test: add DTLSv1.3 test suites

2022-05-20 10:00:40 +02:00
parent 12a3efeca8
commit 25cf98a417
5 changed files with 366 additions and 0 deletions
--- a/tests/include.am
+++ b/tests/include.am
@@ -40,6 +40,9 @@ EXTRA_DIST += tests/unit.h \
              tests/test-dtls-sha2.conf \
              tests/test-dtls-srtp.conf \
              tests/test-dtls-srtp-fails.conf \
              tests/test-dtls13.conf \
              tests/test-dtls13-downgrade.conf \
              tests/test-dtls13-psk.conf \
              tests/test-sctp.conf \
              tests/test-sctp-sha2.conf \
              tests/test-sig.conf \
--- a/tests/suites.c
+++ b/tests/suites.c
@@ -1088,6 +1088,42 @@ int SuiteTest(int argc, char** argv)
    strcpy(argv0[2], "");
 #endif
 #ifdef WOLFSSL_DTLS13
    args.argc = 2;
    strcpy(argv0[1], "tests/test-dtls13.conf");
    printf("starting DTLSv1.3 suite\n");
    test_harness(&args);
    if (args.return_code != 0) {
        printf("error from script %d\n", args.return_code);
        args.return_code = EXIT_FAILURE;
        goto exit;
    }
 #ifndef WOLFSSL_NO_TLS12
    args.argc = 2;
    strcpy(argv0[1], "tests/test-dtls13-downgrade.conf");
    printf("starting DTLSv1.3 suite - downgrade\n");
    test_harness(&args);
    if (args.return_code != 0) {
        printf("error from script %d\n", args.return_code);
        args.return_code = EXIT_FAILURE;
        goto exit;
    }
 #endif /* WOLFSSL_NO_TLS12 */
 #ifndef NO_PSK
    XSTRLCPY(argv0[1], "tests/test-dtls13-psk.conf", sizeof(argv0[1]));
    printf("starting DTLS 1.3 psk suite tests\n");
    test_harness(&args);
    if (args.return_code != 0) {
        printf("error from script %d\n", args.return_code);
        args.return_code = EXIT_FAILURE;
        goto exit;
    }
 #endif /* NO_PSK */
 #endif /* WOLFSSL_DTLS13 */
 #endif
 #ifdef WOLFSSL_SCTP
    /* add dtls-sctp extra suites */
--- a/tests/test-dtls13-downgrade.conf
+++ b/tests/test-dtls13-downgrade.conf
@@ -0,0 +1,11 @@
 # server DTLSv1.3 allow downgrading
 -vd
 -7 2
 -u
 -l TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
 # client TLSv1.2 group message
 -v 3
 -u
 -l TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
 -f
--- a/tests/test-dtls13-psk.conf
+++ b/tests/test-dtls13-psk.conf
@@ -0,0 +1,54 @@
 # server TLSv1.3 PSK
 # Use AES128-GCM and SHA256
 -v 4
 -u
 -s
 -l TLS13-AES128-GCM-SHA256
 -d
 # client TLSv1.3 PSK
 # Use AES128-GCM and SHA256
 -v 4
 -u
 -s
 -l TLS13-AES128-GCM-SHA256
 # server TLSv1.3 PSK plus
 -v 4
 -u
 -j
 -l TLS13-AES128-GCM-SHA256
 -d
 # client TLSv1.3 PSK
 -v 4
 -u
 -s
 -l TLS13-AES128-GCM-SHA256
 # server TLSv1.3 PSK
 -v 4
 -u
 -j
 -l TLS13-AES128-GCM-SHA256
 -d
 # client TLSv1.3 not-PSK
 -v 4
 -u
 -l TLS13-AES128-GCM-SHA256
 # server TLSv1.3 PSK
 # AES256-GCM and SHA384
 -v 4
 -u
 -s
 -l TLS13-AES256-GCM-SHA384
 -d
 # client TLSv1.3 PSK
 # AES256-GCM and SHA384
 -v 4
 -u
 -s
 -l TLS13-AES256-GCM-SHA384
--- a/tests/test-dtls13.conf
+++ b/tests/test-dtls13.conf
@@ -0,0 +1,262 @@
 # server DTLSv1.3 defaults
 -u
 -v 4
 -l TLS_AES_128_GCM_SHA256
 # client DTLSv1.3 defaults
 -u
 -v 4
 -l TLS_AES_128_GCM_SHA256
 # server DTLSv1.3 defaults async I/O
 -u
 -v 4
 -l TLS_AES_128_GCM_SHA256
 -6
 # client DTLSv1.3 defaults async I/O
 -u
 -v 4
 -l TLS_AES_128_GCM_SHA256
 -6
 # server DTLSv1.3 TLS13-CHACHA20-POLY1305-SHA256
 -u
 -v 4
 -l TLS13-CHACHA20-POLY1305-SHA256
 # client DTLSv1.3 TLS13-CHACHA20-POLY1305-SHA256
 -u
 -v 4
 -l TLS13-CHACHA20-POLY1305-SHA256
 # server DTLSv1.3 TLS13-AES128-CCM-SHA256
 -v 4
 -u
 -l TLS13-AES128-CCM-SHA256
 # client DTLSv1.3 TLS13-AES128-CCM-SHA256
 -u
 -v 4
 -u
 -l TLS13-AES128-CCM-SHA256
 # server DTLSv1.3 resumption
 -v 4
 -u
 -l TLS13-AES128-GCM-SHA256
 -r
 # client DTLSv1.3 resumption
 -v 4
 -u
 -l TLS13-AES128-GCM-SHA256
 -r
 # server DTLSv1.3 resumption - SHA384
 -v 4
 -u
 -l TLS13-AES256-GCM-SHA384
 -r
 # client DTLSv1.3 resumption - SHA384
 -v 4
 -u
 -l TLS13-AES256-GCM-SHA384
 -r
 # server DTLSv1.3 PSK without (EC)DHE
 -v 4
 -u
 -l TLS13-AES128-GCM-SHA256
 -r
 # client DTLSv1.3 PSK without (EC)DHE
 -v 4
 -u
 -l TLS13-AES128-GCM-SHA256
 -r
 -K
 # server DTLSv1.3 accepting EarlyData
 -u
 -v 4
 -l TLS13-AES128-GCM-SHA256
 -r
 -0
 # client DTLSv1.3 sending EarlyData
 -u
 -v 4
 -l TLS13-AES128-GCM-SHA256
 -r
 -0
 # client DTLSv1.3 sending EarlyData
 -u
 -v 4
 -l TLS13-AES128-GCM-SHA256
 -r
 -0
 # server DTLSv1.3 not accepting EarlyData
 -u
 -v 4
 -l TLS13-AES128-GCM-SHA256
 -r
 # server DTLSv1.3 accepting EarlyData
 -u
 -v 4
 -l TLS13-AES128-GCM-SHA256
 -r
 -0
 # client DTLSv1.3 not sending EarlyData
 -u
 -v 4
 -l TLS13-AES128-GCM-SHA256
 -r
 # server DTLSv1.3
 -u
 -v 4
 -l TLS13-AES128-GCM-SHA256
 # client DTLSv1.3 HelloRetryRequest to negotiate Key Exchange algorithm
 -u
 -v 4
 -l TLS13-AES128-GCM-SHA256
 -J
 # server DTLSv1.3
 -v 4
 -u
 -l TLS13-AES128-GCM-SHA256
 -J
 # client DTLSv1.3 HelloRetryRequest with cookie
 -v 4
 -u
 -l TLS13-AES128-GCM-SHA256
 -J
 # server DTLSv1.3
 -v 4
 -u
 -l TLS13-AES128-GCM-SHA256
 # client DTLSv1.3 DH key exchange
 -v 4
 -u
 -l TLS13-AES128-GCM-SHA256
 -y
 # server DTLSv1.3
 -v 4
 -l TLS13-AES128-GCM-SHA256
 # client DTLSv1.3 ECC key exchange
 -v 4
 -l TLS13-AES128-GCM-SHA256
 -Y
 # server DTLSv1.3 multiple cipher suites
 -v 4
 -l TLS13-AES128-GCM-SHA256:TLS13-AES256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES128-CCM-SHA256:TLS13-AES128-CCM-8-SHA256
 # client DTLSv1.3
 -v 4
 -l TLS13-AES128-GCM-SHA256:TLS13-AES256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES128-CCM-SHA256:TLS13-AES128-CCM-8-SHA256
 # server DTLSv1.3 KeyUpdate
 -v 4
 -u
 -l TLS13-AES128-GCM-SHA256
 -U
 # client DTLSv1.3 KeyUpdate
 -v 4
 -u
 -l TLS13-AES128-GCM-SHA256
 -I
 # server DTLSv1.3 KeyUpdate
 -v 4
 -u
 -l TLS13-AES128-GCM-SHA256
 -U
 # client DTLSv1.3 KeyUpdate
 -v 4
 -u
 -l TLS13-AES128-GCM-SHA256
 -I
 # server DTLSv1.3 No session ticket
 -v 4
 -l TLS13-AES128-GCM-SHA256
 -u
 -T
 # client DTLSv1.3  No session ticket
 -v 4
 -u
 -l TLS13-AES128-GCM-SHA256
 # server DTLSv1.3 No session ticket
 -v 4
 -l TLS13-AES128-GCM-SHA256
 -u
 # client DTLSv1.3 wait ticket
 -v 4
 -u
 -l TLS13-AES128-GCM-SHA256
 --waitTicket
 # server DTLSv1.3 Post-Handshake Authentication
 -v 4
 -u
 -l TLS13-AES128-GCM-SHA256
 -Q
 # client DTLSv1.3 Post-Handshake Authentication
 -v 4
 -u
 -l TLS13-AES128-GCM-SHA256
 -Q
 # server DTLSv1.3 group messages
 -v 4
 -u
 -l TLS13-AES128-GCM-SHA256
 -f
 # client DTLSv1.3 group message
 -v 4
 -u
 -l TLS13-AES128-GCM-SHA256
 -f
 # server DTLSv1.3 group messages
 -v 4
 -u
 -l TLS13-AES128-GCM-SHA256
 -f
 # client DTLSv1.3
 -v 4
 -u
 -l TLS13-AES128-GCM-SHA256
 # server DTLSv1.3
 -v 4
 -u
 -l TLS13-AES128-GCM-SHA256
 # client DTLSv1.3 group message
 -v 4
 -u
 -l TLS13-AES128-GCM-SHA256
 -f