL transform" \
1496 -c "Peer CID (length 2 Bytes): de ad" \
1497 -s "Peer CID (length 2 Bytes): be ef" \
1498 -s "Use of Connection ID has been negotiated" \
Hanno Beckerf6fb4ea2019-05-24 10:11:23 +01001499 -c "Use of Connection ID has been negotiated" \
1500 -c "ignoring unexpected CID" \
1501 -s "ignoring unexpected CID"
Hanno Becker04ca04c2019-05-08 13:31:15 +01001502
Hanno Beckera5a2b082019-05-15 14:03:01 +01001503requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker04ca04c2019-05-08 13:31:15 +01001504run_test "Connection ID: Cli+Srv enabled, Cli CID empty" \
Hanno Becker9dae9fd2019-04-25 16:05:45 +01001505 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
1506 "$P_CLI debug_level=3 dtls=1 cid=1" \
1507 0 \
1508 -c "Enable use of CID extension." \
Hanno Becker73455992019-04-25 17:01:43 +01001509 -s "Enable use of CID extension." \
Hanno Beckerc008cb52019-04-26 14:17:56 +01001510 -c "client hello, adding CID extension" \
1511 -s "found CID extension" \
Hanno Becker4eb05872019-04-26 16:00:29 +01001512 -s "Use of CID extension negotiated" \
Hanno Beckercf2a5652019-04-26 16:13:31 +01001513 -s "server hello, adding CID extension" \
1514 -c "found CID extension" \
Hanno Becker5e2cd142019-04-26 16:23:52 +01001515 -c "Use of CID extension negotiated" \
1516 -s "Copy CIDs into SSL transform" \
Hanno Beckerb7f9e9c2019-05-03 17:04:23 +01001517 -c "Copy CIDs into SSL transform" \
1518 -c "Peer CID (length 4 Bytes): de ad be ef" \
1519 -s "Peer CID (length 0 Bytes):" \
1520 -s "Use of Connection ID has been negotiated" \
1521 -c "Use of Connection ID has been negotiated"
Hanno Becker2dcdc922019-04-09 18:08:47 +01001522
Hanno Beckera5a2b082019-05-15 14:03:01 +01001523requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker04ca04c2019-05-08 13:31:15 +01001524run_test "Connection ID: Cli+Srv enabled, Srv CID empty" \
Hanno Becker9dae9fd2019-04-25 16:05:45 +01001525 "$P_SRV debug_level=3 dtls=1 cid=1" \
1526 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
1527 0 \
1528 -c "Enable use of CID extension." \
Hanno Becker73455992019-04-25 17:01:43 +01001529 -s "Enable use of CID extension." \
Hanno Beckerc008cb52019-04-26 14:17:56 +01001530 -c "client hello, adding CID extension" \
1531 -s "found CID extension" \
Hanno Becker4eb05872019-04-26 16:00:29 +01001532 -s "Use of CID extension negotiated" \
Hanno Beckercf2a5652019-04-26 16:13:31 +01001533 -s "server hello, adding CID extension" \
1534 -c "found CID extension" \
Hanno Becker5e2cd142019-04-26 16:23:52 +01001535 -c "Use of CID extension negotiated" \
1536 -s "Copy CIDs into SSL transform" \
Hanno Beckerb7f9e9c2019-05-03 17:04:23 +01001537 -c "Copy CIDs into SSL transform" \
1538 -s "Peer CID (length 4 Bytes): de ad be ef" \
1539 -c "Peer CID (length 0 Bytes):" \
1540 -s "Use of Connection ID has been negotiated" \
1541 -c "Use of Connection ID has been negotiated"
Hanno Becker2dcdc922019-04-09 18:08:47 +01001542
Hanno Beckera5a2b082019-05-15 14:03:01 +01001543requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker04ca04c2019-05-08 13:31:15 +01001544run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID empty" \
Hanno Becker9dae9fd2019-04-25 16:05:45 +01001545 "$P_SRV debug_level=3 dtls=1 cid=1" \
1546 "$P_CLI debug_level=3 dtls=1 cid=1" \
1547 0 \
1548 -c "Enable use of CID extension." \
Hanno Becker73455992019-04-25 17:01:43 +01001549 -s "Enable use of CID extension." \
Hanno Beckerc008cb52019-04-26 14:17:56 +01001550 -c "client hello, adding CID extension" \
1551 -s "found CID extension" \
Hanno Becker4eb05872019-04-26 16:00:29 +01001552 -s "Use of CID extension negotiated" \
Hanno Beckercf2a5652019-04-26 16:13:31 +01001553 -s "server hello, adding CID extension" \
1554 -c "found CID extension" \
Hanno Becker5e2cd142019-04-26 16:23:52 +01001555 -c "Use of CID extension negotiated" \
1556 -s "Copy CIDs into SSL transform" \
Hanno Becker6a3ff282019-04-26 17:19:46 +01001557 -c "Copy CIDs into SSL transform" \
1558 -S "Use of Connection ID has been negotiated" \
1559 -C "Use of Connection ID has been negotiated"
Hanno Becker2dcdc922019-04-09 18:08:47 +01001560
Hanno Beckera5a2b082019-05-15 14:03:01 +01001561requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker04ca04c2019-05-08 13:31:15 +01001562run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID nonempty, AES-128-CCM-8" \
Hanno Becker9dae9fd2019-04-25 16:05:45 +01001563 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead" \
1564 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
1565 0 \
1566 -c "Enable use of CID extension." \
Hanno Becker73455992019-04-25 17:01:43 +01001567 -s "Enable use of CID extension." \
Hanno Beckerc008cb52019-04-26 14:17:56 +01001568 -c "client hello, adding CID extension" \
1569 -s "found CID extension" \
Hanno Becker4eb05872019-04-26 16:00:29 +01001570 -s "Use of CID extension negotiated" \
Hanno Beckercf2a5652019-04-26 16:13:31 +01001571 -s "server hello, adding CID extension" \
1572 -c "found CID extension" \
Hanno Becker5e2cd142019-04-26 16:23:52 +01001573 -c "Use of CID extension negotiated" \
1574 -s "Copy CIDs into SSL transform" \
Hanno Beckerb7f9e9c2019-05-03 17:04:23 +01001575 -c "Copy CIDs into SSL transform" \
1576 -c "Peer CID (length 2 Bytes): de ad" \
1577 -s "Peer CID (length 2 Bytes): be ef" \
1578 -s "Use of Connection ID has been negotiated" \
1579 -c "Use of Connection ID has been negotiated"
Hanno Becker2dcdc922019-04-09 18:08:47 +01001580
Hanno Beckera5a2b082019-05-15 14:03:01 +01001581requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker04ca04c2019-05-08 13:31:15 +01001582run_test "Connection ID: Cli+Srv enabled, Cli CID empty, AES-128-CCM-8" \
Hanno Becker9dae9fd2019-04-25 16:05:45 +01001583 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
1584 "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
1585 0 \
1586 -c "Enable use of CID extension." \
Hanno Becker73455992019-04-25 17:01:43 +01001587 -s "Enable use of CID extension." \
Hanno Beckerc008cb52019-04-26 14:17:56 +01001588 -c "client hello, adding CID extension" \
1589 -s "found CID extension" \
Hanno Becker4eb05872019-04-26 16:00:29 +01001590 -s "Use of CID extension negotiated" \
Hanno Beckercf2a5652019-04-26 16:13:31 +01001591 -s "server hello, adding CID extension" \
1592 -c "found CID extension" \
Hanno Becker5e2cd142019-04-26 16:23:52 +01001593 -c "Use of CID extension negotiated" \
1594 -s "Copy CIDs into SSL transform" \
Hanno Beckerb7f9e9c2019-05-03 17:04:23 +01001595 -c "Copy CIDs into SSL transform" \
1596 -c "Peer CID (length 4 Bytes): de ad be ef" \
1597 -s "Peer CID (length 0 Bytes):" \
1598 -s "Use of Connection ID has been negotiated" \
1599 -c "Use of Connection ID has been negotiated"
Hanno Becker2dcdc922019-04-09 18:08:47 +01001600
Hanno Beckera5a2b082019-05-15 14:03:01 +01001601requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker04ca04c2019-05-08 13:31:15 +01001602run_test "Connection ID: Cli+Srv enabled, Srv CID empty, AES-128-CCM-8" \
Hanno Becker9dae9fd2019-04-25 16:05:45 +01001603 "$P_SRV debug_level=3 dtls=1 cid=1" \
1604 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
1605 0 \
1606 -c "Enable use of CID extension." \
Hanno Becker73455992019-04-25 17:01:43 +01001607 -s "Enable use of CID extension." \
Hanno Beckerc008cb52019-04-26 14:17:56 +01001608 -c "client hello, adding CID extension" \
1609 -s "found CID extension" \
Hanno Becker4eb05872019-04-26 16:00:29 +01001610 -s "Use of CID extension negotiated" \
Hanno Beckercf2a5652019-04-26 16:13:31 +01001611 -s "server hello, adding CID extension" \
1612 -c "found CID extension" \
Hanno Becker5e2cd142019-04-26 16:23:52 +01001613 -c "Use of CID extension negotiated" \
1614 -s "Copy CIDs into SSL transform" \
Hanno Beckerb7f9e9c2019-05-03 17:04:23 +01001615 -c "Copy CIDs into SSL transform" \
1616 -s "Peer CID (length 4 Bytes): de ad be ef" \
1617 -c "Peer CID (length 0 Bytes):" \
1618 -s "Use of Connection ID has been negotiated" \
1619 -c "Use of Connection ID has been negotiated"
Hanno Becker2dcdc922019-04-09 18:08:47 +01001620
Hanno Beckera5a2b082019-05-15 14:03:01 +01001621requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker04ca04c2019-05-08 13:31:15 +01001622run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID empty, AES-128-CCM-8" \
Hanno Becker9dae9fd2019-04-25 16:05:45 +01001623 "$P_SRV debug_level=3 dtls=1 cid=1" \
1624 "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
1625 0 \
1626 -c "Enable use of CID extension." \
Hanno Becker73455992019-04-25 17:01:43 +01001627 -s "Enable use of CID extension." \
Hanno Beckerc008cb52019-04-26 14:17:56 +01001628 -c "client hello, adding CID extension" \
1629 -s "found CID extension" \
Hanno Becker4eb05872019-04-26 16:00:29 +01001630 -s "Use of CID extension negotiated" \
Hanno Beckercf2a5652019-04-26 16:13:31 +01001631 -s "server hello, adding CID extension" \
1632 -c "found CID extension" \
Hanno Becker5e2cd142019-04-26 16:23:52 +01001633 -c "Use of CID extension negotiated" \
1634 -s "Copy CIDs into SSL transform" \
Hanno Becker6a3ff282019-04-26 17:19:46 +01001635 -c "Copy CIDs into SSL transform" \
1636 -S "Use of Connection ID has been negotiated" \
1637 -C "Use of Connection ID has been negotiated"
Hanno Becker2dcdc922019-04-09 18:08:47 +01001638
Hanno Beckera5a2b082019-05-15 14:03:01 +01001639requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker04ca04c2019-05-08 13:31:15 +01001640run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID nonempty, AES-128-CBC" \
Hanno Becker9dae9fd2019-04-25 16:05:45 +01001641 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead" \
1642 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
1643 0 \
1644 -c "Enable use of CID extension." \
Hanno Becker73455992019-04-25 17:01:43 +01001645 -s "Enable use of CID extension." \
Hanno Beckerc008cb52019-04-26 14:17:56 +01001646 -c "client hello, adding CID extension" \
1647 -s "found CID extension" \
Hanno Becker4eb05872019-04-26 16:00:29 +01001648 -s "Use of CID extension negotiated" \
Hanno Beckercf2a5652019-04-26 16:13:31 +01001649 -s "server hello, adding CID extension" \
1650 -c "found CID extension" \
Hanno Becker5e2cd142019-04-26 16:23:52 +01001651 -c "Use of CID extension negotiated" \
1652 -s "Copy CIDs into SSL transform" \
Hanno Beckerb7f9e9c2019-05-03 17:04:23 +01001653 -c "Copy CIDs into SSL transform" \
1654 -c "Peer CID (length 2 Bytes): de ad" \
1655 -s "Peer CID (length 2 Bytes): be ef" \
1656 -s "Use of Connection ID has been negotiated" \
1657 -c "Use of Connection ID has been negotiated"
Hanno Becker2dcdc922019-04-09 18:08:47 +01001658
Hanno Beckera5a2b082019-05-15 14:03:01 +01001659requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker04ca04c2019-05-08 13:31:15 +01001660run_test "Connection ID: Cli+Srv enabled, Cli CID empty, AES-128-CBC" \
Hanno Becker9dae9fd2019-04-25 16:05:45 +01001661 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
1662 "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
1663 0 \
1664 -c "Enable use of CID extension." \
Hanno Becker73455992019-04-25 17:01:43 +01001665 -s "Enable use of CID extension." \
Hanno Beckerc008cb52019-04-26 14:17:56 +01001666 -c "client hello, adding CID extension" \
1667 -s "found CID extension" \
Hanno Becker4eb05872019-04-26 16:00:29 +01001668 -s "Use of CID extension negotiated" \
Hanno Beckercf2a5652019-04-26 16:13:31 +01001669 -s "server hello, adding CID extension" \
1670 -c "found CID extension" \
Hanno Becker5e2cd142019-04-26 16:23:52 +01001671 -c "Use of CID extension negotiated" \
1672 -s "Copy CIDs into SSL transform" \
Hanno Beckerb7f9e9c2019-05-03 17:04:23 +01001673 -c "Copy CIDs into SSL transform" \
1674 -c "Peer CID (length 4 Bytes): de ad be ef" \
1675 -s "Peer CID (length 0 Bytes):" \
1676 -s "Use of Connection ID has been negotiated" \
1677 -c "Use of Connection ID has been negotiated"
Hanno Becker2dcdc922019-04-09 18:08:47 +01001678
Hanno Beckera5a2b082019-05-15 14:03:01 +01001679requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker04ca04c2019-05-08 13:31:15 +01001680run_test "Connection ID: Cli+Srv enabled, Srv CID empty, AES-128-CBC" \
Hanno Becker9dae9fd2019-04-25 16:05:45 +01001681 "$P_SRV debug_level=3 dtls=1 cid=1" \
1682 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
1683 0 \
1684 -c "Enable use of CID extension." \
Hanno Becker73455992019-04-25 17:01:43 +01001685 -s "Enable use of CID extension." \
Hanno Beckerc008cb52019-04-26 14:17:56 +01001686 -c "client hello, adding CID extension" \
1687 -s "found CID extension" \
Hanno Becker4eb05872019-04-26 16:00:29 +01001688 -s "Use of CID extension negotiated" \
Hanno Beckercf2a5652019-04-26 16:13:31 +01001689 -s "server hello, adding CID extension" \
1690 -c "found CID extension" \
Hanno Becker5e2cd142019-04-26 16:23:52 +01001691 -c "Use of CID extension negotiated" \
1692 -s "Copy CIDs into SSL transform" \
Hanno Beckerb7f9e9c2019-05-03 17:04:23 +01001693 -c "Copy CIDs into SSL transform" \
1694 -s "Peer CID (length 4 Bytes): de ad be ef" \
1695 -c "Peer CID (length 0 Bytes):" \
1696 -s "Use of Connection ID has been negotiated" \
1697 -c "Use of Connection ID has been negotiated"
Hanno Becker2dcdc922019-04-09 18:08:47 +01001698
Hanno Beckera5a2b082019-05-15 14:03:01 +01001699requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker04ca04c2019-05-08 13:31:15 +01001700run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID empty, AES-128-CBC" \
Hanno Becker9dae9fd2019-04-25 16:05:45 +01001701 "$P_SRV debug_level=3 dtls=1 cid=1" \
1702 "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
1703 0 \
1704 -c "Enable use of CID extension." \
Hanno Becker73455992019-04-25 17:01:43 +01001705 -s "Enable use of CID extension." \
Hanno Beckerc008cb52019-04-26 14:17:56 +01001706 -c "client hello, adding CID extension" \
1707 -s "found CID extension" \
Hanno Becker4eb05872019-04-26 16:00:29 +01001708 -s "Use of CID extension negotiated" \
Hanno Beckercf2a5652019-04-26 16:13:31 +01001709 -s "server hello, adding CID extension" \
1710 -c "found CID extension" \
Hanno Becker5e2cd142019-04-26 16:23:52 +01001711 -c "Use of CID extension negotiated" \
1712 -s "Copy CIDs into SSL transform" \
Hanno Becker6a3ff282019-04-26 17:19:46 +01001713 -c "Copy CIDs into SSL transform" \
1714 -S "Use of Connection ID has been negotiated" \
1715 -C "Use of Connection ID has been negotiated"
Hanno Becker2dcdc922019-04-09 18:08:47 +01001716
Hanno Beckera5a2b082019-05-15 14:03:01 +01001717requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker963cb352019-04-23 11:52:44 +01001718requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Hanno Becker04ca04c2019-05-08 13:31:15 +01001719run_test "Connection ID: Cli+Srv enabled, renegotiate without change of CID" \
Hanno Becker9dae9fd2019-04-25 16:05:45 +01001720 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead renegotiation=1" \
1721 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef renegotiation=1 renegotiate=1" \
1722 0 \
Hanno Becker96870292019-05-03 17:30:59 +01001723 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
1724 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
1725 -s "(initial handshake) Use of Connection ID has been negotiated" \
1726 -c "(initial handshake) Use of Connection ID has been negotiated" \
1727 -c "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
1728 -s "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
1729 -s "(after renegotiation) Use of Connection ID has been negotiated" \
1730 -c "(after renegotiation) Use of Connection ID has been negotiated"
1731
Hanno Beckera5a2b082019-05-15 14:03:01 +01001732requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker96870292019-05-03 17:30:59 +01001733requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Hanno Becker04ca04c2019-05-08 13:31:15 +01001734run_test "Connection ID: Cli+Srv enabled, renegotiate with different CID" \
Hanno Becker96870292019-05-03 17:30:59 +01001735 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead cid_val_renego=beef renegotiation=1" \
1736 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef cid_val_renego=dead renegotiation=1 renegotiate=1" \
1737 0 \
1738 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
1739 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
1740 -s "(initial handshake) Use of Connection ID has been negotiated" \
1741 -c "(initial handshake) Use of Connection ID has been negotiated" \
1742 -c "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
1743 -s "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
1744 -s "(after renegotiation) Use of Connection ID has been negotiated" \
1745 -c "(after renegotiation) Use of Connection ID has been negotiated"
1746
Hanno Beckera5a2b082019-05-15 14:03:01 +01001747requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker96870292019-05-03 17:30:59 +01001748requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Hanno Becker84bbc512019-05-08 16:20:46 +01001749run_test "Connection ID, no packing: Cli+Srv enabled, renegotiate with different CID" \
1750 "$P_SRV debug_level=3 dtls=1 cid=1 dgram_packing=0 cid_val=dead cid_val_renego=beef renegotiation=1" \
1751 "$P_CLI debug_level=3 dtls=1 cid=1 dgram_packing=0 cid_val=beef cid_val_renego=dead renegotiation=1 renegotiate=1" \
1752 0 \
1753 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
1754 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
1755 -s "(initial handshake) Use of Connection ID has been negotiated" \
1756 -c "(initial handshake) Use of Connection ID has been negotiated" \
1757 -c "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
1758 -s "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
1759 -s "(after renegotiation) Use of Connection ID has been negotiated" \
1760 -c "(after renegotiation) Use of Connection ID has been negotiated"
1761
Hanno Beckera5a2b082019-05-15 14:03:01 +01001762requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker84bbc512019-05-08 16:20:46 +01001763requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Hanno Becker04ca04c2019-05-08 13:31:15 +01001764run_test "Connection ID, 3D+MTU: Cli+Srv enabled, renegotiate with different CID" \
Hanno Beckerf6fb4ea2019-05-24 10:11:23 +01001765 -p "$P_PXY mtu=800 drop=5 delay=5 duplicate=5 bad_cid=1" \
Hanno Becker04ca04c2019-05-08 13:31:15 +01001766 "$P_SRV debug_level=3 mtu=800 dtls=1 cid=1 cid_val=dead cid_val_renego=beef renegotiation=1" \
1767 "$P_CLI debug_level=3 mtu=800 dtls=1 cid=1 cid_val=beef cid_val_renego=dead renegotiation=1 renegotiate=1" \
1768 0 \
1769 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
1770 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
1771 -s "(initial handshake) Use of Connection ID has been negotiated" \
1772 -c "(initial handshake) Use of Connection ID has been negotiated" \
1773 -c "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
1774 -s "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
1775 -s "(after renegotiation) Use of Connection ID has been negotiated" \
Hanno Beckerf6fb4ea2019-05-24 10:11:23 +01001776 -c "(after renegotiation) Use of Connection ID has been negotiated" \
1777 -c "ignoring unexpected CID" \
1778 -s "ignoring unexpected CID"
Hanno Becker04ca04c2019-05-08 13:31:15 +01001779
Hanno Beckera5a2b082019-05-15 14:03:01 +01001780requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker04ca04c2019-05-08 13:31:15 +01001781requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
1782run_test "Connection ID: Cli+Srv enabled, renegotiate without CID" \
Hanno Becker96870292019-05-03 17:30:59 +01001783 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead cid_renego=0 renegotiation=1" \
1784 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef cid_renego=0 renegotiation=1 renegotiate=1" \
1785 0 \
1786 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
1787 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
1788 -s "(initial handshake) Use of Connection ID has been negotiated" \
1789 -c "(initial handshake) Use of Connection ID has been negotiated" \
1790 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
1791 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
1792 -C "(after renegotiation) Use of Connection ID has been negotiated" \
1793 -S "(after renegotiation) Use of Connection ID has been negotiated"
1794
Hanno Beckera5a2b082019-05-15 14:03:01 +01001795requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker96870292019-05-03 17:30:59 +01001796requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Hanno Becker84bbc512019-05-08 16:20:46 +01001797run_test "Connection ID, no packing: Cli+Srv enabled, renegotiate without CID" \
1798 "$P_SRV debug_level=3 dtls=1 dgram_packing=0 cid=1 cid_val=dead cid_renego=0 renegotiation=1" \
1799 "$P_CLI debug_level=3 dtls=1 dgram_packing=0 cid=1 cid_val=beef cid_renego=0 renegotiation=1 renegotiate=1" \
1800 0 \
1801 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
1802 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
1803 -s "(initial handshake) Use of Connection ID has been negotiated" \
1804 -c "(initial handshake) Use of Connection ID has been negotiated" \
1805 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
1806 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
1807 -C "(after renegotiation) Use of Connection ID has been negotiated" \
1808 -S "(after renegotiation) Use of Connection ID has been negotiated"
1809
Hanno Beckera5a2b082019-05-15 14:03:01 +01001810requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker84bbc512019-05-08 16:20:46 +01001811requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Hanno Becker04ca04c2019-05-08 13:31:15 +01001812run_test "Connection ID, 3D+MTU: Cli+Srv enabled, renegotiate without CID" \
Hanno Beckerf6fb4ea2019-05-24 10:11:23 +01001813 -p "$P_PXY drop=5 delay=5 duplicate=5 bad_cid=1" \
Hanno Becker04ca04c2019-05-08 13:31:15 +01001814 "$P_SRV debug_level=3 mtu=800 dtls=1 cid=1 cid_val=dead cid_renego=0 renegotiation=1" \
1815 "$P_CLI debug_level=3 mtu=800 dtls=1 cid=1 cid_val=beef cid_renego=0 renegotiation=1 renegotiate=1" \
1816 0 \
1817 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
1818 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
1819 -s "(initial handshake) Use of Connection ID has been negotiated" \
1820 -c "(initial handshake) Use of Connection ID has been negotiated" \
1821 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
1822 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
1823 -C "(after renegotiation) Use of Connection ID has been negotiated" \
Hanno Beckerf6fb4ea2019-05-24 10:11:23 +01001824 -S "(after renegotiation) Use of Connection ID has been negotiated" \
1825 -c "ignoring unexpected CID" \
1826 -s "ignoring unexpected CID"
Hanno Becker04ca04c2019-05-08 13:31:15 +01001827
Hanno Beckera5a2b082019-05-15 14:03:01 +01001828requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker04ca04c2019-05-08 13:31:15 +01001829requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
1830run_test "Connection ID: Cli+Srv enabled, CID on renegotiation" \
Hanno Becker96870292019-05-03 17:30:59 +01001831 "$P_SRV debug_level=3 dtls=1 cid=0 cid_renego=1 cid_val_renego=dead renegotiation=1" \
1832 "$P_CLI debug_level=3 dtls=1 cid=0 cid_renego=1 cid_val_renego=beef renegotiation=1 renegotiate=1" \
1833 0 \
1834 -S "(initial handshake) Use of Connection ID has been negotiated" \
1835 -C "(initial handshake) Use of Connection ID has been negotiated" \
1836 -c "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
1837 -s "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
1838 -c "(after renegotiation) Use of Connection ID has been negotiated" \
1839 -s "(after renegotiation) Use of Connection ID has been negotiated"
1840
Hanno Beckera5a2b082019-05-15 14:03:01 +01001841requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker96870292019-05-03 17:30:59 +01001842requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Hanno Becker84bbc512019-05-08 16:20:46 +01001843run_test "Connection ID, no packing: Cli+Srv enabled, CID on renegotiation" \
1844 "$P_SRV debug_level=3 dtls=1 dgram_packing=0 cid=0 cid_renego=1 cid_val_renego=dead renegotiation=1" \
1845 "$P_CLI debug_level=3 dtls=1 dgram_packing=0 cid=0 cid_renego=1 cid_val_renego=beef renegotiation=1 renegotiate=1" \
1846 0 \
1847 -S "(initial handshake) Use of Connection ID has been negotiated" \
1848 -C "(initial handshake) Use of Connection ID has been negotiated" \
1849 -c "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
1850 -s "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
1851 -c "(after renegotiation) Use of Connection ID has been negotiated" \
1852 -s "(after renegotiation) Use of Connection ID has been negotiated"
1853
Hanno Beckera5a2b082019-05-15 14:03:01 +01001854requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker84bbc512019-05-08 16:20:46 +01001855requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Hanno Becker04ca04c2019-05-08 13:31:15 +01001856run_test "Connection ID, 3D+MTU: Cli+Srv enabled, CID on renegotiation" \
Hanno Beckerf6fb4ea2019-05-24 10:11:23 +01001857 -p "$P_PXY mtu=800 drop=5 delay=5 duplicate=5 bad_cid=1" \
Hanno Becker04ca04c2019-05-08 13:31:15 +01001858 "$P_SRV debug_level=3 mtu=800 dtls=1 dgram_packing=1 cid=0 cid_renego=1 cid_val_renego=dead renegotiation=1" \
1859 "$P_CLI debug_level=3 mtu=800 dtls=1 dgram_packing=1 cid=0 cid_renego=1 cid_val_renego=beef renegotiation=1 renegotiate=1" \
1860 0 \
1861 -S "(initial handshake) Use of Connection ID has been negotiated" \
1862 -C "(initial handshake) Use of Connection ID has been negotiated" \
1863 -c "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
1864 -s "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
1865 -c "(after renegotiation) Use of Connection ID has been negotiated" \
Hanno Beckerf6fb4ea2019-05-24 10:11:23 +01001866 -s "(after renegotiation) Use of Connection ID has been negotiated" \
1867 -c "ignoring unexpected CID" \
1868 -s "ignoring unexpected CID"
Hanno Becker04ca04c2019-05-08 13:31:15 +01001869
Hanno Beckera5a2b082019-05-15 14:03:01 +01001870requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker04ca04c2019-05-08 13:31:15 +01001871requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
1872run_test "Connection ID: Cli+Srv enabled, Cli disables on renegotiation" \
Hanno Becker96870292019-05-03 17:30:59 +01001873 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead renegotiation=1" \
1874 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef cid_renego=0 renegotiation=1 renegotiate=1" \
1875 0 \
1876 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
1877 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
1878 -s "(initial handshake) Use of Connection ID has been negotiated" \
1879 -c "(initial handshake) Use of Connection ID has been negotiated" \
1880 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
1881 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
1882 -C "(after renegotiation) Use of Connection ID has been negotiated" \
1883 -S "(after renegotiation) Use of Connection ID has been negotiated" \
1884 -s "(after renegotiation) Use of Connection ID was not offered by client"
1885
Hanno Beckera5a2b082019-05-15 14:03:01 +01001886requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker96870292019-05-03 17:30:59 +01001887requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Hanno Becker04ca04c2019-05-08 13:31:15 +01001888run_test "Connection ID, 3D: Cli+Srv enabled, Cli disables on renegotiation" \
Hanno Beckerf6fb4ea2019-05-24 10:11:23 +01001889 -p "$P_PXY drop=5 delay=5 duplicate=5 bad_cid=1" \
Hanno Becker04ca04c2019-05-08 13:31:15 +01001890 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead renegotiation=1" \
1891 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef cid_renego=0 renegotiation=1 renegotiate=1" \
1892 0 \
1893 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
1894 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
1895 -s "(initial handshake) Use of Connection ID has been negotiated" \
1896 -c "(initial handshake) Use of Connection ID has been negotiated" \
1897 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
1898 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
1899 -C "(after renegotiation) Use of Connection ID has been negotiated" \
1900 -S "(after renegotiation) Use of Connection ID has been negotiated" \
Hanno Beckerf6fb4ea2019-05-24 10:11:23 +01001901 -s "(after renegotiation) Use of Connection ID was not offered by client" \
1902 -c "ignoring unexpected CID" \
1903 -s "ignoring unexpected CID"
Hanno Becker04ca04c2019-05-08 13:31:15 +01001904
Hanno Beckera5a2b082019-05-15 14:03:01 +01001905requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker04ca04c2019-05-08 13:31:15 +01001906requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
1907run_test "Connection ID: Cli+Srv enabled, Srv disables on renegotiation" \
1908 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead cid_renego=0 renegotiation=1" \
1909 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef renegotiation=1 renegotiate=1" \
1910 0 \
1911 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
1912 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
1913 -s "(initial handshake) Use of Connection ID has been negotiated" \
1914 -c "(initial handshake) Use of Connection ID has been negotiated" \
1915 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
1916 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
1917 -C "(after renegotiation) Use of Connection ID has been negotiated" \
1918 -S "(after renegotiation) Use of Connection ID has been negotiated" \
1919 -c "(after renegotiation) Use of Connection ID was rejected by the server"
1920
Hanno Beckera5a2b082019-05-15 14:03:01 +01001921requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker04ca04c2019-05-08 13:31:15 +01001922requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
1923run_test "Connection ID, 3D: Cli+Srv enabled, Srv disables on renegotiation" \
Hanno Beckerf6fb4ea2019-05-24 10:11:23 +01001924 -p "$P_PXY drop=5 delay=5 duplicate=5 bad_cid=1" \
Hanno Becker96870292019-05-03 17:30:59 +01001925 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead cid_renego=0 renegotiation=1" \
1926 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef renegotiation=1 renegotiate=1" \
1927 0 \
1928 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
1929 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
1930 -s "(initial handshake) Use of Connection ID has been negotiated" \
1931 -c "(initial handshake) Use of Connection ID has been negotiated" \
1932 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
1933 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
1934 -C "(after renegotiation) Use of Connection ID has been negotiated" \
1935 -S "(after renegotiation) Use of Connection ID has been negotiated" \
Hanno Beckerf6fb4ea2019-05-24 10:11:23 +01001936 -c "(after renegotiation) Use of Connection ID was rejected by the server" \
1937 -c "ignoring unexpected CID" \
1938 -s "ignoring unexpected CID"
Hanno Becker2dcdc922019-04-09 18:08:47 +01001939
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01001940# Tests for Encrypt-then-MAC extension
1941
1942run_test "Encrypt then MAC: default" \
Manuel Pégourié-Gonnard0098e7d2014-10-28 13:08:59 +01001943 "$P_SRV debug_level=3 \
1944 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01001945 "$P_CLI debug_level=3" \
1946 0 \
1947 -c "client hello, adding encrypt_then_mac extension" \
1948 -s "found encrypt then mac extension" \
1949 -s "server hello, adding encrypt then mac extension" \
1950 -c "found encrypt_then_mac extension" \
1951 -c "using encrypt then mac" \
1952 -s "using encrypt then mac"
1953
1954run_test "Encrypt then MAC: client enabled, server disabled" \
Manuel Pégourié-Gonnard0098e7d2014-10-28 13:08:59 +01001955 "$P_SRV debug_level=3 etm=0 \
1956 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01001957 "$P_CLI debug_level=3 etm=1" \
1958 0 \
1959 -c "client hello, adding encrypt_then_mac extension" \
1960 -s "found encrypt then mac extension" \
1961 -S "server hello, adding encrypt then mac extension" \
1962 -C "found encrypt_then_mac extension" \
1963 -C "using encrypt then mac" \
1964 -S "using encrypt then mac"
1965
Manuel Pégourié-Gonnard78e745f2014-11-04 15:44:06 +01001966run_test "Encrypt then MAC: client enabled, aead cipher" \
1967 "$P_SRV debug_level=3 etm=1 \
1968 force_ciphersuite=TLS-RSA-WITH-AES-128-GCM-SHA256" \
1969 "$P_CLI debug_level=3 etm=1" \
1970 0 \
1971 -c "client hello, adding encrypt_then_mac extension" \
1972 -s "found encrypt then mac extension" \
1973 -S "server hello, adding encrypt then mac extension" \
1974 -C "found encrypt_then_mac extension" \
1975 -C "using encrypt then mac" \
1976 -S "using encrypt then mac"
1977
1978run_test "Encrypt then MAC: client enabled, stream cipher" \
1979 "$P_SRV debug_level=3 etm=1 \
1980 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01001981 "$P_CLI debug_level=3 etm=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnard78e745f2014-11-04 15:44:06 +01001982 0 \
1983 -c "client hello, adding encrypt_then_mac extension" \
1984 -s "found encrypt then mac extension" \
1985 -S "server hello, adding encrypt then mac extension" \
1986 -C "found encrypt_then_mac extension" \
1987 -C "using encrypt then mac" \
1988 -S "using encrypt then mac"
1989
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01001990run_test "Encrypt then MAC: client disabled, server enabled" \
Manuel Pégourié-Gonnard0098e7d2014-10-28 13:08:59 +01001991 "$P_SRV debug_level=3 etm=1 \
1992 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01001993 "$P_CLI debug_level=3 etm=0" \
1994 0 \
1995 -C "client hello, adding encrypt_then_mac extension" \
1996 -S "found encrypt then mac extension" \
1997 -S "server hello, adding encrypt then mac extension" \
1998 -C "found encrypt_then_mac extension" \
1999 -C "using encrypt then mac" \
2000 -S "using encrypt then mac"
2001
Janos Follathe2681a42016-03-07 15:57:05 +00002002requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01002003run_test "Encrypt then MAC: client SSLv3, server enabled" \
Manuel Pégourié-Gonnard51d81662015-01-14 17:20:46 +01002004 "$P_SRV debug_level=3 min_version=ssl3 \
Manuel Pégourié-Gonnard0098e7d2014-10-28 13:08:59 +01002005 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01002006 "$P_CLI debug_level=3 force_version=ssl3" \
2007 0 \
2008 -C "client hello, adding encrypt_then_mac extension" \
2009 -S "found encrypt then mac extension" \
2010 -S "server hello, adding encrypt then mac extension" \
2011 -C "found encrypt_then_mac extension" \
2012 -C "using encrypt then mac" \
2013 -S "using encrypt then mac"
2014
Janos Follathe2681a42016-03-07 15:57:05 +00002015requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01002016run_test "Encrypt then MAC: client enabled, server SSLv3" \
Manuel Pégourié-Gonnard0098e7d2014-10-28 13:08:59 +01002017 "$P_SRV debug_level=3 force_version=ssl3 \
2018 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
Manuel Pégourié-Gonnard51d81662015-01-14 17:20:46 +01002019 "$P_CLI debug_level=3 min_version=ssl3" \
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01002020 0 \
2021 -c "client hello, adding encrypt_then_mac extension" \
Janos Follath00efff72016-05-06 13:48:23 +01002022 -S "found encrypt then mac extension" \
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01002023 -S "server hello, adding encrypt then mac extension" \
2024 -C "found encrypt_then_mac extension" \
2025 -C "using encrypt then mac" \
2026 -S "using encrypt then mac"
2027
Manuel Pégourié-Gonnard367381f2014-10-20 18:40:56 +02002028# Tests for Extended Master Secret extension
2029
Jarno Lamsa31d940b2019-06-12 10:21:33 +03002030run_test "Extended Master Secret: default (not enforcing)" \
Hanno Beckeraf5ab912019-06-21 12:59:46 +01002031 "$P_SRV debug_level=3 extended_ms=1 enforce_extended_master_secret=0 " \
2032 "$P_CLI debug_level=3 extended_ms=1 enforce_extended_master_secret=0" \
Jarno Lamsa31d940b2019-06-12 10:21:33 +03002033 0 \
2034 -c "client hello, adding extended_master_secret extension" \
2035 -s "found extended master secret extension" \
2036 -s "server hello, adding extended master secret extension" \
2037 -c "found extended_master_secret extension" \
2038 -c "session hash for extended master secret" \
2039 -s "session hash for extended master secret"
2040
2041run_test "Extended Master Secret: both enabled, both enforcing" \
Hanno Beckeraf5ab912019-06-21 12:59:46 +01002042 "$P_SRV debug_level=3 extended_ms=1 enforce_extended_master_secret=1" \
2043 "$P_CLI debug_level=3 extended_ms=1 enforce_extended_master_secret=1" \
Jarno Lamsa41b35912019-06-10 15:51:11 +03002044 0 \
2045 -c "client hello, adding extended_master_secret extension" \
2046 -s "found extended master secret extension" \
2047 -s "server hello, adding extended master secret extension" \
2048 -c "found extended_master_secret extension" \
2049 -c "session hash for extended master secret" \
2050 -s "session hash for extended master secret"
2051
Jarno Lamsa20095af2019-06-11 17:16:58 +03002052run_test "Extended Master Secret: both enabled, client enforcing" \
Hanno Beckeraf5ab912019-06-21 12:59:46 +01002053 "$P_SRV debug_level=3 extended_ms=1 enforce_extended_master_secret=0" \
2054 "$P_CLI debug_level=3 extended_ms=1 enforce_extended_master_secret=1" \
Jarno Lamsa20095af2019-06-11 17:16:58 +03002055 0 \
2056 -c "client hello, adding extended_master_secret extension" \
2057 -s "found extended master secret extension" \
2058 -s "server hello, adding extended master secret extension" \
2059 -c "found extended_master_secret extension" \
2060 -c "session hash for extended master secret" \
2061 -s "session hash for extended master secret"
2062
2063run_test "Extended Master Secret: both enabled, server enforcing" \
Hanno Beckeraf5ab912019-06-21 12:59:46 +01002064 "$P_SRV debug_level=3 extended_ms=1 enforce_extended_master_secret=1" \
2065 "$P_CLI debug_level=3 extended_ms=1 enforce_extended_master_secret=0" \
Jarno Lamsa20095af2019-06-11 17:16:58 +03002066 0 \
2067 -c "client hello, adding extended_master_secret extension" \
2068 -s "found extended master secret extension" \
2069 -s "server hello, adding extended master secret extension" \
2070 -c "found extended_master_secret extension" \
2071 -c "session hash for extended master secret" \
2072 -s "session hash for extended master secret"
2073
2074run_test "Extended Master Secret: client enabled, server disabled, client enforcing" \
Hanno Beckeraf5ab912019-06-21 12:59:46 +01002075 "$P_SRV debug_level=3 extended_ms=0 enforce_extended_master_secret=0" \
Jarno Lamsa41b35912019-06-10 15:51:11 +03002076 "$P_CLI debug_level=3 extended_ms=1 enforce_extended_master_secret=1" \
2077 1 \
2078 -c "client hello, adding extended_master_secret extension" \
2079 -s "found extended master secret extension" \
2080 -S "server hello, adding extended master secret extension" \
2081 -C "found extended_master_secret extension" \
2082 -c "Peer not offering extended master secret, while it is enforced"
2083
Jarno Lamsa20095af2019-06-11 17:16:58 +03002084run_test "Extended Master Secret enforced: client disabled, server enabled, server enforcing" \
Jarno Lamsa41b35912019-06-10 15:51:11 +03002085 "$P_SRV debug_level=3 extended_ms=1 enforce_extended_master_secret=1" \
Hanno Beckeraf5ab912019-06-21 12:59:46 +01002086 "$P_CLI debug_level=3 extended_ms=0 enforce_extended_master_secret=0" \
Jarno Lamsa41b35912019-06-10 15:51:11 +03002087 1 \
2088 -C "client hello, adding extended_master_secret extension" \
2089 -S "found extended master secret extension" \
2090 -S "server hello, adding extended master secret extension" \
2091 -C "found extended_master_secret extension" \
2092 -s "Peer not offering extended master secret, while it is enforced"
2093
Jarno Lamsa20095af2019-06-11 17:16:58 +03002094run_test "Extended Master Secret: client enabled, server disabled, not enforcing" \
Hanno Beckeraf5ab912019-06-21 12:59:46 +01002095 "$P_SRV debug_level=3 extended_ms=0 enforce_extended_master_secret=0" \
2096 "$P_CLI debug_level=3 extended_ms=1 enforce_extended_master_secret=0" \
Manuel Pégourié-Gonnard367381f2014-10-20 18:40:56 +02002097 0 \
2098 -c "client hello, adding extended_master_secret extension" \
2099 -s "found extended master secret extension" \
2100 -S "server hello, adding extended master secret extension" \
2101 -C "found extended_master_secret extension" \
Manuel Pégourié-Gonnard9c5bcc92019-05-20 12:09:50 +02002102 -C "session hash for extended master secret" \
2103 -S "session hash for extended master secret"
Manuel Pégourié-Gonnard367381f2014-10-20 18:40:56 +02002104
Jarno Lamsa20095af2019-06-11 17:16:58 +03002105run_test "Extended Master Secret: client disabled, server enabled, not enforcing" \
Hanno Beckeraf5ab912019-06-21 12:59:46 +01002106 "$P_SRV debug_level=3 extended_ms=1 enforce_extended_master_secret=0" \
2107 "$P_CLI debug_level=3 extended_ms=0 enforce_extended_master_secret=0" \
Manuel Pégourié-Gonnard367381f2014-10-20 18:40:56 +02002108 0 \
2109 -C "client hello, adding extended_master_secret extension" \
2110 -S "found extended master secret extension" \
2111 -S "server hello, adding extended master secret extension" \
2112 -C "found extended_master_secret extension" \
Manuel Pégourié-Gonnard9c5bcc92019-05-20 12:09:50 +02002113 -C "session hash for extended master secret" \
2114 -S "session hash for extended master secret"
Manuel Pégourié-Gonnard367381f2014-10-20 18:40:56 +02002115
Jarno Lamsa20095af2019-06-11 17:16:58 +03002116run_test "Extended Master Secret: client disabled, server disabled" \
Hanno Beckeraf5ab912019-06-21 12:59:46 +01002117 "$P_SRV debug_level=3 extended_ms=0 enforce_extended_master_secret=0" \
2118 "$P_CLI debug_level=3 extended_ms=0 enforce_extended_master_secret=0" \
Jarno Lamsa20095af2019-06-11 17:16:58 +03002119 0 \
2120 -C "client hello, adding extended_master_secret extension" \
2121 -S "found extended master secret extension" \
2122 -S "server hello, adding extended master secret extension" \
2123 -C "found extended_master_secret extension" \
2124 -C "session hash for extended master secret" \
2125 -S "session hash for extended master secret"
2126
Janos Follathe2681a42016-03-07 15:57:05 +00002127requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Manuel Pégourié-Gonnardb575b542014-10-24 15:12:31 +02002128run_test "Extended Master Secret: client SSLv3, server enabled" \
Hanno Beckeraf5ab912019-06-21 12:59:46 +01002129 "$P_SRV debug_level=3 min_version=ssl3 extended_ms=1 enforce_extended_master_secret=0" \
2130 "$P_CLI debug_level=3 force_version=ssl3 extended_ms=1 enforce_extended_master_secret=0" \
Manuel Pégourié-Gonnardb575b542014-10-24 15:12:31 +02002131 0 \
2132 -C "client hello, adding extended_master_secret extension" \
2133 -S "found extended master secret extension" \
2134 -S "server hello, adding extended master secret extension" \
2135 -C "found extended_master_secret extension" \
Manuel Pégourié-Gonnard9c5bcc92019-05-20 12:09:50 +02002136 -C "session hash for extended master secret" \
2137 -S "session hash for extended master secret"
Manuel Pégourié-Gonnardb575b542014-10-24 15:12:31 +02002138
Janos Follathe2681a42016-03-07 15:57:05 +00002139requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Manuel Pégourié-Gonnardb575b542014-10-24 15:12:31 +02002140run_test "Extended Master Secret: client enabled, server SSLv3" \
Hanno Beckeraf5ab912019-06-21 12:59:46 +01002141 "$P_SRV debug_level=3 force_version=ssl3 extended_ms=1 enforce_extended_master_secret=0" \
2142 "$P_CLI debug_level=3 min_version=ssl3 extended_ms=1 enforce_extended_master_secret=0" \
Manuel Pégourié-Gonnardb575b542014-10-24 15:12:31 +02002143 0 \
2144 -c "client hello, adding extended_master_secret extension" \
Janos Follath00efff72016-05-06 13:48:23 +01002145 -S "found extended master secret extension" \
Manuel Pégourié-Gonnardb575b542014-10-24 15:12:31 +02002146 -S "server hello, adding extended master secret extension" \
2147 -C "found extended_master_secret extension" \
Manuel Pégourié-Gonnard9c5bcc92019-05-20 12:09:50 +02002148 -C "session hash for extended master secret" \
2149 -S "session hash for extended master secret"
Manuel Pégourié-Gonnardb575b542014-10-24 15:12:31 +02002150
Manuel Pégourié-Gonnard1cbd39d2014-10-20 13:34:59 +02002151# Tests for FALLBACK_SCSV
2152
2153run_test "Fallback SCSV: default" \
Manuel Pégourié-Gonnard4268ae02015-08-04 12:44:10 +02002154 "$P_SRV debug_level=2" \
Manuel Pégourié-Gonnard1cbd39d2014-10-20 13:34:59 +02002155 "$P_CLI debug_level=3 force_version=tls1_1" \
2156 0 \
2157 -C "adding FALLBACK_SCSV" \
Manuel Pégourié-Gonnard01b26992014-10-20 14:05:28 +02002158 -S "received FALLBACK_SCSV" \
2159 -S "inapropriate fallback" \
Manuel Pégourié-Gonnard1cbd39d2014-10-20 13:34:59 +02002160 -C "is a fatal alert message (msg 86)"
2161
2162run_test "Fallback SCSV: explicitly disabled" \
Manuel Pégourié-Gonnard4268ae02015-08-04 12:44:10 +02002163 "$P_SRV debug_level=2" \
Manuel Pégourié-Gonnard1cbd39d2014-10-20 13:34:59 +02002164 "$P_CLI debug_level=3 force_version=tls1_1 fallback=0" \
2165 0 \
2166 -C "adding FALLBACK_SCSV" \
Manuel Pégourié-Gonnard01b26992014-10-20 14:05:28 +02002167 -S "received FALLBACK_SCSV" \
2168 -S "inapropriate fallback" \
Manuel Pégourié-Gonnard1cbd39d2014-10-20 13:34:59 +02002169 -C "is a fatal alert message (msg 86)"
2170
2171run_test "Fallback SCSV: enabled" \
Manuel Pégourié-Gonnard4268ae02015-08-04 12:44:10 +02002172 "$P_SRV debug_level=2" \
Manuel Pégourié-Gonnard1cbd39d2014-10-20 13:34:59 +02002173 "$P_CLI debug_level=3 force_version=tls1_1 fallback=1" \
Manuel Pégourié-Gonnard01b26992014-10-20 14:05:28 +02002174 1 \
2175 -c "adding FALLBACK_SCSV" \
2176 -s "received FALLBACK_SCSV" \
2177 -s "inapropriate fallback" \
2178 -c "is a fatal alert message (msg 86)"
2179
2180run_test "Fallback SCSV: enabled, max version" \
Manuel Pégourié-Gonnard4268ae02015-08-04 12:44:10 +02002181 "$P_SRV debug_level=2" \
Manuel Pégourié-Gonnard01b26992014-10-20 14:05:28 +02002182 "$P_CLI debug_level=3 fallback=1" \
Manuel Pégourié-Gonnard1cbd39d2014-10-20 13:34:59 +02002183 0 \
2184 -c "adding FALLBACK_SCSV" \
Manuel Pégourié-Gonnard01b26992014-10-20 14:05:28 +02002185 -s "received FALLBACK_SCSV" \
2186 -S "inapropriate fallback" \
Manuel Pégourié-Gonnard1cbd39d2014-10-20 13:34:59 +02002187 -C "is a fatal alert message (msg 86)"
2188
2189requires_openssl_with_fallback_scsv
2190run_test "Fallback SCSV: default, openssl server" \
2191 "$O_SRV" \
2192 "$P_CLI debug_level=3 force_version=tls1_1 fallback=0" \
2193 0 \
2194 -C "adding FALLBACK_SCSV" \
2195 -C "is a fatal alert message (msg 86)"
2196
2197requires_openssl_with_fallback_scsv
2198run_test "Fallback SCSV: enabled, openssl server" \
2199 "$O_SRV" \
2200 "$P_CLI debug_level=3 force_version=tls1_1 fallback=1" \
2201 1 \
2202 -c "adding FALLBACK_SCSV" \
2203 -c "is a fatal alert message (msg 86)"
2204
Manuel Pégourié-Gonnard01b26992014-10-20 14:05:28 +02002205requires_openssl_with_fallback_scsv
2206run_test "Fallback SCSV: disabled, openssl client" \
Manuel Pégourié-Gonnard4268ae02015-08-04 12:44:10 +02002207 "$P_SRV debug_level=2" \
Manuel Pégourié-Gonnard01b26992014-10-20 14:05:28 +02002208 "$O_CLI -tls1_1" \
2209 0 \
2210 -S "received FALLBACK_SCSV" \
2211 -S "inapropriate fallback"
2212
2213requires_openssl_with_fallback_scsv
2214run_test "Fallback SCSV: enabled, openssl client" \
Manuel Pégourié-Gonnard4268ae02015-08-04 12:44:10 +02002215 "$P_SRV debug_level=2" \
Manuel Pégourié-Gonnard01b26992014-10-20 14:05:28 +02002216 "$O_CLI -tls1_1 -fallback_scsv" \
2217 1 \
2218 -s "received FALLBACK_SCSV" \
2219 -s "inapropriate fallback"
2220
2221requires_openssl_with_fallback_scsv
2222run_test "Fallback SCSV: enabled, max version, openssl client" \
Manuel Pégourié-Gonnard4268ae02015-08-04 12:44:10 +02002223 "$P_SRV debug_level=2" \
Manuel Pégourié-Gonnard01b26992014-10-20 14:05:28 +02002224 "$O_CLI -fallback_scsv" \
2225 0 \
2226 -s "received FALLBACK_SCSV" \
2227 -S "inapropriate fallback"
2228
Andres Amaya Garcia4c761fa2018-07-10 20:08:04 +01002229# Test sending and receiving empty application data records
2230
2231run_test "Encrypt then MAC: empty application data record" \
2232 "$P_SRV auth_mode=none debug_level=4 etm=1" \
2233 "$P_CLI auth_mode=none etm=1 request_size=0 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
2234 0 \
2235 -S "0000: 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f" \
2236 -s "dumping 'input payload after decrypt' (0 bytes)" \
2237 -c "0 bytes written in 1 fragments"
2238
2239run_test "Default, no Encrypt then MAC: empty application data record" \
2240 "$P_SRV auth_mode=none debug_level=4 etm=0" \
2241 "$P_CLI auth_mode=none etm=0 request_size=0" \
2242 0 \
2243 -s "dumping 'input payload after decrypt' (0 bytes)" \
2244 -c "0 bytes written in 1 fragments"
2245
2246run_test "Encrypt then MAC, DTLS: empty application data record" \
2247 "$P_SRV auth_mode=none debug_level=4 etm=1 dtls=1" \
2248 "$P_CLI auth_mode=none etm=1 request_size=0 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA dtls=1" \
2249 0 \
2250 -S "0000: 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f" \
2251 -s "dumping 'input payload after decrypt' (0 bytes)" \
2252 -c "0 bytes written in 1 fragments"
2253
2254run_test "Default, no Encrypt then MAC, DTLS: empty application data record" \
2255 "$P_SRV auth_mode=none debug_level=4 etm=0 dtls=1" \
2256 "$P_CLI auth_mode=none etm=0 request_size=0 dtls=1" \
2257 0 \
2258 -s "dumping 'input payload after decrypt' (0 bytes)" \
2259 -c "0 bytes written in 1 fragments"
2260
Gilles Peskined50177f2017-05-16 17:53:03 +02002261## ClientHello generated with
2262## "openssl s_client -CAfile tests/data_files/test-ca.crt -tls1_1 -connect localhost:4433 -cipher ..."
2263## then manually twiddling the ciphersuite list.
2264## The ClientHello content is spelled out below as a hex string as
2265## "prefix ciphersuite1 ciphersuite2 ciphersuite3 ciphersuite4 suffix".
2266## The expected response is an inappropriate_fallback alert.
2267requires_openssl_with_fallback_scsv
2268run_test "Fallback SCSV: beginning of list" \
2269 "$P_SRV debug_level=2" \
2270 "$TCP_CLIENT localhost $SRV_PORT '160301003e0100003a03022aafb94308dc22ca1086c65acc00e414384d76b61ecab37df1633b1ae1034dbe000008 5600 0031 0032 0033 0100000900230000000f000101' '15030200020256'" \
2271 0 \
2272 -s "received FALLBACK_SCSV" \
2273 -s "inapropriate fallback"
2274
2275requires_openssl_with_fallback_scsv
2276run_test "Fallback SCSV: end of list" \
2277 "$P_SRV debug_level=2" \
2278 "$TCP_CLIENT localhost $SRV_PORT '160301003e0100003a03022aafb94308dc22ca1086c65acc00e414384d76b61ecab37df1633b1ae1034dbe000008 0031 0032 0033 5600 0100000900230000000f000101' '15030200020256'" \
2279 0 \
2280 -s "received FALLBACK_SCSV" \
2281 -s "inapropriate fallback"
2282
2283## Here the expected response is a valid ServerHello prefix, up to the random.
Manuel Pégourié-Gonnardf1c6ad42019-07-01 10:13:04 +02002284## Due to the way the clienthello was generated, this currently needs the
2285## server to have support for session tickets.
2286requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
Gilles Peskined50177f2017-05-16 17:53:03 +02002287requires_openssl_with_fallback_scsv
2288run_test "Fallback SCSV: not in list" \
2289 "$P_SRV debug_level=2" \
2290 "$TCP_CLIENT localhost $SRV_PORT '160301003e0100003a03022aafb94308dc22ca1086c65acc00e414384d76b61ecab37df1633b1ae1034dbe000008 0056 0031 0032 0033 0100000900230000000f000101' '16030200300200002c0302'" \
2291 0 \
2292 -S "received FALLBACK_SCSV" \
2293 -S "inapropriate fallback"
2294
Manuel Pégourié-Gonnard3ff78232015-01-08 11:15:09 +01002295# Tests for CBC 1/n-1 record splitting
2296
2297run_test "CBC Record splitting: TLS 1.2, no splitting" \
2298 "$P_SRV" \
2299 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \
2300 request_size=123 force_version=tls1_2" \
2301 0 \
2302 -s "Read from client: 123 bytes read" \
2303 -S "Read from client: 1 bytes read" \
2304 -S "122 bytes read"
2305
2306run_test "CBC Record splitting: TLS 1.1, no splitting" \
2307 "$P_SRV" \
2308 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \
2309 request_size=123 force_version=tls1_1" \
2310 0 \
2311 -s "Read from client: 123 bytes read" \
2312 -S "Read from client: 1 bytes read" \
2313 -S "122 bytes read"
2314
2315run_test "CBC Record splitting: TLS 1.0, splitting" \
2316 "$P_SRV" \
2317 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \
2318 request_size=123 force_version=tls1" \
2319 0 \
2320 -S "Read from client: 123 bytes read" \
2321 -s "Read from client: 1 bytes read" \
2322 -s "122 bytes read"
2323
Janos Follathe2681a42016-03-07 15:57:05 +00002324requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Manuel Pégourié-Gonnard3ff78232015-01-08 11:15:09 +01002325run_test "CBC Record splitting: SSLv3, splitting" \
Manuel Pégourié-Gonnard51d81662015-01-14 17:20:46 +01002326 "$P_SRV min_version=ssl3" \
Manuel Pégourié-Gonnard3ff78232015-01-08 11:15:09 +01002327 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \
2328 request_size=123 force_version=ssl3" \
2329 0 \
2330 -S "Read from client: 123 bytes read" \
2331 -s "Read from client: 1 bytes read" \
2332 -s "122 bytes read"
2333
2334run_test "CBC Record splitting: TLS 1.0 RC4, no splitting" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01002335 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnard3ff78232015-01-08 11:15:09 +01002336 "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
2337 request_size=123 force_version=tls1" \
2338 0 \
2339 -s "Read from client: 123 bytes read" \
2340 -S "Read from client: 1 bytes read" \
2341 -S "122 bytes read"
2342
2343run_test "CBC Record splitting: TLS 1.0, splitting disabled" \
2344 "$P_SRV" \
2345 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \
2346 request_size=123 force_version=tls1 recsplit=0" \
2347 0 \
2348 -s "Read from client: 123 bytes read" \
2349 -S "Read from client: 1 bytes read" \
2350 -S "122 bytes read"
2351
Manuel Pégourié-Gonnarda852cf42015-01-13 20:56:15 +01002352run_test "CBC Record splitting: TLS 1.0, splitting, nbio" \
2353 "$P_SRV nbio=2" \
2354 "$P_CLI nbio=2 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \
2355 request_size=123 force_version=tls1" \
2356 0 \
2357 -S "Read from client: 123 bytes read" \
2358 -s "Read from client: 1 bytes read" \
2359 -s "122 bytes read"
2360
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01002361# Tests for Session Tickets
2362
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002363requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
Jarno Lamsa5b52b272019-06-19 10:21:37 +03002364requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002365run_test "Session resume using tickets: basic" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002366 "$P_SRV debug_level=3 tickets=1" \
2367 "$P_CLI debug_level=3 tickets=1 reconnect=1" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +01002368 0 \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +01002369 -c "client hello, adding session ticket extension" \
2370 -s "found session ticket extension" \
2371 -s "server hello, adding session ticket extension" \
2372 -c "found session_ticket extension" \
2373 -c "parse new session ticket" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +01002374 -S "session successfully restored from cache" \
2375 -s "session successfully restored from ticket" \
2376 -s "a session has been resumed" \
2377 -c "a session has been resumed"
2378
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002379requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
Jarno Lamsa5b52b272019-06-19 10:21:37 +03002380requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002381run_test "Session resume using tickets: cache disabled" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002382 "$P_SRV debug_level=3 tickets=1 cache_max=0" \
2383 "$P_CLI debug_level=3 tickets=1 reconnect=1" \
Manuel Pégourié-Gonnarddbe1ee12014-02-21 09:18:13 +01002384 0 \
2385 -c "client hello, adding session ticket extension" \
2386 -s "found session ticket extension" \
2387 -s "server hello, adding session ticket extension" \
2388 -c "found session_ticket extension" \
2389 -c "parse new session ticket" \
2390 -S "session successfully restored from cache" \
2391 -s "session successfully restored from ticket" \
2392 -s "a session has been resumed" \
2393 -c "a session has been resumed"
2394
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002395requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
Jarno Lamsa5b52b272019-06-19 10:21:37 +03002396requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002397run_test "Session resume using tickets: timeout" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002398 "$P_SRV debug_level=3 tickets=1 cache_max=0 ticket_timeout=1" \
2399 "$P_CLI debug_level=3 tickets=1 reconnect=1 reco_delay=2" \
Manuel Pégourié-Gonnarddbe1ee12014-02-21 09:18:13 +01002400 0 \
2401 -c "client hello, adding session ticket extension" \
2402 -s "found session ticket extension" \
2403 -s "server hello, adding session ticket extension" \
2404 -c "found session_ticket extension" \
2405 -c "parse new session ticket" \
2406 -S "session successfully restored from cache" \
2407 -S "session successfully restored from ticket" \
2408 -S "a session has been resumed" \
2409 -C "a session has been resumed"
2410
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002411requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
Jarno Lamsa5b52b272019-06-19 10:21:37 +03002412requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
Manuel Pégourié-Gonnard57a348b2019-05-20 12:46:26 +02002413run_test "Session resume using tickets: session copy" \
2414 "$P_SRV debug_level=3 tickets=1 cache_max=0" \
2415 "$P_CLI debug_level=3 tickets=1 reconnect=1 reco_mode=0" \
2416 0 \
2417 -c "client hello, adding session ticket extension" \
2418 -s "found session ticket extension" \
2419 -s "server hello, adding session ticket extension" \
2420 -c "found session_ticket extension" \
2421 -c "parse new session ticket" \
2422 -S "session successfully restored from cache" \
2423 -s "session successfully restored from ticket" \
2424 -s "a session has been resumed" \
2425 -c "a session has been resumed"
2426
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002427requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
Jarno Lamsa5b52b272019-06-19 10:21:37 +03002428requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002429run_test "Session resume using tickets: openssl server" \
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +01002430 "$O_SRV" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002431 "$P_CLI debug_level=3 tickets=1 reconnect=1" \
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +01002432 0 \
2433 -c "client hello, adding session ticket extension" \
2434 -c "found session_ticket extension" \
2435 -c "parse new session ticket" \
2436 -c "a session has been resumed"
2437
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002438requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
Jarno Lamsa5b52b272019-06-19 10:21:37 +03002439requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002440run_test "Session resume using tickets: openssl client" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002441 "$P_SRV debug_level=3 tickets=1" \
Manuel Pégourié-Gonnardbc3b16c2014-05-28 23:06:50 +02002442 "( $O_CLI -sess_out $SESSION; \
2443 $O_CLI -sess_in $SESSION; \
2444 rm -f $SESSION )" \
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +01002445 0 \
2446 -s "found session ticket extension" \
2447 -s "server hello, adding session ticket extension" \
2448 -S "session successfully restored from cache" \
2449 -s "session successfully restored from ticket" \
2450 -s "a session has been resumed"
2451
Hanno Becker1d739932018-08-21 13:55:22 +01002452# Tests for Session Tickets with DTLS
2453
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002454requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
Jarno Lamsa5b52b272019-06-19 10:21:37 +03002455requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
Hanno Becker1d739932018-08-21 13:55:22 +01002456run_test "Session resume using tickets, DTLS: basic" \
2457 "$P_SRV debug_level=3 dtls=1 tickets=1" \
2458 "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1" \
2459 0 \
2460 -c "client hello, adding session ticket extension" \
2461 -s "found session ticket extension" \
2462 -s "server hello, adding session ticket extension" \
2463 -c "found session_ticket extension" \
2464 -c "parse new session ticket" \
2465 -S "session successfully restored from cache" \
2466 -s "session successfully restored from ticket" \
2467 -s "a session has been resumed" \
2468 -c "a session has been resumed"
2469
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002470requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
Jarno Lamsa5b52b272019-06-19 10:21:37 +03002471requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
Hanno Becker1d739932018-08-21 13:55:22 +01002472run_test "Session resume using tickets, DTLS: cache disabled" \
2473 "$P_SRV debug_level=3 dtls=1 tickets=1 cache_max=0" \
2474 "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1" \
2475 0 \
2476 -c "client hello, adding session ticket extension" \
2477 -s "found session ticket extension" \
2478 -s "server hello, adding session ticket extension" \
2479 -c "found session_ticket extension" \
2480 -c "parse new session ticket" \
2481 -S "session successfully restored from cache" \
2482 -s "session successfully restored from ticket" \
2483 -s "a session has been resumed" \
2484 -c "a session has been resumed"
2485
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002486requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
Jarno Lamsa5b52b272019-06-19 10:21:37 +03002487requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
Hanno Becker1d739932018-08-21 13:55:22 +01002488run_test "Session resume using tickets, DTLS: timeout" \
2489 "$P_SRV debug_level=3 dtls=1 tickets=1 cache_max=0 ticket_timeout=1" \
2490 "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1 reco_delay=2" \
2491 0 \
2492 -c "client hello, adding session ticket extension" \
2493 -s "found session ticket extension" \
2494 -s "server hello, adding session ticket extension" \
2495 -c "found session_ticket extension" \
2496 -c "parse new session ticket" \
2497 -S "session successfully restored from cache" \
2498 -S "session successfully restored from ticket" \
2499 -S "a session has been resumed" \
2500 -C "a session has been resumed"
2501
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002502requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
Jarno Lamsa5b52b272019-06-19 10:21:37 +03002503requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
Manuel Pégourié-Gonnard57a348b2019-05-20 12:46:26 +02002504run_test "Session resume using tickets, DTLS: session copy" \
2505 "$P_SRV debug_level=3 dtls=1 tickets=1 cache_max=0" \
2506 "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1 reco_mode=0" \
2507 0 \
2508 -c "client hello, adding session ticket extension" \
2509 -s "found session ticket extension" \
2510 -s "server hello, adding session ticket extension" \
2511 -c "found session_ticket extension" \
2512 -c "parse new session ticket" \
2513 -S "session successfully restored from cache" \
2514 -s "session successfully restored from ticket" \
2515 -s "a session has been resumed" \
2516 -c "a session has been resumed"
2517
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002518requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
Jarno Lamsa5b52b272019-06-19 10:21:37 +03002519requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
Hanno Becker1d739932018-08-21 13:55:22 +01002520run_test "Session resume using tickets, DTLS: openssl server" \
2521 "$O_SRV -dtls1" \
2522 "$P_CLI dtls=1 debug_level=3 tickets=1 reconnect=1" \
2523 0 \
2524 -c "client hello, adding session ticket extension" \
2525 -c "found session_ticket extension" \
2526 -c "parse new session ticket" \
2527 -c "a session has been resumed"
2528
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002529requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
Jarno Lamsa5b52b272019-06-19 10:21:37 +03002530requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
Hanno Becker1d739932018-08-21 13:55:22 +01002531run_test "Session resume using tickets, DTLS: openssl client" \
2532 "$P_SRV dtls=1 debug_level=3 tickets=1" \
2533 "( $O_CLI -dtls1 -sess_out $SESSION; \
2534 $O_CLI -dtls1 -sess_in $SESSION; \
2535 rm -f $SESSION )" \
2536 0 \
2537 -s "found session ticket extension" \
2538 -s "server hello, adding session ticket extension" \
2539 -S "session successfully restored from cache" \
2540 -s "session successfully restored from ticket" \
2541 -s "a session has been resumed"
2542
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +01002543# Tests for Session Resume based on session-ID and cache
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01002544
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002545requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
Jarno Lamsa5b52b272019-06-19 10:21:37 +03002546requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002547requires_config_disabled MBEDTLS_SSL_NO_SESSION_CACHE
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002548run_test "Session resume using cache: tickets enabled on client" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002549 "$P_SRV debug_level=3 tickets=0" \
2550 "$P_CLI debug_level=3 tickets=1 reconnect=1" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +01002551 0 \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +01002552 -c "client hello, adding session ticket extension" \
2553 -s "found session ticket extension" \
2554 -S "server hello, adding session ticket extension" \
2555 -C "found session_ticket extension" \
2556 -C "parse new session ticket" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +01002557 -s "session successfully restored from cache" \
2558 -S "session successfully restored from ticket" \
2559 -s "a session has been resumed" \
2560 -c "a session has been resumed"
2561
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002562requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
Jarno Lamsa5b52b272019-06-19 10:21:37 +03002563requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002564requires_config_disabled MBEDTLS_SSL_NO_SESSION_CACHE
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002565run_test "Session resume using cache: tickets enabled on server" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002566 "$P_SRV debug_level=3 tickets=1" \
2567 "$P_CLI debug_level=3 tickets=0 reconnect=1" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +01002568 0 \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +01002569 -C "client hello, adding session ticket extension" \
2570 -S "found session ticket extension" \
2571 -S "server hello, adding session ticket extension" \
2572 -C "found session_ticket extension" \
2573 -C "parse new session ticket" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +01002574 -s "session successfully restored from cache" \
2575 -S "session successfully restored from ticket" \
2576 -s "a session has been resumed" \
2577 -c "a session has been resumed"
Manuel Pégourié-Gonnardde143782014-02-20 14:50:42 +01002578
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002579requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
2580requires_config_disabled MBEDTLS_SSL_NO_SESSION_CACHE
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002581run_test "Session resume using cache: cache_max=0" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002582 "$P_SRV debug_level=3 tickets=0 cache_max=0" \
2583 "$P_CLI debug_level=3 tickets=0 reconnect=1" \
Manuel Pégourié-Gonnard4c883452014-02-20 21:32:41 +01002584 0 \
2585 -S "session successfully restored from cache" \
2586 -S "session successfully restored from ticket" \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +01002587 -S "a session has been resumed" \
2588 -C "a session has been resumed"
Manuel Pégourié-Gonnard4c883452014-02-20 21:32:41 +01002589
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002590requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
2591requires_config_disabled MBEDTLS_SSL_NO_SESSION_CACHE
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002592run_test "Session resume using cache: cache_max=1" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002593 "$P_SRV debug_level=3 tickets=0 cache_max=1" \
2594 "$P_CLI debug_level=3 tickets=0 reconnect=1" \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +01002595 0 \
2596 -s "session successfully restored from cache" \
2597 -S "session successfully restored from ticket" \
2598 -s "a session has been resumed" \
2599 -c "a session has been resumed"
2600
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002601requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
2602requires_config_disabled MBEDTLS_SSL_NO_SESSION_CACHE
Manuel Pégourié-Gonnard6df31962015-05-04 10:55:47 +02002603run_test "Session resume using cache: timeout > delay" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002604 "$P_SRV debug_level=3 tickets=0" \
2605 "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=0" \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +01002606 0 \
2607 -s "session successfully restored from cache" \
2608 -S "session successfully restored from ticket" \
2609 -s "a session has been resumed" \
2610 -c "a session has been resumed"
2611
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002612requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
2613requires_config_disabled MBEDTLS_SSL_NO_SESSION_CACHE
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002614run_test "Session resume using cache: timeout < delay" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002615 "$P_SRV debug_level=3 tickets=0 cache_timeout=1" \
2616 "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=2" \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +01002617 0 \
2618 -S "session successfully restored from cache" \
2619 -S "session successfully restored from ticket" \
2620 -S "a session has been resumed" \
2621 -C "a session has been resumed"
2622
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002623requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
2624requires_config_disabled MBEDTLS_SSL_NO_SESSION_CACHE
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002625run_test "Session resume using cache: no timeout" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002626 "$P_SRV debug_level=3 tickets=0 cache_timeout=0" \
2627 "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=2" \
Manuel Pégourié-Gonnard4c883452014-02-20 21:32:41 +01002628 0 \
2629 -s "session successfully restored from cache" \
2630 -S "session successfully restored from ticket" \
2631 -s "a session has been resumed" \
2632 -c "a session has been resumed"
2633
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002634requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
2635requires_config_disabled MBEDTLS_SSL_NO_SESSION_CACHE
Manuel Pégourié-Gonnard57a348b2019-05-20 12:46:26 +02002636run_test "Session resume using cache: session copy" \
2637 "$P_SRV debug_level=3 tickets=0" \
2638 "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_mode=0" \
2639 0 \
2640 -s "session successfully restored from cache" \
2641 -S "session successfully restored from ticket" \
2642 -s "a session has been resumed" \
2643 -c "a session has been resumed"
2644
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002645requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
2646requires_config_disabled MBEDTLS_SSL_NO_SESSION_CACHE
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002647run_test "Session resume using cache: openssl client" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002648 "$P_SRV debug_level=3 tickets=0" \
Manuel Pégourié-Gonnardbc3b16c2014-05-28 23:06:50 +02002649 "( $O_CLI -sess_out $SESSION; \
2650 $O_CLI -sess_in $SESSION; \
2651 rm -f $SESSION )" \
Manuel Pégourié-Gonnarddb735f62014-02-25 17:57:59 +01002652 0 \
2653 -s "found session ticket extension" \
2654 -S "server hello, adding session ticket extension" \
2655 -s "session successfully restored from cache" \
2656 -S "session successfully restored from ticket" \
2657 -s "a session has been resumed"
2658
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002659requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
2660requires_config_disabled MBEDTLS_SSL_NO_SESSION_CACHE
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002661run_test "Session resume using cache: openssl server" \
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +01002662 "$O_SRV" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002663 "$P_CLI debug_level=3 tickets=0 reconnect=1" \
Manuel Pégourié-Gonnarddb735f62014-02-25 17:57:59 +01002664 0 \
2665 -C "found session_ticket extension" \
2666 -C "parse new session ticket" \
2667 -c "a session has been resumed"
2668
Hanno Becker1d739932018-08-21 13:55:22 +01002669# Tests for Session Resume based on session-ID and cache, DTLS
2670
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002671requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
Jarno Lamsa5b52b272019-06-19 10:21:37 +03002672requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002673requires_config_disabled MBEDTLS_SSL_NO_SESSION_CACHE
Hanno Becker1d739932018-08-21 13:55:22 +01002674run_test "Session resume using cache, DTLS: tickets enabled on client" \
2675 "$P_SRV dtls=1 debug_level=3 tickets=0" \
2676 "$P_CLI dtls=1 debug_level=3 tickets=1 reconnect=1" \
2677 0 \
2678 -c "client hello, adding session ticket extension" \
2679 -s "found session ticket extension" \
2680 -S "server hello, adding session ticket extension" \
2681 -C "found session_ticket extension" \
2682 -C "parse new session ticket" \
2683 -s "session successfully restored from cache" \
2684 -S "session successfully restored from ticket" \
2685 -s "a session has been resumed" \
2686 -c "a session has been resumed"
2687
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002688requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
Jarno Lamsa5b52b272019-06-19 10:21:37 +03002689requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002690requires_config_disabled MBEDTLS_SSL_NO_SESSION_CACHE
Hanno Becker1d739932018-08-21 13:55:22 +01002691run_test "Session resume using cache, DTLS: tickets enabled on server" \
2692 "$P_SRV dtls=1 debug_level=3 tickets=1" \
2693 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1" \
2694 0 \
2695 -C "client hello, adding session ticket extension" \
2696 -S "found session ticket extension" \
2697 -S "server hello, adding session ticket extension" \
2698 -C "found session_ticket extension" \
2699 -C "parse new session ticket" \
2700 -s "session successfully restored from cache" \
2701 -S "session successfully restored from ticket" \
2702 -s "a session has been resumed" \
2703 -c "a session has been resumed"
2704
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002705requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
2706requires_config_disabled MBEDTLS_SSL_NO_SESSION_CACHE
Hanno Becker1d739932018-08-21 13:55:22 +01002707run_test "Session resume using cache, DTLS: cache_max=0" \
2708 "$P_SRV dtls=1 debug_level=3 tickets=0 cache_max=0" \
2709 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1" \
2710 0 \
2711 -S "session successfully restored from cache" \
2712 -S "session successfully restored from ticket" \
2713 -S "a session has been resumed" \
2714 -C "a session has been resumed"
2715
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002716requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
2717requires_config_disabled MBEDTLS_SSL_NO_SESSION_CACHE
Hanno Becker1d739932018-08-21 13:55:22 +01002718run_test "Session resume using cache, DTLS: cache_max=1" \
2719 "$P_SRV dtls=1 debug_level=3 tickets=0 cache_max=1" \
2720 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1" \
2721 0 \
2722 -s "session successfully restored from cache" \
2723 -S "session successfully restored from ticket" \
2724 -s "a session has been resumed" \
2725 -c "a session has been resumed"
2726
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002727requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
2728requires_config_disabled MBEDTLS_SSL_NO_SESSION_CACHE
Hanno Becker1d739932018-08-21 13:55:22 +01002729run_test "Session resume using cache, DTLS: timeout > delay" \
2730 "$P_SRV dtls=1 debug_level=3 tickets=0" \
2731 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 reco_delay=0" \
2732 0 \
2733 -s "session successfully restored from cache" \
2734 -S "session successfully restored from ticket" \
2735 -s "a session has been resumed" \
2736 -c "a session has been resumed"
2737
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002738requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
2739requires_config_disabled MBEDTLS_SSL_NO_SESSION_CACHE
Hanno Becker1d739932018-08-21 13:55:22 +01002740run_test "Session resume using cache, DTLS: timeout < delay" \
2741 "$P_SRV dtls=1 debug_level=3 tickets=0 cache_timeout=1" \
2742 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 reco_delay=2" \
2743 0 \
2744 -S "session successfully restored from cache" \
2745 -S "session successfully restored from ticket" \
2746 -S "a session has been resumed" \
2747 -C "a session has been resumed"
2748
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002749requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
2750requires_config_disabled MBEDTLS_SSL_NO_SESSION_CACHE
Hanno Becker1d739932018-08-21 13:55:22 +01002751run_test "Session resume using cache, DTLS: no timeout" \
2752 "$P_SRV dtls=1 debug_level=3 tickets=0 cache_timeout=0" \
2753 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 reco_delay=2" \
2754 0 \
2755 -s "session successfully restored from cache" \
2756 -S "session successfully restored from ticket" \
2757 -s "a session has been resumed" \
2758 -c "a session has been resumed"
2759
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002760requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
2761requires_config_disabled MBEDTLS_SSL_NO_SESSION_CACHE
Manuel Pégourié-Gonnard57a348b2019-05-20 12:46:26 +02002762run_test "Session resume using cache, DTLS: session copy" \
2763 "$P_SRV dtls=1 debug_level=3 tickets=0" \
2764 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 reco_mode=0" \
2765 0 \
2766 -s "session successfully restored from cache" \
2767 -S "session successfully restored from ticket" \
2768 -s "a session has been resumed" \
2769 -c "a session has been resumed"
2770
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002771requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
2772requires_config_disabled MBEDTLS_SSL_NO_SESSION_CACHE
Hanno Becker1d739932018-08-21 13:55:22 +01002773run_test "Session resume using cache, DTLS: openssl client" \
2774 "$P_SRV dtls=1 debug_level=3 tickets=0" \
2775 "( $O_CLI -dtls1 -sess_out $SESSION; \
2776 $O_CLI -dtls1 -sess_in $SESSION; \
2777 rm -f $SESSION )" \
2778 0 \
2779 -s "found session ticket extension" \
2780 -S "server hello, adding session ticket extension" \
2781 -s "session successfully restored from cache" \
2782 -S "session successfully restored from ticket" \
2783 -s "a session has been resumed"
2784
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03002785requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
2786requires_config_disabled MBEDTLS_SSL_NO_SESSION_CACHE
Hanno Becker1d739932018-08-21 13:55:22 +01002787run_test "Session resume using cache, DTLS: openssl server" \
2788 "$O_SRV -dtls1" \
2789 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1" \
2790 0 \
2791 -C "found session_ticket extension" \
2792 -C "parse new session ticket" \
2793 -c "a session has been resumed"
2794
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01002795# Tests for Max Fragment Length extension
2796
Angus Grattonc4dd0732018-04-11 16:28:39 +10002797if [ "$MAX_CONTENT_LEN" -lt "4096" ]; then
2798 printf "${CONFIG_H} defines MBEDTLS_SSL_MAX_CONTENT_LEN to be less than 4096. Fragment length tests will fail.\n"
Hanno Becker6428f8d2017-09-22 16:58:50 +01002799 exit 1
2800fi
2801
Angus Grattonc4dd0732018-04-11 16:28:39 +10002802if [ $MAX_CONTENT_LEN -ne 16384 ]; then
2803 printf "Using non-default maximum content length $MAX_CONTENT_LEN\n"
2804fi
2805
Hanno Becker4aed27e2017-09-18 15:00:34 +01002806requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Hanno Beckerc5266962017-09-18 15:01:50 +01002807run_test "Max fragment length: enabled, default" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002808 "$P_SRV debug_level=3" \
2809 "$P_CLI debug_level=3" \
Manuel Pégourié-Gonnardde143782014-02-20 14:50:42 +01002810 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10002811 -c "Maximum fragment length is $MAX_CONTENT_LEN" \
2812 -s "Maximum fragment length is $MAX_CONTENT_LEN" \
Manuel Pégourié-Gonnardde143782014-02-20 14:50:42 +01002813 -C "client hello, adding max_fragment_length extension" \
2814 -S "found max fragment length extension" \
2815 -S "server hello, max_fragment_length extension" \
2816 -C "found max_fragment_length extension"
2817
Hanno Becker4aed27e2017-09-18 15:00:34 +01002818requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Hanno Beckerc5266962017-09-18 15:01:50 +01002819run_test "Max fragment length: enabled, default, larger message" \
2820 "$P_SRV debug_level=3" \
Angus Grattonc4dd0732018-04-11 16:28:39 +10002821 "$P_CLI debug_level=3 request_size=$(( $MAX_CONTENT_LEN + 1))" \
Hanno Beckerc5266962017-09-18 15:01:50 +01002822 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10002823 -c "Maximum fragment length is $MAX_CONTENT_LEN" \
2824 -s "Maximum fragment length is $MAX_CONTENT_LEN" \
Hanno Beckerc5266962017-09-18 15:01:50 +01002825 -C "client hello, adding max_fragment_length extension" \
2826 -S "found max fragment length extension" \
2827 -S "server hello, max_fragment_length extension" \
2828 -C "found max_fragment_length extension" \
Angus Grattonc4dd0732018-04-11 16:28:39 +10002829 -c "$(( $MAX_CONTENT_LEN + 1)) bytes written in 2 fragments" \
2830 -s "$MAX_CONTENT_LEN bytes read" \
Hanno Becker9cfabe32017-10-18 14:42:01 +01002831 -s "1 bytes read"
Hanno Beckerc5266962017-09-18 15:01:50 +01002832
2833requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
2834run_test "Max fragment length, DTLS: enabled, default, larger message" \
2835 "$P_SRV debug_level=3 dtls=1" \
Angus Grattonc4dd0732018-04-11 16:28:39 +10002836 "$P_CLI debug_level=3 dtls=1 request_size=$(( $MAX_CONTENT_LEN + 1))" \
Hanno Beckerc5266962017-09-18 15:01:50 +01002837 1 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10002838 -c "Maximum fragment length is $MAX_CONTENT_LEN" \
2839 -s "Maximum fragment length is $MAX_CONTENT_LEN" \
Hanno Beckerc5266962017-09-18 15:01:50 +01002840 -C "client hello, adding max_fragment_length extension" \
2841 -S "found max fragment length extension" \
2842 -S "server hello, max_fragment_length extension" \
2843 -C "found max_fragment_length extension" \
2844 -c "fragment larger than.*maximum "
2845
Angus Grattonc4dd0732018-04-11 16:28:39 +10002846# Run some tests with MBEDTLS_SSL_MAX_FRAGMENT_LENGTH disabled
2847# (session fragment length will be 16384 regardless of mbedtls
2848# content length configuration.)
2849
Hanno Beckerc5266962017-09-18 15:01:50 +01002850requires_config_disabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
2851run_test "Max fragment length: disabled, larger message" \
2852 "$P_SRV debug_level=3" \
Angus Grattonc4dd0732018-04-11 16:28:39 +10002853 "$P_CLI debug_level=3 request_size=$(( $MAX_CONTENT_LEN + 1))" \
Hanno Beckerc5266962017-09-18 15:01:50 +01002854 0 \
2855 -C "Maximum fragment length is 16384" \
2856 -S "Maximum fragment length is 16384" \
Angus Grattonc4dd0732018-04-11 16:28:39 +10002857 -c "$(( $MAX_CONTENT_LEN + 1)) bytes written in 2 fragments" \
2858 -s "$MAX_CONTENT_LEN bytes read" \
Hanno Becker9cfabe32017-10-18 14:42:01 +01002859 -s "1 bytes read"
Hanno Beckerc5266962017-09-18 15:01:50 +01002860
2861requires_config_disabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
2862run_test "Max fragment length DTLS: disabled, larger message" \
2863 "$P_SRV debug_level=3 dtls=1" \
Angus Grattonc4dd0732018-04-11 16:28:39 +10002864 "$P_CLI debug_level=3 dtls=1 request_size=$(( $MAX_CONTENT_LEN + 1))" \
Hanno Beckerc5266962017-09-18 15:01:50 +01002865 1 \
2866 -C "Maximum fragment length is 16384" \
2867 -S "Maximum fragment length is 16384" \
2868 -c "fragment larger than.*maximum "
2869
2870requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002871run_test "Max fragment length: used by client" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002872 "$P_SRV debug_level=3" \
2873 "$P_CLI debug_level=3 max_frag_len=4096" \
Manuel Pégourié-Gonnardde143782014-02-20 14:50:42 +01002874 0 \
Manuel Pégourié-Gonnarda2cda6b2015-08-31 18:30:52 +02002875 -c "Maximum fragment length is 4096" \
2876 -s "Maximum fragment length is 4096" \
Manuel Pégourié-Gonnardde143782014-02-20 14:50:42 +01002877 -c "client hello, adding max_fragment_length extension" \
2878 -s "found max fragment length extension" \
2879 -s "server hello, max_fragment_length extension" \
2880 -c "found max_fragment_length extension"
2881
Hanno Becker4aed27e2017-09-18 15:00:34 +01002882requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002883run_test "Max fragment length: used by server" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002884 "$P_SRV debug_level=3 max_frag_len=4096" \
2885 "$P_CLI debug_level=3" \
Manuel Pégourié-Gonnardde143782014-02-20 14:50:42 +01002886 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10002887 -c "Maximum fragment length is $MAX_CONTENT_LEN" \
Manuel Pégourié-Gonnarda2cda6b2015-08-31 18:30:52 +02002888 -s "Maximum fragment length is 4096" \
Manuel Pégourié-Gonnardde143782014-02-20 14:50:42 +01002889 -C "client hello, adding max_fragment_length extension" \
2890 -S "found max fragment length extension" \
2891 -S "server hello, max_fragment_length extension" \
2892 -C "found max_fragment_length extension"
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01002893
Hanno Becker4aed27e2017-09-18 15:00:34 +01002894requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002895requires_gnutls
2896run_test "Max fragment length: gnutls server" \
Manuel Pégourié-Gonnardbaa7f072014-08-20 20:15:53 +02002897 "$G_SRV" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002898 "$P_CLI debug_level=3 max_frag_len=4096" \
Manuel Pégourié-Gonnardbaa7f072014-08-20 20:15:53 +02002899 0 \
Manuel Pégourié-Gonnarda2cda6b2015-08-31 18:30:52 +02002900 -c "Maximum fragment length is 4096" \
Manuel Pégourié-Gonnardbaa7f072014-08-20 20:15:53 +02002901 -c "client hello, adding max_fragment_length extension" \
2902 -c "found max_fragment_length extension"
2903
Hanno Becker4aed27e2017-09-18 15:00:34 +01002904requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Manuel Pégourié-Gonnard37e08e12014-10-13 17:55:52 +02002905run_test "Max fragment length: client, message just fits" \
2906 "$P_SRV debug_level=3" \
2907 "$P_CLI debug_level=3 max_frag_len=2048 request_size=2048" \
2908 0 \
Manuel Pégourié-Gonnarda2cda6b2015-08-31 18:30:52 +02002909 -c "Maximum fragment length is 2048" \
2910 -s "Maximum fragment length is 2048" \
Manuel Pégourié-Gonnard37e08e12014-10-13 17:55:52 +02002911 -c "client hello, adding max_fragment_length extension" \
2912 -s "found max fragment length extension" \
2913 -s "server hello, max_fragment_length extension" \
2914 -c "found max_fragment_length extension" \
2915 -c "2048 bytes written in 1 fragments" \
2916 -s "2048 bytes read"
2917
Hanno Becker4aed27e2017-09-18 15:00:34 +01002918requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Manuel Pégourié-Gonnard37e08e12014-10-13 17:55:52 +02002919run_test "Max fragment length: client, larger message" \
2920 "$P_SRV debug_level=3" \
2921 "$P_CLI debug_level=3 max_frag_len=2048 request_size=2345" \
2922 0 \
Manuel Pégourié-Gonnarda2cda6b2015-08-31 18:30:52 +02002923 -c "Maximum fragment length is 2048" \
2924 -s "Maximum fragment length is 2048" \
Manuel Pégourié-Gonnard37e08e12014-10-13 17:55:52 +02002925 -c "client hello, adding max_fragment_length extension" \
2926 -s "found max fragment length extension" \
2927 -s "server hello, max_fragment_length extension" \
2928 -c "found max_fragment_length extension" \
2929 -c "2345 bytes written in 2 fragments" \
2930 -s "2048 bytes read" \
2931 -s "297 bytes read"
2932
Hanno Becker4aed27e2017-09-18 15:00:34 +01002933requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Manuel Pégourié-Gonnard23eb74d2015-01-21 14:37:13 +00002934run_test "Max fragment length: DTLS client, larger message" \
Manuel Pégourié-Gonnard37e08e12014-10-13 17:55:52 +02002935 "$P_SRV debug_level=3 dtls=1" \
2936 "$P_CLI debug_level=3 dtls=1 max_frag_len=2048 request_size=2345" \
2937 1 \
Manuel Pégourié-Gonnarda2cda6b2015-08-31 18:30:52 +02002938 -c "Maximum fragment length is 2048" \
2939 -s "Maximum fragment length is 2048" \
Manuel Pégourié-Gonnard37e08e12014-10-13 17:55:52 +02002940 -c "client hello, adding max_fragment_length extension" \
2941 -s "found max fragment length extension" \
2942 -s "server hello, max_fragment_length extension" \
2943 -c "found max_fragment_length extension" \
2944 -c "fragment larger than.*maximum"
2945
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01002946# Tests for renegotiation
2947
Hanno Becker6a243642017-10-12 15:18:45 +01002948# Renegotiation SCSV always added, regardless of SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002949run_test "Renegotiation: none, for reference" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01002950 "$P_SRV debug_level=3 exchanges=2 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002951 "$P_CLI debug_level=3 exchanges=2" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01002952 0 \
2953 -C "client hello, adding renegotiation extension" \
2954 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
2955 -S "found renegotiation extension" \
2956 -s "server hello, secure renegotiation extension" \
2957 -c "found renegotiation extension" \
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +01002958 -C "=> renegotiate" \
2959 -S "=> renegotiate" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01002960 -S "write hello request"
2961
Hanno Becker6a243642017-10-12 15:18:45 +01002962requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002963run_test "Renegotiation: client-initiated" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01002964 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002965 "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01002966 0 \
2967 -c "client hello, adding renegotiation extension" \
2968 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
2969 -s "found renegotiation extension" \
2970 -s "server hello, secure renegotiation extension" \
2971 -c "found renegotiation extension" \
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +01002972 -c "=> renegotiate" \
2973 -s "=> renegotiate" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01002974 -S "write hello request"
2975
Hanno Becker6a243642017-10-12 15:18:45 +01002976requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002977run_test "Renegotiation: server-initiated" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01002978 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002979 "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01002980 0 \
2981 -c "client hello, adding renegotiation extension" \
2982 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
2983 -s "found renegotiation extension" \
2984 -s "server hello, secure renegotiation extension" \
2985 -c "found renegotiation extension" \
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +01002986 -c "=> renegotiate" \
2987 -s "=> renegotiate" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01002988 -s "write hello request"
2989
Janos Follathb0f148c2017-10-05 12:29:42 +01002990# Checks that no Signature Algorithm with SHA-1 gets negotiated. Negotiating SHA-1 would mean that
2991# the server did not parse the Signature Algorithm extension. This test is valid only if an MD
2992# algorithm stronger than SHA-1 is enabled in config.h
Hanno Becker6a243642017-10-12 15:18:45 +01002993requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Janos Follathb0f148c2017-10-05 12:29:42 +01002994run_test "Renegotiation: Signature Algorithms parsing, client-initiated" \
2995 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional" \
2996 "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \
2997 0 \
2998 -c "client hello, adding renegotiation extension" \
2999 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3000 -s "found renegotiation extension" \
3001 -s "server hello, secure renegotiation extension" \
3002 -c "found renegotiation extension" \
3003 -c "=> renegotiate" \
3004 -s "=> renegotiate" \
3005 -S "write hello request" \
3006 -S "client hello v3, signature_algorithm ext: 2" # Is SHA-1 negotiated?
3007
3008# Checks that no Signature Algorithm with SHA-1 gets negotiated. Negotiating SHA-1 would mean that
3009# the server did not parse the Signature Algorithm extension. This test is valid only if an MD
3010# algorithm stronger than SHA-1 is enabled in config.h
Hanno Becker6a243642017-10-12 15:18:45 +01003011requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Janos Follathb0f148c2017-10-05 12:29:42 +01003012run_test "Renegotiation: Signature Algorithms parsing, server-initiated" \
3013 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1" \
3014 "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \
3015 0 \
3016 -c "client hello, adding renegotiation extension" \
3017 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3018 -s "found renegotiation extension" \
3019 -s "server hello, secure renegotiation extension" \
3020 -c "found renegotiation extension" \
3021 -c "=> renegotiate" \
3022 -s "=> renegotiate" \
3023 -s "write hello request" \
3024 -S "client hello v3, signature_algorithm ext: 2" # Is SHA-1 negotiated?
3025
Hanno Becker6a243642017-10-12 15:18:45 +01003026requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003027run_test "Renegotiation: double" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01003028 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003029 "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01003030 0 \
3031 -c "client hello, adding renegotiation extension" \
3032 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3033 -s "found renegotiation extension" \
3034 -s "server hello, secure renegotiation extension" \
3035 -c "found renegotiation extension" \
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +01003036 -c "=> renegotiate" \
3037 -s "=> renegotiate" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01003038 -s "write hello request"
3039
Hanno Becker6a243642017-10-12 15:18:45 +01003040requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003041run_test "Renegotiation: client-initiated, server-rejected" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01003042 "$P_SRV debug_level=3 exchanges=2 renegotiation=0 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003043 "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01003044 1 \
3045 -c "client hello, adding renegotiation extension" \
3046 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3047 -S "found renegotiation extension" \
3048 -s "server hello, secure renegotiation extension" \
3049 -c "found renegotiation extension" \
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +01003050 -c "=> renegotiate" \
3051 -S "=> renegotiate" \
Manuel Pégourié-Gonnardfae355e2014-07-04 14:32:27 +02003052 -S "write hello request" \
Manuel Pégourié-Gonnard65919622014-08-19 12:50:30 +02003053 -c "SSL - Unexpected message at ServerHello in renegotiation" \
Manuel Pégourié-Gonnardfae355e2014-07-04 14:32:27 +02003054 -c "failed"
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01003055
Hanno Becker6a243642017-10-12 15:18:45 +01003056requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003057run_test "Renegotiation: server-initiated, client-rejected, default" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01003058 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003059 "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01003060 0 \
3061 -C "client hello, adding renegotiation extension" \
3062 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3063 -S "found renegotiation extension" \
3064 -s "server hello, secure renegotiation extension" \
3065 -c "found renegotiation extension" \
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +01003066 -C "=> renegotiate" \
3067 -S "=> renegotiate" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01003068 -s "write hello request" \
Manuel Pégourié-Gonnarda9964db2014-07-03 19:29:16 +02003069 -S "SSL - An unexpected message was received from our peer" \
3070 -S "failed"
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +01003071
Hanno Becker6a243642017-10-12 15:18:45 +01003072requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003073run_test "Renegotiation: server-initiated, client-rejected, not enforced" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003074 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01003075 renego_delay=-1 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003076 "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \
Manuel Pégourié-Gonnardfae355e2014-07-04 14:32:27 +02003077 0 \
3078 -C "client hello, adding renegotiation extension" \
3079 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3080 -S "found renegotiation extension" \
3081 -s "server hello, secure renegotiation extension" \
3082 -c "found renegotiation extension" \
3083 -C "=> renegotiate" \
3084 -S "=> renegotiate" \
3085 -s "write hello request" \
3086 -S "SSL - An unexpected message was received from our peer" \
3087 -S "failed"
3088
Manuel Pégourié-Gonnarda8c0a0d2014-08-15 12:07:38 +02003089# delay 2 for 1 alert record + 1 application data record
Hanno Becker6a243642017-10-12 15:18:45 +01003090requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003091run_test "Renegotiation: server-initiated, client-rejected, delay 2" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003092 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01003093 renego_delay=2 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003094 "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \
Manuel Pégourié-Gonnardfae355e2014-07-04 14:32:27 +02003095 0 \
3096 -C "client hello, adding renegotiation extension" \
3097 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3098 -S "found renegotiation extension" \
3099 -s "server hello, secure renegotiation extension" \
3100 -c "found renegotiation extension" \
3101 -C "=> renegotiate" \
3102 -S "=> renegotiate" \
3103 -s "write hello request" \
3104 -S "SSL - An unexpected message was received from our peer" \
3105 -S "failed"
3106
Hanno Becker6a243642017-10-12 15:18:45 +01003107requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003108run_test "Renegotiation: server-initiated, client-rejected, delay 0" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003109 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01003110 renego_delay=0 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003111 "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \
Manuel Pégourié-Gonnardfae355e2014-07-04 14:32:27 +02003112 0 \
3113 -C "client hello, adding renegotiation extension" \
3114 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3115 -S "found renegotiation extension" \
3116 -s "server hello, secure renegotiation extension" \
3117 -c "found renegotiation extension" \
3118 -C "=> renegotiate" \
3119 -S "=> renegotiate" \
3120 -s "write hello request" \
Manuel Pégourié-Gonnarda8c0a0d2014-08-15 12:07:38 +02003121 -s "SSL - An unexpected message was received from our peer"
Manuel Pégourié-Gonnardfae355e2014-07-04 14:32:27 +02003122
Hanno Becker6a243642017-10-12 15:18:45 +01003123requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003124run_test "Renegotiation: server-initiated, client-accepted, delay 0" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003125 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01003126 renego_delay=0 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003127 "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \
Manuel Pégourié-Gonnardfae355e2014-07-04 14:32:27 +02003128 0 \
3129 -c "client hello, adding renegotiation extension" \
3130 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3131 -s "found renegotiation extension" \
3132 -s "server hello, secure renegotiation extension" \
3133 -c "found renegotiation extension" \
3134 -c "=> renegotiate" \
3135 -s "=> renegotiate" \
3136 -s "write hello request" \
3137 -S "SSL - An unexpected message was received from our peer" \
3138 -S "failed"
3139
Hanno Becker6a243642017-10-12 15:18:45 +01003140requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard590f4162014-11-05 14:23:03 +01003141run_test "Renegotiation: periodic, just below period" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01003142 "$P_SRV debug_level=3 exchanges=9 renegotiation=1 renego_period=3 auth_mode=optional" \
Manuel Pégourié-Gonnard590f4162014-11-05 14:23:03 +01003143 "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \
3144 0 \
3145 -C "client hello, adding renegotiation extension" \
3146 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3147 -S "found renegotiation extension" \
3148 -s "server hello, secure renegotiation extension" \
3149 -c "found renegotiation extension" \
3150 -S "record counter limit reached: renegotiate" \
3151 -C "=> renegotiate" \
3152 -S "=> renegotiate" \
3153 -S "write hello request" \
3154 -S "SSL - An unexpected message was received from our peer" \
3155 -S "failed"
3156
Manuel Pégourié-Gonnard9835bc02015-01-14 14:41:58 +01003157# one extra exchange to be able to complete renego
Hanno Becker6a243642017-10-12 15:18:45 +01003158requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard590f4162014-11-05 14:23:03 +01003159run_test "Renegotiation: periodic, just above period" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01003160 "$P_SRV debug_level=3 exchanges=9 renegotiation=1 renego_period=3 auth_mode=optional" \
Manuel Pégourié-Gonnard9835bc02015-01-14 14:41:58 +01003161 "$P_CLI debug_level=3 exchanges=4 renegotiation=1" \
Manuel Pégourié-Gonnard590f4162014-11-05 14:23:03 +01003162 0 \
3163 -c "client hello, adding renegotiation extension" \
3164 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3165 -s "found renegotiation extension" \
3166 -s "server hello, secure renegotiation extension" \
3167 -c "found renegotiation extension" \
3168 -s "record counter limit reached: renegotiate" \
3169 -c "=> renegotiate" \
3170 -s "=> renegotiate" \
3171 -s "write hello request" \
3172 -S "SSL - An unexpected message was received from our peer" \
3173 -S "failed"
3174
Hanno Becker6a243642017-10-12 15:18:45 +01003175requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard590f4162014-11-05 14:23:03 +01003176run_test "Renegotiation: periodic, two times period" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01003177 "$P_SRV debug_level=3 exchanges=9 renegotiation=1 renego_period=3 auth_mode=optional" \
Manuel Pégourié-Gonnard9835bc02015-01-14 14:41:58 +01003178 "$P_CLI debug_level=3 exchanges=7 renegotiation=1" \
Manuel Pégourié-Gonnard590f4162014-11-05 14:23:03 +01003179 0 \
3180 -c "client hello, adding renegotiation extension" \
3181 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3182 -s "found renegotiation extension" \
3183 -s "server hello, secure renegotiation extension" \
3184 -c "found renegotiation extension" \
3185 -s "record counter limit reached: renegotiate" \
3186 -c "=> renegotiate" \
3187 -s "=> renegotiate" \
3188 -s "write hello request" \
3189 -S "SSL - An unexpected message was received from our peer" \
3190 -S "failed"
3191
Hanno Becker6a243642017-10-12 15:18:45 +01003192requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard590f4162014-11-05 14:23:03 +01003193run_test "Renegotiation: periodic, above period, disabled" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01003194 "$P_SRV debug_level=3 exchanges=9 renegotiation=0 renego_period=3 auth_mode=optional" \
Manuel Pégourié-Gonnard590f4162014-11-05 14:23:03 +01003195 "$P_CLI debug_level=3 exchanges=4 renegotiation=1" \
3196 0 \
3197 -C "client hello, adding renegotiation extension" \
3198 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3199 -S "found renegotiation extension" \
3200 -s "server hello, secure renegotiation extension" \
3201 -c "found renegotiation extension" \
3202 -S "record counter limit reached: renegotiate" \
3203 -C "=> renegotiate" \
3204 -S "=> renegotiate" \
3205 -S "write hello request" \
3206 -S "SSL - An unexpected message was received from our peer" \
3207 -S "failed"
3208
Hanno Becker6a243642017-10-12 15:18:45 +01003209requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003210run_test "Renegotiation: nbio, client-initiated" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01003211 "$P_SRV debug_level=3 nbio=2 exchanges=2 renegotiation=1 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003212 "$P_CLI debug_level=3 nbio=2 exchanges=2 renegotiation=1 renegotiate=1" \
Manuel Pégourié-Gonnardf07f4212014-08-15 19:04:47 +02003213 0 \
3214 -c "client hello, adding renegotiation extension" \
3215 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3216 -s "found renegotiation extension" \
3217 -s "server hello, secure renegotiation extension" \
3218 -c "found renegotiation extension" \
3219 -c "=> renegotiate" \
3220 -s "=> renegotiate" \
3221 -S "write hello request"
3222
Hanno Becker6a243642017-10-12 15:18:45 +01003223requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003224run_test "Renegotiation: nbio, server-initiated" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01003225 "$P_SRV debug_level=3 nbio=2 exchanges=2 renegotiation=1 renegotiate=1 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003226 "$P_CLI debug_level=3 nbio=2 exchanges=2 renegotiation=1" \
Manuel Pégourié-Gonnardf07f4212014-08-15 19:04:47 +02003227 0 \
3228 -c "client hello, adding renegotiation extension" \
3229 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3230 -s "found renegotiation extension" \
3231 -s "server hello, secure renegotiation extension" \
3232 -c "found renegotiation extension" \
3233 -c "=> renegotiate" \
3234 -s "=> renegotiate" \
3235 -s "write hello request"
3236
Hanno Becker6a243642017-10-12 15:18:45 +01003237requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003238run_test "Renegotiation: openssl server, client-initiated" \
Manuel Pégourié-Gonnarda7756172014-08-31 18:37:01 +02003239 "$O_SRV -www" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003240 "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \
Manuel Pégourié-Gonnard51362962014-08-30 21:22:47 +02003241 0 \
3242 -c "client hello, adding renegotiation extension" \
3243 -c "found renegotiation extension" \
3244 -c "=> renegotiate" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003245 -C "ssl_hanshake() returned" \
Manuel Pégourié-Gonnard51362962014-08-30 21:22:47 +02003246 -C "error" \
3247 -c "HTTP/1.0 200 [Oo][Kk]"
3248
Paul Bakker539d9722015-02-08 16:18:35 +01003249requires_gnutls
Hanno Becker6a243642017-10-12 15:18:45 +01003250requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003251run_test "Renegotiation: gnutls server strict, client-initiated" \
3252 "$G_SRV --priority=NORMAL:%SAFE_RENEGOTIATION" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003253 "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \
Manuel Pégourié-Gonnard51362962014-08-30 21:22:47 +02003254 0 \
3255 -c "client hello, adding renegotiation extension" \
3256 -c "found renegotiation extension" \
3257 -c "=> renegotiate" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003258 -C "ssl_hanshake() returned" \
Manuel Pégourié-Gonnard51362962014-08-30 21:22:47 +02003259 -C "error" \
3260 -c "HTTP/1.0 200 [Oo][Kk]"
3261
Paul Bakker539d9722015-02-08 16:18:35 +01003262requires_gnutls
Hanno Becker6a243642017-10-12 15:18:45 +01003263requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003264run_test "Renegotiation: gnutls server unsafe, client-initiated default" \
3265 "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \
3266 "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \
3267 1 \
3268 -c "client hello, adding renegotiation extension" \
3269 -C "found renegotiation extension" \
3270 -c "=> renegotiate" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003271 -c "mbedtls_ssl_handshake() returned" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003272 -c "error" \
3273 -C "HTTP/1.0 200 [Oo][Kk]"
3274
Paul Bakker539d9722015-02-08 16:18:35 +01003275requires_gnutls
Hanno Becker6a243642017-10-12 15:18:45 +01003276requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003277run_test "Renegotiation: gnutls server unsafe, client-inititated no legacy" \
3278 "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \
3279 "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1 \
3280 allow_legacy=0" \
3281 1 \
3282 -c "client hello, adding renegotiation extension" \
3283 -C "found renegotiation extension" \
3284 -c "=> renegotiate" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003285 -c "mbedtls_ssl_handshake() returned" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003286 -c "error" \
3287 -C "HTTP/1.0 200 [Oo][Kk]"
3288
Paul Bakker539d9722015-02-08 16:18:35 +01003289requires_gnutls
Hanno Becker6a243642017-10-12 15:18:45 +01003290requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003291run_test "Renegotiation: gnutls server unsafe, client-inititated legacy" \
3292 "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \
3293 "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1 \
3294 allow_legacy=1" \
3295 0 \
3296 -c "client hello, adding renegotiation extension" \
3297 -C "found renegotiation extension" \
3298 -c "=> renegotiate" \
3299 -C "ssl_hanshake() returned" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01003300 -C "error" \
3301 -c "HTTP/1.0 200 [Oo][Kk]"
3302
Hanno Becker6a243642017-10-12 15:18:45 +01003303requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard30d16eb2014-08-19 17:43:50 +02003304run_test "Renegotiation: DTLS, client-initiated" \
3305 "$P_SRV debug_level=3 dtls=1 exchanges=2 renegotiation=1" \
3306 "$P_CLI debug_level=3 dtls=1 exchanges=2 renegotiation=1 renegotiate=1" \
3307 0 \
3308 -c "client hello, adding renegotiation extension" \
3309 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3310 -s "found renegotiation extension" \
3311 -s "server hello, secure renegotiation extension" \
3312 -c "found renegotiation extension" \
3313 -c "=> renegotiate" \
3314 -s "=> renegotiate" \
3315 -S "write hello request"
3316
Hanno Becker6a243642017-10-12 15:18:45 +01003317requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnardc392b242014-08-19 17:53:11 +02003318run_test "Renegotiation: DTLS, server-initiated" \
3319 "$P_SRV debug_level=3 dtls=1 exchanges=2 renegotiation=1 renegotiate=1" \
Manuel Pégourié-Gonnarddf9a0a82014-10-02 14:17:18 +02003320 "$P_CLI debug_level=3 dtls=1 exchanges=2 renegotiation=1 \
3321 read_timeout=1000 max_resend=2" \
Manuel Pégourié-Gonnardc392b242014-08-19 17:53:11 +02003322 0 \
3323 -c "client hello, adding renegotiation extension" \
3324 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3325 -s "found renegotiation extension" \
3326 -s "server hello, secure renegotiation extension" \
3327 -c "found renegotiation extension" \
3328 -c "=> renegotiate" \
3329 -s "=> renegotiate" \
3330 -s "write hello request"
3331
Hanno Becker6a243642017-10-12 15:18:45 +01003332requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Andres AG692ad842017-01-19 16:30:57 +00003333run_test "Renegotiation: DTLS, renego_period overflow" \
3334 "$P_SRV debug_level=3 dtls=1 exchanges=4 renegotiation=1 renego_period=18446462598732840962 auth_mode=optional" \
3335 "$P_CLI debug_level=3 dtls=1 exchanges=4 renegotiation=1" \
3336 0 \
3337 -c "client hello, adding renegotiation extension" \
3338 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3339 -s "found renegotiation extension" \
3340 -s "server hello, secure renegotiation extension" \
3341 -s "record counter limit reached: renegotiate" \
3342 -c "=> renegotiate" \
3343 -s "=> renegotiate" \
Hanno Becker6a243642017-10-12 15:18:45 +01003344 -s "write hello request"
Andres AG692ad842017-01-19 16:30:57 +00003345
Manuel Pégourié-Gonnard96999962015-02-17 16:02:37 +00003346requires_gnutls
Hanno Becker6a243642017-10-12 15:18:45 +01003347requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnardf1499f62014-08-31 17:13:13 +02003348run_test "Renegotiation: DTLS, gnutls server, client-initiated" \
3349 "$G_SRV -u --mtu 4096" \
3350 "$P_CLI debug_level=3 dtls=1 exchanges=1 renegotiation=1 renegotiate=1" \
3351 0 \
3352 -c "client hello, adding renegotiation extension" \
3353 -c "found renegotiation extension" \
3354 -c "=> renegotiate" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003355 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnardf1499f62014-08-31 17:13:13 +02003356 -C "error" \
3357 -s "Extra-header:"
3358
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003359# Test for the "secure renegotation" extension only (no actual renegotiation)
3360
Paul Bakker539d9722015-02-08 16:18:35 +01003361requires_gnutls
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003362run_test "Renego ext: gnutls server strict, client default" \
3363 "$G_SRV --priority=NORMAL:%SAFE_RENEGOTIATION" \
3364 "$P_CLI debug_level=3" \
3365 0 \
3366 -c "found renegotiation extension" \
3367 -C "error" \
3368 -c "HTTP/1.0 200 [Oo][Kk]"
3369
Paul Bakker539d9722015-02-08 16:18:35 +01003370requires_gnutls
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003371run_test "Renego ext: gnutls server unsafe, client default" \
3372 "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \
3373 "$P_CLI debug_level=3" \
3374 0 \
3375 -C "found renegotiation extension" \
3376 -C "error" \
3377 -c "HTTP/1.0 200 [Oo][Kk]"
3378
Paul Bakker539d9722015-02-08 16:18:35 +01003379requires_gnutls
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003380run_test "Renego ext: gnutls server unsafe, client break legacy" \
3381 "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \
3382 "$P_CLI debug_level=3 allow_legacy=-1" \
3383 1 \
3384 -C "found renegotiation extension" \
3385 -c "error" \
3386 -C "HTTP/1.0 200 [Oo][Kk]"
3387
Paul Bakker539d9722015-02-08 16:18:35 +01003388requires_gnutls
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003389run_test "Renego ext: gnutls client strict, server default" \
3390 "$P_SRV debug_level=3" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02003391 "$G_CLI --priority=NORMAL:%SAFE_RENEGOTIATION localhost" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003392 0 \
3393 -s "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \
3394 -s "server hello, secure renegotiation extension"
3395
Paul Bakker539d9722015-02-08 16:18:35 +01003396requires_gnutls
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003397run_test "Renego ext: gnutls client unsafe, server default" \
3398 "$P_SRV debug_level=3" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02003399 "$G_CLI --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION localhost" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003400 0 \
3401 -S "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \
3402 -S "server hello, secure renegotiation extension"
3403
Paul Bakker539d9722015-02-08 16:18:35 +01003404requires_gnutls
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003405run_test "Renego ext: gnutls client unsafe, server break legacy" \
3406 "$P_SRV debug_level=3 allow_legacy=-1" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02003407 "$G_CLI --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION localhost" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003408 1 \
3409 -S "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \
3410 -S "server hello, secure renegotiation extension"
3411
Janos Follath0b242342016-02-17 10:11:21 +00003412# Tests for silently dropping trailing extra bytes in .der certificates
3413
3414requires_gnutls
3415run_test "DER format: no trailing bytes" \
3416 "$P_SRV crt_file=data_files/server5-der0.crt \
3417 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02003418 "$G_CLI localhost" \
Janos Follath0b242342016-02-17 10:11:21 +00003419 0 \
3420 -c "Handshake was completed" \
3421
3422requires_gnutls
3423run_test "DER format: with a trailing zero byte" \
3424 "$P_SRV crt_file=data_files/server5-der1a.crt \
3425 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02003426 "$G_CLI localhost" \
Janos Follath0b242342016-02-17 10:11:21 +00003427 0 \
3428 -c "Handshake was completed" \
3429
3430requires_gnutls
3431run_test "DER format: with a trailing random byte" \
3432 "$P_SRV crt_file=data_files/server5-der1b.crt \
3433 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02003434 "$G_CLI localhost" \
Janos Follath0b242342016-02-17 10:11:21 +00003435 0 \
3436 -c "Handshake was completed" \
3437
3438requires_gnutls
3439run_test "DER format: with 2 trailing random bytes" \
3440 "$P_SRV crt_file=data_files/server5-der2.crt \
3441 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02003442 "$G_CLI localhost" \
Janos Follath0b242342016-02-17 10:11:21 +00003443 0 \
3444 -c "Handshake was completed" \
3445
3446requires_gnutls
3447run_test "DER format: with 4 trailing random bytes" \
3448 "$P_SRV crt_file=data_files/server5-der4.crt \
3449 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02003450 "$G_CLI localhost" \
Janos Follath0b242342016-02-17 10:11:21 +00003451 0 \
3452 -c "Handshake was completed" \
3453
3454requires_gnutls
3455run_test "DER format: with 8 trailing random bytes" \
3456 "$P_SRV crt_file=data_files/server5-der8.crt \
3457 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02003458 "$G_CLI localhost" \
Janos Follath0b242342016-02-17 10:11:21 +00003459 0 \
3460 -c "Handshake was completed" \
3461
3462requires_gnutls
3463run_test "DER format: with 9 trailing random bytes" \
3464 "$P_SRV crt_file=data_files/server5-der9.crt \
3465 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02003466 "$G_CLI localhost" \
Janos Follath0b242342016-02-17 10:11:21 +00003467 0 \
3468 -c "Handshake was completed" \
3469
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01003470# Tests for auth_mode
3471
Hanno Becker4a156fc2019-06-14 17:07:06 +01003472requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003473run_test "Authentication: server badcert, client required" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01003474 "$P_SRV crt_file=data_files/server5-badsign.crt \
3475 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003476 "$P_CLI debug_level=1 auth_mode=required" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01003477 1 \
3478 -c "x509_verify_cert() returned" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01003479 -c "! The certificate is not correctly signed by the trusted CA" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003480 -c "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01003481 -c "X509 - Certificate verification failed"
3482
Hanno Becker4a156fc2019-06-14 17:07:06 +01003483requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003484run_test "Authentication: server badcert, client optional" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01003485 "$P_SRV crt_file=data_files/server5-badsign.crt \
3486 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003487 "$P_CLI debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01003488 0 \
3489 -c "x509_verify_cert() returned" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01003490 -c "! The certificate is not correctly signed by the trusted CA" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003491 -C "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01003492 -C "X509 - Certificate verification failed"
3493
Hanno Becker4a156fc2019-06-14 17:07:06 +01003494requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Hanno Beckere6706e62017-05-15 16:05:15 +01003495run_test "Authentication: server goodcert, client optional, no trusted CA" \
3496 "$P_SRV" \
3497 "$P_CLI debug_level=3 auth_mode=optional ca_file=none ca_path=none" \
3498 0 \
3499 -c "x509_verify_cert() returned" \
3500 -c "! The certificate is not correctly signed by the trusted CA" \
3501 -c "! Certificate verification flags"\
3502 -C "! mbedtls_ssl_handshake returned" \
3503 -C "X509 - Certificate verification failed" \
3504 -C "SSL - No CA Chain is set, but required to operate"
3505
Hanno Becker4a156fc2019-06-14 17:07:06 +01003506requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Hanno Beckere6706e62017-05-15 16:05:15 +01003507run_test "Authentication: server goodcert, client required, no trusted CA" \
3508 "$P_SRV" \
3509 "$P_CLI debug_level=3 auth_mode=required ca_file=none ca_path=none" \
3510 1 \
3511 -c "x509_verify_cert() returned" \
3512 -c "! The certificate is not correctly signed by the trusted CA" \
3513 -c "! Certificate verification flags"\
3514 -c "! mbedtls_ssl_handshake returned" \
3515 -c "SSL - No CA Chain is set, but required to operate"
3516
3517# The purpose of the next two tests is to test the client's behaviour when receiving a server
3518# certificate with an unsupported elliptic curve. This should usually not happen because
3519# the client informs the server about the supported curves - it does, though, in the
3520# corner case of a static ECDH suite, because the server doesn't check the curve on that
3521# occasion (to be fixed). If that bug's fixed, the test needs to be altered to use a
3522# different means to have the server ignoring the client's supported curve list.
3523
3524requires_config_enabled MBEDTLS_ECP_C
3525run_test "Authentication: server ECDH p256v1, client required, p256v1 unsupported" \
3526 "$P_SRV debug_level=1 key_file=data_files/server5.key \
3527 crt_file=data_files/server5.ku-ka.crt" \
3528 "$P_CLI debug_level=3 auth_mode=required curves=secp521r1" \
3529 1 \
3530 -c "bad certificate (EC key curve)"\
3531 -c "! Certificate verification flags"\
3532 -C "bad server certificate (ECDH curve)" # Expect failure at earlier verification stage
3533
3534requires_config_enabled MBEDTLS_ECP_C
3535run_test "Authentication: server ECDH p256v1, client optional, p256v1 unsupported" \
3536 "$P_SRV debug_level=1 key_file=data_files/server5.key \
3537 crt_file=data_files/server5.ku-ka.crt" \
3538 "$P_CLI debug_level=3 auth_mode=optional curves=secp521r1" \
3539 1 \
3540 -c "bad certificate (EC key curve)"\
3541 -c "! Certificate verification flags"\
3542 -c "bad server certificate (ECDH curve)" # Expect failure only at ECDH params check
3543
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003544run_test "Authentication: server badcert, client none" \
Manuel Pégourié-Gonnardc1da6642014-02-25 14:18:30 +01003545 "$P_SRV crt_file=data_files/server5-badsign.crt \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01003546 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003547 "$P_CLI debug_level=1 auth_mode=none" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01003548 0 \
3549 -C "x509_verify_cert() returned" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01003550 -C "! The certificate is not correctly signed by the trusted CA" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003551 -C "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01003552 -C "X509 - Certificate verification failed"
3553
Simon Butcher99000142016-10-13 17:21:01 +01003554run_test "Authentication: client SHA256, server required" \
3555 "$P_SRV auth_mode=required" \
3556 "$P_CLI debug_level=3 crt_file=data_files/server6.crt \
3557 key_file=data_files/server6.key \
3558 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \
3559 0 \
Simon Butcher99000142016-10-13 17:21:01 +01003560 -c "Supported Signature Algorithm found: 5,"
3561
3562run_test "Authentication: client SHA384, server required" \
3563 "$P_SRV auth_mode=required" \
3564 "$P_CLI debug_level=3 crt_file=data_files/server6.crt \
3565 key_file=data_files/server6.key \
3566 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
3567 0 \
Simon Butcher99000142016-10-13 17:21:01 +01003568 -c "Supported Signature Algorithm found: 5,"
3569
Gilles Peskinefd8332e2017-05-03 16:25:07 +02003570requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
3571run_test "Authentication: client has no cert, server required (SSLv3)" \
3572 "$P_SRV debug_level=3 min_version=ssl3 auth_mode=required" \
3573 "$P_CLI debug_level=3 force_version=ssl3 crt_file=none \
3574 key_file=data_files/server5.key" \
3575 1 \
3576 -S "skip write certificate request" \
3577 -C "skip parse certificate request" \
3578 -c "got a certificate request" \
3579 -c "got no certificate to send" \
3580 -S "x509_verify_cert() returned" \
3581 -s "client has no certificate" \
3582 -s "! mbedtls_ssl_handshake returned" \
3583 -c "! mbedtls_ssl_handshake returned" \
3584 -s "No client certification received from the client, but required by the authentication mode"
3585
3586run_test "Authentication: client has no cert, server required (TLS)" \
3587 "$P_SRV debug_level=3 auth_mode=required" \
3588 "$P_CLI debug_level=3 crt_file=none \
3589 key_file=data_files/server5.key" \
3590 1 \
3591 -S "skip write certificate request" \
3592 -C "skip parse certificate request" \
3593 -c "got a certificate request" \
3594 -c "= write certificate$" \
3595 -C "skip write certificate$" \
3596 -S "x509_verify_cert() returned" \
3597 -s "client has no certificate" \
3598 -s "! mbedtls_ssl_handshake returned" \
3599 -c "! mbedtls_ssl_handshake returned" \
3600 -s "No client certification received from the client, but required by the authentication mode"
3601
Hanno Becker4a156fc2019-06-14 17:07:06 +01003602requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003603run_test "Authentication: client badcert, server required" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003604 "$P_SRV debug_level=3 auth_mode=required" \
3605 "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01003606 key_file=data_files/server5.key" \
3607 1 \
3608 -S "skip write certificate request" \
3609 -C "skip parse certificate request" \
3610 -c "got a certificate request" \
3611 -C "skip write certificate" \
3612 -C "skip write certificate verify" \
3613 -S "skip parse certificate verify" \
3614 -s "x509_verify_cert() returned" \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02003615 -s "! The certificate is not correctly signed by the trusted CA" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003616 -s "! mbedtls_ssl_handshake returned" \
Gilles Peskine1cc8e342017-05-03 16:28:34 +02003617 -s "send alert level=2 message=48" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003618 -c "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01003619 -s "X509 - Certificate verification failed"
Gilles Peskine1cc8e342017-05-03 16:28:34 +02003620# We don't check that the client receives the alert because it might
3621# detect that its write end of the connection is closed and abort
3622# before reading the alert message.
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01003623
Hanno Becker4a156fc2019-06-14 17:07:06 +01003624requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Janos Follath89baba22017-04-10 14:34:35 +01003625run_test "Authentication: client cert not trusted, server required" \
3626 "$P_SRV debug_level=3 auth_mode=required" \
3627 "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \
3628 key_file=data_files/server5.key" \
3629 1 \
3630 -S "skip write certificate request" \
3631 -C "skip parse certificate request" \
3632 -c "got a certificate request" \
3633 -C "skip write certificate" \
3634 -C "skip write certificate verify" \
3635 -S "skip parse certificate verify" \
3636 -s "x509_verify_cert() returned" \
3637 -s "! The certificate is not correctly signed by the trusted CA" \
3638 -s "! mbedtls_ssl_handshake returned" \
3639 -c "! mbedtls_ssl_handshake returned" \
3640 -s "X509 - Certificate verification failed"
3641
Hanno Becker4a156fc2019-06-14 17:07:06 +01003642requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003643run_test "Authentication: client badcert, server optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003644 "$P_SRV debug_level=3 auth_mode=optional" \
3645 "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01003646 key_file=data_files/server5.key" \
3647 0 \
3648 -S "skip write certificate request" \
3649 -C "skip parse certificate request" \
3650 -c "got a certificate request" \
3651 -C "skip write certificate" \
3652 -C "skip write certificate verify" \
3653 -S "skip parse certificate verify" \
3654 -s "x509_verify_cert() returned" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01003655 -s "! The certificate is not correctly signed by the trusted CA" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003656 -S "! mbedtls_ssl_handshake returned" \
3657 -C "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01003658 -S "X509 - Certificate verification failed"
3659
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003660run_test "Authentication: client badcert, server none" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003661 "$P_SRV debug_level=3 auth_mode=none" \
3662 "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01003663 key_file=data_files/server5.key" \
3664 0 \
3665 -s "skip write certificate request" \
3666 -C "skip parse certificate request" \
3667 -c "got no certificate request" \
3668 -c "skip write certificate" \
3669 -c "skip write certificate verify" \
3670 -s "skip parse certificate verify" \
3671 -S "x509_verify_cert() returned" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01003672 -S "! The certificate is not correctly signed by the trusted CA" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003673 -S "! mbedtls_ssl_handshake returned" \
3674 -C "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01003675 -S "X509 - Certificate verification failed"
3676
Hanno Becker4a156fc2019-06-14 17:07:06 +01003677requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003678run_test "Authentication: client no cert, server optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003679 "$P_SRV debug_level=3 auth_mode=optional" \
3680 "$P_CLI debug_level=3 crt_file=none key_file=none" \
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01003681 0 \
3682 -S "skip write certificate request" \
3683 -C "skip parse certificate request" \
3684 -c "got a certificate request" \
3685 -C "skip write certificate$" \
3686 -C "got no certificate to send" \
3687 -S "SSLv3 client has no certificate" \
3688 -c "skip write certificate verify" \
3689 -s "skip parse certificate verify" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01003690 -s "! Certificate was missing" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003691 -S "! mbedtls_ssl_handshake returned" \
3692 -C "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01003693 -S "X509 - Certificate verification failed"
3694
Hanno Becker4a156fc2019-06-14 17:07:06 +01003695requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003696run_test "Authentication: openssl client no cert, server optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003697 "$P_SRV debug_level=3 auth_mode=optional" \
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01003698 "$O_CLI" \
3699 0 \
3700 -S "skip write certificate request" \
3701 -s "skip parse certificate verify" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01003702 -s "! Certificate was missing" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003703 -S "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01003704 -S "X509 - Certificate verification failed"
3705
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003706run_test "Authentication: client no cert, openssl server optional" \
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01003707 "$O_SRV -verify 10" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003708 "$P_CLI debug_level=3 crt_file=none key_file=none" \
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01003709 0 \
3710 -C "skip parse certificate request" \
3711 -c "got a certificate request" \
3712 -C "skip write certificate$" \
3713 -c "skip write certificate verify" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003714 -C "! mbedtls_ssl_handshake returned"
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01003715
Gilles Peskinefd8332e2017-05-03 16:25:07 +02003716run_test "Authentication: client no cert, openssl server required" \
3717 "$O_SRV -Verify 10" \
3718 "$P_CLI debug_level=3 crt_file=none key_file=none" \
3719 1 \
3720 -C "skip parse certificate request" \
3721 -c "got a certificate request" \
3722 -C "skip write certificate$" \
3723 -c "skip write certificate verify" \
3724 -c "! mbedtls_ssl_handshake returned"
3725
Janos Follathe2681a42016-03-07 15:57:05 +00003726requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Hanno Beckerb2c63832019-06-17 08:35:16 +01003727requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003728run_test "Authentication: client no cert, ssl3" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003729 "$P_SRV debug_level=3 auth_mode=optional force_version=ssl3" \
Manuel Pégourié-Gonnard448ea502015-01-12 11:40:14 +01003730 "$P_CLI debug_level=3 crt_file=none key_file=none min_version=ssl3" \
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01003731 0 \
3732 -S "skip write certificate request" \
3733 -C "skip parse certificate request" \
3734 -c "got a certificate request" \
3735 -C "skip write certificate$" \
3736 -c "skip write certificate verify" \
3737 -c "got no certificate to send" \
3738 -s "SSLv3 client has no certificate" \
3739 -s "skip parse certificate verify" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01003740 -s "! Certificate was missing" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003741 -S "! mbedtls_ssl_handshake returned" \
3742 -C "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01003743 -S "X509 - Certificate verification failed"
3744
Manuel Pégourié-Gonnard9107b5f2017-07-06 12:16:25 +02003745# The "max_int chain" tests assume that MAX_INTERMEDIATE_CA is set to its
3746# default value (8)
Hanno Beckera6bca9f2017-07-26 13:35:11 +01003747
Simon Butcherbcfa6f42017-07-28 15:59:35 +01003748MAX_IM_CA='8'
Simon Butcher06b78632017-07-28 01:00:17 +01003749MAX_IM_CA_CONFIG=$( ../scripts/config.pl get MBEDTLS_X509_MAX_INTERMEDIATE_CA)
Hanno Beckera6bca9f2017-07-26 13:35:11 +01003750
Simon Butcherbcfa6f42017-07-28 15:59:35 +01003751if [ -n "$MAX_IM_CA_CONFIG" ] && [ "$MAX_IM_CA_CONFIG" -ne "$MAX_IM_CA" ]; then
Simon Butcher06b78632017-07-28 01:00:17 +01003752 printf "The ${CONFIG_H} file contains a value for the configuration of\n"
Simon Butcherbcfa6f42017-07-28 15:59:35 +01003753 printf "MBEDTLS_X509_MAX_INTERMEDIATE_CA that is different from the script’s\n"
Simon Butcher06b78632017-07-28 01:00:17 +01003754 printf "test value of ${MAX_IM_CA}. \n"
3755 printf "\n"
Simon Butcherbcfa6f42017-07-28 15:59:35 +01003756 printf "The tests assume this value and if it changes, the tests in this\n"
3757 printf "script should also be adjusted.\n"
Simon Butcher06b78632017-07-28 01:00:17 +01003758 printf "\n"
Simon Butcher06b78632017-07-28 01:00:17 +01003759
3760 exit 1
Hanno Beckera6bca9f2017-07-26 13:35:11 +01003761fi
3762
Angus Grattonc4dd0732018-04-11 16:28:39 +10003763requires_full_size_output_buffer
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02003764run_test "Authentication: server max_int chain, client default" \
3765 "$P_SRV crt_file=data_files/dir-maxpath/c09.pem \
3766 key_file=data_files/dir-maxpath/09.key" \
3767 "$P_CLI server_name=CA09 ca_file=data_files/dir-maxpath/00.crt" \
3768 0 \
Antonin Décimod5f47592019-01-23 15:24:37 +01003769 -C "X509 - A fatal error occurred"
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02003770
Angus Grattonc4dd0732018-04-11 16:28:39 +10003771requires_full_size_output_buffer
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02003772run_test "Authentication: server max_int+1 chain, client default" \
3773 "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
3774 key_file=data_files/dir-maxpath/10.key" \
3775 "$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt" \
3776 1 \
Antonin Décimod5f47592019-01-23 15:24:37 +01003777 -c "X509 - A fatal error occurred"
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02003778
Angus Grattonc4dd0732018-04-11 16:28:39 +10003779requires_full_size_output_buffer
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02003780run_test "Authentication: server max_int+1 chain, client optional" \
3781 "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
3782 key_file=data_files/dir-maxpath/10.key" \
3783 "$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \
3784 auth_mode=optional" \
3785 1 \
Antonin Décimod5f47592019-01-23 15:24:37 +01003786 -c "X509 - A fatal error occurred"
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02003787
Angus Grattonc4dd0732018-04-11 16:28:39 +10003788requires_full_size_output_buffer
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02003789run_test "Authentication: server max_int+1 chain, client none" \
3790 "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
3791 key_file=data_files/dir-maxpath/10.key" \
3792 "$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \
3793 auth_mode=none" \
3794 0 \
Antonin Décimod5f47592019-01-23 15:24:37 +01003795 -C "X509 - A fatal error occurred"
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02003796
Angus Grattonc4dd0732018-04-11 16:28:39 +10003797requires_full_size_output_buffer
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02003798run_test "Authentication: client max_int+1 chain, server default" \
3799 "$P_SRV ca_file=data_files/dir-maxpath/00.crt" \
3800 "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
3801 key_file=data_files/dir-maxpath/10.key" \
3802 0 \
Antonin Décimod5f47592019-01-23 15:24:37 +01003803 -S "X509 - A fatal error occurred"
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02003804
Angus Grattonc4dd0732018-04-11 16:28:39 +10003805requires_full_size_output_buffer
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02003806run_test "Authentication: client max_int+1 chain, server optional" \
3807 "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=optional" \
3808 "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
3809 key_file=data_files/dir-maxpath/10.key" \
3810 1 \
Antonin Décimod5f47592019-01-23 15:24:37 +01003811 -s "X509 - A fatal error occurred"
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02003812
Angus Grattonc4dd0732018-04-11 16:28:39 +10003813requires_full_size_output_buffer
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02003814run_test "Authentication: client max_int+1 chain, server required" \
3815 "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
3816 "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
3817 key_file=data_files/dir-maxpath/10.key" \
3818 1 \
Antonin Décimod5f47592019-01-23 15:24:37 +01003819 -s "X509 - A fatal error occurred"
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02003820
Angus Grattonc4dd0732018-04-11 16:28:39 +10003821requires_full_size_output_buffer
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02003822run_test "Authentication: client max_int chain, server required" \
3823 "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
3824 "$P_CLI crt_file=data_files/dir-maxpath/c09.pem \
3825 key_file=data_files/dir-maxpath/09.key" \
3826 0 \
Antonin Décimod5f47592019-01-23 15:24:37 +01003827 -S "X509 - A fatal error occurred"
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02003828
Janos Follath89baba22017-04-10 14:34:35 +01003829# Tests for CA list in CertificateRequest messages
3830
3831run_test "Authentication: send CA list in CertificateRequest (default)" \
3832 "$P_SRV debug_level=3 auth_mode=required" \
3833 "$P_CLI crt_file=data_files/server6.crt \
3834 key_file=data_files/server6.key" \
3835 0 \
3836 -s "requested DN"
3837
3838run_test "Authentication: do not send CA list in CertificateRequest" \
3839 "$P_SRV debug_level=3 auth_mode=required cert_req_ca_list=0" \
3840 "$P_CLI crt_file=data_files/server6.crt \
3841 key_file=data_files/server6.key" \
3842 0 \
3843 -S "requested DN"
3844
Hanno Becker4a156fc2019-06-14 17:07:06 +01003845requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Janos Follath89baba22017-04-10 14:34:35 +01003846run_test "Authentication: send CA list in CertificateRequest, client self signed" \
3847 "$P_SRV debug_level=3 auth_mode=required cert_req_ca_list=0" \
3848 "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \
3849 key_file=data_files/server5.key" \
3850 1 \
3851 -S "requested DN" \
3852 -s "x509_verify_cert() returned" \
3853 -s "! The certificate is not correctly signed by the trusted CA" \
3854 -s "! mbedtls_ssl_handshake returned" \
3855 -c "! mbedtls_ssl_handshake returned" \
3856 -s "X509 - Certificate verification failed"
3857
Manuel Pégourié-Gonnarddf331a52015-01-08 16:43:07 +01003858# Tests for certificate selection based on SHA verson
3859
Hanno Becker4a156fc2019-06-14 17:07:06 +01003860requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Manuel Pégourié-Gonnarddf331a52015-01-08 16:43:07 +01003861run_test "Certificate hash: client TLS 1.2 -> SHA-2" \
3862 "$P_SRV crt_file=data_files/server5.crt \
3863 key_file=data_files/server5.key \
3864 crt_file2=data_files/server5-sha1.crt \
3865 key_file2=data_files/server5.key" \
3866 "$P_CLI force_version=tls1_2" \
3867 0 \
3868 -c "signed using.*ECDSA with SHA256" \
3869 -C "signed using.*ECDSA with SHA1"
3870
Hanno Becker4a156fc2019-06-14 17:07:06 +01003871requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Manuel Pégourié-Gonnarddf331a52015-01-08 16:43:07 +01003872run_test "Certificate hash: client TLS 1.1 -> SHA-1" \
3873 "$P_SRV crt_file=data_files/server5.crt \
3874 key_file=data_files/server5.key \
3875 crt_file2=data_files/server5-sha1.crt \
3876 key_file2=data_files/server5.key" \
3877 "$P_CLI force_version=tls1_1" \
3878 0 \
3879 -C "signed using.*ECDSA with SHA256" \
3880 -c "signed using.*ECDSA with SHA1"
3881
Hanno Becker4a156fc2019-06-14 17:07:06 +01003882requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Manuel Pégourié-Gonnarddf331a52015-01-08 16:43:07 +01003883run_test "Certificate hash: client TLS 1.0 -> SHA-1" \
3884 "$P_SRV crt_file=data_files/server5.crt \
3885 key_file=data_files/server5.key \
3886 crt_file2=data_files/server5-sha1.crt \
3887 key_file2=data_files/server5.key" \
3888 "$P_CLI force_version=tls1" \
3889 0 \
3890 -C "signed using.*ECDSA with SHA256" \
3891 -c "signed using.*ECDSA with SHA1"
3892
Hanno Becker4a156fc2019-06-14 17:07:06 +01003893requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Manuel Pégourié-Gonnarddf331a52015-01-08 16:43:07 +01003894run_test "Certificate hash: client TLS 1.1, no SHA-1 -> SHA-2 (order 1)" \
3895 "$P_SRV crt_file=data_files/server5.crt \
3896 key_file=data_files/server5.key \
3897 crt_file2=data_files/server6.crt \
3898 key_file2=data_files/server6.key" \
3899 "$P_CLI force_version=tls1_1" \
3900 0 \
3901 -c "serial number.*09" \
3902 -c "signed using.*ECDSA with SHA256" \
3903 -C "signed using.*ECDSA with SHA1"
3904
Hanno Becker4a156fc2019-06-14 17:07:06 +01003905requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Manuel Pégourié-Gonnarddf331a52015-01-08 16:43:07 +01003906run_test "Certificate hash: client TLS 1.1, no SHA-1 -> SHA-2 (order 2)" \
3907 "$P_SRV crt_file=data_files/server6.crt \
3908 key_file=data_files/server6.key \
3909 crt_file2=data_files/server5.crt \
3910 key_file2=data_files/server5.key" \
3911 "$P_CLI force_version=tls1_1" \
3912 0 \
3913 -c "serial number.*0A" \
3914 -c "signed using.*ECDSA with SHA256" \
3915 -C "signed using.*ECDSA with SHA1"
3916
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01003917# tests for SNI
3918
Hanno Becker4a156fc2019-06-14 17:07:06 +01003919requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003920run_test "SNI: no SNI callback" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02003921 "$P_SRV debug_level=3 \
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01003922 crt_file=data_files/server5.crt key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02003923 "$P_CLI server_name=localhost" \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02003924 0 \
3925 -S "parse ServerName extension" \
3926 -c "issuer name *: C=NL, O=PolarSSL, CN=Polarssl Test EC CA" \
3927 -c "subject name *: C=NL, O=PolarSSL, CN=localhost"
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01003928
Hanno Becker4a156fc2019-06-14 17:07:06 +01003929requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003930run_test "SNI: matching cert 1" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02003931 "$P_SRV debug_level=3 \
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01003932 crt_file=data_files/server5.crt key_file=data_files/server5.key \
Manuel Pégourié-Gonnard4d6f1782015-06-19 14:40:39 +02003933 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02003934 "$P_CLI server_name=localhost" \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02003935 0 \
3936 -s "parse ServerName extension" \
3937 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
3938 -c "subject name *: C=NL, O=PolarSSL, CN=localhost"
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01003939
Hanno Becker4a156fc2019-06-14 17:07:06 +01003940requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003941run_test "SNI: matching cert 2" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02003942 "$P_SRV debug_level=3 \
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01003943 crt_file=data_files/server5.crt key_file=data_files/server5.key \
Manuel Pégourié-Gonnard4d6f1782015-06-19 14:40:39 +02003944 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02003945 "$P_CLI server_name=polarssl.example" \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02003946 0 \
3947 -s "parse ServerName extension" \
3948 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
3949 -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example"
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01003950
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003951run_test "SNI: no matching cert" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02003952 "$P_SRV debug_level=3 \
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01003953 crt_file=data_files/server5.crt key_file=data_files/server5.key \
Manuel Pégourié-Gonnard4d6f1782015-06-19 14:40:39 +02003954 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02003955 "$P_CLI server_name=nonesuch.example" \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02003956 1 \
3957 -s "parse ServerName extension" \
3958 -s "ssl_sni_wrapper() returned" \
3959 -s "mbedtls_ssl_handshake returned" \
3960 -c "mbedtls_ssl_handshake returned" \
3961 -c "SSL - A fatal alert message was received from our peer"
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01003962
Manuel Pégourié-Gonnardc948a792015-06-22 16:04:20 +02003963run_test "SNI: client auth no override: optional" \
3964 "$P_SRV debug_level=3 auth_mode=optional \
3965 crt_file=data_files/server5.crt key_file=data_files/server5.key \
3966 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-" \
3967 "$P_CLI debug_level=3 server_name=localhost" \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02003968 0 \
Manuel Pégourié-Gonnardc948a792015-06-22 16:04:20 +02003969 -S "skip write certificate request" \
3970 -C "skip parse certificate request" \
3971 -c "got a certificate request" \
3972 -C "skip write certificate" \
3973 -C "skip write certificate verify" \
3974 -S "skip parse certificate verify"
3975
3976run_test "SNI: client auth override: none -> optional" \
3977 "$P_SRV debug_level=3 auth_mode=none \
3978 crt_file=data_files/server5.crt key_file=data_files/server5.key \
3979 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,optional" \
3980 "$P_CLI debug_level=3 server_name=localhost" \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02003981 0 \
Manuel Pégourié-Gonnardc948a792015-06-22 16:04:20 +02003982 -S "skip write certificate request" \
3983 -C "skip parse certificate request" \
3984 -c "got a certificate request" \
3985 -C "skip write certificate" \
3986 -C "skip write certificate verify" \
3987 -S "skip parse certificate verify"
3988
3989run_test "SNI: client auth override: optional -> none" \
3990 "$P_SRV debug_level=3 auth_mode=optional \
3991 crt_file=data_files/server5.crt key_file=data_files/server5.key \
3992 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,none" \
3993 "$P_CLI debug_level=3 server_name=localhost" \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02003994 0 \
Manuel Pégourié-Gonnardc948a792015-06-22 16:04:20 +02003995 -s "skip write certificate request" \
3996 -C "skip parse certificate request" \
3997 -c "got no certificate request" \
3998 -c "skip write certificate" \
3999 -c "skip write certificate verify" \
4000 -s "skip parse certificate verify"
4001
Hanno Becker4a156fc2019-06-14 17:07:06 +01004002requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02004003run_test "SNI: CA no override" \
4004 "$P_SRV debug_level=3 auth_mode=optional \
4005 crt_file=data_files/server5.crt key_file=data_files/server5.key \
4006 ca_file=data_files/test-ca.crt \
4007 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,required" \
4008 "$P_CLI debug_level=3 server_name=localhost \
4009 crt_file=data_files/server6.crt key_file=data_files/server6.key" \
4010 1 \
4011 -S "skip write certificate request" \
4012 -C "skip parse certificate request" \
4013 -c "got a certificate request" \
4014 -C "skip write certificate" \
4015 -C "skip write certificate verify" \
4016 -S "skip parse certificate verify" \
4017 -s "x509_verify_cert() returned" \
4018 -s "! The certificate is not correctly signed by the trusted CA" \
4019 -S "The certificate has been revoked (is on a CRL)"
4020
Hanno Becker4a156fc2019-06-14 17:07:06 +01004021requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02004022run_test "SNI: CA override" \
4023 "$P_SRV debug_level=3 auth_mode=optional \
4024 crt_file=data_files/server5.crt key_file=data_files/server5.key \
4025 ca_file=data_files/test-ca.crt \
4026 sni=localhost,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,-,required" \
4027 "$P_CLI debug_level=3 server_name=localhost \
4028 crt_file=data_files/server6.crt key_file=data_files/server6.key" \
4029 0 \
4030 -S "skip write certificate request" \
4031 -C "skip parse certificate request" \
4032 -c "got a certificate request" \
4033 -C "skip write certificate" \
4034 -C "skip write certificate verify" \
4035 -S "skip parse certificate verify" \
4036 -S "x509_verify_cert() returned" \
4037 -S "! The certificate is not correctly signed by the trusted CA" \
4038 -S "The certificate has been revoked (is on a CRL)"
4039
Hanno Becker4a156fc2019-06-14 17:07:06 +01004040requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02004041run_test "SNI: CA override with CRL" \
4042 "$P_SRV debug_level=3 auth_mode=optional \
4043 crt_file=data_files/server5.crt key_file=data_files/server5.key \
4044 ca_file=data_files/test-ca.crt \
4045 sni=localhost,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,data_files/crl-ec-sha256.pem,required" \
4046 "$P_CLI debug_level=3 server_name=localhost \
4047 crt_file=data_files/server6.crt key_file=data_files/server6.key" \
4048 1 \
4049 -S "skip write certificate request" \
4050 -C "skip parse certificate request" \
4051 -c "got a certificate request" \
4052 -C "skip write certificate" \
4053 -C "skip write certificate verify" \
4054 -S "skip parse certificate verify" \
4055 -s "x509_verify_cert() returned" \
4056 -S "! The certificate is not correctly signed by the trusted CA" \
4057 -s "The certificate has been revoked (is on a CRL)"
4058
Andres AG1a834452016-12-07 10:01:30 +00004059# Tests for SNI and DTLS
4060
Hanno Becker4a156fc2019-06-14 17:07:06 +01004061requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Andres Amaya Garcia54306c12018-05-01 20:27:37 +01004062run_test "SNI: DTLS, no SNI callback" \
4063 "$P_SRV debug_level=3 dtls=1 \
4064 crt_file=data_files/server5.crt key_file=data_files/server5.key" \
4065 "$P_CLI server_name=localhost dtls=1" \
4066 0 \
4067 -S "parse ServerName extension" \
4068 -c "issuer name *: C=NL, O=PolarSSL, CN=Polarssl Test EC CA" \
4069 -c "subject name *: C=NL, O=PolarSSL, CN=localhost"
4070
Hanno Becker4a156fc2019-06-14 17:07:06 +01004071requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Andres Amaya Garciaf77d3d32018-05-01 20:26:47 +01004072run_test "SNI: DTLS, matching cert 1" \
Andres AG1a834452016-12-07 10:01:30 +00004073 "$P_SRV debug_level=3 dtls=1 \
4074 crt_file=data_files/server5.crt key_file=data_files/server5.key \
4075 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
4076 "$P_CLI server_name=localhost dtls=1" \
4077 0 \
4078 -s "parse ServerName extension" \
4079 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
4080 -c "subject name *: C=NL, O=PolarSSL, CN=localhost"
4081
Hanno Becker4a156fc2019-06-14 17:07:06 +01004082requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Andres Amaya Garcia54306c12018-05-01 20:27:37 +01004083run_test "SNI: DTLS, matching cert 2" \
4084 "$P_SRV debug_level=3 dtls=1 \
4085 crt_file=data_files/server5.crt key_file=data_files/server5.key \
4086 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
4087 "$P_CLI server_name=polarssl.example dtls=1" \
4088 0 \
4089 -s "parse ServerName extension" \
4090 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
4091 -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example"
4092
4093run_test "SNI: DTLS, no matching cert" \
4094 "$P_SRV debug_level=3 dtls=1 \
4095 crt_file=data_files/server5.crt key_file=data_files/server5.key \
4096 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
4097 "$P_CLI server_name=nonesuch.example dtls=1" \
4098 1 \
4099 -s "parse ServerName extension" \
4100 -s "ssl_sni_wrapper() returned" \
4101 -s "mbedtls_ssl_handshake returned" \
4102 -c "mbedtls_ssl_handshake returned" \
4103 -c "SSL - A fatal alert message was received from our peer"
4104
4105run_test "SNI: DTLS, client auth no override: optional" \
4106 "$P_SRV debug_level=3 auth_mode=optional dtls=1 \
4107 crt_file=data_files/server5.crt key_file=data_files/server5.key \
4108 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-" \
4109 "$P_CLI debug_level=3 server_name=localhost dtls=1" \
4110 0 \
4111 -S "skip write certificate request" \
4112 -C "skip parse certificate request" \
4113 -c "got a certificate request" \
4114 -C "skip write certificate" \
4115 -C "skip write certificate verify" \
4116 -S "skip parse certificate verify"
4117
4118run_test "SNI: DTLS, client auth override: none -> optional" \
4119 "$P_SRV debug_level=3 auth_mode=none dtls=1 \
4120 crt_file=data_files/server5.crt key_file=data_files/server5.key \
4121 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,optional" \
4122 "$P_CLI debug_level=3 server_name=localhost dtls=1" \
4123 0 \
4124 -S "skip write certificate request" \
4125 -C "skip parse certificate request" \
4126 -c "got a certificate request" \
4127 -C "skip write certificate" \
4128 -C "skip write certificate verify" \
4129 -S "skip parse certificate verify"
4130
4131run_test "SNI: DTLS, client auth override: optional -> none" \
4132 "$P_SRV debug_level=3 auth_mode=optional dtls=1 \
4133 crt_file=data_files/server5.crt key_file=data_files/server5.key \
4134 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,none" \
4135 "$P_CLI debug_level=3 server_name=localhost dtls=1" \
4136 0 \
4137 -s "skip write certificate request" \
4138 -C "skip parse certificate request" \
4139 -c "got no certificate request" \
4140 -c "skip write certificate" \
4141 -c "skip write certificate verify" \
4142 -s "skip parse certificate verify"
4143
Hanno Becker4a156fc2019-06-14 17:07:06 +01004144requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Andres Amaya Garcia54306c12018-05-01 20:27:37 +01004145run_test "SNI: DTLS, CA no override" \
4146 "$P_SRV debug_level=3 auth_mode=optional dtls=1 \
4147 crt_file=data_files/server5.crt key_file=data_files/server5.key \
4148 ca_file=data_files/test-ca.crt \
4149 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,required" \
4150 "$P_CLI debug_level=3 server_name=localhost dtls=1 \
4151 crt_file=data_files/server6.crt key_file=data_files/server6.key" \
4152 1 \
4153 -S "skip write certificate request" \
4154 -C "skip parse certificate request" \
4155 -c "got a certificate request" \
4156 -C "skip write certificate" \
4157 -C "skip write certificate verify" \
4158 -S "skip parse certificate verify" \
4159 -s "x509_verify_cert() returned" \
4160 -s "! The certificate is not correctly signed by the trusted CA" \
4161 -S "The certificate has been revoked (is on a CRL)"
4162
Andres Amaya Garciaf77d3d32018-05-01 20:26:47 +01004163run_test "SNI: DTLS, CA override" \
Andres AG1a834452016-12-07 10:01:30 +00004164 "$P_SRV debug_level=3 auth_mode=optional dtls=1 \
4165 crt_file=data_files/server5.crt key_file=data_files/server5.key \
4166 ca_file=data_files/test-ca.crt \
4167 sni=localhost,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,-,required" \
4168 "$P_CLI debug_level=3 server_name=localhost dtls=1 \
4169 crt_file=data_files/server6.crt key_file=data_files/server6.key" \
4170 0 \
4171 -S "skip write certificate request" \
4172 -C "skip parse certificate request" \
4173 -c "got a certificate request" \
4174 -C "skip write certificate" \
4175 -C "skip write certificate verify" \
4176 -S "skip parse certificate verify" \
4177 -S "x509_verify_cert() returned" \
4178 -S "! The certificate is not correctly signed by the trusted CA" \
4179 -S "The certificate has been revoked (is on a CRL)"
4180
Hanno Becker4a156fc2019-06-14 17:07:06 +01004181requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Andres Amaya Garciaf77d3d32018-05-01 20:26:47 +01004182run_test "SNI: DTLS, CA override with CRL" \
Andres AG1a834452016-12-07 10:01:30 +00004183 "$P_SRV debug_level=3 auth_mode=optional \
4184 crt_file=data_files/server5.crt key_file=data_files/server5.key dtls=1 \
4185 ca_file=data_files/test-ca.crt \
4186 sni=localhost,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,data_files/crl-ec-sha256.pem,required" \
4187 "$P_CLI debug_level=3 server_name=localhost dtls=1 \
4188 crt_file=data_files/server6.crt key_file=data_files/server6.key" \
4189 1 \
4190 -S "skip write certificate request" \
4191 -C "skip parse certificate request" \
4192 -c "got a certificate request" \
4193 -C "skip write certificate" \
4194 -C "skip write certificate verify" \
4195 -S "skip parse certificate verify" \
4196 -s "x509_verify_cert() returned" \
4197 -S "! The certificate is not correctly signed by the trusted CA" \
4198 -s "The certificate has been revoked (is on a CRL)"
4199
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01004200# Tests for non-blocking I/O: exercise a variety of handshake flows
4201
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004202run_test "Non-blocking I/O: basic handshake" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01004203 "$P_SRV nbio=2 tickets=0 auth_mode=none" \
4204 "$P_CLI nbio=2 tickets=0" \
4205 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004206 -S "mbedtls_ssl_handshake returned" \
4207 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01004208 -c "Read from server: .* bytes read"
4209
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004210run_test "Non-blocking I/O: client auth" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01004211 "$P_SRV nbio=2 tickets=0 auth_mode=required" \
4212 "$P_CLI nbio=2 tickets=0" \
4213 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004214 -S "mbedtls_ssl_handshake returned" \
4215 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01004216 -c "Read from server: .* bytes read"
4217
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004218run_test "Non-blocking I/O: ticket" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01004219 "$P_SRV nbio=2 tickets=1 auth_mode=none" \
4220 "$P_CLI nbio=2 tickets=1" \
4221 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004222 -S "mbedtls_ssl_handshake returned" \
4223 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01004224 -c "Read from server: .* bytes read"
4225
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004226run_test "Non-blocking I/O: ticket + client auth" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01004227 "$P_SRV nbio=2 tickets=1 auth_mode=required" \
4228 "$P_CLI nbio=2 tickets=1" \
4229 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004230 -S "mbedtls_ssl_handshake returned" \
4231 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01004232 -c "Read from server: .* bytes read"
4233
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004234run_test "Non-blocking I/O: ticket + client auth + resume" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01004235 "$P_SRV nbio=2 tickets=1 auth_mode=required" \
4236 "$P_CLI nbio=2 tickets=1 reconnect=1" \
4237 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004238 -S "mbedtls_ssl_handshake returned" \
4239 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01004240 -c "Read from server: .* bytes read"
4241
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004242run_test "Non-blocking I/O: ticket + resume" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01004243 "$P_SRV nbio=2 tickets=1 auth_mode=none" \
4244 "$P_CLI nbio=2 tickets=1 reconnect=1" \
4245 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004246 -S "mbedtls_ssl_handshake returned" \
4247 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01004248 -c "Read from server: .* bytes read"
4249
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004250run_test "Non-blocking I/O: session-id resume" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01004251 "$P_SRV nbio=2 tickets=0 auth_mode=none" \
4252 "$P_CLI nbio=2 tickets=0 reconnect=1" \
4253 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004254 -S "mbedtls_ssl_handshake returned" \
4255 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01004256 -c "Read from server: .* bytes read"
4257
Hanno Becker00076712017-11-15 16:39:08 +00004258# Tests for event-driven I/O: exercise a variety of handshake flows
4259
4260run_test "Event-driven I/O: basic handshake" \
4261 "$P_SRV event=1 tickets=0 auth_mode=none" \
4262 "$P_CLI event=1 tickets=0" \
4263 0 \
4264 -S "mbedtls_ssl_handshake returned" \
4265 -C "mbedtls_ssl_handshake returned" \
4266 -c "Read from server: .* bytes read"
4267
4268run_test "Event-driven I/O: client auth" \
4269 "$P_SRV event=1 tickets=0 auth_mode=required" \
4270 "$P_CLI event=1 tickets=0" \
4271 0 \
4272 -S "mbedtls_ssl_handshake returned" \
4273 -C "mbedtls_ssl_handshake returned" \
4274 -c "Read from server: .* bytes read"
4275
4276run_test "Event-driven I/O: ticket" \
4277 "$P_SRV event=1 tickets=1 auth_mode=none" \
4278 "$P_CLI event=1 tickets=1" \
4279 0 \
4280 -S "mbedtls_ssl_handshake returned" \
4281 -C "mbedtls_ssl_handshake returned" \
4282 -c "Read from server: .* bytes read"
4283
4284run_test "Event-driven I/O: ticket + client auth" \
4285 "$P_SRV event=1 tickets=1 auth_mode=required" \
4286 "$P_CLI event=1 tickets=1" \
4287 0 \
4288 -S "mbedtls_ssl_handshake returned" \
4289 -C "mbedtls_ssl_handshake returned" \
4290 -c "Read from server: .* bytes read"
4291
4292run_test "Event-driven I/O: ticket + client auth + resume" \
4293 "$P_SRV event=1 tickets=1 auth_mode=required" \
4294 "$P_CLI event=1 tickets=1 reconnect=1" \
4295 0 \
4296 -S "mbedtls_ssl_handshake returned" \
4297 -C "mbedtls_ssl_handshake returned" \
4298 -c "Read from server: .* bytes read"
4299
4300run_test "Event-driven I/O: ticket + resume" \
4301 "$P_SRV event=1 tickets=1 auth_mode=none" \
4302 "$P_CLI event=1 tickets=1 reconnect=1" \
4303 0 \
4304 -S "mbedtls_ssl_handshake returned" \
4305 -C "mbedtls_ssl_handshake returned" \
4306 -c "Read from server: .* bytes read"
4307
4308run_test "Event-driven I/O: session-id resume" \
4309 "$P_SRV event=1 tickets=0 auth_mode=none" \
4310 "$P_CLI event=1 tickets=0 reconnect=1" \
4311 0 \
4312 -S "mbedtls_ssl_handshake returned" \
4313 -C "mbedtls_ssl_handshake returned" \
4314 -c "Read from server: .* bytes read"
4315
Hanno Becker6a33f592018-03-13 11:38:46 +00004316run_test "Event-driven I/O, DTLS: basic handshake" \
4317 "$P_SRV dtls=1 event=1 tickets=0 auth_mode=none" \
4318 "$P_CLI dtls=1 event=1 tickets=0" \
4319 0 \
4320 -c "Read from server: .* bytes read"
4321
4322run_test "Event-driven I/O, DTLS: client auth" \
4323 "$P_SRV dtls=1 event=1 tickets=0 auth_mode=required" \
4324 "$P_CLI dtls=1 event=1 tickets=0" \
4325 0 \
4326 -c "Read from server: .* bytes read"
4327
4328run_test "Event-driven I/O, DTLS: ticket" \
4329 "$P_SRV dtls=1 event=1 tickets=1 auth_mode=none" \
4330 "$P_CLI dtls=1 event=1 tickets=1" \
4331 0 \
4332 -c "Read from server: .* bytes read"
4333
4334run_test "Event-driven I/O, DTLS: ticket + client auth" \
4335 "$P_SRV dtls=1 event=1 tickets=1 auth_mode=required" \
4336 "$P_CLI dtls=1 event=1 tickets=1" \
4337 0 \
4338 -c "Read from server: .* bytes read"
4339
4340run_test "Event-driven I/O, DTLS: ticket + client auth + resume" \
4341 "$P_SRV dtls=1 event=1 tickets=1 auth_mode=required" \
4342 "$P_CLI dtls=1 event=1 tickets=1 reconnect=1" \
4343 0 \
4344 -c "Read from server: .* bytes read"
4345
4346run_test "Event-driven I/O, DTLS: ticket + resume" \
4347 "$P_SRV dtls=1 event=1 tickets=1 auth_mode=none" \
4348 "$P_CLI dtls=1 event=1 tickets=1 reconnect=1" \
4349 0 \
4350 -c "Read from server: .* bytes read"
4351
4352run_test "Event-driven I/O, DTLS: session-id resume" \
4353 "$P_SRV dtls=1 event=1 tickets=0 auth_mode=none" \
4354 "$P_CLI dtls=1 event=1 tickets=0 reconnect=1" \
4355 0 \
4356 -c "Read from server: .* bytes read"
Hanno Beckerbc6c1102018-03-13 11:39:40 +00004357
4358# This test demonstrates the need for the mbedtls_ssl_check_pending function.
4359# During session resumption, the client will send its ApplicationData record
4360# within the same datagram as the Finished messages. In this situation, the
4361# server MUST NOT idle on the underlying transport after handshake completion,
4362# because the ApplicationData request has already been queued internally.
4363run_test "Event-driven I/O, DTLS: session-id resume, UDP packing" \
Hanno Becker8d832182018-03-15 10:14:19 +00004364 -p "$P_PXY pack=50" \
Hanno Beckerbc6c1102018-03-13 11:39:40 +00004365 "$P_SRV dtls=1 event=1 tickets=0 auth_mode=required" \
4366 "$P_CLI dtls=1 event=1 tickets=0 reconnect=1" \
4367 0 \
4368 -c "Read from server: .* bytes read"
4369
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02004370# Tests for version negotiation
4371
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004372run_test "Version check: all -> 1.2" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01004373 "$P_SRV" \
4374 "$P_CLI" \
4375 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004376 -S "mbedtls_ssl_handshake returned" \
4377 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01004378 -s "Protocol is TLSv1.2" \
4379 -c "Protocol is TLSv1.2"
4380
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004381run_test "Version check: cli max 1.1 -> 1.1" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01004382 "$P_SRV" \
4383 "$P_CLI max_version=tls1_1" \
4384 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004385 -S "mbedtls_ssl_handshake returned" \
4386 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01004387 -s "Protocol is TLSv1.1" \
4388 -c "Protocol is TLSv1.1"
4389
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004390run_test "Version check: srv max 1.1 -> 1.1" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01004391 "$P_SRV max_version=tls1_1" \
4392 "$P_CLI" \
4393 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004394 -S "mbedtls_ssl_handshake returned" \
4395 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01004396 -s "Protocol is TLSv1.1" \
4397 -c "Protocol is TLSv1.1"
4398
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004399run_test "Version check: cli+srv max 1.1 -> 1.1" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01004400 "$P_SRV max_version=tls1_1" \
4401 "$P_CLI max_version=tls1_1" \
4402 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004403 -S "mbedtls_ssl_handshake returned" \
4404 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01004405 -s "Protocol is TLSv1.1" \
4406 -c "Protocol is TLSv1.1"
4407
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004408run_test "Version check: cli max 1.1, srv min 1.1 -> 1.1" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01004409 "$P_SRV min_version=tls1_1" \
4410 "$P_CLI max_version=tls1_1" \
4411 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004412 -S "mbedtls_ssl_handshake returned" \
4413 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01004414 -s "Protocol is TLSv1.1" \
4415 -c "Protocol is TLSv1.1"
4416
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004417run_test "Version check: cli min 1.1, srv max 1.1 -> 1.1" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01004418 "$P_SRV max_version=tls1_1" \
4419 "$P_CLI min_version=tls1_1" \
4420 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004421 -S "mbedtls_ssl_handshake returned" \
4422 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01004423 -s "Protocol is TLSv1.1" \
4424 -c "Protocol is TLSv1.1"
4425
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004426run_test "Version check: cli min 1.2, srv max 1.1 -> fail" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01004427 "$P_SRV max_version=tls1_1" \
4428 "$P_CLI min_version=tls1_2" \
4429 1 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004430 -s "mbedtls_ssl_handshake returned" \
4431 -c "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01004432 -c "SSL - Handshake protocol not within min/max boundaries"
4433
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004434run_test "Version check: srv min 1.2, cli max 1.1 -> fail" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01004435 "$P_SRV min_version=tls1_2" \
4436 "$P_CLI max_version=tls1_1" \
4437 1 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004438 -s "mbedtls_ssl_handshake returned" \
4439 -c "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01004440 -s "SSL - Handshake protocol not within min/max boundaries"
4441
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02004442# Tests for ALPN extension
4443
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004444run_test "ALPN: none" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004445 "$P_SRV debug_level=3" \
4446 "$P_CLI debug_level=3" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02004447 0 \
4448 -C "client hello, adding alpn extension" \
4449 -S "found alpn extension" \
4450 -C "got an alert message, type: \\[2:120]" \
4451 -S "server hello, adding alpn extension" \
4452 -C "found alpn extension " \
4453 -C "Application Layer Protocol is" \
4454 -S "Application Layer Protocol is"
4455
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004456run_test "ALPN: client only" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004457 "$P_SRV debug_level=3" \
4458 "$P_CLI debug_level=3 alpn=abc,1234" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02004459 0 \
4460 -c "client hello, adding alpn extension" \
4461 -s "found alpn extension" \
4462 -C "got an alert message, type: \\[2:120]" \
4463 -S "server hello, adding alpn extension" \
4464 -C "found alpn extension " \
4465 -c "Application Layer Protocol is (none)" \
4466 -S "Application Layer Protocol is"
4467
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004468run_test "ALPN: server only" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004469 "$P_SRV debug_level=3 alpn=abc,1234" \
4470 "$P_CLI debug_level=3" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02004471 0 \
4472 -C "client hello, adding alpn extension" \
4473 -S "found alpn extension" \
4474 -C "got an alert message, type: \\[2:120]" \
4475 -S "server hello, adding alpn extension" \
4476 -C "found alpn extension " \
4477 -C "Application Layer Protocol is" \
4478 -s "Application Layer Protocol is (none)"
4479
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004480run_test "ALPN: both, common cli1-srv1" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004481 "$P_SRV debug_level=3 alpn=abc,1234" \
4482 "$P_CLI debug_level=3 alpn=abc,1234" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02004483 0 \
4484 -c "client hello, adding alpn extension" \
4485 -s "found alpn extension" \
4486 -C "got an alert message, type: \\[2:120]" \
4487 -s "server hello, adding alpn extension" \
4488 -c "found alpn extension" \
4489 -c "Application Layer Protocol is abc" \
4490 -s "Application Layer Protocol is abc"
4491
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004492run_test "ALPN: both, common cli2-srv1" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004493 "$P_SRV debug_level=3 alpn=abc,1234" \
4494 "$P_CLI debug_level=3 alpn=1234,abc" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02004495 0 \
4496 -c "client hello, adding alpn extension" \
4497 -s "found alpn extension" \
4498 -C "got an alert message, type: \\[2:120]" \
4499 -s "server hello, adding alpn extension" \
4500 -c "found alpn extension" \
4501 -c "Application Layer Protocol is abc" \
4502 -s "Application Layer Protocol is abc"
4503
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004504run_test "ALPN: both, common cli1-srv2" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004505 "$P_SRV debug_level=3 alpn=abc,1234" \
4506 "$P_CLI debug_level=3 alpn=1234,abcde" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02004507 0 \
4508 -c "client hello, adding alpn extension" \
4509 -s "found alpn extension" \
4510 -C "got an alert message, type: \\[2:120]" \
4511 -s "server hello, adding alpn extension" \
4512 -c "found alpn extension" \
4513 -c "Application Layer Protocol is 1234" \
4514 -s "Application Layer Protocol is 1234"
4515
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004516run_test "ALPN: both, no common" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004517 "$P_SRV debug_level=3 alpn=abc,123" \
4518 "$P_CLI debug_level=3 alpn=1234,abcde" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02004519 1 \
4520 -c "client hello, adding alpn extension" \
4521 -s "found alpn extension" \
4522 -c "got an alert message, type: \\[2:120]" \
4523 -S "server hello, adding alpn extension" \
4524 -C "found alpn extension" \
4525 -C "Application Layer Protocol is 1234" \
4526 -S "Application Layer Protocol is 1234"
4527
Manuel Pégourié-Gonnard83d8c732014-04-07 13:24:21 +02004528
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02004529# Tests for keyUsage in leaf certificates, part 1:
4530# server-side certificate/suite selection
4531
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004532run_test "keyUsage srv: RSA, digitalSignature -> (EC)DHE-RSA" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02004533 "$P_SRV key_file=data_files/server2.key \
4534 crt_file=data_files/server2.ku-ds.crt" \
4535 "$P_CLI" \
4536 0 \
Manuel Pégourié-Gonnard17cde5f2014-05-22 14:42:39 +02004537 -c "Ciphersuite is TLS-[EC]*DHE-RSA-WITH-"
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02004538
4539
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004540run_test "keyUsage srv: RSA, keyEncipherment -> RSA" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02004541 "$P_SRV key_file=data_files/server2.key \
4542 crt_file=data_files/server2.ku-ke.crt" \
4543 "$P_CLI" \
4544 0 \
4545 -c "Ciphersuite is TLS-RSA-WITH-"
4546
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004547run_test "keyUsage srv: RSA, keyAgreement -> fail" \
Manuel Pégourié-Gonnardf2629b92014-08-30 14:20:14 +02004548 "$P_SRV key_file=data_files/server2.key \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02004549 crt_file=data_files/server2.ku-ka.crt" \
Manuel Pégourié-Gonnardf2629b92014-08-30 14:20:14 +02004550 "$P_CLI" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02004551 1 \
4552 -C "Ciphersuite is "
4553
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004554run_test "keyUsage srv: ECDSA, digitalSignature -> ECDHE-ECDSA" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02004555 "$P_SRV key_file=data_files/server5.key \
4556 crt_file=data_files/server5.ku-ds.crt" \
4557 "$P_CLI" \
4558 0 \
4559 -c "Ciphersuite is TLS-ECDHE-ECDSA-WITH-"
4560
4561
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004562run_test "keyUsage srv: ECDSA, keyAgreement -> ECDH-" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02004563 "$P_SRV key_file=data_files/server5.key \
4564 crt_file=data_files/server5.ku-ka.crt" \
4565 "$P_CLI" \
4566 0 \
4567 -c "Ciphersuite is TLS-ECDH-"
4568
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004569run_test "keyUsage srv: ECDSA, keyEncipherment -> fail" \
Manuel Pégourié-Gonnardf2629b92014-08-30 14:20:14 +02004570 "$P_SRV key_file=data_files/server5.key \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02004571 crt_file=data_files/server5.ku-ke.crt" \
Manuel Pégourié-Gonnardf2629b92014-08-30 14:20:14 +02004572 "$P_CLI" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02004573 1 \
4574 -C "Ciphersuite is "
4575
4576# Tests for keyUsage in leaf certificates, part 2:
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02004577# client-side checking of server cert
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02004578
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004579run_test "keyUsage cli: DigitalSignature+KeyEncipherment, RSA: OK" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02004580 "$O_SRV -key data_files/server2.key \
4581 -cert data_files/server2.ku-ds_ke.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004582 "$P_CLI debug_level=1 \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02004583 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
4584 0 \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02004585 -C "bad certificate (usage extensions)" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02004586 -C "Processing of the Certificate handshake message failed" \
4587 -c "Ciphersuite is TLS-"
4588
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004589run_test "keyUsage cli: DigitalSignature+KeyEncipherment, DHE-RSA: OK" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02004590 "$O_SRV -key data_files/server2.key \
4591 -cert data_files/server2.ku-ds_ke.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004592 "$P_CLI debug_level=1 \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02004593 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
4594 0 \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02004595 -C "bad certificate (usage extensions)" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02004596 -C "Processing of the Certificate handshake message failed" \
4597 -c "Ciphersuite is TLS-"
4598
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004599run_test "keyUsage cli: KeyEncipherment, RSA: OK" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02004600 "$O_SRV -key data_files/server2.key \
4601 -cert data_files/server2.ku-ke.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004602 "$P_CLI debug_level=1 \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02004603 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
4604 0 \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02004605 -C "bad certificate (usage extensions)" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02004606 -C "Processing of the Certificate handshake message failed" \
4607 -c "Ciphersuite is TLS-"
4608
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004609run_test "keyUsage cli: KeyEncipherment, DHE-RSA: fail" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02004610 "$O_SRV -key data_files/server2.key \
4611 -cert data_files/server2.ku-ke.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004612 "$P_CLI debug_level=1 \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02004613 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
4614 1 \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02004615 -c "bad certificate (usage extensions)" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02004616 -c "Processing of the Certificate handshake message failed" \
4617 -C "Ciphersuite is TLS-"
4618
Hanno Becker4a156fc2019-06-14 17:07:06 +01004619requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Manuel Pégourié-Gonnarde6efa6f2015-04-20 11:01:48 +01004620run_test "keyUsage cli: KeyEncipherment, DHE-RSA: fail, soft" \
4621 "$O_SRV -key data_files/server2.key \
4622 -cert data_files/server2.ku-ke.crt" \
4623 "$P_CLI debug_level=1 auth_mode=optional \
4624 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
4625 0 \
4626 -c "bad certificate (usage extensions)" \
4627 -C "Processing of the Certificate handshake message failed" \
4628 -c "Ciphersuite is TLS-" \
4629 -c "! Usage does not match the keyUsage extension"
4630
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004631run_test "keyUsage cli: DigitalSignature, DHE-RSA: OK" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02004632 "$O_SRV -key data_files/server2.key \
4633 -cert data_files/server2.ku-ds.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004634 "$P_CLI debug_level=1 \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02004635 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
4636 0 \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02004637 -C "bad certificate (usage extensions)" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02004638 -C "Processing of the Certificate handshake message failed" \
4639 -c "Ciphersuite is TLS-"
4640
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004641run_test "keyUsage cli: DigitalSignature, RSA: fail" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02004642 "$O_SRV -key data_files/server2.key \
4643 -cert data_files/server2.ku-ds.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004644 "$P_CLI debug_level=1 \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02004645 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
4646 1 \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02004647 -c "bad certificate (usage extensions)" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02004648 -c "Processing of the Certificate handshake message failed" \
4649 -C "Ciphersuite is TLS-"
4650
Hanno Becker4a156fc2019-06-14 17:07:06 +01004651requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Manuel Pégourié-Gonnarde6efa6f2015-04-20 11:01:48 +01004652run_test "keyUsage cli: DigitalSignature, RSA: fail, soft" \
4653 "$O_SRV -key data_files/server2.key \
4654 -cert data_files/server2.ku-ds.crt" \
4655 "$P_CLI debug_level=1 auth_mode=optional \
4656 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
4657 0 \
4658 -c "bad certificate (usage extensions)" \
4659 -C "Processing of the Certificate handshake message failed" \
4660 -c "Ciphersuite is TLS-" \
4661 -c "! Usage does not match the keyUsage extension"
4662
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02004663# Tests for keyUsage in leaf certificates, part 3:
4664# server-side checking of client cert
4665
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004666run_test "keyUsage cli-auth: RSA, DigitalSignature: OK" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004667 "$P_SRV debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02004668 "$O_CLI -key data_files/server2.key \
4669 -cert data_files/server2.ku-ds.crt" \
4670 0 \
4671 -S "bad certificate (usage extensions)" \
4672 -S "Processing of the Certificate handshake message failed"
4673
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004674run_test "keyUsage cli-auth: RSA, KeyEncipherment: fail (soft)" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004675 "$P_SRV debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02004676 "$O_CLI -key data_files/server2.key \
4677 -cert data_files/server2.ku-ke.crt" \
4678 0 \
4679 -s "bad certificate (usage extensions)" \
4680 -S "Processing of the Certificate handshake message failed"
4681
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004682run_test "keyUsage cli-auth: RSA, KeyEncipherment: fail (hard)" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004683 "$P_SRV debug_level=1 auth_mode=required" \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02004684 "$O_CLI -key data_files/server2.key \
4685 -cert data_files/server2.ku-ke.crt" \
4686 1 \
4687 -s "bad certificate (usage extensions)" \
4688 -s "Processing of the Certificate handshake message failed"
4689
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004690run_test "keyUsage cli-auth: ECDSA, DigitalSignature: OK" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004691 "$P_SRV debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02004692 "$O_CLI -key data_files/server5.key \
4693 -cert data_files/server5.ku-ds.crt" \
4694 0 \
4695 -S "bad certificate (usage extensions)" \
4696 -S "Processing of the Certificate handshake message failed"
4697
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004698run_test "keyUsage cli-auth: ECDSA, KeyAgreement: fail (soft)" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004699 "$P_SRV debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02004700 "$O_CLI -key data_files/server5.key \
4701 -cert data_files/server5.ku-ka.crt" \
4702 0 \
4703 -s "bad certificate (usage extensions)" \
4704 -S "Processing of the Certificate handshake message failed"
4705
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02004706# Tests for extendedKeyUsage, part 1: server-side certificate/suite selection
4707
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004708run_test "extKeyUsage srv: serverAuth -> OK" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02004709 "$P_SRV key_file=data_files/server5.key \
4710 crt_file=data_files/server5.eku-srv.crt" \
4711 "$P_CLI" \
4712 0
4713
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004714run_test "extKeyUsage srv: serverAuth,clientAuth -> OK" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02004715 "$P_SRV key_file=data_files/server5.key \
4716 crt_file=data_files/server5.eku-srv.crt" \
4717 "$P_CLI" \
4718 0
4719
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004720run_test "extKeyUsage srv: codeSign,anyEKU -> OK" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02004721 "$P_SRV key_file=data_files/server5.key \
4722 crt_file=data_files/server5.eku-cs_any.crt" \
4723 "$P_CLI" \
4724 0
4725
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004726run_test "extKeyUsage srv: codeSign -> fail" \
Manuel Pégourié-Gonnard7eb58cb2015-07-07 11:54:14 +02004727 "$P_SRV key_file=data_files/server5.key \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02004728 crt_file=data_files/server5.eku-cli.crt" \
Manuel Pégourié-Gonnard7eb58cb2015-07-07 11:54:14 +02004729 "$P_CLI" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02004730 1
4731
4732# Tests for extendedKeyUsage, part 2: client-side checking of server cert
4733
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004734run_test "extKeyUsage cli: serverAuth -> OK" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02004735 "$O_SRV -key data_files/server5.key \
4736 -cert data_files/server5.eku-srv.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004737 "$P_CLI debug_level=1" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02004738 0 \
4739 -C "bad certificate (usage extensions)" \
4740 -C "Processing of the Certificate handshake message failed" \
4741 -c "Ciphersuite is TLS-"
4742
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004743run_test "extKeyUsage cli: serverAuth,clientAuth -> OK" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02004744 "$O_SRV -key data_files/server5.key \
4745 -cert data_files/server5.eku-srv_cli.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004746 "$P_CLI debug_level=1" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02004747 0 \
4748 -C "bad certificate (usage extensions)" \
4749 -C "Processing of the Certificate handshake message failed" \
4750 -c "Ciphersuite is TLS-"
4751
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004752run_test "extKeyUsage cli: codeSign,anyEKU -> OK" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02004753 "$O_SRV -key data_files/server5.key \
4754 -cert data_files/server5.eku-cs_any.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004755 "$P_CLI debug_level=1" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02004756 0 \
4757 -C "bad certificate (usage extensions)" \
4758 -C "Processing of the Certificate handshake message failed" \
4759 -c "Ciphersuite is TLS-"
4760
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004761run_test "extKeyUsage cli: codeSign -> fail" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02004762 "$O_SRV -key data_files/server5.key \
4763 -cert data_files/server5.eku-cs.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004764 "$P_CLI debug_level=1" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02004765 1 \
4766 -c "bad certificate (usage extensions)" \
4767 -c "Processing of the Certificate handshake message failed" \
4768 -C "Ciphersuite is TLS-"
4769
4770# Tests for extendedKeyUsage, part 3: server-side checking of client cert
4771
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004772run_test "extKeyUsage cli-auth: clientAuth -> OK" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004773 "$P_SRV debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02004774 "$O_CLI -key data_files/server5.key \
4775 -cert data_files/server5.eku-cli.crt" \
4776 0 \
4777 -S "bad certificate (usage extensions)" \
4778 -S "Processing of the Certificate handshake message failed"
4779
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004780run_test "extKeyUsage cli-auth: serverAuth,clientAuth -> OK" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004781 "$P_SRV debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02004782 "$O_CLI -key data_files/server5.key \
4783 -cert data_files/server5.eku-srv_cli.crt" \
4784 0 \
4785 -S "bad certificate (usage extensions)" \
4786 -S "Processing of the Certificate handshake message failed"
4787
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004788run_test "extKeyUsage cli-auth: codeSign,anyEKU -> OK" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004789 "$P_SRV debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02004790 "$O_CLI -key data_files/server5.key \
4791 -cert data_files/server5.eku-cs_any.crt" \
4792 0 \
4793 -S "bad certificate (usage extensions)" \
4794 -S "Processing of the Certificate handshake message failed"
4795
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004796run_test "extKeyUsage cli-auth: codeSign -> fail (soft)" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004797 "$P_SRV debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02004798 "$O_CLI -key data_files/server5.key \
4799 -cert data_files/server5.eku-cs.crt" \
4800 0 \
4801 -s "bad certificate (usage extensions)" \
4802 -S "Processing of the Certificate handshake message failed"
4803
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004804run_test "extKeyUsage cli-auth: codeSign -> fail (hard)" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004805 "$P_SRV debug_level=1 auth_mode=required" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02004806 "$O_CLI -key data_files/server5.key \
4807 -cert data_files/server5.eku-cs.crt" \
4808 1 \
4809 -s "bad certificate (usage extensions)" \
4810 -s "Processing of the Certificate handshake message failed"
4811
Manuel Pégourié-Gonnard0cc7e312014-06-09 11:36:47 +02004812# Tests for DHM parameters loading
4813
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004814run_test "DHM parameters: reference" \
Manuel Pégourié-Gonnard0cc7e312014-06-09 11:36:47 +02004815 "$P_SRV" \
4816 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
4817 debug_level=3" \
4818 0 \
4819 -c "value of 'DHM: P ' (2048 bits)" \
Hanno Becker13be9902017-09-27 17:17:30 +01004820 -c "value of 'DHM: G ' (2 bits)"
Manuel Pégourié-Gonnard0cc7e312014-06-09 11:36:47 +02004821
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004822run_test "DHM parameters: other parameters" \
Manuel Pégourié-Gonnard0cc7e312014-06-09 11:36:47 +02004823 "$P_SRV dhm_file=data_files/dhparams.pem" \
4824 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
4825 debug_level=3" \
4826 0 \
4827 -c "value of 'DHM: P ' (1024 bits)" \
4828 -c "value of 'DHM: G ' (2 bits)"
4829
Manuel Pégourié-Gonnard7a010aa2015-06-12 11:19:10 +02004830# Tests for DHM client-side size checking
4831
4832run_test "DHM size: server default, client default, OK" \
4833 "$P_SRV" \
4834 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
4835 debug_level=1" \
4836 0 \
4837 -C "DHM prime too short:"
4838
4839run_test "DHM size: server default, client 2048, OK" \
4840 "$P_SRV" \
4841 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
4842 debug_level=1 dhmlen=2048" \
4843 0 \
4844 -C "DHM prime too short:"
4845
4846run_test "DHM size: server 1024, client default, OK" \
4847 "$P_SRV dhm_file=data_files/dhparams.pem" \
4848 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
4849 debug_level=1" \
4850 0 \
4851 -C "DHM prime too short:"
4852
4853run_test "DHM size: server 1000, client default, rejected" \
4854 "$P_SRV dhm_file=data_files/dh.1000.pem" \
4855 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
4856 debug_level=1" \
4857 1 \
4858 -c "DHM prime too short:"
4859
4860run_test "DHM size: server default, client 2049, rejected" \
4861 "$P_SRV" \
4862 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
4863 debug_level=1 dhmlen=2049" \
4864 1 \
4865 -c "DHM prime too short:"
4866
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02004867# Tests for PSK callback
4868
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004869run_test "PSK callback: psk, no callback" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02004870 "$P_SRV psk=abc123 psk_identity=foo" \
4871 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
4872 psk_identity=foo psk=abc123" \
4873 0 \
Manuel Pégourié-Gonnardf01768c2015-01-08 17:06:16 +01004874 -S "SSL - None of the common ciphersuites is usable" \
Manuel Pégourié-Gonnard10c3c9f2014-06-10 15:28:52 +02004875 -S "SSL - Unknown identity received" \
4876 -S "SSL - Verification of the message MAC failed"
4877
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004878run_test "PSK callback: no psk, no callback" \
Manuel Pégourié-Gonnard10c3c9f2014-06-10 15:28:52 +02004879 "$P_SRV" \
4880 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
4881 psk_identity=foo psk=abc123" \
4882 1 \
Manuel Pégourié-Gonnardf01768c2015-01-08 17:06:16 +01004883 -s "SSL - None of the common ciphersuites is usable" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02004884 -S "SSL - Unknown identity received" \
4885 -S "SSL - Verification of the message MAC failed"
4886
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004887run_test "PSK callback: callback overrides other settings" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02004888 "$P_SRV psk=abc123 psk_identity=foo psk_list=abc,dead,def,beef" \
4889 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
4890 psk_identity=foo psk=abc123" \
4891 1 \
Manuel Pégourié-Gonnardf01768c2015-01-08 17:06:16 +01004892 -S "SSL - None of the common ciphersuites is usable" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02004893 -s "SSL - Unknown identity received" \
4894 -S "SSL - Verification of the message MAC failed"
4895
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004896run_test "PSK callback: first id matches" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02004897 "$P_SRV psk_list=abc,dead,def,beef" \
4898 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
4899 psk_identity=abc psk=dead" \
4900 0 \
Manuel Pégourié-Gonnardf01768c2015-01-08 17:06:16 +01004901 -S "SSL - None of the common ciphersuites is usable" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02004902 -S "SSL - Unknown identity received" \
4903 -S "SSL - Verification of the message MAC failed"
4904
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004905run_test "PSK callback: second id matches" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02004906 "$P_SRV psk_list=abc,dead,def,beef" \
4907 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
4908 psk_identity=def psk=beef" \
4909 0 \
Manuel Pégourié-Gonnardf01768c2015-01-08 17:06:16 +01004910 -S "SSL - None of the common ciphersuites is usable" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02004911 -S "SSL - Unknown identity received" \
4912 -S "SSL - Verification of the message MAC failed"
4913
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004914run_test "PSK callback: no match" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02004915 "$P_SRV psk_list=abc,dead,def,beef" \
4916 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
4917 psk_identity=ghi psk=beef" \
4918 1 \
Manuel Pégourié-Gonnardf01768c2015-01-08 17:06:16 +01004919 -S "SSL - None of the common ciphersuites is usable" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02004920 -s "SSL - Unknown identity received" \
4921 -S "SSL - Verification of the message MAC failed"
4922
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004923run_test "PSK callback: wrong key" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02004924 "$P_SRV psk_list=abc,dead,def,beef" \
4925 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
4926 psk_identity=abc psk=beef" \
4927 1 \
Manuel Pégourié-Gonnardf01768c2015-01-08 17:06:16 +01004928 -S "SSL - None of the common ciphersuites is usable" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02004929 -S "SSL - Unknown identity received" \
4930 -s "SSL - Verification of the message MAC failed"
Manuel Pégourié-Gonnard0cc7e312014-06-09 11:36:47 +02004931
Manuel Pégourié-Gonnarde511b4e2015-09-16 14:11:09 +02004932# Tests for EC J-PAKE
4933
Manuel Pégourié-Gonnard12ca6f52015-10-20 15:24:51 +02004934requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
Manuel Pégourié-Gonnarde511b4e2015-09-16 14:11:09 +02004935run_test "ECJPAKE: client not configured" \
4936 "$P_SRV debug_level=3" \
4937 "$P_CLI debug_level=3" \
4938 0 \
4939 -C "add ciphersuite: c0ff" \
4940 -C "adding ecjpake_kkpp extension" \
Manuel Pégourié-Gonnardbf57be62015-09-16 15:04:01 +02004941 -S "found ecjpake kkpp extension" \
4942 -S "skip ecjpake kkpp extension" \
Manuel Pégourié-Gonnarde511b4e2015-09-16 14:11:09 +02004943 -S "ciphersuite mismatch: ecjpake not configured" \
Manuel Pégourié-Gonnard55c7f992015-09-16 15:35:27 +02004944 -S "server hello, ecjpake kkpp extension" \
Manuel Pégourié-Gonnard0a1324a2015-09-16 16:01:00 +02004945 -C "found ecjpake_kkpp extension" \
Manuel Pégourié-Gonnarde511b4e2015-09-16 14:11:09 +02004946 -S "None of the common ciphersuites is usable"
4947
Manuel Pégourié-Gonnard12ca6f52015-10-20 15:24:51 +02004948requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
Manuel Pégourié-Gonnarde511b4e2015-09-16 14:11:09 +02004949run_test "ECJPAKE: server not configured" \
4950 "$P_SRV debug_level=3" \
4951 "$P_CLI debug_level=3 ecjpake_pw=bla \
4952 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
4953 1 \
4954 -c "add ciphersuite: c0ff" \
4955 -c "adding ecjpake_kkpp extension" \
Manuel Pégourié-Gonnardbf57be62015-09-16 15:04:01 +02004956 -s "found ecjpake kkpp extension" \
4957 -s "skip ecjpake kkpp extension" \
Manuel Pégourié-Gonnarde511b4e2015-09-16 14:11:09 +02004958 -s "ciphersuite mismatch: ecjpake not configured" \
Manuel Pégourié-Gonnard55c7f992015-09-16 15:35:27 +02004959 -S "server hello, ecjpake kkpp extension" \
Manuel Pégourié-Gonnard0a1324a2015-09-16 16:01:00 +02004960 -C "found ecjpake_kkpp extension" \
Manuel Pégourié-Gonnarde511b4e2015-09-16 14:11:09 +02004961 -s "None of the common ciphersuites is usable"
4962
Manuel Pégourié-Gonnard12ca6f52015-10-20 15:24:51 +02004963requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
Manuel Pégourié-Gonnardbf57be62015-09-16 15:04:01 +02004964run_test "ECJPAKE: working, TLS" \
4965 "$P_SRV debug_level=3 ecjpake_pw=bla" \
4966 "$P_CLI debug_level=3 ecjpake_pw=bla \
4967 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
Manuel Pégourié-Gonnard0f1660a2015-09-16 22:41:06 +02004968 0 \
Manuel Pégourié-Gonnardbf57be62015-09-16 15:04:01 +02004969 -c "add ciphersuite: c0ff" \
4970 -c "adding ecjpake_kkpp extension" \
Manuel Pégourié-Gonnardd0d8cb32015-09-17 14:16:30 +02004971 -C "re-using cached ecjpake parameters" \
Manuel Pégourié-Gonnardbf57be62015-09-16 15:04:01 +02004972 -s "found ecjpake kkpp extension" \
4973 -S "skip ecjpake kkpp extension" \
4974 -S "ciphersuite mismatch: ecjpake not configured" \
Manuel Pégourié-Gonnard55c7f992015-09-16 15:35:27 +02004975 -s "server hello, ecjpake kkpp extension" \
Manuel Pégourié-Gonnard0a1324a2015-09-16 16:01:00 +02004976 -c "found ecjpake_kkpp extension" \
Manuel Pégourié-Gonnard921f2d02015-09-16 22:52:18 +02004977 -S "None of the common ciphersuites is usable" \
4978 -S "SSL - Verification of the message MAC failed"
4979
Janos Follath74537a62016-09-02 13:45:28 +01004980server_needs_more_time 1
Manuel Pégourié-Gonnard12ca6f52015-10-20 15:24:51 +02004981requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
Manuel Pégourié-Gonnard921f2d02015-09-16 22:52:18 +02004982run_test "ECJPAKE: password mismatch, TLS" \
4983 "$P_SRV debug_level=3 ecjpake_pw=bla" \
4984 "$P_CLI debug_level=3 ecjpake_pw=bad \
4985 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
4986 1 \
Manuel Pégourié-Gonnardd0d8cb32015-09-17 14:16:30 +02004987 -C "re-using cached ecjpake parameters" \
Manuel Pégourié-Gonnard921f2d02015-09-16 22:52:18 +02004988 -s "SSL - Verification of the message MAC failed"
4989
Manuel Pégourié-Gonnard12ca6f52015-10-20 15:24:51 +02004990requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
Manuel Pégourié-Gonnard921f2d02015-09-16 22:52:18 +02004991run_test "ECJPAKE: working, DTLS" \
4992 "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \
4993 "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bla \
4994 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
4995 0 \
Manuel Pégourié-Gonnardd0d8cb32015-09-17 14:16:30 +02004996 -c "re-using cached ecjpake parameters" \
4997 -S "SSL - Verification of the message MAC failed"
4998
Manuel Pégourié-Gonnard12ca6f52015-10-20 15:24:51 +02004999requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
Manuel Pégourié-Gonnardd0d8cb32015-09-17 14:16:30 +02005000run_test "ECJPAKE: working, DTLS, no cookie" \
5001 "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla cookies=0" \
5002 "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bla \
5003 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
5004 0 \
5005 -C "re-using cached ecjpake parameters" \
Manuel Pégourié-Gonnard921f2d02015-09-16 22:52:18 +02005006 -S "SSL - Verification of the message MAC failed"
5007
Janos Follath74537a62016-09-02 13:45:28 +01005008server_needs_more_time 1
Manuel Pégourié-Gonnard12ca6f52015-10-20 15:24:51 +02005009requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
Manuel Pégourié-Gonnard921f2d02015-09-16 22:52:18 +02005010run_test "ECJPAKE: password mismatch, DTLS" \
5011 "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \
5012 "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bad \
5013 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
5014 1 \
Manuel Pégourié-Gonnardd0d8cb32015-09-17 14:16:30 +02005015 -c "re-using cached ecjpake parameters" \
Manuel Pégourié-Gonnard921f2d02015-09-16 22:52:18 +02005016 -s "SSL - Verification of the message MAC failed"
Manuel Pégourié-Gonnardbf57be62015-09-16 15:04:01 +02005017
Manuel Pégourié-Gonnardca700b22015-10-20 14:47:00 +02005018# for tests with configs/config-thread.h
Manuel Pégourié-Gonnard12ca6f52015-10-20 15:24:51 +02005019requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
Manuel Pégourié-Gonnardca700b22015-10-20 14:47:00 +02005020run_test "ECJPAKE: working, DTLS, nolog" \
5021 "$P_SRV dtls=1 ecjpake_pw=bla" \
5022 "$P_CLI dtls=1 ecjpake_pw=bla \
5023 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
5024 0
5025
Manuel Pégourié-Gonnard90805a82014-06-11 14:06:01 +02005026# Tests for ciphersuites per version
5027
Janos Follathe2681a42016-03-07 15:57:05 +00005028requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Manuel Pégourié-Gonnardf1e62e82019-03-01 10:14:58 +01005029requires_config_enabled MBEDTLS_CAMELLIA_C
5030requires_config_enabled MBEDTLS_AES_C
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005031run_test "Per-version suites: SSL3" \
Manuel Pégourié-Gonnardf1e62e82019-03-01 10:14:58 +01005032 "$P_SRV min_version=ssl3 version_suites=TLS-RSA-WITH-CAMELLIA-128-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \
Manuel Pégourié-Gonnard90805a82014-06-11 14:06:01 +02005033 "$P_CLI force_version=ssl3" \
5034 0 \
Manuel Pégourié-Gonnardf1e62e82019-03-01 10:14:58 +01005035 -c "Ciphersuite is TLS-RSA-WITH-CAMELLIA-128-CBC-SHA"
Manuel Pégourié-Gonnard90805a82014-06-11 14:06:01 +02005036
Manuel Pégourié-Gonnardf1e62e82019-03-01 10:14:58 +01005037requires_config_enabled MBEDTLS_SSL_PROTO_TLS1
5038requires_config_enabled MBEDTLS_CAMELLIA_C
5039requires_config_enabled MBEDTLS_AES_C
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005040run_test "Per-version suites: TLS 1.0" \
Manuel Pégourié-Gonnardf1e62e82019-03-01 10:14:58 +01005041 "$P_SRV version_suites=TLS-RSA-WITH-CAMELLIA-128-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \
Manuel Pégourié-Gonnardbd47a582015-01-12 13:43:29 +01005042 "$P_CLI force_version=tls1 arc4=1" \
Manuel Pégourié-Gonnard90805a82014-06-11 14:06:01 +02005043 0 \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01005044 -c "Ciphersuite is TLS-RSA-WITH-AES-256-CBC-SHA"
Manuel Pégourié-Gonnard90805a82014-06-11 14:06:01 +02005045
Manuel Pégourié-Gonnardf1e62e82019-03-01 10:14:58 +01005046requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
5047requires_config_enabled MBEDTLS_CAMELLIA_C
5048requires_config_enabled MBEDTLS_AES_C
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005049run_test "Per-version suites: TLS 1.1" \
Manuel Pégourié-Gonnardf1e62e82019-03-01 10:14:58 +01005050 "$P_SRV version_suites=TLS-RSA-WITH-CAMELLIA-128-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \
Manuel Pégourié-Gonnard90805a82014-06-11 14:06:01 +02005051 "$P_CLI force_version=tls1_1" \
5052 0 \
5053 -c "Ciphersuite is TLS-RSA-WITH-AES-128-CBC-SHA"
5054
Manuel Pégourié-Gonnardf1e62e82019-03-01 10:14:58 +01005055requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
5056requires_config_enabled MBEDTLS_CAMELLIA_C
5057requires_config_enabled MBEDTLS_AES_C
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005058run_test "Per-version suites: TLS 1.2" \
Manuel Pégourié-Gonnardf1e62e82019-03-01 10:14:58 +01005059 "$P_SRV version_suites=TLS-RSA-WITH-CAMELLIA-128-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \
Manuel Pégourié-Gonnard90805a82014-06-11 14:06:01 +02005060 "$P_CLI force_version=tls1_2" \
5061 0 \
5062 -c "Ciphersuite is TLS-RSA-WITH-AES-128-GCM-SHA256"
5063
Manuel Pégourié-Gonnard4cc8c632015-07-23 12:24:03 +02005064# Test for ClientHello without extensions
5065
Manuel Pégourié-Gonnardd55bc202015-08-04 16:22:30 +02005066requires_gnutls
Gilles Peskine5d2511c2017-05-12 13:16:40 +02005067run_test "ClientHello without extensions, SHA-1 allowed" \
Ron Eldorb76e7652019-01-16 23:14:41 +02005068 "$P_SRV debug_level=3 key_file=data_files/server2.key crt_file=data_files/server2.crt" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02005069 "$G_CLI --priority=NORMAL:%NO_EXTENSIONS:%DISABLE_SAFE_RENEGOTIATION localhost" \
Manuel Pégourié-Gonnard4cc8c632015-07-23 12:24:03 +02005070 0 \
5071 -s "dumping 'client hello extensions' (0 bytes)"
5072
Gilles Peskine5d2511c2017-05-12 13:16:40 +02005073requires_gnutls
5074run_test "ClientHello without extensions, SHA-1 forbidden in certificates on server" \
5075 "$P_SRV debug_level=3 key_file=data_files/server2.key crt_file=data_files/server2.crt allow_sha1=0" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02005076 "$G_CLI --priority=NORMAL:%NO_EXTENSIONS:%DISABLE_SAFE_RENEGOTIATION localhost" \
Gilles Peskine5d2511c2017-05-12 13:16:40 +02005077 0 \
5078 -s "dumping 'client hello extensions' (0 bytes)"
5079
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02005080# Tests for mbedtls_ssl_get_bytes_avail()
Manuel Pégourié-Gonnard95c0a632014-06-11 18:32:36 +02005081
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02005082run_test "mbedtls_ssl_get_bytes_avail: no extra data" \
Manuel Pégourié-Gonnard95c0a632014-06-11 18:32:36 +02005083 "$P_SRV" \
5084 "$P_CLI request_size=100" \
5085 0 \
5086 -s "Read from client: 100 bytes read$"
5087
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02005088run_test "mbedtls_ssl_get_bytes_avail: extra data" \
Manuel Pégourié-Gonnard95c0a632014-06-11 18:32:36 +02005089 "$P_SRV" \
5090 "$P_CLI request_size=500" \
5091 0 \
5092 -s "Read from client: 500 bytes read (.*+.*)"
Manuel Pégourié-Gonnard90805a82014-06-11 14:06:01 +02005093
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005094# Tests for small client packets
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02005095
Janos Follathe2681a42016-03-07 15:57:05 +00005096requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005097run_test "Small client packet SSLv3 BlockCipher" \
Manuel Pégourié-Gonnard448ea502015-01-12 11:40:14 +01005098 "$P_SRV min_version=ssl3" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02005099 "$P_CLI request_size=1 force_version=ssl3 \
5100 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5101 0 \
5102 -s "Read from client: 1 bytes read"
5103
Janos Follathe2681a42016-03-07 15:57:05 +00005104requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005105run_test "Small client packet SSLv3 StreamCipher" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01005106 "$P_SRV min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02005107 "$P_CLI request_size=1 force_version=ssl3 \
5108 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5109 0 \
5110 -s "Read from client: 1 bytes read"
5111
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005112run_test "Small client packet TLS 1.0 BlockCipher" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02005113 "$P_SRV" \
5114 "$P_CLI request_size=1 force_version=tls1 \
5115 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5116 0 \
5117 -s "Read from client: 1 bytes read"
5118
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005119run_test "Small client packet TLS 1.0 BlockCipher, without EtM" \
Manuel Pégourié-Gonnard169dd6a2014-11-04 16:15:39 +01005120 "$P_SRV" \
5121 "$P_CLI request_size=1 force_version=tls1 etm=0 \
5122 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5123 0 \
5124 -s "Read from client: 1 bytes read"
5125
Hanno Becker32c55012017-11-10 08:42:54 +00005126requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005127run_test "Small client packet TLS 1.0 BlockCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005128 "$P_SRV trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02005129 "$P_CLI request_size=1 force_version=tls1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005130 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02005131 0 \
5132 -s "Read from client: 1 bytes read"
5133
Hanno Becker32c55012017-11-10 08:42:54 +00005134requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005135run_test "Small client packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005136 "$P_SRV trunc_hmac=1" \
Hanno Becker8501f982017-11-10 08:59:04 +00005137 "$P_CLI request_size=1 force_version=tls1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005138 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
Hanno Becker8501f982017-11-10 08:59:04 +00005139 0 \
5140 -s "Read from client: 1 bytes read"
5141
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005142run_test "Small client packet TLS 1.0 StreamCipher" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01005143 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02005144 "$P_CLI request_size=1 force_version=tls1 \
Hanno Becker8501f982017-11-10 08:59:04 +00005145 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5146 0 \
5147 -s "Read from client: 1 bytes read"
5148
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005149run_test "Small client packet TLS 1.0 StreamCipher, without EtM" \
Hanno Becker8501f982017-11-10 08:59:04 +00005150 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5151 "$P_CLI request_size=1 force_version=tls1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005152 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
Hanno Becker8501f982017-11-10 08:59:04 +00005153 0 \
5154 -s "Read from client: 1 bytes read"
5155
5156requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005157run_test "Small client packet TLS 1.0 StreamCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005158 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02005159 "$P_CLI request_size=1 force_version=tls1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005160 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02005161 0 \
5162 -s "Read from client: 1 bytes read"
5163
Hanno Becker8501f982017-11-10 08:59:04 +00005164requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005165run_test "Small client packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005166 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
5167 "$P_CLI request_size=1 force_version=tls1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
5168 trunc_hmac=1 etm=0" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02005169 0 \
5170 -s "Read from client: 1 bytes read"
5171
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005172run_test "Small client packet TLS 1.1 BlockCipher" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02005173 "$P_SRV" \
5174 "$P_CLI request_size=1 force_version=tls1_1 \
5175 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5176 0 \
5177 -s "Read from client: 1 bytes read"
5178
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005179run_test "Small client packet TLS 1.1 BlockCipher, without EtM" \
Manuel Pégourié-Gonnard169dd6a2014-11-04 16:15:39 +01005180 "$P_SRV" \
Hanno Becker8501f982017-11-10 08:59:04 +00005181 "$P_CLI request_size=1 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005182 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
Hanno Becker8501f982017-11-10 08:59:04 +00005183 0 \
5184 -s "Read from client: 1 bytes read"
5185
5186requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005187run_test "Small client packet TLS 1.1 BlockCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005188 "$P_SRV trunc_hmac=1" \
Hanno Becker8501f982017-11-10 08:59:04 +00005189 "$P_CLI request_size=1 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005190 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
Hanno Becker8501f982017-11-10 08:59:04 +00005191 0 \
5192 -s "Read from client: 1 bytes read"
5193
5194requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005195run_test "Small client packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005196 "$P_SRV trunc_hmac=1" \
Hanno Becker8501f982017-11-10 08:59:04 +00005197 "$P_CLI request_size=1 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005198 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
Manuel Pégourié-Gonnard169dd6a2014-11-04 16:15:39 +01005199 0 \
5200 -s "Read from client: 1 bytes read"
5201
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005202run_test "Small client packet TLS 1.1 StreamCipher" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01005203 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02005204 "$P_CLI request_size=1 force_version=tls1_1 \
5205 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5206 0 \
5207 -s "Read from client: 1 bytes read"
5208
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005209run_test "Small client packet TLS 1.1 StreamCipher, without EtM" \
Hanno Becker8501f982017-11-10 08:59:04 +00005210 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02005211 "$P_CLI request_size=1 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005212 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02005213 0 \
5214 -s "Read from client: 1 bytes read"
5215
Hanno Becker8501f982017-11-10 08:59:04 +00005216requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005217run_test "Small client packet TLS 1.1 StreamCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005218 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02005219 "$P_CLI request_size=1 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005220 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02005221 0 \
5222 -s "Read from client: 1 bytes read"
5223
Hanno Becker32c55012017-11-10 08:42:54 +00005224requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005225run_test "Small client packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005226 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02005227 "$P_CLI request_size=1 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005228 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02005229 0 \
5230 -s "Read from client: 1 bytes read"
5231
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005232run_test "Small client packet TLS 1.2 BlockCipher" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02005233 "$P_SRV" \
5234 "$P_CLI request_size=1 force_version=tls1_2 \
5235 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5236 0 \
5237 -s "Read from client: 1 bytes read"
5238
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005239run_test "Small client packet TLS 1.2 BlockCipher, without EtM" \
Manuel Pégourié-Gonnard169dd6a2014-11-04 16:15:39 +01005240 "$P_SRV" \
Hanno Becker8501f982017-11-10 08:59:04 +00005241 "$P_CLI request_size=1 force_version=tls1_2 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005242 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
Manuel Pégourié-Gonnard169dd6a2014-11-04 16:15:39 +01005243 0 \
5244 -s "Read from client: 1 bytes read"
5245
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005246run_test "Small client packet TLS 1.2 BlockCipher larger MAC" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02005247 "$P_SRV" \
Manuel Pégourié-Gonnardc82ee352015-01-07 16:35:25 +01005248 "$P_CLI request_size=1 force_version=tls1_2 \
5249 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02005250 0 \
5251 -s "Read from client: 1 bytes read"
5252
Hanno Becker32c55012017-11-10 08:42:54 +00005253requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005254run_test "Small client packet TLS 1.2 BlockCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005255 "$P_SRV trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02005256 "$P_CLI request_size=1 force_version=tls1_2 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005257 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02005258 0 \
5259 -s "Read from client: 1 bytes read"
5260
Hanno Becker8501f982017-11-10 08:59:04 +00005261requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005262run_test "Small client packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005263 "$P_SRV trunc_hmac=1" \
Hanno Becker8501f982017-11-10 08:59:04 +00005264 "$P_CLI request_size=1 force_version=tls1_2 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005265 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02005266 0 \
5267 -s "Read from client: 1 bytes read"
5268
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005269run_test "Small client packet TLS 1.2 StreamCipher" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01005270 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02005271 "$P_CLI request_size=1 force_version=tls1_2 \
5272 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5273 0 \
5274 -s "Read from client: 1 bytes read"
5275
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005276run_test "Small client packet TLS 1.2 StreamCipher, without EtM" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01005277 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02005278 "$P_CLI request_size=1 force_version=tls1_2 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005279 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
Hanno Becker8501f982017-11-10 08:59:04 +00005280 0 \
5281 -s "Read from client: 1 bytes read"
5282
Hanno Becker32c55012017-11-10 08:42:54 +00005283requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005284run_test "Small client packet TLS 1.2 StreamCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005285 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02005286 "$P_CLI request_size=1 force_version=tls1_2 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005287 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02005288 0 \
5289 -s "Read from client: 1 bytes read"
5290
Hanno Becker8501f982017-11-10 08:59:04 +00005291requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005292run_test "Small client packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005293 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Hanno Becker8501f982017-11-10 08:59:04 +00005294 "$P_CLI request_size=1 force_version=tls1_2 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005295 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02005296 0 \
5297 -s "Read from client: 1 bytes read"
5298
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005299run_test "Small client packet TLS 1.2 AEAD" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02005300 "$P_SRV" \
5301 "$P_CLI request_size=1 force_version=tls1_2 \
5302 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
5303 0 \
5304 -s "Read from client: 1 bytes read"
5305
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005306run_test "Small client packet TLS 1.2 AEAD shorter tag" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02005307 "$P_SRV" \
5308 "$P_CLI request_size=1 force_version=tls1_2 \
5309 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
5310 0 \
5311 -s "Read from client: 1 bytes read"
5312
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005313# Tests for small client packets in DTLS
Hanno Beckere2148042017-11-10 08:59:18 +00005314
5315requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005316run_test "Small client packet DTLS 1.0" \
Hanno Beckere2148042017-11-10 08:59:18 +00005317 "$P_SRV dtls=1 force_version=dtls1" \
5318 "$P_CLI dtls=1 request_size=1 \
5319 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5320 0 \
5321 -s "Read from client: 1 bytes read"
5322
5323requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005324run_test "Small client packet DTLS 1.0, without EtM" \
Hanno Beckere2148042017-11-10 08:59:18 +00005325 "$P_SRV dtls=1 force_version=dtls1 etm=0" \
5326 "$P_CLI dtls=1 request_size=1 \
5327 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5328 0 \
5329 -s "Read from client: 1 bytes read"
5330
5331requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
5332requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005333run_test "Small client packet DTLS 1.0, truncated hmac" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005334 "$P_SRV dtls=1 force_version=dtls1 trunc_hmac=1" \
5335 "$P_CLI dtls=1 request_size=1 trunc_hmac=1 \
Hanno Beckere2148042017-11-10 08:59:18 +00005336 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5337 0 \
5338 -s "Read from client: 1 bytes read"
5339
5340requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
5341requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005342run_test "Small client packet DTLS 1.0, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005343 "$P_SRV dtls=1 force_version=dtls1 trunc_hmac=1 etm=0" \
Hanno Beckere2148042017-11-10 08:59:18 +00005344 "$P_CLI dtls=1 request_size=1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005345 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\
Hanno Beckere2148042017-11-10 08:59:18 +00005346 0 \
5347 -s "Read from client: 1 bytes read"
5348
5349requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005350run_test "Small client packet DTLS 1.2" \
Hanno Beckere2148042017-11-10 08:59:18 +00005351 "$P_SRV dtls=1 force_version=dtls1_2" \
5352 "$P_CLI dtls=1 request_size=1 \
5353 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5354 0 \
5355 -s "Read from client: 1 bytes read"
5356
5357requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005358run_test "Small client packet DTLS 1.2, without EtM" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005359 "$P_SRV dtls=1 force_version=dtls1_2 etm=0" \
Hanno Beckere2148042017-11-10 08:59:18 +00005360 "$P_CLI dtls=1 request_size=1 \
5361 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5362 0 \
5363 -s "Read from client: 1 bytes read"
5364
5365requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
5366requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005367run_test "Small client packet DTLS 1.2, truncated hmac" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005368 "$P_SRV dtls=1 force_version=dtls1_2 trunc_hmac=1" \
Hanno Beckere2148042017-11-10 08:59:18 +00005369 "$P_CLI dtls=1 request_size=1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005370 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
Hanno Beckere2148042017-11-10 08:59:18 +00005371 0 \
5372 -s "Read from client: 1 bytes read"
5373
5374requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
5375requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005376run_test "Small client packet DTLS 1.2, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005377 "$P_SRV dtls=1 force_version=dtls1_2 trunc_hmac=1 etm=0" \
Hanno Beckere2148042017-11-10 08:59:18 +00005378 "$P_CLI dtls=1 request_size=1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005379 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\
Hanno Beckere2148042017-11-10 08:59:18 +00005380 0 \
5381 -s "Read from client: 1 bytes read"
5382
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005383# Tests for small server packets
5384
5385requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
5386run_test "Small server packet SSLv3 BlockCipher" \
5387 "$P_SRV response_size=1 min_version=ssl3" \
5388 "$P_CLI force_version=ssl3 \
5389 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5390 0 \
5391 -c "Read from server: 1 bytes read"
5392
5393requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
5394run_test "Small server packet SSLv3 StreamCipher" \
5395 "$P_SRV response_size=1 min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5396 "$P_CLI force_version=ssl3 \
5397 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5398 0 \
5399 -c "Read from server: 1 bytes read"
5400
5401run_test "Small server packet TLS 1.0 BlockCipher" \
5402 "$P_SRV response_size=1" \
5403 "$P_CLI force_version=tls1 \
5404 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5405 0 \
5406 -c "Read from server: 1 bytes read"
5407
5408run_test "Small server packet TLS 1.0 BlockCipher, without EtM" \
5409 "$P_SRV response_size=1" \
5410 "$P_CLI force_version=tls1 etm=0 \
5411 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5412 0 \
5413 -c "Read from server: 1 bytes read"
5414
5415requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
5416run_test "Small server packet TLS 1.0 BlockCipher, truncated MAC" \
5417 "$P_SRV response_size=1 trunc_hmac=1" \
5418 "$P_CLI force_version=tls1 \
5419 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
5420 0 \
5421 -c "Read from server: 1 bytes read"
5422
5423requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
5424run_test "Small server packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \
5425 "$P_SRV response_size=1 trunc_hmac=1" \
5426 "$P_CLI force_version=tls1 \
5427 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
5428 0 \
5429 -c "Read from server: 1 bytes read"
5430
5431run_test "Small server packet TLS 1.0 StreamCipher" \
5432 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5433 "$P_CLI force_version=tls1 \
5434 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5435 0 \
5436 -c "Read from server: 1 bytes read"
5437
5438run_test "Small server packet TLS 1.0 StreamCipher, without EtM" \
5439 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5440 "$P_CLI force_version=tls1 \
5441 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
5442 0 \
5443 -c "Read from server: 1 bytes read"
5444
5445requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
5446run_test "Small server packet TLS 1.0 StreamCipher, truncated MAC" \
5447 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
5448 "$P_CLI force_version=tls1 \
5449 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
5450 0 \
5451 -c "Read from server: 1 bytes read"
5452
5453requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
5454run_test "Small server packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \
5455 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
5456 "$P_CLI force_version=tls1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
5457 trunc_hmac=1 etm=0" \
5458 0 \
5459 -c "Read from server: 1 bytes read"
5460
5461run_test "Small server packet TLS 1.1 BlockCipher" \
5462 "$P_SRV response_size=1" \
5463 "$P_CLI force_version=tls1_1 \
5464 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5465 0 \
5466 -c "Read from server: 1 bytes read"
5467
5468run_test "Small server packet TLS 1.1 BlockCipher, without EtM" \
5469 "$P_SRV response_size=1" \
5470 "$P_CLI force_version=tls1_1 \
5471 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
5472 0 \
5473 -c "Read from server: 1 bytes read"
5474
5475requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
5476run_test "Small server packet TLS 1.1 BlockCipher, truncated MAC" \
5477 "$P_SRV response_size=1 trunc_hmac=1" \
5478 "$P_CLI force_version=tls1_1 \
5479 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
5480 0 \
5481 -c "Read from server: 1 bytes read"
5482
5483requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
5484run_test "Small server packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \
5485 "$P_SRV response_size=1 trunc_hmac=1" \
5486 "$P_CLI force_version=tls1_1 \
5487 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
5488 0 \
5489 -c "Read from server: 1 bytes read"
5490
5491run_test "Small server packet TLS 1.1 StreamCipher" \
5492 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5493 "$P_CLI force_version=tls1_1 \
5494 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5495 0 \
5496 -c "Read from server: 1 bytes read"
5497
5498run_test "Small server packet TLS 1.1 StreamCipher, without EtM" \
5499 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5500 "$P_CLI force_version=tls1_1 \
5501 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
5502 0 \
5503 -c "Read from server: 1 bytes read"
5504
5505requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
5506run_test "Small server packet TLS 1.1 StreamCipher, truncated MAC" \
5507 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
5508 "$P_CLI force_version=tls1_1 \
5509 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
5510 0 \
5511 -c "Read from server: 1 bytes read"
5512
5513requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
5514run_test "Small server packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \
5515 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
5516 "$P_CLI force_version=tls1_1 \
5517 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
5518 0 \
5519 -c "Read from server: 1 bytes read"
5520
5521run_test "Small server packet TLS 1.2 BlockCipher" \
5522 "$P_SRV response_size=1" \
5523 "$P_CLI force_version=tls1_2 \
5524 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5525 0 \
5526 -c "Read from server: 1 bytes read"
5527
5528run_test "Small server packet TLS 1.2 BlockCipher, without EtM" \
5529 "$P_SRV response_size=1" \
5530 "$P_CLI force_version=tls1_2 \
5531 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
5532 0 \
5533 -c "Read from server: 1 bytes read"
5534
5535run_test "Small server packet TLS 1.2 BlockCipher larger MAC" \
5536 "$P_SRV response_size=1" \
5537 "$P_CLI force_version=tls1_2 \
5538 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
5539 0 \
5540 -c "Read from server: 1 bytes read"
5541
5542requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
5543run_test "Small server packet TLS 1.2 BlockCipher, truncated MAC" \
5544 "$P_SRV response_size=1 trunc_hmac=1" \
5545 "$P_CLI force_version=tls1_2 \
5546 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
5547 0 \
5548 -c "Read from server: 1 bytes read"
5549
5550requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
5551run_test "Small server packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
5552 "$P_SRV response_size=1 trunc_hmac=1" \
5553 "$P_CLI force_version=tls1_2 \
5554 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
5555 0 \
5556 -c "Read from server: 1 bytes read"
5557
5558run_test "Small server packet TLS 1.2 StreamCipher" \
5559 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5560 "$P_CLI force_version=tls1_2 \
5561 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5562 0 \
5563 -c "Read from server: 1 bytes read"
5564
5565run_test "Small server packet TLS 1.2 StreamCipher, without EtM" \
5566 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5567 "$P_CLI force_version=tls1_2 \
5568 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
5569 0 \
5570 -c "Read from server: 1 bytes read"
5571
5572requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
5573run_test "Small server packet TLS 1.2 StreamCipher, truncated MAC" \
5574 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
5575 "$P_CLI force_version=tls1_2 \
5576 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
5577 0 \
5578 -c "Read from server: 1 bytes read"
5579
5580requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
5581run_test "Small server packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
5582 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
5583 "$P_CLI force_version=tls1_2 \
5584 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
5585 0 \
5586 -c "Read from server: 1 bytes read"
5587
5588run_test "Small server packet TLS 1.2 AEAD" \
5589 "$P_SRV response_size=1" \
5590 "$P_CLI force_version=tls1_2 \
5591 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
5592 0 \
5593 -c "Read from server: 1 bytes read"
5594
5595run_test "Small server packet TLS 1.2 AEAD shorter tag" \
5596 "$P_SRV response_size=1" \
5597 "$P_CLI force_version=tls1_2 \
5598 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
5599 0 \
5600 -c "Read from server: 1 bytes read"
5601
5602# Tests for small server packets in DTLS
5603
5604requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
5605run_test "Small server packet DTLS 1.0" \
5606 "$P_SRV dtls=1 response_size=1 force_version=dtls1" \
5607 "$P_CLI dtls=1 \
5608 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5609 0 \
5610 -c "Read from server: 1 bytes read"
5611
5612requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
5613run_test "Small server packet DTLS 1.0, without EtM" \
5614 "$P_SRV dtls=1 response_size=1 force_version=dtls1 etm=0" \
5615 "$P_CLI dtls=1 \
5616 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5617 0 \
5618 -c "Read from server: 1 bytes read"
5619
5620requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
5621requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
5622run_test "Small server packet DTLS 1.0, truncated hmac" \
5623 "$P_SRV dtls=1 response_size=1 force_version=dtls1 trunc_hmac=1" \
5624 "$P_CLI dtls=1 trunc_hmac=1 \
5625 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5626 0 \
5627 -c "Read from server: 1 bytes read"
5628
5629requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
5630requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
5631run_test "Small server packet DTLS 1.0, without EtM, truncated MAC" \
5632 "$P_SRV dtls=1 response_size=1 force_version=dtls1 trunc_hmac=1 etm=0" \
5633 "$P_CLI dtls=1 \
5634 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\
5635 0 \
5636 -c "Read from server: 1 bytes read"
5637
5638requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
5639run_test "Small server packet DTLS 1.2" \
5640 "$P_SRV dtls=1 response_size=1 force_version=dtls1_2" \
5641 "$P_CLI dtls=1 \
5642 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5643 0 \
5644 -c "Read from server: 1 bytes read"
5645
5646requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
5647run_test "Small server packet DTLS 1.2, without EtM" \
5648 "$P_SRV dtls=1 response_size=1 force_version=dtls1_2 etm=0" \
5649 "$P_CLI dtls=1 \
5650 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5651 0 \
5652 -c "Read from server: 1 bytes read"
5653
5654requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
5655requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
5656run_test "Small server packet DTLS 1.2, truncated hmac" \
5657 "$P_SRV dtls=1 response_size=1 force_version=dtls1_2 trunc_hmac=1" \
5658 "$P_CLI dtls=1 \
5659 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
5660 0 \
5661 -c "Read from server: 1 bytes read"
5662
5663requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
5664requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
5665run_test "Small server packet DTLS 1.2, without EtM, truncated MAC" \
5666 "$P_SRV dtls=1 response_size=1 force_version=dtls1_2 trunc_hmac=1 etm=0" \
5667 "$P_CLI dtls=1 \
5668 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\
5669 0 \
5670 -c "Read from server: 1 bytes read"
5671
Janos Follath00efff72016-05-06 13:48:23 +01005672# A test for extensions in SSLv3
5673
5674requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
5675run_test "SSLv3 with extensions, server side" \
5676 "$P_SRV min_version=ssl3 debug_level=3" \
5677 "$P_CLI force_version=ssl3 tickets=1 max_frag_len=4096 alpn=abc,1234" \
5678 0 \
5679 -S "dumping 'client hello extensions'" \
5680 -S "server hello, total extension length:"
5681
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005682# Test for large client packets
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005683
Angus Grattonc4dd0732018-04-11 16:28:39 +10005684# How many fragments do we expect to write $1 bytes?
5685fragments_for_write() {
5686 echo "$(( ( $1 + $MAX_OUT_LEN - 1 ) / $MAX_OUT_LEN ))"
5687}
5688
Janos Follathe2681a42016-03-07 15:57:05 +00005689requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005690run_test "Large client packet SSLv3 BlockCipher" \
Manuel Pégourié-Gonnard448ea502015-01-12 11:40:14 +01005691 "$P_SRV min_version=ssl3" \
Manuel Pégourié-Gonnardc82ee352015-01-07 16:35:25 +01005692 "$P_CLI request_size=16384 force_version=ssl3 recsplit=0 \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005693 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5694 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005695 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
5696 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005697
Janos Follathe2681a42016-03-07 15:57:05 +00005698requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005699run_test "Large client packet SSLv3 StreamCipher" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01005700 "$P_SRV min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005701 "$P_CLI request_size=16384 force_version=ssl3 \
5702 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5703 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005704 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
5705 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005706
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005707run_test "Large client packet TLS 1.0 BlockCipher" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005708 "$P_SRV" \
Manuel Pégourié-Gonnardc82ee352015-01-07 16:35:25 +01005709 "$P_CLI request_size=16384 force_version=tls1 recsplit=0 \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005710 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5711 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005712 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
5713 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005714
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005715run_test "Large client packet TLS 1.0 BlockCipher, without EtM" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005716 "$P_SRV" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00005717 "$P_CLI request_size=16384 force_version=tls1 etm=0 recsplit=0 \
5718 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5719 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005720 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Hanno Becker278fc7a2017-11-10 09:16:28 +00005721
Hanno Becker32c55012017-11-10 08:42:54 +00005722requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005723run_test "Large client packet TLS 1.0 BlockCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005724 "$P_SRV trunc_hmac=1" \
Manuel Pégourié-Gonnardc82ee352015-01-07 16:35:25 +01005725 "$P_CLI request_size=16384 force_version=tls1 recsplit=0 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005726 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005727 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005728 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
5729 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005730
Hanno Becker32c55012017-11-10 08:42:54 +00005731requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005732run_test "Large client packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005733 "$P_SRV trunc_hmac=1" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00005734 "$P_CLI request_size=16384 force_version=tls1 etm=0 recsplit=0 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005735 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00005736 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005737 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Hanno Becker278fc7a2017-11-10 09:16:28 +00005738
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005739run_test "Large client packet TLS 1.0 StreamCipher" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01005740 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005741 "$P_CLI request_size=16384 force_version=tls1 \
Hanno Becker278fc7a2017-11-10 09:16:28 +00005742 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5743 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005744 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Hanno Becker278fc7a2017-11-10 09:16:28 +00005745
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005746run_test "Large client packet TLS 1.0 StreamCipher, without EtM" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00005747 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5748 "$P_CLI request_size=16384 force_version=tls1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005749 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00005750 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005751 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Hanno Becker278fc7a2017-11-10 09:16:28 +00005752
5753requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005754run_test "Large client packet TLS 1.0 StreamCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005755 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005756 "$P_CLI request_size=16384 force_version=tls1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005757 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005758 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005759 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005760
Hanno Becker278fc7a2017-11-10 09:16:28 +00005761requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005762run_test "Large client packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005763 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00005764 "$P_CLI request_size=16384 force_version=tls1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005765 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005766 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005767 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
5768 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005769
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005770run_test "Large client packet TLS 1.1 BlockCipher" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005771 "$P_SRV" \
5772 "$P_CLI request_size=16384 force_version=tls1_1 \
5773 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5774 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005775 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
5776 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005777
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005778run_test "Large client packet TLS 1.1 BlockCipher, without EtM" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00005779 "$P_SRV" \
5780 "$P_CLI request_size=16384 force_version=tls1_1 etm=0 \
5781 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005782 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005783 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005784
Hanno Becker32c55012017-11-10 08:42:54 +00005785requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005786run_test "Large client packet TLS 1.1 BlockCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005787 "$P_SRV trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005788 "$P_CLI request_size=16384 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005789 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005790 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005791 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005792
Hanno Becker32c55012017-11-10 08:42:54 +00005793requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005794run_test "Large client packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005795 "$P_SRV trunc_hmac=1" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00005796 "$P_CLI request_size=16384 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005797 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00005798 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005799 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Hanno Becker278fc7a2017-11-10 09:16:28 +00005800
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005801run_test "Large client packet TLS 1.1 StreamCipher" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005802 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5803 "$P_CLI request_size=16384 force_version=tls1_1 \
5804 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5805 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005806 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
5807 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005808
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005809run_test "Large client packet TLS 1.1 StreamCipher, without EtM" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00005810 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005811 "$P_CLI request_size=16384 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005812 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005813 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005814 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
5815 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005816
Hanno Becker278fc7a2017-11-10 09:16:28 +00005817requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005818run_test "Large client packet TLS 1.1 StreamCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005819 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005820 "$P_CLI request_size=16384 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005821 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005822 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005823 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005824
Hanno Becker278fc7a2017-11-10 09:16:28 +00005825requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005826run_test "Large client packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005827 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00005828 "$P_CLI request_size=16384 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005829 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005830 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005831 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
5832 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005833
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005834run_test "Large client packet TLS 1.2 BlockCipher" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005835 "$P_SRV" \
5836 "$P_CLI request_size=16384 force_version=tls1_2 \
5837 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5838 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005839 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
5840 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005841
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005842run_test "Large client packet TLS 1.2 BlockCipher, without EtM" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00005843 "$P_SRV" \
5844 "$P_CLI request_size=16384 force_version=tls1_2 etm=0 \
5845 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5846 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005847 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Hanno Becker278fc7a2017-11-10 09:16:28 +00005848
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005849run_test "Large client packet TLS 1.2 BlockCipher larger MAC" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005850 "$P_SRV" \
Manuel Pégourié-Gonnardc82ee352015-01-07 16:35:25 +01005851 "$P_CLI request_size=16384 force_version=tls1_2 \
5852 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005853 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005854 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
5855 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005856
Hanno Becker32c55012017-11-10 08:42:54 +00005857requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005858run_test "Large client packet TLS 1.2 BlockCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005859 "$P_SRV trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005860 "$P_CLI request_size=16384 force_version=tls1_2 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005861 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005862 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005863 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005864
Hanno Becker278fc7a2017-11-10 09:16:28 +00005865requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005866run_test "Large client packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005867 "$P_SRV trunc_hmac=1" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00005868 "$P_CLI request_size=16384 force_version=tls1_2 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005869 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005870 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005871 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
5872 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005873
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005874run_test "Large client packet TLS 1.2 StreamCipher" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01005875 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005876 "$P_CLI request_size=16384 force_version=tls1_2 \
5877 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5878 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005879 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
5880 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005881
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005882run_test "Large client packet TLS 1.2 StreamCipher, without EtM" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01005883 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005884 "$P_CLI request_size=16384 force_version=tls1_2 \
Hanno Becker278fc7a2017-11-10 09:16:28 +00005885 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
5886 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005887 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Hanno Becker278fc7a2017-11-10 09:16:28 +00005888
Hanno Becker32c55012017-11-10 08:42:54 +00005889requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005890run_test "Large client packet TLS 1.2 StreamCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005891 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005892 "$P_CLI request_size=16384 force_version=tls1_2 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005893 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005894 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005895 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005896
Hanno Becker278fc7a2017-11-10 09:16:28 +00005897requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005898run_test "Large client packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005899 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00005900 "$P_CLI request_size=16384 force_version=tls1_2 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005901 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005902 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005903 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
5904 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005905
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005906run_test "Large client packet TLS 1.2 AEAD" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005907 "$P_SRV" \
5908 "$P_CLI request_size=16384 force_version=tls1_2 \
5909 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
5910 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005911 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
5912 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005913
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005914run_test "Large client packet TLS 1.2 AEAD shorter tag" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005915 "$P_SRV" \
5916 "$P_CLI request_size=16384 force_version=tls1_2 \
5917 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
5918 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005919 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
5920 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005921
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005922# Test for large server packets
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005923requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
5924run_test "Large server packet SSLv3 StreamCipher" \
5925 "$P_SRV response_size=16384 min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5926 "$P_CLI force_version=ssl3 \
5927 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5928 0 \
5929 -c "Read from server: 16384 bytes read"
5930
Andrzej Kurek6a4f2242018-08-27 08:00:13 -04005931# Checking next 4 tests logs for 1n-1 split against BEAST too
5932requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
5933run_test "Large server packet SSLv3 BlockCipher" \
5934 "$P_SRV response_size=16384 min_version=ssl3" \
5935 "$P_CLI force_version=ssl3 recsplit=0 \
5936 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5937 0 \
5938 -c "Read from server: 1 bytes read"\
5939 -c "16383 bytes read"\
5940 -C "Read from server: 16384 bytes read"
5941
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005942run_test "Large server packet TLS 1.0 BlockCipher" \
5943 "$P_SRV response_size=16384" \
5944 "$P_CLI force_version=tls1 recsplit=0 \
5945 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5946 0 \
5947 -c "Read from server: 1 bytes read"\
5948 -c "16383 bytes read"\
5949 -C "Read from server: 16384 bytes read"
5950
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005951run_test "Large server packet TLS 1.0 BlockCipher, without EtM" \
5952 "$P_SRV response_size=16384" \
5953 "$P_CLI force_version=tls1 etm=0 recsplit=0 \
5954 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5955 0 \
5956 -c "Read from server: 1 bytes read"\
5957 -c "16383 bytes read"\
5958 -C "Read from server: 16384 bytes read"
5959
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005960requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
5961run_test "Large server packet TLS 1.0 BlockCipher truncated MAC" \
5962 "$P_SRV response_size=16384" \
5963 "$P_CLI force_version=tls1 recsplit=0 \
5964 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
5965 trunc_hmac=1" \
5966 0 \
5967 -c "Read from server: 1 bytes read"\
5968 -c "16383 bytes read"\
5969 -C "Read from server: 16384 bytes read"
5970
5971requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
5972run_test "Large server packet TLS 1.0 StreamCipher truncated MAC" \
5973 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5974 "$P_CLI force_version=tls1 \
5975 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
5976 trunc_hmac=1" \
5977 0 \
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005978 -s "16384 bytes written in 1 fragments" \
5979 -c "Read from server: 16384 bytes read"
5980
5981run_test "Large server packet TLS 1.0 StreamCipher" \
5982 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5983 "$P_CLI force_version=tls1 \
5984 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5985 0 \
5986 -s "16384 bytes written in 1 fragments" \
5987 -c "Read from server: 16384 bytes read"
5988
5989run_test "Large server packet TLS 1.0 StreamCipher, without EtM" \
5990 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5991 "$P_CLI force_version=tls1 \
5992 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
5993 0 \
5994 -s "16384 bytes written in 1 fragments" \
5995 -c "Read from server: 16384 bytes read"
5996
5997requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
5998run_test "Large server packet TLS 1.0 StreamCipher, truncated MAC" \
5999 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
6000 "$P_CLI force_version=tls1 \
6001 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
6002 0 \
6003 -s "16384 bytes written in 1 fragments" \
6004 -c "Read from server: 16384 bytes read"
6005
6006requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
6007run_test "Large server packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \
6008 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
6009 "$P_CLI force_version=tls1 \
6010 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
6011 0 \
6012 -s "16384 bytes written in 1 fragments" \
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006013 -c "Read from server: 16384 bytes read"
6014
6015run_test "Large server packet TLS 1.1 BlockCipher" \
6016 "$P_SRV response_size=16384" \
6017 "$P_CLI force_version=tls1_1 \
6018 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6019 0 \
6020 -c "Read from server: 16384 bytes read"
6021
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006022run_test "Large server packet TLS 1.1 BlockCipher, without EtM" \
6023 "$P_SRV response_size=16384" \
6024 "$P_CLI force_version=tls1_1 etm=0 \
6025 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006026 0 \
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006027 -s "16384 bytes written in 1 fragments" \
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006028 -c "Read from server: 16384 bytes read"
6029
6030requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
6031run_test "Large server packet TLS 1.1 BlockCipher truncated MAC" \
6032 "$P_SRV response_size=16384" \
6033 "$P_CLI force_version=tls1_1 \
6034 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
6035 trunc_hmac=1" \
6036 0 \
6037 -c "Read from server: 16384 bytes read"
6038
6039requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006040run_test "Large server packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \
6041 "$P_SRV response_size=16384 trunc_hmac=1" \
6042 "$P_CLI force_version=tls1_1 \
6043 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
6044 0 \
6045 -s "16384 bytes written in 1 fragments" \
6046 -c "Read from server: 16384 bytes read"
6047
6048run_test "Large server packet TLS 1.1 StreamCipher" \
6049 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6050 "$P_CLI force_version=tls1_1 \
6051 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6052 0 \
6053 -c "Read from server: 16384 bytes read"
6054
6055run_test "Large server packet TLS 1.1 StreamCipher, without EtM" \
6056 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6057 "$P_CLI force_version=tls1_1 \
6058 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
6059 0 \
6060 -s "16384 bytes written in 1 fragments" \
6061 -c "Read from server: 16384 bytes read"
6062
6063requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006064run_test "Large server packet TLS 1.1 StreamCipher truncated MAC" \
6065 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6066 "$P_CLI force_version=tls1_1 \
6067 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
6068 trunc_hmac=1" \
6069 0 \
6070 -c "Read from server: 16384 bytes read"
6071
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006072run_test "Large server packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \
6073 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
6074 "$P_CLI force_version=tls1_1 \
6075 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
6076 0 \
6077 -s "16384 bytes written in 1 fragments" \
6078 -c "Read from server: 16384 bytes read"
6079
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006080run_test "Large server packet TLS 1.2 BlockCipher" \
6081 "$P_SRV response_size=16384" \
6082 "$P_CLI force_version=tls1_2 \
6083 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6084 0 \
6085 -c "Read from server: 16384 bytes read"
6086
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006087run_test "Large server packet TLS 1.2 BlockCipher, without EtM" \
6088 "$P_SRV response_size=16384" \
6089 "$P_CLI force_version=tls1_2 etm=0 \
6090 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6091 0 \
6092 -s "16384 bytes written in 1 fragments" \
6093 -c "Read from server: 16384 bytes read"
6094
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006095run_test "Large server packet TLS 1.2 BlockCipher larger MAC" \
6096 "$P_SRV response_size=16384" \
6097 "$P_CLI force_version=tls1_2 \
6098 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
6099 0 \
6100 -c "Read from server: 16384 bytes read"
6101
6102requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
6103run_test "Large server packet TLS 1.2 BlockCipher truncated MAC" \
6104 "$P_SRV response_size=16384" \
6105 "$P_CLI force_version=tls1_2 \
6106 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
6107 trunc_hmac=1" \
6108 0 \
6109 -c "Read from server: 16384 bytes read"
6110
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006111run_test "Large server packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
6112 "$P_SRV response_size=16384 trunc_hmac=1" \
6113 "$P_CLI force_version=tls1_2 \
6114 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
6115 0 \
6116 -s "16384 bytes written in 1 fragments" \
6117 -c "Read from server: 16384 bytes read"
6118
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006119run_test "Large server packet TLS 1.2 StreamCipher" \
6120 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6121 "$P_CLI force_version=tls1_2 \
6122 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6123 0 \
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006124 -s "16384 bytes written in 1 fragments" \
6125 -c "Read from server: 16384 bytes read"
6126
6127run_test "Large server packet TLS 1.2 StreamCipher, without EtM" \
6128 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6129 "$P_CLI force_version=tls1_2 \
6130 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
6131 0 \
6132 -s "16384 bytes written in 1 fragments" \
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006133 -c "Read from server: 16384 bytes read"
6134
6135requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
6136run_test "Large server packet TLS 1.2 StreamCipher truncated MAC" \
6137 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6138 "$P_CLI force_version=tls1_2 \
6139 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
6140 trunc_hmac=1" \
6141 0 \
6142 -c "Read from server: 16384 bytes read"
6143
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006144requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
6145run_test "Large server packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
6146 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
6147 "$P_CLI force_version=tls1_2 \
6148 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
6149 0 \
6150 -s "16384 bytes written in 1 fragments" \
6151 -c "Read from server: 16384 bytes read"
6152
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006153run_test "Large server packet TLS 1.2 AEAD" \
6154 "$P_SRV response_size=16384" \
6155 "$P_CLI force_version=tls1_2 \
6156 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
6157 0 \
6158 -c "Read from server: 16384 bytes read"
6159
6160run_test "Large server packet TLS 1.2 AEAD shorter tag" \
6161 "$P_SRV response_size=16384" \
6162 "$P_CLI force_version=tls1_2 \
6163 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
6164 0 \
6165 -c "Read from server: 16384 bytes read"
6166
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02006167# Tests for restartable ECC
6168
6169requires_config_enabled MBEDTLS_ECP_RESTARTABLE
6170run_test "EC restart: TLS, default" \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02006171 "$P_SRV auth_mode=required" \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02006172 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02006173 key_file=data_files/server5.key crt_file=data_files/server5.crt \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02006174 debug_level=1" \
6175 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02006176 -C "x509_verify_cert.*4b00" \
6177 -C "mbedtls_pk_verify.*4b00" \
6178 -C "mbedtls_ecdh_make_public.*4b00" \
6179 -C "mbedtls_pk_sign.*4b00"
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02006180
6181requires_config_enabled MBEDTLS_ECP_RESTARTABLE
6182run_test "EC restart: TLS, max_ops=0" \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02006183 "$P_SRV auth_mode=required" \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02006184 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02006185 key_file=data_files/server5.key crt_file=data_files/server5.crt \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02006186 debug_level=1 ec_max_ops=0" \
6187 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02006188 -C "x509_verify_cert.*4b00" \
6189 -C "mbedtls_pk_verify.*4b00" \
6190 -C "mbedtls_ecdh_make_public.*4b00" \
6191 -C "mbedtls_pk_sign.*4b00"
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02006192
6193requires_config_enabled MBEDTLS_ECP_RESTARTABLE
6194run_test "EC restart: TLS, max_ops=65535" \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02006195 "$P_SRV auth_mode=required" \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02006196 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02006197 key_file=data_files/server5.key crt_file=data_files/server5.crt \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02006198 debug_level=1 ec_max_ops=65535" \
6199 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02006200 -C "x509_verify_cert.*4b00" \
6201 -C "mbedtls_pk_verify.*4b00" \
6202 -C "mbedtls_ecdh_make_public.*4b00" \
6203 -C "mbedtls_pk_sign.*4b00"
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02006204
6205requires_config_enabled MBEDTLS_ECP_RESTARTABLE
6206run_test "EC restart: TLS, max_ops=1000" \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02006207 "$P_SRV auth_mode=required" \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02006208 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02006209 key_file=data_files/server5.key crt_file=data_files/server5.crt \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02006210 debug_level=1 ec_max_ops=1000" \
6211 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02006212 -c "x509_verify_cert.*4b00" \
6213 -c "mbedtls_pk_verify.*4b00" \
6214 -c "mbedtls_ecdh_make_public.*4b00" \
6215 -c "mbedtls_pk_sign.*4b00"
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02006216
6217requires_config_enabled MBEDTLS_ECP_RESTARTABLE
Hanno Becker4a156fc2019-06-14 17:07:06 +01006218requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Manuel Pégourié-Gonnard3bf49c42017-08-15 13:47:06 +02006219run_test "EC restart: TLS, max_ops=1000, badsign" \
6220 "$P_SRV auth_mode=required \
6221 crt_file=data_files/server5-badsign.crt \
6222 key_file=data_files/server5.key" \
6223 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
6224 key_file=data_files/server5.key crt_file=data_files/server5.crt \
6225 debug_level=1 ec_max_ops=1000" \
6226 1 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02006227 -c "x509_verify_cert.*4b00" \
6228 -C "mbedtls_pk_verify.*4b00" \
6229 -C "mbedtls_ecdh_make_public.*4b00" \
6230 -C "mbedtls_pk_sign.*4b00" \
Manuel Pégourié-Gonnard3bf49c42017-08-15 13:47:06 +02006231 -c "! The certificate is not correctly signed by the trusted CA" \
6232 -c "! mbedtls_ssl_handshake returned" \
6233 -c "X509 - Certificate verification failed"
6234
Hanno Becker4a156fc2019-06-14 17:07:06 +01006235requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Manuel Pégourié-Gonnard3bf49c42017-08-15 13:47:06 +02006236requires_config_enabled MBEDTLS_ECP_RESTARTABLE
6237run_test "EC restart: TLS, max_ops=1000, auth_mode=optional badsign" \
6238 "$P_SRV auth_mode=required \
6239 crt_file=data_files/server5-badsign.crt \
6240 key_file=data_files/server5.key" \
6241 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
6242 key_file=data_files/server5.key crt_file=data_files/server5.crt \
6243 debug_level=1 ec_max_ops=1000 auth_mode=optional" \
6244 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02006245 -c "x509_verify_cert.*4b00" \
6246 -c "mbedtls_pk_verify.*4b00" \
6247 -c "mbedtls_ecdh_make_public.*4b00" \
6248 -c "mbedtls_pk_sign.*4b00" \
Manuel Pégourié-Gonnard3bf49c42017-08-15 13:47:06 +02006249 -c "! The certificate is not correctly signed by the trusted CA" \
6250 -C "! mbedtls_ssl_handshake returned" \
6251 -C "X509 - Certificate verification failed"
6252
Hanno Becker4a156fc2019-06-14 17:07:06 +01006253requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Manuel Pégourié-Gonnard3bf49c42017-08-15 13:47:06 +02006254requires_config_enabled MBEDTLS_ECP_RESTARTABLE
6255run_test "EC restart: TLS, max_ops=1000, auth_mode=none badsign" \
6256 "$P_SRV auth_mode=required \
6257 crt_file=data_files/server5-badsign.crt \
6258 key_file=data_files/server5.key" \
6259 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
6260 key_file=data_files/server5.key crt_file=data_files/server5.crt \
6261 debug_level=1 ec_max_ops=1000 auth_mode=none" \
6262 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02006263 -C "x509_verify_cert.*4b00" \
6264 -c "mbedtls_pk_verify.*4b00" \
6265 -c "mbedtls_ecdh_make_public.*4b00" \
6266 -c "mbedtls_pk_sign.*4b00" \
Manuel Pégourié-Gonnard3bf49c42017-08-15 13:47:06 +02006267 -C "! The certificate is not correctly signed by the trusted CA" \
6268 -C "! mbedtls_ssl_handshake returned" \
6269 -C "X509 - Certificate verification failed"
6270
6271requires_config_enabled MBEDTLS_ECP_RESTARTABLE
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02006272run_test "EC restart: DTLS, max_ops=1000" \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02006273 "$P_SRV auth_mode=required dtls=1" \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02006274 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02006275 key_file=data_files/server5.key crt_file=data_files/server5.crt \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02006276 dtls=1 debug_level=1 ec_max_ops=1000" \
6277 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02006278 -c "x509_verify_cert.*4b00" \
6279 -c "mbedtls_pk_verify.*4b00" \
6280 -c "mbedtls_ecdh_make_public.*4b00" \
6281 -c "mbedtls_pk_sign.*4b00"
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02006282
Manuel Pégourié-Gonnard32033da2017-05-18 12:49:27 +02006283requires_config_enabled MBEDTLS_ECP_RESTARTABLE
6284run_test "EC restart: TLS, max_ops=1000 no client auth" \
6285 "$P_SRV" \
6286 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
6287 debug_level=1 ec_max_ops=1000" \
6288 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02006289 -c "x509_verify_cert.*4b00" \
6290 -c "mbedtls_pk_verify.*4b00" \
6291 -c "mbedtls_ecdh_make_public.*4b00" \
6292 -C "mbedtls_pk_sign.*4b00"
Manuel Pégourié-Gonnard32033da2017-05-18 12:49:27 +02006293
6294requires_config_enabled MBEDTLS_ECP_RESTARTABLE
6295run_test "EC restart: TLS, max_ops=1000, ECDHE-PSK" \
6296 "$P_SRV psk=abc123" \
6297 "$P_CLI force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \
6298 psk=abc123 debug_level=1 ec_max_ops=1000" \
6299 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02006300 -C "x509_verify_cert.*4b00" \
6301 -C "mbedtls_pk_verify.*4b00" \
6302 -C "mbedtls_ecdh_make_public.*4b00" \
6303 -C "mbedtls_pk_sign.*4b00"
Manuel Pégourié-Gonnard32033da2017-05-18 12:49:27 +02006304
Gilles Peskine3665f1d2018-01-05 21:22:12 +01006305# Tests of asynchronous private key support in SSL
6306
Gilles Peskineb74a1c72018-04-24 13:09:22 +02006307requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinefcca9d82018-01-12 13:47:48 +01006308run_test "SSL async private: sign, delay=0" \
6309 "$P_SRV \
6310 async_operations=s async_private_delay1=0 async_private_delay2=0" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01006311 "$P_CLI" \
6312 0 \
6313 -s "Async sign callback: using key slot " \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01006314 -s "Async resume (slot [0-9]): sign done, status=0"
Gilles Peskine3665f1d2018-01-05 21:22:12 +01006315
Gilles Peskineb74a1c72018-04-24 13:09:22 +02006316requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinefcca9d82018-01-12 13:47:48 +01006317run_test "SSL async private: sign, delay=1" \
6318 "$P_SRV \
6319 async_operations=s async_private_delay1=1 async_private_delay2=1" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01006320 "$P_CLI" \
6321 0 \
6322 -s "Async sign callback: using key slot " \
6323 -s "Async resume (slot [0-9]): call 0 more times." \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01006324 -s "Async resume (slot [0-9]): sign done, status=0"
6325
Gilles Peskine12d0cc12018-04-26 15:06:56 +02006326requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
6327run_test "SSL async private: sign, delay=2" \
6328 "$P_SRV \
6329 async_operations=s async_private_delay1=2 async_private_delay2=2" \
6330 "$P_CLI" \
6331 0 \
6332 -s "Async sign callback: using key slot " \
6333 -U "Async sign callback: using key slot " \
6334 -s "Async resume (slot [0-9]): call 1 more times." \
6335 -s "Async resume (slot [0-9]): call 0 more times." \
6336 -s "Async resume (slot [0-9]): sign done, status=0"
6337
Gilles Peskined3268832018-04-26 06:23:59 +02006338# Test that the async callback correctly signs the 36-byte hash of TLS 1.0/1.1
6339# with RSA PKCS#1v1.5 as used in TLS 1.0/1.1.
6340requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
6341requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
6342run_test "SSL async private: sign, RSA, TLS 1.1" \
6343 "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt \
6344 async_operations=s async_private_delay1=0 async_private_delay2=0" \
6345 "$P_CLI force_version=tls1_1" \
6346 0 \
6347 -s "Async sign callback: using key slot " \
6348 -s "Async resume (slot [0-9]): sign done, status=0"
6349
Gilles Peskineb74a1c72018-04-24 13:09:22 +02006350requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Hanno Beckerb2c63832019-06-17 08:35:16 +01006351requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Gilles Peskine807d74a2018-04-30 10:30:49 +02006352run_test "SSL async private: sign, SNI" \
6353 "$P_SRV debug_level=3 \
6354 async_operations=s async_private_delay1=0 async_private_delay2=0 \
6355 crt_file=data_files/server5.crt key_file=data_files/server5.key \
6356 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
6357 "$P_CLI server_name=polarssl.example" \
6358 0 \
6359 -s "Async sign callback: using key slot " \
6360 -s "Async resume (slot [0-9]): sign done, status=0" \
6361 -s "parse ServerName extension" \
6362 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
6363 -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example"
6364
6365requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinefcca9d82018-01-12 13:47:48 +01006366run_test "SSL async private: decrypt, delay=0" \
6367 "$P_SRV \
6368 async_operations=d async_private_delay1=0 async_private_delay2=0" \
6369 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
6370 0 \
6371 -s "Async decrypt callback: using key slot " \
6372 -s "Async resume (slot [0-9]): decrypt done, status=0"
6373
Gilles Peskineb74a1c72018-04-24 13:09:22 +02006374requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinefcca9d82018-01-12 13:47:48 +01006375run_test "SSL async private: decrypt, delay=1" \
6376 "$P_SRV \
6377 async_operations=d async_private_delay1=1 async_private_delay2=1" \
6378 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
6379 0 \
6380 -s "Async decrypt callback: using key slot " \
6381 -s "Async resume (slot [0-9]): call 0 more times." \
6382 -s "Async resume (slot [0-9]): decrypt done, status=0"
6383
Gilles Peskineb74a1c72018-04-24 13:09:22 +02006384requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinefcca9d82018-01-12 13:47:48 +01006385run_test "SSL async private: decrypt RSA-PSK, delay=0" \
6386 "$P_SRV psk=abc123 \
6387 async_operations=d async_private_delay1=0 async_private_delay2=0" \
6388 "$P_CLI psk=abc123 \
6389 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256" \
6390 0 \
6391 -s "Async decrypt callback: using key slot " \
6392 -s "Async resume (slot [0-9]): decrypt done, status=0"
6393
Gilles Peskineb74a1c72018-04-24 13:09:22 +02006394requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinefcca9d82018-01-12 13:47:48 +01006395run_test "SSL async private: decrypt RSA-PSK, delay=1" \
6396 "$P_SRV psk=abc123 \
6397 async_operations=d async_private_delay1=1 async_private_delay2=1" \
6398 "$P_CLI psk=abc123 \
6399 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256" \
6400 0 \
6401 -s "Async decrypt callback: using key slot " \
6402 -s "Async resume (slot [0-9]): call 0 more times." \
6403 -s "Async resume (slot [0-9]): decrypt done, status=0"
6404
Gilles Peskineb74a1c72018-04-24 13:09:22 +02006405requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinefcca9d82018-01-12 13:47:48 +01006406run_test "SSL async private: sign callback not present" \
6407 "$P_SRV \
6408 async_operations=d async_private_delay1=1 async_private_delay2=1" \
6409 "$P_CLI; [ \$? -eq 1 ] &&
6410 $P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
6411 0 \
6412 -S "Async sign callback" \
6413 -s "! mbedtls_ssl_handshake returned" \
6414 -s "The own private key or pre-shared key is not set, but needed" \
6415 -s "Async resume (slot [0-9]): decrypt done, status=0" \
6416 -s "Successful connection"
6417
Gilles Peskineb74a1c72018-04-24 13:09:22 +02006418requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinefcca9d82018-01-12 13:47:48 +01006419run_test "SSL async private: decrypt callback not present" \
6420 "$P_SRV debug_level=1 \
6421 async_operations=s async_private_delay1=1 async_private_delay2=1" \
6422 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA;
6423 [ \$? -eq 1 ] && $P_CLI" \
6424 0 \
6425 -S "Async decrypt callback" \
6426 -s "! mbedtls_ssl_handshake returned" \
6427 -s "got no RSA private key" \
6428 -s "Async resume (slot [0-9]): sign done, status=0" \
6429 -s "Successful connection"
Gilles Peskine3665f1d2018-01-05 21:22:12 +01006430
6431# key1: ECDSA, key2: RSA; use key1 from slot 0
Gilles Peskineb74a1c72018-04-24 13:09:22 +02006432requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine3665f1d2018-01-05 21:22:12 +01006433run_test "SSL async private: slot 0 used with key1" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01006434 "$P_SRV \
6435 async_operations=s async_private_delay1=1 \
6436 key_file=data_files/server5.key crt_file=data_files/server5.crt \
6437 key_file2=data_files/server2.key crt_file2=data_files/server2.crt" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01006438 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
6439 0 \
6440 -s "Async sign callback: using key slot 0," \
6441 -s "Async resume (slot 0): call 0 more times." \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01006442 -s "Async resume (slot 0): sign done, status=0"
Gilles Peskine3665f1d2018-01-05 21:22:12 +01006443
6444# key1: ECDSA, key2: RSA; use key2 from slot 0
Gilles Peskineb74a1c72018-04-24 13:09:22 +02006445requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine3665f1d2018-01-05 21:22:12 +01006446run_test "SSL async private: slot 0 used with key2" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01006447 "$P_SRV \
6448 async_operations=s async_private_delay2=1 \
6449 key_file=data_files/server5.key crt_file=data_files/server5.crt \
6450 key_file2=data_files/server2.key crt_file2=data_files/server2.crt" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01006451 "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \
6452 0 \
6453 -s "Async sign callback: using key slot 0," \
6454 -s "Async resume (slot 0): call 0 more times." \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01006455 -s "Async resume (slot 0): sign done, status=0"
Gilles Peskine3665f1d2018-01-05 21:22:12 +01006456
6457# key1: ECDSA, key2: RSA; use key2 from slot 1
Gilles Peskineb74a1c72018-04-24 13:09:22 +02006458requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinead28bf02018-04-26 00:19:16 +02006459run_test "SSL async private: slot 1 used with key2" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01006460 "$P_SRV \
Gilles Peskine168dae82018-04-25 23:35:42 +02006461 async_operations=s async_private_delay1=1 async_private_delay2=1 \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01006462 key_file=data_files/server5.key crt_file=data_files/server5.crt \
6463 key_file2=data_files/server2.key crt_file2=data_files/server2.crt" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01006464 "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \
6465 0 \
6466 -s "Async sign callback: using key slot 1," \
6467 -s "Async resume (slot 1): call 0 more times." \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01006468 -s "Async resume (slot 1): sign done, status=0"
Gilles Peskine3665f1d2018-01-05 21:22:12 +01006469
6470# key1: ECDSA, key2: RSA; use key2 directly
Gilles Peskineb74a1c72018-04-24 13:09:22 +02006471requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine3665f1d2018-01-05 21:22:12 +01006472run_test "SSL async private: fall back to transparent key" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01006473 "$P_SRV \
6474 async_operations=s async_private_delay1=1 \
6475 key_file=data_files/server5.key crt_file=data_files/server5.crt \
6476 key_file2=data_files/server2.key crt_file2=data_files/server2.crt " \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01006477 "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \
6478 0 \
6479 -s "Async sign callback: no key matches this certificate."
6480
Gilles Peskineb74a1c72018-04-24 13:09:22 +02006481requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine725f1cb2018-06-12 15:06:40 +02006482run_test "SSL async private: sign, error in start" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01006483 "$P_SRV \
6484 async_operations=s async_private_delay1=1 async_private_delay2=1 \
6485 async_private_error=1" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01006486 "$P_CLI" \
6487 1 \
6488 -s "Async sign callback: injected error" \
6489 -S "Async resume" \
Gilles Peskine37289cd2018-04-27 11:50:14 +02006490 -S "Async cancel" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01006491 -s "! mbedtls_ssl_handshake returned"
6492
Gilles Peskineb74a1c72018-04-24 13:09:22 +02006493requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine725f1cb2018-06-12 15:06:40 +02006494run_test "SSL async private: sign, cancel after start" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01006495 "$P_SRV \
6496 async_operations=s async_private_delay1=1 async_private_delay2=1 \
6497 async_private_error=2" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01006498 "$P_CLI" \
6499 1 \
6500 -s "Async sign callback: using key slot " \
6501 -S "Async resume" \
6502 -s "Async cancel"
6503
Gilles Peskineb74a1c72018-04-24 13:09:22 +02006504requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine725f1cb2018-06-12 15:06:40 +02006505run_test "SSL async private: sign, error in resume" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01006506 "$P_SRV \
6507 async_operations=s async_private_delay1=1 async_private_delay2=1 \
6508 async_private_error=3" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01006509 "$P_CLI" \
6510 1 \
6511 -s "Async sign callback: using key slot " \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01006512 -s "Async resume callback: sign done but injected error" \
Gilles Peskine37289cd2018-04-27 11:50:14 +02006513 -S "Async cancel" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01006514 -s "! mbedtls_ssl_handshake returned"
6515
Gilles Peskineb74a1c72018-04-24 13:09:22 +02006516requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine725f1cb2018-06-12 15:06:40 +02006517run_test "SSL async private: decrypt, error in start" \
6518 "$P_SRV \
6519 async_operations=d async_private_delay1=1 async_private_delay2=1 \
6520 async_private_error=1" \
6521 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
6522 1 \
6523 -s "Async decrypt callback: injected error" \
6524 -S "Async resume" \
6525 -S "Async cancel" \
6526 -s "! mbedtls_ssl_handshake returned"
6527
6528requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
6529run_test "SSL async private: decrypt, cancel after start" \
6530 "$P_SRV \
6531 async_operations=d async_private_delay1=1 async_private_delay2=1 \
6532 async_private_error=2" \
6533 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
6534 1 \
6535 -s "Async decrypt callback: using key slot " \
6536 -S "Async resume" \
6537 -s "Async cancel"
6538
6539requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
6540run_test "SSL async private: decrypt, error in resume" \
6541 "$P_SRV \
6542 async_operations=d async_private_delay1=1 async_private_delay2=1 \
6543 async_private_error=3" \
6544 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
6545 1 \
6546 -s "Async decrypt callback: using key slot " \
6547 -s "Async resume callback: decrypt done but injected error" \
6548 -S "Async cancel" \
6549 -s "! mbedtls_ssl_handshake returned"
6550
6551requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine60ee4ca2018-01-08 11:28:05 +01006552run_test "SSL async private: cancel after start then operate correctly" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01006553 "$P_SRV \
6554 async_operations=s async_private_delay1=1 async_private_delay2=1 \
6555 async_private_error=-2" \
Gilles Peskine60ee4ca2018-01-08 11:28:05 +01006556 "$P_CLI; [ \$? -eq 1 ] && $P_CLI" \
6557 0 \
6558 -s "Async cancel" \
6559 -s "! mbedtls_ssl_handshake returned" \
6560 -s "Async resume" \
6561 -s "Successful connection"
6562
Gilles Peskineb74a1c72018-04-24 13:09:22 +02006563requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine60ee4ca2018-01-08 11:28:05 +01006564run_test "SSL async private: error in resume then operate correctly" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01006565 "$P_SRV \
6566 async_operations=s async_private_delay1=1 async_private_delay2=1 \
6567 async_private_error=-3" \
Gilles Peskine60ee4ca2018-01-08 11:28:05 +01006568 "$P_CLI; [ \$? -eq 1 ] && $P_CLI" \
6569 0 \
6570 -s "! mbedtls_ssl_handshake returned" \
6571 -s "Async resume" \
6572 -s "Successful connection"
6573
6574# key1: ECDSA, key2: RSA; use key1 through async, then key2 directly
Gilles Peskineb74a1c72018-04-24 13:09:22 +02006575requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine60ee4ca2018-01-08 11:28:05 +01006576run_test "SSL async private: cancel after start then fall back to transparent key" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01006577 "$P_SRV \
6578 async_operations=s async_private_delay1=1 async_private_error=-2 \
6579 key_file=data_files/server5.key crt_file=data_files/server5.crt \
6580 key_file2=data_files/server2.key crt_file2=data_files/server2.crt" \
Gilles Peskine60ee4ca2018-01-08 11:28:05 +01006581 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256;
6582 [ \$? -eq 1 ] &&
6583 $P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \
6584 0 \
Gilles Peskinededa75a2018-04-30 10:02:45 +02006585 -s "Async sign callback: using key slot 0" \
Gilles Peskine60ee4ca2018-01-08 11:28:05 +01006586 -S "Async resume" \
6587 -s "Async cancel" \
6588 -s "! mbedtls_ssl_handshake returned" \
6589 -s "Async sign callback: no key matches this certificate." \
6590 -s "Successful connection"
6591
6592# key1: ECDSA, key2: RSA; use key1 through async, then key2 directly
Gilles Peskineb74a1c72018-04-24 13:09:22 +02006593requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine725f1cb2018-06-12 15:06:40 +02006594run_test "SSL async private: sign, error in resume then fall back to transparent key" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01006595 "$P_SRV \
6596 async_operations=s async_private_delay1=1 async_private_error=-3 \
6597 key_file=data_files/server5.key crt_file=data_files/server5.crt \
6598 key_file2=data_files/server2.key crt_file2=data_files/server2.crt" \
Gilles Peskine60ee4ca2018-01-08 11:28:05 +01006599 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256;
6600 [ \$? -eq 1 ] &&
6601 $P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \
6602 0 \
6603 -s "Async resume" \
6604 -s "! mbedtls_ssl_handshake returned" \
6605 -s "Async sign callback: no key matches this certificate." \
6606 -s "Successful connection"
6607
Gilles Peskineb74a1c72018-04-24 13:09:22 +02006608requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine3665f1d2018-01-05 21:22:12 +01006609requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Gilles Peskinefcca9d82018-01-12 13:47:48 +01006610run_test "SSL async private: renegotiation: client-initiated; sign" \
6611 "$P_SRV \
6612 async_operations=s async_private_delay1=1 async_private_delay2=1 \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01006613 exchanges=2 renegotiation=1" \
6614 "$P_CLI exchanges=2 renegotiation=1 renegotiate=1" \
6615 0 \
6616 -s "Async sign callback: using key slot " \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01006617 -s "Async resume (slot [0-9]): sign done, status=0"
Gilles Peskine3665f1d2018-01-05 21:22:12 +01006618
Gilles Peskineb74a1c72018-04-24 13:09:22 +02006619requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine3665f1d2018-01-05 21:22:12 +01006620requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Gilles Peskinefcca9d82018-01-12 13:47:48 +01006621run_test "SSL async private: renegotiation: server-initiated; sign" \
6622 "$P_SRV \
6623 async_operations=s async_private_delay1=1 async_private_delay2=1 \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01006624 exchanges=2 renegotiation=1 renegotiate=1" \
6625 "$P_CLI exchanges=2 renegotiation=1" \
6626 0 \
6627 -s "Async sign callback: using key slot " \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01006628 -s "Async resume (slot [0-9]): sign done, status=0"
6629
Gilles Peskineb74a1c72018-04-24 13:09:22 +02006630requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinefcca9d82018-01-12 13:47:48 +01006631requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
6632run_test "SSL async private: renegotiation: client-initiated; decrypt" \
6633 "$P_SRV \
6634 async_operations=d async_private_delay1=1 async_private_delay2=1 \
6635 exchanges=2 renegotiation=1" \
6636 "$P_CLI exchanges=2 renegotiation=1 renegotiate=1 \
6637 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
6638 0 \
6639 -s "Async decrypt callback: using key slot " \
6640 -s "Async resume (slot [0-9]): decrypt done, status=0"
6641
Gilles Peskineb74a1c72018-04-24 13:09:22 +02006642requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinefcca9d82018-01-12 13:47:48 +01006643requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
6644run_test "SSL async private: renegotiation: server-initiated; decrypt" \
6645 "$P_SRV \
6646 async_operations=d async_private_delay1=1 async_private_delay2=1 \
6647 exchanges=2 renegotiation=1 renegotiate=1" \
6648 "$P_CLI exchanges=2 renegotiation=1 \
6649 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
6650 0 \
6651 -s "Async decrypt callback: using key slot " \
6652 -s "Async resume (slot [0-9]): decrypt done, status=0"
Gilles Peskine3665f1d2018-01-05 21:22:12 +01006653
Ron Eldor58093c82018-06-28 13:22:05 +03006654# Tests for ECC extensions (rfc 4492)
6655
Ron Eldor643df7c2018-06-28 16:17:00 +03006656requires_config_enabled MBEDTLS_AES_C
6657requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
6658requires_config_enabled MBEDTLS_SHA256_C
6659requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
Ron Eldor58093c82018-06-28 13:22:05 +03006660run_test "Force a non ECC ciphersuite in the client side" \
6661 "$P_SRV debug_level=3" \
Ron Eldor643df7c2018-06-28 16:17:00 +03006662 "$P_CLI debug_level=3 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \
Ron Eldor58093c82018-06-28 13:22:05 +03006663 0 \
6664 -C "client hello, adding supported_elliptic_curves extension" \
6665 -C "client hello, adding supported_point_formats extension" \
6666 -S "found supported elliptic curves extension" \
6667 -S "found supported point formats extension"
6668
Ron Eldor643df7c2018-06-28 16:17:00 +03006669requires_config_enabled MBEDTLS_AES_C
6670requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
6671requires_config_enabled MBEDTLS_SHA256_C
6672requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
Ron Eldor58093c82018-06-28 13:22:05 +03006673run_test "Force a non ECC ciphersuite in the server side" \
Ron Eldor643df7c2018-06-28 16:17:00 +03006674 "$P_SRV debug_level=3 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \
Ron Eldor58093c82018-06-28 13:22:05 +03006675 "$P_CLI debug_level=3" \
6676 0 \
6677 -C "found supported_point_formats extension" \
6678 -S "server hello, supported_point_formats extension"
6679
Ron Eldor643df7c2018-06-28 16:17:00 +03006680requires_config_enabled MBEDTLS_AES_C
6681requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
6682requires_config_enabled MBEDTLS_SHA256_C
6683requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
Ron Eldor58093c82018-06-28 13:22:05 +03006684run_test "Force an ECC ciphersuite in the client side" \
6685 "$P_SRV debug_level=3" \
6686 "$P_CLI debug_level=3 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
6687 0 \
6688 -c "client hello, adding supported_elliptic_curves extension" \
6689 -c "client hello, adding supported_point_formats extension" \
6690 -s "found supported elliptic curves extension" \
6691 -s "found supported point formats extension"
6692
Ron Eldor643df7c2018-06-28 16:17:00 +03006693requires_config_enabled MBEDTLS_AES_C
6694requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
6695requires_config_enabled MBEDTLS_SHA256_C
6696requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
Ron Eldor58093c82018-06-28 13:22:05 +03006697run_test "Force an ECC ciphersuite in the server side" \
6698 "$P_SRV debug_level=3 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
6699 "$P_CLI debug_level=3" \
6700 0 \
6701 -c "found supported_point_formats extension" \
6702 -s "server hello, supported_point_formats extension"
6703
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02006704# Tests for DTLS HelloVerifyRequest
6705
6706run_test "DTLS cookie: enabled" \
6707 "$P_SRV dtls=1 debug_level=2" \
6708 "$P_CLI dtls=1 debug_level=2" \
6709 0 \
6710 -s "cookie verification failed" \
6711 -s "cookie verification passed" \
6712 -S "cookie verification skipped" \
6713 -c "received hello verify request" \
Manuel Pégourié-Gonnardcaecdae2014-10-13 19:04:37 +02006714 -s "hello verification requested" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02006715 -S "SSL - The requested feature is not available"
6716
6717run_test "DTLS cookie: disabled" \
6718 "$P_SRV dtls=1 debug_level=2 cookies=0" \
6719 "$P_CLI dtls=1 debug_level=2" \
6720 0 \
6721 -S "cookie verification failed" \
6722 -S "cookie verification passed" \
6723 -s "cookie verification skipped" \
6724 -C "received hello verify request" \
Manuel Pégourié-Gonnardcaecdae2014-10-13 19:04:37 +02006725 -S "hello verification requested" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02006726 -S "SSL - The requested feature is not available"
6727
Manuel Pégourié-Gonnardcaecdae2014-10-13 19:04:37 +02006728run_test "DTLS cookie: default (failing)" \
6729 "$P_SRV dtls=1 debug_level=2 cookies=-1" \
6730 "$P_CLI dtls=1 debug_level=2 hs_timeout=100-400" \
6731 1 \
6732 -s "cookie verification failed" \
6733 -S "cookie verification passed" \
6734 -S "cookie verification skipped" \
6735 -C "received hello verify request" \
6736 -S "hello verification requested" \
6737 -s "SSL - The requested feature is not available"
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02006738
6739requires_ipv6
6740run_test "DTLS cookie: enabled, IPv6" \
6741 "$P_SRV dtls=1 debug_level=2 server_addr=::1" \
6742 "$P_CLI dtls=1 debug_level=2 server_addr=::1" \
6743 0 \
6744 -s "cookie verification failed" \
6745 -s "cookie verification passed" \
6746 -S "cookie verification skipped" \
6747 -c "received hello verify request" \
Manuel Pégourié-Gonnardcaecdae2014-10-13 19:04:37 +02006748 -s "hello verification requested" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02006749 -S "SSL - The requested feature is not available"
6750
Manuel Pégourié-Gonnard579950c2014-09-29 17:47:33 +02006751run_test "DTLS cookie: enabled, nbio" \
6752 "$P_SRV dtls=1 nbio=2 debug_level=2" \
6753 "$P_CLI dtls=1 nbio=2 debug_level=2" \
6754 0 \
6755 -s "cookie verification failed" \
6756 -s "cookie verification passed" \
6757 -S "cookie verification skipped" \
6758 -c "received hello verify request" \
Manuel Pégourié-Gonnardcaecdae2014-10-13 19:04:37 +02006759 -s "hello verification requested" \
Manuel Pégourié-Gonnard579950c2014-09-29 17:47:33 +02006760 -S "SSL - The requested feature is not available"
6761
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02006762# Tests for client reconnecting from the same port with DTLS
6763
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02006764not_with_valgrind # spurious resend
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02006765run_test "DTLS client reconnect from same port: reference" \
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02006766 "$P_SRV dtls=1 exchanges=2 read_timeout=1000" \
6767 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-1000" \
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02006768 0 \
6769 -C "resend" \
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02006770 -S "The operation timed out" \
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02006771 -S "Client initiated reconnection from same port"
6772
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02006773not_with_valgrind # spurious resend
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02006774run_test "DTLS client reconnect from same port: reconnect" \
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02006775 "$P_SRV dtls=1 exchanges=2 read_timeout=1000" \
6776 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-1000 reconnect_hard=1" \
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02006777 0 \
6778 -C "resend" \
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02006779 -S "The operation timed out" \
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02006780 -s "Client initiated reconnection from same port"
6781
Paul Bakker362689d2016-05-13 10:33:25 +01006782not_with_valgrind # server/client too slow to respond in time (next test has higher timeouts)
6783run_test "DTLS client reconnect from same port: reconnect, nbio, no valgrind" \
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02006784 "$P_SRV dtls=1 exchanges=2 read_timeout=1000 nbio=2" \
6785 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-1000 reconnect_hard=1" \
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02006786 0 \
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02006787 -S "The operation timed out" \
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02006788 -s "Client initiated reconnection from same port"
6789
Paul Bakker362689d2016-05-13 10:33:25 +01006790only_with_valgrind # Only with valgrind, do previous test but with higher read_timeout and hs_timeout
6791run_test "DTLS client reconnect from same port: reconnect, nbio, valgrind" \
6792 "$P_SRV dtls=1 exchanges=2 read_timeout=2000 nbio=2 hs_timeout=1500-6000" \
6793 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=1500-3000 reconnect_hard=1" \
6794 0 \
6795 -S "The operation timed out" \
6796 -s "Client initiated reconnection from same port"
6797
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02006798run_test "DTLS client reconnect from same port: no cookies" \
6799 "$P_SRV dtls=1 exchanges=2 read_timeout=1000 cookies=0" \
Manuel Pégourié-Gonnard6ad23b92015-09-15 12:57:46 +02006800 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-8000 reconnect_hard=1" \
6801 0 \
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02006802 -s "The operation timed out" \
6803 -S "Client initiated reconnection from same port"
6804
Manuel Pégourié-Gonnard08a1d4b2014-09-26 10:35:50 +02006805# Tests for various cases of client authentication with DTLS
6806# (focused on handshake flows and message parsing)
6807
6808run_test "DTLS client auth: required" \
6809 "$P_SRV dtls=1 auth_mode=required" \
6810 "$P_CLI dtls=1" \
6811 0 \
6812 -s "Verifying peer X.509 certificate... ok"
6813
Hanno Becker4a156fc2019-06-14 17:07:06 +01006814requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Manuel Pégourié-Gonnard08a1d4b2014-09-26 10:35:50 +02006815run_test "DTLS client auth: optional, client has no cert" \
6816 "$P_SRV dtls=1 auth_mode=optional" \
6817 "$P_CLI dtls=1 crt_file=none key_file=none" \
6818 0 \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01006819 -s "! Certificate was missing"
Manuel Pégourié-Gonnard08a1d4b2014-09-26 10:35:50 +02006820
Hanno Becker4a156fc2019-06-14 17:07:06 +01006821requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01006822run_test "DTLS client auth: none, client has no cert" \
Manuel Pégourié-Gonnard08a1d4b2014-09-26 10:35:50 +02006823 "$P_SRV dtls=1 auth_mode=none" \
6824 "$P_CLI dtls=1 crt_file=none key_file=none debug_level=2" \
6825 0 \
6826 -c "skip write certificate$" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01006827 -s "! Certificate verification was skipped"
Manuel Pégourié-Gonnard08a1d4b2014-09-26 10:35:50 +02006828
Manuel Pégourié-Gonnard0a885742015-08-04 12:08:35 +02006829run_test "DTLS wrong PSK: badmac alert" \
6830 "$P_SRV dtls=1 psk=abc123 force_ciphersuite=TLS-PSK-WITH-AES-128-GCM-SHA256" \
6831 "$P_CLI dtls=1 psk=abc124" \
6832 1 \
6833 -s "SSL - Verification of the message MAC failed" \
6834 -c "SSL - A fatal alert message was received from our peer"
6835
Manuel Pégourié-Gonnard502bf302014-08-20 13:12:58 +02006836# Tests for receiving fragmented handshake messages with DTLS
6837
6838requires_gnutls
6839run_test "DTLS reassembly: no fragmentation (gnutls server)" \
6840 "$G_SRV -u --mtu 2048 -a" \
6841 "$P_CLI dtls=1 debug_level=2" \
6842 0 \
6843 -C "found fragmented DTLS handshake message" \
6844 -C "error"
6845
6846requires_gnutls
6847run_test "DTLS reassembly: some fragmentation (gnutls server)" \
6848 "$G_SRV -u --mtu 512" \
6849 "$P_CLI dtls=1 debug_level=2" \
6850 0 \
6851 -c "found fragmented DTLS handshake message" \
6852 -C "error"
6853
6854requires_gnutls
6855run_test "DTLS reassembly: more fragmentation (gnutls server)" \
6856 "$G_SRV -u --mtu 128" \
6857 "$P_CLI dtls=1 debug_level=2" \
6858 0 \
6859 -c "found fragmented DTLS handshake message" \
6860 -C "error"
6861
6862requires_gnutls
6863run_test "DTLS reassembly: more fragmentation, nbio (gnutls server)" \
6864 "$G_SRV -u --mtu 128" \
6865 "$P_CLI dtls=1 nbio=2 debug_level=2" \
6866 0 \
6867 -c "found fragmented DTLS handshake message" \
6868 -C "error"
6869
Manuel Pégourié-Gonnard0c4cbc72014-09-02 14:47:31 +02006870requires_gnutls
Hanno Becker6a243642017-10-12 15:18:45 +01006871requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard0c4cbc72014-09-02 14:47:31 +02006872run_test "DTLS reassembly: fragmentation, renego (gnutls server)" \
6873 "$G_SRV -u --mtu 256" \
6874 "$P_CLI debug_level=3 dtls=1 renegotiation=1 renegotiate=1" \
6875 0 \
6876 -c "found fragmented DTLS handshake message" \
6877 -c "client hello, adding renegotiation extension" \
6878 -c "found renegotiation extension" \
6879 -c "=> renegotiate" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02006880 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0c4cbc72014-09-02 14:47:31 +02006881 -C "error" \
6882 -s "Extra-header:"
6883
6884requires_gnutls
Hanno Becker6a243642017-10-12 15:18:45 +01006885requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard0c4cbc72014-09-02 14:47:31 +02006886run_test "DTLS reassembly: fragmentation, nbio, renego (gnutls server)" \
6887 "$G_SRV -u --mtu 256" \
6888 "$P_CLI debug_level=3 nbio=2 dtls=1 renegotiation=1 renegotiate=1" \
6889 0 \
6890 -c "found fragmented DTLS handshake message" \
6891 -c "client hello, adding renegotiation extension" \
6892 -c "found renegotiation extension" \
6893 -c "=> renegotiate" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02006894 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0c4cbc72014-09-02 14:47:31 +02006895 -C "error" \
6896 -s "Extra-header:"
6897
Manuel Pégourié-Gonnarda7756172014-08-31 18:37:01 +02006898run_test "DTLS reassembly: no fragmentation (openssl server)" \
6899 "$O_SRV -dtls1 -mtu 2048" \
6900 "$P_CLI dtls=1 debug_level=2" \
6901 0 \
6902 -C "found fragmented DTLS handshake message" \
6903 -C "error"
6904
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02006905run_test "DTLS reassembly: some fragmentation (openssl server)" \
6906 "$O_SRV -dtls1 -mtu 768" \
Manuel Pégourié-Gonnard64dffc52014-09-02 13:39:16 +02006907 "$P_CLI dtls=1 debug_level=2" \
6908 0 \
6909 -c "found fragmented DTLS handshake message" \
6910 -C "error"
6911
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02006912run_test "DTLS reassembly: more fragmentation (openssl server)" \
Manuel Pégourié-Gonnard64dffc52014-09-02 13:39:16 +02006913 "$O_SRV -dtls1 -mtu 256" \
6914 "$P_CLI dtls=1 debug_level=2" \
6915 0 \
6916 -c "found fragmented DTLS handshake message" \
6917 -C "error"
6918
6919run_test "DTLS reassembly: fragmentation, nbio (openssl server)" \
6920 "$O_SRV -dtls1 -mtu 256" \
6921 "$P_CLI dtls=1 nbio=2 debug_level=2" \
6922 0 \
6923 -c "found fragmented DTLS handshake message" \
6924 -C "error"
Manuel Pégourié-Gonnarda7756172014-08-31 18:37:01 +02006925
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02006926# Tests for sending fragmented handshake messages with DTLS
6927#
6928# Use client auth when we need the client to send large messages,
6929# and use large cert chains on both sides too (the long chains we have all use
6930# both RSA and ECDSA, but ideally we should have long chains with either).
6931# Sizes reached (UDP payload):
6932# - 2037B for server certificate
6933# - 1542B for client certificate
6934# - 1013B for newsessionticket
6935# - all others below 512B
6936# All those tests assume MAX_CONTENT_LEN is at least 2048
6937
6938requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6939requires_config_enabled MBEDTLS_RSA_C
6940requires_config_enabled MBEDTLS_ECDSA_C
6941requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
6942run_test "DTLS fragmenting: none (for reference)" \
6943 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
6944 crt_file=data_files/server7_int-ca.crt \
6945 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006946 hs_timeout=2500-60000 \
Hanno Becker12405e72018-08-13 16:45:46 +01006947 max_frag_len=4096" \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02006948 "$P_CLI dtls=1 debug_level=2 \
6949 crt_file=data_files/server8_int-ca2.crt \
6950 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006951 hs_timeout=2500-60000 \
Hanno Becker12405e72018-08-13 16:45:46 +01006952 max_frag_len=4096" \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02006953 0 \
6954 -S "found fragmented DTLS handshake message" \
6955 -C "found fragmented DTLS handshake message" \
6956 -C "error"
6957
6958requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6959requires_config_enabled MBEDTLS_RSA_C
6960requires_config_enabled MBEDTLS_ECDSA_C
6961requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02006962run_test "DTLS fragmenting: server only (max_frag_len)" \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02006963 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
6964 crt_file=data_files/server7_int-ca.crt \
6965 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006966 hs_timeout=2500-60000 \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02006967 max_frag_len=1024" \
6968 "$P_CLI dtls=1 debug_level=2 \
6969 crt_file=data_files/server8_int-ca2.crt \
6970 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006971 hs_timeout=2500-60000 \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02006972 max_frag_len=2048" \
6973 0 \
6974 -S "found fragmented DTLS handshake message" \
6975 -c "found fragmented DTLS handshake message" \
6976 -C "error"
6977
Hanno Becker69ca0ad2018-08-24 12:11:35 +01006978# With the MFL extension, the server has no way of forcing
6979# the client to not exceed a certain MTU; hence, the following
6980# test can't be replicated with an MTU proxy such as the one
6981# `client-initiated, server only (max_frag_len)` below.
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02006982requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6983requires_config_enabled MBEDTLS_RSA_C
6984requires_config_enabled MBEDTLS_ECDSA_C
6985requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02006986run_test "DTLS fragmenting: server only (more) (max_frag_len)" \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02006987 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
6988 crt_file=data_files/server7_int-ca.crt \
6989 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006990 hs_timeout=2500-60000 \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02006991 max_frag_len=512" \
6992 "$P_CLI dtls=1 debug_level=2 \
6993 crt_file=data_files/server8_int-ca2.crt \
6994 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006995 hs_timeout=2500-60000 \
Hanno Becker69ca0ad2018-08-24 12:11:35 +01006996 max_frag_len=4096" \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02006997 0 \
6998 -S "found fragmented DTLS handshake message" \
6999 -c "found fragmented DTLS handshake message" \
7000 -C "error"
7001
7002requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7003requires_config_enabled MBEDTLS_RSA_C
7004requires_config_enabled MBEDTLS_ECDSA_C
7005requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02007006run_test "DTLS fragmenting: client-initiated, server only (max_frag_len)" \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02007007 "$P_SRV dtls=1 debug_level=2 auth_mode=none \
7008 crt_file=data_files/server7_int-ca.crt \
7009 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007010 hs_timeout=2500-60000 \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02007011 max_frag_len=2048" \
7012 "$P_CLI dtls=1 debug_level=2 \
7013 crt_file=data_files/server8_int-ca2.crt \
7014 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007015 hs_timeout=2500-60000 \
7016 max_frag_len=1024" \
7017 0 \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02007018 -S "found fragmented DTLS handshake message" \
7019 -c "found fragmented DTLS handshake message" \
7020 -C "error"
7021
Hanno Beckerc92b5c82018-08-24 11:48:01 +01007022# While not required by the standard defining the MFL extension
7023# (according to which it only applies to records, not to datagrams),
7024# Mbed TLS will never send datagrams larger than MFL + { Max record expansion },
7025# as otherwise there wouldn't be any means to communicate MTU restrictions
7026# to the peer.
7027# The next test checks that no datagrams significantly larger than the
7028# negotiated MFL are sent.
7029requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7030requires_config_enabled MBEDTLS_RSA_C
7031requires_config_enabled MBEDTLS_ECDSA_C
7032requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
7033run_test "DTLS fragmenting: client-initiated, server only (max_frag_len), proxy MTU" \
Andrzej Kurek0fc9cf42018-10-09 03:09:41 -04007034 -p "$P_PXY mtu=1110" \
Hanno Beckerc92b5c82018-08-24 11:48:01 +01007035 "$P_SRV dtls=1 debug_level=2 auth_mode=none \
7036 crt_file=data_files/server7_int-ca.crt \
7037 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007038 hs_timeout=2500-60000 \
Hanno Beckerc92b5c82018-08-24 11:48:01 +01007039 max_frag_len=2048" \
7040 "$P_CLI dtls=1 debug_level=2 \
7041 crt_file=data_files/server8_int-ca2.crt \
7042 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007043 hs_timeout=2500-60000 \
7044 max_frag_len=1024" \
Hanno Beckerc92b5c82018-08-24 11:48:01 +01007045 0 \
7046 -S "found fragmented DTLS handshake message" \
7047 -c "found fragmented DTLS handshake message" \
7048 -C "error"
7049
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02007050requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7051requires_config_enabled MBEDTLS_RSA_C
7052requires_config_enabled MBEDTLS_ECDSA_C
7053requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02007054run_test "DTLS fragmenting: client-initiated, both (max_frag_len)" \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02007055 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
7056 crt_file=data_files/server7_int-ca.crt \
7057 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007058 hs_timeout=2500-60000 \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02007059 max_frag_len=2048" \
7060 "$P_CLI dtls=1 debug_level=2 \
7061 crt_file=data_files/server8_int-ca2.crt \
7062 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007063 hs_timeout=2500-60000 \
7064 max_frag_len=1024" \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02007065 0 \
7066 -s "found fragmented DTLS handshake message" \
7067 -c "found fragmented DTLS handshake message" \
7068 -C "error"
7069
Hanno Beckerc92b5c82018-08-24 11:48:01 +01007070# While not required by the standard defining the MFL extension
7071# (according to which it only applies to records, not to datagrams),
7072# Mbed TLS will never send datagrams larger than MFL + { Max record expansion },
7073# as otherwise there wouldn't be any means to communicate MTU restrictions
7074# to the peer.
7075# The next test checks that no datagrams significantly larger than the
7076# negotiated MFL are sent.
7077requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7078requires_config_enabled MBEDTLS_RSA_C
7079requires_config_enabled MBEDTLS_ECDSA_C
7080requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
7081run_test "DTLS fragmenting: client-initiated, both (max_frag_len), proxy MTU" \
Andrzej Kurek0fc9cf42018-10-09 03:09:41 -04007082 -p "$P_PXY mtu=1110" \
Hanno Beckerc92b5c82018-08-24 11:48:01 +01007083 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
7084 crt_file=data_files/server7_int-ca.crt \
7085 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007086 hs_timeout=2500-60000 \
Hanno Beckerc92b5c82018-08-24 11:48:01 +01007087 max_frag_len=2048" \
7088 "$P_CLI dtls=1 debug_level=2 \
7089 crt_file=data_files/server8_int-ca2.crt \
7090 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007091 hs_timeout=2500-60000 \
7092 max_frag_len=1024" \
Hanno Beckerc92b5c82018-08-24 11:48:01 +01007093 0 \
7094 -s "found fragmented DTLS handshake message" \
7095 -c "found fragmented DTLS handshake message" \
7096 -C "error"
7097
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02007098requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7099requires_config_enabled MBEDTLS_RSA_C
7100requires_config_enabled MBEDTLS_ECDSA_C
7101run_test "DTLS fragmenting: none (for reference) (MTU)" \
7102 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
7103 crt_file=data_files/server7_int-ca.crt \
7104 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007105 hs_timeout=2500-60000 \
Hanno Becker12405e72018-08-13 16:45:46 +01007106 mtu=4096" \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02007107 "$P_CLI dtls=1 debug_level=2 \
7108 crt_file=data_files/server8_int-ca2.crt \
7109 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007110 hs_timeout=2500-60000 \
Hanno Becker12405e72018-08-13 16:45:46 +01007111 mtu=4096" \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02007112 0 \
7113 -S "found fragmented DTLS handshake message" \
7114 -C "found fragmented DTLS handshake message" \
7115 -C "error"
7116
7117requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7118requires_config_enabled MBEDTLS_RSA_C
7119requires_config_enabled MBEDTLS_ECDSA_C
7120run_test "DTLS fragmenting: client (MTU)" \
7121 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
7122 crt_file=data_files/server7_int-ca.crt \
7123 key_file=data_files/server7.key \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007124 hs_timeout=3500-60000 \
Hanno Becker12405e72018-08-13 16:45:46 +01007125 mtu=4096" \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02007126 "$P_CLI dtls=1 debug_level=2 \
7127 crt_file=data_files/server8_int-ca2.crt \
7128 key_file=data_files/server8.key \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007129 hs_timeout=3500-60000 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007130 mtu=1024" \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02007131 0 \
7132 -s "found fragmented DTLS handshake message" \
7133 -C "found fragmented DTLS handshake message" \
7134 -C "error"
7135
7136requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7137requires_config_enabled MBEDTLS_RSA_C
7138requires_config_enabled MBEDTLS_ECDSA_C
7139run_test "DTLS fragmenting: server (MTU)" \
7140 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
7141 crt_file=data_files/server7_int-ca.crt \
7142 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007143 hs_timeout=2500-60000 \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02007144 mtu=512" \
7145 "$P_CLI dtls=1 debug_level=2 \
7146 crt_file=data_files/server8_int-ca2.crt \
7147 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007148 hs_timeout=2500-60000 \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02007149 mtu=2048" \
7150 0 \
7151 -S "found fragmented DTLS handshake message" \
7152 -c "found fragmented DTLS handshake message" \
7153 -C "error"
7154
7155requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7156requires_config_enabled MBEDTLS_RSA_C
7157requires_config_enabled MBEDTLS_ECDSA_C
Andrzej Kurek7311c782018-10-11 06:49:41 -04007158run_test "DTLS fragmenting: both (MTU=1024)" \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007159 -p "$P_PXY mtu=1024" \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02007160 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
7161 crt_file=data_files/server7_int-ca.crt \
7162 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007163 hs_timeout=2500-60000 \
Andrzej Kurek95805282018-10-11 08:55:37 -04007164 mtu=1024" \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02007165 "$P_CLI dtls=1 debug_level=2 \
7166 crt_file=data_files/server8_int-ca2.crt \
7167 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007168 hs_timeout=2500-60000 \
7169 mtu=1024" \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02007170 0 \
7171 -s "found fragmented DTLS handshake message" \
7172 -c "found fragmented DTLS handshake message" \
7173 -C "error"
7174
Andrzej Kurek77826052018-10-11 07:34:08 -04007175# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
Andrzej Kurek7311c782018-10-11 06:49:41 -04007176requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7177requires_config_enabled MBEDTLS_RSA_C
7178requires_config_enabled MBEDTLS_ECDSA_C
7179requires_config_enabled MBEDTLS_SHA256_C
7180requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
7181requires_config_enabled MBEDTLS_AES_C
7182requires_config_enabled MBEDTLS_GCM_C
7183run_test "DTLS fragmenting: both (MTU=512)" \
Hanno Becker8d832182018-03-15 10:14:19 +00007184 -p "$P_PXY mtu=512" \
Hanno Becker72a4f032017-11-15 16:39:20 +00007185 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
7186 crt_file=data_files/server7_int-ca.crt \
7187 key_file=data_files/server7.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04007188 hs_timeout=2500-60000 \
Hanno Becker72a4f032017-11-15 16:39:20 +00007189 mtu=512" \
7190 "$P_CLI dtls=1 debug_level=2 \
7191 crt_file=data_files/server8_int-ca2.crt \
7192 key_file=data_files/server8.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04007193 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
7194 hs_timeout=2500-60000 \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +02007195 mtu=512" \
Manuel Pégourié-Gonnard63eca932014-09-08 16:39:08 +02007196 0 \
Manuel Pégourié-Gonnard246c13a2014-09-24 13:56:09 +02007197 -s "found fragmented DTLS handshake message" \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +02007198 -c "found fragmented DTLS handshake message" \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02007199 -C "error"
Manuel Pégourié-Gonnard74a13782014-10-14 22:34:08 +02007200
Andrzej Kurek7311c782018-10-11 06:49:41 -04007201# Test for automatic MTU reduction on repeated resend.
Andrzej Kurek77826052018-10-11 07:34:08 -04007202# Forcing ciphersuite for this test to fit the MTU of 508 with full config.
Andrzej Kurek7311c782018-10-11 06:49:41 -04007203# The ratio of max/min timeout should ideally equal 4 to accept two
7204# retransmissions, but in some cases (like both the server and client using
7205# fragmentation and auto-reduction) an extra retransmission might occur,
7206# hence the ratio of 8.
Hanno Becker37029eb2018-08-29 17:01:40 +01007207not_with_valgrind
Manuel Pégourié-Gonnardb8eec192018-08-20 09:34:02 +02007208requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7209requires_config_enabled MBEDTLS_RSA_C
7210requires_config_enabled MBEDTLS_ECDSA_C
Andrzej Kurek7311c782018-10-11 06:49:41 -04007211requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
7212requires_config_enabled MBEDTLS_AES_C
7213requires_config_enabled MBEDTLS_GCM_C
Manuel Pégourié-Gonnardb8eec192018-08-20 09:34:02 +02007214run_test "DTLS fragmenting: proxy MTU: auto-reduction" \
7215 -p "$P_PXY mtu=508" \
7216 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
7217 crt_file=data_files/server7_int-ca.crt \
Andrzej Kurek7311c782018-10-11 06:49:41 -04007218 key_file=data_files/server7.key \
7219 hs_timeout=400-3200" \
Manuel Pégourié-Gonnardb8eec192018-08-20 09:34:02 +02007220 "$P_CLI dtls=1 debug_level=2 \
7221 crt_file=data_files/server8_int-ca2.crt \
7222 key_file=data_files/server8.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04007223 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
7224 hs_timeout=400-3200" \
Manuel Pégourié-Gonnardb8eec192018-08-20 09:34:02 +02007225 0 \
7226 -s "found fragmented DTLS handshake message" \
7227 -c "found fragmented DTLS handshake message" \
7228 -C "error"
7229
Andrzej Kurek77826052018-10-11 07:34:08 -04007230# Forcing ciphersuite for this test to fit the MTU of 508 with full config.
Hanno Becker108992e2018-08-29 17:04:18 +01007231only_with_valgrind
7232requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7233requires_config_enabled MBEDTLS_RSA_C
7234requires_config_enabled MBEDTLS_ECDSA_C
Andrzej Kurek7311c782018-10-11 06:49:41 -04007235requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
7236requires_config_enabled MBEDTLS_AES_C
7237requires_config_enabled MBEDTLS_GCM_C
Hanno Becker108992e2018-08-29 17:04:18 +01007238run_test "DTLS fragmenting: proxy MTU: auto-reduction" \
7239 -p "$P_PXY mtu=508" \
7240 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
7241 crt_file=data_files/server7_int-ca.crt \
Andrzej Kurek7311c782018-10-11 06:49:41 -04007242 key_file=data_files/server7.key \
Hanno Becker108992e2018-08-29 17:04:18 +01007243 hs_timeout=250-10000" \
7244 "$P_CLI dtls=1 debug_level=2 \
7245 crt_file=data_files/server8_int-ca2.crt \
7246 key_file=data_files/server8.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04007247 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Hanno Becker108992e2018-08-29 17:04:18 +01007248 hs_timeout=250-10000" \
7249 0 \
7250 -s "found fragmented DTLS handshake message" \
7251 -c "found fragmented DTLS handshake message" \
7252 -C "error"
7253
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007254# the proxy shouldn't drop or mess up anything, so we shouldn't need to resend
Manuel Pégourié-Gonnard3d183ce2018-08-22 09:56:22 +02007255# OTOH the client might resend if the server is to slow to reset after sending
7256# a HelloVerifyRequest, so only check for no retransmission server-side
Andrzej Kurek35f2f302018-10-09 08:52:14 -04007257not_with_valgrind # spurious autoreduction due to timeout
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007258requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7259requires_config_enabled MBEDTLS_RSA_C
7260requires_config_enabled MBEDTLS_ECDSA_C
Andrzej Kurek7311c782018-10-11 06:49:41 -04007261run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=1024)" \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007262 -p "$P_PXY mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007263 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
7264 crt_file=data_files/server7_int-ca.crt \
7265 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007266 hs_timeout=10000-60000 \
7267 mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007268 "$P_CLI dtls=1 debug_level=2 \
7269 crt_file=data_files/server8_int-ca2.crt \
7270 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007271 hs_timeout=10000-60000 \
7272 mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007273 0 \
Andrzej Kurek35f2f302018-10-09 08:52:14 -04007274 -S "autoreduction" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007275 -s "found fragmented DTLS handshake message" \
7276 -c "found fragmented DTLS handshake message" \
7277 -C "error"
7278
Andrzej Kurek77826052018-10-11 07:34:08 -04007279# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
Andrzej Kurek7311c782018-10-11 06:49:41 -04007280# the proxy shouldn't drop or mess up anything, so we shouldn't need to resend
7281# OTOH the client might resend if the server is to slow to reset after sending
7282# a HelloVerifyRequest, so only check for no retransmission server-side
Andrzej Kurek35f2f302018-10-09 08:52:14 -04007283not_with_valgrind # spurious autoreduction due to timeout
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +02007284requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7285requires_config_enabled MBEDTLS_RSA_C
7286requires_config_enabled MBEDTLS_ECDSA_C
Andrzej Kurek7311c782018-10-11 06:49:41 -04007287requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
7288requires_config_enabled MBEDTLS_AES_C
7289requires_config_enabled MBEDTLS_GCM_C
7290run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=512)" \
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +02007291 -p "$P_PXY mtu=512" \
7292 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
7293 crt_file=data_files/server7_int-ca.crt \
7294 key_file=data_files/server7.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04007295 hs_timeout=10000-60000 \
7296 mtu=512" \
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +02007297 "$P_CLI dtls=1 debug_level=2 \
7298 crt_file=data_files/server8_int-ca2.crt \
7299 key_file=data_files/server8.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04007300 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
7301 hs_timeout=10000-60000 \
7302 mtu=512" \
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +02007303 0 \
Andrzej Kurek7311c782018-10-11 06:49:41 -04007304 -S "autoreduction" \
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +02007305 -s "found fragmented DTLS handshake message" \
7306 -c "found fragmented DTLS handshake message" \
7307 -C "error"
7308
Andrzej Kurek7311c782018-10-11 06:49:41 -04007309not_with_valgrind # spurious autoreduction due to timeout
7310requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7311requires_config_enabled MBEDTLS_RSA_C
7312requires_config_enabled MBEDTLS_ECDSA_C
7313run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=1024)" \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007314 -p "$P_PXY mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007315 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
7316 crt_file=data_files/server7_int-ca.crt \
7317 key_file=data_files/server7.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04007318 hs_timeout=10000-60000 \
7319 mtu=1024 nbio=2" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007320 "$P_CLI dtls=1 debug_level=2 \
7321 crt_file=data_files/server8_int-ca2.crt \
7322 key_file=data_files/server8.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04007323 hs_timeout=10000-60000 \
7324 mtu=1024 nbio=2" \
7325 0 \
7326 -S "autoreduction" \
7327 -s "found fragmented DTLS handshake message" \
7328 -c "found fragmented DTLS handshake message" \
7329 -C "error"
7330
Andrzej Kurek77826052018-10-11 07:34:08 -04007331# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
Andrzej Kurek7311c782018-10-11 06:49:41 -04007332not_with_valgrind # spurious autoreduction due to timeout
7333requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7334requires_config_enabled MBEDTLS_RSA_C
7335requires_config_enabled MBEDTLS_ECDSA_C
7336requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
7337requires_config_enabled MBEDTLS_AES_C
7338requires_config_enabled MBEDTLS_GCM_C
7339run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=512)" \
7340 -p "$P_PXY mtu=512" \
7341 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
7342 crt_file=data_files/server7_int-ca.crt \
7343 key_file=data_files/server7.key \
7344 hs_timeout=10000-60000 \
7345 mtu=512 nbio=2" \
7346 "$P_CLI dtls=1 debug_level=2 \
7347 crt_file=data_files/server8_int-ca2.crt \
7348 key_file=data_files/server8.key \
7349 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
7350 hs_timeout=10000-60000 \
7351 mtu=512 nbio=2" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007352 0 \
Andrzej Kurek35f2f302018-10-09 08:52:14 -04007353 -S "autoreduction" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007354 -s "found fragmented DTLS handshake message" \
7355 -c "found fragmented DTLS handshake message" \
7356 -C "error"
7357
Andrzej Kurek77826052018-10-11 07:34:08 -04007358# Forcing ciphersuite for this test to fit the MTU of 1450 with full config.
Hanno Beckerb841b4f2018-08-28 10:25:51 +01007359# This ensures things still work after session_reset().
7360# It also exercises the "resumed handshake" flow.
Manuel Pégourié-Gonnard19c62f92018-08-16 10:50:39 +02007361# Since we don't support reading fragmented ClientHello yet,
7362# up the MTU to 1450 (larger than ClientHello with session ticket,
7363# but still smaller than client's Certificate to ensure fragmentation).
Andrzej Kurek35f2f302018-10-09 08:52:14 -04007364# An autoreduction on the client-side might happen if the server is
7365# slow to reset, therefore omitting '-C "autoreduction"' below.
Manuel Pégourié-Gonnard2f2d9022018-08-21 12:17:54 +02007366# reco_delay avoids races where the client reconnects before the server has
Andrzej Kurek35f2f302018-10-09 08:52:14 -04007367# resumed listening, which would result in a spurious autoreduction.
7368not_with_valgrind # spurious autoreduction due to timeout
Manuel Pégourié-Gonnard19c62f92018-08-16 10:50:39 +02007369requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7370requires_config_enabled MBEDTLS_RSA_C
7371requires_config_enabled MBEDTLS_ECDSA_C
Andrzej Kurek7311c782018-10-11 06:49:41 -04007372requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
7373requires_config_enabled MBEDTLS_AES_C
7374requires_config_enabled MBEDTLS_GCM_C
Manuel Pégourié-Gonnard19c62f92018-08-16 10:50:39 +02007375run_test "DTLS fragmenting: proxy MTU, resumed handshake" \
7376 -p "$P_PXY mtu=1450" \
7377 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
7378 crt_file=data_files/server7_int-ca.crt \
7379 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007380 hs_timeout=10000-60000 \
Manuel Pégourié-Gonnard19c62f92018-08-16 10:50:39 +02007381 mtu=1450" \
7382 "$P_CLI dtls=1 debug_level=2 \
7383 crt_file=data_files/server8_int-ca2.crt \
7384 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007385 hs_timeout=10000-60000 \
Andrzej Kurek7311c782018-10-11 06:49:41 -04007386 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnard2f2d9022018-08-21 12:17:54 +02007387 mtu=1450 reconnect=1 reco_delay=1" \
Manuel Pégourié-Gonnard19c62f92018-08-16 10:50:39 +02007388 0 \
Andrzej Kurek35f2f302018-10-09 08:52:14 -04007389 -S "autoreduction" \
Manuel Pégourié-Gonnard19c62f92018-08-16 10:50:39 +02007390 -s "found fragmented DTLS handshake message" \
7391 -c "found fragmented DTLS handshake message" \
7392 -C "error"
7393
Andrzej Kurek35f2f302018-10-09 08:52:14 -04007394# An autoreduction on the client-side might happen if the server is
7395# slow to reset, therefore omitting '-C "autoreduction"' below.
7396not_with_valgrind # spurious autoreduction due to timeout
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007397requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7398requires_config_enabled MBEDTLS_RSA_C
7399requires_config_enabled MBEDTLS_ECDSA_C
7400requires_config_enabled MBEDTLS_SHA256_C
7401requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
7402requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
7403requires_config_enabled MBEDTLS_CHACHAPOLY_C
7404run_test "DTLS fragmenting: proxy MTU, ChachaPoly renego" \
7405 -p "$P_PXY mtu=512" \
7406 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
7407 crt_file=data_files/server7_int-ca.crt \
7408 key_file=data_files/server7.key \
7409 exchanges=2 renegotiation=1 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007410 hs_timeout=10000-60000 \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007411 mtu=512" \
7412 "$P_CLI dtls=1 debug_level=2 \
7413 crt_file=data_files/server8_int-ca2.crt \
7414 key_file=data_files/server8.key \
7415 exchanges=2 renegotiation=1 renegotiate=1 \
Andrzej Kurek7311c782018-10-11 06:49:41 -04007416 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007417 hs_timeout=10000-60000 \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007418 mtu=512" \
7419 0 \
Andrzej Kurek35f2f302018-10-09 08:52:14 -04007420 -S "autoreduction" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007421 -s "found fragmented DTLS handshake message" \
7422 -c "found fragmented DTLS handshake message" \
7423 -C "error"
7424
Andrzej Kurek35f2f302018-10-09 08:52:14 -04007425# An autoreduction on the client-side might happen if the server is
7426# slow to reset, therefore omitting '-C "autoreduction"' below.
7427not_with_valgrind # spurious autoreduction due to timeout
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007428requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7429requires_config_enabled MBEDTLS_RSA_C
7430requires_config_enabled MBEDTLS_ECDSA_C
7431requires_config_enabled MBEDTLS_SHA256_C
7432requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
7433requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
7434requires_config_enabled MBEDTLS_AES_C
7435requires_config_enabled MBEDTLS_GCM_C
7436run_test "DTLS fragmenting: proxy MTU, AES-GCM renego" \
7437 -p "$P_PXY mtu=512" \
7438 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
7439 crt_file=data_files/server7_int-ca.crt \
7440 key_file=data_files/server7.key \
7441 exchanges=2 renegotiation=1 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007442 hs_timeout=10000-60000 \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007443 mtu=512" \
7444 "$P_CLI dtls=1 debug_level=2 \
7445 crt_file=data_files/server8_int-ca2.crt \
7446 key_file=data_files/server8.key \
7447 exchanges=2 renegotiation=1 renegotiate=1 \
Andrzej Kurek7311c782018-10-11 06:49:41 -04007448 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007449 hs_timeout=10000-60000 \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007450 mtu=512" \
7451 0 \
Andrzej Kurek35f2f302018-10-09 08:52:14 -04007452 -S "autoreduction" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007453 -s "found fragmented DTLS handshake message" \
7454 -c "found fragmented DTLS handshake message" \
7455 -C "error"
7456
Andrzej Kurek35f2f302018-10-09 08:52:14 -04007457# An autoreduction on the client-side might happen if the server is
7458# slow to reset, therefore omitting '-C "autoreduction"' below.
7459not_with_valgrind # spurious autoreduction due to timeout
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007460requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7461requires_config_enabled MBEDTLS_RSA_C
7462requires_config_enabled MBEDTLS_ECDSA_C
7463requires_config_enabled MBEDTLS_SHA256_C
7464requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
7465requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
7466requires_config_enabled MBEDTLS_AES_C
7467requires_config_enabled MBEDTLS_CCM_C
7468run_test "DTLS fragmenting: proxy MTU, AES-CCM renego" \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007469 -p "$P_PXY mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007470 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
7471 crt_file=data_files/server7_int-ca.crt \
7472 key_file=data_files/server7.key \
7473 exchanges=2 renegotiation=1 \
7474 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007475 hs_timeout=10000-60000 \
7476 mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007477 "$P_CLI dtls=1 debug_level=2 \
7478 crt_file=data_files/server8_int-ca2.crt \
7479 key_file=data_files/server8.key \
7480 exchanges=2 renegotiation=1 renegotiate=1 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007481 hs_timeout=10000-60000 \
7482 mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007483 0 \
Andrzej Kurek35f2f302018-10-09 08:52:14 -04007484 -S "autoreduction" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007485 -s "found fragmented DTLS handshake message" \
7486 -c "found fragmented DTLS handshake message" \
7487 -C "error"
7488
Andrzej Kurek35f2f302018-10-09 08:52:14 -04007489# An autoreduction on the client-side might happen if the server is
7490# slow to reset, therefore omitting '-C "autoreduction"' below.
7491not_with_valgrind # spurious autoreduction due to timeout
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007492requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7493requires_config_enabled MBEDTLS_RSA_C
7494requires_config_enabled MBEDTLS_ECDSA_C
7495requires_config_enabled MBEDTLS_SHA256_C
7496requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
7497requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
7498requires_config_enabled MBEDTLS_AES_C
7499requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
7500requires_config_enabled MBEDTLS_SSL_ENCRYPT_THEN_MAC
7501run_test "DTLS fragmenting: proxy MTU, AES-CBC EtM renego" \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007502 -p "$P_PXY mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007503 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
7504 crt_file=data_files/server7_int-ca.crt \
7505 key_file=data_files/server7.key \
7506 exchanges=2 renegotiation=1 \
7507 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007508 hs_timeout=10000-60000 \
7509 mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007510 "$P_CLI dtls=1 debug_level=2 \
7511 crt_file=data_files/server8_int-ca2.crt \
7512 key_file=data_files/server8.key \
7513 exchanges=2 renegotiation=1 renegotiate=1 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007514 hs_timeout=10000-60000 \
7515 mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007516 0 \
Andrzej Kurek35f2f302018-10-09 08:52:14 -04007517 -S "autoreduction" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007518 -s "found fragmented DTLS handshake message" \
7519 -c "found fragmented DTLS handshake message" \
7520 -C "error"
7521
Andrzej Kurek35f2f302018-10-09 08:52:14 -04007522# An autoreduction on the client-side might happen if the server is
7523# slow to reset, therefore omitting '-C "autoreduction"' below.
7524not_with_valgrind # spurious autoreduction due to timeout
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007525requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7526requires_config_enabled MBEDTLS_RSA_C
7527requires_config_enabled MBEDTLS_ECDSA_C
7528requires_config_enabled MBEDTLS_SHA256_C
7529requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
7530requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
7531requires_config_enabled MBEDTLS_AES_C
7532requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
7533run_test "DTLS fragmenting: proxy MTU, AES-CBC non-EtM renego" \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007534 -p "$P_PXY mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007535 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
7536 crt_file=data_files/server7_int-ca.crt \
7537 key_file=data_files/server7.key \
7538 exchanges=2 renegotiation=1 \
7539 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 etm=0 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007540 hs_timeout=10000-60000 \
7541 mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007542 "$P_CLI dtls=1 debug_level=2 \
7543 crt_file=data_files/server8_int-ca2.crt \
7544 key_file=data_files/server8.key \
7545 exchanges=2 renegotiation=1 renegotiate=1 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007546 hs_timeout=10000-60000 \
7547 mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007548 0 \
Andrzej Kurek35f2f302018-10-09 08:52:14 -04007549 -S "autoreduction" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02007550 -s "found fragmented DTLS handshake message" \
7551 -c "found fragmented DTLS handshake message" \
7552 -C "error"
7553
Andrzej Kurek77826052018-10-11 07:34:08 -04007554# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
Manuel Pégourié-Gonnard2d56f0d2018-08-16 11:09:03 +02007555requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7556requires_config_enabled MBEDTLS_RSA_C
7557requires_config_enabled MBEDTLS_ECDSA_C
Andrzej Kurek7311c782018-10-11 06:49:41 -04007558requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
7559requires_config_enabled MBEDTLS_AES_C
7560requires_config_enabled MBEDTLS_GCM_C
Manuel Pégourié-Gonnard2d56f0d2018-08-16 11:09:03 +02007561client_needs_more_time 2
7562run_test "DTLS fragmenting: proxy MTU + 3d" \
7563 -p "$P_PXY mtu=512 drop=8 delay=8 duplicate=8" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01007564 "$P_SRV dgram_packing=0 dtls=1 debug_level=2 auth_mode=required \
Manuel Pégourié-Gonnard2d56f0d2018-08-16 11:09:03 +02007565 crt_file=data_files/server7_int-ca.crt \
7566 key_file=data_files/server7.key \
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02007567 hs_timeout=250-10000 mtu=512" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01007568 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
Manuel Pégourié-Gonnard2d56f0d2018-08-16 11:09:03 +02007569 crt_file=data_files/server8_int-ca2.crt \
7570 key_file=data_files/server8.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04007571 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02007572 hs_timeout=250-10000 mtu=512" \
Manuel Pégourié-Gonnard2d56f0d2018-08-16 11:09:03 +02007573 0 \
7574 -s "found fragmented DTLS handshake message" \
7575 -c "found fragmented DTLS handshake message" \
7576 -C "error"
7577
Andrzej Kurek77826052018-10-11 07:34:08 -04007578# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +02007579requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7580requires_config_enabled MBEDTLS_RSA_C
7581requires_config_enabled MBEDTLS_ECDSA_C
Andrzej Kurek7311c782018-10-11 06:49:41 -04007582requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
7583requires_config_enabled MBEDTLS_AES_C
7584requires_config_enabled MBEDTLS_GCM_C
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +02007585client_needs_more_time 2
7586run_test "DTLS fragmenting: proxy MTU + 3d, nbio" \
7587 -p "$P_PXY mtu=512 drop=8 delay=8 duplicate=8" \
7588 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
7589 crt_file=data_files/server7_int-ca.crt \
7590 key_file=data_files/server7.key \
7591 hs_timeout=250-10000 mtu=512 nbio=2" \
7592 "$P_CLI dtls=1 debug_level=2 \
7593 crt_file=data_files/server8_int-ca2.crt \
7594 key_file=data_files/server8.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04007595 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +02007596 hs_timeout=250-10000 mtu=512 nbio=2" \
7597 0 \
7598 -s "found fragmented DTLS handshake message" \
7599 -c "found fragmented DTLS handshake message" \
7600 -C "error"
7601
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02007602# interop tests for DTLS fragmentating with reliable connection
7603#
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02007604# here and below we just want to test that the we fragment in a way that
7605# pleases other implementations, so we don't need the peer to fragment
7606requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7607requires_config_enabled MBEDTLS_RSA_C
7608requires_config_enabled MBEDTLS_ECDSA_C
7609requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard61512982018-08-21 09:40:07 +02007610requires_gnutls
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02007611run_test "DTLS fragmenting: gnutls server, DTLS 1.2" \
7612 "$G_SRV -u" \
7613 "$P_CLI dtls=1 debug_level=2 \
7614 crt_file=data_files/server8_int-ca2.crt \
7615 key_file=data_files/server8.key \
7616 mtu=512 force_version=dtls1_2" \
7617 0 \
7618 -c "fragmenting handshake message" \
7619 -C "error"
7620
7621requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7622requires_config_enabled MBEDTLS_RSA_C
7623requires_config_enabled MBEDTLS_ECDSA_C
7624requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
Manuel Pégourié-Gonnard61512982018-08-21 09:40:07 +02007625requires_gnutls
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02007626run_test "DTLS fragmenting: gnutls server, DTLS 1.0" \
7627 "$G_SRV -u" \
7628 "$P_CLI dtls=1 debug_level=2 \
7629 crt_file=data_files/server8_int-ca2.crt \
7630 key_file=data_files/server8.key \
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02007631 mtu=512 force_version=dtls1" \
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02007632 0 \
7633 -c "fragmenting handshake message" \
7634 -C "error"
7635
Hanno Beckerb9a00862018-08-28 10:20:22 +01007636# We use --insecure for the GnuTLS client because it expects
7637# the hostname / IP it connects to to be the name used in the
7638# certificate obtained from the server. Here, however, it
7639# connects to 127.0.0.1 while our test certificates use 'localhost'
7640# as the server name in the certificate. This will make the
7641# certifiate validation fail, but passing --insecure makes
7642# GnuTLS continue the connection nonetheless.
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02007643requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7644requires_config_enabled MBEDTLS_RSA_C
7645requires_config_enabled MBEDTLS_ECDSA_C
7646requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard61512982018-08-21 09:40:07 +02007647requires_gnutls
Andrzej Kurekb4593462018-10-11 08:43:30 -04007648requires_not_i686
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02007649run_test "DTLS fragmenting: gnutls client, DTLS 1.2" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02007650 "$P_SRV dtls=1 debug_level=2 \
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02007651 crt_file=data_files/server7_int-ca.crt \
7652 key_file=data_files/server7.key \
7653 mtu=512 force_version=dtls1_2" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02007654 "$G_CLI -u --insecure 127.0.0.1" \
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02007655 0 \
7656 -s "fragmenting handshake message"
7657
Hanno Beckerb9a00862018-08-28 10:20:22 +01007658# See previous test for the reason to use --insecure
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02007659requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7660requires_config_enabled MBEDTLS_RSA_C
7661requires_config_enabled MBEDTLS_ECDSA_C
7662requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
Manuel Pégourié-Gonnard61512982018-08-21 09:40:07 +02007663requires_gnutls
Andrzej Kurekb4593462018-10-11 08:43:30 -04007664requires_not_i686
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02007665run_test "DTLS fragmenting: gnutls client, DTLS 1.0" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02007666 "$P_SRV dtls=1 debug_level=2 \
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02007667 crt_file=data_files/server7_int-ca.crt \
7668 key_file=data_files/server7.key \
7669 mtu=512 force_version=dtls1" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02007670 "$G_CLI -u --insecure 127.0.0.1" \
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02007671 0 \
7672 -s "fragmenting handshake message"
7673
7674requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7675requires_config_enabled MBEDTLS_RSA_C
7676requires_config_enabled MBEDTLS_ECDSA_C
7677requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7678run_test "DTLS fragmenting: openssl server, DTLS 1.2" \
7679 "$O_SRV -dtls1_2 -verify 10" \
7680 "$P_CLI dtls=1 debug_level=2 \
7681 crt_file=data_files/server8_int-ca2.crt \
7682 key_file=data_files/server8.key \
7683 mtu=512 force_version=dtls1_2" \
7684 0 \
7685 -c "fragmenting handshake message" \
7686 -C "error"
7687
7688requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7689requires_config_enabled MBEDTLS_RSA_C
7690requires_config_enabled MBEDTLS_ECDSA_C
7691requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
7692run_test "DTLS fragmenting: openssl server, DTLS 1.0" \
7693 "$O_SRV -dtls1 -verify 10" \
7694 "$P_CLI dtls=1 debug_level=2 \
7695 crt_file=data_files/server8_int-ca2.crt \
7696 key_file=data_files/server8.key \
7697 mtu=512 force_version=dtls1" \
7698 0 \
7699 -c "fragmenting handshake message" \
7700 -C "error"
7701
7702requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7703requires_config_enabled MBEDTLS_RSA_C
7704requires_config_enabled MBEDTLS_ECDSA_C
7705requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7706run_test "DTLS fragmenting: openssl client, DTLS 1.2" \
7707 "$P_SRV dtls=1 debug_level=2 \
7708 crt_file=data_files/server7_int-ca.crt \
7709 key_file=data_files/server7.key \
7710 mtu=512 force_version=dtls1_2" \
7711 "$O_CLI -dtls1_2" \
7712 0 \
7713 -s "fragmenting handshake message"
7714
7715requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7716requires_config_enabled MBEDTLS_RSA_C
7717requires_config_enabled MBEDTLS_ECDSA_C
7718requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
7719run_test "DTLS fragmenting: openssl client, DTLS 1.0" \
7720 "$P_SRV dtls=1 debug_level=2 \
7721 crt_file=data_files/server7_int-ca.crt \
7722 key_file=data_files/server7.key \
7723 mtu=512 force_version=dtls1" \
7724 "$O_CLI -dtls1" \
7725 0 \
7726 -s "fragmenting handshake message"
7727
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02007728# interop tests for DTLS fragmentating with unreliable connection
7729#
7730# again we just want to test that the we fragment in a way that
7731# pleases other implementations, so we don't need the peer to fragment
7732requires_gnutls_next
7733requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7734requires_config_enabled MBEDTLS_RSA_C
7735requires_config_enabled MBEDTLS_ECDSA_C
7736requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02007737client_needs_more_time 4
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02007738run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.2" \
7739 -p "$P_PXY drop=8 delay=8 duplicate=8" \
7740 "$G_NEXT_SRV -u" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01007741 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02007742 crt_file=data_files/server8_int-ca2.crt \
7743 key_file=data_files/server8.key \
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02007744 hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02007745 0 \
7746 -c "fragmenting handshake message" \
7747 -C "error"
7748
7749requires_gnutls_next
7750requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7751requires_config_enabled MBEDTLS_RSA_C
7752requires_config_enabled MBEDTLS_ECDSA_C
7753requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02007754client_needs_more_time 4
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02007755run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.0" \
7756 -p "$P_PXY drop=8 delay=8 duplicate=8" \
7757 "$G_NEXT_SRV -u" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01007758 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02007759 crt_file=data_files/server8_int-ca2.crt \
7760 key_file=data_files/server8.key \
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02007761 hs_timeout=250-60000 mtu=512 force_version=dtls1" \
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02007762 0 \
7763 -c "fragmenting handshake message" \
7764 -C "error"
7765
k-stachowiakabb843e2019-02-18 16:14:03 +01007766requires_gnutls_next
Hanno Becker3b8b40c2018-08-28 10:25:41 +01007767requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7768requires_config_enabled MBEDTLS_RSA_C
7769requires_config_enabled MBEDTLS_ECDSA_C
7770requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7771client_needs_more_time 4
7772run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.2" \
7773 -p "$P_PXY drop=8 delay=8 duplicate=8" \
7774 "$P_SRV dtls=1 debug_level=2 \
7775 crt_file=data_files/server7_int-ca.crt \
7776 key_file=data_files/server7.key \
7777 hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \
k-stachowiakabb843e2019-02-18 16:14:03 +01007778 "$G_NEXT_CLI -u --insecure 127.0.0.1" \
Hanno Becker3b8b40c2018-08-28 10:25:41 +01007779 0 \
7780 -s "fragmenting handshake message"
7781
k-stachowiakabb843e2019-02-18 16:14:03 +01007782requires_gnutls_next
Hanno Becker3b8b40c2018-08-28 10:25:41 +01007783requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7784requires_config_enabled MBEDTLS_RSA_C
7785requires_config_enabled MBEDTLS_ECDSA_C
7786requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
7787client_needs_more_time 4
7788run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.0" \
7789 -p "$P_PXY drop=8 delay=8 duplicate=8" \
7790 "$P_SRV dtls=1 debug_level=2 \
7791 crt_file=data_files/server7_int-ca.crt \
7792 key_file=data_files/server7.key \
7793 hs_timeout=250-60000 mtu=512 force_version=dtls1" \
k-stachowiakabb843e2019-02-18 16:14:03 +01007794 "$G_NEXT_CLI -u --insecure 127.0.0.1" \
Hanno Becker3b8b40c2018-08-28 10:25:41 +01007795 0 \
7796 -s "fragmenting handshake message"
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02007797
Manuel Pégourié-Gonnardc1eda672018-09-03 10:41:49 +02007798## Interop test with OpenSSL might trigger a bug in recent versions (including
7799## all versions installed on the CI machines), reported here:
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02007800## Bug report: https://github.com/openssl/openssl/issues/6902
Manuel Pégourié-Gonnardc1eda672018-09-03 10:41:49 +02007801## They should be re-enabled once a fixed version of OpenSSL is available
7802## (this should happen in some 1.1.1_ release according to the ticket).
Hanno Becker3b8b40c2018-08-28 10:25:41 +01007803skip_next_test
7804requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7805requires_config_enabled MBEDTLS_RSA_C
7806requires_config_enabled MBEDTLS_ECDSA_C
7807requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7808client_needs_more_time 4
7809run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.2" \
7810 -p "$P_PXY drop=8 delay=8 duplicate=8" \
7811 "$O_SRV -dtls1_2 -verify 10" \
7812 "$P_CLI dtls=1 debug_level=2 \
7813 crt_file=data_files/server8_int-ca2.crt \
7814 key_file=data_files/server8.key \
7815 hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \
7816 0 \
7817 -c "fragmenting handshake message" \
7818 -C "error"
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02007819
Manuel Pégourié-Gonnardc1eda672018-09-03 10:41:49 +02007820skip_next_test
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02007821requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7822requires_config_enabled MBEDTLS_RSA_C
7823requires_config_enabled MBEDTLS_ECDSA_C
7824requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02007825client_needs_more_time 4
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02007826run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.0" \
7827 -p "$P_PXY drop=8 delay=8 duplicate=8" \
Manuel Pégourié-Gonnardc1eda672018-09-03 10:41:49 +02007828 "$O_SRV -dtls1 -verify 10" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01007829 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02007830 crt_file=data_files/server8_int-ca2.crt \
7831 key_file=data_files/server8.key \
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02007832 hs_timeout=250-60000 mtu=512 force_version=dtls1" \
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02007833 0 \
7834 -c "fragmenting handshake message" \
7835 -C "error"
7836
Manuel Pégourié-Gonnardc1eda672018-09-03 10:41:49 +02007837skip_next_test
7838requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7839requires_config_enabled MBEDTLS_RSA_C
7840requires_config_enabled MBEDTLS_ECDSA_C
7841requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7842client_needs_more_time 4
7843run_test "DTLS fragmenting: 3d, openssl client, DTLS 1.2" \
7844 -p "$P_PXY drop=8 delay=8 duplicate=8" \
7845 "$P_SRV dtls=1 debug_level=2 \
7846 crt_file=data_files/server7_int-ca.crt \
7847 key_file=data_files/server7.key \
7848 hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \
7849 "$O_CLI -dtls1_2" \
7850 0 \
7851 -s "fragmenting handshake message"
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02007852
7853# -nbio is added to prevent s_client from blocking in case of duplicated
7854# messages at the end of the handshake
Manuel Pégourié-Gonnardc1eda672018-09-03 10:41:49 +02007855skip_next_test
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02007856requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7857requires_config_enabled MBEDTLS_RSA_C
7858requires_config_enabled MBEDTLS_ECDSA_C
7859requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02007860client_needs_more_time 4
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02007861run_test "DTLS fragmenting: 3d, openssl client, DTLS 1.0" \
7862 -p "$P_PXY drop=8 delay=8 duplicate=8" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01007863 "$P_SRV dgram_packing=0 dtls=1 debug_level=2 \
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02007864 crt_file=data_files/server7_int-ca.crt \
7865 key_file=data_files/server7.key \
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02007866 hs_timeout=250-60000 mtu=512 force_version=dtls1" \
Manuel Pégourié-Gonnardc1eda672018-09-03 10:41:49 +02007867 "$O_CLI -nbio -dtls1" \
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02007868 0 \
7869 -s "fragmenting handshake message"
7870
Manuel Pégourié-Gonnarda7756172014-08-31 18:37:01 +02007871# Tests for specific things with "unreliable" UDP connection
7872
7873not_with_valgrind # spurious resend due to timeout
7874run_test "DTLS proxy: reference" \
7875 -p "$P_PXY" \
7876 "$P_SRV dtls=1 debug_level=2" \
7877 "$P_CLI dtls=1 debug_level=2" \
7878 0 \
7879 -C "replayed record" \
7880 -S "replayed record" \
7881 -C "record from another epoch" \
7882 -S "record from another epoch" \
7883 -C "discarding invalid record" \
Manuel Pégourié-Gonnard990f9e42014-09-06 12:27:02 +02007884 -S "discarding invalid record" \
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +02007885 -S "resend" \
Manuel Pégourié-Gonnard990f9e42014-09-06 12:27:02 +02007886 -s "Extra-header:" \
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +02007887 -c "HTTP/1.0 200 OK"
7888
7889not_with_valgrind # spurious resend due to timeout
Manuel Pégourié-Gonnard990f9e42014-09-06 12:27:02 +02007890run_test "DTLS proxy: duplicate every packet" \
7891 -p "$P_PXY duplicate=1" \
Hanno Becker7f376f42019-06-12 16:20:48 +01007892 "$P_SRV dtls=1 dgram_packing=0 debug_level=2 anti_replay=1" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01007893 "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \
Manuel Pégourié-Gonnard990f9e42014-09-06 12:27:02 +02007894 0 \
7895 -c "replayed record" \
7896 -s "replayed record" \
7897 -c "record from another epoch" \
7898 -s "record from another epoch" \
7899 -S "resend" \
7900 -s "Extra-header:" \
7901 -c "HTTP/1.0 200 OK"
7902
7903run_test "DTLS proxy: duplicate every packet, server anti-replay off" \
7904 -p "$P_PXY duplicate=1" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01007905 "$P_SRV dtls=1 dgram_packing=0 debug_level=2 anti_replay=0" \
7906 "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \
Manuel Pégourié-Gonnard63eca932014-09-08 16:39:08 +02007907 0 \
7908 -c "replayed record" \
7909 -S "replayed record" \
7910 -c "record from another epoch" \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02007911 -s "record from another epoch" \
7912 -c "resend" \
7913 -s "resend" \
Manuel Pégourié-Gonnard246c13a2014-09-24 13:56:09 +02007914 -s "Extra-header:" \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02007915 -c "HTTP/1.0 200 OK"
7916
7917run_test "DTLS proxy: multiple records in same datagram" \
7918 -p "$P_PXY pack=50" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01007919 "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \
7920 "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \
Manuel Pégourié-Gonnard63eca932014-09-08 16:39:08 +02007921 0 \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02007922 -c "next record in same datagram" \
7923 -s "next record in same datagram"
7924
7925run_test "DTLS proxy: multiple records in same datagram, duplicate every packet" \
7926 -p "$P_PXY pack=50 duplicate=1" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01007927 "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \
7928 "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \
Manuel Pégourié-Gonnard246c13a2014-09-24 13:56:09 +02007929 0 \
7930 -c "next record in same datagram" \
7931 -s "next record in same datagram"
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02007932
Manuel Pégourié-Gonnard246c13a2014-09-24 13:56:09 +02007933run_test "DTLS proxy: inject invalid AD record, default badmac_limit" \
7934 -p "$P_PXY bad_ad=1" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01007935 "$P_SRV dtls=1 dgram_packing=0 debug_level=1" \
7936 "$P_CLI dtls=1 dgram_packing=0 debug_level=1 read_timeout=100" \
Manuel Pégourié-Gonnard63eca932014-09-08 16:39:08 +02007937 0 \
Manuel Pégourié-Gonnard74a13782014-10-14 22:34:08 +02007938 -c "discarding invalid record (mac)" \
7939 -s "discarding invalid record (mac)" \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02007940 -s "Extra-header:" \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +02007941 -c "HTTP/1.0 200 OK" \
7942 -S "too many records with bad MAC" \
7943 -S "Verification of the message MAC failed"
7944
7945run_test "DTLS proxy: inject invalid AD record, badmac_limit 1" \
7946 -p "$P_PXY bad_ad=1" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01007947 "$P_SRV dtls=1 dgram_packing=0 debug_level=1 badmac_limit=1" \
7948 "$P_CLI dtls=1 dgram_packing=0 debug_level=1 read_timeout=100" \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +02007949 1 \
Manuel Pégourié-Gonnard74a13782014-10-14 22:34:08 +02007950 -C "discarding invalid record (mac)" \
7951 -S "discarding invalid record (mac)" \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +02007952 -S "Extra-header:" \
7953 -C "HTTP/1.0 200 OK" \
7954 -s "too many records with bad MAC" \
7955 -s "Verification of the message MAC failed"
7956
7957run_test "DTLS proxy: inject invalid AD record, badmac_limit 2" \
7958 -p "$P_PXY bad_ad=1" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01007959 "$P_SRV dtls=1 dgram_packing=0 debug_level=1 badmac_limit=2" \
7960 "$P_CLI dtls=1 dgram_packing=0 debug_level=1 read_timeout=100" \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +02007961 0 \
Manuel Pégourié-Gonnard74a13782014-10-14 22:34:08 +02007962 -c "discarding invalid record (mac)" \
7963 -s "discarding invalid record (mac)" \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +02007964 -s "Extra-header:" \
7965 -c "HTTP/1.0 200 OK" \
7966 -S "too many records with bad MAC" \
7967 -S "Verification of the message MAC failed"
7968
7969run_test "DTLS proxy: inject invalid AD record, badmac_limit 2, exchanges 2"\
7970 -p "$P_PXY bad_ad=1" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01007971 "$P_SRV dtls=1 dgram_packing=0 debug_level=1 badmac_limit=2 exchanges=2" \
7972 "$P_CLI dtls=1 dgram_packing=0 debug_level=1 read_timeout=100 exchanges=2" \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +02007973 1 \
Manuel Pégourié-Gonnard74a13782014-10-14 22:34:08 +02007974 -c "discarding invalid record (mac)" \
7975 -s "discarding invalid record (mac)" \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +02007976 -s "Extra-header:" \
7977 -c "HTTP/1.0 200 OK" \
7978 -s "too many records with bad MAC" \
7979 -s "Verification of the message MAC failed"
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02007980
7981run_test "DTLS proxy: delay ChangeCipherSpec" \
7982 -p "$P_PXY delay_ccs=1" \
Hanno Beckerc4305232018-08-14 13:41:21 +01007983 "$P_SRV dtls=1 debug_level=1 dgram_packing=0" \
7984 "$P_CLI dtls=1 debug_level=1 dgram_packing=0" \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02007985 0 \
7986 -c "record from another epoch" \
7987 -s "record from another epoch" \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02007988 -s "Extra-header:" \
7989 -c "HTTP/1.0 200 OK"
7990
Hanno Beckeraa5d0c42018-08-16 13:15:19 +01007991# Tests for reordering support with DTLS
7992
Hanno Becker56cdfd12018-08-17 13:42:15 +01007993run_test "DTLS reordering: Buffer out-of-order handshake message on client" \
7994 -p "$P_PXY delay_srv=ServerHello" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007995 "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
7996 hs_timeout=2500-60000" \
7997 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
7998 hs_timeout=2500-60000" \
Hanno Beckere3842212018-08-16 15:28:59 +01007999 0 \
8000 -c "Buffering HS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01008001 -c "Next handshake message has been buffered - load"\
8002 -S "Buffering HS message" \
8003 -S "Next handshake message has been buffered - load"\
Hanno Becker39b8bc92018-08-28 17:17:13 +01008004 -C "Injecting buffered CCS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01008005 -C "Remember CCS message" \
Hanno Becker39b8bc92018-08-28 17:17:13 +01008006 -S "Injecting buffered CCS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01008007 -S "Remember CCS message"
Hanno Beckere3842212018-08-16 15:28:59 +01008008
Hanno Beckerdc1e9502018-08-28 16:02:33 +01008009run_test "DTLS reordering: Buffer out-of-order handshake message fragment on client" \
8010 -p "$P_PXY delay_srv=ServerHello" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008011 "$P_SRV mtu=512 dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
8012 hs_timeout=2500-60000" \
8013 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
8014 hs_timeout=2500-60000" \
Hanno Beckerdc1e9502018-08-28 16:02:33 +01008015 0 \
8016 -c "Buffering HS message" \
8017 -c "found fragmented DTLS handshake message"\
8018 -c "Next handshake message 1 not or only partially bufffered" \
8019 -c "Next handshake message has been buffered - load"\
8020 -S "Buffering HS message" \
8021 -S "Next handshake message has been buffered - load"\
Hanno Becker39b8bc92018-08-28 17:17:13 +01008022 -C "Injecting buffered CCS message" \
Hanno Beckerdc1e9502018-08-28 16:02:33 +01008023 -C "Remember CCS message" \
Hanno Becker39b8bc92018-08-28 17:17:13 +01008024 -S "Injecting buffered CCS message" \
Hanno Beckeraa5d0c42018-08-16 13:15:19 +01008025 -S "Remember CCS message"
8026
Hanno Beckera1adcca2018-08-24 14:41:07 +01008027# The client buffers the ServerKeyExchange before receiving the fragmented
8028# Certificate message; at the time of writing, together these are aroudn 1200b
8029# in size, so that the bound below ensures that the certificate can be reassembled
8030# while keeping the ServerKeyExchange.
8031requires_config_value_at_least "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 1300
8032run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling next" \
Hanno Beckere3567052018-08-21 16:50:43 +01008033 -p "$P_PXY delay_srv=Certificate delay_srv=Certificate" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008034 "$P_SRV mtu=512 dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
8035 hs_timeout=2500-60000" \
8036 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
8037 hs_timeout=2500-60000" \
Hanno Beckere3567052018-08-21 16:50:43 +01008038 0 \
8039 -c "Buffering HS message" \
8040 -c "Next handshake message has been buffered - load"\
Hanno Beckera1adcca2018-08-24 14:41:07 +01008041 -C "attempt to make space by freeing buffered messages" \
8042 -S "Buffering HS message" \
8043 -S "Next handshake message has been buffered - load"\
Hanno Becker39b8bc92018-08-28 17:17:13 +01008044 -C "Injecting buffered CCS message" \
Hanno Beckera1adcca2018-08-24 14:41:07 +01008045 -C "Remember CCS message" \
Hanno Becker39b8bc92018-08-28 17:17:13 +01008046 -S "Injecting buffered CCS message" \
Hanno Beckera1adcca2018-08-24 14:41:07 +01008047 -S "Remember CCS message"
8048
8049# The size constraints ensure that the delayed certificate message can't
8050# be reassembled while keeping the ServerKeyExchange message, but it can
8051# when dropping it first.
8052requires_config_value_at_least "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 900
8053requires_config_value_at_most "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 1299
8054run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling next, free buffered msg" \
8055 -p "$P_PXY delay_srv=Certificate delay_srv=Certificate" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008056 "$P_SRV mtu=512 dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
8057 hs_timeout=2500-60000" \
8058 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
8059 hs_timeout=2500-60000" \
Hanno Beckera1adcca2018-08-24 14:41:07 +01008060 0 \
8061 -c "Buffering HS message" \
8062 -c "attempt to make space by freeing buffered future messages" \
8063 -c "Enough space available after freeing buffered HS messages" \
Hanno Beckere3567052018-08-21 16:50:43 +01008064 -S "Buffering HS message" \
8065 -S "Next handshake message has been buffered - load"\
Hanno Becker39b8bc92018-08-28 17:17:13 +01008066 -C "Injecting buffered CCS message" \
Hanno Beckere3567052018-08-21 16:50:43 +01008067 -C "Remember CCS message" \
Hanno Becker39b8bc92018-08-28 17:17:13 +01008068 -S "Injecting buffered CCS message" \
Hanno Beckere3567052018-08-21 16:50:43 +01008069 -S "Remember CCS message"
8070
Hanno Becker56cdfd12018-08-17 13:42:15 +01008071run_test "DTLS reordering: Buffer out-of-order handshake message on server" \
8072 -p "$P_PXY delay_cli=Certificate" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008073 "$P_SRV dgram_packing=0 auth_mode=required cookies=0 dtls=1 debug_level=2 \
8074 hs_timeout=2500-60000" \
8075 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
8076 hs_timeout=2500-60000" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01008077 0 \
8078 -C "Buffering HS message" \
8079 -C "Next handshake message has been buffered - load"\
8080 -s "Buffering HS message" \
8081 -s "Next handshake message has been buffered - load" \
Hanno Becker39b8bc92018-08-28 17:17:13 +01008082 -C "Injecting buffered CCS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01008083 -C "Remember CCS message" \
Hanno Becker39b8bc92018-08-28 17:17:13 +01008084 -S "Injecting buffered CCS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01008085 -S "Remember CCS message"
8086
Manuel Pégourié-Gonnardf1c6ad42019-07-01 10:13:04 +02008087# This needs session tickets; otherwise CCS is the first message in its flight
8088requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
Hanno Becker56cdfd12018-08-17 13:42:15 +01008089run_test "DTLS reordering: Buffer out-of-order CCS message on client"\
8090 -p "$P_PXY delay_srv=NewSessionTicket" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008091 "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
8092 hs_timeout=2500-60000" \
8093 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
8094 hs_timeout=2500-60000" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01008095 0 \
8096 -C "Buffering HS message" \
8097 -C "Next handshake message has been buffered - load"\
8098 -S "Buffering HS message" \
8099 -S "Next handshake message has been buffered - load" \
Hanno Becker39b8bc92018-08-28 17:17:13 +01008100 -c "Injecting buffered CCS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01008101 -c "Remember CCS message" \
Hanno Becker39b8bc92018-08-28 17:17:13 +01008102 -S "Injecting buffered CCS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01008103 -S "Remember CCS message"
8104
8105run_test "DTLS reordering: Buffer out-of-order CCS message on server"\
8106 -p "$P_PXY delay_cli=ClientKeyExchange" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008107 "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
8108 hs_timeout=2500-60000" \
8109 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
8110 hs_timeout=2500-60000" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01008111 0 \
8112 -C "Buffering HS message" \
8113 -C "Next handshake message has been buffered - load"\
8114 -S "Buffering HS message" \
8115 -S "Next handshake message has been buffered - load" \
Hanno Becker39b8bc92018-08-28 17:17:13 +01008116 -C "Injecting buffered CCS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01008117 -C "Remember CCS message" \
Hanno Becker39b8bc92018-08-28 17:17:13 +01008118 -s "Injecting buffered CCS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01008119 -s "Remember CCS message"
8120
Hanno Beckera1adcca2018-08-24 14:41:07 +01008121run_test "DTLS reordering: Buffer encrypted Finished message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01008122 -p "$P_PXY delay_ccs=1" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008123 "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
8124 hs_timeout=2500-60000" \
8125 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
8126 hs_timeout=2500-60000" \
Hanno Beckerb34149c2018-08-16 15:29:06 +01008127 0 \
8128 -s "Buffer record from epoch 1" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01008129 -s "Found buffered record from current epoch - load" \
8130 -c "Buffer record from epoch 1" \
8131 -c "Found buffered record from current epoch - load"
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02008132
Hanno Beckera1adcca2018-08-24 14:41:07 +01008133# In this test, both the fragmented NewSessionTicket and the ChangeCipherSpec
8134# from the server are delayed, so that the encrypted Finished message
8135# is received and buffered. When the fragmented NewSessionTicket comes
8136# in afterwards, the encrypted Finished message must be freed in order
8137# to make space for the NewSessionTicket to be reassembled.
8138# This works only in very particular circumstances:
8139# - MBEDTLS_SSL_DTLS_MAX_BUFFERING must be large enough to allow buffering
8140# of the NewSessionTicket, but small enough to also allow buffering of
8141# the encrypted Finished message.
8142# - The MTU setting on the server must be so small that the NewSessionTicket
8143# needs to be fragmented.
8144# - All messages sent by the server must be small enough to be either sent
8145# without fragmentation or be reassembled within the bounds of
8146# MBEDTLS_SSL_DTLS_MAX_BUFFERING. Achieve this by testing with a PSK-based
8147# handshake, omitting CRTs.
Manuel Pégourié-Gonnardf8c355a2019-05-28 10:21:30 +02008148requires_config_value_at_least "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 190
8149requires_config_value_at_most "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 230
Hanno Beckera1adcca2018-08-24 14:41:07 +01008150run_test "DTLS reordering: Buffer encrypted Finished message, drop for fragmented NewSessionTicket" \
8151 -p "$P_PXY delay_srv=NewSessionTicket delay_srv=NewSessionTicket delay_ccs=1" \
Manuel Pégourié-Gonnardf8c355a2019-05-28 10:21:30 +02008152 "$P_SRV mtu=140 response_size=90 dgram_packing=0 psk=abc123 psk_identity=foo cookies=0 dtls=1 debug_level=2" \
Hanno Beckera1adcca2018-08-24 14:41:07 +01008153 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8 psk=abc123 psk_identity=foo" \
8154 0 \
8155 -s "Buffer record from epoch 1" \
8156 -s "Found buffered record from current epoch - load" \
8157 -c "Buffer record from epoch 1" \
8158 -C "Found buffered record from current epoch - load" \
8159 -c "Enough space available after freeing future epoch record"
8160
Manuel Pégourié-Gonnarda0719722014-09-20 12:46:27 +02008161# Tests for "randomly unreliable connection": try a variety of flows and peers
8162
8163client_needs_more_time 2
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02008164run_test "DTLS proxy: 3d (drop, delay, duplicate), \"short\" PSK handshake" \
8165 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008166 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02008167 psk=abc123" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008168 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02008169 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
8170 0 \
8171 -s "Extra-header:" \
8172 -c "HTTP/1.0 200 OK"
8173
Janos Follath74537a62016-09-02 13:45:28 +01008174client_needs_more_time 2
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02008175run_test "DTLS proxy: 3d, \"short\" RSA handshake" \
8176 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008177 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none" \
8178 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 \
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02008179 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
8180 0 \
8181 -s "Extra-header:" \
8182 -c "HTTP/1.0 200 OK"
8183
Janos Follath74537a62016-09-02 13:45:28 +01008184client_needs_more_time 2
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02008185run_test "DTLS proxy: 3d, \"short\" (no ticket, no cli_auth) FS handshake" \
8186 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008187 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none" \
8188 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0" \
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02008189 0 \
8190 -s "Extra-header:" \
8191 -c "HTTP/1.0 200 OK"
8192
Janos Follath74537a62016-09-02 13:45:28 +01008193client_needs_more_time 2
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02008194run_test "DTLS proxy: 3d, FS, client auth" \
8195 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008196 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=required" \
8197 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0" \
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02008198 0 \
8199 -s "Extra-header:" \
8200 -c "HTTP/1.0 200 OK"
8201
Janos Follath74537a62016-09-02 13:45:28 +01008202client_needs_more_time 2
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02008203run_test "DTLS proxy: 3d, FS, ticket" \
8204 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008205 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1 auth_mode=none" \
8206 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1" \
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02008207 0 \
8208 -s "Extra-header:" \
8209 -c "HTTP/1.0 200 OK"
8210
Janos Follath74537a62016-09-02 13:45:28 +01008211client_needs_more_time 2
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02008212run_test "DTLS proxy: 3d, max handshake (FS, ticket + client auth)" \
8213 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008214 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1 auth_mode=required" \
8215 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1" \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02008216 0 \
8217 -s "Extra-header:" \
8218 -c "HTTP/1.0 200 OK"
8219
Janos Follath74537a62016-09-02 13:45:28 +01008220client_needs_more_time 2
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +02008221run_test "DTLS proxy: 3d, max handshake, nbio" \
8222 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008223 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 nbio=2 tickets=1 \
Manuel Pégourié-Gonnard37a4de22014-10-01 16:38:03 +02008224 auth_mode=required" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008225 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 nbio=2 tickets=1" \
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +02008226 0 \
8227 -s "Extra-header:" \
8228 -c "HTTP/1.0 200 OK"
8229
Janos Follath74537a62016-09-02 13:45:28 +01008230client_needs_more_time 4
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03008231requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
Jarno Lamsa5b52b272019-06-19 10:21:37 +03008232requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03008233requires_config_disabled MBEDTLS_SSL_NO_SESSION_CACHE
Manuel Pégourié-Gonnard7a26d732014-10-02 14:50:46 +02008234run_test "DTLS proxy: 3d, min handshake, resumption" \
8235 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008236 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
Manuel Pégourié-Gonnard7a26d732014-10-02 14:50:46 +02008237 psk=abc123 debug_level=3" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008238 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
Manuel Pégourié-Gonnard7a26d732014-10-02 14:50:46 +02008239 debug_level=3 reconnect=1 read_timeout=1000 max_resend=10 \
8240 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
8241 0 \
8242 -s "a session has been resumed" \
8243 -c "a session has been resumed" \
8244 -s "Extra-header:" \
8245 -c "HTTP/1.0 200 OK"
8246
Janos Follath74537a62016-09-02 13:45:28 +01008247client_needs_more_time 4
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03008248requires_config_disabled MBEDTLS_SSL_NO_SESSION_RESUMPTION
Jarno Lamsa5b52b272019-06-19 10:21:37 +03008249requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
Jarno Lamsa29f2dd02019-06-20 15:31:52 +03008250requires_config_disabled MBEDTLS_SSL_NO_SESSION_CACHE
Manuel Pégourié-Gonnard85beb302014-10-02 17:59:19 +02008251run_test "DTLS proxy: 3d, min handshake, resumption, nbio" \
8252 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008253 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
Manuel Pégourié-Gonnard85beb302014-10-02 17:59:19 +02008254 psk=abc123 debug_level=3 nbio=2" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008255 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
Manuel Pégourié-Gonnard85beb302014-10-02 17:59:19 +02008256 debug_level=3 reconnect=1 read_timeout=1000 max_resend=10 \
8257 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8 nbio=2" \
8258 0 \
8259 -s "a session has been resumed" \
8260 -c "a session has been resumed" \
8261 -s "Extra-header:" \
8262 -c "HTTP/1.0 200 OK"
8263
Janos Follath74537a62016-09-02 13:45:28 +01008264client_needs_more_time 4
Hanno Becker6a243642017-10-12 15:18:45 +01008265requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +02008266run_test "DTLS proxy: 3d, min handshake, client-initiated renego" \
Manuel Pégourié-Gonnard1b753f12014-09-25 16:09:36 +02008267 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008268 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
Manuel Pégourié-Gonnard37a4de22014-10-01 16:38:03 +02008269 psk=abc123 renegotiation=1 debug_level=2" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008270 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
Manuel Pégourié-Gonnard37a4de22014-10-01 16:38:03 +02008271 renegotiate=1 debug_level=2 \
Manuel Pégourié-Gonnard1b753f12014-09-25 16:09:36 +02008272 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
8273 0 \
8274 -c "=> renegotiate" \
8275 -s "=> renegotiate" \
8276 -s "Extra-header:" \
8277 -c "HTTP/1.0 200 OK"
8278
Janos Follath74537a62016-09-02 13:45:28 +01008279client_needs_more_time 4
Hanno Becker6a243642017-10-12 15:18:45 +01008280requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +02008281run_test "DTLS proxy: 3d, min handshake, client-initiated renego, nbio" \
8282 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008283 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
Manuel Pégourié-Gonnard37a4de22014-10-01 16:38:03 +02008284 psk=abc123 renegotiation=1 debug_level=2" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008285 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
Manuel Pégourié-Gonnard37a4de22014-10-01 16:38:03 +02008286 renegotiate=1 debug_level=2 \
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +02008287 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
8288 0 \
8289 -c "=> renegotiate" \
8290 -s "=> renegotiate" \
8291 -s "Extra-header:" \
8292 -c "HTTP/1.0 200 OK"
8293
Janos Follath74537a62016-09-02 13:45:28 +01008294client_needs_more_time 4
Hanno Becker6a243642017-10-12 15:18:45 +01008295requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnardba958b82014-10-09 16:13:44 +02008296run_test "DTLS proxy: 3d, min handshake, server-initiated renego" \
Manuel Pégourié-Gonnarda6ace042014-10-15 12:44:41 +02008297 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008298 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
Manuel Pégourié-Gonnarda6ace042014-10-15 12:44:41 +02008299 psk=abc123 renegotiate=1 renegotiation=1 exchanges=4 \
Manuel Pégourié-Gonnardba958b82014-10-09 16:13:44 +02008300 debug_level=2" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008301 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
Manuel Pégourié-Gonnarda6ace042014-10-15 12:44:41 +02008302 renegotiation=1 exchanges=4 debug_level=2 \
Manuel Pégourié-Gonnardba958b82014-10-09 16:13:44 +02008303 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
8304 0 \
8305 -c "=> renegotiate" \
8306 -s "=> renegotiate" \
8307 -s "Extra-header:" \
8308 -c "HTTP/1.0 200 OK"
8309
Janos Follath74537a62016-09-02 13:45:28 +01008310client_needs_more_time 4
Hanno Becker6a243642017-10-12 15:18:45 +01008311requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnardba958b82014-10-09 16:13:44 +02008312run_test "DTLS proxy: 3d, min handshake, server-initiated renego, nbio" \
Manuel Pégourié-Gonnarda6ace042014-10-15 12:44:41 +02008313 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008314 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
Manuel Pégourié-Gonnarda6ace042014-10-15 12:44:41 +02008315 psk=abc123 renegotiate=1 renegotiation=1 exchanges=4 \
Manuel Pégourié-Gonnardba958b82014-10-09 16:13:44 +02008316 debug_level=2 nbio=2" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008317 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
Manuel Pégourié-Gonnarda6ace042014-10-15 12:44:41 +02008318 renegotiation=1 exchanges=4 debug_level=2 nbio=2 \
Manuel Pégourié-Gonnardba958b82014-10-09 16:13:44 +02008319 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
8320 0 \
8321 -c "=> renegotiate" \
8322 -s "=> renegotiate" \
8323 -s "Extra-header:" \
8324 -c "HTTP/1.0 200 OK"
8325
Manuel Pégourié-Gonnard82986c12018-09-03 10:50:21 +02008326## Interop tests with OpenSSL might trigger a bug in recent versions (including
8327## all versions installed on the CI machines), reported here:
8328## Bug report: https://github.com/openssl/openssl/issues/6902
8329## They should be re-enabled once a fixed version of OpenSSL is available
8330## (this should happen in some 1.1.1_ release according to the ticket).
8331skip_next_test
Janos Follath74537a62016-09-02 13:45:28 +01008332client_needs_more_time 6
Manuel Pégourié-Gonnardd68434e2015-08-31 12:48:22 +02008333not_with_valgrind # risk of non-mbedtls peer timing out
Manuel Pégourié-Gonnard9590e0a2014-09-26 16:27:59 +02008334run_test "DTLS proxy: 3d, openssl server" \
Manuel Pégourié-Gonnardd0fd1da2014-09-25 17:00:27 +02008335 -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
8336 "$O_SRV -dtls1 -mtu 2048" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008337 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 tickets=0" \
Manuel Pégourié-Gonnardd0fd1da2014-09-25 17:00:27 +02008338 0 \
Manuel Pégourié-Gonnardd0fd1da2014-09-25 17:00:27 +02008339 -c "HTTP/1.0 200 OK"
8340
Manuel Pégourié-Gonnard82986c12018-09-03 10:50:21 +02008341skip_next_test # see above
Janos Follath74537a62016-09-02 13:45:28 +01008342client_needs_more_time 8
Manuel Pégourié-Gonnardd68434e2015-08-31 12:48:22 +02008343not_with_valgrind # risk of non-mbedtls peer timing out
Manuel Pégourié-Gonnard9590e0a2014-09-26 16:27:59 +02008344run_test "DTLS proxy: 3d, openssl server, fragmentation" \
8345 -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
8346 "$O_SRV -dtls1 -mtu 768" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008347 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 tickets=0" \
Manuel Pégourié-Gonnard9590e0a2014-09-26 16:27:59 +02008348 0 \
Manuel Pégourié-Gonnard9590e0a2014-09-26 16:27:59 +02008349 -c "HTTP/1.0 200 OK"
8350
Manuel Pégourié-Gonnard82986c12018-09-03 10:50:21 +02008351skip_next_test # see above
Janos Follath74537a62016-09-02 13:45:28 +01008352client_needs_more_time 8
Manuel Pégourié-Gonnardd68434e2015-08-31 12:48:22 +02008353not_with_valgrind # risk of non-mbedtls peer timing out
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +02008354run_test "DTLS proxy: 3d, openssl server, fragmentation, nbio" \
8355 -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
8356 "$O_SRV -dtls1 -mtu 768" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008357 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 nbio=2 tickets=0" \
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +02008358 0 \
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +02008359 -c "HTTP/1.0 200 OK"
8360
Manuel Pégourié-Gonnard96999962015-02-17 16:02:37 +00008361requires_gnutls
Janos Follath74537a62016-09-02 13:45:28 +01008362client_needs_more_time 6
Manuel Pégourié-Gonnardd68434e2015-08-31 12:48:22 +02008363not_with_valgrind # risk of non-mbedtls peer timing out
Manuel Pégourié-Gonnard9590e0a2014-09-26 16:27:59 +02008364run_test "DTLS proxy: 3d, gnutls server" \
8365 -p "$P_PXY drop=5 delay=5 duplicate=5" \
8366 "$G_SRV -u --mtu 2048 -a" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008367 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000" \
Manuel Pégourié-Gonnard9590e0a2014-09-26 16:27:59 +02008368 0 \
8369 -s "Extra-header:" \
8370 -c "Extra-header:"
8371
k-stachowiakabb843e2019-02-18 16:14:03 +01008372requires_gnutls_next
Janos Follath74537a62016-09-02 13:45:28 +01008373client_needs_more_time 8
Manuel Pégourié-Gonnardd68434e2015-08-31 12:48:22 +02008374not_with_valgrind # risk of non-mbedtls peer timing out
Manuel Pégourié-Gonnard9590e0a2014-09-26 16:27:59 +02008375run_test "DTLS proxy: 3d, gnutls server, fragmentation" \
8376 -p "$P_PXY drop=5 delay=5 duplicate=5" \
k-stachowiakabb843e2019-02-18 16:14:03 +01008377 "$G_NEXT_SRV -u --mtu 512" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008378 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000" \
Manuel Pégourié-Gonnard9590e0a2014-09-26 16:27:59 +02008379 0 \
8380 -s "Extra-header:" \
8381 -c "Extra-header:"
8382
k-stachowiakabb843e2019-02-18 16:14:03 +01008383requires_gnutls_next
Janos Follath74537a62016-09-02 13:45:28 +01008384client_needs_more_time 8
Manuel Pégourié-Gonnardd68434e2015-08-31 12:48:22 +02008385not_with_valgrind # risk of non-mbedtls peer timing out
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +02008386run_test "DTLS proxy: 3d, gnutls server, fragmentation, nbio" \
8387 -p "$P_PXY drop=5 delay=5 duplicate=5" \
k-stachowiakabb843e2019-02-18 16:14:03 +01008388 "$G_NEXT_SRV -u --mtu 512" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008389 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 nbio=2" \
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +02008390 0 \
8391 -s "Extra-header:" \
8392 -c "Extra-header:"
8393
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01008394# Final report
8395
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +01008396echo "------------------------------------------------------------------------"
8397
8398if [ $FAILS = 0 ]; then
Manuel Pégourié-Gonnardf46f1282014-12-11 11:51:28 +01008399 printf "PASSED"
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +01008400else
Manuel Pégourié-Gonnardf46f1282014-12-11 11:51:28 +01008401 printf "FAILED"
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +01008402fi
Manuel Pégourié-Gonnard72e51ee2014-08-31 10:22:11 +02008403PASSES=$(( $TESTS - $FAILS ))
Manuel Pégourié-Gonnard6f4fbbb2014-08-14 14:31:29 +02008404echo " ($PASSES / $TESTS tests ($SKIPS skipped))"
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +01008405
8406exit $FAILS