8b4331aa56
Add test case for root with max_pathlen=0
...
This was already working but not tested so far
(Test case from previous commit still failing.)
Test certificates generated with:
programs/pkey/gen_key type=ec ec_curve=secp256r1 filename=cert91.key
programs/pkey/gen_key type=ec ec_curve=secp256r1 filename=cert92.key
programs/x509/cert_write serial=91 output_file=cert91.crt is_ca=1 \
issuer_key=cert91.key issuer_name="CN=Root 9,O=mbed TLS,C=UK" \
selfsign=1 max_pathlen=0
programs/x509/cert_write serial=92 output_file=cert92.crt \
issuer_key=cert91.key issuer_name="CN=Root 9,O=mbed TLS,C=UK" \
subject_key=cert92.key subject_name="CN=EE 92,O=mbed TLS,C=UK"
mv cert9?.crt tests/data_files/dir4
rm cert9?.key
2015-11-19 11:10:33 +01:00
a3aa43da5f
Add test case for first intermediate max_pathlen=0
...
!!! This test case is currently failing !!!
(See fix in next-next commit.)
Test certificates generated with the following script:
programs/pkey/gen_key type=ec ec_curve=secp256r1 filename=cert81.key
programs/pkey/gen_key type=ec ec_curve=secp256r1 filename=cert82.key
programs/pkey/gen_key type=ec ec_curve=secp256r1 filename=cert83.key
programs/x509/cert_write serial=81 output_file=cert81.crt is_ca=1 \
issuer_key=cert81.key issuer_name="CN=Root 8,O=mbed TLS,C=UK" \
selfsign=1
programs/x509/cert_write serial=82 output_file=cert82.crt is_ca=1 \
issuer_key=cert81.key issuer_name="CN=Root 8,O=mbed TLS,C=UK" \
subject_key=cert82.key subject_name="CN=Int 82,O=mbed TLS,C=UK" \
max_pathlen=0
programs/x509/cert_write serial=83 output_file=cert83.crt \
issuer_key=cert82.key issuer_name="CN=Int 82,O=mbed TLS,C=UK" \
subject_key=cert83.key subject_name="CN=EE 83,O=mbed TLS,C=UK"
mv cert8?.crt tests/data_files/dir4
rm cert8?.key
2015-11-19 10:56:30 +01:00
733676b978
Allow test suites to be run on Windows
...
For a start, they don't even compile with Visual Studio due to strcasecmp
being missing. Secondly, on Windows Perl scripts aren't executable and have
to be run using the Perl interpreter directly; thankfully CMake is able to
find cygwin Perl straight away without problems.
2015-11-14 13:09:01 +00:00
8254ed2a9f
Change version number to 2.2.0
...
Changed for library and yotta module
2015-11-04 19:55:40 +00:00
a8838af8e6
Use own implementation of strsep()
...
Not available on windows, and strtok() is not a good option
2015-11-02 06:44:24 +09:00
0a543a8bc5
Merge pull request #320 from Inikup/fix-issue-318
...
Fix boolean values according to DER specs
2015-11-02 05:52:42 +09:00
568f1e7cb3
Merge branch 'iotssl-515-max-pathlen' into development
...
* iotssl-515-max-pathlen:
Add Changelog entries for this branch
Fix a style issue
Fix whitespace at EOL issues
Use symbolic constants in test data
Fixed pathlen contraint enforcement.
Additional corner cases for testing pathlen constrains. Just in case.
Added test case for pathlen constrains in intermediate certificates
2015-11-02 05:49:08 +09:00
6c92268093
Improved on the previous fix and added a test case to cover both types
...
of carries.
2015-10-30 17:50:12 +01:00
067523ef98
Small improvement to test script
2015-10-30 11:15:40 +01:00
45777c384d
Fix a style issue
2015-10-30 09:24:28 +01:00
e670f90e48
Fix whitespace at EOL issues
2015-10-30 09:23:19 +01:00
03dde85c3b
Use symbolic constants in test data
2015-10-30 09:18:06 +01:00
204606238c
Merge branch 'development' into misc
2015-10-27 16:57:34 +00:00
c87747b675
Removed debug code accidentally left in test code
...
Removed debug code accidentally left in test_suite_x509parse.function.
2015-10-27 15:16:51 +00:00
5f7c34b8b0
Merge branch iotssl-521-keylen-check
2015-10-27 15:14:55 +00:00
e357a64355
Merge pull request #328 from ARMmbed/iotssl-461-ecjpake-finalization
...
Iotssl 461 ecjpake finalization
2015-10-27 00:08:31 +00:00
8483e28e21
Merge remote-tracking branch 'upstream/development' into iss309
2015-10-25 12:36:03 +01:00
6cbacec3b3
Improved on the fix of #309 and extended the test to cover subroutines.
2015-10-25 12:31:27 +01:00
044a86bde8
Tests and fix added for #309 (inplace mpi doubling).
2015-10-25 10:58:03 +01:00
65eefc8707
Fix missing check for RSA key length on EE certs
...
- also adapt tests to use lesser requirement for compatibility with old
testing material
2015-10-23 16:19:53 +02:00
503a5efef1
Add key-exchanges.pl to test list
2015-10-23 09:04:45 +02:00
50bd2607b8
Add -Werror to reduced configs test scripts
2015-10-23 08:53:34 +02:00
5df9216c9e
Add script to test configs with single key exchanges
2015-10-22 16:11:39 +02:00
c8cd2c6577
Small fix to 'make test' script
...
When the tests fail they don't display the number of skipped and run test
2015-10-20 17:01:10 +02:00
8a7a189220
Fix curves.pl for ECJPAKE disabled by default
2015-10-20 16:56:12 +02:00
12ca6f5b9c
Update ssl-opt.sh for EC J-PAKE disabled by default
2015-10-20 15:24:51 +02:00
fadacb9d0b
Merge branch 'development' into iotssl-461-ecjpake-finalization
...
* development: (73 commits)
Bump yotta dependencies version
Fix typo in documentation
Corrected misleading fn description in ssl_cache.h
Corrected URL/reference to MPI library
Fix yotta dependencies
Fix minor spelling mistake in programs/pkey/gen_key.c
Bump version to 2.1.2
Fix CVE number in ChangeLog
Add 'inline' workaround where needed
Fix references to non-standard SIZE_T_MAX
Fix yotta version dependencies again
Upgrade yotta dependency versions
Fix compile error in net.c with musl libc
Add missing warning in doc
Remove inline workaround when not useful
Fix macroization of inline in C++
Changed attribution for Guido Vranken
Merge of IOTSSL-476 - Random malloc in pem_read()
Fix for IOTSSL-473 Double free error
Fix potential overflow in CertificateRequest
...
Conflicts:
include/mbedtls/ssl_internal.h
library/ssl_cli.c
2015-10-20 15:00:29 +02:00
ca700b2371
Add config-thread.h to test-ref-configs.pl
2015-10-20 14:56:04 +02:00
eb47b870b1
Rework test-ref-configs.pl to also use ssl-opt.sh
2015-10-20 14:56:04 +02:00
00ee6eee54
Test certificate "Server1 SHA1, key_usage" reissued.
2015-10-14 13:15:22 +02:00
ef4f2588f3
Additional corner cases for testing pathlen constrains. Just in case.
2015-10-11 16:17:27 +02:00
822b2c33b9
Added test case for pathlen constrains in intermediate certificates
2015-10-11 10:39:15 +02:00
c4e7d8a381
Bump version to 2.1.2
...
Yotta version bumped to 2.1.3, as we had to do one more patch release to the
yotta registry to accommodate for dependencies updates.
2015-10-05 19:13:36 +01:00
50a739f8c3
Add test for base64 output length
2015-09-30 16:31:10 +02:00
2f056a0aee
Try to run yotta update for yotta build test
...
But accept failures in case we're offline
2015-09-18 14:37:54 +02:00
d0d8cb36a4
Cache ClientHello extension
...
This extension is quite costly to generate, and we don't want to re-do it
again when the server performs a DTLS HelloVerify. So, cache the result the
first time and re-use if/when we build a new ClientHello.
Note: re-send due to timeouts are different, as the whole message is cached
already, so they don't need any special support.
2015-09-17 14:16:30 +02:00
6657b8da3b
Fix curve-dependency test
2015-09-17 13:46:21 +02:00
8cea8ad8b8
Bump version to 2.1.1
2015-09-17 11:58:45 +02:00
921f2d02cf
Add test cases with DTLS and/or password mismatch
2015-09-16 22:58:30 +02:00
0f1660ab4f
Implement key exchange messages and PMS derivation
...
This completes the first working version. No interop testing done yet.
2015-09-16 22:58:30 +02:00
0a1324aaa1
Add client-side extension parsing
2015-09-16 22:58:29 +02:00
55c7f99112
Add server writing of the extension
2015-09-16 22:58:29 +02:00
bf57be690e
Add server extension parsing
...
Only accept EC J-PAKE ciphersuite if extension was present and OK (single flag
for both), and ignore extension if we have no password.
2015-09-16 22:58:29 +02:00
e511b4e7cb
Ignore ECJPAKE suite if not configured on server
2015-09-16 22:58:29 +02:00
6ad23b9855
Make failing test more robust
...
Let the client retry longer, to make sure the server will time out before the
client gives up. Make it really longer to get a deterministic client exit
status (make sure it has time to reconnect after the server timeout).
2015-09-15 12:57:46 +02:00
259db91023
Add test without cookies
...
Tune existing tests while at it
2015-09-09 11:48:45 +02:00
d745a1a9b7
Add tests for hard reconnect
2015-09-08 12:40:43 +02:00
cd345898a0
Fix #ifdef in test suite
2015-09-07 12:43:11 +02:00
d9802af1d0
Add tests for round 2
...
Also move one check earlier as it makes more sense
2015-09-07 12:43:11 +02:00
3059095e86
Complete tests for reading round one
...
Also change the code to forbid public keys being 0
2015-09-07 12:43:11 +02:00
