blob: 4f010ca34016b8de392b2514a30224f918c6929e [file] [log] [blame]
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +01001#!/bin/sh
2
Simon Butcher58eddef2016-05-19 23:43:11 +01003# ssl-opt.sh
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +01004#
Bence Szépkútia2947ac2020-08-19 16:37:36 +02005# Copyright The Mbed TLS Contributors
Bence Szépkútif744bd72020-06-05 13:02:18 +02006# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
7#
8# This file is provided under the Apache License 2.0, or the
9# GNU General Public License v2.0 or later.
10#
11# **********
12# Apache License 2.0:
Bence Szépkúti51b41d52020-05-26 01:54:15 +020013#
14# Licensed under the Apache License, Version 2.0 (the "License"); you may
15# not use this file except in compliance with the License.
16# You may obtain a copy of the License at
17#
18# http://www.apache.org/licenses/LICENSE-2.0
19#
20# Unless required by applicable law or agreed to in writing, software
21# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
22# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
23# See the License for the specific language governing permissions and
24# limitations under the License.
25#
Bence Szépkútif744bd72020-06-05 13:02:18 +020026# **********
27#
28# **********
29# GNU General Public License v2.0 or later:
30#
31# This program is free software; you can redistribute it and/or modify
32# it under the terms of the GNU General Public License as published by
33# the Free Software Foundation; either version 2 of the License, or
34# (at your option) any later version.
35#
36# This program is distributed in the hope that it will be useful,
37# but WITHOUT ANY WARRANTY; without even the implied warranty of
38# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
39# GNU General Public License for more details.
40#
41# You should have received a copy of the GNU General Public License along
42# with this program; if not, write to the Free Software Foundation, Inc.,
43# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
44#
45# **********
46#
Simon Butcher58eddef2016-05-19 23:43:11 +010047# Purpose
48#
49# Executes tests to prove various TLS/SSL options and extensions.
50#
51# The goal is not to cover every ciphersuite/version, but instead to cover
52# specific options (max fragment length, truncated hmac, etc) or procedures
53# (session resumption from cache or ticket, renego, etc).
54#
55# The tests assume a build with default options, with exceptions expressed
56# with a dependency. The tests focus on functionality and do not consider
57# performance.
58#
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +010059
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +010060set -u
61
Jaeden Ameroa258ccd2019-07-03 13:51:04 +010062# Limit the size of each log to 10 GiB, in case of failures with this script
63# where it may output seemingly unlimited length error logs.
64ulimit -f 20971520
65
Angus Grattonc4dd0732018-04-11 16:28:39 +100066if cd $( dirname $0 ); then :; else
67 echo "cd $( dirname $0 ) failed" >&2
68 exit 1
69fi
70
Antonin Décimod5f47592019-01-23 15:24:37 +010071# default values, can be overridden by the environment
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +010072: ${P_SRV:=../programs/ssl/ssl_server2}
73: ${P_CLI:=../programs/ssl/ssl_client2}
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +020074: ${P_PXY:=../programs/test/udp_proxy}
Manuel Pégourié-Gonnard74faf3c2014-03-13 18:47:44 +010075: ${OPENSSL_CMD:=openssl} # OPENSSL would conflict with the build system
Manuel Pégourié-Gonnardbaa7f072014-08-20 20:15:53 +020076: ${GNUTLS_CLI:=gnutls-cli}
77: ${GNUTLS_SERV:=gnutls-serv}
Gilles Peskined50177f2017-05-16 17:53:03 +020078: ${PERL:=perl}
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +010079
Manuel Pégourié-Gonnardfa60f122014-09-26 16:07:29 +020080O_SRV="$OPENSSL_CMD s_server -www -cert data_files/server5.crt -key data_files/server5.key"
Manuel Pégourié-Gonnard74faf3c2014-03-13 18:47:44 +010081O_CLI="echo 'GET / HTTP/1.0' | $OPENSSL_CMD s_client"
Manuel Pégourié-Gonnardbaa7f072014-08-20 20:15:53 +020082G_SRV="$GNUTLS_SERV --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key"
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +010083G_CLI="echo 'GET / HTTP/1.0' | $GNUTLS_CLI --x509cafile data_files/test-ca_cat12.crt"
Gilles Peskined50177f2017-05-16 17:53:03 +020084TCP_CLIENT="$PERL scripts/tcp_client.pl"
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +010085
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +020086# alternative versions of OpenSSL and GnuTLS (no default path)
87
88if [ -n "${OPENSSL_LEGACY:-}" ]; then
89 O_LEGACY_SRV="$OPENSSL_LEGACY s_server -www -cert data_files/server5.crt -key data_files/server5.key"
90 O_LEGACY_CLI="echo 'GET / HTTP/1.0' | $OPENSSL_LEGACY s_client"
91else
92 O_LEGACY_SRV=false
93 O_LEGACY_CLI=false
94fi
95
Paul Elliott19f1f782021-10-13 18:31:07 +010096if [ -n "${OPENSSL_NEXT:-}" ]; then
97 O_NEXT_SRV="$OPENSSL_NEXT s_server -www -cert data_files/server5.crt -key data_files/server5.key"
98 O_NEXT_CLI="echo 'GET / HTTP/1.0' | $OPENSSL_NEXT s_client"
99else
100 O_NEXT_SRV=false
101 O_NEXT_CLI=false
102fi
103
Hanno Becker58e9dc32018-08-17 15:53:21 +0100104if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +0200105 G_NEXT_SRV="$GNUTLS_NEXT_SERV --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key"
106else
107 G_NEXT_SRV=false
108fi
109
Hanno Becker58e9dc32018-08-17 15:53:21 +0100110if [ -n "${GNUTLS_NEXT_CLI:-}" ]; then
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +0200111 G_NEXT_CLI="echo 'GET / HTTP/1.0' | $GNUTLS_NEXT_CLI --x509cafile data_files/test-ca_cat12.crt"
112else
113 G_NEXT_CLI=false
114fi
115
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +0100116TESTS=0
117FAILS=0
Manuel Pégourié-Gonnard6f4fbbb2014-08-14 14:31:29 +0200118SKIPS=0
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +0100119
Manuel Pégourié-Gonnard7f809972015-03-09 17:05:11 +0000120CONFIG_H='../include/mbedtls/config.h'
Manuel Pégourié-Gonnard83d8c732014-04-07 13:24:21 +0200121
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100122MEMCHECK=0
Manuel Pégourié-Gonnard417d46c2014-03-13 19:17:53 +0100123FILTER='.*'
Manuel Pégourié-Gonnard6f4fbbb2014-08-14 14:31:29 +0200124EXCLUDE='^$'
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100125
Paul Bakkere20310a2016-05-10 11:18:17 +0100126SHOW_TEST_NUMBER=0
Paul Bakkerb7584a52016-05-10 10:50:43 +0100127RUN_TEST_NUMBER=''
128
Paul Bakkeracaac852016-05-10 11:47:13 +0100129PRESERVE_LOGS=0
130
Gilles Peskinef93c7d32017-04-14 17:55:28 +0200131# Pick a "unique" server port in the range 10000-19999, and a proxy
132# port which is this plus 10000. Each port number may be independently
133# overridden by a command line option.
134SRV_PORT=$(($$ % 10000 + 10000))
135PXY_PORT=$((SRV_PORT + 10000))
136
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100137print_usage() {
138 echo "Usage: $0 [options]"
Manuel Pégourié-Gonnardf46f1282014-12-11 11:51:28 +0100139 printf " -h|--help\tPrint this help.\n"
140 printf " -m|--memcheck\tCheck memory leaks and errors.\n"
Gilles Peskineb7bb068b2020-08-26 22:35:46 +0200141 printf " -f|--filter\tOnly matching tests are executed (substring or BRE)\n"
142 printf " -e|--exclude\tMatching tests are excluded (substring or BRE)\n"
Paul Bakkerb7584a52016-05-10 10:50:43 +0100143 printf " -n|--number\tExecute only numbered test (comma-separated, e.g. '245,256')\n"
Paul Bakkere20310a2016-05-10 11:18:17 +0100144 printf " -s|--show-numbers\tShow test numbers in front of test names\n"
Paul Bakkeracaac852016-05-10 11:47:13 +0100145 printf " -p|--preserve-logs\tPreserve logs of successful tests as well\n"
Gilles Peskinef93c7d32017-04-14 17:55:28 +0200146 printf " --port\tTCP/UDP port (default: randomish 1xxxx)\n"
147 printf " --proxy-port\tTCP/UDP proxy port (default: randomish 2xxxx)\n"
Andres AGf04f54d2016-10-10 15:46:20 +0100148 printf " --seed\tInteger seed value to use for this test run\n"
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100149}
150
151get_options() {
152 while [ $# -gt 0 ]; do
153 case "$1" in
Manuel Pégourié-Gonnard417d46c2014-03-13 19:17:53 +0100154 -f|--filter)
155 shift; FILTER=$1
156 ;;
157 -e|--exclude)
158 shift; EXCLUDE=$1
159 ;;
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100160 -m|--memcheck)
161 MEMCHECK=1
162 ;;
Paul Bakkerb7584a52016-05-10 10:50:43 +0100163 -n|--number)
164 shift; RUN_TEST_NUMBER=$1
165 ;;
Paul Bakkere20310a2016-05-10 11:18:17 +0100166 -s|--show-numbers)
167 SHOW_TEST_NUMBER=1
168 ;;
Paul Bakkeracaac852016-05-10 11:47:13 +0100169 -p|--preserve-logs)
170 PRESERVE_LOGS=1
171 ;;
Gilles Peskinef93c7d32017-04-14 17:55:28 +0200172 --port)
173 shift; SRV_PORT=$1
174 ;;
175 --proxy-port)
176 shift; PXY_PORT=$1
177 ;;
Andres AGf04f54d2016-10-10 15:46:20 +0100178 --seed)
179 shift; SEED="$1"
180 ;;
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100181 -h|--help)
182 print_usage
183 exit 0
184 ;;
185 *)
Paul Bakker1ebc0c52014-05-22 15:47:58 +0200186 echo "Unknown argument: '$1'"
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100187 print_usage
188 exit 1
189 ;;
190 esac
191 shift
192 done
193}
194
Gilles Peskine5bf15b62020-08-26 21:53:33 +0200195# Read boolean configuration options from config.h for easy and quick
196# testing. Skip non-boolean options (with something other than spaces
197# and a comment after "#define SYMBOL"). The variable contains a
198# space-separated list of symbols.
199CONFIGS_ENABLED=" $(<"$CONFIG_H" \
200 sed -n 's!^ *#define *\([A-Za-z][0-9A-Z_a-z]*\) *\(/*\)*!\1!p' |
201 tr '\n' ' ')"
202
Hanno Becker3b8b40c2018-08-28 10:25:41 +0100203# Skip next test; use this macro to skip tests which are legitimate
204# in theory and expected to be re-introduced at some point, but
205# aren't expected to succeed at the moment due to problems outside
206# our control (such as bugs in other TLS implementations).
207skip_next_test() {
208 SKIP_NEXT="YES"
209}
210
Manuel Pégourié-Gonnard988209f2015-03-24 10:43:55 +0100211# skip next test if the flag is not enabled in config.h
212requires_config_enabled() {
Gilles Peskine5bf15b62020-08-26 21:53:33 +0200213 case $CONFIGS_ENABLED in
214 *" $1 "*) :;;
215 *) SKIP_NEXT="YES";;
216 esac
Manuel Pégourié-Gonnard988209f2015-03-24 10:43:55 +0100217}
218
Manuel Pégourié-Gonnardaf63c212017-06-08 17:51:08 +0200219# skip next test if the flag is enabled in config.h
220requires_config_disabled() {
Gilles Peskine5bf15b62020-08-26 21:53:33 +0200221 case $CONFIGS_ENABLED in
222 *" $1 "*) SKIP_NEXT="YES";;
223 esac
Manuel Pégourié-Gonnardaf63c212017-06-08 17:51:08 +0200224}
225
Hanno Becker7c48dd12018-08-28 16:09:22 +0100226get_config_value_or_default() {
Andres Amaya Garcia06446782018-10-16 21:29:07 +0100227 # This function uses the query_config command line option to query the
228 # required Mbed TLS compile time configuration from the ssl_server2
229 # program. The command will always return a success value if the
230 # configuration is defined and the value will be printed to stdout.
231 #
232 # Note that if the configuration is not defined or is defined to nothing,
233 # the output of this function will be an empty string.
234 ${P_SRV} "query_config=${1}"
Hanno Becker7c48dd12018-08-28 16:09:22 +0100235}
236
237requires_config_value_at_least() {
Andres Amaya Garcia06446782018-10-16 21:29:07 +0100238 VAL="$( get_config_value_or_default "$1" )"
239 if [ -z "$VAL" ]; then
240 # Should never happen
241 echo "Mbed TLS configuration $1 is not defined"
242 exit 1
243 elif [ "$VAL" -lt "$2" ]; then
Hanno Becker5cd017f2018-08-24 14:40:12 +0100244 SKIP_NEXT="YES"
245 fi
246}
247
248requires_config_value_at_most() {
Hanno Becker7c48dd12018-08-28 16:09:22 +0100249 VAL=$( get_config_value_or_default "$1" )
Andres Amaya Garcia06446782018-10-16 21:29:07 +0100250 if [ -z "$VAL" ]; then
251 # Should never happen
252 echo "Mbed TLS configuration $1 is not defined"
253 exit 1
254 elif [ "$VAL" -gt "$2" ]; then
Hanno Becker5cd017f2018-08-24 14:40:12 +0100255 SKIP_NEXT="YES"
256 fi
257}
258
Yuto Takanobc632c22021-07-02 13:10:41 +0100259requires_config_value_equals() {
260 VAL=$( get_config_value_or_default "$1" )
261 if [ -z "$VAL" ]; then
262 # Should never happen
263 echo "Mbed TLS configuration $1 is not defined"
264 exit 1
265 elif [ "$VAL" -ne "$2" ]; then
266 SKIP_NEXT="YES"
267 fi
268}
269
Manuel Pégourié-Gonnard1cbd39d2014-10-20 13:34:59 +0200270# skip next test if OpenSSL doesn't support FALLBACK_SCSV
271requires_openssl_with_fallback_scsv() {
272 if [ -z "${OPENSSL_HAS_FBSCSV:-}" ]; then
273 if $OPENSSL_CMD s_client -help 2>&1 | grep fallback_scsv >/dev/null
274 then
275 OPENSSL_HAS_FBSCSV="YES"
276 else
277 OPENSSL_HAS_FBSCSV="NO"
278 fi
279 fi
280 if [ "$OPENSSL_HAS_FBSCSV" = "NO" ]; then
281 SKIP_NEXT="YES"
282 fi
283}
284
Yuto Takano0807e1d2021-07-02 10:10:49 +0100285# skip next test if either IN_CONTENT_LEN or MAX_CONTENT_LEN are below a value
286requires_max_content_len() {
287 requires_config_value_at_least "MBEDTLS_SSL_IN_CONTENT_LEN" $1
288 requires_config_value_at_least "MBEDTLS_SSL_OUT_CONTENT_LEN" $1
289}
290
Manuel Pégourié-Gonnardbaa7f072014-08-20 20:15:53 +0200291# skip next test if GnuTLS isn't available
292requires_gnutls() {
293 if [ -z "${GNUTLS_AVAILABLE:-}" ]; then
Manuel Pégourié-Gonnard03db6b02015-06-26 15:45:30 +0200294 if ( which "$GNUTLS_CLI" && which "$GNUTLS_SERV" ) >/dev/null 2>&1; then
Manuel Pégourié-Gonnardbaa7f072014-08-20 20:15:53 +0200295 GNUTLS_AVAILABLE="YES"
296 else
297 GNUTLS_AVAILABLE="NO"
298 fi
299 fi
300 if [ "$GNUTLS_AVAILABLE" = "NO" ]; then
301 SKIP_NEXT="YES"
302 fi
303}
304
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +0200305# skip next test if GnuTLS-next isn't available
306requires_gnutls_next() {
307 if [ -z "${GNUTLS_NEXT_AVAILABLE:-}" ]; then
308 if ( which "${GNUTLS_NEXT_CLI:-}" && which "${GNUTLS_NEXT_SERV:-}" ) >/dev/null 2>&1; then
309 GNUTLS_NEXT_AVAILABLE="YES"
310 else
311 GNUTLS_NEXT_AVAILABLE="NO"
312 fi
313 fi
314 if [ "$GNUTLS_NEXT_AVAILABLE" = "NO" ]; then
315 SKIP_NEXT="YES"
316 fi
317}
318
319# skip next test if OpenSSL-legacy isn't available
320requires_openssl_legacy() {
321 if [ -z "${OPENSSL_LEGACY_AVAILABLE:-}" ]; then
322 if which "${OPENSSL_LEGACY:-}" >/dev/null 2>&1; then
323 OPENSSL_LEGACY_AVAILABLE="YES"
324 else
325 OPENSSL_LEGACY_AVAILABLE="NO"
326 fi
327 fi
328 if [ "$OPENSSL_LEGACY_AVAILABLE" = "NO" ]; then
329 SKIP_NEXT="YES"
330 fi
331}
332
Paul Elliott19f1f782021-10-13 18:31:07 +0100333requires_openssl_next() {
334 if [ -z "${OPENSSL_NEXT_AVAILABLE:-}" ]; then
335 if which "${OPENSSL_NEXT:-}" >/dev/null 2>&1; then
336 OPENSSL_NEXT_AVAILABLE="YES"
337 else
338 OPENSSL_NEXT_AVAILABLE="NO"
339 fi
340 fi
341 if [ "$OPENSSL_NEXT_AVAILABLE" = "NO" ]; then
342 SKIP_NEXT="YES"
343 fi
344}
345
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +0200346# skip next test if IPv6 isn't available on this host
347requires_ipv6() {
348 if [ -z "${HAS_IPV6:-}" ]; then
349 $P_SRV server_addr='::1' > $SRV_OUT 2>&1 &
350 SRV_PID=$!
351 sleep 1
352 kill $SRV_PID >/dev/null 2>&1
353 if grep "NET - Binding of the socket failed" $SRV_OUT >/dev/null; then
354 HAS_IPV6="NO"
355 else
356 HAS_IPV6="YES"
357 fi
358 rm -r $SRV_OUT
359 fi
360
361 if [ "$HAS_IPV6" = "NO" ]; then
362 SKIP_NEXT="YES"
363 fi
364}
365
Andrzej Kurekb4593462018-10-11 08:43:30 -0400366# skip next test if it's i686 or uname is not available
367requires_not_i686() {
368 if [ -z "${IS_I686:-}" ]; then
369 IS_I686="YES"
370 if which "uname" >/dev/null 2>&1; then
371 if [ -z "$(uname -a | grep i686)" ]; then
372 IS_I686="NO"
373 fi
374 fi
375 fi
376 if [ "$IS_I686" = "YES" ]; then
377 SKIP_NEXT="YES"
378 fi
379}
380
Angus Grattonc4dd0732018-04-11 16:28:39 +1000381# Calculate the input & output maximum content lengths set in the config
Yuto Takanobbf657a2021-06-22 07:16:40 +0100382MAX_CONTENT_LEN=$( get_config_value_or_default "MBEDTLS_SSL_MAX_CONTENT_LEN" )
383MAX_IN_LEN=$( get_config_value_or_default "MBEDTLS_SSL_IN_CONTENT_LEN" )
384MAX_OUT_LEN=$( get_config_value_or_default "MBEDTLS_SSL_OUT_CONTENT_LEN" )
Angus Grattonc4dd0732018-04-11 16:28:39 +1000385
Yuto Takano2e580ce2021-06-21 19:43:33 +0100386# Calculate the maximum content length that fits both
Angus Grattonc4dd0732018-04-11 16:28:39 +1000387if [ "$MAX_IN_LEN" -lt "$MAX_CONTENT_LEN" ]; then
388 MAX_CONTENT_LEN="$MAX_IN_LEN"
389fi
390if [ "$MAX_OUT_LEN" -lt "$MAX_CONTENT_LEN" ]; then
391 MAX_CONTENT_LEN="$MAX_OUT_LEN"
392fi
393
394# skip the next test if the SSL output buffer is less than 16KB
395requires_full_size_output_buffer() {
396 if [ "$MAX_OUT_LEN" -ne 16384 ]; then
397 SKIP_NEXT="YES"
398 fi
399}
400
Manuel Pégourié-Gonnard76fe9e42014-09-24 15:17:31 +0200401# skip the next test if valgrind is in use
402not_with_valgrind() {
403 if [ "$MEMCHECK" -gt 0 ]; then
404 SKIP_NEXT="YES"
405 fi
406}
407
Paul Bakker362689d2016-05-13 10:33:25 +0100408# skip the next test if valgrind is NOT in use
409only_with_valgrind() {
410 if [ "$MEMCHECK" -eq 0 ]; then
411 SKIP_NEXT="YES"
412 fi
413}
414
Manuel Pégourié-Gonnarda0719722014-09-20 12:46:27 +0200415# multiply the client timeout delay by the given factor for the next test
Janos Follath74537a62016-09-02 13:45:28 +0100416client_needs_more_time() {
Manuel Pégourié-Gonnarda0719722014-09-20 12:46:27 +0200417 CLI_DELAY_FACTOR=$1
418}
419
Janos Follath74537a62016-09-02 13:45:28 +0100420# wait for the given seconds after the client finished in the next test
421server_needs_more_time() {
422 SRV_DELAY_SECONDS=$1
423}
424
Manuel Pégourié-Gonnardf8bdbb52014-02-21 09:20:14 +0100425# print_name <name>
426print_name() {
Paul Bakkere20310a2016-05-10 11:18:17 +0100427 TESTS=$(( $TESTS + 1 ))
428 LINE=""
429
430 if [ "$SHOW_TEST_NUMBER" -gt 0 ]; then
431 LINE="$TESTS "
432 fi
433
434 LINE="$LINE$1"
Gilles Peskineffdcadf2020-08-26 20:05:11 +0200435 printf "%s " "$LINE"
Paul Bakkere20310a2016-05-10 11:18:17 +0100436 LEN=$(( 72 - `echo "$LINE" | wc -c` ))
Manuel Pégourié-Gonnardf46f1282014-12-11 11:51:28 +0100437 for i in `seq 1 $LEN`; do printf '.'; done
438 printf ' '
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +0100439
Manuel Pégourié-Gonnardf8bdbb52014-02-21 09:20:14 +0100440}
441
442# fail <message>
443fail() {
444 echo "FAIL"
Manuel Pégourié-Gonnard3eec6042014-02-27 15:37:24 +0100445 echo " ! $1"
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +0100446
Manuel Pégourié-Gonnardc2b00922014-08-31 16:46:04 +0200447 mv $SRV_OUT o-srv-${TESTS}.log
448 mv $CLI_OUT o-cli-${TESTS}.log
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200449 if [ -n "$PXY_CMD" ]; then
450 mv $PXY_OUT o-pxy-${TESTS}.log
451 fi
452 echo " ! outputs saved to o-XXX-${TESTS}.log"
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +0100453
Manuel Pégourié-Gonnarde63fc6d2020-06-08 11:49:05 +0200454 if [ "${LOG_FAILURE_ON_STDOUT:-0}" != 0 ]; then
Manuel Pégourié-Gonnard7fa67722014-08-31 17:42:53 +0200455 echo " ! server output:"
456 cat o-srv-${TESTS}.log
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200457 echo " ! ========================================================"
Manuel Pégourié-Gonnard7fa67722014-08-31 17:42:53 +0200458 echo " ! client output:"
459 cat o-cli-${TESTS}.log
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200460 if [ -n "$PXY_CMD" ]; then
461 echo " ! ========================================================"
462 echo " ! proxy output:"
463 cat o-pxy-${TESTS}.log
464 fi
465 echo ""
Manuel Pégourié-Gonnard7fa67722014-08-31 17:42:53 +0200466 fi
467
Manuel Pégourié-Gonnard72e51ee2014-08-31 10:22:11 +0200468 FAILS=$(( $FAILS + 1 ))
Manuel Pégourié-Gonnardf8bdbb52014-02-21 09:20:14 +0100469}
470
Manuel Pégourié-Gonnard677884d2014-02-25 16:42:31 +0100471# is_polar <cmd_line>
472is_polar() {
Gilles Peskine5bf15b62020-08-26 21:53:33 +0200473 case "$1" in
474 *ssl_client2*) true;;
475 *ssl_server2*) true;;
476 *) false;;
477 esac
Manuel Pégourié-Gonnard677884d2014-02-25 16:42:31 +0100478}
479
Manuel Pégourié-Gonnardfa60f122014-09-26 16:07:29 +0200480# openssl s_server doesn't have -www with DTLS
481check_osrv_dtls() {
Gilles Peskine5bf15b62020-08-26 21:53:33 +0200482 case "$SRV_CMD" in
483 *s_server*-dtls*)
484 NEEDS_INPUT=1
485 SRV_CMD="$( echo $SRV_CMD | sed s/-www// )";;
486 *) NEEDS_INPUT=0;;
487 esac
Manuel Pégourié-Gonnardfa60f122014-09-26 16:07:29 +0200488}
489
490# provide input to commands that need it
491provide_input() {
492 if [ $NEEDS_INPUT -eq 0 ]; then
493 return
494 fi
495
496 while true; do
497 echo "HTTP/1.0 200 OK"
498 sleep 1
499 done
500}
501
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100502# has_mem_err <log_file_name>
503has_mem_err() {
504 if ( grep -F 'All heap blocks were freed -- no leaks are possible' "$1" &&
505 grep -F 'ERROR SUMMARY: 0 errors from 0 contexts' "$1" ) > /dev/null
506 then
507 return 1 # false: does not have errors
508 else
509 return 0 # true: has errors
510 fi
511}
512
Unknown43dc0d62019-09-02 10:42:57 -0400513# Wait for process $2 named $3 to be listening on port $1. Print error to $4.
Gilles Peskine418b5362017-12-14 18:58:42 +0100514if type lsof >/dev/null 2>/dev/null; then
Unknown43dc0d62019-09-02 10:42:57 -0400515 wait_app_start() {
Gilles Peskine418b5362017-12-14 18:58:42 +0100516 START_TIME=$(date +%s)
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +0200517 if [ "$DTLS" -eq 1 ]; then
Gilles Peskine418b5362017-12-14 18:58:42 +0100518 proto=UDP
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +0200519 else
Gilles Peskine418b5362017-12-14 18:58:42 +0100520 proto=TCP
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +0200521 fi
Gilles Peskine418b5362017-12-14 18:58:42 +0100522 # Make a tight loop, server normally takes less than 1s to start.
523 while ! lsof -a -n -b -i "$proto:$1" -p "$2" >/dev/null 2>/dev/null; do
524 if [ $(( $(date +%s) - $START_TIME )) -gt $DOG_DELAY ]; then
Unknown43dc0d62019-09-02 10:42:57 -0400525 echo "$3 START TIMEOUT"
526 echo "$3 START TIMEOUT" >> $4
Gilles Peskine418b5362017-12-14 18:58:42 +0100527 break
528 fi
529 # Linux and *BSD support decimal arguments to sleep. On other
530 # OSes this may be a tight loop.
531 sleep 0.1 2>/dev/null || true
532 done
533 }
534else
Unknown43dc0d62019-09-02 10:42:57 -0400535 echo "Warning: lsof not available, wait_app_start = sleep"
536 wait_app_start() {
Manuel Pégourié-Gonnard0c1ec472014-06-20 18:41:11 +0200537 sleep "$START_DELAY"
Gilles Peskine418b5362017-12-14 18:58:42 +0100538 }
539fi
Manuel Pégourié-Gonnard0c1ec472014-06-20 18:41:11 +0200540
Unknown43dc0d62019-09-02 10:42:57 -0400541# Wait for server process $2 to be listening on port $1.
542wait_server_start() {
543 wait_app_start $1 $2 "SERVER" $SRV_OUT
544}
545
546# Wait for proxy process $2 to be listening on port $1.
547wait_proxy_start() {
548 wait_app_start $1 $2 "PROXY" $PXY_OUT
549}
550
Andres Amaya Garciab84c40b2017-09-06 15:44:01 +0100551# Given the client or server debug output, parse the unix timestamp that is
Andres Amaya Garcia3b1bdff2017-09-14 12:41:29 +0100552# included in the first 4 bytes of the random bytes and check that it's within
Andres Amaya Garciab84c40b2017-09-06 15:44:01 +0100553# acceptable bounds
554check_server_hello_time() {
555 # Extract the time from the debug (lvl 3) output of the client
Andres Amaya Garcia67d8da52017-09-15 15:49:24 +0100556 SERVER_HELLO_TIME="$(sed -n 's/.*server hello, current time: //p' < "$1")"
Andres Amaya Garciab84c40b2017-09-06 15:44:01 +0100557 # Get the Unix timestamp for now
558 CUR_TIME=$(date +'%s')
559 THRESHOLD_IN_SECS=300
560
561 # Check if the ServerHello time was printed
562 if [ -z "$SERVER_HELLO_TIME" ]; then
563 return 1
564 fi
565
566 # Check the time in ServerHello is within acceptable bounds
567 if [ $SERVER_HELLO_TIME -lt $(( $CUR_TIME - $THRESHOLD_IN_SECS )) ]; then
568 # The time in ServerHello is at least 5 minutes before now
569 return 1
570 elif [ $SERVER_HELLO_TIME -gt $(( $CUR_TIME + $THRESHOLD_IN_SECS )) ]; then
Andres Amaya Garcia3b1bdff2017-09-14 12:41:29 +0100571 # The time in ServerHello is at least 5 minutes later than now
Andres Amaya Garciab84c40b2017-09-06 15:44:01 +0100572 return 1
573 else
574 return 0
575 fi
576}
577
Manuel Pégourié-Gonnardc0f6a692014-08-30 22:41:47 +0200578# wait for client to terminate and set CLI_EXIT
579# must be called right after starting the client
580wait_client_done() {
581 CLI_PID=$!
582
Manuel Pégourié-Gonnarda0719722014-09-20 12:46:27 +0200583 CLI_DELAY=$(( $DOG_DELAY * $CLI_DELAY_FACTOR ))
584 CLI_DELAY_FACTOR=1
585
Manuel Pégourié-Gonnarda365add2015-08-04 20:57:59 +0200586 ( sleep $CLI_DELAY; echo "===CLIENT_TIMEOUT===" >> $CLI_OUT; kill $CLI_PID ) &
Manuel Pégourié-Gonnarda6189f02014-09-20 13:15:43 +0200587 DOG_PID=$!
Manuel Pégourié-Gonnardc0f6a692014-08-30 22:41:47 +0200588
589 wait $CLI_PID
590 CLI_EXIT=$?
591
Manuel Pégourié-Gonnarda6189f02014-09-20 13:15:43 +0200592 kill $DOG_PID >/dev/null 2>&1
593 wait $DOG_PID
Manuel Pégourié-Gonnardc0f6a692014-08-30 22:41:47 +0200594
595 echo "EXIT: $CLI_EXIT" >> $CLI_OUT
Janos Follath74537a62016-09-02 13:45:28 +0100596
597 sleep $SRV_DELAY_SECONDS
598 SRV_DELAY_SECONDS=0
Manuel Pégourié-Gonnardc0f6a692014-08-30 22:41:47 +0200599}
600
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +0200601# check if the given command uses dtls and sets global variable DTLS
602detect_dtls() {
Gilles Peskine5bf15b62020-08-26 21:53:33 +0200603 case "$1" in
Paul Elliott316a6aa2021-10-12 16:02:55 +0100604 *dtls=1*|*-dtls*|*-u*) DTLS=1;;
Gilles Peskine5bf15b62020-08-26 21:53:33 +0200605 *) DTLS=0;;
606 esac
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +0200607}
608
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200609# Usage: run_test name [-p proxy_cmd] srv_cmd cli_cmd cli_exit [option [...]]
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100610# Options: -s pattern pattern that must be present in server output
611# -c pattern pattern that must be present in client output
Simon Butcher8e004102016-10-14 00:48:33 +0100612# -u pattern lines after pattern must be unique in client output
Andres Amaya Garcia93993de2017-09-06 15:38:07 +0100613# -f call shell function on client output
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100614# -S pattern pattern that must be absent in server output
615# -C pattern pattern that must be absent in client output
Simon Butcher8e004102016-10-14 00:48:33 +0100616# -U pattern lines after pattern must be unique in server output
Andres Amaya Garcia93993de2017-09-06 15:38:07 +0100617# -F call shell function on server output
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100618run_test() {
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +0100619 NAME="$1"
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200620 shift 1
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +0100621
Gilles Peskineb7bb068b2020-08-26 22:35:46 +0200622 if is_excluded "$NAME"; then
Manuel Pégourié-Gonnard74a13782014-10-14 22:34:08 +0200623 SKIP_NEXT="NO"
Manuel Pégourié-Gonnard417d46c2014-03-13 19:17:53 +0100624 return
625 fi
626
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +0100627 print_name "$NAME"
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100628
Paul Bakkerb7584a52016-05-10 10:50:43 +0100629 # Do we only run numbered tests?
Gilles Peskine5bf15b62020-08-26 21:53:33 +0200630 if [ -n "$RUN_TEST_NUMBER" ]; then
631 case ",$RUN_TEST_NUMBER," in
632 *",$TESTS,"*) :;;
633 *) SKIP_NEXT="YES";;
634 esac
Paul Bakkerb7584a52016-05-10 10:50:43 +0100635 fi
636
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200637 # does this test use a proxy?
638 if [ "X$1" = "X-p" ]; then
639 PXY_CMD="$2"
640 shift 2
641 else
642 PXY_CMD=""
643 fi
644
645 # get commands and client output
646 SRV_CMD="$1"
647 CLI_CMD="$2"
648 CLI_EXPECT="$3"
649 shift 3
650
Hanno Becker7a11e722019-05-10 14:38:42 +0100651 # Check if test uses files
Gilles Peskine5bf15b62020-08-26 21:53:33 +0200652 case "$SRV_CMD $CLI_CMD" in
653 *data_files/*)
654 requires_config_enabled MBEDTLS_FS_IO;;
655 esac
Hanno Becker7a11e722019-05-10 14:38:42 +0100656
657 # should we skip?
658 if [ "X$SKIP_NEXT" = "XYES" ]; then
659 SKIP_NEXT="NO"
660 echo "SKIP"
661 SKIPS=$(( $SKIPS + 1 ))
662 return
663 fi
664
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +0200665 # update DTLS variable
666 detect_dtls "$SRV_CMD"
667
Manuel Pégourié-Gonnardfcf6c162020-06-08 11:40:06 +0200668 # if the test uses DTLS but no custom proxy, add a simple proxy
669 # as it provides timing info that's useful to debug failures
Manuel Pégourié-Gonnard581af9f2020-06-25 09:54:46 +0200670 if [ -z "$PXY_CMD" ] && [ "$DTLS" -eq 1 ]; then
Manuel Pégourié-Gonnardfcf6c162020-06-08 11:40:06 +0200671 PXY_CMD="$P_PXY"
Manuel Pégourié-Gonnard7442f842020-07-16 10:19:32 +0200672 case " $SRV_CMD " in
673 *' server_addr=::1 '*)
674 PXY_CMD="$PXY_CMD server_addr=::1 listen_addr=::1";;
675 esac
Manuel Pégourié-Gonnardfcf6c162020-06-08 11:40:06 +0200676 fi
677
Manuel Pégourié-Gonnardbedcb3e2020-06-25 09:52:54 +0200678 # fix client port
679 if [ -n "$PXY_CMD" ]; then
680 CLI_CMD=$( echo "$CLI_CMD" | sed s/+SRV_PORT/$PXY_PORT/g )
681 else
682 CLI_CMD=$( echo "$CLI_CMD" | sed s/+SRV_PORT/$SRV_PORT/g )
683 fi
684
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100685 # prepend valgrind to our commands if active
686 if [ "$MEMCHECK" -gt 0 ]; then
687 if is_polar "$SRV_CMD"; then
688 SRV_CMD="valgrind --leak-check=full $SRV_CMD"
689 fi
690 if is_polar "$CLI_CMD"; then
691 CLI_CMD="valgrind --leak-check=full $CLI_CMD"
692 fi
693 fi
694
Manuel Pégourié-Gonnarda365add2015-08-04 20:57:59 +0200695 TIMES_LEFT=2
696 while [ $TIMES_LEFT -gt 0 ]; do
Manuel Pégourié-Gonnardab5f7b42015-08-04 21:01:37 +0200697 TIMES_LEFT=$(( $TIMES_LEFT - 1 ))
Manuel Pégourié-Gonnarda365add2015-08-04 20:57:59 +0200698
Manuel Pégourié-Gonnardab5f7b42015-08-04 21:01:37 +0200699 # run the commands
700 if [ -n "$PXY_CMD" ]; then
Manuel Pégourié-Gonnarda1919ad2020-07-27 09:45:32 +0200701 printf "# %s\n%s\n" "$NAME" "$PXY_CMD" > $PXY_OUT
Manuel Pégourié-Gonnardab5f7b42015-08-04 21:01:37 +0200702 $PXY_CMD >> $PXY_OUT 2>&1 &
703 PXY_PID=$!
Unknown43dc0d62019-09-02 10:42:57 -0400704 wait_proxy_start "$PXY_PORT" "$PXY_PID"
Manuel Pégourié-Gonnardab5f7b42015-08-04 21:01:37 +0200705 fi
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200706
Manuel Pégourié-Gonnardab5f7b42015-08-04 21:01:37 +0200707 check_osrv_dtls
Gilles Peskineffdcadf2020-08-26 20:05:11 +0200708 printf '# %s\n%s\n' "$NAME" "$SRV_CMD" > $SRV_OUT
Manuel Pégourié-Gonnardab5f7b42015-08-04 21:01:37 +0200709 provide_input | $SRV_CMD >> $SRV_OUT 2>&1 &
710 SRV_PID=$!
Gilles Peskine418b5362017-12-14 18:58:42 +0100711 wait_server_start "$SRV_PORT" "$SRV_PID"
Manuel Pégourié-Gonnardc0f6a692014-08-30 22:41:47 +0200712
Gilles Peskineffdcadf2020-08-26 20:05:11 +0200713 printf '# %s\n%s\n' "$NAME" "$CLI_CMD" > $CLI_OUT
Manuel Pégourié-Gonnardab5f7b42015-08-04 21:01:37 +0200714 eval "$CLI_CMD" >> $CLI_OUT 2>&1 &
715 wait_client_done
Manuel Pégourié-Gonnarde01af4c2014-03-25 14:16:44 +0100716
Hanno Beckercadb5bb2017-05-26 13:56:10 +0100717 sleep 0.05
718
Manuel Pégourié-Gonnardab5f7b42015-08-04 21:01:37 +0200719 # terminate the server (and the proxy)
720 kill $SRV_PID
721 wait $SRV_PID
Gilles Peskine634fe272021-02-02 23:29:03 +0100722 SRV_RET=$?
Hanno Beckerd82d8462017-05-29 21:37:46 +0100723
Manuel Pégourié-Gonnardab5f7b42015-08-04 21:01:37 +0200724 if [ -n "$PXY_CMD" ]; then
725 kill $PXY_PID >/dev/null 2>&1
726 wait $PXY_PID
727 fi
Manuel Pégourié-Gonnard677884d2014-02-25 16:42:31 +0100728
Manuel Pégourié-Gonnardab5f7b42015-08-04 21:01:37 +0200729 # retry only on timeouts
730 if grep '===CLIENT_TIMEOUT===' $CLI_OUT >/dev/null; then
731 printf "RETRY "
732 else
733 TIMES_LEFT=0
734 fi
Manuel Pégourié-Gonnarda365add2015-08-04 20:57:59 +0200735 done
736
Manuel Pégourié-Gonnard677884d2014-02-25 16:42:31 +0100737 # check if the client and server went at least to the handshake stage
Paul Bakker1ebc0c52014-05-22 15:47:58 +0200738 # (useful to avoid tests with only negative assertions and non-zero
Manuel Pégourié-Gonnard677884d2014-02-25 16:42:31 +0100739 # expected client exit to incorrectly succeed in case of catastrophic
740 # failure)
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +0100741 if is_polar "$SRV_CMD"; then
Manuel Pégourié-Gonnardbc3b16c2014-05-28 23:06:50 +0200742 if grep "Performing the SSL/TLS handshake" $SRV_OUT >/dev/null; then :;
Manuel Pégourié-Gonnard677884d2014-02-25 16:42:31 +0100743 else
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +0100744 fail "server or client failed to reach handshake stage"
Manuel Pégourié-Gonnard677884d2014-02-25 16:42:31 +0100745 return
746 fi
747 fi
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +0100748 if is_polar "$CLI_CMD"; then
Manuel Pégourié-Gonnardbc3b16c2014-05-28 23:06:50 +0200749 if grep "Performing the SSL/TLS handshake" $CLI_OUT >/dev/null; then :;
Manuel Pégourié-Gonnard677884d2014-02-25 16:42:31 +0100750 else
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +0100751 fail "server or client failed to reach handshake stage"
Manuel Pégourié-Gonnard677884d2014-02-25 16:42:31 +0100752 return
753 fi
754 fi
755
Gilles Peskine2cf44b62021-02-09 21:01:33 +0100756 # Check server exit code (only for Mbed TLS: GnuTLS and OpenSSL don't
757 # exit with status 0 when interrupted by a signal, and we don't really
758 # care anyway), in case e.g. the server reports a memory leak.
759 if [ $SRV_RET != 0 ] && is_polar "$SRV_CMD"; then
Gilles Peskine634fe272021-02-02 23:29:03 +0100760 fail "Server exited with status $SRV_RET"
Manuel Pégourié-Gonnardf8bdbb52014-02-21 09:20:14 +0100761 return
762 fi
763
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100764 # check client exit code
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +0100765 if [ \( "$CLI_EXPECT" = 0 -a "$CLI_EXIT" != 0 \) -o \
766 \( "$CLI_EXPECT" != 0 -a "$CLI_EXIT" = 0 \) ]
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +0100767 then
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200768 fail "bad client exit code (expected $CLI_EXPECT, got $CLI_EXIT)"
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100769 return
770 fi
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100771
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100772 # check other assertions
Manuel Pégourié-Gonnard480905d2014-08-21 19:38:32 +0200773 # lines beginning with == are added by valgrind, ignore them
Paul Bakker1f650922016-05-13 10:16:46 +0100774 # lines with 'Serious error when reading debug info', are valgrind issues as well
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100775 while [ $# -gt 0 ]
776 do
777 case $1 in
778 "-s")
Paul Bakker1f650922016-05-13 10:16:46 +0100779 if grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then :; else
Simon Butcher8e004102016-10-14 00:48:33 +0100780 fail "pattern '$2' MUST be present in the Server output"
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100781 return
782 fi
783 ;;
784
785 "-c")
Paul Bakker1f650922016-05-13 10:16:46 +0100786 if grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then :; else
Simon Butcher8e004102016-10-14 00:48:33 +0100787 fail "pattern '$2' MUST be present in the Client output"
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100788 return
789 fi
790 ;;
791
792 "-S")
Paul Bakker1f650922016-05-13 10:16:46 +0100793 if grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then
Simon Butcher8e004102016-10-14 00:48:33 +0100794 fail "pattern '$2' MUST NOT be present in the Server output"
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100795 return
796 fi
797 ;;
798
799 "-C")
Paul Bakker1f650922016-05-13 10:16:46 +0100800 if grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null; then
Simon Butcher8e004102016-10-14 00:48:33 +0100801 fail "pattern '$2' MUST NOT be present in the Client output"
802 return
803 fi
804 ;;
805
806 # The filtering in the following two options (-u and -U) do the following
807 # - ignore valgrind output
Antonin Décimod5f47592019-01-23 15:24:37 +0100808 # - filter out everything but lines right after the pattern occurrences
Simon Butcher8e004102016-10-14 00:48:33 +0100809 # - keep one of each non-unique line
810 # - count how many lines remain
811 # A line with '--' will remain in the result from previous outputs, so the number of lines in the result will be 1
812 # if there were no duplicates.
813 "-U")
814 if [ $(grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep -A1 "$2" | grep -v "$2" | sort | uniq -d | wc -l) -gt 1 ]; then
815 fail "lines following pattern '$2' must be unique in Server output"
816 return
817 fi
818 ;;
819
820 "-u")
821 if [ $(grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep -A1 "$2" | grep -v "$2" | sort | uniq -d | wc -l) -gt 1 ]; then
822 fail "lines following pattern '$2' must be unique in Client output"
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100823 return
824 fi
825 ;;
Andres Amaya Garcia93993de2017-09-06 15:38:07 +0100826 "-F")
827 if ! $2 "$SRV_OUT"; then
828 fail "function call to '$2' failed on Server output"
829 return
830 fi
831 ;;
832 "-f")
833 if ! $2 "$CLI_OUT"; then
834 fail "function call to '$2' failed on Client output"
835 return
836 fi
837 ;;
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100838
839 *)
Paul Bakker1ebc0c52014-05-22 15:47:58 +0200840 echo "Unknown test: $1" >&2
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100841 exit 1
842 esac
843 shift 2
844 done
845
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100846 # check valgrind's results
847 if [ "$MEMCHECK" -gt 0 ]; then
Manuel Pégourié-Gonnardbc3b16c2014-05-28 23:06:50 +0200848 if is_polar "$SRV_CMD" && has_mem_err $SRV_OUT; then
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100849 fail "Server has memory errors"
850 return
851 fi
Manuel Pégourié-Gonnardbc3b16c2014-05-28 23:06:50 +0200852 if is_polar "$CLI_CMD" && has_mem_err $CLI_OUT; then
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +0100853 fail "Client has memory errors"
854 return
855 fi
856 fi
857
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100858 # if we're here, everything is ok
859 echo "PASS"
Paul Bakkeracaac852016-05-10 11:47:13 +0100860 if [ "$PRESERVE_LOGS" -gt 0 ]; then
861 mv $SRV_OUT o-srv-${TESTS}.log
862 mv $CLI_OUT o-cli-${TESTS}.log
Hanno Becker7be2e5b2018-08-20 12:21:35 +0100863 if [ -n "$PXY_CMD" ]; then
864 mv $PXY_OUT o-pxy-${TESTS}.log
865 fi
Paul Bakkeracaac852016-05-10 11:47:13 +0100866 fi
867
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200868 rm -f $SRV_OUT $CLI_OUT $PXY_OUT
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +0100869}
870
Manuel Pégourié-Gonnarda9062e92014-02-25 16:21:22 +0100871cleanup() {
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200872 rm -f $CLI_OUT $SRV_OUT $PXY_OUT $SESSION
Manuel Pégourié-Gonnarda6189f02014-09-20 13:15:43 +0200873 test -n "${SRV_PID:-}" && kill $SRV_PID >/dev/null 2>&1
874 test -n "${PXY_PID:-}" && kill $PXY_PID >/dev/null 2>&1
875 test -n "${CLI_PID:-}" && kill $CLI_PID >/dev/null 2>&1
876 test -n "${DOG_PID:-}" && kill $DOG_PID >/dev/null 2>&1
Manuel Pégourié-Gonnarda9062e92014-02-25 16:21:22 +0100877 exit 1
878}
879
Manuel Pégourié-Gonnard9dea8bd2014-02-26 18:21:02 +0100880#
881# MAIN
882#
883
Manuel Pégourié-Gonnard913030c2014-03-28 10:12:38 +0100884get_options "$@"
885
Gilles Peskineb7bb068b2020-08-26 22:35:46 +0200886# Optimize filters: if $FILTER and $EXCLUDE can be expressed as shell
887# patterns rather than regular expressions, use a case statement instead
888# of calling grep. To keep the optimizer simple, it is incomplete and only
889# detects simple cases: plain substring, everything, nothing.
890#
891# As an exception, the character '.' is treated as an ordinary character
892# if it is the only special character in the string. This is because it's
893# rare to need "any one character", but needing a literal '.' is common
894# (e.g. '-f "DTLS 1.2"').
895need_grep=
896case "$FILTER" in
897 '^$') simple_filter=;;
898 '.*') simple_filter='*';;
Gilles Peskinec5714bb2020-09-29 23:48:39 +0200899 *[][$+*?\\^{\|}]*) # Regexp special characters (other than .), we need grep
Gilles Peskineb7bb068b2020-08-26 22:35:46 +0200900 need_grep=1;;
901 *) # No regexp or shell-pattern special character
902 simple_filter="*$FILTER*";;
903esac
904case "$EXCLUDE" in
905 '^$') simple_exclude=;;
906 '.*') simple_exclude='*';;
Gilles Peskinec5714bb2020-09-29 23:48:39 +0200907 *[][$+*?\\^{\|}]*) # Regexp special characters (other than .), we need grep
Gilles Peskineb7bb068b2020-08-26 22:35:46 +0200908 need_grep=1;;
909 *) # No regexp or shell-pattern special character
910 simple_exclude="*$EXCLUDE*";;
911esac
912if [ -n "$need_grep" ]; then
913 is_excluded () {
914 ! echo "$1" | grep "$FILTER" | grep -q -v "$EXCLUDE"
915 }
916else
917 is_excluded () {
918 case "$1" in
919 $simple_exclude) true;;
920 $simple_filter) false;;
921 *) true;;
922 esac
923 }
924fi
925
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +0100926# sanity checks, avoid an avalanche of errors
Hanno Becker4ac73e72017-10-23 15:27:37 +0100927P_SRV_BIN="${P_SRV%%[ ]*}"
928P_CLI_BIN="${P_CLI%%[ ]*}"
929P_PXY_BIN="${P_PXY%%[ ]*}"
Hanno Becker17c04932017-10-10 14:44:53 +0100930if [ ! -x "$P_SRV_BIN" ]; then
931 echo "Command '$P_SRV_BIN' is not an executable file"
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +0100932 exit 1
933fi
Hanno Becker17c04932017-10-10 14:44:53 +0100934if [ ! -x "$P_CLI_BIN" ]; then
935 echo "Command '$P_CLI_BIN' is not an executable file"
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +0100936 exit 1
937fi
Hanno Becker17c04932017-10-10 14:44:53 +0100938if [ ! -x "$P_PXY_BIN" ]; then
939 echo "Command '$P_PXY_BIN' is not an executable file"
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200940 exit 1
941fi
Simon Butcher3c0d7b82016-05-23 11:13:17 +0100942if [ "$MEMCHECK" -gt 0 ]; then
943 if which valgrind >/dev/null 2>&1; then :; else
944 echo "Memcheck not possible. Valgrind not found"
945 exit 1
946 fi
947fi
Manuel Pégourié-Gonnard74faf3c2014-03-13 18:47:44 +0100948if which $OPENSSL_CMD >/dev/null 2>&1; then :; else
949 echo "Command '$OPENSSL_CMD' not found"
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +0100950 exit 1
951fi
952
Manuel Pégourié-Gonnard32f8f4d2014-05-29 11:31:20 +0200953# used by watchdog
954MAIN_PID="$$"
955
Manuel Pégourié-Gonnard0d225da2018-01-22 10:22:09 +0100956# We use somewhat arbitrary delays for tests:
957# - how long do we wait for the server to start (when lsof not available)?
958# - how long do we allow for the client to finish?
959# (not to check performance, just to avoid waiting indefinitely)
960# Things are slower with valgrind, so give extra time here.
961#
962# Note: without lsof, there is a trade-off between the running time of this
963# script and the risk of spurious errors because we didn't wait long enough.
964# The watchdog delay on the other hand doesn't affect normal running time of
965# the script, only the case where a client or server gets stuck.
Manuel Pégourié-Gonnard0c1ec472014-06-20 18:41:11 +0200966if [ "$MEMCHECK" -gt 0 ]; then
Manuel Pégourié-Gonnard0d225da2018-01-22 10:22:09 +0100967 START_DELAY=6
968 DOG_DELAY=60
Manuel Pégourié-Gonnard0c1ec472014-06-20 18:41:11 +0200969else
Manuel Pégourié-Gonnard0d225da2018-01-22 10:22:09 +0100970 START_DELAY=2
971 DOG_DELAY=20
Manuel Pégourié-Gonnard0c1ec472014-06-20 18:41:11 +0200972fi
Manuel Pégourié-Gonnard0d225da2018-01-22 10:22:09 +0100973
974# some particular tests need more time:
975# - for the client, we multiply the usual watchdog limit by a factor
976# - for the server, we sleep for a number of seconds after the client exits
977# see client_need_more_time() and server_needs_more_time()
Manuel Pégourié-Gonnarda0719722014-09-20 12:46:27 +0200978CLI_DELAY_FACTOR=1
Janos Follath74537a62016-09-02 13:45:28 +0100979SRV_DELAY_SECONDS=0
Manuel Pégourié-Gonnard0c1ec472014-06-20 18:41:11 +0200980
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +0200981# fix commands to use this port, force IPv4 while at it
Manuel Pégourié-Gonnard0af1ba32015-01-21 11:44:33 +0000982# +SRV_PORT will be replaced by either $SRV_PORT or $PXY_PORT later
Paul Elliott0ab79412021-10-12 16:10:37 +0100983# Note: Using 'localhost' rather than 127.0.0.1 here is unwise, as on many
984# machines that will resolve to ::1, and we don't want ipv6 here.
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200985P_SRV="$P_SRV server_addr=127.0.0.1 server_port=$SRV_PORT"
986P_CLI="$P_CLI server_addr=127.0.0.1 server_port=+SRV_PORT"
Andres AGf04f54d2016-10-10 15:46:20 +0100987P_PXY="$P_PXY server_addr=127.0.0.1 server_port=$SRV_PORT listen_addr=127.0.0.1 listen_port=$PXY_PORT ${SEED:+"seed=$SEED"}"
Gilles Peskine63a2b912021-04-01 14:00:11 +0200988O_SRV="$O_SRV -accept $SRV_PORT"
Paul Elliott0ab79412021-10-12 16:10:37 +0100989O_CLI="$O_CLI -connect 127.0.0.1:+SRV_PORT"
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +0200990G_SRV="$G_SRV -p $SRV_PORT"
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +0200991G_CLI="$G_CLI -p +SRV_PORT"
Manuel Pégourié-Gonnard8066b812014-05-28 22:59:30 +0200992
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +0200993if [ -n "${OPENSSL_LEGACY:-}" ]; then
994 O_LEGACY_SRV="$O_LEGACY_SRV -accept $SRV_PORT -dhparam data_files/dhparams.pem"
Paul Elliott0ab79412021-10-12 16:10:37 +0100995 O_LEGACY_CLI="$O_LEGACY_CLI -connect 127.0.0.1:+SRV_PORT"
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +0200996fi
997
Paul Elliott19f1f782021-10-13 18:31:07 +0100998if [ -n "${OPENSSL_NEXT:-}" ]; then
999 O_NEXT_SRV="$O_NEXT_SRV -accept $SRV_PORT"
Paul Elliott0ab79412021-10-12 16:10:37 +01001000 O_NEXT_CLI="$O_NEXT_CLI -connect 127.0.0.1:+SRV_PORT"
Paul Elliott19f1f782021-10-13 18:31:07 +01001001fi
1002
Hanno Becker58e9dc32018-08-17 15:53:21 +01001003if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02001004 G_NEXT_SRV="$G_NEXT_SRV -p $SRV_PORT"
1005fi
1006
Hanno Becker58e9dc32018-08-17 15:53:21 +01001007if [ -n "${GNUTLS_NEXT_CLI:-}" ]; then
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02001008 G_NEXT_CLI="$G_NEXT_CLI -p +SRV_PORT"
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02001009fi
Manuel Pégourié-Gonnardc1da6642014-02-25 14:18:30 +01001010
Gilles Peskine62469d92017-05-10 10:13:59 +02001011# Allow SHA-1, because many of our test certificates use it
1012P_SRV="$P_SRV allow_sha1=1"
1013P_CLI="$P_CLI allow_sha1=1"
1014
Manuel Pégourié-Gonnardbc3b16c2014-05-28 23:06:50 +02001015# Also pick a unique name for intermediate files
1016SRV_OUT="srv_out.$$"
1017CLI_OUT="cli_out.$$"
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +02001018PXY_OUT="pxy_out.$$"
Manuel Pégourié-Gonnardbc3b16c2014-05-28 23:06:50 +02001019SESSION="session.$$"
1020
Manuel Pégourié-Gonnard6f4fbbb2014-08-14 14:31:29 +02001021SKIP_NEXT="NO"
1022
Manuel Pégourié-Gonnardc1da6642014-02-25 14:18:30 +01001023trap cleanup INT TERM HUP
1024
Manuel Pégourié-Gonnarde73b2632014-07-12 04:00:00 +02001025# Basic test
1026
Manuel Pégourié-Gonnard480905d2014-08-21 19:38:32 +02001027# Checks that:
1028# - things work with all ciphersuites active (used with config-full in all.sh)
1029# - the expected (highest security) parameters are selected
1030# ("signature_algorithm ext: 6" means SHA-512 (highest common hash))
Manuel Pégourié-Gonnarde73b2632014-07-12 04:00:00 +02001031run_test "Default" \
Manuel Pégourié-Gonnard480905d2014-08-21 19:38:32 +02001032 "$P_SRV debug_level=3" \
Manuel Pégourié-Gonnarde73b2632014-07-12 04:00:00 +02001033 "$P_CLI" \
1034 0 \
Manuel Pégourié-Gonnard480905d2014-08-21 19:38:32 +02001035 -s "Protocol is TLSv1.2" \
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +02001036 -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256" \
Manuel Pégourié-Gonnard480905d2014-08-21 19:38:32 +02001037 -s "client hello v3, signature_algorithm ext: 6" \
1038 -s "ECDHE curve: secp521r1" \
1039 -S "error" \
1040 -C "error"
Manuel Pégourié-Gonnarde73b2632014-07-12 04:00:00 +02001041
Manuel Pégourié-Gonnard3bb08012015-01-22 13:34:21 +00001042run_test "Default, DTLS" \
1043 "$P_SRV dtls=1" \
1044 "$P_CLI dtls=1" \
1045 0 \
1046 -s "Protocol is DTLSv1.2" \
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +02001047 -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256"
Manuel Pégourié-Gonnard3bb08012015-01-22 13:34:21 +00001048
Manuel Pégourié-Gonnard95a17fb2020-01-02 11:58:00 +01001049requires_config_enabled MBEDTLS_ZLIB_SUPPORT
1050run_test "Default (compression enabled)" \
1051 "$P_SRV debug_level=3" \
1052 "$P_CLI debug_level=3" \
1053 0 \
1054 -s "Allocating compression buffer" \
1055 -c "Allocating compression buffer" \
1056 -s "Record expansion is unknown (compression)" \
1057 -c "Record expansion is unknown (compression)" \
1058 -S "error" \
1059 -C "error"
1060
Andres Amaya Garciab84c40b2017-09-06 15:44:01 +01001061# Test current time in ServerHello
1062requires_config_enabled MBEDTLS_HAVE_TIME
Manuel Pégourié-Gonnardce66d5e2018-06-14 11:11:15 +02001063run_test "ServerHello contains gmt_unix_time" \
Andres Amaya Garciab84c40b2017-09-06 15:44:01 +01001064 "$P_SRV debug_level=3" \
1065 "$P_CLI debug_level=3" \
1066 0 \
Andres Amaya Garciab84c40b2017-09-06 15:44:01 +01001067 -f "check_server_hello_time" \
1068 -F "check_server_hello_time"
1069
Simon Butcher8e004102016-10-14 00:48:33 +01001070# Test for uniqueness of IVs in AEAD ciphersuites
1071run_test "Unique IV in GCM" \
1072 "$P_SRV exchanges=20 debug_level=4" \
1073 "$P_CLI exchanges=20 debug_level=4 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \
1074 0 \
1075 -u "IV used" \
1076 -U "IV used"
1077
Manuel Pégourié-Gonnardbd47a582015-01-12 13:43:29 +01001078# Tests for rc4 option
1079
Simon Butchera410af52016-05-19 22:12:18 +01001080requires_config_enabled MBEDTLS_REMOVE_ARC4_CIPHERSUITES
Manuel Pégourié-Gonnardbd47a582015-01-12 13:43:29 +01001081run_test "RC4: server disabled, client enabled" \
1082 "$P_SRV" \
1083 "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
1084 1 \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01001085 -s "SSL - The server has no ciphersuites in common"
1086
Simon Butchera410af52016-05-19 22:12:18 +01001087requires_config_enabled MBEDTLS_REMOVE_ARC4_CIPHERSUITES
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01001088run_test "RC4: server half, client enabled" \
1089 "$P_SRV arc4=1" \
1090 "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
1091 1 \
1092 -s "SSL - The server has no ciphersuites in common"
Manuel Pégourié-Gonnardbd47a582015-01-12 13:43:29 +01001093
1094run_test "RC4: server enabled, client disabled" \
1095 "$P_SRV force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
1096 "$P_CLI" \
1097 1 \
1098 -s "SSL - The server has no ciphersuites in common"
1099
1100run_test "RC4: both enabled" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01001101 "$P_SRV force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnardbd47a582015-01-12 13:43:29 +01001102 "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
1103 0 \
Manuel Pégourié-Gonnard51d81662015-01-14 17:20:46 +01001104 -S "SSL - None of the common ciphersuites is usable" \
Manuel Pégourié-Gonnardbd47a582015-01-12 13:43:29 +01001105 -S "SSL - The server has no ciphersuites in common"
1106
Hanno Beckerd26bb202018-08-17 09:54:10 +01001107# Test empty CA list in CertificateRequest in TLS 1.1 and earlier
1108
1109requires_gnutls
1110requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
1111run_test "CertificateRequest with empty CA list, TLS 1.1 (GnuTLS server)" \
1112 "$G_SRV"\
1113 "$P_CLI force_version=tls1_1" \
1114 0
1115
1116requires_gnutls
1117requires_config_enabled MBEDTLS_SSL_PROTO_TLS1
1118run_test "CertificateRequest with empty CA list, TLS 1.0 (GnuTLS server)" \
1119 "$G_SRV"\
1120 "$P_CLI force_version=tls1" \
1121 0
1122
Gilles Peskinebc70a182017-05-09 15:59:24 +02001123# Tests for SHA-1 support
1124
Manuel Pégourié-Gonnardaf63c212017-06-08 17:51:08 +02001125requires_config_disabled MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
Gilles Peskinebc70a182017-05-09 15:59:24 +02001126run_test "SHA-1 forbidden by default in server certificate" \
1127 "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt" \
1128 "$P_CLI debug_level=2 allow_sha1=0" \
1129 1 \
1130 -c "The certificate is signed with an unacceptable hash"
1131
Manuel Pégourié-Gonnardaf63c212017-06-08 17:51:08 +02001132requires_config_enabled MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
1133run_test "SHA-1 forbidden by default in server certificate" \
1134 "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt" \
1135 "$P_CLI debug_level=2 allow_sha1=0" \
1136 0
1137
Gilles Peskinebc70a182017-05-09 15:59:24 +02001138run_test "SHA-1 explicitly allowed in server certificate" \
1139 "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt" \
1140 "$P_CLI allow_sha1=1" \
1141 0
1142
1143run_test "SHA-256 allowed by default in server certificate" \
1144 "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2-sha256.crt" \
1145 "$P_CLI allow_sha1=0" \
1146 0
1147
Manuel Pégourié-Gonnardaf63c212017-06-08 17:51:08 +02001148requires_config_disabled MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
Gilles Peskinebc70a182017-05-09 15:59:24 +02001149run_test "SHA-1 forbidden by default in client certificate" \
1150 "$P_SRV auth_mode=required allow_sha1=0" \
1151 "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha1.crt" \
1152 1 \
1153 -s "The certificate is signed with an unacceptable hash"
1154
Manuel Pégourié-Gonnardaf63c212017-06-08 17:51:08 +02001155requires_config_enabled MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
1156run_test "SHA-1 forbidden by default in client certificate" \
1157 "$P_SRV auth_mode=required allow_sha1=0" \
1158 "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha1.crt" \
1159 0
1160
Gilles Peskinebc70a182017-05-09 15:59:24 +02001161run_test "SHA-1 explicitly allowed in client certificate" \
1162 "$P_SRV auth_mode=required allow_sha1=1" \
1163 "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha1.crt" \
1164 0
1165
1166run_test "SHA-256 allowed by default in client certificate" \
1167 "$P_SRV auth_mode=required allow_sha1=0" \
1168 "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha256.crt" \
1169 0
1170
Hanno Becker7ae8a762018-08-14 15:43:35 +01001171# Tests for datagram packing
1172run_test "DTLS: multiple records in same datagram, client and server" \
1173 "$P_SRV dtls=1 dgram_packing=1 debug_level=2" \
1174 "$P_CLI dtls=1 dgram_packing=1 debug_level=2" \
1175 0 \
1176 -c "next record in same datagram" \
1177 -s "next record in same datagram"
1178
1179run_test "DTLS: multiple records in same datagram, client only" \
1180 "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \
1181 "$P_CLI dtls=1 dgram_packing=1 debug_level=2" \
1182 0 \
1183 -s "next record in same datagram" \
1184 -C "next record in same datagram"
1185
1186run_test "DTLS: multiple records in same datagram, server only" \
1187 "$P_SRV dtls=1 dgram_packing=1 debug_level=2" \
1188 "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \
1189 0 \
1190 -S "next record in same datagram" \
1191 -c "next record in same datagram"
1192
1193run_test "DTLS: multiple records in same datagram, neither client nor server" \
1194 "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \
1195 "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \
1196 0 \
1197 -S "next record in same datagram" \
1198 -C "next record in same datagram"
1199
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01001200# Tests for Truncated HMAC extension
1201
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001202run_test "Truncated HMAC: client default, server default" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02001203 "$P_SRV debug_level=4" \
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001204 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01001205 0 \
Hanno Becker992b6872017-11-09 18:57:39 +00001206 -s "dumping 'expected mac' (20 bytes)" \
1207 -S "dumping 'expected mac' (10 bytes)"
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01001208
Hanno Becker32c55012017-11-10 08:42:54 +00001209requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001210run_test "Truncated HMAC: client disabled, server default" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02001211 "$P_SRV debug_level=4" \
Hanno Becker909f9a32017-11-21 17:10:12 +00001212 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=0" \
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +01001213 0 \
Hanno Becker992b6872017-11-09 18:57:39 +00001214 -s "dumping 'expected mac' (20 bytes)" \
1215 -S "dumping 'expected mac' (10 bytes)"
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001216
Hanno Becker32c55012017-11-10 08:42:54 +00001217requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001218run_test "Truncated HMAC: client enabled, server default" \
1219 "$P_SRV debug_level=4" \
Hanno Becker909f9a32017-11-21 17:10:12 +00001220 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001221 0 \
Hanno Becker992b6872017-11-09 18:57:39 +00001222 -s "dumping 'expected mac' (20 bytes)" \
1223 -S "dumping 'expected mac' (10 bytes)"
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001224
Hanno Becker32c55012017-11-10 08:42:54 +00001225requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001226run_test "Truncated HMAC: client enabled, server disabled" \
1227 "$P_SRV debug_level=4 trunc_hmac=0" \
Hanno Becker909f9a32017-11-21 17:10:12 +00001228 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001229 0 \
Hanno Becker992b6872017-11-09 18:57:39 +00001230 -s "dumping 'expected mac' (20 bytes)" \
1231 -S "dumping 'expected mac' (10 bytes)"
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001232
Hanno Becker32c55012017-11-10 08:42:54 +00001233requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Hanno Becker34d0c3f2017-11-17 15:46:24 +00001234run_test "Truncated HMAC: client disabled, server enabled" \
1235 "$P_SRV debug_level=4 trunc_hmac=1" \
Hanno Becker909f9a32017-11-21 17:10:12 +00001236 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=0" \
Hanno Becker34d0c3f2017-11-17 15:46:24 +00001237 0 \
1238 -s "dumping 'expected mac' (20 bytes)" \
1239 -S "dumping 'expected mac' (10 bytes)"
1240
1241requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001242run_test "Truncated HMAC: client enabled, server enabled" \
1243 "$P_SRV debug_level=4 trunc_hmac=1" \
Hanno Becker909f9a32017-11-21 17:10:12 +00001244 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnarde117a8f2015-01-09 12:39:35 +01001245 0 \
Hanno Becker992b6872017-11-09 18:57:39 +00001246 -S "dumping 'expected mac' (20 bytes)" \
1247 -s "dumping 'expected mac' (10 bytes)"
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +01001248
Hanno Becker4c4f4102017-11-10 09:16:05 +00001249run_test "Truncated HMAC, DTLS: client default, server default" \
1250 "$P_SRV dtls=1 debug_level=4" \
1251 "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
1252 0 \
1253 -s "dumping 'expected mac' (20 bytes)" \
1254 -S "dumping 'expected mac' (10 bytes)"
1255
1256requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
1257run_test "Truncated HMAC, DTLS: client disabled, server default" \
1258 "$P_SRV dtls=1 debug_level=4" \
Hanno Becker909f9a32017-11-21 17:10:12 +00001259 "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=0" \
Hanno Becker4c4f4102017-11-10 09:16:05 +00001260 0 \
1261 -s "dumping 'expected mac' (20 bytes)" \
1262 -S "dumping 'expected mac' (10 bytes)"
1263
1264requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
1265run_test "Truncated HMAC, DTLS: client enabled, server default" \
1266 "$P_SRV dtls=1 debug_level=4" \
Hanno Becker909f9a32017-11-21 17:10:12 +00001267 "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \
Hanno Becker4c4f4102017-11-10 09:16:05 +00001268 0 \
1269 -s "dumping 'expected mac' (20 bytes)" \
1270 -S "dumping 'expected mac' (10 bytes)"
1271
1272requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
1273run_test "Truncated HMAC, DTLS: client enabled, server disabled" \
1274 "$P_SRV dtls=1 debug_level=4 trunc_hmac=0" \
Hanno Becker909f9a32017-11-21 17:10:12 +00001275 "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \
Hanno Becker4c4f4102017-11-10 09:16:05 +00001276 0 \
1277 -s "dumping 'expected mac' (20 bytes)" \
1278 -S "dumping 'expected mac' (10 bytes)"
1279
1280requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
1281run_test "Truncated HMAC, DTLS: client disabled, server enabled" \
1282 "$P_SRV dtls=1 debug_level=4 trunc_hmac=1" \
Hanno Becker909f9a32017-11-21 17:10:12 +00001283 "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=0" \
Hanno Becker4c4f4102017-11-10 09:16:05 +00001284 0 \
1285 -s "dumping 'expected mac' (20 bytes)" \
1286 -S "dumping 'expected mac' (10 bytes)"
1287
1288requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
1289run_test "Truncated HMAC, DTLS: client enabled, server enabled" \
1290 "$P_SRV dtls=1 debug_level=4 trunc_hmac=1" \
Hanno Becker909f9a32017-11-21 17:10:12 +00001291 "$P_CLI dtls=1 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnardeaadc502014-02-20 11:01:30 +01001292 0 \
1293 -S "dumping 'expected mac' (20 bytes)" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +01001294 -s "dumping 'expected mac' (10 bytes)"
1295
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01001296# Tests for Encrypt-then-MAC extension
1297
1298run_test "Encrypt then MAC: default" \
Manuel Pégourié-Gonnard0098e7d2014-10-28 13:08:59 +01001299 "$P_SRV debug_level=3 \
1300 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01001301 "$P_CLI debug_level=3" \
1302 0 \
1303 -c "client hello, adding encrypt_then_mac extension" \
1304 -s "found encrypt then mac extension" \
1305 -s "server hello, adding encrypt then mac extension" \
1306 -c "found encrypt_then_mac extension" \
1307 -c "using encrypt then mac" \
1308 -s "using encrypt then mac"
1309
1310run_test "Encrypt then MAC: client enabled, server disabled" \
Manuel Pégourié-Gonnard0098e7d2014-10-28 13:08:59 +01001311 "$P_SRV debug_level=3 etm=0 \
1312 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01001313 "$P_CLI debug_level=3 etm=1" \
1314 0 \
1315 -c "client hello, adding encrypt_then_mac extension" \
1316 -s "found encrypt then mac extension" \
1317 -S "server hello, adding encrypt then mac extension" \
1318 -C "found encrypt_then_mac extension" \
1319 -C "using encrypt then mac" \
1320 -S "using encrypt then mac"
1321
Manuel Pégourié-Gonnard78e745f2014-11-04 15:44:06 +01001322run_test "Encrypt then MAC: client enabled, aead cipher" \
1323 "$P_SRV debug_level=3 etm=1 \
1324 force_ciphersuite=TLS-RSA-WITH-AES-128-GCM-SHA256" \
1325 "$P_CLI debug_level=3 etm=1" \
1326 0 \
1327 -c "client hello, adding encrypt_then_mac extension" \
1328 -s "found encrypt then mac extension" \
1329 -S "server hello, adding encrypt then mac extension" \
1330 -C "found encrypt_then_mac extension" \
1331 -C "using encrypt then mac" \
1332 -S "using encrypt then mac"
1333
1334run_test "Encrypt then MAC: client enabled, stream cipher" \
1335 "$P_SRV debug_level=3 etm=1 \
1336 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01001337 "$P_CLI debug_level=3 etm=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnard78e745f2014-11-04 15:44:06 +01001338 0 \
1339 -c "client hello, adding encrypt_then_mac extension" \
1340 -s "found encrypt then mac extension" \
1341 -S "server hello, adding encrypt then mac extension" \
1342 -C "found encrypt_then_mac extension" \
1343 -C "using encrypt then mac" \
1344 -S "using encrypt then mac"
1345
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01001346run_test "Encrypt then MAC: client disabled, server enabled" \
Manuel Pégourié-Gonnard0098e7d2014-10-28 13:08:59 +01001347 "$P_SRV debug_level=3 etm=1 \
1348 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01001349 "$P_CLI debug_level=3 etm=0" \
1350 0 \
1351 -C "client hello, adding encrypt_then_mac extension" \
1352 -S "found encrypt then mac extension" \
1353 -S "server hello, adding encrypt then mac extension" \
1354 -C "found encrypt_then_mac extension" \
1355 -C "using encrypt then mac" \
1356 -S "using encrypt then mac"
1357
Janos Follathe2681a42016-03-07 15:57:05 +00001358requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01001359run_test "Encrypt then MAC: client SSLv3, server enabled" \
Manuel Pégourié-Gonnard51d81662015-01-14 17:20:46 +01001360 "$P_SRV debug_level=3 min_version=ssl3 \
Manuel Pégourié-Gonnard0098e7d2014-10-28 13:08:59 +01001361 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01001362 "$P_CLI debug_level=3 force_version=ssl3" \
1363 0 \
1364 -C "client hello, adding encrypt_then_mac extension" \
1365 -S "found encrypt then mac extension" \
1366 -S "server hello, adding encrypt then mac extension" \
1367 -C "found encrypt_then_mac extension" \
1368 -C "using encrypt then mac" \
1369 -S "using encrypt then mac"
1370
Janos Follathe2681a42016-03-07 15:57:05 +00001371requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01001372run_test "Encrypt then MAC: client enabled, server SSLv3" \
Manuel Pégourié-Gonnard0098e7d2014-10-28 13:08:59 +01001373 "$P_SRV debug_level=3 force_version=ssl3 \
1374 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
Manuel Pégourié-Gonnard51d81662015-01-14 17:20:46 +01001375 "$P_CLI debug_level=3 min_version=ssl3" \
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01001376 0 \
1377 -c "client hello, adding encrypt_then_mac extension" \
Janos Follath00efff72016-05-06 13:48:23 +01001378 -S "found encrypt then mac extension" \
Manuel Pégourié-Gonnard699cafa2014-10-27 13:57:03 +01001379 -S "server hello, adding encrypt then mac extension" \
1380 -C "found encrypt_then_mac extension" \
1381 -C "using encrypt then mac" \
1382 -S "using encrypt then mac"
1383
Manuel Pégourié-Gonnard367381f2014-10-20 18:40:56 +02001384# Tests for Extended Master Secret extension
1385
1386run_test "Extended Master Secret: default" \
1387 "$P_SRV debug_level=3" \
1388 "$P_CLI debug_level=3" \
1389 0 \
1390 -c "client hello, adding extended_master_secret extension" \
1391 -s "found extended master secret extension" \
1392 -s "server hello, adding extended master secret extension" \
1393 -c "found extended_master_secret extension" \
1394 -c "using extended master secret" \
1395 -s "using extended master secret"
1396
1397run_test "Extended Master Secret: client enabled, server disabled" \
1398 "$P_SRV debug_level=3 extended_ms=0" \
1399 "$P_CLI debug_level=3 extended_ms=1" \
1400 0 \
1401 -c "client hello, adding extended_master_secret extension" \
1402 -s "found extended master secret extension" \
1403 -S "server hello, adding extended master secret extension" \
1404 -C "found extended_master_secret extension" \
1405 -C "using extended master secret" \
1406 -S "using extended master secret"
1407
1408run_test "Extended Master Secret: client disabled, server enabled" \
1409 "$P_SRV debug_level=3 extended_ms=1" \
1410 "$P_CLI debug_level=3 extended_ms=0" \
1411 0 \
1412 -C "client hello, adding extended_master_secret extension" \
1413 -S "found extended master secret extension" \
1414 -S "server hello, adding extended master secret extension" \
1415 -C "found extended_master_secret extension" \
1416 -C "using extended master secret" \
1417 -S "using extended master secret"
1418
Janos Follathe2681a42016-03-07 15:57:05 +00001419requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Manuel Pégourié-Gonnardb575b542014-10-24 15:12:31 +02001420run_test "Extended Master Secret: client SSLv3, server enabled" \
Manuel Pégourié-Gonnard51d81662015-01-14 17:20:46 +01001421 "$P_SRV debug_level=3 min_version=ssl3" \
Manuel Pégourié-Gonnardb575b542014-10-24 15:12:31 +02001422 "$P_CLI debug_level=3 force_version=ssl3" \
1423 0 \
1424 -C "client hello, adding extended_master_secret extension" \
1425 -S "found extended master secret extension" \
1426 -S "server hello, adding extended master secret extension" \
1427 -C "found extended_master_secret extension" \
1428 -C "using extended master secret" \
1429 -S "using extended master secret"
1430
Janos Follathe2681a42016-03-07 15:57:05 +00001431requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Manuel Pégourié-Gonnardb575b542014-10-24 15:12:31 +02001432run_test "Extended Master Secret: client enabled, server SSLv3" \
1433 "$P_SRV debug_level=3 force_version=ssl3" \
Manuel Pégourié-Gonnard51d81662015-01-14 17:20:46 +01001434 "$P_CLI debug_level=3 min_version=ssl3" \
Manuel Pégourié-Gonnardb575b542014-10-24 15:12:31 +02001435 0 \
1436 -c "client hello, adding extended_master_secret extension" \
Janos Follath00efff72016-05-06 13:48:23 +01001437 -S "found extended master secret extension" \
Manuel Pégourié-Gonnardb575b542014-10-24 15:12:31 +02001438 -S "server hello, adding extended master secret extension" \
1439 -C "found extended_master_secret extension" \
1440 -C "using extended master secret" \
1441 -S "using extended master secret"
1442
Manuel Pégourié-Gonnard1cbd39d2014-10-20 13:34:59 +02001443# Tests for FALLBACK_SCSV
1444
1445run_test "Fallback SCSV: default" \
Manuel Pégourié-Gonnard4268ae02015-08-04 12:44:10 +02001446 "$P_SRV debug_level=2" \
Manuel Pégourié-Gonnard1cbd39d2014-10-20 13:34:59 +02001447 "$P_CLI debug_level=3 force_version=tls1_1" \
1448 0 \
1449 -C "adding FALLBACK_SCSV" \
Manuel Pégourié-Gonnard01b26992014-10-20 14:05:28 +02001450 -S "received FALLBACK_SCSV" \
1451 -S "inapropriate fallback" \
Manuel Pégourié-Gonnard1cbd39d2014-10-20 13:34:59 +02001452 -C "is a fatal alert message (msg 86)"
1453
1454run_test "Fallback SCSV: explicitly disabled" \
Manuel Pégourié-Gonnard4268ae02015-08-04 12:44:10 +02001455 "$P_SRV debug_level=2" \
Manuel Pégourié-Gonnard1cbd39d2014-10-20 13:34:59 +02001456 "$P_CLI debug_level=3 force_version=tls1_1 fallback=0" \
1457 0 \
1458 -C "adding FALLBACK_SCSV" \
Manuel Pégourié-Gonnard01b26992014-10-20 14:05:28 +02001459 -S "received FALLBACK_SCSV" \
1460 -S "inapropriate fallback" \
Manuel Pégourié-Gonnard1cbd39d2014-10-20 13:34:59 +02001461 -C "is a fatal alert message (msg 86)"
1462
1463run_test "Fallback SCSV: enabled" \
Manuel Pégourié-Gonnard4268ae02015-08-04 12:44:10 +02001464 "$P_SRV debug_level=2" \
Manuel Pégourié-Gonnard1cbd39d2014-10-20 13:34:59 +02001465 "$P_CLI debug_level=3 force_version=tls1_1 fallback=1" \
Manuel Pégourié-Gonnard01b26992014-10-20 14:05:28 +02001466 1 \
1467 -c "adding FALLBACK_SCSV" \
1468 -s "received FALLBACK_SCSV" \
1469 -s "inapropriate fallback" \
1470 -c "is a fatal alert message (msg 86)"
1471
1472run_test "Fallback SCSV: enabled, max version" \
Manuel Pégourié-Gonnard4268ae02015-08-04 12:44:10 +02001473 "$P_SRV debug_level=2" \
Manuel Pégourié-Gonnard01b26992014-10-20 14:05:28 +02001474 "$P_CLI debug_level=3 fallback=1" \
Manuel Pégourié-Gonnard1cbd39d2014-10-20 13:34:59 +02001475 0 \
1476 -c "adding FALLBACK_SCSV" \
Manuel Pégourié-Gonnard01b26992014-10-20 14:05:28 +02001477 -s "received FALLBACK_SCSV" \
1478 -S "inapropriate fallback" \
Manuel Pégourié-Gonnard1cbd39d2014-10-20 13:34:59 +02001479 -C "is a fatal alert message (msg 86)"
1480
1481requires_openssl_with_fallback_scsv
1482run_test "Fallback SCSV: default, openssl server" \
1483 "$O_SRV" \
1484 "$P_CLI debug_level=3 force_version=tls1_1 fallback=0" \
1485 0 \
1486 -C "adding FALLBACK_SCSV" \
1487 -C "is a fatal alert message (msg 86)"
1488
1489requires_openssl_with_fallback_scsv
1490run_test "Fallback SCSV: enabled, openssl server" \
1491 "$O_SRV" \
1492 "$P_CLI debug_level=3 force_version=tls1_1 fallback=1" \
1493 1 \
1494 -c "adding FALLBACK_SCSV" \
1495 -c "is a fatal alert message (msg 86)"
1496
Manuel Pégourié-Gonnard01b26992014-10-20 14:05:28 +02001497requires_openssl_with_fallback_scsv
1498run_test "Fallback SCSV: disabled, openssl client" \
Manuel Pégourié-Gonnard4268ae02015-08-04 12:44:10 +02001499 "$P_SRV debug_level=2" \
Manuel Pégourié-Gonnard01b26992014-10-20 14:05:28 +02001500 "$O_CLI -tls1_1" \
1501 0 \
1502 -S "received FALLBACK_SCSV" \
1503 -S "inapropriate fallback"
1504
1505requires_openssl_with_fallback_scsv
1506run_test "Fallback SCSV: enabled, openssl client" \
Manuel Pégourié-Gonnard4268ae02015-08-04 12:44:10 +02001507 "$P_SRV debug_level=2" \
Manuel Pégourié-Gonnard01b26992014-10-20 14:05:28 +02001508 "$O_CLI -tls1_1 -fallback_scsv" \
1509 1 \
1510 -s "received FALLBACK_SCSV" \
1511 -s "inapropriate fallback"
1512
1513requires_openssl_with_fallback_scsv
1514run_test "Fallback SCSV: enabled, max version, openssl client" \
Manuel Pégourié-Gonnard4268ae02015-08-04 12:44:10 +02001515 "$P_SRV debug_level=2" \
Manuel Pégourié-Gonnard01b26992014-10-20 14:05:28 +02001516 "$O_CLI -fallback_scsv" \
1517 0 \
1518 -s "received FALLBACK_SCSV" \
1519 -S "inapropriate fallback"
1520
Andres Amaya Garcia4c761fa2018-07-10 20:08:04 +01001521# Test sending and receiving empty application data records
1522
1523run_test "Encrypt then MAC: empty application data record" \
1524 "$P_SRV auth_mode=none debug_level=4 etm=1" \
1525 "$P_CLI auth_mode=none etm=1 request_size=0 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
1526 0 \
1527 -S "0000: 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f" \
1528 -s "dumping 'input payload after decrypt' (0 bytes)" \
1529 -c "0 bytes written in 1 fragments"
1530
Manuel Pégourié-Gonnard98a879a2020-03-24 10:53:39 +01001531run_test "Encrypt then MAC: disabled, empty application data record" \
Andres Amaya Garcia4c761fa2018-07-10 20:08:04 +01001532 "$P_SRV auth_mode=none debug_level=4 etm=0" \
1533 "$P_CLI auth_mode=none etm=0 request_size=0" \
1534 0 \
1535 -s "dumping 'input payload after decrypt' (0 bytes)" \
1536 -c "0 bytes written in 1 fragments"
1537
1538run_test "Encrypt then MAC, DTLS: empty application data record" \
1539 "$P_SRV auth_mode=none debug_level=4 etm=1 dtls=1" \
1540 "$P_CLI auth_mode=none etm=1 request_size=0 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA dtls=1" \
1541 0 \
1542 -S "0000: 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f" \
1543 -s "dumping 'input payload after decrypt' (0 bytes)" \
1544 -c "0 bytes written in 1 fragments"
1545
Manuel Pégourié-Gonnard98a879a2020-03-24 10:53:39 +01001546run_test "Encrypt then MAC, DTLS: disabled, empty application data record" \
Andres Amaya Garcia4c761fa2018-07-10 20:08:04 +01001547 "$P_SRV auth_mode=none debug_level=4 etm=0 dtls=1" \
1548 "$P_CLI auth_mode=none etm=0 request_size=0 dtls=1" \
1549 0 \
1550 -s "dumping 'input payload after decrypt' (0 bytes)" \
1551 -c "0 bytes written in 1 fragments"
1552
Gilles Peskined50177f2017-05-16 17:53:03 +02001553## ClientHello generated with
1554## "openssl s_client -CAfile tests/data_files/test-ca.crt -tls1_1 -connect localhost:4433 -cipher ..."
1555## then manually twiddling the ciphersuite list.
1556## The ClientHello content is spelled out below as a hex string as
1557## "prefix ciphersuite1 ciphersuite2 ciphersuite3 ciphersuite4 suffix".
1558## The expected response is an inappropriate_fallback alert.
1559requires_openssl_with_fallback_scsv
1560run_test "Fallback SCSV: beginning of list" \
1561 "$P_SRV debug_level=2" \
1562 "$TCP_CLIENT localhost $SRV_PORT '160301003e0100003a03022aafb94308dc22ca1086c65acc00e414384d76b61ecab37df1633b1ae1034dbe000008 5600 0031 0032 0033 0100000900230000000f000101' '15030200020256'" \
1563 0 \
1564 -s "received FALLBACK_SCSV" \
1565 -s "inapropriate fallback"
1566
1567requires_openssl_with_fallback_scsv
1568run_test "Fallback SCSV: end of list" \
1569 "$P_SRV debug_level=2" \
1570 "$TCP_CLIENT localhost $SRV_PORT '160301003e0100003a03022aafb94308dc22ca1086c65acc00e414384d76b61ecab37df1633b1ae1034dbe000008 0031 0032 0033 5600 0100000900230000000f000101' '15030200020256'" \
1571 0 \
1572 -s "received FALLBACK_SCSV" \
1573 -s "inapropriate fallback"
1574
1575## Here the expected response is a valid ServerHello prefix, up to the random.
1576requires_openssl_with_fallback_scsv
1577run_test "Fallback SCSV: not in list" \
1578 "$P_SRV debug_level=2" \
1579 "$TCP_CLIENT localhost $SRV_PORT '160301003e0100003a03022aafb94308dc22ca1086c65acc00e414384d76b61ecab37df1633b1ae1034dbe000008 0056 0031 0032 0033 0100000900230000000f000101' '16030200300200002c0302'" \
1580 0 \
1581 -S "received FALLBACK_SCSV" \
1582 -S "inapropriate fallback"
1583
Manuel Pégourié-Gonnard3ff78232015-01-08 11:15:09 +01001584# Tests for CBC 1/n-1 record splitting
1585
1586run_test "CBC Record splitting: TLS 1.2, no splitting" \
1587 "$P_SRV" \
1588 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \
1589 request_size=123 force_version=tls1_2" \
1590 0 \
1591 -s "Read from client: 123 bytes read" \
1592 -S "Read from client: 1 bytes read" \
1593 -S "122 bytes read"
1594
1595run_test "CBC Record splitting: TLS 1.1, no splitting" \
1596 "$P_SRV" \
1597 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \
1598 request_size=123 force_version=tls1_1" \
1599 0 \
1600 -s "Read from client: 123 bytes read" \
1601 -S "Read from client: 1 bytes read" \
1602 -S "122 bytes read"
1603
1604run_test "CBC Record splitting: TLS 1.0, splitting" \
1605 "$P_SRV" \
1606 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \
1607 request_size=123 force_version=tls1" \
1608 0 \
1609 -S "Read from client: 123 bytes read" \
1610 -s "Read from client: 1 bytes read" \
1611 -s "122 bytes read"
1612
Janos Follathe2681a42016-03-07 15:57:05 +00001613requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Manuel Pégourié-Gonnard3ff78232015-01-08 11:15:09 +01001614run_test "CBC Record splitting: SSLv3, splitting" \
Manuel Pégourié-Gonnard51d81662015-01-14 17:20:46 +01001615 "$P_SRV min_version=ssl3" \
Manuel Pégourié-Gonnard3ff78232015-01-08 11:15:09 +01001616 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \
1617 request_size=123 force_version=ssl3" \
1618 0 \
1619 -S "Read from client: 123 bytes read" \
1620 -s "Read from client: 1 bytes read" \
1621 -s "122 bytes read"
1622
1623run_test "CBC Record splitting: TLS 1.0 RC4, no splitting" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01001624 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnard3ff78232015-01-08 11:15:09 +01001625 "$P_CLI force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
1626 request_size=123 force_version=tls1" \
1627 0 \
1628 -s "Read from client: 123 bytes read" \
1629 -S "Read from client: 1 bytes read" \
1630 -S "122 bytes read"
1631
1632run_test "CBC Record splitting: TLS 1.0, splitting disabled" \
1633 "$P_SRV" \
1634 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \
1635 request_size=123 force_version=tls1 recsplit=0" \
1636 0 \
1637 -s "Read from client: 123 bytes read" \
1638 -S "Read from client: 1 bytes read" \
1639 -S "122 bytes read"
1640
Manuel Pégourié-Gonnarda852cf42015-01-13 20:56:15 +01001641run_test "CBC Record splitting: TLS 1.0, splitting, nbio" \
1642 "$P_SRV nbio=2" \
1643 "$P_CLI nbio=2 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \
1644 request_size=123 force_version=tls1" \
1645 0 \
1646 -S "Read from client: 123 bytes read" \
1647 -s "Read from client: 1 bytes read" \
1648 -s "122 bytes read"
1649
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01001650# Tests for Session Tickets
1651
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02001652run_test "Session resume using tickets: basic" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02001653 "$P_SRV debug_level=3 tickets=1" \
1654 "$P_CLI debug_level=3 tickets=1 reconnect=1" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +01001655 0 \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +01001656 -c "client hello, adding session ticket extension" \
1657 -s "found session ticket extension" \
1658 -s "server hello, adding session ticket extension" \
1659 -c "found session_ticket extension" \
1660 -c "parse new session ticket" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +01001661 -S "session successfully restored from cache" \
1662 -s "session successfully restored from ticket" \
1663 -s "a session has been resumed" \
1664 -c "a session has been resumed"
1665
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02001666run_test "Session resume using tickets: cache disabled" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02001667 "$P_SRV debug_level=3 tickets=1 cache_max=0" \
1668 "$P_CLI debug_level=3 tickets=1 reconnect=1" \
Manuel Pégourié-Gonnarddbe1ee12014-02-21 09:18:13 +01001669 0 \
1670 -c "client hello, adding session ticket extension" \
1671 -s "found session ticket extension" \
1672 -s "server hello, adding session ticket extension" \
1673 -c "found session_ticket extension" \
1674 -c "parse new session ticket" \
1675 -S "session successfully restored from cache" \
1676 -s "session successfully restored from ticket" \
1677 -s "a session has been resumed" \
1678 -c "a session has been resumed"
1679
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02001680run_test "Session resume using tickets: timeout" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02001681 "$P_SRV debug_level=3 tickets=1 cache_max=0 ticket_timeout=1" \
1682 "$P_CLI debug_level=3 tickets=1 reconnect=1 reco_delay=2" \
Manuel Pégourié-Gonnarddbe1ee12014-02-21 09:18:13 +01001683 0 \
1684 -c "client hello, adding session ticket extension" \
1685 -s "found session ticket extension" \
1686 -s "server hello, adding session ticket extension" \
1687 -c "found session_ticket extension" \
1688 -c "parse new session ticket" \
1689 -S "session successfully restored from cache" \
1690 -S "session successfully restored from ticket" \
1691 -S "a session has been resumed" \
1692 -C "a session has been resumed"
1693
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02001694run_test "Session resume using tickets: openssl server" \
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +01001695 "$O_SRV" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02001696 "$P_CLI debug_level=3 tickets=1 reconnect=1" \
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +01001697 0 \
1698 -c "client hello, adding session ticket extension" \
1699 -c "found session_ticket extension" \
1700 -c "parse new session ticket" \
1701 -c "a session has been resumed"
1702
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02001703run_test "Session resume using tickets: openssl client" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02001704 "$P_SRV debug_level=3 tickets=1" \
Manuel Pégourié-Gonnardbc3b16c2014-05-28 23:06:50 +02001705 "( $O_CLI -sess_out $SESSION; \
1706 $O_CLI -sess_in $SESSION; \
1707 rm -f $SESSION )" \
Manuel Pégourié-Gonnardfccd3252014-02-25 17:14:15 +01001708 0 \
1709 -s "found session ticket extension" \
1710 -s "server hello, adding session ticket extension" \
1711 -S "session successfully restored from cache" \
1712 -s "session successfully restored from ticket" \
1713 -s "a session has been resumed"
1714
Hanno Becker1d739932018-08-21 13:55:22 +01001715# Tests for Session Tickets with DTLS
1716
1717run_test "Session resume using tickets, DTLS: basic" \
1718 "$P_SRV debug_level=3 dtls=1 tickets=1" \
Manuel Pégourié-Gonnard498e6322020-02-17 11:04:33 +01001719 "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1 skip_close_notify=1" \
Hanno Becker1d739932018-08-21 13:55:22 +01001720 0 \
1721 -c "client hello, adding session ticket extension" \
1722 -s "found session ticket extension" \
1723 -s "server hello, adding session ticket extension" \
1724 -c "found session_ticket extension" \
1725 -c "parse new session ticket" \
1726 -S "session successfully restored from cache" \
1727 -s "session successfully restored from ticket" \
1728 -s "a session has been resumed" \
1729 -c "a session has been resumed"
1730
1731run_test "Session resume using tickets, DTLS: cache disabled" \
1732 "$P_SRV debug_level=3 dtls=1 tickets=1 cache_max=0" \
Manuel Pégourié-Gonnard498e6322020-02-17 11:04:33 +01001733 "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1 skip_close_notify=1" \
Hanno Becker1d739932018-08-21 13:55:22 +01001734 0 \
1735 -c "client hello, adding session ticket extension" \
1736 -s "found session ticket extension" \
1737 -s "server hello, adding session ticket extension" \
1738 -c "found session_ticket extension" \
1739 -c "parse new session ticket" \
1740 -S "session successfully restored from cache" \
1741 -s "session successfully restored from ticket" \
1742 -s "a session has been resumed" \
1743 -c "a session has been resumed"
1744
1745run_test "Session resume using tickets, DTLS: timeout" \
1746 "$P_SRV debug_level=3 dtls=1 tickets=1 cache_max=0 ticket_timeout=1" \
Manuel Pégourié-Gonnard498e6322020-02-17 11:04:33 +01001747 "$P_CLI debug_level=3 dtls=1 tickets=1 reconnect=1 skip_close_notify=1 reco_delay=2" \
Hanno Becker1d739932018-08-21 13:55:22 +01001748 0 \
1749 -c "client hello, adding session ticket extension" \
1750 -s "found session ticket extension" \
1751 -s "server hello, adding session ticket extension" \
1752 -c "found session_ticket extension" \
1753 -c "parse new session ticket" \
1754 -S "session successfully restored from cache" \
1755 -S "session successfully restored from ticket" \
1756 -S "a session has been resumed" \
1757 -C "a session has been resumed"
1758
1759run_test "Session resume using tickets, DTLS: openssl server" \
1760 "$O_SRV -dtls1" \
1761 "$P_CLI dtls=1 debug_level=3 tickets=1 reconnect=1" \
1762 0 \
1763 -c "client hello, adding session ticket extension" \
1764 -c "found session_ticket extension" \
1765 -c "parse new session ticket" \
1766 -c "a session has been resumed"
1767
Manuel Pégourié-Gonnarda4700752021-10-13 13:12:47 +02001768# For reasons that aren't fully understood, this test randomly fails with high
Paul Elliott6c649832021-10-13 16:13:44 +01001769# probability with OpenSSL 1.0.2g on the CI, see #5012.
Manuel Pégourié-Gonnarda4700752021-10-13 13:12:47 +02001770requires_openssl_next
Hanno Becker1d739932018-08-21 13:55:22 +01001771run_test "Session resume using tickets, DTLS: openssl client" \
1772 "$P_SRV dtls=1 debug_level=3 tickets=1" \
Manuel Pégourié-Gonnarda4700752021-10-13 13:12:47 +02001773 "( $O_NEXT_CLI -dtls1 -sess_out $SESSION; \
1774 $O_NEXT_CLI -dtls1 -sess_in $SESSION; \
Hanno Becker1d739932018-08-21 13:55:22 +01001775 rm -f $SESSION )" \
1776 0 \
1777 -s "found session ticket extension" \
1778 -s "server hello, adding session ticket extension" \
1779 -S "session successfully restored from cache" \
1780 -s "session successfully restored from ticket" \
1781 -s "a session has been resumed"
1782
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +01001783# Tests for Session Resume based on session-ID and cache
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01001784
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02001785run_test "Session resume using cache: tickets enabled on client" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02001786 "$P_SRV debug_level=3 tickets=0" \
1787 "$P_CLI debug_level=3 tickets=1 reconnect=1" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +01001788 0 \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +01001789 -c "client hello, adding session ticket extension" \
1790 -s "found session ticket extension" \
1791 -S "server hello, adding session ticket extension" \
1792 -C "found session_ticket extension" \
1793 -C "parse new session ticket" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +01001794 -s "session successfully restored from cache" \
1795 -S "session successfully restored from ticket" \
1796 -s "a session has been resumed" \
1797 -c "a session has been resumed"
1798
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02001799run_test "Session resume using cache: tickets enabled on server" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02001800 "$P_SRV debug_level=3 tickets=1" \
1801 "$P_CLI debug_level=3 tickets=0 reconnect=1" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +01001802 0 \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +01001803 -C "client hello, adding session ticket extension" \
1804 -S "found session ticket extension" \
1805 -S "server hello, adding session ticket extension" \
1806 -C "found session_ticket extension" \
1807 -C "parse new session ticket" \
Manuel Pégourié-Gonnardf7c52012014-02-20 11:43:46 +01001808 -s "session successfully restored from cache" \
1809 -S "session successfully restored from ticket" \
1810 -s "a session has been resumed" \
1811 -c "a session has been resumed"
Manuel Pégourié-Gonnardde143782014-02-20 14:50:42 +01001812
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02001813run_test "Session resume using cache: cache_max=0" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02001814 "$P_SRV debug_level=3 tickets=0 cache_max=0" \
1815 "$P_CLI debug_level=3 tickets=0 reconnect=1" \
Manuel Pégourié-Gonnard4c883452014-02-20 21:32:41 +01001816 0 \
1817 -S "session successfully restored from cache" \
1818 -S "session successfully restored from ticket" \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +01001819 -S "a session has been resumed" \
1820 -C "a session has been resumed"
Manuel Pégourié-Gonnard4c883452014-02-20 21:32:41 +01001821
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02001822run_test "Session resume using cache: cache_max=1" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02001823 "$P_SRV debug_level=3 tickets=0 cache_max=1" \
1824 "$P_CLI debug_level=3 tickets=0 reconnect=1" \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +01001825 0 \
1826 -s "session successfully restored from cache" \
1827 -S "session successfully restored from ticket" \
1828 -s "a session has been resumed" \
1829 -c "a session has been resumed"
1830
Manuel Pégourié-Gonnard6df31962015-05-04 10:55:47 +02001831run_test "Session resume using cache: timeout > delay" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02001832 "$P_SRV debug_level=3 tickets=0" \
1833 "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=0" \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +01001834 0 \
1835 -s "session successfully restored from cache" \
1836 -S "session successfully restored from ticket" \
1837 -s "a session has been resumed" \
1838 -c "a session has been resumed"
1839
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02001840run_test "Session resume using cache: timeout < delay" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02001841 "$P_SRV debug_level=3 tickets=0 cache_timeout=1" \
1842 "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=2" \
Manuel Pégourié-Gonnardc55a5b72014-02-20 22:50:56 +01001843 0 \
1844 -S "session successfully restored from cache" \
1845 -S "session successfully restored from ticket" \
1846 -S "a session has been resumed" \
1847 -C "a session has been resumed"
1848
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02001849run_test "Session resume using cache: no timeout" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02001850 "$P_SRV debug_level=3 tickets=0 cache_timeout=0" \
1851 "$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=2" \
Manuel Pégourié-Gonnard4c883452014-02-20 21:32:41 +01001852 0 \
1853 -s "session successfully restored from cache" \
1854 -S "session successfully restored from ticket" \
1855 -s "a session has been resumed" \
1856 -c "a session has been resumed"
1857
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02001858run_test "Session resume using cache: openssl client" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02001859 "$P_SRV debug_level=3 tickets=0" \
Manuel Pégourié-Gonnardbc3b16c2014-05-28 23:06:50 +02001860 "( $O_CLI -sess_out $SESSION; \
1861 $O_CLI -sess_in $SESSION; \
1862 rm -f $SESSION )" \
Manuel Pégourié-Gonnarddb735f62014-02-25 17:57:59 +01001863 0 \
1864 -s "found session ticket extension" \
1865 -S "server hello, adding session ticket extension" \
1866 -s "session successfully restored from cache" \
1867 -S "session successfully restored from ticket" \
1868 -s "a session has been resumed"
1869
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02001870run_test "Session resume using cache: openssl server" \
Manuel Pégourié-Gonnardf7a26902014-02-27 12:25:54 +01001871 "$O_SRV" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02001872 "$P_CLI debug_level=3 tickets=0 reconnect=1" \
Manuel Pégourié-Gonnarddb735f62014-02-25 17:57:59 +01001873 0 \
1874 -C "found session_ticket extension" \
1875 -C "parse new session ticket" \
1876 -c "a session has been resumed"
1877
Hanno Becker1d739932018-08-21 13:55:22 +01001878# Tests for Session Resume based on session-ID and cache, DTLS
1879
1880run_test "Session resume using cache, DTLS: tickets enabled on client" \
1881 "$P_SRV dtls=1 debug_level=3 tickets=0" \
Manuel Pégourié-Gonnard498e6322020-02-17 11:04:33 +01001882 "$P_CLI dtls=1 debug_level=3 tickets=1 reconnect=1 skip_close_notify=1" \
Hanno Becker1d739932018-08-21 13:55:22 +01001883 0 \
1884 -c "client hello, adding session ticket extension" \
1885 -s "found session ticket extension" \
1886 -S "server hello, adding session ticket extension" \
1887 -C "found session_ticket extension" \
1888 -C "parse new session ticket" \
1889 -s "session successfully restored from cache" \
1890 -S "session successfully restored from ticket" \
1891 -s "a session has been resumed" \
1892 -c "a session has been resumed"
1893
1894run_test "Session resume using cache, DTLS: tickets enabled on server" \
1895 "$P_SRV dtls=1 debug_level=3 tickets=1" \
Manuel Pégourié-Gonnard498e6322020-02-17 11:04:33 +01001896 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1" \
Hanno Becker1d739932018-08-21 13:55:22 +01001897 0 \
1898 -C "client hello, adding session ticket extension" \
1899 -S "found session ticket extension" \
1900 -S "server hello, adding session ticket extension" \
1901 -C "found session_ticket extension" \
1902 -C "parse new session ticket" \
1903 -s "session successfully restored from cache" \
1904 -S "session successfully restored from ticket" \
1905 -s "a session has been resumed" \
1906 -c "a session has been resumed"
1907
1908run_test "Session resume using cache, DTLS: cache_max=0" \
1909 "$P_SRV dtls=1 debug_level=3 tickets=0 cache_max=0" \
Manuel Pégourié-Gonnard498e6322020-02-17 11:04:33 +01001910 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1" \
Hanno Becker1d739932018-08-21 13:55:22 +01001911 0 \
1912 -S "session successfully restored from cache" \
1913 -S "session successfully restored from ticket" \
1914 -S "a session has been resumed" \
1915 -C "a session has been resumed"
1916
1917run_test "Session resume using cache, DTLS: cache_max=1" \
1918 "$P_SRV dtls=1 debug_level=3 tickets=0 cache_max=1" \
Manuel Pégourié-Gonnard498e6322020-02-17 11:04:33 +01001919 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1" \
Hanno Becker1d739932018-08-21 13:55:22 +01001920 0 \
1921 -s "session successfully restored from cache" \
1922 -S "session successfully restored from ticket" \
1923 -s "a session has been resumed" \
1924 -c "a session has been resumed"
1925
1926run_test "Session resume using cache, DTLS: timeout > delay" \
1927 "$P_SRV dtls=1 debug_level=3 tickets=0" \
Manuel Pégourié-Gonnard498e6322020-02-17 11:04:33 +01001928 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1 reco_delay=0" \
Hanno Becker1d739932018-08-21 13:55:22 +01001929 0 \
1930 -s "session successfully restored from cache" \
1931 -S "session successfully restored from ticket" \
1932 -s "a session has been resumed" \
1933 -c "a session has been resumed"
1934
1935run_test "Session resume using cache, DTLS: timeout < delay" \
1936 "$P_SRV dtls=1 debug_level=3 tickets=0 cache_timeout=1" \
Manuel Pégourié-Gonnard498e6322020-02-17 11:04:33 +01001937 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1 reco_delay=2" \
Hanno Becker1d739932018-08-21 13:55:22 +01001938 0 \
1939 -S "session successfully restored from cache" \
1940 -S "session successfully restored from ticket" \
1941 -S "a session has been resumed" \
1942 -C "a session has been resumed"
1943
1944run_test "Session resume using cache, DTLS: no timeout" \
1945 "$P_SRV dtls=1 debug_level=3 tickets=0 cache_timeout=0" \
Manuel Pégourié-Gonnard498e6322020-02-17 11:04:33 +01001946 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1 reco_delay=2" \
Hanno Becker1d739932018-08-21 13:55:22 +01001947 0 \
1948 -s "session successfully restored from cache" \
1949 -S "session successfully restored from ticket" \
1950 -s "a session has been resumed" \
1951 -c "a session has been resumed"
1952
Manuel Pégourié-Gonnarda4700752021-10-13 13:12:47 +02001953# For reasons that aren't fully understood, this test randomly fails with high
Paul Elliott6c649832021-10-13 16:13:44 +01001954# probability with OpenSSL 1.0.2g on the CI, see #5012.
Manuel Pégourié-Gonnarda4700752021-10-13 13:12:47 +02001955requires_openssl_next
Hanno Becker1d739932018-08-21 13:55:22 +01001956run_test "Session resume using cache, DTLS: openssl client" \
1957 "$P_SRV dtls=1 debug_level=3 tickets=0" \
Manuel Pégourié-Gonnarda4700752021-10-13 13:12:47 +02001958 "( $O_NEXT_CLI -dtls1 -sess_out $SESSION; \
1959 $O_NEXT_CLI -dtls1 -sess_in $SESSION; \
Hanno Becker1d739932018-08-21 13:55:22 +01001960 rm -f $SESSION )" \
1961 0 \
1962 -s "found session ticket extension" \
1963 -S "server hello, adding session ticket extension" \
1964 -s "session successfully restored from cache" \
1965 -S "session successfully restored from ticket" \
1966 -s "a session has been resumed"
1967
1968run_test "Session resume using cache, DTLS: openssl server" \
1969 "$O_SRV -dtls1" \
1970 "$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1" \
1971 0 \
1972 -C "found session_ticket extension" \
1973 -C "parse new session ticket" \
1974 -c "a session has been resumed"
1975
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01001976# Tests for Max Fragment Length extension
1977
Hanno Becker4aed27e2017-09-18 15:00:34 +01001978requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Hanno Beckerc5266962017-09-18 15:01:50 +01001979run_test "Max fragment length: enabled, default" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02001980 "$P_SRV debug_level=3" \
1981 "$P_CLI debug_level=3" \
Manuel Pégourié-Gonnardde143782014-02-20 14:50:42 +01001982 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10001983 -c "Maximum fragment length is $MAX_CONTENT_LEN" \
1984 -s "Maximum fragment length is $MAX_CONTENT_LEN" \
Manuel Pégourié-Gonnardde143782014-02-20 14:50:42 +01001985 -C "client hello, adding max_fragment_length extension" \
1986 -S "found max fragment length extension" \
1987 -S "server hello, max_fragment_length extension" \
1988 -C "found max_fragment_length extension"
1989
Hanno Becker4aed27e2017-09-18 15:00:34 +01001990requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Hanno Beckerc5266962017-09-18 15:01:50 +01001991run_test "Max fragment length: enabled, default, larger message" \
1992 "$P_SRV debug_level=3" \
Angus Grattonc4dd0732018-04-11 16:28:39 +10001993 "$P_CLI debug_level=3 request_size=$(( $MAX_CONTENT_LEN + 1))" \
Hanno Beckerc5266962017-09-18 15:01:50 +01001994 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10001995 -c "Maximum fragment length is $MAX_CONTENT_LEN" \
1996 -s "Maximum fragment length is $MAX_CONTENT_LEN" \
Hanno Beckerc5266962017-09-18 15:01:50 +01001997 -C "client hello, adding max_fragment_length extension" \
1998 -S "found max fragment length extension" \
1999 -S "server hello, max_fragment_length extension" \
2000 -C "found max_fragment_length extension" \
Angus Grattonc4dd0732018-04-11 16:28:39 +10002001 -c "$(( $MAX_CONTENT_LEN + 1)) bytes written in 2 fragments" \
2002 -s "$MAX_CONTENT_LEN bytes read" \
Hanno Becker9cfabe32017-10-18 14:42:01 +01002003 -s "1 bytes read"
Hanno Beckerc5266962017-09-18 15:01:50 +01002004
2005requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
2006run_test "Max fragment length, DTLS: enabled, default, larger message" \
2007 "$P_SRV debug_level=3 dtls=1" \
Angus Grattonc4dd0732018-04-11 16:28:39 +10002008 "$P_CLI debug_level=3 dtls=1 request_size=$(( $MAX_CONTENT_LEN + 1))" \
Hanno Beckerc5266962017-09-18 15:01:50 +01002009 1 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10002010 -c "Maximum fragment length is $MAX_CONTENT_LEN" \
2011 -s "Maximum fragment length is $MAX_CONTENT_LEN" \
Hanno Beckerc5266962017-09-18 15:01:50 +01002012 -C "client hello, adding max_fragment_length extension" \
2013 -S "found max fragment length extension" \
2014 -S "server hello, max_fragment_length extension" \
2015 -C "found max_fragment_length extension" \
2016 -c "fragment larger than.*maximum "
2017
Angus Grattonc4dd0732018-04-11 16:28:39 +10002018# Run some tests with MBEDTLS_SSL_MAX_FRAGMENT_LENGTH disabled
2019# (session fragment length will be 16384 regardless of mbedtls
2020# content length configuration.)
2021
Hanno Beckerc5266962017-09-18 15:01:50 +01002022requires_config_disabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
2023run_test "Max fragment length: disabled, larger message" \
2024 "$P_SRV debug_level=3" \
Angus Grattonc4dd0732018-04-11 16:28:39 +10002025 "$P_CLI debug_level=3 request_size=$(( $MAX_CONTENT_LEN + 1))" \
Hanno Beckerc5266962017-09-18 15:01:50 +01002026 0 \
2027 -C "Maximum fragment length is 16384" \
2028 -S "Maximum fragment length is 16384" \
Angus Grattonc4dd0732018-04-11 16:28:39 +10002029 -c "$(( $MAX_CONTENT_LEN + 1)) bytes written in 2 fragments" \
2030 -s "$MAX_CONTENT_LEN bytes read" \
Hanno Becker9cfabe32017-10-18 14:42:01 +01002031 -s "1 bytes read"
Hanno Beckerc5266962017-09-18 15:01:50 +01002032
2033requires_config_disabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Yuto Takano2e580ce2021-06-21 19:43:33 +01002034run_test "Max fragment length, DTLS: disabled, larger message" \
Hanno Beckerc5266962017-09-18 15:01:50 +01002035 "$P_SRV debug_level=3 dtls=1" \
Angus Grattonc4dd0732018-04-11 16:28:39 +10002036 "$P_CLI debug_level=3 dtls=1 request_size=$(( $MAX_CONTENT_LEN + 1))" \
Hanno Beckerc5266962017-09-18 15:01:50 +01002037 1 \
2038 -C "Maximum fragment length is 16384" \
2039 -S "Maximum fragment length is 16384" \
2040 -c "fragment larger than.*maximum "
2041
Yuto Takano0807e1d2021-07-02 10:10:49 +01002042requires_max_content_len 4096
Hanno Beckerc5266962017-09-18 15:01:50 +01002043requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002044run_test "Max fragment length: used by client" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002045 "$P_SRV debug_level=3" \
2046 "$P_CLI debug_level=3 max_frag_len=4096" \
Manuel Pégourié-Gonnardde143782014-02-20 14:50:42 +01002047 0 \
Manuel Pégourié-Gonnarda2cda6b2015-08-31 18:30:52 +02002048 -c "Maximum fragment length is 4096" \
2049 -s "Maximum fragment length is 4096" \
Manuel Pégourié-Gonnardde143782014-02-20 14:50:42 +01002050 -c "client hello, adding max_fragment_length extension" \
2051 -s "found max fragment length extension" \
2052 -s "server hello, max_fragment_length extension" \
2053 -c "found max_fragment_length extension"
2054
Yuto Takano0807e1d2021-07-02 10:10:49 +01002055requires_max_content_len 4096
Hanno Becker4aed27e2017-09-18 15:00:34 +01002056requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002057run_test "Max fragment length: used by server" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002058 "$P_SRV debug_level=3 max_frag_len=4096" \
2059 "$P_CLI debug_level=3" \
Manuel Pégourié-Gonnardde143782014-02-20 14:50:42 +01002060 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10002061 -c "Maximum fragment length is $MAX_CONTENT_LEN" \
Manuel Pégourié-Gonnarda2cda6b2015-08-31 18:30:52 +02002062 -s "Maximum fragment length is 4096" \
Manuel Pégourié-Gonnardde143782014-02-20 14:50:42 +01002063 -C "client hello, adding max_fragment_length extension" \
2064 -S "found max fragment length extension" \
2065 -S "server hello, max_fragment_length extension" \
2066 -C "found max_fragment_length extension"
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01002067
Yuto Takano0807e1d2021-07-02 10:10:49 +01002068requires_max_content_len 4096
Hanno Becker4aed27e2017-09-18 15:00:34 +01002069requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002070requires_gnutls
2071run_test "Max fragment length: gnutls server" \
Manuel Pégourié-Gonnardbaa7f072014-08-20 20:15:53 +02002072 "$G_SRV" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002073 "$P_CLI debug_level=3 max_frag_len=4096" \
Manuel Pégourié-Gonnardbaa7f072014-08-20 20:15:53 +02002074 0 \
Manuel Pégourié-Gonnarda2cda6b2015-08-31 18:30:52 +02002075 -c "Maximum fragment length is 4096" \
Manuel Pégourié-Gonnardbaa7f072014-08-20 20:15:53 +02002076 -c "client hello, adding max_fragment_length extension" \
2077 -c "found max_fragment_length extension"
2078
Yuto Takano0807e1d2021-07-02 10:10:49 +01002079requires_max_content_len 2048
Hanno Becker4aed27e2017-09-18 15:00:34 +01002080requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Manuel Pégourié-Gonnard37e08e12014-10-13 17:55:52 +02002081run_test "Max fragment length: client, message just fits" \
2082 "$P_SRV debug_level=3" \
2083 "$P_CLI debug_level=3 max_frag_len=2048 request_size=2048" \
2084 0 \
Manuel Pégourié-Gonnarda2cda6b2015-08-31 18:30:52 +02002085 -c "Maximum fragment length is 2048" \
2086 -s "Maximum fragment length is 2048" \
Manuel Pégourié-Gonnard37e08e12014-10-13 17:55:52 +02002087 -c "client hello, adding max_fragment_length extension" \
2088 -s "found max fragment length extension" \
2089 -s "server hello, max_fragment_length extension" \
2090 -c "found max_fragment_length extension" \
2091 -c "2048 bytes written in 1 fragments" \
2092 -s "2048 bytes read"
2093
Yuto Takano0807e1d2021-07-02 10:10:49 +01002094requires_max_content_len 2048
Hanno Becker4aed27e2017-09-18 15:00:34 +01002095requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Manuel Pégourié-Gonnard37e08e12014-10-13 17:55:52 +02002096run_test "Max fragment length: client, larger message" \
2097 "$P_SRV debug_level=3" \
2098 "$P_CLI debug_level=3 max_frag_len=2048 request_size=2345" \
2099 0 \
Manuel Pégourié-Gonnarda2cda6b2015-08-31 18:30:52 +02002100 -c "Maximum fragment length is 2048" \
2101 -s "Maximum fragment length is 2048" \
Manuel Pégourié-Gonnard37e08e12014-10-13 17:55:52 +02002102 -c "client hello, adding max_fragment_length extension" \
2103 -s "found max fragment length extension" \
2104 -s "server hello, max_fragment_length extension" \
2105 -c "found max_fragment_length extension" \
2106 -c "2345 bytes written in 2 fragments" \
2107 -s "2048 bytes read" \
2108 -s "297 bytes read"
2109
Yuto Takano0807e1d2021-07-02 10:10:49 +01002110requires_max_content_len 2048
Hanno Becker4aed27e2017-09-18 15:00:34 +01002111requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Manuel Pégourié-Gonnard23eb74d2015-01-21 14:37:13 +00002112run_test "Max fragment length: DTLS client, larger message" \
Manuel Pégourié-Gonnard37e08e12014-10-13 17:55:52 +02002113 "$P_SRV debug_level=3 dtls=1" \
2114 "$P_CLI debug_level=3 dtls=1 max_frag_len=2048 request_size=2345" \
2115 1 \
Manuel Pégourié-Gonnarda2cda6b2015-08-31 18:30:52 +02002116 -c "Maximum fragment length is 2048" \
2117 -s "Maximum fragment length is 2048" \
Manuel Pégourié-Gonnard37e08e12014-10-13 17:55:52 +02002118 -c "client hello, adding max_fragment_length extension" \
2119 -s "found max fragment length extension" \
2120 -s "server hello, max_fragment_length extension" \
2121 -c "found max_fragment_length extension" \
2122 -c "fragment larger than.*maximum"
2123
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01002124# Tests for renegotiation
2125
Hanno Becker6a243642017-10-12 15:18:45 +01002126# Renegotiation SCSV always added, regardless of SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002127run_test "Renegotiation: none, for reference" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01002128 "$P_SRV debug_level=3 exchanges=2 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002129 "$P_CLI debug_level=3 exchanges=2" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01002130 0 \
2131 -C "client hello, adding renegotiation extension" \
2132 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
2133 -S "found renegotiation extension" \
2134 -s "server hello, secure renegotiation extension" \
2135 -c "found renegotiation extension" \
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +01002136 -C "=> renegotiate" \
2137 -S "=> renegotiate" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01002138 -S "write hello request"
2139
Hanno Becker6a243642017-10-12 15:18:45 +01002140requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002141run_test "Renegotiation: client-initiated" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01002142 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002143 "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01002144 0 \
2145 -c "client hello, adding renegotiation extension" \
2146 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
2147 -s "found renegotiation extension" \
2148 -s "server hello, secure renegotiation extension" \
2149 -c "found renegotiation extension" \
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +01002150 -c "=> renegotiate" \
2151 -s "=> renegotiate" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01002152 -S "write hello request"
2153
Hanno Becker6a243642017-10-12 15:18:45 +01002154requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002155run_test "Renegotiation: server-initiated" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01002156 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002157 "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01002158 0 \
2159 -c "client hello, adding renegotiation extension" \
2160 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
2161 -s "found renegotiation extension" \
2162 -s "server hello, secure renegotiation extension" \
2163 -c "found renegotiation extension" \
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +01002164 -c "=> renegotiate" \
2165 -s "=> renegotiate" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01002166 -s "write hello request"
2167
Janos Follathb0f148c2017-10-05 12:29:42 +01002168# Checks that no Signature Algorithm with SHA-1 gets negotiated. Negotiating SHA-1 would mean that
2169# the server did not parse the Signature Algorithm extension. This test is valid only if an MD
2170# algorithm stronger than SHA-1 is enabled in config.h
Hanno Becker6a243642017-10-12 15:18:45 +01002171requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Janos Follathb0f148c2017-10-05 12:29:42 +01002172run_test "Renegotiation: Signature Algorithms parsing, client-initiated" \
2173 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional" \
2174 "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \
2175 0 \
2176 -c "client hello, adding renegotiation extension" \
2177 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
2178 -s "found renegotiation extension" \
2179 -s "server hello, secure renegotiation extension" \
2180 -c "found renegotiation extension" \
2181 -c "=> renegotiate" \
2182 -s "=> renegotiate" \
2183 -S "write hello request" \
2184 -S "client hello v3, signature_algorithm ext: 2" # Is SHA-1 negotiated?
2185
2186# Checks that no Signature Algorithm with SHA-1 gets negotiated. Negotiating SHA-1 would mean that
2187# the server did not parse the Signature Algorithm extension. This test is valid only if an MD
2188# algorithm stronger than SHA-1 is enabled in config.h
Hanno Becker6a243642017-10-12 15:18:45 +01002189requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Janos Follathb0f148c2017-10-05 12:29:42 +01002190run_test "Renegotiation: Signature Algorithms parsing, server-initiated" \
2191 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1" \
2192 "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \
2193 0 \
2194 -c "client hello, adding renegotiation extension" \
2195 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
2196 -s "found renegotiation extension" \
2197 -s "server hello, secure renegotiation extension" \
2198 -c "found renegotiation extension" \
2199 -c "=> renegotiate" \
2200 -s "=> renegotiate" \
2201 -s "write hello request" \
2202 -S "client hello v3, signature_algorithm ext: 2" # Is SHA-1 negotiated?
2203
Hanno Becker6a243642017-10-12 15:18:45 +01002204requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002205run_test "Renegotiation: double" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01002206 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 auth_mode=optional renegotiate=1" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002207 "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01002208 0 \
2209 -c "client hello, adding renegotiation extension" \
2210 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
2211 -s "found renegotiation extension" \
2212 -s "server hello, secure renegotiation extension" \
2213 -c "found renegotiation extension" \
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +01002214 -c "=> renegotiate" \
2215 -s "=> renegotiate" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01002216 -s "write hello request"
2217
Hanno Becker6a243642017-10-12 15:18:45 +01002218requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002219run_test "Renegotiation: client-initiated, server-rejected" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01002220 "$P_SRV debug_level=3 exchanges=2 renegotiation=0 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002221 "$P_CLI debug_level=3 exchanges=2 renegotiation=1 renegotiate=1" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01002222 1 \
2223 -c "client hello, adding renegotiation extension" \
2224 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
2225 -S "found renegotiation extension" \
2226 -s "server hello, secure renegotiation extension" \
2227 -c "found renegotiation extension" \
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +01002228 -c "=> renegotiate" \
2229 -S "=> renegotiate" \
Manuel Pégourié-Gonnardfae355e2014-07-04 14:32:27 +02002230 -S "write hello request" \
Manuel Pégourié-Gonnard65919622014-08-19 12:50:30 +02002231 -c "SSL - Unexpected message at ServerHello in renegotiation" \
Manuel Pégourié-Gonnardfae355e2014-07-04 14:32:27 +02002232 -c "failed"
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01002233
Hanno Becker6a243642017-10-12 15:18:45 +01002234requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002235run_test "Renegotiation: server-initiated, client-rejected, default" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01002236 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002237 "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01002238 0 \
2239 -C "client hello, adding renegotiation extension" \
2240 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
2241 -S "found renegotiation extension" \
2242 -s "server hello, secure renegotiation extension" \
2243 -c "found renegotiation extension" \
Manuel Pégourié-Gonnardc73339f2014-02-26 16:35:27 +01002244 -C "=> renegotiate" \
2245 -S "=> renegotiate" \
Manuel Pégourié-Gonnard780d6712014-02-20 17:19:59 +01002246 -s "write hello request" \
Manuel Pégourié-Gonnarda9964db2014-07-03 19:29:16 +02002247 -S "SSL - An unexpected message was received from our peer" \
2248 -S "failed"
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +01002249
Hanno Becker6a243642017-10-12 15:18:45 +01002250requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002251run_test "Renegotiation: server-initiated, client-rejected, not enforced" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002252 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01002253 renego_delay=-1 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002254 "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \
Manuel Pégourié-Gonnardfae355e2014-07-04 14:32:27 +02002255 0 \
2256 -C "client hello, adding renegotiation extension" \
2257 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
2258 -S "found renegotiation extension" \
2259 -s "server hello, secure renegotiation extension" \
2260 -c "found renegotiation extension" \
2261 -C "=> renegotiate" \
2262 -S "=> renegotiate" \
2263 -s "write hello request" \
2264 -S "SSL - An unexpected message was received from our peer" \
2265 -S "failed"
2266
Manuel Pégourié-Gonnarda8c0a0d2014-08-15 12:07:38 +02002267# delay 2 for 1 alert record + 1 application data record
Hanno Becker6a243642017-10-12 15:18:45 +01002268requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002269run_test "Renegotiation: server-initiated, client-rejected, delay 2" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002270 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01002271 renego_delay=2 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002272 "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \
Manuel Pégourié-Gonnardfae355e2014-07-04 14:32:27 +02002273 0 \
2274 -C "client hello, adding renegotiation extension" \
2275 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
2276 -S "found renegotiation extension" \
2277 -s "server hello, secure renegotiation extension" \
2278 -c "found renegotiation extension" \
2279 -C "=> renegotiate" \
2280 -S "=> renegotiate" \
2281 -s "write hello request" \
2282 -S "SSL - An unexpected message was received from our peer" \
2283 -S "failed"
2284
Hanno Becker6a243642017-10-12 15:18:45 +01002285requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002286run_test "Renegotiation: server-initiated, client-rejected, delay 0" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002287 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01002288 renego_delay=0 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002289 "$P_CLI debug_level=3 exchanges=2 renegotiation=0" \
Manuel Pégourié-Gonnardfae355e2014-07-04 14:32:27 +02002290 0 \
2291 -C "client hello, adding renegotiation extension" \
2292 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
2293 -S "found renegotiation extension" \
2294 -s "server hello, secure renegotiation extension" \
2295 -c "found renegotiation extension" \
2296 -C "=> renegotiate" \
2297 -S "=> renegotiate" \
2298 -s "write hello request" \
Manuel Pégourié-Gonnarda8c0a0d2014-08-15 12:07:38 +02002299 -s "SSL - An unexpected message was received from our peer"
Manuel Pégourié-Gonnardfae355e2014-07-04 14:32:27 +02002300
Hanno Becker6a243642017-10-12 15:18:45 +01002301requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002302run_test "Renegotiation: server-initiated, client-accepted, delay 0" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002303 "$P_SRV debug_level=3 exchanges=2 renegotiation=1 renegotiate=1 \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01002304 renego_delay=0 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002305 "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \
Manuel Pégourié-Gonnardfae355e2014-07-04 14:32:27 +02002306 0 \
2307 -c "client hello, adding renegotiation extension" \
2308 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
2309 -s "found renegotiation extension" \
2310 -s "server hello, secure renegotiation extension" \
2311 -c "found renegotiation extension" \
2312 -c "=> renegotiate" \
2313 -s "=> renegotiate" \
2314 -s "write hello request" \
2315 -S "SSL - An unexpected message was received from our peer" \
2316 -S "failed"
2317
Hanno Becker6a243642017-10-12 15:18:45 +01002318requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard590f4162014-11-05 14:23:03 +01002319run_test "Renegotiation: periodic, just below period" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01002320 "$P_SRV debug_level=3 exchanges=9 renegotiation=1 renego_period=3 auth_mode=optional" \
Manuel Pégourié-Gonnard590f4162014-11-05 14:23:03 +01002321 "$P_CLI debug_level=3 exchanges=2 renegotiation=1" \
2322 0 \
2323 -C "client hello, adding renegotiation extension" \
2324 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
2325 -S "found renegotiation extension" \
2326 -s "server hello, secure renegotiation extension" \
2327 -c "found renegotiation extension" \
2328 -S "record counter limit reached: renegotiate" \
2329 -C "=> renegotiate" \
2330 -S "=> renegotiate" \
2331 -S "write hello request" \
2332 -S "SSL - An unexpected message was received from our peer" \
2333 -S "failed"
2334
Manuel Pégourié-Gonnard9835bc02015-01-14 14:41:58 +01002335# one extra exchange to be able to complete renego
Hanno Becker6a243642017-10-12 15:18:45 +01002336requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard590f4162014-11-05 14:23:03 +01002337run_test "Renegotiation: periodic, just above period" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01002338 "$P_SRV debug_level=3 exchanges=9 renegotiation=1 renego_period=3 auth_mode=optional" \
Manuel Pégourié-Gonnard9835bc02015-01-14 14:41:58 +01002339 "$P_CLI debug_level=3 exchanges=4 renegotiation=1" \
Manuel Pégourié-Gonnard590f4162014-11-05 14:23:03 +01002340 0 \
2341 -c "client hello, adding renegotiation extension" \
2342 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
2343 -s "found renegotiation extension" \
2344 -s "server hello, secure renegotiation extension" \
2345 -c "found renegotiation extension" \
2346 -s "record counter limit reached: renegotiate" \
2347 -c "=> renegotiate" \
2348 -s "=> renegotiate" \
2349 -s "write hello request" \
2350 -S "SSL - An unexpected message was received from our peer" \
2351 -S "failed"
2352
Hanno Becker6a243642017-10-12 15:18:45 +01002353requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard590f4162014-11-05 14:23:03 +01002354run_test "Renegotiation: periodic, two times period" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01002355 "$P_SRV debug_level=3 exchanges=9 renegotiation=1 renego_period=3 auth_mode=optional" \
Manuel Pégourié-Gonnard9835bc02015-01-14 14:41:58 +01002356 "$P_CLI debug_level=3 exchanges=7 renegotiation=1" \
Manuel Pégourié-Gonnard590f4162014-11-05 14:23:03 +01002357 0 \
2358 -c "client hello, adding renegotiation extension" \
2359 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
2360 -s "found renegotiation extension" \
2361 -s "server hello, secure renegotiation extension" \
2362 -c "found renegotiation extension" \
2363 -s "record counter limit reached: renegotiate" \
2364 -c "=> renegotiate" \
2365 -s "=> renegotiate" \
2366 -s "write hello request" \
2367 -S "SSL - An unexpected message was received from our peer" \
2368 -S "failed"
2369
Hanno Becker6a243642017-10-12 15:18:45 +01002370requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard590f4162014-11-05 14:23:03 +01002371run_test "Renegotiation: periodic, above period, disabled" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01002372 "$P_SRV debug_level=3 exchanges=9 renegotiation=0 renego_period=3 auth_mode=optional" \
Manuel Pégourié-Gonnard590f4162014-11-05 14:23:03 +01002373 "$P_CLI debug_level=3 exchanges=4 renegotiation=1" \
2374 0 \
2375 -C "client hello, adding renegotiation extension" \
2376 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
2377 -S "found renegotiation extension" \
2378 -s "server hello, secure renegotiation extension" \
2379 -c "found renegotiation extension" \
2380 -S "record counter limit reached: renegotiate" \
2381 -C "=> renegotiate" \
2382 -S "=> renegotiate" \
2383 -S "write hello request" \
2384 -S "SSL - An unexpected message was received from our peer" \
2385 -S "failed"
2386
Hanno Becker6a243642017-10-12 15:18:45 +01002387requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002388run_test "Renegotiation: nbio, client-initiated" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01002389 "$P_SRV debug_level=3 nbio=2 exchanges=2 renegotiation=1 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002390 "$P_CLI debug_level=3 nbio=2 exchanges=2 renegotiation=1 renegotiate=1" \
Manuel Pégourié-Gonnardf07f4212014-08-15 19:04:47 +02002391 0 \
2392 -c "client hello, adding renegotiation extension" \
2393 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
2394 -s "found renegotiation extension" \
2395 -s "server hello, secure renegotiation extension" \
2396 -c "found renegotiation extension" \
2397 -c "=> renegotiate" \
2398 -s "=> renegotiate" \
2399 -S "write hello request"
2400
Hanno Becker6a243642017-10-12 15:18:45 +01002401requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002402run_test "Renegotiation: nbio, server-initiated" \
Manuel Pégourié-Gonnardfa44f202015-03-27 17:52:25 +01002403 "$P_SRV debug_level=3 nbio=2 exchanges=2 renegotiation=1 renegotiate=1 auth_mode=optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002404 "$P_CLI debug_level=3 nbio=2 exchanges=2 renegotiation=1" \
Manuel Pégourié-Gonnardf07f4212014-08-15 19:04:47 +02002405 0 \
2406 -c "client hello, adding renegotiation extension" \
2407 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
2408 -s "found renegotiation extension" \
2409 -s "server hello, secure renegotiation extension" \
2410 -c "found renegotiation extension" \
2411 -c "=> renegotiate" \
2412 -s "=> renegotiate" \
2413 -s "write hello request"
2414
Hanno Becker6a243642017-10-12 15:18:45 +01002415requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002416run_test "Renegotiation: openssl server, client-initiated" \
Manuel Pégourié-Gonnarda7756172014-08-31 18:37:01 +02002417 "$O_SRV -www" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002418 "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \
Manuel Pégourié-Gonnard51362962014-08-30 21:22:47 +02002419 0 \
2420 -c "client hello, adding renegotiation extension" \
2421 -c "found renegotiation extension" \
2422 -c "=> renegotiate" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01002423 -C "ssl_hanshake() returned" \
Manuel Pégourié-Gonnard51362962014-08-30 21:22:47 +02002424 -C "error" \
2425 -c "HTTP/1.0 200 [Oo][Kk]"
2426
Paul Bakker539d9722015-02-08 16:18:35 +01002427requires_gnutls
Hanno Becker6a243642017-10-12 15:18:45 +01002428requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01002429run_test "Renegotiation: gnutls server strict, client-initiated" \
2430 "$G_SRV --priority=NORMAL:%SAFE_RENEGOTIATION" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002431 "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \
Manuel Pégourié-Gonnard51362962014-08-30 21:22:47 +02002432 0 \
2433 -c "client hello, adding renegotiation extension" \
2434 -c "found renegotiation extension" \
2435 -c "=> renegotiate" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01002436 -C "ssl_hanshake() returned" \
Manuel Pégourié-Gonnard51362962014-08-30 21:22:47 +02002437 -C "error" \
2438 -c "HTTP/1.0 200 [Oo][Kk]"
2439
Paul Bakker539d9722015-02-08 16:18:35 +01002440requires_gnutls
Hanno Becker6a243642017-10-12 15:18:45 +01002441requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01002442run_test "Renegotiation: gnutls server unsafe, client-initiated default" \
2443 "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \
2444 "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \
2445 1 \
2446 -c "client hello, adding renegotiation extension" \
2447 -C "found renegotiation extension" \
2448 -c "=> renegotiate" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002449 -c "mbedtls_ssl_handshake() returned" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01002450 -c "error" \
2451 -C "HTTP/1.0 200 [Oo][Kk]"
2452
Paul Bakker539d9722015-02-08 16:18:35 +01002453requires_gnutls
Hanno Becker6a243642017-10-12 15:18:45 +01002454requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01002455run_test "Renegotiation: gnutls server unsafe, client-inititated no legacy" \
2456 "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \
2457 "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1 \
2458 allow_legacy=0" \
2459 1 \
2460 -c "client hello, adding renegotiation extension" \
2461 -C "found renegotiation extension" \
2462 -c "=> renegotiate" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002463 -c "mbedtls_ssl_handshake() returned" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01002464 -c "error" \
2465 -C "HTTP/1.0 200 [Oo][Kk]"
2466
Paul Bakker539d9722015-02-08 16:18:35 +01002467requires_gnutls
Hanno Becker6a243642017-10-12 15:18:45 +01002468requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01002469run_test "Renegotiation: gnutls server unsafe, client-inititated legacy" \
2470 "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \
2471 "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1 \
2472 allow_legacy=1" \
2473 0 \
2474 -c "client hello, adding renegotiation extension" \
2475 -C "found renegotiation extension" \
2476 -c "=> renegotiate" \
2477 -C "ssl_hanshake() returned" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01002478 -C "error" \
2479 -c "HTTP/1.0 200 [Oo][Kk]"
2480
Hanno Becker6a243642017-10-12 15:18:45 +01002481requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard30d16eb2014-08-19 17:43:50 +02002482run_test "Renegotiation: DTLS, client-initiated" \
2483 "$P_SRV debug_level=3 dtls=1 exchanges=2 renegotiation=1" \
2484 "$P_CLI debug_level=3 dtls=1 exchanges=2 renegotiation=1 renegotiate=1" \
2485 0 \
2486 -c "client hello, adding renegotiation extension" \
2487 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
2488 -s "found renegotiation extension" \
2489 -s "server hello, secure renegotiation extension" \
2490 -c "found renegotiation extension" \
2491 -c "=> renegotiate" \
2492 -s "=> renegotiate" \
2493 -S "write hello request"
2494
Hanno Becker6a243642017-10-12 15:18:45 +01002495requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnardc392b242014-08-19 17:53:11 +02002496run_test "Renegotiation: DTLS, server-initiated" \
2497 "$P_SRV debug_level=3 dtls=1 exchanges=2 renegotiation=1 renegotiate=1" \
Manuel Pégourié-Gonnarddf9a0a82014-10-02 14:17:18 +02002498 "$P_CLI debug_level=3 dtls=1 exchanges=2 renegotiation=1 \
2499 read_timeout=1000 max_resend=2" \
Manuel Pégourié-Gonnardc392b242014-08-19 17:53:11 +02002500 0 \
2501 -c "client hello, adding renegotiation extension" \
2502 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
2503 -s "found renegotiation extension" \
2504 -s "server hello, secure renegotiation extension" \
2505 -c "found renegotiation extension" \
2506 -c "=> renegotiate" \
2507 -s "=> renegotiate" \
2508 -s "write hello request"
2509
Hanno Becker6a243642017-10-12 15:18:45 +01002510requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Andres AG692ad842017-01-19 16:30:57 +00002511run_test "Renegotiation: DTLS, renego_period overflow" \
2512 "$P_SRV debug_level=3 dtls=1 exchanges=4 renegotiation=1 renego_period=18446462598732840962 auth_mode=optional" \
2513 "$P_CLI debug_level=3 dtls=1 exchanges=4 renegotiation=1" \
2514 0 \
2515 -c "client hello, adding renegotiation extension" \
2516 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
2517 -s "found renegotiation extension" \
2518 -s "server hello, secure renegotiation extension" \
2519 -s "record counter limit reached: renegotiate" \
2520 -c "=> renegotiate" \
2521 -s "=> renegotiate" \
Hanno Becker6a243642017-10-12 15:18:45 +01002522 -s "write hello request"
Andres AG692ad842017-01-19 16:30:57 +00002523
Manuel Pégourié-Gonnard96999962015-02-17 16:02:37 +00002524requires_gnutls
Hanno Becker6a243642017-10-12 15:18:45 +01002525requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnardf1499f62014-08-31 17:13:13 +02002526run_test "Renegotiation: DTLS, gnutls server, client-initiated" \
2527 "$G_SRV -u --mtu 4096" \
2528 "$P_CLI debug_level=3 dtls=1 exchanges=1 renegotiation=1 renegotiate=1" \
2529 0 \
2530 -c "client hello, adding renegotiation extension" \
2531 -c "found renegotiation extension" \
2532 -c "=> renegotiate" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002533 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnardf1499f62014-08-31 17:13:13 +02002534 -C "error" \
2535 -s "Extra-header:"
2536
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01002537# Test for the "secure renegotation" extension only (no actual renegotiation)
2538
Paul Bakker539d9722015-02-08 16:18:35 +01002539requires_gnutls
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01002540run_test "Renego ext: gnutls server strict, client default" \
2541 "$G_SRV --priority=NORMAL:%SAFE_RENEGOTIATION" \
2542 "$P_CLI debug_level=3" \
2543 0 \
2544 -c "found renegotiation extension" \
2545 -C "error" \
2546 -c "HTTP/1.0 200 [Oo][Kk]"
2547
Paul Bakker539d9722015-02-08 16:18:35 +01002548requires_gnutls
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01002549run_test "Renego ext: gnutls server unsafe, client default" \
2550 "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \
2551 "$P_CLI debug_level=3" \
2552 0 \
2553 -C "found renegotiation extension" \
2554 -C "error" \
2555 -c "HTTP/1.0 200 [Oo][Kk]"
2556
Paul Bakker539d9722015-02-08 16:18:35 +01002557requires_gnutls
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01002558run_test "Renego ext: gnutls server unsafe, client break legacy" \
2559 "$G_SRV --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION" \
2560 "$P_CLI debug_level=3 allow_legacy=-1" \
2561 1 \
2562 -C "found renegotiation extension" \
2563 -c "error" \
2564 -C "HTTP/1.0 200 [Oo][Kk]"
2565
Paul Bakker539d9722015-02-08 16:18:35 +01002566requires_gnutls
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01002567run_test "Renego ext: gnutls client strict, server default" \
2568 "$P_SRV debug_level=3" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02002569 "$G_CLI --priority=NORMAL:%SAFE_RENEGOTIATION localhost" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01002570 0 \
2571 -s "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \
2572 -s "server hello, secure renegotiation extension"
2573
Paul Bakker539d9722015-02-08 16:18:35 +01002574requires_gnutls
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01002575run_test "Renego ext: gnutls client unsafe, server default" \
2576 "$P_SRV debug_level=3" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02002577 "$G_CLI --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION localhost" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01002578 0 \
2579 -S "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \
2580 -S "server hello, secure renegotiation extension"
2581
Paul Bakker539d9722015-02-08 16:18:35 +01002582requires_gnutls
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01002583run_test "Renego ext: gnutls client unsafe, server break legacy" \
2584 "$P_SRV debug_level=3 allow_legacy=-1" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02002585 "$G_CLI --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION localhost" \
Manuel Pégourié-Gonnard85d915b2014-11-03 20:10:36 +01002586 1 \
2587 -S "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \
2588 -S "server hello, secure renegotiation extension"
2589
Janos Follath0b242342016-02-17 10:11:21 +00002590# Tests for silently dropping trailing extra bytes in .der certificates
2591
2592requires_gnutls
2593run_test "DER format: no trailing bytes" \
2594 "$P_SRV crt_file=data_files/server5-der0.crt \
2595 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02002596 "$G_CLI localhost" \
Janos Follath0b242342016-02-17 10:11:21 +00002597 0 \
2598 -c "Handshake was completed" \
2599
2600requires_gnutls
2601run_test "DER format: with a trailing zero byte" \
2602 "$P_SRV crt_file=data_files/server5-der1a.crt \
2603 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02002604 "$G_CLI localhost" \
Janos Follath0b242342016-02-17 10:11:21 +00002605 0 \
2606 -c "Handshake was completed" \
2607
2608requires_gnutls
2609run_test "DER format: with a trailing random byte" \
2610 "$P_SRV crt_file=data_files/server5-der1b.crt \
2611 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02002612 "$G_CLI localhost" \
Janos Follath0b242342016-02-17 10:11:21 +00002613 0 \
2614 -c "Handshake was completed" \
2615
2616requires_gnutls
2617run_test "DER format: with 2 trailing random bytes" \
2618 "$P_SRV crt_file=data_files/server5-der2.crt \
2619 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02002620 "$G_CLI localhost" \
Janos Follath0b242342016-02-17 10:11:21 +00002621 0 \
2622 -c "Handshake was completed" \
2623
2624requires_gnutls
2625run_test "DER format: with 4 trailing random bytes" \
2626 "$P_SRV crt_file=data_files/server5-der4.crt \
2627 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02002628 "$G_CLI localhost" \
Janos Follath0b242342016-02-17 10:11:21 +00002629 0 \
2630 -c "Handshake was completed" \
2631
2632requires_gnutls
2633run_test "DER format: with 8 trailing random bytes" \
2634 "$P_SRV crt_file=data_files/server5-der8.crt \
2635 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02002636 "$G_CLI localhost" \
Janos Follath0b242342016-02-17 10:11:21 +00002637 0 \
2638 -c "Handshake was completed" \
2639
2640requires_gnutls
2641run_test "DER format: with 9 trailing random bytes" \
2642 "$P_SRV crt_file=data_files/server5-der9.crt \
2643 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02002644 "$G_CLI localhost" \
Janos Follath0b242342016-02-17 10:11:21 +00002645 0 \
2646 -c "Handshake was completed" \
2647
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01002648# Tests for auth_mode
2649
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002650run_test "Authentication: server badcert, client required" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01002651 "$P_SRV crt_file=data_files/server5-badsign.crt \
2652 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002653 "$P_CLI debug_level=1 auth_mode=required" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01002654 1 \
2655 -c "x509_verify_cert() returned" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01002656 -c "! The certificate is not correctly signed by the trusted CA" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002657 -c "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01002658 -c "X509 - Certificate verification failed"
2659
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002660run_test "Authentication: server badcert, client optional" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01002661 "$P_SRV crt_file=data_files/server5-badsign.crt \
2662 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002663 "$P_CLI debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01002664 0 \
2665 -c "x509_verify_cert() returned" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01002666 -c "! The certificate is not correctly signed by the trusted CA" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002667 -C "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01002668 -C "X509 - Certificate verification failed"
2669
Hanno Beckere6706e62017-05-15 16:05:15 +01002670run_test "Authentication: server goodcert, client optional, no trusted CA" \
2671 "$P_SRV" \
2672 "$P_CLI debug_level=3 auth_mode=optional ca_file=none ca_path=none" \
2673 0 \
2674 -c "x509_verify_cert() returned" \
2675 -c "! The certificate is not correctly signed by the trusted CA" \
2676 -c "! Certificate verification flags"\
2677 -C "! mbedtls_ssl_handshake returned" \
2678 -C "X509 - Certificate verification failed" \
2679 -C "SSL - No CA Chain is set, but required to operate"
2680
2681run_test "Authentication: server goodcert, client required, no trusted CA" \
2682 "$P_SRV" \
2683 "$P_CLI debug_level=3 auth_mode=required ca_file=none ca_path=none" \
2684 1 \
2685 -c "x509_verify_cert() returned" \
2686 -c "! The certificate is not correctly signed by the trusted CA" \
2687 -c "! Certificate verification flags"\
2688 -c "! mbedtls_ssl_handshake returned" \
2689 -c "SSL - No CA Chain is set, but required to operate"
2690
2691# The purpose of the next two tests is to test the client's behaviour when receiving a server
2692# certificate with an unsupported elliptic curve. This should usually not happen because
2693# the client informs the server about the supported curves - it does, though, in the
2694# corner case of a static ECDH suite, because the server doesn't check the curve on that
2695# occasion (to be fixed). If that bug's fixed, the test needs to be altered to use a
2696# different means to have the server ignoring the client's supported curve list.
2697
2698requires_config_enabled MBEDTLS_ECP_C
2699run_test "Authentication: server ECDH p256v1, client required, p256v1 unsupported" \
2700 "$P_SRV debug_level=1 key_file=data_files/server5.key \
2701 crt_file=data_files/server5.ku-ka.crt" \
2702 "$P_CLI debug_level=3 auth_mode=required curves=secp521r1" \
2703 1 \
2704 -c "bad certificate (EC key curve)"\
2705 -c "! Certificate verification flags"\
2706 -C "bad server certificate (ECDH curve)" # Expect failure at earlier verification stage
2707
2708requires_config_enabled MBEDTLS_ECP_C
2709run_test "Authentication: server ECDH p256v1, client optional, p256v1 unsupported" \
2710 "$P_SRV debug_level=1 key_file=data_files/server5.key \
2711 crt_file=data_files/server5.ku-ka.crt" \
2712 "$P_CLI debug_level=3 auth_mode=optional curves=secp521r1" \
2713 1 \
2714 -c "bad certificate (EC key curve)"\
2715 -c "! Certificate verification flags"\
2716 -c "bad server certificate (ECDH curve)" # Expect failure only at ECDH params check
2717
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002718run_test "Authentication: server badcert, client none" \
Manuel Pégourié-Gonnardc1da6642014-02-25 14:18:30 +01002719 "$P_SRV crt_file=data_files/server5-badsign.crt \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01002720 key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002721 "$P_CLI debug_level=1 auth_mode=none" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01002722 0 \
2723 -C "x509_verify_cert() returned" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01002724 -C "! The certificate is not correctly signed by the trusted CA" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002725 -C "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01002726 -C "X509 - Certificate verification failed"
2727
Simon Butcher99000142016-10-13 17:21:01 +01002728run_test "Authentication: client SHA256, server required" \
2729 "$P_SRV auth_mode=required" \
2730 "$P_CLI debug_level=3 crt_file=data_files/server6.crt \
2731 key_file=data_files/server6.key \
2732 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \
2733 0 \
2734 -c "Supported Signature Algorithm found: 4," \
2735 -c "Supported Signature Algorithm found: 5,"
2736
2737run_test "Authentication: client SHA384, server required" \
2738 "$P_SRV auth_mode=required" \
2739 "$P_CLI debug_level=3 crt_file=data_files/server6.crt \
2740 key_file=data_files/server6.key \
2741 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
2742 0 \
2743 -c "Supported Signature Algorithm found: 4," \
2744 -c "Supported Signature Algorithm found: 5,"
2745
Gilles Peskinefd8332e2017-05-03 16:25:07 +02002746requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
2747run_test "Authentication: client has no cert, server required (SSLv3)" \
2748 "$P_SRV debug_level=3 min_version=ssl3 auth_mode=required" \
2749 "$P_CLI debug_level=3 force_version=ssl3 crt_file=none \
2750 key_file=data_files/server5.key" \
2751 1 \
2752 -S "skip write certificate request" \
2753 -C "skip parse certificate request" \
2754 -c "got a certificate request" \
2755 -c "got no certificate to send" \
2756 -S "x509_verify_cert() returned" \
2757 -s "client has no certificate" \
2758 -s "! mbedtls_ssl_handshake returned" \
2759 -c "! mbedtls_ssl_handshake returned" \
2760 -s "No client certification received from the client, but required by the authentication mode"
2761
2762run_test "Authentication: client has no cert, server required (TLS)" \
2763 "$P_SRV debug_level=3 auth_mode=required" \
2764 "$P_CLI debug_level=3 crt_file=none \
2765 key_file=data_files/server5.key" \
2766 1 \
2767 -S "skip write certificate request" \
2768 -C "skip parse certificate request" \
2769 -c "got a certificate request" \
2770 -c "= write certificate$" \
2771 -C "skip write certificate$" \
2772 -S "x509_verify_cert() returned" \
2773 -s "client has no certificate" \
2774 -s "! mbedtls_ssl_handshake returned" \
2775 -c "! mbedtls_ssl_handshake returned" \
2776 -s "No client certification received from the client, but required by the authentication mode"
2777
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002778run_test "Authentication: client badcert, server required" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002779 "$P_SRV debug_level=3 auth_mode=required" \
2780 "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01002781 key_file=data_files/server5.key" \
2782 1 \
2783 -S "skip write certificate request" \
2784 -C "skip parse certificate request" \
2785 -c "got a certificate request" \
2786 -C "skip write certificate" \
2787 -C "skip write certificate verify" \
2788 -S "skip parse certificate verify" \
2789 -s "x509_verify_cert() returned" \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02002790 -s "! The certificate is not correctly signed by the trusted CA" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002791 -s "! mbedtls_ssl_handshake returned" \
Gilles Peskine1cc8e342017-05-03 16:28:34 +02002792 -s "send alert level=2 message=48" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002793 -c "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01002794 -s "X509 - Certificate verification failed"
Gilles Peskine1cc8e342017-05-03 16:28:34 +02002795# We don't check that the client receives the alert because it might
2796# detect that its write end of the connection is closed and abort
2797# before reading the alert message.
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01002798
Janos Follath89baba22017-04-10 14:34:35 +01002799run_test "Authentication: client cert not trusted, server required" \
2800 "$P_SRV debug_level=3 auth_mode=required" \
2801 "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \
2802 key_file=data_files/server5.key" \
2803 1 \
2804 -S "skip write certificate request" \
2805 -C "skip parse certificate request" \
2806 -c "got a certificate request" \
2807 -C "skip write certificate" \
2808 -C "skip write certificate verify" \
2809 -S "skip parse certificate verify" \
2810 -s "x509_verify_cert() returned" \
2811 -s "! The certificate is not correctly signed by the trusted CA" \
2812 -s "! mbedtls_ssl_handshake returned" \
2813 -c "! mbedtls_ssl_handshake returned" \
2814 -s "X509 - Certificate verification failed"
2815
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002816run_test "Authentication: client badcert, server optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002817 "$P_SRV debug_level=3 auth_mode=optional" \
2818 "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01002819 key_file=data_files/server5.key" \
2820 0 \
2821 -S "skip write certificate request" \
2822 -C "skip parse certificate request" \
2823 -c "got a certificate request" \
2824 -C "skip write certificate" \
2825 -C "skip write certificate verify" \
2826 -S "skip parse certificate verify" \
2827 -s "x509_verify_cert() returned" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01002828 -s "! The certificate is not correctly signed by the trusted CA" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002829 -S "! mbedtls_ssl_handshake returned" \
2830 -C "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01002831 -S "X509 - Certificate verification failed"
2832
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002833run_test "Authentication: client badcert, server none" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002834 "$P_SRV debug_level=3 auth_mode=none" \
2835 "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01002836 key_file=data_files/server5.key" \
2837 0 \
2838 -s "skip write certificate request" \
2839 -C "skip parse certificate request" \
2840 -c "got no certificate request" \
2841 -c "skip write certificate" \
2842 -c "skip write certificate verify" \
2843 -s "skip parse certificate verify" \
2844 -S "x509_verify_cert() returned" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01002845 -S "! The certificate is not correctly signed by the trusted CA" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002846 -S "! mbedtls_ssl_handshake returned" \
2847 -C "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01002848 -S "X509 - Certificate verification failed"
2849
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002850run_test "Authentication: client no cert, server optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002851 "$P_SRV debug_level=3 auth_mode=optional" \
2852 "$P_CLI debug_level=3 crt_file=none key_file=none" \
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01002853 0 \
2854 -S "skip write certificate request" \
2855 -C "skip parse certificate request" \
2856 -c "got a certificate request" \
2857 -C "skip write certificate$" \
2858 -C "got no certificate to send" \
2859 -S "SSLv3 client has no certificate" \
2860 -c "skip write certificate verify" \
2861 -s "skip parse certificate verify" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01002862 -s "! Certificate was missing" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002863 -S "! mbedtls_ssl_handshake returned" \
2864 -C "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01002865 -S "X509 - Certificate verification failed"
2866
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002867run_test "Authentication: openssl client no cert, server optional" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002868 "$P_SRV debug_level=3 auth_mode=optional" \
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01002869 "$O_CLI" \
2870 0 \
2871 -S "skip write certificate request" \
2872 -s "skip parse certificate verify" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01002873 -s "! Certificate was missing" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002874 -S "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01002875 -S "X509 - Certificate verification failed"
2876
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002877run_test "Authentication: client no cert, openssl server optional" \
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01002878 "$O_SRV -verify 10" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002879 "$P_CLI debug_level=3 crt_file=none key_file=none" \
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01002880 0 \
2881 -C "skip parse certificate request" \
2882 -c "got a certificate request" \
2883 -C "skip write certificate$" \
2884 -c "skip write certificate verify" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002885 -C "! mbedtls_ssl_handshake returned"
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01002886
Gilles Peskinefd8332e2017-05-03 16:25:07 +02002887run_test "Authentication: client no cert, openssl server required" \
2888 "$O_SRV -Verify 10" \
2889 "$P_CLI debug_level=3 crt_file=none key_file=none" \
2890 1 \
2891 -C "skip parse certificate request" \
2892 -c "got a certificate request" \
2893 -C "skip write certificate$" \
2894 -c "skip write certificate verify" \
2895 -c "! mbedtls_ssl_handshake returned"
2896
Janos Follathe2681a42016-03-07 15:57:05 +00002897requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02002898run_test "Authentication: client no cert, ssl3" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02002899 "$P_SRV debug_level=3 auth_mode=optional force_version=ssl3" \
Manuel Pégourié-Gonnard448ea502015-01-12 11:40:14 +01002900 "$P_CLI debug_level=3 crt_file=none key_file=none min_version=ssl3" \
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01002901 0 \
2902 -S "skip write certificate request" \
2903 -C "skip parse certificate request" \
2904 -c "got a certificate request" \
2905 -C "skip write certificate$" \
2906 -c "skip write certificate verify" \
2907 -c "got no certificate to send" \
2908 -s "SSLv3 client has no certificate" \
2909 -s "skip parse certificate verify" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01002910 -s "! Certificate was missing" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02002911 -S "! mbedtls_ssl_handshake returned" \
2912 -C "! mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnardde515cc2014-02-27 14:58:26 +01002913 -S "X509 - Certificate verification failed"
2914
Yuto Takano8df2d252021-07-02 13:05:15 +01002915# This script assumes that MBEDTLS_X509_MAX_INTERMEDIATE_CA has its default
2916# value, defined here as MAX_IM_CA. Some test cases will be skipped if the
2917# library is configured with a different value.
Hanno Beckera6bca9f2017-07-26 13:35:11 +01002918
Simon Butcherbcfa6f42017-07-28 15:59:35 +01002919MAX_IM_CA='8'
Hanno Beckera6bca9f2017-07-26 13:35:11 +01002920
Yuto Takano8df2d252021-07-02 13:05:15 +01002921# The tests for the max_int tests can pass with any number higher than MAX_IM_CA
2922# because only a chain of MAX_IM_CA length is tested. Equally, the max_int+1
2923# tests can pass with any number less than MAX_IM_CA. However, stricter preconditions
2924# are in place so that the semantics are consistent with the test description.
Yuto Takanobc632c22021-07-02 13:10:41 +01002925requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
Angus Grattonc4dd0732018-04-11 16:28:39 +10002926requires_full_size_output_buffer
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02002927run_test "Authentication: server max_int chain, client default" \
2928 "$P_SRV crt_file=data_files/dir-maxpath/c09.pem \
2929 key_file=data_files/dir-maxpath/09.key" \
2930 "$P_CLI server_name=CA09 ca_file=data_files/dir-maxpath/00.crt" \
2931 0 \
Antonin Décimod5f47592019-01-23 15:24:37 +01002932 -C "X509 - A fatal error occurred"
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02002933
Yuto Takanobc632c22021-07-02 13:10:41 +01002934requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
Angus Grattonc4dd0732018-04-11 16:28:39 +10002935requires_full_size_output_buffer
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02002936run_test "Authentication: server max_int+1 chain, client default" \
2937 "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
2938 key_file=data_files/dir-maxpath/10.key" \
2939 "$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt" \
2940 1 \
Antonin Décimod5f47592019-01-23 15:24:37 +01002941 -c "X509 - A fatal error occurred"
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02002942
Yuto Takanobc632c22021-07-02 13:10:41 +01002943requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
Angus Grattonc4dd0732018-04-11 16:28:39 +10002944requires_full_size_output_buffer
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02002945run_test "Authentication: server max_int+1 chain, client optional" \
2946 "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
2947 key_file=data_files/dir-maxpath/10.key" \
2948 "$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \
2949 auth_mode=optional" \
2950 1 \
Antonin Décimod5f47592019-01-23 15:24:37 +01002951 -c "X509 - A fatal error occurred"
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02002952
Yuto Takanobc632c22021-07-02 13:10:41 +01002953requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
Angus Grattonc4dd0732018-04-11 16:28:39 +10002954requires_full_size_output_buffer
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02002955run_test "Authentication: server max_int+1 chain, client none" \
2956 "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
2957 key_file=data_files/dir-maxpath/10.key" \
2958 "$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \
2959 auth_mode=none" \
2960 0 \
Antonin Décimod5f47592019-01-23 15:24:37 +01002961 -C "X509 - A fatal error occurred"
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02002962
Yuto Takanobc632c22021-07-02 13:10:41 +01002963requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
Angus Grattonc4dd0732018-04-11 16:28:39 +10002964requires_full_size_output_buffer
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02002965run_test "Authentication: client max_int+1 chain, server default" \
2966 "$P_SRV ca_file=data_files/dir-maxpath/00.crt" \
2967 "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
2968 key_file=data_files/dir-maxpath/10.key" \
2969 0 \
Antonin Décimod5f47592019-01-23 15:24:37 +01002970 -S "X509 - A fatal error occurred"
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02002971
Yuto Takanobc632c22021-07-02 13:10:41 +01002972requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
Angus Grattonc4dd0732018-04-11 16:28:39 +10002973requires_full_size_output_buffer
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02002974run_test "Authentication: client max_int+1 chain, server optional" \
2975 "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=optional" \
2976 "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
2977 key_file=data_files/dir-maxpath/10.key" \
2978 1 \
Antonin Décimod5f47592019-01-23 15:24:37 +01002979 -s "X509 - A fatal error occurred"
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02002980
Yuto Takanobc632c22021-07-02 13:10:41 +01002981requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
Angus Grattonc4dd0732018-04-11 16:28:39 +10002982requires_full_size_output_buffer
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02002983run_test "Authentication: client max_int+1 chain, server required" \
2984 "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
2985 "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
2986 key_file=data_files/dir-maxpath/10.key" \
2987 1 \
Antonin Décimod5f47592019-01-23 15:24:37 +01002988 -s "X509 - A fatal error occurred"
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02002989
Yuto Takanobc632c22021-07-02 13:10:41 +01002990requires_config_value_equals "MBEDTLS_X509_MAX_INTERMEDIATE_CA" $MAX_IM_CA
Angus Grattonc4dd0732018-04-11 16:28:39 +10002991requires_full_size_output_buffer
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02002992run_test "Authentication: client max_int chain, server required" \
2993 "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
2994 "$P_CLI crt_file=data_files/dir-maxpath/c09.pem \
2995 key_file=data_files/dir-maxpath/09.key" \
2996 0 \
Antonin Décimod5f47592019-01-23 15:24:37 +01002997 -S "X509 - A fatal error occurred"
Manuel Pégourié-Gonnard81bb6b62017-06-26 10:45:33 +02002998
Janos Follath89baba22017-04-10 14:34:35 +01002999# Tests for CA list in CertificateRequest messages
3000
3001run_test "Authentication: send CA list in CertificateRequest (default)" \
3002 "$P_SRV debug_level=3 auth_mode=required" \
3003 "$P_CLI crt_file=data_files/server6.crt \
3004 key_file=data_files/server6.key" \
3005 0 \
3006 -s "requested DN"
3007
3008run_test "Authentication: do not send CA list in CertificateRequest" \
3009 "$P_SRV debug_level=3 auth_mode=required cert_req_ca_list=0" \
3010 "$P_CLI crt_file=data_files/server6.crt \
3011 key_file=data_files/server6.key" \
3012 0 \
3013 -S "requested DN"
3014
3015run_test "Authentication: send CA list in CertificateRequest, client self signed" \
3016 "$P_SRV debug_level=3 auth_mode=required cert_req_ca_list=0" \
3017 "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \
3018 key_file=data_files/server5.key" \
3019 1 \
3020 -S "requested DN" \
3021 -s "x509_verify_cert() returned" \
3022 -s "! The certificate is not correctly signed by the trusted CA" \
3023 -s "! mbedtls_ssl_handshake returned" \
3024 -c "! mbedtls_ssl_handshake returned" \
3025 -s "X509 - Certificate verification failed"
3026
Manuel Pégourié-Gonnarddf331a52015-01-08 16:43:07 +01003027# Tests for certificate selection based on SHA verson
3028
3029run_test "Certificate hash: client TLS 1.2 -> SHA-2" \
3030 "$P_SRV crt_file=data_files/server5.crt \
3031 key_file=data_files/server5.key \
3032 crt_file2=data_files/server5-sha1.crt \
3033 key_file2=data_files/server5.key" \
3034 "$P_CLI force_version=tls1_2" \
3035 0 \
3036 -c "signed using.*ECDSA with SHA256" \
3037 -C "signed using.*ECDSA with SHA1"
3038
3039run_test "Certificate hash: client TLS 1.1 -> SHA-1" \
3040 "$P_SRV crt_file=data_files/server5.crt \
3041 key_file=data_files/server5.key \
3042 crt_file2=data_files/server5-sha1.crt \
3043 key_file2=data_files/server5.key" \
3044 "$P_CLI force_version=tls1_1" \
3045 0 \
3046 -C "signed using.*ECDSA with SHA256" \
3047 -c "signed using.*ECDSA with SHA1"
3048
3049run_test "Certificate hash: client TLS 1.0 -> SHA-1" \
3050 "$P_SRV crt_file=data_files/server5.crt \
3051 key_file=data_files/server5.key \
3052 crt_file2=data_files/server5-sha1.crt \
3053 key_file2=data_files/server5.key" \
3054 "$P_CLI force_version=tls1" \
3055 0 \
3056 -C "signed using.*ECDSA with SHA256" \
3057 -c "signed using.*ECDSA with SHA1"
3058
3059run_test "Certificate hash: client TLS 1.1, no SHA-1 -> SHA-2 (order 1)" \
3060 "$P_SRV crt_file=data_files/server5.crt \
3061 key_file=data_files/server5.key \
3062 crt_file2=data_files/server6.crt \
3063 key_file2=data_files/server6.key" \
3064 "$P_CLI force_version=tls1_1" \
3065 0 \
3066 -c "serial number.*09" \
3067 -c "signed using.*ECDSA with SHA256" \
3068 -C "signed using.*ECDSA with SHA1"
3069
3070run_test "Certificate hash: client TLS 1.1, no SHA-1 -> SHA-2 (order 2)" \
3071 "$P_SRV crt_file=data_files/server6.crt \
3072 key_file=data_files/server6.key \
3073 crt_file2=data_files/server5.crt \
3074 key_file2=data_files/server5.key" \
3075 "$P_CLI force_version=tls1_1" \
3076 0 \
3077 -c "serial number.*0A" \
3078 -c "signed using.*ECDSA with SHA256" \
3079 -C "signed using.*ECDSA with SHA1"
3080
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01003081# tests for SNI
3082
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003083run_test "SNI: no SNI callback" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02003084 "$P_SRV debug_level=3 \
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01003085 crt_file=data_files/server5.crt key_file=data_files/server5.key" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02003086 "$P_CLI server_name=localhost" \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02003087 0 \
3088 -S "parse ServerName extension" \
3089 -c "issuer name *: C=NL, O=PolarSSL, CN=Polarssl Test EC CA" \
3090 -c "subject name *: C=NL, O=PolarSSL, CN=localhost"
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01003091
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003092run_test "SNI: matching cert 1" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02003093 "$P_SRV debug_level=3 \
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01003094 crt_file=data_files/server5.crt key_file=data_files/server5.key \
Manuel Pégourié-Gonnard4d6f1782015-06-19 14:40:39 +02003095 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02003096 "$P_CLI server_name=localhost" \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02003097 0 \
3098 -s "parse ServerName extension" \
3099 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
3100 -c "subject name *: C=NL, O=PolarSSL, CN=localhost"
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01003101
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003102run_test "SNI: matching cert 2" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02003103 "$P_SRV debug_level=3 \
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01003104 crt_file=data_files/server5.crt key_file=data_files/server5.key \
Manuel Pégourié-Gonnard4d6f1782015-06-19 14:40:39 +02003105 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02003106 "$P_CLI server_name=polarssl.example" \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02003107 0 \
3108 -s "parse ServerName extension" \
3109 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
3110 -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example"
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01003111
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003112run_test "SNI: no matching cert" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02003113 "$P_SRV debug_level=3 \
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01003114 crt_file=data_files/server5.crt key_file=data_files/server5.key \
Manuel Pégourié-Gonnard4d6f1782015-06-19 14:40:39 +02003115 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02003116 "$P_CLI server_name=nonesuch.example" \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02003117 1 \
3118 -s "parse ServerName extension" \
3119 -s "ssl_sni_wrapper() returned" \
3120 -s "mbedtls_ssl_handshake returned" \
3121 -c "mbedtls_ssl_handshake returned" \
3122 -c "SSL - A fatal alert message was received from our peer"
Manuel Pégourié-Gonnard96ea2f22014-02-25 12:26:29 +01003123
Manuel Pégourié-Gonnardc948a792015-06-22 16:04:20 +02003124run_test "SNI: client auth no override: optional" \
3125 "$P_SRV debug_level=3 auth_mode=optional \
3126 crt_file=data_files/server5.crt key_file=data_files/server5.key \
3127 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-" \
3128 "$P_CLI debug_level=3 server_name=localhost" \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02003129 0 \
Manuel Pégourié-Gonnardc948a792015-06-22 16:04:20 +02003130 -S "skip write certificate request" \
3131 -C "skip parse certificate request" \
3132 -c "got a certificate request" \
3133 -C "skip write certificate" \
3134 -C "skip write certificate verify" \
3135 -S "skip parse certificate verify"
3136
3137run_test "SNI: client auth override: none -> optional" \
3138 "$P_SRV debug_level=3 auth_mode=none \
3139 crt_file=data_files/server5.crt key_file=data_files/server5.key \
3140 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,optional" \
3141 "$P_CLI debug_level=3 server_name=localhost" \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02003142 0 \
Manuel Pégourié-Gonnardc948a792015-06-22 16:04:20 +02003143 -S "skip write certificate request" \
3144 -C "skip parse certificate request" \
3145 -c "got a certificate request" \
3146 -C "skip write certificate" \
3147 -C "skip write certificate verify" \
3148 -S "skip parse certificate verify"
3149
3150run_test "SNI: client auth override: optional -> none" \
3151 "$P_SRV debug_level=3 auth_mode=optional \
3152 crt_file=data_files/server5.crt key_file=data_files/server5.key \
3153 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,none" \
3154 "$P_CLI debug_level=3 server_name=localhost" \
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02003155 0 \
Manuel Pégourié-Gonnardc948a792015-06-22 16:04:20 +02003156 -s "skip write certificate request" \
3157 -C "skip parse certificate request" \
3158 -c "got no certificate request" \
3159 -c "skip write certificate" \
3160 -c "skip write certificate verify" \
3161 -s "skip parse certificate verify"
3162
Manuel Pégourié-Gonnard6ea831d2015-06-22 16:50:52 +02003163run_test "SNI: CA no override" \
3164 "$P_SRV debug_level=3 auth_mode=optional \
3165 crt_file=data_files/server5.crt key_file=data_files/server5.key \
3166 ca_file=data_files/test-ca.crt \
3167 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,required" \
3168 "$P_CLI debug_level=3 server_name=localhost \
3169 crt_file=data_files/server6.crt key_file=data_files/server6.key" \
3170 1 \
3171 -S "skip write certificate request" \
3172 -C "skip parse certificate request" \
3173 -c "got a certificate request" \
3174 -C "skip write certificate" \
3175 -C "skip write certificate verify" \
3176 -S "skip parse certificate verify" \
3177 -s "x509_verify_cert() returned" \
3178 -s "! The certificate is not correctly signed by the trusted CA" \
3179 -S "The certificate has been revoked (is on a CRL)"
3180
3181run_test "SNI: CA override" \
3182 "$P_SRV debug_level=3 auth_mode=optional \
3183 crt_file=data_files/server5.crt key_file=data_files/server5.key \
3184 ca_file=data_files/test-ca.crt \
3185 sni=localhost,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,-,required" \
3186 "$P_CLI debug_level=3 server_name=localhost \
3187 crt_file=data_files/server6.crt key_file=data_files/server6.key" \
3188 0 \
3189 -S "skip write certificate request" \
3190 -C "skip parse certificate request" \
3191 -c "got a certificate request" \
3192 -C "skip write certificate" \
3193 -C "skip write certificate verify" \
3194 -S "skip parse certificate verify" \
3195 -S "x509_verify_cert() returned" \
3196 -S "! The certificate is not correctly signed by the trusted CA" \
3197 -S "The certificate has been revoked (is on a CRL)"
3198
3199run_test "SNI: CA override with CRL" \
3200 "$P_SRV debug_level=3 auth_mode=optional \
3201 crt_file=data_files/server5.crt key_file=data_files/server5.key \
3202 ca_file=data_files/test-ca.crt \
3203 sni=localhost,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,data_files/crl-ec-sha256.pem,required" \
3204 "$P_CLI debug_level=3 server_name=localhost \
3205 crt_file=data_files/server6.crt key_file=data_files/server6.key" \
3206 1 \
3207 -S "skip write certificate request" \
3208 -C "skip parse certificate request" \
3209 -c "got a certificate request" \
3210 -C "skip write certificate" \
3211 -C "skip write certificate verify" \
3212 -S "skip parse certificate verify" \
3213 -s "x509_verify_cert() returned" \
3214 -S "! The certificate is not correctly signed by the trusted CA" \
3215 -s "The certificate has been revoked (is on a CRL)"
3216
Andres AG1a834452016-12-07 10:01:30 +00003217# Tests for SNI and DTLS
3218
Andres Amaya Garcia54306c12018-05-01 20:27:37 +01003219run_test "SNI: DTLS, no SNI callback" \
3220 "$P_SRV debug_level=3 dtls=1 \
3221 crt_file=data_files/server5.crt key_file=data_files/server5.key" \
3222 "$P_CLI server_name=localhost dtls=1" \
3223 0 \
3224 -S "parse ServerName extension" \
3225 -c "issuer name *: C=NL, O=PolarSSL, CN=Polarssl Test EC CA" \
3226 -c "subject name *: C=NL, O=PolarSSL, CN=localhost"
3227
Andres Amaya Garciaf77d3d32018-05-01 20:26:47 +01003228run_test "SNI: DTLS, matching cert 1" \
Andres AG1a834452016-12-07 10:01:30 +00003229 "$P_SRV debug_level=3 dtls=1 \
3230 crt_file=data_files/server5.crt key_file=data_files/server5.key \
3231 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
3232 "$P_CLI server_name=localhost dtls=1" \
3233 0 \
3234 -s "parse ServerName extension" \
3235 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
3236 -c "subject name *: C=NL, O=PolarSSL, CN=localhost"
3237
Andres Amaya Garcia54306c12018-05-01 20:27:37 +01003238run_test "SNI: DTLS, matching cert 2" \
3239 "$P_SRV debug_level=3 dtls=1 \
3240 crt_file=data_files/server5.crt key_file=data_files/server5.key \
3241 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
3242 "$P_CLI server_name=polarssl.example dtls=1" \
3243 0 \
3244 -s "parse ServerName extension" \
3245 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
3246 -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example"
3247
3248run_test "SNI: DTLS, no matching cert" \
3249 "$P_SRV debug_level=3 dtls=1 \
3250 crt_file=data_files/server5.crt key_file=data_files/server5.key \
3251 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
3252 "$P_CLI server_name=nonesuch.example dtls=1" \
3253 1 \
3254 -s "parse ServerName extension" \
3255 -s "ssl_sni_wrapper() returned" \
3256 -s "mbedtls_ssl_handshake returned" \
3257 -c "mbedtls_ssl_handshake returned" \
3258 -c "SSL - A fatal alert message was received from our peer"
3259
3260run_test "SNI: DTLS, client auth no override: optional" \
3261 "$P_SRV debug_level=3 auth_mode=optional dtls=1 \
3262 crt_file=data_files/server5.crt key_file=data_files/server5.key \
3263 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-" \
3264 "$P_CLI debug_level=3 server_name=localhost dtls=1" \
3265 0 \
3266 -S "skip write certificate request" \
3267 -C "skip parse certificate request" \
3268 -c "got a certificate request" \
3269 -C "skip write certificate" \
3270 -C "skip write certificate verify" \
3271 -S "skip parse certificate verify"
3272
3273run_test "SNI: DTLS, client auth override: none -> optional" \
3274 "$P_SRV debug_level=3 auth_mode=none dtls=1 \
3275 crt_file=data_files/server5.crt key_file=data_files/server5.key \
3276 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,optional" \
3277 "$P_CLI debug_level=3 server_name=localhost dtls=1" \
3278 0 \
3279 -S "skip write certificate request" \
3280 -C "skip parse certificate request" \
3281 -c "got a certificate request" \
3282 -C "skip write certificate" \
3283 -C "skip write certificate verify" \
3284 -S "skip parse certificate verify"
3285
3286run_test "SNI: DTLS, client auth override: optional -> none" \
3287 "$P_SRV debug_level=3 auth_mode=optional dtls=1 \
3288 crt_file=data_files/server5.crt key_file=data_files/server5.key \
3289 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,none" \
3290 "$P_CLI debug_level=3 server_name=localhost dtls=1" \
3291 0 \
3292 -s "skip write certificate request" \
3293 -C "skip parse certificate request" \
3294 -c "got no certificate request" \
3295 -c "skip write certificate" \
3296 -c "skip write certificate verify" \
3297 -s "skip parse certificate verify"
3298
3299run_test "SNI: DTLS, CA no override" \
3300 "$P_SRV debug_level=3 auth_mode=optional dtls=1 \
3301 crt_file=data_files/server5.crt key_file=data_files/server5.key \
3302 ca_file=data_files/test-ca.crt \
3303 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,required" \
3304 "$P_CLI debug_level=3 server_name=localhost dtls=1 \
3305 crt_file=data_files/server6.crt key_file=data_files/server6.key" \
3306 1 \
3307 -S "skip write certificate request" \
3308 -C "skip parse certificate request" \
3309 -c "got a certificate request" \
3310 -C "skip write certificate" \
3311 -C "skip write certificate verify" \
3312 -S "skip parse certificate verify" \
3313 -s "x509_verify_cert() returned" \
3314 -s "! The certificate is not correctly signed by the trusted CA" \
3315 -S "The certificate has been revoked (is on a CRL)"
3316
Andres Amaya Garciaf77d3d32018-05-01 20:26:47 +01003317run_test "SNI: DTLS, CA override" \
Andres AG1a834452016-12-07 10:01:30 +00003318 "$P_SRV debug_level=3 auth_mode=optional dtls=1 \
3319 crt_file=data_files/server5.crt key_file=data_files/server5.key \
3320 ca_file=data_files/test-ca.crt \
3321 sni=localhost,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,-,required" \
3322 "$P_CLI debug_level=3 server_name=localhost dtls=1 \
3323 crt_file=data_files/server6.crt key_file=data_files/server6.key" \
3324 0 \
3325 -S "skip write certificate request" \
3326 -C "skip parse certificate request" \
3327 -c "got a certificate request" \
3328 -C "skip write certificate" \
3329 -C "skip write certificate verify" \
3330 -S "skip parse certificate verify" \
3331 -S "x509_verify_cert() returned" \
3332 -S "! The certificate is not correctly signed by the trusted CA" \
3333 -S "The certificate has been revoked (is on a CRL)"
3334
Andres Amaya Garciaf77d3d32018-05-01 20:26:47 +01003335run_test "SNI: DTLS, CA override with CRL" \
Andres AG1a834452016-12-07 10:01:30 +00003336 "$P_SRV debug_level=3 auth_mode=optional \
3337 crt_file=data_files/server5.crt key_file=data_files/server5.key dtls=1 \
3338 ca_file=data_files/test-ca.crt \
3339 sni=localhost,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,data_files/crl-ec-sha256.pem,required" \
3340 "$P_CLI debug_level=3 server_name=localhost dtls=1 \
3341 crt_file=data_files/server6.crt key_file=data_files/server6.key" \
3342 1 \
3343 -S "skip write certificate request" \
3344 -C "skip parse certificate request" \
3345 -c "got a certificate request" \
3346 -C "skip write certificate" \
3347 -C "skip write certificate verify" \
3348 -S "skip parse certificate verify" \
3349 -s "x509_verify_cert() returned" \
3350 -S "! The certificate is not correctly signed by the trusted CA" \
3351 -s "The certificate has been revoked (is on a CRL)"
3352
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01003353# Tests for non-blocking I/O: exercise a variety of handshake flows
3354
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003355run_test "Non-blocking I/O: basic handshake" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01003356 "$P_SRV nbio=2 tickets=0 auth_mode=none" \
3357 "$P_CLI nbio=2 tickets=0" \
3358 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003359 -S "mbedtls_ssl_handshake returned" \
3360 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01003361 -c "Read from server: .* bytes read"
3362
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003363run_test "Non-blocking I/O: client auth" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01003364 "$P_SRV nbio=2 tickets=0 auth_mode=required" \
3365 "$P_CLI nbio=2 tickets=0" \
3366 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003367 -S "mbedtls_ssl_handshake returned" \
3368 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01003369 -c "Read from server: .* bytes read"
3370
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003371run_test "Non-blocking I/O: ticket" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01003372 "$P_SRV nbio=2 tickets=1 auth_mode=none" \
3373 "$P_CLI nbio=2 tickets=1" \
3374 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003375 -S "mbedtls_ssl_handshake returned" \
3376 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01003377 -c "Read from server: .* bytes read"
3378
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003379run_test "Non-blocking I/O: ticket + client auth" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01003380 "$P_SRV nbio=2 tickets=1 auth_mode=required" \
3381 "$P_CLI nbio=2 tickets=1" \
3382 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003383 -S "mbedtls_ssl_handshake returned" \
3384 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01003385 -c "Read from server: .* bytes read"
3386
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003387run_test "Non-blocking I/O: ticket + client auth + resume" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01003388 "$P_SRV nbio=2 tickets=1 auth_mode=required" \
3389 "$P_CLI nbio=2 tickets=1 reconnect=1" \
3390 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003391 -S "mbedtls_ssl_handshake returned" \
3392 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01003393 -c "Read from server: .* bytes read"
3394
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003395run_test "Non-blocking I/O: ticket + resume" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01003396 "$P_SRV nbio=2 tickets=1 auth_mode=none" \
3397 "$P_CLI nbio=2 tickets=1 reconnect=1" \
3398 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003399 -S "mbedtls_ssl_handshake returned" \
3400 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01003401 -c "Read from server: .* bytes read"
3402
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003403run_test "Non-blocking I/O: session-id resume" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01003404 "$P_SRV nbio=2 tickets=0 auth_mode=none" \
3405 "$P_CLI nbio=2 tickets=0 reconnect=1" \
3406 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003407 -S "mbedtls_ssl_handshake returned" \
3408 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0b6609b2014-02-26 14:45:12 +01003409 -c "Read from server: .* bytes read"
3410
Hanno Becker00076712017-11-15 16:39:08 +00003411# Tests for event-driven I/O: exercise a variety of handshake flows
3412
3413run_test "Event-driven I/O: basic handshake" \
3414 "$P_SRV event=1 tickets=0 auth_mode=none" \
3415 "$P_CLI event=1 tickets=0" \
3416 0 \
3417 -S "mbedtls_ssl_handshake returned" \
3418 -C "mbedtls_ssl_handshake returned" \
3419 -c "Read from server: .* bytes read"
3420
3421run_test "Event-driven I/O: client auth" \
3422 "$P_SRV event=1 tickets=0 auth_mode=required" \
3423 "$P_CLI event=1 tickets=0" \
3424 0 \
3425 -S "mbedtls_ssl_handshake returned" \
3426 -C "mbedtls_ssl_handshake returned" \
3427 -c "Read from server: .* bytes read"
3428
3429run_test "Event-driven I/O: ticket" \
3430 "$P_SRV event=1 tickets=1 auth_mode=none" \
3431 "$P_CLI event=1 tickets=1" \
3432 0 \
3433 -S "mbedtls_ssl_handshake returned" \
3434 -C "mbedtls_ssl_handshake returned" \
3435 -c "Read from server: .* bytes read"
3436
3437run_test "Event-driven I/O: ticket + client auth" \
3438 "$P_SRV event=1 tickets=1 auth_mode=required" \
3439 "$P_CLI event=1 tickets=1" \
3440 0 \
3441 -S "mbedtls_ssl_handshake returned" \
3442 -C "mbedtls_ssl_handshake returned" \
3443 -c "Read from server: .* bytes read"
3444
3445run_test "Event-driven I/O: ticket + client auth + resume" \
3446 "$P_SRV event=1 tickets=1 auth_mode=required" \
3447 "$P_CLI event=1 tickets=1 reconnect=1" \
3448 0 \
3449 -S "mbedtls_ssl_handshake returned" \
3450 -C "mbedtls_ssl_handshake returned" \
3451 -c "Read from server: .* bytes read"
3452
3453run_test "Event-driven I/O: ticket + resume" \
3454 "$P_SRV event=1 tickets=1 auth_mode=none" \
3455 "$P_CLI event=1 tickets=1 reconnect=1" \
3456 0 \
3457 -S "mbedtls_ssl_handshake returned" \
3458 -C "mbedtls_ssl_handshake returned" \
3459 -c "Read from server: .* bytes read"
3460
3461run_test "Event-driven I/O: session-id resume" \
3462 "$P_SRV event=1 tickets=0 auth_mode=none" \
3463 "$P_CLI event=1 tickets=0 reconnect=1" \
3464 0 \
3465 -S "mbedtls_ssl_handshake returned" \
3466 -C "mbedtls_ssl_handshake returned" \
3467 -c "Read from server: .* bytes read"
3468
Hanno Becker6a33f592018-03-13 11:38:46 +00003469run_test "Event-driven I/O, DTLS: basic handshake" \
3470 "$P_SRV dtls=1 event=1 tickets=0 auth_mode=none" \
3471 "$P_CLI dtls=1 event=1 tickets=0" \
3472 0 \
3473 -c "Read from server: .* bytes read"
3474
3475run_test "Event-driven I/O, DTLS: client auth" \
3476 "$P_SRV dtls=1 event=1 tickets=0 auth_mode=required" \
3477 "$P_CLI dtls=1 event=1 tickets=0" \
3478 0 \
3479 -c "Read from server: .* bytes read"
3480
3481run_test "Event-driven I/O, DTLS: ticket" \
3482 "$P_SRV dtls=1 event=1 tickets=1 auth_mode=none" \
3483 "$P_CLI dtls=1 event=1 tickets=1" \
3484 0 \
3485 -c "Read from server: .* bytes read"
3486
3487run_test "Event-driven I/O, DTLS: ticket + client auth" \
3488 "$P_SRV dtls=1 event=1 tickets=1 auth_mode=required" \
3489 "$P_CLI dtls=1 event=1 tickets=1" \
3490 0 \
3491 -c "Read from server: .* bytes read"
3492
3493run_test "Event-driven I/O, DTLS: ticket + client auth + resume" \
3494 "$P_SRV dtls=1 event=1 tickets=1 auth_mode=required" \
Manuel Pégourié-Gonnard498e6322020-02-17 11:04:33 +01003495 "$P_CLI dtls=1 event=1 tickets=1 reconnect=1 skip_close_notify=1" \
Hanno Becker6a33f592018-03-13 11:38:46 +00003496 0 \
3497 -c "Read from server: .* bytes read"
3498
3499run_test "Event-driven I/O, DTLS: ticket + resume" \
3500 "$P_SRV dtls=1 event=1 tickets=1 auth_mode=none" \
Manuel Pégourié-Gonnard498e6322020-02-17 11:04:33 +01003501 "$P_CLI dtls=1 event=1 tickets=1 reconnect=1 skip_close_notify=1" \
Hanno Becker6a33f592018-03-13 11:38:46 +00003502 0 \
3503 -c "Read from server: .* bytes read"
3504
3505run_test "Event-driven I/O, DTLS: session-id resume" \
3506 "$P_SRV dtls=1 event=1 tickets=0 auth_mode=none" \
Manuel Pégourié-Gonnard498e6322020-02-17 11:04:33 +01003507 "$P_CLI dtls=1 event=1 tickets=0 reconnect=1 skip_close_notify=1" \
Hanno Becker6a33f592018-03-13 11:38:46 +00003508 0 \
3509 -c "Read from server: .* bytes read"
Hanno Beckerbc6c1102018-03-13 11:39:40 +00003510
3511# This test demonstrates the need for the mbedtls_ssl_check_pending function.
3512# During session resumption, the client will send its ApplicationData record
3513# within the same datagram as the Finished messages. In this situation, the
3514# server MUST NOT idle on the underlying transport after handshake completion,
3515# because the ApplicationData request has already been queued internally.
3516run_test "Event-driven I/O, DTLS: session-id resume, UDP packing" \
Hanno Becker8d832182018-03-15 10:14:19 +00003517 -p "$P_PXY pack=50" \
Hanno Beckerbc6c1102018-03-13 11:39:40 +00003518 "$P_SRV dtls=1 event=1 tickets=0 auth_mode=required" \
Manuel Pégourié-Gonnard498e6322020-02-17 11:04:33 +01003519 "$P_CLI dtls=1 event=1 tickets=0 reconnect=1 skip_close_notify=1" \
Hanno Beckerbc6c1102018-03-13 11:39:40 +00003520 0 \
3521 -c "Read from server: .* bytes read"
3522
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02003523# Tests for version negotiation
3524
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003525run_test "Version check: all -> 1.2" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01003526 "$P_SRV" \
3527 "$P_CLI" \
3528 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003529 -S "mbedtls_ssl_handshake returned" \
3530 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01003531 -s "Protocol is TLSv1.2" \
3532 -c "Protocol is TLSv1.2"
3533
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003534run_test "Version check: cli max 1.1 -> 1.1" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01003535 "$P_SRV" \
3536 "$P_CLI max_version=tls1_1" \
3537 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003538 -S "mbedtls_ssl_handshake returned" \
3539 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01003540 -s "Protocol is TLSv1.1" \
3541 -c "Protocol is TLSv1.1"
3542
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003543run_test "Version check: srv max 1.1 -> 1.1" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01003544 "$P_SRV max_version=tls1_1" \
3545 "$P_CLI" \
3546 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003547 -S "mbedtls_ssl_handshake returned" \
3548 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01003549 -s "Protocol is TLSv1.1" \
3550 -c "Protocol is TLSv1.1"
3551
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003552run_test "Version check: cli+srv max 1.1 -> 1.1" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01003553 "$P_SRV max_version=tls1_1" \
3554 "$P_CLI max_version=tls1_1" \
3555 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003556 -S "mbedtls_ssl_handshake returned" \
3557 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01003558 -s "Protocol is TLSv1.1" \
3559 -c "Protocol is TLSv1.1"
3560
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003561run_test "Version check: cli max 1.1, srv min 1.1 -> 1.1" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01003562 "$P_SRV min_version=tls1_1" \
3563 "$P_CLI max_version=tls1_1" \
3564 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003565 -S "mbedtls_ssl_handshake returned" \
3566 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01003567 -s "Protocol is TLSv1.1" \
3568 -c "Protocol is TLSv1.1"
3569
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003570run_test "Version check: cli min 1.1, srv max 1.1 -> 1.1" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01003571 "$P_SRV max_version=tls1_1" \
3572 "$P_CLI min_version=tls1_1" \
3573 0 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003574 -S "mbedtls_ssl_handshake returned" \
3575 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01003576 -s "Protocol is TLSv1.1" \
3577 -c "Protocol is TLSv1.1"
3578
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003579run_test "Version check: cli min 1.2, srv max 1.1 -> fail" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01003580 "$P_SRV max_version=tls1_1" \
3581 "$P_CLI min_version=tls1_2" \
3582 1 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003583 -s "mbedtls_ssl_handshake returned" \
3584 -c "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01003585 -c "SSL - Handshake protocol not within min/max boundaries"
3586
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003587run_test "Version check: srv min 1.2, cli max 1.1 -> fail" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01003588 "$P_SRV min_version=tls1_2" \
3589 "$P_CLI max_version=tls1_1" \
3590 1 \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02003591 -s "mbedtls_ssl_handshake returned" \
3592 -c "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnarda3d808e2014-02-26 16:33:03 +01003593 -s "SSL - Handshake protocol not within min/max boundaries"
3594
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02003595# Tests for ALPN extension
3596
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003597run_test "ALPN: none" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003598 "$P_SRV debug_level=3" \
3599 "$P_CLI debug_level=3" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02003600 0 \
3601 -C "client hello, adding alpn extension" \
3602 -S "found alpn extension" \
3603 -C "got an alert message, type: \\[2:120]" \
3604 -S "server hello, adding alpn extension" \
3605 -C "found alpn extension " \
3606 -C "Application Layer Protocol is" \
3607 -S "Application Layer Protocol is"
3608
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003609run_test "ALPN: client only" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003610 "$P_SRV debug_level=3" \
3611 "$P_CLI debug_level=3 alpn=abc,1234" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02003612 0 \
3613 -c "client hello, adding alpn extension" \
3614 -s "found alpn extension" \
3615 -C "got an alert message, type: \\[2:120]" \
3616 -S "server hello, adding alpn extension" \
3617 -C "found alpn extension " \
3618 -c "Application Layer Protocol is (none)" \
3619 -S "Application Layer Protocol is"
3620
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003621run_test "ALPN: server only" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003622 "$P_SRV debug_level=3 alpn=abc,1234" \
3623 "$P_CLI debug_level=3" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02003624 0 \
3625 -C "client hello, adding alpn extension" \
3626 -S "found alpn extension" \
3627 -C "got an alert message, type: \\[2:120]" \
3628 -S "server hello, adding alpn extension" \
3629 -C "found alpn extension " \
3630 -C "Application Layer Protocol is" \
3631 -s "Application Layer Protocol is (none)"
3632
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003633run_test "ALPN: both, common cli1-srv1" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003634 "$P_SRV debug_level=3 alpn=abc,1234" \
3635 "$P_CLI debug_level=3 alpn=abc,1234" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02003636 0 \
3637 -c "client hello, adding alpn extension" \
3638 -s "found alpn extension" \
3639 -C "got an alert message, type: \\[2:120]" \
3640 -s "server hello, adding alpn extension" \
3641 -c "found alpn extension" \
3642 -c "Application Layer Protocol is abc" \
3643 -s "Application Layer Protocol is abc"
3644
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003645run_test "ALPN: both, common cli2-srv1" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003646 "$P_SRV debug_level=3 alpn=abc,1234" \
3647 "$P_CLI debug_level=3 alpn=1234,abc" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02003648 0 \
3649 -c "client hello, adding alpn extension" \
3650 -s "found alpn extension" \
3651 -C "got an alert message, type: \\[2:120]" \
3652 -s "server hello, adding alpn extension" \
3653 -c "found alpn extension" \
3654 -c "Application Layer Protocol is abc" \
3655 -s "Application Layer Protocol is abc"
3656
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003657run_test "ALPN: both, common cli1-srv2" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003658 "$P_SRV debug_level=3 alpn=abc,1234" \
3659 "$P_CLI debug_level=3 alpn=1234,abcde" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02003660 0 \
3661 -c "client hello, adding alpn extension" \
3662 -s "found alpn extension" \
3663 -C "got an alert message, type: \\[2:120]" \
3664 -s "server hello, adding alpn extension" \
3665 -c "found alpn extension" \
3666 -c "Application Layer Protocol is 1234" \
3667 -s "Application Layer Protocol is 1234"
3668
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003669run_test "ALPN: both, no common" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003670 "$P_SRV debug_level=3 alpn=abc,123" \
3671 "$P_CLI debug_level=3 alpn=1234,abcde" \
Manuel Pégourié-Gonnardf6521de2014-04-07 12:42:04 +02003672 1 \
3673 -c "client hello, adding alpn extension" \
3674 -s "found alpn extension" \
3675 -c "got an alert message, type: \\[2:120]" \
3676 -S "server hello, adding alpn extension" \
3677 -C "found alpn extension" \
3678 -C "Application Layer Protocol is 1234" \
3679 -S "Application Layer Protocol is 1234"
3680
Manuel Pégourié-Gonnard83d8c732014-04-07 13:24:21 +02003681
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02003682# Tests for keyUsage in leaf certificates, part 1:
3683# server-side certificate/suite selection
3684
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003685run_test "keyUsage srv: RSA, digitalSignature -> (EC)DHE-RSA" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02003686 "$P_SRV key_file=data_files/server2.key \
3687 crt_file=data_files/server2.ku-ds.crt" \
3688 "$P_CLI" \
3689 0 \
Manuel Pégourié-Gonnard17cde5f2014-05-22 14:42:39 +02003690 -c "Ciphersuite is TLS-[EC]*DHE-RSA-WITH-"
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02003691
3692
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003693run_test "keyUsage srv: RSA, keyEncipherment -> RSA" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02003694 "$P_SRV key_file=data_files/server2.key \
3695 crt_file=data_files/server2.ku-ke.crt" \
3696 "$P_CLI" \
3697 0 \
3698 -c "Ciphersuite is TLS-RSA-WITH-"
3699
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003700run_test "keyUsage srv: RSA, keyAgreement -> fail" \
Manuel Pégourié-Gonnardf2629b92014-08-30 14:20:14 +02003701 "$P_SRV key_file=data_files/server2.key \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02003702 crt_file=data_files/server2.ku-ka.crt" \
Manuel Pégourié-Gonnardf2629b92014-08-30 14:20:14 +02003703 "$P_CLI" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02003704 1 \
3705 -C "Ciphersuite is "
3706
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003707run_test "keyUsage srv: ECDSA, digitalSignature -> ECDHE-ECDSA" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02003708 "$P_SRV key_file=data_files/server5.key \
3709 crt_file=data_files/server5.ku-ds.crt" \
3710 "$P_CLI" \
3711 0 \
3712 -c "Ciphersuite is TLS-ECDHE-ECDSA-WITH-"
3713
3714
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003715run_test "keyUsage srv: ECDSA, keyAgreement -> ECDH-" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02003716 "$P_SRV key_file=data_files/server5.key \
3717 crt_file=data_files/server5.ku-ka.crt" \
3718 "$P_CLI" \
3719 0 \
3720 -c "Ciphersuite is TLS-ECDH-"
3721
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003722run_test "keyUsage srv: ECDSA, keyEncipherment -> fail" \
Manuel Pégourié-Gonnardf2629b92014-08-30 14:20:14 +02003723 "$P_SRV key_file=data_files/server5.key \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02003724 crt_file=data_files/server5.ku-ke.crt" \
Manuel Pégourié-Gonnardf2629b92014-08-30 14:20:14 +02003725 "$P_CLI" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02003726 1 \
3727 -C "Ciphersuite is "
3728
3729# Tests for keyUsage in leaf certificates, part 2:
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02003730# client-side checking of server cert
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02003731
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003732run_test "keyUsage cli: DigitalSignature+KeyEncipherment, RSA: OK" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02003733 "$O_SRV -key data_files/server2.key \
3734 -cert data_files/server2.ku-ds_ke.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003735 "$P_CLI debug_level=1 \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02003736 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
3737 0 \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02003738 -C "bad certificate (usage extensions)" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02003739 -C "Processing of the Certificate handshake message failed" \
3740 -c "Ciphersuite is TLS-"
3741
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003742run_test "keyUsage cli: DigitalSignature+KeyEncipherment, DHE-RSA: OK" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02003743 "$O_SRV -key data_files/server2.key \
3744 -cert data_files/server2.ku-ds_ke.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003745 "$P_CLI debug_level=1 \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02003746 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
3747 0 \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02003748 -C "bad certificate (usage extensions)" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02003749 -C "Processing of the Certificate handshake message failed" \
3750 -c "Ciphersuite is TLS-"
3751
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003752run_test "keyUsage cli: KeyEncipherment, RSA: OK" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02003753 "$O_SRV -key data_files/server2.key \
3754 -cert data_files/server2.ku-ke.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003755 "$P_CLI debug_level=1 \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02003756 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
3757 0 \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02003758 -C "bad certificate (usage extensions)" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02003759 -C "Processing of the Certificate handshake message failed" \
3760 -c "Ciphersuite is TLS-"
3761
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003762run_test "keyUsage cli: KeyEncipherment, DHE-RSA: fail" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02003763 "$O_SRV -key data_files/server2.key \
3764 -cert data_files/server2.ku-ke.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003765 "$P_CLI debug_level=1 \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02003766 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
3767 1 \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02003768 -c "bad certificate (usage extensions)" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02003769 -c "Processing of the Certificate handshake message failed" \
3770 -C "Ciphersuite is TLS-"
3771
Manuel Pégourié-Gonnarde6efa6f2015-04-20 11:01:48 +01003772run_test "keyUsage cli: KeyEncipherment, DHE-RSA: fail, soft" \
3773 "$O_SRV -key data_files/server2.key \
3774 -cert data_files/server2.ku-ke.crt" \
3775 "$P_CLI debug_level=1 auth_mode=optional \
3776 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
3777 0 \
3778 -c "bad certificate (usage extensions)" \
3779 -C "Processing of the Certificate handshake message failed" \
3780 -c "Ciphersuite is TLS-" \
3781 -c "! Usage does not match the keyUsage extension"
3782
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003783run_test "keyUsage cli: DigitalSignature, DHE-RSA: OK" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02003784 "$O_SRV -key data_files/server2.key \
3785 -cert data_files/server2.ku-ds.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003786 "$P_CLI debug_level=1 \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02003787 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
3788 0 \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02003789 -C "bad certificate (usage extensions)" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02003790 -C "Processing of the Certificate handshake message failed" \
3791 -c "Ciphersuite is TLS-"
3792
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003793run_test "keyUsage cli: DigitalSignature, RSA: fail" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02003794 "$O_SRV -key data_files/server2.key \
3795 -cert data_files/server2.ku-ds.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003796 "$P_CLI debug_level=1 \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02003797 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
3798 1 \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02003799 -c "bad certificate (usage extensions)" \
Manuel Pégourié-Gonnard7f2a07d2014-04-09 09:50:57 +02003800 -c "Processing of the Certificate handshake message failed" \
3801 -C "Ciphersuite is TLS-"
3802
Manuel Pégourié-Gonnarde6efa6f2015-04-20 11:01:48 +01003803run_test "keyUsage cli: DigitalSignature, RSA: fail, soft" \
3804 "$O_SRV -key data_files/server2.key \
3805 -cert data_files/server2.ku-ds.crt" \
3806 "$P_CLI debug_level=1 auth_mode=optional \
3807 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
3808 0 \
3809 -c "bad certificate (usage extensions)" \
3810 -C "Processing of the Certificate handshake message failed" \
3811 -c "Ciphersuite is TLS-" \
3812 -c "! Usage does not match the keyUsage extension"
3813
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02003814# Tests for keyUsage in leaf certificates, part 3:
3815# server-side checking of client cert
3816
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003817run_test "keyUsage cli-auth: RSA, DigitalSignature: OK" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003818 "$P_SRV debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02003819 "$O_CLI -key data_files/server2.key \
3820 -cert data_files/server2.ku-ds.crt" \
3821 0 \
3822 -S "bad certificate (usage extensions)" \
3823 -S "Processing of the Certificate handshake message failed"
3824
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003825run_test "keyUsage cli-auth: RSA, KeyEncipherment: fail (soft)" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003826 "$P_SRV debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02003827 "$O_CLI -key data_files/server2.key \
3828 -cert data_files/server2.ku-ke.crt" \
3829 0 \
3830 -s "bad certificate (usage extensions)" \
3831 -S "Processing of the Certificate handshake message failed"
3832
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003833run_test "keyUsage cli-auth: RSA, KeyEncipherment: fail (hard)" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003834 "$P_SRV debug_level=1 auth_mode=required" \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02003835 "$O_CLI -key data_files/server2.key \
3836 -cert data_files/server2.ku-ke.crt" \
3837 1 \
3838 -s "bad certificate (usage extensions)" \
3839 -s "Processing of the Certificate handshake message failed"
3840
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003841run_test "keyUsage cli-auth: ECDSA, DigitalSignature: OK" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003842 "$P_SRV debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02003843 "$O_CLI -key data_files/server5.key \
3844 -cert data_files/server5.ku-ds.crt" \
3845 0 \
3846 -S "bad certificate (usage extensions)" \
3847 -S "Processing of the Certificate handshake message failed"
3848
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003849run_test "keyUsage cli-auth: ECDSA, KeyAgreement: fail (soft)" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003850 "$P_SRV debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnarda9db85d2014-04-09 14:53:05 +02003851 "$O_CLI -key data_files/server5.key \
3852 -cert data_files/server5.ku-ka.crt" \
3853 0 \
3854 -s "bad certificate (usage extensions)" \
3855 -S "Processing of the Certificate handshake message failed"
3856
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02003857# Tests for extendedKeyUsage, part 1: server-side certificate/suite selection
3858
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003859run_test "extKeyUsage srv: serverAuth -> OK" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02003860 "$P_SRV key_file=data_files/server5.key \
3861 crt_file=data_files/server5.eku-srv.crt" \
3862 "$P_CLI" \
3863 0
3864
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003865run_test "extKeyUsage srv: serverAuth,clientAuth -> OK" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02003866 "$P_SRV key_file=data_files/server5.key \
3867 crt_file=data_files/server5.eku-srv.crt" \
3868 "$P_CLI" \
3869 0
3870
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003871run_test "extKeyUsage srv: codeSign,anyEKU -> OK" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02003872 "$P_SRV key_file=data_files/server5.key \
3873 crt_file=data_files/server5.eku-cs_any.crt" \
3874 "$P_CLI" \
3875 0
3876
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003877run_test "extKeyUsage srv: codeSign -> fail" \
Manuel Pégourié-Gonnard7eb58cb2015-07-07 11:54:14 +02003878 "$P_SRV key_file=data_files/server5.key \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02003879 crt_file=data_files/server5.eku-cli.crt" \
Manuel Pégourié-Gonnard7eb58cb2015-07-07 11:54:14 +02003880 "$P_CLI" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02003881 1
3882
3883# Tests for extendedKeyUsage, part 2: client-side checking of server cert
3884
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003885run_test "extKeyUsage cli: serverAuth -> OK" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02003886 "$O_SRV -key data_files/server5.key \
3887 -cert data_files/server5.eku-srv.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003888 "$P_CLI debug_level=1" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02003889 0 \
3890 -C "bad certificate (usage extensions)" \
3891 -C "Processing of the Certificate handshake message failed" \
3892 -c "Ciphersuite is TLS-"
3893
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003894run_test "extKeyUsage cli: serverAuth,clientAuth -> OK" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02003895 "$O_SRV -key data_files/server5.key \
3896 -cert data_files/server5.eku-srv_cli.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003897 "$P_CLI debug_level=1" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02003898 0 \
3899 -C "bad certificate (usage extensions)" \
3900 -C "Processing of the Certificate handshake message failed" \
3901 -c "Ciphersuite is TLS-"
3902
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003903run_test "extKeyUsage cli: codeSign,anyEKU -> OK" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02003904 "$O_SRV -key data_files/server5.key \
3905 -cert data_files/server5.eku-cs_any.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003906 "$P_CLI debug_level=1" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02003907 0 \
3908 -C "bad certificate (usage extensions)" \
3909 -C "Processing of the Certificate handshake message failed" \
3910 -c "Ciphersuite is TLS-"
3911
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003912run_test "extKeyUsage cli: codeSign -> fail" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02003913 "$O_SRV -key data_files/server5.key \
3914 -cert data_files/server5.eku-cs.crt" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003915 "$P_CLI debug_level=1" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02003916 1 \
3917 -c "bad certificate (usage extensions)" \
3918 -c "Processing of the Certificate handshake message failed" \
3919 -C "Ciphersuite is TLS-"
3920
3921# Tests for extendedKeyUsage, part 3: server-side checking of client cert
3922
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003923run_test "extKeyUsage cli-auth: clientAuth -> OK" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003924 "$P_SRV debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02003925 "$O_CLI -key data_files/server5.key \
3926 -cert data_files/server5.eku-cli.crt" \
3927 0 \
3928 -S "bad certificate (usage extensions)" \
3929 -S "Processing of the Certificate handshake message failed"
3930
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003931run_test "extKeyUsage cli-auth: serverAuth,clientAuth -> OK" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003932 "$P_SRV debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02003933 "$O_CLI -key data_files/server5.key \
3934 -cert data_files/server5.eku-srv_cli.crt" \
3935 0 \
3936 -S "bad certificate (usage extensions)" \
3937 -S "Processing of the Certificate handshake message failed"
3938
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003939run_test "extKeyUsage cli-auth: codeSign,anyEKU -> OK" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003940 "$P_SRV debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02003941 "$O_CLI -key data_files/server5.key \
3942 -cert data_files/server5.eku-cs_any.crt" \
3943 0 \
3944 -S "bad certificate (usage extensions)" \
3945 -S "Processing of the Certificate handshake message failed"
3946
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003947run_test "extKeyUsage cli-auth: codeSign -> fail (soft)" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003948 "$P_SRV debug_level=1 auth_mode=optional" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02003949 "$O_CLI -key data_files/server5.key \
3950 -cert data_files/server5.eku-cs.crt" \
3951 0 \
3952 -s "bad certificate (usage extensions)" \
3953 -S "Processing of the Certificate handshake message failed"
3954
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003955run_test "extKeyUsage cli-auth: codeSign -> fail (hard)" \
Manuel Pégourié-Gonnard644e8f32014-08-30 21:59:31 +02003956 "$P_SRV debug_level=1 auth_mode=required" \
Manuel Pégourié-Gonnard0408fd12014-04-11 11:06:22 +02003957 "$O_CLI -key data_files/server5.key \
3958 -cert data_files/server5.eku-cs.crt" \
3959 1 \
3960 -s "bad certificate (usage extensions)" \
3961 -s "Processing of the Certificate handshake message failed"
3962
Manuel Pégourié-Gonnard0cc7e312014-06-09 11:36:47 +02003963# Tests for DHM parameters loading
3964
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003965run_test "DHM parameters: reference" \
Manuel Pégourié-Gonnard0cc7e312014-06-09 11:36:47 +02003966 "$P_SRV" \
3967 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
3968 debug_level=3" \
3969 0 \
3970 -c "value of 'DHM: P ' (2048 bits)" \
Hanno Becker13be9902017-09-27 17:17:30 +01003971 -c "value of 'DHM: G ' (2 bits)"
Manuel Pégourié-Gonnard0cc7e312014-06-09 11:36:47 +02003972
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02003973run_test "DHM parameters: other parameters" \
Manuel Pégourié-Gonnard0cc7e312014-06-09 11:36:47 +02003974 "$P_SRV dhm_file=data_files/dhparams.pem" \
3975 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
3976 debug_level=3" \
3977 0 \
3978 -c "value of 'DHM: P ' (1024 bits)" \
3979 -c "value of 'DHM: G ' (2 bits)"
3980
Manuel Pégourié-Gonnard7a010aa2015-06-12 11:19:10 +02003981# Tests for DHM client-side size checking
3982
3983run_test "DHM size: server default, client default, OK" \
3984 "$P_SRV" \
3985 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
3986 debug_level=1" \
3987 0 \
3988 -C "DHM prime too short:"
3989
3990run_test "DHM size: server default, client 2048, OK" \
3991 "$P_SRV" \
3992 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
3993 debug_level=1 dhmlen=2048" \
3994 0 \
3995 -C "DHM prime too short:"
3996
3997run_test "DHM size: server 1024, client default, OK" \
3998 "$P_SRV dhm_file=data_files/dhparams.pem" \
3999 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
4000 debug_level=1" \
4001 0 \
4002 -C "DHM prime too short:"
4003
Gilles Peskine3e7b61c2020-12-08 22:31:52 +01004004run_test "DHM size: server 999, client 999, OK" \
4005 "$P_SRV dhm_file=data_files/dh.999.pem" \
4006 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
4007 debug_level=1 dhmlen=999" \
4008 0 \
4009 -C "DHM prime too short:"
4010
4011run_test "DHM size: server 1000, client 1000, OK" \
4012 "$P_SRV dhm_file=data_files/dh.1000.pem" \
4013 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
4014 debug_level=1 dhmlen=1000" \
4015 0 \
4016 -C "DHM prime too short:"
4017
Manuel Pégourié-Gonnard7a010aa2015-06-12 11:19:10 +02004018run_test "DHM size: server 1000, client default, rejected" \
4019 "$P_SRV dhm_file=data_files/dh.1000.pem" \
4020 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
4021 debug_level=1" \
4022 1 \
4023 -c "DHM prime too short:"
4024
Gilles Peskine3e7b61c2020-12-08 22:31:52 +01004025run_test "DHM size: server 1000, client 1001, rejected" \
4026 "$P_SRV dhm_file=data_files/dh.1000.pem" \
4027 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
4028 debug_level=1 dhmlen=1001" \
4029 1 \
4030 -c "DHM prime too short:"
4031
4032run_test "DHM size: server 999, client 1000, rejected" \
4033 "$P_SRV dhm_file=data_files/dh.999.pem" \
4034 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
4035 debug_level=1 dhmlen=1000" \
4036 1 \
4037 -c "DHM prime too short:"
4038
4039run_test "DHM size: server 998, client 999, rejected" \
4040 "$P_SRV dhm_file=data_files/dh.998.pem" \
4041 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
4042 debug_level=1 dhmlen=999" \
4043 1 \
4044 -c "DHM prime too short:"
4045
Manuel Pégourié-Gonnard7a010aa2015-06-12 11:19:10 +02004046run_test "DHM size: server default, client 2049, rejected" \
4047 "$P_SRV" \
4048 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
4049 debug_level=1 dhmlen=2049" \
4050 1 \
4051 -c "DHM prime too short:"
4052
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02004053# Tests for PSK callback
4054
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004055run_test "PSK callback: psk, no callback" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02004056 "$P_SRV psk=abc123 psk_identity=foo" \
4057 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
4058 psk_identity=foo psk=abc123" \
4059 0 \
Manuel Pégourié-Gonnardf01768c2015-01-08 17:06:16 +01004060 -S "SSL - None of the common ciphersuites is usable" \
Manuel Pégourié-Gonnard10c3c9f2014-06-10 15:28:52 +02004061 -S "SSL - Unknown identity received" \
4062 -S "SSL - Verification of the message MAC failed"
4063
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004064run_test "PSK callback: no psk, no callback" \
Manuel Pégourié-Gonnard10c3c9f2014-06-10 15:28:52 +02004065 "$P_SRV" \
4066 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
4067 psk_identity=foo psk=abc123" \
4068 1 \
Manuel Pégourié-Gonnardf01768c2015-01-08 17:06:16 +01004069 -s "SSL - None of the common ciphersuites is usable" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02004070 -S "SSL - Unknown identity received" \
4071 -S "SSL - Verification of the message MAC failed"
4072
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004073run_test "PSK callback: callback overrides other settings" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02004074 "$P_SRV psk=abc123 psk_identity=foo psk_list=abc,dead,def,beef" \
4075 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
4076 psk_identity=foo psk=abc123" \
4077 1 \
Manuel Pégourié-Gonnardf01768c2015-01-08 17:06:16 +01004078 -S "SSL - None of the common ciphersuites is usable" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02004079 -s "SSL - Unknown identity received" \
4080 -S "SSL - Verification of the message MAC failed"
4081
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004082run_test "PSK callback: first id matches" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02004083 "$P_SRV psk_list=abc,dead,def,beef" \
4084 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
4085 psk_identity=abc psk=dead" \
4086 0 \
Manuel Pégourié-Gonnardf01768c2015-01-08 17:06:16 +01004087 -S "SSL - None of the common ciphersuites is usable" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02004088 -S "SSL - Unknown identity received" \
4089 -S "SSL - Verification of the message MAC failed"
4090
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004091run_test "PSK callback: second id matches" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02004092 "$P_SRV psk_list=abc,dead,def,beef" \
4093 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
4094 psk_identity=def psk=beef" \
4095 0 \
Manuel Pégourié-Gonnardf01768c2015-01-08 17:06:16 +01004096 -S "SSL - None of the common ciphersuites is usable" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02004097 -S "SSL - Unknown identity received" \
4098 -S "SSL - Verification of the message MAC failed"
4099
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004100run_test "PSK callback: no match" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02004101 "$P_SRV psk_list=abc,dead,def,beef" \
4102 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
4103 psk_identity=ghi psk=beef" \
4104 1 \
Manuel Pégourié-Gonnardf01768c2015-01-08 17:06:16 +01004105 -S "SSL - None of the common ciphersuites is usable" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02004106 -s "SSL - Unknown identity received" \
4107 -S "SSL - Verification of the message MAC failed"
4108
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004109run_test "PSK callback: wrong key" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02004110 "$P_SRV psk_list=abc,dead,def,beef" \
4111 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
4112 psk_identity=abc psk=beef" \
4113 1 \
Manuel Pégourié-Gonnardf01768c2015-01-08 17:06:16 +01004114 -S "SSL - None of the common ciphersuites is usable" \
Manuel Pégourié-Gonnarda6781c92014-06-10 15:00:46 +02004115 -S "SSL - Unknown identity received" \
4116 -s "SSL - Verification of the message MAC failed"
Manuel Pégourié-Gonnard0cc7e312014-06-09 11:36:47 +02004117
Manuel Pégourié-Gonnarde511b4e2015-09-16 14:11:09 +02004118# Tests for EC J-PAKE
4119
Manuel Pégourié-Gonnard12ca6f52015-10-20 15:24:51 +02004120requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
Manuel Pégourié-Gonnarde511b4e2015-09-16 14:11:09 +02004121run_test "ECJPAKE: client not configured" \
4122 "$P_SRV debug_level=3" \
4123 "$P_CLI debug_level=3" \
4124 0 \
4125 -C "add ciphersuite: c0ff" \
4126 -C "adding ecjpake_kkpp extension" \
Manuel Pégourié-Gonnardbf57be62015-09-16 15:04:01 +02004127 -S "found ecjpake kkpp extension" \
4128 -S "skip ecjpake kkpp extension" \
Manuel Pégourié-Gonnarde511b4e2015-09-16 14:11:09 +02004129 -S "ciphersuite mismatch: ecjpake not configured" \
Manuel Pégourié-Gonnard55c7f992015-09-16 15:35:27 +02004130 -S "server hello, ecjpake kkpp extension" \
Manuel Pégourié-Gonnard0a1324a2015-09-16 16:01:00 +02004131 -C "found ecjpake_kkpp extension" \
Manuel Pégourié-Gonnarde511b4e2015-09-16 14:11:09 +02004132 -S "None of the common ciphersuites is usable"
4133
Manuel Pégourié-Gonnard12ca6f52015-10-20 15:24:51 +02004134requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
Manuel Pégourié-Gonnarde511b4e2015-09-16 14:11:09 +02004135run_test "ECJPAKE: server not configured" \
4136 "$P_SRV debug_level=3" \
4137 "$P_CLI debug_level=3 ecjpake_pw=bla \
4138 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
4139 1 \
4140 -c "add ciphersuite: c0ff" \
4141 -c "adding ecjpake_kkpp extension" \
Manuel Pégourié-Gonnardbf57be62015-09-16 15:04:01 +02004142 -s "found ecjpake kkpp extension" \
4143 -s "skip ecjpake kkpp extension" \
Manuel Pégourié-Gonnarde511b4e2015-09-16 14:11:09 +02004144 -s "ciphersuite mismatch: ecjpake not configured" \
Manuel Pégourié-Gonnard55c7f992015-09-16 15:35:27 +02004145 -S "server hello, ecjpake kkpp extension" \
Manuel Pégourié-Gonnard0a1324a2015-09-16 16:01:00 +02004146 -C "found ecjpake_kkpp extension" \
Manuel Pégourié-Gonnarde511b4e2015-09-16 14:11:09 +02004147 -s "None of the common ciphersuites is usable"
4148
Manuel Pégourié-Gonnard12ca6f52015-10-20 15:24:51 +02004149requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE
Manuel Pégourié-Gonnardbf57be62015-09-16 15:04:01 +02004150run_test "ECJPAKE: working, TLS" \
4151 "$P_SRV debug_level=3 ecjpake_pw=bla" \
4152 "$P_CLI debug_level=3 ecjpake_pw=bla \
4153 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
Manuel Pégourié-Gonnard0f1660a2015-09-16 22:41:06 +02004154 0 \
Manuel Pégourié-Gonnardbf57be62015-09-16 15:04:01 +02004155 -c "add ciphersuite: c0ff" \
4156 -c "adding ecjpake_kkpp extension" \
Manuel Pégourié-Gonnardd0d8cb32015-09-17 14:16:30 +02004157 -C "re-using cached ecjpake parameters" \
Manuel Pégourié-Gonnardbf57be62015-09-16 15:04:01 +02004158 -s "found ecjpake kkpp extension" \
4159 -S "skip ecjpake kkpp extension" \
4160 -S "ciphersuite mismatch: ecjpake not configured" \
Manuel Pégourié-Gonnard55c7f992015-09-16 15:35:27 +02004161 -s "server hello, ecjpake kkpp extension" \
Manuel Pégourié-Gonnard0a1324a2015-09-16 16:01:00 +02004162 -c "found ecjpake_kkpp extension" \
Manuel Pégourié-Gonnard921f2d02015-09-16 22:52:18 +02004163 -S "None of the common ciphersuites is usable" \
4164 -S "SSL - Verification of the message MAC failed"
4165
Janos Follath74537a62016-09-02 13:45:28 +01004166server_needs_more_time 1
Dave Rodgmancee9e922021-06-29 19:05:34 +01004167requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
Manuel Pégourié-Gonnard921f2d02015-09-16 22:52:18 +02004168run_test "ECJPAKE: password mismatch, TLS" \
4169 "$P_SRV debug_level=3 ecjpake_pw=bla" \
4170 "$P_CLI debug_level=3 ecjpake_pw=bad \
4171 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
4172 1 \
Manuel Pégourié-Gonnardd0d8cb32015-09-17 14:16:30 +02004173 -C "re-using cached ecjpake parameters" \
Manuel Pégourié-Gonnard921f2d02015-09-16 22:52:18 +02004174 -s "SSL - Verification of the message MAC failed"
4175
Dave Rodgmancee9e922021-06-29 19:05:34 +01004176requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
Manuel Pégourié-Gonnard921f2d02015-09-16 22:52:18 +02004177run_test "ECJPAKE: working, DTLS" \
4178 "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \
4179 "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bla \
4180 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
4181 0 \
Manuel Pégourié-Gonnardd0d8cb32015-09-17 14:16:30 +02004182 -c "re-using cached ecjpake parameters" \
4183 -S "SSL - Verification of the message MAC failed"
4184
Dave Rodgmancee9e922021-06-29 19:05:34 +01004185requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
Manuel Pégourié-Gonnardd0d8cb32015-09-17 14:16:30 +02004186run_test "ECJPAKE: working, DTLS, no cookie" \
4187 "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla cookies=0" \
4188 "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bla \
4189 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
4190 0 \
4191 -C "re-using cached ecjpake parameters" \
Manuel Pégourié-Gonnard921f2d02015-09-16 22:52:18 +02004192 -S "SSL - Verification of the message MAC failed"
4193
Janos Follath74537a62016-09-02 13:45:28 +01004194server_needs_more_time 1
Dave Rodgmancee9e922021-06-29 19:05:34 +01004195requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
Manuel Pégourié-Gonnard921f2d02015-09-16 22:52:18 +02004196run_test "ECJPAKE: password mismatch, DTLS" \
4197 "$P_SRV debug_level=3 dtls=1 ecjpake_pw=bla" \
4198 "$P_CLI debug_level=3 dtls=1 ecjpake_pw=bad \
4199 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
4200 1 \
Manuel Pégourié-Gonnardd0d8cb32015-09-17 14:16:30 +02004201 -c "re-using cached ecjpake parameters" \
Manuel Pégourié-Gonnard921f2d02015-09-16 22:52:18 +02004202 -s "SSL - Verification of the message MAC failed"
Manuel Pégourié-Gonnardbf57be62015-09-16 15:04:01 +02004203
Manuel Pégourié-Gonnardca700b22015-10-20 14:47:00 +02004204# for tests with configs/config-thread.h
Dave Rodgmancee9e922021-06-29 19:05:34 +01004205requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
Manuel Pégourié-Gonnardca700b22015-10-20 14:47:00 +02004206run_test "ECJPAKE: working, DTLS, nolog" \
4207 "$P_SRV dtls=1 ecjpake_pw=bla" \
4208 "$P_CLI dtls=1 ecjpake_pw=bla \
4209 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
4210 0
4211
Manuel Pégourié-Gonnard90805a82014-06-11 14:06:01 +02004212# Tests for ciphersuites per version
4213
Janos Follathe2681a42016-03-07 15:57:05 +00004214requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Manuel Pégourié-Gonnardf1e62e82019-03-01 10:14:58 +01004215requires_config_enabled MBEDTLS_CAMELLIA_C
4216requires_config_enabled MBEDTLS_AES_C
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004217run_test "Per-version suites: SSL3" \
Manuel Pégourié-Gonnardf1e62e82019-03-01 10:14:58 +01004218 "$P_SRV min_version=ssl3 version_suites=TLS-RSA-WITH-CAMELLIA-128-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \
Manuel Pégourié-Gonnard90805a82014-06-11 14:06:01 +02004219 "$P_CLI force_version=ssl3" \
4220 0 \
Manuel Pégourié-Gonnardf1e62e82019-03-01 10:14:58 +01004221 -c "Ciphersuite is TLS-RSA-WITH-CAMELLIA-128-CBC-SHA"
Manuel Pégourié-Gonnard90805a82014-06-11 14:06:01 +02004222
Manuel Pégourié-Gonnardf1e62e82019-03-01 10:14:58 +01004223requires_config_enabled MBEDTLS_SSL_PROTO_TLS1
4224requires_config_enabled MBEDTLS_CAMELLIA_C
4225requires_config_enabled MBEDTLS_AES_C
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004226run_test "Per-version suites: TLS 1.0" \
Manuel Pégourié-Gonnardf1e62e82019-03-01 10:14:58 +01004227 "$P_SRV version_suites=TLS-RSA-WITH-CAMELLIA-128-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \
Manuel Pégourié-Gonnardbd47a582015-01-12 13:43:29 +01004228 "$P_CLI force_version=tls1 arc4=1" \
Manuel Pégourié-Gonnard90805a82014-06-11 14:06:01 +02004229 0 \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01004230 -c "Ciphersuite is TLS-RSA-WITH-AES-256-CBC-SHA"
Manuel Pégourié-Gonnard90805a82014-06-11 14:06:01 +02004231
Manuel Pégourié-Gonnardf1e62e82019-03-01 10:14:58 +01004232requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
4233requires_config_enabled MBEDTLS_CAMELLIA_C
4234requires_config_enabled MBEDTLS_AES_C
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004235run_test "Per-version suites: TLS 1.1" \
Manuel Pégourié-Gonnardf1e62e82019-03-01 10:14:58 +01004236 "$P_SRV version_suites=TLS-RSA-WITH-CAMELLIA-128-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \
Manuel Pégourié-Gonnard90805a82014-06-11 14:06:01 +02004237 "$P_CLI force_version=tls1_1" \
4238 0 \
4239 -c "Ciphersuite is TLS-RSA-WITH-AES-128-CBC-SHA"
4240
Manuel Pégourié-Gonnardf1e62e82019-03-01 10:14:58 +01004241requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
4242requires_config_enabled MBEDTLS_CAMELLIA_C
4243requires_config_enabled MBEDTLS_AES_C
Manuel Pégourié-Gonnard8e03c712014-08-30 21:42:40 +02004244run_test "Per-version suites: TLS 1.2" \
Manuel Pégourié-Gonnardf1e62e82019-03-01 10:14:58 +01004245 "$P_SRV version_suites=TLS-RSA-WITH-CAMELLIA-128-CBC-SHA,TLS-RSA-WITH-AES-256-CBC-SHA,TLS-RSA-WITH-AES-128-CBC-SHA,TLS-RSA-WITH-AES-128-GCM-SHA256" \
Manuel Pégourié-Gonnard90805a82014-06-11 14:06:01 +02004246 "$P_CLI force_version=tls1_2" \
4247 0 \
4248 -c "Ciphersuite is TLS-RSA-WITH-AES-128-GCM-SHA256"
4249
Manuel Pégourié-Gonnard4cc8c632015-07-23 12:24:03 +02004250# Test for ClientHello without extensions
4251
Manuel Pégourié-Gonnardd55bc202015-08-04 16:22:30 +02004252requires_gnutls
Manuel Pégourié-Gonnardd20ae892020-01-30 12:45:14 +01004253run_test "ClientHello without extensions" \
Manuel Pégourié-Gonnard7c9add22020-01-30 10:58:57 +01004254 "$P_SRV debug_level=3" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02004255 "$G_CLI --priority=NORMAL:%NO_EXTENSIONS:%DISABLE_SAFE_RENEGOTIATION localhost" \
Gilles Peskine5d2511c2017-05-12 13:16:40 +02004256 0 \
4257 -s "dumping 'client hello extensions' (0 bytes)"
4258
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004259# Tests for mbedtls_ssl_get_bytes_avail()
Manuel Pégourié-Gonnard95c0a632014-06-11 18:32:36 +02004260
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004261run_test "mbedtls_ssl_get_bytes_avail: no extra data" \
Manuel Pégourié-Gonnard95c0a632014-06-11 18:32:36 +02004262 "$P_SRV" \
4263 "$P_CLI request_size=100" \
4264 0 \
4265 -s "Read from client: 100 bytes read$"
4266
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02004267run_test "mbedtls_ssl_get_bytes_avail: extra data" \
Manuel Pégourié-Gonnard95c0a632014-06-11 18:32:36 +02004268 "$P_SRV" \
4269 "$P_CLI request_size=500" \
4270 0 \
4271 -s "Read from client: 500 bytes read (.*+.*)"
Manuel Pégourié-Gonnard90805a82014-06-11 14:06:01 +02004272
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004273# Tests for small client packets
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02004274
Janos Follathe2681a42016-03-07 15:57:05 +00004275requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004276run_test "Small client packet SSLv3 BlockCipher" \
Manuel Pégourié-Gonnard448ea502015-01-12 11:40:14 +01004277 "$P_SRV min_version=ssl3" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02004278 "$P_CLI request_size=1 force_version=ssl3 \
4279 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
4280 0 \
4281 -s "Read from client: 1 bytes read"
4282
Janos Follathe2681a42016-03-07 15:57:05 +00004283requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004284run_test "Small client packet SSLv3 StreamCipher" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01004285 "$P_SRV min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02004286 "$P_CLI request_size=1 force_version=ssl3 \
4287 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
4288 0 \
4289 -s "Read from client: 1 bytes read"
4290
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004291run_test "Small client packet TLS 1.0 BlockCipher" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02004292 "$P_SRV" \
4293 "$P_CLI request_size=1 force_version=tls1 \
4294 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
4295 0 \
4296 -s "Read from client: 1 bytes read"
4297
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004298run_test "Small client packet TLS 1.0 BlockCipher, without EtM" \
Manuel Pégourié-Gonnard169dd6a2014-11-04 16:15:39 +01004299 "$P_SRV" \
4300 "$P_CLI request_size=1 force_version=tls1 etm=0 \
4301 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
4302 0 \
4303 -s "Read from client: 1 bytes read"
4304
Hanno Becker32c55012017-11-10 08:42:54 +00004305requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004306run_test "Small client packet TLS 1.0 BlockCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00004307 "$P_SRV trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02004308 "$P_CLI request_size=1 force_version=tls1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00004309 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02004310 0 \
4311 -s "Read from client: 1 bytes read"
4312
Hanno Becker32c55012017-11-10 08:42:54 +00004313requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004314run_test "Small client packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00004315 "$P_SRV trunc_hmac=1" \
Hanno Becker8501f982017-11-10 08:59:04 +00004316 "$P_CLI request_size=1 force_version=tls1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00004317 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
Hanno Becker8501f982017-11-10 08:59:04 +00004318 0 \
4319 -s "Read from client: 1 bytes read"
4320
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004321run_test "Small client packet TLS 1.0 StreamCipher" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01004322 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02004323 "$P_CLI request_size=1 force_version=tls1 \
Hanno Becker8501f982017-11-10 08:59:04 +00004324 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
4325 0 \
4326 -s "Read from client: 1 bytes read"
4327
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004328run_test "Small client packet TLS 1.0 StreamCipher, without EtM" \
Hanno Becker8501f982017-11-10 08:59:04 +00004329 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
4330 "$P_CLI request_size=1 force_version=tls1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00004331 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
Hanno Becker8501f982017-11-10 08:59:04 +00004332 0 \
4333 -s "Read from client: 1 bytes read"
4334
4335requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004336run_test "Small client packet TLS 1.0 StreamCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00004337 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02004338 "$P_CLI request_size=1 force_version=tls1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00004339 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02004340 0 \
4341 -s "Read from client: 1 bytes read"
4342
Hanno Becker8501f982017-11-10 08:59:04 +00004343requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004344run_test "Small client packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00004345 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
4346 "$P_CLI request_size=1 force_version=tls1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
4347 trunc_hmac=1 etm=0" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02004348 0 \
4349 -s "Read from client: 1 bytes read"
4350
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004351run_test "Small client packet TLS 1.1 BlockCipher" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02004352 "$P_SRV" \
4353 "$P_CLI request_size=1 force_version=tls1_1 \
4354 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
4355 0 \
4356 -s "Read from client: 1 bytes read"
4357
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004358run_test "Small client packet TLS 1.1 BlockCipher, without EtM" \
Manuel Pégourié-Gonnard169dd6a2014-11-04 16:15:39 +01004359 "$P_SRV" \
Hanno Becker8501f982017-11-10 08:59:04 +00004360 "$P_CLI request_size=1 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00004361 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
Hanno Becker8501f982017-11-10 08:59:04 +00004362 0 \
4363 -s "Read from client: 1 bytes read"
4364
4365requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004366run_test "Small client packet TLS 1.1 BlockCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00004367 "$P_SRV trunc_hmac=1" \
Hanno Becker8501f982017-11-10 08:59:04 +00004368 "$P_CLI request_size=1 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00004369 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
Hanno Becker8501f982017-11-10 08:59:04 +00004370 0 \
4371 -s "Read from client: 1 bytes read"
4372
4373requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004374run_test "Small client packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00004375 "$P_SRV trunc_hmac=1" \
Hanno Becker8501f982017-11-10 08:59:04 +00004376 "$P_CLI request_size=1 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00004377 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
Manuel Pégourié-Gonnard169dd6a2014-11-04 16:15:39 +01004378 0 \
4379 -s "Read from client: 1 bytes read"
4380
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004381run_test "Small client packet TLS 1.1 StreamCipher" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01004382 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02004383 "$P_CLI request_size=1 force_version=tls1_1 \
4384 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
4385 0 \
4386 -s "Read from client: 1 bytes read"
4387
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004388run_test "Small client packet TLS 1.1 StreamCipher, without EtM" \
Hanno Becker8501f982017-11-10 08:59:04 +00004389 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02004390 "$P_CLI request_size=1 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00004391 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02004392 0 \
4393 -s "Read from client: 1 bytes read"
4394
Hanno Becker8501f982017-11-10 08:59:04 +00004395requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004396run_test "Small client packet TLS 1.1 StreamCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00004397 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02004398 "$P_CLI request_size=1 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00004399 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02004400 0 \
4401 -s "Read from client: 1 bytes read"
4402
Hanno Becker32c55012017-11-10 08:42:54 +00004403requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004404run_test "Small client packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00004405 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02004406 "$P_CLI request_size=1 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00004407 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02004408 0 \
4409 -s "Read from client: 1 bytes read"
4410
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004411run_test "Small client packet TLS 1.2 BlockCipher" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02004412 "$P_SRV" \
4413 "$P_CLI request_size=1 force_version=tls1_2 \
4414 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
4415 0 \
4416 -s "Read from client: 1 bytes read"
4417
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004418run_test "Small client packet TLS 1.2 BlockCipher, without EtM" \
Manuel Pégourié-Gonnard169dd6a2014-11-04 16:15:39 +01004419 "$P_SRV" \
Hanno Becker8501f982017-11-10 08:59:04 +00004420 "$P_CLI request_size=1 force_version=tls1_2 \
Hanno Becker909f9a32017-11-21 17:10:12 +00004421 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
Manuel Pégourié-Gonnard169dd6a2014-11-04 16:15:39 +01004422 0 \
4423 -s "Read from client: 1 bytes read"
4424
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004425run_test "Small client packet TLS 1.2 BlockCipher larger MAC" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02004426 "$P_SRV" \
Manuel Pégourié-Gonnardc82ee352015-01-07 16:35:25 +01004427 "$P_CLI request_size=1 force_version=tls1_2 \
4428 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02004429 0 \
4430 -s "Read from client: 1 bytes read"
4431
Hanno Becker32c55012017-11-10 08:42:54 +00004432requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004433run_test "Small client packet TLS 1.2 BlockCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00004434 "$P_SRV trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02004435 "$P_CLI request_size=1 force_version=tls1_2 \
Hanno Becker909f9a32017-11-21 17:10:12 +00004436 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02004437 0 \
4438 -s "Read from client: 1 bytes read"
4439
Hanno Becker8501f982017-11-10 08:59:04 +00004440requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004441run_test "Small client packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00004442 "$P_SRV trunc_hmac=1" \
Hanno Becker8501f982017-11-10 08:59:04 +00004443 "$P_CLI request_size=1 force_version=tls1_2 \
Hanno Becker909f9a32017-11-21 17:10:12 +00004444 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02004445 0 \
4446 -s "Read from client: 1 bytes read"
4447
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004448run_test "Small client packet TLS 1.2 StreamCipher" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01004449 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02004450 "$P_CLI request_size=1 force_version=tls1_2 \
4451 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
4452 0 \
4453 -s "Read from client: 1 bytes read"
4454
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004455run_test "Small client packet TLS 1.2 StreamCipher, without EtM" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01004456 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02004457 "$P_CLI request_size=1 force_version=tls1_2 \
Hanno Becker909f9a32017-11-21 17:10:12 +00004458 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
Hanno Becker8501f982017-11-10 08:59:04 +00004459 0 \
4460 -s "Read from client: 1 bytes read"
4461
Hanno Becker32c55012017-11-10 08:42:54 +00004462requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004463run_test "Small client packet TLS 1.2 StreamCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00004464 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02004465 "$P_CLI request_size=1 force_version=tls1_2 \
Hanno Becker909f9a32017-11-21 17:10:12 +00004466 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02004467 0 \
4468 -s "Read from client: 1 bytes read"
4469
Hanno Becker8501f982017-11-10 08:59:04 +00004470requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004471run_test "Small client packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00004472 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Hanno Becker8501f982017-11-10 08:59:04 +00004473 "$P_CLI request_size=1 force_version=tls1_2 \
Hanno Becker909f9a32017-11-21 17:10:12 +00004474 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02004475 0 \
4476 -s "Read from client: 1 bytes read"
4477
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004478run_test "Small client packet TLS 1.2 AEAD" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02004479 "$P_SRV" \
4480 "$P_CLI request_size=1 force_version=tls1_2 \
4481 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
4482 0 \
4483 -s "Read from client: 1 bytes read"
4484
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004485run_test "Small client packet TLS 1.2 AEAD shorter tag" \
Manuel Pégourié-Gonnardee415032014-06-18 15:08:56 +02004486 "$P_SRV" \
4487 "$P_CLI request_size=1 force_version=tls1_2 \
4488 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
4489 0 \
4490 -s "Read from client: 1 bytes read"
4491
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004492# Tests for small client packets in DTLS
Hanno Beckere2148042017-11-10 08:59:18 +00004493
4494requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004495run_test "Small client packet DTLS 1.0" \
Hanno Beckere2148042017-11-10 08:59:18 +00004496 "$P_SRV dtls=1 force_version=dtls1" \
4497 "$P_CLI dtls=1 request_size=1 \
4498 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
4499 0 \
4500 -s "Read from client: 1 bytes read"
4501
4502requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004503run_test "Small client packet DTLS 1.0, without EtM" \
Hanno Beckere2148042017-11-10 08:59:18 +00004504 "$P_SRV dtls=1 force_version=dtls1 etm=0" \
4505 "$P_CLI dtls=1 request_size=1 \
4506 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
4507 0 \
4508 -s "Read from client: 1 bytes read"
4509
4510requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
4511requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004512run_test "Small client packet DTLS 1.0, truncated hmac" \
Hanno Becker909f9a32017-11-21 17:10:12 +00004513 "$P_SRV dtls=1 force_version=dtls1 trunc_hmac=1" \
4514 "$P_CLI dtls=1 request_size=1 trunc_hmac=1 \
Hanno Beckere2148042017-11-10 08:59:18 +00004515 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
4516 0 \
4517 -s "Read from client: 1 bytes read"
4518
4519requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
4520requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004521run_test "Small client packet DTLS 1.0, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00004522 "$P_SRV dtls=1 force_version=dtls1 trunc_hmac=1 etm=0" \
Hanno Beckere2148042017-11-10 08:59:18 +00004523 "$P_CLI dtls=1 request_size=1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00004524 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\
Hanno Beckere2148042017-11-10 08:59:18 +00004525 0 \
4526 -s "Read from client: 1 bytes read"
4527
4528requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004529run_test "Small client packet DTLS 1.2" \
Hanno Beckere2148042017-11-10 08:59:18 +00004530 "$P_SRV dtls=1 force_version=dtls1_2" \
4531 "$P_CLI dtls=1 request_size=1 \
4532 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
4533 0 \
4534 -s "Read from client: 1 bytes read"
4535
4536requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004537run_test "Small client packet DTLS 1.2, without EtM" \
Hanno Becker909f9a32017-11-21 17:10:12 +00004538 "$P_SRV dtls=1 force_version=dtls1_2 etm=0" \
Hanno Beckere2148042017-11-10 08:59:18 +00004539 "$P_CLI dtls=1 request_size=1 \
4540 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
4541 0 \
4542 -s "Read from client: 1 bytes read"
4543
4544requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
4545requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004546run_test "Small client packet DTLS 1.2, truncated hmac" \
Hanno Becker909f9a32017-11-21 17:10:12 +00004547 "$P_SRV dtls=1 force_version=dtls1_2 trunc_hmac=1" \
Hanno Beckere2148042017-11-10 08:59:18 +00004548 "$P_CLI dtls=1 request_size=1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00004549 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
Hanno Beckere2148042017-11-10 08:59:18 +00004550 0 \
4551 -s "Read from client: 1 bytes read"
4552
4553requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
4554requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004555run_test "Small client packet DTLS 1.2, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00004556 "$P_SRV dtls=1 force_version=dtls1_2 trunc_hmac=1 etm=0" \
Hanno Beckere2148042017-11-10 08:59:18 +00004557 "$P_CLI dtls=1 request_size=1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00004558 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\
Hanno Beckere2148042017-11-10 08:59:18 +00004559 0 \
4560 -s "Read from client: 1 bytes read"
4561
Andrzej Kurekc19fc552018-06-19 09:37:30 -04004562# Tests for small server packets
4563
4564requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
4565run_test "Small server packet SSLv3 BlockCipher" \
4566 "$P_SRV response_size=1 min_version=ssl3" \
4567 "$P_CLI force_version=ssl3 \
4568 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
4569 0 \
4570 -c "Read from server: 1 bytes read"
4571
4572requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
4573run_test "Small server packet SSLv3 StreamCipher" \
4574 "$P_SRV response_size=1 min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
4575 "$P_CLI force_version=ssl3 \
4576 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
4577 0 \
4578 -c "Read from server: 1 bytes read"
4579
4580run_test "Small server packet TLS 1.0 BlockCipher" \
4581 "$P_SRV response_size=1" \
4582 "$P_CLI force_version=tls1 \
4583 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
4584 0 \
4585 -c "Read from server: 1 bytes read"
4586
4587run_test "Small server packet TLS 1.0 BlockCipher, without EtM" \
4588 "$P_SRV response_size=1" \
4589 "$P_CLI force_version=tls1 etm=0 \
4590 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
4591 0 \
4592 -c "Read from server: 1 bytes read"
4593
4594requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
4595run_test "Small server packet TLS 1.0 BlockCipher, truncated MAC" \
4596 "$P_SRV response_size=1 trunc_hmac=1" \
4597 "$P_CLI force_version=tls1 \
4598 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
4599 0 \
4600 -c "Read from server: 1 bytes read"
4601
4602requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
4603run_test "Small server packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \
4604 "$P_SRV response_size=1 trunc_hmac=1" \
4605 "$P_CLI force_version=tls1 \
4606 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
4607 0 \
4608 -c "Read from server: 1 bytes read"
4609
4610run_test "Small server packet TLS 1.0 StreamCipher" \
4611 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
4612 "$P_CLI force_version=tls1 \
4613 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
4614 0 \
4615 -c "Read from server: 1 bytes read"
4616
4617run_test "Small server packet TLS 1.0 StreamCipher, without EtM" \
4618 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
4619 "$P_CLI force_version=tls1 \
4620 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
4621 0 \
4622 -c "Read from server: 1 bytes read"
4623
4624requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
4625run_test "Small server packet TLS 1.0 StreamCipher, truncated MAC" \
4626 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
4627 "$P_CLI force_version=tls1 \
4628 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
4629 0 \
4630 -c "Read from server: 1 bytes read"
4631
4632requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
4633run_test "Small server packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \
4634 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
4635 "$P_CLI force_version=tls1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
4636 trunc_hmac=1 etm=0" \
4637 0 \
4638 -c "Read from server: 1 bytes read"
4639
4640run_test "Small server packet TLS 1.1 BlockCipher" \
4641 "$P_SRV response_size=1" \
4642 "$P_CLI force_version=tls1_1 \
4643 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
4644 0 \
4645 -c "Read from server: 1 bytes read"
4646
4647run_test "Small server packet TLS 1.1 BlockCipher, without EtM" \
4648 "$P_SRV response_size=1" \
4649 "$P_CLI force_version=tls1_1 \
4650 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
4651 0 \
4652 -c "Read from server: 1 bytes read"
4653
4654requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
4655run_test "Small server packet TLS 1.1 BlockCipher, truncated MAC" \
4656 "$P_SRV response_size=1 trunc_hmac=1" \
4657 "$P_CLI force_version=tls1_1 \
4658 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
4659 0 \
4660 -c "Read from server: 1 bytes read"
4661
4662requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
4663run_test "Small server packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \
4664 "$P_SRV response_size=1 trunc_hmac=1" \
4665 "$P_CLI force_version=tls1_1 \
4666 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
4667 0 \
4668 -c "Read from server: 1 bytes read"
4669
4670run_test "Small server packet TLS 1.1 StreamCipher" \
4671 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
4672 "$P_CLI force_version=tls1_1 \
4673 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
4674 0 \
4675 -c "Read from server: 1 bytes read"
4676
4677run_test "Small server packet TLS 1.1 StreamCipher, without EtM" \
4678 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
4679 "$P_CLI force_version=tls1_1 \
4680 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
4681 0 \
4682 -c "Read from server: 1 bytes read"
4683
4684requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
4685run_test "Small server packet TLS 1.1 StreamCipher, truncated MAC" \
4686 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
4687 "$P_CLI force_version=tls1_1 \
4688 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
4689 0 \
4690 -c "Read from server: 1 bytes read"
4691
4692requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
4693run_test "Small server packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \
4694 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
4695 "$P_CLI force_version=tls1_1 \
4696 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
4697 0 \
4698 -c "Read from server: 1 bytes read"
4699
4700run_test "Small server packet TLS 1.2 BlockCipher" \
4701 "$P_SRV response_size=1" \
4702 "$P_CLI force_version=tls1_2 \
4703 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
4704 0 \
4705 -c "Read from server: 1 bytes read"
4706
4707run_test "Small server packet TLS 1.2 BlockCipher, without EtM" \
4708 "$P_SRV response_size=1" \
4709 "$P_CLI force_version=tls1_2 \
4710 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
4711 0 \
4712 -c "Read from server: 1 bytes read"
4713
4714run_test "Small server packet TLS 1.2 BlockCipher larger MAC" \
4715 "$P_SRV response_size=1" \
4716 "$P_CLI force_version=tls1_2 \
4717 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
4718 0 \
4719 -c "Read from server: 1 bytes read"
4720
4721requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
4722run_test "Small server packet TLS 1.2 BlockCipher, truncated MAC" \
4723 "$P_SRV response_size=1 trunc_hmac=1" \
4724 "$P_CLI force_version=tls1_2 \
4725 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
4726 0 \
4727 -c "Read from server: 1 bytes read"
4728
4729requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
4730run_test "Small server packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
4731 "$P_SRV response_size=1 trunc_hmac=1" \
4732 "$P_CLI force_version=tls1_2 \
4733 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
4734 0 \
4735 -c "Read from server: 1 bytes read"
4736
4737run_test "Small server packet TLS 1.2 StreamCipher" \
4738 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
4739 "$P_CLI force_version=tls1_2 \
4740 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
4741 0 \
4742 -c "Read from server: 1 bytes read"
4743
4744run_test "Small server packet TLS 1.2 StreamCipher, without EtM" \
4745 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
4746 "$P_CLI force_version=tls1_2 \
4747 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
4748 0 \
4749 -c "Read from server: 1 bytes read"
4750
4751requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
4752run_test "Small server packet TLS 1.2 StreamCipher, truncated MAC" \
4753 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
4754 "$P_CLI force_version=tls1_2 \
4755 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
4756 0 \
4757 -c "Read from server: 1 bytes read"
4758
4759requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
4760run_test "Small server packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
4761 "$P_SRV response_size=1 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
4762 "$P_CLI force_version=tls1_2 \
4763 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
4764 0 \
4765 -c "Read from server: 1 bytes read"
4766
4767run_test "Small server packet TLS 1.2 AEAD" \
4768 "$P_SRV response_size=1" \
4769 "$P_CLI force_version=tls1_2 \
4770 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
4771 0 \
4772 -c "Read from server: 1 bytes read"
4773
4774run_test "Small server packet TLS 1.2 AEAD shorter tag" \
4775 "$P_SRV response_size=1" \
4776 "$P_CLI force_version=tls1_2 \
4777 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
4778 0 \
4779 -c "Read from server: 1 bytes read"
4780
4781# Tests for small server packets in DTLS
4782
4783requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
4784run_test "Small server packet DTLS 1.0" \
4785 "$P_SRV dtls=1 response_size=1 force_version=dtls1" \
4786 "$P_CLI dtls=1 \
4787 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
4788 0 \
4789 -c "Read from server: 1 bytes read"
4790
4791requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
4792run_test "Small server packet DTLS 1.0, without EtM" \
4793 "$P_SRV dtls=1 response_size=1 force_version=dtls1 etm=0" \
4794 "$P_CLI dtls=1 \
4795 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
4796 0 \
4797 -c "Read from server: 1 bytes read"
4798
4799requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
4800requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
4801run_test "Small server packet DTLS 1.0, truncated hmac" \
4802 "$P_SRV dtls=1 response_size=1 force_version=dtls1 trunc_hmac=1" \
4803 "$P_CLI dtls=1 trunc_hmac=1 \
4804 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
4805 0 \
4806 -c "Read from server: 1 bytes read"
4807
4808requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
4809requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
4810run_test "Small server packet DTLS 1.0, without EtM, truncated MAC" \
4811 "$P_SRV dtls=1 response_size=1 force_version=dtls1 trunc_hmac=1 etm=0" \
4812 "$P_CLI dtls=1 \
4813 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\
4814 0 \
4815 -c "Read from server: 1 bytes read"
4816
4817requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
4818run_test "Small server packet DTLS 1.2" \
4819 "$P_SRV dtls=1 response_size=1 force_version=dtls1_2" \
4820 "$P_CLI dtls=1 \
4821 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
4822 0 \
4823 -c "Read from server: 1 bytes read"
4824
4825requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
4826run_test "Small server packet DTLS 1.2, without EtM" \
4827 "$P_SRV dtls=1 response_size=1 force_version=dtls1_2 etm=0" \
4828 "$P_CLI dtls=1 \
4829 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
4830 0 \
4831 -c "Read from server: 1 bytes read"
4832
4833requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
4834requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
4835run_test "Small server packet DTLS 1.2, truncated hmac" \
4836 "$P_SRV dtls=1 response_size=1 force_version=dtls1_2 trunc_hmac=1" \
4837 "$P_CLI dtls=1 \
4838 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
4839 0 \
4840 -c "Read from server: 1 bytes read"
4841
4842requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
4843requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
4844run_test "Small server packet DTLS 1.2, without EtM, truncated MAC" \
4845 "$P_SRV dtls=1 response_size=1 force_version=dtls1_2 trunc_hmac=1 etm=0" \
4846 "$P_CLI dtls=1 \
4847 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1"\
4848 0 \
4849 -c "Read from server: 1 bytes read"
4850
Janos Follath00efff72016-05-06 13:48:23 +01004851# A test for extensions in SSLv3
Yuto Takanoc75df632021-07-08 15:56:33 +01004852requires_max_content_len 4096
Janos Follath00efff72016-05-06 13:48:23 +01004853requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
4854run_test "SSLv3 with extensions, server side" \
4855 "$P_SRV min_version=ssl3 debug_level=3" \
4856 "$P_CLI force_version=ssl3 tickets=1 max_frag_len=4096 alpn=abc,1234" \
4857 0 \
4858 -S "dumping 'client hello extensions'" \
4859 -S "server hello, total extension length:"
4860
Andrzej Kurek30e731d2017-10-12 13:50:29 +02004861# Test for large client packets
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02004862
Angus Grattonc4dd0732018-04-11 16:28:39 +10004863# How many fragments do we expect to write $1 bytes?
4864fragments_for_write() {
4865 echo "$(( ( $1 + $MAX_OUT_LEN - 1 ) / $MAX_OUT_LEN ))"
4866}
4867
Janos Follathe2681a42016-03-07 15:57:05 +00004868requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Andrzej Kurek30e731d2017-10-12 13:50:29 +02004869run_test "Large client packet SSLv3 BlockCipher" \
Manuel Pégourié-Gonnard448ea502015-01-12 11:40:14 +01004870 "$P_SRV min_version=ssl3" \
Manuel Pégourié-Gonnardc82ee352015-01-07 16:35:25 +01004871 "$P_CLI request_size=16384 force_version=ssl3 recsplit=0 \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02004872 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
4873 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10004874 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
4875 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02004876
Janos Follathe2681a42016-03-07 15:57:05 +00004877requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
Andrzej Kurek30e731d2017-10-12 13:50:29 +02004878run_test "Large client packet SSLv3 StreamCipher" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01004879 "$P_SRV min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02004880 "$P_CLI request_size=16384 force_version=ssl3 \
4881 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
4882 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10004883 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
4884 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02004885
Andrzej Kurek30e731d2017-10-12 13:50:29 +02004886run_test "Large client packet TLS 1.0 BlockCipher" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02004887 "$P_SRV" \
Manuel Pégourié-Gonnardc82ee352015-01-07 16:35:25 +01004888 "$P_CLI request_size=16384 force_version=tls1 recsplit=0 \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02004889 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
4890 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10004891 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
4892 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02004893
Andrzej Kurek30e731d2017-10-12 13:50:29 +02004894run_test "Large client packet TLS 1.0 BlockCipher, without EtM" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02004895 "$P_SRV" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00004896 "$P_CLI request_size=16384 force_version=tls1 etm=0 recsplit=0 \
4897 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
4898 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10004899 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Hanno Becker278fc7a2017-11-10 09:16:28 +00004900
Hanno Becker32c55012017-11-10 08:42:54 +00004901requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02004902run_test "Large client packet TLS 1.0 BlockCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00004903 "$P_SRV trunc_hmac=1" \
Manuel Pégourié-Gonnardc82ee352015-01-07 16:35:25 +01004904 "$P_CLI request_size=16384 force_version=tls1 recsplit=0 \
Hanno Becker909f9a32017-11-21 17:10:12 +00004905 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02004906 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10004907 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
4908 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02004909
Hanno Becker32c55012017-11-10 08:42:54 +00004910requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02004911run_test "Large client packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00004912 "$P_SRV trunc_hmac=1" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00004913 "$P_CLI request_size=16384 force_version=tls1 etm=0 recsplit=0 \
Hanno Becker909f9a32017-11-21 17:10:12 +00004914 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00004915 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10004916 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Hanno Becker278fc7a2017-11-10 09:16:28 +00004917
Andrzej Kurek30e731d2017-10-12 13:50:29 +02004918run_test "Large client packet TLS 1.0 StreamCipher" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01004919 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02004920 "$P_CLI request_size=16384 force_version=tls1 \
Hanno Becker278fc7a2017-11-10 09:16:28 +00004921 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
4922 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10004923 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Hanno Becker278fc7a2017-11-10 09:16:28 +00004924
Andrzej Kurek30e731d2017-10-12 13:50:29 +02004925run_test "Large client packet TLS 1.0 StreamCipher, without EtM" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00004926 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
4927 "$P_CLI request_size=16384 force_version=tls1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00004928 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00004929 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10004930 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Hanno Becker278fc7a2017-11-10 09:16:28 +00004931
4932requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02004933run_test "Large client packet TLS 1.0 StreamCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00004934 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02004935 "$P_CLI request_size=16384 force_version=tls1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00004936 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02004937 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10004938 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02004939
Hanno Becker278fc7a2017-11-10 09:16:28 +00004940requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02004941run_test "Large client packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00004942 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00004943 "$P_CLI request_size=16384 force_version=tls1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00004944 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02004945 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10004946 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
4947 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02004948
Andrzej Kurek30e731d2017-10-12 13:50:29 +02004949run_test "Large client packet TLS 1.1 BlockCipher" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02004950 "$P_SRV" \
4951 "$P_CLI request_size=16384 force_version=tls1_1 \
4952 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
4953 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10004954 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
4955 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02004956
Andrzej Kurek30e731d2017-10-12 13:50:29 +02004957run_test "Large client packet TLS 1.1 BlockCipher, without EtM" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00004958 "$P_SRV" \
4959 "$P_CLI request_size=16384 force_version=tls1_1 etm=0 \
4960 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02004961 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10004962 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02004963
Hanno Becker32c55012017-11-10 08:42:54 +00004964requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02004965run_test "Large client packet TLS 1.1 BlockCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00004966 "$P_SRV trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02004967 "$P_CLI request_size=16384 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00004968 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02004969 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10004970 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02004971
Hanno Becker32c55012017-11-10 08:42:54 +00004972requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02004973run_test "Large client packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00004974 "$P_SRV trunc_hmac=1" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00004975 "$P_CLI request_size=16384 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00004976 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00004977 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10004978 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Hanno Becker278fc7a2017-11-10 09:16:28 +00004979
Andrzej Kurek30e731d2017-10-12 13:50:29 +02004980run_test "Large client packet TLS 1.1 StreamCipher" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02004981 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
4982 "$P_CLI request_size=16384 force_version=tls1_1 \
4983 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
4984 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10004985 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
4986 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02004987
Andrzej Kurek30e731d2017-10-12 13:50:29 +02004988run_test "Large client packet TLS 1.1 StreamCipher, without EtM" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00004989 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02004990 "$P_CLI request_size=16384 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00004991 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02004992 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10004993 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
4994 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02004995
Hanno Becker278fc7a2017-11-10 09:16:28 +00004996requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02004997run_test "Large client packet TLS 1.1 StreamCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00004998 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02004999 "$P_CLI request_size=16384 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005000 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005001 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005002 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005003
Hanno Becker278fc7a2017-11-10 09:16:28 +00005004requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005005run_test "Large client packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005006 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00005007 "$P_CLI request_size=16384 force_version=tls1_1 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005008 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005009 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005010 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
5011 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005012
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005013run_test "Large client packet TLS 1.2 BlockCipher" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005014 "$P_SRV" \
5015 "$P_CLI request_size=16384 force_version=tls1_2 \
5016 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5017 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005018 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
5019 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005020
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005021run_test "Large client packet TLS 1.2 BlockCipher, without EtM" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00005022 "$P_SRV" \
5023 "$P_CLI request_size=16384 force_version=tls1_2 etm=0 \
5024 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5025 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005026 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Hanno Becker278fc7a2017-11-10 09:16:28 +00005027
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005028run_test "Large client packet TLS 1.2 BlockCipher larger MAC" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005029 "$P_SRV" \
Manuel Pégourié-Gonnardc82ee352015-01-07 16:35:25 +01005030 "$P_CLI request_size=16384 force_version=tls1_2 \
5031 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005032 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005033 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
5034 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005035
Hanno Becker32c55012017-11-10 08:42:54 +00005036requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005037run_test "Large client packet TLS 1.2 BlockCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005038 "$P_SRV trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005039 "$P_CLI request_size=16384 force_version=tls1_2 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005040 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005041 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005042 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005043
Hanno Becker278fc7a2017-11-10 09:16:28 +00005044requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005045run_test "Large client packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005046 "$P_SRV trunc_hmac=1" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00005047 "$P_CLI request_size=16384 force_version=tls1_2 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005048 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005049 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005050 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
5051 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005052
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005053run_test "Large client packet TLS 1.2 StreamCipher" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01005054 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005055 "$P_CLI request_size=16384 force_version=tls1_2 \
5056 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5057 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005058 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
5059 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005060
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005061run_test "Large client packet TLS 1.2 StreamCipher, without EtM" \
Manuel Pégourié-Gonnardea0920f2015-03-24 09:50:15 +01005062 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005063 "$P_CLI request_size=16384 force_version=tls1_2 \
Hanno Becker278fc7a2017-11-10 09:16:28 +00005064 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
5065 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005066 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Hanno Becker278fc7a2017-11-10 09:16:28 +00005067
Hanno Becker32c55012017-11-10 08:42:54 +00005068requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005069run_test "Large client packet TLS 1.2 StreamCipher, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005070 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005071 "$P_CLI request_size=16384 force_version=tls1_2 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005072 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005073 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005074 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005075
Hanno Becker278fc7a2017-11-10 09:16:28 +00005076requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005077run_test "Large client packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
Hanno Becker909f9a32017-11-21 17:10:12 +00005078 "$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
Hanno Becker278fc7a2017-11-10 09:16:28 +00005079 "$P_CLI request_size=16384 force_version=tls1_2 \
Hanno Becker909f9a32017-11-21 17:10:12 +00005080 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005081 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005082 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
5083 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005084
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005085run_test "Large client packet TLS 1.2 AEAD" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005086 "$P_SRV" \
5087 "$P_CLI request_size=16384 force_version=tls1_2 \
5088 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
5089 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005090 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
5091 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005092
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005093run_test "Large client packet TLS 1.2 AEAD shorter tag" \
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005094 "$P_SRV" \
5095 "$P_CLI request_size=16384 force_version=tls1_2 \
5096 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
5097 0 \
Angus Grattonc4dd0732018-04-11 16:28:39 +10005098 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
5099 -s "Read from client: $MAX_CONTENT_LEN bytes read"
Manuel Pégourié-Gonnard8920f692014-06-18 22:05:08 +02005100
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005101# Test for large server packets
Yuto Takanoc75df632021-07-08 15:56:33 +01005102# The tests below fail when the server's OUT_CONTENT_LEN is less than 16384.
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005103requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
5104run_test "Large server packet SSLv3 StreamCipher" \
5105 "$P_SRV response_size=16384 min_version=ssl3 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5106 "$P_CLI force_version=ssl3 \
5107 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5108 0 \
5109 -c "Read from server: 16384 bytes read"
5110
Andrzej Kurek6a4f2242018-08-27 08:00:13 -04005111# Checking next 4 tests logs for 1n-1 split against BEAST too
5112requires_config_enabled MBEDTLS_SSL_PROTO_SSL3
5113run_test "Large server packet SSLv3 BlockCipher" \
5114 "$P_SRV response_size=16384 min_version=ssl3" \
5115 "$P_CLI force_version=ssl3 recsplit=0 \
5116 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5117 0 \
5118 -c "Read from server: 1 bytes read"\
5119 -c "16383 bytes read"\
5120 -C "Read from server: 16384 bytes read"
5121
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005122run_test "Large server packet TLS 1.0 BlockCipher" \
5123 "$P_SRV response_size=16384" \
5124 "$P_CLI force_version=tls1 recsplit=0 \
5125 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5126 0 \
5127 -c "Read from server: 1 bytes read"\
5128 -c "16383 bytes read"\
5129 -C "Read from server: 16384 bytes read"
5130
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005131run_test "Large server packet TLS 1.0 BlockCipher, without EtM" \
5132 "$P_SRV response_size=16384" \
5133 "$P_CLI force_version=tls1 etm=0 recsplit=0 \
5134 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5135 0 \
5136 -c "Read from server: 1 bytes read"\
5137 -c "16383 bytes read"\
5138 -C "Read from server: 16384 bytes read"
5139
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005140requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
5141run_test "Large server packet TLS 1.0 BlockCipher truncated MAC" \
5142 "$P_SRV response_size=16384" \
5143 "$P_CLI force_version=tls1 recsplit=0 \
5144 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
5145 trunc_hmac=1" \
5146 0 \
5147 -c "Read from server: 1 bytes read"\
5148 -c "16383 bytes read"\
5149 -C "Read from server: 16384 bytes read"
5150
5151requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
5152run_test "Large server packet TLS 1.0 StreamCipher truncated MAC" \
5153 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5154 "$P_CLI force_version=tls1 \
5155 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
5156 trunc_hmac=1" \
5157 0 \
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005158 -s "16384 bytes written in 1 fragments" \
5159 -c "Read from server: 16384 bytes read"
5160
5161run_test "Large server packet TLS 1.0 StreamCipher" \
5162 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5163 "$P_CLI force_version=tls1 \
5164 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5165 0 \
5166 -s "16384 bytes written in 1 fragments" \
5167 -c "Read from server: 16384 bytes read"
5168
5169run_test "Large server packet TLS 1.0 StreamCipher, without EtM" \
5170 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5171 "$P_CLI force_version=tls1 \
5172 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
5173 0 \
5174 -s "16384 bytes written in 1 fragments" \
5175 -c "Read from server: 16384 bytes read"
5176
5177requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
5178run_test "Large server packet TLS 1.0 StreamCipher, truncated MAC" \
5179 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
5180 "$P_CLI force_version=tls1 \
5181 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
5182 0 \
5183 -s "16384 bytes written in 1 fragments" \
5184 -c "Read from server: 16384 bytes read"
5185
5186requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
5187run_test "Large server packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \
5188 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
5189 "$P_CLI force_version=tls1 \
5190 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
5191 0 \
5192 -s "16384 bytes written in 1 fragments" \
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005193 -c "Read from server: 16384 bytes read"
5194
5195run_test "Large server packet TLS 1.1 BlockCipher" \
5196 "$P_SRV response_size=16384" \
5197 "$P_CLI force_version=tls1_1 \
5198 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5199 0 \
5200 -c "Read from server: 16384 bytes read"
5201
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005202run_test "Large server packet TLS 1.1 BlockCipher, without EtM" \
5203 "$P_SRV response_size=16384" \
5204 "$P_CLI force_version=tls1_1 etm=0 \
5205 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005206 0 \
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005207 -s "16384 bytes written in 1 fragments" \
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005208 -c "Read from server: 16384 bytes read"
5209
5210requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
5211run_test "Large server packet TLS 1.1 BlockCipher truncated MAC" \
5212 "$P_SRV response_size=16384" \
5213 "$P_CLI force_version=tls1_1 \
5214 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
5215 trunc_hmac=1" \
5216 0 \
5217 -c "Read from server: 16384 bytes read"
5218
5219requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005220run_test "Large server packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \
5221 "$P_SRV response_size=16384 trunc_hmac=1" \
5222 "$P_CLI force_version=tls1_1 \
5223 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
5224 0 \
5225 -s "16384 bytes written in 1 fragments" \
5226 -c "Read from server: 16384 bytes read"
5227
5228run_test "Large server packet TLS 1.1 StreamCipher" \
5229 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5230 "$P_CLI force_version=tls1_1 \
5231 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5232 0 \
5233 -c "Read from server: 16384 bytes read"
5234
5235run_test "Large server packet TLS 1.1 StreamCipher, without EtM" \
5236 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5237 "$P_CLI force_version=tls1_1 \
5238 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
5239 0 \
5240 -s "16384 bytes written in 1 fragments" \
5241 -c "Read from server: 16384 bytes read"
5242
5243requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005244run_test "Large server packet TLS 1.1 StreamCipher truncated MAC" \
5245 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5246 "$P_CLI force_version=tls1_1 \
5247 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
5248 trunc_hmac=1" \
5249 0 \
5250 -c "Read from server: 16384 bytes read"
5251
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005252run_test "Large server packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \
5253 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
5254 "$P_CLI force_version=tls1_1 \
5255 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
5256 0 \
5257 -s "16384 bytes written in 1 fragments" \
5258 -c "Read from server: 16384 bytes read"
5259
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005260run_test "Large server packet TLS 1.2 BlockCipher" \
5261 "$P_SRV response_size=16384" \
5262 "$P_CLI force_version=tls1_2 \
5263 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5264 0 \
5265 -c "Read from server: 16384 bytes read"
5266
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005267run_test "Large server packet TLS 1.2 BlockCipher, without EtM" \
5268 "$P_SRV response_size=16384" \
5269 "$P_CLI force_version=tls1_2 etm=0 \
5270 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
5271 0 \
5272 -s "16384 bytes written in 1 fragments" \
5273 -c "Read from server: 16384 bytes read"
5274
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005275run_test "Large server packet TLS 1.2 BlockCipher larger MAC" \
5276 "$P_SRV response_size=16384" \
5277 "$P_CLI force_version=tls1_2 \
5278 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
5279 0 \
5280 -c "Read from server: 16384 bytes read"
5281
5282requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
5283run_test "Large server packet TLS 1.2 BlockCipher truncated MAC" \
5284 "$P_SRV response_size=16384" \
5285 "$P_CLI force_version=tls1_2 \
5286 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
5287 trunc_hmac=1" \
5288 0 \
5289 -c "Read from server: 16384 bytes read"
5290
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005291run_test "Large server packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
5292 "$P_SRV response_size=16384 trunc_hmac=1" \
5293 "$P_CLI force_version=tls1_2 \
5294 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
5295 0 \
5296 -s "16384 bytes written in 1 fragments" \
5297 -c "Read from server: 16384 bytes read"
5298
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005299run_test "Large server packet TLS 1.2 StreamCipher" \
5300 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5301 "$P_CLI force_version=tls1_2 \
5302 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5303 0 \
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005304 -s "16384 bytes written in 1 fragments" \
5305 -c "Read from server: 16384 bytes read"
5306
5307run_test "Large server packet TLS 1.2 StreamCipher, without EtM" \
5308 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5309 "$P_CLI force_version=tls1_2 \
5310 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA etm=0" \
5311 0 \
5312 -s "16384 bytes written in 1 fragments" \
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005313 -c "Read from server: 16384 bytes read"
5314
5315requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
5316run_test "Large server packet TLS 1.2 StreamCipher truncated MAC" \
5317 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
5318 "$P_CLI force_version=tls1_2 \
5319 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
5320 trunc_hmac=1" \
5321 0 \
5322 -c "Read from server: 16384 bytes read"
5323
Andrzej Kurekc19fc552018-06-19 09:37:30 -04005324requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
5325run_test "Large server packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
5326 "$P_SRV response_size=16384 arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1" \
5327 "$P_CLI force_version=tls1_2 \
5328 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA trunc_hmac=1 etm=0" \
5329 0 \
5330 -s "16384 bytes written in 1 fragments" \
5331 -c "Read from server: 16384 bytes read"
5332
Andrzej Kurek30e731d2017-10-12 13:50:29 +02005333run_test "Large server packet TLS 1.2 AEAD" \
5334 "$P_SRV response_size=16384" \
5335 "$P_CLI force_version=tls1_2 \
5336 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
5337 0 \
5338 -c "Read from server: 16384 bytes read"
5339
5340run_test "Large server packet TLS 1.2 AEAD shorter tag" \
5341 "$P_SRV response_size=16384" \
5342 "$P_CLI force_version=tls1_2 \
5343 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
5344 0 \
5345 -c "Read from server: 16384 bytes read"
5346
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02005347# Tests for restartable ECC
5348
5349requires_config_enabled MBEDTLS_ECP_RESTARTABLE
5350run_test "EC restart: TLS, default" \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02005351 "$P_SRV auth_mode=required" \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02005352 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02005353 key_file=data_files/server5.key crt_file=data_files/server5.crt \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02005354 debug_level=1" \
5355 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02005356 -C "x509_verify_cert.*4b00" \
5357 -C "mbedtls_pk_verify.*4b00" \
5358 -C "mbedtls_ecdh_make_public.*4b00" \
5359 -C "mbedtls_pk_sign.*4b00"
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02005360
5361requires_config_enabled MBEDTLS_ECP_RESTARTABLE
5362run_test "EC restart: TLS, max_ops=0" \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02005363 "$P_SRV auth_mode=required" \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02005364 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02005365 key_file=data_files/server5.key crt_file=data_files/server5.crt \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02005366 debug_level=1 ec_max_ops=0" \
5367 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02005368 -C "x509_verify_cert.*4b00" \
5369 -C "mbedtls_pk_verify.*4b00" \
5370 -C "mbedtls_ecdh_make_public.*4b00" \
5371 -C "mbedtls_pk_sign.*4b00"
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02005372
5373requires_config_enabled MBEDTLS_ECP_RESTARTABLE
5374run_test "EC restart: TLS, max_ops=65535" \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02005375 "$P_SRV auth_mode=required" \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02005376 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02005377 key_file=data_files/server5.key crt_file=data_files/server5.crt \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02005378 debug_level=1 ec_max_ops=65535" \
5379 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02005380 -C "x509_verify_cert.*4b00" \
5381 -C "mbedtls_pk_verify.*4b00" \
5382 -C "mbedtls_ecdh_make_public.*4b00" \
5383 -C "mbedtls_pk_sign.*4b00"
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02005384
5385requires_config_enabled MBEDTLS_ECP_RESTARTABLE
5386run_test "EC restart: TLS, max_ops=1000" \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02005387 "$P_SRV auth_mode=required" \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02005388 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02005389 key_file=data_files/server5.key crt_file=data_files/server5.crt \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02005390 debug_level=1 ec_max_ops=1000" \
5391 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02005392 -c "x509_verify_cert.*4b00" \
5393 -c "mbedtls_pk_verify.*4b00" \
5394 -c "mbedtls_ecdh_make_public.*4b00" \
5395 -c "mbedtls_pk_sign.*4b00"
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02005396
5397requires_config_enabled MBEDTLS_ECP_RESTARTABLE
Manuel Pégourié-Gonnard3bf49c42017-08-15 13:47:06 +02005398run_test "EC restart: TLS, max_ops=1000, badsign" \
5399 "$P_SRV auth_mode=required \
5400 crt_file=data_files/server5-badsign.crt \
5401 key_file=data_files/server5.key" \
5402 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
5403 key_file=data_files/server5.key crt_file=data_files/server5.crt \
5404 debug_level=1 ec_max_ops=1000" \
5405 1 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02005406 -c "x509_verify_cert.*4b00" \
5407 -C "mbedtls_pk_verify.*4b00" \
5408 -C "mbedtls_ecdh_make_public.*4b00" \
5409 -C "mbedtls_pk_sign.*4b00" \
Manuel Pégourié-Gonnard3bf49c42017-08-15 13:47:06 +02005410 -c "! The certificate is not correctly signed by the trusted CA" \
5411 -c "! mbedtls_ssl_handshake returned" \
5412 -c "X509 - Certificate verification failed"
5413
5414requires_config_enabled MBEDTLS_ECP_RESTARTABLE
5415run_test "EC restart: TLS, max_ops=1000, auth_mode=optional badsign" \
5416 "$P_SRV auth_mode=required \
5417 crt_file=data_files/server5-badsign.crt \
5418 key_file=data_files/server5.key" \
5419 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
5420 key_file=data_files/server5.key crt_file=data_files/server5.crt \
5421 debug_level=1 ec_max_ops=1000 auth_mode=optional" \
5422 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02005423 -c "x509_verify_cert.*4b00" \
5424 -c "mbedtls_pk_verify.*4b00" \
5425 -c "mbedtls_ecdh_make_public.*4b00" \
5426 -c "mbedtls_pk_sign.*4b00" \
Manuel Pégourié-Gonnard3bf49c42017-08-15 13:47:06 +02005427 -c "! The certificate is not correctly signed by the trusted CA" \
5428 -C "! mbedtls_ssl_handshake returned" \
5429 -C "X509 - Certificate verification failed"
5430
5431requires_config_enabled MBEDTLS_ECP_RESTARTABLE
5432run_test "EC restart: TLS, max_ops=1000, auth_mode=none badsign" \
5433 "$P_SRV auth_mode=required \
5434 crt_file=data_files/server5-badsign.crt \
5435 key_file=data_files/server5.key" \
5436 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
5437 key_file=data_files/server5.key crt_file=data_files/server5.crt \
5438 debug_level=1 ec_max_ops=1000 auth_mode=none" \
5439 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02005440 -C "x509_verify_cert.*4b00" \
5441 -c "mbedtls_pk_verify.*4b00" \
5442 -c "mbedtls_ecdh_make_public.*4b00" \
5443 -c "mbedtls_pk_sign.*4b00" \
Manuel Pégourié-Gonnard3bf49c42017-08-15 13:47:06 +02005444 -C "! The certificate is not correctly signed by the trusted CA" \
5445 -C "! mbedtls_ssl_handshake returned" \
5446 -C "X509 - Certificate verification failed"
5447
5448requires_config_enabled MBEDTLS_ECP_RESTARTABLE
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02005449run_test "EC restart: DTLS, max_ops=1000" \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02005450 "$P_SRV auth_mode=required dtls=1" \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02005451 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnard862cde52017-05-17 11:56:15 +02005452 key_file=data_files/server5.key crt_file=data_files/server5.crt \
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02005453 dtls=1 debug_level=1 ec_max_ops=1000" \
5454 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02005455 -c "x509_verify_cert.*4b00" \
5456 -c "mbedtls_pk_verify.*4b00" \
5457 -c "mbedtls_ecdh_make_public.*4b00" \
5458 -c "mbedtls_pk_sign.*4b00"
Manuel Pégourié-Gonnard2350b4e2017-05-16 09:26:48 +02005459
Manuel Pégourié-Gonnard32033da2017-05-18 12:49:27 +02005460requires_config_enabled MBEDTLS_ECP_RESTARTABLE
5461run_test "EC restart: TLS, max_ops=1000 no client auth" \
5462 "$P_SRV" \
5463 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
5464 debug_level=1 ec_max_ops=1000" \
5465 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02005466 -c "x509_verify_cert.*4b00" \
5467 -c "mbedtls_pk_verify.*4b00" \
5468 -c "mbedtls_ecdh_make_public.*4b00" \
5469 -C "mbedtls_pk_sign.*4b00"
Manuel Pégourié-Gonnard32033da2017-05-18 12:49:27 +02005470
5471requires_config_enabled MBEDTLS_ECP_RESTARTABLE
5472run_test "EC restart: TLS, max_ops=1000, ECDHE-PSK" \
5473 "$P_SRV psk=abc123" \
5474 "$P_CLI force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \
5475 psk=abc123 debug_level=1 ec_max_ops=1000" \
5476 0 \
Manuel Pégourié-Gonnardb5d668a2018-06-13 11:22:01 +02005477 -C "x509_verify_cert.*4b00" \
5478 -C "mbedtls_pk_verify.*4b00" \
5479 -C "mbedtls_ecdh_make_public.*4b00" \
5480 -C "mbedtls_pk_sign.*4b00"
Manuel Pégourié-Gonnard32033da2017-05-18 12:49:27 +02005481
Gilles Peskine3665f1d2018-01-05 21:22:12 +01005482# Tests of asynchronous private key support in SSL
5483
Gilles Peskineb74a1c72018-04-24 13:09:22 +02005484requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinefcca9d82018-01-12 13:47:48 +01005485run_test "SSL async private: sign, delay=0" \
5486 "$P_SRV \
5487 async_operations=s async_private_delay1=0 async_private_delay2=0" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01005488 "$P_CLI" \
5489 0 \
5490 -s "Async sign callback: using key slot " \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01005491 -s "Async resume (slot [0-9]): sign done, status=0"
Gilles Peskine3665f1d2018-01-05 21:22:12 +01005492
Gilles Peskineb74a1c72018-04-24 13:09:22 +02005493requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinefcca9d82018-01-12 13:47:48 +01005494run_test "SSL async private: sign, delay=1" \
5495 "$P_SRV \
5496 async_operations=s async_private_delay1=1 async_private_delay2=1" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01005497 "$P_CLI" \
5498 0 \
5499 -s "Async sign callback: using key slot " \
5500 -s "Async resume (slot [0-9]): call 0 more times." \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01005501 -s "Async resume (slot [0-9]): sign done, status=0"
5502
Gilles Peskine12d0cc12018-04-26 15:06:56 +02005503requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
5504run_test "SSL async private: sign, delay=2" \
5505 "$P_SRV \
5506 async_operations=s async_private_delay1=2 async_private_delay2=2" \
5507 "$P_CLI" \
5508 0 \
5509 -s "Async sign callback: using key slot " \
5510 -U "Async sign callback: using key slot " \
5511 -s "Async resume (slot [0-9]): call 1 more times." \
5512 -s "Async resume (slot [0-9]): call 0 more times." \
5513 -s "Async resume (slot [0-9]): sign done, status=0"
5514
Gilles Peskined3268832018-04-26 06:23:59 +02005515# Test that the async callback correctly signs the 36-byte hash of TLS 1.0/1.1
5516# with RSA PKCS#1v1.5 as used in TLS 1.0/1.1.
5517requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
5518requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
5519run_test "SSL async private: sign, RSA, TLS 1.1" \
5520 "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2.crt \
5521 async_operations=s async_private_delay1=0 async_private_delay2=0" \
5522 "$P_CLI force_version=tls1_1" \
5523 0 \
5524 -s "Async sign callback: using key slot " \
5525 -s "Async resume (slot [0-9]): sign done, status=0"
5526
Gilles Peskineb74a1c72018-04-24 13:09:22 +02005527requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine807d74a2018-04-30 10:30:49 +02005528run_test "SSL async private: sign, SNI" \
5529 "$P_SRV debug_level=3 \
5530 async_operations=s async_private_delay1=0 async_private_delay2=0 \
5531 crt_file=data_files/server5.crt key_file=data_files/server5.key \
5532 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_files/server1.key,-,-,-" \
5533 "$P_CLI server_name=polarssl.example" \
5534 0 \
5535 -s "Async sign callback: using key slot " \
5536 -s "Async resume (slot [0-9]): sign done, status=0" \
5537 -s "parse ServerName extension" \
5538 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
5539 -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example"
5540
5541requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinefcca9d82018-01-12 13:47:48 +01005542run_test "SSL async private: decrypt, delay=0" \
5543 "$P_SRV \
5544 async_operations=d async_private_delay1=0 async_private_delay2=0" \
5545 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
5546 0 \
5547 -s "Async decrypt callback: using key slot " \
5548 -s "Async resume (slot [0-9]): decrypt done, status=0"
5549
Gilles Peskineb74a1c72018-04-24 13:09:22 +02005550requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinefcca9d82018-01-12 13:47:48 +01005551run_test "SSL async private: decrypt, delay=1" \
5552 "$P_SRV \
5553 async_operations=d async_private_delay1=1 async_private_delay2=1" \
5554 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
5555 0 \
5556 -s "Async decrypt callback: using key slot " \
5557 -s "Async resume (slot [0-9]): call 0 more times." \
5558 -s "Async resume (slot [0-9]): decrypt done, status=0"
5559
Gilles Peskineb74a1c72018-04-24 13:09:22 +02005560requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinefcca9d82018-01-12 13:47:48 +01005561run_test "SSL async private: decrypt RSA-PSK, delay=0" \
5562 "$P_SRV psk=abc123 \
5563 async_operations=d async_private_delay1=0 async_private_delay2=0" \
5564 "$P_CLI psk=abc123 \
5565 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256" \
5566 0 \
5567 -s "Async decrypt callback: using key slot " \
5568 -s "Async resume (slot [0-9]): decrypt done, status=0"
5569
Gilles Peskineb74a1c72018-04-24 13:09:22 +02005570requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinefcca9d82018-01-12 13:47:48 +01005571run_test "SSL async private: decrypt RSA-PSK, delay=1" \
5572 "$P_SRV psk=abc123 \
5573 async_operations=d async_private_delay1=1 async_private_delay2=1" \
5574 "$P_CLI psk=abc123 \
5575 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256" \
5576 0 \
5577 -s "Async decrypt callback: using key slot " \
5578 -s "Async resume (slot [0-9]): call 0 more times." \
5579 -s "Async resume (slot [0-9]): decrypt done, status=0"
5580
Gilles Peskineb74a1c72018-04-24 13:09:22 +02005581requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinefcca9d82018-01-12 13:47:48 +01005582run_test "SSL async private: sign callback not present" \
5583 "$P_SRV \
5584 async_operations=d async_private_delay1=1 async_private_delay2=1" \
5585 "$P_CLI; [ \$? -eq 1 ] &&
5586 $P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
5587 0 \
5588 -S "Async sign callback" \
5589 -s "! mbedtls_ssl_handshake returned" \
5590 -s "The own private key or pre-shared key is not set, but needed" \
5591 -s "Async resume (slot [0-9]): decrypt done, status=0" \
5592 -s "Successful connection"
5593
Gilles Peskineb74a1c72018-04-24 13:09:22 +02005594requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinefcca9d82018-01-12 13:47:48 +01005595run_test "SSL async private: decrypt callback not present" \
5596 "$P_SRV debug_level=1 \
5597 async_operations=s async_private_delay1=1 async_private_delay2=1" \
5598 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA;
5599 [ \$? -eq 1 ] && $P_CLI" \
5600 0 \
5601 -S "Async decrypt callback" \
5602 -s "! mbedtls_ssl_handshake returned" \
5603 -s "got no RSA private key" \
5604 -s "Async resume (slot [0-9]): sign done, status=0" \
5605 -s "Successful connection"
Gilles Peskine3665f1d2018-01-05 21:22:12 +01005606
5607# key1: ECDSA, key2: RSA; use key1 from slot 0
Gilles Peskineb74a1c72018-04-24 13:09:22 +02005608requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine3665f1d2018-01-05 21:22:12 +01005609run_test "SSL async private: slot 0 used with key1" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01005610 "$P_SRV \
5611 async_operations=s async_private_delay1=1 \
5612 key_file=data_files/server5.key crt_file=data_files/server5.crt \
5613 key_file2=data_files/server2.key crt_file2=data_files/server2.crt" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01005614 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
5615 0 \
5616 -s "Async sign callback: using key slot 0," \
5617 -s "Async resume (slot 0): call 0 more times." \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01005618 -s "Async resume (slot 0): sign done, status=0"
Gilles Peskine3665f1d2018-01-05 21:22:12 +01005619
5620# key1: ECDSA, key2: RSA; use key2 from slot 0
Gilles Peskineb74a1c72018-04-24 13:09:22 +02005621requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine3665f1d2018-01-05 21:22:12 +01005622run_test "SSL async private: slot 0 used with key2" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01005623 "$P_SRV \
5624 async_operations=s async_private_delay2=1 \
5625 key_file=data_files/server5.key crt_file=data_files/server5.crt \
5626 key_file2=data_files/server2.key crt_file2=data_files/server2.crt" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01005627 "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \
5628 0 \
5629 -s "Async sign callback: using key slot 0," \
5630 -s "Async resume (slot 0): call 0 more times." \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01005631 -s "Async resume (slot 0): sign done, status=0"
Gilles Peskine3665f1d2018-01-05 21:22:12 +01005632
5633# key1: ECDSA, key2: RSA; use key2 from slot 1
Gilles Peskineb74a1c72018-04-24 13:09:22 +02005634requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinead28bf02018-04-26 00:19:16 +02005635run_test "SSL async private: slot 1 used with key2" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01005636 "$P_SRV \
Gilles Peskine168dae82018-04-25 23:35:42 +02005637 async_operations=s async_private_delay1=1 async_private_delay2=1 \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01005638 key_file=data_files/server5.key crt_file=data_files/server5.crt \
5639 key_file2=data_files/server2.key crt_file2=data_files/server2.crt" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01005640 "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \
5641 0 \
5642 -s "Async sign callback: using key slot 1," \
5643 -s "Async resume (slot 1): call 0 more times." \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01005644 -s "Async resume (slot 1): sign done, status=0"
Gilles Peskine3665f1d2018-01-05 21:22:12 +01005645
5646# key1: ECDSA, key2: RSA; use key2 directly
Gilles Peskineb74a1c72018-04-24 13:09:22 +02005647requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine3665f1d2018-01-05 21:22:12 +01005648run_test "SSL async private: fall back to transparent key" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01005649 "$P_SRV \
5650 async_operations=s async_private_delay1=1 \
5651 key_file=data_files/server5.key crt_file=data_files/server5.crt \
5652 key_file2=data_files/server2.key crt_file2=data_files/server2.crt " \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01005653 "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \
5654 0 \
5655 -s "Async sign callback: no key matches this certificate."
5656
Gilles Peskineb74a1c72018-04-24 13:09:22 +02005657requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine725f1cb2018-06-12 15:06:40 +02005658run_test "SSL async private: sign, error in start" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01005659 "$P_SRV \
5660 async_operations=s async_private_delay1=1 async_private_delay2=1 \
5661 async_private_error=1" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01005662 "$P_CLI" \
5663 1 \
5664 -s "Async sign callback: injected error" \
5665 -S "Async resume" \
Gilles Peskine37289cd2018-04-27 11:50:14 +02005666 -S "Async cancel" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01005667 -s "! mbedtls_ssl_handshake returned"
5668
Gilles Peskineb74a1c72018-04-24 13:09:22 +02005669requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine725f1cb2018-06-12 15:06:40 +02005670run_test "SSL async private: sign, cancel after start" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01005671 "$P_SRV \
5672 async_operations=s async_private_delay1=1 async_private_delay2=1 \
5673 async_private_error=2" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01005674 "$P_CLI" \
5675 1 \
5676 -s "Async sign callback: using key slot " \
5677 -S "Async resume" \
5678 -s "Async cancel"
5679
Gilles Peskineb74a1c72018-04-24 13:09:22 +02005680requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine725f1cb2018-06-12 15:06:40 +02005681run_test "SSL async private: sign, error in resume" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01005682 "$P_SRV \
5683 async_operations=s async_private_delay1=1 async_private_delay2=1 \
5684 async_private_error=3" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01005685 "$P_CLI" \
5686 1 \
5687 -s "Async sign callback: using key slot " \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01005688 -s "Async resume callback: sign done but injected error" \
Gilles Peskine37289cd2018-04-27 11:50:14 +02005689 -S "Async cancel" \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01005690 -s "! mbedtls_ssl_handshake returned"
5691
Gilles Peskineb74a1c72018-04-24 13:09:22 +02005692requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine725f1cb2018-06-12 15:06:40 +02005693run_test "SSL async private: decrypt, error in start" \
5694 "$P_SRV \
5695 async_operations=d async_private_delay1=1 async_private_delay2=1 \
5696 async_private_error=1" \
5697 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
5698 1 \
5699 -s "Async decrypt callback: injected error" \
5700 -S "Async resume" \
5701 -S "Async cancel" \
5702 -s "! mbedtls_ssl_handshake returned"
5703
5704requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
5705run_test "SSL async private: decrypt, cancel after start" \
5706 "$P_SRV \
5707 async_operations=d async_private_delay1=1 async_private_delay2=1 \
5708 async_private_error=2" \
5709 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
5710 1 \
5711 -s "Async decrypt callback: using key slot " \
5712 -S "Async resume" \
5713 -s "Async cancel"
5714
5715requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
5716run_test "SSL async private: decrypt, error in resume" \
5717 "$P_SRV \
5718 async_operations=d async_private_delay1=1 async_private_delay2=1 \
5719 async_private_error=3" \
5720 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
5721 1 \
5722 -s "Async decrypt callback: using key slot " \
5723 -s "Async resume callback: decrypt done but injected error" \
5724 -S "Async cancel" \
5725 -s "! mbedtls_ssl_handshake returned"
5726
5727requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine60ee4ca2018-01-08 11:28:05 +01005728run_test "SSL async private: cancel after start then operate correctly" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01005729 "$P_SRV \
5730 async_operations=s async_private_delay1=1 async_private_delay2=1 \
5731 async_private_error=-2" \
Gilles Peskine60ee4ca2018-01-08 11:28:05 +01005732 "$P_CLI; [ \$? -eq 1 ] && $P_CLI" \
5733 0 \
5734 -s "Async cancel" \
5735 -s "! mbedtls_ssl_handshake returned" \
5736 -s "Async resume" \
5737 -s "Successful connection"
5738
Gilles Peskineb74a1c72018-04-24 13:09:22 +02005739requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine60ee4ca2018-01-08 11:28:05 +01005740run_test "SSL async private: error in resume then operate correctly" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01005741 "$P_SRV \
5742 async_operations=s async_private_delay1=1 async_private_delay2=1 \
5743 async_private_error=-3" \
Gilles Peskine60ee4ca2018-01-08 11:28:05 +01005744 "$P_CLI; [ \$? -eq 1 ] && $P_CLI" \
5745 0 \
5746 -s "! mbedtls_ssl_handshake returned" \
5747 -s "Async resume" \
5748 -s "Successful connection"
5749
5750# key1: ECDSA, key2: RSA; use key1 through async, then key2 directly
Gilles Peskineb74a1c72018-04-24 13:09:22 +02005751requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine60ee4ca2018-01-08 11:28:05 +01005752run_test "SSL async private: cancel after start then fall back to transparent key" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01005753 "$P_SRV \
5754 async_operations=s async_private_delay1=1 async_private_error=-2 \
5755 key_file=data_files/server5.key crt_file=data_files/server5.crt \
5756 key_file2=data_files/server2.key crt_file2=data_files/server2.crt" \
Gilles Peskine60ee4ca2018-01-08 11:28:05 +01005757 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256;
5758 [ \$? -eq 1 ] &&
5759 $P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \
5760 0 \
Gilles Peskinededa75a2018-04-30 10:02:45 +02005761 -s "Async sign callback: using key slot 0" \
Gilles Peskine60ee4ca2018-01-08 11:28:05 +01005762 -S "Async resume" \
5763 -s "Async cancel" \
5764 -s "! mbedtls_ssl_handshake returned" \
5765 -s "Async sign callback: no key matches this certificate." \
5766 -s "Successful connection"
5767
5768# key1: ECDSA, key2: RSA; use key1 through async, then key2 directly
Gilles Peskineb74a1c72018-04-24 13:09:22 +02005769requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine725f1cb2018-06-12 15:06:40 +02005770run_test "SSL async private: sign, error in resume then fall back to transparent key" \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01005771 "$P_SRV \
5772 async_operations=s async_private_delay1=1 async_private_error=-3 \
5773 key_file=data_files/server5.key crt_file=data_files/server5.crt \
5774 key_file2=data_files/server2.key crt_file2=data_files/server2.crt" \
Gilles Peskine60ee4ca2018-01-08 11:28:05 +01005775 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256;
5776 [ \$? -eq 1 ] &&
5777 $P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \
5778 0 \
5779 -s "Async resume" \
5780 -s "! mbedtls_ssl_handshake returned" \
5781 -s "Async sign callback: no key matches this certificate." \
5782 -s "Successful connection"
5783
Gilles Peskineb74a1c72018-04-24 13:09:22 +02005784requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine3665f1d2018-01-05 21:22:12 +01005785requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Gilles Peskinefcca9d82018-01-12 13:47:48 +01005786run_test "SSL async private: renegotiation: client-initiated; sign" \
5787 "$P_SRV \
5788 async_operations=s async_private_delay1=1 async_private_delay2=1 \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01005789 exchanges=2 renegotiation=1" \
5790 "$P_CLI exchanges=2 renegotiation=1 renegotiate=1" \
5791 0 \
5792 -s "Async sign callback: using key slot " \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01005793 -s "Async resume (slot [0-9]): sign done, status=0"
Gilles Peskine3665f1d2018-01-05 21:22:12 +01005794
Gilles Peskineb74a1c72018-04-24 13:09:22 +02005795requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskine3665f1d2018-01-05 21:22:12 +01005796requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Gilles Peskinefcca9d82018-01-12 13:47:48 +01005797run_test "SSL async private: renegotiation: server-initiated; sign" \
5798 "$P_SRV \
5799 async_operations=s async_private_delay1=1 async_private_delay2=1 \
Gilles Peskine3665f1d2018-01-05 21:22:12 +01005800 exchanges=2 renegotiation=1 renegotiate=1" \
5801 "$P_CLI exchanges=2 renegotiation=1" \
5802 0 \
5803 -s "Async sign callback: using key slot " \
Gilles Peskinefcca9d82018-01-12 13:47:48 +01005804 -s "Async resume (slot [0-9]): sign done, status=0"
5805
Gilles Peskineb74a1c72018-04-24 13:09:22 +02005806requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinefcca9d82018-01-12 13:47:48 +01005807requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
5808run_test "SSL async private: renegotiation: client-initiated; decrypt" \
5809 "$P_SRV \
5810 async_operations=d async_private_delay1=1 async_private_delay2=1 \
5811 exchanges=2 renegotiation=1" \
5812 "$P_CLI exchanges=2 renegotiation=1 renegotiate=1 \
5813 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
5814 0 \
5815 -s "Async decrypt callback: using key slot " \
5816 -s "Async resume (slot [0-9]): decrypt done, status=0"
5817
Gilles Peskineb74a1c72018-04-24 13:09:22 +02005818requires_config_enabled MBEDTLS_SSL_ASYNC_PRIVATE
Gilles Peskinefcca9d82018-01-12 13:47:48 +01005819requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
5820run_test "SSL async private: renegotiation: server-initiated; decrypt" \
5821 "$P_SRV \
5822 async_operations=d async_private_delay1=1 async_private_delay2=1 \
5823 exchanges=2 renegotiation=1 renegotiate=1" \
5824 "$P_CLI exchanges=2 renegotiation=1 \
5825 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
5826 0 \
5827 -s "Async decrypt callback: using key slot " \
5828 -s "Async resume (slot [0-9]): decrypt done, status=0"
Gilles Peskine3665f1d2018-01-05 21:22:12 +01005829
Ron Eldor58093c82018-06-28 13:22:05 +03005830# Tests for ECC extensions (rfc 4492)
5831
Ron Eldor643df7c2018-06-28 16:17:00 +03005832requires_config_enabled MBEDTLS_AES_C
5833requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
5834requires_config_enabled MBEDTLS_SHA256_C
5835requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
Ron Eldor58093c82018-06-28 13:22:05 +03005836run_test "Force a non ECC ciphersuite in the client side" \
5837 "$P_SRV debug_level=3" \
Ron Eldor643df7c2018-06-28 16:17:00 +03005838 "$P_CLI debug_level=3 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \
Ron Eldor58093c82018-06-28 13:22:05 +03005839 0 \
5840 -C "client hello, adding supported_elliptic_curves extension" \
5841 -C "client hello, adding supported_point_formats extension" \
5842 -S "found supported elliptic curves extension" \
5843 -S "found supported point formats extension"
5844
Ron Eldor643df7c2018-06-28 16:17:00 +03005845requires_config_enabled MBEDTLS_AES_C
5846requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
5847requires_config_enabled MBEDTLS_SHA256_C
5848requires_config_enabled MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
Ron Eldor58093c82018-06-28 13:22:05 +03005849run_test "Force a non ECC ciphersuite in the server side" \
Ron Eldor643df7c2018-06-28 16:17:00 +03005850 "$P_SRV debug_level=3 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \
Ron Eldor58093c82018-06-28 13:22:05 +03005851 "$P_CLI debug_level=3" \
5852 0 \
5853 -C "found supported_point_formats extension" \
5854 -S "server hello, supported_point_formats extension"
5855
Ron Eldor643df7c2018-06-28 16:17:00 +03005856requires_config_enabled MBEDTLS_AES_C
5857requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
5858requires_config_enabled MBEDTLS_SHA256_C
5859requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
Ron Eldor58093c82018-06-28 13:22:05 +03005860run_test "Force an ECC ciphersuite in the client side" \
5861 "$P_SRV debug_level=3" \
5862 "$P_CLI debug_level=3 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
5863 0 \
5864 -c "client hello, adding supported_elliptic_curves extension" \
5865 -c "client hello, adding supported_point_formats extension" \
5866 -s "found supported elliptic curves extension" \
5867 -s "found supported point formats extension"
5868
Ron Eldor643df7c2018-06-28 16:17:00 +03005869requires_config_enabled MBEDTLS_AES_C
5870requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
5871requires_config_enabled MBEDTLS_SHA256_C
5872requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
Ron Eldor58093c82018-06-28 13:22:05 +03005873run_test "Force an ECC ciphersuite in the server side" \
5874 "$P_SRV debug_level=3 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
5875 "$P_CLI debug_level=3" \
5876 0 \
5877 -c "found supported_point_formats extension" \
5878 -s "server hello, supported_point_formats extension"
5879
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02005880# Tests for DTLS HelloVerifyRequest
5881
5882run_test "DTLS cookie: enabled" \
5883 "$P_SRV dtls=1 debug_level=2" \
5884 "$P_CLI dtls=1 debug_level=2" \
5885 0 \
5886 -s "cookie verification failed" \
5887 -s "cookie verification passed" \
5888 -S "cookie verification skipped" \
5889 -c "received hello verify request" \
Manuel Pégourié-Gonnardcaecdae2014-10-13 19:04:37 +02005890 -s "hello verification requested" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02005891 -S "SSL - The requested feature is not available"
5892
5893run_test "DTLS cookie: disabled" \
5894 "$P_SRV dtls=1 debug_level=2 cookies=0" \
5895 "$P_CLI dtls=1 debug_level=2" \
5896 0 \
5897 -S "cookie verification failed" \
5898 -S "cookie verification passed" \
5899 -s "cookie verification skipped" \
5900 -C "received hello verify request" \
Manuel Pégourié-Gonnardcaecdae2014-10-13 19:04:37 +02005901 -S "hello verification requested" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02005902 -S "SSL - The requested feature is not available"
5903
Manuel Pégourié-Gonnardcaecdae2014-10-13 19:04:37 +02005904run_test "DTLS cookie: default (failing)" \
5905 "$P_SRV dtls=1 debug_level=2 cookies=-1" \
5906 "$P_CLI dtls=1 debug_level=2 hs_timeout=100-400" \
5907 1 \
5908 -s "cookie verification failed" \
5909 -S "cookie verification passed" \
5910 -S "cookie verification skipped" \
5911 -C "received hello verify request" \
5912 -S "hello verification requested" \
5913 -s "SSL - The requested feature is not available"
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02005914
5915requires_ipv6
5916run_test "DTLS cookie: enabled, IPv6" \
5917 "$P_SRV dtls=1 debug_level=2 server_addr=::1" \
5918 "$P_CLI dtls=1 debug_level=2 server_addr=::1" \
5919 0 \
5920 -s "cookie verification failed" \
5921 -s "cookie verification passed" \
5922 -S "cookie verification skipped" \
5923 -c "received hello verify request" \
Manuel Pégourié-Gonnardcaecdae2014-10-13 19:04:37 +02005924 -s "hello verification requested" \
Manuel Pégourié-Gonnard0eb6cab2014-07-23 20:17:47 +02005925 -S "SSL - The requested feature is not available"
5926
Manuel Pégourié-Gonnard579950c2014-09-29 17:47:33 +02005927run_test "DTLS cookie: enabled, nbio" \
5928 "$P_SRV dtls=1 nbio=2 debug_level=2" \
5929 "$P_CLI dtls=1 nbio=2 debug_level=2" \
5930 0 \
5931 -s "cookie verification failed" \
5932 -s "cookie verification passed" \
5933 -S "cookie verification skipped" \
5934 -c "received hello verify request" \
Manuel Pégourié-Gonnardcaecdae2014-10-13 19:04:37 +02005935 -s "hello verification requested" \
Manuel Pégourié-Gonnard579950c2014-09-29 17:47:33 +02005936 -S "SSL - The requested feature is not available"
5937
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02005938# Tests for client reconnecting from the same port with DTLS
5939
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02005940not_with_valgrind # spurious resend
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02005941run_test "DTLS client reconnect from same port: reference" \
Manuel Pégourié-Gonnard34cbf102019-09-09 11:14:37 +02005942 "$P_SRV dtls=1 exchanges=2 read_timeout=20000 hs_timeout=10000-20000" \
5943 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=10000-20000" \
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02005944 0 \
5945 -C "resend" \
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02005946 -S "The operation timed out" \
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02005947 -S "Client initiated reconnection from same port"
5948
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02005949not_with_valgrind # spurious resend
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02005950run_test "DTLS client reconnect from same port: reconnect" \
Manuel Pégourié-Gonnard34cbf102019-09-09 11:14:37 +02005951 "$P_SRV dtls=1 exchanges=2 read_timeout=20000 hs_timeout=10000-20000" \
5952 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=10000-20000 reconnect_hard=1" \
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02005953 0 \
5954 -C "resend" \
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02005955 -S "The operation timed out" \
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02005956 -s "Client initiated reconnection from same port"
5957
Paul Bakker362689d2016-05-13 10:33:25 +01005958not_with_valgrind # server/client too slow to respond in time (next test has higher timeouts)
5959run_test "DTLS client reconnect from same port: reconnect, nbio, no valgrind" \
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02005960 "$P_SRV dtls=1 exchanges=2 read_timeout=1000 nbio=2" \
5961 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-1000 reconnect_hard=1" \
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02005962 0 \
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02005963 -S "The operation timed out" \
Manuel Pégourié-Gonnardd745a1a2015-09-08 12:40:43 +02005964 -s "Client initiated reconnection from same port"
5965
Paul Bakker362689d2016-05-13 10:33:25 +01005966only_with_valgrind # Only with valgrind, do previous test but with higher read_timeout and hs_timeout
5967run_test "DTLS client reconnect from same port: reconnect, nbio, valgrind" \
5968 "$P_SRV dtls=1 exchanges=2 read_timeout=2000 nbio=2 hs_timeout=1500-6000" \
5969 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=1500-3000 reconnect_hard=1" \
5970 0 \
5971 -S "The operation timed out" \
5972 -s "Client initiated reconnection from same port"
5973
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02005974run_test "DTLS client reconnect from same port: no cookies" \
5975 "$P_SRV dtls=1 exchanges=2 read_timeout=1000 cookies=0" \
Manuel Pégourié-Gonnard6ad23b92015-09-15 12:57:46 +02005976 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-8000 reconnect_hard=1" \
5977 0 \
Manuel Pégourié-Gonnard259db912015-09-09 11:37:17 +02005978 -s "The operation timed out" \
5979 -S "Client initiated reconnection from same port"
5980
Manuel Pégourié-Gonnardb85ce9e2020-03-13 11:11:02 +01005981run_test "DTLS client reconnect from same port: attacker-injected" \
5982 -p "$P_PXY inject_clihlo=1" \
5983 "$P_SRV dtls=1 exchanges=2 debug_level=1" \
5984 "$P_CLI dtls=1 exchanges=2" \
5985 0 \
5986 -s "possible client reconnect from the same port" \
5987 -S "Client initiated reconnection from same port"
5988
Manuel Pégourié-Gonnard08a1d4b2014-09-26 10:35:50 +02005989# Tests for various cases of client authentication with DTLS
5990# (focused on handshake flows and message parsing)
5991
5992run_test "DTLS client auth: required" \
5993 "$P_SRV dtls=1 auth_mode=required" \
5994 "$P_CLI dtls=1" \
5995 0 \
5996 -s "Verifying peer X.509 certificate... ok"
5997
5998run_test "DTLS client auth: optional, client has no cert" \
5999 "$P_SRV dtls=1 auth_mode=optional" \
6000 "$P_CLI dtls=1 crt_file=none key_file=none" \
6001 0 \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01006002 -s "! Certificate was missing"
Manuel Pégourié-Gonnard08a1d4b2014-09-26 10:35:50 +02006003
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01006004run_test "DTLS client auth: none, client has no cert" \
Manuel Pégourié-Gonnard08a1d4b2014-09-26 10:35:50 +02006005 "$P_SRV dtls=1 auth_mode=none" \
6006 "$P_CLI dtls=1 crt_file=none key_file=none debug_level=2" \
6007 0 \
6008 -c "skip write certificate$" \
Manuel Pégourié-Gonnard89addc42015-04-20 10:56:18 +01006009 -s "! Certificate verification was skipped"
Manuel Pégourié-Gonnard08a1d4b2014-09-26 10:35:50 +02006010
Manuel Pégourié-Gonnard0a885742015-08-04 12:08:35 +02006011run_test "DTLS wrong PSK: badmac alert" \
6012 "$P_SRV dtls=1 psk=abc123 force_ciphersuite=TLS-PSK-WITH-AES-128-GCM-SHA256" \
6013 "$P_CLI dtls=1 psk=abc124" \
6014 1 \
6015 -s "SSL - Verification of the message MAC failed" \
6016 -c "SSL - A fatal alert message was received from our peer"
6017
Manuel Pégourié-Gonnard502bf302014-08-20 13:12:58 +02006018# Tests for receiving fragmented handshake messages with DTLS
6019
6020requires_gnutls
6021run_test "DTLS reassembly: no fragmentation (gnutls server)" \
6022 "$G_SRV -u --mtu 2048 -a" \
6023 "$P_CLI dtls=1 debug_level=2" \
6024 0 \
6025 -C "found fragmented DTLS handshake message" \
6026 -C "error"
6027
6028requires_gnutls
6029run_test "DTLS reassembly: some fragmentation (gnutls server)" \
6030 "$G_SRV -u --mtu 512" \
6031 "$P_CLI dtls=1 debug_level=2" \
6032 0 \
6033 -c "found fragmented DTLS handshake message" \
6034 -C "error"
6035
6036requires_gnutls
6037run_test "DTLS reassembly: more fragmentation (gnutls server)" \
6038 "$G_SRV -u --mtu 128" \
6039 "$P_CLI dtls=1 debug_level=2" \
6040 0 \
6041 -c "found fragmented DTLS handshake message" \
6042 -C "error"
6043
6044requires_gnutls
6045run_test "DTLS reassembly: more fragmentation, nbio (gnutls server)" \
6046 "$G_SRV -u --mtu 128" \
6047 "$P_CLI dtls=1 nbio=2 debug_level=2" \
6048 0 \
6049 -c "found fragmented DTLS handshake message" \
6050 -C "error"
6051
Manuel Pégourié-Gonnard0c4cbc72014-09-02 14:47:31 +02006052requires_gnutls
Hanno Becker6a243642017-10-12 15:18:45 +01006053requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard0c4cbc72014-09-02 14:47:31 +02006054run_test "DTLS reassembly: fragmentation, renego (gnutls server)" \
6055 "$G_SRV -u --mtu 256" \
6056 "$P_CLI debug_level=3 dtls=1 renegotiation=1 renegotiate=1" \
6057 0 \
6058 -c "found fragmented DTLS handshake message" \
6059 -c "client hello, adding renegotiation extension" \
6060 -c "found renegotiation extension" \
6061 -c "=> renegotiate" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02006062 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0c4cbc72014-09-02 14:47:31 +02006063 -C "error" \
6064 -s "Extra-header:"
6065
6066requires_gnutls
Hanno Becker6a243642017-10-12 15:18:45 +01006067requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard0c4cbc72014-09-02 14:47:31 +02006068run_test "DTLS reassembly: fragmentation, nbio, renego (gnutls server)" \
6069 "$G_SRV -u --mtu 256" \
6070 "$P_CLI debug_level=3 nbio=2 dtls=1 renegotiation=1 renegotiate=1" \
6071 0 \
6072 -c "found fragmented DTLS handshake message" \
6073 -c "client hello, adding renegotiation extension" \
6074 -c "found renegotiation extension" \
6075 -c "=> renegotiate" \
Manuel Pégourié-Gonnard2cf5a7c2015-04-08 12:49:31 +02006076 -C "mbedtls_ssl_handshake returned" \
Manuel Pégourié-Gonnard0c4cbc72014-09-02 14:47:31 +02006077 -C "error" \
6078 -s "Extra-header:"
6079
Manuel Pégourié-Gonnarda7756172014-08-31 18:37:01 +02006080run_test "DTLS reassembly: no fragmentation (openssl server)" \
6081 "$O_SRV -dtls1 -mtu 2048" \
6082 "$P_CLI dtls=1 debug_level=2" \
6083 0 \
6084 -C "found fragmented DTLS handshake message" \
6085 -C "error"
6086
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02006087run_test "DTLS reassembly: some fragmentation (openssl server)" \
6088 "$O_SRV -dtls1 -mtu 768" \
Manuel Pégourié-Gonnard64dffc52014-09-02 13:39:16 +02006089 "$P_CLI dtls=1 debug_level=2" \
6090 0 \
6091 -c "found fragmented DTLS handshake message" \
6092 -C "error"
6093
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02006094run_test "DTLS reassembly: more fragmentation (openssl server)" \
Manuel Pégourié-Gonnard64dffc52014-09-02 13:39:16 +02006095 "$O_SRV -dtls1 -mtu 256" \
6096 "$P_CLI dtls=1 debug_level=2" \
6097 0 \
6098 -c "found fragmented DTLS handshake message" \
6099 -C "error"
6100
6101run_test "DTLS reassembly: fragmentation, nbio (openssl server)" \
6102 "$O_SRV -dtls1 -mtu 256" \
6103 "$P_CLI dtls=1 nbio=2 debug_level=2" \
6104 0 \
6105 -c "found fragmented DTLS handshake message" \
6106 -C "error"
Manuel Pégourié-Gonnarda7756172014-08-31 18:37:01 +02006107
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02006108# Tests for sending fragmented handshake messages with DTLS
6109#
6110# Use client auth when we need the client to send large messages,
6111# and use large cert chains on both sides too (the long chains we have all use
6112# both RSA and ECDSA, but ideally we should have long chains with either).
6113# Sizes reached (UDP payload):
6114# - 2037B for server certificate
6115# - 1542B for client certificate
6116# - 1013B for newsessionticket
6117# - all others below 512B
6118# All those tests assume MAX_CONTENT_LEN is at least 2048
6119
6120requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6121requires_config_enabled MBEDTLS_RSA_C
6122requires_config_enabled MBEDTLS_ECDSA_C
6123requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Yuto Takanoc75df632021-07-08 15:56:33 +01006124requires_max_content_len 4096
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02006125run_test "DTLS fragmenting: none (for reference)" \
6126 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
6127 crt_file=data_files/server7_int-ca.crt \
6128 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006129 hs_timeout=2500-60000 \
Hanno Becker12405e72018-08-13 16:45:46 +01006130 max_frag_len=4096" \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02006131 "$P_CLI dtls=1 debug_level=2 \
6132 crt_file=data_files/server8_int-ca2.crt \
6133 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006134 hs_timeout=2500-60000 \
Hanno Becker12405e72018-08-13 16:45:46 +01006135 max_frag_len=4096" \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02006136 0 \
6137 -S "found fragmented DTLS handshake message" \
6138 -C "found fragmented DTLS handshake message" \
6139 -C "error"
6140
6141requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6142requires_config_enabled MBEDTLS_RSA_C
6143requires_config_enabled MBEDTLS_ECDSA_C
6144requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Yuto Takanoc75df632021-07-08 15:56:33 +01006145requires_max_content_len 2048
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02006146run_test "DTLS fragmenting: server only (max_frag_len)" \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02006147 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
6148 crt_file=data_files/server7_int-ca.crt \
6149 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006150 hs_timeout=2500-60000 \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02006151 max_frag_len=1024" \
6152 "$P_CLI dtls=1 debug_level=2 \
6153 crt_file=data_files/server8_int-ca2.crt \
6154 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006155 hs_timeout=2500-60000 \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02006156 max_frag_len=2048" \
6157 0 \
6158 -S "found fragmented DTLS handshake message" \
6159 -c "found fragmented DTLS handshake message" \
6160 -C "error"
6161
Hanno Becker69ca0ad2018-08-24 12:11:35 +01006162# With the MFL extension, the server has no way of forcing
6163# the client to not exceed a certain MTU; hence, the following
6164# test can't be replicated with an MTU proxy such as the one
6165# `client-initiated, server only (max_frag_len)` below.
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02006166requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6167requires_config_enabled MBEDTLS_RSA_C
6168requires_config_enabled MBEDTLS_ECDSA_C
6169requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Yuto Takanoc75df632021-07-08 15:56:33 +01006170requires_max_content_len 4096
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02006171run_test "DTLS fragmenting: server only (more) (max_frag_len)" \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02006172 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
6173 crt_file=data_files/server7_int-ca.crt \
6174 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006175 hs_timeout=2500-60000 \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02006176 max_frag_len=512" \
6177 "$P_CLI dtls=1 debug_level=2 \
6178 crt_file=data_files/server8_int-ca2.crt \
6179 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006180 hs_timeout=2500-60000 \
Hanno Becker69ca0ad2018-08-24 12:11:35 +01006181 max_frag_len=4096" \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02006182 0 \
6183 -S "found fragmented DTLS handshake message" \
6184 -c "found fragmented DTLS handshake message" \
6185 -C "error"
6186
6187requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6188requires_config_enabled MBEDTLS_RSA_C
6189requires_config_enabled MBEDTLS_ECDSA_C
6190requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Yuto Takanoc75df632021-07-08 15:56:33 +01006191requires_max_content_len 2048
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02006192run_test "DTLS fragmenting: client-initiated, server only (max_frag_len)" \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02006193 "$P_SRV dtls=1 debug_level=2 auth_mode=none \
6194 crt_file=data_files/server7_int-ca.crt \
6195 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006196 hs_timeout=2500-60000 \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02006197 max_frag_len=2048" \
6198 "$P_CLI dtls=1 debug_level=2 \
6199 crt_file=data_files/server8_int-ca2.crt \
6200 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006201 hs_timeout=2500-60000 \
6202 max_frag_len=1024" \
6203 0 \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02006204 -S "found fragmented DTLS handshake message" \
6205 -c "found fragmented DTLS handshake message" \
6206 -C "error"
6207
Hanno Beckerc92b5c82018-08-24 11:48:01 +01006208# While not required by the standard defining the MFL extension
6209# (according to which it only applies to records, not to datagrams),
6210# Mbed TLS will never send datagrams larger than MFL + { Max record expansion },
6211# as otherwise there wouldn't be any means to communicate MTU restrictions
6212# to the peer.
6213# The next test checks that no datagrams significantly larger than the
6214# negotiated MFL are sent.
6215requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6216requires_config_enabled MBEDTLS_RSA_C
6217requires_config_enabled MBEDTLS_ECDSA_C
6218requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Yuto Takanoc75df632021-07-08 15:56:33 +01006219requires_max_content_len 2048
Hanno Beckerc92b5c82018-08-24 11:48:01 +01006220run_test "DTLS fragmenting: client-initiated, server only (max_frag_len), proxy MTU" \
Andrzej Kurek0fc9cf42018-10-09 03:09:41 -04006221 -p "$P_PXY mtu=1110" \
Hanno Beckerc92b5c82018-08-24 11:48:01 +01006222 "$P_SRV dtls=1 debug_level=2 auth_mode=none \
6223 crt_file=data_files/server7_int-ca.crt \
6224 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006225 hs_timeout=2500-60000 \
Hanno Beckerc92b5c82018-08-24 11:48:01 +01006226 max_frag_len=2048" \
6227 "$P_CLI dtls=1 debug_level=2 \
6228 crt_file=data_files/server8_int-ca2.crt \
6229 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006230 hs_timeout=2500-60000 \
6231 max_frag_len=1024" \
Hanno Beckerc92b5c82018-08-24 11:48:01 +01006232 0 \
6233 -S "found fragmented DTLS handshake message" \
6234 -c "found fragmented DTLS handshake message" \
6235 -C "error"
6236
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02006237requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6238requires_config_enabled MBEDTLS_RSA_C
6239requires_config_enabled MBEDTLS_ECDSA_C
6240requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Yuto Takanoc75df632021-07-08 15:56:33 +01006241requires_max_content_len 2048
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02006242run_test "DTLS fragmenting: client-initiated, both (max_frag_len)" \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02006243 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
6244 crt_file=data_files/server7_int-ca.crt \
6245 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006246 hs_timeout=2500-60000 \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02006247 max_frag_len=2048" \
6248 "$P_CLI dtls=1 debug_level=2 \
6249 crt_file=data_files/server8_int-ca2.crt \
6250 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006251 hs_timeout=2500-60000 \
6252 max_frag_len=1024" \
Manuel Pégourié-Gonnard2cb17e22017-09-19 13:00:47 +02006253 0 \
6254 -s "found fragmented DTLS handshake message" \
6255 -c "found fragmented DTLS handshake message" \
6256 -C "error"
6257
Hanno Beckerc92b5c82018-08-24 11:48:01 +01006258# While not required by the standard defining the MFL extension
6259# (according to which it only applies to records, not to datagrams),
6260# Mbed TLS will never send datagrams larger than MFL + { Max record expansion },
6261# as otherwise there wouldn't be any means to communicate MTU restrictions
6262# to the peer.
6263# The next test checks that no datagrams significantly larger than the
6264# negotiated MFL are sent.
6265requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6266requires_config_enabled MBEDTLS_RSA_C
6267requires_config_enabled MBEDTLS_ECDSA_C
6268requires_config_enabled MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
Yuto Takanoc75df632021-07-08 15:56:33 +01006269requires_max_content_len 2048
Hanno Beckerc92b5c82018-08-24 11:48:01 +01006270run_test "DTLS fragmenting: client-initiated, both (max_frag_len), proxy MTU" \
Andrzej Kurek0fc9cf42018-10-09 03:09:41 -04006271 -p "$P_PXY mtu=1110" \
Hanno Beckerc92b5c82018-08-24 11:48:01 +01006272 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
6273 crt_file=data_files/server7_int-ca.crt \
6274 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006275 hs_timeout=2500-60000 \
Hanno Beckerc92b5c82018-08-24 11:48:01 +01006276 max_frag_len=2048" \
6277 "$P_CLI dtls=1 debug_level=2 \
6278 crt_file=data_files/server8_int-ca2.crt \
6279 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006280 hs_timeout=2500-60000 \
6281 max_frag_len=1024" \
Hanno Beckerc92b5c82018-08-24 11:48:01 +01006282 0 \
6283 -s "found fragmented DTLS handshake message" \
6284 -c "found fragmented DTLS handshake message" \
6285 -C "error"
6286
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02006287requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6288requires_config_enabled MBEDTLS_RSA_C
6289requires_config_enabled MBEDTLS_ECDSA_C
Yuto Takanoc75df632021-07-08 15:56:33 +01006290requires_max_content_len 4096
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02006291run_test "DTLS fragmenting: none (for reference) (MTU)" \
6292 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
6293 crt_file=data_files/server7_int-ca.crt \
6294 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006295 hs_timeout=2500-60000 \
Hanno Becker12405e72018-08-13 16:45:46 +01006296 mtu=4096" \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02006297 "$P_CLI dtls=1 debug_level=2 \
6298 crt_file=data_files/server8_int-ca2.crt \
6299 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006300 hs_timeout=2500-60000 \
Hanno Becker12405e72018-08-13 16:45:46 +01006301 mtu=4096" \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02006302 0 \
6303 -S "found fragmented DTLS handshake message" \
6304 -C "found fragmented DTLS handshake message" \
6305 -C "error"
6306
6307requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6308requires_config_enabled MBEDTLS_RSA_C
6309requires_config_enabled MBEDTLS_ECDSA_C
Yuto Takanoc75df632021-07-08 15:56:33 +01006310requires_max_content_len 4096
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02006311run_test "DTLS fragmenting: client (MTU)" \
6312 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
6313 crt_file=data_files/server7_int-ca.crt \
6314 key_file=data_files/server7.key \
Andrzej Kurek948fe802018-10-05 15:42:44 -04006315 hs_timeout=3500-60000 \
Hanno Becker12405e72018-08-13 16:45:46 +01006316 mtu=4096" \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02006317 "$P_CLI dtls=1 debug_level=2 \
6318 crt_file=data_files/server8_int-ca2.crt \
6319 key_file=data_files/server8.key \
Andrzej Kurek948fe802018-10-05 15:42:44 -04006320 hs_timeout=3500-60000 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006321 mtu=1024" \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02006322 0 \
6323 -s "found fragmented DTLS handshake message" \
6324 -C "found fragmented DTLS handshake message" \
6325 -C "error"
6326
6327requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6328requires_config_enabled MBEDTLS_RSA_C
6329requires_config_enabled MBEDTLS_ECDSA_C
Yuto Takanoc75df632021-07-08 15:56:33 +01006330requires_max_content_len 2048
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02006331run_test "DTLS fragmenting: server (MTU)" \
6332 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
6333 crt_file=data_files/server7_int-ca.crt \
6334 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006335 hs_timeout=2500-60000 \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02006336 mtu=512" \
6337 "$P_CLI dtls=1 debug_level=2 \
6338 crt_file=data_files/server8_int-ca2.crt \
6339 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006340 hs_timeout=2500-60000 \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02006341 mtu=2048" \
6342 0 \
6343 -S "found fragmented DTLS handshake message" \
6344 -c "found fragmented DTLS handshake message" \
6345 -C "error"
6346
6347requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6348requires_config_enabled MBEDTLS_RSA_C
6349requires_config_enabled MBEDTLS_ECDSA_C
Yuto Takanoc75df632021-07-08 15:56:33 +01006350requires_max_content_len 2048
Andrzej Kurek7311c782018-10-11 06:49:41 -04006351run_test "DTLS fragmenting: both (MTU=1024)" \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006352 -p "$P_PXY mtu=1024" \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02006353 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
6354 crt_file=data_files/server7_int-ca.crt \
6355 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006356 hs_timeout=2500-60000 \
Andrzej Kurek95805282018-10-11 08:55:37 -04006357 mtu=1024" \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02006358 "$P_CLI dtls=1 debug_level=2 \
6359 crt_file=data_files/server8_int-ca2.crt \
6360 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006361 hs_timeout=2500-60000 \
6362 mtu=1024" \
Manuel Pégourié-Gonnardb747c6c2018-08-12 13:28:53 +02006363 0 \
6364 -s "found fragmented DTLS handshake message" \
6365 -c "found fragmented DTLS handshake message" \
6366 -C "error"
6367
Andrzej Kurek77826052018-10-11 07:34:08 -04006368# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
Andrzej Kurek7311c782018-10-11 06:49:41 -04006369requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6370requires_config_enabled MBEDTLS_RSA_C
6371requires_config_enabled MBEDTLS_ECDSA_C
6372requires_config_enabled MBEDTLS_SHA256_C
Gilles Peskinec221e532021-07-13 20:34:55 +02006373requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
Andrzej Kurek7311c782018-10-11 06:49:41 -04006374requires_config_enabled MBEDTLS_AES_C
6375requires_config_enabled MBEDTLS_GCM_C
Yuto Takanoc75df632021-07-08 15:56:33 +01006376requires_max_content_len 2048
Andrzej Kurek7311c782018-10-11 06:49:41 -04006377run_test "DTLS fragmenting: both (MTU=512)" \
Hanno Becker8d832182018-03-15 10:14:19 +00006378 -p "$P_PXY mtu=512" \
Hanno Becker72a4f032017-11-15 16:39:20 +00006379 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
6380 crt_file=data_files/server7_int-ca.crt \
6381 key_file=data_files/server7.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04006382 hs_timeout=2500-60000 \
Hanno Becker72a4f032017-11-15 16:39:20 +00006383 mtu=512" \
6384 "$P_CLI dtls=1 debug_level=2 \
6385 crt_file=data_files/server8_int-ca2.crt \
6386 key_file=data_files/server8.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04006387 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
6388 hs_timeout=2500-60000 \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +02006389 mtu=512" \
Manuel Pégourié-Gonnard63eca932014-09-08 16:39:08 +02006390 0 \
Manuel Pégourié-Gonnard246c13a2014-09-24 13:56:09 +02006391 -s "found fragmented DTLS handshake message" \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +02006392 -c "found fragmented DTLS handshake message" \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02006393 -C "error"
Manuel Pégourié-Gonnard74a13782014-10-14 22:34:08 +02006394
Andrzej Kurek7311c782018-10-11 06:49:41 -04006395# Test for automatic MTU reduction on repeated resend.
Andrzej Kurek77826052018-10-11 07:34:08 -04006396# Forcing ciphersuite for this test to fit the MTU of 508 with full config.
Andrzej Kurek7311c782018-10-11 06:49:41 -04006397# The ratio of max/min timeout should ideally equal 4 to accept two
6398# retransmissions, but in some cases (like both the server and client using
6399# fragmentation and auto-reduction) an extra retransmission might occur,
6400# hence the ratio of 8.
Hanno Becker37029eb2018-08-29 17:01:40 +01006401not_with_valgrind
Manuel Pégourié-Gonnardb8eec192018-08-20 09:34:02 +02006402requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6403requires_config_enabled MBEDTLS_RSA_C
6404requires_config_enabled MBEDTLS_ECDSA_C
Gilles Peskinec221e532021-07-13 20:34:55 +02006405requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
Andrzej Kurek7311c782018-10-11 06:49:41 -04006406requires_config_enabled MBEDTLS_AES_C
6407requires_config_enabled MBEDTLS_GCM_C
Yuto Takanoc75df632021-07-08 15:56:33 +01006408requires_max_content_len 2048
Manuel Pégourié-Gonnardb8eec192018-08-20 09:34:02 +02006409run_test "DTLS fragmenting: proxy MTU: auto-reduction" \
6410 -p "$P_PXY mtu=508" \
6411 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
6412 crt_file=data_files/server7_int-ca.crt \
Andrzej Kurek7311c782018-10-11 06:49:41 -04006413 key_file=data_files/server7.key \
6414 hs_timeout=400-3200" \
Manuel Pégourié-Gonnardb8eec192018-08-20 09:34:02 +02006415 "$P_CLI dtls=1 debug_level=2 \
6416 crt_file=data_files/server8_int-ca2.crt \
6417 key_file=data_files/server8.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04006418 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
6419 hs_timeout=400-3200" \
Manuel Pégourié-Gonnardb8eec192018-08-20 09:34:02 +02006420 0 \
6421 -s "found fragmented DTLS handshake message" \
6422 -c "found fragmented DTLS handshake message" \
6423 -C "error"
6424
Andrzej Kurek77826052018-10-11 07:34:08 -04006425# Forcing ciphersuite for this test to fit the MTU of 508 with full config.
Hanno Becker108992e2018-08-29 17:04:18 +01006426only_with_valgrind
6427requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6428requires_config_enabled MBEDTLS_RSA_C
6429requires_config_enabled MBEDTLS_ECDSA_C
Gilles Peskinec221e532021-07-13 20:34:55 +02006430requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
Andrzej Kurek7311c782018-10-11 06:49:41 -04006431requires_config_enabled MBEDTLS_AES_C
6432requires_config_enabled MBEDTLS_GCM_C
Yuto Takanoc75df632021-07-08 15:56:33 +01006433requires_max_content_len 2048
Hanno Becker108992e2018-08-29 17:04:18 +01006434run_test "DTLS fragmenting: proxy MTU: auto-reduction" \
6435 -p "$P_PXY mtu=508" \
6436 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
6437 crt_file=data_files/server7_int-ca.crt \
Andrzej Kurek7311c782018-10-11 06:49:41 -04006438 key_file=data_files/server7.key \
Hanno Becker108992e2018-08-29 17:04:18 +01006439 hs_timeout=250-10000" \
6440 "$P_CLI dtls=1 debug_level=2 \
6441 crt_file=data_files/server8_int-ca2.crt \
6442 key_file=data_files/server8.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04006443 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Hanno Becker108992e2018-08-29 17:04:18 +01006444 hs_timeout=250-10000" \
6445 0 \
6446 -s "found fragmented DTLS handshake message" \
6447 -c "found fragmented DTLS handshake message" \
6448 -C "error"
6449
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006450# the proxy shouldn't drop or mess up anything, so we shouldn't need to resend
Manuel Pégourié-Gonnard3d183ce2018-08-22 09:56:22 +02006451# OTOH the client might resend if the server is to slow to reset after sending
6452# a HelloVerifyRequest, so only check for no retransmission server-side
Andrzej Kurek35f2f302018-10-09 08:52:14 -04006453not_with_valgrind # spurious autoreduction due to timeout
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006454requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6455requires_config_enabled MBEDTLS_RSA_C
6456requires_config_enabled MBEDTLS_ECDSA_C
Yuto Takanoc75df632021-07-08 15:56:33 +01006457requires_max_content_len 2048
Andrzej Kurek7311c782018-10-11 06:49:41 -04006458run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=1024)" \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006459 -p "$P_PXY mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006460 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
6461 crt_file=data_files/server7_int-ca.crt \
6462 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006463 hs_timeout=10000-60000 \
6464 mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006465 "$P_CLI dtls=1 debug_level=2 \
6466 crt_file=data_files/server8_int-ca2.crt \
6467 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006468 hs_timeout=10000-60000 \
6469 mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006470 0 \
Andrzej Kurek35f2f302018-10-09 08:52:14 -04006471 -S "autoreduction" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006472 -s "found fragmented DTLS handshake message" \
6473 -c "found fragmented DTLS handshake message" \
6474 -C "error"
6475
Andrzej Kurek77826052018-10-11 07:34:08 -04006476# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
Andrzej Kurek7311c782018-10-11 06:49:41 -04006477# the proxy shouldn't drop or mess up anything, so we shouldn't need to resend
6478# OTOH the client might resend if the server is to slow to reset after sending
6479# a HelloVerifyRequest, so only check for no retransmission server-side
Andrzej Kurek35f2f302018-10-09 08:52:14 -04006480not_with_valgrind # spurious autoreduction due to timeout
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +02006481requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6482requires_config_enabled MBEDTLS_RSA_C
6483requires_config_enabled MBEDTLS_ECDSA_C
Gilles Peskinec221e532021-07-13 20:34:55 +02006484requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
Andrzej Kurek7311c782018-10-11 06:49:41 -04006485requires_config_enabled MBEDTLS_AES_C
6486requires_config_enabled MBEDTLS_GCM_C
Yuto Takanoc75df632021-07-08 15:56:33 +01006487requires_max_content_len 2048
Andrzej Kurek7311c782018-10-11 06:49:41 -04006488run_test "DTLS fragmenting: proxy MTU, simple handshake (MTU=512)" \
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +02006489 -p "$P_PXY mtu=512" \
6490 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
6491 crt_file=data_files/server7_int-ca.crt \
6492 key_file=data_files/server7.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04006493 hs_timeout=10000-60000 \
6494 mtu=512" \
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +02006495 "$P_CLI dtls=1 debug_level=2 \
6496 crt_file=data_files/server8_int-ca2.crt \
6497 key_file=data_files/server8.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04006498 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
6499 hs_timeout=10000-60000 \
6500 mtu=512" \
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +02006501 0 \
Andrzej Kurek7311c782018-10-11 06:49:41 -04006502 -S "autoreduction" \
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +02006503 -s "found fragmented DTLS handshake message" \
6504 -c "found fragmented DTLS handshake message" \
6505 -C "error"
6506
Andrzej Kurek7311c782018-10-11 06:49:41 -04006507not_with_valgrind # spurious autoreduction due to timeout
6508requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6509requires_config_enabled MBEDTLS_RSA_C
6510requires_config_enabled MBEDTLS_ECDSA_C
Yuto Takanoc75df632021-07-08 15:56:33 +01006511requires_max_content_len 2048
Andrzej Kurek7311c782018-10-11 06:49:41 -04006512run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=1024)" \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006513 -p "$P_PXY mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006514 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
6515 crt_file=data_files/server7_int-ca.crt \
6516 key_file=data_files/server7.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04006517 hs_timeout=10000-60000 \
6518 mtu=1024 nbio=2" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006519 "$P_CLI dtls=1 debug_level=2 \
6520 crt_file=data_files/server8_int-ca2.crt \
6521 key_file=data_files/server8.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04006522 hs_timeout=10000-60000 \
6523 mtu=1024 nbio=2" \
6524 0 \
6525 -S "autoreduction" \
6526 -s "found fragmented DTLS handshake message" \
6527 -c "found fragmented DTLS handshake message" \
6528 -C "error"
6529
Andrzej Kurek77826052018-10-11 07:34:08 -04006530# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
Andrzej Kurek7311c782018-10-11 06:49:41 -04006531not_with_valgrind # spurious autoreduction due to timeout
6532requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6533requires_config_enabled MBEDTLS_RSA_C
6534requires_config_enabled MBEDTLS_ECDSA_C
Gilles Peskinec221e532021-07-13 20:34:55 +02006535requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
Andrzej Kurek7311c782018-10-11 06:49:41 -04006536requires_config_enabled MBEDTLS_AES_C
6537requires_config_enabled MBEDTLS_GCM_C
Yuto Takanoc75df632021-07-08 15:56:33 +01006538requires_max_content_len 2048
Andrzej Kurek7311c782018-10-11 06:49:41 -04006539run_test "DTLS fragmenting: proxy MTU, simple handshake, nbio (MTU=512)" \
6540 -p "$P_PXY mtu=512" \
6541 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
6542 crt_file=data_files/server7_int-ca.crt \
6543 key_file=data_files/server7.key \
6544 hs_timeout=10000-60000 \
6545 mtu=512 nbio=2" \
6546 "$P_CLI dtls=1 debug_level=2 \
6547 crt_file=data_files/server8_int-ca2.crt \
6548 key_file=data_files/server8.key \
6549 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
6550 hs_timeout=10000-60000 \
6551 mtu=512 nbio=2" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006552 0 \
Andrzej Kurek35f2f302018-10-09 08:52:14 -04006553 -S "autoreduction" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006554 -s "found fragmented DTLS handshake message" \
6555 -c "found fragmented DTLS handshake message" \
6556 -C "error"
6557
Andrzej Kurek77826052018-10-11 07:34:08 -04006558# Forcing ciphersuite for this test to fit the MTU of 1450 with full config.
Hanno Beckerb841b4f2018-08-28 10:25:51 +01006559# This ensures things still work after session_reset().
6560# It also exercises the "resumed handshake" flow.
Manuel Pégourié-Gonnard19c62f92018-08-16 10:50:39 +02006561# Since we don't support reading fragmented ClientHello yet,
6562# up the MTU to 1450 (larger than ClientHello with session ticket,
6563# but still smaller than client's Certificate to ensure fragmentation).
Andrzej Kurek35f2f302018-10-09 08:52:14 -04006564# An autoreduction on the client-side might happen if the server is
6565# slow to reset, therefore omitting '-C "autoreduction"' below.
Manuel Pégourié-Gonnard2f2d9022018-08-21 12:17:54 +02006566# reco_delay avoids races where the client reconnects before the server has
Andrzej Kurek35f2f302018-10-09 08:52:14 -04006567# resumed listening, which would result in a spurious autoreduction.
6568not_with_valgrind # spurious autoreduction due to timeout
Manuel Pégourié-Gonnard19c62f92018-08-16 10:50:39 +02006569requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6570requires_config_enabled MBEDTLS_RSA_C
6571requires_config_enabled MBEDTLS_ECDSA_C
Gilles Peskinec221e532021-07-13 20:34:55 +02006572requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
Andrzej Kurek7311c782018-10-11 06:49:41 -04006573requires_config_enabled MBEDTLS_AES_C
6574requires_config_enabled MBEDTLS_GCM_C
Yuto Takanoc75df632021-07-08 15:56:33 +01006575requires_max_content_len 2048
Manuel Pégourié-Gonnard19c62f92018-08-16 10:50:39 +02006576run_test "DTLS fragmenting: proxy MTU, resumed handshake" \
6577 -p "$P_PXY mtu=1450" \
6578 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
6579 crt_file=data_files/server7_int-ca.crt \
6580 key_file=data_files/server7.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006581 hs_timeout=10000-60000 \
Manuel Pégourié-Gonnard19c62f92018-08-16 10:50:39 +02006582 mtu=1450" \
6583 "$P_CLI dtls=1 debug_level=2 \
6584 crt_file=data_files/server8_int-ca2.crt \
6585 key_file=data_files/server8.key \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006586 hs_timeout=10000-60000 \
Andrzej Kurek7311c782018-10-11 06:49:41 -04006587 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnard498e6322020-02-17 11:04:33 +01006588 mtu=1450 reconnect=1 skip_close_notify=1 reco_delay=1" \
Manuel Pégourié-Gonnard19c62f92018-08-16 10:50:39 +02006589 0 \
Andrzej Kurek35f2f302018-10-09 08:52:14 -04006590 -S "autoreduction" \
Manuel Pégourié-Gonnard19c62f92018-08-16 10:50:39 +02006591 -s "found fragmented DTLS handshake message" \
6592 -c "found fragmented DTLS handshake message" \
6593 -C "error"
6594
Andrzej Kurek35f2f302018-10-09 08:52:14 -04006595# An autoreduction on the client-side might happen if the server is
6596# slow to reset, therefore omitting '-C "autoreduction"' below.
6597not_with_valgrind # spurious autoreduction due to timeout
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006598requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6599requires_config_enabled MBEDTLS_RSA_C
6600requires_config_enabled MBEDTLS_ECDSA_C
6601requires_config_enabled MBEDTLS_SHA256_C
Gilles Peskinec221e532021-07-13 20:34:55 +02006602requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006603requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
6604requires_config_enabled MBEDTLS_CHACHAPOLY_C
Yuto Takanoc75df632021-07-08 15:56:33 +01006605requires_max_content_len 2048
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006606run_test "DTLS fragmenting: proxy MTU, ChachaPoly renego" \
6607 -p "$P_PXY mtu=512" \
6608 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
6609 crt_file=data_files/server7_int-ca.crt \
6610 key_file=data_files/server7.key \
6611 exchanges=2 renegotiation=1 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006612 hs_timeout=10000-60000 \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006613 mtu=512" \
6614 "$P_CLI dtls=1 debug_level=2 \
6615 crt_file=data_files/server8_int-ca2.crt \
6616 key_file=data_files/server8.key \
6617 exchanges=2 renegotiation=1 renegotiate=1 \
Andrzej Kurek7311c782018-10-11 06:49:41 -04006618 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006619 hs_timeout=10000-60000 \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006620 mtu=512" \
6621 0 \
Andrzej Kurek35f2f302018-10-09 08:52:14 -04006622 -S "autoreduction" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006623 -s "found fragmented DTLS handshake message" \
6624 -c "found fragmented DTLS handshake message" \
6625 -C "error"
6626
Andrzej Kurek35f2f302018-10-09 08:52:14 -04006627# An autoreduction on the client-side might happen if the server is
6628# slow to reset, therefore omitting '-C "autoreduction"' below.
6629not_with_valgrind # spurious autoreduction due to timeout
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006630requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6631requires_config_enabled MBEDTLS_RSA_C
6632requires_config_enabled MBEDTLS_ECDSA_C
6633requires_config_enabled MBEDTLS_SHA256_C
Gilles Peskinec221e532021-07-13 20:34:55 +02006634requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006635requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
6636requires_config_enabled MBEDTLS_AES_C
6637requires_config_enabled MBEDTLS_GCM_C
Yuto Takanoc75df632021-07-08 15:56:33 +01006638requires_max_content_len 2048
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006639run_test "DTLS fragmenting: proxy MTU, AES-GCM renego" \
6640 -p "$P_PXY mtu=512" \
6641 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
6642 crt_file=data_files/server7_int-ca.crt \
6643 key_file=data_files/server7.key \
6644 exchanges=2 renegotiation=1 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006645 hs_timeout=10000-60000 \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006646 mtu=512" \
6647 "$P_CLI dtls=1 debug_level=2 \
6648 crt_file=data_files/server8_int-ca2.crt \
6649 key_file=data_files/server8.key \
6650 exchanges=2 renegotiation=1 renegotiate=1 \
Andrzej Kurek7311c782018-10-11 06:49:41 -04006651 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006652 hs_timeout=10000-60000 \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006653 mtu=512" \
6654 0 \
Andrzej Kurek35f2f302018-10-09 08:52:14 -04006655 -S "autoreduction" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006656 -s "found fragmented DTLS handshake message" \
6657 -c "found fragmented DTLS handshake message" \
6658 -C "error"
6659
Andrzej Kurek35f2f302018-10-09 08:52:14 -04006660# An autoreduction on the client-side might happen if the server is
6661# slow to reset, therefore omitting '-C "autoreduction"' below.
6662not_with_valgrind # spurious autoreduction due to timeout
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006663requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6664requires_config_enabled MBEDTLS_RSA_C
6665requires_config_enabled MBEDTLS_ECDSA_C
6666requires_config_enabled MBEDTLS_SHA256_C
Gilles Peskinec221e532021-07-13 20:34:55 +02006667requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006668requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
6669requires_config_enabled MBEDTLS_AES_C
6670requires_config_enabled MBEDTLS_CCM_C
Yuto Takanoc75df632021-07-08 15:56:33 +01006671requires_max_content_len 2048
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006672run_test "DTLS fragmenting: proxy MTU, AES-CCM renego" \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006673 -p "$P_PXY mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006674 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
6675 crt_file=data_files/server7_int-ca.crt \
6676 key_file=data_files/server7.key \
6677 exchanges=2 renegotiation=1 \
6678 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006679 hs_timeout=10000-60000 \
6680 mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006681 "$P_CLI dtls=1 debug_level=2 \
6682 crt_file=data_files/server8_int-ca2.crt \
6683 key_file=data_files/server8.key \
6684 exchanges=2 renegotiation=1 renegotiate=1 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006685 hs_timeout=10000-60000 \
6686 mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006687 0 \
Andrzej Kurek35f2f302018-10-09 08:52:14 -04006688 -S "autoreduction" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006689 -s "found fragmented DTLS handshake message" \
6690 -c "found fragmented DTLS handshake message" \
6691 -C "error"
6692
Andrzej Kurek35f2f302018-10-09 08:52:14 -04006693# An autoreduction on the client-side might happen if the server is
6694# slow to reset, therefore omitting '-C "autoreduction"' below.
6695not_with_valgrind # spurious autoreduction due to timeout
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006696requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6697requires_config_enabled MBEDTLS_RSA_C
6698requires_config_enabled MBEDTLS_ECDSA_C
6699requires_config_enabled MBEDTLS_SHA256_C
Gilles Peskinec221e532021-07-13 20:34:55 +02006700requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006701requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
6702requires_config_enabled MBEDTLS_AES_C
6703requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
6704requires_config_enabled MBEDTLS_SSL_ENCRYPT_THEN_MAC
Yuto Takanoc75df632021-07-08 15:56:33 +01006705requires_max_content_len 2048
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006706run_test "DTLS fragmenting: proxy MTU, AES-CBC EtM renego" \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006707 -p "$P_PXY mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006708 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
6709 crt_file=data_files/server7_int-ca.crt \
6710 key_file=data_files/server7.key \
6711 exchanges=2 renegotiation=1 \
6712 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006713 hs_timeout=10000-60000 \
6714 mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006715 "$P_CLI dtls=1 debug_level=2 \
6716 crt_file=data_files/server8_int-ca2.crt \
6717 key_file=data_files/server8.key \
6718 exchanges=2 renegotiation=1 renegotiate=1 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006719 hs_timeout=10000-60000 \
6720 mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006721 0 \
Andrzej Kurek35f2f302018-10-09 08:52:14 -04006722 -S "autoreduction" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006723 -s "found fragmented DTLS handshake message" \
6724 -c "found fragmented DTLS handshake message" \
6725 -C "error"
6726
Andrzej Kurek35f2f302018-10-09 08:52:14 -04006727# An autoreduction on the client-side might happen if the server is
6728# slow to reset, therefore omitting '-C "autoreduction"' below.
6729not_with_valgrind # spurious autoreduction due to timeout
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006730requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6731requires_config_enabled MBEDTLS_RSA_C
6732requires_config_enabled MBEDTLS_ECDSA_C
6733requires_config_enabled MBEDTLS_SHA256_C
Gilles Peskinec221e532021-07-13 20:34:55 +02006734requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006735requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
6736requires_config_enabled MBEDTLS_AES_C
6737requires_config_enabled MBEDTLS_CIPHER_MODE_CBC
Yuto Takanoc75df632021-07-08 15:56:33 +01006738requires_max_content_len 2048
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006739run_test "DTLS fragmenting: proxy MTU, AES-CBC non-EtM renego" \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006740 -p "$P_PXY mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006741 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
6742 crt_file=data_files/server7_int-ca.crt \
6743 key_file=data_files/server7.key \
6744 exchanges=2 renegotiation=1 \
6745 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 etm=0 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006746 hs_timeout=10000-60000 \
6747 mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006748 "$P_CLI dtls=1 debug_level=2 \
6749 crt_file=data_files/server8_int-ca2.crt \
6750 key_file=data_files/server8.key \
6751 exchanges=2 renegotiation=1 renegotiate=1 \
Andrzej Kurek52f84912018-10-05 07:53:40 -04006752 hs_timeout=10000-60000 \
6753 mtu=1024" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006754 0 \
Andrzej Kurek35f2f302018-10-09 08:52:14 -04006755 -S "autoreduction" \
Manuel Pégourié-Gonnard72c27072018-08-13 12:37:51 +02006756 -s "found fragmented DTLS handshake message" \
6757 -c "found fragmented DTLS handshake message" \
6758 -C "error"
6759
Andrzej Kurek77826052018-10-11 07:34:08 -04006760# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
Manuel Pégourié-Gonnard2d56f0d2018-08-16 11:09:03 +02006761requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6762requires_config_enabled MBEDTLS_RSA_C
6763requires_config_enabled MBEDTLS_ECDSA_C
Gilles Peskinec221e532021-07-13 20:34:55 +02006764requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
Andrzej Kurek7311c782018-10-11 06:49:41 -04006765requires_config_enabled MBEDTLS_AES_C
6766requires_config_enabled MBEDTLS_GCM_C
Manuel Pégourié-Gonnard2d56f0d2018-08-16 11:09:03 +02006767client_needs_more_time 2
Yuto Takanoc75df632021-07-08 15:56:33 +01006768requires_max_content_len 2048
Manuel Pégourié-Gonnard2d56f0d2018-08-16 11:09:03 +02006769run_test "DTLS fragmenting: proxy MTU + 3d" \
6770 -p "$P_PXY mtu=512 drop=8 delay=8 duplicate=8" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01006771 "$P_SRV dgram_packing=0 dtls=1 debug_level=2 auth_mode=required \
Manuel Pégourié-Gonnard2d56f0d2018-08-16 11:09:03 +02006772 crt_file=data_files/server7_int-ca.crt \
6773 key_file=data_files/server7.key \
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02006774 hs_timeout=250-10000 mtu=512" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01006775 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
Manuel Pégourié-Gonnard2d56f0d2018-08-16 11:09:03 +02006776 crt_file=data_files/server8_int-ca2.crt \
6777 key_file=data_files/server8.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04006778 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02006779 hs_timeout=250-10000 mtu=512" \
Manuel Pégourié-Gonnard2d56f0d2018-08-16 11:09:03 +02006780 0 \
6781 -s "found fragmented DTLS handshake message" \
6782 -c "found fragmented DTLS handshake message" \
6783 -C "error"
6784
Andrzej Kurek77826052018-10-11 07:34:08 -04006785# Forcing ciphersuite for this test to fit the MTU of 512 with full config.
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +02006786requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6787requires_config_enabled MBEDTLS_RSA_C
6788requires_config_enabled MBEDTLS_ECDSA_C
Gilles Peskinec221e532021-07-13 20:34:55 +02006789requires_config_enabled MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
Andrzej Kurek7311c782018-10-11 06:49:41 -04006790requires_config_enabled MBEDTLS_AES_C
6791requires_config_enabled MBEDTLS_GCM_C
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +02006792client_needs_more_time 2
Yuto Takanoc75df632021-07-08 15:56:33 +01006793requires_max_content_len 2048
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +02006794run_test "DTLS fragmenting: proxy MTU + 3d, nbio" \
6795 -p "$P_PXY mtu=512 drop=8 delay=8 duplicate=8" \
6796 "$P_SRV dtls=1 debug_level=2 auth_mode=required \
6797 crt_file=data_files/server7_int-ca.crt \
6798 key_file=data_files/server7.key \
6799 hs_timeout=250-10000 mtu=512 nbio=2" \
6800 "$P_CLI dtls=1 debug_level=2 \
6801 crt_file=data_files/server8_int-ca2.crt \
6802 key_file=data_files/server8.key \
Andrzej Kurek7311c782018-10-11 06:49:41 -04006803 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
Manuel Pégourié-Gonnardc1d54b72018-08-22 10:02:59 +02006804 hs_timeout=250-10000 mtu=512 nbio=2" \
6805 0 \
6806 -s "found fragmented DTLS handshake message" \
6807 -c "found fragmented DTLS handshake message" \
6808 -C "error"
6809
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02006810# interop tests for DTLS fragmentating with reliable connection
6811#
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02006812# here and below we just want to test that the we fragment in a way that
6813# pleases other implementations, so we don't need the peer to fragment
6814requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6815requires_config_enabled MBEDTLS_RSA_C
6816requires_config_enabled MBEDTLS_ECDSA_C
6817requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard61512982018-08-21 09:40:07 +02006818requires_gnutls
Yuto Takanoc75df632021-07-08 15:56:33 +01006819requires_max_content_len 2048
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02006820run_test "DTLS fragmenting: gnutls server, DTLS 1.2" \
6821 "$G_SRV -u" \
6822 "$P_CLI dtls=1 debug_level=2 \
6823 crt_file=data_files/server8_int-ca2.crt \
6824 key_file=data_files/server8.key \
6825 mtu=512 force_version=dtls1_2" \
6826 0 \
6827 -c "fragmenting handshake message" \
6828 -C "error"
6829
6830requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6831requires_config_enabled MBEDTLS_RSA_C
6832requires_config_enabled MBEDTLS_ECDSA_C
6833requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
Manuel Pégourié-Gonnard61512982018-08-21 09:40:07 +02006834requires_gnutls
Yuto Takanoc75df632021-07-08 15:56:33 +01006835requires_max_content_len 2048
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02006836run_test "DTLS fragmenting: gnutls server, DTLS 1.0" \
6837 "$G_SRV -u" \
6838 "$P_CLI dtls=1 debug_level=2 \
6839 crt_file=data_files/server8_int-ca2.crt \
6840 key_file=data_files/server8.key \
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02006841 mtu=512 force_version=dtls1" \
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02006842 0 \
6843 -c "fragmenting handshake message" \
6844 -C "error"
6845
Hanno Beckerb9a00862018-08-28 10:20:22 +01006846# We use --insecure for the GnuTLS client because it expects
6847# the hostname / IP it connects to to be the name used in the
6848# certificate obtained from the server. Here, however, it
6849# connects to 127.0.0.1 while our test certificates use 'localhost'
6850# as the server name in the certificate. This will make the
6851# certifiate validation fail, but passing --insecure makes
6852# GnuTLS continue the connection nonetheless.
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02006853requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6854requires_config_enabled MBEDTLS_RSA_C
6855requires_config_enabled MBEDTLS_ECDSA_C
6856requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard61512982018-08-21 09:40:07 +02006857requires_gnutls
Andrzej Kurekb4593462018-10-11 08:43:30 -04006858requires_not_i686
Yuto Takanoc75df632021-07-08 15:56:33 +01006859requires_max_content_len 2048
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02006860run_test "DTLS fragmenting: gnutls client, DTLS 1.2" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02006861 "$P_SRV dtls=1 debug_level=2 \
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02006862 crt_file=data_files/server7_int-ca.crt \
6863 key_file=data_files/server7.key \
6864 mtu=512 force_version=dtls1_2" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02006865 "$G_CLI -u --insecure 127.0.0.1" \
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02006866 0 \
6867 -s "fragmenting handshake message"
6868
Hanno Beckerb9a00862018-08-28 10:20:22 +01006869# See previous test for the reason to use --insecure
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02006870requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6871requires_config_enabled MBEDTLS_RSA_C
6872requires_config_enabled MBEDTLS_ECDSA_C
6873requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
Manuel Pégourié-Gonnard61512982018-08-21 09:40:07 +02006874requires_gnutls
Andrzej Kurekb4593462018-10-11 08:43:30 -04006875requires_not_i686
Yuto Takanoc75df632021-07-08 15:56:33 +01006876requires_max_content_len 2048
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02006877run_test "DTLS fragmenting: gnutls client, DTLS 1.0" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02006878 "$P_SRV dtls=1 debug_level=2 \
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02006879 crt_file=data_files/server7_int-ca.crt \
6880 key_file=data_files/server7.key \
6881 mtu=512 force_version=dtls1" \
Manuel Pégourié-Gonnard34aa1872018-08-23 19:07:15 +02006882 "$G_CLI -u --insecure 127.0.0.1" \
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02006883 0 \
6884 -s "fragmenting handshake message"
6885
6886requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6887requires_config_enabled MBEDTLS_RSA_C
6888requires_config_enabled MBEDTLS_ECDSA_C
6889requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Yuto Takanoc75df632021-07-08 15:56:33 +01006890requires_max_content_len 2048
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02006891run_test "DTLS fragmenting: openssl server, DTLS 1.2" \
6892 "$O_SRV -dtls1_2 -verify 10" \
6893 "$P_CLI dtls=1 debug_level=2 \
6894 crt_file=data_files/server8_int-ca2.crt \
6895 key_file=data_files/server8.key \
6896 mtu=512 force_version=dtls1_2" \
6897 0 \
6898 -c "fragmenting handshake message" \
6899 -C "error"
6900
6901requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6902requires_config_enabled MBEDTLS_RSA_C
6903requires_config_enabled MBEDTLS_ECDSA_C
6904requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
Yuto Takanoc75df632021-07-08 15:56:33 +01006905requires_max_content_len 2048
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02006906run_test "DTLS fragmenting: openssl server, DTLS 1.0" \
6907 "$O_SRV -dtls1 -verify 10" \
6908 "$P_CLI dtls=1 debug_level=2 \
6909 crt_file=data_files/server8_int-ca2.crt \
6910 key_file=data_files/server8.key \
6911 mtu=512 force_version=dtls1" \
6912 0 \
6913 -c "fragmenting handshake message" \
6914 -C "error"
6915
6916requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6917requires_config_enabled MBEDTLS_RSA_C
6918requires_config_enabled MBEDTLS_ECDSA_C
6919requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Yuto Takanoc75df632021-07-08 15:56:33 +01006920requires_max_content_len 2048
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02006921run_test "DTLS fragmenting: openssl client, DTLS 1.2" \
6922 "$P_SRV dtls=1 debug_level=2 \
6923 crt_file=data_files/server7_int-ca.crt \
6924 key_file=data_files/server7.key \
6925 mtu=512 force_version=dtls1_2" \
6926 "$O_CLI -dtls1_2" \
6927 0 \
6928 -s "fragmenting handshake message"
6929
6930requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6931requires_config_enabled MBEDTLS_RSA_C
6932requires_config_enabled MBEDTLS_ECDSA_C
6933requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
Yuto Takanoc75df632021-07-08 15:56:33 +01006934requires_max_content_len 2048
Manuel Pégourié-Gonnard1218bc02018-08-17 10:51:26 +02006935run_test "DTLS fragmenting: openssl client, DTLS 1.0" \
6936 "$P_SRV dtls=1 debug_level=2 \
6937 crt_file=data_files/server7_int-ca.crt \
6938 key_file=data_files/server7.key \
6939 mtu=512 force_version=dtls1" \
6940 "$O_CLI -dtls1" \
6941 0 \
6942 -s "fragmenting handshake message"
6943
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02006944# interop tests for DTLS fragmentating with unreliable connection
6945#
6946# again we just want to test that the we fragment in a way that
6947# pleases other implementations, so we don't need the peer to fragment
6948requires_gnutls_next
6949requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6950requires_config_enabled MBEDTLS_RSA_C
6951requires_config_enabled MBEDTLS_ECDSA_C
6952requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02006953client_needs_more_time 4
Yuto Takanoc75df632021-07-08 15:56:33 +01006954requires_max_content_len 2048
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02006955run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.2" \
6956 -p "$P_PXY drop=8 delay=8 duplicate=8" \
6957 "$G_NEXT_SRV -u" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01006958 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02006959 crt_file=data_files/server8_int-ca2.crt \
6960 key_file=data_files/server8.key \
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02006961 hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02006962 0 \
6963 -c "fragmenting handshake message" \
6964 -C "error"
6965
6966requires_gnutls_next
6967requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6968requires_config_enabled MBEDTLS_RSA_C
6969requires_config_enabled MBEDTLS_ECDSA_C
6970requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02006971client_needs_more_time 4
Yuto Takanoc75df632021-07-08 15:56:33 +01006972requires_max_content_len 2048
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02006973run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.0" \
6974 -p "$P_PXY drop=8 delay=8 duplicate=8" \
6975 "$G_NEXT_SRV -u" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01006976 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02006977 crt_file=data_files/server8_int-ca2.crt \
6978 key_file=data_files/server8.key \
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02006979 hs_timeout=250-60000 mtu=512 force_version=dtls1" \
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02006980 0 \
6981 -c "fragmenting handshake message" \
6982 -C "error"
6983
k-stachowiakabb843e2019-02-18 16:14:03 +01006984requires_gnutls_next
Hanno Becker3b8b40c2018-08-28 10:25:41 +01006985requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
6986requires_config_enabled MBEDTLS_RSA_C
6987requires_config_enabled MBEDTLS_ECDSA_C
6988requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
6989client_needs_more_time 4
Yuto Takanoc75df632021-07-08 15:56:33 +01006990requires_max_content_len 2048
Hanno Becker3b8b40c2018-08-28 10:25:41 +01006991run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.2" \
6992 -p "$P_PXY drop=8 delay=8 duplicate=8" \
6993 "$P_SRV dtls=1 debug_level=2 \
6994 crt_file=data_files/server7_int-ca.crt \
6995 key_file=data_files/server7.key \
6996 hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \
k-stachowiakabb843e2019-02-18 16:14:03 +01006997 "$G_NEXT_CLI -u --insecure 127.0.0.1" \
Hanno Becker3b8b40c2018-08-28 10:25:41 +01006998 0 \
6999 -s "fragmenting handshake message"
7000
k-stachowiakabb843e2019-02-18 16:14:03 +01007001requires_gnutls_next
Hanno Becker3b8b40c2018-08-28 10:25:41 +01007002requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7003requires_config_enabled MBEDTLS_RSA_C
7004requires_config_enabled MBEDTLS_ECDSA_C
7005requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
7006client_needs_more_time 4
Yuto Takanoc75df632021-07-08 15:56:33 +01007007requires_max_content_len 2048
Hanno Becker3b8b40c2018-08-28 10:25:41 +01007008run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.0" \
7009 -p "$P_PXY drop=8 delay=8 duplicate=8" \
7010 "$P_SRV dtls=1 debug_level=2 \
7011 crt_file=data_files/server7_int-ca.crt \
7012 key_file=data_files/server7.key \
7013 hs_timeout=250-60000 mtu=512 force_version=dtls1" \
k-stachowiakabb843e2019-02-18 16:14:03 +01007014 "$G_NEXT_CLI -u --insecure 127.0.0.1" \
Hanno Becker3b8b40c2018-08-28 10:25:41 +01007015 0 \
7016 -s "fragmenting handshake message"
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02007017
Manuel Pégourié-Gonnardc1eda672018-09-03 10:41:49 +02007018## Interop test with OpenSSL might trigger a bug in recent versions (including
7019## all versions installed on the CI machines), reported here:
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02007020## Bug report: https://github.com/openssl/openssl/issues/6902
Manuel Pégourié-Gonnardc1eda672018-09-03 10:41:49 +02007021## They should be re-enabled once a fixed version of OpenSSL is available
7022## (this should happen in some 1.1.1_ release according to the ticket).
Hanno Becker3b8b40c2018-08-28 10:25:41 +01007023skip_next_test
7024requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7025requires_config_enabled MBEDTLS_RSA_C
7026requires_config_enabled MBEDTLS_ECDSA_C
7027requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7028client_needs_more_time 4
Yuto Takanoc75df632021-07-08 15:56:33 +01007029requires_max_content_len 2048
Hanno Becker3b8b40c2018-08-28 10:25:41 +01007030run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.2" \
7031 -p "$P_PXY drop=8 delay=8 duplicate=8" \
7032 "$O_SRV -dtls1_2 -verify 10" \
7033 "$P_CLI dtls=1 debug_level=2 \
7034 crt_file=data_files/server8_int-ca2.crt \
7035 key_file=data_files/server8.key \
7036 hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \
7037 0 \
7038 -c "fragmenting handshake message" \
7039 -C "error"
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02007040
Manuel Pégourié-Gonnardc1eda672018-09-03 10:41:49 +02007041skip_next_test
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02007042requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7043requires_config_enabled MBEDTLS_RSA_C
7044requires_config_enabled MBEDTLS_ECDSA_C
7045requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02007046client_needs_more_time 4
Yuto Takanoc75df632021-07-08 15:56:33 +01007047requires_max_content_len 2048
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02007048run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.0" \
7049 -p "$P_PXY drop=8 delay=8 duplicate=8" \
Manuel Pégourié-Gonnardc1eda672018-09-03 10:41:49 +02007050 "$O_SRV -dtls1 -verify 10" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01007051 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02007052 crt_file=data_files/server8_int-ca2.crt \
7053 key_file=data_files/server8.key \
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02007054 hs_timeout=250-60000 mtu=512 force_version=dtls1" \
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02007055 0 \
7056 -c "fragmenting handshake message" \
7057 -C "error"
7058
Manuel Pégourié-Gonnardc1eda672018-09-03 10:41:49 +02007059skip_next_test
7060requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7061requires_config_enabled MBEDTLS_RSA_C
7062requires_config_enabled MBEDTLS_ECDSA_C
7063requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
7064client_needs_more_time 4
Yuto Takanoc75df632021-07-08 15:56:33 +01007065requires_max_content_len 2048
Manuel Pégourié-Gonnardc1eda672018-09-03 10:41:49 +02007066run_test "DTLS fragmenting: 3d, openssl client, DTLS 1.2" \
7067 -p "$P_PXY drop=8 delay=8 duplicate=8" \
7068 "$P_SRV dtls=1 debug_level=2 \
7069 crt_file=data_files/server7_int-ca.crt \
7070 key_file=data_files/server7.key \
7071 hs_timeout=250-60000 mtu=512 force_version=dtls1_2" \
7072 "$O_CLI -dtls1_2" \
7073 0 \
7074 -s "fragmenting handshake message"
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02007075
7076# -nbio is added to prevent s_client from blocking in case of duplicated
7077# messages at the end of the handshake
Manuel Pégourié-Gonnardc1eda672018-09-03 10:41:49 +02007078skip_next_test
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02007079requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
7080requires_config_enabled MBEDTLS_RSA_C
7081requires_config_enabled MBEDTLS_ECDSA_C
7082requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_1
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02007083client_needs_more_time 4
Yuto Takanoc75df632021-07-08 15:56:33 +01007084requires_max_content_len 2048
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02007085run_test "DTLS fragmenting: 3d, openssl client, DTLS 1.0" \
7086 -p "$P_PXY drop=8 delay=8 duplicate=8" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01007087 "$P_SRV dgram_packing=0 dtls=1 debug_level=2 \
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02007088 crt_file=data_files/server7_int-ca.crt \
7089 key_file=data_files/server7.key \
Manuel Pégourié-Gonnard02f3a8a2018-08-20 10:49:28 +02007090 hs_timeout=250-60000 mtu=512 force_version=dtls1" \
Manuel Pégourié-Gonnardc1eda672018-09-03 10:41:49 +02007091 "$O_CLI -nbio -dtls1" \
Manuel Pégourié-Gonnard38110df2018-08-17 12:44:54 +02007092 0 \
7093 -s "fragmenting handshake message"
7094
Manuel Pégourié-Gonnarda7756172014-08-31 18:37:01 +02007095# Tests for specific things with "unreliable" UDP connection
7096
7097not_with_valgrind # spurious resend due to timeout
7098run_test "DTLS proxy: reference" \
7099 -p "$P_PXY" \
Manuel Pégourié-Gonnard34cbf102019-09-09 11:14:37 +02007100 "$P_SRV dtls=1 debug_level=2 hs_timeout=10000-20000" \
7101 "$P_CLI dtls=1 debug_level=2 hs_timeout=10000-20000" \
Manuel Pégourié-Gonnarda7756172014-08-31 18:37:01 +02007102 0 \
7103 -C "replayed record" \
7104 -S "replayed record" \
7105 -C "record from another epoch" \
7106 -S "record from another epoch" \
7107 -C "discarding invalid record" \
Manuel Pégourié-Gonnard990f9e42014-09-06 12:27:02 +02007108 -S "discarding invalid record" \
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +02007109 -S "resend" \
Manuel Pégourié-Gonnard990f9e42014-09-06 12:27:02 +02007110 -s "Extra-header:" \
Manuel Pégourié-Gonnardbe9eb872014-09-05 17:45:19 +02007111 -c "HTTP/1.0 200 OK"
7112
7113not_with_valgrind # spurious resend due to timeout
Manuel Pégourié-Gonnard990f9e42014-09-06 12:27:02 +02007114run_test "DTLS proxy: duplicate every packet" \
7115 -p "$P_PXY duplicate=1" \
Manuel Pégourié-Gonnard34cbf102019-09-09 11:14:37 +02007116 "$P_SRV dtls=1 dgram_packing=0 debug_level=2 hs_timeout=10000-20000" \
7117 "$P_CLI dtls=1 dgram_packing=0 debug_level=2 hs_timeout=10000-20000" \
Manuel Pégourié-Gonnard990f9e42014-09-06 12:27:02 +02007118 0 \
7119 -c "replayed record" \
7120 -s "replayed record" \
7121 -c "record from another epoch" \
7122 -s "record from another epoch" \
7123 -S "resend" \
7124 -s "Extra-header:" \
7125 -c "HTTP/1.0 200 OK"
7126
7127run_test "DTLS proxy: duplicate every packet, server anti-replay off" \
7128 -p "$P_PXY duplicate=1" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01007129 "$P_SRV dtls=1 dgram_packing=0 debug_level=2 anti_replay=0" \
7130 "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \
Manuel Pégourié-Gonnard63eca932014-09-08 16:39:08 +02007131 0 \
7132 -c "replayed record" \
7133 -S "replayed record" \
7134 -c "record from another epoch" \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02007135 -s "record from another epoch" \
7136 -c "resend" \
7137 -s "resend" \
Manuel Pégourié-Gonnard246c13a2014-09-24 13:56:09 +02007138 -s "Extra-header:" \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02007139 -c "HTTP/1.0 200 OK"
7140
7141run_test "DTLS proxy: multiple records in same datagram" \
7142 -p "$P_PXY pack=50" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01007143 "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \
7144 "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \
Manuel Pégourié-Gonnard63eca932014-09-08 16:39:08 +02007145 0 \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02007146 -c "next record in same datagram" \
7147 -s "next record in same datagram"
7148
7149run_test "DTLS proxy: multiple records in same datagram, duplicate every packet" \
7150 -p "$P_PXY pack=50 duplicate=1" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01007151 "$P_SRV dtls=1 dgram_packing=0 debug_level=2" \
7152 "$P_CLI dtls=1 dgram_packing=0 debug_level=2" \
Manuel Pégourié-Gonnard246c13a2014-09-24 13:56:09 +02007153 0 \
7154 -c "next record in same datagram" \
7155 -s "next record in same datagram"
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02007156
Manuel Pégourié-Gonnard246c13a2014-09-24 13:56:09 +02007157run_test "DTLS proxy: inject invalid AD record, default badmac_limit" \
7158 -p "$P_PXY bad_ad=1" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01007159 "$P_SRV dtls=1 dgram_packing=0 debug_level=1" \
7160 "$P_CLI dtls=1 dgram_packing=0 debug_level=1 read_timeout=100" \
Manuel Pégourié-Gonnard63eca932014-09-08 16:39:08 +02007161 0 \
Manuel Pégourié-Gonnard74a13782014-10-14 22:34:08 +02007162 -c "discarding invalid record (mac)" \
7163 -s "discarding invalid record (mac)" \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02007164 -s "Extra-header:" \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +02007165 -c "HTTP/1.0 200 OK" \
7166 -S "too many records with bad MAC" \
7167 -S "Verification of the message MAC failed"
7168
7169run_test "DTLS proxy: inject invalid AD record, badmac_limit 1" \
7170 -p "$P_PXY bad_ad=1" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01007171 "$P_SRV dtls=1 dgram_packing=0 debug_level=1 badmac_limit=1" \
7172 "$P_CLI dtls=1 dgram_packing=0 debug_level=1 read_timeout=100" \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +02007173 1 \
Manuel Pégourié-Gonnard74a13782014-10-14 22:34:08 +02007174 -C "discarding invalid record (mac)" \
7175 -S "discarding invalid record (mac)" \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +02007176 -S "Extra-header:" \
7177 -C "HTTP/1.0 200 OK" \
7178 -s "too many records with bad MAC" \
7179 -s "Verification of the message MAC failed"
7180
7181run_test "DTLS proxy: inject invalid AD record, badmac_limit 2" \
7182 -p "$P_PXY bad_ad=1" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01007183 "$P_SRV dtls=1 dgram_packing=0 debug_level=1 badmac_limit=2" \
7184 "$P_CLI dtls=1 dgram_packing=0 debug_level=1 read_timeout=100" \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +02007185 0 \
Manuel Pégourié-Gonnard74a13782014-10-14 22:34:08 +02007186 -c "discarding invalid record (mac)" \
7187 -s "discarding invalid record (mac)" \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +02007188 -s "Extra-header:" \
7189 -c "HTTP/1.0 200 OK" \
7190 -S "too many records with bad MAC" \
7191 -S "Verification of the message MAC failed"
7192
7193run_test "DTLS proxy: inject invalid AD record, badmac_limit 2, exchanges 2"\
7194 -p "$P_PXY bad_ad=1" \
Hanno Becker1c9a24c2018-08-14 13:46:33 +01007195 "$P_SRV dtls=1 dgram_packing=0 debug_level=1 badmac_limit=2 exchanges=2" \
7196 "$P_CLI dtls=1 dgram_packing=0 debug_level=1 read_timeout=100 exchanges=2" \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +02007197 1 \
Manuel Pégourié-Gonnard74a13782014-10-14 22:34:08 +02007198 -c "discarding invalid record (mac)" \
7199 -s "discarding invalid record (mac)" \
Manuel Pégourié-Gonnarde698f592014-10-14 19:36:36 +02007200 -s "Extra-header:" \
7201 -c "HTTP/1.0 200 OK" \
7202 -s "too many records with bad MAC" \
7203 -s "Verification of the message MAC failed"
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02007204
7205run_test "DTLS proxy: delay ChangeCipherSpec" \
7206 -p "$P_PXY delay_ccs=1" \
Hanno Beckerc4305232018-08-14 13:41:21 +01007207 "$P_SRV dtls=1 debug_level=1 dgram_packing=0" \
7208 "$P_CLI dtls=1 debug_level=1 dgram_packing=0" \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02007209 0 \
7210 -c "record from another epoch" \
7211 -s "record from another epoch" \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02007212 -s "Extra-header:" \
7213 -c "HTTP/1.0 200 OK"
7214
Hanno Beckeraa5d0c42018-08-16 13:15:19 +01007215# Tests for reordering support with DTLS
7216
Hanno Becker56cdfd12018-08-17 13:42:15 +01007217run_test "DTLS reordering: Buffer out-of-order handshake message on client" \
7218 -p "$P_PXY delay_srv=ServerHello" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007219 "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
7220 hs_timeout=2500-60000" \
7221 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
7222 hs_timeout=2500-60000" \
Hanno Beckere3842212018-08-16 15:28:59 +01007223 0 \
7224 -c "Buffering HS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01007225 -c "Next handshake message has been buffered - load"\
7226 -S "Buffering HS message" \
7227 -S "Next handshake message has been buffered - load"\
Hanno Becker39b8bc92018-08-28 17:17:13 +01007228 -C "Injecting buffered CCS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01007229 -C "Remember CCS message" \
Hanno Becker39b8bc92018-08-28 17:17:13 +01007230 -S "Injecting buffered CCS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01007231 -S "Remember CCS message"
Hanno Beckere3842212018-08-16 15:28:59 +01007232
Hanno Beckerdc1e9502018-08-28 16:02:33 +01007233run_test "DTLS reordering: Buffer out-of-order handshake message fragment on client" \
7234 -p "$P_PXY delay_srv=ServerHello" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007235 "$P_SRV mtu=512 dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
7236 hs_timeout=2500-60000" \
7237 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
7238 hs_timeout=2500-60000" \
Hanno Beckerdc1e9502018-08-28 16:02:33 +01007239 0 \
7240 -c "Buffering HS message" \
7241 -c "found fragmented DTLS handshake message"\
7242 -c "Next handshake message 1 not or only partially bufffered" \
7243 -c "Next handshake message has been buffered - load"\
7244 -S "Buffering HS message" \
7245 -S "Next handshake message has been buffered - load"\
Hanno Becker39b8bc92018-08-28 17:17:13 +01007246 -C "Injecting buffered CCS message" \
Hanno Beckerdc1e9502018-08-28 16:02:33 +01007247 -C "Remember CCS message" \
Hanno Becker39b8bc92018-08-28 17:17:13 +01007248 -S "Injecting buffered CCS message" \
Hanno Beckeraa5d0c42018-08-16 13:15:19 +01007249 -S "Remember CCS message"
7250
Hanno Beckera1adcca2018-08-24 14:41:07 +01007251# The client buffers the ServerKeyExchange before receiving the fragmented
7252# Certificate message; at the time of writing, together these are aroudn 1200b
7253# in size, so that the bound below ensures that the certificate can be reassembled
7254# while keeping the ServerKeyExchange.
7255requires_config_value_at_least "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 1300
7256run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling next" \
Hanno Beckere3567052018-08-21 16:50:43 +01007257 -p "$P_PXY delay_srv=Certificate delay_srv=Certificate" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007258 "$P_SRV mtu=512 dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
7259 hs_timeout=2500-60000" \
7260 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
7261 hs_timeout=2500-60000" \
Hanno Beckere3567052018-08-21 16:50:43 +01007262 0 \
7263 -c "Buffering HS message" \
7264 -c "Next handshake message has been buffered - load"\
Hanno Beckera1adcca2018-08-24 14:41:07 +01007265 -C "attempt to make space by freeing buffered messages" \
7266 -S "Buffering HS message" \
7267 -S "Next handshake message has been buffered - load"\
Hanno Becker39b8bc92018-08-28 17:17:13 +01007268 -C "Injecting buffered CCS message" \
Hanno Beckera1adcca2018-08-24 14:41:07 +01007269 -C "Remember CCS message" \
Hanno Becker39b8bc92018-08-28 17:17:13 +01007270 -S "Injecting buffered CCS message" \
Hanno Beckera1adcca2018-08-24 14:41:07 +01007271 -S "Remember CCS message"
7272
7273# The size constraints ensure that the delayed certificate message can't
7274# be reassembled while keeping the ServerKeyExchange message, but it can
7275# when dropping it first.
7276requires_config_value_at_least "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 900
7277requires_config_value_at_most "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 1299
7278run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling next, free buffered msg" \
7279 -p "$P_PXY delay_srv=Certificate delay_srv=Certificate" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007280 "$P_SRV mtu=512 dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
7281 hs_timeout=2500-60000" \
7282 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
7283 hs_timeout=2500-60000" \
Hanno Beckera1adcca2018-08-24 14:41:07 +01007284 0 \
7285 -c "Buffering HS message" \
7286 -c "attempt to make space by freeing buffered future messages" \
7287 -c "Enough space available after freeing buffered HS messages" \
Hanno Beckere3567052018-08-21 16:50:43 +01007288 -S "Buffering HS message" \
7289 -S "Next handshake message has been buffered - load"\
Hanno Becker39b8bc92018-08-28 17:17:13 +01007290 -C "Injecting buffered CCS message" \
Hanno Beckere3567052018-08-21 16:50:43 +01007291 -C "Remember CCS message" \
Hanno Becker39b8bc92018-08-28 17:17:13 +01007292 -S "Injecting buffered CCS message" \
Hanno Beckere3567052018-08-21 16:50:43 +01007293 -S "Remember CCS message"
7294
Hanno Becker56cdfd12018-08-17 13:42:15 +01007295run_test "DTLS reordering: Buffer out-of-order handshake message on server" \
7296 -p "$P_PXY delay_cli=Certificate" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007297 "$P_SRV dgram_packing=0 auth_mode=required cookies=0 dtls=1 debug_level=2 \
7298 hs_timeout=2500-60000" \
7299 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
7300 hs_timeout=2500-60000" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01007301 0 \
7302 -C "Buffering HS message" \
7303 -C "Next handshake message has been buffered - load"\
7304 -s "Buffering HS message" \
7305 -s "Next handshake message has been buffered - load" \
Hanno Becker39b8bc92018-08-28 17:17:13 +01007306 -C "Injecting buffered CCS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01007307 -C "Remember CCS message" \
Hanno Becker39b8bc92018-08-28 17:17:13 +01007308 -S "Injecting buffered CCS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01007309 -S "Remember CCS message"
7310
7311run_test "DTLS reordering: Buffer out-of-order CCS message on client"\
7312 -p "$P_PXY delay_srv=NewSessionTicket" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007313 "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
7314 hs_timeout=2500-60000" \
7315 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
7316 hs_timeout=2500-60000" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01007317 0 \
7318 -C "Buffering HS message" \
7319 -C "Next handshake message has been buffered - load"\
7320 -S "Buffering HS message" \
7321 -S "Next handshake message has been buffered - load" \
Hanno Becker39b8bc92018-08-28 17:17:13 +01007322 -c "Injecting buffered CCS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01007323 -c "Remember CCS message" \
Hanno Becker39b8bc92018-08-28 17:17:13 +01007324 -S "Injecting buffered CCS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01007325 -S "Remember CCS message"
7326
7327run_test "DTLS reordering: Buffer out-of-order CCS message on server"\
7328 -p "$P_PXY delay_cli=ClientKeyExchange" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007329 "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
7330 hs_timeout=2500-60000" \
7331 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
7332 hs_timeout=2500-60000" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01007333 0 \
7334 -C "Buffering HS message" \
7335 -C "Next handshake message has been buffered - load"\
7336 -S "Buffering HS message" \
7337 -S "Next handshake message has been buffered - load" \
Hanno Becker39b8bc92018-08-28 17:17:13 +01007338 -C "Injecting buffered CCS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01007339 -C "Remember CCS message" \
Hanno Becker39b8bc92018-08-28 17:17:13 +01007340 -s "Injecting buffered CCS message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01007341 -s "Remember CCS message"
7342
Hanno Beckera1adcca2018-08-24 14:41:07 +01007343run_test "DTLS reordering: Buffer encrypted Finished message" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01007344 -p "$P_PXY delay_ccs=1" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007345 "$P_SRV dgram_packing=0 cookies=0 dtls=1 debug_level=2 \
7346 hs_timeout=2500-60000" \
7347 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 \
7348 hs_timeout=2500-60000" \
Hanno Beckerb34149c2018-08-16 15:29:06 +01007349 0 \
7350 -s "Buffer record from epoch 1" \
Hanno Becker56cdfd12018-08-17 13:42:15 +01007351 -s "Found buffered record from current epoch - load" \
7352 -c "Buffer record from epoch 1" \
7353 -c "Found buffered record from current epoch - load"
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02007354
Hanno Beckera1adcca2018-08-24 14:41:07 +01007355# In this test, both the fragmented NewSessionTicket and the ChangeCipherSpec
7356# from the server are delayed, so that the encrypted Finished message
7357# is received and buffered. When the fragmented NewSessionTicket comes
7358# in afterwards, the encrypted Finished message must be freed in order
7359# to make space for the NewSessionTicket to be reassembled.
7360# This works only in very particular circumstances:
7361# - MBEDTLS_SSL_DTLS_MAX_BUFFERING must be large enough to allow buffering
7362# of the NewSessionTicket, but small enough to also allow buffering of
7363# the encrypted Finished message.
7364# - The MTU setting on the server must be so small that the NewSessionTicket
7365# needs to be fragmented.
7366# - All messages sent by the server must be small enough to be either sent
7367# without fragmentation or be reassembled within the bounds of
7368# MBEDTLS_SSL_DTLS_MAX_BUFFERING. Achieve this by testing with a PSK-based
7369# handshake, omitting CRTs.
7370requires_config_value_at_least "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 240
7371requires_config_value_at_most "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 280
7372run_test "DTLS reordering: Buffer encrypted Finished message, drop for fragmented NewSessionTicket" \
7373 -p "$P_PXY delay_srv=NewSessionTicket delay_srv=NewSessionTicket delay_ccs=1" \
7374 "$P_SRV mtu=190 dgram_packing=0 psk=abc123 psk_identity=foo cookies=0 dtls=1 debug_level=2" \
7375 "$P_CLI dgram_packing=0 dtls=1 debug_level=2 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8 psk=abc123 psk_identity=foo" \
7376 0 \
7377 -s "Buffer record from epoch 1" \
7378 -s "Found buffered record from current epoch - load" \
7379 -c "Buffer record from epoch 1" \
7380 -C "Found buffered record from current epoch - load" \
7381 -c "Enough space available after freeing future epoch record"
7382
Manuel Pégourié-Gonnarda0719722014-09-20 12:46:27 +02007383# Tests for "randomly unreliable connection": try a variety of flows and peers
7384
7385client_needs_more_time 2
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02007386run_test "DTLS proxy: 3d (drop, delay, duplicate), \"short\" PSK handshake" \
7387 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007388 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02007389 psk=abc123" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007390 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02007391 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
7392 0 \
7393 -s "Extra-header:" \
7394 -c "HTTP/1.0 200 OK"
7395
Janos Follath74537a62016-09-02 13:45:28 +01007396client_needs_more_time 2
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02007397run_test "DTLS proxy: 3d, \"short\" RSA handshake" \
7398 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007399 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none" \
7400 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 \
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02007401 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
7402 0 \
7403 -s "Extra-header:" \
7404 -c "HTTP/1.0 200 OK"
7405
Janos Follath74537a62016-09-02 13:45:28 +01007406client_needs_more_time 2
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02007407run_test "DTLS proxy: 3d, \"short\" (no ticket, no cli_auth) FS handshake" \
7408 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007409 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none" \
7410 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0" \
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02007411 0 \
7412 -s "Extra-header:" \
7413 -c "HTTP/1.0 200 OK"
7414
Janos Follath74537a62016-09-02 13:45:28 +01007415client_needs_more_time 2
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02007416run_test "DTLS proxy: 3d, FS, client auth" \
7417 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007418 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=required" \
7419 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0" \
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02007420 0 \
7421 -s "Extra-header:" \
7422 -c "HTTP/1.0 200 OK"
7423
Janos Follath74537a62016-09-02 13:45:28 +01007424client_needs_more_time 2
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02007425run_test "DTLS proxy: 3d, FS, ticket" \
7426 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007427 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1 auth_mode=none" \
7428 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1" \
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02007429 0 \
7430 -s "Extra-header:" \
7431 -c "HTTP/1.0 200 OK"
7432
Janos Follath74537a62016-09-02 13:45:28 +01007433client_needs_more_time 2
Manuel Pégourié-Gonnard18e519a2014-09-24 19:09:17 +02007434run_test "DTLS proxy: 3d, max handshake (FS, ticket + client auth)" \
7435 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007436 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1 auth_mode=required" \
7437 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1" \
Manuel Pégourié-Gonnard825a49e2014-09-23 11:00:37 +02007438 0 \
7439 -s "Extra-header:" \
7440 -c "HTTP/1.0 200 OK"
7441
Janos Follath74537a62016-09-02 13:45:28 +01007442client_needs_more_time 2
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +02007443run_test "DTLS proxy: 3d, max handshake, nbio" \
7444 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007445 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 nbio=2 tickets=1 \
Manuel Pégourié-Gonnard37a4de22014-10-01 16:38:03 +02007446 auth_mode=required" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007447 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 nbio=2 tickets=1" \
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +02007448 0 \
7449 -s "Extra-header:" \
7450 -c "HTTP/1.0 200 OK"
7451
Janos Follath74537a62016-09-02 13:45:28 +01007452client_needs_more_time 4
Manuel Pégourié-Gonnard7a26d732014-10-02 14:50:46 +02007453run_test "DTLS proxy: 3d, min handshake, resumption" \
7454 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007455 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
Manuel Pégourié-Gonnard7a26d732014-10-02 14:50:46 +02007456 psk=abc123 debug_level=3" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007457 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
Manuel Pégourié-Gonnard498e6322020-02-17 11:04:33 +01007458 debug_level=3 reconnect=1 skip_close_notify=1 read_timeout=1000 max_resend=10 \
Manuel Pégourié-Gonnard7a26d732014-10-02 14:50:46 +02007459 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
7460 0 \
7461 -s "a session has been resumed" \
7462 -c "a session has been resumed" \
7463 -s "Extra-header:" \
7464 -c "HTTP/1.0 200 OK"
7465
Janos Follath74537a62016-09-02 13:45:28 +01007466client_needs_more_time 4
Manuel Pégourié-Gonnard85beb302014-10-02 17:59:19 +02007467run_test "DTLS proxy: 3d, min handshake, resumption, nbio" \
7468 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007469 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
Manuel Pégourié-Gonnard85beb302014-10-02 17:59:19 +02007470 psk=abc123 debug_level=3 nbio=2" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007471 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
Manuel Pégourié-Gonnard498e6322020-02-17 11:04:33 +01007472 debug_level=3 reconnect=1 skip_close_notify=1 read_timeout=1000 max_resend=10 \
Manuel Pégourié-Gonnard85beb302014-10-02 17:59:19 +02007473 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8 nbio=2" \
7474 0 \
7475 -s "a session has been resumed" \
7476 -c "a session has been resumed" \
7477 -s "Extra-header:" \
7478 -c "HTTP/1.0 200 OK"
7479
Janos Follath74537a62016-09-02 13:45:28 +01007480client_needs_more_time 4
Hanno Becker6a243642017-10-12 15:18:45 +01007481requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +02007482run_test "DTLS proxy: 3d, min handshake, client-initiated renego" \
Manuel Pégourié-Gonnard1b753f12014-09-25 16:09:36 +02007483 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007484 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
Manuel Pégourié-Gonnard37a4de22014-10-01 16:38:03 +02007485 psk=abc123 renegotiation=1 debug_level=2" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007486 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
Manuel Pégourié-Gonnard37a4de22014-10-01 16:38:03 +02007487 renegotiate=1 debug_level=2 \
Manuel Pégourié-Gonnard1b753f12014-09-25 16:09:36 +02007488 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
7489 0 \
7490 -c "=> renegotiate" \
7491 -s "=> renegotiate" \
7492 -s "Extra-header:" \
7493 -c "HTTP/1.0 200 OK"
7494
Janos Follath74537a62016-09-02 13:45:28 +01007495client_needs_more_time 4
Hanno Becker6a243642017-10-12 15:18:45 +01007496requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +02007497run_test "DTLS proxy: 3d, min handshake, client-initiated renego, nbio" \
7498 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007499 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
Manuel Pégourié-Gonnard37a4de22014-10-01 16:38:03 +02007500 psk=abc123 renegotiation=1 debug_level=2" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007501 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
Manuel Pégourié-Gonnard37a4de22014-10-01 16:38:03 +02007502 renegotiate=1 debug_level=2 \
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +02007503 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
7504 0 \
7505 -c "=> renegotiate" \
7506 -s "=> renegotiate" \
7507 -s "Extra-header:" \
7508 -c "HTTP/1.0 200 OK"
7509
Janos Follath74537a62016-09-02 13:45:28 +01007510client_needs_more_time 4
Hanno Becker6a243642017-10-12 15:18:45 +01007511requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnardba958b82014-10-09 16:13:44 +02007512run_test "DTLS proxy: 3d, min handshake, server-initiated renego" \
Manuel Pégourié-Gonnarda6ace042014-10-15 12:44:41 +02007513 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007514 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
Manuel Pégourié-Gonnarda6ace042014-10-15 12:44:41 +02007515 psk=abc123 renegotiate=1 renegotiation=1 exchanges=4 \
Manuel Pégourié-Gonnardba958b82014-10-09 16:13:44 +02007516 debug_level=2" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007517 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
Manuel Pégourié-Gonnarda6ace042014-10-15 12:44:41 +02007518 renegotiation=1 exchanges=4 debug_level=2 \
Manuel Pégourié-Gonnardba958b82014-10-09 16:13:44 +02007519 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
7520 0 \
7521 -c "=> renegotiate" \
7522 -s "=> renegotiate" \
7523 -s "Extra-header:" \
7524 -c "HTTP/1.0 200 OK"
7525
Janos Follath74537a62016-09-02 13:45:28 +01007526client_needs_more_time 4
Hanno Becker6a243642017-10-12 15:18:45 +01007527requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
Manuel Pégourié-Gonnardba958b82014-10-09 16:13:44 +02007528run_test "DTLS proxy: 3d, min handshake, server-initiated renego, nbio" \
Manuel Pégourié-Gonnarda6ace042014-10-15 12:44:41 +02007529 -p "$P_PXY drop=5 delay=5 duplicate=5" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007530 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
Manuel Pégourié-Gonnarda6ace042014-10-15 12:44:41 +02007531 psk=abc123 renegotiate=1 renegotiation=1 exchanges=4 \
Manuel Pégourié-Gonnardba958b82014-10-09 16:13:44 +02007532 debug_level=2 nbio=2" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007533 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
Manuel Pégourié-Gonnarda6ace042014-10-15 12:44:41 +02007534 renegotiation=1 exchanges=4 debug_level=2 nbio=2 \
Manuel Pégourié-Gonnardba958b82014-10-09 16:13:44 +02007535 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
7536 0 \
7537 -c "=> renegotiate" \
7538 -s "=> renegotiate" \
7539 -s "Extra-header:" \
7540 -c "HTTP/1.0 200 OK"
7541
Manuel Pégourié-Gonnard82986c12018-09-03 10:50:21 +02007542## Interop tests with OpenSSL might trigger a bug in recent versions (including
7543## all versions installed on the CI machines), reported here:
7544## Bug report: https://github.com/openssl/openssl/issues/6902
7545## They should be re-enabled once a fixed version of OpenSSL is available
7546## (this should happen in some 1.1.1_ release according to the ticket).
7547skip_next_test
Janos Follath74537a62016-09-02 13:45:28 +01007548client_needs_more_time 6
Manuel Pégourié-Gonnardd68434e2015-08-31 12:48:22 +02007549not_with_valgrind # risk of non-mbedtls peer timing out
Manuel Pégourié-Gonnard9590e0a2014-09-26 16:27:59 +02007550run_test "DTLS proxy: 3d, openssl server" \
Manuel Pégourié-Gonnardd0fd1da2014-09-25 17:00:27 +02007551 -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
7552 "$O_SRV -dtls1 -mtu 2048" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007553 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 tickets=0" \
Manuel Pégourié-Gonnardd0fd1da2014-09-25 17:00:27 +02007554 0 \
Manuel Pégourié-Gonnardd0fd1da2014-09-25 17:00:27 +02007555 -c "HTTP/1.0 200 OK"
7556
Manuel Pégourié-Gonnard82986c12018-09-03 10:50:21 +02007557skip_next_test # see above
Janos Follath74537a62016-09-02 13:45:28 +01007558client_needs_more_time 8
Manuel Pégourié-Gonnardd68434e2015-08-31 12:48:22 +02007559not_with_valgrind # risk of non-mbedtls peer timing out
Manuel Pégourié-Gonnard9590e0a2014-09-26 16:27:59 +02007560run_test "DTLS proxy: 3d, openssl server, fragmentation" \
7561 -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
7562 "$O_SRV -dtls1 -mtu 768" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007563 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 tickets=0" \
Manuel Pégourié-Gonnard9590e0a2014-09-26 16:27:59 +02007564 0 \
Manuel Pégourié-Gonnard9590e0a2014-09-26 16:27:59 +02007565 -c "HTTP/1.0 200 OK"
7566
Manuel Pégourié-Gonnard82986c12018-09-03 10:50:21 +02007567skip_next_test # see above
Janos Follath74537a62016-09-02 13:45:28 +01007568client_needs_more_time 8
Manuel Pégourié-Gonnardd68434e2015-08-31 12:48:22 +02007569not_with_valgrind # risk of non-mbedtls peer timing out
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +02007570run_test "DTLS proxy: 3d, openssl server, fragmentation, nbio" \
7571 -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
7572 "$O_SRV -dtls1 -mtu 768" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007573 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 nbio=2 tickets=0" \
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +02007574 0 \
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +02007575 -c "HTTP/1.0 200 OK"
7576
Manuel Pégourié-Gonnard96999962015-02-17 16:02:37 +00007577requires_gnutls
Janos Follath74537a62016-09-02 13:45:28 +01007578client_needs_more_time 6
Manuel Pégourié-Gonnardd68434e2015-08-31 12:48:22 +02007579not_with_valgrind # risk of non-mbedtls peer timing out
Manuel Pégourié-Gonnard9590e0a2014-09-26 16:27:59 +02007580run_test "DTLS proxy: 3d, gnutls server" \
7581 -p "$P_PXY drop=5 delay=5 duplicate=5" \
7582 "$G_SRV -u --mtu 2048 -a" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007583 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000" \
Manuel Pégourié-Gonnard9590e0a2014-09-26 16:27:59 +02007584 0 \
7585 -s "Extra-header:" \
7586 -c "Extra-header:"
7587
k-stachowiakabb843e2019-02-18 16:14:03 +01007588requires_gnutls_next
Janos Follath74537a62016-09-02 13:45:28 +01007589client_needs_more_time 8
Manuel Pégourié-Gonnardd68434e2015-08-31 12:48:22 +02007590not_with_valgrind # risk of non-mbedtls peer timing out
Manuel Pégourié-Gonnard9590e0a2014-09-26 16:27:59 +02007591run_test "DTLS proxy: 3d, gnutls server, fragmentation" \
7592 -p "$P_PXY drop=5 delay=5 duplicate=5" \
k-stachowiakabb843e2019-02-18 16:14:03 +01007593 "$G_NEXT_SRV -u --mtu 512" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007594 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000" \
Manuel Pégourié-Gonnard9590e0a2014-09-26 16:27:59 +02007595 0 \
7596 -s "Extra-header:" \
7597 -c "Extra-header:"
7598
k-stachowiakabb843e2019-02-18 16:14:03 +01007599requires_gnutls_next
Janos Follath74537a62016-09-02 13:45:28 +01007600client_needs_more_time 8
Manuel Pégourié-Gonnardd68434e2015-08-31 12:48:22 +02007601not_with_valgrind # risk of non-mbedtls peer timing out
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +02007602run_test "DTLS proxy: 3d, gnutls server, fragmentation, nbio" \
7603 -p "$P_PXY drop=5 delay=5 duplicate=5" \
k-stachowiakabb843e2019-02-18 16:14:03 +01007604 "$G_NEXT_SRV -u --mtu 512" \
Andrzej Kurek948fe802018-10-05 15:42:44 -04007605 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 nbio=2" \
Manuel Pégourié-Gonnard6093d812014-09-29 17:52:57 +02007606 0 \
7607 -s "Extra-header:" \
7608 -c "Extra-header:"
7609
Manuel Pégourié-Gonnard8520dac2014-02-21 12:12:23 +01007610# Final report
7611
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +01007612echo "------------------------------------------------------------------------"
7613
7614if [ $FAILS = 0 ]; then
Manuel Pégourié-Gonnardf46f1282014-12-11 11:51:28 +01007615 printf "PASSED"
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +01007616else
Manuel Pégourié-Gonnardf46f1282014-12-11 11:51:28 +01007617 printf "FAILED"
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +01007618fi
Manuel Pégourié-Gonnard72e51ee2014-08-31 10:22:11 +02007619PASSES=$(( $TESTS - $FAILS ))
Manuel Pégourié-Gonnard6f4fbbb2014-08-14 14:31:29 +02007620echo " ($PASSES / $TESTS tests ($SKIPS skipped))"
Manuel Pégourié-Gonnard33a752e2014-02-21 09:47:37 +01007621
7622exit $FAILS