From b1dc59a125982ce6bebbb91db44ce6106b0b604b Mon Sep 17 00:00:00 2001 From: Jerry Yu Date: Thu, 5 Aug 2021 15:58:09 +0800 Subject: [PATCH] Add tls1.3 parameters to ssl_{client,server2} To support tls1.3 relative tests, add `tls1_3` parameter for `{min,max}_version` and `force_version` issues: #4844 Change-Id: I1b22a076582374b8aabc733086562e9d03a94a2a Signed-off-by: Jerry Yu --- programs/ssl/ssl_client2.c | 26 ++++++++++++++++++++++++-- programs/ssl/ssl_server2.c | 26 ++++++++++++++++++++++++-- 2 files changed, 48 insertions(+), 4 deletions(-) diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 25fe21bd9d..d967bcf963 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -395,13 +395,20 @@ int main( void ) USAGE_CURVES \ USAGE_DHMLEN \ "\n" + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) +#define TLS1_3_VERSION_OPTIONS ", tls1_3" +#else /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ +#define TLS1_3_VERSION_OPTIONS "" +#endif /* !MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + #define USAGE4 \ " allow_sha1=%%d default: 0\n" \ " min_version=%%s default: (library default: tls1_2)\n" \ " max_version=%%s default: (library default: tls1_2)\n" \ " force_version=%%s default: \"\" (none)\n" \ - " options: tls1_2, dtls1_2\n" \ - "\n" \ + " options: tls1_2, dtls1_2" TLS1_3_VERSION_OPTIONS \ + "\n\n" \ " force_ciphersuite= default: all enabled\n"\ " query_config= return 0 if the specified\n" \ " configuration macro is defined and 1\n" \ @@ -1070,6 +1077,10 @@ int main( int argc, char *argv[] ) if( strcmp( q, "tls1_2" ) == 0 || strcmp( q, "dtls1_2" ) == 0 ) opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + else if( strcmp( q, "tls1_3" ) == 0 ) + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ else goto usage; } @@ -1078,6 +1089,10 @@ int main( int argc, char *argv[] ) if( strcmp( q, "tls1_2" ) == 0 || strcmp( q, "dtls1_2" ) == 0 ) opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + else if( strcmp( q, "tls1_3" ) == 0 ) + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ else goto usage; } @@ -1103,6 +1118,13 @@ int main( int argc, char *argv[] ) opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; } +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + else if( strcmp( q, "tls1_3" ) == 0 ) + { + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4; + } +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ else goto usage; } diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index d2aa48a059..264325e070 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -485,6 +485,13 @@ int main( void ) USAGE_ETM \ USAGE_CURVES \ "\n" + +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) +#define TLS1_3_VERSION_OPTIONS ", tls1_3" +#else /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ +#define TLS1_3_VERSION_OPTIONS "" +#endif /* !MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ + #define USAGE4 \ USAGE_SSL_ASYNC \ USAGE_SNI \ @@ -492,8 +499,8 @@ int main( void ) " min_version=%%s default: (library default: tls1_2)\n" \ " max_version=%%s default: (library default: tls1_2)\n" \ " force_version=%%s default: \"\" (none)\n" \ - " options: tls1_2, dtls1_2\n" \ - "\n" \ + " options: tls1_2, dtls1_2" TLS1_3_VERSION_OPTIONS \ + "\n\n" \ " force_ciphersuite= default: all enabled\n" \ " query_config= return 0 if the specified\n" \ " configuration macro is defined and 1\n" \ @@ -1712,6 +1719,10 @@ int main( int argc, char *argv[] ) if( strcmp( q, "tls1_2" ) == 0 || strcmp( q, "dtls1_2" ) == 0 ) opt.min_version = MBEDTLS_SSL_MINOR_VERSION_3; +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + else if( strcmp( q, "tls1_3" ) == 0 ) + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ else goto usage; } @@ -1720,6 +1731,10 @@ int main( int argc, char *argv[] ) if( strcmp( q, "tls1_2" ) == 0 || strcmp( q, "dtls1_2" ) == 0 ) opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + else if( strcmp( q, "tls1_3" ) == 0 ) + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4; +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ else goto usage; } @@ -1745,6 +1760,13 @@ int main( int argc, char *argv[] ) opt.max_version = MBEDTLS_SSL_MINOR_VERSION_3; opt.transport = MBEDTLS_SSL_TRANSPORT_DATAGRAM; } +#if defined(MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL) + else if( strcmp( q, "tls1_3" ) == 0 ) + { + opt.min_version = MBEDTLS_SSL_MINOR_VERSION_4; + opt.max_version = MBEDTLS_SSL_MINOR_VERSION_4; + } +#endif /* MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL */ else goto usage; }