Merge remote-tracking branch 'origin/pr/2810' into development

* origin/pr/2810:
  ssl-opt.sh: Add var's of context s11n tests for ChaChaPoly,CCM,GCM
  ssl-opt.sh: Duplicate context serialization tests for CID
  Fix SSL context deserialization
This commit is contained in:
Jaeden Amero 2019-08-30 14:40:30 +01:00
commit 84f5d036d0
2 changed files with 179 additions and 25 deletions

View file

@ -11950,6 +11950,10 @@ static int ssl_context_load( mbedtls_ssl_context *ssl,
ssl->major_ver = MBEDTLS_SSL_MAJOR_VERSION_3;
ssl->minor_ver = MBEDTLS_SSL_MINOR_VERSION_3;
/* Adjust pointers for header fields of outgoing records to
* the given transform, accounting for explicit IV and CID. */
ssl_update_out_pointers( ssl, ssl->transform );
#if defined(MBEDTLS_SSL_PROTO_DTLS)
ssl->in_epoch = 1;
#endif

View file

@ -1283,49 +1283,199 @@ run_test "Truncated HMAC, DTLS: client enabled, server enabled" \
# Tests for Context serialization
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
run_test "Context serialization, client serializes" \
run_test "Context serialization, client serializes, CCM" \
"$P_SRV dtls=1 serialize=0 exchanges=2" \
"$P_CLI dtls=1 serialize=1 exchanges=2" \
"$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
0 \
-c "Deserializing connection..." \
-S "Deserializing connection..."
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
run_test "Context serialization, server serializes" \
"$P_SRV dtls=1 serialize=1 exchanges=2" \
"$P_CLI dtls=1 serialize=0 exchanges=2" \
0 \
-C "Deserializing connection..." \
-s "Deserializing connection..."
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
run_test "Context serialization, both serialize" \
"$P_SRV dtls=1 serialize=1 exchanges=2" \
"$P_CLI dtls=1 serialize=1 exchanges=2" \
0 \
-c "Deserializing connection..." \
-s "Deserializing connection..."
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
run_test "Context serialization, re-init, client serializes" \
run_test "Context serialization, client serializes, ChaChaPoly" \
"$P_SRV dtls=1 serialize=0 exchanges=2" \
"$P_CLI dtls=1 serialize=2 exchanges=2" \
"$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
0 \
-c "Deserializing connection..." \
-S "Deserializing connection..."
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
run_test "Context serialization, re-init, server serializes" \
"$P_SRV dtls=1 serialize=2 exchanges=2" \
"$P_CLI dtls=1 serialize=0 exchanges=2" \
run_test "Context serialization, client serializes, GCM" \
"$P_SRV dtls=1 serialize=0 exchanges=2" \
"$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
0 \
-c "Deserializing connection..." \
-S "Deserializing connection..."
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
run_test "Context serialization, client serializes, with CID" \
"$P_SRV dtls=1 serialize=0 exchanges=2 cid=1 cid_val=dead" \
"$P_CLI dtls=1 serialize=1 exchanges=2 cid=1 cid_val=beef" \
0 \
-c "Deserializing connection..." \
-S "Deserializing connection..."
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
run_test "Context serialization, server serializes, CCM" \
"$P_SRV dtls=1 serialize=1 exchanges=2" \
"$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
0 \
-C "Deserializing connection..." \
-s "Deserializing connection..."
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
run_test "Context serialization, re-init, both serialize" \
run_test "Context serialization, server serializes, ChaChaPoly" \
"$P_SRV dtls=1 serialize=1 exchanges=2" \
"$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
0 \
-C "Deserializing connection..." \
-s "Deserializing connection..."
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
run_test "Context serialization, server serializes, GCM" \
"$P_SRV dtls=1 serialize=1 exchanges=2" \
"$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
0 \
-C "Deserializing connection..." \
-s "Deserializing connection..."
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
run_test "Context serialization, server serializes, with CID" \
"$P_SRV dtls=1 serialize=1 exchanges=2 cid=1 cid_val=dead" \
"$P_CLI dtls=1 serialize=0 exchanges=2 cid=1 cid_val=beef" \
0 \
-C "Deserializing connection..." \
-s "Deserializing connection..."
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
run_test "Context serialization, both serialize, CCM" \
"$P_SRV dtls=1 serialize=1 exchanges=2" \
"$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
0 \
-c "Deserializing connection..." \
-s "Deserializing connection..."
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
run_test "Context serialization, both serialize, ChaChaPoly" \
"$P_SRV dtls=1 serialize=1 exchanges=2" \
"$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
0 \
-c "Deserializing connection..." \
-s "Deserializing connection..."
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
run_test "Context serialization, both serialize, GCM" \
"$P_SRV dtls=1 serialize=1 exchanges=2" \
"$P_CLI dtls=1 serialize=1 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
0 \
-c "Deserializing connection..." \
-s "Deserializing connection..."
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
run_test "Context serialization, both serialize, with CID" \
"$P_SRV dtls=1 serialize=1 exchanges=2 cid=1 cid_val=dead" \
"$P_CLI dtls=1 serialize=1 exchanges=2 cid=1 cid_val=beef" \
0 \
-c "Deserializing connection..." \
-s "Deserializing connection..."
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
run_test "Context serialization, re-init, client serializes, CCM" \
"$P_SRV dtls=1 serialize=0 exchanges=2" \
"$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
0 \
-c "Deserializing connection..." \
-S "Deserializing connection..."
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
run_test "Context serialization, re-init, client serializes, ChaChaPoly" \
"$P_SRV dtls=1 serialize=0 exchanges=2" \
"$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
0 \
-c "Deserializing connection..." \
-S "Deserializing connection..."
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
run_test "Context serialization, re-init, client serializes, GCM" \
"$P_SRV dtls=1 serialize=0 exchanges=2" \
"$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256" \
0 \
-c "Deserializing connection..." \
-S "Deserializing connection..."
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
run_test "Context serialization, re-init, client serializes, with CID" \
"$P_SRV dtls=1 serialize=0 exchanges=2 cid=1 cid_val=dead" \
"$P_CLI dtls=1 serialize=2 exchanges=2 cid=1 cid_val=beef" \
0 \
-c "Deserializing connection..." \
-S "Deserializing connection..."
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
run_test "Context serialization, re-init, server serializes, CCM" \
"$P_SRV dtls=1 serialize=2 exchanges=2" \
"$P_CLI dtls=1 serialize=2 exchanges=2" \
"$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
0 \
-C "Deserializing connection..." \
-s "Deserializing connection..."
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
run_test "Context serialization, re-init, server serializes, ChaChaPoly" \
"$P_SRV dtls=1 serialize=2 exchanges=2" \
"$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
0 \
-C "Deserializing connection..." \
-s "Deserializing connection..."
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
run_test "Context serialization, re-init, server serializes, GCM" \
"$P_SRV dtls=1 serialize=2 exchanges=2" \
"$P_CLI dtls=1 serialize=0 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
0 \
-C "Deserializing connection..." \
-s "Deserializing connection..."
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
run_test "Context serialization, re-init, server serializes, with CID" \
"$P_SRV dtls=1 serialize=2 exchanges=2 cid=1 cid_val=dead" \
"$P_CLI dtls=1 serialize=0 exchanges=2 cid=1 cid_val=beef" \
0 \
-C "Deserializing connection..." \
-s "Deserializing connection..."
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
run_test "Context serialization, re-init, both serialize, CCM" \
"$P_SRV dtls=1 serialize=2 exchanges=2" \
"$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8" \
0 \
-c "Deserializing connection..." \
-s "Deserializing connection..."
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
run_test "Context serialization, re-init, both serialize, ChaChaPoly" \
"$P_SRV dtls=1 serialize=2 exchanges=2" \
"$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
0 \
-c "Deserializing connection..." \
-s "Deserializing connection..."
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
run_test "Context serialization, re-init, both serialize, GCM" \
"$P_SRV dtls=1 serialize=2 exchanges=2" \
"$P_CLI dtls=1 serialize=2 exchanges=2 force_ciphersuite=TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256" \
0 \
-c "Deserializing connection..." \
-s "Deserializing connection..."
requires_config_enabled MBEDTLS_SSL_CONTEXT_SERIALIZATION
requires_config_enabled MBEDTLS_SSL_DTLS_CONNECTION_ID
run_test "Context serialization, re-init, both serialize, with CID" \
"$P_SRV dtls=1 serialize=2 exchanges=2 cid=1 cid_val=dead" \
"$P_CLI dtls=1 serialize=2 exchanges=2 cid=1 cid_val=beef" \
0 \
-c "Deserializing connection..." \
-s "Deserializing connection..."