lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-10-30 10:45:34 +03:00
Code Activity

Merge pull request #9556 from gilles-peskine-arm/ssl-opt-psk-detection-development

Browse Source 
ssl-opt: improve PSK mode detection
This commit is contained in:
Gilles Peskine
2024-09-13 09:35:04 +00:00
committed by GitHub
parent a45ba05e35 e3eab32600
commit e16aecc8dd
2 changed files with 86 additions and 93 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
framework

Submodule framework updated: 7acada6a92...071831e25b

177
tests/ssl-opt.sh
View File

@@ -273,31 +273,39 @@ requires_config_disabled() {
} }
requires_all_configs_enabled() { requires_all_configs_enabled() {
if ! $P_QUERY -all $* 2>&1 > /dev/null for x in "$@"; do
then if ! is_config_enabled "$x"; then
SKIP_NEXT="YES" SKIP_NEXT="YES"
fi return
fi
done
} }
requires_all_configs_disabled() { requires_all_configs_disabled() {
if $P_QUERY -any $* 2>&1 > /dev/null for x in "$@"; do
then if is_config_enabled "$x"; then
SKIP_NEXT="YES" SKIP_NEXT="YES"
fi return
fi
done
} }
requires_any_configs_enabled() { requires_any_configs_enabled() {
if ! $P_QUERY -any $* 2>&1 > /dev/null for x in "$@"; do
then if is_config_enabled "$x"; then
SKIP_NEXT="YES" return
fi fi
done
SKIP_NEXT="YES"
} }
requires_any_configs_disabled() { requires_any_configs_disabled() {
if $P_QUERY -all $* 2>&1 > /dev/null for x in "$@"; do
then if ! is_config_enabled "$x"; then
SKIP_NEXT="YES" return
fi fi
done
SKIP_NEXT="YES"
} }
TLS1_2_KEY_EXCHANGES_WITH_CERT="MBEDTLS_KEY_EXCHANGE_RSA_ENABLED \ TLS1_2_KEY_EXCHANGES_WITH_CERT="MBEDTLS_KEY_EXCHANGE_RSA_ENABLED \
@@ -317,13 +325,14 @@ TLS1_2_KEY_EXCHANGES_WITH_CERT_WO_ECDH="MBEDTLS_KEY_EXCHANGE_RSA_ENABLED \
MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED \ MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED \
MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED" MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED"
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled() { requires_certificate_authentication () {
if $P_QUERY -all MBEDTLS_SSL_PROTO_TLS1_2 if is_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
then then
# TLS 1.3 is negotiated by default, so check whether it supports
# certificate-based authentication.
requires_config_enabled MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
else # Only TLS 1.2 is enabled.
requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT requires_any_configs_enabled $TLS1_2_KEY_EXCHANGES_WITH_CERT
elif ! $P_QUERY -all MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
then
SKIP_NEXT="YES"
fi fi
} }
@@ -475,10 +484,19 @@ detect_required_features() {
requires_config_enabled MBEDTLS_SSL_ALPN;; requires_config_enabled MBEDTLS_SSL_ALPN;;
esac esac
case " $CMD_LINE " in
*\ auth_mode=*|*[-_\ =]crt[_=]*)
# The test case involves certificates (crt), or a relevant
# aspect of it is the (certificate-based) authentication mode.
requires_certificate_authentication;;
esac
case "$CMD_LINE" in case "$CMD_LINE" in
*[-_\ =]psk*|*[-_\ =]PSK*) :;; # No certificate requirement with PSK
*/server5*|\ */server5*|\
*/server7*|\ */server7*|\
*/dir-maxpath*) */dir-maxpath*)
requires_certificate_authentication
if [ "$TLS_VERSION" = "TLS13" ]; then if [ "$TLS_VERSION" = "TLS13" ]; then
# In case of TLS13 the support for ECDSA is enough # In case of TLS13 the support for ECDSA is enough
requires_pk_alg "ECDSA" requires_pk_alg "ECDSA"
@@ -510,9 +528,11 @@ detect_required_features() {
esac esac
case "$CMD_LINE" in case "$CMD_LINE" in
*[-_\ =]psk*|*[-_\ =]PSK*) :;; # No certificate requirement with PSK
*/server1*|\ */server1*|\
*/server2*|\ */server2*|\
*/server7*) */server7*)
requires_certificate_authentication
# Certificates with an RSA key. The algorithm requirement is # Certificates with an RSA key. The algorithm requirement is
# some subset of {PKCS#1v1.5 encryption, PKCS#1v1.5 signature, # some subset of {PKCS#1v1.5 encryption, PKCS#1v1.5 signature,
# PSS signature}. We can't easily tell which subset works, and # PSS signature}. We can't easily tell which subset works, and
@@ -525,17 +545,12 @@ detect_required_features() {
unset tmp unset tmp
} }
requires_certificate_authentication () {
if [ "$PSK_ONLY" = "YES" ]; then
SKIP_NEXT="YES"
fi
}
adapt_cmd_for_psk () { adapt_cmd_for_psk () {
case "$2" in case "$2" in
*openssl*s_server*) s='-psk 73776f726466697368 -nocert';; *openssl*s_server*) s='-psk 73776f726466697368 -nocert';;
*openssl*) s='-psk 73776f726466697368';; *openssl*) s='-psk 73776f726466697368';;
*gnutls-*) s='--pskusername=Client_identity --pskkey=73776f726466697368';; *gnutls-cli*) s='--pskusername=Client_identity --pskkey=73776f726466697368';;
*gnutls-serv*) s='--pskpasswd=../framework/data_files/simplepass.psk';;
*) s='psk=73776f726466697368';; *) s='psk=73776f726466697368';;
esac esac
eval $1='"$2 $s"' eval $1='"$2 $s"'
@@ -586,14 +601,28 @@ maybe_adapt_for_psk() {
adapt_cmd_for_psk SRV_CMD "$SRV_CMD" adapt_cmd_for_psk SRV_CMD "$SRV_CMD"
} }
case " $CONFIGS_ENABLED " in # PSK_PRESENT="YES" if at least one protocol versions supports at least
*\ MBEDTLS_KEY_EXCHANGE_[^P]*) PSK_ONLY="NO";; # one PSK key exchange mode.
*\ MBEDTLS_KEY_EXCHANGE_P[^S]*) PSK_ONLY="NO";; PSK_PRESENT="NO"
*\ MBEDTLS_KEY_EXCHANGE_PS[^K]*) PSK_ONLY="NO";; # PSK_ONLY="YES" if all the available key exchange modes are PSK-based
*\ MBEDTLS_KEY_EXCHANGE_PSK[^_]*) PSK_ONLY="NO";; # (pure-PSK or PSK-ephemeral, possibly both).
*\ MBEDTLS_KEY_EXCHANGE_PSK_ENABLED\ *) PSK_ONLY="YES";; PSK_ONLY=""
*) PSK_ONLY="NO";; for c in $CONFIGS_ENABLED; do
esac case $c in
MBEDTLS_KEY_EXCHANGE_PSK_ENABLED) PSK_PRESENT="YES";;
MBEDTLS_KEY_EXCHANGE_*_PSK_ENABLED) PSK_PRESENT="YES";;
MBEDTLS_KEY_EXCHANGE_*_ENABLED) PSK_ONLY="NO";;
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_ENABLED) PSK_PRESENT="YES";;
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_*_ENABLED) PSK_PRESENT="YES";;
MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_*_ENABLED) PSK_ONLY="NO";;
esac
done
# At this stage, $PSK_ONLY is empty if we haven't detected a non-PSK
# key exchange, i.e. if we're in a PSK-only build or a build with no
# key exchanges at all. We avoid triggering PSK-only adaptation code in
# the edge case of no key exchanges.
: ${PSK_ONLY:=$PSK_PRESENT}
unset c
HAS_ALG_MD5="NO" HAS_ALG_MD5="NO"
HAS_ALG_SHA_1="NO" HAS_ALG_SHA_1="NO"
@@ -795,6 +824,14 @@ requires_openssl_tls1_3() {
fi fi
} }
# OpenSSL servers forbid client renegotiation by default since OpenSSL 3.0.
# Older versions always allow it and have no command-line option.
OPENSSL_S_SERVER_CLIENT_RENEGOTIATION=
case $($OPENSSL s_server -help 2>&1) in
*-client_renegotiation*)
OPENSSL_S_SERVER_CLIENT_RENEGOTIATION=-client_renegotiation;;
esac
# skip next test if tls1_3 is not available # skip next test if tls1_3 is not available
requires_gnutls_tls1_3() { requires_gnutls_tls1_3() {
requires_gnutls_next requires_gnutls_next
@@ -1645,7 +1682,7 @@ get_tls_version() {
esac esac
# Third if the version is not forced, if TLS 1.3 is enabled then the test # Third if the version is not forced, if TLS 1.3 is enabled then the test
# is aimed to run a TLS 1.3 handshake. # is aimed to run a TLS 1.3 handshake.
if $P_QUERY -all MBEDTLS_SSL_PROTO_TLS1_3 if is_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
then then
echo "TLS13" echo "TLS13"
else else
@@ -1731,14 +1768,14 @@ run_test() {
TLS_VERSION="TLS12" TLS_VERSION="TLS12"
fi fi
# If we're in a PSK-only build and the test can be adapted to PSK, do that.
maybe_adapt_for_psk "$@"
# If the client or server requires certain features that can be detected # If the client or server requires certain features that can be detected
# from their command-line arguments, check whether they're enabled. # from their command-line arguments, check whether they're enabled.
detect_required_features "$SRV_CMD" "server" "$TLS_VERSION" "$EXT_WO_ECDH" "$@" detect_required_features "$SRV_CMD" "server" "$TLS_VERSION" "$EXT_WO_ECDH" "$@"
detect_required_features "$CLI_CMD" "client" "$TLS_VERSION" "$EXT_WO_ECDH" "$@" detect_required_features "$CLI_CMD" "client" "$TLS_VERSION" "$EXT_WO_ECDH" "$@"
# If we're in a PSK-only build and the test can be adapted to PSK, do that.
maybe_adapt_for_psk "$@"
# should we skip? # should we skip?
if [ "X$SKIP_NEXT" = "XYES" ]; then if [ "X$SKIP_NEXT" = "XYES" ]; then
SKIP_NEXT="NO" SKIP_NEXT="NO"
@@ -2070,8 +2107,8 @@ trap cleanup INT TERM HUP
# - the expected parameters are selected # - the expected parameters are selected
requires_ciphersuite_enabled TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256 requires_ciphersuite_enabled TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256
requires_hash_alg SHA_512 # "signature_algorithm ext: 6" requires_hash_alg SHA_512 # "signature_algorithm ext: 6"
requires_any_configs_enabled "MBEDTLS_ECP_DP_CURVE25519_ENABLED \ requires_any_configs_enabled MBEDTLS_ECP_DP_CURVE25519_ENABLED \
PSA_WANT_ECC_MONTGOMERY_255" PSA_WANT_ECC_MONTGOMERY_255
run_test "Default, TLS 1.2" \ run_test "Default, TLS 1.2" \
"$P_SRV debug_level=3" \ "$P_SRV debug_level=3" \
"$P_CLI force_version=tls12" \ "$P_CLI force_version=tls12" \
@@ -2092,7 +2129,6 @@ run_test "Default, DTLS" \
-s "Protocol is DTLSv1.2" \ -s "Protocol is DTLSv1.2" \
-s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256" -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256"
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "TLS client auth: required" \ run_test "TLS client auth: required" \
"$P_SRV auth_mode=required" \ "$P_SRV auth_mode=required" \
"$P_CLI" \ "$P_CLI" \
@@ -2696,8 +2732,8 @@ run_test "Unique IV in GCM" \
-U "IV used" -U "IV used"
# Test for correctness of sent single supported algorithm # Test for correctness of sent single supported algorithm
requires_any_configs_enabled "MBEDTLS_ECP_DP_SECP256R1_ENABLED \ requires_any_configs_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED \
PSA_WANT_ECC_SECP_R1_256" PSA_WANT_ECC_SECP_R1_256
requires_config_enabled MBEDTLS_DEBUG_C requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C requires_config_enabled MBEDTLS_SSL_CLI_C
requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_SRV_C
@@ -2712,8 +2748,8 @@ run_test "Single supported algorithm sending: mbedtls client" \
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_SRV_C requires_config_enabled MBEDTLS_SSL_SRV_C
requires_any_configs_enabled "MBEDTLS_ECP_DP_SECP256R1_ENABLED \ requires_any_configs_enabled MBEDTLS_ECP_DP_SECP256R1_ENABLED \
PSA_WANT_ECC_SECP_R1_256" PSA_WANT_ECC_SECP_R1_256
requires_hash_alg SHA_256 requires_hash_alg SHA_256
run_test "Single supported algorithm sending: openssl client" \ run_test "Single supported algorithm sending: openssl client" \
"$P_SRV sig_algs=ecdsa_secp256r1_sha256 auth_mode=required" \ "$P_SRV sig_algs=ecdsa_secp256r1_sha256 auth_mode=required" \
@@ -2722,7 +2758,6 @@ run_test "Single supported algorithm sending: openssl client" \
0 0
# Tests for certificate verification callback # Tests for certificate verification callback
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "Configuration-specific CRT verification callback" \ run_test "Configuration-specific CRT verification callback" \
"$P_SRV debug_level=3" \ "$P_SRV debug_level=3" \
"$P_CLI context_crt_cb=0 debug_level=3" \ "$P_CLI context_crt_cb=0 debug_level=3" \
@@ -2733,7 +2768,6 @@ run_test "Configuration-specific CRT verification callback" \
-C "Use context-specific verification callback" \ -C "Use context-specific verification callback" \
-C "error" -C "error"
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "Context-specific CRT verification callback" \ run_test "Context-specific CRT verification callback" \
"$P_SRV debug_level=3" \ "$P_SRV debug_level=3" \
"$P_CLI context_crt_cb=1 debug_level=3" \ "$P_CLI context_crt_cb=1 debug_level=3" \
@@ -5550,7 +5584,7 @@ run_test "Renegotiation: nbio, server-initiated" \
requires_config_enabled MBEDTLS_SSL_RENEGOTIATION requires_config_enabled MBEDTLS_SSL_RENEGOTIATION
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2 requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "Renegotiation: openssl server, client-initiated" \ run_test "Renegotiation: openssl server, client-initiated" \
"$O_SRV -www -tls1_2" \ "$O_SRV -www $OPENSSL_S_SERVER_CLIENT_RENEGOTIATION -tls1_2" \
"$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \ "$P_CLI debug_level=3 exchanges=1 renegotiation=1 renegotiate=1" \
0 \ 0 \
-c "client hello, adding renegotiation extension" \ -c "client hello, adding renegotiation extension" \
@@ -5812,7 +5846,6 @@ run_test "DER format: with 9 trailing random bytes" \
# When updating these tests, modify the matching authentication tests accordingly # When updating these tests, modify the matching authentication tests accordingly
# The next 4 cases test the 3 auth modes with a badly signed server cert. # The next 4 cases test the 3 auth modes with a badly signed server cert.
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "Authentication: server badcert, client required" \ run_test "Authentication: server badcert, client required" \
"$P_SRV crt_file=$DATA_FILES_PATH/server5-badsign.crt \ "$P_SRV crt_file=$DATA_FILES_PATH/server5-badsign.crt \
key_file=$DATA_FILES_PATH/server5.key" \ key_file=$DATA_FILES_PATH/server5.key" \
@@ -5884,7 +5917,6 @@ run_test "Authentication: server badcert, client none (1.2)" \
-C "send alert level=2 message=48" \ -C "send alert level=2 message=48" \
-C "X509 - Certificate verification failed" -C "X509 - Certificate verification failed"
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "Authentication: server goodcert, client required, no trusted CA" \ run_test "Authentication: server goodcert, client required, no trusted CA" \
"$P_SRV" \ "$P_SRV" \
"$P_CLI debug_level=3 auth_mode=required ca_file=none ca_path=none" \ "$P_CLI debug_level=3 auth_mode=required ca_file=none ca_path=none" \
@@ -5906,7 +5938,6 @@ run_test "Authentication: server goodcert, client required, no trusted CA (1.
-c "! mbedtls_ssl_handshake returned" \ -c "! mbedtls_ssl_handshake returned" \
-c "SSL - No CA Chain is set, but required to operate" -c "SSL - No CA Chain is set, but required to operate"
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "Authentication: server goodcert, client optional, no trusted CA" \ run_test "Authentication: server goodcert, client optional, no trusted CA" \
"$P_SRV" \ "$P_SRV" \
"$P_CLI debug_level=3 auth_mode=optional ca_file=none ca_path=none" \ "$P_CLI debug_level=3 auth_mode=optional ca_file=none ca_path=none" \
@@ -5930,7 +5961,6 @@ run_test "Authentication: server goodcert, client optional, no trusted CA (1.
-C "X509 - Certificate verification failed" \ -C "X509 - Certificate verification failed" \
-C "SSL - No CA Chain is set, but required to operate" -C "SSL - No CA Chain is set, but required to operate"
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "Authentication: server goodcert, client none, no trusted CA" \ run_test "Authentication: server goodcert, client none, no trusted CA" \
"$P_SRV" \ "$P_SRV" \
"$P_CLI debug_level=3 auth_mode=none ca_file=none ca_path=none" \ "$P_CLI debug_level=3 auth_mode=none ca_file=none ca_path=none" \
@@ -5999,7 +6029,6 @@ run_test "Authentication: client SHA384, server required" \
-c "Supported Signature Algorithm found: 04 " \ -c "Supported Signature Algorithm found: 04 " \
-c "Supported Signature Algorithm found: 05 " -c "Supported Signature Algorithm found: 05 "
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "Authentication: client has no cert, server required (TLS)" \ run_test "Authentication: client has no cert, server required (TLS)" \
"$P_SRV debug_level=3 auth_mode=required" \ "$P_SRV debug_level=3 auth_mode=required" \
"$P_CLI debug_level=3 crt_file=none \ "$P_CLI debug_level=3 crt_file=none \
@@ -6015,7 +6044,6 @@ run_test "Authentication: client has no cert, server required (TLS)" \
-s "! mbedtls_ssl_handshake returned" \ -s "! mbedtls_ssl_handshake returned" \
-s "No client certification received from the client, but required by the authentication mode" -s "No client certification received from the client, but required by the authentication mode"
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "Authentication: client badcert, server required" \ run_test "Authentication: client badcert, server required" \
"$P_SRV debug_level=3 auth_mode=required" \ "$P_SRV debug_level=3 auth_mode=required" \
"$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/server5-badsign.crt \ "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/server5-badsign.crt \
@@ -6036,7 +6064,6 @@ run_test "Authentication: client badcert, server required" \
# detect that its write end of the connection is closed and abort # detect that its write end of the connection is closed and abort
# before reading the alert message. # before reading the alert message.
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "Authentication: client cert self-signed and trusted, server required" \ run_test "Authentication: client cert self-signed and trusted, server required" \
"$P_SRV debug_level=3 auth_mode=required ca_file=$DATA_FILES_PATH/server5-selfsigned.crt" \ "$P_SRV debug_level=3 auth_mode=required ca_file=$DATA_FILES_PATH/server5-selfsigned.crt" \
"$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/server5-selfsigned.crt \ "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/server5-selfsigned.crt \
@@ -6052,7 +6079,6 @@ run_test "Authentication: client cert self-signed and trusted, server require
-S "! The certificate is not correctly signed" \ -S "! The certificate is not correctly signed" \
-S "X509 - Certificate verification failed" -S "X509 - Certificate verification failed"
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "Authentication: client cert not trusted, server required" \ run_test "Authentication: client cert not trusted, server required" \
"$P_SRV debug_level=3 auth_mode=required" \ "$P_SRV debug_level=3 auth_mode=required" \
"$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/server5-selfsigned.crt \ "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/server5-selfsigned.crt \
@@ -6069,7 +6095,6 @@ run_test "Authentication: client cert not trusted, server required" \
-s "! mbedtls_ssl_handshake returned" \ -s "! mbedtls_ssl_handshake returned" \
-s "X509 - Certificate verification failed" -s "X509 - Certificate verification failed"
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "Authentication: client badcert, server optional" \ run_test "Authentication: client badcert, server optional" \
"$P_SRV debug_level=3 auth_mode=optional" \ "$P_SRV debug_level=3 auth_mode=optional" \
"$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/server5-badsign.crt \ "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/server5-badsign.crt \
@@ -6087,7 +6112,6 @@ run_test "Authentication: client badcert, server optional" \
-C "! mbedtls_ssl_handshake returned" \ -C "! mbedtls_ssl_handshake returned" \
-S "X509 - Certificate verification failed" -S "X509 - Certificate verification failed"
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "Authentication: client badcert, server none" \ run_test "Authentication: client badcert, server none" \
"$P_SRV debug_level=3 auth_mode=none" \ "$P_SRV debug_level=3 auth_mode=none" \
"$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/server5-badsign.crt \ "$P_CLI debug_level=3 crt_file=$DATA_FILES_PATH/server5-badsign.crt \
@@ -6105,7 +6129,6 @@ run_test "Authentication: client badcert, server none" \
-C "! mbedtls_ssl_handshake returned" \ -C "! mbedtls_ssl_handshake returned" \
-S "X509 - Certificate verification failed" -S "X509 - Certificate verification failed"
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "Authentication: client no cert, server optional" \ run_test "Authentication: client no cert, server optional" \
"$P_SRV debug_level=3 auth_mode=optional" \ "$P_SRV debug_level=3 auth_mode=optional" \
"$P_CLI debug_level=3 crt_file=none key_file=none" \ "$P_CLI debug_level=3 crt_file=none key_file=none" \
@@ -6123,7 +6146,6 @@ run_test "Authentication: client no cert, server optional" \
-S "X509 - Certificate verification failed" -S "X509 - Certificate verification failed"
requires_openssl_tls1_3_with_compatible_ephemeral requires_openssl_tls1_3_with_compatible_ephemeral
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "Authentication: openssl client no cert, server optional" \ run_test "Authentication: openssl client no cert, server optional" \
"$P_SRV debug_level=3 auth_mode=optional" \ "$P_SRV debug_level=3 auth_mode=optional" \
"$O_NEXT_CLI_NO_CERT -no_middlebox" \ "$O_NEXT_CLI_NO_CERT -no_middlebox" \
@@ -6537,7 +6559,6 @@ run_test "Certificate hash: client TLS 1.2 -> SHA-2" \
# tests for SNI # tests for SNI
requires_config_disabled MBEDTLS_X509_REMOVE_INFO requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "SNI: no SNI callback" \ run_test "SNI: no SNI callback" \
"$P_SRV debug_level=3 \ "$P_SRV debug_level=3 \
crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key" \ crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key" \
@@ -6547,7 +6568,6 @@ run_test "SNI: no SNI callback" \
-c "subject name *: C=NL, O=PolarSSL, CN=localhost" -c "subject name *: C=NL, O=PolarSSL, CN=localhost"
requires_config_disabled MBEDTLS_X509_REMOVE_INFO requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "SNI: matching cert 1" \ run_test "SNI: matching cert 1" \
"$P_SRV debug_level=3 \ "$P_SRV debug_level=3 \
crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \ crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \
@@ -6559,7 +6579,6 @@ run_test "SNI: matching cert 1" \
-c "subject name *: C=NL, O=PolarSSL, CN=localhost" -c "subject name *: C=NL, O=PolarSSL, CN=localhost"
requires_config_disabled MBEDTLS_X509_REMOVE_INFO requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "SNI: matching cert 2" \ run_test "SNI: matching cert 2" \
"$P_SRV debug_level=3 \ "$P_SRV debug_level=3 \
crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \ crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \
@@ -6571,7 +6590,6 @@ run_test "SNI: matching cert 2" \
-c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example" -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example"
requires_config_disabled MBEDTLS_X509_REMOVE_INFO requires_config_disabled MBEDTLS_X509_REMOVE_INFO
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "SNI: no matching cert" \ run_test "SNI: no matching cert" \
"$P_SRV debug_level=3 \ "$P_SRV debug_level=3 \
crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \ crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \
@@ -6584,7 +6602,6 @@ run_test "SNI: no matching cert" \
-c "mbedtls_ssl_handshake returned" \ -c "mbedtls_ssl_handshake returned" \
-c "SSL - A fatal alert message was received from our peer" -c "SSL - A fatal alert message was received from our peer"
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "SNI: client auth no override: optional" \ run_test "SNI: client auth no override: optional" \
"$P_SRV debug_level=3 auth_mode=optional \ "$P_SRV debug_level=3 auth_mode=optional \
crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \ crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \
@@ -6598,7 +6615,6 @@ run_test "SNI: client auth no override: optional" \
-C "skip write certificate verify" \ -C "skip write certificate verify" \
-S "skip parse certificate verify" -S "skip parse certificate verify"
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "SNI: client auth override: none -> optional" \ run_test "SNI: client auth override: none -> optional" \
"$P_SRV debug_level=3 auth_mode=none \ "$P_SRV debug_level=3 auth_mode=none \
crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \ crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \
@@ -6612,7 +6628,6 @@ run_test "SNI: client auth override: none -> optional" \
-C "skip write certificate verify" \ -C "skip write certificate verify" \
-S "skip parse certificate verify" -S "skip parse certificate verify"
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "SNI: client auth override: optional -> none" \ run_test "SNI: client auth override: optional -> none" \
"$P_SRV debug_level=3 auth_mode=optional \ "$P_SRV debug_level=3 auth_mode=optional \
crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \ crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \
@@ -6624,7 +6639,6 @@ run_test "SNI: client auth override: optional -> none" \
-c "got no certificate request" \ -c "got no certificate request" \
-c "skip write certificate" -c "skip write certificate"
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "SNI: CA no override" \ run_test "SNI: CA no override" \
"$P_SRV debug_level=3 auth_mode=optional \ "$P_SRV debug_level=3 auth_mode=optional \
crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \ crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \
@@ -6643,7 +6657,6 @@ run_test "SNI: CA no override" \
-s "! The certificate is not correctly signed by the trusted CA" \ -s "! The certificate is not correctly signed by the trusted CA" \
-S "The certificate has been revoked (is on a CRL)" -S "The certificate has been revoked (is on a CRL)"
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "SNI: CA override" \ run_test "SNI: CA override" \
"$P_SRV debug_level=3 auth_mode=optional \ "$P_SRV debug_level=3 auth_mode=optional \
crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \ crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \
@@ -6662,7 +6675,6 @@ run_test "SNI: CA override" \
-S "! The certificate is not correctly signed by the trusted CA" \ -S "! The certificate is not correctly signed by the trusted CA" \
-S "The certificate has been revoked (is on a CRL)" -S "The certificate has been revoked (is on a CRL)"
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "SNI: CA override with CRL" \ run_test "SNI: CA override with CRL" \
"$P_SRV debug_level=3 auth_mode=optional \ "$P_SRV debug_level=3 auth_mode=optional \
crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \ crt_file=$DATA_FILES_PATH/server5.crt key_file=$DATA_FILES_PATH/server5.key \
@@ -6835,7 +6847,6 @@ run_test "SNI: DTLS, CA override with CRL" \
# Tests for non-blocking I/O: exercise a variety of handshake flows # Tests for non-blocking I/O: exercise a variety of handshake flows
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "Non-blocking I/O: basic handshake" \ run_test "Non-blocking I/O: basic handshake" \
"$P_SRV nbio=2 tickets=0 auth_mode=none" \ "$P_SRV nbio=2 tickets=0 auth_mode=none" \
"$P_CLI nbio=2 tickets=0" \ "$P_CLI nbio=2 tickets=0" \
@@ -6844,7 +6855,6 @@ run_test "Non-blocking I/O: basic handshake" \
-C "mbedtls_ssl_handshake returned" \ -C "mbedtls_ssl_handshake returned" \
-c "Read from server: .* bytes read" -c "Read from server: .* bytes read"
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "Non-blocking I/O: client auth" \ run_test "Non-blocking I/O: client auth" \
"$P_SRV nbio=2 tickets=0 auth_mode=required" \ "$P_SRV nbio=2 tickets=0 auth_mode=required" \
"$P_CLI nbio=2 tickets=0" \ "$P_CLI nbio=2 tickets=0" \
@@ -6853,7 +6863,6 @@ run_test "Non-blocking I/O: client auth" \
-C "mbedtls_ssl_handshake returned" \ -C "mbedtls_ssl_handshake returned" \
-c "Read from server: .* bytes read" -c "Read from server: .* bytes read"
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
run_test "Non-blocking I/O: ticket" \ run_test "Non-blocking I/O: ticket" \
"$P_SRV nbio=2 tickets=1 auth_mode=none" \ "$P_SRV nbio=2 tickets=1 auth_mode=none" \
@@ -6863,7 +6872,6 @@ run_test "Non-blocking I/O: ticket" \
-C "mbedtls_ssl_handshake returned" \ -C "mbedtls_ssl_handshake returned" \
-c "Read from server: .* bytes read" -c "Read from server: .* bytes read"
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
run_test "Non-blocking I/O: ticket + client auth" \ run_test "Non-blocking I/O: ticket + client auth" \
"$P_SRV nbio=2 tickets=1 auth_mode=required" \ "$P_SRV nbio=2 tickets=1 auth_mode=required" \
@@ -6928,7 +6936,6 @@ run_test "Non-blocking I/O: session-id resume" \
# Tests for event-driven I/O: exercise a variety of handshake flows # Tests for event-driven I/O: exercise a variety of handshake flows
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "Event-driven I/O: basic handshake" \ run_test "Event-driven I/O: basic handshake" \
"$P_SRV event=1 tickets=0 auth_mode=none" \ "$P_SRV event=1 tickets=0 auth_mode=none" \
"$P_CLI event=1 tickets=0" \ "$P_CLI event=1 tickets=0" \
@@ -6937,7 +6944,6 @@ run_test "Event-driven I/O: basic handshake" \
-C "mbedtls_ssl_handshake returned" \ -C "mbedtls_ssl_handshake returned" \
-c "Read from server: .* bytes read" -c "Read from server: .* bytes read"
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "Event-driven I/O: client auth" \ run_test "Event-driven I/O: client auth" \
"$P_SRV event=1 tickets=0 auth_mode=required" \ "$P_SRV event=1 tickets=0 auth_mode=required" \
"$P_CLI event=1 tickets=0" \ "$P_CLI event=1 tickets=0" \
@@ -6946,7 +6952,6 @@ run_test "Event-driven I/O: client auth" \
-C "mbedtls_ssl_handshake returned" \ -C "mbedtls_ssl_handshake returned" \
-c "Read from server: .* bytes read" -c "Read from server: .* bytes read"
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
run_test "Event-driven I/O: ticket" \ run_test "Event-driven I/O: ticket" \
"$P_SRV event=1 tickets=1 auth_mode=none" \ "$P_SRV event=1 tickets=1 auth_mode=none" \
@@ -6956,7 +6961,6 @@ run_test "Event-driven I/O: ticket" \
-C "mbedtls_ssl_handshake returned" \ -C "mbedtls_ssl_handshake returned" \
-c "Read from server: .* bytes read" -c "Read from server: .* bytes read"
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS requires_config_enabled MBEDTLS_SSL_SESSION_TICKETS
run_test "Event-driven I/O: ticket + client auth" \ run_test "Event-driven I/O: ticket + client auth" \
"$P_SRV event=1 tickets=1 auth_mode=required" \ "$P_SRV event=1 tickets=1 auth_mode=required" \
@@ -7651,7 +7655,6 @@ run_test "TLS 1.3: Not supported version:openssl: srv max TLS 1.2" \
# Tests for ALPN extension # Tests for ALPN extension
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "ALPN: none" \ run_test "ALPN: none" \
"$P_SRV debug_level=3" \ "$P_SRV debug_level=3" \
"$P_CLI debug_level=3" \ "$P_CLI debug_level=3" \
@@ -7664,7 +7667,6 @@ run_test "ALPN: none" \
-C "Application Layer Protocol is" \ -C "Application Layer Protocol is" \
-S "Application Layer Protocol is" -S "Application Layer Protocol is"
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "ALPN: client only" \ run_test "ALPN: client only" \
"$P_SRV debug_level=3" \ "$P_SRV debug_level=3" \
"$P_CLI debug_level=3 alpn=abc,1234" \ "$P_CLI debug_level=3 alpn=abc,1234" \
@@ -7677,7 +7679,6 @@ run_test "ALPN: client only" \
-c "Application Layer Protocol is (none)" \ -c "Application Layer Protocol is (none)" \
-S "Application Layer Protocol is" -S "Application Layer Protocol is"
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "ALPN: server only" \ run_test "ALPN: server only" \
"$P_SRV debug_level=3 alpn=abc,1234" \ "$P_SRV debug_level=3 alpn=abc,1234" \
"$P_CLI debug_level=3" \ "$P_CLI debug_level=3" \
@@ -7690,7 +7691,6 @@ run_test "ALPN: server only" \
-C "Application Layer Protocol is" \ -C "Application Layer Protocol is" \
-s "Application Layer Protocol is (none)" -s "Application Layer Protocol is (none)"
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "ALPN: both, common cli1-srv1" \ run_test "ALPN: both, common cli1-srv1" \
"$P_SRV debug_level=3 alpn=abc,1234" \ "$P_SRV debug_level=3 alpn=abc,1234" \
"$P_CLI debug_level=3 alpn=abc,1234" \ "$P_CLI debug_level=3 alpn=abc,1234" \
@@ -7703,7 +7703,6 @@ run_test "ALPN: both, common cli1-srv1" \
-c "Application Layer Protocol is abc" \ -c "Application Layer Protocol is abc" \
-s "Application Layer Protocol is abc" -s "Application Layer Protocol is abc"
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "ALPN: both, common cli2-srv1" \ run_test "ALPN: both, common cli2-srv1" \
"$P_SRV debug_level=3 alpn=abc,1234" \ "$P_SRV debug_level=3 alpn=abc,1234" \
"$P_CLI debug_level=3 alpn=1234,abc" \ "$P_CLI debug_level=3 alpn=1234,abc" \
@@ -7716,7 +7715,6 @@ run_test "ALPN: both, common cli2-srv1" \
-c "Application Layer Protocol is abc" \ -c "Application Layer Protocol is abc" \
-s "Application Layer Protocol is abc" -s "Application Layer Protocol is abc"
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "ALPN: both, common cli1-srv2" \ run_test "ALPN: both, common cli1-srv2" \
"$P_SRV debug_level=3 alpn=abc,1234" \ "$P_SRV debug_level=3 alpn=abc,1234" \
"$P_CLI debug_level=3 alpn=1234,abcde" \ "$P_CLI debug_level=3 alpn=1234,abcde" \
@@ -7729,7 +7727,6 @@ run_test "ALPN: both, common cli1-srv2" \
-c "Application Layer Protocol is 1234" \ -c "Application Layer Protocol is 1234" \
-s "Application Layer Protocol is 1234" -s "Application Layer Protocol is 1234"
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "ALPN: both, no common" \ run_test "ALPN: both, no common" \
"$P_SRV debug_level=3 alpn=abc,123" \ "$P_SRV debug_level=3 alpn=abc,123" \
"$P_CLI debug_level=3 alpn=1234,abcde" \ "$P_CLI debug_level=3 alpn=1234,abcde" \
@@ -8161,28 +8158,24 @@ run_test "keyUsage cli-auth 1.3: ECDSA, KeyAgreement: fail (hard)" \
# Tests for extendedKeyUsage, part 1: server-side certificate/suite selection # Tests for extendedKeyUsage, part 1: server-side certificate/suite selection
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "extKeyUsage srv: serverAuth -> OK" \ run_test "extKeyUsage srv: serverAuth -> OK" \
"$P_SRV key_file=$DATA_FILES_PATH/server5.key \ "$P_SRV key_file=$DATA_FILES_PATH/server5.key \
crt_file=$DATA_FILES_PATH/server5.eku-srv.crt" \ crt_file=$DATA_FILES_PATH/server5.eku-srv.crt" \
"$P_CLI" \ "$P_CLI" \
0 0
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "extKeyUsage srv: serverAuth,clientAuth -> OK" \ run_test "extKeyUsage srv: serverAuth,clientAuth -> OK" \
"$P_SRV key_file=$DATA_FILES_PATH/server5.key \ "$P_SRV key_file=$DATA_FILES_PATH/server5.key \
crt_file=$DATA_FILES_PATH/server5.eku-srv.crt" \ crt_file=$DATA_FILES_PATH/server5.eku-srv.crt" \
"$P_CLI" \ "$P_CLI" \
0 0
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "extKeyUsage srv: codeSign,anyEKU -> OK" \ run_test "extKeyUsage srv: codeSign,anyEKU -> OK" \
"$P_SRV key_file=$DATA_FILES_PATH/server5.key \ "$P_SRV key_file=$DATA_FILES_PATH/server5.key \
crt_file=$DATA_FILES_PATH/server5.eku-cs_any.crt" \ crt_file=$DATA_FILES_PATH/server5.eku-cs_any.crt" \
"$P_CLI" \ "$P_CLI" \
0 0
requires_key_exchange_with_cert_in_tls12_or_tls13_enabled
run_test "extKeyUsage srv: codeSign -> fail" \ run_test "extKeyUsage srv: codeSign -> fail" \
"$P_SRV key_file=$DATA_FILES_PATH/server5.key \ "$P_SRV key_file=$DATA_FILES_PATH/server5.key \
crt_file=$DATA_FILES_PATH/server5.eku-cli.crt" \ crt_file=$DATA_FILES_PATH/server5.eku-cli.crt" \
@@ -12262,7 +12255,7 @@ run_test "DTLS reordering: Buffer encrypted Finished message, drop for fragme
client_needs_more_time 2 client_needs_more_time 2
run_test "DTLS proxy: 3d (drop, delay, duplicate), \"short\" PSK handshake" \ run_test "DTLS proxy: 3d (drop, delay, duplicate), \"short\" PSK handshake" \
-p "$P_PXY drop=5 delay=5 duplicate=5" \ -p "$P_PXY drop=5 delay=5 duplicate=5" \
"$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \ "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 \
psk=73776f726466697368" \ psk=73776f726466697368" \
"$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=73776f726466697368 \ "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=73776f726466697368 \
force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \ force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \