blob: 3de2361b17aa16487489fcd61768b9625dd2a05e [file] [log] [blame]
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +01001#!/bin/sh
2
Simon Butcher58eddef2016-05-19 23:43:11 +01003# ssl-opt.sh
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +01004#
Bence Szépkúti1e148272020-08-07 13:07:28 +02005# Copyright The Mbed TLS Contributors
Bence Szépkútic7da1fe2020-05-26 01:54:15 +02006# SPDX-License-Identifier: Apache-2.0
7#
8# Licensed under the Apache License, Version 2.0 (the "License"); you may
9# not use this file except in compliance with the License.
10# You may obtain a copy of the License at
11#
12# http://www.apache.org/licenses/LICENSE-2.0
13#
14# Unless required by applicable law or agreed to in writing, software
15# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
16# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17# See the License for the specific language governing permissions and
18# limitations under the License.
19#
Simon Butcher58eddef2016-05-19 23:43:11 +010020# Purpose
21#
22# Executes tests to prove various TLS/SSL options and extensions.
23#
24# The goal is not to cover every ciphersuite/version, but instead to cover
25# specific options (max fragment length, truncated hmac, etc) or procedures
26# (session resumption from cache or ticket, renego, etc).
27#
28# The tests assume a build with default options, with exceptions expressed
29# with a dependency. The tests focus on functionality and do not consider
30# performance.
31#
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +010032
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +010033set -u
34
Jaeden Amero6e70eb22019-07-03 13:51:04 +010035# Limit the size of each log to 10 GiB, in case of failures with this script
36# where it may output seemingly unlimited length error logs.
37ulimit -f 20971520
38
Gilles Peskine560280b2019-09-16 15:17:38 +020039ORIGINAL_PWD=$PWD
40if ! cd "$(dirname "$0")"; then
41 exit 125
Angus Grattonc4dd0732018-04-11 16:28:39 +100042fi
43
Antonin Décimo36e89b52019-01-23 15:24:37 +010044# default values, can be overridden by the environment
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +010045: ${P_SRV:=../programs/ssl/ssl_server2}
46: ${P_CLI:=../programs/ssl/ssl_client2}
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +020047: ${P_PXY:=../programs/test/udp_proxy}
Manuel Pégourié-Gonnard74faf3c2014-03-13 18:47:44 +010048: ${OPENSSL_CMD:=openssl} # OPENSSL would conflict with the build system
Manuel Pégourié-Gonnardbaa7f072014-08-20 20:15:53 +020049: ${GNUTLS_CLI:=gnutls-cli}
50: ${GNUTLS_SERV:=gnutls-serv}
Gilles Peskined50177f2017-05-16 17:53:03 +020051: ${PERL:=perl}
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +010052
Gilles Peskine560280b2019-09-16 15:17:38 +020053guess_config_name() {
54 if git diff --quiet ../include/mbedtls/config.h 2>/dev/null; then
55 echo "default"
56 else
57 echo "unknown"
58 fi
59}
60: ${MBEDTLS_TEST_OUTCOME_FILE=}
61: ${MBEDTLS_TEST_CONFIGURATION:="$(guess_config_name)"}
62: ${MBEDTLS_TEST_PLATFORM:="$(uname -s | tr -c \\n0-9A-Za-z _)-$(uname -m | tr -c \\n0-9A-Za-z _)"}
63
Manuel Pégourié-Gonnardfa60f122014-09-26 16:07:29 +020064O_SRV="$OPENSSL_CMD s_server -www -cert data_files/server5.crt -key data_files/server5.key"
Manuel Pégourié-Gonnard74faf3c2014-03-13 18:47:44 +010065O_CLI="echo 'GET / HTTP/1.0' | $OPENSSL_CMD s_client"
Manuel Pégourié-Gonnardbaa7f072014-08-20 20:15:53 +020066G_SRV="$GNUTLS_SERV --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key"
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +010067G_CLI="echo 'GET / HTTP/1.0' | $GNUTLS_CLI --x509cafile data_files/test-ca_cat12.crt"
Gilles Peskined50177f2017-05-16 17:53:03 +020068TCP_CLIENT="$PERL scripts/tcp_client.pl"
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +010069
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +020070# alternative versions of OpenSSL and GnuTLS (no default path)
71
72if [ -n "${OPENSSL_LEGACY:-}" ]; then
73 O_LEGACY_SRV="$OPENSSL_LEGACY s_server -www -cert data_files/server5.crt -key data_files/server5.key"
74 O_LEGACY_CLI="echo 'GET / HTTP/1.0' | $OPENSSL_LEGACY s_client"
75else
76 O_LEGACY_SRV=false
77 O_LEGACY_CLI=false
78fi
79
Hanno Becker58e9dc32018-08-17 15:53:21 +010080if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +020081 G_NEXT_SRV="$GNUTLS_NEXT_SERV --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key"
82else
83 G_NEXT_SRV=false
84fi
85
Hanno Becker58e9dc32018-08-17 15:53:21 +010086if [ -n "${GNUTLS_NEXT_CLI:-}" ]; then
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +020087 G_NEXT_CLI="echo 'GET / HTTP/1.0' | $GNUTLS_NEXT_CLI --x509cafile data_files/test-ca_cat12.crt"
88else
89 G_NEXT_CLI=false
90fi
91
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +010092TESTS=0
93FAILS=0
Manuel Pégourié-Gonnard6f4fbbb2014-08-14 14:31:29 +020094SKIPS=0
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +010095
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +000096CONFIG_H='../include/mbedtls/config.h'
Manuel Pégourié-Gonnard83d8c732014-04-07 13:24:21 +020097
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +010098MEMCHECK=0
Manuel Pégourié-Gonnard417d46c2014-03-13 19:17:53 +010099FILTER='.*'
Manuel Pégourié-Gonnard6f4fbbb2014-08-14 14:31:29 +0200100EXCLUDE='^$'
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100101
Paul Bakkere20310a2016-05-10 11:18:17 +0100102SHOW_TEST_NUMBER=0
Paul Bakkerb7584a52016-05-10 10:50:43 +0100103RUN_TEST_NUMBER=''
104
Paul Bakkeracaac852016-05-10 11:47:13 +0100105PRESERVE_LOGS=0
106
Gilles Peskinef93c7d32017-04-14 17:55:28 +0200107# Pick a "unique" server port in the range 10000-19999, and a proxy
108# port which is this plus 10000. Each port number may be independently
109# overridden by a command line option.
110SRV_PORT=$(($$ % 10000 + 10000))
111PXY_PORT=$((SRV_PORT + 10000))
112
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100113print_usage() {
114 echo "Usage: $0 [options]"
Manuel Pégourié-Gonnardf46f1282014-12-11 11:51:28 +0100115 printf " -h|--help\tPrint this help.\n"
116 printf " -m|--memcheck\tCheck memory leaks and errors.\n"
Gilles Peskine9fa4ed62020-08-26 22:35:46 +0200117 printf " -f|--filter\tOnly matching tests are executed (substring or BRE)\n"
118 printf " -e|--exclude\tMatching tests are excluded (substring or BRE)\n"
Paul Bakkerb7584a52016-05-10 10:50:43 +0100119 printf " -n|--number\tExecute only numbered test (comma-separated, e.g. '245,256')\n"
Paul Bakkere20310a2016-05-10 11:18:17 +0100120 printf " -s|--show-numbers\tShow test numbers in front of test names\n"
Paul Bakkeracaac852016-05-10 11:47:13 +0100121 printf " -p|--preserve-logs\tPreserve logs of successful tests as well\n"
Gilles Peskine560280b2019-09-16 15:17:38 +0200122 printf " --outcome-file\tFile where test outcomes are written\n"
123 printf " \t(default: \$MBEDTLS_TEST_OUTCOME_FILE, none if empty)\n"
124 printf " --port \tTCP/UDP port (default: randomish 1xxxx)\n"
Gilles Peskinef93c7d32017-04-14 17:55:28 +0200125 printf " --proxy-port\tTCP/UDP proxy port (default: randomish 2xxxx)\n"
Gilles Peskine560280b2019-09-16 15:17:38 +0200126 printf " --seed \tInteger seed value to use for this test run\n"
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100127}
128
129get_options() {
130 while [ $# -gt 0 ]; do
131 case "$1" in
Manuel Pégourié-Gonnard417d46c2014-03-13 19:17:53 +0100132 -f|--filter)
133 shift; FILTER=$1
134 ;;
135 -e|--exclude)
136 shift; EXCLUDE=$1
137 ;;
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100138 -m|--memcheck)
139 MEMCHECK=1
140 ;;
Paul Bakkerb7584a52016-05-10 10:50:43 +0100141 -n|--number)
142 shift; RUN_TEST_NUMBER=$1
143 ;;
Paul Bakkere20310a2016-05-10 11:18:17 +0100144 -s|--show-numbers)
145 SHOW_TEST_NUMBER=1
146 ;;
Paul Bakkeracaac852016-05-10 11:47:13 +0100147 -p|--preserve-logs)
148 PRESERVE_LOGS=1
149 ;;
Gilles Peskinef93c7d32017-04-14 17:55:28 +0200150 --port)
151 shift; SRV_PORT=$1
152 ;;
153 --proxy-port)
154 shift; PXY_PORT=$1
155 ;;
Andres AGf04f54d2016-10-10 15:46:20 +0100156 --seed)
157 shift; SEED="$1"
158 ;;
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100159 -h|--help)
160 print_usage
161 exit 0
162 ;;
163 *)
Paul Bakker1ebc0c52014-05-22 15:47:58 +0200164 echo "Unknown argument: '$1'"
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100165 print_usage
166 exit 1
167 ;;
168 esac
169 shift
170 done
171}
172
Gilles Peskine560280b2019-09-16 15:17:38 +0200173# Make the outcome file path relative to the original directory, not
174# to .../tests
175case "$MBEDTLS_TEST_OUTCOME_FILE" in
176 [!/]*)
177 MBEDTLS_TEST_OUTCOME_FILE="$ORIGINAL_PWD/$MBEDTLS_TEST_OUTCOME_FILE"
178 ;;
179esac
180
Gilles Peskine64457492020-08-26 21:53:33 +0200181# Read boolean configuration options from config.h for easy and quick
182# testing. Skip non-boolean options (with something other than spaces
183# and a comment after "#define SYMBOL"). The variable contains a
184# space-separated list of symbols.
185CONFIGS_ENABLED=" $(<"$CONFIG_H" \
186 sed -n 's!^ *#define *\([A-Za-z][0-9A-Z_a-z]*\) *\(/*\)*!\1!p' |
187 tr '\n' ' ')"
188
Hanno Becker3b8b40c2018-08-28 10:25:41 +0100189# Skip next test; use this macro to skip tests which are legitimate
190# in theory and expected to be re-introduced at some point, but
191# aren't expected to succeed at the moment due to problems outside
192# our control (such as bugs in other TLS implementations).
193skip_next_test() {
194 SKIP_NEXT="YES"
195}
196
Manuel Pégourié-Gonnard988209f2015-03-24 10:43:55 +0100197# skip next test if the flag is not enabled in config.h
198requires_config_enabled() {
Gilles Peskine64457492020-08-26 21:53:33 +0200199 case $CONFIGS_ENABLED in
200 *" $1 "*) :;;
201 *) SKIP_NEXT="YES";;
202 esac
Manuel Pégourié-Gonnard988209f2015-03-24 10:43:55 +0100203}
204
Manuel Pégourié-Gonnardaf63c212017-06-08 17:51:08 +0200205# skip next test if the flag is enabled in config.h
206requires_config_disabled() {
Gilles Peskine64457492020-08-26 21:53:33 +0200207 case $CONFIGS_ENABLED in
208 *" $1 "*) SKIP_NEXT="YES";;
209 esac
Manuel Pégourié-Gonnardaf63c212017-06-08 17:51:08 +0200210}
211
Hanno Becker7c48dd12018-08-28 16:09:22 +0100212get_config_value_or_default() {
Andres Amaya Garcia3169dc02018-10-16 21:29:07 +0100213 # This function uses the query_config command line option to query the
214 # required Mbed TLS compile time configuration from the ssl_server2
215 # program. The command will always return a success value if the
216 # configuration is defined and the value will be printed to stdout.
217 #
218 # Note that if the configuration is not defined or is defined to nothing,
219 # the output of this function will be an empty string.
220 ${P_SRV} "query_config=${1}"
Hanno Becker7c48dd12018-08-28 16:09:22 +0100221}
222
223requires_config_value_at_least() {
Andres Amaya Garcia3169dc02018-10-16 21:29:07 +0100224 VAL="$( get_config_value_or_default "$1" )"
225 if [ -z "$VAL" ]; then
226 # Should never happen
227 echo "Mbed TLS configuration $1 is not defined"
228 exit 1
229 elif [ "$VAL" -lt "$2" ]; then
Hanno Becker5cd017f2018-08-24 14:40:12 +0100230 SKIP_NEXT="YES"
231 fi
232}
233
234requires_config_value_at_most() {
Hanno Becker7c48dd12018-08-28 16:09:22 +0100235 VAL=$( get_config_value_or_default "$1" )
Andres Amaya Garcia3169dc02018-10-16 21:29:07 +0100236 if [ -z "$VAL" ]; then
237 # Should never happen
238 echo "Mbed TLS configuration $1 is not defined"
239 exit 1
240 elif [ "$VAL" -gt "$2" ]; then
Hanno Becker5cd017f2018-08-24 14:40:12 +0100241 SKIP_NEXT="YES"
242 fi
243}
244
Gilles Peskine64457492020-08-26 21:53:33 +0200245# Space-separated list of ciphersuites supported by this build of
246# Mbed TLS.
247P_CIPHERSUITES=" $($P_CLI --help 2>/dev/null |
248 grep TLS- |
249 tr -s ' \n' ' ')"
Hanno Becker9d76d562018-11-16 17:27:29 +0000250requires_ciphersuite_enabled() {
Gilles Peskine64457492020-08-26 21:53:33 +0200251 case $P_CIPHERSUITES in
252 *" $1 "*) :;;
253 *) SKIP_NEXT="YES";;
254 esac
Hanno Becker9d76d562018-11-16 17:27:29 +0000255}
256
Gilles Peskine0d721652020-06-26 23:35:53 +0200257# maybe_requires_ciphersuite_enabled CMD [RUN_TEST_OPTION...]
258# If CMD (call to a TLS client or server program) requires a specific
259# ciphersuite, arrange to only run the test case if this ciphersuite is
260# enabled. As an exception, do run the test case if it expects a ciphersuite
261# mismatch.
262maybe_requires_ciphersuite_enabled() {
263 case "$1" in
264 *\ force_ciphersuite=*) :;;
265 *) return;; # No specific required ciphersuite
266 esac
267 ciphersuite="${1##*\ force_ciphersuite=}"
268 ciphersuite="${ciphersuite%%[!-0-9A-Z_a-z]*}"
269 shift
270
271 case "$*" in
272 *"-s SSL - The server has no ciphersuites in common"*)
273 # This test case expects a ciphersuite mismatch, so it doesn't
274 # require the ciphersuite to be enabled.
275 ;;
276 *)
277 requires_ciphersuite_enabled "$ciphersuite"
278 ;;
279 esac
280
281 unset ciphersuite
282}
283
Manuel Pégourié-Gonnard1cbd39d2014-10-20 13:34:59 +0200284# skip next test if OpenSSL doesn't support FALLBACK_SCSV
285requires_openssl_with_fallback_scsv() {
286 if [ -z "${OPENSSL_HAS_FBSCSV:-}" ]; then
287 if $OPENSSL_CMD s_client -help 2>&1 | grep fallback_scsv >/dev/null
288 then
289 OPENSSL_HAS_FBSCSV="YES"
290 else
291 OPENSSL_HAS_FBSCSV="NO"
292 fi
293 fi
294 if [ "$OPENSSL_HAS_FBSCSV" = "NO" ]; then
295 SKIP_NEXT="YES"
296 fi
297}
298
Manuel Pégourié-Gonnardbaa7f072014-08-20 20:15:53 +0200299# skip next test if GnuTLS isn't available
300requires_gnutls() {
301 if [ -z "${GNUTLS_AVAILABLE:-}" ]; then
Manuel Pégourié-Gonnard03db6b02015-06-26 15:45:30 +0200302 if ( which "$GNUTLS_CLI" && which "$GNUTLS_SERV" ) >/dev/null 2>&1; then
Manuel Pégourié-Gonnardbaa7f072014-08-20 20:15:53 +0200303 GNUTLS_AVAILABLE="YES"
304 else
305 GNUTLS_AVAILABLE="NO"
306 fi
307 fi
308 if [ "$GNUTLS_AVAILABLE" = "NO" ]; then
309 SKIP_NEXT="YES"
310 fi
311}
312
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +0200313# skip next test if GnuTLS-next isn't available
314requires_gnutls_next() {
315 if [ -z "${GNUTLS_NEXT_AVAILABLE:-}" ]; then
316 if ( which "${GNUTLS_NEXT_CLI:-}" && which "${GNUTLS_NEXT_SERV:-}" ) >/dev/null 2>&1; then
317 GNUTLS_NEXT_AVAILABLE="YES"
318 else
319 GNUTLS_NEXT_AVAILABLE="NO"
320 fi
321 fi
322 if [ "$GNUTLS_NEXT_AVAILABLE" = "NO" ]; then
323 SKIP_NEXT="YES"
324 fi
325}
326
327# skip next test if OpenSSL-legacy isn't available
328requires_openssl_legacy() {
329 if [ -z "${OPENSSL_LEGACY_AVAILABLE:-}" ]; then
330 if which "${OPENSSL_LEGACY:-}" >/dev/null 2>&1; then
331 OPENSSL_LEGACY_AVAILABLE="YES"
332 else
333 OPENSSL_LEGACY_AVAILABLE="NO"
334 fi
335 fi
336 if [ "$OPENSSL_LEGACY_AVAILABLE" = "NO" ]; then
337 SKIP_NEXT="YES"
338 fi
339}
340
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +0200341# skip next test if IPv6 isn't available on this host
342requires_ipv6() {
343 if [ -z "${HAS_IPV6:-}" ]; then
344 $P_SRV server_addr='::1' > $SRV_OUT 2>&1 &
345 SRV_PID=$!
346 sleep 1
347 kill $SRV_PID >/dev/null 2>&1
348 if grep "NET - Binding of the socket failed" $SRV_OUT >/dev/null; then
349 HAS_IPV6="NO"
350 else
351 HAS_IPV6="YES"
352 fi
353 rm -r $SRV_OUT
354 fi
355
356 if [ "$HAS_IPV6" = "NO" ]; then
357 SKIP_NEXT="YES"
358 fi
359}
360
Andrzej Kurekb4593462018-10-11 08:43:30 -0400361# skip next test if it's i686 or uname is not available
362requires_not_i686() {
363 if [ -z "${IS_I686:-}" ]; then
364 IS_I686="YES"
365 if which "uname" >/dev/null 2>&1; then
366 if [ -z "$(uname -a | grep i686)" ]; then
367 IS_I686="NO"
368 fi
369 fi
370 fi
371 if [ "$IS_I686" = "YES" ]; then
372 SKIP_NEXT="YES"
373 fi
374}
375
Angus Grattonc4dd0732018-04-11 16:28:39 +1000376# Calculate the input & output maximum content lengths set in the config
Gilles Peskine5d46f6a2019-07-27 23:52:53 +0200377MAX_CONTENT_LEN=$( ../scripts/config.py get MBEDTLS_SSL_MAX_CONTENT_LEN || echo "16384")
378MAX_IN_LEN=$( ../scripts/config.py get MBEDTLS_SSL_IN_CONTENT_LEN || echo "$MAX_CONTENT_LEN")
379MAX_OUT_LEN=$( ../scripts/config.py get MBEDTLS_SSL_OUT_CONTENT_LEN || echo "$MAX_CONTENT_LEN")
Angus Grattonc4dd0732018-04-11 16:28:39 +1000380
381if [ "$MAX_IN_LEN" -lt "$MAX_CONTENT_LEN" ]; then
382 MAX_CONTENT_LEN="$MAX_IN_LEN"
383fi
384if [ "$MAX_OUT_LEN" -lt "$MAX_CONTENT_LEN" ]; then
385 MAX_CONTENT_LEN="$MAX_OUT_LEN"
386fi
387
388# skip the next test if the SSL output buffer is less than 16KB
389requires_full_size_output_buffer() {
390 if [ "$MAX_OUT_LEN" -ne 16384 ]; then
391 SKIP_NEXT="YES"
392 fi
393}
394
Manuel Pégourié-Gonnard76fe9e42014-09-24 15:17:31 +0200395# skip the next test if valgrind is in use
396not_with_valgrind() {
397 if [ "$MEMCHECK" -gt 0 ]; then
398 SKIP_NEXT="YES"
399 fi
400}
401
Paul Bakker362689d2016-05-13 10:33:25 +0100402# skip the next test if valgrind is NOT in use
403only_with_valgrind() {
404 if [ "$MEMCHECK" -eq 0 ]; then
405 SKIP_NEXT="YES"
406 fi
407}
408
Manuel Pégourié-Gonnarda0719722014-09-20 12:46:27 +0200409# multiply the client timeout delay by the given factor for the next test
Janos Follath74537a62016-09-02 13:45:28 +0100410client_needs_more_time() {
Manuel Pégourié-Gonnarda0719722014-09-20 12:46:27 +0200411 CLI_DELAY_FACTOR=$1
412}
413
Janos Follath74537a62016-09-02 13:45:28 +0100414# wait for the given seconds after the client finished in the next test
415server_needs_more_time() {
416 SRV_DELAY_SECONDS=$1
417}
418
Manuel Pégourié-Gonnardf8bdbb52014-02-21 09:20:14 +0100419# print_name <name>
420print_name() {
Paul Bakkere20310a2016-05-10 11:18:17 +0100421 TESTS=$(( $TESTS + 1 ))
422 LINE=""
423
424 if [ "$SHOW_TEST_NUMBER" -gt 0 ]; then
425 LINE="$TESTS "
426 fi
427
428 LINE="$LINE$1"
Gilles Peskine231befa2020-08-26 20:05:11 +0200429 printf "%s " "$LINE"
Paul Bakkere20310a2016-05-10 11:18:17 +0100430 LEN=$(( 72 - `echo "$LINE" | wc -c` ))
Manuel Pégourié-Gonnardf46f1282014-12-11 11:51:28 +0100431 for i in `seq 1 $LEN`; do printf '.'; done
432 printf ' '
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +0100433
Manuel Pégourié-Gonnardf8bdbb52014-02-21 09:20:14 +0100434}
435
Gilles Peskine560280b2019-09-16 15:17:38 +0200436# record_outcome <outcome> [<failure-reason>]
437# The test name must be in $NAME.
438record_outcome() {
439 echo "$1"
440 if [ -n "$MBEDTLS_TEST_OUTCOME_FILE" ]; then
441 printf '%s;%s;%s;%s;%s;%s\n' \
442 "$MBEDTLS_TEST_PLATFORM" "$MBEDTLS_TEST_CONFIGURATION" \
443 "ssl-opt" "$NAME" \
444 "$1" "${2-}" \
445 >>"$MBEDTLS_TEST_OUTCOME_FILE"
446 fi
447}
448
Manuel Pégourié-Gonnardf8bdbb52014-02-21 09:20:14 +0100449# fail <message>
450fail() {
Gilles Peskine560280b2019-09-16 15:17:38 +0200451 record_outcome "FAIL" "$1"
Manuel Pégourié-Gonnard3eec6042014-02-27 15:37:24 +0100452 echo " ! $1"
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +0100453
Manuel Pégourié-Gonnardc2b00922014-08-31 16:46:04 +0200454 mv $SRV_OUT o-srv-${TESTS}.log
455 mv $CLI_OUT o-cli-${TESTS}.log
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200456 if [ -n "$PXY_CMD" ]; then
457 mv $PXY_OUT o-pxy-${TESTS}.log
458 fi
459 echo " ! outputs saved to o-XXX-${TESTS}.log"
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +0100460
Manuel Pégourié-Gonnard3f3302f2020-06-08 11:49:05 +0200461 if [ "${LOG_FAILURE_ON_STDOUT:-0}" != 0 ]; then
Manuel Pégourié-Gonnard7fa67722014-08-31 17:42:53 +0200462 echo " ! server output:"
463 cat o-srv-${TESTS}.log
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200464 echo " ! ========================================================"
Manuel Pégourié-Gonnard7fa67722014-08-31 17:42:53 +0200465 echo " ! client output:"
466 cat o-cli-${TESTS}.log
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200467 if [ -n "$PXY_CMD" ]; then
468 echo " ! ========================================================"
469 echo " ! proxy output:"
470 cat o-pxy-${TESTS}.log
471 fi
472 echo ""
Manuel Pégourié-Gonnard7fa67722014-08-31 17:42:53 +0200473 fi
474
Manuel Pégourié-Gonnard72e51ee2014-08-31 10:22:11 +0200475 FAILS=$(( $FAILS + 1 ))
Manuel Pégourié-Gonnardf8bdbb52014-02-21 09:20:14 +0100476}
477
Manuel Pégourié-Gonnard677884d2014-02-25 16:42:31 +0100478# is_polar <cmd_line>
479is_polar() {
Gilles Peskine64457492020-08-26 21:53:33 +0200480 case "$1" in
481 *ssl_client2*) true;;
482 *ssl_server2*) true;;
483 *) false;;
484 esac
Manuel Pégourié-Gonnard677884d2014-02-25 16:42:31 +0100485}
486
Manuel Pégourié-Gonnardfa60f122014-09-26 16:07:29 +0200487# openssl s_server doesn't have -www with DTLS
488check_osrv_dtls() {
Gilles Peskine64457492020-08-26 21:53:33 +0200489 case "$SRV_CMD" in
490 *s_server*-dtls*)
491 NEEDS_INPUT=1
492 SRV_CMD="$( echo $SRV_CMD | sed s/-www// )";;
493 *) NEEDS_INPUT=0;;
494 esac
Manuel Pégourié-Gonnardfa60f122014-09-26 16:07:29 +0200495}
496
497# provide input to commands that need it
498provide_input() {
499 if [ $NEEDS_INPUT -eq 0 ]; then
500 return
501 fi
502
503 while true; do
504 echo "HTTP/1.0 200 OK"
505 sleep 1
506 done
507}
508
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100509# has_mem_err <log_file_name>
510has_mem_err() {
511 if ( grep -F 'All heap blocks were freed -- no leaks are possible' "$1" &&
512 grep -F 'ERROR SUMMARY: 0 errors from 0 contexts' "$1" ) > /dev/null
513 then
514 return 1 # false: does not have errors
515 else
516 return 0 # true: has errors
517 fi
518}
519
Unknownd364f4c2019-09-02 10:42:57 -0400520# Wait for process $2 named $3 to be listening on port $1. Print error to $4.
Gilles Peskine418b5362017-12-14 18:58:42 +0100521if type lsof >/dev/null 2>/dev/null; then
Unknownd364f4c2019-09-02 10:42:57 -0400522 wait_app_start() {
Gilles Peskine418b5362017-12-14 18:58:42 +0100523 START_TIME=$(date +%s)
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +0200524 if [ "$DTLS" -eq 1 ]; then
Gilles Peskine418b5362017-12-14 18:58:42 +0100525 proto=UDP
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +0200526 else
Gilles Peskine418b5362017-12-14 18:58:42 +0100527 proto=TCP
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +0200528 fi
Gilles Peskine418b5362017-12-14 18:58:42 +0100529 # Make a tight loop, server normally takes less than 1s to start.
530 while ! lsof -a -n -b -i "$proto:$1" -p "$2" >/dev/null 2>/dev/null; do
531 if [ $(( $(date +%s) - $START_TIME )) -gt $DOG_DELAY ]; then
Unknownd364f4c2019-09-02 10:42:57 -0400532 echo "$3 START TIMEOUT"
533 echo "$3 START TIMEOUT" >> $4
Gilles Peskine418b5362017-12-14 18:58:42 +0100534 break
535 fi
536 # Linux and *BSD support decimal arguments to sleep. On other
537 # OSes this may be a tight loop.
538 sleep 0.1 2>/dev/null || true
539 done
540 }
541else
Unknownd364f4c2019-09-02 10:42:57 -0400542 echo "Warning: lsof not available, wait_app_start = sleep"
543 wait_app_start() {
Manuel Pégourié-Gonnard0c1ec472014-06-20 18:41:11 +0200544 sleep "$START_DELAY"
Gilles Peskine418b5362017-12-14 18:58:42 +0100545 }
546fi
Manuel Pégourié-Gonnard0c1ec472014-06-20 18:41:11 +0200547
Unknownd364f4c2019-09-02 10:42:57 -0400548# Wait for server process $2 to be listening on port $1.
549wait_server_start() {
550 wait_app_start $1 $2 "SERVER" $SRV_OUT
551}
552
553# Wait for proxy process $2 to be listening on port $1.
554wait_proxy_start() {
555 wait_app_start $1 $2 "PROXY" $PXY_OUT
556}
557
Andres Amaya Garciab84c40b2017-09-06 15:44:01 +0100558# Given the client or server debug output, parse the unix timestamp that is
Andres Amaya Garcia3b1bdff2017-09-14 12:41:29 +0100559# included in the first 4 bytes of the random bytes and check that it's within
Andres Amaya Garciab84c40b2017-09-06 15:44:01 +0100560# acceptable bounds
561check_server_hello_time() {
562 # Extract the time from the debug (lvl 3) output of the client
Andres Amaya Garcia67d8da52017-09-15 15:49:24 +0100563 SERVER_HELLO_TIME="$(sed -n 's/.*server hello, current time: //p' < "$1")"
Andres Amaya Garciab84c40b2017-09-06 15:44:01 +0100564 # Get the Unix timestamp for now
565 CUR_TIME=$(date +'%s')
566 THRESHOLD_IN_SECS=300
567
568 # Check if the ServerHello time was printed
569 if [ -z "$SERVER_HELLO_TIME" ]; then
570 return 1
571 fi
572
573 # Check the time in ServerHello is within acceptable bounds
574 if [ $SERVER_HELLO_TIME -lt $(( $CUR_TIME - $THRESHOLD_IN_SECS )) ]; then
575 # The time in ServerHello is at least 5 minutes before now
576 return 1
577 elif [ $SERVER_HELLO_TIME -gt $(( $CUR_TIME + $THRESHOLD_IN_SECS )) ]; then
Andres Amaya Garcia3b1bdff2017-09-14 12:41:29 +0100578 # The time in ServerHello is at least 5 minutes later than now
Andres Amaya Garciab84c40b2017-09-06 15:44:01 +0100579 return 1
580 else
581 return 0
582 fi
583}
584
Piotr Nowicki0937ed22019-11-26 16:32:40 +0100585# Get handshake memory usage from server or client output and put it into the variable specified by the first argument
586handshake_memory_get() {
587 OUTPUT_VARIABLE="$1"
588 OUTPUT_FILE="$2"
589
590 # Get memory usage from a pattern like "Heap memory usage after handshake: 23112 bytes. Peak memory usage was 33112"
591 MEM_USAGE=$(sed -n 's/.*Heap memory usage after handshake: //p' < "$OUTPUT_FILE" | grep -o "[0-9]*" | head -1)
592
593 # Check if memory usage was read
594 if [ -z "$MEM_USAGE" ]; then
595 echo "Error: Can not read the value of handshake memory usage"
596 return 1
597 else
598 eval "$OUTPUT_VARIABLE=$MEM_USAGE"
599 return 0
600 fi
601}
602
603# Get handshake memory usage from server or client output and check if this value
604# is not higher than the maximum given by the first argument
605handshake_memory_check() {
606 MAX_MEMORY="$1"
607 OUTPUT_FILE="$2"
608
609 # Get memory usage
610 if ! handshake_memory_get "MEMORY_USAGE" "$OUTPUT_FILE"; then
611 return 1
612 fi
613
614 # Check if memory usage is below max value
615 if [ "$MEMORY_USAGE" -gt "$MAX_MEMORY" ]; then
616 echo "\nFailed: Handshake memory usage was $MEMORY_USAGE bytes," \
617 "but should be below $MAX_MEMORY bytes"
618 return 1
619 else
620 return 0
621 fi
622}
623
Manuel Pégourié-Gonnardc0f6a692014-08-30 22:41:47 +0200624# wait for client to terminate and set CLI_EXIT
625# must be called right after starting the client
626wait_client_done() {
627 CLI_PID=$!
628
Manuel Pégourié-Gonnarda0719722014-09-20 12:46:27 +0200629 CLI_DELAY=$(( $DOG_DELAY * $CLI_DELAY_FACTOR ))
630 CLI_DELAY_FACTOR=1
631
Manuel Pégourié-Gonnarda365add2015-08-04 20:57:59 +0200632 ( sleep $CLI_DELAY; echo "===CLIENT_TIMEOUT===" >> $CLI_OUT; kill $CLI_PID ) &
Manuel Pégourié-Gonnarda6189f02014-09-20 13:15:43 +0200633 DOG_PID=$!
Manuel Pégourié-Gonnardc0f6a692014-08-30 22:41:47 +0200634
635 wait $CLI_PID
636 CLI_EXIT=$?
637
Manuel Pégourié-Gonnarda6189f02014-09-20 13:15:43 +0200638 kill $DOG_PID >/dev/null 2>&1
639 wait $DOG_PID
Manuel Pégourié-Gonnardc0f6a692014-08-30 22:41:47 +0200640
641 echo "EXIT: $CLI_EXIT" >> $CLI_OUT
Janos Follath74537a62016-09-02 13:45:28 +0100642
643 sleep $SRV_DELAY_SECONDS
644 SRV_DELAY_SECONDS=0
Manuel Pégourié-Gonnardc0f6a692014-08-30 22:41:47 +0200645}
646
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +0200647# check if the given command uses dtls and sets global variable DTLS
648detect_dtls() {
Gilles Peskine64457492020-08-26 21:53:33 +0200649 case "$1" in
650 *dtls=1*|-dtls|-u) DTLS=1;;
651 *) DTLS=0;;
652 esac
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +0200653}
654
Dave Rodgman0279c2f2021-02-10 12:45:41 +0000655# check if the given command uses gnutls and sets global variable CMD_IS_GNUTLS
656is_gnutls() {
657 case "$1" in
658 *gnutls-cli*)
659 CMD_IS_GNUTLS=1
660 ;;
661 *gnutls-serv*)
662 CMD_IS_GNUTLS=1
663 ;;
664 *)
665 CMD_IS_GNUTLS=0
666 ;;
667 esac
668}
669
Johan Pascal9bc50b02020-09-24 12:01:13 +0200670# Compare file content
671# Usage: find_in_both pattern file1 file2
672# extract from file1 the first line matching the pattern
673# check in file2 that the same line can be found
674find_in_both() {
675 srv_pattern=$(grep -m 1 "$1" "$2");
676 if [ -z "$srv_pattern" ]; then
677 return 1;
678 fi
679
680 if grep "$srv_pattern" $3 >/dev/null; then :
Johan Pascal10403152020-10-09 20:43:51 +0200681 return 0;
Johan Pascal9bc50b02020-09-24 12:01:13 +0200682 else
683 return 1;
684 fi
685}
686
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200687# Usage: run_test name [-p proxy_cmd] srv_cmd cli_cmd cli_exit [option [...]]
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100688# Options: -s pattern pattern that must be present in server output
689# -c pattern pattern that must be present in client output
Simon Butcher8e004102016-10-14 00:48:33 +0100690# -u pattern lines after pattern must be unique in client output
Andres Amaya Garcia93993de2017-09-06 15:38:07 +0100691# -f call shell function on client output
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100692# -S pattern pattern that must be absent in server output
693# -C pattern pattern that must be absent in client output
Simon Butcher8e004102016-10-14 00:48:33 +0100694# -U pattern lines after pattern must be unique in server output
Andres Amaya Garcia93993de2017-09-06 15:38:07 +0100695# -F call shell function on server output
Johan Pascal9bc50b02020-09-24 12:01:13 +0200696# -g call shell function on server and client output
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100697run_test() {
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +0100698 NAME="$1"
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200699 shift 1
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +0100700
Gilles Peskine9fa4ed62020-08-26 22:35:46 +0200701 if is_excluded "$NAME"; then
Manuel Pégourié-Gonnard74a13782014-10-14 22:34:08 +0200702 SKIP_NEXT="NO"
Gilles Peskine560280b2019-09-16 15:17:38 +0200703 # There was no request to run the test, so don't record its outcome.
Manuel Pégourié-Gonnard417d46c2014-03-13 19:17:53 +0100704 return
705 fi
706
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +0100707 print_name "$NAME"
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100708
Paul Bakkerb7584a52016-05-10 10:50:43 +0100709 # Do we only run numbered tests?
Gilles Peskine64457492020-08-26 21:53:33 +0200710 if [ -n "$RUN_TEST_NUMBER" ]; then
711 case ",$RUN_TEST_NUMBER," in
712 *",$TESTS,"*) :;;
713 *) SKIP_NEXT="YES";;
714 esac
Paul Bakkerb7584a52016-05-10 10:50:43 +0100715 fi
716
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200717 # does this test use a proxy?
718 if [ "X$1" = "X-p" ]; then
719 PXY_CMD="$2"
720 shift 2
721 else
722 PXY_CMD=""
723 fi
724
725 # get commands and client output
726 SRV_CMD="$1"
727 CLI_CMD="$2"
728 CLI_EXPECT="$3"
729 shift 3
730
Hanno Becker91e72c32019-05-10 14:38:42 +0100731 # Check if test uses files
Gilles Peskine64457492020-08-26 21:53:33 +0200732 case "$SRV_CMD $CLI_CMD" in
733 *data_files/*)
734 requires_config_enabled MBEDTLS_FS_IO;;
735 esac
Hanno Becker91e72c32019-05-10 14:38:42 +0100736
Gilles Peskine0d721652020-06-26 23:35:53 +0200737 # If the client or serve requires a ciphersuite, check that it's enabled.
738 maybe_requires_ciphersuite_enabled "$SRV_CMD" "$@"
739 maybe_requires_ciphersuite_enabled "$CLI_CMD" "$@"
Hanno Becker9d76d562018-11-16 17:27:29 +0000740
741 # should we skip?
742 if [ "X$SKIP_NEXT" = "XYES" ]; then
743 SKIP_NEXT="NO"
Gilles Peskine560280b2019-09-16 15:17:38 +0200744 record_outcome "SKIP"
Hanno Becker9d76d562018-11-16 17:27:29 +0000745 SKIPS=$(( $SKIPS + 1 ))
746 return
747 fi
748
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +0200749 # update DTLS variable
750 detect_dtls "$SRV_CMD"
751
Manuel Pégourié-Gonnardf4557862020-06-08 11:40:06 +0200752 # if the test uses DTLS but no custom proxy, add a simple proxy
753 # as it provides timing info that's useful to debug failures
Manuel Pégourié-Gonnard70fce982020-06-25 09:54:46 +0200754 if [ -z "$PXY_CMD" ] && [ "$DTLS" -eq 1 ]; then
Manuel Pégourié-Gonnardf4557862020-06-08 11:40:06 +0200755 PXY_CMD="$P_PXY"
Manuel Pégourié-Gonnard8779e9a2020-07-16 10:19:32 +0200756 case " $SRV_CMD " in
757 *' server_addr=::1 '*)
758 PXY_CMD="$PXY_CMD server_addr=::1 listen_addr=::1";;
759 esac
Manuel Pégourié-Gonnardf4557862020-06-08 11:40:06 +0200760 fi
761
Dave Rodgman0279c2f2021-02-10 12:45:41 +0000762 # update CMD_IS_GNUTLS variable
763 is_gnutls "$SRV_CMD"
764
765 # if the server uses gnutls but doesn't set priority, explicitly
766 # set the default priority
767 if [ "$CMD_IS_GNUTLS" -eq 1 ]; then
768 case "$SRV_CMD" in
769 *--priority*) :;;
770 *) SRV_CMD="$SRV_CMD --priority=NORMAL";;
771 esac
772 fi
773
774 # update CMD_IS_GNUTLS variable
775 is_gnutls "$CLI_CMD"
776
777 # if the client uses gnutls but doesn't set priority, explicitly
778 # set the default priority
779 if [ "$CMD_IS_GNUTLS" -eq 1 ]; then
780 case "$CLI_CMD" in
781 *--priority*) :;;
782 *) CLI_CMD="$CLI_CMD --priority=NORMAL";;
783 esac
784 fi
785
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100786 # fix client port
787 if [ -n "$PXY_CMD" ]; then
Manuel Pégourié-Gonnard6f4fbbb2014-08-14 14:31:29 +0200788 CLI_CMD=$( echo "$CLI_CMD" | sed s/+SRV_PORT/$PXY_PORT/g )
789 else
790 CLI_CMD=$( echo "$CLI_CMD" | sed s/+SRV_PORT/$SRV_PORT/g )
791 fi
Manuel Pégourié-Gonnard72e51ee2014-08-31 10:22:11 +0200792
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100793 # prepend valgrind to our commands if active
794 if [ "$MEMCHECK" -gt 0 ]; then
795 if is_polar "$SRV_CMD"; then
796 SRV_CMD="valgrind --leak-check=full $SRV_CMD"
797 fi
798 if is_polar "$CLI_CMD"; then
799 CLI_CMD="valgrind --leak-check=full $CLI_CMD"
800 fi
801 fi
802
Manuel Pégourié-Gonnarda365add2015-08-04 20:57:59 +0200803 TIMES_LEFT=2
804 while [ $TIMES_LEFT -gt 0 ]; do
Manuel Pégourié-Gonnardab5f7b42015-08-04 21:01:37 +0200805 TIMES_LEFT=$(( $TIMES_LEFT - 1 ))
Manuel Pégourié-Gonnarda365add2015-08-04 20:57:59 +0200806
Manuel Pégourié-Gonnardab5f7b42015-08-04 21:01:37 +0200807 # run the commands
808 if [ -n "$PXY_CMD" ]; then
Manuel Pégourié-Gonnarda3b994f2020-07-27 09:45:32 +0200809 printf "# %s\n%s\n" "$NAME" "$PXY_CMD" > $PXY_OUT
Manuel Pégourié-Gonnardab5f7b42015-08-04 21:01:37 +0200810 $PXY_CMD >> $PXY_OUT 2>&1 &
811 PXY_PID=$!
Unknownd364f4c2019-09-02 10:42:57 -0400812 wait_proxy_start "$PXY_PORT" "$PXY_PID"
Manuel Pégourié-Gonnardab5f7b42015-08-04 21:01:37 +0200813 fi
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200814
Manuel Pégourié-Gonnardab5f7b42015-08-04 21:01:37 +0200815 check_osrv_dtls
Gilles Peskine231befa2020-08-26 20:05:11 +0200816 printf '# %s\n%s\n' "$NAME" "$SRV_CMD" > $SRV_OUT
Manuel Pégourié-Gonnardab5f7b42015-08-04 21:01:37 +0200817 provide_input | $SRV_CMD >> $SRV_OUT 2>&1 &
818 SRV_PID=$!
Gilles Peskine418b5362017-12-14 18:58:42 +0100819 wait_server_start "$SRV_PORT" "$SRV_PID"
Manuel Pégourié-Gonnardc0f6a692014-08-30 22:41:47 +0200820
Gilles Peskine231befa2020-08-26 20:05:11 +0200821 printf '# %s\n%s\n' "$NAME" "$CLI_CMD" > $CLI_OUT
Manuel Pégourié-Gonnardab5f7b42015-08-04 21:01:37 +0200822 eval "$CLI_CMD" >> $CLI_OUT 2>&1 &
823 wait_client_done
Manuel Pégourié-Gonnarde01af4c2014-03-25 14:16:44 +0100824
Hanno Beckercadb5bb2017-05-26 13:56:10 +0100825 sleep 0.05
826
Manuel Pégourié-Gonnardab5f7b42015-08-04 21:01:37 +0200827 # terminate the server (and the proxy)
828 kill $SRV_PID
829 wait $SRV_PID
Gilles Peskine7f919de2021-02-02 23:29:03 +0100830 SRV_RET=$?
Hanno Beckerd82d8462017-05-29 21:37:46 +0100831
Manuel Pégourié-Gonnardab5f7b42015-08-04 21:01:37 +0200832 if [ -n "$PXY_CMD" ]; then
833 kill $PXY_PID >/dev/null 2>&1
834 wait $PXY_PID
835 fi
Manuel Pégourié-Gonnard677884d2014-02-25 16:42:31 +0100836
Manuel Pégourié-Gonnardab5f7b42015-08-04 21:01:37 +0200837 # retry only on timeouts
838 if grep '===CLIENT_TIMEOUT===' $CLI_OUT >/dev/null; then
839 printf "RETRY "
840 else
841 TIMES_LEFT=0
842 fi
Manuel Pégourié-Gonnarda365add2015-08-04 20:57:59 +0200843 done
844
Manuel Pégourié-Gonnard677884d2014-02-25 16:42:31 +0100845 # check if the client and server went at least to the handshake stage
Paul Bakker1ebc0c52014-05-22 15:47:58 +0200846 # (useful to avoid tests with only negative assertions and non-zero
Manuel Pégourié-Gonnard677884d2014-02-25 16:42:31 +0100847 # expected client exit to incorrectly succeed in case of catastrophic
848 # failure)
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +0100849 if is_polar "$SRV_CMD"; then
Manuel Pégourié-Gonnardbc3b16c2014-05-28 23:06:50 +0200850 if grep "Performing the SSL/TLS handshake" $SRV_OUT >/dev/null; then :;
Manuel Pégourié-Gonnard677884d2014-02-25 16:42:31 +0100851 else
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +0100852 fail "server or client failed to reach handshake stage"
Manuel Pégourié-Gonnard677884d2014-02-25 16:42:31 +0100853 return
854 fi
855 fi
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +0100856 if is_polar "$CLI_CMD"; then
Manuel Pégourié-Gonnardbc3b16c2014-05-28 23:06:50 +0200857 if grep "Performing the SSL/TLS handshake" $CLI_OUT >/dev/null; then :;
Manuel Pégourié-Gonnard677884d2014-02-25 16:42:31 +0100858 else
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +0100859 fail "server or client failed to reach handshake stage"
Manuel Pégourié-Gonnard677884d2014-02-25 16:42:31 +0100860 return
861 fi
862 fi
863
Gilles Peskineaaf866e2021-02-09 21:01:33 +0100864 # Check server exit code (only for Mbed TLS: GnuTLS and OpenSSL don't
865 # exit with status 0 when interrupted by a signal, and we don't really
866 # care anyway), in case e.g. the server reports a memory leak.
867 if [ $SRV_RET != 0 ] && is_polar "$SRV_CMD"; then
Gilles Peskine7f919de2021-02-02 23:29:03 +0100868 fail "Server exited with status $SRV_RET"
Manuel Pégourié-Gonnardf8bdbb52014-02-21 09:20:14 +0100869 return
870 fi
871
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100872 # check client exit code
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +0100873 if [ \( "$CLI_EXPECT" = 0 -a "$CLI_EXIT" != 0 \) -o \
874 \( "$CLI_EXPECT" != 0 -a "$CLI_EXIT" = 0 \) ]
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +0100875 then
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200876 fail "bad client exit code (expected $CLI_EXPECT, got $CLI_EXIT)"
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100877 return
878 fi
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100879
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100880 # check other assertions
Manuel Pégourié-Gonnard480905d2014-08-21 19:38:32 +0200881 # lines beginning with == are added by valgrind, ignore them
Paul Bakker1f650922016-05-13 10:16:46 +0100882 # lines with 'Serious error when reading debug info', are valgrind issues as well
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100883 while [ $# -gt 0 ]
884 do
885 case $1 in
886 "-s")
Paul Bakker1f650922016-05-13 10:16:46 +0100887 if grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then :; else
Simon Butcher8e004102016-10-14 00:48:33 +0100888 fail "pattern '$2' MUST be present in the Server output"
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100889 return
890 fi
891 ;;
892
893 "-c")
Paul Bakker1f650922016-05-13 10:16:46 +0100894 if grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then :; else
Simon Butcher8e004102016-10-14 00:48:33 +0100895 fail "pattern '$2' MUST be present in the Client output"
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100896 return
897 fi
898 ;;
899
900 "-S")
Paul Bakker1f650922016-05-13 10:16:46 +0100901 if grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then
Simon Butcher8e004102016-10-14 00:48:33 +0100902 fail "pattern '$2' MUST NOT be present in the Server output"
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100903 return
904 fi
905 ;;
906
907 "-C")
Paul Bakker1f650922016-05-13 10:16:46 +0100908 if grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then
Simon Butcher8e004102016-10-14 00:48:33 +0100909 fail "pattern '$2' MUST NOT be present in the Client output"
910 return
911 fi
912 ;;
913
914 # The filtering in the following two options (-u and -U) do the following
915 # - ignore valgrind output
Antonin Décimo36e89b52019-01-23 15:24:37 +0100916 # - filter out everything but lines right after the pattern occurrences
Simon Butcher8e004102016-10-14 00:48:33 +0100917 # - keep one of each non-unique line
918 # - count how many lines remain
919 # A line with '--' will remain in the result from previous outputs, so the number of lines in the result will be 1
920 # if there were no duplicates.
921 "-U")
922 if [ $(grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep -A1 "$2" | grep -v "$2" | sort | uniq -d | wc -l) -gt 1 ]; then
923 fail "lines following pattern '$2' must be unique in Server output"
924 return
925 fi
926 ;;
927
928 "-u")
929 if [ $(grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep -A1 "$2" | grep -v "$2" | sort | uniq -d | wc -l) -gt 1 ]; then
930 fail "lines following pattern '$2' must be unique in Client output"
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100931 return
932 fi
933 ;;
Andres Amaya Garcia93993de2017-09-06 15:38:07 +0100934 "-F")
935 if ! $2 "$SRV_OUT"; then
936 fail "function call to '$2' failed on Server output"
937 return
938 fi
939 ;;
940 "-f")
941 if ! $2 "$CLI_OUT"; then
942 fail "function call to '$2' failed on Client output"
943 return
944 fi
945 ;;
Johan Pascal9bc50b02020-09-24 12:01:13 +0200946 "-g")
947 if ! eval "$2 '$SRV_OUT' '$CLI_OUT'"; then
948 fail "function call to '$2' failed on Server and Client output"
949 return
950 fi
951 ;;
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100952
953 *)
Paul Bakker1ebc0c52014-05-22 15:47:58 +0200954 echo "Unknown test: $1" >&2
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100955 exit 1
956 esac
957 shift 2
958 done
959
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100960 # check valgrind's results
961 if [ "$MEMCHECK" -gt 0 ]; then
Manuel Pégourié-Gonnardbc3b16c2014-05-28 23:06:50 +0200962 if is_polar "$SRV_CMD" && has_mem_err $SRV_OUT; then
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100963 fail "Server has memory errors"
964 return
965 fi
Manuel Pégourié-Gonnardbc3b16c2014-05-28 23:06:50 +0200966 if is_polar "$CLI_CMD" && has_mem_err $CLI_OUT; then
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100967 fail "Client has memory errors"
968 return
969 fi
970 fi
971
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100972 # if we're here, everything is ok
Gilles Peskine560280b2019-09-16 15:17:38 +0200973 record_outcome "PASS"
Paul Bakkeracaac852016-05-10 11:47:13 +0100974 if [ "$PRESERVE_LOGS" -gt 0 ]; then
975 mv $SRV_OUT o-srv-${TESTS}.log
976 mv $CLI_OUT o-cli-${TESTS}.log
Hanno Becker7be2e5b2018-08-20 12:21:35 +0100977 if [ -n "$PXY_CMD" ]; then
978 mv $PXY_OUT o-pxy-${TESTS}.log
979 fi
Paul Bakkeracaac852016-05-10 11:47:13 +0100980 fi
981
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200982 rm -f $SRV_OUT $CLI_OUT $PXY_OUT
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100983}
984
Hanno Becker9b5853c2018-11-16 17:28:40 +0000985run_test_psa() {
986 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
Hanno Beckere9420c22018-11-20 11:37:34 +0000987 run_test "PSA-supported ciphersuite: $1" \
Hanno Becker4c8c7aa2019-04-10 09:25:41 +0100988 "$P_SRV debug_level=3 force_version=tls1_2" \
989 "$P_CLI debug_level=3 force_version=tls1_2 force_ciphersuite=$1" \
Hanno Becker9b5853c2018-11-16 17:28:40 +0000990 0 \
991 -c "Successfully setup PSA-based decryption cipher context" \
992 -c "Successfully setup PSA-based encryption cipher context" \
Andrzej Kurek683d77e2019-01-30 03:50:42 -0500993 -c "PSA calc verify" \
Andrzej Kurek92dd4d02019-01-30 04:10:19 -0500994 -c "calc PSA finished" \
Hanno Becker9b5853c2018-11-16 17:28:40 +0000995 -s "Successfully setup PSA-based decryption cipher context" \
996 -s "Successfully setup PSA-based encryption cipher context" \
Andrzej Kurek683d77e2019-01-30 03:50:42 -0500997 -s "PSA calc verify" \
Andrzej Kurek92dd4d02019-01-30 04:10:19 -0500998 -s "calc PSA finished" \
Hanno Becker9b5853c2018-11-16 17:28:40 +0000999 -C "Failed to setup PSA-based cipher context"\
1000 -S "Failed to setup PSA-based cipher context"\
1001 -s "Protocol is TLSv1.2" \
Hanno Becker28f78442019-02-18 16:47:50 +00001002 -c "Perform PSA-based ECDH computation."\
Andrzej Kureke85414e2019-01-15 05:23:59 -05001003 -c "Perform PSA-based computation of digest of ServerKeyExchange" \
Hanno Becker9b5853c2018-11-16 17:28:40 +00001004 -S "error" \
1005 -C "error"
1006}
1007
Hanno Becker354e2482019-01-08 11:40:25 +00001008run_test_psa_force_curve() {
1009 requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
1010 run_test "PSA - ECDH with $1" \
1011 "$P_SRV debug_level=4 force_version=tls1_2" \
1012 "$P_CLI debug_level=4 force_version=tls1_2 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 curves=$1" \
1013 0 \
Hanno Becker28f78442019-02-18 16:47:50 +00001014 -c "Successfully setup PSA-based decryption cipher context" \
1015 -c "Successfully setup PSA-based encryption cipher context" \
1016 -c "PSA calc verify" \
1017 -c "calc PSA finished" \
1018 -s "Successfully setup PSA-based decryption cipher context" \
1019 -s "Successfully setup PSA-based encryption cipher context" \
1020 -s "PSA calc verify" \
1021 -s "calc PSA finished" \
1022 -C "Failed to setup PSA-based cipher context"\
1023 -S "Failed to setup PSA-based cipher context"\
Hanno Becker354e2482019-01-08 11:40:25 +00001024 -s "Protocol is TLSv1.2" \
Hanno Becker28f78442019-02-18 16:47:50 +00001025 -c "Perform PSA-based ECDH computation."\
Manuel Pégourié-Gonnarda9062e92014-02-25 16:21:22 +01001026 -c "Perform PSA-based computation of digest of ServerKeyExchange" \
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +02001027 -S "error" \
Manuel Pégourié-Gonnarda6189f02014-09-20 13:15:43 +02001028 -C "error"
1029}
1030
Piotr Nowicki0937ed22019-11-26 16:32:40 +01001031# Test that the server's memory usage after a handshake is reduced when a client specifies
1032# a maximum fragment length.
1033# first argument ($1) is MFL for SSL client
1034# second argument ($2) is memory usage for SSL client with default MFL (16k)
1035run_test_memory_after_hanshake_with_mfl()
1036{
1037 # The test passes if the difference is around 2*(16k-MFL)
Gilles Peskine5b428d72020-08-26 21:52:23 +02001038 MEMORY_USAGE_LIMIT="$(( $2 - ( 2 * ( 16384 - $1 )) ))"
Piotr Nowicki0937ed22019-11-26 16:32:40 +01001039
1040 # Leave some margin for robustness
1041 MEMORY_USAGE_LIMIT="$(( ( MEMORY_USAGE_LIMIT * 110 ) / 100 ))"
1042
1043 run_test "Handshake memory usage (MFL $1)" \
1044 "$P_SRV debug_level=3 auth_mode=required force_version=tls1_2" \
1045 "$P_CLI debug_level=3 force_version=tls1_2 \
1046 crt_file=data_files/server5.crt key_file=data_files/server5.key \
1047 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM max_frag_len=$1" \
1048 0 \
1049 -F "handshake_memory_check $MEMORY_USAGE_LIMIT"
1050}
1051
1052
1053# Test that the server's memory usage after a handshake is reduced when a client specifies
1054# different values of Maximum Fragment Length: default (16k), 4k, 2k, 1k and 512 bytes
1055run_tests_memory_after_hanshake()
1056{
1057 # all tests in this sequence requires the same configuration (see requires_config_enabled())
1058 SKIP_THIS_TESTS="$SKIP_NEXT"
1059
1060 # first test with default MFU is to get reference memory usage
1061 MEMORY_USAGE_MFL_16K=0
1062 run_test "Handshake memory usage initial (MFL 16384 - default)" \
1063 "$P_SRV debug_level=3 auth_mode=required force_version=tls1_2" \
1064 "$P_CLI debug_level=3 force_version=tls1_2 \
1065 crt_file=data_files/server5.crt key_file=data_files/server5.key \
1066 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM" \
1067 0 \
1068 -F "handshake_memory_get MEMORY_USAGE_MFL_16K"
1069
1070 SKIP_NEXT="$SKIP_THIS_TESTS"
1071 run_test_memory_after_hanshake_with_mfl 4096 "$MEMORY_USAGE_MFL_16K"
1072
1073 SKIP_NEXT="$SKIP_THIS_TESTS"
1074 run_test_memory_after_hanshake_with_mfl 2048 "$MEMORY_USAGE_MFL_16K"
1075
1076 SKIP_NEXT="$SKIP_THIS_TESTS"
1077 run_test_memory_after_hanshake_with_mfl 1024 "$MEMORY_USAGE_MFL_16K"
1078
1079 SKIP_NEXT="$SKIP_THIS_TESTS"
1080 run_test_memory_after_hanshake_with_mfl 512 "$MEMORY_USAGE_MFL_16K"
1081}
1082
Manuel Pégourié-Gonnarda9062e92014-02-25 16:21:22 +01001083cleanup() {
Manuel Pégourié-Gonnardbc3b16c2014-05-28 23:06:50 +02001084 rm -f $CLI_OUT $SRV_OUT $PXY_OUT $SESSION
Piotr Nowicki3de298f2020-04-16 14:35:19 +02001085 rm -f context_srv.txt
1086 rm -f context_cli.txt
Manuel Pégourié-Gonnarda6189f02014-09-20 13:15:43 +02001087 test -n "${SRV_PID:-}" && kill $SRV_PID >/dev/null 2>&1
1088 test -n "${PXY_PID:-}" && kill $PXY_PID >/dev/null 2>&1
1089 test -n "${CLI_PID:-}" && kill $CLI_PID >/dev/null 2>&1
1090 test -n "${DOG_PID:-}" && kill $DOG_PID >/dev/null 2>&1
Manuel Pégourié-Gonnarda9062e92014-02-25 16:21:22 +01001091 exit 1
1092}
1093
Manuel Pégourié-Gonnard9dea8bd2014-02-26 18:21:02 +01001094#
1095# MAIN
1096#
1097
Manuel Pégourié-Gonnard913030c2014-03-28 10:12:38 +01001098get_options "$@"
1099
Gilles Peskine9fa4ed62020-08-26 22:35:46 +02001100# Optimize filters: if $FILTER and $EXCLUDE can be expressed as shell
1101# patterns rather than regular expressions, use a case statement instead
1102# of calling grep. To keep the optimizer simple, it is incomplete and only
1103# detects simple cases: plain substring, everything, nothing.
1104#
1105# As an exception, the character '.' is treated as an ordinary character
1106# if it is the only special character in the string. This is because it's
1107# rare to need "any one character", but needing a literal '.' is common
1108# (e.g. '-f "DTLS 1.2"').
1109need_grep=
1110case "$FILTER" in
1111 '^$') simple_filter=;;
1112 '.*') simple_filter='*';;
Gilles Peskineb09e0012020-09-29 23:48:39 +02001113 *[][$+*?\\^{\|}]*) # Regexp special characters (other than .), we need grep
Gilles Peskine9fa4ed62020-08-26 22:35:46 +02001114 need_grep=1;;
1115 *) # No regexp or shell-pattern special character
1116 simple_filter="*$FILTER*";;
1117esac
1118case "$EXCLUDE" in
1119 '^$') simple_exclude=;;
1120 '.*') simple_exclude='*';;
Gilles Peskineb09e0012020-09-29 23:48:39 +02001121 *[][$+*?\\^{\|}]*) # Regexp special characters (other than .), we need grep
Gilles Peskine9fa4ed62020-08-26 22:35:46 +02001122 need_grep=1;;
1123 *) # No regexp or shell-pattern special character
1124 simple_exclude="*$EXCLUDE*";;
1125esac
1126if [ -n "$need_grep" ]; then
1127 is_excluded () {
1128 ! echo "$1" | grep "$FILTER" | grep -q -v "$EXCLUDE"
1129 }
1130else
1131 is_excluded () {
1132 case "$1" in
1133 $simple_exclude) true;;
1134 $simple_filter) false;;
1135 *) true;;
1136 esac
1137 }
1138fi
1139
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +01001140# sanity checks, avoid an avalanche of errors
Hanno Becker4ac73e72017-10-23 15:27:37 +01001141P_SRV_BIN="${P_SRV%%[ ]*}"
1142P_CLI_BIN="${P_CLI%%[ ]*}"
1143P_PXY_BIN="${P_PXY%%[ ]*}"
Hanno Becker17c04932017-10-10 14:44:53 +01001144if [ ! -x "$P_SRV_BIN" ]; then
1145 echo "Command '$P_SRV_BIN' is not an executable file"
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +01001146 exit 1
1147fi
Hanno Becker17c04932017-10-10 14:44:53 +01001148if [ ! -x "$P_CLI_BIN" ]; then
1149 echo "Command '$P_CLI_BIN' is not an executable file"
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +01001150 exit 1
1151fi
Hanno Becker17c04932017-10-10 14:44:53 +01001152if [ ! -x "$P_PXY_BIN" ]; then
1153 echo "Command '$P_PXY_BIN' is not an executable file"
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +02001154 exit 1
1155fi
Simon Butcher3c0d7b82016-05-23 11:13:17 +01001156if [ "$MEMCHECK" -gt 0 ]; then
1157 if which valgrind >/dev/null 2>&1; then :; else
1158 echo "Memcheck not possible. Valgrind not found"
1159 exit 1
1160 fi
1161fi
Manuel Pégourié-Gonnard74faf3c2014-03-13 18:47:44 +01001162if which $OPENSSL_CMD >/dev/null 2>&1; then :; else
1163 echo "Command '$OPENSSL_CMD' not found"
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +01001164 exit 1
1165fi
1166
Manuel Pégourié-Gonnard32f8f4d2014-05-29 11:31:20 +02001167# used by watchdog
1168MAIN_PID="$$"
1169
Manuel Pégourié-Gonnard0d225da2018-01-22 10:22:09 +01001170# We use somewhat arbitrary delays for tests:
1171# - how long do we wait for the server to start (when lsof not available)?
1172# - how long do we allow for the client to finish?
1173# (not to check performance, just to avoid waiting indefinitely)
1174# Things are slower with valgrind, so give extra time here.
1175#
1176# Note: without lsof, there is a trade-off between the running time of this
1177# script and the risk of spurious errors because we didn't wait long enough.
1178# The watchdog delay on the other hand doesn't affect normal running time of
1179# the script, only the case where a client or server gets stuck.
Manuel Pégourié-Gonnard0c1ec472014-06-20 18:41:11 +02001180if [ "$MEMCHECK" -gt 0 ]; then
Manuel Pégourié-Gonnard0d225da2018-01-22 10:22:09 +01001181 START_DELAY=6
1182 DOG_DELAY=60
Manuel Pégourié-Gonnard0c1ec472014-06-20 18:41:11 +02001183else
Manuel Pégourié-Gonnard0d225da2018-01-22 10:22:09 +01001184 START_DELAY=2
1185 DOG_DELAY=20
Manuel Pégourié-Gonnard0c1ec472014-06-20 18:41:11 +02001186fi
Manuel Pégourié-Gonnard0d225da2018-01-22 10:22:09 +01001187
1188# some particular tests need more time:
1189# - for the client, we multiply the usual watchdog limit by a factor
1190# - for the server, we sleep for a number of seconds after the client exits
1191# see client_need_more_time() and server_needs_more_time()
Manuel Pégourié-Gonnarda0719722014-09-20 12:46:27 +02001192CLI_DELAY_FACTOR=1
Janos Follath74537a62016-09-02 13:45:28 +01001193SRV_DELAY_SECONDS=0
Manuel Pégourié-Gonnard0c1ec472014-06-20 18:41:11 +02001194
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02001195# fix commands to use this port, force IPv4 while at it
Manuel Pégourié-Gonnard0af1ba32015-01-21 11:44:33 +00001196# +SRV_PORT will be replaced by either $SRV_PORT or $PXY_PORT later
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +02001197P_SRV="$P_SRV server_addr=127.0.0.1 server_port=$SRV_PORT"
1198P_CLI="$P_CLI server_addr=127.0.0.1 server_port=+SRV_PORT"
Andres AGf04f54d2016-10-10 15:46:20 +01001199P_PXY="$P_PXY server_addr=127.0.0.1 server_port=$SRV_PORT listen_addr=127.0.0.1 listen_port=$PXY_PORT ${SEED:+"seed=$SEED"}"
Manuel Pégourié-Gonnard61957672015-06-18 17:54:58 +02001200O_SRV="$O_SRV -accept $SRV_PORT -dhparam data_files/dhparams.pem"
Johan Pascal43f94902020-09-22 12:25:52 +02001201O_CLI="$O_CLI -connect localhost:+SRV_PORT"
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +02001202G_SRV="$G_SRV -p $SRV_PORT"
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02001203G_CLI="$G_CLI -p +SRV_PORT"
Manuel Pégourié-Gonnard8066b812014-05-28 22:59:30 +02001204
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02001205if [ -n "${OPENSSL_LEGACY:-}" ]; then
1206 O_LEGACY_SRV="$O_LEGACY_SRV -accept $SRV_PORT -dhparam data_files/dhparams.pem"
1207 O_LEGACY_CLI="$O_LEGACY_CLI -connect localhost:+SRV_PORT"
1208fi
1209
Hanno Becker58e9dc32018-08-17 15:53:21 +01001210if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02001211 G_NEXT_SRV="$G_NEXT_SRV -p $SRV_PORT"
1212fi
1213
Hanno Becker58e9dc32018-08-17 15:53:21 +01001214if [ -n "${GNUTLS_NEXT_CLI:-}" ]; then
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02001215 G_NEXT_CLI="$G_NEXT_CLI -p +SRV_PORT"
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02001216fi
Manuel Pégourié-Gonnardc1da6642014-02-25 14:18:30 +01001217
Gilles Peskine62469d92017-05-10 10:13:59 +02001218# Allow SHA-1, because many of our test certificates use it
1219P_SRV="$P_SRV allow_sha1=1"
1220P_CLI="$P_CLI allow_sha1=1"
1221
Manuel Pégourié-Gonnardbc3b16c2014-05-28 23:06:50 +02001222# Also pick a unique name for intermediate files
1223SRV_OUT="srv_out.$$"
1224CLI_OUT="cli_out.$$"
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +02001225PXY_OUT="pxy_out.$$"
Manuel Pégourié-Gonnardbc3b16c2014-05-28 23:06:50 +02001226SESSION="session.$$"
1227
Manuel Pégourié-Gonnard6f4fbbb2014-08-14 14:31:29 +02001228SKIP_NEXT="NO"
1229
Manuel Pégourié-Gonnardc1da6642014-02-25 14:18:30 +01001230trap cleanup INT TERM HUP
1231
Manuel Pégourié-Gonnarde73b2632014-07-12 04:00:00 +02001232# Basic test
1233
Manuel Pégourié-Gonnard480905d2014-08-21 19:38:32 +02001234# Checks that:
1235# - things work with all ciphersuites active (used with config-full in all.sh)
1236# - the expected (highest security) parameters are selected
1237# ("signature_algorithm ext: 6" means SHA-512 (highest common hash))
Manuel Pégourié-Gonnarde73b2632014-07-12 04:00:00 +02001238run_test "Default" \
Manuel Pégourié-Gonnard480905d2014-08-21 19:38:32 +02001239 "$P_SRV debug_level=3" \
Manuel Pégourié-Gonnarde73b2632014-07-12 04:00:00 +02001240 "$P_CLI" \
1241 0 \
Manuel Pégourié-Gonnard480905d2014-08-21 19:38:32 +02001242 -s "Protocol is TLSv1.2" \
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +02001243 -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256" \
Manuel Pégourié-Gonnard480905d2014-08-21 19:38:32 +02001244 -s "client hello v3, signature_algorithm ext: 6" \
1245 -s "ECDHE curve: secp521r1" \
1246 -S "error" \
1247 -C "error"
Manuel Pégourié-Gonnarde73b2632014-07-12 04:00:00 +02001248
Manuel Pégourié-Gonnard3bb08012015-01-22 13:34:21 +00001249run_test "Default, DTLS" \
1250 "$P_SRV dtls=1" \
1251 "$P_CLI dtls=1" \
1252 0 \
1253 -s "Protocol is DTLSv1.2" \
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +02001254 -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256"
Manuel Pégourié-Gonnard3bb08012015-01-22 13:34:21 +00001255
Hanno Becker721f7c12020-08-17 12:17:32 +01001256run_test "TLS client auth: required" \
1257 "$P_SRV auth_mode=required" \
1258 "$P_CLI" \
1259 0 \
1260 -s "Verifying peer X.509 certificate... ok"
1261
Hanno Becker2f54a3c2020-08-17 12:14:06 +01001262requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
1263requires_config_enabled MBEDTLS_ECDSA_C
1264requires_config_enabled MBEDTLS_SHA256_C
1265run_test "TLS: password protected client key" \
1266 "$P_SRV auth_mode=required" \
1267 "$P_CLI crt_file=data_files/server5.crt key_file=data_files/server5.key.enc key_pwd=PolarSSLTest" \
1268 0
1269
1270requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
1271requires_config_enabled MBEDTLS_ECDSA_C
1272requires_config_enabled MBEDTLS_SHA256_C
1273run_test "TLS: password protected server key" \
1274 "$P_SRV crt_file=data_files/server5.crt key_file=data_files/server5.key.enc key_pwd=PolarSSLTest" \
1275 "$P_CLI" \
1276 0
1277
1278requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
1279requires_config_enabled MBEDTLS_ECDSA_C
1280requires_config_enabled MBEDTLS_RSA_C
1281requires_config_enabled MBEDTLS_SHA256_C
1282run_test "TLS: password protected server key, two certificates" \
1283 "$P_SRV \
1284 key_file=data_files/server5.key.enc key_pwd=PolarSSLTest crt_file=data_files/server5.crt \
1285 key_file2=data_files/server2.key.enc key_pwd2=PolarSSLTest crt_file2=data_files/server2.crt" \
1286 "$P_CLI" \
1287 0
1288
Manuel Pégourié-Gonnard342d2ca2020-01-02 11:58:00 +01001289requires_config_enabled MBEDTLS_ZLIB_SUPPORT
1290run_test "Default (compression enabled)" \
1291 "$P_SRV debug_level=3" \
1292 "$P_CLI debug_level=3" \
1293 0 \
1294 -s "Allocating compression buffer" \
1295 -c "Allocating compression buffer" \
1296 -s "Record expansion is unknown (compression)" \
1297 -c "Record expansion is unknown (compression)" \
1298 -S "error" \
1299 -C "error"
1300
Hanno Becker746aaf32019-03-28 15:25:23 +00001301requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
1302run_test "CA callback on client" \
1303 "$P_SRV debug_level=3" \
1304 "$P_CLI ca_callback=1 debug_level=3 " \
1305 0 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01001306 -c "use CA callback for X.509 CRT verification" \
Hanno Becker746aaf32019-03-28 15:25:23 +00001307 -S "error" \
1308 -C "error"
1309
1310requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
1311requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
1312requires_config_enabled MBEDTLS_ECDSA_C
1313requires_config_enabled MBEDTLS_SHA256_C
1314run_test "CA callback on server" \
1315 "$P_SRV auth_mode=required" \
1316 "$P_CLI ca_callback=1 debug_level=3 crt_file=data_files/server5.crt \
1317 key_file=data_files/server5.key" \
1318 0 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01001319 -c "use CA callback for X.509 CRT verification" \
Hanno Becker746aaf32019-03-28 15:25:23 +00001320 -s "Verifying peer X.509 certificate... ok" \
1321 -S "error" \
1322 -C "error"
1323
Manuel Pégourié-Gonnardcfdf8f42018-11-08 09:52:25 +01001324# Test using an opaque private key for client authentication
1325requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
1326requires_config_enabled MBEDTLS_X509_CRT_PARSE_C
1327requires_config_enabled MBEDTLS_ECDSA_C
1328requires_config_enabled MBEDTLS_SHA256_C
1329run_test "Opaque key for client authentication" \
1330 "$P_SRV auth_mode=required" \
1331 "$P_CLI key_opaque=1 crt_file=data_files/server5.crt \
1332 key_file=data_files/server5.key" \
1333 0 \
1334 -c "key type: Opaque" \
1335 -s "Verifying peer X.509 certificate... ok" \
1336 -S "error" \
1337 -C "error"
1338
Hanno Becker9b5853c2018-11-16 17:28:40 +00001339# Test ciphersuites which we expect to be fully supported by PSA Crypto
1340# and check that we don't fall back to Mbed TLS' internal crypto primitives.
1341run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CCM
1342run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8
1343run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CCM
1344run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8
1345run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
1346run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
1347run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA
1348run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256
1349run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384
1350
Hanno Becker354e2482019-01-08 11:40:25 +00001351requires_config_enabled MBEDTLS_ECP_DP_SECP521R1_ENABLED
1352run_test_psa_force_curve "secp521r1"
1353requires_config_enabled MBEDTLS_ECP_DP_BP512R1_ENABLED
1354run_test_psa_force_curve "brainpoolP512r1"
1355requires_config_enabled MBEDTLS_ECP_DP_SECP384R1_ENABLED
1356run_test_psa_force_curve "secp384r1"
1357requires_config_enabled MBEDTLS_ECP_DP_BP384R1_ENABLED
1358run_test_psa_force_curve "brainpoolP384r1"
1359requires_config_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED
1360run_test_psa_force_curve "secp256r1"
1361requires_config_enabled MBEDTLS_ECP_DP_SECP256K1_ENABLED
1362run_test_psa_force_curve "secp256k1"
1363requires_config_enabled MBEDTLS_ECP_DP_BP256R1_ENABLED
1364run_test_psa_force_curve "brainpoolP256r1"
1365requires_config_enabled MBEDTLS_ECP_DP_SECP224R1_ENABLED
1366run_test_psa_force_curve "secp224r1"
Gilles Peskinedefdc3b2021-03-23 13:59:58 +01001367## SECP224K1 is buggy via the PSA API
1368## (https://github.com/ARMmbed/mbedtls/issues/3541),
1369## so it is disabled in PSA even when it's enabled in Mbed TLS.
1370## The proper dependency would be on PSA_WANT_ECC_SECP_K1_224 but
1371## dependencies on PSA symbols in ssl-opt.sh are not implemented yet.
1372#requires_config_enabled MBEDTLS_ECP_DP_SECP224K1_ENABLED
1373#run_test_psa_force_curve "secp224k1"
Hanno Becker354e2482019-01-08 11:40:25 +00001374requires_config_enabled MBEDTLS_ECP_DP_SECP192R1_ENABLED
1375run_test_psa_force_curve "secp192r1"
1376requires_config_enabled MBEDTLS_ECP_DP_SECP192K1_ENABLED
1377run_test_psa_force_curve "secp192k1"
1378
Andres Amaya Garciab84c40b2017-09-06 15:44:01 +01001379# Test current time in ServerHello
1380requires_config_enabled MBEDTLS_HAVE_TIME
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +02001381run_test "ServerHello contains gmt_unix_time" \
Andres Amaya Garciab84c40b2017-09-06 15:44:01 +01001382 "$P_SRV debug_level=3" \
1383 "$P_CLI debug_level=3" \
1384 0 \
Andres Amaya Garciab84c40b2017-09-06 15:44:01 +01001385 -f "check_server_hello_time" \
1386 -F "check_server_hello_time"
1387
Simon Butcher8e004102016-10-14 00:48:33 +01001388# Test for uniqueness of IVs in AEAD ciphersuites
1389run_test "Unique IV in GCM" \
1390 "$P_SRV exchanges=20 debug_level=4" \
1391 "$P_CLI exchanges=20 debug_level=4 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \
1392 0 \
1393 -u "IV used" \
1394 -U "IV used"
1395
Janos Follathee11be62019-04-04 12:03:30 +01001396# Tests for certificate verification callback
1397run_test "Configuration-specific CRT verification callback" \
1398 "$P_SRV debug_level=3" \
1399 "$P_CLI context_crt_cb=0 debug_level=3" \
1400 0 \
Janos Follathee11be62019-04-04 12:03:30 +01001401 -S "error" \
1402 -c "Verify requested for " \
1403 -c "Use configuration-specific verification callback" \
1404 -C "Use context-specific verification callback" \
1405 -C "error"
1406
Hanno Beckerefb440a2019-04-03 13:04:33 +01001407run_test "Context-specific CRT verification callback" \
1408 "$P_SRV debug_level=3" \
1409 "$P_CLI context_crt_cb=1 debug_level=3" \
1410 0 \
Hanno Beckerefb440a2019-04-03 13:04:33 +01001411 -S "error" \
Janos Follathee11be62019-04-04 12:03:30 +01001412 -c "Verify requested for " \
1413 -c "Use context-specific verification callback" \
1414 -C "Use configuration-specific verification callback" \
Hanno Beckerefb440a2019-04-03 13:04:33 +01001415 -C "error"
1416
Manuel Pégourié-Gonnardbd47a582015-01-12 13:43:29 +01001417# Tests for rc4 option
1418
Simon Butchera410af52016-05-19 22:12:18 +01001419requires_config_enabled MBEDTLS_REMOVE_ARC4_CIPHERSUITES
Manuel Pégourié-Gonnardbd47a582015-01-12 13:43:29 +01001420run_test "RC4: server disabled, client enabled" \
1421 "$P_SRV" \
1422 "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
1423 1 \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01001424 -s "SSL - The server has no ciphersuites in common"
1425
Simon Butchera410af52016-05-19 22:12:18 +01001426requires_config_enabled MBEDTLS_REMOVE_ARC4_CIPHERSUITES
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01001427run_test "RC4: server half, client enabled" \
1428 "$P_SRV arc4=1" \
1429 "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
1430 1 \
1431 -s "SSL - The server has no ciphersuites in common"
Manuel Pégourié-Gonnardbd47a582015-01-12 13:43:29 +01001432
1433run_test "RC4: server enabled, client disabled" \
1434 "$P_SRV force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
1435 "$P_CLI" \
1436 1 \
1437 -s "SSL - The server has no ciphersuites in common"
1438
1439run_test "RC4: both enabled" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01001440 "$P_SRV force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnardbd47a582015-01-12 13:43:29 +01001441 "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
1442 0 \
Manuel Pégourié-Gonnard51d81662015-01-14 17:20:46 +01001443 -S "SSL - None of the common ciphersuites is usable" \
Manuel Pégourié-Gonnardbd47a582015-01-12 13:43:29 +01001444 -S "SSL - The server has no ciphersuites in common"
1445
Hanno Beckerd26bb202018-08-17 09:54:10 +01001446# Test empty CA list in CertificateRequest in TLS 1.1 and earlier
1447
1448requires_gnutls
1449requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
1450run_test "CertificateRequest with empty CA list, TLS 1.1 (GnuTLS server)" \
1451 "$G_SRV"\
1452 "$P_CLI force_version=tls1_1" \
1453 0
1454
1455requires_gnutls
1456requires_config_enabled MBEDTLS_SSL_PROTO_TLS1
1457run_test "CertificateRequest with empty CA list, TLS 1.0 (GnuTLS server)" \
1458 "$G_SRV"\
1459 "$P_CLI force_version=tls1" \
1460 0
1461
Gilles Peskinebc70a182017-05-09 15:59:24 +02001462# Tests for SHA-1 support
1463
Manuel Pégourié-Gonnardaf63c212017-06-08 17:51:08 +02001464requires_config_disabled MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
Gilles Peskinebc70a182017-05-09 15:59:24 +02001465run_test "SHA-1 forbidden by default in server certificate" \
1466 "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt" \
1467 "$P_CLI debug_level=2 allow_sha1=0" \
1468 1 \
1469 -c "The certificate is signed with an unacceptable hash"
1470
Manuel Pégourié-Gonnardaf63c212017-06-08 17:51:08 +02001471requires_config_enabled MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
Gilles Peskine0d8b86a2019-09-20 18:03:11 +02001472run_test "SHA-1 allowed by default in server certificate" \
Manuel Pégourié-Gonnardaf63c212017-06-08 17:51:08 +02001473 "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt" \
1474 "$P_CLI debug_level=2 allow_sha1=0" \
1475 0
1476
Gilles Peskinebc70a182017-05-09 15:59:24 +02001477run_test "SHA-1 explicitly allowed in server certificate" \
1478 "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt" \
1479 "$P_CLI allow_sha1=1" \
1480 0
1481
1482run_test "SHA-256 allowed by default in server certificate" \
1483 "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2-sha256.crt" \
1484 "$P_CLI allow_sha1=0" \
1485 0
1486
Manuel Pégourié-Gonnardaf63c212017-06-08 17:51:08 +02001487requires_config_disabled MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
Gilles Peskinebc70a182017-05-09 15:59:24 +02001488run_test "SHA-1 forbidden by default in client certificate" \
1489 "$P_SRV auth_mode=required allow_sha1=0" \
1490 "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha1.crt" \
1491 1 \
1492 -s "The certificate is signed with an unacceptable hash"
1493
Manuel Pégourié-Gonnardaf63c212017-06-08 17:51:08 +02001494requires_config_enabled MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
Gilles Peskine0d8b86a2019-09-20 18:03:11 +02001495run_test "SHA-1 allowed by default in client certificate" \
Manuel Pégourié-Gonnardaf63c212017-06-08 17:51:08 +02001496 "$P_SRV auth_mode=required allow_sha1=0" \
1497 "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha1.crt" \
1498 0
1499
Gilles Peskinebc70a182017-05-09 15:59:24 +02001500run_test "SHA-1 explicitly allowed in client certificate" \
1501 "$P_SRV auth_mode=required allow_sha1=1" \
1502 "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha1.crt" \
1503 0
1504
1505run_test "SHA-256 allowed by default in client certificate" \
1506 "$P_SRV auth_mode=required allow_sha1=0" \
1507 "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha256.crt" \
1508 0
1509
Hanno Becker7ae8a762018-08-14 15:43:35 +01001510# Tests for datagram packing
1511run_test "DTLS: multiple records in same datagram, client and server" \
1512 "$P_SRV dtls=1 dgram_packing=1 debug_level=2" \
1513 "$P_CLI dtls=1 dgram_packing=1 debug_level=2" \
1514 0 \
1515 -c "next record in same datagram" \
1516 -s "next record in same datagram"
1517
1518run_test "DTLS: multiple records in same datagram, client only" \
1519 "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \
1520 "$P_CLI dtls=1 dgram_packing=1 debug_level=2" \
1521 0 \
1522 -s "next record in same datagram" \
1523 -C "next record in same datagram"
1524
1525run_test "DTLS: multiple records in same datagram, server only" \
1526 "$P_SRV dtls=1 dgram_packing=1 debug_level=2" \
1527 "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \
1528 0 \
1529 -S "next record in same datagram" \
1530 -c "next record in same datagram"
1531
1532run_test "DTLS: multiple records in same datagram, neither client nor server" \
1533 "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \
1534 "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \
1535 0 \
1536 -S "next record in same datagram" \
1537 -C "next record in same datagram"
1538
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01001539# Tests for Truncated HMAC extension
1540
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001541run_test "Truncated HMAC: client default, server default" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02001542 "$P_SRV debug_level=4" \
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001543 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01001544 0 \
Hanno Becker992b6872017-11-09 18:57:39 +00001545 -s "dumping 'expected mac' (20 bytes)" \
1546 -S "dumping 'expected mac' (10 bytes)"
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01001547
Hanno Becker32c55012017-11-10 08:42:54 +00001548requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001549run_test "Truncated HMAC: client disabled, server default" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02001550 "$P_SRV debug_level=4" \
Hanno Becker909f9a32017-11-21 17:10:12 +00001551 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=0" \
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +01001552 0 \
Hanno Becker992b6872017-11-09 18:57:39 +00001553 -s "dumping 'expected mac' (20 bytes)" \
1554 -S "dumping 'expected mac' (10 bytes)"
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001555
Hanno Becker32c55012017-11-10 08:42:54 +00001556requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001557run_test "Truncated HMAC: client enabled, server default" \
1558 "$P_SRV debug_level=4" \
Hanno Becker909f9a32017-11-21 17:10:12 +00001559 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001560 0 \
Hanno Becker992b6872017-11-09 18:57:39 +00001561 -s "dumping 'expected mac' (20 bytes)" \
1562 -S "dumping 'expected mac' (10 bytes)"
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001563
Hanno Becker32c55012017-11-10 08:42:54 +00001564requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001565run_test "Truncated HMAC: client enabled, server disabled" \
1566 "$P_SRV debug_level=4 trunc_hmac=0" \
Hanno Becker909f9a32017-11-21 17:10:12 +00001567 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001568 0 \
Hanno Becker992b6872017-11-09 18:57:39 +00001569 -s "dumping 'expected mac' (20 bytes)" \
1570 -S "dumping 'expected mac' (10 bytes)"
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001571
Hanno Becker32c55012017-11-10 08:42:54 +00001572requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Hanno Becker34d0c3f2017-11-17 15:46:24 +00001573run_test "Truncated HMAC: client disabled, server enabled" \
1574 "$P_SRV debug_level=4 trunc_hmac=1" \
Hanno Becker909f9a32017-11-21 17:10:12 +00001575 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=0" \
Hanno Becker34d0c3f2017-11-17 15:46:24 +00001576 0 \
1577 -s "dumping 'expected mac' (20 bytes)" \
1578 -S "dumping 'expected mac' (10 bytes)"
1579
1580requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001581run_test "Truncated HMAC: client enabled, server enabled" \
1582 "$P_SRV debug_level=4 trunc_hmac=1" \
Hanno Becker909f9a32017-11-21 17:10:12 +00001583 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001584 0 \
Hanno Becker992b6872017-11-09 18:57:39 +00001585 -S "dumping 'expected mac' (20 bytes)" \
1586 -s "dumping 'expected mac' (10 bytes)"
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +01001587
Hanno Becker4c4f4102017-11-10 09:16:05 +00001588run_test "Truncated HMAC, DTLS: client default, server default" \
1589 "$P_SRV dtls=1 debug_level=4" \
1590 "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
1591 0 \
1592 -s "dumping 'expected mac' (20 bytes)" \
1593 -S "dumping 'expected mac' (10 bytes)"
1594
1595requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
1596run_test "Truncated HMAC, DTLS: client disabled, server default" \
1597 "$P_SRV dtls=1 debug_level=4" \
Hanno Becker909f9a32017-11-21 17:10:12 +00001598 "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=0" \
Hanno Becker4c4f4102017-11-10 09:16:05 +00001599 0 \
1600 -s "dumping 'expected mac' (20 bytes)" \
1601 -S "dumping 'expected mac' (10 bytes)"
1602
1603requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
1604run_test "Truncated HMAC, DTLS: client enabled, server default" \
1605 "$P_SRV dtls=1 debug_level=4" \
Hanno Becker909f9a32017-11-21 17:10:12 +00001606 "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \
Hanno Becker4c4f4102017-11-10 09:16:05 +00001607 0 \
1608 -s "dumping 'expected mac' (20 bytes)" \
1609 -S "dumping 'expected mac' (10 bytes)"
1610
1611requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
1612run_test "Truncated HMAC, DTLS: client enabled, server disabled" \
1613 "$P_SRV dtls=1 debug_level=4 trunc_hmac=0" \
Hanno Becker909f9a32017-11-21 17:10:12 +00001614 "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \
Hanno Becker4c4f4102017-11-10 09:16:05 +00001615 0 \
1616 -s "dumping 'expected mac' (20 bytes)" \
1617 -S "dumping 'expected mac' (10 bytes)"
1618
1619requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
1620run_test "Truncated HMAC, DTLS: client disabled, server enabled" \
1621 "$P_SRV dtls=1 debug_level=4 trunc_hmac=1" \
Hanno Becker909f9a32017-11-21 17:10:12 +00001622 "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=0" \
Hanno Becker4c4f4102017-11-10 09:16:05 +00001623 0 \
1624 -s "dumping 'expected mac' (20 bytes)" \
1625 -S "dumping 'expected mac' (10 bytes)"
1626
1627requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
1628run_test "Truncated HMAC, DTLS: client enabled, server enabled" \
1629 "$P_SRV dtls=1 debug_level=4 trunc_hmac=1" \
Hanno Becker909f9a32017-11-21 17:10:12 +00001630 "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +01001631 0 \
1632 -S "dumping 'expected mac' (20 bytes)" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +01001633 -s "dumping 'expected mac' (10 bytes)"
1634
Jarno Lamsa2937d812019-06-04 11:33:23 +03001635# Tests for Context serialization
1636
1637requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
Hanno Beckere0b90ec2019-08-30 11:32:12 +01001638run_test "Context serialization, client serializes, CCM" \
Manuel Pégourié-Gonnard862b3192019-07-23 14:13:43 +02001639 "$P_SRV dtls=1 serialize=0 exchanges=2" \
Hanno Beckere0b90ec2019-08-30 11:32:12 +01001640 "$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
1641 0 \
1642 -c "Deserializing connection..." \
1643 -S "Deserializing connection..."
1644
1645requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
1646run_test "Context serialization, client serializes, ChaChaPoly" \
1647 "$P_SRV dtls=1 serialize=0 exchanges=2" \
1648 "$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
1649 0 \
1650 -c "Deserializing connection..." \
1651 -S "Deserializing connection..."
1652
1653requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
1654run_test "Context serialization, client serializes, GCM" \
1655 "$P_SRV dtls=1 serialize=0 exchanges=2" \
1656 "$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
Jarno Lamsa2937d812019-06-04 11:33:23 +03001657 0 \
Jarno Lamsacbee1b32019-06-04 15:18:19 +03001658 -c "Deserializing connection..." \
Jarno Lamsa2937d812019-06-04 11:33:23 +03001659 -S "Deserializing connection..."
1660
1661requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
Hanno Becker1b18fd32019-08-30 11:18:59 +01001662requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
1663run_test "Context serialization, client serializes, with CID" \
1664 "$P_SRV dtls=1 serialize=0 exchanges=2 cid=1 cid_val=dead" \
1665 "$P_CLI dtls=1 serialize=1 exchanges=2 cid=1 cid_val=beef" \
1666 0 \
1667 -c "Deserializing connection..." \
1668 -S "Deserializing connection..."
1669
1670requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
Hanno Beckere0b90ec2019-08-30 11:32:12 +01001671run_test "Context serialization, server serializes, CCM" \
Manuel Pégourié-Gonnard862b3192019-07-23 14:13:43 +02001672 "$P_SRV dtls=1 serialize=1 exchanges=2" \
Hanno Beckere0b90ec2019-08-30 11:32:12 +01001673 "$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
1674 0 \
1675 -C "Deserializing connection..." \
1676 -s "Deserializing connection..."
1677
1678requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
1679run_test "Context serialization, server serializes, ChaChaPoly" \
1680 "$P_SRV dtls=1 serialize=1 exchanges=2" \
1681 "$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
1682 0 \
1683 -C "Deserializing connection..." \
1684 -s "Deserializing connection..."
1685
1686requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
1687run_test "Context serialization, server serializes, GCM" \
1688 "$P_SRV dtls=1 serialize=1 exchanges=2" \
1689 "$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
Jarno Lamsa2937d812019-06-04 11:33:23 +03001690 0 \
Jarno Lamsacbee1b32019-06-04 15:18:19 +03001691 -C "Deserializing connection..." \
Jarno Lamsa2937d812019-06-04 11:33:23 +03001692 -s "Deserializing connection..."
1693
1694requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
Hanno Becker1b18fd32019-08-30 11:18:59 +01001695requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
1696run_test "Context serialization, server serializes, with CID" \
1697 "$P_SRV dtls=1 serialize=1 exchanges=2 cid=1 cid_val=dead" \
1698 "$P_CLI dtls=1 serialize=0 exchanges=2 cid=1 cid_val=beef" \
1699 0 \
1700 -C "Deserializing connection..." \
1701 -s "Deserializing connection..."
1702
1703requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
Hanno Beckere0b90ec2019-08-30 11:32:12 +01001704run_test "Context serialization, both serialize, CCM" \
Manuel Pégourié-Gonnard862b3192019-07-23 14:13:43 +02001705 "$P_SRV dtls=1 serialize=1 exchanges=2" \
Hanno Beckere0b90ec2019-08-30 11:32:12 +01001706 "$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
1707 0 \
1708 -c "Deserializing connection..." \
1709 -s "Deserializing connection..."
1710
1711requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
1712run_test "Context serialization, both serialize, ChaChaPoly" \
1713 "$P_SRV dtls=1 serialize=1 exchanges=2" \
1714 "$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
1715 0 \
1716 -c "Deserializing connection..." \
1717 -s "Deserializing connection..."
1718
1719requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
1720run_test "Context serialization, both serialize, GCM" \
1721 "$P_SRV dtls=1 serialize=1 exchanges=2" \
1722 "$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
Jarno Lamsa2937d812019-06-04 11:33:23 +03001723 0 \
Jarno Lamsacbee1b32019-06-04 15:18:19 +03001724 -c "Deserializing connection..." \
Jarno Lamsa2937d812019-06-04 11:33:23 +03001725 -s "Deserializing connection..."
1726
Jarno Lamsac2376f02019-06-06 10:44:14 +03001727requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
Hanno Becker1b18fd32019-08-30 11:18:59 +01001728requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
1729run_test "Context serialization, both serialize, with CID" \
1730 "$P_SRV dtls=1 serialize=1 exchanges=2 cid=1 cid_val=dead" \
1731 "$P_CLI dtls=1 serialize=1 exchanges=2 cid=1 cid_val=beef" \
1732 0 \
1733 -c "Deserializing connection..." \
1734 -s "Deserializing connection..."
1735
1736requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
Hanno Beckere0b90ec2019-08-30 11:32:12 +01001737run_test "Context serialization, re-init, client serializes, CCM" \
Manuel Pégourié-Gonnard862b3192019-07-23 14:13:43 +02001738 "$P_SRV dtls=1 serialize=0 exchanges=2" \
Hanno Beckere0b90ec2019-08-30 11:32:12 +01001739 "$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
1740 0 \
1741 -c "Deserializing connection..." \
1742 -S "Deserializing connection..."
1743
1744requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
1745run_test "Context serialization, re-init, client serializes, ChaChaPoly" \
1746 "$P_SRV dtls=1 serialize=0 exchanges=2" \
1747 "$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
1748 0 \
1749 -c "Deserializing connection..." \
1750 -S "Deserializing connection..."
1751
1752requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
1753run_test "Context serialization, re-init, client serializes, GCM" \
1754 "$P_SRV dtls=1 serialize=0 exchanges=2" \
1755 "$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
Jarno Lamsac2376f02019-06-06 10:44:14 +03001756 0 \
1757 -c "Deserializing connection..." \
1758 -S "Deserializing connection..."
1759
Jarno Lamsac2376f02019-06-06 10:44:14 +03001760requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
Hanno Becker1b18fd32019-08-30 11:18:59 +01001761requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
1762run_test "Context serialization, re-init, client serializes, with CID" \
1763 "$P_SRV dtls=1 serialize=0 exchanges=2 cid=1 cid_val=dead" \
1764 "$P_CLI dtls=1 serialize=2 exchanges=2 cid=1 cid_val=beef" \
1765 0 \
1766 -c "Deserializing connection..." \
1767 -S "Deserializing connection..."
1768
1769requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
Hanno Beckere0b90ec2019-08-30 11:32:12 +01001770run_test "Context serialization, re-init, server serializes, CCM" \
Manuel Pégourié-Gonnard862b3192019-07-23 14:13:43 +02001771 "$P_SRV dtls=1 serialize=2 exchanges=2" \
Hanno Beckere0b90ec2019-08-30 11:32:12 +01001772 "$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
1773 0 \
1774 -C "Deserializing connection..." \
1775 -s "Deserializing connection..."
1776
1777requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
1778run_test "Context serialization, re-init, server serializes, ChaChaPoly" \
1779 "$P_SRV dtls=1 serialize=2 exchanges=2" \
1780 "$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
1781 0 \
1782 -C "Deserializing connection..." \
1783 -s "Deserializing connection..."
1784
1785requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
1786run_test "Context serialization, re-init, server serializes, GCM" \
1787 "$P_SRV dtls=1 serialize=2 exchanges=2" \
1788 "$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
Jarno Lamsac2376f02019-06-06 10:44:14 +03001789 0 \
1790 -C "Deserializing connection..." \
1791 -s "Deserializing connection..."
1792
Jarno Lamsac2376f02019-06-06 10:44:14 +03001793requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
Hanno Becker1b18fd32019-08-30 11:18:59 +01001794requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
1795run_test "Context serialization, re-init, server serializes, with CID" \
1796 "$P_SRV dtls=1 serialize=2 exchanges=2 cid=1 cid_val=dead" \
1797 "$P_CLI dtls=1 serialize=0 exchanges=2 cid=1 cid_val=beef" \
1798 0 \
1799 -C "Deserializing connection..." \
1800 -s "Deserializing connection..."
1801
1802requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
Hanno Beckere0b90ec2019-08-30 11:32:12 +01001803run_test "Context serialization, re-init, both serialize, CCM" \
Manuel Pégourié-Gonnard862b3192019-07-23 14:13:43 +02001804 "$P_SRV dtls=1 serialize=2 exchanges=2" \
Hanno Beckere0b90ec2019-08-30 11:32:12 +01001805 "$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
1806 0 \
1807 -c "Deserializing connection..." \
1808 -s "Deserializing connection..."
1809
1810requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
1811run_test "Context serialization, re-init, both serialize, ChaChaPoly" \
1812 "$P_SRV dtls=1 serialize=2 exchanges=2" \
1813 "$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
1814 0 \
1815 -c "Deserializing connection..." \
1816 -s "Deserializing connection..."
1817
1818requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
1819run_test "Context serialization, re-init, both serialize, GCM" \
1820 "$P_SRV dtls=1 serialize=2 exchanges=2" \
1821 "$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
Jarno Lamsac2376f02019-06-06 10:44:14 +03001822 0 \
1823 -c "Deserializing connection..." \
1824 -s "Deserializing connection..."
1825
Hanno Becker1b18fd32019-08-30 11:18:59 +01001826requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
1827requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
1828run_test "Context serialization, re-init, both serialize, with CID" \
1829 "$P_SRV dtls=1 serialize=2 exchanges=2 cid=1 cid_val=dead" \
1830 "$P_CLI dtls=1 serialize=2 exchanges=2 cid=1 cid_val=beef" \
1831 0 \
1832 -c "Deserializing connection..." \
1833 -s "Deserializing connection..."
1834
Piotr Nowicki3de298f2020-04-16 14:35:19 +02001835requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
1836run_test "Saving the serialized context to a file" \
1837 "$P_SRV dtls=1 serialize=1 context_file=context_srv.txt" \
1838 "$P_CLI dtls=1 serialize=1 context_file=context_cli.txt" \
1839 0 \
1840 -s "Save serialized context to a file... ok" \
1841 -c "Save serialized context to a file... ok"
1842rm -f context_srv.txt
1843rm -f context_cli.txt
1844
Hanno Becker7cf463e2019-04-09 18:08:47 +01001845# Tests for DTLS Connection ID extension
1846
Hanno Becker7cf463e2019-04-09 18:08:47 +01001847# So far, the CID API isn't implemented, so we can't
1848# grep for output witnessing its use. This needs to be
1849# changed once the CID extension is implemented.
1850
Hanno Beckera0e20d02019-05-15 14:03:01 +01001851requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01001852run_test "Connection ID: Cli enabled, Srv disabled" \
Hanno Beckerf157a972019-04-25 16:05:45 +01001853 "$P_SRV debug_level=3 dtls=1 cid=0" \
1854 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
1855 0 \
1856 -s "Disable use of CID extension." \
Hanno Becker7dee2c62019-04-26 14:17:56 +01001857 -s "found CID extension" \
1858 -s "Client sent CID extension, but CID disabled" \
Hanno Becker6b78c832019-04-25 17:01:43 +01001859 -c "Enable use of CID extension." \
Hanno Becker4bc9e9d2019-04-26 16:00:29 +01001860 -c "client hello, adding CID extension" \
Hanno Beckera6a4c762019-04-26 16:13:31 +01001861 -S "server hello, adding CID extension" \
Hanno Becker9ecb6c62019-04-26 16:23:52 +01001862 -C "found CID extension" \
1863 -S "Copy CIDs into SSL transform" \
Hanno Beckerfcffdcc2019-04-26 17:19:46 +01001864 -C "Copy CIDs into SSL transform" \
1865 -c "Use of Connection ID was rejected by the server"
Hanno Becker7cf463e2019-04-09 18:08:47 +01001866
Hanno Beckera0e20d02019-05-15 14:03:01 +01001867requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01001868run_test "Connection ID: Cli disabled, Srv enabled" \
Hanno Beckerf157a972019-04-25 16:05:45 +01001869 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
1870 "$P_CLI debug_level=3 dtls=1 cid=0" \
1871 0 \
1872 -c "Disable use of CID extension." \
Hanno Becker6b78c832019-04-25 17:01:43 +01001873 -C "client hello, adding CID extension" \
Hanno Becker7dee2c62019-04-26 14:17:56 +01001874 -S "found CID extension" \
Hanno Becker4bc9e9d2019-04-26 16:00:29 +01001875 -s "Enable use of CID extension." \
Hanno Beckera6a4c762019-04-26 16:13:31 +01001876 -S "server hello, adding CID extension" \
Hanno Becker9ecb6c62019-04-26 16:23:52 +01001877 -C "found CID extension" \
1878 -S "Copy CIDs into SSL transform" \
Hanno Beckerfcffdcc2019-04-26 17:19:46 +01001879 -C "Copy CIDs into SSL transform" \
Hanno Beckerb3e9dd52019-05-08 13:19:53 +01001880 -s "Use of Connection ID was not offered by client"
Hanno Becker7cf463e2019-04-09 18:08:47 +01001881
Hanno Beckera0e20d02019-05-15 14:03:01 +01001882requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01001883run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID nonempty" \
Hanno Beckerf157a972019-04-25 16:05:45 +01001884 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead" \
1885 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef" \
1886 0 \
1887 -c "Enable use of CID extension." \
Hanno Becker6b78c832019-04-25 17:01:43 +01001888 -s "Enable use of CID extension." \
Hanno Becker7dee2c62019-04-26 14:17:56 +01001889 -c "client hello, adding CID extension" \
1890 -s "found CID extension" \
Hanno Becker4bc9e9d2019-04-26 16:00:29 +01001891 -s "Use of CID extension negotiated" \
Hanno Beckera6a4c762019-04-26 16:13:31 +01001892 -s "server hello, adding CID extension" \
1893 -c "found CID extension" \
Hanno Becker9ecb6c62019-04-26 16:23:52 +01001894 -c "Use of CID extension negotiated" \
1895 -s "Copy CIDs into SSL transform" \
Hanno Becker2749a672019-05-03 17:04:23 +01001896 -c "Copy CIDs into SSL transform" \
1897 -c "Peer CID (length 2 Bytes): de ad" \
1898 -s "Peer CID (length 2 Bytes): be ef" \
1899 -s "Use of Connection ID has been negotiated" \
1900 -c "Use of Connection ID has been negotiated"
Hanno Becker7cf463e2019-04-09 18:08:47 +01001901
Hanno Beckera0e20d02019-05-15 14:03:01 +01001902requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01001903run_test "Connection ID, 3D: Cli+Srv enabled, Cli+Srv CID nonempty" \
Hanno Beckerd0ac5fa2019-05-24 10:11:23 +01001904 -p "$P_PXY drop=5 delay=5 duplicate=5 bad_cid=1" \
Hanno Becker78c91372019-05-08 13:31:15 +01001905 "$P_SRV debug_level=3 dtls=1 cid=1 dgram_packing=0 cid_val=dead" \
1906 "$P_CLI debug_level=3 dtls=1 cid=1 dgram_packing=0 cid_val=beef" \
1907 0 \
1908 -c "Enable use of CID extension." \
1909 -s "Enable use of CID extension." \
1910 -c "client hello, adding CID extension" \
1911 -s "found CID extension" \
1912 -s "Use of CID extension negotiated" \
1913 -s "server hello, adding CID extension" \
1914 -c "found CID extension" \
1915 -c "Use of CID extension negotiated" \
1916 -s "Copy CIDs into SSL transform" \
1917 -c "Copy CIDs into SSL transform" \
1918 -c "Peer CID (length 2 Bytes): de ad" \
1919 -s "Peer CID (length 2 Bytes): be ef" \
1920 -s "Use of Connection ID has been negotiated" \
Hanno Beckerd0ac5fa2019-05-24 10:11:23 +01001921 -c "Use of Connection ID has been negotiated" \
1922 -c "ignoring unexpected CID" \
1923 -s "ignoring unexpected CID"
Hanno Becker78c91372019-05-08 13:31:15 +01001924
Hanno Beckera0e20d02019-05-15 14:03:01 +01001925requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01001926run_test "Connection ID, MTU: Cli+Srv enabled, Cli+Srv CID nonempty" \
1927 -p "$P_PXY mtu=800" \
1928 "$P_SRV debug_level=3 mtu=800 dtls=1 cid=1 cid_val=dead" \
1929 "$P_CLI debug_level=3 mtu=800 dtls=1 cid=1 cid_val=beef" \
1930 0 \
1931 -c "Enable use of CID extension." \
1932 -s "Enable use of CID extension." \
1933 -c "client hello, adding CID extension" \
1934 -s "found CID extension" \
1935 -s "Use of CID extension negotiated" \
1936 -s "server hello, adding CID extension" \
1937 -c "found CID extension" \
1938 -c "Use of CID extension negotiated" \
1939 -s "Copy CIDs into SSL transform" \
1940 -c "Copy CIDs into SSL transform" \
1941 -c "Peer CID (length 2 Bytes): de ad" \
1942 -s "Peer CID (length 2 Bytes): be ef" \
1943 -s "Use of Connection ID has been negotiated" \
1944 -c "Use of Connection ID has been negotiated"
1945
Hanno Beckera0e20d02019-05-15 14:03:01 +01001946requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01001947run_test "Connection ID, 3D+MTU: Cli+Srv enabled, Cli+Srv CID nonempty" \
Hanno Beckerd0ac5fa2019-05-24 10:11:23 +01001948 -p "$P_PXY mtu=800 drop=5 delay=5 duplicate=5 bad_cid=1" \
Hanno Becker78c91372019-05-08 13:31:15 +01001949 "$P_SRV debug_level=3 mtu=800 dtls=1 cid=1 cid_val=dead" \
1950 "$P_CLI debug_level=3 mtu=800 dtls=1 cid=1 cid_val=beef" \
1951 0 \
1952 -c "Enable use of CID extension." \
1953 -s "Enable use of CID extension." \
1954 -c "client hello, adding CID extension" \
1955 -s "found CID extension" \
1956 -s "Use of CID extension negotiated" \
1957 -s "server hello, adding CID extension" \
1958 -c "found CID extension" \
1959 -c "Use of CID extension negotiated" \
1960 -s "Copy CIDs into SSL transform" \
1961 -c "Copy CIDs into SSL transform" \
1962 -c "Peer CID (length 2 Bytes): de ad" \
1963 -s "Peer CID (length 2 Bytes): be ef" \
1964 -s "Use of Connection ID has been negotiated" \
Hanno Beckerd0ac5fa2019-05-24 10:11:23 +01001965 -c "Use of Connection ID has been negotiated" \
1966 -c "ignoring unexpected CID" \
1967 -s "ignoring unexpected CID"
Hanno Becker78c91372019-05-08 13:31:15 +01001968
Hanno Beckera0e20d02019-05-15 14:03:01 +01001969requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01001970run_test "Connection ID: Cli+Srv enabled, Cli CID empty" \
Hanno Beckerf157a972019-04-25 16:05:45 +01001971 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
1972 "$P_CLI debug_level=3 dtls=1 cid=1" \
1973 0 \
1974 -c "Enable use of CID extension." \
Hanno Becker6b78c832019-04-25 17:01:43 +01001975 -s "Enable use of CID extension." \
Hanno Becker7dee2c62019-04-26 14:17:56 +01001976 -c "client hello, adding CID extension" \
1977 -s "found CID extension" \
Hanno Becker4bc9e9d2019-04-26 16:00:29 +01001978 -s "Use of CID extension negotiated" \
Hanno Beckera6a4c762019-04-26 16:13:31 +01001979 -s "server hello, adding CID extension" \
1980 -c "found CID extension" \
Hanno Becker9ecb6c62019-04-26 16:23:52 +01001981 -c "Use of CID extension negotiated" \
1982 -s "Copy CIDs into SSL transform" \
Hanno Becker2749a672019-05-03 17:04:23 +01001983 -c "Copy CIDs into SSL transform" \
1984 -c "Peer CID (length 4 Bytes): de ad be ef" \
1985 -s "Peer CID (length 0 Bytes):" \
1986 -s "Use of Connection ID has been negotiated" \
1987 -c "Use of Connection ID has been negotiated"
Hanno Becker7cf463e2019-04-09 18:08:47 +01001988
Hanno Beckera0e20d02019-05-15 14:03:01 +01001989requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01001990run_test "Connection ID: Cli+Srv enabled, Srv CID empty" \
Hanno Beckerf157a972019-04-25 16:05:45 +01001991 "$P_SRV debug_level=3 dtls=1 cid=1" \
1992 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
1993 0 \
1994 -c "Enable use of CID extension." \
Hanno Becker6b78c832019-04-25 17:01:43 +01001995 -s "Enable use of CID extension." \
Hanno Becker7dee2c62019-04-26 14:17:56 +01001996 -c "client hello, adding CID extension" \
1997 -s "found CID extension" \
Hanno Becker4bc9e9d2019-04-26 16:00:29 +01001998 -s "Use of CID extension negotiated" \
Hanno Beckera6a4c762019-04-26 16:13:31 +01001999 -s "server hello, adding CID extension" \
2000 -c "found CID extension" \
Hanno Becker9ecb6c62019-04-26 16:23:52 +01002001 -c "Use of CID extension negotiated" \
2002 -s "Copy CIDs into SSL transform" \
Hanno Becker2749a672019-05-03 17:04:23 +01002003 -c "Copy CIDs into SSL transform" \
2004 -s "Peer CID (length 4 Bytes): de ad be ef" \
2005 -c "Peer CID (length 0 Bytes):" \
2006 -s "Use of Connection ID has been negotiated" \
2007 -c "Use of Connection ID has been negotiated"
Hanno Becker7cf463e2019-04-09 18:08:47 +01002008
Hanno Beckera0e20d02019-05-15 14:03:01 +01002009requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01002010run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID empty" \
Hanno Beckerf157a972019-04-25 16:05:45 +01002011 "$P_SRV debug_level=3 dtls=1 cid=1" \
2012 "$P_CLI debug_level=3 dtls=1 cid=1" \
2013 0 \
2014 -c "Enable use of CID extension." \
Hanno Becker6b78c832019-04-25 17:01:43 +01002015 -s "Enable use of CID extension." \
Hanno Becker7dee2c62019-04-26 14:17:56 +01002016 -c "client hello, adding CID extension" \
2017 -s "found CID extension" \
Hanno Becker4bc9e9d2019-04-26 16:00:29 +01002018 -s "Use of CID extension negotiated" \
Hanno Beckera6a4c762019-04-26 16:13:31 +01002019 -s "server hello, adding CID extension" \
2020 -c "found CID extension" \
Hanno Becker9ecb6c62019-04-26 16:23:52 +01002021 -c "Use of CID extension negotiated" \
2022 -s "Copy CIDs into SSL transform" \
Hanno Beckerfcffdcc2019-04-26 17:19:46 +01002023 -c "Copy CIDs into SSL transform" \
2024 -S "Use of Connection ID has been negotiated" \
2025 -C "Use of Connection ID has been negotiated"
Hanno Becker7cf463e2019-04-09 18:08:47 +01002026
Hanno Beckera0e20d02019-05-15 14:03:01 +01002027requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01002028run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID nonempty, AES-128-CCM-8" \
Hanno Beckerf157a972019-04-25 16:05:45 +01002029 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead" \
2030 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
2031 0 \
2032 -c "Enable use of CID extension." \
Hanno Becker6b78c832019-04-25 17:01:43 +01002033 -s "Enable use of CID extension." \
Hanno Becker7dee2c62019-04-26 14:17:56 +01002034 -c "client hello, adding CID extension" \
2035 -s "found CID extension" \
Hanno Becker4bc9e9d2019-04-26 16:00:29 +01002036 -s "Use of CID extension negotiated" \
Hanno Beckera6a4c762019-04-26 16:13:31 +01002037 -s "server hello, adding CID extension" \
2038 -c "found CID extension" \
Hanno Becker9ecb6c62019-04-26 16:23:52 +01002039 -c "Use of CID extension negotiated" \
2040 -s "Copy CIDs into SSL transform" \
Hanno Becker2749a672019-05-03 17:04:23 +01002041 -c "Copy CIDs into SSL transform" \
2042 -c "Peer CID (length 2 Bytes): de ad" \
2043 -s "Peer CID (length 2 Bytes): be ef" \
2044 -s "Use of Connection ID has been negotiated" \
2045 -c "Use of Connection ID has been negotiated"
Hanno Becker7cf463e2019-04-09 18:08:47 +01002046
Hanno Beckera0e20d02019-05-15 14:03:01 +01002047requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01002048run_test "Connection ID: Cli+Srv enabled, Cli CID empty, AES-128-CCM-8" \
Hanno Beckerf157a972019-04-25 16:05:45 +01002049 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
2050 "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
2051 0 \
2052 -c "Enable use of CID extension." \
Hanno Becker6b78c832019-04-25 17:01:43 +01002053 -s "Enable use of CID extension." \
Hanno Becker7dee2c62019-04-26 14:17:56 +01002054 -c "client hello, adding CID extension" \
2055 -s "found CID extension" \
Hanno Becker4bc9e9d2019-04-26 16:00:29 +01002056 -s "Use of CID extension negotiated" \
Hanno Beckera6a4c762019-04-26 16:13:31 +01002057 -s "server hello, adding CID extension" \
2058 -c "found CID extension" \
Hanno Becker9ecb6c62019-04-26 16:23:52 +01002059 -c "Use of CID extension negotiated" \
2060 -s "Copy CIDs into SSL transform" \
Hanno Becker2749a672019-05-03 17:04:23 +01002061 -c "Copy CIDs into SSL transform" \
2062 -c "Peer CID (length 4 Bytes): de ad be ef" \
2063 -s "Peer CID (length 0 Bytes):" \
2064 -s "Use of Connection ID has been negotiated" \
2065 -c "Use of Connection ID has been negotiated"
Hanno Becker7cf463e2019-04-09 18:08:47 +01002066
Hanno Beckera0e20d02019-05-15 14:03:01 +01002067requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01002068run_test "Connection ID: Cli+Srv enabled, Srv CID empty, AES-128-CCM-8" \
Hanno Beckerf157a972019-04-25 16:05:45 +01002069 "$P_SRV debug_level=3 dtls=1 cid=1" \
2070 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
2071 0 \
2072 -c "Enable use of CID extension." \
Hanno Becker6b78c832019-04-25 17:01:43 +01002073 -s "Enable use of CID extension." \
Hanno Becker7dee2c62019-04-26 14:17:56 +01002074 -c "client hello, adding CID extension" \
2075 -s "found CID extension" \
Hanno Becker4bc9e9d2019-04-26 16:00:29 +01002076 -s "Use of CID extension negotiated" \
Hanno Beckera6a4c762019-04-26 16:13:31 +01002077 -s "server hello, adding CID extension" \
2078 -c "found CID extension" \
Hanno Becker9ecb6c62019-04-26 16:23:52 +01002079 -c "Use of CID extension negotiated" \
2080 -s "Copy CIDs into SSL transform" \
Hanno Becker2749a672019-05-03 17:04:23 +01002081 -c "Copy CIDs into SSL transform" \
2082 -s "Peer CID (length 4 Bytes): de ad be ef" \
2083 -c "Peer CID (length 0 Bytes):" \
2084 -s "Use of Connection ID has been negotiated" \
2085 -c "Use of Connection ID has been negotiated"
Hanno Becker7cf463e2019-04-09 18:08:47 +01002086
Hanno Beckera0e20d02019-05-15 14:03:01 +01002087requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01002088run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID empty, AES-128-CCM-8" \
Hanno Beckerf157a972019-04-25 16:05:45 +01002089 "$P_SRV debug_level=3 dtls=1 cid=1" \
2090 "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
2091 0 \
2092 -c "Enable use of CID extension." \
Hanno Becker6b78c832019-04-25 17:01:43 +01002093 -s "Enable use of CID extension." \
Hanno Becker7dee2c62019-04-26 14:17:56 +01002094 -c "client hello, adding CID extension" \
2095 -s "found CID extension" \
Hanno Becker4bc9e9d2019-04-26 16:00:29 +01002096 -s "Use of CID extension negotiated" \
Hanno Beckera6a4c762019-04-26 16:13:31 +01002097 -s "server hello, adding CID extension" \
2098 -c "found CID extension" \
Hanno Becker9ecb6c62019-04-26 16:23:52 +01002099 -c "Use of CID extension negotiated" \
2100 -s "Copy CIDs into SSL transform" \
Hanno Beckerfcffdcc2019-04-26 17:19:46 +01002101 -c "Copy CIDs into SSL transform" \
2102 -S "Use of Connection ID has been negotiated" \
2103 -C "Use of Connection ID has been negotiated"
Hanno Becker7cf463e2019-04-09 18:08:47 +01002104
Hanno Beckera0e20d02019-05-15 14:03:01 +01002105requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01002106run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID nonempty, AES-128-CBC" \
Hanno Beckerf157a972019-04-25 16:05:45 +01002107 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead" \
2108 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
2109 0 \
2110 -c "Enable use of CID extension." \
Hanno Becker6b78c832019-04-25 17:01:43 +01002111 -s "Enable use of CID extension." \
Hanno Becker7dee2c62019-04-26 14:17:56 +01002112 -c "client hello, adding CID extension" \
2113 -s "found CID extension" \
Hanno Becker4bc9e9d2019-04-26 16:00:29 +01002114 -s "Use of CID extension negotiated" \
Hanno Beckera6a4c762019-04-26 16:13:31 +01002115 -s "server hello, adding CID extension" \
2116 -c "found CID extension" \
Hanno Becker9ecb6c62019-04-26 16:23:52 +01002117 -c "Use of CID extension negotiated" \
2118 -s "Copy CIDs into SSL transform" \
Hanno Becker2749a672019-05-03 17:04:23 +01002119 -c "Copy CIDs into SSL transform" \
2120 -c "Peer CID (length 2 Bytes): de ad" \
2121 -s "Peer CID (length 2 Bytes): be ef" \
2122 -s "Use of Connection ID has been negotiated" \
2123 -c "Use of Connection ID has been negotiated"
Hanno Becker7cf463e2019-04-09 18:08:47 +01002124
Hanno Beckera0e20d02019-05-15 14:03:01 +01002125requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01002126run_test "Connection ID: Cli+Srv enabled, Cli CID empty, AES-128-CBC" \
Hanno Beckerf157a972019-04-25 16:05:45 +01002127 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=deadbeef" \
2128 "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
2129 0 \
2130 -c "Enable use of CID extension." \
Hanno Becker6b78c832019-04-25 17:01:43 +01002131 -s "Enable use of CID extension." \
Hanno Becker7dee2c62019-04-26 14:17:56 +01002132 -c "client hello, adding CID extension" \
2133 -s "found CID extension" \
Hanno Becker4bc9e9d2019-04-26 16:00:29 +01002134 -s "Use of CID extension negotiated" \
Hanno Beckera6a4c762019-04-26 16:13:31 +01002135 -s "server hello, adding CID extension" \
2136 -c "found CID extension" \
Hanno Becker9ecb6c62019-04-26 16:23:52 +01002137 -c "Use of CID extension negotiated" \
2138 -s "Copy CIDs into SSL transform" \
Hanno Becker2749a672019-05-03 17:04:23 +01002139 -c "Copy CIDs into SSL transform" \
2140 -c "Peer CID (length 4 Bytes): de ad be ef" \
2141 -s "Peer CID (length 0 Bytes):" \
2142 -s "Use of Connection ID has been negotiated" \
2143 -c "Use of Connection ID has been negotiated"
Hanno Becker7cf463e2019-04-09 18:08:47 +01002144
Hanno Beckera0e20d02019-05-15 14:03:01 +01002145requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01002146run_test "Connection ID: Cli+Srv enabled, Srv CID empty, AES-128-CBC" \
Hanno Beckerf157a972019-04-25 16:05:45 +01002147 "$P_SRV debug_level=3 dtls=1 cid=1" \
2148 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=deadbeef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
2149 0 \
2150 -c "Enable use of CID extension." \
Hanno Becker6b78c832019-04-25 17:01:43 +01002151 -s "Enable use of CID extension." \
Hanno Becker7dee2c62019-04-26 14:17:56 +01002152 -c "client hello, adding CID extension" \
2153 -s "found CID extension" \
Hanno Becker4bc9e9d2019-04-26 16:00:29 +01002154 -s "Use of CID extension negotiated" \
Hanno Beckera6a4c762019-04-26 16:13:31 +01002155 -s "server hello, adding CID extension" \
2156 -c "found CID extension" \
Hanno Becker9ecb6c62019-04-26 16:23:52 +01002157 -c "Use of CID extension negotiated" \
2158 -s "Copy CIDs into SSL transform" \
Hanno Becker2749a672019-05-03 17:04:23 +01002159 -c "Copy CIDs into SSL transform" \
2160 -s "Peer CID (length 4 Bytes): de ad be ef" \
2161 -c "Peer CID (length 0 Bytes):" \
2162 -s "Use of Connection ID has been negotiated" \
2163 -c "Use of Connection ID has been negotiated"
Hanno Becker7cf463e2019-04-09 18:08:47 +01002164
Hanno Beckera0e20d02019-05-15 14:03:01 +01002165requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01002166run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID empty, AES-128-CBC" \
Hanno Beckerf157a972019-04-25 16:05:45 +01002167 "$P_SRV debug_level=3 dtls=1 cid=1" \
2168 "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
2169 0 \
2170 -c "Enable use of CID extension." \
Hanno Becker6b78c832019-04-25 17:01:43 +01002171 -s "Enable use of CID extension." \
Hanno Becker7dee2c62019-04-26 14:17:56 +01002172 -c "client hello, adding CID extension" \
2173 -s "found CID extension" \
Hanno Becker4bc9e9d2019-04-26 16:00:29 +01002174 -s "Use of CID extension negotiated" \
Hanno Beckera6a4c762019-04-26 16:13:31 +01002175 -s "server hello, adding CID extension" \
2176 -c "found CID extension" \
Hanno Becker9ecb6c62019-04-26 16:23:52 +01002177 -c "Use of CID extension negotiated" \
2178 -s "Copy CIDs into SSL transform" \
Hanno Beckerfcffdcc2019-04-26 17:19:46 +01002179 -c "Copy CIDs into SSL transform" \
2180 -S "Use of Connection ID has been negotiated" \
2181 -C "Use of Connection ID has been negotiated"
Hanno Becker7cf463e2019-04-09 18:08:47 +01002182
Hanno Beckera0e20d02019-05-15 14:03:01 +01002183requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker9bae30d2019-04-23 11:52:44 +01002184requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Hanno Becker78c91372019-05-08 13:31:15 +01002185run_test "Connection ID: Cli+Srv enabled, renegotiate without change of CID" \
Hanno Beckerf157a972019-04-25 16:05:45 +01002186 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead renegotiation=1" \
2187 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef renegotiation=1 renegotiate=1" \
2188 0 \
Hanno Beckerb42ec0d2019-05-03 17:30:59 +01002189 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
2190 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
2191 -s "(initial handshake) Use of Connection ID has been negotiated" \
2192 -c "(initial handshake) Use of Connection ID has been negotiated" \
2193 -c "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
2194 -s "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
2195 -s "(after renegotiation) Use of Connection ID has been negotiated" \
2196 -c "(after renegotiation) Use of Connection ID has been negotiated"
2197
Hanno Beckera0e20d02019-05-15 14:03:01 +01002198requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Beckerb42ec0d2019-05-03 17:30:59 +01002199requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Hanno Becker78c91372019-05-08 13:31:15 +01002200run_test "Connection ID: Cli+Srv enabled, renegotiate with different CID" \
Hanno Beckerb42ec0d2019-05-03 17:30:59 +01002201 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead cid_val_renego=beef renegotiation=1" \
2202 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef cid_val_renego=dead renegotiation=1 renegotiate=1" \
2203 0 \
2204 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
2205 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
2206 -s "(initial handshake) Use of Connection ID has been negotiated" \
2207 -c "(initial handshake) Use of Connection ID has been negotiated" \
2208 -c "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
2209 -s "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
2210 -s "(after renegotiation) Use of Connection ID has been negotiated" \
2211 -c "(after renegotiation) Use of Connection ID has been negotiated"
2212
Hanno Beckera0e20d02019-05-15 14:03:01 +01002213requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Beckerb42ec0d2019-05-03 17:30:59 +01002214requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Hanno Beckerc2045b02019-05-08 16:20:46 +01002215run_test "Connection ID, no packing: Cli+Srv enabled, renegotiate with different CID" \
2216 "$P_SRV debug_level=3 dtls=1 cid=1 dgram_packing=0 cid_val=dead cid_val_renego=beef renegotiation=1" \
2217 "$P_CLI debug_level=3 dtls=1 cid=1 dgram_packing=0 cid_val=beef cid_val_renego=dead renegotiation=1 renegotiate=1" \
2218 0 \
2219 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
2220 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
2221 -s "(initial handshake) Use of Connection ID has been negotiated" \
2222 -c "(initial handshake) Use of Connection ID has been negotiated" \
2223 -c "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
2224 -s "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
2225 -s "(after renegotiation) Use of Connection ID has been negotiated" \
2226 -c "(after renegotiation) Use of Connection ID has been negotiated"
2227
Hanno Beckera0e20d02019-05-15 14:03:01 +01002228requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Beckerc2045b02019-05-08 16:20:46 +01002229requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Hanno Becker78c91372019-05-08 13:31:15 +01002230run_test "Connection ID, 3D+MTU: Cli+Srv enabled, renegotiate with different CID" \
Hanno Beckerd0ac5fa2019-05-24 10:11:23 +01002231 -p "$P_PXY mtu=800 drop=5 delay=5 duplicate=5 bad_cid=1" \
Hanno Becker78c91372019-05-08 13:31:15 +01002232 "$P_SRV debug_level=3 mtu=800 dtls=1 cid=1 cid_val=dead cid_val_renego=beef renegotiation=1" \
2233 "$P_CLI debug_level=3 mtu=800 dtls=1 cid=1 cid_val=beef cid_val_renego=dead renegotiation=1 renegotiate=1" \
2234 0 \
2235 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
2236 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
2237 -s "(initial handshake) Use of Connection ID has been negotiated" \
2238 -c "(initial handshake) Use of Connection ID has been negotiated" \
2239 -c "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
2240 -s "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
2241 -s "(after renegotiation) Use of Connection ID has been negotiated" \
Hanno Beckerd0ac5fa2019-05-24 10:11:23 +01002242 -c "(after renegotiation) Use of Connection ID has been negotiated" \
2243 -c "ignoring unexpected CID" \
2244 -s "ignoring unexpected CID"
Hanno Becker78c91372019-05-08 13:31:15 +01002245
Hanno Beckera0e20d02019-05-15 14:03:01 +01002246requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01002247requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
2248run_test "Connection ID: Cli+Srv enabled, renegotiate without CID" \
Hanno Beckerb42ec0d2019-05-03 17:30:59 +01002249 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead cid_renego=0 renegotiation=1" \
2250 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef cid_renego=0 renegotiation=1 renegotiate=1" \
2251 0 \
2252 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
2253 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
2254 -s "(initial handshake) Use of Connection ID has been negotiated" \
2255 -c "(initial handshake) Use of Connection ID has been negotiated" \
2256 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
2257 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
2258 -C "(after renegotiation) Use of Connection ID has been negotiated" \
2259 -S "(after renegotiation) Use of Connection ID has been negotiated"
2260
Hanno Beckera0e20d02019-05-15 14:03:01 +01002261requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Beckerb42ec0d2019-05-03 17:30:59 +01002262requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Hanno Beckerc2045b02019-05-08 16:20:46 +01002263run_test "Connection ID, no packing: Cli+Srv enabled, renegotiate without CID" \
2264 "$P_SRV debug_level=3 dtls=1 dgram_packing=0 cid=1 cid_val=dead cid_renego=0 renegotiation=1" \
2265 "$P_CLI debug_level=3 dtls=1 dgram_packing=0 cid=1 cid_val=beef cid_renego=0 renegotiation=1 renegotiate=1" \
2266 0 \
2267 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
2268 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
2269 -s "(initial handshake) Use of Connection ID has been negotiated" \
2270 -c "(initial handshake) Use of Connection ID has been negotiated" \
2271 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
2272 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
2273 -C "(after renegotiation) Use of Connection ID has been negotiated" \
2274 -S "(after renegotiation) Use of Connection ID has been negotiated"
2275
Hanno Beckera0e20d02019-05-15 14:03:01 +01002276requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Beckerc2045b02019-05-08 16:20:46 +01002277requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Hanno Becker78c91372019-05-08 13:31:15 +01002278run_test "Connection ID, 3D+MTU: Cli+Srv enabled, renegotiate without CID" \
Hanno Beckerd0ac5fa2019-05-24 10:11:23 +01002279 -p "$P_PXY drop=5 delay=5 duplicate=5 bad_cid=1" \
Hanno Becker78c91372019-05-08 13:31:15 +01002280 "$P_SRV debug_level=3 mtu=800 dtls=1 cid=1 cid_val=dead cid_renego=0 renegotiation=1" \
2281 "$P_CLI debug_level=3 mtu=800 dtls=1 cid=1 cid_val=beef cid_renego=0 renegotiation=1 renegotiate=1" \
2282 0 \
2283 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
2284 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
2285 -s "(initial handshake) Use of Connection ID has been negotiated" \
2286 -c "(initial handshake) Use of Connection ID has been negotiated" \
2287 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
2288 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
2289 -C "(after renegotiation) Use of Connection ID has been negotiated" \
Hanno Beckerd0ac5fa2019-05-24 10:11:23 +01002290 -S "(after renegotiation) Use of Connection ID has been negotiated" \
2291 -c "ignoring unexpected CID" \
2292 -s "ignoring unexpected CID"
Hanno Becker78c91372019-05-08 13:31:15 +01002293
Hanno Beckera0e20d02019-05-15 14:03:01 +01002294requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01002295requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
2296run_test "Connection ID: Cli+Srv enabled, CID on renegotiation" \
Hanno Beckerb42ec0d2019-05-03 17:30:59 +01002297 "$P_SRV debug_level=3 dtls=1 cid=0 cid_renego=1 cid_val_renego=dead renegotiation=1" \
2298 "$P_CLI debug_level=3 dtls=1 cid=0 cid_renego=1 cid_val_renego=beef renegotiation=1 renegotiate=1" \
2299 0 \
2300 -S "(initial handshake) Use of Connection ID has been negotiated" \
2301 -C "(initial handshake) Use of Connection ID has been negotiated" \
2302 -c "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
2303 -s "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
2304 -c "(after renegotiation) Use of Connection ID has been negotiated" \
2305 -s "(after renegotiation) Use of Connection ID has been negotiated"
2306
Hanno Beckera0e20d02019-05-15 14:03:01 +01002307requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Beckerb42ec0d2019-05-03 17:30:59 +01002308requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Hanno Beckerc2045b02019-05-08 16:20:46 +01002309run_test "Connection ID, no packing: Cli+Srv enabled, CID on renegotiation" \
2310 "$P_SRV debug_level=3 dtls=1 dgram_packing=0 cid=0 cid_renego=1 cid_val_renego=dead renegotiation=1" \
2311 "$P_CLI debug_level=3 dtls=1 dgram_packing=0 cid=0 cid_renego=1 cid_val_renego=beef renegotiation=1 renegotiate=1" \
2312 0 \
2313 -S "(initial handshake) Use of Connection ID has been negotiated" \
2314 -C "(initial handshake) Use of Connection ID has been negotiated" \
2315 -c "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
2316 -s "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
2317 -c "(after renegotiation) Use of Connection ID has been negotiated" \
2318 -s "(after renegotiation) Use of Connection ID has been negotiated"
2319
Hanno Beckera0e20d02019-05-15 14:03:01 +01002320requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Beckerc2045b02019-05-08 16:20:46 +01002321requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Hanno Becker78c91372019-05-08 13:31:15 +01002322run_test "Connection ID, 3D+MTU: Cli+Srv enabled, CID on renegotiation" \
Hanno Beckerd0ac5fa2019-05-24 10:11:23 +01002323 -p "$P_PXY mtu=800 drop=5 delay=5 duplicate=5 bad_cid=1" \
Hanno Becker78c91372019-05-08 13:31:15 +01002324 "$P_SRV debug_level=3 mtu=800 dtls=1 dgram_packing=1 cid=0 cid_renego=1 cid_val_renego=dead renegotiation=1" \
2325 "$P_CLI debug_level=3 mtu=800 dtls=1 dgram_packing=1 cid=0 cid_renego=1 cid_val_renego=beef renegotiation=1 renegotiate=1" \
2326 0 \
2327 -S "(initial handshake) Use of Connection ID has been negotiated" \
2328 -C "(initial handshake) Use of Connection ID has been negotiated" \
2329 -c "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
2330 -s "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
2331 -c "(after renegotiation) Use of Connection ID has been negotiated" \
Hanno Beckerd0ac5fa2019-05-24 10:11:23 +01002332 -s "(after renegotiation) Use of Connection ID has been negotiated" \
2333 -c "ignoring unexpected CID" \
2334 -s "ignoring unexpected CID"
Hanno Becker78c91372019-05-08 13:31:15 +01002335
Hanno Beckera0e20d02019-05-15 14:03:01 +01002336requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01002337requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
2338run_test "Connection ID: Cli+Srv enabled, Cli disables on renegotiation" \
Hanno Beckerb42ec0d2019-05-03 17:30:59 +01002339 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead renegotiation=1" \
2340 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef cid_renego=0 renegotiation=1 renegotiate=1" \
2341 0 \
2342 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
2343 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
2344 -s "(initial handshake) Use of Connection ID has been negotiated" \
2345 -c "(initial handshake) Use of Connection ID has been negotiated" \
2346 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
2347 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
2348 -C "(after renegotiation) Use of Connection ID has been negotiated" \
2349 -S "(after renegotiation) Use of Connection ID has been negotiated" \
2350 -s "(after renegotiation) Use of Connection ID was not offered by client"
2351
Hanno Beckera0e20d02019-05-15 14:03:01 +01002352requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Beckerb42ec0d2019-05-03 17:30:59 +01002353requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Hanno Becker78c91372019-05-08 13:31:15 +01002354run_test "Connection ID, 3D: Cli+Srv enabled, Cli disables on renegotiation" \
Hanno Beckerd0ac5fa2019-05-24 10:11:23 +01002355 -p "$P_PXY drop=5 delay=5 duplicate=5 bad_cid=1" \
Hanno Becker78c91372019-05-08 13:31:15 +01002356 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead renegotiation=1" \
2357 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef cid_renego=0 renegotiation=1 renegotiate=1" \
2358 0 \
2359 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
2360 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
2361 -s "(initial handshake) Use of Connection ID has been negotiated" \
2362 -c "(initial handshake) Use of Connection ID has been negotiated" \
2363 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
2364 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
2365 -C "(after renegotiation) Use of Connection ID has been negotiated" \
2366 -S "(after renegotiation) Use of Connection ID has been negotiated" \
Hanno Beckerd0ac5fa2019-05-24 10:11:23 +01002367 -s "(after renegotiation) Use of Connection ID was not offered by client" \
2368 -c "ignoring unexpected CID" \
2369 -s "ignoring unexpected CID"
Hanno Becker78c91372019-05-08 13:31:15 +01002370
Hanno Beckera0e20d02019-05-15 14:03:01 +01002371requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01002372requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
2373run_test "Connection ID: Cli+Srv enabled, Srv disables on renegotiation" \
2374 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead cid_renego=0 renegotiation=1" \
2375 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef renegotiation=1 renegotiate=1" \
2376 0 \
2377 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
2378 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
2379 -s "(initial handshake) Use of Connection ID has been negotiated" \
2380 -c "(initial handshake) Use of Connection ID has been negotiated" \
2381 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
2382 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
2383 -C "(after renegotiation) Use of Connection ID has been negotiated" \
2384 -S "(after renegotiation) Use of Connection ID has been negotiated" \
2385 -c "(after renegotiation) Use of Connection ID was rejected by the server"
2386
Hanno Beckera0e20d02019-05-15 14:03:01 +01002387requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
Hanno Becker78c91372019-05-08 13:31:15 +01002388requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
2389run_test "Connection ID, 3D: Cli+Srv enabled, Srv disables on renegotiation" \
Hanno Beckerd0ac5fa2019-05-24 10:11:23 +01002390 -p "$P_PXY drop=5 delay=5 duplicate=5 bad_cid=1" \
Hanno Beckerb42ec0d2019-05-03 17:30:59 +01002391 "$P_SRV debug_level=3 dtls=1 cid=1 cid_val=dead cid_renego=0 renegotiation=1" \
2392 "$P_CLI debug_level=3 dtls=1 cid=1 cid_val=beef renegotiation=1 renegotiate=1" \
2393 0 \
2394 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
2395 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
2396 -s "(initial handshake) Use of Connection ID has been negotiated" \
2397 -c "(initial handshake) Use of Connection ID has been negotiated" \
2398 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
2399 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
2400 -C "(after renegotiation) Use of Connection ID has been negotiated" \
2401 -S "(after renegotiation) Use of Connection ID has been negotiated" \
Hanno Beckerd0ac5fa2019-05-24 10:11:23 +01002402 -c "(after renegotiation) Use of Connection ID was rejected by the server" \
2403 -c "ignoring unexpected CID" \
2404 -s "ignoring unexpected CID"
Hanno Becker7cf463e2019-04-09 18:08:47 +01002405
Andrzej Kurekb6577832020-06-08 07:08:03 -04002406requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
2407requires_config_enabled MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
2408run_test "Connection ID: Cli+Srv enabled, variable buffer lengths, MFL=512" \
2409 "$P_SRV dtls=1 cid=1 cid_val=dead debug_level=2" \
2410 "$P_CLI force_ciphersuite="TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" max_frag_len=512 dtls=1 cid=1 cid_val=beef" \
2411 0 \
2412 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
2413 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
2414 -s "(initial handshake) Use of Connection ID has been negotiated" \
2415 -c "(initial handshake) Use of Connection ID has been negotiated" \
2416 -s "Reallocating in_buf" \
2417 -s "Reallocating out_buf"
2418
2419requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
2420requires_config_enabled MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
2421run_test "Connection ID: Cli+Srv enabled, variable buffer lengths, MFL=1024" \
2422 "$P_SRV dtls=1 cid=1 cid_val=dead debug_level=2" \
2423 "$P_CLI force_ciphersuite="TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" max_frag_len=1024 dtls=1 cid=1 cid_val=beef" \
2424 0 \
2425 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
2426 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
2427 -s "(initial handshake) Use of Connection ID has been negotiated" \
2428 -c "(initial handshake) Use of Connection ID has been negotiated" \
2429 -s "Reallocating in_buf" \
2430 -s "Reallocating out_buf"
2431
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01002432# Tests for Encrypt-then-MAC extension
2433
2434run_test "Encrypt then MAC: default" \
Manuel Pégourié-Gonnard0098e7d2014-10-28 13:08:59 +01002435 "$P_SRV debug_level=3 \
2436 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01002437 "$P_CLI debug_level=3" \
2438 0 \
2439 -c "client hello, adding encrypt_then_mac extension" \
2440 -s "found encrypt then mac extension" \
2441 -s "server hello, adding encrypt then mac extension" \
2442 -c "found encrypt_then_mac extension" \
2443 -c "using encrypt then mac" \
2444 -s "using encrypt then mac"
2445
2446run_test "Encrypt then MAC: client enabled, server disabled" \
Manuel Pégourié-Gonnard0098e7d2014-10-28 13:08:59 +01002447 "$P_SRV debug_level=3 etm=0 \
2448 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01002449 "$P_CLI debug_level=3 etm=1" \
2450 0 \
2451 -c "client hello, adding encrypt_then_mac extension" \
2452 -s "found encrypt then mac extension" \
2453 -S "server hello, adding encrypt then mac extension" \
2454 -C "found encrypt_then_mac extension" \
2455 -C "using encrypt then mac" \
2456 -S "using encrypt then mac"
2457
Manuel Pégourié-Gonnard78e745f2014-11-04 15:44:06 +01002458run_test "Encrypt then MAC: client enabled, aead cipher" \
2459 "$P_SRV debug_level=3 etm=1 \
2460 force_ciphersuite=TLS-RSA-WITH-AES-128-GCM-SHA256" \
2461 "$P_CLI debug_level=3 etm=1" \
2462 0 \
2463 -c "client hello, adding encrypt_then_mac extension" \
2464 -s "found encrypt then mac extension" \
2465 -S "server hello, adding encrypt then mac extension" \
2466 -C "found encrypt_then_mac extension" \
2467 -C "using encrypt then mac" \
2468 -S "using encrypt then mac"
2469
2470run_test "Encrypt then MAC: client enabled, stream cipher" \
2471 "$P_SRV debug_level=3 etm=1 \
2472 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01002473 "$P_CLI debug_level=3 etm=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnard78e745f2014-11-04 15:44:06 +01002474 0 \
2475 -c "client hello, adding encrypt_then_mac extension" \
2476 -s "found encrypt then mac extension" \
2477 -S "server hello, adding encrypt then mac extension" \
2478 -C "found encrypt_then_mac extension" \
2479 -C "using encrypt then mac" \
2480 -S "using encrypt then mac"
2481
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01002482run_test "Encrypt then MAC: client disabled, server enabled" \
Manuel Pégourié-Gonnard0098e7d2014-10-28 13:08:59 +01002483 "$P_SRV debug_level=3 etm=1 \
2484 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01002485 "$P_CLI debug_level=3 etm=0" \
2486 0 \
2487 -C "client hello, adding encrypt_then_mac extension" \
2488 -S "found encrypt then mac extension" \
2489 -S "server hello, adding encrypt then mac extension" \
2490 -C "found encrypt_then_mac extension" \
2491 -C "using encrypt then mac" \
2492 -S "using encrypt then mac"
2493
Janos Follathe2681a42016-03-07 15:57:05 +00002494requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01002495run_test "Encrypt then MAC: client SSLv3, server enabled" \
Manuel Pégourié-Gonnard51d81662015-01-14 17:20:46 +01002496 "$P_SRV debug_level=3 min_version=ssl3 \
Manuel Pégourié-Gonnard0098e7d2014-10-28 13:08:59 +01002497 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01002498 "$P_CLI debug_level=3 force_version=ssl3" \
2499 0 \
2500 -C "client hello, adding encrypt_then_mac extension" \
2501 -S "found encrypt then mac extension" \
2502 -S "server hello, adding encrypt then mac extension" \
2503 -C "found encrypt_then_mac extension" \
2504 -C "using encrypt then mac" \
2505 -S "using encrypt then mac"
2506
Janos Follathe2681a42016-03-07 15:57:05 +00002507requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01002508run_test "Encrypt then MAC: client enabled, server SSLv3" \
Manuel Pégourié-Gonnard0098e7d2014-10-28 13:08:59 +01002509 "$P_SRV debug_level=3 force_version=ssl3 \
2510 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
Manuel Pégourié-Gonnard51d81662015-01-14 17:20:46 +01002511 "$P_CLI debug_level=3 min_version=ssl3" \
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01002512 0 \
2513 -c "client hello, adding encrypt_then_mac extension" \
Janos Follath00efff72016-05-06 13:48:23 +01002514 -S "found encrypt then mac extension" \
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01002515 -S "server hello, adding encrypt then mac extension" \
2516 -C "found encrypt_then_mac extension" \
2517 -C "using encrypt then mac" \
2518 -S "using encrypt then mac"
2519
Manuel Pégourié-Gonnard367381f2014-10-20 18:40:56 +02002520# Tests for Extended Master Secret extension
2521
2522run_test "Extended Master Secret: default" \
2523 "$P_SRV debug_level=3" \
2524 "$P_CLI debug_level=3" \
2525 0 \
2526 -c "client hello, adding extended_master_secret extension" \
2527 -s "found extended master secret extension" \
2528 -s "server hello, adding extended master secret extension" \
2529 -c "found extended_master_secret extension" \
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02002530 -c "session hash for extended master secret" \
2531 -s "session hash for extended master secret"
Manuel Pégourié-Gonnard367381f2014-10-20 18:40:56 +02002532
2533run_test "Extended Master Secret: client enabled, server disabled" \
2534 "$P_SRV debug_level=3 extended_ms=0" \
2535 "$P_CLI debug_level=3 extended_ms=1" \
2536 0 \
2537 -c "client hello, adding extended_master_secret extension" \
2538 -s "found extended master secret extension" \
2539 -S "server hello, adding extended master secret extension" \
2540 -C "found extended_master_secret extension" \
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02002541 -C "session hash for extended master secret" \
2542 -S "session hash for extended master secret"
Manuel Pégourié-Gonnard367381f2014-10-20 18:40:56 +02002543
2544run_test "Extended Master Secret: client disabled, server enabled" \
2545 "$P_SRV debug_level=3 extended_ms=1" \
2546 "$P_CLI debug_level=3 extended_ms=0" \
2547 0 \
2548 -C "client hello, adding extended_master_secret extension" \
2549 -S "found extended master secret extension" \
2550 -S "server hello, adding extended master secret extension" \
2551 -C "found extended_master_secret extension" \
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02002552 -C "session hash for extended master secret" \
2553 -S "session hash for extended master secret"
Manuel Pégourié-Gonnard367381f2014-10-20 18:40:56 +02002554
Janos Follathe2681a42016-03-07 15:57:05 +00002555requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Manuel Pégourié-Gonnardb575b542014-10-24 15:12:31 +02002556run_test "Extended Master Secret: client SSLv3, server enabled" \
Manuel Pégourié-Gonnard51d81662015-01-14 17:20:46 +01002557 "$P_SRV debug_level=3 min_version=ssl3" \
Manuel Pégourié-Gonnardb575b542014-10-24 15:12:31 +02002558 "$P_CLI debug_level=3 force_version=ssl3" \
2559 0 \
2560 -C "client hello, adding extended_master_secret extension" \
2561 -S "found extended master secret extension" \
2562 -S "server hello, adding extended master secret extension" \
2563 -C "found extended_master_secret extension" \
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02002564 -C "session hash for extended master secret" \
2565 -S "session hash for extended master secret"
Manuel Pégourié-Gonnardb575b542014-10-24 15:12:31 +02002566
Janos Follathe2681a42016-03-07 15:57:05 +00002567requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Manuel Pégourié-Gonnardb575b542014-10-24 15:12:31 +02002568run_test "Extended Master Secret: client enabled, server SSLv3" \
2569 "$P_SRV debug_level=3 force_version=ssl3" \
Manuel Pégourié-Gonnard51d81662015-01-14 17:20:46 +01002570 "$P_CLI debug_level=3 min_version=ssl3" \
Manuel Pégourié-Gonnardb575b542014-10-24 15:12:31 +02002571 0 \
2572 -c "client hello, adding extended_master_secret extension" \
Janos Follath00efff72016-05-06 13:48:23 +01002573 -S "found extended master secret extension" \
Manuel Pégourié-Gonnardb575b542014-10-24 15:12:31 +02002574 -S "server hello, adding extended master secret extension" \
2575 -C "found extended_master_secret extension" \
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02002576 -C "session hash for extended master secret" \
2577 -S "session hash for extended master secret"
Manuel Pégourié-Gonnardb575b542014-10-24 15:12:31 +02002578
Manuel Pégourié-Gonnard1cbd39d2014-10-20 13:34:59 +02002579# Tests for FALLBACK_SCSV
2580
2581run_test "Fallback SCSV: default" \
Manuel Pégourié-Gonnard4268ae02015-08-04 12:44:10 +02002582 "$P_SRV debug_level=2" \
Manuel Pégourié-Gonnard1cbd39d2014-10-20 13:34:59 +02002583 "$P_CLI debug_level=3 force_version=tls1_1" \
2584 0 \
2585 -C "adding FALLBACK_SCSV" \
Manuel Pégourié-Gonnard01b26992014-10-20 14:05:28 +02002586 -S "received FALLBACK_SCSV" \
2587 -S "inapropriate fallback" \
Manuel Pégourié-Gonnard1cbd39d2014-10-20 13:34:59 +02002588 -C "is a fatal alert message (msg 86)"
2589
2590run_test "Fallback SCSV: explicitly disabled" \
Manuel Pégourié-Gonnard4268ae02015-08-04 12:44:10 +02002591 "$P_SRV debug_level=2" \
Manuel Pégourié-Gonnard1cbd39d2014-10-20 13:34:59 +02002592 "$P_CLI debug_level=3 force_version=tls1_1 fallback=0" \
2593 0 \
2594 -C "adding FALLBACK_SCSV" \
Manuel Pégourié-Gonnard01b26992014-10-20 14:05:28 +02002595 -S "received FALLBACK_SCSV" \
2596 -S "inapropriate fallback" \
Manuel Pégourié-Gonnard1cbd39d2014-10-20 13:34:59 +02002597 -C "is a fatal alert message (msg 86)"
2598
2599run_test "Fallback SCSV: enabled" \
Manuel Pégourié-Gonnard4268ae02015-08-04 12:44:10 +02002600 "$P_SRV debug_level=2" \
Manuel Pégourié-Gonnard1cbd39d2014-10-20 13:34:59 +02002601 "$P_CLI debug_level=3 force_version=tls1_1 fallback=1" \
Manuel Pégourié-Gonnard01b26992014-10-20 14:05:28 +02002602 1 \
2603 -c "adding FALLBACK_SCSV" \
2604 -s "received FALLBACK_SCSV" \
2605 -s "inapropriate fallback" \
2606 -c "is a fatal alert message (msg 86)"
2607
2608run_test "Fallback SCSV: enabled, max version" \
Manuel Pégourié-Gonnard4268ae02015-08-04 12:44:10 +02002609 "$P_SRV debug_level=2" \
Manuel Pégourié-Gonnard01b26992014-10-20 14:05:28 +02002610 "$P_CLI debug_level=3 fallback=1" \
Manuel Pégourié-Gonnard1cbd39d2014-10-20 13:34:59 +02002611 0 \
2612 -c "adding FALLBACK_SCSV" \
Manuel Pégourié-Gonnard01b26992014-10-20 14:05:28 +02002613 -s "received FALLBACK_SCSV" \
2614 -S "inapropriate fallback" \
Manuel Pégourié-Gonnard1cbd39d2014-10-20 13:34:59 +02002615 -C "is a fatal alert message (msg 86)"
2616
2617requires_openssl_with_fallback_scsv
2618run_test "Fallback SCSV: default, openssl server" \
2619 "$O_SRV" \
2620 "$P_CLI debug_level=3 force_version=tls1_1 fallback=0" \
2621 0 \
2622 -C "adding FALLBACK_SCSV" \
2623 -C "is a fatal alert message (msg 86)"
2624
2625requires_openssl_with_fallback_scsv
2626run_test "Fallback SCSV: enabled, openssl server" \
2627 "$O_SRV" \
2628 "$P_CLI debug_level=3 force_version=tls1_1 fallback=1" \
2629 1 \
2630 -c "adding FALLBACK_SCSV" \
2631 -c "is a fatal alert message (msg 86)"
2632
Manuel Pégourié-Gonnard01b26992014-10-20 14:05:28 +02002633requires_openssl_with_fallback_scsv
2634run_test "Fallback SCSV: disabled, openssl client" \
Manuel Pégourié-Gonnard4268ae02015-08-04 12:44:10 +02002635 "$P_SRV debug_level=2" \
Manuel Pégourié-Gonnard01b26992014-10-20 14:05:28 +02002636 "$O_CLI -tls1_1" \
2637 0 \
2638 -S "received FALLBACK_SCSV" \
2639 -S "inapropriate fallback"
2640
2641requires_openssl_with_fallback_scsv
2642run_test "Fallback SCSV: enabled, openssl client" \
Manuel Pégourié-Gonnard4268ae02015-08-04 12:44:10 +02002643 "$P_SRV debug_level=2" \
Manuel Pégourié-Gonnard01b26992014-10-20 14:05:28 +02002644 "$O_CLI -tls1_1 -fallback_scsv" \
2645 1 \
2646 -s "received FALLBACK_SCSV" \
2647 -s "inapropriate fallback"
2648
2649requires_openssl_with_fallback_scsv
2650run_test "Fallback SCSV: enabled, max version, openssl client" \
Manuel Pégourié-Gonnard4268ae02015-08-04 12:44:10 +02002651 "$P_SRV debug_level=2" \
Manuel Pégourié-Gonnard01b26992014-10-20 14:05:28 +02002652 "$O_CLI -fallback_scsv" \
2653 0 \
2654 -s "received FALLBACK_SCSV" \
2655 -S "inapropriate fallback"
2656
Andres Amaya Garcia4c761fa2018-07-10 20:08:04 +01002657# Test sending and receiving empty application data records
2658
2659run_test "Encrypt then MAC: empty application data record" \
2660 "$P_SRV auth_mode=none debug_level=4 etm=1" \
2661 "$P_CLI auth_mode=none etm=1 request_size=0 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
2662 0 \
2663 -S "0000: 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f" \
2664 -s "dumping 'input payload after decrypt' (0 bytes)" \
2665 -c "0 bytes written in 1 fragments"
2666
Manuel Pégourié-Gonnard9e2c80f2020-03-24 10:53:39 +01002667run_test "Encrypt then MAC: disabled, empty application data record" \
Andres Amaya Garcia4c761fa2018-07-10 20:08:04 +01002668 "$P_SRV auth_mode=none debug_level=4 etm=0" \
2669 "$P_CLI auth_mode=none etm=0 request_size=0" \
2670 0 \
2671 -s "dumping 'input payload after decrypt' (0 bytes)" \
2672 -c "0 bytes written in 1 fragments"
2673
2674run_test "Encrypt then MAC, DTLS: empty application data record" \
2675 "$P_SRV auth_mode=none debug_level=4 etm=1 dtls=1" \
2676 "$P_CLI auth_mode=none etm=1 request_size=0 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA dtls=1" \
2677 0 \
2678 -S "0000: 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f" \
2679 -s "dumping 'input payload after decrypt' (0 bytes)" \
2680 -c "0 bytes written in 1 fragments"
2681
Manuel Pégourié-Gonnard9e2c80f2020-03-24 10:53:39 +01002682run_test "Encrypt then MAC, DTLS: disabled, empty application data record" \
Andres Amaya Garcia4c761fa2018-07-10 20:08:04 +01002683 "$P_SRV auth_mode=none debug_level=4 etm=0 dtls=1" \
2684 "$P_CLI auth_mode=none etm=0 request_size=0 dtls=1" \
2685 0 \
2686 -s "dumping 'input payload after decrypt' (0 bytes)" \
2687 -c "0 bytes written in 1 fragments"
2688
Gilles Peskined50177f2017-05-16 17:53:03 +02002689## ClientHello generated with
2690## "openssl s_client -CAfile tests/data_files/test-ca.crt -tls1_1 -connect localhost:4433 -cipher ..."
2691## then manually twiddling the ciphersuite list.
2692## The ClientHello content is spelled out below as a hex string as
2693## "prefix ciphersuite1 ciphersuite2 ciphersuite3 ciphersuite4 suffix".
2694## The expected response is an inappropriate_fallback alert.
2695requires_openssl_with_fallback_scsv
2696run_test "Fallback SCSV: beginning of list" \
2697 "$P_SRV debug_level=2" \
2698 "$TCP_CLIENT localhost $SRV_PORT '160301003e0100003a03022aafb94308dc22ca1086c65acc00e414384d76b61ecab37df1633b1ae1034dbe000008 5600 0031 0032 0033 0100000900230000000f000101' '15030200020256'" \
2699 0 \
2700 -s "received FALLBACK_SCSV" \
2701 -s "inapropriate fallback"
2702
2703requires_openssl_with_fallback_scsv
2704run_test "Fallback SCSV: end of list" \
2705 "$P_SRV debug_level=2" \
2706 "$TCP_CLIENT localhost $SRV_PORT '160301003e0100003a03022aafb94308dc22ca1086c65acc00e414384d76b61ecab37df1633b1ae1034dbe000008 0031 0032 0033 5600 0100000900230000000f000101' '15030200020256'" \
2707 0 \
2708 -s "received FALLBACK_SCSV" \
2709 -s "inapropriate fallback"
2710
2711## Here the expected response is a valid ServerHello prefix, up to the random.
2712requires_openssl_with_fallback_scsv
2713run_test "Fallback SCSV: not in list" \
2714 "$P_SRV debug_level=2" \
2715 "$TCP_CLIENT localhost $SRV_PORT '160301003e0100003a03022aafb94308dc22ca1086c65acc00e414384d76b61ecab37df1633b1ae1034dbe000008 0056 0031 0032 0033 0100000900230000000f000101' '16030200300200002c0302'" \
2716 0 \
2717 -S "received FALLBACK_SCSV" \
2718 -S "inapropriate fallback"
2719
Manuel Pégourié-Gonnard3ff78232015-01-08 11:15:09 +01002720# Tests for CBC 1/n-1 record splitting
2721
2722run_test "CBC Record splitting: TLS 1.2, no splitting" \
2723 "$P_SRV" \
2724 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \
2725 request_size=123 force_version=tls1_2" \
2726 0 \
2727 -s "Read from client: 123 bytes read" \
2728 -S "Read from client: 1 bytes read" \
2729 -S "122 bytes read"
2730
2731run_test "CBC Record splitting: TLS 1.1, no splitting" \
2732 "$P_SRV" \
2733 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \
2734 request_size=123 force_version=tls1_1" \
2735 0 \
2736 -s "Read from client: 123 bytes read" \
2737 -S "Read from client: 1 bytes read" \
2738 -S "122 bytes read"
2739
2740run_test "CBC Record splitting: TLS 1.0, splitting" \
2741 "$P_SRV" \
2742 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \
2743 request_size=123 force_version=tls1" \
2744 0 \
2745 -S "Read from client: 123 bytes read" \
2746 -s "Read from client: 1 bytes read" \
2747 -s "122 bytes read"
2748
Janos Follathe2681a42016-03-07 15:57:05 +00002749requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Manuel Pégourié-Gonnard3ff78232015-01-08 11:15:09 +01002750run_test "CBC Record splitting: SSLv3, splitting" \
Manuel Pégourié-Gonnard51d81662015-01-14 17:20:46 +01002751 "$P_SRV min_version=ssl3" \
Manuel Pégourié-Gonnard3ff78232015-01-08 11:15:09 +01002752 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \
2753 request_size=123 force_version=ssl3" \
2754 0 \
2755 -S "Read from client: 123 bytes read" \
2756 -s "Read from client: 1 bytes read" \
2757 -s "122 bytes read"
2758
2759run_test "CBC Record splitting: TLS 1.0 RC4, no splitting" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01002760 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnard3ff78232015-01-08 11:15:09 +01002761 "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
2762 request_size=123 force_version=tls1" \
2763 0 \
2764 -s "Read from client: 123 bytes read" \
2765 -S "Read from client: 1 bytes read" \
2766 -S "122 bytes read"
2767
2768run_test "CBC Record splitting: TLS 1.0, splitting disabled" \
2769 "$P_SRV" \
2770 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \
2771 request_size=123 force_version=tls1 recsplit=0" \
2772 0 \
2773 -s "Read from client: 123 bytes read" \
2774 -S "Read from client: 1 bytes read" \
2775 -S "122 bytes read"
2776
Manuel Pégourié-Gonnarda852cf42015-01-13 20:56:15 +01002777run_test "CBC Record splitting: TLS 1.0, splitting, nbio" \
2778 "$P_SRV nbio=2" \
2779 "$P_CLI nbio=2 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \
2780 request_size=123 force_version=tls1" \
2781 0 \
2782 -S "Read from client: 123 bytes read" \
2783 -s "Read from client: 1 bytes read" \
2784 -s "122 bytes read"
2785
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01002786# Tests for Session Tickets
2787
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002788run_test "Session resume using tickets: basic" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002789 "$P_SRV debug_level=3 tickets=1" \
2790 "$P_CLI debug_level=3 tickets=1 reconnect=1" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +01002791 0 \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +01002792 -c "client hello, adding session ticket extension" \
2793 -s "found session ticket extension" \
2794 -s "server hello, adding session ticket extension" \
2795 -c "found session_ticket extension" \
2796 -c "parse new session ticket" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +01002797 -S "session successfully restored from cache" \
2798 -s "session successfully restored from ticket" \
2799 -s "a session has been resumed" \
2800 -c "a session has been resumed"
2801
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002802run_test "Session resume using tickets: cache disabled" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002803 "$P_SRV debug_level=3 tickets=1 cache_max=0" \
2804 "$P_CLI debug_level=3 tickets=1 reconnect=1" \
Manuel Pégourié-Gonnarddbe1ee12014-02-21 09:18:13 +01002805 0 \
2806 -c "client hello, adding session ticket extension" \
2807 -s "found session ticket extension" \
2808 -s "server hello, adding session ticket extension" \
2809 -c "found session_ticket extension" \
2810 -c "parse new session ticket" \
2811 -S "session successfully restored from cache" \
2812 -s "session successfully restored from ticket" \
2813 -s "a session has been resumed" \
2814 -c "a session has been resumed"
2815
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002816run_test "Session resume using tickets: timeout" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002817 "$P_SRV debug_level=3 tickets=1 cache_max=0 ticket_timeout=1" \
2818 "$P_CLI debug_level=3 tickets=1 reconnect=1 reco_delay=2" \
Manuel Pégourié-Gonnarddbe1ee12014-02-21 09:18:13 +01002819 0 \
2820 -c "client hello, adding session ticket extension" \
2821 -s "found session ticket extension" \
2822 -s "server hello, adding session ticket extension" \
2823 -c "found session_ticket extension" \
2824 -c "parse new session ticket" \
2825 -S "session successfully restored from cache" \
2826 -S "session successfully restored from ticket" \
2827 -S "a session has been resumed" \
2828 -C "a session has been resumed"
2829
Manuel Pégourié-Gonnarda7c37652019-05-20 12:46:26 +02002830run_test "Session resume using tickets: session copy" \
2831 "$P_SRV debug_level=3 tickets=1 cache_max=0" \
2832 "$P_CLI debug_level=3 tickets=1 reconnect=1 reco_mode=0" \
2833 0 \
2834 -c "client hello, adding session ticket extension" \
2835 -s "found session ticket extension" \
2836 -s "server hello, adding session ticket extension" \
2837 -c "found session_ticket extension" \
2838 -c "parse new session ticket" \
2839 -S "session successfully restored from cache" \
2840 -s "session successfully restored from ticket" \
2841 -s "a session has been resumed" \
2842 -c "a session has been resumed"
2843
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002844run_test "Session resume using tickets: openssl server" \
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +01002845 "$O_SRV" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002846 "$P_CLI debug_level=3 tickets=1 reconnect=1" \
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +01002847 0 \
2848 -c "client hello, adding session ticket extension" \
2849 -c "found session_ticket extension" \
2850 -c "parse new session ticket" \
2851 -c "a session has been resumed"
2852
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002853run_test "Session resume using tickets: openssl client" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002854 "$P_SRV debug_level=3 tickets=1" \
Manuel Pégourié-Gonnardbc3b16c2014-05-28 23:06:50 +02002855 "( $O_CLI -sess_out $SESSION; \
2856 $O_CLI -sess_in $SESSION; \
2857 rm -f $SESSION )" \
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +01002858 0 \
2859 -s "found session ticket extension" \
2860 -s "server hello, adding session ticket extension" \
2861 -S "session successfully restored from cache" \
2862 -s "session successfully restored from ticket" \
2863 -s "a session has been resumed"
2864
Hanno Becker1d739932018-08-21 13:55:22 +01002865# Tests for Session Tickets with DTLS
2866
2867run_test "Session resume using tickets, DTLS: basic" \
2868 "$P_SRV debug_level=3 dtls=1 tickets=1" \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +01002869 "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1 skip_close_notify=1" \
Hanno Becker1d739932018-08-21 13:55:22 +01002870 0 \
2871 -c "client hello, adding session ticket extension" \
2872 -s "found session ticket extension" \
2873 -s "server hello, adding session ticket extension" \
2874 -c "found session_ticket extension" \
2875 -c "parse new session ticket" \
2876 -S "session successfully restored from cache" \
2877 -s "session successfully restored from ticket" \
2878 -s "a session has been resumed" \
2879 -c "a session has been resumed"
2880
2881run_test "Session resume using tickets, DTLS: cache disabled" \
2882 "$P_SRV debug_level=3 dtls=1 tickets=1 cache_max=0" \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +01002883 "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1 skip_close_notify=1" \
Hanno Becker1d739932018-08-21 13:55:22 +01002884 0 \
2885 -c "client hello, adding session ticket extension" \
2886 -s "found session ticket extension" \
2887 -s "server hello, adding session ticket extension" \
2888 -c "found session_ticket extension" \
2889 -c "parse new session ticket" \
2890 -S "session successfully restored from cache" \
2891 -s "session successfully restored from ticket" \
2892 -s "a session has been resumed" \
2893 -c "a session has been resumed"
2894
2895run_test "Session resume using tickets, DTLS: timeout" \
2896 "$P_SRV debug_level=3 dtls=1 tickets=1 cache_max=0 ticket_timeout=1" \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +01002897 "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1 skip_close_notify=1 reco_delay=2" \
Hanno Becker1d739932018-08-21 13:55:22 +01002898 0 \
2899 -c "client hello, adding session ticket extension" \
2900 -s "found session ticket extension" \
2901 -s "server hello, adding session ticket extension" \
2902 -c "found session_ticket extension" \
2903 -c "parse new session ticket" \
2904 -S "session successfully restored from cache" \
2905 -S "session successfully restored from ticket" \
2906 -S "a session has been resumed" \
2907 -C "a session has been resumed"
2908
Manuel Pégourié-Gonnarda7c37652019-05-20 12:46:26 +02002909run_test "Session resume using tickets, DTLS: session copy" \
2910 "$P_SRV debug_level=3 dtls=1 tickets=1 cache_max=0" \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +01002911 "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1 skip_close_notify=1 reco_mode=0" \
Manuel Pégourié-Gonnarda7c37652019-05-20 12:46:26 +02002912 0 \
2913 -c "client hello, adding session ticket extension" \
2914 -s "found session ticket extension" \
2915 -s "server hello, adding session ticket extension" \
2916 -c "found session_ticket extension" \
2917 -c "parse new session ticket" \
2918 -S "session successfully restored from cache" \
2919 -s "session successfully restored from ticket" \
2920 -s "a session has been resumed" \
2921 -c "a session has been resumed"
2922
Hanno Becker1d739932018-08-21 13:55:22 +01002923run_test "Session resume using tickets, DTLS: openssl server" \
2924 "$O_SRV -dtls1" \
2925 "$P_CLI dtls=1 debug_level=3 tickets=1 reconnect=1" \
2926 0 \
2927 -c "client hello, adding session ticket extension" \
2928 -c "found session_ticket extension" \
2929 -c "parse new session ticket" \
2930 -c "a session has been resumed"
2931
2932run_test "Session resume using tickets, DTLS: openssl client" \
2933 "$P_SRV dtls=1 debug_level=3 tickets=1" \
2934 "( $O_CLI -dtls1 -sess_out $SESSION; \
2935 $O_CLI -dtls1 -sess_in $SESSION; \
2936 rm -f $SESSION )" \
2937 0 \
2938 -s "found session ticket extension" \
2939 -s "server hello, adding session ticket extension" \
2940 -S "session successfully restored from cache" \
2941 -s "session successfully restored from ticket" \
2942 -s "a session has been resumed"
2943
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +01002944# Tests for Session Resume based on session-ID and cache
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01002945
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002946run_test "Session resume using cache: tickets enabled on client" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002947 "$P_SRV debug_level=3 tickets=0" \
2948 "$P_CLI debug_level=3 tickets=1 reconnect=1" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +01002949 0 \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +01002950 -c "client hello, adding session ticket extension" \
2951 -s "found session ticket extension" \
2952 -S "server hello, adding session ticket extension" \
2953 -C "found session_ticket extension" \
2954 -C "parse new session ticket" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +01002955 -s "session successfully restored from cache" \
2956 -S "session successfully restored from ticket" \
2957 -s "a session has been resumed" \
2958 -c "a session has been resumed"
2959
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002960run_test "Session resume using cache: tickets enabled on server" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002961 "$P_SRV debug_level=3 tickets=1" \
2962 "$P_CLI debug_level=3 tickets=0 reconnect=1" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +01002963 0 \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +01002964 -C "client hello, adding session ticket extension" \
2965 -S "found session ticket extension" \
2966 -S "server hello, adding session ticket extension" \
2967 -C "found session_ticket extension" \
2968 -C "parse new session ticket" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +01002969 -s "session successfully restored from cache" \
2970 -S "session successfully restored from ticket" \
2971 -s "a session has been resumed" \
2972 -c "a session has been resumed"
Manuel Pégourié-Gonnardde143782014-02-20 14:50:42 +01002973
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002974run_test "Session resume using cache: cache_max=0" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002975 "$P_SRV debug_level=3 tickets=0 cache_max=0" \
2976 "$P_CLI debug_level=3 tickets=0 reconnect=1" \
Manuel Pégourié-Gonnard4c883452014-02-20 21:32:41 +01002977 0 \
2978 -S "session successfully restored from cache" \
2979 -S "session successfully restored from ticket" \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +01002980 -S "a session has been resumed" \
2981 -C "a session has been resumed"
Manuel Pégourié-Gonnard4c883452014-02-20 21:32:41 +01002982
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002983run_test "Session resume using cache: cache_max=1" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002984 "$P_SRV debug_level=3 tickets=0 cache_max=1" \
2985 "$P_CLI debug_level=3 tickets=0 reconnect=1" \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +01002986 0 \
2987 -s "session successfully restored from cache" \
2988 -S "session successfully restored from ticket" \
2989 -s "a session has been resumed" \
2990 -c "a session has been resumed"
2991
Manuel Pégourié-Gonnard6df31962015-05-04 10:55:47 +02002992run_test "Session resume using cache: timeout > delay" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002993 "$P_SRV debug_level=3 tickets=0" \
2994 "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=0" \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +01002995 0 \
2996 -s "session successfully restored from cache" \
2997 -S "session successfully restored from ticket" \
2998 -s "a session has been resumed" \
2999 -c "a session has been resumed"
3000
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003001run_test "Session resume using cache: timeout < delay" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003002 "$P_SRV debug_level=3 tickets=0 cache_timeout=1" \
3003 "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=2" \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +01003004 0 \
3005 -S "session successfully restored from cache" \
3006 -S "session successfully restored from ticket" \
3007 -S "a session has been resumed" \
3008 -C "a session has been resumed"
3009
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003010run_test "Session resume using cache: no timeout" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003011 "$P_SRV debug_level=3 tickets=0 cache_timeout=0" \
3012 "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=2" \
Manuel Pégourié-Gonnard4c883452014-02-20 21:32:41 +01003013 0 \
3014 -s "session successfully restored from cache" \
3015 -S "session successfully restored from ticket" \
3016 -s "a session has been resumed" \
3017 -c "a session has been resumed"
3018
Manuel Pégourié-Gonnarda7c37652019-05-20 12:46:26 +02003019run_test "Session resume using cache: session copy" \
3020 "$P_SRV debug_level=3 tickets=0" \
3021 "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_mode=0" \
3022 0 \
3023 -s "session successfully restored from cache" \
3024 -S "session successfully restored from ticket" \
3025 -s "a session has been resumed" \
3026 -c "a session has been resumed"
3027
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003028run_test "Session resume using cache: openssl client" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003029 "$P_SRV debug_level=3 tickets=0" \
Manuel Pégourié-Gonnardbc3b16c2014-05-28 23:06:50 +02003030 "( $O_CLI -sess_out $SESSION; \
3031 $O_CLI -sess_in $SESSION; \
3032 rm -f $SESSION )" \
Manuel Pégourié-Gonnarddb735f62014-02-25 17:57:59 +01003033 0 \
3034 -s "found session ticket extension" \
3035 -S "server hello, adding session ticket extension" \
3036 -s "session successfully restored from cache" \
3037 -S "session successfully restored from ticket" \
3038 -s "a session has been resumed"
3039
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003040run_test "Session resume using cache: openssl server" \
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +01003041 "$O_SRV" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003042 "$P_CLI debug_level=3 tickets=0 reconnect=1" \
Manuel Pégourié-Gonnarddb735f62014-02-25 17:57:59 +01003043 0 \
3044 -C "found session_ticket extension" \
3045 -C "parse new session ticket" \
3046 -c "a session has been resumed"
3047
Hanno Becker1d739932018-08-21 13:55:22 +01003048# Tests for Session Resume based on session-ID and cache, DTLS
3049
3050run_test "Session resume using cache, DTLS: tickets enabled on client" \
3051 "$P_SRV dtls=1 debug_level=3 tickets=0" \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +01003052 "$P_CLI dtls=1 debug_level=3 tickets=1 reconnect=1 skip_close_notify=1" \
Hanno Becker1d739932018-08-21 13:55:22 +01003053 0 \
3054 -c "client hello, adding session ticket extension" \
3055 -s "found session ticket extension" \
3056 -S "server hello, adding session ticket extension" \
3057 -C "found session_ticket extension" \
3058 -C "parse new session ticket" \
3059 -s "session successfully restored from cache" \
3060 -S "session successfully restored from ticket" \
3061 -s "a session has been resumed" \
3062 -c "a session has been resumed"
3063
3064run_test "Session resume using cache, DTLS: tickets enabled on server" \
3065 "$P_SRV dtls=1 debug_level=3 tickets=1" \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +01003066 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1" \
Hanno Becker1d739932018-08-21 13:55:22 +01003067 0 \
3068 -C "client hello, adding session ticket extension" \
3069 -S "found session ticket extension" \
3070 -S "server hello, adding session ticket extension" \
3071 -C "found session_ticket extension" \
3072 -C "parse new session ticket" \
3073 -s "session successfully restored from cache" \
3074 -S "session successfully restored from ticket" \
3075 -s "a session has been resumed" \
3076 -c "a session has been resumed"
3077
3078run_test "Session resume using cache, DTLS: cache_max=0" \
3079 "$P_SRV dtls=1 debug_level=3 tickets=0 cache_max=0" \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +01003080 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1" \
Hanno Becker1d739932018-08-21 13:55:22 +01003081 0 \
3082 -S "session successfully restored from cache" \
3083 -S "session successfully restored from ticket" \
3084 -S "a session has been resumed" \
3085 -C "a session has been resumed"
3086
3087run_test "Session resume using cache, DTLS: cache_max=1" \
3088 "$P_SRV dtls=1 debug_level=3 tickets=0 cache_max=1" \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +01003089 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1" \
Hanno Becker1d739932018-08-21 13:55:22 +01003090 0 \
3091 -s "session successfully restored from cache" \
3092 -S "session successfully restored from ticket" \
3093 -s "a session has been resumed" \
3094 -c "a session has been resumed"
3095
3096run_test "Session resume using cache, DTLS: timeout > delay" \
3097 "$P_SRV dtls=1 debug_level=3 tickets=0" \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +01003098 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1 reco_delay=0" \
Hanno Becker1d739932018-08-21 13:55:22 +01003099 0 \
3100 -s "session successfully restored from cache" \
3101 -S "session successfully restored from ticket" \
3102 -s "a session has been resumed" \
3103 -c "a session has been resumed"
3104
3105run_test "Session resume using cache, DTLS: timeout < delay" \
3106 "$P_SRV dtls=1 debug_level=3 tickets=0 cache_timeout=1" \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +01003107 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1 reco_delay=2" \
Hanno Becker1d739932018-08-21 13:55:22 +01003108 0 \
3109 -S "session successfully restored from cache" \
3110 -S "session successfully restored from ticket" \
3111 -S "a session has been resumed" \
3112 -C "a session has been resumed"
3113
3114run_test "Session resume using cache, DTLS: no timeout" \
3115 "$P_SRV dtls=1 debug_level=3 tickets=0 cache_timeout=0" \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +01003116 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1 reco_delay=2" \
Hanno Becker1d739932018-08-21 13:55:22 +01003117 0 \
3118 -s "session successfully restored from cache" \
3119 -S "session successfully restored from ticket" \
3120 -s "a session has been resumed" \
3121 -c "a session has been resumed"
3122
Manuel Pégourié-Gonnarda7c37652019-05-20 12:46:26 +02003123run_test "Session resume using cache, DTLS: session copy" \
3124 "$P_SRV dtls=1 debug_level=3 tickets=0" \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +01003125 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1 reco_mode=0" \
Manuel Pégourié-Gonnarda7c37652019-05-20 12:46:26 +02003126 0 \
3127 -s "session successfully restored from cache" \
3128 -S "session successfully restored from ticket" \
3129 -s "a session has been resumed" \
3130 -c "a session has been resumed"
3131
Hanno Becker1d739932018-08-21 13:55:22 +01003132run_test "Session resume using cache, DTLS: openssl client" \
3133 "$P_SRV dtls=1 debug_level=3 tickets=0" \
3134 "( $O_CLI -dtls1 -sess_out $SESSION; \
3135 $O_CLI -dtls1 -sess_in $SESSION; \
3136 rm -f $SESSION )" \
3137 0 \
3138 -s "found session ticket extension" \
3139 -S "server hello, adding session ticket extension" \
3140 -s "session successfully restored from cache" \
3141 -S "session successfully restored from ticket" \
3142 -s "a session has been resumed"
3143
3144run_test "Session resume using cache, DTLS: openssl server" \
3145 "$O_SRV -dtls1" \
3146 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1" \
3147 0 \
3148 -C "found session_ticket extension" \
3149 -C "parse new session ticket" \
3150 -c "a session has been resumed"
3151
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01003152# Tests for Max Fragment Length extension
3153
Angus Grattonc4dd0732018-04-11 16:28:39 +10003154if [ "$MAX_CONTENT_LEN" -lt "4096" ]; then
Gilles Peskine231befa2020-08-26 20:05:11 +02003155 printf '%s defines MBEDTLS_SSL_MAX_CONTENT_LEN to be less than 4096. Fragment length tests will fail.\n' "${CONFIG_H}"
Hanno Becker6428f8d2017-09-22 16:58:50 +01003156 exit 1
3157fi
3158
Angus Grattonc4dd0732018-04-11 16:28:39 +10003159if [ $MAX_CONTENT_LEN -ne 16384 ]; then
Gilles Peskine231befa2020-08-26 20:05:11 +02003160 echo "Using non-default maximum content length $MAX_CONTENT_LEN"
Angus Grattonc4dd0732018-04-11 16:28:39 +10003161fi
3162
Hanno Becker4aed27e2017-09-18 15:00:34 +01003163requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Hanno Beckerc5266962017-09-18 15:01:50 +01003164run_test "Max fragment length: enabled, default" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003165 "$P_SRV debug_level=3" \
3166 "$P_CLI debug_level=3" \
Manuel Pégourié-Gonnardde143782014-02-20 14:50:42 +01003167 0 \
Andrzej Kurek90c6e842020-04-03 05:25:29 -04003168 -c "Maximum input fragment length is $MAX_CONTENT_LEN" \
3169 -c "Maximum output fragment length is $MAX_CONTENT_LEN" \
3170 -s "Maximum input fragment length is $MAX_CONTENT_LEN" \
3171 -s "Maximum output fragment length is $MAX_CONTENT_LEN" \
Manuel Pégourié-Gonnardde143782014-02-20 14:50:42 +01003172 -C "client hello, adding max_fragment_length extension" \
3173 -S "found max fragment length extension" \
3174 -S "server hello, max_fragment_length extension" \
3175 -C "found max_fragment_length extension"
3176
Hanno Becker4aed27e2017-09-18 15:00:34 +01003177requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Hanno Beckerc5266962017-09-18 15:01:50 +01003178run_test "Max fragment length: enabled, default, larger message" \
3179 "$P_SRV debug_level=3" \
Angus Grattonc4dd0732018-04-11 16:28:39 +10003180 "$P_CLI debug_level=3 request_size=$(( $MAX_CONTENT_LEN + 1))" \
Hanno Beckerc5266962017-09-18 15:01:50 +01003181 0 \
Andrzej Kurek90c6e842020-04-03 05:25:29 -04003182 -c "Maximum input fragment length is $MAX_CONTENT_LEN" \
3183 -c "Maximum output fragment length is $MAX_CONTENT_LEN" \
3184 -s "Maximum input fragment length is $MAX_CONTENT_LEN" \
3185 -s "Maximum output fragment length is $MAX_CONTENT_LEN" \
Hanno Beckerc5266962017-09-18 15:01:50 +01003186 -C "client hello, adding max_fragment_length extension" \
3187 -S "found max fragment length extension" \
3188 -S "server hello, max_fragment_length extension" \
3189 -C "found max_fragment_length extension" \
Angus Grattonc4dd0732018-04-11 16:28:39 +10003190 -c "$(( $MAX_CONTENT_LEN + 1)) bytes written in 2 fragments" \
3191 -s "$MAX_CONTENT_LEN bytes read" \
Hanno Becker9cfabe32017-10-18 14:42:01 +01003192 -s "1 bytes read"
Hanno Beckerc5266962017-09-18 15:01:50 +01003193
3194requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
3195run_test "Max fragment length, DTLS: enabled, default, larger message" \
3196 "$P_SRV debug_level=3 dtls=1" \
Angus Grattonc4dd0732018-04-11 16:28:39 +10003197 "$P_CLI debug_level=3 dtls=1 request_size=$(( $MAX_CONTENT_LEN + 1))" \
Hanno Beckerc5266962017-09-18 15:01:50 +01003198 1 \
Andrzej Kurek90c6e842020-04-03 05:25:29 -04003199 -c "Maximum input fragment length is $MAX_CONTENT_LEN" \
3200 -c "Maximum output fragment length is $MAX_CONTENT_LEN" \
3201 -s "Maximum input fragment length is $MAX_CONTENT_LEN" \
3202 -s "Maximum output fragment length is $MAX_CONTENT_LEN" \
Hanno Beckerc5266962017-09-18 15:01:50 +01003203 -C "client hello, adding max_fragment_length extension" \
3204 -S "found max fragment length extension" \
3205 -S "server hello, max_fragment_length extension" \
3206 -C "found max_fragment_length extension" \
3207 -c "fragment larger than.*maximum "
3208
Angus Grattonc4dd0732018-04-11 16:28:39 +10003209# Run some tests with MBEDTLS_SSL_MAX_FRAGMENT_LENGTH disabled
3210# (session fragment length will be 16384 regardless of mbedtls
3211# content length configuration.)
3212
Hanno Beckerc5266962017-09-18 15:01:50 +01003213requires_config_disabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
3214run_test "Max fragment length: disabled, larger message" \
3215 "$P_SRV debug_level=3" \
Angus Grattonc4dd0732018-04-11 16:28:39 +10003216 "$P_CLI debug_level=3 request_size=$(( $MAX_CONTENT_LEN + 1))" \
Hanno Beckerc5266962017-09-18 15:01:50 +01003217 0 \
Andrzej Kurek90c6e842020-04-03 05:25:29 -04003218 -C "Maximum input fragment length is 16384" \
3219 -C "Maximum output fragment length is 16384" \
3220 -S "Maximum input fragment length is 16384" \
3221 -S "Maximum output fragment length is 16384" \
Angus Grattonc4dd0732018-04-11 16:28:39 +10003222 -c "$(( $MAX_CONTENT_LEN + 1)) bytes written in 2 fragments" \
3223 -s "$MAX_CONTENT_LEN bytes read" \
Hanno Becker9cfabe32017-10-18 14:42:01 +01003224 -s "1 bytes read"
Hanno Beckerc5266962017-09-18 15:01:50 +01003225
3226requires_config_disabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
3227run_test "Max fragment length DTLS: disabled, larger message" \
3228 "$P_SRV debug_level=3 dtls=1" \
Angus Grattonc4dd0732018-04-11 16:28:39 +10003229 "$P_CLI debug_level=3 dtls=1 request_size=$(( $MAX_CONTENT_LEN + 1))" \
Hanno Beckerc5266962017-09-18 15:01:50 +01003230 1 \
Andrzej Kurek90c6e842020-04-03 05:25:29 -04003231 -C "Maximum input fragment length is 16384" \
3232 -C "Maximum output fragment length is 16384" \
3233 -S "Maximum input fragment length is 16384" \
3234 -S "Maximum output fragment length is 16384" \
Hanno Beckerc5266962017-09-18 15:01:50 +01003235 -c "fragment larger than.*maximum "
3236
3237requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003238run_test "Max fragment length: used by client" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003239 "$P_SRV debug_level=3" \
3240 "$P_CLI debug_level=3 max_frag_len=4096" \
Manuel Pégourié-Gonnardde143782014-02-20 14:50:42 +01003241 0 \
Andrzej Kurek90c6e842020-04-03 05:25:29 -04003242 -c "Maximum input fragment length is 4096" \
3243 -c "Maximum output fragment length is 4096" \
3244 -s "Maximum input fragment length is 4096" \
3245 -s "Maximum output fragment length is 4096" \
3246 -c "client hello, adding max_fragment_length extension" \
3247 -s "found max fragment length extension" \
3248 -s "server hello, max_fragment_length extension" \
3249 -c "found max_fragment_length extension"
3250
3251requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
3252run_test "Max fragment length: client 512, server 1024" \
3253 "$P_SRV debug_level=3 max_frag_len=1024" \
3254 "$P_CLI debug_level=3 max_frag_len=512" \
3255 0 \
3256 -c "Maximum input fragment length is 512" \
3257 -c "Maximum output fragment length is 512" \
3258 -s "Maximum input fragment length is 512" \
3259 -s "Maximum output fragment length is 512" \
3260 -c "client hello, adding max_fragment_length extension" \
3261 -s "found max fragment length extension" \
3262 -s "server hello, max_fragment_length extension" \
3263 -c "found max_fragment_length extension"
3264
3265requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
3266run_test "Max fragment length: client 512, server 2048" \
3267 "$P_SRV debug_level=3 max_frag_len=2048" \
3268 "$P_CLI debug_level=3 max_frag_len=512" \
3269 0 \
3270 -c "Maximum input fragment length is 512" \
3271 -c "Maximum output fragment length is 512" \
3272 -s "Maximum input fragment length is 512" \
3273 -s "Maximum output fragment length is 512" \
3274 -c "client hello, adding max_fragment_length extension" \
3275 -s "found max fragment length extension" \
3276 -s "server hello, max_fragment_length extension" \
3277 -c "found max_fragment_length extension"
3278
3279requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
3280run_test "Max fragment length: client 512, server 4096" \
3281 "$P_SRV debug_level=3 max_frag_len=4096" \
3282 "$P_CLI debug_level=3 max_frag_len=512" \
3283 0 \
3284 -c "Maximum input fragment length is 512" \
3285 -c "Maximum output fragment length is 512" \
3286 -s "Maximum input fragment length is 512" \
3287 -s "Maximum output fragment length is 512" \
3288 -c "client hello, adding max_fragment_length extension" \
3289 -s "found max fragment length extension" \
3290 -s "server hello, max_fragment_length extension" \
3291 -c "found max_fragment_length extension"
3292
3293requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
3294run_test "Max fragment length: client 1024, server 512" \
3295 "$P_SRV debug_level=3 max_frag_len=512" \
3296 "$P_CLI debug_level=3 max_frag_len=1024" \
3297 0 \
3298 -c "Maximum input fragment length is 1024" \
3299 -c "Maximum output fragment length is 1024" \
3300 -s "Maximum input fragment length is 1024" \
3301 -s "Maximum output fragment length is 512" \
3302 -c "client hello, adding max_fragment_length extension" \
3303 -s "found max fragment length extension" \
3304 -s "server hello, max_fragment_length extension" \
3305 -c "found max_fragment_length extension"
3306
3307requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
3308run_test "Max fragment length: client 1024, server 2048" \
3309 "$P_SRV debug_level=3 max_frag_len=2048" \
3310 "$P_CLI debug_level=3 max_frag_len=1024" \
3311 0 \
3312 -c "Maximum input fragment length is 1024" \
3313 -c "Maximum output fragment length is 1024" \
3314 -s "Maximum input fragment length is 1024" \
3315 -s "Maximum output fragment length is 1024" \
3316 -c "client hello, adding max_fragment_length extension" \
3317 -s "found max fragment length extension" \
3318 -s "server hello, max_fragment_length extension" \
3319 -c "found max_fragment_length extension"
3320
3321requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
3322run_test "Max fragment length: client 1024, server 4096" \
3323 "$P_SRV debug_level=3 max_frag_len=4096" \
3324 "$P_CLI debug_level=3 max_frag_len=1024" \
3325 0 \
3326 -c "Maximum input fragment length is 1024" \
3327 -c "Maximum output fragment length is 1024" \
3328 -s "Maximum input fragment length is 1024" \
3329 -s "Maximum output fragment length is 1024" \
3330 -c "client hello, adding max_fragment_length extension" \
3331 -s "found max fragment length extension" \
3332 -s "server hello, max_fragment_length extension" \
3333 -c "found max_fragment_length extension"
3334
3335requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
3336run_test "Max fragment length: client 2048, server 512" \
3337 "$P_SRV debug_level=3 max_frag_len=512" \
3338 "$P_CLI debug_level=3 max_frag_len=2048" \
3339 0 \
3340 -c "Maximum input fragment length is 2048" \
3341 -c "Maximum output fragment length is 2048" \
3342 -s "Maximum input fragment length is 2048" \
3343 -s "Maximum output fragment length is 512" \
3344 -c "client hello, adding max_fragment_length extension" \
3345 -s "found max fragment length extension" \
3346 -s "server hello, max_fragment_length extension" \
3347 -c "found max_fragment_length extension"
3348
3349requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
3350run_test "Max fragment length: client 2048, server 1024" \
3351 "$P_SRV debug_level=3 max_frag_len=1024" \
3352 "$P_CLI debug_level=3 max_frag_len=2048" \
3353 0 \
3354 -c "Maximum input fragment length is 2048" \
3355 -c "Maximum output fragment length is 2048" \
3356 -s "Maximum input fragment length is 2048" \
3357 -s "Maximum output fragment length is 1024" \
3358 -c "client hello, adding max_fragment_length extension" \
3359 -s "found max fragment length extension" \
3360 -s "server hello, max_fragment_length extension" \
3361 -c "found max_fragment_length extension"
3362
3363requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
3364run_test "Max fragment length: client 2048, server 4096" \
3365 "$P_SRV debug_level=3 max_frag_len=4096" \
3366 "$P_CLI debug_level=3 max_frag_len=2048" \
3367 0 \
3368 -c "Maximum input fragment length is 2048" \
3369 -c "Maximum output fragment length is 2048" \
3370 -s "Maximum input fragment length is 2048" \
3371 -s "Maximum output fragment length is 2048" \
3372 -c "client hello, adding max_fragment_length extension" \
3373 -s "found max fragment length extension" \
3374 -s "server hello, max_fragment_length extension" \
3375 -c "found max_fragment_length extension"
3376
3377requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
3378run_test "Max fragment length: client 4096, server 512" \
3379 "$P_SRV debug_level=3 max_frag_len=512" \
3380 "$P_CLI debug_level=3 max_frag_len=4096" \
3381 0 \
3382 -c "Maximum input fragment length is 4096" \
3383 -c "Maximum output fragment length is 4096" \
3384 -s "Maximum input fragment length is 4096" \
3385 -s "Maximum output fragment length is 512" \
3386 -c "client hello, adding max_fragment_length extension" \
3387 -s "found max fragment length extension" \
3388 -s "server hello, max_fragment_length extension" \
3389 -c "found max_fragment_length extension"
3390
3391requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
3392run_test "Max fragment length: client 4096, server 1024" \
3393 "$P_SRV debug_level=3 max_frag_len=1024" \
3394 "$P_CLI debug_level=3 max_frag_len=4096" \
3395 0 \
3396 -c "Maximum input fragment length is 4096" \
3397 -c "Maximum output fragment length is 4096" \
3398 -s "Maximum input fragment length is 4096" \
3399 -s "Maximum output fragment length is 1024" \
3400 -c "client hello, adding max_fragment_length extension" \
3401 -s "found max fragment length extension" \
3402 -s "server hello, max_fragment_length extension" \
3403 -c "found max_fragment_length extension"
3404
3405requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
3406run_test "Max fragment length: client 4096, server 2048" \
3407 "$P_SRV debug_level=3 max_frag_len=2048" \
3408 "$P_CLI debug_level=3 max_frag_len=4096" \
3409 0 \
3410 -c "Maximum input fragment length is 4096" \
3411 -c "Maximum output fragment length is 4096" \
3412 -s "Maximum input fragment length is 4096" \
3413 -s "Maximum output fragment length is 2048" \
Manuel Pégourié-Gonnardde143782014-02-20 14:50:42 +01003414 -c "client hello, adding max_fragment_length extension" \
3415 -s "found max fragment length extension" \
3416 -s "server hello, max_fragment_length extension" \
3417 -c "found max_fragment_length extension"
3418
Hanno Becker4aed27e2017-09-18 15:00:34 +01003419requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003420run_test "Max fragment length: used by server" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003421 "$P_SRV debug_level=3 max_frag_len=4096" \
3422 "$P_CLI debug_level=3" \
Manuel Pégourié-Gonnardde143782014-02-20 14:50:42 +01003423 0 \
Andrzej Kurek90c6e842020-04-03 05:25:29 -04003424 -c "Maximum input fragment length is $MAX_CONTENT_LEN" \
3425 -c "Maximum output fragment length is $MAX_CONTENT_LEN" \
3426 -s "Maximum input fragment length is $MAX_CONTENT_LEN" \
3427 -s "Maximum output fragment length is 4096" \
Manuel Pégourié-Gonnardde143782014-02-20 14:50:42 +01003428 -C "client hello, adding max_fragment_length extension" \
3429 -S "found max fragment length extension" \
3430 -S "server hello, max_fragment_length extension" \
3431 -C "found max_fragment_length extension"
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01003432
Hanno Becker4aed27e2017-09-18 15:00:34 +01003433requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003434requires_gnutls
3435run_test "Max fragment length: gnutls server" \
Manuel Pégourié-Gonnardbaa7f072014-08-20 20:15:53 +02003436 "$G_SRV" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003437 "$P_CLI debug_level=3 max_frag_len=4096" \
Manuel Pégourié-Gonnardbaa7f072014-08-20 20:15:53 +02003438 0 \
Andrzej Kurek90c6e842020-04-03 05:25:29 -04003439 -c "Maximum input fragment length is 4096" \
3440 -c "Maximum output fragment length is 4096" \
Manuel Pégourié-Gonnardbaa7f072014-08-20 20:15:53 +02003441 -c "client hello, adding max_fragment_length extension" \
3442 -c "found max_fragment_length extension"
3443
Hanno Becker4aed27e2017-09-18 15:00:34 +01003444requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Manuel Pégourié-Gonnard37e08e12014-10-13 17:55:52 +02003445run_test "Max fragment length: client, message just fits" \
3446 "$P_SRV debug_level=3" \
3447 "$P_CLI debug_level=3 max_frag_len=2048 request_size=2048" \
3448 0 \
Andrzej Kurek90c6e842020-04-03 05:25:29 -04003449 -c "Maximum input fragment length is 2048" \
3450 -c "Maximum output fragment length is 2048" \
3451 -s "Maximum input fragment length is 2048" \
3452 -s "Maximum output fragment length is 2048" \
Manuel Pégourié-Gonnard37e08e12014-10-13 17:55:52 +02003453 -c "client hello, adding max_fragment_length extension" \
3454 -s "found max fragment length extension" \
3455 -s "server hello, max_fragment_length extension" \
3456 -c "found max_fragment_length extension" \
3457 -c "2048 bytes written in 1 fragments" \
3458 -s "2048 bytes read"
3459
Hanno Becker4aed27e2017-09-18 15:00:34 +01003460requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Manuel Pégourié-Gonnard37e08e12014-10-13 17:55:52 +02003461run_test "Max fragment length: client, larger message" \
3462 "$P_SRV debug_level=3" \
3463 "$P_CLI debug_level=3 max_frag_len=2048 request_size=2345" \
3464 0 \
Andrzej Kurek90c6e842020-04-03 05:25:29 -04003465 -c "Maximum input fragment length is 2048" \
3466 -c "Maximum output fragment length is 2048" \
3467 -s "Maximum input fragment length is 2048" \
3468 -s "Maximum output fragment length is 2048" \
Manuel Pégourié-Gonnard37e08e12014-10-13 17:55:52 +02003469 -c "client hello, adding max_fragment_length extension" \
3470 -s "found max fragment length extension" \
3471 -s "server hello, max_fragment_length extension" \
3472 -c "found max_fragment_length extension" \
3473 -c "2345 bytes written in 2 fragments" \
3474 -s "2048 bytes read" \
3475 -s "297 bytes read"
3476
Hanno Becker4aed27e2017-09-18 15:00:34 +01003477requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Manuel Pégourié-Gonnard23eb74d2015-01-21 14:37:13 +00003478run_test "Max fragment length: DTLS client, larger message" \
Manuel Pégourié-Gonnard37e08e12014-10-13 17:55:52 +02003479 "$P_SRV debug_level=3 dtls=1" \
3480 "$P_CLI debug_level=3 dtls=1 max_frag_len=2048 request_size=2345" \
3481 1 \
Andrzej Kurek90c6e842020-04-03 05:25:29 -04003482 -c "Maximum input fragment length is 2048" \
3483 -c "Maximum output fragment length is 2048" \
3484 -s "Maximum input fragment length is 2048" \
3485 -s "Maximum output fragment length is 2048" \
Manuel Pégourié-Gonnard37e08e12014-10-13 17:55:52 +02003486 -c "client hello, adding max_fragment_length extension" \
3487 -s "found max fragment length extension" \
3488 -s "server hello, max_fragment_length extension" \
3489 -c "found max_fragment_length extension" \
3490 -c "fragment larger than.*maximum"
3491
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01003492# Tests for renegotiation
3493
Hanno Becker6a243642017-10-12 15:18:45 +01003494# Renegotiation SCSV always added, regardless of SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003495run_test "Renegotiation: none, for reference" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01003496 "$P_SRV debug_level=3 exchanges=2 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003497 "$P_CLI debug_level=3 exchanges=2" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01003498 0 \
3499 -C "client hello, adding renegotiation extension" \
3500 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3501 -S "found renegotiation extension" \
3502 -s "server hello, secure renegotiation extension" \
3503 -c "found renegotiation extension" \
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +01003504 -C "=> renegotiate" \
3505 -S "=> renegotiate" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01003506 -S "write hello request"
3507
Hanno Becker6a243642017-10-12 15:18:45 +01003508requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003509run_test "Renegotiation: client-initiated" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01003510 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003511 "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01003512 0 \
3513 -c "client hello, adding renegotiation extension" \
3514 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3515 -s "found renegotiation extension" \
3516 -s "server hello, secure renegotiation extension" \
3517 -c "found renegotiation extension" \
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +01003518 -c "=> renegotiate" \
3519 -s "=> renegotiate" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01003520 -S "write hello request"
3521
Hanno Becker6a243642017-10-12 15:18:45 +01003522requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003523run_test "Renegotiation: server-initiated" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01003524 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003525 "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01003526 0 \
3527 -c "client hello, adding renegotiation extension" \
3528 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3529 -s "found renegotiation extension" \
3530 -s "server hello, secure renegotiation extension" \
3531 -c "found renegotiation extension" \
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +01003532 -c "=> renegotiate" \
3533 -s "=> renegotiate" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01003534 -s "write hello request"
3535
Janos Follathb0f148c2017-10-05 12:29:42 +01003536# Checks that no Signature Algorithm with SHA-1 gets negotiated. Negotiating SHA-1 would mean that
3537# the server did not parse the Signature Algorithm extension. This test is valid only if an MD
3538# algorithm stronger than SHA-1 is enabled in config.h
Hanno Becker6a243642017-10-12 15:18:45 +01003539requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Janos Follathb0f148c2017-10-05 12:29:42 +01003540run_test "Renegotiation: Signature Algorithms parsing, client-initiated" \
3541 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional" \
3542 "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \
3543 0 \
3544 -c "client hello, adding renegotiation extension" \
3545 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3546 -s "found renegotiation extension" \
3547 -s "server hello, secure renegotiation extension" \
3548 -c "found renegotiation extension" \
3549 -c "=> renegotiate" \
3550 -s "=> renegotiate" \
3551 -S "write hello request" \
3552 -S "client hello v3, signature_algorithm ext: 2" # Is SHA-1 negotiated?
3553
3554# Checks that no Signature Algorithm with SHA-1 gets negotiated. Negotiating SHA-1 would mean that
3555# the server did not parse the Signature Algorithm extension. This test is valid only if an MD
3556# algorithm stronger than SHA-1 is enabled in config.h
Hanno Becker6a243642017-10-12 15:18:45 +01003557requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Janos Follathb0f148c2017-10-05 12:29:42 +01003558run_test "Renegotiation: Signature Algorithms parsing, server-initiated" \
3559 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1" \
3560 "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \
3561 0 \
3562 -c "client hello, adding renegotiation extension" \
3563 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3564 -s "found renegotiation extension" \
3565 -s "server hello, secure renegotiation extension" \
3566 -c "found renegotiation extension" \
3567 -c "=> renegotiate" \
3568 -s "=> renegotiate" \
3569 -s "write hello request" \
3570 -S "client hello v3, signature_algorithm ext: 2" # Is SHA-1 negotiated?
3571
Hanno Becker6a243642017-10-12 15:18:45 +01003572requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003573run_test "Renegotiation: double" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01003574 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003575 "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01003576 0 \
3577 -c "client hello, adding renegotiation extension" \
3578 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3579 -s "found renegotiation extension" \
3580 -s "server hello, secure renegotiation extension" \
3581 -c "found renegotiation extension" \
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +01003582 -c "=> renegotiate" \
3583 -s "=> renegotiate" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01003584 -s "write hello request"
3585
Hanno Becker6a243642017-10-12 15:18:45 +01003586requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Andrzej Kurek8ea68722020-04-03 06:40:47 -04003587requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
3588run_test "Renegotiation with max fragment length: client 2048, server 512" \
3589 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1 max_frag_len=512" \
3590 "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 max_frag_len=2048 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
3591 0 \
3592 -c "Maximum input fragment length is 2048" \
3593 -c "Maximum output fragment length is 2048" \
3594 -s "Maximum input fragment length is 2048" \
3595 -s "Maximum output fragment length is 512" \
3596 -c "client hello, adding max_fragment_length extension" \
3597 -s "found max fragment length extension" \
3598 -s "server hello, max_fragment_length extension" \
3599 -c "found max_fragment_length extension" \
3600 -c "client hello, adding renegotiation extension" \
3601 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3602 -s "found renegotiation extension" \
3603 -s "server hello, secure renegotiation extension" \
3604 -c "found renegotiation extension" \
3605 -c "=> renegotiate" \
3606 -s "=> renegotiate" \
3607 -s "write hello request"
3608
3609requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003610run_test "Renegotiation: client-initiated, server-rejected" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01003611 "$P_SRV debug_level=3 exchanges=2 renegotiation=0 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003612 "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01003613 1 \
3614 -c "client hello, adding renegotiation extension" \
3615 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3616 -S "found renegotiation extension" \
3617 -s "server hello, secure renegotiation extension" \
3618 -c "found renegotiation extension" \
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +01003619 -c "=> renegotiate" \
3620 -S "=> renegotiate" \
Manuel Pégourié-Gonnardfae355e2014-07-04 14:32:27 +02003621 -S "write hello request" \
Manuel Pégourié-Gonnard65919622014-08-19 12:50:30 +02003622 -c "SSL - Unexpected message at ServerHello in renegotiation" \
Manuel Pégourié-Gonnardfae355e2014-07-04 14:32:27 +02003623 -c "failed"
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01003624
Hanno Becker6a243642017-10-12 15:18:45 +01003625requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003626run_test "Renegotiation: server-initiated, client-rejected, default" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01003627 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003628 "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01003629 0 \
3630 -C "client hello, adding renegotiation extension" \
3631 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3632 -S "found renegotiation extension" \
3633 -s "server hello, secure renegotiation extension" \
3634 -c "found renegotiation extension" \
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +01003635 -C "=> renegotiate" \
3636 -S "=> renegotiate" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01003637 -s "write hello request" \
Manuel Pégourié-Gonnarda9964db2014-07-03 19:29:16 +02003638 -S "SSL - An unexpected message was received from our peer" \
3639 -S "failed"
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +01003640
Hanno Becker6a243642017-10-12 15:18:45 +01003641requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003642run_test "Renegotiation: server-initiated, client-rejected, not enforced" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003643 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01003644 renego_delay=-1 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003645 "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \
Manuel Pégourié-Gonnardfae355e2014-07-04 14:32:27 +02003646 0 \
3647 -C "client hello, adding renegotiation extension" \
3648 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3649 -S "found renegotiation extension" \
3650 -s "server hello, secure renegotiation extension" \
3651 -c "found renegotiation extension" \
3652 -C "=> renegotiate" \
3653 -S "=> renegotiate" \
3654 -s "write hello request" \
3655 -S "SSL - An unexpected message was received from our peer" \
3656 -S "failed"
3657
Manuel Pégourié-Gonnarda8c0a0d2014-08-15 12:07:38 +02003658# delay 2 for 1 alert record + 1 application data record
Hanno Becker6a243642017-10-12 15:18:45 +01003659requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003660run_test "Renegotiation: server-initiated, client-rejected, delay 2" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003661 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01003662 renego_delay=2 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003663 "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \
Manuel Pégourié-Gonnardfae355e2014-07-04 14:32:27 +02003664 0 \
3665 -C "client hello, adding renegotiation extension" \
3666 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3667 -S "found renegotiation extension" \
3668 -s "server hello, secure renegotiation extension" \
3669 -c "found renegotiation extension" \
3670 -C "=> renegotiate" \
3671 -S "=> renegotiate" \
3672 -s "write hello request" \
3673 -S "SSL - An unexpected message was received from our peer" \
3674 -S "failed"
3675
Hanno Becker6a243642017-10-12 15:18:45 +01003676requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003677run_test "Renegotiation: server-initiated, client-rejected, delay 0" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003678 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01003679 renego_delay=0 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003680 "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \
Manuel Pégourié-Gonnardfae355e2014-07-04 14:32:27 +02003681 0 \
3682 -C "client hello, adding renegotiation extension" \
3683 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3684 -S "found renegotiation extension" \
3685 -s "server hello, secure renegotiation extension" \
3686 -c "found renegotiation extension" \
3687 -C "=> renegotiate" \
3688 -S "=> renegotiate" \
3689 -s "write hello request" \
Manuel Pégourié-Gonnarda8c0a0d2014-08-15 12:07:38 +02003690 -s "SSL - An unexpected message was received from our peer"
Manuel Pégourié-Gonnardfae355e2014-07-04 14:32:27 +02003691
Hanno Becker6a243642017-10-12 15:18:45 +01003692requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003693run_test "Renegotiation: server-initiated, client-accepted, delay 0" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003694 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01003695 renego_delay=0 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003696 "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \
Manuel Pégourié-Gonnardfae355e2014-07-04 14:32:27 +02003697 0 \
3698 -c "client hello, adding renegotiation extension" \
3699 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3700 -s "found renegotiation extension" \
3701 -s "server hello, secure renegotiation extension" \
3702 -c "found renegotiation extension" \
3703 -c "=> renegotiate" \
3704 -s "=> renegotiate" \
3705 -s "write hello request" \
3706 -S "SSL - An unexpected message was received from our peer" \
3707 -S "failed"
3708
Hanno Becker6a243642017-10-12 15:18:45 +01003709requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard590f4162014-11-05 14:23:03 +01003710run_test "Renegotiation: periodic, just below period" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01003711 "$P_SRV debug_level=3 exchanges=9 renegotiation=1 renego_period=3 auth_mode=optional" \
Manuel Pégourié-Gonnard590f4162014-11-05 14:23:03 +01003712 "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \
3713 0 \
3714 -C "client hello, adding renegotiation extension" \
3715 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3716 -S "found renegotiation extension" \
3717 -s "server hello, secure renegotiation extension" \
3718 -c "found renegotiation extension" \
3719 -S "record counter limit reached: renegotiate" \
3720 -C "=> renegotiate" \
3721 -S "=> renegotiate" \
3722 -S "write hello request" \
3723 -S "SSL - An unexpected message was received from our peer" \
3724 -S "failed"
3725
Manuel Pégourié-Gonnard9835bc02015-01-14 14:41:58 +01003726# one extra exchange to be able to complete renego
Hanno Becker6a243642017-10-12 15:18:45 +01003727requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard590f4162014-11-05 14:23:03 +01003728run_test "Renegotiation: periodic, just above period" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01003729 "$P_SRV debug_level=3 exchanges=9 renegotiation=1 renego_period=3 auth_mode=optional" \
Manuel Pégourié-Gonnard9835bc02015-01-14 14:41:58 +01003730 "$P_CLI debug_level=3 exchanges=4 renegotiation=1" \
Manuel Pégourié-Gonnard590f4162014-11-05 14:23:03 +01003731 0 \
3732 -c "client hello, adding renegotiation extension" \
3733 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3734 -s "found renegotiation extension" \
3735 -s "server hello, secure renegotiation extension" \
3736 -c "found renegotiation extension" \
3737 -s "record counter limit reached: renegotiate" \
3738 -c "=> renegotiate" \
3739 -s "=> renegotiate" \
3740 -s "write hello request" \
3741 -S "SSL - An unexpected message was received from our peer" \
3742 -S "failed"
3743
Hanno Becker6a243642017-10-12 15:18:45 +01003744requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard590f4162014-11-05 14:23:03 +01003745run_test "Renegotiation: periodic, two times period" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01003746 "$P_SRV debug_level=3 exchanges=9 renegotiation=1 renego_period=3 auth_mode=optional" \
Manuel Pégourié-Gonnard9835bc02015-01-14 14:41:58 +01003747 "$P_CLI debug_level=3 exchanges=7 renegotiation=1" \
Manuel Pégourié-Gonnard590f4162014-11-05 14:23:03 +01003748 0 \
3749 -c "client hello, adding renegotiation extension" \
3750 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3751 -s "found renegotiation extension" \
3752 -s "server hello, secure renegotiation extension" \
3753 -c "found renegotiation extension" \
3754 -s "record counter limit reached: renegotiate" \
3755 -c "=> renegotiate" \
3756 -s "=> renegotiate" \
3757 -s "write hello request" \
3758 -S "SSL - An unexpected message was received from our peer" \
3759 -S "failed"
3760
Hanno Becker6a243642017-10-12 15:18:45 +01003761requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard590f4162014-11-05 14:23:03 +01003762run_test "Renegotiation: periodic, above period, disabled" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01003763 "$P_SRV debug_level=3 exchanges=9 renegotiation=0 renego_period=3 auth_mode=optional" \
Manuel Pégourié-Gonnard590f4162014-11-05 14:23:03 +01003764 "$P_CLI debug_level=3 exchanges=4 renegotiation=1" \
3765 0 \
3766 -C "client hello, adding renegotiation extension" \
3767 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3768 -S "found renegotiation extension" \
3769 -s "server hello, secure renegotiation extension" \
3770 -c "found renegotiation extension" \
3771 -S "record counter limit reached: renegotiate" \
3772 -C "=> renegotiate" \
3773 -S "=> renegotiate" \
3774 -S "write hello request" \
3775 -S "SSL - An unexpected message was received from our peer" \
3776 -S "failed"
3777
Hanno Becker6a243642017-10-12 15:18:45 +01003778requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003779run_test "Renegotiation: nbio, client-initiated" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01003780 "$P_SRV debug_level=3 nbio=2 exchanges=2 renegotiation=1 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003781 "$P_CLI debug_level=3 nbio=2 exchanges=2 renegotiation=1 renegotiate=1" \
Manuel Pégourié-Gonnardf07f4212014-08-15 19:04:47 +02003782 0 \
3783 -c "client hello, adding renegotiation extension" \
3784 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3785 -s "found renegotiation extension" \
3786 -s "server hello, secure renegotiation extension" \
3787 -c "found renegotiation extension" \
3788 -c "=> renegotiate" \
3789 -s "=> renegotiate" \
3790 -S "write hello request"
3791
Hanno Becker6a243642017-10-12 15:18:45 +01003792requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003793run_test "Renegotiation: nbio, server-initiated" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01003794 "$P_SRV debug_level=3 nbio=2 exchanges=2 renegotiation=1 renegotiate=1 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003795 "$P_CLI debug_level=3 nbio=2 exchanges=2 renegotiation=1" \
Manuel Pégourié-Gonnardf07f4212014-08-15 19:04:47 +02003796 0 \
3797 -c "client hello, adding renegotiation extension" \
3798 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3799 -s "found renegotiation extension" \
3800 -s "server hello, secure renegotiation extension" \
3801 -c "found renegotiation extension" \
3802 -c "=> renegotiate" \
3803 -s "=> renegotiate" \
3804 -s "write hello request"
3805
Hanno Becker6a243642017-10-12 15:18:45 +01003806requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003807run_test "Renegotiation: openssl server, client-initiated" \
Manuel Pégourié-Gonnarda7756172014-08-31 18:37:01 +02003808 "$O_SRV -www" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003809 "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \
Manuel Pégourié-Gonnard51362962014-08-30 21:22:47 +02003810 0 \
3811 -c "client hello, adding renegotiation extension" \
3812 -c "found renegotiation extension" \
3813 -c "=> renegotiate" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003814 -C "ssl_hanshake() returned" \
Manuel Pégourié-Gonnard51362962014-08-30 21:22:47 +02003815 -C "error" \
3816 -c "HTTP/1.0 200 [Oo][Kk]"
3817
Paul Bakker539d9722015-02-08 16:18:35 +01003818requires_gnutls
Hanno Becker6a243642017-10-12 15:18:45 +01003819requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003820run_test "Renegotiation: gnutls server strict, client-initiated" \
3821 "$G_SRV --priority=NORMAL:%SAFE_RENEGOTIATION" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003822 "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \
Manuel Pégourié-Gonnard51362962014-08-30 21:22:47 +02003823 0 \
3824 -c "client hello, adding renegotiation extension" \
3825 -c "found renegotiation extension" \
3826 -c "=> renegotiate" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003827 -C "ssl_hanshake() returned" \
Manuel Pégourié-Gonnard51362962014-08-30 21:22:47 +02003828 -C "error" \
3829 -c "HTTP/1.0 200 [Oo][Kk]"
3830
Paul Bakker539d9722015-02-08 16:18:35 +01003831requires_gnutls
Hanno Becker6a243642017-10-12 15:18:45 +01003832requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003833run_test "Renegotiation: gnutls server unsafe, client-initiated default" \
3834 "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \
3835 "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \
3836 1 \
3837 -c "client hello, adding renegotiation extension" \
3838 -C "found renegotiation extension" \
3839 -c "=> renegotiate" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003840 -c "mbedtls_ssl_handshake() returned" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003841 -c "error" \
3842 -C "HTTP/1.0 200 [Oo][Kk]"
3843
Paul Bakker539d9722015-02-08 16:18:35 +01003844requires_gnutls
Hanno Becker6a243642017-10-12 15:18:45 +01003845requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003846run_test "Renegotiation: gnutls server unsafe, client-inititated no legacy" \
3847 "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \
3848 "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1 \
3849 allow_legacy=0" \
3850 1 \
3851 -c "client hello, adding renegotiation extension" \
3852 -C "found renegotiation extension" \
3853 -c "=> renegotiate" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003854 -c "mbedtls_ssl_handshake() returned" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003855 -c "error" \
3856 -C "HTTP/1.0 200 [Oo][Kk]"
3857
Paul Bakker539d9722015-02-08 16:18:35 +01003858requires_gnutls
Hanno Becker6a243642017-10-12 15:18:45 +01003859requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003860run_test "Renegotiation: gnutls server unsafe, client-inititated legacy" \
3861 "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \
3862 "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1 \
3863 allow_legacy=1" \
3864 0 \
3865 -c "client hello, adding renegotiation extension" \
3866 -C "found renegotiation extension" \
3867 -c "=> renegotiate" \
3868 -C "ssl_hanshake() returned" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01003869 -C "error" \
3870 -c "HTTP/1.0 200 [Oo][Kk]"
3871
Hanno Becker6a243642017-10-12 15:18:45 +01003872requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard30d16eb2014-08-19 17:43:50 +02003873run_test "Renegotiation: DTLS, client-initiated" \
3874 "$P_SRV debug_level=3 dtls=1 exchanges=2 renegotiation=1" \
3875 "$P_CLI debug_level=3 dtls=1 exchanges=2 renegotiation=1 renegotiate=1" \
3876 0 \
3877 -c "client hello, adding renegotiation extension" \
3878 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3879 -s "found renegotiation extension" \
3880 -s "server hello, secure renegotiation extension" \
3881 -c "found renegotiation extension" \
3882 -c "=> renegotiate" \
3883 -s "=> renegotiate" \
3884 -S "write hello request"
3885
Hanno Becker6a243642017-10-12 15:18:45 +01003886requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnardc392b242014-08-19 17:53:11 +02003887run_test "Renegotiation: DTLS, server-initiated" \
3888 "$P_SRV debug_level=3 dtls=1 exchanges=2 renegotiation=1 renegotiate=1" \
Manuel Pégourié-Gonnarddf9a0a82014-10-02 14:17:18 +02003889 "$P_CLI debug_level=3 dtls=1 exchanges=2 renegotiation=1 \
3890 read_timeout=1000 max_resend=2" \
Manuel Pégourié-Gonnardc392b242014-08-19 17:53:11 +02003891 0 \
3892 -c "client hello, adding renegotiation extension" \
3893 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3894 -s "found renegotiation extension" \
3895 -s "server hello, secure renegotiation extension" \
3896 -c "found renegotiation extension" \
3897 -c "=> renegotiate" \
3898 -s "=> renegotiate" \
3899 -s "write hello request"
3900
Hanno Becker6a243642017-10-12 15:18:45 +01003901requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Andres AG692ad842017-01-19 16:30:57 +00003902run_test "Renegotiation: DTLS, renego_period overflow" \
3903 "$P_SRV debug_level=3 dtls=1 exchanges=4 renegotiation=1 renego_period=18446462598732840962 auth_mode=optional" \
3904 "$P_CLI debug_level=3 dtls=1 exchanges=4 renegotiation=1" \
3905 0 \
3906 -c "client hello, adding renegotiation extension" \
3907 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
3908 -s "found renegotiation extension" \
3909 -s "server hello, secure renegotiation extension" \
3910 -s "record counter limit reached: renegotiate" \
3911 -c "=> renegotiate" \
3912 -s "=> renegotiate" \
Hanno Becker6a243642017-10-12 15:18:45 +01003913 -s "write hello request"
Andres AG692ad842017-01-19 16:30:57 +00003914
Manuel Pégourié-Gonnard96999962015-02-17 16:02:37 +00003915requires_gnutls
Hanno Becker6a243642017-10-12 15:18:45 +01003916requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnardf1499f62014-08-31 17:13:13 +02003917run_test "Renegotiation: DTLS, gnutls server, client-initiated" \
3918 "$G_SRV -u --mtu 4096" \
3919 "$P_CLI debug_level=3 dtls=1 exchanges=1 renegotiation=1 renegotiate=1" \
3920 0 \
3921 -c "client hello, adding renegotiation extension" \
3922 -c "found renegotiation extension" \
3923 -c "=> renegotiate" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003924 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnardf1499f62014-08-31 17:13:13 +02003925 -C "error" \
3926 -s "Extra-header:"
3927
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003928# Test for the "secure renegotation" extension only (no actual renegotiation)
3929
Paul Bakker539d9722015-02-08 16:18:35 +01003930requires_gnutls
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003931run_test "Renego ext: gnutls server strict, client default" \
3932 "$G_SRV --priority=NORMAL:%SAFE_RENEGOTIATION" \
3933 "$P_CLI debug_level=3" \
3934 0 \
3935 -c "found renegotiation extension" \
3936 -C "error" \
3937 -c "HTTP/1.0 200 [Oo][Kk]"
3938
Paul Bakker539d9722015-02-08 16:18:35 +01003939requires_gnutls
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003940run_test "Renego ext: gnutls server unsafe, client default" \
3941 "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \
3942 "$P_CLI debug_level=3" \
3943 0 \
3944 -C "found renegotiation extension" \
3945 -C "error" \
3946 -c "HTTP/1.0 200 [Oo][Kk]"
3947
Paul Bakker539d9722015-02-08 16:18:35 +01003948requires_gnutls
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003949run_test "Renego ext: gnutls server unsafe, client break legacy" \
3950 "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \
3951 "$P_CLI debug_level=3 allow_legacy=-1" \
3952 1 \
3953 -C "found renegotiation extension" \
3954 -c "error" \
3955 -C "HTTP/1.0 200 [Oo][Kk]"
3956
Paul Bakker539d9722015-02-08 16:18:35 +01003957requires_gnutls
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003958run_test "Renego ext: gnutls client strict, server default" \
3959 "$P_SRV debug_level=3" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02003960 "$G_CLI --priority=NORMAL:%SAFE_RENEGOTIATION localhost" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003961 0 \
3962 -s "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \
3963 -s "server hello, secure renegotiation extension"
3964
Paul Bakker539d9722015-02-08 16:18:35 +01003965requires_gnutls
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003966run_test "Renego ext: gnutls client unsafe, server default" \
3967 "$P_SRV debug_level=3" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02003968 "$G_CLI --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION localhost" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003969 0 \
3970 -S "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \
3971 -S "server hello, secure renegotiation extension"
3972
Paul Bakker539d9722015-02-08 16:18:35 +01003973requires_gnutls
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003974run_test "Renego ext: gnutls client unsafe, server break legacy" \
3975 "$P_SRV debug_level=3 allow_legacy=-1" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02003976 "$G_CLI --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION localhost" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01003977 1 \
3978 -S "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \
3979 -S "server hello, secure renegotiation extension"
3980
Janos Follath0b242342016-02-17 10:11:21 +00003981# Tests for silently dropping trailing extra bytes in .der certificates
3982
3983requires_gnutls
3984run_test "DER format: no trailing bytes" \
3985 "$P_SRV crt_file=data_files/server5-der0.crt \
3986 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02003987 "$G_CLI localhost" \
Janos Follath0b242342016-02-17 10:11:21 +00003988 0 \
3989 -c "Handshake was completed" \
3990
3991requires_gnutls
3992run_test "DER format: with a trailing zero byte" \
3993 "$P_SRV crt_file=data_files/server5-der1a.crt \
3994 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02003995 "$G_CLI localhost" \
Janos Follath0b242342016-02-17 10:11:21 +00003996 0 \
3997 -c "Handshake was completed" \
3998
3999requires_gnutls
4000run_test "DER format: with a trailing random byte" \
4001 "$P_SRV crt_file=data_files/server5-der1b.crt \
4002 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02004003 "$G_CLI localhost" \
Janos Follath0b242342016-02-17 10:11:21 +00004004 0 \
4005 -c "Handshake was completed" \
4006
4007requires_gnutls
4008run_test "DER format: with 2 trailing random bytes" \
4009 "$P_SRV crt_file=data_files/server5-der2.crt \
4010 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02004011 "$G_CLI localhost" \
Janos Follath0b242342016-02-17 10:11:21 +00004012 0 \
4013 -c "Handshake was completed" \
4014
4015requires_gnutls
4016run_test "DER format: with 4 trailing random bytes" \
4017 "$P_SRV crt_file=data_files/server5-der4.crt \
4018 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02004019 "$G_CLI localhost" \
Janos Follath0b242342016-02-17 10:11:21 +00004020 0 \
4021 -c "Handshake was completed" \
4022
4023requires_gnutls
4024run_test "DER format: with 8 trailing random bytes" \
4025 "$P_SRV crt_file=data_files/server5-der8.crt \
4026 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02004027 "$G_CLI localhost" \
Janos Follath0b242342016-02-17 10:11:21 +00004028 0 \
4029 -c "Handshake was completed" \
4030
4031requires_gnutls
4032run_test "DER format: with 9 trailing random bytes" \
4033 "$P_SRV crt_file=data_files/server5-der9.crt \
4034 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02004035 "$G_CLI localhost" \
Janos Follath0b242342016-02-17 10:11:21 +00004036 0 \
4037 -c "Handshake was completed" \
4038
Jarno Lamsaf7a7f9e2019-04-01 15:11:54 +03004039# Tests for auth_mode, there are duplicated tests using ca callback for authentication
4040# When updating these tests, modify the matching authentication tests accordingly
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01004041
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004042run_test "Authentication: server badcert, client required" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01004043 "$P_SRV crt_file=data_files/server5-badsign.crt \
4044 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004045 "$P_CLI debug_level=1 auth_mode=required" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01004046 1 \
4047 -c "x509_verify_cert() returned" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01004048 -c "! The certificate is not correctly signed by the trusted CA" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004049 -c "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01004050 -c "X509 - Certificate verification failed"
4051
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004052run_test "Authentication: server badcert, client optional" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01004053 "$P_SRV crt_file=data_files/server5-badsign.crt \
4054 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004055 "$P_CLI debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01004056 0 \
4057 -c "x509_verify_cert() returned" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01004058 -c "! The certificate is not correctly signed by the trusted CA" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004059 -C "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01004060 -C "X509 - Certificate verification failed"
4061
Hanno Beckere6706e62017-05-15 16:05:15 +01004062run_test "Authentication: server goodcert, client optional, no trusted CA" \
4063 "$P_SRV" \
4064 "$P_CLI debug_level=3 auth_mode=optional ca_file=none ca_path=none" \
4065 0 \
4066 -c "x509_verify_cert() returned" \
4067 -c "! The certificate is not correctly signed by the trusted CA" \
4068 -c "! Certificate verification flags"\
4069 -C "! mbedtls_ssl_handshake returned" \
4070 -C "X509 - Certificate verification failed" \
4071 -C "SSL - No CA Chain is set, but required to operate"
4072
4073run_test "Authentication: server goodcert, client required, no trusted CA" \
4074 "$P_SRV" \
4075 "$P_CLI debug_level=3 auth_mode=required ca_file=none ca_path=none" \
4076 1 \
4077 -c "x509_verify_cert() returned" \
4078 -c "! The certificate is not correctly signed by the trusted CA" \
4079 -c "! Certificate verification flags"\
4080 -c "! mbedtls_ssl_handshake returned" \
4081 -c "SSL - No CA Chain is set, but required to operate"
4082
4083# The purpose of the next two tests is to test the client's behaviour when receiving a server
4084# certificate with an unsupported elliptic curve. This should usually not happen because
4085# the client informs the server about the supported curves - it does, though, in the
4086# corner case of a static ECDH suite, because the server doesn't check the curve on that
4087# occasion (to be fixed). If that bug's fixed, the test needs to be altered to use a
4088# different means to have the server ignoring the client's supported curve list.
4089
4090requires_config_enabled MBEDTLS_ECP_C
4091run_test "Authentication: server ECDH p256v1, client required, p256v1 unsupported" \
4092 "$P_SRV debug_level=1 key_file=data_files/server5.key \
4093 crt_file=data_files/server5.ku-ka.crt" \
4094 "$P_CLI debug_level=3 auth_mode=required curves=secp521r1" \
4095 1 \
4096 -c "bad certificate (EC key curve)"\
4097 -c "! Certificate verification flags"\
4098 -C "bad server certificate (ECDH curve)" # Expect failure at earlier verification stage
4099
4100requires_config_enabled MBEDTLS_ECP_C
4101run_test "Authentication: server ECDH p256v1, client optional, p256v1 unsupported" \
4102 "$P_SRV debug_level=1 key_file=data_files/server5.key \
4103 crt_file=data_files/server5.ku-ka.crt" \
4104 "$P_CLI debug_level=3 auth_mode=optional curves=secp521r1" \
4105 1 \
4106 -c "bad certificate (EC key curve)"\
4107 -c "! Certificate verification flags"\
4108 -c "bad server certificate (ECDH curve)" # Expect failure only at ECDH params check
4109
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004110run_test "Authentication: server badcert, client none" \
Manuel Pégourié-Gonnardc1da6642014-02-25 14:18:30 +01004111 "$P_SRV crt_file=data_files/server5-badsign.crt \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01004112 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004113 "$P_CLI debug_level=1 auth_mode=none" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01004114 0 \
4115 -C "x509_verify_cert() returned" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01004116 -C "! The certificate is not correctly signed by the trusted CA" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004117 -C "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01004118 -C "X509 - Certificate verification failed"
4119
Simon Butcher99000142016-10-13 17:21:01 +01004120run_test "Authentication: client SHA256, server required" \
4121 "$P_SRV auth_mode=required" \
4122 "$P_CLI debug_level=3 crt_file=data_files/server6.crt \
4123 key_file=data_files/server6.key \
4124 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \
4125 0 \
4126 -c "Supported Signature Algorithm found: 4," \
4127 -c "Supported Signature Algorithm found: 5,"
4128
4129run_test "Authentication: client SHA384, server required" \
4130 "$P_SRV auth_mode=required" \
4131 "$P_CLI debug_level=3 crt_file=data_files/server6.crt \
4132 key_file=data_files/server6.key \
4133 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
4134 0 \
4135 -c "Supported Signature Algorithm found: 4," \
4136 -c "Supported Signature Algorithm found: 5,"
4137
Gilles Peskinefd8332e2017-05-03 16:25:07 +02004138requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
4139run_test "Authentication: client has no cert, server required (SSLv3)" \
4140 "$P_SRV debug_level=3 min_version=ssl3 auth_mode=required" \
4141 "$P_CLI debug_level=3 force_version=ssl3 crt_file=none \
4142 key_file=data_files/server5.key" \
4143 1 \
4144 -S "skip write certificate request" \
4145 -C "skip parse certificate request" \
4146 -c "got a certificate request" \
4147 -c "got no certificate to send" \
4148 -S "x509_verify_cert() returned" \
4149 -s "client has no certificate" \
4150 -s "! mbedtls_ssl_handshake returned" \
4151 -c "! mbedtls_ssl_handshake returned" \
4152 -s "No client certification received from the client, but required by the authentication mode"
4153
4154run_test "Authentication: client has no cert, server required (TLS)" \
4155 "$P_SRV debug_level=3 auth_mode=required" \
4156 "$P_CLI debug_level=3 crt_file=none \
4157 key_file=data_files/server5.key" \
4158 1 \
4159 -S "skip write certificate request" \
4160 -C "skip parse certificate request" \
4161 -c "got a certificate request" \
4162 -c "= write certificate$" \
4163 -C "skip write certificate$" \
4164 -S "x509_verify_cert() returned" \
4165 -s "client has no certificate" \
4166 -s "! mbedtls_ssl_handshake returned" \
4167 -c "! mbedtls_ssl_handshake returned" \
4168 -s "No client certification received from the client, but required by the authentication mode"
4169
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004170run_test "Authentication: client badcert, server required" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004171 "$P_SRV debug_level=3 auth_mode=required" \
4172 "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01004173 key_file=data_files/server5.key" \
4174 1 \
4175 -S "skip write certificate request" \
4176 -C "skip parse certificate request" \
4177 -c "got a certificate request" \
4178 -C "skip write certificate" \
4179 -C "skip write certificate verify" \
4180 -S "skip parse certificate verify" \
4181 -s "x509_verify_cert() returned" \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02004182 -s "! The certificate is not correctly signed by the trusted CA" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004183 -s "! mbedtls_ssl_handshake returned" \
Gilles Peskine1cc8e342017-05-03 16:28:34 +02004184 -s "send alert level=2 message=48" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004185 -c "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01004186 -s "X509 - Certificate verification failed"
Gilles Peskine1cc8e342017-05-03 16:28:34 +02004187# We don't check that the client receives the alert because it might
4188# detect that its write end of the connection is closed and abort
4189# before reading the alert message.
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01004190
Janos Follath89baba22017-04-10 14:34:35 +01004191run_test "Authentication: client cert not trusted, server required" \
4192 "$P_SRV debug_level=3 auth_mode=required" \
4193 "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \
4194 key_file=data_files/server5.key" \
4195 1 \
4196 -S "skip write certificate request" \
4197 -C "skip parse certificate request" \
4198 -c "got a certificate request" \
4199 -C "skip write certificate" \
4200 -C "skip write certificate verify" \
4201 -S "skip parse certificate verify" \
4202 -s "x509_verify_cert() returned" \
4203 -s "! The certificate is not correctly signed by the trusted CA" \
4204 -s "! mbedtls_ssl_handshake returned" \
4205 -c "! mbedtls_ssl_handshake returned" \
4206 -s "X509 - Certificate verification failed"
4207
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004208run_test "Authentication: client badcert, server optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004209 "$P_SRV debug_level=3 auth_mode=optional" \
4210 "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01004211 key_file=data_files/server5.key" \
4212 0 \
4213 -S "skip write certificate request" \
4214 -C "skip parse certificate request" \
4215 -c "got a certificate request" \
4216 -C "skip write certificate" \
4217 -C "skip write certificate verify" \
4218 -S "skip parse certificate verify" \
4219 -s "x509_verify_cert() returned" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01004220 -s "! The certificate is not correctly signed by the trusted CA" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004221 -S "! mbedtls_ssl_handshake returned" \
4222 -C "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01004223 -S "X509 - Certificate verification failed"
4224
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004225run_test "Authentication: client badcert, server none" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004226 "$P_SRV debug_level=3 auth_mode=none" \
4227 "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01004228 key_file=data_files/server5.key" \
4229 0 \
4230 -s "skip write certificate request" \
4231 -C "skip parse certificate request" \
4232 -c "got no certificate request" \
4233 -c "skip write certificate" \
4234 -c "skip write certificate verify" \
4235 -s "skip parse certificate verify" \
4236 -S "x509_verify_cert() returned" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01004237 -S "! The certificate is not correctly signed by the trusted CA" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004238 -S "! mbedtls_ssl_handshake returned" \
4239 -C "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01004240 -S "X509 - Certificate verification failed"
4241
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004242run_test "Authentication: client no cert, server optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004243 "$P_SRV debug_level=3 auth_mode=optional" \
4244 "$P_CLI debug_level=3 crt_file=none key_file=none" \
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01004245 0 \
4246 -S "skip write certificate request" \
4247 -C "skip parse certificate request" \
4248 -c "got a certificate request" \
4249 -C "skip write certificate$" \
4250 -C "got no certificate to send" \
4251 -S "SSLv3 client has no certificate" \
4252 -c "skip write certificate verify" \
4253 -s "skip parse certificate verify" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01004254 -s "! Certificate was missing" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004255 -S "! mbedtls_ssl_handshake returned" \
4256 -C "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01004257 -S "X509 - Certificate verification failed"
4258
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004259run_test "Authentication: openssl client no cert, server optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004260 "$P_SRV debug_level=3 auth_mode=optional" \
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01004261 "$O_CLI" \
4262 0 \
4263 -S "skip write certificate request" \
4264 -s "skip parse certificate verify" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01004265 -s "! Certificate was missing" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004266 -S "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01004267 -S "X509 - Certificate verification failed"
4268
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004269run_test "Authentication: client no cert, openssl server optional" \
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01004270 "$O_SRV -verify 10" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004271 "$P_CLI debug_level=3 crt_file=none key_file=none" \
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01004272 0 \
4273 -C "skip parse certificate request" \
4274 -c "got a certificate request" \
4275 -C "skip write certificate$" \
4276 -c "skip write certificate verify" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004277 -C "! mbedtls_ssl_handshake returned"
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01004278
Gilles Peskinefd8332e2017-05-03 16:25:07 +02004279run_test "Authentication: client no cert, openssl server required" \
4280 "$O_SRV -Verify 10" \
4281 "$P_CLI debug_level=3 crt_file=none key_file=none" \
4282 1 \
4283 -C "skip parse certificate request" \
4284 -c "got a certificate request" \
4285 -C "skip write certificate$" \
4286 -c "skip write certificate verify" \
4287 -c "! mbedtls_ssl_handshake returned"
4288
Janos Follathe2681a42016-03-07 15:57:05 +00004289requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004290run_test "Authentication: client no cert, ssl3" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02004291 "$P_SRV debug_level=3 auth_mode=optional force_version=ssl3" \
Manuel Pégourié-Gonnard448ea502015-01-12 11:40:14 +01004292 "$P_CLI debug_level=3 crt_file=none key_file=none min_version=ssl3" \
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01004293 0 \
4294 -S "skip write certificate request" \
4295 -C "skip parse certificate request" \
4296 -c "got a certificate request" \
4297 -C "skip write certificate$" \
4298 -c "skip write certificate verify" \
4299 -c "got no certificate to send" \
4300 -s "SSLv3 client has no certificate" \
4301 -s "skip parse certificate verify" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01004302 -s "! Certificate was missing" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004303 -S "! mbedtls_ssl_handshake returned" \
4304 -C "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01004305 -S "X509 - Certificate verification failed"
4306
Manuel Pégourié-Gonnard9107b5f2017-07-06 12:16:25 +02004307# The "max_int chain" tests assume that MAX_INTERMEDIATE_CA is set to its
4308# default value (8)
Hanno Beckera6bca9f2017-07-26 13:35:11 +01004309
Simon Butcherbcfa6f42017-07-28 15:59:35 +01004310MAX_IM_CA='8'
Gilles Peskine5d46f6a2019-07-27 23:52:53 +02004311MAX_IM_CA_CONFIG=$( ../scripts/config.py get MBEDTLS_X509_MAX_INTERMEDIATE_CA)
Hanno Beckera6bca9f2017-07-26 13:35:11 +01004312
Simon Butcherbcfa6f42017-07-28 15:59:35 +01004313if [ -n "$MAX_IM_CA_CONFIG" ] && [ "$MAX_IM_CA_CONFIG" -ne "$MAX_IM_CA" ]; then
Gilles Peskine231befa2020-08-26 20:05:11 +02004314 cat <<EOF
4315${CONFIG_H} contains a value for the configuration of
4316MBEDTLS_X509_MAX_INTERMEDIATE_CA that is different from the script's
4317test value of ${MAX_IM_CA}.
Simon Butcher06b78632017-07-28 01:00:17 +01004318
Gilles Peskine231befa2020-08-26 20:05:11 +02004319The tests assume this value and if it changes, the tests in this
4320script should also be adjusted.
4321EOF
Simon Butcher06b78632017-07-28 01:00:17 +01004322 exit 1
Hanno Beckera6bca9f2017-07-26 13:35:11 +01004323fi
4324
Angus Grattonc4dd0732018-04-11 16:28:39 +10004325requires_full_size_output_buffer
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02004326run_test "Authentication: server max_int chain, client default" \
4327 "$P_SRV crt_file=data_files/dir-maxpath/c09.pem \
4328 key_file=data_files/dir-maxpath/09.key" \
4329 "$P_CLI server_name=CA09 ca_file=data_files/dir-maxpath/00.crt" \
4330 0 \
Antonin Décimo36e89b52019-01-23 15:24:37 +01004331 -C "X509 - A fatal error occurred"
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02004332
Angus Grattonc4dd0732018-04-11 16:28:39 +10004333requires_full_size_output_buffer
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02004334run_test "Authentication: server max_int+1 chain, client default" \
4335 "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
4336 key_file=data_files/dir-maxpath/10.key" \
4337 "$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt" \
4338 1 \
Antonin Décimo36e89b52019-01-23 15:24:37 +01004339 -c "X509 - A fatal error occurred"
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02004340
Angus Grattonc4dd0732018-04-11 16:28:39 +10004341requires_full_size_output_buffer
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02004342run_test "Authentication: server max_int+1 chain, client optional" \
4343 "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
4344 key_file=data_files/dir-maxpath/10.key" \
4345 "$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \
4346 auth_mode=optional" \
4347 1 \
Antonin Décimo36e89b52019-01-23 15:24:37 +01004348 -c "X509 - A fatal error occurred"
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02004349
Angus Grattonc4dd0732018-04-11 16:28:39 +10004350requires_full_size_output_buffer
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02004351run_test "Authentication: server max_int+1 chain, client none" \
4352 "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
4353 key_file=data_files/dir-maxpath/10.key" \
4354 "$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \
4355 auth_mode=none" \
4356 0 \
Antonin Décimo36e89b52019-01-23 15:24:37 +01004357 -C "X509 - A fatal error occurred"
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02004358
Angus Grattonc4dd0732018-04-11 16:28:39 +10004359requires_full_size_output_buffer
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02004360run_test "Authentication: client max_int+1 chain, server default" \
4361 "$P_SRV ca_file=data_files/dir-maxpath/00.crt" \
4362 "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
4363 key_file=data_files/dir-maxpath/10.key" \
4364 0 \
Antonin Décimo36e89b52019-01-23 15:24:37 +01004365 -S "X509 - A fatal error occurred"
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02004366
Angus Grattonc4dd0732018-04-11 16:28:39 +10004367requires_full_size_output_buffer
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02004368run_test "Authentication: client max_int+1 chain, server optional" \
4369 "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=optional" \
4370 "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
4371 key_file=data_files/dir-maxpath/10.key" \
4372 1 \
Antonin Décimo36e89b52019-01-23 15:24:37 +01004373 -s "X509 - A fatal error occurred"
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02004374
Angus Grattonc4dd0732018-04-11 16:28:39 +10004375requires_full_size_output_buffer
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02004376run_test "Authentication: client max_int+1 chain, server required" \
4377 "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
4378 "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
4379 key_file=data_files/dir-maxpath/10.key" \
4380 1 \
Antonin Décimo36e89b52019-01-23 15:24:37 +01004381 -s "X509 - A fatal error occurred"
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02004382
Angus Grattonc4dd0732018-04-11 16:28:39 +10004383requires_full_size_output_buffer
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02004384run_test "Authentication: client max_int chain, server required" \
4385 "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
4386 "$P_CLI crt_file=data_files/dir-maxpath/c09.pem \
4387 key_file=data_files/dir-maxpath/09.key" \
4388 0 \
Antonin Décimo36e89b52019-01-23 15:24:37 +01004389 -S "X509 - A fatal error occurred"
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02004390
Janos Follath89baba22017-04-10 14:34:35 +01004391# Tests for CA list in CertificateRequest messages
4392
4393run_test "Authentication: send CA list in CertificateRequest (default)" \
4394 "$P_SRV debug_level=3 auth_mode=required" \
4395 "$P_CLI crt_file=data_files/server6.crt \
4396 key_file=data_files/server6.key" \
4397 0 \
4398 -s "requested DN"
4399
4400run_test "Authentication: do not send CA list in CertificateRequest" \
4401 "$P_SRV debug_level=3 auth_mode=required cert_req_ca_list=0" \
4402 "$P_CLI crt_file=data_files/server6.crt \
4403 key_file=data_files/server6.key" \
4404 0 \
4405 -S "requested DN"
4406
4407run_test "Authentication: send CA list in CertificateRequest, client self signed" \
4408 "$P_SRV debug_level=3 auth_mode=required cert_req_ca_list=0" \
4409 "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \
4410 key_file=data_files/server5.key" \
4411 1 \
4412 -S "requested DN" \
4413 -s "x509_verify_cert() returned" \
4414 -s "! The certificate is not correctly signed by the trusted CA" \
4415 -s "! mbedtls_ssl_handshake returned" \
4416 -c "! mbedtls_ssl_handshake returned" \
4417 -s "X509 - Certificate verification failed"
4418
Jarno Lamsaf7a7f9e2019-04-01 15:11:54 +03004419# Tests for auth_mode, using CA callback, these are duplicated from the authentication tests
4420# When updating these tests, modify the matching authentication tests accordingly
Hanno Becker746aaf32019-03-28 15:25:23 +00004421
4422requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
4423run_test "Authentication, CA callback: server badcert, client required" \
4424 "$P_SRV crt_file=data_files/server5-badsign.crt \
4425 key_file=data_files/server5.key" \
4426 "$P_CLI ca_callback=1 debug_level=3 auth_mode=required" \
4427 1 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01004428 -c "use CA callback for X.509 CRT verification" \
Hanno Becker746aaf32019-03-28 15:25:23 +00004429 -c "x509_verify_cert() returned" \
4430 -c "! The certificate is not correctly signed by the trusted CA" \
4431 -c "! mbedtls_ssl_handshake returned" \
4432 -c "X509 - Certificate verification failed"
4433
4434requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
4435run_test "Authentication, CA callback: server badcert, client optional" \
4436 "$P_SRV crt_file=data_files/server5-badsign.crt \
4437 key_file=data_files/server5.key" \
4438 "$P_CLI ca_callback=1 debug_level=3 auth_mode=optional" \
4439 0 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01004440 -c "use CA callback for X.509 CRT verification" \
Hanno Becker746aaf32019-03-28 15:25:23 +00004441 -c "x509_verify_cert() returned" \
4442 -c "! The certificate is not correctly signed by the trusted CA" \
4443 -C "! mbedtls_ssl_handshake returned" \
4444 -C "X509 - Certificate verification failed"
4445
4446# The purpose of the next two tests is to test the client's behaviour when receiving a server
4447# certificate with an unsupported elliptic curve. This should usually not happen because
4448# the client informs the server about the supported curves - it does, though, in the
4449# corner case of a static ECDH suite, because the server doesn't check the curve on that
4450# occasion (to be fixed). If that bug's fixed, the test needs to be altered to use a
4451# different means to have the server ignoring the client's supported curve list.
4452
4453requires_config_enabled MBEDTLS_ECP_C
4454requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
4455run_test "Authentication, CA callback: server ECDH p256v1, client required, p256v1 unsupported" \
4456 "$P_SRV debug_level=1 key_file=data_files/server5.key \
4457 crt_file=data_files/server5.ku-ka.crt" \
4458 "$P_CLI ca_callback=1 debug_level=3 auth_mode=required curves=secp521r1" \
4459 1 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01004460 -c "use CA callback for X.509 CRT verification" \
4461 -c "bad certificate (EC key curve)" \
4462 -c "! Certificate verification flags" \
Hanno Becker746aaf32019-03-28 15:25:23 +00004463 -C "bad server certificate (ECDH curve)" # Expect failure at earlier verification stage
4464
4465requires_config_enabled MBEDTLS_ECP_C
4466requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
4467run_test "Authentication, CA callback: server ECDH p256v1, client optional, p256v1 unsupported" \
4468 "$P_SRV debug_level=1 key_file=data_files/server5.key \
4469 crt_file=data_files/server5.ku-ka.crt" \
4470 "$P_CLI ca_callback=1 debug_level=3 auth_mode=optional curves=secp521r1" \
4471 1 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01004472 -c "use CA callback for X.509 CRT verification" \
Hanno Becker746aaf32019-03-28 15:25:23 +00004473 -c "bad certificate (EC key curve)"\
4474 -c "! Certificate verification flags"\
4475 -c "bad server certificate (ECDH curve)" # Expect failure only at ECDH params check
4476
4477requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
4478run_test "Authentication, CA callback: client SHA256, server required" \
4479 "$P_SRV ca_callback=1 debug_level=3 auth_mode=required" \
4480 "$P_CLI debug_level=3 crt_file=data_files/server6.crt \
4481 key_file=data_files/server6.key \
4482 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \
4483 0 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01004484 -s "use CA callback for X.509 CRT verification" \
Hanno Becker746aaf32019-03-28 15:25:23 +00004485 -c "Supported Signature Algorithm found: 4," \
4486 -c "Supported Signature Algorithm found: 5,"
4487
4488requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
4489run_test "Authentication, CA callback: client SHA384, server required" \
4490 "$P_SRV ca_callback=1 debug_level=3 auth_mode=required" \
4491 "$P_CLI debug_level=3 crt_file=data_files/server6.crt \
4492 key_file=data_files/server6.key \
4493 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
4494 0 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01004495 -s "use CA callback for X.509 CRT verification" \
Hanno Becker746aaf32019-03-28 15:25:23 +00004496 -c "Supported Signature Algorithm found: 4," \
4497 -c "Supported Signature Algorithm found: 5,"
4498
4499requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
4500run_test "Authentication, CA callback: client badcert, server required" \
4501 "$P_SRV ca_callback=1 debug_level=3 auth_mode=required" \
4502 "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
4503 key_file=data_files/server5.key" \
4504 1 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01004505 -s "use CA callback for X.509 CRT verification" \
Hanno Becker746aaf32019-03-28 15:25:23 +00004506 -S "skip write certificate request" \
4507 -C "skip parse certificate request" \
4508 -c "got a certificate request" \
4509 -C "skip write certificate" \
4510 -C "skip write certificate verify" \
4511 -S "skip parse certificate verify" \
4512 -s "x509_verify_cert() returned" \
4513 -s "! The certificate is not correctly signed by the trusted CA" \
4514 -s "! mbedtls_ssl_handshake returned" \
4515 -s "send alert level=2 message=48" \
4516 -c "! mbedtls_ssl_handshake returned" \
4517 -s "X509 - Certificate verification failed"
4518# We don't check that the client receives the alert because it might
4519# detect that its write end of the connection is closed and abort
4520# before reading the alert message.
4521
4522requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
4523run_test "Authentication, CA callback: client cert not trusted, server required" \
4524 "$P_SRV ca_callback=1 debug_level=3 auth_mode=required" \
4525 "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \
4526 key_file=data_files/server5.key" \
4527 1 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01004528 -s "use CA callback for X.509 CRT verification" \
Hanno Becker746aaf32019-03-28 15:25:23 +00004529 -S "skip write certificate request" \
4530 -C "skip parse certificate request" \
4531 -c "got a certificate request" \
4532 -C "skip write certificate" \
4533 -C "skip write certificate verify" \
4534 -S "skip parse certificate verify" \
4535 -s "x509_verify_cert() returned" \
4536 -s "! The certificate is not correctly signed by the trusted CA" \
4537 -s "! mbedtls_ssl_handshake returned" \
4538 -c "! mbedtls_ssl_handshake returned" \
4539 -s "X509 - Certificate verification failed"
4540
4541requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
4542run_test "Authentication, CA callback: client badcert, server optional" \
4543 "$P_SRV ca_callback=1 debug_level=3 auth_mode=optional" \
4544 "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
4545 key_file=data_files/server5.key" \
4546 0 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01004547 -s "use CA callback for X.509 CRT verification" \
Hanno Becker746aaf32019-03-28 15:25:23 +00004548 -S "skip write certificate request" \
4549 -C "skip parse certificate request" \
4550 -c "got a certificate request" \
4551 -C "skip write certificate" \
4552 -C "skip write certificate verify" \
4553 -S "skip parse certificate verify" \
4554 -s "x509_verify_cert() returned" \
4555 -s "! The certificate is not correctly signed by the trusted CA" \
4556 -S "! mbedtls_ssl_handshake returned" \
4557 -C "! mbedtls_ssl_handshake returned" \
4558 -S "X509 - Certificate verification failed"
4559
4560requires_full_size_output_buffer
4561requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
4562run_test "Authentication, CA callback: server max_int chain, client default" \
4563 "$P_SRV crt_file=data_files/dir-maxpath/c09.pem \
4564 key_file=data_files/dir-maxpath/09.key" \
4565 "$P_CLI ca_callback=1 debug_level=3 server_name=CA09 ca_file=data_files/dir-maxpath/00.crt" \
4566 0 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01004567 -c "use CA callback for X.509 CRT verification" \
Hanno Becker746aaf32019-03-28 15:25:23 +00004568 -C "X509 - A fatal error occurred"
4569
4570requires_full_size_output_buffer
4571requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
4572run_test "Authentication, CA callback: server max_int+1 chain, client default" \
4573 "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
4574 key_file=data_files/dir-maxpath/10.key" \
4575 "$P_CLI debug_level=3 ca_callback=1 server_name=CA10 ca_file=data_files/dir-maxpath/00.crt" \
4576 1 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01004577 -c "use CA callback for X.509 CRT verification" \
Hanno Becker746aaf32019-03-28 15:25:23 +00004578 -c "X509 - A fatal error occurred"
4579
4580requires_full_size_output_buffer
4581requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
4582run_test "Authentication, CA callback: server max_int+1 chain, client optional" \
4583 "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
4584 key_file=data_files/dir-maxpath/10.key" \
4585 "$P_CLI ca_callback=1 server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \
4586 debug_level=3 auth_mode=optional" \
4587 1 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01004588 -c "use CA callback for X.509 CRT verification" \
Hanno Becker746aaf32019-03-28 15:25:23 +00004589 -c "X509 - A fatal error occurred"
4590
4591requires_full_size_output_buffer
4592requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
4593run_test "Authentication, CA callback: client max_int+1 chain, server optional" \
4594 "$P_SRV ca_callback=1 debug_level=3 ca_file=data_files/dir-maxpath/00.crt auth_mode=optional" \
4595 "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
4596 key_file=data_files/dir-maxpath/10.key" \
4597 1 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01004598 -s "use CA callback for X.509 CRT verification" \
Hanno Becker746aaf32019-03-28 15:25:23 +00004599 -s "X509 - A fatal error occurred"
4600
4601requires_full_size_output_buffer
4602requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
4603run_test "Authentication, CA callback: client max_int+1 chain, server required" \
4604 "$P_SRV ca_callback=1 debug_level=3 ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
4605 "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
4606 key_file=data_files/dir-maxpath/10.key" \
4607 1 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01004608 -s "use CA callback for X.509 CRT verification" \
Hanno Becker746aaf32019-03-28 15:25:23 +00004609 -s "X509 - A fatal error occurred"
4610
4611requires_full_size_output_buffer
4612requires_config_enabled MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
4613run_test "Authentication, CA callback: client max_int chain, server required" \
4614 "$P_SRV ca_callback=1 debug_level=3 ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
4615 "$P_CLI crt_file=data_files/dir-maxpath/c09.pem \
4616 key_file=data_files/dir-maxpath/09.key" \
4617 0 \
Janos Follathd7ecbd62019-04-05 14:52:17 +01004618 -s "use CA callback for X.509 CRT verification" \
Hanno Becker746aaf32019-03-28 15:25:23 +00004619 -S "X509 - A fatal error occurred"
4620
Manuel Pégourié-Gonnarddf331a52015-01-08 16:43:07 +01004621# Tests for certificate selection based on SHA verson
4622
4623run_test "Certificate hash: client TLS 1.2 -> SHA-2" \
4624 "$P_SRV crt_file=data_files/server5.crt \
4625 key_file=data_files/server5.key \
4626 crt_file2=data_files/server5-sha1.crt \
4627 key_file2=data_files/server5.key" \
4628 "$P_CLI force_version=tls1_2" \
4629 0 \
4630 -c "signed using.*ECDSA with SHA256" \
4631 -C "signed using.*ECDSA with SHA1"
4632
4633run_test "Certificate hash: client TLS 1.1 -> SHA-1" \
4634 "$P_SRV crt_file=data_files/server5.crt \
4635 key_file=data_files/server5.key \
4636 crt_file2=data_files/server5-sha1.crt \
4637 key_file2=data_files/server5.key" \
4638 "$P_CLI force_version=tls1_1" \
4639 0 \
4640 -C "signed using.*ECDSA with SHA256" \
4641 -c "signed using.*ECDSA with SHA1"
4642
4643run_test "Certificate hash: client TLS 1.0 -> SHA-1" \
4644 "$P_SRV crt_file=data_files/server5.crt \
4645 key_file=data_files/server5.key \
4646 crt_file2=data_files/server5-sha1.crt \
4647 key_file2=data_files/server5.key" \
4648 "$P_CLI force_version=tls1" \
4649 0 \
4650 -C "signed using.*ECDSA with SHA256" \
4651 -c "signed using.*ECDSA with SHA1"
4652
4653run_test "Certificate hash: client TLS 1.1, no SHA-1 -> SHA-2 (order 1)" \
4654 "$P_SRV crt_file=data_files/server5.crt \
4655 key_file=data_files/server5.key \
4656 crt_file2=data_files/server6.crt \
4657 key_file2=data_files/server6.key" \
4658 "$P_CLI force_version=tls1_1" \
4659 0 \
4660 -c "serial number.*09" \
4661 -c "signed using.*ECDSA with SHA256" \
4662 -C "signed using.*ECDSA with SHA1"
4663
4664run_test "Certificate hash: client TLS 1.1, no SHA-1 -> SHA-2 (order 2)" \
4665 "$P_SRV crt_file=data_files/server6.crt \
4666 key_file=data_files/server6.key \
4667 crt_file2=data_files/server5.crt \
4668 key_file2=data_files/server5.key" \
4669 "$P_CLI force_version=tls1_1" \
4670 0 \
4671 -c "serial number.*0A" \
4672 -c "signed using.*ECDSA with SHA256" \
4673 -C "signed using.*ECDSA with SHA1"
4674
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01004675# tests for SNI
4676
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004677run_test "SNI: no SNI callback" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02004678 "$P_SRV debug_level=3 \
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01004679 crt_file=data_files/server5.crt key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02004680 "$P_CLI server_name=localhost" \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02004681 0 \
4682 -S "parse ServerName extension" \
4683 -c "issuer name *: C=NL, O=PolarSSL, CN=Polarssl Test EC CA" \
4684 -c "subject name *: C=NL, O=PolarSSL, CN=localhost"
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01004685
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004686run_test "SNI: matching cert 1" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02004687 "$P_SRV debug_level=3 \
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01004688 crt_file=data_files/server5.crt key_file=data_files/server5.key \
Manuel Pégourié-Gonnard4d6f1782015-06-19 14:40:39 +02004689 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02004690 "$P_CLI server_name=localhost" \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02004691 0 \
4692 -s "parse ServerName extension" \
4693 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
4694 -c "subject name *: C=NL, O=PolarSSL, CN=localhost"
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01004695
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004696run_test "SNI: matching cert 2" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02004697 "$P_SRV debug_level=3 \
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01004698 crt_file=data_files/server5.crt key_file=data_files/server5.key \
Manuel Pégourié-Gonnard4d6f1782015-06-19 14:40:39 +02004699 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02004700 "$P_CLI server_name=polarssl.example" \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02004701 0 \
4702 -s "parse ServerName extension" \
4703 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
4704 -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example"
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01004705
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004706run_test "SNI: no matching cert" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02004707 "$P_SRV debug_level=3 \
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01004708 crt_file=data_files/server5.crt key_file=data_files/server5.key \
Manuel Pégourié-Gonnard4d6f1782015-06-19 14:40:39 +02004709 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02004710 "$P_CLI server_name=nonesuch.example" \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02004711 1 \
4712 -s "parse ServerName extension" \
4713 -s "ssl_sni_wrapper() returned" \
4714 -s "mbedtls_ssl_handshake returned" \
4715 -c "mbedtls_ssl_handshake returned" \
4716 -c "SSL - A fatal alert message was received from our peer"
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01004717
Manuel Pégourié-Gonnardc948a792015-06-22 16:04:20 +02004718run_test "SNI: client auth no override: optional" \
4719 "$P_SRV debug_level=3 auth_mode=optional \
4720 crt_file=data_files/server5.crt key_file=data_files/server5.key \
4721 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-" \
4722 "$P_CLI debug_level=3 server_name=localhost" \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02004723 0 \
Manuel Pégourié-Gonnardc948a792015-06-22 16:04:20 +02004724 -S "skip write certificate request" \
4725 -C "skip parse certificate request" \
4726 -c "got a certificate request" \
4727 -C "skip write certificate" \
4728 -C "skip write certificate verify" \
4729 -S "skip parse certificate verify"
4730
4731run_test "SNI: client auth override: none -> optional" \
4732 "$P_SRV debug_level=3 auth_mode=none \
4733 crt_file=data_files/server5.crt key_file=data_files/server5.key \
4734 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,optional" \
4735 "$P_CLI debug_level=3 server_name=localhost" \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02004736 0 \
Manuel Pégourié-Gonnardc948a792015-06-22 16:04:20 +02004737 -S "skip write certificate request" \
4738 -C "skip parse certificate request" \
4739 -c "got a certificate request" \
4740 -C "skip write certificate" \
4741 -C "skip write certificate verify" \
4742 -S "skip parse certificate verify"
4743
4744run_test "SNI: client auth override: optional -> none" \
4745 "$P_SRV debug_level=3 auth_mode=optional \
4746 crt_file=data_files/server5.crt key_file=data_files/server5.key \
4747 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,none" \
4748 "$P_CLI debug_level=3 server_name=localhost" \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02004749 0 \
Manuel Pégourié-Gonnardc948a792015-06-22 16:04:20 +02004750 -s "skip write certificate request" \
4751 -C "skip parse certificate request" \
4752 -c "got no certificate request" \
4753 -c "skip write certificate" \
4754 -c "skip write certificate verify" \
4755 -s "skip parse certificate verify"
4756
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02004757run_test "SNI: CA no override" \
4758 "$P_SRV debug_level=3 auth_mode=optional \
4759 crt_file=data_files/server5.crt key_file=data_files/server5.key \
4760 ca_file=data_files/test-ca.crt \
4761 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,required" \
4762 "$P_CLI debug_level=3 server_name=localhost \
4763 crt_file=data_files/server6.crt key_file=data_files/server6.key" \
4764 1 \
4765 -S "skip write certificate request" \
4766 -C "skip parse certificate request" \
4767 -c "got a certificate request" \
4768 -C "skip write certificate" \
4769 -C "skip write certificate verify" \
4770 -S "skip parse certificate verify" \
4771 -s "x509_verify_cert() returned" \
4772 -s "! The certificate is not correctly signed by the trusted CA" \
4773 -S "The certificate has been revoked (is on a CRL)"
4774
4775run_test "SNI: CA override" \
4776 "$P_SRV debug_level=3 auth_mode=optional \
4777 crt_file=data_files/server5.crt key_file=data_files/server5.key \
4778 ca_file=data_files/test-ca.crt \
4779 sni=localhost,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,-,required" \
4780 "$P_CLI debug_level=3 server_name=localhost \
4781 crt_file=data_files/server6.crt key_file=data_files/server6.key" \
4782 0 \
4783 -S "skip write certificate request" \
4784 -C "skip parse certificate request" \
4785 -c "got a certificate request" \
4786 -C "skip write certificate" \
4787 -C "skip write certificate verify" \
4788 -S "skip parse certificate verify" \
4789 -S "x509_verify_cert() returned" \
4790 -S "! The certificate is not correctly signed by the trusted CA" \
4791 -S "The certificate has been revoked (is on a CRL)"
4792
4793run_test "SNI: CA override with CRL" \
4794 "$P_SRV debug_level=3 auth_mode=optional \
4795 crt_file=data_files/server5.crt key_file=data_files/server5.key \
4796 ca_file=data_files/test-ca.crt \
4797 sni=localhost,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,data_files/crl-ec-sha256.pem,required" \
4798 "$P_CLI debug_level=3 server_name=localhost \
4799 crt_file=data_files/server6.crt key_file=data_files/server6.key" \
4800 1 \
4801 -S "skip write certificate request" \
4802 -C "skip parse certificate request" \
4803 -c "got a certificate request" \
4804 -C "skip write certificate" \
4805 -C "skip write certificate verify" \
4806 -S "skip parse certificate verify" \
4807 -s "x509_verify_cert() returned" \
4808 -S "! The certificate is not correctly signed by the trusted CA" \
4809 -s "The certificate has been revoked (is on a CRL)"
4810
Andres AG1a834452016-12-07 10:01:30 +00004811# Tests for SNI and DTLS
4812
Andres Amaya Garcia54306c12018-05-01 20:27:37 +01004813run_test "SNI: DTLS, no SNI callback" \
4814 "$P_SRV debug_level=3 dtls=1 \
4815 crt_file=data_files/server5.crt key_file=data_files/server5.key" \
4816 "$P_CLI server_name=localhost dtls=1" \
4817 0 \
4818 -S "parse ServerName extension" \
4819 -c "issuer name *: C=NL, O=PolarSSL, CN=Polarssl Test EC CA" \
4820 -c "subject name *: C=NL, O=PolarSSL, CN=localhost"
4821
Andres Amaya Garciaf77d3d32018-05-01 20:26:47 +01004822run_test "SNI: DTLS, matching cert 1" \
Andres AG1a834452016-12-07 10:01:30 +00004823 "$P_SRV debug_level=3 dtls=1 \
4824 crt_file=data_files/server5.crt key_file=data_files/server5.key \
4825 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
4826 "$P_CLI server_name=localhost dtls=1" \
4827 0 \
4828 -s "parse ServerName extension" \
4829 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
4830 -c "subject name *: C=NL, O=PolarSSL, CN=localhost"
4831
Andres Amaya Garcia54306c12018-05-01 20:27:37 +01004832run_test "SNI: DTLS, matching cert 2" \
4833 "$P_SRV debug_level=3 dtls=1 \
4834 crt_file=data_files/server5.crt key_file=data_files/server5.key \
4835 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
4836 "$P_CLI server_name=polarssl.example dtls=1" \
4837 0 \
4838 -s "parse ServerName extension" \
4839 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
4840 -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example"
4841
4842run_test "SNI: DTLS, no matching cert" \
4843 "$P_SRV debug_level=3 dtls=1 \
4844 crt_file=data_files/server5.crt key_file=data_files/server5.key \
4845 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
4846 "$P_CLI server_name=nonesuch.example dtls=1" \
4847 1 \
4848 -s "parse ServerName extension" \
4849 -s "ssl_sni_wrapper() returned" \
4850 -s "mbedtls_ssl_handshake returned" \
4851 -c "mbedtls_ssl_handshake returned" \
4852 -c "SSL - A fatal alert message was received from our peer"
4853
4854run_test "SNI: DTLS, client auth no override: optional" \
4855 "$P_SRV debug_level=3 auth_mode=optional dtls=1 \
4856 crt_file=data_files/server5.crt key_file=data_files/server5.key \
4857 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-" \
4858 "$P_CLI debug_level=3 server_name=localhost dtls=1" \
4859 0 \
4860 -S "skip write certificate request" \
4861 -C "skip parse certificate request" \
4862 -c "got a certificate request" \
4863 -C "skip write certificate" \
4864 -C "skip write certificate verify" \
4865 -S "skip parse certificate verify"
4866
4867run_test "SNI: DTLS, client auth override: none -> optional" \
4868 "$P_SRV debug_level=3 auth_mode=none dtls=1 \
4869 crt_file=data_files/server5.crt key_file=data_files/server5.key \
4870 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,optional" \
4871 "$P_CLI debug_level=3 server_name=localhost dtls=1" \
4872 0 \
4873 -S "skip write certificate request" \
4874 -C "skip parse certificate request" \
4875 -c "got a certificate request" \
4876 -C "skip write certificate" \
4877 -C "skip write certificate verify" \
4878 -S "skip parse certificate verify"
4879
4880run_test "SNI: DTLS, client auth override: optional -> none" \
4881 "$P_SRV debug_level=3 auth_mode=optional dtls=1 \
4882 crt_file=data_files/server5.crt key_file=data_files/server5.key \
4883 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,none" \
4884 "$P_CLI debug_level=3 server_name=localhost dtls=1" \
4885 0 \
4886 -s "skip write certificate request" \
4887 -C "skip parse certificate request" \
4888 -c "got no certificate request" \
4889 -c "skip write certificate" \
4890 -c "skip write certificate verify" \
4891 -s "skip parse certificate verify"
4892
4893run_test "SNI: DTLS, CA no override" \
4894 "$P_SRV debug_level=3 auth_mode=optional dtls=1 \
4895 crt_file=data_files/server5.crt key_file=data_files/server5.key \
4896 ca_file=data_files/test-ca.crt \
4897 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,required" \
4898 "$P_CLI debug_level=3 server_name=localhost dtls=1 \
4899 crt_file=data_files/server6.crt key_file=data_files/server6.key" \
4900 1 \
4901 -S "skip write certificate request" \
4902 -C "skip parse certificate request" \
4903 -c "got a certificate request" \
4904 -C "skip write certificate" \
4905 -C "skip write certificate verify" \
4906 -S "skip parse certificate verify" \
4907 -s "x509_verify_cert() returned" \
4908 -s "! The certificate is not correctly signed by the trusted CA" \
4909 -S "The certificate has been revoked (is on a CRL)"
4910
Andres Amaya Garciaf77d3d32018-05-01 20:26:47 +01004911run_test "SNI: DTLS, CA override" \
Andres AG1a834452016-12-07 10:01:30 +00004912 "$P_SRV debug_level=3 auth_mode=optional dtls=1 \
4913 crt_file=data_files/server5.crt key_file=data_files/server5.key \
4914 ca_file=data_files/test-ca.crt \
4915 sni=localhost,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,-,required" \
4916 "$P_CLI debug_level=3 server_name=localhost dtls=1 \
4917 crt_file=data_files/server6.crt key_file=data_files/server6.key" \
4918 0 \
4919 -S "skip write certificate request" \
4920 -C "skip parse certificate request" \
4921 -c "got a certificate request" \
4922 -C "skip write certificate" \
4923 -C "skip write certificate verify" \
4924 -S "skip parse certificate verify" \
4925 -S "x509_verify_cert() returned" \
4926 -S "! The certificate is not correctly signed by the trusted CA" \
4927 -S "The certificate has been revoked (is on a CRL)"
4928
Andres Amaya Garciaf77d3d32018-05-01 20:26:47 +01004929run_test "SNI: DTLS, CA override with CRL" \
Andres AG1a834452016-12-07 10:01:30 +00004930 "$P_SRV debug_level=3 auth_mode=optional \
4931 crt_file=data_files/server5.crt key_file=data_files/server5.key dtls=1 \
4932 ca_file=data_files/test-ca.crt \
4933 sni=localhost,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,data_files/crl-ec-sha256.pem,required" \
4934 "$P_CLI debug_level=3 server_name=localhost dtls=1 \
4935 crt_file=data_files/server6.crt key_file=data_files/server6.key" \
4936 1 \
4937 -S "skip write certificate request" \
4938 -C "skip parse certificate request" \
4939 -c "got a certificate request" \
4940 -C "skip write certificate" \
4941 -C "skip write certificate verify" \
4942 -S "skip parse certificate verify" \
4943 -s "x509_verify_cert() returned" \
4944 -S "! The certificate is not correctly signed by the trusted CA" \
4945 -s "The certificate has been revoked (is on a CRL)"
4946
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01004947# Tests for non-blocking I/O: exercise a variety of handshake flows
4948
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004949run_test "Non-blocking I/O: basic handshake" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01004950 "$P_SRV nbio=2 tickets=0 auth_mode=none" \
4951 "$P_CLI nbio=2 tickets=0" \
4952 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004953 -S "mbedtls_ssl_handshake returned" \
4954 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01004955 -c "Read from server: .* bytes read"
4956
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004957run_test "Non-blocking I/O: client auth" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01004958 "$P_SRV nbio=2 tickets=0 auth_mode=required" \
4959 "$P_CLI nbio=2 tickets=0" \
4960 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004961 -S "mbedtls_ssl_handshake returned" \
4962 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01004963 -c "Read from server: .* bytes read"
4964
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004965run_test "Non-blocking I/O: ticket" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01004966 "$P_SRV nbio=2 tickets=1 auth_mode=none" \
4967 "$P_CLI nbio=2 tickets=1" \
4968 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004969 -S "mbedtls_ssl_handshake returned" \
4970 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01004971 -c "Read from server: .* bytes read"
4972
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004973run_test "Non-blocking I/O: ticket + client auth" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01004974 "$P_SRV nbio=2 tickets=1 auth_mode=required" \
4975 "$P_CLI nbio=2 tickets=1" \
4976 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004977 -S "mbedtls_ssl_handshake returned" \
4978 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01004979 -c "Read from server: .* bytes read"
4980
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004981run_test "Non-blocking I/O: ticket + client auth + resume" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01004982 "$P_SRV nbio=2 tickets=1 auth_mode=required" \
4983 "$P_CLI nbio=2 tickets=1 reconnect=1" \
4984 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004985 -S "mbedtls_ssl_handshake returned" \
4986 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01004987 -c "Read from server: .* bytes read"
4988
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004989run_test "Non-blocking I/O: ticket + resume" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01004990 "$P_SRV nbio=2 tickets=1 auth_mode=none" \
4991 "$P_CLI nbio=2 tickets=1 reconnect=1" \
4992 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004993 -S "mbedtls_ssl_handshake returned" \
4994 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01004995 -c "Read from server: .* bytes read"
4996
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004997run_test "Non-blocking I/O: session-id resume" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01004998 "$P_SRV nbio=2 tickets=0 auth_mode=none" \
4999 "$P_CLI nbio=2 tickets=0 reconnect=1" \
5000 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02005001 -S "mbedtls_ssl_handshake returned" \
5002 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01005003 -c "Read from server: .* bytes read"
5004
Hanno Becker00076712017-11-15 16:39:08 +00005005# Tests for event-driven I/O: exercise a variety of handshake flows
5006
5007run_test "Event-driven I/O: basic handshake" \
5008 "$P_SRV event=1 tickets=0 auth_mode=none" \
5009 "$P_CLI event=1 tickets=0" \
5010 0 \
5011 -S "mbedtls_ssl_handshake returned" \
5012 -C "mbedtls_ssl_handshake returned" \
5013 -c "Read from server: .* bytes read"
5014
5015run_test "Event-driven I/O: client auth" \
5016 "$P_SRV event=1 tickets=0 auth_mode=required" \
5017 "$P_CLI event=1 tickets=0" \
5018 0 \
5019 -S "mbedtls_ssl_handshake returned" \
5020 -C "mbedtls_ssl_handshake returned" \
5021 -c "Read from server: .* bytes read"
5022
5023run_test "Event-driven I/O: ticket" \
5024 "$P_SRV event=1 tickets=1 auth_mode=none" \
5025 "$P_CLI event=1 tickets=1" \
5026 0 \
5027 -S "mbedtls_ssl_handshake returned" \
5028 -C "mbedtls_ssl_handshake returned" \
5029 -c "Read from server: .* bytes read"
5030
5031run_test "Event-driven I/O: ticket + client auth" \
5032 "$P_SRV event=1 tickets=1 auth_mode=required" \
5033 "$P_CLI event=1 tickets=1" \
5034 0 \
5035 -S "mbedtls_ssl_handshake returned" \
5036 -C "mbedtls_ssl_handshake returned" \
5037 -c "Read from server: .* bytes read"
5038
5039run_test "Event-driven I/O: ticket + client auth + resume" \
5040 "$P_SRV event=1 tickets=1 auth_mode=required" \
5041 "$P_CLI event=1 tickets=1 reconnect=1" \
5042 0 \
5043 -S "mbedtls_ssl_handshake returned" \
5044 -C "mbedtls_ssl_handshake returned" \
5045 -c "Read from server: .* bytes read"
5046
5047run_test "Event-driven I/O: ticket + resume" \
5048 "$P_SRV event=1 tickets=1 auth_mode=none" \
5049 "$P_CLI event=1 tickets=1 reconnect=1" \
5050 0 \
5051 -S "mbedtls_ssl_handshake returned" \
5052 -C "mbedtls_ssl_handshake returned" \
5053 -c "Read from server: .* bytes read"
5054
5055run_test "Event-driven I/O: session-id resume" \
5056 "$P_SRV event=1 tickets=0 auth_mode=none" \
5057 "$P_CLI event=1 tickets=0 reconnect=1" \
5058 0 \
5059 -S "mbedtls_ssl_handshake returned" \
5060 -C "mbedtls_ssl_handshake returned" \
5061 -c "Read from server: .* bytes read"
5062
Hanno Becker6a33f592018-03-13 11:38:46 +00005063run_test "Event-driven I/O, DTLS: basic handshake" \
5064 "$P_SRV dtls=1 event=1 tickets=0 auth_mode=none" \
5065 "$P_CLI dtls=1 event=1 tickets=0" \
5066 0 \
5067 -c "Read from server: .* bytes read"
5068
5069run_test "Event-driven I/O, DTLS: client auth" \
5070 "$P_SRV dtls=1 event=1 tickets=0 auth_mode=required" \
5071 "$P_CLI dtls=1 event=1 tickets=0" \
5072 0 \
5073 -c "Read from server: .* bytes read"
5074
5075run_test "Event-driven I/O, DTLS: ticket" \
5076 "$P_SRV dtls=1 event=1 tickets=1 auth_mode=none" \
5077 "$P_CLI dtls=1 event=1 tickets=1" \
5078 0 \
5079 -c "Read from server: .* bytes read"
5080
5081run_test "Event-driven I/O, DTLS: ticket + client auth" \
5082 "$P_SRV dtls=1 event=1 tickets=1 auth_mode=required" \
5083 "$P_CLI dtls=1 event=1 tickets=1" \
5084 0 \
5085 -c "Read from server: .* bytes read"
5086
5087run_test "Event-driven I/O, DTLS: ticket + client auth + resume" \
5088 "$P_SRV dtls=1 event=1 tickets=1 auth_mode=required" \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +01005089 "$P_CLI dtls=1 event=1 tickets=1 reconnect=1 skip_close_notify=1" \
Hanno Becker6a33f592018-03-13 11:38:46 +00005090 0 \
5091 -c "Read from server: .* bytes read"
5092
5093run_test "Event-driven I/O, DTLS: ticket + resume" \
5094 "$P_SRV dtls=1 event=1 tickets=1 auth_mode=none" \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +01005095 "$P_CLI dtls=1 event=1 tickets=1 reconnect=1 skip_close_notify=1" \
Hanno Becker6a33f592018-03-13 11:38:46 +00005096 0 \
5097 -c "Read from server: .* bytes read"
5098
5099run_test "Event-driven I/O, DTLS: session-id resume" \
5100 "$P_SRV dtls=1 event=1 tickets=0 auth_mode=none" \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +01005101 "$P_CLI dtls=1 event=1 tickets=0 reconnect=1 skip_close_notify=1" \
Hanno Becker6a33f592018-03-13 11:38:46 +00005102 0 \
5103 -c "Read from server: .* bytes read"
Hanno Beckerbc6c1102018-03-13 11:39:40 +00005104
5105# This test demonstrates the need for the mbedtls_ssl_check_pending function.
5106# During session resumption, the client will send its ApplicationData record
5107# within the same datagram as the Finished messages. In this situation, the
5108# server MUST NOT idle on the underlying transport after handshake completion,
5109# because the ApplicationData request has already been queued internally.
5110run_test "Event-driven I/O, DTLS: session-id resume, UDP packing" \
Hanno Becker8d832182018-03-15 10:14:19 +00005111 -p "$P_PXY pack=50" \
Hanno Beckerbc6c1102018-03-13 11:39:40 +00005112 "$P_SRV dtls=1 event=1 tickets=0 auth_mode=required" \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +01005113 "$P_CLI dtls=1 event=1 tickets=0 reconnect=1 skip_close_notify=1" \
Hanno Beckerbc6c1102018-03-13 11:39:40 +00005114 0 \
5115 -c "Read from server: .* bytes read"
5116
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02005117# Tests for version negotiation
5118
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005119run_test "Version check: all -> 1.2" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01005120 "$P_SRV" \
5121 "$P_CLI" \
5122 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02005123 -S "mbedtls_ssl_handshake returned" \
5124 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01005125 -s "Protocol is TLSv1.2" \
5126 -c "Protocol is TLSv1.2"
5127
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005128run_test "Version check: cli max 1.1 -> 1.1" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01005129 "$P_SRV" \
5130 "$P_CLI max_version=tls1_1" \
5131 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02005132 -S "mbedtls_ssl_handshake returned" \
5133 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01005134 -s "Protocol is TLSv1.1" \
5135 -c "Protocol is TLSv1.1"
5136
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005137run_test "Version check: srv max 1.1 -> 1.1" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01005138 "$P_SRV max_version=tls1_1" \
5139 "$P_CLI" \
5140 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02005141 -S "mbedtls_ssl_handshake returned" \
5142 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01005143 -s "Protocol is TLSv1.1" \
5144 -c "Protocol is TLSv1.1"
5145
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005146run_test "Version check: cli+srv max 1.1 -> 1.1" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01005147 "$P_SRV max_version=tls1_1" \
5148 "$P_CLI max_version=tls1_1" \
5149 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02005150 -S "mbedtls_ssl_handshake returned" \
5151 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01005152 -s "Protocol is TLSv1.1" \
5153 -c "Protocol is TLSv1.1"
5154
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005155run_test "Version check: cli max 1.1, srv min 1.1 -> 1.1" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01005156 "$P_SRV min_version=tls1_1" \
5157 "$P_CLI max_version=tls1_1" \
5158 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02005159 -S "mbedtls_ssl_handshake returned" \
5160 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01005161 -s "Protocol is TLSv1.1" \
5162 -c "Protocol is TLSv1.1"
5163
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005164run_test "Version check: cli min 1.1, srv max 1.1 -> 1.1" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01005165 "$P_SRV max_version=tls1_1" \
5166 "$P_CLI min_version=tls1_1" \
5167 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02005168 -S "mbedtls_ssl_handshake returned" \
5169 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01005170 -s "Protocol is TLSv1.1" \
5171 -c "Protocol is TLSv1.1"
5172
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005173run_test "Version check: cli min 1.2, srv max 1.1 -> fail" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01005174 "$P_SRV max_version=tls1_1" \
5175 "$P_CLI min_version=tls1_2" \
5176 1 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02005177 -s "mbedtls_ssl_handshake returned" \
5178 -c "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01005179 -c "SSL - Handshake protocol not within min/max boundaries"
5180
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005181run_test "Version check: srv min 1.2, cli max 1.1 -> fail" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01005182 "$P_SRV min_version=tls1_2" \
5183 "$P_CLI max_version=tls1_1" \
5184 1 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02005185 -s "mbedtls_ssl_handshake returned" \
5186 -c "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01005187 -s "SSL - Handshake protocol not within min/max boundaries"
5188
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02005189# Tests for ALPN extension
5190
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005191run_test "ALPN: none" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005192 "$P_SRV debug_level=3" \
5193 "$P_CLI debug_level=3" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02005194 0 \
5195 -C "client hello, adding alpn extension" \
5196 -S "found alpn extension" \
5197 -C "got an alert message, type: \\[2:120]" \
5198 -S "server hello, adding alpn extension" \
5199 -C "found alpn extension " \
5200 -C "Application Layer Protocol is" \
5201 -S "Application Layer Protocol is"
5202
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005203run_test "ALPN: client only" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005204 "$P_SRV debug_level=3" \
5205 "$P_CLI debug_level=3 alpn=abc,1234" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02005206 0 \
5207 -c "client hello, adding alpn extension" \
5208 -s "found alpn extension" \
5209 -C "got an alert message, type: \\[2:120]" \
5210 -S "server hello, adding alpn extension" \
5211 -C "found alpn extension " \
5212 -c "Application Layer Protocol is (none)" \
5213 -S "Application Layer Protocol is"
5214
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005215run_test "ALPN: server only" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005216 "$P_SRV debug_level=3 alpn=abc,1234" \
5217 "$P_CLI debug_level=3" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02005218 0 \
5219 -C "client hello, adding alpn extension" \
5220 -S "found alpn extension" \
5221 -C "got an alert message, type: \\[2:120]" \
5222 -S "server hello, adding alpn extension" \
5223 -C "found alpn extension " \
5224 -C "Application Layer Protocol is" \
5225 -s "Application Layer Protocol is (none)"
5226
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005227run_test "ALPN: both, common cli1-srv1" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005228 "$P_SRV debug_level=3 alpn=abc,1234" \
5229 "$P_CLI debug_level=3 alpn=abc,1234" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02005230 0 \
5231 -c "client hello, adding alpn extension" \
5232 -s "found alpn extension" \
5233 -C "got an alert message, type: \\[2:120]" \
5234 -s "server hello, adding alpn extension" \
5235 -c "found alpn extension" \
5236 -c "Application Layer Protocol is abc" \
5237 -s "Application Layer Protocol is abc"
5238
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005239run_test "ALPN: both, common cli2-srv1" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005240 "$P_SRV debug_level=3 alpn=abc,1234" \
5241 "$P_CLI debug_level=3 alpn=1234,abc" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02005242 0 \
5243 -c "client hello, adding alpn extension" \
5244 -s "found alpn extension" \
5245 -C "got an alert message, type: \\[2:120]" \
5246 -s "server hello, adding alpn extension" \
5247 -c "found alpn extension" \
5248 -c "Application Layer Protocol is abc" \
5249 -s "Application Layer Protocol is abc"
5250
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005251run_test "ALPN: both, common cli1-srv2" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005252 "$P_SRV debug_level=3 alpn=abc,1234" \
5253 "$P_CLI debug_level=3 alpn=1234,abcde" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02005254 0 \
5255 -c "client hello, adding alpn extension" \
5256 -s "found alpn extension" \
5257 -C "got an alert message, type: \\[2:120]" \
5258 -s "server hello, adding alpn extension" \
5259 -c "found alpn extension" \
5260 -c "Application Layer Protocol is 1234" \
5261 -s "Application Layer Protocol is 1234"
5262
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005263run_test "ALPN: both, no common" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005264 "$P_SRV debug_level=3 alpn=abc,123" \
5265 "$P_CLI debug_level=3 alpn=1234,abcde" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02005266 1 \
5267 -c "client hello, adding alpn extension" \
5268 -s "found alpn extension" \
5269 -c "got an alert message, type: \\[2:120]" \
5270 -S "server hello, adding alpn extension" \
5271 -C "found alpn extension" \
5272 -C "Application Layer Protocol is 1234" \
5273 -S "Application Layer Protocol is 1234"
5274
Manuel Pégourié-Gonnard83d8c732014-04-07 13:24:21 +02005275
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02005276# Tests for keyUsage in leaf certificates, part 1:
5277# server-side certificate/suite selection
5278
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005279run_test "keyUsage srv: RSA, digitalSignature -> (EC)DHE-RSA" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02005280 "$P_SRV key_file=data_files/server2.key \
5281 crt_file=data_files/server2.ku-ds.crt" \
5282 "$P_CLI" \
5283 0 \
Manuel Pégourié-Gonnard17cde5f2014-05-22 14:42:39 +02005284 -c "Ciphersuite is TLS-[EC]*DHE-RSA-WITH-"
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02005285
5286
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005287run_test "keyUsage srv: RSA, keyEncipherment -> RSA" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02005288 "$P_SRV key_file=data_files/server2.key \
5289 crt_file=data_files/server2.ku-ke.crt" \
5290 "$P_CLI" \
5291 0 \
5292 -c "Ciphersuite is TLS-RSA-WITH-"
5293
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005294run_test "keyUsage srv: RSA, keyAgreement -> fail" \
Manuel Pégourié-Gonnardf2629b92014-08-30 14:20:14 +02005295 "$P_SRV key_file=data_files/server2.key \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02005296 crt_file=data_files/server2.ku-ka.crt" \
Manuel Pégourié-Gonnardf2629b92014-08-30 14:20:14 +02005297 "$P_CLI" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02005298 1 \
5299 -C "Ciphersuite is "
5300
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005301run_test "keyUsage srv: ECDSA, digitalSignature -> ECDHE-ECDSA" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02005302 "$P_SRV key_file=data_files/server5.key \
5303 crt_file=data_files/server5.ku-ds.crt" \
5304 "$P_CLI" \
5305 0 \
5306 -c "Ciphersuite is TLS-ECDHE-ECDSA-WITH-"
5307
5308
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005309run_test "keyUsage srv: ECDSA, keyAgreement -> ECDH-" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02005310 "$P_SRV key_file=data_files/server5.key \
5311 crt_file=data_files/server5.ku-ka.crt" \
5312 "$P_CLI" \
5313 0 \
5314 -c "Ciphersuite is TLS-ECDH-"
5315
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005316run_test "keyUsage srv: ECDSA, keyEncipherment -> fail" \
Manuel Pégourié-Gonnardf2629b92014-08-30 14:20:14 +02005317 "$P_SRV key_file=data_files/server5.key \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02005318 crt_file=data_files/server5.ku-ke.crt" \
Manuel Pégourié-Gonnardf2629b92014-08-30 14:20:14 +02005319 "$P_CLI" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02005320 1 \
5321 -C "Ciphersuite is "
5322
5323# Tests for keyUsage in leaf certificates, part 2:
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02005324# client-side checking of server cert
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02005325
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005326run_test "keyUsage cli: DigitalSignature+KeyEncipherment, RSA: OK" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02005327 "$O_SRV -key data_files/server2.key \
5328 -cert data_files/server2.ku-ds_ke.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005329 "$P_CLI debug_level=1 \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02005330 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
5331 0 \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02005332 -C "bad certificate (usage extensions)" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02005333 -C "Processing of the Certificate handshake message failed" \
5334 -c "Ciphersuite is TLS-"
5335
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005336run_test "keyUsage cli: DigitalSignature+KeyEncipherment, DHE-RSA: OK" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02005337 "$O_SRV -key data_files/server2.key \
5338 -cert data_files/server2.ku-ds_ke.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005339 "$P_CLI debug_level=1 \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02005340 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
5341 0 \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02005342 -C "bad certificate (usage extensions)" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02005343 -C "Processing of the Certificate handshake message failed" \
5344 -c "Ciphersuite is TLS-"
5345
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005346run_test "keyUsage cli: KeyEncipherment, RSA: OK" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02005347 "$O_SRV -key data_files/server2.key \
5348 -cert data_files/server2.ku-ke.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005349 "$P_CLI debug_level=1 \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02005350 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
5351 0 \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02005352 -C "bad certificate (usage extensions)" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02005353 -C "Processing of the Certificate handshake message failed" \
5354 -c "Ciphersuite is TLS-"
5355
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005356run_test "keyUsage cli: KeyEncipherment, DHE-RSA: fail" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02005357 "$O_SRV -key data_files/server2.key \
5358 -cert data_files/server2.ku-ke.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005359 "$P_CLI debug_level=1 \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02005360 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
5361 1 \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02005362 -c "bad certificate (usage extensions)" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02005363 -c "Processing of the Certificate handshake message failed" \
5364 -C "Ciphersuite is TLS-"
5365
Manuel Pégourié-Gonnarde6efa6f2015-04-20 11:01:48 +01005366run_test "keyUsage cli: KeyEncipherment, DHE-RSA: fail, soft" \
5367 "$O_SRV -key data_files/server2.key \
5368 -cert data_files/server2.ku-ke.crt" \
5369 "$P_CLI debug_level=1 auth_mode=optional \
5370 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
5371 0 \
5372 -c "bad certificate (usage extensions)" \
5373 -C "Processing of the Certificate handshake message failed" \
5374 -c "Ciphersuite is TLS-" \
5375 -c "! Usage does not match the keyUsage extension"
5376
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005377run_test "keyUsage cli: DigitalSignature, DHE-RSA: OK" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02005378 "$O_SRV -key data_files/server2.key \
5379 -cert data_files/server2.ku-ds.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005380 "$P_CLI debug_level=1 \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02005381 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
5382 0 \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02005383 -C "bad certificate (usage extensions)" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02005384 -C "Processing of the Certificate handshake message failed" \
5385 -c "Ciphersuite is TLS-"
5386
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005387run_test "keyUsage cli: DigitalSignature, RSA: fail" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02005388 "$O_SRV -key data_files/server2.key \
5389 -cert data_files/server2.ku-ds.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005390 "$P_CLI debug_level=1 \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02005391 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
5392 1 \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02005393 -c "bad certificate (usage extensions)" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02005394 -c "Processing of the Certificate handshake message failed" \
5395 -C "Ciphersuite is TLS-"
5396
Manuel Pégourié-Gonnarde6efa6f2015-04-20 11:01:48 +01005397run_test "keyUsage cli: DigitalSignature, RSA: fail, soft" \
5398 "$O_SRV -key data_files/server2.key \
5399 -cert data_files/server2.ku-ds.crt" \
5400 "$P_CLI debug_level=1 auth_mode=optional \
5401 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
5402 0 \
5403 -c "bad certificate (usage extensions)" \
5404 -C "Processing of the Certificate handshake message failed" \
5405 -c "Ciphersuite is TLS-" \
5406 -c "! Usage does not match the keyUsage extension"
5407
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02005408# Tests for keyUsage in leaf certificates, part 3:
5409# server-side checking of client cert
5410
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005411run_test "keyUsage cli-auth: RSA, DigitalSignature: OK" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005412 "$P_SRV debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02005413 "$O_CLI -key data_files/server2.key \
5414 -cert data_files/server2.ku-ds.crt" \
5415 0 \
5416 -S "bad certificate (usage extensions)" \
5417 -S "Processing of the Certificate handshake message failed"
5418
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005419run_test "keyUsage cli-auth: RSA, KeyEncipherment: fail (soft)" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005420 "$P_SRV debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02005421 "$O_CLI -key data_files/server2.key \
5422 -cert data_files/server2.ku-ke.crt" \
5423 0 \
5424 -s "bad certificate (usage extensions)" \
5425 -S "Processing of the Certificate handshake message failed"
5426
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005427run_test "keyUsage cli-auth: RSA, KeyEncipherment: fail (hard)" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005428 "$P_SRV debug_level=1 auth_mode=required" \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02005429 "$O_CLI -key data_files/server2.key \
5430 -cert data_files/server2.ku-ke.crt" \
5431 1 \
5432 -s "bad certificate (usage extensions)" \
5433 -s "Processing of the Certificate handshake message failed"
5434
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005435run_test "keyUsage cli-auth: ECDSA, DigitalSignature: OK" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005436 "$P_SRV debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02005437 "$O_CLI -key data_files/server5.key \
5438 -cert data_files/server5.ku-ds.crt" \
5439 0 \
5440 -S "bad certificate (usage extensions)" \
5441 -S "Processing of the Certificate handshake message failed"
5442
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005443run_test "keyUsage cli-auth: ECDSA, KeyAgreement: fail (soft)" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005444 "$P_SRV debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02005445 "$O_CLI -key data_files/server5.key \
5446 -cert data_files/server5.ku-ka.crt" \
5447 0 \
5448 -s "bad certificate (usage extensions)" \
5449 -S "Processing of the Certificate handshake message failed"
5450
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02005451# Tests for extendedKeyUsage, part 1: server-side certificate/suite selection
5452
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005453run_test "extKeyUsage srv: serverAuth -> OK" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02005454 "$P_SRV key_file=data_files/server5.key \
5455 crt_file=data_files/server5.eku-srv.crt" \
5456 "$P_CLI" \
5457 0
5458
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005459run_test "extKeyUsage srv: serverAuth,clientAuth -> OK" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02005460 "$P_SRV key_file=data_files/server5.key \
5461 crt_file=data_files/server5.eku-srv.crt" \
5462 "$P_CLI" \
5463 0
5464
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005465run_test "extKeyUsage srv: codeSign,anyEKU -> OK" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02005466 "$P_SRV key_file=data_files/server5.key \
5467 crt_file=data_files/server5.eku-cs_any.crt" \
5468 "$P_CLI" \
5469 0
5470
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005471run_test "extKeyUsage srv: codeSign -> fail" \
Manuel Pégourié-Gonnard7eb58cb2015-07-07 11:54:14 +02005472 "$P_SRV key_file=data_files/server5.key \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02005473 crt_file=data_files/server5.eku-cli.crt" \
Manuel Pégourié-Gonnard7eb58cb2015-07-07 11:54:14 +02005474 "$P_CLI" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02005475 1
5476
5477# Tests for extendedKeyUsage, part 2: client-side checking of server cert
5478
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005479run_test "extKeyUsage cli: serverAuth -> OK" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02005480 "$O_SRV -key data_files/server5.key \
5481 -cert data_files/server5.eku-srv.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005482 "$P_CLI debug_level=1" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02005483 0 \
5484 -C "bad certificate (usage extensions)" \
5485 -C "Processing of the Certificate handshake message failed" \
5486 -c "Ciphersuite is TLS-"
5487
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005488run_test "extKeyUsage cli: serverAuth,clientAuth -> OK" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02005489 "$O_SRV -key data_files/server5.key \
5490 -cert data_files/server5.eku-srv_cli.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005491 "$P_CLI debug_level=1" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02005492 0 \
5493 -C "bad certificate (usage extensions)" \
5494 -C "Processing of the Certificate handshake message failed" \
5495 -c "Ciphersuite is TLS-"
5496
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005497run_test "extKeyUsage cli: codeSign,anyEKU -> OK" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02005498 "$O_SRV -key data_files/server5.key \
5499 -cert data_files/server5.eku-cs_any.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005500 "$P_CLI debug_level=1" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02005501 0 \
5502 -C "bad certificate (usage extensions)" \
5503 -C "Processing of the Certificate handshake message failed" \
5504 -c "Ciphersuite is TLS-"
5505
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005506run_test "extKeyUsage cli: codeSign -> fail" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02005507 "$O_SRV -key data_files/server5.key \
5508 -cert data_files/server5.eku-cs.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005509 "$P_CLI debug_level=1" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02005510 1 \
5511 -c "bad certificate (usage extensions)" \
5512 -c "Processing of the Certificate handshake message failed" \
5513 -C "Ciphersuite is TLS-"
5514
5515# Tests for extendedKeyUsage, part 3: server-side checking of client cert
5516
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005517run_test "extKeyUsage cli-auth: clientAuth -> OK" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005518 "$P_SRV debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02005519 "$O_CLI -key data_files/server5.key \
5520 -cert data_files/server5.eku-cli.crt" \
5521 0 \
5522 -S "bad certificate (usage extensions)" \
5523 -S "Processing of the Certificate handshake message failed"
5524
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005525run_test "extKeyUsage cli-auth: serverAuth,clientAuth -> OK" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005526 "$P_SRV debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02005527 "$O_CLI -key data_files/server5.key \
5528 -cert data_files/server5.eku-srv_cli.crt" \
5529 0 \
5530 -S "bad certificate (usage extensions)" \
5531 -S "Processing of the Certificate handshake message failed"
5532
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005533run_test "extKeyUsage cli-auth: codeSign,anyEKU -> OK" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005534 "$P_SRV debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02005535 "$O_CLI -key data_files/server5.key \
5536 -cert data_files/server5.eku-cs_any.crt" \
5537 0 \
5538 -S "bad certificate (usage extensions)" \
5539 -S "Processing of the Certificate handshake message failed"
5540
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005541run_test "extKeyUsage cli-auth: codeSign -> fail (soft)" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005542 "$P_SRV debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02005543 "$O_CLI -key data_files/server5.key \
5544 -cert data_files/server5.eku-cs.crt" \
5545 0 \
5546 -s "bad certificate (usage extensions)" \
5547 -S "Processing of the Certificate handshake message failed"
5548
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005549run_test "extKeyUsage cli-auth: codeSign -> fail (hard)" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02005550 "$P_SRV debug_level=1 auth_mode=required" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02005551 "$O_CLI -key data_files/server5.key \
5552 -cert data_files/server5.eku-cs.crt" \
5553 1 \
5554 -s "bad certificate (usage extensions)" \
5555 -s "Processing of the Certificate handshake message failed"
5556
Manuel Pégourié-Gonnard0cc7e312014-06-09 11:36:47 +02005557# Tests for DHM parameters loading
5558
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005559run_test "DHM parameters: reference" \
Manuel Pégourié-Gonnard0cc7e312014-06-09 11:36:47 +02005560 "$P_SRV" \
5561 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
5562 debug_level=3" \
5563 0 \
5564 -c "value of 'DHM: P ' (2048 bits)" \
Hanno Becker13be9902017-09-27 17:17:30 +01005565 -c "value of 'DHM: G ' (2 bits)"
Manuel Pégourié-Gonnard0cc7e312014-06-09 11:36:47 +02005566
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005567run_test "DHM parameters: other parameters" \
Manuel Pégourié-Gonnard0cc7e312014-06-09 11:36:47 +02005568 "$P_SRV dhm_file=data_files/dhparams.pem" \
5569 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
5570 debug_level=3" \
5571 0 \
5572 -c "value of 'DHM: P ' (1024 bits)" \
5573 -c "value of 'DHM: G ' (2 bits)"
5574
Manuel Pégourié-Gonnard7a010aa2015-06-12 11:19:10 +02005575# Tests for DHM client-side size checking
5576
5577run_test "DHM size: server default, client default, OK" \
5578 "$P_SRV" \
5579 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
5580 debug_level=1" \
5581 0 \
5582 -C "DHM prime too short:"
5583
5584run_test "DHM size: server default, client 2048, OK" \
5585 "$P_SRV" \
5586 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
5587 debug_level=1 dhmlen=2048" \
5588 0 \
5589 -C "DHM prime too short:"
5590
5591run_test "DHM size: server 1024, client default, OK" \
5592 "$P_SRV dhm_file=data_files/dhparams.pem" \
5593 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
5594 debug_level=1" \
5595 0 \
5596 -C "DHM prime too short:"
5597
5598run_test "DHM size: server 1000, client default, rejected" \
5599 "$P_SRV dhm_file=data_files/dh.1000.pem" \
5600 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
5601 debug_level=1" \
5602 1 \
5603 -c "DHM prime too short:"
5604
5605run_test "DHM size: server default, client 2049, rejected" \
5606 "$P_SRV" \
5607 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
5608 debug_level=1 dhmlen=2049" \
5609 1 \
5610 -c "DHM prime too short:"
5611
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02005612# Tests for PSK callback
5613
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005614run_test "PSK callback: psk, no callback" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02005615 "$P_SRV psk=abc123 psk_identity=foo" \
5616 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
5617 psk_identity=foo psk=abc123" \
5618 0 \
Manuel Pégourié-Gonnardf01768c2015-01-08 17:06:16 +01005619 -S "SSL - None of the common ciphersuites is usable" \
Manuel Pégourié-Gonnard10c3c9f2014-06-10 15:28:52 +02005620 -S "SSL - Unknown identity received" \
5621 -S "SSL - Verification of the message MAC failed"
5622
Hanno Beckerf7027512018-10-23 15:27:39 +01005623requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
5624run_test "PSK callback: opaque psk on client, no callback" \
5625 "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \
5626 "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
Hanno Becker1d911cd2018-11-15 13:06:09 +00005627 psk_identity=foo psk=abc123 psk_opaque=1" \
Hanno Beckerf7027512018-10-23 15:27:39 +01005628 0 \
5629 -c "skip PMS generation for opaque PSK"\
5630 -S "skip PMS generation for opaque PSK"\
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02005631 -C "session hash for extended master secret"\
5632 -S "session hash for extended master secret"\
Hanno Beckerf7027512018-10-23 15:27:39 +01005633 -S "SSL - None of the common ciphersuites is usable" \
5634 -S "SSL - Unknown identity received" \
5635 -S "SSL - Verification of the message MAC failed"
5636
5637requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
5638run_test "PSK callback: opaque psk on client, no callback, SHA-384" \
5639 "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo" \
5640 "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
Hanno Becker1d911cd2018-11-15 13:06:09 +00005641 psk_identity=foo psk=abc123 psk_opaque=1" \
Hanno Beckerf7027512018-10-23 15:27:39 +01005642 0 \
5643 -c "skip PMS generation for opaque PSK"\
5644 -S "skip PMS generation for opaque PSK"\
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02005645 -C "session hash for extended master secret"\
5646 -S "session hash for extended master secret"\
Hanno Beckerf7027512018-10-23 15:27:39 +01005647 -S "SSL - None of the common ciphersuites is usable" \
5648 -S "SSL - Unknown identity received" \
5649 -S "SSL - Verification of the message MAC failed"
5650
5651requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
5652run_test "PSK callback: opaque psk on client, no callback, EMS" \
5653 "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \
5654 "$P_CLI extended_ms=1 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
Hanno Becker1d911cd2018-11-15 13:06:09 +00005655 psk_identity=foo psk=abc123 psk_opaque=1" \
Hanno Beckerf7027512018-10-23 15:27:39 +01005656 0 \
5657 -c "skip PMS generation for opaque PSK"\
5658 -S "skip PMS generation for opaque PSK"\
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02005659 -c "session hash for extended master secret"\
5660 -s "session hash for extended master secret"\
Hanno Beckerf7027512018-10-23 15:27:39 +01005661 -S "SSL - None of the common ciphersuites is usable" \
5662 -S "SSL - Unknown identity received" \
5663 -S "SSL - Verification of the message MAC failed"
5664
5665requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
5666run_test "PSK callback: opaque psk on client, no callback, SHA-384, EMS" \
5667 "$P_SRV extended_ms=1 debug_level=3 psk=abc123 psk_identity=foo" \
5668 "$P_CLI extended_ms=1 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
Hanno Becker1d911cd2018-11-15 13:06:09 +00005669 psk_identity=foo psk=abc123 psk_opaque=1" \
Hanno Beckerf7027512018-10-23 15:27:39 +01005670 0 \
5671 -c "skip PMS generation for opaque PSK"\
5672 -S "skip PMS generation for opaque PSK"\
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02005673 -c "session hash for extended master secret"\
5674 -s "session hash for extended master secret"\
Hanno Beckerf7027512018-10-23 15:27:39 +01005675 -S "SSL - None of the common ciphersuites is usable" \
5676 -S "SSL - Unknown identity received" \
5677 -S "SSL - Verification of the message MAC failed"
5678
Hanno Becker28c79dc2018-10-26 13:15:08 +01005679requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
5680run_test "PSK callback: raw psk on client, static opaque on server, no callback" \
Hanno Becker1d911cd2018-11-15 13:06:09 +00005681 "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
Hanno Becker28c79dc2018-10-26 13:15:08 +01005682 "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
5683 psk_identity=foo psk=abc123" \
5684 0 \
5685 -C "skip PMS generation for opaque PSK"\
5686 -s "skip PMS generation for opaque PSK"\
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02005687 -C "session hash for extended master secret"\
5688 -S "session hash for extended master secret"\
Hanno Becker28c79dc2018-10-26 13:15:08 +01005689 -S "SSL - None of the common ciphersuites is usable" \
5690 -S "SSL - Unknown identity received" \
5691 -S "SSL - Verification of the message MAC failed"
5692
5693requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
5694run_test "PSK callback: raw psk on client, static opaque on server, no callback, SHA-384" \
Hanno Becker1d911cd2018-11-15 13:06:09 +00005695 "$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \
Hanno Becker28c79dc2018-10-26 13:15:08 +01005696 "$P_CLI extended_ms=0 debug_level=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
5697 psk_identity=foo psk=abc123" \
5698 0 \
5699 -C "skip PMS generation for opaque PSK"\
5700 -s "skip PMS generation for opaque PSK"\
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02005701 -C "session hash for extended master secret"\
5702 -S "session hash for extended master secret"\
Hanno Becker28c79dc2018-10-26 13:15:08 +01005703 -S "SSL - None of the common ciphersuites is usable" \
5704 -S "SSL - Unknown identity received" \
5705 -S "SSL - Verification of the message MAC failed"
5706
5707requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
5708run_test "PSK callback: raw psk on client, static opaque on server, no callback, EMS" \
Hanno Becker1d911cd2018-11-15 13:06:09 +00005709 "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 \
Hanno Becker28c79dc2018-10-26 13:15:08 +01005710 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
5711 "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
5712 psk_identity=foo psk=abc123 extended_ms=1" \
5713 0 \
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02005714 -c "session hash for extended master secret"\
5715 -s "session hash for extended master secret"\
Hanno Becker28c79dc2018-10-26 13:15:08 +01005716 -C "skip PMS generation for opaque PSK"\
5717 -s "skip PMS generation for opaque PSK"\
5718 -S "SSL - None of the common ciphersuites is usable" \
5719 -S "SSL - Unknown identity received" \
5720 -S "SSL - Verification of the message MAC failed"
5721
5722requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
5723run_test "PSK callback: raw psk on client, static opaque on server, no callback, EMS, SHA384" \
Hanno Becker1d911cd2018-11-15 13:06:09 +00005724 "$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls1_2 \
Hanno Becker28c79dc2018-10-26 13:15:08 +01005725 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
5726 "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
5727 psk_identity=foo psk=abc123 extended_ms=1" \
5728 0 \
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02005729 -c "session hash for extended master secret"\
5730 -s "session hash for extended master secret"\
Hanno Becker28c79dc2018-10-26 13:15:08 +01005731 -C "skip PMS generation for opaque PSK"\
5732 -s "skip PMS generation for opaque PSK"\
5733 -S "SSL - None of the common ciphersuites is usable" \
5734 -S "SSL - Unknown identity received" \
5735 -S "SSL - Verification of the message MAC failed"
5736
5737requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
5738run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback" \
Hanno Becker1d911cd2018-11-15 13:06:09 +00005739 "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
Hanno Becker28c79dc2018-10-26 13:15:08 +01005740 "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
5741 psk_identity=def psk=beef" \
5742 0 \
5743 -C "skip PMS generation for opaque PSK"\
5744 -s "skip PMS generation for opaque PSK"\
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02005745 -C "session hash for extended master secret"\
5746 -S "session hash for extended master secret"\
Hanno Becker28c79dc2018-10-26 13:15:08 +01005747 -S "SSL - None of the common ciphersuites is usable" \
5748 -S "SSL - Unknown identity received" \
5749 -S "SSL - Verification of the message MAC failed"
5750
5751requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
5752run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, SHA-384" \
Hanno Becker1d911cd2018-11-15 13:06:09 +00005753 "$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \
Hanno Becker28c79dc2018-10-26 13:15:08 +01005754 "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
5755 psk_identity=def psk=beef" \
5756 0 \
5757 -C "skip PMS generation for opaque PSK"\
5758 -s "skip PMS generation for opaque PSK"\
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02005759 -C "session hash for extended master secret"\
5760 -S "session hash for extended master secret"\
Hanno Becker28c79dc2018-10-26 13:15:08 +01005761 -S "SSL - None of the common ciphersuites is usable" \
5762 -S "SSL - Unknown identity received" \
5763 -S "SSL - Verification of the message MAC failed"
5764
5765requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
5766run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, EMS" \
Hanno Becker1d911cd2018-11-15 13:06:09 +00005767 "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 \
Hanno Becker28c79dc2018-10-26 13:15:08 +01005768 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
5769 "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
5770 psk_identity=abc psk=dead extended_ms=1" \
5771 0 \
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02005772 -c "session hash for extended master secret"\
5773 -s "session hash for extended master secret"\
Hanno Becker28c79dc2018-10-26 13:15:08 +01005774 -C "skip PMS generation for opaque PSK"\
5775 -s "skip PMS generation for opaque PSK"\
5776 -S "SSL - None of the common ciphersuites is usable" \
5777 -S "SSL - Unknown identity received" \
5778 -S "SSL - Verification of the message MAC failed"
5779
5780requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
5781run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, EMS, SHA384" \
Hanno Becker1d911cd2018-11-15 13:06:09 +00005782 "$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 \
Hanno Becker28c79dc2018-10-26 13:15:08 +01005783 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
5784 "$P_CLI debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
5785 psk_identity=abc psk=dead extended_ms=1" \
5786 0 \
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02005787 -c "session hash for extended master secret"\
5788 -s "session hash for extended master secret"\
Hanno Becker28c79dc2018-10-26 13:15:08 +01005789 -C "skip PMS generation for opaque PSK"\
5790 -s "skip PMS generation for opaque PSK"\
5791 -S "SSL - None of the common ciphersuites is usable" \
5792 -S "SSL - Unknown identity received" \
5793 -S "SSL - Verification of the message MAC failed"
5794
5795requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
5796run_test "PSK callback: raw psk on client, mismatching static raw PSK on server, opaque PSK from callback" \
Hanno Becker1d911cd2018-11-15 13:06:09 +00005797 "$P_SRV extended_ms=0 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
Hanno Becker28c79dc2018-10-26 13:15:08 +01005798 "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
5799 psk_identity=def psk=beef" \
5800 0 \
5801 -C "skip PMS generation for opaque PSK"\
5802 -s "skip PMS generation for opaque PSK"\
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02005803 -C "session hash for extended master secret"\
5804 -S "session hash for extended master secret"\
Hanno Becker28c79dc2018-10-26 13:15:08 +01005805 -S "SSL - None of the common ciphersuites is usable" \
5806 -S "SSL - Unknown identity received" \
5807 -S "SSL - Verification of the message MAC failed"
5808
5809requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
5810run_test "PSK callback: raw psk on client, mismatching static opaque PSK on server, opaque PSK from callback" \
Hanno Becker1d911cd2018-11-15 13:06:09 +00005811 "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
Hanno Becker28c79dc2018-10-26 13:15:08 +01005812 "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
5813 psk_identity=def psk=beef" \
5814 0 \
5815 -C "skip PMS generation for opaque PSK"\
5816 -s "skip PMS generation for opaque PSK"\
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02005817 -C "session hash for extended master secret"\
5818 -S "session hash for extended master secret"\
Hanno Becker28c79dc2018-10-26 13:15:08 +01005819 -S "SSL - None of the common ciphersuites is usable" \
5820 -S "SSL - Unknown identity received" \
5821 -S "SSL - Verification of the message MAC failed"
5822
5823requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
5824run_test "PSK callback: raw psk on client, mismatching static opaque PSK on server, raw PSK from callback" \
Hanno Becker1d911cd2018-11-15 13:06:09 +00005825 "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=foo psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
Hanno Becker28c79dc2018-10-26 13:15:08 +01005826 "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
5827 psk_identity=def psk=beef" \
5828 0 \
5829 -C "skip PMS generation for opaque PSK"\
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02005830 -C "session hash for extended master secret"\
5831 -S "session hash for extended master secret"\
Hanno Becker28c79dc2018-10-26 13:15:08 +01005832 -S "SSL - None of the common ciphersuites is usable" \
5833 -S "SSL - Unknown identity received" \
5834 -S "SSL - Verification of the message MAC failed"
5835
5836requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
5837run_test "PSK callback: raw psk on client, id-matching but wrong raw PSK on server, opaque PSK from callback" \
Hanno Becker1d911cd2018-11-15 13:06:09 +00005838 "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=abc123 debug_level=3 psk_list=abc,dead,def,beef min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
Hanno Becker28c79dc2018-10-26 13:15:08 +01005839 "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
5840 psk_identity=def psk=beef" \
5841 0 \
5842 -C "skip PMS generation for opaque PSK"\
Manuel Pégourié-Gonnard8faa70e2019-05-20 12:09:50 +02005843 -C "session hash for extended master secret"\
5844 -S "session hash for extended master secret"\
Hanno Becker28c79dc2018-10-26 13:15:08 +01005845 -S "SSL - None of the common ciphersuites is usable" \
5846 -S "SSL - Unknown identity received" \
5847 -S "SSL - Verification of the message MAC failed"
5848
5849requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
5850run_test "PSK callback: raw psk on client, matching opaque PSK on server, wrong opaque PSK from callback" \
Hanno Becker1d911cd2018-11-15 13:06:09 +00005851 "$P_SRV extended_ms=0 psk_opaque=1 psk_identity=def psk=beef debug_level=3 psk_list=abc,dead,def,abc123 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
Hanno Becker28c79dc2018-10-26 13:15:08 +01005852 "$P_CLI extended_ms=0 debug_level=3 min_version=tls1_2 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
5853 psk_identity=def psk=beef" \
5854 1 \
5855 -s "SSL - Verification of the message MAC failed"
5856
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005857run_test "PSK callback: no psk, no callback" \
Manuel Pégourié-Gonnard10c3c9f2014-06-10 15:28:52 +02005858 "$P_SRV" \
5859 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
5860 psk_identity=foo psk=abc123" \
5861 1 \
Manuel Pégourié-Gonnardf01768c2015-01-08 17:06:16 +01005862 -s "SSL - None of the common ciphersuites is usable" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02005863 -S "SSL - Unknown identity received" \
5864 -S "SSL - Verification of the message MAC failed"
5865
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005866run_test "PSK callback: callback overrides other settings" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02005867 "$P_SRV psk=abc123 psk_identity=foo psk_list=abc,dead,def,beef" \
5868 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
5869 psk_identity=foo psk=abc123" \
5870 1 \
Manuel Pégourié-Gonnardf01768c2015-01-08 17:06:16 +01005871 -S "SSL - None of the common ciphersuites is usable" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02005872 -s "SSL - Unknown identity received" \
5873 -S "SSL - Verification of the message MAC failed"
5874
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005875run_test "PSK callback: first id matches" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02005876 "$P_SRV psk_list=abc,dead,def,beef" \
5877 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
5878 psk_identity=abc psk=dead" \
5879 0 \
Manuel Pégourié-Gonnardf01768c2015-01-08 17:06:16 +01005880 -S "SSL - None of the common ciphersuites is usable" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02005881 -S "SSL - Unknown identity received" \
5882 -S "SSL - Verification of the message MAC failed"
5883
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005884run_test "PSK callback: second id matches" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02005885 "$P_SRV psk_list=abc,dead,def,beef" \
5886 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
5887 psk_identity=def psk=beef" \
5888 0 \
Manuel Pégourié-Gonnardf01768c2015-01-08 17:06:16 +01005889 -S "SSL - None of the common ciphersuites is usable" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02005890 -S "SSL - Unknown identity received" \
5891 -S "SSL - Verification of the message MAC failed"
5892
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005893run_test "PSK callback: no match" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02005894 "$P_SRV psk_list=abc,dead,def,beef" \
5895 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
5896 psk_identity=ghi psk=beef" \
5897 1 \
Manuel Pégourié-Gonnardf01768c2015-01-08 17:06:16 +01005898 -S "SSL - None of the common ciphersuites is usable" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02005899 -s "SSL - Unknown identity received" \
5900 -S "SSL - Verification of the message MAC failed"
5901
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02005902run_test "PSK callback: wrong key" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02005903 "$P_SRV psk_list=abc,dead,def,beef" \
5904 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
5905 psk_identity=abc psk=beef" \
5906 1 \
Manuel Pégourié-Gonnardf01768c2015-01-08 17:06:16 +01005907 -S "SSL - None of the common ciphersuites is usable" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02005908 -S "SSL - Unknown identity received" \
5909 -s "SSL - Verification of the message MAC failed"
Manuel Pégourié-Gonnard0cc7e312014-06-09 11:36:47 +02005910
Manuel Pégourié-Gonnarde511b4e2015-09-16 14:11:09 +02005911# Tests for EC J-PAKE
5912
Hanno Beckerfa452c42020-08-14 15:42:49 +01005913requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
Manuel Pégourié-Gonnarde511b4e2015-09-16 14:11:09 +02005914run_test "ECJPAKE: client not configured" \
5915 "$P_SRV debug_level=3" \
5916 "$P_CLI debug_level=3" \
5917 0 \
Hanno Beckeree63af62020-08-14 15:41:23 +01005918 -C "add ciphersuite: 0xc0ff" \
Manuel Pégourié-Gonnarde511b4e2015-09-16 14:11:09 +02005919 -C "adding ecjpake_kkpp extension" \
Manuel Pégourié-Gonnardbf57be62015-09-16 15:04:01 +02005920 -S "found ecjpake kkpp extension" \
5921 -S "skip ecjpake kkpp extension" \
Manuel Pégourié-Gonnarde511b4e2015-09-16 14:11:09 +02005922 -S "ciphersuite mismatch: ecjpake not configured" \
Manuel Pégourié-Gonnard55c7f992015-09-16 15:35:27 +02005923 -S "server hello, ecjpake kkpp extension" \
Manuel Pégourié-Gonnard0a1324a2015-09-16 16:01:00 +02005924 -C "found ecjpake_kkpp extension" \
Manuel Pégourié-Gonnarde511b4e2015-09-16 14:11:09 +02005925 -S "None of the common ciphersuites is usable"
5926
Hanno Beckerfa452c42020-08-14 15:42:49 +01005927requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
Manuel Pégourié-Gonnarde511b4e2015-09-16 14:11:09 +02005928run_test "ECJPAKE: server not configured" \
5929 "$P_SRV debug_level=3" \
5930 "$P_CLI debug_level=3 ecjpake_pw=bla \
5931 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
5932 1 \
Hanno Beckeree63af62020-08-14 15:41:23 +01005933 -c "add ciphersuite: 0xc0ff" \
Manuel Pégourié-Gonnarde511b4e2015-09-16 14:11:09 +02005934 -c "adding ecjpake_kkpp extension" \
Manuel Pégourié-Gonnardbf57be62015-09-16 15:04:01 +02005935 -s "found ecjpake kkpp extension" \
5936 -s "skip ecjpake kkpp extension" \
Manuel Pégourié-Gonnarde511b4e2015-09-16 14:11:09 +02005937 -s "ciphersuite mismatch: ecjpake not configured" \
Manuel Pégourié-Gonnard55c7f992015-09-16 15:35:27 +02005938 -S "server hello, ecjpake kkpp extension" \
Manuel Pégourié-Gonnard0a1324a2015-09-16 16:01:00 +02005939 -C "found ecjpake_kkpp extension" \
Manuel Pégourié-Gonnarde511b4e2015-09-16 14:11:09 +02005940 -s "None of the common ciphersuites is usable"
5941
Hanno Beckerfa452c42020-08-14 15:42:49 +01005942requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
Manuel Pégourié-Gonnardbf57be62015-09-16 15:04:01 +02005943run_test "ECJPAKE: working, TLS" \
5944 "$P_SRV debug_level=3 ecjpake_pw=bla" \
5945 "$P_CLI debug_level=3 ecjpake_pw=bla \
5946 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
Manuel Pégourié-Gonnard0f1660a2015-09-16 22:41:06 +02005947 0 \
Hanno Beckeree63af62020-08-14 15:41:23 +01005948 -c "add ciphersuite: 0xc0ff" \
Manuel Pégourié-Gonnardbf57be62015-09-16 15:04:01 +02005949 -c "adding ecjpake_kkpp extension" \
Manuel Pégourié-Gonnardd0d8cb32015-09-17 14:16:30 +02005950 -C "re-using cached ecjpake parameters" \
Manuel Pégourié-Gonnardbf57be62015-09-16 15:04:01 +02005951 -s "found ecjpake kkpp extension" \
5952 -S "skip ecjpake kkpp extension" \
5953 -S "ciphersuite mismatch: ecjpake not configured" \
Manuel Pégourié-Gonnard55c7f992015-09-16 15:35:27 +02005954 -s "server hello, ecjpake kkpp extension" \
Manuel Pégourié-Gonnard0a1324a2015-09-16 16:01:00 +02005955 -c "found ecjpake_kkpp extension" \
Manuel Pégourié-Gonnard921f2d02015-09-16 22:52:18 +02005956 -S "None of the common ciphersuites is usable" \
5957 -S "SSL - Verification of the message MAC failed"
5958
Janos Follath74537a62016-09-02 13:45:28 +01005959server_needs_more_time 1
Manuel Pégourié-Gonnard12ca6f52015-10-20 15:24:51 +02005960requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
Manuel Pégourié-Gonnard921f2d02015-09-16 22:52:18 +02005961run_test "ECJPAKE: password mismatch, TLS" \
5962 "$P_SRV debug_level=3 ecjpake_pw=bla" \
5963 "$P_CLI debug_level=3 ecjpake_pw=bad \
5964 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
5965 1 \
Manuel Pégourié-Gonnardd0d8cb32015-09-17 14:16:30 +02005966 -C "re-using cached ecjpake parameters" \
Manuel Pégourié-Gonnard921f2d02015-09-16 22:52:18 +02005967 -s "SSL - Verification of the message MAC failed"
5968
Manuel Pégourié-Gonnard12ca6f52015-10-20 15:24:51 +02005969requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
Manuel Pégourié-Gonnard921f2d02015-09-16 22:52:18 +02005970run_test "ECJPAKE: working, DTLS" \
5971 "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \
5972 "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bla \
5973 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
5974 0 \
Manuel Pégourié-Gonnardd0d8cb32015-09-17 14:16:30 +02005975 -c "re-using cached ecjpake parameters" \
5976 -S "SSL - Verification of the message MAC failed"
5977
Manuel Pégourié-Gonnard12ca6f52015-10-20 15:24:51 +02005978requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
Manuel Pégourié-Gonnardd0d8cb32015-09-17 14:16:30 +02005979run_test "ECJPAKE: working, DTLS, no cookie" \
5980 "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla cookies=0" \
5981 "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bla \
5982 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
5983 0 \
5984 -C "re-using cached ecjpake parameters" \
Manuel Pégourié-Gonnard921f2d02015-09-16 22:52:18 +02005985 -S "SSL - Verification of the message MAC failed"
5986
Janos Follath74537a62016-09-02 13:45:28 +01005987server_needs_more_time 1
Manuel Pégourié-Gonnard12ca6f52015-10-20 15:24:51 +02005988requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
Manuel Pégourié-Gonnard921f2d02015-09-16 22:52:18 +02005989run_test "ECJPAKE: password mismatch, DTLS" \
5990 "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \
5991 "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bad \
5992 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
5993 1 \
Manuel Pégourié-Gonnardd0d8cb32015-09-17 14:16:30 +02005994 -c "re-using cached ecjpake parameters" \
Manuel Pégourié-Gonnard921f2d02015-09-16 22:52:18 +02005995 -s "SSL - Verification of the message MAC failed"
Manuel Pégourié-Gonnardbf57be62015-09-16 15:04:01 +02005996
Manuel Pégourié-Gonnardca700b22015-10-20 14:47:00 +02005997# for tests with configs/config-thread.h
Manuel Pégourié-Gonnard12ca6f52015-10-20 15:24:51 +02005998requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
Manuel Pégourié-Gonnardca700b22015-10-20 14:47:00 +02005999run_test "ECJPAKE: working, DTLS, nolog" \
6000 "$P_SRV dtls=1 ecjpake_pw=bla" \
6001 "$P_CLI dtls=1 ecjpake_pw=bla \
6002 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
6003 0
6004
Manuel Pégourié-Gonnard90805a82014-06-11 14:06:01 +02006005# Tests for ciphersuites per version
6006
Janos Follathe2681a42016-03-07 15:57:05 +00006007requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Manuel Pégourié-Gonnardaa946b22019-03-01 10:14:58 +01006008requires_config_enabled MBEDTLS_CAMELLIA_C
6009requires_config_enabled MBEDTLS_AES_C
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006010run_test "Per-version suites: SSL3" \
Manuel Pégourié-Gonnardaa946b22019-03-01 10:14:58 +01006011 "$P_SRV min_version=ssl3 version_suites=TLS-RSA-WITH-CAMELLIA-128-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \
Manuel Pégourié-Gonnard90805a82014-06-11 14:06:01 +02006012 "$P_CLI force_version=ssl3" \
6013 0 \
Manuel Pégourié-Gonnardaa946b22019-03-01 10:14:58 +01006014 -c "Ciphersuite is TLS-RSA-WITH-CAMELLIA-128-CBC-SHA"
Manuel Pégourié-Gonnard90805a82014-06-11 14:06:01 +02006015
Manuel Pégourié-Gonnardaa946b22019-03-01 10:14:58 +01006016requires_config_enabled MBEDTLS_SSL_PROTO_TLS1
6017requires_config_enabled MBEDTLS_CAMELLIA_C
6018requires_config_enabled MBEDTLS_AES_C
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006019run_test "Per-version suites: TLS 1.0" \
Manuel Pégourié-Gonnardaa946b22019-03-01 10:14:58 +01006020 "$P_SRV version_suites=TLS-RSA-WITH-CAMELLIA-128-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \
Manuel Pégourié-Gonnardbd47a582015-01-12 13:43:29 +01006021 "$P_CLI force_version=tls1 arc4=1" \
Manuel Pégourié-Gonnard90805a82014-06-11 14:06:01 +02006022 0 \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01006023 -c "Ciphersuite is TLS-RSA-WITH-AES-256-CBC-SHA"
Manuel Pégourié-Gonnard90805a82014-06-11 14:06:01 +02006024
Manuel Pégourié-Gonnardaa946b22019-03-01 10:14:58 +01006025requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
6026requires_config_enabled MBEDTLS_CAMELLIA_C
6027requires_config_enabled MBEDTLS_AES_C
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006028run_test "Per-version suites: TLS 1.1" \
Manuel Pégourié-Gonnardaa946b22019-03-01 10:14:58 +01006029 "$P_SRV version_suites=TLS-RSA-WITH-CAMELLIA-128-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \
Manuel Pégourié-Gonnard90805a82014-06-11 14:06:01 +02006030 "$P_CLI force_version=tls1_1" \
6031 0 \
6032 -c "Ciphersuite is TLS-RSA-WITH-AES-128-CBC-SHA"
6033
Manuel Pégourié-Gonnardaa946b22019-03-01 10:14:58 +01006034requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
6035requires_config_enabled MBEDTLS_CAMELLIA_C
6036requires_config_enabled MBEDTLS_AES_C
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02006037run_test "Per-version suites: TLS 1.2" \
Manuel Pégourié-Gonnardaa946b22019-03-01 10:14:58 +01006038 "$P_SRV version_suites=TLS-RSA-WITH-CAMELLIA-128-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \
Manuel Pégourié-Gonnard90805a82014-06-11 14:06:01 +02006039 "$P_CLI force_version=tls1_2" \
6040 0 \
6041 -c "Ciphersuite is TLS-RSA-WITH-AES-128-GCM-SHA256"
6042
Manuel Pégourié-Gonnard4cc8c632015-07-23 12:24:03 +02006043# Test for ClientHello without extensions
6044
Manuel Pégourié-Gonnardd55bc202015-08-04 16:22:30 +02006045requires_gnutls
Manuel Pégourié-Gonnardbc4da292020-01-30 12:45:14 +01006046run_test "ClientHello without extensions" \
Manuel Pégourié-Gonnard77cbeff2020-01-30 10:58:57 +01006047 "$P_SRV debug_level=3" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02006048 "$G_CLI --priority=NORMAL:%NO_EXTENSIONS:%DISABLE_SAFE_RENEGOTIATION localhost" \
Gilles Peskine5d2511c2017-05-12 13:16:40 +02006049 0 \
6050 -s "dumping 'client hello extensions' (0 bytes)"
6051
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02006052# Tests for mbedtls_ssl_get_bytes_avail()
Manuel Pégourié-Gonnard95c0a632014-06-11 18:32:36 +02006053
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02006054run_test "mbedtls_ssl_get_bytes_avail: no extra data" \
Manuel Pégourié-Gonnard95c0a632014-06-11 18:32:36 +02006055 "$P_SRV" \
6056 "$P_CLI request_size=100" \
6057 0 \
6058 -s "Read from client: 100 bytes read$"
6059
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02006060run_test "mbedtls_ssl_get_bytes_avail: extra data" \
Manuel Pégourié-Gonnard95c0a632014-06-11 18:32:36 +02006061 "$P_SRV" \
6062 "$P_CLI request_size=500" \
6063 0 \
6064 -s "Read from client: 500 bytes read (.*+.*)"
Manuel Pégourié-Gonnard90805a82014-06-11 14:06:01 +02006065
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006066# Tests for small client packets
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02006067
Janos Follathe2681a42016-03-07 15:57:05 +00006068requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006069run_test "Small client packet SSLv3 BlockCipher" \
Manuel Pégourié-Gonnard448ea502015-01-12 11:40:14 +01006070 "$P_SRV min_version=ssl3" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02006071 "$P_CLI request_size=1 force_version=ssl3 \
6072 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6073 0 \
6074 -s "Read from client: 1 bytes read"
6075
Janos Follathe2681a42016-03-07 15:57:05 +00006076requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006077run_test "Small client packet SSLv3 StreamCipher" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01006078 "$P_SRV min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02006079 "$P_CLI request_size=1 force_version=ssl3 \
6080 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6081 0 \
6082 -s "Read from client: 1 bytes read"
6083
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006084run_test "Small client packet TLS 1.0 BlockCipher" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02006085 "$P_SRV" \
6086 "$P_CLI request_size=1 force_version=tls1 \
6087 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6088 0 \
6089 -s "Read from client: 1 bytes read"
6090
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006091run_test "Small client packet TLS 1.0 BlockCipher, without EtM" \
Manuel Pégourié-Gonnard169dd6a2014-11-04 16:15:39 +01006092 "$P_SRV" \
6093 "$P_CLI request_size=1 force_version=tls1 etm=0 \
6094 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6095 0 \
6096 -s "Read from client: 1 bytes read"
6097
Hanno Becker32c55012017-11-10 08:42:54 +00006098requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006099run_test "Small client packet TLS 1.0 BlockCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00006100 "$P_SRV trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02006101 "$P_CLI request_size=1 force_version=tls1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006102 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02006103 0 \
6104 -s "Read from client: 1 bytes read"
6105
Hanno Becker32c55012017-11-10 08:42:54 +00006106requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006107run_test "Small client packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00006108 "$P_SRV trunc_hmac=1" \
Hanno Becker8501f982017-11-10 08:59:04 +00006109 "$P_CLI request_size=1 force_version=tls1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006110 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
Hanno Becker8501f982017-11-10 08:59:04 +00006111 0 \
6112 -s "Read from client: 1 bytes read"
6113
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006114run_test "Small client packet TLS 1.0 StreamCipher" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01006115 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02006116 "$P_CLI request_size=1 force_version=tls1 \
Hanno Becker8501f982017-11-10 08:59:04 +00006117 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6118 0 \
6119 -s "Read from client: 1 bytes read"
6120
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006121run_test "Small client packet TLS 1.0 StreamCipher, without EtM" \
Hanno Becker8501f982017-11-10 08:59:04 +00006122 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6123 "$P_CLI request_size=1 force_version=tls1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006124 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
Hanno Becker8501f982017-11-10 08:59:04 +00006125 0 \
6126 -s "Read from client: 1 bytes read"
6127
6128requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006129run_test "Small client packet TLS 1.0 StreamCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00006130 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02006131 "$P_CLI request_size=1 force_version=tls1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006132 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02006133 0 \
6134 -s "Read from client: 1 bytes read"
6135
Hanno Becker8501f982017-11-10 08:59:04 +00006136requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006137run_test "Small client packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00006138 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
6139 "$P_CLI request_size=1 force_version=tls1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
6140 trunc_hmac=1 etm=0" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02006141 0 \
6142 -s "Read from client: 1 bytes read"
6143
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006144run_test "Small client packet TLS 1.1 BlockCipher" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02006145 "$P_SRV" \
6146 "$P_CLI request_size=1 force_version=tls1_1 \
6147 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6148 0 \
6149 -s "Read from client: 1 bytes read"
6150
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006151run_test "Small client packet TLS 1.1 BlockCipher, without EtM" \
Manuel Pégourié-Gonnard169dd6a2014-11-04 16:15:39 +01006152 "$P_SRV" \
Hanno Becker8501f982017-11-10 08:59:04 +00006153 "$P_CLI request_size=1 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006154 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
Hanno Becker8501f982017-11-10 08:59:04 +00006155 0 \
6156 -s "Read from client: 1 bytes read"
6157
6158requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006159run_test "Small client packet TLS 1.1 BlockCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00006160 "$P_SRV trunc_hmac=1" \
Hanno Becker8501f982017-11-10 08:59:04 +00006161 "$P_CLI request_size=1 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006162 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
Hanno Becker8501f982017-11-10 08:59:04 +00006163 0 \
6164 -s "Read from client: 1 bytes read"
6165
6166requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006167run_test "Small client packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00006168 "$P_SRV trunc_hmac=1" \
Hanno Becker8501f982017-11-10 08:59:04 +00006169 "$P_CLI request_size=1 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006170 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
Manuel Pégourié-Gonnard169dd6a2014-11-04 16:15:39 +01006171 0 \
6172 -s "Read from client: 1 bytes read"
6173
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006174run_test "Small client packet TLS 1.1 StreamCipher" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01006175 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02006176 "$P_CLI request_size=1 force_version=tls1_1 \
6177 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6178 0 \
6179 -s "Read from client: 1 bytes read"
6180
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006181run_test "Small client packet TLS 1.1 StreamCipher, without EtM" \
Hanno Becker8501f982017-11-10 08:59:04 +00006182 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02006183 "$P_CLI request_size=1 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006184 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02006185 0 \
6186 -s "Read from client: 1 bytes read"
6187
Hanno Becker8501f982017-11-10 08:59:04 +00006188requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006189run_test "Small client packet TLS 1.1 StreamCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00006190 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02006191 "$P_CLI request_size=1 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006192 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02006193 0 \
6194 -s "Read from client: 1 bytes read"
6195
Hanno Becker32c55012017-11-10 08:42:54 +00006196requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006197run_test "Small client packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00006198 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02006199 "$P_CLI request_size=1 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006200 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02006201 0 \
6202 -s "Read from client: 1 bytes read"
6203
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006204run_test "Small client packet TLS 1.2 BlockCipher" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02006205 "$P_SRV" \
6206 "$P_CLI request_size=1 force_version=tls1_2 \
6207 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6208 0 \
6209 -s "Read from client: 1 bytes read"
6210
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006211run_test "Small client packet TLS 1.2 BlockCipher, without EtM" \
Manuel Pégourié-Gonnard169dd6a2014-11-04 16:15:39 +01006212 "$P_SRV" \
Hanno Becker8501f982017-11-10 08:59:04 +00006213 "$P_CLI request_size=1 force_version=tls1_2 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006214 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
Manuel Pégourié-Gonnard169dd6a2014-11-04 16:15:39 +01006215 0 \
6216 -s "Read from client: 1 bytes read"
6217
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006218run_test "Small client packet TLS 1.2 BlockCipher larger MAC" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02006219 "$P_SRV" \
Manuel Pégourié-Gonnardc82ee352015-01-07 16:35:25 +01006220 "$P_CLI request_size=1 force_version=tls1_2 \
6221 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02006222 0 \
6223 -s "Read from client: 1 bytes read"
6224
Hanno Becker32c55012017-11-10 08:42:54 +00006225requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006226run_test "Small client packet TLS 1.2 BlockCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00006227 "$P_SRV trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02006228 "$P_CLI request_size=1 force_version=tls1_2 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006229 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02006230 0 \
6231 -s "Read from client: 1 bytes read"
6232
Hanno Becker8501f982017-11-10 08:59:04 +00006233requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006234run_test "Small client packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00006235 "$P_SRV trunc_hmac=1" \
Hanno Becker8501f982017-11-10 08:59:04 +00006236 "$P_CLI request_size=1 force_version=tls1_2 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006237 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02006238 0 \
6239 -s "Read from client: 1 bytes read"
6240
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006241run_test "Small client packet TLS 1.2 StreamCipher" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01006242 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02006243 "$P_CLI request_size=1 force_version=tls1_2 \
6244 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6245 0 \
6246 -s "Read from client: 1 bytes read"
6247
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006248run_test "Small client packet TLS 1.2 StreamCipher, without EtM" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01006249 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02006250 "$P_CLI request_size=1 force_version=tls1_2 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006251 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
Hanno Becker8501f982017-11-10 08:59:04 +00006252 0 \
6253 -s "Read from client: 1 bytes read"
6254
Hanno Becker32c55012017-11-10 08:42:54 +00006255requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006256run_test "Small client packet TLS 1.2 StreamCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00006257 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02006258 "$P_CLI request_size=1 force_version=tls1_2 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006259 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02006260 0 \
6261 -s "Read from client: 1 bytes read"
6262
Hanno Becker8501f982017-11-10 08:59:04 +00006263requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006264run_test "Small client packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00006265 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Hanno Becker8501f982017-11-10 08:59:04 +00006266 "$P_CLI request_size=1 force_version=tls1_2 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006267 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02006268 0 \
6269 -s "Read from client: 1 bytes read"
6270
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006271run_test "Small client packet TLS 1.2 AEAD" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02006272 "$P_SRV" \
6273 "$P_CLI request_size=1 force_version=tls1_2 \
6274 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
6275 0 \
6276 -s "Read from client: 1 bytes read"
6277
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006278run_test "Small client packet TLS 1.2 AEAD shorter tag" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02006279 "$P_SRV" \
6280 "$P_CLI request_size=1 force_version=tls1_2 \
6281 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
6282 0 \
6283 -s "Read from client: 1 bytes read"
6284
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006285# Tests for small client packets in DTLS
Hanno Beckere2148042017-11-10 08:59:18 +00006286
6287requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006288run_test "Small client packet DTLS 1.0" \
Hanno Beckere2148042017-11-10 08:59:18 +00006289 "$P_SRV dtls=1 force_version=dtls1" \
6290 "$P_CLI dtls=1 request_size=1 \
6291 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6292 0 \
6293 -s "Read from client: 1 bytes read"
6294
6295requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006296run_test "Small client packet DTLS 1.0, without EtM" \
Hanno Beckere2148042017-11-10 08:59:18 +00006297 "$P_SRV dtls=1 force_version=dtls1 etm=0" \
6298 "$P_CLI dtls=1 request_size=1 \
6299 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6300 0 \
6301 -s "Read from client: 1 bytes read"
6302
6303requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6304requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006305run_test "Small client packet DTLS 1.0, truncated hmac" \
Hanno Becker909f9a32017-11-21 17:10:12 +00006306 "$P_SRV dtls=1 force_version=dtls1 trunc_hmac=1" \
6307 "$P_CLI dtls=1 request_size=1 trunc_hmac=1 \
Hanno Beckere2148042017-11-10 08:59:18 +00006308 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6309 0 \
6310 -s "Read from client: 1 bytes read"
6311
6312requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6313requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006314run_test "Small client packet DTLS 1.0, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00006315 "$P_SRV dtls=1 force_version=dtls1 trunc_hmac=1 etm=0" \
Hanno Beckere2148042017-11-10 08:59:18 +00006316 "$P_CLI dtls=1 request_size=1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006317 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\
Hanno Beckere2148042017-11-10 08:59:18 +00006318 0 \
6319 -s "Read from client: 1 bytes read"
6320
6321requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006322run_test "Small client packet DTLS 1.2" \
Hanno Beckere2148042017-11-10 08:59:18 +00006323 "$P_SRV dtls=1 force_version=dtls1_2" \
6324 "$P_CLI dtls=1 request_size=1 \
6325 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6326 0 \
6327 -s "Read from client: 1 bytes read"
6328
6329requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006330run_test "Small client packet DTLS 1.2, without EtM" \
Hanno Becker909f9a32017-11-21 17:10:12 +00006331 "$P_SRV dtls=1 force_version=dtls1_2 etm=0" \
Hanno Beckere2148042017-11-10 08:59:18 +00006332 "$P_CLI dtls=1 request_size=1 \
6333 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6334 0 \
6335 -s "Read from client: 1 bytes read"
6336
6337requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6338requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006339run_test "Small client packet DTLS 1.2, truncated hmac" \
Hanno Becker909f9a32017-11-21 17:10:12 +00006340 "$P_SRV dtls=1 force_version=dtls1_2 trunc_hmac=1" \
Hanno Beckere2148042017-11-10 08:59:18 +00006341 "$P_CLI dtls=1 request_size=1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006342 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
Hanno Beckere2148042017-11-10 08:59:18 +00006343 0 \
6344 -s "Read from client: 1 bytes read"
6345
6346requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6347requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006348run_test "Small client packet DTLS 1.2, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00006349 "$P_SRV dtls=1 force_version=dtls1_2 trunc_hmac=1 etm=0" \
Hanno Beckere2148042017-11-10 08:59:18 +00006350 "$P_CLI dtls=1 request_size=1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006351 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\
Hanno Beckere2148042017-11-10 08:59:18 +00006352 0 \
6353 -s "Read from client: 1 bytes read"
6354
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006355# Tests for small server packets
6356
6357requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
6358run_test "Small server packet SSLv3 BlockCipher" \
6359 "$P_SRV response_size=1 min_version=ssl3" \
6360 "$P_CLI force_version=ssl3 \
6361 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6362 0 \
6363 -c "Read from server: 1 bytes read"
6364
6365requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
6366run_test "Small server packet SSLv3 StreamCipher" \
6367 "$P_SRV response_size=1 min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6368 "$P_CLI force_version=ssl3 \
6369 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6370 0 \
6371 -c "Read from server: 1 bytes read"
6372
6373run_test "Small server packet TLS 1.0 BlockCipher" \
6374 "$P_SRV response_size=1" \
6375 "$P_CLI force_version=tls1 \
6376 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6377 0 \
6378 -c "Read from server: 1 bytes read"
6379
6380run_test "Small server packet TLS 1.0 BlockCipher, without EtM" \
6381 "$P_SRV response_size=1" \
6382 "$P_CLI force_version=tls1 etm=0 \
6383 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6384 0 \
6385 -c "Read from server: 1 bytes read"
6386
6387requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
6388run_test "Small server packet TLS 1.0 BlockCipher, truncated MAC" \
6389 "$P_SRV response_size=1 trunc_hmac=1" \
6390 "$P_CLI force_version=tls1 \
6391 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
6392 0 \
6393 -c "Read from server: 1 bytes read"
6394
6395requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
6396run_test "Small server packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \
6397 "$P_SRV response_size=1 trunc_hmac=1" \
6398 "$P_CLI force_version=tls1 \
6399 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
6400 0 \
6401 -c "Read from server: 1 bytes read"
6402
6403run_test "Small server packet TLS 1.0 StreamCipher" \
6404 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6405 "$P_CLI force_version=tls1 \
6406 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6407 0 \
6408 -c "Read from server: 1 bytes read"
6409
6410run_test "Small server packet TLS 1.0 StreamCipher, without EtM" \
6411 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6412 "$P_CLI force_version=tls1 \
6413 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
6414 0 \
6415 -c "Read from server: 1 bytes read"
6416
6417requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
6418run_test "Small server packet TLS 1.0 StreamCipher, truncated MAC" \
6419 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
6420 "$P_CLI force_version=tls1 \
6421 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
6422 0 \
6423 -c "Read from server: 1 bytes read"
6424
6425requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
6426run_test "Small server packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \
6427 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
6428 "$P_CLI force_version=tls1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
6429 trunc_hmac=1 etm=0" \
6430 0 \
6431 -c "Read from server: 1 bytes read"
6432
6433run_test "Small server packet TLS 1.1 BlockCipher" \
6434 "$P_SRV response_size=1" \
6435 "$P_CLI force_version=tls1_1 \
6436 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6437 0 \
6438 -c "Read from server: 1 bytes read"
6439
6440run_test "Small server packet TLS 1.1 BlockCipher, without EtM" \
6441 "$P_SRV response_size=1" \
6442 "$P_CLI force_version=tls1_1 \
6443 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
6444 0 \
6445 -c "Read from server: 1 bytes read"
6446
6447requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
6448run_test "Small server packet TLS 1.1 BlockCipher, truncated MAC" \
6449 "$P_SRV response_size=1 trunc_hmac=1" \
6450 "$P_CLI force_version=tls1_1 \
6451 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
6452 0 \
6453 -c "Read from server: 1 bytes read"
6454
6455requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
6456run_test "Small server packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \
6457 "$P_SRV response_size=1 trunc_hmac=1" \
6458 "$P_CLI force_version=tls1_1 \
6459 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
6460 0 \
6461 -c "Read from server: 1 bytes read"
6462
6463run_test "Small server packet TLS 1.1 StreamCipher" \
6464 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6465 "$P_CLI force_version=tls1_1 \
6466 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6467 0 \
6468 -c "Read from server: 1 bytes read"
6469
6470run_test "Small server packet TLS 1.1 StreamCipher, without EtM" \
6471 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6472 "$P_CLI force_version=tls1_1 \
6473 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
6474 0 \
6475 -c "Read from server: 1 bytes read"
6476
6477requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
6478run_test "Small server packet TLS 1.1 StreamCipher, truncated MAC" \
6479 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
6480 "$P_CLI force_version=tls1_1 \
6481 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
6482 0 \
6483 -c "Read from server: 1 bytes read"
6484
6485requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
6486run_test "Small server packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \
6487 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
6488 "$P_CLI force_version=tls1_1 \
6489 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
6490 0 \
6491 -c "Read from server: 1 bytes read"
6492
6493run_test "Small server packet TLS 1.2 BlockCipher" \
6494 "$P_SRV response_size=1" \
6495 "$P_CLI force_version=tls1_2 \
6496 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6497 0 \
6498 -c "Read from server: 1 bytes read"
6499
6500run_test "Small server packet TLS 1.2 BlockCipher, without EtM" \
6501 "$P_SRV response_size=1" \
6502 "$P_CLI force_version=tls1_2 \
6503 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
6504 0 \
6505 -c "Read from server: 1 bytes read"
6506
6507run_test "Small server packet TLS 1.2 BlockCipher larger MAC" \
6508 "$P_SRV response_size=1" \
6509 "$P_CLI force_version=tls1_2 \
6510 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
6511 0 \
6512 -c "Read from server: 1 bytes read"
6513
6514requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
6515run_test "Small server packet TLS 1.2 BlockCipher, truncated MAC" \
6516 "$P_SRV response_size=1 trunc_hmac=1" \
6517 "$P_CLI force_version=tls1_2 \
6518 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
6519 0 \
6520 -c "Read from server: 1 bytes read"
6521
6522requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
6523run_test "Small server packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
6524 "$P_SRV response_size=1 trunc_hmac=1" \
6525 "$P_CLI force_version=tls1_2 \
6526 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
6527 0 \
6528 -c "Read from server: 1 bytes read"
6529
6530run_test "Small server packet TLS 1.2 StreamCipher" \
6531 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6532 "$P_CLI force_version=tls1_2 \
6533 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6534 0 \
6535 -c "Read from server: 1 bytes read"
6536
6537run_test "Small server packet TLS 1.2 StreamCipher, without EtM" \
6538 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6539 "$P_CLI force_version=tls1_2 \
6540 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
6541 0 \
6542 -c "Read from server: 1 bytes read"
6543
6544requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
6545run_test "Small server packet TLS 1.2 StreamCipher, truncated MAC" \
6546 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
6547 "$P_CLI force_version=tls1_2 \
6548 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
6549 0 \
6550 -c "Read from server: 1 bytes read"
6551
6552requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
6553run_test "Small server packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
6554 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
6555 "$P_CLI force_version=tls1_2 \
6556 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
6557 0 \
6558 -c "Read from server: 1 bytes read"
6559
6560run_test "Small server packet TLS 1.2 AEAD" \
6561 "$P_SRV response_size=1" \
6562 "$P_CLI force_version=tls1_2 \
6563 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
6564 0 \
6565 -c "Read from server: 1 bytes read"
6566
6567run_test "Small server packet TLS 1.2 AEAD shorter tag" \
6568 "$P_SRV response_size=1" \
6569 "$P_CLI force_version=tls1_2 \
6570 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
6571 0 \
6572 -c "Read from server: 1 bytes read"
6573
6574# Tests for small server packets in DTLS
6575
6576requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6577run_test "Small server packet DTLS 1.0" \
6578 "$P_SRV dtls=1 response_size=1 force_version=dtls1" \
6579 "$P_CLI dtls=1 \
6580 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6581 0 \
6582 -c "Read from server: 1 bytes read"
6583
6584requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6585run_test "Small server packet DTLS 1.0, without EtM" \
6586 "$P_SRV dtls=1 response_size=1 force_version=dtls1 etm=0" \
6587 "$P_CLI dtls=1 \
6588 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6589 0 \
6590 -c "Read from server: 1 bytes read"
6591
6592requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6593requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
6594run_test "Small server packet DTLS 1.0, truncated hmac" \
6595 "$P_SRV dtls=1 response_size=1 force_version=dtls1 trunc_hmac=1" \
6596 "$P_CLI dtls=1 trunc_hmac=1 \
6597 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6598 0 \
6599 -c "Read from server: 1 bytes read"
6600
6601requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6602requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
6603run_test "Small server packet DTLS 1.0, without EtM, truncated MAC" \
6604 "$P_SRV dtls=1 response_size=1 force_version=dtls1 trunc_hmac=1 etm=0" \
6605 "$P_CLI dtls=1 \
6606 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\
6607 0 \
6608 -c "Read from server: 1 bytes read"
6609
6610requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6611run_test "Small server packet DTLS 1.2" \
6612 "$P_SRV dtls=1 response_size=1 force_version=dtls1_2" \
6613 "$P_CLI dtls=1 \
6614 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6615 0 \
6616 -c "Read from server: 1 bytes read"
6617
6618requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6619run_test "Small server packet DTLS 1.2, without EtM" \
6620 "$P_SRV dtls=1 response_size=1 force_version=dtls1_2 etm=0" \
6621 "$P_CLI dtls=1 \
6622 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6623 0 \
6624 -c "Read from server: 1 bytes read"
6625
6626requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6627requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
6628run_test "Small server packet DTLS 1.2, truncated hmac" \
6629 "$P_SRV dtls=1 response_size=1 force_version=dtls1_2 trunc_hmac=1" \
6630 "$P_CLI dtls=1 \
6631 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
6632 0 \
6633 -c "Read from server: 1 bytes read"
6634
6635requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6636requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
6637run_test "Small server packet DTLS 1.2, without EtM, truncated MAC" \
6638 "$P_SRV dtls=1 response_size=1 force_version=dtls1_2 trunc_hmac=1 etm=0" \
6639 "$P_CLI dtls=1 \
6640 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\
6641 0 \
6642 -c "Read from server: 1 bytes read"
6643
Janos Follath00efff72016-05-06 13:48:23 +01006644# A test for extensions in SSLv3
6645
6646requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
6647run_test "SSLv3 with extensions, server side" \
6648 "$P_SRV min_version=ssl3 debug_level=3" \
6649 "$P_CLI force_version=ssl3 tickets=1 max_frag_len=4096 alpn=abc,1234" \
6650 0 \
6651 -S "dumping 'client hello extensions'" \
6652 -S "server hello, total extension length:"
6653
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006654# Test for large client packets
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006655
Angus Grattonc4dd0732018-04-11 16:28:39 +10006656# How many fragments do we expect to write $1 bytes?
6657fragments_for_write() {
6658 echo "$(( ( $1 + $MAX_OUT_LEN - 1 ) / $MAX_OUT_LEN ))"
6659}
6660
Janos Follathe2681a42016-03-07 15:57:05 +00006661requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006662run_test "Large client packet SSLv3 BlockCipher" \
Manuel Pégourié-Gonnard448ea502015-01-12 11:40:14 +01006663 "$P_SRV min_version=ssl3" \
Manuel Pégourié-Gonnardc82ee352015-01-07 16:35:25 +01006664 "$P_CLI request_size=16384 force_version=ssl3 recsplit=0 \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006665 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6666 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10006667 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
6668 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006669
Janos Follathe2681a42016-03-07 15:57:05 +00006670requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006671run_test "Large client packet SSLv3 StreamCipher" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01006672 "$P_SRV min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006673 "$P_CLI request_size=16384 force_version=ssl3 \
6674 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6675 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10006676 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
6677 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006678
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006679run_test "Large client packet TLS 1.0 BlockCipher" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006680 "$P_SRV" \
Manuel Pégourié-Gonnardc82ee352015-01-07 16:35:25 +01006681 "$P_CLI request_size=16384 force_version=tls1 recsplit=0 \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006682 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6683 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10006684 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
6685 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006686
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006687run_test "Large client packet TLS 1.0 BlockCipher, without EtM" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006688 "$P_SRV" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00006689 "$P_CLI request_size=16384 force_version=tls1 etm=0 recsplit=0 \
6690 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6691 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10006692 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Hanno Becker278fc7a2017-11-10 09:16:28 +00006693
Hanno Becker32c55012017-11-10 08:42:54 +00006694requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006695run_test "Large client packet TLS 1.0 BlockCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00006696 "$P_SRV trunc_hmac=1" \
Manuel Pégourié-Gonnardc82ee352015-01-07 16:35:25 +01006697 "$P_CLI request_size=16384 force_version=tls1 recsplit=0 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006698 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006699 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10006700 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
6701 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006702
Hanno Becker32c55012017-11-10 08:42:54 +00006703requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006704run_test "Large client packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00006705 "$P_SRV trunc_hmac=1" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00006706 "$P_CLI request_size=16384 force_version=tls1 etm=0 recsplit=0 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006707 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00006708 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10006709 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Hanno Becker278fc7a2017-11-10 09:16:28 +00006710
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006711run_test "Large client packet TLS 1.0 StreamCipher" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01006712 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006713 "$P_CLI request_size=16384 force_version=tls1 \
Hanno Becker278fc7a2017-11-10 09:16:28 +00006714 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6715 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10006716 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Hanno Becker278fc7a2017-11-10 09:16:28 +00006717
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006718run_test "Large client packet TLS 1.0 StreamCipher, without EtM" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00006719 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6720 "$P_CLI request_size=16384 force_version=tls1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006721 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00006722 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10006723 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Hanno Becker278fc7a2017-11-10 09:16:28 +00006724
6725requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006726run_test "Large client packet TLS 1.0 StreamCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00006727 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006728 "$P_CLI request_size=16384 force_version=tls1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006729 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006730 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10006731 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006732
Hanno Becker278fc7a2017-11-10 09:16:28 +00006733requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006734run_test "Large client packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00006735 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00006736 "$P_CLI request_size=16384 force_version=tls1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006737 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006738 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10006739 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
6740 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006741
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006742run_test "Large client packet TLS 1.1 BlockCipher" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006743 "$P_SRV" \
6744 "$P_CLI request_size=16384 force_version=tls1_1 \
6745 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6746 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10006747 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
6748 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006749
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006750run_test "Large client packet TLS 1.1 BlockCipher, without EtM" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00006751 "$P_SRV" \
6752 "$P_CLI request_size=16384 force_version=tls1_1 etm=0 \
6753 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006754 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10006755 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006756
Hanno Becker32c55012017-11-10 08:42:54 +00006757requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006758run_test "Large client packet TLS 1.1 BlockCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00006759 "$P_SRV trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006760 "$P_CLI request_size=16384 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006761 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006762 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10006763 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006764
Hanno Becker32c55012017-11-10 08:42:54 +00006765requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006766run_test "Large client packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00006767 "$P_SRV trunc_hmac=1" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00006768 "$P_CLI request_size=16384 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006769 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00006770 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10006771 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Hanno Becker278fc7a2017-11-10 09:16:28 +00006772
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006773run_test "Large client packet TLS 1.1 StreamCipher" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006774 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6775 "$P_CLI request_size=16384 force_version=tls1_1 \
6776 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6777 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10006778 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
6779 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006780
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006781run_test "Large client packet TLS 1.1 StreamCipher, without EtM" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00006782 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006783 "$P_CLI request_size=16384 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006784 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006785 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10006786 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
6787 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006788
Hanno Becker278fc7a2017-11-10 09:16:28 +00006789requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006790run_test "Large client packet TLS 1.1 StreamCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00006791 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006792 "$P_CLI request_size=16384 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006793 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006794 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10006795 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006796
Hanno Becker278fc7a2017-11-10 09:16:28 +00006797requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006798run_test "Large client packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00006799 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00006800 "$P_CLI request_size=16384 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006801 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006802 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10006803 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
6804 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006805
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006806run_test "Large client packet TLS 1.2 BlockCipher" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006807 "$P_SRV" \
6808 "$P_CLI request_size=16384 force_version=tls1_2 \
6809 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6810 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10006811 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
6812 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006813
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006814run_test "Large client packet TLS 1.2 BlockCipher, without EtM" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00006815 "$P_SRV" \
6816 "$P_CLI request_size=16384 force_version=tls1_2 etm=0 \
6817 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6818 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10006819 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Hanno Becker278fc7a2017-11-10 09:16:28 +00006820
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006821run_test "Large client packet TLS 1.2 BlockCipher larger MAC" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006822 "$P_SRV" \
Manuel Pégourié-Gonnardc82ee352015-01-07 16:35:25 +01006823 "$P_CLI request_size=16384 force_version=tls1_2 \
6824 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006825 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10006826 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
6827 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006828
Hanno Becker32c55012017-11-10 08:42:54 +00006829requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006830run_test "Large client packet TLS 1.2 BlockCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00006831 "$P_SRV trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006832 "$P_CLI request_size=16384 force_version=tls1_2 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006833 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006834 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10006835 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006836
Hanno Becker278fc7a2017-11-10 09:16:28 +00006837requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006838run_test "Large client packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00006839 "$P_SRV trunc_hmac=1" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00006840 "$P_CLI request_size=16384 force_version=tls1_2 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006841 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006842 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10006843 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
6844 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006845
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006846run_test "Large client packet TLS 1.2 StreamCipher" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01006847 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006848 "$P_CLI request_size=16384 force_version=tls1_2 \
6849 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6850 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10006851 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
6852 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006853
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006854run_test "Large client packet TLS 1.2 StreamCipher, without EtM" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01006855 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006856 "$P_CLI request_size=16384 force_version=tls1_2 \
Hanno Becker278fc7a2017-11-10 09:16:28 +00006857 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
6858 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10006859 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Hanno Becker278fc7a2017-11-10 09:16:28 +00006860
Hanno Becker32c55012017-11-10 08:42:54 +00006861requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006862run_test "Large client packet TLS 1.2 StreamCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00006863 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006864 "$P_CLI request_size=16384 force_version=tls1_2 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006865 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006866 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10006867 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006868
Hanno Becker278fc7a2017-11-10 09:16:28 +00006869requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006870run_test "Large client packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00006871 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00006872 "$P_CLI request_size=16384 force_version=tls1_2 \
Hanno Becker909f9a32017-11-21 17:10:12 +00006873 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006874 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10006875 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
6876 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006877
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006878run_test "Large client packet TLS 1.2 AEAD" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006879 "$P_SRV" \
6880 "$P_CLI request_size=16384 force_version=tls1_2 \
6881 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
6882 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10006883 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
6884 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006885
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006886run_test "Large client packet TLS 1.2 AEAD shorter tag" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006887 "$P_SRV" \
6888 "$P_CLI request_size=16384 force_version=tls1_2 \
6889 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
6890 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10006891 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
6892 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02006893
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006894# Test for large server packets
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006895requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
6896run_test "Large server packet SSLv3 StreamCipher" \
6897 "$P_SRV response_size=16384 min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6898 "$P_CLI force_version=ssl3 \
6899 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6900 0 \
6901 -c "Read from server: 16384 bytes read"
6902
Andrzej Kurek6a4f2242018-08-27 08:00:13 -04006903# Checking next 4 tests logs for 1n-1 split against BEAST too
6904requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
6905run_test "Large server packet SSLv3 BlockCipher" \
6906 "$P_SRV response_size=16384 min_version=ssl3" \
6907 "$P_CLI force_version=ssl3 recsplit=0 \
6908 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6909 0 \
6910 -c "Read from server: 1 bytes read"\
6911 -c "16383 bytes read"\
6912 -C "Read from server: 16384 bytes read"
6913
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006914run_test "Large server packet TLS 1.0 BlockCipher" \
6915 "$P_SRV response_size=16384" \
6916 "$P_CLI force_version=tls1 recsplit=0 \
6917 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6918 0 \
6919 -c "Read from server: 1 bytes read"\
6920 -c "16383 bytes read"\
6921 -C "Read from server: 16384 bytes read"
6922
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006923run_test "Large server packet TLS 1.0 BlockCipher, without EtM" \
6924 "$P_SRV response_size=16384" \
6925 "$P_CLI force_version=tls1 etm=0 recsplit=0 \
6926 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6927 0 \
6928 -c "Read from server: 1 bytes read"\
6929 -c "16383 bytes read"\
6930 -C "Read from server: 16384 bytes read"
6931
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006932requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
6933run_test "Large server packet TLS 1.0 BlockCipher truncated MAC" \
6934 "$P_SRV response_size=16384" \
6935 "$P_CLI force_version=tls1 recsplit=0 \
6936 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
6937 trunc_hmac=1" \
6938 0 \
6939 -c "Read from server: 1 bytes read"\
6940 -c "16383 bytes read"\
6941 -C "Read from server: 16384 bytes read"
6942
6943requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
6944run_test "Large server packet TLS 1.0 StreamCipher truncated MAC" \
6945 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6946 "$P_CLI force_version=tls1 \
6947 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
6948 trunc_hmac=1" \
6949 0 \
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006950 -s "16384 bytes written in 1 fragments" \
6951 -c "Read from server: 16384 bytes read"
6952
6953run_test "Large server packet TLS 1.0 StreamCipher" \
6954 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6955 "$P_CLI force_version=tls1 \
6956 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6957 0 \
6958 -s "16384 bytes written in 1 fragments" \
6959 -c "Read from server: 16384 bytes read"
6960
6961run_test "Large server packet TLS 1.0 StreamCipher, without EtM" \
6962 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
6963 "$P_CLI force_version=tls1 \
6964 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
6965 0 \
6966 -s "16384 bytes written in 1 fragments" \
6967 -c "Read from server: 16384 bytes read"
6968
6969requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
6970run_test "Large server packet TLS 1.0 StreamCipher, truncated MAC" \
6971 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
6972 "$P_CLI force_version=tls1 \
6973 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
6974 0 \
6975 -s "16384 bytes written in 1 fragments" \
6976 -c "Read from server: 16384 bytes read"
6977
6978requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
6979run_test "Large server packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \
6980 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
6981 "$P_CLI force_version=tls1 \
6982 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
6983 0 \
6984 -s "16384 bytes written in 1 fragments" \
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006985 -c "Read from server: 16384 bytes read"
6986
6987run_test "Large server packet TLS 1.1 BlockCipher" \
6988 "$P_SRV response_size=16384" \
6989 "$P_CLI force_version=tls1_1 \
6990 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
6991 0 \
6992 -c "Read from server: 16384 bytes read"
6993
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006994run_test "Large server packet TLS 1.1 BlockCipher, without EtM" \
6995 "$P_SRV response_size=16384" \
6996 "$P_CLI force_version=tls1_1 etm=0 \
6997 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
Andrzej Kurek30e731d2017-10-12 13:50:29 +02006998 0 \
Andrzej Kurekc19fc552018-06-19 09:37:30 -04006999 -s "16384 bytes written in 1 fragments" \
Andrzej Kurek30e731d2017-10-12 13:50:29 +02007000 -c "Read from server: 16384 bytes read"
7001
7002requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
7003run_test "Large server packet TLS 1.1 BlockCipher truncated MAC" \
7004 "$P_SRV response_size=16384" \
7005 "$P_CLI force_version=tls1_1 \
7006 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
7007 trunc_hmac=1" \
7008 0 \
7009 -c "Read from server: 16384 bytes read"
7010
7011requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04007012run_test "Large server packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \
7013 "$P_SRV response_size=16384 trunc_hmac=1" \
7014 "$P_CLI force_version=tls1_1 \
7015 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
7016 0 \
7017 -s "16384 bytes written in 1 fragments" \
7018 -c "Read from server: 16384 bytes read"
7019
7020run_test "Large server packet TLS 1.1 StreamCipher" \
7021 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
7022 "$P_CLI force_version=tls1_1 \
7023 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
7024 0 \
7025 -c "Read from server: 16384 bytes read"
7026
7027run_test "Large server packet TLS 1.1 StreamCipher, without EtM" \
7028 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
7029 "$P_CLI force_version=tls1_1 \
7030 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
7031 0 \
7032 -s "16384 bytes written in 1 fragments" \
7033 -c "Read from server: 16384 bytes read"
7034
7035requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02007036run_test "Large server packet TLS 1.1 StreamCipher truncated MAC" \
7037 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
7038 "$P_CLI force_version=tls1_1 \
7039 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
7040 trunc_hmac=1" \
7041 0 \
7042 -c "Read from server: 16384 bytes read"
7043
Andrzej Kurekc19fc552018-06-19 09:37:30 -04007044run_test "Large server packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \
7045 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
7046 "$P_CLI force_version=tls1_1 \
7047 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
7048 0 \
7049 -s "16384 bytes written in 1 fragments" \
7050 -c "Read from server: 16384 bytes read"
7051
Andrzej Kurek30e731d2017-10-12 13:50:29 +02007052run_test "Large server packet TLS 1.2 BlockCipher" \
7053 "$P_SRV response_size=16384" \
7054 "$P_CLI force_version=tls1_2 \
7055 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
7056 0 \
7057 -c "Read from server: 16384 bytes read"
7058
Andrzej Kurekc19fc552018-06-19 09:37:30 -04007059run_test "Large server packet TLS 1.2 BlockCipher, without EtM" \
7060 "$P_SRV response_size=16384" \
7061 "$P_CLI force_version=tls1_2 etm=0 \
7062 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
7063 0 \
7064 -s "16384 bytes written in 1 fragments" \
7065 -c "Read from server: 16384 bytes read"
7066
Andrzej Kurek30e731d2017-10-12 13:50:29 +02007067run_test "Large server packet TLS 1.2 BlockCipher larger MAC" \
7068 "$P_SRV response_size=16384" \
7069 "$P_CLI force_version=tls1_2 \
7070 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
7071 0 \
7072 -c "Read from server: 16384 bytes read"
7073
7074requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
7075run_test "Large server packet TLS 1.2 BlockCipher truncated MAC" \
7076 "$P_SRV response_size=16384" \
7077 "$P_CLI force_version=tls1_2 \
7078 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
7079 trunc_hmac=1" \
7080 0 \
7081 -c "Read from server: 16384 bytes read"
7082
Andrzej Kurekc19fc552018-06-19 09:37:30 -04007083run_test "Large server packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
7084 "$P_SRV response_size=16384 trunc_hmac=1" \
7085 "$P_CLI force_version=tls1_2 \
7086 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
7087 0 \
7088 -s "16384 bytes written in 1 fragments" \
7089 -c "Read from server: 16384 bytes read"
7090
Andrzej Kurek30e731d2017-10-12 13:50:29 +02007091run_test "Large server packet TLS 1.2 StreamCipher" \
7092 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
7093 "$P_CLI force_version=tls1_2 \
7094 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
7095 0 \
Andrzej Kurekc19fc552018-06-19 09:37:30 -04007096 -s "16384 bytes written in 1 fragments" \
7097 -c "Read from server: 16384 bytes read"
7098
7099run_test "Large server packet TLS 1.2 StreamCipher, without EtM" \
7100 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
7101 "$P_CLI force_version=tls1_2 \
7102 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
7103 0 \
7104 -s "16384 bytes written in 1 fragments" \
Andrzej Kurek30e731d2017-10-12 13:50:29 +02007105 -c "Read from server: 16384 bytes read"
7106
7107requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
7108run_test "Large server packet TLS 1.2 StreamCipher truncated MAC" \
7109 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
7110 "$P_CLI force_version=tls1_2 \
7111 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
7112 trunc_hmac=1" \
7113 0 \
7114 -c "Read from server: 16384 bytes read"
7115
Andrzej Kurekc19fc552018-06-19 09:37:30 -04007116requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
7117run_test "Large server packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
7118 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
7119 "$P_CLI force_version=tls1_2 \
7120 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
7121 0 \
7122 -s "16384 bytes written in 1 fragments" \
7123 -c "Read from server: 16384 bytes read"
7124
Andrzej Kurek30e731d2017-10-12 13:50:29 +02007125run_test "Large server packet TLS 1.2 AEAD" \
7126 "$P_SRV response_size=16384" \
7127 "$P_CLI force_version=tls1_2 \
7128 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
7129 0 \
7130 -c "Read from server: 16384 bytes read"
7131
7132run_test "Large server packet TLS 1.2 AEAD shorter tag" \
7133 "$P_SRV response_size=16384" \
7134 "$P_CLI force_version=tls1_2 \
7135 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
7136 0 \
7137 -c "Read from server: 16384 bytes read"
7138
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02007139# Tests for restartable ECC
7140
7141requires_config_enabled MBEDTLS_ECP_RESTARTABLE
7142run_test "EC restart: TLS, default" \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02007143 "$P_SRV auth_mode=required" \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02007144 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02007145 key_file=data_files/server5.key crt_file=data_files/server5.crt \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02007146 debug_level=1" \
7147 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02007148 -C "x509_verify_cert.*4b00" \
7149 -C "mbedtls_pk_verify.*4b00" \
7150 -C "mbedtls_ecdh_make_public.*4b00" \
7151 -C "mbedtls_pk_sign.*4b00"
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02007152
7153requires_config_enabled MBEDTLS_ECP_RESTARTABLE
7154run_test "EC restart: TLS, max_ops=0" \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02007155 "$P_SRV auth_mode=required" \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02007156 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02007157 key_file=data_files/server5.key crt_file=data_files/server5.crt \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02007158 debug_level=1 ec_max_ops=0" \
7159 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02007160 -C "x509_verify_cert.*4b00" \
7161 -C "mbedtls_pk_verify.*4b00" \
7162 -C "mbedtls_ecdh_make_public.*4b00" \
7163 -C "mbedtls_pk_sign.*4b00"
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02007164
7165requires_config_enabled MBEDTLS_ECP_RESTARTABLE
7166run_test "EC restart: TLS, max_ops=65535" \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02007167 "$P_SRV auth_mode=required" \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02007168 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02007169 key_file=data_files/server5.key crt_file=data_files/server5.crt \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02007170 debug_level=1 ec_max_ops=65535" \
7171 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02007172 -C "x509_verify_cert.*4b00" \
7173 -C "mbedtls_pk_verify.*4b00" \
7174 -C "mbedtls_ecdh_make_public.*4b00" \
7175 -C "mbedtls_pk_sign.*4b00"
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02007176
7177requires_config_enabled MBEDTLS_ECP_RESTARTABLE
7178run_test "EC restart: TLS, max_ops=1000" \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02007179 "$P_SRV auth_mode=required" \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02007180 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02007181 key_file=data_files/server5.key crt_file=data_files/server5.crt \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02007182 debug_level=1 ec_max_ops=1000" \
7183 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02007184 -c "x509_verify_cert.*4b00" \
7185 -c "mbedtls_pk_verify.*4b00" \
7186 -c "mbedtls_ecdh_make_public.*4b00" \
7187 -c "mbedtls_pk_sign.*4b00"
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02007188
7189requires_config_enabled MBEDTLS_ECP_RESTARTABLE
Manuel Pégourié-Gonnard3bf49c42017-08-15 13:47:06 +02007190run_test "EC restart: TLS, max_ops=1000, badsign" \
7191 "$P_SRV auth_mode=required \
7192 crt_file=data_files/server5-badsign.crt \
7193 key_file=data_files/server5.key" \
7194 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
7195 key_file=data_files/server5.key crt_file=data_files/server5.crt \
7196 debug_level=1 ec_max_ops=1000" \
7197 1 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02007198 -c "x509_verify_cert.*4b00" \
7199 -C "mbedtls_pk_verify.*4b00" \
7200 -C "mbedtls_ecdh_make_public.*4b00" \
7201 -C "mbedtls_pk_sign.*4b00" \
Manuel Pégourié-Gonnard3bf49c42017-08-15 13:47:06 +02007202 -c "! The certificate is not correctly signed by the trusted CA" \
7203 -c "! mbedtls_ssl_handshake returned" \
7204 -c "X509 - Certificate verification failed"
7205
7206requires_config_enabled MBEDTLS_ECP_RESTARTABLE
7207run_test "EC restart: TLS, max_ops=1000, auth_mode=optional badsign" \
7208 "$P_SRV auth_mode=required \
7209 crt_file=data_files/server5-badsign.crt \
7210 key_file=data_files/server5.key" \
7211 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
7212 key_file=data_files/server5.key crt_file=data_files/server5.crt \
7213 debug_level=1 ec_max_ops=1000 auth_mode=optional" \
7214 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02007215 -c "x509_verify_cert.*4b00" \
7216 -c "mbedtls_pk_verify.*4b00" \
7217 -c "mbedtls_ecdh_make_public.*4b00" \
7218 -c "mbedtls_pk_sign.*4b00" \
Manuel Pégourié-Gonnard3bf49c42017-08-15 13:47:06 +02007219 -c "! The certificate is not correctly signed by the trusted CA" \
7220 -C "! mbedtls_ssl_handshake returned" \
7221 -C "X509 - Certificate verification failed"
7222
7223requires_config_enabled MBEDTLS_ECP_RESTARTABLE
7224run_test "EC restart: TLS, max_ops=1000, auth_mode=none badsign" \
7225 "$P_SRV auth_mode=required \
7226 crt_file=data_files/server5-badsign.crt \
7227 key_file=data_files/server5.key" \
7228 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
7229 key_file=data_files/server5.key crt_file=data_files/server5.crt \
7230 debug_level=1 ec_max_ops=1000 auth_mode=none" \
7231 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02007232 -C "x509_verify_cert.*4b00" \
7233 -c "mbedtls_pk_verify.*4b00" \
7234 -c "mbedtls_ecdh_make_public.*4b00" \
7235 -c "mbedtls_pk_sign.*4b00" \
Manuel Pégourié-Gonnard3bf49c42017-08-15 13:47:06 +02007236 -C "! The certificate is not correctly signed by the trusted CA" \
7237 -C "! mbedtls_ssl_handshake returned" \
7238 -C "X509 - Certificate verification failed"
7239
7240requires_config_enabled MBEDTLS_ECP_RESTARTABLE
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02007241run_test "EC restart: DTLS, max_ops=1000" \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02007242 "$P_SRV auth_mode=required dtls=1" \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02007243 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02007244 key_file=data_files/server5.key crt_file=data_files/server5.crt \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02007245 dtls=1 debug_level=1 ec_max_ops=1000" \
7246 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02007247 -c "x509_verify_cert.*4b00" \
7248 -c "mbedtls_pk_verify.*4b00" \
7249 -c "mbedtls_ecdh_make_public.*4b00" \
7250 -c "mbedtls_pk_sign.*4b00"
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02007251
Manuel Pégourié-Gonnard32033da2017-05-18 12:49:27 +02007252requires_config_enabled MBEDTLS_ECP_RESTARTABLE
7253run_test "EC restart: TLS, max_ops=1000 no client auth" \
7254 "$P_SRV" \
7255 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
7256 debug_level=1 ec_max_ops=1000" \
7257 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02007258 -c "x509_verify_cert.*4b00" \
7259 -c "mbedtls_pk_verify.*4b00" \
7260 -c "mbedtls_ecdh_make_public.*4b00" \
7261 -C "mbedtls_pk_sign.*4b00"
Manuel Pégourié-Gonnard32033da2017-05-18 12:49:27 +02007262
7263requires_config_enabled MBEDTLS_ECP_RESTARTABLE
7264run_test "EC restart: TLS, max_ops=1000, ECDHE-PSK" \
7265 "$P_SRV psk=abc123" \
7266 "$P_CLI force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \
7267 psk=abc123 debug_level=1 ec_max_ops=1000" \
7268 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02007269 -C "x509_verify_cert.*4b00" \
7270 -C "mbedtls_pk_verify.*4b00" \
7271 -C "mbedtls_ecdh_make_public.*4b00" \
7272 -C "mbedtls_pk_sign.*4b00"
Manuel Pégourié-Gonnard32033da2017-05-18 12:49:27 +02007273
Gilles Peskine3665f1d2018-01-05 21:22:12 +01007274# Tests of asynchronous private key support in SSL
7275
Gilles Peskineb74a1c72018-04-24 13:09:22 +02007276requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007277run_test "SSL async private: sign, delay=0" \
7278 "$P_SRV \
7279 async_operations=s async_private_delay1=0 async_private_delay2=0" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01007280 "$P_CLI" \
7281 0 \
7282 -s "Async sign callback: using key slot " \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007283 -s "Async resume (slot [0-9]): sign done, status=0"
Gilles Peskine3665f1d2018-01-05 21:22:12 +01007284
Gilles Peskineb74a1c72018-04-24 13:09:22 +02007285requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007286run_test "SSL async private: sign, delay=1" \
7287 "$P_SRV \
7288 async_operations=s async_private_delay1=1 async_private_delay2=1" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01007289 "$P_CLI" \
7290 0 \
7291 -s "Async sign callback: using key slot " \
7292 -s "Async resume (slot [0-9]): call 0 more times." \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007293 -s "Async resume (slot [0-9]): sign done, status=0"
7294
Gilles Peskine12d0cc12018-04-26 15:06:56 +02007295requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
7296run_test "SSL async private: sign, delay=2" \
7297 "$P_SRV \
7298 async_operations=s async_private_delay1=2 async_private_delay2=2" \
7299 "$P_CLI" \
7300 0 \
7301 -s "Async sign callback: using key slot " \
7302 -U "Async sign callback: using key slot " \
7303 -s "Async resume (slot [0-9]): call 1 more times." \
7304 -s "Async resume (slot [0-9]): call 0 more times." \
7305 -s "Async resume (slot [0-9]): sign done, status=0"
7306
Gilles Peskined3268832018-04-26 06:23:59 +02007307# Test that the async callback correctly signs the 36-byte hash of TLS 1.0/1.1
7308# with RSA PKCS#1v1.5 as used in TLS 1.0/1.1.
7309requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
7310requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
7311run_test "SSL async private: sign, RSA, TLS 1.1" \
7312 "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt \
7313 async_operations=s async_private_delay1=0 async_private_delay2=0" \
7314 "$P_CLI force_version=tls1_1" \
7315 0 \
7316 -s "Async sign callback: using key slot " \
7317 -s "Async resume (slot [0-9]): sign done, status=0"
7318
Gilles Peskineb74a1c72018-04-24 13:09:22 +02007319requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine807d74a2018-04-30 10:30:49 +02007320run_test "SSL async private: sign, SNI" \
7321 "$P_SRV debug_level=3 \
7322 async_operations=s async_private_delay1=0 async_private_delay2=0 \
7323 crt_file=data_files/server5.crt key_file=data_files/server5.key \
7324 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
7325 "$P_CLI server_name=polarssl.example" \
7326 0 \
7327 -s "Async sign callback: using key slot " \
7328 -s "Async resume (slot [0-9]): sign done, status=0" \
7329 -s "parse ServerName extension" \
7330 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
7331 -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example"
7332
7333requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007334run_test "SSL async private: decrypt, delay=0" \
7335 "$P_SRV \
7336 async_operations=d async_private_delay1=0 async_private_delay2=0" \
7337 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
7338 0 \
7339 -s "Async decrypt callback: using key slot " \
7340 -s "Async resume (slot [0-9]): decrypt done, status=0"
7341
Gilles Peskineb74a1c72018-04-24 13:09:22 +02007342requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007343run_test "SSL async private: decrypt, delay=1" \
7344 "$P_SRV \
7345 async_operations=d async_private_delay1=1 async_private_delay2=1" \
7346 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
7347 0 \
7348 -s "Async decrypt callback: using key slot " \
7349 -s "Async resume (slot [0-9]): call 0 more times." \
7350 -s "Async resume (slot [0-9]): decrypt done, status=0"
7351
Gilles Peskineb74a1c72018-04-24 13:09:22 +02007352requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007353run_test "SSL async private: decrypt RSA-PSK, delay=0" \
7354 "$P_SRV psk=abc123 \
7355 async_operations=d async_private_delay1=0 async_private_delay2=0" \
7356 "$P_CLI psk=abc123 \
7357 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256" \
7358 0 \
7359 -s "Async decrypt callback: using key slot " \
7360 -s "Async resume (slot [0-9]): decrypt done, status=0"
7361
Gilles Peskineb74a1c72018-04-24 13:09:22 +02007362requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007363run_test "SSL async private: decrypt RSA-PSK, delay=1" \
7364 "$P_SRV psk=abc123 \
7365 async_operations=d async_private_delay1=1 async_private_delay2=1" \
7366 "$P_CLI psk=abc123 \
7367 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256" \
7368 0 \
7369 -s "Async decrypt callback: using key slot " \
7370 -s "Async resume (slot [0-9]): call 0 more times." \
7371 -s "Async resume (slot [0-9]): decrypt done, status=0"
7372
Gilles Peskineb74a1c72018-04-24 13:09:22 +02007373requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007374run_test "SSL async private: sign callback not present" \
7375 "$P_SRV \
7376 async_operations=d async_private_delay1=1 async_private_delay2=1" \
7377 "$P_CLI; [ \$? -eq 1 ] &&
7378 $P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
7379 0 \
7380 -S "Async sign callback" \
7381 -s "! mbedtls_ssl_handshake returned" \
7382 -s "The own private key or pre-shared key is not set, but needed" \
7383 -s "Async resume (slot [0-9]): decrypt done, status=0" \
7384 -s "Successful connection"
7385
Gilles Peskineb74a1c72018-04-24 13:09:22 +02007386requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007387run_test "SSL async private: decrypt callback not present" \
7388 "$P_SRV debug_level=1 \
7389 async_operations=s async_private_delay1=1 async_private_delay2=1" \
7390 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA;
7391 [ \$? -eq 1 ] && $P_CLI" \
7392 0 \
7393 -S "Async decrypt callback" \
7394 -s "! mbedtls_ssl_handshake returned" \
7395 -s "got no RSA private key" \
7396 -s "Async resume (slot [0-9]): sign done, status=0" \
7397 -s "Successful connection"
Gilles Peskine3665f1d2018-01-05 21:22:12 +01007398
7399# key1: ECDSA, key2: RSA; use key1 from slot 0
Gilles Peskineb74a1c72018-04-24 13:09:22 +02007400requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine3665f1d2018-01-05 21:22:12 +01007401run_test "SSL async private: slot 0 used with key1" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007402 "$P_SRV \
7403 async_operations=s async_private_delay1=1 \
7404 key_file=data_files/server5.key crt_file=data_files/server5.crt \
7405 key_file2=data_files/server2.key crt_file2=data_files/server2.crt" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01007406 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
7407 0 \
7408 -s "Async sign callback: using key slot 0," \
7409 -s "Async resume (slot 0): call 0 more times." \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007410 -s "Async resume (slot 0): sign done, status=0"
Gilles Peskine3665f1d2018-01-05 21:22:12 +01007411
7412# key1: ECDSA, key2: RSA; use key2 from slot 0
Gilles Peskineb74a1c72018-04-24 13:09:22 +02007413requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine3665f1d2018-01-05 21:22:12 +01007414run_test "SSL async private: slot 0 used with key2" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007415 "$P_SRV \
7416 async_operations=s async_private_delay2=1 \
7417 key_file=data_files/server5.key crt_file=data_files/server5.crt \
7418 key_file2=data_files/server2.key crt_file2=data_files/server2.crt" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01007419 "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \
7420 0 \
7421 -s "Async sign callback: using key slot 0," \
7422 -s "Async resume (slot 0): call 0 more times." \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007423 -s "Async resume (slot 0): sign done, status=0"
Gilles Peskine3665f1d2018-01-05 21:22:12 +01007424
7425# key1: ECDSA, key2: RSA; use key2 from slot 1
Gilles Peskineb74a1c72018-04-24 13:09:22 +02007426requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinead28bf02018-04-26 00:19:16 +02007427run_test "SSL async private: slot 1 used with key2" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007428 "$P_SRV \
Gilles Peskine168dae82018-04-25 23:35:42 +02007429 async_operations=s async_private_delay1=1 async_private_delay2=1 \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007430 key_file=data_files/server5.key crt_file=data_files/server5.crt \
7431 key_file2=data_files/server2.key crt_file2=data_files/server2.crt" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01007432 "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \
7433 0 \
7434 -s "Async sign callback: using key slot 1," \
7435 -s "Async resume (slot 1): call 0 more times." \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007436 -s "Async resume (slot 1): sign done, status=0"
Gilles Peskine3665f1d2018-01-05 21:22:12 +01007437
7438# key1: ECDSA, key2: RSA; use key2 directly
Gilles Peskineb74a1c72018-04-24 13:09:22 +02007439requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine3665f1d2018-01-05 21:22:12 +01007440run_test "SSL async private: fall back to transparent key" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007441 "$P_SRV \
7442 async_operations=s async_private_delay1=1 \
7443 key_file=data_files/server5.key crt_file=data_files/server5.crt \
7444 key_file2=data_files/server2.key crt_file2=data_files/server2.crt " \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01007445 "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \
7446 0 \
7447 -s "Async sign callback: no key matches this certificate."
7448
Gilles Peskineb74a1c72018-04-24 13:09:22 +02007449requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine725f1cb2018-06-12 15:06:40 +02007450run_test "SSL async private: sign, error in start" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007451 "$P_SRV \
7452 async_operations=s async_private_delay1=1 async_private_delay2=1 \
7453 async_private_error=1" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01007454 "$P_CLI" \
7455 1 \
7456 -s "Async sign callback: injected error" \
7457 -S "Async resume" \
Gilles Peskine37289cd2018-04-27 11:50:14 +02007458 -S "Async cancel" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01007459 -s "! mbedtls_ssl_handshake returned"
7460
Gilles Peskineb74a1c72018-04-24 13:09:22 +02007461requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine725f1cb2018-06-12 15:06:40 +02007462run_test "SSL async private: sign, cancel after start" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007463 "$P_SRV \
7464 async_operations=s async_private_delay1=1 async_private_delay2=1 \
7465 async_private_error=2" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01007466 "$P_CLI" \
7467 1 \
7468 -s "Async sign callback: using key slot " \
7469 -S "Async resume" \
7470 -s "Async cancel"
7471
Gilles Peskineb74a1c72018-04-24 13:09:22 +02007472requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine725f1cb2018-06-12 15:06:40 +02007473run_test "SSL async private: sign, error in resume" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007474 "$P_SRV \
7475 async_operations=s async_private_delay1=1 async_private_delay2=1 \
7476 async_private_error=3" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01007477 "$P_CLI" \
7478 1 \
7479 -s "Async sign callback: using key slot " \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007480 -s "Async resume callback: sign done but injected error" \
Gilles Peskine37289cd2018-04-27 11:50:14 +02007481 -S "Async cancel" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01007482 -s "! mbedtls_ssl_handshake returned"
7483
Gilles Peskineb74a1c72018-04-24 13:09:22 +02007484requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine725f1cb2018-06-12 15:06:40 +02007485run_test "SSL async private: decrypt, error in start" \
7486 "$P_SRV \
7487 async_operations=d async_private_delay1=1 async_private_delay2=1 \
7488 async_private_error=1" \
7489 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
7490 1 \
7491 -s "Async decrypt callback: injected error" \
7492 -S "Async resume" \
7493 -S "Async cancel" \
7494 -s "! mbedtls_ssl_handshake returned"
7495
7496requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
7497run_test "SSL async private: decrypt, cancel after start" \
7498 "$P_SRV \
7499 async_operations=d async_private_delay1=1 async_private_delay2=1 \
7500 async_private_error=2" \
7501 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
7502 1 \
7503 -s "Async decrypt callback: using key slot " \
7504 -S "Async resume" \
7505 -s "Async cancel"
7506
7507requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
7508run_test "SSL async private: decrypt, error in resume" \
7509 "$P_SRV \
7510 async_operations=d async_private_delay1=1 async_private_delay2=1 \
7511 async_private_error=3" \
7512 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
7513 1 \
7514 -s "Async decrypt callback: using key slot " \
7515 -s "Async resume callback: decrypt done but injected error" \
7516 -S "Async cancel" \
7517 -s "! mbedtls_ssl_handshake returned"
7518
7519requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine60ee4ca2018-01-08 11:28:05 +01007520run_test "SSL async private: cancel after start then operate correctly" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007521 "$P_SRV \
7522 async_operations=s async_private_delay1=1 async_private_delay2=1 \
7523 async_private_error=-2" \
Gilles Peskine60ee4ca2018-01-08 11:28:05 +01007524 "$P_CLI; [ \$? -eq 1 ] && $P_CLI" \
7525 0 \
7526 -s "Async cancel" \
7527 -s "! mbedtls_ssl_handshake returned" \
7528 -s "Async resume" \
7529 -s "Successful connection"
7530
Gilles Peskineb74a1c72018-04-24 13:09:22 +02007531requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine60ee4ca2018-01-08 11:28:05 +01007532run_test "SSL async private: error in resume then operate correctly" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007533 "$P_SRV \
7534 async_operations=s async_private_delay1=1 async_private_delay2=1 \
7535 async_private_error=-3" \
Gilles Peskine60ee4ca2018-01-08 11:28:05 +01007536 "$P_CLI; [ \$? -eq 1 ] && $P_CLI" \
7537 0 \
7538 -s "! mbedtls_ssl_handshake returned" \
7539 -s "Async resume" \
7540 -s "Successful connection"
7541
7542# key1: ECDSA, key2: RSA; use key1 through async, then key2 directly
Gilles Peskineb74a1c72018-04-24 13:09:22 +02007543requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine60ee4ca2018-01-08 11:28:05 +01007544run_test "SSL async private: cancel after start then fall back to transparent key" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007545 "$P_SRV \
7546 async_operations=s async_private_delay1=1 async_private_error=-2 \
7547 key_file=data_files/server5.key crt_file=data_files/server5.crt \
7548 key_file2=data_files/server2.key crt_file2=data_files/server2.crt" \
Gilles Peskine60ee4ca2018-01-08 11:28:05 +01007549 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256;
7550 [ \$? -eq 1 ] &&
7551 $P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \
7552 0 \
Gilles Peskinededa75a2018-04-30 10:02:45 +02007553 -s "Async sign callback: using key slot 0" \
Gilles Peskine60ee4ca2018-01-08 11:28:05 +01007554 -S "Async resume" \
7555 -s "Async cancel" \
7556 -s "! mbedtls_ssl_handshake returned" \
7557 -s "Async sign callback: no key matches this certificate." \
7558 -s "Successful connection"
7559
7560# key1: ECDSA, key2: RSA; use key1 through async, then key2 directly
Gilles Peskineb74a1c72018-04-24 13:09:22 +02007561requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine725f1cb2018-06-12 15:06:40 +02007562run_test "SSL async private: sign, error in resume then fall back to transparent key" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007563 "$P_SRV \
7564 async_operations=s async_private_delay1=1 async_private_error=-3 \
7565 key_file=data_files/server5.key crt_file=data_files/server5.crt \
7566 key_file2=data_files/server2.key crt_file2=data_files/server2.crt" \
Gilles Peskine60ee4ca2018-01-08 11:28:05 +01007567 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256;
7568 [ \$? -eq 1 ] &&
7569 $P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \
7570 0 \
7571 -s "Async resume" \
7572 -s "! mbedtls_ssl_handshake returned" \
7573 -s "Async sign callback: no key matches this certificate." \
7574 -s "Successful connection"
7575
Gilles Peskineb74a1c72018-04-24 13:09:22 +02007576requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine3665f1d2018-01-05 21:22:12 +01007577requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Gilles Peskine654bab72019-09-16 15:19:20 +02007578run_test "SSL async private: renegotiation: client-initiated, sign" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007579 "$P_SRV \
7580 async_operations=s async_private_delay1=1 async_private_delay2=1 \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01007581 exchanges=2 renegotiation=1" \
7582 "$P_CLI exchanges=2 renegotiation=1 renegotiate=1" \
7583 0 \
7584 -s "Async sign callback: using key slot " \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007585 -s "Async resume (slot [0-9]): sign done, status=0"
Gilles Peskine3665f1d2018-01-05 21:22:12 +01007586
Gilles Peskineb74a1c72018-04-24 13:09:22 +02007587requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine3665f1d2018-01-05 21:22:12 +01007588requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Gilles Peskine654bab72019-09-16 15:19:20 +02007589run_test "SSL async private: renegotiation: server-initiated, sign" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007590 "$P_SRV \
7591 async_operations=s async_private_delay1=1 async_private_delay2=1 \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01007592 exchanges=2 renegotiation=1 renegotiate=1" \
7593 "$P_CLI exchanges=2 renegotiation=1" \
7594 0 \
7595 -s "Async sign callback: using key slot " \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007596 -s "Async resume (slot [0-9]): sign done, status=0"
7597
Gilles Peskineb74a1c72018-04-24 13:09:22 +02007598requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007599requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Gilles Peskine654bab72019-09-16 15:19:20 +02007600run_test "SSL async private: renegotiation: client-initiated, decrypt" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007601 "$P_SRV \
7602 async_operations=d async_private_delay1=1 async_private_delay2=1 \
7603 exchanges=2 renegotiation=1" \
7604 "$P_CLI exchanges=2 renegotiation=1 renegotiate=1 \
7605 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
7606 0 \
7607 -s "Async decrypt callback: using key slot " \
7608 -s "Async resume (slot [0-9]): decrypt done, status=0"
7609
Gilles Peskineb74a1c72018-04-24 13:09:22 +02007610requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007611requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Gilles Peskine654bab72019-09-16 15:19:20 +02007612run_test "SSL async private: renegotiation: server-initiated, decrypt" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01007613 "$P_SRV \
7614 async_operations=d async_private_delay1=1 async_private_delay2=1 \
7615 exchanges=2 renegotiation=1 renegotiate=1" \
7616 "$P_CLI exchanges=2 renegotiation=1 \
7617 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
7618 0 \
7619 -s "Async decrypt callback: using key slot " \
7620 -s "Async resume (slot [0-9]): decrypt done, status=0"
Gilles Peskine3665f1d2018-01-05 21:22:12 +01007621
Ron Eldor58093c82018-06-28 13:22:05 +03007622# Tests for ECC extensions (rfc 4492)
7623
Ron Eldor643df7c2018-06-28 16:17:00 +03007624requires_config_enabled MBEDTLS_AES_C
7625requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
7626requires_config_enabled MBEDTLS_SHA256_C
7627requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
Ron Eldor58093c82018-06-28 13:22:05 +03007628run_test "Force a non ECC ciphersuite in the client side" \
7629 "$P_SRV debug_level=3" \
Ron Eldor643df7c2018-06-28 16:17:00 +03007630 "$P_CLI debug_level=3 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \
Ron Eldor58093c82018-06-28 13:22:05 +03007631 0 \
7632 -C "client hello, adding supported_elliptic_curves extension" \
7633 -C "client hello, adding supported_point_formats extension" \
7634 -S "found supported elliptic curves extension" \
7635 -S "found supported point formats extension"
7636
Ron Eldor643df7c2018-06-28 16:17:00 +03007637requires_config_enabled MBEDTLS_AES_C
7638requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
7639requires_config_enabled MBEDTLS_SHA256_C
7640requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
Ron Eldor58093c82018-06-28 13:22:05 +03007641run_test "Force a non ECC ciphersuite in the server side" \
Ron Eldor643df7c2018-06-28 16:17:00 +03007642 "$P_SRV debug_level=3 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \
Ron Eldor58093c82018-06-28 13:22:05 +03007643 "$P_CLI debug_level=3" \
7644 0 \
7645 -C "found supported_point_formats extension" \
7646 -S "server hello, supported_point_formats extension"
7647
Ron Eldor643df7c2018-06-28 16:17:00 +03007648requires_config_enabled MBEDTLS_AES_C
7649requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
7650requires_config_enabled MBEDTLS_SHA256_C
7651requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
Ron Eldor58093c82018-06-28 13:22:05 +03007652run_test "Force an ECC ciphersuite in the client side" \
7653 "$P_SRV debug_level=3" \
7654 "$P_CLI debug_level=3 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
7655 0 \
7656 -c "client hello, adding supported_elliptic_curves extension" \
7657 -c "client hello, adding supported_point_formats extension" \
7658 -s "found supported elliptic curves extension" \
7659 -s "found supported point formats extension"
7660
Ron Eldor643df7c2018-06-28 16:17:00 +03007661requires_config_enabled MBEDTLS_AES_C
7662requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
7663requires_config_enabled MBEDTLS_SHA256_C
7664requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
Ron Eldor58093c82018-06-28 13:22:05 +03007665run_test "Force an ECC ciphersuite in the server side" \
7666 "$P_SRV debug_level=3 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
7667 "$P_CLI debug_level=3" \
7668 0 \
7669 -c "found supported_point_formats extension" \
7670 -s "server hello, supported_point_formats extension"
7671
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02007672# Tests for DTLS HelloVerifyRequest
7673
7674run_test "DTLS cookie: enabled" \
7675 "$P_SRV dtls=1 debug_level=2" \
7676 "$P_CLI dtls=1 debug_level=2" \
7677 0 \
7678 -s "cookie verification failed" \
7679 -s "cookie verification passed" \
7680 -S "cookie verification skipped" \
7681 -c "received hello verify request" \
Manuel Pégourié-Gonnardcaecdae2014-10-13 19:04:37 +02007682 -s "hello verification requested" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02007683 -S "SSL - The requested feature is not available"
7684
7685run_test "DTLS cookie: disabled" \
7686 "$P_SRV dtls=1 debug_level=2 cookies=0" \
7687 "$P_CLI dtls=1 debug_level=2" \
7688 0 \
7689 -S "cookie verification failed" \
7690 -S "cookie verification passed" \
7691 -s "cookie verification skipped" \
7692 -C "received hello verify request" \
Manuel Pégourié-Gonnardcaecdae2014-10-13 19:04:37 +02007693 -S "hello verification requested" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02007694 -S "SSL - The requested feature is not available"
7695
Manuel Pégourié-Gonnardcaecdae2014-10-13 19:04:37 +02007696run_test "DTLS cookie: default (failing)" \
7697 "$P_SRV dtls=1 debug_level=2 cookies=-1" \
7698 "$P_CLI dtls=1 debug_level=2 hs_timeout=100-400" \
7699 1 \
7700 -s "cookie verification failed" \
7701 -S "cookie verification passed" \
7702 -S "cookie verification skipped" \
7703 -C "received hello verify request" \
7704 -S "hello verification requested" \
7705 -s "SSL - The requested feature is not available"
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02007706
7707requires_ipv6
7708run_test "DTLS cookie: enabled, IPv6" \
7709 "$P_SRV dtls=1 debug_level=2 server_addr=::1" \
7710 "$P_CLI dtls=1 debug_level=2 server_addr=::1" \
7711 0 \
7712 -s "cookie verification failed" \
7713 -s "cookie verification passed" \
7714 -S "cookie verification skipped" \
7715 -c "received hello verify request" \
Manuel Pégourié-Gonnardcaecdae2014-10-13 19:04:37 +02007716 -s "hello verification requested" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02007717 -S "SSL - The requested feature is not available"
7718
Manuel Pégourié-Gonnard579950c2014-09-29 17:47:33 +02007719run_test "DTLS cookie: enabled, nbio" \
7720 "$P_SRV dtls=1 nbio=2 debug_level=2" \
7721 "$P_CLI dtls=1 nbio=2 debug_level=2" \
7722 0 \
7723 -s "cookie verification failed" \
7724 -s "cookie verification passed" \
7725 -S "cookie verification skipped" \
7726 -c "received hello verify request" \
Manuel Pégourié-Gonnardcaecdae2014-10-13 19:04:37 +02007727 -s "hello verification requested" \
Manuel Pégourié-Gonnard579950c2014-09-29 17:47:33 +02007728 -S "SSL - The requested feature is not available"
7729
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02007730# Tests for client reconnecting from the same port with DTLS
7731
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02007732not_with_valgrind # spurious resend
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02007733run_test "DTLS client reconnect from same port: reference" \
Manuel Pégourié-Gonnardb6929892019-09-09 11:14:37 +02007734 "$P_SRV dtls=1 exchanges=2 read_timeout=20000 hs_timeout=10000-20000" \
7735 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=10000-20000" \
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02007736 0 \
7737 -C "resend" \
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02007738 -S "The operation timed out" \
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02007739 -S "Client initiated reconnection from same port"
7740
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02007741not_with_valgrind # spurious resend
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02007742run_test "DTLS client reconnect from same port: reconnect" \
Manuel Pégourié-Gonnardb6929892019-09-09 11:14:37 +02007743 "$P_SRV dtls=1 exchanges=2 read_timeout=20000 hs_timeout=10000-20000" \
7744 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=10000-20000 reconnect_hard=1" \
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02007745 0 \
7746 -C "resend" \
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02007747 -S "The operation timed out" \
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02007748 -s "Client initiated reconnection from same port"
7749
Paul Bakker362689d2016-05-13 10:33:25 +01007750not_with_valgrind # server/client too slow to respond in time (next test has higher timeouts)
7751run_test "DTLS client reconnect from same port: reconnect, nbio, no valgrind" \
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02007752 "$P_SRV dtls=1 exchanges=2 read_timeout=1000 nbio=2" \
7753 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-1000 reconnect_hard=1" \
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02007754 0 \
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02007755 -S "The operation timed out" \
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02007756 -s "Client initiated reconnection from same port"
7757
Paul Bakker362689d2016-05-13 10:33:25 +01007758only_with_valgrind # Only with valgrind, do previous test but with higher read_timeout and hs_timeout
7759run_test "DTLS client reconnect from same port: reconnect, nbio, valgrind" \
7760 "$P_SRV dtls=1 exchanges=2 read_timeout=2000 nbio=2 hs_timeout=1500-6000" \
7761 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=1500-3000 reconnect_hard=1" \
7762 0 \
7763 -S "The operation timed out" \
7764 -s "Client initiated reconnection from same port"
7765
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02007766run_test "DTLS client reconnect from same port: no cookies" \
7767 "$P_SRV dtls=1 exchanges=2 read_timeout=1000 cookies=0" \
Manuel Pégourié-Gonnard6ad23b92015-09-15 12:57:46 +02007768 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-8000 reconnect_hard=1" \
7769 0 \
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02007770 -s "The operation timed out" \
7771 -S "Client initiated reconnection from same port"
7772
Manuel Pégourié-Gonnardbaad2de2020-03-13 11:11:02 +01007773run_test "DTLS client reconnect from same port: attacker-injected" \
7774 -p "$P_PXY inject_clihlo=1" \
7775 "$P_SRV dtls=1 exchanges=2 debug_level=1" \
7776 "$P_CLI dtls=1 exchanges=2" \
7777 0 \
7778 -s "possible client reconnect from the same port" \
7779 -S "Client initiated reconnection from same port"
7780
Manuel Pégourié-Gonnard08a1d4b2014-09-26 10:35:50 +02007781# Tests for various cases of client authentication with DTLS
7782# (focused on handshake flows and message parsing)
7783
7784run_test "DTLS client auth: required" \
7785 "$P_SRV dtls=1 auth_mode=required" \
7786 "$P_CLI dtls=1" \
7787 0 \
7788 -s "Verifying peer X.509 certificate... ok"
7789
7790run_test "DTLS client auth: optional, client has no cert" \
7791 "$P_SRV dtls=1 auth_mode=optional" \
7792 "$P_CLI dtls=1 crt_file=none key_file=none" \
7793 0 \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01007794 -s "! Certificate was missing"
Manuel Pégourié-Gonnard08a1d4b2014-09-26 10:35:50 +02007795
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01007796run_test "DTLS client auth: none, client has no cert" \
Manuel Pégourié-Gonnard08a1d4b2014-09-26 10:35:50 +02007797 "$P_SRV dtls=1 auth_mode=none" \
7798 "$P_CLI dtls=1 crt_file=none key_file=none debug_level=2" \
7799 0 \
7800 -c "skip write certificate$" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01007801 -s "! Certificate verification was skipped"
Manuel Pégourié-Gonnard08a1d4b2014-09-26 10:35:50 +02007802
Manuel Pégourié-Gonnard0a885742015-08-04 12:08:35 +02007803run_test "DTLS wrong PSK: badmac alert" \
7804 "$P_SRV dtls=1 psk=abc123 force_ciphersuite=TLS-PSK-WITH-AES-128-GCM-SHA256" \
7805 "$P_CLI dtls=1 psk=abc124" \
7806 1 \
7807 -s "SSL - Verification of the message MAC failed" \
7808 -c "SSL - A fatal alert message was received from our peer"
7809
Manuel Pégourié-Gonnard502bf302014-08-20 13:12:58 +02007810# Tests for receiving fragmented handshake messages with DTLS
7811
7812requires_gnutls
7813run_test "DTLS reassembly: no fragmentation (gnutls server)" \
7814 "$G_SRV -u --mtu 2048 -a" \
7815 "$P_CLI dtls=1 debug_level=2" \
7816 0 \
7817 -C "found fragmented DTLS handshake message" \
7818 -C "error"
7819
7820requires_gnutls
7821run_test "DTLS reassembly: some fragmentation (gnutls server)" \
7822 "$G_SRV -u --mtu 512" \
7823 "$P_CLI dtls=1 debug_level=2" \
7824 0 \
7825 -c "found fragmented DTLS handshake message" \
7826 -C "error"
7827
7828requires_gnutls
7829run_test "DTLS reassembly: more fragmentation (gnutls server)" \
7830 "$G_SRV -u --mtu 128" \
7831 "$P_CLI dtls=1 debug_level=2" \
7832 0 \
7833 -c "found fragmented DTLS handshake message" \
7834 -C "error"
7835
7836requires_gnutls
7837run_test "DTLS reassembly: more fragmentation, nbio (gnutls server)" \
7838 "$G_SRV -u --mtu 128" \
7839 "$P_CLI dtls=1 nbio=2 debug_level=2" \
7840 0 \
7841 -c "found fragmented DTLS handshake message" \
7842 -C "error"
7843
Manuel Pégourié-Gonnard0c4cbc72014-09-02 14:47:31 +02007844requires_gnutls
Hanno Becker6a243642017-10-12 15:18:45 +01007845requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard0c4cbc72014-09-02 14:47:31 +02007846run_test "DTLS reassembly: fragmentation, renego (gnutls server)" \
7847 "$G_SRV -u --mtu 256" \
7848 "$P_CLI debug_level=3 dtls=1 renegotiation=1 renegotiate=1" \
7849 0 \
7850 -c "found fragmented DTLS handshake message" \
7851 -c "client hello, adding renegotiation extension" \
7852 -c "found renegotiation extension" \
7853 -c "=> renegotiate" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02007854 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0c4cbc72014-09-02 14:47:31 +02007855 -C "error" \
7856 -s "Extra-header:"
7857
7858requires_gnutls
Hanno Becker6a243642017-10-12 15:18:45 +01007859requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard0c4cbc72014-09-02 14:47:31 +02007860run_test "DTLS reassembly: fragmentation, nbio, renego (gnutls server)" \
7861 "$G_SRV -u --mtu 256" \
7862 "$P_CLI debug_level=3 nbio=2 dtls=1 renegotiation=1 renegotiate=1" \
7863 0 \
7864 -c "found fragmented DTLS handshake message" \
7865 -c "client hello, adding renegotiation extension" \
7866 -c "found renegotiation extension" \
7867 -c "=> renegotiate" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02007868 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0c4cbc72014-09-02 14:47:31 +02007869 -C "error" \
7870 -s "Extra-header:"
7871
Manuel Pégourié-Gonnarda7756172014-08-31 18:37:01 +02007872run_test "DTLS reassembly: no fragmentation (openssl server)" \
7873 "$O_SRV -dtls1 -mtu 2048" \
7874 "$P_CLI dtls=1 debug_level=2" \
7875 0 \
7876 -C "found fragmented DTLS handshake message" \
7877 -C "error"
7878
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02007879run_test "DTLS reassembly: some fragmentation (openssl server)" \
7880 "$O_SRV -dtls1 -mtu 768" \
Manuel Pégourié-Gonnard64dffc52014-09-02 13:39:16 +02007881 "$P_CLI dtls=1 debug_level=2" \
7882 0 \
7883 -c "found fragmented DTLS handshake message" \
7884 -C "error"
7885
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02007886run_test "DTLS reassembly: more fragmentation (openssl server)" \
Manuel Pégourié-Gonnard64dffc52014-09-02 13:39:16 +02007887 "$O_SRV -dtls1 -mtu 256" \
7888 "$P_CLI dtls=1 debug_level=2" \
7889 0 \
7890 -c "found fragmented DTLS handshake message" \
7891 -C "error"
7892
7893run_test "DTLS reassembly: fragmentation, nbio (openssl server)" \
7894 "$O_SRV -dtls1 -mtu 256" \
7895 "$P_CLI dtls=1 nbio=2 debug_level=2" \
7896 0 \
7897 -c "found fragmented DTLS handshake message" \
7898 -C "error"
Manuel Pégourié-Gonnarda7756172014-08-31 18:37:01 +02007899
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02007900# Tests for sending fragmented handshake messages with DTLS
7901#
7902# Use client auth when we need the client to send large messages,
7903# and use large cert chains on both sides too (the long chains we have all use
7904# both RSA and ECDSA, but ideally we should have long chains with either).
7905# Sizes reached (UDP payload):
7906# - 2037B for server certificate
7907# - 1542B for client certificate
7908# - 1013B for newsessionticket
7909# - all others below 512B
7910# All those tests assume MAX_CONTENT_LEN is at least 2048
7911
7912requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7913requires_config_enabled MBEDTLS_RSA_C
7914requires_config_enabled MBEDTLS_ECDSA_C
7915requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
7916run_test "DTLS fragmenting: none (for reference)" \
7917 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
7918 crt_file=data_files/server7_int-ca.crt \
7919 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007920 hs_timeout=2500-60000 \
Hanno Becker12405e72018-08-13 16:45:46 +01007921 max_frag_len=4096" \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02007922 "$P_CLI dtls=1 debug_level=2 \
7923 crt_file=data_files/server8_int-ca2.crt \
7924 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007925 hs_timeout=2500-60000 \
Hanno Becker12405e72018-08-13 16:45:46 +01007926 max_frag_len=4096" \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02007927 0 \
7928 -S "found fragmented DTLS handshake message" \
7929 -C "found fragmented DTLS handshake message" \
7930 -C "error"
7931
7932requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7933requires_config_enabled MBEDTLS_RSA_C
7934requires_config_enabled MBEDTLS_ECDSA_C
7935requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02007936run_test "DTLS fragmenting: server only (max_frag_len)" \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02007937 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
7938 crt_file=data_files/server7_int-ca.crt \
7939 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007940 hs_timeout=2500-60000 \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02007941 max_frag_len=1024" \
7942 "$P_CLI dtls=1 debug_level=2 \
7943 crt_file=data_files/server8_int-ca2.crt \
7944 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007945 hs_timeout=2500-60000 \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02007946 max_frag_len=2048" \
7947 0 \
7948 -S "found fragmented DTLS handshake message" \
7949 -c "found fragmented DTLS handshake message" \
7950 -C "error"
7951
Hanno Becker69ca0ad2018-08-24 12:11:35 +01007952# With the MFL extension, the server has no way of forcing
7953# the client to not exceed a certain MTU; hence, the following
7954# test can't be replicated with an MTU proxy such as the one
7955# `client-initiated, server only (max_frag_len)` below.
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02007956requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7957requires_config_enabled MBEDTLS_RSA_C
7958requires_config_enabled MBEDTLS_ECDSA_C
7959requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02007960run_test "DTLS fragmenting: server only (more) (max_frag_len)" \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02007961 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
7962 crt_file=data_files/server7_int-ca.crt \
7963 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007964 hs_timeout=2500-60000 \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02007965 max_frag_len=512" \
7966 "$P_CLI dtls=1 debug_level=2 \
7967 crt_file=data_files/server8_int-ca2.crt \
7968 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007969 hs_timeout=2500-60000 \
Hanno Becker69ca0ad2018-08-24 12:11:35 +01007970 max_frag_len=4096" \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02007971 0 \
7972 -S "found fragmented DTLS handshake message" \
7973 -c "found fragmented DTLS handshake message" \
7974 -C "error"
7975
7976requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7977requires_config_enabled MBEDTLS_RSA_C
7978requires_config_enabled MBEDTLS_ECDSA_C
7979requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02007980run_test "DTLS fragmenting: client-initiated, server only (max_frag_len)" \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02007981 "$P_SRV dtls=1 debug_level=2 auth_mode=none \
7982 crt_file=data_files/server7_int-ca.crt \
7983 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007984 hs_timeout=2500-60000 \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02007985 max_frag_len=2048" \
7986 "$P_CLI dtls=1 debug_level=2 \
7987 crt_file=data_files/server8_int-ca2.crt \
7988 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04007989 hs_timeout=2500-60000 \
7990 max_frag_len=1024" \
7991 0 \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02007992 -S "found fragmented DTLS handshake message" \
7993 -c "found fragmented DTLS handshake message" \
7994 -C "error"
7995
Hanno Beckerc92b5c82018-08-24 11:48:01 +01007996# While not required by the standard defining the MFL extension
7997# (according to which it only applies to records, not to datagrams),
7998# Mbed TLS will never send datagrams larger than MFL + { Max record expansion },
7999# as otherwise there wouldn't be any means to communicate MTU restrictions
8000# to the peer.
8001# The next test checks that no datagrams significantly larger than the
8002# negotiated MFL are sent.
8003requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8004requires_config_enabled MBEDTLS_RSA_C
8005requires_config_enabled MBEDTLS_ECDSA_C
8006requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
8007run_test "DTLS fragmenting: client-initiated, server only (max_frag_len), proxy MTU" \
Andrzej Kurek0fc9cf42018-10-09 03:09:41 -04008008 -p "$P_PXY mtu=1110" \
Hanno Beckerc92b5c82018-08-24 11:48:01 +01008009 "$P_SRV dtls=1 debug_level=2 auth_mode=none \
8010 crt_file=data_files/server7_int-ca.crt \
8011 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008012 hs_timeout=2500-60000 \
Hanno Beckerc92b5c82018-08-24 11:48:01 +01008013 max_frag_len=2048" \
8014 "$P_CLI dtls=1 debug_level=2 \
8015 crt_file=data_files/server8_int-ca2.crt \
8016 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008017 hs_timeout=2500-60000 \
8018 max_frag_len=1024" \
Hanno Beckerc92b5c82018-08-24 11:48:01 +01008019 0 \
8020 -S "found fragmented DTLS handshake message" \
8021 -c "found fragmented DTLS handshake message" \
8022 -C "error"
8023
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02008024requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8025requires_config_enabled MBEDTLS_RSA_C
8026requires_config_enabled MBEDTLS_ECDSA_C
8027requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02008028run_test "DTLS fragmenting: client-initiated, both (max_frag_len)" \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02008029 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
8030 crt_file=data_files/server7_int-ca.crt \
8031 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008032 hs_timeout=2500-60000 \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02008033 max_frag_len=2048" \
8034 "$P_CLI dtls=1 debug_level=2 \
8035 crt_file=data_files/server8_int-ca2.crt \
8036 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008037 hs_timeout=2500-60000 \
8038 max_frag_len=1024" \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02008039 0 \
8040 -s "found fragmented DTLS handshake message" \
8041 -c "found fragmented DTLS handshake message" \
8042 -C "error"
8043
Hanno Beckerc92b5c82018-08-24 11:48:01 +01008044# While not required by the standard defining the MFL extension
8045# (according to which it only applies to records, not to datagrams),
8046# Mbed TLS will never send datagrams larger than MFL + { Max record expansion },
8047# as otherwise there wouldn't be any means to communicate MTU restrictions
8048# to the peer.
8049# The next test checks that no datagrams significantly larger than the
8050# negotiated MFL are sent.
8051requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8052requires_config_enabled MBEDTLS_RSA_C
8053requires_config_enabled MBEDTLS_ECDSA_C
8054requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
8055run_test "DTLS fragmenting: client-initiated, both (max_frag_len), proxy MTU" \
Andrzej Kurek0fc9cf42018-10-09 03:09:41 -04008056 -p "$P_PXY mtu=1110" \
Hanno Beckerc92b5c82018-08-24 11:48:01 +01008057 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
8058 crt_file=data_files/server7_int-ca.crt \
8059 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008060 hs_timeout=2500-60000 \
Hanno Beckerc92b5c82018-08-24 11:48:01 +01008061 max_frag_len=2048" \
8062 "$P_CLI dtls=1 debug_level=2 \
8063 crt_file=data_files/server8_int-ca2.crt \
8064 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008065 hs_timeout=2500-60000 \
8066 max_frag_len=1024" \
Hanno Beckerc92b5c82018-08-24 11:48:01 +01008067 0 \
8068 -s "found fragmented DTLS handshake message" \
8069 -c "found fragmented DTLS handshake message" \
8070 -C "error"
8071
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02008072requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8073requires_config_enabled MBEDTLS_RSA_C
8074requires_config_enabled MBEDTLS_ECDSA_C
8075run_test "DTLS fragmenting: none (for reference) (MTU)" \
8076 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
8077 crt_file=data_files/server7_int-ca.crt \
8078 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008079 hs_timeout=2500-60000 \
Hanno Becker12405e72018-08-13 16:45:46 +01008080 mtu=4096" \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02008081 "$P_CLI dtls=1 debug_level=2 \
8082 crt_file=data_files/server8_int-ca2.crt \
8083 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008084 hs_timeout=2500-60000 \
Hanno Becker12405e72018-08-13 16:45:46 +01008085 mtu=4096" \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02008086 0 \
8087 -S "found fragmented DTLS handshake message" \
8088 -C "found fragmented DTLS handshake message" \
8089 -C "error"
8090
8091requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8092requires_config_enabled MBEDTLS_RSA_C
8093requires_config_enabled MBEDTLS_ECDSA_C
8094run_test "DTLS fragmenting: client (MTU)" \
8095 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
8096 crt_file=data_files/server7_int-ca.crt \
8097 key_file=data_files/server7.key \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008098 hs_timeout=3500-60000 \
Hanno Becker12405e72018-08-13 16:45:46 +01008099 mtu=4096" \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02008100 "$P_CLI dtls=1 debug_level=2 \
8101 crt_file=data_files/server8_int-ca2.crt \
8102 key_file=data_files/server8.key \
Andrzej Kurek948fe802018-10-05 15:42:44 -04008103 hs_timeout=3500-60000 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008104 mtu=1024" \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02008105 0 \
8106 -s "found fragmented DTLS handshake message" \
8107 -C "found fragmented DTLS handshake message" \
8108 -C "error"
8109
8110requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8111requires_config_enabled MBEDTLS_RSA_C
8112requires_config_enabled MBEDTLS_ECDSA_C
8113run_test "DTLS fragmenting: server (MTU)" \
8114 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
8115 crt_file=data_files/server7_int-ca.crt \
8116 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008117 hs_timeout=2500-60000 \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02008118 mtu=512" \
8119 "$P_CLI dtls=1 debug_level=2 \
8120 crt_file=data_files/server8_int-ca2.crt \
8121 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008122 hs_timeout=2500-60000 \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02008123 mtu=2048" \
8124 0 \
8125 -S "found fragmented DTLS handshake message" \
8126 -c "found fragmented DTLS handshake message" \
8127 -C "error"
8128
8129requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8130requires_config_enabled MBEDTLS_RSA_C
8131requires_config_enabled MBEDTLS_ECDSA_C
Andrzej Kurek7311c782018-10-11 06:49:41 -04008132run_test "DTLS fragmenting: both (MTU=1024)" \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008133 -p "$P_PXY mtu=1024" \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02008134 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
8135 crt_file=data_files/server7_int-ca.crt \
8136 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008137 hs_timeout=2500-60000 \
Andrzej Kurek95805282018-10-11 08:55:37 -04008138 mtu=1024" \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02008139 "$P_CLI dtls=1 debug_level=2 \
8140 crt_file=data_files/server8_int-ca2.crt \
8141 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008142 hs_timeout=2500-60000 \
8143 mtu=1024" \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02008144 0 \
8145 -s "found fragmented DTLS handshake message" \
8146 -c "found fragmented DTLS handshake message" \
8147 -C "error"
8148
Andrzej Kurek77826052018-10-11 07:34:08 -04008149# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
Andrzej Kurek7311c782018-10-11 06:49:41 -04008150requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8151requires_config_enabled MBEDTLS_RSA_C
8152requires_config_enabled MBEDTLS_ECDSA_C
8153requires_config_enabled MBEDTLS_SHA256_C
8154requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
8155requires_config_enabled MBEDTLS_AES_C
8156requires_config_enabled MBEDTLS_GCM_C
8157run_test "DTLS fragmenting: both (MTU=512)" \
Hanno Becker8d832182018-03-15 10:14:19 +00008158 -p "$P_PXY mtu=512" \
Hanno Becker72a4f032017-11-15 16:39:20 +00008159 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
8160 crt_file=data_files/server7_int-ca.crt \
8161 key_file=data_files/server7.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04008162 hs_timeout=2500-60000 \
Hanno Becker72a4f032017-11-15 16:39:20 +00008163 mtu=512" \
8164 "$P_CLI dtls=1 debug_level=2 \
8165 crt_file=data_files/server8_int-ca2.crt \
8166 key_file=data_files/server8.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04008167 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
8168 hs_timeout=2500-60000 \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +02008169 mtu=512" \
Manuel Pégourié-Gonnard63eca932014-09-08 16:39:08 +02008170 0 \
Manuel Pégourié-Gonnard246c13a2014-09-24 13:56:09 +02008171 -s "found fragmented DTLS handshake message" \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +02008172 -c "found fragmented DTLS handshake message" \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02008173 -C "error"
Manuel Pégourié-Gonnard74a13782014-10-14 22:34:08 +02008174
Andrzej Kurek7311c782018-10-11 06:49:41 -04008175# Test for automatic MTU reduction on repeated resend.
Andrzej Kurek77826052018-10-11 07:34:08 -04008176# Forcing ciphersuite for this test to fit the MTU of 508 with full config.
Andrzej Kurek7311c782018-10-11 06:49:41 -04008177# The ratio of max/min timeout should ideally equal 4 to accept two
8178# retransmissions, but in some cases (like both the server and client using
8179# fragmentation and auto-reduction) an extra retransmission might occur,
8180# hence the ratio of 8.
Hanno Becker37029eb2018-08-29 17:01:40 +01008181not_with_valgrind
Manuel Pégourié-Gonnardb8eec192018-08-20 09:34:02 +02008182requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8183requires_config_enabled MBEDTLS_RSA_C
8184requires_config_enabled MBEDTLS_ECDSA_C
Andrzej Kurek7311c782018-10-11 06:49:41 -04008185requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
8186requires_config_enabled MBEDTLS_AES_C
8187requires_config_enabled MBEDTLS_GCM_C
Gilles Peskine0d8b86a2019-09-20 18:03:11 +02008188run_test "DTLS fragmenting: proxy MTU: auto-reduction (not valgrind)" \
Manuel Pégourié-Gonnardb8eec192018-08-20 09:34:02 +02008189 -p "$P_PXY mtu=508" \
8190 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
8191 crt_file=data_files/server7_int-ca.crt \
Andrzej Kurek7311c782018-10-11 06:49:41 -04008192 key_file=data_files/server7.key \
8193 hs_timeout=400-3200" \
Manuel Pégourié-Gonnardb8eec192018-08-20 09:34:02 +02008194 "$P_CLI dtls=1 debug_level=2 \
8195 crt_file=data_files/server8_int-ca2.crt \
8196 key_file=data_files/server8.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04008197 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
8198 hs_timeout=400-3200" \
Manuel Pégourié-Gonnardb8eec192018-08-20 09:34:02 +02008199 0 \
8200 -s "found fragmented DTLS handshake message" \
8201 -c "found fragmented DTLS handshake message" \
8202 -C "error"
8203
Andrzej Kurek77826052018-10-11 07:34:08 -04008204# Forcing ciphersuite for this test to fit the MTU of 508 with full config.
Hanno Becker108992e2018-08-29 17:04:18 +01008205only_with_valgrind
8206requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8207requires_config_enabled MBEDTLS_RSA_C
8208requires_config_enabled MBEDTLS_ECDSA_C
Andrzej Kurek7311c782018-10-11 06:49:41 -04008209requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
8210requires_config_enabled MBEDTLS_AES_C
8211requires_config_enabled MBEDTLS_GCM_C
Gilles Peskine0d8b86a2019-09-20 18:03:11 +02008212run_test "DTLS fragmenting: proxy MTU: auto-reduction (with valgrind)" \
Hanno Becker108992e2018-08-29 17:04:18 +01008213 -p "$P_PXY mtu=508" \
8214 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
8215 crt_file=data_files/server7_int-ca.crt \
Andrzej Kurek7311c782018-10-11 06:49:41 -04008216 key_file=data_files/server7.key \
Hanno Becker108992e2018-08-29 17:04:18 +01008217 hs_timeout=250-10000" \
8218 "$P_CLI dtls=1 debug_level=2 \
8219 crt_file=data_files/server8_int-ca2.crt \
8220 key_file=data_files/server8.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04008221 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Hanno Becker108992e2018-08-29 17:04:18 +01008222 hs_timeout=250-10000" \
8223 0 \
8224 -s "found fragmented DTLS handshake message" \
8225 -c "found fragmented DTLS handshake message" \
8226 -C "error"
8227
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008228# the proxy shouldn't drop or mess up anything, so we shouldn't need to resend
Manuel Pégourié-Gonnard3d183ce2018-08-22 09:56:22 +02008229# OTOH the client might resend if the server is to slow to reset after sending
8230# a HelloVerifyRequest, so only check for no retransmission server-side
Andrzej Kurek35f2f302018-10-09 08:52:14 -04008231not_with_valgrind # spurious autoreduction due to timeout
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008232requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8233requires_config_enabled MBEDTLS_RSA_C
8234requires_config_enabled MBEDTLS_ECDSA_C
Andrzej Kurek7311c782018-10-11 06:49:41 -04008235run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=1024)" \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008236 -p "$P_PXY mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008237 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
8238 crt_file=data_files/server7_int-ca.crt \
8239 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008240 hs_timeout=10000-60000 \
8241 mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008242 "$P_CLI dtls=1 debug_level=2 \
8243 crt_file=data_files/server8_int-ca2.crt \
8244 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008245 hs_timeout=10000-60000 \
8246 mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008247 0 \
Andrzej Kurek35f2f302018-10-09 08:52:14 -04008248 -S "autoreduction" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008249 -s "found fragmented DTLS handshake message" \
8250 -c "found fragmented DTLS handshake message" \
8251 -C "error"
8252
Andrzej Kurek77826052018-10-11 07:34:08 -04008253# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
Andrzej Kurek7311c782018-10-11 06:49:41 -04008254# the proxy shouldn't drop or mess up anything, so we shouldn't need to resend
8255# OTOH the client might resend if the server is to slow to reset after sending
8256# a HelloVerifyRequest, so only check for no retransmission server-side
Andrzej Kurek35f2f302018-10-09 08:52:14 -04008257not_with_valgrind # spurious autoreduction due to timeout
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +02008258requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8259requires_config_enabled MBEDTLS_RSA_C
8260requires_config_enabled MBEDTLS_ECDSA_C
Andrzej Kurek7311c782018-10-11 06:49:41 -04008261requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
8262requires_config_enabled MBEDTLS_AES_C
8263requires_config_enabled MBEDTLS_GCM_C
8264run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=512)" \
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +02008265 -p "$P_PXY mtu=512" \
8266 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
8267 crt_file=data_files/server7_int-ca.crt \
8268 key_file=data_files/server7.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04008269 hs_timeout=10000-60000 \
8270 mtu=512" \
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +02008271 "$P_CLI dtls=1 debug_level=2 \
8272 crt_file=data_files/server8_int-ca2.crt \
8273 key_file=data_files/server8.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04008274 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
8275 hs_timeout=10000-60000 \
8276 mtu=512" \
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +02008277 0 \
Andrzej Kurek7311c782018-10-11 06:49:41 -04008278 -S "autoreduction" \
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +02008279 -s "found fragmented DTLS handshake message" \
8280 -c "found fragmented DTLS handshake message" \
8281 -C "error"
8282
Andrzej Kurek7311c782018-10-11 06:49:41 -04008283not_with_valgrind # spurious autoreduction due to timeout
8284requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8285requires_config_enabled MBEDTLS_RSA_C
8286requires_config_enabled MBEDTLS_ECDSA_C
8287run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=1024)" \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008288 -p "$P_PXY mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008289 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
8290 crt_file=data_files/server7_int-ca.crt \
8291 key_file=data_files/server7.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04008292 hs_timeout=10000-60000 \
8293 mtu=1024 nbio=2" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008294 "$P_CLI dtls=1 debug_level=2 \
8295 crt_file=data_files/server8_int-ca2.crt \
8296 key_file=data_files/server8.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04008297 hs_timeout=10000-60000 \
8298 mtu=1024 nbio=2" \
8299 0 \
8300 -S "autoreduction" \
8301 -s "found fragmented DTLS handshake message" \
8302 -c "found fragmented DTLS handshake message" \
8303 -C "error"
8304
Andrzej Kurek77826052018-10-11 07:34:08 -04008305# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
Andrzej Kurek7311c782018-10-11 06:49:41 -04008306not_with_valgrind # spurious autoreduction due to timeout
8307requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8308requires_config_enabled MBEDTLS_RSA_C
8309requires_config_enabled MBEDTLS_ECDSA_C
8310requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
8311requires_config_enabled MBEDTLS_AES_C
8312requires_config_enabled MBEDTLS_GCM_C
8313run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=512)" \
8314 -p "$P_PXY mtu=512" \
8315 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
8316 crt_file=data_files/server7_int-ca.crt \
8317 key_file=data_files/server7.key \
8318 hs_timeout=10000-60000 \
8319 mtu=512 nbio=2" \
8320 "$P_CLI dtls=1 debug_level=2 \
8321 crt_file=data_files/server8_int-ca2.crt \
8322 key_file=data_files/server8.key \
8323 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
8324 hs_timeout=10000-60000 \
8325 mtu=512 nbio=2" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008326 0 \
Andrzej Kurek35f2f302018-10-09 08:52:14 -04008327 -S "autoreduction" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008328 -s "found fragmented DTLS handshake message" \
8329 -c "found fragmented DTLS handshake message" \
8330 -C "error"
8331
Andrzej Kurek77826052018-10-11 07:34:08 -04008332# Forcing ciphersuite for this test to fit the MTU of 1450 with full config.
Hanno Beckerb841b4f2018-08-28 10:25:51 +01008333# This ensures things still work after session_reset().
8334# It also exercises the "resumed handshake" flow.
Manuel Pégourié-Gonnard19c62f92018-08-16 10:50:39 +02008335# Since we don't support reading fragmented ClientHello yet,
8336# up the MTU to 1450 (larger than ClientHello with session ticket,
8337# but still smaller than client's Certificate to ensure fragmentation).
Andrzej Kurek35f2f302018-10-09 08:52:14 -04008338# An autoreduction on the client-side might happen if the server is
8339# slow to reset, therefore omitting '-C "autoreduction"' below.
Manuel Pégourié-Gonnard2f2d9022018-08-21 12:17:54 +02008340# reco_delay avoids races where the client reconnects before the server has
Andrzej Kurek35f2f302018-10-09 08:52:14 -04008341# resumed listening, which would result in a spurious autoreduction.
8342not_with_valgrind # spurious autoreduction due to timeout
Manuel Pégourié-Gonnard19c62f92018-08-16 10:50:39 +02008343requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8344requires_config_enabled MBEDTLS_RSA_C
8345requires_config_enabled MBEDTLS_ECDSA_C
Andrzej Kurek7311c782018-10-11 06:49:41 -04008346requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
8347requires_config_enabled MBEDTLS_AES_C
8348requires_config_enabled MBEDTLS_GCM_C
Manuel Pégourié-Gonnard19c62f92018-08-16 10:50:39 +02008349run_test "DTLS fragmenting: proxy MTU, resumed handshake" \
8350 -p "$P_PXY mtu=1450" \
8351 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
8352 crt_file=data_files/server7_int-ca.crt \
8353 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008354 hs_timeout=10000-60000 \
Manuel Pégourié-Gonnard19c62f92018-08-16 10:50:39 +02008355 mtu=1450" \
8356 "$P_CLI dtls=1 debug_level=2 \
8357 crt_file=data_files/server8_int-ca2.crt \
8358 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008359 hs_timeout=10000-60000 \
Andrzej Kurek7311c782018-10-11 06:49:41 -04008360 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +01008361 mtu=1450 reconnect=1 skip_close_notify=1 reco_delay=1" \
Manuel Pégourié-Gonnard19c62f92018-08-16 10:50:39 +02008362 0 \
Andrzej Kurek35f2f302018-10-09 08:52:14 -04008363 -S "autoreduction" \
Manuel Pégourié-Gonnard19c62f92018-08-16 10:50:39 +02008364 -s "found fragmented DTLS handshake message" \
8365 -c "found fragmented DTLS handshake message" \
8366 -C "error"
8367
Andrzej Kurek35f2f302018-10-09 08:52:14 -04008368# An autoreduction on the client-side might happen if the server is
8369# slow to reset, therefore omitting '-C "autoreduction"' below.
8370not_with_valgrind # spurious autoreduction due to timeout
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008371requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8372requires_config_enabled MBEDTLS_RSA_C
8373requires_config_enabled MBEDTLS_ECDSA_C
8374requires_config_enabled MBEDTLS_SHA256_C
8375requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
8376requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
8377requires_config_enabled MBEDTLS_CHACHAPOLY_C
8378run_test "DTLS fragmenting: proxy MTU, ChachaPoly renego" \
8379 -p "$P_PXY mtu=512" \
8380 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
8381 crt_file=data_files/server7_int-ca.crt \
8382 key_file=data_files/server7.key \
8383 exchanges=2 renegotiation=1 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008384 hs_timeout=10000-60000 \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008385 mtu=512" \
8386 "$P_CLI dtls=1 debug_level=2 \
8387 crt_file=data_files/server8_int-ca2.crt \
8388 key_file=data_files/server8.key \
8389 exchanges=2 renegotiation=1 renegotiate=1 \
Andrzej Kurek7311c782018-10-11 06:49:41 -04008390 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008391 hs_timeout=10000-60000 \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008392 mtu=512" \
8393 0 \
Andrzej Kurek35f2f302018-10-09 08:52:14 -04008394 -S "autoreduction" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008395 -s "found fragmented DTLS handshake message" \
8396 -c "found fragmented DTLS handshake message" \
8397 -C "error"
8398
Andrzej Kurek35f2f302018-10-09 08:52:14 -04008399# An autoreduction on the client-side might happen if the server is
8400# slow to reset, therefore omitting '-C "autoreduction"' below.
8401not_with_valgrind # spurious autoreduction due to timeout
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008402requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8403requires_config_enabled MBEDTLS_RSA_C
8404requires_config_enabled MBEDTLS_ECDSA_C
8405requires_config_enabled MBEDTLS_SHA256_C
8406requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
8407requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
8408requires_config_enabled MBEDTLS_AES_C
8409requires_config_enabled MBEDTLS_GCM_C
8410run_test "DTLS fragmenting: proxy MTU, AES-GCM renego" \
8411 -p "$P_PXY mtu=512" \
8412 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
8413 crt_file=data_files/server7_int-ca.crt \
8414 key_file=data_files/server7.key \
8415 exchanges=2 renegotiation=1 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008416 hs_timeout=10000-60000 \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008417 mtu=512" \
8418 "$P_CLI dtls=1 debug_level=2 \
8419 crt_file=data_files/server8_int-ca2.crt \
8420 key_file=data_files/server8.key \
8421 exchanges=2 renegotiation=1 renegotiate=1 \
Andrzej Kurek7311c782018-10-11 06:49:41 -04008422 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008423 hs_timeout=10000-60000 \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008424 mtu=512" \
8425 0 \
Andrzej Kurek35f2f302018-10-09 08:52:14 -04008426 -S "autoreduction" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008427 -s "found fragmented DTLS handshake message" \
8428 -c "found fragmented DTLS handshake message" \
8429 -C "error"
8430
Andrzej Kurek35f2f302018-10-09 08:52:14 -04008431# An autoreduction on the client-side might happen if the server is
8432# slow to reset, therefore omitting '-C "autoreduction"' below.
8433not_with_valgrind # spurious autoreduction due to timeout
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008434requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8435requires_config_enabled MBEDTLS_RSA_C
8436requires_config_enabled MBEDTLS_ECDSA_C
8437requires_config_enabled MBEDTLS_SHA256_C
8438requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
8439requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
8440requires_config_enabled MBEDTLS_AES_C
8441requires_config_enabled MBEDTLS_CCM_C
8442run_test "DTLS fragmenting: proxy MTU, AES-CCM renego" \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008443 -p "$P_PXY mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008444 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
8445 crt_file=data_files/server7_int-ca.crt \
8446 key_file=data_files/server7.key \
8447 exchanges=2 renegotiation=1 \
8448 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008449 hs_timeout=10000-60000 \
8450 mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008451 "$P_CLI dtls=1 debug_level=2 \
8452 crt_file=data_files/server8_int-ca2.crt \
8453 key_file=data_files/server8.key \
8454 exchanges=2 renegotiation=1 renegotiate=1 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008455 hs_timeout=10000-60000 \
8456 mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008457 0 \
Andrzej Kurek35f2f302018-10-09 08:52:14 -04008458 -S "autoreduction" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008459 -s "found fragmented DTLS handshake message" \
8460 -c "found fragmented DTLS handshake message" \
8461 -C "error"
8462
Andrzej Kurek35f2f302018-10-09 08:52:14 -04008463# An autoreduction on the client-side might happen if the server is
8464# slow to reset, therefore omitting '-C "autoreduction"' below.
8465not_with_valgrind # spurious autoreduction due to timeout
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008466requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8467requires_config_enabled MBEDTLS_RSA_C
8468requires_config_enabled MBEDTLS_ECDSA_C
8469requires_config_enabled MBEDTLS_SHA256_C
8470requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
8471requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
8472requires_config_enabled MBEDTLS_AES_C
8473requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
8474requires_config_enabled MBEDTLS_SSL_ENCRYPT_THEN_MAC
8475run_test "DTLS fragmenting: proxy MTU, AES-CBC EtM renego" \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008476 -p "$P_PXY mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008477 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
8478 crt_file=data_files/server7_int-ca.crt \
8479 key_file=data_files/server7.key \
8480 exchanges=2 renegotiation=1 \
8481 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008482 hs_timeout=10000-60000 \
8483 mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008484 "$P_CLI dtls=1 debug_level=2 \
8485 crt_file=data_files/server8_int-ca2.crt \
8486 key_file=data_files/server8.key \
8487 exchanges=2 renegotiation=1 renegotiate=1 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008488 hs_timeout=10000-60000 \
8489 mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008490 0 \
Andrzej Kurek35f2f302018-10-09 08:52:14 -04008491 -S "autoreduction" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008492 -s "found fragmented DTLS handshake message" \
8493 -c "found fragmented DTLS handshake message" \
8494 -C "error"
8495
Andrzej Kurek35f2f302018-10-09 08:52:14 -04008496# An autoreduction on the client-side might happen if the server is
8497# slow to reset, therefore omitting '-C "autoreduction"' below.
8498not_with_valgrind # spurious autoreduction due to timeout
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008499requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8500requires_config_enabled MBEDTLS_RSA_C
8501requires_config_enabled MBEDTLS_ECDSA_C
8502requires_config_enabled MBEDTLS_SHA256_C
8503requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
8504requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
8505requires_config_enabled MBEDTLS_AES_C
8506requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
8507run_test "DTLS fragmenting: proxy MTU, AES-CBC non-EtM renego" \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008508 -p "$P_PXY mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008509 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
8510 crt_file=data_files/server7_int-ca.crt \
8511 key_file=data_files/server7.key \
8512 exchanges=2 renegotiation=1 \
8513 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 etm=0 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008514 hs_timeout=10000-60000 \
8515 mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008516 "$P_CLI dtls=1 debug_level=2 \
8517 crt_file=data_files/server8_int-ca2.crt \
8518 key_file=data_files/server8.key \
8519 exchanges=2 renegotiation=1 renegotiate=1 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04008520 hs_timeout=10000-60000 \
8521 mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008522 0 \
Andrzej Kurek35f2f302018-10-09 08:52:14 -04008523 -S "autoreduction" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02008524 -s "found fragmented DTLS handshake message" \
8525 -c "found fragmented DTLS handshake message" \
8526 -C "error"
8527
Andrzej Kurek77826052018-10-11 07:34:08 -04008528# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
Manuel Pégourié-Gonnard2d56f0d2018-08-16 11:09:03 +02008529requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8530requires_config_enabled MBEDTLS_RSA_C
8531requires_config_enabled MBEDTLS_ECDSA_C
Andrzej Kurek7311c782018-10-11 06:49:41 -04008532requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
8533requires_config_enabled MBEDTLS_AES_C
8534requires_config_enabled MBEDTLS_GCM_C
Manuel Pégourié-Gonnard2d56f0d2018-08-16 11:09:03 +02008535client_needs_more_time 2
8536run_test "DTLS fragmenting: proxy MTU + 3d" \
8537 -p "$P_PXY mtu=512 drop=8 delay=8 duplicate=8" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01008538 "$P_SRV dgram_packing=0 dtls=1 debug_level=2 auth_mode=required \
Manuel Pégourié-Gonnard2d56f0d2018-08-16 11:09:03 +02008539 crt_file=data_files/server7_int-ca.crt \
8540 key_file=data_files/server7.key \
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02008541 hs_timeout=250-10000 mtu=512" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01008542 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
Manuel Pégourié-Gonnard2d56f0d2018-08-16 11:09:03 +02008543 crt_file=data_files/server8_int-ca2.crt \
8544 key_file=data_files/server8.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04008545 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02008546 hs_timeout=250-10000 mtu=512" \
Manuel Pégourié-Gonnard2d56f0d2018-08-16 11:09:03 +02008547 0 \
8548 -s "found fragmented DTLS handshake message" \
8549 -c "found fragmented DTLS handshake message" \
8550 -C "error"
8551
Andrzej Kurek77826052018-10-11 07:34:08 -04008552# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +02008553requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8554requires_config_enabled MBEDTLS_RSA_C
8555requires_config_enabled MBEDTLS_ECDSA_C
Andrzej Kurek7311c782018-10-11 06:49:41 -04008556requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA
8557requires_config_enabled MBEDTLS_AES_C
8558requires_config_enabled MBEDTLS_GCM_C
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +02008559client_needs_more_time 2
8560run_test "DTLS fragmenting: proxy MTU + 3d, nbio" \
8561 -p "$P_PXY mtu=512 drop=8 delay=8 duplicate=8" \
8562 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
8563 crt_file=data_files/server7_int-ca.crt \
8564 key_file=data_files/server7.key \
8565 hs_timeout=250-10000 mtu=512 nbio=2" \
8566 "$P_CLI dtls=1 debug_level=2 \
8567 crt_file=data_files/server8_int-ca2.crt \
8568 key_file=data_files/server8.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04008569 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +02008570 hs_timeout=250-10000 mtu=512 nbio=2" \
8571 0 \
8572 -s "found fragmented DTLS handshake message" \
8573 -c "found fragmented DTLS handshake message" \
8574 -C "error"
8575
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02008576# interop tests for DTLS fragmentating with reliable connection
8577#
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02008578# here and below we just want to test that the we fragment in a way that
8579# pleases other implementations, so we don't need the peer to fragment
8580requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8581requires_config_enabled MBEDTLS_RSA_C
8582requires_config_enabled MBEDTLS_ECDSA_C
8583requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard61512982018-08-21 09:40:07 +02008584requires_gnutls
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02008585run_test "DTLS fragmenting: gnutls server, DTLS 1.2" \
8586 "$G_SRV -u" \
8587 "$P_CLI dtls=1 debug_level=2 \
8588 crt_file=data_files/server8_int-ca2.crt \
8589 key_file=data_files/server8.key \
8590 mtu=512 force_version=dtls1_2" \
8591 0 \
8592 -c "fragmenting handshake message" \
8593 -C "error"
8594
8595requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8596requires_config_enabled MBEDTLS_RSA_C
8597requires_config_enabled MBEDTLS_ECDSA_C
8598requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
Manuel Pégourié-Gonnard61512982018-08-21 09:40:07 +02008599requires_gnutls
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02008600run_test "DTLS fragmenting: gnutls server, DTLS 1.0" \
8601 "$G_SRV -u" \
8602 "$P_CLI dtls=1 debug_level=2 \
8603 crt_file=data_files/server8_int-ca2.crt \
8604 key_file=data_files/server8.key \
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02008605 mtu=512 force_version=dtls1" \
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02008606 0 \
8607 -c "fragmenting handshake message" \
8608 -C "error"
8609
Hanno Beckerb9a00862018-08-28 10:20:22 +01008610# We use --insecure for the GnuTLS client because it expects
8611# the hostname / IP it connects to to be the name used in the
8612# certificate obtained from the server. Here, however, it
8613# connects to 127.0.0.1 while our test certificates use 'localhost'
8614# as the server name in the certificate. This will make the
8615# certifiate validation fail, but passing --insecure makes
8616# GnuTLS continue the connection nonetheless.
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02008617requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8618requires_config_enabled MBEDTLS_RSA_C
8619requires_config_enabled MBEDTLS_ECDSA_C
8620requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard61512982018-08-21 09:40:07 +02008621requires_gnutls
Andrzej Kurekb4593462018-10-11 08:43:30 -04008622requires_not_i686
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02008623run_test "DTLS fragmenting: gnutls client, DTLS 1.2" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02008624 "$P_SRV dtls=1 debug_level=2 \
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02008625 crt_file=data_files/server7_int-ca.crt \
8626 key_file=data_files/server7.key \
8627 mtu=512 force_version=dtls1_2" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02008628 "$G_CLI -u --insecure 127.0.0.1" \
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02008629 0 \
8630 -s "fragmenting handshake message"
8631
Hanno Beckerb9a00862018-08-28 10:20:22 +01008632# See previous test for the reason to use --insecure
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02008633requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8634requires_config_enabled MBEDTLS_RSA_C
8635requires_config_enabled MBEDTLS_ECDSA_C
8636requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
Manuel Pégourié-Gonnard61512982018-08-21 09:40:07 +02008637requires_gnutls
Andrzej Kurekb4593462018-10-11 08:43:30 -04008638requires_not_i686
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02008639run_test "DTLS fragmenting: gnutls client, DTLS 1.0" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02008640 "$P_SRV dtls=1 debug_level=2 \
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02008641 crt_file=data_files/server7_int-ca.crt \
8642 key_file=data_files/server7.key \
8643 mtu=512 force_version=dtls1" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02008644 "$G_CLI -u --insecure 127.0.0.1" \
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02008645 0 \
8646 -s "fragmenting handshake message"
8647
8648requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8649requires_config_enabled MBEDTLS_RSA_C
8650requires_config_enabled MBEDTLS_ECDSA_C
8651requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
8652run_test "DTLS fragmenting: openssl server, DTLS 1.2" \
8653 "$O_SRV -dtls1_2 -verify 10" \
8654 "$P_CLI dtls=1 debug_level=2 \
8655 crt_file=data_files/server8_int-ca2.crt \
8656 key_file=data_files/server8.key \
8657 mtu=512 force_version=dtls1_2" \
8658 0 \
8659 -c "fragmenting handshake message" \
8660 -C "error"
8661
8662requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8663requires_config_enabled MBEDTLS_RSA_C
8664requires_config_enabled MBEDTLS_ECDSA_C
8665requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
8666run_test "DTLS fragmenting: openssl server, DTLS 1.0" \
8667 "$O_SRV -dtls1 -verify 10" \
8668 "$P_CLI dtls=1 debug_level=2 \
8669 crt_file=data_files/server8_int-ca2.crt \
8670 key_file=data_files/server8.key \
8671 mtu=512 force_version=dtls1" \
8672 0 \
8673 -c "fragmenting handshake message" \
8674 -C "error"
8675
8676requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8677requires_config_enabled MBEDTLS_RSA_C
8678requires_config_enabled MBEDTLS_ECDSA_C
8679requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
8680run_test "DTLS fragmenting: openssl client, DTLS 1.2" \
8681 "$P_SRV dtls=1 debug_level=2 \
8682 crt_file=data_files/server7_int-ca.crt \
8683 key_file=data_files/server7.key \
8684 mtu=512 force_version=dtls1_2" \
8685 "$O_CLI -dtls1_2" \
8686 0 \
8687 -s "fragmenting handshake message"
8688
8689requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8690requires_config_enabled MBEDTLS_RSA_C
8691requires_config_enabled MBEDTLS_ECDSA_C
8692requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
8693run_test "DTLS fragmenting: openssl client, DTLS 1.0" \
8694 "$P_SRV dtls=1 debug_level=2 \
8695 crt_file=data_files/server7_int-ca.crt \
8696 key_file=data_files/server7.key \
8697 mtu=512 force_version=dtls1" \
8698 "$O_CLI -dtls1" \
8699 0 \
8700 -s "fragmenting handshake message"
8701
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02008702# interop tests for DTLS fragmentating with unreliable connection
8703#
8704# again we just want to test that the we fragment in a way that
8705# pleases other implementations, so we don't need the peer to fragment
8706requires_gnutls_next
8707requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8708requires_config_enabled MBEDTLS_RSA_C
8709requires_config_enabled MBEDTLS_ECDSA_C
8710requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02008711client_needs_more_time 4
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02008712run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.2" \
8713 -p "$P_PXY drop=8 delay=8 duplicate=8" \
8714 "$G_NEXT_SRV -u" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01008715 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02008716 crt_file=data_files/server8_int-ca2.crt \
8717 key_file=data_files/server8.key \
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02008718 hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02008719 0 \
8720 -c "fragmenting handshake message" \
8721 -C "error"
8722
8723requires_gnutls_next
8724requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8725requires_config_enabled MBEDTLS_RSA_C
8726requires_config_enabled MBEDTLS_ECDSA_C
8727requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02008728client_needs_more_time 4
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02008729run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.0" \
8730 -p "$P_PXY drop=8 delay=8 duplicate=8" \
8731 "$G_NEXT_SRV -u" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01008732 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02008733 crt_file=data_files/server8_int-ca2.crt \
8734 key_file=data_files/server8.key \
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02008735 hs_timeout=250-60000 mtu=512 force_version=dtls1" \
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02008736 0 \
8737 -c "fragmenting handshake message" \
8738 -C "error"
8739
k-stachowiak17a38d32019-02-18 15:29:56 +01008740requires_gnutls_next
Hanno Becker3b8b40c2018-08-28 10:25:41 +01008741requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8742requires_config_enabled MBEDTLS_RSA_C
8743requires_config_enabled MBEDTLS_ECDSA_C
8744requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
8745client_needs_more_time 4
8746run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.2" \
8747 -p "$P_PXY drop=8 delay=8 duplicate=8" \
8748 "$P_SRV dtls=1 debug_level=2 \
8749 crt_file=data_files/server7_int-ca.crt \
8750 key_file=data_files/server7.key \
8751 hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \
k-stachowiak17a38d32019-02-18 15:29:56 +01008752 "$G_NEXT_CLI -u --insecure 127.0.0.1" \
Hanno Becker3b8b40c2018-08-28 10:25:41 +01008753 0 \
8754 -s "fragmenting handshake message"
8755
k-stachowiak17a38d32019-02-18 15:29:56 +01008756requires_gnutls_next
Hanno Becker3b8b40c2018-08-28 10:25:41 +01008757requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8758requires_config_enabled MBEDTLS_RSA_C
8759requires_config_enabled MBEDTLS_ECDSA_C
8760requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
8761client_needs_more_time 4
8762run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.0" \
8763 -p "$P_PXY drop=8 delay=8 duplicate=8" \
8764 "$P_SRV dtls=1 debug_level=2 \
8765 crt_file=data_files/server7_int-ca.crt \
8766 key_file=data_files/server7.key \
8767 hs_timeout=250-60000 mtu=512 force_version=dtls1" \
k-stachowiak17a38d32019-02-18 15:29:56 +01008768 "$G_NEXT_CLI -u --insecure 127.0.0.1" \
Hanno Becker3b8b40c2018-08-28 10:25:41 +01008769 0 \
8770 -s "fragmenting handshake message"
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02008771
Manuel Pégourié-Gonnardc1eda672018-09-03 10:41:49 +02008772## Interop test with OpenSSL might trigger a bug in recent versions (including
8773## all versions installed on the CI machines), reported here:
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02008774## Bug report: https://github.com/openssl/openssl/issues/6902
Manuel Pégourié-Gonnardc1eda672018-09-03 10:41:49 +02008775## They should be re-enabled once a fixed version of OpenSSL is available
8776## (this should happen in some 1.1.1_ release according to the ticket).
Hanno Becker3b8b40c2018-08-28 10:25:41 +01008777skip_next_test
8778requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8779requires_config_enabled MBEDTLS_RSA_C
8780requires_config_enabled MBEDTLS_ECDSA_C
8781requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
8782client_needs_more_time 4
8783run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.2" \
8784 -p "$P_PXY drop=8 delay=8 duplicate=8" \
8785 "$O_SRV -dtls1_2 -verify 10" \
8786 "$P_CLI dtls=1 debug_level=2 \
8787 crt_file=data_files/server8_int-ca2.crt \
8788 key_file=data_files/server8.key \
8789 hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \
8790 0 \
8791 -c "fragmenting handshake message" \
8792 -C "error"
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02008793
Manuel Pégourié-Gonnardc1eda672018-09-03 10:41:49 +02008794skip_next_test
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02008795requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8796requires_config_enabled MBEDTLS_RSA_C
8797requires_config_enabled MBEDTLS_ECDSA_C
8798requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02008799client_needs_more_time 4
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02008800run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.0" \
8801 -p "$P_PXY drop=8 delay=8 duplicate=8" \
Manuel Pégourié-Gonnardc1eda672018-09-03 10:41:49 +02008802 "$O_SRV -dtls1 -verify 10" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01008803 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02008804 crt_file=data_files/server8_int-ca2.crt \
8805 key_file=data_files/server8.key \
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02008806 hs_timeout=250-60000 mtu=512 force_version=dtls1" \
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02008807 0 \
8808 -c "fragmenting handshake message" \
8809 -C "error"
8810
Manuel Pégourié-Gonnardc1eda672018-09-03 10:41:49 +02008811skip_next_test
8812requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8813requires_config_enabled MBEDTLS_RSA_C
8814requires_config_enabled MBEDTLS_ECDSA_C
8815requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
8816client_needs_more_time 4
8817run_test "DTLS fragmenting: 3d, openssl client, DTLS 1.2" \
8818 -p "$P_PXY drop=8 delay=8 duplicate=8" \
8819 "$P_SRV dtls=1 debug_level=2 \
8820 crt_file=data_files/server7_int-ca.crt \
8821 key_file=data_files/server7.key \
8822 hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \
8823 "$O_CLI -dtls1_2" \
8824 0 \
8825 -s "fragmenting handshake message"
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02008826
8827# -nbio is added to prevent s_client from blocking in case of duplicated
8828# messages at the end of the handshake
Manuel Pégourié-Gonnardc1eda672018-09-03 10:41:49 +02008829skip_next_test
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02008830requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
8831requires_config_enabled MBEDTLS_RSA_C
8832requires_config_enabled MBEDTLS_ECDSA_C
8833requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02008834client_needs_more_time 4
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02008835run_test "DTLS fragmenting: 3d, openssl client, DTLS 1.0" \
8836 -p "$P_PXY drop=8 delay=8 duplicate=8" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01008837 "$P_SRV dgram_packing=0 dtls=1 debug_level=2 \
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02008838 crt_file=data_files/server7_int-ca.crt \
8839 key_file=data_files/server7.key \
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02008840 hs_timeout=250-60000 mtu=512 force_version=dtls1" \
Manuel Pégourié-Gonnardc1eda672018-09-03 10:41:49 +02008841 "$O_CLI -nbio -dtls1" \
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02008842 0 \
8843 -s "fragmenting handshake message"
8844
Ron Eldorb4655392018-07-05 18:25:39 +03008845# Tests for DTLS-SRTP (RFC 5764)
8846requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
8847run_test "DTLS-SRTP all profiles supported" \
8848 "$P_SRV dtls=1 use_srtp=1 debug_level=3" \
8849 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
8850 0 \
8851 -s "found use_srtp extension" \
8852 -s "found srtp profile" \
8853 -s "selected srtp profile" \
8854 -s "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02008855 -s "DTLS-SRTP key material is"\
Ron Eldorb4655392018-07-05 18:25:39 +03008856 -c "client hello, adding use_srtp extension" \
8857 -c "found use_srtp extension" \
8858 -c "found srtp profile" \
8859 -c "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02008860 -c "DTLS-SRTP key material is"\
Johan Pascal9bc50b02020-09-24 12:01:13 +02008861 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
Ron Eldorb4655392018-07-05 18:25:39 +03008862 -C "error"
8863
Johan Pascal9bc50b02020-09-24 12:01:13 +02008864
Ron Eldorb4655392018-07-05 18:25:39 +03008865requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
8866run_test "DTLS-SRTP server supports all profiles. Client supports one profile." \
8867 "$P_SRV dtls=1 use_srtp=1 debug_level=3" \
Johan Pascal43f94902020-09-22 12:25:52 +02008868 "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=5 debug_level=3" \
Ron Eldorb4655392018-07-05 18:25:39 +03008869 0 \
8870 -s "found use_srtp extension" \
Johan Pascal43f94902020-09-22 12:25:52 +02008871 -s "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" \
8872 -s "selected srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" \
Ron Eldorb4655392018-07-05 18:25:39 +03008873 -s "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02008874 -s "DTLS-SRTP key material is"\
Ron Eldorb4655392018-07-05 18:25:39 +03008875 -c "client hello, adding use_srtp extension" \
8876 -c "found use_srtp extension" \
Johan Pascal43f94902020-09-22 12:25:52 +02008877 -c "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" \
Ron Eldorb4655392018-07-05 18:25:39 +03008878 -c "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02008879 -c "DTLS-SRTP key material is"\
Johan Pascal9bc50b02020-09-24 12:01:13 +02008880 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
Ron Eldorb4655392018-07-05 18:25:39 +03008881 -C "error"
8882
8883requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Ron Eldor3c6a44b2018-07-10 10:32:10 +03008884run_test "DTLS-SRTP server supports one profile. Client supports all profiles." \
Johan Pascal43f94902020-09-22 12:25:52 +02008885 "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=6 debug_level=3" \
Ron Eldorb4655392018-07-05 18:25:39 +03008886 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
8887 0 \
8888 -s "found use_srtp extension" \
8889 -s "found srtp profile" \
Johan Pascal43f94902020-09-22 12:25:52 +02008890 -s "selected srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" \
Ron Eldorb4655392018-07-05 18:25:39 +03008891 -s "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02008892 -s "DTLS-SRTP key material is"\
Ron Eldorb4655392018-07-05 18:25:39 +03008893 -c "client hello, adding use_srtp extension" \
8894 -c "found use_srtp extension" \
Johan Pascal43f94902020-09-22 12:25:52 +02008895 -c "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" \
Ron Eldorb4655392018-07-05 18:25:39 +03008896 -c "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02008897 -c "DTLS-SRTP key material is"\
Johan Pascal9bc50b02020-09-24 12:01:13 +02008898 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
Ron Eldorb4655392018-07-05 18:25:39 +03008899 -C "error"
8900
8901requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
8902run_test "DTLS-SRTP server and Client support only one matching profile." \
8903 "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
8904 "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
8905 0 \
8906 -s "found use_srtp extension" \
Johan Pascal43f94902020-09-22 12:25:52 +02008907 -s "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
8908 -s "selected srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
Ron Eldorb4655392018-07-05 18:25:39 +03008909 -s "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02008910 -s "DTLS-SRTP key material is"\
Ron Eldorb4655392018-07-05 18:25:39 +03008911 -c "client hello, adding use_srtp extension" \
8912 -c "found use_srtp extension" \
Johan Pascal43f94902020-09-22 12:25:52 +02008913 -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
Ron Eldorb4655392018-07-05 18:25:39 +03008914 -c "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02008915 -c "DTLS-SRTP key material is"\
Johan Pascal9bc50b02020-09-24 12:01:13 +02008916 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
Ron Eldorb4655392018-07-05 18:25:39 +03008917 -C "error"
8918
8919requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
8920run_test "DTLS-SRTP server and Client support only one different profile." \
8921 "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
Johan Pascal43f94902020-09-22 12:25:52 +02008922 "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=6 debug_level=3" \
Ron Eldorb4655392018-07-05 18:25:39 +03008923 0 \
8924 -s "found use_srtp extension" \
Johan Pascal43f94902020-09-22 12:25:52 +02008925 -s "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" \
Ron Eldorb4655392018-07-05 18:25:39 +03008926 -S "selected srtp profile" \
8927 -S "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02008928 -S "DTLS-SRTP key material is"\
Ron Eldorb4655392018-07-05 18:25:39 +03008929 -c "client hello, adding use_srtp extension" \
8930 -C "found use_srtp extension" \
8931 -C "found srtp profile" \
8932 -C "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02008933 -C "DTLS-SRTP key material is"\
Ron Eldorb4655392018-07-05 18:25:39 +03008934 -C "error"
8935
8936requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
8937run_test "DTLS-SRTP server doesn't support use_srtp extension." \
8938 "$P_SRV dtls=1 debug_level=3" \
8939 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
8940 0 \
8941 -s "found use_srtp extension" \
8942 -S "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02008943 -S "DTLS-SRTP key material is"\
Ron Eldorb4655392018-07-05 18:25:39 +03008944 -c "client hello, adding use_srtp extension" \
8945 -C "found use_srtp extension" \
8946 -C "found srtp profile" \
8947 -C "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02008948 -C "DTLS-SRTP key material is"\
Ron Eldorb4655392018-07-05 18:25:39 +03008949 -C "error"
8950
8951requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
8952run_test "DTLS-SRTP all profiles supported. mki used" \
8953 "$P_SRV dtls=1 use_srtp=1 support_mki=1 debug_level=3" \
8954 "$P_CLI dtls=1 use_srtp=1 mki=542310ab34290481 debug_level=3" \
8955 0 \
8956 -s "found use_srtp extension" \
8957 -s "found srtp profile" \
8958 -s "selected srtp profile" \
8959 -s "server hello, adding use_srtp extension" \
8960 -s "dumping 'using mki' (8 bytes)" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02008961 -s "DTLS-SRTP key material is"\
Ron Eldorb4655392018-07-05 18:25:39 +03008962 -c "client hello, adding use_srtp extension" \
8963 -c "found use_srtp extension" \
8964 -c "found srtp profile" \
8965 -c "selected srtp profile" \
8966 -c "dumping 'sending mki' (8 bytes)" \
8967 -c "dumping 'received mki' (8 bytes)" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02008968 -c "DTLS-SRTP key material is"\
Johan Pascal9bc50b02020-09-24 12:01:13 +02008969 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
Johan Pascal20c7db32020-10-26 22:45:58 +01008970 -g "find_in_both '^ *DTLS-SRTP mki value: [0-9A-F]*$'"\
Ron Eldorb4655392018-07-05 18:25:39 +03008971 -C "error"
8972
8973requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
8974run_test "DTLS-SRTP all profiles supported. server doesn't support mki." \
8975 "$P_SRV dtls=1 use_srtp=1 debug_level=3" \
8976 "$P_CLI dtls=1 use_srtp=1 mki=542310ab34290481 debug_level=3" \
8977 0 \
8978 -s "found use_srtp extension" \
8979 -s "found srtp profile" \
8980 -s "selected srtp profile" \
8981 -s "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02008982 -s "DTLS-SRTP key material is"\
Johan Pascal5ef72d22020-10-28 17:05:47 +01008983 -s "DTLS-SRTP no mki value negotiated"\
Ron Eldorb4655392018-07-05 18:25:39 +03008984 -S "dumping 'using mki' (8 bytes)" \
8985 -c "client hello, adding use_srtp extension" \
8986 -c "found use_srtp extension" \
8987 -c "found srtp profile" \
8988 -c "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02008989 -c "DTLS-SRTP key material is"\
Johan Pascal5ef72d22020-10-28 17:05:47 +01008990 -c "DTLS-SRTP no mki value negotiated"\
Johan Pascal9bc50b02020-09-24 12:01:13 +02008991 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
Ron Eldorb4655392018-07-05 18:25:39 +03008992 -c "dumping 'sending mki' (8 bytes)" \
8993 -C "dumping 'received mki' (8 bytes)" \
8994 -C "error"
8995
Ron Eldor3c6a44b2018-07-10 10:32:10 +03008996requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
8997run_test "DTLS-SRTP all profiles supported. openssl client." \
8998 "$P_SRV dtls=1 use_srtp=1 debug_level=3" \
Johan Pascal39cfd3b2020-09-23 18:49:13 +02008999 "$O_CLI -dtls1 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009000 0 \
9001 -s "found use_srtp extension" \
9002 -s "found srtp profile" \
9003 -s "selected srtp profile" \
9004 -s "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02009005 -s "DTLS-SRTP key material is"\
Johan Pascal9bc50b02020-09-24 12:01:13 +02009006 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009007 -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_80"
9008
9009requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
9010run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, in different order. openssl client." \
9011 "$P_SRV dtls=1 use_srtp=1 debug_level=3" \
Johan Pascal39cfd3b2020-09-23 18:49:13 +02009012 "$O_CLI -dtls1 -use_srtp SRTP_AES128_CM_SHA1_32:SRTP_AES128_CM_SHA1_80 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009013 0 \
9014 -s "found use_srtp extension" \
9015 -s "found srtp profile" \
9016 -s "selected srtp profile" \
9017 -s "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02009018 -s "DTLS-SRTP key material is"\
Johan Pascal9bc50b02020-09-24 12:01:13 +02009019 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009020 -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32"
9021
9022requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
9023run_test "DTLS-SRTP server supports all profiles. Client supports one profile. openssl client." \
9024 "$P_SRV dtls=1 use_srtp=1 debug_level=3" \
Johan Pascal39cfd3b2020-09-23 18:49:13 +02009025 "$O_CLI -dtls1 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009026 0 \
9027 -s "found use_srtp extension" \
9028 -s "found srtp profile" \
9029 -s "selected srtp profile" \
9030 -s "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02009031 -s "DTLS-SRTP key material is"\
Johan Pascal9bc50b02020-09-24 12:01:13 +02009032 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009033 -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32"
9034
9035requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
9036run_test "DTLS-SRTP server supports one profile. Client supports all profiles. openssl client." \
9037 "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
Johan Pascal39cfd3b2020-09-23 18:49:13 +02009038 "$O_CLI -dtls1 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009039 0 \
9040 -s "found use_srtp extension" \
9041 -s "found srtp profile" \
9042 -s "selected srtp profile" \
9043 -s "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02009044 -s "DTLS-SRTP key material is"\
Johan Pascal9bc50b02020-09-24 12:01:13 +02009045 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009046 -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32"
9047
9048requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
9049run_test "DTLS-SRTP server and Client support only one matching profile. openssl client." \
9050 "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
Johan Pascal39cfd3b2020-09-23 18:49:13 +02009051 "$O_CLI -dtls1 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009052 0 \
9053 -s "found use_srtp extension" \
9054 -s "found srtp profile" \
9055 -s "selected srtp profile" \
9056 -s "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02009057 -s "DTLS-SRTP key material is"\
Johan Pascal9bc50b02020-09-24 12:01:13 +02009058 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009059 -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32"
9060
9061requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
9062run_test "DTLS-SRTP server and Client support only one different profile. openssl client." \
9063 "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=1 debug_level=3" \
Johan Pascal39cfd3b2020-09-23 18:49:13 +02009064 "$O_CLI -dtls1 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009065 0 \
9066 -s "found use_srtp extension" \
9067 -s "found srtp profile" \
9068 -S "selected srtp profile" \
9069 -S "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02009070 -S "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009071 -C "SRTP Extension negotiated, profile"
9072
9073requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
9074run_test "DTLS-SRTP server doesn't support use_srtp extension. openssl client" \
9075 "$P_SRV dtls=1 debug_level=3" \
Johan Pascal39cfd3b2020-09-23 18:49:13 +02009076 "$O_CLI -dtls1 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009077 0 \
9078 -s "found use_srtp extension" \
9079 -S "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02009080 -S "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009081 -C "SRTP Extension negotiated, profile"
9082
9083requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
9084run_test "DTLS-SRTP all profiles supported. openssl server" \
Johan Pascal39cfd3b2020-09-23 18:49:13 +02009085 "$O_SRV -dtls1 -verify 0 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009086 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
9087 0 \
9088 -c "client hello, adding use_srtp extension" \
9089 -c "found use_srtp extension" \
9090 -c "found srtp profile" \
Johan Pascal43f94902020-09-22 12:25:52 +02009091 -c "selected srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02009092 -c "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009093 -C "error"
9094
9095requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
9096run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, in different order. openssl server." \
Johan Pascal39cfd3b2020-09-23 18:49:13 +02009097 "$O_SRV -dtls1 -verify 0 -use_srtp SRTP_AES128_CM_SHA1_32:SRTP_AES128_CM_SHA1_80 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009098 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
9099 0 \
9100 -c "client hello, adding use_srtp extension" \
9101 -c "found use_srtp extension" \
9102 -c "found srtp profile" \
9103 -c "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02009104 -c "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009105 -C "error"
9106
9107requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
9108run_test "DTLS-SRTP server supports all profiles. Client supports one profile. openssl server." \
Johan Pascal39cfd3b2020-09-23 18:49:13 +02009109 "$O_SRV -dtls1 -verify 0 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009110 "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
9111 0 \
9112 -c "client hello, adding use_srtp extension" \
9113 -c "found use_srtp extension" \
Johan Pascal43f94902020-09-22 12:25:52 +02009114 -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009115 -c "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02009116 -c "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009117 -C "error"
9118
9119requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
9120run_test "DTLS-SRTP server supports one profile. Client supports all profiles. openssl server." \
Johan Pascal39cfd3b2020-09-23 18:49:13 +02009121 "$O_SRV -dtls1 -verify 0 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009122 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
9123 0 \
9124 -c "client hello, adding use_srtp extension" \
9125 -c "found use_srtp extension" \
Johan Pascal43f94902020-09-22 12:25:52 +02009126 -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009127 -c "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02009128 -c "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009129 -C "error"
9130
9131requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
9132run_test "DTLS-SRTP server and Client support only one matching profile. openssl server." \
Johan Pascal39cfd3b2020-09-23 18:49:13 +02009133 "$O_SRV -dtls1 -verify 0 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009134 "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
9135 0 \
9136 -c "client hello, adding use_srtp extension" \
9137 -c "found use_srtp extension" \
Johan Pascal43f94902020-09-22 12:25:52 +02009138 -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009139 -c "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02009140 -c "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009141 -C "error"
9142
9143requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
9144run_test "DTLS-SRTP server and Client support only one different profile. openssl server." \
Johan Pascal39cfd3b2020-09-23 18:49:13 +02009145 "$O_SRV -dtls1 -verify 0 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
Johan Pascal43f94902020-09-22 12:25:52 +02009146 "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=6 debug_level=3" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009147 0 \
9148 -c "client hello, adding use_srtp extension" \
9149 -C "found use_srtp extension" \
9150 -C "found srtp profile" \
9151 -C "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02009152 -C "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009153 -C "error"
9154
9155requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
9156run_test "DTLS-SRTP server doesn't support use_srtp extension. openssl server" \
9157 "$O_SRV -dtls1" \
9158 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
9159 0 \
9160 -c "client hello, adding use_srtp extension" \
9161 -C "found use_srtp extension" \
9162 -C "found srtp profile" \
9163 -C "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02009164 -C "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009165 -C "error"
9166
9167requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
9168run_test "DTLS-SRTP all profiles supported. server doesn't support mki. openssl server." \
Johan Pascal39cfd3b2020-09-23 18:49:13 +02009169 "$O_SRV -dtls1 -verify 0 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportlen 60" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009170 "$P_CLI dtls=1 use_srtp=1 mki=542310ab34290481 debug_level=3" \
9171 0 \
9172 -c "client hello, adding use_srtp extension" \
9173 -c "found use_srtp extension" \
9174 -c "found srtp profile" \
9175 -c "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02009176 -c "DTLS-SRTP key material is"\
Johan Pascal5ef72d22020-10-28 17:05:47 +01009177 -c "DTLS-SRTP no mki value negotiated"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009178 -c "dumping 'sending mki' (8 bytes)" \
9179 -C "dumping 'received mki' (8 bytes)" \
9180 -C "error"
9181
9182requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Ron Eldor5d991c92019-01-15 18:54:03 +02009183requires_gnutls
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009184run_test "DTLS-SRTP all profiles supported. gnutls client." \
Ron Eldor5d991c92019-01-15 18:54:03 +02009185 "$P_SRV dtls=1 use_srtp=1 debug_level=3" \
9186 "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32 --insecure 127.0.0.1" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009187 0 \
9188 -s "found use_srtp extension" \
9189 -s "found srtp profile" \
9190 -s "selected srtp profile" \
9191 -s "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02009192 -s "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009193 -c "SRTP profile: SRTP_AES128_CM_HMAC_SHA1_80"
9194
9195requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Ron Eldor5d991c92019-01-15 18:54:03 +02009196requires_gnutls
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009197run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, in different order. gnutls client." \
Ron Eldor5d991c92019-01-15 18:54:03 +02009198 "$P_SRV dtls=1 use_srtp=1 debug_level=3" \
9199 "$G_CLI -u --srtp-profiles=SRTP_NULL_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_80:SRTP_NULL_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_32 --insecure 127.0.0.1" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009200 0 \
9201 -s "found use_srtp extension" \
9202 -s "found srtp profile" \
9203 -s "selected srtp profile" \
9204 -s "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02009205 -s "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009206 -c "SRTP profile: SRTP_NULL_HMAC_SHA1_80"
9207
9208requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Ron Eldor5d991c92019-01-15 18:54:03 +02009209requires_gnutls
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009210run_test "DTLS-SRTP server supports all profiles. Client supports one profile. gnutls client." \
Ron Eldor5d991c92019-01-15 18:54:03 +02009211 "$P_SRV dtls=1 use_srtp=1 debug_level=3" \
9212 "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32 --insecure 127.0.0.1" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009213 0 \
9214 -s "found use_srtp extension" \
Johan Pascal43f94902020-09-22 12:25:52 +02009215 -s "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
9216 -s "selected srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009217 -s "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02009218 -s "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009219 -c "SRTP profile: SRTP_AES128_CM_HMAC_SHA1_32"
9220
9221requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Ron Eldor5d991c92019-01-15 18:54:03 +02009222requires_gnutls
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009223run_test "DTLS-SRTP server supports one profile. Client supports all profiles. gnutls client." \
Johan Pascal43f94902020-09-22 12:25:52 +02009224 "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=6 debug_level=3" \
Ron Eldor5d991c92019-01-15 18:54:03 +02009225 "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32 --insecure 127.0.0.1" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009226 0 \
9227 -s "found use_srtp extension" \
9228 -s "found srtp profile" \
Johan Pascal43f94902020-09-22 12:25:52 +02009229 -s "selected srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009230 -s "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02009231 -s "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009232 -c "SRTP profile: SRTP_NULL_SHA1_32"
9233
9234requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Ron Eldor5d991c92019-01-15 18:54:03 +02009235requires_gnutls
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009236run_test "DTLS-SRTP server and Client support only one matching profile. gnutls client." \
Ron Eldor5d991c92019-01-15 18:54:03 +02009237 "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
9238 "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32 --insecure 127.0.0.1" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009239 0 \
9240 -s "found use_srtp extension" \
9241 -s "found srtp profile" \
9242 -s "selected srtp profile" \
9243 -s "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02009244 -s "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009245 -c "SRTP profile: SRTP_AES128_CM_HMAC_SHA1_32"
9246
9247requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Ron Eldor5d991c92019-01-15 18:54:03 +02009248requires_gnutls
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009249run_test "DTLS-SRTP server and Client support only one different profile. gnutls client." \
Ron Eldor5d991c92019-01-15 18:54:03 +02009250 "$P_SRV dtls=1 use_srtp=1 srtp_force_profile=1 debug_level=3" \
9251 "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32 --insecure 127.0.0.1" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009252 0 \
9253 -s "found use_srtp extension" \
9254 -s "found srtp profile" \
9255 -S "selected srtp profile" \
9256 -S "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02009257 -S "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009258 -C "SRTP profile:"
9259
9260requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Ron Eldor5d991c92019-01-15 18:54:03 +02009261requires_gnutls
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009262run_test "DTLS-SRTP server doesn't support use_srtp extension. gnutls client" \
Ron Eldor5d991c92019-01-15 18:54:03 +02009263 "$P_SRV dtls=1 debug_level=3" \
9264 "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32 --insecure 127.0.0.1" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009265 0 \
9266 -s "found use_srtp extension" \
9267 -S "server hello, adding use_srtp extension" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02009268 -S "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009269 -C "SRTP profile:"
9270
9271requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Ron Eldor5d991c92019-01-15 18:54:03 +02009272requires_gnutls
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009273run_test "DTLS-SRTP all profiles supported. gnutls server" \
9274 "$G_SRV -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32" \
9275 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
9276 0 \
9277 -c "client hello, adding use_srtp extension" \
9278 -c "found use_srtp extension" \
9279 -c "found srtp profile" \
Johan Pascal43f94902020-09-22 12:25:52 +02009280 -c "selected srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02009281 -c "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009282 -C "error"
9283
9284requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Ron Eldor5d991c92019-01-15 18:54:03 +02009285requires_gnutls
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009286run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, in different order. gnutls server." \
9287 "$G_SRV -u --srtp-profiles=SRTP_NULL_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_80:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32" \
9288 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
9289 0 \
9290 -c "client hello, adding use_srtp extension" \
9291 -c "found use_srtp extension" \
9292 -c "found srtp profile" \
Johan Pascal43f94902020-09-22 12:25:52 +02009293 -c "selected srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02009294 -c "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009295 -C "error"
9296
9297requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Ron Eldor5d991c92019-01-15 18:54:03 +02009298requires_gnutls
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009299run_test "DTLS-SRTP server supports all profiles. Client supports one profile. gnutls server." \
9300 "$G_SRV -u --srtp-profiles=SRTP_NULL_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_80:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32" \
9301 "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
9302 0 \
9303 -c "client hello, adding use_srtp extension" \
9304 -c "found use_srtp extension" \
Johan Pascal43f94902020-09-22 12:25:52 +02009305 -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009306 -c "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02009307 -c "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009308 -C "error"
9309
9310requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Ron Eldor5d991c92019-01-15 18:54:03 +02009311requires_gnutls
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009312run_test "DTLS-SRTP server supports one profile. Client supports all profiles. gnutls server." \
9313 "$G_SRV -u --srtp-profiles=SRTP_NULL_HMAC_SHA1_80" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02009314 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009315 0 \
9316 -c "client hello, adding use_srtp extension" \
9317 -c "found use_srtp extension" \
Johan Pascal43f94902020-09-22 12:25:52 +02009318 -c "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009319 -c "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02009320 -c "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009321 -C "error"
9322
9323requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Ron Eldor5d991c92019-01-15 18:54:03 +02009324requires_gnutls
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009325run_test "DTLS-SRTP server and Client support only one matching profile. gnutls server." \
9326 "$G_SRV -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32" \
9327 "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=2 debug_level=3" \
9328 0 \
9329 -c "client hello, adding use_srtp extension" \
9330 -c "found use_srtp extension" \
Johan Pascal43f94902020-09-22 12:25:52 +02009331 -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009332 -c "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02009333 -c "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009334 -C "error"
9335
9336requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Ron Eldor5d991c92019-01-15 18:54:03 +02009337requires_gnutls
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009338run_test "DTLS-SRTP server and Client support only one different profile. gnutls server." \
9339 "$G_SRV -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32" \
Johan Pascal43f94902020-09-22 12:25:52 +02009340 "$P_CLI dtls=1 use_srtp=1 srtp_force_profile=6 debug_level=3" \
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009341 0 \
9342 -c "client hello, adding use_srtp extension" \
9343 -C "found use_srtp extension" \
9344 -C "found srtp profile" \
9345 -C "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02009346 -C "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009347 -C "error"
9348
9349requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Ron Eldor5d991c92019-01-15 18:54:03 +02009350requires_gnutls
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009351run_test "DTLS-SRTP server doesn't support use_srtp extension. gnutls server" \
9352 "$G_SRV -u" \
9353 "$P_CLI dtls=1 use_srtp=1 debug_level=3" \
9354 0 \
9355 -c "client hello, adding use_srtp extension" \
9356 -C "found use_srtp extension" \
9357 -C "found srtp profile" \
9358 -C "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02009359 -C "DTLS-SRTP key material is"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009360 -C "error"
9361
9362requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
Ron Eldor5d991c92019-01-15 18:54:03 +02009363requires_gnutls
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009364run_test "DTLS-SRTP all profiles supported. mki used. gnutls server." \
9365 "$G_SRV -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_SHA1_80:SRTP_NULL_SHA1_32" \
9366 "$P_CLI dtls=1 use_srtp=1 mki=542310ab34290481 debug_level=3" \
9367 0 \
9368 -c "client hello, adding use_srtp extension" \
9369 -c "found use_srtp extension" \
9370 -c "found srtp profile" \
9371 -c "selected srtp profile" \
Johan Pascal9bc97ca2020-09-21 23:44:45 +02009372 -c "DTLS-SRTP key material is"\
Johan Pascal20c7db32020-10-26 22:45:58 +01009373 -c "DTLS-SRTP mki value:"\
Ron Eldor3c6a44b2018-07-10 10:32:10 +03009374 -c "dumping 'sending mki' (8 bytes)" \
9375 -c "dumping 'received mki' (8 bytes)" \
9376 -C "error"
9377
Manuel Pégourié-Gonnarda7756172014-08-31 18:37:01 +02009378# Tests for specific things with "unreliable" UDP connection
9379
9380not_with_valgrind # spurious resend due to timeout
9381run_test "DTLS proxy: reference" \
9382 -p "$P_PXY" \
Manuel Pégourié-Gonnardb6929892019-09-09 11:14:37 +02009383 "$P_SRV dtls=1 debug_level=2 hs_timeout=10000-20000" \
9384 "$P_CLI dtls=1 debug_level=2 hs_timeout=10000-20000" \
Manuel Pégourié-Gonnarda7756172014-08-31 18:37:01 +02009385 0 \
9386 -C "replayed record" \
9387 -S "replayed record" \
Hanno Beckerb2a86c32019-07-19 15:43:09 +01009388 -C "Buffer record from epoch" \
9389 -S "Buffer record from epoch" \
9390 -C "ssl_buffer_message" \
9391 -S "ssl_buffer_message" \
Manuel Pégourié-Gonnarda7756172014-08-31 18:37:01 +02009392 -C "discarding invalid record" \
Manuel Pégourié-Gonnard990f9e42014-09-06 12:27:02 +02009393 -S "discarding invalid record" \
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +02009394 -S "resend" \
Manuel Pégourié-Gonnard990f9e42014-09-06 12:27:02 +02009395 -s "Extra-header:" \
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +02009396 -c "HTTP/1.0 200 OK"
9397
9398not_with_valgrind # spurious resend due to timeout
Manuel Pégourié-Gonnard990f9e42014-09-06 12:27:02 +02009399run_test "DTLS proxy: duplicate every packet" \
9400 -p "$P_PXY duplicate=1" \
Manuel Pégourié-Gonnardb6929892019-09-09 11:14:37 +02009401 "$P_SRV dtls=1 dgram_packing=0 debug_level=2 hs_timeout=10000-20000" \
9402 "$P_CLI dtls=1 dgram_packing=0 debug_level=2 hs_timeout=10000-20000" \
Manuel Pégourié-Gonnard990f9e42014-09-06 12:27:02 +02009403 0 \
9404 -c "replayed record" \
9405 -s "replayed record" \
9406 -c "record from another epoch" \
9407 -s "record from another epoch" \
9408 -S "resend" \
9409 -s "Extra-header:" \
9410 -c "HTTP/1.0 200 OK"
9411
9412run_test "DTLS proxy: duplicate every packet, server anti-replay off" \
9413 -p "$P_PXY duplicate=1" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01009414 "$P_SRV dtls=1 dgram_packing=0 debug_level=2 anti_replay=0" \
9415 "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \
Manuel Pégourié-Gonnard63eca932014-09-08 16:39:08 +02009416 0 \
9417 -c "replayed record" \
9418 -S "replayed record" \
9419 -c "record from another epoch" \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02009420 -s "record from another epoch" \
9421 -c "resend" \
9422 -s "resend" \
Manuel Pégourié-Gonnard246c13a2014-09-24 13:56:09 +02009423 -s "Extra-header:" \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02009424 -c "HTTP/1.0 200 OK"
9425
9426run_test "DTLS proxy: multiple records in same datagram" \
9427 -p "$P_PXY pack=50" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01009428 "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \
9429 "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \
Manuel Pégourié-Gonnard63eca932014-09-08 16:39:08 +02009430 0 \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02009431 -c "next record in same datagram" \
9432 -s "next record in same datagram"
9433
9434run_test "DTLS proxy: multiple records in same datagram, duplicate every packet" \
9435 -p "$P_PXY pack=50 duplicate=1" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01009436 "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \
9437 "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \
Manuel Pégourié-Gonnard246c13a2014-09-24 13:56:09 +02009438 0 \
9439 -c "next record in same datagram" \
9440 -s "next record in same datagram"
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02009441
Manuel Pégourié-Gonnard246c13a2014-09-24 13:56:09 +02009442run_test "DTLS proxy: inject invalid AD record, default badmac_limit" \
9443 -p "$P_PXY bad_ad=1" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01009444 "$P_SRV dtls=1 dgram_packing=0 debug_level=1" \
9445 "$P_CLI dtls=1 dgram_packing=0 debug_level=1 read_timeout=100" \
Manuel Pégourié-Gonnard63eca932014-09-08 16:39:08 +02009446 0 \
Manuel Pégourié-Gonnard74a13782014-10-14 22:34:08 +02009447 -c "discarding invalid record (mac)" \
9448 -s "discarding invalid record (mac)" \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02009449 -s "Extra-header:" \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +02009450 -c "HTTP/1.0 200 OK" \
9451 -S "too many records with bad MAC" \
9452 -S "Verification of the message MAC failed"
9453
9454run_test "DTLS proxy: inject invalid AD record, badmac_limit 1" \
9455 -p "$P_PXY bad_ad=1" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01009456 "$P_SRV dtls=1 dgram_packing=0 debug_level=1 badmac_limit=1" \
9457 "$P_CLI dtls=1 dgram_packing=0 debug_level=1 read_timeout=100" \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +02009458 1 \
Manuel Pégourié-Gonnard74a13782014-10-14 22:34:08 +02009459 -C "discarding invalid record (mac)" \
9460 -S "discarding invalid record (mac)" \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +02009461 -S "Extra-header:" \
9462 -C "HTTP/1.0 200 OK" \
9463 -s "too many records with bad MAC" \
9464 -s "Verification of the message MAC failed"
9465
9466run_test "DTLS proxy: inject invalid AD record, badmac_limit 2" \
9467 -p "$P_PXY bad_ad=1" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01009468 "$P_SRV dtls=1 dgram_packing=0 debug_level=1 badmac_limit=2" \
9469 "$P_CLI dtls=1 dgram_packing=0 debug_level=1 read_timeout=100" \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +02009470 0 \
Manuel Pégourié-Gonnard74a13782014-10-14 22:34:08 +02009471 -c "discarding invalid record (mac)" \
9472 -s "discarding invalid record (mac)" \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +02009473 -s "Extra-header:" \
9474 -c "HTTP/1.0 200 OK" \
9475 -S "too many records with bad MAC" \
9476 -S "Verification of the message MAC failed"
9477
9478run_test "DTLS proxy: inject invalid AD record, badmac_limit 2, exchanges 2"\
9479 -p "$P_PXY bad_ad=1" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01009480 "$P_SRV dtls=1 dgram_packing=0 debug_level=1 badmac_limit=2 exchanges=2" \
9481 "$P_CLI dtls=1 dgram_packing=0 debug_level=1 read_timeout=100 exchanges=2" \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +02009482 1 \
Manuel Pégourié-Gonnard74a13782014-10-14 22:34:08 +02009483 -c "discarding invalid record (mac)" \
9484 -s "discarding invalid record (mac)" \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +02009485 -s "Extra-header:" \
9486 -c "HTTP/1.0 200 OK" \
9487 -s "too many records with bad MAC" \
9488 -s "Verification of the message MAC failed"
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02009489
9490run_test "DTLS proxy: delay ChangeCipherSpec" \
9491 -p "$P_PXY delay_ccs=1" \
Hanno Beckerc4305232018-08-14 13:41:21 +01009492 "$P_SRV dtls=1 debug_level=1 dgram_packing=0" \
9493 "$P_CLI dtls=1 debug_level=1 dgram_packing=0" \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02009494 0 \
9495 -c "record from another epoch" \
9496 -s "record from another epoch" \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02009497 -s "Extra-header:" \
9498 -c "HTTP/1.0 200 OK"
9499
Hanno Beckeraa5d0c42018-08-16 13:15:19 +01009500# Tests for reordering support with DTLS
9501
Hanno Becker56cdfd12018-08-17 13:42:15 +01009502run_test "DTLS reordering: Buffer out-of-order handshake message on client" \
9503 -p "$P_PXY delay_srv=ServerHello" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009504 "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
9505 hs_timeout=2500-60000" \
9506 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
9507 hs_timeout=2500-60000" \
Hanno Beckere3842212018-08-16 15:28:59 +01009508 0 \
9509 -c "Buffering HS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01009510 -c "Next handshake message has been buffered - load"\
9511 -S "Buffering HS message" \
9512 -S "Next handshake message has been buffered - load"\
Hanno Becker39b8bc92018-08-28 17:17:13 +01009513 -C "Injecting buffered CCS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01009514 -C "Remember CCS message" \
Hanno Becker39b8bc92018-08-28 17:17:13 +01009515 -S "Injecting buffered CCS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01009516 -S "Remember CCS message"
Hanno Beckere3842212018-08-16 15:28:59 +01009517
Hanno Beckerdc1e9502018-08-28 16:02:33 +01009518run_test "DTLS reordering: Buffer out-of-order handshake message fragment on client" \
9519 -p "$P_PXY delay_srv=ServerHello" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009520 "$P_SRV mtu=512 dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
9521 hs_timeout=2500-60000" \
9522 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
9523 hs_timeout=2500-60000" \
Hanno Beckerdc1e9502018-08-28 16:02:33 +01009524 0 \
9525 -c "Buffering HS message" \
9526 -c "found fragmented DTLS handshake message"\
9527 -c "Next handshake message 1 not or only partially bufffered" \
9528 -c "Next handshake message has been buffered - load"\
9529 -S "Buffering HS message" \
9530 -S "Next handshake message has been buffered - load"\
Hanno Becker39b8bc92018-08-28 17:17:13 +01009531 -C "Injecting buffered CCS message" \
Hanno Beckerdc1e9502018-08-28 16:02:33 +01009532 -C "Remember CCS message" \
Hanno Becker39b8bc92018-08-28 17:17:13 +01009533 -S "Injecting buffered CCS message" \
Hanno Beckeraa5d0c42018-08-16 13:15:19 +01009534 -S "Remember CCS message"
9535
Hanno Beckera1adcca2018-08-24 14:41:07 +01009536# The client buffers the ServerKeyExchange before receiving the fragmented
9537# Certificate message; at the time of writing, together these are aroudn 1200b
9538# in size, so that the bound below ensures that the certificate can be reassembled
9539# while keeping the ServerKeyExchange.
9540requires_config_value_at_least "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 1300
9541run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling next" \
Hanno Beckere3567052018-08-21 16:50:43 +01009542 -p "$P_PXY delay_srv=Certificate delay_srv=Certificate" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009543 "$P_SRV mtu=512 dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
9544 hs_timeout=2500-60000" \
9545 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
9546 hs_timeout=2500-60000" \
Hanno Beckere3567052018-08-21 16:50:43 +01009547 0 \
9548 -c "Buffering HS message" \
9549 -c "Next handshake message has been buffered - load"\
Hanno Beckera1adcca2018-08-24 14:41:07 +01009550 -C "attempt to make space by freeing buffered messages" \
9551 -S "Buffering HS message" \
9552 -S "Next handshake message has been buffered - load"\
Hanno Becker39b8bc92018-08-28 17:17:13 +01009553 -C "Injecting buffered CCS message" \
Hanno Beckera1adcca2018-08-24 14:41:07 +01009554 -C "Remember CCS message" \
Hanno Becker39b8bc92018-08-28 17:17:13 +01009555 -S "Injecting buffered CCS message" \
Hanno Beckera1adcca2018-08-24 14:41:07 +01009556 -S "Remember CCS message"
9557
9558# The size constraints ensure that the delayed certificate message can't
9559# be reassembled while keeping the ServerKeyExchange message, but it can
9560# when dropping it first.
9561requires_config_value_at_least "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 900
9562requires_config_value_at_most "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 1299
9563run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling next, free buffered msg" \
9564 -p "$P_PXY delay_srv=Certificate delay_srv=Certificate" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009565 "$P_SRV mtu=512 dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
9566 hs_timeout=2500-60000" \
9567 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
9568 hs_timeout=2500-60000" \
Hanno Beckera1adcca2018-08-24 14:41:07 +01009569 0 \
9570 -c "Buffering HS message" \
9571 -c "attempt to make space by freeing buffered future messages" \
9572 -c "Enough space available after freeing buffered HS messages" \
Hanno Beckere3567052018-08-21 16:50:43 +01009573 -S "Buffering HS message" \
9574 -S "Next handshake message has been buffered - load"\
Hanno Becker39b8bc92018-08-28 17:17:13 +01009575 -C "Injecting buffered CCS message" \
Hanno Beckere3567052018-08-21 16:50:43 +01009576 -C "Remember CCS message" \
Hanno Becker39b8bc92018-08-28 17:17:13 +01009577 -S "Injecting buffered CCS message" \
Hanno Beckere3567052018-08-21 16:50:43 +01009578 -S "Remember CCS message"
9579
Hanno Becker56cdfd12018-08-17 13:42:15 +01009580run_test "DTLS reordering: Buffer out-of-order handshake message on server" \
9581 -p "$P_PXY delay_cli=Certificate" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009582 "$P_SRV dgram_packing=0 auth_mode=required cookies=0 dtls=1 debug_level=2 \
9583 hs_timeout=2500-60000" \
9584 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
9585 hs_timeout=2500-60000" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01009586 0 \
9587 -C "Buffering HS message" \
9588 -C "Next handshake message has been buffered - load"\
9589 -s "Buffering HS message" \
9590 -s "Next handshake message has been buffered - load" \
Hanno Becker39b8bc92018-08-28 17:17:13 +01009591 -C "Injecting buffered CCS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01009592 -C "Remember CCS message" \
Hanno Becker39b8bc92018-08-28 17:17:13 +01009593 -S "Injecting buffered CCS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01009594 -S "Remember CCS message"
9595
9596run_test "DTLS reordering: Buffer out-of-order CCS message on client"\
9597 -p "$P_PXY delay_srv=NewSessionTicket" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009598 "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
9599 hs_timeout=2500-60000" \
9600 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
9601 hs_timeout=2500-60000" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01009602 0 \
9603 -C "Buffering HS message" \
9604 -C "Next handshake message has been buffered - load"\
9605 -S "Buffering HS message" \
9606 -S "Next handshake message has been buffered - load" \
Hanno Becker39b8bc92018-08-28 17:17:13 +01009607 -c "Injecting buffered CCS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01009608 -c "Remember CCS message" \
Hanno Becker39b8bc92018-08-28 17:17:13 +01009609 -S "Injecting buffered CCS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01009610 -S "Remember CCS message"
9611
9612run_test "DTLS reordering: Buffer out-of-order CCS message on server"\
9613 -p "$P_PXY delay_cli=ClientKeyExchange" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009614 "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
9615 hs_timeout=2500-60000" \
9616 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
9617 hs_timeout=2500-60000" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01009618 0 \
9619 -C "Buffering HS message" \
9620 -C "Next handshake message has been buffered - load"\
9621 -S "Buffering HS message" \
9622 -S "Next handshake message has been buffered - load" \
Hanno Becker39b8bc92018-08-28 17:17:13 +01009623 -C "Injecting buffered CCS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01009624 -C "Remember CCS message" \
Hanno Becker39b8bc92018-08-28 17:17:13 +01009625 -s "Injecting buffered CCS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01009626 -s "Remember CCS message"
9627
Hanno Beckera1adcca2018-08-24 14:41:07 +01009628run_test "DTLS reordering: Buffer encrypted Finished message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01009629 -p "$P_PXY delay_ccs=1" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009630 "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
9631 hs_timeout=2500-60000" \
9632 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
9633 hs_timeout=2500-60000" \
Hanno Beckerb34149c2018-08-16 15:29:06 +01009634 0 \
9635 -s "Buffer record from epoch 1" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01009636 -s "Found buffered record from current epoch - load" \
9637 -c "Buffer record from epoch 1" \
9638 -c "Found buffered record from current epoch - load"
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02009639
Hanno Beckera1adcca2018-08-24 14:41:07 +01009640# In this test, both the fragmented NewSessionTicket and the ChangeCipherSpec
9641# from the server are delayed, so that the encrypted Finished message
9642# is received and buffered. When the fragmented NewSessionTicket comes
9643# in afterwards, the encrypted Finished message must be freed in order
9644# to make space for the NewSessionTicket to be reassembled.
9645# This works only in very particular circumstances:
9646# - MBEDTLS_SSL_DTLS_MAX_BUFFERING must be large enough to allow buffering
9647# of the NewSessionTicket, but small enough to also allow buffering of
9648# the encrypted Finished message.
9649# - The MTU setting on the server must be so small that the NewSessionTicket
9650# needs to be fragmented.
9651# - All messages sent by the server must be small enough to be either sent
9652# without fragmentation or be reassembled within the bounds of
9653# MBEDTLS_SSL_DTLS_MAX_BUFFERING. Achieve this by testing with a PSK-based
9654# handshake, omitting CRTs.
Manuel Pégourié-Gonnardeef4c752019-05-28 10:21:30 +02009655requires_config_value_at_least "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 190
9656requires_config_value_at_most "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 230
Hanno Beckera1adcca2018-08-24 14:41:07 +01009657run_test "DTLS reordering: Buffer encrypted Finished message, drop for fragmented NewSessionTicket" \
9658 -p "$P_PXY delay_srv=NewSessionTicket delay_srv=NewSessionTicket delay_ccs=1" \
Manuel Pégourié-Gonnardeef4c752019-05-28 10:21:30 +02009659 "$P_SRV mtu=140 response_size=90 dgram_packing=0 psk=abc123 psk_identity=foo cookies=0 dtls=1 debug_level=2" \
Hanno Beckera1adcca2018-08-24 14:41:07 +01009660 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8 psk=abc123 psk_identity=foo" \
9661 0 \
9662 -s "Buffer record from epoch 1" \
9663 -s "Found buffered record from current epoch - load" \
9664 -c "Buffer record from epoch 1" \
9665 -C "Found buffered record from current epoch - load" \
9666 -c "Enough space available after freeing future epoch record"
9667
Manuel Pégourié-Gonnarda0719722014-09-20 12:46:27 +02009668# Tests for "randomly unreliable connection": try a variety of flows and peers
9669
9670client_needs_more_time 2
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02009671run_test "DTLS proxy: 3d (drop, delay, duplicate), \"short\" PSK handshake" \
9672 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009673 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02009674 psk=abc123" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009675 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02009676 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
9677 0 \
9678 -s "Extra-header:" \
9679 -c "HTTP/1.0 200 OK"
9680
Janos Follath74537a62016-09-02 13:45:28 +01009681client_needs_more_time 2
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02009682run_test "DTLS proxy: 3d, \"short\" RSA handshake" \
9683 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009684 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none" \
9685 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 \
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02009686 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
9687 0 \
9688 -s "Extra-header:" \
9689 -c "HTTP/1.0 200 OK"
9690
Janos Follath74537a62016-09-02 13:45:28 +01009691client_needs_more_time 2
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02009692run_test "DTLS proxy: 3d, \"short\" (no ticket, no cli_auth) FS handshake" \
9693 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009694 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none" \
9695 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0" \
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02009696 0 \
9697 -s "Extra-header:" \
9698 -c "HTTP/1.0 200 OK"
9699
Janos Follath74537a62016-09-02 13:45:28 +01009700client_needs_more_time 2
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02009701run_test "DTLS proxy: 3d, FS, client auth" \
9702 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009703 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=required" \
9704 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0" \
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02009705 0 \
9706 -s "Extra-header:" \
9707 -c "HTTP/1.0 200 OK"
9708
Janos Follath74537a62016-09-02 13:45:28 +01009709client_needs_more_time 2
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02009710run_test "DTLS proxy: 3d, FS, ticket" \
9711 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009712 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1 auth_mode=none" \
9713 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1" \
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02009714 0 \
9715 -s "Extra-header:" \
9716 -c "HTTP/1.0 200 OK"
9717
Janos Follath74537a62016-09-02 13:45:28 +01009718client_needs_more_time 2
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02009719run_test "DTLS proxy: 3d, max handshake (FS, ticket + client auth)" \
9720 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009721 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1 auth_mode=required" \
9722 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1" \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02009723 0 \
9724 -s "Extra-header:" \
9725 -c "HTTP/1.0 200 OK"
9726
Janos Follath74537a62016-09-02 13:45:28 +01009727client_needs_more_time 2
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +02009728run_test "DTLS proxy: 3d, max handshake, nbio" \
9729 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009730 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 nbio=2 tickets=1 \
Manuel Pégourié-Gonnard37a4de22014-10-01 16:38:03 +02009731 auth_mode=required" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009732 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 nbio=2 tickets=1" \
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +02009733 0 \
9734 -s "Extra-header:" \
9735 -c "HTTP/1.0 200 OK"
9736
Janos Follath74537a62016-09-02 13:45:28 +01009737client_needs_more_time 4
Manuel Pégourié-Gonnard7a26d732014-10-02 14:50:46 +02009738run_test "DTLS proxy: 3d, min handshake, resumption" \
9739 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009740 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
Manuel Pégourié-Gonnard7a26d732014-10-02 14:50:46 +02009741 psk=abc123 debug_level=3" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009742 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +01009743 debug_level=3 reconnect=1 skip_close_notify=1 read_timeout=1000 max_resend=10 \
Manuel Pégourié-Gonnard7a26d732014-10-02 14:50:46 +02009744 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
9745 0 \
9746 -s "a session has been resumed" \
9747 -c "a session has been resumed" \
9748 -s "Extra-header:" \
9749 -c "HTTP/1.0 200 OK"
9750
Janos Follath74537a62016-09-02 13:45:28 +01009751client_needs_more_time 4
Manuel Pégourié-Gonnard85beb302014-10-02 17:59:19 +02009752run_test "DTLS proxy: 3d, min handshake, resumption, nbio" \
9753 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009754 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
Manuel Pégourié-Gonnard85beb302014-10-02 17:59:19 +02009755 psk=abc123 debug_level=3 nbio=2" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009756 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
Manuel Pégourié-Gonnard56941fe2020-02-17 11:04:33 +01009757 debug_level=3 reconnect=1 skip_close_notify=1 read_timeout=1000 max_resend=10 \
Manuel Pégourié-Gonnard85beb302014-10-02 17:59:19 +02009758 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8 nbio=2" \
9759 0 \
9760 -s "a session has been resumed" \
9761 -c "a session has been resumed" \
9762 -s "Extra-header:" \
9763 -c "HTTP/1.0 200 OK"
9764
Janos Follath74537a62016-09-02 13:45:28 +01009765client_needs_more_time 4
Hanno Becker6a243642017-10-12 15:18:45 +01009766requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +02009767run_test "DTLS proxy: 3d, min handshake, client-initiated renego" \
Manuel Pégourié-Gonnard1b753f12014-09-25 16:09:36 +02009768 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009769 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
Manuel Pégourié-Gonnard37a4de22014-10-01 16:38:03 +02009770 psk=abc123 renegotiation=1 debug_level=2" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009771 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
Manuel Pégourié-Gonnard37a4de22014-10-01 16:38:03 +02009772 renegotiate=1 debug_level=2 \
Manuel Pégourié-Gonnard1b753f12014-09-25 16:09:36 +02009773 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
9774 0 \
9775 -c "=> renegotiate" \
9776 -s "=> renegotiate" \
9777 -s "Extra-header:" \
9778 -c "HTTP/1.0 200 OK"
9779
Janos Follath74537a62016-09-02 13:45:28 +01009780client_needs_more_time 4
Hanno Becker6a243642017-10-12 15:18:45 +01009781requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +02009782run_test "DTLS proxy: 3d, min handshake, client-initiated renego, nbio" \
9783 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009784 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
Manuel Pégourié-Gonnard37a4de22014-10-01 16:38:03 +02009785 psk=abc123 renegotiation=1 debug_level=2" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009786 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
Manuel Pégourié-Gonnard37a4de22014-10-01 16:38:03 +02009787 renegotiate=1 debug_level=2 \
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +02009788 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
9789 0 \
9790 -c "=> renegotiate" \
9791 -s "=> renegotiate" \
9792 -s "Extra-header:" \
9793 -c "HTTP/1.0 200 OK"
9794
Janos Follath74537a62016-09-02 13:45:28 +01009795client_needs_more_time 4
Hanno Becker6a243642017-10-12 15:18:45 +01009796requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnardba958b82014-10-09 16:13:44 +02009797run_test "DTLS proxy: 3d, min handshake, server-initiated renego" \
Manuel Pégourié-Gonnarda6ace042014-10-15 12:44:41 +02009798 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009799 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
Manuel Pégourié-Gonnarda6ace042014-10-15 12:44:41 +02009800 psk=abc123 renegotiate=1 renegotiation=1 exchanges=4 \
Manuel Pégourié-Gonnardba958b82014-10-09 16:13:44 +02009801 debug_level=2" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009802 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
Manuel Pégourié-Gonnarda6ace042014-10-15 12:44:41 +02009803 renegotiation=1 exchanges=4 debug_level=2 \
Manuel Pégourié-Gonnardba958b82014-10-09 16:13:44 +02009804 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
9805 0 \
9806 -c "=> renegotiate" \
9807 -s "=> renegotiate" \
9808 -s "Extra-header:" \
9809 -c "HTTP/1.0 200 OK"
9810
Janos Follath74537a62016-09-02 13:45:28 +01009811client_needs_more_time 4
Hanno Becker6a243642017-10-12 15:18:45 +01009812requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnardba958b82014-10-09 16:13:44 +02009813run_test "DTLS proxy: 3d, min handshake, server-initiated renego, nbio" \
Manuel Pégourié-Gonnarda6ace042014-10-15 12:44:41 +02009814 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009815 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
Manuel Pégourié-Gonnarda6ace042014-10-15 12:44:41 +02009816 psk=abc123 renegotiate=1 renegotiation=1 exchanges=4 \
Manuel Pégourié-Gonnardba958b82014-10-09 16:13:44 +02009817 debug_level=2 nbio=2" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009818 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
Manuel Pégourié-Gonnarda6ace042014-10-15 12:44:41 +02009819 renegotiation=1 exchanges=4 debug_level=2 nbio=2 \
Manuel Pégourié-Gonnardba958b82014-10-09 16:13:44 +02009820 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
9821 0 \
9822 -c "=> renegotiate" \
9823 -s "=> renegotiate" \
9824 -s "Extra-header:" \
9825 -c "HTTP/1.0 200 OK"
9826
Manuel Pégourié-Gonnard82986c12018-09-03 10:50:21 +02009827## Interop tests with OpenSSL might trigger a bug in recent versions (including
9828## all versions installed on the CI machines), reported here:
9829## Bug report: https://github.com/openssl/openssl/issues/6902
9830## They should be re-enabled once a fixed version of OpenSSL is available
9831## (this should happen in some 1.1.1_ release according to the ticket).
9832skip_next_test
Janos Follath74537a62016-09-02 13:45:28 +01009833client_needs_more_time 6
Manuel Pégourié-Gonnardd68434e2015-08-31 12:48:22 +02009834not_with_valgrind # risk of non-mbedtls peer timing out
Manuel Pégourié-Gonnard9590e0a2014-09-26 16:27:59 +02009835run_test "DTLS proxy: 3d, openssl server" \
Manuel Pégourié-Gonnardd0fd1da2014-09-25 17:00:27 +02009836 -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
9837 "$O_SRV -dtls1 -mtu 2048" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009838 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 tickets=0" \
Manuel Pégourié-Gonnardd0fd1da2014-09-25 17:00:27 +02009839 0 \
Manuel Pégourié-Gonnardd0fd1da2014-09-25 17:00:27 +02009840 -c "HTTP/1.0 200 OK"
9841
Manuel Pégourié-Gonnard82986c12018-09-03 10:50:21 +02009842skip_next_test # see above
Janos Follath74537a62016-09-02 13:45:28 +01009843client_needs_more_time 8
Manuel Pégourié-Gonnardd68434e2015-08-31 12:48:22 +02009844not_with_valgrind # risk of non-mbedtls peer timing out
Manuel Pégourié-Gonnard9590e0a2014-09-26 16:27:59 +02009845run_test "DTLS proxy: 3d, openssl server, fragmentation" \
9846 -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
9847 "$O_SRV -dtls1 -mtu 768" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009848 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 tickets=0" \
Manuel Pégourié-Gonnard9590e0a2014-09-26 16:27:59 +02009849 0 \
Manuel Pégourié-Gonnard9590e0a2014-09-26 16:27:59 +02009850 -c "HTTP/1.0 200 OK"
9851
Manuel Pégourié-Gonnard82986c12018-09-03 10:50:21 +02009852skip_next_test # see above
Janos Follath74537a62016-09-02 13:45:28 +01009853client_needs_more_time 8
Manuel Pégourié-Gonnardd68434e2015-08-31 12:48:22 +02009854not_with_valgrind # risk of non-mbedtls peer timing out
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +02009855run_test "DTLS proxy: 3d, openssl server, fragmentation, nbio" \
9856 -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
9857 "$O_SRV -dtls1 -mtu 768" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009858 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 nbio=2 tickets=0" \
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +02009859 0 \
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +02009860 -c "HTTP/1.0 200 OK"
9861
Manuel Pégourié-Gonnard96999962015-02-17 16:02:37 +00009862requires_gnutls
Janos Follath74537a62016-09-02 13:45:28 +01009863client_needs_more_time 6
Manuel Pégourié-Gonnardd68434e2015-08-31 12:48:22 +02009864not_with_valgrind # risk of non-mbedtls peer timing out
Manuel Pégourié-Gonnard9590e0a2014-09-26 16:27:59 +02009865run_test "DTLS proxy: 3d, gnutls server" \
9866 -p "$P_PXY drop=5 delay=5 duplicate=5" \
9867 "$G_SRV -u --mtu 2048 -a" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009868 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000" \
Manuel Pégourié-Gonnard9590e0a2014-09-26 16:27:59 +02009869 0 \
9870 -s "Extra-header:" \
9871 -c "Extra-header:"
9872
k-stachowiak17a38d32019-02-18 15:29:56 +01009873requires_gnutls_next
Janos Follath74537a62016-09-02 13:45:28 +01009874client_needs_more_time 8
Manuel Pégourié-Gonnardd68434e2015-08-31 12:48:22 +02009875not_with_valgrind # risk of non-mbedtls peer timing out
Manuel Pégourié-Gonnard9590e0a2014-09-26 16:27:59 +02009876run_test "DTLS proxy: 3d, gnutls server, fragmentation" \
9877 -p "$P_PXY drop=5 delay=5 duplicate=5" \
k-stachowiak17a38d32019-02-18 15:29:56 +01009878 "$G_NEXT_SRV -u --mtu 512" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009879 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000" \
Manuel Pégourié-Gonnard9590e0a2014-09-26 16:27:59 +02009880 0 \
9881 -s "Extra-header:" \
9882 -c "Extra-header:"
9883
k-stachowiak17a38d32019-02-18 15:29:56 +01009884requires_gnutls_next
Janos Follath74537a62016-09-02 13:45:28 +01009885client_needs_more_time 8
Manuel Pégourié-Gonnardd68434e2015-08-31 12:48:22 +02009886not_with_valgrind # risk of non-mbedtls peer timing out
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +02009887run_test "DTLS proxy: 3d, gnutls server, fragmentation, nbio" \
9888 -p "$P_PXY drop=5 delay=5 duplicate=5" \
k-stachowiak17a38d32019-02-18 15:29:56 +01009889 "$G_NEXT_SRV -u --mtu 512" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04009890 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 nbio=2" \
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +02009891 0 \
9892 -s "Extra-header:" \
9893 -c "Extra-header:"
9894
Ron Eldorf75e2522019-05-14 20:38:49 +03009895requires_config_enabled MBEDTLS_SSL_EXPORT_KEYS
9896run_test "export keys functionality" \
9897 "$P_SRV eap_tls=1 debug_level=3" \
9898 "$P_CLI eap_tls=1 debug_level=3" \
9899 0 \
9900 -s "exported maclen is " \
9901 -s "exported keylen is " \
9902 -s "exported ivlen is " \
9903 -c "exported maclen is " \
9904 -c "exported keylen is " \
Ron Eldor65d8c262019-06-04 13:05:36 +03009905 -c "exported ivlen is " \
9906 -c "EAP-TLS key material is:"\
9907 -s "EAP-TLS key material is:"\
9908 -c "EAP-TLS IV is:" \
9909 -s "EAP-TLS IV is:"
Ron Eldorf75e2522019-05-14 20:38:49 +03009910
Piotr Nowicki0937ed22019-11-26 16:32:40 +01009911# Test heap memory usage after handshake
9912requires_config_enabled MBEDTLS_MEMORY_DEBUG
9913requires_config_enabled MBEDTLS_MEMORY_BUFFER_ALLOC_C
9914requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
9915run_tests_memory_after_hanshake
9916
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01009917# Final report
9918
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +01009919echo "------------------------------------------------------------------------"
9920
9921if [ $FAILS = 0 ]; then
Manuel Pégourié-Gonnardf46f1282014-12-11 11:51:28 +01009922 printf "PASSED"
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +01009923else
Manuel Pégourié-Gonnardf46f1282014-12-11 11:51:28 +01009924 printf "FAILED"
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +01009925fi
Manuel Pégourié-Gonnard72e51ee2014-08-31 10:22:11 +02009926PASSES=$(( $TESTS - $FAILS ))
Manuel Pégourié-Gonnard6f4fbbb2014-08-14 14:31:29 +02009927echo " ($PASSES / $TESTS tests ($SKIPS skipped))"
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +01009928
9929exit $FAILS