Lines Matching +full:mac +full:- +full:openssl
3 # ssl-opt.sh
6 # SPDX-License-Identifier: Apache-2.0
12 # http://www.apache.org/licenses/LICENSE-2.0
33 set -u
37 ulimit -f 20971520
49 : ${OPENSSL_CMD:=openssl} # OPENSSL would conflict with the build system
50 : ${GNUTLS_CLI:=gnutls-cli}
51 : ${GNUTLS_SERV:=gnutls-serv}
55 if git diff --quiet ../include/mbedtls/mbedtls_config.h 2>/dev/null; then
63 : ${MBEDTLS_TEST_PLATFORM:="$(uname -s | tr -c \\n0-9A-Za-z _)-$(uname -m | tr -c \\n0-9A-Za-z _)"}
65 O_SRV="$OPENSSL_CMD s_server -www -cert data_files/server5.crt -key data_files/server5.key"
67 G_SRV="$GNUTLS_SERV --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key"
68 G_CLI="echo 'GET / HTTP/1.0' | $GNUTLS_CLI --x509cafile data_files/test-ca_cat12.crt"
71 # alternative versions of OpenSSL and GnuTLS (no default path)
73 if [ -n "${OPENSSL_LEGACY:-}" ]; then
74 …O_LEGACY_SRV="$OPENSSL_LEGACY s_server -www -cert data_files/server5.crt -key data_files/server5.k…
81 if [ -n "${OPENSSL_NEXT:-}" ]; then
82 … O_NEXT_SRV="$OPENSSL_NEXT s_server -www -cert data_files/server5.crt -key data_files/server5.key"
83 …O_NEXT_SRV_EARLY_DATA="$OPENSSL_NEXT s_server -early_data -cert data_files/server5.crt -key data_f…
84 O_NEXT_SRV_NO_CERT="$OPENSSL_NEXT s_server -www "
85 O_NEXT_CLI="echo 'GET / HTTP/1.0' | $OPENSSL_NEXT s_client -CAfile data_files/test-ca_cat12.crt"
95 if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then
96 …G_NEXT_SRV="$GNUTLS_NEXT_SERV --x509certfile data_files/server5.crt --x509keyfile data_files/serve…
103 if [ -n "${GNUTLS_NEXT_CLI:-}" ]; then
104 G_NEXT_CLI="echo 'GET / HTTP/1.0' | $GNUTLS_NEXT_CLI --x509cafile data_files/test-ca_cat12.crt"
126 # Pick a "unique" server port in the range 10000-19999, and a proxy
134 printf " -h|--help\tPrint this help.\n"
135 printf " -m|--memcheck\tCheck memory leaks and errors.\n"
136 printf " -f|--filter\tOnly matching tests are executed (substring or BRE)\n"
137 printf " -e|--exclude\tMatching tests are excluded (substring or BRE)\n"
138 printf " -n|--number\tExecute only numbered test (comma-separated, e.g. '245,256')\n"
139 printf " -s|--show-numbers\tShow test numbers in front of test names\n"
140 printf " -p|--preserve-logs\tPreserve logs of successful tests as well\n"
141 printf " --outcome-file\tFile where test outcomes are written\n"
143 printf " --port \tTCP/UDP port (default: randomish 1xxxx)\n"
144 printf " --proxy-port\tTCP/UDP proxy port (default: randomish 2xxxx)\n"
145 printf " --seed \tInteger seed value to use for this test run\n"
149 while [ $# -gt 0 ]; do
151 -f|--filter)
154 -e|--exclude)
157 -m|--memcheck)
160 -n|--number)
163 -s|--show-numbers)
166 -p|--preserve-logs)
169 --port)
172 --proxy-port)
175 --seed)
178 -h|--help)
201 # testing. Skip non-boolean options (with something other than spaces
203 # space-separated list of symbols.
204 CONFIGS_ENABLED=" $(echo `$P_QUERY -l` )"
206 # in theory and expected to be re-introduced at some point, but
229 if ! $P_QUERY -all $*
236 if $P_QUERY -any $*
243 if ! $P_QUERY -any $*
250 if $P_QUERY -all $*
265 if $P_QUERY -all MBEDTLS_SSL_PROTO_TLS1_2
268 elif ! $P_QUERY -all MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
287 if [ -z "$VAL" ]; then
291 elif [ "$VAL" -lt "$2" ]; then
298 if [ -z "$VAL" ]; then
302 elif [ "$VAL" -gt "$2" ]; then
309 if [ -z "$VAL" ]; then
313 elif [ "$VAL" -ne "$2" ]; then
331 # Space-separated list of ciphersuites supported by this build of
333 P_CIPHERSUITES=" $($P_CLI --help 2>/dev/null |
334 grep 'TLS-\|TLS1-3' |
335 tr -s ' \n' ' ')"
350 tmp="${tmp%%[!-0-9A-Z_a-z]*}"
357 tmp="${tmp%%[!-0-9A-Z_a-z]*}"
362 *[-_\ =]tickets=[^0]*)
366 *[-_\ =]alpn=*)
381 *openssl*) s='-psk abc123 -nocert';;
382 *gnutls-*) s='--pskkey=abc123';;
390 # If running in a PSK-only build, maybe adapt the test to use a pre-shared key.
392 # If not running in a PSK-only build, do nothing.
393 # If the test looks like it doesn't use a pre-shared key but can run with a
394 # pre-shared key, pass a pre-shared key. If the test looks like it can't run
395 # with a pre-shared key, skip it. If the test looks like it's already using
396 # a pre-shared key, do nothing.
398 # This code does not consider builds with ECDHE-PSK or RSA-PSK.
402 # * $PSK_ONLY: YES if running in a PSK-only build (no asymmetric key exchanges).
406 # * $CLI_CMD, $SRV_CMD: may be modified to add PSK-relevant arguments.
416 *[-_\ =]psk*|*[-_\ =]PSK*)
419 # The test case forces a non-PSK cipher suite. In some cases, a
424 *\ auth_mode=*|*[-_\ =]crt[_=]*)
496 echo "Unsupported hash alg - $1"
509 # skip next test if OpenSSL doesn't support FALLBACK_SCSV
511 if [ -z "${OPENSSL_HAS_FBSCSV:-}" ]; then
512 if $OPENSSL_CMD s_client -help 2>&1 | grep fallback_scsv >/dev/null
532 if [ -z "${GNUTLS_AVAILABLE:-}" ]; then
544 # skip next test if GnuTLS-next isn't available
546 if [ -z "${GNUTLS_NEXT_AVAILABLE:-}" ]; then
547 if ( which "${GNUTLS_NEXT_CLI:-}" && which "${GNUTLS_NEXT_SERV:-}" ) >/dev/null 2>&1; then
558 # skip next test if OpenSSL-legacy isn't available
560 if [ -z "${OPENSSL_LEGACY_AVAILABLE:-}" ]; then
561 if which "${OPENSSL_LEGACY:-}" >/dev/null 2>&1; then
573 if [ -z "${OPENSSL_NEXT_AVAILABLE:-}" ]; then
574 if which "${OPENSSL_NEXT:-}" >/dev/null 2>&1; then
591 if [ -z "${OPENSSL_TLS1_3_AVAILABLE:-}" ]; then
592 if $OPENSSL_NEXT s_client -help 2>&1 | grep tls1_3 >/dev/null
610 if [ -z "${GNUTLS_TLS1_3_AVAILABLE:-}" ]; then
611 if $GNUTLS_NEXT_CLI -l 2>&1 | grep VERS-TLS1.3 >/dev/null
629 if [ -z "${GNUTLS_NO_TICKETS_AVAILABLE:-}" ]; then
630 if $GNUTLS_NEXT_CLI --priority-list 2>&1 | grep NO_TICKETS >/dev/null
648 if [ -z "${GNUTLS_DISABLE_TLS13_COMPAT_MODE_AVAILABLE:-}" ]; then
649 if $GNUTLS_NEXT_CLI --priority-list 2>&1 | grep DISABLE_TLS13_COMPAT_MODE >/dev/null
663 if [ -z "${HAS_IPV6:-}" ]; then
668 if grep "NET - Binding of the socket failed" $SRV_OUT >/dev/null; then
673 rm -r $SRV_OUT
683 if [ -z "${IS_I686:-}" ]; then
686 if [ -z "$(uname -a | grep i686)" ]; then
702 if [ "$MAX_IN_LEN" -lt "$MAX_CONTENT_LEN" ]; then
705 if [ "$MAX_OUT_LEN" -lt "$MAX_CONTENT_LEN" ]; then
711 if [ "$MAX_OUT_LEN" -ne 16384 ]; then
718 if [ "$MEMCHECK" -gt 0 ]; then
725 if [ "$MEMCHECK" -eq 0 ]; then
745 if [ "$SHOW_TEST_NUMBER" -gt 0 ]; then
751 LEN=$(( 72 - `echo "$LINE" | wc -c` ))
757 # record_outcome <outcome> [<failure-reason>]
762 if [ -n "$MBEDTLS_TEST_OUTCOME_FILE" ]; then
765 "${TEST_SUITE_NAME:-ssl-opt}" "$NAME" \
766 "$1" "${2-}" \
786 if [ $TIMES_LEFT -eq 0 ]; then
803 mv $SRV_OUT o-srv-${TESTS}.log
804 mv $CLI_OUT o-cli-${TESTS}.log
805 if [ -n "$PXY_CMD" ]; then
806 mv $PXY_OUT o-pxy-${TESTS}.log
808 echo " ! outputs saved to o-XXX-${TESTS}.log"
810 if [ "${LOG_FAILURE_ON_STDOUT:-0}" != 0 ]; then
812 cat o-srv-${TESTS}.log
815 cat o-cli-${TESTS}.log
816 if [ -n "$PXY_CMD" ]; then
819 cat o-pxy-${TESTS}.log
836 # openssl s_server doesn't have -www with DTLS
839 *s_server*-dtls*)
841 SRV_CMD="$( echo $SRV_CMD | sed s/-www// )";;
848 if [ $NEEDS_INPUT -eq 0 ]; then
860 if ( grep -F 'All heap blocks were freed -- no leaks are possible' "$1" &&
861 grep -F 'ERROR SUMMARY: 0 errors from 0 contexts' "$1" ) > /dev/null
875 if [ "$DTLS" -eq 1 ]; then
882 SERVER_PIDS=$(lsof -a -n -b -i "$proto:$1" -t)
888 if [ $(( $(date +%s) - $START_TIME )) -gt $DOG_DELAY ]; then
920 SERVER_HELLO_TIME="$(sed -n 's/.*server hello, current time: //p' < "$1")"
926 if [ -z "$SERVER_HELLO_TIME" ]; then
931 if [ $SERVER_HELLO_TIME -lt $(( $CUR_TIME - $THRESHOLD_IN_SECS )) ]; then
934 elif [ $SERVER_HELLO_TIME -gt $(( $CUR_TIME + $THRESHOLD_IN_SECS )) ]; then
948 …MEM_USAGE=$(sed -n 's/.*Heap memory usage after handshake: //p' < "$OUTPUT_FILE" | grep -o "[0-9]*…
951 if [ -z "$MEM_USAGE" ]; then
972 if [ "$MEMORY_USAGE" -gt "$MAX_MEMORY" ]; then
1009 *dtls=1*|*-dtls*|*-u*) DTLS=1;;
1017 *gnutls-cli*)
1020 *gnutls-serv*)
1060 case ${1-} in
1077 srv_pattern=$(grep -m 1 "$1" "$2");
1078 if [ -z "$srv_pattern" ]; then
1109 if [ -z "$PXY_CMD" ] && [ "$DTLS" -eq 1 ]; then
1122 if [ "$CMD_IS_GNUTLS" -eq 1 ]; then
1124 *--priority*) :;;
1125 *) SRV_CMD="$SRV_CMD --priority=NORMAL";;
1134 if [ "$CMD_IS_GNUTLS" -eq 1 ]; then
1136 *--priority*) :;;
1137 *) CLI_CMD="$CLI_CMD --priority=NORMAL";;
1142 if [ -n "$PXY_CMD" ]; then
1149 if [ "$MEMCHECK" -gt 0 ]; then
1151 SRV_CMD="valgrind --leak-check=full $SRV_CMD"
1154 CLI_CMD="valgrind --leak-check=full $CLI_CMD"
1174 if [ $TIMES_LEFT -gt 0 ] &&
1177 outcome="RETRY(client-timeout)"
1182 # (useful to avoid tests with only negative assertions and non-zero
1204 # Check server exit code (only for Mbed TLS: GnuTLS and OpenSSL don't
1213 if [ \( "$CLI_EXPECT" = 0 -a "$CLI_EXIT" != 0 \) -o \
1214 \( "$CLI_EXPECT" != 0 -a "$CLI_EXIT" = 0 \) ]
1223 while [ $# -gt 0 ]
1226 "-s")
1227 …if grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null…
1233 "-c")
1234 …if grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null…
1240 "-S")
1241 …if grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null…
1249 "-C")
1250 …if grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null…
1258 # The filtering in the following two options (-u and -U) do the following
1259 # - ignore valgrind output
1260 # - filter out everything but lines right after the pattern occurrences
1261 # - keep one of each non-unique line
1262 # - count how many lines remain
1263 …# A line with '--' will remain in the result from previous outputs, so the number of lines in the …
1265 "-U")
1266 …if [ $(grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep -A1 "$2" | …
1272 "-u")
1273 …if [ $(grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep -A1 "$2" | …
1278 "-F")
1284 "-f")
1290 "-g")
1305 if [ "$MEMCHECK" -gt 0 ]; then
1333 if [ -n "$PXY_CMD" ]; then
1363 if [ -n "$PXY_CMD" ]; then
1369 # Usage: run_test name [-p proxy_cmd] srv_cmd cli_cmd cli_exit [option [...]]
1370 # Options: -s pattern pattern that must be present in server output
1371 # -c pattern pattern that must be present in client output
1372 # -u pattern lines after pattern must be unique in client output
1373 # -f call shell function on client output
1374 # -S pattern pattern that must be absent in server output
1375 # -C pattern pattern that must be absent in client output
1376 # -U pattern lines after pattern must be unique in server output
1377 # -F call shell function on server output
1378 # -g call shell function on server and client output
1392 if [ -n "$RUN_TEST_NUMBER" ]; then
1400 if [ "X$1" = "X-p" ]; then
1421 if [ "$DTLS" -eq 1 ]; then
1426 # from their command-line arguments, check that they're enabled.
1430 # If we're in a PSK-only build and the test can be adapted to PSK, do that.
1445 while [ $TIMES_LEFT -gt 0 ]; do
1446 TIMES_LEFT=$(( $TIMES_LEFT - 1 ))
1460 if [ "$PRESERVE_LOGS" -gt 0 ]; then
1461 mv $SRV_OUT o-srv-${TESTS}.log
1462 mv $CLI_OUT o-cli-${TESTS}.log
1463 if [ -n "$PXY_CMD" ]; then
1464 mv $PXY_OUT o-pxy-${TESTS}.log
1468 rm -f $SRV_OUT $CLI_OUT $PXY_OUT
1474 run_test "PSA-supported ciphersuite: $1" \
1478 -c "$maybe_calc_verify" \
1479 -c "calc PSA finished" \
1480 -s "$maybe_calc_verify" \
1481 -s "calc PSA finished" \
1482 -s "Protocol is TLSv1.2" \
1483 -c "Perform PSA-based ECDH computation."\
1484 -c "Perform PSA-based computation of digest of ServerKeyExchange" \
1485 -S "error" \
1486 -C "error"
1493 run_test "PSA - ECDH with $1" \
1495 … "$P_CLI debug_level=4 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 curves=$1" \
1497 -c "$maybe_calc_verify" \
1498 -c "calc PSA finished" \
1499 -s "$maybe_calc_verify" \
1500 -s "calc PSA finished" \
1501 -s "Protocol is TLSv1.2" \
1502 -c "Perform PSA-based ECDH computation."\
1503 -c "Perform PSA-based computation of digest of ServerKeyExchange" \
1504 -S "error" \
1505 -C "error"
1515 # The test passes if the difference is around 2*(16k-MFL)
1516 MEMORY_USAGE_LIMIT="$(( $2 - ( 2 * ( 16384 - $1 )) ))"
1525 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM max_frag_len=$1" \
1527 -F "handshake_memory_check $MEMORY_USAGE_LIMIT"
1540 run_test "Handshake memory usage initial (MFL 16384 - default)" \
1544 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM" \
1546 -F "handshake_memory_get MEMORY_USAGE_MFL_16K"
1562 rm -f $CLI_OUT $SRV_OUT $PXY_OUT $SESSION
1563 rm -f context_srv.txt
1564 rm -f context_cli.txt
1565 test -n "${SRV_PID:-}" && kill $SRV_PID >/dev/null 2>&1
1566 test -n "${PXY_PID:-}" && kill $PXY_PID >/dev/null 2>&1
1567 test -n "${CLI_PID:-}" && kill $CLI_PID >/dev/null 2>&1
1568 test -n "${DOG_PID:-}" && kill $DOG_PID >/dev/null 2>&1
1588 # (e.g. '-f "DTLS 1.2"').
1595 *) # No regexp or shell-pattern special character
1603 *) # No regexp or shell-pattern special character
1606 if [ -n "$need_grep" ]; then
1608 ! echo "$1" | grep "$FILTER" | grep -q -v "$EXCLUDE"
1624 if [ ! -x "$P_SRV_BIN" ]; then
1628 if [ ! -x "$P_CLI_BIN" ]; then
1632 if [ ! -x "$P_PXY_BIN" ]; then
1636 if [ "$MEMCHECK" -gt 0 ]; then
1651 # - how long do we wait for the server to start (when lsof not available)?
1652 # - how long do we allow for the client to finish?
1656 # Note: without lsof, there is a trade-off between the running time of this
1660 if [ "$MEMCHECK" -gt 0 ]; then
1669 # - for the client, we multiply the usual watchdog limit by a factor
1670 # - for the server, we sleep for a number of seconds after the client exits
1682 O_SRV="$O_SRV -accept $SRV_PORT"
1683 O_CLI="$O_CLI -connect 127.0.0.1:+SRV_PORT"
1684 G_SRV="$G_SRV -p $SRV_PORT"
1685 G_CLI="$G_CLI -p +SRV_PORT"
1687 if [ -n "${OPENSSL_LEGACY:-}" ]; then
1688 O_LEGACY_SRV="$O_LEGACY_SRV -accept $SRV_PORT -dhparam data_files/dhparams.pem"
1689 O_LEGACY_CLI="$O_LEGACY_CLI -connect 127.0.0.1:+SRV_PORT"
1692 # Newer versions of OpenSSL have a syntax to enable all "ciphers", even
1693 # low-security ones. This covers not just cipher suites but also protocol
1695 # OpenSSL 1.1.1f from Ubuntu 20.04. The syntax was only introduced in
1696 # OpenSSL 1.1.0 (21e0c1d23afff48601eb93135defddae51f7e2e3) and I can't find
1697 # a way to discover it from -help, so check the openssl version.
1699 "OpenSSL 0"*|"OpenSSL 1.0"*) :;;
1701 O_CLI="$O_CLI -cipher ALL@SECLEVEL=0"
1702 O_SRV="$O_SRV -cipher ALL@SECLEVEL=0"
1706 if [ -n "${OPENSSL_NEXT:-}" ]; then
1707 O_NEXT_SRV="$O_NEXT_SRV -accept $SRV_PORT"
1708 O_NEXT_SRV_NO_CERT="$O_NEXT_SRV_NO_CERT -accept $SRV_PORT"
1709 O_NEXT_SRV_EARLY_DATA="$O_NEXT_SRV_EARLY_DATA -accept $SRV_PORT"
1710 O_NEXT_CLI="$O_NEXT_CLI -connect 127.0.0.1:+SRV_PORT"
1711 O_NEXT_CLI_NO_CERT="$O_NEXT_CLI_NO_CERT -connect 127.0.0.1:+SRV_PORT"
1714 if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then
1715 G_NEXT_SRV="$G_NEXT_SRV -p $SRV_PORT"
1716 G_NEXT_SRV_NO_CERT="$G_NEXT_SRV_NO_CERT -p $SRV_PORT"
1719 if [ -n "${GNUTLS_NEXT_CLI:-}" ]; then
1720 G_NEXT_CLI="$G_NEXT_CLI -p +SRV_PORT"
1721 G_NEXT_CLI_NO_CERT="$G_NEXT_CLI_NO_CERT -p +SRV_PORT localhost"
1724 # Allow SHA-1, because many of our test certificates use it
1741 # - things work with all ciphersuites active (used with config-full in all.sh)
1742 # - the expected parameters are selected
1744 requires_ciphersuite_enabled TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256
1751 -s "Protocol is TLSv1.2" \
1752 -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256" \
1753 -s "client hello v3, signature_algorithm ext: 6" \
1754 -s "ECDHE curve: x25519" \
1755 -S "error" \
1756 -C "error"
1759 requires_ciphersuite_enabled TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256
1764 -s "Protocol is DTLSv1.2" \
1765 -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256"
1772 -s "Verifying peer X.509 certificate... ok"
1775 run_test "key size: TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
1777 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
1779 -c "Ciphersuite is TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
1780 -c "Key size is 256"
1783 run_test "key size: TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
1785 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
1787 -c "Ciphersuite is TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
1788 -c "Key size is 128"
1826 -c "use CA callback for X.509 CRT verification" \
1827 -S "error" \
1828 -C "error"
1840 -c "use CA callback for X.509 CRT verification" \
1841 -s "Verifying peer X.509 certificate... ok" \
1842 -S "error" \
1843 -C "error"
1851 run_test "Opaque key for client authentication: ECDHE-ECDSA" \
1855 key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none" \
1857 -c "key type: Opaque" \
1858 -c "Ciphersuite is TLS-ECDHE-ECDSA" \
1859 -s "Verifying peer X.509 certificate... ok" \
1860 -s "Ciphersuite is TLS-ECDHE-ECDSA" \
1861 -S "error" \
1862 -C "error"
1871 run_test "Opaque key for client authentication: ECDHE-RSA" \
1872 "$P_SRV auth_mode=required crt_file=data_files/server2-sha256.crt \
1874 "$P_CLI key_opaque=1 crt_file=data_files/server2-sha256.crt \
1875 key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \
1877 -c "key type: Opaque" \
1878 -c "Ciphersuite is TLS-ECDHE-RSA" \
1879 -s "Verifying peer X.509 certificate... ok" \
1880 -s "Ciphersuite is TLS-ECDHE-RSA" \
1881 -S "error" \
1882 -C "error"
1889 run_test "Opaque key for client authentication: DHE-RSA" \
1890 "$P_SRV auth_mode=required crt_file=data_files/server2-sha256.crt \
1892 "$P_CLI key_opaque=1 crt_file=data_files/server2-sha256.crt \
1893 key_file=data_files/server2.key force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
1894 key_opaque_algs=rsa-sign-pkcs1,none" \
1896 -c "key type: Opaque" \
1897 -c "Ciphersuite is TLS-DHE-RSA" \
1898 -s "Verifying peer X.509 certificate... ok" \
1899 -s "Ciphersuite is TLS-DHE-RSA" \
1900 -S "error" \
1901 -C "error"
1909 run_test "Opaque key for server authentication: ECDHE-ECDSA" \
1911 key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none" \
1914 -c "Verifying peer X.509 certificate... ok" \
1915 -c "Ciphersuite is TLS-ECDHE-ECDSA" \
1916 -s "key types: Opaque, none" \
1917 -s "Ciphersuite is TLS-ECDHE-ECDSA" \
1918 -S "error" \
1919 -C "error"
1926 run_test "Opaque key for server authentication: ECDH-" \
1928 crt_file=data_files/server5.ku-ka.crt\
1932 -c "Verifying peer X.509 certificate... ok" \
1933 -c "Ciphersuite is TLS-ECDH-" \
1934 -s "key types: Opaque, none" \
1935 -s "Ciphersuite is TLS-ECDH-" \
1936 -S "error" \
1937 -C "error"
1947 key_file=data_files/server5.key key_opaque_algs=rsa-decrypt,none \
1951 -s "key types: Opaque, none" \
1952 -s "error" \
1953 -c "error" \
1954 -c "Public key type mismatch"
1964 "$P_SRV key_opaque=1 crt_file=data_files/server2-sha256.crt \
1969 -s "key types: Opaque, none" \
1970 -s "error" \
1971 -c "error" \
1972 -c "Public key type mismatch"
1982 key_file=data_files/server5.key key_opaque_algs=rsa-decrypt,none \
1986 -s "key types: Opaque, none" \
1987 -s "got ciphersuites in common, but none of them usable" \
1988 -s "error" \
1989 -c "error"
1999 "$P_SRV key_opaque=1 crt_file=data_files/server2-sha256.crt \
2004 -s "key types: Opaque, none" \
2005 -s "got ciphersuites in common, but none of them usable" \
2006 -s "error" \
2007 -c "error"
2015 run_test "Opaque key for server authentication: invalid alg: ECDHE-ECDSA with ecdh" \
2019 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \
2021 -s "key types: Opaque, none" \
2022 -s "got ciphersuites in common, but none of them usable" \
2023 -s "error" \
2024 -c "error"
2032 run_test "Opaque keys for server authentication: EC keys with different algs, force ECDHE-ECDSA"…
2036 key_opaque_algs2=ecdsa-sign,none" \
2039 -c "Verifying peer X.509 certificate... ok" \
2040 -c "Ciphersuite is TLS-ECDHE-ECDSA" \
2041 -c "CN=Polarssl Test EC CA" \
2042 -s "key types: Opaque, Opaque" \
2043 -s "Ciphersuite is TLS-ECDHE-ECDSA" \
2044 -S "error" \
2045 -C "error"
2053 run_test "Opaque keys for server authentication: EC keys with different algs, force ECDH-ECDSA" \
2055 key_file=data_files/server7.key key_opaque_algs=ecdsa-sign,none \
2058 "$P_CLI force_ciphersuite=TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384" \
2060 -c "Verifying peer X.509 certificate... ok" \
2061 -c "Ciphersuite is TLS-ECDH-ECDSA" \
2062 -c "CN=Polarssl Test EC CA" \
2063 -s "key types: Opaque, Opaque" \
2064 -s "Ciphersuite is TLS-ECDH-ECDSA" \
2065 -S "error" \
2066 -C "error"
2075 run_test "Opaque keys for server authentication: EC + RSA, force ECDHE-ECDSA" \
2077 key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none \
2078 crt_file2=data_files/server2-sha256.crt \
2079 key_file2=data_files/server2.key key_opaque_algs2=rsa-sign-pkcs1,none" \
2080 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \
2082 -c "Verifying peer X.509 certificate... ok" \
2083 -c "Ciphersuite is TLS-ECDHE-ECDSA" \
2084 -c "CN=Polarssl Test EC CA" \
2085 -s "key types: Opaque, Opaque" \
2086 -s "Ciphersuite is TLS-ECDHE-ECDSA" \
2087 -S "error" \
2088 -C "error"
2094 …bug_level=4 force_version=tls13 auth_mode=required key_opaque=1 key_opaque_algs=rsa-decrypt,none" \
2095 "$P_CLI debug_level=4 key_opaque=1 key_opaque_algs=rsa-decrypt,rsa-sign-pss" \
2097 -s "The SSL configuration is tls13 only" \
2098 -c "key type: Opaque" \
2099 -s "key types: Opaque, Opaque" \
2100 -c "error" \
2101 -s "no suitable signature algorithm"
2107 …l=4 force_version=tls13 auth_mode=required key_opaque=1 key_opaque_algs=rsa-decrypt,rsa-sign-pss" \
2108 "$P_CLI debug_level=4 key_opaque=1 key_opaque_algs=rsa-decrypt,rsa-sign-pss" \
2110 -s "The SSL configuration is tls13 only" \
2111 -c "key type: Opaque" \
2112 -s "key types: Opaque, Opaque" \
2113 -C "error" \
2114 -S "error" \
2120 …l=4 force_version=tls13 auth_mode=required key_opaque=1 key_opaque_algs=rsa-sign-pss-sha512,none" \
2123 -s "The SSL configuration is tls13 only" \
2124 -s "key types: Opaque, Opaque" \
2125 -s "CertificateVerify signature failed with rsa_pss_rsae_sha256" \
2126 -s "CertificateVerify signature with rsa_pss_rsae_sha512" \
2127 -C "error" \
2128 -S "error" \
2134 …th_mode=required key_opaque=1 key_opaque_algs2=ecdsa-sign,none key_opaque_algs=rsa-decrypt,rsa-sig…
2135 "$P_CLI debug_level=4 key_opaque=1 key_opaque_algs=rsa-decrypt,rsa-sign-pss" \
2137 -s "The SSL configuration is tls13 only" \
2138 -c "key type: Opaque" \
2139 -s "key types: Opaque, Opaque" \
2140 -C "error" \
2141 -S "error" \
2150 run_test "Opaque key for server authentication: ECDHE-RSA" \
2151 "$P_SRV key_opaque=1 crt_file=data_files/server2-sha256.crt \
2152 key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \
2155 -c "Verifying peer X.509 certificate... ok" \
2156 -c "Ciphersuite is TLS-ECDHE-RSA" \
2157 -s "key types: Opaque, none" \
2158 -s "Ciphersuite is TLS-ECDHE-RSA" \
2159 -S "error" \
2160 -C "error"
2168 run_test "Opaque key for server authentication: DHE-RSA" \
2169 "$P_SRV key_opaque=1 crt_file=data_files/server2-sha256.crt \
2170 key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \
2171 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
2173 -c "Verifying peer X.509 certificate... ok" \
2174 -c "Ciphersuite is TLS-DHE-RSA" \
2175 -s "key types: Opaque, none" \
2176 -s "Ciphersuite is TLS-DHE-RSA" \
2177 -S "error" \
2178 -C "error"
2185 run_test "Opaque key for server authentication: RSA-PSK" \
2186 "$P_SRV debug_level=1 key_opaque=1 key_opaque_algs=rsa-decrypt,none \
2188 "$P_CLI force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256 \
2191 -c "Verifying peer X.509 certificate... ok" \
2192 -c "Ciphersuite is TLS-RSA-PSK-" \
2193 -s "key types: Opaque, Opaque" \
2194 -s "Ciphersuite is TLS-RSA-PSK-" \
2195 -S "error" \
2196 -C "error"
2203 run_test "Opaque key for server authentication: RSA-" \
2204 "$P_SRV debug_level=3 key_opaque=1 key_opaque_algs=rsa-decrypt,none " \
2205 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA256" \
2207 -c "Verifying peer X.509 certificate... ok" \
2208 -c "Ciphersuite is TLS-RSA-" \
2209 -s "key types: Opaque, Opaque" \
2210 -s "Ciphersuite is TLS-RSA-" \
2211 -S "error" \
2212 -C "error"
2220 run_test "Opaque key for server authentication: DHE-RSA, PSS instead of PKCS1" \
2221 "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \
2222 key_file=data_files/server2.key key_opaque_algs=rsa-sign-pss,none debug_level=1" \
2223 "$P_CLI crt_file=data_files/server2-sha256.crt \
2224 key_file=data_files/server2.key force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
2226 -s "key types: Opaque, none" \
2227 -s "got ciphersuites in common, but none of them usable" \
2228 -s "error" \
2229 -c "error"
2239 "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \
2240 key_file=data_files/server2.key key_opaque_algs=rsa-sign-pss,none \
2242 key_file2=data_files/server4.key key_opaque_algs2=rsa-sign-pkcs1,none" \
2245 -c "Verifying peer X.509 certificate... ok" \
2246 -c "Ciphersuite is TLS-ECDHE-RSA" \
2247 -c "CN=Polarssl Test EC CA" \
2248 -s "key types: Opaque, Opaque" \
2249 -s "Ciphersuite is TLS-ECDHE-RSA" \
2250 -S "error" \
2251 -C "error"
2261 run_test "Opaque keys for server authentication: EC + RSA, force DHE-RSA" \
2263 key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none \
2265 key_file2=data_files/server4.key key_opaque_algs2=rsa-sign-pkcs1,none" \
2266 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
2268 -c "Verifying peer X.509 certificate... ok" \
2269 -c "Ciphersuite is TLS-DHE-RSA" \
2270 -c "CN=Polarssl Test EC CA" \
2271 -s "key types: Opaque, Opaque" \
2272 -s "Ciphersuite is TLS-DHE-RSA" \
2273 -S "error" \
2274 -C "error"
2282 run_test "Opaque key for client/server authentication: ECDHE-ECDSA" \
2284 key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none" \
2286 key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none" \
2288 -c "key type: Opaque" \
2289 -c "Verifying peer X.509 certificate... ok" \
2290 -c "Ciphersuite is TLS-ECDHE-ECDSA" \
2291 -s "key types: Opaque, none" \
2292 -s "Verifying peer X.509 certificate... ok" \
2293 -s "Ciphersuite is TLS-ECDHE-ECDSA" \
2294 -S "error" \
2295 -C "error"
2304 run_test "Opaque key for client/server authentication: ECDHE-RSA" \
2305 "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \
2306 key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \
2307 "$P_CLI key_opaque=1 crt_file=data_files/server2-sha256.crt \
2308 key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \
2310 -c "key type: Opaque" \
2311 -c "Verifying peer X.509 certificate... ok" \
2312 -c "Ciphersuite is TLS-ECDHE-RSA" \
2313 -s "key types: Opaque, none" \
2314 -s "Verifying peer X.509 certificate... ok" \
2315 -s "Ciphersuite is TLS-ECDHE-RSA" \
2316 -S "error" \
2317 -C "error"
2325 run_test "Opaque key for client/server authentication: DHE-RSA" \
2326 "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \
2327 key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \
2328 "$P_CLI key_opaque=1 crt_file=data_files/server2-sha256.crt \
2329 key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none \
2330 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
2332 -c "key type: Opaque" \
2333 -c "Verifying peer X.509 certificate... ok" \
2334 -c "Ciphersuite is TLS-DHE-RSA" \
2335 -s "key types: Opaque, none" \
2336 -s "Verifying peer X.509 certificate... ok" \
2337 -s "Ciphersuite is TLS-DHE-RSA" \
2338 -S "error" \
2339 -C "error"
2344 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CCM
2345 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8
2346 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CCM
2347 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8
2348 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
2349 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
2350 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA
2351 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256
2352 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384
2371 ## (https://github.com/Mbed-TLS/mbedtls/issues/3541),
2374 ## dependencies on PSA symbols in ssl-opt.sh are not implemented yet.
2389 -f "check_server_hello_time" \
2390 -F "check_server_hello_time"
2396 … "$P_CLI exchanges=20 debug_level=4 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \
2398 -u "IV used" \
2399 -U "IV used"
2413 -c "Supported Signature Algorithm found: 04 03"
2420 run_test "Single supported algorithm sending: openssl client" \
2422 "$O_CLI -cert data_files/server6.crt \
2423 -key data_files/server6.key" \
2428 run_test "Configuration-specific CRT verification callback" \
2432 -S "error" \
2433 -c "Verify requested for " \
2434 -c "Use configuration-specific verification callback" \
2435 -C "Use context-specific verification callback" \
2436 -C "error"
2439 run_test "Context-specific CRT verification callback" \
2443 -S "error" \
2444 -c "Verify requested for " \
2445 -c "Use context-specific verification callback" \
2446 -C "Use configuration-specific verification callback" \
2447 -C "error"
2449 # Tests for SHA-1 support
2451 run_test "SHA-1 forbidden by default in server certificate" \
2455 -c "The certificate is signed with an unacceptable hash"
2458 run_test "SHA-1 explicitly allowed in server certificate" \
2464 run_test "SHA-256 allowed by default in server certificate" \
2465 "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2-sha256.crt" \
2470 run_test "SHA-1 forbidden by default in client certificate" \
2472 "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha1.crt" \
2474 -s "The certificate is signed with an unacceptable hash"
2477 run_test "SHA-1 explicitly allowed in client certificate" \
2479 "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha1.crt" \
2483 run_test "SHA-256 allowed by default in client certificate" \
2485 "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha256.crt" \
2504 run_test "TLS 1.3: key exchange mode parameter passing: PSK-ephemeral only" \
2513 run_test "TLS 1.3: key exchange mode parameter passing: Pure-ephemeral only" \
2551 -c "next record in same datagram" \
2552 -s "next record in same datagram"
2559 -s "next record in same datagram" \
2560 -C "next record in same datagram"
2567 -S "next record in same datagram" \
2568 -c "next record in same datagram"
2575 -S "next record in same datagram" \
2576 -C "next record in same datagram"
2584 … "$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
2586 -c "Deserializing connection..." \
2587 -S "Deserializing connection..."
2593 …P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA2…
2595 -c "Deserializing connection..." \
2596 -S "Deserializing connection..."
2602 …"$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
2604 -c "Deserializing connection..." \
2605 -S "Deserializing connection..."
2614 -c "Deserializing connection..." \
2615 -S "Deserializing connection..."
2620 … "$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
2622 -C "Deserializing connection..." \
2623 -s "Deserializing connection..."
2629 …P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA2…
2631 -C "Deserializing connection..." \
2632 -s "Deserializing connection..."
2638 …"$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
2640 -C "Deserializing connection..." \
2641 -s "Deserializing connection..."
2650 -C "Deserializing connection..." \
2651 -s "Deserializing connection..."
2657 … "$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
2659 -c "Deserializing connection..." \
2660 -s "Deserializing connection..."
2666 …P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA2…
2668 -c "Deserializing connection..." \
2669 -s "Deserializing connection..."
2675 …"$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
2677 -c "Deserializing connection..." \
2678 -s "Deserializing connection..."
2687 -c "Deserializing connection..." \
2688 -s "Deserializing connection..."
2691 run_test "Context serialization, re-init, client serializes, CCM" \
2693 … "$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
2695 -c "Deserializing connection..." \
2696 -S "Deserializing connection..."
2700 run_test "Context serialization, re-init, client serializes, ChaChaPoly" \
2702 …P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA2…
2704 -c "Deserializing connection..." \
2705 -S "Deserializing connection..."
2709 run_test "Context serialization, re-init, client serializes, GCM" \
2711 …"$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
2713 -c "Deserializing connection..." \
2714 -S "Deserializing connection..."
2719 run_test "Context serialization, re-init, client serializes, with CID" \
2723 -c "Deserializing connection..." \
2724 -S "Deserializing connection..."
2727 run_test "Context serialization, re-init, server serializes, CCM" \
2729 … "$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
2731 -C "Deserializing connection..." \
2732 -s "Deserializing connection..."
2736 run_test "Context serialization, re-init, server serializes, ChaChaPoly" \
2738 …P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA2…
2740 -C "Deserializing connection..." \
2741 -s "Deserializing connection..."
2745 run_test "Context serialization, re-init, server serializes, GCM" \
2747 …P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA2…
2749 -C "Deserializing connection..." \
2750 -s "Deserializing connection..."
2755 run_test "Context serialization, re-init, server serializes, with CID" \
2759 -C "Deserializing connection..." \
2760 -s "Deserializing connection..."
2764 run_test "Context serialization, re-init, both serialize, CCM" \
2766 … "$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
2768 -c "Deserializing connection..." \
2769 -s "Deserializing connection..."
2773 run_test "Context serialization, re-init, both serialize, ChaChaPoly" \
2775 …P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA2…
2777 -c "Deserializing connection..." \
2778 -s "Deserializing connection..."
2782 run_test "Context serialization, re-init, both serialize, GCM" \
2784 …P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA2…
2786 -c "Deserializing connection..." \
2787 -s "Deserializing connection..."
2792 run_test "Context serialization, re-init, both serialize, with CID" \
2796 -c "Deserializing connection..." \
2797 -s "Deserializing connection..."
2805 -s "Save serialized context to a file... ok" \
2806 -c "Save serialized context to a file... ok"
2807 rm -f context_srv.txt
2808 rm -f context_cli.txt
2822 -s "Disable use of CID extension." \
2823 -s "found CID extension" \
2824 -s "Client sent CID extension, but CID disabled" \
2825 -c "Enable use of CID extension." \
2826 -c "client hello, adding CID extension" \
2827 -S "server hello, adding CID extension" \
2828 -C "found CID extension" \
2829 -S "Copy CIDs into SSL transform" \
2830 -C "Copy CIDs into SSL transform" \
2831 -c "Use of Connection ID was rejected by the server"
2839 -c "Disable use of CID extension." \
2840 -C "client hello, adding CID extension" \
2841 -S "found CID extension" \
2842 -s "Enable use of CID extension." \
2843 -S "server hello, adding CID extension" \
2844 -C "found CID extension" \
2845 -S "Copy CIDs into SSL transform" \
2846 -C "Copy CIDs into SSL transform" \
2847 -s "Use of Connection ID was not offered by client"
2855 -c "Enable use of CID extension." \
2856 -s "Enable use of CID extension." \
2857 -c "client hello, adding CID extension" \
2858 -s "found CID extension" \
2859 -s "Use of CID extension negotiated" \
2860 -s "server hello, adding CID extension" \
2861 -c "found CID extension" \
2862 -c "Use of CID extension negotiated" \
2863 -s "Copy CIDs into SSL transform" \
2864 -c "Copy CIDs into SSL transform" \
2865 -c "Peer CID (length 2 Bytes): de ad" \
2866 -s "Peer CID (length 2 Bytes): be ef" \
2867 -s "Use of Connection ID has been negotiated" \
2868 -c "Use of Connection ID has been negotiated"
2873 -p "$P_PXY drop=5 delay=5 duplicate=5 bad_cid=1" \
2877 -c "Enable use of CID extension." \
2878 -s "Enable use of CID extension." \
2879 -c "client hello, adding CID extension" \
2880 -s "found CID extension" \
2881 -s "Use of CID extension negotiated" \
2882 -s "server hello, adding CID extension" \
2883 -c "found CID extension" \
2884 -c "Use of CID extension negotiated" \
2885 -s "Copy CIDs into SSL transform" \
2886 -c "Copy CIDs into SSL transform" \
2887 -c "Peer CID (length 2 Bytes): de ad" \
2888 -s "Peer CID (length 2 Bytes): be ef" \
2889 -s "Use of Connection ID has been negotiated" \
2890 -c "Use of Connection ID has been negotiated" \
2891 -c "ignoring unexpected CID" \
2892 -s "ignoring unexpected CID"
2897 -p "$P_PXY mtu=800" \
2901 -c "Enable use of CID extension." \
2902 -s "Enable use of CID extension." \
2903 -c "client hello, adding CID extension" \
2904 -s "found CID extension" \
2905 -s "Use of CID extension negotiated" \
2906 -s "server hello, adding CID extension" \
2907 -c "found CID extension" \
2908 -c "Use of CID extension negotiated" \
2909 -s "Copy CIDs into SSL transform" \
2910 -c "Copy CIDs into SSL transform" \
2911 -c "Peer CID (length 2 Bytes): de ad" \
2912 -s "Peer CID (length 2 Bytes): be ef" \
2913 -s "Use of Connection ID has been negotiated" \
2914 -c "Use of Connection ID has been negotiated"
2919 -p "$P_PXY mtu=800 drop=5 delay=5 duplicate=5 bad_cid=1" \
2923 -c "Enable use of CID extension." \
2924 -s "Enable use of CID extension." \
2925 -c "client hello, adding CID extension" \
2926 -s "found CID extension" \
2927 -s "Use of CID extension negotiated" \
2928 -s "server hello, adding CID extension" \
2929 -c "found CID extension" \
2930 -c "Use of CID extension negotiated" \
2931 -s "Copy CIDs into SSL transform" \
2932 -c "Copy CIDs into SSL transform" \
2933 -c "Peer CID (length 2 Bytes): de ad" \
2934 -s "Peer CID (length 2 Bytes): be ef" \
2935 -s "Use of Connection ID has been negotiated" \
2936 -c "Use of Connection ID has been negotiated" \
2937 -c "ignoring unexpected CID" \
2938 -s "ignoring unexpected CID"
2946 -c "Enable use of CID extension." \
2947 -s "Enable use of CID extension." \
2948 -c "client hello, adding CID extension" \
2949 -s "found CID extension" \
2950 -s "Use of CID extension negotiated" \
2951 -s "server hello, adding CID extension" \
2952 -c "found CID extension" \
2953 -c "Use of CID extension negotiated" \
2954 -s "Copy CIDs into SSL transform" \
2955 -c "Copy CIDs into SSL transform" \
2956 -c "Peer CID (length 4 Bytes): de ad be ef" \
2957 -s "Peer CID (length 0 Bytes):" \
2958 -s "Use of Connection ID has been negotiated" \
2959 -c "Use of Connection ID has been negotiated"
2967 -c "Enable use of CID extension." \
2968 -s "Enable use of CID extension." \
2969 -c "client hello, adding CID extension" \
2970 -s "found CID extension" \
2971 -s "Use of CID extension negotiated" \
2972 -s "server hello, adding CID extension" \
2973 -c "found CID extension" \
2974 -c "Use of CID extension negotiated" \
2975 -s "Copy CIDs into SSL transform" \
2976 -c "Copy CIDs into SSL transform" \
2977 -s "Peer CID (length 4 Bytes): de ad be ef" \
2978 -c "Peer CID (length 0 Bytes):" \
2979 -s "Use of Connection ID has been negotiated" \
2980 -c "Use of Connection ID has been negotiated"
2988 -c "Enable use of CID extension." \
2989 -s "Enable use of CID extension." \
2990 -c "client hello, adding CID extension" \
2991 -s "found CID extension" \
2992 -s "Use of CID extension negotiated" \
2993 -s "server hello, adding CID extension" \
2994 -c "found CID extension" \
2995 -c "Use of CID extension negotiated" \
2996 -s "Copy CIDs into SSL transform" \
2997 -c "Copy CIDs into SSL transform" \
2998 -S "Use of Connection ID has been negotiated" \
2999 -C "Use of Connection ID has been negotiated"
3003 run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID nonempty, AES-128-CCM-8" \
3005 …CLI debug_level=3 dtls=1 cid=1 cid_val=beef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
3007 -c "Enable use of CID extension." \
3008 -s "Enable use of CID extension." \
3009 -c "client hello, adding CID extension" \
3010 -s "found CID extension" \
3011 -s "Use of CID extension negotiated" \
3012 -s "server hello, adding CID extension" \
3013 -c "found CID extension" \
3014 -c "Use of CID extension negotiated" \
3015 -s "Copy CIDs into SSL transform" \
3016 -c "Copy CIDs into SSL transform" \
3017 -c "Peer CID (length 2 Bytes): de ad" \
3018 -s "Peer CID (length 2 Bytes): be ef" \
3019 -s "Use of Connection ID has been negotiated" \
3020 -c "Use of Connection ID has been negotiated"
3024 run_test "Connection ID: Cli+Srv enabled, Cli CID empty, AES-128-CCM-8" \
3026 … "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
3028 -c "Enable use of CID extension." \
3029 -s "Enable use of CID extension." \
3030 -c "client hello, adding CID extension" \
3031 -s "found CID extension" \
3032 -s "Use of CID extension negotiated" \
3033 -s "server hello, adding CID extension" \
3034 -c "found CID extension" \
3035 -c "Use of CID extension negotiated" \
3036 -s "Copy CIDs into SSL transform" \
3037 -c "Copy CIDs into SSL transform" \
3038 -c "Peer CID (length 4 Bytes): de ad be ef" \
3039 -s "Peer CID (length 0 Bytes):" \
3040 -s "Use of Connection ID has been negotiated" \
3041 -c "Use of Connection ID has been negotiated"
3045 run_test "Connection ID: Cli+Srv enabled, Srv CID empty, AES-128-CCM-8" \
3047 …debug_level=3 dtls=1 cid=1 cid_val=deadbeef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
3049 -c "Enable use of CID extension." \
3050 -s "Enable use of CID extension." \
3051 -c "client hello, adding CID extension" \
3052 -s "found CID extension" \
3053 -s "Use of CID extension negotiated" \
3054 -s "server hello, adding CID extension" \
3055 -c "found CID extension" \
3056 -c "Use of CID extension negotiated" \
3057 -s "Copy CIDs into SSL transform" \
3058 -c "Copy CIDs into SSL transform" \
3059 -s "Peer CID (length 4 Bytes): de ad be ef" \
3060 -c "Peer CID (length 0 Bytes):" \
3061 -s "Use of Connection ID has been negotiated" \
3062 -c "Use of Connection ID has been negotiated"
3066 run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID empty, AES-128-CCM-8" \
3068 … "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
3070 -c "Enable use of CID extension." \
3071 -s "Enable use of CID extension." \
3072 -c "client hello, adding CID extension" \
3073 -s "found CID extension" \
3074 -s "Use of CID extension negotiated" \
3075 -s "server hello, adding CID extension" \
3076 -c "found CID extension" \
3077 -c "Use of CID extension negotiated" \
3078 -s "Copy CIDs into SSL transform" \
3079 -c "Copy CIDs into SSL transform" \
3080 -S "Use of Connection ID has been negotiated" \
3081 -C "Use of Connection ID has been negotiated"
3085 run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID nonempty, AES-128-CBC" \
3087 …debug_level=3 dtls=1 cid=1 cid_val=beef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256"…
3089 -c "Enable use of CID extension." \
3090 -s "Enable use of CID extension." \
3091 -c "client hello, adding CID extension" \
3092 -s "found CID extension" \
3093 -s "Use of CID extension negotiated" \
3094 -s "server hello, adding CID extension" \
3095 -c "found CID extension" \
3096 -c "Use of CID extension negotiated" \
3097 -s "Copy CIDs into SSL transform" \
3098 -c "Copy CIDs into SSL transform" \
3099 -c "Peer CID (length 2 Bytes): de ad" \
3100 -s "Peer CID (length 2 Bytes): be ef" \
3101 -s "Use of Connection ID has been negotiated" \
3102 -c "Use of Connection ID has been negotiated"
3106 run_test "Connection ID: Cli+Srv enabled, Cli CID empty, AES-128-CBC" \
3108 … "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
3110 -c "Enable use of CID extension." \
3111 -s "Enable use of CID extension." \
3112 -c "client hello, adding CID extension" \
3113 -s "found CID extension" \
3114 -s "Use of CID extension negotiated" \
3115 -s "server hello, adding CID extension" \
3116 -c "found CID extension" \
3117 -c "Use of CID extension negotiated" \
3118 -s "Copy CIDs into SSL transform" \
3119 -c "Copy CIDs into SSL transform" \
3120 -c "Peer CID (length 4 Bytes): de ad be ef" \
3121 -s "Peer CID (length 0 Bytes):" \
3122 -s "Use of Connection ID has been negotiated" \
3123 -c "Use of Connection ID has been negotiated"
3127 run_test "Connection ID: Cli+Srv enabled, Srv CID empty, AES-128-CBC" \
3129 …g_level=3 dtls=1 cid=1 cid_val=deadbeef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256"…
3131 -c "Enable use of CID extension." \
3132 -s "Enable use of CID extension." \
3133 -c "client hello, adding CID extension" \
3134 -s "found CID extension" \
3135 -s "Use of CID extension negotiated" \
3136 -s "server hello, adding CID extension" \
3137 -c "found CID extension" \
3138 -c "Use of CID extension negotiated" \
3139 -s "Copy CIDs into SSL transform" \
3140 -c "Copy CIDs into SSL transform" \
3141 -s "Peer CID (length 4 Bytes): de ad be ef" \
3142 -c "Peer CID (length 0 Bytes):" \
3143 -s "Use of Connection ID has been negotiated" \
3144 -c "Use of Connection ID has been negotiated"
3148 run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID empty, AES-128-CBC" \
3150 … "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
3152 -c "Enable use of CID extension." \
3153 -s "Enable use of CID extension." \
3154 -c "client hello, adding CID extension" \
3155 -s "found CID extension" \
3156 -s "Use of CID extension negotiated" \
3157 -s "server hello, adding CID extension" \
3158 -c "found CID extension" \
3159 -c "Use of CID extension negotiated" \
3160 -s "Copy CIDs into SSL transform" \
3161 -c "Copy CIDs into SSL transform" \
3162 -S "Use of Connection ID has been negotiated" \
3163 -C "Use of Connection ID has been negotiated"
3172 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3173 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3174 -s "(initial handshake) Use of Connection ID has been negotiated" \
3175 -c "(initial handshake) Use of Connection ID has been negotiated" \
3176 -c "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3177 -s "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3178 -s "(after renegotiation) Use of Connection ID has been negotiated" \
3179 -c "(after renegotiation) Use of Connection ID has been negotiated"
3188 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3189 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3190 -s "(initial handshake) Use of Connection ID has been negotiated" \
3191 -c "(initial handshake) Use of Connection ID has been negotiated" \
3192 -c "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3193 -s "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3194 -s "(after renegotiation) Use of Connection ID has been negotiated" \
3195 -c "(after renegotiation) Use of Connection ID has been negotiated"
3204 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3205 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3206 -s "(initial handshake) Use of Connection ID has been negotiated" \
3207 -c "(initial handshake) Use of Connection ID has been negotiated" \
3208 -c "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3209 -s "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3210 -s "(after renegotiation) Use of Connection ID has been negotiated" \
3211 -c "(after renegotiation) Use of Connection ID has been negotiated"
3217 -p "$P_PXY mtu=800 drop=5 delay=5 duplicate=5 bad_cid=1" \
3221 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3222 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3223 -s "(initial handshake) Use of Connection ID has been negotiated" \
3224 -c "(initial handshake) Use of Connection ID has been negotiated" \
3225 -c "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3226 -s "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3227 -s "(after renegotiation) Use of Connection ID has been negotiated" \
3228 -c "(after renegotiation) Use of Connection ID has been negotiated" \
3229 -c "ignoring unexpected CID" \
3230 -s "ignoring unexpected CID"
3239 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3240 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3241 -s "(initial handshake) Use of Connection ID has been negotiated" \
3242 -c "(initial handshake) Use of Connection ID has been negotiated" \
3243 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3244 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3245 -C "(after renegotiation) Use of Connection ID has been negotiated" \
3246 -S "(after renegotiation) Use of Connection ID has been negotiated"
3255 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3256 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3257 -s "(initial handshake) Use of Connection ID has been negotiated" \
3258 -c "(initial handshake) Use of Connection ID has been negotiated" \
3259 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3260 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3261 -C "(after renegotiation) Use of Connection ID has been negotiated" \
3262 -S "(after renegotiation) Use of Connection ID has been negotiated"
3268 -p "$P_PXY drop=5 delay=5 duplicate=5 bad_cid=1" \
3272 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3273 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3274 -s "(initial handshake) Use of Connection ID has been negotiated" \
3275 -c "(initial handshake) Use of Connection ID has been negotiated" \
3276 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3277 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3278 -C "(after renegotiation) Use of Connection ID has been negotiated" \
3279 -S "(after renegotiation) Use of Connection ID has been negotiated" \
3280 -c "ignoring unexpected CID" \
3281 -s "ignoring unexpected CID"
3290 -S "(initial handshake) Use of Connection ID has been negotiated" \
3291 -C "(initial handshake) Use of Connection ID has been negotiated" \
3292 -c "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3293 -s "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3294 -c "(after renegotiation) Use of Connection ID has been negotiated" \
3295 -s "(after renegotiation) Use of Connection ID has been negotiated"
3304 -S "(initial handshake) Use of Connection ID has been negotiated" \
3305 -C "(initial handshake) Use of Connection ID has been negotiated" \
3306 -c "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3307 -s "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3308 -c "(after renegotiation) Use of Connection ID has been negotiated" \
3309 -s "(after renegotiation) Use of Connection ID has been negotiated"
3315 -p "$P_PXY mtu=800 drop=5 delay=5 duplicate=5 bad_cid=1" \
3319 -S "(initial handshake) Use of Connection ID has been negotiated" \
3320 -C "(initial handshake) Use of Connection ID has been negotiated" \
3321 -c "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3322 -s "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3323 -c "(after renegotiation) Use of Connection ID has been negotiated" \
3324 -s "(after renegotiation) Use of Connection ID has been negotiated" \
3325 -c "ignoring unexpected CID" \
3326 -s "ignoring unexpected CID"
3335 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3336 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3337 -s "(initial handshake) Use of Connection ID has been negotiated" \
3338 -c "(initial handshake) Use of Connection ID has been negotiated" \
3339 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3340 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3341 -C "(after renegotiation) Use of Connection ID has been negotiated" \
3342 -S "(after renegotiation) Use of Connection ID has been negotiated" \
3343 -s "(after renegotiation) Use of Connection ID was not offered by client"
3349 -p "$P_PXY drop=5 delay=5 duplicate=5 bad_cid=1" \
3353 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3354 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3355 -s "(initial handshake) Use of Connection ID has been negotiated" \
3356 -c "(initial handshake) Use of Connection ID has been negotiated" \
3357 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3358 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3359 -C "(after renegotiation) Use of Connection ID has been negotiated" \
3360 -S "(after renegotiation) Use of Connection ID has been negotiated" \
3361 -s "(after renegotiation) Use of Connection ID was not offered by client" \
3362 -c "ignoring unexpected CID" \
3363 -s "ignoring unexpected CID"
3372 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3373 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3374 -s "(initial handshake) Use of Connection ID has been negotiated" \
3375 -c "(initial handshake) Use of Connection ID has been negotiated" \
3376 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3377 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3378 -C "(after renegotiation) Use of Connection ID has been negotiated" \
3379 -S "(after renegotiation) Use of Connection ID has been negotiated" \
3380 -c "(after renegotiation) Use of Connection ID was rejected by the server"
3386 -p "$P_PXY drop=5 delay=5 duplicate=5 bad_cid=1" \
3390 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3391 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3392 -s "(initial handshake) Use of Connection ID has been negotiated" \
3393 -c "(initial handshake) Use of Connection ID has been negotiated" \
3394 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3395 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3396 -C "(after renegotiation) Use of Connection ID has been negotiated" \
3397 -S "(after renegotiation) Use of Connection ID has been negotiated" \
3398 -c "(after renegotiation) Use of Connection ID was rejected by the server" \
3399 -c "ignoring unexpected CID" \
3400 -s "ignoring unexpected CID"
3411 …"$P_CLI force_ciphersuite="TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" max_frag_len=512 dtls=1 cid=1 cid_v…
3413 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3414 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3415 -s "(initial handshake) Use of Connection ID has been negotiated" \
3416 -c "(initial handshake) Use of Connection ID has been negotiated" \
3417 -s "Reallocating in_buf" \
3418 -s "Reallocating out_buf"
3426 …"$P_CLI force_ciphersuite="TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" max_frag_len=1024 dtls=1 cid=1 cid_…
3428 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3429 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3430 -s "(initial handshake) Use of Connection ID has been negotiated" \
3431 -c "(initial handshake) Use of Connection ID has been negotiated" \
3432 -s "Reallocating in_buf" \
3433 -s "Reallocating out_buf"
3435 # Tests for Encrypt-then-MAC extension
3438 run_test "Encrypt then MAC: default" \
3440 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
3443 -c "client hello, adding encrypt_then_mac extension" \
3444 -s "found encrypt then mac extension" \
3445 -s "server hello, adding encrypt then mac extension" \
3446 -c "found encrypt_then_mac extension" \
3447 -c "using encrypt then mac" \
3448 -s "using encrypt then mac"
3451 run_test "Encrypt then MAC: client enabled, server disabled" \
3453 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
3456 -c "client hello, adding encrypt_then_mac extension" \
3457 -s "found encrypt then mac extension" \
3458 -S "server hello, adding encrypt then mac extension" \
3459 -C "found encrypt_then_mac extension" \
3460 -C "using encrypt then mac" \
3461 -S "using encrypt then mac"
3464 run_test "Encrypt then MAC: client enabled, aead cipher" \
3466 force_ciphersuite=TLS-RSA-WITH-AES-128-GCM-SHA256" \
3469 -c "client hello, adding encrypt_then_mac extension" \
3470 -s "found encrypt then mac extension" \
3471 -S "server hello, adding encrypt then mac extension" \
3472 -C "found encrypt_then_mac extension" \
3473 -C "using encrypt then mac" \
3474 -S "using encrypt then mac"
3477 run_test "Encrypt then MAC: client disabled, server enabled" \
3479 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
3482 -C "client hello, adding encrypt_then_mac extension" \
3483 -S "found encrypt then mac extension" \
3484 -S "server hello, adding encrypt then mac extension" \
3485 -C "found encrypt_then_mac extension" \
3486 -C "using encrypt then mac" \
3487 -S "using encrypt then mac"
3497 -c "client hello, adding extended_master_secret extension" \
3498 -s "found extended master secret extension" \
3499 -s "server hello, adding extended master secret extension" \
3500 -c "found extended_master_secret extension" \
3501 -c "session hash for extended master secret" \
3502 -s "session hash for extended master secret"
3510 -c "client hello, adding extended_master_secret extension" \
3511 -s "found extended master secret extension" \
3512 -S "server hello, adding extended master secret extension" \
3513 -C "found extended_master_secret extension" \
3514 -C "session hash for extended master secret" \
3515 -S "session hash for extended master secret"
3523 -C "client hello, adding extended_master_secret extension" \
3524 -S "found extended master secret extension" \
3525 -S "server hello, adding extended master secret extension" \
3526 -C "found extended_master_secret extension" \
3527 -C "session hash for extended master secret" \
3528 -S "session hash for extended master secret"
3533 run_test "Encrypt then MAC: empty application data record" \
3535 …"$P_CLI auth_mode=none etm=1 request_size=0 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
3537 -S "0000: 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f" \
3538 -s "dumping 'input payload after decrypt' (0 bytes)" \
3539 -c "0 bytes written in 1 fragments"
3542 run_test "Encrypt then MAC: disabled, empty application data record" \
3546 -s "dumping 'input payload after decrypt' (0 bytes)" \
3547 -c "0 bytes written in 1 fragments"
3550 run_test "Encrypt then MAC, DTLS: empty application data record" \
3552 …_CLI auth_mode=none etm=1 request_size=0 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA dtls…
3554 -S "0000: 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f" \
3555 -s "dumping 'input payload after decrypt' (0 bytes)" \
3556 -c "0 bytes written in 1 fragments"
3559 run_test "Encrypt then MAC, DTLS: disabled, empty application data record" \
3563 -s "dumping 'input payload after decrypt' (0 bytes)" \
3564 -c "0 bytes written in 1 fragments"
3566 # Tests for CBC 1/n-1 record splitting
3570 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \
3573 -s "Read from client: 123 bytes read" \
3574 -S "Read from client: 1 bytes read" \
3575 -S "122 bytes read"
3584 -c "client hello, adding session ticket extension" \
3585 -s "found session ticket extension" \
3586 -s "server hello, adding session ticket extension" \
3587 -c "found session_ticket extension" \
3588 -c "parse new session ticket" \
3589 -S "session successfully restored from cache" \
3590 -s "session successfully restored from ticket" \
3591 -s "a session has been resumed" \
3592 -c "a session has been resumed"
3599 -c "client hello, adding session ticket extension" \
3600 -s "found session ticket extension" \
3601 -s "server hello, adding session ticket extension" \
3602 -c "found session_ticket extension" \
3603 -c "parse new session ticket" \
3604 -S "session successfully restored from cache" \
3605 -s "session successfully restored from ticket" \
3606 -s "a session has been resumed" \
3607 -c "a session has been resumed"
3614 -c "client hello, adding session ticket extension" \
3615 -s "found session ticket extension" \
3616 -s "server hello, adding session ticket extension" \
3617 -c "found session_ticket extension" \
3618 -c "parse new session ticket" \
3619 -S "session successfully restored from cache" \
3620 -s "session successfully restored from ticket" \
3621 -s "a session has been resumed" \
3622 -c "a session has been resumed"
3629 -c "client hello, adding session ticket extension" \
3630 -s "found session ticket extension" \
3631 -s "server hello, adding session ticket extension" \
3632 -c "found session_ticket extension" \
3633 -c "parse new session ticket" \
3634 -S "session successfully restored from cache" \
3635 -S "session successfully restored from ticket" \
3636 -S "a session has been resumed" \
3637 -C "a session has been resumed"
3644 -c "client hello, adding session ticket extension" \
3645 -s "found session ticket extension" \
3646 -s "server hello, adding session ticket extension" \
3647 -c "found session_ticket extension" \
3648 -c "parse new session ticket" \
3649 -S "session successfully restored from cache" \
3650 -s "session successfully restored from ticket" \
3651 -s "a session has been resumed" \
3652 -c "a session has been resumed"
3655 run_test "Session resume using tickets: openssl server" \
3656 "$O_SRV -tls1_2" \
3659 -c "client hello, adding session ticket extension" \
3660 -c "found session_ticket extension" \
3661 -c "parse new session ticket" \
3662 -c "a session has been resumed"
3665 run_test "Session resume using tickets: openssl client" \
3667 "( $O_CLI -sess_out $SESSION; \
3668 $O_CLI -sess_in $SESSION; \
3669 rm -f $SESSION )" \
3671 -s "found session ticket extension" \
3672 -s "server hello, adding session ticket extension" \
3673 -S "session successfully restored from cache" \
3674 -s "session successfully restored from ticket" \
3675 -s "a session has been resumed"
3678 run_test "Session resume using tickets: AES-128-GCM" \
3679 "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-128-GCM" \
3682 -c "client hello, adding session ticket extension" \
3683 -s "found session ticket extension" \
3684 -s "server hello, adding session ticket extension" \
3685 -c "found session_ticket extension" \
3686 -c "parse new session ticket" \
3687 -S "session successfully restored from cache" \
3688 -s "session successfully restored from ticket" \
3689 -s "a session has been resumed" \
3690 -c "a session has been resumed"
3693 run_test "Session resume using tickets: AES-192-GCM" \
3694 "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-192-GCM" \
3697 -c "client hello, adding session ticket extension" \
3698 -s "found session ticket extension" \
3699 -s "server hello, adding session ticket extension" \
3700 -c "found session_ticket extension" \
3701 -c "parse new session ticket" \
3702 -S "session successfully restored from cache" \
3703 -s "session successfully restored from ticket" \
3704 -s "a session has been resumed" \
3705 -c "a session has been resumed"
3708 run_test "Session resume using tickets: AES-128-CCM" \
3709 "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-128-CCM" \
3712 -c "client hello, adding session ticket extension" \
3713 -s "found session ticket extension" \
3714 -s "server hello, adding session ticket extension" \
3715 -c "found session_ticket extension" \
3716 -c "parse new session ticket" \
3717 -S "session successfully restored from cache" \
3718 -s "session successfully restored from ticket" \
3719 -s "a session has been resumed" \
3720 -c "a session has been resumed"
3723 run_test "Session resume using tickets: AES-192-CCM" \
3724 "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-192-CCM" \
3727 -c "client hello, adding session ticket extension" \
3728 -s "found session ticket extension" \
3729 -s "server hello, adding session ticket extension" \
3730 -c "found session_ticket extension" \
3731 -c "parse new session ticket" \
3732 -S "session successfully restored from cache" \
3733 -s "session successfully restored from ticket" \
3734 -s "a session has been resumed" \
3735 -c "a session has been resumed"
3738 run_test "Session resume using tickets: AES-256-CCM" \
3739 "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-256-CCM" \
3742 -c "client hello, adding session ticket extension" \
3743 -s "found session ticket extension" \
3744 -s "server hello, adding session ticket extension" \
3745 -c "found session_ticket extension" \
3746 -c "parse new session ticket" \
3747 -S "session successfully restored from cache" \
3748 -s "session successfully restored from ticket" \
3749 -s "a session has been resumed" \
3750 -c "a session has been resumed"
3753 run_test "Session resume using tickets: CAMELLIA-128-CCM" \
3754 "$P_SRV debug_level=3 tickets=1 ticket_aead=CAMELLIA-128-CCM" \
3757 -c "client hello, adding session ticket extension" \
3758 -s "found session ticket extension" \
3759 -s "server hello, adding session ticket extension" \
3760 -c "found session_ticket extension" \
3761 -c "parse new session ticket" \
3762 -S "session successfully restored from cache" \
3763 -s "session successfully restored from ticket" \
3764 -s "a session has been resumed" \
3765 -c "a session has been resumed"
3768 run_test "Session resume using tickets: CAMELLIA-192-CCM" \
3769 "$P_SRV debug_level=3 tickets=1 ticket_aead=CAMELLIA-192-CCM" \
3772 -c "client hello, adding session ticket extension" \
3773 -s "found session ticket extension" \
3774 -s "server hello, adding session ticket extension" \
3775 -c "found session_ticket extension" \
3776 -c "parse new session ticket" \
3777 -S "session successfully restored from cache" \
3778 -s "session successfully restored from ticket" \
3779 -s "a session has been resumed" \
3780 -c "a session has been resumed"
3783 run_test "Session resume using tickets: CAMELLIA-256-CCM" \
3784 "$P_SRV debug_level=3 tickets=1 ticket_aead=CAMELLIA-256-CCM" \
3787 -c "client hello, adding session ticket extension" \
3788 -s "found session ticket extension" \
3789 -s "server hello, adding session ticket extension" \
3790 -c "found session_ticket extension" \
3791 -c "parse new session ticket" \
3792 -S "session successfully restored from cache" \
3793 -s "session successfully restored from ticket" \
3794 -s "a session has been resumed" \
3795 -c "a session has been resumed"
3798 run_test "Session resume using tickets: ARIA-128-GCM" \
3799 "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-128-GCM" \
3802 -c "client hello, adding session ticket extension" \
3803 -s "found session ticket extension" \
3804 -s "server hello, adding session ticket extension" \
3805 -c "found session_ticket extension" \
3806 -c "parse new session ticket" \
3807 -S "session successfully restored from cache" \
3808 -s "session successfully restored from ticket" \
3809 -s "a session has been resumed" \
3810 -c "a session has been resumed"
3813 run_test "Session resume using tickets: ARIA-192-GCM" \
3814 "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-192-GCM" \
3817 -c "client hello, adding session ticket extension" \
3818 -s "found session ticket extension" \
3819 -s "server hello, adding session ticket extension" \
3820 -c "found session_ticket extension" \
3821 -c "parse new session ticket" \
3822 -S "session successfully restored from cache" \
3823 -s "session successfully restored from ticket" \
3824 -s "a session has been resumed" \
3825 -c "a session has been resumed"
3828 run_test "Session resume using tickets: ARIA-256-GCM" \
3829 "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-256-GCM" \
3832 -c "client hello, adding session ticket extension" \
3833 -s "found session ticket extension" \
3834 -s "server hello, adding session ticket extension" \
3835 -c "found session_ticket extension" \
3836 -c "parse new session ticket" \
3837 -S "session successfully restored from cache" \
3838 -s "session successfully restored from ticket" \
3839 -s "a session has been resumed" \
3840 -c "a session has been resumed"
3843 run_test "Session resume using tickets: ARIA-128-CCM" \
3844 "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-128-CCM" \
3847 -c "client hello, adding session ticket extension" \
3848 -s "found session ticket extension" \
3849 -s "server hello, adding session ticket extension" \
3850 -c "found session_ticket extension" \
3851 -c "parse new session ticket" \
3852 -S "session successfully restored from cache" \
3853 -s "session successfully restored from ticket" \
3854 -s "a session has been resumed" \
3855 -c "a session has been resumed"
3858 run_test "Session resume using tickets: ARIA-192-CCM" \
3859 "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-192-CCM" \
3862 -c "client hello, adding session ticket extension" \
3863 -s "found session ticket extension" \
3864 -s "server hello, adding session ticket extension" \
3865 -c "found session_ticket extension" \
3866 -c "parse new session ticket" \
3867 -S "session successfully restored from cache" \
3868 -s "session successfully restored from ticket" \
3869 -s "a session has been resumed" \
3870 -c "a session has been resumed"
3873 run_test "Session resume using tickets: ARIA-256-CCM" \
3874 "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-256-CCM" \
3877 -c "client hello, adding session ticket extension" \
3878 -s "found session ticket extension" \
3879 -s "server hello, adding session ticket extension" \
3880 -c "found session_ticket extension" \
3881 -c "parse new session ticket" \
3882 -S "session successfully restored from cache" \
3883 -s "session successfully restored from ticket" \
3884 -s "a session has been resumed" \
3885 -c "a session has been resumed"
3888 run_test "Session resume using tickets: CHACHA20-POLY1305" \
3889 "$P_SRV debug_level=3 tickets=1 ticket_aead=CHACHA20-POLY1305" \
3892 -c "client hello, adding session ticket extension" \
3893 -s "found session ticket extension" \
3894 -s "server hello, adding session ticket extension" \
3895 -c "found session_ticket extension" \
3896 -c "parse new session ticket" \
3897 -S "session successfully restored from cache" \
3898 -s "session successfully restored from ticket" \
3899 -s "a session has been resumed" \
3900 -c "a session has been resumed"
3909 -c "client hello, adding session ticket extension" \
3910 -s "found session ticket extension" \
3911 -s "server hello, adding session ticket extension" \
3912 -c "found session_ticket extension" \
3913 -c "parse new session ticket" \
3914 -S "session successfully restored from cache" \
3915 -s "session successfully restored from ticket" \
3916 -s "a session has been resumed" \
3917 -c "a session has been resumed"
3924 -c "client hello, adding session ticket extension" \
3925 -s "found session ticket extension" \
3926 -s "server hello, adding session ticket extension" \
3927 -c "found session_ticket extension" \
3928 -c "parse new session ticket" \
3929 -S "session successfully restored from cache" \
3930 -s "session successfully restored from ticket" \
3931 -s "a session has been resumed" \
3932 -c "a session has been resumed"
3939 -c "client hello, adding session ticket extension" \
3940 -s "found session ticket extension" \
3941 -s "server hello, adding session ticket extension" \
3942 -c "found session_ticket extension" \
3943 -c "parse new session ticket" \
3944 -S "session successfully restored from cache" \
3945 -S "session successfully restored from ticket" \
3946 -S "a session has been resumed" \
3947 -C "a session has been resumed"
3954 -c "client hello, adding session ticket extension" \
3955 -s "found session ticket extension" \
3956 -s "server hello, adding session ticket extension" \
3957 -c "found session_ticket extension" \
3958 -c "parse new session ticket" \
3959 -S "session successfully restored from cache" \
3960 -s "session successfully restored from ticket" \
3961 -s "a session has been resumed" \
3962 -c "a session has been resumed"
3965 run_test "Session resume using tickets, DTLS: openssl server" \
3966 "$O_SRV -dtls" \
3969 -c "client hello, adding session ticket extension" \
3970 -c "found session_ticket extension" \
3971 -c "parse new session ticket" \
3972 -c "a session has been resumed"
3975 # probability with OpenSSL 1.0.2g on the CI, see #5012.
3978 run_test "Session resume using tickets, DTLS: openssl client" \
3980 "( $O_NEXT_CLI -dtls -sess_out $SESSION; \
3981 $O_NEXT_CLI -dtls -sess_in $SESSION; \
3982 rm -f $SESSION )" \
3984 -s "found session ticket extension" \
3985 -s "server hello, adding session ticket extension" \
3986 -S "session successfully restored from cache" \
3987 -s "session successfully restored from ticket" \
3988 -s "a session has been resumed"
3990 # Tests for Session Resume based on session-ID and cache
3998 -c "client hello, adding session ticket extension" \
3999 -s "found session ticket extension" \
4000 -S "server hello, adding session ticket extension" \
4001 -C "found session_ticket extension" \
4002 -C "parse new session ticket" \
4003 -s "session successfully restored from cache" \
4004 -S "session successfully restored from ticket" \
4005 -s "a session has been resumed" \
4006 -c "a session has been resumed"
4014 -C "client hello, adding session ticket extension" \
4015 -S "found session ticket extension" \
4016 -S "server hello, adding session ticket extension" \
4017 -C "found session_ticket extension" \
4018 -C "parse new session ticket" \
4019 -s "session successfully restored from cache" \
4020 -S "session successfully restored from ticket" \
4021 -s "a session has been resumed" \
4022 -c "a session has been resumed"
4030 -S "session successfully restored from cache" \
4031 -S "session successfully restored from ticket" \
4032 -S "a session has been resumed" \
4033 -C "a session has been resumed"
4041 -s "session successfully restored from cache" \
4042 -S "session successfully restored from ticket" \
4043 -s "a session has been resumed" \
4044 -c "a session has been resumed"
4052 -s "session successfully restored from cache" \
4053 -S "session successfully restored from ticket" \
4054 -s "a session has been resumed" \
4055 -c "a session has been resumed"
4063 -S "session successfully restored from cache" \
4064 -S "session successfully restored from ticket" \
4065 -S "a session has been resumed" \
4066 -C "a session has been resumed"
4074 -s "session successfully restored from cache" \
4075 -S "session successfully restored from ticket" \
4076 -s "a session has been resumed" \
4077 -c "a session has been resumed"
4085 -s "session successfully restored from cache" \
4086 -S "session successfully restored from ticket" \
4087 -s "a session has been resumed" \
4088 -c "a session has been resumed"
4092 run_test "Session resume using cache: openssl client" \
4094 "( $O_CLI -sess_out $SESSION; \
4095 $O_CLI -sess_in $SESSION; \
4096 rm -f $SESSION )" \
4098 -s "found session ticket extension" \
4099 -S "server hello, adding session ticket extension" \
4100 -s "session successfully restored from cache" \
4101 -S "session successfully restored from ticket" \
4102 -s "a session has been resumed"
4106 run_test "Session resume using cache: openssl server" \
4107 "$O_SRV -tls1_2" \
4110 -C "found session_ticket extension" \
4111 -C "parse new session ticket" \
4112 -c "a session has been resumed"
4122 -c "Enable use of CID extension." \
4123 -s "Enable use of CID extension." \
4124 -c "client hello, adding CID extension" \
4125 -s "found CID extension" \
4126 -s "Use of CID extension negotiated" \
4127 -s "server hello, adding CID extension" \
4128 -c "found CID extension" \
4129 -c "Use of CID extension negotiated" \
4130 -s "Copy CIDs into SSL transform" \
4131 -c "Copy CIDs into SSL transform" \
4132 -c "Peer CID (length 2 Bytes): de ad" \
4133 -s "Peer CID (length 2 Bytes): be ef" \
4134 -s "Use of Connection ID has been negotiated" \
4135 -c "Use of Connection ID has been negotiated"
4137 # Tests for Session Resume based on session-ID and cache, DTLS
4145 -c "client hello, adding session ticket extension" \
4146 -s "found session ticket extension" \
4147 -S "server hello, adding session ticket extension" \
4148 -C "found session_ticket extension" \
4149 -C "parse new session ticket" \
4150 -s "session successfully restored from cache" \
4151 -S "session successfully restored from ticket" \
4152 -s "a session has been resumed" \
4153 -c "a session has been resumed"
4161 -C "client hello, adding session ticket extension" \
4162 -S "found session ticket extension" \
4163 -S "server hello, adding session ticket extension" \
4164 -C "found session_ticket extension" \
4165 -C "parse new session ticket" \
4166 -s "session successfully restored from cache" \
4167 -S "session successfully restored from ticket" \
4168 -s "a session has been resumed" \
4169 -c "a session has been resumed"
4177 -S "session successfully restored from cache" \
4178 -S "session successfully restored from ticket" \
4179 -S "a session has been resumed" \
4180 -C "a session has been resumed"
4188 -s "session successfully restored from cache" \
4189 -S "session successfully restored from ticket" \
4190 -s "a session has been resumed" \
4191 -c "a session has been resumed"
4199 -s "session successfully restored from cache" \
4200 -S "session successfully restored from ticket" \
4201 -s "a session has been resumed" \
4202 -c "a session has been resumed"
4210 -S "session successfully restored from cache" \
4211 -S "session successfully restored from ticket" \
4212 -S "a session has been resumed" \
4213 -C "a session has been resumed"
4221 -s "session successfully restored from cache" \
4222 -S "session successfully restored from ticket" \
4223 -s "a session has been resumed" \
4224 -c "a session has been resumed"
4232 -s "session successfully restored from cache" \
4233 -S "session successfully restored from ticket" \
4234 -s "a session has been resumed" \
4235 -c "a session has been resumed"
4238 # probability with OpenSSL 1.0.2g on the CI, see #5012.
4242 run_test "Session resume using cache, DTLS: openssl client" \
4244 "( $O_NEXT_CLI -dtls -sess_out $SESSION; \
4245 $O_NEXT_CLI -dtls -sess_in $SESSION; \
4246 rm -f $SESSION )" \
4248 -s "found session ticket extension" \
4249 -S "server hello, adding session ticket extension" \
4250 -s "session successfully restored from cache" \
4251 -S "session successfully restored from ticket" \
4252 -s "a session has been resumed"
4256 run_test "Session resume using cache, DTLS: openssl server" \
4257 "$O_SRV -dtls" \
4260 -C "found session_ticket extension" \
4261 -C "parse new session ticket" \
4262 -c "a session has been resumed"
4272 -c "Maximum incoming record payload length is $MAX_CONTENT_LEN" \
4273 -c "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \
4274 -s "Maximum incoming record payload length is $MAX_CONTENT_LEN" \
4275 -s "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \
4276 -C "client hello, adding max_fragment_length extension" \
4277 -S "found max fragment length extension" \
4278 -S "server hello, max_fragment_length extension" \
4279 -C "found max_fragment_length extension"
4287 -c "Maximum incoming record payload length is $MAX_CONTENT_LEN" \
4288 -c "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \
4289 -s "Maximum incoming record payload length is $MAX_CONTENT_LEN" \
4290 -s "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \
4291 -C "client hello, adding max_fragment_length extension" \
4292 -S "found max fragment length extension" \
4293 -S "server hello, max_fragment_length extension" \
4294 -C "found max_fragment_length extension" \
4295 -c "$(( $MAX_CONTENT_LEN + 1)) bytes written in 2 fragments" \
4296 -s "$MAX_CONTENT_LEN bytes read" \
4297 -s "1 bytes read"
4305 -c "Maximum incoming record payload length is $MAX_CONTENT_LEN" \
4306 -c "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \
4307 -s "Maximum incoming record payload length is $MAX_CONTENT_LEN" \
4308 -s "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \
4309 -C "client hello, adding max_fragment_length extension" \
4310 -S "found max fragment length extension" \
4311 -S "server hello, max_fragment_length extension" \
4312 -C "found max_fragment_length extension" \
4313 -c "fragment larger than.*maximum "
4325 -C "Maximum incoming record payload length is 16384" \
4326 -C "Maximum outgoing record payload length is 16384" \
4327 -S "Maximum incoming record payload length is 16384" \
4328 -S "Maximum outgoing record payload length is 16384" \
4329 -c "$(( $MAX_CONTENT_LEN + 1)) bytes written in 2 fragments" \
4330 -s "$MAX_CONTENT_LEN bytes read" \
4331 -s "1 bytes read"
4339 -C "Maximum incoming record payload length is 16384" \
4340 -C "Maximum outgoing record payload length is 16384" \
4341 -S "Maximum incoming record payload length is 16384" \
4342 -S "Maximum outgoing record payload length is 16384" \
4343 -c "fragment larger than.*maximum "
4352 -c "Maximum incoming record payload length is 4096" \
4353 -c "Maximum outgoing record payload length is 4096" \
4354 -s "Maximum incoming record payload length is 4096" \
4355 -s "Maximum outgoing record payload length is 4096" \
4356 -c "client hello, adding max_fragment_length extension" \
4357 -s "found max fragment length extension" \
4358 -s "server hello, max_fragment_length extension" \
4359 -c "found max_fragment_length extension"
4368 -c "Maximum incoming record payload length is 512" \
4369 -c "Maximum outgoing record payload length is 512" \
4370 -s "Maximum incoming record payload length is 512" \
4371 -s "Maximum outgoing record payload length is 512" \
4372 -c "client hello, adding max_fragment_length extension" \
4373 -s "found max fragment length extension" \
4374 -s "server hello, max_fragment_length extension" \
4375 -c "found max_fragment_length extension"
4384 -c "Maximum incoming record payload length is 512" \
4385 -c "Maximum outgoing record payload length is 512" \
4386 -s "Maximum incoming record payload length is 512" \
4387 -s "Maximum outgoing record payload length is 512" \
4388 -c "client hello, adding max_fragment_length extension" \
4389 -s "found max fragment length extension" \
4390 -s "server hello, max_fragment_length extension" \
4391 -c "found max_fragment_length extension"
4400 -c "Maximum incoming record payload length is 512" \
4401 -c "Maximum outgoing record payload length is 512" \
4402 -s "Maximum incoming record payload length is 512" \
4403 -s "Maximum outgoing record payload length is 512" \
4404 -c "client hello, adding max_fragment_length extension" \
4405 -s "found max fragment length extension" \
4406 -s "server hello, max_fragment_length extension" \
4407 -c "found max_fragment_length extension"
4416 -c "Maximum incoming record payload length is 1024" \
4417 -c "Maximum outgoing record payload length is 1024" \
4418 -s "Maximum incoming record payload length is 1024" \
4419 -s "Maximum outgoing record payload length is 512" \
4420 -c "client hello, adding max_fragment_length extension" \
4421 -s "found max fragment length extension" \
4422 -s "server hello, max_fragment_length extension" \
4423 -c "found max_fragment_length extension"
4432 -c "Maximum incoming record payload length is 1024" \
4433 -c "Maximum outgoing record payload length is 1024" \
4434 -s "Maximum incoming record payload length is 1024" \
4435 -s "Maximum outgoing record payload length is 1024" \
4436 -c "client hello, adding max_fragment_length extension" \
4437 -s "found max fragment length extension" \
4438 -s "server hello, max_fragment_length extension" \
4439 -c "found max_fragment_length extension"
4448 -c "Maximum incoming record payload length is 1024" \
4449 -c "Maximum outgoing record payload length is 1024" \
4450 -s "Maximum incoming record payload length is 1024" \
4451 -s "Maximum outgoing record payload length is 1024" \
4452 -c "client hello, adding max_fragment_length extension" \
4453 -s "found max fragment length extension" \
4454 -s "server hello, max_fragment_length extension" \
4455 -c "found max_fragment_length extension"
4464 -c "Maximum incoming record payload length is 2048" \
4465 -c "Maximum outgoing record payload length is 2048" \
4466 -s "Maximum incoming record payload length is 2048" \
4467 -s "Maximum outgoing record payload length is 512" \
4468 -c "client hello, adding max_fragment_length extension" \
4469 -s "found max fragment length extension" \
4470 -s "server hello, max_fragment_length extension" \
4471 -c "found max_fragment_length extension"
4480 -c "Maximum incoming record payload length is 2048" \
4481 -c "Maximum outgoing record payload length is 2048" \
4482 -s "Maximum incoming record payload length is 2048" \
4483 -s "Maximum outgoing record payload length is 1024" \
4484 -c "client hello, adding max_fragment_length extension" \
4485 -s "found max fragment length extension" \
4486 -s "server hello, max_fragment_length extension" \
4487 -c "found max_fragment_length extension"
4496 -c "Maximum incoming record payload length is 2048" \
4497 -c "Maximum outgoing record payload length is 2048" \
4498 -s "Maximum incoming record payload length is 2048" \
4499 -s "Maximum outgoing record payload length is 2048" \
4500 -c "client hello, adding max_fragment_length extension" \
4501 -s "found max fragment length extension" \
4502 -s "server hello, max_fragment_length extension" \
4503 -c "found max_fragment_length extension"
4512 -c "Maximum incoming record payload length is 4096" \
4513 -c "Maximum outgoing record payload length is 4096" \
4514 -s "Maximum incoming record payload length is 4096" \
4515 -s "Maximum outgoing record payload length is 512" \
4516 -c "client hello, adding max_fragment_length extension" \
4517 -s "found max fragment length extension" \
4518 -s "server hello, max_fragment_length extension" \
4519 -c "found max_fragment_length extension"
4528 -c "Maximum incoming record payload length is 4096" \
4529 -c "Maximum outgoing record payload length is 4096" \
4530 -s "Maximum incoming record payload length is 4096" \
4531 -s "Maximum outgoing record payload length is 1024" \
4532 -c "client hello, adding max_fragment_length extension" \
4533 -s "found max fragment length extension" \
4534 -s "server hello, max_fragment_length extension" \
4535 -c "found max_fragment_length extension"
4544 -c "Maximum incoming record payload length is 4096" \
4545 -c "Maximum outgoing record payload length is 4096" \
4546 -s "Maximum incoming record payload length is 4096" \
4547 -s "Maximum outgoing record payload length is 2048" \
4548 -c "client hello, adding max_fragment_length extension" \
4549 -s "found max fragment length extension" \
4550 -s "server hello, max_fragment_length extension" \
4551 -c "found max_fragment_length extension"
4560 -c "Maximum incoming record payload length is $MAX_CONTENT_LEN" \
4561 -c "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \
4562 -s "Maximum incoming record payload length is $MAX_CONTENT_LEN" \
4563 -s "Maximum outgoing record payload length is 4096" \
4564 -C "client hello, adding max_fragment_length extension" \
4565 -S "found max fragment length extension" \
4566 -S "server hello, max_fragment_length extension" \
4567 -C "found max_fragment_length extension"
4574 "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2" \
4577 -c "Maximum incoming record payload length is 4096" \
4578 -c "Maximum outgoing record payload length is 4096" \
4579 -c "client hello, adding max_fragment_length extension" \
4580 -c "found max_fragment_length extension"
4589 -c "Maximum incoming record payload length is 2048" \
4590 -c "Maximum outgoing record payload length is 2048" \
4591 -s "Maximum incoming record payload length is 2048" \
4592 -s "Maximum outgoing record payload length is 2048" \
4593 -c "client hello, adding max_fragment_length extension" \
4594 -s "found max fragment length extension" \
4595 -s "server hello, max_fragment_length extension" \
4596 -c "found max_fragment_length extension" \
4597 -c "2048 bytes written in 1 fragments" \
4598 -s "2048 bytes read"
4607 -c "Maximum incoming record payload length is 2048" \
4608 -c "Maximum outgoing record payload length is 2048" \
4609 -s "Maximum incoming record payload length is 2048" \
4610 -s "Maximum outgoing record payload length is 2048" \
4611 -c "client hello, adding max_fragment_length extension" \
4612 -s "found max fragment length extension" \
4613 -s "server hello, max_fragment_length extension" \
4614 -c "found max_fragment_length extension" \
4615 -c "2345 bytes written in 2 fragments" \
4616 -s "2048 bytes read" \
4617 -s "297 bytes read"
4626 -c "Maximum incoming record payload length is 2048" \
4627 -c "Maximum outgoing record payload length is 2048" \
4628 -s "Maximum incoming record payload length is 2048" \
4629 -s "Maximum outgoing record payload length is 2048" \
4630 -c "client hello, adding max_fragment_length extension" \
4631 -s "found max fragment length extension" \
4632 -s "server hello, max_fragment_length extension" \
4633 -c "found max_fragment_length extension" \
4634 -c "fragment larger than.*maximum"
4644 -C "client hello, adding renegotiation extension" \
4645 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
4646 -S "found renegotiation extension" \
4647 -s "server hello, secure renegotiation extension" \
4648 -c "found renegotiation extension" \
4649 -C "=> renegotiate" \
4650 -S "=> renegotiate" \
4651 -S "write hello request"
4655 run_test "Renegotiation: client-initiated" \
4659 -c "client hello, adding renegotiation extension" \
4660 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
4661 -s "found renegotiation extension" \
4662 -s "server hello, secure renegotiation extension" \
4663 -c "found renegotiation extension" \
4664 -c "=> renegotiate" \
4665 -s "=> renegotiate" \
4666 -S "write hello request"
4670 run_test "Renegotiation: server-initiated" \
4674 -c "client hello, adding renegotiation extension" \
4675 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
4676 -s "found renegotiation extension" \
4677 -s "server hello, secure renegotiation extension" \
4678 -c "found renegotiation extension" \
4679 -c "=> renegotiate" \
4680 -s "=> renegotiate" \
4681 -s "write hello request"
4683 # Checks that no Signature Algorithm with SHA-1 gets negotiated. Negotiating SHA-1 would mean that
4685 # algorithm stronger than SHA-1 is enabled in mbedtls_config.h
4688 run_test "Renegotiation: Signature Algorithms parsing, client-initiated" \
4692 -c "client hello, adding renegotiation extension" \
4693 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
4694 -s "found renegotiation extension" \
4695 -s "server hello, secure renegotiation extension" \
4696 -c "found renegotiation extension" \
4697 -c "=> renegotiate" \
4698 -s "=> renegotiate" \
4699 -S "write hello request" \
4700 -S "client hello v3, signature_algorithm ext: 2" # Is SHA-1 negotiated?
4702 # Checks that no Signature Algorithm with SHA-1 gets negotiated. Negotiating SHA-1 would mean that
4704 # algorithm stronger than SHA-1 is enabled in mbedtls_config.h
4707 run_test "Renegotiation: Signature Algorithms parsing, server-initiated" \
4711 -c "client hello, adding renegotiation extension" \
4712 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
4713 -s "found renegotiation extension" \
4714 -s "server hello, secure renegotiation extension" \
4715 -c "found renegotiation extension" \
4716 -c "=> renegotiate" \
4717 -s "=> renegotiate" \
4718 -s "write hello request" \
4719 -S "client hello v3, signature_algorithm ext: 2" # Is SHA-1 negotiated?
4727 -c "client hello, adding renegotiation extension" \
4728 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
4729 -s "found renegotiation extension" \
4730 -s "server hello, secure renegotiation extension" \
4731 -c "found renegotiation extension" \
4732 -c "=> renegotiate" \
4733 -s "=> renegotiate" \
4734 -s "write hello request"
4742 …gotiation=1 renegotiate=1 max_frag_len=2048 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
4744 -c "Maximum incoming record payload length is 2048" \
4745 -c "Maximum outgoing record payload length is 2048" \
4746 -s "Maximum incoming record payload length is 2048" \
4747 -s "Maximum outgoing record payload length is 512" \
4748 -c "client hello, adding max_fragment_length extension" \
4749 -s "found max fragment length extension" \
4750 -s "server hello, max_fragment_length extension" \
4751 -c "found max_fragment_length extension" \
4752 -c "client hello, adding renegotiation extension" \
4753 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
4754 -s "found renegotiation extension" \
4755 -s "server hello, secure renegotiation extension" \
4756 -c "found renegotiation extension" \
4757 -c "=> renegotiate" \
4758 -s "=> renegotiate" \
4759 -s "write hello request"
4763 run_test "Renegotiation: client-initiated, server-rejected" \
4767 -c "client hello, adding renegotiation extension" \
4768 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
4769 -S "found renegotiation extension" \
4770 -s "server hello, secure renegotiation extension" \
4771 -c "found renegotiation extension" \
4772 -c "=> renegotiate" \
4773 -S "=> renegotiate" \
4774 -S "write hello request" \
4775 -c "SSL - Unexpected message at ServerHello in renegotiation" \
4776 -c "failed"
4780 run_test "Renegotiation: server-initiated, client-rejected, default" \
4784 -C "client hello, adding renegotiation extension" \
4785 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
4786 -S "found renegotiation extension" \
4787 -s "server hello, secure renegotiation extension" \
4788 -c "found renegotiation extension" \
4789 -C "=> renegotiate" \
4790 -S "=> renegotiate" \
4791 -s "write hello request" \
4792 -S "SSL - An unexpected message was received from our peer" \
4793 -S "failed"
4797 run_test "Renegotiation: server-initiated, client-rejected, not enforced" \
4799 renego_delay=-1 auth_mode=optional" \
4802 -C "client hello, adding renegotiation extension" \
4803 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
4804 -S "found renegotiation extension" \
4805 -s "server hello, secure renegotiation extension" \
4806 -c "found renegotiation extension" \
4807 -C "=> renegotiate" \
4808 -S "=> renegotiate" \
4809 -s "write hello request" \
4810 -S "SSL - An unexpected message was received from our peer" \
4811 -S "failed"
4816 run_test "Renegotiation: server-initiated, client-rejected, delay 2" \
4821 -C "client hello, adding renegotiation extension" \
4822 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
4823 -S "found renegotiation extension" \
4824 -s "server hello, secure renegotiation extension" \
4825 -c "found renegotiation extension" \
4826 -C "=> renegotiate" \
4827 -S "=> renegotiate" \
4828 -s "write hello request" \
4829 -S "SSL - An unexpected message was received from our peer" \
4830 -S "failed"
4834 run_test "Renegotiation: server-initiated, client-rejected, delay 0" \
4839 -C "client hello, adding renegotiation extension" \
4840 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
4841 -S "found renegotiation extension" \
4842 -s "server hello, secure renegotiation extension" \
4843 -c "found renegotiation extension" \
4844 -C "=> renegotiate" \
4845 -S "=> renegotiate" \
4846 -s "write hello request" \
4847 -s "SSL - An unexpected message was received from our peer"
4851 run_test "Renegotiation: server-initiated, client-accepted, delay 0" \
4856 -c "client hello, adding renegotiation extension" \
4857 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
4858 -s "found renegotiation extension" \
4859 -s "server hello, secure renegotiation extension" \
4860 -c "found renegotiation extension" \
4861 -c "=> renegotiate" \
4862 -s "=> renegotiate" \
4863 -s "write hello request" \
4864 -S "SSL - An unexpected message was received from our peer" \
4865 -S "failed"
4873 -C "client hello, adding renegotiation extension" \
4874 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
4875 -S "found renegotiation extension" \
4876 -s "server hello, secure renegotiation extension" \
4877 -c "found renegotiation extension" \
4878 -S "record counter limit reached: renegotiate" \
4879 -C "=> renegotiate" \
4880 -S "=> renegotiate" \
4881 -S "write hello request" \
4882 -S "SSL - An unexpected message was received from our peer" \
4883 -S "failed"
4892 -c "client hello, adding renegotiation extension" \
4893 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
4894 -s "found renegotiation extension" \
4895 -s "server hello, secure renegotiation extension" \
4896 -c "found renegotiation extension" \
4897 -s "record counter limit reached: renegotiate" \
4898 -c "=> renegotiate" \
4899 -s "=> renegotiate" \
4900 -s "write hello request" \
4901 -S "SSL - An unexpected message was received from our peer" \
4902 -S "failed"
4910 -c "client hello, adding renegotiation extension" \
4911 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
4912 -s "found renegotiation extension" \
4913 -s "server hello, secure renegotiation extension" \
4914 -c "found renegotiation extension" \
4915 -s "record counter limit reached: renegotiate" \
4916 -c "=> renegotiate" \
4917 -s "=> renegotiate" \
4918 -s "write hello request" \
4919 -S "SSL - An unexpected message was received from our peer" \
4920 -S "failed"
4928 -C "client hello, adding renegotiation extension" \
4929 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
4930 -S "found renegotiation extension" \
4931 -s "server hello, secure renegotiation extension" \
4932 -c "found renegotiation extension" \
4933 -S "record counter limit reached: renegotiate" \
4934 -C "=> renegotiate" \
4935 -S "=> renegotiate" \
4936 -S "write hello request" \
4937 -S "SSL - An unexpected message was received from our peer" \
4938 -S "failed"
4942 run_test "Renegotiation: nbio, client-initiated" \
4946 -c "client hello, adding renegotiation extension" \
4947 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
4948 -s "found renegotiation extension" \
4949 -s "server hello, secure renegotiation extension" \
4950 -c "found renegotiation extension" \
4951 -c "=> renegotiate" \
4952 -s "=> renegotiate" \
4953 -S "write hello request"
4957 run_test "Renegotiation: nbio, server-initiated" \
4961 -c "client hello, adding renegotiation extension" \
4962 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
4963 -s "found renegotiation extension" \
4964 -s "server hello, secure renegotiation extension" \
4965 -c "found renegotiation extension" \
4966 -c "=> renegotiate" \
4967 -s "=> renegotiate" \
4968 -s "write hello request"
4972 run_test "Renegotiation: openssl server, client-initiated" \
4973 "$O_SRV -www -tls1_2" \
4976 -c "client hello, adding renegotiation extension" \
4977 -c "found renegotiation extension" \
4978 -c "=> renegotiate" \
4979 -C "ssl_hanshake() returned" \
4980 -C "error" \
4981 -c "HTTP/1.0 200 [Oo][Kk]"
4986 run_test "Renegotiation: gnutls server strict, client-initiated" \
4987 "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%SAFE_RENEGOTIATION" \
4990 -c "client hello, adding renegotiation extension" \
4991 -c "found renegotiation extension" \
4992 -c "=> renegotiate" \
4993 -C "ssl_hanshake() returned" \
4994 -C "error" \
4995 -c "HTTP/1.0 200 [Oo][Kk]"
5000 run_test "Renegotiation: gnutls server unsafe, client-initiated default" \
5001 "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \
5004 -c "client hello, adding renegotiation extension" \
5005 -C "found renegotiation extension" \
5006 -c "=> renegotiate" \
5007 -c "mbedtls_ssl_handshake() returned" \
5008 -c "error" \
5009 -C "HTTP/1.0 200 [Oo][Kk]"
5014 run_test "Renegotiation: gnutls server unsafe, client-inititated no legacy" \
5015 "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \
5019 -c "client hello, adding renegotiation extension" \
5020 -C "found renegotiation extension" \
5021 -c "=> renegotiate" \
5022 -c "mbedtls_ssl_handshake() returned" \
5023 -c "error" \
5024 -C "HTTP/1.0 200 [Oo][Kk]"
5029 run_test "Renegotiation: gnutls server unsafe, client-inititated legacy" \
5030 "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \
5034 -c "client hello, adding renegotiation extension" \
5035 -C "found renegotiation extension" \
5036 -c "=> renegotiate" \
5037 -C "ssl_hanshake() returned" \
5038 -C "error" \
5039 -c "HTTP/1.0 200 [Oo][Kk]"
5043 run_test "Renegotiation: DTLS, client-initiated" \
5047 -c "client hello, adding renegotiation extension" \
5048 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5049 -s "found renegotiation extension" \
5050 -s "server hello, secure renegotiation extension" \
5051 -c "found renegotiation extension" \
5052 -c "=> renegotiate" \
5053 -s "=> renegotiate" \
5054 -S "write hello request"
5058 run_test "Renegotiation: DTLS, server-initiated" \
5063 -c "client hello, adding renegotiation extension" \
5064 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5065 -s "found renegotiation extension" \
5066 -s "server hello, secure renegotiation extension" \
5067 -c "found renegotiation extension" \
5068 -c "=> renegotiate" \
5069 -s "=> renegotiate" \
5070 -s "write hello request"
5078 -c "client hello, adding renegotiation extension" \
5079 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5080 -s "found renegotiation extension" \
5081 -s "server hello, secure renegotiation extension" \
5082 -s "record counter limit reached: renegotiate" \
5083 -c "=> renegotiate" \
5084 -s "=> renegotiate" \
5085 -s "write hello request"
5090 run_test "Renegotiation: DTLS, gnutls server, client-initiated" \
5091 "$G_SRV -u --mtu 4096" \
5094 -c "client hello, adding renegotiation extension" \
5095 -c "found renegotiation extension" \
5096 -c "=> renegotiate" \
5097 -C "mbedtls_ssl_handshake returned" \
5098 -C "error" \
5099 -s "Extra-header:"
5106 "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%SAFE_RENEGOTIATION" \
5109 -c "found renegotiation extension" \
5110 -C "error" \
5111 -c "HTTP/1.0 200 [Oo][Kk]"
5116 "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \
5119 -C "found renegotiation extension" \
5120 -C "error" \
5121 -c "HTTP/1.0 200 [Oo][Kk]"
5126 "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \
5127 "$P_CLI debug_level=3 allow_legacy=-1" \
5129 -C "found renegotiation extension" \
5130 -c "error" \
5131 -C "HTTP/1.0 200 [Oo][Kk]"
5137 "$G_CLI --priority=NORMAL:%SAFE_RENEGOTIATION localhost" \
5139 -s "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \
5140 -s "server hello, secure renegotiation extension"
5146 "$G_CLI --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION localhost" \
5148 -S "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \
5149 -S "server hello, secure renegotiation extension"
5154 "$P_SRV debug_level=3 allow_legacy=-1" \
5155 "$G_CLI --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION localhost" \
5157 -S "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \
5158 -S "server hello, secure renegotiation extension"
5165 "$P_SRV crt_file=data_files/server5-der0.crt \
5169 -c "Handshake was completed" \
5174 "$P_SRV crt_file=data_files/server5-der1a.crt \
5178 -c "Handshake was completed" \
5183 "$P_SRV crt_file=data_files/server5-der1b.crt \
5187 -c "Handshake was completed" \
5192 "$P_SRV crt_file=data_files/server5-der2.crt \
5196 -c "Handshake was completed" \
5201 "$P_SRV crt_file=data_files/server5-der4.crt \
5205 -c "Handshake was completed" \
5210 "$P_SRV crt_file=data_files/server5-der8.crt \
5214 -c "Handshake was completed" \
5219 "$P_SRV crt_file=data_files/server5-der9.crt \
5223 -c "Handshake was completed" \
5230 "$P_SRV crt_file=data_files/server5-badsign.crt \
5234 -c "x509_verify_cert() returned" \
5235 -c "! The certificate is not correctly signed by the trusted CA" \
5236 -c "! mbedtls_ssl_handshake returned" \
5237 -c "X509 - Certificate verification failed"
5242 "$P_SRV crt_file=data_files/server5-badsign.crt \
5246 -c "x509_verify_cert() returned" \
5247 -c "! The certificate is not correctly signed by the trusted CA" \
5248 -C "! mbedtls_ssl_handshake returned" \
5249 -C "X509 - Certificate verification failed"
5257 -c "x509_verify_cert() returned" \
5258 -c "! The certificate is not correctly signed by the trusted CA" \
5259 -c "! Certificate verification flags"\
5260 -C "! mbedtls_ssl_handshake returned" \
5261 -C "X509 - Certificate verification failed" \
5262 -C "SSL - No CA Chain is set, but required to operate"
5269 -c "x509_verify_cert() returned" \
5270 -c "! The certificate is not correctly signed by the trusted CA" \
5271 -c "! Certificate verification flags"\
5272 -c "! mbedtls_ssl_handshake returned" \
5273 -c "SSL - No CA Chain is set, but required to operate"
5277 # the client informs the server about the supported curves - it does, though, in the
5287 crt_file=data_files/server5.ku-ka.crt" \
5290 -c "bad certificate (EC key curve)"\
5291 -c "! Certificate verification flags"\
5292 -C "bad server certificate (ECDH curve)" # Expect failure at earlier verification stage
5299 crt_file=data_files/server5.ku-ka.crt" \
5302 -c "bad certificate (EC key curve)"\
5303 -c "! Certificate verification flags"\
5304 -c "bad server certificate (ECDH curve)" # Expect failure only at ECDH params check
5309 "$P_SRV crt_file=data_files/server5-badsign.crt \
5313 -C "x509_verify_cert() returned" \
5314 -C "! The certificate is not correctly signed by the trusted CA" \
5315 -C "! mbedtls_ssl_handshake returned" \
5316 -C "X509 - Certificate verification failed"
5324 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \
5326 -c "Supported Signature Algorithm found: 04 " \
5327 -c "Supported Signature Algorithm found: 05 "
5335 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
5337 -c "Supported Signature Algorithm found: 04 " \
5338 -c "Supported Signature Algorithm found: 05 "
5346 -S "skip write certificate request" \
5347 -C "skip parse certificate request" \
5348 -c "got a certificate request" \
5349 -c "= write certificate$" \
5350 -C "skip write certificate$" \
5351 -S "x509_verify_cert() returned" \
5352 -s "peer has no certificate" \
5353 -s "! mbedtls_ssl_handshake returned" \
5354 … -s "No client certification received from the client, but required by the authentication mode"
5359 "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
5362 -S "skip write certificate request" \
5363 -C "skip parse certificate request" \
5364 -c "got a certificate request" \
5365 -C "skip write certificate" \
5366 -C "skip write certificate verify" \
5367 -S "skip parse certificate verify" \
5368 -s "x509_verify_cert() returned" \
5369 -s "! The certificate is not correctly signed by the trusted CA" \
5370 -s "! mbedtls_ssl_handshake returned" \
5371 -s "send alert level=2 message=48" \
5372 -s "X509 - Certificate verification failed"
5378 run_test "Authentication: client cert self-signed and trusted, server required" \
5379 "$P_SRV debug_level=3 auth_mode=required ca_file=data_files/server5-selfsigned.crt" \
5380 "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \
5383 -S "skip write certificate request" \
5384 -C "skip parse certificate request" \
5385 -c "got a certificate request" \
5386 -C "skip write certificate" \
5387 -C "skip write certificate verify" \
5388 -S "skip parse certificate verify" \
5389 -S "x509_verify_cert() returned" \
5390 -S "! The certificate is not correctly signed" \
5391 -S "X509 - Certificate verification failed"
5396 "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \
5399 -S "skip write certificate request" \
5400 -C "skip parse certificate request" \
5401 -c "got a certificate request" \
5402 -C "skip write certificate" \
5403 -C "skip write certificate verify" \
5404 -S "skip parse certificate verify" \
5405 -s "x509_verify_cert() returned" \
5406 -s "! The certificate is not correctly signed by the trusted CA" \
5407 -s "! mbedtls_ssl_handshake returned" \
5408 -s "X509 - Certificate verification failed"
5413 "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
5416 -S "skip write certificate request" \
5417 -C "skip parse certificate request" \
5418 -c "got a certificate request" \
5419 -C "skip write certificate" \
5420 -C "skip write certificate verify" \
5421 -S "skip parse certificate verify" \
5422 -s "x509_verify_cert() returned" \
5423 -s "! The certificate is not correctly signed by the trusted CA" \
5424 -S "! mbedtls_ssl_handshake returned" \
5425 -C "! mbedtls_ssl_handshake returned" \
5426 -S "X509 - Certificate verification failed"
5431 "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
5434 -s "skip write certificate request" \
5435 -C "skip parse certificate request" \
5436 -c "got no certificate request" \
5437 -c "skip write certificate" \
5438 -c "skip write certificate verify" \
5439 -s "skip parse certificate verify" \
5440 -S "x509_verify_cert() returned" \
5441 -S "! The certificate is not correctly signed by the trusted CA" \
5442 -S "! mbedtls_ssl_handshake returned" \
5443 -C "! mbedtls_ssl_handshake returned" \
5444 -S "X509 - Certificate verification failed"
5451 -S "skip write certificate request" \
5452 -C "skip parse certificate request" \
5453 -c "got a certificate request" \
5454 -C "skip write certificate$" \
5455 -C "got no certificate to send" \
5456 -c "skip write certificate verify" \
5457 -s "skip parse certificate verify" \
5458 -s "! Certificate was missing" \
5459 -S "! mbedtls_ssl_handshake returned" \
5460 -C "! mbedtls_ssl_handshake returned" \
5461 -S "X509 - Certificate verification failed"
5465 run_test "Authentication: openssl client no cert, server optional" \
5469 -S "skip write certificate request" \
5470 -s "skip parse certificate verify" \
5471 -s "! Certificate was missing" \
5472 -S "! mbedtls_ssl_handshake returned" \
5473 -S "X509 - Certificate verification failed"
5477 run_test "Authentication: client no cert, openssl server optional" \
5478 "$O_SRV -verify 10 -tls1_2" \
5481 -C "skip parse certificate request" \
5482 -c "got a certificate request" \
5483 -C "skip write certificate$" \
5484 -c "skip write certificate verify" \
5485 -C "! mbedtls_ssl_handshake returned"
5489 run_test "Authentication: client no cert, openssl server required" \
5490 "$O_SRV -Verify 10 -tls1_2" \
5493 -C "skip parse certificate request" \
5494 -c "got a certificate request" \
5495 -C "skip write certificate$" \
5496 -c "skip write certificate verify" \
5497 -c "! mbedtls_ssl_handshake returned"
5513 "$P_SRV crt_file=data_files/dir-maxpath/c09.pem \
5514 key_file=data_files/dir-maxpath/09.key" \
5515 "$P_CLI server_name=CA09 ca_file=data_files/dir-maxpath/00.crt" \
5517 -C "X509 - A fatal error occurred"
5523 "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
5524 key_file=data_files/dir-maxpath/10.key" \
5525 "$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt" \
5527 -c "X509 - A fatal error occurred"
5534 "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
5535 key_file=data_files/dir-maxpath/10.key" \
5536 "$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \
5539 -c "X509 - A fatal error occurred"
5546 "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
5547 key_file=data_files/dir-maxpath/10.key" \
5548 "$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \
5551 -C "X509 - A fatal error occurred"
5557 "$P_SRV ca_file=data_files/dir-maxpath/00.crt" \
5558 "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
5559 key_file=data_files/dir-maxpath/10.key" \
5561 -S "X509 - A fatal error occurred"
5567 "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=optional" \
5568 "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
5569 key_file=data_files/dir-maxpath/10.key" \
5571 -s "X509 - A fatal error occurred"
5577 "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
5578 "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
5579 key_file=data_files/dir-maxpath/10.key" \
5581 -s "X509 - A fatal error occurred"
5587 "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
5588 "$P_CLI crt_file=data_files/dir-maxpath/c09.pem \
5589 key_file=data_files/dir-maxpath/09.key" \
5591 -S "X509 - A fatal error occurred"
5602 -s "requested DN"
5611 -S "requested DN"
5617 "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \
5620 -S "requested DN" \
5621 -s "x509_verify_cert() returned" \
5622 -s "! The certificate is not correctly signed by the trusted CA" \
5623 -s "! mbedtls_ssl_handshake returned" \
5624 -c "! mbedtls_ssl_handshake returned" \
5625 -s "X509 - Certificate verification failed"
5637 -c "DN hint: C=NL, O=PolarSSL, CN=PolarSSL Server 1"
5649 -c "DN hint: C=NL, O=PolarSSL, CN=localhost"
5661 -c "DN hint: C=NL, O=PolarSSL, CN=PolarSSL Server 1"
5670 "$P_SRV crt_file=data_files/server5-badsign.crt \
5674 -c "use CA callback for X.509 CRT verification" \
5675 -c "x509_verify_cert() returned" \
5676 -c "! The certificate is not correctly signed by the trusted CA" \
5677 -c "! mbedtls_ssl_handshake returned" \
5678 -c "X509 - Certificate verification failed"
5684 "$P_SRV crt_file=data_files/server5-badsign.crt \
5688 -c "use CA callback for X.509 CRT verification" \
5689 -c "x509_verify_cert() returned" \
5690 -c "! The certificate is not correctly signed by the trusted CA" \
5691 -C "! mbedtls_ssl_handshake returned" \
5692 -C "X509 - Certificate verification failed"
5696 # the client informs the server about the supported curves - it does, though, in the
5707 crt_file=data_files/server5.ku-ka.crt" \
5710 -c "use CA callback for X.509 CRT verification" \
5711 -c "bad certificate (EC key curve)" \
5712 -c "! Certificate verification flags" \
5713 -C "bad server certificate (ECDH curve)" # Expect failure at earlier verification stage
5721 crt_file=data_files/server5.ku-ka.crt" \
5724 -c "use CA callback for X.509 CRT verification" \
5725 -c "bad certificate (EC key curve)"\
5726 -c "! Certificate verification flags"\
5727 -c "bad server certificate (ECDH curve)" # Expect failure only at ECDH params check
5736 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \
5738 -s "use CA callback for X.509 CRT verification" \
5739 -c "Supported Signature Algorithm found: 04 " \
5740 -c "Supported Signature Algorithm found: 05 "
5749 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
5751 -s "use CA callback for X.509 CRT verification" \
5752 -c "Supported Signature Algorithm found: 04 " \
5753 -c "Supported Signature Algorithm found: 05 "
5760 "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
5763 -s "use CA callback for X.509 CRT verification" \
5764 -S "skip write certificate request" \
5765 -C "skip parse certificate request" \
5766 -c "got a certificate request" \
5767 -C "skip write certificate" \
5768 -C "skip write certificate verify" \
5769 -S "skip parse certificate verify" \
5770 -s "x509_verify_cert() returned" \
5771 -s "! The certificate is not correctly signed by the trusted CA" \
5772 -s "! mbedtls_ssl_handshake returned" \
5773 -s "send alert level=2 message=48" \
5774 -c "! mbedtls_ssl_handshake returned" \
5775 -s "X509 - Certificate verification failed"
5785 "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \
5788 -s "use CA callback for X.509 CRT verification" \
5789 -S "skip write certificate request" \
5790 -C "skip parse certificate request" \
5791 -c "got a certificate request" \
5792 -C "skip write certificate" \
5793 -C "skip write certificate verify" \
5794 -S "skip parse certificate verify" \
5795 -s "x509_verify_cert() returned" \
5796 -s "! The certificate is not correctly signed by the trusted CA" \
5797 -s "! mbedtls_ssl_handshake returned" \
5798 -c "! mbedtls_ssl_handshake returned" \
5799 -s "X509 - Certificate verification failed"
5806 "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
5809 -s "use CA callback for X.509 CRT verification" \
5810 -S "skip write certificate request" \
5811 -C "skip parse certificate request" \
5812 -c "got a certificate request" \
5813 -C "skip write certificate" \
5814 -C "skip write certificate verify" \
5815 -S "skip parse certificate verify" \
5816 -s "x509_verify_cert() returned" \
5817 -s "! The certificate is not correctly signed by the trusted CA" \
5818 -S "! mbedtls_ssl_handshake returned" \
5819 -C "! mbedtls_ssl_handshake returned" \
5820 -S "X509 - Certificate verification failed"
5828 "$P_SRV crt_file=data_files/dir-maxpath/c09.pem \
5829 key_file=data_files/dir-maxpath/09.key" \
5830 … "$P_CLI ca_callback=1 debug_level=3 server_name=CA09 ca_file=data_files/dir-maxpath/00.crt" \
5832 -c "use CA callback for X.509 CRT verification" \
5833 -C "X509 - A fatal error occurred"
5841 "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
5842 key_file=data_files/dir-maxpath/10.key" \
5843 … "$P_CLI debug_level=3 ca_callback=1 server_name=CA10 ca_file=data_files/dir-maxpath/00.crt" \
5845 -c "use CA callback for X.509 CRT verification" \
5846 -c "X509 - A fatal error occurred"
5854 "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
5855 key_file=data_files/dir-maxpath/10.key" \
5856 "$P_CLI ca_callback=1 server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \
5859 -c "use CA callback for X.509 CRT verification" \
5860 -c "X509 - A fatal error occurred"
5868 … "$P_SRV ca_callback=1 debug_level=3 ca_file=data_files/dir-maxpath/00.crt auth_mode=optional" \
5869 "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
5870 key_file=data_files/dir-maxpath/10.key" \
5872 -s "use CA callback for X.509 CRT verification" \
5873 -s "X509 - A fatal error occurred"
5881 … "$P_SRV ca_callback=1 debug_level=3 ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
5882 "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
5883 key_file=data_files/dir-maxpath/10.key" \
5885 -s "use CA callback for X.509 CRT verification" \
5886 -s "X509 - A fatal error occurred"
5894 … "$P_SRV ca_callback=1 debug_level=3 ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
5895 "$P_CLI crt_file=data_files/dir-maxpath/c09.pem \
5896 key_file=data_files/dir-maxpath/09.key" \
5898 -s "use CA callback for X.509 CRT verification" \
5899 -S "X509 - A fatal error occurred"
5904 run_test "Certificate hash: client TLS 1.2 -> SHA-2" \
5907 crt_file2=data_files/server5-sha1.crt \
5911 -c "signed using.*ECDSA with SHA256" \
5912 -C "signed using.*ECDSA with SHA1"
5923 -c "issuer name *: C=NL, O=PolarSSL, CN=Polarssl Test EC CA" \
5924 -c "subject name *: C=NL, O=PolarSSL, CN=localhost"
5931 …server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_file…
5934 -s "parse ServerName extension" \
5935 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
5936 -c "subject name *: C=NL, O=PolarSSL, CN=localhost"
5943 …server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_file…
5946 -s "parse ServerName extension" \
5947 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
5948 -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example"
5955 …server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_file…
5958 -s "parse ServerName extension" \
5959 -s "ssl_sni_wrapper() returned" \
5960 -s "mbedtls_ssl_handshake returned" \
5961 -c "mbedtls_ssl_handshake returned" \
5962 -c "SSL - A fatal alert message was received from our peer"
5968 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-" \
5971 -S "skip write certificate request" \
5972 -C "skip parse certificate request" \
5973 -c "got a certificate request" \
5974 -C "skip write certificate" \
5975 -C "skip write certificate verify" \
5976 -S "skip parse certificate verify"
5979 run_test "SNI: client auth override: none -> optional" \
5982 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,optional" \
5985 -S "skip write certificate request" \
5986 -C "skip parse certificate request" \
5987 -c "got a certificate request" \
5988 -C "skip write certificate" \
5989 -C "skip write certificate verify" \
5990 -S "skip parse certificate verify"
5993 run_test "SNI: client auth override: optional -> none" \
5996 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,none" \
5999 -s "skip write certificate request" \
6000 -C "skip parse certificate request" \
6001 -c "got no certificate request" \
6002 -c "skip write certificate"
6008 ca_file=data_files/test-ca.crt \
6009 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,required" \
6013 -S "skip write certificate request" \
6014 -C "skip parse certificate request" \
6015 -c "got a certificate request" \
6016 -C "skip write certificate" \
6017 -C "skip write certificate verify" \
6018 -S "skip parse certificate verify" \
6019 -s "x509_verify_cert() returned" \
6020 -s "! The certificate is not correctly signed by the trusted CA" \
6021 -S "The certificate has been revoked (is on a CRL)"
6027 ca_file=data_files/test-ca.crt \
6028 … sni=localhost,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,-,required" \
6032 -S "skip write certificate request" \
6033 -C "skip parse certificate request" \
6034 -c "got a certificate request" \
6035 -C "skip write certificate" \
6036 -C "skip write certificate verify" \
6037 -S "skip parse certificate verify" \
6038 -S "x509_verify_cert() returned" \
6039 -S "! The certificate is not correctly signed by the trusted CA" \
6040 -S "The certificate has been revoked (is on a CRL)"
6046 ca_file=data_files/test-ca.crt \
6047 …t,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,data_files/crl-ec-sha256.p…
6051 -S "skip write certificate request" \
6052 -C "skip parse certificate request" \
6053 -c "got a certificate request" \
6054 -C "skip write certificate" \
6055 -C "skip write certificate verify" \
6056 -S "skip parse certificate verify" \
6057 -s "x509_verify_cert() returned" \
6058 -S "! The certificate is not correctly signed by the trusted CA" \
6059 -s "The certificate has been revoked (is on a CRL)"
6070 -c "issuer name *: C=NL, O=PolarSSL, CN=Polarssl Test EC CA" \
6071 -c "subject name *: C=NL, O=PolarSSL, CN=localhost"
6078 …server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_file…
6081 -s "parse ServerName extension" \
6082 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
6083 -c "subject name *: C=NL, O=PolarSSL, CN=localhost"
6090 …server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_file…
6093 -s "parse ServerName extension" \
6094 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
6095 -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example"
6101 …server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_file…
6104 -s "parse ServerName extension" \
6105 -s "ssl_sni_wrapper() returned" \
6106 -s "mbedtls_ssl_handshake returned" \
6107 -c "mbedtls_ssl_handshake returned" \
6108 -c "SSL - A fatal alert message was received from our peer"
6114 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-" \
6117 -S "skip write certificate request" \
6118 -C "skip parse certificate request" \
6119 -c "got a certificate request" \
6120 -C "skip write certificate" \
6121 -C "skip write certificate verify" \
6122 -S "skip parse certificate verify"
6125 run_test "SNI: DTLS, client auth override: none -> optional" \
6128 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,optional" \
6131 -S "skip write certificate request" \
6132 -C "skip parse certificate request" \
6133 -c "got a certificate request" \
6134 -C "skip write certificate" \
6135 -C "skip write certificate verify" \
6136 -S "skip parse certificate verify"
6139 run_test "SNI: DTLS, client auth override: optional -> none" \
6142 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,none" \
6145 -s "skip write certificate request" \
6146 -C "skip parse certificate request" \
6147 -c "got no certificate request" \
6148 -c "skip write certificate" \
6149 -c "skip write certificate verify" \
6150 -s "skip parse certificate verify"
6156 ca_file=data_files/test-ca.crt \
6157 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,required" \
6161 -S "skip write certificate request" \
6162 -C "skip parse certificate request" \
6163 -c "got a certificate request" \
6164 -C "skip write certificate" \
6165 -C "skip write certificate verify" \
6166 -S "skip parse certificate verify" \
6167 -s "x509_verify_cert() returned" \
6168 -s "! The certificate is not correctly signed by the trusted CA" \
6169 -S "The certificate has been revoked (is on a CRL)"
6175 ca_file=data_files/test-ca.crt \
6176 … sni=localhost,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,-,required" \
6180 -S "skip write certificate request" \
6181 -C "skip parse certificate request" \
6182 -c "got a certificate request" \
6183 -C "skip write certificate" \
6184 -C "skip write certificate verify" \
6185 -S "skip parse certificate verify" \
6186 -S "x509_verify_cert() returned" \
6187 -S "! The certificate is not correctly signed by the trusted CA" \
6188 -S "The certificate has been revoked (is on a CRL)"
6194 ca_file=data_files/test-ca.crt \
6195 …t,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,data_files/crl-ec-sha256.p…
6199 -S "skip write certificate request" \
6200 -C "skip parse certificate request" \
6201 -c "got a certificate request" \
6202 -C "skip write certificate" \
6203 -C "skip write certificate verify" \
6204 -S "skip parse certificate verify" \
6205 -s "x509_verify_cert() returned" \
6206 -S "! The certificate is not correctly signed by the trusted CA" \
6207 -s "The certificate has been revoked (is on a CRL)"
6209 # Tests for non-blocking I/O: exercise a variety of handshake flows
6212 run_test "Non-blocking I/O: basic handshake" \
6216 -S "mbedtls_ssl_handshake returned" \
6217 -C "mbedtls_ssl_handshake returned" \
6218 -c "Read from server: .* bytes read"
6221 run_test "Non-blocking I/O: client auth" \
6225 -S "mbedtls_ssl_handshake returned" \
6226 -C "mbedtls_ssl_handshake returned" \
6227 -c "Read from server: .* bytes read"
6231 run_test "Non-blocking I/O: ticket" \
6235 -S "mbedtls_ssl_handshake returned" \
6236 -C "mbedtls_ssl_handshake returned" \
6237 -c "Read from server: .* bytes read"
6241 run_test "Non-blocking I/O: ticket + client auth" \
6245 -S "mbedtls_ssl_handshake returned" \
6246 -C "mbedtls_ssl_handshake returned" \
6247 -c "Read from server: .* bytes read"
6251 run_test "Non-blocking I/O: ticket + client auth + resume" \
6255 -S "mbedtls_ssl_handshake returned" \
6256 -C "mbedtls_ssl_handshake returned" \
6257 -c "Read from server: .* bytes read"
6261 run_test "Non-blocking I/O: ticket + resume" \
6265 -S "mbedtls_ssl_handshake returned" \
6266 -C "mbedtls_ssl_handshake returned" \
6267 -c "Read from server: .* bytes read"
6271 run_test "Non-blocking I/O: session-id resume" \
6275 -S "mbedtls_ssl_handshake returned" \
6276 -C "mbedtls_ssl_handshake returned" \
6277 -c "Read from server: .* bytes read"
6279 # Tests for event-driven I/O: exercise a variety of handshake flows
6282 run_test "Event-driven I/O: basic handshake" \
6286 -S "mbedtls_ssl_handshake returned" \
6287 -C "mbedtls_ssl_handshake returned" \
6288 -c "Read from server: .* bytes read"
6291 run_test "Event-driven I/O: client auth" \
6295 -S "mbedtls_ssl_handshake returned" \
6296 -C "mbedtls_ssl_handshake returned" \
6297 -c "Read from server: .* bytes read"
6301 run_test "Event-driven I/O: ticket" \
6305 -S "mbedtls_ssl_handshake returned" \
6306 -C "mbedtls_ssl_handshake returned" \
6307 -c "Read from server: .* bytes read"
6311 run_test "Event-driven I/O: ticket + client auth" \
6315 -S "mbedtls_ssl_handshake returned" \
6316 -C "mbedtls_ssl_handshake returned" \
6317 -c "Read from server: .* bytes read"
6321 run_test "Event-driven I/O: ticket + client auth + resume" \
6325 -S "mbedtls_ssl_handshake returned" \
6326 -C "mbedtls_ssl_handshake returned" \
6327 -c "Read from server: .* bytes read"
6331 run_test "Event-driven I/O: ticket + resume" \
6335 -S "mbedtls_ssl_handshake returned" \
6336 -C "mbedtls_ssl_handshake returned" \
6337 -c "Read from server: .* bytes read"
6341 run_test "Event-driven I/O: session-id resume" \
6345 -S "mbedtls_ssl_handshake returned" \
6346 -C "mbedtls_ssl_handshake returned" \
6347 -c "Read from server: .* bytes read"
6350 run_test "Event-driven I/O, DTLS: basic handshake" \
6354 -c "Read from server: .* bytes read"
6357 run_test "Event-driven I/O, DTLS: client auth" \
6361 -c "Read from server: .* bytes read"
6364 run_test "Event-driven I/O, DTLS: ticket" \
6368 -c "Read from server: .* bytes read"
6371 run_test "Event-driven I/O, DTLS: ticket + client auth" \
6375 -c "Read from server: .* bytes read"
6378 run_test "Event-driven I/O, DTLS: ticket + client auth + resume" \
6382 -c "Read from server: .* bytes read"
6385 run_test "Event-driven I/O, DTLS: ticket + resume" \
6389 -c "Read from server: .* bytes read"
6392 run_test "Event-driven I/O, DTLS: session-id resume" \
6396 -c "Read from server: .* bytes read"
6404 run_test "Event-driven I/O, DTLS: session-id resume, UDP packing" \
6405 -p "$P_PXY pack=50" \
6409 -c "Read from server: .* bytes read"
6414 run_test "Version check: all -> 1.2" \
6418 -S "mbedtls_ssl_handshake returned" \
6419 -C "mbedtls_ssl_handshake returned" \
6420 -s "Protocol is TLSv1.2" \
6421 -c "Protocol is TLSv1.2"
6426 "$G_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.0" \
6428 -s "Handshake protocol not within min/max boundaries" \
6429 -c "Error in protocol version" \
6430 -S "Protocol is TLSv1.0" \
6431 -C "Handshake was completed"
6436 "$G_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.1" \
6438 -s "Handshake protocol not within min/max boundaries" \
6439 -c "Error in protocol version" \
6440 -S "Protocol is TLSv1.1" \
6441 -C "Handshake was completed"
6445 "$G_SRV --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0" \
6448 -s "Error in protocol version" \
6449 -c "Handshake protocol not within min/max boundaries" \
6450 -S "Version: TLS1.0" \
6451 -C "Protocol is TLSv1.0"
6455 "$G_SRV --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1" \
6458 -s "Error in protocol version" \
6459 -c "Handshake protocol not within min/max boundaries" \
6460 -S "Version: TLS1.1" \
6461 -C "Protocol is TLSv1.1"
6470 -C "client hello, adding alpn extension" \
6471 -S "found alpn extension" \
6472 -C "got an alert message, type: \\[2:120]" \
6473 -S "server side, adding alpn extension" \
6474 -C "found alpn extension " \
6475 -C "Application Layer Protocol is" \
6476 -S "Application Layer Protocol is"
6483 -c "client hello, adding alpn extension" \
6484 -s "found alpn extension" \
6485 -C "got an alert message, type: \\[2:120]" \
6486 -S "server side, adding alpn extension" \
6487 -C "found alpn extension " \
6488 -c "Application Layer Protocol is (none)" \
6489 -S "Application Layer Protocol is"
6496 -C "client hello, adding alpn extension" \
6497 -S "found alpn extension" \
6498 -C "got an alert message, type: \\[2:120]" \
6499 -S "server side, adding alpn extension" \
6500 -C "found alpn extension " \
6501 -C "Application Layer Protocol is" \
6502 -s "Application Layer Protocol is (none)"
6505 run_test "ALPN: both, common cli1-srv1" \
6509 -c "client hello, adding alpn extension" \
6510 -s "found alpn extension" \
6511 -C "got an alert message, type: \\[2:120]" \
6512 -s "server side, adding alpn extension" \
6513 -c "found alpn extension" \
6514 -c "Application Layer Protocol is abc" \
6515 -s "Application Layer Protocol is abc"
6518 run_test "ALPN: both, common cli2-srv1" \
6522 -c "client hello, adding alpn extension" \
6523 -s "found alpn extension" \
6524 -C "got an alert message, type: \\[2:120]" \
6525 -s "server side, adding alpn extension" \
6526 -c "found alpn extension" \
6527 -c "Application Layer Protocol is abc" \
6528 -s "Application Layer Protocol is abc"
6531 run_test "ALPN: both, common cli1-srv2" \
6535 -c "client hello, adding alpn extension" \
6536 -s "found alpn extension" \
6537 -C "got an alert message, type: \\[2:120]" \
6538 -s "server side, adding alpn extension" \
6539 -c "found alpn extension" \
6540 -c "Application Layer Protocol is 1234" \
6541 -s "Application Layer Protocol is 1234"
6548 -c "client hello, adding alpn extension" \
6549 -s "found alpn extension" \
6550 -c "got an alert message, type: \\[2:120]" \
6551 -S "server side, adding alpn extension" \
6552 -C "found alpn extension" \
6553 -C "Application Layer Protocol is 1234" \
6554 -S "Application Layer Protocol is 1234"
6558 # server-side certificate/suite selection
6561 run_test "keyUsage srv: RSA, digitalSignature -> (EC)DHE-RSA" \
6563 crt_file=data_files/server2.ku-ds.crt" \
6566 -c "Ciphersuite is TLS-[EC]*DHE-RSA-WITH-"
6569 run_test "keyUsage srv: RSA, keyEncipherment -> RSA" \
6571 crt_file=data_files/server2.ku-ke.crt" \
6574 -c "Ciphersuite is TLS-RSA-WITH-"
6577 run_test "keyUsage srv: RSA, keyAgreement -> fail" \
6579 crt_file=data_files/server2.ku-ka.crt" \
6582 -C "Ciphersuite is "
6585 run_test "keyUsage srv: ECDSA, digitalSignature -> ECDHE-ECDSA" \
6587 crt_file=data_files/server5.ku-ds.crt" \
6590 -c "Ciphersuite is TLS-ECDHE-ECDSA-WITH-"
6594 run_test "keyUsage srv: ECDSA, keyAgreement -> ECDH-" \
6596 crt_file=data_files/server5.ku-ka.crt" \
6599 -c "Ciphersuite is TLS-ECDH-"
6602 run_test "keyUsage srv: ECDSA, keyEncipherment -> fail" \
6604 crt_file=data_files/server5.ku-ke.crt" \
6607 -C "Ciphersuite is "
6610 # client-side checking of server cert
6614 "$O_SRV -tls1_2 -key data_files/server2.key \
6615 -cert data_files/server2.ku-ds_ke.crt" \
6617 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
6619 -C "bad certificate (usage extensions)" \
6620 -C "Processing of the Certificate handshake message failed" \
6621 -c "Ciphersuite is TLS-"
6624 run_test "keyUsage cli: DigitalSignature+KeyEncipherment, DHE-RSA: OK" \
6625 "$O_SRV -tls1_2 -key data_files/server2.key \
6626 -cert data_files/server2.ku-ds_ke.crt" \
6628 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
6630 -C "bad certificate (usage extensions)" \
6631 -C "Processing of the Certificate handshake message failed" \
6632 -c "Ciphersuite is TLS-"
6636 "$O_SRV -tls1_2 -key data_files/server2.key \
6637 -cert data_files/server2.ku-ke.crt" \
6639 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
6641 -C "bad certificate (usage extensions)" \
6642 -C "Processing of the Certificate handshake message failed" \
6643 -c "Ciphersuite is TLS-"
6646 run_test "keyUsage cli: KeyEncipherment, DHE-RSA: fail" \
6647 "$O_SRV -tls1_2 -key data_files/server2.key \
6648 -cert data_files/server2.ku-ke.crt" \
6650 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
6652 -c "bad certificate (usage extensions)" \
6653 -c "Processing of the Certificate handshake message failed" \
6654 -C "Ciphersuite is TLS-"
6657 run_test "keyUsage cli: KeyEncipherment, DHE-RSA: fail, soft" \
6658 "$O_SRV -tls1_2 -key data_files/server2.key \
6659 -cert data_files/server2.ku-ke.crt" \
6661 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
6663 -c "bad certificate (usage extensions)" \
6664 -C "Processing of the Certificate handshake message failed" \
6665 -c "Ciphersuite is TLS-" \
6666 -c "! Usage does not match the keyUsage extension"
6669 run_test "keyUsage cli: DigitalSignature, DHE-RSA: OK" \
6670 "$O_SRV -tls1_2 -key data_files/server2.key \
6671 -cert data_files/server2.ku-ds.crt" \
6673 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
6675 -C "bad certificate (usage extensions)" \
6676 -C "Processing of the Certificate handshake message failed" \
6677 -c "Ciphersuite is TLS-"
6681 "$O_SRV -tls1_2 -key data_files/server2.key \
6682 -cert data_files/server2.ku-ds.crt" \
6684 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
6686 -c "bad certificate (usage extensions)" \
6687 -c "Processing of the Certificate handshake message failed" \
6688 -C "Ciphersuite is TLS-"
6692 "$O_SRV -tls1_2 -key data_files/server2.key \
6693 -cert data_files/server2.ku-ds.crt" \
6695 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
6697 -c "bad certificate (usage extensions)" \
6698 -C "Processing of the Certificate handshake message failed" \
6699 -c "Ciphersuite is TLS-" \
6700 -c "! Usage does not match the keyUsage extension"
6706 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server2.key \
6707 -cert data_files/server2.ku-ds_ke.crt" \
6710 -C "bad certificate (usage extensions)" \
6711 -C "Processing of the Certificate handshake message failed" \
6712 -c "Ciphersuite is"
6718 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server2.key \
6719 -cert data_files/server2.ku-ke.crt" \
6722 -c "bad certificate (usage extensions)" \
6723 -c "Processing of the Certificate handshake message failed" \
6724 -C "Ciphersuite is"
6730 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server2.key \
6731 -cert data_files/server2.ku-ka.crt" \
6734 -c "bad certificate (usage extensions)" \
6735 -c "Processing of the Certificate handshake message failed" \
6736 -C "Ciphersuite is"
6742 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \
6743 -cert data_files/server5.ku-ds.crt" \
6746 -C "bad certificate (usage extensions)" \
6747 -C "Processing of the Certificate handshake message failed" \
6748 -c "Ciphersuite is"
6754 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \
6755 -cert data_files/server5.ku-ke.crt" \
6758 -c "bad certificate (usage extensions)" \
6759 -c "Processing of the Certificate handshake message failed" \
6760 -C "Ciphersuite is"
6766 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \
6767 -cert data_files/server5.ku-ka.crt" \
6770 -c "bad certificate (usage extensions)" \
6771 -c "Processing of the Certificate handshake message failed" \
6772 -C "Ciphersuite is"
6775 # server-side checking of client cert
6778 run_test "keyUsage cli-auth: RSA, DigitalSignature: OK" \
6780 "$O_CLI -key data_files/server2.key \
6781 -cert data_files/server2.ku-ds.crt" \
6783 -s "Verifying peer X.509 certificate... ok" \
6784 -S "bad certificate (usage extensions)" \
6785 -S "Processing of the Certificate handshake message failed"
6788 run_test "keyUsage cli-auth: RSA, KeyEncipherment: fail (soft)" \
6790 "$O_CLI -key data_files/server2.key \
6791 -cert data_files/server2.ku-ke.crt" \
6793 -s "bad certificate (usage extensions)" \
6794 -S "Processing of the Certificate handshake message failed"
6797 run_test "keyUsage cli-auth: RSA, KeyEncipherment: fail (hard)" \
6799 "$O_CLI -key data_files/server2.key \
6800 -cert data_files/server2.ku-ke.crt" \
6802 -s "bad certificate (usage extensions)" \
6803 -s "Processing of the Certificate handshake message failed"
6806 run_test "keyUsage cli-auth: ECDSA, DigitalSignature: OK" \
6808 "$O_CLI -key data_files/server5.key \
6809 -cert data_files/server5.ku-ds.crt" \
6811 -s "Verifying peer X.509 certificate... ok" \
6812 -S "bad certificate (usage extensions)" \
6813 -S "Processing of the Certificate handshake message failed"
6816 run_test "keyUsage cli-auth: ECDSA, KeyAgreement: fail (soft)" \
6818 "$O_CLI -key data_files/server5.key \
6819 -cert data_files/server5.ku-ka.crt" \
6821 -s "bad certificate (usage extensions)" \
6822 -S "Processing of the Certificate handshake message failed"
6827 run_test "keyUsage cli-auth 1.3: RSA, DigitalSignature: OK" \
6829 "$O_NEXT_CLI_NO_CERT -key data_files/server2.key \
6830 -cert data_files/server2.ku-ds.crt" \
6832 -s "Verifying peer X.509 certificate... ok" \
6833 -S "bad certificate (usage extensions)" \
6834 -S "Processing of the Certificate handshake message failed"
6839 run_test "keyUsage cli-auth 1.3: RSA, KeyEncipherment: fail (soft)" \
6841 "$O_NEXT_CLI_NO_CERT -key data_files/server2.key \
6842 -cert data_files/server2.ku-ke.crt" \
6844 -s "bad certificate (usage extensions)" \
6845 -S "Processing of the Certificate handshake message failed"
6850 run_test "keyUsage cli-auth 1.3: ECDSA, DigitalSignature: OK" \
6852 "$O_NEXT_CLI_NO_CERT -key data_files/server5.key \
6853 -cert data_files/server5.ku-ds.crt" \
6855 -s "Verifying peer X.509 certificate... ok" \
6856 -S "bad certificate (usage extensions)" \
6857 -S "Processing of the Certificate handshake message failed"
6862 run_test "keyUsage cli-auth 1.3: ECDSA, KeyAgreement: fail (soft)" \
6864 "$O_NEXT_CLI_NO_CERT -key data_files/server5.key \
6865 -cert data_files/server5.ku-ka.crt" \
6867 -s "bad certificate (usage extensions)" \
6868 -S "Processing of the Certificate handshake message failed"
6870 # Tests for extendedKeyUsage, part 1: server-side certificate/suite selection
6873 run_test "extKeyUsage srv: serverAuth -> OK" \
6875 crt_file=data_files/server5.eku-srv.crt" \
6880 run_test "extKeyUsage srv: serverAuth,clientAuth -> OK" \
6882 crt_file=data_files/server5.eku-srv.crt" \
6887 run_test "extKeyUsage srv: codeSign,anyEKU -> OK" \
6889 crt_file=data_files/server5.eku-cs_any.crt" \
6894 run_test "extKeyUsage srv: codeSign -> fail" \
6896 crt_file=data_files/server5.eku-cli.crt" \
6900 # Tests for extendedKeyUsage, part 2: client-side checking of server cert
6903 run_test "extKeyUsage cli: serverAuth -> OK" \
6904 "$O_SRV -tls1_2 -key data_files/server5.key \
6905 -cert data_files/server5.eku-srv.crt" \
6908 -C "bad certificate (usage extensions)" \
6909 -C "Processing of the Certificate handshake message failed" \
6910 -c "Ciphersuite is TLS-"
6913 run_test "extKeyUsage cli: serverAuth,clientAuth -> OK" \
6914 "$O_SRV -tls1_2 -key data_files/server5.key \
6915 -cert data_files/server5.eku-srv_cli.crt" \
6918 -C "bad certificate (usage extensions)" \
6919 -C "Processing of the Certificate handshake message failed" \
6920 -c "Ciphersuite is TLS-"
6923 run_test "extKeyUsage cli: codeSign,anyEKU -> OK" \
6924 "$O_SRV -tls1_2 -key data_files/server5.key \
6925 -cert data_files/server5.eku-cs_any.crt" \
6928 -C "bad certificate (usage extensions)" \
6929 -C "Processing of the Certificate handshake message failed" \
6930 -c "Ciphersuite is TLS-"
6933 run_test "extKeyUsage cli: codeSign -> fail" \
6934 "$O_SRV -tls1_2 -key data_files/server5.key \
6935 -cert data_files/server5.eku-cs.crt" \
6938 -c "bad certificate (usage extensions)" \
6939 -c "Processing of the Certificate handshake message failed" \
6940 -C "Ciphersuite is TLS-"
6945 run_test "extKeyUsage cli 1.3: serverAuth -> OK" \
6946 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \
6947 -cert data_files/server5.eku-srv.crt" \
6950 -C "bad certificate (usage extensions)" \
6951 -C "Processing of the Certificate handshake message failed" \
6952 -c "Ciphersuite is"
6957 run_test "extKeyUsage cli 1.3: serverAuth,clientAuth -> OK" \
6958 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \
6959 -cert data_files/server5.eku-srv_cli.crt" \
6962 -C "bad certificate (usage extensions)" \
6963 -C "Processing of the Certificate handshake message failed" \
6964 -c "Ciphersuite is"
6969 run_test "extKeyUsage cli 1.3: codeSign,anyEKU -> OK" \
6970 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \
6971 -cert data_files/server5.eku-cs_any.crt" \
6974 -C "bad certificate (usage extensions)" \
6975 -C "Processing of the Certificate handshake message failed" \
6976 -c "Ciphersuite is"
6981 run_test "extKeyUsage cli 1.3: codeSign -> fail" \
6982 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \
6983 -cert data_files/server5.eku-cs.crt" \
6986 -c "bad certificate (usage extensions)" \
6987 -c "Processing of the Certificate handshake message failed" \
6988 -C "Ciphersuite is"
6990 # Tests for extendedKeyUsage, part 3: server-side checking of client cert
6993 run_test "extKeyUsage cli-auth: clientAuth -> OK" \
6995 "$O_CLI -key data_files/server5.key \
6996 -cert data_files/server5.eku-cli.crt" \
6998 -S "bad certificate (usage extensions)" \
6999 -S "Processing of the Certificate handshake message failed"
7002 run_test "extKeyUsage cli-auth: serverAuth,clientAuth -> OK" \
7004 "$O_CLI -key data_files/server5.key \
7005 -cert data_files/server5.eku-srv_cli.crt" \
7007 -S "bad certificate (usage extensions)" \
7008 -S "Processing of the Certificate handshake message failed"
7011 run_test "extKeyUsage cli-auth: codeSign,anyEKU -> OK" \
7013 "$O_CLI -key data_files/server5.key \
7014 -cert data_files/server5.eku-cs_any.crt" \
7016 -S "bad certificate (usage extensions)" \
7017 -S "Processing of the Certificate handshake message failed"
7020 run_test "extKeyUsage cli-auth: codeSign -> fail (soft)" \
7022 "$O_CLI -key data_files/server5.key \
7023 -cert data_files/server5.eku-cs.crt" \
7025 -s "bad certificate (usage extensions)" \
7026 -S "Processing of the Certificate handshake message failed"
7029 run_test "extKeyUsage cli-auth: codeSign -> fail (hard)" \
7031 "$O_CLI -key data_files/server5.key \
7032 -cert data_files/server5.eku-cs.crt" \
7034 -s "bad certificate (usage extensions)" \
7035 -s "Processing of the Certificate handshake message failed"
7040 run_test "extKeyUsage cli-auth 1.3: clientAuth -> OK" \
7042 "$O_NEXT_CLI_NO_CERT -key data_files/server5.key \
7043 -cert data_files/server5.eku-cli.crt" \
7045 -S "bad certificate (usage extensions)" \
7046 -S "Processing of the Certificate handshake message failed"
7051 run_test "extKeyUsage cli-auth 1.3: serverAuth,clientAuth -> OK" \
7053 "$O_NEXT_CLI_NO_CERT -key data_files/server5.key \
7054 -cert data_files/server5.eku-srv_cli.crt" \
7056 -S "bad certificate (usage extensions)" \
7057 -S "Processing of the Certificate handshake message failed"
7062 run_test "extKeyUsage cli-auth 1.3: codeSign,anyEKU -> OK" \
7064 "$O_NEXT_CLI_NO_CERT -key data_files/server5.key \
7065 -cert data_files/server5.eku-cs_any.crt" \
7067 -S "bad certificate (usage extensions)" \
7068 -S "Processing of the Certificate handshake message failed"
7073 run_test "extKeyUsage cli-auth 1.3: codeSign -> fail (soft)" \
7075 "$O_NEXT_CLI_NO_CERT -key data_files/server5.key \
7076 -cert data_files/server5.eku-cs.crt" \
7078 -s "bad certificate (usage extensions)" \
7079 -S "Processing of the Certificate handshake message failed"
7086 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
7089 -c "value of 'DHM: P ' (2048 bits)" \
7090 -c "value of 'DHM: G ' (2 bits)"
7095 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
7098 -c "value of 'DHM: P ' (1024 bits)" \
7099 -c "value of 'DHM: G ' (2 bits)"
7101 # Tests for DHM client-side size checking
7106 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
7109 -C "DHM prime too short:"
7114 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
7117 -C "DHM prime too short:"
7122 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
7125 -C "DHM prime too short:"
7130 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
7133 -C "DHM prime too short:"
7138 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
7141 -C "DHM prime too short:"
7146 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
7149 -c "DHM prime too short:"
7154 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
7157 -c "DHM prime too short:"
7162 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
7165 -c "DHM prime too short:"
7170 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
7173 -c "DHM prime too short:"
7178 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
7181 -c "DHM prime too short:"
7188 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
7191 -S "SSL - The handshake negotiation failed" \
7192 -S "SSL - Unknown identity received" \
7193 -S "SSL - Verification of the message MAC failed"
7199 …_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
7202 -C "session hash for extended master secret"\
7203 -S "session hash for extended master secret"\
7204 -S "SSL - The handshake negotiation failed" \
7205 -S "SSL - Unknown identity received" \
7206 -S "SSL - Verification of the message MAC failed"
7210 run_test "PSK callback: opaque psk on client, no callback, SHA-384" \
7212 …I extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
7215 -C "session hash for extended master secret"\
7216 -S "session hash for extended master secret"\
7217 -S "SSL - The handshake negotiation failed" \
7218 -S "SSL - Unknown identity received" \
7219 -S "SSL - Verification of the message MAC failed"
7225 …_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
7228 -c "session hash for extended master secret"\
7229 -s "session hash for extended master secret"\
7230 -S "SSL - The handshake negotiation failed" \
7231 -S "SSL - Unknown identity received" \
7232 -S "SSL - Verification of the message MAC failed"
7236 run_test "PSK callback: opaque psk on client, no callback, SHA-384, EMS" \
7238 …I extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
7241 -c "session hash for extended master secret"\
7242 -s "session hash for extended master secret"\
7243 -S "SSL - The handshake negotiation failed" \
7244 -S "SSL - Unknown identity received" \
7245 -S "SSL - Verification of the message MAC failed"
7249 run_test "PSK callback: opaque rsa-psk on client, no callback" \
7251 …tended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256 \
7254 -C "session hash for extended master secret"\
7255 -S "session hash for extended master secret"\
7256 -S "SSL - The handshake negotiation failed" \
7257 -S "SSL - Unknown identity received" \
7258 -S "SSL - Verification of the message MAC failed"
7262 run_test "PSK callback: opaque rsa-psk on client, no callback, SHA-384" \
7264 …tended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
7267 -C "session hash for extended master secret"\
7268 -S "session hash for extended master secret"\
7269 -S "SSL - The handshake negotiation failed" \
7270 -S "SSL - Unknown identity received" \
7271 -S "SSL - Verification of the message MAC failed"
7275 run_test "PSK callback: opaque rsa-psk on client, no callback, EMS" \
7277 … extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
7280 -c "session hash for extended master secret"\
7281 -s "session hash for extended master secret"\
7282 -S "SSL - The handshake negotiation failed" \
7283 -S "SSL - Unknown identity received" \
7284 -S "SSL - Verification of the message MAC failed"
7288 run_test "PSK callback: opaque rsa-psk on client, no callback, SHA-384, EMS" \
7290 …tended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
7293 -c "session hash for extended master secret"\
7294 -s "session hash for extended master secret"\
7295 -S "SSL - The handshake negotiation failed" \
7296 -S "SSL - Unknown identity received" \
7297 -S "SSL - Verification of the message MAC failed"
7301 run_test "PSK callback: opaque ecdhe-psk on client, no callback" \
7303 …nded_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \
7306 -C "session hash for extended master secret"\
7307 -S "session hash for extended master secret"\
7308 -S "SSL - The handshake negotiation failed" \
7309 -S "SSL - Unknown identity received" \
7310 -S "SSL - Verification of the message MAC failed"
7314 run_test "PSK callback: opaque ecdhe-psk on client, no callback, SHA-384" \
7316 …nded_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
7319 -C "session hash for extended master secret"\
7320 -S "session hash for extended master secret"\
7321 -S "SSL - The handshake negotiation failed" \
7322 -S "SSL - Unknown identity received" \
7323 -S "SSL - Verification of the message MAC failed"
7327 run_test "PSK callback: opaque ecdhe-psk on client, no callback, EMS" \
7329 …xtended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \
7332 -c "session hash for extended master secret"\
7333 -s "session hash for extended master secret"\
7334 -S "SSL - The handshake negotiation failed" \
7335 -S "SSL - Unknown identity received" \
7336 -S "SSL - Verification of the message MAC failed"
7340 run_test "PSK callback: opaque ecdhe-psk on client, no callback, SHA-384, EMS" \
7342 …nded_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
7345 -c "session hash for extended master secret"\
7346 -s "session hash for extended master secret"\
7347 -S "SSL - The handshake negotiation failed" \
7348 -S "SSL - Unknown identity received" \
7349 -S "SSL - Verification of the message MAC failed"
7353 run_test "PSK callback: opaque dhe-psk on client, no callback" \
7355 …tended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA256 \
7358 -C "session hash for extended master secret"\
7359 -S "session hash for extended master secret"\
7360 -S "SSL - The handshake negotiation failed" \
7361 -S "SSL - Unknown identity received" \
7362 -S "SSL - Verification of the message MAC failed"
7366 run_test "PSK callback: opaque dhe-psk on client, no callback, SHA-384" \
7368 …tended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
7371 -C "session hash for extended master secret"\
7372 -S "session hash for extended master secret"\
7373 -S "SSL - The handshake negotiation failed" \
7374 -S "SSL - Unknown identity received" \
7375 -S "SSL - Verification of the message MAC failed"
7379 run_test "PSK callback: opaque dhe-psk on client, no callback, EMS" \
7381 … extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
7384 -c "session hash for extended master secret"\
7385 -s "session hash for extended master secret"\
7386 -S "SSL - The handshake negotiation failed" \
7387 -S "SSL - Unknown identity received" \
7388 -S "SSL - Verification of the message MAC failed"
7392 run_test "PSK callback: opaque dhe-psk on client, no callback, SHA-384, EMS" \
7394 …tended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
7397 -c "session hash for extended master secret"\
7398 -s "session hash for extended master secret"\
7399 -S "SSL - The handshake negotiation failed" \
7400 -S "SSL - Unknown identity received" \
7401 -S "SSL - Verification of the message MAC failed"
7406 …3 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
7407 …_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
7410 -C "session hash for extended master secret"\
7411 -S "session hash for extended master secret"\
7412 -S "SSL - The handshake negotiation failed" \
7413 -S "SSL - Unknown identity received" \
7414 -S "SSL - Verification of the message MAC failed"
7418 run_test "PSK callback: raw psk on client, static opaque on server, no callback, SHA-384" \
7419 …sk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \
7420 …I extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
7423 -C "session hash for extended master secret"\
7424 -S "session hash for extended master secret"\
7425 -S "SSL - The handshake negotiation failed" \
7426 -S "SSL - Unknown identity received" \
7427 -S "SSL - Verification of the message MAC failed"
7433 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
7434 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
7437 -c "session hash for extended master secret"\
7438 -s "session hash for extended master secret"\
7439 -S "SSL - The handshake negotiation failed" \
7440 -S "SSL - Unknown identity received" \
7441 -S "SSL - Verification of the message MAC failed"
7447 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
7448 … "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
7451 -c "session hash for extended master secret"\
7452 -s "session hash for extended master secret"\
7453 -S "SSL - The handshake negotiation failed" \
7454 -S "SSL - Unknown identity received" \
7455 -S "SSL - Verification of the message MAC failed"
7459 run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback" \
7460 …k_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA" \
7461 … extended_ms=0 debug_level=5 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
7464 -C "session hash for extended master secret"\
7465 -S "session hash for extended master secret"\
7466 -S "SSL - The handshake negotiation failed" \
7467 -S "SSL - Unknown identity received" \
7468 -S "SSL - Verification of the message MAC failed"
7472 run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback, SHA-384" \
7473 …dentity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384" \
7474 …tended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
7477 -C "session hash for extended master secret"\
7478 -S "session hash for extended master secret"\
7479 -S "SSL - The handshake negotiation failed" \
7480 -S "SSL - Unknown identity received" \
7481 -S "SSL - Verification of the message MAC failed"
7485 run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback, EMS" \
7487 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
7488 … "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
7491 -c "session hash for extended master secret"\
7492 -s "session hash for extended master secret"\
7493 -S "SSL - The handshake negotiation failed" \
7494 -S "SSL - Unknown identity received" \
7495 -S "SSL - Verification of the message MAC failed"
7499 run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback, EMS, SHA384…
7501 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
7502 … "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
7505 -c "session hash for extended master secret"\
7506 -s "session hash for extended master secret"\
7507 -S "SSL - The handshake negotiation failed" \
7508 -S "SSL - Unknown identity received" \
7509 -S "SSL - Verification of the message MAC failed"
7513 run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback" \
7514 …identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA" \
7515 …xtended_ms=0 debug_level=5 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \
7518 -C "session hash for extended master secret"\
7519 -S "session hash for extended master secret"\
7520 -S "SSL - The handshake negotiation failed" \
7521 -S "SSL - Unknown identity received" \
7522 -S "SSL - Verification of the message MAC failed"
7526 run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback, SHA-384" \
7527 …ntity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384" \
7528 …nded_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
7531 -C "session hash for extended master secret"\
7532 -S "session hash for extended master secret"\
7533 -S "SSL - The handshake negotiation failed" \
7534 -S "SSL - Unknown identity received" \
7535 -S "SSL - Verification of the message MAC failed"
7539 run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback, EMS" \
7541 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
7542 … "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \
7545 -c "session hash for extended master secret"\
7546 -s "session hash for extended master secret"\
7547 -S "SSL - The handshake negotiation failed" \
7548 -S "SSL - Unknown identity received" \
7549 -S "SSL - Verification of the message MAC failed"
7553 run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback, EMS, SHA3…
7555 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
7556 … "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
7559 -c "session hash for extended master secret"\
7560 -s "session hash for extended master secret"\
7561 -S "SSL - The handshake negotiation failed" \
7562 -S "SSL - Unknown identity received" \
7563 -S "SSL - Verification of the message MAC failed"
7567 run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback" \
7568 …k_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA" \
7569 … extended_ms=0 debug_level=5 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
7572 -C "session hash for extended master secret"\
7573 -S "session hash for extended master secret"\
7574 -S "SSL - The handshake negotiation failed" \
7575 -S "SSL - Unknown identity received" \
7576 -S "SSL - Verification of the message MAC failed"
7580 run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback, SHA-384" \
7581 …dentity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384" \
7582 …tended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
7585 -C "session hash for extended master secret"\
7586 -S "session hash for extended master secret"\
7587 -S "SSL - The handshake negotiation failed" \
7588 -S "SSL - Unknown identity received" \
7589 -S "SSL - Verification of the message MAC failed"
7593 run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback, EMS" \
7595 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
7596 … "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
7599 -c "session hash for extended master secret"\
7600 -s "session hash for extended master secret"\
7601 -S "SSL - The handshake negotiation failed" \
7602 -S "SSL - Unknown identity received" \
7603 -S "SSL - Verification of the message MAC failed"
7607 run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback, EMS, SHA384…
7609 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
7610 … "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
7613 -c "session hash for extended master secret"\
7614 -s "session hash for extended master secret"\
7615 -S "SSL - The handshake negotiation failed" \
7616 -S "SSL - Unknown identity received" \
7617 -S "SSL - Verification of the message MAC failed"
7622 …dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
7623 …_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
7626 -C "session hash for extended master secret"\
7627 -S "session hash for extended master secret"\
7628 -S "SSL - The handshake negotiation failed" \
7629 -S "SSL - Unknown identity received" \
7630 -S "SSL - Verification of the message MAC failed"
7634 … "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, SHA-384" \
7635 …d,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \
7636 …I extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
7639 -C "session hash for extended master secret"\
7640 -S "session hash for extended master secret"\
7641 -S "SSL - The handshake negotiation failed" \
7642 -S "SSL - Unknown identity received" \
7643 -S "SSL - Verification of the message MAC failed"
7649 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
7650 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
7653 -c "session hash for extended master secret"\
7654 -s "session hash for extended master secret"\
7655 -S "SSL - The handshake negotiation failed" \
7656 -S "SSL - Unknown identity received" \
7657 -S "SSL - Verification of the message MAC failed"
7663 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
7664 … "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
7667 -c "session hash for extended master secret"\
7668 -s "session hash for extended master secret"\
7669 -S "SSL - The handshake negotiation failed" \
7670 -S "SSL - Unknown identity received" \
7671 -S "SSL - Verification of the message MAC failed"
7675 run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from …
7676 …,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA" \
7677 … extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
7680 -C "session hash for extended master secret"\
7681 -S "session hash for extended master secret"\
7682 -S "SSL - The handshake negotiation failed" \
7683 -S "SSL - Unknown identity received" \
7684 -S "SSL - Verification of the message MAC failed"
7688 run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from …
7689 …f,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384" \
7690 …tended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
7693 -C "session hash for extended master secret"\
7694 -S "session hash for extended master secret"\
7695 -S "SSL - The handshake negotiation failed" \
7696 -S "SSL - Unknown identity received" \
7697 -S "SSL - Verification of the message MAC failed"
7701 run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from …
7703 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
7704 … "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
7707 -c "session hash for extended master secret"\
7708 -s "session hash for extended master secret"\
7709 -S "SSL - The handshake negotiation failed" \
7710 -S "SSL - Unknown identity received" \
7711 -S "SSL - Verification of the message MAC failed"
7715 run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from …
7717 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
7718 … "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
7721 -c "session hash for extended master secret"\
7722 -s "session hash for extended master secret"\
7723 -S "SSL - The handshake negotiation failed" \
7724 -S "SSL - Unknown identity received" \
7725 -S "SSL - Verification of the message MAC failed"
7729 run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK…
7730 …ef,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA" \
7731 …xtended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \
7734 -C "session hash for extended master secret"\
7735 -S "session hash for extended master secret"\
7736 -S "SSL - The handshake negotiation failed" \
7737 -S "SSL - Unknown identity received" \
7738 -S "SSL - Verification of the message MAC failed"
7742 …un_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK…
7743 …beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384" \
7744 …nded_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
7747 -C "session hash for extended master secret"\
7748 -S "session hash for extended master secret"\
7749 -S "SSL - The handshake negotiation failed" \
7750 -S "SSL - Unknown identity received" \
7751 -S "SSL - Verification of the message MAC failed"
7755 run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK…
7757 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
7758 … "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \
7761 -c "session hash for extended master secret"\
7762 -s "session hash for extended master secret"\
7763 -S "SSL - The handshake negotiation failed" \
7764 -S "SSL - Unknown identity received" \
7765 -S "SSL - Verification of the message MAC failed"
7769 run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK…
7771 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
7772 … "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
7775 -c "session hash for extended master secret"\
7776 -s "session hash for extended master secret"\
7777 -S "SSL - The handshake negotiation failed" \
7778 -S "SSL - Unknown identity received" \
7779 -S "SSL - Verification of the message MAC failed"
7783 run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from …
7784 …,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA" \
7785 … extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
7788 -C "session hash for extended master secret"\
7789 -S "session hash for extended master secret"\
7790 -S "SSL - The handshake negotiation failed" \
7791 -S "SSL - Unknown identity received" \
7792 -S "SSL - Verification of the message MAC failed"
7796 run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from …
7797 …f,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384" \
7798 …tended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
7801 -C "session hash for extended master secret"\
7802 -S "session hash for extended master secret"\
7803 -S "SSL - The handshake negotiation failed" \
7804 -S "SSL - Unknown identity received" \
7805 -S "SSL - Verification of the message MAC failed"
7809 run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from …
7811 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
7812 … "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
7815 -c "session hash for extended master secret"\
7816 -s "session hash for extended master secret"\
7817 -S "SSL - The handshake negotiation failed" \
7818 -S "SSL - Unknown identity received" \
7819 -S "SSL - Verification of the message MAC failed"
7823 run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from …
7825 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
7826 … "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
7829 -c "session hash for extended master secret"\
7830 -s "session hash for extended master secret"\
7831 -S "SSL - The handshake negotiation failed" \
7832 -S "SSL - Unknown identity received" \
7833 -S "SSL - Verification of the message MAC failed"
7838 …dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
7839 …_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
7842 -C "session hash for extended master secret"\
7843 -S "session hash for extended master secret"\
7844 -S "SSL - The handshake negotiation failed" \
7845 -S "SSL - Unknown identity received" \
7846 -S "SSL - Verification of the message MAC failed"
7851 …dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
7852 …_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
7855 -C "session hash for extended master secret"\
7856 -S "session hash for extended master secret"\
7857 -S "SSL - The handshake negotiation failed" \
7858 -S "SSL - Unknown identity received" \
7859 -S "SSL - Verification of the message MAC failed"
7864 …el=3 psk_list=abc,dead,def,beef min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
7865 …_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
7868 -C "session hash for extended master secret"\
7869 -S "session hash for extended master secret"\
7870 -S "SSL - The handshake negotiation failed" \
7871 -S "SSL - Unknown identity received" \
7872 -S "SSL - Verification of the message MAC failed"
7876 run_test "PSK callback: raw psk on client, id-matching but wrong raw PSK on server, opaque PSK f…
7877 …el=3 psk_list=abc,dead,def,beef min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
7878 …_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
7881 -C "session hash for extended master secret"\
7882 -S "session hash for extended master secret"\
7883 -S "SSL - The handshake negotiation failed" \
7884 -S "SSL - Unknown identity received" \
7885 -S "SSL - Verification of the message MAC failed"
7890 …=3 psk_list=abc,dead,def,abc123 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
7891 …_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
7894 -s "SSL - Verification of the message MAC failed"
7899 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
7902 -s "SSL - The handshake negotiation failed" \
7903 -S "SSL - Unknown identity received" \
7904 -S "SSL - Verification of the message MAC failed"
7909 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
7912 -S "SSL - The handshake negotiation failed" \
7913 -s "SSL - Unknown identity received" \
7914 -S "SSL - Verification of the message MAC failed"
7919 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
7922 -S "SSL - The handshake negotiation failed" \
7923 -S "SSL - Unknown identity received" \
7924 -S "SSL - Verification of the message MAC failed"
7929 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
7932 -S "SSL - The handshake negotiation failed" \
7933 -S "SSL - Unknown identity received" \
7934 -S "SSL - Verification of the message MAC failed"
7939 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
7942 -S "SSL - The handshake negotiation failed" \
7943 -s "SSL - Unknown identity received" \
7944 -S "SSL - Verification of the message MAC failed"
7949 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
7952 -S "SSL - The handshake negotiation failed" \
7953 -S "SSL - Unknown identity received" \
7954 -s "SSL - Verification of the message MAC failed"
7956 # Tests for EC J-PAKE
7964 -C "add ciphersuite: 0xc0ff" \
7965 -C "adding ecjpake_kkpp extension" \
7966 -S "found ecjpake kkpp extension" \
7967 -S "skip ecjpake kkpp extension" \
7968 -S "ciphersuite mismatch: ecjpake not configured" \
7969 -S "server hello, ecjpake kkpp extension" \
7970 -C "found ecjpake_kkpp extension" \
7971 -S "SSL - The handshake negotiation failed"
7978 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
7980 -c "add ciphersuite: c0ff" \
7981 -c "adding ecjpake_kkpp extension" \
7982 -s "found ecjpake kkpp extension" \
7983 -s "skip ecjpake kkpp extension" \
7984 -s "ciphersuite mismatch: ecjpake not configured" \
7985 -S "server hello, ecjpake kkpp extension" \
7986 -C "found ecjpake_kkpp extension" \
7987 -s "SSL - The handshake negotiation failed"
7994 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
7996 -c "add ciphersuite: c0ff" \
7997 -c "adding ecjpake_kkpp extension" \
7998 -C "re-using cached ecjpake parameters" \
7999 -s "found ecjpake kkpp extension" \
8000 -S "skip ecjpake kkpp extension" \
8001 -S "ciphersuite mismatch: ecjpake not configured" \
8002 -s "server hello, ecjpake kkpp extension" \
8003 -c "found ecjpake_kkpp extension" \
8004 -S "SSL - The handshake negotiation failed" \
8005 -S "SSL - Verification of the message MAC failed"
8013 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
8015 -C "re-using cached ecjpake parameters" \
8016 -s "SSL - Verification of the message MAC failed"
8023 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
8025 -c "re-using cached ecjpake parameters" \
8026 -S "SSL - Verification of the message MAC failed"
8033 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
8035 -C "re-using cached ecjpake parameters" \
8036 -S "SSL - Verification of the message MAC failed"
8044 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
8046 -c "re-using cached ecjpake parameters" \
8047 -s "SSL - Verification of the message MAC failed"
8049 # for tests with configs/config-thread.h
8055 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
8064 "$G_CLI --priority=NORMAL:%NO_EXTENSIONS:%DISABLE_SAFE_RENEGOTIATION localhost" \
8066 -s "dumping 'client hello extensions' (0 bytes)"
8070 # The server first reads buffer_size-1 bytes, then reads the remainder.
8076 -s "Read from client: 100 bytes read$"
8083 -s "Read from client: 101 bytes read (100 + 1)"
8091 -s "Read from client: 200 bytes read (100 + 100)"
8098 -s "Read from client: $MAX_CONTENT_LEN bytes read (100 + $((MAX_CONTENT_LEN - 100)))"
8105 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
8107 -s "Read from client: 1 bytes read"
8112 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
8114 -s "Read from client: 1 bytes read"
8116 run_test "Small client packet TLS 1.2 BlockCipher larger MAC" \
8119 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
8121 -s "Read from client: 1 bytes read"
8126 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
8128 -s "Read from client: 1 bytes read"
8133 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
8135 -s "Read from client: 1 bytes read"
8141 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \
8143 -s "Read from client: 1 bytes read"
8149 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \
8151 -s "Read from client: 1 bytes read"
8159 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
8161 -s "Read from client: 1 bytes read"
8167 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
8169 -s "Read from client: 1 bytes read"
8175 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
8177 -c "Read from server: 1 bytes read"
8181 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
8183 -c "Read from server: 1 bytes read"
8185 run_test "Small server packet TLS 1.2 BlockCipher larger MAC" \
8187 "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
8189 -c "Read from server: 1 bytes read"
8193 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
8195 -c "Read from server: 1 bytes read"
8199 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
8201 -c "Read from server: 1 bytes read"
8206 "$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \
8208 -c "Read from server: 1 bytes read"
8213 "$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \
8215 -c "Read from server: 1 bytes read"
8223 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
8225 -c "Read from server: 1 bytes read"
8231 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
8233 -c "Read from server: 1 bytes read"
8239 echo "$(( ( $1 + $MAX_OUT_LEN - 1 ) / $MAX_OUT_LEN ))"
8245 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
8247 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
8248 -s "Read from client: $MAX_CONTENT_LEN bytes read"
8253 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
8255 -s "Read from client: $MAX_CONTENT_LEN bytes read"
8257 run_test "Large client packet TLS 1.2 BlockCipher larger MAC" \
8260 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
8262 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
8263 -s "Read from client: $MAX_CONTENT_LEN bytes read"
8268 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
8270 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
8271 -s "Read from client: $MAX_CONTENT_LEN bytes read"
8276 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
8278 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
8279 -s "Read from client: $MAX_CONTENT_LEN bytes read"
8285 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \
8287 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
8288 -s "Read from client: $MAX_CONTENT_LEN bytes read"
8294 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \
8296 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
8297 -s "Read from client: $MAX_CONTENT_LEN bytes read"
8302 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
8304 -c "Read from server: 16384 bytes read"
8308 "$P_CLI etm=0 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
8310 -s "16384 bytes written in 1 fragments" \
8311 -c "Read from server: 16384 bytes read"
8313 run_test "Large server packet TLS 1.2 BlockCipher larger MAC" \
8315 "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
8317 -c "Read from server: 16384 bytes read"
8319 run_test "Large server packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
8321 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
8323 -s "16384 bytes written in 1 fragments" \
8324 -c "Read from server: 16384 bytes read"
8328 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
8330 -c "Read from server: 16384 bytes read"
8334 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
8336 -c "Read from server: 16384 bytes read"
8341 "$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \
8343 -c "Read from server: 16384 bytes read"
8348 "$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \
8350 -c "Read from server: 16384 bytes read"
8361 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
8365 -C "x509_verify_cert.*4b00" \
8366 -C "mbedtls_pk_verify.*4b00" \
8367 -C "mbedtls_ecdh_make_public.*4b00" \
8368 -C "mbedtls_pk_sign.*4b00"
8375 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
8379 -C "x509_verify_cert.*4b00" \
8380 -C "mbedtls_pk_verify.*4b00" \
8381 -C "mbedtls_ecdh_make_public.*4b00" \
8382 -C "mbedtls_pk_sign.*4b00"
8389 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
8393 -C "x509_verify_cert.*4b00" \
8394 -C "mbedtls_pk_verify.*4b00" \
8395 -C "mbedtls_ecdh_make_public.*4b00" \
8396 -C "mbedtls_pk_sign.*4b00"
8403 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
8407 -c "x509_verify_cert.*4b00" \
8408 -c "mbedtls_pk_verify.*4b00" \
8409 -c "mbedtls_ecdh_make_public.*4b00" \
8410 -c "mbedtls_pk_sign.*4b00"
8417 crt_file=data_files/server5-badsign.crt \
8419 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
8423 -c "x509_verify_cert.*4b00" \
8424 -C "mbedtls_pk_verify.*4b00" \
8425 -C "mbedtls_ecdh_make_public.*4b00" \
8426 -C "mbedtls_pk_sign.*4b00" \
8427 -c "! The certificate is not correctly signed by the trusted CA" \
8428 -c "! mbedtls_ssl_handshake returned" \
8429 -c "X509 - Certificate verification failed"
8436 crt_file=data_files/server5-badsign.crt \
8438 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
8442 -c "x509_verify_cert.*4b00" \
8443 -c "mbedtls_pk_verify.*4b00" \
8444 -c "mbedtls_ecdh_make_public.*4b00" \
8445 -c "mbedtls_pk_sign.*4b00" \
8446 -c "! The certificate is not correctly signed by the trusted CA" \
8447 -C "! mbedtls_ssl_handshake returned" \
8448 -C "X509 - Certificate verification failed"
8455 crt_file=data_files/server5-badsign.crt \
8457 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
8461 -C "x509_verify_cert.*4b00" \
8462 -c "mbedtls_pk_verify.*4b00" \
8463 -c "mbedtls_ecdh_make_public.*4b00" \
8464 -c "mbedtls_pk_sign.*4b00" \
8465 -C "! The certificate is not correctly signed by the trusted CA" \
8466 -C "! mbedtls_ssl_handshake returned" \
8467 -C "X509 - Certificate verification failed"
8474 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
8478 -c "x509_verify_cert.*4b00" \
8479 -c "mbedtls_pk_verify.*4b00" \
8480 -c "mbedtls_ecdh_make_public.*4b00" \
8481 -c "mbedtls_pk_sign.*4b00"
8488 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
8491 -c "x509_verify_cert.*4b00" \
8492 -c "mbedtls_pk_verify.*4b00" \
8493 -c "mbedtls_ecdh_make_public.*4b00" \
8494 -C "mbedtls_pk_sign.*4b00"
8499 run_test "EC restart: TLS, max_ops=1000, ECDHE-PSK" \
8501 "$P_CLI force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \
8504 -C "x509_verify_cert.*4b00" \
8505 -C "mbedtls_pk_verify.*4b00" \
8506 -C "mbedtls_ecdh_make_public.*4b00" \
8507 -C "mbedtls_pk_sign.*4b00"
8518 -s "Async sign callback: using key slot " \
8519 -s "Async resume (slot [0-9]): sign done, status=0"
8528 -s "Async sign callback: using key slot " \
8529 -s "Async resume (slot [0-9]): call 0 more times." \
8530 -s "Async resume (slot [0-9]): sign done, status=0"
8539 -s "Async sign callback: using key slot " \
8540 -U "Async sign callback: using key slot " \
8541 -s "Async resume (slot [0-9]): call 1 more times." \
8542 -s "Async resume (slot [0-9]): call 0 more times." \
8543 -s "Async resume (slot [0-9]): sign done, status=0"
8552 …server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_file…
8555 -s "Async sign callback: using key slot " \
8556 -s "Async resume (slot [0-9]): sign done, status=0" \
8557 -s "parse ServerName extension" \
8558 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
8559 -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example"
8566 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
8568 -s "Async decrypt callback: using key slot " \
8569 -s "Async resume (slot [0-9]): decrypt done, status=0"
8576 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
8578 -s "Async decrypt callback: using key slot " \
8579 -s "Async resume (slot [0-9]): call 0 more times." \
8580 -s "Async resume (slot [0-9]): decrypt done, status=0"
8584 run_test "SSL async private: decrypt RSA-PSK, delay=0" \
8588 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256" \
8590 -s "Async decrypt callback: using key slot " \
8591 -s "Async resume (slot [0-9]): decrypt done, status=0"
8595 run_test "SSL async private: decrypt RSA-PSK, delay=1" \
8599 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256" \
8601 -s "Async decrypt callback: using key slot " \
8602 -s "Async resume (slot [0-9]): call 0 more times." \
8603 -s "Async resume (slot [0-9]): decrypt done, status=0"
8610 "$P_CLI; [ \$? -eq 1 ] &&
8611 $P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
8613 -S "Async sign callback" \
8614 -s "! mbedtls_ssl_handshake returned" \
8615 -s "The own private key or pre-shared key is not set, but needed" \
8616 -s "Async resume (slot [0-9]): decrypt done, status=0" \
8617 -s "Successful connection"
8624 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA;
8625 [ \$? -eq 1 ] && $P_CLI" \
8627 -S "Async decrypt callback" \
8628 -s "! mbedtls_ssl_handshake returned" \
8629 -s "got no RSA private key" \
8630 -s "Async resume (slot [0-9]): sign done, status=0" \
8631 -s "Successful connection"
8641 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
8643 -s "Async sign callback: using key slot 0," \
8644 -s "Async resume (slot 0): call 0 more times." \
8645 -s "Async resume (slot 0): sign done, status=0"
8655 "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \
8657 -s "Async sign callback: using key slot 0," \
8658 -s "Async resume (slot 0): call 0 more times." \
8659 -s "Async resume (slot 0): sign done, status=0"
8669 "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \
8671 -s "Async sign callback: using key slot 1," \
8672 -s "Async resume (slot 1): call 0 more times." \
8673 -s "Async resume (slot 1): sign done, status=0"
8683 "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \
8685 -s "Async sign callback: no key matches this certificate."
8695 -s "Async sign callback: injected error" \
8696 -S "Async resume" \
8697 -S "Async cancel" \
8698 -s "! mbedtls_ssl_handshake returned"
8708 -s "Async sign callback: using key slot " \
8709 -S "Async resume" \
8710 -s "Async cancel"
8720 -s "Async sign callback: using key slot " \
8721 -s "Async resume callback: sign done but injected error" \
8722 -S "Async cancel" \
8723 -s "! mbedtls_ssl_handshake returned"
8731 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
8733 -s "Async decrypt callback: injected error" \
8734 -S "Async resume" \
8735 -S "Async cancel" \
8736 -s "! mbedtls_ssl_handshake returned"
8744 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
8746 -s "Async decrypt callback: using key slot " \
8747 -S "Async resume" \
8748 -s "Async cancel"
8756 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
8758 -s "Async decrypt callback: using key slot " \
8759 -s "Async resume callback: decrypt done but injected error" \
8760 -S "Async cancel" \
8761 -s "! mbedtls_ssl_handshake returned"
8768 async_private_error=-2" \
8769 "$P_CLI; [ \$? -eq 1 ] && $P_CLI" \
8771 -s "Async cancel" \
8772 -s "! mbedtls_ssl_handshake returned" \
8773 -s "Async resume" \
8774 -s "Successful connection"
8781 async_private_error=-3" \
8782 "$P_CLI; [ \$? -eq 1 ] && $P_CLI" \
8784 -s "! mbedtls_ssl_handshake returned" \
8785 -s "Async resume" \
8786 -s "Successful connection"
8793 async_operations=s async_private_delay1=1 async_private_error=-2 \
8796 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256;
8797 [ \$? -eq 1 ] &&
8798 $P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \
8800 -s "Async sign callback: using key slot 0" \
8801 -S "Async resume" \
8802 -s "Async cancel" \
8803 -s "! mbedtls_ssl_handshake returned" \
8804 -s "Async sign callback: no key matches this certificate." \
8805 -s "Successful connection"
8812 async_operations=s async_private_delay1=1 async_private_error=-3 \
8815 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256;
8816 [ \$? -eq 1 ] &&
8817 $P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \
8819 -s "Async resume" \
8820 -s "! mbedtls_ssl_handshake returned" \
8821 -s "Async sign callback: no key matches this certificate." \
8822 -s "Successful connection"
8827 run_test "SSL async private: renegotiation: client-initiated, sign" \
8833 -s "Async sign callback: using key slot " \
8834 -s "Async resume (slot [0-9]): sign done, status=0"
8839 run_test "SSL async private: renegotiation: server-initiated, sign" \
8845 -s "Async sign callback: using key slot " \
8846 -s "Async resume (slot [0-9]): sign done, status=0"
8851 run_test "SSL async private: renegotiation: client-initiated, decrypt" \
8856 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
8858 -s "Async decrypt callback: using key slot " \
8859 -s "Async resume (slot [0-9]): decrypt done, status=0"
8864 run_test "SSL async private: renegotiation: server-initiated, decrypt" \
8869 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
8871 -s "Async decrypt callback: using key slot " \
8872 -s "Async resume (slot [0-9]): decrypt done, status=0"
8883 "$P_CLI debug_level=3 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \
8885 -C "client hello, adding supported_groups extension" \
8886 -C "client hello, adding supported_point_formats extension" \
8887 -S "found supported elliptic curves extension" \
8888 -S "found supported point formats extension"
8896 "$P_SRV debug_level=3 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \
8899 -C "found supported_point_formats extension" \
8900 -S "server hello, supported_point_formats extension"
8909 "$P_CLI debug_level=3 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
8911 -c "client hello, adding supported_groups extension" \
8912 -c "client hello, adding supported_point_formats extension" \
8913 -s "found supported elliptic curves extension" \
8914 -s "found supported point formats extension"
8922 "$P_SRV debug_level=3 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
8925 -c "found supported_point_formats extension" \
8926 -s "server hello, supported_point_formats extension"
8935 -s "cookie verification failed" \
8936 -s "cookie verification passed" \
8937 -S "cookie verification skipped" \
8938 -c "received hello verify request" \
8939 -s "hello verification requested" \
8940 -S "SSL - The requested feature is not available"
8947 -S "cookie verification failed" \
8948 -S "cookie verification passed" \
8949 -s "cookie verification skipped" \
8950 -C "received hello verify request" \
8951 -S "hello verification requested" \
8952 -S "SSL - The requested feature is not available"
8956 "$P_SRV dtls=1 debug_level=2 cookies=-1" \
8957 "$P_CLI dtls=1 debug_level=2 hs_timeout=100-400" \
8959 -s "cookie verification failed" \
8960 -S "cookie verification passed" \
8961 -S "cookie verification skipped" \
8962 -C "received hello verify request" \
8963 -S "hello verification requested" \
8964 -s "SSL - The requested feature is not available"
8972 -s "cookie verification failed" \
8973 -s "cookie verification passed" \
8974 -S "cookie verification skipped" \
8975 -c "received hello verify request" \
8976 -s "hello verification requested" \
8977 -S "SSL - The requested feature is not available"
8984 -s "cookie verification failed" \
8985 -s "cookie verification passed" \
8986 -S "cookie verification skipped" \
8987 -c "received hello verify request" \
8988 -s "hello verification requested" \
8989 -S "SSL - The requested feature is not available"
8996 "$P_SRV dtls=1 exchanges=2 read_timeout=20000 hs_timeout=10000-20000" \
8997 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=10000-20000" \
8999 -C "resend" \
9000 -S "The operation timed out" \
9001 -S "Client initiated reconnection from same port"
9006 "$P_SRV dtls=1 exchanges=2 read_timeout=20000 hs_timeout=10000-20000" \
9007 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=10000-20000 reconnect_hard=1" \
9009 -C "resend" \
9010 -S "The operation timed out" \
9011 -s "Client initiated reconnection from same port"
9017 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-1000 reconnect_hard=1" \
9019 -S "The operation timed out" \
9020 -s "Client initiated reconnection from same port"
9025 "$P_SRV dtls=1 exchanges=2 read_timeout=2000 nbio=2 hs_timeout=1500-6000" \
9026 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=1500-3000 reconnect_hard=1" \
9028 -S "The operation timed out" \
9029 -s "Client initiated reconnection from same port"
9034 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-8000 reconnect_hard=1" \
9036 -s "The operation timed out" \
9037 -S "Client initiated reconnection from same port"
9040 run_test "DTLS client reconnect from same port: attacker-injected" \
9041 -p "$P_PXY inject_clihlo=1" \
9045 -s "possible client reconnect from the same port" \
9046 -S "Client initiated reconnection from same port"
9056 -s "Verifying peer X.509 certificate... ok"
9063 -s "! Certificate was missing"
9070 -c "skip write certificate$" \
9071 -s "! Certificate verification was skipped"
9075 "$P_SRV dtls=1 psk=abc123 force_ciphersuite=TLS-PSK-WITH-AES-128-GCM-SHA256" \
9078 -s "SSL - Verification of the message MAC failed" \
9079 -c "SSL - A fatal alert message was received from our peer"
9086 "$G_SRV -u --mtu 2048 -a" \
9089 -C "found fragmented DTLS handshake message" \
9090 -C "error"
9095 "$G_SRV -u --mtu 512" \
9098 -c "found fragmented DTLS handshake message" \
9099 -C "error"
9104 "$G_SRV -u --mtu 128" \
9107 -c "found fragmented DTLS handshake message" \
9108 -C "error"
9113 "$G_SRV -u --mtu 128" \
9116 -c "found fragmented DTLS handshake message" \
9117 -C "error"
9123 "$G_SRV -u --mtu 256" \
9126 -c "found fragmented DTLS handshake message" \
9127 -c "client hello, adding renegotiation extension" \
9128 -c "found renegotiation extension" \
9129 -c "=> renegotiate" \
9130 -C "mbedtls_ssl_handshake returned" \
9131 -C "error" \
9132 -s "Extra-header:"
9138 "$G_SRV -u --mtu 256" \
9141 -c "found fragmented DTLS handshake message" \
9142 -c "client hello, adding renegotiation extension" \
9143 -c "found renegotiation extension" \
9144 -c "=> renegotiate" \
9145 -C "mbedtls_ssl_handshake returned" \
9146 -C "error" \
9147 -s "Extra-header:"
9150 run_test "DTLS reassembly: no fragmentation (openssl server)" \
9151 "$O_SRV -dtls -mtu 2048" \
9154 -C "found fragmented DTLS handshake message" \
9155 -C "error"
9158 run_test "DTLS reassembly: some fragmentation (openssl server)" \
9159 "$O_SRV -dtls -mtu 768" \
9162 -c "found fragmented DTLS handshake message" \
9163 -C "error"
9166 run_test "DTLS reassembly: more fragmentation (openssl server)" \
9167 "$O_SRV -dtls -mtu 256" \
9170 -c "found fragmented DTLS handshake message" \
9171 -C "error"
9174 run_test "DTLS reassembly: fragmentation, nbio (openssl server)" \
9175 "$O_SRV -dtls -mtu 256" \
9178 -c "found fragmented DTLS handshake message" \
9179 -C "error"
9187 # - 2037B for server certificate
9188 # - 1542B for client certificate
9189 # - 1013B for newsessionticket
9190 # - all others below 512B
9201 crt_file=data_files/server7_int-ca.crt \
9203 hs_timeout=2500-60000 \
9206 crt_file=data_files/server8_int-ca2.crt \
9208 hs_timeout=2500-60000 \
9211 -S "found fragmented DTLS handshake message" \
9212 -C "found fragmented DTLS handshake message" \
9213 -C "error"
9223 crt_file=data_files/server7_int-ca.crt \
9225 hs_timeout=2500-60000 \
9228 crt_file=data_files/server8_int-ca2.crt \
9230 hs_timeout=2500-60000 \
9233 -S "found fragmented DTLS handshake message" \
9234 -c "found fragmented DTLS handshake message" \
9235 -C "error"
9240 # `client-initiated, server only (max_frag_len)` below.
9249 crt_file=data_files/server7_int-ca.crt \
9251 hs_timeout=2500-60000 \
9254 crt_file=data_files/server8_int-ca2.crt \
9256 hs_timeout=2500-60000 \
9259 -S "found fragmented DTLS handshake message" \
9260 -c "found fragmented DTLS handshake message" \
9261 -C "error"
9269 run_test "DTLS fragmenting: client-initiated, server only (max_frag_len)" \
9271 crt_file=data_files/server7_int-ca.crt \
9273 hs_timeout=2500-60000 \
9276 crt_file=data_files/server8_int-ca2.crt \
9278 hs_timeout=2500-60000 \
9281 -S "found fragmented DTLS handshake message" \
9282 -c "found fragmented DTLS handshake message" \
9283 -C "error"
9298 run_test "DTLS fragmenting: client-initiated, server only (max_frag_len), proxy MTU" \
9299 -p "$P_PXY mtu=1110" \
9301 crt_file=data_files/server7_int-ca.crt \
9303 hs_timeout=2500-60000 \
9306 crt_file=data_files/server8_int-ca2.crt \
9308 hs_timeout=2500-60000 \
9311 -S "found fragmented DTLS handshake message" \
9312 -c "found fragmented DTLS handshake message" \
9313 -C "error"
9321 run_test "DTLS fragmenting: client-initiated, both (max_frag_len)" \
9323 crt_file=data_files/server7_int-ca.crt \
9325 hs_timeout=2500-60000 \
9328 crt_file=data_files/server8_int-ca2.crt \
9330 hs_timeout=2500-60000 \
9333 -s "found fragmented DTLS handshake message" \
9334 -c "found fragmented DTLS handshake message" \
9335 -C "error"
9350 run_test "DTLS fragmenting: client-initiated, both (max_frag_len), proxy MTU" \
9351 -p "$P_PXY mtu=1110" \
9353 crt_file=data_files/server7_int-ca.crt \
9355 hs_timeout=2500-60000 \
9358 crt_file=data_files/server8_int-ca2.crt \
9360 hs_timeout=2500-60000 \
9363 -s "found fragmented DTLS handshake message" \
9364 -c "found fragmented DTLS handshake message" \
9365 -C "error"
9374 crt_file=data_files/server7_int-ca.crt \
9376 hs_timeout=2500-60000 \
9379 crt_file=data_files/server8_int-ca2.crt \
9381 hs_timeout=2500-60000 \
9384 -S "found fragmented DTLS handshake message" \
9385 -C "found fragmented DTLS handshake message" \
9386 -C "error"
9395 crt_file=data_files/server7_int-ca.crt \
9397 hs_timeout=3500-60000 \
9400 crt_file=data_files/server8_int-ca2.crt \
9402 hs_timeout=3500-60000 \
9405 -s "found fragmented DTLS handshake message" \
9406 -C "found fragmented DTLS handshake message" \
9407 -C "error"
9416 crt_file=data_files/server7_int-ca.crt \
9418 hs_timeout=2500-60000 \
9421 crt_file=data_files/server8_int-ca2.crt \
9423 hs_timeout=2500-60000 \
9426 -S "found fragmented DTLS handshake message" \
9427 -c "found fragmented DTLS handshake message" \
9428 -C "error"
9436 -p "$P_PXY mtu=1024" \
9438 crt_file=data_files/server7_int-ca.crt \
9440 hs_timeout=2500-60000 \
9443 crt_file=data_files/server8_int-ca2.crt \
9445 hs_timeout=2500-60000 \
9448 -s "found fragmented DTLS handshake message" \
9449 -c "found fragmented DTLS handshake message" \
9450 -C "error"
9463 -p "$P_PXY mtu=512" \
9465 crt_file=data_files/server7_int-ca.crt \
9467 hs_timeout=2500-60000 \
9470 crt_file=data_files/server8_int-ca2.crt \
9472 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
9473 hs_timeout=2500-60000 \
9476 -s "found fragmented DTLS handshake message" \
9477 -c "found fragmented DTLS handshake message" \
9478 -C "error"
9484 # fragmentation and auto-reduction) an extra retransmission might occur,
9495 run_test "DTLS fragmenting: proxy MTU: auto-reduction (not valgrind)" \
9496 -p "$P_PXY mtu=508" \
9498 crt_file=data_files/server7_int-ca.crt \
9500 hs_timeout=400-3200" \
9502 crt_file=data_files/server8_int-ca2.crt \
9504 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
9505 hs_timeout=400-3200" \
9507 -s "found fragmented DTLS handshake message" \
9508 -c "found fragmented DTLS handshake message" \
9509 -C "error"
9521 run_test "DTLS fragmenting: proxy MTU: auto-reduction (with valgrind)" \
9522 -p "$P_PXY mtu=508" \
9524 crt_file=data_files/server7_int-ca.crt \
9526 hs_timeout=250-10000" \
9528 crt_file=data_files/server8_int-ca2.crt \
9530 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
9531 hs_timeout=250-10000" \
9533 -s "found fragmented DTLS handshake message" \
9534 -c "found fragmented DTLS handshake message" \
9535 -C "error"
9539 # a HelloVerifyRequest, so only check for no retransmission server-side
9547 -p "$P_PXY mtu=1024" \
9549 crt_file=data_files/server7_int-ca.crt \
9551 hs_timeout=10000-60000 \
9554 crt_file=data_files/server8_int-ca2.crt \
9556 hs_timeout=10000-60000 \
9559 -S "autoreduction" \
9560 -s "found fragmented DTLS handshake message" \
9561 -c "found fragmented DTLS handshake message" \
9562 -C "error"
9567 # a HelloVerifyRequest, so only check for no retransmission server-side
9578 -p "$P_PXY mtu=512" \
9580 crt_file=data_files/server7_int-ca.crt \
9582 hs_timeout=10000-60000 \
9585 crt_file=data_files/server8_int-ca2.crt \
9587 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
9588 hs_timeout=10000-60000 \
9591 -S "autoreduction" \
9592 -s "found fragmented DTLS handshake message" \
9593 -c "found fragmented DTLS handshake message" \
9594 -C "error"
9603 -p "$P_PXY mtu=1024" \
9605 crt_file=data_files/server7_int-ca.crt \
9607 hs_timeout=10000-60000 \
9610 crt_file=data_files/server8_int-ca2.crt \
9612 hs_timeout=10000-60000 \
9615 -S "autoreduction" \
9616 -s "found fragmented DTLS handshake message" \
9617 -c "found fragmented DTLS handshake message" \
9618 -C "error"
9631 -p "$P_PXY mtu=512" \
9633 crt_file=data_files/server7_int-ca.crt \
9635 hs_timeout=10000-60000 \
9638 crt_file=data_files/server8_int-ca2.crt \
9640 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
9641 hs_timeout=10000-60000 \
9644 -S "autoreduction" \
9645 -s "found fragmented DTLS handshake message" \
9646 -c "found fragmented DTLS handshake message" \
9647 -C "error"
9655 # An autoreduction on the client-side might happen if the server is
9656 # slow to reset, therefore omitting '-C "autoreduction"' below.
9669 -p "$P_PXY mtu=1450" \
9671 crt_file=data_files/server7_int-ca.crt \
9673 hs_timeout=10000-60000 \
9676 crt_file=data_files/server8_int-ca2.crt \
9678 hs_timeout=10000-60000 \
9679 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
9682 -S "autoreduction" \
9683 -s "found fragmented DTLS handshake message" \
9684 -c "found fragmented DTLS handshake message" \
9685 -C "error"
9687 # An autoreduction on the client-side might happen if the server is
9688 # slow to reset, therefore omitting '-C "autoreduction"' below.
9700 -p "$P_PXY mtu=512" \
9702 crt_file=data_files/server7_int-ca.crt \
9705 hs_timeout=10000-60000 \
9708 crt_file=data_files/server8_int-ca2.crt \
9711 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
9712 hs_timeout=10000-60000 \
9715 -S "autoreduction" \
9716 -s "found fragmented DTLS handshake message" \
9717 -c "found fragmented DTLS handshake message" \
9718 -C "error"
9720 # An autoreduction on the client-side might happen if the server is
9721 # slow to reset, therefore omitting '-C "autoreduction"' below.
9733 run_test "DTLS fragmenting: proxy MTU, AES-GCM renego" \
9734 -p "$P_PXY mtu=512" \
9736 crt_file=data_files/server7_int-ca.crt \
9739 hs_timeout=10000-60000 \
9742 crt_file=data_files/server8_int-ca2.crt \
9745 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
9746 hs_timeout=10000-60000 \
9749 -S "autoreduction" \
9750 -s "found fragmented DTLS handshake message" \
9751 -c "found fragmented DTLS handshake message" \
9752 -C "error"
9754 # An autoreduction on the client-side might happen if the server is
9755 # slow to reset, therefore omitting '-C "autoreduction"' below.
9767 run_test "DTLS fragmenting: proxy MTU, AES-CCM renego" \
9768 -p "$P_PXY mtu=1024" \
9770 crt_file=data_files/server7_int-ca.crt \
9773 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 \
9774 hs_timeout=10000-60000 \
9777 crt_file=data_files/server8_int-ca2.crt \
9780 hs_timeout=10000-60000 \
9783 -S "autoreduction" \
9784 -s "found fragmented DTLS handshake message" \
9785 -c "found fragmented DTLS handshake message" \
9786 -C "error"
9788 # An autoreduction on the client-side might happen if the server is
9789 # slow to reset, therefore omitting '-C "autoreduction"' below.
9802 run_test "DTLS fragmenting: proxy MTU, AES-CBC EtM renego" \
9803 -p "$P_PXY mtu=1024" \
9805 crt_file=data_files/server7_int-ca.crt \
9808 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 \
9809 hs_timeout=10000-60000 \
9812 crt_file=data_files/server8_int-ca2.crt \
9815 hs_timeout=10000-60000 \
9818 -S "autoreduction" \
9819 -s "found fragmented DTLS handshake message" \
9820 -c "found fragmented DTLS handshake message" \
9821 -C "error"
9823 # An autoreduction on the client-side might happen if the server is
9824 # slow to reset, therefore omitting '-C "autoreduction"' below.
9836 run_test "DTLS fragmenting: proxy MTU, AES-CBC non-EtM renego" \
9837 -p "$P_PXY mtu=1024" \
9839 crt_file=data_files/server7_int-ca.crt \
9842 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 etm=0 \
9843 hs_timeout=10000-60000 \
9846 crt_file=data_files/server8_int-ca2.crt \
9849 hs_timeout=10000-60000 \
9852 -S "autoreduction" \
9853 -s "found fragmented DTLS handshake message" \
9854 -c "found fragmented DTLS handshake message" \
9855 -C "error"
9868 -p "$P_PXY mtu=512 drop=8 delay=8 duplicate=8" \
9870 crt_file=data_files/server7_int-ca.crt \
9872 hs_timeout=250-10000 mtu=512" \
9874 crt_file=data_files/server8_int-ca2.crt \
9876 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
9877 hs_timeout=250-10000 mtu=512" \
9879 -s "found fragmented DTLS handshake message" \
9880 -c "found fragmented DTLS handshake message" \
9881 -C "error"
9894 -p "$P_PXY mtu=512 drop=8 delay=8 duplicate=8" \
9896 crt_file=data_files/server7_int-ca.crt \
9898 hs_timeout=250-10000 mtu=512 nbio=2" \
9900 crt_file=data_files/server8_int-ca2.crt \
9902 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
9903 hs_timeout=250-10000 mtu=512 nbio=2" \
9905 -s "found fragmented DTLS handshake message" \
9906 -c "found fragmented DTLS handshake message" \
9907 -C "error"
9919 "$G_SRV -u" \
9921 crt_file=data_files/server8_int-ca2.crt \
9925 -c "fragmenting handshake message" \
9926 -C "error"
9928 # We use --insecure for the GnuTLS client because it expects
9933 # certificate validation fail, but passing --insecure makes
9943 crt_file=data_files/server7_int-ca.crt \
9946 "$G_CLI -u --insecure 127.0.0.1" \
9948 -s "fragmenting handshake message"
9954 run_test "DTLS fragmenting: openssl server, DTLS 1.2" \
9955 "$O_SRV -dtls1_2 -verify 10" \
9957 crt_file=data_files/server8_int-ca2.crt \
9961 -c "fragmenting handshake message" \
9962 -C "error"
9968 run_test "DTLS fragmenting: openssl client, DTLS 1.2" \
9970 crt_file=data_files/server7_int-ca.crt \
9973 "$O_CLI -dtls1_2" \
9975 -s "fragmenting handshake message"
9988 -p "$P_PXY drop=8 delay=8 duplicate=8" \
9989 "$G_NEXT_SRV -u" \
9991 crt_file=data_files/server8_int-ca2.crt \
9993 hs_timeout=250-60000 mtu=512 force_version=dtls12" \
9995 -c "fragmenting handshake message" \
9996 -C "error"
10005 -p "$P_PXY drop=8 delay=8 duplicate=8" \
10007 crt_file=data_files/server7_int-ca.crt \
10009 hs_timeout=250-60000 mtu=512 force_version=dtls12" \
10010 "$G_NEXT_CLI -u --insecure 127.0.0.1" \
10012 -s "fragmenting handshake message"
10014 ## The test below requires 1.1.1a or higher version of openssl, otherwise
10015 ## it might trigger a bug due to openssl server (https://github.com/openssl/openssl/issues/6902)
10022 run_test "DTLS fragmenting: 3d, openssl server, DTLS 1.2" \
10023 -p "$P_PXY drop=8 delay=8 duplicate=8" \
10024 "$O_NEXT_SRV -dtls1_2 -verify 10" \
10026 crt_file=data_files/server8_int-ca2.crt \
10028 hs_timeout=250-60000 mtu=512 force_version=dtls12" \
10030 -c "fragmenting handshake message" \
10031 -C "error"
10034 ## The cause is an openssl bug (https://github.com/openssl/openssl/issues/18887)
10041 run_test "DTLS fragmenting: 3d, openssl client, DTLS 1.2" \
10042 -p "$P_PXY drop=8 delay=8 duplicate=8" \
10044 crt_file=data_files/server7_int-ca.crt \
10046 hs_timeout=250-60000 mtu=512 force_version=dtls12" \
10047 "$O_CLI -dtls1_2" \
10049 -s "fragmenting handshake message"
10051 # Tests for DTLS-SRTP (RFC 5764)
10054 run_test "DTLS-SRTP all profiles supported" \
10058 -s "found use_srtp extension" \
10059 -s "found srtp profile" \
10060 -s "selected srtp profile" \
10061 -s "server hello, adding use_srtp extension" \
10062 -s "DTLS-SRTP key material is"\
10063 -c "client hello, adding use_srtp extension" \
10064 -c "found use_srtp extension" \
10065 -c "found srtp profile" \
10066 -c "selected srtp profile" \
10067 -c "DTLS-SRTP key material is"\
10068 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
10069 -C "error"
10074 run_test "DTLS-SRTP server supports all profiles. Client supports one profile." \
10078 -s "found use_srtp extension" \
10079 -s "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" \
10080 -s "selected srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" \
10081 -s "server hello, adding use_srtp extension" \
10082 -s "DTLS-SRTP key material is"\
10083 -c "client hello, adding use_srtp extension" \
10084 -c "found use_srtp extension" \
10085 -c "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" \
10086 -c "selected srtp profile" \
10087 -c "DTLS-SRTP key material is"\
10088 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
10089 -C "error"
10093 run_test "DTLS-SRTP server supports one profile. Client supports all profiles." \
10097 -s "found use_srtp extension" \
10098 -s "found srtp profile" \
10099 -s "selected srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" \
10100 -s "server hello, adding use_srtp extension" \
10101 -s "DTLS-SRTP key material is"\
10102 -c "client hello, adding use_srtp extension" \
10103 -c "found use_srtp extension" \
10104 -c "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" \
10105 -c "selected srtp profile" \
10106 -c "DTLS-SRTP key material is"\
10107 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
10108 -C "error"
10112 run_test "DTLS-SRTP server and Client support only one matching profile." \
10116 -s "found use_srtp extension" \
10117 -s "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
10118 -s "selected srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
10119 -s "server hello, adding use_srtp extension" \
10120 -s "DTLS-SRTP key material is"\
10121 -c "client hello, adding use_srtp extension" \
10122 -c "found use_srtp extension" \
10123 -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
10124 -c "selected srtp profile" \
10125 -c "DTLS-SRTP key material is"\
10126 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
10127 -C "error"
10131 run_test "DTLS-SRTP server and Client support only one different profile." \
10135 -s "found use_srtp extension" \
10136 -s "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" \
10137 -S "selected srtp profile" \
10138 -S "server hello, adding use_srtp extension" \
10139 -S "DTLS-SRTP key material is"\
10140 -c "client hello, adding use_srtp extension" \
10141 -C "found use_srtp extension" \
10142 -C "found srtp profile" \
10143 -C "selected srtp profile" \
10144 -C "DTLS-SRTP key material is"\
10145 -C "error"
10149 run_test "DTLS-SRTP server doesn't support use_srtp extension." \
10153 -s "found use_srtp extension" \
10154 -S "server hello, adding use_srtp extension" \
10155 -S "DTLS-SRTP key material is"\
10156 -c "client hello, adding use_srtp extension" \
10157 -C "found use_srtp extension" \
10158 -C "found srtp profile" \
10159 -C "selected srtp profile" \
10160 -C "DTLS-SRTP key material is"\
10161 -C "error"
10165 run_test "DTLS-SRTP all profiles supported. mki used" \
10169 -s "found use_srtp extension" \
10170 -s "found srtp profile" \
10171 -s "selected srtp profile" \
10172 -s "server hello, adding use_srtp extension" \
10173 -s "dumping 'using mki' (8 bytes)" \
10174 -s "DTLS-SRTP key material is"\
10175 -c "client hello, adding use_srtp extension" \
10176 -c "found use_srtp extension" \
10177 -c "found srtp profile" \
10178 -c "selected srtp profile" \
10179 -c "dumping 'sending mki' (8 bytes)" \
10180 -c "dumping 'received mki' (8 bytes)" \
10181 -c "DTLS-SRTP key material is"\
10182 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
10183 -g "find_in_both '^ *DTLS-SRTP mki value: [0-9A-F]*$'"\
10184 -C "error"
10188 run_test "DTLS-SRTP all profiles supported. server doesn't support mki." \
10192 -s "found use_srtp extension" \
10193 -s "found srtp profile" \
10194 -s "selected srtp profile" \
10195 -s "server hello, adding use_srtp extension" \
10196 -s "DTLS-SRTP key material is"\
10197 -s "DTLS-SRTP no mki value negotiated"\
10198 -S "dumping 'using mki' (8 bytes)" \
10199 -c "client hello, adding use_srtp extension" \
10200 -c "found use_srtp extension" \
10201 -c "found srtp profile" \
10202 -c "selected srtp profile" \
10203 -c "DTLS-SRTP key material is"\
10204 -c "DTLS-SRTP no mki value negotiated"\
10205 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
10206 -c "dumping 'sending mki' (8 bytes)" \
10207 -C "dumping 'received mki' (8 bytes)" \
10208 -C "error"
10212 run_test "DTLS-SRTP all profiles supported. openssl client." \
10214 …"$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtl…
10216 -s "found use_srtp extension" \
10217 -s "found srtp profile" \
10218 -s "selected srtp profile" \
10219 -s "server hello, adding use_srtp extension" \
10220 -s "DTLS-SRTP key material is"\
10221 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
10222 -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_80"
10226 run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, in different order…
10228 …"$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_32:SRTP_AES128_CM_SHA1_80 -keymatexport 'EXTRACTOR-dtl…
10230 -s "found use_srtp extension" \
10231 -s "found srtp profile" \
10232 -s "selected srtp profile" \
10233 -s "server hello, adding use_srtp extension" \
10234 -s "DTLS-SRTP key material is"\
10235 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
10236 -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32"
10240 run_test "DTLS-SRTP server supports all profiles. Client supports one profile. openssl client." \
10242 …"$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportle…
10244 -s "found use_srtp extension" \
10245 -s "found srtp profile" \
10246 -s "selected srtp profile" \
10247 -s "server hello, adding use_srtp extension" \
10248 -s "DTLS-SRTP key material is"\
10249 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
10250 -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32"
10254 run_test "DTLS-SRTP server supports one profile. Client supports all profiles. openssl client." \
10256 …"$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtl…
10258 -s "found use_srtp extension" \
10259 -s "found srtp profile" \
10260 -s "selected srtp profile" \
10261 -s "server hello, adding use_srtp extension" \
10262 -s "DTLS-SRTP key material is"\
10263 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
10264 -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32"
10268 run_test "DTLS-SRTP server and Client support only one matching profile. openssl client." \
10270 …"$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportle…
10272 -s "found use_srtp extension" \
10273 -s "found srtp profile" \
10274 -s "selected srtp profile" \
10275 -s "server hello, adding use_srtp extension" \
10276 -s "DTLS-SRTP key material is"\
10277 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
10278 -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32"
10282 run_test "DTLS-SRTP server and Client support only one different profile. openssl client." \
10284 …"$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportle…
10286 -s "found use_srtp extension" \
10287 -s "found srtp profile" \
10288 -S "selected srtp profile" \
10289 -S "server hello, adding use_srtp extension" \
10290 -S "DTLS-SRTP key material is"\
10291 -C "SRTP Extension negotiated, profile"
10295 run_test "DTLS-SRTP server doesn't support use_srtp extension. openssl client" \
10297 …"$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtl…
10299 -s "found use_srtp extension" \
10300 -S "server hello, adding use_srtp extension" \
10301 -S "DTLS-SRTP key material is"\
10302 -C "SRTP Extension negotiated, profile"
10306 run_test "DTLS-SRTP all profiles supported. openssl server" \
10307 …"$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXT…
10310 -c "client hello, adding use_srtp extension" \
10311 -c "found use_srtp extension" \
10312 -c "found srtp profile" \
10313 -c "selected srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80" \
10314 -c "DTLS-SRTP key material is"\
10315 -C "error"
10319 run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, in different order…
10320 …"$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_32:SRTP_AES128_CM_SHA1_80 -keymatexport 'EXT…
10323 -c "client hello, adding use_srtp extension" \
10324 -c "found use_srtp extension" \
10325 -c "found srtp profile" \
10326 -c "selected srtp profile" \
10327 -c "DTLS-SRTP key material is"\
10328 -C "error"
10332 run_test "DTLS-SRTP server supports all profiles. Client supports one profile. openssl server." \
10333 …"$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXT…
10336 -c "client hello, adding use_srtp extension" \
10337 -c "found use_srtp extension" \
10338 -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
10339 -c "selected srtp profile" \
10340 -c "DTLS-SRTP key material is"\
10341 -C "error"
10345 run_test "DTLS-SRTP server supports one profile. Client supports all profiles. openssl server." \
10346 …"$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keym…
10349 -c "client hello, adding use_srtp extension" \
10350 -c "found use_srtp extension" \
10351 -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
10352 -c "selected srtp profile" \
10353 -c "DTLS-SRTP key material is"\
10354 -C "error"
10358 run_test "DTLS-SRTP server and Client support only one matching profile. openssl server." \
10359 …"$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keym…
10362 -c "client hello, adding use_srtp extension" \
10363 -c "found use_srtp extension" \
10364 -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
10365 -c "selected srtp profile" \
10366 -c "DTLS-SRTP key material is"\
10367 -C "error"
10371 run_test "DTLS-SRTP server and Client support only one different profile. openssl server." \
10372 …"$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keym…
10375 -c "client hello, adding use_srtp extension" \
10376 -C "found use_srtp extension" \
10377 -C "found srtp profile" \
10378 -C "selected srtp profile" \
10379 -C "DTLS-SRTP key material is"\
10380 -C "error"
10384 run_test "DTLS-SRTP server doesn't support use_srtp extension. openssl server" \
10385 "$O_SRV -dtls" \
10388 -c "client hello, adding use_srtp extension" \
10389 -C "found use_srtp extension" \
10390 -C "found srtp profile" \
10391 -C "selected srtp profile" \
10392 -C "DTLS-SRTP key material is"\
10393 -C "error"
10397 run_test "DTLS-SRTP all profiles supported. server doesn't support mki. openssl server." \
10398 …"$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXT…
10401 -c "client hello, adding use_srtp extension" \
10402 -c "found use_srtp extension" \
10403 -c "found srtp profile" \
10404 -c "selected srtp profile" \
10405 -c "DTLS-SRTP key material is"\
10406 -c "DTLS-SRTP no mki value negotiated"\
10407 -c "dumping 'sending mki' (8 bytes)" \
10408 -C "dumping 'received mki' (8 bytes)" \
10409 -C "error"
10414 run_test "DTLS-SRTP all profiles supported. gnutls client." \
10416 …"$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_…
10418 -s "found use_srtp extension" \
10419 -s "found srtp profile" \
10420 -s "selected srtp profile" \
10421 -s "server hello, adding use_srtp extension" \
10422 -s "DTLS-SRTP key material is"\
10423 -c "SRTP profile: SRTP_AES128_CM_HMAC_SHA1_80"
10428 run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, in different order…
10430 …"$G_CLI -u --srtp-profiles=SRTP_NULL_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_80:SRTP_NULL_SHA1_32:SR…
10432 -s "found use_srtp extension" \
10433 -s "found srtp profile" \
10434 -s "selected srtp profile" \
10435 -s "server hello, adding use_srtp extension" \
10436 -s "DTLS-SRTP key material is"\
10437 -c "SRTP profile: SRTP_NULL_HMAC_SHA1_80"
10442 run_test "DTLS-SRTP server supports all profiles. Client supports one profile. gnutls client." \
10444 "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32 --insecure 127.0.0.1" \
10446 -s "found use_srtp extension" \
10447 -s "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
10448 -s "selected srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
10449 -s "server hello, adding use_srtp extension" \
10450 -s "DTLS-SRTP key material is"\
10451 -c "SRTP profile: SRTP_AES128_CM_HMAC_SHA1_32"
10456 run_test "DTLS-SRTP server supports one profile. Client supports all profiles. gnutls client." \
10458 …"$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_…
10460 -s "found use_srtp extension" \
10461 -s "found srtp profile" \
10462 -s "selected srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" \
10463 -s "server hello, adding use_srtp extension" \
10464 -s "DTLS-SRTP key material is"\
10465 -c "SRTP profile: SRTP_NULL_SHA1_32"
10470 run_test "DTLS-SRTP server and Client support only one matching profile. gnutls client." \
10472 "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32 --insecure 127.0.0.1" \
10474 -s "found use_srtp extension" \
10475 -s "found srtp profile" \
10476 -s "selected srtp profile" \
10477 -s "server hello, adding use_srtp extension" \
10478 -s "DTLS-SRTP key material is"\
10479 -c "SRTP profile: SRTP_AES128_CM_HMAC_SHA1_32"
10484 run_test "DTLS-SRTP server and Client support only one different profile. gnutls client." \
10486 "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32 --insecure 127.0.0.1" \
10488 -s "found use_srtp extension" \
10489 -s "found srtp profile" \
10490 -S "selected srtp profile" \
10491 -S "server hello, adding use_srtp extension" \
10492 -S "DTLS-SRTP key material is"\
10493 -C "SRTP profile:"
10498 run_test "DTLS-SRTP server doesn't support use_srtp extension. gnutls client" \
10500 …"$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_…
10502 -s "found use_srtp extension" \
10503 -S "server hello, adding use_srtp extension" \
10504 -S "DTLS-SRTP key material is"\
10505 -C "SRTP profile:"
10510 run_test "DTLS-SRTP all profiles supported. gnutls server" \
10511 …"$G_SRV -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_…
10514 -c "client hello, adding use_srtp extension" \
10515 -c "found use_srtp extension" \
10516 -c "found srtp profile" \
10517 -c "selected srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80" \
10518 -c "DTLS-SRTP key material is"\
10519 -C "error"
10524 run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, in different order…
10525 …"$G_SRV -u --srtp-profiles=SRTP_NULL_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_…
10528 -c "client hello, adding use_srtp extension" \
10529 -c "found use_srtp extension" \
10530 -c "found srtp profile" \
10531 -c "selected srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80" \
10532 -c "DTLS-SRTP key material is"\
10533 -C "error"
10538 run_test "DTLS-SRTP server supports all profiles. Client supports one profile. gnutls server." \
10539 …"$G_SRV -u --srtp-profiles=SRTP_NULL_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_…
10542 -c "client hello, adding use_srtp extension" \
10543 -c "found use_srtp extension" \
10544 -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
10545 -c "selected srtp profile" \
10546 -c "DTLS-SRTP key material is"\
10547 -C "error"
10552 run_test "DTLS-SRTP server supports one profile. Client supports all profiles. gnutls server." \
10553 "$G_SRV -u --srtp-profiles=SRTP_NULL_HMAC_SHA1_80" \
10556 -c "client hello, adding use_srtp extension" \
10557 -c "found use_srtp extension" \
10558 -c "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" \
10559 -c "selected srtp profile" \
10560 -c "DTLS-SRTP key material is"\
10561 -C "error"
10566 run_test "DTLS-SRTP server and Client support only one matching profile. gnutls server." \
10567 "$G_SRV -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32" \
10570 -c "client hello, adding use_srtp extension" \
10571 -c "found use_srtp extension" \
10572 -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
10573 -c "selected srtp profile" \
10574 -c "DTLS-SRTP key material is"\
10575 -C "error"
10580 run_test "DTLS-SRTP server and Client support only one different profile. gnutls server." \
10581 "$G_SRV -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32" \
10584 -c "client hello, adding use_srtp extension" \
10585 -C "found use_srtp extension" \
10586 -C "found srtp profile" \
10587 -C "selected srtp profile" \
10588 -C "DTLS-SRTP key material is"\
10589 -C "error"
10594 run_test "DTLS-SRTP server doesn't support use_srtp extension. gnutls server" \
10595 "$G_SRV -u" \
10598 -c "client hello, adding use_srtp extension" \
10599 -C "found use_srtp extension" \
10600 -C "found srtp profile" \
10601 -C "selected srtp profile" \
10602 -C "DTLS-SRTP key material is"\
10603 -C "error"
10608 run_test "DTLS-SRTP all profiles supported. mki used. gnutls server." \
10609 …"$G_SRV -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_…
10612 -c "client hello, adding use_srtp extension" \
10613 -c "found use_srtp extension" \
10614 -c "found srtp profile" \
10615 -c "selected srtp profile" \
10616 -c "DTLS-SRTP key material is"\
10617 -c "DTLS-SRTP mki value:"\
10618 -c "dumping 'sending mki' (8 bytes)" \
10619 -c "dumping 'received mki' (8 bytes)" \
10620 -C "error"
10627 -p "$P_PXY" \
10628 "$P_SRV dtls=1 debug_level=2 hs_timeout=10000-20000" \
10629 "$P_CLI dtls=1 debug_level=2 hs_timeout=10000-20000" \
10631 -C "replayed record" \
10632 -S "replayed record" \
10633 -C "Buffer record from epoch" \
10634 -S "Buffer record from epoch" \
10635 -C "ssl_buffer_message" \
10636 -S "ssl_buffer_message" \
10637 -C "discarding invalid record" \
10638 -S "discarding invalid record" \
10639 -S "resend" \
10640 -s "Extra-header:" \
10641 -c "HTTP/1.0 200 OK"
10646 -p "$P_PXY duplicate=1" \
10647 "$P_SRV dtls=1 dgram_packing=0 debug_level=2 hs_timeout=10000-20000" \
10648 "$P_CLI dtls=1 dgram_packing=0 debug_level=2 hs_timeout=10000-20000" \
10650 -c "replayed record" \
10651 -s "replayed record" \
10652 -c "record from another epoch" \
10653 -s "record from another epoch" \
10654 -S "resend" \
10655 -s "Extra-header:" \
10656 -c "HTTP/1.0 200 OK"
10659 run_test "DTLS proxy: duplicate every packet, server anti-replay off" \
10660 -p "$P_PXY duplicate=1" \
10664 -c "replayed record" \
10665 -S "replayed record" \
10666 -c "record from another epoch" \
10667 -s "record from another epoch" \
10668 -c "resend" \
10669 -s "resend" \
10670 -s "Extra-header:" \
10671 -c "HTTP/1.0 200 OK"
10675 -p "$P_PXY pack=50" \
10679 -c "next record in same datagram" \
10680 -s "next record in same datagram"
10684 -p "$P_PXY pack=50 duplicate=1" \
10688 -c "next record in same datagram" \
10689 -s "next record in same datagram"
10693 -p "$P_PXY bad_ad=1" \
10697 -c "discarding invalid record (mac)" \
10698 -s "discarding invalid record (mac)" \
10699 -s "Extra-header:" \
10700 -c "HTTP/1.0 200 OK" \
10701 -S "too many records with bad MAC" \
10702 -S "Verification of the message MAC failed"
10706 -p "$P_PXY bad_ad=1" \
10710 -C "discarding invalid record (mac)" \
10711 -S "discarding invalid record (mac)" \
10712 -S "Extra-header:" \
10713 -C "HTTP/1.0 200 OK" \
10714 -s "too many records with bad MAC" \
10715 -s "Verification of the message MAC failed"
10719 -p "$P_PXY bad_ad=1" \
10723 -c "discarding invalid record (mac)" \
10724 -s "discarding invalid record (mac)" \
10725 -s "Extra-header:" \
10726 -c "HTTP/1.0 200 OK" \
10727 -S "too many records with bad MAC" \
10728 -S "Verification of the message MAC failed"
10732 -p "$P_PXY bad_ad=1" \
10736 -c "discarding invalid record (mac)" \
10737 -s "discarding invalid record (mac)" \
10738 -s "Extra-header:" \
10739 -c "HTTP/1.0 200 OK" \
10740 -s "too many records with bad MAC" \
10741 -s "Verification of the message MAC failed"
10745 -p "$P_PXY delay_ccs=1" \
10749 -c "record from another epoch" \
10750 -s "record from another epoch" \
10751 -s "Extra-header:" \
10752 -c "HTTP/1.0 200 OK"
10758 run_test "DTLS reordering: Buffer out-of-order handshake message on client" \
10759 -p "$P_PXY delay_srv=ServerHello" \
10761 hs_timeout=2500-60000" \
10763 hs_timeout=2500-60000" \
10765 -c "Buffering HS message" \
10766 -c "Next handshake message has been buffered - load"\
10767 -S "Buffering HS message" \
10768 -S "Next handshake message has been buffered - load"\
10769 -C "Injecting buffered CCS message" \
10770 -C "Remember CCS message" \
10771 -S "Injecting buffered CCS message" \
10772 -S "Remember CCS message"
10776 run_test "DTLS reordering: Buffer out-of-order handshake message fragment on client" \
10777 -p "$P_PXY delay_srv=ServerHello" \
10779 hs_timeout=2500-60000" \
10781 hs_timeout=2500-60000" \
10783 -c "Buffering HS message" \
10784 -c "found fragmented DTLS handshake message"\
10785 -c "Next handshake message 1 not or only partially bufffered" \
10786 -c "Next handshake message has been buffered - load"\
10787 -S "Buffering HS message" \
10788 -S "Next handshake message has been buffered - load"\
10789 -C "Injecting buffered CCS message" \
10790 -C "Remember CCS message" \
10791 -S "Injecting buffered CCS message" \
10792 -S "Remember CCS message"
10801 run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling next" \
10802 -p "$P_PXY delay_srv=Certificate delay_srv=Certificate" \
10804 hs_timeout=2500-60000" \
10806 hs_timeout=2500-60000" \
10808 -c "Buffering HS message" \
10809 -c "Next handshake message has been buffered - load"\
10810 -C "attempt to make space by freeing buffered messages" \
10811 -S "Buffering HS message" \
10812 -S "Next handshake message has been buffered - load"\
10813 -C "Injecting buffered CCS message" \
10814 -C "Remember CCS message" \
10815 -S "Injecting buffered CCS message" \
10816 -S "Remember CCS message"
10825 run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling next, free buffered ms…
10826 -p "$P_PXY delay_srv=Certificate delay_srv=Certificate" \
10828 hs_timeout=2500-60000" \
10830 hs_timeout=2500-60000" \
10832 -c "Buffering HS message" \
10833 -c "attempt to make space by freeing buffered future messages" \
10834 -c "Enough space available after freeing buffered HS messages" \
10835 -S "Buffering HS message" \
10836 -S "Next handshake message has been buffered - load"\
10837 -C "Injecting buffered CCS message" \
10838 -C "Remember CCS message" \
10839 -S "Injecting buffered CCS message" \
10840 -S "Remember CCS message"
10844 run_test "DTLS reordering: Buffer out-of-order handshake message on server" \
10845 -p "$P_PXY delay_cli=Certificate" \
10847 hs_timeout=2500-60000" \
10849 hs_timeout=2500-60000" \
10851 -C "Buffering HS message" \
10852 -C "Next handshake message has been buffered - load"\
10853 -s "Buffering HS message" \
10854 -s "Next handshake message has been buffered - load" \
10855 -C "Injecting buffered CCS message" \
10856 -C "Remember CCS message" \
10857 -S "Injecting buffered CCS message" \
10858 -S "Remember CCS message"
10862 run_test "DTLS reordering: Buffer out-of-order CCS message on client"\
10863 -p "$P_PXY delay_srv=NewSessionTicket" \
10865 hs_timeout=2500-60000" \
10867 hs_timeout=2500-60000" \
10869 -C "Buffering HS message" \
10870 -C "Next handshake message has been buffered - load"\
10871 -S "Buffering HS message" \
10872 -S "Next handshake message has been buffered - load" \
10873 -c "Injecting buffered CCS message" \
10874 -c "Remember CCS message" \
10875 -S "Injecting buffered CCS message" \
10876 -S "Remember CCS message"
10880 run_test "DTLS reordering: Buffer out-of-order CCS message on server"\
10881 -p "$P_PXY delay_cli=ClientKeyExchange" \
10883 hs_timeout=2500-60000" \
10885 hs_timeout=2500-60000" \
10887 -C "Buffering HS message" \
10888 -C "Next handshake message has been buffered - load"\
10889 -S "Buffering HS message" \
10890 -S "Next handshake message has been buffered - load" \
10891 -C "Injecting buffered CCS message" \
10892 -C "Remember CCS message" \
10893 -s "Injecting buffered CCS message" \
10894 -s "Remember CCS message"
10898 -p "$P_PXY delay_ccs=1" \
10900 hs_timeout=2500-60000" \
10902 hs_timeout=2500-60000" \
10904 -s "Buffer record from epoch 1" \
10905 -s "Found buffered record from current epoch - load" \
10906 -c "Buffer record from epoch 1" \
10907 -c "Found buffered record from current epoch - load"
10915 # - MBEDTLS_SSL_DTLS_MAX_BUFFERING must be large enough to allow buffering
10918 # - The MTU setting on the server must be so small that the NewSessionTicket
10920 # - All messages sent by the server must be small enough to be either sent
10922 # MBEDTLS_SSL_DTLS_MAX_BUFFERING. Achieve this by testing with a PSK-based
10928 -p "$P_PXY delay_srv=NewSessionTicket delay_srv=NewSessionTicket delay_ccs=1" \
10930 …$P_CLI dgram_packing=0 dtls=1 debug_level=2 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8 psk=abc12…
10932 -s "Buffer record from epoch 1" \
10933 -s "Found buffered record from current epoch - load" \
10934 -c "Buffer record from epoch 1" \
10935 -C "Found buffered record from current epoch - load" \
10936 -c "Enough space available after freeing future epoch record"
10943 -p "$P_PXY drop=5 delay=5 duplicate=5" \
10944 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
10946 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
10947 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
10949 -s "Extra-header:" \
10950 -c "HTTP/1.0 200 OK"
10955 -p "$P_PXY drop=5 delay=5 duplicate=5" \
10956 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none" \
10957 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 \
10958 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
10960 -s "Extra-header:" \
10961 -c "HTTP/1.0 200 OK"
10966 -p "$P_PXY drop=5 delay=5 duplicate=5" \
10967 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none" \
10968 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0" \
10970 -s "Extra-header:" \
10971 -c "HTTP/1.0 200 OK"
10976 -p "$P_PXY drop=5 delay=5 duplicate=5" \
10977 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=required" \
10978 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0" \
10980 -s "Extra-header:" \
10981 -c "HTTP/1.0 200 OK"
10986 -p "$P_PXY drop=5 delay=5 duplicate=5" \
10987 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1 auth_mode=none" \
10988 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1" \
10990 -s "Extra-header:" \
10991 -c "HTTP/1.0 200 OK"
10996 -p "$P_PXY drop=5 delay=5 duplicate=5" \
10997 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1 auth_mode=required" \
10998 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1" \
11000 -s "Extra-header:" \
11001 -c "HTTP/1.0 200 OK"
11006 -p "$P_PXY drop=5 delay=5 duplicate=5" \
11007 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 nbio=2 tickets=1 \
11009 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 nbio=2 tickets=1" \
11011 -s "Extra-header:" \
11012 -c "HTTP/1.0 200 OK"
11018 -p "$P_PXY drop=5 delay=5 duplicate=5" \
11019 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
11021 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
11023 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
11025 -s "a session has been resumed" \
11026 -c "a session has been resumed" \
11027 -s "Extra-header:" \
11028 -c "HTTP/1.0 200 OK"
11034 -p "$P_PXY drop=5 delay=5 duplicate=5" \
11035 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
11037 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
11039 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8 nbio=2" \
11041 -s "a session has been resumed" \
11042 -c "a session has been resumed" \
11043 -s "Extra-header:" \
11044 -c "HTTP/1.0 200 OK"
11049 run_test "DTLS proxy: 3d, min handshake, client-initiated renego" \
11050 -p "$P_PXY drop=5 delay=5 duplicate=5" \
11051 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
11053 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
11055 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
11057 -c "=> renegotiate" \
11058 -s "=> renegotiate" \
11059 -s "Extra-header:" \
11060 -c "HTTP/1.0 200 OK"
11065 run_test "DTLS proxy: 3d, min handshake, client-initiated renego, nbio" \
11066 -p "$P_PXY drop=5 delay=5 duplicate=5" \
11067 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
11069 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
11071 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
11073 -c "=> renegotiate" \
11074 -s "=> renegotiate" \
11075 -s "Extra-header:" \
11076 -c "HTTP/1.0 200 OK"
11081 run_test "DTLS proxy: 3d, min handshake, server-initiated renego" \
11082 -p "$P_PXY drop=5 delay=5 duplicate=5" \
11083 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
11086 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
11088 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
11090 -c "=> renegotiate" \
11091 -s "=> renegotiate" \
11092 -s "Extra-header:" \
11093 -c "HTTP/1.0 200 OK"
11098 run_test "DTLS proxy: 3d, min handshake, server-initiated renego, nbio" \
11099 -p "$P_PXY drop=5 delay=5 duplicate=5" \
11100 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
11103 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
11105 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
11107 -c "=> renegotiate" \
11108 -s "=> renegotiate" \
11109 -s "Extra-header:" \
11110 -c "HTTP/1.0 200 OK"
11112 ## The three tests below require 1.1.1a or higher version of openssl, otherwise
11113 ## it might trigger a bug due to openssl (https://github.com/openssl/openssl/issues/6902)
11114 ## Besides, openssl should use dtls1_2 or dtls, otherwise it will cause "SSL alert number 70" error
11117 not_with_valgrind # risk of non-mbedtls peer timing out
11119 run_test "DTLS proxy: 3d, openssl server" \
11120 -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
11121 "$O_NEXT_SRV -dtls1_2 -mtu 2048" \
11122 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 tickets=0" \
11124 -c "HTTP/1.0 200 OK"
11128 not_with_valgrind # risk of non-mbedtls peer timing out
11130 run_test "DTLS proxy: 3d, openssl server, fragmentation" \
11131 -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
11132 "$O_NEXT_SRV -dtls1_2 -mtu 768" \
11133 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 tickets=0" \
11135 -c "HTTP/1.0 200 OK"
11139 not_with_valgrind # risk of non-mbedtls peer timing out
11141 run_test "DTLS proxy: 3d, openssl server, fragmentation, nbio" \
11142 -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
11143 "$O_NEXT_SRV -dtls1_2 -mtu 768" \
11144 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 nbio=2 tickets=0" \
11146 -c "HTTP/1.0 200 OK"
11150 not_with_valgrind # risk of non-mbedtls peer timing out
11153 -p "$P_PXY drop=5 delay=5 duplicate=5" \
11154 "$G_SRV -u --mtu 2048 -a" \
11155 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000" \
11157 -s "Extra-header:" \
11158 -c "Extra-header:"
11162 not_with_valgrind # risk of non-mbedtls peer timing out
11165 -p "$P_PXY drop=5 delay=5 duplicate=5" \
11166 "$G_NEXT_SRV -u --mtu 512" \
11167 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000" \
11169 -s "Extra-header:" \
11170 -c "Extra-header:"
11174 not_with_valgrind # risk of non-mbedtls peer timing out
11177 -p "$P_PXY drop=5 delay=5 duplicate=5" \
11178 "$G_NEXT_SRV -u --mtu 512" \
11179 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 nbio=2" \
11181 -s "Extra-header:" \
11182 -c "Extra-header:"
11189 -c "EAP-TLS key material is:"\
11190 -s "EAP-TLS key material is:"\
11191 -c "EAP-TLS IV is:" \
11192 -s "EAP-TLS IV is:"
11194 # openssl feature tests: check if tls1.3 exists.
11196 run_test "TLS 1.3: Test openssl tls1_3 feature" \
11197 "$O_NEXT_SRV -tls1_3 -msg" \
11198 "$O_NEXT_CLI -tls1_3 -msg" \
11200 -c "TLS 1.3" \
11201 -s "TLS 1.3"
11208 …"$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_TLS13_COMPA…
11209 …"$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_…
11211 -s "Version: TLS1.3" \
11212 -c "Version: TLS1.3"
11220 run_test "TLS 1.3: minimal feature sets - openssl" \
11221 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
11224 -c "client state: MBEDTLS_SSL_HELLO_REQUEST" \
11225 -c "client state: MBEDTLS_SSL_SERVER_HELLO" \
11226 -c "client state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
11227 -c "client state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \
11228 -c "client state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
11229 -c "client state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \
11230 -c "client state: MBEDTLS_SSL_SERVER_FINISHED" \
11231 -c "client state: MBEDTLS_SSL_CLIENT_FINISHED" \
11232 -c "client state: MBEDTLS_SSL_FLUSH_BUFFERS" \
11233 -c "client state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \
11234 -c "<= ssl_tls13_process_server_hello" \
11235 -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
11236 -c "ECDH curve: x25519" \
11237 -c "=> ssl_tls13_process_server_hello" \
11238 -c "<= parse encrypted extensions" \
11239 -c "Certificate verification flags clear" \
11240 -c "=> parse certificate verify" \
11241 -c "<= parse certificate verify" \
11242 -c "mbedtls_ssl_tls13_process_certificate_verify() returned 0" \
11243 -c "<= parse finished message" \
11244 -c "Protocol is TLSv1.3" \
11245 -c "HTTP/1.0 200 ok"
11253 run_test "TLS 1.3: minimal feature sets - gnutls" \
11254 …"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS --disable-…
11257 -s "SERVER HELLO was queued" \
11258 -c "client state: MBEDTLS_SSL_HELLO_REQUEST" \
11259 -c "client state: MBEDTLS_SSL_SERVER_HELLO" \
11260 -c "client state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
11261 -c "client state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \
11262 -c "client state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
11263 -c "client state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \
11264 -c "client state: MBEDTLS_SSL_SERVER_FINISHED" \
11265 -c "client state: MBEDTLS_SSL_CLIENT_FINISHED" \
11266 -c "client state: MBEDTLS_SSL_FLUSH_BUFFERS" \
11267 -c "client state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \
11268 -c "<= ssl_tls13_process_server_hello" \
11269 -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
11270 -c "ECDH curve: x25519" \
11271 -c "=> ssl_tls13_process_server_hello" \
11272 -c "<= parse encrypted extensions" \
11273 -c "Certificate verification flags clear" \
11274 -c "=> parse certificate verify" \
11275 -c "<= parse certificate verify" \
11276 -c "mbedtls_ssl_tls13_process_certificate_verify() returned 0" \
11277 -c "<= parse finished message" \
11278 -c "Protocol is TLSv1.3" \
11279 -c "HTTP/1.0 200 OK"
11287 run_test "TLS 1.3: alpn - openssl" \
11288 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -alpn h2" \
11291 -c "client state: MBEDTLS_SSL_HELLO_REQUEST" \
11292 -c "client state: MBEDTLS_SSL_SERVER_HELLO" \
11293 -c "client state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
11294 -c "client state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \
11295 -c "client state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
11296 -c "client state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \
11297 -c "client state: MBEDTLS_SSL_SERVER_FINISHED" \
11298 -c "client state: MBEDTLS_SSL_CLIENT_FINISHED" \
11299 -c "client state: MBEDTLS_SSL_FLUSH_BUFFERS" \
11300 -c "client state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \
11301 -c "<= ssl_tls13_process_server_hello" \
11302 -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
11303 -c "ECDH curve: x25519" \
11304 -c "=> ssl_tls13_process_server_hello" \
11305 -c "<= parse encrypted extensions" \
11306 -c "Certificate verification flags clear" \
11307 -c "=> parse certificate verify" \
11308 -c "<= parse certificate verify" \
11309 -c "mbedtls_ssl_tls13_process_certificate_verify() returned 0" \
11310 -c "<= parse finished message" \
11311 -c "Protocol is TLSv1.3" \
11312 -c "HTTP/1.0 200 ok" \
11313 -c "Application Layer Protocol is h2"
11322 run_test "TLS 1.3: alpn - gnutls" \
11323 …"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS --disable-…
11326 -s "SERVER HELLO was queued" \
11327 -c "client state: MBEDTLS_SSL_HELLO_REQUEST" \
11328 -c "client state: MBEDTLS_SSL_SERVER_HELLO" \
11329 -c "client state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
11330 -c "client state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \
11331 -c "client state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
11332 -c "client state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \
11333 -c "client state: MBEDTLS_SSL_SERVER_FINISHED" \
11334 -c "client state: MBEDTLS_SSL_CLIENT_FINISHED" \
11335 -c "client state: MBEDTLS_SSL_FLUSH_BUFFERS" \
11336 -c "client state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \
11337 -c "<= ssl_tls13_process_server_hello" \
11338 -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
11339 -c "ECDH curve: x25519" \
11340 -c "=> ssl_tls13_process_server_hello" \
11341 -c "<= parse encrypted extensions" \
11342 -c "Certificate verification flags clear" \
11343 -c "=> parse certificate verify" \
11344 -c "<= parse certificate verify" \
11345 -c "mbedtls_ssl_tls13_process_certificate_verify() returned 0" \
11346 -c "<= parse finished message" \
11347 -c "Protocol is TLSv1.3" \
11348 -c "HTTP/1.0 200 OK" \
11349 -c "Application Layer Protocol is h2"
11356 run_test "TLS 1.3: server alpn - openssl" \
11358 "$O_NEXT_CLI -msg -tls1_3 -no_middlebox -alpn h2" \
11360 -s "found alpn extension" \
11361 -s "server side, adding alpn extension" \
11362 -s "Protocol is TLSv1.3" \
11363 -s "HTTP/1.0 200 OK" \
11364 -s "Application Layer Protocol is h2"
11371 run_test "TLS 1.3: server alpn - gnutls" \
11373 …"$G_NEXT_CLI localhost -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_CO…
11375 -s "found alpn extension" \
11376 -s "server side, adding alpn extension" \
11377 -s "Protocol is TLSv1.3" \
11378 -s "HTTP/1.0 200 OK" \
11379 -s "Application Layer Protocol is h2"
11387 "$G_NEXT_SRV --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0 -d 4" \
11390 -s "Client's version: 3.3" \
11391 -S "Version: TLS1.0" \
11392 -C "Protocol is TLSv1.0"
11400 "$G_NEXT_SRV --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1 -d 4" \
11403 -s "Client's version: 3.3" \
11404 -S "Version: TLS1.1" \
11405 -C "Protocol is TLSv1.1"
11413 "$G_NEXT_SRV --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2 -d 4" \
11416 -s "Client's version: 3.3" \
11417 -c "is a fatal alert message (msg 40)" \
11418 -S "Version: TLS1.2" \
11419 -C "Protocol is TLSv1.2"
11426 run_test "TLS 1.3: Not supported version check:openssl: srv max TLS 1.0" \
11427 "$O_NEXT_SRV -msg -tls1" \
11430 -s "fatal protocol_version" \
11431 -c "is a fatal alert message (msg 70)" \
11432 -S "Version: TLS1.0" \
11433 -C "Protocol : TLSv1.0"
11440 run_test "TLS 1.3: Not supported version check:openssl: srv max TLS 1.1" \
11441 "$O_NEXT_SRV -msg -tls1_1" \
11444 -s "fatal protocol_version" \
11445 -c "is a fatal alert message (msg 70)" \
11446 -S "Version: TLS1.1" \
11447 -C "Protocol : TLSv1.1"
11454 run_test "TLS 1.3: Not supported version check:openssl: srv max TLS 1.2" \
11455 "$O_NEXT_SRV -msg -tls1_2" \
11458 -s "fatal protocol_version" \
11459 -c "is a fatal alert message (msg 70)" \
11460 -S "Version: TLS1.2" \
11461 -C "Protocol : TLSv1.2"
11468 run_test "TLS 1.3: Client authentication, no client certificate - openssl" \
11469 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -verify 10" \
11472 -c "got a certificate request" \
11473 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11474 -s "TLS 1.3" \
11475 -c "HTTP/1.0 200 ok" \
11476 -c "Protocol is TLSv1.3"
11484 run_test "TLS 1.3: Client authentication, no client certificate - gnutls" \
11485 …"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS --verify-c…
11488 -c "got a certificate request" \
11489 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE"\
11490 -s "Version: TLS1.3" \
11491 -c "HTTP/1.0 200 OK" \
11492 -c "Protocol is TLSv1.3"
11499 run_test "TLS 1.3: Client authentication, no server middlebox compat - openssl" \
11500 …"$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10 -no_middlebox" \
11503 -c "got a certificate request" \
11504 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11505 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11506 -c "Protocol is TLSv1.3"
11513 run_test "TLS 1.3: Client authentication, no server middlebox compat - gnutls" \
11514 …"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_T…
11518 -c "got a certificate request" \
11519 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11520 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11521 -c "Protocol is TLSv1.3"
11528 run_test "TLS 1.3: Client authentication, ecdsa_secp256r1_sha256 - openssl" \
11529 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
11533 -c "got a certificate request" \
11534 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11535 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11536 -c "Protocol is TLSv1.3"
11544 run_test "TLS 1.3: Client authentication, ecdsa_secp256r1_sha256 - gnutls" \
11545 … "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
11549 -c "got a certificate request" \
11550 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11551 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11552 -c "Protocol is TLSv1.3"
11559 run_test "TLS 1.3: Client authentication, ecdsa_secp384r1_sha384 - openssl" \
11560 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
11564 -c "got a certificate request" \
11565 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11566 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11567 -c "Protocol is TLSv1.3"
11575 run_test "TLS 1.3: Client authentication, ecdsa_secp384r1_sha384 - gnutls" \
11576 … "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
11580 -c "got a certificate request" \
11581 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11582 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11583 -c "Protocol is TLSv1.3"
11590 run_test "TLS 1.3: Client authentication, ecdsa_secp521r1_sha512 - openssl" \
11591 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
11595 -c "got a certificate request" \
11596 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11597 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11598 -c "Protocol is TLSv1.3"
11606 run_test "TLS 1.3: Client authentication, ecdsa_secp521r1_sha512 - gnutls" \
11607 … "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
11611 -c "got a certificate request" \
11612 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11613 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11614 -c "Protocol is TLSv1.3"
11622 run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha256 - openssl" \
11623 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
11627 -c "got a certificate request" \
11628 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11629 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11630 -c "Protocol is TLSv1.3"
11639 run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha256 - gnutls" \
11640 … "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
11641 "$P_CLI debug_level=3 crt_file=data_files/server2-sha256.crt \
11644 -c "got a certificate request" \
11645 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11646 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11647 -c "Protocol is TLSv1.3"
11655 run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha384 - openssl" \
11656 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
11660 -c "got a certificate request" \
11661 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11662 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11663 -c "Protocol is TLSv1.3"
11672 run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha384 - gnutls" \
11673 … "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
11674 "$P_CLI debug_level=3 force_version=tls13 crt_file=data_files/server2-sha256.crt \
11677 -c "got a certificate request" \
11678 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11679 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11680 -c "Protocol is TLSv1.3"
11688 run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha512 - openssl" \
11689 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
11693 -c "got a certificate request" \
11694 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11695 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11696 -c "Protocol is TLSv1.3"
11705 run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha512 - gnutls" \
11706 … "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
11707 "$P_CLI debug_level=3 force_version=tls13 crt_file=data_files/server2-sha256.crt \
11710 -c "got a certificate request" \
11711 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11712 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11713 -c "Protocol is TLSv1.3"
11721 run_test "TLS 1.3: Client authentication, client alg not in server list - openssl" \
11722 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10
11723 -sigalgs ecdsa_secp256r1_sha256" \
11727 -c "got a certificate request" \
11728 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11729 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11730 -c "no suitable signature algorithm" \
11731 -C "unknown pk type"
11740 run_test "TLS 1.3: Client authentication, client alg not in server list - gnutls" \
11741 …"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:-SIGN-ALL:+SIGN-ECDSA-…
11745 -c "got a certificate request" \
11746 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11747 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11748 -c "no suitable signature algorithm" \
11749 -C "unknown pk type"
11757 run_test "TLS 1.3: Client authentication - opaque key, no server middlebox compat - openssl" \
11758 …"$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10 -no_middlebox" \
11761 -c "got a certificate request" \
11762 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11763 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11764 -c "Protocol is TLSv1.3"
11772 run_test "TLS 1.3: Client authentication - opaque key, no server middlebox compat - gnutls" \
11773 …"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_T…
11777 -c "got a certificate request" \
11778 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11779 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11780 -c "Protocol is TLSv1.3"
11788 run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp256r1_sha256 - openssl" \
11789 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
11793 -c "got a certificate request" \
11794 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11795 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11796 -c "Protocol is TLSv1.3"
11805 run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp256r1_sha256 - gnutls" \
11806 … "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
11810 -c "got a certificate request" \
11811 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11812 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11813 -c "Protocol is TLSv1.3"
11821 run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp384r1_sha384 - openssl" \
11822 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
11826 -c "got a certificate request" \
11827 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11828 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11829 -c "Protocol is TLSv1.3"
11838 run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp384r1_sha384 - gnutls" \
11839 … "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
11843 -c "got a certificate request" \
11844 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11845 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11846 -c "Protocol is TLSv1.3"
11854 run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp521r1_sha512 - openssl" \
11855 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
11859 -c "got a certificate request" \
11860 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11861 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11862 -c "Protocol is TLSv1.3"
11871 run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp521r1_sha512 - gnutls" \
11872 … "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
11876 -c "got a certificate request" \
11877 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11878 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11879 -c "Protocol is TLSv1.3"
11888 run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha256 - openssl" \
11889 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
11893 -c "got a certificate request" \
11894 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11895 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11896 -c "Protocol is TLSv1.3"
11906 run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha256 - gnutls" \
11907 … "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
11908 "$P_CLI debug_level=3 crt_file=data_files/server2-sha256.crt \
11911 -c "got a certificate request" \
11912 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11913 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11914 -c "Protocol is TLSv1.3"
11923 run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha384 - openssl" \
11924 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
11928 -c "got a certificate request" \
11929 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11930 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11931 -c "Protocol is TLSv1.3"
11941 run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha384 - gnutls" \
11942 … "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
11943 "$P_CLI debug_level=3 force_version=tls13 crt_file=data_files/server2-sha256.crt \
11946 -c "got a certificate request" \
11947 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11948 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11949 -c "Protocol is TLSv1.3"
11958 run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha512 - openssl" \
11959 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
11963 -c "got a certificate request" \
11964 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11965 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11966 -c "Protocol is TLSv1.3"
11976 run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha512 - gnutls" \
11977 … "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
11978 "$P_CLI debug_level=3 force_version=tls13 crt_file=data_files/server2-sha256.crt \
11981 -c "got a certificate request" \
11982 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
11983 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
11984 -c "Protocol is TLSv1.3"
11993 run_test "TLS 1.3: Client authentication - opaque key, client alg not in server list - openssl" \
11994 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10
11995 -sigalgs ecdsa_secp256r1_sha256" \
11999 -c "got a certificate request" \
12000 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12001 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12002 -c "no suitable signature algorithm" \
12003 -C "unkown pk type"
12013 run_test "TLS 1.3: Client authentication - opaque key, client alg not in server list - gnutls" \
12014 …"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:-SIGN-ALL:+SIGN-ECDSA-…
12018 -c "got a certificate request" \
12019 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12020 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12021 -c "no suitable signature algorithm" \
12022 -C "unkown pk type"
12029 run_test "TLS 1.3: HRR check, ciphersuite TLS_AES_128_GCM_SHA256 - openssl" \
12030 …NEXT_SRV -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg …
12033 -c "received HelloRetryRequest message" \
12034 -c "<= ssl_tls13_process_server_hello ( HelloRetryRequest )" \
12035 -c "client state: MBEDTLS_SSL_CLIENT_HELLO" \
12036 -c "Protocol is TLSv1.3" \
12037 -c "HTTP/1.0 200 ok"
12044 run_test "TLS 1.3: HRR check, ciphersuite TLS_AES_256_GCM_SHA384 - openssl" \
12045 …NEXT_SRV -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg …
12048 -c "received HelloRetryRequest message" \
12049 -c "<= ssl_tls13_process_server_hello ( HelloRetryRequest )" \
12050 -c "client state: MBEDTLS_SSL_CLIENT_HELLO" \
12051 -c "Protocol is TLSv1.3" \
12052 -c "HTTP/1.0 200 ok"
12060 run_test "TLS 1.3: HRR check, ciphersuite TLS_AES_128_GCM_SHA256 - gnutls" \
12061 …EXT_SRV -d 4 --priority=NONE:+GROUP-SECP256R1:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA…
12064 -c "received HelloRetryRequest message" \
12065 -c "<= ssl_tls13_process_server_hello ( HelloRetryRequest )" \
12066 -c "client state: MBEDTLS_SSL_CLIENT_HELLO" \
12067 -c "Protocol is TLSv1.3" \
12068 -c "HTTP/1.0 200 OK"
12076 run_test "TLS 1.3: HRR check, ciphersuite TLS_AES_256_GCM_SHA384 - gnutls" \
12077 …EXT_SRV -d 4 --priority=NONE:+GROUP-SECP256R1:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP256R1-SHA…
12080 -c "received HelloRetryRequest message" \
12081 -c "<= ssl_tls13_process_server_hello ( HelloRetryRequest )" \
12082 -c "client state: MBEDTLS_SSL_CLIENT_HELLO" \
12083 -c "Protocol is TLSv1.3" \
12084 -c "HTTP/1.0 200 OK"
12090 run_test "TLS 1.3: Server side check - openssl" \
12092 "$O_NEXT_CLI -msg -debug -tls1_3 -no_middlebox" \
12094 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \
12095 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \
12096 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
12097 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
12098 -s "tls13 server state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \
12099 -s "tls13 server state: MBEDTLS_SSL_SERVER_FINISHED" \
12100 -s "tls13 server state: MBEDTLS_SSL_CLIENT_FINISHED" \
12101 -s "tls13 server state: MBEDTLS_SSL_HANDSHAKE_WRAPUP"
12107 run_test "TLS 1.3: Server side check - openssl with client authentication" \
12109 …"$O_NEXT_CLI -msg -debug -cert data_files/server5.crt -key data_files/server5.key -tls1_3 -no_midd…
12111 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \
12112 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \
12113 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
12114 -s "tls13 server state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \
12115 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
12116 -s "tls13 server state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \
12117 -s "tls13 server state: MBEDTLS_SSL_SERVER_FINISHED" \
12118 -s "=> write certificate request" \
12119 -s "=> parse client hello" \
12120 -s "<= parse client hello"
12127 run_test "TLS 1.3: Server side check - gnutls" \
12129 …"$G_NEXT_CLI localhost -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_CO…
12131 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \
12132 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \
12133 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
12134 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
12135 -s "tls13 server state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \
12136 -s "tls13 server state: MBEDTLS_SSL_SERVER_FINISHED" \
12137 -s "tls13 server state: MBEDTLS_SSL_CLIENT_FINISHED" \
12138 -s "tls13 server state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \
12139 -c "HTTP/1.0 200 OK"
12146 run_test "TLS 1.3: Server side check - gnutls with client authentication" \
12148 …-d 4 --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key --priority=NORMAL:…
12150 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \
12151 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \
12152 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
12153 -s "tls13 server state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \
12154 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
12155 -s "tls13 server state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \
12156 -s "tls13 server state: MBEDTLS_SSL_SERVER_FINISHED" \
12157 -s "=> write certificate request" \
12158 -s "=> parse client hello" \
12159 -s "<= parse client hello"
12165 run_test "TLS 1.3: Server side check - mbedtls" \
12169 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \
12170 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \
12171 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
12172 -s "tls13 server state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \
12173 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
12174 -s "tls13 server state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \
12175 -s "tls13 server state: MBEDTLS_SSL_SERVER_FINISHED" \
12176 -s "tls13 server state: MBEDTLS_SSL_CLIENT_FINISHED" \
12177 -s "tls13 server state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \
12178 -c "HTTP/1.0 200 OK"
12184 run_test "TLS 1.3: Server side check - mbedtls with client authentication" \
12188 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \
12189 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \
12190 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
12191 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
12192 -s "=> write certificate request" \
12193 -c "client state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \
12194 -s "=> parse client hello" \
12195 -s "<= parse client hello"
12201 run_test "TLS 1.3: Server side check - mbedtls with client empty certificate" \
12205 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \
12206 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \
12207 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
12208 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
12209 -s "=> write certificate request" \
12210 …-s "SSL - No client certification received from the client, but required by the authentication mod…
12211 -c "client state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \
12212 -s "=> parse client hello" \
12213 -s "<= parse client hello"
12219 run_test "TLS 1.3: Server side check - mbedtls with optional client authentication" \
12223 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \
12224 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \
12225 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
12226 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
12227 -s "=> write certificate request" \
12228 -c "client state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \
12229 -s "=> parse client hello" \
12230 -s "<= parse client hello"
12236 run_test "TLS 1.3: server: HRR check - mbedtls" \
12240 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \
12241 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \
12242 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
12243 -s "tls13 server state: MBEDTLS_SSL_HELLO_RETRY_REQUEST" \
12244 -c "client state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
12245 -s "selected_group: secp384r1" \
12246 -s "=> write hello retry request" \
12247 -s "<= write hello retry request"
12257 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
12258 -s "No certificate available."
12265 run_test "TLS 1.3: Server side check - openssl with sni" \
12267 …s/server5.key,data_files/test-ca_cat12.crt,-,-,polarssl.example,data_files/server1-nospace.crt,dat…
12268 …$O_NEXT_CLI -msg -debug -servername localhost -CAfile data_files/test-ca_cat12.crt -cert data_file…
12270 -s "parse ServerName extension" \
12271 -s "HTTP/1.0 200 OK"
12278 run_test "TLS 1.3: Server side check - gnutls with sni" \
12280 …s/server5.key,data_files/test-ca_cat12.crt,-,-,polarssl.example,data_files/server1-nospace.crt,dat…
12281 …-d 4 --sni-hostname=localhost --x509certfile data_files/server5.crt --x509keyfile data_files/serve…
12283 -s "parse ServerName extension" \
12284 -s "HTTP/1.0 200 OK"
12291 run_test "TLS 1.3: Server side check - mbedtls with sni" \
12293 …server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_file…
12297 -s "parse ServerName extension" \
12298 -s "HTTP/1.0 200 OK"
12300 for i in opt-testcases/*.sh
12314 run_test "TLS 1.3 m->m both peers do not support middlebox compatibility" \
12318 -s "Protocol is TLSv1.3" \
12319 -c "Protocol is TLSv1.3" \
12320 -S "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO" \
12321 -C "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
12328 run_test "TLS 1.3 m->m both with middlebox compat support" \
12332 -s "Protocol is TLSv1.3" \
12333 -c "Protocol is TLSv1.3" \
12334 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO" \
12335 -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
12342 run_test "TLS 1.3 m->O both peers do not support middlebox compatibility" \
12343 "$O_NEXT_SRV -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
12346 -c "Protocol is TLSv1.3" \
12347 -C "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode" \
12348 -C "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
12355 run_test "TLS 1.3 m->O server with middlebox compat support, not client" \
12356 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
12359 -c "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode"
12366 run_test "TLS 1.3 m->O both with middlebox compat support" \
12367 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
12370 -c "Protocol is TLSv1.3" \
12371 -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
12380 run_test "TLS 1.3 m->G both peers do not support middlebox compatibility" \
12381 …"$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_TLS13_COMPA…
12384 -c "Protocol is TLSv1.3" \
12385 -C "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode" \
12386 -C "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
12394 run_test "TLS 1.3 m->G server with middlebox compat support, not client" \
12395 …"$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS --disable-client-cer…
12398 -c "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode"
12406 run_test "TLS 1.3 m->G both with middlebox compat support" \
12407 …"$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS --disable-client-cer…
12410 -c "Protocol is TLSv1.3" \
12411 -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
12418 run_test "TLS 1.3 O->m both peers do not support middlebox compatibility" \
12420 "$O_NEXT_CLI -msg -debug -no_middlebox" \
12422 -s "Protocol is TLSv1.3" \
12423 -S "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO" \
12424 -C "14 03 03 00 01"
12431 run_test "TLS 1.3 O->m server with middlebox compat support, not client" \
12433 "$O_NEXT_CLI -msg -debug -no_middlebox" \
12435 -s "Protocol is TLSv1.3" \
12436 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO"
12443 run_test "TLS 1.3 O->m both with middlebox compat support" \
12445 "$O_NEXT_CLI -msg -debug" \
12447 -s "Protocol is TLSv1.3" \
12448 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO" \
12449 -c "14 03 03 00 01"
12458 run_test "TLS 1.3 G->m both peers do not support middlebox compatibility" \
12460 "$G_NEXT_CLI localhost --priority=NORMAL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \
12462 -s "Protocol is TLSv1.3" \
12463 -S "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO" \
12464 -C "SSL 3.3 ChangeCipherSpec packet received"
12473 run_test "TLS 1.3 G->m server with middlebox compat support, not client" \
12475 … "$G_NEXT_CLI localhost --debug=10 --priority=NORMAL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \
12477 -s "Protocol is TLSv1.3" \
12478 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO" \
12479 -c "SSL 3.3 ChangeCipherSpec packet received" \
12480 -c "discarding change cipher spec in TLS1.3"
12489 run_test "TLS 1.3 G->m both with middlebox compat support" \
12491 … "$G_NEXT_CLI localhost --debug=10 --priority=NORMAL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \
12493 -s "Protocol is TLSv1.3" \
12494 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO" \
12495 -c "SSL 3.3 ChangeCipherSpec packet received"
12502 run_test "TLS 1.3 m->m HRR both peers do not support middlebox compatibility" \
12506 -s "Protocol is TLSv1.3" \
12507 -c "Protocol is TLSv1.3" \
12508 -s "tls13 server state: MBEDTLS_SSL_HELLO_RETRY_REQUEST" \
12509 -S "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \
12510 -C "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
12517 run_test "TLS 1.3 m->m HRR both with middlebox compat support" \
12521 -s "Protocol is TLSv1.3" \
12522 -c "Protocol is TLSv1.3" \
12523 -s "tls13 server state: MBEDTLS_SSL_HELLO_RETRY_REQUEST" \
12524 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \
12525 -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
12532 run_test "TLS 1.3 m->O HRR both peers do not support middlebox compatibility" \
12533 "$O_NEXT_SRV -msg -tls1_3 -groups P-384 -no_middlebox -num_tickets 0 -no_cache" \
12536 -c "Protocol is TLSv1.3" \
12537 -c "received HelloRetryRequest message" \
12538 -C "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode" \
12539 -C "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
12546 run_test "TLS 1.3 m->O HRR server with middlebox compat support, not client" \
12547 "$O_NEXT_SRV -msg -tls1_3 -groups P-384 -num_tickets 0 -no_cache" \
12550 -c "received HelloRetryRequest message" \
12551 -c "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode"
12558 run_test "TLS 1.3 m->O HRR both with middlebox compat support" \
12559 "$O_NEXT_SRV -msg -tls1_3 -groups P-384 -num_tickets 0 -no_resume_ephemeral -no_cache" \
12562 -c "Protocol is TLSv1.3" \
12563 -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
12572 run_test "TLS 1.3 m->G HRR both peers do not support middlebox compatibility" \
12573 …"$G_NEXT_SRV --priority=NORMAL:-GROUP-ALL:+GROUP-SECP384R1:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS:%DIS…
12576 -c "Protocol is TLSv1.3" \
12577 -c "received HelloRetryRequest message" \
12578 -C "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode" \
12579 -C "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
12587 run_test "TLS 1.3 m->G HRR server with middlebox compat support, not client" \
12588 …"$G_NEXT_SRV --priority=NORMAL:-GROUP-ALL:+GROUP-SECP384R1:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS --di…
12591 -c "received HelloRetryRequest message" \
12592 -c "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode"
12600 run_test "TLS 1.3 m->G HRR both with middlebox compat support" \
12601 …"$G_NEXT_SRV --priority=NORMAL:-GROUP-ALL:+GROUP-SECP384R1:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_…
12604 -c "Protocol is TLSv1.3" \
12605 -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
12612 run_test "TLS 1.3 O->m HRR both peers do not support middlebox compatibility" \
12614 "$O_NEXT_CLI -msg -debug -groups P-256:P-384 -no_middlebox" \
12616 -s "Protocol is TLSv1.3" \
12617 -S "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \
12618 -C "14 03 03 00 01"
12625 run_test "TLS 1.3 O->m HRR server with middlebox compat support, not client" \
12627 "$O_NEXT_CLI -msg -debug -groups P-256:P-384 -no_middlebox" \
12629 -s "Protocol is TLSv1.3" \
12630 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \
12637 run_test "TLS 1.3 O->m HRR both with middlebox compat support" \
12639 "$O_NEXT_CLI -msg -debug -groups P-256:P-384" \
12641 -s "Protocol is TLSv1.3" \
12642 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \
12643 -c "14 03 03 00 01"
12652 run_test "TLS 1.3 G->m HRR both peers do not support middlebox compatibility" \
12654 …"$G_NEXT_CLI localhost --priority=NORMAL:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1:%NO_TICKETS:…
12656 -s "Protocol is TLSv1.3" \
12657 -S "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \
12658 -C "SSL 3.3 ChangeCipherSpec packet received"
12667 run_test "TLS 1.3 G->m HRR server with middlebox compat support, not client" \
12669 …NEXT_CLI localhost --debug=10 --priority=NORMAL:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1:%NO_T…
12671 -s "Protocol is TLSv1.3" \
12672 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \
12673 -c "SSL 3.3 ChangeCipherSpec packet received" \
12674 -c "discarding change cipher spec in TLS1.3"
12683 run_test "TLS 1.3 G->m HRR both with middlebox compat support" \
12685 …NEXT_CLI localhost --debug=10 --priority=NORMAL:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1:%NO_T…
12687 -s "Protocol is TLSv1.3" \
12688 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \
12689 -c "SSL 3.3 ChangeCipherSpec packet received"
12696 run_test "TLS 1.3: Check signature algorithm order, m->O" \
12697 "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key
12698 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache
12699 …-Verify 10 -sigalgs rsa_pkcs1_sha512:rsa_pss_rsae_sha512:rsa_pss_rsae_sha384:ecdsa_secp256r1_sha25…
12700 … "$P_CLI debug_level=4 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key \
12703 -c "Protocol is TLSv1.3" \
12704 -c "CertificateVerify signature with rsa_pss_rsae_sha512" \
12705 -c "HTTP/1.0 200 [Oo][Kk]"
12712 run_test "TLS 1.3: Check signature algorithm order, m->G" \
12713 …"$G_NEXT_SRV_NO_CERT --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2…
12714 -d 4
12715 …--priority=NORMAL:-VERS-ALL:-SIGN-ALL:+SIGN-RSA-SHA512:+SIGN-RSA-PSS-RSAE-SHA512:+SIGN-RSA-PSS-RSA…
12716 … "$P_CLI debug_level=4 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key \
12719 -c "Protocol is TLSv1.3" \
12720 -c "CertificateVerify signature with rsa_pss_rsae_sha512" \
12721 -c "HTTP/1.0 200 [Oo][Kk]"
12728 run_test "TLS 1.3: Check signature algorithm order, m->m" \
12730 crt_file2=data_files/server2-sha256.crt key_file2=data_files/server2.key
12733 … "$P_CLI debug_level=4 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key \
12736 -c "Protocol is TLSv1.3" \
12737 -c "CertificateVerify signature with rsa_pss_rsae_sha512" \
12738 -s "CertificateVerify signature with rsa_pss_rsae_sha512" \
12739 -s "ssl_tls13_pick_key_cert:selected signature algorithm rsa_pss_rsae_sha512" \
12740 -c "HTTP/1.0 200 [Oo][Kk]"
12747 run_test "TLS 1.3: Check signature algorithm order, O->m" \
12749 crt_file2=data_files/server2-sha256.crt key_file2=data_files/server2.key
12752 "$O_NEXT_CLI_NO_CERT -msg -CAfile data_files/test-ca_cat12.crt \
12753 -cert data_files/server2-sha256.crt -key data_files/server2.key \
12754 … -sigalgs rsa_pkcs1_sha512:rsa_pss_rsae_sha512:rsa_pss_rsae_sha384:ecdsa_secp256r1_sha256" \
12756 -c "TLSv1.3" \
12757 -s "CertificateVerify signature with rsa_pss_rsae_sha512" \
12758 -s "ssl_tls13_pick_key_cert:selected signature algorithm rsa_pss_rsae_sha512"
12765 run_test "TLS 1.3: Check signature algorithm order, G->m" \
12767 crt_file2=data_files/server2-sha256.crt key_file2=data_files/server2.key
12770 "$G_NEXT_CLI_NO_CERT localhost -d 4 --x509cafile data_files/test-ca_cat12.crt \
12771 … --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key \
12772 …--priority=NORMAL:-SIGN-ALL:+SIGN-RSA-SHA512:+SIGN-RSA-PSS-RSAE-SHA512:+SIGN-RSA-PSS-RSAE-SHA384" …
12774 -c "Negotiated version: 3.4" \
12775 -c "HTTP/1.0 200 [Oo][Kk]" \
12776 -s "CertificateVerify signature with rsa_pss_rsae_sha512" \
12777 -s "ssl_tls13_pick_key_cert:selected signature algorithm rsa_pss_rsae_sha512"
12784 run_test "TLS 1.3: Check server no suitable signature algorithm, G->m" \
12786 crt_file2=data_files/server2-sha256.crt key_file2=data_files/server2.key
12789 "$G_NEXT_CLI_NO_CERT localhost -d 4 --x509cafile data_files/test-ca_cat12.crt \
12790 … --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key \
12791 …--priority=NORMAL:-SIGN-ALL:+SIGN-RSA-SHA512:+SIGN-RSA-PSS-RSAE-SHA512:+SIGN-ECDSA-SECP521R1-SHA51…
12793 -S "ssl_tls13_pick_key_cert:check signature algorithm"
12800 run_test "TLS 1.3: Check server no suitable signature algorithm, O->m" \
12802 crt_file2=data_files/server2-sha256.crt key_file2=data_files/server2.key
12805 "$O_NEXT_CLI_NO_CERT -msg -CAfile data_files/test-ca_cat12.crt \
12806 -cert data_files/server2-sha256.crt -key data_files/server2.key \
12807 … -sigalgs rsa_pkcs1_sha512:rsa_pss_rsae_sha512:ecdsa_secp521r1_sha512" \
12809 -S "ssl_tls13_pick_key_cert:check signature algorithm"
12816 run_test "TLS 1.3: Check server no suitable signature algorithm, m->m" \
12818 crt_file2=data_files/server2-sha256.crt key_file2=data_files/server2.key
12821 …"$P_CLI allow_sha1=0 debug_level=4 crt_file=data_files/server2-sha256.crt key_file=data_files/serv…
12824 -S "ssl_tls13_pick_key_cert:check signature algorithm"
12831 run_test "TLS 1.3: Check server no suitable certificate, G->m" \
12833 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key
12835 "$G_NEXT_CLI_NO_CERT localhost -d 4 --x509cafile data_files/test-ca_cat12.crt \
12836 … --priority=NORMAL:-SIGN-ALL:+SIGN-ECDSA-SECP521R1-SHA512:+SIGN-ECDSA-SECP256R1-SHA256" \
12838 -s "ssl_tls13_pick_key_cert:no suitable certificate found"
12845 run_test "TLS 1.3: Check server no suitable certificate, O->m" \
12847 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key
12849 "$O_NEXT_CLI_NO_CERT -msg -CAfile data_files/test-ca_cat12.crt \
12850 -sigalgs ecdsa_secp521r1_sha512:ecdsa_secp256r1_sha256" \
12852 -s "ssl_tls13_pick_key_cert:no suitable certificate found"
12859 run_test "TLS 1.3: Check server no suitable certificate, m->m" \
12861 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key
12866 -s "ssl_tls13_pick_key_cert:no suitable certificate found"
12873 run_test "TLS 1.3: Check client no signature algorithm, m->O" \
12874 "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key
12875 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache
12876 …-Verify 10 -sigalgs rsa_pkcs1_sha512:rsa_pss_rsae_sha512:rsa_pss_rsae_sha384:ecdsa_secp521r1_sha51…
12880 -c "no suitable signature algorithm"
12887 run_test "TLS 1.3: Check client no signature algorithm, m->G" \
12888 …"$G_NEXT_SRV_NO_CERT --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2…
12889 -d 4
12890 …--priority=NORMAL:-VERS-ALL:-SIGN-ALL:+SIGN-RSA-SHA512:+SIGN-RSA-PSS-RSAE-SHA512:+SIGN-RSA-PSS-RSA…
12894 -c "no suitable signature algorithm"
12901 run_test "TLS 1.3: Check client no signature algorithm, m->m" \
12903 crt_file2=data_files/server2-sha256.crt key_file2=data_files/server2.key
12909 -c "no suitable signature algorithm"
12917 run_test "TLS 1.3: NewSessionTicket: Basic check, m->O" \
12918 "$O_NEXT_SRV -msg -tls1_3 -no_resume_ephemeral -no_cache --num_tickets 4" \
12921 -c "Protocol is TLSv1.3" \
12922 -c "got new session ticket." \
12923 -c "Saving session for reuse... ok" \
12924 -c "Reconnecting with saved session" \
12925 -c "HTTP/1.0 200 ok"
12933 run_test "TLS 1.3: NewSessionTicket: Basic check, m->G" \
12934 "$G_NEXT_SRV -d 10 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 --disable-client-cert" \
12937 -c "Protocol is TLSv1.3" \
12938 -c "got new session ticket." \
12939 -c "Saving session for reuse... ok" \
12940 -c "Reconnecting with saved session" \
12941 -c "HTTP/1.0 200 OK" \
12942 -s "This is a resumed session"
12951 # https://github.com/openssl/openssl/issues/10714
12952 # Until now, OpenSSL client does not support reconnect.
12954 run_test "TLS 1.3: NewSessionTicket: Basic check, O->m" \
12956 "$O_NEXT_CLI -msg -debug -tls1_3 -reconnect" \
12958 -s "=> write NewSessionTicket msg" \
12959 -s "server state: MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET" \
12960 -s "server state: MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET_FLUSH"
12969 run_test "TLS 1.3: NewSessionTicket: Basic check, G->m" \
12971 "$G_NEXT_CLI localhost -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -r" \
12973 -c "Connecting again- trying to resume previous session" \
12974 -c "NEW SESSION TICKET (4) was received" \
12975 -s "=> write NewSessionTicket msg" \
12976 -s "server state: MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET" \
12977 -s "server state: MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET_FLUSH" \
12978 -s "key exchange mode: ephemeral" \
12979 -s "key exchange mode: psk_ephemeral" \
12980 -s "found pre_shared_key extension"
12989 run_test "TLS 1.3: NewSessionTicket: Basic check, m->m" \
12993 -c "Protocol is TLSv1.3" \
12994 -c "got new session ticket ( 3 )" \
12995 -c "Saving session for reuse... ok" \
12996 -c "Reconnecting with saved session" \
12997 -c "HTTP/1.0 200 OK" \
12998 -s "=> write NewSessionTicket msg" \
12999 -s "server state: MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET" \
13000 -s "server state: MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET_FLUSH" \
13001 -s "key exchange mode: ephemeral" \
13002 -s "key exchange mode: psk_ephemeral" \
13003 -s "found pre_shared_key extension"
13009 run_test "TLS 1.2: Check rsa_pss_rsae compatibility issue, m->O" \
13010 "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key
13011 -msg -tls1_2
13012 -Verify 10 " \
13013 … "$P_CLI debug_level=4 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key
13017 -c "Protocol is TLSv1.2" \
13018 -c "HTTP/1.0 200 [Oo][Kk]"
13025 run_test "TLS 1.2: Check rsa_pss_rsae compatibility issue, m->G" \
13026 …"$G_NEXT_SRV_NO_CERT --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2…
13027 -d 4
13028 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2" \
13029 … "$P_CLI debug_level=4 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key
13033 -c "Protocol is TLSv1.2" \
13034 -c "HTTP/1.0 200 [Oo][Kk]"
13043 run_test "TLS 1.3: NewSessionTicket: servername check, m->m" \
13045 …server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_file…
13048 -c "Protocol is TLSv1.3" \
13049 -c "got new session ticket." \
13050 -c "Saving session for reuse... ok" \
13051 -c "Reconnecting with saved session" \
13052 -c "HTTP/1.0 200 OK" \
13053 -s "=> write NewSessionTicket msg" \
13054 -s "server state: MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET" \
13055 -s "server state: MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET_FLUSH" \
13056 -s "key exchange mode: ephemeral" \
13057 -s "key exchange mode: psk_ephemeral" \
13058 -s "found pre_shared_key extension"
13067 run_test "TLS 1.3: NewSessionTicket: servername negative check, m->m" \
13069 …server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_file…
13072 -c "Protocol is TLSv1.3" \
13073 -c "got new session ticket." \
13074 -c "Saving session for reuse... ok" \
13075 -c "Reconnecting with saved session" \
13076 -c "Hostname mismatch the session ticket, disable session resumption." \
13077 -s "=> write NewSessionTicket msg" \
13078 -s "server state: MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET" \
13079 -s "server state: MBEDTLS_SSL_TLS1_3_NEW_SESSION_TICKET_FLUSH"
13091 echo "------------------------------------------------------------------------"
13098 PASSES=$(( $TESTS - $FAILS ))