blob: 155719cf263e0ca9b0c5315d4b36395e16d996ca [file] [log] [blame]
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +01001#!/bin/sh
2
Simon Butcher58eddef2016-05-19 23:43:11 +01003# ssl-opt.sh
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +01004#
Bence Szépkúti1e148272020-08-07 13:07:28 +02005# Copyright The Mbed TLS Contributors
Bence Szépkútic7da1fe2020-05-26 01:54:15 +02006# SPDX-License-Identifier: Apache-2.0
7#
8# Licensed under the Apache License, Version 2.0 (the "License"); you may
9# not use this file except in compliance with the License.
10# You may obtain a copy of the License at
11#
12# http://www.apache.org/licenses/LICENSE-2.0
13#
14# Unless required by applicable law or agreed to in writing, software
15# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
16# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17# See the License for the specific language governing permissions and
18# limitations under the License.
19#
Simon Butcher58eddef2016-05-19 23:43:11 +010020# Purpose
21#
22# Executes tests to prove various TLS/SSL options and extensions.
23#
24# The goal is not to cover every ciphersuite/version, but instead to cover
25# specific options (max fragment length, truncated hmac, etc) or procedures
26# (session resumption from cache or ticket, renego, etc).
27#
28# The tests assume a build with default options, with exceptions expressed
29# with a dependency. The tests focus on functionality and do not consider
30# performance.
31#
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +010032
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +010033set -u
34
Jaeden Amero6e70eb22019-07-03 13:51:04 +010035# Limit the size of each log to 10 GiB, in case of failures with this script
36# where it may output seemingly unlimited length error logs.
37ulimit -f 20971520
38
Gilles Peskine560280b2019-09-16 15:17:38 +020039ORIGINAL_PWD=$PWD
40if ! cd "$(dirname "$0")"; then
41 exit 125
Angus Grattonc4dd0732018-04-11 16:28:39 +100042fi
43
Antonin Décimo36e89b52019-01-23 15:24:37 +010044# default values, can be overridden by the environment
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +010045: ${P_SRV:=../programs/ssl/ssl_server2}
46: ${P_CLI:=../programs/ssl/ssl_client2}
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +020047: ${P_PXY:=../programs/test/udp_proxy}
Jerry Yud04fd352021-12-06 16:52:57 +080048: ${P_QUERY:=../programs/test/query_compile_time_config}
Manuel Pégourié-Gonnardc5722462022-12-19 11:42:12 +010049: ${OPENSSL:=openssl}
Manuel Pégourié-Gonnardbaa7f072014-08-20 20:15:53 +020050: ${GNUTLS_CLI:=gnutls-cli}
51: ${GNUTLS_SERV:=gnutls-serv}
Gilles Peskined50177f2017-05-16 17:53:03 +020052: ${PERL:=perl}
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +010053
Manuel Pégourié-Gonnardc5722462022-12-19 11:42:12 +010054# The OPENSSL variable used to be OPENSSL_CMD for historical reasons.
55# To help the migration, error out if the old variable is set,
56# but only if it has a different value than the new one.
57if [ "${OPENSSL_CMD+set}" = set ]; then
58 # the variable is set, we can now check its value
59 if [ "$OPENSSL_CMD" != "$OPENSSL" ]; then
60 echo "Please use OPENSSL instead of OPENSSL_CMD." >&2
61 exit 125
62 fi
63fi
64
Gilles Peskine560280b2019-09-16 15:17:38 +020065guess_config_name() {
Bence Szépkútibb0cfeb2021-05-28 09:42:25 +020066 if git diff --quiet ../include/mbedtls/mbedtls_config.h 2>/dev/null; then
Gilles Peskine560280b2019-09-16 15:17:38 +020067 echo "default"
68 else
69 echo "unknown"
70 fi
71}
72: ${MBEDTLS_TEST_OUTCOME_FILE=}
73: ${MBEDTLS_TEST_CONFIGURATION:="$(guess_config_name)"}
74: ${MBEDTLS_TEST_PLATFORM:="$(uname -s | tr -c \\n0-9A-Za-z _)-$(uname -m | tr -c \\n0-9A-Za-z _)"}
75
Manuel Pégourié-Gonnardc5722462022-12-19 11:42:12 +010076O_SRV="$OPENSSL s_server -www -cert data_files/server5.crt -key data_files/server5.key"
77O_CLI="echo 'GET / HTTP/1.0' | $OPENSSL s_client"
Manuel Pégourié-Gonnardbaa7f072014-08-20 20:15:53 +020078G_SRV="$GNUTLS_SERV --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key"
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +010079G_CLI="echo 'GET / HTTP/1.0' | $GNUTLS_CLI --x509cafile data_files/test-ca_cat12.crt"
Gilles Peskined50177f2017-05-16 17:53:03 +020080TCP_CLIENT="$PERL scripts/tcp_client.pl"
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +010081
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +020082# alternative versions of OpenSSL and GnuTLS (no default path)
83
84if [ -n "${OPENSSL_LEGACY:-}" ]; then
85 O_LEGACY_SRV="$OPENSSL_LEGACY s_server -www -cert data_files/server5.crt -key data_files/server5.key"
86 O_LEGACY_CLI="echo 'GET / HTTP/1.0' | $OPENSSL_LEGACY s_client"
87else
88 O_LEGACY_SRV=false
89 O_LEGACY_CLI=false
90fi
91
Jerry Yu04029792021-08-10 16:45:37 +080092if [ -n "${OPENSSL_NEXT:-}" ]; then
XiaokangQian30f55602021-11-24 01:54:50 +000093 O_NEXT_SRV="$OPENSSL_NEXT s_server -www -cert data_files/server5.crt -key data_files/server5.key"
Xiaokang Qianb0c32d82022-11-02 10:51:13 +000094 O_NEXT_SRV_EARLY_DATA="$OPENSSL_NEXT s_server -early_data -cert data_files/server5.crt -key data_files/server5.key"
Jerry Yu305bfc32021-11-24 16:04:47 +080095 O_NEXT_SRV_NO_CERT="$OPENSSL_NEXT s_server -www "
Jerry Yu66220492022-04-23 13:53:36 +080096 O_NEXT_CLI="echo 'GET / HTTP/1.0' | $OPENSSL_NEXT s_client -CAfile data_files/test-ca_cat12.crt"
XiaokangQiand5d5b602022-05-23 09:16:20 +000097 O_NEXT_CLI_NO_CERT="echo 'GET / HTTP/1.0' | $OPENSSL_NEXT s_client"
Jerry Yu04029792021-08-10 16:45:37 +080098else
99 O_NEXT_SRV=false
Jerry Yu305bfc32021-11-24 16:04:47 +0800100 O_NEXT_SRV_NO_CERT=false
Xiaokang Qianb0c32d82022-11-02 10:51:13 +0000101 O_NEXT_SRV_EARLY_DATA=false
XiaokangQianb1847a22022-06-08 07:49:31 +0000102 O_NEXT_CLI_NO_CERT=false
Jerry Yu04029792021-08-10 16:45:37 +0800103 O_NEXT_CLI=false
104fi
105
Hanno Becker58e9dc32018-08-17 15:53:21 +0100106if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +0200107 G_NEXT_SRV="$GNUTLS_NEXT_SERV --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key"
Jerry Yu305bfc32021-11-24 16:04:47 +0800108 G_NEXT_SRV_NO_CERT="$GNUTLS_NEXT_SERV"
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +0200109else
110 G_NEXT_SRV=false
Jerry Yu305bfc32021-11-24 16:04:47 +0800111 G_NEXT_SRV_NO_CERT=false
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +0200112fi
113
Hanno Becker58e9dc32018-08-17 15:53:21 +0100114if [ -n "${GNUTLS_NEXT_CLI:-}" ]; then
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +0200115 G_NEXT_CLI="echo 'GET / HTTP/1.0' | $GNUTLS_NEXT_CLI --x509cafile data_files/test-ca_cat12.crt"
XiaokangQiand5d5b602022-05-23 09:16:20 +0000116 G_NEXT_CLI_NO_CERT="echo 'GET / HTTP/1.0' | $GNUTLS_NEXT_CLI"
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +0200117else
118 G_NEXT_CLI=false
XiaokangQianfb1a3fe2022-06-09 06:37:33 +0000119 G_NEXT_CLI_NO_CERT=false
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +0200120fi
121
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +0100122TESTS=0
123FAILS=0
Manuel Pégourié-Gonnard6f4fbbb2014-08-14 14:31:29 +0200124SKIPS=0
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +0100125
Bence Szépkútibb0cfeb2021-05-28 09:42:25 +0200126CONFIG_H='../include/mbedtls/mbedtls_config.h'
Manuel Pégourié-Gonnard83d8c732014-04-07 13:24:21 +0200127
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100128MEMCHECK=0
Manuel Pégourié-Gonnard417d46c2014-03-13 19:17:53 +0100129FILTER='.*'
Manuel Pégourié-Gonnard6f4fbbb2014-08-14 14:31:29 +0200130EXCLUDE='^$'
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100131
Paul Bakkere20310a2016-05-10 11:18:17 +0100132SHOW_TEST_NUMBER=0
Paul Bakkerb7584a52016-05-10 10:50:43 +0100133RUN_TEST_NUMBER=''
134
Paul Bakkeracaac852016-05-10 11:47:13 +0100135PRESERVE_LOGS=0
136
Gilles Peskinef93c7d32017-04-14 17:55:28 +0200137# Pick a "unique" server port in the range 10000-19999, and a proxy
138# port which is this plus 10000. Each port number may be independently
139# overridden by a command line option.
140SRV_PORT=$(($$ % 10000 + 10000))
141PXY_PORT=$((SRV_PORT + 10000))
142
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100143print_usage() {
144 echo "Usage: $0 [options]"
Manuel Pégourié-Gonnardf46f1282014-12-11 11:51:28 +0100145 printf " -h|--help\tPrint this help.\n"
146 printf " -m|--memcheck\tCheck memory leaks and errors.\n"
Gilles Peskine9fa4ed62020-08-26 22:35:46 +0200147 printf " -f|--filter\tOnly matching tests are executed (substring or BRE)\n"
148 printf " -e|--exclude\tMatching tests are excluded (substring or BRE)\n"
Paul Bakkerb7584a52016-05-10 10:50:43 +0100149 printf " -n|--number\tExecute only numbered test (comma-separated, e.g. '245,256')\n"
Paul Bakkere20310a2016-05-10 11:18:17 +0100150 printf " -s|--show-numbers\tShow test numbers in front of test names\n"
Paul Bakkeracaac852016-05-10 11:47:13 +0100151 printf " -p|--preserve-logs\tPreserve logs of successful tests as well\n"
Gilles Peskine560280b2019-09-16 15:17:38 +0200152 printf " --outcome-file\tFile where test outcomes are written\n"
153 printf " \t(default: \$MBEDTLS_TEST_OUTCOME_FILE, none if empty)\n"
154 printf " --port \tTCP/UDP port (default: randomish 1xxxx)\n"
Gilles Peskinef93c7d32017-04-14 17:55:28 +0200155 printf " --proxy-port\tTCP/UDP proxy port (default: randomish 2xxxx)\n"
Gilles Peskine560280b2019-09-16 15:17:38 +0200156 printf " --seed \tInteger seed value to use for this test run\n"
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100157}
158
159get_options() {
160 while [ $# -gt 0 ]; do
161 case "$1" in
Manuel Pégourié-Gonnard417d46c2014-03-13 19:17:53 +0100162 -f|--filter)
163 shift; FILTER=$1
164 ;;
165 -e|--exclude)
166 shift; EXCLUDE=$1
167 ;;
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100168 -m|--memcheck)
169 MEMCHECK=1
170 ;;
Paul Bakkerb7584a52016-05-10 10:50:43 +0100171 -n|--number)
172 shift; RUN_TEST_NUMBER=$1
173 ;;
Paul Bakkere20310a2016-05-10 11:18:17 +0100174 -s|--show-numbers)
175 SHOW_TEST_NUMBER=1
176 ;;
Paul Bakkeracaac852016-05-10 11:47:13 +0100177 -p|--preserve-logs)
178 PRESERVE_LOGS=1
179 ;;
Gilles Peskinef93c7d32017-04-14 17:55:28 +0200180 --port)
181 shift; SRV_PORT=$1
182 ;;
183 --proxy-port)
184 shift; PXY_PORT=$1
185 ;;
Andres AGf04f54d2016-10-10 15:46:20 +0100186 --seed)
187 shift; SEED="$1"
188 ;;
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100189 -h|--help)
190 print_usage
191 exit 0
192 ;;
193 *)
Paul Bakker1ebc0c52014-05-22 15:47:58 +0200194 echo "Unknown argument: '$1'"
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100195 print_usage
196 exit 1
197 ;;
198 esac
199 shift
200 done
201}
202
Gilles Peskine560280b2019-09-16 15:17:38 +0200203# Make the outcome file path relative to the original directory, not
204# to .../tests
205case "$MBEDTLS_TEST_OUTCOME_FILE" in
206 [!/]*)
207 MBEDTLS_TEST_OUTCOME_FILE="$ORIGINAL_PWD/$MBEDTLS_TEST_OUTCOME_FILE"
208 ;;
209esac
210
Bence Szépkútibb0cfeb2021-05-28 09:42:25 +0200211# Read boolean configuration options from mbedtls_config.h for easy and quick
Gilles Peskine64457492020-08-26 21:53:33 +0200212# testing. Skip non-boolean options (with something other than spaces
213# and a comment after "#define SYMBOL"). The variable contains a
214# space-separated list of symbols.
Jerry Yud0fcf7f2021-12-10 18:45:51 +0800215CONFIGS_ENABLED=" $(echo `$P_QUERY -l` )"
Hanno Becker3b8b40c2018-08-28 10:25:41 +0100216# Skip next test; use this macro to skip tests which are legitimate
217# in theory and expected to be re-introduced at some point, but
218# aren't expected to succeed at the moment due to problems outside
219# our control (such as bugs in other TLS implementations).
220skip_next_test() {
221 SKIP_NEXT="YES"
222}
223
Valerio Settid1f991c2023-02-22 12:54:13 +0100224# Check if the required configuration ($1) is enabled
225is_config_enabled()
226{
227 case $CONFIGS_ENABLED in
228 *" $1"[\ =]*) return 0;;
229 *) return 1;;
230 esac
231}
232
Bence Szépkútibb0cfeb2021-05-28 09:42:25 +0200233# skip next test if the flag is not enabled in mbedtls_config.h
Manuel Pégourié-Gonnard988209f2015-03-24 10:43:55 +0100234requires_config_enabled() {
Gilles Peskine64457492020-08-26 21:53:33 +0200235 case $CONFIGS_ENABLED in
Jerry Yu2e8b0012021-12-10 20:29:02 +0800236 *" $1"[\ =]*) :;;
Gilles Peskine64457492020-08-26 21:53:33 +0200237 *) SKIP_NEXT="YES";;
238 esac
Manuel Pégourié-Gonnard988209f2015-03-24 10:43:55 +0100239}
240
Bence Szépkútibb0cfeb2021-05-28 09:42:25 +0200241# skip next test if the flag is enabled in mbedtls_config.h
Manuel Pégourié-Gonnardaf63c212017-06-08 17:51:08 +0200242requires_config_disabled() {
Gilles Peskine64457492020-08-26 21:53:33 +0200243 case $CONFIGS_ENABLED in
Jerry Yu2e8b0012021-12-10 20:29:02 +0800244 *" $1"[\ =]*) SKIP_NEXT="YES";;
Gilles Peskine64457492020-08-26 21:53:33 +0200245 esac
Manuel Pégourié-Gonnardaf63c212017-06-08 17:51:08 +0200246}
247
Jerry Yu2fcb0562022-07-27 17:30:49 +0800248requires_all_configs_enabled() {
249 if ! $P_QUERY -all $*
250 then
251 SKIP_NEXT="YES"
252 fi
253}
254
255requires_all_configs_disabled() {
256 if $P_QUERY -any $*
257 then
258 SKIP_NEXT="YES"
259 fi
260}
261
262requires_any_configs_enabled() {
263 if ! $P_QUERY -any $*
264 then
265 SKIP_NEXT="YES"
266 fi
267}
268
269requires_any_configs_disabled() {
270 if $P_QUERY -all $*
271 then
272 SKIP_NEXT="YES"
273 fi
274}
275
Ronald Cron454eb912022-10-21 08:56:04 +0200276TLS1_2_KEY_EXCHANGES_WITH_CERT="MBEDTLS_KEY_EXCHANGE_RSA_ENABLED \
Ronald Cronbc5adf42022-10-04 11:06:14 +0200277 MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED \
278 MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
279 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED \
280 MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED \
281 MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED \
282 MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED"
283
Valerio Settid1f991c2023-02-22 12:54:13 +0100284TLS1_2_KEY_EXCHANGES_WITH_ECDSA_CERT="MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED \
285 MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED"
286
Valerio Setti6ba247c2023-03-14 17:13:43 +0100287TLS1_2_KEY_EXCHANGES_WITH_CERT_WO_ECDH="MBEDTLS_KEY_EXCHANGE_RSA_ENABLED \
288 MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED \
289 MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED \
290 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED \
291 MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED"
292
Ronald Cronbc5adf42022-10-04 11:06:14 +0200293requires_key_exchange_with_cert_in_tls12_or_tls13_enabled() {
Ronald Cron928cbd32022-10-04 16:14:26 +0200294 if $P_QUERY -all MBEDTLS_SSL_PROTO_TLS1_2
295 then
Valerio Settie7f896d2023-03-13 13:55:28 +0100296 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
Ronald Cron928cbd32022-10-04 16:14:26 +0200297 elif ! $P_QUERY -all MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
298 then
299 SKIP_NEXT="YES"
300 fi
Ronald Cronbc5adf42022-10-04 11:06:14 +0200301}
302
Hanno Becker7c48dd12018-08-28 16:09:22 +0100303get_config_value_or_default() {
Andres Amaya Garcia3169dc02018-10-16 21:29:07 +0100304 # This function uses the query_config command line option to query the
305 # required Mbed TLS compile time configuration from the ssl_server2
306 # program. The command will always return a success value if the
307 # configuration is defined and the value will be printed to stdout.
308 #
309 # Note that if the configuration is not defined or is defined to nothing,
310 # the output of this function will be an empty string.
311 ${P_SRV} "query_config=${1}"
Hanno Becker7c48dd12018-08-28 16:09:22 +0100312}
313
314requires_config_value_at_least() {
Andres Amaya Garcia3169dc02018-10-16 21:29:07 +0100315 VAL="$( get_config_value_or_default "$1" )"
316 if [ -z "$VAL" ]; then
317 # Should never happen
318 echo "Mbed TLS configuration $1 is not defined"
319 exit 1
320 elif [ "$VAL" -lt "$2" ]; then
Hanno Becker5cd017f2018-08-24 14:40:12 +0100321 SKIP_NEXT="YES"
322 fi
323}
324
325requires_config_value_at_most() {
Hanno Becker7c48dd12018-08-28 16:09:22 +0100326 VAL=$( get_config_value_or_default "$1" )
Andres Amaya Garcia3169dc02018-10-16 21:29:07 +0100327 if [ -z "$VAL" ]; then
328 # Should never happen
329 echo "Mbed TLS configuration $1 is not defined"
330 exit 1
331 elif [ "$VAL" -gt "$2" ]; then
Hanno Becker5cd017f2018-08-24 14:40:12 +0100332 SKIP_NEXT="YES"
333 fi
334}
335
Yuto Takano6f657432021-07-02 13:10:41 +0100336requires_config_value_equals() {
337 VAL=$( get_config_value_or_default "$1" )
338 if [ -z "$VAL" ]; then
339 # Should never happen
340 echo "Mbed TLS configuration $1 is not defined"
341 exit 1
342 elif [ "$VAL" -ne "$2" ]; then
343 SKIP_NEXT="YES"
344 fi
345}
346
Gilles Peskinec9126732022-04-08 19:33:07 +0200347# Require Mbed TLS to support the given protocol version.
348#
349# Inputs:
350# * $1: protocol version in mbedtls syntax (argument to force_version=)
351requires_protocol_version() {
352 # Support for DTLS is detected separately in detect_dtls().
353 case "$1" in
354 tls12|dtls12) requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2;;
355 tls13|dtls13) requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3;;
356 *) echo "Unknown required protocol version: $1"; exit 1;;
357 esac
358}
359
Gilles Peskine64457492020-08-26 21:53:33 +0200360# Space-separated list of ciphersuites supported by this build of
361# Mbed TLS.
362P_CIPHERSUITES=" $($P_CLI --help 2>/dev/null |
XiaokangQian4b82ca12021-11-18 08:27:17 +0000363 grep 'TLS-\|TLS1-3' |
Gilles Peskine64457492020-08-26 21:53:33 +0200364 tr -s ' \n' ' ')"
Hanno Becker9d76d562018-11-16 17:27:29 +0000365requires_ciphersuite_enabled() {
Gilles Peskine64457492020-08-26 21:53:33 +0200366 case $P_CIPHERSUITES in
367 *" $1 "*) :;;
368 *) SKIP_NEXT="YES";;
369 esac
Hanno Becker9d76d562018-11-16 17:27:29 +0000370}
371
Valerio Setti1af76d12023-02-23 15:55:10 +0100372# Automatically detect required features based on command line parameters.
373# Parameters are:
374# - $1 = command line (call to a TLS client or server program)
375# - $2 = client/server
376# - $3 = TLS version (TLS12 or TLS13)
Valerio Setti6ba247c2023-03-14 17:13:43 +0100377# - $4 = Use an external tool without ECDH support
378# - $5 = run test options
Gilles Peskineb898b3d2022-04-08 19:26:26 +0200379detect_required_features() {
Valerio Setti6ba247c2023-03-14 17:13:43 +0100380 CMD_LINE=$1
381 ROLE=$2
382 TLS_VERSION=$3
383 EXT_WO_ECDH=$4
384 TEST_OPTIONS=${5:-}
385
386 case "$CMD_LINE" in
Gilles Peskinec9126732022-04-08 19:33:07 +0200387 *\ force_version=*)
Valerio Setti6ba247c2023-03-14 17:13:43 +0100388 tmp="${CMD_LINE##*\ force_version=}"
Gilles Peskinec9126732022-04-08 19:33:07 +0200389 tmp="${tmp%%[!-0-9A-Z_a-z]*}"
390 requires_protocol_version "$tmp";;
Gilles Peskine0d721652020-06-26 23:35:53 +0200391 esac
Gilles Peskine0d721652020-06-26 23:35:53 +0200392
Valerio Setti6ba247c2023-03-14 17:13:43 +0100393 case "$CMD_LINE" in
Gilles Peskineb898b3d2022-04-08 19:26:26 +0200394 *\ force_ciphersuite=*)
Valerio Setti6ba247c2023-03-14 17:13:43 +0100395 tmp="${CMD_LINE##*\ force_ciphersuite=}"
Gilles Peskineb898b3d2022-04-08 19:26:26 +0200396 tmp="${tmp%%[!-0-9A-Z_a-z]*}"
397 requires_ciphersuite_enabled "$tmp";;
Gilles Peskine0d721652020-06-26 23:35:53 +0200398 esac
Gilles Peskine0d721652020-06-26 23:35:53 +0200399
Valerio Setti6ba247c2023-03-14 17:13:43 +0100400 case " $CMD_LINE " in
Gilles Peskine740b7342022-04-08 19:29:27 +0200401 *[-_\ =]tickets=[^0]*)
402 requires_config_enabled MBEDTLS_SSL_TICKET_C;;
403 esac
Valerio Setti6ba247c2023-03-14 17:13:43 +0100404 case " $CMD_LINE " in
Gilles Peskine740b7342022-04-08 19:29:27 +0200405 *[-_\ =]alpn=*)
406 requires_config_enabled MBEDTLS_SSL_ALPN;;
407 esac
408
Valerio Setti6ba247c2023-03-14 17:13:43 +0100409 case "$CMD_LINE" in
Valerio Setticcfad9a2023-03-08 10:25:05 +0100410 *server5*|\
Valerio Setti80318d22023-03-13 12:26:42 +0100411 *server7*|\
412 *dir-maxpath*)
Valerio Setti6ba247c2023-03-14 17:13:43 +0100413 if [ "$TLS_VERSION" = "TLS13" ]; then
Valerio Setti1af76d12023-02-23 15:55:10 +0100414 # In case of TLS13 the support for ECDSA is enough
415 requires_pk_alg "ECDSA"
416 else
417 # For TLS12 requirements are different between server and client
Valerio Setti6ba247c2023-03-14 17:13:43 +0100418 if [ "$ROLE" = "server" ]; then
Valerio Setti194e2bd2023-03-02 17:18:10 +0100419 # If the server uses "server5*" certificates, then an ECDSA based
Valerio Setti6ba247c2023-03-14 17:13:43 +0100420 # key exchange is required. However gnutls also does not
421 # support ECDH, so this limit the choice to ECDHE-ECDSA
422 if [ "$EXT_WO_ECDH" = "yes" ]; then
423 requires_any_configs_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
424 else
425 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_ECDSA_CERT
426 fi
427 elif [ "$ROLE" = "client" ]; then
428 # On the client side it is enough to have any certificate
429 # based authentication together with support for ECDSA.
430 # Of course the GnuTLS limitation mentioned above applies
431 # also here.
432 if [ "$EXT_WO_ECDH" = "yes" ]; then
433 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT_WO_ECDH
434 else
435 requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
436 fi
Valerio Setti1af76d12023-02-23 15:55:10 +0100437 requires_pk_alg "ECDSA"
438 fi
439 fi
440 ;;
441 esac
442
Gilles Peskineb898b3d2022-04-08 19:26:26 +0200443 unset tmp
Gilles Peskine0d721652020-06-26 23:35:53 +0200444}
445
Gilles Peskine6f160ca2022-03-14 18:21:24 +0100446requires_certificate_authentication () {
447 if [ "$PSK_ONLY" = "YES" ]; then
448 SKIP_NEXT="YES"
449 fi
450}
451
Gilles Peskine6e86e542022-02-25 19:52:52 +0100452adapt_cmd_for_psk () {
453 case "$2" in
454 *openssl*) s='-psk abc123 -nocert';;
455 *gnutls-*) s='--pskkey=abc123';;
456 *) s='psk=abc123';;
457 esac
458 eval $1='"$2 $s"'
459 unset s
460}
461
462# maybe_adapt_for_psk [RUN_TEST_OPTION...]
463# If running in a PSK-only build, maybe adapt the test to use a pre-shared key.
464#
465# If not running in a PSK-only build, do nothing.
466# If the test looks like it doesn't use a pre-shared key but can run with a
467# pre-shared key, pass a pre-shared key. If the test looks like it can't run
468# with a pre-shared key, skip it. If the test looks like it's already using
469# a pre-shared key, do nothing.
470#
Gilles Peskine59601d72022-04-05 22:00:17 +0200471# This code does not consider builds with ECDHE-PSK or RSA-PSK.
Gilles Peskine6e86e542022-02-25 19:52:52 +0100472#
473# Inputs:
474# * $CLI_CMD, $SRV_CMD, $PXY_CMD: client/server/proxy commands.
475# * $PSK_ONLY: YES if running in a PSK-only build (no asymmetric key exchanges).
476# * "$@": options passed to run_test.
477#
478# Outputs:
479# * $CLI_CMD, $SRV_CMD: may be modified to add PSK-relevant arguments.
480# * $SKIP_NEXT: set to YES if the test can't run with PSK.
481maybe_adapt_for_psk() {
482 if [ "$PSK_ONLY" != "YES" ]; then
483 return
484 fi
485 if [ "$SKIP_NEXT" = "YES" ]; then
486 return
487 fi
488 case "$CLI_CMD $SRV_CMD" in
489 *[-_\ =]psk*|*[-_\ =]PSK*)
490 return;;
491 *force_ciphersuite*)
492 # The test case forces a non-PSK cipher suite. In some cases, a
493 # PSK cipher suite could be substituted, but we're not ready for
494 # that yet.
495 SKIP_NEXT="YES"
496 return;;
497 *\ auth_mode=*|*[-_\ =]crt[_=]*)
498 # The test case involves certificates. PSK won't do.
499 SKIP_NEXT="YES"
500 return;;
501 esac
502 adapt_cmd_for_psk CLI_CMD "$CLI_CMD"
503 adapt_cmd_for_psk SRV_CMD "$SRV_CMD"
504}
505
506case " $CONFIGS_ENABLED " in
507 *\ MBEDTLS_KEY_EXCHANGE_[^P]*) PSK_ONLY="NO";;
508 *\ MBEDTLS_KEY_EXCHANGE_P[^S]*) PSK_ONLY="NO";;
509 *\ MBEDTLS_KEY_EXCHANGE_PS[^K]*) PSK_ONLY="NO";;
510 *\ MBEDTLS_KEY_EXCHANGE_PSK[^_]*) PSK_ONLY="NO";;
511 *\ MBEDTLS_KEY_EXCHANGE_PSK_ENABLED\ *) PSK_ONLY="YES";;
512 *) PSK_ONLY="NO";;
513esac
514
Andrzej Kurek9c061a22022-09-05 10:51:19 -0400515HAS_ALG_SHA_1="NO"
516HAS_ALG_SHA_224="NO"
517HAS_ALG_SHA_256="NO"
518HAS_ALG_SHA_384="NO"
519HAS_ALG_SHA_512="NO"
520
521check_for_hash_alg()
522{
523 CURR_ALG="INVALID";
524 USE_PSA="NO"
Valerio Settid1f991c2023-02-22 12:54:13 +0100525 if is_config_enabled "MBEDTLS_USE_PSA_CRYPTO"; then
526 USE_PSA="YES";
527 fi
Andrzej Kurek9c061a22022-09-05 10:51:19 -0400528 if [ $USE_PSA = "YES" ]; then
529 CURR_ALG=PSA_WANT_ALG_${1}
530 else
531 CURR_ALG=MBEDTLS_${1}_C
532 # Remove the second underscore to match MBEDTLS_* naming convention
533 CURR_ALG=$(echo "$CURR_ALG" | sed 's/_//2')
534 fi
535
536 case $CONFIGS_ENABLED in
537 *" $CURR_ALG"[\ =]*)
538 return 0
539 ;;
540 *) :;;
541 esac
542 return 1
543}
544
545populate_enabled_hash_algs()
546{
547 for hash_alg in SHA_1 SHA_224 SHA_256 SHA_384 SHA_512; do
548 if check_for_hash_alg "$hash_alg"; then
549 hash_alg_variable=HAS_ALG_${hash_alg}
550 eval ${hash_alg_variable}=YES
551 fi
Valerio Settie7f896d2023-03-13 13:55:28 +0100552 done
Andrzej Kurek9c061a22022-09-05 10:51:19 -0400553}
554
555# skip next test if the given hash alg is not supported
556requires_hash_alg() {
557 HASH_DEFINE="Invalid"
558 HAS_HASH_ALG="NO"
559 case $1 in
560 SHA_1):;;
561 SHA_224):;;
562 SHA_256):;;
563 SHA_384):;;
564 SHA_512):;;
565 *)
566 echo "Unsupported hash alg - $1"
567 exit 1
568 ;;
569 esac
570
571 HASH_DEFINE=HAS_ALG_${1}
572 eval "HAS_HASH_ALG=\${${HASH_DEFINE}}"
573 if [ "$HAS_HASH_ALG" = "NO" ]
574 then
575 SKIP_NEXT="YES"
576 fi
577}
578
Valerio Settid1f991c2023-02-22 12:54:13 +0100579# Skip next test if the given pk alg is not enabled
580requires_pk_alg() {
581 case $1 in
582 ECDSA)
583 if is_config_enabled MBEDTLS_USE_PSA_CRYPTO; then
584 requires_config_enabled PSA_WANT_ALG_ECDSA
585 else
586 requires_config_enabled MBEDTLS_ECDSA_C
587 fi
588 ;;
589 *)
590 echo "Unknown/unimplemented case $1 in requires_pk_alg"
591 exit 1
592 ;;
593 esac
594}
595
Manuel Pégourié-Gonnard1cbd39d2014-10-20 13:34:59 +0200596# skip next test if OpenSSL doesn't support FALLBACK_SCSV
597requires_openssl_with_fallback_scsv() {
598 if [ -z "${OPENSSL_HAS_FBSCSV:-}" ]; then
Manuel Pégourié-Gonnardc5722462022-12-19 11:42:12 +0100599 if $OPENSSL s_client -help 2>&1 | grep fallback_scsv >/dev/null
Manuel Pégourié-Gonnard1cbd39d2014-10-20 13:34:59 +0200600 then
601 OPENSSL_HAS_FBSCSV="YES"
602 else
603 OPENSSL_HAS_FBSCSV="NO"
604 fi
605 fi
606 if [ "$OPENSSL_HAS_FBSCSV" = "NO" ]; then
607 SKIP_NEXT="YES"
608 fi
609}
610
Yuto Takanob0a1c5b2021-07-02 10:10:49 +0100611# skip next test if either IN_CONTENT_LEN or MAX_CONTENT_LEN are below a value
612requires_max_content_len() {
613 requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" $1
614 requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" $1
615}
616
Manuel Pégourié-Gonnardbaa7f072014-08-20 20:15:53 +0200617# skip next test if GnuTLS isn't available
618requires_gnutls() {
619 if [ -z "${GNUTLS_AVAILABLE:-}" ]; then
Manuel Pégourié-Gonnard03db6b02015-06-26 15:45:30 +0200620 if ( which "$GNUTLS_CLI" && which "$GNUTLS_SERV" ) >/dev/null 2>&1; then
Manuel Pégourié-Gonnardbaa7f072014-08-20 20:15:53 +0200621 GNUTLS_AVAILABLE="YES"
622 else
623 GNUTLS_AVAILABLE="NO"
624 fi
625 fi
626 if [ "$GNUTLS_AVAILABLE" = "NO" ]; then
627 SKIP_NEXT="YES"
628 fi
629}
630
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +0200631# skip next test if GnuTLS-next isn't available
632requires_gnutls_next() {
633 if [ -z "${GNUTLS_NEXT_AVAILABLE:-}" ]; then
634 if ( which "${GNUTLS_NEXT_CLI:-}" && which "${GNUTLS_NEXT_SERV:-}" ) >/dev/null 2>&1; then
635 GNUTLS_NEXT_AVAILABLE="YES"
636 else
637 GNUTLS_NEXT_AVAILABLE="NO"
638 fi
639 fi
640 if [ "$GNUTLS_NEXT_AVAILABLE" = "NO" ]; then
641 SKIP_NEXT="YES"
642 fi
643}
644
645# skip next test if OpenSSL-legacy isn't available
646requires_openssl_legacy() {
647 if [ -z "${OPENSSL_LEGACY_AVAILABLE:-}" ]; then
648 if which "${OPENSSL_LEGACY:-}" >/dev/null 2>&1; then
649 OPENSSL_LEGACY_AVAILABLE="YES"
650 else
651 OPENSSL_LEGACY_AVAILABLE="NO"
652 fi
653 fi
654 if [ "$OPENSSL_LEGACY_AVAILABLE" = "NO" ]; then
655 SKIP_NEXT="YES"
656 fi
657}
658
Jerry Yu04029792021-08-10 16:45:37 +0800659requires_openssl_next() {
660 if [ -z "${OPENSSL_NEXT_AVAILABLE:-}" ]; then
661 if which "${OPENSSL_NEXT:-}" >/dev/null 2>&1; then
662 OPENSSL_NEXT_AVAILABLE="YES"
663 else
664 OPENSSL_NEXT_AVAILABLE="NO"
665 fi
666 fi
667 if [ "$OPENSSL_NEXT_AVAILABLE" = "NO" ]; then
668 SKIP_NEXT="YES"
669 fi
670}
671
672# skip next test if tls1_3 is not available
673requires_openssl_tls1_3() {
674 requires_openssl_next
675 if [ "$OPENSSL_NEXT_AVAILABLE" = "NO" ]; then
676 OPENSSL_TLS1_3_AVAILABLE="NO"
677 fi
678 if [ -z "${OPENSSL_TLS1_3_AVAILABLE:-}" ]; then
679 if $OPENSSL_NEXT s_client -help 2>&1 | grep tls1_3 >/dev/null
680 then
681 OPENSSL_TLS1_3_AVAILABLE="YES"
682 else
683 OPENSSL_TLS1_3_AVAILABLE="NO"
684 fi
685 fi
686 if [ "$OPENSSL_TLS1_3_AVAILABLE" = "NO" ]; then
687 SKIP_NEXT="YES"
688 fi
689}
690
691# skip next test if tls1_3 is not available
692requires_gnutls_tls1_3() {
693 requires_gnutls_next
694 if [ "$GNUTLS_NEXT_AVAILABLE" = "NO" ]; then
695 GNUTLS_TLS1_3_AVAILABLE="NO"
696 fi
697 if [ -z "${GNUTLS_TLS1_3_AVAILABLE:-}" ]; then
698 if $GNUTLS_NEXT_CLI -l 2>&1 | grep VERS-TLS1.3 >/dev/null
699 then
700 GNUTLS_TLS1_3_AVAILABLE="YES"
701 else
702 GNUTLS_TLS1_3_AVAILABLE="NO"
703 fi
704 fi
705 if [ "$GNUTLS_TLS1_3_AVAILABLE" = "NO" ]; then
706 SKIP_NEXT="YES"
707 fi
708}
709
Jerry Yu75261df2021-09-02 17:40:08 +0800710# Check %NO_TICKETS option
Jerry Yub12d81d2021-08-17 10:56:08 +0800711requires_gnutls_next_no_ticket() {
712 requires_gnutls_next
713 if [ "$GNUTLS_NEXT_AVAILABLE" = "NO" ]; then
714 GNUTLS_NO_TICKETS_AVAILABLE="NO"
715 fi
716 if [ -z "${GNUTLS_NO_TICKETS_AVAILABLE:-}" ]; then
717 if $GNUTLS_NEXT_CLI --priority-list 2>&1 | grep NO_TICKETS >/dev/null
718 then
719 GNUTLS_NO_TICKETS_AVAILABLE="YES"
720 else
721 GNUTLS_NO_TICKETS_AVAILABLE="NO"
722 fi
723 fi
724 if [ "$GNUTLS_NO_TICKETS_AVAILABLE" = "NO" ]; then
725 SKIP_NEXT="YES"
726 fi
727}
728
Jerry Yu75261df2021-09-02 17:40:08 +0800729# Check %DISABLE_TLS13_COMPAT_MODE option
Jerry Yub12d81d2021-08-17 10:56:08 +0800730requires_gnutls_next_disable_tls13_compat() {
731 requires_gnutls_next
732 if [ "$GNUTLS_NEXT_AVAILABLE" = "NO" ]; then
733 GNUTLS_DISABLE_TLS13_COMPAT_MODE_AVAILABLE="NO"
734 fi
735 if [ -z "${GNUTLS_DISABLE_TLS13_COMPAT_MODE_AVAILABLE:-}" ]; then
736 if $GNUTLS_NEXT_CLI --priority-list 2>&1 | grep DISABLE_TLS13_COMPAT_MODE >/dev/null
737 then
738 GNUTLS_DISABLE_TLS13_COMPAT_MODE_AVAILABLE="YES"
739 else
740 GNUTLS_DISABLE_TLS13_COMPAT_MODE_AVAILABLE="NO"
741 fi
742 fi
743 if [ "$GNUTLS_DISABLE_TLS13_COMPAT_MODE_AVAILABLE" = "NO" ]; then
744 SKIP_NEXT="YES"
745 fi
746}
747
Jan Bruckneraa31b192023-02-06 12:54:29 +0100748# skip next test if GnuTLS does not support the record size limit extension
749requires_gnutls_record_size_limit() {
750 requires_gnutls_next
751 if [ "$GNUTLS_NEXT_AVAILABLE" = "NO" ]; then
752 GNUTLS_RECORD_SIZE_LIMIT_AVAILABLE="NO"
753 else
754 GNUTLS_RECORD_SIZE_LIMIT_AVAILABLE="YES"
755 fi
756 if [ "$GNUTLS_RECORD_SIZE_LIMIT_AVAILABLE" = "NO" ]; then
757 SKIP_NEXT="YES"
758 fi
759}
760
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +0200761# skip next test if IPv6 isn't available on this host
762requires_ipv6() {
763 if [ -z "${HAS_IPV6:-}" ]; then
764 $P_SRV server_addr='::1' > $SRV_OUT 2>&1 &
765 SRV_PID=$!
766 sleep 1
767 kill $SRV_PID >/dev/null 2>&1
768 if grep "NET - Binding of the socket failed" $SRV_OUT >/dev/null; then
769 HAS_IPV6="NO"
770 else
771 HAS_IPV6="YES"
772 fi
773 rm -r $SRV_OUT
774 fi
775
776 if [ "$HAS_IPV6" = "NO" ]; then
777 SKIP_NEXT="YES"
778 fi
779}
780
Andrzej Kurekb4593462018-10-11 08:43:30 -0400781# skip next test if it's i686 or uname is not available
782requires_not_i686() {
783 if [ -z "${IS_I686:-}" ]; then
784 IS_I686="YES"
785 if which "uname" >/dev/null 2>&1; then
786 if [ -z "$(uname -a | grep i686)" ]; then
787 IS_I686="NO"
788 fi
789 fi
790 fi
791 if [ "$IS_I686" = "YES" ]; then
792 SKIP_NEXT="YES"
793 fi
794}
795
Angus Grattonc4dd0732018-04-11 16:28:39 +1000796# Calculate the input & output maximum content lengths set in the config
David Horstmann95d516f2021-05-04 18:36:56 +0100797MAX_CONTENT_LEN=16384
Yuto Takano2be6f1a2021-06-22 07:16:40 +0100798MAX_IN_LEN=$( get_config_value_or_default "MBEDTLS_SSL_IN_CONTENT_LEN" )
799MAX_OUT_LEN=$( get_config_value_or_default "MBEDTLS_SSL_OUT_CONTENT_LEN" )
Angus Grattonc4dd0732018-04-11 16:28:39 +1000800
Yuto Takano0509fea2021-06-21 19:43:33 +0100801# Calculate the maximum content length that fits both
Angus Grattonc4dd0732018-04-11 16:28:39 +1000802if [ "$MAX_IN_LEN" -lt "$MAX_CONTENT_LEN" ]; then
803 MAX_CONTENT_LEN="$MAX_IN_LEN"
804fi
805if [ "$MAX_OUT_LEN" -lt "$MAX_CONTENT_LEN" ]; then
806 MAX_CONTENT_LEN="$MAX_OUT_LEN"
807fi
808
809# skip the next test if the SSL output buffer is less than 16KB
810requires_full_size_output_buffer() {
811 if [ "$MAX_OUT_LEN" -ne 16384 ]; then
812 SKIP_NEXT="YES"
813 fi
814}
815
Manuel Pégourié-Gonnard76fe9e42014-09-24 15:17:31 +0200816# skip the next test if valgrind is in use
817not_with_valgrind() {
818 if [ "$MEMCHECK" -gt 0 ]; then
819 SKIP_NEXT="YES"
820 fi
821}
822
Paul Bakker362689d2016-05-13 10:33:25 +0100823# skip the next test if valgrind is NOT in use
824only_with_valgrind() {
825 if [ "$MEMCHECK" -eq 0 ]; then
826 SKIP_NEXT="YES"
827 fi
828}
829
Manuel Pégourié-Gonnarda0719722014-09-20 12:46:27 +0200830# multiply the client timeout delay by the given factor for the next test
Janos Follath74537a62016-09-02 13:45:28 +0100831client_needs_more_time() {
Manuel Pégourié-Gonnarda0719722014-09-20 12:46:27 +0200832 CLI_DELAY_FACTOR=$1
833}
834
Janos Follath74537a62016-09-02 13:45:28 +0100835# wait for the given seconds after the client finished in the next test
836server_needs_more_time() {
837 SRV_DELAY_SECONDS=$1
838}
839
Manuel Pégourié-Gonnardf8bdbb52014-02-21 09:20:14 +0100840# print_name <name>
841print_name() {
Paul Bakkere20310a2016-05-10 11:18:17 +0100842 TESTS=$(( $TESTS + 1 ))
843 LINE=""
844
845 if [ "$SHOW_TEST_NUMBER" -gt 0 ]; then
846 LINE="$TESTS "
847 fi
848
849 LINE="$LINE$1"
Gilles Peskine231befa2020-08-26 20:05:11 +0200850 printf "%s " "$LINE"
Paul Bakkere20310a2016-05-10 11:18:17 +0100851 LEN=$(( 72 - `echo "$LINE" | wc -c` ))
Manuel Pégourié-Gonnardf46f1282014-12-11 11:51:28 +0100852 for i in `seq 1 $LEN`; do printf '.'; done
853 printf ' '
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +0100854
Manuel Pégourié-Gonnardf8bdbb52014-02-21 09:20:14 +0100855}
856
Gilles Peskine560280b2019-09-16 15:17:38 +0200857# record_outcome <outcome> [<failure-reason>]
858# The test name must be in $NAME.
Gilles Peskine5eb2b022022-01-07 15:47:02 +0100859# Use $TEST_SUITE_NAME as the test suite name if set.
Gilles Peskine560280b2019-09-16 15:17:38 +0200860record_outcome() {
861 echo "$1"
862 if [ -n "$MBEDTLS_TEST_OUTCOME_FILE" ]; then
863 printf '%s;%s;%s;%s;%s;%s\n' \
864 "$MBEDTLS_TEST_PLATFORM" "$MBEDTLS_TEST_CONFIGURATION" \
Gilles Peskine5eb2b022022-01-07 15:47:02 +0100865 "${TEST_SUITE_NAME:-ssl-opt}" "$NAME" \
Gilles Peskine560280b2019-09-16 15:17:38 +0200866 "$1" "${2-}" \
867 >>"$MBEDTLS_TEST_OUTCOME_FILE"
868 fi
869}
Gilles Peskine5eb2b022022-01-07 15:47:02 +0100870unset TEST_SUITE_NAME
Gilles Peskine560280b2019-09-16 15:17:38 +0200871
Gilles Peskine788ad332021-10-20 14:17:02 +0200872# True if the presence of the given pattern in a log definitely indicates
873# that the test has failed. False if the presence is inconclusive.
874#
875# Inputs:
876# * $1: pattern found in the logs
877# * $TIMES_LEFT: >0 if retrying is an option
878#
879# Outputs:
880# * $outcome: set to a retry reason if the pattern is inconclusive,
881# unchanged otherwise.
882# * Return value: 1 if the pattern is inconclusive,
883# 0 if the failure is definitive.
884log_pattern_presence_is_conclusive() {
885 # If we've run out of attempts, then don't retry no matter what.
886 if [ $TIMES_LEFT -eq 0 ]; then
887 return 0
888 fi
889 case $1 in
890 "resend")
891 # An undesired resend may have been caused by the OS dropping or
892 # delaying a packet at an inopportune time.
893 outcome="RETRY(resend)"
894 return 1;;
895 esac
896}
897
Manuel Pégourié-Gonnardf8bdbb52014-02-21 09:20:14 +0100898# fail <message>
899fail() {
Gilles Peskine560280b2019-09-16 15:17:38 +0200900 record_outcome "FAIL" "$1"
Manuel Pégourié-Gonnard3eec6042014-02-27 15:37:24 +0100901 echo " ! $1"
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +0100902
Manuel Pégourié-Gonnardc2b00922014-08-31 16:46:04 +0200903 mv $SRV_OUT o-srv-${TESTS}.log
904 mv $CLI_OUT o-cli-${TESTS}.log
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200905 if [ -n "$PXY_CMD" ]; then
906 mv $PXY_OUT o-pxy-${TESTS}.log
907 fi
908 echo " ! outputs saved to o-XXX-${TESTS}.log"
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +0100909
Manuel Pégourié-Gonnard3f3302f2020-06-08 11:49:05 +0200910 if [ "${LOG_FAILURE_ON_STDOUT:-0}" != 0 ]; then
Manuel Pégourié-Gonnard7fa67722014-08-31 17:42:53 +0200911 echo " ! server output:"
912 cat o-srv-${TESTS}.log
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200913 echo " ! ========================================================"
Manuel Pégourié-Gonnard7fa67722014-08-31 17:42:53 +0200914 echo " ! client output:"
915 cat o-cli-${TESTS}.log
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200916 if [ -n "$PXY_CMD" ]; then
917 echo " ! ========================================================"
918 echo " ! proxy output:"
919 cat o-pxy-${TESTS}.log
920 fi
921 echo ""
Manuel Pégourié-Gonnard7fa67722014-08-31 17:42:53 +0200922 fi
923
Manuel Pégourié-Gonnard72e51ee2014-08-31 10:22:11 +0200924 FAILS=$(( $FAILS + 1 ))
Manuel Pégourié-Gonnardf8bdbb52014-02-21 09:20:14 +0100925}
926
Manuel Pégourié-Gonnard677884d2014-02-25 16:42:31 +0100927# is_polar <cmd_line>
928is_polar() {
Gilles Peskine64457492020-08-26 21:53:33 +0200929 case "$1" in
930 *ssl_client2*) true;;
931 *ssl_server2*) true;;
932 *) false;;
933 esac
Manuel Pégourié-Gonnard677884d2014-02-25 16:42:31 +0100934}
935
Manuel Pégourié-Gonnardfa60f122014-09-26 16:07:29 +0200936# openssl s_server doesn't have -www with DTLS
937check_osrv_dtls() {
Gilles Peskine64457492020-08-26 21:53:33 +0200938 case "$SRV_CMD" in
939 *s_server*-dtls*)
940 NEEDS_INPUT=1
941 SRV_CMD="$( echo $SRV_CMD | sed s/-www// )";;
942 *) NEEDS_INPUT=0;;
943 esac
Manuel Pégourié-Gonnardfa60f122014-09-26 16:07:29 +0200944}
945
946# provide input to commands that need it
947provide_input() {
948 if [ $NEEDS_INPUT -eq 0 ]; then
949 return
950 fi
951
952 while true; do
953 echo "HTTP/1.0 200 OK"
954 sleep 1
955 done
956}
957
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100958# has_mem_err <log_file_name>
959has_mem_err() {
960 if ( grep -F 'All heap blocks were freed -- no leaks are possible' "$1" &&
961 grep -F 'ERROR SUMMARY: 0 errors from 0 contexts' "$1" ) > /dev/null
962 then
963 return 1 # false: does not have errors
964 else
965 return 0 # true: has errors
966 fi
967}
968
Unknownd364f4c2019-09-02 10:42:57 -0400969# Wait for process $2 named $3 to be listening on port $1. Print error to $4.
Gilles Peskine418b5362017-12-14 18:58:42 +0100970if type lsof >/dev/null 2>/dev/null; then
Unknownd364f4c2019-09-02 10:42:57 -0400971 wait_app_start() {
Paul Elliotte05e1262021-10-20 15:59:33 +0100972 newline='
973'
Gilles Peskine418b5362017-12-14 18:58:42 +0100974 START_TIME=$(date +%s)
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +0200975 if [ "$DTLS" -eq 1 ]; then
Gilles Peskine418b5362017-12-14 18:58:42 +0100976 proto=UDP
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +0200977 else
Gilles Peskine418b5362017-12-14 18:58:42 +0100978 proto=TCP
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +0200979 fi
Gilles Peskine418b5362017-12-14 18:58:42 +0100980 # Make a tight loop, server normally takes less than 1s to start.
Paul Elliott58ed8a72021-10-19 17:56:39 +0100981 while true; do
Gilles Peskine5bd0b512022-04-15 22:53:18 +0200982 SERVER_PIDS=$(lsof -a -n -b -i "$proto:$1" -t)
Paul Elliotte05e1262021-10-20 15:59:33 +0100983 # When we use a proxy, it will be listening on the same port we
984 # are checking for as well as the server and lsof will list both.
Paul Elliotte05e1262021-10-20 15:59:33 +0100985 case ${newline}${SERVER_PIDS}${newline} in
Gilles Peskine5bd0b512022-04-15 22:53:18 +0200986 *${newline}${2}${newline}*) break;;
Paul Elliotte05e1262021-10-20 15:59:33 +0100987 esac
Gilles Peskine418b5362017-12-14 18:58:42 +0100988 if [ $(( $(date +%s) - $START_TIME )) -gt $DOG_DELAY ]; then
Unknownd364f4c2019-09-02 10:42:57 -0400989 echo "$3 START TIMEOUT"
990 echo "$3 START TIMEOUT" >> $4
Gilles Peskine418b5362017-12-14 18:58:42 +0100991 break
992 fi
993 # Linux and *BSD support decimal arguments to sleep. On other
994 # OSes this may be a tight loop.
995 sleep 0.1 2>/dev/null || true
996 done
997 }
998else
Unknownd364f4c2019-09-02 10:42:57 -0400999 echo "Warning: lsof not available, wait_app_start = sleep"
1000 wait_app_start() {
Manuel Pégourié-Gonnard0c1ec472014-06-20 18:41:11 +02001001 sleep "$START_DELAY"
Gilles Peskine418b5362017-12-14 18:58:42 +01001002 }
1003fi
Manuel Pégourié-Gonnard0c1ec472014-06-20 18:41:11 +02001004
Unknownd364f4c2019-09-02 10:42:57 -04001005# Wait for server process $2 to be listening on port $1.
1006wait_server_start() {
1007 wait_app_start $1 $2 "SERVER" $SRV_OUT
1008}
1009
1010# Wait for proxy process $2 to be listening on port $1.
1011wait_proxy_start() {
1012 wait_app_start $1 $2 "PROXY" $PXY_OUT
1013}
1014
Andres Amaya Garciab84c40b2017-09-06 15:44:01 +01001015# Given the client or server debug output, parse the unix timestamp that is
Andres Amaya Garcia3b1bdff2017-09-14 12:41:29 +01001016# included in the first 4 bytes of the random bytes and check that it's within
Andres Amaya Garciab84c40b2017-09-06 15:44:01 +01001017# acceptable bounds
1018check_server_hello_time() {
1019 # Extract the time from the debug (lvl 3) output of the client
Andres Amaya Garcia67d8da52017-09-15 15:49:24 +01001020 SERVER_HELLO_TIME="$(sed -n 's/.*server hello, current time: //p' < "$1")"
Andres Amaya Garciab84c40b2017-09-06 15:44:01 +01001021 # Get the Unix timestamp for now
1022 CUR_TIME=$(date +'%s')
1023 THRESHOLD_IN_SECS=300
1024
1025 # Check if the ServerHello time was printed
1026 if [ -z "$SERVER_HELLO_TIME" ]; then
1027 return 1
1028 fi
1029
1030 # Check the time in ServerHello is within acceptable bounds
1031 if [ $SERVER_HELLO_TIME -lt $(( $CUR_TIME - $THRESHOLD_IN_SECS )) ]; then
1032 # The time in ServerHello is at least 5 minutes before now
1033 return 1
1034 elif [ $SERVER_HELLO_TIME -gt $(( $CUR_TIME + $THRESHOLD_IN_SECS )) ]; then
Andres Amaya Garcia3b1bdff2017-09-14 12:41:29 +01001035 # The time in ServerHello is at least 5 minutes later than now
Andres Amaya Garciab84c40b2017-09-06 15:44:01 +01001036 return 1
1037 else
1038 return 0
1039 fi
1040}
1041
Piotr Nowicki0937ed22019-11-26 16:32:40 +01001042# Get handshake memory usage from server or client output and put it into the variable specified by the first argument
1043handshake_memory_get() {
1044 OUTPUT_VARIABLE="$1"
1045 OUTPUT_FILE="$2"
1046
1047 # Get memory usage from a pattern like "Heap memory usage after handshake: 23112 bytes. Peak memory usage was 33112"
1048 MEM_USAGE=$(sed -n 's/.*Heap memory usage after handshake: //p' < "$OUTPUT_FILE" | grep -o "[0-9]*" | head -1)
1049
1050 # Check if memory usage was read
1051 if [ -z "$MEM_USAGE" ]; then
1052 echo "Error: Can not read the value of handshake memory usage"
1053 return 1
1054 else
1055 eval "$OUTPUT_VARIABLE=$MEM_USAGE"
1056 return 0
1057 fi
1058}
1059
1060# Get handshake memory usage from server or client output and check if this value
1061# is not higher than the maximum given by the first argument
1062handshake_memory_check() {
1063 MAX_MEMORY="$1"
1064 OUTPUT_FILE="$2"
1065
1066 # Get memory usage
1067 if ! handshake_memory_get "MEMORY_USAGE" "$OUTPUT_FILE"; then
1068 return 1
1069 fi
1070
1071 # Check if memory usage is below max value
1072 if [ "$MEMORY_USAGE" -gt "$MAX_MEMORY" ]; then
1073 echo "\nFailed: Handshake memory usage was $MEMORY_USAGE bytes," \
1074 "but should be below $MAX_MEMORY bytes"
1075 return 1
1076 else
1077 return 0
1078 fi
1079}
1080
Manuel Pégourié-Gonnardc0f6a692014-08-30 22:41:47 +02001081# wait for client to terminate and set CLI_EXIT
1082# must be called right after starting the client
1083wait_client_done() {
1084 CLI_PID=$!
1085
Manuel Pégourié-Gonnarda0719722014-09-20 12:46:27 +02001086 CLI_DELAY=$(( $DOG_DELAY * $CLI_DELAY_FACTOR ))
1087 CLI_DELAY_FACTOR=1
1088
Manuel Pégourié-Gonnarda365add2015-08-04 20:57:59 +02001089 ( sleep $CLI_DELAY; echo "===CLIENT_TIMEOUT===" >> $CLI_OUT; kill $CLI_PID ) &
Manuel Pégourié-Gonnarda6189f02014-09-20 13:15:43 +02001090 DOG_PID=$!
Manuel Pégourié-Gonnardc0f6a692014-08-30 22:41:47 +02001091
Jerry Yud2d41102022-07-26 17:34:42 +08001092 # For Ubuntu 22.04, `Terminated` message is outputed by wait command.
1093 # To remove it from stdout, redirect stdout/stderr to CLI_OUT
1094 wait $CLI_PID >> $CLI_OUT 2>&1
Manuel Pégourié-Gonnardc0f6a692014-08-30 22:41:47 +02001095 CLI_EXIT=$?
1096
Manuel Pégourié-Gonnarda6189f02014-09-20 13:15:43 +02001097 kill $DOG_PID >/dev/null 2>&1
Jerry Yufe52e552022-07-09 04:23:43 +00001098 wait $DOG_PID >> $CLI_OUT 2>&1
Manuel Pégourié-Gonnardc0f6a692014-08-30 22:41:47 +02001099
1100 echo "EXIT: $CLI_EXIT" >> $CLI_OUT
Janos Follath74537a62016-09-02 13:45:28 +01001101
1102 sleep $SRV_DELAY_SECONDS
1103 SRV_DELAY_SECONDS=0
Manuel Pégourié-Gonnardc0f6a692014-08-30 22:41:47 +02001104}
1105
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02001106# check if the given command uses dtls and sets global variable DTLS
1107detect_dtls() {
Gilles Peskine64457492020-08-26 21:53:33 +02001108 case "$1" in
Paul Elliott1428f252021-10-12 16:02:55 +01001109 *dtls=1*|*-dtls*|*-u*) DTLS=1;;
Gilles Peskine64457492020-08-26 21:53:33 +02001110 *) DTLS=0;;
1111 esac
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02001112}
1113
Dave Rodgman0279c2f2021-02-10 12:45:41 +00001114# check if the given command uses gnutls and sets global variable CMD_IS_GNUTLS
1115is_gnutls() {
1116 case "$1" in
1117 *gnutls-cli*)
1118 CMD_IS_GNUTLS=1
1119 ;;
1120 *gnutls-serv*)
1121 CMD_IS_GNUTLS=1
1122 ;;
1123 *)
1124 CMD_IS_GNUTLS=0
1125 ;;
1126 esac
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +01001127}
1128
Valerio Setti6ba247c2023-03-14 17:13:43 +01001129# Some external tools (gnutls or openssl) might not have support for ECDH and
1130# this limit the tests that can be run with them. This function checks server
1131# and client command lines, given as input, to verify if the current test
1132# is using one of these tools.
1133use_ext_tool_without_ecdh_support() {
1134 case "$1" in
1135 *$GNUTLS_SERV*|\
1136 *${GNUTLS_NEXT_SERV:-"gnutls-serv-dummy"}*|\
1137 *${OPENSSL_NEXT:-"openssl-dummy"}*)
1138 echo "yes"
1139 return;;
1140 esac
1141 case "$2" in
1142 *$GNUTLS_CLI*|\
1143 *${GNUTLS_NEXT_CLI:-"gnutls-cli-dummy"}*|\
1144 *${OPENSSL_NEXT:-"openssl-dummy"}*)
1145 echo "yes"
1146 return;;
1147 esac
1148 echo "no"
1149}
1150
Jerry Yuf467d462022-11-07 13:12:44 +08001151# Generate random psk_list argument for ssl_server2
1152get_srv_psk_list ()
1153{
1154 case $(( TESTS % 3 )) in
1155 0) echo "psk_list=abc,dead,def,beef,Client_identity,6162636465666768696a6b6c6d6e6f70";;
1156 1) echo "psk_list=abc,dead,Client_identity,6162636465666768696a6b6c6d6e6f70,def,beef";;
1157 2) echo "psk_list=Client_identity,6162636465666768696a6b6c6d6e6f70,abc,dead,def,beef";;
1158 esac
1159}
1160
Gilles Peskine309ca652022-03-14 17:55:04 +01001161# Determine what calc_verify trace is to be expected, if any.
1162#
1163# calc_verify is only called for two things: to calculate the
1164# extended master secret, and to process client authentication.
1165#
1166# Warning: the current implementation assumes that extended_ms is not
1167# disabled on the client or on the server.
1168#
1169# Inputs:
Gilles Peskinec8d242f2022-04-06 22:23:45 +02001170# * $1: the value of the server auth_mode parameter.
1171# 'required' if client authentication is expected,
1172# 'none' or absent if not.
Gilles Peskine309ca652022-03-14 17:55:04 +01001173# * $CONFIGS_ENABLED
1174#
1175# Outputs:
1176# * $maybe_calc_verify: set to a trace expected in the debug logs
1177set_maybe_calc_verify() {
1178 maybe_calc_verify=
1179 case $CONFIGS_ENABLED in
1180 *\ MBEDTLS_SSL_EXTENDED_MASTER_SECRET\ *) :;;
1181 *)
1182 case ${1-} in
Gilles Peskinec8d242f2022-04-06 22:23:45 +02001183 ''|none) return;;
1184 required) :;;
Gilles Peskine309ca652022-03-14 17:55:04 +01001185 *) echo "Bad parameter 1 to set_maybe_calc_verify: $1"; exit 1;;
1186 esac
1187 esac
1188 case $CONFIGS_ENABLED in
1189 *\ MBEDTLS_USE_PSA_CRYPTO\ *) maybe_calc_verify="PSA calc verify";;
1190 *) maybe_calc_verify="<= calc verify";;
1191 esac
1192}
1193
Johan Pascal9bc50b02020-09-24 12:01:13 +02001194# Compare file content
1195# Usage: find_in_both pattern file1 file2
1196# extract from file1 the first line matching the pattern
1197# check in file2 that the same line can be found
1198find_in_both() {
1199 srv_pattern=$(grep -m 1 "$1" "$2");
1200 if [ -z "$srv_pattern" ]; then
1201 return 1;
1202 fi
1203
1204 if grep "$srv_pattern" $3 >/dev/null; then :
Johan Pascal10403152020-10-09 20:43:51 +02001205 return 0;
Johan Pascal9bc50b02020-09-24 12:01:13 +02001206 else
1207 return 1;
1208 fi
1209}
1210
Jerry Yuc46e9b42021-08-06 11:22:24 +08001211SKIP_HANDSHAKE_CHECK="NO"
1212skip_handshake_stage_check() {
1213 SKIP_HANDSHAKE_CHECK="YES"
1214}
1215
Gilles Peskine236bf982021-10-19 16:25:10 +02001216# Analyze the commands that will be used in a test.
1217#
1218# Analyze and possibly instrument $PXY_CMD, $CLI_CMD, $SRV_CMD to pass
1219# extra arguments or go through wrappers.
Gilles Peskine59601d72022-04-05 22:00:17 +02001220#
1221# Inputs:
1222# * $@: supplemental options to run_test() (after the mandatory arguments).
1223# * $CLI_CMD, $PXY_CMD, $SRV_CMD: the client, proxy and server commands.
1224# * $DTLS: 1 if DTLS, otherwise 0.
1225#
1226# Outputs:
1227# * $CLI_CMD, $PXY_CMD, $SRV_CMD: may be tweaked.
Gilles Peskine236bf982021-10-19 16:25:10 +02001228analyze_test_commands() {
Manuel Pégourié-Gonnardf4557862020-06-08 11:40:06 +02001229 # if the test uses DTLS but no custom proxy, add a simple proxy
1230 # as it provides timing info that's useful to debug failures
Manuel Pégourié-Gonnard70fce982020-06-25 09:54:46 +02001231 if [ -z "$PXY_CMD" ] && [ "$DTLS" -eq 1 ]; then
Manuel Pégourié-Gonnardf4557862020-06-08 11:40:06 +02001232 PXY_CMD="$P_PXY"
Manuel Pégourié-Gonnard8779e9a2020-07-16 10:19:32 +02001233 case " $SRV_CMD " in
1234 *' server_addr=::1 '*)
1235 PXY_CMD="$PXY_CMD server_addr=::1 listen_addr=::1";;
1236 esac
Manuel Pégourié-Gonnardf4557862020-06-08 11:40:06 +02001237 fi
1238
Dave Rodgman0279c2f2021-02-10 12:45:41 +00001239 # update CMD_IS_GNUTLS variable
1240 is_gnutls "$SRV_CMD"
1241
1242 # if the server uses gnutls but doesn't set priority, explicitly
1243 # set the default priority
1244 if [ "$CMD_IS_GNUTLS" -eq 1 ]; then
1245 case "$SRV_CMD" in
1246 *--priority*) :;;
1247 *) SRV_CMD="$SRV_CMD --priority=NORMAL";;
1248 esac
1249 fi
1250
1251 # update CMD_IS_GNUTLS variable
1252 is_gnutls "$CLI_CMD"
1253
1254 # if the client uses gnutls but doesn't set priority, explicitly
1255 # set the default priority
1256 if [ "$CMD_IS_GNUTLS" -eq 1 ]; then
1257 case "$CLI_CMD" in
1258 *--priority*) :;;
1259 *) CLI_CMD="$CLI_CMD --priority=NORMAL";;
1260 esac
1261 fi
1262
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +02001263 # fix client port
1264 if [ -n "$PXY_CMD" ]; then
1265 CLI_CMD=$( echo "$CLI_CMD" | sed s/+SRV_PORT/$PXY_PORT/g )
1266 else
1267 CLI_CMD=$( echo "$CLI_CMD" | sed s/+SRV_PORT/$SRV_PORT/g )
1268 fi
1269
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +01001270 # prepend valgrind to our commands if active
1271 if [ "$MEMCHECK" -gt 0 ]; then
1272 if is_polar "$SRV_CMD"; then
1273 SRV_CMD="valgrind --leak-check=full $SRV_CMD"
1274 fi
1275 if is_polar "$CLI_CMD"; then
1276 CLI_CMD="valgrind --leak-check=full $CLI_CMD"
1277 fi
1278 fi
Gilles Peskine236bf982021-10-19 16:25:10 +02001279}
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +01001280
Gilles Peskine236bf982021-10-19 16:25:10 +02001281# Check for failure conditions after a test case.
1282#
1283# Inputs from run_test:
1284# * positional parameters: test options (see run_test documentation)
1285# * $CLI_EXIT: client return code
1286# * $CLI_EXPECT: expected client return code
1287# * $SRV_RET: server return code
1288# * $CLI_OUT, $SRV_OUT, $PXY_OUT: files containing client/server/proxy logs
Gilles Peskine0e3534c2021-10-19 17:23:25 +02001289# * $TIMES_LEFT: if nonzero, a RETRY outcome is allowed
Gilles Peskine236bf982021-10-19 16:25:10 +02001290#
1291# Outputs:
Gilles Peskinef11d30e2021-10-19 18:00:10 +02001292# * $outcome: one of PASS/RETRY*/FAIL
Gilles Peskine236bf982021-10-19 16:25:10 +02001293check_test_failure() {
Gilles Peskine0e3534c2021-10-19 17:23:25 +02001294 outcome=FAIL
Manuel Pégourié-Gonnarda365add2015-08-04 20:57:59 +02001295
Gilles Peskine0e3534c2021-10-19 17:23:25 +02001296 if [ $TIMES_LEFT -gt 0 ] &&
1297 grep '===CLIENT_TIMEOUT===' $CLI_OUT >/dev/null
1298 then
Gilles Peskinef11d30e2021-10-19 18:00:10 +02001299 outcome="RETRY(client-timeout)"
Gilles Peskine0e3534c2021-10-19 17:23:25 +02001300 return
1301 fi
Manuel Pégourié-Gonnarda365add2015-08-04 20:57:59 +02001302
Manuel Pégourié-Gonnard677884d2014-02-25 16:42:31 +01001303 # check if the client and server went at least to the handshake stage
Paul Bakker1ebc0c52014-05-22 15:47:58 +02001304 # (useful to avoid tests with only negative assertions and non-zero
Manuel Pégourié-Gonnard677884d2014-02-25 16:42:31 +01001305 # expected client exit to incorrectly succeed in case of catastrophic
1306 # failure)
Jerry Yuc46e9b42021-08-06 11:22:24 +08001307 if [ "X$SKIP_HANDSHAKE_CHECK" != "XYES" ]
1308 then
1309 if is_polar "$SRV_CMD"; then
1310 if grep "Performing the SSL/TLS handshake" $SRV_OUT >/dev/null; then :;
1311 else
1312 fail "server or client failed to reach handshake stage"
1313 return
1314 fi
Manuel Pégourié-Gonnard677884d2014-02-25 16:42:31 +01001315 fi
Jerry Yuc46e9b42021-08-06 11:22:24 +08001316 if is_polar "$CLI_CMD"; then
1317 if grep "Performing the SSL/TLS handshake" $CLI_OUT >/dev/null; then :;
1318 else
1319 fail "server or client failed to reach handshake stage"
1320 return
1321 fi
Manuel Pégourié-Gonnard677884d2014-02-25 16:42:31 +01001322 fi
1323 fi
1324
Jerry Yuc46e9b42021-08-06 11:22:24 +08001325 SKIP_HANDSHAKE_CHECK="NO"
Gilles Peskineaaf866e2021-02-09 21:01:33 +01001326 # Check server exit code (only for Mbed TLS: GnuTLS and OpenSSL don't
1327 # exit with status 0 when interrupted by a signal, and we don't really
1328 # care anyway), in case e.g. the server reports a memory leak.
1329 if [ $SRV_RET != 0 ] && is_polar "$SRV_CMD"; then
Gilles Peskine7f919de2021-02-02 23:29:03 +01001330 fail "Server exited with status $SRV_RET"
Manuel Pégourié-Gonnardf8bdbb52014-02-21 09:20:14 +01001331 return
1332 fi
1333
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +01001334 # check client exit code
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +01001335 if [ \( "$CLI_EXPECT" = 0 -a "$CLI_EXIT" != 0 \) -o \
1336 \( "$CLI_EXPECT" != 0 -a "$CLI_EXIT" = 0 \) ]
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01001337 then
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +02001338 fail "bad client exit code (expected $CLI_EXPECT, got $CLI_EXIT)"
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +01001339 return
1340 fi
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +01001341
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +01001342 # check other assertions
Manuel Pégourié-Gonnard480905d2014-08-21 19:38:32 +02001343 # lines beginning with == are added by valgrind, ignore them
Paul Bakker1f650922016-05-13 10:16:46 +01001344 # lines with 'Serious error when reading debug info', are valgrind issues as well
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +01001345 while [ $# -gt 0 ]
1346 do
1347 case $1 in
1348 "-s")
Paul Bakker1f650922016-05-13 10:16:46 +01001349 if grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then :; else
Simon Butcher8e004102016-10-14 00:48:33 +01001350 fail "pattern '$2' MUST be present in the Server output"
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +01001351 return
1352 fi
1353 ;;
1354
1355 "-c")
Paul Bakker1f650922016-05-13 10:16:46 +01001356 if grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then :; else
Simon Butcher8e004102016-10-14 00:48:33 +01001357 fail "pattern '$2' MUST be present in the Client output"
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +01001358 return
1359 fi
1360 ;;
1361
1362 "-S")
Paul Bakker1f650922016-05-13 10:16:46 +01001363 if grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then
Gilles Peskine788ad332021-10-20 14:17:02 +02001364 if log_pattern_presence_is_conclusive "$2"; then
Gilles Peskinef11d30e2021-10-19 18:00:10 +02001365 fail "pattern '$2' MUST NOT be present in the Server output"
1366 fi
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +01001367 return
1368 fi
1369 ;;
1370
1371 "-C")
Paul Bakker1f650922016-05-13 10:16:46 +01001372 if grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then
Gilles Peskine788ad332021-10-20 14:17:02 +02001373 if log_pattern_presence_is_conclusive "$2"; then
Gilles Peskinef11d30e2021-10-19 18:00:10 +02001374 fail "pattern '$2' MUST NOT be present in the Client output"
1375 fi
Simon Butcher8e004102016-10-14 00:48:33 +01001376 return
1377 fi
1378 ;;
1379
1380 # The filtering in the following two options (-u and -U) do the following
1381 # - ignore valgrind output
Antonin Décimo36e89b52019-01-23 15:24:37 +01001382 # - filter out everything but lines right after the pattern occurrences
Simon Butcher8e004102016-10-14 00:48:33 +01001383 # - keep one of each non-unique line
1384 # - count how many lines remain
1385 # A line with '--' will remain in the result from previous outputs, so the number of lines in the result will be 1
1386 # if there were no duplicates.
1387 "-U")
1388 if [ $(grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep -A1 "$2" | grep -v "$2" | sort | uniq -d | wc -l) -gt 1 ]; then
1389 fail "lines following pattern '$2' must be unique in Server output"
1390 return
1391 fi
1392 ;;
1393
1394 "-u")
1395 if [ $(grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep -A1 "$2" | grep -v "$2" | sort | uniq -d | wc -l) -gt 1 ]; then
1396 fail "lines following pattern '$2' must be unique in Client output"
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +01001397 return
1398 fi
1399 ;;
Andres Amaya Garcia93993de2017-09-06 15:38:07 +01001400 "-F")
1401 if ! $2 "$SRV_OUT"; then
1402 fail "function call to '$2' failed on Server output"
1403 return
1404 fi
1405 ;;
1406 "-f")
1407 if ! $2 "$CLI_OUT"; then
1408 fail "function call to '$2' failed on Client output"
1409 return
1410 fi
1411 ;;
Johan Pascal9bc50b02020-09-24 12:01:13 +02001412 "-g")
1413 if ! eval "$2 '$SRV_OUT' '$CLI_OUT'"; then
1414 fail "function call to '$2' failed on Server and Client output"
1415 return
1416 fi
1417 ;;
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +01001418
1419 *)
Paul Bakker1ebc0c52014-05-22 15:47:58 +02001420 echo "Unknown test: $1" >&2
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +01001421 exit 1
1422 esac
1423 shift 2
1424 done
1425
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +01001426 # check valgrind's results
1427 if [ "$MEMCHECK" -gt 0 ]; then
Manuel Pégourié-Gonnardbc3b16c2014-05-28 23:06:50 +02001428 if is_polar "$SRV_CMD" && has_mem_err $SRV_OUT; then
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +01001429 fail "Server has memory errors"
1430 return
1431 fi
Manuel Pégourié-Gonnardbc3b16c2014-05-28 23:06:50 +02001432 if is_polar "$CLI_CMD" && has_mem_err $CLI_OUT; then
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +01001433 fail "Client has memory errors"
1434 return
1435 fi
1436 fi
1437
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +01001438 # if we're here, everything is ok
Gilles Peskine0e3534c2021-10-19 17:23:25 +02001439 outcome=PASS
Gilles Peskine236bf982021-10-19 16:25:10 +02001440}
1441
Gilles Peskine196d73b2021-10-19 16:35:35 +02001442# Run the current test case: start the server and if applicable the proxy, run
1443# the client, wait for all processes to finish or time out.
1444#
1445# Inputs:
1446# * $NAME: test case name
1447# * $CLI_CMD, $SRV_CMD, $PXY_CMD: commands to run
1448# * $CLI_OUT, $SRV_OUT, $PXY_OUT: files to contain client/server/proxy logs
1449#
1450# Outputs:
1451# * $CLI_EXIT: client return code
1452# * $SRV_RET: server return code
1453do_run_test_once() {
1454 # run the commands
1455 if [ -n "$PXY_CMD" ]; then
1456 printf "# %s\n%s\n" "$NAME" "$PXY_CMD" > $PXY_OUT
1457 $PXY_CMD >> $PXY_OUT 2>&1 &
1458 PXY_PID=$!
1459 wait_proxy_start "$PXY_PORT" "$PXY_PID"
1460 fi
1461
1462 check_osrv_dtls
1463 printf '# %s\n%s\n' "$NAME" "$SRV_CMD" > $SRV_OUT
1464 provide_input | $SRV_CMD >> $SRV_OUT 2>&1 &
1465 SRV_PID=$!
1466 wait_server_start "$SRV_PORT" "$SRV_PID"
1467
1468 printf '# %s\n%s\n' "$NAME" "$CLI_CMD" > $CLI_OUT
Andrzej Kurek140b5892022-05-27 06:44:19 -04001469 # The client must be a subprocess of the script in order for killing it to
1470 # work properly, that's why the ampersand is placed inside the eval command,
1471 # not at the end of the line: the latter approach will spawn eval as a
1472 # subprocess, and the $CLI_CMD as a grandchild.
1473 eval "$CLI_CMD &" >> $CLI_OUT 2>&1
Gilles Peskine196d73b2021-10-19 16:35:35 +02001474 wait_client_done
1475
1476 sleep 0.05
1477
1478 # terminate the server (and the proxy)
1479 kill $SRV_PID
Jerry Yud2d41102022-07-26 17:34:42 +08001480 # For Ubuntu 22.04, `Terminated` message is outputed by wait command.
Jerry Yu27d80922022-08-02 21:28:55 +08001481 # To remove it from stdout, redirect stdout/stderr to SRV_OUT
Jerry Yud2d41102022-07-26 17:34:42 +08001482 wait $SRV_PID >> $SRV_OUT 2>&1
Gilles Peskine196d73b2021-10-19 16:35:35 +02001483 SRV_RET=$?
1484
1485 if [ -n "$PXY_CMD" ]; then
1486 kill $PXY_PID >/dev/null 2>&1
Jerry Yu6969eee2022-10-10 10:25:26 +08001487 wait $PXY_PID >> $PXY_OUT 2>&1
Gilles Peskine196d73b2021-10-19 16:35:35 +02001488 fi
1489}
1490
Valerio Setti1af76d12023-02-23 15:55:10 +01001491# Detect if the current test is going to use TLS 1.3.
Valerio Setti194e2bd2023-03-02 17:18:10 +01001492# $1 and $2 contain the server and client command lines, respectively.
Valerio Setti213c4ea2023-03-07 19:29:57 +01001493#
1494# Note: this function only provides some guess about TLS version by simply
1495# looking at the server/client command lines. Even thought this works
1496# for the sake of tests' filtering (especially in conjunction with the
1497# detect_required_features() function), it does NOT guarantee that the
1498# result is accurate. It does not check other conditions, such as:
1499# - MBEDTLS_SSL_PROTO_TLS1_x can be disabled to selectively remove
Valerio Setti1470ce32023-03-08 16:50:12 +01001500# TLS 1.2/1.3 support
Valerio Setti213c4ea2023-03-07 19:29:57 +01001501# - we can force a ciphersuite which contains "WITH" in its name, meaning
1502# that we are going to use TLS 1.2
1503# - etc etc
Valerio Setti1af76d12023-02-23 15:55:10 +01001504get_tls_version() {
1505 case $1 in
1506 *tls1_3*|*tls13*)
1507 echo "TLS13"
1508 return;;
1509 esac
1510 case $2 in
1511 *tls1_3*|*tls13*)
1512 echo "TLS13"
1513 return;;
1514 esac
1515 echo "TLS12"
1516}
1517
Gilles Peskine236bf982021-10-19 16:25:10 +02001518# Usage: run_test name [-p proxy_cmd] srv_cmd cli_cmd cli_exit [option [...]]
1519# Options: -s pattern pattern that must be present in server output
1520# -c pattern pattern that must be present in client output
1521# -u pattern lines after pattern must be unique in client output
1522# -f call shell function on client output
1523# -S pattern pattern that must be absent in server output
1524# -C pattern pattern that must be absent in client output
1525# -U pattern lines after pattern must be unique in server output
1526# -F call shell function on server output
1527# -g call shell function on server and client output
1528run_test() {
1529 NAME="$1"
1530 shift 1
1531
1532 if is_excluded "$NAME"; then
1533 SKIP_NEXT="NO"
1534 # There was no request to run the test, so don't record its outcome.
1535 return
1536 fi
1537
1538 print_name "$NAME"
1539
1540 # Do we only run numbered tests?
1541 if [ -n "$RUN_TEST_NUMBER" ]; then
1542 case ",$RUN_TEST_NUMBER," in
1543 *",$TESTS,"*) :;;
1544 *) SKIP_NEXT="YES";;
1545 esac
1546 fi
1547
1548 # does this test use a proxy?
1549 if [ "X$1" = "X-p" ]; then
1550 PXY_CMD="$2"
1551 shift 2
1552 else
1553 PXY_CMD=""
1554 fi
1555
1556 # get commands and client output
1557 SRV_CMD="$1"
1558 CLI_CMD="$2"
1559 CLI_EXPECT="$3"
1560 shift 3
1561
1562 # Check if test uses files
1563 case "$SRV_CMD $CLI_CMD" in
1564 *data_files/*)
1565 requires_config_enabled MBEDTLS_FS_IO;;
1566 esac
1567
Gilles Peskine82a4ab22022-02-25 19:46:30 +01001568 # Check if the test uses DTLS.
1569 detect_dtls "$SRV_CMD"
1570 if [ "$DTLS" -eq 1 ]; then
1571 requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
1572 fi
1573
Gilles Peskineb898b3d2022-04-08 19:26:26 +02001574 # If the client or server requires certain features that can be detected
1575 # from their command-line arguments, check that they're enabled.
Valerio Setti1af76d12023-02-23 15:55:10 +01001576 TLS_VERSION=$(get_tls_version "$SRV_CMD" "$CLI_CMD")
Valerio Setti6ba247c2023-03-14 17:13:43 +01001577
1578 # Check if we are trying to use an external tool wich does not support ECDH
1579 EXT_WO_ECDH=$(use_ext_tool_without_ecdh_support "$SRV_CMD" "$CLI_CMD")
1580
1581 detect_required_features "$SRV_CMD" "server" "$TLS_VERSION" "$EXT_WO_ECDH" "$@"
1582 detect_required_features "$CLI_CMD" "client" "$TLS_VERSION" "$EXT_WO_ECDH" "$@"
Gilles Peskine236bf982021-10-19 16:25:10 +02001583
Gilles Peskine6e86e542022-02-25 19:52:52 +01001584 # If we're in a PSK-only build and the test can be adapted to PSK, do that.
1585 maybe_adapt_for_psk "$@"
Gilles Peskine236bf982021-10-19 16:25:10 +02001586
1587 # should we skip?
1588 if [ "X$SKIP_NEXT" = "XYES" ]; then
1589 SKIP_NEXT="NO"
1590 record_outcome "SKIP"
1591 SKIPS=$(( $SKIPS + 1 ))
1592 return
1593 fi
1594
1595 analyze_test_commands "$@"
1596
Andrzej Kurek8db7c0e2022-04-01 08:52:06 -04001597 # One regular run and two retries
1598 TIMES_LEFT=3
Gilles Peskine236bf982021-10-19 16:25:10 +02001599 while [ $TIMES_LEFT -gt 0 ]; do
1600 TIMES_LEFT=$(( $TIMES_LEFT - 1 ))
1601
Gilles Peskine196d73b2021-10-19 16:35:35 +02001602 do_run_test_once
Gilles Peskine236bf982021-10-19 16:25:10 +02001603
Gilles Peskine0e3534c2021-10-19 17:23:25 +02001604 check_test_failure "$@"
1605 case $outcome in
1606 PASS) break;;
Gilles Peskinef11d30e2021-10-19 18:00:10 +02001607 RETRY*) printf "$outcome ";;
Gilles Peskine0e3534c2021-10-19 17:23:25 +02001608 FAIL) return;;
1609 esac
Gilles Peskine236bf982021-10-19 16:25:10 +02001610 done
1611
Gilles Peskine0e3534c2021-10-19 17:23:25 +02001612 # If we get this far, the test case passed.
Gilles Peskine560280b2019-09-16 15:17:38 +02001613 record_outcome "PASS"
Paul Bakkeracaac852016-05-10 11:47:13 +01001614 if [ "$PRESERVE_LOGS" -gt 0 ]; then
1615 mv $SRV_OUT o-srv-${TESTS}.log
1616 mv $CLI_OUT o-cli-${TESTS}.log
Hanno Becker7be2e5b2018-08-20 12:21:35 +01001617 if [ -n "$PXY_CMD" ]; then
1618 mv $PXY_OUT o-pxy-${TESTS}.log
1619 fi
Paul Bakkeracaac852016-05-10 11:47:13 +01001620 fi
1621
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +02001622 rm -f $SRV_OUT $CLI_OUT $PXY_OUT
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +01001623}
1624
Hanno Becker9b5853c2018-11-16 17:28:40 +00001625run_test_psa() {
1626 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Gilles Peskine309ca652022-03-14 17:55:04 +01001627 set_maybe_calc_verify none
Hanno Beckere9420c22018-11-20 11:37:34 +00001628 run_test "PSA-supported ciphersuite: $1" \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +00001629 "$P_SRV debug_level=3 force_version=tls12" \
Ronald Cronf3b425b2022-03-17 16:45:09 +01001630 "$P_CLI debug_level=3 force_ciphersuite=$1" \
Hanno Becker9b5853c2018-11-16 17:28:40 +00001631 0 \
Gilles Peskine309ca652022-03-14 17:55:04 +01001632 -c "$maybe_calc_verify" \
Andrzej Kurek92dd4d02019-01-30 04:10:19 -05001633 -c "calc PSA finished" \
Gilles Peskine309ca652022-03-14 17:55:04 +01001634 -s "$maybe_calc_verify" \
Andrzej Kurek92dd4d02019-01-30 04:10:19 -05001635 -s "calc PSA finished" \
Hanno Becker9b5853c2018-11-16 17:28:40 +00001636 -s "Protocol is TLSv1.2" \
Hanno Becker28f78442019-02-18 16:47:50 +00001637 -c "Perform PSA-based ECDH computation."\
Andrzej Kureke85414e2019-01-15 05:23:59 -05001638 -c "Perform PSA-based computation of digest of ServerKeyExchange" \
Hanno Becker9b5853c2018-11-16 17:28:40 +00001639 -S "error" \
1640 -C "error"
Gilles Peskine309ca652022-03-14 17:55:04 +01001641 unset maybe_calc_verify
Hanno Becker9b5853c2018-11-16 17:28:40 +00001642}
1643
Hanno Becker354e2482019-01-08 11:40:25 +00001644run_test_psa_force_curve() {
1645 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Gilles Peskine309ca652022-03-14 17:55:04 +01001646 set_maybe_calc_verify none
Hanno Becker354e2482019-01-08 11:40:25 +00001647 run_test "PSA - ECDH with $1" \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +00001648 "$P_SRV debug_level=4 force_version=tls12 curves=$1" \
Ronald Cronf3b425b2022-03-17 16:45:09 +01001649 "$P_CLI debug_level=4 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 curves=$1" \
Hanno Becker354e2482019-01-08 11:40:25 +00001650 0 \
Gilles Peskine309ca652022-03-14 17:55:04 +01001651 -c "$maybe_calc_verify" \
Hanno Becker28f78442019-02-18 16:47:50 +00001652 -c "calc PSA finished" \
Gilles Peskine309ca652022-03-14 17:55:04 +01001653 -s "$maybe_calc_verify" \
Hanno Becker28f78442019-02-18 16:47:50 +00001654 -s "calc PSA finished" \
Hanno Becker354e2482019-01-08 11:40:25 +00001655 -s "Protocol is TLSv1.2" \
Hanno Becker28f78442019-02-18 16:47:50 +00001656 -c "Perform PSA-based ECDH computation."\
Manuel Pégourié-Gonnarda9062e92014-02-25 16:21:22 +01001657 -c "Perform PSA-based computation of digest of ServerKeyExchange" \
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +02001658 -S "error" \
Manuel Pégourié-Gonnarda6189f02014-09-20 13:15:43 +02001659 -C "error"
Gilles Peskine309ca652022-03-14 17:55:04 +01001660 unset maybe_calc_verify
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +01001661}
1662
Piotr Nowicki0937ed22019-11-26 16:32:40 +01001663# Test that the server's memory usage after a handshake is reduced when a client specifies
1664# a maximum fragment length.
1665# first argument ($1) is MFL for SSL client
1666# second argument ($2) is memory usage for SSL client with default MFL (16k)
1667run_test_memory_after_hanshake_with_mfl()
1668{
1669 # The test passes if the difference is around 2*(16k-MFL)
Gilles Peskine5b428d72020-08-26 21:52:23 +02001670 MEMORY_USAGE_LIMIT="$(( $2 - ( 2 * ( 16384 - $1 )) ))"
Piotr Nowicki0937ed22019-11-26 16:32:40 +01001671
1672 # Leave some margin for robustness
1673 MEMORY_USAGE_LIMIT="$(( ( MEMORY_USAGE_LIMIT * 110 ) / 100 ))"
1674
1675 run_test "Handshake memory usage (MFL $1)" \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +00001676 "$P_SRV debug_level=3 auth_mode=required force_version=tls12" \
Ronald Cronf3b425b2022-03-17 16:45:09 +01001677 "$P_CLI debug_level=3 \
Piotr Nowicki0937ed22019-11-26 16:32:40 +01001678 crt_file=data_files/server5.crt key_file=data_files/server5.key \
1679 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM max_frag_len=$1" \
1680 0 \
1681 -F "handshake_memory_check $MEMORY_USAGE_LIMIT"
1682}
1683
1684
1685# Test that the server's memory usage after a handshake is reduced when a client specifies
1686# different values of Maximum Fragment Length: default (16k), 4k, 2k, 1k and 512 bytes
1687run_tests_memory_after_hanshake()
1688{
1689 # all tests in this sequence requires the same configuration (see requires_config_enabled())
1690 SKIP_THIS_TESTS="$SKIP_NEXT"
1691
1692 # first test with default MFU is to get reference memory usage
1693 MEMORY_USAGE_MFL_16K=0
1694 run_test "Handshake memory usage initial (MFL 16384 - default)" \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +00001695 "$P_SRV debug_level=3 auth_mode=required force_version=tls12" \
Ronald Cronf3b425b2022-03-17 16:45:09 +01001696 "$P_CLI debug_level=3 \
Piotr Nowicki0937ed22019-11-26 16:32:40 +01001697 crt_file=data_files/server5.crt key_file=data_files/server5.key \
1698 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM" \
1699 0 \
1700 -F "handshake_memory_get MEMORY_USAGE_MFL_16K"
1701
1702 SKIP_NEXT="$SKIP_THIS_TESTS"
1703 run_test_memory_after_hanshake_with_mfl 4096 "$MEMORY_USAGE_MFL_16K"
1704
1705 SKIP_NEXT="$SKIP_THIS_TESTS"
1706 run_test_memory_after_hanshake_with_mfl 2048 "$MEMORY_USAGE_MFL_16K"
1707
1708 SKIP_NEXT="$SKIP_THIS_TESTS"
1709 run_test_memory_after_hanshake_with_mfl 1024 "$MEMORY_USAGE_MFL_16K"
1710
1711 SKIP_NEXT="$SKIP_THIS_TESTS"
1712 run_test_memory_after_hanshake_with_mfl 512 "$MEMORY_USAGE_MFL_16K"
1713}
1714
Manuel Pégourié-Gonnarda9062e92014-02-25 16:21:22 +01001715cleanup() {
Manuel Pégourié-Gonnardbc3b16c2014-05-28 23:06:50 +02001716 rm -f $CLI_OUT $SRV_OUT $PXY_OUT $SESSION
Piotr Nowicki3de298f2020-04-16 14:35:19 +02001717 rm -f context_srv.txt
1718 rm -f context_cli.txt
Manuel Pégourié-Gonnarda6189f02014-09-20 13:15:43 +02001719 test -n "${SRV_PID:-}" && kill $SRV_PID >/dev/null 2>&1
1720 test -n "${PXY_PID:-}" && kill $PXY_PID >/dev/null 2>&1
1721 test -n "${CLI_PID:-}" && kill $CLI_PID >/dev/null 2>&1
1722 test -n "${DOG_PID:-}" && kill $DOG_PID >/dev/null 2>&1
Manuel Pégourié-Gonnarda9062e92014-02-25 16:21:22 +01001723 exit 1
1724}
1725
Manuel Pégourié-Gonnard9dea8bd2014-02-26 18:21:02 +01001726#
1727# MAIN
1728#
1729
Manuel Pégourié-Gonnard913030c2014-03-28 10:12:38 +01001730get_options "$@"
1731
Andrzej Kurek9c061a22022-09-05 10:51:19 -04001732populate_enabled_hash_algs
1733
Gilles Peskine9fa4ed62020-08-26 22:35:46 +02001734# Optimize filters: if $FILTER and $EXCLUDE can be expressed as shell
1735# patterns rather than regular expressions, use a case statement instead
1736# of calling grep. To keep the optimizer simple, it is incomplete and only
1737# detects simple cases: plain substring, everything, nothing.
1738#
1739# As an exception, the character '.' is treated as an ordinary character
1740# if it is the only special character in the string. This is because it's
1741# rare to need "any one character", but needing a literal '.' is common
1742# (e.g. '-f "DTLS 1.2"').
1743need_grep=
1744case "$FILTER" in
1745 '^$') simple_filter=;;
1746 '.*') simple_filter='*';;
Gilles Peskineb09e0012020-09-29 23:48:39 +02001747 *[][$+*?\\^{\|}]*) # Regexp special characters (other than .), we need grep
Gilles Peskine9fa4ed62020-08-26 22:35:46 +02001748 need_grep=1;;
1749 *) # No regexp or shell-pattern special character
1750 simple_filter="*$FILTER*";;
1751esac
1752case "$EXCLUDE" in
1753 '^$') simple_exclude=;;
1754 '.*') simple_exclude='*';;
Gilles Peskineb09e0012020-09-29 23:48:39 +02001755 *[][$+*?\\^{\|}]*) # Regexp special characters (other than .), we need grep
Gilles Peskine9fa4ed62020-08-26 22:35:46 +02001756 need_grep=1;;
1757 *) # No regexp or shell-pattern special character
1758 simple_exclude="*$EXCLUDE*";;
1759esac
1760if [ -n "$need_grep" ]; then
1761 is_excluded () {
1762 ! echo "$1" | grep "$FILTER" | grep -q -v "$EXCLUDE"
1763 }
1764else
1765 is_excluded () {
1766 case "$1" in
1767 $simple_exclude) true;;
1768 $simple_filter) false;;
1769 *) true;;
1770 esac
1771 }
1772fi
1773
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +01001774# sanity checks, avoid an avalanche of errors
Hanno Becker4ac73e72017-10-23 15:27:37 +01001775P_SRV_BIN="${P_SRV%%[ ]*}"
1776P_CLI_BIN="${P_CLI%%[ ]*}"
1777P_PXY_BIN="${P_PXY%%[ ]*}"
Hanno Becker17c04932017-10-10 14:44:53 +01001778if [ ! -x "$P_SRV_BIN" ]; then
1779 echo "Command '$P_SRV_BIN' is not an executable file"
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +01001780 exit 1
1781fi
Hanno Becker17c04932017-10-10 14:44:53 +01001782if [ ! -x "$P_CLI_BIN" ]; then
1783 echo "Command '$P_CLI_BIN' is not an executable file"
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +01001784 exit 1
1785fi
Hanno Becker17c04932017-10-10 14:44:53 +01001786if [ ! -x "$P_PXY_BIN" ]; then
1787 echo "Command '$P_PXY_BIN' is not an executable file"
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +02001788 exit 1
1789fi
Simon Butcher3c0d7b82016-05-23 11:13:17 +01001790if [ "$MEMCHECK" -gt 0 ]; then
1791 if which valgrind >/dev/null 2>&1; then :; else
1792 echo "Memcheck not possible. Valgrind not found"
1793 exit 1
1794 fi
1795fi
Manuel Pégourié-Gonnardc5722462022-12-19 11:42:12 +01001796if which $OPENSSL >/dev/null 2>&1; then :; else
1797 echo "Command '$OPENSSL' not found"
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +01001798 exit 1
1799fi
1800
Manuel Pégourié-Gonnard32f8f4d2014-05-29 11:31:20 +02001801# used by watchdog
1802MAIN_PID="$$"
1803
Manuel Pégourié-Gonnard0d225da2018-01-22 10:22:09 +01001804# We use somewhat arbitrary delays for tests:
1805# - how long do we wait for the server to start (when lsof not available)?
1806# - how long do we allow for the client to finish?
1807# (not to check performance, just to avoid waiting indefinitely)
1808# Things are slower with valgrind, so give extra time here.
1809#
1810# Note: without lsof, there is a trade-off between the running time of this
1811# script and the risk of spurious errors because we didn't wait long enough.
1812# The watchdog delay on the other hand doesn't affect normal running time of
1813# the script, only the case where a client or server gets stuck.
Manuel Pégourié-Gonnard0c1ec472014-06-20 18:41:11 +02001814if [ "$MEMCHECK" -gt 0 ]; then
Manuel Pégourié-Gonnard0d225da2018-01-22 10:22:09 +01001815 START_DELAY=6
1816 DOG_DELAY=60
Manuel Pégourié-Gonnard0c1ec472014-06-20 18:41:11 +02001817else
Manuel Pégourié-Gonnard0d225da2018-01-22 10:22:09 +01001818 START_DELAY=2
1819 DOG_DELAY=20
Manuel Pégourié-Gonnard0c1ec472014-06-20 18:41:11 +02001820fi
Manuel Pégourié-Gonnard0d225da2018-01-22 10:22:09 +01001821
1822# some particular tests need more time:
1823# - for the client, we multiply the usual watchdog limit by a factor
1824# - for the server, we sleep for a number of seconds after the client exits
1825# see client_need_more_time() and server_needs_more_time()
Manuel Pégourié-Gonnarda0719722014-09-20 12:46:27 +02001826CLI_DELAY_FACTOR=1
Janos Follath74537a62016-09-02 13:45:28 +01001827SRV_DELAY_SECONDS=0
Manuel Pégourié-Gonnard0c1ec472014-06-20 18:41:11 +02001828
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02001829# fix commands to use this port, force IPv4 while at it
Manuel Pégourié-Gonnard0af1ba32015-01-21 11:44:33 +00001830# +SRV_PORT will be replaced by either $SRV_PORT or $PXY_PORT later
Paul Elliott04217152021-10-12 16:10:37 +01001831# Note: Using 'localhost' rather than 127.0.0.1 here is unwise, as on many
1832# machines that will resolve to ::1, and we don't want ipv6 here.
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +02001833P_SRV="$P_SRV server_addr=127.0.0.1 server_port=$SRV_PORT"
1834P_CLI="$P_CLI server_addr=127.0.0.1 server_port=+SRV_PORT"
Andres AGf04f54d2016-10-10 15:46:20 +01001835P_PXY="$P_PXY server_addr=127.0.0.1 server_port=$SRV_PORT listen_addr=127.0.0.1 listen_port=$PXY_PORT ${SEED:+"seed=$SEED"}"
Gilles Peskine96f5bae2021-04-01 14:00:11 +02001836O_SRV="$O_SRV -accept $SRV_PORT"
Paul Elliott04217152021-10-12 16:10:37 +01001837O_CLI="$O_CLI -connect 127.0.0.1:+SRV_PORT"
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +02001838G_SRV="$G_SRV -p $SRV_PORT"
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02001839G_CLI="$G_CLI -p +SRV_PORT"
Manuel Pégourié-Gonnard8066b812014-05-28 22:59:30 +02001840
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02001841if [ -n "${OPENSSL_LEGACY:-}" ]; then
1842 O_LEGACY_SRV="$O_LEGACY_SRV -accept $SRV_PORT -dhparam data_files/dhparams.pem"
Paul Elliott04217152021-10-12 16:10:37 +01001843 O_LEGACY_CLI="$O_LEGACY_CLI -connect 127.0.0.1:+SRV_PORT"
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02001844fi
1845
Gilles Peskine4bdb9fb2022-11-24 22:21:15 +01001846# Newer versions of OpenSSL have a syntax to enable all "ciphers", even
1847# low-security ones. This covers not just cipher suites but also protocol
1848# versions. It is necessary, for example, to use (D)TLS 1.0/1.1 on
1849# OpenSSL 1.1.1f from Ubuntu 20.04. The syntax was only introduced in
1850# OpenSSL 1.1.0 (21e0c1d23afff48601eb93135defddae51f7e2e3) and I can't find
1851# a way to discover it from -help, so check the openssl version.
Manuel Pégourié-Gonnardc5722462022-12-19 11:42:12 +01001852case $($OPENSSL version) in
Gilles Peskine4bdb9fb2022-11-24 22:21:15 +01001853 "OpenSSL 0"*|"OpenSSL 1.0"*) :;;
1854 *)
1855 O_CLI="$O_CLI -cipher ALL@SECLEVEL=0"
1856 O_SRV="$O_SRV -cipher ALL@SECLEVEL=0"
1857 ;;
1858esac
1859
Jerry Yued2ef2d2021-08-19 18:11:43 +08001860if [ -n "${OPENSSL_NEXT:-}" ]; then
1861 O_NEXT_SRV="$O_NEXT_SRV -accept $SRV_PORT"
Jerry Yu305bfc32021-11-24 16:04:47 +08001862 O_NEXT_SRV_NO_CERT="$O_NEXT_SRV_NO_CERT -accept $SRV_PORT"
Xiaokang Qianb0c32d82022-11-02 10:51:13 +00001863 O_NEXT_SRV_EARLY_DATA="$O_NEXT_SRV_EARLY_DATA -accept $SRV_PORT"
Paul Elliott04217152021-10-12 16:10:37 +01001864 O_NEXT_CLI="$O_NEXT_CLI -connect 127.0.0.1:+SRV_PORT"
XiaokangQiand5d5b602022-05-23 09:16:20 +00001865 O_NEXT_CLI_NO_CERT="$O_NEXT_CLI_NO_CERT -connect 127.0.0.1:+SRV_PORT"
Jerry Yued2ef2d2021-08-19 18:11:43 +08001866fi
1867
Hanno Becker58e9dc32018-08-17 15:53:21 +01001868if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02001869 G_NEXT_SRV="$G_NEXT_SRV -p $SRV_PORT"
Jerry Yu305bfc32021-11-24 16:04:47 +08001870 G_NEXT_SRV_NO_CERT="$G_NEXT_SRV_NO_CERT -p $SRV_PORT"
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02001871fi
1872
Hanno Becker58e9dc32018-08-17 15:53:21 +01001873if [ -n "${GNUTLS_NEXT_CLI:-}" ]; then
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02001874 G_NEXT_CLI="$G_NEXT_CLI -p +SRV_PORT"
Jerry Yub7c12a42022-06-12 20:53:02 +08001875 G_NEXT_CLI_NO_CERT="$G_NEXT_CLI_NO_CERT -p +SRV_PORT localhost"
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02001876fi
Manuel Pégourié-Gonnardc1da6642014-02-25 14:18:30 +01001877
Gilles Peskine62469d92017-05-10 10:13:59 +02001878# Allow SHA-1, because many of our test certificates use it
1879P_SRV="$P_SRV allow_sha1=1"
1880P_CLI="$P_CLI allow_sha1=1"
1881
Manuel Pégourié-Gonnardbc3b16c2014-05-28 23:06:50 +02001882# Also pick a unique name for intermediate files
1883SRV_OUT="srv_out.$$"
1884CLI_OUT="cli_out.$$"
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +02001885PXY_OUT="pxy_out.$$"
Manuel Pégourié-Gonnardbc3b16c2014-05-28 23:06:50 +02001886SESSION="session.$$"
1887
Manuel Pégourié-Gonnard6f4fbbb2014-08-14 14:31:29 +02001888SKIP_NEXT="NO"
1889
Manuel Pégourié-Gonnardc1da6642014-02-25 14:18:30 +01001890trap cleanup INT TERM HUP
1891
Manuel Pégourié-Gonnarde73b2632014-07-12 04:00:00 +02001892# Basic test
1893
Manuel Pégourié-Gonnard480905d2014-08-21 19:38:32 +02001894# Checks that:
1895# - things work with all ciphersuites active (used with config-full in all.sh)
Gilles Peskine799eee62021-06-02 22:14:15 +02001896# - the expected parameters are selected
Jerry Yuab082902021-12-23 18:02:22 +08001897requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine35615262022-02-25 19:50:38 +01001898requires_ciphersuite_enabled TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256
Andrzej Kurek934e9cd2022-09-05 14:44:46 -04001899requires_hash_alg SHA_512 # "signature_algorithm ext: 6"
Gilles Peskine1438e162022-04-05 22:00:32 +02001900requires_config_enabled MBEDTLS_ECP_DP_CURVE25519_ENABLED
Manuel Pégourié-Gonnarde73b2632014-07-12 04:00:00 +02001901run_test "Default" \
Manuel Pégourié-Gonnard480905d2014-08-21 19:38:32 +02001902 "$P_SRV debug_level=3" \
Manuel Pégourié-Gonnarde73b2632014-07-12 04:00:00 +02001903 "$P_CLI" \
1904 0 \
Manuel Pégourié-Gonnard480905d2014-08-21 19:38:32 +02001905 -s "Protocol is TLSv1.2" \
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +02001906 -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256" \
Manuel Pégourié-Gonnard480905d2014-08-21 19:38:32 +02001907 -s "client hello v3, signature_algorithm ext: 6" \
Gilles Peskine799eee62021-06-02 22:14:15 +02001908 -s "ECDHE curve: x25519" \
Manuel Pégourié-Gonnard480905d2014-08-21 19:38:32 +02001909 -S "error" \
1910 -C "error"
Manuel Pégourié-Gonnarde73b2632014-07-12 04:00:00 +02001911
Jerry Yuab082902021-12-23 18:02:22 +08001912requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine35615262022-02-25 19:50:38 +01001913requires_ciphersuite_enabled TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256
Manuel Pégourié-Gonnard3bb08012015-01-22 13:34:21 +00001914run_test "Default, DTLS" \
1915 "$P_SRV dtls=1" \
1916 "$P_CLI dtls=1" \
1917 0 \
1918 -s "Protocol is DTLSv1.2" \
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +02001919 -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256"
Manuel Pégourié-Gonnard3bb08012015-01-22 13:34:21 +00001920
Jerry Yuab082902021-12-23 18:02:22 +08001921requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker721f7c12020-08-17 12:17:32 +01001922run_test "TLS client auth: required" \
1923 "$P_SRV auth_mode=required" \
1924 "$P_CLI" \
1925 0 \
1926 -s "Verifying peer X.509 certificate... ok"
1927
Jerry Yuab082902021-12-23 18:02:22 +08001928requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Glenn Strauss6eef5632022-01-23 08:37:02 -05001929run_test "key size: TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
1930 "$P_SRV" \
1931 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
1932 0 \
1933 -c "Ciphersuite is TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
1934 -c "Key size is 256"
1935
Jerry Yuab082902021-12-23 18:02:22 +08001936requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Glenn Strauss6eef5632022-01-23 08:37:02 -05001937run_test "key size: TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
1938 "$P_SRV" \
1939 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
1940 0 \
1941 -c "Ciphersuite is TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
1942 -c "Key size is 128"
1943
Jerry Yuab082902021-12-23 18:02:22 +08001944requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker2f54a3c2020-08-17 12:14:06 +01001945requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
Andrzej Kurek934e9cd2022-09-05 14:44:46 -04001946requires_hash_alg SHA_256
Hanno Becker2f54a3c2020-08-17 12:14:06 +01001947run_test "TLS: password protected client key" \
1948 "$P_SRV auth_mode=required" \
1949 "$P_CLI crt_file=data_files/server5.crt key_file=data_files/server5.key.enc key_pwd=PolarSSLTest" \
1950 0
1951
Jerry Yuab082902021-12-23 18:02:22 +08001952requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker2f54a3c2020-08-17 12:14:06 +01001953requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
Andrzej Kurek934e9cd2022-09-05 14:44:46 -04001954requires_hash_alg SHA_256
Hanno Becker2f54a3c2020-08-17 12:14:06 +01001955run_test "TLS: password protected server key" \
1956 "$P_SRV crt_file=data_files/server5.crt key_file=data_files/server5.key.enc key_pwd=PolarSSLTest" \
1957 "$P_CLI" \
1958 0
1959
Jerry Yuab082902021-12-23 18:02:22 +08001960requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker2f54a3c2020-08-17 12:14:06 +01001961requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
Hanno Becker2f54a3c2020-08-17 12:14:06 +01001962requires_config_enabled MBEDTLS_RSA_C
Andrzej Kurek934e9cd2022-09-05 14:44:46 -04001963requires_hash_alg SHA_256
Hanno Becker2f54a3c2020-08-17 12:14:06 +01001964run_test "TLS: password protected server key, two certificates" \
1965 "$P_SRV \
1966 key_file=data_files/server5.key.enc key_pwd=PolarSSLTest crt_file=data_files/server5.crt \
1967 key_file2=data_files/server2.key.enc key_pwd2=PolarSSLTest crt_file2=data_files/server2.crt" \
1968 "$P_CLI" \
1969 0
1970
Jerry Yuab082902021-12-23 18:02:22 +08001971requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker746aaf32019-03-28 15:25:23 +00001972requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
1973run_test "CA callback on client" \
1974 "$P_SRV debug_level=3" \
1975 "$P_CLI ca_callback=1 debug_level=3 " \
1976 0 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01001977 -c "use CA callback for X.509 CRT verification" \
Hanno Becker746aaf32019-03-28 15:25:23 +00001978 -S "error" \
1979 -C "error"
1980
Jerry Yuab082902021-12-23 18:02:22 +08001981requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker746aaf32019-03-28 15:25:23 +00001982requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
1983requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
Andrzej Kurek934e9cd2022-09-05 14:44:46 -04001984requires_hash_alg SHA_256
Hanno Becker746aaf32019-03-28 15:25:23 +00001985run_test "CA callback on server" \
1986 "$P_SRV auth_mode=required" \
1987 "$P_CLI ca_callback=1 debug_level=3 crt_file=data_files/server5.crt \
1988 key_file=data_files/server5.key" \
1989 0 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01001990 -c "use CA callback for X.509 CRT verification" \
Hanno Becker746aaf32019-03-28 15:25:23 +00001991 -s "Verifying peer X.509 certificate... ok" \
1992 -S "error" \
1993 -C "error"
1994
Neil Armstrong3e9a1422022-03-21 10:03:46 +01001995# Test using an EC opaque private key for client authentication
Jerry Yuab082902021-12-23 18:02:22 +08001996requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnardcfdf8f42018-11-08 09:52:25 +01001997requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
1998requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
Valerio Settid1f991c2023-02-22 12:54:13 +01001999requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
Andrzej Kurek934e9cd2022-09-05 14:44:46 -04002000requires_hash_alg SHA_256
Neil Armstrong1948a202022-06-30 18:05:57 +02002001run_test "Opaque key for client authentication: ECDHE-ECDSA" \
Przemyslaw Stekielbb5d4832021-10-26 12:25:27 +02002002 "$P_SRV auth_mode=required crt_file=data_files/server5.crt \
2003 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnardcfdf8f42018-11-08 09:52:25 +01002004 "$P_CLI key_opaque=1 crt_file=data_files/server5.crt \
Neil Armstrong36b02232022-06-30 11:16:53 +02002005 key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none" \
Manuel Pégourié-Gonnardcfdf8f42018-11-08 09:52:25 +01002006 0 \
2007 -c "key type: Opaque" \
Przemyslaw Stekielbb5d4832021-10-26 12:25:27 +02002008 -c "Ciphersuite is TLS-ECDHE-ECDSA" \
Manuel Pégourié-Gonnardcfdf8f42018-11-08 09:52:25 +01002009 -s "Verifying peer X.509 certificate... ok" \
Przemyslaw Stekielbb5d4832021-10-26 12:25:27 +02002010 -s "Ciphersuite is TLS-ECDHE-ECDSA" \
Manuel Pégourié-Gonnardcfdf8f42018-11-08 09:52:25 +01002011 -S "error" \
2012 -C "error"
2013
Neil Armstrong3e9a1422022-03-21 10:03:46 +01002014# Test using a RSA opaque private key for client authentication
2015requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
2016requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
2017requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
Neil Armstrong3e9a1422022-03-21 10:03:46 +01002018requires_config_enabled MBEDTLS_RSA_C
valeriof27472b2023-03-09 16:19:35 +01002019requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
Andrzej Kurek934e9cd2022-09-05 14:44:46 -04002020requires_hash_alg SHA_256
Neil Armstrong1948a202022-06-30 18:05:57 +02002021run_test "Opaque key for client authentication: ECDHE-RSA" \
Neil Armstrong3e9a1422022-03-21 10:03:46 +01002022 "$P_SRV auth_mode=required crt_file=data_files/server2-sha256.crt \
2023 key_file=data_files/server2.key" \
2024 "$P_CLI key_opaque=1 crt_file=data_files/server2-sha256.crt \
Neil Armstrong36b02232022-06-30 11:16:53 +02002025 key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \
Neil Armstrong3e9a1422022-03-21 10:03:46 +01002026 0 \
2027 -c "key type: Opaque" \
2028 -c "Ciphersuite is TLS-ECDHE-RSA" \
2029 -s "Verifying peer X.509 certificate... ok" \
2030 -s "Ciphersuite is TLS-ECDHE-RSA" \
2031 -S "error" \
2032 -C "error"
2033
Neil Armstronga4dbfdd2022-03-21 10:11:07 +01002034requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
2035requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
2036requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
2037requires_config_enabled MBEDTLS_RSA_C
Andrzej Kurek934e9cd2022-09-05 14:44:46 -04002038requires_hash_alg SHA_256
Neil Armstrong1948a202022-06-30 18:05:57 +02002039run_test "Opaque key for client authentication: DHE-RSA" \
Neil Armstronga4dbfdd2022-03-21 10:11:07 +01002040 "$P_SRV auth_mode=required crt_file=data_files/server2-sha256.crt \
2041 key_file=data_files/server2.key" \
2042 "$P_CLI key_opaque=1 crt_file=data_files/server2-sha256.crt \
Neil Armstrong36b02232022-06-30 11:16:53 +02002043 key_file=data_files/server2.key force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
2044 key_opaque_algs=rsa-sign-pkcs1,none" \
Neil Armstronga4dbfdd2022-03-21 10:11:07 +01002045 0 \
2046 -c "key type: Opaque" \
2047 -c "Ciphersuite is TLS-DHE-RSA" \
2048 -s "Verifying peer X.509 certificate... ok" \
2049 -s "Ciphersuite is TLS-DHE-RSA" \
2050 -S "error" \
2051 -C "error"
2052
Neil Armstrong3e9a1422022-03-21 10:03:46 +01002053# Test using an EC opaque private key for server authentication
Jerry Yuab082902021-12-23 18:02:22 +08002054requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Przemyslaw Stekiel0483e3d2021-10-04 11:13:22 +02002055requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
2056requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
Valerio Settid1f991c2023-02-22 12:54:13 +01002057requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
Andrzej Kurek934e9cd2022-09-05 14:44:46 -04002058requires_hash_alg SHA_256
Neil Armstrong1948a202022-06-30 18:05:57 +02002059run_test "Opaque key for server authentication: ECDHE-ECDSA" \
Neil Armstrong7999cb32022-07-01 09:51:33 +02002060 "$P_SRV key_opaque=1 crt_file=data_files/server5.crt \
Neil Armstrong36b02232022-06-30 11:16:53 +02002061 key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none" \
Neil Armstrong7999cb32022-07-01 09:51:33 +02002062 "$P_CLI" \
Przemyslaw Stekiel0483e3d2021-10-04 11:13:22 +02002063 0 \
2064 -c "Verifying peer X.509 certificate... ok" \
Przemyslaw Stekielbb5d4832021-10-26 12:25:27 +02002065 -c "Ciphersuite is TLS-ECDHE-ECDSA" \
Gilles Peskine05bf89d2022-01-25 17:50:25 +01002066 -s "key types: Opaque, none" \
Przemyslaw Stekielbb5d4832021-10-26 12:25:27 +02002067 -s "Ciphersuite is TLS-ECDHE-ECDSA" \
Przemyslaw Stekiel0483e3d2021-10-04 11:13:22 +02002068 -S "error" \
2069 -C "error"
2070
Neil Armstrong023bf8d2022-03-23 14:04:04 +01002071requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
2072requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
2073requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
Andrzej Kurek934e9cd2022-09-05 14:44:46 -04002074requires_hash_alg SHA_256
Neil Armstrong1948a202022-06-30 18:05:57 +02002075run_test "Opaque key for server authentication: ECDH-" \
Neil Armstrongb7b549a2022-03-25 15:13:02 +01002076 "$P_SRV force_version=tls12 auth_mode=required key_opaque=1\
2077 crt_file=data_files/server5.ku-ka.crt\
Neil Armstrong1948a202022-06-30 18:05:57 +02002078 key_file=data_files/server5.key key_opaque_algs=ecdh,none" \
Neil Armstrong023bf8d2022-03-23 14:04:04 +01002079 "$P_CLI" \
2080 0 \
2081 -c "Verifying peer X.509 certificate... ok" \
2082 -c "Ciphersuite is TLS-ECDH-" \
2083 -s "key types: Opaque, none" \
2084 -s "Ciphersuite is TLS-ECDH-" \
2085 -S "error" \
2086 -C "error"
2087
Neil Armstrong1948a202022-06-30 18:05:57 +02002088requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
2089requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
2090requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
Andrzej Kurekd6817462022-09-06 14:32:00 -04002091requires_config_disabled MBEDTLS_SSL_ASYNC_PRIVATE
Andrzej Kurek934e9cd2022-09-05 14:44:46 -04002092requires_hash_alg SHA_256
Andrzej Kurekd6817462022-09-06 14:32:00 -04002093run_test "Opaque key for server authentication: invalid key: decrypt with ECC key, no async" \
2094 "$P_SRV key_opaque=1 crt_file=data_files/server5.crt \
2095 key_file=data_files/server5.key key_opaque_algs=rsa-decrypt,none \
2096 debug_level=1" \
2097 "$P_CLI" \
2098 1 \
2099 -s "key types: Opaque, none" \
2100 -s "error" \
2101 -c "error" \
2102 -c "Public key type mismatch"
2103
2104requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
2105requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
2106requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
2107requires_config_enabled MBEDTLS_ECDSA_C
2108requires_config_enabled MBEDTLS_RSA_C
2109requires_config_disabled MBEDTLS_SSL_ASYNC_PRIVATE
2110requires_hash_alg SHA_256
2111run_test "Opaque key for server authentication: invalid key: ecdh with RSA key, no async" \
2112 "$P_SRV key_opaque=1 crt_file=data_files/server2-sha256.crt \
2113 key_file=data_files/server2.key key_opaque_algs=ecdh,none \
2114 debug_level=1" \
2115 "$P_CLI" \
2116 1 \
2117 -s "key types: Opaque, none" \
2118 -s "error" \
2119 -c "error" \
2120 -c "Public key type mismatch"
2121
2122requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
2123requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
2124requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
Andrzej Kurekd6817462022-09-06 14:32:00 -04002125requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
2126requires_hash_alg SHA_256
2127run_test "Opaque key for server authentication: invalid alg: decrypt with ECC key, async" \
Neil Armstrong7999cb32022-07-01 09:51:33 +02002128 "$P_SRV key_opaque=1 crt_file=data_files/server5.crt \
Neil Armstrong36b02232022-06-30 11:16:53 +02002129 key_file=data_files/server5.key key_opaque_algs=rsa-decrypt,none \
2130 debug_level=1" \
Neil Armstrong7999cb32022-07-01 09:51:33 +02002131 "$P_CLI" \
Neil Armstrong36b02232022-06-30 11:16:53 +02002132 1 \
2133 -s "key types: Opaque, none" \
2134 -s "got ciphersuites in common, but none of them usable" \
2135 -s "error" \
2136 -c "error"
2137
2138requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
2139requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
2140requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
Neil Armstrongeb4390b2022-05-27 10:26:02 +02002141requires_config_enabled MBEDTLS_RSA_C
Andrzej Kurekd6817462022-09-06 14:32:00 -04002142requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Andrzej Kurek934e9cd2022-09-05 14:44:46 -04002143requires_hash_alg SHA_256
Andrzej Kurekd6817462022-09-06 14:32:00 -04002144run_test "Opaque key for server authentication: invalid alg: ecdh with RSA key, async" \
Neil Armstrong7999cb32022-07-01 09:51:33 +02002145 "$P_SRV key_opaque=1 crt_file=data_files/server2-sha256.crt \
Neil Armstrongeb4390b2022-05-27 10:26:02 +02002146 key_file=data_files/server2.key key_opaque_algs=ecdh,none \
2147 debug_level=1" \
Neil Armstrong7999cb32022-07-01 09:51:33 +02002148 "$P_CLI" \
Neil Armstrongeb4390b2022-05-27 10:26:02 +02002149 1 \
2150 -s "key types: Opaque, none" \
2151 -s "got ciphersuites in common, but none of them usable" \
2152 -s "error" \
2153 -c "error"
2154
2155requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
2156requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
2157requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
Andrzej Kurek934e9cd2022-09-05 14:44:46 -04002158requires_hash_alg SHA_256
Neil Armstrong36b02232022-06-30 11:16:53 +02002159requires_config_enabled MBEDTLS_CCM_C
Neil Armstrong1948a202022-06-30 18:05:57 +02002160run_test "Opaque key for server authentication: invalid alg: ECDHE-ECDSA with ecdh" \
Neil Armstrong7999cb32022-07-01 09:51:33 +02002161 "$P_SRV key_opaque=1 crt_file=data_files/server5.crt \
Neil Armstrong36b02232022-06-30 11:16:53 +02002162 key_file=data_files/server5.key key_opaque_algs=ecdh,none \
2163 debug_level=1" \
Neil Armstrong7999cb32022-07-01 09:51:33 +02002164 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \
Neil Armstrong36b02232022-06-30 11:16:53 +02002165 1 \
2166 -s "key types: Opaque, none" \
2167 -s "got ciphersuites in common, but none of them usable" \
2168 -s "error" \
2169 -c "error"
2170
Neil Armstrong167d82c2022-06-30 11:32:00 +02002171requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
2172requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
2173requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
Valerio Settid1f991c2023-02-22 12:54:13 +01002174requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
Andrzej Kurek934e9cd2022-09-05 14:44:46 -04002175requires_hash_alg SHA_256
Neil Armstrongc67e6e92022-07-01 15:48:10 +02002176requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Neil Armstrong4b102092022-07-01 09:42:29 +02002177run_test "Opaque keys for server authentication: EC keys with different algs, force ECDHE-ECDSA" \
Neil Armstrong7999cb32022-07-01 09:51:33 +02002178 "$P_SRV key_opaque=1 crt_file=data_files/server7.crt \
Neil Armstrong4b102092022-07-01 09:42:29 +02002179 key_file=data_files/server7.key key_opaque_algs=ecdh,none \
Neil Armstrong167d82c2022-06-30 11:32:00 +02002180 crt_file2=data_files/server5.crt key_file2=data_files/server5.key \
2181 key_opaque_algs2=ecdsa-sign,none" \
Neil Armstrong7999cb32022-07-01 09:51:33 +02002182 "$P_CLI" \
Neil Armstrong167d82c2022-06-30 11:32:00 +02002183 0 \
2184 -c "Verifying peer X.509 certificate... ok" \
2185 -c "Ciphersuite is TLS-ECDHE-ECDSA" \
Neil Armstrong4b102092022-07-01 09:42:29 +02002186 -c "CN=Polarssl Test EC CA" \
Neil Armstrong167d82c2022-06-30 11:32:00 +02002187 -s "key types: Opaque, Opaque" \
2188 -s "Ciphersuite is TLS-ECDHE-ECDSA" \
2189 -S "error" \
2190 -C "error"
2191
2192requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
2193requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
2194requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
Andrzej Kurek934e9cd2022-09-05 14:44:46 -04002195requires_hash_alg SHA_384
Neil Armstrongc67e6e92022-07-01 15:48:10 +02002196requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Neil Armstrong4b102092022-07-01 09:42:29 +02002197run_test "Opaque keys for server authentication: EC keys with different algs, force ECDH-ECDSA" \
Neil Armstrong7999cb32022-07-01 09:51:33 +02002198 "$P_SRV key_opaque=1 crt_file=data_files/server7.crt \
Neil Armstrong4b102092022-07-01 09:42:29 +02002199 key_file=data_files/server7.key key_opaque_algs=ecdsa-sign,none \
2200 crt_file2=data_files/server5.crt key_file2=data_files/server5.key \
2201 key_opaque_algs2=ecdh,none debug_level=3" \
Neil Armstrong7999cb32022-07-01 09:51:33 +02002202 "$P_CLI force_ciphersuite=TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384" \
Neil Armstrong4b102092022-07-01 09:42:29 +02002203 0 \
2204 -c "Verifying peer X.509 certificate... ok" \
2205 -c "Ciphersuite is TLS-ECDH-ECDSA" \
2206 -c "CN=Polarssl Test EC CA" \
2207 -s "key types: Opaque, Opaque" \
2208 -s "Ciphersuite is TLS-ECDH-ECDSA" \
2209 -S "error" \
2210 -C "error"
2211
2212requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
2213requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
2214requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
Andrzej Kurek934e9cd2022-09-05 14:44:46 -04002215requires_hash_alg SHA_384
Neil Armstrong167d82c2022-06-30 11:32:00 +02002216requires_config_enabled MBEDTLS_CCM_C
Neil Armstrongc67e6e92022-07-01 15:48:10 +02002217requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Neil Armstrong1948a202022-06-30 18:05:57 +02002218run_test "Opaque keys for server authentication: EC + RSA, force ECDHE-ECDSA" \
Neil Armstrong7999cb32022-07-01 09:51:33 +02002219 "$P_SRV key_opaque=1 crt_file=data_files/server5.crt \
Neil Armstrong167d82c2022-06-30 11:32:00 +02002220 key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none \
2221 crt_file2=data_files/server2-sha256.crt \
2222 key_file2=data_files/server2.key key_opaque_algs2=rsa-sign-pkcs1,none" \
Neil Armstrong7999cb32022-07-01 09:51:33 +02002223 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \
Neil Armstrong167d82c2022-06-30 11:32:00 +02002224 0 \
2225 -c "Verifying peer X.509 certificate... ok" \
2226 -c "Ciphersuite is TLS-ECDHE-ECDSA" \
Neil Armstrong4b102092022-07-01 09:42:29 +02002227 -c "CN=Polarssl Test EC CA" \
Neil Armstrong167d82c2022-06-30 11:32:00 +02002228 -s "key types: Opaque, Opaque" \
2229 -s "Ciphersuite is TLS-ECDHE-ECDSA" \
2230 -S "error" \
2231 -C "error"
2232
Przemek Stekielc454aba2022-07-07 09:56:13 +02002233requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2234requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
2235requires_config_enabled MBEDTLS_RSA_C
Jerry Yuddda0502022-12-01 19:43:12 +08002236requires_config_enabled MBEDTLS_SSL_SRV_C
2237requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron6ec21232022-09-16 16:41:53 +02002238run_test "TLS 1.3 opaque key: no suitable algorithm found" \
Ronald Cron277cdcb2022-09-16 16:57:20 +02002239 "$P_SRV debug_level=4 force_version=tls13 auth_mode=required key_opaque=1 key_opaque_algs=rsa-decrypt,none" \
Ronald Crone3196d22022-09-16 16:43:35 +02002240 "$P_CLI debug_level=4 key_opaque=1 key_opaque_algs=rsa-decrypt,rsa-sign-pss" \
Przemek Stekielc454aba2022-07-07 09:56:13 +02002241 1 \
Przemek Stekielc454aba2022-07-07 09:56:13 +02002242 -s "The SSL configuration is tls13 only" \
2243 -c "key type: Opaque" \
2244 -s "key types: Opaque, Opaque" \
2245 -c "error" \
Ronald Cron067a1e72022-09-16 13:44:49 +02002246 -s "no suitable signature algorithm"
Przemek Stekielc454aba2022-07-07 09:56:13 +02002247
2248requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2249requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
2250requires_config_enabled MBEDTLS_RSA_C
Jerry Yuddda0502022-12-01 19:43:12 +08002251requires_config_enabled MBEDTLS_SSL_SRV_C
2252requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron6ec21232022-09-16 16:41:53 +02002253run_test "TLS 1.3 opaque key: suitable algorithm found" \
Ronald Cron277cdcb2022-09-16 16:57:20 +02002254 "$P_SRV debug_level=4 force_version=tls13 auth_mode=required key_opaque=1 key_opaque_algs=rsa-decrypt,rsa-sign-pss" \
Ronald Crone3196d22022-09-16 16:43:35 +02002255 "$P_CLI debug_level=4 key_opaque=1 key_opaque_algs=rsa-decrypt,rsa-sign-pss" \
Przemek Stekielc454aba2022-07-07 09:56:13 +02002256 0 \
Przemek Stekielc454aba2022-07-07 09:56:13 +02002257 -s "The SSL configuration is tls13 only" \
2258 -c "key type: Opaque" \
2259 -s "key types: Opaque, Opaque" \
2260 -C "error" \
Jerry Yuddda0502022-12-01 19:43:12 +08002261 -S "error"
Przemek Stekielc454aba2022-07-07 09:56:13 +02002262
2263requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2264requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
2265requires_config_enabled MBEDTLS_RSA_C
Jerry Yuddda0502022-12-01 19:43:12 +08002266requires_config_enabled MBEDTLS_SSL_SRV_C
2267requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron50969e32022-09-16 15:54:33 +02002268run_test "TLS 1.3 opaque key: first client sig alg not suitable" \
2269 "$P_SRV debug_level=4 force_version=tls13 auth_mode=required key_opaque=1 key_opaque_algs=rsa-sign-pss-sha512,none" \
2270 "$P_CLI debug_level=4 sig_algs=rsa_pss_rsae_sha256,rsa_pss_rsae_sha512" \
2271 0 \
2272 -s "The SSL configuration is tls13 only" \
2273 -s "key types: Opaque, Opaque" \
2274 -s "CertificateVerify signature failed with rsa_pss_rsae_sha256" \
2275 -s "CertificateVerify signature with rsa_pss_rsae_sha512" \
2276 -C "error" \
2277 -S "error" \
2278
2279requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
2280requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
2281requires_config_enabled MBEDTLS_RSA_C
Jerry Yuddda0502022-12-01 19:43:12 +08002282requires_config_enabled MBEDTLS_SSL_SRV_C
2283requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron6ec21232022-09-16 16:41:53 +02002284run_test "TLS 1.3 opaque key: 2 keys on server, suitable algorithm found" \
Ronald Cron277cdcb2022-09-16 16:57:20 +02002285 "$P_SRV debug_level=4 force_version=tls13 auth_mode=required key_opaque=1 key_opaque_algs2=ecdsa-sign,none key_opaque_algs=rsa-decrypt,rsa-sign-pss" \
Ronald Crone3196d22022-09-16 16:43:35 +02002286 "$P_CLI debug_level=4 key_opaque=1 key_opaque_algs=rsa-decrypt,rsa-sign-pss" \
Przemek Stekielc454aba2022-07-07 09:56:13 +02002287 0 \
Przemek Stekielc454aba2022-07-07 09:56:13 +02002288 -s "The SSL configuration is tls13 only" \
2289 -c "key type: Opaque" \
2290 -s "key types: Opaque, Opaque" \
2291 -C "error" \
2292 -S "error" \
2293
Neil Armstrong3e9a1422022-03-21 10:03:46 +01002294# Test using a RSA opaque private key for server authentication
2295requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
2296requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
2297requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
Neil Armstrong3e9a1422022-03-21 10:03:46 +01002298requires_config_enabled MBEDTLS_RSA_C
valeriof27472b2023-03-09 16:19:35 +01002299requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
Andrzej Kurek934e9cd2022-09-05 14:44:46 -04002300requires_hash_alg SHA_256
Neil Armstrong1948a202022-06-30 18:05:57 +02002301run_test "Opaque key for server authentication: ECDHE-RSA" \
Neil Armstrong7999cb32022-07-01 09:51:33 +02002302 "$P_SRV key_opaque=1 crt_file=data_files/server2-sha256.crt \
Neil Armstrong36b02232022-06-30 11:16:53 +02002303 key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \
Neil Armstrong7999cb32022-07-01 09:51:33 +02002304 "$P_CLI" \
Neil Armstrong3e9a1422022-03-21 10:03:46 +01002305 0 \
2306 -c "Verifying peer X.509 certificate... ok" \
2307 -c "Ciphersuite is TLS-ECDHE-RSA" \
2308 -s "key types: Opaque, none" \
2309 -s "Ciphersuite is TLS-ECDHE-RSA" \
2310 -S "error" \
2311 -C "error"
2312
Neil Armstronga4dbfdd2022-03-21 10:11:07 +01002313requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
2314requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
2315requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
Neil Armstronga4dbfdd2022-03-21 10:11:07 +01002316requires_config_enabled MBEDTLS_RSA_C
Andrzej Kurek934e9cd2022-09-05 14:44:46 -04002317requires_hash_alg SHA_256
Neil Armstrong1948a202022-06-30 18:05:57 +02002318run_test "Opaque key for server authentication: DHE-RSA" \
Neil Armstrong7999cb32022-07-01 09:51:33 +02002319 "$P_SRV key_opaque=1 crt_file=data_files/server2-sha256.crt \
Neil Armstrong36b02232022-06-30 11:16:53 +02002320 key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \
Neil Armstrong7999cb32022-07-01 09:51:33 +02002321 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
Neil Armstronga4dbfdd2022-03-21 10:11:07 +01002322 0 \
2323 -c "Verifying peer X.509 certificate... ok" \
2324 -c "Ciphersuite is TLS-DHE-RSA" \
2325 -s "key types: Opaque, none" \
2326 -s "Ciphersuite is TLS-DHE-RSA" \
2327 -S "error" \
2328 -C "error"
2329
Neil Armstrong36b02232022-06-30 11:16:53 +02002330requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
2331requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
2332requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
Neil Armstrong1948a202022-06-30 18:05:57 +02002333requires_config_enabled MBEDTLS_RSA_C
Andrzej Kurek934e9cd2022-09-05 14:44:46 -04002334requires_hash_alg SHA_256
Neil Armstrong1948a202022-06-30 18:05:57 +02002335run_test "Opaque key for server authentication: RSA-PSK" \
2336 "$P_SRV debug_level=1 key_opaque=1 key_opaque_algs=rsa-decrypt,none \
2337 psk=abc123 psk_identity=foo" \
2338 "$P_CLI force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256 \
2339 psk=abc123 psk_identity=foo" \
2340 0 \
2341 -c "Verifying peer X.509 certificate... ok" \
2342 -c "Ciphersuite is TLS-RSA-PSK-" \
2343 -s "key types: Opaque, Opaque" \
2344 -s "Ciphersuite is TLS-RSA-PSK-" \
2345 -S "error" \
2346 -C "error"
2347
2348requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
2349requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
2350requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
2351requires_config_enabled MBEDTLS_RSA_C
Andrzej Kurek934e9cd2022-09-05 14:44:46 -04002352requires_hash_alg SHA_256
Neil Armstrong1948a202022-06-30 18:05:57 +02002353run_test "Opaque key for server authentication: RSA-" \
2354 "$P_SRV debug_level=3 key_opaque=1 key_opaque_algs=rsa-decrypt,none " \
2355 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA256" \
2356 0 \
2357 -c "Verifying peer X.509 certificate... ok" \
2358 -c "Ciphersuite is TLS-RSA-" \
2359 -s "key types: Opaque, Opaque" \
2360 -s "Ciphersuite is TLS-RSA-" \
2361 -S "error" \
2362 -C "error"
2363
2364requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
2365requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
2366requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
Neil Armstrong36b02232022-06-30 11:16:53 +02002367requires_config_enabled MBEDTLS_RSA_C
Andrzej Kurek934e9cd2022-09-05 14:44:46 -04002368requires_hash_alg SHA_256
Neil Armstrong1948a202022-06-30 18:05:57 +02002369run_test "Opaque key for server authentication: DHE-RSA, PSS instead of PKCS1" \
Neil Armstrong36b02232022-06-30 11:16:53 +02002370 "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \
2371 key_file=data_files/server2.key key_opaque_algs=rsa-sign-pss,none debug_level=1" \
2372 "$P_CLI crt_file=data_files/server2-sha256.crt \
2373 key_file=data_files/server2.key force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
2374 1 \
2375 -s "key types: Opaque, none" \
2376 -s "got ciphersuites in common, but none of them usable" \
2377 -s "error" \
2378 -c "error"
2379
Neil Armstrong167d82c2022-06-30 11:32:00 +02002380requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
2381requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
2382requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
Neil Armstrong167d82c2022-06-30 11:32:00 +02002383requires_config_enabled MBEDTLS_RSA_C
Andrzej Kurek934e9cd2022-09-05 14:44:46 -04002384requires_hash_alg SHA_256
Neil Armstrongc67e6e92022-07-01 15:48:10 +02002385requires_config_disabled MBEDTLS_X509_REMOVE_INFO
valeriof27472b2023-03-09 16:19:35 +01002386requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
Neil Armstrong1948a202022-06-30 18:05:57 +02002387run_test "Opaque keys for server authentication: RSA keys with different algs" \
Neil Armstrong167d82c2022-06-30 11:32:00 +02002388 "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \
2389 key_file=data_files/server2.key key_opaque_algs=rsa-sign-pss,none \
Neil Armstrong4b102092022-07-01 09:42:29 +02002390 crt_file2=data_files/server4.crt \
2391 key_file2=data_files/server4.key key_opaque_algs2=rsa-sign-pkcs1,none" \
2392 "$P_CLI" \
Neil Armstrong167d82c2022-06-30 11:32:00 +02002393 0 \
2394 -c "Verifying peer X.509 certificate... ok" \
2395 -c "Ciphersuite is TLS-ECDHE-RSA" \
Neil Armstrong4b102092022-07-01 09:42:29 +02002396 -c "CN=Polarssl Test EC CA" \
Neil Armstrong167d82c2022-06-30 11:32:00 +02002397 -s "key types: Opaque, Opaque" \
2398 -s "Ciphersuite is TLS-ECDHE-RSA" \
2399 -S "error" \
2400 -C "error"
2401
2402requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
2403requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
2404requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
Neil Armstrong167d82c2022-06-30 11:32:00 +02002405requires_config_enabled MBEDTLS_RSA_C
Andrzej Kurek934e9cd2022-09-05 14:44:46 -04002406requires_hash_alg SHA_384
Neil Armstrong167d82c2022-06-30 11:32:00 +02002407requires_config_enabled MBEDTLS_GCM_C
Neil Armstrongc67e6e92022-07-01 15:48:10 +02002408requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Neil Armstrong1948a202022-06-30 18:05:57 +02002409run_test "Opaque keys for server authentication: EC + RSA, force DHE-RSA" \
Neil Armstrong167d82c2022-06-30 11:32:00 +02002410 "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \
2411 key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none \
Neil Armstrong4b102092022-07-01 09:42:29 +02002412 crt_file2=data_files/server4.crt \
2413 key_file2=data_files/server4.key key_opaque_algs2=rsa-sign-pkcs1,none" \
2414 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
Neil Armstrong167d82c2022-06-30 11:32:00 +02002415 0 \
2416 -c "Verifying peer X.509 certificate... ok" \
2417 -c "Ciphersuite is TLS-DHE-RSA" \
Neil Armstrong4b102092022-07-01 09:42:29 +02002418 -c "CN=Polarssl Test EC CA" \
Neil Armstrong167d82c2022-06-30 11:32:00 +02002419 -s "key types: Opaque, Opaque" \
2420 -s "Ciphersuite is TLS-DHE-RSA" \
2421 -S "error" \
2422 -C "error"
2423
Neil Armstrong3e9a1422022-03-21 10:03:46 +01002424# Test using an EC opaque private key for client/server authentication
Jerry Yuab082902021-12-23 18:02:22 +08002425requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Przemyslaw Stekiel575f23c2021-10-06 11:31:49 +02002426requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
2427requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
Valerio Settid1f991c2023-02-22 12:54:13 +01002428requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
Andrzej Kurek934e9cd2022-09-05 14:44:46 -04002429requires_hash_alg SHA_256
Neil Armstrong1948a202022-06-30 18:05:57 +02002430run_test "Opaque key for client/server authentication: ECDHE-ECDSA" \
Przemyslaw Stekielbb5d4832021-10-26 12:25:27 +02002431 "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server5.crt \
Neil Armstrong36b02232022-06-30 11:16:53 +02002432 key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none" \
Przemyslaw Stekiel575f23c2021-10-06 11:31:49 +02002433 "$P_CLI key_opaque=1 crt_file=data_files/server5.crt \
Neil Armstrong36b02232022-06-30 11:16:53 +02002434 key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none" \
Przemyslaw Stekiel575f23c2021-10-06 11:31:49 +02002435 0 \
2436 -c "key type: Opaque" \
2437 -c "Verifying peer X.509 certificate... ok" \
Przemyslaw Stekielbb5d4832021-10-26 12:25:27 +02002438 -c "Ciphersuite is TLS-ECDHE-ECDSA" \
Gilles Peskine05bf89d2022-01-25 17:50:25 +01002439 -s "key types: Opaque, none" \
Przemyslaw Stekiel575f23c2021-10-06 11:31:49 +02002440 -s "Verifying peer X.509 certificate... ok" \
Przemyslaw Stekielbb5d4832021-10-26 12:25:27 +02002441 -s "Ciphersuite is TLS-ECDHE-ECDSA" \
Simon Butcher8e004102016-10-14 00:48:33 +01002442 -S "error" \
2443 -C "error"
2444
Neil Armstrong3e9a1422022-03-21 10:03:46 +01002445# Test using a RSA opaque private key for client/server authentication
2446requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
2447requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
2448requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
Neil Armstrong3e9a1422022-03-21 10:03:46 +01002449requires_config_enabled MBEDTLS_RSA_C
Andrzej Kurek934e9cd2022-09-05 14:44:46 -04002450requires_hash_alg SHA_256
valeriof27472b2023-03-09 16:19:35 +01002451requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
Neil Armstrong1948a202022-06-30 18:05:57 +02002452run_test "Opaque key for client/server authentication: ECDHE-RSA" \
Neil Armstrong3e9a1422022-03-21 10:03:46 +01002453 "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \
Neil Armstrong36b02232022-06-30 11:16:53 +02002454 key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \
Neil Armstrong3e9a1422022-03-21 10:03:46 +01002455 "$P_CLI key_opaque=1 crt_file=data_files/server2-sha256.crt \
Neil Armstrong36b02232022-06-30 11:16:53 +02002456 key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \
Neil Armstrong3e9a1422022-03-21 10:03:46 +01002457 0 \
2458 -c "key type: Opaque" \
2459 -c "Verifying peer X.509 certificate... ok" \
2460 -c "Ciphersuite is TLS-ECDHE-RSA" \
2461 -s "key types: Opaque, none" \
2462 -s "Verifying peer X.509 certificate... ok" \
2463 -s "Ciphersuite is TLS-ECDHE-RSA" \
2464 -S "error" \
2465 -C "error"
2466
Neil Armstronga4dbfdd2022-03-21 10:11:07 +01002467requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
2468requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
2469requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
Neil Armstronga4dbfdd2022-03-21 10:11:07 +01002470requires_config_enabled MBEDTLS_RSA_C
Andrzej Kurek934e9cd2022-09-05 14:44:46 -04002471requires_hash_alg SHA_256
Neil Armstrong1948a202022-06-30 18:05:57 +02002472run_test "Opaque key for client/server authentication: DHE-RSA" \
Neil Armstronga4dbfdd2022-03-21 10:11:07 +01002473 "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \
Neil Armstrong36b02232022-06-30 11:16:53 +02002474 key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \
Neil Armstronga4dbfdd2022-03-21 10:11:07 +01002475 "$P_CLI key_opaque=1 crt_file=data_files/server2-sha256.crt \
Neil Armstrong36b02232022-06-30 11:16:53 +02002476 key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none \
2477 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
Neil Armstronga4dbfdd2022-03-21 10:11:07 +01002478 0 \
2479 -c "key type: Opaque" \
2480 -c "Verifying peer X.509 certificate... ok" \
2481 -c "Ciphersuite is TLS-DHE-RSA" \
2482 -s "key types: Opaque, none" \
2483 -s "Verifying peer X.509 certificate... ok" \
2484 -s "Ciphersuite is TLS-DHE-RSA" \
2485 -S "error" \
2486 -C "error"
2487
Neil Armstrong36b02232022-06-30 11:16:53 +02002488
Hanno Becker9b5853c2018-11-16 17:28:40 +00002489# Test ciphersuites which we expect to be fully supported by PSA Crypto
2490# and check that we don't fall back to Mbed TLS' internal crypto primitives.
2491run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CCM
2492run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8
2493run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CCM
2494run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8
2495run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
2496run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
2497run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA
2498run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256
2499run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384
2500
Hanno Becker354e2482019-01-08 11:40:25 +00002501requires_config_enabled MBEDTLS_ECP_DP_SECP521R1_ENABLED
2502run_test_psa_force_curve "secp521r1"
2503requires_config_enabled MBEDTLS_ECP_DP_BP512R1_ENABLED
2504run_test_psa_force_curve "brainpoolP512r1"
2505requires_config_enabled MBEDTLS_ECP_DP_SECP384R1_ENABLED
2506run_test_psa_force_curve "secp384r1"
2507requires_config_enabled MBEDTLS_ECP_DP_BP384R1_ENABLED
2508run_test_psa_force_curve "brainpoolP384r1"
2509requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
2510run_test_psa_force_curve "secp256r1"
2511requires_config_enabled MBEDTLS_ECP_DP_SECP256K1_ENABLED
2512run_test_psa_force_curve "secp256k1"
2513requires_config_enabled MBEDTLS_ECP_DP_BP256R1_ENABLED
2514run_test_psa_force_curve "brainpoolP256r1"
2515requires_config_enabled MBEDTLS_ECP_DP_SECP224R1_ENABLED
2516run_test_psa_force_curve "secp224r1"
Gilles Peskinedefdc3b2021-03-23 13:59:58 +01002517## SECP224K1 is buggy via the PSA API
Dave Rodgman017a1992022-03-31 14:07:01 +01002518## (https://github.com/Mbed-TLS/mbedtls/issues/3541),
Gilles Peskinedefdc3b2021-03-23 13:59:58 +01002519## so it is disabled in PSA even when it's enabled in Mbed TLS.
2520## The proper dependency would be on PSA_WANT_ECC_SECP_K1_224 but
2521## dependencies on PSA symbols in ssl-opt.sh are not implemented yet.
2522#requires_config_enabled MBEDTLS_ECP_DP_SECP224K1_ENABLED
2523#run_test_psa_force_curve "secp224k1"
Hanno Becker354e2482019-01-08 11:40:25 +00002524requires_config_enabled MBEDTLS_ECP_DP_SECP192R1_ENABLED
2525run_test_psa_force_curve "secp192r1"
2526requires_config_enabled MBEDTLS_ECP_DP_SECP192K1_ENABLED
2527run_test_psa_force_curve "secp192k1"
2528
Manuel Pégourié-Gonnardbd47a582015-01-12 13:43:29 +01002529# Test current time in ServerHello
Jerry Yuab082902021-12-23 18:02:22 +08002530requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnardbd47a582015-01-12 13:43:29 +01002531requires_config_enabled MBEDTLS_HAVE_TIME
2532run_test "ServerHello contains gmt_unix_time" \
2533 "$P_SRV debug_level=3" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01002534 "$P_CLI debug_level=3" \
Manuel Pégourié-Gonnardbd47a582015-01-12 13:43:29 +01002535 0 \
2536 -f "check_server_hello_time" \
Manuel Pégourié-Gonnard51d81662015-01-14 17:20:46 +01002537 -F "check_server_hello_time"
Manuel Pégourié-Gonnardbd47a582015-01-12 13:43:29 +01002538
2539# Test for uniqueness of IVs in AEAD ciphersuites
Jerry Yuab082902021-12-23 18:02:22 +08002540requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnardc1da6642014-02-25 14:18:30 +01002541run_test "Unique IV in GCM" \
2542 "$P_SRV exchanges=20 debug_level=4" \
2543 "$P_CLI exchanges=20 debug_level=4 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \
2544 0 \
2545 -u "IV used" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01002546 -U "IV used"
2547
Andrzej Kurekec71b092022-11-15 10:21:50 -05002548# Test for correctness of sent single supported algorithm
2549requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
2550requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
2551requires_config_enabled MBEDTLS_DEBUG_C
2552requires_config_enabled MBEDTLS_SSL_CLI_C
Paul Elliott3b4ceda2022-11-17 12:47:10 +00002553requires_config_enabled MBEDTLS_SSL_SRV_C
Valerio Settid1f991c2023-02-22 12:54:13 +01002554requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
2555requires_pk_alg "ECDSA"
Andrzej Kurekec71b092022-11-15 10:21:50 -05002556requires_hash_alg SHA_256
Paul Elliottf6e342c2022-11-17 12:50:29 +00002557run_test "Single supported algorithm sending: mbedtls client" \
Andrzej Kurekec71b092022-11-15 10:21:50 -05002558 "$P_SRV sig_algs=ecdsa_secp256r1_sha256 auth_mode=required" \
2559 "$P_CLI sig_algs=ecdsa_secp256r1_sha256 debug_level=3" \
2560 0 \
2561 -c "Supported Signature Algorithm found: 04 03"
2562
Paul Elliottf6e342c2022-11-17 12:50:29 +00002563requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
2564requires_config_enabled MBEDTLS_SSL_SRV_C
Paul Elliottf6e342c2022-11-17 12:50:29 +00002565requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
2566requires_hash_alg SHA_256
2567run_test "Single supported algorithm sending: openssl client" \
2568 "$P_SRV sig_algs=ecdsa_secp256r1_sha256 auth_mode=required" \
2569 "$O_CLI -cert data_files/server6.crt \
2570 -key data_files/server6.key" \
2571 0
2572
Janos Follathee11be62019-04-04 12:03:30 +01002573# Tests for certificate verification callback
Jerry Yuab082902021-12-23 18:02:22 +08002574requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Janos Follathee11be62019-04-04 12:03:30 +01002575run_test "Configuration-specific CRT verification callback" \
2576 "$P_SRV debug_level=3" \
2577 "$P_CLI context_crt_cb=0 debug_level=3" \
2578 0 \
Janos Follathee11be62019-04-04 12:03:30 +01002579 -S "error" \
2580 -c "Verify requested for " \
2581 -c "Use configuration-specific verification callback" \
2582 -C "Use context-specific verification callback" \
2583 -C "error"
2584
Jerry Yuab082902021-12-23 18:02:22 +08002585requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckerefb440a2019-04-03 13:04:33 +01002586run_test "Context-specific CRT verification callback" \
2587 "$P_SRV debug_level=3" \
2588 "$P_CLI context_crt_cb=1 debug_level=3" \
2589 0 \
Hanno Beckerefb440a2019-04-03 13:04:33 +01002590 -S "error" \
Janos Follathee11be62019-04-04 12:03:30 +01002591 -c "Verify requested for " \
2592 -c "Use context-specific verification callback" \
2593 -C "Use configuration-specific verification callback" \
Hanno Beckerefb440a2019-04-03 13:04:33 +01002594 -C "error"
2595
Gilles Peskinebc70a182017-05-09 15:59:24 +02002596# Tests for SHA-1 support
Jerry Yuab082902021-12-23 18:02:22 +08002597requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskinebc70a182017-05-09 15:59:24 +02002598run_test "SHA-1 forbidden by default in server certificate" \
2599 "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt" \
2600 "$P_CLI debug_level=2 allow_sha1=0" \
2601 1 \
2602 -c "The certificate is signed with an unacceptable hash"
2603
Jerry Yuab082902021-12-23 18:02:22 +08002604requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskinebc70a182017-05-09 15:59:24 +02002605run_test "SHA-1 explicitly allowed in server certificate" \
2606 "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt" \
2607 "$P_CLI allow_sha1=1" \
2608 0
2609
Jerry Yuab082902021-12-23 18:02:22 +08002610requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskinebc70a182017-05-09 15:59:24 +02002611run_test "SHA-256 allowed by default in server certificate" \
2612 "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2-sha256.crt" \
2613 "$P_CLI allow_sha1=0" \
2614 0
2615
Jerry Yuab082902021-12-23 18:02:22 +08002616requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskinebc70a182017-05-09 15:59:24 +02002617run_test "SHA-1 forbidden by default in client certificate" \
2618 "$P_SRV auth_mode=required allow_sha1=0" \
2619 "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha1.crt" \
2620 1 \
2621 -s "The certificate is signed with an unacceptable hash"
2622
Jerry Yuab082902021-12-23 18:02:22 +08002623requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskinebc70a182017-05-09 15:59:24 +02002624run_test "SHA-1 explicitly allowed in client certificate" \
2625 "$P_SRV auth_mode=required allow_sha1=1" \
2626 "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha1.crt" \
2627 0
2628
Jerry Yuab082902021-12-23 18:02:22 +08002629requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskinebc70a182017-05-09 15:59:24 +02002630run_test "SHA-256 allowed by default in client certificate" \
2631 "$P_SRV auth_mode=required allow_sha1=0" \
2632 "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha256.crt" \
2633 0
2634
Hanno Becker932064d2021-07-24 06:45:50 +01002635# Dummy TLS 1.3 test
2636# Currently only checking that passing TLS 1.3 key exchange modes to
2637# ssl_client2/ssl_server2 example programs works.
Jerry Yuc10f6b42021-12-23 17:16:42 +08002638requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ronald Cron6f135e12021-12-08 16:57:54 +01002639requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Jerry Yue36397d2022-07-09 04:20:59 +00002640requires_config_enabled MBEDTLS_SSL_CLI_C
2641requires_config_enabled MBEDTLS_SSL_SRV_C
Ronald Crondf5f8682022-04-05 16:01:03 +02002642run_test "TLS 1.3: key exchange mode parameter passing: PSK only" \
Jerry Yuc10f6b42021-12-23 17:16:42 +08002643 "$P_SRV tls13_kex_modes=psk debug_level=4" \
2644 "$P_CLI tls13_kex_modes=psk debug_level=4" \
Hanno Becker932064d2021-07-24 06:45:50 +01002645 0
Jerry Yue36397d2022-07-09 04:20:59 +00002646
Jerry Yuc10f6b42021-12-23 17:16:42 +08002647requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ronald Cron6f135e12021-12-08 16:57:54 +01002648requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Jerry Yue36397d2022-07-09 04:20:59 +00002649requires_config_enabled MBEDTLS_SSL_CLI_C
2650requires_config_enabled MBEDTLS_SSL_SRV_C
Ronald Crondf5f8682022-04-05 16:01:03 +02002651run_test "TLS 1.3: key exchange mode parameter passing: PSK-ephemeral only" \
Hanno Becker932064d2021-07-24 06:45:50 +01002652 "$P_SRV tls13_kex_modes=psk_ephemeral" \
2653 "$P_CLI tls13_kex_modes=psk_ephemeral" \
2654 0
Jerry Yue36397d2022-07-09 04:20:59 +00002655
Jerry Yuc10f6b42021-12-23 17:16:42 +08002656requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ronald Cron6f135e12021-12-08 16:57:54 +01002657requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Jerry Yue36397d2022-07-09 04:20:59 +00002658requires_config_enabled MBEDTLS_SSL_CLI_C
2659requires_config_enabled MBEDTLS_SSL_SRV_C
Ronald Crondf5f8682022-04-05 16:01:03 +02002660run_test "TLS 1.3: key exchange mode parameter passing: Pure-ephemeral only" \
Jerry Yu31c01d32021-08-24 10:49:06 +08002661 "$P_SRV tls13_kex_modes=ephemeral" \
2662 "$P_CLI tls13_kex_modes=ephemeral" \
Hanno Becker932064d2021-07-24 06:45:50 +01002663 0
Jerry Yue36397d2022-07-09 04:20:59 +00002664
Jerry Yuc10f6b42021-12-23 17:16:42 +08002665requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ronald Cron6f135e12021-12-08 16:57:54 +01002666requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Jerry Yue36397d2022-07-09 04:20:59 +00002667requires_config_enabled MBEDTLS_SSL_CLI_C
2668requires_config_enabled MBEDTLS_SSL_SRV_C
Ronald Crondf5f8682022-04-05 16:01:03 +02002669run_test "TLS 1.3: key exchange mode parameter passing: All ephemeral" \
Hanno Becker932064d2021-07-24 06:45:50 +01002670 "$P_SRV tls13_kex_modes=ephemeral_all" \
2671 "$P_CLI tls13_kex_modes=ephemeral_all" \
2672 0
Jerry Yue36397d2022-07-09 04:20:59 +00002673
Jerry Yuc10f6b42021-12-23 17:16:42 +08002674requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ronald Cron6f135e12021-12-08 16:57:54 +01002675requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Jerry Yue36397d2022-07-09 04:20:59 +00002676requires_config_enabled MBEDTLS_SSL_CLI_C
2677requires_config_enabled MBEDTLS_SSL_SRV_C
Ronald Crondf5f8682022-04-05 16:01:03 +02002678run_test "TLS 1.3: key exchange mode parameter passing: All PSK" \
Hanno Becker932064d2021-07-24 06:45:50 +01002679 "$P_SRV tls13_kex_modes=psk_all" \
2680 "$P_CLI tls13_kex_modes=psk_all" \
2681 0
Jerry Yue36397d2022-07-09 04:20:59 +00002682
Jerry Yuc10f6b42021-12-23 17:16:42 +08002683requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ronald Cron6f135e12021-12-08 16:57:54 +01002684requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Jerry Yue36397d2022-07-09 04:20:59 +00002685requires_config_enabled MBEDTLS_SSL_CLI_C
2686requires_config_enabled MBEDTLS_SSL_SRV_C
Ronald Crondf5f8682022-04-05 16:01:03 +02002687run_test "TLS 1.3: key exchange mode parameter passing: All" \
Hanno Becker932064d2021-07-24 06:45:50 +01002688 "$P_SRV tls13_kex_modes=all" \
2689 "$P_CLI tls13_kex_modes=all" \
2690 0
2691
Hanno Becker7ae8a762018-08-14 15:43:35 +01002692# Tests for datagram packing
Jerry Yuab082902021-12-23 18:02:22 +08002693requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker7ae8a762018-08-14 15:43:35 +01002694run_test "DTLS: multiple records in same datagram, client and server" \
2695 "$P_SRV dtls=1 dgram_packing=1 debug_level=2" \
2696 "$P_CLI dtls=1 dgram_packing=1 debug_level=2" \
2697 0 \
2698 -c "next record in same datagram" \
2699 -s "next record in same datagram"
2700
Jerry Yuab082902021-12-23 18:02:22 +08002701requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker7ae8a762018-08-14 15:43:35 +01002702run_test "DTLS: multiple records in same datagram, client only" \
2703 "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \
2704 "$P_CLI dtls=1 dgram_packing=1 debug_level=2" \
2705 0 \
2706 -s "next record in same datagram" \
2707 -C "next record in same datagram"
2708
Jerry Yuab082902021-12-23 18:02:22 +08002709requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker7ae8a762018-08-14 15:43:35 +01002710run_test "DTLS: multiple records in same datagram, server only" \
2711 "$P_SRV dtls=1 dgram_packing=1 debug_level=2" \
2712 "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \
2713 0 \
2714 -S "next record in same datagram" \
2715 -c "next record in same datagram"
2716
Jerry Yuab082902021-12-23 18:02:22 +08002717requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker7ae8a762018-08-14 15:43:35 +01002718run_test "DTLS: multiple records in same datagram, neither client nor server" \
2719 "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \
2720 "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \
2721 0 \
2722 -S "next record in same datagram" \
2723 -C "next record in same datagram"
2724
Jarno Lamsa2937d812019-06-04 11:33:23 +03002725# Tests for Context serialization
2726
Jerry Yuab082902021-12-23 18:02:22 +08002727requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Jarno Lamsa2937d812019-06-04 11:33:23 +03002728requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
Hanno Beckere0b90ec2019-08-30 11:32:12 +01002729run_test "Context serialization, client serializes, CCM" \
Manuel Pégourié-Gonnard862b3192019-07-23 14:13:43 +02002730 "$P_SRV dtls=1 serialize=0 exchanges=2" \
Hanno Beckere0b90ec2019-08-30 11:32:12 +01002731 "$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
2732 0 \
2733 -c "Deserializing connection..." \
2734 -S "Deserializing connection..."
2735
Jerry Yuab082902021-12-23 18:02:22 +08002736requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckere0b90ec2019-08-30 11:32:12 +01002737requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
2738run_test "Context serialization, client serializes, ChaChaPoly" \
2739 "$P_SRV dtls=1 serialize=0 exchanges=2" \
2740 "$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
2741 0 \
2742 -c "Deserializing connection..." \
2743 -S "Deserializing connection..."
2744
Jerry Yuab082902021-12-23 18:02:22 +08002745requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckere0b90ec2019-08-30 11:32:12 +01002746requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
2747run_test "Context serialization, client serializes, GCM" \
2748 "$P_SRV dtls=1 serialize=0 exchanges=2" \
2749 "$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
Jarno Lamsa2937d812019-06-04 11:33:23 +03002750 0 \
Jarno Lamsacbee1b32019-06-04 15:18:19 +03002751 -c "Deserializing connection..." \
Jarno Lamsa2937d812019-06-04 11:33:23 +03002752 -S "Deserializing connection..."
2753
Jerry Yuab082902021-12-23 18:02:22 +08002754requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Jarno Lamsa2937d812019-06-04 11:33:23 +03002755requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
Hanno Becker1b18fd32019-08-30 11:18:59 +01002756requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
2757run_test "Context serialization, client serializes, with CID" \
2758 "$P_SRV dtls=1 serialize=0 exchanges=2 cid=1 cid_val=dead" \
2759 "$P_CLI dtls=1 serialize=1 exchanges=2 cid=1 cid_val=beef" \
2760 0 \
2761 -c "Deserializing connection..." \
2762 -S "Deserializing connection..."
2763
2764requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
Hanno Beckere0b90ec2019-08-30 11:32:12 +01002765run_test "Context serialization, server serializes, CCM" \
Manuel Pégourié-Gonnard862b3192019-07-23 14:13:43 +02002766 "$P_SRV dtls=1 serialize=1 exchanges=2" \
Hanno Beckere0b90ec2019-08-30 11:32:12 +01002767 "$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
2768 0 \
2769 -C "Deserializing connection..." \
2770 -s "Deserializing connection..."
2771
Jerry Yuab082902021-12-23 18:02:22 +08002772requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckere0b90ec2019-08-30 11:32:12 +01002773requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
2774run_test "Context serialization, server serializes, ChaChaPoly" \
2775 "$P_SRV dtls=1 serialize=1 exchanges=2" \
2776 "$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
2777 0 \
2778 -C "Deserializing connection..." \
2779 -s "Deserializing connection..."
2780
Jerry Yuab082902021-12-23 18:02:22 +08002781requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckere0b90ec2019-08-30 11:32:12 +01002782requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
2783run_test "Context serialization, server serializes, GCM" \
2784 "$P_SRV dtls=1 serialize=1 exchanges=2" \
2785 "$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
Jarno Lamsa2937d812019-06-04 11:33:23 +03002786 0 \
Jarno Lamsacbee1b32019-06-04 15:18:19 +03002787 -C "Deserializing connection..." \
Jarno Lamsa2937d812019-06-04 11:33:23 +03002788 -s "Deserializing connection..."
2789
Jerry Yuab082902021-12-23 18:02:22 +08002790requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Jarno Lamsa2937d812019-06-04 11:33:23 +03002791requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
Hanno Becker1b18fd32019-08-30 11:18:59 +01002792requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
2793run_test "Context serialization, server serializes, with CID" \
2794 "$P_SRV dtls=1 serialize=1 exchanges=2 cid=1 cid_val=dead" \
2795 "$P_CLI dtls=1 serialize=0 exchanges=2 cid=1 cid_val=beef" \
2796 0 \
2797 -C "Deserializing connection..." \
2798 -s "Deserializing connection..."
2799
Jerry Yuab082902021-12-23 18:02:22 +08002800requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker1b18fd32019-08-30 11:18:59 +01002801requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
Hanno Beckere0b90ec2019-08-30 11:32:12 +01002802run_test "Context serialization, both serialize, CCM" \
Manuel Pégourié-Gonnard862b3192019-07-23 14:13:43 +02002803 "$P_SRV dtls=1 serialize=1 exchanges=2" \
Hanno Beckere0b90ec2019-08-30 11:32:12 +01002804 "$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
2805 0 \
2806 -c "Deserializing connection..." \
2807 -s "Deserializing connection..."
2808
Jerry Yuab082902021-12-23 18:02:22 +08002809requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckere0b90ec2019-08-30 11:32:12 +01002810requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
2811run_test "Context serialization, both serialize, ChaChaPoly" \
2812 "$P_SRV dtls=1 serialize=1 exchanges=2" \
2813 "$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
2814 0 \
2815 -c "Deserializing connection..." \
2816 -s "Deserializing connection..."
2817
Jerry Yuab082902021-12-23 18:02:22 +08002818requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckere0b90ec2019-08-30 11:32:12 +01002819requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
2820run_test "Context serialization, both serialize, GCM" \
2821 "$P_SRV dtls=1 serialize=1 exchanges=2" \
2822 "$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
Jarno Lamsa2937d812019-06-04 11:33:23 +03002823 0 \
Jarno Lamsacbee1b32019-06-04 15:18:19 +03002824 -c "Deserializing connection..." \
Jarno Lamsa2937d812019-06-04 11:33:23 +03002825 -s "Deserializing connection..."
2826
Jerry Yuab082902021-12-23 18:02:22 +08002827requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Jarno Lamsac2376f02019-06-06 10:44:14 +03002828requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
Hanno Becker1b18fd32019-08-30 11:18:59 +01002829requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
2830run_test "Context serialization, both serialize, with CID" \
2831 "$P_SRV dtls=1 serialize=1 exchanges=2 cid=1 cid_val=dead" \
2832 "$P_CLI dtls=1 serialize=1 exchanges=2 cid=1 cid_val=beef" \
2833 0 \
2834 -c "Deserializing connection..." \
2835 -s "Deserializing connection..."
2836
2837requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
Hanno Beckere0b90ec2019-08-30 11:32:12 +01002838run_test "Context serialization, re-init, client serializes, CCM" \
Manuel Pégourié-Gonnard862b3192019-07-23 14:13:43 +02002839 "$P_SRV dtls=1 serialize=0 exchanges=2" \
Hanno Beckere0b90ec2019-08-30 11:32:12 +01002840 "$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
2841 0 \
2842 -c "Deserializing connection..." \
2843 -S "Deserializing connection..."
2844
Jerry Yuab082902021-12-23 18:02:22 +08002845requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckere0b90ec2019-08-30 11:32:12 +01002846requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
2847run_test "Context serialization, re-init, client serializes, ChaChaPoly" \
2848 "$P_SRV dtls=1 serialize=0 exchanges=2" \
2849 "$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
2850 0 \
2851 -c "Deserializing connection..." \
2852 -S "Deserializing connection..."
2853
Jerry Yuab082902021-12-23 18:02:22 +08002854requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckere0b90ec2019-08-30 11:32:12 +01002855requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
2856run_test "Context serialization, re-init, client serializes, GCM" \
2857 "$P_SRV dtls=1 serialize=0 exchanges=2" \
2858 "$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
Jarno Lamsac2376f02019-06-06 10:44:14 +03002859 0 \
2860 -c "Deserializing connection..." \
2861 -S "Deserializing connection..."
2862
Jerry Yuab082902021-12-23 18:02:22 +08002863requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Jarno Lamsac2376f02019-06-06 10:44:14 +03002864requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
Hanno Becker1b18fd32019-08-30 11:18:59 +01002865requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
2866run_test "Context serialization, re-init, client serializes, with CID" \
2867 "$P_SRV dtls=1 serialize=0 exchanges=2 cid=1 cid_val=dead" \
2868 "$P_CLI dtls=1 serialize=2 exchanges=2 cid=1 cid_val=beef" \
2869 0 \
2870 -c "Deserializing connection..." \
2871 -S "Deserializing connection..."
2872
2873requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
Hanno Beckere0b90ec2019-08-30 11:32:12 +01002874run_test "Context serialization, re-init, server serializes, CCM" \
Manuel Pégourié-Gonnard862b3192019-07-23 14:13:43 +02002875 "$P_SRV dtls=1 serialize=2 exchanges=2" \
Hanno Beckere0b90ec2019-08-30 11:32:12 +01002876 "$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
2877 0 \
2878 -C "Deserializing connection..." \
2879 -s "Deserializing connection..."
2880
Jerry Yuab082902021-12-23 18:02:22 +08002881requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckere0b90ec2019-08-30 11:32:12 +01002882requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
2883run_test "Context serialization, re-init, server serializes, ChaChaPoly" \
2884 "$P_SRV dtls=1 serialize=2 exchanges=2" \
2885 "$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
2886 0 \
2887 -C "Deserializing connection..." \
2888 -s "Deserializing connection..."
2889
Jerry Yuab082902021-12-23 18:02:22 +08002890requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckere0b90ec2019-08-30 11:32:12 +01002891requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
2892run_test "Context serialization, re-init, server serializes, GCM" \
2893 "$P_SRV dtls=1 serialize=2 exchanges=2" \
2894 "$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
Jarno Lamsac2376f02019-06-06 10:44:14 +03002895 0 \
2896 -C "Deserializing connection..." \
2897 -s "Deserializing connection..."
2898
Jerry Yuab082902021-12-23 18:02:22 +08002899requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Jarno Lamsac2376f02019-06-06 10:44:14 +03002900requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
Hanno Becker1b18fd32019-08-30 11:18:59 +01002901requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
2902run_test "Context serialization, re-init, server serializes, with CID" \
2903 "$P_SRV dtls=1 serialize=2 exchanges=2 cid=1 cid_val=dead" \
2904 "$P_CLI dtls=1 serialize=0 exchanges=2 cid=1 cid_val=beef" \
2905 0 \
2906 -C "Deserializing connection..." \
2907 -s "Deserializing connection..."
2908
Jerry Yuab082902021-12-23 18:02:22 +08002909requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker1b18fd32019-08-30 11:18:59 +01002910requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
Hanno Beckere0b90ec2019-08-30 11:32:12 +01002911run_test "Context serialization, re-init, both serialize, CCM" \
Manuel Pégourié-Gonnard862b3192019-07-23 14:13:43 +02002912 "$P_SRV dtls=1 serialize=2 exchanges=2" \
Hanno Beckere0b90ec2019-08-30 11:32:12 +01002913 "$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
2914 0 \
2915 -c "Deserializing connection..." \
2916 -s "Deserializing connection..."
2917
Jerry Yuab082902021-12-23 18:02:22 +08002918requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckere0b90ec2019-08-30 11:32:12 +01002919requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
2920run_test "Context serialization, re-init, both serialize, ChaChaPoly" \
2921 "$P_SRV dtls=1 serialize=2 exchanges=2" \
2922 "$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
2923 0 \
2924 -c "Deserializing connection..." \
2925 -s "Deserializing connection..."
2926
Jerry Yuab082902021-12-23 18:02:22 +08002927requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckere0b90ec2019-08-30 11:32:12 +01002928requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
2929run_test "Context serialization, re-init, both serialize, GCM" \
2930 "$P_SRV dtls=1 serialize=2 exchanges=2" \
2931 "$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
Jarno Lamsac2376f02019-06-06 10:44:14 +03002932 0 \
2933 -c "Deserializing connection..." \
2934 -s "Deserializing connection..."
2935
Jerry Yuab082902021-12-23 18:02:22 +08002936requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker1b18fd32019-08-30 11:18:59 +01002937requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
2938requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
2939run_test "Context serialization, re-init, both serialize, with CID" \
2940 "$P_SRV dtls=1 serialize=2 exchanges=2 cid=1 cid_val=dead" \
2941 "$P_CLI dtls=1 serialize=2 exchanges=2 cid=1 cid_val=beef" \
2942 0 \
2943 -c "Deserializing connection..." \
2944 -s "Deserializing connection..."
2945
Jerry Yuab082902021-12-23 18:02:22 +08002946requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Piotr Nowicki3de298f2020-04-16 14:35:19 +02002947requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
2948run_test "Saving the serialized context to a file" \
2949 "$P_SRV dtls=1 serialize=1 context_file=context_srv.txt" \
2950 "$P_CLI dtls=1 serialize=1 context_file=context_cli.txt" \
2951 0 \
2952 -s "Save serialized context to a file... ok" \
2953 -c "Save serialized context to a file... ok"
2954rm -f context_srv.txt
2955rm -f context_cli.txt
2956
Hanno Becker7cf463e2019-04-09 18:08:47 +01002957# Tests for DTLS Connection ID extension
2958
Hanno Becker7cf463e2019-04-09 18:08:47 +01002959# So far, the CID API isn't implemented, so we can't
2960# grep for output witnessing its use. This needs to be
2961# changed once the CID extension is implemented.
2962
Jerry Yuab082902021-12-23 18:02:22 +08002963requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera0e20d02019-05-15 14:03:01 +01002964requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01002965run_test "Connection ID: Cli enabled, Srv disabled" \
Hanno Beckerf157a972019-04-25 16:05:45 +01002966 "$P_SRV debug_level=3 dtls=1 cid=0" \
2967 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
2968 0 \
2969 -s "Disable use of CID extension." \
Hanno Becker7dee2c62019-04-26 14:17:56 +01002970 -s "found CID extension" \
2971 -s "Client sent CID extension, but CID disabled" \
Hanno Becker6b78c832019-04-25 17:01:43 +01002972 -c "Enable use of CID extension." \
Hanno Becker4bc9e9d2019-04-26 16:00:29 +01002973 -c "client hello, adding CID extension" \
Hanno Beckera6a4c762019-04-26 16:13:31 +01002974 -S "server hello, adding CID extension" \
Hanno Becker9ecb6c62019-04-26 16:23:52 +01002975 -C "found CID extension" \
2976 -S "Copy CIDs into SSL transform" \
Hanno Beckerfcffdcc2019-04-26 17:19:46 +01002977 -C "Copy CIDs into SSL transform" \
2978 -c "Use of Connection ID was rejected by the server"
Hanno Becker7cf463e2019-04-09 18:08:47 +01002979
Jerry Yuab082902021-12-23 18:02:22 +08002980requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera0e20d02019-05-15 14:03:01 +01002981requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01002982run_test "Connection ID: Cli disabled, Srv enabled" \
Hanno Beckerf157a972019-04-25 16:05:45 +01002983 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
2984 "$P_CLI debug_level=3 dtls=1 cid=0" \
2985 0 \
2986 -c "Disable use of CID extension." \
Hanno Becker6b78c832019-04-25 17:01:43 +01002987 -C "client hello, adding CID extension" \
Hanno Becker7dee2c62019-04-26 14:17:56 +01002988 -S "found CID extension" \
Hanno Becker4bc9e9d2019-04-26 16:00:29 +01002989 -s "Enable use of CID extension." \
Hanno Beckera6a4c762019-04-26 16:13:31 +01002990 -S "server hello, adding CID extension" \
Hanno Becker9ecb6c62019-04-26 16:23:52 +01002991 -C "found CID extension" \
2992 -S "Copy CIDs into SSL transform" \
Hanno Beckerfcffdcc2019-04-26 17:19:46 +01002993 -C "Copy CIDs into SSL transform" \
Hanno Beckerb3e9dd52019-05-08 13:19:53 +01002994 -s "Use of Connection ID was not offered by client"
Hanno Becker7cf463e2019-04-09 18:08:47 +01002995
Jerry Yuab082902021-12-23 18:02:22 +08002996requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera0e20d02019-05-15 14:03:01 +01002997requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01002998run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID nonempty" \
Hanno Beckerf157a972019-04-25 16:05:45 +01002999 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead" \
3000 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef" \
3001 0 \
3002 -c "Enable use of CID extension." \
Hanno Becker6b78c832019-04-25 17:01:43 +01003003 -s "Enable use of CID extension." \
Hanno Becker7dee2c62019-04-26 14:17:56 +01003004 -c "client hello, adding CID extension" \
3005 -s "found CID extension" \
Hanno Becker4bc9e9d2019-04-26 16:00:29 +01003006 -s "Use of CID extension negotiated" \
Hanno Beckera6a4c762019-04-26 16:13:31 +01003007 -s "server hello, adding CID extension" \
3008 -c "found CID extension" \
Hanno Becker9ecb6c62019-04-26 16:23:52 +01003009 -c "Use of CID extension negotiated" \
3010 -s "Copy CIDs into SSL transform" \
Hanno Becker2749a672019-05-03 17:04:23 +01003011 -c "Copy CIDs into SSL transform" \
3012 -c "Peer CID (length 2 Bytes): de ad" \
3013 -s "Peer CID (length 2 Bytes): be ef" \
3014 -s "Use of Connection ID has been negotiated" \
3015 -c "Use of Connection ID has been negotiated"
Hanno Becker7cf463e2019-04-09 18:08:47 +01003016
Jerry Yuab082902021-12-23 18:02:22 +08003017requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera0e20d02019-05-15 14:03:01 +01003018requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01003019run_test "Connection ID, 3D: Cli+Srv enabled, Cli+Srv CID nonempty" \
Hanno Beckerd0ac5fa2019-05-24 10:11:23 +01003020 -p "$P_PXY drop=5 delay=5 duplicate=5 bad_cid=1" \
Hanno Becker78c91372019-05-08 13:31:15 +01003021 "$P_SRV debug_level=3 dtls=1 cid=1 dgram_packing=0 cid_val=dead" \
3022 "$P_CLI debug_level=3 dtls=1 cid=1 dgram_packing=0 cid_val=beef" \
3023 0 \
3024 -c "Enable use of CID extension." \
3025 -s "Enable use of CID extension." \
3026 -c "client hello, adding CID extension" \
3027 -s "found CID extension" \
3028 -s "Use of CID extension negotiated" \
3029 -s "server hello, adding CID extension" \
3030 -c "found CID extension" \
3031 -c "Use of CID extension negotiated" \
3032 -s "Copy CIDs into SSL transform" \
3033 -c "Copy CIDs into SSL transform" \
3034 -c "Peer CID (length 2 Bytes): de ad" \
3035 -s "Peer CID (length 2 Bytes): be ef" \
3036 -s "Use of Connection ID has been negotiated" \
Hanno Beckerd0ac5fa2019-05-24 10:11:23 +01003037 -c "Use of Connection ID has been negotiated" \
3038 -c "ignoring unexpected CID" \
3039 -s "ignoring unexpected CID"
Hanno Becker78c91372019-05-08 13:31:15 +01003040
Jerry Yuab082902021-12-23 18:02:22 +08003041requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera0e20d02019-05-15 14:03:01 +01003042requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01003043run_test "Connection ID, MTU: Cli+Srv enabled, Cli+Srv CID nonempty" \
3044 -p "$P_PXY mtu=800" \
3045 "$P_SRV debug_level=3 mtu=800 dtls=1 cid=1 cid_val=dead" \
3046 "$P_CLI debug_level=3 mtu=800 dtls=1 cid=1 cid_val=beef" \
3047 0 \
3048 -c "Enable use of CID extension." \
3049 -s "Enable use of CID extension." \
3050 -c "client hello, adding CID extension" \
3051 -s "found CID extension" \
3052 -s "Use of CID extension negotiated" \
3053 -s "server hello, adding CID extension" \
3054 -c "found CID extension" \
3055 -c "Use of CID extension negotiated" \
3056 -s "Copy CIDs into SSL transform" \
3057 -c "Copy CIDs into SSL transform" \
3058 -c "Peer CID (length 2 Bytes): de ad" \
3059 -s "Peer CID (length 2 Bytes): be ef" \
3060 -s "Use of Connection ID has been negotiated" \
3061 -c "Use of Connection ID has been negotiated"
3062
Jerry Yuab082902021-12-23 18:02:22 +08003063requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera0e20d02019-05-15 14:03:01 +01003064requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01003065run_test "Connection ID, 3D+MTU: Cli+Srv enabled, Cli+Srv CID nonempty" \
Hanno Beckerd0ac5fa2019-05-24 10:11:23 +01003066 -p "$P_PXY mtu=800 drop=5 delay=5 duplicate=5 bad_cid=1" \
Hanno Becker78c91372019-05-08 13:31:15 +01003067 "$P_SRV debug_level=3 mtu=800 dtls=1 cid=1 cid_val=dead" \
3068 "$P_CLI debug_level=3 mtu=800 dtls=1 cid=1 cid_val=beef" \
3069 0 \
3070 -c "Enable use of CID extension." \
3071 -s "Enable use of CID extension." \
3072 -c "client hello, adding CID extension" \
3073 -s "found CID extension" \
3074 -s "Use of CID extension negotiated" \
3075 -s "server hello, adding CID extension" \
3076 -c "found CID extension" \
3077 -c "Use of CID extension negotiated" \
3078 -s "Copy CIDs into SSL transform" \
3079 -c "Copy CIDs into SSL transform" \
3080 -c "Peer CID (length 2 Bytes): de ad" \
3081 -s "Peer CID (length 2 Bytes): be ef" \
3082 -s "Use of Connection ID has been negotiated" \
Hanno Beckerd0ac5fa2019-05-24 10:11:23 +01003083 -c "Use of Connection ID has been negotiated" \
3084 -c "ignoring unexpected CID" \
3085 -s "ignoring unexpected CID"
Hanno Becker78c91372019-05-08 13:31:15 +01003086
Jerry Yuab082902021-12-23 18:02:22 +08003087requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera0e20d02019-05-15 14:03:01 +01003088requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01003089run_test "Connection ID: Cli+Srv enabled, Cli CID empty" \
Hanno Beckerf157a972019-04-25 16:05:45 +01003090 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
3091 "$P_CLI debug_level=3 dtls=1 cid=1" \
3092 0 \
3093 -c "Enable use of CID extension." \
Hanno Becker6b78c832019-04-25 17:01:43 +01003094 -s "Enable use of CID extension." \
Hanno Becker7dee2c62019-04-26 14:17:56 +01003095 -c "client hello, adding CID extension" \
3096 -s "found CID extension" \
Hanno Becker4bc9e9d2019-04-26 16:00:29 +01003097 -s "Use of CID extension negotiated" \
Hanno Beckera6a4c762019-04-26 16:13:31 +01003098 -s "server hello, adding CID extension" \
3099 -c "found CID extension" \
Hanno Becker9ecb6c62019-04-26 16:23:52 +01003100 -c "Use of CID extension negotiated" \
3101 -s "Copy CIDs into SSL transform" \
Hanno Becker2749a672019-05-03 17:04:23 +01003102 -c "Copy CIDs into SSL transform" \
3103 -c "Peer CID (length 4 Bytes): de ad be ef" \
3104 -s "Peer CID (length 0 Bytes):" \
3105 -s "Use of Connection ID has been negotiated" \
3106 -c "Use of Connection ID has been negotiated"
Hanno Becker7cf463e2019-04-09 18:08:47 +01003107
Jerry Yuab082902021-12-23 18:02:22 +08003108requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera0e20d02019-05-15 14:03:01 +01003109requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01003110run_test "Connection ID: Cli+Srv enabled, Srv CID empty" \
Hanno Beckerf157a972019-04-25 16:05:45 +01003111 "$P_SRV debug_level=3 dtls=1 cid=1" \
3112 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
3113 0 \
3114 -c "Enable use of CID extension." \
Hanno Becker6b78c832019-04-25 17:01:43 +01003115 -s "Enable use of CID extension." \
Hanno Becker7dee2c62019-04-26 14:17:56 +01003116 -c "client hello, adding CID extension" \
3117 -s "found CID extension" \
Hanno Becker4bc9e9d2019-04-26 16:00:29 +01003118 -s "Use of CID extension negotiated" \
Hanno Beckera6a4c762019-04-26 16:13:31 +01003119 -s "server hello, adding CID extension" \
3120 -c "found CID extension" \
Hanno Becker9ecb6c62019-04-26 16:23:52 +01003121 -c "Use of CID extension negotiated" \
3122 -s "Copy CIDs into SSL transform" \
Hanno Becker2749a672019-05-03 17:04:23 +01003123 -c "Copy CIDs into SSL transform" \
3124 -s "Peer CID (length 4 Bytes): de ad be ef" \
3125 -c "Peer CID (length 0 Bytes):" \
3126 -s "Use of Connection ID has been negotiated" \
3127 -c "Use of Connection ID has been negotiated"
Hanno Becker7cf463e2019-04-09 18:08:47 +01003128
Jerry Yuab082902021-12-23 18:02:22 +08003129requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera0e20d02019-05-15 14:03:01 +01003130requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01003131run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID empty" \
Hanno Beckerf157a972019-04-25 16:05:45 +01003132 "$P_SRV debug_level=3 dtls=1 cid=1" \
3133 "$P_CLI debug_level=3 dtls=1 cid=1" \
3134 0 \
3135 -c "Enable use of CID extension." \
Hanno Becker6b78c832019-04-25 17:01:43 +01003136 -s "Enable use of CID extension." \
Hanno Becker7dee2c62019-04-26 14:17:56 +01003137 -c "client hello, adding CID extension" \
3138 -s "found CID extension" \
Hanno Becker4bc9e9d2019-04-26 16:00:29 +01003139 -s "Use of CID extension negotiated" \
Hanno Beckera6a4c762019-04-26 16:13:31 +01003140 -s "server hello, adding CID extension" \
3141 -c "found CID extension" \
Hanno Becker9ecb6c62019-04-26 16:23:52 +01003142 -c "Use of CID extension negotiated" \
3143 -s "Copy CIDs into SSL transform" \
Hanno Beckerfcffdcc2019-04-26 17:19:46 +01003144 -c "Copy CIDs into SSL transform" \
3145 -S "Use of Connection ID has been negotiated" \
3146 -C "Use of Connection ID has been negotiated"
Hanno Becker7cf463e2019-04-09 18:08:47 +01003147
Jerry Yuab082902021-12-23 18:02:22 +08003148requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera0e20d02019-05-15 14:03:01 +01003149requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01003150run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID nonempty, AES-128-CCM-8" \
Hanno Beckerf157a972019-04-25 16:05:45 +01003151 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead" \
3152 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
3153 0 \
3154 -c "Enable use of CID extension." \
Hanno Becker6b78c832019-04-25 17:01:43 +01003155 -s "Enable use of CID extension." \
Hanno Becker7dee2c62019-04-26 14:17:56 +01003156 -c "client hello, adding CID extension" \
3157 -s "found CID extension" \
Hanno Becker4bc9e9d2019-04-26 16:00:29 +01003158 -s "Use of CID extension negotiated" \
Hanno Beckera6a4c762019-04-26 16:13:31 +01003159 -s "server hello, adding CID extension" \
3160 -c "found CID extension" \
Hanno Becker9ecb6c62019-04-26 16:23:52 +01003161 -c "Use of CID extension negotiated" \
3162 -s "Copy CIDs into SSL transform" \
Hanno Becker2749a672019-05-03 17:04:23 +01003163 -c "Copy CIDs into SSL transform" \
3164 -c "Peer CID (length 2 Bytes): de ad" \
3165 -s "Peer CID (length 2 Bytes): be ef" \
3166 -s "Use of Connection ID has been negotiated" \
3167 -c "Use of Connection ID has been negotiated"
Hanno Becker7cf463e2019-04-09 18:08:47 +01003168
Jerry Yuab082902021-12-23 18:02:22 +08003169requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera0e20d02019-05-15 14:03:01 +01003170requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01003171run_test "Connection ID: Cli+Srv enabled, Cli CID empty, AES-128-CCM-8" \
Hanno Beckerf157a972019-04-25 16:05:45 +01003172 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
3173 "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
3174 0 \
3175 -c "Enable use of CID extension." \
Hanno Becker6b78c832019-04-25 17:01:43 +01003176 -s "Enable use of CID extension." \
Hanno Becker7dee2c62019-04-26 14:17:56 +01003177 -c "client hello, adding CID extension" \
3178 -s "found CID extension" \
Hanno Becker4bc9e9d2019-04-26 16:00:29 +01003179 -s "Use of CID extension negotiated" \
Hanno Beckera6a4c762019-04-26 16:13:31 +01003180 -s "server hello, adding CID extension" \
3181 -c "found CID extension" \
Hanno Becker9ecb6c62019-04-26 16:23:52 +01003182 -c "Use of CID extension negotiated" \
3183 -s "Copy CIDs into SSL transform" \
Hanno Becker2749a672019-05-03 17:04:23 +01003184 -c "Copy CIDs into SSL transform" \
3185 -c "Peer CID (length 4 Bytes): de ad be ef" \
3186 -s "Peer CID (length 0 Bytes):" \
3187 -s "Use of Connection ID has been negotiated" \
3188 -c "Use of Connection ID has been negotiated"
Hanno Becker7cf463e2019-04-09 18:08:47 +01003189
Jerry Yuab082902021-12-23 18:02:22 +08003190requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera0e20d02019-05-15 14:03:01 +01003191requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01003192run_test "Connection ID: Cli+Srv enabled, Srv CID empty, AES-128-CCM-8" \
Hanno Beckerf157a972019-04-25 16:05:45 +01003193 "$P_SRV debug_level=3 dtls=1 cid=1" \
3194 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
3195 0 \
3196 -c "Enable use of CID extension." \
Hanno Becker6b78c832019-04-25 17:01:43 +01003197 -s "Enable use of CID extension." \
Hanno Becker7dee2c62019-04-26 14:17:56 +01003198 -c "client hello, adding CID extension" \
3199 -s "found CID extension" \
Hanno Becker4bc9e9d2019-04-26 16:00:29 +01003200 -s "Use of CID extension negotiated" \
Hanno Beckera6a4c762019-04-26 16:13:31 +01003201 -s "server hello, adding CID extension" \
3202 -c "found CID extension" \
Hanno Becker9ecb6c62019-04-26 16:23:52 +01003203 -c "Use of CID extension negotiated" \
3204 -s "Copy CIDs into SSL transform" \
Hanno Becker2749a672019-05-03 17:04:23 +01003205 -c "Copy CIDs into SSL transform" \
3206 -s "Peer CID (length 4 Bytes): de ad be ef" \
3207 -c "Peer CID (length 0 Bytes):" \
3208 -s "Use of Connection ID has been negotiated" \
3209 -c "Use of Connection ID has been negotiated"
Hanno Becker7cf463e2019-04-09 18:08:47 +01003210
Jerry Yuab082902021-12-23 18:02:22 +08003211requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera0e20d02019-05-15 14:03:01 +01003212requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01003213run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID empty, AES-128-CCM-8" \
Hanno Beckerf157a972019-04-25 16:05:45 +01003214 "$P_SRV debug_level=3 dtls=1 cid=1" \
3215 "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
3216 0 \
3217 -c "Enable use of CID extension." \
Hanno Becker6b78c832019-04-25 17:01:43 +01003218 -s "Enable use of CID extension." \
Hanno Becker7dee2c62019-04-26 14:17:56 +01003219 -c "client hello, adding CID extension" \
3220 -s "found CID extension" \
Hanno Becker4bc9e9d2019-04-26 16:00:29 +01003221 -s "Use of CID extension negotiated" \
Hanno Beckera6a4c762019-04-26 16:13:31 +01003222 -s "server hello, adding CID extension" \
3223 -c "found CID extension" \
Hanno Becker9ecb6c62019-04-26 16:23:52 +01003224 -c "Use of CID extension negotiated" \
3225 -s "Copy CIDs into SSL transform" \
Hanno Beckerfcffdcc2019-04-26 17:19:46 +01003226 -c "Copy CIDs into SSL transform" \
3227 -S "Use of Connection ID has been negotiated" \
3228 -C "Use of Connection ID has been negotiated"
Hanno Becker7cf463e2019-04-09 18:08:47 +01003229
Jerry Yuab082902021-12-23 18:02:22 +08003230requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera0e20d02019-05-15 14:03:01 +01003231requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01003232run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID nonempty, AES-128-CBC" \
Hanno Beckerf157a972019-04-25 16:05:45 +01003233 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead" \
3234 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
3235 0 \
3236 -c "Enable use of CID extension." \
Hanno Becker6b78c832019-04-25 17:01:43 +01003237 -s "Enable use of CID extension." \
Hanno Becker7dee2c62019-04-26 14:17:56 +01003238 -c "client hello, adding CID extension" \
3239 -s "found CID extension" \
Hanno Becker4bc9e9d2019-04-26 16:00:29 +01003240 -s "Use of CID extension negotiated" \
Hanno Beckera6a4c762019-04-26 16:13:31 +01003241 -s "server hello, adding CID extension" \
3242 -c "found CID extension" \
Hanno Becker9ecb6c62019-04-26 16:23:52 +01003243 -c "Use of CID extension negotiated" \
3244 -s "Copy CIDs into SSL transform" \
Hanno Becker2749a672019-05-03 17:04:23 +01003245 -c "Copy CIDs into SSL transform" \
3246 -c "Peer CID (length 2 Bytes): de ad" \
3247 -s "Peer CID (length 2 Bytes): be ef" \
3248 -s "Use of Connection ID has been negotiated" \
3249 -c "Use of Connection ID has been negotiated"
Hanno Becker7cf463e2019-04-09 18:08:47 +01003250
Jerry Yuab082902021-12-23 18:02:22 +08003251requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera0e20d02019-05-15 14:03:01 +01003252requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01003253run_test "Connection ID: Cli+Srv enabled, Cli CID empty, AES-128-CBC" \
Hanno Beckerf157a972019-04-25 16:05:45 +01003254 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
3255 "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
3256 0 \
3257 -c "Enable use of CID extension." \
Hanno Becker6b78c832019-04-25 17:01:43 +01003258 -s "Enable use of CID extension." \
Hanno Becker7dee2c62019-04-26 14:17:56 +01003259 -c "client hello, adding CID extension" \
3260 -s "found CID extension" \
Hanno Becker4bc9e9d2019-04-26 16:00:29 +01003261 -s "Use of CID extension negotiated" \
Hanno Beckera6a4c762019-04-26 16:13:31 +01003262 -s "server hello, adding CID extension" \
3263 -c "found CID extension" \
Hanno Becker9ecb6c62019-04-26 16:23:52 +01003264 -c "Use of CID extension negotiated" \
3265 -s "Copy CIDs into SSL transform" \
Hanno Becker2749a672019-05-03 17:04:23 +01003266 -c "Copy CIDs into SSL transform" \
3267 -c "Peer CID (length 4 Bytes): de ad be ef" \
3268 -s "Peer CID (length 0 Bytes):" \
3269 -s "Use of Connection ID has been negotiated" \
3270 -c "Use of Connection ID has been negotiated"
Hanno Becker7cf463e2019-04-09 18:08:47 +01003271
Jerry Yuab082902021-12-23 18:02:22 +08003272requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera0e20d02019-05-15 14:03:01 +01003273requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01003274run_test "Connection ID: Cli+Srv enabled, Srv CID empty, AES-128-CBC" \
Hanno Beckerf157a972019-04-25 16:05:45 +01003275 "$P_SRV debug_level=3 dtls=1 cid=1" \
3276 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
3277 0 \
3278 -c "Enable use of CID extension." \
Hanno Becker6b78c832019-04-25 17:01:43 +01003279 -s "Enable use of CID extension." \
Hanno Becker7dee2c62019-04-26 14:17:56 +01003280 -c "client hello, adding CID extension" \
3281 -s "found CID extension" \
Hanno Becker4bc9e9d2019-04-26 16:00:29 +01003282 -s "Use of CID extension negotiated" \
Hanno Beckera6a4c762019-04-26 16:13:31 +01003283 -s "server hello, adding CID extension" \
3284 -c "found CID extension" \
Hanno Becker9ecb6c62019-04-26 16:23:52 +01003285 -c "Use of CID extension negotiated" \
3286 -s "Copy CIDs into SSL transform" \
Hanno Becker2749a672019-05-03 17:04:23 +01003287 -c "Copy CIDs into SSL transform" \
3288 -s "Peer CID (length 4 Bytes): de ad be ef" \
3289 -c "Peer CID (length 0 Bytes):" \
3290 -s "Use of Connection ID has been negotiated" \
3291 -c "Use of Connection ID has been negotiated"
Hanno Becker7cf463e2019-04-09 18:08:47 +01003292
Jerry Yuab082902021-12-23 18:02:22 +08003293requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera0e20d02019-05-15 14:03:01 +01003294requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01003295run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID empty, AES-128-CBC" \
Hanno Beckerf157a972019-04-25 16:05:45 +01003296 "$P_SRV debug_level=3 dtls=1 cid=1" \
3297 "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
3298 0 \
3299 -c "Enable use of CID extension." \
Hanno Becker6b78c832019-04-25 17:01:43 +01003300 -s "Enable use of CID extension." \
Hanno Becker7dee2c62019-04-26 14:17:56 +01003301 -c "client hello, adding CID extension" \
3302 -s "found CID extension" \
Hanno Becker4bc9e9d2019-04-26 16:00:29 +01003303 -s "Use of CID extension negotiated" \
Hanno Beckera6a4c762019-04-26 16:13:31 +01003304 -s "server hello, adding CID extension" \
3305 -c "found CID extension" \
Hanno Becker9ecb6c62019-04-26 16:23:52 +01003306 -c "Use of CID extension negotiated" \
3307 -s "Copy CIDs into SSL transform" \
Hanno Beckerfcffdcc2019-04-26 17:19:46 +01003308 -c "Copy CIDs into SSL transform" \
3309 -S "Use of Connection ID has been negotiated" \
3310 -C "Use of Connection ID has been negotiated"
Hanno Becker7cf463e2019-04-09 18:08:47 +01003311
Jerry Yuab082902021-12-23 18:02:22 +08003312requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera0e20d02019-05-15 14:03:01 +01003313requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker9bae30d2019-04-23 11:52:44 +01003314requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Hanno Becker78c91372019-05-08 13:31:15 +01003315run_test "Connection ID: Cli+Srv enabled, renegotiate without change of CID" \
Hanno Beckerf157a972019-04-25 16:05:45 +01003316 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead renegotiation=1" \
3317 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef renegotiation=1 renegotiate=1" \
3318 0 \
Hanno Beckerb42ec0d2019-05-03 17:30:59 +01003319 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3320 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3321 -s "(initial handshake) Use of Connection ID has been negotiated" \
3322 -c "(initial handshake) Use of Connection ID has been negotiated" \
3323 -c "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3324 -s "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3325 -s "(after renegotiation) Use of Connection ID has been negotiated" \
3326 -c "(after renegotiation) Use of Connection ID has been negotiated"
3327
Jerry Yuab082902021-12-23 18:02:22 +08003328requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera0e20d02019-05-15 14:03:01 +01003329requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Beckerb42ec0d2019-05-03 17:30:59 +01003330requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Hanno Becker78c91372019-05-08 13:31:15 +01003331run_test "Connection ID: Cli+Srv enabled, renegotiate with different CID" \
Hanno Beckerb42ec0d2019-05-03 17:30:59 +01003332 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead cid_val_renego=beef renegotiation=1" \
3333 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef cid_val_renego=dead renegotiation=1 renegotiate=1" \
3334 0 \
3335 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3336 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3337 -s "(initial handshake) Use of Connection ID has been negotiated" \
3338 -c "(initial handshake) Use of Connection ID has been negotiated" \
3339 -c "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3340 -s "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3341 -s "(after renegotiation) Use of Connection ID has been negotiated" \
3342 -c "(after renegotiation) Use of Connection ID has been negotiated"
3343
Jerry Yuab082902021-12-23 18:02:22 +08003344requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera0e20d02019-05-15 14:03:01 +01003345requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Beckerb42ec0d2019-05-03 17:30:59 +01003346requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Hanno Beckerc2045b02019-05-08 16:20:46 +01003347run_test "Connection ID, no packing: Cli+Srv enabled, renegotiate with different CID" \
3348 "$P_SRV debug_level=3 dtls=1 cid=1 dgram_packing=0 cid_val=dead cid_val_renego=beef renegotiation=1" \
3349 "$P_CLI debug_level=3 dtls=1 cid=1 dgram_packing=0 cid_val=beef cid_val_renego=dead renegotiation=1 renegotiate=1" \
3350 0 \
3351 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3352 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3353 -s "(initial handshake) Use of Connection ID has been negotiated" \
3354 -c "(initial handshake) Use of Connection ID has been negotiated" \
3355 -c "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3356 -s "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3357 -s "(after renegotiation) Use of Connection ID has been negotiated" \
3358 -c "(after renegotiation) Use of Connection ID has been negotiated"
3359
Jerry Yuab082902021-12-23 18:02:22 +08003360requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera0e20d02019-05-15 14:03:01 +01003361requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Beckerc2045b02019-05-08 16:20:46 +01003362requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Hanno Becker78c91372019-05-08 13:31:15 +01003363run_test "Connection ID, 3D+MTU: Cli+Srv enabled, renegotiate with different CID" \
Hanno Beckerd0ac5fa2019-05-24 10:11:23 +01003364 -p "$P_PXY mtu=800 drop=5 delay=5 duplicate=5 bad_cid=1" \
Hanno Becker78c91372019-05-08 13:31:15 +01003365 "$P_SRV debug_level=3 mtu=800 dtls=1 cid=1 cid_val=dead cid_val_renego=beef renegotiation=1" \
3366 "$P_CLI debug_level=3 mtu=800 dtls=1 cid=1 cid_val=beef cid_val_renego=dead renegotiation=1 renegotiate=1" \
3367 0 \
3368 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3369 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3370 -s "(initial handshake) Use of Connection ID has been negotiated" \
3371 -c "(initial handshake) Use of Connection ID has been negotiated" \
3372 -c "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3373 -s "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3374 -s "(after renegotiation) Use of Connection ID has been negotiated" \
Hanno Beckerd0ac5fa2019-05-24 10:11:23 +01003375 -c "(after renegotiation) Use of Connection ID has been negotiated" \
3376 -c "ignoring unexpected CID" \
3377 -s "ignoring unexpected CID"
Hanno Becker78c91372019-05-08 13:31:15 +01003378
Jerry Yuab082902021-12-23 18:02:22 +08003379requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera0e20d02019-05-15 14:03:01 +01003380requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01003381requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
3382run_test "Connection ID: Cli+Srv enabled, renegotiate without CID" \
Hanno Beckerb42ec0d2019-05-03 17:30:59 +01003383 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead cid_renego=0 renegotiation=1" \
3384 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef cid_renego=0 renegotiation=1 renegotiate=1" \
3385 0 \
3386 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3387 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3388 -s "(initial handshake) Use of Connection ID has been negotiated" \
3389 -c "(initial handshake) Use of Connection ID has been negotiated" \
3390 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3391 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3392 -C "(after renegotiation) Use of Connection ID has been negotiated" \
3393 -S "(after renegotiation) Use of Connection ID has been negotiated"
3394
Jerry Yuab082902021-12-23 18:02:22 +08003395requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera0e20d02019-05-15 14:03:01 +01003396requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Beckerb42ec0d2019-05-03 17:30:59 +01003397requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Hanno Beckerc2045b02019-05-08 16:20:46 +01003398run_test "Connection ID, no packing: Cli+Srv enabled, renegotiate without CID" \
3399 "$P_SRV debug_level=3 dtls=1 dgram_packing=0 cid=1 cid_val=dead cid_renego=0 renegotiation=1" \
3400 "$P_CLI debug_level=3 dtls=1 dgram_packing=0 cid=1 cid_val=beef cid_renego=0 renegotiation=1 renegotiate=1" \
3401 0 \
3402 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3403 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3404 -s "(initial handshake) Use of Connection ID has been negotiated" \
3405 -c "(initial handshake) Use of Connection ID has been negotiated" \
3406 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3407 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3408 -C "(after renegotiation) Use of Connection ID has been negotiated" \
3409 -S "(after renegotiation) Use of Connection ID has been negotiated"
3410
Jerry Yuab082902021-12-23 18:02:22 +08003411requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera0e20d02019-05-15 14:03:01 +01003412requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Beckerc2045b02019-05-08 16:20:46 +01003413requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Hanno Becker78c91372019-05-08 13:31:15 +01003414run_test "Connection ID, 3D+MTU: Cli+Srv enabled, renegotiate without CID" \
Hanno Beckerd0ac5fa2019-05-24 10:11:23 +01003415 -p "$P_PXY drop=5 delay=5 duplicate=5 bad_cid=1" \
Hanno Becker78c91372019-05-08 13:31:15 +01003416 "$P_SRV debug_level=3 mtu=800 dtls=1 cid=1 cid_val=dead cid_renego=0 renegotiation=1" \
3417 "$P_CLI debug_level=3 mtu=800 dtls=1 cid=1 cid_val=beef cid_renego=0 renegotiation=1 renegotiate=1" \
3418 0 \
3419 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3420 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3421 -s "(initial handshake) Use of Connection ID has been negotiated" \
3422 -c "(initial handshake) Use of Connection ID has been negotiated" \
3423 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3424 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3425 -C "(after renegotiation) Use of Connection ID has been negotiated" \
Hanno Beckerd0ac5fa2019-05-24 10:11:23 +01003426 -S "(after renegotiation) Use of Connection ID has been negotiated" \
3427 -c "ignoring unexpected CID" \
3428 -s "ignoring unexpected CID"
Hanno Becker78c91372019-05-08 13:31:15 +01003429
Jerry Yuab082902021-12-23 18:02:22 +08003430requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera0e20d02019-05-15 14:03:01 +01003431requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01003432requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
3433run_test "Connection ID: Cli+Srv enabled, CID on renegotiation" \
Hanno Beckerb42ec0d2019-05-03 17:30:59 +01003434 "$P_SRV debug_level=3 dtls=1 cid=0 cid_renego=1 cid_val_renego=dead renegotiation=1" \
3435 "$P_CLI debug_level=3 dtls=1 cid=0 cid_renego=1 cid_val_renego=beef renegotiation=1 renegotiate=1" \
3436 0 \
3437 -S "(initial handshake) Use of Connection ID has been negotiated" \
3438 -C "(initial handshake) Use of Connection ID has been negotiated" \
3439 -c "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3440 -s "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3441 -c "(after renegotiation) Use of Connection ID has been negotiated" \
3442 -s "(after renegotiation) Use of Connection ID has been negotiated"
3443
Jerry Yuab082902021-12-23 18:02:22 +08003444requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera0e20d02019-05-15 14:03:01 +01003445requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Beckerb42ec0d2019-05-03 17:30:59 +01003446requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Hanno Beckerc2045b02019-05-08 16:20:46 +01003447run_test "Connection ID, no packing: Cli+Srv enabled, CID on renegotiation" \
3448 "$P_SRV debug_level=3 dtls=1 dgram_packing=0 cid=0 cid_renego=1 cid_val_renego=dead renegotiation=1" \
3449 "$P_CLI debug_level=3 dtls=1 dgram_packing=0 cid=0 cid_renego=1 cid_val_renego=beef renegotiation=1 renegotiate=1" \
3450 0 \
3451 -S "(initial handshake) Use of Connection ID has been negotiated" \
3452 -C "(initial handshake) Use of Connection ID has been negotiated" \
3453 -c "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3454 -s "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3455 -c "(after renegotiation) Use of Connection ID has been negotiated" \
3456 -s "(after renegotiation) Use of Connection ID has been negotiated"
3457
Jerry Yuab082902021-12-23 18:02:22 +08003458requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera0e20d02019-05-15 14:03:01 +01003459requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Beckerc2045b02019-05-08 16:20:46 +01003460requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Hanno Becker78c91372019-05-08 13:31:15 +01003461run_test "Connection ID, 3D+MTU: Cli+Srv enabled, CID on renegotiation" \
Hanno Beckerd0ac5fa2019-05-24 10:11:23 +01003462 -p "$P_PXY mtu=800 drop=5 delay=5 duplicate=5 bad_cid=1" \
Hanno Becker78c91372019-05-08 13:31:15 +01003463 "$P_SRV debug_level=3 mtu=800 dtls=1 dgram_packing=1 cid=0 cid_renego=1 cid_val_renego=dead renegotiation=1" \
3464 "$P_CLI debug_level=3 mtu=800 dtls=1 dgram_packing=1 cid=0 cid_renego=1 cid_val_renego=beef renegotiation=1 renegotiate=1" \
3465 0 \
3466 -S "(initial handshake) Use of Connection ID has been negotiated" \
3467 -C "(initial handshake) Use of Connection ID has been negotiated" \
3468 -c "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3469 -s "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3470 -c "(after renegotiation) Use of Connection ID has been negotiated" \
Hanno Beckerd0ac5fa2019-05-24 10:11:23 +01003471 -s "(after renegotiation) Use of Connection ID has been negotiated" \
3472 -c "ignoring unexpected CID" \
3473 -s "ignoring unexpected CID"
Hanno Becker78c91372019-05-08 13:31:15 +01003474
Jerry Yuab082902021-12-23 18:02:22 +08003475requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera0e20d02019-05-15 14:03:01 +01003476requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01003477requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
3478run_test "Connection ID: Cli+Srv enabled, Cli disables on renegotiation" \
Hanno Beckerb42ec0d2019-05-03 17:30:59 +01003479 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead renegotiation=1" \
3480 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef cid_renego=0 renegotiation=1 renegotiate=1" \
3481 0 \
3482 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3483 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3484 -s "(initial handshake) Use of Connection ID has been negotiated" \
3485 -c "(initial handshake) Use of Connection ID has been negotiated" \
3486 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3487 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3488 -C "(after renegotiation) Use of Connection ID has been negotiated" \
3489 -S "(after renegotiation) Use of Connection ID has been negotiated" \
3490 -s "(after renegotiation) Use of Connection ID was not offered by client"
3491
Jerry Yuab082902021-12-23 18:02:22 +08003492requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera0e20d02019-05-15 14:03:01 +01003493requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Beckerb42ec0d2019-05-03 17:30:59 +01003494requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Hanno Becker78c91372019-05-08 13:31:15 +01003495run_test "Connection ID, 3D: Cli+Srv enabled, Cli disables on renegotiation" \
Hanno Beckerd0ac5fa2019-05-24 10:11:23 +01003496 -p "$P_PXY drop=5 delay=5 duplicate=5 bad_cid=1" \
Hanno Becker78c91372019-05-08 13:31:15 +01003497 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead renegotiation=1" \
3498 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef cid_renego=0 renegotiation=1 renegotiate=1" \
3499 0 \
3500 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3501 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3502 -s "(initial handshake) Use of Connection ID has been negotiated" \
3503 -c "(initial handshake) Use of Connection ID has been negotiated" \
3504 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3505 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3506 -C "(after renegotiation) Use of Connection ID has been negotiated" \
3507 -S "(after renegotiation) Use of Connection ID has been negotiated" \
Hanno Beckerd0ac5fa2019-05-24 10:11:23 +01003508 -s "(after renegotiation) Use of Connection ID was not offered by client" \
3509 -c "ignoring unexpected CID" \
3510 -s "ignoring unexpected CID"
Hanno Becker78c91372019-05-08 13:31:15 +01003511
Jerry Yuab082902021-12-23 18:02:22 +08003512requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera0e20d02019-05-15 14:03:01 +01003513requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01003514requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
3515run_test "Connection ID: Cli+Srv enabled, Srv disables on renegotiation" \
3516 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead cid_renego=0 renegotiation=1" \
3517 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef renegotiation=1 renegotiate=1" \
3518 0 \
3519 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3520 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3521 -s "(initial handshake) Use of Connection ID has been negotiated" \
3522 -c "(initial handshake) Use of Connection ID has been negotiated" \
3523 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3524 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3525 -C "(after renegotiation) Use of Connection ID has been negotiated" \
3526 -S "(after renegotiation) Use of Connection ID has been negotiated" \
3527 -c "(after renegotiation) Use of Connection ID was rejected by the server"
3528
Jerry Yuab082902021-12-23 18:02:22 +08003529requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera0e20d02019-05-15 14:03:01 +01003530requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01003531requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
3532run_test "Connection ID, 3D: Cli+Srv enabled, Srv disables on renegotiation" \
Hanno Beckerd0ac5fa2019-05-24 10:11:23 +01003533 -p "$P_PXY drop=5 delay=5 duplicate=5 bad_cid=1" \
Hanno Beckerb42ec0d2019-05-03 17:30:59 +01003534 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead cid_renego=0 renegotiation=1" \
3535 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef renegotiation=1 renegotiate=1" \
3536 0 \
3537 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3538 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3539 -s "(initial handshake) Use of Connection ID has been negotiated" \
3540 -c "(initial handshake) Use of Connection ID has been negotiated" \
3541 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3542 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3543 -C "(after renegotiation) Use of Connection ID has been negotiated" \
3544 -S "(after renegotiation) Use of Connection ID has been negotiated" \
Hanno Beckerd0ac5fa2019-05-24 10:11:23 +01003545 -c "(after renegotiation) Use of Connection ID was rejected by the server" \
3546 -c "ignoring unexpected CID" \
3547 -s "ignoring unexpected CID"
Hanno Becker7cf463e2019-04-09 18:08:47 +01003548
Yuto Takano3fa16732021-07-09 11:21:43 +01003549# This and the test below it require MAX_CONTENT_LEN to be at least MFL+1, because the
Yuto Takano9c09d552021-07-08 16:03:44 +01003550# tests check that the buffer contents are reallocated when the message is
3551# larger than the buffer.
Jerry Yuab082902021-12-23 18:02:22 +08003552requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andrzej Kurekb6577832020-06-08 07:08:03 -04003553requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
3554requires_config_enabled MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
Yuto Takano9c09d552021-07-08 16:03:44 +01003555requires_max_content_len 513
Andrzej Kurekb6577832020-06-08 07:08:03 -04003556run_test "Connection ID: Cli+Srv enabled, variable buffer lengths, MFL=512" \
3557 "$P_SRV dtls=1 cid=1 cid_val=dead debug_level=2" \
3558 "$P_CLI force_ciphersuite="TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" max_frag_len=512 dtls=1 cid=1 cid_val=beef" \
3559 0 \
3560 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3561 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3562 -s "(initial handshake) Use of Connection ID has been negotiated" \
3563 -c "(initial handshake) Use of Connection ID has been negotiated" \
3564 -s "Reallocating in_buf" \
3565 -s "Reallocating out_buf"
3566
Jerry Yuab082902021-12-23 18:02:22 +08003567requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andrzej Kurekb6577832020-06-08 07:08:03 -04003568requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
3569requires_config_enabled MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
Yuto Takano9c09d552021-07-08 16:03:44 +01003570requires_max_content_len 1025
Andrzej Kurekb6577832020-06-08 07:08:03 -04003571run_test "Connection ID: Cli+Srv enabled, variable buffer lengths, MFL=1024" \
3572 "$P_SRV dtls=1 cid=1 cid_val=dead debug_level=2" \
3573 "$P_CLI force_ciphersuite="TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" max_frag_len=1024 dtls=1 cid=1 cid_val=beef" \
3574 0 \
3575 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3576 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3577 -s "(initial handshake) Use of Connection ID has been negotiated" \
3578 -c "(initial handshake) Use of Connection ID has been negotiated" \
3579 -s "Reallocating in_buf" \
3580 -s "Reallocating out_buf"
3581
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01003582# Tests for Encrypt-then-MAC extension
3583
Jerry Yuab082902021-12-23 18:02:22 +08003584requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01003585run_test "Encrypt then MAC: default" \
Manuel Pégourié-Gonnard0098e7d2014-10-28 13:08:59 +01003586 "$P_SRV debug_level=3 \
3587 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01003588 "$P_CLI debug_level=3" \
3589 0 \
3590 -c "client hello, adding encrypt_then_mac extension" \
3591 -s "found encrypt then mac extension" \
3592 -s "server hello, adding encrypt then mac extension" \
3593 -c "found encrypt_then_mac extension" \
3594 -c "using encrypt then mac" \
3595 -s "using encrypt then mac"
3596
Jerry Yuab082902021-12-23 18:02:22 +08003597requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01003598run_test "Encrypt then MAC: client enabled, server disabled" \
Manuel Pégourié-Gonnard0098e7d2014-10-28 13:08:59 +01003599 "$P_SRV debug_level=3 etm=0 \
3600 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01003601 "$P_CLI debug_level=3 etm=1" \
3602 0 \
3603 -c "client hello, adding encrypt_then_mac extension" \
3604 -s "found encrypt then mac extension" \
3605 -S "server hello, adding encrypt then mac extension" \
3606 -C "found encrypt_then_mac extension" \
3607 -C "using encrypt then mac" \
3608 -S "using encrypt then mac"
3609
Jerry Yuab082902021-12-23 18:02:22 +08003610requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard78e745f2014-11-04 15:44:06 +01003611run_test "Encrypt then MAC: client enabled, aead cipher" \
3612 "$P_SRV debug_level=3 etm=1 \
3613 force_ciphersuite=TLS-RSA-WITH-AES-128-GCM-SHA256" \
3614 "$P_CLI debug_level=3 etm=1" \
3615 0 \
3616 -c "client hello, adding encrypt_then_mac extension" \
3617 -s "found encrypt then mac extension" \
3618 -S "server hello, adding encrypt then mac extension" \
3619 -C "found encrypt_then_mac extension" \
3620 -C "using encrypt then mac" \
3621 -S "using encrypt then mac"
3622
Jerry Yuab082902021-12-23 18:02:22 +08003623requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01003624run_test "Encrypt then MAC: client disabled, server enabled" \
Manuel Pégourié-Gonnard0098e7d2014-10-28 13:08:59 +01003625 "$P_SRV debug_level=3 etm=1 \
3626 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01003627 "$P_CLI debug_level=3 etm=0" \
3628 0 \
3629 -C "client hello, adding encrypt_then_mac extension" \
3630 -S "found encrypt then mac extension" \
3631 -S "server hello, adding encrypt then mac extension" \
3632 -C "found encrypt_then_mac extension" \
3633 -C "using encrypt then mac" \
3634 -S "using encrypt then mac"
3635
Manuel Pégourié-Gonnard367381f2014-10-20 18:40:56 +02003636# Tests for Extended Master Secret extension
3637
Jerry Yuab082902021-12-23 18:02:22 +08003638requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine2fe796f2022-02-25 19:51:52 +01003639requires_config_enabled MBEDTLS_SSL_EXTENDED_MASTER_SECRET
Manuel Pégourié-Gonnard367381f2014-10-20 18:40:56 +02003640run_test "Extended Master Secret: default" \
3641 "$P_SRV debug_level=3" \
3642 "$P_CLI debug_level=3" \
3643 0 \
3644 -c "client hello, adding extended_master_secret extension" \
3645 -s "found extended master secret extension" \
3646 -s "server hello, adding extended master secret extension" \
3647 -c "found extended_master_secret extension" \
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02003648 -c "session hash for extended master secret" \
3649 -s "session hash for extended master secret"
Manuel Pégourié-Gonnard367381f2014-10-20 18:40:56 +02003650
Jerry Yuab082902021-12-23 18:02:22 +08003651requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine2fe796f2022-02-25 19:51:52 +01003652requires_config_enabled MBEDTLS_SSL_EXTENDED_MASTER_SECRET
Manuel Pégourié-Gonnard367381f2014-10-20 18:40:56 +02003653run_test "Extended Master Secret: client enabled, server disabled" \
3654 "$P_SRV debug_level=3 extended_ms=0" \
3655 "$P_CLI debug_level=3 extended_ms=1" \
3656 0 \
3657 -c "client hello, adding extended_master_secret extension" \
3658 -s "found extended master secret extension" \
3659 -S "server hello, adding extended master secret extension" \
3660 -C "found extended_master_secret extension" \
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02003661 -C "session hash for extended master secret" \
3662 -S "session hash for extended master secret"
Manuel Pégourié-Gonnard367381f2014-10-20 18:40:56 +02003663
Jerry Yuab082902021-12-23 18:02:22 +08003664requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine2fe796f2022-02-25 19:51:52 +01003665requires_config_enabled MBEDTLS_SSL_EXTENDED_MASTER_SECRET
Manuel Pégourié-Gonnard367381f2014-10-20 18:40:56 +02003666run_test "Extended Master Secret: client disabled, server enabled" \
3667 "$P_SRV debug_level=3 extended_ms=1" \
3668 "$P_CLI debug_level=3 extended_ms=0" \
3669 0 \
3670 -C "client hello, adding extended_master_secret extension" \
3671 -S "found extended master secret extension" \
3672 -S "server hello, adding extended master secret extension" \
3673 -C "found extended_master_secret extension" \
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02003674 -C "session hash for extended master secret" \
3675 -S "session hash for extended master secret"
Manuel Pégourié-Gonnard367381f2014-10-20 18:40:56 +02003676
Andres Amaya Garcia4c761fa2018-07-10 20:08:04 +01003677# Test sending and receiving empty application data records
3678
Jerry Yuab082902021-12-23 18:02:22 +08003679requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andres Amaya Garcia4c761fa2018-07-10 20:08:04 +01003680run_test "Encrypt then MAC: empty application data record" \
3681 "$P_SRV auth_mode=none debug_level=4 etm=1" \
3682 "$P_CLI auth_mode=none etm=1 request_size=0 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
3683 0 \
3684 -S "0000: 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f" \
3685 -s "dumping 'input payload after decrypt' (0 bytes)" \
3686 -c "0 bytes written in 1 fragments"
3687
Jerry Yuab082902021-12-23 18:02:22 +08003688requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard9e2c80f2020-03-24 10:53:39 +01003689run_test "Encrypt then MAC: disabled, empty application data record" \
Andres Amaya Garcia4c761fa2018-07-10 20:08:04 +01003690 "$P_SRV auth_mode=none debug_level=4 etm=0" \
3691 "$P_CLI auth_mode=none etm=0 request_size=0" \
3692 0 \
3693 -s "dumping 'input payload after decrypt' (0 bytes)" \
3694 -c "0 bytes written in 1 fragments"
3695
Jerry Yuab082902021-12-23 18:02:22 +08003696requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andres Amaya Garcia4c761fa2018-07-10 20:08:04 +01003697run_test "Encrypt then MAC, DTLS: empty application data record" \
3698 "$P_SRV auth_mode=none debug_level=4 etm=1 dtls=1" \
3699 "$P_CLI auth_mode=none etm=1 request_size=0 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA dtls=1" \
3700 0 \
3701 -S "0000: 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f" \
3702 -s "dumping 'input payload after decrypt' (0 bytes)" \
3703 -c "0 bytes written in 1 fragments"
3704
Jerry Yuab082902021-12-23 18:02:22 +08003705requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard9e2c80f2020-03-24 10:53:39 +01003706run_test "Encrypt then MAC, DTLS: disabled, empty application data record" \
Andres Amaya Garcia4c761fa2018-07-10 20:08:04 +01003707 "$P_SRV auth_mode=none debug_level=4 etm=0 dtls=1" \
3708 "$P_CLI auth_mode=none etm=0 request_size=0 dtls=1" \
3709 0 \
3710 -s "dumping 'input payload after decrypt' (0 bytes)" \
3711 -c "0 bytes written in 1 fragments"
3712
Manuel Pégourié-Gonnard3ff78232015-01-08 11:15:09 +01003713# Tests for CBC 1/n-1 record splitting
3714
3715run_test "CBC Record splitting: TLS 1.2, no splitting" \
Ronald Cronf3b425b2022-03-17 16:45:09 +01003716 "$P_SRV force_version=tls12" \
Manuel Pégourié-Gonnard3ff78232015-01-08 11:15:09 +01003717 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \
Ronald Cronf3b425b2022-03-17 16:45:09 +01003718 request_size=123" \
Manuel Pégourié-Gonnard3ff78232015-01-08 11:15:09 +01003719 0 \
3720 -s "Read from client: 123 bytes read" \
3721 -S "Read from client: 1 bytes read" \
3722 -S "122 bytes read"
3723
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01003724# Tests for Session Tickets
3725
Jerry Yuab082902021-12-23 18:02:22 +08003726requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003727run_test "Session resume using tickets: basic" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003728 "$P_SRV debug_level=3 tickets=1" \
3729 "$P_CLI debug_level=3 tickets=1 reconnect=1" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +01003730 0 \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +01003731 -c "client hello, adding session ticket extension" \
3732 -s "found session ticket extension" \
3733 -s "server hello, adding session ticket extension" \
3734 -c "found session_ticket extension" \
3735 -c "parse new session ticket" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +01003736 -S "session successfully restored from cache" \
3737 -s "session successfully restored from ticket" \
3738 -s "a session has been resumed" \
3739 -c "a session has been resumed"
3740
Jerry Yubaa49342022-02-15 10:26:40 +08003741requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Glenn Strausse3282452022-02-03 17:23:24 -05003742run_test "Session resume using tickets: manual rotation" \
3743 "$P_SRV debug_level=3 tickets=1 ticket_rotate=1" \
3744 "$P_CLI debug_level=3 tickets=1 reconnect=1" \
3745 0 \
3746 -c "client hello, adding session ticket extension" \
3747 -s "found session ticket extension" \
3748 -s "server hello, adding session ticket extension" \
3749 -c "found session_ticket extension" \
3750 -c "parse new session ticket" \
3751 -S "session successfully restored from cache" \
3752 -s "session successfully restored from ticket" \
3753 -s "a session has been resumed" \
3754 -c "a session has been resumed"
3755
Jerry Yuab082902021-12-23 18:02:22 +08003756requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003757run_test "Session resume using tickets: cache disabled" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003758 "$P_SRV debug_level=3 tickets=1 cache_max=0" \
3759 "$P_CLI debug_level=3 tickets=1 reconnect=1" \
Manuel Pégourié-Gonnarddbe1ee12014-02-21 09:18:13 +01003760 0 \
3761 -c "client hello, adding session ticket extension" \
3762 -s "found session ticket extension" \
3763 -s "server hello, adding session ticket extension" \
3764 -c "found session_ticket extension" \
3765 -c "parse new session ticket" \
3766 -S "session successfully restored from cache" \
3767 -s "session successfully restored from ticket" \
3768 -s "a session has been resumed" \
3769 -c "a session has been resumed"
3770
Jerry Yuab082902021-12-23 18:02:22 +08003771requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003772run_test "Session resume using tickets: timeout" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003773 "$P_SRV debug_level=3 tickets=1 cache_max=0 ticket_timeout=1" \
Jerry Yua15af372022-12-05 15:55:24 +08003774 "$P_CLI debug_level=3 tickets=1 reconnect=1 reco_delay=2000" \
Manuel Pégourié-Gonnarddbe1ee12014-02-21 09:18:13 +01003775 0 \
3776 -c "client hello, adding session ticket extension" \
3777 -s "found session ticket extension" \
3778 -s "server hello, adding session ticket extension" \
3779 -c "found session_ticket extension" \
3780 -c "parse new session ticket" \
3781 -S "session successfully restored from cache" \
3782 -S "session successfully restored from ticket" \
3783 -S "a session has been resumed" \
3784 -C "a session has been resumed"
3785
Jerry Yuab082902021-12-23 18:02:22 +08003786requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnarda7c37652019-05-20 12:46:26 +02003787run_test "Session resume using tickets: session copy" \
3788 "$P_SRV debug_level=3 tickets=1 cache_max=0" \
3789 "$P_CLI debug_level=3 tickets=1 reconnect=1 reco_mode=0" \
3790 0 \
3791 -c "client hello, adding session ticket extension" \
3792 -s "found session ticket extension" \
3793 -s "server hello, adding session ticket extension" \
3794 -c "found session_ticket extension" \
3795 -c "parse new session ticket" \
3796 -S "session successfully restored from cache" \
3797 -s "session successfully restored from ticket" \
3798 -s "a session has been resumed" \
3799 -c "a session has been resumed"
3800
Jerry Yuab082902021-12-23 18:02:22 +08003801requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003802run_test "Session resume using tickets: openssl server" \
Ronald Croncbd7bfd2022-03-31 18:19:56 +02003803 "$O_SRV -tls1_2" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003804 "$P_CLI debug_level=3 tickets=1 reconnect=1" \
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +01003805 0 \
3806 -c "client hello, adding session ticket extension" \
3807 -c "found session_ticket extension" \
3808 -c "parse new session ticket" \
3809 -c "a session has been resumed"
3810
Jerry Yuab082902021-12-23 18:02:22 +08003811requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003812run_test "Session resume using tickets: openssl client" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003813 "$P_SRV debug_level=3 tickets=1" \
Manuel Pégourié-Gonnardbc3b16c2014-05-28 23:06:50 +02003814 "( $O_CLI -sess_out $SESSION; \
3815 $O_CLI -sess_in $SESSION; \
3816 rm -f $SESSION )" \
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +01003817 0 \
3818 -s "found session ticket extension" \
3819 -s "server hello, adding session ticket extension" \
3820 -S "session successfully restored from cache" \
3821 -s "session successfully restored from ticket" \
3822 -s "a session has been resumed"
3823
Jerry Yuab082902021-12-23 18:02:22 +08003824requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gabor Mezei6e5aae62022-01-12 16:29:58 +01003825run_test "Session resume using tickets: AES-128-GCM" \
3826 "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-128-GCM" \
3827 "$P_CLI debug_level=3 tickets=1 reconnect=1" \
3828 0 \
3829 -c "client hello, adding session ticket extension" \
3830 -s "found session ticket extension" \
3831 -s "server hello, adding session ticket extension" \
3832 -c "found session_ticket extension" \
3833 -c "parse new session ticket" \
3834 -S "session successfully restored from cache" \
3835 -s "session successfully restored from ticket" \
3836 -s "a session has been resumed" \
3837 -c "a session has been resumed"
3838
Jerry Yuab082902021-12-23 18:02:22 +08003839requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gabor Mezei6e5aae62022-01-12 16:29:58 +01003840run_test "Session resume using tickets: AES-192-GCM" \
3841 "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-192-GCM" \
3842 "$P_CLI debug_level=3 tickets=1 reconnect=1" \
3843 0 \
3844 -c "client hello, adding session ticket extension" \
3845 -s "found session ticket extension" \
3846 -s "server hello, adding session ticket extension" \
3847 -c "found session_ticket extension" \
3848 -c "parse new session ticket" \
3849 -S "session successfully restored from cache" \
3850 -s "session successfully restored from ticket" \
3851 -s "a session has been resumed" \
3852 -c "a session has been resumed"
3853
Jerry Yuab082902021-12-23 18:02:22 +08003854requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gabor Mezei6e5aae62022-01-12 16:29:58 +01003855run_test "Session resume using tickets: AES-128-CCM" \
3856 "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-128-CCM" \
3857 "$P_CLI debug_level=3 tickets=1 reconnect=1" \
3858 0 \
3859 -c "client hello, adding session ticket extension" \
3860 -s "found session ticket extension" \
3861 -s "server hello, adding session ticket extension" \
3862 -c "found session_ticket extension" \
3863 -c "parse new session ticket" \
3864 -S "session successfully restored from cache" \
3865 -s "session successfully restored from ticket" \
3866 -s "a session has been resumed" \
3867 -c "a session has been resumed"
3868
Jerry Yuab082902021-12-23 18:02:22 +08003869requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gabor Mezei6e5aae62022-01-12 16:29:58 +01003870run_test "Session resume using tickets: AES-192-CCM" \
3871 "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-192-CCM" \
3872 "$P_CLI debug_level=3 tickets=1 reconnect=1" \
3873 0 \
3874 -c "client hello, adding session ticket extension" \
3875 -s "found session ticket extension" \
3876 -s "server hello, adding session ticket extension" \
3877 -c "found session_ticket extension" \
3878 -c "parse new session ticket" \
3879 -S "session successfully restored from cache" \
3880 -s "session successfully restored from ticket" \
3881 -s "a session has been resumed" \
3882 -c "a session has been resumed"
3883
Jerry Yuab082902021-12-23 18:02:22 +08003884requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gabor Mezei6e5aae62022-01-12 16:29:58 +01003885run_test "Session resume using tickets: AES-256-CCM" \
3886 "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-256-CCM" \
3887 "$P_CLI debug_level=3 tickets=1 reconnect=1" \
3888 0 \
3889 -c "client hello, adding session ticket extension" \
3890 -s "found session ticket extension" \
3891 -s "server hello, adding session ticket extension" \
3892 -c "found session_ticket extension" \
3893 -c "parse new session ticket" \
3894 -S "session successfully restored from cache" \
3895 -s "session successfully restored from ticket" \
3896 -s "a session has been resumed" \
3897 -c "a session has been resumed"
3898
Jerry Yuab082902021-12-23 18:02:22 +08003899requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gabor Mezei6e5aae62022-01-12 16:29:58 +01003900run_test "Session resume using tickets: CAMELLIA-128-CCM" \
3901 "$P_SRV debug_level=3 tickets=1 ticket_aead=CAMELLIA-128-CCM" \
3902 "$P_CLI debug_level=3 tickets=1 reconnect=1" \
3903 0 \
3904 -c "client hello, adding session ticket extension" \
3905 -s "found session ticket extension" \
3906 -s "server hello, adding session ticket extension" \
3907 -c "found session_ticket extension" \
3908 -c "parse new session ticket" \
3909 -S "session successfully restored from cache" \
3910 -s "session successfully restored from ticket" \
3911 -s "a session has been resumed" \
3912 -c "a session has been resumed"
3913
Jerry Yuab082902021-12-23 18:02:22 +08003914requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gabor Mezei6e5aae62022-01-12 16:29:58 +01003915run_test "Session resume using tickets: CAMELLIA-192-CCM" \
3916 "$P_SRV debug_level=3 tickets=1 ticket_aead=CAMELLIA-192-CCM" \
3917 "$P_CLI debug_level=3 tickets=1 reconnect=1" \
3918 0 \
3919 -c "client hello, adding session ticket extension" \
3920 -s "found session ticket extension" \
3921 -s "server hello, adding session ticket extension" \
3922 -c "found session_ticket extension" \
3923 -c "parse new session ticket" \
3924 -S "session successfully restored from cache" \
3925 -s "session successfully restored from ticket" \
3926 -s "a session has been resumed" \
3927 -c "a session has been resumed"
3928
Jerry Yuab082902021-12-23 18:02:22 +08003929requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gabor Mezei6e5aae62022-01-12 16:29:58 +01003930run_test "Session resume using tickets: CAMELLIA-256-CCM" \
3931 "$P_SRV debug_level=3 tickets=1 ticket_aead=CAMELLIA-256-CCM" \
3932 "$P_CLI debug_level=3 tickets=1 reconnect=1" \
3933 0 \
3934 -c "client hello, adding session ticket extension" \
3935 -s "found session ticket extension" \
3936 -s "server hello, adding session ticket extension" \
3937 -c "found session_ticket extension" \
3938 -c "parse new session ticket" \
3939 -S "session successfully restored from cache" \
3940 -s "session successfully restored from ticket" \
3941 -s "a session has been resumed" \
3942 -c "a session has been resumed"
3943
Jerry Yuab082902021-12-23 18:02:22 +08003944requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gabor Mezei6e5aae62022-01-12 16:29:58 +01003945run_test "Session resume using tickets: ARIA-128-GCM" \
3946 "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-128-GCM" \
3947 "$P_CLI debug_level=3 tickets=1 reconnect=1" \
3948 0 \
3949 -c "client hello, adding session ticket extension" \
3950 -s "found session ticket extension" \
3951 -s "server hello, adding session ticket extension" \
3952 -c "found session_ticket extension" \
3953 -c "parse new session ticket" \
3954 -S "session successfully restored from cache" \
3955 -s "session successfully restored from ticket" \
3956 -s "a session has been resumed" \
3957 -c "a session has been resumed"
3958
Jerry Yuab082902021-12-23 18:02:22 +08003959requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gabor Mezei6e5aae62022-01-12 16:29:58 +01003960run_test "Session resume using tickets: ARIA-192-GCM" \
3961 "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-192-GCM" \
3962 "$P_CLI debug_level=3 tickets=1 reconnect=1" \
3963 0 \
3964 -c "client hello, adding session ticket extension" \
3965 -s "found session ticket extension" \
3966 -s "server hello, adding session ticket extension" \
3967 -c "found session_ticket extension" \
3968 -c "parse new session ticket" \
3969 -S "session successfully restored from cache" \
3970 -s "session successfully restored from ticket" \
3971 -s "a session has been resumed" \
3972 -c "a session has been resumed"
3973
Jerry Yuab082902021-12-23 18:02:22 +08003974requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gabor Mezei6e5aae62022-01-12 16:29:58 +01003975run_test "Session resume using tickets: ARIA-256-GCM" \
3976 "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-256-GCM" \
3977 "$P_CLI debug_level=3 tickets=1 reconnect=1" \
3978 0 \
3979 -c "client hello, adding session ticket extension" \
3980 -s "found session ticket extension" \
3981 -s "server hello, adding session ticket extension" \
3982 -c "found session_ticket extension" \
3983 -c "parse new session ticket" \
3984 -S "session successfully restored from cache" \
3985 -s "session successfully restored from ticket" \
3986 -s "a session has been resumed" \
3987 -c "a session has been resumed"
3988
Jerry Yuab082902021-12-23 18:02:22 +08003989requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gabor Mezei6e5aae62022-01-12 16:29:58 +01003990run_test "Session resume using tickets: ARIA-128-CCM" \
3991 "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-128-CCM" \
3992 "$P_CLI debug_level=3 tickets=1 reconnect=1" \
3993 0 \
3994 -c "client hello, adding session ticket extension" \
3995 -s "found session ticket extension" \
3996 -s "server hello, adding session ticket extension" \
3997 -c "found session_ticket extension" \
3998 -c "parse new session ticket" \
3999 -S "session successfully restored from cache" \
4000 -s "session successfully restored from ticket" \
4001 -s "a session has been resumed" \
4002 -c "a session has been resumed"
4003
Jerry Yuab082902021-12-23 18:02:22 +08004004requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gabor Mezei6e5aae62022-01-12 16:29:58 +01004005run_test "Session resume using tickets: ARIA-192-CCM" \
4006 "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-192-CCM" \
4007 "$P_CLI debug_level=3 tickets=1 reconnect=1" \
4008 0 \
4009 -c "client hello, adding session ticket extension" \
4010 -s "found session ticket extension" \
4011 -s "server hello, adding session ticket extension" \
4012 -c "found session_ticket extension" \
4013 -c "parse new session ticket" \
4014 -S "session successfully restored from cache" \
4015 -s "session successfully restored from ticket" \
4016 -s "a session has been resumed" \
4017 -c "a session has been resumed"
4018
Jerry Yuab082902021-12-23 18:02:22 +08004019requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gabor Mezei6e5aae62022-01-12 16:29:58 +01004020run_test "Session resume using tickets: ARIA-256-CCM" \
4021 "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-256-CCM" \
4022 "$P_CLI debug_level=3 tickets=1 reconnect=1" \
4023 0 \
4024 -c "client hello, adding session ticket extension" \
4025 -s "found session ticket extension" \
4026 -s "server hello, adding session ticket extension" \
4027 -c "found session_ticket extension" \
4028 -c "parse new session ticket" \
4029 -S "session successfully restored from cache" \
4030 -s "session successfully restored from ticket" \
4031 -s "a session has been resumed" \
4032 -c "a session has been resumed"
4033
Gabor Mezei49c8eb32022-03-10 16:13:17 +01004034requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
4035run_test "Session resume using tickets: CHACHA20-POLY1305" \
4036 "$P_SRV debug_level=3 tickets=1 ticket_aead=CHACHA20-POLY1305" \
4037 "$P_CLI debug_level=3 tickets=1 reconnect=1" \
4038 0 \
4039 -c "client hello, adding session ticket extension" \
4040 -s "found session ticket extension" \
4041 -s "server hello, adding session ticket extension" \
4042 -c "found session_ticket extension" \
4043 -c "parse new session ticket" \
4044 -S "session successfully restored from cache" \
4045 -s "session successfully restored from ticket" \
4046 -s "a session has been resumed" \
4047 -c "a session has been resumed"
4048
Hanno Becker1d739932018-08-21 13:55:22 +01004049# Tests for Session Tickets with DTLS
4050
Jerry Yuab082902021-12-23 18:02:22 +08004051requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker1d739932018-08-21 13:55:22 +01004052run_test "Session resume using tickets, DTLS: basic" \
4053 "$P_SRV debug_level=3 dtls=1 tickets=1" \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +01004054 "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1 skip_close_notify=1" \
Hanno Becker1d739932018-08-21 13:55:22 +01004055 0 \
4056 -c "client hello, adding session ticket extension" \
4057 -s "found session ticket extension" \
4058 -s "server hello, adding session ticket extension" \
4059 -c "found session_ticket extension" \
4060 -c "parse new session ticket" \
4061 -S "session successfully restored from cache" \
4062 -s "session successfully restored from ticket" \
4063 -s "a session has been resumed" \
4064 -c "a session has been resumed"
4065
Jerry Yuab082902021-12-23 18:02:22 +08004066requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker1d739932018-08-21 13:55:22 +01004067run_test "Session resume using tickets, DTLS: cache disabled" \
4068 "$P_SRV debug_level=3 dtls=1 tickets=1 cache_max=0" \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +01004069 "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1 skip_close_notify=1" \
Hanno Becker1d739932018-08-21 13:55:22 +01004070 0 \
4071 -c "client hello, adding session ticket extension" \
4072 -s "found session ticket extension" \
4073 -s "server hello, adding session ticket extension" \
4074 -c "found session_ticket extension" \
4075 -c "parse new session ticket" \
4076 -S "session successfully restored from cache" \
4077 -s "session successfully restored from ticket" \
4078 -s "a session has been resumed" \
4079 -c "a session has been resumed"
4080
Jerry Yuab082902021-12-23 18:02:22 +08004081requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker1d739932018-08-21 13:55:22 +01004082run_test "Session resume using tickets, DTLS: timeout" \
4083 "$P_SRV debug_level=3 dtls=1 tickets=1 cache_max=0 ticket_timeout=1" \
Jerry Yua15af372022-12-05 15:55:24 +08004084 "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1 skip_close_notify=1 reco_delay=2000" \
Hanno Becker1d739932018-08-21 13:55:22 +01004085 0 \
4086 -c "client hello, adding session ticket extension" \
4087 -s "found session ticket extension" \
4088 -s "server hello, adding session ticket extension" \
4089 -c "found session_ticket extension" \
4090 -c "parse new session ticket" \
4091 -S "session successfully restored from cache" \
4092 -S "session successfully restored from ticket" \
4093 -S "a session has been resumed" \
4094 -C "a session has been resumed"
4095
Jerry Yuab082902021-12-23 18:02:22 +08004096requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnarda7c37652019-05-20 12:46:26 +02004097run_test "Session resume using tickets, DTLS: session copy" \
4098 "$P_SRV debug_level=3 dtls=1 tickets=1 cache_max=0" \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +01004099 "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1 skip_close_notify=1 reco_mode=0" \
Manuel Pégourié-Gonnarda7c37652019-05-20 12:46:26 +02004100 0 \
4101 -c "client hello, adding session ticket extension" \
4102 -s "found session ticket extension" \
4103 -s "server hello, adding session ticket extension" \
4104 -c "found session_ticket extension" \
4105 -c "parse new session ticket" \
4106 -S "session successfully restored from cache" \
4107 -s "session successfully restored from ticket" \
4108 -s "a session has been resumed" \
4109 -c "a session has been resumed"
4110
Jerry Yuab082902021-12-23 18:02:22 +08004111requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
TRodziewicz4ca18aa2021-05-20 14:46:20 +02004112run_test "Session resume using tickets, DTLS: openssl server" \
4113 "$O_SRV -dtls" \
4114 "$P_CLI dtls=1 debug_level=3 tickets=1 reconnect=1" \
4115 0 \
4116 -c "client hello, adding session ticket extension" \
4117 -c "found session_ticket extension" \
4118 -c "parse new session ticket" \
4119 -c "a session has been resumed"
4120
Manuel Pégourié-Gonnardd60950c2021-10-13 13:12:47 +02004121# For reasons that aren't fully understood, this test randomly fails with high
Paul Elliott09cfa182021-10-13 16:13:44 +01004122# probability with OpenSSL 1.0.2g on the CI, see #5012.
Manuel Pégourié-Gonnardd60950c2021-10-13 13:12:47 +02004123requires_openssl_next
Jerry Yuab082902021-12-23 18:02:22 +08004124requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
TRodziewicz4ca18aa2021-05-20 14:46:20 +02004125run_test "Session resume using tickets, DTLS: openssl client" \
4126 "$P_SRV dtls=1 debug_level=3 tickets=1" \
Manuel Pégourié-Gonnardd60950c2021-10-13 13:12:47 +02004127 "( $O_NEXT_CLI -dtls -sess_out $SESSION; \
4128 $O_NEXT_CLI -dtls -sess_in $SESSION; \
TRodziewicz4ca18aa2021-05-20 14:46:20 +02004129 rm -f $SESSION )" \
4130 0 \
4131 -s "found session ticket extension" \
4132 -s "server hello, adding session ticket extension" \
4133 -S "session successfully restored from cache" \
4134 -s "session successfully restored from ticket" \
4135 -s "a session has been resumed"
4136
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +01004137# Tests for Session Resume based on session-ID and cache
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01004138
Jerry Yuab082902021-12-23 18:02:22 +08004139requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine2fe796f2022-02-25 19:51:52 +01004140requires_config_enabled MBEDTLS_SSL_CACHE_C
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004141run_test "Session resume using cache: tickets enabled on client" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004142 "$P_SRV debug_level=3 tickets=0" \
4143 "$P_CLI debug_level=3 tickets=1 reconnect=1" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +01004144 0 \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +01004145 -c "client hello, adding session ticket extension" \
4146 -s "found session ticket extension" \
4147 -S "server hello, adding session ticket extension" \
4148 -C "found session_ticket extension" \
4149 -C "parse new session ticket" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +01004150 -s "session successfully restored from cache" \
4151 -S "session successfully restored from ticket" \
4152 -s "a session has been resumed" \
4153 -c "a session has been resumed"
4154
Jerry Yuab082902021-12-23 18:02:22 +08004155requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine2fe796f2022-02-25 19:51:52 +01004156requires_config_enabled MBEDTLS_SSL_CACHE_C
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004157run_test "Session resume using cache: tickets enabled on server" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004158 "$P_SRV debug_level=3 tickets=1" \
4159 "$P_CLI debug_level=3 tickets=0 reconnect=1" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +01004160 0 \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +01004161 -C "client hello, adding session ticket extension" \
4162 -S "found session ticket extension" \
4163 -S "server hello, adding session ticket extension" \
4164 -C "found session_ticket extension" \
4165 -C "parse new session ticket" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +01004166 -s "session successfully restored from cache" \
4167 -S "session successfully restored from ticket" \
4168 -s "a session has been resumed" \
4169 -c "a session has been resumed"
Manuel Pégourié-Gonnardde143782014-02-20 14:50:42 +01004170
Jerry Yuab082902021-12-23 18:02:22 +08004171requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine2fe796f2022-02-25 19:51:52 +01004172requires_config_enabled MBEDTLS_SSL_CACHE_C
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004173run_test "Session resume using cache: cache_max=0" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004174 "$P_SRV debug_level=3 tickets=0 cache_max=0" \
4175 "$P_CLI debug_level=3 tickets=0 reconnect=1" \
Manuel Pégourié-Gonnard4c883452014-02-20 21:32:41 +01004176 0 \
4177 -S "session successfully restored from cache" \
4178 -S "session successfully restored from ticket" \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +01004179 -S "a session has been resumed" \
4180 -C "a session has been resumed"
Manuel Pégourié-Gonnard4c883452014-02-20 21:32:41 +01004181
Jerry Yuab082902021-12-23 18:02:22 +08004182requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine2fe796f2022-02-25 19:51:52 +01004183requires_config_enabled MBEDTLS_SSL_CACHE_C
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004184run_test "Session resume using cache: cache_max=1" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004185 "$P_SRV debug_level=3 tickets=0 cache_max=1" \
4186 "$P_CLI debug_level=3 tickets=0 reconnect=1" \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +01004187 0 \
4188 -s "session successfully restored from cache" \
4189 -S "session successfully restored from ticket" \
4190 -s "a session has been resumed" \
4191 -c "a session has been resumed"
4192
Jerry Yuab082902021-12-23 18:02:22 +08004193requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine2fe796f2022-02-25 19:51:52 +01004194requires_config_enabled MBEDTLS_SSL_CACHE_C
Pengyu Lv62ed1aa2023-03-07 14:52:47 +08004195run_test "Session resume using cache: cache removed" \
4196 "$P_SRV debug_level=3 tickets=0 cache_remove=1" \
4197 "$P_CLI debug_level=3 tickets=0 reconnect=1" \
4198 0 \
4199 -C "client hello, adding session ticket extension" \
4200 -S "found session ticket extension" \
4201 -S "server hello, adding session ticket extension" \
4202 -C "found session_ticket extension" \
4203 -C "parse new session ticket" \
4204 -S "session successfully restored from cache" \
4205 -S "session successfully restored from ticket" \
4206 -S "a session has been resumed" \
4207 -C "a session has been resumed"
4208
4209requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
4210requires_config_enabled MBEDTLS_SSL_CACHE_C
Manuel Pégourié-Gonnard6df31962015-05-04 10:55:47 +02004211run_test "Session resume using cache: timeout > delay" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004212 "$P_SRV debug_level=3 tickets=0" \
4213 "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=0" \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +01004214 0 \
4215 -s "session successfully restored from cache" \
4216 -S "session successfully restored from ticket" \
4217 -s "a session has been resumed" \
4218 -c "a session has been resumed"
4219
Jerry Yuab082902021-12-23 18:02:22 +08004220requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine2fe796f2022-02-25 19:51:52 +01004221requires_config_enabled MBEDTLS_SSL_CACHE_C
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004222run_test "Session resume using cache: timeout < delay" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004223 "$P_SRV debug_level=3 tickets=0 cache_timeout=1" \
Jerry Yua15af372022-12-05 15:55:24 +08004224 "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=2000" \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +01004225 0 \
4226 -S "session successfully restored from cache" \
4227 -S "session successfully restored from ticket" \
4228 -S "a session has been resumed" \
4229 -C "a session has been resumed"
4230
Jerry Yuab082902021-12-23 18:02:22 +08004231requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine2fe796f2022-02-25 19:51:52 +01004232requires_config_enabled MBEDTLS_SSL_CACHE_C
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004233run_test "Session resume using cache: no timeout" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004234 "$P_SRV debug_level=3 tickets=0 cache_timeout=0" \
Jerry Yua15af372022-12-05 15:55:24 +08004235 "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=2000" \
Manuel Pégourié-Gonnard4c883452014-02-20 21:32:41 +01004236 0 \
4237 -s "session successfully restored from cache" \
4238 -S "session successfully restored from ticket" \
4239 -s "a session has been resumed" \
4240 -c "a session has been resumed"
4241
Jerry Yuab082902021-12-23 18:02:22 +08004242requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine2fe796f2022-02-25 19:51:52 +01004243requires_config_enabled MBEDTLS_SSL_CACHE_C
Manuel Pégourié-Gonnarda7c37652019-05-20 12:46:26 +02004244run_test "Session resume using cache: session copy" \
4245 "$P_SRV debug_level=3 tickets=0" \
4246 "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_mode=0" \
4247 0 \
4248 -s "session successfully restored from cache" \
4249 -S "session successfully restored from ticket" \
4250 -s "a session has been resumed" \
4251 -c "a session has been resumed"
4252
Jerry Yuab082902021-12-23 18:02:22 +08004253requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine2fe796f2022-02-25 19:51:52 +01004254requires_config_enabled MBEDTLS_SSL_CACHE_C
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004255run_test "Session resume using cache: openssl client" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004256 "$P_SRV debug_level=3 tickets=0" \
Manuel Pégourié-Gonnardbc3b16c2014-05-28 23:06:50 +02004257 "( $O_CLI -sess_out $SESSION; \
4258 $O_CLI -sess_in $SESSION; \
4259 rm -f $SESSION )" \
Manuel Pégourié-Gonnarddb735f62014-02-25 17:57:59 +01004260 0 \
4261 -s "found session ticket extension" \
4262 -S "server hello, adding session ticket extension" \
4263 -s "session successfully restored from cache" \
4264 -S "session successfully restored from ticket" \
4265 -s "a session has been resumed"
4266
Jerry Yuab082902021-12-23 18:02:22 +08004267requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine2fe796f2022-02-25 19:51:52 +01004268requires_config_enabled MBEDTLS_SSL_CACHE_C
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004269run_test "Session resume using cache: openssl server" \
Ronald Croncbd7bfd2022-03-31 18:19:56 +02004270 "$O_SRV -tls1_2" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004271 "$P_CLI debug_level=3 tickets=0 reconnect=1" \
Manuel Pégourié-Gonnarddb735f62014-02-25 17:57:59 +01004272 0 \
4273 -C "found session_ticket extension" \
4274 -C "parse new session ticket" \
4275 -c "a session has been resumed"
4276
Andrzej Kurek7cf87252022-06-14 07:12:33 -04004277# Tests for Session resume and extensions
4278
4279requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
4280requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
4281run_test "Session resume and connection ID" \
4282 "$P_SRV debug_level=3 cid=1 cid_val=dead dtls=1 tickets=0" \
4283 "$P_CLI debug_level=3 cid=1 cid_val=beef dtls=1 tickets=0 reconnect=1" \
4284 0 \
4285 -c "Enable use of CID extension." \
4286 -s "Enable use of CID extension." \
4287 -c "client hello, adding CID extension" \
4288 -s "found CID extension" \
4289 -s "Use of CID extension negotiated" \
4290 -s "server hello, adding CID extension" \
4291 -c "found CID extension" \
4292 -c "Use of CID extension negotiated" \
4293 -s "Copy CIDs into SSL transform" \
4294 -c "Copy CIDs into SSL transform" \
4295 -c "Peer CID (length 2 Bytes): de ad" \
4296 -s "Peer CID (length 2 Bytes): be ef" \
4297 -s "Use of Connection ID has been negotiated" \
4298 -c "Use of Connection ID has been negotiated"
4299
Hanno Becker1d739932018-08-21 13:55:22 +01004300# Tests for Session Resume based on session-ID and cache, DTLS
4301
Jerry Yuab082902021-12-23 18:02:22 +08004302requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine2fe796f2022-02-25 19:51:52 +01004303requires_config_enabled MBEDTLS_SSL_CACHE_C
Hanno Becker1d739932018-08-21 13:55:22 +01004304run_test "Session resume using cache, DTLS: tickets enabled on client" \
4305 "$P_SRV dtls=1 debug_level=3 tickets=0" \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +01004306 "$P_CLI dtls=1 debug_level=3 tickets=1 reconnect=1 skip_close_notify=1" \
Hanno Becker1d739932018-08-21 13:55:22 +01004307 0 \
4308 -c "client hello, adding session ticket extension" \
4309 -s "found session ticket extension" \
4310 -S "server hello, adding session ticket extension" \
4311 -C "found session_ticket extension" \
4312 -C "parse new session ticket" \
4313 -s "session successfully restored from cache" \
4314 -S "session successfully restored from ticket" \
4315 -s "a session has been resumed" \
4316 -c "a session has been resumed"
4317
Jerry Yuab082902021-12-23 18:02:22 +08004318requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine2fe796f2022-02-25 19:51:52 +01004319requires_config_enabled MBEDTLS_SSL_CACHE_C
Hanno Becker1d739932018-08-21 13:55:22 +01004320run_test "Session resume using cache, DTLS: tickets enabled on server" \
4321 "$P_SRV dtls=1 debug_level=3 tickets=1" \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +01004322 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1" \
Hanno Becker1d739932018-08-21 13:55:22 +01004323 0 \
4324 -C "client hello, adding session ticket extension" \
4325 -S "found session ticket extension" \
4326 -S "server hello, adding session ticket extension" \
4327 -C "found session_ticket extension" \
4328 -C "parse new session ticket" \
4329 -s "session successfully restored from cache" \
4330 -S "session successfully restored from ticket" \
4331 -s "a session has been resumed" \
4332 -c "a session has been resumed"
4333
Jerry Yuab082902021-12-23 18:02:22 +08004334requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine2fe796f2022-02-25 19:51:52 +01004335requires_config_enabled MBEDTLS_SSL_CACHE_C
Hanno Becker1d739932018-08-21 13:55:22 +01004336run_test "Session resume using cache, DTLS: cache_max=0" \
4337 "$P_SRV dtls=1 debug_level=3 tickets=0 cache_max=0" \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +01004338 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1" \
Hanno Becker1d739932018-08-21 13:55:22 +01004339 0 \
4340 -S "session successfully restored from cache" \
4341 -S "session successfully restored from ticket" \
4342 -S "a session has been resumed" \
4343 -C "a session has been resumed"
4344
Jerry Yuab082902021-12-23 18:02:22 +08004345requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine2fe796f2022-02-25 19:51:52 +01004346requires_config_enabled MBEDTLS_SSL_CACHE_C
Hanno Becker1d739932018-08-21 13:55:22 +01004347run_test "Session resume using cache, DTLS: cache_max=1" \
4348 "$P_SRV dtls=1 debug_level=3 tickets=0 cache_max=1" \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +01004349 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1" \
Hanno Becker1d739932018-08-21 13:55:22 +01004350 0 \
4351 -s "session successfully restored from cache" \
4352 -S "session successfully restored from ticket" \
4353 -s "a session has been resumed" \
4354 -c "a session has been resumed"
4355
Jerry Yuab082902021-12-23 18:02:22 +08004356requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine2fe796f2022-02-25 19:51:52 +01004357requires_config_enabled MBEDTLS_SSL_CACHE_C
Hanno Becker1d739932018-08-21 13:55:22 +01004358run_test "Session resume using cache, DTLS: timeout > delay" \
4359 "$P_SRV dtls=1 debug_level=3 tickets=0" \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +01004360 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1 reco_delay=0" \
Hanno Becker1d739932018-08-21 13:55:22 +01004361 0 \
4362 -s "session successfully restored from cache" \
4363 -S "session successfully restored from ticket" \
4364 -s "a session has been resumed" \
4365 -c "a session has been resumed"
4366
Jerry Yuab082902021-12-23 18:02:22 +08004367requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine2fe796f2022-02-25 19:51:52 +01004368requires_config_enabled MBEDTLS_SSL_CACHE_C
Hanno Becker1d739932018-08-21 13:55:22 +01004369run_test "Session resume using cache, DTLS: timeout < delay" \
4370 "$P_SRV dtls=1 debug_level=3 tickets=0 cache_timeout=1" \
Jerry Yua15af372022-12-05 15:55:24 +08004371 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1 reco_delay=2000" \
Hanno Becker1d739932018-08-21 13:55:22 +01004372 0 \
4373 -S "session successfully restored from cache" \
4374 -S "session successfully restored from ticket" \
4375 -S "a session has been resumed" \
4376 -C "a session has been resumed"
4377
Jerry Yuab082902021-12-23 18:02:22 +08004378requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine2fe796f2022-02-25 19:51:52 +01004379requires_config_enabled MBEDTLS_SSL_CACHE_C
Hanno Becker1d739932018-08-21 13:55:22 +01004380run_test "Session resume using cache, DTLS: no timeout" \
4381 "$P_SRV dtls=1 debug_level=3 tickets=0 cache_timeout=0" \
Jerry Yua15af372022-12-05 15:55:24 +08004382 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1 reco_delay=2000" \
Hanno Becker1d739932018-08-21 13:55:22 +01004383 0 \
4384 -s "session successfully restored from cache" \
4385 -S "session successfully restored from ticket" \
4386 -s "a session has been resumed" \
4387 -c "a session has been resumed"
4388
Jerry Yuab082902021-12-23 18:02:22 +08004389requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine2fe796f2022-02-25 19:51:52 +01004390requires_config_enabled MBEDTLS_SSL_CACHE_C
Manuel Pégourié-Gonnarda7c37652019-05-20 12:46:26 +02004391run_test "Session resume using cache, DTLS: session copy" \
4392 "$P_SRV dtls=1 debug_level=3 tickets=0" \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +01004393 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1 reco_mode=0" \
Manuel Pégourié-Gonnarda7c37652019-05-20 12:46:26 +02004394 0 \
4395 -s "session successfully restored from cache" \
4396 -S "session successfully restored from ticket" \
4397 -s "a session has been resumed" \
4398 -c "a session has been resumed"
4399
Manuel Pégourié-Gonnardd60950c2021-10-13 13:12:47 +02004400# For reasons that aren't fully understood, this test randomly fails with high
Paul Elliott09cfa182021-10-13 16:13:44 +01004401# probability with OpenSSL 1.0.2g on the CI, see #5012.
Manuel Pégourié-Gonnardd60950c2021-10-13 13:12:47 +02004402requires_openssl_next
Jerry Yuab082902021-12-23 18:02:22 +08004403requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine2fe796f2022-02-25 19:51:52 +01004404requires_config_enabled MBEDTLS_SSL_CACHE_C
TRodziewicz4ca18aa2021-05-20 14:46:20 +02004405run_test "Session resume using cache, DTLS: openssl client" \
4406 "$P_SRV dtls=1 debug_level=3 tickets=0" \
Manuel Pégourié-Gonnardd60950c2021-10-13 13:12:47 +02004407 "( $O_NEXT_CLI -dtls -sess_out $SESSION; \
4408 $O_NEXT_CLI -dtls -sess_in $SESSION; \
TRodziewicz4ca18aa2021-05-20 14:46:20 +02004409 rm -f $SESSION )" \
4410 0 \
4411 -s "found session ticket extension" \
4412 -S "server hello, adding session ticket extension" \
4413 -s "session successfully restored from cache" \
4414 -S "session successfully restored from ticket" \
4415 -s "a session has been resumed"
4416
Jerry Yuab082902021-12-23 18:02:22 +08004417requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine2fe796f2022-02-25 19:51:52 +01004418requires_config_enabled MBEDTLS_SSL_CACHE_C
TRodziewicz4ca18aa2021-05-20 14:46:20 +02004419run_test "Session resume using cache, DTLS: openssl server" \
4420 "$O_SRV -dtls" \
4421 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1" \
4422 0 \
4423 -C "found session_ticket extension" \
4424 -C "parse new session ticket" \
4425 -c "a session has been resumed"
4426
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01004427# Tests for Max Fragment Length extension
4428
Hanno Becker4aed27e2017-09-18 15:00:34 +01004429requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Jerry Yuab082902021-12-23 18:02:22 +08004430requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckerc5266962017-09-18 15:01:50 +01004431run_test "Max fragment length: enabled, default" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004432 "$P_SRV debug_level=3" \
4433 "$P_CLI debug_level=3" \
Manuel Pégourié-Gonnardde143782014-02-20 14:50:42 +01004434 0 \
Hanno Becker59d36702021-06-08 05:35:29 +01004435 -c "Maximum incoming record payload length is $MAX_CONTENT_LEN" \
4436 -c "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \
4437 -s "Maximum incoming record payload length is $MAX_CONTENT_LEN" \
4438 -s "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \
Manuel Pégourié-Gonnardde143782014-02-20 14:50:42 +01004439 -C "client hello, adding max_fragment_length extension" \
4440 -S "found max fragment length extension" \
4441 -S "server hello, max_fragment_length extension" \
4442 -C "found max_fragment_length extension"
4443
Hanno Becker4aed27e2017-09-18 15:00:34 +01004444requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Jerry Yuab082902021-12-23 18:02:22 +08004445requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckerc5266962017-09-18 15:01:50 +01004446run_test "Max fragment length: enabled, default, larger message" \
4447 "$P_SRV debug_level=3" \
Angus Grattonc4dd0732018-04-11 16:28:39 +10004448 "$P_CLI debug_level=3 request_size=$(( $MAX_CONTENT_LEN + 1))" \
Hanno Beckerc5266962017-09-18 15:01:50 +01004449 0 \
Hanno Becker59d36702021-06-08 05:35:29 +01004450 -c "Maximum incoming record payload length is $MAX_CONTENT_LEN" \
4451 -c "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \
4452 -s "Maximum incoming record payload length is $MAX_CONTENT_LEN" \
4453 -s "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \
Hanno Beckerc5266962017-09-18 15:01:50 +01004454 -C "client hello, adding max_fragment_length extension" \
4455 -S "found max fragment length extension" \
4456 -S "server hello, max_fragment_length extension" \
4457 -C "found max_fragment_length extension" \
Angus Grattonc4dd0732018-04-11 16:28:39 +10004458 -c "$(( $MAX_CONTENT_LEN + 1)) bytes written in 2 fragments" \
4459 -s "$MAX_CONTENT_LEN bytes read" \
Hanno Becker9cfabe32017-10-18 14:42:01 +01004460 -s "1 bytes read"
Hanno Beckerc5266962017-09-18 15:01:50 +01004461
4462requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Jerry Yuab082902021-12-23 18:02:22 +08004463requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckerc5266962017-09-18 15:01:50 +01004464run_test "Max fragment length, DTLS: enabled, default, larger message" \
4465 "$P_SRV debug_level=3 dtls=1" \
Angus Grattonc4dd0732018-04-11 16:28:39 +10004466 "$P_CLI debug_level=3 dtls=1 request_size=$(( $MAX_CONTENT_LEN + 1))" \
Hanno Beckerc5266962017-09-18 15:01:50 +01004467 1 \
Hanno Becker59d36702021-06-08 05:35:29 +01004468 -c "Maximum incoming record payload length is $MAX_CONTENT_LEN" \
4469 -c "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \
4470 -s "Maximum incoming record payload length is $MAX_CONTENT_LEN" \
4471 -s "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \
Hanno Beckerc5266962017-09-18 15:01:50 +01004472 -C "client hello, adding max_fragment_length extension" \
4473 -S "found max fragment length extension" \
4474 -S "server hello, max_fragment_length extension" \
4475 -C "found max_fragment_length extension" \
4476 -c "fragment larger than.*maximum "
4477
Angus Grattonc4dd0732018-04-11 16:28:39 +10004478# Run some tests with MBEDTLS_SSL_MAX_FRAGMENT_LENGTH disabled
4479# (session fragment length will be 16384 regardless of mbedtls
4480# content length configuration.)
4481
Hanno Beckerc5266962017-09-18 15:01:50 +01004482requires_config_disabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Jerry Yuab082902021-12-23 18:02:22 +08004483requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckerc5266962017-09-18 15:01:50 +01004484run_test "Max fragment length: disabled, larger message" \
4485 "$P_SRV debug_level=3" \
Angus Grattonc4dd0732018-04-11 16:28:39 +10004486 "$P_CLI debug_level=3 request_size=$(( $MAX_CONTENT_LEN + 1))" \
Hanno Beckerc5266962017-09-18 15:01:50 +01004487 0 \
Hanno Becker59d36702021-06-08 05:35:29 +01004488 -C "Maximum incoming record payload length is 16384" \
4489 -C "Maximum outgoing record payload length is 16384" \
4490 -S "Maximum incoming record payload length is 16384" \
4491 -S "Maximum outgoing record payload length is 16384" \
Angus Grattonc4dd0732018-04-11 16:28:39 +10004492 -c "$(( $MAX_CONTENT_LEN + 1)) bytes written in 2 fragments" \
4493 -s "$MAX_CONTENT_LEN bytes read" \
Hanno Becker9cfabe32017-10-18 14:42:01 +01004494 -s "1 bytes read"
Hanno Beckerc5266962017-09-18 15:01:50 +01004495
4496requires_config_disabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Jerry Yuab082902021-12-23 18:02:22 +08004497requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Yuto Takano0509fea2021-06-21 19:43:33 +01004498run_test "Max fragment length, DTLS: disabled, larger message" \
Hanno Beckerc5266962017-09-18 15:01:50 +01004499 "$P_SRV debug_level=3 dtls=1" \
Angus Grattonc4dd0732018-04-11 16:28:39 +10004500 "$P_CLI debug_level=3 dtls=1 request_size=$(( $MAX_CONTENT_LEN + 1))" \
Hanno Beckerc5266962017-09-18 15:01:50 +01004501 1 \
Hanno Becker59d36702021-06-08 05:35:29 +01004502 -C "Maximum incoming record payload length is 16384" \
4503 -C "Maximum outgoing record payload length is 16384" \
4504 -S "Maximum incoming record payload length is 16384" \
4505 -S "Maximum outgoing record payload length is 16384" \
Hanno Beckerc5266962017-09-18 15:01:50 +01004506 -c "fragment larger than.*maximum "
4507
Yuto Takanob0a1c5b2021-07-02 10:10:49 +01004508requires_max_content_len 4096
Hanno Beckerc5266962017-09-18 15:01:50 +01004509requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Jerry Yuab082902021-12-23 18:02:22 +08004510requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004511run_test "Max fragment length: used by client" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004512 "$P_SRV debug_level=3" \
4513 "$P_CLI debug_level=3 max_frag_len=4096" \
Manuel Pégourié-Gonnardde143782014-02-20 14:50:42 +01004514 0 \
Hanno Becker59d36702021-06-08 05:35:29 +01004515 -c "Maximum incoming record payload length is 4096" \
4516 -c "Maximum outgoing record payload length is 4096" \
4517 -s "Maximum incoming record payload length is 4096" \
4518 -s "Maximum outgoing record payload length is 4096" \
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004519 -c "client hello, adding max_fragment_length extension" \
4520 -s "found max fragment length extension" \
4521 -s "server hello, max_fragment_length extension" \
4522 -c "found max_fragment_length extension"
4523
Yuto Takanob0a1c5b2021-07-02 10:10:49 +01004524requires_max_content_len 1024
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004525requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Jerry Yuab082902021-12-23 18:02:22 +08004526requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004527run_test "Max fragment length: client 512, server 1024" \
4528 "$P_SRV debug_level=3 max_frag_len=1024" \
4529 "$P_CLI debug_level=3 max_frag_len=512" \
4530 0 \
Hanno Becker59d36702021-06-08 05:35:29 +01004531 -c "Maximum incoming record payload length is 512" \
4532 -c "Maximum outgoing record payload length is 512" \
4533 -s "Maximum incoming record payload length is 512" \
4534 -s "Maximum outgoing record payload length is 512" \
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004535 -c "client hello, adding max_fragment_length extension" \
4536 -s "found max fragment length extension" \
4537 -s "server hello, max_fragment_length extension" \
4538 -c "found max_fragment_length extension"
4539
Yuto Takanob0a1c5b2021-07-02 10:10:49 +01004540requires_max_content_len 2048
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004541requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Jerry Yuab082902021-12-23 18:02:22 +08004542requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004543run_test "Max fragment length: client 512, server 2048" \
4544 "$P_SRV debug_level=3 max_frag_len=2048" \
4545 "$P_CLI debug_level=3 max_frag_len=512" \
4546 0 \
Hanno Becker59d36702021-06-08 05:35:29 +01004547 -c "Maximum incoming record payload length is 512" \
4548 -c "Maximum outgoing record payload length is 512" \
4549 -s "Maximum incoming record payload length is 512" \
4550 -s "Maximum outgoing record payload length is 512" \
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004551 -c "client hello, adding max_fragment_length extension" \
4552 -s "found max fragment length extension" \
4553 -s "server hello, max_fragment_length extension" \
4554 -c "found max_fragment_length extension"
4555
Yuto Takanob0a1c5b2021-07-02 10:10:49 +01004556requires_max_content_len 4096
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004557requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Jerry Yuab082902021-12-23 18:02:22 +08004558requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004559run_test "Max fragment length: client 512, server 4096" \
4560 "$P_SRV debug_level=3 max_frag_len=4096" \
4561 "$P_CLI debug_level=3 max_frag_len=512" \
4562 0 \
Hanno Becker59d36702021-06-08 05:35:29 +01004563 -c "Maximum incoming record payload length is 512" \
4564 -c "Maximum outgoing record payload length is 512" \
4565 -s "Maximum incoming record payload length is 512" \
4566 -s "Maximum outgoing record payload length is 512" \
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004567 -c "client hello, adding max_fragment_length extension" \
4568 -s "found max fragment length extension" \
4569 -s "server hello, max_fragment_length extension" \
4570 -c "found max_fragment_length extension"
4571
Yuto Takanob0a1c5b2021-07-02 10:10:49 +01004572requires_max_content_len 1024
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004573requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Jerry Yuab082902021-12-23 18:02:22 +08004574requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004575run_test "Max fragment length: client 1024, server 512" \
4576 "$P_SRV debug_level=3 max_frag_len=512" \
4577 "$P_CLI debug_level=3 max_frag_len=1024" \
4578 0 \
Hanno Becker59d36702021-06-08 05:35:29 +01004579 -c "Maximum incoming record payload length is 1024" \
4580 -c "Maximum outgoing record payload length is 1024" \
4581 -s "Maximum incoming record payload length is 1024" \
4582 -s "Maximum outgoing record payload length is 512" \
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004583 -c "client hello, adding max_fragment_length extension" \
4584 -s "found max fragment length extension" \
4585 -s "server hello, max_fragment_length extension" \
4586 -c "found max_fragment_length extension"
4587
Yuto Takanob0a1c5b2021-07-02 10:10:49 +01004588requires_max_content_len 2048
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004589requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Jerry Yuab082902021-12-23 18:02:22 +08004590requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004591run_test "Max fragment length: client 1024, server 2048" \
4592 "$P_SRV debug_level=3 max_frag_len=2048" \
4593 "$P_CLI debug_level=3 max_frag_len=1024" \
4594 0 \
Hanno Becker59d36702021-06-08 05:35:29 +01004595 -c "Maximum incoming record payload length is 1024" \
4596 -c "Maximum outgoing record payload length is 1024" \
4597 -s "Maximum incoming record payload length is 1024" \
4598 -s "Maximum outgoing record payload length is 1024" \
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004599 -c "client hello, adding max_fragment_length extension" \
4600 -s "found max fragment length extension" \
4601 -s "server hello, max_fragment_length extension" \
4602 -c "found max_fragment_length extension"
4603
Yuto Takanob0a1c5b2021-07-02 10:10:49 +01004604requires_max_content_len 4096
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004605requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Jerry Yuab082902021-12-23 18:02:22 +08004606requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004607run_test "Max fragment length: client 1024, server 4096" \
4608 "$P_SRV debug_level=3 max_frag_len=4096" \
4609 "$P_CLI debug_level=3 max_frag_len=1024" \
4610 0 \
Hanno Becker59d36702021-06-08 05:35:29 +01004611 -c "Maximum incoming record payload length is 1024" \
4612 -c "Maximum outgoing record payload length is 1024" \
4613 -s "Maximum incoming record payload length is 1024" \
4614 -s "Maximum outgoing record payload length is 1024" \
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004615 -c "client hello, adding max_fragment_length extension" \
4616 -s "found max fragment length extension" \
4617 -s "server hello, max_fragment_length extension" \
4618 -c "found max_fragment_length extension"
4619
Yuto Takanob0a1c5b2021-07-02 10:10:49 +01004620requires_max_content_len 2048
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004621requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Jerry Yuab082902021-12-23 18:02:22 +08004622requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004623run_test "Max fragment length: client 2048, server 512" \
4624 "$P_SRV debug_level=3 max_frag_len=512" \
4625 "$P_CLI debug_level=3 max_frag_len=2048" \
4626 0 \
Hanno Becker59d36702021-06-08 05:35:29 +01004627 -c "Maximum incoming record payload length is 2048" \
4628 -c "Maximum outgoing record payload length is 2048" \
4629 -s "Maximum incoming record payload length is 2048" \
4630 -s "Maximum outgoing record payload length is 512" \
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004631 -c "client hello, adding max_fragment_length extension" \
4632 -s "found max fragment length extension" \
4633 -s "server hello, max_fragment_length extension" \
4634 -c "found max_fragment_length extension"
4635
Yuto Takanob0a1c5b2021-07-02 10:10:49 +01004636requires_max_content_len 2048
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004637requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Jerry Yuab082902021-12-23 18:02:22 +08004638requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004639run_test "Max fragment length: client 2048, server 1024" \
4640 "$P_SRV debug_level=3 max_frag_len=1024" \
4641 "$P_CLI debug_level=3 max_frag_len=2048" \
4642 0 \
Hanno Becker59d36702021-06-08 05:35:29 +01004643 -c "Maximum incoming record payload length is 2048" \
4644 -c "Maximum outgoing record payload length is 2048" \
4645 -s "Maximum incoming record payload length is 2048" \
4646 -s "Maximum outgoing record payload length is 1024" \
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004647 -c "client hello, adding max_fragment_length extension" \
4648 -s "found max fragment length extension" \
4649 -s "server hello, max_fragment_length extension" \
4650 -c "found max_fragment_length extension"
4651
Yuto Takanob0a1c5b2021-07-02 10:10:49 +01004652requires_max_content_len 4096
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004653requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Jerry Yuab082902021-12-23 18:02:22 +08004654requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004655run_test "Max fragment length: client 2048, server 4096" \
4656 "$P_SRV debug_level=3 max_frag_len=4096" \
4657 "$P_CLI debug_level=3 max_frag_len=2048" \
4658 0 \
Hanno Becker59d36702021-06-08 05:35:29 +01004659 -c "Maximum incoming record payload length is 2048" \
4660 -c "Maximum outgoing record payload length is 2048" \
4661 -s "Maximum incoming record payload length is 2048" \
4662 -s "Maximum outgoing record payload length is 2048" \
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004663 -c "client hello, adding max_fragment_length extension" \
4664 -s "found max fragment length extension" \
4665 -s "server hello, max_fragment_length extension" \
4666 -c "found max_fragment_length extension"
4667
Yuto Takanob0a1c5b2021-07-02 10:10:49 +01004668requires_max_content_len 4096
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004669requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Jerry Yuab082902021-12-23 18:02:22 +08004670requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004671run_test "Max fragment length: client 4096, server 512" \
4672 "$P_SRV debug_level=3 max_frag_len=512" \
4673 "$P_CLI debug_level=3 max_frag_len=4096" \
4674 0 \
Hanno Becker59d36702021-06-08 05:35:29 +01004675 -c "Maximum incoming record payload length is 4096" \
4676 -c "Maximum outgoing record payload length is 4096" \
4677 -s "Maximum incoming record payload length is 4096" \
4678 -s "Maximum outgoing record payload length is 512" \
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004679 -c "client hello, adding max_fragment_length extension" \
4680 -s "found max fragment length extension" \
4681 -s "server hello, max_fragment_length extension" \
4682 -c "found max_fragment_length extension"
4683
Yuto Takanob0a1c5b2021-07-02 10:10:49 +01004684requires_max_content_len 4096
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004685requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Jerry Yuab082902021-12-23 18:02:22 +08004686requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004687run_test "Max fragment length: client 4096, server 1024" \
4688 "$P_SRV debug_level=3 max_frag_len=1024" \
4689 "$P_CLI debug_level=3 max_frag_len=4096" \
4690 0 \
Hanno Becker59d36702021-06-08 05:35:29 +01004691 -c "Maximum incoming record payload length is 4096" \
4692 -c "Maximum outgoing record payload length is 4096" \
4693 -s "Maximum incoming record payload length is 4096" \
4694 -s "Maximum outgoing record payload length is 1024" \
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004695 -c "client hello, adding max_fragment_length extension" \
4696 -s "found max fragment length extension" \
4697 -s "server hello, max_fragment_length extension" \
4698 -c "found max_fragment_length extension"
4699
Yuto Takanob0a1c5b2021-07-02 10:10:49 +01004700requires_max_content_len 4096
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004701requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Jerry Yuab082902021-12-23 18:02:22 +08004702requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andrzej Kurek90c6e842020-04-03 05:25:29 -04004703run_test "Max fragment length: client 4096, server 2048" \
4704 "$P_SRV debug_level=3 max_frag_len=2048" \
4705 "$P_CLI debug_level=3 max_frag_len=4096" \
4706 0 \
Hanno Becker59d36702021-06-08 05:35:29 +01004707 -c "Maximum incoming record payload length is 4096" \
4708 -c "Maximum outgoing record payload length is 4096" \
4709 -s "Maximum incoming record payload length is 4096" \
4710 -s "Maximum outgoing record payload length is 2048" \
Manuel Pégourié-Gonnardde143782014-02-20 14:50:42 +01004711 -c "client hello, adding max_fragment_length extension" \
4712 -s "found max fragment length extension" \
4713 -s "server hello, max_fragment_length extension" \
4714 -c "found max_fragment_length extension"
4715
Yuto Takanob0a1c5b2021-07-02 10:10:49 +01004716requires_max_content_len 4096
Hanno Becker4aed27e2017-09-18 15:00:34 +01004717requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Jerry Yuab082902021-12-23 18:02:22 +08004718requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004719run_test "Max fragment length: used by server" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004720 "$P_SRV debug_level=3 max_frag_len=4096" \
4721 "$P_CLI debug_level=3" \
Manuel Pégourié-Gonnardde143782014-02-20 14:50:42 +01004722 0 \
Hanno Becker59d36702021-06-08 05:35:29 +01004723 -c "Maximum incoming record payload length is $MAX_CONTENT_LEN" \
4724 -c "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \
4725 -s "Maximum incoming record payload length is $MAX_CONTENT_LEN" \
4726 -s "Maximum outgoing record payload length is 4096" \
Manuel Pégourié-Gonnardde143782014-02-20 14:50:42 +01004727 -C "client hello, adding max_fragment_length extension" \
4728 -S "found max fragment length extension" \
4729 -S "server hello, max_fragment_length extension" \
4730 -C "found max_fragment_length extension"
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01004731
Yuto Takanob0a1c5b2021-07-02 10:10:49 +01004732requires_max_content_len 4096
Hanno Becker4aed27e2017-09-18 15:00:34 +01004733requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004734requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +08004735requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004736run_test "Max fragment length: gnutls server" \
Ronald Croncbd7bfd2022-03-31 18:19:56 +02004737 "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004738 "$P_CLI debug_level=3 max_frag_len=4096" \
Manuel Pégourié-Gonnardbaa7f072014-08-20 20:15:53 +02004739 0 \
Hanno Becker59d36702021-06-08 05:35:29 +01004740 -c "Maximum incoming record payload length is 4096" \
4741 -c "Maximum outgoing record payload length is 4096" \
Manuel Pégourié-Gonnardbaa7f072014-08-20 20:15:53 +02004742 -c "client hello, adding max_fragment_length extension" \
4743 -c "found max_fragment_length extension"
4744
Yuto Takanob0a1c5b2021-07-02 10:10:49 +01004745requires_max_content_len 2048
Hanno Becker4aed27e2017-09-18 15:00:34 +01004746requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Jerry Yuab082902021-12-23 18:02:22 +08004747requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard37e08e12014-10-13 17:55:52 +02004748run_test "Max fragment length: client, message just fits" \
4749 "$P_SRV debug_level=3" \
4750 "$P_CLI debug_level=3 max_frag_len=2048 request_size=2048" \
4751 0 \
Hanno Becker59d36702021-06-08 05:35:29 +01004752 -c "Maximum incoming record payload length is 2048" \
4753 -c "Maximum outgoing record payload length is 2048" \
4754 -s "Maximum incoming record payload length is 2048" \
4755 -s "Maximum outgoing record payload length is 2048" \
Manuel Pégourié-Gonnard37e08e12014-10-13 17:55:52 +02004756 -c "client hello, adding max_fragment_length extension" \
4757 -s "found max fragment length extension" \
4758 -s "server hello, max_fragment_length extension" \
4759 -c "found max_fragment_length extension" \
4760 -c "2048 bytes written in 1 fragments" \
4761 -s "2048 bytes read"
4762
Yuto Takanob0a1c5b2021-07-02 10:10:49 +01004763requires_max_content_len 2048
Hanno Becker4aed27e2017-09-18 15:00:34 +01004764requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Jerry Yuab082902021-12-23 18:02:22 +08004765requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard37e08e12014-10-13 17:55:52 +02004766run_test "Max fragment length: client, larger message" \
4767 "$P_SRV debug_level=3" \
4768 "$P_CLI debug_level=3 max_frag_len=2048 request_size=2345" \
4769 0 \
Hanno Becker59d36702021-06-08 05:35:29 +01004770 -c "Maximum incoming record payload length is 2048" \
4771 -c "Maximum outgoing record payload length is 2048" \
4772 -s "Maximum incoming record payload length is 2048" \
4773 -s "Maximum outgoing record payload length is 2048" \
Manuel Pégourié-Gonnard37e08e12014-10-13 17:55:52 +02004774 -c "client hello, adding max_fragment_length extension" \
4775 -s "found max fragment length extension" \
4776 -s "server hello, max_fragment_length extension" \
4777 -c "found max_fragment_length extension" \
4778 -c "2345 bytes written in 2 fragments" \
4779 -s "2048 bytes read" \
4780 -s "297 bytes read"
4781
Yuto Takanob0a1c5b2021-07-02 10:10:49 +01004782requires_max_content_len 2048
Hanno Becker4aed27e2017-09-18 15:00:34 +01004783requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Jerry Yuab082902021-12-23 18:02:22 +08004784requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard23eb74d2015-01-21 14:37:13 +00004785run_test "Max fragment length: DTLS client, larger message" \
Manuel Pégourié-Gonnard37e08e12014-10-13 17:55:52 +02004786 "$P_SRV debug_level=3 dtls=1" \
4787 "$P_CLI debug_level=3 dtls=1 max_frag_len=2048 request_size=2345" \
4788 1 \
Hanno Becker59d36702021-06-08 05:35:29 +01004789 -c "Maximum incoming record payload length is 2048" \
4790 -c "Maximum outgoing record payload length is 2048" \
4791 -s "Maximum incoming record payload length is 2048" \
4792 -s "Maximum outgoing record payload length is 2048" \
Manuel Pégourié-Gonnard37e08e12014-10-13 17:55:52 +02004793 -c "client hello, adding max_fragment_length extension" \
4794 -s "found max fragment length extension" \
4795 -s "server hello, max_fragment_length extension" \
4796 -c "found max_fragment_length extension" \
4797 -c "fragment larger than.*maximum"
4798
Jan Bruckneraa31b192023-02-06 12:54:29 +01004799# Tests for Record Size Limit extension
4800
Jan Bruckneraa31b192023-02-06 12:54:29 +01004801requires_gnutls_tls1_3
4802requires_gnutls_record_size_limit
Jan Bruckner151f6422023-02-10 12:45:19 +01004803requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
4804run_test "Record Size Limit: TLS 1.3: Server-side parsing, debug output and fatal alert" \
4805 "$P_SRV debug_level=3 force_version=tls13" \
Jan Bruckneraa31b192023-02-06 12:54:29 +01004806 "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4" \
Jan Bruckner151f6422023-02-10 12:45:19 +01004807 1 \
4808 -c "Preparing extension (Record Size Limit/28) for 'client hello'" \
4809 -c "Sending extension Record Size Limit/28 (2 bytes)" \
4810 -s "ClientHello: record_size_limit(28) extension received."\
4811 -s "found record_size_limit extension" \
4812 -s "RecordSizeLimit: 16385 Bytes" \
4813 -c "Received alert \[110]: An unsupported extension was sent"
4814
4815requires_gnutls_tls1_3
4816requires_gnutls_record_size_limit
4817requires_gnutls_next_disable_tls13_compat
4818requires_config_enabled MBEDTLS_SSL_RECORD_SIZE_LIMIT
4819run_test "Record Size Limit: TLS 1.3: Client-side parsing, debug output and fatal alert" \
4820 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%DISABLE_TLS13_COMPAT_MODE --disable-client-cert -d 4" \
4821 "$P_CLI debug_level=4 force_version=tls13" \
Jan Bruckneraa31b192023-02-06 12:54:29 +01004822 0 \
Jan Bruckner151f6422023-02-10 12:45:19 +01004823 -s "Preparing extension (Record Size Limit/28) for 'encrypted extensions'"
4824# The P_CLI can not yet send the Record Size Limit extension. Thus, the G_NEXT_SRV does not send
4825# a response in its EncryptedExtensions record.
4826# -s "Parsing extension 'Record Size Limit/28 (2 bytes)" \
4827# -s "Sending extension Record Size Limit/28 (2 bytes)" \
4828# -c "EncryptedExtensions: record_size_limit(28) extension received."\
4829# -c "found record_size_limit extension" \
4830# -c "RecordSizeLimit: 16385 Bytes" \
4831# -s "Received alert \[110]: An unsupported extension was sent"
Jan Bruckneraa31b192023-02-06 12:54:29 +01004832
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01004833# Tests for renegotiation
4834
Hanno Becker6a243642017-10-12 15:18:45 +01004835# Renegotiation SCSV always added, regardless of SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08004836requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004837run_test "Renegotiation: none, for reference" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01004838 "$P_SRV debug_level=3 exchanges=2 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004839 "$P_CLI debug_level=3 exchanges=2" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01004840 0 \
4841 -C "client hello, adding renegotiation extension" \
4842 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
4843 -S "found renegotiation extension" \
4844 -s "server hello, secure renegotiation extension" \
4845 -c "found renegotiation extension" \
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +01004846 -C "=> renegotiate" \
4847 -S "=> renegotiate" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01004848 -S "write hello request"
4849
Hanno Becker6a243642017-10-12 15:18:45 +01004850requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08004851requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004852run_test "Renegotiation: client-initiated" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01004853 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004854 "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01004855 0 \
4856 -c "client hello, adding renegotiation extension" \
4857 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
4858 -s "found renegotiation extension" \
4859 -s "server hello, secure renegotiation extension" \
4860 -c "found renegotiation extension" \
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +01004861 -c "=> renegotiate" \
4862 -s "=> renegotiate" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01004863 -S "write hello request"
4864
Hanno Becker6a243642017-10-12 15:18:45 +01004865requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08004866requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004867run_test "Renegotiation: server-initiated" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01004868 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004869 "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01004870 0 \
4871 -c "client hello, adding renegotiation extension" \
4872 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
4873 -s "found renegotiation extension" \
4874 -s "server hello, secure renegotiation extension" \
4875 -c "found renegotiation extension" \
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +01004876 -c "=> renegotiate" \
4877 -s "=> renegotiate" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01004878 -s "write hello request"
4879
Janos Follathb0f148c2017-10-05 12:29:42 +01004880# Checks that no Signature Algorithm with SHA-1 gets negotiated. Negotiating SHA-1 would mean that
4881# the server did not parse the Signature Algorithm extension. This test is valid only if an MD
Bence Szépkútibb0cfeb2021-05-28 09:42:25 +02004882# algorithm stronger than SHA-1 is enabled in mbedtls_config.h
Hanno Becker6a243642017-10-12 15:18:45 +01004883requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08004884requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Janos Follathb0f148c2017-10-05 12:29:42 +01004885run_test "Renegotiation: Signature Algorithms parsing, client-initiated" \
4886 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional" \
4887 "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \
4888 0 \
4889 -c "client hello, adding renegotiation extension" \
4890 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
4891 -s "found renegotiation extension" \
4892 -s "server hello, secure renegotiation extension" \
4893 -c "found renegotiation extension" \
4894 -c "=> renegotiate" \
4895 -s "=> renegotiate" \
4896 -S "write hello request" \
4897 -S "client hello v3, signature_algorithm ext: 2" # Is SHA-1 negotiated?
4898
4899# Checks that no Signature Algorithm with SHA-1 gets negotiated. Negotiating SHA-1 would mean that
4900# the server did not parse the Signature Algorithm extension. This test is valid only if an MD
Bence Szépkútibb0cfeb2021-05-28 09:42:25 +02004901# algorithm stronger than SHA-1 is enabled in mbedtls_config.h
Hanno Becker6a243642017-10-12 15:18:45 +01004902requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08004903requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Janos Follathb0f148c2017-10-05 12:29:42 +01004904run_test "Renegotiation: Signature Algorithms parsing, server-initiated" \
4905 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1" \
4906 "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \
4907 0 \
4908 -c "client hello, adding renegotiation extension" \
4909 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
4910 -s "found renegotiation extension" \
4911 -s "server hello, secure renegotiation extension" \
4912 -c "found renegotiation extension" \
4913 -c "=> renegotiate" \
4914 -s "=> renegotiate" \
4915 -s "write hello request" \
4916 -S "client hello v3, signature_algorithm ext: 2" # Is SHA-1 negotiated?
4917
Hanno Becker6a243642017-10-12 15:18:45 +01004918requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08004919requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004920run_test "Renegotiation: double" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01004921 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004922 "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01004923 0 \
4924 -c "client hello, adding renegotiation extension" \
4925 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
4926 -s "found renegotiation extension" \
4927 -s "server hello, secure renegotiation extension" \
4928 -c "found renegotiation extension" \
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +01004929 -c "=> renegotiate" \
4930 -s "=> renegotiate" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01004931 -s "write hello request"
4932
Hanno Becker6a243642017-10-12 15:18:45 +01004933requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Andrzej Kurek8ea68722020-04-03 06:40:47 -04004934requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Yuto Takanob0a1c5b2021-07-02 10:10:49 +01004935requires_max_content_len 2048
Jerry Yuab082902021-12-23 18:02:22 +08004936requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andrzej Kurek8ea68722020-04-03 06:40:47 -04004937run_test "Renegotiation with max fragment length: client 2048, server 512" \
4938 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1 max_frag_len=512" \
4939 "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 max_frag_len=2048 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
4940 0 \
Hanno Becker59d36702021-06-08 05:35:29 +01004941 -c "Maximum incoming record payload length is 2048" \
4942 -c "Maximum outgoing record payload length is 2048" \
4943 -s "Maximum incoming record payload length is 2048" \
4944 -s "Maximum outgoing record payload length is 512" \
Andrzej Kurek8ea68722020-04-03 06:40:47 -04004945 -c "client hello, adding max_fragment_length extension" \
4946 -s "found max fragment length extension" \
4947 -s "server hello, max_fragment_length extension" \
4948 -c "found max_fragment_length extension" \
4949 -c "client hello, adding renegotiation extension" \
4950 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
4951 -s "found renegotiation extension" \
4952 -s "server hello, secure renegotiation extension" \
4953 -c "found renegotiation extension" \
4954 -c "=> renegotiate" \
4955 -s "=> renegotiate" \
4956 -s "write hello request"
4957
4958requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08004959requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004960run_test "Renegotiation: client-initiated, server-rejected" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01004961 "$P_SRV debug_level=3 exchanges=2 renegotiation=0 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004962 "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01004963 1 \
4964 -c "client hello, adding renegotiation extension" \
4965 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
4966 -S "found renegotiation extension" \
4967 -s "server hello, secure renegotiation extension" \
4968 -c "found renegotiation extension" \
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +01004969 -c "=> renegotiate" \
4970 -S "=> renegotiate" \
Manuel Pégourié-Gonnardfae355e2014-07-04 14:32:27 +02004971 -S "write hello request" \
Manuel Pégourié-Gonnard65919622014-08-19 12:50:30 +02004972 -c "SSL - Unexpected message at ServerHello in renegotiation" \
Manuel Pégourié-Gonnardfae355e2014-07-04 14:32:27 +02004973 -c "failed"
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01004974
Hanno Becker6a243642017-10-12 15:18:45 +01004975requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08004976requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004977run_test "Renegotiation: server-initiated, client-rejected, default" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01004978 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004979 "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01004980 0 \
4981 -C "client hello, adding renegotiation extension" \
4982 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
4983 -S "found renegotiation extension" \
4984 -s "server hello, secure renegotiation extension" \
4985 -c "found renegotiation extension" \
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +01004986 -C "=> renegotiate" \
4987 -S "=> renegotiate" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01004988 -s "write hello request" \
Manuel Pégourié-Gonnarda9964db2014-07-03 19:29:16 +02004989 -S "SSL - An unexpected message was received from our peer" \
4990 -S "failed"
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +01004991
Hanno Becker6a243642017-10-12 15:18:45 +01004992requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08004993requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004994run_test "Renegotiation: server-initiated, client-rejected, not enforced" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004995 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01004996 renego_delay=-1 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004997 "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \
Manuel Pégourié-Gonnardfae355e2014-07-04 14:32:27 +02004998 0 \
4999 -C "client hello, adding renegotiation extension" \
5000 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5001 -S "found renegotiation extension" \
5002 -s "server hello, secure renegotiation extension" \
5003 -c "found renegotiation extension" \
5004 -C "=> renegotiate" \
5005 -S "=> renegotiate" \
5006 -s "write hello request" \
5007 -S "SSL - An unexpected message was received from our peer" \
5008 -S "failed"
5009
Manuel Pégourié-Gonnarda8c0a0d2014-08-15 12:07:38 +02005010# delay 2 for 1 alert record + 1 application data record
Hanno Becker6a243642017-10-12 15:18:45 +01005011requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08005012requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005013run_test "Renegotiation: server-initiated, client-rejected, delay 2" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005014 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01005015 renego_delay=2 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005016 "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \
Manuel Pégourié-Gonnardfae355e2014-07-04 14:32:27 +02005017 0 \
5018 -C "client hello, adding renegotiation extension" \
5019 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5020 -S "found renegotiation extension" \
5021 -s "server hello, secure renegotiation extension" \
5022 -c "found renegotiation extension" \
5023 -C "=> renegotiate" \
5024 -S "=> renegotiate" \
5025 -s "write hello request" \
5026 -S "SSL - An unexpected message was received from our peer" \
5027 -S "failed"
5028
Hanno Becker6a243642017-10-12 15:18:45 +01005029requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08005030requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005031run_test "Renegotiation: server-initiated, client-rejected, delay 0" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005032 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01005033 renego_delay=0 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005034 "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \
Manuel Pégourié-Gonnardfae355e2014-07-04 14:32:27 +02005035 0 \
5036 -C "client hello, adding renegotiation extension" \
5037 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5038 -S "found renegotiation extension" \
5039 -s "server hello, secure renegotiation extension" \
5040 -c "found renegotiation extension" \
5041 -C "=> renegotiate" \
5042 -S "=> renegotiate" \
5043 -s "write hello request" \
Manuel Pégourié-Gonnarda8c0a0d2014-08-15 12:07:38 +02005044 -s "SSL - An unexpected message was received from our peer"
Manuel Pégourié-Gonnardfae355e2014-07-04 14:32:27 +02005045
Hanno Becker6a243642017-10-12 15:18:45 +01005046requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08005047requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005048run_test "Renegotiation: server-initiated, client-accepted, delay 0" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005049 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01005050 renego_delay=0 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005051 "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \
Manuel Pégourié-Gonnardfae355e2014-07-04 14:32:27 +02005052 0 \
5053 -c "client hello, adding renegotiation extension" \
5054 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5055 -s "found renegotiation extension" \
5056 -s "server hello, secure renegotiation extension" \
5057 -c "found renegotiation extension" \
5058 -c "=> renegotiate" \
5059 -s "=> renegotiate" \
5060 -s "write hello request" \
5061 -S "SSL - An unexpected message was received from our peer" \
5062 -S "failed"
5063
Hanno Becker6a243642017-10-12 15:18:45 +01005064requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08005065requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard590f4162014-11-05 14:23:03 +01005066run_test "Renegotiation: periodic, just below period" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01005067 "$P_SRV debug_level=3 exchanges=9 renegotiation=1 renego_period=3 auth_mode=optional" \
Manuel Pégourié-Gonnard590f4162014-11-05 14:23:03 +01005068 "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \
5069 0 \
5070 -C "client hello, adding renegotiation extension" \
5071 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5072 -S "found renegotiation extension" \
5073 -s "server hello, secure renegotiation extension" \
5074 -c "found renegotiation extension" \
5075 -S "record counter limit reached: renegotiate" \
5076 -C "=> renegotiate" \
5077 -S "=> renegotiate" \
5078 -S "write hello request" \
5079 -S "SSL - An unexpected message was received from our peer" \
5080 -S "failed"
5081
Manuel Pégourié-Gonnard9835bc02015-01-14 14:41:58 +01005082# one extra exchange to be able to complete renego
Hanno Becker6a243642017-10-12 15:18:45 +01005083requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08005084requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard590f4162014-11-05 14:23:03 +01005085run_test "Renegotiation: periodic, just above period" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01005086 "$P_SRV debug_level=3 exchanges=9 renegotiation=1 renego_period=3 auth_mode=optional" \
Manuel Pégourié-Gonnard9835bc02015-01-14 14:41:58 +01005087 "$P_CLI debug_level=3 exchanges=4 renegotiation=1" \
Manuel Pégourié-Gonnard590f4162014-11-05 14:23:03 +01005088 0 \
5089 -c "client hello, adding renegotiation extension" \
5090 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5091 -s "found renegotiation extension" \
5092 -s "server hello, secure renegotiation extension" \
5093 -c "found renegotiation extension" \
5094 -s "record counter limit reached: renegotiate" \
5095 -c "=> renegotiate" \
5096 -s "=> renegotiate" \
5097 -s "write hello request" \
5098 -S "SSL - An unexpected message was received from our peer" \
5099 -S "failed"
5100
Hanno Becker6a243642017-10-12 15:18:45 +01005101requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08005102requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard590f4162014-11-05 14:23:03 +01005103run_test "Renegotiation: periodic, two times period" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01005104 "$P_SRV debug_level=3 exchanges=9 renegotiation=1 renego_period=3 auth_mode=optional" \
Manuel Pégourié-Gonnard9835bc02015-01-14 14:41:58 +01005105 "$P_CLI debug_level=3 exchanges=7 renegotiation=1" \
Manuel Pégourié-Gonnard590f4162014-11-05 14:23:03 +01005106 0 \
5107 -c "client hello, adding renegotiation extension" \
5108 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5109 -s "found renegotiation extension" \
5110 -s "server hello, secure renegotiation extension" \
5111 -c "found renegotiation extension" \
5112 -s "record counter limit reached: renegotiate" \
5113 -c "=> renegotiate" \
5114 -s "=> renegotiate" \
5115 -s "write hello request" \
5116 -S "SSL - An unexpected message was received from our peer" \
5117 -S "failed"
5118
Hanno Becker6a243642017-10-12 15:18:45 +01005119requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08005120requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard590f4162014-11-05 14:23:03 +01005121run_test "Renegotiation: periodic, above period, disabled" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01005122 "$P_SRV debug_level=3 exchanges=9 renegotiation=0 renego_period=3 auth_mode=optional" \
Manuel Pégourié-Gonnard590f4162014-11-05 14:23:03 +01005123 "$P_CLI debug_level=3 exchanges=4 renegotiation=1" \
5124 0 \
5125 -C "client hello, adding renegotiation extension" \
5126 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5127 -S "found renegotiation extension" \
5128 -s "server hello, secure renegotiation extension" \
5129 -c "found renegotiation extension" \
5130 -S "record counter limit reached: renegotiate" \
5131 -C "=> renegotiate" \
5132 -S "=> renegotiate" \
5133 -S "write hello request" \
5134 -S "SSL - An unexpected message was received from our peer" \
5135 -S "failed"
5136
Hanno Becker6a243642017-10-12 15:18:45 +01005137requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08005138requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005139run_test "Renegotiation: nbio, client-initiated" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01005140 "$P_SRV debug_level=3 nbio=2 exchanges=2 renegotiation=1 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005141 "$P_CLI debug_level=3 nbio=2 exchanges=2 renegotiation=1 renegotiate=1" \
Manuel Pégourié-Gonnardf07f4212014-08-15 19:04:47 +02005142 0 \
5143 -c "client hello, adding renegotiation extension" \
5144 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5145 -s "found renegotiation extension" \
5146 -s "server hello, secure renegotiation extension" \
5147 -c "found renegotiation extension" \
5148 -c "=> renegotiate" \
5149 -s "=> renegotiate" \
5150 -S "write hello request"
5151
Hanno Becker6a243642017-10-12 15:18:45 +01005152requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08005153requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005154run_test "Renegotiation: nbio, server-initiated" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01005155 "$P_SRV debug_level=3 nbio=2 exchanges=2 renegotiation=1 renegotiate=1 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005156 "$P_CLI debug_level=3 nbio=2 exchanges=2 renegotiation=1" \
Manuel Pégourié-Gonnardf07f4212014-08-15 19:04:47 +02005157 0 \
5158 -c "client hello, adding renegotiation extension" \
5159 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5160 -s "found renegotiation extension" \
5161 -s "server hello, secure renegotiation extension" \
5162 -c "found renegotiation extension" \
5163 -c "=> renegotiate" \
5164 -s "=> renegotiate" \
5165 -s "write hello request"
5166
Hanno Becker6a243642017-10-12 15:18:45 +01005167requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08005168requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005169run_test "Renegotiation: openssl server, client-initiated" \
Ronald Croncbd7bfd2022-03-31 18:19:56 +02005170 "$O_SRV -www -tls1_2" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005171 "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \
Manuel Pégourié-Gonnard51362962014-08-30 21:22:47 +02005172 0 \
5173 -c "client hello, adding renegotiation extension" \
5174 -c "found renegotiation extension" \
5175 -c "=> renegotiate" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01005176 -C "ssl_hanshake() returned" \
Manuel Pégourié-Gonnard51362962014-08-30 21:22:47 +02005177 -C "error" \
5178 -c "HTTP/1.0 200 [Oo][Kk]"
5179
Paul Bakker539d9722015-02-08 16:18:35 +01005180requires_gnutls
Hanno Becker6a243642017-10-12 15:18:45 +01005181requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08005182requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01005183run_test "Renegotiation: gnutls server strict, client-initiated" \
Ronald Croncbd7bfd2022-03-31 18:19:56 +02005184 "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%SAFE_RENEGOTIATION" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005185 "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \
Manuel Pégourié-Gonnard51362962014-08-30 21:22:47 +02005186 0 \
5187 -c "client hello, adding renegotiation extension" \
5188 -c "found renegotiation extension" \
5189 -c "=> renegotiate" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01005190 -C "ssl_hanshake() returned" \
Manuel Pégourié-Gonnard51362962014-08-30 21:22:47 +02005191 -C "error" \
5192 -c "HTTP/1.0 200 [Oo][Kk]"
5193
Paul Bakker539d9722015-02-08 16:18:35 +01005194requires_gnutls
Hanno Becker6a243642017-10-12 15:18:45 +01005195requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08005196requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01005197run_test "Renegotiation: gnutls server unsafe, client-initiated default" \
Ronald Croncbd7bfd2022-03-31 18:19:56 +02005198 "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01005199 "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \
5200 1 \
5201 -c "client hello, adding renegotiation extension" \
5202 -C "found renegotiation extension" \
5203 -c "=> renegotiate" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02005204 -c "mbedtls_ssl_handshake() returned" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01005205 -c "error" \
5206 -C "HTTP/1.0 200 [Oo][Kk]"
5207
Paul Bakker539d9722015-02-08 16:18:35 +01005208requires_gnutls
Hanno Becker6a243642017-10-12 15:18:45 +01005209requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08005210requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01005211run_test "Renegotiation: gnutls server unsafe, client-inititated no legacy" \
Ronald Croncbd7bfd2022-03-31 18:19:56 +02005212 "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01005213 "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1 \
5214 allow_legacy=0" \
5215 1 \
5216 -c "client hello, adding renegotiation extension" \
5217 -C "found renegotiation extension" \
5218 -c "=> renegotiate" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02005219 -c "mbedtls_ssl_handshake() returned" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01005220 -c "error" \
5221 -C "HTTP/1.0 200 [Oo][Kk]"
5222
Paul Bakker539d9722015-02-08 16:18:35 +01005223requires_gnutls
Hanno Becker6a243642017-10-12 15:18:45 +01005224requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08005225requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01005226run_test "Renegotiation: gnutls server unsafe, client-inititated legacy" \
Ronald Croncbd7bfd2022-03-31 18:19:56 +02005227 "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01005228 "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1 \
5229 allow_legacy=1" \
5230 0 \
5231 -c "client hello, adding renegotiation extension" \
5232 -C "found renegotiation extension" \
5233 -c "=> renegotiate" \
5234 -C "ssl_hanshake() returned" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01005235 -C "error" \
5236 -c "HTTP/1.0 200 [Oo][Kk]"
5237
Hanno Becker6a243642017-10-12 15:18:45 +01005238requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08005239requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard30d16eb2014-08-19 17:43:50 +02005240run_test "Renegotiation: DTLS, client-initiated" \
5241 "$P_SRV debug_level=3 dtls=1 exchanges=2 renegotiation=1" \
5242 "$P_CLI debug_level=3 dtls=1 exchanges=2 renegotiation=1 renegotiate=1" \
5243 0 \
5244 -c "client hello, adding renegotiation extension" \
5245 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5246 -s "found renegotiation extension" \
5247 -s "server hello, secure renegotiation extension" \
5248 -c "found renegotiation extension" \
5249 -c "=> renegotiate" \
5250 -s "=> renegotiate" \
5251 -S "write hello request"
5252
Hanno Becker6a243642017-10-12 15:18:45 +01005253requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08005254requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnardc392b242014-08-19 17:53:11 +02005255run_test "Renegotiation: DTLS, server-initiated" \
5256 "$P_SRV debug_level=3 dtls=1 exchanges=2 renegotiation=1 renegotiate=1" \
Manuel Pégourié-Gonnarddf9a0a82014-10-02 14:17:18 +02005257 "$P_CLI debug_level=3 dtls=1 exchanges=2 renegotiation=1 \
5258 read_timeout=1000 max_resend=2" \
Manuel Pégourié-Gonnardc392b242014-08-19 17:53:11 +02005259 0 \
5260 -c "client hello, adding renegotiation extension" \
5261 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5262 -s "found renegotiation extension" \
5263 -s "server hello, secure renegotiation extension" \
5264 -c "found renegotiation extension" \
5265 -c "=> renegotiate" \
5266 -s "=> renegotiate" \
5267 -s "write hello request"
5268
Hanno Becker6a243642017-10-12 15:18:45 +01005269requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08005270requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andres AG692ad842017-01-19 16:30:57 +00005271run_test "Renegotiation: DTLS, renego_period overflow" \
5272 "$P_SRV debug_level=3 dtls=1 exchanges=4 renegotiation=1 renego_period=18446462598732840962 auth_mode=optional" \
5273 "$P_CLI debug_level=3 dtls=1 exchanges=4 renegotiation=1" \
5274 0 \
5275 -c "client hello, adding renegotiation extension" \
5276 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5277 -s "found renegotiation extension" \
5278 -s "server hello, secure renegotiation extension" \
5279 -s "record counter limit reached: renegotiate" \
5280 -c "=> renegotiate" \
5281 -s "=> renegotiate" \
Hanno Becker6a243642017-10-12 15:18:45 +01005282 -s "write hello request"
Andres AG692ad842017-01-19 16:30:57 +00005283
Manuel Pégourié-Gonnard96999962015-02-17 16:02:37 +00005284requires_gnutls
Hanno Becker6a243642017-10-12 15:18:45 +01005285requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08005286requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnardf1499f62014-08-31 17:13:13 +02005287run_test "Renegotiation: DTLS, gnutls server, client-initiated" \
5288 "$G_SRV -u --mtu 4096" \
5289 "$P_CLI debug_level=3 dtls=1 exchanges=1 renegotiation=1 renegotiate=1" \
5290 0 \
5291 -c "client hello, adding renegotiation extension" \
5292 -c "found renegotiation extension" \
5293 -c "=> renegotiate" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02005294 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnardf1499f62014-08-31 17:13:13 +02005295 -C "error" \
5296 -s "Extra-header:"
5297
Shaun Case8b0ecbc2021-12-20 21:14:10 -08005298# Test for the "secure renegotiation" extension only (no actual renegotiation)
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01005299
Paul Bakker539d9722015-02-08 16:18:35 +01005300requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +08005301requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01005302run_test "Renego ext: gnutls server strict, client default" \
Ronald Croncbd7bfd2022-03-31 18:19:56 +02005303 "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%SAFE_RENEGOTIATION" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01005304 "$P_CLI debug_level=3" \
5305 0 \
5306 -c "found renegotiation extension" \
5307 -C "error" \
5308 -c "HTTP/1.0 200 [Oo][Kk]"
5309
Paul Bakker539d9722015-02-08 16:18:35 +01005310requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +08005311requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01005312run_test "Renego ext: gnutls server unsafe, client default" \
Ronald Croncbd7bfd2022-03-31 18:19:56 +02005313 "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01005314 "$P_CLI debug_level=3" \
5315 0 \
5316 -C "found renegotiation extension" \
5317 -C "error" \
5318 -c "HTTP/1.0 200 [Oo][Kk]"
5319
Paul Bakker539d9722015-02-08 16:18:35 +01005320requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +08005321requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01005322run_test "Renego ext: gnutls server unsafe, client break legacy" \
Ronald Croncbd7bfd2022-03-31 18:19:56 +02005323 "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01005324 "$P_CLI debug_level=3 allow_legacy=-1" \
5325 1 \
5326 -C "found renegotiation extension" \
5327 -c "error" \
5328 -C "HTTP/1.0 200 [Oo][Kk]"
5329
Paul Bakker539d9722015-02-08 16:18:35 +01005330requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +08005331requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01005332run_test "Renego ext: gnutls client strict, server default" \
5333 "$P_SRV debug_level=3" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02005334 "$G_CLI --priority=NORMAL:%SAFE_RENEGOTIATION localhost" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01005335 0 \
5336 -s "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \
5337 -s "server hello, secure renegotiation extension"
5338
Paul Bakker539d9722015-02-08 16:18:35 +01005339requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +08005340requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01005341run_test "Renego ext: gnutls client unsafe, server default" \
5342 "$P_SRV debug_level=3" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02005343 "$G_CLI --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION localhost" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01005344 0 \
5345 -S "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \
5346 -S "server hello, secure renegotiation extension"
5347
Paul Bakker539d9722015-02-08 16:18:35 +01005348requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +08005349requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01005350run_test "Renego ext: gnutls client unsafe, server break legacy" \
5351 "$P_SRV debug_level=3 allow_legacy=-1" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02005352 "$G_CLI --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION localhost" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01005353 1 \
5354 -S "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \
5355 -S "server hello, secure renegotiation extension"
5356
Janos Follath0b242342016-02-17 10:11:21 +00005357# Tests for silently dropping trailing extra bytes in .der certificates
5358
5359requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +08005360requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Janos Follath0b242342016-02-17 10:11:21 +00005361run_test "DER format: no trailing bytes" \
5362 "$P_SRV crt_file=data_files/server5-der0.crt \
5363 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02005364 "$G_CLI localhost" \
Janos Follath0b242342016-02-17 10:11:21 +00005365 0 \
5366 -c "Handshake was completed" \
5367
5368requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +08005369requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Janos Follath0b242342016-02-17 10:11:21 +00005370run_test "DER format: with a trailing zero byte" \
5371 "$P_SRV crt_file=data_files/server5-der1a.crt \
5372 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02005373 "$G_CLI localhost" \
Janos Follath0b242342016-02-17 10:11:21 +00005374 0 \
5375 -c "Handshake was completed" \
5376
5377requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +08005378requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Janos Follath0b242342016-02-17 10:11:21 +00005379run_test "DER format: with a trailing random byte" \
5380 "$P_SRV crt_file=data_files/server5-der1b.crt \
5381 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02005382 "$G_CLI localhost" \
Janos Follath0b242342016-02-17 10:11:21 +00005383 0 \
5384 -c "Handshake was completed" \
5385
5386requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +08005387requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Janos Follath0b242342016-02-17 10:11:21 +00005388run_test "DER format: with 2 trailing random bytes" \
5389 "$P_SRV crt_file=data_files/server5-der2.crt \
5390 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02005391 "$G_CLI localhost" \
Janos Follath0b242342016-02-17 10:11:21 +00005392 0 \
5393 -c "Handshake was completed" \
5394
5395requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +08005396requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Janos Follath0b242342016-02-17 10:11:21 +00005397run_test "DER format: with 4 trailing random bytes" \
5398 "$P_SRV crt_file=data_files/server5-der4.crt \
5399 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02005400 "$G_CLI localhost" \
Janos Follath0b242342016-02-17 10:11:21 +00005401 0 \
5402 -c "Handshake was completed" \
5403
5404requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +08005405requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Janos Follath0b242342016-02-17 10:11:21 +00005406run_test "DER format: with 8 trailing random bytes" \
5407 "$P_SRV crt_file=data_files/server5-der8.crt \
5408 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02005409 "$G_CLI localhost" \
Janos Follath0b242342016-02-17 10:11:21 +00005410 0 \
5411 -c "Handshake was completed" \
5412
5413requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +08005414requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Janos Follath0b242342016-02-17 10:11:21 +00005415run_test "DER format: with 9 trailing random bytes" \
5416 "$P_SRV crt_file=data_files/server5-der9.crt \
5417 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02005418 "$G_CLI localhost" \
Janos Follath0b242342016-02-17 10:11:21 +00005419 0 \
5420 -c "Handshake was completed" \
5421
Jarno Lamsaf7a7f9e2019-04-01 15:11:54 +03005422# Tests for auth_mode, there are duplicated tests using ca callback for authentication
5423# When updating these tests, modify the matching authentication tests accordingly
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01005424
Ronald Cronbc5adf42022-10-04 11:06:14 +02005425requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005426run_test "Authentication: server badcert, client required" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01005427 "$P_SRV crt_file=data_files/server5-badsign.crt \
5428 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005429 "$P_CLI debug_level=1 auth_mode=required" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01005430 1 \
5431 -c "x509_verify_cert() returned" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01005432 -c "! The certificate is not correctly signed by the trusted CA" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02005433 -c "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01005434 -c "X509 - Certificate verification failed"
5435
Jerry Yuab082902021-12-23 18:02:22 +08005436requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005437run_test "Authentication: server badcert, client optional" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01005438 "$P_SRV crt_file=data_files/server5-badsign.crt \
5439 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005440 "$P_CLI debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01005441 0 \
5442 -c "x509_verify_cert() returned" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01005443 -c "! The certificate is not correctly signed by the trusted CA" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02005444 -C "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01005445 -C "X509 - Certificate verification failed"
5446
Jerry Yuab082902021-12-23 18:02:22 +08005447requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ronald Cron5de538c2022-10-20 14:47:56 +02005448requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
Hanno Beckere6706e62017-05-15 16:05:15 +01005449run_test "Authentication: server goodcert, client optional, no trusted CA" \
5450 "$P_SRV" \
5451 "$P_CLI debug_level=3 auth_mode=optional ca_file=none ca_path=none" \
5452 0 \
5453 -c "x509_verify_cert() returned" \
5454 -c "! The certificate is not correctly signed by the trusted CA" \
5455 -c "! Certificate verification flags"\
5456 -C "! mbedtls_ssl_handshake returned" \
5457 -C "X509 - Certificate verification failed" \
5458 -C "SSL - No CA Chain is set, but required to operate"
5459
Ronald Cronbc5adf42022-10-04 11:06:14 +02005460requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
Hanno Beckere6706e62017-05-15 16:05:15 +01005461run_test "Authentication: server goodcert, client required, no trusted CA" \
5462 "$P_SRV" \
5463 "$P_CLI debug_level=3 auth_mode=required ca_file=none ca_path=none" \
5464 1 \
5465 -c "x509_verify_cert() returned" \
5466 -c "! The certificate is not correctly signed by the trusted CA" \
5467 -c "! Certificate verification flags"\
5468 -c "! mbedtls_ssl_handshake returned" \
5469 -c "SSL - No CA Chain is set, but required to operate"
5470
5471# The purpose of the next two tests is to test the client's behaviour when receiving a server
5472# certificate with an unsupported elliptic curve. This should usually not happen because
5473# the client informs the server about the supported curves - it does, though, in the
5474# corner case of a static ECDH suite, because the server doesn't check the curve on that
5475# occasion (to be fixed). If that bug's fixed, the test needs to be altered to use a
5476# different means to have the server ignoring the client's supported curve list.
5477
5478requires_config_enabled MBEDTLS_ECP_C
Jerry Yuab082902021-12-23 18:02:22 +08005479requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckere6706e62017-05-15 16:05:15 +01005480run_test "Authentication: server ECDH p256v1, client required, p256v1 unsupported" \
5481 "$P_SRV debug_level=1 key_file=data_files/server5.key \
5482 crt_file=data_files/server5.ku-ka.crt" \
5483 "$P_CLI debug_level=3 auth_mode=required curves=secp521r1" \
5484 1 \
5485 -c "bad certificate (EC key curve)"\
5486 -c "! Certificate verification flags"\
5487 -C "bad server certificate (ECDH curve)" # Expect failure at earlier verification stage
5488
5489requires_config_enabled MBEDTLS_ECP_C
Jerry Yuab082902021-12-23 18:02:22 +08005490requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckere6706e62017-05-15 16:05:15 +01005491run_test "Authentication: server ECDH p256v1, client optional, p256v1 unsupported" \
5492 "$P_SRV debug_level=1 key_file=data_files/server5.key \
5493 crt_file=data_files/server5.ku-ka.crt" \
5494 "$P_CLI debug_level=3 auth_mode=optional curves=secp521r1" \
5495 1 \
5496 -c "bad certificate (EC key curve)"\
5497 -c "! Certificate verification flags"\
5498 -c "bad server certificate (ECDH curve)" # Expect failure only at ECDH params check
5499
Jerry Yuab082902021-12-23 18:02:22 +08005500requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005501run_test "Authentication: server badcert, client none" \
Manuel Pégourié-Gonnardc1da6642014-02-25 14:18:30 +01005502 "$P_SRV crt_file=data_files/server5-badsign.crt \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01005503 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005504 "$P_CLI debug_level=1 auth_mode=none" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01005505 0 \
5506 -C "x509_verify_cert() returned" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01005507 -C "! The certificate is not correctly signed by the trusted CA" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02005508 -C "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01005509 -C "X509 - Certificate verification failed"
5510
Jerry Yuab082902021-12-23 18:02:22 +08005511requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ronald Cron5de538c2022-10-20 14:47:56 +02005512requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
Simon Butcher99000142016-10-13 17:21:01 +01005513run_test "Authentication: client SHA256, server required" \
5514 "$P_SRV auth_mode=required" \
5515 "$P_CLI debug_level=3 crt_file=data_files/server6.crt \
5516 key_file=data_files/server6.key \
5517 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \
5518 0 \
Andrzej Kurekec71b092022-11-15 10:21:50 -05005519 -c "Supported Signature Algorithm found: 04 " \
5520 -c "Supported Signature Algorithm found: 05 "
Simon Butcher99000142016-10-13 17:21:01 +01005521
Jerry Yuab082902021-12-23 18:02:22 +08005522requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ronald Cron5de538c2022-10-20 14:47:56 +02005523requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
Simon Butcher99000142016-10-13 17:21:01 +01005524run_test "Authentication: client SHA384, server required" \
5525 "$P_SRV auth_mode=required" \
5526 "$P_CLI debug_level=3 crt_file=data_files/server6.crt \
5527 key_file=data_files/server6.key \
5528 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
5529 0 \
Andrzej Kurekec71b092022-11-15 10:21:50 -05005530 -c "Supported Signature Algorithm found: 04 " \
5531 -c "Supported Signature Algorithm found: 05 "
Simon Butcher99000142016-10-13 17:21:01 +01005532
Ronald Cronbc5adf42022-10-04 11:06:14 +02005533requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
Gilles Peskinefd8332e2017-05-03 16:25:07 +02005534run_test "Authentication: client has no cert, server required (TLS)" \
5535 "$P_SRV debug_level=3 auth_mode=required" \
5536 "$P_CLI debug_level=3 crt_file=none \
5537 key_file=data_files/server5.key" \
5538 1 \
5539 -S "skip write certificate request" \
5540 -C "skip parse certificate request" \
5541 -c "got a certificate request" \
5542 -c "= write certificate$" \
5543 -C "skip write certificate$" \
5544 -S "x509_verify_cert() returned" \
Ronald Cron19385882022-06-15 16:26:13 +02005545 -s "peer has no certificate" \
Gilles Peskinefd8332e2017-05-03 16:25:07 +02005546 -s "! mbedtls_ssl_handshake returned" \
Gilles Peskinefd8332e2017-05-03 16:25:07 +02005547 -s "No client certification received from the client, but required by the authentication mode"
5548
Ronald Cronbc5adf42022-10-04 11:06:14 +02005549requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005550run_test "Authentication: client badcert, server required" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005551 "$P_SRV debug_level=3 auth_mode=required" \
5552 "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01005553 key_file=data_files/server5.key" \
5554 1 \
5555 -S "skip write certificate request" \
5556 -C "skip parse certificate request" \
5557 -c "got a certificate request" \
5558 -C "skip write certificate" \
5559 -C "skip write certificate verify" \
5560 -S "skip parse certificate verify" \
5561 -s "x509_verify_cert() returned" \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02005562 -s "! The certificate is not correctly signed by the trusted CA" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02005563 -s "! mbedtls_ssl_handshake returned" \
Gilles Peskine1cc8e342017-05-03 16:28:34 +02005564 -s "send alert level=2 message=48" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01005565 -s "X509 - Certificate verification failed"
Gilles Peskine1cc8e342017-05-03 16:28:34 +02005566# We don't check that the client receives the alert because it might
5567# detect that its write end of the connection is closed and abort
5568# before reading the alert message.
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01005569
Ronald Cronbc5adf42022-10-04 11:06:14 +02005570requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
Gilles Peskinee1cc60e2022-01-07 23:10:56 +01005571run_test "Authentication: client cert self-signed and trusted, server required" \
5572 "$P_SRV debug_level=3 auth_mode=required ca_file=data_files/server5-selfsigned.crt" \
5573 "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \
5574 key_file=data_files/server5.key" \
5575 0 \
5576 -S "skip write certificate request" \
5577 -C "skip parse certificate request" \
5578 -c "got a certificate request" \
5579 -C "skip write certificate" \
5580 -C "skip write certificate verify" \
5581 -S "skip parse certificate verify" \
5582 -S "x509_verify_cert() returned" \
5583 -S "! The certificate is not correctly signed" \
5584 -S "X509 - Certificate verification failed"
5585
Ronald Cronbc5adf42022-10-04 11:06:14 +02005586requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
Janos Follath89baba22017-04-10 14:34:35 +01005587run_test "Authentication: client cert not trusted, server required" \
5588 "$P_SRV debug_level=3 auth_mode=required" \
5589 "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \
5590 key_file=data_files/server5.key" \
5591 1 \
5592 -S "skip write certificate request" \
5593 -C "skip parse certificate request" \
5594 -c "got a certificate request" \
5595 -C "skip write certificate" \
5596 -C "skip write certificate verify" \
5597 -S "skip parse certificate verify" \
5598 -s "x509_verify_cert() returned" \
5599 -s "! The certificate is not correctly signed by the trusted CA" \
5600 -s "! mbedtls_ssl_handshake returned" \
Janos Follath89baba22017-04-10 14:34:35 +01005601 -s "X509 - Certificate verification failed"
5602
Ronald Cronbc5adf42022-10-04 11:06:14 +02005603requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005604run_test "Authentication: client badcert, server optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005605 "$P_SRV debug_level=3 auth_mode=optional" \
5606 "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01005607 key_file=data_files/server5.key" \
5608 0 \
5609 -S "skip write certificate request" \
5610 -C "skip parse certificate request" \
5611 -c "got a certificate request" \
5612 -C "skip write certificate" \
5613 -C "skip write certificate verify" \
5614 -S "skip parse certificate verify" \
5615 -s "x509_verify_cert() returned" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01005616 -s "! The certificate is not correctly signed by the trusted CA" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02005617 -S "! mbedtls_ssl_handshake returned" \
5618 -C "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01005619 -S "X509 - Certificate verification failed"
5620
Ronald Cronbc5adf42022-10-04 11:06:14 +02005621requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005622run_test "Authentication: client badcert, server none" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005623 "$P_SRV debug_level=3 auth_mode=none" \
5624 "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01005625 key_file=data_files/server5.key" \
5626 0 \
5627 -s "skip write certificate request" \
5628 -C "skip parse certificate request" \
5629 -c "got no certificate request" \
5630 -c "skip write certificate" \
5631 -c "skip write certificate verify" \
5632 -s "skip parse certificate verify" \
5633 -S "x509_verify_cert() returned" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01005634 -S "! The certificate is not correctly signed by the trusted CA" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02005635 -S "! mbedtls_ssl_handshake returned" \
5636 -C "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01005637 -S "X509 - Certificate verification failed"
5638
Ronald Cronbc5adf42022-10-04 11:06:14 +02005639requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005640run_test "Authentication: client no cert, server optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005641 "$P_SRV debug_level=3 auth_mode=optional" \
5642 "$P_CLI debug_level=3 crt_file=none key_file=none" \
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01005643 0 \
5644 -S "skip write certificate request" \
5645 -C "skip parse certificate request" \
5646 -c "got a certificate request" \
5647 -C "skip write certificate$" \
5648 -C "got no certificate to send" \
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01005649 -c "skip write certificate verify" \
5650 -s "skip parse certificate verify" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01005651 -s "! Certificate was missing" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02005652 -S "! mbedtls_ssl_handshake returned" \
5653 -C "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01005654 -S "X509 - Certificate verification failed"
5655
Jerry Yuab082902021-12-23 18:02:22 +08005656requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005657run_test "Authentication: openssl client no cert, server optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005658 "$P_SRV debug_level=3 auth_mode=optional" \
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01005659 "$O_CLI" \
5660 0 \
5661 -S "skip write certificate request" \
5662 -s "skip parse certificate verify" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01005663 -s "! Certificate was missing" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02005664 -S "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01005665 -S "X509 - Certificate verification failed"
5666
Jerry Yuab082902021-12-23 18:02:22 +08005667requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005668run_test "Authentication: client no cert, openssl server optional" \
Ronald Croncbd7bfd2022-03-31 18:19:56 +02005669 "$O_SRV -verify 10 -tls1_2" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005670 "$P_CLI debug_level=3 crt_file=none key_file=none" \
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01005671 0 \
5672 -C "skip parse certificate request" \
5673 -c "got a certificate request" \
5674 -C "skip write certificate$" \
5675 -c "skip write certificate verify" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02005676 -C "! mbedtls_ssl_handshake returned"
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01005677
Jerry Yuab082902021-12-23 18:02:22 +08005678requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskinefd8332e2017-05-03 16:25:07 +02005679run_test "Authentication: client no cert, openssl server required" \
Ronald Croncbd7bfd2022-03-31 18:19:56 +02005680 "$O_SRV -Verify 10 -tls1_2" \
Gilles Peskinefd8332e2017-05-03 16:25:07 +02005681 "$P_CLI debug_level=3 crt_file=none key_file=none" \
5682 1 \
5683 -C "skip parse certificate request" \
5684 -c "got a certificate request" \
5685 -C "skip write certificate$" \
5686 -c "skip write certificate verify" \
5687 -c "! mbedtls_ssl_handshake returned"
5688
Yuto Takano02485822021-07-02 13:05:15 +01005689# This script assumes that MBEDTLS_X509_MAX_INTERMEDIATE_CA has its default
5690# value, defined here as MAX_IM_CA. Some test cases will be skipped if the
5691# library is configured with a different value.
Hanno Beckera6bca9f2017-07-26 13:35:11 +01005692
Simon Butcherbcfa6f42017-07-28 15:59:35 +01005693MAX_IM_CA='8'
Hanno Beckera6bca9f2017-07-26 13:35:11 +01005694
Yuto Takano02485822021-07-02 13:05:15 +01005695# The tests for the max_int tests can pass with any number higher than MAX_IM_CA
5696# because only a chain of MAX_IM_CA length is tested. Equally, the max_int+1
5697# tests can pass with any number less than MAX_IM_CA. However, stricter preconditions
5698# are in place so that the semantics are consistent with the test description.
Yuto Takano6f657432021-07-02 13:10:41 +01005699requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
Angus Grattonc4dd0732018-04-11 16:28:39 +10005700requires_full_size_output_buffer
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02005701run_test "Authentication: server max_int chain, client default" \
5702 "$P_SRV crt_file=data_files/dir-maxpath/c09.pem \
5703 key_file=data_files/dir-maxpath/09.key" \
5704 "$P_CLI server_name=CA09 ca_file=data_files/dir-maxpath/00.crt" \
5705 0 \
Antonin Décimo36e89b52019-01-23 15:24:37 +01005706 -C "X509 - A fatal error occurred"
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02005707
Yuto Takano6f657432021-07-02 13:10:41 +01005708requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
Angus Grattonc4dd0732018-04-11 16:28:39 +10005709requires_full_size_output_buffer
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02005710run_test "Authentication: server max_int+1 chain, client default" \
5711 "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
5712 key_file=data_files/dir-maxpath/10.key" \
5713 "$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt" \
5714 1 \
Antonin Décimo36e89b52019-01-23 15:24:37 +01005715 -c "X509 - A fatal error occurred"
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02005716
Yuto Takano6f657432021-07-02 13:10:41 +01005717requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
Angus Grattonc4dd0732018-04-11 16:28:39 +10005718requires_full_size_output_buffer
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02005719run_test "Authentication: server max_int+1 chain, client optional" \
5720 "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
5721 key_file=data_files/dir-maxpath/10.key" \
5722 "$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \
5723 auth_mode=optional" \
5724 1 \
Antonin Décimo36e89b52019-01-23 15:24:37 +01005725 -c "X509 - A fatal error occurred"
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02005726
Yuto Takano6f657432021-07-02 13:10:41 +01005727requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
Angus Grattonc4dd0732018-04-11 16:28:39 +10005728requires_full_size_output_buffer
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02005729run_test "Authentication: server max_int+1 chain, client none" \
5730 "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
5731 key_file=data_files/dir-maxpath/10.key" \
5732 "$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \
5733 auth_mode=none" \
5734 0 \
Antonin Décimo36e89b52019-01-23 15:24:37 +01005735 -C "X509 - A fatal error occurred"
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02005736
Yuto Takano6f657432021-07-02 13:10:41 +01005737requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
Angus Grattonc4dd0732018-04-11 16:28:39 +10005738requires_full_size_output_buffer
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02005739run_test "Authentication: client max_int+1 chain, server default" \
5740 "$P_SRV ca_file=data_files/dir-maxpath/00.crt" \
5741 "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
5742 key_file=data_files/dir-maxpath/10.key" \
5743 0 \
Antonin Décimo36e89b52019-01-23 15:24:37 +01005744 -S "X509 - A fatal error occurred"
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02005745
Yuto Takano6f657432021-07-02 13:10:41 +01005746requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
Angus Grattonc4dd0732018-04-11 16:28:39 +10005747requires_full_size_output_buffer
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02005748run_test "Authentication: client max_int+1 chain, server optional" \
5749 "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=optional" \
5750 "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
5751 key_file=data_files/dir-maxpath/10.key" \
5752 1 \
Antonin Décimo36e89b52019-01-23 15:24:37 +01005753 -s "X509 - A fatal error occurred"
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02005754
Yuto Takano6f657432021-07-02 13:10:41 +01005755requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
Angus Grattonc4dd0732018-04-11 16:28:39 +10005756requires_full_size_output_buffer
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02005757run_test "Authentication: client max_int+1 chain, server required" \
5758 "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
5759 "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
5760 key_file=data_files/dir-maxpath/10.key" \
5761 1 \
Antonin Décimo36e89b52019-01-23 15:24:37 +01005762 -s "X509 - A fatal error occurred"
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02005763
Yuto Takano6f657432021-07-02 13:10:41 +01005764requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
Angus Grattonc4dd0732018-04-11 16:28:39 +10005765requires_full_size_output_buffer
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02005766run_test "Authentication: client max_int chain, server required" \
5767 "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
5768 "$P_CLI crt_file=data_files/dir-maxpath/c09.pem \
5769 key_file=data_files/dir-maxpath/09.key" \
5770 0 \
Antonin Décimo36e89b52019-01-23 15:24:37 +01005771 -S "X509 - A fatal error occurred"
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02005772
Janos Follath89baba22017-04-10 14:34:35 +01005773# Tests for CA list in CertificateRequest messages
5774
Jerry Yuab082902021-12-23 18:02:22 +08005775requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ronald Cron5de538c2022-10-20 14:47:56 +02005776requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
Janos Follath89baba22017-04-10 14:34:35 +01005777run_test "Authentication: send CA list in CertificateRequest (default)" \
5778 "$P_SRV debug_level=3 auth_mode=required" \
5779 "$P_CLI crt_file=data_files/server6.crt \
5780 key_file=data_files/server6.key" \
5781 0 \
5782 -s "requested DN"
5783
Jerry Yuab082902021-12-23 18:02:22 +08005784requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ronald Cron5de538c2022-10-20 14:47:56 +02005785requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
Janos Follath89baba22017-04-10 14:34:35 +01005786run_test "Authentication: do not send CA list in CertificateRequest" \
5787 "$P_SRV debug_level=3 auth_mode=required cert_req_ca_list=0" \
5788 "$P_CLI crt_file=data_files/server6.crt \
5789 key_file=data_files/server6.key" \
5790 0 \
5791 -S "requested DN"
5792
Jerry Yuab082902021-12-23 18:02:22 +08005793requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Janos Follath89baba22017-04-10 14:34:35 +01005794run_test "Authentication: send CA list in CertificateRequest, client self signed" \
5795 "$P_SRV debug_level=3 auth_mode=required cert_req_ca_list=0" \
5796 "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \
5797 key_file=data_files/server5.key" \
5798 1 \
5799 -S "requested DN" \
5800 -s "x509_verify_cert() returned" \
5801 -s "! The certificate is not correctly signed by the trusted CA" \
5802 -s "! mbedtls_ssl_handshake returned" \
5803 -c "! mbedtls_ssl_handshake returned" \
5804 -s "X509 - Certificate verification failed"
5805
Glenn Straussbd10c4e2022-06-25 03:15:48 -04005806requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ronald Cron5de538c2022-10-20 14:47:56 +02005807requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
Glenn Straussbd10c4e2022-06-25 03:15:48 -04005808run_test "Authentication: send alt conf DN hints in CertificateRequest" \
5809 "$P_SRV debug_level=3 auth_mode=optional cert_req_ca_list=2 \
5810 crt_file2=data_files/server1.crt \
5811 key_file2=data_files/server1.key" \
5812 "$P_CLI debug_level=3 auth_mode=optional \
5813 crt_file=data_files/server6.crt \
5814 key_file=data_files/server6.key" \
5815 0 \
5816 -c "DN hint: C=NL, O=PolarSSL, CN=PolarSSL Server 1"
5817
5818requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ronald Cron5de538c2022-10-20 14:47:56 +02005819requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
Glenn Straussbd10c4e2022-06-25 03:15:48 -04005820run_test "Authentication: send alt conf DN hints in CertificateRequest (2)" \
5821 "$P_SRV debug_level=3 auth_mode=optional cert_req_ca_list=2 \
5822 crt_file2=data_files/server2.crt \
5823 key_file2=data_files/server2.key" \
5824 "$P_CLI debug_level=3 auth_mode=optional \
5825 crt_file=data_files/server6.crt \
5826 key_file=data_files/server6.key" \
5827 0 \
5828 -c "DN hint: C=NL, O=PolarSSL, CN=localhost"
5829
5830requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ronald Cron5de538c2022-10-20 14:47:56 +02005831requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
Glenn Straussbd10c4e2022-06-25 03:15:48 -04005832run_test "Authentication: send alt hs DN hints in CertificateRequest" \
5833 "$P_SRV debug_level=3 auth_mode=optional cert_req_ca_list=3 \
5834 crt_file2=data_files/server1.crt \
5835 key_file2=data_files/server1.key" \
5836 "$P_CLI debug_level=3 auth_mode=optional \
5837 crt_file=data_files/server6.crt \
5838 key_file=data_files/server6.key" \
5839 0 \
5840 -c "DN hint: C=NL, O=PolarSSL, CN=PolarSSL Server 1"
5841
Jarno Lamsaf7a7f9e2019-04-01 15:11:54 +03005842# Tests for auth_mode, using CA callback, these are duplicated from the authentication tests
5843# When updating these tests, modify the matching authentication tests accordingly
Hanno Becker746aaf32019-03-28 15:25:23 +00005844
5845requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
Jerry Yuab082902021-12-23 18:02:22 +08005846requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker746aaf32019-03-28 15:25:23 +00005847run_test "Authentication, CA callback: server badcert, client required" \
5848 "$P_SRV crt_file=data_files/server5-badsign.crt \
5849 key_file=data_files/server5.key" \
5850 "$P_CLI ca_callback=1 debug_level=3 auth_mode=required" \
5851 1 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01005852 -c "use CA callback for X.509 CRT verification" \
Hanno Becker746aaf32019-03-28 15:25:23 +00005853 -c "x509_verify_cert() returned" \
5854 -c "! The certificate is not correctly signed by the trusted CA" \
5855 -c "! mbedtls_ssl_handshake returned" \
5856 -c "X509 - Certificate verification failed"
5857
5858requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
Jerry Yuab082902021-12-23 18:02:22 +08005859requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker746aaf32019-03-28 15:25:23 +00005860run_test "Authentication, CA callback: server badcert, client optional" \
5861 "$P_SRV crt_file=data_files/server5-badsign.crt \
5862 key_file=data_files/server5.key" \
5863 "$P_CLI ca_callback=1 debug_level=3 auth_mode=optional" \
5864 0 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01005865 -c "use CA callback for X.509 CRT verification" \
Hanno Becker746aaf32019-03-28 15:25:23 +00005866 -c "x509_verify_cert() returned" \
5867 -c "! The certificate is not correctly signed by the trusted CA" \
5868 -C "! mbedtls_ssl_handshake returned" \
5869 -C "X509 - Certificate verification failed"
5870
5871# The purpose of the next two tests is to test the client's behaviour when receiving a server
5872# certificate with an unsupported elliptic curve. This should usually not happen because
5873# the client informs the server about the supported curves - it does, though, in the
5874# corner case of a static ECDH suite, because the server doesn't check the curve on that
5875# occasion (to be fixed). If that bug's fixed, the test needs to be altered to use a
5876# different means to have the server ignoring the client's supported curve list.
5877
5878requires_config_enabled MBEDTLS_ECP_C
5879requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
Jerry Yuab082902021-12-23 18:02:22 +08005880requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker746aaf32019-03-28 15:25:23 +00005881run_test "Authentication, CA callback: server ECDH p256v1, client required, p256v1 unsupported" \
5882 "$P_SRV debug_level=1 key_file=data_files/server5.key \
5883 crt_file=data_files/server5.ku-ka.crt" \
5884 "$P_CLI ca_callback=1 debug_level=3 auth_mode=required curves=secp521r1" \
5885 1 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01005886 -c "use CA callback for X.509 CRT verification" \
5887 -c "bad certificate (EC key curve)" \
5888 -c "! Certificate verification flags" \
Hanno Becker746aaf32019-03-28 15:25:23 +00005889 -C "bad server certificate (ECDH curve)" # Expect failure at earlier verification stage
5890
5891requires_config_enabled MBEDTLS_ECP_C
5892requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
Jerry Yuab082902021-12-23 18:02:22 +08005893requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker746aaf32019-03-28 15:25:23 +00005894run_test "Authentication, CA callback: server ECDH p256v1, client optional, p256v1 unsupported" \
5895 "$P_SRV debug_level=1 key_file=data_files/server5.key \
5896 crt_file=data_files/server5.ku-ka.crt" \
5897 "$P_CLI ca_callback=1 debug_level=3 auth_mode=optional curves=secp521r1" \
5898 1 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01005899 -c "use CA callback for X.509 CRT verification" \
Hanno Becker746aaf32019-03-28 15:25:23 +00005900 -c "bad certificate (EC key curve)"\
5901 -c "! Certificate verification flags"\
5902 -c "bad server certificate (ECDH curve)" # Expect failure only at ECDH params check
5903
5904requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
Jerry Yuab082902021-12-23 18:02:22 +08005905requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ronald Cron5de538c2022-10-20 14:47:56 +02005906requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
Hanno Becker746aaf32019-03-28 15:25:23 +00005907run_test "Authentication, CA callback: client SHA256, server required" \
5908 "$P_SRV ca_callback=1 debug_level=3 auth_mode=required" \
5909 "$P_CLI debug_level=3 crt_file=data_files/server6.crt \
5910 key_file=data_files/server6.key \
5911 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \
5912 0 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01005913 -s "use CA callback for X.509 CRT verification" \
Andrzej Kurekec71b092022-11-15 10:21:50 -05005914 -c "Supported Signature Algorithm found: 04 " \
5915 -c "Supported Signature Algorithm found: 05 "
Hanno Becker746aaf32019-03-28 15:25:23 +00005916
5917requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
Jerry Yuab082902021-12-23 18:02:22 +08005918requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ronald Cron5de538c2022-10-20 14:47:56 +02005919requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
Hanno Becker746aaf32019-03-28 15:25:23 +00005920run_test "Authentication, CA callback: client SHA384, server required" \
5921 "$P_SRV ca_callback=1 debug_level=3 auth_mode=required" \
5922 "$P_CLI debug_level=3 crt_file=data_files/server6.crt \
5923 key_file=data_files/server6.key \
5924 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
5925 0 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01005926 -s "use CA callback for X.509 CRT verification" \
Andrzej Kurekec71b092022-11-15 10:21:50 -05005927 -c "Supported Signature Algorithm found: 04 " \
5928 -c "Supported Signature Algorithm found: 05 "
Hanno Becker746aaf32019-03-28 15:25:23 +00005929
5930requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
Jerry Yuab082902021-12-23 18:02:22 +08005931requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker746aaf32019-03-28 15:25:23 +00005932run_test "Authentication, CA callback: client badcert, server required" \
5933 "$P_SRV ca_callback=1 debug_level=3 auth_mode=required" \
5934 "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
5935 key_file=data_files/server5.key" \
5936 1 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01005937 -s "use CA callback for X.509 CRT verification" \
Hanno Becker746aaf32019-03-28 15:25:23 +00005938 -S "skip write certificate request" \
5939 -C "skip parse certificate request" \
5940 -c "got a certificate request" \
5941 -C "skip write certificate" \
5942 -C "skip write certificate verify" \
5943 -S "skip parse certificate verify" \
5944 -s "x509_verify_cert() returned" \
5945 -s "! The certificate is not correctly signed by the trusted CA" \
5946 -s "! mbedtls_ssl_handshake returned" \
5947 -s "send alert level=2 message=48" \
5948 -c "! mbedtls_ssl_handshake returned" \
5949 -s "X509 - Certificate verification failed"
5950# We don't check that the client receives the alert because it might
5951# detect that its write end of the connection is closed and abort
5952# before reading the alert message.
5953
5954requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
Jerry Yuab082902021-12-23 18:02:22 +08005955requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker746aaf32019-03-28 15:25:23 +00005956run_test "Authentication, CA callback: client cert not trusted, server required" \
5957 "$P_SRV ca_callback=1 debug_level=3 auth_mode=required" \
5958 "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \
5959 key_file=data_files/server5.key" \
5960 1 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01005961 -s "use CA callback for X.509 CRT verification" \
Hanno Becker746aaf32019-03-28 15:25:23 +00005962 -S "skip write certificate request" \
5963 -C "skip parse certificate request" \
5964 -c "got a certificate request" \
5965 -C "skip write certificate" \
5966 -C "skip write certificate verify" \
5967 -S "skip parse certificate verify" \
5968 -s "x509_verify_cert() returned" \
5969 -s "! The certificate is not correctly signed by the trusted CA" \
5970 -s "! mbedtls_ssl_handshake returned" \
5971 -c "! mbedtls_ssl_handshake returned" \
5972 -s "X509 - Certificate verification failed"
5973
5974requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
Jerry Yuab082902021-12-23 18:02:22 +08005975requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker746aaf32019-03-28 15:25:23 +00005976run_test "Authentication, CA callback: client badcert, server optional" \
5977 "$P_SRV ca_callback=1 debug_level=3 auth_mode=optional" \
5978 "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
5979 key_file=data_files/server5.key" \
5980 0 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01005981 -s "use CA callback for X.509 CRT verification" \
Hanno Becker746aaf32019-03-28 15:25:23 +00005982 -S "skip write certificate request" \
5983 -C "skip parse certificate request" \
5984 -c "got a certificate request" \
5985 -C "skip write certificate" \
5986 -C "skip write certificate verify" \
5987 -S "skip parse certificate verify" \
5988 -s "x509_verify_cert() returned" \
5989 -s "! The certificate is not correctly signed by the trusted CA" \
5990 -S "! mbedtls_ssl_handshake returned" \
5991 -C "! mbedtls_ssl_handshake returned" \
5992 -S "X509 - Certificate verification failed"
5993
Yuto Takano6f657432021-07-02 13:10:41 +01005994requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
Hanno Becker746aaf32019-03-28 15:25:23 +00005995requires_full_size_output_buffer
5996requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
5997run_test "Authentication, CA callback: server max_int chain, client default" \
5998 "$P_SRV crt_file=data_files/dir-maxpath/c09.pem \
5999 key_file=data_files/dir-maxpath/09.key" \
6000 "$P_CLI ca_callback=1 debug_level=3 server_name=CA09 ca_file=data_files/dir-maxpath/00.crt" \
6001 0 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01006002 -c "use CA callback for X.509 CRT verification" \
Hanno Becker746aaf32019-03-28 15:25:23 +00006003 -C "X509 - A fatal error occurred"
6004
Yuto Takano6f657432021-07-02 13:10:41 +01006005requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
Hanno Becker746aaf32019-03-28 15:25:23 +00006006requires_full_size_output_buffer
6007requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
6008run_test "Authentication, CA callback: server max_int+1 chain, client default" \
6009 "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
6010 key_file=data_files/dir-maxpath/10.key" \
6011 "$P_CLI debug_level=3 ca_callback=1 server_name=CA10 ca_file=data_files/dir-maxpath/00.crt" \
6012 1 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01006013 -c "use CA callback for X.509 CRT verification" \
Hanno Becker746aaf32019-03-28 15:25:23 +00006014 -c "X509 - A fatal error occurred"
6015
Yuto Takano6f657432021-07-02 13:10:41 +01006016requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
Hanno Becker746aaf32019-03-28 15:25:23 +00006017requires_full_size_output_buffer
6018requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
6019run_test "Authentication, CA callback: server max_int+1 chain, client optional" \
6020 "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
6021 key_file=data_files/dir-maxpath/10.key" \
6022 "$P_CLI ca_callback=1 server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \
6023 debug_level=3 auth_mode=optional" \
6024 1 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01006025 -c "use CA callback for X.509 CRT verification" \
Hanno Becker746aaf32019-03-28 15:25:23 +00006026 -c "X509 - A fatal error occurred"
6027
Yuto Takano6f657432021-07-02 13:10:41 +01006028requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
Hanno Becker746aaf32019-03-28 15:25:23 +00006029requires_full_size_output_buffer
6030requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
6031run_test "Authentication, CA callback: client max_int+1 chain, server optional" \
6032 "$P_SRV ca_callback=1 debug_level=3 ca_file=data_files/dir-maxpath/00.crt auth_mode=optional" \
6033 "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
6034 key_file=data_files/dir-maxpath/10.key" \
6035 1 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01006036 -s "use CA callback for X.509 CRT verification" \
Hanno Becker746aaf32019-03-28 15:25:23 +00006037 -s "X509 - A fatal error occurred"
6038
Yuto Takano6f657432021-07-02 13:10:41 +01006039requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
Hanno Becker746aaf32019-03-28 15:25:23 +00006040requires_full_size_output_buffer
6041requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
6042run_test "Authentication, CA callback: client max_int+1 chain, server required" \
6043 "$P_SRV ca_callback=1 debug_level=3 ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
6044 "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
6045 key_file=data_files/dir-maxpath/10.key" \
6046 1 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01006047 -s "use CA callback for X.509 CRT verification" \
Hanno Becker746aaf32019-03-28 15:25:23 +00006048 -s "X509 - A fatal error occurred"
6049
Yuto Takano6f657432021-07-02 13:10:41 +01006050requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
Hanno Becker746aaf32019-03-28 15:25:23 +00006051requires_full_size_output_buffer
6052requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
6053run_test "Authentication, CA callback: client max_int chain, server required" \
6054 "$P_SRV ca_callback=1 debug_level=3 ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
6055 "$P_CLI crt_file=data_files/dir-maxpath/c09.pem \
6056 key_file=data_files/dir-maxpath/09.key" \
6057 0 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01006058 -s "use CA callback for X.509 CRT verification" \
Hanno Becker746aaf32019-03-28 15:25:23 +00006059 -S "X509 - A fatal error occurred"
6060
Shaun Case8b0ecbc2021-12-20 21:14:10 -08006061# Tests for certificate selection based on SHA version
Manuel Pégourié-Gonnarddf331a52015-01-08 16:43:07 +01006062
Hanno Beckerc5722d12020-10-09 11:10:42 +01006063requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Manuel Pégourié-Gonnarddf331a52015-01-08 16:43:07 +01006064run_test "Certificate hash: client TLS 1.2 -> SHA-2" \
Ronald Cronf3b425b2022-03-17 16:45:09 +01006065 "$P_SRV force_version=tls12 crt_file=data_files/server5.crt \
Manuel Pégourié-Gonnarddf331a52015-01-08 16:43:07 +01006066 key_file=data_files/server5.key \
6067 crt_file2=data_files/server5-sha1.crt \
6068 key_file2=data_files/server5.key" \
Ronald Cronf3b425b2022-03-17 16:45:09 +01006069 "$P_CLI" \
Manuel Pégourié-Gonnarddf331a52015-01-08 16:43:07 +01006070 0 \
6071 -c "signed using.*ECDSA with SHA256" \
6072 -C "signed using.*ECDSA with SHA1"
6073
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01006074# tests for SNI
6075
Hanno Beckerc5722d12020-10-09 11:10:42 +01006076requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Ronald Cronbc5adf42022-10-04 11:06:14 +02006077requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006078run_test "SNI: no SNI callback" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02006079 "$P_SRV debug_level=3 \
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01006080 crt_file=data_files/server5.crt key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02006081 "$P_CLI server_name=localhost" \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02006082 0 \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02006083 -c "issuer name *: C=NL, O=PolarSSL, CN=Polarssl Test EC CA" \
6084 -c "subject name *: C=NL, O=PolarSSL, CN=localhost"
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01006085
Hanno Beckerc5722d12020-10-09 11:10:42 +01006086requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Ronald Cronbc5adf42022-10-04 11:06:14 +02006087requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006088run_test "SNI: matching cert 1" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02006089 "$P_SRV debug_level=3 \
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01006090 crt_file=data_files/server5.crt key_file=data_files/server5.key \
Manuel Pégourié-Gonnard4d6f1782015-06-19 14:40:39 +02006091 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02006092 "$P_CLI server_name=localhost" \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02006093 0 \
6094 -s "parse ServerName extension" \
6095 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
6096 -c "subject name *: C=NL, O=PolarSSL, CN=localhost"
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01006097
Hanno Beckerc5722d12020-10-09 11:10:42 +01006098requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Ronald Cronbc5adf42022-10-04 11:06:14 +02006099requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006100run_test "SNI: matching cert 2" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02006101 "$P_SRV debug_level=3 \
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01006102 crt_file=data_files/server5.crt key_file=data_files/server5.key \
Manuel Pégourié-Gonnard4d6f1782015-06-19 14:40:39 +02006103 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02006104 "$P_CLI server_name=polarssl.example" \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02006105 0 \
6106 -s "parse ServerName extension" \
6107 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
6108 -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example"
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01006109
Hanno Beckerc5722d12020-10-09 11:10:42 +01006110requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Ronald Cronbc5adf42022-10-04 11:06:14 +02006111requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006112run_test "SNI: no matching cert" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02006113 "$P_SRV debug_level=3 \
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01006114 crt_file=data_files/server5.crt key_file=data_files/server5.key \
Manuel Pégourié-Gonnard4d6f1782015-06-19 14:40:39 +02006115 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02006116 "$P_CLI server_name=nonesuch.example" \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02006117 1 \
6118 -s "parse ServerName extension" \
6119 -s "ssl_sni_wrapper() returned" \
6120 -s "mbedtls_ssl_handshake returned" \
6121 -c "mbedtls_ssl_handshake returned" \
6122 -c "SSL - A fatal alert message was received from our peer"
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01006123
Ronald Cronbc5adf42022-10-04 11:06:14 +02006124requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
Manuel Pégourié-Gonnardc948a792015-06-22 16:04:20 +02006125run_test "SNI: client auth no override: optional" \
6126 "$P_SRV debug_level=3 auth_mode=optional \
6127 crt_file=data_files/server5.crt key_file=data_files/server5.key \
6128 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-" \
6129 "$P_CLI debug_level=3 server_name=localhost" \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02006130 0 \
Manuel Pégourié-Gonnardc948a792015-06-22 16:04:20 +02006131 -S "skip write certificate request" \
6132 -C "skip parse certificate request" \
6133 -c "got a certificate request" \
6134 -C "skip write certificate" \
6135 -C "skip write certificate verify" \
6136 -S "skip parse certificate verify"
6137
Ronald Cronbc5adf42022-10-04 11:06:14 +02006138requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
Manuel Pégourié-Gonnardc948a792015-06-22 16:04:20 +02006139run_test "SNI: client auth override: none -> optional" \
6140 "$P_SRV debug_level=3 auth_mode=none \
6141 crt_file=data_files/server5.crt key_file=data_files/server5.key \
6142 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,optional" \
6143 "$P_CLI debug_level=3 server_name=localhost" \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02006144 0 \
Manuel Pégourié-Gonnardc948a792015-06-22 16:04:20 +02006145 -S "skip write certificate request" \
6146 -C "skip parse certificate request" \
6147 -c "got a certificate request" \
6148 -C "skip write certificate" \
6149 -C "skip write certificate verify" \
6150 -S "skip parse certificate verify"
6151
Ronald Cronbc5adf42022-10-04 11:06:14 +02006152requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
Manuel Pégourié-Gonnardc948a792015-06-22 16:04:20 +02006153run_test "SNI: client auth override: optional -> none" \
6154 "$P_SRV debug_level=3 auth_mode=optional \
6155 crt_file=data_files/server5.crt key_file=data_files/server5.key \
6156 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,none" \
6157 "$P_CLI debug_level=3 server_name=localhost" \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02006158 0 \
Manuel Pégourié-Gonnardc948a792015-06-22 16:04:20 +02006159 -s "skip write certificate request" \
6160 -C "skip parse certificate request" \
6161 -c "got no certificate request" \
XiaokangQian23c5be62022-06-07 02:04:34 +00006162 -c "skip write certificate"
Manuel Pégourié-Gonnardc948a792015-06-22 16:04:20 +02006163
Ronald Cronbc5adf42022-10-04 11:06:14 +02006164requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02006165run_test "SNI: CA no override" \
6166 "$P_SRV debug_level=3 auth_mode=optional \
6167 crt_file=data_files/server5.crt key_file=data_files/server5.key \
6168 ca_file=data_files/test-ca.crt \
6169 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,required" \
6170 "$P_CLI debug_level=3 server_name=localhost \
6171 crt_file=data_files/server6.crt key_file=data_files/server6.key" \
6172 1 \
6173 -S "skip write certificate request" \
6174 -C "skip parse certificate request" \
6175 -c "got a certificate request" \
6176 -C "skip write certificate" \
6177 -C "skip write certificate verify" \
6178 -S "skip parse certificate verify" \
6179 -s "x509_verify_cert() returned" \
6180 -s "! The certificate is not correctly signed by the trusted CA" \
6181 -S "The certificate has been revoked (is on a CRL)"
6182
Ronald Cronbc5adf42022-10-04 11:06:14 +02006183requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02006184run_test "SNI: CA override" \
6185 "$P_SRV debug_level=3 auth_mode=optional \
6186 crt_file=data_files/server5.crt key_file=data_files/server5.key \
6187 ca_file=data_files/test-ca.crt \
6188 sni=localhost,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,-,required" \
6189 "$P_CLI debug_level=3 server_name=localhost \
6190 crt_file=data_files/server6.crt key_file=data_files/server6.key" \
6191 0 \
6192 -S "skip write certificate request" \
6193 -C "skip parse certificate request" \
6194 -c "got a certificate request" \
6195 -C "skip write certificate" \
6196 -C "skip write certificate verify" \
6197 -S "skip parse certificate verify" \
6198 -S "x509_verify_cert() returned" \
6199 -S "! The certificate is not correctly signed by the trusted CA" \
6200 -S "The certificate has been revoked (is on a CRL)"
6201
Ronald Cronbc5adf42022-10-04 11:06:14 +02006202requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02006203run_test "SNI: CA override with CRL" \
6204 "$P_SRV debug_level=3 auth_mode=optional \
6205 crt_file=data_files/server5.crt key_file=data_files/server5.key \
6206 ca_file=data_files/test-ca.crt \
6207 sni=localhost,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,data_files/crl-ec-sha256.pem,required" \
6208 "$P_CLI debug_level=3 server_name=localhost \
6209 crt_file=data_files/server6.crt key_file=data_files/server6.key" \
6210 1 \
6211 -S "skip write certificate request" \
6212 -C "skip parse certificate request" \
6213 -c "got a certificate request" \
6214 -C "skip write certificate" \
6215 -C "skip write certificate verify" \
6216 -S "skip parse certificate verify" \
6217 -s "x509_verify_cert() returned" \
6218 -S "! The certificate is not correctly signed by the trusted CA" \
6219 -s "The certificate has been revoked (is on a CRL)"
6220
Andres AG1a834452016-12-07 10:01:30 +00006221# Tests for SNI and DTLS
6222
Hanno Beckerc5722d12020-10-09 11:10:42 +01006223requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Jerry Yuab082902021-12-23 18:02:22 +08006224requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andres Amaya Garcia54306c12018-05-01 20:27:37 +01006225run_test "SNI: DTLS, no SNI callback" \
6226 "$P_SRV debug_level=3 dtls=1 \
6227 crt_file=data_files/server5.crt key_file=data_files/server5.key" \
6228 "$P_CLI server_name=localhost dtls=1" \
6229 0 \
Andres Amaya Garcia54306c12018-05-01 20:27:37 +01006230 -c "issuer name *: C=NL, O=PolarSSL, CN=Polarssl Test EC CA" \
6231 -c "subject name *: C=NL, O=PolarSSL, CN=localhost"
6232
Hanno Beckerc5722d12020-10-09 11:10:42 +01006233requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Jerry Yuab082902021-12-23 18:02:22 +08006234requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andres Amaya Garciaf77d3d32018-05-01 20:26:47 +01006235run_test "SNI: DTLS, matching cert 1" \
Andres AG1a834452016-12-07 10:01:30 +00006236 "$P_SRV debug_level=3 dtls=1 \
6237 crt_file=data_files/server5.crt key_file=data_files/server5.key \
6238 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
6239 "$P_CLI server_name=localhost dtls=1" \
6240 0 \
6241 -s "parse ServerName extension" \
6242 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
6243 -c "subject name *: C=NL, O=PolarSSL, CN=localhost"
6244
Hanno Beckerc5722d12020-10-09 11:10:42 +01006245requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Jerry Yuab082902021-12-23 18:02:22 +08006246requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andres Amaya Garcia54306c12018-05-01 20:27:37 +01006247run_test "SNI: DTLS, matching cert 2" \
6248 "$P_SRV debug_level=3 dtls=1 \
6249 crt_file=data_files/server5.crt key_file=data_files/server5.key \
6250 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
6251 "$P_CLI server_name=polarssl.example dtls=1" \
6252 0 \
6253 -s "parse ServerName extension" \
6254 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
6255 -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example"
6256
Jerry Yuab082902021-12-23 18:02:22 +08006257requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andres Amaya Garcia54306c12018-05-01 20:27:37 +01006258run_test "SNI: DTLS, no matching cert" \
6259 "$P_SRV debug_level=3 dtls=1 \
6260 crt_file=data_files/server5.crt key_file=data_files/server5.key \
6261 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
6262 "$P_CLI server_name=nonesuch.example dtls=1" \
6263 1 \
6264 -s "parse ServerName extension" \
6265 -s "ssl_sni_wrapper() returned" \
6266 -s "mbedtls_ssl_handshake returned" \
6267 -c "mbedtls_ssl_handshake returned" \
6268 -c "SSL - A fatal alert message was received from our peer"
6269
Jerry Yuab082902021-12-23 18:02:22 +08006270requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andres Amaya Garcia54306c12018-05-01 20:27:37 +01006271run_test "SNI: DTLS, client auth no override: optional" \
6272 "$P_SRV debug_level=3 auth_mode=optional dtls=1 \
6273 crt_file=data_files/server5.crt key_file=data_files/server5.key \
6274 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-" \
6275 "$P_CLI debug_level=3 server_name=localhost dtls=1" \
6276 0 \
6277 -S "skip write certificate request" \
6278 -C "skip parse certificate request" \
6279 -c "got a certificate request" \
6280 -C "skip write certificate" \
6281 -C "skip write certificate verify" \
6282 -S "skip parse certificate verify"
6283
Jerry Yuab082902021-12-23 18:02:22 +08006284requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andres Amaya Garcia54306c12018-05-01 20:27:37 +01006285run_test "SNI: DTLS, client auth override: none -> optional" \
6286 "$P_SRV debug_level=3 auth_mode=none dtls=1 \
6287 crt_file=data_files/server5.crt key_file=data_files/server5.key \
6288 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,optional" \
6289 "$P_CLI debug_level=3 server_name=localhost dtls=1" \
6290 0 \
6291 -S "skip write certificate request" \
6292 -C "skip parse certificate request" \
6293 -c "got a certificate request" \
6294 -C "skip write certificate" \
6295 -C "skip write certificate verify" \
6296 -S "skip parse certificate verify"
6297
Jerry Yuab082902021-12-23 18:02:22 +08006298requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andres Amaya Garcia54306c12018-05-01 20:27:37 +01006299run_test "SNI: DTLS, client auth override: optional -> none" \
6300 "$P_SRV debug_level=3 auth_mode=optional dtls=1 \
6301 crt_file=data_files/server5.crt key_file=data_files/server5.key \
6302 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,none" \
6303 "$P_CLI debug_level=3 server_name=localhost dtls=1" \
6304 0 \
6305 -s "skip write certificate request" \
6306 -C "skip parse certificate request" \
6307 -c "got no certificate request" \
6308 -c "skip write certificate" \
6309 -c "skip write certificate verify" \
6310 -s "skip parse certificate verify"
6311
Jerry Yuab082902021-12-23 18:02:22 +08006312requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andres Amaya Garcia54306c12018-05-01 20:27:37 +01006313run_test "SNI: DTLS, CA no override" \
6314 "$P_SRV debug_level=3 auth_mode=optional dtls=1 \
6315 crt_file=data_files/server5.crt key_file=data_files/server5.key \
6316 ca_file=data_files/test-ca.crt \
6317 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,required" \
6318 "$P_CLI debug_level=3 server_name=localhost dtls=1 \
6319 crt_file=data_files/server6.crt key_file=data_files/server6.key" \
6320 1 \
6321 -S "skip write certificate request" \
6322 -C "skip parse certificate request" \
6323 -c "got a certificate request" \
6324 -C "skip write certificate" \
6325 -C "skip write certificate verify" \
6326 -S "skip parse certificate verify" \
6327 -s "x509_verify_cert() returned" \
6328 -s "! The certificate is not correctly signed by the trusted CA" \
6329 -S "The certificate has been revoked (is on a CRL)"
6330
Jerry Yuab082902021-12-23 18:02:22 +08006331requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andres Amaya Garciaf77d3d32018-05-01 20:26:47 +01006332run_test "SNI: DTLS, CA override" \
Andres AG1a834452016-12-07 10:01:30 +00006333 "$P_SRV debug_level=3 auth_mode=optional dtls=1 \
6334 crt_file=data_files/server5.crt key_file=data_files/server5.key \
6335 ca_file=data_files/test-ca.crt \
6336 sni=localhost,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,-,required" \
6337 "$P_CLI debug_level=3 server_name=localhost dtls=1 \
6338 crt_file=data_files/server6.crt key_file=data_files/server6.key" \
6339 0 \
6340 -S "skip write certificate request" \
6341 -C "skip parse certificate request" \
6342 -c "got a certificate request" \
6343 -C "skip write certificate" \
6344 -C "skip write certificate verify" \
6345 -S "skip parse certificate verify" \
6346 -S "x509_verify_cert() returned" \
6347 -S "! The certificate is not correctly signed by the trusted CA" \
6348 -S "The certificate has been revoked (is on a CRL)"
6349
Jerry Yuab082902021-12-23 18:02:22 +08006350requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andres Amaya Garciaf77d3d32018-05-01 20:26:47 +01006351run_test "SNI: DTLS, CA override with CRL" \
Andres AG1a834452016-12-07 10:01:30 +00006352 "$P_SRV debug_level=3 auth_mode=optional \
6353 crt_file=data_files/server5.crt key_file=data_files/server5.key dtls=1 \
6354 ca_file=data_files/test-ca.crt \
6355 sni=localhost,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,data_files/crl-ec-sha256.pem,required" \
6356 "$P_CLI debug_level=3 server_name=localhost dtls=1 \
6357 crt_file=data_files/server6.crt key_file=data_files/server6.key" \
6358 1 \
6359 -S "skip write certificate request" \
6360 -C "skip parse certificate request" \
6361 -c "got a certificate request" \
6362 -C "skip write certificate" \
6363 -C "skip write certificate verify" \
6364 -S "skip parse certificate verify" \
6365 -s "x509_verify_cert() returned" \
6366 -S "! The certificate is not correctly signed by the trusted CA" \
6367 -s "The certificate has been revoked (is on a CRL)"
6368
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01006369# Tests for non-blocking I/O: exercise a variety of handshake flows
6370
Ronald Cronbc5adf42022-10-04 11:06:14 +02006371requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006372run_test "Non-blocking I/O: basic handshake" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01006373 "$P_SRV nbio=2 tickets=0 auth_mode=none" \
6374 "$P_CLI nbio=2 tickets=0" \
6375 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02006376 -S "mbedtls_ssl_handshake returned" \
6377 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01006378 -c "Read from server: .* bytes read"
6379
Ronald Cronbc5adf42022-10-04 11:06:14 +02006380requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006381run_test "Non-blocking I/O: client auth" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01006382 "$P_SRV nbio=2 tickets=0 auth_mode=required" \
6383 "$P_CLI nbio=2 tickets=0" \
6384 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02006385 -S "mbedtls_ssl_handshake returned" \
6386 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01006387 -c "Read from server: .* bytes read"
6388
Jerry Yuab082902021-12-23 18:02:22 +08006389requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ronald Cron5de538c2022-10-20 14:47:56 +02006390requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006391run_test "Non-blocking I/O: ticket" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01006392 "$P_SRV nbio=2 tickets=1 auth_mode=none" \
6393 "$P_CLI nbio=2 tickets=1" \
6394 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02006395 -S "mbedtls_ssl_handshake returned" \
6396 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01006397 -c "Read from server: .* bytes read"
6398
Jerry Yuab082902021-12-23 18:02:22 +08006399requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ronald Cron5de538c2022-10-20 14:47:56 +02006400requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006401run_test "Non-blocking I/O: ticket + client auth" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01006402 "$P_SRV nbio=2 tickets=1 auth_mode=required" \
6403 "$P_CLI nbio=2 tickets=1" \
6404 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02006405 -S "mbedtls_ssl_handshake returned" \
6406 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01006407 -c "Read from server: .* bytes read"
6408
Jerry Yuab082902021-12-23 18:02:22 +08006409requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ronald Cron5de538c2022-10-20 14:47:56 +02006410requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006411run_test "Non-blocking I/O: ticket + client auth + resume" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01006412 "$P_SRV nbio=2 tickets=1 auth_mode=required" \
6413 "$P_CLI nbio=2 tickets=1 reconnect=1" \
6414 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02006415 -S "mbedtls_ssl_handshake returned" \
6416 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01006417 -c "Read from server: .* bytes read"
6418
Jerry Yuab082902021-12-23 18:02:22 +08006419requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ronald Cron5de538c2022-10-20 14:47:56 +02006420requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006421run_test "Non-blocking I/O: ticket + resume" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01006422 "$P_SRV nbio=2 tickets=1 auth_mode=none" \
6423 "$P_CLI nbio=2 tickets=1 reconnect=1" \
6424 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02006425 -S "mbedtls_ssl_handshake returned" \
6426 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01006427 -c "Read from server: .* bytes read"
6428
Jerry Yuab082902021-12-23 18:02:22 +08006429requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ronald Cron5de538c2022-10-20 14:47:56 +02006430requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006431run_test "Non-blocking I/O: session-id resume" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01006432 "$P_SRV nbio=2 tickets=0 auth_mode=none" \
6433 "$P_CLI nbio=2 tickets=0 reconnect=1" \
6434 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02006435 -S "mbedtls_ssl_handshake returned" \
6436 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01006437 -c "Read from server: .* bytes read"
6438
Hanno Becker00076712017-11-15 16:39:08 +00006439# Tests for event-driven I/O: exercise a variety of handshake flows
6440
Ronald Cronbc5adf42022-10-04 11:06:14 +02006441requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
Hanno Becker00076712017-11-15 16:39:08 +00006442run_test "Event-driven I/O: basic handshake" \
6443 "$P_SRV event=1 tickets=0 auth_mode=none" \
6444 "$P_CLI event=1 tickets=0" \
6445 0 \
6446 -S "mbedtls_ssl_handshake returned" \
6447 -C "mbedtls_ssl_handshake returned" \
6448 -c "Read from server: .* bytes read"
6449
Ronald Cronbc5adf42022-10-04 11:06:14 +02006450requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
Hanno Becker00076712017-11-15 16:39:08 +00006451run_test "Event-driven I/O: client auth" \
6452 "$P_SRV event=1 tickets=0 auth_mode=required" \
6453 "$P_CLI event=1 tickets=0" \
6454 0 \
6455 -S "mbedtls_ssl_handshake returned" \
6456 -C "mbedtls_ssl_handshake returned" \
6457 -c "Read from server: .* bytes read"
6458
Jerry Yuab082902021-12-23 18:02:22 +08006459requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ronald Cron5de538c2022-10-20 14:47:56 +02006460requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
Hanno Becker00076712017-11-15 16:39:08 +00006461run_test "Event-driven I/O: ticket" \
6462 "$P_SRV event=1 tickets=1 auth_mode=none" \
6463 "$P_CLI event=1 tickets=1" \
6464 0 \
6465 -S "mbedtls_ssl_handshake returned" \
6466 -C "mbedtls_ssl_handshake returned" \
6467 -c "Read from server: .* bytes read"
6468
Jerry Yuab082902021-12-23 18:02:22 +08006469requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ronald Cron5de538c2022-10-20 14:47:56 +02006470requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
Hanno Becker00076712017-11-15 16:39:08 +00006471run_test "Event-driven I/O: ticket + client auth" \
6472 "$P_SRV event=1 tickets=1 auth_mode=required" \
6473 "$P_CLI event=1 tickets=1" \
6474 0 \
6475 -S "mbedtls_ssl_handshake returned" \
6476 -C "mbedtls_ssl_handshake returned" \
6477 -c "Read from server: .* bytes read"
6478
Jerry Yuab082902021-12-23 18:02:22 +08006479requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ronald Cron5de538c2022-10-20 14:47:56 +02006480requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
Hanno Becker00076712017-11-15 16:39:08 +00006481run_test "Event-driven I/O: ticket + client auth + resume" \
6482 "$P_SRV event=1 tickets=1 auth_mode=required" \
6483 "$P_CLI event=1 tickets=1 reconnect=1" \
6484 0 \
6485 -S "mbedtls_ssl_handshake returned" \
6486 -C "mbedtls_ssl_handshake returned" \
6487 -c "Read from server: .* bytes read"
6488
Jerry Yuab082902021-12-23 18:02:22 +08006489requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ronald Cron5de538c2022-10-20 14:47:56 +02006490requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
Hanno Becker00076712017-11-15 16:39:08 +00006491run_test "Event-driven I/O: ticket + resume" \
6492 "$P_SRV event=1 tickets=1 auth_mode=none" \
6493 "$P_CLI event=1 tickets=1 reconnect=1" \
6494 0 \
6495 -S "mbedtls_ssl_handshake returned" \
6496 -C "mbedtls_ssl_handshake returned" \
6497 -c "Read from server: .* bytes read"
6498
Jerry Yuab082902021-12-23 18:02:22 +08006499requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ronald Cron5de538c2022-10-20 14:47:56 +02006500requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
Hanno Becker00076712017-11-15 16:39:08 +00006501run_test "Event-driven I/O: session-id resume" \
6502 "$P_SRV event=1 tickets=0 auth_mode=none" \
6503 "$P_CLI event=1 tickets=0 reconnect=1" \
6504 0 \
6505 -S "mbedtls_ssl_handshake returned" \
6506 -C "mbedtls_ssl_handshake returned" \
6507 -c "Read from server: .* bytes read"
6508
Jerry Yuab082902021-12-23 18:02:22 +08006509requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker6a33f592018-03-13 11:38:46 +00006510run_test "Event-driven I/O, DTLS: basic handshake" \
6511 "$P_SRV dtls=1 event=1 tickets=0 auth_mode=none" \
6512 "$P_CLI dtls=1 event=1 tickets=0" \
6513 0 \
6514 -c "Read from server: .* bytes read"
6515
Jerry Yuab082902021-12-23 18:02:22 +08006516requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker6a33f592018-03-13 11:38:46 +00006517run_test "Event-driven I/O, DTLS: client auth" \
6518 "$P_SRV dtls=1 event=1 tickets=0 auth_mode=required" \
6519 "$P_CLI dtls=1 event=1 tickets=0" \
6520 0 \
6521 -c "Read from server: .* bytes read"
6522
Jerry Yuab082902021-12-23 18:02:22 +08006523requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker6a33f592018-03-13 11:38:46 +00006524run_test "Event-driven I/O, DTLS: ticket" \
6525 "$P_SRV dtls=1 event=1 tickets=1 auth_mode=none" \
6526 "$P_CLI dtls=1 event=1 tickets=1" \
6527 0 \
6528 -c "Read from server: .* bytes read"
6529
Jerry Yuab082902021-12-23 18:02:22 +08006530requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker6a33f592018-03-13 11:38:46 +00006531run_test "Event-driven I/O, DTLS: ticket + client auth" \
6532 "$P_SRV dtls=1 event=1 tickets=1 auth_mode=required" \
6533 "$P_CLI dtls=1 event=1 tickets=1" \
6534 0 \
6535 -c "Read from server: .* bytes read"
6536
Jerry Yuab082902021-12-23 18:02:22 +08006537requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker6a33f592018-03-13 11:38:46 +00006538run_test "Event-driven I/O, DTLS: ticket + client auth + resume" \
6539 "$P_SRV dtls=1 event=1 tickets=1 auth_mode=required" \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +01006540 "$P_CLI dtls=1 event=1 tickets=1 reconnect=1 skip_close_notify=1" \
Hanno Becker6a33f592018-03-13 11:38:46 +00006541 0 \
6542 -c "Read from server: .* bytes read"
6543
Jerry Yuab082902021-12-23 18:02:22 +08006544requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker6a33f592018-03-13 11:38:46 +00006545run_test "Event-driven I/O, DTLS: ticket + resume" \
6546 "$P_SRV dtls=1 event=1 tickets=1 auth_mode=none" \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +01006547 "$P_CLI dtls=1 event=1 tickets=1 reconnect=1 skip_close_notify=1" \
Hanno Becker6a33f592018-03-13 11:38:46 +00006548 0 \
6549 -c "Read from server: .* bytes read"
6550
Jerry Yuab082902021-12-23 18:02:22 +08006551requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker6a33f592018-03-13 11:38:46 +00006552run_test "Event-driven I/O, DTLS: session-id resume" \
6553 "$P_SRV dtls=1 event=1 tickets=0 auth_mode=none" \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +01006554 "$P_CLI dtls=1 event=1 tickets=0 reconnect=1 skip_close_notify=1" \
Hanno Becker6a33f592018-03-13 11:38:46 +00006555 0 \
6556 -c "Read from server: .* bytes read"
Hanno Beckerbc6c1102018-03-13 11:39:40 +00006557
6558# This test demonstrates the need for the mbedtls_ssl_check_pending function.
6559# During session resumption, the client will send its ApplicationData record
6560# within the same datagram as the Finished messages. In this situation, the
6561# server MUST NOT idle on the underlying transport after handshake completion,
6562# because the ApplicationData request has already been queued internally.
Jerry Yuab082902021-12-23 18:02:22 +08006563requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckerbc6c1102018-03-13 11:39:40 +00006564run_test "Event-driven I/O, DTLS: session-id resume, UDP packing" \
Hanno Becker8d832182018-03-15 10:14:19 +00006565 -p "$P_PXY pack=50" \
Hanno Beckerbc6c1102018-03-13 11:39:40 +00006566 "$P_SRV dtls=1 event=1 tickets=0 auth_mode=required" \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +01006567 "$P_CLI dtls=1 event=1 tickets=0 reconnect=1 skip_close_notify=1" \
Hanno Beckerbc6c1102018-03-13 11:39:40 +00006568 0 \
6569 -c "Read from server: .* bytes read"
6570
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02006571# Tests for version negotiation
6572
Jerry Yuab082902021-12-23 18:02:22 +08006573requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006574run_test "Version check: all -> 1.2" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01006575 "$P_SRV" \
6576 "$P_CLI" \
6577 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02006578 -S "mbedtls_ssl_handshake returned" \
6579 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01006580 -s "Protocol is TLSv1.2" \
6581 -c "Protocol is TLSv1.2"
6582
Jerry Yuab082902021-12-23 18:02:22 +08006583requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
TRodziewicz2abf03c2021-06-25 14:40:09 +02006584run_test "Not supported version check: cli TLS 1.0" \
6585 "$P_SRV" \
6586 "$G_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.0" \
6587 1 \
6588 -s "Handshake protocol not within min/max boundaries" \
6589 -c "Error in protocol version" \
6590 -S "Protocol is TLSv1.0" \
6591 -C "Handshake was completed"
6592
Jerry Yuab082902021-12-23 18:02:22 +08006593requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
TRodziewicz2abf03c2021-06-25 14:40:09 +02006594run_test "Not supported version check: cli TLS 1.1" \
6595 "$P_SRV" \
6596 "$G_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.1" \
6597 1 \
6598 -s "Handshake protocol not within min/max boundaries" \
6599 -c "Error in protocol version" \
6600 -S "Protocol is TLSv1.1" \
6601 -C "Handshake was completed"
6602
Jerry Yuab082902021-12-23 18:02:22 +08006603requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
TRodziewicz2abf03c2021-06-25 14:40:09 +02006604run_test "Not supported version check: srv max TLS 1.0" \
6605 "$G_SRV --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0" \
6606 "$P_CLI" \
6607 1 \
6608 -s "Error in protocol version" \
6609 -c "Handshake protocol not within min/max boundaries" \
6610 -S "Version: TLS1.0" \
6611 -C "Protocol is TLSv1.0"
6612
Jerry Yuab082902021-12-23 18:02:22 +08006613requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
TRodziewicz2abf03c2021-06-25 14:40:09 +02006614run_test "Not supported version check: srv max TLS 1.1" \
6615 "$G_SRV --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1" \
6616 "$P_CLI" \
6617 1 \
6618 -s "Error in protocol version" \
6619 -c "Handshake protocol not within min/max boundaries" \
6620 -S "Version: TLS1.1" \
6621 -C "Protocol is TLSv1.1"
6622
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02006623# Tests for ALPN extension
6624
Ronald Cronbc5adf42022-10-04 11:06:14 +02006625requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006626run_test "ALPN: none" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02006627 "$P_SRV debug_level=3" \
6628 "$P_CLI debug_level=3" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02006629 0 \
6630 -C "client hello, adding alpn extension" \
6631 -S "found alpn extension" \
6632 -C "got an alert message, type: \\[2:120]" \
XiaokangQianacb39922022-06-17 10:18:48 +00006633 -S "server side, adding alpn extension" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02006634 -C "found alpn extension " \
6635 -C "Application Layer Protocol is" \
6636 -S "Application Layer Protocol is"
6637
Ronald Cronbc5adf42022-10-04 11:06:14 +02006638requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006639run_test "ALPN: client only" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02006640 "$P_SRV debug_level=3" \
6641 "$P_CLI debug_level=3 alpn=abc,1234" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02006642 0 \
6643 -c "client hello, adding alpn extension" \
6644 -s "found alpn extension" \
6645 -C "got an alert message, type: \\[2:120]" \
XiaokangQianacb39922022-06-17 10:18:48 +00006646 -S "server side, adding alpn extension" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02006647 -C "found alpn extension " \
6648 -c "Application Layer Protocol is (none)" \
6649 -S "Application Layer Protocol is"
6650
Ronald Cronbc5adf42022-10-04 11:06:14 +02006651requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006652run_test "ALPN: server only" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02006653 "$P_SRV debug_level=3 alpn=abc,1234" \
6654 "$P_CLI debug_level=3" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02006655 0 \
6656 -C "client hello, adding alpn extension" \
6657 -S "found alpn extension" \
6658 -C "got an alert message, type: \\[2:120]" \
XiaokangQianacb39922022-06-17 10:18:48 +00006659 -S "server side, adding alpn extension" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02006660 -C "found alpn extension " \
6661 -C "Application Layer Protocol is" \
6662 -s "Application Layer Protocol is (none)"
6663
Ronald Cronbc5adf42022-10-04 11:06:14 +02006664requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006665run_test "ALPN: both, common cli1-srv1" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02006666 "$P_SRV debug_level=3 alpn=abc,1234" \
6667 "$P_CLI debug_level=3 alpn=abc,1234" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02006668 0 \
6669 -c "client hello, adding alpn extension" \
6670 -s "found alpn extension" \
6671 -C "got an alert message, type: \\[2:120]" \
XiaokangQianacb39922022-06-17 10:18:48 +00006672 -s "server side, adding alpn extension" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02006673 -c "found alpn extension" \
6674 -c "Application Layer Protocol is abc" \
6675 -s "Application Layer Protocol is abc"
6676
Ronald Cronbc5adf42022-10-04 11:06:14 +02006677requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006678run_test "ALPN: both, common cli2-srv1" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02006679 "$P_SRV debug_level=3 alpn=abc,1234" \
6680 "$P_CLI debug_level=3 alpn=1234,abc" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02006681 0 \
6682 -c "client hello, adding alpn extension" \
6683 -s "found alpn extension" \
6684 -C "got an alert message, type: \\[2:120]" \
XiaokangQianacb39922022-06-17 10:18:48 +00006685 -s "server side, adding alpn extension" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02006686 -c "found alpn extension" \
6687 -c "Application Layer Protocol is abc" \
6688 -s "Application Layer Protocol is abc"
6689
Ronald Cronbc5adf42022-10-04 11:06:14 +02006690requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006691run_test "ALPN: both, common cli1-srv2" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02006692 "$P_SRV debug_level=3 alpn=abc,1234" \
6693 "$P_CLI debug_level=3 alpn=1234,abcde" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02006694 0 \
6695 -c "client hello, adding alpn extension" \
6696 -s "found alpn extension" \
6697 -C "got an alert message, type: \\[2:120]" \
XiaokangQianacb39922022-06-17 10:18:48 +00006698 -s "server side, adding alpn extension" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02006699 -c "found alpn extension" \
6700 -c "Application Layer Protocol is 1234" \
6701 -s "Application Layer Protocol is 1234"
6702
Ronald Cronbc5adf42022-10-04 11:06:14 +02006703requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006704run_test "ALPN: both, no common" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02006705 "$P_SRV debug_level=3 alpn=abc,123" \
6706 "$P_CLI debug_level=3 alpn=1234,abcde" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02006707 1 \
6708 -c "client hello, adding alpn extension" \
6709 -s "found alpn extension" \
6710 -c "got an alert message, type: \\[2:120]" \
XiaokangQianacb39922022-06-17 10:18:48 +00006711 -S "server side, adding alpn extension" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02006712 -C "found alpn extension" \
6713 -C "Application Layer Protocol is 1234" \
6714 -S "Application Layer Protocol is 1234"
6715
Manuel Pégourié-Gonnard83d8c732014-04-07 13:24:21 +02006716
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02006717# Tests for keyUsage in leaf certificates, part 1:
6718# server-side certificate/suite selection
6719
Jerry Yuab082902021-12-23 18:02:22 +08006720requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006721run_test "keyUsage srv: RSA, digitalSignature -> (EC)DHE-RSA" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02006722 "$P_SRV key_file=data_files/server2.key \
6723 crt_file=data_files/server2.ku-ds.crt" \
6724 "$P_CLI" \
6725 0 \
Manuel Pégourié-Gonnard17cde5f2014-05-22 14:42:39 +02006726 -c "Ciphersuite is TLS-[EC]*DHE-RSA-WITH-"
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02006727
Jerry Yuab082902021-12-23 18:02:22 +08006728requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006729run_test "keyUsage srv: RSA, keyEncipherment -> RSA" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02006730 "$P_SRV key_file=data_files/server2.key \
6731 crt_file=data_files/server2.ku-ke.crt" \
6732 "$P_CLI" \
6733 0 \
6734 -c "Ciphersuite is TLS-RSA-WITH-"
6735
Jerry Yuab082902021-12-23 18:02:22 +08006736requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006737run_test "keyUsage srv: RSA, keyAgreement -> fail" \
Manuel Pégourié-Gonnardf2629b92014-08-30 14:20:14 +02006738 "$P_SRV key_file=data_files/server2.key \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02006739 crt_file=data_files/server2.ku-ka.crt" \
Manuel Pégourié-Gonnardf2629b92014-08-30 14:20:14 +02006740 "$P_CLI" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02006741 1 \
6742 -C "Ciphersuite is "
6743
Jerry Yuab082902021-12-23 18:02:22 +08006744requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Valerio Settid1f991c2023-02-22 12:54:13 +01006745requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006746run_test "keyUsage srv: ECDSA, digitalSignature -> ECDHE-ECDSA" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02006747 "$P_SRV key_file=data_files/server5.key \
6748 crt_file=data_files/server5.ku-ds.crt" \
6749 "$P_CLI" \
6750 0 \
6751 -c "Ciphersuite is TLS-ECDHE-ECDSA-WITH-"
6752
6753
Jerry Yuab082902021-12-23 18:02:22 +08006754requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006755run_test "keyUsage srv: ECDSA, keyAgreement -> ECDH-" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02006756 "$P_SRV key_file=data_files/server5.key \
6757 crt_file=data_files/server5.ku-ka.crt" \
6758 "$P_CLI" \
6759 0 \
6760 -c "Ciphersuite is TLS-ECDH-"
6761
Jerry Yuab082902021-12-23 18:02:22 +08006762requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006763run_test "keyUsage srv: ECDSA, keyEncipherment -> fail" \
Manuel Pégourié-Gonnardf2629b92014-08-30 14:20:14 +02006764 "$P_SRV key_file=data_files/server5.key \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02006765 crt_file=data_files/server5.ku-ke.crt" \
Manuel Pégourié-Gonnardf2629b92014-08-30 14:20:14 +02006766 "$P_CLI" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02006767 1 \
6768 -C "Ciphersuite is "
6769
6770# Tests for keyUsage in leaf certificates, part 2:
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02006771# client-side checking of server cert
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02006772
Jerry Yuab082902021-12-23 18:02:22 +08006773requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006774run_test "keyUsage cli: DigitalSignature+KeyEncipherment, RSA: OK" \
Ronald Croncbd7bfd2022-03-31 18:19:56 +02006775 "$O_SRV -tls1_2 -key data_files/server2.key \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02006776 -cert data_files/server2.ku-ds_ke.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02006777 "$P_CLI debug_level=1 \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02006778 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
6779 0 \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02006780 -C "bad certificate (usage extensions)" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02006781 -C "Processing of the Certificate handshake message failed" \
6782 -c "Ciphersuite is TLS-"
6783
Jerry Yuab082902021-12-23 18:02:22 +08006784requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006785run_test "keyUsage cli: DigitalSignature+KeyEncipherment, DHE-RSA: OK" \
Ronald Croncbd7bfd2022-03-31 18:19:56 +02006786 "$O_SRV -tls1_2 -key data_files/server2.key \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02006787 -cert data_files/server2.ku-ds_ke.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02006788 "$P_CLI debug_level=1 \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02006789 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
6790 0 \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02006791 -C "bad certificate (usage extensions)" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02006792 -C "Processing of the Certificate handshake message failed" \
6793 -c "Ciphersuite is TLS-"
6794
Jerry Yuab082902021-12-23 18:02:22 +08006795requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006796run_test "keyUsage cli: KeyEncipherment, RSA: OK" \
Ronald Croncbd7bfd2022-03-31 18:19:56 +02006797 "$O_SRV -tls1_2 -key data_files/server2.key \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02006798 -cert data_files/server2.ku-ke.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02006799 "$P_CLI debug_level=1 \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02006800 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
6801 0 \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02006802 -C "bad certificate (usage extensions)" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02006803 -C "Processing of the Certificate handshake message failed" \
6804 -c "Ciphersuite is TLS-"
6805
Jerry Yuab082902021-12-23 18:02:22 +08006806requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006807run_test "keyUsage cli: KeyEncipherment, DHE-RSA: fail" \
Ronald Croncbd7bfd2022-03-31 18:19:56 +02006808 "$O_SRV -tls1_2 -key data_files/server2.key \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02006809 -cert data_files/server2.ku-ke.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02006810 "$P_CLI debug_level=1 \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02006811 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
6812 1 \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02006813 -c "bad certificate (usage extensions)" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02006814 -c "Processing of the Certificate handshake message failed" \
6815 -C "Ciphersuite is TLS-"
6816
Jerry Yuab082902021-12-23 18:02:22 +08006817requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnarde6efa6f2015-04-20 11:01:48 +01006818run_test "keyUsage cli: KeyEncipherment, DHE-RSA: fail, soft" \
Ronald Croncbd7bfd2022-03-31 18:19:56 +02006819 "$O_SRV -tls1_2 -key data_files/server2.key \
Manuel Pégourié-Gonnarde6efa6f2015-04-20 11:01:48 +01006820 -cert data_files/server2.ku-ke.crt" \
6821 "$P_CLI debug_level=1 auth_mode=optional \
6822 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
6823 0 \
6824 -c "bad certificate (usage extensions)" \
6825 -C "Processing of the Certificate handshake message failed" \
6826 -c "Ciphersuite is TLS-" \
6827 -c "! Usage does not match the keyUsage extension"
6828
Jerry Yuab082902021-12-23 18:02:22 +08006829requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006830run_test "keyUsage cli: DigitalSignature, DHE-RSA: OK" \
Ronald Croncbd7bfd2022-03-31 18:19:56 +02006831 "$O_SRV -tls1_2 -key data_files/server2.key \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02006832 -cert data_files/server2.ku-ds.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02006833 "$P_CLI debug_level=1 \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02006834 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
6835 0 \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02006836 -C "bad certificate (usage extensions)" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02006837 -C "Processing of the Certificate handshake message failed" \
6838 -c "Ciphersuite is TLS-"
6839
Jerry Yuab082902021-12-23 18:02:22 +08006840requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006841run_test "keyUsage cli: DigitalSignature, RSA: fail" \
Ronald Croncbd7bfd2022-03-31 18:19:56 +02006842 "$O_SRV -tls1_2 -key data_files/server2.key \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02006843 -cert data_files/server2.ku-ds.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02006844 "$P_CLI debug_level=1 \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02006845 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
6846 1 \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02006847 -c "bad certificate (usage extensions)" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02006848 -c "Processing of the Certificate handshake message failed" \
6849 -C "Ciphersuite is TLS-"
6850
Jerry Yuab082902021-12-23 18:02:22 +08006851requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnarde6efa6f2015-04-20 11:01:48 +01006852run_test "keyUsage cli: DigitalSignature, RSA: fail, soft" \
Ronald Croncbd7bfd2022-03-31 18:19:56 +02006853 "$O_SRV -tls1_2 -key data_files/server2.key \
Manuel Pégourié-Gonnarde6efa6f2015-04-20 11:01:48 +01006854 -cert data_files/server2.ku-ds.crt" \
6855 "$P_CLI debug_level=1 auth_mode=optional \
6856 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
6857 0 \
6858 -c "bad certificate (usage extensions)" \
6859 -C "Processing of the Certificate handshake message failed" \
6860 -c "Ciphersuite is TLS-" \
6861 -c "! Usage does not match the keyUsage extension"
6862
Ronald Crond28f5a92022-06-16 19:27:25 +02006863requires_openssl_tls1_3
Ronald Cron70ed4172022-10-20 15:48:19 +02006864requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
6865 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Crond28f5a92022-06-16 19:27:25 +02006866run_test "keyUsage cli 1.3: DigitalSignature+KeyEncipherment, RSA: OK" \
6867 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server2.key \
6868 -cert data_files/server2.ku-ds_ke.crt" \
6869 "$P_CLI debug_level=3" \
6870 0 \
6871 -C "bad certificate (usage extensions)" \
6872 -C "Processing of the Certificate handshake message failed" \
6873 -c "Ciphersuite is"
6874
Ronald Crond28f5a92022-06-16 19:27:25 +02006875requires_openssl_tls1_3
Ronald Cron70ed4172022-10-20 15:48:19 +02006876requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
6877 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Cronba65fbb2022-06-22 14:35:05 +02006878run_test "keyUsage cli 1.3: KeyEncipherment, RSA: fail" \
Ronald Crond28f5a92022-06-16 19:27:25 +02006879 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server2.key \
6880 -cert data_files/server2.ku-ke.crt" \
6881 "$P_CLI debug_level=1" \
6882 1 \
6883 -c "bad certificate (usage extensions)" \
6884 -c "Processing of the Certificate handshake message failed" \
6885 -C "Ciphersuite is"
6886
Ronald Crond28f5a92022-06-16 19:27:25 +02006887requires_openssl_tls1_3
Ronald Cron70ed4172022-10-20 15:48:19 +02006888requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
6889 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Cronba65fbb2022-06-22 14:35:05 +02006890run_test "keyUsage cli 1.3: KeyAgreement, RSA: fail" \
Ronald Crond28f5a92022-06-16 19:27:25 +02006891 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server2.key \
6892 -cert data_files/server2.ku-ka.crt" \
6893 "$P_CLI debug_level=1" \
6894 1 \
6895 -c "bad certificate (usage extensions)" \
6896 -c "Processing of the Certificate handshake message failed" \
6897 -C "Ciphersuite is"
6898
Ronald Crond28f5a92022-06-16 19:27:25 +02006899requires_openssl_tls1_3
Ronald Cron70ed4172022-10-20 15:48:19 +02006900requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
6901 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Crond28f5a92022-06-16 19:27:25 +02006902run_test "keyUsage cli 1.3: DigitalSignature, ECDSA: OK" \
6903 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \
6904 -cert data_files/server5.ku-ds.crt" \
6905 "$P_CLI debug_level=3" \
6906 0 \
6907 -C "bad certificate (usage extensions)" \
6908 -C "Processing of the Certificate handshake message failed" \
6909 -c "Ciphersuite is"
6910
Ronald Crond28f5a92022-06-16 19:27:25 +02006911requires_openssl_tls1_3
Ronald Cron70ed4172022-10-20 15:48:19 +02006912requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
6913 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Cronba65fbb2022-06-22 14:35:05 +02006914run_test "keyUsage cli 1.3: KeyEncipherment, ECDSA: fail" \
Ronald Crond28f5a92022-06-16 19:27:25 +02006915 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \
6916 -cert data_files/server5.ku-ke.crt" \
6917 "$P_CLI debug_level=1" \
6918 1 \
6919 -c "bad certificate (usage extensions)" \
6920 -c "Processing of the Certificate handshake message failed" \
6921 -C "Ciphersuite is"
6922
Ronald Crond28f5a92022-06-16 19:27:25 +02006923requires_openssl_tls1_3
Ronald Cron70ed4172022-10-20 15:48:19 +02006924requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
6925 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Cronba65fbb2022-06-22 14:35:05 +02006926run_test "keyUsage cli 1.3: KeyAgreement, ECDSA: fail" \
Ronald Crond28f5a92022-06-16 19:27:25 +02006927 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \
6928 -cert data_files/server5.ku-ka.crt" \
6929 "$P_CLI debug_level=1" \
6930 1 \
6931 -c "bad certificate (usage extensions)" \
6932 -c "Processing of the Certificate handshake message failed" \
6933 -C "Ciphersuite is"
6934
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02006935# Tests for keyUsage in leaf certificates, part 3:
6936# server-side checking of client cert
6937
Jerry Yuab082902021-12-23 18:02:22 +08006938requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006939run_test "keyUsage cli-auth: RSA, DigitalSignature: OK" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02006940 "$P_SRV debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02006941 "$O_CLI -key data_files/server2.key \
6942 -cert data_files/server2.ku-ds.crt" \
6943 0 \
Ronald Cronf9c13fe2022-06-22 14:35:17 +02006944 -s "Verifying peer X.509 certificate... ok" \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02006945 -S "bad certificate (usage extensions)" \
6946 -S "Processing of the Certificate handshake message failed"
6947
Jerry Yuab082902021-12-23 18:02:22 +08006948requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006949run_test "keyUsage cli-auth: RSA, KeyEncipherment: fail (soft)" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02006950 "$P_SRV debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02006951 "$O_CLI -key data_files/server2.key \
6952 -cert data_files/server2.ku-ke.crt" \
6953 0 \
6954 -s "bad certificate (usage extensions)" \
6955 -S "Processing of the Certificate handshake message failed"
6956
Jerry Yuab082902021-12-23 18:02:22 +08006957requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006958run_test "keyUsage cli-auth: RSA, KeyEncipherment: fail (hard)" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02006959 "$P_SRV debug_level=1 auth_mode=required" \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02006960 "$O_CLI -key data_files/server2.key \
6961 -cert data_files/server2.ku-ke.crt" \
6962 1 \
6963 -s "bad certificate (usage extensions)" \
6964 -s "Processing of the Certificate handshake message failed"
6965
Jerry Yuab082902021-12-23 18:02:22 +08006966requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006967run_test "keyUsage cli-auth: ECDSA, DigitalSignature: OK" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02006968 "$P_SRV debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02006969 "$O_CLI -key data_files/server5.key \
6970 -cert data_files/server5.ku-ds.crt" \
6971 0 \
Ronald Cronf9c13fe2022-06-22 14:35:17 +02006972 -s "Verifying peer X.509 certificate... ok" \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02006973 -S "bad certificate (usage extensions)" \
6974 -S "Processing of the Certificate handshake message failed"
6975
Jerry Yuab082902021-12-23 18:02:22 +08006976requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006977run_test "keyUsage cli-auth: ECDSA, KeyAgreement: fail (soft)" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02006978 "$P_SRV debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02006979 "$O_CLI -key data_files/server5.key \
6980 -cert data_files/server5.ku-ka.crt" \
6981 0 \
6982 -s "bad certificate (usage extensions)" \
6983 -S "Processing of the Certificate handshake message failed"
6984
Ronald Crond28f5a92022-06-16 19:27:25 +02006985requires_openssl_tls1_3
Ronald Cron70ed4172022-10-20 15:48:19 +02006986requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
6987 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Crond28f5a92022-06-16 19:27:25 +02006988run_test "keyUsage cli-auth 1.3: RSA, DigitalSignature: OK" \
Ronald Cron89ca9772022-10-17 14:56:45 +02006989 "$P_SRV debug_level=1 force_version=tls13 auth_mode=optional" \
Ronald Crond28f5a92022-06-16 19:27:25 +02006990 "$O_NEXT_CLI_NO_CERT -key data_files/server2.key \
6991 -cert data_files/server2.ku-ds.crt" \
6992 0 \
Ronald Cronf9c13fe2022-06-22 14:35:17 +02006993 -s "Verifying peer X.509 certificate... ok" \
Ronald Crond28f5a92022-06-16 19:27:25 +02006994 -S "bad certificate (usage extensions)" \
6995 -S "Processing of the Certificate handshake message failed"
6996
Ronald Crond28f5a92022-06-16 19:27:25 +02006997requires_openssl_tls1_3
Ronald Cron70ed4172022-10-20 15:48:19 +02006998requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
6999 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Crond28f5a92022-06-16 19:27:25 +02007000run_test "keyUsage cli-auth 1.3: RSA, KeyEncipherment: fail (soft)" \
Ronald Cron89ca9772022-10-17 14:56:45 +02007001 "$P_SRV debug_level=1 force_version=tls13 auth_mode=optional" \
Ronald Crond28f5a92022-06-16 19:27:25 +02007002 "$O_NEXT_CLI_NO_CERT -key data_files/server2.key \
7003 -cert data_files/server2.ku-ke.crt" \
7004 0 \
7005 -s "bad certificate (usage extensions)" \
7006 -S "Processing of the Certificate handshake message failed"
7007
Ronald Crond28f5a92022-06-16 19:27:25 +02007008requires_openssl_tls1_3
Ronald Cron70ed4172022-10-20 15:48:19 +02007009requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
7010 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Crond28f5a92022-06-16 19:27:25 +02007011run_test "keyUsage cli-auth 1.3: ECDSA, DigitalSignature: OK" \
Ronald Cron89ca9772022-10-17 14:56:45 +02007012 "$P_SRV debug_level=1 force_version=tls13 auth_mode=optional" \
Ronald Crond28f5a92022-06-16 19:27:25 +02007013 "$O_NEXT_CLI_NO_CERT -key data_files/server5.key \
7014 -cert data_files/server5.ku-ds.crt" \
7015 0 \
Ronald Cronf9c13fe2022-06-22 14:35:17 +02007016 -s "Verifying peer X.509 certificate... ok" \
Ronald Crond28f5a92022-06-16 19:27:25 +02007017 -S "bad certificate (usage extensions)" \
7018 -S "Processing of the Certificate handshake message failed"
7019
Ronald Crond28f5a92022-06-16 19:27:25 +02007020requires_openssl_tls1_3
Ronald Cron70ed4172022-10-20 15:48:19 +02007021requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
7022 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Crond28f5a92022-06-16 19:27:25 +02007023run_test "keyUsage cli-auth 1.3: ECDSA, KeyAgreement: fail (soft)" \
Ronald Cron89ca9772022-10-17 14:56:45 +02007024 "$P_SRV debug_level=1 force_version=tls13 auth_mode=optional" \
Ronald Crond28f5a92022-06-16 19:27:25 +02007025 "$O_NEXT_CLI_NO_CERT -key data_files/server5.key \
7026 -cert data_files/server5.ku-ka.crt" \
7027 0 \
7028 -s "bad certificate (usage extensions)" \
7029 -S "Processing of the Certificate handshake message failed"
7030
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02007031# Tests for extendedKeyUsage, part 1: server-side certificate/suite selection
7032
Jerry Yuab082902021-12-23 18:02:22 +08007033requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02007034run_test "extKeyUsage srv: serverAuth -> OK" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02007035 "$P_SRV key_file=data_files/server5.key \
7036 crt_file=data_files/server5.eku-srv.crt" \
7037 "$P_CLI" \
7038 0
7039
Jerry Yuab082902021-12-23 18:02:22 +08007040requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02007041run_test "extKeyUsage srv: serverAuth,clientAuth -> OK" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02007042 "$P_SRV key_file=data_files/server5.key \
7043 crt_file=data_files/server5.eku-srv.crt" \
7044 "$P_CLI" \
7045 0
7046
Jerry Yuab082902021-12-23 18:02:22 +08007047requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02007048run_test "extKeyUsage srv: codeSign,anyEKU -> OK" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02007049 "$P_SRV key_file=data_files/server5.key \
7050 crt_file=data_files/server5.eku-cs_any.crt" \
7051 "$P_CLI" \
7052 0
7053
Jerry Yuab082902021-12-23 18:02:22 +08007054requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02007055run_test "extKeyUsage srv: codeSign -> fail" \
Manuel Pégourié-Gonnard7eb58cb2015-07-07 11:54:14 +02007056 "$P_SRV key_file=data_files/server5.key \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02007057 crt_file=data_files/server5.eku-cli.crt" \
Manuel Pégourié-Gonnard7eb58cb2015-07-07 11:54:14 +02007058 "$P_CLI" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02007059 1
7060
7061# Tests for extendedKeyUsage, part 2: client-side checking of server cert
7062
Jerry Yuab082902021-12-23 18:02:22 +08007063requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02007064run_test "extKeyUsage cli: serverAuth -> OK" \
Ronald Croncbd7bfd2022-03-31 18:19:56 +02007065 "$O_SRV -tls1_2 -key data_files/server5.key \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02007066 -cert data_files/server5.eku-srv.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02007067 "$P_CLI debug_level=1" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02007068 0 \
7069 -C "bad certificate (usage extensions)" \
7070 -C "Processing of the Certificate handshake message failed" \
7071 -c "Ciphersuite is TLS-"
7072
Jerry Yuab082902021-12-23 18:02:22 +08007073requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02007074run_test "extKeyUsage cli: serverAuth,clientAuth -> OK" \
Ronald Croncbd7bfd2022-03-31 18:19:56 +02007075 "$O_SRV -tls1_2 -key data_files/server5.key \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02007076 -cert data_files/server5.eku-srv_cli.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02007077 "$P_CLI debug_level=1" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02007078 0 \
7079 -C "bad certificate (usage extensions)" \
7080 -C "Processing of the Certificate handshake message failed" \
7081 -c "Ciphersuite is TLS-"
7082
Jerry Yuab082902021-12-23 18:02:22 +08007083requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02007084run_test "extKeyUsage cli: codeSign,anyEKU -> OK" \
Ronald Croncbd7bfd2022-03-31 18:19:56 +02007085 "$O_SRV -tls1_2 -key data_files/server5.key \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02007086 -cert data_files/server5.eku-cs_any.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02007087 "$P_CLI debug_level=1" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02007088 0 \
7089 -C "bad certificate (usage extensions)" \
7090 -C "Processing of the Certificate handshake message failed" \
7091 -c "Ciphersuite is TLS-"
7092
Jerry Yuab082902021-12-23 18:02:22 +08007093requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02007094run_test "extKeyUsage cli: codeSign -> fail" \
Ronald Croncbd7bfd2022-03-31 18:19:56 +02007095 "$O_SRV -tls1_2 -key data_files/server5.key \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02007096 -cert data_files/server5.eku-cs.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02007097 "$P_CLI debug_level=1" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02007098 1 \
7099 -c "bad certificate (usage extensions)" \
7100 -c "Processing of the Certificate handshake message failed" \
7101 -C "Ciphersuite is TLS-"
7102
Ronald Crond28f5a92022-06-16 19:27:25 +02007103requires_openssl_tls1_3
Ronald Cron70ed4172022-10-20 15:48:19 +02007104requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
7105 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Crond28f5a92022-06-16 19:27:25 +02007106run_test "extKeyUsage cli 1.3: serverAuth -> OK" \
7107 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \
7108 -cert data_files/server5.eku-srv.crt" \
7109 "$P_CLI debug_level=1" \
7110 0 \
7111 -C "bad certificate (usage extensions)" \
7112 -C "Processing of the Certificate handshake message failed" \
7113 -c "Ciphersuite is"
7114
Ronald Crond28f5a92022-06-16 19:27:25 +02007115requires_openssl_tls1_3
Ronald Cron70ed4172022-10-20 15:48:19 +02007116requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
7117 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Crond28f5a92022-06-16 19:27:25 +02007118run_test "extKeyUsage cli 1.3: serverAuth,clientAuth -> OK" \
7119 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \
7120 -cert data_files/server5.eku-srv_cli.crt" \
7121 "$P_CLI debug_level=1" \
7122 0 \
7123 -C "bad certificate (usage extensions)" \
7124 -C "Processing of the Certificate handshake message failed" \
7125 -c "Ciphersuite is"
7126
Ronald Crond28f5a92022-06-16 19:27:25 +02007127requires_openssl_tls1_3
Ronald Cron70ed4172022-10-20 15:48:19 +02007128requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
7129 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Crond28f5a92022-06-16 19:27:25 +02007130run_test "extKeyUsage cli 1.3: codeSign,anyEKU -> OK" \
7131 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \
7132 -cert data_files/server5.eku-cs_any.crt" \
7133 "$P_CLI debug_level=1" \
7134 0 \
7135 -C "bad certificate (usage extensions)" \
7136 -C "Processing of the Certificate handshake message failed" \
7137 -c "Ciphersuite is"
7138
Ronald Crond28f5a92022-06-16 19:27:25 +02007139requires_openssl_tls1_3
Ronald Cron70ed4172022-10-20 15:48:19 +02007140requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
7141 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Crond28f5a92022-06-16 19:27:25 +02007142run_test "extKeyUsage cli 1.3: codeSign -> fail" \
7143 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \
7144 -cert data_files/server5.eku-cs.crt" \
7145 "$P_CLI debug_level=1" \
7146 1 \
7147 -c "bad certificate (usage extensions)" \
7148 -c "Processing of the Certificate handshake message failed" \
7149 -C "Ciphersuite is"
7150
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02007151# Tests for extendedKeyUsage, part 3: server-side checking of client cert
7152
Jerry Yuab082902021-12-23 18:02:22 +08007153requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02007154run_test "extKeyUsage cli-auth: clientAuth -> OK" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02007155 "$P_SRV debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02007156 "$O_CLI -key data_files/server5.key \
7157 -cert data_files/server5.eku-cli.crt" \
7158 0 \
7159 -S "bad certificate (usage extensions)" \
7160 -S "Processing of the Certificate handshake message failed"
7161
Jerry Yuab082902021-12-23 18:02:22 +08007162requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02007163run_test "extKeyUsage cli-auth: serverAuth,clientAuth -> OK" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02007164 "$P_SRV debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02007165 "$O_CLI -key data_files/server5.key \
7166 -cert data_files/server5.eku-srv_cli.crt" \
7167 0 \
7168 -S "bad certificate (usage extensions)" \
7169 -S "Processing of the Certificate handshake message failed"
7170
Jerry Yuab082902021-12-23 18:02:22 +08007171requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02007172run_test "extKeyUsage cli-auth: codeSign,anyEKU -> OK" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02007173 "$P_SRV debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02007174 "$O_CLI -key data_files/server5.key \
7175 -cert data_files/server5.eku-cs_any.crt" \
7176 0 \
7177 -S "bad certificate (usage extensions)" \
7178 -S "Processing of the Certificate handshake message failed"
7179
Jerry Yuab082902021-12-23 18:02:22 +08007180requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02007181run_test "extKeyUsage cli-auth: codeSign -> fail (soft)" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02007182 "$P_SRV debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02007183 "$O_CLI -key data_files/server5.key \
7184 -cert data_files/server5.eku-cs.crt" \
7185 0 \
7186 -s "bad certificate (usage extensions)" \
7187 -S "Processing of the Certificate handshake message failed"
7188
Jerry Yuab082902021-12-23 18:02:22 +08007189requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02007190run_test "extKeyUsage cli-auth: codeSign -> fail (hard)" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02007191 "$P_SRV debug_level=1 auth_mode=required" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02007192 "$O_CLI -key data_files/server5.key \
7193 -cert data_files/server5.eku-cs.crt" \
7194 1 \
7195 -s "bad certificate (usage extensions)" \
7196 -s "Processing of the Certificate handshake message failed"
7197
Ronald Crond28f5a92022-06-16 19:27:25 +02007198requires_openssl_tls1_3
Ronald Cron70ed4172022-10-20 15:48:19 +02007199requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
7200 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Crond28f5a92022-06-16 19:27:25 +02007201run_test "extKeyUsage cli-auth 1.3: clientAuth -> OK" \
Ronald Cron89ca9772022-10-17 14:56:45 +02007202 "$P_SRV debug_level=1 force_version=tls13 auth_mode=optional" \
Ronald Crond28f5a92022-06-16 19:27:25 +02007203 "$O_NEXT_CLI_NO_CERT -key data_files/server5.key \
7204 -cert data_files/server5.eku-cli.crt" \
7205 0 \
7206 -S "bad certificate (usage extensions)" \
7207 -S "Processing of the Certificate handshake message failed"
7208
Ronald Crond28f5a92022-06-16 19:27:25 +02007209requires_openssl_tls1_3
Ronald Cron70ed4172022-10-20 15:48:19 +02007210requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
7211 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Crond28f5a92022-06-16 19:27:25 +02007212run_test "extKeyUsage cli-auth 1.3: serverAuth,clientAuth -> OK" \
Ronald Cron89ca9772022-10-17 14:56:45 +02007213 "$P_SRV debug_level=1 force_version=tls13 auth_mode=optional" \
Ronald Crond28f5a92022-06-16 19:27:25 +02007214 "$O_NEXT_CLI_NO_CERT -key data_files/server5.key \
7215 -cert data_files/server5.eku-srv_cli.crt" \
7216 0 \
7217 -S "bad certificate (usage extensions)" \
7218 -S "Processing of the Certificate handshake message failed"
7219
Ronald Crond28f5a92022-06-16 19:27:25 +02007220requires_openssl_tls1_3
Ronald Cron70ed4172022-10-20 15:48:19 +02007221requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
7222 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Crond28f5a92022-06-16 19:27:25 +02007223run_test "extKeyUsage cli-auth 1.3: codeSign,anyEKU -> OK" \
Ronald Cron89ca9772022-10-17 14:56:45 +02007224 "$P_SRV debug_level=1 force_version=tls13 auth_mode=optional" \
Ronald Crond28f5a92022-06-16 19:27:25 +02007225 "$O_NEXT_CLI_NO_CERT -key data_files/server5.key \
7226 -cert data_files/server5.eku-cs_any.crt" \
7227 0 \
7228 -S "bad certificate (usage extensions)" \
7229 -S "Processing of the Certificate handshake message failed"
7230
Ronald Crond28f5a92022-06-16 19:27:25 +02007231requires_openssl_tls1_3
Ronald Cron70ed4172022-10-20 15:48:19 +02007232requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
7233 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Crond28f5a92022-06-16 19:27:25 +02007234run_test "extKeyUsage cli-auth 1.3: codeSign -> fail (soft)" \
Ronald Cron89ca9772022-10-17 14:56:45 +02007235 "$P_SRV debug_level=1 force_version=tls13 auth_mode=optional" \
Ronald Crond28f5a92022-06-16 19:27:25 +02007236 "$O_NEXT_CLI_NO_CERT -key data_files/server5.key \
7237 -cert data_files/server5.eku-cs.crt" \
7238 0 \
7239 -s "bad certificate (usage extensions)" \
7240 -S "Processing of the Certificate handshake message failed"
7241
Manuel Pégourié-Gonnard0cc7e312014-06-09 11:36:47 +02007242# Tests for DHM parameters loading
7243
Jerry Yuab082902021-12-23 18:02:22 +08007244requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02007245run_test "DHM parameters: reference" \
Manuel Pégourié-Gonnard0cc7e312014-06-09 11:36:47 +02007246 "$P_SRV" \
7247 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
7248 debug_level=3" \
7249 0 \
7250 -c "value of 'DHM: P ' (2048 bits)" \
Hanno Becker13be9902017-09-27 17:17:30 +01007251 -c "value of 'DHM: G ' (2 bits)"
Manuel Pégourié-Gonnard0cc7e312014-06-09 11:36:47 +02007252
Jerry Yuab082902021-12-23 18:02:22 +08007253requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02007254run_test "DHM parameters: other parameters" \
Manuel Pégourié-Gonnard0cc7e312014-06-09 11:36:47 +02007255 "$P_SRV dhm_file=data_files/dhparams.pem" \
7256 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
7257 debug_level=3" \
7258 0 \
7259 -c "value of 'DHM: P ' (1024 bits)" \
7260 -c "value of 'DHM: G ' (2 bits)"
7261
Manuel Pégourié-Gonnard7a010aa2015-06-12 11:19:10 +02007262# Tests for DHM client-side size checking
7263
Jerry Yuab082902021-12-23 18:02:22 +08007264requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard7a010aa2015-06-12 11:19:10 +02007265run_test "DHM size: server default, client default, OK" \
7266 "$P_SRV" \
7267 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
7268 debug_level=1" \
7269 0 \
7270 -C "DHM prime too short:"
7271
Jerry Yuab082902021-12-23 18:02:22 +08007272requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard7a010aa2015-06-12 11:19:10 +02007273run_test "DHM size: server default, client 2048, OK" \
7274 "$P_SRV" \
7275 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
7276 debug_level=1 dhmlen=2048" \
7277 0 \
7278 -C "DHM prime too short:"
7279
Jerry Yuab082902021-12-23 18:02:22 +08007280requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard7a010aa2015-06-12 11:19:10 +02007281run_test "DHM size: server 1024, client default, OK" \
7282 "$P_SRV dhm_file=data_files/dhparams.pem" \
7283 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
7284 debug_level=1" \
7285 0 \
7286 -C "DHM prime too short:"
7287
Jerry Yuab082902021-12-23 18:02:22 +08007288requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskinec6b0d962020-12-08 22:31:52 +01007289run_test "DHM size: server 999, client 999, OK" \
7290 "$P_SRV dhm_file=data_files/dh.999.pem" \
7291 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
7292 debug_level=1 dhmlen=999" \
7293 0 \
7294 -C "DHM prime too short:"
7295
Jerry Yuab082902021-12-23 18:02:22 +08007296requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskinec6b0d962020-12-08 22:31:52 +01007297run_test "DHM size: server 1000, client 1000, OK" \
7298 "$P_SRV dhm_file=data_files/dh.1000.pem" \
7299 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
7300 debug_level=1 dhmlen=1000" \
7301 0 \
7302 -C "DHM prime too short:"
7303
Jerry Yuab082902021-12-23 18:02:22 +08007304requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard7a010aa2015-06-12 11:19:10 +02007305run_test "DHM size: server 1000, client default, rejected" \
7306 "$P_SRV dhm_file=data_files/dh.1000.pem" \
7307 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
7308 debug_level=1" \
7309 1 \
7310 -c "DHM prime too short:"
7311
Jerry Yuab082902021-12-23 18:02:22 +08007312requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskinec6b0d962020-12-08 22:31:52 +01007313run_test "DHM size: server 1000, client 1001, rejected" \
7314 "$P_SRV dhm_file=data_files/dh.1000.pem" \
7315 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
7316 debug_level=1 dhmlen=1001" \
7317 1 \
7318 -c "DHM prime too short:"
7319
Jerry Yuab082902021-12-23 18:02:22 +08007320requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskinec6b0d962020-12-08 22:31:52 +01007321run_test "DHM size: server 999, client 1000, rejected" \
7322 "$P_SRV dhm_file=data_files/dh.999.pem" \
7323 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
7324 debug_level=1 dhmlen=1000" \
7325 1 \
7326 -c "DHM prime too short:"
7327
Jerry Yuab082902021-12-23 18:02:22 +08007328requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskinec6b0d962020-12-08 22:31:52 +01007329run_test "DHM size: server 998, client 999, rejected" \
7330 "$P_SRV dhm_file=data_files/dh.998.pem" \
7331 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
7332 debug_level=1 dhmlen=999" \
7333 1 \
7334 -c "DHM prime too short:"
7335
Jerry Yuab082902021-12-23 18:02:22 +08007336requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard7a010aa2015-06-12 11:19:10 +02007337run_test "DHM size: server default, client 2049, rejected" \
7338 "$P_SRV" \
7339 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
7340 debug_level=1 dhmlen=2049" \
7341 1 \
7342 -c "DHM prime too short:"
7343
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02007344# Tests for PSK callback
7345
Jerry Yuab082902021-12-23 18:02:22 +08007346requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02007347run_test "PSK callback: psk, no callback" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02007348 "$P_SRV psk=abc123 psk_identity=foo" \
7349 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
7350 psk_identity=foo psk=abc123" \
7351 0 \
Dave Rodgmane5b828c2021-06-29 19:05:34 +01007352 -S "SSL - The handshake negotiation failed" \
Manuel Pégourié-Gonnard10c3c9f2014-06-10 15:28:52 +02007353 -S "SSL - Unknown identity received" \
7354 -S "SSL - Verification of the message MAC failed"
7355
Hanno Beckerf7027512018-10-23 15:27:39 +01007356requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Jerry Yuab082902021-12-23 18:02:22 +08007357requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckerf7027512018-10-23 15:27:39 +01007358run_test "PSK callback: opaque psk on client, no callback" \
7359 "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +00007360 "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
Hanno Becker1d911cd2018-11-15 13:06:09 +00007361 psk_identity=foo psk=abc123 psk_opaque=1" \
Hanno Beckerf7027512018-10-23 15:27:39 +01007362 0 \
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02007363 -C "session hash for extended master secret"\
7364 -S "session hash for extended master secret"\
Dave Rodgmane5b828c2021-06-29 19:05:34 +01007365 -S "SSL - The handshake negotiation failed" \
Hanno Beckerf7027512018-10-23 15:27:39 +01007366 -S "SSL - Unknown identity received" \
7367 -S "SSL - Verification of the message MAC failed"
7368
7369requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Jerry Yuab082902021-12-23 18:02:22 +08007370requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckerf7027512018-10-23 15:27:39 +01007371run_test "PSK callback: opaque psk on client, no callback, SHA-384" \
7372 "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +00007373 "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
Hanno Becker1d911cd2018-11-15 13:06:09 +00007374 psk_identity=foo psk=abc123 psk_opaque=1" \
Hanno Beckerf7027512018-10-23 15:27:39 +01007375 0 \
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02007376 -C "session hash for extended master secret"\
7377 -S "session hash for extended master secret"\
Dave Rodgmane5b828c2021-06-29 19:05:34 +01007378 -S "SSL - The handshake negotiation failed" \
Hanno Beckerf7027512018-10-23 15:27:39 +01007379 -S "SSL - Unknown identity received" \
7380 -S "SSL - Verification of the message MAC failed"
7381
7382requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Jerry Yuab082902021-12-23 18:02:22 +08007383requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckerf7027512018-10-23 15:27:39 +01007384run_test "PSK callback: opaque psk on client, no callback, EMS" \
7385 "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +00007386 "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
Hanno Becker1d911cd2018-11-15 13:06:09 +00007387 psk_identity=foo psk=abc123 psk_opaque=1" \
Hanno Beckerf7027512018-10-23 15:27:39 +01007388 0 \
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02007389 -c "session hash for extended master secret"\
7390 -s "session hash for extended master secret"\
Dave Rodgmane5b828c2021-06-29 19:05:34 +01007391 -S "SSL - The handshake negotiation failed" \
Hanno Beckerf7027512018-10-23 15:27:39 +01007392 -S "SSL - Unknown identity received" \
7393 -S "SSL - Verification of the message MAC failed"
7394
7395requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Jerry Yuab082902021-12-23 18:02:22 +08007396requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckerf7027512018-10-23 15:27:39 +01007397run_test "PSK callback: opaque psk on client, no callback, SHA-384, EMS" \
7398 "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +00007399 "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
Hanno Becker1d911cd2018-11-15 13:06:09 +00007400 psk_identity=foo psk=abc123 psk_opaque=1" \
Hanno Beckerf7027512018-10-23 15:27:39 +01007401 0 \
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02007402 -c "session hash for extended master secret"\
7403 -s "session hash for extended master secret"\
Dave Rodgmane5b828c2021-06-29 19:05:34 +01007404 -S "SSL - The handshake negotiation failed" \
Hanno Beckerf7027512018-10-23 15:27:39 +01007405 -S "SSL - Unknown identity received" \
7406 -S "SSL - Verification of the message MAC failed"
7407
Hanno Becker28c79dc2018-10-26 13:15:08 +01007408requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Jerry Yuab082902021-12-23 18:02:22 +08007409requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Przemek Stekiel8e0495e2022-04-05 23:00:04 +02007410run_test "PSK callback: opaque rsa-psk on client, no callback" \
7411 "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \
7412 "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256 \
7413 psk_identity=foo psk=abc123 psk_opaque=1" \
7414 0 \
Przemek Stekiel8e0495e2022-04-05 23:00:04 +02007415 -C "session hash for extended master secret"\
7416 -S "session hash for extended master secret"\
7417 -S "SSL - The handshake negotiation failed" \
7418 -S "SSL - Unknown identity received" \
7419 -S "SSL - Verification of the message MAC failed"
7420
7421requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7422requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7423run_test "PSK callback: opaque rsa-psk on client, no callback, SHA-384" \
7424 "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \
7425 "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
7426 psk_identity=foo psk=abc123 psk_opaque=1" \
7427 0 \
Przemek Stekiel8e0495e2022-04-05 23:00:04 +02007428 -C "session hash for extended master secret"\
7429 -S "session hash for extended master secret"\
7430 -S "SSL - The handshake negotiation failed" \
7431 -S "SSL - Unknown identity received" \
7432 -S "SSL - Verification of the message MAC failed"
7433
7434requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7435requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7436run_test "PSK callback: opaque rsa-psk on client, no callback, EMS" \
7437 "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \
7438 "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
7439 psk_identity=foo psk=abc123 psk_opaque=1" \
7440 0 \
Przemek Stekiel8e0495e2022-04-05 23:00:04 +02007441 -c "session hash for extended master secret"\
7442 -s "session hash for extended master secret"\
7443 -S "SSL - The handshake negotiation failed" \
7444 -S "SSL - Unknown identity received" \
7445 -S "SSL - Verification of the message MAC failed"
7446
7447requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7448requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7449run_test "PSK callback: opaque rsa-psk on client, no callback, SHA-384, EMS" \
7450 "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \
7451 "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
7452 psk_identity=foo psk=abc123 psk_opaque=1" \
7453 0 \
Przemek Stekiel8e0495e2022-04-05 23:00:04 +02007454 -c "session hash for extended master secret"\
7455 -s "session hash for extended master secret"\
7456 -S "SSL - The handshake negotiation failed" \
7457 -S "SSL - Unknown identity received" \
7458 -S "SSL - Verification of the message MAC failed"
7459
7460requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7461requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Przemek Stekielb6a05032022-04-14 10:22:18 +02007462run_test "PSK callback: opaque ecdhe-psk on client, no callback" \
7463 "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \
7464 "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \
7465 psk_identity=foo psk=abc123 psk_opaque=1" \
7466 0 \
Przemek Stekielb6a05032022-04-14 10:22:18 +02007467 -C "session hash for extended master secret"\
7468 -S "session hash for extended master secret"\
7469 -S "SSL - The handshake negotiation failed" \
7470 -S "SSL - Unknown identity received" \
7471 -S "SSL - Verification of the message MAC failed"
7472
7473requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7474requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7475run_test "PSK callback: opaque ecdhe-psk on client, no callback, SHA-384" \
7476 "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \
7477 "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
7478 psk_identity=foo psk=abc123 psk_opaque=1" \
7479 0 \
Przemek Stekielb6a05032022-04-14 10:22:18 +02007480 -C "session hash for extended master secret"\
7481 -S "session hash for extended master secret"\
7482 -S "SSL - The handshake negotiation failed" \
7483 -S "SSL - Unknown identity received" \
7484 -S "SSL - Verification of the message MAC failed"
7485
7486requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7487requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7488run_test "PSK callback: opaque ecdhe-psk on client, no callback, EMS" \
7489 "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \
7490 "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \
7491 psk_identity=foo psk=abc123 psk_opaque=1" \
7492 0 \
Przemek Stekielb6a05032022-04-14 10:22:18 +02007493 -c "session hash for extended master secret"\
7494 -s "session hash for extended master secret"\
7495 -S "SSL - The handshake negotiation failed" \
7496 -S "SSL - Unknown identity received" \
7497 -S "SSL - Verification of the message MAC failed"
7498
7499requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7500requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7501run_test "PSK callback: opaque ecdhe-psk on client, no callback, SHA-384, EMS" \
7502 "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \
7503 "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
7504 psk_identity=foo psk=abc123 psk_opaque=1" \
7505 0 \
Przemek Stekielb6a05032022-04-14 10:22:18 +02007506 -c "session hash for extended master secret"\
7507 -s "session hash for extended master secret"\
7508 -S "SSL - The handshake negotiation failed" \
7509 -S "SSL - Unknown identity received" \
7510 -S "SSL - Verification of the message MAC failed"
7511
Przemek Stekiel85d46fe2022-04-19 12:47:48 +02007512requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7513requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7514run_test "PSK callback: opaque dhe-psk on client, no callback" \
7515 "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \
7516 "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA256 \
7517 psk_identity=foo psk=abc123 psk_opaque=1" \
7518 0 \
Przemek Stekiel85d46fe2022-04-19 12:47:48 +02007519 -C "session hash for extended master secret"\
7520 -S "session hash for extended master secret"\
7521 -S "SSL - The handshake negotiation failed" \
7522 -S "SSL - Unknown identity received" \
7523 -S "SSL - Verification of the message MAC failed"
7524
7525requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7526requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7527run_test "PSK callback: opaque dhe-psk on client, no callback, SHA-384" \
7528 "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \
7529 "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
7530 psk_identity=foo psk=abc123 psk_opaque=1" \
7531 0 \
Przemek Stekiel85d46fe2022-04-19 12:47:48 +02007532 -C "session hash for extended master secret"\
7533 -S "session hash for extended master secret"\
7534 -S "SSL - The handshake negotiation failed" \
7535 -S "SSL - Unknown identity received" \
7536 -S "SSL - Verification of the message MAC failed"
7537
7538requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7539requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7540run_test "PSK callback: opaque dhe-psk on client, no callback, EMS" \
7541 "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \
7542 "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
7543 psk_identity=foo psk=abc123 psk_opaque=1" \
7544 0 \
Przemek Stekiel85d46fe2022-04-19 12:47:48 +02007545 -c "session hash for extended master secret"\
7546 -s "session hash for extended master secret"\
7547 -S "SSL - The handshake negotiation failed" \
7548 -S "SSL - Unknown identity received" \
7549 -S "SSL - Verification of the message MAC failed"
7550
7551requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7552requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7553run_test "PSK callback: opaque dhe-psk on client, no callback, SHA-384, EMS" \
7554 "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \
7555 "$P_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
7556 psk_identity=foo psk=abc123 psk_opaque=1" \
7557 0 \
Przemek Stekiel85d46fe2022-04-19 12:47:48 +02007558 -c "session hash for extended master secret"\
7559 -s "session hash for extended master secret"\
7560 -S "SSL - The handshake negotiation failed" \
7561 -S "SSL - Unknown identity received" \
7562 -S "SSL - Verification of the message MAC failed"
Przemek Stekielb6a05032022-04-14 10:22:18 +02007563
7564requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7565requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker28c79dc2018-10-26 13:15:08 +01007566run_test "PSK callback: raw psk on client, static opaque on server, no callback" \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +00007567 "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
7568 "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
Hanno Becker28c79dc2018-10-26 13:15:08 +01007569 psk_identity=foo psk=abc123" \
7570 0 \
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02007571 -C "session hash for extended master secret"\
7572 -S "session hash for extended master secret"\
Dave Rodgmane5b828c2021-06-29 19:05:34 +01007573 -S "SSL - The handshake negotiation failed" \
Hanno Becker28c79dc2018-10-26 13:15:08 +01007574 -S "SSL - Unknown identity received" \
7575 -S "SSL - Verification of the message MAC failed"
7576
7577requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Jerry Yuab082902021-12-23 18:02:22 +08007578requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker28c79dc2018-10-26 13:15:08 +01007579run_test "PSK callback: raw psk on client, static opaque on server, no callback, SHA-384" \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +00007580 "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \
7581 "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
Hanno Becker28c79dc2018-10-26 13:15:08 +01007582 psk_identity=foo psk=abc123" \
7583 0 \
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02007584 -C "session hash for extended master secret"\
7585 -S "session hash for extended master secret"\
Dave Rodgmane5b828c2021-06-29 19:05:34 +01007586 -S "SSL - The handshake negotiation failed" \
Hanno Becker28c79dc2018-10-26 13:15:08 +01007587 -S "SSL - Unknown identity received" \
7588 -S "SSL - Verification of the message MAC failed"
7589
7590requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Jerry Yuab082902021-12-23 18:02:22 +08007591requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker28c79dc2018-10-26 13:15:08 +01007592run_test "PSK callback: raw psk on client, static opaque on server, no callback, EMS" \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +00007593 "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 \
Hanno Becker28c79dc2018-10-26 13:15:08 +01007594 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +00007595 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
Hanno Becker28c79dc2018-10-26 13:15:08 +01007596 psk_identity=foo psk=abc123 extended_ms=1" \
7597 0 \
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02007598 -c "session hash for extended master secret"\
7599 -s "session hash for extended master secret"\
Dave Rodgmane5b828c2021-06-29 19:05:34 +01007600 -S "SSL - The handshake negotiation failed" \
Hanno Becker28c79dc2018-10-26 13:15:08 +01007601 -S "SSL - Unknown identity received" \
7602 -S "SSL - Verification of the message MAC failed"
7603
7604requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Jerry Yuab082902021-12-23 18:02:22 +08007605requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker28c79dc2018-10-26 13:15:08 +01007606run_test "PSK callback: raw psk on client, static opaque on server, no callback, EMS, SHA384" \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +00007607 "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 \
Hanno Becker28c79dc2018-10-26 13:15:08 +01007608 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +00007609 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
Hanno Becker28c79dc2018-10-26 13:15:08 +01007610 psk_identity=foo psk=abc123 extended_ms=1" \
7611 0 \
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02007612 -c "session hash for extended master secret"\
7613 -s "session hash for extended master secret"\
Dave Rodgmane5b828c2021-06-29 19:05:34 +01007614 -S "SSL - The handshake negotiation failed" \
Hanno Becker28c79dc2018-10-26 13:15:08 +01007615 -S "SSL - Unknown identity received" \
7616 -S "SSL - Verification of the message MAC failed"
7617
7618requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Jerry Yuab082902021-12-23 18:02:22 +08007619requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Przemek Stekielb270b562022-04-06 13:12:48 +02007620run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback" \
7621 "$P_SRV extended_ms=0 debug_level=5 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA" \
7622 "$P_CLI extended_ms=0 debug_level=5 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
7623 psk_identity=foo psk=abc123" \
7624 0 \
Przemek Stekielb270b562022-04-06 13:12:48 +02007625 -C "session hash for extended master secret"\
7626 -S "session hash for extended master secret"\
7627 -S "SSL - The handshake negotiation failed" \
7628 -S "SSL - Unknown identity received" \
7629 -S "SSL - Verification of the message MAC failed"
7630
7631requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7632requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7633run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback, SHA-384" \
7634 "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384" \
7635 "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
7636 psk_identity=foo psk=abc123" \
7637 0 \
Przemek Stekielb270b562022-04-06 13:12:48 +02007638 -C "session hash for extended master secret"\
7639 -S "session hash for extended master secret"\
7640 -S "SSL - The handshake negotiation failed" \
7641 -S "SSL - Unknown identity received" \
7642 -S "SSL - Verification of the message MAC failed"
7643
7644requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7645requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7646run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback, EMS" \
7647 "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 \
7648 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
7649 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
7650 psk_identity=foo psk=abc123 extended_ms=1" \
7651 0 \
7652 -c "session hash for extended master secret"\
7653 -s "session hash for extended master secret"\
Przemek Stekielb270b562022-04-06 13:12:48 +02007654 -S "SSL - The handshake negotiation failed" \
7655 -S "SSL - Unknown identity received" \
7656 -S "SSL - Verification of the message MAC failed"
7657
7658requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7659requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7660run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback, EMS, SHA384" \
7661 "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 \
7662 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
7663 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
7664 psk_identity=foo psk=abc123 extended_ms=1" \
7665 0 \
7666 -c "session hash for extended master secret"\
7667 -s "session hash for extended master secret"\
Przemek Stekielb270b562022-04-06 13:12:48 +02007668 -S "SSL - The handshake negotiation failed" \
7669 -S "SSL - Unknown identity received" \
7670 -S "SSL - Verification of the message MAC failed"
7671
7672requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7673requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Przemek Stekielb6a05032022-04-14 10:22:18 +02007674run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback" \
7675 "$P_SRV extended_ms=0 debug_level=5 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA" \
7676 "$P_CLI extended_ms=0 debug_level=5 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \
7677 psk_identity=foo psk=abc123" \
7678 0 \
Przemek Stekielb6a05032022-04-14 10:22:18 +02007679 -C "session hash for extended master secret"\
7680 -S "session hash for extended master secret"\
7681 -S "SSL - The handshake negotiation failed" \
7682 -S "SSL - Unknown identity received" \
7683 -S "SSL - Verification of the message MAC failed"
7684
7685requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7686requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7687run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback, SHA-384" \
7688 "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384" \
7689 "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
7690 psk_identity=foo psk=abc123" \
7691 0 \
Przemek Stekielb6a05032022-04-14 10:22:18 +02007692 -C "session hash for extended master secret"\
7693 -S "session hash for extended master secret"\
7694 -S "SSL - The handshake negotiation failed" \
7695 -S "SSL - Unknown identity received" \
7696 -S "SSL - Verification of the message MAC failed"
7697
7698requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7699requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7700run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback, EMS" \
7701 "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 \
7702 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
7703 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \
7704 psk_identity=foo psk=abc123 extended_ms=1" \
7705 0 \
7706 -c "session hash for extended master secret"\
7707 -s "session hash for extended master secret"\
Przemek Stekielb6a05032022-04-14 10:22:18 +02007708 -S "SSL - The handshake negotiation failed" \
7709 -S "SSL - Unknown identity received" \
7710 -S "SSL - Verification of the message MAC failed"
7711
7712requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7713requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7714run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback, EMS, SHA384" \
7715 "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 \
7716 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
7717 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
7718 psk_identity=foo psk=abc123 extended_ms=1" \
7719 0 \
7720 -c "session hash for extended master secret"\
7721 -s "session hash for extended master secret"\
Przemek Stekielb6a05032022-04-14 10:22:18 +02007722 -S "SSL - The handshake negotiation failed" \
7723 -S "SSL - Unknown identity received" \
7724 -S "SSL - Verification of the message MAC failed"
7725
7726requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7727requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Przemek Stekiel85d46fe2022-04-19 12:47:48 +02007728run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback" \
7729 "$P_SRV extended_ms=0 debug_level=5 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA" \
7730 "$P_CLI extended_ms=0 debug_level=5 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
7731 psk_identity=foo psk=abc123" \
7732 0 \
Przemek Stekiel85d46fe2022-04-19 12:47:48 +02007733 -C "session hash for extended master secret"\
7734 -S "session hash for extended master secret"\
7735 -S "SSL - The handshake negotiation failed" \
7736 -S "SSL - Unknown identity received" \
7737 -S "SSL - Verification of the message MAC failed"
7738
7739requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7740requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7741run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback, SHA-384" \
7742 "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384" \
7743 "$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
7744 psk_identity=foo psk=abc123" \
7745 0 \
Przemek Stekiel85d46fe2022-04-19 12:47:48 +02007746 -C "session hash for extended master secret"\
7747 -S "session hash for extended master secret"\
7748 -S "SSL - The handshake negotiation failed" \
7749 -S "SSL - Unknown identity received" \
7750 -S "SSL - Verification of the message MAC failed"
7751
7752requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7753requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7754run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback, EMS" \
7755 "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 \
7756 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
7757 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
7758 psk_identity=foo psk=abc123 extended_ms=1" \
7759 0 \
7760 -c "session hash for extended master secret"\
7761 -s "session hash for extended master secret"\
Przemek Stekiel85d46fe2022-04-19 12:47:48 +02007762 -S "SSL - The handshake negotiation failed" \
7763 -S "SSL - Unknown identity received" \
7764 -S "SSL - Verification of the message MAC failed"
7765
7766requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7767requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7768run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback, EMS, SHA384" \
7769 "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 \
7770 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
7771 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
7772 psk_identity=foo psk=abc123 extended_ms=1" \
7773 0 \
7774 -c "session hash for extended master secret"\
7775 -s "session hash for extended master secret"\
Przemek Stekiel85d46fe2022-04-19 12:47:48 +02007776 -S "SSL - The handshake negotiation failed" \
7777 -S "SSL - Unknown identity received" \
7778 -S "SSL - Verification of the message MAC failed"
7779
7780requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7781requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker28c79dc2018-10-26 13:15:08 +01007782run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback" \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +00007783 "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
7784 "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
Hanno Becker28c79dc2018-10-26 13:15:08 +01007785 psk_identity=def psk=beef" \
7786 0 \
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02007787 -C "session hash for extended master secret"\
7788 -S "session hash for extended master secret"\
Dave Rodgmane5b828c2021-06-29 19:05:34 +01007789 -S "SSL - The handshake negotiation failed" \
Hanno Becker28c79dc2018-10-26 13:15:08 +01007790 -S "SSL - Unknown identity received" \
7791 -S "SSL - Verification of the message MAC failed"
7792
7793requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Jerry Yuab082902021-12-23 18:02:22 +08007794requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker28c79dc2018-10-26 13:15:08 +01007795run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, SHA-384" \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +00007796 "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \
7797 "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
Hanno Becker28c79dc2018-10-26 13:15:08 +01007798 psk_identity=def psk=beef" \
7799 0 \
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02007800 -C "session hash for extended master secret"\
7801 -S "session hash for extended master secret"\
Dave Rodgmane5b828c2021-06-29 19:05:34 +01007802 -S "SSL - The handshake negotiation failed" \
Hanno Becker28c79dc2018-10-26 13:15:08 +01007803 -S "SSL - Unknown identity received" \
7804 -S "SSL - Verification of the message MAC failed"
7805
7806requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Jerry Yuab082902021-12-23 18:02:22 +08007807requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker28c79dc2018-10-26 13:15:08 +01007808run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, EMS" \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +00007809 "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \
Hanno Becker28c79dc2018-10-26 13:15:08 +01007810 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +00007811 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
Hanno Becker28c79dc2018-10-26 13:15:08 +01007812 psk_identity=abc psk=dead extended_ms=1" \
7813 0 \
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02007814 -c "session hash for extended master secret"\
7815 -s "session hash for extended master secret"\
Dave Rodgmane5b828c2021-06-29 19:05:34 +01007816 -S "SSL - The handshake negotiation failed" \
Hanno Becker28c79dc2018-10-26 13:15:08 +01007817 -S "SSL - Unknown identity received" \
7818 -S "SSL - Verification of the message MAC failed"
7819
7820requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Jerry Yuab082902021-12-23 18:02:22 +08007821requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker28c79dc2018-10-26 13:15:08 +01007822run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, EMS, SHA384" \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +00007823 "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \
Hanno Becker28c79dc2018-10-26 13:15:08 +01007824 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +00007825 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
Hanno Becker28c79dc2018-10-26 13:15:08 +01007826 psk_identity=abc psk=dead extended_ms=1" \
7827 0 \
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02007828 -c "session hash for extended master secret"\
7829 -s "session hash for extended master secret"\
Dave Rodgmane5b828c2021-06-29 19:05:34 +01007830 -S "SSL - The handshake negotiation failed" \
Hanno Becker28c79dc2018-10-26 13:15:08 +01007831 -S "SSL - Unknown identity received" \
7832 -S "SSL - Verification of the message MAC failed"
7833
7834requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Jerry Yuab082902021-12-23 18:02:22 +08007835requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Przemek Stekielb270b562022-04-06 13:12:48 +02007836run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from callback" \
7837 "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA" \
7838 "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
7839 psk_identity=def psk=beef" \
7840 0 \
Przemek Stekielb270b562022-04-06 13:12:48 +02007841 -C "session hash for extended master secret"\
7842 -S "session hash for extended master secret"\
7843 -S "SSL - The handshake negotiation failed" \
7844 -S "SSL - Unknown identity received" \
7845 -S "SSL - Verification of the message MAC failed"
7846
7847requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7848requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7849run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from callback, SHA-384" \
7850 "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384" \
7851 "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
7852 psk_identity=def psk=beef" \
7853 0 \
Przemek Stekielb270b562022-04-06 13:12:48 +02007854 -C "session hash for extended master secret"\
7855 -S "session hash for extended master secret"\
7856 -S "SSL - The handshake negotiation failed" \
7857 -S "SSL - Unknown identity received" \
7858 -S "SSL - Verification of the message MAC failed"
7859
7860requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7861requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7862run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from callback, EMS" \
7863 "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \
7864 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
7865 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
7866 psk_identity=abc psk=dead extended_ms=1" \
7867 0 \
7868 -c "session hash for extended master secret"\
7869 -s "session hash for extended master secret"\
Przemek Stekielb270b562022-04-06 13:12:48 +02007870 -S "SSL - The handshake negotiation failed" \
7871 -S "SSL - Unknown identity received" \
7872 -S "SSL - Verification of the message MAC failed"
7873
7874requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7875requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7876run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from callback, EMS, SHA384" \
7877 "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \
7878 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
7879 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
7880 psk_identity=abc psk=dead extended_ms=1" \
7881 0 \
7882 -c "session hash for extended master secret"\
7883 -s "session hash for extended master secret"\
Przemek Stekielb270b562022-04-06 13:12:48 +02007884 -S "SSL - The handshake negotiation failed" \
7885 -S "SSL - Unknown identity received" \
7886 -S "SSL - Verification of the message MAC failed"
7887
7888requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7889requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Przemek Stekielb6a05032022-04-14 10:22:18 +02007890run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK from callback" \
7891 "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA" \
7892 "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \
7893 psk_identity=def psk=beef" \
7894 0 \
Przemek Stekielb6a05032022-04-14 10:22:18 +02007895 -C "session hash for extended master secret"\
7896 -S "session hash for extended master secret"\
7897 -S "SSL - The handshake negotiation failed" \
7898 -S "SSL - Unknown identity received" \
7899 -S "SSL - Verification of the message MAC failed"
7900
7901requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7902requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7903run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK from callback, SHA-384" \
7904 "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384" \
7905 "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
7906 psk_identity=def psk=beef" \
7907 0 \
Przemek Stekielb6a05032022-04-14 10:22:18 +02007908 -C "session hash for extended master secret"\
7909 -S "session hash for extended master secret"\
7910 -S "SSL - The handshake negotiation failed" \
7911 -S "SSL - Unknown identity received" \
7912 -S "SSL - Verification of the message MAC failed"
7913
7914requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7915requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7916run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK from callback, EMS" \
7917 "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \
7918 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
7919 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \
7920 psk_identity=abc psk=dead extended_ms=1" \
7921 0 \
7922 -c "session hash for extended master secret"\
7923 -s "session hash for extended master secret"\
Przemek Stekielb6a05032022-04-14 10:22:18 +02007924 -S "SSL - The handshake negotiation failed" \
7925 -S "SSL - Unknown identity received" \
7926 -S "SSL - Verification of the message MAC failed"
7927
7928requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7929requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7930run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK from callback, EMS, SHA384" \
7931 "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \
7932 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
7933 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
7934 psk_identity=abc psk=dead extended_ms=1" \
7935 0 \
7936 -c "session hash for extended master secret"\
7937 -s "session hash for extended master secret"\
Przemek Stekielb6a05032022-04-14 10:22:18 +02007938 -S "SSL - The handshake negotiation failed" \
7939 -S "SSL - Unknown identity received" \
7940 -S "SSL - Verification of the message MAC failed"
7941
7942requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7943requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Przemek Stekiel85d46fe2022-04-19 12:47:48 +02007944run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from callback" \
7945 "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA" \
7946 "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
7947 psk_identity=def psk=beef" \
7948 0 \
Przemek Stekiel85d46fe2022-04-19 12:47:48 +02007949 -C "session hash for extended master secret"\
7950 -S "session hash for extended master secret"\
7951 -S "SSL - The handshake negotiation failed" \
7952 -S "SSL - Unknown identity received" \
7953 -S "SSL - Verification of the message MAC failed"
7954
7955requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7956requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7957run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from callback, SHA-384" \
7958 "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384" \
7959 "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
7960 psk_identity=def psk=beef" \
7961 0 \
Przemek Stekiel85d46fe2022-04-19 12:47:48 +02007962 -C "session hash for extended master secret"\
7963 -S "session hash for extended master secret"\
7964 -S "SSL - The handshake negotiation failed" \
7965 -S "SSL - Unknown identity received" \
7966 -S "SSL - Verification of the message MAC failed"
7967
7968requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7969requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7970run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from callback, EMS" \
7971 "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \
7972 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
7973 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
7974 psk_identity=abc psk=dead extended_ms=1" \
7975 0 \
7976 -c "session hash for extended master secret"\
7977 -s "session hash for extended master secret"\
Przemek Stekiel85d46fe2022-04-19 12:47:48 +02007978 -S "SSL - The handshake negotiation failed" \
7979 -S "SSL - Unknown identity received" \
7980 -S "SSL - Verification of the message MAC failed"
7981
7982requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7983requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7984run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from callback, EMS, SHA384" \
7985 "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \
7986 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
7987 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
7988 psk_identity=abc psk=dead extended_ms=1" \
7989 0 \
7990 -c "session hash for extended master secret"\
7991 -s "session hash for extended master secret"\
Przemek Stekiel85d46fe2022-04-19 12:47:48 +02007992 -S "SSL - The handshake negotiation failed" \
7993 -S "SSL - Unknown identity received" \
7994 -S "SSL - Verification of the message MAC failed"
7995
7996requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
7997requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker28c79dc2018-10-26 13:15:08 +01007998run_test "PSK callback: raw psk on client, mismatching static raw PSK on server, opaque PSK from callback" \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +00007999 "$P_SRV extended_ms=0 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
8000 "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
Hanno Becker28c79dc2018-10-26 13:15:08 +01008001 psk_identity=def psk=beef" \
8002 0 \
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02008003 -C "session hash for extended master secret"\
8004 -S "session hash for extended master secret"\
Dave Rodgmane5b828c2021-06-29 19:05:34 +01008005 -S "SSL - The handshake negotiation failed" \
Hanno Becker28c79dc2018-10-26 13:15:08 +01008006 -S "SSL - Unknown identity received" \
8007 -S "SSL - Verification of the message MAC failed"
8008
8009requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Jerry Yuab082902021-12-23 18:02:22 +08008010requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker28c79dc2018-10-26 13:15:08 +01008011run_test "PSK callback: raw psk on client, mismatching static opaque PSK on server, opaque PSK from callback" \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +00008012 "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
8013 "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
Hanno Becker28c79dc2018-10-26 13:15:08 +01008014 psk_identity=def psk=beef" \
8015 0 \
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02008016 -C "session hash for extended master secret"\
8017 -S "session hash for extended master secret"\
Dave Rodgmane5b828c2021-06-29 19:05:34 +01008018 -S "SSL - The handshake negotiation failed" \
Hanno Becker28c79dc2018-10-26 13:15:08 +01008019 -S "SSL - Unknown identity received" \
8020 -S "SSL - Verification of the message MAC failed"
8021
8022requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Jerry Yuab082902021-12-23 18:02:22 +08008023requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker28c79dc2018-10-26 13:15:08 +01008024run_test "PSK callback: raw psk on client, mismatching static opaque PSK on server, raw PSK from callback" \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +00008025 "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
8026 "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
Hanno Becker28c79dc2018-10-26 13:15:08 +01008027 psk_identity=def psk=beef" \
8028 0 \
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02008029 -C "session hash for extended master secret"\
8030 -S "session hash for extended master secret"\
Dave Rodgmane5b828c2021-06-29 19:05:34 +01008031 -S "SSL - The handshake negotiation failed" \
Hanno Becker28c79dc2018-10-26 13:15:08 +01008032 -S "SSL - Unknown identity received" \
8033 -S "SSL - Verification of the message MAC failed"
8034
8035requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Jerry Yuab082902021-12-23 18:02:22 +08008036requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker28c79dc2018-10-26 13:15:08 +01008037run_test "PSK callback: raw psk on client, id-matching but wrong raw PSK on server, opaque PSK from callback" \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +00008038 "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
8039 "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
Hanno Becker28c79dc2018-10-26 13:15:08 +01008040 psk_identity=def psk=beef" \
8041 0 \
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02008042 -C "session hash for extended master secret"\
8043 -S "session hash for extended master secret"\
Dave Rodgmane5b828c2021-06-29 19:05:34 +01008044 -S "SSL - The handshake negotiation failed" \
Hanno Becker28c79dc2018-10-26 13:15:08 +01008045 -S "SSL - Unknown identity received" \
8046 -S "SSL - Verification of the message MAC failed"
8047
8048requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Jerry Yuab082902021-12-23 18:02:22 +08008049requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker28c79dc2018-10-26 13:15:08 +01008050run_test "PSK callback: raw psk on client, matching opaque PSK on server, wrong opaque PSK from callback" \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +00008051 "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=beef debug_level=3 psk_list=abc,dead,def,abc123 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
8052 "$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
Hanno Becker28c79dc2018-10-26 13:15:08 +01008053 psk_identity=def psk=beef" \
8054 1 \
8055 -s "SSL - Verification of the message MAC failed"
8056
Jerry Yuab082902021-12-23 18:02:22 +08008057requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02008058run_test "PSK callback: no psk, no callback" \
Manuel Pégourié-Gonnard10c3c9f2014-06-10 15:28:52 +02008059 "$P_SRV" \
8060 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
8061 psk_identity=foo psk=abc123" \
8062 1 \
Dave Rodgman6ce10be2021-06-29 14:20:31 +01008063 -s "SSL - The handshake negotiation failed" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02008064 -S "SSL - Unknown identity received" \
8065 -S "SSL - Verification of the message MAC failed"
8066
Jerry Yuab082902021-12-23 18:02:22 +08008067requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02008068run_test "PSK callback: callback overrides other settings" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02008069 "$P_SRV psk=abc123 psk_identity=foo psk_list=abc,dead,def,beef" \
8070 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
8071 psk_identity=foo psk=abc123" \
8072 1 \
Dave Rodgmane5b828c2021-06-29 19:05:34 +01008073 -S "SSL - The handshake negotiation failed" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02008074 -s "SSL - Unknown identity received" \
8075 -S "SSL - Verification of the message MAC failed"
8076
Jerry Yuab082902021-12-23 18:02:22 +08008077requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02008078run_test "PSK callback: first id matches" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02008079 "$P_SRV psk_list=abc,dead,def,beef" \
8080 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
8081 psk_identity=abc psk=dead" \
8082 0 \
Dave Rodgmane5b828c2021-06-29 19:05:34 +01008083 -S "SSL - The handshake negotiation failed" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02008084 -S "SSL - Unknown identity received" \
8085 -S "SSL - Verification of the message MAC failed"
8086
Jerry Yuab082902021-12-23 18:02:22 +08008087requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02008088run_test "PSK callback: second id matches" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02008089 "$P_SRV psk_list=abc,dead,def,beef" \
8090 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
8091 psk_identity=def psk=beef" \
8092 0 \
Dave Rodgmane5b828c2021-06-29 19:05:34 +01008093 -S "SSL - The handshake negotiation failed" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02008094 -S "SSL - Unknown identity received" \
8095 -S "SSL - Verification of the message MAC failed"
8096
Jerry Yuab082902021-12-23 18:02:22 +08008097requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02008098run_test "PSK callback: no match" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02008099 "$P_SRV psk_list=abc,dead,def,beef" \
8100 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
8101 psk_identity=ghi psk=beef" \
8102 1 \
Dave Rodgmane5b828c2021-06-29 19:05:34 +01008103 -S "SSL - The handshake negotiation failed" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02008104 -s "SSL - Unknown identity received" \
8105 -S "SSL - Verification of the message MAC failed"
8106
Jerry Yuab082902021-12-23 18:02:22 +08008107requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02008108run_test "PSK callback: wrong key" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02008109 "$P_SRV psk_list=abc,dead,def,beef" \
8110 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
8111 psk_identity=abc psk=beef" \
8112 1 \
Dave Rodgmane5b828c2021-06-29 19:05:34 +01008113 -S "SSL - The handshake negotiation failed" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02008114 -S "SSL - Unknown identity received" \
8115 -s "SSL - Verification of the message MAC failed"
Manuel Pégourié-Gonnard0cc7e312014-06-09 11:36:47 +02008116
Manuel Pégourié-Gonnarde511b4e2015-09-16 14:11:09 +02008117# Tests for EC J-PAKE
8118
Hanno Beckerfa452c42020-08-14 15:42:49 +01008119requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
Jerry Yuab082902021-12-23 18:02:22 +08008120requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnarde511b4e2015-09-16 14:11:09 +02008121run_test "ECJPAKE: client not configured" \
8122 "$P_SRV debug_level=3" \
8123 "$P_CLI debug_level=3" \
8124 0 \
Hanno Beckeree63af62020-08-14 15:41:23 +01008125 -C "add ciphersuite: 0xc0ff" \
Manuel Pégourié-Gonnarde511b4e2015-09-16 14:11:09 +02008126 -C "adding ecjpake_kkpp extension" \
Manuel Pégourié-Gonnardbf57be62015-09-16 15:04:01 +02008127 -S "found ecjpake kkpp extension" \
8128 -S "skip ecjpake kkpp extension" \
Manuel Pégourié-Gonnarde511b4e2015-09-16 14:11:09 +02008129 -S "ciphersuite mismatch: ecjpake not configured" \
Manuel Pégourié-Gonnard55c7f992015-09-16 15:35:27 +02008130 -S "server hello, ecjpake kkpp extension" \
Manuel Pégourié-Gonnard0a1324a2015-09-16 16:01:00 +02008131 -C "found ecjpake_kkpp extension" \
Dave Rodgman737237f2021-06-29 19:07:57 +01008132 -S "SSL - The handshake negotiation failed"
Manuel Pégourié-Gonnarde511b4e2015-09-16 14:11:09 +02008133
Hanno Beckerfa452c42020-08-14 15:42:49 +01008134requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
Jerry Yuab082902021-12-23 18:02:22 +08008135requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnarde511b4e2015-09-16 14:11:09 +02008136run_test "ECJPAKE: server not configured" \
8137 "$P_SRV debug_level=3" \
8138 "$P_CLI debug_level=3 ecjpake_pw=bla \
8139 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
8140 1 \
Ronald Cron7320e642022-03-08 13:34:49 +01008141 -c "add ciphersuite: c0ff" \
Manuel Pégourié-Gonnarde511b4e2015-09-16 14:11:09 +02008142 -c "adding ecjpake_kkpp extension" \
Manuel Pégourié-Gonnardbf57be62015-09-16 15:04:01 +02008143 -s "found ecjpake kkpp extension" \
8144 -s "skip ecjpake kkpp extension" \
Manuel Pégourié-Gonnarde511b4e2015-09-16 14:11:09 +02008145 -s "ciphersuite mismatch: ecjpake not configured" \
Manuel Pégourié-Gonnard55c7f992015-09-16 15:35:27 +02008146 -S "server hello, ecjpake kkpp extension" \
Manuel Pégourié-Gonnard0a1324a2015-09-16 16:01:00 +02008147 -C "found ecjpake_kkpp extension" \
Dave Rodgman737237f2021-06-29 19:07:57 +01008148 -s "SSL - The handshake negotiation failed"
Manuel Pégourié-Gonnarde511b4e2015-09-16 14:11:09 +02008149
Valerio Settif11e05a2022-12-07 15:41:05 +01008150# Note: if the name of this test is changed, then please adjust the corresponding
8151# filtering label in "test_tls1_2_ecjpake_compatibility" (in "all.sh")
Hanno Beckerfa452c42020-08-14 15:42:49 +01008152requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
Jerry Yuab082902021-12-23 18:02:22 +08008153requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnardbf57be62015-09-16 15:04:01 +02008154run_test "ECJPAKE: working, TLS" \
8155 "$P_SRV debug_level=3 ecjpake_pw=bla" \
8156 "$P_CLI debug_level=3 ecjpake_pw=bla \
8157 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
Manuel Pégourié-Gonnard0f1660a2015-09-16 22:41:06 +02008158 0 \
Ronald Cron7320e642022-03-08 13:34:49 +01008159 -c "add ciphersuite: c0ff" \
Manuel Pégourié-Gonnardbf57be62015-09-16 15:04:01 +02008160 -c "adding ecjpake_kkpp extension" \
Manuel Pégourié-Gonnardd0d8cb32015-09-17 14:16:30 +02008161 -C "re-using cached ecjpake parameters" \
Manuel Pégourié-Gonnardbf57be62015-09-16 15:04:01 +02008162 -s "found ecjpake kkpp extension" \
8163 -S "skip ecjpake kkpp extension" \
8164 -S "ciphersuite mismatch: ecjpake not configured" \
Manuel Pégourié-Gonnard55c7f992015-09-16 15:35:27 +02008165 -s "server hello, ecjpake kkpp extension" \
Manuel Pégourié-Gonnard0a1324a2015-09-16 16:01:00 +02008166 -c "found ecjpake_kkpp extension" \
Dave Rodgman737237f2021-06-29 19:07:57 +01008167 -S "SSL - The handshake negotiation failed" \
Manuel Pégourié-Gonnard921f2d02015-09-16 22:52:18 +02008168 -S "SSL - Verification of the message MAC failed"
8169
Valerio Settid572a822022-11-28 18:27:51 +01008170requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
Valerio Settia6b69da2022-11-30 16:44:49 +01008171requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Valerio Settid572a822022-11-28 18:27:51 +01008172requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Valerio Setti70e02902022-12-02 16:21:56 +01008173run_test "ECJPAKE: opaque password client+server, working, TLS" \
Valerio Settid572a822022-11-28 18:27:51 +01008174 "$P_SRV debug_level=3 ecjpake_pw=bla ecjpake_pw_opaque=1" \
8175 "$P_CLI debug_level=3 ecjpake_pw=bla ecjpake_pw_opaque=1\
8176 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
8177 0 \
8178 -c "add ciphersuite: c0ff" \
8179 -c "adding ecjpake_kkpp extension" \
Valerio Setti661b9bc2022-11-29 17:19:25 +01008180 -c "using opaque password" \
8181 -s "using opaque password" \
Valerio Settid572a822022-11-28 18:27:51 +01008182 -C "re-using cached ecjpake parameters" \
8183 -s "found ecjpake kkpp extension" \
8184 -S "skip ecjpake kkpp extension" \
8185 -S "ciphersuite mismatch: ecjpake not configured" \
8186 -s "server hello, ecjpake kkpp extension" \
8187 -c "found ecjpake_kkpp extension" \
8188 -S "SSL - The handshake negotiation failed" \
8189 -S "SSL - Verification of the message MAC failed"
8190
Valerio Settif11e05a2022-12-07 15:41:05 +01008191# Note: if the name of this test is changed, then please adjust the corresponding
8192# filtering label in "test_tls1_2_ecjpake_compatibility" (in "all.sh")
Valerio Settib287ddf2022-12-01 16:18:12 +01008193requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
8194requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
8195requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Valerio Setti70e02902022-12-02 16:21:56 +01008196run_test "ECJPAKE: opaque password client only, working, TLS" \
Valerio Settib287ddf2022-12-01 16:18:12 +01008197 "$P_SRV debug_level=3 ecjpake_pw=bla" \
8198 "$P_CLI debug_level=3 ecjpake_pw=bla ecjpake_pw_opaque=1\
8199 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
8200 0 \
8201 -c "add ciphersuite: c0ff" \
8202 -c "adding ecjpake_kkpp extension" \
8203 -c "using opaque password" \
8204 -S "using opaque password" \
8205 -C "re-using cached ecjpake parameters" \
8206 -s "found ecjpake kkpp extension" \
8207 -S "skip ecjpake kkpp extension" \
8208 -S "ciphersuite mismatch: ecjpake not configured" \
8209 -s "server hello, ecjpake kkpp extension" \
8210 -c "found ecjpake_kkpp extension" \
8211 -S "SSL - The handshake negotiation failed" \
8212 -S "SSL - Verification of the message MAC failed"
8213
Valerio Settif11e05a2022-12-07 15:41:05 +01008214# Note: if the name of this test is changed, then please adjust the corresponding
8215# filtering label in "test_tls1_2_ecjpake_compatibility" (in "all.sh")
Valerio Settib287ddf2022-12-01 16:18:12 +01008216requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
8217requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
8218requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Valerio Setti70e02902022-12-02 16:21:56 +01008219run_test "ECJPAKE: opaque password server only, working, TLS" \
Valerio Settib287ddf2022-12-01 16:18:12 +01008220 "$P_SRV debug_level=3 ecjpake_pw=bla ecjpake_pw_opaque=1" \
8221 "$P_CLI debug_level=3 ecjpake_pw=bla\
8222 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
8223 0 \
8224 -c "add ciphersuite: c0ff" \
8225 -c "adding ecjpake_kkpp extension" \
8226 -C "using opaque password" \
8227 -s "using opaque password" \
8228 -C "re-using cached ecjpake parameters" \
8229 -s "found ecjpake kkpp extension" \
8230 -S "skip ecjpake kkpp extension" \
8231 -S "ciphersuite mismatch: ecjpake not configured" \
8232 -s "server hello, ecjpake kkpp extension" \
8233 -c "found ecjpake_kkpp extension" \
8234 -S "SSL - The handshake negotiation failed" \
8235 -S "SSL - Verification of the message MAC failed"
8236
Janos Follath74537a62016-09-02 13:45:28 +01008237server_needs_more_time 1
Dave Rodgmanbec7caf2021-06-29 19:05:34 +01008238requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
Jerry Yuab082902021-12-23 18:02:22 +08008239requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard921f2d02015-09-16 22:52:18 +02008240run_test "ECJPAKE: password mismatch, TLS" \
8241 "$P_SRV debug_level=3 ecjpake_pw=bla" \
8242 "$P_CLI debug_level=3 ecjpake_pw=bad \
8243 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
8244 1 \
Manuel Pégourié-Gonnardd0d8cb32015-09-17 14:16:30 +02008245 -C "re-using cached ecjpake parameters" \
Manuel Pégourié-Gonnard921f2d02015-09-16 22:52:18 +02008246 -s "SSL - Verification of the message MAC failed"
8247
Valerio Settib287ddf2022-12-01 16:18:12 +01008248server_needs_more_time 1
8249requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
8250requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
8251requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
8252run_test "ECJPAKE_OPAQUE_PW: opaque password mismatch, TLS" \
8253 "$P_SRV debug_level=3 ecjpake_pw=bla ecjpake_pw_opaque=1" \
8254 "$P_CLI debug_level=3 ecjpake_pw=bad ecjpake_pw_opaque=1 \
8255 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
8256 1 \
8257 -c "using opaque password" \
8258 -s "using opaque password" \
8259 -C "re-using cached ecjpake parameters" \
8260 -s "SSL - Verification of the message MAC failed"
8261
Dave Rodgmanbec7caf2021-06-29 19:05:34 +01008262requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
Jerry Yuab082902021-12-23 18:02:22 +08008263requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard921f2d02015-09-16 22:52:18 +02008264run_test "ECJPAKE: working, DTLS" \
8265 "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \
8266 "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bla \
8267 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
8268 0 \
Manuel Pégourié-Gonnardd0d8cb32015-09-17 14:16:30 +02008269 -c "re-using cached ecjpake parameters" \
8270 -S "SSL - Verification of the message MAC failed"
8271
Dave Rodgmanbec7caf2021-06-29 19:05:34 +01008272requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
Jerry Yuab082902021-12-23 18:02:22 +08008273requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnardd0d8cb32015-09-17 14:16:30 +02008274run_test "ECJPAKE: working, DTLS, no cookie" \
8275 "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla cookies=0" \
8276 "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bla \
8277 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
8278 0 \
8279 -C "re-using cached ecjpake parameters" \
Manuel Pégourié-Gonnard921f2d02015-09-16 22:52:18 +02008280 -S "SSL - Verification of the message MAC failed"
8281
Janos Follath74537a62016-09-02 13:45:28 +01008282server_needs_more_time 1
Dave Rodgmanbec7caf2021-06-29 19:05:34 +01008283requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
Jerry Yuab082902021-12-23 18:02:22 +08008284requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard921f2d02015-09-16 22:52:18 +02008285run_test "ECJPAKE: password mismatch, DTLS" \
8286 "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \
8287 "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bad \
8288 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
8289 1 \
Manuel Pégourié-Gonnardd0d8cb32015-09-17 14:16:30 +02008290 -c "re-using cached ecjpake parameters" \
Manuel Pégourié-Gonnard921f2d02015-09-16 22:52:18 +02008291 -s "SSL - Verification of the message MAC failed"
Manuel Pégourié-Gonnardbf57be62015-09-16 15:04:01 +02008292
Manuel Pégourié-Gonnardca700b22015-10-20 14:47:00 +02008293# for tests with configs/config-thread.h
Dave Rodgmanbec7caf2021-06-29 19:05:34 +01008294requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
Jerry Yuab082902021-12-23 18:02:22 +08008295requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnardca700b22015-10-20 14:47:00 +02008296run_test "ECJPAKE: working, DTLS, nolog" \
8297 "$P_SRV dtls=1 ecjpake_pw=bla" \
8298 "$P_CLI dtls=1 ecjpake_pw=bla \
8299 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
8300 0
8301
Manuel Pégourié-Gonnard4cc8c632015-07-23 12:24:03 +02008302# Test for ClientHello without extensions
8303
Manuel Pégourié-Gonnardd55bc202015-08-04 16:22:30 +02008304requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +08008305requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnardbc4da292020-01-30 12:45:14 +01008306run_test "ClientHello without extensions" \
Manuel Pégourié-Gonnard77cbeff2020-01-30 10:58:57 +01008307 "$P_SRV debug_level=3" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02008308 "$G_CLI --priority=NORMAL:%NO_EXTENSIONS:%DISABLE_SAFE_RENEGOTIATION localhost" \
Gilles Peskine5d2511c2017-05-12 13:16:40 +02008309 0 \
8310 -s "dumping 'client hello extensions' (0 bytes)"
8311
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02008312# Tests for mbedtls_ssl_get_bytes_avail()
Manuel Pégourié-Gonnard95c0a632014-06-11 18:32:36 +02008313
Gilles Peskined2d90af2022-04-06 23:35:56 +02008314# The server first reads buffer_size-1 bytes, then reads the remainder.
Jerry Yuab082902021-12-23 18:02:22 +08008315requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02008316run_test "mbedtls_ssl_get_bytes_avail: no extra data" \
Gilles Peskined2d90af2022-04-06 23:35:56 +02008317 "$P_SRV buffer_size=100" \
Manuel Pégourié-Gonnard95c0a632014-06-11 18:32:36 +02008318 "$P_CLI request_size=100" \
8319 0 \
8320 -s "Read from client: 100 bytes read$"
8321
Jerry Yuab082902021-12-23 18:02:22 +08008322requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskined2d90af2022-04-06 23:35:56 +02008323run_test "mbedtls_ssl_get_bytes_avail: extra data (+1)" \
8324 "$P_SRV buffer_size=100" \
8325 "$P_CLI request_size=101" \
Manuel Pégourié-Gonnard95c0a632014-06-11 18:32:36 +02008326 0 \
Gilles Peskined2d90af2022-04-06 23:35:56 +02008327 -s "Read from client: 101 bytes read (100 + 1)"
8328
8329requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
8330requires_max_content_len 200
8331run_test "mbedtls_ssl_get_bytes_avail: extra data (*2)" \
8332 "$P_SRV buffer_size=100" \
8333 "$P_CLI request_size=200" \
8334 0 \
8335 -s "Read from client: 200 bytes read (100 + 100)"
8336
8337requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
8338run_test "mbedtls_ssl_get_bytes_avail: extra data (max)" \
8339 "$P_SRV buffer_size=100" \
8340 "$P_CLI request_size=$MAX_CONTENT_LEN" \
8341 0 \
8342 -s "Read from client: $MAX_CONTENT_LEN bytes read (100 + $((MAX_CONTENT_LEN - 100)))"
Manuel Pégourié-Gonnard90805a82014-06-11 14:06:01 +02008343
Andrzej Kurekc19fc552018-06-19 09:37:30 -04008344# Tests for small client packets
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02008345
Andrzej Kurekc19fc552018-06-19 09:37:30 -04008346run_test "Small client packet TLS 1.2 BlockCipher" \
Ronald Cronf3b425b2022-03-17 16:45:09 +01008347 "$P_SRV force_version=tls12" \
8348 "$P_CLI request_size=1 \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02008349 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
8350 0 \
8351 -s "Read from client: 1 bytes read"
8352
Andrzej Kurekc19fc552018-06-19 09:37:30 -04008353run_test "Small client packet TLS 1.2 BlockCipher, without EtM" \
Ronald Cronf3b425b2022-03-17 16:45:09 +01008354 "$P_SRV force_version=tls12" \
8355 "$P_CLI request_size=1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00008356 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
Manuel Pégourié-Gonnard169dd6a2014-11-04 16:15:39 +01008357 0 \
8358 -s "Read from client: 1 bytes read"
8359
Andrzej Kurekc19fc552018-06-19 09:37:30 -04008360run_test "Small client packet TLS 1.2 BlockCipher larger MAC" \
Ronald Cronf3b425b2022-03-17 16:45:09 +01008361 "$P_SRV force_version=tls12" \
8362 "$P_CLI request_size=1 \
Manuel Pégourié-Gonnardc82ee352015-01-07 16:35:25 +01008363 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02008364 0 \
8365 -s "Read from client: 1 bytes read"
8366
Andrzej Kurekc19fc552018-06-19 09:37:30 -04008367run_test "Small client packet TLS 1.2 AEAD" \
Ronald Cronf3b425b2022-03-17 16:45:09 +01008368 "$P_SRV force_version=tls12" \
8369 "$P_CLI request_size=1 \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02008370 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
8371 0 \
8372 -s "Read from client: 1 bytes read"
8373
Andrzej Kurekc19fc552018-06-19 09:37:30 -04008374run_test "Small client packet TLS 1.2 AEAD shorter tag" \
Ronald Cronf3b425b2022-03-17 16:45:09 +01008375 "$P_SRV force_version=tls12" \
8376 "$P_CLI request_size=1 \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02008377 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
8378 0 \
8379 -s "Read from client: 1 bytes read"
8380
Ronald Cron928cbd32022-10-04 16:14:26 +02008381requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Crona4417c12022-06-23 16:06:28 +02008382run_test "Small client packet TLS 1.3 AEAD" \
8383 "$P_SRV force_version=tls13" \
8384 "$P_CLI request_size=1 \
8385 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \
8386 0 \
8387 -s "Read from client: 1 bytes read"
8388
Ronald Cron928cbd32022-10-04 16:14:26 +02008389requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Crona4417c12022-06-23 16:06:28 +02008390run_test "Small client packet TLS 1.3 AEAD shorter tag" \
8391 "$P_SRV force_version=tls13" \
8392 "$P_CLI request_size=1 \
8393 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \
8394 0 \
8395 -s "Read from client: 1 bytes read"
8396
Andrzej Kurekc19fc552018-06-19 09:37:30 -04008397# Tests for small client packets in DTLS
Hanno Beckere2148042017-11-10 08:59:18 +00008398
8399requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
Andrzej Kurekc19fc552018-06-19 09:37:30 -04008400run_test "Small client packet DTLS 1.2" \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +00008401 "$P_SRV dtls=1 force_version=dtls12" \
Hanno Beckere2148042017-11-10 08:59:18 +00008402 "$P_CLI dtls=1 request_size=1 \
8403 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
8404 0 \
8405 -s "Read from client: 1 bytes read"
8406
8407requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
Andrzej Kurekc19fc552018-06-19 09:37:30 -04008408run_test "Small client packet DTLS 1.2, without EtM" \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +00008409 "$P_SRV dtls=1 force_version=dtls12 etm=0" \
Hanno Beckere2148042017-11-10 08:59:18 +00008410 "$P_CLI dtls=1 request_size=1 \
8411 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
8412 0 \
8413 -s "Read from client: 1 bytes read"
8414
Andrzej Kurekc19fc552018-06-19 09:37:30 -04008415# Tests for small server packets
8416
Andrzej Kurekc19fc552018-06-19 09:37:30 -04008417run_test "Small server packet TLS 1.2 BlockCipher" \
Ronald Cronf3b425b2022-03-17 16:45:09 +01008418 "$P_SRV response_size=1 force_version=tls12" \
8419 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
Andrzej Kurekc19fc552018-06-19 09:37:30 -04008420 0 \
8421 -c "Read from server: 1 bytes read"
8422
8423run_test "Small server packet TLS 1.2 BlockCipher, without EtM" \
Ronald Cronf3b425b2022-03-17 16:45:09 +01008424 "$P_SRV response_size=1 force_version=tls12" \
8425 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
Andrzej Kurekc19fc552018-06-19 09:37:30 -04008426 0 \
8427 -c "Read from server: 1 bytes read"
8428
8429run_test "Small server packet TLS 1.2 BlockCipher larger MAC" \
Ronald Cronf3b425b2022-03-17 16:45:09 +01008430 "$P_SRV response_size=1 force_version=tls12" \
8431 "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
Andrzej Kurekc19fc552018-06-19 09:37:30 -04008432 0 \
8433 -c "Read from server: 1 bytes read"
8434
Andrzej Kurekc19fc552018-06-19 09:37:30 -04008435run_test "Small server packet TLS 1.2 AEAD" \
Ronald Cronf3b425b2022-03-17 16:45:09 +01008436 "$P_SRV response_size=1 force_version=tls12" \
8437 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
Andrzej Kurekc19fc552018-06-19 09:37:30 -04008438 0 \
8439 -c "Read from server: 1 bytes read"
8440
8441run_test "Small server packet TLS 1.2 AEAD shorter tag" \
Ronald Cronf3b425b2022-03-17 16:45:09 +01008442 "$P_SRV response_size=1 force_version=tls12" \
8443 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
Andrzej Kurekc19fc552018-06-19 09:37:30 -04008444 0 \
8445 -c "Read from server: 1 bytes read"
8446
Ronald Cron928cbd32022-10-04 16:14:26 +02008447requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Crona4417c12022-06-23 16:06:28 +02008448run_test "Small server packet TLS 1.3 AEAD" \
8449 "$P_SRV response_size=1 force_version=tls13" \
8450 "$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \
8451 0 \
8452 -c "Read from server: 1 bytes read"
8453
Ronald Cron928cbd32022-10-04 16:14:26 +02008454requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Crona4417c12022-06-23 16:06:28 +02008455run_test "Small server packet TLS 1.3 AEAD shorter tag" \
8456 "$P_SRV response_size=1 force_version=tls13" \
8457 "$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \
8458 0 \
8459 -c "Read from server: 1 bytes read"
8460
Andrzej Kurekc19fc552018-06-19 09:37:30 -04008461# Tests for small server packets in DTLS
8462
8463requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
Andrzej Kurekc19fc552018-06-19 09:37:30 -04008464run_test "Small server packet DTLS 1.2" \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +00008465 "$P_SRV dtls=1 response_size=1 force_version=dtls12" \
Andrzej Kurekc19fc552018-06-19 09:37:30 -04008466 "$P_CLI dtls=1 \
8467 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
8468 0 \
8469 -c "Read from server: 1 bytes read"
8470
8471requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8472run_test "Small server packet DTLS 1.2, without EtM" \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +00008473 "$P_SRV dtls=1 response_size=1 force_version=dtls12 etm=0" \
Andrzej Kurekc19fc552018-06-19 09:37:30 -04008474 "$P_CLI dtls=1 \
8475 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
8476 0 \
8477 -c "Read from server: 1 bytes read"
8478
Andrzej Kurek30e731d2017-10-12 13:50:29 +02008479# Test for large client packets
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02008480
Angus Grattonc4dd0732018-04-11 16:28:39 +10008481# How many fragments do we expect to write $1 bytes?
8482fragments_for_write() {
8483 echo "$(( ( $1 + $MAX_OUT_LEN - 1 ) / $MAX_OUT_LEN ))"
8484}
8485
Andrzej Kurek30e731d2017-10-12 13:50:29 +02008486run_test "Large client packet TLS 1.2 BlockCipher" \
Ronald Cronf3b425b2022-03-17 16:45:09 +01008487 "$P_SRV force_version=tls12" \
8488 "$P_CLI request_size=16384 \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02008489 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
8490 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10008491 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
8492 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02008493
Andrzej Kurek30e731d2017-10-12 13:50:29 +02008494run_test "Large client packet TLS 1.2 BlockCipher, without EtM" \
Ronald Cronf3b425b2022-03-17 16:45:09 +01008495 "$P_SRV force_version=tls12" \
8496 "$P_CLI request_size=16384 etm=0 \
Hanno Becker278fc7a2017-11-10 09:16:28 +00008497 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
8498 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10008499 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Hanno Becker278fc7a2017-11-10 09:16:28 +00008500
Andrzej Kurek30e731d2017-10-12 13:50:29 +02008501run_test "Large client packet TLS 1.2 BlockCipher larger MAC" \
Ronald Cronf3b425b2022-03-17 16:45:09 +01008502 "$P_SRV force_version=tls12" \
8503 "$P_CLI request_size=16384 \
Manuel Pégourié-Gonnardc82ee352015-01-07 16:35:25 +01008504 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02008505 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10008506 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
8507 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02008508
Andrzej Kurek30e731d2017-10-12 13:50:29 +02008509run_test "Large client packet TLS 1.2 AEAD" \
Ronald Cronf3b425b2022-03-17 16:45:09 +01008510 "$P_SRV force_version=tls12" \
8511 "$P_CLI request_size=16384 \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02008512 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
8513 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10008514 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
8515 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02008516
Andrzej Kurek30e731d2017-10-12 13:50:29 +02008517run_test "Large client packet TLS 1.2 AEAD shorter tag" \
Ronald Cronf3b425b2022-03-17 16:45:09 +01008518 "$P_SRV force_version=tls12" \
8519 "$P_CLI request_size=16384 \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02008520 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
8521 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10008522 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
8523 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02008524
Ronald Cron928cbd32022-10-04 16:14:26 +02008525requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Crona4417c12022-06-23 16:06:28 +02008526run_test "Large client packet TLS 1.3 AEAD" \
8527 "$P_SRV force_version=tls13" \
8528 "$P_CLI request_size=16384 \
8529 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \
8530 0 \
8531 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
8532 -s "Read from client: $MAX_CONTENT_LEN bytes read"
8533
Ronald Cron928cbd32022-10-04 16:14:26 +02008534requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Crona4417c12022-06-23 16:06:28 +02008535run_test "Large client packet TLS 1.3 AEAD shorter tag" \
8536 "$P_SRV force_version=tls13" \
8537 "$P_CLI request_size=16384 \
8538 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \
8539 0 \
8540 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
8541 -s "Read from client: $MAX_CONTENT_LEN bytes read"
8542
Yuto Takanobc87b1d2021-07-08 15:56:33 +01008543# The tests below fail when the server's OUT_CONTENT_LEN is less than 16384.
Andrzej Kurek30e731d2017-10-12 13:50:29 +02008544run_test "Large server packet TLS 1.2 BlockCipher" \
Ronald Cronf3b425b2022-03-17 16:45:09 +01008545 "$P_SRV response_size=16384 force_version=tls12" \
8546 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
Andrzej Kurek30e731d2017-10-12 13:50:29 +02008547 0 \
8548 -c "Read from server: 16384 bytes read"
8549
Andrzej Kurekc19fc552018-06-19 09:37:30 -04008550run_test "Large server packet TLS 1.2 BlockCipher, without EtM" \
Ronald Cronf3b425b2022-03-17 16:45:09 +01008551 "$P_SRV response_size=16384 force_version=tls12" \
8552 "$P_CLI etm=0 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
Andrzej Kurekc19fc552018-06-19 09:37:30 -04008553 0 \
8554 -s "16384 bytes written in 1 fragments" \
8555 -c "Read from server: 16384 bytes read"
8556
Andrzej Kurek30e731d2017-10-12 13:50:29 +02008557run_test "Large server packet TLS 1.2 BlockCipher larger MAC" \
Ronald Cronf3b425b2022-03-17 16:45:09 +01008558 "$P_SRV response_size=16384 force_version=tls12" \
8559 "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
Andrzej Kurek30e731d2017-10-12 13:50:29 +02008560 0 \
8561 -c "Read from server: 16384 bytes read"
8562
Andrzej Kurekc19fc552018-06-19 09:37:30 -04008563run_test "Large server packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
Ronald Cronf3b425b2022-03-17 16:45:09 +01008564 "$P_SRV response_size=16384 trunc_hmac=1 force_version=tls12" \
8565 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
Andrzej Kurekc19fc552018-06-19 09:37:30 -04008566 0 \
8567 -s "16384 bytes written in 1 fragments" \
8568 -c "Read from server: 16384 bytes read"
8569
Andrzej Kurek30e731d2017-10-12 13:50:29 +02008570run_test "Large server packet TLS 1.2 AEAD" \
Ronald Cronf3b425b2022-03-17 16:45:09 +01008571 "$P_SRV response_size=16384 force_version=tls12" \
8572 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
Andrzej Kurek30e731d2017-10-12 13:50:29 +02008573 0 \
8574 -c "Read from server: 16384 bytes read"
8575
8576run_test "Large server packet TLS 1.2 AEAD shorter tag" \
Ronald Cronf3b425b2022-03-17 16:45:09 +01008577 "$P_SRV response_size=16384 force_version=tls12" \
8578 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
Andrzej Kurek30e731d2017-10-12 13:50:29 +02008579 0 \
8580 -c "Read from server: 16384 bytes read"
8581
Ronald Cron928cbd32022-10-04 16:14:26 +02008582requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Crona4417c12022-06-23 16:06:28 +02008583run_test "Large server packet TLS 1.3 AEAD" \
8584 "$P_SRV response_size=16384 force_version=tls13" \
8585 "$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \
8586 0 \
8587 -c "Read from server: 16384 bytes read"
8588
Ronald Cron928cbd32022-10-04 16:14:26 +02008589requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Crona4417c12022-06-23 16:06:28 +02008590run_test "Large server packet TLS 1.3 AEAD shorter tag" \
8591 "$P_SRV response_size=16384 force_version=tls13" \
8592 "$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \
8593 0 \
8594 -c "Read from server: 16384 bytes read"
8595
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02008596# Tests for restartable ECC
8597
Gilles Peskine4a02cef2021-06-03 11:12:40 +02008598# Force the use of a curve that supports restartable ECC (secp256r1).
8599
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02008600requires_config_enabled MBEDTLS_ECP_RESTARTABLE
Gilles Peskine4a02cef2021-06-03 11:12:40 +02008601requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
Jerry Yuab082902021-12-23 18:02:22 +08008602requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02008603run_test "EC restart: TLS, default" \
Gilles Peskine4a02cef2021-06-03 11:12:40 +02008604 "$P_SRV curves=secp256r1 auth_mode=required" \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02008605 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02008606 key_file=data_files/server5.key crt_file=data_files/server5.crt \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02008607 debug_level=1" \
8608 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02008609 -C "x509_verify_cert.*4b00" \
8610 -C "mbedtls_pk_verify.*4b00" \
8611 -C "mbedtls_ecdh_make_public.*4b00" \
8612 -C "mbedtls_pk_sign.*4b00"
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02008613
8614requires_config_enabled MBEDTLS_ECP_RESTARTABLE
Gilles Peskine4a02cef2021-06-03 11:12:40 +02008615requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
Jerry Yuab082902021-12-23 18:02:22 +08008616requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02008617run_test "EC restart: TLS, max_ops=0" \
Gilles Peskine4a02cef2021-06-03 11:12:40 +02008618 "$P_SRV curves=secp256r1 auth_mode=required" \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02008619 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02008620 key_file=data_files/server5.key crt_file=data_files/server5.crt \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02008621 debug_level=1 ec_max_ops=0" \
8622 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02008623 -C "x509_verify_cert.*4b00" \
8624 -C "mbedtls_pk_verify.*4b00" \
8625 -C "mbedtls_ecdh_make_public.*4b00" \
8626 -C "mbedtls_pk_sign.*4b00"
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02008627
8628requires_config_enabled MBEDTLS_ECP_RESTARTABLE
Gilles Peskine4a02cef2021-06-03 11:12:40 +02008629requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
Jerry Yuab082902021-12-23 18:02:22 +08008630requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02008631run_test "EC restart: TLS, max_ops=65535" \
Gilles Peskine4a02cef2021-06-03 11:12:40 +02008632 "$P_SRV curves=secp256r1 auth_mode=required" \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02008633 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02008634 key_file=data_files/server5.key crt_file=data_files/server5.crt \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02008635 debug_level=1 ec_max_ops=65535" \
8636 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02008637 -C "x509_verify_cert.*4b00" \
8638 -C "mbedtls_pk_verify.*4b00" \
8639 -C "mbedtls_ecdh_make_public.*4b00" \
8640 -C "mbedtls_pk_sign.*4b00"
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02008641
Manuel Pégourié-Gonnard55a188b2022-12-06 12:00:33 +01008642# With USE_PSA disabled we expect full restartable behaviour.
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02008643requires_config_enabled MBEDTLS_ECP_RESTARTABLE
Gilles Peskine4a02cef2021-06-03 11:12:40 +02008644requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
Jerry Yuab082902021-12-23 18:02:22 +08008645requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard55a188b2022-12-06 12:00:33 +01008646requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
8647run_test "EC restart: TLS, max_ops=1000 (no USE_PSA)" \
Gilles Peskine4a02cef2021-06-03 11:12:40 +02008648 "$P_SRV curves=secp256r1 auth_mode=required" \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02008649 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02008650 key_file=data_files/server5.key crt_file=data_files/server5.crt \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02008651 debug_level=1 ec_max_ops=1000" \
8652 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02008653 -c "x509_verify_cert.*4b00" \
8654 -c "mbedtls_pk_verify.*4b00" \
8655 -c "mbedtls_ecdh_make_public.*4b00" \
8656 -c "mbedtls_pk_sign.*4b00"
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02008657
Manuel Pégourié-Gonnard55a188b2022-12-06 12:00:33 +01008658# With USE_PSA enabled we expect only partial restartable behaviour:
8659# everything except ECDH (where TLS calls PSA directly).
8660requires_config_enabled MBEDTLS_ECP_RESTARTABLE
8661requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
8662requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
8663requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
8664run_test "EC restart: TLS, max_ops=1000 (USE_PSA)" \
8665 "$P_SRV curves=secp256r1 auth_mode=required" \
8666 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
8667 key_file=data_files/server5.key crt_file=data_files/server5.crt \
8668 debug_level=1 ec_max_ops=1000" \
8669 0 \
8670 -c "x509_verify_cert.*4b00" \
8671 -c "mbedtls_pk_verify.*4b00" \
8672 -C "mbedtls_ecdh_make_public.*4b00" \
8673 -c "mbedtls_pk_sign.*4b00"
8674
8675# This works the same with & without USE_PSA as we never get to ECDH:
8676# we abort as soon as we determined the cert is bad.
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02008677requires_config_enabled MBEDTLS_ECP_RESTARTABLE
Gilles Peskine4a02cef2021-06-03 11:12:40 +02008678requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
Jerry Yuab082902021-12-23 18:02:22 +08008679requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard3bf49c42017-08-15 13:47:06 +02008680run_test "EC restart: TLS, max_ops=1000, badsign" \
Gilles Peskine4a02cef2021-06-03 11:12:40 +02008681 "$P_SRV curves=secp256r1 auth_mode=required \
Manuel Pégourié-Gonnard3bf49c42017-08-15 13:47:06 +02008682 crt_file=data_files/server5-badsign.crt \
8683 key_file=data_files/server5.key" \
8684 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
8685 key_file=data_files/server5.key crt_file=data_files/server5.crt \
8686 debug_level=1 ec_max_ops=1000" \
8687 1 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02008688 -c "x509_verify_cert.*4b00" \
8689 -C "mbedtls_pk_verify.*4b00" \
8690 -C "mbedtls_ecdh_make_public.*4b00" \
8691 -C "mbedtls_pk_sign.*4b00" \
Manuel Pégourié-Gonnard3bf49c42017-08-15 13:47:06 +02008692 -c "! The certificate is not correctly signed by the trusted CA" \
8693 -c "! mbedtls_ssl_handshake returned" \
8694 -c "X509 - Certificate verification failed"
8695
Manuel Pégourié-Gonnard55a188b2022-12-06 12:00:33 +01008696# With USE_PSA disabled we expect full restartable behaviour.
Manuel Pégourié-Gonnard3bf49c42017-08-15 13:47:06 +02008697requires_config_enabled MBEDTLS_ECP_RESTARTABLE
Gilles Peskine4a02cef2021-06-03 11:12:40 +02008698requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
Jerry Yuab082902021-12-23 18:02:22 +08008699requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard55a188b2022-12-06 12:00:33 +01008700requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
8701run_test "EC restart: TLS, max_ops=1000, auth_mode=optional badsign (no USE_PSA)" \
Gilles Peskine4a02cef2021-06-03 11:12:40 +02008702 "$P_SRV curves=secp256r1 auth_mode=required \
Manuel Pégourié-Gonnard3bf49c42017-08-15 13:47:06 +02008703 crt_file=data_files/server5-badsign.crt \
8704 key_file=data_files/server5.key" \
8705 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
8706 key_file=data_files/server5.key crt_file=data_files/server5.crt \
8707 debug_level=1 ec_max_ops=1000 auth_mode=optional" \
8708 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02008709 -c "x509_verify_cert.*4b00" \
8710 -c "mbedtls_pk_verify.*4b00" \
8711 -c "mbedtls_ecdh_make_public.*4b00" \
8712 -c "mbedtls_pk_sign.*4b00" \
Manuel Pégourié-Gonnard3bf49c42017-08-15 13:47:06 +02008713 -c "! The certificate is not correctly signed by the trusted CA" \
8714 -C "! mbedtls_ssl_handshake returned" \
8715 -C "X509 - Certificate verification failed"
8716
Manuel Pégourié-Gonnard55a188b2022-12-06 12:00:33 +01008717# With USE_PSA enabled we expect only partial restartable behaviour:
8718# everything except ECDH (where TLS calls PSA directly).
Manuel Pégourié-Gonnard3bf49c42017-08-15 13:47:06 +02008719requires_config_enabled MBEDTLS_ECP_RESTARTABLE
Gilles Peskine4a02cef2021-06-03 11:12:40 +02008720requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
Jerry Yuab082902021-12-23 18:02:22 +08008721requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard55a188b2022-12-06 12:00:33 +01008722requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
8723run_test "EC restart: TLS, max_ops=1000, auth_mode=optional badsign (USE_PSA)" \
8724 "$P_SRV curves=secp256r1 auth_mode=required \
8725 crt_file=data_files/server5-badsign.crt \
8726 key_file=data_files/server5.key" \
8727 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
8728 key_file=data_files/server5.key crt_file=data_files/server5.crt \
8729 debug_level=1 ec_max_ops=1000 auth_mode=optional" \
8730 0 \
8731 -c "x509_verify_cert.*4b00" \
8732 -c "mbedtls_pk_verify.*4b00" \
8733 -C "mbedtls_ecdh_make_public.*4b00" \
8734 -c "mbedtls_pk_sign.*4b00" \
8735 -c "! The certificate is not correctly signed by the trusted CA" \
8736 -C "! mbedtls_ssl_handshake returned" \
8737 -C "X509 - Certificate verification failed"
8738
8739# With USE_PSA disabled we expect full restartable behaviour.
8740requires_config_enabled MBEDTLS_ECP_RESTARTABLE
8741requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
8742requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
8743requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
8744run_test "EC restart: TLS, max_ops=1000, auth_mode=none badsign (no USE_PSA)" \
Gilles Peskine4a02cef2021-06-03 11:12:40 +02008745 "$P_SRV curves=secp256r1 auth_mode=required \
Manuel Pégourié-Gonnard3bf49c42017-08-15 13:47:06 +02008746 crt_file=data_files/server5-badsign.crt \
8747 key_file=data_files/server5.key" \
8748 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
8749 key_file=data_files/server5.key crt_file=data_files/server5.crt \
8750 debug_level=1 ec_max_ops=1000 auth_mode=none" \
8751 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02008752 -C "x509_verify_cert.*4b00" \
8753 -c "mbedtls_pk_verify.*4b00" \
8754 -c "mbedtls_ecdh_make_public.*4b00" \
8755 -c "mbedtls_pk_sign.*4b00" \
Manuel Pégourié-Gonnard3bf49c42017-08-15 13:47:06 +02008756 -C "! The certificate is not correctly signed by the trusted CA" \
8757 -C "! mbedtls_ssl_handshake returned" \
8758 -C "X509 - Certificate verification failed"
8759
Manuel Pégourié-Gonnard55a188b2022-12-06 12:00:33 +01008760# With USE_PSA enabled we expect only partial restartable behaviour:
8761# everything except ECDH (where TLS calls PSA directly).
Manuel Pégourié-Gonnard3bf49c42017-08-15 13:47:06 +02008762requires_config_enabled MBEDTLS_ECP_RESTARTABLE
Gilles Peskine4a02cef2021-06-03 11:12:40 +02008763requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
Jerry Yuab082902021-12-23 18:02:22 +08008764requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard55a188b2022-12-06 12:00:33 +01008765requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
8766run_test "EC restart: TLS, max_ops=1000, auth_mode=none badsign (USE_PSA)" \
8767 "$P_SRV curves=secp256r1 auth_mode=required \
8768 crt_file=data_files/server5-badsign.crt \
8769 key_file=data_files/server5.key" \
8770 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
8771 key_file=data_files/server5.key crt_file=data_files/server5.crt \
8772 debug_level=1 ec_max_ops=1000 auth_mode=none" \
8773 0 \
8774 -C "x509_verify_cert.*4b00" \
8775 -c "mbedtls_pk_verify.*4b00" \
8776 -C "mbedtls_ecdh_make_public.*4b00" \
8777 -c "mbedtls_pk_sign.*4b00" \
8778 -C "! The certificate is not correctly signed by the trusted CA" \
8779 -C "! mbedtls_ssl_handshake returned" \
8780 -C "X509 - Certificate verification failed"
8781
8782# With USE_PSA disabled we expect full restartable behaviour.
8783requires_config_enabled MBEDTLS_ECP_RESTARTABLE
8784requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
8785requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
8786requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
8787run_test "EC restart: DTLS, max_ops=1000 (no USE_PSA)" \
Gilles Peskine4a02cef2021-06-03 11:12:40 +02008788 "$P_SRV curves=secp256r1 auth_mode=required dtls=1" \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02008789 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02008790 key_file=data_files/server5.key crt_file=data_files/server5.crt \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02008791 dtls=1 debug_level=1 ec_max_ops=1000" \
8792 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02008793 -c "x509_verify_cert.*4b00" \
8794 -c "mbedtls_pk_verify.*4b00" \
8795 -c "mbedtls_ecdh_make_public.*4b00" \
8796 -c "mbedtls_pk_sign.*4b00"
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02008797
Manuel Pégourié-Gonnard55a188b2022-12-06 12:00:33 +01008798# With USE_PSA enabled we expect only partial restartable behaviour:
8799# everything except ECDH (where TLS calls PSA directly).
Manuel Pégourié-Gonnard32033da2017-05-18 12:49:27 +02008800requires_config_enabled MBEDTLS_ECP_RESTARTABLE
Gilles Peskine4a02cef2021-06-03 11:12:40 +02008801requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
Jerry Yuab082902021-12-23 18:02:22 +08008802requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard55a188b2022-12-06 12:00:33 +01008803requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
8804run_test "EC restart: DTLS, max_ops=1000 (USE_PSA)" \
8805 "$P_SRV curves=secp256r1 auth_mode=required dtls=1" \
8806 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
8807 key_file=data_files/server5.key crt_file=data_files/server5.crt \
8808 dtls=1 debug_level=1 ec_max_ops=1000" \
8809 0 \
8810 -c "x509_verify_cert.*4b00" \
8811 -c "mbedtls_pk_verify.*4b00" \
8812 -C "mbedtls_ecdh_make_public.*4b00" \
8813 -c "mbedtls_pk_sign.*4b00"
8814
8815# With USE_PSA disabled we expect full restartable behaviour.
8816requires_config_enabled MBEDTLS_ECP_RESTARTABLE
8817requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
8818requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
8819requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
8820run_test "EC restart: TLS, max_ops=1000 no client auth (no USE_PSA)" \
Gilles Peskine4a02cef2021-06-03 11:12:40 +02008821 "$P_SRV curves=secp256r1" \
Manuel Pégourié-Gonnard32033da2017-05-18 12:49:27 +02008822 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
8823 debug_level=1 ec_max_ops=1000" \
8824 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02008825 -c "x509_verify_cert.*4b00" \
8826 -c "mbedtls_pk_verify.*4b00" \
8827 -c "mbedtls_ecdh_make_public.*4b00" \
8828 -C "mbedtls_pk_sign.*4b00"
Manuel Pégourié-Gonnard32033da2017-05-18 12:49:27 +02008829
Manuel Pégourié-Gonnard2b7ad642022-12-06 10:42:44 +01008830
Manuel Pégourié-Gonnard55a188b2022-12-06 12:00:33 +01008831# With USE_PSA enabled we expect only partial restartable behaviour:
8832# everything except ECDH (where TLS calls PSA directly).
Manuel Pégourié-Gonnard32033da2017-05-18 12:49:27 +02008833requires_config_enabled MBEDTLS_ECP_RESTARTABLE
Gilles Peskine4a02cef2021-06-03 11:12:40 +02008834requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
Jerry Yuab082902021-12-23 18:02:22 +08008835requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard55a188b2022-12-06 12:00:33 +01008836requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
8837run_test "EC restart: TLS, max_ops=1000 no client auth (USE_PSA)" \
8838 "$P_SRV curves=secp256r1" \
8839 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
8840 debug_level=1 ec_max_ops=1000" \
8841 0 \
8842 -c "x509_verify_cert.*4b00" \
8843 -c "mbedtls_pk_verify.*4b00" \
8844 -C "mbedtls_ecdh_make_public.*4b00" \
8845 -C "mbedtls_pk_sign.*4b00"
8846
Manuel Pégourié-Gonnard2b7ad642022-12-06 10:42:44 +01008847# Restartable is only for ECDHE-ECDSA, with another ciphersuite we expect no
8848# restartable behaviour at all (not even client auth).
8849# This is the same as "EC restart: TLS, max_ops=1000" except with ECDHE-RSA,
8850# and all 4 assertions negated.
Manuel Pégourié-Gonnard32033da2017-05-18 12:49:27 +02008851requires_config_enabled MBEDTLS_ECP_RESTARTABLE
8852requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
8853requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard2b7ad642022-12-06 10:42:44 +01008854run_test "EC restart: TLS, max_ops=1000, ECDHE-RSA" \
8855 "$P_SRV curves=secp256r1 auth_mode=required" \
8856 "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 \
8857 key_file=data_files/server5.key crt_file=data_files/server5.crt \
8858 debug_level=1 ec_max_ops=1000" \
Manuel Pégourié-Gonnard32033da2017-05-18 12:49:27 +02008859 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02008860 -C "x509_verify_cert.*4b00" \
8861 -C "mbedtls_pk_verify.*4b00" \
8862 -C "mbedtls_ecdh_make_public.*4b00" \
8863 -C "mbedtls_pk_sign.*4b00"
Manuel Pégourié-Gonnard32033da2017-05-18 12:49:27 +02008864
Gilles Peskine3665f1d2018-01-05 21:22:12 +01008865# Tests of asynchronous private key support in SSL
8866
Gilles Peskineb74a1c72018-04-24 13:09:22 +02008867requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Jerry Yuab082902021-12-23 18:02:22 +08008868requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskinefcca9d82018-01-12 13:47:48 +01008869run_test "SSL async private: sign, delay=0" \
8870 "$P_SRV \
8871 async_operations=s async_private_delay1=0 async_private_delay2=0" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01008872 "$P_CLI" \
8873 0 \
8874 -s "Async sign callback: using key slot " \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01008875 -s "Async resume (slot [0-9]): sign done, status=0"
Gilles Peskine3665f1d2018-01-05 21:22:12 +01008876
Gilles Peskineb74a1c72018-04-24 13:09:22 +02008877requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Jerry Yuab082902021-12-23 18:02:22 +08008878requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskinefcca9d82018-01-12 13:47:48 +01008879run_test "SSL async private: sign, delay=1" \
8880 "$P_SRV \
8881 async_operations=s async_private_delay1=1 async_private_delay2=1" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01008882 "$P_CLI" \
8883 0 \
8884 -s "Async sign callback: using key slot " \
8885 -s "Async resume (slot [0-9]): call 0 more times." \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01008886 -s "Async resume (slot [0-9]): sign done, status=0"
8887
Gilles Peskine12d0cc12018-04-26 15:06:56 +02008888requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Jerry Yuab082902021-12-23 18:02:22 +08008889requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine12d0cc12018-04-26 15:06:56 +02008890run_test "SSL async private: sign, delay=2" \
8891 "$P_SRV \
8892 async_operations=s async_private_delay1=2 async_private_delay2=2" \
8893 "$P_CLI" \
8894 0 \
8895 -s "Async sign callback: using key slot " \
8896 -U "Async sign callback: using key slot " \
8897 -s "Async resume (slot [0-9]): call 1 more times." \
8898 -s "Async resume (slot [0-9]): call 0 more times." \
8899 -s "Async resume (slot [0-9]): sign done, status=0"
8900
Gilles Peskineb74a1c72018-04-24 13:09:22 +02008901requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Hanno Beckerc5722d12020-10-09 11:10:42 +01008902requires_config_disabled MBEDTLS_X509_REMOVE_INFO
Jerry Yuab082902021-12-23 18:02:22 +08008903requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine807d74a2018-04-30 10:30:49 +02008904run_test "SSL async private: sign, SNI" \
8905 "$P_SRV debug_level=3 \
8906 async_operations=s async_private_delay1=0 async_private_delay2=0 \
8907 crt_file=data_files/server5.crt key_file=data_files/server5.key \
8908 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
8909 "$P_CLI server_name=polarssl.example" \
8910 0 \
8911 -s "Async sign callback: using key slot " \
8912 -s "Async resume (slot [0-9]): sign done, status=0" \
8913 -s "parse ServerName extension" \
8914 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
8915 -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example"
8916
8917requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Jerry Yuab082902021-12-23 18:02:22 +08008918requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskinefcca9d82018-01-12 13:47:48 +01008919run_test "SSL async private: decrypt, delay=0" \
8920 "$P_SRV \
8921 async_operations=d async_private_delay1=0 async_private_delay2=0" \
8922 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
8923 0 \
8924 -s "Async decrypt callback: using key slot " \
8925 -s "Async resume (slot [0-9]): decrypt done, status=0"
8926
Gilles Peskineb74a1c72018-04-24 13:09:22 +02008927requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Jerry Yuab082902021-12-23 18:02:22 +08008928requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskinefcca9d82018-01-12 13:47:48 +01008929run_test "SSL async private: decrypt, delay=1" \
8930 "$P_SRV \
8931 async_operations=d async_private_delay1=1 async_private_delay2=1" \
8932 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
8933 0 \
8934 -s "Async decrypt callback: using key slot " \
8935 -s "Async resume (slot [0-9]): call 0 more times." \
8936 -s "Async resume (slot [0-9]): decrypt done, status=0"
8937
Gilles Peskineb74a1c72018-04-24 13:09:22 +02008938requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Jerry Yuab082902021-12-23 18:02:22 +08008939requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskinefcca9d82018-01-12 13:47:48 +01008940run_test "SSL async private: decrypt RSA-PSK, delay=0" \
8941 "$P_SRV psk=abc123 \
8942 async_operations=d async_private_delay1=0 async_private_delay2=0" \
8943 "$P_CLI psk=abc123 \
8944 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256" \
8945 0 \
8946 -s "Async decrypt callback: using key slot " \
8947 -s "Async resume (slot [0-9]): decrypt done, status=0"
8948
Gilles Peskineb74a1c72018-04-24 13:09:22 +02008949requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Jerry Yuab082902021-12-23 18:02:22 +08008950requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskinefcca9d82018-01-12 13:47:48 +01008951run_test "SSL async private: decrypt RSA-PSK, delay=1" \
8952 "$P_SRV psk=abc123 \
8953 async_operations=d async_private_delay1=1 async_private_delay2=1" \
8954 "$P_CLI psk=abc123 \
8955 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256" \
8956 0 \
8957 -s "Async decrypt callback: using key slot " \
8958 -s "Async resume (slot [0-9]): call 0 more times." \
8959 -s "Async resume (slot [0-9]): decrypt done, status=0"
8960
Gilles Peskineb74a1c72018-04-24 13:09:22 +02008961requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Jerry Yuab082902021-12-23 18:02:22 +08008962requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskinefcca9d82018-01-12 13:47:48 +01008963run_test "SSL async private: sign callback not present" \
8964 "$P_SRV \
8965 async_operations=d async_private_delay1=1 async_private_delay2=1" \
8966 "$P_CLI; [ \$? -eq 1 ] &&
8967 $P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
8968 0 \
8969 -S "Async sign callback" \
8970 -s "! mbedtls_ssl_handshake returned" \
8971 -s "The own private key or pre-shared key is not set, but needed" \
8972 -s "Async resume (slot [0-9]): decrypt done, status=0" \
8973 -s "Successful connection"
8974
Gilles Peskineb74a1c72018-04-24 13:09:22 +02008975requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Jerry Yuab082902021-12-23 18:02:22 +08008976requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskinefcca9d82018-01-12 13:47:48 +01008977run_test "SSL async private: decrypt callback not present" \
8978 "$P_SRV debug_level=1 \
8979 async_operations=s async_private_delay1=1 async_private_delay2=1" \
8980 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA;
8981 [ \$? -eq 1 ] && $P_CLI" \
8982 0 \
8983 -S "Async decrypt callback" \
8984 -s "! mbedtls_ssl_handshake returned" \
8985 -s "got no RSA private key" \
8986 -s "Async resume (slot [0-9]): sign done, status=0" \
8987 -s "Successful connection"
Gilles Peskine3665f1d2018-01-05 21:22:12 +01008988
8989# key1: ECDSA, key2: RSA; use key1 from slot 0
Gilles Peskineb74a1c72018-04-24 13:09:22 +02008990requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Jerry Yuab082902021-12-23 18:02:22 +08008991requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine3665f1d2018-01-05 21:22:12 +01008992run_test "SSL async private: slot 0 used with key1" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01008993 "$P_SRV \
8994 async_operations=s async_private_delay1=1 \
8995 key_file=data_files/server5.key crt_file=data_files/server5.crt \
8996 key_file2=data_files/server2.key crt_file2=data_files/server2.crt" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01008997 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
8998 0 \
8999 -s "Async sign callback: using key slot 0," \
9000 -s "Async resume (slot 0): call 0 more times." \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01009001 -s "Async resume (slot 0): sign done, status=0"
Gilles Peskine3665f1d2018-01-05 21:22:12 +01009002
9003# key1: ECDSA, key2: RSA; use key2 from slot 0
Gilles Peskineb74a1c72018-04-24 13:09:22 +02009004requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Jerry Yuab082902021-12-23 18:02:22 +08009005requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine3665f1d2018-01-05 21:22:12 +01009006run_test "SSL async private: slot 0 used with key2" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01009007 "$P_SRV \
9008 async_operations=s async_private_delay2=1 \
9009 key_file=data_files/server5.key crt_file=data_files/server5.crt \
9010 key_file2=data_files/server2.key crt_file2=data_files/server2.crt" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01009011 "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \
9012 0 \
9013 -s "Async sign callback: using key slot 0," \
9014 -s "Async resume (slot 0): call 0 more times." \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01009015 -s "Async resume (slot 0): sign done, status=0"
Gilles Peskine3665f1d2018-01-05 21:22:12 +01009016
9017# key1: ECDSA, key2: RSA; use key2 from slot 1
Gilles Peskineb74a1c72018-04-24 13:09:22 +02009018requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Jerry Yuab082902021-12-23 18:02:22 +08009019requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskinead28bf02018-04-26 00:19:16 +02009020run_test "SSL async private: slot 1 used with key2" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01009021 "$P_SRV \
Gilles Peskine168dae82018-04-25 23:35:42 +02009022 async_operations=s async_private_delay1=1 async_private_delay2=1 \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01009023 key_file=data_files/server5.key crt_file=data_files/server5.crt \
9024 key_file2=data_files/server2.key crt_file2=data_files/server2.crt" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01009025 "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \
9026 0 \
9027 -s "Async sign callback: using key slot 1," \
9028 -s "Async resume (slot 1): call 0 more times." \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01009029 -s "Async resume (slot 1): sign done, status=0"
Gilles Peskine3665f1d2018-01-05 21:22:12 +01009030
9031# key1: ECDSA, key2: RSA; use key2 directly
Gilles Peskineb74a1c72018-04-24 13:09:22 +02009032requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Jerry Yuab082902021-12-23 18:02:22 +08009033requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine3665f1d2018-01-05 21:22:12 +01009034run_test "SSL async private: fall back to transparent key" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01009035 "$P_SRV \
9036 async_operations=s async_private_delay1=1 \
9037 key_file=data_files/server5.key crt_file=data_files/server5.crt \
9038 key_file2=data_files/server2.key crt_file2=data_files/server2.crt " \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01009039 "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \
9040 0 \
9041 -s "Async sign callback: no key matches this certificate."
9042
Gilles Peskineb74a1c72018-04-24 13:09:22 +02009043requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Jerry Yuab082902021-12-23 18:02:22 +08009044requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine725f1cb2018-06-12 15:06:40 +02009045run_test "SSL async private: sign, error in start" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01009046 "$P_SRV \
9047 async_operations=s async_private_delay1=1 async_private_delay2=1 \
9048 async_private_error=1" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01009049 "$P_CLI" \
9050 1 \
9051 -s "Async sign callback: injected error" \
9052 -S "Async resume" \
Gilles Peskine37289cd2018-04-27 11:50:14 +02009053 -S "Async cancel" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01009054 -s "! mbedtls_ssl_handshake returned"
9055
Gilles Peskineb74a1c72018-04-24 13:09:22 +02009056requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Jerry Yuab082902021-12-23 18:02:22 +08009057requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine725f1cb2018-06-12 15:06:40 +02009058run_test "SSL async private: sign, cancel after start" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01009059 "$P_SRV \
9060 async_operations=s async_private_delay1=1 async_private_delay2=1 \
9061 async_private_error=2" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01009062 "$P_CLI" \
9063 1 \
9064 -s "Async sign callback: using key slot " \
9065 -S "Async resume" \
9066 -s "Async cancel"
9067
Gilles Peskineb74a1c72018-04-24 13:09:22 +02009068requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Jerry Yuab082902021-12-23 18:02:22 +08009069requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine725f1cb2018-06-12 15:06:40 +02009070run_test "SSL async private: sign, error in resume" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01009071 "$P_SRV \
9072 async_operations=s async_private_delay1=1 async_private_delay2=1 \
9073 async_private_error=3" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01009074 "$P_CLI" \
9075 1 \
9076 -s "Async sign callback: using key slot " \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01009077 -s "Async resume callback: sign done but injected error" \
Gilles Peskine37289cd2018-04-27 11:50:14 +02009078 -S "Async cancel" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01009079 -s "! mbedtls_ssl_handshake returned"
9080
Gilles Peskineb74a1c72018-04-24 13:09:22 +02009081requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Jerry Yuab082902021-12-23 18:02:22 +08009082requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine725f1cb2018-06-12 15:06:40 +02009083run_test "SSL async private: decrypt, error in start" \
9084 "$P_SRV \
9085 async_operations=d async_private_delay1=1 async_private_delay2=1 \
9086 async_private_error=1" \
9087 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
9088 1 \
9089 -s "Async decrypt callback: injected error" \
9090 -S "Async resume" \
9091 -S "Async cancel" \
9092 -s "! mbedtls_ssl_handshake returned"
9093
9094requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Jerry Yuab082902021-12-23 18:02:22 +08009095requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine725f1cb2018-06-12 15:06:40 +02009096run_test "SSL async private: decrypt, cancel after start" \
9097 "$P_SRV \
9098 async_operations=d async_private_delay1=1 async_private_delay2=1 \
9099 async_private_error=2" \
9100 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
9101 1 \
9102 -s "Async decrypt callback: using key slot " \
9103 -S "Async resume" \
9104 -s "Async cancel"
9105
9106requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Jerry Yuab082902021-12-23 18:02:22 +08009107requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine725f1cb2018-06-12 15:06:40 +02009108run_test "SSL async private: decrypt, error in resume" \
9109 "$P_SRV \
9110 async_operations=d async_private_delay1=1 async_private_delay2=1 \
9111 async_private_error=3" \
9112 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
9113 1 \
9114 -s "Async decrypt callback: using key slot " \
9115 -s "Async resume callback: decrypt done but injected error" \
9116 -S "Async cancel" \
9117 -s "! mbedtls_ssl_handshake returned"
9118
9119requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Jerry Yuab082902021-12-23 18:02:22 +08009120requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine60ee4ca2018-01-08 11:28:05 +01009121run_test "SSL async private: cancel after start then operate correctly" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01009122 "$P_SRV \
9123 async_operations=s async_private_delay1=1 async_private_delay2=1 \
9124 async_private_error=-2" \
Gilles Peskine60ee4ca2018-01-08 11:28:05 +01009125 "$P_CLI; [ \$? -eq 1 ] && $P_CLI" \
9126 0 \
9127 -s "Async cancel" \
9128 -s "! mbedtls_ssl_handshake returned" \
9129 -s "Async resume" \
9130 -s "Successful connection"
9131
Gilles Peskineb74a1c72018-04-24 13:09:22 +02009132requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Jerry Yuab082902021-12-23 18:02:22 +08009133requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine60ee4ca2018-01-08 11:28:05 +01009134run_test "SSL async private: error in resume then operate correctly" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01009135 "$P_SRV \
9136 async_operations=s async_private_delay1=1 async_private_delay2=1 \
9137 async_private_error=-3" \
Gilles Peskine60ee4ca2018-01-08 11:28:05 +01009138 "$P_CLI; [ \$? -eq 1 ] && $P_CLI" \
9139 0 \
9140 -s "! mbedtls_ssl_handshake returned" \
9141 -s "Async resume" \
9142 -s "Successful connection"
9143
9144# key1: ECDSA, key2: RSA; use key1 through async, then key2 directly
Gilles Peskineb74a1c72018-04-24 13:09:22 +02009145requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Jerry Yuab082902021-12-23 18:02:22 +08009146requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Valerio Setti3f2309f2023-02-23 13:47:30 +01009147# Note: the function "detect_required_features()" is not able to detect more than
9148# one "force_ciphersuite" per client/server and it only picks the 2nd one.
9149# Therefore the 1st one is added explicitly here
Valerio Settid1f991c2023-02-22 12:54:13 +01009150requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
Gilles Peskine60ee4ca2018-01-08 11:28:05 +01009151run_test "SSL async private: cancel after start then fall back to transparent key" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01009152 "$P_SRV \
9153 async_operations=s async_private_delay1=1 async_private_error=-2 \
9154 key_file=data_files/server5.key crt_file=data_files/server5.crt \
9155 key_file2=data_files/server2.key crt_file2=data_files/server2.crt" \
Gilles Peskine60ee4ca2018-01-08 11:28:05 +01009156 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256;
9157 [ \$? -eq 1 ] &&
9158 $P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \
9159 0 \
Gilles Peskinededa75a2018-04-30 10:02:45 +02009160 -s "Async sign callback: using key slot 0" \
Gilles Peskine60ee4ca2018-01-08 11:28:05 +01009161 -S "Async resume" \
9162 -s "Async cancel" \
9163 -s "! mbedtls_ssl_handshake returned" \
9164 -s "Async sign callback: no key matches this certificate." \
9165 -s "Successful connection"
9166
9167# key1: ECDSA, key2: RSA; use key1 through async, then key2 directly
Gilles Peskineb74a1c72018-04-24 13:09:22 +02009168requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Jerry Yuab082902021-12-23 18:02:22 +08009169requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Valerio Setti3f2309f2023-02-23 13:47:30 +01009170# Note: the function "detect_required_features()" is not able to detect more than
9171# one "force_ciphersuite" per client/server and it only picks the 2nd one.
9172# Therefore the 1st one is added explicitly here
Valerio Settid1f991c2023-02-22 12:54:13 +01009173requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
Gilles Peskine725f1cb2018-06-12 15:06:40 +02009174run_test "SSL async private: sign, error in resume then fall back to transparent key" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01009175 "$P_SRV \
9176 async_operations=s async_private_delay1=1 async_private_error=-3 \
9177 key_file=data_files/server5.key crt_file=data_files/server5.crt \
9178 key_file2=data_files/server2.key crt_file2=data_files/server2.crt" \
Gilles Peskine60ee4ca2018-01-08 11:28:05 +01009179 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256;
9180 [ \$? -eq 1 ] &&
9181 $P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \
9182 0 \
9183 -s "Async resume" \
9184 -s "! mbedtls_ssl_handshake returned" \
9185 -s "Async sign callback: no key matches this certificate." \
9186 -s "Successful connection"
9187
Gilles Peskineb74a1c72018-04-24 13:09:22 +02009188requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine3665f1d2018-01-05 21:22:12 +01009189requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08009190requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine654bab72019-09-16 15:19:20 +02009191run_test "SSL async private: renegotiation: client-initiated, sign" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01009192 "$P_SRV \
9193 async_operations=s async_private_delay1=1 async_private_delay2=1 \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01009194 exchanges=2 renegotiation=1" \
9195 "$P_CLI exchanges=2 renegotiation=1 renegotiate=1" \
9196 0 \
9197 -s "Async sign callback: using key slot " \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01009198 -s "Async resume (slot [0-9]): sign done, status=0"
Gilles Peskine3665f1d2018-01-05 21:22:12 +01009199
Gilles Peskineb74a1c72018-04-24 13:09:22 +02009200requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine3665f1d2018-01-05 21:22:12 +01009201requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08009202requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine654bab72019-09-16 15:19:20 +02009203run_test "SSL async private: renegotiation: server-initiated, sign" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01009204 "$P_SRV \
9205 async_operations=s async_private_delay1=1 async_private_delay2=1 \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01009206 exchanges=2 renegotiation=1 renegotiate=1" \
9207 "$P_CLI exchanges=2 renegotiation=1" \
9208 0 \
9209 -s "Async sign callback: using key slot " \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01009210 -s "Async resume (slot [0-9]): sign done, status=0"
9211
Gilles Peskineb74a1c72018-04-24 13:09:22 +02009212requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinefcca9d82018-01-12 13:47:48 +01009213requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08009214requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine654bab72019-09-16 15:19:20 +02009215run_test "SSL async private: renegotiation: client-initiated, decrypt" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01009216 "$P_SRV \
9217 async_operations=d async_private_delay1=1 async_private_delay2=1 \
9218 exchanges=2 renegotiation=1" \
9219 "$P_CLI exchanges=2 renegotiation=1 renegotiate=1 \
9220 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
9221 0 \
9222 -s "Async decrypt callback: using key slot " \
9223 -s "Async resume (slot [0-9]): decrypt done, status=0"
9224
Gilles Peskineb74a1c72018-04-24 13:09:22 +02009225requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinefcca9d82018-01-12 13:47:48 +01009226requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08009227requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine654bab72019-09-16 15:19:20 +02009228run_test "SSL async private: renegotiation: server-initiated, decrypt" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01009229 "$P_SRV \
9230 async_operations=d async_private_delay1=1 async_private_delay2=1 \
9231 exchanges=2 renegotiation=1 renegotiate=1" \
9232 "$P_CLI exchanges=2 renegotiation=1 \
9233 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
9234 0 \
9235 -s "Async decrypt callback: using key slot " \
9236 -s "Async resume (slot [0-9]): decrypt done, status=0"
Gilles Peskine3665f1d2018-01-05 21:22:12 +01009237
Ron Eldor58093c82018-06-28 13:22:05 +03009238# Tests for ECC extensions (rfc 4492)
9239
Ron Eldor643df7c2018-06-28 16:17:00 +03009240requires_config_enabled MBEDTLS_AES_C
9241requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
Andrzej Kurek934e9cd2022-09-05 14:44:46 -04009242requires_hash_alg SHA_256
Ron Eldor643df7c2018-06-28 16:17:00 +03009243requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
Jerry Yuab082902021-12-23 18:02:22 +08009244requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ron Eldor58093c82018-06-28 13:22:05 +03009245run_test "Force a non ECC ciphersuite in the client side" \
9246 "$P_SRV debug_level=3" \
Ron Eldor643df7c2018-06-28 16:17:00 +03009247 "$P_CLI debug_level=3 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \
Ron Eldor58093c82018-06-28 13:22:05 +03009248 0 \
Jerry Yu136320b2021-12-21 17:09:00 +08009249 -C "client hello, adding supported_groups extension" \
Ron Eldor58093c82018-06-28 13:22:05 +03009250 -C "client hello, adding supported_point_formats extension" \
9251 -S "found supported elliptic curves extension" \
9252 -S "found supported point formats extension"
9253
Ron Eldor643df7c2018-06-28 16:17:00 +03009254requires_config_enabled MBEDTLS_AES_C
9255requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
Andrzej Kurek934e9cd2022-09-05 14:44:46 -04009256requires_hash_alg SHA_256
Ron Eldor643df7c2018-06-28 16:17:00 +03009257requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
Jerry Yuab082902021-12-23 18:02:22 +08009258requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ron Eldor58093c82018-06-28 13:22:05 +03009259run_test "Force a non ECC ciphersuite in the server side" \
Ron Eldor643df7c2018-06-28 16:17:00 +03009260 "$P_SRV debug_level=3 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \
Ron Eldor58093c82018-06-28 13:22:05 +03009261 "$P_CLI debug_level=3" \
9262 0 \
9263 -C "found supported_point_formats extension" \
9264 -S "server hello, supported_point_formats extension"
9265
Ron Eldor643df7c2018-06-28 16:17:00 +03009266requires_config_enabled MBEDTLS_AES_C
9267requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
Andrzej Kurek934e9cd2022-09-05 14:44:46 -04009268requires_hash_alg SHA_256
Jerry Yuab082902021-12-23 18:02:22 +08009269requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ron Eldor58093c82018-06-28 13:22:05 +03009270run_test "Force an ECC ciphersuite in the client side" \
9271 "$P_SRV debug_level=3" \
9272 "$P_CLI debug_level=3 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
9273 0 \
Jerry Yu136320b2021-12-21 17:09:00 +08009274 -c "client hello, adding supported_groups extension" \
Ron Eldor58093c82018-06-28 13:22:05 +03009275 -c "client hello, adding supported_point_formats extension" \
9276 -s "found supported elliptic curves extension" \
9277 -s "found supported point formats extension"
9278
Ron Eldor643df7c2018-06-28 16:17:00 +03009279requires_config_enabled MBEDTLS_AES_C
9280requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
Andrzej Kurek934e9cd2022-09-05 14:44:46 -04009281requires_hash_alg SHA_256
Jerry Yuab082902021-12-23 18:02:22 +08009282requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ron Eldor58093c82018-06-28 13:22:05 +03009283run_test "Force an ECC ciphersuite in the server side" \
9284 "$P_SRV debug_level=3 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
9285 "$P_CLI debug_level=3" \
9286 0 \
9287 -c "found supported_point_formats extension" \
9288 -s "server hello, supported_point_formats extension"
9289
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02009290# Tests for DTLS HelloVerifyRequest
9291
Jerry Yuab082902021-12-23 18:02:22 +08009292requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02009293run_test "DTLS cookie: enabled" \
9294 "$P_SRV dtls=1 debug_level=2" \
9295 "$P_CLI dtls=1 debug_level=2" \
9296 0 \
9297 -s "cookie verification failed" \
9298 -s "cookie verification passed" \
9299 -S "cookie verification skipped" \
9300 -c "received hello verify request" \
Manuel Pégourié-Gonnardcaecdae2014-10-13 19:04:37 +02009301 -s "hello verification requested" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02009302 -S "SSL - The requested feature is not available"
9303
Jerry Yuab082902021-12-23 18:02:22 +08009304requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02009305run_test "DTLS cookie: disabled" \
9306 "$P_SRV dtls=1 debug_level=2 cookies=0" \
9307 "$P_CLI dtls=1 debug_level=2" \
9308 0 \
9309 -S "cookie verification failed" \
9310 -S "cookie verification passed" \
9311 -s "cookie verification skipped" \
9312 -C "received hello verify request" \
Manuel Pégourié-Gonnardcaecdae2014-10-13 19:04:37 +02009313 -S "hello verification requested" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02009314 -S "SSL - The requested feature is not available"
9315
Jerry Yuab082902021-12-23 18:02:22 +08009316requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnardcaecdae2014-10-13 19:04:37 +02009317run_test "DTLS cookie: default (failing)" \
9318 "$P_SRV dtls=1 debug_level=2 cookies=-1" \
9319 "$P_CLI dtls=1 debug_level=2 hs_timeout=100-400" \
9320 1 \
9321 -s "cookie verification failed" \
9322 -S "cookie verification passed" \
9323 -S "cookie verification skipped" \
9324 -C "received hello verify request" \
9325 -S "hello verification requested" \
9326 -s "SSL - The requested feature is not available"
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02009327
9328requires_ipv6
Jerry Yuab082902021-12-23 18:02:22 +08009329requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02009330run_test "DTLS cookie: enabled, IPv6" \
9331 "$P_SRV dtls=1 debug_level=2 server_addr=::1" \
9332 "$P_CLI dtls=1 debug_level=2 server_addr=::1" \
9333 0 \
9334 -s "cookie verification failed" \
9335 -s "cookie verification passed" \
9336 -S "cookie verification skipped" \
9337 -c "received hello verify request" \
Manuel Pégourié-Gonnardcaecdae2014-10-13 19:04:37 +02009338 -s "hello verification requested" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02009339 -S "SSL - The requested feature is not available"
9340
Jerry Yuab082902021-12-23 18:02:22 +08009341requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard579950c2014-09-29 17:47:33 +02009342run_test "DTLS cookie: enabled, nbio" \
9343 "$P_SRV dtls=1 nbio=2 debug_level=2" \
9344 "$P_CLI dtls=1 nbio=2 debug_level=2" \
9345 0 \
9346 -s "cookie verification failed" \
9347 -s "cookie verification passed" \
9348 -S "cookie verification skipped" \
9349 -c "received hello verify request" \
Manuel Pégourié-Gonnardcaecdae2014-10-13 19:04:37 +02009350 -s "hello verification requested" \
Manuel Pégourié-Gonnard579950c2014-09-29 17:47:33 +02009351 -S "SSL - The requested feature is not available"
9352
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02009353# Tests for client reconnecting from the same port with DTLS
9354
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02009355not_with_valgrind # spurious resend
Jerry Yuab082902021-12-23 18:02:22 +08009356requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02009357run_test "DTLS client reconnect from same port: reference" \
Manuel Pégourié-Gonnardb6929892019-09-09 11:14:37 +02009358 "$P_SRV dtls=1 exchanges=2 read_timeout=20000 hs_timeout=10000-20000" \
9359 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=10000-20000" \
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02009360 0 \
9361 -C "resend" \
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02009362 -S "The operation timed out" \
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02009363 -S "Client initiated reconnection from same port"
9364
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02009365not_with_valgrind # spurious resend
Jerry Yuab082902021-12-23 18:02:22 +08009366requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02009367run_test "DTLS client reconnect from same port: reconnect" \
Manuel Pégourié-Gonnardb6929892019-09-09 11:14:37 +02009368 "$P_SRV dtls=1 exchanges=2 read_timeout=20000 hs_timeout=10000-20000" \
9369 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=10000-20000 reconnect_hard=1" \
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02009370 0 \
9371 -C "resend" \
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02009372 -S "The operation timed out" \
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02009373 -s "Client initiated reconnection from same port"
9374
Paul Bakker362689d2016-05-13 10:33:25 +01009375not_with_valgrind # server/client too slow to respond in time (next test has higher timeouts)
Jerry Yuab082902021-12-23 18:02:22 +08009376requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Paul Bakker362689d2016-05-13 10:33:25 +01009377run_test "DTLS client reconnect from same port: reconnect, nbio, no valgrind" \
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02009378 "$P_SRV dtls=1 exchanges=2 read_timeout=1000 nbio=2" \
9379 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-1000 reconnect_hard=1" \
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02009380 0 \
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02009381 -S "The operation timed out" \
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02009382 -s "Client initiated reconnection from same port"
9383
Paul Bakker362689d2016-05-13 10:33:25 +01009384only_with_valgrind # Only with valgrind, do previous test but with higher read_timeout and hs_timeout
Jerry Yuab082902021-12-23 18:02:22 +08009385requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Paul Bakker362689d2016-05-13 10:33:25 +01009386run_test "DTLS client reconnect from same port: reconnect, nbio, valgrind" \
9387 "$P_SRV dtls=1 exchanges=2 read_timeout=2000 nbio=2 hs_timeout=1500-6000" \
9388 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=1500-3000 reconnect_hard=1" \
9389 0 \
9390 -S "The operation timed out" \
9391 -s "Client initiated reconnection from same port"
9392
Jerry Yuab082902021-12-23 18:02:22 +08009393requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02009394run_test "DTLS client reconnect from same port: no cookies" \
9395 "$P_SRV dtls=1 exchanges=2 read_timeout=1000 cookies=0" \
Manuel Pégourié-Gonnard6ad23b92015-09-15 12:57:46 +02009396 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-8000 reconnect_hard=1" \
9397 0 \
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02009398 -s "The operation timed out" \
9399 -S "Client initiated reconnection from same port"
9400
Jerry Yuab082902021-12-23 18:02:22 +08009401requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnardbaad2de2020-03-13 11:11:02 +01009402run_test "DTLS client reconnect from same port: attacker-injected" \
9403 -p "$P_PXY inject_clihlo=1" \
9404 "$P_SRV dtls=1 exchanges=2 debug_level=1" \
9405 "$P_CLI dtls=1 exchanges=2" \
9406 0 \
9407 -s "possible client reconnect from the same port" \
9408 -S "Client initiated reconnection from same port"
9409
Manuel Pégourié-Gonnard08a1d4b2014-09-26 10:35:50 +02009410# Tests for various cases of client authentication with DTLS
9411# (focused on handshake flows and message parsing)
9412
Jerry Yuab082902021-12-23 18:02:22 +08009413requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard08a1d4b2014-09-26 10:35:50 +02009414run_test "DTLS client auth: required" \
9415 "$P_SRV dtls=1 auth_mode=required" \
9416 "$P_CLI dtls=1" \
9417 0 \
9418 -s "Verifying peer X.509 certificate... ok"
9419
Jerry Yuab082902021-12-23 18:02:22 +08009420requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard08a1d4b2014-09-26 10:35:50 +02009421run_test "DTLS client auth: optional, client has no cert" \
9422 "$P_SRV dtls=1 auth_mode=optional" \
9423 "$P_CLI dtls=1 crt_file=none key_file=none" \
9424 0 \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01009425 -s "! Certificate was missing"
Manuel Pégourié-Gonnard08a1d4b2014-09-26 10:35:50 +02009426
Jerry Yuab082902021-12-23 18:02:22 +08009427requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01009428run_test "DTLS client auth: none, client has no cert" \
Manuel Pégourié-Gonnard08a1d4b2014-09-26 10:35:50 +02009429 "$P_SRV dtls=1 auth_mode=none" \
9430 "$P_CLI dtls=1 crt_file=none key_file=none debug_level=2" \
9431 0 \
9432 -c "skip write certificate$" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01009433 -s "! Certificate verification was skipped"
Manuel Pégourié-Gonnard08a1d4b2014-09-26 10:35:50 +02009434
Jerry Yuab082902021-12-23 18:02:22 +08009435requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard0a885742015-08-04 12:08:35 +02009436run_test "DTLS wrong PSK: badmac alert" \
9437 "$P_SRV dtls=1 psk=abc123 force_ciphersuite=TLS-PSK-WITH-AES-128-GCM-SHA256" \
9438 "$P_CLI dtls=1 psk=abc124" \
9439 1 \
9440 -s "SSL - Verification of the message MAC failed" \
9441 -c "SSL - A fatal alert message was received from our peer"
9442
Manuel Pégourié-Gonnard502bf302014-08-20 13:12:58 +02009443# Tests for receiving fragmented handshake messages with DTLS
9444
9445requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +08009446requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard502bf302014-08-20 13:12:58 +02009447run_test "DTLS reassembly: no fragmentation (gnutls server)" \
9448 "$G_SRV -u --mtu 2048 -a" \
9449 "$P_CLI dtls=1 debug_level=2" \
9450 0 \
9451 -C "found fragmented DTLS handshake message" \
9452 -C "error"
9453
9454requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +08009455requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard502bf302014-08-20 13:12:58 +02009456run_test "DTLS reassembly: some fragmentation (gnutls server)" \
9457 "$G_SRV -u --mtu 512" \
9458 "$P_CLI dtls=1 debug_level=2" \
9459 0 \
9460 -c "found fragmented DTLS handshake message" \
9461 -C "error"
9462
9463requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +08009464requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard502bf302014-08-20 13:12:58 +02009465run_test "DTLS reassembly: more fragmentation (gnutls server)" \
9466 "$G_SRV -u --mtu 128" \
9467 "$P_CLI dtls=1 debug_level=2" \
9468 0 \
9469 -c "found fragmented DTLS handshake message" \
9470 -C "error"
9471
9472requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +08009473requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard502bf302014-08-20 13:12:58 +02009474run_test "DTLS reassembly: more fragmentation, nbio (gnutls server)" \
9475 "$G_SRV -u --mtu 128" \
9476 "$P_CLI dtls=1 nbio=2 debug_level=2" \
9477 0 \
9478 -c "found fragmented DTLS handshake message" \
9479 -C "error"
9480
Manuel Pégourié-Gonnard0c4cbc72014-09-02 14:47:31 +02009481requires_gnutls
Hanno Becker6a243642017-10-12 15:18:45 +01009482requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08009483requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard0c4cbc72014-09-02 14:47:31 +02009484run_test "DTLS reassembly: fragmentation, renego (gnutls server)" \
9485 "$G_SRV -u --mtu 256" \
9486 "$P_CLI debug_level=3 dtls=1 renegotiation=1 renegotiate=1" \
9487 0 \
9488 -c "found fragmented DTLS handshake message" \
9489 -c "client hello, adding renegotiation extension" \
9490 -c "found renegotiation extension" \
9491 -c "=> renegotiate" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02009492 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0c4cbc72014-09-02 14:47:31 +02009493 -C "error" \
9494 -s "Extra-header:"
9495
9496requires_gnutls
Hanno Becker6a243642017-10-12 15:18:45 +01009497requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +08009498requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard0c4cbc72014-09-02 14:47:31 +02009499run_test "DTLS reassembly: fragmentation, nbio, renego (gnutls server)" \
9500 "$G_SRV -u --mtu 256" \
9501 "$P_CLI debug_level=3 nbio=2 dtls=1 renegotiation=1 renegotiate=1" \
9502 0 \
9503 -c "found fragmented DTLS handshake message" \
9504 -c "client hello, adding renegotiation extension" \
9505 -c "found renegotiation extension" \
9506 -c "=> renegotiate" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02009507 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0c4cbc72014-09-02 14:47:31 +02009508 -C "error" \
9509 -s "Extra-header:"
9510
Jerry Yuab082902021-12-23 18:02:22 +08009511requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
TRodziewicz4ca18aa2021-05-20 14:46:20 +02009512run_test "DTLS reassembly: no fragmentation (openssl server)" \
9513 "$O_SRV -dtls -mtu 2048" \
9514 "$P_CLI dtls=1 debug_level=2" \
9515 0 \
9516 -C "found fragmented DTLS handshake message" \
9517 -C "error"
9518
Jerry Yuab082902021-12-23 18:02:22 +08009519requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
TRodziewicz4ca18aa2021-05-20 14:46:20 +02009520run_test "DTLS reassembly: some fragmentation (openssl server)" \
Valerio Setti6ba247c2023-03-14 17:13:43 +01009521 "$O_SRV -dtls -mtu 256" \
TRodziewicz4ca18aa2021-05-20 14:46:20 +02009522 "$P_CLI dtls=1 debug_level=2" \
9523 0 \
9524 -c "found fragmented DTLS handshake message" \
9525 -C "error"
9526
Jerry Yuab082902021-12-23 18:02:22 +08009527requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
TRodziewicz4ca18aa2021-05-20 14:46:20 +02009528run_test "DTLS reassembly: more fragmentation (openssl server)" \
9529 "$O_SRV -dtls -mtu 256" \
9530 "$P_CLI dtls=1 debug_level=2" \
9531 0 \
9532 -c "found fragmented DTLS handshake message" \
9533 -C "error"
9534
Jerry Yuab082902021-12-23 18:02:22 +08009535requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
TRodziewicz4ca18aa2021-05-20 14:46:20 +02009536run_test "DTLS reassembly: fragmentation, nbio (openssl server)" \
9537 "$O_SRV -dtls -mtu 256" \
9538 "$P_CLI dtls=1 nbio=2 debug_level=2" \
9539 0 \
9540 -c "found fragmented DTLS handshake message" \
9541 -C "error"
9542
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02009543# Tests for sending fragmented handshake messages with DTLS
9544#
9545# Use client auth when we need the client to send large messages,
9546# and use large cert chains on both sides too (the long chains we have all use
9547# both RSA and ECDSA, but ideally we should have long chains with either).
9548# Sizes reached (UDP payload):
9549# - 2037B for server certificate
9550# - 1542B for client certificate
9551# - 1013B for newsessionticket
9552# - all others below 512B
9553# All those tests assume MAX_CONTENT_LEN is at least 2048
9554
9555requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
9556requires_config_enabled MBEDTLS_RSA_C
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02009557requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Yuto Takanobc87b1d2021-07-08 15:56:33 +01009558requires_max_content_len 4096
Jerry Yuab082902021-12-23 18:02:22 +08009559requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02009560run_test "DTLS fragmenting: none (for reference)" \
9561 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
9562 crt_file=data_files/server7_int-ca.crt \
9563 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04009564 hs_timeout=2500-60000 \
Hanno Becker12405e72018-08-13 16:45:46 +01009565 max_frag_len=4096" \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02009566 "$P_CLI dtls=1 debug_level=2 \
9567 crt_file=data_files/server8_int-ca2.crt \
9568 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04009569 hs_timeout=2500-60000 \
Hanno Becker12405e72018-08-13 16:45:46 +01009570 max_frag_len=4096" \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02009571 0 \
9572 -S "found fragmented DTLS handshake message" \
9573 -C "found fragmented DTLS handshake message" \
9574 -C "error"
9575
9576requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
9577requires_config_enabled MBEDTLS_RSA_C
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02009578requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Yuto Takanobc87b1d2021-07-08 15:56:33 +01009579requires_max_content_len 2048
Jerry Yuab082902021-12-23 18:02:22 +08009580requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02009581run_test "DTLS fragmenting: server only (max_frag_len)" \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02009582 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
9583 crt_file=data_files/server7_int-ca.crt \
9584 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04009585 hs_timeout=2500-60000 \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02009586 max_frag_len=1024" \
9587 "$P_CLI dtls=1 debug_level=2 \
9588 crt_file=data_files/server8_int-ca2.crt \
9589 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04009590 hs_timeout=2500-60000 \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02009591 max_frag_len=2048" \
9592 0 \
9593 -S "found fragmented DTLS handshake message" \
9594 -c "found fragmented DTLS handshake message" \
9595 -C "error"
9596
Hanno Becker69ca0ad2018-08-24 12:11:35 +01009597# With the MFL extension, the server has no way of forcing
9598# the client to not exceed a certain MTU; hence, the following
9599# test can't be replicated with an MTU proxy such as the one
9600# `client-initiated, server only (max_frag_len)` below.
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02009601requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
9602requires_config_enabled MBEDTLS_RSA_C
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02009603requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Yuto Takanobc87b1d2021-07-08 15:56:33 +01009604requires_max_content_len 4096
Jerry Yuab082902021-12-23 18:02:22 +08009605requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02009606run_test "DTLS fragmenting: server only (more) (max_frag_len)" \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02009607 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
9608 crt_file=data_files/server7_int-ca.crt \
9609 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04009610 hs_timeout=2500-60000 \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02009611 max_frag_len=512" \
9612 "$P_CLI dtls=1 debug_level=2 \
9613 crt_file=data_files/server8_int-ca2.crt \
9614 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04009615 hs_timeout=2500-60000 \
Hanno Becker69ca0ad2018-08-24 12:11:35 +01009616 max_frag_len=4096" \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02009617 0 \
9618 -S "found fragmented DTLS handshake message" \
9619 -c "found fragmented DTLS handshake message" \
9620 -C "error"
9621
9622requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
9623requires_config_enabled MBEDTLS_RSA_C
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02009624requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Yuto Takanobc87b1d2021-07-08 15:56:33 +01009625requires_max_content_len 2048
Jerry Yuab082902021-12-23 18:02:22 +08009626requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02009627run_test "DTLS fragmenting: client-initiated, server only (max_frag_len)" \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02009628 "$P_SRV dtls=1 debug_level=2 auth_mode=none \
9629 crt_file=data_files/server7_int-ca.crt \
9630 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04009631 hs_timeout=2500-60000 \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02009632 max_frag_len=2048" \
9633 "$P_CLI dtls=1 debug_level=2 \
9634 crt_file=data_files/server8_int-ca2.crt \
9635 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04009636 hs_timeout=2500-60000 \
9637 max_frag_len=1024" \
9638 0 \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02009639 -S "found fragmented DTLS handshake message" \
9640 -c "found fragmented DTLS handshake message" \
9641 -C "error"
9642
Hanno Beckerc92b5c82018-08-24 11:48:01 +01009643# While not required by the standard defining the MFL extension
9644# (according to which it only applies to records, not to datagrams),
9645# Mbed TLS will never send datagrams larger than MFL + { Max record expansion },
9646# as otherwise there wouldn't be any means to communicate MTU restrictions
9647# to the peer.
9648# The next test checks that no datagrams significantly larger than the
9649# negotiated MFL are sent.
9650requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
9651requires_config_enabled MBEDTLS_RSA_C
Hanno Beckerc92b5c82018-08-24 11:48:01 +01009652requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Yuto Takanobc87b1d2021-07-08 15:56:33 +01009653requires_max_content_len 2048
Jerry Yuab082902021-12-23 18:02:22 +08009654requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckerc92b5c82018-08-24 11:48:01 +01009655run_test "DTLS fragmenting: client-initiated, server only (max_frag_len), proxy MTU" \
Andrzej Kurek0fc9cf42018-10-09 03:09:41 -04009656 -p "$P_PXY mtu=1110" \
Hanno Beckerc92b5c82018-08-24 11:48:01 +01009657 "$P_SRV dtls=1 debug_level=2 auth_mode=none \
9658 crt_file=data_files/server7_int-ca.crt \
9659 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04009660 hs_timeout=2500-60000 \
Hanno Beckerc92b5c82018-08-24 11:48:01 +01009661 max_frag_len=2048" \
9662 "$P_CLI dtls=1 debug_level=2 \
9663 crt_file=data_files/server8_int-ca2.crt \
9664 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04009665 hs_timeout=2500-60000 \
9666 max_frag_len=1024" \
Hanno Beckerc92b5c82018-08-24 11:48:01 +01009667 0 \
9668 -S "found fragmented DTLS handshake message" \
9669 -c "found fragmented DTLS handshake message" \
9670 -C "error"
9671
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02009672requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
9673requires_config_enabled MBEDTLS_RSA_C
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02009674requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Yuto Takanobc87b1d2021-07-08 15:56:33 +01009675requires_max_content_len 2048
Jerry Yuab082902021-12-23 18:02:22 +08009676requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02009677run_test "DTLS fragmenting: client-initiated, both (max_frag_len)" \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02009678 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
9679 crt_file=data_files/server7_int-ca.crt \
9680 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04009681 hs_timeout=2500-60000 \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02009682 max_frag_len=2048" \
9683 "$P_CLI dtls=1 debug_level=2 \
9684 crt_file=data_files/server8_int-ca2.crt \
9685 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04009686 hs_timeout=2500-60000 \
9687 max_frag_len=1024" \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02009688 0 \
9689 -s "found fragmented DTLS handshake message" \
9690 -c "found fragmented DTLS handshake message" \
9691 -C "error"
9692
Hanno Beckerc92b5c82018-08-24 11:48:01 +01009693# While not required by the standard defining the MFL extension
9694# (according to which it only applies to records, not to datagrams),
9695# Mbed TLS will never send datagrams larger than MFL + { Max record expansion },
9696# as otherwise there wouldn't be any means to communicate MTU restrictions
9697# to the peer.
9698# The next test checks that no datagrams significantly larger than the
9699# negotiated MFL are sent.
9700requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
9701requires_config_enabled MBEDTLS_RSA_C
Hanno Beckerc92b5c82018-08-24 11:48:01 +01009702requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Yuto Takanobc87b1d2021-07-08 15:56:33 +01009703requires_max_content_len 2048
Jerry Yuab082902021-12-23 18:02:22 +08009704requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckerc92b5c82018-08-24 11:48:01 +01009705run_test "DTLS fragmenting: client-initiated, both (max_frag_len), proxy MTU" \
Andrzej Kurek0fc9cf42018-10-09 03:09:41 -04009706 -p "$P_PXY mtu=1110" \
Hanno Beckerc92b5c82018-08-24 11:48:01 +01009707 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
9708 crt_file=data_files/server7_int-ca.crt \
9709 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04009710 hs_timeout=2500-60000 \
Hanno Beckerc92b5c82018-08-24 11:48:01 +01009711 max_frag_len=2048" \
9712 "$P_CLI dtls=1 debug_level=2 \
9713 crt_file=data_files/server8_int-ca2.crt \
9714 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04009715 hs_timeout=2500-60000 \
9716 max_frag_len=1024" \
Hanno Beckerc92b5c82018-08-24 11:48:01 +01009717 0 \
9718 -s "found fragmented DTLS handshake message" \
9719 -c "found fragmented DTLS handshake message" \
9720 -C "error"
9721
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02009722requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
9723requires_config_enabled MBEDTLS_RSA_C
Yuto Takanobc87b1d2021-07-08 15:56:33 +01009724requires_max_content_len 4096
Jerry Yuab082902021-12-23 18:02:22 +08009725requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02009726run_test "DTLS fragmenting: none (for reference) (MTU)" \
9727 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
9728 crt_file=data_files/server7_int-ca.crt \
9729 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04009730 hs_timeout=2500-60000 \
Hanno Becker12405e72018-08-13 16:45:46 +01009731 mtu=4096" \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02009732 "$P_CLI dtls=1 debug_level=2 \
9733 crt_file=data_files/server8_int-ca2.crt \
9734 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04009735 hs_timeout=2500-60000 \
Hanno Becker12405e72018-08-13 16:45:46 +01009736 mtu=4096" \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02009737 0 \
9738 -S "found fragmented DTLS handshake message" \
9739 -C "found fragmented DTLS handshake message" \
9740 -C "error"
9741
9742requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
9743requires_config_enabled MBEDTLS_RSA_C
Yuto Takanobc87b1d2021-07-08 15:56:33 +01009744requires_max_content_len 4096
Jerry Yuab082902021-12-23 18:02:22 +08009745requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02009746run_test "DTLS fragmenting: client (MTU)" \
9747 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
9748 crt_file=data_files/server7_int-ca.crt \
9749 key_file=data_files/server7.key \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009750 hs_timeout=3500-60000 \
Hanno Becker12405e72018-08-13 16:45:46 +01009751 mtu=4096" \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02009752 "$P_CLI dtls=1 debug_level=2 \
9753 crt_file=data_files/server8_int-ca2.crt \
9754 key_file=data_files/server8.key \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009755 hs_timeout=3500-60000 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04009756 mtu=1024" \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02009757 0 \
9758 -s "found fragmented DTLS handshake message" \
9759 -C "found fragmented DTLS handshake message" \
9760 -C "error"
9761
9762requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
9763requires_config_enabled MBEDTLS_RSA_C
Yuto Takanobc87b1d2021-07-08 15:56:33 +01009764requires_max_content_len 2048
Jerry Yuab082902021-12-23 18:02:22 +08009765requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02009766run_test "DTLS fragmenting: server (MTU)" \
9767 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
9768 crt_file=data_files/server7_int-ca.crt \
9769 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04009770 hs_timeout=2500-60000 \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02009771 mtu=512" \
9772 "$P_CLI dtls=1 debug_level=2 \
9773 crt_file=data_files/server8_int-ca2.crt \
9774 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04009775 hs_timeout=2500-60000 \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02009776 mtu=2048" \
9777 0 \
9778 -S "found fragmented DTLS handshake message" \
9779 -c "found fragmented DTLS handshake message" \
9780 -C "error"
9781
9782requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
9783requires_config_enabled MBEDTLS_RSA_C
Yuto Takanobc87b1d2021-07-08 15:56:33 +01009784requires_max_content_len 2048
Jerry Yuab082902021-12-23 18:02:22 +08009785requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andrzej Kurek7311c782018-10-11 06:49:41 -04009786run_test "DTLS fragmenting: both (MTU=1024)" \
Andrzej Kurek52f84912018-10-05 07:53:40 -04009787 -p "$P_PXY mtu=1024" \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02009788 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
9789 crt_file=data_files/server7_int-ca.crt \
9790 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04009791 hs_timeout=2500-60000 \
Andrzej Kurek95805282018-10-11 08:55:37 -04009792 mtu=1024" \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02009793 "$P_CLI dtls=1 debug_level=2 \
9794 crt_file=data_files/server8_int-ca2.crt \
9795 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04009796 hs_timeout=2500-60000 \
9797 mtu=1024" \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02009798 0 \
9799 -s "found fragmented DTLS handshake message" \
9800 -c "found fragmented DTLS handshake message" \
9801 -C "error"
9802
Andrzej Kurek77826052018-10-11 07:34:08 -04009803# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
Andrzej Kurek7311c782018-10-11 06:49:41 -04009804requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
9805requires_config_enabled MBEDTLS_RSA_C
Andrzej Kurek934e9cd2022-09-05 14:44:46 -04009806requires_hash_alg SHA_256
Andrzej Kurek7311c782018-10-11 06:49:41 -04009807requires_config_enabled MBEDTLS_AES_C
9808requires_config_enabled MBEDTLS_GCM_C
Yuto Takanobc87b1d2021-07-08 15:56:33 +01009809requires_max_content_len 2048
Jerry Yuab082902021-12-23 18:02:22 +08009810requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andrzej Kurek7311c782018-10-11 06:49:41 -04009811run_test "DTLS fragmenting: both (MTU=512)" \
Hanno Becker8d832182018-03-15 10:14:19 +00009812 -p "$P_PXY mtu=512" \
Hanno Becker72a4f032017-11-15 16:39:20 +00009813 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
9814 crt_file=data_files/server7_int-ca.crt \
9815 key_file=data_files/server7.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04009816 hs_timeout=2500-60000 \
Hanno Becker72a4f032017-11-15 16:39:20 +00009817 mtu=512" \
9818 "$P_CLI dtls=1 debug_level=2 \
9819 crt_file=data_files/server8_int-ca2.crt \
9820 key_file=data_files/server8.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04009821 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
9822 hs_timeout=2500-60000 \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +02009823 mtu=512" \
Manuel Pégourié-Gonnard63eca932014-09-08 16:39:08 +02009824 0 \
Manuel Pégourié-Gonnard246c13a2014-09-24 13:56:09 +02009825 -s "found fragmented DTLS handshake message" \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +02009826 -c "found fragmented DTLS handshake message" \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02009827 -C "error"
Manuel Pégourié-Gonnard74a13782014-10-14 22:34:08 +02009828
Andrzej Kurek7311c782018-10-11 06:49:41 -04009829# Test for automatic MTU reduction on repeated resend.
Andrzej Kurek77826052018-10-11 07:34:08 -04009830# Forcing ciphersuite for this test to fit the MTU of 508 with full config.
Andrzej Kurek7311c782018-10-11 06:49:41 -04009831# The ratio of max/min timeout should ideally equal 4 to accept two
9832# retransmissions, but in some cases (like both the server and client using
9833# fragmentation and auto-reduction) an extra retransmission might occur,
9834# hence the ratio of 8.
Hanno Becker37029eb2018-08-29 17:01:40 +01009835not_with_valgrind
Manuel Pégourié-Gonnardb8eec192018-08-20 09:34:02 +02009836requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
9837requires_config_enabled MBEDTLS_RSA_C
Andrzej Kurek7311c782018-10-11 06:49:41 -04009838requires_config_enabled MBEDTLS_AES_C
9839requires_config_enabled MBEDTLS_GCM_C
Yuto Takanobc87b1d2021-07-08 15:56:33 +01009840requires_max_content_len 2048
Jerry Yuab082902021-12-23 18:02:22 +08009841requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine0d8b86a2019-09-20 18:03:11 +02009842run_test "DTLS fragmenting: proxy MTU: auto-reduction (not valgrind)" \
Manuel Pégourié-Gonnardb8eec192018-08-20 09:34:02 +02009843 -p "$P_PXY mtu=508" \
9844 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
9845 crt_file=data_files/server7_int-ca.crt \
Andrzej Kurek7311c782018-10-11 06:49:41 -04009846 key_file=data_files/server7.key \
9847 hs_timeout=400-3200" \
Manuel Pégourié-Gonnardb8eec192018-08-20 09:34:02 +02009848 "$P_CLI dtls=1 debug_level=2 \
9849 crt_file=data_files/server8_int-ca2.crt \
9850 key_file=data_files/server8.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04009851 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
9852 hs_timeout=400-3200" \
Manuel Pégourié-Gonnardb8eec192018-08-20 09:34:02 +02009853 0 \
9854 -s "found fragmented DTLS handshake message" \
9855 -c "found fragmented DTLS handshake message" \
9856 -C "error"
9857
Andrzej Kurek77826052018-10-11 07:34:08 -04009858# Forcing ciphersuite for this test to fit the MTU of 508 with full config.
Hanno Becker108992e2018-08-29 17:04:18 +01009859only_with_valgrind
9860requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
9861requires_config_enabled MBEDTLS_RSA_C
Andrzej Kurek7311c782018-10-11 06:49:41 -04009862requires_config_enabled MBEDTLS_AES_C
9863requires_config_enabled MBEDTLS_GCM_C
Yuto Takanobc87b1d2021-07-08 15:56:33 +01009864requires_max_content_len 2048
Jerry Yuab082902021-12-23 18:02:22 +08009865requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine0d8b86a2019-09-20 18:03:11 +02009866run_test "DTLS fragmenting: proxy MTU: auto-reduction (with valgrind)" \
Hanno Becker108992e2018-08-29 17:04:18 +01009867 -p "$P_PXY mtu=508" \
9868 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
9869 crt_file=data_files/server7_int-ca.crt \
Andrzej Kurek7311c782018-10-11 06:49:41 -04009870 key_file=data_files/server7.key \
Hanno Becker108992e2018-08-29 17:04:18 +01009871 hs_timeout=250-10000" \
9872 "$P_CLI dtls=1 debug_level=2 \
9873 crt_file=data_files/server8_int-ca2.crt \
9874 key_file=data_files/server8.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04009875 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Hanno Becker108992e2018-08-29 17:04:18 +01009876 hs_timeout=250-10000" \
9877 0 \
9878 -s "found fragmented DTLS handshake message" \
9879 -c "found fragmented DTLS handshake message" \
9880 -C "error"
9881
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02009882# the proxy shouldn't drop or mess up anything, so we shouldn't need to resend
Manuel Pégourié-Gonnard3d183ce2018-08-22 09:56:22 +02009883# OTOH the client might resend if the server is to slow to reset after sending
9884# a HelloVerifyRequest, so only check for no retransmission server-side
Andrzej Kurek35f2f302018-10-09 08:52:14 -04009885not_with_valgrind # spurious autoreduction due to timeout
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02009886requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
9887requires_config_enabled MBEDTLS_RSA_C
Yuto Takanobc87b1d2021-07-08 15:56:33 +01009888requires_max_content_len 2048
Jerry Yuab082902021-12-23 18:02:22 +08009889requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andrzej Kurek7311c782018-10-11 06:49:41 -04009890run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=1024)" \
Andrzej Kurek52f84912018-10-05 07:53:40 -04009891 -p "$P_PXY mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02009892 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
9893 crt_file=data_files/server7_int-ca.crt \
9894 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04009895 hs_timeout=10000-60000 \
9896 mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02009897 "$P_CLI dtls=1 debug_level=2 \
9898 crt_file=data_files/server8_int-ca2.crt \
9899 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04009900 hs_timeout=10000-60000 \
9901 mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02009902 0 \
Andrzej Kurek35f2f302018-10-09 08:52:14 -04009903 -S "autoreduction" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02009904 -s "found fragmented DTLS handshake message" \
9905 -c "found fragmented DTLS handshake message" \
9906 -C "error"
9907
Andrzej Kurek77826052018-10-11 07:34:08 -04009908# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
Andrzej Kurek7311c782018-10-11 06:49:41 -04009909# the proxy shouldn't drop or mess up anything, so we shouldn't need to resend
9910# OTOH the client might resend if the server is to slow to reset after sending
9911# a HelloVerifyRequest, so only check for no retransmission server-side
Andrzej Kurek35f2f302018-10-09 08:52:14 -04009912not_with_valgrind # spurious autoreduction due to timeout
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +02009913requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
9914requires_config_enabled MBEDTLS_RSA_C
Andrzej Kurek7311c782018-10-11 06:49:41 -04009915requires_config_enabled MBEDTLS_AES_C
9916requires_config_enabled MBEDTLS_GCM_C
Yuto Takanobc87b1d2021-07-08 15:56:33 +01009917requires_max_content_len 2048
Jerry Yuab082902021-12-23 18:02:22 +08009918requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andrzej Kurek7311c782018-10-11 06:49:41 -04009919run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=512)" \
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +02009920 -p "$P_PXY mtu=512" \
9921 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
9922 crt_file=data_files/server7_int-ca.crt \
9923 key_file=data_files/server7.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04009924 hs_timeout=10000-60000 \
9925 mtu=512" \
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +02009926 "$P_CLI dtls=1 debug_level=2 \
9927 crt_file=data_files/server8_int-ca2.crt \
9928 key_file=data_files/server8.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04009929 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
9930 hs_timeout=10000-60000 \
9931 mtu=512" \
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +02009932 0 \
Andrzej Kurek7311c782018-10-11 06:49:41 -04009933 -S "autoreduction" \
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +02009934 -s "found fragmented DTLS handshake message" \
9935 -c "found fragmented DTLS handshake message" \
9936 -C "error"
9937
Andrzej Kurek7311c782018-10-11 06:49:41 -04009938not_with_valgrind # spurious autoreduction due to timeout
9939requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
9940requires_config_enabled MBEDTLS_RSA_C
Yuto Takanobc87b1d2021-07-08 15:56:33 +01009941requires_max_content_len 2048
Jerry Yuab082902021-12-23 18:02:22 +08009942requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andrzej Kurek7311c782018-10-11 06:49:41 -04009943run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=1024)" \
Andrzej Kurek52f84912018-10-05 07:53:40 -04009944 -p "$P_PXY mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02009945 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
9946 crt_file=data_files/server7_int-ca.crt \
9947 key_file=data_files/server7.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04009948 hs_timeout=10000-60000 \
9949 mtu=1024 nbio=2" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02009950 "$P_CLI dtls=1 debug_level=2 \
9951 crt_file=data_files/server8_int-ca2.crt \
9952 key_file=data_files/server8.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04009953 hs_timeout=10000-60000 \
9954 mtu=1024 nbio=2" \
9955 0 \
9956 -S "autoreduction" \
9957 -s "found fragmented DTLS handshake message" \
9958 -c "found fragmented DTLS handshake message" \
9959 -C "error"
9960
Andrzej Kurek77826052018-10-11 07:34:08 -04009961# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
Andrzej Kurek7311c782018-10-11 06:49:41 -04009962not_with_valgrind # spurious autoreduction due to timeout
9963requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
9964requires_config_enabled MBEDTLS_RSA_C
Andrzej Kurek7311c782018-10-11 06:49:41 -04009965requires_config_enabled MBEDTLS_AES_C
9966requires_config_enabled MBEDTLS_GCM_C
Yuto Takanobc87b1d2021-07-08 15:56:33 +01009967requires_max_content_len 2048
Jerry Yuab082902021-12-23 18:02:22 +08009968requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Andrzej Kurek7311c782018-10-11 06:49:41 -04009969run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=512)" \
9970 -p "$P_PXY mtu=512" \
9971 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
9972 crt_file=data_files/server7_int-ca.crt \
9973 key_file=data_files/server7.key \
9974 hs_timeout=10000-60000 \
9975 mtu=512 nbio=2" \
9976 "$P_CLI dtls=1 debug_level=2 \
9977 crt_file=data_files/server8_int-ca2.crt \
9978 key_file=data_files/server8.key \
9979 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
9980 hs_timeout=10000-60000 \
9981 mtu=512 nbio=2" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02009982 0 \
Andrzej Kurek35f2f302018-10-09 08:52:14 -04009983 -S "autoreduction" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02009984 -s "found fragmented DTLS handshake message" \
9985 -c "found fragmented DTLS handshake message" \
9986 -C "error"
9987
Andrzej Kurek77826052018-10-11 07:34:08 -04009988# Forcing ciphersuite for this test to fit the MTU of 1450 with full config.
Hanno Beckerb841b4f2018-08-28 10:25:51 +01009989# This ensures things still work after session_reset().
9990# It also exercises the "resumed handshake" flow.
Manuel Pégourié-Gonnard19c62f92018-08-16 10:50:39 +02009991# Since we don't support reading fragmented ClientHello yet,
9992# up the MTU to 1450 (larger than ClientHello with session ticket,
9993# but still smaller than client's Certificate to ensure fragmentation).
Andrzej Kurek35f2f302018-10-09 08:52:14 -04009994# An autoreduction on the client-side might happen if the server is
9995# slow to reset, therefore omitting '-C "autoreduction"' below.
Manuel Pégourié-Gonnard2f2d9022018-08-21 12:17:54 +02009996# reco_delay avoids races where the client reconnects before the server has
Andrzej Kurek35f2f302018-10-09 08:52:14 -04009997# resumed listening, which would result in a spurious autoreduction.
9998not_with_valgrind # spurious autoreduction due to timeout
Manuel Pégourié-Gonnard19c62f92018-08-16 10:50:39 +02009999requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
10000requires_config_enabled MBEDTLS_RSA_C
Andrzej Kurek7311c782018-10-11 06:49:41 -040010001requires_config_enabled MBEDTLS_AES_C
10002requires_config_enabled MBEDTLS_GCM_C
Yuto Takanobc87b1d2021-07-08 15:56:33 +010010003requires_max_content_len 2048
Jerry Yuab082902021-12-23 18:02:22 +080010004requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard19c62f92018-08-16 10:50:39 +020010005run_test "DTLS fragmenting: proxy MTU, resumed handshake" \
10006 -p "$P_PXY mtu=1450" \
10007 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
10008 crt_file=data_files/server7_int-ca.crt \
10009 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -040010010 hs_timeout=10000-60000 \
Manuel Pégourié-Gonnard19c62f92018-08-16 10:50:39 +020010011 mtu=1450" \
10012 "$P_CLI dtls=1 debug_level=2 \
10013 crt_file=data_files/server8_int-ca2.crt \
10014 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -040010015 hs_timeout=10000-60000 \
Andrzej Kurek7311c782018-10-11 06:49:41 -040010016 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Jerry Yua15af372022-12-05 15:55:24 +080010017 mtu=1450 reconnect=1 skip_close_notify=1 reco_delay=1000" \
Manuel Pégourié-Gonnard19c62f92018-08-16 10:50:39 +020010018 0 \
Andrzej Kurek35f2f302018-10-09 08:52:14 -040010019 -S "autoreduction" \
Manuel Pégourié-Gonnard19c62f92018-08-16 10:50:39 +020010020 -s "found fragmented DTLS handshake message" \
10021 -c "found fragmented DTLS handshake message" \
10022 -C "error"
10023
Andrzej Kurek35f2f302018-10-09 08:52:14 -040010024# An autoreduction on the client-side might happen if the server is
10025# slow to reset, therefore omitting '-C "autoreduction"' below.
10026not_with_valgrind # spurious autoreduction due to timeout
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010027requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
10028requires_config_enabled MBEDTLS_RSA_C
Andrzej Kurek934e9cd2022-09-05 14:44:46 -040010029requires_hash_alg SHA_256
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010030requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
10031requires_config_enabled MBEDTLS_CHACHAPOLY_C
Yuto Takanobc87b1d2021-07-08 15:56:33 +010010032requires_max_content_len 2048
Jerry Yuab082902021-12-23 18:02:22 +080010033requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010034run_test "DTLS fragmenting: proxy MTU, ChachaPoly renego" \
10035 -p "$P_PXY mtu=512" \
10036 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
10037 crt_file=data_files/server7_int-ca.crt \
10038 key_file=data_files/server7.key \
10039 exchanges=2 renegotiation=1 \
Andrzej Kurek52f84912018-10-05 07:53:40 -040010040 hs_timeout=10000-60000 \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010041 mtu=512" \
10042 "$P_CLI dtls=1 debug_level=2 \
10043 crt_file=data_files/server8_int-ca2.crt \
10044 key_file=data_files/server8.key \
10045 exchanges=2 renegotiation=1 renegotiate=1 \
Andrzej Kurek7311c782018-10-11 06:49:41 -040010046 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Andrzej Kurek52f84912018-10-05 07:53:40 -040010047 hs_timeout=10000-60000 \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010048 mtu=512" \
10049 0 \
Andrzej Kurek35f2f302018-10-09 08:52:14 -040010050 -S "autoreduction" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010051 -s "found fragmented DTLS handshake message" \
10052 -c "found fragmented DTLS handshake message" \
10053 -C "error"
10054
Andrzej Kurek35f2f302018-10-09 08:52:14 -040010055# An autoreduction on the client-side might happen if the server is
10056# slow to reset, therefore omitting '-C "autoreduction"' below.
10057not_with_valgrind # spurious autoreduction due to timeout
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010058requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
10059requires_config_enabled MBEDTLS_RSA_C
Andrzej Kurek934e9cd2022-09-05 14:44:46 -040010060requires_hash_alg SHA_256
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010061requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
10062requires_config_enabled MBEDTLS_AES_C
10063requires_config_enabled MBEDTLS_GCM_C
Yuto Takanobc87b1d2021-07-08 15:56:33 +010010064requires_max_content_len 2048
Jerry Yuab082902021-12-23 18:02:22 +080010065requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010066run_test "DTLS fragmenting: proxy MTU, AES-GCM renego" \
10067 -p "$P_PXY mtu=512" \
10068 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
10069 crt_file=data_files/server7_int-ca.crt \
10070 key_file=data_files/server7.key \
10071 exchanges=2 renegotiation=1 \
Andrzej Kurek52f84912018-10-05 07:53:40 -040010072 hs_timeout=10000-60000 \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010073 mtu=512" \
10074 "$P_CLI dtls=1 debug_level=2 \
10075 crt_file=data_files/server8_int-ca2.crt \
10076 key_file=data_files/server8.key \
10077 exchanges=2 renegotiation=1 renegotiate=1 \
Andrzej Kurek7311c782018-10-11 06:49:41 -040010078 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Andrzej Kurek52f84912018-10-05 07:53:40 -040010079 hs_timeout=10000-60000 \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010080 mtu=512" \
10081 0 \
Andrzej Kurek35f2f302018-10-09 08:52:14 -040010082 -S "autoreduction" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010083 -s "found fragmented DTLS handshake message" \
10084 -c "found fragmented DTLS handshake message" \
10085 -C "error"
10086
Andrzej Kurek35f2f302018-10-09 08:52:14 -040010087# An autoreduction on the client-side might happen if the server is
10088# slow to reset, therefore omitting '-C "autoreduction"' below.
10089not_with_valgrind # spurious autoreduction due to timeout
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010090requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
10091requires_config_enabled MBEDTLS_RSA_C
Andrzej Kurek934e9cd2022-09-05 14:44:46 -040010092requires_hash_alg SHA_256
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010093requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
10094requires_config_enabled MBEDTLS_AES_C
10095requires_config_enabled MBEDTLS_CCM_C
Yuto Takanobc87b1d2021-07-08 15:56:33 +010010096requires_max_content_len 2048
Jerry Yuab082902021-12-23 18:02:22 +080010097requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010098run_test "DTLS fragmenting: proxy MTU, AES-CCM renego" \
Andrzej Kurek52f84912018-10-05 07:53:40 -040010099 -p "$P_PXY mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010100 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
10101 crt_file=data_files/server7_int-ca.crt \
10102 key_file=data_files/server7.key \
10103 exchanges=2 renegotiation=1 \
10104 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 \
Andrzej Kurek52f84912018-10-05 07:53:40 -040010105 hs_timeout=10000-60000 \
10106 mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010107 "$P_CLI dtls=1 debug_level=2 \
10108 crt_file=data_files/server8_int-ca2.crt \
10109 key_file=data_files/server8.key \
10110 exchanges=2 renegotiation=1 renegotiate=1 \
Andrzej Kurek52f84912018-10-05 07:53:40 -040010111 hs_timeout=10000-60000 \
10112 mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010113 0 \
Andrzej Kurek35f2f302018-10-09 08:52:14 -040010114 -S "autoreduction" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010115 -s "found fragmented DTLS handshake message" \
10116 -c "found fragmented DTLS handshake message" \
10117 -C "error"
10118
Andrzej Kurek35f2f302018-10-09 08:52:14 -040010119# An autoreduction on the client-side might happen if the server is
10120# slow to reset, therefore omitting '-C "autoreduction"' below.
10121not_with_valgrind # spurious autoreduction due to timeout
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010122requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
10123requires_config_enabled MBEDTLS_RSA_C
Andrzej Kurek934e9cd2022-09-05 14:44:46 -040010124requires_hash_alg SHA_256
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010125requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
10126requires_config_enabled MBEDTLS_AES_C
10127requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
10128requires_config_enabled MBEDTLS_SSL_ENCRYPT_THEN_MAC
Yuto Takanobc87b1d2021-07-08 15:56:33 +010010129requires_max_content_len 2048
Jerry Yuab082902021-12-23 18:02:22 +080010130requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010131run_test "DTLS fragmenting: proxy MTU, AES-CBC EtM renego" \
Andrzej Kurek52f84912018-10-05 07:53:40 -040010132 -p "$P_PXY mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010133 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
10134 crt_file=data_files/server7_int-ca.crt \
10135 key_file=data_files/server7.key \
10136 exchanges=2 renegotiation=1 \
10137 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 \
Andrzej Kurek52f84912018-10-05 07:53:40 -040010138 hs_timeout=10000-60000 \
10139 mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010140 "$P_CLI dtls=1 debug_level=2 \
10141 crt_file=data_files/server8_int-ca2.crt \
10142 key_file=data_files/server8.key \
10143 exchanges=2 renegotiation=1 renegotiate=1 \
Andrzej Kurek52f84912018-10-05 07:53:40 -040010144 hs_timeout=10000-60000 \
10145 mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010146 0 \
Andrzej Kurek35f2f302018-10-09 08:52:14 -040010147 -S "autoreduction" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010148 -s "found fragmented DTLS handshake message" \
10149 -c "found fragmented DTLS handshake message" \
10150 -C "error"
10151
Andrzej Kurek35f2f302018-10-09 08:52:14 -040010152# An autoreduction on the client-side might happen if the server is
10153# slow to reset, therefore omitting '-C "autoreduction"' below.
10154not_with_valgrind # spurious autoreduction due to timeout
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010155requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
10156requires_config_enabled MBEDTLS_RSA_C
Andrzej Kurek934e9cd2022-09-05 14:44:46 -040010157requires_hash_alg SHA_256
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010158requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
10159requires_config_enabled MBEDTLS_AES_C
10160requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
Yuto Takanobc87b1d2021-07-08 15:56:33 +010010161requires_max_content_len 2048
Jerry Yuab082902021-12-23 18:02:22 +080010162requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010163run_test "DTLS fragmenting: proxy MTU, AES-CBC non-EtM renego" \
Andrzej Kurek52f84912018-10-05 07:53:40 -040010164 -p "$P_PXY mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010165 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
10166 crt_file=data_files/server7_int-ca.crt \
10167 key_file=data_files/server7.key \
10168 exchanges=2 renegotiation=1 \
10169 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 etm=0 \
Andrzej Kurek52f84912018-10-05 07:53:40 -040010170 hs_timeout=10000-60000 \
10171 mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010172 "$P_CLI dtls=1 debug_level=2 \
10173 crt_file=data_files/server8_int-ca2.crt \
10174 key_file=data_files/server8.key \
10175 exchanges=2 renegotiation=1 renegotiate=1 \
Andrzej Kurek52f84912018-10-05 07:53:40 -040010176 hs_timeout=10000-60000 \
10177 mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010178 0 \
Andrzej Kurek35f2f302018-10-09 08:52:14 -040010179 -S "autoreduction" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +020010180 -s "found fragmented DTLS handshake message" \
10181 -c "found fragmented DTLS handshake message" \
10182 -C "error"
10183
Andrzej Kurek77826052018-10-11 07:34:08 -040010184# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
Manuel Pégourié-Gonnard2d56f0d2018-08-16 11:09:03 +020010185requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
10186requires_config_enabled MBEDTLS_RSA_C
Andrzej Kurek7311c782018-10-11 06:49:41 -040010187requires_config_enabled MBEDTLS_AES_C
10188requires_config_enabled MBEDTLS_GCM_C
Manuel Pégourié-Gonnard2d56f0d2018-08-16 11:09:03 +020010189client_needs_more_time 2
Yuto Takanobc87b1d2021-07-08 15:56:33 +010010190requires_max_content_len 2048
Jerry Yuab082902021-12-23 18:02:22 +080010191requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard2d56f0d2018-08-16 11:09:03 +020010192run_test "DTLS fragmenting: proxy MTU + 3d" \
10193 -p "$P_PXY mtu=512 drop=8 delay=8 duplicate=8" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +010010194 "$P_SRV dgram_packing=0 dtls=1 debug_level=2 auth_mode=required \
Manuel Pégourié-Gonnard2d56f0d2018-08-16 11:09:03 +020010195 crt_file=data_files/server7_int-ca.crt \
10196 key_file=data_files/server7.key \
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +020010197 hs_timeout=250-10000 mtu=512" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +010010198 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
Manuel Pégourié-Gonnard2d56f0d2018-08-16 11:09:03 +020010199 crt_file=data_files/server8_int-ca2.crt \
10200 key_file=data_files/server8.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -040010201 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +020010202 hs_timeout=250-10000 mtu=512" \
Manuel Pégourié-Gonnard2d56f0d2018-08-16 11:09:03 +020010203 0 \
10204 -s "found fragmented DTLS handshake message" \
10205 -c "found fragmented DTLS handshake message" \
10206 -C "error"
10207
Andrzej Kurek77826052018-10-11 07:34:08 -040010208# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +020010209requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
10210requires_config_enabled MBEDTLS_RSA_C
Andrzej Kurek7311c782018-10-11 06:49:41 -040010211requires_config_enabled MBEDTLS_AES_C
10212requires_config_enabled MBEDTLS_GCM_C
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +020010213client_needs_more_time 2
Yuto Takanobc87b1d2021-07-08 15:56:33 +010010214requires_max_content_len 2048
Jerry Yuab082902021-12-23 18:02:22 +080010215requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +020010216run_test "DTLS fragmenting: proxy MTU + 3d, nbio" \
10217 -p "$P_PXY mtu=512 drop=8 delay=8 duplicate=8" \
10218 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
10219 crt_file=data_files/server7_int-ca.crt \
10220 key_file=data_files/server7.key \
10221 hs_timeout=250-10000 mtu=512 nbio=2" \
10222 "$P_CLI dtls=1 debug_level=2 \
10223 crt_file=data_files/server8_int-ca2.crt \
10224 key_file=data_files/server8.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -040010225 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +020010226 hs_timeout=250-10000 mtu=512 nbio=2" \
10227 0 \
10228 -s "found fragmented DTLS handshake message" \
10229 -c "found fragmented DTLS handshake message" \
10230 -C "error"
10231
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +020010232# interop tests for DTLS fragmentating with reliable connection
10233#
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +020010234# here and below we just want to test that the we fragment in a way that
10235# pleases other implementations, so we don't need the peer to fragment
10236requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
10237requires_config_enabled MBEDTLS_RSA_C
Manuel Pégourié-Gonnard61512982018-08-21 09:40:07 +020010238requires_gnutls
Yuto Takanobc87b1d2021-07-08 15:56:33 +010010239requires_max_content_len 2048
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +020010240run_test "DTLS fragmenting: gnutls server, DTLS 1.2" \
10241 "$G_SRV -u" \
10242 "$P_CLI dtls=1 debug_level=2 \
10243 crt_file=data_files/server8_int-ca2.crt \
10244 key_file=data_files/server8.key \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +000010245 mtu=512 force_version=dtls12" \
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +020010246 0 \
10247 -c "fragmenting handshake message" \
10248 -C "error"
10249
Hanno Beckerb9a00862018-08-28 10:20:22 +010010250# We use --insecure for the GnuTLS client because it expects
10251# the hostname / IP it connects to to be the name used in the
10252# certificate obtained from the server. Here, however, it
10253# connects to 127.0.0.1 while our test certificates use 'localhost'
10254# as the server name in the certificate. This will make the
Shaun Case8b0ecbc2021-12-20 21:14:10 -080010255# certificate validation fail, but passing --insecure makes
Hanno Beckerb9a00862018-08-28 10:20:22 +010010256# GnuTLS continue the connection nonetheless.
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +020010257requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
10258requires_config_enabled MBEDTLS_RSA_C
Manuel Pégourié-Gonnard61512982018-08-21 09:40:07 +020010259requires_gnutls
Andrzej Kurekb4593462018-10-11 08:43:30 -040010260requires_not_i686
Yuto Takanobc87b1d2021-07-08 15:56:33 +010010261requires_max_content_len 2048
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +020010262run_test "DTLS fragmenting: gnutls client, DTLS 1.2" \
Valerio Setti3b2c0282023-03-08 10:22:29 +010010263 "$P_SRV dtls=1 debug_level=2 \
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +020010264 crt_file=data_files/server7_int-ca.crt \
10265 key_file=data_files/server7.key \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +000010266 mtu=512 force_version=dtls12" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +020010267 "$G_CLI -u --insecure 127.0.0.1" \
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +020010268 0 \
10269 -s "fragmenting handshake message"
10270
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +020010271requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
10272requires_config_enabled MBEDTLS_RSA_C
Yuto Takanobc87b1d2021-07-08 15:56:33 +010010273requires_max_content_len 2048
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +020010274run_test "DTLS fragmenting: openssl server, DTLS 1.2" \
10275 "$O_SRV -dtls1_2 -verify 10" \
10276 "$P_CLI dtls=1 debug_level=2 \
10277 crt_file=data_files/server8_int-ca2.crt \
10278 key_file=data_files/server8.key \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +000010279 mtu=512 force_version=dtls12" \
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +020010280 0 \
10281 -c "fragmenting handshake message" \
10282 -C "error"
10283
10284requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
10285requires_config_enabled MBEDTLS_RSA_C
Yuto Takanobc87b1d2021-07-08 15:56:33 +010010286requires_max_content_len 2048
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +020010287run_test "DTLS fragmenting: openssl client, DTLS 1.2" \
10288 "$P_SRV dtls=1 debug_level=2 \
10289 crt_file=data_files/server7_int-ca.crt \
10290 key_file=data_files/server7.key \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +000010291 mtu=512 force_version=dtls12" \
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +020010292 "$O_CLI -dtls1_2" \
10293 0 \
10294 -s "fragmenting handshake message"
10295
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +020010296# interop tests for DTLS fragmentating with unreliable connection
10297#
10298# again we just want to test that the we fragment in a way that
10299# pleases other implementations, so we don't need the peer to fragment
10300requires_gnutls_next
10301requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
10302requires_config_enabled MBEDTLS_RSA_C
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +020010303client_needs_more_time 4
Yuto Takanobc87b1d2021-07-08 15:56:33 +010010304requires_max_content_len 2048
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +020010305run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.2" \
10306 -p "$P_PXY drop=8 delay=8 duplicate=8" \
10307 "$G_NEXT_SRV -u" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +010010308 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +020010309 crt_file=data_files/server8_int-ca2.crt \
10310 key_file=data_files/server8.key \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +000010311 hs_timeout=250-60000 mtu=512 force_version=dtls12" \
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +020010312 0 \
10313 -c "fragmenting handshake message" \
10314 -C "error"
10315
10316requires_gnutls_next
10317requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
10318requires_config_enabled MBEDTLS_RSA_C
Hanno Becker3b8b40c2018-08-28 10:25:41 +010010319client_needs_more_time 4
Yuto Takanobc87b1d2021-07-08 15:56:33 +010010320requires_max_content_len 2048
Hanno Becker3b8b40c2018-08-28 10:25:41 +010010321run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.2" \
10322 -p "$P_PXY drop=8 delay=8 duplicate=8" \
10323 "$P_SRV dtls=1 debug_level=2 \
10324 crt_file=data_files/server7_int-ca.crt \
10325 key_file=data_files/server7.key \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +000010326 hs_timeout=250-60000 mtu=512 force_version=dtls12" \
k-stachowiak17a38d32019-02-18 15:29:56 +010010327 "$G_NEXT_CLI -u --insecure 127.0.0.1" \
Hanno Becker3b8b40c2018-08-28 10:25:41 +010010328 0 \
10329 -s "fragmenting handshake message"
10330
Zhangsen Wang91385122022-07-12 01:48:17 +000010331## The test below requires 1.1.1a or higher version of openssl, otherwise
10332## it might trigger a bug due to openssl server (https://github.com/openssl/openssl/issues/6902)
Zhangsen Wang87a9c862022-06-28 06:10:35 +000010333requires_openssl_next
Hanno Becker3b8b40c2018-08-28 10:25:41 +010010334requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
10335requires_config_enabled MBEDTLS_RSA_C
Hanno Becker3b8b40c2018-08-28 10:25:41 +010010336client_needs_more_time 4
Yuto Takanobc87b1d2021-07-08 15:56:33 +010010337requires_max_content_len 2048
Hanno Becker3b8b40c2018-08-28 10:25:41 +010010338run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.2" \
10339 -p "$P_PXY drop=8 delay=8 duplicate=8" \
Zhangsen Wang87a9c862022-06-28 06:10:35 +000010340 "$O_NEXT_SRV -dtls1_2 -verify 10" \
Hanno Becker3b8b40c2018-08-28 10:25:41 +010010341 "$P_CLI dtls=1 debug_level=2 \
10342 crt_file=data_files/server8_int-ca2.crt \
10343 key_file=data_files/server8.key \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +000010344 hs_timeout=250-60000 mtu=512 force_version=dtls12" \
Hanno Becker3b8b40c2018-08-28 10:25:41 +010010345 0 \
10346 -c "fragmenting handshake message" \
10347 -C "error"
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +020010348
Zhangsen Wangd5e8a482022-07-29 07:53:36 +000010349## the test below will time out with certain seed.
Zhangsen Wangbaeffbb2022-07-29 06:34:47 +000010350## The cause is an openssl bug (https://github.com/openssl/openssl/issues/18887)
10351skip_next_test
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +020010352requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
10353requires_config_enabled MBEDTLS_RSA_C
Manuel Pégourié-Gonnardc1eda672018-09-03 10:41:49 +020010354client_needs_more_time 4
Yuto Takanobc87b1d2021-07-08 15:56:33 +010010355requires_max_content_len 2048
Manuel Pégourié-Gonnardc1eda672018-09-03 10:41:49 +020010356run_test "DTLS fragmenting: 3d, openssl client, DTLS 1.2" \
10357 -p "$P_PXY drop=8 delay=8 duplicate=8" \
10358 "$P_SRV dtls=1 debug_level=2 \
10359 crt_file=data_files/server7_int-ca.crt \
10360 key_file=data_files/server7.key \
Xiaofei Bai8b5c3822021-12-02 08:43:35 +000010361 hs_timeout=250-60000 mtu=512 force_version=dtls12" \
Manuel Pégourié-Gonnardc1eda672018-09-03 10:41:49 +020010362 "$O_CLI -dtls1_2" \
10363 0 \
10364 -s "fragmenting handshake message"
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +020010365
Ron Eldorb4655392018-07-05 18:25:39 +030010366# Tests for DTLS-SRTP (RFC 5764)
10367requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Jerry Yuab082902021-12-23 18:02:22 +080010368requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ron Eldorb4655392018-07-05 18:25:39 +030010369run_test "DTLS-SRTP all profiles supported" \
10370 "$P_SRV dtls=1 use_srtp=1 debug_level=3" \
10371 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
10372 0 \
10373 -s "found use_srtp extension" \
10374 -s "found srtp profile" \
10375 -s "selected srtp profile" \
10376 -s "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +020010377 -s "DTLS-SRTP key material is"\
Ron Eldorb4655392018-07-05 18:25:39 +030010378 -c "client hello, adding use_srtp extension" \
10379 -c "found use_srtp extension" \
10380 -c "found srtp profile" \
10381 -c "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +020010382 -c "DTLS-SRTP key material is"\
Johan Pascal9bc50b02020-09-24 12:01:13 +020010383 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
Ron Eldorb4655392018-07-05 18:25:39 +030010384 -C "error"
10385
Johan Pascal9bc50b02020-09-24 12:01:13 +020010386
Ron Eldorb4655392018-07-05 18:25:39 +030010387requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Jerry Yuab082902021-12-23 18:02:22 +080010388requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ron Eldorb4655392018-07-05 18:25:39 +030010389run_test "DTLS-SRTP server supports all profiles. Client supports one profile." \
10390 "$P_SRV dtls=1 use_srtp=1 debug_level=3" \
Johan Pascal43f94902020-09-22 12:25:52 +020010391 "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=5 debug_level=3" \
Ron Eldorb4655392018-07-05 18:25:39 +030010392 0 \
10393 -s "found use_srtp extension" \
Johan Pascal43f94902020-09-22 12:25:52 +020010394 -s "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" \
10395 -s "selected srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" \
Ron Eldorb4655392018-07-05 18:25:39 +030010396 -s "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +020010397 -s "DTLS-SRTP key material is"\
Ron Eldorb4655392018-07-05 18:25:39 +030010398 -c "client hello, adding use_srtp extension" \
10399 -c "found use_srtp extension" \
Johan Pascal43f94902020-09-22 12:25:52 +020010400 -c "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" \
Ron Eldorb4655392018-07-05 18:25:39 +030010401 -c "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +020010402 -c "DTLS-SRTP key material is"\
Johan Pascal9bc50b02020-09-24 12:01:13 +020010403 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
Ron Eldorb4655392018-07-05 18:25:39 +030010404 -C "error"
10405
10406requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Jerry Yuab082902021-12-23 18:02:22 +080010407requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010408run_test "DTLS-SRTP server supports one profile. Client supports all profiles." \
Johan Pascal43f94902020-09-22 12:25:52 +020010409 "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=6 debug_level=3" \
Ron Eldorb4655392018-07-05 18:25:39 +030010410 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
10411 0 \
10412 -s "found use_srtp extension" \
10413 -s "found srtp profile" \
Johan Pascal43f94902020-09-22 12:25:52 +020010414 -s "selected srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" \
Ron Eldorb4655392018-07-05 18:25:39 +030010415 -s "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +020010416 -s "DTLS-SRTP key material is"\
Ron Eldorb4655392018-07-05 18:25:39 +030010417 -c "client hello, adding use_srtp extension" \
10418 -c "found use_srtp extension" \
Johan Pascal43f94902020-09-22 12:25:52 +020010419 -c "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" \
Ron Eldorb4655392018-07-05 18:25:39 +030010420 -c "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +020010421 -c "DTLS-SRTP key material is"\
Johan Pascal9bc50b02020-09-24 12:01:13 +020010422 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
Ron Eldorb4655392018-07-05 18:25:39 +030010423 -C "error"
10424
10425requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Jerry Yuab082902021-12-23 18:02:22 +080010426requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ron Eldorb4655392018-07-05 18:25:39 +030010427run_test "DTLS-SRTP server and Client support only one matching profile." \
10428 "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
10429 "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
10430 0 \
10431 -s "found use_srtp extension" \
Johan Pascal43f94902020-09-22 12:25:52 +020010432 -s "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
10433 -s "selected srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
Ron Eldorb4655392018-07-05 18:25:39 +030010434 -s "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +020010435 -s "DTLS-SRTP key material is"\
Ron Eldorb4655392018-07-05 18:25:39 +030010436 -c "client hello, adding use_srtp extension" \
10437 -c "found use_srtp extension" \
Johan Pascal43f94902020-09-22 12:25:52 +020010438 -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
Ron Eldorb4655392018-07-05 18:25:39 +030010439 -c "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +020010440 -c "DTLS-SRTP key material is"\
Johan Pascal9bc50b02020-09-24 12:01:13 +020010441 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
Ron Eldorb4655392018-07-05 18:25:39 +030010442 -C "error"
10443
10444requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Jerry Yuab082902021-12-23 18:02:22 +080010445requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ron Eldorb4655392018-07-05 18:25:39 +030010446run_test "DTLS-SRTP server and Client support only one different profile." \
10447 "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
Johan Pascal43f94902020-09-22 12:25:52 +020010448 "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=6 debug_level=3" \
Ron Eldorb4655392018-07-05 18:25:39 +030010449 0 \
10450 -s "found use_srtp extension" \
Johan Pascal43f94902020-09-22 12:25:52 +020010451 -s "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" \
Ron Eldorb4655392018-07-05 18:25:39 +030010452 -S "selected srtp profile" \
10453 -S "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +020010454 -S "DTLS-SRTP key material is"\
Ron Eldorb4655392018-07-05 18:25:39 +030010455 -c "client hello, adding use_srtp extension" \
10456 -C "found use_srtp extension" \
10457 -C "found srtp profile" \
10458 -C "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +020010459 -C "DTLS-SRTP key material is"\
Ron Eldorb4655392018-07-05 18:25:39 +030010460 -C "error"
10461
10462requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Jerry Yuab082902021-12-23 18:02:22 +080010463requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ron Eldorb4655392018-07-05 18:25:39 +030010464run_test "DTLS-SRTP server doesn't support use_srtp extension." \
10465 "$P_SRV dtls=1 debug_level=3" \
10466 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
10467 0 \
10468 -s "found use_srtp extension" \
10469 -S "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +020010470 -S "DTLS-SRTP key material is"\
Ron Eldorb4655392018-07-05 18:25:39 +030010471 -c "client hello, adding use_srtp extension" \
10472 -C "found use_srtp extension" \
10473 -C "found srtp profile" \
10474 -C "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +020010475 -C "DTLS-SRTP key material is"\
Ron Eldorb4655392018-07-05 18:25:39 +030010476 -C "error"
10477
10478requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Jerry Yuab082902021-12-23 18:02:22 +080010479requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ron Eldorb4655392018-07-05 18:25:39 +030010480run_test "DTLS-SRTP all profiles supported. mki used" \
10481 "$P_SRV dtls=1 use_srtp=1 support_mki=1 debug_level=3" \
10482 "$P_CLI dtls=1 use_srtp=1 mki=542310ab34290481 debug_level=3" \
10483 0 \
10484 -s "found use_srtp extension" \
10485 -s "found srtp profile" \
10486 -s "selected srtp profile" \
10487 -s "server hello, adding use_srtp extension" \
10488 -s "dumping 'using mki' (8 bytes)" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +020010489 -s "DTLS-SRTP key material is"\
Ron Eldorb4655392018-07-05 18:25:39 +030010490 -c "client hello, adding use_srtp extension" \
10491 -c "found use_srtp extension" \
10492 -c "found srtp profile" \
10493 -c "selected srtp profile" \
10494 -c "dumping 'sending mki' (8 bytes)" \
10495 -c "dumping 'received mki' (8 bytes)" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +020010496 -c "DTLS-SRTP key material is"\
Johan Pascal9bc50b02020-09-24 12:01:13 +020010497 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
Johan Pascal20c7db32020-10-26 22:45:58 +010010498 -g "find_in_both '^ *DTLS-SRTP mki value: [0-9A-F]*$'"\
Ron Eldorb4655392018-07-05 18:25:39 +030010499 -C "error"
10500
10501requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Jerry Yuab082902021-12-23 18:02:22 +080010502requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ron Eldorb4655392018-07-05 18:25:39 +030010503run_test "DTLS-SRTP all profiles supported. server doesn't support mki." \
10504 "$P_SRV dtls=1 use_srtp=1 debug_level=3" \
10505 "$P_CLI dtls=1 use_srtp=1 mki=542310ab34290481 debug_level=3" \
10506 0 \
10507 -s "found use_srtp extension" \
10508 -s "found srtp profile" \
10509 -s "selected srtp profile" \
10510 -s "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +020010511 -s "DTLS-SRTP key material is"\
Johan Pascal5ef72d22020-10-28 17:05:47 +010010512 -s "DTLS-SRTP no mki value negotiated"\
Ron Eldorb4655392018-07-05 18:25:39 +030010513 -S "dumping 'using mki' (8 bytes)" \
10514 -c "client hello, adding use_srtp extension" \
10515 -c "found use_srtp extension" \
10516 -c "found srtp profile" \
10517 -c "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +020010518 -c "DTLS-SRTP key material is"\
Johan Pascal5ef72d22020-10-28 17:05:47 +010010519 -c "DTLS-SRTP no mki value negotiated"\
Johan Pascal9bc50b02020-09-24 12:01:13 +020010520 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
Ron Eldorb4655392018-07-05 18:25:39 +030010521 -c "dumping 'sending mki' (8 bytes)" \
10522 -C "dumping 'received mki' (8 bytes)" \
10523 -C "error"
10524
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010525requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Jerry Yuab082902021-12-23 18:02:22 +080010526requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
TRodziewicz4ca18aa2021-05-20 14:46:20 +020010527run_test "DTLS-SRTP all profiles supported. openssl client." \
10528 "$P_SRV dtls=1 use_srtp=1 debug_level=3" \
10529 "$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
10530 0 \
10531 -s "found use_srtp extension" \
10532 -s "found srtp profile" \
10533 -s "selected srtp profile" \
10534 -s "server hello, adding use_srtp extension" \
10535 -s "DTLS-SRTP key material is"\
10536 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
10537 -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_80"
10538
10539requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Jerry Yuab082902021-12-23 18:02:22 +080010540requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
TRodziewicz4ca18aa2021-05-20 14:46:20 +020010541run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, in different order. openssl client." \
10542 "$P_SRV dtls=1 use_srtp=1 debug_level=3" \
10543 "$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_32:SRTP_AES128_CM_SHA1_80 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
10544 0 \
10545 -s "found use_srtp extension" \
10546 -s "found srtp profile" \
10547 -s "selected srtp profile" \
10548 -s "server hello, adding use_srtp extension" \
10549 -s "DTLS-SRTP key material is"\
10550 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
10551 -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32"
10552
10553requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Jerry Yuab082902021-12-23 18:02:22 +080010554requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
TRodziewicz4ca18aa2021-05-20 14:46:20 +020010555run_test "DTLS-SRTP server supports all profiles. Client supports one profile. openssl client." \
10556 "$P_SRV dtls=1 use_srtp=1 debug_level=3" \
10557 "$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
10558 0 \
10559 -s "found use_srtp extension" \
10560 -s "found srtp profile" \
10561 -s "selected srtp profile" \
10562 -s "server hello, adding use_srtp extension" \
10563 -s "DTLS-SRTP key material is"\
10564 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
10565 -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32"
10566
10567requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Jerry Yuab082902021-12-23 18:02:22 +080010568requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
TRodziewicz4ca18aa2021-05-20 14:46:20 +020010569run_test "DTLS-SRTP server supports one profile. Client supports all profiles. openssl client." \
10570 "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
10571 "$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
10572 0 \
10573 -s "found use_srtp extension" \
10574 -s "found srtp profile" \
10575 -s "selected srtp profile" \
10576 -s "server hello, adding use_srtp extension" \
10577 -s "DTLS-SRTP key material is"\
10578 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
10579 -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32"
10580
10581requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Jerry Yuab082902021-12-23 18:02:22 +080010582requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
TRodziewicz4ca18aa2021-05-20 14:46:20 +020010583run_test "DTLS-SRTP server and Client support only one matching profile. openssl client." \
10584 "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
10585 "$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
10586 0 \
10587 -s "found use_srtp extension" \
10588 -s "found srtp profile" \
10589 -s "selected srtp profile" \
10590 -s "server hello, adding use_srtp extension" \
10591 -s "DTLS-SRTP key material is"\
10592 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
10593 -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32"
10594
10595requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Jerry Yuab082902021-12-23 18:02:22 +080010596requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
TRodziewicz4ca18aa2021-05-20 14:46:20 +020010597run_test "DTLS-SRTP server and Client support only one different profile. openssl client." \
10598 "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=1 debug_level=3" \
10599 "$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
10600 0 \
10601 -s "found use_srtp extension" \
10602 -s "found srtp profile" \
10603 -S "selected srtp profile" \
10604 -S "server hello, adding use_srtp extension" \
10605 -S "DTLS-SRTP key material is"\
10606 -C "SRTP Extension negotiated, profile"
10607
10608requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Jerry Yuab082902021-12-23 18:02:22 +080010609requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
TRodziewicz4ca18aa2021-05-20 14:46:20 +020010610run_test "DTLS-SRTP server doesn't support use_srtp extension. openssl client" \
10611 "$P_SRV dtls=1 debug_level=3" \
10612 "$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
10613 0 \
10614 -s "found use_srtp extension" \
10615 -S "server hello, adding use_srtp extension" \
10616 -S "DTLS-SRTP key material is"\
10617 -C "SRTP Extension negotiated, profile"
10618
10619requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Jerry Yuab082902021-12-23 18:02:22 +080010620requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
TRodziewicz4ca18aa2021-05-20 14:46:20 +020010621run_test "DTLS-SRTP all profiles supported. openssl server" \
10622 "$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
10623 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
10624 0 \
10625 -c "client hello, adding use_srtp extension" \
10626 -c "found use_srtp extension" \
10627 -c "found srtp profile" \
10628 -c "selected srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80" \
10629 -c "DTLS-SRTP key material is"\
10630 -C "error"
10631
10632requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Jerry Yuab082902021-12-23 18:02:22 +080010633requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
TRodziewicz4ca18aa2021-05-20 14:46:20 +020010634run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, in different order. openssl server." \
10635 "$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_32:SRTP_AES128_CM_SHA1_80 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
10636 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
10637 0 \
10638 -c "client hello, adding use_srtp extension" \
10639 -c "found use_srtp extension" \
10640 -c "found srtp profile" \
10641 -c "selected srtp profile" \
10642 -c "DTLS-SRTP key material is"\
10643 -C "error"
10644
10645requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Jerry Yuab082902021-12-23 18:02:22 +080010646requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
TRodziewicz4ca18aa2021-05-20 14:46:20 +020010647run_test "DTLS-SRTP server supports all profiles. Client supports one profile. openssl server." \
10648 "$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
10649 "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
10650 0 \
10651 -c "client hello, adding use_srtp extension" \
10652 -c "found use_srtp extension" \
10653 -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
10654 -c "selected srtp profile" \
10655 -c "DTLS-SRTP key material is"\
10656 -C "error"
10657
10658requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Jerry Yuab082902021-12-23 18:02:22 +080010659requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
TRodziewicz4ca18aa2021-05-20 14:46:20 +020010660run_test "DTLS-SRTP server supports one profile. Client supports all profiles. openssl server." \
10661 "$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
10662 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
10663 0 \
10664 -c "client hello, adding use_srtp extension" \
10665 -c "found use_srtp extension" \
10666 -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
10667 -c "selected srtp profile" \
10668 -c "DTLS-SRTP key material is"\
10669 -C "error"
10670
10671requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Jerry Yuab082902021-12-23 18:02:22 +080010672requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
TRodziewicz4ca18aa2021-05-20 14:46:20 +020010673run_test "DTLS-SRTP server and Client support only one matching profile. openssl server." \
10674 "$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
10675 "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
10676 0 \
10677 -c "client hello, adding use_srtp extension" \
10678 -c "found use_srtp extension" \
10679 -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
10680 -c "selected srtp profile" \
10681 -c "DTLS-SRTP key material is"\
10682 -C "error"
10683
10684requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Jerry Yuab082902021-12-23 18:02:22 +080010685requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
TRodziewicz4ca18aa2021-05-20 14:46:20 +020010686run_test "DTLS-SRTP server and Client support only one different profile. openssl server." \
10687 "$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
10688 "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=6 debug_level=3" \
10689 0 \
10690 -c "client hello, adding use_srtp extension" \
10691 -C "found use_srtp extension" \
10692 -C "found srtp profile" \
10693 -C "selected srtp profile" \
10694 -C "DTLS-SRTP key material is"\
10695 -C "error"
10696
10697requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Jerry Yuab082902021-12-23 18:02:22 +080010698requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
TRodziewicz4ca18aa2021-05-20 14:46:20 +020010699run_test "DTLS-SRTP server doesn't support use_srtp extension. openssl server" \
10700 "$O_SRV -dtls" \
10701 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
10702 0 \
10703 -c "client hello, adding use_srtp extension" \
10704 -C "found use_srtp extension" \
10705 -C "found srtp profile" \
10706 -C "selected srtp profile" \
10707 -C "DTLS-SRTP key material is"\
10708 -C "error"
10709
10710requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Jerry Yuab082902021-12-23 18:02:22 +080010711requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
TRodziewicz4ca18aa2021-05-20 14:46:20 +020010712run_test "DTLS-SRTP all profiles supported. server doesn't support mki. openssl server." \
10713 "$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
10714 "$P_CLI dtls=1 use_srtp=1 mki=542310ab34290481 debug_level=3" \
10715 0 \
10716 -c "client hello, adding use_srtp extension" \
10717 -c "found use_srtp extension" \
10718 -c "found srtp profile" \
10719 -c "selected srtp profile" \
10720 -c "DTLS-SRTP key material is"\
10721 -c "DTLS-SRTP no mki value negotiated"\
10722 -c "dumping 'sending mki' (8 bytes)" \
10723 -C "dumping 'received mki' (8 bytes)" \
10724 -C "error"
10725
10726requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Ron Eldor5d991c92019-01-15 18:54:03 +020010727requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +080010728requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010729run_test "DTLS-SRTP all profiles supported. gnutls client." \
Ron Eldor5d991c92019-01-15 18:54:03 +020010730 "$P_SRV dtls=1 use_srtp=1 debug_level=3" \
10731 "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32 --insecure 127.0.0.1" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010732 0 \
10733 -s "found use_srtp extension" \
10734 -s "found srtp profile" \
10735 -s "selected srtp profile" \
10736 -s "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +020010737 -s "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010738 -c "SRTP profile: SRTP_AES128_CM_HMAC_SHA1_80"
10739
10740requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Ron Eldor5d991c92019-01-15 18:54:03 +020010741requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +080010742requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010743run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, in different order. gnutls client." \
Ron Eldor5d991c92019-01-15 18:54:03 +020010744 "$P_SRV dtls=1 use_srtp=1 debug_level=3" \
10745 "$G_CLI -u --srtp-profiles=SRTP_NULL_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_80:SRTP_NULL_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_32 --insecure 127.0.0.1" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010746 0 \
10747 -s "found use_srtp extension" \
10748 -s "found srtp profile" \
10749 -s "selected srtp profile" \
10750 -s "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +020010751 -s "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010752 -c "SRTP profile: SRTP_NULL_HMAC_SHA1_80"
10753
10754requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Ron Eldor5d991c92019-01-15 18:54:03 +020010755requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +080010756requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010757run_test "DTLS-SRTP server supports all profiles. Client supports one profile. gnutls client." \
Ron Eldor5d991c92019-01-15 18:54:03 +020010758 "$P_SRV dtls=1 use_srtp=1 debug_level=3" \
10759 "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32 --insecure 127.0.0.1" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010760 0 \
10761 -s "found use_srtp extension" \
Johan Pascal43f94902020-09-22 12:25:52 +020010762 -s "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
10763 -s "selected srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010764 -s "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +020010765 -s "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010766 -c "SRTP profile: SRTP_AES128_CM_HMAC_SHA1_32"
10767
10768requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Ron Eldor5d991c92019-01-15 18:54:03 +020010769requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +080010770requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010771run_test "DTLS-SRTP server supports one profile. Client supports all profiles. gnutls client." \
Johan Pascal43f94902020-09-22 12:25:52 +020010772 "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=6 debug_level=3" \
Ron Eldor5d991c92019-01-15 18:54:03 +020010773 "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32 --insecure 127.0.0.1" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010774 0 \
10775 -s "found use_srtp extension" \
10776 -s "found srtp profile" \
Johan Pascal43f94902020-09-22 12:25:52 +020010777 -s "selected srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010778 -s "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +020010779 -s "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010780 -c "SRTP profile: SRTP_NULL_SHA1_32"
10781
10782requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Ron Eldor5d991c92019-01-15 18:54:03 +020010783requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +080010784requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010785run_test "DTLS-SRTP server and Client support only one matching profile. gnutls client." \
Ron Eldor5d991c92019-01-15 18:54:03 +020010786 "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
10787 "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32 --insecure 127.0.0.1" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010788 0 \
10789 -s "found use_srtp extension" \
10790 -s "found srtp profile" \
10791 -s "selected srtp profile" \
10792 -s "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +020010793 -s "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010794 -c "SRTP profile: SRTP_AES128_CM_HMAC_SHA1_32"
10795
10796requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Ron Eldor5d991c92019-01-15 18:54:03 +020010797requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +080010798requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010799run_test "DTLS-SRTP server and Client support only one different profile. gnutls client." \
Ron Eldor5d991c92019-01-15 18:54:03 +020010800 "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=1 debug_level=3" \
10801 "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32 --insecure 127.0.0.1" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010802 0 \
10803 -s "found use_srtp extension" \
10804 -s "found srtp profile" \
10805 -S "selected srtp profile" \
10806 -S "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +020010807 -S "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010808 -C "SRTP profile:"
10809
10810requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Ron Eldor5d991c92019-01-15 18:54:03 +020010811requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +080010812requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010813run_test "DTLS-SRTP server doesn't support use_srtp extension. gnutls client" \
Ron Eldor5d991c92019-01-15 18:54:03 +020010814 "$P_SRV dtls=1 debug_level=3" \
10815 "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32 --insecure 127.0.0.1" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010816 0 \
10817 -s "found use_srtp extension" \
10818 -S "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +020010819 -S "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010820 -C "SRTP profile:"
10821
10822requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Ron Eldor5d991c92019-01-15 18:54:03 +020010823requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +080010824requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010825run_test "DTLS-SRTP all profiles supported. gnutls server" \
10826 "$G_SRV -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32" \
10827 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
10828 0 \
10829 -c "client hello, adding use_srtp extension" \
10830 -c "found use_srtp extension" \
10831 -c "found srtp profile" \
Johan Pascal43f94902020-09-22 12:25:52 +020010832 -c "selected srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +020010833 -c "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010834 -C "error"
10835
10836requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Ron Eldor5d991c92019-01-15 18:54:03 +020010837requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +080010838requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010839run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, in different order. gnutls server." \
10840 "$G_SRV -u --srtp-profiles=SRTP_NULL_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_80:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32" \
10841 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
10842 0 \
10843 -c "client hello, adding use_srtp extension" \
10844 -c "found use_srtp extension" \
10845 -c "found srtp profile" \
Johan Pascal43f94902020-09-22 12:25:52 +020010846 -c "selected srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +020010847 -c "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010848 -C "error"
10849
10850requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Ron Eldor5d991c92019-01-15 18:54:03 +020010851requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +080010852requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010853run_test "DTLS-SRTP server supports all profiles. Client supports one profile. gnutls server." \
10854 "$G_SRV -u --srtp-profiles=SRTP_NULL_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_80:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32" \
10855 "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
10856 0 \
10857 -c "client hello, adding use_srtp extension" \
10858 -c "found use_srtp extension" \
Johan Pascal43f94902020-09-22 12:25:52 +020010859 -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010860 -c "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +020010861 -c "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010862 -C "error"
10863
10864requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Ron Eldor5d991c92019-01-15 18:54:03 +020010865requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +080010866requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010867run_test "DTLS-SRTP server supports one profile. Client supports all profiles. gnutls server." \
10868 "$G_SRV -u --srtp-profiles=SRTP_NULL_HMAC_SHA1_80" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +020010869 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010870 0 \
10871 -c "client hello, adding use_srtp extension" \
10872 -c "found use_srtp extension" \
Johan Pascal43f94902020-09-22 12:25:52 +020010873 -c "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010874 -c "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +020010875 -c "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010876 -C "error"
10877
10878requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Ron Eldor5d991c92019-01-15 18:54:03 +020010879requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +080010880requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010881run_test "DTLS-SRTP server and Client support only one matching profile. gnutls server." \
10882 "$G_SRV -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32" \
10883 "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
10884 0 \
10885 -c "client hello, adding use_srtp extension" \
10886 -c "found use_srtp extension" \
Johan Pascal43f94902020-09-22 12:25:52 +020010887 -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010888 -c "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +020010889 -c "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010890 -C "error"
10891
10892requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Ron Eldor5d991c92019-01-15 18:54:03 +020010893requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +080010894requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010895run_test "DTLS-SRTP server and Client support only one different profile. gnutls server." \
10896 "$G_SRV -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32" \
Johan Pascal43f94902020-09-22 12:25:52 +020010897 "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=6 debug_level=3" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010898 0 \
10899 -c "client hello, adding use_srtp extension" \
10900 -C "found use_srtp extension" \
10901 -C "found srtp profile" \
10902 -C "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +020010903 -C "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010904 -C "error"
10905
10906requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Ron Eldor5d991c92019-01-15 18:54:03 +020010907requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +080010908requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010909run_test "DTLS-SRTP server doesn't support use_srtp extension. gnutls server" \
10910 "$G_SRV -u" \
10911 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
10912 0 \
10913 -c "client hello, adding use_srtp extension" \
10914 -C "found use_srtp extension" \
10915 -C "found srtp profile" \
10916 -C "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +020010917 -C "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010918 -C "error"
10919
10920requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Ron Eldor5d991c92019-01-15 18:54:03 +020010921requires_gnutls
Jerry Yuab082902021-12-23 18:02:22 +080010922requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010923run_test "DTLS-SRTP all profiles supported. mki used. gnutls server." \
10924 "$G_SRV -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32" \
10925 "$P_CLI dtls=1 use_srtp=1 mki=542310ab34290481 debug_level=3" \
10926 0 \
10927 -c "client hello, adding use_srtp extension" \
10928 -c "found use_srtp extension" \
10929 -c "found srtp profile" \
10930 -c "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +020010931 -c "DTLS-SRTP key material is"\
Johan Pascal20c7db32020-10-26 22:45:58 +010010932 -c "DTLS-SRTP mki value:"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +030010933 -c "dumping 'sending mki' (8 bytes)" \
10934 -c "dumping 'received mki' (8 bytes)" \
10935 -C "error"
10936
Manuel Pégourié-Gonnard64dffc52014-09-02 13:39:16 +020010937# Tests for specific things with "unreliable" UDP connection
10938
10939not_with_valgrind # spurious resend due to timeout
Jerry Yuab082902021-12-23 18:02:22 +080010940requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard64dffc52014-09-02 13:39:16 +020010941run_test "DTLS proxy: reference" \
10942 -p "$P_PXY" \
Manuel Pégourié-Gonnardb6929892019-09-09 11:14:37 +020010943 "$P_SRV dtls=1 debug_level=2 hs_timeout=10000-20000" \
10944 "$P_CLI dtls=1 debug_level=2 hs_timeout=10000-20000" \
Manuel Pégourié-Gonnard64dffc52014-09-02 13:39:16 +020010945 0 \
10946 -C "replayed record" \
10947 -S "replayed record" \
Hanno Beckerb2a86c32019-07-19 15:43:09 +010010948 -C "Buffer record from epoch" \
10949 -S "Buffer record from epoch" \
10950 -C "ssl_buffer_message" \
10951 -S "ssl_buffer_message" \
Manuel Pégourié-Gonnarda7756172014-08-31 18:37:01 +020010952 -C "discarding invalid record" \
Manuel Pégourié-Gonnard990f9e42014-09-06 12:27:02 +020010953 -S "discarding invalid record" \
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +020010954 -S "resend" \
Manuel Pégourié-Gonnard990f9e42014-09-06 12:27:02 +020010955 -s "Extra-header:" \
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +020010956 -c "HTTP/1.0 200 OK"
10957
10958not_with_valgrind # spurious resend due to timeout
Jerry Yuab082902021-12-23 18:02:22 +080010959requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard990f9e42014-09-06 12:27:02 +020010960run_test "DTLS proxy: duplicate every packet" \
10961 -p "$P_PXY duplicate=1" \
Manuel Pégourié-Gonnardb6929892019-09-09 11:14:37 +020010962 "$P_SRV dtls=1 dgram_packing=0 debug_level=2 hs_timeout=10000-20000" \
10963 "$P_CLI dtls=1 dgram_packing=0 debug_level=2 hs_timeout=10000-20000" \
Manuel Pégourié-Gonnard990f9e42014-09-06 12:27:02 +020010964 0 \
10965 -c "replayed record" \
10966 -s "replayed record" \
10967 -c "record from another epoch" \
10968 -s "record from another epoch" \
10969 -S "resend" \
10970 -s "Extra-header:" \
10971 -c "HTTP/1.0 200 OK"
10972
Jerry Yuab082902021-12-23 18:02:22 +080010973requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard990f9e42014-09-06 12:27:02 +020010974run_test "DTLS proxy: duplicate every packet, server anti-replay off" \
10975 -p "$P_PXY duplicate=1" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +010010976 "$P_SRV dtls=1 dgram_packing=0 debug_level=2 anti_replay=0" \
10977 "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \
Manuel Pégourié-Gonnard63eca932014-09-08 16:39:08 +020010978 0 \
10979 -c "replayed record" \
10980 -S "replayed record" \
10981 -c "record from another epoch" \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +020010982 -s "record from another epoch" \
10983 -c "resend" \
10984 -s "resend" \
Manuel Pégourié-Gonnard246c13a2014-09-24 13:56:09 +020010985 -s "Extra-header:" \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +020010986 -c "HTTP/1.0 200 OK"
10987
Jerry Yuab082902021-12-23 18:02:22 +080010988requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard246c13a2014-09-24 13:56:09 +020010989run_test "DTLS proxy: multiple records in same datagram" \
10990 -p "$P_PXY pack=50" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +010010991 "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \
10992 "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \
Manuel Pégourié-Gonnard63eca932014-09-08 16:39:08 +020010993 0 \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +020010994 -c "next record in same datagram" \
10995 -s "next record in same datagram"
10996
Jerry Yuab082902021-12-23 18:02:22 +080010997requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +020010998run_test "DTLS proxy: multiple records in same datagram, duplicate every packet" \
10999 -p "$P_PXY pack=50 duplicate=1" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +010011000 "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \
11001 "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \
Manuel Pégourié-Gonnard246c13a2014-09-24 13:56:09 +020011002 0 \
11003 -c "next record in same datagram" \
11004 -s "next record in same datagram"
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +020011005
Jerry Yuab082902021-12-23 18:02:22 +080011006requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard63eca932014-09-08 16:39:08 +020011007run_test "DTLS proxy: inject invalid AD record, default badmac_limit" \
11008 -p "$P_PXY bad_ad=1" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +010011009 "$P_SRV dtls=1 dgram_packing=0 debug_level=1" \
11010 "$P_CLI dtls=1 dgram_packing=0 debug_level=1 read_timeout=100" \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +020011011 0 \
Manuel Pégourié-Gonnard74a13782014-10-14 22:34:08 +020011012 -c "discarding invalid record (mac)" \
11013 -s "discarding invalid record (mac)" \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +020011014 -s "Extra-header:" \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +020011015 -c "HTTP/1.0 200 OK" \
11016 -S "too many records with bad MAC" \
11017 -S "Verification of the message MAC failed"
11018
Jerry Yuab082902021-12-23 18:02:22 +080011019requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +020011020run_test "DTLS proxy: inject invalid AD record, badmac_limit 1" \
11021 -p "$P_PXY bad_ad=1" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +010011022 "$P_SRV dtls=1 dgram_packing=0 debug_level=1 badmac_limit=1" \
11023 "$P_CLI dtls=1 dgram_packing=0 debug_level=1 read_timeout=100" \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +020011024 1 \
Manuel Pégourié-Gonnard74a13782014-10-14 22:34:08 +020011025 -C "discarding invalid record (mac)" \
11026 -S "discarding invalid record (mac)" \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +020011027 -S "Extra-header:" \
11028 -C "HTTP/1.0 200 OK" \
11029 -s "too many records with bad MAC" \
11030 -s "Verification of the message MAC failed"
11031
Jerry Yuab082902021-12-23 18:02:22 +080011032requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +020011033run_test "DTLS proxy: inject invalid AD record, badmac_limit 2" \
11034 -p "$P_PXY bad_ad=1" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +010011035 "$P_SRV dtls=1 dgram_packing=0 debug_level=1 badmac_limit=2" \
11036 "$P_CLI dtls=1 dgram_packing=0 debug_level=1 read_timeout=100" \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +020011037 0 \
Manuel Pégourié-Gonnard74a13782014-10-14 22:34:08 +020011038 -c "discarding invalid record (mac)" \
11039 -s "discarding invalid record (mac)" \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +020011040 -s "Extra-header:" \
11041 -c "HTTP/1.0 200 OK" \
11042 -S "too many records with bad MAC" \
11043 -S "Verification of the message MAC failed"
11044
Jerry Yuab082902021-12-23 18:02:22 +080011045requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +020011046run_test "DTLS proxy: inject invalid AD record, badmac_limit 2, exchanges 2"\
11047 -p "$P_PXY bad_ad=1" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +010011048 "$P_SRV dtls=1 dgram_packing=0 debug_level=1 badmac_limit=2 exchanges=2" \
11049 "$P_CLI dtls=1 dgram_packing=0 debug_level=1 read_timeout=100 exchanges=2" \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +020011050 1 \
Manuel Pégourié-Gonnard74a13782014-10-14 22:34:08 +020011051 -c "discarding invalid record (mac)" \
11052 -s "discarding invalid record (mac)" \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +020011053 -s "Extra-header:" \
11054 -c "HTTP/1.0 200 OK" \
11055 -s "too many records with bad MAC" \
11056 -s "Verification of the message MAC failed"
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +020011057
Jerry Yuab082902021-12-23 18:02:22 +080011058requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +020011059run_test "DTLS proxy: delay ChangeCipherSpec" \
11060 -p "$P_PXY delay_ccs=1" \
Hanno Beckerc4305232018-08-14 13:41:21 +010011061 "$P_SRV dtls=1 debug_level=1 dgram_packing=0" \
11062 "$P_CLI dtls=1 debug_level=1 dgram_packing=0" \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +020011063 0 \
Manuel Pégourié-Gonnard246c13a2014-09-24 13:56:09 +020011064 -c "record from another epoch" \
11065 -s "record from another epoch" \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +020011066 -s "Extra-header:" \
11067 -c "HTTP/1.0 200 OK"
11068
Hanno Beckeraa5d0c42018-08-16 13:15:19 +010011069# Tests for reordering support with DTLS
11070
Gilles Peskine6f160ca2022-03-14 18:21:24 +010011071requires_certificate_authentication
Jerry Yuab082902021-12-23 18:02:22 +080011072requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker56cdfd12018-08-17 13:42:15 +010011073run_test "DTLS reordering: Buffer out-of-order handshake message on client" \
11074 -p "$P_PXY delay_srv=ServerHello" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011075 "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
11076 hs_timeout=2500-60000" \
11077 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
11078 hs_timeout=2500-60000" \
Hanno Beckere3842212018-08-16 15:28:59 +010011079 0 \
11080 -c "Buffering HS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +010011081 -c "Next handshake message has been buffered - load"\
11082 -S "Buffering HS message" \
11083 -S "Next handshake message has been buffered - load"\
Hanno Becker39b8bc92018-08-28 17:17:13 +010011084 -C "Injecting buffered CCS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +010011085 -C "Remember CCS message" \
Hanno Becker39b8bc92018-08-28 17:17:13 +010011086 -S "Injecting buffered CCS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +010011087 -S "Remember CCS message"
Hanno Beckere3842212018-08-16 15:28:59 +010011088
Gilles Peskine6f160ca2022-03-14 18:21:24 +010011089requires_certificate_authentication
Jerry Yuab082902021-12-23 18:02:22 +080011090requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckerdc1e9502018-08-28 16:02:33 +010011091run_test "DTLS reordering: Buffer out-of-order handshake message fragment on client" \
11092 -p "$P_PXY delay_srv=ServerHello" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011093 "$P_SRV mtu=512 dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
11094 hs_timeout=2500-60000" \
11095 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
11096 hs_timeout=2500-60000" \
Hanno Beckerdc1e9502018-08-28 16:02:33 +010011097 0 \
11098 -c "Buffering HS message" \
11099 -c "found fragmented DTLS handshake message"\
11100 -c "Next handshake message 1 not or only partially bufffered" \
11101 -c "Next handshake message has been buffered - load"\
11102 -S "Buffering HS message" \
11103 -S "Next handshake message has been buffered - load"\
Hanno Becker39b8bc92018-08-28 17:17:13 +010011104 -C "Injecting buffered CCS message" \
Hanno Beckerdc1e9502018-08-28 16:02:33 +010011105 -C "Remember CCS message" \
Hanno Becker39b8bc92018-08-28 17:17:13 +010011106 -S "Injecting buffered CCS message" \
Hanno Beckeraa5d0c42018-08-16 13:15:19 +010011107 -S "Remember CCS message"
11108
Hanno Beckera1adcca2018-08-24 14:41:07 +010011109# The client buffers the ServerKeyExchange before receiving the fragmented
11110# Certificate message; at the time of writing, together these are aroudn 1200b
11111# in size, so that the bound below ensures that the certificate can be reassembled
11112# while keeping the ServerKeyExchange.
Gilles Peskine6f160ca2022-03-14 18:21:24 +010011113requires_certificate_authentication
Hanno Beckera1adcca2018-08-24 14:41:07 +010011114requires_config_value_at_least "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 1300
Jerry Yuab082902021-12-23 18:02:22 +080011115requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera1adcca2018-08-24 14:41:07 +010011116run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling next" \
Hanno Beckere3567052018-08-21 16:50:43 +010011117 -p "$P_PXY delay_srv=Certificate delay_srv=Certificate" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011118 "$P_SRV mtu=512 dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
11119 hs_timeout=2500-60000" \
11120 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
11121 hs_timeout=2500-60000" \
Hanno Beckere3567052018-08-21 16:50:43 +010011122 0 \
11123 -c "Buffering HS message" \
11124 -c "Next handshake message has been buffered - load"\
Hanno Beckera1adcca2018-08-24 14:41:07 +010011125 -C "attempt to make space by freeing buffered messages" \
11126 -S "Buffering HS message" \
11127 -S "Next handshake message has been buffered - load"\
Hanno Becker39b8bc92018-08-28 17:17:13 +010011128 -C "Injecting buffered CCS message" \
Hanno Beckera1adcca2018-08-24 14:41:07 +010011129 -C "Remember CCS message" \
Hanno Becker39b8bc92018-08-28 17:17:13 +010011130 -S "Injecting buffered CCS message" \
Hanno Beckera1adcca2018-08-24 14:41:07 +010011131 -S "Remember CCS message"
11132
11133# The size constraints ensure that the delayed certificate message can't
11134# be reassembled while keeping the ServerKeyExchange message, but it can
11135# when dropping it first.
Gilles Peskine6f160ca2022-03-14 18:21:24 +010011136requires_certificate_authentication
Hanno Beckera1adcca2018-08-24 14:41:07 +010011137requires_config_value_at_least "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 900
11138requires_config_value_at_most "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 1299
Jerry Yuab082902021-12-23 18:02:22 +080011139requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera1adcca2018-08-24 14:41:07 +010011140run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling next, free buffered msg" \
11141 -p "$P_PXY delay_srv=Certificate delay_srv=Certificate" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011142 "$P_SRV mtu=512 dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
11143 hs_timeout=2500-60000" \
11144 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
11145 hs_timeout=2500-60000" \
Hanno Beckera1adcca2018-08-24 14:41:07 +010011146 0 \
11147 -c "Buffering HS message" \
11148 -c "attempt to make space by freeing buffered future messages" \
11149 -c "Enough space available after freeing buffered HS messages" \
Hanno Beckere3567052018-08-21 16:50:43 +010011150 -S "Buffering HS message" \
11151 -S "Next handshake message has been buffered - load"\
Hanno Becker39b8bc92018-08-28 17:17:13 +010011152 -C "Injecting buffered CCS message" \
Hanno Beckere3567052018-08-21 16:50:43 +010011153 -C "Remember CCS message" \
Hanno Becker39b8bc92018-08-28 17:17:13 +010011154 -S "Injecting buffered CCS message" \
Hanno Beckere3567052018-08-21 16:50:43 +010011155 -S "Remember CCS message"
11156
Gilles Peskine6f160ca2022-03-14 18:21:24 +010011157requires_certificate_authentication
Jerry Yuab082902021-12-23 18:02:22 +080011158requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker56cdfd12018-08-17 13:42:15 +010011159run_test "DTLS reordering: Buffer out-of-order handshake message on server" \
11160 -p "$P_PXY delay_cli=Certificate" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011161 "$P_SRV dgram_packing=0 auth_mode=required cookies=0 dtls=1 debug_level=2 \
11162 hs_timeout=2500-60000" \
11163 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
11164 hs_timeout=2500-60000" \
Hanno Becker56cdfd12018-08-17 13:42:15 +010011165 0 \
11166 -C "Buffering HS message" \
11167 -C "Next handshake message has been buffered - load"\
11168 -s "Buffering HS message" \
11169 -s "Next handshake message has been buffered - load" \
Hanno Becker39b8bc92018-08-28 17:17:13 +010011170 -C "Injecting buffered CCS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +010011171 -C "Remember CCS message" \
Hanno Becker39b8bc92018-08-28 17:17:13 +010011172 -S "Injecting buffered CCS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +010011173 -S "Remember CCS message"
11174
Gilles Peskine6f160ca2022-03-14 18:21:24 +010011175requires_certificate_authentication
Jerry Yuab082902021-12-23 18:02:22 +080011176requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker56cdfd12018-08-17 13:42:15 +010011177run_test "DTLS reordering: Buffer out-of-order CCS message on client"\
11178 -p "$P_PXY delay_srv=NewSessionTicket" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011179 "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
11180 hs_timeout=2500-60000" \
11181 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
11182 hs_timeout=2500-60000" \
Hanno Becker56cdfd12018-08-17 13:42:15 +010011183 0 \
11184 -C "Buffering HS message" \
11185 -C "Next handshake message has been buffered - load"\
11186 -S "Buffering HS message" \
11187 -S "Next handshake message has been buffered - load" \
Hanno Becker39b8bc92018-08-28 17:17:13 +010011188 -c "Injecting buffered CCS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +010011189 -c "Remember CCS message" \
Hanno Becker39b8bc92018-08-28 17:17:13 +010011190 -S "Injecting buffered CCS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +010011191 -S "Remember CCS message"
11192
Gilles Peskine6f160ca2022-03-14 18:21:24 +010011193requires_certificate_authentication
Jerry Yuab082902021-12-23 18:02:22 +080011194requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Becker56cdfd12018-08-17 13:42:15 +010011195run_test "DTLS reordering: Buffer out-of-order CCS message on server"\
11196 -p "$P_PXY delay_cli=ClientKeyExchange" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011197 "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
11198 hs_timeout=2500-60000" \
11199 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
11200 hs_timeout=2500-60000" \
Hanno Becker56cdfd12018-08-17 13:42:15 +010011201 0 \
11202 -C "Buffering HS message" \
11203 -C "Next handshake message has been buffered - load"\
11204 -S "Buffering HS message" \
11205 -S "Next handshake message has been buffered - load" \
Hanno Becker39b8bc92018-08-28 17:17:13 +010011206 -C "Injecting buffered CCS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +010011207 -C "Remember CCS message" \
Hanno Becker39b8bc92018-08-28 17:17:13 +010011208 -s "Injecting buffered CCS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +010011209 -s "Remember CCS message"
11210
Jerry Yuab082902021-12-23 18:02:22 +080011211requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera1adcca2018-08-24 14:41:07 +010011212run_test "DTLS reordering: Buffer encrypted Finished message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +010011213 -p "$P_PXY delay_ccs=1" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011214 "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
11215 hs_timeout=2500-60000" \
11216 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
11217 hs_timeout=2500-60000" \
Hanno Beckerb34149c2018-08-16 15:29:06 +010011218 0 \
11219 -s "Buffer record from epoch 1" \
Hanno Becker56cdfd12018-08-17 13:42:15 +010011220 -s "Found buffered record from current epoch - load" \
11221 -c "Buffer record from epoch 1" \
11222 -c "Found buffered record from current epoch - load"
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +020011223
Hanno Beckera1adcca2018-08-24 14:41:07 +010011224# In this test, both the fragmented NewSessionTicket and the ChangeCipherSpec
11225# from the server are delayed, so that the encrypted Finished message
11226# is received and buffered. When the fragmented NewSessionTicket comes
11227# in afterwards, the encrypted Finished message must be freed in order
11228# to make space for the NewSessionTicket to be reassembled.
11229# This works only in very particular circumstances:
11230# - MBEDTLS_SSL_DTLS_MAX_BUFFERING must be large enough to allow buffering
11231# of the NewSessionTicket, but small enough to also allow buffering of
11232# the encrypted Finished message.
11233# - The MTU setting on the server must be so small that the NewSessionTicket
11234# needs to be fragmented.
11235# - All messages sent by the server must be small enough to be either sent
11236# without fragmentation or be reassembled within the bounds of
11237# MBEDTLS_SSL_DTLS_MAX_BUFFERING. Achieve this by testing with a PSK-based
11238# handshake, omitting CRTs.
Manuel Pégourié-Gonnardeef4c752019-05-28 10:21:30 +020011239requires_config_value_at_least "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 190
11240requires_config_value_at_most "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 230
Jerry Yuab082902021-12-23 18:02:22 +080011241requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Hanno Beckera1adcca2018-08-24 14:41:07 +010011242run_test "DTLS reordering: Buffer encrypted Finished message, drop for fragmented NewSessionTicket" \
11243 -p "$P_PXY delay_srv=NewSessionTicket delay_srv=NewSessionTicket delay_ccs=1" \
Manuel Pégourié-Gonnardeef4c752019-05-28 10:21:30 +020011244 "$P_SRV mtu=140 response_size=90 dgram_packing=0 psk=abc123 psk_identity=foo cookies=0 dtls=1 debug_level=2" \
Hanno Beckera1adcca2018-08-24 14:41:07 +010011245 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8 psk=abc123 psk_identity=foo" \
11246 0 \
11247 -s "Buffer record from epoch 1" \
11248 -s "Found buffered record from current epoch - load" \
11249 -c "Buffer record from epoch 1" \
11250 -C "Found buffered record from current epoch - load" \
11251 -c "Enough space available after freeing future epoch record"
11252
Manuel Pégourié-Gonnarda0719722014-09-20 12:46:27 +020011253# Tests for "randomly unreliable connection": try a variety of flows and peers
11254
11255client_needs_more_time 2
Jerry Yuab082902021-12-23 18:02:22 +080011256requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +020011257run_test "DTLS proxy: 3d (drop, delay, duplicate), \"short\" PSK handshake" \
11258 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011259 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +020011260 psk=abc123" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011261 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +020011262 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
11263 0 \
11264 -s "Extra-header:" \
11265 -c "HTTP/1.0 200 OK"
11266
Janos Follath74537a62016-09-02 13:45:28 +010011267client_needs_more_time 2
Jerry Yuab082902021-12-23 18:02:22 +080011268requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +020011269run_test "DTLS proxy: 3d, \"short\" RSA handshake" \
11270 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011271 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none" \
11272 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 \
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +020011273 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
11274 0 \
11275 -s "Extra-header:" \
11276 -c "HTTP/1.0 200 OK"
11277
Janos Follath74537a62016-09-02 13:45:28 +010011278client_needs_more_time 2
Jerry Yuab082902021-12-23 18:02:22 +080011279requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +020011280run_test "DTLS proxy: 3d, \"short\" (no ticket, no cli_auth) FS handshake" \
11281 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011282 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none" \
11283 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0" \
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +020011284 0 \
11285 -s "Extra-header:" \
11286 -c "HTTP/1.0 200 OK"
11287
Janos Follath74537a62016-09-02 13:45:28 +010011288client_needs_more_time 2
Jerry Yuab082902021-12-23 18:02:22 +080011289requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +020011290run_test "DTLS proxy: 3d, FS, client auth" \
11291 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011292 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=required" \
11293 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0" \
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +020011294 0 \
11295 -s "Extra-header:" \
11296 -c "HTTP/1.0 200 OK"
11297
Janos Follath74537a62016-09-02 13:45:28 +010011298client_needs_more_time 2
Jerry Yuab082902021-12-23 18:02:22 +080011299requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +020011300run_test "DTLS proxy: 3d, FS, ticket" \
11301 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011302 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1 auth_mode=none" \
11303 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1" \
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +020011304 0 \
11305 -s "Extra-header:" \
11306 -c "HTTP/1.0 200 OK"
11307
Janos Follath74537a62016-09-02 13:45:28 +010011308client_needs_more_time 2
Jerry Yuab082902021-12-23 18:02:22 +080011309requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +020011310run_test "DTLS proxy: 3d, max handshake (FS, ticket + client auth)" \
11311 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011312 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1 auth_mode=required" \
11313 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1" \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +020011314 0 \
11315 -s "Extra-header:" \
11316 -c "HTTP/1.0 200 OK"
11317
Janos Follath74537a62016-09-02 13:45:28 +010011318client_needs_more_time 2
Jerry Yuab082902021-12-23 18:02:22 +080011319requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +020011320run_test "DTLS proxy: 3d, max handshake, nbio" \
11321 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011322 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 nbio=2 tickets=1 \
Manuel Pégourié-Gonnard37a4de22014-10-01 16:38:03 +020011323 auth_mode=required" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011324 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 nbio=2 tickets=1" \
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +020011325 0 \
11326 -s "Extra-header:" \
11327 -c "HTTP/1.0 200 OK"
11328
Janos Follath74537a62016-09-02 13:45:28 +010011329client_needs_more_time 4
Jerry Yuab082902021-12-23 18:02:22 +080011330requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine2fe796f2022-02-25 19:51:52 +010011331requires_config_enabled MBEDTLS_SSL_CACHE_C
Manuel Pégourié-Gonnard7a26d732014-10-02 14:50:46 +020011332run_test "DTLS proxy: 3d, min handshake, resumption" \
11333 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011334 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
Manuel Pégourié-Gonnard7a26d732014-10-02 14:50:46 +020011335 psk=abc123 debug_level=3" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011336 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +010011337 debug_level=3 reconnect=1 skip_close_notify=1 read_timeout=1000 max_resend=10 \
Manuel Pégourié-Gonnard7a26d732014-10-02 14:50:46 +020011338 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
11339 0 \
11340 -s "a session has been resumed" \
11341 -c "a session has been resumed" \
11342 -s "Extra-header:" \
11343 -c "HTTP/1.0 200 OK"
11344
Janos Follath74537a62016-09-02 13:45:28 +010011345client_needs_more_time 4
Jerry Yuab082902021-12-23 18:02:22 +080011346requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Gilles Peskine2fe796f2022-02-25 19:51:52 +010011347requires_config_enabled MBEDTLS_SSL_CACHE_C
Manuel Pégourié-Gonnard85beb302014-10-02 17:59:19 +020011348run_test "DTLS proxy: 3d, min handshake, resumption, nbio" \
11349 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011350 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
Manuel Pégourié-Gonnard85beb302014-10-02 17:59:19 +020011351 psk=abc123 debug_level=3 nbio=2" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011352 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +010011353 debug_level=3 reconnect=1 skip_close_notify=1 read_timeout=1000 max_resend=10 \
Manuel Pégourié-Gonnard85beb302014-10-02 17:59:19 +020011354 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8 nbio=2" \
11355 0 \
11356 -s "a session has been resumed" \
11357 -c "a session has been resumed" \
11358 -s "Extra-header:" \
11359 -c "HTTP/1.0 200 OK"
11360
Janos Follath74537a62016-09-02 13:45:28 +010011361client_needs_more_time 4
Hanno Becker6a243642017-10-12 15:18:45 +010011362requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +080011363requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +020011364run_test "DTLS proxy: 3d, min handshake, client-initiated renego" \
Manuel Pégourié-Gonnard1b753f12014-09-25 16:09:36 +020011365 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011366 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
Manuel Pégourié-Gonnard37a4de22014-10-01 16:38:03 +020011367 psk=abc123 renegotiation=1 debug_level=2" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011368 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
Manuel Pégourié-Gonnard37a4de22014-10-01 16:38:03 +020011369 renegotiate=1 debug_level=2 \
Manuel Pégourié-Gonnard1b753f12014-09-25 16:09:36 +020011370 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
11371 0 \
11372 -c "=> renegotiate" \
11373 -s "=> renegotiate" \
11374 -s "Extra-header:" \
11375 -c "HTTP/1.0 200 OK"
11376
Janos Follath74537a62016-09-02 13:45:28 +010011377client_needs_more_time 4
Hanno Becker6a243642017-10-12 15:18:45 +010011378requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +080011379requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +020011380run_test "DTLS proxy: 3d, min handshake, client-initiated renego, nbio" \
11381 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011382 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
Manuel Pégourié-Gonnard37a4de22014-10-01 16:38:03 +020011383 psk=abc123 renegotiation=1 debug_level=2" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011384 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
Manuel Pégourié-Gonnard37a4de22014-10-01 16:38:03 +020011385 renegotiate=1 debug_level=2 \
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +020011386 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
11387 0 \
11388 -c "=> renegotiate" \
11389 -s "=> renegotiate" \
11390 -s "Extra-header:" \
11391 -c "HTTP/1.0 200 OK"
11392
Janos Follath74537a62016-09-02 13:45:28 +010011393client_needs_more_time 4
Hanno Becker6a243642017-10-12 15:18:45 +010011394requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +080011395requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnardba958b82014-10-09 16:13:44 +020011396run_test "DTLS proxy: 3d, min handshake, server-initiated renego" \
Manuel Pégourié-Gonnarda6ace042014-10-15 12:44:41 +020011397 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011398 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
Manuel Pégourié-Gonnarda6ace042014-10-15 12:44:41 +020011399 psk=abc123 renegotiate=1 renegotiation=1 exchanges=4 \
Manuel Pégourié-Gonnardba958b82014-10-09 16:13:44 +020011400 debug_level=2" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011401 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
Manuel Pégourié-Gonnarda6ace042014-10-15 12:44:41 +020011402 renegotiation=1 exchanges=4 debug_level=2 \
Manuel Pégourié-Gonnardba958b82014-10-09 16:13:44 +020011403 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
11404 0 \
11405 -c "=> renegotiate" \
11406 -s "=> renegotiate" \
11407 -s "Extra-header:" \
11408 -c "HTTP/1.0 200 OK"
11409
Janos Follath74537a62016-09-02 13:45:28 +010011410client_needs_more_time 4
Hanno Becker6a243642017-10-12 15:18:45 +010011411requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Jerry Yuab082902021-12-23 18:02:22 +080011412requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnardba958b82014-10-09 16:13:44 +020011413run_test "DTLS proxy: 3d, min handshake, server-initiated renego, nbio" \
Manuel Pégourié-Gonnarda6ace042014-10-15 12:44:41 +020011414 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011415 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
Manuel Pégourié-Gonnarda6ace042014-10-15 12:44:41 +020011416 psk=abc123 renegotiate=1 renegotiation=1 exchanges=4 \
Manuel Pégourié-Gonnardba958b82014-10-09 16:13:44 +020011417 debug_level=2 nbio=2" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011418 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
Manuel Pégourié-Gonnarda6ace042014-10-15 12:44:41 +020011419 renegotiation=1 exchanges=4 debug_level=2 nbio=2 \
Manuel Pégourié-Gonnardba958b82014-10-09 16:13:44 +020011420 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
11421 0 \
11422 -c "=> renegotiate" \
11423 -s "=> renegotiate" \
11424 -s "Extra-header:" \
11425 -c "HTTP/1.0 200 OK"
11426
Zhangsen Wang87a9c862022-06-28 06:10:35 +000011427## The three tests below require 1.1.1a or higher version of openssl, otherwise
11428## it might trigger a bug due to openssl (https://github.com/openssl/openssl/issues/6902)
11429## Besides, openssl should use dtls1_2 or dtls, otherwise it will cause "SSL alert number 70" error
11430requires_openssl_next
Janos Follath74537a62016-09-02 13:45:28 +010011431client_needs_more_time 6
Manuel Pégourié-Gonnardd68434e2015-08-31 12:48:22 +020011432not_with_valgrind # risk of non-mbedtls peer timing out
Jerry Yuab082902021-12-23 18:02:22 +080011433requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard9590e0a2014-09-26 16:27:59 +020011434run_test "DTLS proxy: 3d, openssl server" \
Manuel Pégourié-Gonnardd0fd1da2014-09-25 17:00:27 +020011435 -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
Valerio Setti6ba247c2023-03-14 17:13:43 +010011436 "$O_NEXT_SRV -dtls1_2 -mtu 2048 -debug -msg -state" \
11437 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 tickets=0 debug_level=4" \
Manuel Pégourié-Gonnardd0fd1da2014-09-25 17:00:27 +020011438 0 \
Manuel Pégourié-Gonnardd0fd1da2014-09-25 17:00:27 +020011439 -c "HTTP/1.0 200 OK"
11440
Zhangsen Wang87a9c862022-06-28 06:10:35 +000011441requires_openssl_next
Janos Follath74537a62016-09-02 13:45:28 +010011442client_needs_more_time 8
Manuel Pégourié-Gonnardd68434e2015-08-31 12:48:22 +020011443not_with_valgrind # risk of non-mbedtls peer timing out
Jerry Yuab082902021-12-23 18:02:22 +080011444requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard9590e0a2014-09-26 16:27:59 +020011445run_test "DTLS proxy: 3d, openssl server, fragmentation" \
11446 -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
Zhangsen Wang87a9c862022-06-28 06:10:35 +000011447 "$O_NEXT_SRV -dtls1_2 -mtu 768" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011448 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 tickets=0" \
Manuel Pégourié-Gonnard9590e0a2014-09-26 16:27:59 +020011449 0 \
Manuel Pégourié-Gonnard9590e0a2014-09-26 16:27:59 +020011450 -c "HTTP/1.0 200 OK"
11451
Zhangsen Wang87a9c862022-06-28 06:10:35 +000011452requires_openssl_next
Janos Follath74537a62016-09-02 13:45:28 +010011453client_needs_more_time 8
Manuel Pégourié-Gonnardd68434e2015-08-31 12:48:22 +020011454not_with_valgrind # risk of non-mbedtls peer timing out
Jerry Yuab082902021-12-23 18:02:22 +080011455requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +020011456run_test "DTLS proxy: 3d, openssl server, fragmentation, nbio" \
11457 -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
Zhangsen Wang87a9c862022-06-28 06:10:35 +000011458 "$O_NEXT_SRV -dtls1_2 -mtu 768" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011459 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 nbio=2 tickets=0" \
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +020011460 0 \
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +020011461 -c "HTTP/1.0 200 OK"
11462
Manuel Pégourié-Gonnard96999962015-02-17 16:02:37 +000011463requires_gnutls
Janos Follath74537a62016-09-02 13:45:28 +010011464client_needs_more_time 6
Manuel Pégourié-Gonnardd68434e2015-08-31 12:48:22 +020011465not_with_valgrind # risk of non-mbedtls peer timing out
Jerry Yuab082902021-12-23 18:02:22 +080011466requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard9590e0a2014-09-26 16:27:59 +020011467run_test "DTLS proxy: 3d, gnutls server" \
11468 -p "$P_PXY drop=5 delay=5 duplicate=5" \
11469 "$G_SRV -u --mtu 2048 -a" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011470 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000" \
Manuel Pégourié-Gonnard9590e0a2014-09-26 16:27:59 +020011471 0 \
11472 -s "Extra-header:" \
11473 -c "Extra-header:"
11474
k-stachowiak17a38d32019-02-18 15:29:56 +010011475requires_gnutls_next
Janos Follath74537a62016-09-02 13:45:28 +010011476client_needs_more_time 8
Manuel Pégourié-Gonnardd68434e2015-08-31 12:48:22 +020011477not_with_valgrind # risk of non-mbedtls peer timing out
Jerry Yuab082902021-12-23 18:02:22 +080011478requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard9590e0a2014-09-26 16:27:59 +020011479run_test "DTLS proxy: 3d, gnutls server, fragmentation" \
11480 -p "$P_PXY drop=5 delay=5 duplicate=5" \
k-stachowiak17a38d32019-02-18 15:29:56 +010011481 "$G_NEXT_SRV -u --mtu 512" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011482 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000" \
Manuel Pégourié-Gonnard9590e0a2014-09-26 16:27:59 +020011483 0 \
11484 -s "Extra-header:" \
11485 -c "Extra-header:"
11486
k-stachowiak17a38d32019-02-18 15:29:56 +010011487requires_gnutls_next
Janos Follath74537a62016-09-02 13:45:28 +010011488client_needs_more_time 8
Manuel Pégourié-Gonnardd68434e2015-08-31 12:48:22 +020011489not_with_valgrind # risk of non-mbedtls peer timing out
Jerry Yuab082902021-12-23 18:02:22 +080011490requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +020011491run_test "DTLS proxy: 3d, gnutls server, fragmentation, nbio" \
11492 -p "$P_PXY drop=5 delay=5 duplicate=5" \
k-stachowiak17a38d32019-02-18 15:29:56 +010011493 "$G_NEXT_SRV -u --mtu 512" \
Andrzej Kurek948fe802018-10-05 15:42:44 -040011494 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 nbio=2" \
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +020011495 0 \
11496 -s "Extra-header:" \
11497 -c "Extra-header:"
11498
Jerry Yuab082902021-12-23 18:02:22 +080011499requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Ron Eldorf75e2522019-05-14 20:38:49 +030011500run_test "export keys functionality" \
11501 "$P_SRV eap_tls=1 debug_level=3" \
11502 "$P_CLI eap_tls=1 debug_level=3" \
11503 0 \
Ron Eldor65d8c262019-06-04 13:05:36 +030011504 -c "EAP-TLS key material is:"\
11505 -s "EAP-TLS key material is:"\
11506 -c "EAP-TLS IV is:" \
11507 -s "EAP-TLS IV is:"
Ron Eldorf75e2522019-05-14 20:38:49 +030011508
Jerry Yu04029792021-08-10 16:45:37 +080011509# openssl feature tests: check if tls1.3 exists.
11510requires_openssl_tls1_3
Jerry Yuc502dff2021-12-03 10:04:08 +080011511run_test "TLS 1.3: Test openssl tls1_3 feature" \
Jerry Yu04029792021-08-10 16:45:37 +080011512 "$O_NEXT_SRV -tls1_3 -msg" \
11513 "$O_NEXT_CLI -tls1_3 -msg" \
11514 0 \
11515 -c "TLS 1.3" \
11516 -s "TLS 1.3"
11517
Jerry Yu75261df2021-09-02 17:40:08 +080011518# gnutls feature tests: check if TLS 1.3 is supported as well as the NO_TICKETS and DISABLE_TLS13_COMPAT_MODE options.
Jerry Yu04029792021-08-10 16:45:37 +080011519requires_gnutls_tls1_3
Jerry Yub12d81d2021-08-17 10:56:08 +080011520requires_gnutls_next_no_ticket
11521requires_gnutls_next_disable_tls13_compat
Jerry Yuc502dff2021-12-03 10:04:08 +080011522run_test "TLS 1.3: Test gnutls tls1_3 feature" \
Jerry Yu937ac672021-10-28 17:39:28 +080011523 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE --disable-client-cert " \
Jerry Yub12d81d2021-08-17 10:56:08 +080011524 "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \
Jerry Yu04029792021-08-10 16:45:37 +080011525 0 \
11526 -s "Version: TLS1.3" \
11527 -c "Version: TLS1.3"
11528
Jerry Yuc46e9b42021-08-06 11:22:24 +080011529# TLS1.3 test cases
Jerry Yued2ef2d2021-08-19 18:11:43 +080011530requires_openssl_tls1_3
Ronald Cron7c0185f2021-11-30 09:16:24 +010011531requires_config_enabled MBEDTLS_DEBUG_C
11532requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron70ed4172022-10-20 15:48:19 +020011533requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
11534 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yuc502dff2021-12-03 10:04:08 +080011535run_test "TLS 1.3: minimal feature sets - openssl" \
Ronald Cronfdb0e3f2021-12-09 10:39:19 +010011536 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010011537 "$P_CLI debug_level=3" \
Jerry Yue1b1e2d2021-10-29 17:46:32 +080011538 0 \
Ronald Cron27c85e72022-03-08 11:37:55 +010011539 -c "client state: MBEDTLS_SSL_HELLO_REQUEST" \
11540 -c "client state: MBEDTLS_SSL_SERVER_HELLO" \
11541 -c "client state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
11542 -c "client state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \
11543 -c "client state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
11544 -c "client state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \
11545 -c "client state: MBEDTLS_SSL_SERVER_FINISHED" \
11546 -c "client state: MBEDTLS_SSL_CLIENT_FINISHED" \
11547 -c "client state: MBEDTLS_SSL_FLUSH_BUFFERS" \
11548 -c "client state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \
Xiaofei Bai746f9482021-11-12 08:53:56 +000011549 -c "<= ssl_tls13_process_server_hello" \
Jerry Yu745bb612021-10-13 22:01:04 +080011550 -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
Ronald Cron27c85e72022-03-08 11:37:55 +010011551 -c "ECDH curve: x25519" \
Xiaofei Bai746f9482021-11-12 08:53:56 +000011552 -c "=> ssl_tls13_process_server_hello" \
Ronald Cron27c85e72022-03-08 11:37:55 +010011553 -c "<= parse encrypted extensions" \
Jerry Yu834886d2021-10-30 13:26:15 +080011554 -c "Certificate verification flags clear" \
Ronald Cron27c85e72022-03-08 11:37:55 +010011555 -c "=> parse certificate verify" \
11556 -c "<= parse certificate verify" \
XiaokangQiand0aa3e92021-11-10 06:17:40 +000011557 -c "mbedtls_ssl_tls13_process_certificate_verify() returned 0" \
Jerry Yu6d38c192021-11-15 14:01:04 +080011558 -c "<= parse finished message" \
Gilles Peskinec63a1e02022-01-13 01:10:24 +010011559 -c "Protocol is TLSv1.3" \
Jerry Yu6d38c192021-11-15 14:01:04 +080011560 -c "HTTP/1.0 200 ok"
Jerry Yued2ef2d2021-08-19 18:11:43 +080011561
Jerry Yu76e31ec2021-09-22 21:16:27 +080011562requires_gnutls_tls1_3
Jerry Yu937ac672021-10-28 17:39:28 +080011563requires_gnutls_next_no_ticket
Ronald Cron7c0185f2021-11-30 09:16:24 +010011564requires_config_enabled MBEDTLS_DEBUG_C
11565requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron70ed4172022-10-20 15:48:19 +020011566requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
11567 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yuc502dff2021-12-03 10:04:08 +080011568run_test "TLS 1.3: minimal feature sets - gnutls" \
Ronald Cronfdb0e3f2021-12-09 10:39:19 +010011569 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS --disable-client-cert" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010011570 "$P_CLI debug_level=3" \
Jerry Yue1b1e2d2021-10-29 17:46:32 +080011571 0 \
Ronald Cron27c85e72022-03-08 11:37:55 +010011572 -s "SERVER HELLO was queued" \
11573 -c "client state: MBEDTLS_SSL_HELLO_REQUEST" \
11574 -c "client state: MBEDTLS_SSL_SERVER_HELLO" \
11575 -c "client state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
11576 -c "client state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \
11577 -c "client state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
11578 -c "client state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \
11579 -c "client state: MBEDTLS_SSL_SERVER_FINISHED" \
11580 -c "client state: MBEDTLS_SSL_CLIENT_FINISHED" \
11581 -c "client state: MBEDTLS_SSL_FLUSH_BUFFERS" \
11582 -c "client state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \
Xiaofei Bai746f9482021-11-12 08:53:56 +000011583 -c "<= ssl_tls13_process_server_hello" \
Jerry Yu745bb612021-10-13 22:01:04 +080011584 -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
Ronald Cron27c85e72022-03-08 11:37:55 +010011585 -c "ECDH curve: x25519" \
Xiaofei Bai746f9482021-11-12 08:53:56 +000011586 -c "=> ssl_tls13_process_server_hello" \
Ronald Cron27c85e72022-03-08 11:37:55 +010011587 -c "<= parse encrypted extensions" \
Jerry Yu834886d2021-10-30 13:26:15 +080011588 -c "Certificate verification flags clear" \
Ronald Cron27c85e72022-03-08 11:37:55 +010011589 -c "=> parse certificate verify" \
11590 -c "<= parse certificate verify" \
XiaokangQiand0aa3e92021-11-10 06:17:40 +000011591 -c "mbedtls_ssl_tls13_process_certificate_verify() returned 0" \
Jerry Yu6d38c192021-11-15 14:01:04 +080011592 -c "<= parse finished message" \
Gilles Peskine860429f2022-02-12 00:44:48 +010011593 -c "Protocol is TLSv1.3" \
Jerry Yu6d38c192021-11-15 14:01:04 +080011594 -c "HTTP/1.0 200 OK"
XiaokangQiand0aa3e92021-11-10 06:17:40 +000011595
lhuang0486cacac2022-01-21 07:34:27 -080011596requires_openssl_tls1_3
lhuang0486cacac2022-01-21 07:34:27 -080011597requires_config_enabled MBEDTLS_DEBUG_C
11598requires_config_enabled MBEDTLS_SSL_CLI_C
11599requires_config_enabled MBEDTLS_SSL_ALPN
Ronald Cron70ed4172022-10-20 15:48:19 +020011600requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
11601 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
lhuang0486cacac2022-01-21 07:34:27 -080011602run_test "TLS 1.3: alpn - openssl" \
11603 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -alpn h2" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010011604 "$P_CLI debug_level=3 alpn=h2" \
lhuang0486cacac2022-01-21 07:34:27 -080011605 0 \
Ronald Cron27c85e72022-03-08 11:37:55 +010011606 -c "client state: MBEDTLS_SSL_HELLO_REQUEST" \
11607 -c "client state: MBEDTLS_SSL_SERVER_HELLO" \
11608 -c "client state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
11609 -c "client state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \
11610 -c "client state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
11611 -c "client state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \
11612 -c "client state: MBEDTLS_SSL_SERVER_FINISHED" \
11613 -c "client state: MBEDTLS_SSL_CLIENT_FINISHED" \
11614 -c "client state: MBEDTLS_SSL_FLUSH_BUFFERS" \
11615 -c "client state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \
lhuang0486cacac2022-01-21 07:34:27 -080011616 -c "<= ssl_tls13_process_server_hello" \
11617 -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
Ronald Cron27c85e72022-03-08 11:37:55 +010011618 -c "ECDH curve: x25519" \
lhuang0486cacac2022-01-21 07:34:27 -080011619 -c "=> ssl_tls13_process_server_hello" \
Ronald Cron27c85e72022-03-08 11:37:55 +010011620 -c "<= parse encrypted extensions" \
lhuang0486cacac2022-01-21 07:34:27 -080011621 -c "Certificate verification flags clear" \
Ronald Cron27c85e72022-03-08 11:37:55 +010011622 -c "=> parse certificate verify" \
11623 -c "<= parse certificate verify" \
lhuang0486cacac2022-01-21 07:34:27 -080011624 -c "mbedtls_ssl_tls13_process_certificate_verify() returned 0" \
11625 -c "<= parse finished message" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010011626 -c "Protocol is TLSv1.3" \
lhuang0486cacac2022-01-21 07:34:27 -080011627 -c "HTTP/1.0 200 ok" \
11628 -c "Application Layer Protocol is h2"
11629
11630requires_gnutls_tls1_3
11631requires_gnutls_next_no_ticket
lhuang0486cacac2022-01-21 07:34:27 -080011632requires_config_enabled MBEDTLS_DEBUG_C
11633requires_config_enabled MBEDTLS_SSL_CLI_C
11634requires_config_enabled MBEDTLS_SSL_ALPN
Ronald Cron70ed4172022-10-20 15:48:19 +020011635requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
11636 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
lhuang0486cacac2022-01-21 07:34:27 -080011637run_test "TLS 1.3: alpn - gnutls" \
11638 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS --disable-client-cert --alpn=h2" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010011639 "$P_CLI debug_level=3 alpn=h2" \
lhuang0486cacac2022-01-21 07:34:27 -080011640 0 \
Ronald Cron27c85e72022-03-08 11:37:55 +010011641 -s "SERVER HELLO was queued" \
11642 -c "client state: MBEDTLS_SSL_HELLO_REQUEST" \
11643 -c "client state: MBEDTLS_SSL_SERVER_HELLO" \
11644 -c "client state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
11645 -c "client state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \
11646 -c "client state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
11647 -c "client state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \
11648 -c "client state: MBEDTLS_SSL_SERVER_FINISHED" \
11649 -c "client state: MBEDTLS_SSL_CLIENT_FINISHED" \
11650 -c "client state: MBEDTLS_SSL_FLUSH_BUFFERS" \
11651 -c "client state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \
lhuang0486cacac2022-01-21 07:34:27 -080011652 -c "<= ssl_tls13_process_server_hello" \
11653 -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
Ronald Cron27c85e72022-03-08 11:37:55 +010011654 -c "ECDH curve: x25519" \
lhuang0486cacac2022-01-21 07:34:27 -080011655 -c "=> ssl_tls13_process_server_hello" \
Ronald Cron27c85e72022-03-08 11:37:55 +010011656 -c "<= parse encrypted extensions" \
lhuang0486cacac2022-01-21 07:34:27 -080011657 -c "Certificate verification flags clear" \
Ronald Cron27c85e72022-03-08 11:37:55 +010011658 -c "=> parse certificate verify" \
11659 -c "<= parse certificate verify" \
lhuang0486cacac2022-01-21 07:34:27 -080011660 -c "mbedtls_ssl_tls13_process_certificate_verify() returned 0" \
11661 -c "<= parse finished message" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010011662 -c "Protocol is TLSv1.3" \
lhuang0486cacac2022-01-21 07:34:27 -080011663 -c "HTTP/1.0 200 OK" \
11664 -c "Application Layer Protocol is h2"
11665
XiaokangQianacb39922022-06-17 10:18:48 +000011666requires_openssl_tls1_3
XiaokangQianacb39922022-06-17 10:18:48 +000011667requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian95d5f542022-06-24 02:29:26 +000011668requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQianacb39922022-06-17 10:18:48 +000011669requires_config_enabled MBEDTLS_SSL_ALPN
Ronald Cron928cbd32022-10-04 16:14:26 +020011670requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
XiaokangQianacb39922022-06-17 10:18:48 +000011671run_test "TLS 1.3: server alpn - openssl" \
11672 "$P_SRV debug_level=3 tickets=0 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 alpn=h2" \
11673 "$O_NEXT_CLI -msg -tls1_3 -no_middlebox -alpn h2" \
11674 0 \
XiaokangQianc7403452022-06-23 03:24:12 +000011675 -s "found alpn extension" \
11676 -s "server side, adding alpn extension" \
11677 -s "Protocol is TLSv1.3" \
11678 -s "HTTP/1.0 200 OK" \
11679 -s "Application Layer Protocol is h2"
11680
11681requires_gnutls_tls1_3
XiaokangQianc7403452022-06-23 03:24:12 +000011682requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQian95d5f542022-06-24 02:29:26 +000011683requires_config_enabled MBEDTLS_SSL_SRV_C
XiaokangQianc7403452022-06-23 03:24:12 +000011684requires_config_enabled MBEDTLS_SSL_ALPN
Ronald Cron928cbd32022-10-04 16:14:26 +020011685requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
XiaokangQianc7403452022-06-23 03:24:12 +000011686run_test "TLS 1.3: server alpn - gnutls" \
11687 "$P_SRV debug_level=3 tickets=0 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 alpn=h2" \
11688 "$G_NEXT_CLI localhost -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V --alpn h2" \
11689 0 \
XiaokangQianacb39922022-06-17 10:18:48 +000011690 -s "found alpn extension" \
11691 -s "server side, adding alpn extension" \
11692 -s "Protocol is TLSv1.3" \
11693 -s "HTTP/1.0 200 OK" \
11694 -s "Application Layer Protocol is h2"
11695
Ronald Cron6f135e12021-12-08 16:57:54 +010011696requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron7c0185f2021-11-30 09:16:24 +010011697requires_config_enabled MBEDTLS_DEBUG_C
11698requires_config_enabled MBEDTLS_SSL_CLI_C
Jerry Yu8f9d7db2021-11-22 17:28:01 +080011699skip_handshake_stage_check
11700requires_gnutls_tls1_3
Ronald Crondf5f8682022-04-05 16:01:03 +020011701run_test "TLS 1.3: Not supported version check:gnutls: srv max TLS 1.0" \
Jerry Yu8f9d7db2021-11-22 17:28:01 +080011702 "$G_NEXT_SRV --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0 -d 4" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010011703 "$P_CLI debug_level=4" \
Jerry Yu8f9d7db2021-11-22 17:28:01 +080011704 1 \
11705 -s "Client's version: 3.3" \
Jerry Yu8f9d7db2021-11-22 17:28:01 +080011706 -S "Version: TLS1.0" \
11707 -C "Protocol is TLSv1.0"
11708
Ronald Cron6f135e12021-12-08 16:57:54 +010011709requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron7c0185f2021-11-30 09:16:24 +010011710requires_config_enabled MBEDTLS_DEBUG_C
11711requires_config_enabled MBEDTLS_SSL_CLI_C
Jerry Yu8f9d7db2021-11-22 17:28:01 +080011712skip_handshake_stage_check
11713requires_gnutls_tls1_3
Ronald Crondf5f8682022-04-05 16:01:03 +020011714run_test "TLS 1.3: Not supported version check:gnutls: srv max TLS 1.1" \
Jerry Yu8f9d7db2021-11-22 17:28:01 +080011715 "$G_NEXT_SRV --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1 -d 4" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010011716 "$P_CLI debug_level=4" \
Jerry Yu8f9d7db2021-11-22 17:28:01 +080011717 1 \
11718 -s "Client's version: 3.3" \
Jerry Yu8f9d7db2021-11-22 17:28:01 +080011719 -S "Version: TLS1.1" \
11720 -C "Protocol is TLSv1.1"
11721
Ronald Cron6f135e12021-12-08 16:57:54 +010011722requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron7c0185f2021-11-30 09:16:24 +010011723requires_config_enabled MBEDTLS_DEBUG_C
11724requires_config_enabled MBEDTLS_SSL_CLI_C
Jerry Yu8f9d7db2021-11-22 17:28:01 +080011725skip_handshake_stage_check
11726requires_gnutls_tls1_3
Ronald Crondf5f8682022-04-05 16:01:03 +020011727run_test "TLS 1.3: Not supported version check:gnutls: srv max TLS 1.2" \
Jerry Yu8f9d7db2021-11-22 17:28:01 +080011728 "$G_NEXT_SRV --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2 -d 4" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010011729 "$P_CLI force_version=tls13 debug_level=4" \
Jerry Yu8f9d7db2021-11-22 17:28:01 +080011730 1 \
11731 -s "Client's version: 3.3" \
11732 -c "is a fatal alert message (msg 40)" \
11733 -S "Version: TLS1.2" \
11734 -C "Protocol is TLSv1.2"
11735
Ronald Cron6f135e12021-12-08 16:57:54 +010011736requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron7c0185f2021-11-30 09:16:24 +010011737requires_config_enabled MBEDTLS_DEBUG_C
11738requires_config_enabled MBEDTLS_SSL_CLI_C
Jerry Yu8f9d7db2021-11-22 17:28:01 +080011739skip_handshake_stage_check
11740requires_openssl_next
Ronald Crondf5f8682022-04-05 16:01:03 +020011741run_test "TLS 1.3: Not supported version check:openssl: srv max TLS 1.0" \
Jerry Yu8f9d7db2021-11-22 17:28:01 +080011742 "$O_NEXT_SRV -msg -tls1" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010011743 "$P_CLI debug_level=4" \
Jerry Yu8f9d7db2021-11-22 17:28:01 +080011744 1 \
11745 -s "fatal protocol_version" \
11746 -c "is a fatal alert message (msg 70)" \
11747 -S "Version: TLS1.0" \
11748 -C "Protocol : TLSv1.0"
11749
Ronald Cron6f135e12021-12-08 16:57:54 +010011750requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron7c0185f2021-11-30 09:16:24 +010011751requires_config_enabled MBEDTLS_DEBUG_C
11752requires_config_enabled MBEDTLS_SSL_CLI_C
Jerry Yu8f9d7db2021-11-22 17:28:01 +080011753skip_handshake_stage_check
11754requires_openssl_next
Ronald Crondf5f8682022-04-05 16:01:03 +020011755run_test "TLS 1.3: Not supported version check:openssl: srv max TLS 1.1" \
Jerry Yu8f9d7db2021-11-22 17:28:01 +080011756 "$O_NEXT_SRV -msg -tls1_1" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010011757 "$P_CLI debug_level=4" \
Jerry Yu8f9d7db2021-11-22 17:28:01 +080011758 1 \
11759 -s "fatal protocol_version" \
11760 -c "is a fatal alert message (msg 70)" \
11761 -S "Version: TLS1.1" \
11762 -C "Protocol : TLSv1.1"
11763
Ronald Cron6f135e12021-12-08 16:57:54 +010011764requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
Ronald Cron7c0185f2021-11-30 09:16:24 +010011765requires_config_enabled MBEDTLS_DEBUG_C
11766requires_config_enabled MBEDTLS_SSL_CLI_C
Jerry Yu8f9d7db2021-11-22 17:28:01 +080011767skip_handshake_stage_check
11768requires_openssl_next
Ronald Crondf5f8682022-04-05 16:01:03 +020011769run_test "TLS 1.3: Not supported version check:openssl: srv max TLS 1.2" \
Jerry Yu8f9d7db2021-11-22 17:28:01 +080011770 "$O_NEXT_SRV -msg -tls1_2" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010011771 "$P_CLI force_version=tls13 debug_level=4" \
Jerry Yu8f9d7db2021-11-22 17:28:01 +080011772 1 \
11773 -s "fatal protocol_version" \
11774 -c "is a fatal alert message (msg 70)" \
11775 -S "Version: TLS1.2" \
11776 -C "Protocol : TLSv1.2"
11777
Jerry Yuaa6214a2022-01-30 19:53:28 +080011778requires_openssl_tls1_3
Jerry Yuaa6214a2022-01-30 19:53:28 +080011779requires_config_enabled MBEDTLS_DEBUG_C
11780requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron70ed4172022-10-20 15:48:19 +020011781requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
11782 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu6c3d8212022-02-18 15:23:23 +080011783run_test "TLS 1.3: Client authentication, no client certificate - openssl" \
Jerry Yu819f2972022-02-22 10:14:24 +080011784 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -verify 10" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010011785 "$P_CLI debug_level=4 crt_file=none key_file=none" \
Jerry Yuaa6214a2022-01-30 19:53:28 +080011786 0 \
Jerry Yuaa6214a2022-01-30 19:53:28 +080011787 -c "got a certificate request" \
Jerry Yu6c3d8212022-02-18 15:23:23 +080011788 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11789 -s "TLS 1.3" \
Jerry Yu562a0fd2022-02-18 15:35:11 +080011790 -c "HTTP/1.0 200 ok" \
11791 -c "Protocol is TLSv1.3"
Jerry Yu6c3d8212022-02-18 15:23:23 +080011792
11793requires_gnutls_tls1_3
11794requires_gnutls_next_no_ticket
Jerry Yu6c3d8212022-02-18 15:23:23 +080011795requires_config_enabled MBEDTLS_DEBUG_C
11796requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron70ed4172022-10-20 15:48:19 +020011797requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
11798 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu6c3d8212022-02-18 15:23:23 +080011799run_test "TLS 1.3: Client authentication, no client certificate - gnutls" \
Jerry Yu819f2972022-02-22 10:14:24 +080011800 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS --verify-client-cert" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010011801 "$P_CLI debug_level=3 crt_file=none key_file=none" \
Jerry Yu6c3d8212022-02-18 15:23:23 +080011802 0 \
11803 -c "got a certificate request" \
11804 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE"\
11805 -s "Version: TLS1.3" \
Jerry Yu562a0fd2022-02-18 15:35:11 +080011806 -c "HTTP/1.0 200 OK" \
11807 -c "Protocol is TLSv1.3"
11808
Jerry Yuaa6214a2022-01-30 19:53:28 +080011809
Jerry Yu960bc282022-01-26 11:12:34 +080011810requires_openssl_tls1_3
Jerry Yu960bc282022-01-26 11:12:34 +080011811requires_config_enabled MBEDTLS_DEBUG_C
11812requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron928cbd32022-10-04 16:14:26 +020011813requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu819f2972022-02-22 10:14:24 +080011814run_test "TLS 1.3: Client authentication, no server middlebox compat - openssl" \
Jerry Yu960bc282022-01-26 11:12:34 +080011815 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10 -no_middlebox" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010011816 "$P_CLI debug_level=4 crt_file=data_files/cli2.crt key_file=data_files/cli2.key" \
Jerry Yuc19884f2022-01-29 10:44:44 +080011817 0 \
Jerry Yu960bc282022-01-26 11:12:34 +080011818 -c "got a certificate request" \
Jerry Yu200b47b2022-01-28 14:26:30 +080011819 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
Jerry Yu562a0fd2022-02-18 15:35:11 +080011820 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11821 -c "Protocol is TLSv1.3"
Jerry Yu960bc282022-01-26 11:12:34 +080011822
11823requires_gnutls_tls1_3
11824requires_gnutls_next_no_ticket
Jerry Yu960bc282022-01-26 11:12:34 +080011825requires_config_enabled MBEDTLS_DEBUG_C
11826requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron928cbd32022-10-04 16:14:26 +020011827requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu819f2972022-02-22 10:14:24 +080011828run_test "TLS 1.3: Client authentication, no server middlebox compat - gnutls" \
Jerry Yu960bc282022-01-26 11:12:34 +080011829 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010011830 "$P_CLI debug_level=3 crt_file=data_files/cli2.crt \
Jerry Yu25e0ddc2022-01-29 10:33:13 +080011831 key_file=data_files/cli2.key" \
Jerry Yuc19884f2022-01-29 10:44:44 +080011832 0 \
Jerry Yu960bc282022-01-26 11:12:34 +080011833 -c "got a certificate request" \
Jerry Yu200b47b2022-01-28 14:26:30 +080011834 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
Jerry Yu562a0fd2022-02-18 15:35:11 +080011835 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11836 -c "Protocol is TLSv1.3"
Jerry Yu200b47b2022-01-28 14:26:30 +080011837
11838requires_openssl_tls1_3
Jerry Yu200b47b2022-01-28 14:26:30 +080011839requires_config_enabled MBEDTLS_DEBUG_C
11840requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron70ed4172022-10-20 15:48:19 +020011841requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
11842 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu6c3d8212022-02-18 15:23:23 +080011843run_test "TLS 1.3: Client authentication, ecdsa_secp256r1_sha256 - openssl" \
Jerry Yu819f2972022-02-22 10:14:24 +080011844 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010011845 "$P_CLI debug_level=4 crt_file=data_files/ecdsa_secp256r1.crt \
Jerry Yu6c3d8212022-02-18 15:23:23 +080011846 key_file=data_files/ecdsa_secp256r1.key" \
11847 0 \
11848 -c "got a certificate request" \
11849 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
Jerry Yu562a0fd2022-02-18 15:35:11 +080011850 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11851 -c "Protocol is TLSv1.3"
Jerry Yu6c3d8212022-02-18 15:23:23 +080011852
11853requires_gnutls_tls1_3
11854requires_gnutls_next_no_ticket
Jerry Yu6c3d8212022-02-18 15:23:23 +080011855requires_config_enabled MBEDTLS_DEBUG_C
11856requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron70ed4172022-10-20 15:48:19 +020011857requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
11858 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu6c3d8212022-02-18 15:23:23 +080011859run_test "TLS 1.3: Client authentication, ecdsa_secp256r1_sha256 - gnutls" \
Jerry Yu819f2972022-02-22 10:14:24 +080011860 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010011861 "$P_CLI debug_level=3 crt_file=data_files/ecdsa_secp256r1.crt \
Jerry Yu6c3d8212022-02-18 15:23:23 +080011862 key_file=data_files/ecdsa_secp256r1.key" \
11863 0 \
11864 -c "got a certificate request" \
11865 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
Jerry Yu562a0fd2022-02-18 15:35:11 +080011866 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11867 -c "Protocol is TLSv1.3"
Jerry Yu6c3d8212022-02-18 15:23:23 +080011868
11869requires_openssl_tls1_3
Jerry Yu6c3d8212022-02-18 15:23:23 +080011870requires_config_enabled MBEDTLS_DEBUG_C
11871requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron70ed4172022-10-20 15:48:19 +020011872requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
11873 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu6c3d8212022-02-18 15:23:23 +080011874run_test "TLS 1.3: Client authentication, ecdsa_secp384r1_sha384 - openssl" \
Jerry Yu819f2972022-02-22 10:14:24 +080011875 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010011876 "$P_CLI debug_level=4 crt_file=data_files/ecdsa_secp384r1.crt \
Jerry Yu6c3d8212022-02-18 15:23:23 +080011877 key_file=data_files/ecdsa_secp384r1.key" \
11878 0 \
11879 -c "got a certificate request" \
11880 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
Jerry Yu562a0fd2022-02-18 15:35:11 +080011881 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11882 -c "Protocol is TLSv1.3"
Jerry Yu6c3d8212022-02-18 15:23:23 +080011883
11884requires_gnutls_tls1_3
11885requires_gnutls_next_no_ticket
Jerry Yu6c3d8212022-02-18 15:23:23 +080011886requires_config_enabled MBEDTLS_DEBUG_C
11887requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron70ed4172022-10-20 15:48:19 +020011888requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
11889 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu6c3d8212022-02-18 15:23:23 +080011890run_test "TLS 1.3: Client authentication, ecdsa_secp384r1_sha384 - gnutls" \
Jerry Yu819f2972022-02-22 10:14:24 +080011891 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010011892 "$P_CLI debug_level=3 crt_file=data_files/ecdsa_secp384r1.crt \
Jerry Yu6c3d8212022-02-18 15:23:23 +080011893 key_file=data_files/ecdsa_secp384r1.key" \
11894 0 \
11895 -c "got a certificate request" \
11896 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
Jerry Yu562a0fd2022-02-18 15:35:11 +080011897 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11898 -c "Protocol is TLSv1.3"
Jerry Yu6c3d8212022-02-18 15:23:23 +080011899
11900requires_openssl_tls1_3
Jerry Yu6c3d8212022-02-18 15:23:23 +080011901requires_config_enabled MBEDTLS_DEBUG_C
11902requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron70ed4172022-10-20 15:48:19 +020011903requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
11904 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu6c3d8212022-02-18 15:23:23 +080011905run_test "TLS 1.3: Client authentication, ecdsa_secp521r1_sha512 - openssl" \
Jerry Yu819f2972022-02-22 10:14:24 +080011906 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010011907 "$P_CLI debug_level=4 crt_file=data_files/ecdsa_secp521r1.crt \
Jerry Yu6c3d8212022-02-18 15:23:23 +080011908 key_file=data_files/ecdsa_secp521r1.key" \
11909 0 \
11910 -c "got a certificate request" \
11911 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
Jerry Yu562a0fd2022-02-18 15:35:11 +080011912 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11913 -c "Protocol is TLSv1.3"
Jerry Yu6c3d8212022-02-18 15:23:23 +080011914
11915requires_gnutls_tls1_3
11916requires_gnutls_next_no_ticket
Jerry Yu6c3d8212022-02-18 15:23:23 +080011917requires_config_enabled MBEDTLS_DEBUG_C
11918requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron70ed4172022-10-20 15:48:19 +020011919requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
11920 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu6c3d8212022-02-18 15:23:23 +080011921run_test "TLS 1.3: Client authentication, ecdsa_secp521r1_sha512 - gnutls" \
Jerry Yu819f2972022-02-22 10:14:24 +080011922 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010011923 "$P_CLI debug_level=3 crt_file=data_files/ecdsa_secp521r1.crt \
Jerry Yu6c3d8212022-02-18 15:23:23 +080011924 key_file=data_files/ecdsa_secp521r1.key" \
11925 0 \
11926 -c "got a certificate request" \
11927 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
Jerry Yu562a0fd2022-02-18 15:35:11 +080011928 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11929 -c "Protocol is TLSv1.3"
Jerry Yu6c3d8212022-02-18 15:23:23 +080011930
11931requires_openssl_tls1_3
Jerry Yu6c3d8212022-02-18 15:23:23 +080011932requires_config_enabled MBEDTLS_DEBUG_C
11933requires_config_enabled MBEDTLS_SSL_CLI_C
11934requires_config_enabled MBEDTLS_RSA_C
Ronald Cron70ed4172022-10-20 15:48:19 +020011935requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
11936 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu6c3d8212022-02-18 15:23:23 +080011937run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha256 - openssl" \
Jerry Yu819f2972022-02-22 10:14:24 +080011938 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010011939 "$P_CLI debug_level=4 crt_file=data_files/cert_sha256.crt \
Jerry Yu2ff6ba12022-02-23 10:38:25 +080011940 key_file=data_files/server1.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha256" \
Jerry Yu919130c2022-02-23 10:40:19 +080011941 0 \
Jerry Yu6c3d8212022-02-18 15:23:23 +080011942 -c "got a certificate request" \
11943 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
Jerry Yu562a0fd2022-02-18 15:35:11 +080011944 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
Jerry Yu919130c2022-02-23 10:40:19 +080011945 -c "Protocol is TLSv1.3"
Jerry Yu6c3d8212022-02-18 15:23:23 +080011946
11947requires_gnutls_tls1_3
11948requires_gnutls_next_no_ticket
Jerry Yu6c3d8212022-02-18 15:23:23 +080011949requires_config_enabled MBEDTLS_DEBUG_C
11950requires_config_enabled MBEDTLS_SSL_CLI_C
11951requires_config_enabled MBEDTLS_RSA_C
Ronald Cron70ed4172022-10-20 15:48:19 +020011952requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
11953 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu6c3d8212022-02-18 15:23:23 +080011954run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha256 - gnutls" \
Jerry Yu819f2972022-02-22 10:14:24 +080011955 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010011956 "$P_CLI debug_level=3 crt_file=data_files/server2-sha256.crt \
Jerry Yu2ff6ba12022-02-23 10:38:25 +080011957 key_file=data_files/server2.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha256" \
Jerry Yu919130c2022-02-23 10:40:19 +080011958 0 \
Jerry Yu6c3d8212022-02-18 15:23:23 +080011959 -c "got a certificate request" \
11960 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
Jerry Yu562a0fd2022-02-18 15:35:11 +080011961 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
Jerry Yu919130c2022-02-23 10:40:19 +080011962 -c "Protocol is TLSv1.3"
Jerry Yu960bc282022-01-26 11:12:34 +080011963
Jerry Yu2124d052022-02-18 21:07:18 +080011964requires_openssl_tls1_3
Jerry Yu2124d052022-02-18 21:07:18 +080011965requires_config_enabled MBEDTLS_DEBUG_C
11966requires_config_enabled MBEDTLS_SSL_CLI_C
11967requires_config_enabled MBEDTLS_RSA_C
Ronald Cron70ed4172022-10-20 15:48:19 +020011968requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
11969 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu3a58b462022-02-22 16:42:29 +080011970run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha384 - openssl" \
11971 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
11972 "$P_CLI debug_level=4 force_version=tls13 crt_file=data_files/cert_sha256.crt \
11973 key_file=data_files/server1.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha384" \
11974 0 \
11975 -c "got a certificate request" \
11976 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11977 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11978 -c "Protocol is TLSv1.3"
11979
11980requires_gnutls_tls1_3
11981requires_gnutls_next_no_ticket
Jerry Yu3a58b462022-02-22 16:42:29 +080011982requires_config_enabled MBEDTLS_DEBUG_C
11983requires_config_enabled MBEDTLS_SSL_CLI_C
11984requires_config_enabled MBEDTLS_RSA_C
Ronald Cron70ed4172022-10-20 15:48:19 +020011985requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
11986 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu3a58b462022-02-22 16:42:29 +080011987run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha384 - gnutls" \
11988 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
11989 "$P_CLI debug_level=3 force_version=tls13 crt_file=data_files/server2-sha256.crt \
11990 key_file=data_files/server2.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha384" \
11991 0 \
11992 -c "got a certificate request" \
11993 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11994 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11995 -c "Protocol is TLSv1.3"
11996
11997requires_openssl_tls1_3
Jerry Yu3a58b462022-02-22 16:42:29 +080011998requires_config_enabled MBEDTLS_DEBUG_C
11999requires_config_enabled MBEDTLS_SSL_CLI_C
12000requires_config_enabled MBEDTLS_RSA_C
Ronald Cron70ed4172022-10-20 15:48:19 +020012001requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12002 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu3a58b462022-02-22 16:42:29 +080012003run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha512 - openssl" \
12004 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
12005 "$P_CLI debug_level=4 force_version=tls13 crt_file=data_files/cert_sha256.crt \
12006 key_file=data_files/server1.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha512" \
12007 0 \
12008 -c "got a certificate request" \
12009 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12010 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12011 -c "Protocol is TLSv1.3"
12012
12013requires_gnutls_tls1_3
12014requires_gnutls_next_no_ticket
Jerry Yu3a58b462022-02-22 16:42:29 +080012015requires_config_enabled MBEDTLS_DEBUG_C
12016requires_config_enabled MBEDTLS_SSL_CLI_C
12017requires_config_enabled MBEDTLS_RSA_C
Ronald Cron70ed4172022-10-20 15:48:19 +020012018requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12019 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu3a58b462022-02-22 16:42:29 +080012020run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha512 - gnutls" \
12021 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
12022 "$P_CLI debug_level=3 force_version=tls13 crt_file=data_files/server2-sha256.crt \
12023 key_file=data_files/server2.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha512" \
12024 0 \
12025 -c "got a certificate request" \
12026 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12027 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12028 -c "Protocol is TLSv1.3"
12029
12030requires_openssl_tls1_3
Jerry Yu3a58b462022-02-22 16:42:29 +080012031requires_config_enabled MBEDTLS_DEBUG_C
12032requires_config_enabled MBEDTLS_SSL_CLI_C
12033requires_config_enabled MBEDTLS_RSA_C
Ronald Cron70ed4172022-10-20 15:48:19 +020012034requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12035 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yuccb005e2022-02-22 17:38:34 +080012036run_test "TLS 1.3: Client authentication, client alg not in server list - openssl" \
Jerry Yu819f2972022-02-22 10:14:24 +080012037 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10
Jerry Yu2124d052022-02-18 21:07:18 +080012038 -sigalgs ecdsa_secp256r1_sha256" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010012039 "$P_CLI debug_level=3 crt_file=data_files/ecdsa_secp521r1.crt \
Jerry Yu2ff6ba12022-02-23 10:38:25 +080012040 key_file=data_files/ecdsa_secp521r1.key sig_algs=ecdsa_secp256r1_sha256,ecdsa_secp521r1_sha512" \
Jerry Yu2124d052022-02-18 21:07:18 +080012041 1 \
12042 -c "got a certificate request" \
12043 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12044 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
Ronald Cron067a1e72022-09-16 13:44:49 +020012045 -c "no suitable signature algorithm" \
Andrzej Kurek5c65c572022-04-13 14:28:52 -040012046 -C "unknown pk type"
Jerry Yu2124d052022-02-18 21:07:18 +080012047
12048requires_gnutls_tls1_3
12049requires_gnutls_next_no_ticket
Jerry Yu2124d052022-02-18 21:07:18 +080012050requires_config_enabled MBEDTLS_DEBUG_C
12051requires_config_enabled MBEDTLS_SSL_CLI_C
12052requires_config_enabled MBEDTLS_RSA_C
Ronald Cron70ed4172022-10-20 15:48:19 +020012053requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12054 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu819f2972022-02-22 10:14:24 +080012055run_test "TLS 1.3: Client authentication, client alg not in server list - gnutls" \
12056 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:-SIGN-ALL:+SIGN-ECDSA-SECP256R1-SHA256:%NO_TICKETS" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010012057 "$P_CLI debug_level=3 crt_file=data_files/ecdsa_secp521r1.crt \
Jerry Yu2ff6ba12022-02-23 10:38:25 +080012058 key_file=data_files/ecdsa_secp521r1.key sig_algs=ecdsa_secp256r1_sha256,ecdsa_secp521r1_sha512" \
Jerry Yu2124d052022-02-18 21:07:18 +080012059 1 \
12060 -c "got a certificate request" \
12061 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12062 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
Ronald Cron067a1e72022-09-16 13:44:49 +020012063 -c "no suitable signature algorithm" \
Andrzej Kurek5c65c572022-04-13 14:28:52 -040012064 -C "unknown pk type"
Jerry Yu2124d052022-02-18 21:07:18 +080012065
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012066# Test using an opaque private key for client authentication
12067requires_openssl_tls1_3
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012068requires_config_enabled MBEDTLS_DEBUG_C
12069requires_config_enabled MBEDTLS_SSL_CLI_C
12070requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Ronald Cron928cbd32022-10-04 16:14:26 +020012071requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012072run_test "TLS 1.3: Client authentication - opaque key, no server middlebox compat - openssl" \
12073 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10 -no_middlebox" \
12074 "$P_CLI debug_level=4 crt_file=data_files/cli2.crt key_file=data_files/cli2.key key_opaque=1" \
12075 0 \
12076 -c "got a certificate request" \
12077 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12078 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12079 -c "Protocol is TLSv1.3"
12080
12081requires_gnutls_tls1_3
12082requires_gnutls_next_no_ticket
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012083requires_config_enabled MBEDTLS_DEBUG_C
12084requires_config_enabled MBEDTLS_SSL_CLI_C
12085requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Ronald Cron928cbd32022-10-04 16:14:26 +020012086requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012087run_test "TLS 1.3: Client authentication - opaque key, no server middlebox compat - gnutls" \
12088 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
12089 "$P_CLI debug_level=3 crt_file=data_files/cli2.crt \
12090 key_file=data_files/cli2.key key_opaque=1" \
12091 0 \
12092 -c "got a certificate request" \
12093 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12094 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12095 -c "Protocol is TLSv1.3"
12096
12097requires_openssl_tls1_3
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012098requires_config_enabled MBEDTLS_DEBUG_C
12099requires_config_enabled MBEDTLS_SSL_CLI_C
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012100requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Ronald Cron70ed4172022-10-20 15:48:19 +020012101requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12102 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012103run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp256r1_sha256 - openssl" \
12104 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
12105 "$P_CLI debug_level=4 crt_file=data_files/ecdsa_secp256r1.crt \
12106 key_file=data_files/ecdsa_secp256r1.key key_opaque=1" \
12107 0 \
12108 -c "got a certificate request" \
12109 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12110 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12111 -c "Protocol is TLSv1.3"
12112
12113requires_gnutls_tls1_3
12114requires_gnutls_next_no_ticket
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012115requires_config_enabled MBEDTLS_DEBUG_C
12116requires_config_enabled MBEDTLS_SSL_CLI_C
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012117requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Ronald Cron70ed4172022-10-20 15:48:19 +020012118requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12119 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012120run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp256r1_sha256 - gnutls" \
12121 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
12122 "$P_CLI debug_level=3 crt_file=data_files/ecdsa_secp256r1.crt \
12123 key_file=data_files/ecdsa_secp256r1.key key_opaque=1" \
12124 0 \
12125 -c "got a certificate request" \
12126 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12127 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12128 -c "Protocol is TLSv1.3"
12129
12130requires_openssl_tls1_3
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012131requires_config_enabled MBEDTLS_DEBUG_C
12132requires_config_enabled MBEDTLS_SSL_CLI_C
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012133requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Ronald Cron70ed4172022-10-20 15:48:19 +020012134requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12135 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012136run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp384r1_sha384 - openssl" \
12137 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
12138 "$P_CLI debug_level=4 crt_file=data_files/ecdsa_secp384r1.crt \
12139 key_file=data_files/ecdsa_secp384r1.key key_opaque=1" \
12140 0 \
12141 -c "got a certificate request" \
12142 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12143 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12144 -c "Protocol is TLSv1.3"
12145
12146requires_gnutls_tls1_3
12147requires_gnutls_next_no_ticket
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012148requires_config_enabled MBEDTLS_DEBUG_C
12149requires_config_enabled MBEDTLS_SSL_CLI_C
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012150requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Ronald Cron70ed4172022-10-20 15:48:19 +020012151requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12152 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012153run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp384r1_sha384 - gnutls" \
12154 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
12155 "$P_CLI debug_level=3 crt_file=data_files/ecdsa_secp384r1.crt \
12156 key_file=data_files/ecdsa_secp384r1.key key_opaque=1" \
12157 0 \
12158 -c "got a certificate request" \
12159 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12160 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12161 -c "Protocol is TLSv1.3"
12162
12163requires_openssl_tls1_3
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012164requires_config_enabled MBEDTLS_DEBUG_C
12165requires_config_enabled MBEDTLS_SSL_CLI_C
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012166requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Ronald Cron70ed4172022-10-20 15:48:19 +020012167requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12168 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012169run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp521r1_sha512 - openssl" \
12170 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
12171 "$P_CLI debug_level=4 crt_file=data_files/ecdsa_secp521r1.crt \
12172 key_file=data_files/ecdsa_secp521r1.key key_opaque=1" \
12173 0 \
12174 -c "got a certificate request" \
12175 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12176 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12177 -c "Protocol is TLSv1.3"
12178
12179requires_gnutls_tls1_3
12180requires_gnutls_next_no_ticket
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012181requires_config_enabled MBEDTLS_DEBUG_C
12182requires_config_enabled MBEDTLS_SSL_CLI_C
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012183requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Ronald Cron70ed4172022-10-20 15:48:19 +020012184requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12185 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012186run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp521r1_sha512 - gnutls" \
12187 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
12188 "$P_CLI debug_level=3 crt_file=data_files/ecdsa_secp521r1.crt \
12189 key_file=data_files/ecdsa_secp521r1.key key_opaque=1" \
12190 0 \
12191 -c "got a certificate request" \
12192 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12193 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12194 -c "Protocol is TLSv1.3"
12195
12196requires_openssl_tls1_3
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012197requires_config_enabled MBEDTLS_DEBUG_C
12198requires_config_enabled MBEDTLS_SSL_CLI_C
12199requires_config_enabled MBEDTLS_RSA_C
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012200requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Ronald Cron70ed4172022-10-20 15:48:19 +020012201requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12202 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012203run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha256 - openssl" \
12204 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
12205 "$P_CLI debug_level=4 crt_file=data_files/cert_sha256.crt \
12206 key_file=data_files/server1.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha256 key_opaque=1" \
12207 0 \
12208 -c "got a certificate request" \
12209 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12210 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12211 -c "Protocol is TLSv1.3"
12212
12213requires_gnutls_tls1_3
12214requires_gnutls_next_no_ticket
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012215requires_config_enabled MBEDTLS_DEBUG_C
12216requires_config_enabled MBEDTLS_SSL_CLI_C
12217requires_config_enabled MBEDTLS_RSA_C
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012218requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Ronald Cron70ed4172022-10-20 15:48:19 +020012219requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12220 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012221run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha256 - gnutls" \
12222 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
12223 "$P_CLI debug_level=3 crt_file=data_files/server2-sha256.crt \
12224 key_file=data_files/server2.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha256 key_opaque=1" \
12225 0 \
12226 -c "got a certificate request" \
12227 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12228 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12229 -c "Protocol is TLSv1.3"
12230
12231requires_openssl_tls1_3
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012232requires_config_enabled MBEDTLS_DEBUG_C
12233requires_config_enabled MBEDTLS_SSL_CLI_C
12234requires_config_enabled MBEDTLS_RSA_C
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012235requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Ronald Cron70ed4172022-10-20 15:48:19 +020012236requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12237 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012238run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha384 - openssl" \
12239 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
12240 "$P_CLI debug_level=4 force_version=tls13 crt_file=data_files/cert_sha256.crt \
12241 key_file=data_files/server1.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha384 key_opaque=1" \
12242 0 \
12243 -c "got a certificate request" \
12244 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12245 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12246 -c "Protocol is TLSv1.3"
12247
12248requires_gnutls_tls1_3
12249requires_gnutls_next_no_ticket
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012250requires_config_enabled MBEDTLS_DEBUG_C
12251requires_config_enabled MBEDTLS_SSL_CLI_C
12252requires_config_enabled MBEDTLS_RSA_C
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012253requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Ronald Cron70ed4172022-10-20 15:48:19 +020012254requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12255 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012256run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha384 - gnutls" \
12257 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
12258 "$P_CLI debug_level=3 force_version=tls13 crt_file=data_files/server2-sha256.crt \
12259 key_file=data_files/server2.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha384 key_opaque=1" \
12260 0 \
12261 -c "got a certificate request" \
12262 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12263 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12264 -c "Protocol is TLSv1.3"
12265
12266requires_openssl_tls1_3
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012267requires_config_enabled MBEDTLS_DEBUG_C
12268requires_config_enabled MBEDTLS_SSL_CLI_C
12269requires_config_enabled MBEDTLS_RSA_C
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012270requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Ronald Cron70ed4172022-10-20 15:48:19 +020012271requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12272 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012273run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha512 - openssl" \
12274 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
12275 "$P_CLI debug_level=4 force_version=tls13 crt_file=data_files/cert_sha256.crt \
12276 key_file=data_files/server1.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha512 key_opaque=1" \
12277 0 \
12278 -c "got a certificate request" \
12279 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12280 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12281 -c "Protocol is TLSv1.3"
12282
12283requires_gnutls_tls1_3
12284requires_gnutls_next_no_ticket
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012285requires_config_enabled MBEDTLS_DEBUG_C
12286requires_config_enabled MBEDTLS_SSL_CLI_C
12287requires_config_enabled MBEDTLS_RSA_C
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012288requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Ronald Cron70ed4172022-10-20 15:48:19 +020012289requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12290 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012291run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha512 - gnutls" \
12292 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
12293 "$P_CLI debug_level=3 force_version=tls13 crt_file=data_files/server2-sha256.crt \
12294 key_file=data_files/server2.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha512 key_opaque=1" \
12295 0 \
12296 -c "got a certificate request" \
12297 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12298 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12299 -c "Protocol is TLSv1.3"
12300
12301requires_openssl_tls1_3
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012302requires_config_enabled MBEDTLS_DEBUG_C
12303requires_config_enabled MBEDTLS_SSL_CLI_C
12304requires_config_enabled MBEDTLS_RSA_C
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012305requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Ronald Cron70ed4172022-10-20 15:48:19 +020012306requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12307 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012308run_test "TLS 1.3: Client authentication - opaque key, client alg not in server list - openssl" \
12309 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10
12310 -sigalgs ecdsa_secp256r1_sha256" \
12311 "$P_CLI debug_level=3 crt_file=data_files/ecdsa_secp521r1.crt \
12312 key_file=data_files/ecdsa_secp521r1.key sig_algs=ecdsa_secp256r1_sha256,ecdsa_secp521r1_sha512 key_opaque=1" \
12313 1 \
12314 -c "got a certificate request" \
12315 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12316 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
Ronald Cron067a1e72022-09-16 13:44:49 +020012317 -c "no suitable signature algorithm" \
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012318 -C "unkown pk type"
12319
12320requires_gnutls_tls1_3
12321requires_gnutls_next_no_ticket
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012322requires_config_enabled MBEDTLS_DEBUG_C
12323requires_config_enabled MBEDTLS_SSL_CLI_C
12324requires_config_enabled MBEDTLS_RSA_C
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012325requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Ronald Cron70ed4172022-10-20 15:48:19 +020012326requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12327 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012328run_test "TLS 1.3: Client authentication - opaque key, client alg not in server list - gnutls" \
12329 "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:-SIGN-ALL:+SIGN-ECDSA-SECP256R1-SHA256:%NO_TICKETS" \
12330 "$P_CLI debug_level=3 crt_file=data_files/ecdsa_secp521r1.crt \
12331 key_file=data_files/ecdsa_secp521r1.key sig_algs=ecdsa_secp256r1_sha256,ecdsa_secp521r1_sha512 key_opaque=1" \
12332 1 \
12333 -c "got a certificate request" \
12334 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12335 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
Ronald Cron067a1e72022-09-16 13:44:49 +020012336 -c "no suitable signature algorithm" \
Neil Armstrong7f6f6722022-04-15 10:09:11 +020012337 -C "unkown pk type"
12338
Ronald Cron70ed4172022-10-20 15:48:19 +020012339requires_openssl_tls1_3
Ronald Cron7c0185f2021-11-30 09:16:24 +010012340requires_config_enabled MBEDTLS_DEBUG_C
12341requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron70ed4172022-10-20 15:48:19 +020012342requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12343 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Crondf5f8682022-04-05 16:01:03 +020012344run_test "TLS 1.3: HRR check, ciphersuite TLS_AES_128_GCM_SHA256 - openssl" \
XiaokangQian7bae3b62022-01-26 06:31:39 +000012345 "$O_NEXT_SRV -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010012346 "$P_CLI debug_level=4" \
XiaokangQian7bae3b62022-01-26 06:31:39 +000012347 0 \
12348 -c "received HelloRetryRequest message" \
XiaokangQiana9090612022-01-27 03:48:27 +000012349 -c "<= ssl_tls13_process_server_hello ( HelloRetryRequest )" \
Ronald Cron27c85e72022-03-08 11:37:55 +010012350 -c "client state: MBEDTLS_SSL_CLIENT_HELLO" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010012351 -c "Protocol is TLSv1.3" \
XiaokangQian7bae3b62022-01-26 06:31:39 +000012352 -c "HTTP/1.0 200 ok"
12353
Ronald Cron70ed4172022-10-20 15:48:19 +020012354requires_openssl_tls1_3
XiaokangQian7bae3b62022-01-26 06:31:39 +000012355requires_config_enabled MBEDTLS_DEBUG_C
12356requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron70ed4172022-10-20 15:48:19 +020012357requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12358 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Crondf5f8682022-04-05 16:01:03 +020012359run_test "TLS 1.3: HRR check, ciphersuite TLS_AES_256_GCM_SHA384 - openssl" \
Ronald Cronfdb0e3f2021-12-09 10:39:19 +010012360 "$O_NEXT_SRV -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010012361 "$P_CLI debug_level=4" \
XiaokangQian6db08dd2022-01-18 06:36:23 +000012362 0 \
Jerry Yu8c5559d2021-11-22 21:15:41 +080012363 -c "received HelloRetryRequest message" \
XiaokangQiana9090612022-01-27 03:48:27 +000012364 -c "<= ssl_tls13_process_server_hello ( HelloRetryRequest )" \
Ronald Cron27c85e72022-03-08 11:37:55 +010012365 -c "client state: MBEDTLS_SSL_CLIENT_HELLO" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010012366 -c "Protocol is TLSv1.3" \
XiaokangQian6db08dd2022-01-18 06:36:23 +000012367 -c "HTTP/1.0 200 ok"
Jerry Yu8c5559d2021-11-22 21:15:41 +080012368
12369requires_gnutls_tls1_3
12370requires_gnutls_next_no_ticket
Ronald Cron7c0185f2021-11-30 09:16:24 +010012371requires_config_enabled MBEDTLS_DEBUG_C
12372requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron70ed4172022-10-20 15:48:19 +020012373requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12374 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Crondf5f8682022-04-05 16:01:03 +020012375run_test "TLS 1.3: HRR check, ciphersuite TLS_AES_128_GCM_SHA256 - gnutls" \
XiaokangQian7bae3b62022-01-26 06:31:39 +000012376 "$G_NEXT_SRV -d 4 --priority=NONE:+GROUP-SECP256R1:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS --disable-client-cert" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010012377 "$P_CLI debug_level=4" \
XiaokangQian7bae3b62022-01-26 06:31:39 +000012378 0 \
12379 -c "received HelloRetryRequest message" \
XiaokangQiana9090612022-01-27 03:48:27 +000012380 -c "<= ssl_tls13_process_server_hello ( HelloRetryRequest )" \
Ronald Cron27c85e72022-03-08 11:37:55 +010012381 -c "client state: MBEDTLS_SSL_CLIENT_HELLO" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010012382 -c "Protocol is TLSv1.3" \
XiaokangQian7bae3b62022-01-26 06:31:39 +000012383 -c "HTTP/1.0 200 OK"
12384
12385requires_gnutls_tls1_3
12386requires_gnutls_next_no_ticket
XiaokangQian7bae3b62022-01-26 06:31:39 +000012387requires_config_enabled MBEDTLS_DEBUG_C
12388requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron70ed4172022-10-20 15:48:19 +020012389requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12390 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Crondf5f8682022-04-05 16:01:03 +020012391run_test "TLS 1.3: HRR check, ciphersuite TLS_AES_256_GCM_SHA384 - gnutls" \
XiaokangQian355e09a2022-01-20 11:14:50 +000012392 "$G_NEXT_SRV -d 4 --priority=NONE:+GROUP-SECP256R1:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP256R1-SHA256:+VERS-TLS1.3:%NO_TICKETS --disable-client-cert" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010012393 "$P_CLI debug_level=4" \
XiaokangQian355e09a2022-01-20 11:14:50 +000012394 0 \
Jerry Yu8c5559d2021-11-22 21:15:41 +080012395 -c "received HelloRetryRequest message" \
XiaokangQiana9090612022-01-27 03:48:27 +000012396 -c "<= ssl_tls13_process_server_hello ( HelloRetryRequest )" \
Ronald Cron27c85e72022-03-08 11:37:55 +010012397 -c "client state: MBEDTLS_SSL_CLIENT_HELLO" \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010012398 -c "Protocol is TLSv1.3" \
XiaokangQian355e09a2022-01-20 11:14:50 +000012399 -c "HTTP/1.0 200 OK"
Ronald Cronfdb0e3f2021-12-09 10:39:19 +010012400
Jerry Yu155493d2022-04-25 13:30:18 +080012401requires_openssl_tls1_3
XiaokangQian5e4528c2022-02-17 07:51:12 +000012402requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQiane8ff3502022-04-22 02:34:40 +000012403requires_config_enabled MBEDTLS_SSL_SRV_C
Ronald Cron928cbd32022-10-04 16:14:26 +020012404requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
XiaokangQian318dc762022-04-20 09:43:51 +000012405run_test "TLS 1.3: Server side check - openssl" \
XiaokangQianc4b8c992022-04-07 11:31:38 +000012406 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0" \
Jerry Yu66220492022-04-23 13:53:36 +080012407 "$O_NEXT_CLI -msg -debug -tls1_3 -no_middlebox" \
Jerry Yu4d8567f2022-04-17 10:57:57 +080012408 0 \
Jerry Yuabf20c72022-04-14 18:36:14 +080012409 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \
12410 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \
12411 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
Jerry Yucef55db2022-04-23 11:02:05 +080012412 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
Jerry Yuc8bdbf72022-04-23 12:37:35 +080012413 -s "tls13 server state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \
12414 -s "tls13 server state: MBEDTLS_SSL_SERVER_FINISHED" \
Jerry Yu66220492022-04-23 13:53:36 +080012415 -s "tls13 server state: MBEDTLS_SSL_CLIENT_FINISHED" \
Jerry Yu155493d2022-04-25 13:30:18 +080012416 -s "tls13 server state: MBEDTLS_SSL_HANDSHAKE_WRAPUP"
XiaokangQian5e4528c2022-02-17 07:51:12 +000012417
Ronald Cron70ed4172022-10-20 15:48:19 +020012418requires_openssl_tls1_3
XiaokangQian2f150e12022-04-29 02:01:19 +000012419requires_config_enabled MBEDTLS_DEBUG_C
12420requires_config_enabled MBEDTLS_SSL_SRV_C
Ronald Cron928cbd32022-10-04 16:14:26 +020012421requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
XiaokangQiana987e1d2022-05-07 01:25:58 +000012422run_test "TLS 1.3: Server side check - openssl with client authentication" \
XiaokangQian2f150e12022-04-29 02:01:19 +000012423 "$P_SRV debug_level=4 auth_mode=required crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0" \
Jerry Yu7eaadae2022-05-23 14:53:27 +080012424 "$O_NEXT_CLI -msg -debug -cert data_files/server5.crt -key data_files/server5.key -tls1_3 -no_middlebox" \
XiaokangQian9a4e1dd2022-05-26 00:58:11 +000012425 0 \
XiaokangQian2f150e12022-04-29 02:01:19 +000012426 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \
12427 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \
12428 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
12429 -s "tls13 server state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \
12430 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
Jerry Yuc4505662022-05-10 20:39:21 +080012431 -s "tls13 server state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \
12432 -s "tls13 server state: MBEDTLS_SSL_SERVER_FINISHED" \
XiaokangQiana987e1d2022-05-07 01:25:58 +000012433 -s "=> write certificate request" \
XiaokangQian2f150e12022-04-29 02:01:19 +000012434 -s "=> parse client hello" \
12435 -s "<= parse client hello"
12436
XiaokangQian5e4528c2022-02-17 07:51:12 +000012437requires_gnutls_tls1_3
12438requires_gnutls_next_no_ticket
XiaokangQian5e4528c2022-02-17 07:51:12 +000012439requires_config_enabled MBEDTLS_DEBUG_C
XiaokangQiane8ff3502022-04-22 02:34:40 +000012440requires_config_enabled MBEDTLS_SSL_SRV_C
Ronald Cron928cbd32022-10-04 16:14:26 +020012441requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
XiaokangQian318dc762022-04-20 09:43:51 +000012442run_test "TLS 1.3: Server side check - gnutls" \
XiaokangQianc4b8c992022-04-07 11:31:38 +000012443 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0" \
XiaokangQian3f84d5d2022-04-19 06:36:17 +000012444 "$G_NEXT_CLI localhost -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \
Jerry Yu66220492022-04-23 13:53:36 +080012445 0 \
Jerry Yuabf20c72022-04-14 18:36:14 +080012446 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \
12447 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \
12448 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
Jerry Yucef55db2022-04-23 11:02:05 +080012449 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
Jerry Yuc8bdbf72022-04-23 12:37:35 +080012450 -s "tls13 server state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \
12451 -s "tls13 server state: MBEDTLS_SSL_SERVER_FINISHED" \
Jerry Yu66220492022-04-23 13:53:36 +080012452 -s "tls13 server state: MBEDTLS_SSL_CLIENT_FINISHED" \
12453 -s "tls13 server state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \
12454 -c "HTTP/1.0 200 OK"
XiaokangQian5e4528c2022-02-17 07:51:12 +000012455
XiaokangQian2f150e12022-04-29 02:01:19 +000012456requires_gnutls_tls1_3
12457requires_gnutls_next_no_ticket
XiaokangQian2f150e12022-04-29 02:01:19 +000012458requires_config_enabled MBEDTLS_DEBUG_C
12459requires_config_enabled MBEDTLS_SSL_SRV_C
Ronald Cron928cbd32022-10-04 16:14:26 +020012460requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
XiaokangQiana987e1d2022-05-07 01:25:58 +000012461run_test "TLS 1.3: Server side check - gnutls with client authentication" \
XiaokangQian2f150e12022-04-29 02:01:19 +000012462 "$P_SRV debug_level=4 auth_mode=required crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0" \
12463 "$G_NEXT_CLI localhost -d 4 --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \
XiaokangQianc3017f62022-05-13 05:55:41 +000012464 0 \
XiaokangQian2f150e12022-04-29 02:01:19 +000012465 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \
12466 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \
12467 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
12468 -s "tls13 server state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \
12469 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
Jerry Yuc4505662022-05-10 20:39:21 +080012470 -s "tls13 server state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \
12471 -s "tls13 server state: MBEDTLS_SSL_SERVER_FINISHED" \
XiaokangQiana987e1d2022-05-07 01:25:58 +000012472 -s "=> write certificate request" \
XiaokangQian2f150e12022-04-29 02:01:19 +000012473 -s "=> parse client hello" \
12474 -s "<= parse client hello"
12475
Jerry Yu8b9fd372022-04-14 20:55:12 +080012476requires_config_enabled MBEDTLS_DEBUG_C
12477requires_config_enabled MBEDTLS_SSL_SRV_C
Jerry Yu955ddd72022-04-22 22:27:33 +080012478requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron928cbd32022-10-04 16:14:26 +020012479requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yu8b9fd372022-04-14 20:55:12 +080012480run_test "TLS 1.3: Server side check - mbedtls" \
12481 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0" \
12482 "$P_CLI debug_level=4 force_version=tls13" \
XiaokangQianc3017f62022-05-13 05:55:41 +000012483 0 \
Jerry Yu8b9fd372022-04-14 20:55:12 +080012484 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \
12485 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \
12486 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
Jerry Yua7abc5e2022-05-11 13:32:03 +080012487 -s "tls13 server state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \
Jerry Yucef55db2022-04-23 11:02:05 +080012488 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
Jerry Yua7abc5e2022-05-11 13:32:03 +080012489 -s "tls13 server state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \
12490 -s "tls13 server state: MBEDTLS_SSL_SERVER_FINISHED" \
12491 -s "tls13 server state: MBEDTLS_SSL_CLIENT_FINISHED" \
12492 -s "tls13 server state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \
12493 -c "HTTP/1.0 200 OK"
Jerry Yu8b9fd372022-04-14 20:55:12 +080012494
XiaokangQian45c22202022-05-06 06:54:09 +000012495requires_config_enabled MBEDTLS_DEBUG_C
12496requires_config_enabled MBEDTLS_SSL_SRV_C
12497requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron928cbd32022-10-04 16:14:26 +020012498requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
XiaokangQiana987e1d2022-05-07 01:25:58 +000012499run_test "TLS 1.3: Server side check - mbedtls with client authentication" \
XiaokangQian45c22202022-05-06 06:54:09 +000012500 "$P_SRV debug_level=4 auth_mode=required crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0" \
12501 "$P_CLI debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13" \
XiaokangQianc3017f62022-05-13 05:55:41 +000012502 0 \
XiaokangQian45c22202022-05-06 06:54:09 +000012503 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \
12504 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \
12505 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
12506 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
Jerry Yua7abc5e2022-05-11 13:32:03 +080012507 -s "=> write certificate request" \
XiaokangQian45c22202022-05-06 06:54:09 +000012508 -c "client state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \
XiaokangQian45c22202022-05-06 06:54:09 +000012509 -s "=> parse client hello" \
12510 -s "<= parse client hello"
12511
XiaokangQianaca90482022-05-19 07:19:31 +000012512requires_config_enabled MBEDTLS_DEBUG_C
12513requires_config_enabled MBEDTLS_SSL_SRV_C
12514requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron928cbd32022-10-04 16:14:26 +020012515requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
XiaokangQianaca90482022-05-19 07:19:31 +000012516run_test "TLS 1.3: Server side check - mbedtls with client empty certificate" \
12517 "$P_SRV debug_level=4 auth_mode=required crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0" \
12518 "$P_CLI debug_level=4 crt_file=none key_file=none force_version=tls13" \
12519 1 \
12520 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \
12521 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \
12522 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
12523 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
12524 -s "=> write certificate request" \
12525 -s "SSL - No client certification received from the client, but required by the authentication mode" \
12526 -c "client state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \
12527 -s "=> parse client hello" \
12528 -s "<= parse client hello"
12529
XiaokangQianaca90482022-05-19 07:19:31 +000012530requires_config_enabled MBEDTLS_DEBUG_C
12531requires_config_enabled MBEDTLS_SSL_SRV_C
12532requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron928cbd32022-10-04 16:14:26 +020012533requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
XiaokangQianaca90482022-05-19 07:19:31 +000012534run_test "TLS 1.3: Server side check - mbedtls with optional client authentication" \
12535 "$P_SRV debug_level=4 auth_mode=optional crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0" \
12536 "$P_CLI debug_level=4 force_version=tls13 crt_file=none key_file=none" \
12537 0 \
12538 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \
12539 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \
12540 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
12541 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
12542 -s "=> write certificate request" \
12543 -c "client state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \
12544 -s "=> parse client hello" \
12545 -s "<= parse client hello"
Jerry Yuede50ea2022-05-05 11:21:20 +080012546
12547requires_config_enabled MBEDTLS_DEBUG_C
12548requires_config_enabled MBEDTLS_SSL_CLI_C
12549requires_config_enabled MBEDTLS_SSL_SRV_C
Ronald Cron928cbd32022-10-04 16:14:26 +020012550requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yuede50ea2022-05-05 11:21:20 +080012551run_test "TLS 1.3: server: HRR check - mbedtls" \
12552 "$P_SRV debug_level=4 force_version=tls13 curves=secp384r1" \
12553 "$P_CLI debug_level=4 force_version=tls13 curves=secp256r1,secp384r1" \
Jerry Yu36becb12022-05-12 16:57:20 +080012554 0 \
Jerry Yuede50ea2022-05-05 11:21:20 +080012555 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \
12556 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \
12557 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
12558 -s "tls13 server state: MBEDTLS_SSL_HELLO_RETRY_REQUEST" \
12559 -c "client state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
12560 -s "selected_group: secp384r1" \
Jerry Yuede50ea2022-05-05 11:21:20 +080012561 -s "=> write hello retry request" \
12562 -s "<= write hello retry request"
12563
Jerry Yub89125b2022-05-13 15:45:49 +080012564requires_config_enabled MBEDTLS_DEBUG_C
12565requires_config_enabled MBEDTLS_SSL_SRV_C
12566requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron928cbd32022-10-04 16:14:26 +020012567requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yub89125b2022-05-13 15:45:49 +080012568run_test "TLS 1.3: Server side check, no server certificate available" \
12569 "$P_SRV debug_level=4 crt_file=none key_file=none force_version=tls13" \
12570 "$P_CLI debug_level=4 force_version=tls13" \
12571 1 \
12572 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
12573 -s "No certificate available."
12574
XiaokangQianf4f0f692022-06-01 00:42:27 +000012575requires_openssl_tls1_3
XiaokangQianf2a94202022-05-20 06:44:24 +000012576requires_config_enabled MBEDTLS_DEBUG_C
12577requires_config_enabled MBEDTLS_SSL_SRV_C
Ronald Cron70ed4172022-10-20 15:48:19 +020012578requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12579 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
XiaokangQian2ccd97b2022-05-31 08:30:17 +000012580run_test "TLS 1.3: Server side check - openssl with sni" \
XiaokangQianf2a94202022-05-20 06:44:24 +000012581 "$P_SRV debug_level=4 auth_mode=required crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0 \
XiaokangQian23c5be62022-06-07 02:04:34 +000012582 sni=localhost,data_files/server5.crt,data_files/server5.key,data_files/test-ca_cat12.crt,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
XiaokangQianf2a94202022-05-20 06:44:24 +000012583 "$O_NEXT_CLI -msg -debug -servername localhost -CAfile data_files/test-ca_cat12.crt -cert data_files/server5.crt -key data_files/server5.key -tls1_3" \
12584 0 \
XiaokangQianf2a94202022-05-20 06:44:24 +000012585 -s "parse ServerName extension" \
XiaokangQian129aeb92022-06-02 09:29:18 +000012586 -s "HTTP/1.0 200 OK"
XiaokangQianf2a94202022-05-20 06:44:24 +000012587
XiaokangQianac41edf2022-05-31 13:22:13 +000012588requires_gnutls_tls1_3
XiaokangQianf2a94202022-05-20 06:44:24 +000012589requires_config_enabled MBEDTLS_DEBUG_C
12590requires_config_enabled MBEDTLS_SSL_SRV_C
Ronald Cron70ed4172022-10-20 15:48:19 +020012591requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12592 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
XiaokangQian2ccd97b2022-05-31 08:30:17 +000012593run_test "TLS 1.3: Server side check - gnutls with sni" \
XiaokangQianf2a94202022-05-20 06:44:24 +000012594 "$P_SRV debug_level=4 auth_mode=required crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0 \
XiaokangQian23c5be62022-06-07 02:04:34 +000012595 sni=localhost,data_files/server5.crt,data_files/server5.key,data_files/test-ca_cat12.crt,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
XiaokangQianf2a94202022-05-20 06:44:24 +000012596 "$G_NEXT_CLI localhost -d 4 --sni-hostname=localhost --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS -V" \
12597 0 \
XiaokangQianf2a94202022-05-20 06:44:24 +000012598 -s "parse ServerName extension" \
XiaokangQian129aeb92022-06-02 09:29:18 +000012599 -s "HTTP/1.0 200 OK"
XiaokangQianf2a94202022-05-20 06:44:24 +000012600
XiaokangQian40a35232022-05-07 09:02:40 +000012601requires_config_enabled MBEDTLS_DEBUG_C
12602requires_config_enabled MBEDTLS_SSL_SRV_C
12603requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron70ed4172022-10-20 15:48:19 +020012604requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12605 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
XiaokangQian2ccd97b2022-05-31 08:30:17 +000012606run_test "TLS 1.3: Server side check - mbedtls with sni" \
XiaokangQian40a35232022-05-07 09:02:40 +000012607 "$P_SRV debug_level=4 auth_mode=required crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0 \
12608 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
12609 "$P_CLI debug_level=4 server_name=localhost crt_file=data_files/server5.crt key_file=data_files/server5.key \
12610 force_version=tls13" \
XiaokangQianf2a94202022-05-20 06:44:24 +000012611 0 \
XiaokangQianf2a94202022-05-20 06:44:24 +000012612 -s "parse ServerName extension" \
XiaokangQian129aeb92022-06-02 09:29:18 +000012613 -s "HTTP/1.0 200 OK"
XiaokangQian40a35232022-05-07 09:02:40 +000012614
Gilles Peskine2baaf602022-01-07 15:46:12 +010012615for i in opt-testcases/*.sh
Jerry Yucdcb6832021-11-29 16:50:13 +080012616do
Gilles Peskine5eb2b022022-01-07 15:47:02 +010012617 TEST_SUITE_NAME=${i##*/}
12618 TEST_SUITE_NAME=${TEST_SUITE_NAME%.*}
12619 . "$i"
Jerry Yucdcb6832021-11-29 16:50:13 +080012620done
Gilles Peskine5eb2b022022-01-07 15:47:02 +010012621unset TEST_SUITE_NAME
Jerry Yu305bfc32021-11-24 16:04:47 +080012622
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012623# Test 1.3 compatibility mode
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012624requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
12625requires_config_enabled MBEDTLS_DEBUG_C
12626requires_config_enabled MBEDTLS_SSL_SRV_C
12627requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron928cbd32022-10-04 16:14:26 +020012628requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012629run_test "TLS 1.3 m->m both peers do not support middlebox compatibility" \
12630 "$P_SRV debug_level=4 force_version=tls13 tickets=0" \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012631 "$P_CLI debug_level=4" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012632 0 \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012633 -s "Protocol is TLSv1.3" \
12634 -c "Protocol is TLSv1.3" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012635 -S "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO" \
12636 -C "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
12637
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012638requires_config_enabled MBEDTLS_DEBUG_C
12639requires_config_enabled MBEDTLS_SSL_SRV_C
12640requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron70ed4172022-10-20 15:48:19 +020012641requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12642 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012643run_test "TLS 1.3 m->m both with middlebox compat support" \
12644 "$P_SRV debug_level=4 force_version=tls13 tickets=0" \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012645 "$P_CLI debug_level=4" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012646 0 \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012647 -s "Protocol is TLSv1.3" \
12648 -c "Protocol is TLSv1.3" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012649 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO" \
12650 -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
12651
Ronald Cronfdb0e3f2021-12-09 10:39:19 +010012652requires_openssl_tls1_3
Ronald Cronfdb0e3f2021-12-09 10:39:19 +010012653requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron7c0185f2021-11-30 09:16:24 +010012654requires_config_enabled MBEDTLS_DEBUG_C
12655requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron928cbd32022-10-04 16:14:26 +020012656requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Crona55c5a12021-11-30 09:32:47 +010012657run_test "TLS 1.3 m->O both peers do not support middlebox compatibility" \
Ronald Cronfdb0e3f2021-12-09 10:39:19 +010012658 "$O_NEXT_SRV -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012659 "$P_CLI debug_level=4" \
Ronald Cronfdb0e3f2021-12-09 10:39:19 +010012660 0 \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010012661 -c "Protocol is TLSv1.3" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012662 -C "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode" \
12663 -C "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
Ronald Cronfdb0e3f2021-12-09 10:39:19 +010012664
12665requires_openssl_tls1_3
Ronald Cronfdb0e3f2021-12-09 10:39:19 +010012666requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
Ronald Cron7c0185f2021-11-30 09:16:24 +010012667requires_config_enabled MBEDTLS_DEBUG_C
12668requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron928cbd32022-10-04 16:14:26 +020012669requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Crona55c5a12021-11-30 09:32:47 +010012670run_test "TLS 1.3 m->O server with middlebox compat support, not client" \
Ronald Cronfdb0e3f2021-12-09 10:39:19 +010012671 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012672 "$P_CLI debug_level=4" \
Ronald Cronfdb0e3f2021-12-09 10:39:19 +010012673 1 \
12674 -c "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode"
12675
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012676requires_openssl_tls1_3
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012677requires_config_enabled MBEDTLS_DEBUG_C
12678requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron70ed4172022-10-20 15:48:19 +020012679requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12680 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012681run_test "TLS 1.3 m->O both with middlebox compat support" \
12682 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012683 "$P_CLI debug_level=4" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012684 0 \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012685 -c "Protocol is TLSv1.3" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012686 -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
12687
Ronald Crona55c5a12021-11-30 09:32:47 +010012688requires_gnutls_tls1_3
12689requires_gnutls_next_no_ticket
12690requires_gnutls_next_disable_tls13_compat
Ronald Crona55c5a12021-11-30 09:32:47 +010012691requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
12692requires_config_enabled MBEDTLS_DEBUG_C
12693requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron928cbd32022-10-04 16:14:26 +020012694requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Crona55c5a12021-11-30 09:32:47 +010012695run_test "TLS 1.3 m->G both peers do not support middlebox compatibility" \
12696 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE --disable-client-cert" \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012697 "$P_CLI debug_level=4" \
Ronald Crona55c5a12021-11-30 09:32:47 +010012698 0 \
Ronald Crona1b8f6e2022-03-18 14:04:12 +010012699 -c "Protocol is TLSv1.3" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012700 -C "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode" \
12701 -C "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
Ronald Crona55c5a12021-11-30 09:32:47 +010012702
12703requires_gnutls_tls1_3
12704requires_gnutls_next_no_ticket
Ronald Crona55c5a12021-11-30 09:32:47 +010012705requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
12706requires_config_enabled MBEDTLS_DEBUG_C
12707requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron928cbd32022-10-04 16:14:26 +020012708requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Ronald Crona55c5a12021-11-30 09:32:47 +010012709run_test "TLS 1.3 m->G server with middlebox compat support, not client" \
12710 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS --disable-client-cert" \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012711 "$P_CLI debug_level=4" \
Ronald Crona55c5a12021-11-30 09:32:47 +010012712 1 \
12713 -c "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode"
12714
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012715requires_gnutls_tls1_3
12716requires_gnutls_next_no_ticket
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012717requires_config_enabled MBEDTLS_DEBUG_C
12718requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron70ed4172022-10-20 15:48:19 +020012719requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12720 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012721run_test "TLS 1.3 m->G both with middlebox compat support" \
12722 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS --disable-client-cert" \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012723 "$P_CLI debug_level=4" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012724 0 \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012725 -c "Protocol is TLSv1.3" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012726 -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
12727
12728requires_openssl_tls1_3
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012729requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
12730requires_config_enabled MBEDTLS_DEBUG_C
12731requires_config_enabled MBEDTLS_SSL_SRV_C
Ronald Cron928cbd32022-10-04 16:14:26 +020012732requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012733run_test "TLS 1.3 O->m both peers do not support middlebox compatibility" \
12734 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0" \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012735 "$O_NEXT_CLI -msg -debug -no_middlebox" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012736 0 \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012737 -s "Protocol is TLSv1.3" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012738 -S "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO" \
12739 -C "14 03 03 00 01"
12740
12741requires_openssl_tls1_3
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012742requires_config_enabled MBEDTLS_DEBUG_C
12743requires_config_enabled MBEDTLS_SSL_SRV_C
Ronald Cron70ed4172022-10-20 15:48:19 +020012744requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12745 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012746run_test "TLS 1.3 O->m server with middlebox compat support, not client" \
12747 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0" \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012748 "$O_NEXT_CLI -msg -debug -no_middlebox" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012749 0 \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012750 -s "Protocol is TLSv1.3" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012751 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO"
12752
12753requires_openssl_tls1_3
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012754requires_config_enabled MBEDTLS_DEBUG_C
12755requires_config_enabled MBEDTLS_SSL_SRV_C
Ronald Cron70ed4172022-10-20 15:48:19 +020012756requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12757 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012758run_test "TLS 1.3 O->m both with middlebox compat support" \
12759 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0" \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012760 "$O_NEXT_CLI -msg -debug" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012761 0 \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012762 -s "Protocol is TLSv1.3" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012763 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO" \
12764 -c "14 03 03 00 01"
12765
12766requires_gnutls_tls1_3
12767requires_gnutls_next_no_ticket
12768requires_gnutls_next_disable_tls13_compat
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012769requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
12770requires_config_enabled MBEDTLS_DEBUG_C
12771requires_config_enabled MBEDTLS_SSL_SRV_C
Ronald Cron928cbd32022-10-04 16:14:26 +020012772requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012773run_test "TLS 1.3 G->m both peers do not support middlebox compatibility" \
12774 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0" \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012775 "$G_NEXT_CLI localhost --priority=NORMAL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012776 0 \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012777 -s "Protocol is TLSv1.3" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012778 -S "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO" \
12779 -C "SSL 3.3 ChangeCipherSpec packet received"
12780
12781requires_gnutls_tls1_3
12782requires_gnutls_next_no_ticket
12783requires_gnutls_next_disable_tls13_compat
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012784requires_config_enabled MBEDTLS_DEBUG_C
12785requires_config_enabled MBEDTLS_SSL_SRV_C
Ronald Cron70ed4172022-10-20 15:48:19 +020012786requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12787 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012788run_test "TLS 1.3 G->m server with middlebox compat support, not client" \
12789 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0" \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012790 "$G_NEXT_CLI localhost --debug=10 --priority=NORMAL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012791 0 \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012792 -s "Protocol is TLSv1.3" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012793 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO" \
12794 -c "SSL 3.3 ChangeCipherSpec packet received" \
12795 -c "discarding change cipher spec in TLS1.3"
12796
12797requires_gnutls_tls1_3
12798requires_gnutls_next_no_ticket
12799requires_gnutls_next_disable_tls13_compat
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012800requires_config_enabled MBEDTLS_DEBUG_C
12801requires_config_enabled MBEDTLS_SSL_SRV_C
Ronald Cron70ed4172022-10-20 15:48:19 +020012802requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12803 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012804run_test "TLS 1.3 G->m both with middlebox compat support" \
12805 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=0" \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012806 "$G_NEXT_CLI localhost --debug=10 --priority=NORMAL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012807 0 \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012808 -s "Protocol is TLSv1.3" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012809 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO" \
12810 -c "SSL 3.3 ChangeCipherSpec packet received"
12811
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012812requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
12813requires_config_enabled MBEDTLS_DEBUG_C
12814requires_config_enabled MBEDTLS_SSL_SRV_C
12815requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron928cbd32022-10-04 16:14:26 +020012816requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012817run_test "TLS 1.3 m->m HRR both peers do not support middlebox compatibility" \
12818 "$P_SRV debug_level=4 force_version=tls13 curves=secp384r1 tickets=0" \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012819 "$P_CLI debug_level=4 curves=secp256r1,secp384r1" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012820 0 \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012821 -s "Protocol is TLSv1.3" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012822 -c "Protocol is TLSv1.3" \
12823 -s "tls13 server state: MBEDTLS_SSL_HELLO_RETRY_REQUEST" \
Gabor Mezeif7044ea2022-06-28 16:01:49 +020012824 -S "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012825 -C "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
12826
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012827requires_config_enabled MBEDTLS_DEBUG_C
12828requires_config_enabled MBEDTLS_SSL_SRV_C
12829requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron70ed4172022-10-20 15:48:19 +020012830requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12831 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012832run_test "TLS 1.3 m->m HRR both with middlebox compat support" \
12833 "$P_SRV debug_level=4 force_version=tls13 curves=secp384r1 tickets=0" \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012834 "$P_CLI debug_level=4 curves=secp256r1,secp384r1" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012835 0 \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012836 -s "Protocol is TLSv1.3" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012837 -c "Protocol is TLSv1.3" \
12838 -s "tls13 server state: MBEDTLS_SSL_HELLO_RETRY_REQUEST" \
Gabor Mezeif7044ea2022-06-28 16:01:49 +020012839 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012840 -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
12841
12842requires_openssl_tls1_3
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012843requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
12844requires_config_enabled MBEDTLS_DEBUG_C
12845requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron928cbd32022-10-04 16:14:26 +020012846requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012847run_test "TLS 1.3 m->O HRR both peers do not support middlebox compatibility" \
12848 "$O_NEXT_SRV -msg -tls1_3 -groups P-384 -no_middlebox -num_tickets 0 -no_cache" \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012849 "$P_CLI debug_level=4 curves=secp256r1,secp384r1" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012850 0 \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012851 -c "Protocol is TLSv1.3" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012852 -c "received HelloRetryRequest message" \
12853 -C "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode" \
12854 -C "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
12855
12856requires_openssl_tls1_3
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012857requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
12858requires_config_enabled MBEDTLS_DEBUG_C
12859requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron928cbd32022-10-04 16:14:26 +020012860requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012861run_test "TLS 1.3 m->O HRR server with middlebox compat support, not client" \
12862 "$O_NEXT_SRV -msg -tls1_3 -groups P-384 -num_tickets 0 -no_cache" \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012863 "$P_CLI debug_level=4 curves=secp256r1,secp384r1" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012864 1 \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012865 -c "received HelloRetryRequest message" \
12866 -c "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode"
12867
12868requires_openssl_tls1_3
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012869requires_config_enabled MBEDTLS_DEBUG_C
12870requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron70ed4172022-10-20 15:48:19 +020012871requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12872 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012873run_test "TLS 1.3 m->O HRR both with middlebox compat support" \
12874 "$O_NEXT_SRV -msg -tls1_3 -groups P-384 -num_tickets 0 -no_resume_ephemeral -no_cache" \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012875 "$P_CLI debug_level=4 curves=secp256r1,secp384r1" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012876 0 \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012877 -c "Protocol is TLSv1.3" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012878 -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
12879
12880requires_gnutls_tls1_3
12881requires_gnutls_next_no_ticket
12882requires_gnutls_next_disable_tls13_compat
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012883requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
12884requires_config_enabled MBEDTLS_DEBUG_C
12885requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron928cbd32022-10-04 16:14:26 +020012886requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012887run_test "TLS 1.3 m->G HRR both peers do not support middlebox compatibility" \
12888 "$G_NEXT_SRV --priority=NORMAL:-GROUP-ALL:+GROUP-SECP384R1:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE --disable-client-cert" \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012889 "$P_CLI debug_level=4 curves=secp256r1,secp384r1" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012890 0 \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012891 -c "Protocol is TLSv1.3" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012892 -c "received HelloRetryRequest message" \
12893 -C "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode" \
12894 -C "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
12895
12896requires_gnutls_tls1_3
12897requires_gnutls_next_no_ticket
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012898requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
12899requires_config_enabled MBEDTLS_DEBUG_C
12900requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron928cbd32022-10-04 16:14:26 +020012901requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012902run_test "TLS 1.3 m->G HRR server with middlebox compat support, not client" \
12903 "$G_NEXT_SRV --priority=NORMAL:-GROUP-ALL:+GROUP-SECP384R1:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS --disable-client-cert" \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012904 "$P_CLI debug_level=4 curves=secp256r1,secp384r1" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012905 1 \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012906 -c "received HelloRetryRequest message" \
12907 -c "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode"
12908
12909requires_gnutls_tls1_3
12910requires_gnutls_next_no_ticket
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012911requires_config_enabled MBEDTLS_DEBUG_C
12912requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron70ed4172022-10-20 15:48:19 +020012913requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12914 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012915run_test "TLS 1.3 m->G HRR both with middlebox compat support" \
12916 "$G_NEXT_SRV --priority=NORMAL:-GROUP-ALL:+GROUP-SECP384R1:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS --disable-client-cert" \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012917 "$P_CLI debug_level=4 curves=secp256r1,secp384r1" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012918 0 \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012919 -c "Protocol is TLSv1.3" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012920 -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
12921
12922requires_openssl_tls1_3
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012923requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
12924requires_config_enabled MBEDTLS_DEBUG_C
12925requires_config_enabled MBEDTLS_SSL_SRV_C
Ronald Cron928cbd32022-10-04 16:14:26 +020012926requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012927run_test "TLS 1.3 O->m HRR both peers do not support middlebox compatibility" \
12928 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 curves=secp384r1 tickets=0" \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012929 "$O_NEXT_CLI -msg -debug -groups P-256:P-384 -no_middlebox" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012930 0 \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012931 -s "Protocol is TLSv1.3" \
Gabor Mezeif7044ea2022-06-28 16:01:49 +020012932 -S "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012933 -C "14 03 03 00 01"
12934
12935requires_openssl_tls1_3
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012936requires_config_enabled MBEDTLS_DEBUG_C
12937requires_config_enabled MBEDTLS_SSL_SRV_C
Ronald Cron70ed4172022-10-20 15:48:19 +020012938requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12939 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012940run_test "TLS 1.3 O->m HRR server with middlebox compat support, not client" \
12941 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 curves=secp384r1 tickets=0" \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012942 "$O_NEXT_CLI -msg -debug -groups P-256:P-384 -no_middlebox" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012943 0 \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012944 -s "Protocol is TLSv1.3" \
Gabor Mezeif7044ea2022-06-28 16:01:49 +020012945 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012946
12947requires_openssl_tls1_3
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012948requires_config_enabled MBEDTLS_DEBUG_C
12949requires_config_enabled MBEDTLS_SSL_SRV_C
Ronald Cron70ed4172022-10-20 15:48:19 +020012950requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12951 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012952run_test "TLS 1.3 O->m HRR both with middlebox compat support" \
12953 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 curves=secp384r1 tickets=0" \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012954 "$O_NEXT_CLI -msg -debug -groups P-256:P-384" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012955 0 \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012956 -s "Protocol is TLSv1.3" \
Gabor Mezeif7044ea2022-06-28 16:01:49 +020012957 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012958 -c "14 03 03 00 01"
12959
12960requires_gnutls_tls1_3
12961requires_gnutls_next_no_ticket
12962requires_gnutls_next_disable_tls13_compat
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012963requires_config_disabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
12964requires_config_enabled MBEDTLS_DEBUG_C
12965requires_config_enabled MBEDTLS_SSL_SRV_C
Ronald Cron928cbd32022-10-04 16:14:26 +020012966requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012967run_test "TLS 1.3 G->m HRR both peers do not support middlebox compatibility" \
12968 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 curves=secp384r1 tickets=0" \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012969 "$G_NEXT_CLI localhost --priority=NORMAL:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012970 0 \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012971 -s "Protocol is TLSv1.3" \
Gabor Mezeif7044ea2022-06-28 16:01:49 +020012972 -S "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012973 -C "SSL 3.3 ChangeCipherSpec packet received"
12974
12975requires_gnutls_tls1_3
12976requires_gnutls_next_no_ticket
12977requires_gnutls_next_disable_tls13_compat
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012978requires_config_enabled MBEDTLS_DEBUG_C
12979requires_config_enabled MBEDTLS_SSL_SRV_C
Ronald Cron70ed4172022-10-20 15:48:19 +020012980requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12981 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012982run_test "TLS 1.3 G->m HRR server with middlebox compat support, not client" \
12983 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 curves=secp384r1 tickets=0" \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012984 "$G_NEXT_CLI localhost --debug=10 --priority=NORMAL:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012985 0 \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020012986 -s "Protocol is TLSv1.3" \
Gabor Mezeif7044ea2022-06-28 16:01:49 +020012987 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012988 -c "SSL 3.3 ChangeCipherSpec packet received" \
12989 -c "discarding change cipher spec in TLS1.3"
12990
12991requires_gnutls_tls1_3
12992requires_gnutls_next_no_ticket
12993requires_gnutls_next_disable_tls13_compat
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012994requires_config_enabled MBEDTLS_DEBUG_C
12995requires_config_enabled MBEDTLS_SSL_SRV_C
Ronald Cron70ed4172022-10-20 15:48:19 +020012996requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
12997 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020012998run_test "TLS 1.3 G->m HRR both with middlebox compat support" \
12999 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 curves=secp384r1 tickets=0" \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020013000 "$G_NEXT_CLI localhost --debug=10 --priority=NORMAL:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020013001 0 \
Gabor Mezei9e4b7bd2022-06-28 16:22:14 +020013002 -s "Protocol is TLSv1.3" \
Gabor Mezeif7044ea2022-06-28 16:01:49 +020013003 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \
Gabor Mezei7e2dbaf2022-05-24 16:05:29 +020013004 -c "SSL 3.3 ChangeCipherSpec packet received"
13005
Jerry Yuaae28f12022-06-29 16:21:32 +080013006requires_openssl_tls1_3
Jerry Yuaae28f12022-06-29 16:21:32 +080013007requires_config_enabled MBEDTLS_DEBUG_C
13008requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron70ed4172022-10-20 15:48:19 +020013009requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
13010 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yuaae28f12022-06-29 16:21:32 +080013011run_test "TLS 1.3: Check signature algorithm order, m->O" \
13012 "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key
13013 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache
13014 -Verify 10 -sigalgs rsa_pkcs1_sha512:rsa_pss_rsae_sha512:rsa_pss_rsae_sha384:ecdsa_secp256r1_sha256" \
13015 "$P_CLI debug_level=4 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key \
Jerry Yu7ac0d492022-07-01 19:29:30 +080013016 sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp256r1_sha256" \
Jerry Yuaae28f12022-06-29 16:21:32 +080013017 0 \
13018 -c "Protocol is TLSv1.3" \
Ronald Cron067a1e72022-09-16 13:44:49 +020013019 -c "CertificateVerify signature with rsa_pss_rsae_sha512" \
Jerry Yuaae28f12022-06-29 16:21:32 +080013020 -c "HTTP/1.0 200 [Oo][Kk]"
13021
13022requires_gnutls_tls1_3
Jerry Yuaae28f12022-06-29 16:21:32 +080013023requires_config_enabled MBEDTLS_DEBUG_C
13024requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron70ed4172022-10-20 15:48:19 +020013025requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
13026 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yuaae28f12022-06-29 16:21:32 +080013027run_test "TLS 1.3: Check signature algorithm order, m->G" \
13028 "$G_NEXT_SRV_NO_CERT --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key
13029 -d 4
13030 --priority=NORMAL:-VERS-ALL:-SIGN-ALL:+SIGN-RSA-SHA512:+SIGN-RSA-PSS-RSAE-SHA512:+SIGN-RSA-PSS-RSAE-SHA384:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS " \
13031 "$P_CLI debug_level=4 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key \
Jerry Yu7ac0d492022-07-01 19:29:30 +080013032 sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp256r1_sha256" \
Jerry Yuaae28f12022-06-29 16:21:32 +080013033 0 \
13034 -c "Protocol is TLSv1.3" \
Ronald Cron067a1e72022-09-16 13:44:49 +020013035 -c "CertificateVerify signature with rsa_pss_rsae_sha512" \
Jerry Yuaae28f12022-06-29 16:21:32 +080013036 -c "HTTP/1.0 200 [Oo][Kk]"
13037
Jerry Yuaae28f12022-06-29 16:21:32 +080013038requires_config_enabled MBEDTLS_DEBUG_C
13039requires_config_enabled MBEDTLS_SSL_SRV_C
13040requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron70ed4172022-10-20 15:48:19 +020013041requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
13042 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yuaae28f12022-06-29 16:21:32 +080013043run_test "TLS 1.3: Check signature algorithm order, m->m" \
13044 "$P_SRV debug_level=4 force_version=tls13 auth_mode=required
13045 crt_file2=data_files/server2-sha256.crt key_file2=data_files/server2.key
13046 crt_file=data_files/server5.crt key_file=data_files/server5.key
13047 sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp256r1_sha256 " \
13048 "$P_CLI debug_level=4 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key \
Jerry Yu7ac0d492022-07-01 19:29:30 +080013049 sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp256r1_sha256" \
Jerry Yuaae28f12022-06-29 16:21:32 +080013050 0 \
13051 -c "Protocol is TLSv1.3" \
Ronald Cron067a1e72022-09-16 13:44:49 +020013052 -c "CertificateVerify signature with rsa_pss_rsae_sha512" \
13053 -s "CertificateVerify signature with rsa_pss_rsae_sha512" \
Jerry Yuaae28f12022-06-29 16:21:32 +080013054 -s "ssl_tls13_pick_key_cert:selected signature algorithm rsa_pss_rsae_sha512" \
13055 -c "HTTP/1.0 200 [Oo][Kk]"
13056
13057requires_openssl_tls1_3
Jerry Yuaae28f12022-06-29 16:21:32 +080013058requires_config_enabled MBEDTLS_DEBUG_C
13059requires_config_enabled MBEDTLS_SSL_SRV_C
Ronald Cron70ed4172022-10-20 15:48:19 +020013060requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
13061 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yuaae28f12022-06-29 16:21:32 +080013062run_test "TLS 1.3: Check signature algorithm order, O->m" \
13063 "$P_SRV debug_level=4 force_version=tls13 auth_mode=required
13064 crt_file2=data_files/server2-sha256.crt key_file2=data_files/server2.key
13065 crt_file=data_files/server5.crt key_file=data_files/server5.key
13066 sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp256r1_sha256 " \
13067 "$O_NEXT_CLI_NO_CERT -msg -CAfile data_files/test-ca_cat12.crt \
13068 -cert data_files/server2-sha256.crt -key data_files/server2.key \
13069 -sigalgs rsa_pkcs1_sha512:rsa_pss_rsae_sha512:rsa_pss_rsae_sha384:ecdsa_secp256r1_sha256" \
13070 0 \
13071 -c "TLSv1.3" \
Ronald Cron067a1e72022-09-16 13:44:49 +020013072 -s "CertificateVerify signature with rsa_pss_rsae_sha512" \
Jerry Yuaae28f12022-06-29 16:21:32 +080013073 -s "ssl_tls13_pick_key_cert:selected signature algorithm rsa_pss_rsae_sha512"
13074
13075requires_gnutls_tls1_3
Jerry Yuaae28f12022-06-29 16:21:32 +080013076requires_config_enabled MBEDTLS_DEBUG_C
13077requires_config_enabled MBEDTLS_SSL_SRV_C
Ronald Cron70ed4172022-10-20 15:48:19 +020013078requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
13079 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yuaae28f12022-06-29 16:21:32 +080013080run_test "TLS 1.3: Check signature algorithm order, G->m" \
13081 "$P_SRV debug_level=4 force_version=tls13 auth_mode=required
13082 crt_file2=data_files/server2-sha256.crt key_file2=data_files/server2.key
13083 crt_file=data_files/server5.crt key_file=data_files/server5.key
13084 sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp256r1_sha256 " \
13085 "$G_NEXT_CLI_NO_CERT localhost -d 4 --x509cafile data_files/test-ca_cat12.crt \
13086 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key \
13087 --priority=NORMAL:-SIGN-ALL:+SIGN-RSA-SHA512:+SIGN-RSA-PSS-RSAE-SHA512:+SIGN-RSA-PSS-RSAE-SHA384" \
13088 0 \
13089 -c "Negotiated version: 3.4" \
13090 -c "HTTP/1.0 200 [Oo][Kk]" \
Ronald Cron067a1e72022-09-16 13:44:49 +020013091 -s "CertificateVerify signature with rsa_pss_rsae_sha512" \
Jerry Yuaae28f12022-06-29 16:21:32 +080013092 -s "ssl_tls13_pick_key_cert:selected signature algorithm rsa_pss_rsae_sha512"
13093
13094requires_gnutls_tls1_3
Jerry Yuaae28f12022-06-29 16:21:32 +080013095requires_config_enabled MBEDTLS_DEBUG_C
13096requires_config_enabled MBEDTLS_SSL_SRV_C
Ronald Cron70ed4172022-10-20 15:48:19 +020013097requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
13098 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yuaae28f12022-06-29 16:21:32 +080013099run_test "TLS 1.3: Check server no suitable signature algorithm, G->m" \
13100 "$P_SRV debug_level=4 force_version=tls13 auth_mode=required
13101 crt_file2=data_files/server2-sha256.crt key_file2=data_files/server2.key
13102 crt_file=data_files/server5.crt key_file=data_files/server5.key
13103 sig_algs=rsa_pkcs1_sha512,ecdsa_secp256r1_sha256 " \
13104 "$G_NEXT_CLI_NO_CERT localhost -d 4 --x509cafile data_files/test-ca_cat12.crt \
13105 --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key \
13106 --priority=NORMAL:-SIGN-ALL:+SIGN-RSA-SHA512:+SIGN-RSA-PSS-RSAE-SHA512:+SIGN-ECDSA-SECP521R1-SHA512" \
13107 1 \
Ronald Cron67ea2542022-09-15 17:34:42 +020013108 -S "ssl_tls13_pick_key_cert:check signature algorithm"
Jerry Yuaae28f12022-06-29 16:21:32 +080013109
13110requires_openssl_tls1_3
Jerry Yuaae28f12022-06-29 16:21:32 +080013111requires_config_enabled MBEDTLS_DEBUG_C
13112requires_config_enabled MBEDTLS_SSL_SRV_C
Ronald Cron70ed4172022-10-20 15:48:19 +020013113requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
13114 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yuaae28f12022-06-29 16:21:32 +080013115run_test "TLS 1.3: Check server no suitable signature algorithm, O->m" \
13116 "$P_SRV debug_level=4 force_version=tls13 auth_mode=required
13117 crt_file2=data_files/server2-sha256.crt key_file2=data_files/server2.key
13118 crt_file=data_files/server5.crt key_file=data_files/server5.key
13119 sig_algs=rsa_pkcs1_sha512,ecdsa_secp256r1_sha256" \
13120 "$O_NEXT_CLI_NO_CERT -msg -CAfile data_files/test-ca_cat12.crt \
13121 -cert data_files/server2-sha256.crt -key data_files/server2.key \
13122 -sigalgs rsa_pkcs1_sha512:rsa_pss_rsae_sha512:ecdsa_secp521r1_sha512" \
13123 1 \
Ronald Cron67ea2542022-09-15 17:34:42 +020013124 -S "ssl_tls13_pick_key_cert:check signature algorithm"
Jerry Yuaae28f12022-06-29 16:21:32 +080013125
Jerry Yuaae28f12022-06-29 16:21:32 +080013126requires_config_enabled MBEDTLS_DEBUG_C
13127requires_config_enabled MBEDTLS_SSL_SRV_C
13128requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron70ed4172022-10-20 15:48:19 +020013129requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
13130 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yuaae28f12022-06-29 16:21:32 +080013131run_test "TLS 1.3: Check server no suitable signature algorithm, m->m" \
13132 "$P_SRV debug_level=4 force_version=tls13 auth_mode=required
13133 crt_file2=data_files/server2-sha256.crt key_file2=data_files/server2.key
13134 crt_file=data_files/server5.crt key_file=data_files/server5.key
13135 sig_algs=rsa_pkcs1_sha512,ecdsa_secp256r1_sha256 " \
13136 "$P_CLI allow_sha1=0 debug_level=4 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key \
Jerry Yu7ac0d492022-07-01 19:29:30 +080013137 sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,ecdsa_secp521r1_sha512" \
Jerry Yuaae28f12022-06-29 16:21:32 +080013138 1 \
Ronald Cron67ea2542022-09-15 17:34:42 +020013139 -S "ssl_tls13_pick_key_cert:check signature algorithm"
Jerry Yuaae28f12022-06-29 16:21:32 +080013140
13141requires_gnutls_tls1_3
Jerry Yuaae28f12022-06-29 16:21:32 +080013142requires_config_enabled MBEDTLS_DEBUG_C
13143requires_config_enabled MBEDTLS_SSL_SRV_C
Ronald Cron70ed4172022-10-20 15:48:19 +020013144requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
13145 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yuaae28f12022-06-29 16:21:32 +080013146run_test "TLS 1.3: Check server no suitable certificate, G->m" \
13147 "$P_SRV debug_level=4 force_version=tls13
13148 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key
13149 sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp256r1_sha256 " \
13150 "$G_NEXT_CLI_NO_CERT localhost -d 4 --x509cafile data_files/test-ca_cat12.crt \
13151 --priority=NORMAL:-SIGN-ALL:+SIGN-ECDSA-SECP521R1-SHA512:+SIGN-ECDSA-SECP256R1-SHA256" \
13152 1 \
13153 -s "ssl_tls13_pick_key_cert:no suitable certificate found"
13154
13155requires_openssl_tls1_3
Jerry Yuaae28f12022-06-29 16:21:32 +080013156requires_config_enabled MBEDTLS_DEBUG_C
13157requires_config_enabled MBEDTLS_SSL_SRV_C
Ronald Cron70ed4172022-10-20 15:48:19 +020013158requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
13159 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yuaae28f12022-06-29 16:21:32 +080013160run_test "TLS 1.3: Check server no suitable certificate, O->m" \
13161 "$P_SRV debug_level=4 force_version=tls13
13162 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key
13163 sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp256r1_sha256 " \
13164 "$O_NEXT_CLI_NO_CERT -msg -CAfile data_files/test-ca_cat12.crt \
13165 -sigalgs ecdsa_secp521r1_sha512:ecdsa_secp256r1_sha256" \
13166 1 \
13167 -s "ssl_tls13_pick_key_cert:no suitable certificate found"
13168
Jerry Yuaae28f12022-06-29 16:21:32 +080013169requires_config_enabled MBEDTLS_DEBUG_C
13170requires_config_enabled MBEDTLS_SSL_SRV_C
13171requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron70ed4172022-10-20 15:48:19 +020013172requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
13173 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yuaae28f12022-06-29 16:21:32 +080013174run_test "TLS 1.3: Check server no suitable certificate, m->m" \
13175 "$P_SRV debug_level=4 force_version=tls13
13176 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key
13177 sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp256r1_sha256 " \
13178 "$P_CLI allow_sha1=0 debug_level=4 \
Jerry Yu7ac0d492022-07-01 19:29:30 +080013179 sig_algs=ecdsa_secp521r1_sha512,ecdsa_secp256r1_sha256" \
Jerry Yuaae28f12022-06-29 16:21:32 +080013180 1 \
13181 -s "ssl_tls13_pick_key_cert:no suitable certificate found"
13182
13183requires_openssl_tls1_3
Jerry Yuaae28f12022-06-29 16:21:32 +080013184requires_config_enabled MBEDTLS_DEBUG_C
13185requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron70ed4172022-10-20 15:48:19 +020013186requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
13187 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yuaae28f12022-06-29 16:21:32 +080013188run_test "TLS 1.3: Check client no signature algorithm, m->O" \
13189 "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key
13190 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache
13191 -Verify 10 -sigalgs rsa_pkcs1_sha512:rsa_pss_rsae_sha512:rsa_pss_rsae_sha384:ecdsa_secp521r1_sha512" \
13192 "$P_CLI debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key \
Jerry Yu7ac0d492022-07-01 19:29:30 +080013193 sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp256r1_sha256" \
Jerry Yuaae28f12022-06-29 16:21:32 +080013194 1 \
Ronald Cron067a1e72022-09-16 13:44:49 +020013195 -c "no suitable signature algorithm"
Jerry Yuaae28f12022-06-29 16:21:32 +080013196
13197requires_gnutls_tls1_3
Jerry Yuaae28f12022-06-29 16:21:32 +080013198requires_config_enabled MBEDTLS_DEBUG_C
13199requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron70ed4172022-10-20 15:48:19 +020013200requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
13201 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yuaae28f12022-06-29 16:21:32 +080013202run_test "TLS 1.3: Check client no signature algorithm, m->G" \
13203 "$G_NEXT_SRV_NO_CERT --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key
13204 -d 4
13205 --priority=NORMAL:-VERS-ALL:-SIGN-ALL:+SIGN-RSA-SHA512:+SIGN-RSA-PSS-RSAE-SHA512:+SIGN-RSA-PSS-RSAE-SHA384:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS " \
13206 "$P_CLI debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key \
Jerry Yu7ac0d492022-07-01 19:29:30 +080013207 sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp256r1_sha256" \
Jerry Yuaae28f12022-06-29 16:21:32 +080013208 1 \
Ronald Cron067a1e72022-09-16 13:44:49 +020013209 -c "no suitable signature algorithm"
Jerry Yuaae28f12022-06-29 16:21:32 +080013210
Jerry Yuaae28f12022-06-29 16:21:32 +080013211requires_config_enabled MBEDTLS_DEBUG_C
13212requires_config_enabled MBEDTLS_SSL_SRV_C
13213requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron70ed4172022-10-20 15:48:19 +020013214requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
13215 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
Jerry Yuaae28f12022-06-29 16:21:32 +080013216run_test "TLS 1.3: Check client no signature algorithm, m->m" \
13217 "$P_SRV debug_level=4 force_version=tls13 auth_mode=required
13218 crt_file2=data_files/server2-sha256.crt key_file2=data_files/server2.key
13219 crt_file=data_files/server5.crt key_file=data_files/server5.key
13220 sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp521r1_sha512" \
13221 "$P_CLI debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key \
Jerry Yu7ac0d492022-07-01 19:29:30 +080013222 sig_algs=rsa_pkcs1_sha512,rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,ecdsa_secp256r1_sha256" \
Jerry Yuaae28f12022-06-29 16:21:32 +080013223 1 \
Ronald Cron067a1e72022-09-16 13:44:49 +020013224 -c "no suitable signature algorithm"
Jerry Yuaae28f12022-06-29 16:21:32 +080013225
Jerry Yu29ab32d2022-07-07 11:33:35 +000013226requires_openssl_tls1_3
Jerry Yu29ab32d2022-07-07 11:33:35 +000013227requires_config_enabled MBEDTLS_DEBUG_C
13228requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron70ed4172022-10-20 15:48:19 +020013229requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
13230 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
13231 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu29ab32d2022-07-07 11:33:35 +000013232run_test "TLS 1.3: NewSessionTicket: Basic check, m->O" \
Jerry Yue9764922022-08-03 14:34:24 +080013233 "$O_NEXT_SRV -msg -tls1_3 -no_resume_ephemeral -no_cache --num_tickets 4" \
13234 "$P_CLI debug_level=1 reco_mode=1 reconnect=1" \
Jerry Yu29ab32d2022-07-07 11:33:35 +000013235 0 \
13236 -c "Protocol is TLSv1.3" \
Jerry Yu29ab32d2022-07-07 11:33:35 +000013237 -c "got new session ticket." \
Jerry Yu24e38552022-07-15 16:35:26 +080013238 -c "Saving session for reuse... ok" \
Jerry Yue9764922022-08-03 14:34:24 +080013239 -c "Reconnecting with saved session" \
Jerry Yu29ab32d2022-07-07 11:33:35 +000013240 -c "HTTP/1.0 200 ok"
13241
13242requires_gnutls_tls1_3
Jerry Yu29ab32d2022-07-07 11:33:35 +000013243requires_config_enabled MBEDTLS_DEBUG_C
13244requires_config_enabled MBEDTLS_SSL_CLI_C
Ronald Cron70ed4172022-10-20 15:48:19 +020013245requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
13246 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
13247 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu29ab32d2022-07-07 11:33:35 +000013248run_test "TLS 1.3: NewSessionTicket: Basic check, m->G" \
Ronald Crona709a0f2022-09-27 16:46:11 +020013249 "$G_NEXT_SRV -d 10 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 --disable-client-cert" \
Jerry Yue9764922022-08-03 14:34:24 +080013250 "$P_CLI debug_level=1 reco_mode=1 reconnect=1" \
Jerry Yu29ab32d2022-07-07 11:33:35 +000013251 0 \
13252 -c "Protocol is TLSv1.3" \
Jerry Yu29ab32d2022-07-07 11:33:35 +000013253 -c "got new session ticket." \
Jerry Yu24e38552022-07-15 16:35:26 +080013254 -c "Saving session for reuse... ok" \
Jerry Yue9764922022-08-03 14:34:24 +080013255 -c "Reconnecting with saved session" \
13256 -c "HTTP/1.0 200 OK" \
13257 -s "This is a resumed session"
Jerry Yuf7b5b592022-07-07 07:55:53 +000013258
Jerry Yu7a513052022-08-09 13:34:21 +080013259requires_openssl_tls1_3
Jerry Yu7a513052022-08-09 13:34:21 +080013260requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
13261requires_config_enabled MBEDTLS_SSL_SRV_C
13262requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron70ed4172022-10-20 15:48:19 +020013263requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
13264 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
13265 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yu7a513052022-08-09 13:34:21 +080013266# https://github.com/openssl/openssl/issues/10714
13267# Until now, OpenSSL client does not support reconnect.
13268skip_next_test
13269run_test "TLS 1.3: NewSessionTicket: Basic check, O->m" \
13270 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=4" \
13271 "$O_NEXT_CLI -msg -debug -tls1_3 -reconnect" \
13272 0 \
13273 -s "=> write NewSessionTicket msg" \
Jerry Yua8d3c502022-10-30 14:51:23 +080013274 -s "server state: MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET" \
13275 -s "server state: MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET_FLUSH"
Jerry Yu7a513052022-08-09 13:34:21 +080013276
Jerry Yuf7b5b592022-07-07 07:55:53 +000013277requires_gnutls_tls1_3
Jerry Yuf7b5b592022-07-07 07:55:53 +000013278requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
13279requires_config_enabled MBEDTLS_SSL_SRV_C
13280requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron70ed4172022-10-20 15:48:19 +020013281requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
13282 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
13283 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yuf7b5b592022-07-07 07:55:53 +000013284run_test "TLS 1.3: NewSessionTicket: Basic check, G->m" \
Jerry Yu7a513052022-08-09 13:34:21 +080013285 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=4" \
13286 "$G_NEXT_CLI localhost -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -r" \
Jerry Yuf7b5b592022-07-07 07:55:53 +000013287 0 \
Jerry Yue9764922022-08-03 14:34:24 +080013288 -c "Connecting again- trying to resume previous session" \
13289 -c "NEW SESSION TICKET (4) was received" \
Jerry Yuf7b5b592022-07-07 07:55:53 +000013290 -s "=> write NewSessionTicket msg" \
Jerry Yua8d3c502022-10-30 14:51:23 +080013291 -s "server state: MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET" \
13292 -s "server state: MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET_FLUSH" \
Jerry Yue9764922022-08-03 14:34:24 +080013293 -s "key exchange mode: ephemeral" \
13294 -s "key exchange mode: psk_ephemeral" \
13295 -s "found pre_shared_key extension"
Jerry Yuf7b5b592022-07-07 07:55:53 +000013296
Jerry Yuf7b5b592022-07-07 07:55:53 +000013297requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
13298requires_config_enabled MBEDTLS_SSL_SRV_C
13299requires_config_enabled MBEDTLS_SSL_CLI_C
13300requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron70ed4172022-10-20 15:48:19 +020013301requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
13302 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
13303 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Jerry Yuf7b5b592022-07-07 07:55:53 +000013304run_test "TLS 1.3: NewSessionTicket: Basic check, m->m" \
Jerry Yu7a513052022-08-09 13:34:21 +080013305 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=4" \
Jerry Yu24e38552022-07-15 16:35:26 +080013306 "$P_CLI debug_level=4 reco_mode=1 reconnect=1" \
Jerry Yuf7b5b592022-07-07 07:55:53 +000013307 0 \
13308 -c "Protocol is TLSv1.3" \
Jerry Yu7a513052022-08-09 13:34:21 +080013309 -c "got new session ticket ( 3 )" \
Jerry Yu24e38552022-07-15 16:35:26 +080013310 -c "Saving session for reuse... ok" \
Jerry Yue9764922022-08-03 14:34:24 +080013311 -c "Reconnecting with saved session" \
Jerry Yuf7b5b592022-07-07 07:55:53 +000013312 -c "HTTP/1.0 200 OK" \
13313 -s "=> write NewSessionTicket msg" \
Jerry Yua8d3c502022-10-30 14:51:23 +080013314 -s "server state: MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET" \
13315 -s "server state: MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET_FLUSH" \
Jerry Yue9764922022-08-03 14:34:24 +080013316 -s "key exchange mode: ephemeral" \
13317 -s "key exchange mode: psk_ephemeral" \
13318 -s "found pre_shared_key extension"
13319
Jerry Yu6455b682022-06-27 14:18:29 +080013320requires_openssl_tls1_3
13321requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
13322requires_config_enabled MBEDTLS_DEBUG_C
13323requires_config_enabled MBEDTLS_SSL_CLI_C
Jerry Yueec4f032022-07-23 11:31:51 +080013324run_test "TLS 1.2: Check rsa_pss_rsae compatibility issue, m->O" \
Jerry Yu6455b682022-06-27 14:18:29 +080013325 "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key
13326 -msg -tls1_2
13327 -Verify 10 " \
13328 "$P_CLI debug_level=4 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key
13329 sig_algs=rsa_pss_rsae_sha512,rsa_pkcs1_sha512
13330 min_version=tls12 max_version=tls13 " \
13331 0 \
13332 -c "Protocol is TLSv1.2" \
13333 -c "HTTP/1.0 200 [Oo][Kk]"
13334
13335
13336requires_gnutls_tls1_3
13337requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
13338requires_config_enabled MBEDTLS_DEBUG_C
13339requires_config_enabled MBEDTLS_SSL_CLI_C
Jerry Yueec4f032022-07-23 11:31:51 +080013340run_test "TLS 1.2: Check rsa_pss_rsae compatibility issue, m->G" \
Jerry Yu6455b682022-06-27 14:18:29 +080013341 "$G_NEXT_SRV_NO_CERT --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key
13342 -d 4
13343 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2" \
13344 "$P_CLI debug_level=4 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key
13345 sig_algs=rsa_pss_rsae_sha512,rsa_pkcs1_sha512
13346 min_version=tls12 max_version=tls13 " \
13347 0 \
13348 -c "Protocol is TLSv1.2" \
13349 -c "HTTP/1.0 200 [Oo][Kk]"
13350
Xiaokang Qian281fd1b2022-09-20 11:35:41 +000013351requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
13352requires_config_enabled MBEDTLS_SSL_SRV_C
13353requires_config_enabled MBEDTLS_SSL_CLI_C
13354requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron70ed4172022-10-20 15:48:19 +020013355requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
13356 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
13357 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian281fd1b2022-09-20 11:35:41 +000013358run_test "TLS 1.3: NewSessionTicket: servername check, m->m" \
Xiaokang Qian2f9efd32022-10-10 11:24:08 +000013359 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=4 \
Xiaokang Qian281fd1b2022-09-20 11:35:41 +000013360 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
13361 "$P_CLI debug_level=4 server_name=localhost reco_mode=1 reconnect=1" \
13362 0 \
13363 -c "Protocol is TLSv1.3" \
13364 -c "got new session ticket." \
13365 -c "Saving session for reuse... ok" \
13366 -c "Reconnecting with saved session" \
13367 -c "HTTP/1.0 200 OK" \
13368 -s "=> write NewSessionTicket msg" \
Jerry Yua8d3c502022-10-30 14:51:23 +080013369 -s "server state: MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET" \
13370 -s "server state: MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET_FLUSH" \
Xiaokang Qian281fd1b2022-09-20 11:35:41 +000013371 -s "key exchange mode: ephemeral" \
13372 -s "key exchange mode: psk_ephemeral" \
13373 -s "found pre_shared_key extension"
13374
Xiaokang Qian281fd1b2022-09-20 11:35:41 +000013375requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
13376requires_config_enabled MBEDTLS_SSL_SRV_C
13377requires_config_enabled MBEDTLS_SSL_CLI_C
13378requires_config_enabled MBEDTLS_DEBUG_C
Ronald Cron70ed4172022-10-20 15:48:19 +020013379requires_all_configs_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE \
13380 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED \
13381 MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED
Xiaokang Qian281fd1b2022-09-20 11:35:41 +000013382run_test "TLS 1.3: NewSessionTicket: servername negative check, m->m" \
Xiaokang Qian2f9efd32022-10-10 11:24:08 +000013383 "$P_SRV debug_level=4 crt_file=data_files/server5.crt key_file=data_files/server5.key force_version=tls13 tickets=4 \
Xiaokang Qian281fd1b2022-09-20 11:35:41 +000013384 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
Jerry Yuad9e99b2022-10-28 12:18:52 +080013385 "$P_CLI debug_level=4 server_name=localhost reco_server_name=remote reco_mode=1 reconnect=1" \
Xiaokang Qian281fd1b2022-09-20 11:35:41 +000013386 1 \
13387 -c "Protocol is TLSv1.3" \
13388 -c "got new session ticket." \
13389 -c "Saving session for reuse... ok" \
13390 -c "Reconnecting with saved session" \
Xiaokang Qianed0620c2022-10-12 06:58:13 +000013391 -c "Hostname mismatch the session ticket, disable session resumption." \
Xiaokang Qian281fd1b2022-09-20 11:35:41 +000013392 -s "=> write NewSessionTicket msg" \
Jerry Yua8d3c502022-10-30 14:51:23 +080013393 -s "server state: MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET" \
13394 -s "server state: MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET_FLUSH"
Xiaokang Qian281fd1b2022-09-20 11:35:41 +000013395
Piotr Nowicki0937ed22019-11-26 16:32:40 +010013396# Test heap memory usage after handshake
Jerry Yuab082902021-12-23 18:02:22 +080013397requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Piotr Nowicki0937ed22019-11-26 16:32:40 +010013398requires_config_enabled MBEDTLS_MEMORY_DEBUG
13399requires_config_enabled MBEDTLS_MEMORY_BUFFER_ALLOC_C
13400requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Yuto Takanobc87b1d2021-07-08 15:56:33 +010013401requires_max_content_len 16384
Piotr Nowicki0937ed22019-11-26 16:32:40 +010013402run_tests_memory_after_hanshake
13403
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +010013404# Final report
13405
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +010013406echo "------------------------------------------------------------------------"
13407
13408if [ $FAILS = 0 ]; then
Manuel Pégourié-Gonnardf46f1282014-12-11 11:51:28 +010013409 printf "PASSED"
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +010013410else
Manuel Pégourié-Gonnardf46f1282014-12-11 11:51:28 +010013411 printf "FAILED"
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +010013412fi
Manuel Pégourié-Gonnard72e51ee2014-08-31 10:22:11 +020013413PASSES=$(( $TESTS - $FAILS ))
Manuel Pégourié-Gonnard6f4fbbb2014-08-14 14:31:29 +020013414echo " ($PASSES / $TESTS tests ($SKIPS skipped))"
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +010013415
Tom Cosgrovefc0e79e2023-01-13 12:13:41 +000013416if [ $FAILS -gt 255 ]; then
13417 # Clamp at 255 as caller gets exit code & 0xFF
13418 # (so 256 would be 0, or success, etc)
13419 FAILS=255
13420fi
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +010013421exit $FAILS