test_suite_ssl refactoring: merge renegotiation test into handshake
Move the renegotiation test to a shared handshake function to simplify further addition of tests. Signed-off-by: Andrzej Kurek <andrzej.kurek@arm.com>
This commit is contained in:
parent
9e9efdc277
commit
316da1f86e
2 changed files with 142 additions and 162 deletions
|
@ -202,169 +202,172 @@ move_handshake_to_state:MBEDTLS_SSL_IS_SERVER:MBEDTLS_SSL_SERVER_NEW_SESSION_TIC
|
|||
# Note - the case below will have to updated, since the test sends no data due to a 1n-1 split against BEAST, that was not expected when preparing the fragment counting code.
|
||||
Handshake, SSL3
|
||||
depends_on:MBEDTLS_SSL_PROTO_SSL3:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_0:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:0:0:0:0
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_0:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:0:0:0:0:0:0
|
||||
|
||||
# Note - the case below will have to updated, since the test sends no data due to a 1n-1 split against BEAST, that was not expected when preparing the fragment counting code.
|
||||
Handshake, tls1
|
||||
depends_on:MBEDTLS_SSL_PROTO_TLS1:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CIPHER_MODE_CBC
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_1:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:0:0:0:0
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_1:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:0:0:0:0:0:0
|
||||
|
||||
Handshake, tls1_1
|
||||
depends_on:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CIPHER_MODE_CBC
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_2:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_2:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1:0:0
|
||||
|
||||
Handshake, tls1_2
|
||||
depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1:0:0
|
||||
|
||||
Handshake, ECDHE-RSA-WITH-AES-256-GCM-SHA384
|
||||
depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
|
||||
handshake:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1
|
||||
handshake:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1:0:0
|
||||
|
||||
Handshake, RSA-WITH-AES-128-CCM
|
||||
depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
handshake:"TLS-RSA-WITH-AES-128-CCM":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1
|
||||
handshake:"TLS-RSA-WITH-AES-128-CCM":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1:0:0
|
||||
|
||||
Handshake, DHE-RSA-WITH-AES-256-CBC-SHA256
|
||||
depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
handshake:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1
|
||||
handshake:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1:0:0
|
||||
|
||||
Handshake, ECDHE-ECDSA-WITH-AES-256-CCM
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
handshake:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_ECDSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1
|
||||
handshake:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_ECDSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1:0:0
|
||||
|
||||
Handshake, ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384
|
||||
depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C
|
||||
handshake:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_ECDSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1
|
||||
handshake:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_ECDSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1:0:0
|
||||
|
||||
Handshake, PSK-WITH-AES-128-CBC-SHA
|
||||
depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
handshake:"TLS-PSK-WITH-AES-128-CBC-SHA":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"abc123":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1
|
||||
handshake:"TLS-PSK-WITH-AES-128-CBC-SHA":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"abc123":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1:0:0
|
||||
|
||||
DTLS Handshake, tls1_1
|
||||
depends_on:MBEDTLS_SSL_PROTO_TLS1_1:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_SSL_PROTO_DTLS
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_2:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_2:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1:0:0
|
||||
|
||||
DTLS Handshake, tls1_2
|
||||
depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1:0:0
|
||||
|
||||
DTLS Handshake, ECDHE-RSA-WITH-AES-256-GCM-SHA384
|
||||
depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:MBEDTLS_AES_C:MBEDTLS_GCM_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED:MBEDTLS_SSL_PROTO_DTLS
|
||||
handshake:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1
|
||||
handshake:"TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1:0:0
|
||||
|
||||
DTLS Handshake, RSA-WITH-AES-128-CCM
|
||||
depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:MBEDTLS_AES_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS
|
||||
handshake:"TLS-RSA-WITH-AES-128-CCM":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1
|
||||
handshake:"TLS-RSA-WITH-AES-128-CCM":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1:0:0
|
||||
|
||||
DTLS Handshake, DHE-RSA-WITH-AES-256-CBC-SHA256
|
||||
depends_on:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA256_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS
|
||||
handshake:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1
|
||||
handshake:"TLS-DHE-RSA-WITH-AES-256-CBC-SHA256":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1:0:0
|
||||
|
||||
DTLS Handshake, ECDHE-ECDSA-WITH-AES-256-CCM
|
||||
depends_on:MBEDTLS_AES_C:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_CCM_C:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS
|
||||
handshake:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_ECDSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1
|
||||
handshake:"TLS-ECDHE-ECDSA-WITH-AES-256-CCM":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_ECDSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1:0:0
|
||||
|
||||
DTLS Handshake, ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384
|
||||
depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_SHA512_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_ECDSA_C:MBEDTLS_ECP_DP_SECP256R1_ENABLED:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_CAMELLIA_C:MBEDTLS_SSL_PROTO_DTLS
|
||||
handshake:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_ECDSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1
|
||||
handshake:"TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_ECDSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1:0:0
|
||||
|
||||
DTLS Handshake, PSK-WITH-AES-128-CBC-SHA
|
||||
depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_AES_C:MBEDTLS_CIPHER_MODE_CBC:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS
|
||||
handshake:"TLS-PSK-WITH-AES-128-CBC-SHA":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"abc123":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1
|
||||
handshake:"TLS-PSK-WITH-AES-128-CBC-SHA":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"abc123":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1:0:0
|
||||
|
||||
DTLS Handshake with serialization, tls1_2
|
||||
depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:1:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:1:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1:0:0
|
||||
|
||||
Sending app data via TLS, MFL=512 without fragmentation
|
||||
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_512:400:512:1:1
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_512:400:512:1:1:0:0
|
||||
|
||||
Sending app data via TLS, MFL=512 with fragmentation
|
||||
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_512:513:1536:2:3
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_512:513:1536:2:3:0:0
|
||||
|
||||
Sending app data via TLS, MFL=1024 without fragmentation
|
||||
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_1024:1000:1024:1:1
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_1024:1000:1024:1:1:0:0
|
||||
|
||||
Sending app data via TLS, MFL=1024 with fragmentation
|
||||
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_1024:1025:5120:2:5
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_1024:1025:5120:2:5:0:0
|
||||
|
||||
Sending app data via TLS, MFL=2048 without fragmentation
|
||||
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_2048:2000:2048:1:1
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_2048:2000:2048:1:1:0:0
|
||||
|
||||
Sending app data via TLS, MFL=2048 with fragmentation
|
||||
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_2048:2049:8192:2:4
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_2048:2049:8192:2:4:0:0
|
||||
|
||||
Sending app data via TLS, MFL=4096 without fragmentation
|
||||
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_4096:4000:4096:1:1
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_4096:4000:4096:1:1:0:0
|
||||
|
||||
Sending app data via TLS, MFL=4096 with fragmentation
|
||||
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_4096:4097:12288:2:3
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_4096:4097:12288:2:3:0:0
|
||||
|
||||
Sending app data via TLS without MFL and without fragmentation
|
||||
depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:16001:16384:1:1
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:16001:16384:1:1:0:0
|
||||
|
||||
Sending app data via TLS without MFL and with fragmentation
|
||||
depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:16385:100000:2:7
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":0:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:16385:100000:2:7:0:0
|
||||
|
||||
Sending app data via DTLS, MFL=512 without fragmentation
|
||||
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_512:400:512:1:1
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_512:400:512:1:1:0:0
|
||||
|
||||
Sending app data via DTLS, MFL=512 with fragmentation
|
||||
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_512:513:1536:0:0
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_512:513:1536:0:0:0:0
|
||||
|
||||
Sending app data via DTLS, MFL=1024 without fragmentation
|
||||
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_1024:1000:1024:1:1
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_1024:1000:1024:1:1:0:0
|
||||
|
||||
Sending app data via DTLS, MFL=1024 with fragmentation
|
||||
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_1024:1025:5120:0:0
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_1024:1025:5120:0:0:0:0
|
||||
|
||||
Sending app data via DTLS, MFL=2048 without fragmentation
|
||||
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_2048:2000:2048:1:1
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_2048:2000:2048:1:1:0:0
|
||||
|
||||
Sending app data via DTLS, MFL=2048 with fragmentation
|
||||
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_2048:2049:8192:0:0
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_2048:2049:8192:0:0:0:0
|
||||
|
||||
Sending app data via DTLS, MFL=4096 without fragmentation
|
||||
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_4096:4000:4096:1:1
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_4096:4000:4096:1:1:0:0
|
||||
|
||||
Sending app data via DTLS, MFL=4096 with fragmentation
|
||||
depends_on:MBEDTLS_SSL_MAX_FRAGMENT_LENGTH:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_4096:4097:12288:0:0
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_4096:4097:12288:0:0:0:0
|
||||
|
||||
Sending app data via DTLS, without MFL and without fragmentation
|
||||
depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:16001:16384:1:1
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:16001:16384:1:1:0:0
|
||||
|
||||
Sending app data via DTLS, without MFL and with fragmentation
|
||||
depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:16385:100000:0:0
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:16385:100000:0:0:0:0
|
||||
|
||||
DTLS renegotiation: no legacy renegotiation
|
||||
dtls_renegotiation:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION
|
||||
depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1:1:MBEDTLS_SSL_LEGACY_NO_RENEGOTIATION
|
||||
|
||||
DTLS renegotiation: legacy renegotiation
|
||||
dtls_renegotiation:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION
|
||||
depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1:1:MBEDTLS_SSL_LEGACY_ALLOW_RENEGOTIATION
|
||||
|
||||
DTLS renegotiation: legacy break handshake
|
||||
dtls_renegotiation:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE
|
||||
depends_on:MBEDTLS_SSL_PROTO_TLS1_2:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:MBEDTLS_SSL_PROTO_DTLS:MBEDTLS_SSL_RENEGOTIATION
|
||||
handshake:"":MBEDTLS_SSL_MINOR_VERSION_3:MBEDTLS_PK_RSA:"":1:0:MBEDTLS_SSL_MAX_FRAG_LEN_NONE:100:100:1:1:1:MBEDTLS_SSL_LEGACY_BREAK_HANDSHAKE
|
||||
|
||||
SSL DTLS replay: initial state, seqnum 0
|
||||
ssl_dtls_replay:"":"000000000000":0
|
||||
|
|
|
@ -3305,7 +3305,8 @@ void handshake( const char *cipher, int version, int pk_alg,
|
|||
data_t *psk_str, int dtls, int serialize, int mfl,
|
||||
int cli_msg_len, int srv_msg_len,
|
||||
const int expected_cli_fragments,
|
||||
const int expected_srv_fragments )
|
||||
const int expected_srv_fragments, const int renegotiate,
|
||||
const int legacy_renegotiation )
|
||||
{
|
||||
/* forced_ciphersuite needs to last until the end of the handshake */
|
||||
int forced_ciphersuite[2];
|
||||
|
@ -3325,6 +3326,12 @@ void handshake( const char *cipher, int version, int pk_alg,
|
|||
#else
|
||||
(void) serialize;
|
||||
#endif
|
||||
#if defined(MBEDTLS_SSL_RENEGOTIATION)
|
||||
int ret = -1;
|
||||
#else
|
||||
(void) renegotiate;
|
||||
(void) legacy_renegotiation;
|
||||
#endif
|
||||
|
||||
mbedtls_test_message_queue server_queue, client_queue;
|
||||
mbedtls_test_message_socket_context server_context, client_context;
|
||||
|
@ -3401,6 +3408,21 @@ void handshake( const char *cipher, int version, int pk_alg,
|
|||
mbedtls_ssl_conf_psk_cb( &server.conf, psk_dummy_callback, NULL );
|
||||
}
|
||||
#endif
|
||||
#if defined(MBEDTLS_SSL_RENEGOTIATION)
|
||||
if( renegotiate )
|
||||
{
|
||||
mbedtls_ssl_conf_renegotiation( &(server.conf),
|
||||
MBEDTLS_SSL_RENEGOTIATION_ENABLED );
|
||||
mbedtls_ssl_conf_renegotiation( &(client.conf),
|
||||
MBEDTLS_SSL_RENEGOTIATION_ENABLED );
|
||||
|
||||
mbedtls_ssl_conf_legacy_renegotiation( &(server.conf),
|
||||
legacy_renegotiation );
|
||||
mbedtls_ssl_conf_legacy_renegotiation( &(client.conf),
|
||||
legacy_renegotiation );
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_RENEGOTIATION */
|
||||
|
||||
TEST_ASSERT( mbedtls_mock_socket_connect( &(client.socket),
|
||||
&(server.socket),
|
||||
BUFFSIZE ) == 0 );
|
||||
|
@ -3421,51 +3443,93 @@ void handshake( const char *cipher, int version, int pk_alg,
|
|||
expected_srv_fragments ) == 0 );
|
||||
}
|
||||
#if defined(MBEDTLS_SSL_CONTEXT_SERIALIZATION)
|
||||
if( dtls == 0 || serialize == 0 )
|
||||
if( serialize == 1 )
|
||||
{
|
||||
/* Serialization works with DTLS only.
|
||||
* Skip if these options are misused. */
|
||||
goto exit;
|
||||
}
|
||||
TEST_ASSERT( dtls == 1 );
|
||||
|
||||
TEST_ASSERT( mbedtls_ssl_context_save( &(server.ssl), NULL,
|
||||
0, &context_buf_len )
|
||||
== MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
|
||||
TEST_ASSERT( mbedtls_ssl_context_save( &(server.ssl), NULL,
|
||||
0, &context_buf_len )
|
||||
== MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL );
|
||||
|
||||
context_buf = mbedtls_calloc( 1, context_buf_len );
|
||||
TEST_ASSERT( context_buf != NULL );
|
||||
context_buf = mbedtls_calloc( 1, context_buf_len );
|
||||
TEST_ASSERT( context_buf != NULL );
|
||||
|
||||
TEST_ASSERT( mbedtls_ssl_context_save( &(server.ssl), context_buf,
|
||||
context_buf_len,
|
||||
&context_buf_len ) == 0 );
|
||||
TEST_ASSERT( mbedtls_ssl_context_save( &(server.ssl), context_buf,
|
||||
context_buf_len,
|
||||
&context_buf_len ) == 0 );
|
||||
|
||||
mbedtls_ssl_free( &(server.ssl) );
|
||||
mbedtls_ssl_init( &(server.ssl) );
|
||||
mbedtls_ssl_free( &(server.ssl) );
|
||||
mbedtls_ssl_init( &(server.ssl) );
|
||||
|
||||
TEST_ASSERT( mbedtls_ssl_setup( &(server.ssl), &(server.conf) ) == 0 );
|
||||
TEST_ASSERT( mbedtls_ssl_setup( &(server.ssl), &(server.conf) ) == 0 );
|
||||
|
||||
mbedtls_ssl_set_bio( &( server.ssl ), &server_context,
|
||||
mbedtls_mock_tcp_send_msg,
|
||||
mbedtls_mock_tcp_recv_msg,
|
||||
NULL );
|
||||
mbedtls_ssl_set_bio( &( server.ssl ), &server_context,
|
||||
mbedtls_mock_tcp_send_msg,
|
||||
mbedtls_mock_tcp_recv_msg,
|
||||
NULL );
|
||||
|
||||
#if defined(MBEDTLS_TIMING_C)
|
||||
mbedtls_ssl_set_timer_cb( &server.ssl, &timer_server,
|
||||
mbedtls_timing_set_delay,
|
||||
mbedtls_timing_get_delay );
|
||||
mbedtls_ssl_set_timer_cb( &server.ssl, &timer_server,
|
||||
mbedtls_timing_set_delay,
|
||||
mbedtls_timing_get_delay );
|
||||
#endif
|
||||
TEST_ASSERT( mbedtls_ssl_context_load( &( server.ssl ), context_buf,
|
||||
context_buf_len ) == 0 );
|
||||
TEST_ASSERT( mbedtls_ssl_context_load( &( server.ssl ), context_buf,
|
||||
context_buf_len ) == 0 );
|
||||
|
||||
/* Retest writing/reading */
|
||||
if( cli_msg_len != 0 || srv_msg_len != 0 )
|
||||
{
|
||||
TEST_ASSERT( mbedtls_exchange_data( &(client.ssl), cli_msg_len,
|
||||
expected_cli_fragments,
|
||||
&(server.ssl), srv_msg_len,
|
||||
expected_srv_fragments ) == 0 );
|
||||
/* Retest writing/reading */
|
||||
if( cli_msg_len != 0 || srv_msg_len != 0 )
|
||||
{
|
||||
TEST_ASSERT( mbedtls_exchange_data( &(client.ssl), cli_msg_len,
|
||||
expected_cli_fragments,
|
||||
&(server.ssl), srv_msg_len,
|
||||
expected_srv_fragments ) == 0 );
|
||||
}
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_CONTEXT_SERIALIZATION */
|
||||
#if defined(MBEDTLS_SSL_RENEGOTIATION)
|
||||
if( renegotiate )
|
||||
{
|
||||
/* Start test with renegotiation */
|
||||
TEST_ASSERT( server.ssl.renego_status ==
|
||||
MBEDTLS_SSL_INITIAL_HANDSHAKE );
|
||||
TEST_ASSERT( client.ssl.renego_status ==
|
||||
MBEDTLS_SSL_INITIAL_HANDSHAKE );
|
||||
|
||||
/* After calling this function for the server, it only sends a handshake
|
||||
* request. All renegotiation should happen during data exchanging */
|
||||
TEST_ASSERT( mbedtls_ssl_renegotiate( &(server.ssl) ) == 0 );
|
||||
TEST_ASSERT( server.ssl.renego_status ==
|
||||
MBEDTLS_SSL_RENEGOTIATION_PENDING );
|
||||
TEST_ASSERT( client.ssl.renego_status ==
|
||||
MBEDTLS_SSL_INITIAL_HANDSHAKE );
|
||||
|
||||
TEST_ASSERT( exchange_data( &(client.ssl), &(server.ssl) ) == 0 );
|
||||
TEST_ASSERT( server.ssl.renego_status ==
|
||||
MBEDTLS_SSL_RENEGOTIATION_DONE );
|
||||
TEST_ASSERT( client.ssl.renego_status ==
|
||||
MBEDTLS_SSL_RENEGOTIATION_DONE );
|
||||
|
||||
/* After calling mbedtls_ssl_renegotiate for the client all renegotiation
|
||||
* should happen inside this function. However in this test, we cannot
|
||||
* perform simultaneous communication betwen client and server so this
|
||||
* function will return waiting error on the socket. All rest of
|
||||
* renegotiation should happen during data exchanging */
|
||||
ret = mbedtls_ssl_renegotiate( &(client.ssl) );
|
||||
TEST_ASSERT( ret == 0 ||
|
||||
ret == MBEDTLS_ERR_SSL_WANT_READ ||
|
||||
ret == MBEDTLS_ERR_SSL_WANT_WRITE );
|
||||
TEST_ASSERT( server.ssl.renego_status ==
|
||||
MBEDTLS_SSL_RENEGOTIATION_DONE );
|
||||
TEST_ASSERT( client.ssl.renego_status ==
|
||||
MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS );
|
||||
|
||||
TEST_ASSERT( exchange_data( &(client.ssl), &(server.ssl) ) == 0 );
|
||||
TEST_ASSERT( server.ssl.renego_status ==
|
||||
MBEDTLS_SSL_RENEGOTIATION_DONE );
|
||||
TEST_ASSERT( client.ssl.renego_status ==
|
||||
MBEDTLS_SSL_RENEGOTIATION_DONE );
|
||||
}
|
||||
#endif /* MBEDTLS_SSL_RENEGOTIATION */
|
||||
|
||||
exit:
|
||||
mbedtls_endpoint_free( &client, dtls != 0 ? &client_context : NULL );
|
||||
|
@ -3478,90 +3542,3 @@ exit:
|
|||
#endif
|
||||
}
|
||||
/* END_CASE */
|
||||
|
||||
/* BEGIN_CASE depends_on:MBEDTLS_X509_CRT_PARSE_C:MBEDTLS_RSA_C:MBEDTLS_ECP_DP_SECP384R1_ENABLED:!MBEDTLS_USE_PSA_CRYPTO:MBEDTLS_PKCS1_V15:MBEDTLS_SSL_RENEGOTIATION */
|
||||
void dtls_renegotiation( int legacy_option )
|
||||
{
|
||||
enum { BUFFSIZE = 17000 };
|
||||
#if defined(MBEDTLS_TIMING_C)
|
||||
mbedtls_timing_delay_context timer_client, timer_server;
|
||||
#endif
|
||||
mbedtls_endpoint server, client;
|
||||
mbedtls_test_message_queue server_queue, client_queue;
|
||||
mbedtls_test_message_socket_context server_context, client_context;
|
||||
int ret = -1;
|
||||
|
||||
/* Initializing endpoints for DTLS */
|
||||
ret = mbedtls_endpoint_init( &server, MBEDTLS_SSL_IS_SERVER, MBEDTLS_PK_RSA,
|
||||
&server_context, &server_queue, &client_queue );
|
||||
TEST_ASSERT( ret == 0 );
|
||||
|
||||
ret = mbedtls_endpoint_init( &client, MBEDTLS_SSL_IS_CLIENT, MBEDTLS_PK_RSA,
|
||||
&client_context, &client_queue, &server_queue );
|
||||
TEST_ASSERT( ret == 0 );
|
||||
|
||||
#if defined(MBEDTLS_TIMING_C)
|
||||
mbedtls_ssl_set_timer_cb( &client.ssl, &timer_client,
|
||||
mbedtls_timing_set_delay,
|
||||
mbedtls_timing_get_delay );
|
||||
|
||||
mbedtls_ssl_set_timer_cb( &server.ssl, &timer_server,
|
||||
mbedtls_timing_set_delay,
|
||||
mbedtls_timing_get_delay );
|
||||
#endif /* MBEDTLS_TIMING_C */
|
||||
|
||||
/* Setup renegotiation and perform connection */
|
||||
mbedtls_ssl_conf_renegotiation( &(server.conf), MBEDTLS_SSL_RENEGOTIATION_ENABLED );
|
||||
mbedtls_ssl_conf_renegotiation( &(client.conf), MBEDTLS_SSL_RENEGOTIATION_ENABLED );
|
||||
|
||||
mbedtls_ssl_conf_legacy_renegotiation( &(server.conf), legacy_option );
|
||||
mbedtls_ssl_conf_legacy_renegotiation( &(client.conf), legacy_option );
|
||||
|
||||
ret = mbedtls_mock_socket_connect( &(server.socket), &(client.socket),
|
||||
BUFFSIZE );
|
||||
TEST_ASSERT( ret == 0 );
|
||||
|
||||
ret = mbedtls_move_handshake_to_state( &(client.ssl),
|
||||
&(server.ssl),
|
||||
MBEDTLS_SSL_HANDSHAKE_OVER );
|
||||
TEST_ASSERT( ret == 0 );
|
||||
TEST_ASSERT( client.ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER );
|
||||
TEST_ASSERT( server.ssl.state == MBEDTLS_SSL_HANDSHAKE_OVER );
|
||||
|
||||
/* Start test with renegotiation */
|
||||
TEST_ASSERT( server.ssl.renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE );
|
||||
TEST_ASSERT( client.ssl.renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE );
|
||||
|
||||
ret = mbedtls_ssl_renegotiate( &(server.ssl) );
|
||||
TEST_ASSERT( ret == 0 );
|
||||
TEST_ASSERT( server.ssl.renego_status == MBEDTLS_SSL_RENEGOTIATION_PENDING );
|
||||
TEST_ASSERT( client.ssl.renego_status == MBEDTLS_SSL_INITIAL_HANDSHAKE );
|
||||
|
||||
/* After calling the above function for the server, it only sends a handshake
|
||||
* request. All renegotiation should happen during data exchanging */
|
||||
TEST_ASSERT( 0 == exchange_data( &(client.ssl), &(server.ssl) ) );
|
||||
TEST_ASSERT( server.ssl.renego_status == MBEDTLS_SSL_RENEGOTIATION_DONE );
|
||||
TEST_ASSERT( client.ssl.renego_status == MBEDTLS_SSL_RENEGOTIATION_DONE );
|
||||
|
||||
/* After calling mbedtls_ssl_renegotiate for the client all renegotiation
|
||||
* should happen inside this function. However in this test, we cannot
|
||||
* perform simultaneous communication between client and server so this
|
||||
* function will return waiting error on the socket. The rest of
|
||||
* renegotiation should happen during data exchanging */
|
||||
ret = mbedtls_ssl_renegotiate( &(client.ssl) );
|
||||
TEST_ASSERT( ret == 0 ||
|
||||
ret == MBEDTLS_ERR_SSL_WANT_READ ||
|
||||
ret == MBEDTLS_ERR_SSL_WANT_WRITE );
|
||||
TEST_ASSERT( server.ssl.renego_status == MBEDTLS_SSL_RENEGOTIATION_DONE );
|
||||
TEST_ASSERT( client.ssl.renego_status == MBEDTLS_SSL_RENEGOTIATION_IN_PROGRESS );
|
||||
|
||||
ret = exchange_data( &(client.ssl), &(server.ssl) );
|
||||
TEST_ASSERT( ret == 0 );
|
||||
TEST_ASSERT( server.ssl.renego_status == MBEDTLS_SSL_RENEGOTIATION_DONE );
|
||||
TEST_ASSERT( client.ssl.renego_status == MBEDTLS_SSL_RENEGOTIATION_DONE );
|
||||
|
||||
exit:
|
||||
mbedtls_endpoint_free( &client, &client_context );
|
||||
mbedtls_endpoint_free( &server, &server_context );
|
||||
}
|
||||
/* END_CASE */
|
||||
|
|
Loading…
Reference in a new issue