eden-emu/mbedtls
15
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge pull request #5582 from gilles-peskine-arm/ssl-opt-auto-psk

Browse source 
Run ssl-opt.sh in more reduced configurations
This commit is contained in:
Gilles Peskine 2022-04-21 12:03:53 +02:00 committed by GitHub
commit afbfed9397
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
9 changed files with 452 additions and 157 deletions
Download patch file Download diff file Expand all files Collapse all files

5
ChangeLog.d/dtls-cid-null.txt Normal file
View file

@ -0,0 +1,5 @@
Bugfix
* In configurations with MBEDTLS_SSL_DTLS_CONNECTION_ID enabled but not
MBEDTLS_DEBUG_C, DTLS handshakes using CID would crash due to a null
pointer dereference. Fix this. Fixes #3998.
The fix was released, but not announced, in Mbed TLS 3.1.0.

108
configs/config-ccm-psk-dtls1_2.h Normal file
View file

@ -0,0 +1,108 @@
/**
* \file config-ccm-psk-dtls1_2.h
*
* \brief Small configuration for DTLS 1.2 with PSK and AES-CCM ciphersuites
*/
/*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/*
* Minimal configuration for DTLS 1.2 with PSK and AES-CCM ciphersuites
*
* Distinguishing features:
* - Optimized for small code size, low bandwidth (on an unreliable transport),
* and low RAM usage.
* - No asymmetric cryptography (no certificates, no Diffie-Hellman key
* exchange).
* - Fully modern and secure (provided the pre-shared keys are generated and
* stored securely).
* - Very low record overhead with CCM-8.
* - Includes several optional DTLS features typically used in IoT.
*
* See README.txt for usage instructions.
*/
/* System support */
//#define MBEDTLS_HAVE_TIME /* Optionally used in Hello messages */
/* Other MBEDTLS_HAVE_XXX flags irrelevant for this configuration */
/* Mbed TLS modules */
#define MBEDTLS_AES_C
#define MBEDTLS_CCM_C
#define MBEDTLS_CIPHER_C
#define MBEDTLS_CTR_DRBG_C
#define MBEDTLS_ENTROPY_C
#define MBEDTLS_MD_C
#define MBEDTLS_NET_C
/* The library does not currently support enabling SHA-224 without SHA-256.
* A future version of the library will have this option disabled
* by default. */
#define MBEDTLS_SHA224_C
#define MBEDTLS_SHA256_C
#define MBEDTLS_SSL_CLI_C
#define MBEDTLS_SSL_COOKIE_C
#define MBEDTLS_SSL_SRV_C
#define MBEDTLS_SSL_TLS_C
#define MBEDTLS_TIMING_C
/* TLS protocol feature support */
#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
#define MBEDTLS_SSL_PROTO_TLS1_2
#define MBEDTLS_SSL_PROTO_DTLS
#define MBEDTLS_SSL_DTLS_ANTI_REPLAY
#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
#define MBEDTLS_SSL_DTLS_CONNECTION_ID
#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
/*
* Use only CCM_8 ciphersuites, and
* save ROM and a few bytes of RAM by specifying our own ciphersuite list
*/
#define MBEDTLS_SSL_CIPHERSUITES \
MBEDTLS_TLS_PSK_WITH_AES_256_CCM_8, \
MBEDTLS_TLS_PSK_WITH_AES_128_CCM_8
/*
* Save RAM at the expense of interoperability: do this only if you control
* both ends of the connection! (See comments in "mbedtls/ssl.h".)
* The optimal size here depends on the typical size of records.
*/
#define MBEDTLS_SSL_IN_CONTENT_LEN 256
#define MBEDTLS_SSL_OUT_CONTENT_LEN 256
/* Save RAM at the expense of ROM */
#define MBEDTLS_AES_ROM_TABLES
/* Save some RAM by adjusting to your exact needs */
#define MBEDTLS_PSK_MAX_LEN 16 /* 128-bits keys are generally enough */
/*
* You should adjust this to the exact number of sources you're using: default
* is the "platform_entropy_poll" source, but you may want to add other ones
* Minimum is 2 for the entropy test suite.
*/
#define MBEDTLS_ENTROPY_MAX_SOURCES 2
/* These defines are present so that the config modifying scripts can enable
* them during tests/scripts/test-ref-configs.pl */
//#define MBEDTLS_USE_PSA_CRYPTO
//#define MBEDTLS_PSA_CRYPTO_C
/* Error messages and TLS debugging traces
* (huge code size increase, needed for tests/ssl-opt.sh) */
//#define MBEDTLS_DEBUG_C
//#define MBEDTLS_ERROR_C

53
configs/config-ccm-psk-tls1_2.h
View file

@ -21,11 +21,15 @@
*/
/*
* Minimal configuration for TLS 1.2 with PSK and AES-CCM ciphersuites
*
* Distinguishing features:
* - no bignum, no PK, no X509
* - fully modern and secure (provided the pre-shared keys have high entropy)
* - very low record overhead with CCM-8
* - optimized for low RAM usage
* - Optimized for small code size, low bandwidth (on a reliable transport),
* and low RAM usage.
* - No asymmetric cryptography (no certificates, no Diffie-Hellman key
* exchange).
* - Fully modern and secure (provided the pre-shared keys are generated and
* stored securely).
* - Very low record overhead with CCM-8.
*
* See README.txt for usage instructions.
*/
@ -34,11 +38,7 @@
//#define MBEDTLS_HAVE_TIME /* Optionally used in Hello messages */
/* Other MBEDTLS_HAVE_XXX flags irrelevant for this configuration */
/* mbed TLS feature support */
#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
#define MBEDTLS_SSL_PROTO_TLS1_2
/* mbed TLS modules */
/* Mbed TLS modules */
#define MBEDTLS_AES_C
#define MBEDTLS_CCM_C
#define MBEDTLS_CIPHER_C
@ -55,18 +55,9 @@
#define MBEDTLS_SSL_SRV_C
#define MBEDTLS_SSL_TLS_C
/* Save RAM at the expense of ROM */
#define MBEDTLS_AES_ROM_TABLES
/* Save some RAM by adjusting to your exact needs */
#define MBEDTLS_PSK_MAX_LEN 16 /* 128-bits keys are generally enough */
/*
* You should adjust this to the exact number of sources you're using: default
* is the "platform_entropy_poll" source, but you may want to add other ones
* Minimum is 2 for the entropy test suite.
*/
#define MBEDTLS_ENTROPY_MAX_SOURCES 2
/* TLS protocol feature support */
#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
#define MBEDTLS_SSL_PROTO_TLS1_2
/*
* Use only CCM_8 ciphersuites, and
@ -81,10 +72,28 @@
* both ends of the connection! (See comments in "mbedtls/ssl.h".)
* The optimal size here depends on the typical size of records.
*/
#define MBEDTLS_SSL_IN_CONTENT_LEN 1024
#define MBEDTLS_SSL_IN_CONTENT_LEN 1024
#define MBEDTLS_SSL_OUT_CONTENT_LEN 1024
/* Save RAM at the expense of ROM */
#define MBEDTLS_AES_ROM_TABLES
/* Save some RAM by adjusting to your exact needs */
#define MBEDTLS_PSK_MAX_LEN 16 /* 128-bits keys are generally enough */
/*
* You should adjust this to the exact number of sources you're using: default
* is the "platform_entropy_poll" source, but you may want to add other ones
* Minimum is 2 for the entropy test suite.
*/
#define MBEDTLS_ENTROPY_MAX_SOURCES 2
/* These defines are present so that the config modifying scripts can enable
* them during tests/scripts/test-ref-configs.pl */
//#define MBEDTLS_USE_PSA_CRYPTO
//#define MBEDTLS_PSA_CRYPTO_C
/* Error messages and TLS debugging traces
* (huge code size increase, needed for tests/ssl-opt.sh) */
//#define MBEDTLS_DEBUG_C
//#define MBEDTLS_ERROR_C

5
configs/config-suite-b.h
View file

@ -115,3 +115,8 @@
* them during tests/scripts/test-ref-configs.pl */
//#define MBEDTLS_USE_PSA_CRYPTO
//#define MBEDTLS_PSA_CRYPTO_C
/* Error messages and TLS debugging traces
* (huge code size increase, needed for tests/ssl-opt.sh) */
//#define MBEDTLS_DEBUG_C
//#define MBEDTLS_ERROR_C

29
programs/ssl/ssl_server2.c
View file

@ -169,9 +169,6 @@ int main( void )
/*
* Size of the basic I/O buffer. Able to hold our default response.
*
* You will need to adapt the mbedtls_ssl_get_bytes_avail() test in ssl-opt.sh
* if you change this value to something outside the range <= 100 or > 500
*/
#define DFL_IO_BUF_LEN 200
@ -2113,10 +2110,26 @@ int main( int argc, char *argv[] )
#if defined(MBEDTLS_DEBUG_C)
mbedtls_debug_set_threshold( opt.debug_level );
#endif
buf = mbedtls_calloc( 1, opt.buffer_size + 1 );
/* buf will alternatively contain the input read from the client and the
* response that's about to be sent, plus a null byte in each case. */
size_t buf_content_size = opt.buffer_size;
/* The default response contains the ciphersuite name. Leave enough
* room for that plus some margin. */
if( buf_content_size < strlen( HTTP_RESPONSE ) + 80 )
{
buf_content_size = strlen( HTTP_RESPONSE ) + 80;
}
if( opt.response_size != DFL_RESPONSE_SIZE &&
buf_content_size < (size_t) opt.response_size )
{
buf_content_size = opt.response_size;
}
buf = mbedtls_calloc( 1, buf_content_size + 1 );
if( buf == NULL )
{
mbedtls_printf( "Could not allocate %u bytes\n", opt.buffer_size );
mbedtls_printf( "Could not allocate %lu bytes\n",
(unsigned long) buf_content_size + 1 );
ret = 3;
goto exit;
}
@ -3550,7 +3563,7 @@ data_exchange:
do
{
int terminated = 0;
len = opt.buffer_size - 1;
len = opt.buffer_size;
memset( buf, 0, opt.buffer_size );
ret = mbedtls_ssl_read( &ssl, buf, len );
@ -3651,7 +3664,7 @@ data_exchange:
}
else /* Not stream, so datagram */
{
len = opt.buffer_size - 1;
len = opt.buffer_size;
memset( buf, 0, opt.buffer_size );
do
@ -3753,6 +3766,8 @@ data_exchange:
mbedtls_printf( " > Write to client:" );
fflush( stdout );
/* If the format of the response changes, make sure there is enough
* room in buf (buf_content_size calculation above). */
len = sprintf( (char *) buf, HTTP_RESPONSE,
mbedtls_ssl_get_ciphersuite( &ssl ) );

3
programs/test/dlopen.c
View file

@ -19,8 +19,9 @@
#include "mbedtls/build_info.h"
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#if !defined(MBEDTLS_PLATFORM_C)
#else
#include <stdio.h>
#include <stdlib.h>
#define mbedtls_fprintf fprintf

19
tests/scripts/all.sh
View file

@ -2326,18 +2326,6 @@ component_test_variable_ssl_in_out_buffer_len_CID () {
tests/compat.sh
}
component_test_CID_no_debug() {
msg "build: Connection ID enabled, debug disabled"
scripts/config.py unset MBEDTLS_DEBUG_C
scripts/config.py set MBEDTLS_SSL_DTLS_CONNECTION_ID
CC=gcc cmake .
make
msg "test: Connection ID enabled, debug disabled"
make test
}
component_test_ssl_alloc_buffer_and_mfl () {
msg "build: default config with memory buffer allocator and MFL extension"
scripts/config.py set MBEDTLS_MEMORY_BUFFER_ALLOC_C
@ -2978,16 +2966,17 @@ component_test_cmake_out_of_source () {
msg "test: cmake 'out-of-source' build"
make test
# Test an SSL option that requires an auxiliary script in test/scripts/.
# Check that ssl-opt.sh can find the test programs.
# Also ensure that there are no error messages such as
# "No such file or directory", which would indicate that some required
# file is missing (ssl-opt.sh tolerates the absence of some files so
# may exit with status 0 but emit errors).
./tests/ssl-opt.sh -f 'Fallback SCSV: beginning of list' 2>ssl-opt.err
./tests/ssl-opt.sh -f 'Default' >ssl-opt.out 2>ssl-opt.err
grep PASS ssl-opt.out
cat ssl-opt.err >&2
# If ssl-opt.err is non-empty, record an error and keep going.
[ ! -s ssl-opt.err ]
rm ssl-opt.err
rm ssl-opt.out ssl-opt.err
cd "$MBEDTLS_ROOT_DIR"
rm -rf "$OUT_OF_SOURCE_DIR"
}

74
tests/scripts/test-ref-configs.pl
View file

@ -32,11 +32,19 @@ my %configs = (
'compat' => '-m tls12 -f \'^TLS-PSK-WITH-AES-...-CCM-8\'',
'test_again_with_use_psa' => 1
},
'config-ccm-psk-dtls1_2.h' => {
'compat' => '-m dtls12 -f \'^TLS-PSK-WITH-AES-...-CCM-8\'',
'opt' => ' ',
'opt_needs_debug' => 1,
'test_again_with_use_psa' => 1
},
'config-no-entropy.h' => {
},
'config-suite-b.h' => {
'compat' => "-m tls12 -f 'ECDHE-ECDSA.*AES.*GCM' -p mbedTLS",
'test_again_with_use_psa' => 1,
'opt' => ' ',
'opt_needs_debug' => 1,
},
'config-symmetric-only.h' => {
'test_again_with_use_psa' => 0, # Uses PSA by default, no need to test it twice
@ -49,17 +57,14 @@ my %configs = (
# If no config-name is provided, use all known configs.
# Otherwise, use the provided names only.
my @configs_to_test = sort keys %configs;
if ($#ARGV >= 0) {
my %configs_ori = ( %configs );
%configs = ();
foreach my $conf_name (@ARGV) {
if( ! exists $configs_ori{$conf_name} ) {
foreach my $conf_name ( @ARGV ) {
if( ! exists $configs{$conf_name} ) {
die "Unknown configuration: $conf_name\n";
} else {
$configs{$conf_name} = $configs_ori{$conf_name};
}
}
@configs_to_test = @ARGV;
}
-d 'library' && -d 'include' && -d 'tests' or die "Must be run from root\n";
@ -84,25 +89,27 @@ if (!-e "tests/seedfile" || -s "tests/seedfile" < 64) {
}
sub perform_test {
my $conf = $_[0];
my $conf_file = $_[0];
my $data = $_[1];
my $test_with_psa = $_[2];
my $conf_name = $conf_file;
if ( $test_with_psa )
{
$conf_name .= "+PSA";
}
system( "cp $config_h.bak $config_h" ) and die;
system( "make clean" ) and die;
print "\n******************************************\n";
print "* Testing configuration: $conf\n";
if ( $test_with_psa )
{
print "* ENABLING MBEDTLS_PSA_CRYPTO_C and MBEDTLS_USE_PSA_CRYPTO \n";
}
print "* Testing configuration: $conf_name\n";
print "******************************************\n";
$ENV{MBEDTLS_TEST_CONFIGURATION} = $conf;
$ENV{MBEDTLS_TEST_CONFIGURATION} = $conf_name;
system( "cp configs/$conf $config_h" )
and abort "Failed to activate $conf\n";
system( "cp configs/$conf_file $config_h" )
and abort "Failed to activate $conf_file\n";
if ( $test_with_psa )
{
@ -110,41 +117,52 @@ sub perform_test {
system( "scripts/config.py set MBEDTLS_USE_PSA_CRYPTO" );
}
system( "CFLAGS='-Os -Werror -Wall -Wextra' make" ) and abort "Failed to build: $conf\n";
system( "make test" ) and abort "Failed test suite: $conf\n";
system( "CFLAGS='-Os -Werror -Wall -Wextra' make" ) and abort "Failed to build: $conf_name\n";
system( "make test" ) and abort "Failed test suite: $conf_name\n";
my $compat = $data->{'compat'};
if( $compat )
{
print "\nrunning compat.sh $compat\n";
print "\nrunning compat.sh $compat ($conf_name)\n";
system( "tests/compat.sh $compat" )
and abort "Failed compat.sh: $conf\n";
and abort "Failed compat.sh: $conf_name\n";
}
else
{
print "\nskipping compat.sh\n";
print "\nskipping compat.sh ($conf_name)\n";
}
my $opt = $data->{'opt'};
if( $opt )
{
print "\nrunning ssl-opt.sh $opt\n";
if( $data->{'opt_needs_debug'} )
{
print "\nrebuilding with debug traces for ssl-opt ($conf_name)\n";
$conf_name .= '+DEBUG';
$ENV{MBEDTLS_TEST_CONFIGURATION} = $conf_name;
system( "make clean" );
system( "scripts/config.py set MBEDTLS_DEBUG_C" );
system( "scripts/config.py set MBEDTLS_ERROR_C" );
system( "CFLAGS='-Os -Werror -Wall -Wextra' make" ) and abort "Failed to build: $conf_name\n";
}
print "\nrunning ssl-opt.sh $opt ($conf_name)\n";
system( "tests/ssl-opt.sh $opt" )
and abort "Failed ssl-opt.sh: $conf\n";
and abort "Failed ssl-opt.sh: $conf_name\n";
}
else
{
print "\nskipping ssl-opt.sh\n";
print "\nskipping ssl-opt.sh ($conf_name)\n";
}
}
while( my ($conf, $data) = each %configs ) {
my $test_with_psa = $data->{'test_again_with_use_psa'};
foreach my $conf ( @configs_to_test ) {
my $test_with_psa = $configs{$conf}{'test_again_with_use_psa'};
if ( $test_with_psa )
{
perform_test( $conf, $data, $test_with_psa );
perform_test( $conf, $configs{$conf}, $test_with_psa );
}
perform_test( $conf, $data, 0 );
perform_test( $conf, $configs{$conf}, 0 );
}
system( "mv $config_h.bak $config_h" ) and warn "$config_h not restored\n";

313
tests/ssl-opt.sh
View file

@ -263,6 +263,19 @@ requires_config_value_equals() {
fi
}
# Require Mbed TLS to support the given protocol version.
#
# Inputs:
# * $1: protocol version in mbedtls syntax (argument to force_version=)
requires_protocol_version() {
# Support for DTLS is detected separately in detect_dtls().
case "$1" in
tls12|dtls12) requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2;;
tls13|dtls13) requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3;;
*) echo "Unknown required protocol version: $1"; exit 1;;
esac
}
# Space-separated list of ciphersuites supported by this build of
# Mbed TLS.
P_CIPHERSUITES=" $($P_CLI --help 2>/dev/null |
@ -275,24 +288,105 @@ requires_ciphersuite_enabled() {
esac
}
# maybe_requires_ciphersuite_enabled CMD [RUN_TEST_OPTION...]
# If CMD (call to a TLS client or server program) requires a specific
# ciphersuite, arrange to only run the test case if this ciphersuite is
# enabled.
maybe_requires_ciphersuite_enabled() {
# detect_required_features CMD [RUN_TEST_OPTION...]
# If CMD (call to a TLS client or server program) requires certain features,
# arrange to only run the following test case if those features are enabled.
detect_required_features() {
case "$1" in
*\ force_ciphersuite=*) :;;
*) return;; # No specific required ciphersuite
*\ force_version=*)
tmp="${1##*\ force_version=}"
tmp="${tmp%%[!-0-9A-Z_a-z]*}"
requires_protocol_version "$tmp";;
esac
ciphersuite="${1##*\ force_ciphersuite=}"
ciphersuite="${ciphersuite%%[!-0-9A-Z_a-z]*}"
shift
requires_ciphersuite_enabled "$ciphersuite"
case "$1" in
*\ force_ciphersuite=*)
tmp="${1##*\ force_ciphersuite=}"
tmp="${tmp%%[!-0-9A-Z_a-z]*}"
requires_ciphersuite_enabled "$tmp";;
esac
unset ciphersuite
case " $1 " in
*[-_\ =]tickets=[^0]*)
requires_config_enabled MBEDTLS_SSL_TICKET_C;;
esac
case " $1 " in
*[-_\ =]alpn=*)
requires_config_enabled MBEDTLS_SSL_ALPN;;
esac
unset tmp
}
requires_certificate_authentication () {
if [ "$PSK_ONLY" = "YES" ]; then
SKIP_NEXT="YES"
fi
}
adapt_cmd_for_psk () {
case "$2" in
*openssl*) s='-psk abc123 -nocert';;
*gnutls-*) s='--pskkey=abc123';;
*) s='psk=abc123';;
esac
eval $1='"$2 $s"'
unset s
}
# maybe_adapt_for_psk [RUN_TEST_OPTION...]
# If running in a PSK-only build, maybe adapt the test to use a pre-shared key.
#
# If not running in a PSK-only build, do nothing.
# If the test looks like it doesn't use a pre-shared key but can run with a
# pre-shared key, pass a pre-shared key. If the test looks like it can't run
# with a pre-shared key, skip it. If the test looks like it's already using
# a pre-shared key, do nothing.
#
# This code does not consider builds with ECDHE-PSK or RSA-PSK.
#
# Inputs:
# * $CLI_CMD, $SRV_CMD, $PXY_CMD: client/server/proxy commands.
# * $PSK_ONLY: YES if running in a PSK-only build (no asymmetric key exchanges).
# * "$@": options passed to run_test.
#
# Outputs:
# * $CLI_CMD, $SRV_CMD: may be modified to add PSK-relevant arguments.
# * $SKIP_NEXT: set to YES if the test can't run with PSK.
maybe_adapt_for_psk() {
if [ "$PSK_ONLY" != "YES" ]; then
return
fi
if [ "$SKIP_NEXT" = "YES" ]; then
return
fi
case "$CLI_CMD $SRV_CMD" in
*[-_\ =]psk*|*[-_\ =]PSK*)
return;;
*force_ciphersuite*)
# The test case forces a non-PSK cipher suite. In some cases, a
# PSK cipher suite could be substituted, but we're not ready for
# that yet.
SKIP_NEXT="YES"
return;;
*\ auth_mode=*|*[-_\ =]crt[_=]*)
# The test case involves certificates. PSK won't do.
SKIP_NEXT="YES"
return;;
esac
adapt_cmd_for_psk CLI_CMD "$CLI_CMD"
adapt_cmd_for_psk SRV_CMD "$SRV_CMD"
}
case " $CONFIGS_ENABLED " in
*\ MBEDTLS_KEY_EXCHANGE_[^P]*) PSK_ONLY="NO";;
*\ MBEDTLS_KEY_EXCHANGE_P[^S]*) PSK_ONLY="NO";;
*\ MBEDTLS_KEY_EXCHANGE_PS[^K]*) PSK_ONLY="NO";;
*\ MBEDTLS_KEY_EXCHANGE_PSK[^_]*) PSK_ONLY="NO";;
*\ MBEDTLS_KEY_EXCHANGE_PSK_ENABLED\ *) PSK_ONLY="YES";;
*) PSK_ONLY="NO";;
esac
# skip next test if OpenSSL doesn't support FALLBACK_SCSV
requires_openssl_with_fallback_scsv() {
if [ -z "${OPENSSL_HAS_FBSCSV:-}" ]; then
@ -666,13 +760,11 @@ if type lsof >/dev/null 2>/dev/null; then
fi
# Make a tight loop, server normally takes less than 1s to start.
while true; do
SERVER_PIDS=$(lsof -a -n -b -i "$proto:$1" -F p)
SERVER_PIDS=$(lsof -a -n -b -i "$proto:$1" -t)
# When we use a proxy, it will be listening on the same port we
# are checking for as well as the server and lsof will list both.
# If multiple PIDs are returned, each one will be on a separate
# line, each prepended with 'p'.
case ${newline}${SERVER_PIDS}${newline} in
*${newline}p${2}${newline}*) break;;
*${newline}${2}${newline}*) break;;
esac
if [ $(( $(date +%s) - $START_TIME )) -gt $DOG_DELAY ]; then
echo "$3 START TIMEOUT"
@ -813,6 +905,39 @@ is_gnutls() {
esac
}
# Determine what calc_verify trace is to be expected, if any.
#
# calc_verify is only called for two things: to calculate the
# extended master secret, and to process client authentication.
#
# Warning: the current implementation assumes that extended_ms is not
# disabled on the client or on the server.
#
# Inputs:
# * $1: the value of the server auth_mode parameter.
# 'required' if client authentication is expected,
# 'none' or absent if not.
# * $CONFIGS_ENABLED
#
# Outputs:
# * $maybe_calc_verify: set to a trace expected in the debug logs
set_maybe_calc_verify() {
maybe_calc_verify=
case $CONFIGS_ENABLED in
*\ MBEDTLS_SSL_EXTENDED_MASTER_SECRET\ *) :;;
*)
case ${1-} in
''|none) return;;
required) :;;
*) echo "Bad parameter 1 to set_maybe_calc_verify: $1"; exit 1;;
esac
esac
case $CONFIGS_ENABLED in
*\ MBEDTLS_USE_PSA_CRYPTO\ *) maybe_calc_verify="PSA calc verify";;
*) maybe_calc_verify="<= calc verify";;
esac
}
# Compare file content
# Usage: find_in_both pattern file1 file2
# extract from file1 the first line matching the pattern
@ -839,11 +964,15 @@ skip_handshake_stage_check() {
#
# Analyze and possibly instrument $PXY_CMD, $CLI_CMD, $SRV_CMD to pass
# extra arguments or go through wrappers.
# Set $DTLS (0=TLS, 1=DTLS).
#
# Inputs:
# * $@: supplemental options to run_test() (after the mandatory arguments).
# * $CLI_CMD, $PXY_CMD, $SRV_CMD: the client, proxy and server commands.
# * $DTLS: 1 if DTLS, otherwise 0.
#
# Outputs:
# * $CLI_CMD, $PXY_CMD, $SRV_CMD: may be tweaked.
analyze_test_commands() {
# update DTLS variable
detect_dtls "$SRV_CMD"
# if the test uses DTLS but no custom proxy, add a simple proxy
# as it provides timing info that's useful to debug failures
if [ -z "$PXY_CMD" ] && [ "$DTLS" -eq 1 ]; then
@ -1150,9 +1279,19 @@ run_test() {
requires_config_enabled MBEDTLS_FS_IO;;
esac
# If the client or serve requires a ciphersuite, check that it's enabled.
maybe_requires_ciphersuite_enabled "$SRV_CMD" "$@"
maybe_requires_ciphersuite_enabled "$CLI_CMD" "$@"
# Check if the test uses DTLS.
detect_dtls "$SRV_CMD"
if [ "$DTLS" -eq 1 ]; then
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
fi
# If the client or server requires certain features that can be detected
# from their command-line arguments, check that they're enabled.
detect_required_features "$SRV_CMD" "$@"
detect_required_features "$CLI_CMD" "$@"
# If we're in a PSK-only build and the test can be adapted to PSK, do that.
maybe_adapt_for_psk "$@"
# should we skip?
if [ "X$SKIP_NEXT" = "XYES" ]; then
@ -1193,43 +1332,41 @@ run_test() {
}
run_test_psa() {
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
set_maybe_calc_verify none
run_test "PSA-supported ciphersuite: $1" \
"$P_SRV debug_level=3 force_version=tls12" \
"$P_CLI debug_level=3 force_ciphersuite=$1" \
0 \
-c "PSA calc verify" \
-c "$maybe_calc_verify" \
-c "calc PSA finished" \
-s "PSA calc verify" \
-s "$maybe_calc_verify" \
-s "calc PSA finished" \
-C "Failed to setup PSA-based cipher context"\
-S "Failed to setup PSA-based cipher context"\
-s "Protocol is TLSv1.2" \
-c "Perform PSA-based ECDH computation."\
-c "Perform PSA-based computation of digest of ServerKeyExchange" \
-S "error" \
-C "error"
unset maybe_calc_verify
}
run_test_psa_force_curve() {
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
set_maybe_calc_verify none
run_test "PSA - ECDH with $1" \
"$P_SRV debug_level=4 force_version=tls12 curves=$1" \
"$P_CLI debug_level=4 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 curves=$1" \
0 \
-c "PSA calc verify" \
-c "$maybe_calc_verify" \
-c "calc PSA finished" \
-s "PSA calc verify" \
-s "$maybe_calc_verify" \
-s "calc PSA finished" \
-C "Failed to setup PSA-based cipher context"\
-S "Failed to setup PSA-based cipher context"\
-s "Protocol is TLSv1.2" \
-c "Perform PSA-based ECDH computation."\
-c "Perform PSA-based computation of digest of ServerKeyExchange" \
-S "error" \
-C "error"
unset maybe_calc_verify
}
# Test that the server's memory usage after a handshake is reduced when a client specifies
@ -1447,8 +1584,10 @@ trap cleanup INT TERM HUP
# Checks that:
# - things work with all ciphersuites active (used with config-full in all.sh)
# - the expected parameters are selected
# ("signature_algorithm ext: 6" means SHA-512 (highest common hash))
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_ciphersuite_enabled TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256
requires_config_enabled MBEDTLS_SHA512_C # "signature_algorithm ext: 6"
requires_config_enabled MBEDTLS_ECP_DP_CURVE25519_ENABLED
run_test "Default" \
"$P_SRV debug_level=3" \
"$P_CLI" \
@ -1461,6 +1600,7 @@ run_test "Default" \
-C "error"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_ciphersuite_enabled TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256
run_test "Default, DTLS" \
"$P_SRV dtls=1" \
"$P_CLI dtls=1" \
@ -2734,6 +2874,7 @@ run_test "Encrypt then MAC: client disabled, server enabled" \
# Tests for Extended Master Secret extension
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_EXTENDED_MASTER_SECRET
run_test "Extended Master Secret: default" \
"$P_SRV debug_level=3" \
"$P_CLI debug_level=3" \
@ -2746,6 +2887,7 @@ run_test "Extended Master Secret: default" \
-s "session hash for extended master secret"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_EXTENDED_MASTER_SECRET
run_test "Extended Master Secret: client enabled, server disabled" \
"$P_SRV debug_level=3 extended_ms=0" \
"$P_CLI debug_level=3 extended_ms=1" \
@ -2758,6 +2900,7 @@ run_test "Extended Master Secret: client enabled, server disabled" \
-S "session hash for extended master secret"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_EXTENDED_MASTER_SECRET
run_test "Extended Master Secret: client disabled, server enabled" \
"$P_SRV debug_level=3 extended_ms=1" \
"$P_CLI debug_level=3 extended_ms=0" \
@ -2807,7 +2950,6 @@ run_test "Encrypt then MAC, DTLS: disabled, empty application data record" \
# Tests for CBC 1/n-1 record splitting
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "CBC Record splitting: TLS 1.2, no splitting" \
"$P_SRV force_version=tls12" \
"$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \
@ -3233,6 +3375,7 @@ run_test "Session resume using tickets, DTLS: openssl client" \
# Tests for Session Resume based on session-ID and cache
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_CACHE_C
run_test "Session resume using cache: tickets enabled on client" \
"$P_SRV debug_level=3 tickets=0" \
"$P_CLI debug_level=3 tickets=1 reconnect=1" \
@ -3248,6 +3391,7 @@ run_test "Session resume using cache: tickets enabled on client" \
-c "a session has been resumed"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_CACHE_C
run_test "Session resume using cache: tickets enabled on server" \
"$P_SRV debug_level=3 tickets=1" \
"$P_CLI debug_level=3 tickets=0 reconnect=1" \
@ -3263,6 +3407,7 @@ run_test "Session resume using cache: tickets enabled on server" \
-c "a session has been resumed"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_CACHE_C
run_test "Session resume using cache: cache_max=0" \
"$P_SRV debug_level=3 tickets=0 cache_max=0" \
"$P_CLI debug_level=3 tickets=0 reconnect=1" \
@ -3273,6 +3418,7 @@ run_test "Session resume using cache: cache_max=0" \
-C "a session has been resumed"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_CACHE_C
run_test "Session resume using cache: cache_max=1" \
"$P_SRV debug_level=3 tickets=0 cache_max=1" \
"$P_CLI debug_level=3 tickets=0 reconnect=1" \
@ -3283,6 +3429,7 @@ run_test "Session resume using cache: cache_max=1" \
-c "a session has been resumed"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_CACHE_C
run_test "Session resume using cache: timeout > delay" \
"$P_SRV debug_level=3 tickets=0" \
"$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=0" \
@ -3293,6 +3440,7 @@ run_test "Session resume using cache: timeout > delay" \
-c "a session has been resumed"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_CACHE_C
run_test "Session resume using cache: timeout < delay" \
"$P_SRV debug_level=3 tickets=0 cache_timeout=1" \
"$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=2" \
@ -3303,6 +3451,7 @@ run_test "Session resume using cache: timeout < delay" \
-C "a session has been resumed"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_CACHE_C
run_test "Session resume using cache: no timeout" \
"$P_SRV debug_level=3 tickets=0 cache_timeout=0" \
"$P_CLI debug_level=3 tickets=0 reconnect=1 reco_delay=2" \
@ -3313,6 +3462,7 @@ run_test "Session resume using cache: no timeout" \
-c "a session has been resumed"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_CACHE_C
run_test "Session resume using cache: session copy" \
"$P_SRV debug_level=3 tickets=0" \
"$P_CLI debug_level=3 tickets=0 reconnect=1 reco_mode=0" \
@ -3323,6 +3473,7 @@ run_test "Session resume using cache: session copy" \
-c "a session has been resumed"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_CACHE_C
run_test "Session resume using cache: openssl client" \
"$P_SRV debug_level=3 tickets=0" \
"( $O_CLI -sess_out $SESSION; \
@ -3336,6 +3487,7 @@ run_test "Session resume using cache: openssl client" \
-s "a session has been resumed"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_CACHE_C
run_test "Session resume using cache: openssl server" \
"$O_SRV -tls1_2" \
"$P_CLI debug_level=3 tickets=0 reconnect=1" \
@ -3347,6 +3499,7 @@ run_test "Session resume using cache: openssl server" \
# Tests for Session Resume based on session-ID and cache, DTLS
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_CACHE_C
run_test "Session resume using cache, DTLS: tickets enabled on client" \
"$P_SRV dtls=1 debug_level=3 tickets=0" \
"$P_CLI dtls=1 debug_level=3 tickets=1 reconnect=1 skip_close_notify=1" \
@ -3362,6 +3515,7 @@ run_test "Session resume using cache, DTLS: tickets enabled on client" \
-c "a session has been resumed"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_CACHE_C
run_test "Session resume using cache, DTLS: tickets enabled on server" \
"$P_SRV dtls=1 debug_level=3 tickets=1" \
"$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1" \
@ -3377,6 +3531,7 @@ run_test "Session resume using cache, DTLS: tickets enabled on server" \
-c "a session has been resumed"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_CACHE_C
run_test "Session resume using cache, DTLS: cache_max=0" \
"$P_SRV dtls=1 debug_level=3 tickets=0 cache_max=0" \
"$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1" \
@ -3387,6 +3542,7 @@ run_test "Session resume using cache, DTLS: cache_max=0" \
-C "a session has been resumed"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_CACHE_C
run_test "Session resume using cache, DTLS: cache_max=1" \
"$P_SRV dtls=1 debug_level=3 tickets=0 cache_max=1" \
"$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1" \
@ -3397,6 +3553,7 @@ run_test "Session resume using cache, DTLS: cache_max=1" \
-c "a session has been resumed"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_CACHE_C
run_test "Session resume using cache, DTLS: timeout > delay" \
"$P_SRV dtls=1 debug_level=3 tickets=0" \
"$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1 reco_delay=0" \
@ -3407,6 +3564,7 @@ run_test "Session resume using cache, DTLS: timeout > delay" \
-c "a session has been resumed"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_CACHE_C
run_test "Session resume using cache, DTLS: timeout < delay" \
"$P_SRV dtls=1 debug_level=3 tickets=0 cache_timeout=1" \
"$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1 reco_delay=2" \
@ -3417,6 +3575,7 @@ run_test "Session resume using cache, DTLS: timeout < delay" \
-C "a session has been resumed"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_CACHE_C
run_test "Session resume using cache, DTLS: no timeout" \
"$P_SRV dtls=1 debug_level=3 tickets=0 cache_timeout=0" \
"$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1 reco_delay=2" \
@ -3427,6 +3586,7 @@ run_test "Session resume using cache, DTLS: no timeout" \
-c "a session has been resumed"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_CACHE_C
run_test "Session resume using cache, DTLS: session copy" \
"$P_SRV dtls=1 debug_level=3 tickets=0" \
"$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1 skip_close_notify=1 reco_mode=0" \
@ -3440,6 +3600,7 @@ run_test "Session resume using cache, DTLS: session copy" \
# probability with OpenSSL 1.0.2g on the CI, see #5012.
requires_openssl_next
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_CACHE_C
run_test "Session resume using cache, DTLS: openssl client" \
"$P_SRV dtls=1 debug_level=3 tickets=0" \
"( $O_NEXT_CLI -dtls -sess_out $SESSION; \
@ -3453,6 +3614,7 @@ run_test "Session resume using cache, DTLS: openssl client" \
-s "a session has been resumed"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_CACHE_C
run_test "Session resume using cache, DTLS: openssl server" \
"$O_SRV -dtls" \
"$P_CLI dtls=1 debug_level=3 tickets=0 reconnect=1" \
@ -5038,7 +5200,6 @@ run_test "Authentication, CA callback: client max_int chain, server required"
# Tests for certificate selection based on SHA verson
requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Certificate hash: client TLS 1.2 -> SHA-2" \
"$P_SRV force_version=tls12 crt_file=data_files/server5.crt \
key_file=data_files/server5.key \
@ -6536,23 +6697,38 @@ run_test "ClientHello without extensions" \
# Tests for mbedtls_ssl_get_bytes_avail()
# The server first reads buffer_size-1 bytes, then reads the remainder.
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "mbedtls_ssl_get_bytes_avail: no extra data" \
"$P_SRV" \
"$P_SRV buffer_size=100" \
"$P_CLI request_size=100" \
0 \
-s "Read from client: 100 bytes read$"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "mbedtls_ssl_get_bytes_avail: extra data" \
"$P_SRV" \
"$P_CLI request_size=500" \
run_test "mbedtls_ssl_get_bytes_avail: extra data (+1)" \
"$P_SRV buffer_size=100" \
"$P_CLI request_size=101" \
0 \
-s "Read from client: 500 bytes read (.*+.*)"
-s "Read from client: 101 bytes read (100 + 1)"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_max_content_len 200
run_test "mbedtls_ssl_get_bytes_avail: extra data (*2)" \
"$P_SRV buffer_size=100" \
"$P_CLI request_size=200" \
0 \
-s "Read from client: 200 bytes read (100 + 100)"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "mbedtls_ssl_get_bytes_avail: extra data (max)" \
"$P_SRV buffer_size=100" \
"$P_CLI request_size=$MAX_CONTENT_LEN" \
0 \
-s "Read from client: $MAX_CONTENT_LEN bytes read (100 + $((MAX_CONTENT_LEN - 100)))"
# Tests for small client packets
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Small client packet TLS 1.2 BlockCipher" \
"$P_SRV force_version=tls12" \
"$P_CLI request_size=1 \
@ -6560,7 +6736,6 @@ run_test "Small client packet TLS 1.2 BlockCipher" \
0 \
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Small client packet TLS 1.2 BlockCipher, without EtM" \
"$P_SRV force_version=tls12" \
"$P_CLI request_size=1 \
@ -6568,7 +6743,6 @@ run_test "Small client packet TLS 1.2 BlockCipher, without EtM" \
0 \
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Small client packet TLS 1.2 BlockCipher larger MAC" \
"$P_SRV force_version=tls12" \
"$P_CLI request_size=1 \
@ -6576,7 +6750,6 @@ run_test "Small client packet TLS 1.2 BlockCipher larger MAC" \
0 \
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Small client packet TLS 1.2 AEAD" \
"$P_SRV force_version=tls12" \
"$P_CLI request_size=1 \
@ -6584,7 +6757,6 @@ run_test "Small client packet TLS 1.2 AEAD" \
0 \
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Small client packet TLS 1.2 AEAD shorter tag" \
"$P_SRV force_version=tls12" \
"$P_CLI request_size=1 \
@ -6595,7 +6767,6 @@ run_test "Small client packet TLS 1.2 AEAD shorter tag" \
# Tests for small client packets in DTLS
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Small client packet DTLS 1.2" \
"$P_SRV dtls=1 force_version=dtls12" \
"$P_CLI dtls=1 request_size=1 \
@ -6604,7 +6775,6 @@ run_test "Small client packet DTLS 1.2" \
-s "Read from client: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Small client packet DTLS 1.2, without EtM" \
"$P_SRV dtls=1 force_version=dtls12 etm=0" \
"$P_CLI dtls=1 request_size=1 \
@ -6614,35 +6784,30 @@ run_test "Small client packet DTLS 1.2, without EtM" \
# Tests for small server packets
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Small server packet TLS 1.2 BlockCipher" \
"$P_SRV response_size=1 force_version=tls12" \
"$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
0 \
-c "Read from server: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Small server packet TLS 1.2 BlockCipher, without EtM" \
"$P_SRV response_size=1 force_version=tls12" \
"$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
0 \
-c "Read from server: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Small server packet TLS 1.2 BlockCipher larger MAC" \
"$P_SRV response_size=1 force_version=tls12" \
"$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
0 \
-c "Read from server: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Small server packet TLS 1.2 AEAD" \
"$P_SRV response_size=1 force_version=tls12" \
"$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
0 \
-c "Read from server: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Small server packet TLS 1.2 AEAD shorter tag" \
"$P_SRV response_size=1 force_version=tls12" \
"$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
@ -6652,7 +6817,6 @@ run_test "Small server packet TLS 1.2 AEAD shorter tag" \
# Tests for small server packets in DTLS
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Small server packet DTLS 1.2" \
"$P_SRV dtls=1 response_size=1 force_version=dtls12" \
"$P_CLI dtls=1 \
@ -6661,7 +6825,6 @@ run_test "Small server packet DTLS 1.2" \
-c "Read from server: 1 bytes read"
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Small server packet DTLS 1.2, without EtM" \
"$P_SRV dtls=1 response_size=1 force_version=dtls12 etm=0" \
"$P_CLI dtls=1 \
@ -6676,7 +6839,6 @@ fragments_for_write() {
echo "$(( ( $1 + $MAX_OUT_LEN - 1 ) / $MAX_OUT_LEN ))"
}
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Large client packet TLS 1.2 BlockCipher" \
"$P_SRV force_version=tls12" \
"$P_CLI request_size=16384 \
@ -6685,7 +6847,6 @@ run_test "Large client packet TLS 1.2 BlockCipher" \
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
-s "Read from client: $MAX_CONTENT_LEN bytes read"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Large client packet TLS 1.2 BlockCipher, without EtM" \
"$P_SRV force_version=tls12" \
"$P_CLI request_size=16384 etm=0 \
@ -6693,7 +6854,6 @@ run_test "Large client packet TLS 1.2 BlockCipher, without EtM" \
0 \
-s "Read from client: $MAX_CONTENT_LEN bytes read"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Large client packet TLS 1.2 BlockCipher larger MAC" \
"$P_SRV force_version=tls12" \
"$P_CLI request_size=16384 \
@ -6702,7 +6862,6 @@ run_test "Large client packet TLS 1.2 BlockCipher larger MAC" \
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
-s "Read from client: $MAX_CONTENT_LEN bytes read"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Large client packet TLS 1.2 AEAD" \
"$P_SRV force_version=tls12" \
"$P_CLI request_size=16384 \
@ -6711,7 +6870,6 @@ run_test "Large client packet TLS 1.2 AEAD" \
-c "16384 bytes written in $(fragments_for_write 16384) fragments" \
-s "Read from client: $MAX_CONTENT_LEN bytes read"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Large client packet TLS 1.2 AEAD shorter tag" \
"$P_SRV force_version=tls12" \
"$P_CLI request_size=16384 \
@ -6721,14 +6879,12 @@ run_test "Large client packet TLS 1.2 AEAD shorter tag" \
-s "Read from client: $MAX_CONTENT_LEN bytes read"
# The tests below fail when the server's OUT_CONTENT_LEN is less than 16384.
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Large server packet TLS 1.2 BlockCipher" \
"$P_SRV response_size=16384 force_version=tls12" \
"$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
0 \
-c "Read from server: 16384 bytes read"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Large server packet TLS 1.2 BlockCipher, without EtM" \
"$P_SRV response_size=16384 force_version=tls12" \
"$P_CLI etm=0 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
@ -6736,14 +6892,12 @@ run_test "Large server packet TLS 1.2 BlockCipher, without EtM" \
-s "16384 bytes written in 1 fragments" \
-c "Read from server: 16384 bytes read"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Large server packet TLS 1.2 BlockCipher larger MAC" \
"$P_SRV response_size=16384 force_version=tls12" \
"$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
0 \
-c "Read from server: 16384 bytes read"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Large server packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
"$P_SRV response_size=16384 trunc_hmac=1 force_version=tls12" \
"$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
@ -6751,14 +6905,12 @@ run_test "Large server packet TLS 1.2 BlockCipher, without EtM, truncated MAC
-s "16384 bytes written in 1 fragments" \
-c "Read from server: 16384 bytes read"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Large server packet TLS 1.2 AEAD" \
"$P_SRV response_size=16384 force_version=tls12" \
"$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
0 \
-c "Read from server: 16384 bytes read"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Large server packet TLS 1.2 AEAD shorter tag" \
"$P_SRV response_size=16384 force_version=tls12" \
"$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
@ -8329,10 +8481,8 @@ run_test "DTLS fragmenting: proxy MTU + 3d, nbio" \
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_gnutls
requires_max_content_len 2048
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "DTLS fragmenting: gnutls server, DTLS 1.2" \
"$G_SRV -u" \
"$P_CLI dtls=1 debug_level=2 \
@ -8353,11 +8503,9 @@ run_test "DTLS fragmenting: gnutls server, DTLS 1.2" \
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_gnutls
requires_not_i686
requires_max_content_len 2048
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "DTLS fragmenting: gnutls client, DTLS 1.2" \
"$P_SRV dtls=1 debug_level=2 \
crt_file=data_files/server7_int-ca.crt \
@ -8370,9 +8518,7 @@ run_test "DTLS fragmenting: gnutls client, DTLS 1.2" \
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_max_content_len 2048
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "DTLS fragmenting: openssl server, DTLS 1.2" \
"$O_SRV -dtls1_2 -verify 10" \
"$P_CLI dtls=1 debug_level=2 \
@ -8386,9 +8532,7 @@ run_test "DTLS fragmenting: openssl server, DTLS 1.2" \
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_max_content_len 2048
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "DTLS fragmenting: openssl client, DTLS 1.2" \
"$P_SRV dtls=1 debug_level=2 \
crt_file=data_files/server7_int-ca.crt \
@ -8406,10 +8550,8 @@ requires_gnutls_next
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
client_needs_more_time 4
requires_max_content_len 2048
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "DTLS fragmenting: 3d, gnutls server, DTLS 1.2" \
-p "$P_PXY drop=8 delay=8 duplicate=8" \
"$G_NEXT_SRV -u" \
@ -8425,10 +8567,8 @@ requires_gnutls_next
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
client_needs_more_time 4
requires_max_content_len 2048
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "DTLS fragmenting: 3d, gnutls client, DTLS 1.2" \
-p "$P_PXY drop=8 delay=8 duplicate=8" \
"$P_SRV dtls=1 debug_level=2 \
@ -8448,10 +8588,8 @@ skip_next_test
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
client_needs_more_time 4
requires_max_content_len 2048
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.2" \
-p "$P_PXY drop=8 delay=8 duplicate=8" \
"$O_SRV -dtls1_2 -verify 10" \
@ -8467,10 +8605,8 @@ skip_next_test
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_RSA_C
requires_config_enabled MBEDTLS_ECDSA_C
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
client_needs_more_time 4
requires_max_content_len 2048
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "DTLS fragmenting: 3d, openssl client, DTLS 1.2" \
-p "$P_PXY drop=8 delay=8 duplicate=8" \
"$P_SRV dtls=1 debug_level=2 \
@ -9186,6 +9322,7 @@ run_test "DTLS proxy: delay ChangeCipherSpec" \
# Tests for reordering support with DTLS
requires_certificate_authentication
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "DTLS reordering: Buffer out-of-order handshake message on client" \
-p "$P_PXY delay_srv=ServerHello" \
@ -9203,6 +9340,7 @@ run_test "DTLS reordering: Buffer out-of-order handshake message on client" \
-S "Injecting buffered CCS message" \
-S "Remember CCS message"
requires_certificate_authentication
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "DTLS reordering: Buffer out-of-order handshake message fragment on client" \
-p "$P_PXY delay_srv=ServerHello" \
@ -9226,6 +9364,7 @@ run_test "DTLS reordering: Buffer out-of-order handshake message fragment on
# Certificate message; at the time of writing, together these are aroudn 1200b
# in size, so that the bound below ensures that the certificate can be reassembled
# while keeping the ServerKeyExchange.
requires_certificate_authentication
requires_config_value_at_least "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 1300
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling next" \
@ -9248,6 +9387,7 @@ run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling nex
# The size constraints ensure that the delayed certificate message can't
# be reassembled while keeping the ServerKeyExchange message, but it can
# when dropping it first.
requires_certificate_authentication
requires_config_value_at_least "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 900
requires_config_value_at_most "MBEDTLS_SSL_DTLS_MAX_BUFFERING" 1299
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
@ -9268,6 +9408,7 @@ run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling nex
-S "Injecting buffered CCS message" \
-S "Remember CCS message"
requires_certificate_authentication
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "DTLS reordering: Buffer out-of-order handshake message on server" \
-p "$P_PXY delay_cli=Certificate" \
@ -9285,6 +9426,7 @@ run_test "DTLS reordering: Buffer out-of-order handshake message on server" \
-S "Injecting buffered CCS message" \
-S "Remember CCS message"
requires_certificate_authentication
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "DTLS reordering: Buffer out-of-order CCS message on client"\
-p "$P_PXY delay_srv=NewSessionTicket" \
@ -9302,6 +9444,7 @@ run_test "DTLS reordering: Buffer out-of-order CCS message on client"\
-S "Injecting buffered CCS message" \
-S "Remember CCS message"
requires_certificate_authentication
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "DTLS reordering: Buffer out-of-order CCS message on server"\
-p "$P_PXY delay_cli=ClientKeyExchange" \
@ -9439,6 +9582,7 @@ run_test "DTLS proxy: 3d, max handshake, nbio" \
client_needs_more_time 4
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_CACHE_C
run_test "DTLS proxy: 3d, min handshake, resumption" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \
"$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
@ -9454,6 +9598,7 @@ run_test "DTLS proxy: 3d, min handshake, resumption" \
client_needs_more_time 4
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_CACHE_C
run_test "DTLS proxy: 3d, min handshake, resumption, nbio" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \
"$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
@ -10184,9 +10329,9 @@ run_test "TLS 1.3: HRR check, ciphersuite TLS_AES_256_GCM_SHA384 - openssl" \
-c "Protocol is TLSv1.3" \
-c "HTTP/1.0 200 ok"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_gnutls_tls1_3
requires_gnutls_next_no_ticket
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
@ -10200,9 +10345,9 @@ run_test "TLS 1.3: HRR check, ciphersuite TLS_AES_128_GCM_SHA256 - gnutls" \
-c "Protocol is TLSv1.3" \
-c "HTTP/1.0 200 OK"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_gnutls_tls1_3
requires_gnutls_next_no_ticket
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C