yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Remove rsa_pss_rsae_sha256 test from ssl-opt.sh

Browse source 
It has been covered by tls13 compat tests

Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
Jerry Yu 2021-11-25 11:23:05 +08:00
parent 29deed4ddb
commit 26fa7dcc4a
1 changed files with 0 additions and 40 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
tests/ssl-opt.sh
View file

@ -79,24 +79,20 @@ fi
if [ -n "${OPENSSL_NEXT:-}" ]; then if [ -n "${OPENSSL_NEXT:-}" ]; then
O_NEXT_SRV="$OPENSSL_NEXT s_server -www -cert data_files/server5.crt -key data_files/server5.key" O_NEXT_SRV="$OPENSSL_NEXT s_server -www -cert data_files/server5.crt -key data_files/server5.key"
O_NEXT_SRV_RSA="$OPENSSL_NEXT s_server -www -cert data_files/server2-sha256.crt -key data_files/server2.key"
O_NEXT_SRV_NO_CERT="$OPENSSL_NEXT s_server -www " O_NEXT_SRV_NO_CERT="$OPENSSL_NEXT s_server -www "
O_NEXT_CLI="echo 'GET / HTTP/1.0' | $OPENSSL_NEXT s_client" O_NEXT_CLI="echo 'GET / HTTP/1.0' | $OPENSSL_NEXT s_client"
else else
O_NEXT_SRV=false O_NEXT_SRV=false
O_NEXT_SRV_RSA=false
O_NEXT_SRV_NO_CERT=false O_NEXT_SRV_NO_CERT=false
O_NEXT_CLI=false O_NEXT_CLI=false
fi fi
if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then
G_NEXT_SRV="$GNUTLS_NEXT_SERV --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key" G_NEXT_SRV="$GNUTLS_NEXT_SERV --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key"
G_NEXT_SRV_RSA="$GNUTLS_NEXT_SERV --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key"
G_NEXT_SRV_NO_CERT="$GNUTLS_NEXT_SERV" G_NEXT_SRV_NO_CERT="$GNUTLS_NEXT_SERV"
else else
G_NEXT_SRV=false G_NEXT_SRV=false
G_NEXT_SRV_NO_CERT=false G_NEXT_SRV_NO_CERT=false
G_NEXT_SRV_RSA=false
fi fi
if [ -n "${GNUTLS_NEXT_CLI:-}" ]; then if [ -n "${GNUTLS_NEXT_CLI:-}" ]; then
@ -1444,14 +1440,12 @@ fi
if [ -n "${OPENSSL_NEXT:-}" ]; then if [ -n "${OPENSSL_NEXT:-}" ]; then
O_NEXT_SRV="$O_NEXT_SRV -accept $SRV_PORT" O_NEXT_SRV="$O_NEXT_SRV -accept $SRV_PORT"
O_NEXT_SRV_RSA="$O_NEXT_SRV_RSA -accept $SRV_PORT"
O_NEXT_SRV_NO_CERT="$O_NEXT_SRV_NO_CERT -accept $SRV_PORT" O_NEXT_SRV_NO_CERT="$O_NEXT_SRV_NO_CERT -accept $SRV_PORT"
O_NEXT_CLI="$O_NEXT_CLI -connect 127.0.0.1:+SRV_PORT" O_NEXT_CLI="$O_NEXT_CLI -connect 127.0.0.1:+SRV_PORT"
fi fi
if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then if [ -n "${GNUTLS_NEXT_SERV:-}" ]; then
G_NEXT_SRV="$G_NEXT_SRV -p $SRV_PORT" G_NEXT_SRV="$G_NEXT_SRV -p $SRV_PORT"
G_NEXT_SRV_RSA="$G_NEXT_SRV_RSA -p $SRV_PORT"
G_NEXT_SRV_NO_CERT="$G_NEXT_SRV_NO_CERT -p $SRV_PORT" G_NEXT_SRV_NO_CERT="$G_NEXT_SRV_NO_CERT -p $SRV_PORT"
fi fi
@ -8867,22 +8861,6 @@ run_test "TLS1.3: minimal feature sets - openssl" \
-c "<= parse finished message" \ -c "<= parse finished message" \
-c "HTTP/1.0 200 ok" -c "HTTP/1.0 200 ok"
requires_openssl_tls1_3
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
run_test "TLS 1.3 m->O AES_128_GCM_SHA256 , RSA_PSS_RSAE_SHA256" \
"$O_NEXT_SRV_RSA -ciphersuites TLS_AES_128_GCM_SHA256 -tls1_3 -msg -no_middlebox -num_tickets 0" \
"$P_CLI debug_level=4 force_version=tls13 server_name=localhost force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 allow_sha1=0" \
0 \
-c "ECDH curve: x25519" \
-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
-c "Certificate Verify: Signature algorithm ( 0804 )" \
-c "mbedtls_ssl_tls13_process_certificate_verify() returned 0" \
-c "HTTP/1.0 200 ok"
requires_gnutls_tls1_3 requires_gnutls_tls1_3
requires_gnutls_next_no_ticket requires_gnutls_next_no_ticket
requires_gnutls_next_disable_tls13_compat requires_gnutls_next_disable_tls13_compat
@ -8915,24 +8893,6 @@ run_test "TLS1.3: minimal feature sets - gnutls" \
-c "<= parse finished message" \ -c "<= parse finished message" \
-c "HTTP/1.0 200 OK" -c "HTTP/1.0 200 OK"
requires_gnutls_next_no_ticket
requires_gnutls_next_disable_tls13_compat
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
requires_config_enabled MBEDTLS_DEBUG_C
requires_config_enabled MBEDTLS_SSL_CLI_C
requires_config_enabled MBEDTLS_X509_RSASSA_PSS_SUPPORT
requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
requires_gnutls_next
run_test "TLS 1.3 m->G AES_128_GCM_SHA256 , RSA_PSS_RSAE_SHA256" \
"$G_NEXT_SRV_RSA --disable-client-cert --priority=NORMAL:+CIPHER-ALL:+SHA256:+GROUP-SECP256R1:+ECDHE-ECDSA:+AEAD:+SIGN-RSA-PSS-RSAE-SHA256:-VERS-ALL:+VERS-TLS1.3:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
"$P_CLI debug_level=4 force_version=tls13 server_name=localhost force_ciphersuite=TLS1-3-AES-128-GCM-SHA256 allow_sha1=0" \
0 \
-c "ECDH curve: x25519" \
-c "server hello, chosen ciphersuite: ( 1301 ) - TLS1-3-AES-128-GCM-SHA256" \
-c "Certificate Verify: Signature algorithm ( 0804 )" \
-c "mbedtls_ssl_tls13_process_certificate_verify() returned 0" \
-c "HTTP/1.0 200 OK"
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3_EXPERIMENTAL
skip_handshake_stage_check skip_handshake_stage_check
requires_gnutls_tls1_3 requires_gnutls_tls1_3