yuzu-emu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2024-11-26 13:15:40 +01:00
Code Issues Packages Projects Releases Wiki Activity

Correct truncated HMAC tests in ssl-opt.sh

Browse Source 
Many truncated HMAC tests were missing the `trunc_hmac=1` for the server
application, thereby not testing the extension.
This commit is contained in:
Hanno Becker 2017-11-20 16:45:37 +00:00
parent e89353a6b4
commit 45ee7877d0
1 changed files with 56 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

83
tests/ssl-opt.sh
View File

@ -3355,7 +3355,8 @@ run_test "Small packet TLS 1.0 BlockCipher, without EtM" \
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Small packet TLS 1.0 BlockCipher, truncated MAC" \
"$P_SRV" \
"$P_SRV \
trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
trunc_hmac=1" \
@ -3364,7 +3365,8 @@ run_test "Small packet TLS 1.0 BlockCipher, truncated MAC" \
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Small packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \
"$P_SRV" \
"$P_SRV \
trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
trunc_hmac=1 \
@ -3389,7 +3391,8 @@ run_test "Small packet TLS 1.0 StreamCipher, without EtM" \
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Small packet TLS 1.0 StreamCipher, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1" \
@ -3398,7 +3401,8 @@ run_test "Small packet TLS 1.0 StreamCipher, truncated MAC" \
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Small packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1 \
@ -3423,7 +3427,8 @@ run_test "Small packet TLS 1.1 BlockCipher, without EtM" \
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Small packet TLS 1.1 BlockCipher, truncated MAC" \
"$P_SRV" \
"$P_SRV \
trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
trunc_hmac=1" \
@ -3432,7 +3437,8 @@ run_test "Small packet TLS 1.1 BlockCipher, truncated MAC" \
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Small packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \
"$P_SRV" \
"$P_SRV \
trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
trunc_hmac=1 \
@ -3457,7 +3463,8 @@ run_test "Small packet TLS 1.1 StreamCipher, without EtM" \
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Small packet TLS 1.1 StreamCipher, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1" \
@ -3466,7 +3473,8 @@ run_test "Small packet TLS 1.1 StreamCipher, truncated MAC" \
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Small packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1 \
@ -3498,7 +3506,8 @@ run_test "Small packet TLS 1.2 BlockCipher larger MAC" \
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Small packet TLS 1.2 BlockCipher, truncated MAC" \
"$P_SRV" \
"$P_SRV \
trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
trunc_hmac=1" \
@ -3507,7 +3516,8 @@ run_test "Small packet TLS 1.2 BlockCipher, truncated MAC" \
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Small packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
"$P_SRV" \
"$P_SRV \
trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
trunc_hmac=1 \
@ -3532,7 +3542,8 @@ run_test "Small packet TLS 1.2 StreamCipher, without EtM" \
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Small packet TLS 1.2 StreamCipher, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1" \
@ -3541,7 +3552,8 @@ run_test "Small packet TLS 1.2 StreamCipher, truncated MAC" \
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Small packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1" \
"$P_CLI request_size=1 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1 \
@ -3584,8 +3596,10 @@ run_test "Small packet DTLS 1.0, without EtM" \
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Small packet DTLS 1.0, truncated hmac" \
"$P_SRV dtls=1 force_version=dtls1" \
"$P_CLI dtls=1 request_size=1 trunc_hmac=1 \
"$P_SRV dtls=1 force_version=dtls1 \
trunc_hmac=1" \
"$P_CLI dtls=1 request_size=1 \
trunc_hmac=1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
0 \
-s "Read from client: 1 bytes read"
@ -3594,6 +3608,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Small packet DTLS 1.0, without EtM, truncated MAC" \
"$P_SRV dtls=1 force_version=dtls1 \
trunc_hmac=1 \
etm=0" \
"$P_CLI dtls=1 request_size=1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
@ -3621,7 +3636,8 @@ run_test "Small packet DTLS 1.2, without EtM" \
requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Small packet DTLS 1.2, truncated hmac" \
"$P_SRV dtls=1 force_version=dtls1_2" \
"$P_SRV dtls=1 force_version=dtls1_2 \
trunc_hmac=1" \
"$P_CLI dtls=1 request_size=1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
trunc_hmac=1" \
@ -3632,6 +3648,7 @@ requires_config_enabled MBEDTLS_SSL_PROTO_DTLS
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Small packet DTLS 1.2, without EtM, truncated MAC" \
"$P_SRV dtls=1 force_version=dtls1_2 \
trunc_hmac=1 \
etm=0" \
"$P_CLI dtls=1 request_size=1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
@ -3683,7 +3700,8 @@ run_test "Large packet TLS 1.0 BlockCipher, without EtM" \
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Large packet TLS 1.0 BlockCipher, truncated MAC" \
"$P_SRV" \
"$P_SRV \
trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1 recsplit=0 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
trunc_hmac=1" \
@ -3692,7 +3710,8 @@ run_test "Large packet TLS 1.0 BlockCipher, truncated MAC" \
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Large packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \
"$P_SRV" \
"$P_SRV \
trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1 etm=0 recsplit=0 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
trunc_hmac=1" \
@ -3716,7 +3735,8 @@ run_test "Large packet TLS 1.0 StreamCipher, without EtM" \
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Large packet TLS 1.0 StreamCipher, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1" \
@ -3725,7 +3745,8 @@ run_test "Large packet TLS 1.0 StreamCipher, truncated MAC" \
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Large packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1 etm=0" \
@ -3748,7 +3769,8 @@ run_test "Large packet TLS 1.1 BlockCipher, without EtM" \
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Large packet TLS 1.1 BlockCipher, truncated MAC" \
"$P_SRV" \
"$P_SRV \
trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
trunc_hmac=1" \
@ -3757,7 +3779,8 @@ run_test "Large packet TLS 1.1 BlockCipher, truncated MAC" \
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Large packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \
"$P_SRV" \
"$P_SRV \
trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
trunc_hmac=1 etm=0" \
@ -3781,7 +3804,8 @@ run_test "Large packet TLS 1.1 StreamCipher, without EtM" \
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Large packet TLS 1.1 StreamCipher, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1" \
@ -3790,7 +3814,8 @@ run_test "Large packet TLS 1.1 StreamCipher, truncated MAC" \
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Large packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1_1 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1 etm=0" \
@ -3820,7 +3845,8 @@ run_test "Large packet TLS 1.2 BlockCipher larger MAC" \
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Large packet TLS 1.2 BlockCipher, truncated MAC" \
"$P_SRV" \
"$P_SRV \
trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
trunc_hmac=1" \
@ -3829,7 +3855,8 @@ run_test "Large packet TLS 1.2 BlockCipher, truncated MAC" \
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Large packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
"$P_SRV" \
"$P_SRV \
trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
trunc_hmac=1 etm=0" \
@ -3852,7 +3879,8 @@ run_test "Large packet TLS 1.2 StreamCipher, without EtM" \
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Large packet TLS 1.2 StreamCipher, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1" \
@ -3861,7 +3889,8 @@ run_test "Large packet TLS 1.2 StreamCipher, truncated MAC" \
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
run_test "Large packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1" \
"$P_CLI request_size=16384 force_version=tls1_2 \
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
trunc_hmac=1 etm=0" \