mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-22 23:05:41 +01:00
Extend small packet tests for TLS
This commit ensures that there is a small packet test for at least any combination of - SSL/TLS version: SSLv3, TLS 1.0, TLS 1.1 or TLS 1.2 - Stream cipher (RC4) or Block cipher (AES) - Usage of Encrypt then MAC extension [TLS only] - Usage of truncated HMAC extension [TLS only]
This commit is contained in:
Hanno Becker
parent
32c550141f
commit
8501f98ec4
127
tests/ssl-opt.sh
127
tests/ssl-opt.sh
@ -3285,7 +3285,7 @@ run_test "Small packet TLS 1.0 BlockCipher" \
|
||||
0 \
|
||||
-s "Read from client: 1 bytes read"
|
||||
|
||||
run_test "Small packet TLS 1.0 BlockCipher without EtM" \
|
||||
run_test "Small packet TLS 1.0 BlockCipher, without EtM" \
|
||||
"$P_SRV" \
|
||||
"$P_CLI request_size=1 force_version=tls1 etm=0 \
|
||||
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
|
||||
@ -3293,7 +3293,7 @@ run_test "Small packet TLS 1.0 BlockCipher without EtM" \
|
||||
-s "Read from client: 1 bytes read"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
||||
run_test "Small packet TLS 1.0 BlockCipher truncated MAC" \
|
||||
run_test "Small packet TLS 1.0 BlockCipher, truncated MAC" \
|
||||
"$P_SRV" \
|
||||
"$P_CLI request_size=1 force_version=tls1 \
|
||||
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
|
||||
@ -3302,7 +3302,32 @@ run_test "Small packet TLS 1.0 BlockCipher truncated MAC" \
|
||||
-s "Read from client: 1 bytes read"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
||||
run_test "Small packet TLS 1.0 StreamCipher truncated MAC" \
|
||||
run_test "Small packet TLS 1.0 BlockCipher, without EtM, truncated MAC" \
|
||||
"$P_SRV" \
|
||||
"$P_CLI request_size=1 force_version=tls1 \
|
||||
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
|
||||
trunc_hmac=1 \
|
||||
etm=0" \
|
||||
0 \
|
||||
-s "Read from client: 1 bytes read"
|
||||
|
||||
run_test "Small packet TLS 1.0 StreamCipher" \
|
||||
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
||||
"$P_CLI request_size=1 force_version=tls1 \
|
||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
||||
0 \
|
||||
-s "Read from client: 1 bytes read"
|
||||
|
||||
run_test "Small packet TLS 1.0 StreamCipher, without EtM" \
|
||||
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
||||
"$P_CLI request_size=1 force_version=tls1 \
|
||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
|
||||
etm=0" \
|
||||
0 \
|
||||
-s "Read from client: 1 bytes read"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
||||
run_test "Small packet TLS 1.0 StreamCipher, truncated MAC" \
|
||||
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
||||
"$P_CLI request_size=1 force_version=tls1 \
|
||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
|
||||
@ -3310,6 +3335,16 @@ run_test "Small packet TLS 1.0 StreamCipher truncated MAC" \
|
||||
0 \
|
||||
-s "Read from client: 1 bytes read"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
||||
run_test "Small packet TLS 1.0 StreamCipher, without EtM, truncated MAC" \
|
||||
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
||||
"$P_CLI request_size=1 force_version=tls1 \
|
||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
|
||||
trunc_hmac=1 \
|
||||
etm=0" \
|
||||
0 \
|
||||
-s "Read from client: 1 bytes read"
|
||||
|
||||
run_test "Small packet TLS 1.1 BlockCipher" \
|
||||
"$P_SRV" \
|
||||
"$P_CLI request_size=1 force_version=tls1_1 \
|
||||
@ -3317,10 +3352,30 @@ run_test "Small packet TLS 1.1 BlockCipher" \
|
||||
0 \
|
||||
-s "Read from client: 1 bytes read"
|
||||
|
||||
run_test "Small packet TLS 1.1 BlockCipher without EtM" \
|
||||
run_test "Small packet TLS 1.1 BlockCipher, without EtM" \
|
||||
"$P_SRV" \
|
||||
"$P_CLI request_size=1 force_version=tls1_1 etm=0 \
|
||||
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
|
||||
"$P_CLI request_size=1 force_version=tls1_1 \
|
||||
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA
|
||||
etm=0" \
|
||||
0 \
|
||||
-s "Read from client: 1 bytes read"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
||||
run_test "Small packet TLS 1.1 BlockCipher, truncated MAC" \
|
||||
"$P_SRV" \
|
||||
"$P_CLI request_size=1 force_version=tls1_1 \
|
||||
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
|
||||
trunc_hmac=1" \
|
||||
0 \
|
||||
-s "Read from client: 1 bytes read"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
||||
run_test "Small packet TLS 1.1 BlockCipher, without EtM, truncated MAC" \
|
||||
"$P_SRV" \
|
||||
"$P_CLI request_size=1 force_version=tls1_1 \
|
||||
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
|
||||
trunc_hmac=1 \
|
||||
etm=0" \
|
||||
0 \
|
||||
-s "Read from client: 1 bytes read"
|
||||
|
||||
@ -3331,21 +3386,30 @@ run_test "Small packet TLS 1.1 StreamCipher" \
|
||||
0 \
|
||||
-s "Read from client: 1 bytes read"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
||||
run_test "Small packet TLS 1.1 BlockCipher truncated MAC" \
|
||||
"$P_SRV" \
|
||||
run_test "Small packet TLS 1.1 StreamCipher, without EtM" \
|
||||
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
||||
"$P_CLI request_size=1 force_version=tls1_1 \
|
||||
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
|
||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
|
||||
etm=0" \
|
||||
0 \
|
||||
-s "Read from client: 1 bytes read"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
||||
run_test "Small packet TLS 1.1 StreamCipher, truncated MAC" \
|
||||
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
||||
"$P_CLI request_size=1 force_version=tls1_1 \
|
||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
|
||||
trunc_hmac=1" \
|
||||
0 \
|
||||
-s "Read from client: 1 bytes read"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
||||
run_test "Small packet TLS 1.1 StreamCipher truncated MAC" \
|
||||
run_test "Small packet TLS 1.1 StreamCipher, without EtM, truncated MAC" \
|
||||
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
||||
"$P_CLI request_size=1 force_version=tls1_1 \
|
||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
|
||||
trunc_hmac=1" \
|
||||
trunc_hmac=1 \
|
||||
etm=0" \
|
||||
0 \
|
||||
-s "Read from client: 1 bytes read"
|
||||
|
||||
@ -3356,10 +3420,11 @@ run_test "Small packet TLS 1.2 BlockCipher" \
|
||||
0 \
|
||||
-s "Read from client: 1 bytes read"
|
||||
|
||||
run_test "Small packet TLS 1.2 BlockCipher without EtM" \
|
||||
run_test "Small packet TLS 1.2 BlockCipher, without EtM" \
|
||||
"$P_SRV" \
|
||||
"$P_CLI request_size=1 force_version=tls1_2 etm=0 \
|
||||
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA" \
|
||||
"$P_CLI request_size=1 force_version=tls1_2 \
|
||||
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
|
||||
etm=0" \
|
||||
0 \
|
||||
-s "Read from client: 1 bytes read"
|
||||
|
||||
@ -3371,7 +3436,7 @@ run_test "Small packet TLS 1.2 BlockCipher larger MAC" \
|
||||
-s "Read from client: 1 bytes read"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
||||
run_test "Small packet TLS 1.2 BlockCipher truncated MAC" \
|
||||
run_test "Small packet TLS 1.2 BlockCipher, truncated MAC" \
|
||||
"$P_SRV" \
|
||||
"$P_CLI request_size=1 force_version=tls1_2 \
|
||||
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
|
||||
@ -3379,6 +3444,16 @@ run_test "Small packet TLS 1.2 BlockCipher truncated MAC" \
|
||||
0 \
|
||||
-s "Read from client: 1 bytes read"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
||||
run_test "Small packet TLS 1.2 BlockCipher, without EtM, truncated MAC" \
|
||||
"$P_SRV" \
|
||||
"$P_CLI request_size=1 force_version=tls1_2 \
|
||||
force_ciphersuite=TLS-RSA-WITH-AES-256-CBC-SHA \
|
||||
trunc_hmac=1 \
|
||||
etm=0" \
|
||||
0 \
|
||||
-s "Read from client: 1 bytes read"
|
||||
|
||||
run_test "Small packet TLS 1.2 StreamCipher" \
|
||||
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
||||
"$P_CLI request_size=1 force_version=tls1_2 \
|
||||
@ -3386,8 +3461,16 @@ run_test "Small packet TLS 1.2 StreamCipher" \
|
||||
0 \
|
||||
-s "Read from client: 1 bytes read"
|
||||
|
||||
run_test "Small packet TLS 1.2 StreamCipher, without EtM" \
|
||||
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
||||
"$P_CLI request_size=1 force_version=tls1_2 \
|
||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
|
||||
etm=0" \
|
||||
0 \
|
||||
-s "Read from client: 1 bytes read"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
||||
run_test "Small packet TLS 1.2 StreamCipher truncated MAC" \
|
||||
run_test "Small packet TLS 1.2 StreamCipher, truncated MAC" \
|
||||
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
||||
"$P_CLI request_size=1 force_version=tls1_2 \
|
||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
|
||||
@ -3395,6 +3478,16 @@ run_test "Small packet TLS 1.2 StreamCipher truncated MAC" \
|
||||
0 \
|
||||
-s "Read from client: 1 bytes read"
|
||||
|
||||
requires_config_enabled MBEDTLS_SSL_TRUNCATED_HMAC
|
||||
run_test "Small packet TLS 1.2 StreamCipher, without EtM, truncated MAC" \
|
||||
"$P_SRV arc4=1 force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA" \
|
||||
"$P_CLI request_size=1 force_version=tls1_2 \
|
||||
force_ciphersuite=TLS-RSA-WITH-RC4-128-SHA \
|
||||
trunc_hmac=1 \
|
||||
etm=0" \
|
||||
0 \
|
||||
-s "Read from client: 1 bytes read"
|
||||
|
||||
run_test "Small packet TLS 1.2 AEAD" \
|
||||
"$P_SRV" \
|
||||
"$P_CLI request_size=1 force_version=tls1_2 \
|
||||
|
||||
Loading…
Reference in New Issue
Block a user