Skip to content

Commit

Permalink
ssl-opt.sh: add tests for server psa opaque rsa-psk key exchange
Browse files Browse the repository at this point in the history 
Signed-off-by: Przemek Stekiel <[email protected]>
  • Loading branch information
@mprse
mprse committed Apr 6, 2022
1 parent fe4f7b3 commit 36dc5b3
Showing 1 changed file with 124 additions and 0 deletions.
124 changes: 124 additions & 0 deletions tests/ssl-opt.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6274,6 +6274,68 @@ run_test "PSK callback: raw psk on client, static opaque on server, no callba
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"

requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback" \
"$P_SRV extended_ms=0 debug_level=5 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA" \
"$P_CLI extended_ms=0 debug_level=5 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
psk_identity=foo psk=abc123" \
0 \
-C "skip PMS generation for opaque RSA-PSK"\
-s "skip PMS generation for opaque RSA-PSK"\
-C "session hash for extended master secret"\
-S "session hash for extended master secret"\
-S "SSL - The handshake negotiation failed" \
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"

requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback, SHA-384" \
"$P_SRV extended_ms=0 debug_level=1 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384" \
"$P_CLI extended_ms=0 debug_level=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
psk_identity=foo psk=abc123" \
0 \
-C "skip PMS generation for opaque RSA-PSK"\
-s "skip PMS generation for opaque RSA-PSK"\
-C "session hash for extended master secret"\
-S "session hash for extended master secret"\
-S "SSL - The handshake negotiation failed" \
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"

requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback, EMS" \
"$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 \
force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
"$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
psk_identity=foo psk=abc123 extended_ms=1" \
0 \
-c "session hash for extended master secret"\
-s "session hash for extended master secret"\
-C "skip PMS generation for opaque RSA-PSK"\
-s "skip PMS generation for opaque RSA-PSK"\
-S "SSL - The handshake negotiation failed" \
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"

requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "PSK callback: raw rsa-psk on client, static opaque on server, no callback, EMS, SHA384" \
"$P_SRV debug_level=3 psk=abc123 psk_identity=foo psk_opaque=1 min_version=tls12 \
force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
"$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
psk_identity=foo psk=abc123 extended_ms=1" \
0 \
-c "session hash for extended master secret"\
-s "session hash for extended master secret"\
-C "skip PMS generation for opaque RSA-PSK"\
-s "skip PMS generation for opaque RSA-PSK"\
-S "SSL - The handshake negotiation failed" \
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"

requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "PSK callback: raw psk on client, no static PSK on server, opaque PSK from callback" \
Expand Down Expand Up @@ -6336,6 +6398,68 @@ run_test "PSK callback: raw psk on client, no static PSK on server, opaque PS
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"

requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from callback" \
"$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA" \
"$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
psk_identity=def psk=beef" \
0 \
-C "skip PMS generation for opaque RSA-PSK"\
-s "skip PMS generation for opaque RSA-PSK"\
-C "session hash for extended master secret"\
-S "session hash for extended master secret"\
-S "SSL - The handshake negotiation failed" \
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"

requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from callback, SHA-384" \
"$P_SRV extended_ms=0 debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384" \
"$P_CLI extended_ms=0 debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
psk_identity=def psk=beef" \
0 \
-C "skip PMS generation for opaque RSA-PSK"\
-s "skip PMS generation for opaque RSA-PSK"\
-C "session hash for extended master secret"\
-S "session hash for extended master secret"\
-S "SSL - The handshake negotiation failed" \
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"

requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from callback, EMS" \
"$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \
force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA extended_ms=1" \
"$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-128-CBC-SHA \
psk_identity=abc psk=dead extended_ms=1" \
0 \
-c "session hash for extended master secret"\
-s "session hash for extended master secret"\
-C "skip PMS generation for opaque RSA-PSK"\
-s "skip PMS generation for opaque RSA-PSK"\
-S "SSL - The handshake negotiation failed" \
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"

requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "PSK callback: raw rsa-psk on client, no static RSA-PSK on server, opaque RSA-PSK from callback, EMS, SHA384" \
"$P_SRV debug_level=3 psk_list=abc,dead,def,beef psk_list_opaque=1 min_version=tls12 \
force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 extended_ms=1" \
"$P_CLI debug_level=3 min_version=tls12 force_ciphersuite=TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \
psk_identity=abc psk=dead extended_ms=1" \
0 \
-c "session hash for extended master secret"\
-s "session hash for extended master secret"\
-C "skip PMS generation for opaque RSA-PSK"\
-s "skip PMS generation for opaque RSA-PSK"\
-S "SSL - The handshake negotiation failed" \
-S "SSL - Unknown identity received" \
-S "SSL - Verification of the message MAC failed"

requires_config_enabled MBEDTLS_USE_PSA_CRYPTO
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
run_test "PSK callback: raw psk on client, mismatching static raw PSK on server, opaque PSK from callback" \
Expand Down

0 comments on commit 36dc5b3

Please sign in to comment.