len0rd/FreeRTOS-Kernel
1
0
Fork 0
mirror of https://github.com/FreeRTOS/FreeRTOS-Kernel.git synced 2025-08-18 09:08:33 -04:00
Code Issues Projects Releases Packages Wiki Activity

Update CyaSSL to latest version.

Browse source
This commit is contained in:
Richard Barry 2014-07-18 18:54:25 +00:00
parent 5fcd270398
commit 3d007d0b4b
445 changed files with 162375 additions and 26182 deletions
Download patch file Download diff file Expand all files Collapse all files

691
FreeRTOS-Plus/Source/CyaSSL/tests/api.c
View file

@ -1,6 +1,6 @@
/* api.c API unit tests
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,9 +16,16 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
#include <cyassl/error-ssl.h>
#include <stdlib.h>
#include <cyassl/ssl.h>
#include <cyassl/test.h>
@ -31,19 +38,37 @@ static int test_CyaSSL_Init(void);
static int test_CyaSSL_Cleanup(void);
static int test_CyaSSL_Method_Allocators(void);
static int test_CyaSSL_CTX_new(CYASSL_METHOD *method);
#ifndef NO_FILESYSTEM
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
static int test_CyaSSL_CTX_use_certificate_file(void);
static int test_CyaSSL_CTX_use_PrivateKey_file(void);
static int test_CyaSSL_CTX_load_verify_locations(void);
#ifndef NO_RSA
static int test_server_CyaSSL_new(void);
static int test_client_CyaSSL_new(void);
#ifndef SINGLE_THREADED
static int test_CyaSSL_read_write(void);
#endif
#endif /* SINGLE_THREADED */
#endif /* NO_RSA */
#endif /* NO_FILESYSTEM */
#ifdef HAVE_SNI
static void test_CyaSSL_UseSNI(void);
#endif /* HAVE_SNI */
#ifdef HAVE_MAX_FRAGMENT
static void test_CyaSSL_UseMaxFragment(void);
#endif /* HAVE_MAX_FRAGMENT */
#ifdef HAVE_TRUNCATED_HMAC
static void test_CyaSSL_UseTruncatedHMAC(void);
#endif /* HAVE_TRUNCATED_HMAC */
#ifdef HAVE_SUPPORTED_CURVES
static void test_CyaSSL_UseSupportedCurve(void);
#endif /* HAVE_SUPPORTED_CURVES */
/* test function helpers */
static int test_method(CYASSL_METHOD *method, const char *name);
#ifdef OPENSSL_EXTRA
static int test_method2(CYASSL_METHOD *method, const char *name);
#ifndef NO_FILESYSTEM
#endif
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
static int test_ucf(CYASSL_CTX *ctx, const char* file, int type,
int cond, const char* name);
static int test_upkf(CYASSL_CTX *ctx, const char* file, int type,
@ -53,11 +78,18 @@ static int test_lvl(CYASSL_CTX *ctx, const char* file, const char* path,
THREAD_RETURN CYASSL_THREAD test_server_nofail(void*);
void test_client_nofail(void*);
#endif
void run_cyassl_client(void* args);
THREAD_RETURN CYASSL_THREAD run_cyassl_server(void* args);
void test_CyaSSL_client_server(callback_functions* client_callbacks,
callback_functions* server_callbacks);
static const char* bogusFile = "/dev/null";
static const char* testingFmt = " %s:";
static const char* resultFmt = " %s\n";
#endif
#define testingFmt " %s:"
#define resultFmt " %s\n"
static const char* passed = "passed";
static const char* failed = "failed";
@ -71,14 +103,30 @@ int ApiTest(void)
test_CyaSSL_Init();
test_CyaSSL_Method_Allocators();
test_CyaSSL_CTX_new(CyaSSLv23_server_method());
#ifndef NO_FILESYSTEM
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
test_CyaSSL_CTX_use_certificate_file();
test_CyaSSL_CTX_use_PrivateKey_file();
test_CyaSSL_CTX_load_verify_locations();
#ifndef NO_RSA
test_server_CyaSSL_new();
test_client_CyaSSL_new();
#ifndef SINGLE_THREADED
test_CyaSSL_read_write();
#endif
#endif /* SINGLE_THREADED */
#endif /* NO_RSA */
#endif /* NO_FILESYSTEM */
#ifdef HAVE_SNI
test_CyaSSL_UseSNI();
#endif /* HAVE_SNI */
#ifdef HAVE_MAX_FRAGMENT
test_CyaSSL_UseMaxFragment();
#endif /* HAVE_MAX_FRAGMENT */
#ifdef HAVE_TRUNCATED_HMAC
test_CyaSSL_UseTruncatedHMAC();
#endif /* HAVE_TRUNCATED_HMAC */
#ifdef HAVE_SUPPORTED_CURVES
test_CyaSSL_UseSupportedCurve();
#endif /* HAVE_SUPPORTED_CURVES */
test_CyaSSL_Cleanup();
printf(" End API Tests\n");
@ -91,7 +139,7 @@ int test_CyaSSL_Init(void)
printf(testingFmt, "CyaSSL_Init()");
result = CyaSSL_Init();
printf(resultFmt, result ? failed : passed);
printf(resultFmt, result == SSL_SUCCESS ? passed : failed);
return result;
}
@ -102,7 +150,7 @@ static int test_CyaSSL_Cleanup(void)
printf(testingFmt, "CyaSSL_Cleanup()");
result = CyaSSL_Cleanup();
printf(resultFmt, result ? failed : passed);
printf(resultFmt, result == SSL_SUCCESS ? passed : failed);
return result;
}
@ -120,6 +168,7 @@ int test_method(CYASSL_METHOD *method, const char *name)
return TEST_SUCCESS;
}
#ifdef OPENSSL_EXTRA
int test_method2(CYASSL_METHOD *method, const char *name)
{
printf(testingFmt, name);
@ -132,15 +181,18 @@ int test_method2(CYASSL_METHOD *method, const char *name)
printf(resultFmt, passed);
return TEST_SUCCESS;
}
#endif
int test_CyaSSL_Method_Allocators(void)
{
#ifndef NO_OLD_TLS
test_method(CyaSSLv3_server_method(), "CyaSSLv3_server_method()");
test_method(CyaSSLv3_client_method(), "CyaSSLv3_client_method()");
test_method(CyaTLSv1_server_method(), "CyaTLSv1_server_method()");
test_method(CyaTLSv1_client_method(), "CyaTLSv1_client_method()");
test_method(CyaTLSv1_1_server_method(), "CyaTLSv1_1_server_method()");
test_method(CyaTLSv1_1_client_method(), "CyaTLSv1_1_client_method()");
#endif /* NO_OLD_TLS */
test_method(CyaTLSv1_2_server_method(), "CyaTLSv1_2_server_method()");
test_method(CyaTLSv1_2_client_method(), "CyaTLSv1_2_client_method()");
test_method(CyaSSLv23_client_method(), "CyaSSLv23_client_method()");
@ -195,7 +247,370 @@ int test_CyaSSL_CTX_new(CYASSL_METHOD *method)
return TEST_SUCCESS;
}
#ifndef NO_FILESYSTEM
#ifdef HAVE_SNI
static void use_SNI_at_ctx(CYASSL_CTX* ctx)
{
byte type = CYASSL_SNI_HOST_NAME;
char name[] = "www.yassl.com";
AssertIntEQ(SSL_SUCCESS,
CyaSSL_CTX_UseSNI(ctx, type, (void *) name, XSTRLEN(name)));
}
static void use_SNI_at_ssl(CYASSL* ssl)
{
byte type = CYASSL_SNI_HOST_NAME;
char name[] = "www.yassl.com";
AssertIntEQ(SSL_SUCCESS,
CyaSSL_UseSNI(ssl, type, (void *) name, XSTRLEN(name)));
}
static void different_SNI_at_ssl(CYASSL* ssl)
{
byte type = CYASSL_SNI_HOST_NAME;
char name[] = "ww2.yassl.com";
AssertIntEQ(SSL_SUCCESS,
CyaSSL_UseSNI(ssl, type, (void *) name, XSTRLEN(name)));
}
static void use_SNI_WITH_CONTINUE_at_ssl(CYASSL* ssl)
{
byte type = CYASSL_SNI_HOST_NAME;
use_SNI_at_ssl(ssl);
CyaSSL_SNI_SetOptions(ssl, type, CYASSL_SNI_CONTINUE_ON_MISMATCH);
}
static void use_SNI_WITH_FAKE_ANSWER_at_ssl(CYASSL* ssl)
{
byte type = CYASSL_SNI_HOST_NAME;
use_SNI_at_ssl(ssl);
CyaSSL_SNI_SetOptions(ssl, type, CYASSL_SNI_ANSWER_ON_MISMATCH);
}
static void verify_SNI_abort_on_client(CYASSL* ssl)
{
AssertIntEQ(FATAL_ERROR, CyaSSL_get_error(ssl, 0));
}
static void verify_SNI_abort_on_server(CYASSL* ssl)
{
AssertIntEQ(UNKNOWN_SNI_HOST_NAME_E, CyaSSL_get_error(ssl, 0));
}
static void verify_SNI_no_matching(CYASSL* ssl)
{
byte type = CYASSL_SNI_HOST_NAME;
char* request = (char*) &type; /* to be overwriten */
AssertIntEQ(CYASSL_SNI_NO_MATCH, CyaSSL_SNI_Status(ssl, type));
AssertNotNull(request);
AssertIntEQ(0, CyaSSL_SNI_GetRequest(ssl, type, (void**) &request));
AssertNull(request);
}
static void verify_SNI_real_matching(CYASSL* ssl)
{
byte type = CYASSL_SNI_HOST_NAME;
char* request = NULL;
char name[] = "www.yassl.com";
word16 length = XSTRLEN(name);
AssertIntEQ(CYASSL_SNI_REAL_MATCH, CyaSSL_SNI_Status(ssl, type));
AssertIntEQ(length, CyaSSL_SNI_GetRequest(ssl, type, (void**) &request));
AssertNotNull(request);
AssertStrEQ(name, request);
}
static void verify_SNI_fake_matching(CYASSL* ssl)
{
byte type = CYASSL_SNI_HOST_NAME;
char* request = NULL;
char name[] = "ww2.yassl.com";
word16 length = XSTRLEN(name);
AssertIntEQ(CYASSL_SNI_FAKE_MATCH, CyaSSL_SNI_Status(ssl, type));
AssertIntEQ(length, CyaSSL_SNI_GetRequest(ssl, type, (void**) &request));
AssertNotNull(request);
AssertStrEQ(name, request);
}
static void test_CyaSSL_SNI_GetFromBuffer(void)
{
byte buffer[] = { /* www.paypal.com */
0x00, 0x00, 0x00, 0x00, 0xff, 0x01, 0x00, 0x00, 0x60, 0x03, 0x03, 0x5c,
0xc4, 0xb3, 0x8c, 0x87, 0xef, 0xa4, 0x09, 0xe0, 0x02, 0xab, 0x86, 0xca,
0x76, 0xf0, 0x9e, 0x01, 0x65, 0xf6, 0xa6, 0x06, 0x13, 0x1d, 0x0f, 0xa5,
0x79, 0xb0, 0xd4, 0x77, 0x22, 0xeb, 0x1a, 0x00, 0x00, 0x16, 0x00, 0x6b,
0x00, 0x67, 0x00, 0x39, 0x00, 0x33, 0x00, 0x3d, 0x00, 0x3c, 0x00, 0x35,
0x00, 0x2f, 0x00, 0x05, 0x00, 0x04, 0x00, 0x0a, 0x01, 0x00, 0x00, 0x21,
0x00, 0x00, 0x00, 0x13, 0x00, 0x11, 0x00, 0x00, 0x0e, 0x77, 0x77, 0x77,
0x2e, 0x70, 0x61, 0x79, 0x70, 0x61, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x00,
0x0d, 0x00, 0x06, 0x00, 0x04, 0x04, 0x01, 0x02, 0x01
};
byte buffer2[] = { /* api.textmate.org */
0x16, 0x03, 0x01, 0x00, 0xc6, 0x01, 0x00, 0x00, 0xc2, 0x03, 0x03, 0x52,
0x8b, 0x7b, 0xca, 0x69, 0xec, 0x97, 0xd5, 0x08, 0x03, 0x50, 0xfe, 0x3b,
0x99, 0xc3, 0x20, 0xce, 0xa5, 0xf6, 0x99, 0xa5, 0x71, 0xf9, 0x57, 0x7f,
0x04, 0x38, 0xf6, 0x11, 0x0b, 0xb8, 0xd3, 0x00, 0x00, 0x5e, 0x00, 0xff,
0xc0, 0x24, 0xc0, 0x23, 0xc0, 0x0a, 0xc0, 0x09, 0xc0, 0x07, 0xc0, 0x08,
0xc0, 0x28, 0xc0, 0x27, 0xc0, 0x14, 0xc0, 0x13, 0xc0, 0x11, 0xc0, 0x12,
0xc0, 0x26, 0xc0, 0x25, 0xc0, 0x2a, 0xc0, 0x29, 0xc0, 0x05, 0xc0, 0x04,
0xc0, 0x02, 0xc0, 0x03, 0xc0, 0x0f, 0xc0, 0x0e, 0xc0, 0x0c, 0xc0, 0x0d,
0x00, 0x3d, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0x05, 0x00, 0x04, 0x00, 0x35,
0x00, 0x0a, 0x00, 0x67, 0x00, 0x6b, 0x00, 0x33, 0x00, 0x39, 0x00, 0x16,
0x00, 0xaf, 0x00, 0xae, 0x00, 0x8d, 0x00, 0x8c, 0x00, 0x8a, 0x00, 0x8b,
0x00, 0xb1, 0x00, 0xb0, 0x00, 0x2c, 0x00, 0x3b, 0x01, 0x00, 0x00, 0x3b,
0x00, 0x00, 0x00, 0x15, 0x00, 0x13, 0x00, 0x00, 0x10, 0x61, 0x70, 0x69,
0x2e, 0x74, 0x65, 0x78, 0x74, 0x6d, 0x61, 0x74, 0x65, 0x2e, 0x6f, 0x72,
0x67, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x17, 0x00, 0x18, 0x00,
0x19, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x0d, 0x00, 0x0c, 0x00,
0x0a, 0x05, 0x01, 0x04, 0x01, 0x02, 0x01, 0x04, 0x03, 0x02, 0x03
};
byte buffer3[] = { /* no sni extension */
0x16, 0x03, 0x03, 0x00, 0x4d, 0x01, 0x00, 0x00, 0x49, 0x03, 0x03, 0xea,
0xa1, 0x9f, 0x60, 0xdd, 0x52, 0x12, 0x13, 0xbd, 0x84, 0x34, 0xd5, 0x1c,
0x38, 0x25, 0xa8, 0x97, 0xd2, 0xd5, 0xc6, 0x45, 0xaf, 0x1b, 0x08, 0xe4,
0x1e, 0xbb, 0xdf, 0x9d, 0x39, 0xf0, 0x65, 0x00, 0x00, 0x16, 0x00, 0x6b,
0x00, 0x67, 0x00, 0x39, 0x00, 0x33, 0x00, 0x3d, 0x00, 0x3c, 0x00, 0x35,
0x00, 0x2f, 0x00, 0x05, 0x00, 0x04, 0x00, 0x0a, 0x01, 0x00, 0x00, 0x0a,
0x00, 0x0d, 0x00, 0x06, 0x00, 0x04, 0x04, 0x01, 0x02, 0x01
};
byte buffer4[] = { /* last extension has zero size */
0x16, 0x03, 0x01, 0x00, 0xba, 0x01, 0x00, 0x00,
0xb6, 0x03, 0x03, 0x83, 0xa3, 0xe6, 0xdc, 0x16, 0xa1, 0x43, 0xe9, 0x45,
0x15, 0xbd, 0x64, 0xa9, 0xb6, 0x07, 0xb4, 0x50, 0xc6, 0xdd, 0xff, 0xc2,
0xd3, 0x0d, 0x4f, 0x36, 0xb4, 0x41, 0x51, 0x61, 0xc1, 0xa5, 0x9e, 0x00,
0x00, 0x28, 0xcc, 0x14, 0xcc, 0x13, 0xc0, 0x2b, 0xc0, 0x2f, 0x00, 0x9e,
0xc0, 0x0a, 0xc0, 0x09, 0xc0, 0x13, 0xc0, 0x14, 0xc0, 0x07, 0xc0, 0x11,
0x00, 0x33, 0x00, 0x32, 0x00, 0x39, 0x00, 0x9c, 0x00, 0x2f, 0x00, 0x35,
0x00, 0x0a, 0x00, 0x05, 0x00, 0x04, 0x01, 0x00, 0x00, 0x65, 0xff, 0x01,
0x00, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x17, 0x00,
0x18, 0x00, 0x19, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x23, 0x00,
0x00, 0x33, 0x74, 0x00, 0x00, 0x00, 0x10, 0x00, 0x1b, 0x00, 0x19, 0x06,
0x73, 0x70, 0x64, 0x79, 0x2f, 0x33, 0x08, 0x73, 0x70, 0x64, 0x79, 0x2f,
0x33, 0x2e, 0x31, 0x08, 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31,
0x75, 0x50, 0x00, 0x00, 0x00, 0x05, 0x00, 0x05, 0x01, 0x00, 0x00, 0x00,
0x00, 0x00, 0x0d, 0x00, 0x12, 0x00, 0x10, 0x04, 0x01, 0x05, 0x01, 0x02,
0x01, 0x04, 0x03, 0x05, 0x03, 0x02, 0x03, 0x04, 0x02, 0x02, 0x02, 0x00,
0x12, 0x00, 0x00
};
byte result[32] = {0};
word32 length = 32;
AssertIntEQ(0, CyaSSL_SNI_GetFromBuffer(buffer4, sizeof(buffer4),
0, result, &length));
AssertIntEQ(0, CyaSSL_SNI_GetFromBuffer(buffer3, sizeof(buffer3),
0, result, &length));
AssertIntEQ(0, CyaSSL_SNI_GetFromBuffer(buffer2, sizeof(buffer2),
1, result, &length));
AssertIntEQ(BUFFER_ERROR, CyaSSL_SNI_GetFromBuffer(buffer, sizeof(buffer),
0, result, &length));
buffer[0] = 0x16;
AssertIntEQ(BUFFER_ERROR, CyaSSL_SNI_GetFromBuffer(buffer, sizeof(buffer),
0, result, &length));
buffer[1] = 0x03;
AssertIntEQ(BUFFER_ERROR, CyaSSL_SNI_GetFromBuffer(buffer, sizeof(buffer),
0, result, &length));
buffer[2] = 0x03;
AssertIntEQ(INCOMPLETE_DATA, CyaSSL_SNI_GetFromBuffer(buffer,
sizeof(buffer), 0, result, &length));
buffer[4] = 0x64;
AssertIntEQ(SSL_SUCCESS, CyaSSL_SNI_GetFromBuffer(buffer, sizeof(buffer),
0, result, &length));
result[length] = 0;
AssertStrEQ("www.paypal.com", (const char*) result);
length = 32;
AssertIntEQ(SSL_SUCCESS, CyaSSL_SNI_GetFromBuffer(buffer2, sizeof(buffer2),
0, result, &length));
result[length] = 0;
AssertStrEQ("api.textmate.org", (const char*) result);
}
void test_CyaSSL_UseSNI(void)
{
callback_functions client_callbacks = {CyaSSLv23_client_method, 0, 0, 0};
callback_functions server_callbacks = {CyaSSLv23_server_method, 0, 0, 0};
CYASSL_CTX *ctx = CyaSSL_CTX_new(CyaSSLv23_client_method());
CYASSL *ssl = CyaSSL_new(ctx);
AssertNotNull(ctx);
AssertNotNull(ssl);
/* error cases */
AssertIntNE(SSL_SUCCESS,
CyaSSL_CTX_UseSNI(NULL, 0, (void *) "ctx", XSTRLEN("ctx")));
AssertIntNE(SSL_SUCCESS,
CyaSSL_UseSNI( NULL, 0, (void *) "ssl", XSTRLEN("ssl")));
AssertIntNE(SSL_SUCCESS,
CyaSSL_CTX_UseSNI(ctx, -1, (void *) "ctx", XSTRLEN("ctx")));
AssertIntNE(SSL_SUCCESS,
CyaSSL_UseSNI( ssl, -1, (void *) "ssl", XSTRLEN("ssl")));
AssertIntNE(SSL_SUCCESS,
CyaSSL_CTX_UseSNI(ctx, 0, (void *) NULL, XSTRLEN("ctx")));
AssertIntNE(SSL_SUCCESS,
CyaSSL_UseSNI( ssl, 0, (void *) NULL, XSTRLEN("ssl")));
/* success case */
AssertIntEQ(SSL_SUCCESS,
CyaSSL_CTX_UseSNI(ctx, 0, (void *) "ctx", XSTRLEN("ctx")));
AssertIntEQ(SSL_SUCCESS,
CyaSSL_UseSNI( ssl, 0, (void *) "ssl", XSTRLEN("ssl")));
CyaSSL_free(ssl);
CyaSSL_CTX_free(ctx);
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
/* Testing success case at ctx */
client_callbacks.ctx_ready = server_callbacks.ctx_ready = use_SNI_at_ctx;
server_callbacks.on_result = verify_SNI_real_matching;
test_CyaSSL_client_server(&client_callbacks, &server_callbacks);
/* Testing success case at ssl */
client_callbacks.ctx_ready = server_callbacks.ctx_ready = NULL;
client_callbacks.ssl_ready = server_callbacks.ssl_ready = use_SNI_at_ssl;
test_CyaSSL_client_server(&client_callbacks, &server_callbacks);
/* Testing default mismatch behaviour */
client_callbacks.ssl_ready = different_SNI_at_ssl;
client_callbacks.on_result = verify_SNI_abort_on_client;
server_callbacks.on_result = verify_SNI_abort_on_server;
test_CyaSSL_client_server(&client_callbacks, &server_callbacks);
client_callbacks.on_result = NULL;
/* Testing continue on mismatch */
client_callbacks.ssl_ready = different_SNI_at_ssl;
server_callbacks.ssl_ready = use_SNI_WITH_CONTINUE_at_ssl;
server_callbacks.on_result = verify_SNI_no_matching;
test_CyaSSL_client_server(&client_callbacks, &server_callbacks);
/* Testing fake answer on mismatch */
server_callbacks.ssl_ready = use_SNI_WITH_FAKE_ANSWER_at_ssl;
server_callbacks.on_result = verify_SNI_fake_matching;
test_CyaSSL_client_server(&client_callbacks, &server_callbacks);
#endif
test_CyaSSL_SNI_GetFromBuffer();
}
#endif /* HAVE_SNI */
#ifdef HAVE_MAX_FRAGMENT
static void test_CyaSSL_UseMaxFragment(void)
{
CYASSL_CTX *ctx = CyaSSL_CTX_new(CyaSSLv23_client_method());
CYASSL *ssl = CyaSSL_new(ctx);
AssertNotNull(ctx);
AssertNotNull(ssl);
/* error cases */
AssertIntNE(SSL_SUCCESS, CyaSSL_CTX_UseMaxFragment(NULL, CYASSL_MFL_2_9));
AssertIntNE(SSL_SUCCESS, CyaSSL_UseMaxFragment( NULL, CYASSL_MFL_2_9));
AssertIntNE(SSL_SUCCESS, CyaSSL_CTX_UseMaxFragment(ctx, 0));
AssertIntNE(SSL_SUCCESS, CyaSSL_CTX_UseMaxFragment(ctx, 6));
AssertIntNE(SSL_SUCCESS, CyaSSL_UseMaxFragment(ssl, 0));
AssertIntNE(SSL_SUCCESS, CyaSSL_UseMaxFragment(ssl, 6));
/* success case */
AssertIntEQ(SSL_SUCCESS, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_9));
AssertIntEQ(SSL_SUCCESS, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_10));
AssertIntEQ(SSL_SUCCESS, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_11));
AssertIntEQ(SSL_SUCCESS, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_12));
AssertIntEQ(SSL_SUCCESS, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_13));
AssertIntEQ(SSL_SUCCESS, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_9));
AssertIntEQ(SSL_SUCCESS, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_10));
AssertIntEQ(SSL_SUCCESS, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_11));
AssertIntEQ(SSL_SUCCESS, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_12));
AssertIntEQ(SSL_SUCCESS, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_13));
CyaSSL_free(ssl);
CyaSSL_CTX_free(ctx);
}
#endif /* HAVE_MAX_FRAGMENT */
#ifdef HAVE_TRUNCATED_HMAC
static void test_CyaSSL_UseTruncatedHMAC(void)
{
CYASSL_CTX *ctx = CyaSSL_CTX_new(CyaSSLv23_client_method());
CYASSL *ssl = CyaSSL_new(ctx);
AssertNotNull(ctx);
AssertNotNull(ssl);
/* error cases */
AssertIntNE(SSL_SUCCESS, CyaSSL_CTX_UseTruncatedHMAC(NULL));
AssertIntNE(SSL_SUCCESS, CyaSSL_UseTruncatedHMAC(NULL));
/* success case */
AssertIntEQ(SSL_SUCCESS, CyaSSL_CTX_UseTruncatedHMAC(ctx));
AssertIntEQ(SSL_SUCCESS, CyaSSL_UseTruncatedHMAC(ssl));
CyaSSL_free(ssl);
CyaSSL_CTX_free(ctx);
}
#endif /* HAVE_TRUNCATED_HMAC */
#ifdef HAVE_SUPPORTED_CURVES
static void test_CyaSSL_UseSupportedCurve(void)
{
CYASSL_CTX *ctx = CyaSSL_CTX_new(CyaSSLv23_client_method());
CYASSL *ssl = CyaSSL_new(ctx);
AssertNotNull(ctx);
AssertNotNull(ssl);
#ifndef NO_CYASSL_CLIENT
/* error cases */
AssertIntNE(SSL_SUCCESS,
CyaSSL_CTX_UseSupportedCurve(NULL, CYASSL_ECC_SECP160R1));
AssertIntNE(SSL_SUCCESS, CyaSSL_CTX_UseSupportedCurve(ctx, 0));
AssertIntNE(SSL_SUCCESS,
CyaSSL_UseSupportedCurve(NULL, CYASSL_ECC_SECP160R1));
AssertIntNE(SSL_SUCCESS, CyaSSL_UseSupportedCurve(ssl, 0));
/* success case */
AssertIntEQ(SSL_SUCCESS,
CyaSSL_CTX_UseSupportedCurve(ctx, CYASSL_ECC_SECP160R1));
AssertIntEQ(SSL_SUCCESS,
CyaSSL_UseSupportedCurve(ssl, CYASSL_ECC_SECP160R1));
#endif
CyaSSL_free(ssl);
CyaSSL_CTX_free(ctx);
}
#endif /* HAVE_SUPPORTED_CURVES */
#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
/* Helper for testing CyaSSL_CTX_use_certificate_file() */
int test_ucf(CYASSL_CTX *ctx, const char* file, int type, int cond,
const char* name)
@ -237,6 +652,8 @@ int test_CyaSSL_CTX_use_certificate_file(void)
failure */
/* Then set the parameters to legit values but set each item to
bogus and call again. Finish with a successful success. */
/* If the build is configured to not have RSA, loading the
certificate files will fail. */
test_ucf(NULL, NULL, 9999, SSL_FAILURE,
"CyaSSL_CTX_use_certificate_file(NULL, NULL, 9999)");
@ -246,8 +663,13 @@ int test_CyaSSL_CTX_use_certificate_file(void)
"CyaSSL_CTX_use_certificate_file(ctx, bogusFile, SSL_FILETYPE_PEM)");
test_ucf(ctx, svrCert, 9999, SSL_FAILURE,
"CyaSSL_CTX_use_certificate_file(ctx, svrCert, 9999)");
#ifndef NO_RSA
test_ucf(ctx, svrCert, SSL_FILETYPE_PEM, SSL_SUCCESS,
"CyaSSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM)");
#else
test_ucf(ctx, svrCert, SSL_FILETYPE_PEM, SSL_FAILURE,
"NO_RSA: CyaSSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM)");
#endif
CyaSSL_CTX_free(ctx);
return TEST_SUCCESS;
@ -358,13 +780,20 @@ int test_CyaSSL_CTX_load_verify_locations(void)
/* Add a test for the certs directory path loading. */
/* There is a leak here. If you load a second cert, the first one
is lost. */
#ifndef NO_RSA
test_lvl(ctx, caCert, 0, SSL_SUCCESS,
"CyaSSL_CTX_load_verify_locations(ctx, caCert, 0)");
#else
test_lvl(ctx, caCert, 0, SSL_FAILURE,
"NO_RSA: CyaSSL_CTX_load_verify_locations(ctx, caCert, 0)");
#endif
CyaSSL_CTX_free(ctx);
return TEST_SUCCESS;
}
#ifndef NO_RSA
int test_server_CyaSSL_new(void)
{
int result;
@ -504,6 +933,8 @@ int test_client_CyaSSL_new(void)
}
#ifndef SINGLE_THREADED
static int test_CyaSSL_read_write(void)
{
/* The unit testing for read and write shall happen simutaneously, since
@ -535,6 +966,7 @@ static int test_CyaSSL_read_write(void)
InitTcpReady(&ready);
server_args.signal = &ready;
client_args.signal = &ready;
start_thread(test_server_nofail, &server_args, &serverThread);
wait_tcp_ready(&server_args);
test_client_nofail(&client_args);
@ -554,13 +986,15 @@ static int test_CyaSSL_read_write(void)
FreeTcpReady(&ready);
return test_result;
};
}
#endif
THREAD_RETURN CYASSL_THREAD test_server_nofail(void* args)
{
SOCKET_T sockfd = 0;
int clientfd = 0;
SOCKET_T clientfd = 0;
word16 port = yasslPort;
CYASSL_METHOD* method = 0;
CYASSL_CTX* ctx = 0;
@ -574,6 +1008,11 @@ THREAD_RETURN CYASSL_THREAD test_server_nofail(void* args)
method = CyaSSLv23_server_method();
ctx = CyaSSL_CTX_new(method);
#if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) && \
!defined(CYASSL_SNIFFER) && !defined(CYASSL_MDK_SHELL)
port = 0;
#endif
CyaSSL_CTX_set_verify(ctx,
SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0);
@ -584,45 +1023,45 @@ THREAD_RETURN CYASSL_THREAD test_server_nofail(void* args)
if (CyaSSL_CTX_load_verify_locations(ctx, cliCert, 0) != SSL_SUCCESS)
{
/*err_sys("can't load ca file, Please run from CyaSSL home dir");*/
return 0;
goto done;
}
if (CyaSSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM)
!= SSL_SUCCESS)
{
/*err_sys("can't load server cert chain file, "
"Please run from CyaSSL home dir");*/
return 0;
goto done;
}
if (CyaSSL_CTX_use_PrivateKey_file(ctx, svrKey, SSL_FILETYPE_PEM)
!= SSL_SUCCESS)
{
/*err_sys("can't load server key file, "
"Please run from CyaSSL home dir");*/
return 0;
goto done;
}
ssl = CyaSSL_new(ctx);
tcp_accept(&sockfd, &clientfd, (func_args*)args, yasslPort, 0, 0);
tcp_accept(&sockfd, &clientfd, (func_args*)args, port, 0, 0);
CloseSocket(sockfd);
CyaSSL_set_fd(ssl, clientfd);
#ifdef NO_PSK
#if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA)
#if !defined(NO_FILESYSTEM) && !defined(NO_DH)
CyaSSL_SetTmpDH_file(ssl, dhParam, SSL_FILETYPE_PEM);
#else
#elif !defined(NO_DH)
SetDH(ssl); /* will repick suites with DHE, higher priority than PSK */
#endif
#endif
if (CyaSSL_accept(ssl) != SSL_SUCCESS)
{
int err = CyaSSL_get_error(ssl, 0);
char buffer[80];
char buffer[CYASSL_MAX_ERROR_SZ];
printf("error = %d, %s\n", err, CyaSSL_ERR_error_string(err, buffer));
/*err_sys("SSL_accept failed");*/
return 0;
goto done;
}
idx = CyaSSL_read(ssl, input, sizeof(input));
idx = CyaSSL_read(ssl, input, sizeof(input)-1);
if (idx > 0) {
input[idx] = 0;
printf("Client message: %s\n", input);
@ -634,6 +1073,7 @@ THREAD_RETURN CYASSL_THREAD test_server_nofail(void* args)
return 0;
}
done:
CyaSSL_shutdown(ssl);
CyaSSL_free(ssl);
CyaSSL_CTX_free(ctx);
@ -654,10 +1094,7 @@ void test_client_nofail(void* args)
char msg[64] = "hello cyassl!";
char reply[1024];
int input;
int msgSz = strlen(msg);
int argc = ((func_args*)args)->argc;
char** argv = ((func_args*)args)->argv;
int msgSz = (int)strlen(msg);
((func_args*)args)->return_code = TEST_FAIL;
method = CyaSSLv23_client_method();
@ -670,56 +1107,234 @@ void test_client_nofail(void* args)
if (CyaSSL_CTX_load_verify_locations(ctx, caCert, 0) != SSL_SUCCESS)
{
/* err_sys("can't load ca file, Please run from CyaSSL home dir");*/
return;
goto done2;
}
if (CyaSSL_CTX_use_certificate_file(ctx, cliCert, SSL_FILETYPE_PEM)
!= SSL_SUCCESS)
{
/*err_sys("can't load client cert file, "
"Please run from CyaSSL home dir");*/
return;
goto done2;
}
if (CyaSSL_CTX_use_PrivateKey_file(ctx, cliKey, SSL_FILETYPE_PEM)
!= SSL_SUCCESS)
{
/*err_sys("can't load client key file, "
"Please run from CyaSSL home dir");*/
return;
goto done2;
}
tcp_connect(&sockfd, yasslIP, yasslPort, 0);
tcp_connect(&sockfd, yasslIP, ((func_args*)args)->signal->port, 0);
ssl = CyaSSL_new(ctx);
CyaSSL_set_fd(ssl, sockfd);
if (CyaSSL_connect(ssl) != SSL_SUCCESS)
{
int err = CyaSSL_get_error(ssl, 0);
char buffer[80];
char buffer[CYASSL_MAX_ERROR_SZ];
printf("err = %d, %s\n", err, CyaSSL_ERR_error_string(err, buffer));
/*printf("SSL_connect failed");*/
return;
goto done2;
}
if (CyaSSL_write(ssl, msg, msgSz) != msgSz)
{
/*err_sys("SSL_write failed");*/
return;
goto done2;
}
input = CyaSSL_read(ssl, reply, sizeof(reply));
input = CyaSSL_read(ssl, reply, sizeof(reply)-1);
if (input > 0)
{
reply[input] = 0;
printf("Server response: %s\n", reply);
}
done2:
CyaSSL_free(ssl);
CyaSSL_CTX_free(ctx);
CloseSocket(sockfd);
((func_args*)args)->return_code = TEST_SUCCESS;
return;
}
void run_cyassl_client(void* args)
{
callback_functions* callbacks = ((func_args*)args)->callbacks;
CYASSL_CTX* ctx = CyaSSL_CTX_new(callbacks->method());
CYASSL* ssl = NULL;
SOCKET_T sfd = 0;
char msg[] = "hello cyassl server!";
int len = (int) XSTRLEN(msg);
char input[1024];
int idx;
((func_args*)args)->return_code = TEST_FAIL;
#ifdef OPENSSL_EXTRA
CyaSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
AssertIntEQ(SSL_SUCCESS, CyaSSL_CTX_load_verify_locations(ctx, caCert, 0));
AssertIntEQ(SSL_SUCCESS,
CyaSSL_CTX_use_certificate_file(ctx, cliCert, SSL_FILETYPE_PEM));
AssertIntEQ(SSL_SUCCESS,
CyaSSL_CTX_use_PrivateKey_file(ctx, cliKey, SSL_FILETYPE_PEM));
if (callbacks->ctx_ready)
callbacks->ctx_ready(ctx);
tcp_connect(&sfd, yasslIP, ((func_args*)args)->signal->port, 0);
ssl = CyaSSL_new(ctx);
CyaSSL_set_fd(ssl, sfd);
if (callbacks->ssl_ready)
callbacks->ssl_ready(ssl);
if (CyaSSL_connect(ssl) != SSL_SUCCESS) {
int err = CyaSSL_get_error(ssl, 0);
char buffer[CYASSL_MAX_ERROR_SZ];
printf("error = %d, %s\n", err, CyaSSL_ERR_error_string(err, buffer));
} else {
AssertIntEQ(len, CyaSSL_write(ssl, msg, len));
if (0 < (idx = CyaSSL_read(ssl, input, sizeof(input)-1))) {
input[idx] = 0;
printf("Server response: %s\n", input);
}
}
if (callbacks->on_result)
callbacks->on_result(ssl);
CyaSSL_free(ssl);
CyaSSL_CTX_free(ctx);
CloseSocket(sfd);
((func_args*)args)->return_code = TEST_SUCCESS;
}
THREAD_RETURN CYASSL_THREAD run_cyassl_server(void* args)
{
callback_functions* callbacks = ((func_args*)args)->callbacks;
CYASSL_CTX* ctx = CyaSSL_CTX_new(callbacks->method());
CYASSL* ssl = NULL;
SOCKET_T sfd = 0;
SOCKET_T cfd = 0;
word16 port = yasslPort;
char msg[] = "I hear you fa shizzle!";
int len = (int) XSTRLEN(msg);
char input[1024];
int idx;
((func_args*)args)->return_code = TEST_FAIL;
#if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) && \
!defined(CYASSL_SNIFFER) && !defined(CYASSL_MDK_SHELL)
port = 0;
#endif
CyaSSL_CTX_set_verify(ctx,
SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0);
#ifdef OPENSSL_EXTRA
CyaSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
#endif
AssertIntEQ(SSL_SUCCESS, CyaSSL_CTX_load_verify_locations(ctx, cliCert, 0));
AssertIntEQ(SSL_SUCCESS,
CyaSSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM));
AssertIntEQ(SSL_SUCCESS,
CyaSSL_CTX_use_PrivateKey_file(ctx, svrKey, SSL_FILETYPE_PEM));
if (callbacks->ctx_ready)
callbacks->ctx_ready(ctx);
ssl = CyaSSL_new(ctx);
tcp_accept(&sfd, &cfd, (func_args*)args, port, 0, 0);
CloseSocket(sfd);
CyaSSL_set_fd(ssl, cfd);
#ifdef NO_PSK
#if !defined(NO_FILESYSTEM) && !defined(NO_DH)
CyaSSL_SetTmpDH_file(ssl, dhParam, SSL_FILETYPE_PEM);
#elif !defined(NO_DH)
SetDH(ssl); /* will repick suites with DHE, higher priority than PSK */
#endif
#endif
if (callbacks->ssl_ready)
callbacks->ssl_ready(ssl);
/* AssertIntEQ(SSL_SUCCESS, CyaSSL_accept(ssl)); */
if (CyaSSL_accept(ssl) != SSL_SUCCESS) {
int err = CyaSSL_get_error(ssl, 0);
char buffer[CYASSL_MAX_ERROR_SZ];
printf("error = %d, %s\n", err, CyaSSL_ERR_error_string(err, buffer));
} else {
if (0 < (idx = CyaSSL_read(ssl, input, sizeof(input)-1))) {
input[idx] = 0;
printf("Client message: %s\n", input);
}
AssertIntEQ(len, CyaSSL_write(ssl, msg, len));
CyaSSL_shutdown(ssl);
}
if (callbacks->on_result)
callbacks->on_result(ssl);
CyaSSL_free(ssl);
CyaSSL_CTX_free(ctx);
CloseSocket(cfd);
((func_args*)args)->return_code = TEST_SUCCESS;
return 0;
}
void test_CyaSSL_client_server(callback_functions* client_callbacks,
callback_functions* server_callbacks)
{
tcp_ready ready;
func_args client_args;
func_args server_args;
THREAD_TYPE serverThread;
StartTCP();
client_args.callbacks = client_callbacks;
server_args.callbacks = server_callbacks;
/* RUN Server side */
InitTcpReady(&ready);
server_args.signal = &ready;
client_args.signal = &ready;
start_thread(run_cyassl_server, &server_args, &serverThread);
wait_tcp_ready(&server_args);
/* RUN Client side */
run_cyassl_client(&client_args);
join_thread(serverThread);
FreeTcpReady(&ready);
}
#endif /* SINGLE_THREADED*/
#endif /* NO_FILESYSTEM */

344
FreeRTOS-Plus/Source/CyaSSL/tests/hash.c
View file

@ -1,6 +1,6 @@
/* hash.c has unit tests
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,13 +16,15 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
#include <stdio.h>
#include <cyassl/ctaocrypt/md4.h>
@ -36,8 +38,8 @@
#include <tests/unit.h>
typedef struct testVector {
char* input;
char* output;
const char* input;
const char* output;
size_t inLen;
size_t outLen;
} testVector;
@ -49,7 +51,10 @@ int sha256_test(void);
int sha512_test(void);
int sha384_test(void);
int ripemd_test(void);
int hmac_test(void);
int hmac_md5_test(void);
int hmac_sha_test(void);
int hmac_sha256_test(void);
int hmac_sha384_test(void);
int HashTest(void)
{
@ -65,17 +70,21 @@ int HashTest(void)
printf( " MD4 test passed!\n");
#endif
#ifndef NO_MD5
if ( (ret = md5_test()) ) {
printf( " MD5 test failed!\n");
return ret;
} else
printf( " MD5 test passed!\n");
#endif
#ifndef NO_SHA
if ( (ret = sha_test()) ) {
printf( " SHA test failed!\n");
return ret;
} else
printf( " SHA test passed!\n");
#endif
#ifndef NO_SHA256
if ( (ret = sha256_test()) ) {
@ -110,11 +119,32 @@ int HashTest(void)
#endif
#ifndef NO_HMAC
if ( (ret = hmac_test()) ) {
printf( " HMAC test failed!\n");
return ret;
} else
printf( " HMAC test passed!\n");
#ifndef NO_MD5
if ( (ret = hmac_md5_test()) ) {
printf( " HMAC-MD5 test failed!\n");
return ret;
} else
printf( " HMAC-MD5 test passed!\n");
#endif
if ( (ret = hmac_sha_test()) )
printf( " HMAC-SHA test failed!\n");
else
printf( " HMAC-SHA test passed!\n");
#ifndef NO_SHA256
if ( (ret = hmac_sha256_test()) )
printf( " HMAC-SHA256 test failed!\n");
else
printf( " HMAC-SHA256 test passed!\n");
#endif
#ifdef CYASSL_SHA384
if ( (ret = hmac_sha384_test()) )
printf( " HMAC-SHA384 test failed!\n");
else
printf( " HMAC-SHA384 test passed!\n");
#endif
#endif
printf(" End HASH Tests\n");
@ -200,6 +230,8 @@ int md4_test(void)
#endif /* NO_MD4 */
#ifndef NO_MD5
int md5_test(void)
{
Md5 md5;
@ -260,6 +292,9 @@ int md5_test(void)
return 0;
}
#endif /* NO_MD5 */
#ifndef NO_SHA
int sha_test(void)
{
Sha sha;
@ -267,6 +302,7 @@ int sha_test(void)
testVector a, b, c, d;
testVector test_sha[4];
int ret = 0;
int times = sizeof(test_sha) / sizeof(struct testVector), i;
a.input = "abc";
@ -301,7 +337,9 @@ int sha_test(void)
test_sha[2] = c;
test_sha[3] = d;
InitSha(&sha);
ret = InitSha(&sha);
if (ret != 0)
return ret;
for (i = 0; i < times; ++i) {
ShaUpdate(&sha, (byte*)test_sha[i].input, (word32)test_sha[i].inLen);
@ -313,6 +351,7 @@ int sha_test(void)
return 0;
}
#endif /* NO_SHA */
#ifndef NO_SHA256
int sha256_test(void)
@ -322,6 +361,7 @@ int sha256_test(void)
testVector a, b;
testVector test_sha[2];
int ret;
int times = sizeof(test_sha) / sizeof(struct testVector), i;
a.input = "abc";
@ -341,11 +381,18 @@ int sha256_test(void)
test_sha[0] = a;
test_sha[1] = b;
InitSha256(&sha);
ret = InitSha256(&sha);
if (ret != 0)
return ret;
for (i = 0; i < times; ++i) {
Sha256Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen);
Sha256Final(&sha, hash);
ret = Sha256Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen);
if (ret != 0)
return ret;
ret = Sha256Final(&sha, hash);
if (ret != 0)
return ret;
if (memcmp(hash, test_sha[i].output, SHA256_DIGEST_SIZE) != 0)
return -10 - i;
@ -364,6 +411,7 @@ int sha512_test(void)
testVector a, b;
testVector test_sha[2];
int times = sizeof(test_sha) / sizeof(struct testVector), i;
int ret;
a.input = "abc";
a.output = "\xdd\xaf\x35\xa1\x93\x61\x7a\xba\xcc\x41\x73\x49\xae\x20\x41"
@ -387,11 +435,18 @@ int sha512_test(void)
test_sha[0] = a;
test_sha[1] = b;
InitSha512(&sha);
ret = InitSha512(&sha);
if (ret != 0)
return ret;
for (i = 0; i < times; ++i) {
Sha512Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen);
Sha512Final(&sha, hash);
ret = Sha512Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen);
if (ret != 0)
return ret;
ret = Sha512Final(&sha, hash);
if (ret != 0)
return ret;
if (memcmp(hash, test_sha[i].output, SHA512_DIGEST_SIZE) != 0)
return -10 - i;
@ -410,6 +465,7 @@ int sha384_test()
testVector a, b;
testVector test_sha[2];
int times = sizeof(test_sha) / sizeof(struct testVector), i;
int ret;
a.input = "abc";
a.output = "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50"
@ -431,11 +487,18 @@ int sha384_test()
test_sha[0] = a;
test_sha[1] = b;
InitSha384(&sha);
ret = InitSha384(&sha);
if (ret != 0)
return ret;
for (i = 0; i < times; ++i) {
Sha384Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen);
Sha384Final(&sha, hash);
ret = Sha384Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen);
if (ret != 0)
return ret;
ret = Sha384Final(&sha, hash);
if (ret != 0)
return ret;
if (memcmp(hash, test_sha[i].output, SHA384_DIGEST_SIZE) != 0)
return -10 - i;
@ -500,8 +563,8 @@ int ripemd_test(void)
}
#endif /* CYASSL_RIPEMD */
#ifndef NO_HMAC
int hmac_test(void)
#if !defined(NO_HMAC) && !defined(NO_MD5)
int hmac_md5_test(void)
{
Hmac hmac;
byte hash[MD5_DIGEST_SIZE];
@ -516,6 +579,7 @@ int hmac_test(void)
testVector a, b, c;
testVector test_hmac[3];
int ret;
int times = sizeof(test_hmac) / sizeof(testVector), i;
a.input = "Hi There";
@ -544,10 +608,20 @@ int hmac_test(void)
test_hmac[2] = c;
for (i = 0; i < times; ++i) {
HmacSetKey(&hmac, MD5, (byte*)keys[i], (word32)strlen(keys[i]));
HmacUpdate(&hmac, (byte*)test_hmac[i].input,
#if defined(HAVE_FIPS)
if (i == 1)
continue; /* fips not allowed */
#endif
ret = HmacSetKey(&hmac, MD5, (byte*)keys[i], (word32)strlen(keys[i]));
if (ret != 0)
return -4014;
ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
(word32)test_hmac[i].inLen);
HmacFinal(&hmac, hash);
if (ret != 0)
return -4015;
ret = HmacFinal(&hmac, hash);
if (ret != 0)
return -4016;
if (memcmp(hash, test_hmac[i].output, MD5_DIGEST_SIZE) != 0)
return -20 - i;
@ -557,3 +631,223 @@ int hmac_test(void)
}
#endif
#ifndef NO_HMAC
int hmac_sha_test(void)
{
Hmac hmac;
byte hash[SHA_DIGEST_SIZE];
const char* keys[]=
{
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
"\x0b\x0b\x0b",
"Jefe",
"\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
"\xAA\xAA\xAA"
};
testVector a, b, c;
testVector test_hmac[3];
int ret;
int times = sizeof(test_hmac) / sizeof(testVector), i;
a.input = "Hi There";
a.output = "\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6\xfb\x37\x8c"
"\x8e\xf1\x46\xbe\x00";
a.inLen = strlen(a.input);
a.outLen = strlen(a.output);
b.input = "what do ya want for nothing?";
b.output = "\xef\xfc\xdf\x6a\xe5\xeb\x2f\xa2\xd2\x74\x16\xd5\xf1\x84\xdf"
"\x9c\x25\x9a\x7c\x79";
b.inLen = strlen(b.input);
b.outLen = strlen(b.output);
c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
"\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
"\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
"\xDD\xDD\xDD\xDD\xDD\xDD";
c.output = "\x12\x5d\x73\x42\xb9\xac\x11\xcd\x91\xa3\x9a\xf4\x8a\xa1\x7b"
"\x4f\x63\xf1\x75\xd3";
c.inLen = strlen(c.input);
c.outLen = strlen(c.output);
test_hmac[0] = a;
test_hmac[1] = b;
test_hmac[2] = c;
for (i = 0; i < times; ++i) {
#if defined(HAVE_FIPS)
if (i == 1)
continue; /* fips not allowed */
#endif
ret = HmacSetKey(&hmac, SHA, (byte*)keys[i], (word32)strlen(keys[i]));
if (ret != 0)
return -4017;
ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
(word32)test_hmac[i].inLen);
if (ret != 0)
return -4018;
ret = HmacFinal(&hmac, hash);
if (ret != 0)
return -4019;
if (memcmp(hash, test_hmac[i].output, SHA_DIGEST_SIZE) != 0)
return -20 - i;
}
return 0;
}
#endif
#if !defined(NO_HMAC) && !defined(NO_SHA256)
int hmac_sha256_test(void)
{
Hmac hmac;
byte hash[SHA256_DIGEST_SIZE];
const char* keys[]=
{
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
"\x0b\x0b\x0b",
"Jefe",
"\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
"\xAA\xAA\xAA"
};
testVector a, b, c;
testVector test_hmac[3];
int ret;
int times = sizeof(test_hmac) / sizeof(testVector), i;
a.input = "Hi There";
a.output = "\xb0\x34\x4c\x61\xd8\xdb\x38\x53\x5c\xa8\xaf\xce\xaf\x0b\xf1"
"\x2b\x88\x1d\xc2\x00\xc9\x83\x3d\xa7\x26\xe9\x37\x6c\x2e\x32"
"\xcf\xf7";
a.inLen = strlen(a.input);
a.outLen = strlen(a.output);
b.input = "what do ya want for nothing?";
b.output = "\x5b\xdc\xc1\x46\xbf\x60\x75\x4e\x6a\x04\x24\x26\x08\x95\x75"
"\xc7\x5a\x00\x3f\x08\x9d\x27\x39\x83\x9d\xec\x58\xb9\x64\xec"
"\x38\x43";
b.inLen = strlen(b.input);
b.outLen = strlen(b.output);
c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
"\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
"\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
"\xDD\xDD\xDD\xDD\xDD\xDD";
c.output = "\x77\x3e\xa9\x1e\x36\x80\x0e\x46\x85\x4d\xb8\xeb\xd0\x91\x81"
"\xa7\x29\x59\x09\x8b\x3e\xf8\xc1\x22\xd9\x63\x55\x14\xce\xd5"
"\x65\xfe";
c.inLen = strlen(c.input);
c.outLen = strlen(c.output);
test_hmac[0] = a;
test_hmac[1] = b;
test_hmac[2] = c;
for (i = 0; i < times; ++i) {
#if defined(HAVE_FIPS)
if (i == 1)
continue; /* fips not allowed */
#endif
ret = HmacSetKey(&hmac,SHA256, (byte*)keys[i], (word32)strlen(keys[i]));
if (ret != 0)
return -4020;
ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
(word32)test_hmac[i].inLen);
if (ret != 0)
return -4021;
ret = HmacFinal(&hmac, hash);
if (ret != 0)
return -4022;
if (memcmp(hash, test_hmac[i].output, SHA256_DIGEST_SIZE) != 0)
return -20 - i;
}
return 0;
}
#endif
#if !defined(NO_HMAC) && defined(CYASSL_SHA384)
int hmac_sha384_test(void)
{
Hmac hmac;
byte hash[SHA384_DIGEST_SIZE];
const char* keys[]=
{
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
"\x0b\x0b\x0b",
"Jefe",
"\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
"\xAA\xAA\xAA"
};
testVector a, b, c;
testVector test_hmac[3];
int ret;
int times = sizeof(test_hmac) / sizeof(testVector), i;
a.input = "Hi There";
a.output = "\xaf\xd0\x39\x44\xd8\x48\x95\x62\x6b\x08\x25\xf4\xab\x46\x90"
"\x7f\x15\xf9\xda\xdb\xe4\x10\x1e\xc6\x82\xaa\x03\x4c\x7c\xeb"
"\xc5\x9c\xfa\xea\x9e\xa9\x07\x6e\xde\x7f\x4a\xf1\x52\xe8\xb2"
"\xfa\x9c\xb6";
a.inLen = strlen(a.input);
a.outLen = strlen(a.output);
b.input = "what do ya want for nothing?";
b.output = "\xaf\x45\xd2\xe3\x76\x48\x40\x31\x61\x7f\x78\xd2\xb5\x8a\x6b"
"\x1b\x9c\x7e\xf4\x64\xf5\xa0\x1b\x47\xe4\x2e\xc3\x73\x63\x22"
"\x44\x5e\x8e\x22\x40\xca\x5e\x69\xe2\xc7\x8b\x32\x39\xec\xfa"
"\xb2\x16\x49";
b.inLen = strlen(b.input);
b.outLen = strlen(b.output);
c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
"\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
"\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
"\xDD\xDD\xDD\xDD\xDD\xDD";
c.output = "\x88\x06\x26\x08\xd3\xe6\xad\x8a\x0a\xa2\xac\xe0\x14\xc8\xa8"
"\x6f\x0a\xa6\x35\xd9\x47\xac\x9f\xeb\xe8\x3e\xf4\xe5\x59\x66"
"\x14\x4b\x2a\x5a\xb3\x9d\xc1\x38\x14\xb9\x4e\x3a\xb6\xe1\x01"
"\xa3\x4f\x27";
c.inLen = strlen(c.input);
c.outLen = strlen(c.output);
test_hmac[0] = a;
test_hmac[1] = b;
test_hmac[2] = c;
for (i = 0; i < times; ++i) {
#if defined(HAVE_FIPS)
if (i == 1)
continue; /* fips not allowed */
#endif
ret = HmacSetKey(&hmac,SHA384, (byte*)keys[i], (word32)strlen(keys[i]));
if (ret != 0)
return -4023;
ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
(word32)test_hmac[i].inLen);
if (ret != 0)
return -4024;
ret = HmacFinal(&hmac, hash);
if (ret != 0)
return -4025;
if (memcmp(hash, test_hmac[i].output, SHA384_DIGEST_SIZE) != 0)
return -20 - i;
}
return 0;
}
#endif

33
FreeRTOS-Plus/Source/CyaSSL/tests/include.am
View file

@ -3,26 +3,21 @@
# All paths should be given relative to the root
check_PROGRAMS += tests/unit
noinst_PROGRAMS += tests/unit
tests_unit_SOURCES = \
tests/unit.c \
tests/api.c \
tests/suites.c \
if BUILD_EXAMPLES
check_PROGRAMS += tests/unit.test
noinst_PROGRAMS += tests/unit.test
tests_unit_test_SOURCES = \
tests/unit.c \
tests/api.c \
tests/suites.c \
tests/hash.c \
examples/client/client.c \
examples/server/server.c
tests_unit_CFLAGS = -DNO_MAIN_DRIVER $(AM_CFLAGS) $(PTHREAD_CFLAGS)
tests_unit_LDADD = src/libcyassl.la $(PTHREAD_LIBS)
tests_unit_DEPENDENCIES = src/libcyassl.la
examples/client/client.c \
examples/server/server.c
tests_unit_test_CFLAGS = -DNO_MAIN_DRIVER $(AM_CFLAGS)
tests_unit_test_LDADD = src/libcyassl.la
tests_unit_test_DEPENDENCIES = src/libcyassl.la
endif
EXTRA_DIST += tests/unit.h
EXTRA_DIST += tests/test.conf \
tests/test-openssl.conf \
tests/test-hc128.conf \
tests/test-psk.conf \
tests/test-ntru.conf \
tests/test-ecc.conf \
tests/test-aesgcm.conf \
tests/test-aesgcm-ecc.conf \
tests/test-aesgcm-openssl.conf \
tests/test-dtls.conf
DISTCLEANFILES+= tests/.libs/unit.test

320
FreeRTOS-Plus/Source/CyaSSL/tests/suites.c
View file

@ -1,6 +1,6 @@
/* suites.c
*
* Copyright (C) 2006-2012 Sawtooth Consulting Ltd.
* Copyright (C) 2006-2014 wolfSSL Inc.
*
* This file is part of CyaSSL.
*
@ -16,46 +16,207 @@
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <cyassl/ssl.h>
#include <tests/unit.h>
#define MAX_ARGS 40
#define MAX_COMMAND_SZ 240
#define MAX_SUITE_SZ 80
#define NOT_BUILT_IN -123
#ifdef NO_OLD_TLS
#define VERSION_TOO_OLD -124
#endif
#include "examples/client/client.h"
#include "examples/server/server.h"
void client_test(void*);
THREAD_RETURN CYASSL_THREAD server_test(void*);
static CYASSL_CTX* cipherSuiteCtx = NULL;
static char nonblockFlag[] = "-N";
static char noVerifyFlag[] = "-d";
static char portFlag[] = "-p";
static char flagSep[] = " ";
static char svrPort[] = "0";
static void execute_test_case(int svr_argc, char** svr_argv,
int cli_argc, char** cli_argv)
#ifdef NO_OLD_TLS
/* if the protocol version is less than tls 1.2 return 1, else 0 */
static int IsOldTlsVersion(const char* line)
{
func_args cliArgs = {cli_argc, cli_argv, 0, NULL};
func_args svrArgs = {svr_argc, svr_argv, 0, NULL};
const char* find = "-v ";
char* begin = strstr(line, find);
if (begin) {
int version = -1;
begin += 3;
version = atoi(begin);
if (version < 3)
return 1;
}
return 0;
}
#endif /* NO_OLD_TLS */
/* if the cipher suite on line is valid store in suite and return 1, else 0 */
static int IsValidCipherSuite(const char* line, char* suite)
{
int found = 0;
int valid = 0;
const char* find = "-l ";
const char* begin = strstr(line, find);
const char* end;
suite[0] = '\0';
if (begin) {
begin += 3;
end = strstr(begin, " ");
if (end) {
long len = end - begin;
if (len > MAX_SUITE_SZ) {
printf("suite too long!\n");
return 0;
}
memcpy(suite, begin, len);
suite[len] = '\0';
}
else
strncpy(suite, begin, MAX_SUITE_SZ);
suite[MAX_SUITE_SZ] = '\0';
found = 1;
}
if (found) {
if (CyaSSL_CTX_set_cipher_list(cipherSuiteCtx, suite) == SSL_SUCCESS)
valid = 1;
}
return valid;
}
static int execute_test_case(int svr_argc, char** svr_argv,
int cli_argc, char** cli_argv,
int addNoVerify, int addNonBlocking)
{
func_args cliArgs = {cli_argc, cli_argv, 0, NULL, NULL};
func_args svrArgs = {svr_argc, svr_argv, 0, NULL, NULL};
tcp_ready ready;
THREAD_TYPE serverThread;
char commandLine[MAX_COMMAND_SZ];
char cipherSuite[MAX_SUITE_SZ+1];
int i;
size_t added = 0;
static int tests = 1;
commandLine[0] = '\0';
for (i = 0; i < svr_argc; i++) {
added += strlen(svr_argv[i]) + 2;
if (added >= MAX_COMMAND_SZ) {
printf("server command line too long\n");
break;
}
strcat(commandLine, svr_argv[i]);
strcat(commandLine, " ");
strcat(commandLine, flagSep);
}
if (IsValidCipherSuite(commandLine, cipherSuite) == 0) {
#ifdef DEBUG_SUITE_TESTS
printf("cipher suite %s not supported in build\n", cipherSuite);
#endif
return NOT_BUILT_IN;
}
#ifdef NO_OLD_TLS
if (IsOldTlsVersion(commandLine) == 1) {
#ifdef DEBUG_SUITE_TESTS
printf("protocol version on line %s is too old\n", commandLine);
#endif
return VERSION_TOO_OLD;
}
#endif
if (addNoVerify) {
printf("repeating test with client cert request off\n");
added += 4; /* -d plus space plus terminator */
if (added >= MAX_COMMAND_SZ || svr_argc >= MAX_ARGS)
printf("server command line too long\n");
else {
svr_argv[svr_argc++] = noVerifyFlag;
svrArgs.argc = svr_argc;
strcat(commandLine, noVerifyFlag);
strcat(commandLine, flagSep);
}
}
if (addNonBlocking) {
printf("repeating test with non blocking on\n");
added += 4; /* -N plus terminator */
if (added >= MAX_COMMAND_SZ || svr_argc >= MAX_ARGS)
printf("server command line too long\n");
else {
svr_argv[svr_argc++] = nonblockFlag;
svrArgs.argc = svr_argc;
strcat(commandLine, nonblockFlag);
strcat(commandLine, flagSep);
}
}
#ifndef USE_WINDOWS_API
/* add port 0 */
if (svr_argc + 2 > MAX_ARGS)
printf("cannot add the magic port number flag to server\n");
else
{
svr_argv[svr_argc++] = portFlag;
svr_argv[svr_argc++] = svrPort;
svrArgs.argc = svr_argc;
}
#endif
printf("trying server command line[%d]: %s\n", tests, commandLine);
commandLine[0] = '\0';
added = 0;
for (i = 0; i < cli_argc; i++) {
added += strlen(cli_argv[i]) + 2;
if (added >= MAX_COMMAND_SZ) {
printf("client command line too long\n");
break;
}
strcat(commandLine, cli_argv[i]);
strcat(commandLine, " ");
strcat(commandLine, flagSep);
}
if (addNonBlocking) {
added += 4; /* -N plus space plus terminator */
if (added >= MAX_COMMAND_SZ)
printf("client command line too long\n");
else {
cli_argv[cli_argc++] = nonblockFlag;
strcat(commandLine, nonblockFlag);
strcat(commandLine, flagSep);
cliArgs.argc = cli_argc;
}
}
printf("trying client command line[%d]: %s\n", tests++, commandLine);
@ -65,7 +226,20 @@ static void execute_test_case(int svr_argc, char** svr_argv,
svrArgs.signal = &ready;
start_thread(server_test, &svrArgs, &serverThread);
wait_tcp_ready(&svrArgs);
#ifndef USE_WINDOWS_API
if (ready.port != 0)
{
if (cli_argc + 2 > MAX_ARGS)
printf("cannot add the magic port number flag to client\n");
else {
char portNumber[8];
snprintf(portNumber, sizeof(portNumber), "%d", ready.port);
cli_argv[cli_argc++] = portFlag;
cli_argv[cli_argc++] = portNumber;
cliArgs.argc = cli_argc;
}
}
#endif
/* start client */
client_test(&cliArgs);
@ -82,15 +256,17 @@ static void execute_test_case(int svr_argc, char** svr_argv,
}
FreeTcpReady(&ready);
return 0;
}
void test_harness(void* vargs)
static void test_harness(void* vargs)
{
func_args* args = (func_args*)vargs;
char* script;
long sz, len;
int cliMode = 0; /* server or client command flag, server first */
int ret;
FILE* file;
char* svrArgs[MAX_ARGS];
int svrArgsSz;
@ -98,8 +274,7 @@ void test_harness(void* vargs)
int cliArgsSz;
char* cursor;
char* comment;
char* fname = "tests/test.conf";
const char* fname = "tests/test.conf";
if (args->argc == 1) {
printf("notice: using default file %s\n", fname);
@ -122,7 +297,7 @@ void test_harness(void* vargs)
fseek(file, 0, SEEK_END);
sz = ftell(file);
rewind(file);
if (sz == 0) {
if (sz <= 0) {
fprintf(stderr, "%s is empty\n", fname);
fclose(file);
args->return_code = 1;
@ -141,6 +316,7 @@ void test_harness(void* vargs)
if (len != sz) {
fprintf(stderr, "read error\n");
fclose(file);
free(script);
args->return_code = 1;
return;
}
@ -170,7 +346,11 @@ void test_harness(void* vargs)
case '#':
/* Ignore lines that start with a #. */
comment = strsep(&cursor, "\n");
#ifdef DEBUG_SUITE_TESTS
printf("%s\n", comment);
#else
(void)comment;
#endif
break;
case '-':
/* Parameters start with a -. They end in either a newline
@ -198,7 +378,13 @@ void test_harness(void* vargs)
}
if (do_it) {
execute_test_case(svrArgsSz, svrArgs, cliArgsSz, cliArgs);
ret = execute_test_case(svrArgsSz, svrArgs, cliArgsSz, cliArgs,0,0);
/* don't repeat if not supported in build */
if (ret == 0) {
execute_test_case(svrArgsSz, svrArgs, cliArgsSz, cliArgs, 0, 1);
execute_test_case(svrArgsSz, svrArgs, cliArgsSz, cliArgs, 1, 0);
execute_test_case(svrArgsSz, svrArgs, cliArgsSz, cliArgs, 1, 1);
}
svrArgsSz = 1;
cliArgsSz = 1;
cliMode = 0;
@ -213,7 +399,7 @@ void test_harness(void* vargs)
int SuiteTest(void)
{
func_args args;
char argv0[2][32];
char argv0[2][80];
char* myArgv[2];
printf(" Begin Cipher Suite Tests\n");
@ -224,6 +410,14 @@ int SuiteTest(void)
args.argv = myArgv;
strcpy(argv0[0], "SuiteTest");
(void)test_harness;
cipherSuiteCtx = CyaSSL_CTX_new(CyaTLSv1_2_client_method());
if (cipherSuiteCtx == NULL) {
printf("can't get cipher suite ctx\n");
exit(EXIT_FAILURE);
}
/* default case */
args.argc = 1;
printf("starting default cipher suite tests\n");
@ -236,94 +430,6 @@ int SuiteTest(void)
/* any extra cases will need another argument */
args.argc = 2;
#ifdef OPENSSL_EXTRA
/* add openssl extra suites */
strcpy(argv0[1], "tests/test-openssl.conf");
printf("starting openssl extra cipher suite tests\n");
test_harness(&args);
if (args.return_code != 0) {
printf("error from script %d\n", args.return_code);
exit(EXIT_FAILURE);
}
#endif
#ifdef HAVE_HC128
/* add hc128 extra suites */
strcpy(argv0[1], "tests/test-hc128.conf");
printf("starting hc128 extra cipher suite tests\n");
test_harness(&args);
if (args.return_code != 0) {
printf("error from script %d\n", args.return_code);
exit(EXIT_FAILURE);
}
#endif
#ifndef NO_PSK
/* add psk extra suites */
strcpy(argv0[1], "tests/test-psk.conf");
printf("starting psk extra cipher suite tests\n");
test_harness(&args);
if (args.return_code != 0) {
printf("error from script %d\n", args.return_code);
exit(EXIT_FAILURE);
}
#endif
#ifdef HAVE_NTRU
/* add ntru extra suites */
strcpy(argv0[1], "tests/test-ntru.conf");
printf("starting ntru extra cipher suite tests\n");
test_harness(&args);
if (args.return_code != 0) {
printf("error from script %d\n", args.return_code);
exit(EXIT_FAILURE);
}
#endif
#ifdef HAVE_ECC
/* add ecc extra suites */
strcpy(argv0[1], "tests/test-ecc.conf");
printf("starting ecc extra cipher suite tests\n");
test_harness(&args);
if (args.return_code != 0) {
printf("error from script %d\n", args.return_code);
exit(EXIT_FAILURE);
}
#endif
#ifdef HAVE_AESGCM
/* add aesgcm extra suites */
strcpy(argv0[1], "tests/test-aesgcm.conf");
printf("starting aesgcm extra cipher suite tests\n");
test_harness(&args);
if (args.return_code != 0) {
printf("error from script %d\n", args.return_code);
exit(EXIT_FAILURE);
}
#endif
#if defined(HAVE_AESGCM) && defined(OPENSSL_EXTRA)
/* add aesgcm openssl extra suites */
strcpy(argv0[1], "tests/test-aesgcm-openssl.conf");
printf("starting aesgcm openssl extra cipher suite tests\n");
test_harness(&args);
if (args.return_code != 0) {
printf("error from script %d\n", args.return_code);
exit(EXIT_FAILURE);
}
#endif
#if defined(HAVE_AESGCM) && defined(HAVE_ECC)
/* add aesgcm ecc extra suites */
strcpy(argv0[1], "tests/test-aesgcm-ecc.conf");
printf("starting aesgcm ecc extra cipher suite tests\n");
test_harness(&args);
if (args.return_code != 0) {
printf("error from script %d\n", args.return_code);
exit(EXIT_FAILURE);
}
#endif
#ifdef CYASSL_DTLS
/* add dtls extra suites */
strcpy(argv0[1], "tests/test-dtls.conf");
@ -337,6 +443,8 @@ int SuiteTest(void)
printf(" End Cipher Suite Tests\n");
CyaSSL_CTX_free(cipherSuiteCtx);
return args.return_code;
}

80
FreeRTOS-Plus/Source/CyaSSL/tests/test-aesgcm-ecc.conf
View file

@ -1,80 +0,0 @@
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-A ./certs/server-ecc.pem
# server TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
-v 3
-l ECDHE-ECDSA-AES256-GCM-SHA384
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
-v 3
-l ECDHE-ECDSA-AES256-GCM-SHA384
-A ./certs/server-ecc.pem
# server TLSv1.2 ECDH-ECDSA-AES128-GCM-SHA256
-v 3
-l ECDH-ECDSA-AES128-GCM-SHA256
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDH-ECDSA-AES128-GCM-SHA256
-v 3
-l ECDH-ECDSA-AES128-GCM-SHA256
-A ./certs/server-ecc.pem
# server TLSv1.2 ECDH-ECDSA-AES256-GCM-SHA384
-v 3
-l ECDH-ECDSA-AES256-GCM-SHA384
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDH-ECDSA-AES256-GCM-SHA384
-v 3
-l ECDH-ECDSA-AES256-GCM-SHA384
-A ./certs/server-ecc.pem
# server TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
# client TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
# server TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
# client TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
# server TLSv1.2 ECDH-RSA-AES128-GCM-SHA256
-v 3
-l ECDH-RSA-AES128-GCM-SHA256
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDH-RSA-AES128-GCM-SHA256
-v 3
-l ECDH-RSA-AES128-GCM-SHA256
# server TLSv1.2 ECDH-RSA-AES256-GCM-SHA384
-v 3
-l ECDH-RSA-AES256-GCM-SHA384
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDH-RSA-AES256-GCM-SHA384
-v 3
-l ECDH-RSA-AES256-GCM-SHA384

16
FreeRTOS-Plus/Source/CyaSSL/tests/test-aesgcm-openssl.conf
View file

@ -1,16 +0,0 @@
# server TLSv1.2 DHE-RSA-AES128-GCM-SHA256
-v 3
-l DHE-RSA-AES128-GCM-SHA256
# client TLSv1.2 DHE-RSA-AES128-GCM-SHA256
-v 3
-l DHE-RSA-AES128-GCM-SHA256
# server TLSv1.2 DHE-RSA-AES256-GCM-SHA384
-v 3
-l DHE-RSA-AES256-GCM-SHA384
# client TLSv1.2 DHE-RSA-AES256-GCM-SHA384
-v 3
-l DHE-RSA-AES256-GCM-SHA384

16
FreeRTOS-Plus/Source/CyaSSL/tests/test-aesgcm.conf
View file

@ -1,16 +0,0 @@
# server TLSv1.2 RSA-AES128-GCM-SHA256
-v 3
-l AES128-GCM-SHA256
# client TLSv1.2 RSA-AES128-GCM-SHA256
-v 3
-l AES128-GCM-SHA256
# server TLSv1.2 RSA-AES256-GCM-SHA384
-v 3
-l AES256-GCM-SHA384
# client TLSv1.2 RSA-AES256-GCM-SHA384
-v 3
-l AES256-GCM-SHA384

770
FreeRTOS-Plus/Source/CyaSSL/tests/test-dtls.conf
View file

@ -1,64 +1,818 @@
# server DTLSv1 RC4-SHA
-u
-v 2
-l RC4-SHA
# client DTLSv1 RC4-SHA
-u
-v 2
-l RC4-SHA
# server DTLSv1 RC4-MD5
# server DTLSv1.2 RC4-SHA
-u
-l RC4-MD5
-v 3
-l RC4-SHA
# client DTLSv1 RC4-MD5
# client DTLSv1.2 RC4-SHA
-u
-l RC4-MD5
-v 3
-l RC4-SHA
# server DTLSv1 DES-CBC3-SHA
-u
-v 2
-l DES-CBC3-SHA
# client DTLSv1 DES-CBC3-SHA
-u
-v 2
-l DES-CBC3-SHA
# server DTLSv1.2 DES-CBC3-SHA
-u
-v 3
-l DES-CBC3-SHA
# client DTLSv1.2 DES-CBC3-SHA
-u
-v 3
-l DES-CBC3-SHA
# server DTLSv1 AES128-SHA
-u
-v 2
-l AES128-SHA
# client DTLSv1 AES128-SHA
-u
-v 2
-l AES128-SHA
# server DTLSv1.2 AES128-SHA
-u
-v 3
-l AES128-SHA
# client DTLSv1.2 AES128-SHA
-u
-v 3
-l AES128-SHA
# server DTLSv1 AES256-SHA
-u
-v 2
-l AES256-SHA
# client DTLSv1 AES256-SHA
-u
-v 2
-l AES256-SHA
# server DTLSv1.2 AES256-SHA
-u
-v 3
-l AES256-SHA
# client DTLSv1.2 AES256-SHA
-u
-v 3
-l AES256-SHA
# server DTLSv1 AES128-SHA256
-u
-v 2
-l AES128-SHA256
# client DTLSv1 AES128-SHA256
-u
-v 2
-l AES128-SHA256
# server DTLSv1.2 AES128-SHA256
-u
-v 3
-l AES128-SHA256
# client DTLSv1.2 AES128-SHA256
-u
-v 3
-l AES128-SHA256
# server DTLSv1 AES256-SHA256
-u
-v 2
-l AES256-SHA256
# client DTLSv1 AES256-SHA256
-u
-v 2
-l AES256-SHA256
# server DTLSv1 RABBIT-SHA
# server DTLSv1.2 AES256-SHA256
-u
-l RABBIT-SHA
-v 3
-l AES256-SHA256
# client DTLSv1 RABBIT-SHA
# client DTLSv1.2 AES256-SHA256
-u
-l RABBIT-SHA
-v 3
-l AES256-SHA256
# server DTLSv1 ECDHE-RSA-RC4
-u
-v 2
-l ECDHE-RSA-RC4-SHA
# client DTLSv1 ECDHE-RSA-RC4
-u
-v 2
-l ECDHE-RSA-RC4-SHA
# server DTLSv1.1 ECDHE-RSA-DES3
-u
-v 2
-l ECDHE-RSA-DES-CBC3-SHA
# client DTLSv1.1 ECDHE-RSA-DES3
-u
-v 2
-l ECDHE-RSA-DES-CBC3-SHA
# server DTLSv1.1 ECDHE-RSA-AES128
-u
-v 2
-l ECDHE-RSA-AES128-SHA
# client DTLSv1.1 ECDHE-RSA-AES128
-u
-v 2
-l ECDHE-RSA-AES128-SHA
# server DTLSv1.1 ECDHE-RSA-AES256
-u
-v 2
-l ECDHE-RSA-AES256-SHA
# client DTLSv1.1 ECDHE-RSA-AES256
-u
-v 2
-l ECDHE-RSA-AES256-SHA
# server DTLSv1.2 ECDHE-RSA-RC4
-u
-v 3
-l ECDHE-RSA-RC4-SHA
# client DTLSv1.2 ECDHE-RSA-RC4
-u
-v 3
-l ECDHE-RSA-RC4-SHA
# server DTLSv1.2 ECDHE-RSA-DES3
-u
-v 3
-l ECDHE-RSA-DES-CBC3-SHA
# client DTLSv1.2 ECDHE-RSA-DES3
-u
-v 3
-l ECDHE-RSA-DES-CBC3-SHA
# server DTLSv1.2 ECDHE-RSA-AES128
-u
-v 3
-l ECDHE-RSA-AES128-SHA
# client DTLSv1.2 ECDHE-RSA-AES128
-u
-v 3
-l ECDHE-RSA-AES128-SHA
# server DTLSv1.2 ECDHE-RSA-AES128-SHA256
-u
-v 3
-l ECDHE-RSA-AES128-SHA256
# client DTLSv1.2 ECDHE-RSA-AES128-SHA256
-u
-v 3
-l ECDHE-RSA-AES128-SHA256
# server DTLSv1.2 ECDHE-RSA-AES256
-u
-v 3
-l ECDHE-RSA-AES256-SHA
# client DTLSv1.2 ECDHE-RSA-AES256
-u
-v 3
-l ECDHE-RSA-AES256-SHA
# server DTLSv1.1 ECDHE-EDCSA-RC4
-u
-v 2
-l ECDHE-ECDSA-RC4-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.1 ECDHE-ECDSA-RC4
-u
-v 2
-l ECDHE-ECDSA-RC4-SHA
-A ./certs/server-ecc.pem
# server DTLSv1.1 ECDHE-ECDSA-DES3
-u
-v 2
-l ECDHE-ECDSA-DES-CBC3-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.1 ECDHE-ECDSA-DES3
-u
-v 2
-l ECDHE-ECDSA-DES-CBC3-SHA
-A ./certs/server-ecc.pem
# server DTLSv1.1 ECDHE-ECDSA-AES128
-u
-v 2
-l ECDHE-ECDSA-AES128-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.1 ECDHE-ECDSA-AES128
-u
-v 2
-l ECDHE-ECDSA-AES128-SHA
-A ./certs/server-ecc.pem
# server DTLSv1.1 ECDHE-ECDSA-AES256
-u
-v 2
-l ECDHE-ECDSA-AES256-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.1 ECDHE-ECDSA-AES256
-u
-v 2
-l ECDHE-ECDSA-AES256-SHA
-A ./certs/server-ecc.pem
# server DTLSv1.2 ECDHE-ECDSA-RC4
-u
-v 3
-l ECDHE-ECDSA-RC4-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDHE-ECDSA-RC4
-u
-v 3
-l ECDHE-ECDSA-RC4-SHA
-A ./certs/server-ecc.pem
# server DTLSv1.2 ECDHE-ECDSA-DES3
-u
-v 3
-l ECDHE-ECDSA-DES-CBC3-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDHE-ECDSA-DES3
-u
-v 3
-l ECDHE-ECDSA-DES-CBC3-SHA
-A ./certs/server-ecc.pem
# server DTLSv1.2 ECDHE-ECDSA-AES128
-u
-v 3
-l ECDHE-ECDSA-AES128-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDHE-ECDSA-AES128
-u
-v 3
-l ECDHE-ECDSA-AES128-SHA
-A ./certs/server-ecc.pem
# server DTLSv1.2 ECDHE-ECDSA-AES128-SHA256
-u
-v 3
-l ECDHE-ECDSA-AES128-SHA256
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDHE-ECDSA-AES128-SHA256
-u
-v 3
-l ECDHE-ECDSA-AES128-SHA256
-A ./certs/server-ecc.pem
# server DTLSv1.2 ECDHE-ECDSA-AES256
-u
-v 3
-l ECDHE-ECDSA-AES256-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDHE-ECDSA-AES256
-u
-v 3
-l ECDHE-ECDSA-AES256-SHA
-A ./certs/server-ecc.pem
# server DTLSv1.1 ECDH-RSA-RC4
-u
-v 2
-l ECDH-RSA-RC4-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client DTLSv1.1 ECDH-RSA-RC4
-u
-v 2
-l ECDH-RSA-RC4-SHA
# server DTLSv1.1 ECDH-RSA-DES3
-u
-v 2
-l ECDH-RSA-DES-CBC3-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client DTLSv1.1 ECDH-RSA-DES3
-u
-v 2
-l ECDH-RSA-DES-CBC3-SHA
# server DTLSv1.1 ECDH-RSA-AES128
-u
-v 2
-l ECDH-RSA-AES128-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client DTLSv1.1 ECDH-RSA-AES128
-u
-v 2
-l ECDH-RSA-AES128-SHA
# server DTLSv1.1 ECDH-RSA-AES256
-u
-v 2
-l ECDH-RSA-AES256-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client DTLSv1.1 ECDH-RSA-AES256
-u
-v 2
-l ECDH-RSA-AES256-SHA
# server DTLSv1.2 ECDH-RSA-RC4
-u
-v 3
-l ECDH-RSA-RC4-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDH-RSA-RC4
-u
-v 3
-l ECDH-RSA-RC4-SHA
# server DTLSv1.2 ECDH-RSA-DES3
-u
-v 3
-l ECDH-RSA-DES-CBC3-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDH-RSA-DES3
-u
-v 3
-l ECDH-RSA-DES-CBC3-SHA
# server DTLSv1.2 ECDH-RSA-AES128
-u
-v 3
-l ECDH-RSA-AES128-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDH-RSA-AES128
-u
-v 3
-l ECDH-RSA-AES128-SHA
# server DTLSv1.2 ECDH-RSA-AES128-SHA256
-u
-v 3
-l ECDH-RSA-AES128-SHA256
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDH-RSA-AES128-SHA256
-u
-v 3
-l ECDH-RSA-AES128-SHA256
# server DTLSv1.2 ECDH-RSA-AES256
-u
-v 3
-l ECDH-RSA-AES256-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDH-RSA-AES256
-u
-v 3
-l ECDH-RSA-AES256-SHA
# server DTLSv1.1 ECDH-EDCSA-RC4
-u
-v 2
-l ECDH-ECDSA-RC4-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.1 ECDH-ECDSA-RC4
-u
-v 2
-l ECDH-ECDSA-RC4-SHA
-A ./certs/server-ecc.pem
# server DTLSv1.1 ECDH-ECDSA-DES3
-u
-v 2
-l ECDH-ECDSA-DES-CBC3-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.1 ECDH-ECDSA-DES3
-u
-v 2
-l ECDH-ECDSA-DES-CBC3-SHA
-A ./certs/server-ecc.pem
# server DTLSv1.1 ECDH-ECDSA-AES128
-u
-v 2
-l ECDH-ECDSA-AES128-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.1 ECDH-ECDSA-AES128
-u
-v 2
-l ECDH-ECDSA-AES128-SHA
-A ./certs/server-ecc.pem
# server DTLSv1.1 ECDH-ECDSA-AES256
-u
-v 2
-l ECDH-ECDSA-AES256-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.1 ECDH-ECDSA-AES256
-u
-v 2
-l ECDH-ECDSA-AES256-SHA
-A ./certs/server-ecc.pem
# server DTLSv1.2 ECDHE-ECDSA-RC4
-u
-v 3
-l ECDH-ECDSA-RC4-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDH-ECDSA-RC4
-u
-v 3
-l ECDH-ECDSA-RC4-SHA
-A ./certs/server-ecc.pem
# server DTLSv1.2 ECDH-ECDSA-DES3
-u
-v 3
-l ECDH-ECDSA-DES-CBC3-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDH-ECDSA-DES3
-u
-v 3
-l ECDH-ECDSA-DES-CBC3-SHA
-A ./certs/server-ecc.pem
# server DTLSv1.2 ECDH-ECDSA-AES128
-u
-v 3
-l ECDH-ECDSA-AES128-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDH-ECDSA-AES128
-u
-v 3
-l ECDH-ECDSA-AES128-SHA
-A ./certs/server-ecc.pem
# server DTLSv1.2 ECDH-ECDSA-AES128-SHA256
-u
-v 3
-l ECDH-ECDSA-AES128-SHA256
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDH-ECDSA-AES128-SHA256
-u
-v 3
-l ECDH-ECDSA-AES128-SHA256
-A ./certs/server-ecc.pem
# server DTLSv1.2 ECDH-ECDSA-AES256
-u
-v 3
-l ECDH-ECDSA-AES256-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDH-ECDSA-AES256
-u
-v 3
-l ECDH-ECDSA-AES256-SHA
-A ./certs/server-ecc.pem
# server DTLSv1.2 ECDHE-RSA-AES256-SHA384
-u
-v 3
-l ECDHE-RSA-AES256-SHA384
# client DTLSv1.2 ECDHE-RSA-AES256-SHA384
-u
-v 3
-l ECDHE-RSA-AES256-SHA384
# server DTLSv1.2 ECDHE-ECDSA-AES256-SHA384
-u
-v 3
-l ECDHE-ECDSA-AES256-SHA384
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDHE-ECDSA-AES256-SHA384
-u
-v 3
-l ECDHE-ECDSA-AES256-SHA384
-A ./certs/server-ecc.pem
# server DTLSv1.2 ECDH-RSA-AES256-SHA384
-u
-v 3
-l ECDH-RSA-AES256-SHA384
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDH-RSA-AES256-SHA384
-u
-v 3
-l ECDH-RSA-AES256-SHA384
# server DTLSv1.2 ECDH-ECDSA-AES256-SHA384
-u
-v 3
-l ECDH-ECDSA-AES256-SHA384
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDH-ECDSA-AES256-SHA384
-u
-v 3
-l ECDH-ECDSA-AES256-SHA384
-A ./certs/server-ecc.pem
# server DTLSv1 PSK-AES128
-s
-u
-v 2
-l PSK-AES128-CBC-SHA
# client DTLSv1 PSK-AES128
-s
-u
-v 2
-l PSK-AES128-CBC-SHA
# server DTLSv1 PSK-AES256
-s
-u
-v 2
-l PSK-AES256-CBC-SHA
# client DTLSv1 PSK-AES256
-s
-u
-v 2
-l PSK-AES256-CBC-SHA
# server DTLSv1.2 PSK-AES128
-s
-u
-v 3
-l PSK-AES128-CBC-SHA
# client DTLSv1.2 PSK-AES128
-s
-u
-v 3
-l PSK-AES128-CBC-SHA
# server DTLSv1.2 PSK-AES256
-s
-u
-v 3
-l PSK-AES256-CBC-SHA
# client DTLSv1.2 PSK-AES256
-s
-u
-v 3
-l PSK-AES256-CBC-SHA
# server DTLSv1.2 PSK-AES128-SHA256
-s
-u
-v 3
-l PSK-AES128-CBC-SHA256
# client DTLSv1.2 PSK-AES128-SHA256
-s
-u
-v 3
-l PSK-AES128-CBC-SHA256
# server DTLSv1.2 PSK-AES256-SHA384
-s
-u
-v 3
-l PSK-AES256-CBC-SHA384
# client DTLSv1.2 PSK-AES256-SHA384
-s
-u
-v 3
-l PSK-AES256-CBC-SHA384
# server DTLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-u
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-u
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-A ./certs/server-ecc.pem
# server DTLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
-u
-v 3
-l ECDHE-ECDSA-AES256-GCM-SHA384
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
-u
-v 3
-l ECDHE-ECDSA-AES256-GCM-SHA384
-A ./certs/server-ecc.pem
# server DTLSv1.2 ECDH-ECDSA-AES128-GCM-SHA256
-u
-v 3
-l ECDH-ECDSA-AES128-GCM-SHA256
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDH-ECDSA-AES128-GCM-SHA256
-u
-v 3
-l ECDH-ECDSA-AES128-GCM-SHA256
-A ./certs/server-ecc.pem
# server DTLSv1.2 ECDH-ECDSA-AES256-GCM-SHA384
-u
-v 3
-l ECDH-ECDSA-AES256-GCM-SHA384
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDH-ECDSA-AES256-GCM-SHA384
-u
-v 3
-l ECDH-ECDSA-AES256-GCM-SHA384
-A ./certs/server-ecc.pem
# server DTLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
-u
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
# client DTLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
-u
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
# server DTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
-u
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
# client DTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
-u
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
# server DTLSv1.2 ECDH-RSA-AES128-GCM-SHA256
-u
-v 3
-l ECDH-RSA-AES128-GCM-SHA256
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDH-RSA-AES128-GCM-SHA256
-u
-v 3
-l ECDH-RSA-AES128-GCM-SHA256
# server DTLSv1.2 ECDH-RSA-AES256-GCM-SHA384
-u
-v 3
-l ECDH-RSA-AES256-GCM-SHA384
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDH-RSA-AES256-GCM-SHA384
-u
-v 3
-l ECDH-RSA-AES256-GCM-SHA384
# server DTLSv1.2 PSK-AES128-GCM-SHA256
-u
-s
-v 3
-l PSK-AES128-GCM-SHA256
# client DTLSv1.2 PSK-AES128-GCM-SHA256
-u
-s
-v 3
-l PSK-AES128-GCM-SHA256
# server DTLSv1.2 PSK-AES256-GCM-SHA384
-u
-s
-v 3
-l PSK-AES256-GCM-SHA384
# client DTLSv1.2 PSK-AES256-GCM-SHA384
-u
-s
-v 3
-l PSK-AES256-GCM-SHA384
# server DTLSv1.2 ECDHE-ECDSA-AES128-CCM-8
-u
-v 3
-l ECDHE-ECDSA-AES128-CCM-8
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDHE-ECDSA-AES128-CCM-8
-u
-v 3
-l ECDHE-ECDSA-AES128-CCM-8
-A ./certs/server-ecc.pem
# server DTLSv1.2 ECDHE-ECDSA-AES256-CCM-8
-u
-v 3
-l ECDHE-ECDSA-AES256-CCM-8
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDHE-ECDSA-AES256-CCM-8
-u
-v 3
-l ECDHE-ECDSA-AES256-CCM-8
-A ./certs/server-ecc.pem

480
FreeRTOS-Plus/Source/CyaSSL/tests/test-ecc.conf
View file

@ -1,480 +0,0 @@
# server TLSv1 ECDHE-RSA-RC4
-v 1
-l ECDHE-RSA-RC4-SHA
# client TLSv1 ECDHE-RSA-RC4
-v 1
-l ECDHE-RSA-RC4-SHA
# server TLSv1 ECDHE-RSA-DES3
-v 1
-l ECDHE-RSA-DES-CBC3-SHA
# client TLSv1 ECDHE-RSA-DES3
-v 1
-l ECDHE-RSA-DES-CBC3-SHA
# server TLSv1 ECDHE-RSA-AES128
-v 1
-l ECDHE-RSA-AES128-SHA
# client TLSv1 ECDHE-RSA-AES128
-v 1
-l ECDHE-RSA-AES128-SHA
# server TLSv1 ECDHE-RSA-AES256
-v 1
-l ECDHE-RSA-AES256-SHA
# client TLSv1 ECDHE-RSA-AES256
-v 1
-l ECDHE-RSA-AES256-SHA
# server TLSv1.1 ECDHE-RSA-RC4
-v 2
-l ECDHE-RSA-RC4-SHA
# client TLSv1.1 ECDHE-RSA-RC4
-v 2
-l ECDHE-RSA-RC4-SHA
# server TLSv1.1 ECDHE-RSA-DES3
-v 2
-l ECDHE-RSA-DES-CBC3-SHA
# client TLSv1.1 ECDHE-RSA-DES3
-v 2
-l ECDHE-RSA-DES-CBC3-SHA
# server TLSv1.1 ECDHE-RSA-AES128
-v 2
-l ECDHE-RSA-AES128-SHA
# client TLSv1.1 ECDHE-RSA-AES128
-v 2
-l ECDHE-RSA-AES128-SHA
# server TLSv1.1 ECDHE-RSA-AES256
-v 2
-l ECDHE-RSA-AES256-SHA
# client TLSv1.1 ECDHE-RSA-AES256
-v 2
-l ECDHE-RSA-AES256-SHA
# server TLSv1.2 ECDHE-RSA-RC4
-v 3
-l ECDHE-RSA-RC4-SHA
# client TLSv1.2 ECDHE-RSA-RC4
-v 3
-l ECDHE-RSA-RC4-SHA
# server TLSv1.2 ECDHE-RSA-DES3
-v 3
-l ECDHE-RSA-DES-CBC3-SHA
# client TLSv1.2 ECDHE-RSA-DES3
-v 3
-l ECDHE-RSA-DES-CBC3-SHA
# server TLSv1.2 ECDHE-RSA-AES128
-v 3
-l ECDHE-RSA-AES128-SHA
# client TLSv1.2 ECDHE-RSA-AES128
-v 3
-l ECDHE-RSA-AES128-SHA
# server TLSv1.2 ECDHE-RSA-AES256
-v 3
-l ECDHE-RSA-AES256-SHA
# client TLSv1.2 ECDHE-RSA-AES256
-v 3
-l ECDHE-RSA-AES256-SHA
# server TLSv1 ECDHE-ECDSA-RC4
-v 1
-l ECDHE-ECDSA-RC4-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1 ECDHE-ECDSA-RC4
-v 1
-l ECDHE-ECDSA-RC4-SHA
-A ./certs/server-ecc.pem
# server TLSv1 ECDHE-ECDSA-DES3
-v 1
-l ECDHE-ECDSA-DES-CBC3-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1 ECDHE-ECDSA-DES3
-v 1
-l ECDHE-ECDSA-DES-CBC3-SHA
-A ./certs/server-ecc.pem
# server TLSv1 ECDHE-ECDSA-AES128
-v 1
-l ECDHE-ECDSA-AES128-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1 ECDHE-ECDSA-AES128
-v 1
-l ECDHE-ECDSA-AES128-SHA
-A ./certs/server-ecc.pem
# server TLSv1 ECDHE-ECDSA-AES256
-v 1
-l ECDHE-ECDSA-AES256-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1 ECDHE-ECDSA-AES256
-v 1
-l ECDHE-ECDSA-AES256-SHA
-A ./certs/server-ecc.pem
# server TLSv1.1 ECDHE-EDCSA-RC4
-v 2
-l ECDHE-ECDSA-RC4-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.1 ECDHE-ECDSA-RC4
-v 2
-l ECDHE-ECDSA-RC4-SHA
-A ./certs/server-ecc.pem
# server TLSv1.1 ECDHE-ECDSA-DES3
-v 2
-l ECDHE-ECDSA-DES-CBC3-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.1 ECDHE-ECDSA-DES3
-v 2
-l ECDHE-ECDSA-DES-CBC3-SHA
-A ./certs/server-ecc.pem
# server TLSv1.1 ECDHE-ECDSA-AES128
-v 2
-l ECDHE-ECDSA-AES128-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.1 ECDHE-ECDSA-AES128
-v 2
-l ECDHE-ECDSA-AES128-SHA
-A ./certs/server-ecc.pem
# server TLSv1.1 ECDHE-ECDSA-AES256
-v 2
-l ECDHE-ECDSA-AES256-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.1 ECDHE-ECDSA-AES256
-v 2
-l ECDHE-ECDSA-AES256-SHA
-A ./certs/server-ecc.pem
# server TLSv1.2 ECDHE-ECDSA-RC4
-v 3
-l ECDHE-ECDSA-RC4-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDHE-ECDSA-RC4
-v 3
-l ECDHE-ECDSA-RC4-SHA
-A ./certs/server-ecc.pem
# server TLSv1.2 ECDHE-ECDSA-DES3
-v 3
-l ECDHE-ECDSA-DES-CBC3-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDHE-ECDSA-DES3
-v 3
-l ECDHE-ECDSA-DES-CBC3-SHA
-A ./certs/server-ecc.pem
# server TLSv1.2 ECDHE-ECDSA-AES128
-v 3
-l ECDHE-ECDSA-AES128-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDHE-ECDSA-AES128
-v 3
-l ECDHE-ECDSA-AES128-SHA
-A ./certs/server-ecc.pem
# server TLSv1.2 ECDHE-ECDSA-AES256
-v 3
-l ECDHE-ECDSA-AES256-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDHE-ECDSA-AES256
-v 3
-l ECDHE-ECDSA-AES256-SHA
-A ./certs/server-ecc.pem
# server TLSv1 ECDH-RSA-RC4
-v 1
-l ECDH-RSA-RC4-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client TLSv1 ECDH-RSA-RC4
-v 1
-l ECDH-RSA-RC4-SHA
# server TLSv1 ECDH-RSA-DES3
-v 1
-l ECDH-RSA-DES-CBC3-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client TLSv1 ECDH-RSA-DES3
-v 1
-l ECDH-RSA-DES-CBC3-SHA
# server TLSv1 ECDH-RSA-AES128
-v 1
-l ECDH-RSA-AES128-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client TLSv1 ECDH-RSA-AES128
-v 1
-l ECDH-RSA-AES128-SHA
# server TLSv1 ECDH-RSA-AES256
-v 1
-l ECDH-RSA-AES256-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client TLSv1 ECDH-RSA-AES256
-v 1
-l ECDH-RSA-AES256-SHA
# server TLSv1.1 ECDH-RSA-RC4
-v 2
-l ECDH-RSA-RC4-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client TLSv1.1 ECDH-RSA-RC4
-v 2
-l ECDH-RSA-RC4-SHA
# server TLSv1.1 ECDH-RSA-DES3
-v 2
-l ECDH-RSA-DES-CBC3-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client TLSv1.1 ECDH-RSA-DES3
-v 2
-l ECDH-RSA-DES-CBC3-SHA
# server TLSv1.1 ECDH-RSA-AES128
-v 2
-l ECDH-RSA-AES128-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client TLSv1.1 ECDH-RSA-AES128
-v 2
-l ECDH-RSA-AES128-SHA
# server TLSv1.1 ECDH-RSA-AES256
-v 2
-l ECDH-RSA-AES256-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client TLSv1.1 ECDH-RSA-AES256
-v 2
-l ECDH-RSA-AES256-SHA
# server TLSv1.2 ECDH-RSA-RC4
-v 3
-l ECDH-RSA-RC4-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDH-RSA-RC4
-v 3
-l ECDH-RSA-RC4-SHA
# server TLSv1.2 ECDH-RSA-DES3
-v 3
-l ECDH-RSA-DES-CBC3-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDH-RSA-DES3
-v 3
-l ECDH-RSA-DES-CBC3-SHA
# server TLSv1.2 ECDH-RSA-AES128
-v 3
-l ECDH-RSA-AES128-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDH-RSA-AES128
-v 3
-l ECDH-RSA-AES128-SHA
# server TLSv1.2 ECDH-RSA-AES256
-v 3
-l ECDH-RSA-AES256-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDH-RSA-AES256
-v 3
-l ECDH-RSA-AES256-SHA
# server TLSv1 ECDH-ECDSA-RC4
-v 1
-l ECDH-ECDSA-RC4-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1 ECDH-ECDSA-RC4
-v 1
-l ECDH-ECDSA-RC4-SHA
-A ./certs/server-ecc.pem
# server TLSv1 ECDH-ECDSA-DES3
-v 1
-l ECDH-ECDSA-DES-CBC3-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1 ECDH-ECDSA-DES3
-v 1
-l ECDH-ECDSA-DES-CBC3-SHA
-A ./certs/server-ecc.pem
# server TLSv1 ECDH-ECDSA-AES128
-v 1
-l ECDH-ECDSA-AES128-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1 ECDH-ECDSA-AES128
-v 1
-l ECDH-ECDSA-AES128-SHA
-A ./certs/server-ecc.pem
# server TLSv1 ECDH-ECDSA-AES256
-v 1
-l ECDH-ECDSA-AES256-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1 ECDH-ECDSA-AES256
-v 1
-l ECDH-ECDSA-AES256-SHA
-A ./certs/server-ecc.pem
# server TLSv1.1 ECDH-EDCSA-RC4
-v 2
-l ECDH-ECDSA-RC4-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.1 ECDH-ECDSA-RC4
-v 2
-l ECDH-ECDSA-RC4-SHA
-A ./certs/server-ecc.pem
# server TLSv1.1 ECDH-ECDSA-DES3
-v 2
-l ECDH-ECDSA-DES-CBC3-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.1 ECDH-ECDSA-DES3
-v 2
-l ECDH-ECDSA-DES-CBC3-SHA
-A ./certs/server-ecc.pem
# server TLSv1.1 ECDH-ECDSA-AES128
-v 2
-l ECDH-ECDSA-AES128-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.1 ECDH-ECDSA-AES128
-v 2
-l ECDH-ECDSA-AES128-SHA
-A ./certs/server-ecc.pem
# server TLSv1.1 ECDH-ECDSA-AES256
-v 2
-l ECDH-ECDSA-AES256-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.1 ECDH-ECDSA-AES256
-v 2
-l ECDH-ECDSA-AES256-SHA
-A ./certs/server-ecc.pem
# server TLSv1.2 ECDHE-ECDSA-RC4
-v 3
-l ECDH-ECDSA-RC4-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDH-ECDSA-RC4
-v 3
-l ECDH-ECDSA-RC4-SHA
-A ./certs/server-ecc.pem
# server TLSv1.2 ECDH-ECDSA-DES3
-v 3
-l ECDH-ECDSA-DES-CBC3-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDH-ECDSA-DES3
-v 3
-l ECDH-ECDSA-DES-CBC3-SHA
-A ./certs/server-ecc.pem
# server TLSv1.2 ECDH-ECDSA-AES128
-v 3
-l ECDH-ECDSA-AES128-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDH-ECDSA-AES128
-v 3
-l ECDH-ECDSA-AES128-SHA
-A ./certs/server-ecc.pem
# server TLSv1.2 ECDH-ECDSA-AES256
-v 3
-l ECDH-ECDSA-AES256-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDH-ECDSA-AES256
-v 3
-l ECDH-ECDSA-AES256-SHA
-A ./certs/server-ecc.pem

48
FreeRTOS-Plus/Source/CyaSSL/tests/test-hc128.conf
View file

@ -1,48 +0,0 @@
# server TLSv1 HC128-SHA
-v 1
-l HC128-SHA
# client TLSv1 HC128-SHA
-v 1
-l HC128-SHA
# server TLSv1 HC128-MD5
-v 1
-l HC128-MD5
# client TLSv1 HC128-MD5
-v 1
-l HC128-MD5
# server TLSv1.1 HC128-SHA
-v 2
-l HC128-SHA
# client TLSv1.1 HC128-SHA
-v 2
-l HC128-SHA
# server TLSv1.1 HC128-MD5
-v 2
-l HC128-MD5
# client TLSv1.1 HC128-MD5
-v 2
-l HC128-MD5
# server TLSv1.2 HC128-SHA
-v 3
-l HC128-SHA
# client TLSv1.2 HC128-SHA
-v 3
-l HC128-SHA
# server TLSv1.2 HC128-MD5
-v 3
-l HC128-MD5
# client TLSv1.2 HC128-MD5
-v 3
-l HC128-MD5

132
FreeRTOS-Plus/Source/CyaSSL/tests/test-ntru.conf
View file

@ -1,132 +0,0 @@
# server TLSv1 NTRU_RC4
-v 1
-l NTRU-RC4-SHA
-n
-c ./certs/ntru-cert.pem
-k ./certs/ntru-key.raw
# client TLSv1 NTRU_RC4
-v 1
-l NTRU-RC4-SHA
# server TLSv1 NTRU_DES3
-v 1
-l NTRU-DES-CBC3-SHA
-n
-c ./certs/ntru-cert.pem
-k ./certs/ntru-key.raw
# client TLSv1 NTRU_DES3
-v 1
-l NTRU-DES-CBC3-SHA
# server TLSv1 NTRU_AES128
-v 1
-l NTRU-AES128-SHA
-n
-c ./certs/ntru-cert.pem
-k ./certs/ntru-key.raw
# client TLSv1 NTRU_AES128
-v 1
-l NTRU-AES128-SHA
# server TLSv1 NTRU_AES256
-v 1
-l NTRU-AES256-SHA
-n
-c ./certs/ntru-cert.pem
-k ./certs/ntru-key.raw
# client TLSv1 NTRU_AES256
-v 1
-l NTRU-AES256-SHA
# server TLSv1.1 NTRU_RC4
-v 2
-l NTRU-RC4-SHA
-n
-c ./certs/ntru-cert.pem
-k ./certs/ntru-key.raw
# client TLSv1.1 NTRU_RC4
-v 2
-l NTRU-RC4-SHA
# server TLSv1.1 NTRU_DES3
-v 2
-l NTRU-DES-CBC3-SHA
-n
-c ./certs/ntru-cert.pem
-k ./certs/ntru-key.raw
# client TLSv1.1 NTRU_DES3
-v 2
-l NTRU-DES-CBC3-SHA
# server TLSv1.1 NTRU_AES128
-v 2
-l NTRU-AES128-SHA
-n
-c ./certs/ntru-cert.pem
-k ./certs/ntru-key.raw
# client TLSv1.1 NTRU_AES128
-v 2
-l NTRU-AES128-SHA
# server TLSv1.1 NTRU_AES256
-v 2
-l NTRU-AES256-SHA
-n
-c ./certs/ntru-cert.pem
-k ./certs/ntru-key.raw
# client TLSv1.1 NTRU_AES256
-v 2
-l NTRU-AES256-SHA
# server TLSv1.2 NTRU_RC4
-v 3
-l NTRU-RC4-SHA
-n
-c ./certs/ntru-cert.pem
-k ./certs/ntru-key.raw
# client TLSv1.2 NTRU_RC4
-v 3
-l NTRU-RC4-SHA
# server TLSv1.2 NTRU_DES3
-v 3
-l NTRU-DES-CBC3-SHA
-n
-c ./certs/ntru-cert.pem
-k ./certs/ntru-key.raw
# client TLSv1.2 NTRU_DES3
-v 3
-l NTRU-DES-CBC3-SHA
# server TLSv1.2 NTRU_AES128
-v 3
-l NTRU-AES128-SHA
-n
-c ./certs/ntru-cert.pem
-k ./certs/ntru-key.raw
# client TLSv1.2 NTRU_AES128
-v 3
-l NTRU-AES128-SHA
# server TLSv1.2 NTRU_AES256
-v 3
-l NTRU-AES256-SHA
-n
-c ./certs/ntru-cert.pem
-k ./certs/ntru-key.raw
# client TLSv1.2 NTRU_AES256
-v 3
-l NTRU-AES256-SHA

96
FreeRTOS-Plus/Source/CyaSSL/tests/test-openssl.conf
View file

@ -1,96 +0,0 @@
# server TLSv1 DHE AES128
-v 1
-l DHE-RSA-AES128-SHA
# client TLSv1 DHE AES128
-v 1
-l DHE-RSA-AES128-SHA
# server TLSv1 DHE AES256
-v 1
-l DHE-RSA-AES256-SHA
# client TLSv1 DHE AES256
-v 1
-l DHE-RSA-AES256-SHA
# server TLSv1 DHE AES128-SHA256
-v 1
-l DHE-RSA-AES128-SHA256
# client TLSv1 DHE AES128-SHA256
-v 1
-l DHE-RSA-AES128-SHA256
# server TLSv1 DHE AES256-SHA256
-v 1
-l DHE-RSA-AES256-SHA256
# client TLSv1 DHE AES256-SHA256
-v 1
-l DHE-RSA-AES256-SHA256
# server TLSv1.1 DHE AES128
-v 2
-l DHE-RSA-AES128-SHA
# client TLSv1.1 DHE AES128
-v 2
-l DHE-RSA-AES128-SHA
# server TLSv1.1 DHE AES256
-v 2
-l DHE-RSA-AES256-SHA
# client TLSv1.1 DHE AES256
-v 2
-l DHE-RSA-AES256-SHA
# server TLSv1.1 DHE AES128-SHA256
-v 2
-l DHE-RSA-AES128-SHA256
# client TLSv1.1 DHE AES128-SHA256
-v 2
-l DHE-RSA-AES128-SHA256
# server TLSv1.1 DHE AES256-SHA256
-v 2
-l DHE-RSA-AES256-SHA256
# client TLSv1.1 DHE AES256-SHA256
-v 2
-l DHE-RSA-AES256-SHA256
# server TLSv1.2 DHE AES128
-v 3
-l DHE-RSA-AES128-SHA
# client TLSv1.2 DHE AES128
-v 3
-l DHE-RSA-AES128-SHA
# server TLSv1.2 DHE AES256
-v 3
-l DHE-RSA-AES256-SHA
# client TLSv1.2 DHE AES256
-v 3
-l DHE-RSA-AES256-SHA
# server TLSv1.2 DHE AES128-SHA256
-v 3
-l DHE-RSA-AES128-SHA256
# client TLSv1.2 DHE AES128-SHA256
-v 3
-l DHE-RSA-AES128-SHA256
# server TLSv1.2 DHE AES256-SHA256
-v 3
-l DHE-RSA-AES256-SHA256
# client TLSv1.2 DHE AES256-SHA256
-v 3
-l DHE-RSA-AES256-SHA256

60
FreeRTOS-Plus/Source/CyaSSL/tests/test-psk.conf
View file

@ -1,60 +0,0 @@
# server TLSv1 PSK-AES128
-s
-v 1
-l PSK-AES128-CBC-SHA
# client TLSv1 PSK-AES128
-s
-v 1
-l PSK-AES128-CBC-SHA
# server TLSv1 PSK-AES256
-s
-v 1
-l PSK-AES256-CBC-SHA
# client TLSv1 PSK-AES256
-s
-v 1
-l PSK-AES256-CBC-SHA
# server TLSv1.1 PSK-AES128
-s
-v 2
-l PSK-AES128-CBC-SHA
# client TLSv1.1 PSK-AES128
-s
-v 2
-l PSK-AES128-CBC-SHA
# server TLSv1.1 PSK-AES256
-s
-v 2
-l PSK-AES256-CBC-SHA
# client TLSv1.1 PSK-AES256
-s
-v 2
-l PSK-AES256-CBC-SHA
# server TLSv1.2 PSK-AES128
-s
-v 3
-l PSK-AES128-CBC-SHA
# client TLSv1.2 PSK-AES128
-s
-v 3
-l PSK-AES128-CBC-SHA
# server TLSv1.2 PSK-AES256
-s
-v 3
-l PSK-AES256-CBC-SHA
# client TLSv1.2 PSK-AES256
-s
-v 3
-l PSK-AES256-CBC-SHA

1740
FreeRTOS-Plus/Source/CyaSSL/tests/test.conf
View file

File diff suppressed because it is too large Load diff

61
FreeRTOS-Plus/Source/CyaSSL/tests/unit.c
View file

@ -1,4 +1,10 @@
/* unit.c unit tests driver */
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <cyassl/ctaocrypt/settings.h>
#include <stdio.h>
#include <tests/unit.h>
@ -11,7 +17,20 @@ int main(int argc, char** argv)
{
int ret;
printf("staring unit tests...\n");
(void)argc;
(void)argv;
printf("starting unit tests...\n");
#ifdef HAVE_CAVIUM
ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
if (ret != 0)
err_sys("Cavium OpenNitroxDevice failed");
#endif /* HAVE_CAVIUM */
if (CurrentDir("tests") || CurrentDir("_build"))
ChangeDirBack(1);
else if (CurrentDir("Debug") || CurrentDir("Release"))
ChangeDirBack(3);
if ( (ret = ApiTest()) != 0) {
printf("api test failed with %d\n", ret);
@ -23,18 +42,27 @@ int main(int argc, char** argv)
return ret;
}
#ifndef SINGLE_THREADED
if ( (ret = SuiteTest()) != 0){
printf("suite test failed with %d\n", ret);
return ret;
}
#endif
#ifdef HAVE_CAVIUM
CspShutdown(CAVIUM_DEV_ID);
#endif
return 0;
}
void wait_tcp_ready(func_args* args)
{
#ifdef _POSIX_THREADS
#ifdef SINGLE_THREADED
(void)args;
#elif defined(_POSIX_THREADS) && !defined(__MINGW32__)
pthread_mutex_lock(&args->signal->mutex);
if (!args->signal->ready)
@ -42,13 +70,19 @@ void wait_tcp_ready(func_args* args)
args->signal->ready = 0; /* reset */
pthread_mutex_unlock(&args->signal->mutex);
#else
(void)args;
#endif
}
void start_thread(THREAD_FUNC fun, func_args* args, THREAD_TYPE* thread)
{
#ifdef _POSIX_THREADS
#ifdef SINGLE_THREADED
(void)fun;
(void)args;
(void)thread;
#elif defined(_POSIX_THREADS) && !defined(__MINGW32__)
pthread_create(thread, 0, fun, args);
return;
#else
@ -59,12 +93,14 @@ void start_thread(THREAD_FUNC fun, func_args* args, THREAD_TYPE* thread)
void join_thread(THREAD_TYPE thread)
{
#ifdef _POSIX_THREADS
#ifdef SINGLE_THREADED
(void)thread;
#elif defined(_POSIX_THREADS) && !defined(__MINGW32__)
pthread_join(thread, 0);
#else
int res = WaitForSingleObject(thread, INFINITE);
int res = WaitForSingleObject((HANDLE)thread, INFINITE);
assert(res == WAIT_OBJECT_0);
res = CloseHandle(thread);
res = CloseHandle((HANDLE)thread);
assert(res);
#endif
}
@ -73,7 +109,9 @@ void join_thread(THREAD_TYPE thread)
void InitTcpReady(tcp_ready* ready)
{
ready->ready = 0;
#ifdef _POSIX_THREADS
ready->port = 0;
#ifdef SINGLE_THREADED
#elif defined(_POSIX_THREADS) && !defined(__MINGW32__)
pthread_mutex_init(&ready->mutex, 0);
pthread_cond_init(&ready->cond, 0);
#endif
@ -82,8 +120,13 @@ void InitTcpReady(tcp_ready* ready)
void FreeTcpReady(tcp_ready* ready)
{
#ifdef _POSIX_THREADS
#ifdef SINGLE_THREADED
(void)ready;
#elif defined(_POSIX_THREADS) && !defined(__MINGW32__)
pthread_mutex_destroy(&ready->mutex);
pthread_cond_destroy(&ready->cond);
#else
(void)ready;
#endif
}
}

53
FreeRTOS-Plus/Source/CyaSSL/tests/unit.h
View file

@ -5,9 +5,60 @@
#include <cyassl/test.h> /* thread and tcp stuff */
#define Fail(description, result) do { \
printf("\nERROR - %s line %d failed with:", __FILE__, __LINE__); \
printf("\n\n test: "); printf description; \
printf("\n\n result: "); printf result; \
abort(); \
} while(0)
#define Assert(test, description, result) if (!(test)) Fail(description, result)
#define AssertTrue(x) Assert( (x), ("%s is true", #x), (#x " => FALSE"))
#define AssertFalse(x) Assert(!(x), ("%s is false", #x), (#x " => TRUE"))
#define AssertNotNull(x) Assert( (x), ("%s is not null", #x), (#x " => NULL"))
#define AssertNull(x) do { \
void* _x = (void *) (x); \
\
Assert(!_x, ("%s is null", #x), (#x " => %p", _x)); \
} while(0)
#define AssertInt(x, y, op, er) do { \
int _x = x; \
int _y = y; \
\
Assert(_x op _y, ("%s " #op " %s", #x, #y), ("%d " #er " %d", _x, _y)); \
} while(0)
#define AssertIntEQ(x, y) AssertInt(x, y, ==, !=)
#define AssertIntNE(x, y) AssertInt(x, y, !=, ==)
#define AssertIntGT(x, y) AssertInt(x, y, >, <=)
#define AssertIntLT(x, y) AssertInt(x, y, <, >=)
#define AssertIntGE(x, y) AssertInt(x, y, >=, <)
#define AssertIntLE(x, y) AssertInt(x, y, <=, >)
#define AssertStr(x, y, op, er) do { \
const char* _x = x; \
const char* _y = y; \
int _z = strcmp(_x, _y); \
\
Assert(_z op 0, ("%s " #op " %s", #x, #y), \
("\"%s\" " #er " \"%s\"", _x, _y));\
} while(0)
#define AssertStrEQ(x, y) AssertStr(x, y, ==, !=)
#define AssertStrNE(x, y) AssertStr(x, y, !=, ==)
#define AssertStrGT(x, y) AssertStr(x, y, >, <=)
#define AssertStrLT(x, y) AssertStr(x, y, <, >=)
#define AssertStrGE(x, y) AssertStr(x, y, >=, <)
#define AssertStrLE(x, y) AssertStr(x, y, <=, >)
int ApiTest(void);
int SuiteTest(void);
int HashTest(void);
#endif /* CyaSSL_UNIT_H */
#endif /* CyaSSL_UNIT_H */