Lines Matching +full:- +full:s
3 # ssl-opt.sh
6 # SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
21 set -u
25 ulimit -f 20971520
38 : ${GNUTLS_CLI:=gnutls-cli}
39 : ${GNUTLS_SERV:=gnutls-serv}
54 if git diff --quiet ../include/mbedtls/mbedtls_config.h 2>/dev/null; then
62 : ${MBEDTLS_TEST_PLATFORM:="$(uname -s | tr -c \\n0-9A-Za-z _)-$(uname -m | tr -c \\n0-9A-Za-z _)"}
65 O_SRV="$OPENSSL s_server -www -cert data_files/server5.crt -key data_files/server5.key"
67 G_SRV="$GNUTLS_SERV --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key"
68 G_CLI="echo 'GET / HTTP/1.0' | $GNUTLS_CLI --x509cafile data_files/test-ca_cat12.crt"
73 if [ -n "${OPENSSL_NEXT:-}" ]; then
74 … O_NEXT_SRV="$OPENSSL_NEXT s_server -www -cert data_files/server5.crt -key data_files/server5.key"
75 …O_NEXT_SRV_EARLY_DATA="$OPENSSL_NEXT s_server -early_data -cert data_files/server5.crt -key data_f…
76 O_NEXT_SRV_NO_CERT="$OPENSSL_NEXT s_server -www "
77 O_NEXT_CLI="echo 'GET / HTTP/1.0' | $OPENSSL_NEXT s_client -CAfile data_files/test-ca_cat12.crt"
87 if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then
88 …G_NEXT_SRV="$GNUTLS_NEXT_SERV --x509certfile data_files/server5.crt --x509keyfile data_files/serve…
95 if [ -n "${GNUTLS_NEXT_CLI:-}" ]; then
96 G_NEXT_CLI="echo 'GET / HTTP/1.0' | $GNUTLS_NEXT_CLI --x509cafile data_files/test-ca_cat12.crt"
120 # Pick a "unique" server port in the range 10000-19999, and a proxy
128 printf " -h|--help\tPrint this help.\n"
129 printf " -m|--memcheck\tCheck memory leaks and errors.\n"
130 printf " -f|--filter\tOnly matching tests are executed (substring or BRE)\n"
131 printf " -e|--exclude\tMatching tests are excluded (substring or BRE)\n"
132 printf " -n|--number\tExecute only numbered test (comma-separated, e.g. '245,256')\n"
133 printf " -s|--show-numbers\tShow test numbers in front of test names\n"
134 printf " -p|--preserve-logs\tPreserve logs of successful tests as well\n"
135 printf " --list-test-cases\tList all potential test cases (No Execution)\n"
136 printf " --outcome-file\tFile where test outcomes are written\n"
138 printf " --port \tTCP/UDP port (default: randomish 1xxxx)\n"
139 printf " --proxy-port\tTCP/UDP proxy port (default: randomish 2xxxx)\n"
140 printf " --seed \tInteger seed value to use for this test run\n"
141 printf " --test-suite\tOnly matching test suites are executed\n"
142 printf " \t(comma-separated, e.g. 'ssl-opt,tls13-compat')\n\n"
146 while [ $# -gt 0 ]; do
148 -f|--filter)
151 -e|--exclude)
154 -m|--memcheck)
157 -n|--number)
160 -s|--show-numbers)
163 -l|--list-test-cases)
166 -p|--preserve-logs)
169 --outcome-file)
172 --port)
175 --proxy-port)
178 --seed)
181 --test-suite)
184 -h|--help)
201 # testing. Skip non-boolean options (with something other than spaces
203 # space-separated list of symbols.
204 if [ "$LIST_TESTS" -eq 0 ];then
205 CONFIGS_ENABLED=" $(echo `$P_QUERY -l` )"
211 # in theory and expected to be re-introduced at some point, but
243 if ! $P_QUERY -all $* 2>&1 > /dev/null
250 if $P_QUERY -any $* 2>&1 > /dev/null
257 if ! $P_QUERY -any $* 2>&1 > /dev/null
264 if $P_QUERY -all $* 2>&1 > /dev/null
288 if $P_QUERY -all MBEDTLS_SSL_PROTO_TLS1_2
291 elif ! $P_QUERY -all MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED
305 if [ "$LIST_TESTS" -eq 0 ];then
315 if [ -z "$VAL" ]; then
319 elif [ "$VAL" -lt "$2" ]; then
326 if [ -z "$VAL" ]; then
330 elif [ "$VAL" -gt "$2" ]; then
337 if [ -z "$VAL" ]; then
341 elif [ "$VAL" -ne "$2" ]; then
359 # Space-separated list of ciphersuites supported by this build of
362 if [ "$LIST_TESTS" -eq 0 ]; then
364 grep 'TLS-\|TLS1-3' |
365 tr -s ' \n' ' ')"
367 if [ -z "${P_CIPHERSUITES# }" ]; then
382 MODE=${2:-}
410 # - $1 = command line (call to a TLS client or server program)
411 # - $2 = client/server
412 # - $3 = TLS version (TLS12 or TLS13)
413 # - $4 = Use an external tool without ECDH support
414 # - $5 = run test options
420 TEST_OPTIONS=${5:-}
425 tmp="${tmp%%[!-0-9A-Z_a-z]*}"
432 tmp="${tmp%%[!-0-9A-Z_a-z]*}"
437 *[-_\ =]tickets=[^0]*)
441 *[-_\ =]alpn=*)
448 *dir-maxpath*)
457 # support ECDH, so this limit the choice to ECDHE-ECDSA
497 *openssl*) s='-psk abc123 -nocert';;
498 *gnutls-*) s='--pskkey=abc123';;
499 *) s='psk=abc123';;
501 eval $1='"$2 $s"'
502 unset s
506 # If running in a PSK-only build, maybe adapt the test to use a pre-shared key.
508 # If not running in a PSK-only build, do nothing.
509 # If the test looks like it doesn't use a pre-shared key but can run with a
510 # pre-shared key, pass a pre-shared key. If the test looks like it can't run
511 # with a pre-shared key, skip it. If the test looks like it's already using
512 # a pre-shared key, do nothing.
514 # This code does not consider builds with ECDHE-PSK or RSA-PSK.
518 # * $PSK_ONLY: YES if running in a PSK-only build (no asymmetric key exchanges).
522 # * $CLI_CMD, $SRV_CMD: may be modified to add PSK-relevant arguments.
532 *[-_\ =]psk*|*[-_\ =]PSK*)
535 # The test case forces a non-PSK cipher suite. In some cases, a
540 *\ auth_mode=*|*[-_\ =]crt[_=]*)
551 *\ MBEDTLS_KEY_EXCHANGE_P[^S]*) PSK_ONLY="NO";;
576 CURR_ALG=$(echo "$CURR_ALG" | sed 's/_//2')
609 echo "Unsupported hash alg - $1"
641 if [ -z "${OPENSSL_HAS_FBSCSV:-}" ]; then
642 if $OPENSSL s_client -help 2>&1 | grep fallback_scsv >/dev/null
662 if [ -z "${GNUTLS_AVAILABLE:-}" ]; then
674 # skip next test if GnuTLS-next isn't available
676 if [ -z "${GNUTLS_NEXT_AVAILABLE:-}" ]; then
677 if ( which "${GNUTLS_NEXT_CLI:-}" && which "${GNUTLS_NEXT_SERV:-}" ) >/dev/null 2>&1; then
689 if [ -z "${OPENSSL_NEXT_AVAILABLE:-}" ]; then
690 if which "${OPENSSL_NEXT:-}" >/dev/null 2>&1; then
707 if [ -z "${OPENSSL_3_X_AVAILABLE:-}" ]; then
740 if [ -z "${OPENSSL_TLS1_3_AVAILABLE:-}" ]; then
741 if $OPENSSL_NEXT s_client -help 2>&1 | grep tls1_3 >/dev/null
759 if [ -z "${GNUTLS_TLS1_3_AVAILABLE:-}" ]; then
760 if $GNUTLS_NEXT_CLI -l 2>&1 | grep VERS-TLS1.3 >/dev/null
778 if [ -z "${GNUTLS_NO_TICKETS_AVAILABLE:-}" ]; then
779 if $GNUTLS_NEXT_CLI --priority-list 2>&1 | grep NO_TICKETS >/dev/null
797 if [ -z "${GNUTLS_DISABLE_TLS13_COMPAT_MODE_AVAILABLE:-}" ]; then
798 if $GNUTLS_NEXT_CLI --priority-list 2>&1 | grep DISABLE_TLS13_COMPAT_MODE >/dev/null
825 if [ -z "${HAS_IPV6:-}" ]; then
830 if grep "NET - Binding of the socket failed" $SRV_OUT >/dev/null; then
835 rm -r $SRV_OUT
843 # skip next test if it's i686 or uname is not available
845 if [ -z "${IS_I686:-}" ]; then
848 if [ -z "$(uname -a | grep i686)" ]; then
861 if [ "$LIST_TESTS" -eq 0 ];then
865 if [ "$MAX_IN_LEN" -lt "$MAX_CONTENT_LEN" ]; then
868 if [ "$MAX_OUT_LEN" -lt "$MAX_CONTENT_LEN" ]; then
874 if [ "$MAX_OUT_LEN" -ne 16384 ]; then
881 if [ "$MEMCHECK" -gt 0 ]; then
888 if [ "$MEMCHECK" -eq 0 ]; then
908 if [ "$SHOW_TEST_NUMBER" -gt 0 ]; then
914 printf "%s " "$LINE"
915 LEN=$(( 72 - `echo "$LINE" | wc -c` ))
921 # record_outcome <outcome> [<failure-reason>]
926 if [ -n "$MBEDTLS_TEST_OUTCOME_FILE" ]; then
927 printf '%s;%s;%s;%s;%s;%s\n' \
929 "${TEST_SUITE_NAME:-ssl-opt}" "$NAME" \
930 "$1" "${2-}" \
950 if [ $TIMES_LEFT -eq 0 ]; then
967 mv $SRV_OUT o-srv-${TESTS}.log
968 mv $CLI_OUT o-cli-${TESTS}.log
969 if [ -n "$PXY_CMD" ]; then
970 mv $PXY_OUT o-pxy-${TESTS}.log
972 echo " ! outputs saved to o-XXX-${TESTS}.log"
974 if [ "${LOG_FAILURE_ON_STDOUT:-0}" != 0 ]; then
976 cat o-srv-${TESTS}.log
979 cat o-cli-${TESTS}.log
980 if [ -n "$PXY_CMD" ]; then
983 cat o-pxy-${TESTS}.log
1000 # openssl s_server doesn't have -www with DTLS
1003 *s_server*-dtls*)
1005 SRV_CMD="$( echo $SRV_CMD | sed s/-www// )";;
1012 if [ $NEEDS_INPUT -eq 0 ]; then
1024 if ( grep -F 'All heap blocks were freed -- no leaks are possible' "$1" &&
1025 grep -F 'ERROR SUMMARY: 0 errors from 0 contexts' "$1" ) > /dev/null
1038 START_TIME=$(date +%s)
1039 if [ "$DTLS" -eq 1 ]; then
1044 # Make a tight loop, server normally takes less than 1s to start.
1046 SERVER_PIDS=$(lsof -a -n -b -i "$proto:$1" -t)
1052 if [ $(( $(date +%s) - $START_TIME )) -gt $DOG_DELAY ]; then
1080 # included in the first 4 bytes of the random bytes and check that it's within
1084 SERVER_HELLO_TIME="$(sed -n 's/.*server hello, current time: //p' < "$1")"
1086 CUR_TIME=$(date +'%s')
1090 if [ -z "$SERVER_HELLO_TIME" ]; then
1095 if [ $SERVER_HELLO_TIME -lt $(( $CUR_TIME - $THRESHOLD_IN_SECS )) ]; then
1098 elif [ $SERVER_HELLO_TIME -gt $(( $CUR_TIME + $THRESHOLD_IN_SECS )) ]; then
1112 …MEM_USAGE=$(sed -n 's/.*Heap memory usage after handshake: //p' < "$OUTPUT_FILE" | grep -o "[0-9]*…
1115 if [ -z "$MEM_USAGE" ]; then
1136 if [ "$MEMORY_USAGE" -gt "$MAX_MEMORY" ]; then
1173 *dtls=1*|*-dtls*|*-u*) DTLS=1;;
1181 *gnutls-cli*)
1184 *gnutls-serv*)
1200 *${GNUTLS_NEXT_SERV:-"gnutls-serv-dummy"}*|\
1201 *${OPENSSL_NEXT:-"openssl-dummy"}*)
1207 *${GNUTLS_NEXT_CLI:-"gnutls-cli-dummy"}*|\
1208 *${OPENSSL_NEXT:-"openssl-dummy"}*)
1246 case ${1-} in
1263 srv_pattern=$(grep -m 1 "$1" "$2");
1264 if [ -z "$srv_pattern" ]; then
1294 # as it provides timing info that's useful to debug failures
1295 if [ -z "$PXY_CMD" ] && [ "$DTLS" -eq 1 ]; then
1308 if [ "$CMD_IS_GNUTLS" -eq 1 ]; then
1310 *--priority*) :;;
1311 *) SRV_CMD="$SRV_CMD --priority=NORMAL";;
1320 if [ "$CMD_IS_GNUTLS" -eq 1 ]; then
1322 *--priority*) :;;
1323 *) CLI_CMD="$CLI_CMD --priority=NORMAL";;
1328 if [ -n "$PXY_CMD" ]; then
1329 CLI_CMD=$( echo "$CLI_CMD" | sed s/+SRV_PORT/$PXY_PORT/g )
1331 CLI_CMD=$( echo "$CLI_CMD" | sed s/+SRV_PORT/$SRV_PORT/g )
1335 if [ "$MEMCHECK" -gt 0 ]; then
1337 SRV_CMD="valgrind --leak-check=full $SRV_CMD"
1340 CLI_CMD="valgrind --leak-check=full $CLI_CMD"
1360 if [ $TIMES_LEFT -gt 0 ] &&
1363 outcome="RETRY(client-timeout)"
1368 # (useful to avoid tests with only negative assertions and non-zero
1399 if [ \( "$CLI_EXPECT" = 0 -a "$CLI_EXIT" != 0 \) -o \
1400 \( "$CLI_EXPECT" != 0 -a "$CLI_EXIT" = 0 \) ]
1409 while [ $# -gt 0 ]
1412 "-s")
1413 …if grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null…
1419 "-c")
1420 …if grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null…
1426 "-S")
1427 …if grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null…
1435 "-C")
1436 …if grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep "$2" >/dev/null…
1444 # The filtering in the following two options (-u and -U) do the following
1445 # - ignore valgrind output
1446 # - filter out everything but lines right after the pattern occurrences
1447 # - keep one of each non-unique line
1448 # - count how many lines remain
1449 …# A line with '--' will remain in the result from previous outputs, so the number of lines in the …
1451 "-U")
1452 …if [ $(grep -v '^==' $SRV_OUT | grep -v 'Serious error when reading debug info' | grep -A1 "$2" | …
1458 "-u")
1459 …if [ $(grep -v '^==' $CLI_OUT | grep -v 'Serious error when reading debug info' | grep -A1 "$2" | …
1464 "-F")
1470 "-f")
1476 "-g")
1490 # check valgrind's results
1491 if [ "$MEMCHECK" -gt 0 ]; then
1519 if [ -n "$PXY_CMD" ]; then
1520 printf "# %s\n%s\n" "$NAME" "$PXY_CMD" > $PXY_OUT
1527 printf '# %s\n%s\n' "$NAME" "$SRV_CMD" > $SRV_OUT
1532 printf '# %s\n%s\n' "$NAME" "$CLI_CMD" > $CLI_OUT
1534 # work properly, that's why the ampersand is placed inside the eval command,
1549 if [ -n "$PXY_CMD" ]; then
1563 # - we can force a ciphersuite which contains "WITH" in its name, meaning
1565 # - etc etc
1603 if $P_QUERY -all MBEDTLS_SSL_PROTO_TLS1_3
1611 # Usage: run_test name [-p proxy_cmd] srv_cmd cli_cmd cli_exit [option [...]]
1612 # Options: -s pattern pattern that must be present in server output
1613 # -c pattern pattern that must be present in client output
1614 # -u pattern lines after pattern must be unique in client output
1615 # -f call shell function on client output
1616 # -S pattern pattern that must be absent in server output
1617 # -C pattern pattern that must be absent in client output
1618 # -U pattern lines after pattern must be unique in server output
1619 # -F call shell function on server output
1620 # -g call shell function on server and client output
1631 if [ "$LIST_TESTS" -gt 0 ]; then
1632 printf "%s\n" "${TEST_SUITE_NAME:-ssl-opt};$NAME"
1636 # Use ssl-opt as default test suite name. Also see record_outcome function
1637 if is_excluded_test_suite "${TEST_SUITE_NAME:-ssl-opt}"; then
1646 if [ -n "$RUN_TEST_NUMBER" ]; then
1654 if [ "X$1" = "X-p" ]; then
1675 if [ "$DTLS" -eq 1 ]; then
1690 # from their command-line arguments, check whether they're enabled.
1694 # If we're in a PSK-only build and the test can be adapted to PSK, do that.
1709 while [ $TIMES_LEFT -gt 0 ]; do
1710 TIMES_LEFT=$(( $TIMES_LEFT - 1 ))
1724 if [ "$PRESERVE_LOGS" -gt 0 ]; then
1725 mv $SRV_OUT o-srv-${TESTS}.log
1726 mv $CLI_OUT o-cli-${TESTS}.log
1727 if [ -n "$PXY_CMD" ]; then
1728 mv $PXY_OUT o-pxy-${TESTS}.log
1732 rm -f $SRV_OUT $CLI_OUT $PXY_OUT
1738 run_test "PSA-supported ciphersuite: $1" \
1742 -c "$maybe_calc_verify" \
1743 -c "calc PSA finished" \
1744 -s "$maybe_calc_verify" \
1745 -s "calc PSA finished" \
1746 -s "Protocol is TLSv1.2" \
1747 -c "Perform PSA-based ECDH computation."\
1748 -c "Perform PSA-based computation of digest of ServerKeyExchange" \
1749 -S "error" \
1750 -C "error"
1757 run_test "PSA - ECDH with $1" \
1759 … "$P_CLI debug_level=4 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 groups=$1" \
1761 -c "$maybe_calc_verify" \
1762 -c "calc PSA finished" \
1763 -s "$maybe_calc_verify" \
1764 -s "calc PSA finished" \
1765 -s "Protocol is TLSv1.2" \
1766 -c "Perform PSA-based ECDH computation."\
1767 -c "Perform PSA-based computation of digest of ServerKeyExchange" \
1768 -S "error" \
1769 -C "error"
1773 # Test that the server's memory usage after a handshake is reduced when a client specifies
1779 # The test passes if the difference is around 2*(16k-MFL)
1780 MEMORY_USAGE_LIMIT="$(( $2 - ( 2 * ( 16384 - $1 )) ))"
1789 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM max_frag_len=$1" \
1791 -F "handshake_memory_check $MEMORY_USAGE_LIMIT"
1795 # Test that the server's memory usage after a handshake is reduced when a client specifies
1804 run_test "Handshake memory usage initial (MFL 16384 - default)" \
1808 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM" \
1810 -F "handshake_memory_get MEMORY_USAGE_MFL_16K"
1826 rm -f $CLI_OUT $SRV_OUT $PXY_OUT $SESSION
1827 rm -f context_srv.txt
1828 rm -f context_cli.txt
1829 test -n "${SRV_PID:-}" && kill $SRV_PID >/dev/null 2>&1
1830 test -n "${PXY_PID:-}" && kill $PXY_PID >/dev/null 2>&1
1831 test -n "${CLI_PID:-}" && kill $CLI_PID >/dev/null 2>&1
1832 test -n "${DOG_PID:-}" && kill $DOG_PID >/dev/null 2>&1
1856 # if it is the only special character in the string. This is because it's
1858 # (e.g. '-f "DTLS 1.2"').
1865 *) # No regexp or shell-pattern special character
1873 *) # No regexp or shell-pattern special character
1876 if [ -n "$need_grep" ]; then
1878 ! echo "$1" | grep "$FILTER" | grep -q -v "$EXCLUDE"
1892 if [ -n "$RUN_TEST_SUITE" ]
1905 if [ "$LIST_TESTS" -eq 0 ];then
1911 if [ ! -x "$P_SRV_BIN" ]; then
1915 if [ ! -x "$P_CLI_BIN" ]; then
1919 if [ ! -x "$P_PXY_BIN" ]; then
1923 if [ "$MEMCHECK" -gt 0 ]; then
1938 # - how long do we wait for the server to start (when lsof not available)?
1939 # - how long do we allow for the client to finish?
1943 # Note: without lsof, there is a trade-off between the running time of this
1947 if [ "$MEMCHECK" -gt 0 ]; then
1956 # - for the client, we multiply the usual watchdog limit by a factor
1957 # - for the server, we sleep for a number of seconds after the client exits
1969 O_SRV="$O_SRV -accept $SRV_PORT"
1970 O_CLI="$O_CLI -connect 127.0.0.1:+SRV_PORT"
1971 G_SRV="$G_SRV -p $SRV_PORT"
1972 G_CLI="$G_CLI -p +SRV_PORT"
1975 # low-security ones. This covers not just cipher suites but also protocol
1979 # a way to discover it from -help, so check the openssl version.
1983 O_CLI="$O_CLI -cipher ALL@SECLEVEL=0"
1984 O_SRV="$O_SRV -cipher ALL@SECLEVEL=0"
1988 if [ -n "${OPENSSL_NEXT:-}" ]; then
1989 O_NEXT_SRV="$O_NEXT_SRV -accept $SRV_PORT"
1990 O_NEXT_SRV_NO_CERT="$O_NEXT_SRV_NO_CERT -accept $SRV_PORT"
1991 O_NEXT_SRV_EARLY_DATA="$O_NEXT_SRV_EARLY_DATA -accept $SRV_PORT"
1992 O_NEXT_CLI="$O_NEXT_CLI -connect 127.0.0.1:+SRV_PORT"
1993 O_NEXT_CLI_NO_CERT="$O_NEXT_CLI_NO_CERT -connect 127.0.0.1:+SRV_PORT"
1996 if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then
1997 G_NEXT_SRV="$G_NEXT_SRV -p $SRV_PORT"
1998 G_NEXT_SRV_NO_CERT="$G_NEXT_SRV_NO_CERT -p $SRV_PORT"
2001 if [ -n "${GNUTLS_NEXT_CLI:-}" ]; then
2002 G_NEXT_CLI="$G_NEXT_CLI -p +SRV_PORT"
2003 G_NEXT_CLI_NO_CERT="$G_NEXT_CLI_NO_CERT -p +SRV_PORT localhost"
2006 # Allow SHA-1, because many of our test certificates use it
2024 # - things work with all ciphersuites active (used with config-full in all.sh)
2025 # - the expected parameters are selected
2026 requires_ciphersuite_enabled TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256
2034 -s "Protocol is TLSv1.2" \
2035 -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256" \
2036 -s "client hello v3, signature_algorithm ext: 6" \
2037 -s "ECDHE curve: x25519" \
2038 -S "error" \
2039 -C "error"
2042 requires_ciphersuite_enabled TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256
2047 -s "Protocol is DTLSv1.2" \
2048 -s "Ciphersuite is TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256"
2055 -s "Verifying peer X.509 certificate... ok"
2057 run_test "key size: TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
2059 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
2061 -c "Ciphersuite is TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
2062 -c "Key size is 256"
2064 run_test "key size: TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
2066 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
2068 -c "Ciphersuite is TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
2069 -c "Key size is 128"
2073 # server5.key.enc is in PEM format and AES-256-CBC crypted. Unfortunately PEM
2085 # server5.key.enc is in PEM format and AES-256-CBC crypted. Unfortunately PEM
2098 # server5.key.enc is in PEM format and AES-256-CBC crypted. Unfortunately PEM
2115 -c "use CA callback for X.509 CRT verification" \
2116 -S "error" \
2117 -C "error"
2127 -c "use CA callback for X.509 CRT verification" \
2128 -s "Verifying peer X.509 certificate... ok" \
2129 -S "error" \
2130 -C "error"
2137 run_test "Opaque key for client authentication: ECDHE-ECDSA" \
2141 key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none" \
2143 -c "key type: Opaque" \
2144 -c "Ciphersuite is TLS-ECDHE-ECDSA" \
2145 -s "Verifying peer X.509 certificate... ok" \
2146 -s "Ciphersuite is TLS-ECDHE-ECDSA" \
2147 -S "error" \
2148 -C "error"
2156 run_test "Opaque key for client authentication: ECDHE-RSA" \
2157 "$P_SRV force_version=tls12 auth_mode=required crt_file=data_files/server2-sha256.crt \
2159 "$P_CLI key_opaque=1 crt_file=data_files/server2-sha256.crt \
2160 key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \
2162 -c "key type: Opaque" \
2163 -c "Ciphersuite is TLS-ECDHE-RSA" \
2164 -s "Verifying peer X.509 certificate... ok" \
2165 -s "Ciphersuite is TLS-ECDHE-RSA" \
2166 -S "error" \
2167 -C "error"
2173 run_test "Opaque key for client authentication: DHE-RSA" \
2174 "$P_SRV force_version=tls12 auth_mode=required crt_file=data_files/server2-sha256.crt \
2176 "$P_CLI key_opaque=1 crt_file=data_files/server2-sha256.crt \
2177 key_file=data_files/server2.key force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
2178 key_opaque_algs=rsa-sign-pkcs1,none" \
2180 -c "key type: Opaque" \
2181 -c "Ciphersuite is TLS-DHE-RSA" \
2182 -s "Verifying peer X.509 certificate... ok" \
2183 -s "Ciphersuite is TLS-DHE-RSA" \
2184 -S "error" \
2185 -C "error"
2192 run_test "Opaque key for server authentication: ECDHE-ECDSA" \
2194 key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none" \
2197 -c "Verifying peer X.509 certificate... ok" \
2198 -c "Ciphersuite is TLS-ECDHE-ECDSA" \
2199 -s "key types: Opaque, none" \
2200 -s "Ciphersuite is TLS-ECDHE-ECDSA" \
2201 -S "error" \
2202 -C "error"
2207 run_test "Opaque key for server authentication: ECDH-" \
2209 crt_file=data_files/server5.ku-ka.crt\
2213 -c "Verifying peer X.509 certificate... ok" \
2214 -c "Ciphersuite is TLS-ECDH-" \
2215 -s "key types: Opaque, none" \
2216 -s "Ciphersuite is TLS-ECDH-" \
2217 -S "error" \
2218 -C "error"
2226 key_file=data_files/server5.key key_opaque_algs=rsa-decrypt,none \
2230 -s "key types: Opaque, none" \
2231 -s "error" \
2232 -c "error" \
2233 -c "Public key type mismatch"
2242 "$P_SRV key_opaque=1 crt_file=data_files/server2-sha256.crt \
2247 -s "key types: Opaque, none" \
2248 -s "error" \
2249 -c "error" \
2250 -c "Public key type mismatch"
2258 key_file=data_files/server5.key key_opaque_algs=rsa-decrypt,none \
2262 -s "key types: Opaque, none" \
2263 -s "got ciphersuites in common, but none of them usable" \
2264 -s "error" \
2265 -c "error"
2273 "$P_SRV key_opaque=1 crt_file=data_files/server2-sha256.crt \
2278 -s "key types: Opaque, none" \
2279 -s "got ciphersuites in common, but none of them usable" \
2280 -s "error" \
2281 -c "error"
2286 run_test "Opaque key for server authentication: invalid alg: ECDHE-ECDSA with ecdh" \
2290 "$P_CLI force_version=tls12 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \
2292 -s "key types: Opaque, none" \
2293 -s "got ciphersuites in common, but none of them usable" \
2294 -s "error" \
2295 -c "error"
2302 run_test "Opaque keys for server authentication: EC keys with different algs, force ECDHE-ECDSA"…
2306 key_opaque_algs2=ecdsa-sign,none" \
2309 -c "Verifying peer X.509 certificate... ok" \
2310 -c "Ciphersuite is TLS-ECDHE-ECDSA" \
2311 -c "CN=Polarssl Test EC CA" \
2312 -s "key types: Opaque, Opaque" \
2313 -s "Ciphersuite is TLS-ECDHE-ECDSA" \
2314 -S "error" \
2315 -C "error"
2321 run_test "Opaque keys for server authentication: EC keys with different algs, force ECDH-ECDSA" \
2323 key_file=data_files/server7.key key_opaque_algs=ecdsa-sign,none \
2326 … "$P_CLI force_version=tls12 force_ciphersuite=TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384" \
2328 -c "Verifying peer X.509 certificate... ok" \
2329 -c "Ciphersuite is TLS-ECDH-ECDSA" \
2330 -c "CN=Polarssl Test EC CA" \
2331 -s "key types: Opaque, Opaque" \
2332 -s "Ciphersuite is TLS-ECDH-ECDSA" \
2333 -S "error" \
2334 -C "error"
2340 run_test "Opaque keys for server authentication: EC + RSA, force ECDHE-ECDSA" \
2342 key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none \
2343 crt_file2=data_files/server2-sha256.crt \
2344 key_file2=data_files/server2.key key_opaque_algs2=rsa-sign-pkcs1,none" \
2345 "$P_CLI force_version=tls12 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-CCM" \
2347 -c "Verifying peer X.509 certificate... ok" \
2348 -c "Ciphersuite is TLS-ECDHE-ECDSA" \
2349 -c "CN=Polarssl Test EC CA" \
2350 -s "key types: Opaque, Opaque" \
2351 -s "Ciphersuite is TLS-ECDHE-ECDSA" \
2352 -S "error" \
2353 -C "error"
2361 … "$P_SRV debug_level=4 auth_mode=required key_opaque=1 key_opaque_algs=rsa-decrypt,none" \
2362 "$P_CLI debug_level=4 key_opaque=1 key_opaque_algs=rsa-decrypt,rsa-sign-pss" \
2364 -c "key type: Opaque" \
2365 -s "key types: Opaque, Opaque" \
2366 -c "error" \
2367 -s "no suitable signature algorithm"
2375 … "$P_SRV debug_level=4 auth_mode=required key_opaque=1 key_opaque_algs=rsa-decrypt,rsa-sign-pss" \
2376 "$P_CLI debug_level=4 key_opaque=1 key_opaque_algs=rsa-decrypt,rsa-sign-pss" \
2378 -c "key type: Opaque" \
2379 -s "key types: Opaque, Opaque" \
2380 -C "error" \
2381 -S "error"
2389 … "$P_SRV debug_level=4 auth_mode=required key_opaque=1 key_opaque_algs=rsa-sign-pss-sha512,none" \
2392 -s "key types: Opaque, Opaque" \
2393 -s "CertificateVerify signature failed with rsa_pss_rsae_sha256" \
2394 -s "CertificateVerify signature with rsa_pss_rsae_sha512" \
2395 -C "error" \
2396 -S "error" \
2404 …th_mode=required key_opaque=1 key_opaque_algs2=ecdsa-sign,none key_opaque_algs=rsa-decrypt,rsa-sig…
2405 "$P_CLI debug_level=4 key_opaque=1 key_opaque_algs=rsa-decrypt,rsa-sign-pss" \
2407 -c "key type: Opaque" \
2408 -s "key types: Opaque, Opaque" \
2409 -C "error" \
2410 -S "error" \
2418 run_test "Opaque key for server authentication: ECDHE-RSA" \
2419 "$P_SRV key_opaque=1 crt_file=data_files/server2-sha256.crt \
2420 key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \
2423 -c "Verifying peer X.509 certificate... ok" \
2424 -c "Ciphersuite is TLS-ECDHE-RSA" \
2425 -s "key types: Opaque, none" \
2426 -s "Ciphersuite is TLS-ECDHE-RSA" \
2427 -S "error" \
2428 -C "error"
2434 run_test "Opaque key for server authentication: DHE-RSA" \
2435 "$P_SRV key_opaque=1 crt_file=data_files/server2-sha256.crt \
2436 key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \
2437 "$P_CLI force_version=tls12 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
2439 -c "Verifying peer X.509 certificate... ok" \
2440 -c "Ciphersuite is TLS-DHE-RSA" \
2441 -s "key types: Opaque, none" \
2442 -s "Ciphersuite is TLS-DHE-RSA" \
2443 -S "error" \
2444 -C "error"
2450 run_test "Opaque key for server authentication: RSA-PSK" \
2451 "$P_SRV debug_level=1 key_opaque=1 key_opaque_algs=rsa-decrypt,none \
2453 "$P_CLI force_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256 \
2456 -c "Verifying peer X.509 certificate... ok" \
2457 -c "Ciphersuite is TLS-RSA-PSK-" \
2458 -s "key types: Opaque, Opaque" \
2459 -s "Ciphersuite is TLS-RSA-PSK-" \
2460 -S "error" \
2461 -C "error"
2467 run_test "Opaque key for server authentication: RSA-" \
2468 "$P_SRV debug_level=3 key_opaque=1 key_opaque_algs=rsa-decrypt,none " \
2469 "$P_CLI force_version=tls12 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA256" \
2471 -c "Verifying peer X.509 certificate... ok" \
2472 -c "Ciphersuite is TLS-RSA-" \
2473 -s "key types: Opaque, Opaque" \
2474 -s "Ciphersuite is TLS-RSA-" \
2475 -S "error" \
2476 -C "error"
2482 run_test "Opaque key for server authentication: DHE-RSA, PSS instead of PKCS1" \
2483 "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \
2484 key_file=data_files/server2.key key_opaque_algs=rsa-sign-pss,none debug_level=1" \
2485 "$P_CLI crt_file=data_files/server2-sha256.crt \
2486 key_file=data_files/server2.key force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
2488 -s "key types: Opaque, none" \
2489 -s "got ciphersuites in common, but none of them usable" \
2490 -s "error" \
2491 -c "error"
2500 …$P_SRV force_version=tls12 auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \
2501 key_file=data_files/server2.key key_opaque_algs=rsa-sign-pss,none \
2503 key_file2=data_files/server4.key key_opaque_algs2=rsa-sign-pkcs1,none" \
2506 -c "Verifying peer X.509 certificate... ok" \
2507 -c "Ciphersuite is TLS-ECDHE-RSA" \
2508 -c "CN=Polarssl Test EC CA" \
2509 -s "key types: Opaque, Opaque" \
2510 -s "Ciphersuite is TLS-ECDHE-RSA" \
2511 -S "error" \
2512 -C "error"
2519 run_test "Opaque keys for server authentication: EC + RSA, force DHE-RSA" \
2521 key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none \
2523 key_file2=data_files/server4.key key_opaque_algs2=rsa-sign-pkcs1,none" \
2524 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
2526 -c "Verifying peer X.509 certificate... ok" \
2527 -c "Ciphersuite is TLS-DHE-RSA" \
2528 -c "CN=Polarssl Test EC CA" \
2529 -s "key types: Opaque, Opaque" \
2530 -s "Ciphersuite is TLS-DHE-RSA" \
2531 -S "error" \
2532 -C "error"
2539 run_test "Opaque key for client/server authentication: ECDHE-ECDSA" \
2541 key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none" \
2543 key_file=data_files/server5.key key_opaque_algs=ecdsa-sign,none" \
2545 -c "key type: Opaque" \
2546 -c "Verifying peer X.509 certificate... ok" \
2547 -c "Ciphersuite is TLS-ECDHE-ECDSA" \
2548 -s "key types: Opaque, none" \
2549 -s "Verifying peer X.509 certificate... ok" \
2550 -s "Ciphersuite is TLS-ECDHE-ECDSA" \
2551 -S "error" \
2552 -C "error"
2560 run_test "Opaque key for client/server authentication: ECDHE-RSA" \
2561 "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \
2562 key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \
2563 "$P_CLI force_version=tls12 key_opaque=1 crt_file=data_files/server2-sha256.crt \
2564 key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \
2566 -c "key type: Opaque" \
2567 -c "Verifying peer X.509 certificate... ok" \
2568 -c "Ciphersuite is TLS-ECDHE-RSA" \
2569 -s "key types: Opaque, none" \
2570 -s "Verifying peer X.509 certificate... ok" \
2571 -s "Ciphersuite is TLS-ECDHE-RSA" \
2572 -S "error" \
2573 -C "error"
2579 run_test "Opaque key for client/server authentication: DHE-RSA" \
2580 "$P_SRV auth_mode=required key_opaque=1 crt_file=data_files/server2-sha256.crt \
2581 key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none" \
2582 "$P_CLI key_opaque=1 crt_file=data_files/server2-sha256.crt \
2583 key_file=data_files/server2.key key_opaque_algs=rsa-sign-pkcs1,none \
2584 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
2586 -c "key type: Opaque" \
2587 -c "Verifying peer X.509 certificate... ok" \
2588 -c "Ciphersuite is TLS-DHE-RSA" \
2589 -s "key types: Opaque, none" \
2590 -s "Verifying peer X.509 certificate... ok" \
2591 -s "Ciphersuite is TLS-DHE-RSA" \
2592 -S "error" \
2593 -C "error"
2598 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CCM
2599 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8
2600 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CCM
2601 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8
2602 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
2603 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
2604 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA
2605 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256
2606 run_test_psa TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384
2625 ## (https://github.com/Mbed-TLS/mbedtls/issues/3541),
2626 ## so it is disabled in PSA even when it's enabled in Mbed TLS.
2628 ## dependencies on PSA symbols in ssl-opt.sh are not implemented yet.
2642 -f "check_server_hello_time" \
2643 -F "check_server_hello_time"
2648 … "$P_CLI exchanges=20 debug_level=4 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \
2650 -u "IV used" \
2651 -U "IV used"
2666 -c "Supported Signature Algorithm found: 04 03"
2675 "$O_CLI -cert data_files/server6.crt \
2676 -key data_files/server6.key" \
2680 run_test "Configuration-specific CRT verification callback" \
2684 -S "error" \
2685 -c "Verify requested for " \
2686 -c "Use configuration-specific verification callback" \
2687 -C "Use context-specific verification callback" \
2688 -C "error"
2690 run_test "Context-specific CRT verification callback" \
2694 -S "error" \
2695 -c "Verify requested for " \
2696 -c "Use context-specific verification callback" \
2697 -C "Use configuration-specific verification callback" \
2698 -C "error"
2700 # Tests for SHA-1 support
2701 run_test "SHA-1 forbidden by default in server certificate" \
2705 -c "The certificate is signed with an unacceptable hash"
2707 run_test "SHA-1 explicitly allowed in server certificate" \
2712 run_test "SHA-256 allowed by default in server certificate" \
2713 "$P_SRV key_file=data_files/server2.key crt_file=data_files/server2-sha256.crt" \
2717 run_test "SHA-1 forbidden by default in client certificate" \
2719 "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha1.crt" \
2721 -s "The certificate is signed with an unacceptable hash"
2723 run_test "SHA-1 explicitly allowed in client certificate" \
2725 "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha1.crt" \
2728 run_test "SHA-256 allowed by default in client certificate" \
2730 "$P_CLI key_file=data_files/cli-rsa.key crt_file=data_files/cli-rsa-sha256.crt" \
2739 -c "next record in same datagram" \
2740 -s "next record in same datagram"
2747 -s "next record in same datagram" \
2748 -C "next record in same datagram"
2755 -S "next record in same datagram" \
2756 -c "next record in same datagram"
2763 -S "next record in same datagram" \
2764 -C "next record in same datagram"
2771 … "$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
2773 -c "Deserializing connection..." \
2774 -S "Deserializing connection..."
2779 …P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA2…
2781 -c "Deserializing connection..." \
2782 -S "Deserializing connection..."
2787 …"$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
2789 -c "Deserializing connection..." \
2790 -S "Deserializing connection..."
2799 -c "Deserializing connection..." \
2800 -S "Deserializing connection..."
2805 … "$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
2807 -C "Deserializing connection..." \
2808 -s "Deserializing connection..."
2813 …P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA2…
2815 -C "Deserializing connection..." \
2816 -s "Deserializing connection..."
2821 …"$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
2823 -C "Deserializing connection..." \
2824 -s "Deserializing connection..."
2833 -C "Deserializing connection..." \
2834 -s "Deserializing connection..."
2839 … "$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
2841 -c "Deserializing connection..." \
2842 -s "Deserializing connection..."
2847 …P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA2…
2849 -c "Deserializing connection..." \
2850 -s "Deserializing connection..."
2855 …"$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
2857 -c "Deserializing connection..." \
2858 -s "Deserializing connection..."
2867 -c "Deserializing connection..." \
2868 -s "Deserializing connection..."
2871 run_test "Context serialization, re-init, client serializes, CCM" \
2873 … "$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
2875 -c "Deserializing connection..." \
2876 -S "Deserializing connection..."
2880 run_test "Context serialization, re-init, client serializes, ChaChaPoly" \
2882 …P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA2…
2884 -c "Deserializing connection..." \
2885 -S "Deserializing connection..."
2888 run_test "Context serialization, re-init, client serializes, GCM" \
2890 …"$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
2892 -c "Deserializing connection..." \
2893 -S "Deserializing connection..."
2898 run_test "Context serialization, re-init, client serializes, with CID" \
2902 -c "Deserializing connection..." \
2903 -S "Deserializing connection..."
2906 run_test "Context serialization, re-init, server serializes, CCM" \
2908 … "$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
2910 -C "Deserializing connection..." \
2911 -s "Deserializing connection..."
2914 run_test "Context serialization, re-init, server serializes, ChaChaPoly" \
2916 …P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA2…
2918 -C "Deserializing connection..." \
2919 -s "Deserializing connection..."
2922 run_test "Context serialization, re-init, server serializes, GCM" \
2924 …P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA2…
2926 -C "Deserializing connection..." \
2927 -s "Deserializing connection..."
2932 run_test "Context serialization, re-init, server serializes, with CID" \
2936 -C "Deserializing connection..." \
2937 -s "Deserializing connection..."
2940 run_test "Context serialization, re-init, both serialize, CCM" \
2942 … "$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
2944 -c "Deserializing connection..." \
2945 -s "Deserializing connection..."
2948 run_test "Context serialization, re-init, both serialize, ChaChaPoly" \
2950 …P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA2…
2952 -c "Deserializing connection..." \
2953 -s "Deserializing connection..."
2956 run_test "Context serialization, re-init, both serialize, GCM" \
2958 …P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA2…
2960 -c "Deserializing connection..." \
2961 -s "Deserializing connection..."
2966 run_test "Context serialization, re-init, both serialize, with CID" \
2970 -c "Deserializing connection..." \
2971 -s "Deserializing connection..."
2979 -s "Save serialized context to a file... ok" \
2980 -c "Save serialized context to a file... ok"
2981 rm -f context_srv.txt
2982 rm -f context_cli.txt
2996 -s "Disable use of CID extension." \
2997 -s "found CID extension" \
2998 -s "Client sent CID extension, but CID disabled" \
2999 -c "Enable use of CID extension." \
3000 -c "client hello, adding CID extension" \
3001 -S "server hello, adding CID extension" \
3002 -C "found CID extension" \
3003 -S "Copy CIDs into SSL transform" \
3004 -C "Copy CIDs into SSL transform" \
3005 -c "Use of Connection ID was rejected by the server"
3013 -c "Disable use of CID extension." \
3014 -C "client hello, adding CID extension" \
3015 -S "found CID extension" \
3016 -s "Enable use of CID extension." \
3017 -S "server hello, adding CID extension" \
3018 -C "found CID extension" \
3019 -S "Copy CIDs into SSL transform" \
3020 -C "Copy CIDs into SSL transform" \
3021 -s "Use of Connection ID was not offered by client"
3029 -c "Enable use of CID extension." \
3030 -s "Enable use of CID extension." \
3031 -c "client hello, adding CID extension" \
3032 -s "found CID extension" \
3033 -s "Use of CID extension negotiated" \
3034 -s "server hello, adding CID extension" \
3035 -c "found CID extension" \
3036 -c "Use of CID extension negotiated" \
3037 -s "Copy CIDs into SSL transform" \
3038 -c "Copy CIDs into SSL transform" \
3039 -c "Peer CID (length 2 Bytes): de ad" \
3040 -s "Peer CID (length 2 Bytes): be ef" \
3041 -s "Use of Connection ID has been negotiated" \
3042 -c "Use of Connection ID has been negotiated"
3047 -p "$P_PXY drop=5 delay=5 duplicate=5 bad_cid=1" \
3051 -c "Enable use of CID extension." \
3052 -s "Enable use of CID extension." \
3053 -c "client hello, adding CID extension" \
3054 -s "found CID extension" \
3055 -s "Use of CID extension negotiated" \
3056 -s "server hello, adding CID extension" \
3057 -c "found CID extension" \
3058 -c "Use of CID extension negotiated" \
3059 -s "Copy CIDs into SSL transform" \
3060 -c "Copy CIDs into SSL transform" \
3061 -c "Peer CID (length 2 Bytes): de ad" \
3062 -s "Peer CID (length 2 Bytes): be ef" \
3063 -s "Use of Connection ID has been negotiated" \
3064 -c "Use of Connection ID has been negotiated" \
3065 -c "ignoring unexpected CID" \
3066 -s "ignoring unexpected CID"
3071 -p "$P_PXY mtu=800" \
3075 -c "Enable use of CID extension." \
3076 -s "Enable use of CID extension." \
3077 -c "client hello, adding CID extension" \
3078 -s "found CID extension" \
3079 -s "Use of CID extension negotiated" \
3080 -s "server hello, adding CID extension" \
3081 -c "found CID extension" \
3082 -c "Use of CID extension negotiated" \
3083 -s "Copy CIDs into SSL transform" \
3084 -c "Copy CIDs into SSL transform" \
3085 -c "Peer CID (length 2 Bytes): de ad" \
3086 -s "Peer CID (length 2 Bytes): be ef" \
3087 -s "Use of Connection ID has been negotiated" \
3088 -c "Use of Connection ID has been negotiated"
3093 -p "$P_PXY mtu=800 drop=5 delay=5 duplicate=5 bad_cid=1" \
3097 -c "Enable use of CID extension." \
3098 -s "Enable use of CID extension." \
3099 -c "client hello, adding CID extension" \
3100 -s "found CID extension" \
3101 -s "Use of CID extension negotiated" \
3102 -s "server hello, adding CID extension" \
3103 -c "found CID extension" \
3104 -c "Use of CID extension negotiated" \
3105 -s "Copy CIDs into SSL transform" \
3106 -c "Copy CIDs into SSL transform" \
3107 -c "Peer CID (length 2 Bytes): de ad" \
3108 -s "Peer CID (length 2 Bytes): be ef" \
3109 -s "Use of Connection ID has been negotiated" \
3110 -c "Use of Connection ID has been negotiated" \
3111 -c "ignoring unexpected CID" \
3112 -s "ignoring unexpected CID"
3120 -c "Enable use of CID extension." \
3121 -s "Enable use of CID extension." \
3122 -c "client hello, adding CID extension" \
3123 -s "found CID extension" \
3124 -s "Use of CID extension negotiated" \
3125 -s "server hello, adding CID extension" \
3126 -c "found CID extension" \
3127 -c "Use of CID extension negotiated" \
3128 -s "Copy CIDs into SSL transform" \
3129 -c "Copy CIDs into SSL transform" \
3130 -c "Peer CID (length 4 Bytes): de ad be ef" \
3131 -s "Peer CID (length 0 Bytes):" \
3132 -s "Use of Connection ID has been negotiated" \
3133 -c "Use of Connection ID has been negotiated"
3141 -c "Enable use of CID extension." \
3142 -s "Enable use of CID extension." \
3143 -c "client hello, adding CID extension" \
3144 -s "found CID extension" \
3145 -s "Use of CID extension negotiated" \
3146 -s "server hello, adding CID extension" \
3147 -c "found CID extension" \
3148 -c "Use of CID extension negotiated" \
3149 -s "Copy CIDs into SSL transform" \
3150 -c "Copy CIDs into SSL transform" \
3151 -s "Peer CID (length 4 Bytes): de ad be ef" \
3152 -c "Peer CID (length 0 Bytes):" \
3153 -s "Use of Connection ID has been negotiated" \
3154 -c "Use of Connection ID has been negotiated"
3162 -c "Enable use of CID extension." \
3163 -s "Enable use of CID extension." \
3164 -c "client hello, adding CID extension" \
3165 -s "found CID extension" \
3166 -s "Use of CID extension negotiated" \
3167 -s "server hello, adding CID extension" \
3168 -c "found CID extension" \
3169 -c "Use of CID extension negotiated" \
3170 -s "Copy CIDs into SSL transform" \
3171 -c "Copy CIDs into SSL transform" \
3172 -S "Use of Connection ID has been negotiated" \
3173 -C "Use of Connection ID has been negotiated"
3176 run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID nonempty, AES-128-CCM-8" \
3178 …CLI debug_level=3 dtls=1 cid=1 cid_val=beef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
3180 -c "Enable use of CID extension." \
3181 -s "Enable use of CID extension." \
3182 -c "client hello, adding CID extension" \
3183 -s "found CID extension" \
3184 -s "Use of CID extension negotiated" \
3185 -s "server hello, adding CID extension" \
3186 -c "found CID extension" \
3187 -c "Use of CID extension negotiated" \
3188 -s "Copy CIDs into SSL transform" \
3189 -c "Copy CIDs into SSL transform" \
3190 -c "Peer CID (length 2 Bytes): de ad" \
3191 -s "Peer CID (length 2 Bytes): be ef" \
3192 -s "Use of Connection ID has been negotiated" \
3193 -c "Use of Connection ID has been negotiated"
3196 run_test "Connection ID: Cli+Srv enabled, Cli CID empty, AES-128-CCM-8" \
3198 … "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
3200 -c "Enable use of CID extension." \
3201 -s "Enable use of CID extension." \
3202 -c "client hello, adding CID extension" \
3203 -s "found CID extension" \
3204 -s "Use of CID extension negotiated" \
3205 -s "server hello, adding CID extension" \
3206 -c "found CID extension" \
3207 -c "Use of CID extension negotiated" \
3208 -s "Copy CIDs into SSL transform" \
3209 -c "Copy CIDs into SSL transform" \
3210 -c "Peer CID (length 4 Bytes): de ad be ef" \
3211 -s "Peer CID (length 0 Bytes):" \
3212 -s "Use of Connection ID has been negotiated" \
3213 -c "Use of Connection ID has been negotiated"
3216 run_test "Connection ID: Cli+Srv enabled, Srv CID empty, AES-128-CCM-8" \
3218 …debug_level=3 dtls=1 cid=1 cid_val=deadbeef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
3220 -c "Enable use of CID extension." \
3221 -s "Enable use of CID extension." \
3222 -c "client hello, adding CID extension" \
3223 -s "found CID extension" \
3224 -s "Use of CID extension negotiated" \
3225 -s "server hello, adding CID extension" \
3226 -c "found CID extension" \
3227 -c "Use of CID extension negotiated" \
3228 -s "Copy CIDs into SSL transform" \
3229 -c "Copy CIDs into SSL transform" \
3230 -s "Peer CID (length 4 Bytes): de ad be ef" \
3231 -c "Peer CID (length 0 Bytes):" \
3232 -s "Use of Connection ID has been negotiated" \
3233 -c "Use of Connection ID has been negotiated"
3236 run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID empty, AES-128-CCM-8" \
3238 … "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
3240 -c "Enable use of CID extension." \
3241 -s "Enable use of CID extension." \
3242 -c "client hello, adding CID extension" \
3243 -s "found CID extension" \
3244 -s "Use of CID extension negotiated" \
3245 -s "server hello, adding CID extension" \
3246 -c "found CID extension" \
3247 -c "Use of CID extension negotiated" \
3248 -s "Copy CIDs into SSL transform" \
3249 -c "Copy CIDs into SSL transform" \
3250 -S "Use of Connection ID has been negotiated" \
3251 -C "Use of Connection ID has been negotiated"
3254 run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID nonempty, AES-128-CBC" \
3256 …debug_level=3 dtls=1 cid=1 cid_val=beef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256"…
3258 -c "Enable use of CID extension." \
3259 -s "Enable use of CID extension." \
3260 -c "client hello, adding CID extension" \
3261 -s "found CID extension" \
3262 -s "Use of CID extension negotiated" \
3263 -s "server hello, adding CID extension" \
3264 -c "found CID extension" \
3265 -c "Use of CID extension negotiated" \
3266 -s "Copy CIDs into SSL transform" \
3267 -c "Copy CIDs into SSL transform" \
3268 -c "Peer CID (length 2 Bytes): de ad" \
3269 -s "Peer CID (length 2 Bytes): be ef" \
3270 -s "Use of Connection ID has been negotiated" \
3271 -c "Use of Connection ID has been negotiated"
3274 run_test "Connection ID: Cli+Srv enabled, Cli CID empty, AES-128-CBC" \
3276 … "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
3278 -c "Enable use of CID extension." \
3279 -s "Enable use of CID extension." \
3280 -c "client hello, adding CID extension" \
3281 -s "found CID extension" \
3282 -s "Use of CID extension negotiated" \
3283 -s "server hello, adding CID extension" \
3284 -c "found CID extension" \
3285 -c "Use of CID extension negotiated" \
3286 -s "Copy CIDs into SSL transform" \
3287 -c "Copy CIDs into SSL transform" \
3288 -c "Peer CID (length 4 Bytes): de ad be ef" \
3289 -s "Peer CID (length 0 Bytes):" \
3290 -s "Use of Connection ID has been negotiated" \
3291 -c "Use of Connection ID has been negotiated"
3294 run_test "Connection ID: Cli+Srv enabled, Srv CID empty, AES-128-CBC" \
3296 …g_level=3 dtls=1 cid=1 cid_val=deadbeef force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256"…
3298 -c "Enable use of CID extension." \
3299 -s "Enable use of CID extension." \
3300 -c "client hello, adding CID extension" \
3301 -s "found CID extension" \
3302 -s "Use of CID extension negotiated" \
3303 -s "server hello, adding CID extension" \
3304 -c "found CID extension" \
3305 -c "Use of CID extension negotiated" \
3306 -s "Copy CIDs into SSL transform" \
3307 -c "Copy CIDs into SSL transform" \
3308 -s "Peer CID (length 4 Bytes): de ad be ef" \
3309 -c "Peer CID (length 0 Bytes):" \
3310 -s "Use of Connection ID has been negotiated" \
3311 -c "Use of Connection ID has been negotiated"
3314 run_test "Connection ID: Cli+Srv enabled, Cli+Srv CID empty, AES-128-CBC" \
3316 … "$P_CLI debug_level=3 dtls=1 cid=1 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
3318 -c "Enable use of CID extension." \
3319 -s "Enable use of CID extension." \
3320 -c "client hello, adding CID extension" \
3321 -s "found CID extension" \
3322 -s "Use of CID extension negotiated" \
3323 -s "server hello, adding CID extension" \
3324 -c "found CID extension" \
3325 -c "Use of CID extension negotiated" \
3326 -s "Copy CIDs into SSL transform" \
3327 -c "Copy CIDs into SSL transform" \
3328 -S "Use of Connection ID has been negotiated" \
3329 -C "Use of Connection ID has been negotiated"
3338 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3339 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3340 -s "(initial handshake) Use of Connection ID has been negotiated" \
3341 -c "(initial handshake) Use of Connection ID has been negotiated" \
3342 -c "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3343 -s "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3344 -s "(after renegotiation) Use of Connection ID has been negotiated" \
3345 -c "(after renegotiation) Use of Connection ID has been negotiated"
3354 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3355 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3356 -s "(initial handshake) Use of Connection ID has been negotiated" \
3357 -c "(initial handshake) Use of Connection ID has been negotiated" \
3358 -c "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3359 -s "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3360 -s "(after renegotiation) Use of Connection ID has been negotiated" \
3361 -c "(after renegotiation) Use of Connection ID has been negotiated"
3370 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3371 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3372 -s "(initial handshake) Use of Connection ID has been negotiated" \
3373 -c "(initial handshake) Use of Connection ID has been negotiated" \
3374 -c "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3375 -s "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3376 -s "(after renegotiation) Use of Connection ID has been negotiated" \
3377 -c "(after renegotiation) Use of Connection ID has been negotiated"
3383 -p "$P_PXY mtu=800 drop=5 delay=5 duplicate=5 bad_cid=1" \
3387 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3388 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3389 -s "(initial handshake) Use of Connection ID has been negotiated" \
3390 -c "(initial handshake) Use of Connection ID has been negotiated" \
3391 -c "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3392 -s "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3393 -s "(after renegotiation) Use of Connection ID has been negotiated" \
3394 -c "(after renegotiation) Use of Connection ID has been negotiated" \
3395 -c "ignoring unexpected CID" \
3396 -s "ignoring unexpected CID"
3405 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3406 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3407 -s "(initial handshake) Use of Connection ID has been negotiated" \
3408 -c "(initial handshake) Use of Connection ID has been negotiated" \
3409 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3410 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3411 -C "(after renegotiation) Use of Connection ID has been negotiated" \
3412 -S "(after renegotiation) Use of Connection ID has been negotiated"
3421 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3422 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3423 -s "(initial handshake) Use of Connection ID has been negotiated" \
3424 -c "(initial handshake) Use of Connection ID has been negotiated" \
3425 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3426 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3427 -C "(after renegotiation) Use of Connection ID has been negotiated" \
3428 -S "(after renegotiation) Use of Connection ID has been negotiated"
3434 -p "$P_PXY drop=5 delay=5 duplicate=5 bad_cid=1" \
3438 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3439 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3440 -s "(initial handshake) Use of Connection ID has been negotiated" \
3441 -c "(initial handshake) Use of Connection ID has been negotiated" \
3442 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3443 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3444 -C "(after renegotiation) Use of Connection ID has been negotiated" \
3445 -S "(after renegotiation) Use of Connection ID has been negotiated" \
3446 -c "ignoring unexpected CID" \
3447 -s "ignoring unexpected CID"
3456 -S "(initial handshake) Use of Connection ID has been negotiated" \
3457 -C "(initial handshake) Use of Connection ID has been negotiated" \
3458 -c "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3459 -s "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3460 -c "(after renegotiation) Use of Connection ID has been negotiated" \
3461 -s "(after renegotiation) Use of Connection ID has been negotiated"
3470 -S "(initial handshake) Use of Connection ID has been negotiated" \
3471 -C "(initial handshake) Use of Connection ID has been negotiated" \
3472 -c "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3473 -s "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3474 -c "(after renegotiation) Use of Connection ID has been negotiated" \
3475 -s "(after renegotiation) Use of Connection ID has been negotiated"
3481 -p "$P_PXY mtu=800 drop=5 delay=5 duplicate=5 bad_cid=1" \
3485 -S "(initial handshake) Use of Connection ID has been negotiated" \
3486 -C "(initial handshake) Use of Connection ID has been negotiated" \
3487 -c "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3488 -s "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3489 -c "(after renegotiation) Use of Connection ID has been negotiated" \
3490 -s "(after renegotiation) Use of Connection ID has been negotiated" \
3491 -c "ignoring unexpected CID" \
3492 -s "ignoring unexpected CID"
3501 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3502 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3503 -s "(initial handshake) Use of Connection ID has been negotiated" \
3504 -c "(initial handshake) Use of Connection ID has been negotiated" \
3505 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3506 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3507 -C "(after renegotiation) Use of Connection ID has been negotiated" \
3508 -S "(after renegotiation) Use of Connection ID has been negotiated" \
3509 -s "(after renegotiation) Use of Connection ID was not offered by client"
3515 -p "$P_PXY drop=5 delay=5 duplicate=5 bad_cid=1" \
3519 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3520 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3521 -s "(initial handshake) Use of Connection ID has been negotiated" \
3522 -c "(initial handshake) Use of Connection ID has been negotiated" \
3523 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3524 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3525 -C "(after renegotiation) Use of Connection ID has been negotiated" \
3526 -S "(after renegotiation) Use of Connection ID has been negotiated" \
3527 -s "(after renegotiation) Use of Connection ID was not offered by client" \
3528 -c "ignoring unexpected CID" \
3529 -s "ignoring unexpected CID"
3538 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3539 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3540 -s "(initial handshake) Use of Connection ID has been negotiated" \
3541 -c "(initial handshake) Use of Connection ID has been negotiated" \
3542 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3543 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3544 -C "(after renegotiation) Use of Connection ID has been negotiated" \
3545 -S "(after renegotiation) Use of Connection ID has been negotiated" \
3546 -c "(after renegotiation) Use of Connection ID was rejected by the server"
3552 -p "$P_PXY drop=5 delay=5 duplicate=5 bad_cid=1" \
3556 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3557 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3558 -s "(initial handshake) Use of Connection ID has been negotiated" \
3559 -c "(initial handshake) Use of Connection ID has been negotiated" \
3560 -C "(after renegotiation) Peer CID (length 2 Bytes): de ad" \
3561 -S "(after renegotiation) Peer CID (length 2 Bytes): be ef" \
3562 -C "(after renegotiation) Use of Connection ID has been negotiated" \
3563 -S "(after renegotiation) Use of Connection ID has been negotiated" \
3564 -c "(after renegotiation) Use of Connection ID was rejected by the server" \
3565 -c "ignoring unexpected CID" \
3566 -s "ignoring unexpected CID"
3576 …"$P_CLI force_ciphersuite="TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" max_frag_len=512 dtls=1 cid=1 cid_v…
3578 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3579 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3580 -s "(initial handshake) Use of Connection ID has been negotiated" \
3581 -c "(initial handshake) Use of Connection ID has been negotiated" \
3582 -s "Reallocating in_buf" \
3583 -s "Reallocating out_buf"
3590 …"$P_CLI force_ciphersuite="TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" max_frag_len=1024 dtls=1 cid=1 cid_…
3592 -c "(initial handshake) Peer CID (length 2 Bytes): de ad" \
3593 -s "(initial handshake) Peer CID (length 2 Bytes): be ef" \
3594 -s "(initial handshake) Use of Connection ID has been negotiated" \
3595 -c "(initial handshake) Use of Connection ID has been negotiated" \
3596 -s "Reallocating in_buf" \
3597 -s "Reallocating out_buf"
3599 # Tests for Encrypt-then-MAC extension
3603 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
3606 -c "client hello, adding encrypt_then_mac extension" \
3607 -s "found encrypt then mac extension" \
3608 -s "server hello, adding encrypt then mac extension" \
3609 -c "found encrypt_then_mac extension" \
3610 -c "using encrypt then mac" \
3611 -s "using encrypt then mac"
3615 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
3618 -c "client hello, adding encrypt_then_mac extension" \
3619 -s "found encrypt then mac extension" \
3620 -S "server hello, adding encrypt then mac extension" \
3621 -C "found encrypt_then_mac extension" \
3622 -C "using encrypt then mac" \
3623 -S "using encrypt then mac"
3627 force_ciphersuite=TLS-RSA-WITH-AES-128-GCM-SHA256" \
3630 -c "client hello, adding encrypt_then_mac extension" \
3631 -s "found encrypt then mac extension" \
3632 -S "server hello, adding encrypt then mac extension" \
3633 -C "found encrypt_then_mac extension" \
3634 -C "using encrypt then mac" \
3635 -S "using encrypt then mac"
3639 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
3642 -C "client hello, adding encrypt_then_mac extension" \
3643 -S "found encrypt then mac extension" \
3644 -S "server hello, adding encrypt then mac extension" \
3645 -C "found encrypt_then_mac extension" \
3646 -C "using encrypt then mac" \
3647 -S "using encrypt then mac"
3656 -c "client hello, adding extended_master_secret extension" \
3657 -s "found extended master secret extension" \
3658 -s "server hello, adding extended master secret extension" \
3659 -c "found extended_master_secret extension" \
3660 -c "session hash for extended master secret" \
3661 -s "session hash for extended master secret"
3668 -c "client hello, adding extended_master_secret extension" \
3669 -s "found extended master secret extension" \
3670 -S "server hello, adding extended master secret extension" \
3671 -C "found extended_master_secret extension" \
3672 -C "session hash for extended master secret" \
3673 -S "session hash for extended master secret"
3680 -C "client hello, adding extended_master_secret extension" \
3681 -S "found extended master secret extension" \
3682 -S "server hello, adding extended master secret extension" \
3683 -C "found extended_master_secret extension" \
3684 -C "session hash for extended master secret" \
3685 -S "session hash for extended master secret"
3691 …"$P_CLI auth_mode=none etm=1 request_size=0 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA" \
3693 -S "0000: 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f" \
3694 -s "dumping 'input payload after decrypt' (0 bytes)" \
3695 -c "0 bytes written in 1 fragments"
3702 -s "dumping 'input payload after decrypt' (0 bytes)" \
3703 -c "0 bytes written in 1 fragments"
3707 …_CLI auth_mode=none etm=1 request_size=0 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA dtls…
3709 -S "0000: 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f 0f" \
3710 -s "dumping 'input payload after decrypt' (0 bytes)" \
3711 -c "0 bytes written in 1 fragments"
3718 -s "dumping 'input payload after decrypt' (0 bytes)" \
3719 -c "0 bytes written in 1 fragments"
3721 # Tests for CBC 1/n-1 record splitting
3725 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA \
3728 -s "Read from client: 123 bytes read" \
3729 -S "Read from client: 1 bytes read" \
3730 -S "122 bytes read"
3738 -c "client hello, adding session ticket extension" \
3739 -s "found session ticket extension" \
3740 -s "server hello, adding session ticket extension" \
3741 -c "found session_ticket extension" \
3742 -c "parse new session ticket" \
3743 -S "session successfully restored from cache" \
3744 -s "session successfully restored from ticket" \
3745 -s "a session has been resumed" \
3746 -c "a session has been resumed"
3752 -c "client hello, adding session ticket extension" \
3753 -s "found session ticket extension" \
3754 -s "server hello, adding session ticket extension" \
3755 -c "found session_ticket extension" \
3756 -c "parse new session ticket" \
3757 -S "session successfully restored from cache" \
3758 -s "session successfully restored from ticket" \
3759 -s "a session has been resumed" \
3760 -c "a session has been resumed"
3766 -c "client hello, adding session ticket extension" \
3767 -s "found session ticket extension" \
3768 -s "server hello, adding session ticket extension" \
3769 -c "found session_ticket extension" \
3770 -c "parse new session ticket" \
3771 -S "session successfully restored from cache" \
3772 -s "session successfully restored from ticket" \
3773 -s "a session has been resumed" \
3774 -c "a session has been resumed"
3780 -c "client hello, adding session ticket extension" \
3781 -s "found session ticket extension" \
3782 -s "server hello, adding session ticket extension" \
3783 -c "found session_ticket extension" \
3784 -c "parse new session ticket" \
3785 -S "session successfully restored from cache" \
3786 -S "session successfully restored from ticket" \
3787 -S "a session has been resumed" \
3788 -C "a session has been resumed"
3794 -c "client hello, adding session ticket extension" \
3795 -s "found session ticket extension" \
3796 -s "server hello, adding session ticket extension" \
3797 -c "found session_ticket extension" \
3798 -c "parse new session ticket" \
3799 -S "session successfully restored from cache" \
3800 -s "session successfully restored from ticket" \
3801 -s "a session has been resumed" \
3802 -c "a session has been resumed"
3806 "$O_SRV -tls1_2" \
3809 -c "client hello, adding session ticket extension" \
3810 -c "found session_ticket extension" \
3811 -c "parse new session ticket" \
3812 -c "a session has been resumed"
3817 "( $O_CLI -sess_out $SESSION; \
3818 $O_CLI -sess_in $SESSION; \
3819 rm -f $SESSION )" \
3821 -s "found session ticket extension" \
3822 -s "server hello, adding session ticket extension" \
3823 -S "session successfully restored from cache" \
3824 -s "session successfully restored from ticket" \
3825 -s "a session has been resumed"
3828 run_test "Session resume using tickets: AES-128-GCM" \
3829 "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-128-GCM" \
3832 -c "client hello, adding session ticket extension" \
3833 -s "found session ticket extension" \
3834 -s "server hello, adding session ticket extension" \
3835 -c "found session_ticket extension" \
3836 -c "parse new session ticket" \
3837 -S "session successfully restored from cache" \
3838 -s "session successfully restored from ticket" \
3839 -s "a session has been resumed" \
3840 -c "a session has been resumed"
3843 run_test "Session resume using tickets: AES-192-GCM" \
3844 "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-192-GCM" \
3847 -c "client hello, adding session ticket extension" \
3848 -s "found session ticket extension" \
3849 -s "server hello, adding session ticket extension" \
3850 -c "found session_ticket extension" \
3851 -c "parse new session ticket" \
3852 -S "session successfully restored from cache" \
3853 -s "session successfully restored from ticket" \
3854 -s "a session has been resumed" \
3855 -c "a session has been resumed"
3858 run_test "Session resume using tickets: AES-128-CCM" \
3859 "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-128-CCM" \
3862 -c "client hello, adding session ticket extension" \
3863 -s "found session ticket extension" \
3864 -s "server hello, adding session ticket extension" \
3865 -c "found session_ticket extension" \
3866 -c "parse new session ticket" \
3867 -S "session successfully restored from cache" \
3868 -s "session successfully restored from ticket" \
3869 -s "a session has been resumed" \
3870 -c "a session has been resumed"
3873 run_test "Session resume using tickets: AES-192-CCM" \
3874 "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-192-CCM" \
3877 -c "client hello, adding session ticket extension" \
3878 -s "found session ticket extension" \
3879 -s "server hello, adding session ticket extension" \
3880 -c "found session_ticket extension" \
3881 -c "parse new session ticket" \
3882 -S "session successfully restored from cache" \
3883 -s "session successfully restored from ticket" \
3884 -s "a session has been resumed" \
3885 -c "a session has been resumed"
3888 run_test "Session resume using tickets: AES-256-CCM" \
3889 "$P_SRV debug_level=3 tickets=1 ticket_aead=AES-256-CCM" \
3892 -c "client hello, adding session ticket extension" \
3893 -s "found session ticket extension" \
3894 -s "server hello, adding session ticket extension" \
3895 -c "found session_ticket extension" \
3896 -c "parse new session ticket" \
3897 -S "session successfully restored from cache" \
3898 -s "session successfully restored from ticket" \
3899 -s "a session has been resumed" \
3900 -c "a session has been resumed"
3903 run_test "Session resume using tickets: CAMELLIA-128-CCM" \
3904 "$P_SRV debug_level=3 tickets=1 ticket_aead=CAMELLIA-128-CCM" \
3907 -c "client hello, adding session ticket extension" \
3908 -s "found session ticket extension" \
3909 -s "server hello, adding session ticket extension" \
3910 -c "found session_ticket extension" \
3911 -c "parse new session ticket" \
3912 -S "session successfully restored from cache" \
3913 -s "session successfully restored from ticket" \
3914 -s "a session has been resumed" \
3915 -c "a session has been resumed"
3918 run_test "Session resume using tickets: CAMELLIA-192-CCM" \
3919 "$P_SRV debug_level=3 tickets=1 ticket_aead=CAMELLIA-192-CCM" \
3922 -c "client hello, adding session ticket extension" \
3923 -s "found session ticket extension" \
3924 -s "server hello, adding session ticket extension" \
3925 -c "found session_ticket extension" \
3926 -c "parse new session ticket" \
3927 -S "session successfully restored from cache" \
3928 -s "session successfully restored from ticket" \
3929 -s "a session has been resumed" \
3930 -c "a session has been resumed"
3933 run_test "Session resume using tickets: CAMELLIA-256-CCM" \
3934 "$P_SRV debug_level=3 tickets=1 ticket_aead=CAMELLIA-256-CCM" \
3937 -c "client hello, adding session ticket extension" \
3938 -s "found session ticket extension" \
3939 -s "server hello, adding session ticket extension" \
3940 -c "found session_ticket extension" \
3941 -c "parse new session ticket" \
3942 -S "session successfully restored from cache" \
3943 -s "session successfully restored from ticket" \
3944 -s "a session has been resumed" \
3945 -c "a session has been resumed"
3948 run_test "Session resume using tickets: ARIA-128-GCM" \
3949 "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-128-GCM" \
3952 -c "client hello, adding session ticket extension" \
3953 -s "found session ticket extension" \
3954 -s "server hello, adding session ticket extension" \
3955 -c "found session_ticket extension" \
3956 -c "parse new session ticket" \
3957 -S "session successfully restored from cache" \
3958 -s "session successfully restored from ticket" \
3959 -s "a session has been resumed" \
3960 -c "a session has been resumed"
3963 run_test "Session resume using tickets: ARIA-192-GCM" \
3964 "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-192-GCM" \
3967 -c "client hello, adding session ticket extension" \
3968 -s "found session ticket extension" \
3969 -s "server hello, adding session ticket extension" \
3970 -c "found session_ticket extension" \
3971 -c "parse new session ticket" \
3972 -S "session successfully restored from cache" \
3973 -s "session successfully restored from ticket" \
3974 -s "a session has been resumed" \
3975 -c "a session has been resumed"
3978 run_test "Session resume using tickets: ARIA-256-GCM" \
3979 "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-256-GCM" \
3982 -c "client hello, adding session ticket extension" \
3983 -s "found session ticket extension" \
3984 -s "server hello, adding session ticket extension" \
3985 -c "found session_ticket extension" \
3986 -c "parse new session ticket" \
3987 -S "session successfully restored from cache" \
3988 -s "session successfully restored from ticket" \
3989 -s "a session has been resumed" \
3990 -c "a session has been resumed"
3993 run_test "Session resume using tickets: ARIA-128-CCM" \
3994 "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-128-CCM" \
3997 -c "client hello, adding session ticket extension" \
3998 -s "found session ticket extension" \
3999 -s "server hello, adding session ticket extension" \
4000 -c "found session_ticket extension" \
4001 -c "parse new session ticket" \
4002 -S "session successfully restored from cache" \
4003 -s "session successfully restored from ticket" \
4004 -s "a session has been resumed" \
4005 -c "a session has been resumed"
4008 run_test "Session resume using tickets: ARIA-192-CCM" \
4009 "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-192-CCM" \
4012 -c "client hello, adding session ticket extension" \
4013 -s "found session ticket extension" \
4014 -s "server hello, adding session ticket extension" \
4015 -c "found session_ticket extension" \
4016 -c "parse new session ticket" \
4017 -S "session successfully restored from cache" \
4018 -s "session successfully restored from ticket" \
4019 -s "a session has been resumed" \
4020 -c "a session has been resumed"
4023 run_test "Session resume using tickets: ARIA-256-CCM" \
4024 "$P_SRV debug_level=3 tickets=1 ticket_aead=ARIA-256-CCM" \
4027 -c "client hello, adding session ticket extension" \
4028 -s "found session ticket extension" \
4029 -s "server hello, adding session ticket extension" \
4030 -c "found session_ticket extension" \
4031 -c "parse new session ticket" \
4032 -S "session successfully restored from cache" \
4033 -s "session successfully restored from ticket" \
4034 -s "a session has been resumed" \
4035 -c "a session has been resumed"
4038 run_test "Session resume using tickets: CHACHA20-POLY1305" \
4039 "$P_SRV debug_level=3 tickets=1 ticket_aead=CHACHA20-POLY1305" \
4042 -c "client hello, adding session ticket extension" \
4043 -s "found session ticket extension" \
4044 -s "server hello, adding session ticket extension" \
4045 -c "found session_ticket extension" \
4046 -c "parse new session ticket" \
4047 -S "session successfully restored from cache" \
4048 -s "session successfully restored from ticket" \
4049 -s "a session has been resumed" \
4050 -c "a session has been resumed"
4059 -c "client hello, adding session ticket extension" \
4060 -s "found session ticket extension" \
4061 -s "server hello, adding session ticket extension" \
4062 -c "found session_ticket extension" \
4063 -c "parse new session ticket" \
4064 -S "session successfully restored from cache" \
4065 -s "session successfully restored from ticket" \
4066 -s "a session has been resumed" \
4067 -c "a session has been resumed"
4074 -c "client hello, adding session ticket extension" \
4075 -s "found session ticket extension" \
4076 -s "server hello, adding session ticket extension" \
4077 -c "found session_ticket extension" \
4078 -c "parse new session ticket" \
4079 -S "session successfully restored from cache" \
4080 -s "session successfully restored from ticket" \
4081 -s "a session has been resumed" \
4082 -c "a session has been resumed"
4089 -c "client hello, adding session ticket extension" \
4090 -s "found session ticket extension" \
4091 -s "server hello, adding session ticket extension" \
4092 -c "found session_ticket extension" \
4093 -c "parse new session ticket" \
4094 -S "session successfully restored from cache" \
4095 -S "session successfully restored from ticket" \
4096 -S "a session has been resumed" \
4097 -C "a session has been resumed"
4104 -c "client hello, adding session ticket extension" \
4105 -s "found session ticket extension" \
4106 -s "server hello, adding session ticket extension" \
4107 -c "found session_ticket extension" \
4108 -c "parse new session ticket" \
4109 -S "session successfully restored from cache" \
4110 -s "session successfully restored from ticket" \
4111 -s "a session has been resumed" \
4112 -c "a session has been resumed"
4116 "$O_SRV -dtls" \
4119 -c "client hello, adding session ticket extension" \
4120 -c "found session_ticket extension" \
4121 -c "parse new session ticket" \
4122 -c "a session has been resumed"
4130 "( $O_NEXT_CLI -dtls -sess_out $SESSION; \
4131 $O_NEXT_CLI -dtls -sess_in $SESSION; \
4132 rm -f $SESSION )" \
4134 -s "found session ticket extension" \
4135 -s "server hello, adding session ticket extension" \
4136 -S "session successfully restored from cache" \
4137 -s "session successfully restored from ticket" \
4138 -s "a session has been resumed"
4140 # Tests for Session Resume based on session-ID and cache
4147 -c "client hello, adding session ticket extension" \
4148 -s "found session ticket extension" \
4149 -S "server hello, adding session ticket extension" \
4150 -C "found session_ticket extension" \
4151 -C "parse new session ticket" \
4152 -s "session successfully restored from cache" \
4153 -S "session successfully restored from ticket" \
4154 -s "a session has been resumed" \
4155 -c "a session has been resumed"
4162 -C "client hello, adding session ticket extension" \
4163 -S "found session ticket extension" \
4164 -S "server hello, adding session ticket extension" \
4165 -C "found session_ticket extension" \
4166 -C "parse new session ticket" \
4167 -s "session successfully restored from cache" \
4168 -S "session successfully restored from ticket" \
4169 -s "a session has been resumed" \
4170 -c "a session has been resumed"
4177 -S "session successfully restored from cache" \
4178 -S "session successfully restored from ticket" \
4179 -S "a session has been resumed" \
4180 -C "a session has been resumed"
4187 -s "session successfully restored from cache" \
4188 -S "session successfully restored from ticket" \
4189 -s "a session has been resumed" \
4190 -c "a session has been resumed"
4197 -C "client hello, adding session ticket extension" \
4198 -S "found session ticket extension" \
4199 -S "server hello, adding session ticket extension" \
4200 -C "found session_ticket extension" \
4201 -C "parse new session ticket" \
4202 -S "session successfully restored from cache" \
4203 -S "session successfully restored from ticket" \
4204 -S "a session has been resumed" \
4205 -C "a session has been resumed"
4213 -s "session successfully restored from cache" \
4214 -S "session successfully restored from ticket" \
4215 -s "a session has been resumed" \
4216 -c "a session has been resumed"
4223 -S "session successfully restored from cache" \
4224 -S "session successfully restored from ticket" \
4225 -S "a session has been resumed" \
4226 -C "a session has been resumed"
4233 -s "session successfully restored from cache" \
4234 -S "session successfully restored from ticket" \
4235 -s "a session has been resumed" \
4236 -c "a session has been resumed"
4243 -s "session successfully restored from cache" \
4244 -S "session successfully restored from ticket" \
4245 -s "a session has been resumed" \
4246 -c "a session has been resumed"
4251 "( $O_CLI -sess_out $SESSION; \
4252 $O_CLI -sess_in $SESSION; \
4253 rm -f $SESSION )" \
4255 -s "found session ticket extension" \
4256 -S "server hello, adding session ticket extension" \
4257 -s "session successfully restored from cache" \
4258 -S "session successfully restored from ticket" \
4259 -s "a session has been resumed"
4264 "$O_SRV -tls1_2" \
4267 -C "found session_ticket extension" \
4268 -C "parse new session ticket" \
4269 -c "a session has been resumed"
4279 -c "Enable use of CID extension." \
4280 -s "Enable use of CID extension." \
4281 -c "client hello, adding CID extension" \
4282 -s "found CID extension" \
4283 -s "Use of CID extension negotiated" \
4284 -s "server hello, adding CID extension" \
4285 -c "found CID extension" \
4286 -c "Use of CID extension negotiated" \
4287 -s "Copy CIDs into SSL transform" \
4288 -c "Copy CIDs into SSL transform" \
4289 -c "Peer CID (length 2 Bytes): de ad" \
4290 -s "Peer CID (length 2 Bytes): be ef" \
4291 -s "Use of Connection ID has been negotiated" \
4292 -c "Use of Connection ID has been negotiated"
4294 # Tests for Session Resume based on session-ID and cache, DTLS
4302 -c "client hello, adding session ticket extension" \
4303 -s "found session ticket extension" \
4304 -S "server hello, adding session ticket extension" \
4305 -C "found session_ticket extension" \
4306 -C "parse new session ticket" \
4307 -s "session successfully restored from cache" \
4308 -S "session successfully restored from ticket" \
4309 -s "a session has been resumed" \
4310 -c "a session has been resumed"
4318 -C "client hello, adding session ticket extension" \
4319 -S "found session ticket extension" \
4320 -S "server hello, adding session ticket extension" \
4321 -C "found session_ticket extension" \
4322 -C "parse new session ticket" \
4323 -s "session successfully restored from cache" \
4324 -S "session successfully restored from ticket" \
4325 -s "a session has been resumed" \
4326 -c "a session has been resumed"
4334 -S "session successfully restored from cache" \
4335 -S "session successfully restored from ticket" \
4336 -S "a session has been resumed" \
4337 -C "a session has been resumed"
4345 -s "session successfully restored from cache" \
4346 -S "session successfully restored from ticket" \
4347 -s "a session has been resumed" \
4348 -c "a session has been resumed"
4356 -s "session successfully restored from cache" \
4357 -S "session successfully restored from ticket" \
4358 -s "a session has been resumed" \
4359 -c "a session has been resumed"
4367 -S "session successfully restored from cache" \
4368 -S "session successfully restored from ticket" \
4369 -S "a session has been resumed" \
4370 -C "a session has been resumed"
4378 -s "session successfully restored from cache" \
4379 -S "session successfully restored from ticket" \
4380 -s "a session has been resumed" \
4381 -c "a session has been resumed"
4389 -s "session successfully restored from cache" \
4390 -S "session successfully restored from ticket" \
4391 -s "a session has been resumed" \
4392 -c "a session has been resumed"
4401 "( $O_NEXT_CLI -dtls -sess_out $SESSION; \
4402 $O_NEXT_CLI -dtls -sess_in $SESSION; \
4403 rm -f $SESSION )" \
4405 -s "found session ticket extension" \
4406 -S "server hello, adding session ticket extension" \
4407 -s "session successfully restored from cache" \
4408 -S "session successfully restored from ticket" \
4409 -s "a session has been resumed"
4414 "$O_SRV -dtls" \
4417 -C "found session_ticket extension" \
4418 -C "parse new session ticket" \
4419 -c "a session has been resumed"
4429 -c "Maximum incoming record payload length is $MAX_CONTENT_LEN" \
4430 -c "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \
4431 -s "Maximum incoming record payload length is $MAX_CONTENT_LEN" \
4432 -s "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \
4433 -C "client hello, adding max_fragment_length extension" \
4434 -S "found max fragment length extension" \
4435 -S "server hello, max_fragment_length extension" \
4436 -C "found max_fragment_length extension"
4444 -c "Maximum incoming record payload length is $MAX_CONTENT_LEN" \
4445 -c "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \
4446 -s "Maximum incoming record payload length is $MAX_CONTENT_LEN" \
4447 -s "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \
4448 -C "client hello, adding max_fragment_length extension" \
4449 -S "found max fragment length extension" \
4450 -S "server hello, max_fragment_length extension" \
4451 -C "found max_fragment_length extension" \
4452 -c "$(( $MAX_CONTENT_LEN + 1)) bytes written in 2 fragments" \
4453 -s "$MAX_CONTENT_LEN bytes read" \
4454 -s "1 bytes read"
4462 -c "Maximum incoming record payload length is $MAX_CONTENT_LEN" \
4463 -c "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \
4464 -s "Maximum incoming record payload length is $MAX_CONTENT_LEN" \
4465 -s "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \
4466 -C "client hello, adding max_fragment_length extension" \
4467 -S "found max fragment length extension" \
4468 -S "server hello, max_fragment_length extension" \
4469 -C "found max_fragment_length extension" \
4470 -c "fragment larger than.*maximum "
4482 -C "Maximum incoming record payload length is 16384" \
4483 -C "Maximum outgoing record payload length is 16384" \
4484 -S "Maximum incoming record payload length is 16384" \
4485 -S "Maximum outgoing record payload length is 16384" \
4486 -c "$(( $MAX_CONTENT_LEN + 1)) bytes written in 2 fragments" \
4487 -s "$MAX_CONTENT_LEN bytes read" \
4488 -s "1 bytes read"
4496 -C "Maximum incoming record payload length is 16384" \
4497 -C "Maximum outgoing record payload length is 16384" \
4498 -S "Maximum incoming record payload length is 16384" \
4499 -S "Maximum outgoing record payload length is 16384" \
4500 -c "fragment larger than.*maximum "
4508 -c "Maximum incoming record payload length is 4096" \
4509 -c "Maximum outgoing record payload length is 4096" \
4510 -s "Maximum incoming record payload length is 4096" \
4511 -s "Maximum outgoing record payload length is 4096" \
4512 -c "client hello, adding max_fragment_length extension" \
4513 -s "found max fragment length extension" \
4514 -s "server hello, max_fragment_length extension" \
4515 -c "found max_fragment_length extension"
4523 -c "Maximum incoming record payload length is 512" \
4524 -c "Maximum outgoing record payload length is 512" \
4525 -s "Maximum incoming record payload length is 512" \
4526 -s "Maximum outgoing record payload length is 512" \
4527 -c "client hello, adding max_fragment_length extension" \
4528 -s "found max fragment length extension" \
4529 -s "server hello, max_fragment_length extension" \
4530 -c "found max_fragment_length extension"
4538 -c "Maximum incoming record payload length is 512" \
4539 -c "Maximum outgoing record payload length is 512" \
4540 -s "Maximum incoming record payload length is 512" \
4541 -s "Maximum outgoing record payload length is 512" \
4542 -c "client hello, adding max_fragment_length extension" \
4543 -s "found max fragment length extension" \
4544 -s "server hello, max_fragment_length extension" \
4545 -c "found max_fragment_length extension"
4553 -c "Maximum incoming record payload length is 512" \
4554 -c "Maximum outgoing record payload length is 512" \
4555 -s "Maximum incoming record payload length is 512" \
4556 -s "Maximum outgoing record payload length is 512" \
4557 -c "client hello, adding max_fragment_length extension" \
4558 -s "found max fragment length extension" \
4559 -s "server hello, max_fragment_length extension" \
4560 -c "found max_fragment_length extension"
4568 -c "Maximum incoming record payload length is 1024" \
4569 -c "Maximum outgoing record payload length is 1024" \
4570 -s "Maximum incoming record payload length is 1024" \
4571 -s "Maximum outgoing record payload length is 512" \
4572 -c "client hello, adding max_fragment_length extension" \
4573 -s "found max fragment length extension" \
4574 -s "server hello, max_fragment_length extension" \
4575 -c "found max_fragment_length extension"
4583 -c "Maximum incoming record payload length is 1024" \
4584 -c "Maximum outgoing record payload length is 1024" \
4585 -s "Maximum incoming record payload length is 1024" \
4586 -s "Maximum outgoing record payload length is 1024" \
4587 -c "client hello, adding max_fragment_length extension" \
4588 -s "found max fragment length extension" \
4589 -s "server hello, max_fragment_length extension" \
4590 -c "found max_fragment_length extension"
4598 -c "Maximum incoming record payload length is 1024" \
4599 -c "Maximum outgoing record payload length is 1024" \
4600 -s "Maximum incoming record payload length is 1024" \
4601 -s "Maximum outgoing record payload length is 1024" \
4602 -c "client hello, adding max_fragment_length extension" \
4603 -s "found max fragment length extension" \
4604 -s "server hello, max_fragment_length extension" \
4605 -c "found max_fragment_length extension"
4613 -c "Maximum incoming record payload length is 2048" \
4614 -c "Maximum outgoing record payload length is 2048" \
4615 -s "Maximum incoming record payload length is 2048" \
4616 -s "Maximum outgoing record payload length is 512" \
4617 -c "client hello, adding max_fragment_length extension" \
4618 -s "found max fragment length extension" \
4619 -s "server hello, max_fragment_length extension" \
4620 -c "found max_fragment_length extension"
4628 -c "Maximum incoming record payload length is 2048" \
4629 -c "Maximum outgoing record payload length is 2048" \
4630 -s "Maximum incoming record payload length is 2048" \
4631 -s "Maximum outgoing record payload length is 1024" \
4632 -c "client hello, adding max_fragment_length extension" \
4633 -s "found max fragment length extension" \
4634 -s "server hello, max_fragment_length extension" \
4635 -c "found max_fragment_length extension"
4643 -c "Maximum incoming record payload length is 2048" \
4644 -c "Maximum outgoing record payload length is 2048" \
4645 -s "Maximum incoming record payload length is 2048" \
4646 -s "Maximum outgoing record payload length is 2048" \
4647 -c "client hello, adding max_fragment_length extension" \
4648 -s "found max fragment length extension" \
4649 -s "server hello, max_fragment_length extension" \
4650 -c "found max_fragment_length extension"
4658 -c "Maximum incoming record payload length is 4096" \
4659 -c "Maximum outgoing record payload length is 4096" \
4660 -s "Maximum incoming record payload length is 4096" \
4661 -s "Maximum outgoing record payload length is 512" \
4662 -c "client hello, adding max_fragment_length extension" \
4663 -s "found max fragment length extension" \
4664 -s "server hello, max_fragment_length extension" \
4665 -c "found max_fragment_length extension"
4673 -c "Maximum incoming record payload length is 4096" \
4674 -c "Maximum outgoing record payload length is 4096" \
4675 -s "Maximum incoming record payload length is 4096" \
4676 -s "Maximum outgoing record payload length is 1024" \
4677 -c "client hello, adding max_fragment_length extension" \
4678 -s "found max fragment length extension" \
4679 -s "server hello, max_fragment_length extension" \
4680 -c "found max_fragment_length extension"
4688 -c "Maximum incoming record payload length is 4096" \
4689 -c "Maximum outgoing record payload length is 4096" \
4690 -s "Maximum incoming record payload length is 4096" \
4691 -s "Maximum outgoing record payload length is 2048" \
4692 -c "client hello, adding max_fragment_length extension" \
4693 -s "found max fragment length extension" \
4694 -s "server hello, max_fragment_length extension" \
4695 -c "found max_fragment_length extension"
4703 -c "Maximum incoming record payload length is $MAX_CONTENT_LEN" \
4704 -c "Maximum outgoing record payload length is $MAX_CONTENT_LEN" \
4705 -s "Maximum incoming record payload length is $MAX_CONTENT_LEN" \
4706 -s "Maximum outgoing record payload length is 4096" \
4707 -C "client hello, adding max_fragment_length extension" \
4708 -S "found max fragment length extension" \
4709 -S "server hello, max_fragment_length extension" \
4710 -C "found max_fragment_length extension"
4717 "$G_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2" \
4720 -c "Maximum incoming record payload length is 4096" \
4721 -c "Maximum outgoing record payload length is 4096" \
4722 -c "client hello, adding max_fragment_length extension" \
4723 -c "found max_fragment_length extension"
4731 -c "Maximum incoming record payload length is 2048" \
4732 -c "Maximum outgoing record payload length is 2048" \
4733 -s "Maximum incoming record payload length is 2048" \
4734 -s "Maximum outgoing record payload length is 2048" \
4735 -c "client hello, adding max_fragment_length extension" \
4736 -s "found max fragment length extension" \
4737 -s "server hello, max_fragment_length extension" \
4738 -c "found max_fragment_length extension" \
4739 -c "2048 bytes written in 1 fragments" \
4740 -s "2048 bytes read"
4748 -c "Maximum incoming record payload length is 2048" \
4749 -c "Maximum outgoing record payload length is 2048" \
4750 -s "Maximum incoming record payload length is 2048" \
4751 -s "Maximum outgoing record payload length is 2048" \
4752 -c "client hello, adding max_fragment_length extension" \
4753 -s "found max fragment length extension" \
4754 -s "server hello, max_fragment_length extension" \
4755 -c "found max_fragment_length extension" \
4756 -c "2345 bytes written in 2 fragments" \
4757 -s "2048 bytes read" \
4758 -s "297 bytes read"
4767 -c "Maximum incoming record payload length is 2048" \
4768 -c "Maximum outgoing record payload length is 2048" \
4769 -s "Maximum incoming record payload length is 2048" \
4770 -s "Maximum outgoing record payload length is 2048" \
4771 -c "client hello, adding max_fragment_length extension" \
4772 -s "found max fragment length extension" \
4773 -s "server hello, max_fragment_length extension" \
4774 -c "found max_fragment_length extension" \
4775 -c "fragment larger than.*maximum"
4784 run_test "Record Size Limit: TLS 1.3: Server-side parsing and debug output" \
4786 "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4" \
4788 -s "RecordSizeLimit: 16385 Bytes" \
4789 -s "ClientHello: record_size_limit(28) extension exists." \
4790 -s "Maximum outgoing record payload length is 16383" \
4791 -s "bytes written in 1 fragments"
4798 run_test "Record Size Limit: TLS 1.3: Client-side parsing and debug output" \
4799 … "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL --disable-client-cert -d 4" \
4802 -c "Sent RecordSizeLimit: 16384 Bytes" \
4803 -c "ClientHello: record_size_limit(28) extension exists." \
4804 -c "EncryptedExtensions: record_size_limit(28) extension received." \
4805 -c "RecordSizeLimit: 16385 Bytes" \
4807 # In the following tests, --recordsize is the value used by the G_NEXT_CLI (3.7.2) to configure the
4809 # (https://gnutls.org/reference/gnutls-gnutls.html#gnutls-record-set-max-size).
4813 # (https://gnutls.org/reference/gnutls-gnutls.html#gnutls-record-set-max-recv-size).
4815 # https://gitlab.com/gnutls/gnutls/-/blob/3.7.2/src/cli-args.def#L395.
4816 # Thus, these tests are currently limited to the value range 512-4096.
4819 # https://gitlab.com/gnutls/gnutls/-/blob/3.7.2/lib/ext/record_size_limit.c#L142
4834 "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK --recordsize 512 \
4835 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70" \
4837 -s "RecordSizeLimit: 513 Bytes" \
4838 -s "ClientHello: record_size_limit(28) extension exists." \
4839 -s "Sent RecordSizeLimit: 16384 Bytes" \
4840 -s "EncryptedExtensions: record_size_limit(28) extension exists." \
4841 -s "Maximum outgoing record payload length is 511" \
4842 -s "256 bytes written in 1 fragments"
4853 "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK --recordsize 512 \
4854 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70" \
4856 -s "RecordSizeLimit: 513 Bytes" \
4857 -s "ClientHello: record_size_limit(28) extension exists." \
4858 -s "Sent RecordSizeLimit: 16384 Bytes" \
4859 -s "EncryptedExtensions: record_size_limit(28) extension exists." \
4860 -s "Maximum outgoing record payload length is 511" \
4861 -s "768 bytes written in 2 fragments"
4872 "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+PSK --recordsize 512 \
4873 --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70" \
4875 -s "RecordSizeLimit: 513 Bytes" \
4876 -s "ClientHello: record_size_limit(28) extension exists." \
4877 -s "Sent RecordSizeLimit: 16384 Bytes" \
4878 -s "EncryptedExtensions: record_size_limit(28) extension exists." \
4879 -s "Maximum outgoing record payload length is 511" \
4880 -s "1280 bytes written in 3 fragments"
4889 … "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 1023" \
4891 -s "RecordSizeLimit: 1024 Bytes" \
4892 -s "ClientHello: record_size_limit(28) extension exists." \
4893 -s "Sent RecordSizeLimit: 16384 Bytes" \
4894 -s "EncryptedExtensions: record_size_limit(28) extension exists." \
4895 -s "Maximum outgoing record payload length is 1023" \
4896 -s "512 bytes written in 1 fragments"
4905 … "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 1023" \
4907 -s "RecordSizeLimit: 1024 Bytes" \
4908 -s "ClientHello: record_size_limit(28) extension exists." \
4909 -s "Sent RecordSizeLimit: 16384 Bytes" \
4910 -s "EncryptedExtensions: record_size_limit(28) extension exists." \
4911 -s "Maximum outgoing record payload length is 1023" \
4912 -s "1536 bytes written in 2 fragments"
4921 … "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 1023" \
4923 -s "RecordSizeLimit: 1024 Bytes" \
4924 -s "ClientHello: record_size_limit(28) extension exists." \
4925 -s "Sent RecordSizeLimit: 16384 Bytes" \
4926 -s "EncryptedExtensions: record_size_limit(28) extension exists." \
4927 -s "Maximum outgoing record payload length is 1023" \
4928 -s "2560 bytes written in 3 fragments"
4937 … "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 4095" \
4939 -s "RecordSizeLimit: 4096 Bytes" \
4940 -s "ClientHello: record_size_limit(28) extension exists." \
4941 -s "Sent RecordSizeLimit: 16384 Bytes" \
4942 -s "EncryptedExtensions: record_size_limit(28) extension exists." \
4943 -s "Maximum outgoing record payload length is 4095" \
4944 -s "2048 bytes written in 1 fragments"
4953 … "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 4095" \
4955 -s "RecordSizeLimit: 4096 Bytes" \
4956 -s "ClientHello: record_size_limit(28) extension exists." \
4957 -s "Sent RecordSizeLimit: 16384 Bytes" \
4958 -s "EncryptedExtensions: record_size_limit(28) extension exists." \
4959 -s "Maximum outgoing record payload length is 4095" \
4960 -s "6144 bytes written in 2 fragments"
4969 … "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3 -V -d 4 --recordsize 4095" \
4971 -s "RecordSizeLimit: 4096 Bytes" \
4972 -s "ClientHello: record_size_limit(28) extension exists." \
4973 -s "Sent RecordSizeLimit: 16384 Bytes" \
4974 -s "EncryptedExtensions: record_size_limit(28) extension exists." \
4975 -s "Maximum outgoing record payload length is 4095" \
4976 -s "10240 bytes written in 3 fragments"
4984 …"$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --disable-client-cert --rec…
4987 -c "Sent RecordSizeLimit: 16384 Bytes" \
4988 -c "ClientHello: record_size_limit(28) extension exists." \
4989 -c "RecordSizeLimit: 513 Bytes" \
4990 -c "EncryptedExtensions: record_size_limit(28) extension exists." \
4991 -c "Maximum outgoing record payload length is 511" \
4992 -c "256 bytes written in 1 fragments"
5000 …"$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --disable-client-cert --rec…
5003 -c "Sent RecordSizeLimit: 16384 Bytes" \
5004 -c "ClientHello: record_size_limit(28) extension exists." \
5005 -c "RecordSizeLimit: 513 Bytes" \
5006 -c "EncryptedExtensions: record_size_limit(28) extension exists." \
5007 -c "Maximum outgoing record payload length is 511" \
5008 -c "768 bytes written in 2 fragments"
5016 …"$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --disable-client-cert --rec…
5019 -c "Sent RecordSizeLimit: 16384 Bytes" \
5020 -c "ClientHello: record_size_limit(28) extension exists." \
5021 -c "RecordSizeLimit: 513 Bytes" \
5022 -c "EncryptedExtensions: record_size_limit(28) extension exists." \
5023 -c "Maximum outgoing record payload length is 511" \
5024 -c "1280 bytes written in 3 fragments"
5032 … "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --recordsize 1023" \
5035 -c "Sent RecordSizeLimit: 16384 Bytes" \
5036 -c "ClientHello: record_size_limit(28) extension exists." \
5037 -c "RecordSizeLimit: 1024 Bytes" \
5038 -c "EncryptedExtensions: record_size_limit(28) extension exists." \
5039 -c "Maximum outgoing record payload length is 1023" \
5040 -c "512 bytes written in 1 fragments"
5048 … "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --recordsize 1023" \
5051 -c "Sent RecordSizeLimit: 16384 Bytes" \
5052 -c "ClientHello: record_size_limit(28) extension exists." \
5053 -c "RecordSizeLimit: 1024 Bytes" \
5054 -c "EncryptedExtensions: record_size_limit(28) extension exists." \
5055 -c "Maximum outgoing record payload length is 1023" \
5056 -c "1536 bytes written in 2 fragments"
5064 … "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --recordsize 1023" \
5067 -c "Sent RecordSizeLimit: 16384 Bytes" \
5068 -c "ClientHello: record_size_limit(28) extension exists." \
5069 -c "RecordSizeLimit: 1024 Bytes" \
5070 -c "EncryptedExtensions: record_size_limit(28) extension exists." \
5071 -c "Maximum outgoing record payload length is 1023" \
5072 -c "2560 bytes written in 3 fragments"
5080 … "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --recordsize 4095" \
5083 -c "Sent RecordSizeLimit: 16384 Bytes" \
5084 -c "ClientHello: record_size_limit(28) extension exists." \
5085 -c "RecordSizeLimit: 4096 Bytes" \
5086 -c "EncryptedExtensions: record_size_limit(28) extension exists." \
5087 -c "Maximum outgoing record payload length is 4095" \
5088 -c "2048 bytes written in 1 fragments"
5096 … "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --recordsize 4095" \
5099 -c "Sent RecordSizeLimit: 16384 Bytes" \
5100 -c "ClientHello: record_size_limit(28) extension exists." \
5101 -c "RecordSizeLimit: 4096 Bytes" \
5102 -c "EncryptedExtensions: record_size_limit(28) extension exists." \
5103 -c "Maximum outgoing record payload length is 4095" \
5104 -c "6144 bytes written in 2 fragments"
5112 … "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL -d 4 --recordsize 4095" \
5115 -c "Sent RecordSizeLimit: 16384 Bytes" \
5116 -c "ClientHello: record_size_limit(28) extension exists." \
5117 -c "RecordSizeLimit: 4096 Bytes" \
5118 -c "EncryptedExtensions: record_size_limit(28) extension exists." \
5119 -c "Maximum outgoing record payload length is 4095" \
5120 -c "10240 bytes written in 3 fragments"
5129 run_test "Record Size Limit: TLS 1.3 m->m: both peer comply with record size limit (default)" \
5133 -c "Sent RecordSizeLimit: $MAX_IN_LEN Bytes" \
5134 -c "RecordSizeLimit: $MAX_IN_LEN Bytes" \
5135 -s "RecordSizeLimit: $MAX_IN_LEN Bytes" \
5136 -s "Sent RecordSizeLimit: $MAX_IN_LEN Bytes" \
5137 -s "Maximum outgoing record payload length is 16383" \
5138 -s "Maximum incoming record payload length is 16384"
5153 -C "client hello, adding renegotiation extension" \
5154 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5155 -S "found renegotiation extension" \
5156 -s "server hello, secure renegotiation extension" \
5157 -c "found renegotiation extension" \
5158 -C "=> renegotiate" \
5159 -S "=> renegotiate" \
5160 -S "write hello request"
5163 run_test "Renegotiation: client-initiated" \
5167 -c "client hello, adding renegotiation extension" \
5168 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5169 -s "found renegotiation extension" \
5170 -s "server hello, secure renegotiation extension" \
5171 -c "found renegotiation extension" \
5172 -c "=> renegotiate" \
5173 -s "=> renegotiate" \
5174 -S "write hello request"
5177 run_test "Renegotiation: server-initiated" \
5181 -c "client hello, adding renegotiation extension" \
5182 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5183 -s "found renegotiation extension" \
5184 -s "server hello, secure renegotiation extension" \
5185 -c "found renegotiation extension" \
5186 -c "=> renegotiate" \
5187 -s "=> renegotiate" \
5188 -s "write hello request"
5190 # Checks that no Signature Algorithm with SHA-1 gets negotiated. Negotiating SHA-1 would mean that
5192 # algorithm stronger than SHA-1 is enabled in mbedtls_config.h
5194 run_test "Renegotiation: Signature Algorithms parsing, client-initiated" \
5198 -c "client hello, adding renegotiation extension" \
5199 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5200 -s "found renegotiation extension" \
5201 -s "server hello, secure renegotiation extension" \
5202 -c "found renegotiation extension" \
5203 -c "=> renegotiate" \
5204 -s "=> renegotiate" \
5205 -S "write hello request" \
5206 -S "client hello v3, signature_algorithm ext: 2" # Is SHA-1 negotiated?
5208 # Checks that no Signature Algorithm with SHA-1 gets negotiated. Negotiating SHA-1 would mean that
5210 # algorithm stronger than SHA-1 is enabled in mbedtls_config.h
5212 run_test "Renegotiation: Signature Algorithms parsing, server-initiated" \
5216 -c "client hello, adding renegotiation extension" \
5217 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5218 -s "found renegotiation extension" \
5219 -s "server hello, secure renegotiation extension" \
5220 -c "found renegotiation extension" \
5221 -c "=> renegotiate" \
5222 -s "=> renegotiate" \
5223 -s "write hello request" \
5224 -S "client hello v3, signature_algorithm ext: 2" # Is SHA-1 negotiated?
5231 -c "client hello, adding renegotiation extension" \
5232 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5233 -s "found renegotiation extension" \
5234 -s "server hello, secure renegotiation extension" \
5235 -c "found renegotiation extension" \
5236 -c "=> renegotiate" \
5237 -s "=> renegotiate" \
5238 -s "write hello request"
5245 …gotiation=1 renegotiate=1 max_frag_len=2048 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
5247 -c "Maximum incoming record payload length is 2048" \
5248 -c "Maximum outgoing record payload length is 2048" \
5249 -s "Maximum incoming record payload length is 2048" \
5250 -s "Maximum outgoing record payload length is 512" \
5251 -c "client hello, adding max_fragment_length extension" \
5252 -s "found max fragment length extension" \
5253 -s "server hello, max_fragment_length extension" \
5254 -c "found max_fragment_length extension" \
5255 -c "client hello, adding renegotiation extension" \
5256 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5257 -s "found renegotiation extension" \
5258 -s "server hello, secure renegotiation extension" \
5259 -c "found renegotiation extension" \
5260 -c "=> renegotiate" \
5261 -s "=> renegotiate" \
5262 -s "write hello request"
5265 run_test "Renegotiation: client-initiated, server-rejected" \
5269 -c "client hello, adding renegotiation extension" \
5270 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5271 -S "found renegotiation extension" \
5272 -s "server hello, secure renegotiation extension" \
5273 -c "found renegotiation extension" \
5274 -c "=> renegotiate" \
5275 -S "=> renegotiate" \
5276 -S "write hello request" \
5277 -c "SSL - Unexpected message at ServerHello in renegotiation" \
5278 -c "failed"
5281 run_test "Renegotiation: server-initiated, client-rejected, default" \
5285 -C "client hello, adding renegotiation extension" \
5286 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5287 -S "found renegotiation extension" \
5288 -s "server hello, secure renegotiation extension" \
5289 -c "found renegotiation extension" \
5290 -C "=> renegotiate" \
5291 -S "=> renegotiate" \
5292 -s "write hello request" \
5293 -S "SSL - An unexpected message was received from our peer" \
5294 -S "failed"
5297 run_test "Renegotiation: server-initiated, client-rejected, not enforced" \
5299 renego_delay=-1 auth_mode=optional" \
5302 -C "client hello, adding renegotiation extension" \
5303 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5304 -S "found renegotiation extension" \
5305 -s "server hello, secure renegotiation extension" \
5306 -c "found renegotiation extension" \
5307 -C "=> renegotiate" \
5308 -S "=> renegotiate" \
5309 -s "write hello request" \
5310 -S "SSL - An unexpected message was received from our peer" \
5311 -S "failed"
5315 run_test "Renegotiation: server-initiated, client-rejected, delay 2" \
5320 -C "client hello, adding renegotiation extension" \
5321 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5322 -S "found renegotiation extension" \
5323 -s "server hello, secure renegotiation extension" \
5324 -c "found renegotiation extension" \
5325 -C "=> renegotiate" \
5326 -S "=> renegotiate" \
5327 -s "write hello request" \
5328 -S "SSL - An unexpected message was received from our peer" \
5329 -S "failed"
5332 run_test "Renegotiation: server-initiated, client-rejected, delay 0" \
5337 -C "client hello, adding renegotiation extension" \
5338 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5339 -S "found renegotiation extension" \
5340 -s "server hello, secure renegotiation extension" \
5341 -c "found renegotiation extension" \
5342 -C "=> renegotiate" \
5343 -S "=> renegotiate" \
5344 -s "write hello request" \
5345 -s "SSL - An unexpected message was received from our peer"
5348 run_test "Renegotiation: server-initiated, client-accepted, delay 0" \
5353 -c "client hello, adding renegotiation extension" \
5354 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5355 -s "found renegotiation extension" \
5356 -s "server hello, secure renegotiation extension" \
5357 -c "found renegotiation extension" \
5358 -c "=> renegotiate" \
5359 -s "=> renegotiate" \
5360 -s "write hello request" \
5361 -S "SSL - An unexpected message was received from our peer" \
5362 -S "failed"
5369 -C "client hello, adding renegotiation extension" \
5370 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5371 -S "found renegotiation extension" \
5372 -s "server hello, secure renegotiation extension" \
5373 -c "found renegotiation extension" \
5374 -S "record counter limit reached: renegotiate" \
5375 -C "=> renegotiate" \
5376 -S "=> renegotiate" \
5377 -S "write hello request" \
5378 -S "SSL - An unexpected message was received from our peer" \
5379 -S "failed"
5387 -c "client hello, adding renegotiation extension" \
5388 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5389 -s "found renegotiation extension" \
5390 -s "server hello, secure renegotiation extension" \
5391 -c "found renegotiation extension" \
5392 -s "record counter limit reached: renegotiate" \
5393 -c "=> renegotiate" \
5394 -s "=> renegotiate" \
5395 -s "write hello request" \
5396 -S "SSL - An unexpected message was received from our peer" \
5397 -S "failed"
5404 -c "client hello, adding renegotiation extension" \
5405 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5406 -s "found renegotiation extension" \
5407 -s "server hello, secure renegotiation extension" \
5408 -c "found renegotiation extension" \
5409 -s "record counter limit reached: renegotiate" \
5410 -c "=> renegotiate" \
5411 -s "=> renegotiate" \
5412 -s "write hello request" \
5413 -S "SSL - An unexpected message was received from our peer" \
5414 -S "failed"
5421 -C "client hello, adding renegotiation extension" \
5422 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5423 -S "found renegotiation extension" \
5424 -s "server hello, secure renegotiation extension" \
5425 -c "found renegotiation extension" \
5426 -S "record counter limit reached: renegotiate" \
5427 -C "=> renegotiate" \
5428 -S "=> renegotiate" \
5429 -S "write hello request" \
5430 -S "SSL - An unexpected message was received from our peer" \
5431 -S "failed"
5434 run_test "Renegotiation: nbio, client-initiated" \
5438 -c "client hello, adding renegotiation extension" \
5439 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5440 -s "found renegotiation extension" \
5441 -s "server hello, secure renegotiation extension" \
5442 -c "found renegotiation extension" \
5443 -c "=> renegotiate" \
5444 -s "=> renegotiate" \
5445 -S "write hello request"
5448 run_test "Renegotiation: nbio, server-initiated" \
5452 -c "client hello, adding renegotiation extension" \
5453 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5454 -s "found renegotiation extension" \
5455 -s "server hello, secure renegotiation extension" \
5456 -c "found renegotiation extension" \
5457 -c "=> renegotiate" \
5458 -s "=> renegotiate" \
5459 -s "write hello request"
5463 run_test "Renegotiation: openssl server, client-initiated" \
5464 "$O_SRV -www -tls1_2" \
5467 -c "client hello, adding renegotiation extension" \
5468 -c "found renegotiation extension" \
5469 -c "=> renegotiate" \
5470 -C "ssl_hanshake() returned" \
5471 -C "error" \
5472 -c "HTTP/1.0 200 [Oo][Kk]"
5477 run_test "Renegotiation: gnutls server strict, client-initiated" \
5478 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%SAFE_RENEGOTIATION" \
5481 -c "client hello, adding renegotiation extension" \
5482 -c "found renegotiation extension" \
5483 -c "=> renegotiate" \
5484 -C "ssl_hanshake() returned" \
5485 -C "error" \
5486 -c "HTTP/1.0 200 [Oo][Kk]"
5491 run_test "Renegotiation: gnutls server unsafe, client-initiated default" \
5492 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \
5495 -c "client hello, adding renegotiation extension" \
5496 -C "found renegotiation extension" \
5497 -c "=> renegotiate" \
5498 -c "mbedtls_ssl_handshake() returned" \
5499 -c "error" \
5500 -C "HTTP/1.0 200 [Oo][Kk]"
5505 run_test "Renegotiation: gnutls server unsafe, client-inititated no legacy" \
5506 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \
5510 -c "client hello, adding renegotiation extension" \
5511 -C "found renegotiation extension" \
5512 -c "=> renegotiate" \
5513 -c "mbedtls_ssl_handshake() returned" \
5514 -c "error" \
5515 -C "HTTP/1.0 200 [Oo][Kk]"
5520 run_test "Renegotiation: gnutls server unsafe, client-inititated legacy" \
5521 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \
5525 -c "client hello, adding renegotiation extension" \
5526 -C "found renegotiation extension" \
5527 -c "=> renegotiate" \
5528 -C "ssl_hanshake() returned" \
5529 -C "error" \
5530 -c "HTTP/1.0 200 [Oo][Kk]"
5534 run_test "Renegotiation: DTLS, client-initiated" \
5538 -c "client hello, adding renegotiation extension" \
5539 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5540 -s "found renegotiation extension" \
5541 -s "server hello, secure renegotiation extension" \
5542 -c "found renegotiation extension" \
5543 -c "=> renegotiate" \
5544 -s "=> renegotiate" \
5545 -S "write hello request"
5549 run_test "Renegotiation: DTLS, server-initiated" \
5554 -c "client hello, adding renegotiation extension" \
5555 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5556 -s "found renegotiation extension" \
5557 -s "server hello, secure renegotiation extension" \
5558 -c "found renegotiation extension" \
5559 -c "=> renegotiate" \
5560 -s "=> renegotiate" \
5561 -s "write hello request"
5569 -c "client hello, adding renegotiation extension" \
5570 -s "received TLS_EMPTY_RENEGOTIATION_INFO" \
5571 -s "found renegotiation extension" \
5572 -s "server hello, secure renegotiation extension" \
5573 -s "record counter limit reached: renegotiate" \
5574 -c "=> renegotiate" \
5575 -s "=> renegotiate" \
5576 -s "write hello request"
5581 run_test "Renegotiation: DTLS, gnutls server, client-initiated" \
5582 "$G_NEXT_SRV -u --mtu 4096" \
5585 -c "client hello, adding renegotiation extension" \
5586 -c "found renegotiation extension" \
5587 -c "=> renegotiate" \
5588 -C "mbedtls_ssl_handshake returned" \
5589 -C "error" \
5590 -s "Extra-header:"
5597 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%SAFE_RENEGOTIATION" \
5600 -c "found renegotiation extension" \
5601 -C "error" \
5602 -c "HTTP/1.0 200 [Oo][Kk]"
5607 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \
5610 -C "found renegotiation extension" \
5611 -C "error" \
5612 -c "HTTP/1.0 200 [Oo][Kk]"
5617 "$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:%DISABLE_SAFE_RENEGOTIATION" \
5618 "$P_CLI debug_level=3 allow_legacy=-1" \
5620 -C "found renegotiation extension" \
5621 -c "error" \
5622 -C "HTTP/1.0 200 [Oo][Kk]"
5628 "$G_CLI --priority=NORMAL:%SAFE_RENEGOTIATION localhost" \
5630 -s "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \
5631 -s "server hello, secure renegotiation extension"
5637 "$G_CLI --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION localhost" \
5639 -S "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \
5640 -S "server hello, secure renegotiation extension"
5645 "$P_SRV debug_level=3 allow_legacy=-1" \
5646 "$G_CLI --priority=NORMAL:%DISABLE_SAFE_RENEGOTIATION localhost" \
5648 -S "received TLS_EMPTY_RENEGOTIATION_INFO\|found renegotiation extension" \
5649 -S "server hello, secure renegotiation extension"
5656 "$P_SRV crt_file=data_files/server5-der0.crt \
5660 -c "Handshake was completed" \
5665 "$P_SRV crt_file=data_files/server5-der1a.crt \
5669 -c "Handshake was completed" \
5674 "$P_SRV crt_file=data_files/server5-der1b.crt \
5678 -c "Handshake was completed" \
5683 "$P_SRV crt_file=data_files/server5-der2.crt \
5687 -c "Handshake was completed" \
5692 "$P_SRV crt_file=data_files/server5-der4.crt \
5696 -c "Handshake was completed" \
5701 "$P_SRV crt_file=data_files/server5-der8.crt \
5705 -c "Handshake was completed" \
5710 "$P_SRV crt_file=data_files/server5-der9.crt \
5714 -c "Handshake was completed" \
5721 "$P_SRV crt_file=data_files/server5-badsign.crt \
5725 -c "x509_verify_cert() returned" \
5726 -c "! The certificate is not correctly signed by the trusted CA" \
5727 -c "! mbedtls_ssl_handshake returned" \
5728 -c "X509 - Certificate verification failed"
5731 "$P_SRV crt_file=data_files/server5-badsign.crt \
5735 -c "x509_verify_cert() returned" \
5736 -c "! The certificate is not correctly signed by the trusted CA" \
5737 -C "! mbedtls_ssl_handshake returned" \
5738 -C "X509 - Certificate verification failed"
5745 -c "x509_verify_cert() returned" \
5746 -c "! The certificate is not correctly signed by the trusted CA" \
5747 -c "! Certificate verification flags"\
5748 -C "! mbedtls_ssl_handshake returned" \
5749 -C "X509 - Certificate verification failed" \
5750 -C "SSL - No CA Chain is set, but required to operate"
5757 -c "x509_verify_cert() returned" \
5758 -c "! The certificate is not correctly signed by the trusted CA" \
5759 -c "! Certificate verification flags"\
5760 -c "! mbedtls_ssl_handshake returned" \
5761 -c "SSL - No CA Chain is set, but required to operate"
5763 # The purpose of the next two tests is to test the client's behaviour when receiving a server
5765 # the client informs the server about the supported curves - it does, though, in the
5767 # occasion (to be fixed). If that bug's fixed, the test needs to be altered to use a
5768 # different means to have the server ignoring the client's supported curve list.
5772 crt_file=data_files/server5.ku-ka.crt" \
5775 -c "bad certificate (EC key curve)"\
5776 -c "! Certificate verification flags"\
5777 -C "bad server certificate (ECDH curve)" # Expect failure at earlier verification stage
5781 crt_file=data_files/server5.ku-ka.crt" \
5784 -c "bad certificate (EC key curve)"\
5785 -c "! Certificate verification flags"\
5786 -c "bad server certificate (ECDH curve)" # Expect failure only at ECDH params check
5789 "$P_SRV crt_file=data_files/server5-badsign.crt \
5793 -C "x509_verify_cert() returned" \
5794 -C "! The certificate is not correctly signed by the trusted CA" \
5795 -C "! mbedtls_ssl_handshake returned" \
5796 -C "X509 - Certificate verification failed"
5803 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \
5805 -c "Supported Signature Algorithm found: 04 " \
5806 -c "Supported Signature Algorithm found: 05 "
5813 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
5815 -c "Supported Signature Algorithm found: 04 " \
5816 -c "Supported Signature Algorithm found: 05 "
5824 -S "skip write certificate request" \
5825 -C "skip parse certificate request" \
5826 -c "got a certificate request" \
5827 -c "= write certificate$" \
5828 -C "skip write certificate$" \
5829 -S "x509_verify_cert() returned" \
5830 -s "peer has no certificate" \
5831 -s "! mbedtls_ssl_handshake returned" \
5832 … -s "No client certification received from the client, but required by the authentication mode"
5837 "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
5840 -S "skip write certificate request" \
5841 -C "skip parse certificate request" \
5842 -c "got a certificate request" \
5843 -C "skip write certificate" \
5844 -C "skip write certificate verify" \
5845 -S "skip parse certificate verify" \
5846 -s "x509_verify_cert() returned" \
5847 -s "! The certificate is not correctly signed by the trusted CA" \
5848 -s "! mbedtls_ssl_handshake returned" \
5849 -s "send alert level=2 message=48" \
5850 -s "X509 - Certificate verification failed"
5856 run_test "Authentication: client cert self-signed and trusted, server required" \
5857 "$P_SRV debug_level=3 auth_mode=required ca_file=data_files/server5-selfsigned.crt" \
5858 "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \
5861 -S "skip write certificate request" \
5862 -C "skip parse certificate request" \
5863 -c "got a certificate request" \
5864 -C "skip write certificate" \
5865 -C "skip write certificate verify" \
5866 -S "skip parse certificate verify" \
5867 -S "x509_verify_cert() returned" \
5868 -S "! The certificate is not correctly signed" \
5869 -S "X509 - Certificate verification failed"
5874 "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \
5877 -S "skip write certificate request" \
5878 -C "skip parse certificate request" \
5879 -c "got a certificate request" \
5880 -C "skip write certificate" \
5881 -C "skip write certificate verify" \
5882 -S "skip parse certificate verify" \
5883 -s "x509_verify_cert() returned" \
5884 -s "! The certificate is not correctly signed by the trusted CA" \
5885 -s "! mbedtls_ssl_handshake returned" \
5886 -s "X509 - Certificate verification failed"
5891 "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
5894 -S "skip write certificate request" \
5895 -C "skip parse certificate request" \
5896 -c "got a certificate request" \
5897 -C "skip write certificate" \
5898 -C "skip write certificate verify" \
5899 -S "skip parse certificate verify" \
5900 -s "x509_verify_cert() returned" \
5901 -s "! The certificate is not correctly signed by the trusted CA" \
5902 -S "! mbedtls_ssl_handshake returned" \
5903 -C "! mbedtls_ssl_handshake returned" \
5904 -S "X509 - Certificate verification failed"
5909 "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
5912 -s "skip write certificate request" \
5913 -C "skip parse certificate request" \
5914 -c "got no certificate request" \
5915 -c "skip write certificate" \
5916 -c "skip write certificate verify" \
5917 -s "skip parse certificate verify" \
5918 -S "x509_verify_cert() returned" \
5919 -S "! The certificate is not correctly signed by the trusted CA" \
5920 -S "! mbedtls_ssl_handshake returned" \
5921 -C "! mbedtls_ssl_handshake returned" \
5922 -S "X509 - Certificate verification failed"
5929 -S "skip write certificate request" \
5930 -C "skip parse certificate request" \
5931 -c "got a certificate request" \
5932 -C "skip write certificate$" \
5933 -C "got no certificate to send" \
5934 -c "skip write certificate verify" \
5935 -s "skip parse certificate verify" \
5936 -s "! Certificate was missing" \
5937 -S "! mbedtls_ssl_handshake returned" \
5938 -C "! mbedtls_ssl_handshake returned" \
5939 -S "X509 - Certificate verification failed"
5945 "$O_NEXT_CLI_NO_CERT -no_middlebox" \
5947 -S "skip write certificate request" \
5948 -s "skip parse certificate verify" \
5949 -s "! Certificate was missing" \
5950 -S "! mbedtls_ssl_handshake returned" \
5951 -S "X509 - Certificate verification failed"
5955 "$O_SRV -verify 10 -tls1_2" \
5958 -C "skip parse certificate request" \
5959 -c "got a certificate request" \
5960 -C "skip write certificate$" \
5961 -c "skip write certificate verify" \
5962 -C "! mbedtls_ssl_handshake returned"
5966 "$O_SRV -Verify 10 -tls1_2" \
5969 -C "skip parse certificate request" \
5970 -c "got a certificate request" \
5971 -C "skip write certificate$" \
5972 -c "skip write certificate verify" \
5973 -c "! mbedtls_ssl_handshake returned"
5988 "$P_SRV crt_file=data_files/dir-maxpath/c09.pem \
5989 key_file=data_files/dir-maxpath/09.key" \
5990 "$P_CLI server_name=CA09 ca_file=data_files/dir-maxpath/00.crt" \
5992 -C "X509 - A fatal error occurred"
5997 "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
5998 key_file=data_files/dir-maxpath/10.key" \
5999 "$P_CLI server_name=CA10 ca_file=data_files/dir-maxpath/00.crt" \
6001 -c "X509 - A fatal error occurred"
6006 "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
6007 key_file=data_files/dir-maxpath/10.key" \
6008 "$P_CLI force_version=tls12 server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \
6011 -c "X509 - A fatal error occurred"
6016 "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
6017 key_file=data_files/dir-maxpath/10.key" \
6018 "$P_CLI force_version=tls12 server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \
6021 -C "X509 - A fatal error occurred"
6026 "$P_SRV ca_file=data_files/dir-maxpath/00.crt" \
6027 "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
6028 key_file=data_files/dir-maxpath/10.key" \
6030 -S "X509 - A fatal error occurred"
6035 "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=optional" \
6036 "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
6037 key_file=data_files/dir-maxpath/10.key" \
6039 -s "X509 - A fatal error occurred"
6044 "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
6045 "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
6046 key_file=data_files/dir-maxpath/10.key" \
6048 -s "X509 - A fatal error occurred"
6053 "$P_SRV ca_file=data_files/dir-maxpath/00.crt auth_mode=required" \
6054 "$P_CLI crt_file=data_files/dir-maxpath/c09.pem \
6055 key_file=data_files/dir-maxpath/09.key" \
6057 -S "X509 - A fatal error occurred"
6067 -s "requested DN"
6075 -S "requested DN"
6079 "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \
6082 -S "requested DN" \
6083 -s "x509_verify_cert() returned" \
6084 -s "! The certificate is not correctly signed by the trusted CA" \
6085 -s "! mbedtls_ssl_handshake returned" \
6086 -c "! mbedtls_ssl_handshake returned" \
6087 -s "X509 - Certificate verification failed"
6098 -c "DN hint: C=NL, O=PolarSSL, CN=PolarSSL Server 1"
6109 -c "DN hint: C=NL, O=PolarSSL, CN=localhost"
6120 -c "DN hint: C=NL, O=PolarSSL, CN=PolarSSL Server 1"
6127 "$P_SRV crt_file=data_files/server5-badsign.crt \
6131 -c "use CA callback for X.509 CRT verification" \
6132 -c "x509_verify_cert() returned" \
6133 -c "! The certificate is not correctly signed by the trusted CA" \
6134 -c "! mbedtls_ssl_handshake returned" \
6135 -c "X509 - Certificate verification failed"
6139 "$P_SRV crt_file=data_files/server5-badsign.crt \
6143 -c "use CA callback for X.509 CRT verification" \
6144 -c "x509_verify_cert() returned" \
6145 -c "! The certificate is not correctly signed by the trusted CA" \
6146 -C "! mbedtls_ssl_handshake returned" \
6147 -C "X509 - Certificate verification failed"
6149 # The purpose of the next two tests is to test the client's behaviour when receiving a server
6151 # the client informs the server about the supported curves - it does, though, in the
6153 # occasion (to be fixed). If that bug's fixed, the test needs to be altered to use a
6154 # different means to have the server ignoring the client's supported curve list.
6159 crt_file=data_files/server5.ku-ka.crt" \
6162 -c "use CA callback for X.509 CRT verification" \
6163 -c "bad certificate (EC key curve)" \
6164 -c "! Certificate verification flags" \
6165 -C "bad server certificate (ECDH curve)" # Expect failure at earlier verification stage
6170 crt_file=data_files/server5.ku-ka.crt" \
6173 -c "use CA callback for X.509 CRT verification" \
6174 -c "bad certificate (EC key curve)"\
6175 -c "! Certificate verification flags"\
6176 -c "bad server certificate (ECDH curve)" # Expect failure only at ECDH params check
6184 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384" \
6186 -s "use CA callback for X.509 CRT verification" \
6187 -c "Supported Signature Algorithm found: 04 " \
6188 -c "Supported Signature Algorithm found: 05 "
6196 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
6198 -s "use CA callback for X.509 CRT verification" \
6199 -c "Supported Signature Algorithm found: 04 " \
6200 -c "Supported Signature Algorithm found: 05 "
6205 "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
6208 -s "use CA callback for X.509 CRT verification" \
6209 -S "skip write certificate request" \
6210 -C "skip parse certificate request" \
6211 -c "got a certificate request" \
6212 -C "skip write certificate" \
6213 -C "skip write certificate verify" \
6214 -S "skip parse certificate verify" \
6215 -s "x509_verify_cert() returned" \
6216 -s "! The certificate is not correctly signed by the trusted CA" \
6217 -s "! mbedtls_ssl_handshake returned" \
6218 -s "send alert level=2 message=48" \
6219 -c "! mbedtls_ssl_handshake returned" \
6220 -s "X509 - Certificate verification failed"
6228 "$P_CLI debug_level=3 crt_file=data_files/server5-selfsigned.crt \
6231 -s "use CA callback for X.509 CRT verification" \
6232 -S "skip write certificate request" \
6233 -C "skip parse certificate request" \
6234 -c "got a certificate request" \
6235 -C "skip write certificate" \
6236 -C "skip write certificate verify" \
6237 -S "skip parse certificate verify" \
6238 -s "x509_verify_cert() returned" \
6239 -s "! The certificate is not correctly signed by the trusted CA" \
6240 -s "! mbedtls_ssl_handshake returned" \
6241 -c "! mbedtls_ssl_handshake returned" \
6242 -s "X509 - Certificate verification failed"
6247 "$P_CLI debug_level=3 crt_file=data_files/server5-badsign.crt \
6250 -s "use CA callback for X.509 CRT verification" \
6251 -S "skip write certificate request" \
6252 -C "skip parse certificate request" \
6253 -c "got a certificate request" \
6254 -C "skip write certificate" \
6255 -C "skip write certificate verify" \
6256 -S "skip parse certificate verify" \
6257 -s "x509_verify_cert() returned" \
6258 -s "! The certificate is not correctly signed by the trusted CA" \
6259 -S "! mbedtls_ssl_handshake returned" \
6260 -C "! mbedtls_ssl_handshake returned" \
6261 -S "X509 - Certificate verification failed"
6267 "$P_SRV crt_file=data_files/dir-maxpath/c09.pem \
6268 key_file=data_files/dir-maxpath/09.key" \
6269 …version=tls12 ca_callback=1 debug_level=3 server_name=CA09 ca_file=data_files/dir-maxpath/00.crt" \
6271 -c "use CA callback for X.509 CRT verification" \
6272 -C "X509 - A fatal error occurred"
6278 "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
6279 key_file=data_files/dir-maxpath/10.key" \
6280 …version=tls12 debug_level=3 ca_callback=1 server_name=CA10 ca_file=data_files/dir-maxpath/00.crt" \
6282 -c "use CA callback for X.509 CRT verification" \
6283 -c "X509 - A fatal error occurred"
6289 "$P_SRV crt_file=data_files/dir-maxpath/c10.pem \
6290 key_file=data_files/dir-maxpath/10.key" \
6291 … "$P_CLI force_version=tls12 ca_callback=1 server_name=CA10 ca_file=data_files/dir-maxpath/00.crt \
6294 -c "use CA callback for X.509 CRT verification" \
6295 -c "X509 - A fatal error occurred"
6301 …"$P_SRV force_version=tls12 ca_callback=1 debug_level=3 ca_file=data_files/dir-maxpath/00.crt auth…
6302 "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
6303 key_file=data_files/dir-maxpath/10.key" \
6305 -s "use CA callback for X.509 CRT verification" \
6306 -s "X509 - A fatal error occurred"
6312 …"$P_SRV force_version=tls12 ca_callback=1 debug_level=3 ca_file=data_files/dir-maxpath/00.crt auth…
6313 "$P_CLI crt_file=data_files/dir-maxpath/c10.pem \
6314 key_file=data_files/dir-maxpath/10.key" \
6316 -s "use CA callback for X.509 CRT verification" \
6317 -s "X509 - A fatal error occurred"
6323 …"$P_SRV force_version=tls12 ca_callback=1 debug_level=3 ca_file=data_files/dir-maxpath/00.crt auth…
6324 "$P_CLI crt_file=data_files/dir-maxpath/c09.pem \
6325 key_file=data_files/dir-maxpath/09.key" \
6327 -s "use CA callback for X.509 CRT verification" \
6328 -S "X509 - A fatal error occurred"
6333 run_test "Certificate hash: client TLS 1.2 -> SHA-2" \
6336 crt_file2=data_files/server5-sha1.crt \
6340 -c "signed using.*ECDSA with SHA256" \
6341 -C "signed using.*ECDSA with SHA1"
6352 -c "issuer name *: C=NL, O=PolarSSL, CN=Polarssl Test EC CA" \
6353 -c "subject name *: C=NL, O=PolarSSL, CN=localhost"
6360 …server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_file…
6363 -s "parse ServerName extension" \
6364 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
6365 -c "subject name *: C=NL, O=PolarSSL, CN=localhost"
6372 …server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_file…
6375 -s "parse ServerName extension" \
6376 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
6377 -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example"
6384 …server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_file…
6387 -s "parse ServerName extension" \
6388 -s "ssl_sni_wrapper() returned" \
6389 -s "mbedtls_ssl_handshake returned" \
6390 -c "mbedtls_ssl_handshake returned" \
6391 -c "SSL - A fatal alert message was received from our peer"
6397 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-" \
6400 -S "skip write certificate request" \
6401 -C "skip parse certificate request" \
6402 -c "got a certificate request" \
6403 -C "skip write certificate" \
6404 -C "skip write certificate verify" \
6405 -S "skip parse certificate verify"
6408 run_test "SNI: client auth override: none -> optional" \
6411 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,optional" \
6414 -S "skip write certificate request" \
6415 -C "skip parse certificate request" \
6416 -c "got a certificate request" \
6417 -C "skip write certificate" \
6418 -C "skip write certificate verify" \
6419 -S "skip parse certificate verify"
6422 run_test "SNI: client auth override: optional -> none" \
6425 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,none" \
6428 -s "skip write certificate request" \
6429 -C "skip parse certificate request" \
6430 -c "got no certificate request" \
6431 -c "skip write certificate"
6437 ca_file=data_files/test-ca.crt \
6438 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,required" \
6442 -S "skip write certificate request" \
6443 -C "skip parse certificate request" \
6444 -c "got a certificate request" \
6445 -C "skip write certificate" \
6446 -C "skip write certificate verify" \
6447 -S "skip parse certificate verify" \
6448 -s "x509_verify_cert() returned" \
6449 -s "! The certificate is not correctly signed by the trusted CA" \
6450 -S "The certificate has been revoked (is on a CRL)"
6456 ca_file=data_files/test-ca.crt \
6457 … sni=localhost,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,-,required" \
6461 -S "skip write certificate request" \
6462 -C "skip parse certificate request" \
6463 -c "got a certificate request" \
6464 -C "skip write certificate" \
6465 -C "skip write certificate verify" \
6466 -S "skip parse certificate verify" \
6467 -S "x509_verify_cert() returned" \
6468 -S "! The certificate is not correctly signed by the trusted CA" \
6469 -S "The certificate has been revoked (is on a CRL)"
6475 ca_file=data_files/test-ca.crt \
6476 …t,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,data_files/crl-ec-sha256.p…
6480 -S "skip write certificate request" \
6481 -C "skip parse certificate request" \
6482 -c "got a certificate request" \
6483 -C "skip write certificate" \
6484 -C "skip write certificate verify" \
6485 -S "skip parse certificate verify" \
6486 -s "x509_verify_cert() returned" \
6487 -S "! The certificate is not correctly signed by the trusted CA" \
6488 -s "The certificate has been revoked (is on a CRL)"
6499 -c "issuer name *: C=NL, O=PolarSSL, CN=Polarssl Test EC CA" \
6500 -c "subject name *: C=NL, O=PolarSSL, CN=localhost"
6507 …server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_file…
6510 -s "parse ServerName extension" \
6511 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
6512 -c "subject name *: C=NL, O=PolarSSL, CN=localhost"
6519 …server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_file…
6522 -s "parse ServerName extension" \
6523 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
6524 -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example"
6530 …server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_file…
6533 -s "parse ServerName extension" \
6534 -s "ssl_sni_wrapper() returned" \
6535 -s "mbedtls_ssl_handshake returned" \
6536 -c "mbedtls_ssl_handshake returned" \
6537 -c "SSL - A fatal alert message was received from our peer"
6543 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,-" \
6546 -S "skip write certificate request" \
6547 -C "skip parse certificate request" \
6548 -c "got a certificate request" \
6549 -C "skip write certificate" \
6550 -C "skip write certificate verify" \
6551 -S "skip parse certificate verify"
6554 run_test "SNI: DTLS, client auth override: none -> optional" \
6557 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,optional" \
6560 -S "skip write certificate request" \
6561 -C "skip parse certificate request" \
6562 -c "got a certificate request" \
6563 -C "skip write certificate" \
6564 -C "skip write certificate verify" \
6565 -S "skip parse certificate verify"
6568 run_test "SNI: DTLS, client auth override: optional -> none" \
6571 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,none" \
6574 -s "skip write certificate request" \
6575 -C "skip parse certificate request" \
6576 -c "got no certificate request" \
6577 -c "skip write certificate" \
6578 -c "skip write certificate verify" \
6579 -s "skip parse certificate verify"
6585 ca_file=data_files/test-ca.crt \
6586 sni=localhost,data_files/server2.crt,data_files/server2.key,-,-,required" \
6590 -S "skip write certificate request" \
6591 -C "skip parse certificate request" \
6592 -c "got a certificate request" \
6593 -C "skip write certificate" \
6594 -C "skip write certificate verify" \
6595 -S "skip parse certificate verify" \
6596 -s "x509_verify_cert() returned" \
6597 -s "! The certificate is not correctly signed by the trusted CA" \
6598 -S "The certificate has been revoked (is on a CRL)"
6604 ca_file=data_files/test-ca.crt \
6605 … sni=localhost,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,-,required" \
6609 -S "skip write certificate request" \
6610 -C "skip parse certificate request" \
6611 -c "got a certificate request" \
6612 -C "skip write certificate" \
6613 -C "skip write certificate verify" \
6614 -S "skip parse certificate verify" \
6615 -S "x509_verify_cert() returned" \
6616 -S "! The certificate is not correctly signed by the trusted CA" \
6617 -S "The certificate has been revoked (is on a CRL)"
6623 ca_file=data_files/test-ca.crt \
6624 …t,data_files/server2.crt,data_files/server2.key,data_files/test-ca2.crt,data_files/crl-ec-sha256.p…
6628 -S "skip write certificate request" \
6629 -C "skip parse certificate request" \
6630 -c "got a certificate request" \
6631 -C "skip write certificate" \
6632 -C "skip write certificate verify" \
6633 -S "skip parse certificate verify" \
6634 -s "x509_verify_cert() returned" \
6635 -S "! The certificate is not correctly signed by the trusted CA" \
6636 -s "The certificate has been revoked (is on a CRL)"
6638 # Tests for non-blocking I/O: exercise a variety of handshake flows
6641 run_test "Non-blocking I/O: basic handshake" \
6645 -S "mbedtls_ssl_handshake returned" \
6646 -C "mbedtls_ssl_handshake returned" \
6647 -c "Read from server: .* bytes read"
6650 run_test "Non-blocking I/O: client auth" \
6654 -S "mbedtls_ssl_handshake returned" \
6655 -C "mbedtls_ssl_handshake returned" \
6656 -c "Read from server: .* bytes read"
6659 run_test "Non-blocking I/O: ticket" \
6663 -S "mbedtls_ssl_handshake returned" \
6664 -C "mbedtls_ssl_handshake returned" \
6665 -c "Read from server: .* bytes read"
6668 run_test "Non-blocking I/O: ticket + client auth" \
6672 -S "mbedtls_ssl_handshake returned" \
6673 -C "mbedtls_ssl_handshake returned" \
6674 -c "Read from server: .* bytes read"
6677 run_test "Non-blocking I/O: TLS 1.2 + ticket + client auth + resume" \
6681 -S "mbedtls_ssl_handshake returned" \
6682 -C "mbedtls_ssl_handshake returned" \
6683 -c "Read from server: .* bytes read"
6688 run_test "Non-blocking I/O: TLS 1.3 + ticket + client auth + resume" \
6692 -S "mbedtls_ssl_handshake returned" \
6693 -C "mbedtls_ssl_handshake returned" \
6694 -c "Read from server: .* bytes read"
6697 run_test "Non-blocking I/O: TLS 1.2 + ticket + resume" \
6701 -S "mbedtls_ssl_handshake returned" \
6702 -C "mbedtls_ssl_handshake returned" \
6703 -c "Read from server: .* bytes read"
6708 run_test "Non-blocking I/O: TLS 1.3 + ticket + resume" \
6712 -S "mbedtls_ssl_handshake returned" \
6713 -C "mbedtls_ssl_handshake returned" \
6714 -c "Read from server: .* bytes read"
6717 run_test "Non-blocking I/O: session-id resume" \
6721 -S "mbedtls_ssl_handshake returned" \
6722 -C "mbedtls_ssl_handshake returned" \
6723 -c "Read from server: .* bytes read"
6725 # Tests for event-driven I/O: exercise a variety of handshake flows
6728 run_test "Event-driven I/O: basic handshake" \
6732 -S "mbedtls_ssl_handshake returned" \
6733 -C "mbedtls_ssl_handshake returned" \
6734 -c "Read from server: .* bytes read"
6737 run_test "Event-driven I/O: client auth" \
6741 -S "mbedtls_ssl_handshake returned" \
6742 -C "mbedtls_ssl_handshake returned" \
6743 -c "Read from server: .* bytes read"
6746 run_test "Event-driven I/O: ticket" \
6750 -S "mbedtls_ssl_handshake returned" \
6751 -C "mbedtls_ssl_handshake returned" \
6752 -c "Read from server: .* bytes read"
6755 run_test "Event-driven I/O: ticket + client auth" \
6759 -S "mbedtls_ssl_handshake returned" \
6760 -C "mbedtls_ssl_handshake returned" \
6761 -c "Read from server: .* bytes read"
6764 run_test "Event-driven I/O: TLS 1.2 + ticket + client auth + resume" \
6768 -S "mbedtls_ssl_handshake returned" \
6769 -C "mbedtls_ssl_handshake returned" \
6770 -c "Read from server: .* bytes read"
6775 run_test "Event-driven I/O: TLS 1.3 + ticket + client auth + resume" \
6779 -S "mbedtls_ssl_handshake returned" \
6780 -C "mbedtls_ssl_handshake returned" \
6781 -c "Read from server: .* bytes read"
6784 run_test "Event-driven I/O: TLS 1.2 + ticket + resume" \
6788 -S "mbedtls_ssl_handshake returned" \
6789 -C "mbedtls_ssl_handshake returned" \
6790 -c "Read from server: .* bytes read"
6795 run_test "Event-driven I/O: TLS 1.3 + ticket + resume" \
6799 -S "mbedtls_ssl_handshake returned" \
6800 -C "mbedtls_ssl_handshake returned" \
6801 -c "Read from server: .* bytes read"
6804 run_test "Event-driven I/O: session-id resume" \
6808 -S "mbedtls_ssl_handshake returned" \
6809 -C "mbedtls_ssl_handshake returned" \
6810 -c "Read from server: .* bytes read"
6813 run_test "Event-driven I/O, DTLS: basic handshake" \
6817 -c "Read from server: .* bytes read"
6820 run_test "Event-driven I/O, DTLS: client auth" \
6824 -c "Read from server: .* bytes read"
6827 run_test "Event-driven I/O, DTLS: ticket" \
6831 -c "Read from server: .* bytes read"
6834 run_test "Event-driven I/O, DTLS: ticket + client auth" \
6838 -c "Read from server: .* bytes read"
6841 run_test "Event-driven I/O, DTLS: ticket + client auth + resume" \
6845 -c "Read from server: .* bytes read"
6848 run_test "Event-driven I/O, DTLS: ticket + resume" \
6852 -c "Read from server: .* bytes read"
6855 run_test "Event-driven I/O, DTLS: session-id resume" \
6859 -c "Read from server: .* bytes read"
6867 run_test "Event-driven I/O, DTLS: session-id resume, UDP packing" \
6868 -p "$P_PXY pack=50" \
6872 -c "Read from server: .* bytes read"
6879 run_test "Version negotiation check m->m: 1.2 / 1.2 -> 1.2" \
6883 -S "mbedtls_ssl_handshake returned" \
6884 -C "mbedtls_ssl_handshake returned" \
6885 -s "Protocol is TLSv1.2" \
6886 -c "Protocol is TLSv1.2"
6891 run_test "Version negotiation check m->m: 1.2 (max=1.2) / 1.2 (max=1.2) -> 1.2" \
6895 -S "mbedtls_ssl_handshake returned" \
6896 -C "mbedtls_ssl_handshake returned" \
6897 -s "Protocol is TLSv1.2" \
6898 -c "Protocol is TLSv1.2"
6903 run_test "Version negotiation check m->m: 1.3 / 1.3 -> 1.3" \
6907 -S "mbedtls_ssl_handshake returned" \
6908 -C "mbedtls_ssl_handshake returned" \
6909 -s "Protocol is TLSv1.3" \
6910 -c "Protocol is TLSv1.3"
6915 run_test "Version negotiation check m->m: 1.3 (min=1.3) / 1.3 (min=1.3) -> 1.3" \
6919 -S "mbedtls_ssl_handshake returned" \
6920 -C "mbedtls_ssl_handshake returned" \
6921 -s "Protocol is TLSv1.3" \
6922 -c "Protocol is TLSv1.3"
6927 run_test "Version negotiation check m->m: 1.2+1.3 / 1.2+1.3 -> 1.3" \
6931 -S "mbedtls_ssl_handshake returned" \
6932 -C "mbedtls_ssl_handshake returned" \
6933 -s "Protocol is TLSv1.3" \
6934 -c "Protocol is TLSv1.3"
6939 run_test "Version negotiation check m->m: 1.2+1.3 / 1.3 (min=1.3) -> 1.3" \
6943 -S "mbedtls_ssl_handshake returned" \
6944 -C "mbedtls_ssl_handshake returned" \
6945 -s "Protocol is TLSv1.3" \
6946 -c "Protocol is TLSv1.3"
6951 run_test "Version negotiation check m->m: 1.2+1.3 / 1.2 (max=1.2) -> 1.2" \
6955 -S "mbedtls_ssl_handshake returned" \
6956 -C "mbedtls_ssl_handshake returned" \
6957 -s "Protocol is TLSv1.2" \
6958 -c "Protocol is TLSv1.2"
6963 run_test "Version negotiation check m->m: 1.2 (max=1.2) / 1.2+1.3 -> 1.2" \
6967 -S "mbedtls_ssl_handshake returned" \
6968 -C "mbedtls_ssl_handshake returned" \
6969 -s "Protocol is TLSv1.2" \
6970 -c "Protocol is TLSv1.2"
6975 run_test "Version negotiation check m->m: 1.3 (min=1.3) / 1.2+1.3 -> 1.3" \
6979 -S "mbedtls_ssl_handshake returned" \
6980 -C "mbedtls_ssl_handshake returned" \
6981 -s "Protocol is TLSv1.3" \
6982 -c "Protocol is TLSv1.3"
6986 run_test "Not supported version check m->m: 1.2 (max=1.2) / 1.3 (min=1.3)" \
6990 -s "Handshake protocol not within min/max boundaries" \
6991 -S "Protocol is TLSv1.2" \
6992 -C "Protocol is TLSv1.2" \
6993 -S "Protocol is TLSv1.3" \
6994 -C "Protocol is TLSv1.3"
6998 run_test "Not supported version check m->m: 1.3 (min=1.3) / 1.2 (max=1.2)" \
7002 -s "The handshake negotiation failed" \
7003 -S "Protocol is TLSv1.2" \
7004 -C "Protocol is TLSv1.2" \
7005 -S "Protocol is TLSv1.3" \
7006 -C "Protocol is TLSv1.3"
7012 run_test "Server version nego check G->m: 1.2 / 1.2+(1.3) -> 1.2" \
7014 "$G_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2" \
7016 -S "mbedtls_ssl_handshake returned" \
7017 -s "Protocol is TLSv1.2"
7022 run_test "Server version nego check G->m: 1.2 / 1.2 (max=1.2) -> 1.2" \
7024 "$G_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2" \
7026 -S "mbedtls_ssl_handshake returned" \
7027 -s "Protocol is TLSv1.2"
7032 run_test "Server version nego check G->m: 1.3 / (1.2)+1.3 -> 1.3" \
7034 "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3" \
7036 -S "mbedtls_ssl_handshake returned" \
7037 -s "Protocol is TLSv1.3"
7043 run_test "Server version nego check G->m: 1.3 / 1.3 (min=1.3) -> 1.3" \
7045 "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3" \
7047 -S "mbedtls_ssl_handshake returned" \
7048 -s "Protocol is TLSv1.3"
7053 run_test "Server version nego check G->m: 1.2+1.3 / (1.2)+1.3 -> 1.3" \
7055 "$G_NEXT_CLI localhost --priority=NORMAL" \
7057 -S "mbedtls_ssl_handshake returned" \
7058 -s "Protocol is TLSv1.3"
7063 run_test "Server version nego check G->m (no compat): 1.2+1.3 / (1.2)+1.3 -> 1.3" \
7065 "$G_NEXT_CLI localhost --priority=NORMAL:%DISABLE_TLS13_COMPAT_MODE" \
7067 -S "mbedtls_ssl_handshake returned" \
7068 -s "Protocol is TLSv1.3"
7081 run_test "Server version nego check G->m: [1.2]+1.3 / 1.2+1.3 -> 1.2" \
7083 "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2:+VERS-TLS1.3" \
7085 -c "Detected downgrade to TLS 1.2 from TLS 1.3"
7091 run_test "Server version nego check G->m: 1.2+1.3 / 1.3 (min=1.3) -> 1.3" \
7093 "$G_NEXT_CLI localhost --priority=NORMAL" \
7095 -S "mbedtls_ssl_handshake returned" \
7096 -s "Protocol is TLSv1.3"
7101 run_test "Server version nego check G->m: 1.2+1.3 / 1.2 -> 1.2" \
7103 "$G_NEXT_CLI localhost --priority=NORMAL" \
7105 -S "mbedtls_ssl_handshake returned" \
7106 -s "Protocol is TLSv1.2"
7111 run_test "Server version nego check G->m: 1.2+1.3 / 1.2 (max=1.2) -> 1.2" \
7113 "$G_NEXT_CLI localhost --priority=NORMAL" \
7115 -S "mbedtls_ssl_handshake returned" \
7116 -s "Protocol is TLSv1.2"
7119 run_test "Not supported version check G->m: 1.0 / (1.2)+(1.3)" \
7121 "$G_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.0" \
7123 -s "Handshake protocol not within min/max boundaries" \
7124 -S "Protocol is TLSv1.0"
7127 run_test "Not supported version check G->m: 1.1 / (1.2)+(1.3)" \
7129 "$G_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.1" \
7131 -s "Handshake protocol not within min/max boundaries" \
7132 -S "Protocol is TLSv1.1"
7136 run_test "Not supported version check G->m: 1.2 / 1.3" \
7138 "$G_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2" \
7140 -s "Handshake protocol not within min/max boundaries" \
7141 -S "Protocol is TLSv1.2"
7145 run_test "Not supported version check G->m: 1.3 / 1.2" \
7147 "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3" \
7149 -S "Handshake protocol not within min/max boundaries" \
7150 -s "The handshake negotiation failed" \
7151 -S "Protocol is TLSv1.3"
7155 run_test "Not supported version check G->m: 1.2 / 1.3 (min=1.3)" \
7157 "$G_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2" \
7159 -s "Handshake protocol not within min/max boundaries" \
7160 -S "Protocol is TLSv1.2"
7164 run_test "Not supported version check G->m: 1.3 / 1.2 (max=1.2)" \
7166 "$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3" \
7168 -S "Handshake protocol not within min/max boundaries" \
7169 -s "The handshake negotiation failed" \
7170 -S "Protocol is TLSv1.3"
7176 run_test "Server version nego check O->m: 1.2 / 1.2+(1.3) -> 1.2" \
7178 "$O_NEXT_CLI -tls1_2" \
7180 -S "mbedtls_ssl_handshake returned" \
7181 -s "Protocol is TLSv1.2"
7186 run_test "Server version nego check O->m: 1.2 / 1.2 (max=1.2) -> 1.2" \
7188 "$O_NEXT_CLI -tls1_2" \
7190 -S "mbedtls_ssl_handshake returned" \
7191 -s "Protocol is TLSv1.2"
7197 run_test "Server version nego check O->m: 1.3 / (1.2)+1.3 -> 1.3" \
7199 "$O_NEXT_CLI -tls1_3" \
7201 -S "mbedtls_ssl_handshake returned" \
7202 -s "Protocol is TLSv1.3"
7209 run_test "Server version nego check O->m: 1.3 / 1.3 (min=1.3) -> 1.3" \
7211 "$O_NEXT_CLI -tls1_3" \
7213 -S "mbedtls_ssl_handshake returned" \
7214 -s "Protocol is TLSv1.3"
7220 run_test "Server version nego check O->m: 1.2+1.3 / (1.2)+1.3 -> 1.3" \
7224 -S "mbedtls_ssl_handshake returned" \
7225 -s "Protocol is TLSv1.3"
7230 run_test "Server version nego check O->m (no compat): 1.2+1.3 / (1.2)+1.3 -> 1.3" \
7232 "$O_NEXT_CLI -no_middlebox" \
7234 -S "mbedtls_ssl_handshake returned" \
7235 -s "Protocol is TLSv1.3"
7242 run_test "Server version nego check O->m: 1.2+1.3 / 1.3 (min=1.3) -> 1.3" \
7246 -S "mbedtls_ssl_handshake returned" \
7247 -s "Protocol is TLSv1.3"
7252 run_test "Server version nego check O->m: 1.2+1.3 / 1.2 -> 1.2" \
7256 -S "mbedtls_ssl_handshake returned" \
7257 -s "Protocol is TLSv1.2"
7262 run_test "Server version nego check O->m: 1.2+1.3 / 1.2 (max=1.2) -> 1.2" \
7266 -S "mbedtls_ssl_handshake returned" \
7267 -s "Protocol is TLSv1.2"
7270 run_test "Not supported version check O->m: 1.0 / (1.2)+(1.3)" \
7272 "$O_CLI -tls1" \
7274 -s "Handshake protocol not within min/max boundaries" \
7275 -S "Protocol is TLSv1.0"
7278 run_test "Not supported version check O->m: 1.1 / (1.2)+(1.3)" \
7280 "$O_CLI -tls1_1" \
7282 -s "Handshake protocol not within min/max boundaries" \
7283 -S "Protocol is TLSv1.1"
7287 run_test "Not supported version check O->m: 1.2 / 1.3" \
7289 "$O_NEXT_CLI -tls1_2" \
7291 -s "Handshake protocol not within min/max boundaries" \
7292 -S "Protocol is TLSv1.2"
7296 run_test "Not supported version check O->m: 1.3 / 1.2" \
7298 "$O_NEXT_CLI -tls1_3" \
7300 -S "Handshake protocol not within min/max boundaries" \
7301 -s "The handshake negotiation failed" \
7302 -S "Protocol is TLSv1.3"
7306 run_test "Not supported version check O->m: 1.2 / 1.3 (min=1.3)" \
7308 "$O_NEXT_CLI -tls1_2" \
7310 -s "Handshake protocol not within min/max boundaries" \
7311 -S "Protocol is TLSv1.2"
7315 run_test "Not supported version check O->m: 1.3 / 1.2 (max=1.2)" \
7317 "$O_NEXT_CLI -tls1_3" \
7319 -S "Handshake protocol not within min/max boundaries" \
7320 -s "The handshake negotiation failed" \
7321 -S "Protocol is TLSv1.3"
7327 "$G_SRV --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0" \
7330 -s "Error in protocol version" \
7331 -c "Handshake protocol not within min/max boundaries" \
7332 -S "Version: TLS1.0" \
7333 -C "Protocol is TLSv1.0"
7337 "$G_SRV --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1" \
7340 -s "Error in protocol version" \
7341 -c "Handshake protocol not within min/max boundaries" \
7342 -S "Version: TLS1.1" \
7343 -C "Protocol is TLSv1.1"
7351 "$G_NEXT_SRV --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.0 -d 4" \
7354 -s "Client's version: 3.3" \
7355 -S "Version: TLS1.0" \
7356 -C "Protocol is TLSv1.0"
7364 "$G_NEXT_SRV --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.1 -d 4" \
7367 -s "Client's version: 3.3" \
7368 -S "Version: TLS1.1" \
7369 -C "Protocol is TLSv1.1"
7377 "$G_NEXT_SRV --priority=NORMAL:-VERS-TLS-ALL:+VERS-TLS1.2 -d 4" \
7380 -s "Client's version: 3.3" \
7381 -c "is a fatal alert message (msg 40)" \
7382 -S "Version: TLS1.2" \
7383 -C "Protocol is TLSv1.2"
7391 "$O_NEXT_SRV -msg -tls1" \
7394 -s "fatal protocol_version" \
7395 -c "is a fatal alert message (msg 70)" \
7396 -S "Version: TLS1.0" \
7397 -C "Protocol : TLSv1.0"
7405 "$O_NEXT_SRV -msg -tls1_1" \
7408 -s "fatal protocol_version" \
7409 -c "is a fatal alert message (msg 70)" \
7410 -S "Version: TLS1.1" \
7411 -C "Protocol : TLSv1.1"
7419 "$O_NEXT_SRV -msg -tls1_2" \
7422 -s "fatal protocol_version" \
7423 -c "is a fatal alert message (msg 70)" \
7424 -S "Version: TLS1.2" \
7425 -C "Protocol : TLSv1.2"
7434 -C "client hello, adding alpn extension" \
7435 -S "found alpn extension" \
7436 -C "got an alert message, type: \\[2:120]" \
7437 -S "server side, adding alpn extension" \
7438 -C "found alpn extension " \
7439 -C "Application Layer Protocol is" \
7440 -S "Application Layer Protocol is"
7447 -c "client hello, adding alpn extension" \
7448 -s "found alpn extension" \
7449 -C "got an alert message, type: \\[2:120]" \
7450 -S "server side, adding alpn extension" \
7451 -C "found alpn extension " \
7452 -c "Application Layer Protocol is (none)" \
7453 -S "Application Layer Protocol is"
7460 -C "client hello, adding alpn extension" \
7461 -S "found alpn extension" \
7462 -C "got an alert message, type: \\[2:120]" \
7463 -S "server side, adding alpn extension" \
7464 -C "found alpn extension " \
7465 -C "Application Layer Protocol is" \
7466 -s "Application Layer Protocol is (none)"
7469 run_test "ALPN: both, common cli1-srv1" \
7473 -c "client hello, adding alpn extension" \
7474 -s "found alpn extension" \
7475 -C "got an alert message, type: \\[2:120]" \
7476 -s "server side, adding alpn extension" \
7477 -c "found alpn extension" \
7478 -c "Application Layer Protocol is abc" \
7479 -s "Application Layer Protocol is abc"
7482 run_test "ALPN: both, common cli2-srv1" \
7486 -c "client hello, adding alpn extension" \
7487 -s "found alpn extension" \
7488 -C "got an alert message, type: \\[2:120]" \
7489 -s "server side, adding alpn extension" \
7490 -c "found alpn extension" \
7491 -c "Application Layer Protocol is abc" \
7492 -s "Application Layer Protocol is abc"
7495 run_test "ALPN: both, common cli1-srv2" \
7499 -c "client hello, adding alpn extension" \
7500 -s "found alpn extension" \
7501 -C "got an alert message, type: \\[2:120]" \
7502 -s "server side, adding alpn extension" \
7503 -c "found alpn extension" \
7504 -c "Application Layer Protocol is 1234" \
7505 -s "Application Layer Protocol is 1234"
7512 -c "client hello, adding alpn extension" \
7513 -s "found alpn extension" \
7514 -c "got an alert message, type: \\[2:120]" \
7515 -S "server side, adding alpn extension" \
7516 -C "found alpn extension" \
7517 -C "Application Layer Protocol is 1234" \
7518 -S "Application Layer Protocol is 1234"
7522 # server-side certificate/suite selection
7524 run_test "keyUsage srv: RSA, digitalSignature -> (EC)DHE-RSA" \
7526 crt_file=data_files/server2.ku-ds.crt" \
7529 -c "Ciphersuite is TLS-[EC]*DHE-RSA-WITH-"
7531 run_test "keyUsage srv: RSA, keyEncipherment -> RSA" \
7533 crt_file=data_files/server2.ku-ke.crt" \
7536 -c "Ciphersuite is TLS-RSA-WITH-"
7538 run_test "keyUsage srv: RSA, keyAgreement -> fail" \
7540 crt_file=data_files/server2.ku-ka.crt" \
7543 -C "Ciphersuite is "
7546 run_test "keyUsage srv: ECDSA, digitalSignature -> ECDHE-ECDSA" \
7548 crt_file=data_files/server5.ku-ds.crt" \
7551 -c "Ciphersuite is TLS-ECDHE-ECDSA-WITH-"
7554 run_test "keyUsage srv: ECDSA, keyAgreement -> ECDH-" \
7556 crt_file=data_files/server5.ku-ka.crt" \
7559 -c "Ciphersuite is TLS-ECDH-"
7561 run_test "keyUsage srv: ECDSA, keyEncipherment -> fail" \
7563 crt_file=data_files/server5.ku-ke.crt" \
7566 -C "Ciphersuite is "
7569 # client-side checking of server cert
7572 "$O_SRV -tls1_2 -key data_files/server2.key \
7573 -cert data_files/server2.ku-ds_ke.crt" \
7575 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
7577 -C "bad certificate (usage extensions)" \
7578 -C "Processing of the Certificate handshake message failed" \
7579 -c "Ciphersuite is TLS-"
7581 run_test "keyUsage cli: DigitalSignature+KeyEncipherment, DHE-RSA: OK" \
7582 "$O_SRV -tls1_2 -key data_files/server2.key \
7583 -cert data_files/server2.ku-ds_ke.crt" \
7585 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
7587 -C "bad certificate (usage extensions)" \
7588 -C "Processing of the Certificate handshake message failed" \
7589 -c "Ciphersuite is TLS-"
7592 "$O_SRV -tls1_2 -key data_files/server2.key \
7593 -cert data_files/server2.ku-ke.crt" \
7595 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
7597 -C "bad certificate (usage extensions)" \
7598 -C "Processing of the Certificate handshake message failed" \
7599 -c "Ciphersuite is TLS-"
7601 run_test "keyUsage cli: KeyEncipherment, DHE-RSA: fail" \
7602 "$O_SRV -tls1_2 -key data_files/server2.key \
7603 -cert data_files/server2.ku-ke.crt" \
7605 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
7607 -c "bad certificate (usage extensions)" \
7608 -c "Processing of the Certificate handshake message failed" \
7609 -C "Ciphersuite is TLS-"
7611 run_test "keyUsage cli: KeyEncipherment, DHE-RSA: fail, soft" \
7612 "$O_SRV -tls1_2 -key data_files/server2.key \
7613 -cert data_files/server2.ku-ke.crt" \
7615 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
7617 -c "bad certificate (usage extensions)" \
7618 -C "Processing of the Certificate handshake message failed" \
7619 -c "Ciphersuite is TLS-" \
7620 -c "! Usage does not match the keyUsage extension"
7622 run_test "keyUsage cli: DigitalSignature, DHE-RSA: OK" \
7623 "$O_SRV -tls1_2 -key data_files/server2.key \
7624 -cert data_files/server2.ku-ds.crt" \
7626 force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA" \
7628 -C "bad certificate (usage extensions)" \
7629 -C "Processing of the Certificate handshake message failed" \
7630 -c "Ciphersuite is TLS-"
7633 "$O_SRV -tls1_2 -key data_files/server2.key \
7634 -cert data_files/server2.ku-ds.crt" \
7636 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
7638 -c "bad certificate (usage extensions)" \
7639 -c "Processing of the Certificate handshake message failed" \
7640 -C "Ciphersuite is TLS-"
7643 "$O_SRV -tls1_2 -key data_files/server2.key \
7644 -cert data_files/server2.ku-ds.crt" \
7646 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
7648 -c "bad certificate (usage extensions)" \
7649 -C "Processing of the Certificate handshake message failed" \
7650 -c "Ciphersuite is TLS-" \
7651 -c "! Usage does not match the keyUsage extension"
7657 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server2.key \
7658 -cert data_files/server2.ku-ds_ke.crt" \
7661 -C "bad certificate (usage extensions)" \
7662 -C "Processing of the Certificate handshake message failed" \
7663 -c "Ciphersuite is"
7669 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server2.key \
7670 -cert data_files/server2.ku-ke.crt" \
7673 -c "bad certificate (usage extensions)" \
7674 -c "Processing of the Certificate handshake message failed" \
7675 -C "Ciphersuite is"
7681 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server2.key \
7682 -cert data_files/server2.ku-ka.crt" \
7685 -c "bad certificate (usage extensions)" \
7686 -c "Processing of the Certificate handshake message failed" \
7687 -C "Ciphersuite is"
7693 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \
7694 -cert data_files/server5.ku-ds.crt" \
7697 -C "bad certificate (usage extensions)" \
7698 -C "Processing of the Certificate handshake message failed" \
7699 -c "Ciphersuite is"
7705 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \
7706 -cert data_files/server5.ku-ke.crt" \
7709 -c "bad certificate (usage extensions)" \
7710 -c "Processing of the Certificate handshake message failed" \
7711 -C "Ciphersuite is"
7717 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \
7718 -cert data_files/server5.ku-ka.crt" \
7721 -c "bad certificate (usage extensions)" \
7722 -c "Processing of the Certificate handshake message failed" \
7723 -C "Ciphersuite is"
7726 # server-side checking of client cert
7729 run_test "keyUsage cli-auth: RSA, DigitalSignature: OK" \
7731 "$O_CLI -key data_files/server2.key \
7732 -cert data_files/server2.ku-ds.crt" \
7734 -s "Verifying peer X.509 certificate... ok" \
7735 -S "bad certificate (usage extensions)" \
7736 -S "Processing of the Certificate handshake message failed"
7739 run_test "keyUsage cli-auth: RSA, KeyEncipherment: fail (soft)" \
7741 "$O_CLI -key data_files/server2.key \
7742 -cert data_files/server2.ku-ke.crt" \
7744 -s "bad certificate (usage extensions)" \
7745 -S "Processing of the Certificate handshake message failed"
7748 run_test "keyUsage cli-auth: RSA, KeyEncipherment: fail (hard)" \
7750 "$O_CLI -key data_files/server2.key \
7751 -cert data_files/server2.ku-ke.crt" \
7753 -s "bad certificate (usage extensions)" \
7754 -s "Processing of the Certificate handshake message failed"
7757 run_test "keyUsage cli-auth: ECDSA, DigitalSignature: OK" \
7759 "$O_CLI -key data_files/server5.key \
7760 -cert data_files/server5.ku-ds.crt" \
7762 -s "Verifying peer X.509 certificate... ok" \
7763 -S "bad certificate (usage extensions)" \
7764 -S "Processing of the Certificate handshake message failed"
7767 run_test "keyUsage cli-auth: ECDSA, KeyAgreement: fail (soft)" \
7769 "$O_CLI -key data_files/server5.key \
7770 -cert data_files/server5.ku-ka.crt" \
7772 -s "bad certificate (usage extensions)" \
7773 -S "Processing of the Certificate handshake message failed"
7778 run_test "keyUsage cli-auth 1.3: RSA, DigitalSignature: OK" \
7780 "$O_NEXT_CLI_NO_CERT -key data_files/server2.key \
7781 -cert data_files/server2.ku-ds.crt" \
7783 -s "Verifying peer X.509 certificate... ok" \
7784 -S "bad certificate (usage extensions)" \
7785 -S "Processing of the Certificate handshake message failed"
7790 run_test "keyUsage cli-auth 1.3: RSA, KeyEncipherment: fail (soft)" \
7792 "$O_NEXT_CLI_NO_CERT -key data_files/server2.key \
7793 -cert data_files/server2.ku-ke.crt" \
7795 -s "bad certificate (usage extensions)" \
7796 -S "Processing of the Certificate handshake message failed"
7801 run_test "keyUsage cli-auth 1.3: ECDSA, DigitalSignature: OK" \
7803 "$O_NEXT_CLI_NO_CERT -key data_files/server5.key \
7804 -cert data_files/server5.ku-ds.crt" \
7806 -s "Verifying peer X.509 certificate... ok" \
7807 -S "bad certificate (usage extensions)" \
7808 -S "Processing of the Certificate handshake message failed"
7813 run_test "keyUsage cli-auth 1.3: ECDSA, KeyAgreement: fail (soft)" \
7815 "$O_NEXT_CLI_NO_CERT -key data_files/server5.key \
7816 -cert data_files/server5.ku-ka.crt" \
7818 -s "bad certificate (usage extensions)" \
7819 -S "Processing of the Certificate handshake message failed"
7821 # Tests for extendedKeyUsage, part 1: server-side certificate/suite selection
7824 run_test "extKeyUsage srv: serverAuth -> OK" \
7826 crt_file=data_files/server5.eku-srv.crt" \
7831 run_test "extKeyUsage srv: serverAuth,clientAuth -> OK" \
7833 crt_file=data_files/server5.eku-srv.crt" \
7838 run_test "extKeyUsage srv: codeSign,anyEKU -> OK" \
7840 crt_file=data_files/server5.eku-cs_any.crt" \
7845 run_test "extKeyUsage srv: codeSign -> fail" \
7847 crt_file=data_files/server5.eku-cli.crt" \
7851 # Tests for extendedKeyUsage, part 2: client-side checking of server cert
7854 run_test "extKeyUsage cli: serverAuth -> OK" \
7855 "$O_SRV -tls1_2 -key data_files/server5.key \
7856 -cert data_files/server5.eku-srv.crt" \
7859 -C "bad certificate (usage extensions)" \
7860 -C "Processing of the Certificate handshake message failed" \
7861 -c "Ciphersuite is TLS-"
7864 run_test "extKeyUsage cli: serverAuth,clientAuth -> OK" \
7865 "$O_SRV -tls1_2 -key data_files/server5.key \
7866 -cert data_files/server5.eku-srv_cli.crt" \
7869 -C "bad certificate (usage extensions)" \
7870 -C "Processing of the Certificate handshake message failed" \
7871 -c "Ciphersuite is TLS-"
7874 run_test "extKeyUsage cli: codeSign,anyEKU -> OK" \
7875 "$O_SRV -tls1_2 -key data_files/server5.key \
7876 -cert data_files/server5.eku-cs_any.crt" \
7879 -C "bad certificate (usage extensions)" \
7880 -C "Processing of the Certificate handshake message failed" \
7881 -c "Ciphersuite is TLS-"
7884 run_test "extKeyUsage cli: codeSign -> fail" \
7885 "$O_SRV -tls1_2 -key data_files/server5.key \
7886 -cert data_files/server5.eku-cs.crt" \
7889 -c "bad certificate (usage extensions)" \
7890 -c "Processing of the Certificate handshake message failed" \
7891 -C "Ciphersuite is TLS-"
7896 run_test "extKeyUsage cli 1.3: serverAuth -> OK" \
7897 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \
7898 -cert data_files/server5.eku-srv.crt" \
7901 -C "bad certificate (usage extensions)" \
7902 -C "Processing of the Certificate handshake message failed" \
7903 -c "Ciphersuite is"
7908 run_test "extKeyUsage cli 1.3: serverAuth,clientAuth -> OK" \
7909 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \
7910 -cert data_files/server5.eku-srv_cli.crt" \
7913 -C "bad certificate (usage extensions)" \
7914 -C "Processing of the Certificate handshake message failed" \
7915 -c "Ciphersuite is"
7920 run_test "extKeyUsage cli 1.3: codeSign,anyEKU -> OK" \
7921 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \
7922 -cert data_files/server5.eku-cs_any.crt" \
7925 -C "bad certificate (usage extensions)" \
7926 -C "Processing of the Certificate handshake message failed" \
7927 -c "Ciphersuite is"
7932 run_test "extKeyUsage cli 1.3: codeSign -> fail" \
7933 "$O_NEXT_SRV_NO_CERT -tls1_3 -num_tickets=0 -key data_files/server5.key \
7934 -cert data_files/server5.eku-cs.crt" \
7937 -c "bad certificate (usage extensions)" \
7938 -c "Processing of the Certificate handshake message failed" \
7939 -C "Ciphersuite is"
7941 # Tests for extendedKeyUsage, part 3: server-side checking of client cert
7944 run_test "extKeyUsage cli-auth: clientAuth -> OK" \
7946 "$O_CLI -key data_files/server5.key \
7947 -cert data_files/server5.eku-cli.crt" \
7949 -S "bad certificate (usage extensions)" \
7950 -S "Processing of the Certificate handshake message failed"
7953 run_test "extKeyUsage cli-auth: serverAuth,clientAuth -> OK" \
7955 "$O_CLI -key data_files/server5.key \
7956 -cert data_files/server5.eku-srv_cli.crt" \
7958 -S "bad certificate (usage extensions)" \
7959 -S "Processing of the Certificate handshake message failed"
7962 run_test "extKeyUsage cli-auth: codeSign,anyEKU -> OK" \
7964 "$O_CLI -key data_files/server5.key \
7965 -cert data_files/server5.eku-cs_any.crt" \
7967 -S "bad certificate (usage extensions)" \
7968 -S "Processing of the Certificate handshake message failed"
7971 run_test "extKeyUsage cli-auth: codeSign -> fail (soft)" \
7973 "$O_CLI -key data_files/server5.key \
7974 -cert data_files/server5.eku-cs.crt" \
7976 -s "bad certificate (usage extensions)" \
7977 -S "Processing of the Certificate handshake message failed"
7980 run_test "extKeyUsage cli-auth: codeSign -> fail (hard)" \
7982 "$O_CLI -key data_files/server5.key \
7983 -cert data_files/server5.eku-cs.crt" \
7985 -s "bad certificate (usage extensions)" \
7986 -s "Processing of the Certificate handshake message failed"
7991 run_test "extKeyUsage cli-auth 1.3: clientAuth -> OK" \
7993 "$O_NEXT_CLI_NO_CERT -key data_files/server5.key \
7994 -cert data_files/server5.eku-cli.crt" \
7996 -S "bad certificate (usage extensions)" \
7997 -S "Processing of the Certificate handshake message failed"
8002 run_test "extKeyUsage cli-auth 1.3: serverAuth,clientAuth -> OK" \
8004 "$O_NEXT_CLI_NO_CERT -key data_files/server5.key \
8005 -cert data_files/server5.eku-srv_cli.crt" \
8007 -S "bad certificate (usage extensions)" \
8008 -S "Processing of the Certificate handshake message failed"
8013 run_test "extKeyUsage cli-auth 1.3: codeSign,anyEKU -> OK" \
8015 "$O_NEXT_CLI_NO_CERT -key data_files/server5.key \
8016 -cert data_files/server5.eku-cs_any.crt" \
8018 -S "bad certificate (usage extensions)" \
8019 -S "Processing of the Certificate handshake message failed"
8024 run_test "extKeyUsage cli-auth 1.3: codeSign -> fail (soft)" \
8026 "$O_NEXT_CLI_NO_CERT -key data_files/server5.key \
8027 -cert data_files/server5.eku-cs.crt" \
8029 -s "bad certificate (usage extensions)" \
8030 -S "Processing of the Certificate handshake message failed"
8036 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
8039 -c "value of 'DHM: P ' (2048 bits)" \
8040 -c "value of 'DHM: G ' (2 bits)"
8044 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
8047 -c "value of 'DHM: P ' (1024 bits)" \
8048 -c "value of 'DHM: G ' (2 bits)"
8050 # Tests for DHM client-side size checking
8054 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
8057 -C "DHM prime too short:"
8061 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
8064 -C "DHM prime too short:"
8068 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
8071 -C "DHM prime too short:"
8075 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
8078 -C "DHM prime too short:"
8082 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
8085 -C "DHM prime too short:"
8089 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
8092 -c "DHM prime too short:"
8096 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
8099 -c "DHM prime too short:"
8103 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
8106 -c "DHM prime too short:"
8110 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
8113 -c "DHM prime too short:"
8117 "$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
8120 -c "DHM prime too short:"
8126 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
8129 -S "SSL - The handshake negotiation failed" \
8130 -S "SSL - Unknown identity received" \
8131 -S "SSL - Verification of the message MAC failed"
8136 …_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
8139 -C "session hash for extended master secret"\
8140 -S "session hash for extended master secret"\
8141 -S "SSL - The handshake negotiation failed" \
8142 -S "SSL - Unknown identity received" \
8143 -S "SSL - Verification of the message MAC failed"
8146 run_test "PSK callback: opaque psk on client, no callback, SHA-384" \
8148 …I extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
8151 -C "session hash for extended master secret"\
8152 -S "session hash for extended master secret"\
8153 -S "SSL - The handshake negotiation failed" \
8154 -S "SSL - Unknown identity received" \
8155 -S "SSL - Verification of the message MAC failed"
8160 …_CLI extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
8163 -c "session hash for extended master secret"\
8164 -s "session hash for extended master secret"\
8165 -S "SSL - The handshake negotiation failed" \
8166 -S "SSL - Unknown identity received" \
8167 -S "SSL - Verification of the message MAC failed"
8170 run_test "PSK callback: opaque psk on client, no callback, SHA-384, EMS" \
8172 …I extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
8175 -c "session hash for extended master secret"\
8176 -s "session hash for extended master secret"\
8177 -S "SSL - The handshake negotiation failed" \
8178 -S "SSL - Unknown identity received" \
8179 -S "SSL - Verification of the message MAC failed"
8182 run_test "PSK callback: opaque rsa-psk on client, no callback" \
8184 …tended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256 \
8187 -C "session hash for extended master secret"\
8188 -S "session hash for extended master secret"\
8189 -S "SSL - The handshake negotiation failed" \
8190 -S "SSL - Unknown identity received" \
8191 -S "SSL - Verification of the message MAC failed"
8194 run_test "PSK callback: opaque rsa-psk on client, no callback, SHA-384" \
8196 …tended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
8199 -C "session hash for extended master secret"\
8200 -S "session hash for extended master secret"\
8201 -S "SSL - The handshake negotiation failed" \
8202 -S "SSL - Unknown identity received" \
8203 -S "SSL - Verification of the message MAC failed"
8206 run_test "PSK callback: opaque rsa-psk on client, no callback, EMS" \
8208 … extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
8211 -c "session hash for extended master secret"\
8212 -s "session hash for extended master secret"\
8213 -S "SSL - The handshake negotiation failed" \
8214 -S "SSL - Unknown identity received" \
8215 -S "SSL - Verification of the message MAC failed"
8218 run_test "PSK callback: opaque rsa-psk on client, no callback, SHA-384, EMS" \
8220 …tended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
8223 -c "session hash for extended master secret"\
8224 -s "session hash for extended master secret"\
8225 -S "SSL - The handshake negotiation failed" \
8226 -S "SSL - Unknown identity received" \
8227 -S "SSL - Verification of the message MAC failed"
8230 run_test "PSK callback: opaque ecdhe-psk on client, no callback" \
8232 …nded_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \
8235 -C "session hash for extended master secret"\
8236 -S "session hash for extended master secret"\
8237 -S "SSL - The handshake negotiation failed" \
8238 -S "SSL - Unknown identity received" \
8239 -S "SSL - Verification of the message MAC failed"
8242 run_test "PSK callback: opaque ecdhe-psk on client, no callback, SHA-384" \
8244 …nded_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
8247 -C "session hash for extended master secret"\
8248 -S "session hash for extended master secret"\
8249 -S "SSL - The handshake negotiation failed" \
8250 -S "SSL - Unknown identity received" \
8251 -S "SSL - Verification of the message MAC failed"
8254 run_test "PSK callback: opaque ecdhe-psk on client, no callback, EMS" \
8256 …xtended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \
8259 -c "session hash for extended master secret"\
8260 -s "session hash for extended master secret"\
8261 -S "SSL - The handshake negotiation failed" \
8262 -S "SSL - Unknown identity received" \
8263 -S "SSL - Verification of the message MAC failed"
8266 run_test "PSK callback: opaque ecdhe-psk on client, no callback, SHA-384, EMS" \
8268 …nded_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
8271 -c "session hash for extended master secret"\
8272 -s "session hash for extended master secret"\
8273 -S "SSL - The handshake negotiation failed" \
8274 -S "SSL - Unknown identity received" \
8275 -S "SSL - Verification of the message MAC failed"
8278 run_test "PSK callback: opaque dhe-psk on client, no callback" \
8280 …tended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA256 \
8283 -C "session hash for extended master secret"\
8284 -S "session hash for extended master secret"\
8285 -S "SSL - The handshake negotiation failed" \
8286 -S "SSL - Unknown identity received" \
8287 -S "SSL - Verification of the message MAC failed"
8290 run_test "PSK callback: opaque dhe-psk on client, no callback, SHA-384" \
8292 …tended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
8295 -C "session hash for extended master secret"\
8296 -S "session hash for extended master secret"\
8297 -S "SSL - The handshake negotiation failed" \
8298 -S "SSL - Unknown identity received" \
8299 -S "SSL - Verification of the message MAC failed"
8302 run_test "PSK callback: opaque dhe-psk on client, no callback, EMS" \
8304 … extended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
8307 -c "session hash for extended master secret"\
8308 -s "session hash for extended master secret"\
8309 -S "SSL - The handshake negotiation failed" \
8310 -S "SSL - Unknown identity received" \
8311 -S "SSL - Verification of the message MAC failed"
8314 run_test "PSK callback: opaque dhe-psk on client, no callback, SHA-384, EMS" \
8316 …tended_ms=1 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
8319 -c "session hash for extended master secret"\
8320 -s "session hash for extended master secret"\
8321 -S "SSL - The handshake negotiation failed" \
8322 -S "SSL - Unknown identity received" \
8323 -S "SSL - Verification of the message MAC failed"
8327 …3 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
8328 …_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
8331 -C "session hash for extended master secret"\
8332 -S "session hash for extended master secret"\
8333 -S "SSL - The handshake negotiation failed" \
8334 -S "SSL - Unknown identity received" \
8335 -S "SSL - Verification of the message MAC failed"
8338 run_test "PSK callback: raw psk on client, static opaque on server, no callback, SHA-384" \
8339 …sk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \
8340 …I extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
8343 -C "session hash for extended master secret"\
8344 -S "session hash for extended master secret"\
8345 -S "SSL - The handshake negotiation failed" \
8346 -S "SSL - Unknown identity received" \
8347 -S "SSL - Verification of the message MAC failed"
8352 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
8353 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
8356 -c "session hash for extended master secret"\
8357 -s "session hash for extended master secret"\
8358 -S "SSL - The handshake negotiation failed" \
8359 -S "SSL - Unknown identity received" \
8360 -S "SSL - Verification of the message MAC failed"
8365 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
8366 … "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
8369 -c "session hash for extended master secret"\
8370 -s "session hash for extended master secret"\
8371 -S "SSL - The handshake negotiation failed" \
8372 -S "SSL - Unknown identity received" \
8373 -S "SSL - Verification of the message MAC failed"
8376 run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback" \
8377 …k_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA" \
8378 … extended_ms=0 debug_level=5 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
8381 -C "session hash for extended master secret"\
8382 -S "session hash for extended master secret"\
8383 -S "SSL - The handshake negotiation failed" \
8384 -S "SSL - Unknown identity received" \
8385 -S "SSL - Verification of the message MAC failed"
8388 run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback, SHA-384" \
8389 …dentity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384" \
8390 …tended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
8393 -C "session hash for extended master secret"\
8394 -S "session hash for extended master secret"\
8395 -S "SSL - The handshake negotiation failed" \
8396 -S "SSL - Unknown identity received" \
8397 -S "SSL - Verification of the message MAC failed"
8400 run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback, EMS" \
8402 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
8403 … "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
8406 -c "session hash for extended master secret"\
8407 -s "session hash for extended master secret"\
8408 -S "SSL - The handshake negotiation failed" \
8409 -S "SSL - Unknown identity received" \
8410 -S "SSL - Verification of the message MAC failed"
8413 run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback, EMS, SHA384…
8415 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
8416 … "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
8419 -c "session hash for extended master secret"\
8420 -s "session hash for extended master secret"\
8421 -S "SSL - The handshake negotiation failed" \
8422 -S "SSL - Unknown identity received" \
8423 -S "SSL - Verification of the message MAC failed"
8426 run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback" \
8427 …identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA" \
8428 …xtended_ms=0 debug_level=5 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \
8431 -C "session hash for extended master secret"\
8432 -S "session hash for extended master secret"\
8433 -S "SSL - The handshake negotiation failed" \
8434 -S "SSL - Unknown identity received" \
8435 -S "SSL - Verification of the message MAC failed"
8438 run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback, SHA-384" \
8439 …ntity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384" \
8440 …nded_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
8443 -C "session hash for extended master secret"\
8444 -S "session hash for extended master secret"\
8445 -S "SSL - The handshake negotiation failed" \
8446 -S "SSL - Unknown identity received" \
8447 -S "SSL - Verification of the message MAC failed"
8450 run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback, EMS" \
8452 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
8453 … "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \
8456 -c "session hash for extended master secret"\
8457 -s "session hash for extended master secret"\
8458 -S "SSL - The handshake negotiation failed" \
8459 -S "SSL - Unknown identity received" \
8460 -S "SSL - Verification of the message MAC failed"
8463 run_test "PSK callback: raw ecdhe-psk on client, static opaque on server, no callback, EMS, SHA3…
8465 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
8466 … "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
8469 -c "session hash for extended master secret"\
8470 -s "session hash for extended master secret"\
8471 -S "SSL - The handshake negotiation failed" \
8472 -S "SSL - Unknown identity received" \
8473 -S "SSL - Verification of the message MAC failed"
8476 run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback" \
8477 …k_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA" \
8478 … extended_ms=0 debug_level=5 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
8481 -C "session hash for extended master secret"\
8482 -S "session hash for extended master secret"\
8483 -S "SSL - The handshake negotiation failed" \
8484 -S "SSL - Unknown identity received" \
8485 -S "SSL - Verification of the message MAC failed"
8488 run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback, SHA-384" \
8489 …dentity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384" \
8490 …tended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
8493 -C "session hash for extended master secret"\
8494 -S "session hash for extended master secret"\
8495 -S "SSL - The handshake negotiation failed" \
8496 -S "SSL - Unknown identity received" \
8497 -S "SSL - Verification of the message MAC failed"
8500 run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback, EMS" \
8502 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
8503 … "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
8506 -c "session hash for extended master secret"\
8507 -s "session hash for extended master secret"\
8508 -S "SSL - The handshake negotiation failed" \
8509 -S "SSL - Unknown identity received" \
8510 -S "SSL - Verification of the message MAC failed"
8513 run_test "PSK callback: raw dhe-psk on client, static opaque on server, no callback, EMS, SHA384…
8515 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
8516 … "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
8519 -c "session hash for extended master secret"\
8520 -s "session hash for extended master secret"\
8521 -S "SSL - The handshake negotiation failed" \
8522 -S "SSL - Unknown identity received" \
8523 -S "SSL - Verification of the message MAC failed"
8527 …dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
8528 …_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
8531 -C "session hash for extended master secret"\
8532 -S "session hash for extended master secret"\
8533 -S "SSL - The handshake negotiation failed" \
8534 -S "SSL - Unknown identity received" \
8535 -S "SSL - Verification of the message MAC failed"
8538 … "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback, SHA-384" \
8539 …d,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384" \
8540 …I extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
8543 -C "session hash for extended master secret"\
8544 -S "session hash for extended master secret"\
8545 -S "SSL - The handshake negotiation failed" \
8546 -S "SSL - Unknown identity received" \
8547 -S "SSL - Verification of the message MAC failed"
8552 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
8553 "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
8556 -c "session hash for extended master secret"\
8557 -s "session hash for extended master secret"\
8558 -S "SSL - The handshake negotiation failed" \
8559 -S "SSL - Unknown identity received" \
8560 -S "SSL - Verification of the message MAC failed"
8565 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
8566 … "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-256-CBC-SHA384 \
8569 -c "session hash for extended master secret"\
8570 -s "session hash for extended master secret"\
8571 -S "SSL - The handshake negotiation failed" \
8572 -S "SSL - Unknown identity received" \
8573 -S "SSL - Verification of the message MAC failed"
8576 run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from …
8577 …,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA" \
8578 … extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
8581 -C "session hash for extended master secret"\
8582 -S "session hash for extended master secret"\
8583 -S "SSL - The handshake negotiation failed" \
8584 -S "SSL - Unknown identity received" \
8585 -S "SSL - Verification of the message MAC failed"
8588 run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from …
8589 …f,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384" \
8590 …tended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
8593 -C "session hash for extended master secret"\
8594 -S "session hash for extended master secret"\
8595 -S "SSL - The handshake negotiation failed" \
8596 -S "SSL - Unknown identity received" \
8597 -S "SSL - Verification of the message MAC failed"
8600 run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from …
8602 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
8603 … "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
8606 -c "session hash for extended master secret"\
8607 -s "session hash for extended master secret"\
8608 -S "SSL - The handshake negotiation failed" \
8609 -S "SSL - Unknown identity received" \
8610 -S "SSL - Verification of the message MAC failed"
8613 run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from …
8615 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
8616 … "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
8619 -c "session hash for extended master secret"\
8620 -s "session hash for extended master secret"\
8621 -S "SSL - The handshake negotiation failed" \
8622 -S "SSL - Unknown identity received" \
8623 -S "SSL - Verification of the message MAC failed"
8626 run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK…
8627 …ef,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA" \
8628 …xtended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \
8631 -C "session hash for extended master secret"\
8632 -S "session hash for extended master secret"\
8633 -S "SSL - The handshake negotiation failed" \
8634 -S "SSL - Unknown identity received" \
8635 -S "SSL - Verification of the message MAC failed"
8638 …un_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK…
8639 …beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384" \
8640 …nded_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
8643 -C "session hash for extended master secret"\
8644 -S "session hash for extended master secret"\
8645 -S "SSL - The handshake negotiation failed" \
8646 -S "SSL - Unknown identity received" \
8647 -S "SSL - Verification of the message MAC failed"
8650 run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK…
8652 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
8653 … "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \
8656 -c "session hash for extended master secret"\
8657 -s "session hash for extended master secret"\
8658 -S "SSL - The handshake negotiation failed" \
8659 -S "SSL - Unknown identity received" \
8660 -S "SSL - Verification of the message MAC failed"
8663 run_test "PSK callback: raw ecdhe-psk on client, no static ECDHE-PSK on server, opaque ECDHE-PSK…
8665 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
8666 … "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \
8669 -c "session hash for extended master secret"\
8670 -s "session hash for extended master secret"\
8671 -S "SSL - The handshake negotiation failed" \
8672 -S "SSL - Unknown identity received" \
8673 -S "SSL - Verification of the message MAC failed"
8676 run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from …
8677 …,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA" \
8678 … extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
8681 -C "session hash for extended master secret"\
8682 -S "session hash for extended master secret"\
8683 -S "SSL - The handshake negotiation failed" \
8684 -S "SSL - Unknown identity received" \
8685 -S "SSL - Verification of the message MAC failed"
8688 run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from …
8689 …f,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384" \
8690 …tended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
8693 -C "session hash for extended master secret"\
8694 -S "session hash for extended master secret"\
8695 -S "SSL - The handshake negotiation failed" \
8696 -S "SSL - Unknown identity received" \
8697 -S "SSL - Verification of the message MAC failed"
8700 run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from …
8702 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
8703 … "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-128-CBC-SHA \
8706 -c "session hash for extended master secret"\
8707 -s "session hash for extended master secret"\
8708 -S "SSL - The handshake negotiation failed" \
8709 -S "SSL - Unknown identity received" \
8710 -S "SSL - Verification of the message MAC failed"
8713 run_test "PSK callback: raw dhe-psk on client, no static DHE-PSK on server, opaque DHE-PSK from …
8715 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
8716 … "$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \
8719 -c "session hash for extended master secret"\
8720 -s "session hash for extended master secret"\
8721 -S "SSL - The handshake negotiation failed" \
8722 -S "SSL - Unknown identity received" \
8723 -S "SSL - Verification of the message MAC failed"
8727 …dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
8728 …_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
8731 -C "session hash for extended master secret"\
8732 -S "session hash for extended master secret"\
8733 -S "SSL - The handshake negotiation failed" \
8734 -S "SSL - Unknown identity received" \
8735 -S "SSL - Verification of the message MAC failed"
8739 …dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
8740 …_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
8743 -C "session hash for extended master secret"\
8744 -S "session hash for extended master secret"\
8745 -S "SSL - The handshake negotiation failed" \
8746 -S "SSL - Unknown identity received" \
8747 -S "SSL - Verification of the message MAC failed"
8751 …el=3 psk_list=abc,dead,def,beef min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
8752 …_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
8755 -C "session hash for extended master secret"\
8756 -S "session hash for extended master secret"\
8757 -S "SSL - The handshake negotiation failed" \
8758 -S "SSL - Unknown identity received" \
8759 -S "SSL - Verification of the message MAC failed"
8762 run_test "PSK callback: raw psk on client, id-matching but wrong raw PSK on server, opaque PSK f…
8763 …el=3 psk_list=abc,dead,def,beef min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
8764 …_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
8767 -C "session hash for extended master secret"\
8768 -S "session hash for extended master secret"\
8769 -S "SSL - The handshake negotiation failed" \
8770 -S "SSL - Unknown identity received" \
8771 -S "SSL - Verification of the message MAC failed"
8775 …=3 psk_list=abc,dead,def,abc123 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA" \
8776 …_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
8779 -s "SSL - Verification of the message MAC failed"
8783 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
8786 -s "SSL - The handshake negotiation failed" \
8787 -S "SSL - Unknown identity received" \
8788 -S "SSL - Verification of the message MAC failed"
8792 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
8795 -S "SSL - The handshake negotiation failed" \
8796 -s "SSL - Unknown identity received" \
8797 -S "SSL - Verification of the message MAC failed"
8801 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
8804 -S "SSL - The handshake negotiation failed" \
8805 -S "SSL - Unknown identity received" \
8806 -S "SSL - Verification of the message MAC failed"
8810 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
8813 -S "SSL - The handshake negotiation failed" \
8814 -S "SSL - Unknown identity received" \
8815 -S "SSL - Verification of the message MAC failed"
8819 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
8822 -S "SSL - The handshake negotiation failed" \
8823 -s "SSL - Unknown identity received" \
8824 -S "SSL - Verification of the message MAC failed"
8828 "$P_CLI force_ciphersuite=TLS-PSK-WITH-AES-128-CBC-SHA \
8831 -S "SSL - The handshake negotiation failed" \
8832 -S "SSL - Unknown identity received" \
8833 -s "SSL - Verification of the message MAC failed"
8835 # Tests for EC J-PAKE
8843 -C "add ciphersuite: 0xc0ff" \
8844 -C "adding ecjpake_kkpp extension" \
8845 -S "found ecjpake kkpp extension" \
8846 -S "skip ecjpake kkpp extension" \
8847 -S "ciphersuite mismatch: ecjpake not configured" \
8848 -S "server hello, ecjpake kkpp extension" \
8849 -C "found ecjpake_kkpp extension" \
8850 -S "SSL - The handshake negotiation failed"
8856 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
8858 -c "add ciphersuite: c0ff" \
8859 -c "adding ecjpake_kkpp extension" \
8860 -s "found ecjpake kkpp extension" \
8861 -s "skip ecjpake kkpp extension" \
8862 -s "ciphersuite mismatch: ecjpake not configured" \
8863 -S "server hello, ecjpake kkpp extension" \
8864 -C "found ecjpake_kkpp extension" \
8865 -s "SSL - The handshake negotiation failed"
8873 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
8875 -c "add ciphersuite: c0ff" \
8876 -c "adding ecjpake_kkpp extension" \
8877 -C "re-using cached ecjpake parameters" \
8878 -s "found ecjpake kkpp extension" \
8879 -S "skip ecjpake kkpp extension" \
8880 -S "ciphersuite mismatch: ecjpake not configured" \
8881 -s "server hello, ecjpake kkpp extension" \
8882 -c "found ecjpake_kkpp extension" \
8883 -S "SSL - The handshake negotiation failed" \
8884 -S "SSL - Verification of the message MAC failed"
8891 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
8893 -c "add ciphersuite: c0ff" \
8894 -c "adding ecjpake_kkpp extension" \
8895 -c "using opaque password" \
8896 -s "using opaque password" \
8897 -C "re-using cached ecjpake parameters" \
8898 -s "found ecjpake kkpp extension" \
8899 -S "skip ecjpake kkpp extension" \
8900 -S "ciphersuite mismatch: ecjpake not configured" \
8901 -s "server hello, ecjpake kkpp extension" \
8902 -c "found ecjpake_kkpp extension" \
8903 -S "SSL - The handshake negotiation failed" \
8904 -S "SSL - Verification of the message MAC failed"
8913 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
8915 -c "add ciphersuite: c0ff" \
8916 -c "adding ecjpake_kkpp extension" \
8917 -c "using opaque password" \
8918 -S "using opaque password" \
8919 -C "re-using cached ecjpake parameters" \
8920 -s "found ecjpake kkpp extension" \
8921 -S "skip ecjpake kkpp extension" \
8922 -S "ciphersuite mismatch: ecjpake not configured" \
8923 -s "server hello, ecjpake kkpp extension" \
8924 -c "found ecjpake_kkpp extension" \
8925 -S "SSL - The handshake negotiation failed" \
8926 -S "SSL - Verification of the message MAC failed"
8935 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
8937 -c "add ciphersuite: c0ff" \
8938 -c "adding ecjpake_kkpp extension" \
8939 -C "using opaque password" \
8940 -s "using opaque password" \
8941 -C "re-using cached ecjpake parameters" \
8942 -s "found ecjpake kkpp extension" \
8943 -S "skip ecjpake kkpp extension" \
8944 -S "ciphersuite mismatch: ecjpake not configured" \
8945 -s "server hello, ecjpake kkpp extension" \
8946 -c "found ecjpake_kkpp extension" \
8947 -S "SSL - The handshake negotiation failed" \
8948 -S "SSL - Verification of the message MAC failed"
8955 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
8957 -C "re-using cached ecjpake parameters" \
8958 -s "SSL - Verification of the message MAC failed"
8966 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
8968 -c "using opaque password" \
8969 -s "using opaque password" \
8970 -C "re-using cached ecjpake parameters" \
8971 -s "SSL - Verification of the message MAC failed"
8977 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
8979 -c "re-using cached ecjpake parameters" \
8980 -S "SSL - Verification of the message MAC failed"
8986 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
8988 -C "re-using cached ecjpake parameters" \
8989 -S "SSL - Verification of the message MAC failed"
8996 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
8998 -c "re-using cached ecjpake parameters" \
8999 -s "SSL - Verification of the message MAC failed"
9001 # for tests with configs/config-thread.h
9006 force_ciphersuite=TLS-ECJPAKE-WITH-AES-128-CCM-8" \
9014 "$G_CLI --priority=NORMAL:%NO_EXTENSIONS:%DISABLE_SAFE_RENEGOTIATION localhost" \
9016 -s "dumping 'client hello extensions' (0 bytes)"
9020 # The server first reads buffer_size-1 bytes, then reads the remainder.
9026 -s "Read from client: 100 bytes read$"
9033 -s "Read from client: 101 bytes read (100 + 1)"
9041 -s "Read from client: 200 bytes read (100 + 100)"
9048 -s "Read from client: $MAX_CONTENT_LEN bytes read (100 + $((MAX_CONTENT_LEN - 100)))"
9055 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
9057 -s "Read from client: 1 bytes read"
9062 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
9064 -s "Read from client: 1 bytes read"
9069 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
9071 -s "Read from client: 1 bytes read"
9076 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
9078 -s "Read from client: 1 bytes read"
9083 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
9085 -s "Read from client: 1 bytes read"
9091 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \
9093 -s "Read from client: 1 bytes read"
9099 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \
9101 -s "Read from client: 1 bytes read"
9109 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
9111 -s "Read from client: 1 bytes read"
9117 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
9119 -s "Read from client: 1 bytes read"
9125 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
9127 -c "Read from server: 1 bytes read"
9131 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA etm=0" \
9133 -c "Read from server: 1 bytes read"
9137 "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
9139 -c "Read from server: 1 bytes read"
9143 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
9145 -c "Read from server: 1 bytes read"
9149 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
9151 -c "Read from server: 1 bytes read"
9156 "$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \
9158 -c "Read from server: 1 bytes read"
9163 "$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \
9165 -c "Read from server: 1 bytes read"
9173 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
9175 -c "Read from server: 1 bytes read"
9181 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
9183 -c "Read from server: 1 bytes read"
9189 echo "$(( ( $1 + $MAX_OUT_LEN - 1 ) / $MAX_OUT_LEN ))"
9195 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
9197 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
9198 -s "Read from client: $MAX_CONTENT_LEN bytes read"
9203 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
9205 -s "Read from client: $MAX_CONTENT_LEN bytes read"
9210 force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
9212 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
9213 -s "Read from client: $MAX_CONTENT_LEN bytes read"
9218 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
9220 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
9221 -s "Read from client: $MAX_CONTENT_LEN bytes read"
9226 force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
9228 -c "16384 bytes written in $(fragments_for_write 16384) fragments" \
9229 -s "Read from client: $MAX_CONTENT_LEN bytes read"
9235 force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \
9237 -c "16383 bytes written in $(fragments_for_write 16383) fragments" \
9238 -s "Read from client: 16383 bytes read"
9244 force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \
9246 -c "16383 bytes written in $(fragments_for_write 16383) fragments" \
9247 -s "Read from client: 16383 bytes read"
9249 # The tests below fail when the server's OUT_CONTENT_LEN is less than 16384.
9252 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
9254 -c "Read from server: 16384 bytes read"
9258 "$P_CLI etm=0 force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
9260 -s "16384 bytes written in 1 fragments" \
9261 -c "Read from server: 16384 bytes read"
9265 "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384" \
9267 -c "Read from server: 16384 bytes read"
9271 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA trunc_hmac=1 etm=0" \
9273 -s "16384 bytes written in 1 fragments" \
9274 -c "Read from server: 16384 bytes read"
9278 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM" \
9280 -c "Read from server: 16384 bytes read"
9284 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-256-CCM-8" \
9286 -c "Read from server: 16384 bytes read"
9291 "$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-SHA256" \
9293 -c "Read from server: 16383 bytes read"
9298 "$P_CLI force_ciphersuite=TLS1-3-AES-128-CCM-8-SHA256" \
9300 -c "Read from server: 16383 bytes read"
9310 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
9314 -C "x509_verify_cert.*4b00" \
9315 -C "mbedtls_pk_verify.*4b00" \
9316 -C "mbedtls_ecdh_make_public.*4b00" \
9317 -C "mbedtls_pk_sign.*4b00"
9323 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
9327 -C "x509_verify_cert.*4b00" \
9328 -C "mbedtls_pk_verify.*4b00" \
9329 -C "mbedtls_ecdh_make_public.*4b00" \
9330 -C "mbedtls_pk_sign.*4b00"
9336 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
9340 -C "x509_verify_cert.*4b00" \
9341 -C "mbedtls_pk_verify.*4b00" \
9342 -C "mbedtls_ecdh_make_public.*4b00" \
9343 -C "mbedtls_pk_sign.*4b00"
9351 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
9355 -c "x509_verify_cert.*4b00" \
9356 -c "mbedtls_pk_verify.*4b00" \
9357 -c "mbedtls_ecdh_make_public.*4b00" \
9358 -c "mbedtls_pk_sign.*4b00"
9367 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
9371 -c "x509_verify_cert.*4b00" \
9372 -c "mbedtls_pk_verify.*4b00" \
9373 -C "mbedtls_ecdh_make_public.*4b00" \
9374 -c "mbedtls_pk_sign.*4b00"
9382 crt_file=data_files/server5-badsign.crt \
9384 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
9388 -c "x509_verify_cert.*4b00" \
9389 -C "mbedtls_pk_verify.*4b00" \
9390 -C "mbedtls_ecdh_make_public.*4b00" \
9391 -C "mbedtls_pk_sign.*4b00" \
9392 -c "! The certificate is not correctly signed by the trusted CA" \
9393 -c "! mbedtls_ssl_handshake returned" \
9394 -c "X509 - Certificate verification failed"
9402 crt_file=data_files/server5-badsign.crt \
9404 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
9408 -c "x509_verify_cert.*4b00" \
9409 -c "mbedtls_pk_verify.*4b00" \
9410 -c "mbedtls_ecdh_make_public.*4b00" \
9411 -c "mbedtls_pk_sign.*4b00" \
9412 -c "! The certificate is not correctly signed by the trusted CA" \
9413 -C "! mbedtls_ssl_handshake returned" \
9414 -C "X509 - Certificate verification failed"
9423 crt_file=data_files/server5-badsign.crt \
9425 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
9429 -c "x509_verify_cert.*4b00" \
9430 -c "mbedtls_pk_verify.*4b00" \
9431 -C "mbedtls_ecdh_make_public.*4b00" \
9432 -c "mbedtls_pk_sign.*4b00" \
9433 -c "! The certificate is not correctly signed by the trusted CA" \
9434 -C "! mbedtls_ssl_handshake returned" \
9435 -C "X509 - Certificate verification failed"
9443 crt_file=data_files/server5-badsign.crt \
9445 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
9449 -C "x509_verify_cert.*4b00" \
9450 -c "mbedtls_pk_verify.*4b00" \
9451 -c "mbedtls_ecdh_make_public.*4b00" \
9452 -c "mbedtls_pk_sign.*4b00" \
9453 -C "! The certificate is not correctly signed by the trusted CA" \
9454 -C "! mbedtls_ssl_handshake returned" \
9455 -C "X509 - Certificate verification failed"
9464 crt_file=data_files/server5-badsign.crt \
9466 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
9470 -C "x509_verify_cert.*4b00" \
9471 -c "mbedtls_pk_verify.*4b00" \
9472 -C "mbedtls_ecdh_make_public.*4b00" \
9473 -c "mbedtls_pk_sign.*4b00" \
9474 -C "! The certificate is not correctly signed by the trusted CA" \
9475 -C "! mbedtls_ssl_handshake returned" \
9476 -C "X509 - Certificate verification failed"
9484 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
9488 -c "x509_verify_cert.*4b00" \
9489 -c "mbedtls_pk_verify.*4b00" \
9490 -c "mbedtls_ecdh_make_public.*4b00" \
9491 -c "mbedtls_pk_sign.*4b00"
9500 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
9504 -c "x509_verify_cert.*4b00" \
9505 -c "mbedtls_pk_verify.*4b00" \
9506 -C "mbedtls_ecdh_make_public.*4b00" \
9507 -c "mbedtls_pk_sign.*4b00"
9515 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
9518 -c "x509_verify_cert.*4b00" \
9519 -c "mbedtls_pk_verify.*4b00" \
9520 -c "mbedtls_ecdh_make_public.*4b00" \
9521 -C "mbedtls_pk_sign.*4b00"
9531 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
9534 -c "x509_verify_cert.*4b00" \
9535 -c "mbedtls_pk_verify.*4b00" \
9536 -C "mbedtls_ecdh_make_public.*4b00" \
9537 -C "mbedtls_pk_sign.*4b00"
9539 # Restartable is only for ECDHE-ECDSA, with another ciphersuite we expect no
9541 # This is the same as "EC restart: TLS, max_ops=1000" except with ECDHE-RSA,
9545 run_test "EC restart: TLS, max_ops=1000, ECDHE-RSA" \
9547 "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 \
9551 -C "x509_verify_cert.*4b00" \
9552 -C "mbedtls_pk_verify.*4b00" \
9553 -C "mbedtls_ecdh_make_public.*4b00" \
9554 -C "mbedtls_pk_sign.*4b00"
9561 async_operations=s async_private_delay1=0 async_private_delay2=0" \
9564 -s "Async sign callback: using key slot " \
9565 -s "Async resume (slot [0-9]): sign done, status=0"
9570 async_operations=s async_private_delay1=1 async_private_delay2=1" \
9573 -s "Async sign callback: using key slot " \
9574 -s "Async resume (slot [0-9]): call 0 more times." \
9575 -s "Async resume (slot [0-9]): sign done, status=0"
9580 async_operations=s async_private_delay1=2 async_private_delay2=2" \
9583 -s "Async sign callback: using key slot " \
9584 -U "Async sign callback: using key slot " \
9585 -s "Async resume (slot [0-9]): call 1 more times." \
9586 -s "Async resume (slot [0-9]): call 0 more times." \
9587 -s "Async resume (slot [0-9]): sign done, status=0"
9593 async_operations=s async_private_delay1=0 async_private_delay2=0 \
9595 …server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_file…
9598 -s "Async sign callback: using key slot " \
9599 -s "Async resume (slot [0-9]): sign done, status=0" \
9600 -s "parse ServerName extension" \
9601 -c "issuer name *: C=NL, O=PolarSSL, CN=PolarSSL Test CA" \
9602 -c "subject name *: C=NL, O=PolarSSL, CN=polarssl.example"
9608 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
9610 -s "Async decrypt callback: using key slot " \
9611 -s "Async resume (slot [0-9]): decrypt done, status=0"
9617 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
9619 -s "Async decrypt callback: using key slot " \
9620 -s "Async resume (slot [0-9]): call 0 more times." \
9621 -s "Async resume (slot [0-9]): decrypt done, status=0"
9624 run_test "SSL async private: decrypt RSA-PSK, delay=0" \
9628 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256" \
9630 -s "Async decrypt callback: using key slot " \
9631 -s "Async resume (slot [0-9]): decrypt done, status=0"
9634 run_test "SSL async private: decrypt RSA-PSK, delay=1" \
9638 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA256" \
9640 -s "Async decrypt callback: using key slot " \
9641 -s "Async resume (slot [0-9]): call 0 more times." \
9642 -s "Async resume (slot [0-9]): decrypt done, status=0"
9648 "$P_CLI force_version=tls12; [ \$? -eq 1 ] &&
9649 $P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
9651 -S "Async sign callback" \
9652 -s "! mbedtls_ssl_handshake returned" \
9653 -s "The own private key or pre-shared key is not set, but needed" \
9654 -s "Async resume (slot [0-9]): decrypt done, status=0" \
9655 -s "Successful connection"
9660 async_operations=s async_private_delay1=1 async_private_delay2=1" \
9661 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA;
9662 [ \$? -eq 1 ] && $P_CLI force_version=tls12" \
9664 -S "Async decrypt callback" \
9665 -s "! mbedtls_ssl_handshake returned" \
9666 -s "got no RSA private key" \
9667 -s "Async resume (slot [0-9]): sign done, status=0" \
9668 -s "Successful connection"
9674 async_operations=s async_private_delay1=1 \
9677 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
9679 -s "Async sign callback: using key slot 0," \
9680 -s "Async resume (slot 0): call 0 more times." \
9681 -s "Async resume (slot 0): sign done, status=0"
9687 async_operations=s async_private_delay2=1 \
9690 "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \
9692 -s "Async sign callback: using key slot 0," \
9693 -s "Async resume (slot 0): call 0 more times." \
9694 -s "Async resume (slot 0): sign done, status=0"
9700 async_operations=s async_private_delay1=1 async_private_delay2=1 \
9703 "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \
9705 -s "Async sign callback: using key slot 1," \
9706 -s "Async resume (slot 1): call 0 more times." \
9707 -s "Async resume (slot 1): sign done, status=0"
9713 async_operations=s async_private_delay1=1 \
9716 "$P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \
9718 -s "Async sign callback: no key matches this certificate."
9723 async_operations=s async_private_delay1=1 async_private_delay2=1 \
9727 -s "Async sign callback: injected error" \
9728 -S "Async resume" \
9729 -S "Async cancel" \
9730 -s "! mbedtls_ssl_handshake returned"
9735 async_operations=s async_private_delay1=1 async_private_delay2=1 \
9739 -s "Async sign callback: using key slot " \
9740 -S "Async resume" \
9741 -s "Async cancel"
9746 async_operations=s async_private_delay1=1 async_private_delay2=1 \
9750 -s "Async sign callback: using key slot " \
9751 -s "Async resume callback: sign done but injected error" \
9752 -S "Async cancel" \
9753 -s "! mbedtls_ssl_handshake returned"
9760 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
9762 -s "Async decrypt callback: injected error" \
9763 -S "Async resume" \
9764 -S "Async cancel" \
9765 -s "! mbedtls_ssl_handshake returned"
9772 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
9774 -s "Async decrypt callback: using key slot " \
9775 -S "Async resume" \
9776 -s "Async cancel"
9783 "$P_CLI force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
9785 -s "Async decrypt callback: using key slot " \
9786 -s "Async resume callback: decrypt done but injected error" \
9787 -S "Async cancel" \
9788 -s "! mbedtls_ssl_handshake returned"
9793 async_operations=s async_private_delay1=1 async_private_delay2=1 \
9794 async_private_error=-2" \
9795 "$P_CLI; [ \$? -eq 1 ] && $P_CLI" \
9797 -s "Async cancel" \
9798 -s "! mbedtls_ssl_handshake returned" \
9799 -s "Async resume" \
9800 -s "Successful connection"
9805 async_operations=s async_private_delay1=1 async_private_delay2=1 \
9806 async_private_error=-3" \
9807 "$P_CLI; [ \$? -eq 1 ] && $P_CLI" \
9809 -s "! mbedtls_ssl_handshake returned" \
9810 -s "Async resume" \
9811 -s "Successful connection"
9821 async_operations=s async_private_delay1=1 async_private_error=-2 \
9824 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256;
9825 [ \$? -eq 1 ] &&
9826 $P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \
9828 -s "Async sign callback: using key slot 0" \
9829 -S "Async resume" \
9830 -s "Async cancel" \
9831 -s "! mbedtls_ssl_handshake returned" \
9832 -s "Async sign callback: no key matches this certificate." \
9833 -s "Successful connection"
9843 async_operations=s async_private_delay1=1 async_private_error=-3 \
9846 "$P_CLI force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256;
9847 [ \$? -eq 1 ] &&
9848 $P_CLI force_ciphersuite=TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256" \
9850 -s "Async resume" \
9851 -s "! mbedtls_ssl_handshake returned" \
9852 -s "Async sign callback: no key matches this certificate." \
9853 -s "Successful connection"
9857 run_test "SSL async private: renegotiation: client-initiated, sign" \
9859 async_operations=s async_private_delay1=1 async_private_delay2=1 \
9863 -s "Async sign callback: using key slot " \
9864 -s "Async resume (slot [0-9]): sign done, status=0"
9868 run_test "SSL async private: renegotiation: server-initiated, sign" \
9870 async_operations=s async_private_delay1=1 async_private_delay2=1 \
9874 -s "Async sign callback: using key slot " \
9875 -s "Async resume (slot [0-9]): sign done, status=0"
9879 run_test "SSL async private: renegotiation: client-initiated, decrypt" \
9884 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
9886 -s "Async decrypt callback: using key slot " \
9887 -s "Async resume (slot [0-9]): decrypt done, status=0"
9891 run_test "SSL async private: renegotiation: server-initiated, decrypt" \
9896 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
9898 -s "Async decrypt callback: using key slot " \
9899 -s "Async resume (slot [0-9]): decrypt done, status=0"
9907 "$P_CLI debug_level=3 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \
9909 -C "client hello, adding supported_groups extension" \
9910 -C "client hello, adding supported_point_formats extension" \
9911 -S "found supported elliptic curves extension" \
9912 -S "found supported point formats extension"
9917 "$P_SRV debug_level=3 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA256" \
9920 -C "found supported_point_formats extension" \
9921 -S "server hello, supported_point_formats extension"
9926 "$P_CLI debug_level=3 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
9928 -c "client hello, adding supported_groups extension" \
9929 -c "client hello, adding supported_point_formats extension" \
9930 -s "found supported elliptic curves extension" \
9931 -s "found supported point formats extension"
9935 "$P_SRV debug_level=3 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256" \
9938 -c "found supported_point_formats extension" \
9939 -s "server hello, supported_point_formats extension"
9948 -s "cookie verification failed" \
9949 -s "cookie verification passed" \
9950 -S "cookie verification skipped" \
9951 -c "received hello verify request" \
9952 -s "hello verification requested" \
9953 -S "SSL - The requested feature is not available"
9960 -S "cookie verification failed" \
9961 -S "cookie verification passed" \
9962 -s "cookie verification skipped" \
9963 -C "received hello verify request" \
9964 -S "hello verification requested" \
9965 -S "SSL - The requested feature is not available"
9969 "$P_SRV dtls=1 debug_level=2 cookies=-1" \
9970 "$P_CLI dtls=1 debug_level=2 hs_timeout=100-400" \
9972 -s "cookie verification failed" \
9973 -S "cookie verification passed" \
9974 -S "cookie verification skipped" \
9975 -C "received hello verify request" \
9976 -S "hello verification requested" \
9977 -s "SSL - The requested feature is not available"
9985 -s "cookie verification failed" \
9986 -s "cookie verification passed" \
9987 -S "cookie verification skipped" \
9988 -c "received hello verify request" \
9989 -s "hello verification requested" \
9990 -S "SSL - The requested feature is not available"
9997 -s "cookie verification failed" \
9998 -s "cookie verification passed" \
9999 -S "cookie verification skipped" \
10000 -c "received hello verify request" \
10001 -s "hello verification requested" \
10002 -S "SSL - The requested feature is not available"
10009 "$P_SRV dtls=1 exchanges=2 read_timeout=20000 hs_timeout=10000-20000" \
10010 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=10000-20000" \
10012 -C "resend" \
10013 -S "The operation timed out" \
10014 -S "Client initiated reconnection from same port"
10019 "$P_SRV dtls=1 exchanges=2 read_timeout=20000 hs_timeout=10000-20000" \
10020 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=10000-20000 reconnect_hard=1" \
10022 -C "resend" \
10023 -S "The operation timed out" \
10024 -s "Client initiated reconnection from same port"
10030 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-1000 reconnect_hard=1" \
10032 -S "The operation timed out" \
10033 -s "Client initiated reconnection from same port"
10038 "$P_SRV dtls=1 exchanges=2 read_timeout=2000 nbio=2 hs_timeout=1500-6000" \
10039 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=1500-3000 reconnect_hard=1" \
10041 -S "The operation timed out" \
10042 -s "Client initiated reconnection from same port"
10047 "$P_CLI dtls=1 exchanges=2 debug_level=2 hs_timeout=500-8000 reconnect_hard=1" \
10049 -s "The operation timed out" \
10050 -S "Client initiated reconnection from same port"
10053 run_test "DTLS client reconnect from same port: attacker-injected" \
10054 -p "$P_PXY inject_clihlo=1" \
10058 -s "possible client reconnect from the same port" \
10059 -S "Client initiated reconnection from same port"
10069 -s "Verifying peer X.509 certificate... ok"
10076 -s "! Certificate was missing"
10083 -c "skip write certificate$" \
10084 -s "! Certificate verification was skipped"
10087 "$P_SRV dtls=1 psk=abc123 force_ciphersuite=TLS-PSK-WITH-AES-128-GCM-SHA256" \
10090 -s "SSL - Verification of the message MAC failed" \
10091 -c "SSL - A fatal alert message was received from our peer"
10098 "$G_SRV -u --mtu 2048 -a" \
10101 -C "found fragmented DTLS handshake message" \
10102 -C "error"
10107 "$G_SRV -u --mtu 512" \
10110 -c "found fragmented DTLS handshake message" \
10111 -C "error"
10116 "$G_SRV -u --mtu 128" \
10119 -c "found fragmented DTLS handshake message" \
10120 -C "error"
10125 "$G_SRV -u --mtu 128" \
10128 -c "found fragmented DTLS handshake message" \
10129 -C "error"
10135 "$G_SRV -u --mtu 256" \
10138 -c "found fragmented DTLS handshake message" \
10139 -c "client hello, adding renegotiation extension" \
10140 -c "found renegotiation extension" \
10141 -c "=> renegotiate" \
10142 -C "mbedtls_ssl_handshake returned" \
10143 -C "error" \
10144 -s "Extra-header:"
10150 "$G_SRV -u --mtu 256" \
10153 -c "found fragmented DTLS handshake message" \
10154 -c "client hello, adding renegotiation extension" \
10155 -c "found renegotiation extension" \
10156 -c "=> renegotiate" \
10157 -C "mbedtls_ssl_handshake returned" \
10158 -C "error" \
10159 -s "Extra-header:"
10163 "$O_SRV -dtls -mtu 2048" \
10166 -C "found fragmented DTLS handshake message" \
10167 -C "error"
10171 "$O_SRV -dtls -mtu 256" \
10174 -c "found fragmented DTLS handshake message" \
10175 -C "error"
10179 "$O_SRV -dtls -mtu 256" \
10182 -c "found fragmented DTLS handshake message" \
10183 -C "error"
10187 "$O_SRV -dtls -mtu 256" \
10190 -c "found fragmented DTLS handshake message" \
10191 -C "error"
10199 # - 2037B for server certificate
10200 # - 1542B for client certificate
10201 # - 1013B for newsessionticket
10202 # - all others below 512B
10212 crt_file=data_files/server7_int-ca.crt \
10214 hs_timeout=2500-60000 \
10217 crt_file=data_files/server8_int-ca2.crt \
10219 hs_timeout=2500-60000 \
10222 -S "found fragmented DTLS handshake message" \
10223 -C "found fragmented DTLS handshake message" \
10224 -C "error"
10233 crt_file=data_files/server7_int-ca.crt \
10235 hs_timeout=2500-60000 \
10238 crt_file=data_files/server8_int-ca2.crt \
10240 hs_timeout=2500-60000 \
10243 -S "found fragmented DTLS handshake message" \
10244 -c "found fragmented DTLS handshake message" \
10245 -C "error"
10250 # `client-initiated, server only (max_frag_len)` below.
10258 crt_file=data_files/server7_int-ca.crt \
10260 hs_timeout=2500-60000 \
10263 crt_file=data_files/server8_int-ca2.crt \
10265 hs_timeout=2500-60000 \
10268 -S "found fragmented DTLS handshake message" \
10269 -c "found fragmented DTLS handshake message" \
10270 -C "error"
10277 run_test "DTLS fragmenting: client-initiated, server only (max_frag_len)" \
10279 crt_file=data_files/server7_int-ca.crt \
10281 hs_timeout=2500-60000 \
10284 crt_file=data_files/server8_int-ca2.crt \
10286 hs_timeout=2500-60000 \
10289 -S "found fragmented DTLS handshake message" \
10290 -c "found fragmented DTLS handshake message" \
10291 -C "error"
10305 run_test "DTLS fragmenting: client-initiated, server only (max_frag_len), proxy MTU" \
10306 -p "$P_PXY mtu=1110" \
10308 crt_file=data_files/server7_int-ca.crt \
10310 hs_timeout=2500-60000 \
10313 crt_file=data_files/server8_int-ca2.crt \
10315 hs_timeout=2500-60000 \
10318 -S "found fragmented DTLS handshake message" \
10319 -c "found fragmented DTLS handshake message" \
10320 -C "error"
10327 run_test "DTLS fragmenting: client-initiated, both (max_frag_len)" \
10329 crt_file=data_files/server7_int-ca.crt \
10331 hs_timeout=2500-60000 \
10334 crt_file=data_files/server8_int-ca2.crt \
10336 hs_timeout=2500-60000 \
10339 -s "found fragmented DTLS handshake message" \
10340 -c "found fragmented DTLS handshake message" \
10341 -C "error"
10355 run_test "DTLS fragmenting: client-initiated, both (max_frag_len), proxy MTU" \
10356 -p "$P_PXY mtu=1110" \
10358 crt_file=data_files/server7_int-ca.crt \
10360 hs_timeout=2500-60000 \
10363 crt_file=data_files/server8_int-ca2.crt \
10365 hs_timeout=2500-60000 \
10368 -s "found fragmented DTLS handshake message" \
10369 -c "found fragmented DTLS handshake message" \
10370 -C "error"
10378 crt_file=data_files/server7_int-ca.crt \
10380 hs_timeout=2500-60000 \
10383 crt_file=data_files/server8_int-ca2.crt \
10385 hs_timeout=2500-60000 \
10388 -S "found fragmented DTLS handshake message" \
10389 -C "found fragmented DTLS handshake message" \
10390 -C "error"
10398 crt_file=data_files/server7_int-ca.crt \
10400 hs_timeout=3500-60000 \
10403 crt_file=data_files/server8_int-ca2.crt \
10405 hs_timeout=3500-60000 \
10408 -s "found fragmented DTLS handshake message" \
10409 -C "found fragmented DTLS handshake message" \
10410 -C "error"
10418 crt_file=data_files/server7_int-ca.crt \
10420 hs_timeout=2500-60000 \
10423 crt_file=data_files/server8_int-ca2.crt \
10425 hs_timeout=2500-60000 \
10428 -S "found fragmented DTLS handshake message" \
10429 -c "found fragmented DTLS handshake message" \
10430 -C "error"
10437 -p "$P_PXY mtu=1024" \
10439 crt_file=data_files/server7_int-ca.crt \
10441 hs_timeout=2500-60000 \
10444 crt_file=data_files/server8_int-ca2.crt \
10446 hs_timeout=2500-60000 \
10449 -s "found fragmented DTLS handshake message" \
10450 -c "found fragmented DTLS handshake message" \
10451 -C "error"
10459 -p "$P_PXY mtu=512" \
10461 crt_file=data_files/server7_int-ca.crt \
10463 hs_timeout=2500-60000 \
10466 crt_file=data_files/server8_int-ca2.crt \
10468 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
10469 hs_timeout=2500-60000 \
10472 -s "found fragmented DTLS handshake message" \
10473 -c "found fragmented DTLS handshake message" \
10474 -C "error"
10480 # fragmentation and auto-reduction) an extra retransmission might occur,
10486 run_test "DTLS fragmenting: proxy MTU: auto-reduction (not valgrind)" \
10487 -p "$P_PXY mtu=508" \
10489 crt_file=data_files/server7_int-ca.crt \
10491 hs_timeout=400-3200" \
10493 crt_file=data_files/server8_int-ca2.crt \
10495 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
10496 hs_timeout=400-3200" \
10498 -s "found fragmented DTLS handshake message" \
10499 -c "found fragmented DTLS handshake message" \
10500 -C "error"
10507 run_test "DTLS fragmenting: proxy MTU: auto-reduction (with valgrind)" \
10508 -p "$P_PXY mtu=508" \
10510 crt_file=data_files/server7_int-ca.crt \
10512 hs_timeout=250-10000" \
10514 crt_file=data_files/server8_int-ca2.crt \
10516 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
10517 hs_timeout=250-10000" \
10519 -s "found fragmented DTLS handshake message" \
10520 -c "found fragmented DTLS handshake message" \
10521 -C "error"
10525 # a HelloVerifyRequest, so only check for no retransmission server-side
10532 -p "$P_PXY mtu=1024" \
10534 crt_file=data_files/server7_int-ca.crt \
10536 hs_timeout=10000-60000 \
10539 crt_file=data_files/server8_int-ca2.crt \
10541 hs_timeout=10000-60000 \
10544 -S "autoreduction" \
10545 -s "found fragmented DTLS handshake message" \
10546 -c "found fragmented DTLS handshake message" \
10547 -C "error"
10552 # a HelloVerifyRequest, so only check for no retransmission server-side
10558 -p "$P_PXY mtu=512" \
10560 crt_file=data_files/server7_int-ca.crt \
10562 hs_timeout=10000-60000 \
10565 crt_file=data_files/server8_int-ca2.crt \
10567 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
10568 hs_timeout=10000-60000 \
10571 -S "autoreduction" \
10572 -s "found fragmented DTLS handshake message" \
10573 -c "found fragmented DTLS handshake message" \
10574 -C "error"
10582 -p "$P_PXY mtu=1024" \
10584 crt_file=data_files/server7_int-ca.crt \
10586 hs_timeout=10000-60000 \
10589 crt_file=data_files/server8_int-ca2.crt \
10591 hs_timeout=10000-60000 \
10594 -S "autoreduction" \
10595 -s "found fragmented DTLS handshake message" \
10596 -c "found fragmented DTLS handshake message" \
10597 -C "error"
10605 -p "$P_PXY mtu=512" \
10607 crt_file=data_files/server7_int-ca.crt \
10609 hs_timeout=10000-60000 \
10612 crt_file=data_files/server8_int-ca2.crt \
10614 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
10615 hs_timeout=10000-60000 \
10618 -S "autoreduction" \
10619 -s "found fragmented DTLS handshake message" \
10620 -c "found fragmented DTLS handshake message" \
10621 -C "error"
10628 # but still smaller than client's Certificate to ensure fragmentation).
10629 # An autoreduction on the client-side might happen if the server is
10630 # slow to reset, therefore omitting '-C "autoreduction"' below.
10638 -p "$P_PXY mtu=1450" \
10640 crt_file=data_files/server7_int-ca.crt \
10642 hs_timeout=10000-60000 \
10645 crt_file=data_files/server8_int-ca2.crt \
10647 hs_timeout=10000-60000 \
10648 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
10651 -S "autoreduction" \
10652 -s "found fragmented DTLS handshake message" \
10653 -c "found fragmented DTLS handshake message" \
10654 -C "error"
10656 # An autoreduction on the client-side might happen if the server is
10657 # slow to reset, therefore omitting '-C "autoreduction"' below.
10665 -p "$P_PXY mtu=512" \
10667 crt_file=data_files/server7_int-ca.crt \
10670 hs_timeout=10000-60000 \
10673 crt_file=data_files/server8_int-ca2.crt \
10676 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256 \
10677 hs_timeout=10000-60000 \
10680 -S "autoreduction" \
10681 -s "found fragmented DTLS handshake message" \
10682 -c "found fragmented DTLS handshake message" \
10683 -C "error"
10685 # An autoreduction on the client-side might happen if the server is
10686 # slow to reset, therefore omitting '-C "autoreduction"' below.
10693 run_test "DTLS fragmenting: proxy MTU, AES-GCM renego" \
10694 -p "$P_PXY mtu=512" \
10696 crt_file=data_files/server7_int-ca.crt \
10699 hs_timeout=10000-60000 \
10702 crt_file=data_files/server8_int-ca2.crt \
10705 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
10706 hs_timeout=10000-60000 \
10709 -S "autoreduction" \
10710 -s "found fragmented DTLS handshake message" \
10711 -c "found fragmented DTLS handshake message" \
10712 -C "error"
10714 # An autoreduction on the client-side might happen if the server is
10715 # slow to reset, therefore omitting '-C "autoreduction"' below.
10722 run_test "DTLS fragmenting: proxy MTU, AES-CCM renego" \
10723 -p "$P_PXY mtu=1024" \
10725 crt_file=data_files/server7_int-ca.crt \
10728 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 \
10729 hs_timeout=10000-60000 \
10732 crt_file=data_files/server8_int-ca2.crt \
10735 hs_timeout=10000-60000 \
10738 -S "autoreduction" \
10739 -s "found fragmented DTLS handshake message" \
10740 -c "found fragmented DTLS handshake message" \
10741 -C "error"
10743 # An autoreduction on the client-side might happen if the server is
10744 # slow to reset, therefore omitting '-C "autoreduction"' below.
10752 run_test "DTLS fragmenting: proxy MTU, AES-CBC EtM renego" \
10753 -p "$P_PXY mtu=1024" \
10755 crt_file=data_files/server7_int-ca.crt \
10758 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 \
10759 hs_timeout=10000-60000 \
10762 crt_file=data_files/server8_int-ca2.crt \
10765 hs_timeout=10000-60000 \
10768 -S "autoreduction" \
10769 -s "found fragmented DTLS handshake message" \
10770 -c "found fragmented DTLS handshake message" \
10771 -C "error"
10773 # An autoreduction on the client-side might happen if the server is
10774 # slow to reset, therefore omitting '-C "autoreduction"' below.
10781 run_test "DTLS fragmenting: proxy MTU, AES-CBC non-EtM renego" \
10782 -p "$P_PXY mtu=1024" \
10784 crt_file=data_files/server7_int-ca.crt \
10787 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 etm=0 \
10788 hs_timeout=10000-60000 \
10791 crt_file=data_files/server8_int-ca2.crt \
10794 hs_timeout=10000-60000 \
10797 -S "autoreduction" \
10798 -s "found fragmented DTLS handshake message" \
10799 -c "found fragmented DTLS handshake message" \
10800 -C "error"
10808 -p "$P_PXY mtu=512 drop=8 delay=8 duplicate=8" \
10810 crt_file=data_files/server7_int-ca.crt \
10812 hs_timeout=250-10000 mtu=512" \
10814 crt_file=data_files/server8_int-ca2.crt \
10816 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
10817 hs_timeout=250-10000 mtu=512" \
10819 -s "found fragmented DTLS handshake message" \
10820 -c "found fragmented DTLS handshake message" \
10821 -C "error"
10829 -p "$P_PXY mtu=512 drop=8 delay=8 duplicate=8" \
10831 crt_file=data_files/server7_int-ca.crt \
10833 hs_timeout=250-10000 mtu=512 nbio=2" \
10835 crt_file=data_files/server8_int-ca2.crt \
10837 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \
10838 hs_timeout=250-10000 mtu=512 nbio=2" \
10840 -s "found fragmented DTLS handshake message" \
10841 -c "found fragmented DTLS handshake message" \
10842 -C "error"
10853 "$G_SRV -u" \
10855 crt_file=data_files/server8_int-ca2.crt \
10859 -c "fragmenting handshake message" \
10860 -C "error"
10862 # We use --insecure for the GnuTLS client because it expects
10867 # certificate validation fail, but passing --insecure makes
10876 crt_file=data_files/server7_int-ca.crt \
10879 "$G_CLI -u --insecure 127.0.0.1" \
10881 -s "fragmenting handshake message"
10887 "$O_SRV -dtls1_2 -verify 10" \
10889 crt_file=data_files/server8_int-ca2.crt \
10893 -c "fragmenting handshake message" \
10894 -C "error"
10901 crt_file=data_files/server7_int-ca.crt \
10904 "$O_CLI -dtls1_2" \
10906 -s "fragmenting handshake message"
10918 -p "$P_PXY drop=8 delay=8 duplicate=8" \
10919 "$G_NEXT_SRV -u" \
10921 crt_file=data_files/server8_int-ca2.crt \
10923 hs_timeout=250-60000 mtu=512 force_version=dtls12" \
10925 -c "fragmenting handshake message" \
10926 -C "error"
10934 -p "$P_PXY drop=8 delay=8 duplicate=8" \
10936 crt_file=data_files/server7_int-ca.crt \
10938 hs_timeout=250-60000 mtu=512 force_version=dtls12" \
10939 "$G_NEXT_CLI -u --insecure 127.0.0.1" \
10941 -s "fragmenting handshake message"
10951 -p "$P_PXY drop=8 delay=8 duplicate=8" \
10952 "$O_NEXT_SRV -dtls1_2 -verify 10" \
10954 crt_file=data_files/server8_int-ca2.crt \
10956 hs_timeout=250-60000 mtu=512 force_version=dtls12" \
10958 -c "fragmenting handshake message" \
10959 -C "error"
10969 -p "$P_PXY drop=8 delay=8 duplicate=8" \
10971 crt_file=data_files/server7_int-ca.crt \
10973 hs_timeout=250-60000 mtu=512 force_version=dtls12" \
10974 "$O_CLI -dtls1_2" \
10976 -s "fragmenting handshake message"
10978 # Tests for DTLS-SRTP (RFC 5764)
10981 run_test "DTLS-SRTP all profiles supported" \
10985 -s "found use_srtp extension" \
10986 -s "found srtp profile" \
10987 -s "selected srtp profile" \
10988 -s "server hello, adding use_srtp extension" \
10989 -s "DTLS-SRTP key material is"\
10990 -c "client hello, adding use_srtp extension" \
10991 -c "found use_srtp extension" \
10992 -c "found srtp profile" \
10993 -c "selected srtp profile" \
10994 -c "DTLS-SRTP key material is"\
10995 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
10996 -C "error"
11001 run_test "DTLS-SRTP server supports all profiles. Client supports one profile." \
11005 -s "found use_srtp extension" \
11006 -s "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" \
11007 -s "selected srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" \
11008 -s "server hello, adding use_srtp extension" \
11009 -s "DTLS-SRTP key material is"\
11010 -c "client hello, adding use_srtp extension" \
11011 -c "found use_srtp extension" \
11012 -c "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" \
11013 -c "selected srtp profile" \
11014 -c "DTLS-SRTP key material is"\
11015 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
11016 -C "error"
11020 run_test "DTLS-SRTP server supports one profile. Client supports all profiles." \
11024 -s "found use_srtp extension" \
11025 -s "found srtp profile" \
11026 -s "selected srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" \
11027 -s "server hello, adding use_srtp extension" \
11028 -s "DTLS-SRTP key material is"\
11029 -c "client hello, adding use_srtp extension" \
11030 -c "found use_srtp extension" \
11031 -c "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" \
11032 -c "selected srtp profile" \
11033 -c "DTLS-SRTP key material is"\
11034 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
11035 -C "error"
11039 run_test "DTLS-SRTP server and Client support only one matching profile." \
11043 -s "found use_srtp extension" \
11044 -s "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
11045 -s "selected srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
11046 -s "server hello, adding use_srtp extension" \
11047 -s "DTLS-SRTP key material is"\
11048 -c "client hello, adding use_srtp extension" \
11049 -c "found use_srtp extension" \
11050 -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
11051 -c "selected srtp profile" \
11052 -c "DTLS-SRTP key material is"\
11053 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
11054 -C "error"
11058 run_test "DTLS-SRTP server and Client support only one different profile." \
11062 -s "found use_srtp extension" \
11063 -s "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" \
11064 -S "selected srtp profile" \
11065 -S "server hello, adding use_srtp extension" \
11066 -S "DTLS-SRTP key material is"\
11067 -c "client hello, adding use_srtp extension" \
11068 -C "found use_srtp extension" \
11069 -C "found srtp profile" \
11070 -C "selected srtp profile" \
11071 -C "DTLS-SRTP key material is"\
11072 -C "error"
11076 run_test "DTLS-SRTP server doesn't support use_srtp extension." \
11080 -s "found use_srtp extension" \
11081 -S "server hello, adding use_srtp extension" \
11082 -S "DTLS-SRTP key material is"\
11083 -c "client hello, adding use_srtp extension" \
11084 -C "found use_srtp extension" \
11085 -C "found srtp profile" \
11086 -C "selected srtp profile" \
11087 -C "DTLS-SRTP key material is"\
11088 -C "error"
11092 run_test "DTLS-SRTP all profiles supported. mki used" \
11096 -s "found use_srtp extension" \
11097 -s "found srtp profile" \
11098 -s "selected srtp profile" \
11099 -s "server hello, adding use_srtp extension" \
11100 -s "dumping 'using mki' (8 bytes)" \
11101 -s "DTLS-SRTP key material is"\
11102 -c "client hello, adding use_srtp extension" \
11103 -c "found use_srtp extension" \
11104 -c "found srtp profile" \
11105 -c "selected srtp profile" \
11106 -c "dumping 'sending mki' (8 bytes)" \
11107 -c "dumping 'received mki' (8 bytes)" \
11108 -c "DTLS-SRTP key material is"\
11109 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
11110 -g "find_in_both '^ *DTLS-SRTP mki value: [0-9A-F]*$'"\
11111 -C "error"
11115 run_test "DTLS-SRTP all profiles supported. server doesn't support mki." \
11119 -s "found use_srtp extension" \
11120 -s "found srtp profile" \
11121 -s "selected srtp profile" \
11122 -s "server hello, adding use_srtp extension" \
11123 -s "DTLS-SRTP key material is"\
11124 -s "DTLS-SRTP no mki value negotiated"\
11125 -S "dumping 'using mki' (8 bytes)" \
11126 -c "client hello, adding use_srtp extension" \
11127 -c "found use_srtp extension" \
11128 -c "found srtp profile" \
11129 -c "selected srtp profile" \
11130 -c "DTLS-SRTP key material is"\
11131 -c "DTLS-SRTP no mki value negotiated"\
11132 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
11133 -c "dumping 'sending mki' (8 bytes)" \
11134 -C "dumping 'received mki' (8 bytes)" \
11135 -C "error"
11139 run_test "DTLS-SRTP all profiles supported. openssl client." \
11141 …"$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtl…
11143 -s "found use_srtp extension" \
11144 -s "found srtp profile" \
11145 -s "selected srtp profile" \
11146 -s "server hello, adding use_srtp extension" \
11147 -s "DTLS-SRTP key material is"\
11148 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
11149 -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_80"
11153 run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, in different order…
11155 …"$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_32:SRTP_AES128_CM_SHA1_80 -keymatexport 'EXTRACTOR-dtl…
11157 -s "found use_srtp extension" \
11158 -s "found srtp profile" \
11159 -s "selected srtp profile" \
11160 -s "server hello, adding use_srtp extension" \
11161 -s "DTLS-SRTP key material is"\
11162 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
11163 -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32"
11167 run_test "DTLS-SRTP server supports all profiles. Client supports one profile. openssl client." \
11169 …"$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportle…
11171 -s "found use_srtp extension" \
11172 -s "found srtp profile" \
11173 -s "selected srtp profile" \
11174 -s "server hello, adding use_srtp extension" \
11175 -s "DTLS-SRTP key material is"\
11176 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
11177 -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32"
11181 run_test "DTLS-SRTP server supports one profile. Client supports all profiles. openssl client." \
11183 …"$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtl…
11185 -s "found use_srtp extension" \
11186 -s "found srtp profile" \
11187 -s "selected srtp profile" \
11188 -s "server hello, adding use_srtp extension" \
11189 -s "DTLS-SRTP key material is"\
11190 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
11191 -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32"
11195 run_test "DTLS-SRTP server and Client support only one matching profile. openssl client." \
11197 …"$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportle…
11199 -s "found use_srtp extension" \
11200 -s "found srtp profile" \
11201 -s "selected srtp profile" \
11202 -s "server hello, adding use_srtp extension" \
11203 -s "DTLS-SRTP key material is"\
11204 -g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
11205 -c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32"
11209 run_test "DTLS-SRTP server and Client support only one different profile. openssl client." \
11211 …"$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keymatexportle…
11213 -s "found use_srtp extension" \
11214 -s "found srtp profile" \
11215 -S "selected srtp profile" \
11216 -S "server hello, adding use_srtp extension" \
11217 -S "DTLS-SRTP key material is"\
11218 -C "SRTP Extension negotiated, profile"
11222 run_test "DTLS-SRTP server doesn't support use_srtp extension. openssl client" \
11224 …"$O_CLI -dtls -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtl…
11226 -s "found use_srtp extension" \
11227 -S "server hello, adding use_srtp extension" \
11228 -S "DTLS-SRTP key material is"\
11229 -C "SRTP Extension negotiated, profile"
11233 run_test "DTLS-SRTP all profiles supported. openssl server" \
11234 …"$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXT…
11237 -c "client hello, adding use_srtp extension" \
11238 -c "found use_srtp extension" \
11239 -c "found srtp profile" \
11240 -c "selected srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80" \
11241 -c "DTLS-SRTP key material is"\
11242 -C "error"
11246 run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, in different order…
11247 …"$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_32:SRTP_AES128_CM_SHA1_80 -keymatexport 'EXT…
11250 -c "client hello, adding use_srtp extension" \
11251 -c "found use_srtp extension" \
11252 -c "found srtp profile" \
11253 -c "selected srtp profile" \
11254 -c "DTLS-SRTP key material is"\
11255 -C "error"
11259 run_test "DTLS-SRTP server supports all profiles. Client supports one profile. openssl server." \
11260 …"$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXT…
11263 -c "client hello, adding use_srtp extension" \
11264 -c "found use_srtp extension" \
11265 -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
11266 -c "selected srtp profile" \
11267 -c "DTLS-SRTP key material is"\
11268 -C "error"
11272 run_test "DTLS-SRTP server supports one profile. Client supports all profiles. openssl server." \
11273 …"$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keym…
11276 -c "client hello, adding use_srtp extension" \
11277 -c "found use_srtp extension" \
11278 -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
11279 -c "selected srtp profile" \
11280 -c "DTLS-SRTP key material is"\
11281 -C "error"
11285 run_test "DTLS-SRTP server and Client support only one matching profile. openssl server." \
11286 …"$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keym…
11289 -c "client hello, adding use_srtp extension" \
11290 -c "found use_srtp extension" \
11291 -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
11292 -c "selected srtp profile" \
11293 -c "DTLS-SRTP key material is"\
11294 -C "error"
11298 run_test "DTLS-SRTP server and Client support only one different profile. openssl server." \
11299 …"$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_32 -keymatexport 'EXTRACTOR-dtls_srtp' -keym…
11302 -c "client hello, adding use_srtp extension" \
11303 -C "found use_srtp extension" \
11304 -C "found srtp profile" \
11305 -C "selected srtp profile" \
11306 -C "DTLS-SRTP key material is"\
11307 -C "error"
11311 run_test "DTLS-SRTP server doesn't support use_srtp extension. openssl server" \
11312 "$O_SRV -dtls" \
11315 -c "client hello, adding use_srtp extension" \
11316 -C "found use_srtp extension" \
11317 -C "found srtp profile" \
11318 -C "selected srtp profile" \
11319 -C "DTLS-SRTP key material is"\
11320 -C "error"
11324 run_test "DTLS-SRTP all profiles supported. server doesn't support mki. openssl server." \
11325 …"$O_SRV -dtls -verify 0 -use_srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32 -keymatexport 'EXT…
11328 -c "client hello, adding use_srtp extension" \
11329 -c "found use_srtp extension" \
11330 -c "found srtp profile" \
11331 -c "selected srtp profile" \
11332 -c "DTLS-SRTP key material is"\
11333 -c "DTLS-SRTP no mki value negotiated"\
11334 -c "dumping 'sending mki' (8 bytes)" \
11335 -C "dumping 'received mki' (8 bytes)" \
11336 -C "error"
11341 run_test "DTLS-SRTP all profiles supported. gnutls client." \
11343 …"$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_…
11345 -s "found use_srtp extension" \
11346 -s "found srtp profile" \
11347 -s "selected srtp profile" \
11348 -s "server hello, adding use_srtp extension" \
11349 -s "DTLS-SRTP key material is"\
11350 -c "SRTP profile: SRTP_AES128_CM_HMAC_SHA1_80"
11355 run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, in different order…
11357 …"$G_CLI -u --srtp-profiles=SRTP_NULL_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_80:SRTP_NULL_SHA1_32:SR…
11359 -s "found use_srtp extension" \
11360 -s "found srtp profile" \
11361 -s "selected srtp profile" \
11362 -s "server hello, adding use_srtp extension" \
11363 -s "DTLS-SRTP key material is"\
11364 -c "SRTP profile: SRTP_NULL_HMAC_SHA1_80"
11369 run_test "DTLS-SRTP server supports all profiles. Client supports one profile. gnutls client." \
11371 "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32 --insecure 127.0.0.1" \
11373 -s "found use_srtp extension" \
11374 -s "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
11375 -s "selected srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
11376 -s "server hello, adding use_srtp extension" \
11377 -s "DTLS-SRTP key material is"\
11378 -c "SRTP profile: SRTP_AES128_CM_HMAC_SHA1_32"
11383 run_test "DTLS-SRTP server supports one profile. Client supports all profiles. gnutls client." \
11385 …"$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_…
11387 -s "found use_srtp extension" \
11388 -s "found srtp profile" \
11389 -s "selected srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" \
11390 -s "server hello, adding use_srtp extension" \
11391 -s "DTLS-SRTP key material is"\
11392 -c "SRTP profile: SRTP_NULL_SHA1_32"
11397 run_test "DTLS-SRTP server and Client support only one matching profile. gnutls client." \
11399 "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32 --insecure 127.0.0.1" \
11401 -s "found use_srtp extension" \
11402 -s "found srtp profile" \
11403 -s "selected srtp profile" \
11404 -s "server hello, adding use_srtp extension" \
11405 -s "DTLS-SRTP key material is"\
11406 -c "SRTP profile: SRTP_AES128_CM_HMAC_SHA1_32"
11411 run_test "DTLS-SRTP server and Client support only one different profile. gnutls client." \
11413 "$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32 --insecure 127.0.0.1" \
11415 -s "found use_srtp extension" \
11416 -s "found srtp profile" \
11417 -S "selected srtp profile" \
11418 -S "server hello, adding use_srtp extension" \
11419 -S "DTLS-SRTP key material is"\
11420 -C "SRTP profile:"
11425 run_test "DTLS-SRTP server doesn't support use_srtp extension. gnutls client" \
11427 …"$G_CLI -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_…
11429 -s "found use_srtp extension" \
11430 -S "server hello, adding use_srtp extension" \
11431 -S "DTLS-SRTP key material is"\
11432 -C "SRTP profile:"
11437 run_test "DTLS-SRTP all profiles supported. gnutls server" \
11438 …"$G_SRV -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_…
11441 -c "client hello, adding use_srtp extension" \
11442 -c "found use_srtp extension" \
11443 -c "found srtp profile" \
11444 -c "selected srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80" \
11445 -c "DTLS-SRTP key material is"\
11446 -C "error"
11451 run_test "DTLS-SRTP server supports all profiles. Client supports all profiles, in different order…
11452 …"$G_SRV -u --srtp-profiles=SRTP_NULL_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_…
11455 -c "client hello, adding use_srtp extension" \
11456 -c "found use_srtp extension" \
11457 -c "found srtp profile" \
11458 -c "selected srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80" \
11459 -c "DTLS-SRTP key material is"\
11460 -C "error"
11465 run_test "DTLS-SRTP server supports all profiles. Client supports one profile. gnutls server." \
11466 …"$G_SRV -u --srtp-profiles=SRTP_NULL_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_AES128_CM_HMAC_SHA1_…
11469 -c "client hello, adding use_srtp extension" \
11470 -c "found use_srtp extension" \
11471 -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
11472 -c "selected srtp profile" \
11473 -c "DTLS-SRTP key material is"\
11474 -C "error"
11479 run_test "DTLS-SRTP server supports one profile. Client supports all profiles. gnutls server." \
11480 "$G_SRV -u --srtp-profiles=SRTP_NULL_HMAC_SHA1_80" \
11483 -c "client hello, adding use_srtp extension" \
11484 -c "found use_srtp extension" \
11485 -c "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" \
11486 -c "selected srtp profile" \
11487 -c "DTLS-SRTP key material is"\
11488 -C "error"
11493 run_test "DTLS-SRTP server and Client support only one matching profile. gnutls server." \
11494 "$G_SRV -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32" \
11497 -c "client hello, adding use_srtp extension" \
11498 -c "found use_srtp extension" \
11499 -c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
11500 -c "selected srtp profile" \
11501 -c "DTLS-SRTP key material is"\
11502 -C "error"
11507 run_test "DTLS-SRTP server and Client support only one different profile. gnutls server." \
11508 "$G_SRV -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_32" \
11511 -c "client hello, adding use_srtp extension" \
11512 -C "found use_srtp extension" \
11513 -C "found srtp profile" \
11514 -C "selected srtp profile" \
11515 -C "DTLS-SRTP key material is"\
11516 -C "error"
11521 run_test "DTLS-SRTP server doesn't support use_srtp extension. gnutls server" \
11522 "$G_SRV -u" \
11525 -c "client hello, adding use_srtp extension" \
11526 -C "found use_srtp extension" \
11527 -C "found srtp profile" \
11528 -C "selected srtp profile" \
11529 -C "DTLS-SRTP key material is"\
11530 -C "error"
11535 run_test "DTLS-SRTP all profiles supported. mki used. gnutls server." \
11536 …"$G_SRV -u --srtp-profiles=SRTP_AES128_CM_HMAC_SHA1_80:SRTP_AES128_CM_HMAC_SHA1_32:SRTP_NULL_HMAC_…
11539 -c "client hello, adding use_srtp extension" \
11540 -c "found use_srtp extension" \
11541 -c "found srtp profile" \
11542 -c "selected srtp profile" \
11543 -c "DTLS-SRTP key material is"\
11544 -c "DTLS-SRTP mki value:"\
11545 -c "dumping 'sending mki' (8 bytes)" \
11546 -c "dumping 'received mki' (8 bytes)" \
11547 -C "error"
11554 -p "$P_PXY" \
11555 "$P_SRV dtls=1 debug_level=2 hs_timeout=10000-20000" \
11556 "$P_CLI dtls=1 debug_level=2 hs_timeout=10000-20000" \
11558 -C "replayed record" \
11559 -S "replayed record" \
11560 -C "Buffer record from epoch" \
11561 -S "Buffer record from epoch" \
11562 -C "ssl_buffer_message" \
11563 -S "ssl_buffer_message" \
11564 -C "discarding invalid record" \
11565 -S "discarding invalid record" \
11566 -S "resend" \
11567 -s "Extra-header:" \
11568 -c "HTTP/1.0 200 OK"
11573 -p "$P_PXY duplicate=1" \
11574 "$P_SRV dtls=1 dgram_packing=0 debug_level=2 hs_timeout=10000-20000" \
11575 "$P_CLI dtls=1 dgram_packing=0 debug_level=2 hs_timeout=10000-20000" \
11577 -c "replayed record" \
11578 -s "replayed record" \
11579 -c "record from another epoch" \
11580 -s "record from another epoch" \
11581 -S "resend" \
11582 -s "Extra-header:" \
11583 -c "HTTP/1.0 200 OK"
11586 run_test "DTLS proxy: duplicate every packet, server anti-replay off" \
11587 -p "$P_PXY duplicate=1" \
11591 -c "replayed record" \
11592 -S "replayed record" \
11593 -c "record from another epoch" \
11594 -s "record from another epoch" \
11595 -c "resend" \
11596 -s "resend" \
11597 -s "Extra-header:" \
11598 -c "HTTP/1.0 200 OK"
11602 -p "$P_PXY pack=50" \
11606 -c "next record in same datagram" \
11607 -s "next record in same datagram"
11611 -p "$P_PXY pack=50 duplicate=1" \
11615 -c "next record in same datagram" \
11616 -s "next record in same datagram"
11620 -p "$P_PXY bad_ad=1" \
11624 -c "discarding invalid record (mac)" \
11625 -s "discarding invalid record (mac)" \
11626 -s "Extra-header:" \
11627 -c "HTTP/1.0 200 OK" \
11628 -S "too many records with bad MAC" \
11629 -S "Verification of the message MAC failed"
11633 -p "$P_PXY bad_ad=1" \
11637 -C "discarding invalid record (mac)" \
11638 -S "discarding invalid record (mac)" \
11639 -S "Extra-header:" \
11640 -C "HTTP/1.0 200 OK" \
11641 -s "too many records with bad MAC" \
11642 -s "Verification of the message MAC failed"
11646 -p "$P_PXY bad_ad=1" \
11650 -c "discarding invalid record (mac)" \
11651 -s "discarding invalid record (mac)" \
11652 -s "Extra-header:" \
11653 -c "HTTP/1.0 200 OK" \
11654 -S "too many records with bad MAC" \
11655 -S "Verification of the message MAC failed"
11659 -p "$P_PXY bad_ad=1" \
11663 -c "discarding invalid record (mac)" \
11664 -s "discarding invalid record (mac)" \
11665 -s "Extra-header:" \
11666 -c "HTTP/1.0 200 OK" \
11667 -s "too many records with bad MAC" \
11668 -s "Verification of the message MAC failed"
11672 -p "$P_PXY delay_ccs=1" \
11676 -c "record from another epoch" \
11677 -s "record from another epoch" \
11678 -s "Extra-header:" \
11679 -c "HTTP/1.0 200 OK"
11685 run_test "DTLS reordering: Buffer out-of-order handshake message on client" \
11686 -p "$P_PXY delay_srv=ServerHello" \
11688 hs_timeout=2500-60000" \
11690 hs_timeout=2500-60000" \
11692 -c "Buffering HS message" \
11693 -c "Next handshake message has been buffered - load"\
11694 -S "Buffering HS message" \
11695 -S "Next handshake message has been buffered - load"\
11696 -C "Injecting buffered CCS message" \
11697 -C "Remember CCS message" \
11698 -S "Injecting buffered CCS message" \
11699 -S "Remember CCS message"
11703 run_test "DTLS reordering: Buffer out-of-order handshake message fragment on client" \
11704 -p "$P_PXY delay_srv=ServerHello" \
11706 hs_timeout=2500-60000" \
11708 hs_timeout=2500-60000" \
11710 -c "Buffering HS message" \
11711 -c "found fragmented DTLS handshake message"\
11712 -c "Next handshake message 1 not or only partially bufffered" \
11713 -c "Next handshake message has been buffered - load"\
11714 -S "Buffering HS message" \
11715 -S "Next handshake message has been buffered - load"\
11716 -C "Injecting buffered CCS message" \
11717 -C "Remember CCS message" \
11718 -S "Injecting buffered CCS message" \
11719 -S "Remember CCS message"
11728 run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling next" \
11729 -p "$P_PXY delay_srv=Certificate delay_srv=Certificate" \
11731 hs_timeout=2500-60000" \
11733 hs_timeout=2500-60000" \
11735 -c "Buffering HS message" \
11736 -c "Next handshake message has been buffered - load"\
11737 -C "attempt to make space by freeing buffered messages" \
11738 -S "Buffering HS message" \
11739 -S "Next handshake message has been buffered - load"\
11740 -C "Injecting buffered CCS message" \
11741 -C "Remember CCS message" \
11742 -S "Injecting buffered CCS message" \
11743 -S "Remember CCS message"
11752 run_test "DTLS reordering: Buffer out-of-order hs msg before reassembling next, free buffered ms…
11753 -p "$P_PXY delay_srv=Certificate delay_srv=Certificate" \
11755 hs_timeout=2500-60000" \
11757 hs_timeout=2500-60000" \
11759 -c "Buffering HS message" \
11760 -c "attempt to make space by freeing buffered future messages" \
11761 -c "Enough space available after freeing buffered HS messages" \
11762 -S "Buffering HS message" \
11763 -S "Next handshake message has been buffered - load"\
11764 -C "Injecting buffered CCS message" \
11765 -C "Remember CCS message" \
11766 -S "Injecting buffered CCS message" \
11767 -S "Remember CCS message"
11771 run_test "DTLS reordering: Buffer out-of-order handshake message on server" \
11772 -p "$P_PXY delay_cli=Certificate" \
11774 hs_timeout=2500-60000" \
11776 hs_timeout=2500-60000" \
11778 -C "Buffering HS message" \
11779 -C "Next handshake message has been buffered - load"\
11780 -s "Buffering HS message" \
11781 -s "Next handshake message has been buffered - load" \
11782 -C "Injecting buffered CCS message" \
11783 -C "Remember CCS message" \
11784 -S "Injecting buffered CCS message" \
11785 -S "Remember CCS message"
11789 run_test "DTLS reordering: Buffer out-of-order CCS message on client"\
11790 -p "$P_PXY delay_srv=NewSessionTicket" \
11792 hs_timeout=2500-60000" \
11794 hs_timeout=2500-60000" \
11796 -C "Buffering HS message" \
11797 -C "Next handshake message has been buffered - load"\
11798 -S "Buffering HS message" \
11799 -S "Next handshake message has been buffered - load" \
11800 -c "Injecting buffered CCS message" \
11801 -c "Remember CCS message" \
11802 -S "Injecting buffered CCS message" \
11803 -S "Remember CCS message"
11807 run_test "DTLS reordering: Buffer out-of-order CCS message on server"\
11808 -p "$P_PXY delay_cli=ClientKeyExchange" \
11810 hs_timeout=2500-60000" \
11812 hs_timeout=2500-60000" \
11814 -C "Buffering HS message" \
11815 -C "Next handshake message has been buffered - load"\
11816 -S "Buffering HS message" \
11817 -S "Next handshake message has been buffered - load" \
11818 -C "Injecting buffered CCS message" \
11819 -C "Remember CCS message" \
11820 -s "Injecting buffered CCS message" \
11821 -s "Remember CCS message"
11825 -p "$P_PXY delay_ccs=1" \
11827 hs_timeout=2500-60000" \
11829 hs_timeout=2500-60000" \
11831 -s "Buffer record from epoch 1" \
11832 -s "Found buffered record from current epoch - load" \
11833 -c "Buffer record from epoch 1" \
11834 -c "Found buffered record from current epoch - load"
11842 # - MBEDTLS_SSL_DTLS_MAX_BUFFERING must be large enough to allow buffering
11845 # - The MTU setting on the server must be so small that the NewSessionTicket
11847 # - All messages sent by the server must be small enough to be either sent
11849 # MBEDTLS_SSL_DTLS_MAX_BUFFERING. Achieve this by testing with a PSK-based
11854 -p "$P_PXY delay_srv=NewSessionTicket delay_srv=NewSessionTicket delay_ccs=1" \
11856 …$P_CLI dgram_packing=0 dtls=1 debug_level=2 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8 psk=abc12…
11858 -s "Buffer record from epoch 1" \
11859 -s "Found buffered record from current epoch - load" \
11860 -c "Buffer record from epoch 1" \
11861 -C "Found buffered record from current epoch - load" \
11862 -c "Enough space available after freeing future epoch record"
11868 -p "$P_PXY drop=5 delay=5 duplicate=5" \
11869 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
11871 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
11872 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
11874 -s "Extra-header:" \
11875 -c "HTTP/1.0 200 OK"
11879 -p "$P_PXY drop=5 delay=5 duplicate=5" \
11880 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none" \
11881 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 \
11882 force_ciphersuite=TLS-RSA-WITH-AES-128-CBC-SHA" \
11884 -s "Extra-header:" \
11885 -c "HTTP/1.0 200 OK"
11890 -p "$P_PXY drop=5 delay=5 duplicate=5" \
11891 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none" \
11892 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0" \
11894 -s "Extra-header:" \
11895 -c "HTTP/1.0 200 OK"
11900 -p "$P_PXY drop=5 delay=5 duplicate=5" \
11901 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=required" \
11902 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0" \
11904 -s "Extra-header:" \
11905 -c "HTTP/1.0 200 OK"
11910 -p "$P_PXY drop=5 delay=5 duplicate=5" \
11911 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1 auth_mode=none" \
11912 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1" \
11914 -s "Extra-header:" \
11915 -c "HTTP/1.0 200 OK"
11920 -p "$P_PXY drop=5 delay=5 duplicate=5" \
11921 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1 auth_mode=required" \
11922 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=1" \
11924 -s "Extra-header:" \
11925 -c "HTTP/1.0 200 OK"
11930 -p "$P_PXY drop=5 delay=5 duplicate=5" \
11931 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 nbio=2 tickets=1 \
11933 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 nbio=2 tickets=1" \
11935 -s "Extra-header:" \
11936 -c "HTTP/1.0 200 OK"
11941 -p "$P_PXY drop=5 delay=5 duplicate=5" \
11942 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
11944 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
11946 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
11948 -s "a session has been resumed" \
11949 -c "a session has been resumed" \
11950 -s "Extra-header:" \
11951 -c "HTTP/1.0 200 OK"
11956 -p "$P_PXY drop=5 delay=5 duplicate=5" \
11957 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
11959 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
11961 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8 nbio=2" \
11963 -s "a session has been resumed" \
11964 -c "a session has been resumed" \
11965 -s "Extra-header:" \
11966 -c "HTTP/1.0 200 OK"
11970 run_test "DTLS proxy: 3d, min handshake, client-initiated renego" \
11971 -p "$P_PXY drop=5 delay=5 duplicate=5" \
11972 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
11974 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
11976 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
11978 -c "=> renegotiate" \
11979 -s "=> renegotiate" \
11980 -s "Extra-header:" \
11981 -c "HTTP/1.0 200 OK"
11985 run_test "DTLS proxy: 3d, min handshake, client-initiated renego, nbio" \
11986 -p "$P_PXY drop=5 delay=5 duplicate=5" \
11987 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
11989 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
11991 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
11993 -c "=> renegotiate" \
11994 -s "=> renegotiate" \
11995 -s "Extra-header:" \
11996 -c "HTTP/1.0 200 OK"
12000 run_test "DTLS proxy: 3d, min handshake, server-initiated renego" \
12001 -p "$P_PXY drop=5 delay=5 duplicate=5" \
12002 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
12005 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
12007 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
12009 -c "=> renegotiate" \
12010 -s "=> renegotiate" \
12011 -s "Extra-header:" \
12012 -c "HTTP/1.0 200 OK"
12016 run_test "DTLS proxy: 3d, min handshake, server-initiated renego, nbio" \
12017 -p "$P_PXY drop=5 delay=5 duplicate=5" \
12018 "$P_SRV dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 auth_mode=none \
12021 "$P_CLI dtls=1 dgram_packing=0 hs_timeout=500-10000 tickets=0 psk=abc123 \
12023 force_ciphersuite=TLS-PSK-WITH-AES-128-CCM-8" \
12025 -c "=> renegotiate" \
12026 -s "=> renegotiate" \
12027 -s "Extra-header:" \
12028 -c "HTTP/1.0 200 OK"
12035 not_with_valgrind # risk of non-mbedtls peer timing out
12038 -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
12039 "$O_NEXT_SRV -dtls1_2 -mtu 2048" \
12040 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 tickets=0" \
12042 -c "HTTP/1.0 200 OK"
12046 not_with_valgrind # risk of non-mbedtls peer timing out
12049 -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
12050 "$O_NEXT_SRV -dtls1_2 -mtu 768" \
12051 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 tickets=0" \
12053 -c "HTTP/1.0 200 OK"
12057 not_with_valgrind # risk of non-mbedtls peer timing out
12060 -p "$P_PXY drop=5 delay=5 duplicate=5 protect_hvr=1" \
12061 "$O_NEXT_SRV -dtls1_2 -mtu 768" \
12062 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 nbio=2 tickets=0" \
12064 -c "HTTP/1.0 200 OK"
12068 not_with_valgrind # risk of non-mbedtls peer timing out
12071 -p "$P_PXY drop=5 delay=5 duplicate=5" \
12072 "$G_SRV -u --mtu 2048 -a" \
12073 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000" \
12075 -s "Extra-header:" \
12076 -c "Extra-header:"
12080 not_with_valgrind # risk of non-mbedtls peer timing out
12083 -p "$P_PXY drop=5 delay=5 duplicate=5" \
12084 "$G_NEXT_SRV -u --mtu 512" \
12085 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000" \
12087 -s "Extra-header:" \
12088 -c "Extra-header:"
12092 not_with_valgrind # risk of non-mbedtls peer timing out
12095 -p "$P_PXY drop=5 delay=5 duplicate=5" \
12096 "$G_NEXT_SRV -u --mtu 512" \
12097 "$P_CLI dgram_packing=0 dtls=1 hs_timeout=500-60000 nbio=2" \
12099 -s "Extra-header:" \
12100 -c "Extra-header:"
12107 -c "EAP-TLS key material is:"\
12108 -s "EAP-TLS key material is:"\
12109 -c "EAP-TLS IV is:" \
12110 -s "EAP-TLS IV is:"
12115 "$O_NEXT_SRV -tls1_3 -msg" \
12116 "$O_NEXT_CLI -tls1_3 -msg" \
12118 -c "TLS 1.3" \
12119 -s "TLS 1.3"
12126 …"$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_TLS13_COMPA…
12127 …"$G_NEXT_CLI localhost --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_…
12129 -s "Version: TLS1.3" \
12130 -c "Version: TLS1.3"
12135 requires_ciphersuite_enabled TLS1-3-CHACHA20-POLY1305-SHA256
12142 -s "Protocol is TLSv1.3" \
12143 -s "Ciphersuite is TLS1-3-CHACHA20-POLY1305-SHA256" \
12144 -s "ECDH/FFDH group: " \
12145 -s "selected signature algorithm ecdsa_secp256r1_sha256"
12156 -s "Protocol is TLSv1.2" \
12157 -s "Protocol is TLSv1.3" \
12168 -s "Protocol is TLSv1.3" \
12169 -s "Protocol is TLSv1.2" \
12176 run_test "TLS 1.3: minimal feature sets - openssl" \
12177 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
12180 -c "client state: MBEDTLS_SSL_HELLO_REQUEST" \
12181 -c "client state: MBEDTLS_SSL_SERVER_HELLO" \
12182 -c "client state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
12183 -c "client state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \
12184 -c "client state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
12185 -c "client state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \
12186 -c "client state: MBEDTLS_SSL_SERVER_FINISHED" \
12187 -c "client state: MBEDTLS_SSL_CLIENT_FINISHED" \
12188 -c "client state: MBEDTLS_SSL_FLUSH_BUFFERS" \
12189 -c "client state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \
12190 -c "<= ssl_tls13_process_server_hello" \
12191 -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
12192 -c "DHE group name: " \
12193 -c "=> ssl_tls13_process_server_hello" \
12194 -c "<= parse encrypted extensions" \
12195 -c "Certificate verification flags clear" \
12196 -c "=> parse certificate verify" \
12197 -c "<= parse certificate verify" \
12198 -c "mbedtls_ssl_tls13_process_certificate_verify() returned 0" \
12199 -c "<= parse finished message" \
12200 -c "Protocol is TLSv1.3" \
12201 -c "HTTP/1.0 200 ok"
12209 run_test "TLS 1.3: minimal feature sets - gnutls" \
12210 …"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS --disable-…
12213 -s "SERVER HELLO was queued" \
12214 -c "client state: MBEDTLS_SSL_HELLO_REQUEST" \
12215 -c "client state: MBEDTLS_SSL_SERVER_HELLO" \
12216 -c "client state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
12217 -c "client state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \
12218 -c "client state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
12219 -c "client state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \
12220 -c "client state: MBEDTLS_SSL_SERVER_FINISHED" \
12221 -c "client state: MBEDTLS_SSL_CLIENT_FINISHED" \
12222 -c "client state: MBEDTLS_SSL_FLUSH_BUFFERS" \
12223 -c "client state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \
12224 -c "<= ssl_tls13_process_server_hello" \
12225 -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
12226 -c "DHE group name: " \
12227 -c "=> ssl_tls13_process_server_hello" \
12228 -c "<= parse encrypted extensions" \
12229 -c "Certificate verification flags clear" \
12230 -c "=> parse certificate verify" \
12231 -c "<= parse certificate verify" \
12232 -c "mbedtls_ssl_tls13_process_certificate_verify() returned 0" \
12233 -c "<= parse finished message" \
12234 -c "Protocol is TLSv1.3" \
12235 -c "HTTP/1.0 200 OK"
12243 run_test "TLS 1.3: alpn - openssl" \
12244 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -alpn h2" \
12247 -c "client state: MBEDTLS_SSL_HELLO_REQUEST" \
12248 -c "client state: MBEDTLS_SSL_SERVER_HELLO" \
12249 -c "client state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
12250 -c "client state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \
12251 -c "client state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
12252 -c "client state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \
12253 -c "client state: MBEDTLS_SSL_SERVER_FINISHED" \
12254 -c "client state: MBEDTLS_SSL_CLIENT_FINISHED" \
12255 -c "client state: MBEDTLS_SSL_FLUSH_BUFFERS" \
12256 -c "client state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \
12257 -c "<= ssl_tls13_process_server_hello" \
12258 -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
12259 -c "DHE group name: " \
12260 -c "=> ssl_tls13_process_server_hello" \
12261 -c "<= parse encrypted extensions" \
12262 -c "Certificate verification flags clear" \
12263 -c "=> parse certificate verify" \
12264 -c "<= parse certificate verify" \
12265 -c "mbedtls_ssl_tls13_process_certificate_verify() returned 0" \
12266 -c "<= parse finished message" \
12267 -c "Protocol is TLSv1.3" \
12268 -c "HTTP/1.0 200 ok" \
12269 -c "Application Layer Protocol is h2"
12278 run_test "TLS 1.3: alpn - gnutls" \
12279 …"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS --disable-…
12282 -s "SERVER HELLO was queued" \
12283 -c "client state: MBEDTLS_SSL_HELLO_REQUEST" \
12284 -c "client state: MBEDTLS_SSL_SERVER_HELLO" \
12285 -c "client state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
12286 -c "client state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \
12287 -c "client state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
12288 -c "client state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \
12289 -c "client state: MBEDTLS_SSL_SERVER_FINISHED" \
12290 -c "client state: MBEDTLS_SSL_CLIENT_FINISHED" \
12291 -c "client state: MBEDTLS_SSL_FLUSH_BUFFERS" \
12292 -c "client state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \
12293 -c "<= ssl_tls13_process_server_hello" \
12294 -c "server hello, chosen ciphersuite: ( 1303 ) - TLS1-3-CHACHA20-POLY1305-SHA256" \
12295 -c "DHE group name: " \
12296 -c "=> ssl_tls13_process_server_hello" \
12297 -c "<= parse encrypted extensions" \
12298 -c "Certificate verification flags clear" \
12299 -c "=> parse certificate verify" \
12300 -c "<= parse certificate verify" \
12301 -c "mbedtls_ssl_tls13_process_certificate_verify() returned 0" \
12302 -c "<= parse finished message" \
12303 -c "Protocol is TLSv1.3" \
12304 -c "HTTP/1.0 200 OK" \
12305 -c "Application Layer Protocol is h2"
12312 run_test "TLS 1.3: server alpn - openssl" \
12314 "$O_NEXT_CLI -msg -tls1_3 -no_middlebox -alpn h2" \
12316 -s "found alpn extension" \
12317 -s "server side, adding alpn extension" \
12318 -s "Protocol is TLSv1.3" \
12319 -s "HTTP/1.0 200 OK" \
12320 -s "Application Layer Protocol is h2"
12327 run_test "TLS 1.3: server alpn - gnutls" \
12329 …"$G_NEXT_CLI localhost -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_CO…
12331 -s "found alpn extension" \
12332 -s "server side, adding alpn extension" \
12333 -s "Protocol is TLSv1.3" \
12334 -s "HTTP/1.0 200 OK" \
12335 -s "Application Layer Protocol is h2"
12342 run_test "TLS 1.3: Client authentication, no client certificate - openssl" \
12343 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -verify 10" \
12346 -c "got a certificate request" \
12347 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12348 -s "TLS 1.3" \
12349 -c "HTTP/1.0 200 ok" \
12350 -c "Protocol is TLSv1.3"
12358 run_test "TLS 1.3: Client authentication, no client certificate - gnutls" \
12359 …"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS --verify-c…
12362 -c "got a certificate request" \
12363 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE"\
12364 -s "Version: TLS1.3" \
12365 -c "HTTP/1.0 200 OK" \
12366 -c "Protocol is TLSv1.3"
12373 run_test "TLS 1.3: Client authentication, no server middlebox compat - openssl" \
12374 …"$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10 -no_middlebox" \
12377 -c "got a certificate request" \
12378 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12379 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12380 -c "Protocol is TLSv1.3"
12387 run_test "TLS 1.3: Client authentication, no server middlebox compat - gnutls" \
12388 …"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_T…
12392 -c "got a certificate request" \
12393 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12394 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12395 -c "Protocol is TLSv1.3"
12402 run_test "TLS 1.3: Client authentication, ecdsa_secp256r1_sha256 - openssl" \
12403 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
12407 -c "got a certificate request" \
12408 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12409 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12410 -c "Protocol is TLSv1.3"
12418 run_test "TLS 1.3: Client authentication, ecdsa_secp256r1_sha256 - gnutls" \
12419 … "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
12423 -c "got a certificate request" \
12424 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12425 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12426 -c "Protocol is TLSv1.3"
12433 run_test "TLS 1.3: Client authentication, ecdsa_secp384r1_sha384 - openssl" \
12434 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
12438 -c "got a certificate request" \
12439 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12440 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12441 -c "Protocol is TLSv1.3"
12449 run_test "TLS 1.3: Client authentication, ecdsa_secp384r1_sha384 - gnutls" \
12450 … "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
12454 -c "got a certificate request" \
12455 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12456 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12457 -c "Protocol is TLSv1.3"
12464 run_test "TLS 1.3: Client authentication, ecdsa_secp521r1_sha512 - openssl" \
12465 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
12469 -c "got a certificate request" \
12470 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12471 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12472 -c "Protocol is TLSv1.3"
12480 run_test "TLS 1.3: Client authentication, ecdsa_secp521r1_sha512 - gnutls" \
12481 … "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
12485 -c "got a certificate request" \
12486 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12487 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12488 -c "Protocol is TLSv1.3"
12496 run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha256 - openssl" \
12497 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
12501 -c "got a certificate request" \
12502 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12503 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12504 -c "Protocol is TLSv1.3"
12513 run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha256 - gnutls" \
12514 … "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
12515 "$P_CLI debug_level=3 crt_file=data_files/server2-sha256.crt \
12518 -c "got a certificate request" \
12519 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12520 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12521 -c "Protocol is TLSv1.3"
12529 run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha384 - openssl" \
12530 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
12534 -c "got a certificate request" \
12535 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12536 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12537 -c "Protocol is TLSv1.3"
12546 run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha384 - gnutls" \
12547 … "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
12548 "$P_CLI debug_level=3 crt_file=data_files/server2-sha256.crt \
12551 -c "got a certificate request" \
12552 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12553 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12554 -c "Protocol is TLSv1.3"
12562 run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha512 - openssl" \
12563 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
12567 -c "got a certificate request" \
12568 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12569 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12570 -c "Protocol is TLSv1.3"
12579 run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha512 - gnutls" \
12580 … "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
12581 "$P_CLI debug_level=3 crt_file=data_files/server2-sha256.crt \
12584 -c "got a certificate request" \
12585 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12586 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12587 -c "Protocol is TLSv1.3"
12595 run_test "TLS 1.3: Client authentication, client alg not in server list - openssl" \
12596 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10
12597 -sigalgs ecdsa_secp256r1_sha256" \
12601 -c "got a certificate request" \
12602 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12603 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12604 -c "no suitable signature algorithm"
12613 run_test "TLS 1.3: Client authentication, client alg not in server list - gnutls" \
12614 …"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:-SIGN-ALL:+SIGN-ECDSA-…
12618 -c "got a certificate request" \
12619 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12620 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12621 -c "no suitable signature algorithm"
12629 run_test "TLS 1.3: Client authentication - opaque key, no server middlebox compat - openssl" \
12630 …"$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10 -no_middlebox" \
12633 -c "got a certificate request" \
12634 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12635 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12636 -c "Protocol is TLSv1.3"
12644 run_test "TLS 1.3: Client authentication - opaque key, no server middlebox compat - gnutls" \
12645 …"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_T…
12649 -c "got a certificate request" \
12650 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12651 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12652 -c "Protocol is TLSv1.3"
12660 run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp256r1_sha256 - openssl" \
12661 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
12665 -c "got a certificate request" \
12666 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12667 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12668 -c "Protocol is TLSv1.3"
12677 run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp256r1_sha256 - gnutls" \
12678 … "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
12682 -c "got a certificate request" \
12683 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12684 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12685 -c "Protocol is TLSv1.3"
12693 run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp384r1_sha384 - openssl" \
12694 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
12698 -c "got a certificate request" \
12699 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12700 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12701 -c "Protocol is TLSv1.3"
12710 run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp384r1_sha384 - gnutls" \
12711 … "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
12715 -c "got a certificate request" \
12716 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12717 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12718 -c "Protocol is TLSv1.3"
12726 run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp521r1_sha512 - openssl" \
12727 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
12731 -c "got a certificate request" \
12732 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12733 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12734 -c "Protocol is TLSv1.3"
12743 run_test "TLS 1.3: Client authentication - opaque key, ecdsa_secp521r1_sha512 - gnutls" \
12744 … "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
12748 -c "got a certificate request" \
12749 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12750 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12751 -c "Protocol is TLSv1.3"
12760 run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha256 - openssl" \
12761 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
12765 -c "got a certificate request" \
12766 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12767 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12768 -c "Protocol is TLSv1.3"
12778 run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha256 - gnutls" \
12779 … "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
12780 "$P_CLI debug_level=3 crt_file=data_files/server2-sha256.crt \
12783 -c "got a certificate request" \
12784 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12785 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12786 -c "Protocol is TLSv1.3"
12795 run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha384 - openssl" \
12796 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
12800 -c "got a certificate request" \
12801 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12802 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12803 -c "Protocol is TLSv1.3"
12813 run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha384 - gnutls" \
12814 … "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
12815 "$P_CLI debug_level=3 crt_file=data_files/server2-sha256.crt \
12818 -c "got a certificate request" \
12819 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12820 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12821 -c "Protocol is TLSv1.3"
12830 run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha512 - openssl" \
12831 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
12835 -c "got a certificate request" \
12836 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12837 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12838 -c "Protocol is TLSv1.3"
12848 run_test "TLS 1.3: Client authentication - opaque key, rsa_pss_rsae_sha512 - gnutls" \
12849 … "$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
12850 "$P_CLI debug_level=3 crt_file=data_files/server2-sha256.crt \
12853 -c "got a certificate request" \
12854 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12855 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12856 -c "Protocol is TLSv1.3"
12865 run_test "TLS 1.3: Client authentication - opaque key, client alg not in server list - openssl" \
12866 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10
12867 -sigalgs ecdsa_secp256r1_sha256" \
12871 -c "got a certificate request" \
12872 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12873 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12874 -c "no suitable signature algorithm"
12884 run_test "TLS 1.3: Client authentication - opaque key, client alg not in server list - gnutls" \
12885 …"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:-SIGN-ALL:+SIGN-ECDSA-…
12889 -c "got a certificate request" \
12890 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
12891 -c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
12892 -c "no suitable signature algorithm"
12899 run_test "TLS 1.3: HRR check, ciphersuite TLS_AES_128_GCM_SHA256 - openssl" \
12900 …NEXT_SRV -ciphersuites TLS_AES_128_GCM_SHA256 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg …
12903 -c "received HelloRetryRequest message" \
12904 -c "<= ssl_tls13_process_server_hello ( HelloRetryRequest )" \
12905 -c "client state: MBEDTLS_SSL_CLIENT_HELLO" \
12906 -c "Protocol is TLSv1.3" \
12907 -c "HTTP/1.0 200 ok"
12914 run_test "TLS 1.3: HRR check, ciphersuite TLS_AES_256_GCM_SHA384 - openssl" \
12915 …NEXT_SRV -ciphersuites TLS_AES_256_GCM_SHA384 -sigalgs ecdsa_secp256r1_sha256 -groups P-256 -msg …
12918 -c "received HelloRetryRequest message" \
12919 -c "<= ssl_tls13_process_server_hello ( HelloRetryRequest )" \
12920 -c "client state: MBEDTLS_SSL_CLIENT_HELLO" \
12921 -c "Protocol is TLSv1.3" \
12922 -c "HTTP/1.0 200 ok"
12931 run_test "TLS 1.3: HRR check, ciphersuite TLS_AES_128_GCM_SHA256 - gnutls" \
12932 …EXT_SRV -d 4 --priority=NONE:+GROUP-SECP256R1:+AES-128-GCM:+SHA256:+AEAD:+SIGN-ECDSA-SECP256R1-SHA…
12935 -c "received HelloRetryRequest message" \
12936 -c "<= ssl_tls13_process_server_hello ( HelloRetryRequest )" \
12937 -c "client state: MBEDTLS_SSL_CLIENT_HELLO" \
12938 -c "Protocol is TLSv1.3" \
12939 -c "HTTP/1.0 200 OK"
12948 run_test "TLS 1.3: HRR check, ciphersuite TLS_AES_256_GCM_SHA384 - gnutls" \
12949 …EXT_SRV -d 4 --priority=NONE:+GROUP-SECP256R1:+AES-256-GCM:+SHA384:+AEAD:+SIGN-ECDSA-SECP256R1-SHA…
12952 -c "received HelloRetryRequest message" \
12953 -c "<= ssl_tls13_process_server_hello ( HelloRetryRequest )" \
12954 -c "client state: MBEDTLS_SSL_CLIENT_HELLO" \
12955 -c "Protocol is TLSv1.3" \
12956 -c "HTTP/1.0 200 OK"
12962 run_test "TLS 1.3: Server side check - openssl" \
12964 "$O_NEXT_CLI -msg -debug -tls1_3 -no_middlebox" \
12966 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \
12967 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \
12968 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
12969 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
12970 -s "tls13 server state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \
12971 -s "tls13 server state: MBEDTLS_SSL_SERVER_FINISHED" \
12972 -s "tls13 server state: MBEDTLS_SSL_CLIENT_FINISHED" \
12973 -s "tls13 server state: MBEDTLS_SSL_HANDSHAKE_WRAPUP"
12979 run_test "TLS 1.3: Server side check - openssl with client authentication" \
12981 …"$O_NEXT_CLI -msg -debug -cert data_files/server5.crt -key data_files/server5.key -tls1_3 -no_midd…
12983 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \
12984 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \
12985 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
12986 -s "tls13 server state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \
12987 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
12988 -s "tls13 server state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \
12989 -s "tls13 server state: MBEDTLS_SSL_SERVER_FINISHED" \
12990 -s "=> write certificate request" \
12991 -s "=> parse client hello" \
12992 -s "<= parse client hello"
12999 run_test "TLS 1.3: Server side check - gnutls" \
13001 …"$G_NEXT_CLI localhost -d 4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_CO…
13003 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \
13004 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \
13005 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
13006 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
13007 -s "tls13 server state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \
13008 -s "tls13 server state: MBEDTLS_SSL_SERVER_FINISHED" \
13009 -s "tls13 server state: MBEDTLS_SSL_CLIENT_FINISHED" \
13010 -s "tls13 server state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \
13011 -c "HTTP/1.0 200 OK"
13018 run_test "TLS 1.3: Server side check - gnutls with client authentication" \
13020 …-d 4 --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key --priority=NORMAL:…
13022 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \
13023 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \
13024 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
13025 -s "tls13 server state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \
13026 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
13027 -s "tls13 server state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \
13028 -s "tls13 server state: MBEDTLS_SSL_SERVER_FINISHED" \
13029 -s "=> write certificate request" \
13030 -s "=> parse client hello" \
13031 -s "<= parse client hello"
13037 run_test "TLS 1.3: Server side check - mbedtls" \
13041 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \
13042 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \
13043 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
13044 -s "tls13 server state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \
13045 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
13046 -s "tls13 server state: MBEDTLS_SSL_CERTIFICATE_VERIFY" \
13047 -s "tls13 server state: MBEDTLS_SSL_SERVER_FINISHED" \
13048 -s "tls13 server state: MBEDTLS_SSL_CLIENT_FINISHED" \
13049 -s "tls13 server state: MBEDTLS_SSL_HANDSHAKE_WRAPUP" \
13050 -c "HTTP/1.0 200 OK"
13056 run_test "TLS 1.3: Server side check - mbedtls with client authentication" \
13060 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \
13061 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \
13062 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
13063 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
13064 -s "=> write certificate request" \
13065 -c "client state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \
13066 -s "=> parse client hello" \
13067 -s "<= parse client hello"
13073 run_test "TLS 1.3: Server side check - mbedtls with client empty certificate" \
13077 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \
13078 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \
13079 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
13080 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
13081 -s "=> write certificate request" \
13082 …-s "SSL - No client certification received from the client, but required by the authentication mod…
13083 -c "client state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \
13084 -s "=> parse client hello" \
13085 -s "<= parse client hello"
13091 run_test "TLS 1.3: Server side check - mbedtls with optional client authentication" \
13095 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \
13096 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \
13097 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
13098 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
13099 -s "=> write certificate request" \
13100 -c "client state: MBEDTLS_SSL_CERTIFICATE_REQUEST" \
13101 -s "=> parse client hello" \
13102 -s "<= parse client hello"
13109 run_test "TLS 1.3: server: HRR check - mbedtls" \
13113 -s "tls13 server state: MBEDTLS_SSL_CLIENT_HELLO" \
13114 -s "tls13 server state: MBEDTLS_SSL_SERVER_HELLO" \
13115 -s "tls13 server state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
13116 -s "tls13 server state: MBEDTLS_SSL_HELLO_RETRY_REQUEST" \
13117 -c "client state: MBEDTLS_SSL_ENCRYPTED_EXTENSIONS" \
13118 -s "selected_group: secp384r1" \
13119 -s "=> write hello retry request" \
13120 -s "<= write hello retry request"
13130 -s "tls13 server state: MBEDTLS_SSL_SERVER_CERTIFICATE" \
13131 -s "No certificate available."
13138 run_test "TLS 1.3: Server side check - openssl with sni" \
13140 …s/server5.key,data_files/test-ca_cat12.crt,-,-,polarssl.example,data_files/server1-nospace.crt,dat…
13141 …$O_NEXT_CLI -msg -debug -servername localhost -CAfile data_files/test-ca_cat12.crt -cert data_file…
13143 -s "parse ServerName extension" \
13144 -s "HTTP/1.0 200 OK"
13151 run_test "TLS 1.3: Server side check - gnutls with sni" \
13153 …s/server5.key,data_files/test-ca_cat12.crt,-,-,polarssl.example,data_files/server1-nospace.crt,dat…
13154 …-d 4 --sni-hostname=localhost --x509certfile data_files/server5.crt --x509keyfile data_files/serve…
13156 -s "parse ServerName extension" \
13157 -s "HTTP/1.0 200 OK"
13164 run_test "TLS 1.3: Server side check - mbedtls with sni" \
13166 …server2.crt,data_files/server2.key,-,-,-,polarssl.example,data_files/server1-nospace.crt,data_file…
13169 -s "parse ServerName extension" \
13170 -s "HTTP/1.0 200 OK"
13172 for i in opt-testcases/*.sh
13186 run_test "TLS 1.3 m->m both peers do not support middlebox compatibility" \
13190 -s "Protocol is TLSv1.3" \
13191 -c "Protocol is TLSv1.3" \
13192 -S "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO" \
13193 -C "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
13200 run_test "TLS 1.3 m->m both with middlebox compat support" \
13204 -s "Protocol is TLSv1.3" \
13205 -c "Protocol is TLSv1.3" \
13206 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO" \
13207 -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
13214 run_test "TLS 1.3 m->O both peers do not support middlebox compatibility" \
13215 "$O_NEXT_SRV -msg -tls1_3 -no_middlebox -num_tickets 0 -no_resume_ephemeral -no_cache" \
13218 -c "Protocol is TLSv1.3" \
13219 -C "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode" \
13220 -C "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
13227 run_test "TLS 1.3 m->O server with middlebox compat support, not client" \
13228 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
13231 -c "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode"
13238 run_test "TLS 1.3 m->O both with middlebox compat support" \
13239 "$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache" \
13242 -c "Protocol is TLSv1.3" \
13243 -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
13252 run_test "TLS 1.3 m->G both peers do not support middlebox compatibility" \
13253 …"$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_TLS13_COMPA…
13256 -c "Protocol is TLSv1.3" \
13257 -C "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode" \
13258 -C "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
13266 run_test "TLS 1.3 m->G server with middlebox compat support, not client" \
13267 …"$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS --disable-client-cer…
13270 -c "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode"
13278 run_test "TLS 1.3 m->G both with middlebox compat support" \
13279 …"$G_NEXT_SRV --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS --disable-client-cer…
13282 -c "Protocol is TLSv1.3" \
13283 -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
13290 run_test "TLS 1.3 O->m both peers do not support middlebox compatibility" \
13292 "$O_NEXT_CLI -msg -debug -no_middlebox" \
13294 -s "Protocol is TLSv1.3" \
13295 -S "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO" \
13296 -C "14 03 03 00 01"
13303 run_test "TLS 1.3 O->m server with middlebox compat support, not client" \
13305 "$O_NEXT_CLI -msg -debug -no_middlebox" \
13307 -s "Protocol is TLSv1.3" \
13308 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO"
13315 run_test "TLS 1.3 O->m both with middlebox compat support" \
13317 "$O_NEXT_CLI -msg -debug" \
13319 -s "Protocol is TLSv1.3" \
13320 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO" \
13321 -c "14 03 03 00 01"
13330 run_test "TLS 1.3 G->m both peers do not support middlebox compatibility" \
13332 "$G_NEXT_CLI localhost --priority=NORMAL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \
13334 -s "Protocol is TLSv1.3" \
13335 -S "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO" \
13336 -C "SSL 3.3 ChangeCipherSpec packet received"
13345 run_test "TLS 1.3 G->m server with middlebox compat support, not client" \
13347 … "$G_NEXT_CLI localhost --debug=10 --priority=NORMAL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \
13349 -s "Protocol is TLSv1.3" \
13350 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO" \
13351 -c "SSL 3.3 ChangeCipherSpec packet received" \
13352 -c "discarding change cipher spec in TLS1.3"
13361 run_test "TLS 1.3 G->m both with middlebox compat support" \
13363 … "$G_NEXT_CLI localhost --debug=10 --priority=NORMAL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE -V" \
13365 -s "Protocol is TLSv1.3" \
13366 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_SERVER_HELLO" \
13367 -c "SSL 3.3 ChangeCipherSpec packet received"
13374 run_test "TLS 1.3 m->m HRR both peers do not support middlebox compatibility" \
13378 -s "Protocol is TLSv1.3" \
13379 -c "Protocol is TLSv1.3" \
13380 -s "tls13 server state: MBEDTLS_SSL_HELLO_RETRY_REQUEST" \
13381 -S "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \
13382 -C "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
13390 run_test "TLS 1.3 m->m HRR both with middlebox compat support" \
13394 -s "Protocol is TLSv1.3" \
13395 -c "Protocol is TLSv1.3" \
13396 -s "tls13 server state: MBEDTLS_SSL_HELLO_RETRY_REQUEST" \
13397 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \
13398 -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
13405 run_test "TLS 1.3 m->O HRR both peers do not support middlebox compatibility" \
13406 "$O_NEXT_SRV -msg -tls1_3 -groups P-384 -no_middlebox -num_tickets 0 -no_cache" \
13409 -c "Protocol is TLSv1.3" \
13410 -c "received HelloRetryRequest message" \
13411 -C "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode" \
13412 -C "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
13419 run_test "TLS 1.3 m->O HRR server with middlebox compat support, not client" \
13420 "$O_NEXT_SRV -msg -tls1_3 -groups P-384 -num_tickets 0 -no_cache" \
13423 -c "received HelloRetryRequest message" \
13424 -c "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode"
13431 run_test "TLS 1.3 m->O HRR both with middlebox compat support" \
13432 "$O_NEXT_SRV -msg -tls1_3 -groups P-384 -num_tickets 0 -no_resume_ephemeral -no_cache" \
13435 -c "Protocol is TLSv1.3" \
13436 -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
13445 run_test "TLS 1.3 m->G HRR both peers do not support middlebox compatibility" \
13446 …"$G_NEXT_SRV --priority=NORMAL:-GROUP-ALL:+GROUP-SECP384R1:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS:%DIS…
13449 -c "Protocol is TLSv1.3" \
13450 -c "received HelloRetryRequest message" \
13451 -C "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode" \
13452 -C "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
13460 run_test "TLS 1.3 m->G HRR server with middlebox compat support, not client" \
13461 …"$G_NEXT_SRV --priority=NORMAL:-GROUP-ALL:+GROUP-SECP384R1:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS --di…
13464 -c "received HelloRetryRequest message" \
13465 -c "ChangeCipherSpec invalid in TLS 1.3 without compatibility mode"
13474 run_test "TLS 1.3 m->G HRR both with middlebox compat support" \
13475 …"$G_NEXT_SRV --priority=NORMAL:-GROUP-ALL:+GROUP-SECP384R1:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_…
13478 -c "Protocol is TLSv1.3" \
13479 -c "Ignore ChangeCipherSpec in TLS 1.3 compatibility mode"
13486 run_test "TLS 1.3 O->m HRR both peers do not support middlebox compatibility" \
13488 "$O_NEXT_CLI -msg -debug -groups P-256:P-384 -no_middlebox" \
13490 -s "Protocol is TLSv1.3" \
13491 -S "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \
13492 -C "14 03 03 00 01"
13499 run_test "TLS 1.3 O->m HRR server with middlebox compat support, not client" \
13501 "$O_NEXT_CLI -msg -debug -groups P-256:P-384 -no_middlebox" \
13503 -s "Protocol is TLSv1.3" \
13504 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \
13511 run_test "TLS 1.3 O->m HRR both with middlebox compat support" \
13513 "$O_NEXT_CLI -msg -debug -groups P-256:P-384" \
13515 -s "Protocol is TLSv1.3" \
13516 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \
13517 -c "14 03 03 00 01"
13526 run_test "TLS 1.3 G->m HRR both peers do not support middlebox compatibility" \
13528 …"$G_NEXT_CLI localhost --priority=NORMAL:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1:%NO_TICKETS:…
13530 -s "Protocol is TLSv1.3" \
13531 -S "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \
13532 -C "SSL 3.3 ChangeCipherSpec packet received"
13542 run_test "TLS 1.3 G->m HRR server with middlebox compat support, not client" \
13544 …NEXT_CLI localhost --debug=10 --priority=NORMAL:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1:%NO_T…
13546 -s "Protocol is TLSv1.3" \
13547 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \
13548 -c "SSL 3.3 ChangeCipherSpec packet received" \
13549 -c "discarding change cipher spec in TLS1.3"
13559 run_test "TLS 1.3 G->m HRR both with middlebox compat support" \
13561 …NEXT_CLI localhost --debug=10 --priority=NORMAL:-GROUP-ALL:+GROUP-SECP256R1:+GROUP-SECP384R1:%NO_T…
13563 -s "Protocol is TLSv1.3" \
13564 -s "tls13 server state: MBEDTLS_SSL_SERVER_CCS_AFTER_HELLO_RETRY_REQUEST" \
13565 -c "SSL 3.3 ChangeCipherSpec packet received"
13572 run_test "TLS 1.3: Check signature algorithm order, m->O" \
13573 "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key
13574 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache
13575 …-Verify 10 -sigalgs rsa_pkcs1_sha512:rsa_pss_rsae_sha512:rsa_pss_rsae_sha384:ecdsa_secp256r1_sha25…
13576 … "$P_CLI debug_level=4 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key \
13579 -c "Protocol is TLSv1.3" \
13580 -c "CertificateVerify signature with rsa_pss_rsae_sha512" \
13581 -c "HTTP/1.0 200 [Oo][Kk]"
13588 run_test "TLS 1.3: Check signature algorithm order, m->G" \
13589 …"$G_NEXT_SRV_NO_CERT --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2…
13590 -d 4
13591 …--priority=NORMAL:-VERS-ALL:-SIGN-ALL:+SIGN-RSA-SHA512:+SIGN-RSA-PSS-RSAE-SHA512:+SIGN-RSA-PSS-RSA…
13592 … "$P_CLI debug_level=4 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key \
13595 -c "Protocol is TLSv1.3" \
13596 -c "CertificateVerify signature with rsa_pss_rsae_sha512" \
13597 -c "HTTP/1.0 200 [Oo][Kk]"
13604 run_test "TLS 1.3: Check signature algorithm order, m->m" \
13606 crt_file2=data_files/server2-sha256.crt key_file2=data_files/server2.key
13609 … "$P_CLI debug_level=4 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key \
13612 -c "Protocol is TLSv1.3" \
13613 -c "CertificateVerify signature with rsa_pss_rsae_sha512" \
13614 -s "CertificateVerify signature with rsa_pss_rsae_sha512" \
13615 -s "ssl_tls13_pick_key_cert:selected signature algorithm rsa_pss_rsae_sha512" \
13616 -c "HTTP/1.0 200 [Oo][Kk]"
13623 run_test "TLS 1.3: Check signature algorithm order, O->m" \
13625 crt_file2=data_files/server2-sha256.crt key_file2=data_files/server2.key
13628 "$O_NEXT_CLI_NO_CERT -msg -CAfile data_files/test-ca_cat12.crt \
13629 -cert data_files/server2-sha256.crt -key data_files/server2.key \
13630 … -sigalgs rsa_pkcs1_sha512:rsa_pss_rsae_sha512:rsa_pss_rsae_sha384:ecdsa_secp256r1_sha256" \
13632 -c "TLSv1.3" \
13633 -s "CertificateVerify signature with rsa_pss_rsae_sha512" \
13634 -s "ssl_tls13_pick_key_cert:selected signature algorithm rsa_pss_rsae_sha512"
13641 run_test "TLS 1.3: Check signature algorithm order, G->m" \
13643 crt_file2=data_files/server2-sha256.crt key_file2=data_files/server2.key
13646 "$G_NEXT_CLI_NO_CERT localhost -d 4 --x509cafile data_files/test-ca_cat12.crt \
13647 … --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key \
13648 …--priority=NORMAL:-SIGN-ALL:+SIGN-RSA-SHA512:+SIGN-RSA-PSS-RSAE-SHA512:+SIGN-RSA-PSS-RSAE-SHA384" …
13650 -c "Negotiated version: 3.4" \
13651 -c "HTTP/1.0 200 [Oo][Kk]" \
13652 -s "CertificateVerify signature with rsa_pss_rsae_sha512" \
13653 -s "ssl_tls13_pick_key_cert:selected signature algorithm rsa_pss_rsae_sha512"
13660 run_test "TLS 1.3: Check server no suitable signature algorithm, G->m" \
13662 crt_file2=data_files/server2-sha256.crt key_file2=data_files/server2.key
13665 "$G_NEXT_CLI_NO_CERT localhost -d 4 --x509cafile data_files/test-ca_cat12.crt \
13666 … --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key \
13667 …--priority=NORMAL:-SIGN-ALL:+SIGN-RSA-SHA512:+SIGN-RSA-PSS-RSAE-SHA512:+SIGN-ECDSA-SECP521R1-SHA51…
13669 -S "ssl_tls13_pick_key_cert:check signature algorithm"
13676 run_test "TLS 1.3: Check server no suitable signature algorithm, O->m" \
13678 crt_file2=data_files/server2-sha256.crt key_file2=data_files/server2.key
13681 "$O_NEXT_CLI_NO_CERT -msg -CAfile data_files/test-ca_cat12.crt \
13682 -cert data_files/server2-sha256.crt -key data_files/server2.key \
13683 … -sigalgs rsa_pkcs1_sha512:rsa_pss_rsae_sha512:ecdsa_secp521r1_sha512" \
13685 -S "ssl_tls13_pick_key_cert:check signature algorithm"
13692 run_test "TLS 1.3: Check server no suitable signature algorithm, m->m" \
13694 crt_file2=data_files/server2-sha256.crt key_file2=data_files/server2.key
13697 …"$P_CLI allow_sha1=0 debug_level=4 crt_file=data_files/server2-sha256.crt key_file=data_files/serv…
13700 -S "ssl_tls13_pick_key_cert:check signature algorithm"
13707 run_test "TLS 1.3: Check server no suitable certificate, G->m" \
13709 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key
13711 "$G_NEXT_CLI_NO_CERT localhost -d 4 --x509cafile data_files/test-ca_cat12.crt \
13712 … --priority=NORMAL:-SIGN-ALL:+SIGN-ECDSA-SECP521R1-SHA512:+SIGN-ECDSA-SECP256R1-SHA256" \
13714 -s "ssl_tls13_pick_key_cert:no suitable certificate found"
13721 run_test "TLS 1.3: Check server no suitable certificate, O->m" \
13723 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key
13725 "$O_NEXT_CLI_NO_CERT -msg -CAfile data_files/test-ca_cat12.crt \
13726 -sigalgs ecdsa_secp521r1_sha512:ecdsa_secp256r1_sha256" \
13728 -s "ssl_tls13_pick_key_cert:no suitable certificate found"
13735 run_test "TLS 1.3: Check server no suitable certificate, m->m" \
13737 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key
13742 -s "ssl_tls13_pick_key_cert:no suitable certificate found"
13749 run_test "TLS 1.3: Check client no signature algorithm, m->O" \
13750 "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key
13751 -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache
13752 …-Verify 10 -sigalgs rsa_pkcs1_sha512:rsa_pss_rsae_sha512:rsa_pss_rsae_sha384:ecdsa_secp521r1_sha51…
13756 -c "no suitable signature algorithm"
13763 run_test "TLS 1.3: Check client no signature algorithm, m->G" \
13764 …"$G_NEXT_SRV_NO_CERT --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2…
13765 -d 4
13766 …--priority=NORMAL:-VERS-ALL:-SIGN-ALL:+SIGN-RSA-SHA512:+SIGN-RSA-PSS-RSAE-SHA512:+SIGN-RSA-PSS-RSA…
13770 -c "no suitable signature algorithm"
13777 run_test "TLS 1.3: Check client no signature algorithm, m->m" \
13779 crt_file2=data_files/server2-sha256.crt key_file2=data_files/server2.key
13785 -c "no suitable signature algorithm"
13791 run_test "TLS 1.2: Check rsa_pss_rsae compatibility issue, m->O" \
13792 "$O_NEXT_SRV_NO_CERT -cert data_files/server2-sha256.crt -key data_files/server2.key
13793 -msg -tls1_2
13794 -Verify 10 " \
13795 … "$P_CLI debug_level=4 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key
13799 -c "Protocol is TLSv1.2" \
13800 -c "HTTP/1.0 200 [Oo][Kk]"
13807 run_test "TLS 1.2: Check rsa_pss_rsae compatibility issue, m->G" \
13808 …"$G_NEXT_SRV_NO_CERT --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2…
13809 -d 4
13810 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.2" \
13811 … "$P_CLI debug_level=4 crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key
13815 -c "Protocol is TLSv1.2" \
13816 -c "HTTP/1.0 200 [Oo][Kk]"
13828 run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,ffdhe3072,rsa_pss_rsae_sha256" \
13829 …V crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphe…
13830 …--debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+AES-128-GC…
13832 -s "Protocol is TLSv1.3" \
13833 -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
13834 -s "received signature algorithm: 0x804" \
13835 -s "got named group: ffdhe3072(0101)" \
13836 -s "Certificate verification was skipped" \
13837 -C "received HelloRetryRequest message"
13850 run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,ffdhe3072,rsa_pss_rsae_sha256" \
13851 …--http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile …
13852 …"$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SH…
13854 -c "HTTP/1.0 200 OK" \
13855 -c "Protocol is TLSv1.3" \
13856 -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
13857 -c "Certificate Verify: Signature algorithm ( 0804 )" \
13858 -c "NamedGroup: ffdhe3072 ( 101 )" \
13859 -c "Verifying peer X.509 certificate... ok" \
13860 -C "received HelloRetryRequest message"
13872 run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,ffdhe4096,rsa_pss_rsae_sha256" \
13873 …V crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphe…
13874 …--debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+AES-128-GC…
13876 -s "Protocol is TLSv1.3" \
13877 -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
13878 -s "received signature algorithm: 0x804" \
13879 -s "got named group: ffdhe4096(0102)" \
13880 -s "Certificate verification was skipped" \
13881 -C "received HelloRetryRequest message"
13894 run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,ffdhe4096,rsa_pss_rsae_sha256" \
13895 …--http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile …
13896 …"$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SH…
13898 -c "HTTP/1.0 200 OK" \
13899 -c "Protocol is TLSv1.3" \
13900 -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
13901 -c "Certificate Verify: Signature algorithm ( 0804 )" \
13902 -c "NamedGroup: ffdhe4096 ( 102 )" \
13903 -c "Verifying peer X.509 certificate... ok" \
13904 -C "received HelloRetryRequest message"
13916 run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,ffdhe6144,rsa_pss_rsae_sha256" \
13917 …V crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphe…
13918 …--debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+AES-128-GC…
13920 -s "Protocol is TLSv1.3" \
13921 -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
13922 -s "received signature algorithm: 0x804" \
13923 -s "got named group: ffdhe6144(0103)" \
13924 -s "Certificate verification was skipped" \
13925 -C "received HelloRetryRequest message"
13937 run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,ffdhe6144,rsa_pss_rsae_sha256" \
13938 …--http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile …
13939 …"$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SH…
13941 -c "HTTP/1.0 200 OK" \
13942 -c "Protocol is TLSv1.3" \
13943 -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
13944 -c "Certificate Verify: Signature algorithm ( 0804 )" \
13945 -c "NamedGroup: ffdhe6144 ( 103 )" \
13946 -c "Verifying peer X.509 certificate... ok" \
13947 -C "received HelloRetryRequest message"
13960 run_test "TLS 1.3 G->m: AES_128_GCM_SHA256,ffdhe8192,rsa_pss_rsae_sha256" \
13961 …V crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key debug_level=4 force_ciphe…
13962 …--debug=4 --single-key-share --x509cafile data_files/test-ca_cat12.crt --priority=NONE:+AES-128-GC…
13964 -s "Protocol is TLSv1.3" \
13965 -s "server hello, chosen ciphersuite: TLS1-3-AES-128-GCM-SHA256 ( id=4865 )" \
13966 -s "received signature algorithm: 0x804" \
13967 -s "got named group: ffdhe8192(0104)" \
13968 -s "Certificate verification was skipped" \
13969 -C "received HelloRetryRequest message"
13982 run_test "TLS 1.3 m->G: AES_128_GCM_SHA256,ffdhe8192,rsa_pss_rsae_sha256" \
13983 …--http --disable-client-cert --debug=4 --x509certfile data_files/server2-sha256.crt --x509keyfile …
13984 …"$P_CLI ca_file=data_files/test-ca_cat12.crt debug_level=4 force_ciphersuite=TLS1-3-AES-128-GCM-SH…
13986 -c "HTTP/1.0 200 OK" \
13987 -c "Protocol is TLSv1.3" \
13988 -c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
13989 -c "Certificate Verify: Signature algorithm ( 0804 )" \
13990 -c "NamedGroup: ffdhe8192 ( 104 )" \
13991 -c "Verifying peer X.509 certificate... ok" \
13992 -C "received HelloRetryRequest message"
14003 -C "received HelloRetryRequest message" \
14004 -c "Selected key exchange mode: psk$" \
14005 -c "HTTP/1.0 200 OK"
14015 if [ "$LIST_TESTS" -eq 0 ]; then
14019 echo "------------------------------------------------------------------------"
14026 PASSES=$(( $TESTS - $FAILS ))
14031 if [ $FAILS -gt 255 ]; then