ssl-opt.sh: Add var's of context s11n tests for ChaChaPoly,CCM,GCM
This commit splits each test in ssl-opt.sh related to context serialization in three tests, exercising the use of CCM, GCM and ChaChaPoly separately. The reason is that the choice of primitive affects the presence and size of an explicit IV, and we should test that space for those IVs is correctly restored during context deserialization; in fact, this was not the case previously, as fixed in the last commit, and was not caught by the tests because only ChaChaPoly was tested.
This commit is contained in:
Hanno Becker
parent
1b18fd3afe
commit
e0b90ece55
120
tests/ssl-opt.sh
120
tests/ssl-opt.sh
@ -1283,9 +1283,25 @@ run_test "Truncated HMAC, DTLS: client enabled, server enabled" \
|
||||
# Tests for Context serialization
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
|
||||
run_test "Context serialization, client serializes" \
|
||||
run_test "Context serialization, client serializes, CCM" \
|
||||
"$P_SRV dtls=1 serialize=0 exchanges=2" \
|
||||
"$P_CLI dtls=1 serialize=1 exchanges=2" \
|
||||
"$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
|
||||
0 \
|
||||
-c "Deserializing connection..." \
|
||||
-S "Deserializing connection..."
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
|
||||
run_test "Context serialization, client serializes, ChaChaPoly" \
|
||||
"$P_SRV dtls=1 serialize=0 exchanges=2" \
|
||||
"$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
|
||||
0 \
|
||||
-c "Deserializing connection..." \
|
||||
-S "Deserializing connection..."
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
|
||||
run_test "Context serialization, client serializes, GCM" \
|
||||
"$P_SRV dtls=1 serialize=0 exchanges=2" \
|
||||
"$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
|
||||
0 \
|
||||
-c "Deserializing connection..." \
|
||||
-S "Deserializing connection..."
|
||||
@ -1300,9 +1316,25 @@ run_test "Context serialization, client serializes, with CID" \
|
||||
-S "Deserializing connection..."
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
|
||||
run_test "Context serialization, server serializes" \
|
||||
run_test "Context serialization, server serializes, CCM" \
|
||||
"$P_SRV dtls=1 serialize=1 exchanges=2" \
|
||||
"$P_CLI dtls=1 serialize=0 exchanges=2" \
|
||||
"$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
|
||||
0 \
|
||||
-C "Deserializing connection..." \
|
||||
-s "Deserializing connection..."
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
|
||||
run_test "Context serialization, server serializes, ChaChaPoly" \
|
||||
"$P_SRV dtls=1 serialize=1 exchanges=2" \
|
||||
"$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
|
||||
0 \
|
||||
-C "Deserializing connection..." \
|
||||
-s "Deserializing connection..."
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
|
||||
run_test "Context serialization, server serializes, GCM" \
|
||||
"$P_SRV dtls=1 serialize=1 exchanges=2" \
|
||||
"$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
|
||||
0 \
|
||||
-C "Deserializing connection..." \
|
||||
-s "Deserializing connection..."
|
||||
@ -1317,9 +1349,25 @@ run_test "Context serialization, server serializes, with CID" \
|
||||
-s "Deserializing connection..."
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
|
||||
run_test "Context serialization, both serialize" \
|
||||
run_test "Context serialization, both serialize, CCM" \
|
||||
"$P_SRV dtls=1 serialize=1 exchanges=2" \
|
||||
"$P_CLI dtls=1 serialize=1 exchanges=2" \
|
||||
"$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
|
||||
0 \
|
||||
-c "Deserializing connection..." \
|
||||
-s "Deserializing connection..."
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
|
||||
run_test "Context serialization, both serialize, ChaChaPoly" \
|
||||
"$P_SRV dtls=1 serialize=1 exchanges=2" \
|
||||
"$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
|
||||
0 \
|
||||
-c "Deserializing connection..." \
|
||||
-s "Deserializing connection..."
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
|
||||
run_test "Context serialization, both serialize, GCM" \
|
||||
"$P_SRV dtls=1 serialize=1 exchanges=2" \
|
||||
"$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
|
||||
0 \
|
||||
-c "Deserializing connection..." \
|
||||
-s "Deserializing connection..."
|
||||
@ -1334,9 +1382,25 @@ run_test "Context serialization, both serialize, with CID" \
|
||||
-s "Deserializing connection..."
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
|
||||
run_test "Context serialization, re-init, client serializes" \
|
||||
run_test "Context serialization, re-init, client serializes, CCM" \
|
||||
"$P_SRV dtls=1 serialize=0 exchanges=2" \
|
||||
"$P_CLI dtls=1 serialize=2 exchanges=2" \
|
||||
"$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
|
||||
0 \
|
||||
-c "Deserializing connection..." \
|
||||
-S "Deserializing connection..."
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
|
||||
run_test "Context serialization, re-init, client serializes, ChaChaPoly" \
|
||||
"$P_SRV dtls=1 serialize=0 exchanges=2" \
|
||||
"$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
|
||||
0 \
|
||||
-c "Deserializing connection..." \
|
||||
-S "Deserializing connection..."
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
|
||||
run_test "Context serialization, re-init, client serializes, GCM" \
|
||||
"$P_SRV dtls=1 serialize=0 exchanges=2" \
|
||||
"$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
|
||||
0 \
|
||||
-c "Deserializing connection..." \
|
||||
-S "Deserializing connection..."
|
||||
@ -1351,9 +1415,25 @@ run_test "Context serialization, re-init, client serializes, with CID" \
|
||||
-S "Deserializing connection..."
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
|
||||
run_test "Context serialization, re-init, server serializes" \
|
||||
run_test "Context serialization, re-init, server serializes, CCM" \
|
||||
"$P_SRV dtls=1 serialize=2 exchanges=2" \
|
||||
"$P_CLI dtls=1 serialize=0 exchanges=2" \
|
||||
"$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
|
||||
0 \
|
||||
-C "Deserializing connection..." \
|
||||
-s "Deserializing connection..."
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
|
||||
run_test "Context serialization, re-init, server serializes, ChaChaPoly" \
|
||||
"$P_SRV dtls=1 serialize=2 exchanges=2" \
|
||||
"$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
|
||||
0 \
|
||||
-C "Deserializing connection..." \
|
||||
-s "Deserializing connection..."
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
|
||||
run_test "Context serialization, re-init, server serializes, GCM" \
|
||||
"$P_SRV dtls=1 serialize=2 exchanges=2" \
|
||||
"$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
|
||||
0 \
|
||||
-C "Deserializing connection..." \
|
||||
-s "Deserializing connection..."
|
||||
@ -1368,9 +1448,25 @@ run_test "Context serialization, re-init, server serializes, with CID" \
|
||||
-s "Deserializing connection..."
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
|
||||
run_test "Context serialization, re-init, both serialize" \
|
||||
run_test "Context serialization, re-init, both serialize, CCM" \
|
||||
"$P_SRV dtls=1 serialize=2 exchanges=2" \
|
||||
"$P_CLI dtls=1 serialize=2 exchanges=2" \
|
||||
"$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
|
||||
0 \
|
||||
-c "Deserializing connection..." \
|
||||
-s "Deserializing connection..."
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
|
||||
run_test "Context serialization, re-init, both serialize, ChaChaPoly" \
|
||||
"$P_SRV dtls=1 serialize=2 exchanges=2" \
|
||||
"$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
|
||||
0 \
|
||||
-c "Deserializing connection..." \
|
||||
-s "Deserializing connection..."
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
|
||||
run_test "Context serialization, re-init, both serialize, GCM" \
|
||||
"$P_SRV dtls=1 serialize=2 exchanges=2" \
|
||||
"$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
|
||||
0 \
|
||||
-c "Deserializing connection..." \
|
||||
-s "Deserializing connection..."
|
||||
|
||||
Loading…
Reference in New Issue
Block a user