| /third_party/openssl/test/ssl-tests/ |
| D | 26-tls13_client_auth.cnf | 5 test-0 = 0-server-auth-TLSv1.3
6 test-1 = 1-client-auth-TLSv1.3-request
7 test-2 = 2-client-auth-TLSv1.3-require-fail
8 test-3 = 3-client-auth-TLSv1.3-require
9 test-4 = 4-client-auth-TLSv1.3-require-non-empty-names
10 test-5 = 5-client-auth-TLSv1.3-noroot
11 test-6 = 6-client-auth-TLSv1.3-request-post-handshake
12 test-7 = 7-client-auth-TLSv1.3-require-fail-post-handshake
13 test-8 = 8-client-auth-TLSv1.3-require-post-handshake
14 test-9 = 9-client-auth-TLSv1.3-require-non-empty-names-post-handshake
[all …]
|
| D | 26-tls13_client_auth.cnf.in | 1 # -*- mode: perl; -*-
2 # Copyright 2018-2020 The OpenSSL Project Authors. All Rights Reserved.
10 ## Test TLSv1.3 certificate authentication
11 ## Similar to 04-client_auth.cnf.in output, but specific for
12 ## TLSv1.3 and post-handshake authentication
22 name => "server-auth-TLSv1.3",
24 "MinProtocol" => "TLSv1.3",
25 "MaxProtocol" => "TLSv1.3",
28 "MinProtocol" => "TLSv1.3",
29 "MaxProtocol" => "TLSv1.3",
[all …]
|
| D | 04-client_auth.cnf | 5 test-0 = 0-server-auth-flex
6 test-1 = 1-client-auth-flex-request
7 test-2 = 2-client-auth-flex-require-fail
8 test-3 = 3-client-auth-flex-require
9 test-4 = 4-client-auth-flex-require-non-empty-names
10 test-5 = 5-client-auth-flex-noroot
11 test-6 = 6-server-auth-TLSv1
12 test-7 = 7-client-auth-TLSv1-request
13 test-8 = 8-client-auth-TLSv1-require-fail
14 test-9 = 9-client-auth-TLSv1-require
[all …]
|
| D | 02-protocol-version.cnf | 5 test-0 = 0-version-negotiation
6 test-1 = 1-version-negotiation
7 test-2 = 2-version-negotiation
8 test-3 = 3-version-negotiation
9 test-4 = 4-version-negotiation
10 test-5 = 5-version-negotiation
11 test-6 = 6-version-negotiation
12 test-7 = 7-version-negotiation
13 test-8 = 8-version-negotiation
14 test-9 = 9-version-negotiation
[all …]
|
| D | 10-resumption.cnf | 5 test-0 = 0-resumption
6 test-1 = 1-resumption
7 test-2 = 2-resumption
8 test-3 = 3-resumption
9 test-4 = 4-resumption
10 test-5 = 5-resumption
11 test-6 = 6-resumption
12 test-7 = 7-resumption
13 test-8 = 8-resumption
14 test-9 = 9-resumption
[all …]
|
| D | 14-curves.cnf | 5 test-0 = 0-curve-prime256v1
6 test-1 = 1-curve-secp384r1
7 test-2 = 2-curve-secp521r1
8 test-3 = 3-curve-X25519
9 test-4 = 4-curve-X448
10 test-5 = 5-curve-sect233k1
11 test-6 = 6-curve-sect233r1
12 test-7 = 7-curve-sect283k1
13 test-8 = 8-curve-sect283r1
14 test-9 = 9-curve-sect409k1
[all …]
|
| D | 25-cipher.cnf.in | 1 # -*- mode: perl; -*-
2 # Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
22 name => "cipher-server-1",
24 "MaxProtocol" => "TLSv1.2",
25 "CipherString" => "ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256",
28 "MaxProtocol" => "TLSv1.2",
29 "CipherString" => "ECDHE-RSA-AES256-SHA384"
32 "ExpectedCipher" => "ECDHE-RSA-AES256-SHA384",
36 name => "cipher-server-2",
38 "MaxProtocol" => "TLSv1.2",
[all …]
|
| D | 17-renegotiate.cnf.in | 1 # -*- mode: perl; -*-
2 # Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved.
20 name => "renegotiate-client-no-resume",
23 "MaxProtocol" => "TLSv1.2"
34 name => "renegotiate-client-resume",
36 "MaxProtocol" => "TLSv1.2"
47 name => "renegotiate-server-no-resume",
50 "MaxProtocol" => "TLSv1.2"
61 name => "renegotiate-server-resume",
63 "MaxProtocol" => "TLSv1.2"
[all …]
|
| D | 08-npn.cnf.in | 1 # -*- mode: perl; -*-
2 # Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
10 ## Test NPN. Note that NPN is only supported up to TLSv1.2
19 name => "npn-simple",
29 "MaxProtocol" => "TLSv1.2"
36 name => "npn-client-finds-match",
46 "MaxProtocol" => "TLSv1.2"
53 name => "npn-client-honours-server-pref",
63 "MaxProtocol" => "TLSv1.2"
70 name => "npn-client-first-pref-on-mismatch",
[all …]
|
| D | 14-curves.cnf.in | 1 # -*- mode: perl; -*-
36 name => "curve-${curve}",
39 "MaxProtocol" => "TLSv1.3"
43 "MaxProtocol" => "TLSv1.3",
48 "ExpectedProtocol" => "TLSv1.3",
56 name => "curve-${curve}",
59 "MaxProtocol" => "TLSv1.3"
63 "MaxProtocol" => "TLSv1.2",
68 "ExpectedProtocol" => "TLSv1.2",
76 name => "curve-${curve}-tls12-in-tls13",
[all …]
|
| D | 20-cert-select.cnf.in | 1 # -*- mode: perl; -*-
16 "ECDSA.Certificate" => test_pem("server-ecdsa-cert.pem"),
17 "ECDSA.PrivateKey" => test_pem("server-ecdsa-key.pem"),
18 "Ed25519.Certificate" => test_pem("server-ed25519-cert.pem"),
19 "Ed25519.PrivateKey" => test_pem("server-ed25519-key.pem"),
20 "Ed448.Certificate" => test_pem("server-ed448-cert.pem"),
21 "Ed448.PrivateKey" => test_pem("server-ed448-key.pem"),
22 "MaxProtocol" => "TLSv1.2"
26 "PSS.Certificate" => test_pem("server-pss-cert.pem"),
27 "PSS.PrivateKey" => test_pem("server-pss-key.pem"),
[all …]
|
| D | protocol_version.pm | 1 # -*- mode: perl; -*-
2 # Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
23 my @tls_protocols = ("SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3");
24 my @tls_protocols_fips = ("TLSv1.2", "TLSv1.3");
26 my @min_tls_protocols = (undef, "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3");
27 my @min_tls_protocols_fips = (undef, "TLSv1.2", "TLSv1.3");
28 my @max_tls_protocols = ("SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3", undef);
29 my @max_tls_protocols_fips = ("TLSv1.2", "TLSv1.3", undef);
38 # $no_tls1_1 disables TLSv1.1 and below.
68 && ($protocols[$i] ne "TLSv1.3"
[all …]
|
| D | 19-mac-then-encrypt.cnf.in | 1 # -*- mode: perl; -*-
2 # Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
20 name => "disable-encrypt-then-mac-server-sha",
22 "Options" => "-EncryptThenMac",
25 "CipherString" => "AES128-SHA",
26 "MaxProtocol" => "TLSv1.2"
33 name => "disable-encrypt-then-mac-client-sha",
37 "CipherString" => "AES128-SHA",
38 "Options" => "-EncryptThenMac",
39 "MaxProtocol" => "TLSv1.2"
[all …]
|
| /third_party/wpa_supplicant/wpa_supplicant-2.9_standard/src/tls/ |
| D | tlsv1_client_read.c | 2 * TLSv1 client - read handshake message
3 * Copyright (c) 2006-2015, Jouni Malinen <j@w1.fi>
32 return (((conn->flags & TLS_CONN_DISABLE_TLSv1_0) && in tls_version_disabled()
34 ((conn->flags & TLS_CONN_DISABLE_TLSv1_1) && in tls_version_disabled()
36 ((conn->flags & TLS_CONN_DISABLE_TLSv1_2) && in tls_version_disabled()
46 wpa_hexdump(MSG_MSGDUMP, "TLSv1: ServerHello extensions", in tls_process_server_hello_extensions()
51 if (end - pos < 4) { in tls_process_server_hello_extensions()
52 wpa_printf(MSG_INFO, "TLSv1: Truncated ServerHello extension header"); in tls_process_server_hello_extensions()
53 return -1; in tls_process_server_hello_extensions()
61 if (elen > end - pos) { in tls_process_server_hello_extensions()
[all …]
|
| D | tlsv1_record.c | 2 * TLSv1 Record Protocol
3 * Copyright (c) 2006-2011, Jouni Malinen <j@w1.fi>
20 * tlsv1_record_set_cipher_suite - TLS record layer: Set cipher suite
23 * Returns: 0 on success, -1 on failure
36 wpa_printf(MSG_DEBUG, "TLSv1: Selected cipher suite: 0x%04x", in tlsv1_record_set_cipher_suite()
38 rl->cipher_suite = cipher_suite; in tlsv1_record_set_cipher_suite()
42 return -1; in tlsv1_record_set_cipher_suite()
44 if (suite->hash == TLS_HASH_MD5) { in tlsv1_record_set_cipher_suite()
45 rl->hash_alg = CRYPTO_HASH_ALG_HMAC_MD5; in tlsv1_record_set_cipher_suite()
46 rl->hash_size = MD5_MAC_LEN; in tlsv1_record_set_cipher_suite()
[all …]
|
| D | tlsv1_client.c | 3 * Copyright (c) 2006-2019, Jouni Malinen <j@w1.fi>
27 conn->alert_level = level; in tls_alert()
28 conn->alert_description = description; in tls_alert()
34 os_free(conn->dh_p); in tlsv1_client_free_dh()
35 os_free(conn->dh_g); in tlsv1_client_free_dh()
36 os_free(conn->dh_ys); in tlsv1_client_free_dh()
37 conn->dh_p = conn->dh_g = conn->dh_ys = NULL; in tlsv1_client_free_dh()
47 if ((conn->flags & TLS_CONN_DISABLE_TLSv1_2) && in tls_client_highest_ver()
52 if ((conn->flags & TLS_CONN_DISABLE_TLSv1_1) && in tls_client_highest_ver()
56 if ((conn->flags & TLS_CONN_DISABLE_TLSv1_0) && in tls_client_highest_ver()
[all …]
|
| /third_party/curl/docs/cmdline-opts/ |
| D | tls-max.md | 1 ---
3 SPDX-License-Identifier: curl
4 Long: tls-max
13 See-also:
14 - tlsv1.0
15 - tlsv1.1
16 - tlsv1.2
17 - tlsv1.3
19 - --tls-max 1.2 $URL
20 - --tls-max 1.3 --tlsv1.2 $URL
[all …]
|
| /third_party/wpa_supplicant/wpa_supplicant-2.9/src/tls/ |
| D | tlsv1_client_read.c | 2 * TLSv1 client - read handshake message
3 * Copyright (c) 2006-2015, Jouni Malinen <j@w1.fi>
32 return (((conn->flags & TLS_CONN_DISABLE_TLSv1_0) && in tls_version_disabled()
34 ((conn->flags & TLS_CONN_DISABLE_TLSv1_1) && in tls_version_disabled()
36 ((conn->flags & TLS_CONN_DISABLE_TLSv1_2) && in tls_version_disabled()
46 wpa_hexdump(MSG_MSGDUMP, "TLSv1: ServerHello extensions", in tls_process_server_hello_extensions()
51 if (end - pos < 4) { in tls_process_server_hello_extensions()
52 wpa_printf(MSG_INFO, "TLSv1: Truncated ServerHello extension header"); in tls_process_server_hello_extensions()
53 return -1; in tls_process_server_hello_extensions()
61 if (elen > end - pos) { in tls_process_server_hello_extensions()
[all …]
|
| D | tlsv1_client.c | 3 * Copyright (c) 2006-2019, Jouni Malinen <j@w1.fi>
27 conn->alert_level = level; in tls_alert()
28 conn->alert_description = description; in tls_alert()
34 os_free(conn->dh_p); in tlsv1_client_free_dh()
35 os_free(conn->dh_g); in tlsv1_client_free_dh()
36 os_free(conn->dh_ys); in tlsv1_client_free_dh()
37 conn->dh_p = conn->dh_g = conn->dh_ys = NULL; in tlsv1_client_free_dh()
45 TLS_PRE_MASTER_SECRET_LEN - 2)) in tls_derive_pre_master_secret()
46 return -1; in tls_derive_pre_master_secret()
60 wpa_hexdump_key(MSG_MSGDUMP, "TLSv1: pre_master_secret", in tls_derive_keys()
[all …]
|
| D | tlsv1_record.c | 2 * TLSv1 Record Protocol
3 * Copyright (c) 2006-2011, Jouni Malinen <j@w1.fi>
20 * tlsv1_record_set_cipher_suite - TLS record layer: Set cipher suite
23 * Returns: 0 on success, -1 on failure
36 wpa_printf(MSG_DEBUG, "TLSv1: Selected cipher suite: 0x%04x", in tlsv1_record_set_cipher_suite()
38 rl->cipher_suite = cipher_suite; in tlsv1_record_set_cipher_suite()
42 return -1; in tlsv1_record_set_cipher_suite()
44 if (suite->hash == TLS_HASH_MD5) { in tlsv1_record_set_cipher_suite()
45 rl->hash_alg = CRYPTO_HASH_ALG_HMAC_MD5; in tlsv1_record_set_cipher_suite()
46 rl->hash_size = MD5_MAC_LEN; in tlsv1_record_set_cipher_suite()
[all …]
|
| /third_party/openssl/test/recipes/ |
| D | 70-test_tls13downgrade.t | 2 # Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
21 if disabled("engine") || disabled("dynamic-engine");
33 my $proxy = TLSProxy::Proxy->new(
46 #Test 1: Downgrade from TLSv1.3 to TLSv1.2
47 $proxy->filter(\&downgrade_filter);
49 $proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
51 ok(TLSProxy::Message->fail(), "Downgrade TLSv1.3 to TLSv1.2");
53 #Test 2: Downgrade from TLSv1.3 to TLSv1.1
54 $proxy->clear();
56 $proxy->start();
[all …]
|
| D | 70-test_sslsigalgs.t | 2 # Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
21 if disabled("engine") || disabled("dynamic-engine");
30 my $proxy = TLSProxy::Proxy->new(
52 #Note: Throughout this test we override the default ciphersuites where TLSv1.2
57 $proxy->clientflags("-no_tls1_3") if disabled("ec") && disabled("dh");
58 $proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
60 ok(TLSProxy::Message->success, "Default sigalgs");
64 skip "TLSv1.3 disabled", 6
67 $proxy->filter(\&sigalgs_filter);
69 #Test 2: Sending no sig algs extension in TLSv1.3 should fail
[all …]
|
| /third_party/openssl/doc/man3/ |
| D | SSL_CONF_cmd.pod | 6 SSL_CONF_cmd - send configuration command
30 prefix for command line commands is B<-> and that is reflected below.
34 =item B<-bugs>
38 =item B<-no_comp>
44 =item B<-comp>
51 =item B<-no_ticket>
55 =item B<-serverpref>
61 =item B<-client_renegotiation>
63 Allows servers to accept client-initiated renegotiation. Equivalent to
67 =item B<-legacy_renegotiation>
[all …]
|
| /third_party/mbedtls/tests/opt-testcases/ |
| D | tls13-misc.sh | 3 # tls13-misc.sh
6 # SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
16 run_test "TLS 1.3: PSK: No valid ciphersuite. G->m" \
18 …"$G_NEXT_CLI -d 10 --priority NORMAL:-VERS-ALL:-CIPHER-ALL:+AES-256-GCM:+AEAD:+SHA384:-KX-ALL:+ECD…
19 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70 \
22 -s "found psk key exchange modes extension" \
23 -s "found pre_shared_key extension" \
24 -s "Found PSK_EPHEMERAL KEX MODE" \
25 -s "Found PSK KEX MODE" \
26 -s "No matched ciphersuite"
[all …]
|
| /third_party/curl/docs/libcurl/opts/ |
| D | CURLOPT_PROXY_SSLVERSION.md | 1 ---
3 SPDX-License-Identifier: curl
7 See-also:
8 - CURLOPT_HTTP_VERSION (3)
9 - CURLOPT_IPRESOLVE (3)
10 - CURLOPT_SSLVERSION (3)
11 - CURLOPT_USE_SSL (3)
13 - TLS
14 TLS-backend:
15 - All
[all …]
|