fix various issues in ssl-opt
Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu
parent
2124d05e06
commit
819f29730a
@ -9793,8 +9793,9 @@ requires_openssl_tls1_3
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_config_enabled MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_CLI_C
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
|
||||
run_test "TLS 1.3: Client authentication, no client certificate - openssl" \
|
||||
"$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -verify 10 -no_middlebox" \
|
||||
"$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -verify 10" \
|
||||
"$P_CLI debug_level=4 force_version=tls13 crt_file=none \
|
||||
key_file=none" \
|
||||
0 \
|
||||
@ -9809,8 +9810,9 @@ requires_gnutls_next_no_ticket
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_config_enabled MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_CLI_C
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
|
||||
run_test "TLS 1.3: Client authentication, no client certificate - gnutls" \
|
||||
"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE --verify-client-cert" \
|
||||
"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS --verify-client-cert" \
|
||||
"$P_CLI debug_level=3 min_version=tls13 max_version=tls13 crt_file=none \
|
||||
key_file=none" \
|
||||
0 \
|
||||
@ -9825,7 +9827,7 @@ requires_openssl_tls1_3
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_config_enabled MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_CLI_C
|
||||
run_test "TLS 1.3: Client authentication, no server middlebox compatibility - openssl" \
|
||||
run_test "TLS 1.3: Client authentication, no server middlebox compat - openssl" \
|
||||
"$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10 -no_middlebox" \
|
||||
"$P_CLI debug_level=4 force_version=tls13 crt_file=data_files/cli2.crt \
|
||||
key_file=data_files/cli2.key" \
|
||||
@ -9840,7 +9842,7 @@ requires_gnutls_next_no_ticket
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_config_enabled MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_CLI_C
|
||||
run_test "TLS 1.3: Client authentication, no server middlebox compatibility - gnutls" \
|
||||
run_test "TLS 1.3: Client authentication, no server middlebox compat - gnutls" \
|
||||
"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
|
||||
"$P_CLI debug_level=3 min_version=tls13 max_version=tls13 crt_file=data_files/cli2.crt \
|
||||
key_file=data_files/cli2.key" \
|
||||
@ -9854,39 +9856,9 @@ requires_openssl_tls1_3
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_config_enabled MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_CLI_C
|
||||
requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
|
||||
run_test "TLS 1.3: No client authentication, client has certificate - openssl" \
|
||||
"$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -no_middlebox" \
|
||||
"$P_CLI debug_level=4 force_version=tls13 crt_file=data_files/cli2.crt \
|
||||
key_file=data_files/cli2.key" \
|
||||
0 \
|
||||
-c "got no certificate request" \
|
||||
-c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
|
||||
-C "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
|
||||
-c "Protocol is TLSv1.3"
|
||||
|
||||
requires_gnutls_tls1_3
|
||||
requires_gnutls_next_no_ticket
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_config_enabled MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_CLI_C
|
||||
requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
|
||||
run_test "TLS 1.3: No client authentication, client has certificate - gnutls" \
|
||||
"$G_NEXT_SRV --disable-client-cert --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
|
||||
"$P_CLI debug_level=3 min_version=tls13 max_version=tls13 crt_file=data_files/cli2.crt \
|
||||
key_file=data_files/cli2.key" \
|
||||
0 \
|
||||
-c "got no certificate request" \
|
||||
-c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
|
||||
-C "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY" \
|
||||
-c "Protocol is TLSv1.3"
|
||||
|
||||
requires_openssl_tls1_3
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_config_enabled MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_CLI_C
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
|
||||
run_test "TLS 1.3: Client authentication, ecdsa_secp256r1_sha256 - openssl" \
|
||||
"$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10 -no_middlebox" \
|
||||
"$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
|
||||
"$P_CLI debug_level=4 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt \
|
||||
key_file=data_files/ecdsa_secp256r1.key" \
|
||||
0 \
|
||||
@ -9900,8 +9872,9 @@ requires_gnutls_next_no_ticket
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_config_enabled MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_CLI_C
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
|
||||
run_test "TLS 1.3: Client authentication, ecdsa_secp256r1_sha256 - gnutls" \
|
||||
"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
|
||||
"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
|
||||
"$P_CLI debug_level=3 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt \
|
||||
key_file=data_files/ecdsa_secp256r1.key" \
|
||||
0 \
|
||||
@ -9914,8 +9887,9 @@ requires_openssl_tls1_3
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_config_enabled MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_CLI_C
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
|
||||
run_test "TLS 1.3: Client authentication, ecdsa_secp384r1_sha384 - openssl" \
|
||||
"$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10 -no_middlebox" \
|
||||
"$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
|
||||
"$P_CLI debug_level=4 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt \
|
||||
key_file=data_files/ecdsa_secp384r1.key" \
|
||||
0 \
|
||||
@ -9929,8 +9903,9 @@ requires_gnutls_next_no_ticket
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_config_enabled MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_CLI_C
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
|
||||
run_test "TLS 1.3: Client authentication, ecdsa_secp384r1_sha384 - gnutls" \
|
||||
"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
|
||||
"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
|
||||
"$P_CLI debug_level=3 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt \
|
||||
key_file=data_files/ecdsa_secp384r1.key" \
|
||||
0 \
|
||||
@ -9943,8 +9918,9 @@ requires_openssl_tls1_3
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_config_enabled MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_CLI_C
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
|
||||
run_test "TLS 1.3: Client authentication, ecdsa_secp521r1_sha512 - openssl" \
|
||||
"$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10 -no_middlebox" \
|
||||
"$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
|
||||
"$P_CLI debug_level=4 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt \
|
||||
key_file=data_files/ecdsa_secp521r1.key" \
|
||||
0 \
|
||||
@ -9958,8 +9934,9 @@ requires_gnutls_next_no_ticket
|
||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_config_enabled MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_CLI_C
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
|
||||
run_test "TLS 1.3: Client authentication, ecdsa_secp521r1_sha512 - gnutls" \
|
||||
"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
|
||||
"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
|
||||
"$P_CLI debug_level=3 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt \
|
||||
key_file=data_files/ecdsa_secp521r1.key" \
|
||||
0 \
|
||||
@ -9973,8 +9950,9 @@ requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_config_enabled MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_CLI_C
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
|
||||
run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha256 - openssl" \
|
||||
"$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10 -no_middlebox " \
|
||||
"$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10" \
|
||||
"$P_CLI debug_level=4 force_version=tls13 crt_file=data_files/cert_sha256.crt \
|
||||
key_file=data_files/server1.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha256,rsa_pkcs1_sha256" \
|
||||
0 \
|
||||
@ -9989,8 +9967,9 @@ requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_config_enabled MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_CLI_C
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
|
||||
run_test "TLS 1.3: Client authentication, rsa_pss_rsae_sha256 - gnutls" \
|
||||
"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
|
||||
"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS" \
|
||||
"$P_CLI debug_level=3 force_version=tls13 crt_file=data_files/server2-sha256.crt \
|
||||
key_file=data_files/server2.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha256,rsa_pkcs1_sha256" \
|
||||
0 \
|
||||
@ -10004,8 +9983,9 @@ requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_config_enabled MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_CLI_C
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
|
||||
run_test "TLS 1.3: Client authentication, client algorithm not in server list - openssl" \
|
||||
"$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10 -no_middlebox
|
||||
"$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10
|
||||
-sigalgs ecdsa_secp256r1_sha256" \
|
||||
"$P_CLI debug_level=4 force_version=tls13 crt_file=data_files/cert_sha256.crt \
|
||||
key_file=data_files/server1.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha256" \
|
||||
@ -10021,8 +10001,9 @@ requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||
requires_config_enabled MBEDTLS_DEBUG_C
|
||||
requires_config_enabled MBEDTLS_SSL_CLI_C
|
||||
requires_config_enabled MBEDTLS_RSA_C
|
||||
run_test "TLS 1.3: Client authentication, client algorithm not in server list - gnutls" \
|
||||
"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:-SIGN-ALL:+SIGN-ECDSA-SECP256R1-SHA256:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
|
||||
requires_config_enabled MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
|
||||
run_test "TLS 1.3: Client authentication, client alg not in server list - gnutls" \
|
||||
"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:-SIGN-ALL:+SIGN-ECDSA-SECP256R1-SHA256:%NO_TICKETS" \
|
||||
"$P_CLI debug_level=3 force_version=tls13 crt_file=data_files/server2-sha256.crt \
|
||||
key_file=data_files/server2.key sig_algs=ecdsa_secp256r1_sha256,rsa_pss_rsae_sha256" \
|
||||
1 \
|
||||
|
||||
Loading…
Reference in New Issue
Block a user