Add test cases
Add test cases for different sig algs. Known issue is rsa_pss_rsae_sha256 fail Signed-off-by: Jerry Yu <jerry.h.yu@arm.com>
This commit is contained in:
parent
3391ac00d3
commit
37987ddd0f
1 changed files with 136 additions and 4 deletions
140
tests/ssl-opt.sh
140
tests/ssl-opt.sh
|
@ -9873,8 +9873,7 @@ run_test "TLS 1.3: CertificateRequest check, empty certificate - gnutls" \
|
||||||
-c "=> parse certificate request" \
|
-c "=> parse certificate request" \
|
||||||
-c "got a certificate request" \
|
-c "got a certificate request" \
|
||||||
-c "<= parse certificate request" \
|
-c "<= parse certificate request" \
|
||||||
-c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
|
-c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE"
|
||||||
-c "<= write empty client certificate"
|
|
||||||
|
|
||||||
requires_openssl_tls1_3
|
requires_openssl_tls1_3
|
||||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||||
|
@ -9889,8 +9888,7 @@ run_test "TLS 1.3: CertificateRequest check, empty certificate - openssl" \
|
||||||
-c "=> parse certificate request" \
|
-c "=> parse certificate request" \
|
||||||
-c "got a certificate request" \
|
-c "got a certificate request" \
|
||||||
-c "<= parse certificate request" \
|
-c "<= parse certificate request" \
|
||||||
-c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
|
-c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE"
|
||||||
-c "<= write empty client certificate"
|
|
||||||
|
|
||||||
requires_openssl_tls1_3
|
requires_openssl_tls1_3
|
||||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||||
|
@ -9925,6 +9923,140 @@ run_test "TLS 1.3: CertificateRequest check, no middlebox - gnutls" \
|
||||||
-c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
|
-c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
|
||||||
-c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY"
|
-c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY"
|
||||||
|
|
||||||
|
requires_openssl_tls1_3
|
||||||
|
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||||
|
requires_config_enabled MBEDTLS_DEBUG_C
|
||||||
|
requires_config_enabled MBEDTLS_SSL_CLI_C
|
||||||
|
requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
|
||||||
|
run_test "TLS 1.3: CertificateRequest check, ecdsa_secp256r1_sha256 - openssl" \
|
||||||
|
"$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10 -no_middlebox" \
|
||||||
|
"$P_CLI debug_level=4 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt \
|
||||||
|
key_file=data_files/ecdsa_secp256r1.key" \
|
||||||
|
0 \
|
||||||
|
-c "=> parse certificate request" \
|
||||||
|
-c "got a certificate request" \
|
||||||
|
-c "<= parse certificate request" \
|
||||||
|
-c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
|
||||||
|
-c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY"
|
||||||
|
|
||||||
|
requires_gnutls_tls1_3
|
||||||
|
requires_gnutls_next_no_ticket
|
||||||
|
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||||
|
requires_config_enabled MBEDTLS_DEBUG_C
|
||||||
|
requires_config_enabled MBEDTLS_SSL_CLI_C
|
||||||
|
requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
|
||||||
|
run_test "TLS 1.3: CertificateRequest check, ecdsa_secp256r1_sha256 - gnutls" \
|
||||||
|
"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
|
||||||
|
"$P_CLI debug_level=3 force_version=tls13 crt_file=data_files/ecdsa_secp256r1.crt \
|
||||||
|
key_file=data_files/ecdsa_secp256r1.key" \
|
||||||
|
0 \
|
||||||
|
-c "=> parse certificate request" \
|
||||||
|
-c "got a certificate request" \
|
||||||
|
-c "<= parse certificate request" \
|
||||||
|
-c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
|
||||||
|
-c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY"
|
||||||
|
|
||||||
|
requires_openssl_tls1_3
|
||||||
|
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||||
|
requires_config_enabled MBEDTLS_DEBUG_C
|
||||||
|
requires_config_enabled MBEDTLS_SSL_CLI_C
|
||||||
|
requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
|
||||||
|
run_test "TLS 1.3: CertificateRequest check, ecdsa_secp384r1_sha384 - openssl" \
|
||||||
|
"$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10 -no_middlebox" \
|
||||||
|
"$P_CLI debug_level=4 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt \
|
||||||
|
key_file=data_files/ecdsa_secp384r1.key" \
|
||||||
|
0 \
|
||||||
|
-c "=> parse certificate request" \
|
||||||
|
-c "got a certificate request" \
|
||||||
|
-c "<= parse certificate request" \
|
||||||
|
-c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
|
||||||
|
-c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY"
|
||||||
|
|
||||||
|
requires_gnutls_tls1_3
|
||||||
|
requires_gnutls_next_no_ticket
|
||||||
|
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||||
|
requires_config_enabled MBEDTLS_DEBUG_C
|
||||||
|
requires_config_enabled MBEDTLS_SSL_CLI_C
|
||||||
|
requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
|
||||||
|
run_test "TLS 1.3: CertificateRequest check, ecdsa_secp384r1_sha384 - gnutls" \
|
||||||
|
"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
|
||||||
|
"$P_CLI debug_level=3 force_version=tls13 crt_file=data_files/ecdsa_secp384r1.crt \
|
||||||
|
key_file=data_files/ecdsa_secp384r1.key" \
|
||||||
|
0 \
|
||||||
|
-c "=> parse certificate request" \
|
||||||
|
-c "got a certificate request" \
|
||||||
|
-c "<= parse certificate request" \
|
||||||
|
-c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
|
||||||
|
-c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY"
|
||||||
|
|
||||||
|
requires_openssl_tls1_3
|
||||||
|
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||||
|
requires_config_enabled MBEDTLS_DEBUG_C
|
||||||
|
requires_config_enabled MBEDTLS_SSL_CLI_C
|
||||||
|
requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
|
||||||
|
run_test "TLS 1.3: CertificateRequest check, ecdsa_secp521r1_sha512 - openssl" \
|
||||||
|
"$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10 -no_middlebox" \
|
||||||
|
"$P_CLI debug_level=4 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt \
|
||||||
|
key_file=data_files/ecdsa_secp521r1.key" \
|
||||||
|
0 \
|
||||||
|
-c "=> parse certificate request" \
|
||||||
|
-c "got a certificate request" \
|
||||||
|
-c "<= parse certificate request" \
|
||||||
|
-c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
|
||||||
|
-c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY"
|
||||||
|
|
||||||
|
requires_gnutls_tls1_3
|
||||||
|
requires_gnutls_next_no_ticket
|
||||||
|
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||||
|
requires_config_enabled MBEDTLS_DEBUG_C
|
||||||
|
requires_config_enabled MBEDTLS_SSL_CLI_C
|
||||||
|
requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
|
||||||
|
run_test "TLS 1.3: CertificateRequest check, ecdsa_secp521r1_sha512 - gnutls" \
|
||||||
|
"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
|
||||||
|
"$P_CLI debug_level=3 force_version=tls13 crt_file=data_files/ecdsa_secp521r1.crt \
|
||||||
|
key_file=data_files/ecdsa_secp521r1.key" \
|
||||||
|
0 \
|
||||||
|
-c "=> parse certificate request" \
|
||||||
|
-c "got a certificate request" \
|
||||||
|
-c "<= parse certificate request" \
|
||||||
|
-c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
|
||||||
|
-c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY"
|
||||||
|
|
||||||
|
#This test is expected fail now. It should be fixed later
|
||||||
|
requires_openssl_tls1_3
|
||||||
|
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||||
|
requires_config_enabled MBEDTLS_DEBUG_C
|
||||||
|
requires_config_enabled MBEDTLS_SSL_CLI_C
|
||||||
|
requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
|
||||||
|
run_test "TLS 1.3: CertificateRequest check, rsa_pss_rsae_sha256 - openssl" \
|
||||||
|
"$O_NEXT_SRV -msg -tls1_3 -num_tickets 0 -no_resume_ephemeral -no_cache -Verify 10 -no_middlebox" \
|
||||||
|
"$P_CLI debug_level=4 force_version=tls13 crt_file=data_files/server2-sha256.crt \
|
||||||
|
key_file=data_files/server2.key" \
|
||||||
|
1 \
|
||||||
|
-c "=> parse certificate request" \
|
||||||
|
-c "got a certificate request" \
|
||||||
|
-c "<= parse certificate request" \
|
||||||
|
-c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
|
||||||
|
-c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY"
|
||||||
|
|
||||||
|
#This test is expected fail now. It should be fixed later
|
||||||
|
requires_gnutls_tls1_3
|
||||||
|
requires_gnutls_next_no_ticket
|
||||||
|
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||||
|
requires_config_enabled MBEDTLS_DEBUG_C
|
||||||
|
requires_config_enabled MBEDTLS_SSL_CLI_C
|
||||||
|
requires_config_disabled MBEDTLS_USE_PSA_CRYPTO
|
||||||
|
run_test "TLS 1.3: CertificateRequest check, rsa_pss_rsae_sha256 - gnutls" \
|
||||||
|
"$G_NEXT_SRV --debug=4 --priority=NORMAL:-VERS-ALL:+VERS-TLS1.3:+CIPHER-ALL:%NO_TICKETS:%DISABLE_TLS13_COMPAT_MODE" \
|
||||||
|
"$P_CLI debug_level=3 force_version=tls13 crt_file=data_files/server2-sha256.crt \
|
||||||
|
key_file=data_files/server2.key" \
|
||||||
|
1 \
|
||||||
|
-c "=> parse certificate request" \
|
||||||
|
-c "got a certificate request" \
|
||||||
|
-c "<= parse certificate request" \
|
||||||
|
-c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE" \
|
||||||
|
-c "client state: MBEDTLS_SSL_CLIENT_CERTIFICATE_VERIFY"
|
||||||
|
|
||||||
requires_openssl_tls1_3
|
requires_openssl_tls1_3
|
||||||
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
|
||||||
requires_config_enabled MBEDTLS_DEBUG_C
|
requires_config_enabled MBEDTLS_DEBUG_C
|
||||||
|
|
Loading…
Reference in a new issue