mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-30 00:14:17 +01:00
Test check the key material exported match
- include interop with openssl client Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
This commit is contained in:
parent
39cfd3b96e
commit
9bc50b0122
@ -2779,7 +2779,17 @@ int main( int argc, char *argv[] )
|
|||||||
mbedtls_printf( "\n " );
|
mbedtls_printf( "\n " );
|
||||||
mbedtls_printf( "%02x ", dtls_srtp_key_material[j] );
|
mbedtls_printf( "%02x ", dtls_srtp_key_material[j] );
|
||||||
}
|
}
|
||||||
|
mbedtls_printf( "\n" );
|
||||||
|
|
||||||
|
/* produce a less readable output used to perform automatic checks
|
||||||
|
* - compare client and server output
|
||||||
|
* - interop test with openssl which client produces this kind of output
|
||||||
|
*/
|
||||||
|
mbedtls_printf( " Keying material: " );
|
||||||
|
for( j = 0; j < sizeof( dtls_srtp_key_material ); j++ )
|
||||||
|
{
|
||||||
|
mbedtls_printf( "%02X", dtls_srtp_key_material[j] );
|
||||||
|
}
|
||||||
mbedtls_printf( "\n" );
|
mbedtls_printf( "\n" );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -3890,7 +3890,17 @@ handshake:
|
|||||||
mbedtls_printf( "\n " );
|
mbedtls_printf( "\n " );
|
||||||
mbedtls_printf( "%02x ", dtls_srtp_key_material[j] );
|
mbedtls_printf( "%02x ", dtls_srtp_key_material[j] );
|
||||||
}
|
}
|
||||||
|
mbedtls_printf( "\n" );
|
||||||
|
|
||||||
|
/* produce a less readable output used to perform automatic checks
|
||||||
|
* - compare client and server output
|
||||||
|
* - interop test with openssl which client produces this kind of output
|
||||||
|
*/
|
||||||
|
mbedtls_printf( " Keying material: " );
|
||||||
|
for( j = 0; j < sizeof( dtls_srtp_key_material ); j++ )
|
||||||
|
{
|
||||||
|
mbedtls_printf( "%02X", dtls_srtp_key_material[j] );
|
||||||
|
}
|
||||||
mbedtls_printf( "\n" );
|
mbedtls_printf( "\n" );
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -634,6 +634,23 @@ detect_dtls() {
|
|||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Compare file content
|
||||||
|
# Usage: find_in_both pattern file1 file2
|
||||||
|
# extract from file1 the first line matching the pattern
|
||||||
|
# check in file2 that the same line can be found
|
||||||
|
find_in_both() {
|
||||||
|
srv_pattern=$(grep -m 1 "$1" "$2");
|
||||||
|
if [ -z "$srv_pattern" ]; then
|
||||||
|
return 1;
|
||||||
|
fi
|
||||||
|
|
||||||
|
if grep "$srv_pattern" $3 >/dev/null; then :
|
||||||
|
return 0;
|
||||||
|
else
|
||||||
|
return 1;
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
# Usage: run_test name [-p proxy_cmd] srv_cmd cli_cmd cli_exit [option [...]]
|
# Usage: run_test name [-p proxy_cmd] srv_cmd cli_cmd cli_exit [option [...]]
|
||||||
# Options: -s pattern pattern that must be present in server output
|
# Options: -s pattern pattern that must be present in server output
|
||||||
# -c pattern pattern that must be present in client output
|
# -c pattern pattern that must be present in client output
|
||||||
@ -643,6 +660,7 @@ detect_dtls() {
|
|||||||
# -C pattern pattern that must be absent in client output
|
# -C pattern pattern that must be absent in client output
|
||||||
# -U pattern lines after pattern must be unique in server output
|
# -U pattern lines after pattern must be unique in server output
|
||||||
# -F call shell function on server output
|
# -F call shell function on server output
|
||||||
|
# -g call shell function on server and client output
|
||||||
run_test() {
|
run_test() {
|
||||||
NAME="$1"
|
NAME="$1"
|
||||||
shift 1
|
shift 1
|
||||||
@ -865,6 +883,12 @@ run_test() {
|
|||||||
return
|
return
|
||||||
fi
|
fi
|
||||||
;;
|
;;
|
||||||
|
"-g")
|
||||||
|
if ! eval "$2 '$SRV_OUT' '$CLI_OUT'"; then
|
||||||
|
fail "function call to '$2' failed on Server and Client output"
|
||||||
|
return
|
||||||
|
fi
|
||||||
|
;;
|
||||||
|
|
||||||
*)
|
*)
|
||||||
echo "Unknown test: $1" >&2
|
echo "Unknown test: $1" >&2
|
||||||
@ -8729,8 +8753,10 @@ run_test "DTLS-SRTP all profiles supported" \
|
|||||||
-c "found srtp profile" \
|
-c "found srtp profile" \
|
||||||
-c "selected srtp profile" \
|
-c "selected srtp profile" \
|
||||||
-c "DTLS-SRTP key material is"\
|
-c "DTLS-SRTP key material is"\
|
||||||
|
-g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
|
||||||
-C "error"
|
-C "error"
|
||||||
|
|
||||||
|
|
||||||
requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
|
requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
|
||||||
run_test "DTLS-SRTP server supports all profiles. Client supports one profile." \
|
run_test "DTLS-SRTP server supports all profiles. Client supports one profile." \
|
||||||
"$P_SRV dtls=1 use_srtp=1 debug_level=3" \
|
"$P_SRV dtls=1 use_srtp=1 debug_level=3" \
|
||||||
@ -8746,6 +8772,7 @@ run_test "DTLS-SRTP server supports all profiles. Client supports one profile."
|
|||||||
-c "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" \
|
-c "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" \
|
||||||
-c "selected srtp profile" \
|
-c "selected srtp profile" \
|
||||||
-c "DTLS-SRTP key material is"\
|
-c "DTLS-SRTP key material is"\
|
||||||
|
-g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
|
||||||
-C "error"
|
-C "error"
|
||||||
|
|
||||||
requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
|
requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
|
||||||
@ -8763,6 +8790,7 @@ run_test "DTLS-SRTP server supports one profile. Client supports all profiles."
|
|||||||
-c "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" \
|
-c "found srtp profile: MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" \
|
||||||
-c "selected srtp profile" \
|
-c "selected srtp profile" \
|
||||||
-c "DTLS-SRTP key material is"\
|
-c "DTLS-SRTP key material is"\
|
||||||
|
-g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
|
||||||
-C "error"
|
-C "error"
|
||||||
|
|
||||||
requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
|
requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
|
||||||
@ -8780,6 +8808,7 @@ run_test "DTLS-SRTP server and Client support only one matching profile." \
|
|||||||
-c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
|
-c "found srtp profile: MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" \
|
||||||
-c "selected srtp profile" \
|
-c "selected srtp profile" \
|
||||||
-c "DTLS-SRTP key material is"\
|
-c "DTLS-SRTP key material is"\
|
||||||
|
-g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
|
||||||
-C "error"
|
-C "error"
|
||||||
|
|
||||||
requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
|
requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
|
||||||
@ -8832,6 +8861,7 @@ run_test "DTLS-SRTP all profiles supported. mki used" \
|
|||||||
-c "dumping 'sending mki' (8 bytes)" \
|
-c "dumping 'sending mki' (8 bytes)" \
|
||||||
-c "dumping 'received mki' (8 bytes)" \
|
-c "dumping 'received mki' (8 bytes)" \
|
||||||
-c "DTLS-SRTP key material is"\
|
-c "DTLS-SRTP key material is"\
|
||||||
|
-g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
|
||||||
-C "error"
|
-C "error"
|
||||||
|
|
||||||
requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
|
requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
|
||||||
@ -8850,6 +8880,7 @@ run_test "DTLS-SRTP all profiles supported. server doesn't support mki." \
|
|||||||
-c "found srtp profile" \
|
-c "found srtp profile" \
|
||||||
-c "selected srtp profile" \
|
-c "selected srtp profile" \
|
||||||
-c "DTLS-SRTP key material is"\
|
-c "DTLS-SRTP key material is"\
|
||||||
|
-g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
|
||||||
-c "dumping 'sending mki' (8 bytes)" \
|
-c "dumping 'sending mki' (8 bytes)" \
|
||||||
-C "dumping 'received mki' (8 bytes)" \
|
-C "dumping 'received mki' (8 bytes)" \
|
||||||
-C "error"
|
-C "error"
|
||||||
@ -8864,6 +8895,7 @@ run_test "DTLS-SRTP all profiles supported. openssl client." \
|
|||||||
-s "selected srtp profile" \
|
-s "selected srtp profile" \
|
||||||
-s "server hello, adding use_srtp extension" \
|
-s "server hello, adding use_srtp extension" \
|
||||||
-s "DTLS-SRTP key material is"\
|
-s "DTLS-SRTP key material is"\
|
||||||
|
-g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
|
||||||
-c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_80"
|
-c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_80"
|
||||||
|
|
||||||
requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
|
requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
|
||||||
@ -8876,6 +8908,7 @@ run_test "DTLS-SRTP server supports all profiles. Client supports all profiles,
|
|||||||
-s "selected srtp profile" \
|
-s "selected srtp profile" \
|
||||||
-s "server hello, adding use_srtp extension" \
|
-s "server hello, adding use_srtp extension" \
|
||||||
-s "DTLS-SRTP key material is"\
|
-s "DTLS-SRTP key material is"\
|
||||||
|
-g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
|
||||||
-c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32"
|
-c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32"
|
||||||
|
|
||||||
requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
|
requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
|
||||||
@ -8888,6 +8921,7 @@ run_test "DTLS-SRTP server supports all profiles. Client supports one profile.
|
|||||||
-s "selected srtp profile" \
|
-s "selected srtp profile" \
|
||||||
-s "server hello, adding use_srtp extension" \
|
-s "server hello, adding use_srtp extension" \
|
||||||
-s "DTLS-SRTP key material is"\
|
-s "DTLS-SRTP key material is"\
|
||||||
|
-g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
|
||||||
-c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32"
|
-c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32"
|
||||||
|
|
||||||
requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
|
requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
|
||||||
@ -8900,6 +8934,7 @@ run_test "DTLS-SRTP server supports one profile. Client supports all profiles.
|
|||||||
-s "selected srtp profile" \
|
-s "selected srtp profile" \
|
||||||
-s "server hello, adding use_srtp extension" \
|
-s "server hello, adding use_srtp extension" \
|
||||||
-s "DTLS-SRTP key material is"\
|
-s "DTLS-SRTP key material is"\
|
||||||
|
-g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
|
||||||
-c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32"
|
-c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32"
|
||||||
|
|
||||||
requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
|
requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
|
||||||
@ -8912,6 +8947,7 @@ run_test "DTLS-SRTP server and Client support only one matching profile. openss
|
|||||||
-s "selected srtp profile" \
|
-s "selected srtp profile" \
|
||||||
-s "server hello, adding use_srtp extension" \
|
-s "server hello, adding use_srtp extension" \
|
||||||
-s "DTLS-SRTP key material is"\
|
-s "DTLS-SRTP key material is"\
|
||||||
|
-g "find_in_both '^ *Keying material: [0-9A-F]*$'"\
|
||||||
-c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32"
|
-c "SRTP Extension negotiated, profile=SRTP_AES128_CM_SHA1_32"
|
||||||
|
|
||||||
requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
|
requires_config_enabled MBEDTLS_SSL_DTLS_SRTP
|
||||||
|
Loading…
Reference in New Issue
Block a user