1#!/bin/sh 2 3# compat.sh 4# 5# Copyright The Mbed TLS Contributors 6# SPDX-License-Identifier: Apache-2.0 7# 8# Licensed under the Apache License, Version 2.0 (the "License"); you may 9# not use this file except in compliance with the License. 10# You may obtain a copy of the License at 11# 12# http://www.apache.org/licenses/LICENSE-2.0 13# 14# Unless required by applicable law or agreed to in writing, software 15# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 16# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 17# See the License for the specific language governing permissions and 18# limitations under the License. 19# 20# Purpose 21# 22# Test interoperbility with OpenSSL, GnuTLS as well as itself. 23# 24# Check each common ciphersuite, with each version, both ways (client/server), 25# with and without client authentication. 26 27set -u 28 29# Limit the size of each log to 10 GiB, in case of failures with this script 30# where it may output seemingly unlimited length error logs. 31ulimit -f 20971520 32 33# initialise counters 34TESTS=0 35FAILED=0 36SKIPPED=0 37SRVMEM=0 38 39# default commands, can be overridden by the environment 40: ${M_SRV:=../programs/ssl/ssl_server2} 41: ${M_CLI:=../programs/ssl/ssl_client2} 42: ${OPENSSL_CMD:=openssl} # OPENSSL would conflict with the build system 43: ${GNUTLS_CLI:=gnutls-cli} 44: ${GNUTLS_SERV:=gnutls-serv} 45 46# do we have a recent enough GnuTLS? 47if ( which $GNUTLS_CLI && which $GNUTLS_SERV ) >/dev/null 2>&1; then 48 G_VER="$( $GNUTLS_CLI --version | head -n1 )" 49 if echo "$G_VER" | grep '@VERSION@' > /dev/null; then # git version 50 PEER_GNUTLS=" GnuTLS" 51 else 52 eval $( echo $G_VER | sed 's/.* \([0-9]*\)\.\([0-9]\)*\.\([0-9]*\)$/MAJOR="\1" MINOR="\2" PATCH="\3"/' ) 53 if [ $MAJOR -lt 3 -o \ 54 \( $MAJOR -eq 3 -a $MINOR -lt 2 \) -o \ 55 \( $MAJOR -eq 3 -a $MINOR -eq 2 -a $PATCH -lt 15 \) ] 56 then 57 PEER_GNUTLS="" 58 else 59 PEER_GNUTLS=" GnuTLS" 60 if [ $MINOR -lt 4 ]; then 61 GNUTLS_MINOR_LT_FOUR='x' 62 fi 63 fi 64 fi 65else 66 PEER_GNUTLS="" 67fi 68 69# default values for options 70MODES="tls1 tls1_1 tls1_2 dtls1 dtls1_2" 71VERIFIES="NO YES" 72TYPES="ECDSA RSA PSK" 73FILTER="" 74# exclude: 75# - NULL: excluded from our default config 76# - RC4, single-DES: requires legacy OpenSSL/GnuTLS versions 77# avoid plain DES but keep 3DES-EDE-CBC (mbedTLS), DES-CBC3 (OpenSSL) 78# - ARIA: not in default config.h + requires OpenSSL >= 1.1.1 79# - ChachaPoly: requires OpenSSL >= 1.1.0 80# - 3DES: not in default config 81EXCLUDE='NULL\|DES\|RC4\|ARCFOUR\|ARIA\|CHACHA20-POLY1305' 82VERBOSE="" 83MEMCHECK=0 84PEERS="OpenSSL$PEER_GNUTLS mbedTLS" 85 86# hidden option: skip DTLS with OpenSSL 87# (travis CI has a version that doesn't work for us) 88: ${OSSL_NO_DTLS:=0} 89 90print_usage() { 91 echo "Usage: $0" 92 printf " -h|--help\tPrint this help.\n" 93 printf " -f|--filter\tOnly matching ciphersuites are tested (Default: '%s')\n" "$FILTER" 94 printf " -e|--exclude\tMatching ciphersuites are excluded (Default: '%s')\n" "$EXCLUDE" 95 printf " -m|--modes\tWhich modes to perform (Default: '%s')\n" "$MODES" 96 printf " -t|--types\tWhich key exchange type to perform (Default: '%s')\n" "$TYPES" 97 printf " -V|--verify\tWhich verification modes to perform (Default: '%s')\n" "$VERIFIES" 98 printf " -p|--peers\tWhich peers to use (Default: '%s')\n" "$PEERS" 99 printf " \tAlso available: GnuTLS (needs v3.2.15 or higher)\n" 100 printf " -M|--memcheck\tCheck memory leaks and errors.\n" 101 printf " -v|--verbose\tSet verbose output.\n" 102} 103 104get_options() { 105 while [ $# -gt 0 ]; do 106 case "$1" in 107 -f|--filter) 108 shift; FILTER=$1 109 ;; 110 -e|--exclude) 111 shift; EXCLUDE=$1 112 ;; 113 -m|--modes) 114 shift; MODES=$1 115 ;; 116 -t|--types) 117 shift; TYPES=$1 118 ;; 119 -V|--verify) 120 shift; VERIFIES=$1 121 ;; 122 -p|--peers) 123 shift; PEERS=$1 124 ;; 125 -v|--verbose) 126 VERBOSE=1 127 ;; 128 -M|--memcheck) 129 MEMCHECK=1 130 ;; 131 -h|--help) 132 print_usage 133 exit 0 134 ;; 135 *) 136 echo "Unknown argument: '$1'" 137 print_usage 138 exit 1 139 ;; 140 esac 141 shift 142 done 143 144 # sanitize some options (modes checked later) 145 VERIFIES="$( echo $VERIFIES | tr [a-z] [A-Z] )" 146 TYPES="$( echo $TYPES | tr [a-z] [A-Z] )" 147} 148 149log() { 150 if [ "X" != "X$VERBOSE" ]; then 151 echo "" 152 echo "$@" 153 fi 154} 155 156# is_dtls <mode> 157is_dtls() 158{ 159 test "$1" = "dtls1" -o "$1" = "dtls1_2" 160} 161 162# minor_ver <mode> 163minor_ver() 164{ 165 case "$1" in 166 ssl3) 167 echo 0 168 ;; 169 tls1) 170 echo 1 171 ;; 172 tls1_1|dtls1) 173 echo 2 174 ;; 175 tls1_2|dtls1_2) 176 echo 3 177 ;; 178 *) 179 echo "error: invalid mode: $MODE" >&2 180 # exiting is no good here, typically called in a subshell 181 echo -1 182 esac 183} 184 185filter() 186{ 187 LIST="$1" 188 NEW_LIST="" 189 190 if is_dtls "$MODE"; then 191 EXCLMODE="$EXCLUDE"'\|RC4\|ARCFOUR' 192 else 193 EXCLMODE="$EXCLUDE" 194 fi 195 196 for i in $LIST; 197 do 198 NEW_LIST="$NEW_LIST $( echo "$i" | grep "$FILTER" | grep -v "$EXCLMODE" )" 199 done 200 201 # normalize whitespace 202 echo "$NEW_LIST" | sed -e 's/[[:space:]][[:space:]]*/ /g' -e 's/^ //' -e 's/ $//' 203} 204 205# OpenSSL 1.0.1h with -Verify wants a ClientCertificate message even for 206# PSK ciphersuites with DTLS, which is incorrect, so disable them for now 207check_openssl_server_bug() 208{ 209 if test "X$VERIFY" = "XYES" && is_dtls "$MODE" && \ 210 echo "$1" | grep "^TLS-PSK" >/dev/null; 211 then 212 SKIP_NEXT="YES" 213 fi 214} 215 216filter_ciphersuites() 217{ 218 if [ "X" != "X$FILTER" -o "X" != "X$EXCLUDE" ]; 219 then 220 # Ciphersuite for mbed TLS 221 M_CIPHERS=$( filter "$M_CIPHERS" ) 222 223 # Ciphersuite for OpenSSL 224 O_CIPHERS=$( filter "$O_CIPHERS" ) 225 226 # Ciphersuite for GnuTLS 227 G_CIPHERS=$( filter "$G_CIPHERS" ) 228 fi 229 230 # OpenSSL <1.0.2 doesn't support DTLS 1.2. Check what OpenSSL 231 # supports from the s_server help. (The s_client help isn't 232 # accurate as of 1.0.2g: it supports DTLS 1.2 but doesn't list it. 233 # But the s_server help seems to be accurate.) 234 if ! $OPENSSL_CMD s_server -help 2>&1 | grep -q "^ *-$MODE "; then 235 M_CIPHERS="" 236 O_CIPHERS="" 237 fi 238 239 # For GnuTLS client -> mbed TLS server, 240 # we need to force IPv4 by connecting to 127.0.0.1 but then auth fails 241 if [ "X$VERIFY" = "XYES" ] && is_dtls "$MODE"; then 242 G_CIPHERS="" 243 fi 244} 245 246reset_ciphersuites() 247{ 248 M_CIPHERS="" 249 O_CIPHERS="" 250 G_CIPHERS="" 251} 252 253# Ciphersuites that can be used with all peers. 254# Since we currently have three possible peers, each ciphersuite should appear 255# three times: in each peer's list (with the name that this peer uses). 256add_common_ciphersuites() 257{ 258 case $TYPE in 259 260 "ECDSA") 261 if [ `minor_ver "$MODE"` -gt 0 ] 262 then 263 M_CIPHERS="$M_CIPHERS \ 264 TLS-ECDHE-ECDSA-WITH-NULL-SHA \ 265 TLS-ECDHE-ECDSA-WITH-RC4-128-SHA \ 266 TLS-ECDHE-ECDSA-WITH-3DES-EDE-CBC-SHA \ 267 TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA \ 268 TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA \ 269 " 270 G_CIPHERS="$G_CIPHERS \ 271 +ECDHE-ECDSA:+NULL:+SHA1 \ 272 +ECDHE-ECDSA:+ARCFOUR-128:+SHA1 \ 273 +ECDHE-ECDSA:+3DES-CBC:+SHA1 \ 274 +ECDHE-ECDSA:+AES-128-CBC:+SHA1 \ 275 +ECDHE-ECDSA:+AES-256-CBC:+SHA1 \ 276 " 277 O_CIPHERS="$O_CIPHERS \ 278 ECDHE-ECDSA-NULL-SHA \ 279 ECDHE-ECDSA-RC4-SHA \ 280 ECDHE-ECDSA-DES-CBC3-SHA \ 281 ECDHE-ECDSA-AES128-SHA \ 282 ECDHE-ECDSA-AES256-SHA \ 283 " 284 fi 285 if [ `minor_ver "$MODE"` -ge 3 ] 286 then 287 M_CIPHERS="$M_CIPHERS \ 288 TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 \ 289 TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384 \ 290 TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256 \ 291 TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384 \ 292 " 293 G_CIPHERS="$G_CIPHERS \ 294 +ECDHE-ECDSA:+AES-128-CBC:+SHA256 \ 295 +ECDHE-ECDSA:+AES-256-CBC:+SHA384 \ 296 +ECDHE-ECDSA:+AES-128-GCM:+AEAD \ 297 +ECDHE-ECDSA:+AES-256-GCM:+AEAD \ 298 " 299 O_CIPHERS="$O_CIPHERS \ 300 ECDHE-ECDSA-AES128-SHA256 \ 301 ECDHE-ECDSA-AES256-SHA384 \ 302 ECDHE-ECDSA-AES128-GCM-SHA256 \ 303 ECDHE-ECDSA-AES256-GCM-SHA384 \ 304 " 305 fi 306 ;; 307 308 "RSA") 309 M_CIPHERS="$M_CIPHERS \ 310 TLS-DHE-RSA-WITH-AES-128-CBC-SHA \ 311 TLS-DHE-RSA-WITH-AES-256-CBC-SHA \ 312 TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA \ 313 TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA \ 314 TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA \ 315 TLS-RSA-WITH-AES-256-CBC-SHA \ 316 TLS-RSA-WITH-CAMELLIA-256-CBC-SHA \ 317 TLS-RSA-WITH-AES-128-CBC-SHA \ 318 TLS-RSA-WITH-CAMELLIA-128-CBC-SHA \ 319 TLS-RSA-WITH-3DES-EDE-CBC-SHA \ 320 TLS-RSA-WITH-RC4-128-SHA \ 321 TLS-RSA-WITH-RC4-128-MD5 \ 322 TLS-RSA-WITH-NULL-MD5 \ 323 TLS-RSA-WITH-NULL-SHA \ 324 " 325 G_CIPHERS="$G_CIPHERS \ 326 +DHE-RSA:+AES-128-CBC:+SHA1 \ 327 +DHE-RSA:+AES-256-CBC:+SHA1 \ 328 +DHE-RSA:+CAMELLIA-128-CBC:+SHA1 \ 329 +DHE-RSA:+CAMELLIA-256-CBC:+SHA1 \ 330 +DHE-RSA:+3DES-CBC:+SHA1 \ 331 +RSA:+AES-256-CBC:+SHA1 \ 332 +RSA:+CAMELLIA-256-CBC:+SHA1 \ 333 +RSA:+AES-128-CBC:+SHA1 \ 334 +RSA:+CAMELLIA-128-CBC:+SHA1 \ 335 +RSA:+3DES-CBC:+SHA1 \ 336 +RSA:+ARCFOUR-128:+SHA1 \ 337 +RSA:+ARCFOUR-128:+MD5 \ 338 +RSA:+NULL:+MD5 \ 339 +RSA:+NULL:+SHA1 \ 340 " 341 O_CIPHERS="$O_CIPHERS \ 342 DHE-RSA-AES128-SHA \ 343 DHE-RSA-AES256-SHA \ 344 DHE-RSA-CAMELLIA128-SHA \ 345 DHE-RSA-CAMELLIA256-SHA \ 346 EDH-RSA-DES-CBC3-SHA \ 347 AES256-SHA \ 348 CAMELLIA256-SHA \ 349 AES128-SHA \ 350 CAMELLIA128-SHA \ 351 DES-CBC3-SHA \ 352 RC4-SHA \ 353 RC4-MD5 \ 354 NULL-MD5 \ 355 NULL-SHA \ 356 " 357 if [ `minor_ver "$MODE"` -gt 0 ] 358 then 359 M_CIPHERS="$M_CIPHERS \ 360 TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA \ 361 TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA \ 362 TLS-ECDHE-RSA-WITH-3DES-EDE-CBC-SHA \ 363 TLS-ECDHE-RSA-WITH-RC4-128-SHA \ 364 TLS-ECDHE-RSA-WITH-NULL-SHA \ 365 " 366 G_CIPHERS="$G_CIPHERS \ 367 +ECDHE-RSA:+AES-128-CBC:+SHA1 \ 368 +ECDHE-RSA:+AES-256-CBC:+SHA1 \ 369 +ECDHE-RSA:+3DES-CBC:+SHA1 \ 370 +ECDHE-RSA:+ARCFOUR-128:+SHA1 \ 371 +ECDHE-RSA:+NULL:+SHA1 \ 372 " 373 O_CIPHERS="$O_CIPHERS \ 374 ECDHE-RSA-AES256-SHA \ 375 ECDHE-RSA-AES128-SHA \ 376 ECDHE-RSA-DES-CBC3-SHA \ 377 ECDHE-RSA-RC4-SHA \ 378 ECDHE-RSA-NULL-SHA \ 379 " 380 fi 381 if [ `minor_ver "$MODE"` -ge 3 ] 382 then 383 M_CIPHERS="$M_CIPHERS \ 384 TLS-RSA-WITH-AES-128-CBC-SHA256 \ 385 TLS-DHE-RSA-WITH-AES-128-CBC-SHA256 \ 386 TLS-RSA-WITH-AES-256-CBC-SHA256 \ 387 TLS-DHE-RSA-WITH-AES-256-CBC-SHA256 \ 388 TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256 \ 389 TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384 \ 390 TLS-RSA-WITH-AES-128-GCM-SHA256 \ 391 TLS-RSA-WITH-AES-256-GCM-SHA384 \ 392 TLS-DHE-RSA-WITH-AES-128-GCM-SHA256 \ 393 TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 \ 394 TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256 \ 395 TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384 \ 396 " 397 G_CIPHERS="$G_CIPHERS \ 398 +RSA:+AES-128-CBC:+SHA256 \ 399 +DHE-RSA:+AES-128-CBC:+SHA256 \ 400 +RSA:+AES-256-CBC:+SHA256 \ 401 +DHE-RSA:+AES-256-CBC:+SHA256 \ 402 +ECDHE-RSA:+AES-128-CBC:+SHA256 \ 403 +ECDHE-RSA:+AES-256-CBC:+SHA384 \ 404 +RSA:+AES-128-GCM:+AEAD \ 405 +RSA:+AES-256-GCM:+AEAD \ 406 +DHE-RSA:+AES-128-GCM:+AEAD \ 407 +DHE-RSA:+AES-256-GCM:+AEAD \ 408 +ECDHE-RSA:+AES-128-GCM:+AEAD \ 409 +ECDHE-RSA:+AES-256-GCM:+AEAD \ 410 " 411 O_CIPHERS="$O_CIPHERS \ 412 NULL-SHA256 \ 413 AES128-SHA256 \ 414 DHE-RSA-AES128-SHA256 \ 415 AES256-SHA256 \ 416 DHE-RSA-AES256-SHA256 \ 417 ECDHE-RSA-AES128-SHA256 \ 418 ECDHE-RSA-AES256-SHA384 \ 419 AES128-GCM-SHA256 \ 420 DHE-RSA-AES128-GCM-SHA256 \ 421 AES256-GCM-SHA384 \ 422 DHE-RSA-AES256-GCM-SHA384 \ 423 ECDHE-RSA-AES128-GCM-SHA256 \ 424 ECDHE-RSA-AES256-GCM-SHA384 \ 425 " 426 fi 427 ;; 428 429 "PSK") 430 M_CIPHERS="$M_CIPHERS \ 431 TLS-PSK-WITH-RC4-128-SHA \ 432 TLS-PSK-WITH-3DES-EDE-CBC-SHA \ 433 TLS-PSK-WITH-AES-128-CBC-SHA \ 434 TLS-PSK-WITH-AES-256-CBC-SHA \ 435 " 436 G_CIPHERS="$G_CIPHERS \ 437 +PSK:+ARCFOUR-128:+SHA1 \ 438 +PSK:+3DES-CBC:+SHA1 \ 439 +PSK:+AES-128-CBC:+SHA1 \ 440 +PSK:+AES-256-CBC:+SHA1 \ 441 " 442 O_CIPHERS="$O_CIPHERS \ 443 PSK-RC4-SHA \ 444 PSK-3DES-EDE-CBC-SHA \ 445 PSK-AES128-CBC-SHA \ 446 PSK-AES256-CBC-SHA \ 447 " 448 ;; 449 esac 450} 451 452# Ciphersuites usable only with Mbed TLS and OpenSSL 453# Each ciphersuite should appear two times, once with its OpenSSL name, once 454# with its Mbed TLS name. 455# 456# NOTE: for some reason RSA-PSK doesn't work with OpenSSL, 457# so RSA-PSK ciphersuites need to go in other sections, see 458# https://github.com/ARMmbed/mbedtls/issues/1419 459# 460# ChachaPoly suites are here rather than in "common", as they were added in 461# GnuTLS in 3.5.0 and the CI only has 3.4.x so far. 462add_openssl_ciphersuites() 463{ 464 case $TYPE in 465 466 "ECDSA") 467 if [ `minor_ver "$MODE"` -gt 0 ] 468 then 469 M_CIPHERS="$M_CIPHERS \ 470 TLS-ECDH-ECDSA-WITH-NULL-SHA \ 471 TLS-ECDH-ECDSA-WITH-RC4-128-SHA \ 472 TLS-ECDH-ECDSA-WITH-3DES-EDE-CBC-SHA \ 473 TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA \ 474 TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA \ 475 " 476 O_CIPHERS="$O_CIPHERS \ 477 ECDH-ECDSA-NULL-SHA \ 478 ECDH-ECDSA-RC4-SHA \ 479 ECDH-ECDSA-DES-CBC3-SHA \ 480 ECDH-ECDSA-AES128-SHA \ 481 ECDH-ECDSA-AES256-SHA \ 482 " 483 fi 484 if [ `minor_ver "$MODE"` -ge 3 ] 485 then 486 M_CIPHERS="$M_CIPHERS \ 487 TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256 \ 488 TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384 \ 489 TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256 \ 490 TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384 \ 491 TLS-ECDHE-ECDSA-WITH-ARIA-256-GCM-SHA384 \ 492 TLS-ECDHE-ECDSA-WITH-ARIA-128-GCM-SHA256 \ 493 TLS-ECDHE-ECDSA-WITH-CHACHA20-POLY1305-SHA256 \ 494 " 495 O_CIPHERS="$O_CIPHERS \ 496 ECDH-ECDSA-AES128-SHA256 \ 497 ECDH-ECDSA-AES256-SHA384 \ 498 ECDH-ECDSA-AES128-GCM-SHA256 \ 499 ECDH-ECDSA-AES256-GCM-SHA384 \ 500 ECDHE-ECDSA-ARIA256-GCM-SHA384 \ 501 ECDHE-ECDSA-ARIA128-GCM-SHA256 \ 502 ECDHE-ECDSA-CHACHA20-POLY1305 \ 503 " 504 fi 505 ;; 506 507 "RSA") 508 M_CIPHERS="$M_CIPHERS \ 509 TLS-RSA-WITH-DES-CBC-SHA \ 510 TLS-DHE-RSA-WITH-DES-CBC-SHA \ 511 " 512 O_CIPHERS="$O_CIPHERS \ 513 DES-CBC-SHA \ 514 EDH-RSA-DES-CBC-SHA \ 515 " 516 if [ `minor_ver "$MODE"` -ge 3 ] 517 then 518 M_CIPHERS="$M_CIPHERS \ 519 TLS-ECDHE-RSA-WITH-ARIA-256-GCM-SHA384 \ 520 TLS-DHE-RSA-WITH-ARIA-256-GCM-SHA384 \ 521 TLS-RSA-WITH-ARIA-256-GCM-SHA384 \ 522 TLS-ECDHE-RSA-WITH-ARIA-128-GCM-SHA256 \ 523 TLS-DHE-RSA-WITH-ARIA-128-GCM-SHA256 \ 524 TLS-RSA-WITH-ARIA-128-GCM-SHA256 \ 525 TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256 \ 526 TLS-ECDHE-RSA-WITH-CHACHA20-POLY1305-SHA256 \ 527 " 528 O_CIPHERS="$O_CIPHERS \ 529 ECDHE-ARIA256-GCM-SHA384 \ 530 DHE-RSA-ARIA256-GCM-SHA384 \ 531 ARIA256-GCM-SHA384 \ 532 ECDHE-ARIA128-GCM-SHA256 \ 533 DHE-RSA-ARIA128-GCM-SHA256 \ 534 ARIA128-GCM-SHA256 \ 535 DHE-RSA-CHACHA20-POLY1305 \ 536 ECDHE-RSA-CHACHA20-POLY1305 \ 537 " 538 fi 539 ;; 540 541 "PSK") 542 if [ `minor_ver "$MODE"` -ge 3 ] 543 then 544 M_CIPHERS="$M_CIPHERS \ 545 TLS-DHE-PSK-WITH-ARIA-256-GCM-SHA384 \ 546 TLS-DHE-PSK-WITH-ARIA-128-GCM-SHA256 \ 547 TLS-PSK-WITH-ARIA-256-GCM-SHA384 \ 548 TLS-PSK-WITH-ARIA-128-GCM-SHA256 \ 549 TLS-PSK-WITH-CHACHA20-POLY1305-SHA256 \ 550 TLS-ECDHE-PSK-WITH-CHACHA20-POLY1305-SHA256 \ 551 TLS-DHE-PSK-WITH-CHACHA20-POLY1305-SHA256 \ 552 " 553 O_CIPHERS="$O_CIPHERS \ 554 DHE-PSK-ARIA256-GCM-SHA384 \ 555 DHE-PSK-ARIA128-GCM-SHA256 \ 556 PSK-ARIA256-GCM-SHA384 \ 557 PSK-ARIA128-GCM-SHA256 \ 558 DHE-PSK-CHACHA20-POLY1305 \ 559 ECDHE-PSK-CHACHA20-POLY1305 \ 560 PSK-CHACHA20-POLY1305 \ 561 " 562 fi 563 ;; 564 esac 565} 566 567# Ciphersuites usable only with Mbed TLS and GnuTLS 568# Each ciphersuite should appear two times, once with its GnuTLS name, once 569# with its Mbed TLS name. 570add_gnutls_ciphersuites() 571{ 572 case $TYPE in 573 574 "ECDSA") 575 if [ `minor_ver "$MODE"` -ge 3 ] 576 then 577 M_CIPHERS="$M_CIPHERS \ 578 TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-CBC-SHA256 \ 579 TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 \ 580 TLS-ECDHE-ECDSA-WITH-CAMELLIA-128-GCM-SHA256 \ 581 TLS-ECDHE-ECDSA-WITH-CAMELLIA-256-GCM-SHA384 \ 582 TLS-ECDHE-ECDSA-WITH-AES-128-CCM \ 583 TLS-ECDHE-ECDSA-WITH-AES-256-CCM \ 584 TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8 \ 585 TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8 \ 586 " 587 G_CIPHERS="$G_CIPHERS \ 588 +ECDHE-ECDSA:+CAMELLIA-128-CBC:+SHA256 \ 589 +ECDHE-ECDSA:+CAMELLIA-256-CBC:+SHA384 \ 590 +ECDHE-ECDSA:+CAMELLIA-128-GCM:+AEAD \ 591 +ECDHE-ECDSA:+CAMELLIA-256-GCM:+AEAD \ 592 +ECDHE-ECDSA:+AES-128-CCM:+AEAD \ 593 +ECDHE-ECDSA:+AES-256-CCM:+AEAD \ 594 +ECDHE-ECDSA:+AES-128-CCM-8:+AEAD \ 595 +ECDHE-ECDSA:+AES-256-CCM-8:+AEAD \ 596 " 597 fi 598 ;; 599 600 "RSA") 601 if [ `minor_ver "$MODE"` -gt 0 ] 602 then 603 M_CIPHERS="$M_CIPHERS \ 604 TLS-RSA-WITH-NULL-SHA256 \ 605 " 606 G_CIPHERS="$G_CIPHERS \ 607 +RSA:+NULL:+SHA256 \ 608 " 609 fi 610 if [ `minor_ver "$MODE"` -ge 3 ] 611 then 612 M_CIPHERS="$M_CIPHERS \ 613 TLS-ECDHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 \ 614 TLS-ECDHE-RSA-WITH-CAMELLIA-256-CBC-SHA384 \ 615 TLS-RSA-WITH-CAMELLIA-128-CBC-SHA256 \ 616 TLS-RSA-WITH-CAMELLIA-256-CBC-SHA256 \ 617 TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA256 \ 618 TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256 \ 619 TLS-ECDHE-RSA-WITH-CAMELLIA-128-GCM-SHA256 \ 620 TLS-ECDHE-RSA-WITH-CAMELLIA-256-GCM-SHA384 \ 621 TLS-DHE-RSA-WITH-CAMELLIA-128-GCM-SHA256 \ 622 TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384 \ 623 TLS-RSA-WITH-CAMELLIA-128-GCM-SHA256 \ 624 TLS-RSA-WITH-CAMELLIA-256-GCM-SHA384 \ 625 TLS-RSA-WITH-AES-128-CCM \ 626 TLS-RSA-WITH-AES-256-CCM \ 627 TLS-DHE-RSA-WITH-AES-128-CCM \ 628 TLS-DHE-RSA-WITH-AES-256-CCM \ 629 TLS-RSA-WITH-AES-128-CCM-8 \ 630 TLS-RSA-WITH-AES-256-CCM-8 \ 631 TLS-DHE-RSA-WITH-AES-128-CCM-8 \ 632 TLS-DHE-RSA-WITH-AES-256-CCM-8 \ 633 " 634 G_CIPHERS="$G_CIPHERS \ 635 +ECDHE-RSA:+CAMELLIA-128-CBC:+SHA256 \ 636 +ECDHE-RSA:+CAMELLIA-256-CBC:+SHA384 \ 637 +RSA:+CAMELLIA-128-CBC:+SHA256 \ 638 +RSA:+CAMELLIA-256-CBC:+SHA256 \ 639 +DHE-RSA:+CAMELLIA-128-CBC:+SHA256 \ 640 +DHE-RSA:+CAMELLIA-256-CBC:+SHA256 \ 641 +ECDHE-RSA:+CAMELLIA-128-GCM:+AEAD \ 642 +ECDHE-RSA:+CAMELLIA-256-GCM:+AEAD \ 643 +DHE-RSA:+CAMELLIA-128-GCM:+AEAD \ 644 +DHE-RSA:+CAMELLIA-256-GCM:+AEAD \ 645 +RSA:+CAMELLIA-128-GCM:+AEAD \ 646 +RSA:+CAMELLIA-256-GCM:+AEAD \ 647 +RSA:+AES-128-CCM:+AEAD \ 648 +RSA:+AES-256-CCM:+AEAD \ 649 +RSA:+AES-128-CCM-8:+AEAD \ 650 +RSA:+AES-256-CCM-8:+AEAD \ 651 +DHE-RSA:+AES-128-CCM:+AEAD \ 652 +DHE-RSA:+AES-256-CCM:+AEAD \ 653 +DHE-RSA:+AES-128-CCM-8:+AEAD \ 654 +DHE-RSA:+AES-256-CCM-8:+AEAD \ 655 " 656 fi 657 ;; 658 659 "PSK") 660 M_CIPHERS="$M_CIPHERS \ 661 TLS-DHE-PSK-WITH-3DES-EDE-CBC-SHA \ 662 TLS-DHE-PSK-WITH-AES-128-CBC-SHA \ 663 TLS-DHE-PSK-WITH-AES-256-CBC-SHA \ 664 TLS-DHE-PSK-WITH-RC4-128-SHA \ 665 " 666 G_CIPHERS="$G_CIPHERS \ 667 +DHE-PSK:+3DES-CBC:+SHA1 \ 668 +DHE-PSK:+AES-128-CBC:+SHA1 \ 669 +DHE-PSK:+AES-256-CBC:+SHA1 \ 670 +DHE-PSK:+ARCFOUR-128:+SHA1 \ 671 " 672 if [ `minor_ver "$MODE"` -gt 0 ] 673 then 674 M_CIPHERS="$M_CIPHERS \ 675 TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA \ 676 TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA \ 677 TLS-ECDHE-PSK-WITH-3DES-EDE-CBC-SHA \ 678 TLS-ECDHE-PSK-WITH-RC4-128-SHA \ 679 TLS-RSA-PSK-WITH-3DES-EDE-CBC-SHA \ 680 TLS-RSA-PSK-WITH-AES-256-CBC-SHA \ 681 TLS-RSA-PSK-WITH-AES-128-CBC-SHA \ 682 TLS-RSA-PSK-WITH-RC4-128-SHA \ 683 " 684 G_CIPHERS="$G_CIPHERS \ 685 +ECDHE-PSK:+3DES-CBC:+SHA1 \ 686 +ECDHE-PSK:+AES-128-CBC:+SHA1 \ 687 +ECDHE-PSK:+AES-256-CBC:+SHA1 \ 688 +ECDHE-PSK:+ARCFOUR-128:+SHA1 \ 689 +RSA-PSK:+3DES-CBC:+SHA1 \ 690 +RSA-PSK:+AES-256-CBC:+SHA1 \ 691 +RSA-PSK:+AES-128-CBC:+SHA1 \ 692 +RSA-PSK:+ARCFOUR-128:+SHA1 \ 693 " 694 fi 695 if [ `minor_ver "$MODE"` -ge 3 ] 696 then 697 M_CIPHERS="$M_CIPHERS \ 698 TLS-ECDHE-PSK-WITH-AES-256-CBC-SHA384 \ 699 TLS-ECDHE-PSK-WITH-CAMELLIA-256-CBC-SHA384 \ 700 TLS-ECDHE-PSK-WITH-AES-128-CBC-SHA256 \ 701 TLS-ECDHE-PSK-WITH-CAMELLIA-128-CBC-SHA256 \ 702 TLS-ECDHE-PSK-WITH-NULL-SHA384 \ 703 TLS-ECDHE-PSK-WITH-NULL-SHA256 \ 704 TLS-PSK-WITH-AES-128-CBC-SHA256 \ 705 TLS-PSK-WITH-AES-256-CBC-SHA384 \ 706 TLS-DHE-PSK-WITH-AES-128-CBC-SHA256 \ 707 TLS-DHE-PSK-WITH-AES-256-CBC-SHA384 \ 708 TLS-PSK-WITH-NULL-SHA256 \ 709 TLS-PSK-WITH-NULL-SHA384 \ 710 TLS-DHE-PSK-WITH-NULL-SHA256 \ 711 TLS-DHE-PSK-WITH-NULL-SHA384 \ 712 TLS-RSA-PSK-WITH-AES-256-CBC-SHA384 \ 713 TLS-RSA-PSK-WITH-AES-128-CBC-SHA256 \ 714 TLS-RSA-PSK-WITH-NULL-SHA256 \ 715 TLS-RSA-PSK-WITH-NULL-SHA384 \ 716 TLS-DHE-PSK-WITH-CAMELLIA-128-CBC-SHA256 \ 717 TLS-DHE-PSK-WITH-CAMELLIA-256-CBC-SHA384 \ 718 TLS-PSK-WITH-CAMELLIA-128-CBC-SHA256 \ 719 TLS-PSK-WITH-CAMELLIA-256-CBC-SHA384 \ 720 TLS-RSA-PSK-WITH-CAMELLIA-256-CBC-SHA384 \ 721 TLS-RSA-PSK-WITH-CAMELLIA-128-CBC-SHA256 \ 722 TLS-PSK-WITH-AES-128-GCM-SHA256 \ 723 TLS-PSK-WITH-AES-256-GCM-SHA384 \ 724 TLS-DHE-PSK-WITH-AES-128-GCM-SHA256 \ 725 TLS-DHE-PSK-WITH-AES-256-GCM-SHA384 \ 726 TLS-PSK-WITH-AES-128-CCM \ 727 TLS-PSK-WITH-AES-256-CCM \ 728 TLS-DHE-PSK-WITH-AES-128-CCM \ 729 TLS-DHE-PSK-WITH-AES-256-CCM \ 730 TLS-PSK-WITH-AES-128-CCM-8 \ 731 TLS-PSK-WITH-AES-256-CCM-8 \ 732 TLS-DHE-PSK-WITH-AES-128-CCM-8 \ 733 TLS-DHE-PSK-WITH-AES-256-CCM-8 \ 734 TLS-RSA-PSK-WITH-CAMELLIA-128-GCM-SHA256 \ 735 TLS-RSA-PSK-WITH-CAMELLIA-256-GCM-SHA384 \ 736 TLS-PSK-WITH-CAMELLIA-128-GCM-SHA256 \ 737 TLS-PSK-WITH-CAMELLIA-256-GCM-SHA384 \ 738 TLS-DHE-PSK-WITH-CAMELLIA-128-GCM-SHA256 \ 739 TLS-DHE-PSK-WITH-CAMELLIA-256-GCM-SHA384 \ 740 TLS-RSA-PSK-WITH-AES-256-GCM-SHA384 \ 741 TLS-RSA-PSK-WITH-AES-128-GCM-SHA256 \ 742 " 743 G_CIPHERS="$G_CIPHERS \ 744 +ECDHE-PSK:+AES-256-CBC:+SHA384 \ 745 +ECDHE-PSK:+CAMELLIA-256-CBC:+SHA384 \ 746 +ECDHE-PSK:+AES-128-CBC:+SHA256 \ 747 +ECDHE-PSK:+CAMELLIA-128-CBC:+SHA256 \ 748 +PSK:+AES-128-CBC:+SHA256 \ 749 +PSK:+AES-256-CBC:+SHA384 \ 750 +DHE-PSK:+AES-128-CBC:+SHA256 \ 751 +DHE-PSK:+AES-256-CBC:+SHA384 \ 752 +RSA-PSK:+AES-256-CBC:+SHA384 \ 753 +RSA-PSK:+AES-128-CBC:+SHA256 \ 754 +DHE-PSK:+CAMELLIA-128-CBC:+SHA256 \ 755 +DHE-PSK:+CAMELLIA-256-CBC:+SHA384 \ 756 +PSK:+CAMELLIA-128-CBC:+SHA256 \ 757 +PSK:+CAMELLIA-256-CBC:+SHA384 \ 758 +RSA-PSK:+CAMELLIA-256-CBC:+SHA384 \ 759 +RSA-PSK:+CAMELLIA-128-CBC:+SHA256 \ 760 +PSK:+AES-128-GCM:+AEAD \ 761 +PSK:+AES-256-GCM:+AEAD \ 762 +DHE-PSK:+AES-128-GCM:+AEAD \ 763 +DHE-PSK:+AES-256-GCM:+AEAD \ 764 +PSK:+AES-128-CCM:+AEAD \ 765 +PSK:+AES-256-CCM:+AEAD \ 766 +DHE-PSK:+AES-128-CCM:+AEAD \ 767 +DHE-PSK:+AES-256-CCM:+AEAD \ 768 +PSK:+AES-128-CCM-8:+AEAD \ 769 +PSK:+AES-256-CCM-8:+AEAD \ 770 +DHE-PSK:+AES-128-CCM-8:+AEAD \ 771 +DHE-PSK:+AES-256-CCM-8:+AEAD \ 772 +RSA-PSK:+CAMELLIA-128-GCM:+AEAD \ 773 +RSA-PSK:+CAMELLIA-256-GCM:+AEAD \ 774 +PSK:+CAMELLIA-128-GCM:+AEAD \ 775 +PSK:+CAMELLIA-256-GCM:+AEAD \ 776 +DHE-PSK:+CAMELLIA-128-GCM:+AEAD \ 777 +DHE-PSK:+CAMELLIA-256-GCM:+AEAD \ 778 +RSA-PSK:+AES-256-GCM:+AEAD \ 779 +RSA-PSK:+AES-128-GCM:+AEAD \ 780 +ECDHE-PSK:+NULL:+SHA384 \ 781 +ECDHE-PSK:+NULL:+SHA256 \ 782 +PSK:+NULL:+SHA256 \ 783 +PSK:+NULL:+SHA384 \ 784 +DHE-PSK:+NULL:+SHA256 \ 785 +DHE-PSK:+NULL:+SHA384 \ 786 +RSA-PSK:+NULL:+SHA256 \ 787 +RSA-PSK:+NULL:+SHA384 \ 788 " 789 fi 790 ;; 791 esac 792} 793 794# Ciphersuites usable only with Mbed TLS (not currently supported by another 795# peer usable in this script). This provide only very rudimentaty testing, as 796# this is not interop testing, but it's better than nothing. 797add_mbedtls_ciphersuites() 798{ 799 case $TYPE in 800 801 "ECDSA") 802 if [ `minor_ver "$MODE"` -gt 0 ] 803 then 804 M_CIPHERS="$M_CIPHERS \ 805 TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256 \ 806 TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384 \ 807 " 808 fi 809 if [ `minor_ver "$MODE"` -ge 3 ] 810 then 811 M_CIPHERS="$M_CIPHERS \ 812 TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256 \ 813 TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384 \ 814 TLS-ECDHE-ECDSA-WITH-ARIA-256-CBC-SHA384 \ 815 TLS-ECDHE-ECDSA-WITH-ARIA-128-CBC-SHA256 \ 816 TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384 \ 817 TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256 \ 818 TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384 \ 819 TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256 \ 820 " 821 fi 822 ;; 823 824 "RSA") 825 if [ `minor_ver "$MODE"` -ge 3 ] 826 then 827 M_CIPHERS="$M_CIPHERS \ 828 TLS-ECDHE-RSA-WITH-ARIA-256-CBC-SHA384 \ 829 TLS-DHE-RSA-WITH-ARIA-256-CBC-SHA384 \ 830 TLS-ECDHE-RSA-WITH-ARIA-128-CBC-SHA256 \ 831 TLS-DHE-RSA-WITH-ARIA-128-CBC-SHA256 \ 832 TLS-RSA-WITH-ARIA-256-CBC-SHA384 \ 833 TLS-RSA-WITH-ARIA-128-CBC-SHA256 \ 834 " 835 fi 836 ;; 837 838 "PSK") 839 # *PSK-NULL-SHA suites supported by GnuTLS 3.3.5 but not 3.2.15 840 M_CIPHERS="$M_CIPHERS \ 841 TLS-PSK-WITH-NULL-SHA \ 842 TLS-DHE-PSK-WITH-NULL-SHA \ 843 " 844 if [ `minor_ver "$MODE"` -gt 0 ] 845 then 846 M_CIPHERS="$M_CIPHERS \ 847 TLS-ECDHE-PSK-WITH-NULL-SHA \ 848 TLS-RSA-PSK-WITH-NULL-SHA \ 849 " 850 fi 851 if [ `minor_ver "$MODE"` -ge 3 ] 852 then 853 M_CIPHERS="$M_CIPHERS \ 854 TLS-RSA-PSK-WITH-ARIA-256-CBC-SHA384 \ 855 TLS-RSA-PSK-WITH-ARIA-128-CBC-SHA256 \ 856 TLS-PSK-WITH-ARIA-256-CBC-SHA384 \ 857 TLS-PSK-WITH-ARIA-128-CBC-SHA256 \ 858 TLS-RSA-PSK-WITH-ARIA-256-GCM-SHA384 \ 859 TLS-RSA-PSK-WITH-ARIA-128-GCM-SHA256 \ 860 TLS-ECDHE-PSK-WITH-ARIA-256-CBC-SHA384 \ 861 TLS-ECDHE-PSK-WITH-ARIA-128-CBC-SHA256 \ 862 TLS-DHE-PSK-WITH-ARIA-256-CBC-SHA384 \ 863 TLS-DHE-PSK-WITH-ARIA-128-CBC-SHA256 \ 864 TLS-RSA-PSK-WITH-CHACHA20-POLY1305-SHA256 \ 865 " 866 fi 867 ;; 868 esac 869} 870 871setup_arguments() 872{ 873 G_MODE="" 874 case "$MODE" in 875 "ssl3") 876 G_PRIO_MODE="+VERS-SSL3.0" 877 ;; 878 "tls1") 879 G_PRIO_MODE="+VERS-TLS1.0" 880 ;; 881 "tls1_1") 882 G_PRIO_MODE="+VERS-TLS1.1" 883 ;; 884 "tls1_2") 885 G_PRIO_MODE="+VERS-TLS1.2" 886 ;; 887 "dtls1") 888 G_PRIO_MODE="+VERS-DTLS1.0" 889 G_MODE="-u" 890 ;; 891 "dtls1_2") 892 G_PRIO_MODE="+VERS-DTLS1.2" 893 G_MODE="-u" 894 ;; 895 *) 896 echo "error: invalid mode: $MODE" >&2 897 exit 1; 898 esac 899 900 # GnuTLS < 3.4 will choke if we try to allow CCM-8 901 if [ -z "${GNUTLS_MINOR_LT_FOUR-}" ]; then 902 G_PRIO_CCM="+AES-256-CCM-8:+AES-128-CCM-8:" 903 else 904 G_PRIO_CCM="" 905 fi 906 907 M_SERVER_ARGS="server_port=$PORT server_addr=0.0.0.0 force_version=$MODE arc4=1" 908 O_SERVER_ARGS="-accept $PORT -cipher NULL,ALL -$MODE -dhparam data_files/dhparams.pem" 909 G_SERVER_ARGS="-p $PORT --http $G_MODE" 910 G_SERVER_PRIO="NORMAL:${G_PRIO_CCM}+ARCFOUR-128:+NULL:+MD5:+PSK:+DHE-PSK:+ECDHE-PSK:+SHA256:+SHA384:+RSA-PSK:-VERS-TLS-ALL:$G_PRIO_MODE" 911 912 # with OpenSSL 1.0.1h, -www, -WWW and -HTTP break DTLS handshakes 913 if is_dtls "$MODE"; then 914 O_SERVER_ARGS="$O_SERVER_ARGS" 915 else 916 O_SERVER_ARGS="$O_SERVER_ARGS -www" 917 fi 918 919 M_CLIENT_ARGS="server_port=$PORT server_addr=127.0.0.1 force_version=$MODE" 920 O_CLIENT_ARGS="-connect localhost:$PORT -$MODE" 921 G_CLIENT_ARGS="-p $PORT --debug 3 $G_MODE" 922 G_CLIENT_PRIO="NONE:$G_PRIO_MODE:+COMP-NULL:+CURVE-ALL:+SIGN-ALL" 923 924 if [ "X$VERIFY" = "XYES" ]; 925 then 926 M_SERVER_ARGS="$M_SERVER_ARGS ca_file=data_files/test-ca_cat12.crt auth_mode=required" 927 O_SERVER_ARGS="$O_SERVER_ARGS -CAfile data_files/test-ca_cat12.crt -Verify 10" 928 G_SERVER_ARGS="$G_SERVER_ARGS --x509cafile data_files/test-ca_cat12.crt --require-client-cert" 929 930 M_CLIENT_ARGS="$M_CLIENT_ARGS ca_file=data_files/test-ca_cat12.crt auth_mode=required" 931 O_CLIENT_ARGS="$O_CLIENT_ARGS -CAfile data_files/test-ca_cat12.crt -verify 10" 932 G_CLIENT_ARGS="$G_CLIENT_ARGS --x509cafile data_files/test-ca_cat12.crt" 933 else 934 # don't request a client cert at all 935 M_SERVER_ARGS="$M_SERVER_ARGS ca_file=none auth_mode=none" 936 G_SERVER_ARGS="$G_SERVER_ARGS --disable-client-cert" 937 938 M_CLIENT_ARGS="$M_CLIENT_ARGS ca_file=none auth_mode=none" 939 O_CLIENT_ARGS="$O_CLIENT_ARGS" 940 G_CLIENT_ARGS="$G_CLIENT_ARGS --insecure" 941 fi 942 943 case $TYPE in 944 "ECDSA") 945 M_SERVER_ARGS="$M_SERVER_ARGS crt_file=data_files/server5.crt key_file=data_files/server5.key" 946 O_SERVER_ARGS="$O_SERVER_ARGS -cert data_files/server5.crt -key data_files/server5.key" 947 G_SERVER_ARGS="$G_SERVER_ARGS --x509certfile data_files/server5.crt --x509keyfile data_files/server5.key" 948 949 if [ "X$VERIFY" = "XYES" ]; then 950 M_CLIENT_ARGS="$M_CLIENT_ARGS crt_file=data_files/server6.crt key_file=data_files/server6.key" 951 O_CLIENT_ARGS="$O_CLIENT_ARGS -cert data_files/server6.crt -key data_files/server6.key" 952 G_CLIENT_ARGS="$G_CLIENT_ARGS --x509certfile data_files/server6.crt --x509keyfile data_files/server6.key" 953 else 954 M_CLIENT_ARGS="$M_CLIENT_ARGS crt_file=none key_file=none" 955 fi 956 ;; 957 958 "RSA") 959 M_SERVER_ARGS="$M_SERVER_ARGS crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key" 960 O_SERVER_ARGS="$O_SERVER_ARGS -cert data_files/server2-sha256.crt -key data_files/server2.key" 961 G_SERVER_ARGS="$G_SERVER_ARGS --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key" 962 963 if [ "X$VERIFY" = "XYES" ]; then 964 M_CLIENT_ARGS="$M_CLIENT_ARGS crt_file=data_files/cert_sha256.crt key_file=data_files/server1.key" 965 O_CLIENT_ARGS="$O_CLIENT_ARGS -cert data_files/cert_sha256.crt -key data_files/server1.key" 966 G_CLIENT_ARGS="$G_CLIENT_ARGS --x509certfile data_files/cert_sha256.crt --x509keyfile data_files/server1.key" 967 else 968 M_CLIENT_ARGS="$M_CLIENT_ARGS crt_file=none key_file=none" 969 fi 970 ;; 971 972 "PSK") 973 # give RSA-PSK-capable server a RSA cert 974 # (should be a separate type, but harder to close with openssl) 975 M_SERVER_ARGS="$M_SERVER_ARGS psk=6162636465666768696a6b6c6d6e6f70 ca_file=none crt_file=data_files/server2-sha256.crt key_file=data_files/server2.key" 976 O_SERVER_ARGS="$O_SERVER_ARGS -psk 6162636465666768696a6b6c6d6e6f70 -nocert" 977 G_SERVER_ARGS="$G_SERVER_ARGS --x509certfile data_files/server2-sha256.crt --x509keyfile data_files/server2.key --pskpasswd data_files/passwd.psk" 978 979 M_CLIENT_ARGS="$M_CLIENT_ARGS psk=6162636465666768696a6b6c6d6e6f70 crt_file=none key_file=none" 980 O_CLIENT_ARGS="$O_CLIENT_ARGS -psk 6162636465666768696a6b6c6d6e6f70" 981 G_CLIENT_ARGS="$G_CLIENT_ARGS --pskusername Client_identity --pskkey=6162636465666768696a6b6c6d6e6f70" 982 ;; 983 esac 984} 985 986# is_mbedtls <cmd_line> 987is_mbedtls() { 988 echo "$1" | grep 'ssl_server2\|ssl_client2' > /dev/null 989} 990 991# has_mem_err <log_file_name> 992has_mem_err() { 993 if ( grep -F 'All heap blocks were freed -- no leaks are possible' "$1" && 994 grep -F 'ERROR SUMMARY: 0 errors from 0 contexts' "$1" ) > /dev/null 995 then 996 return 1 # false: does not have errors 997 else 998 return 0 # true: has errors 999 fi 1000} 1001 1002# Wait for process $2 to be listening on port $1 1003if type lsof >/dev/null 2>/dev/null; then 1004 wait_server_start() { 1005 START_TIME=$(date +%s) 1006 if is_dtls "$MODE"; then 1007 proto=UDP 1008 else 1009 proto=TCP 1010 fi 1011 while ! lsof -a -n -b -i "$proto:$1" -p "$2" >/dev/null 2>/dev/null; do 1012 if [ $(( $(date +%s) - $START_TIME )) -gt $DOG_DELAY ]; then 1013 echo "SERVERSTART TIMEOUT" 1014 echo "SERVERSTART TIMEOUT" >> $SRV_OUT 1015 break 1016 fi 1017 # Linux and *BSD support decimal arguments to sleep. On other 1018 # OSes this may be a tight loop. 1019 sleep 0.1 2>/dev/null || true 1020 done 1021 } 1022else 1023 echo "Warning: lsof not available, wait_server_start = sleep" 1024 wait_server_start() { 1025 sleep 2 1026 } 1027fi 1028 1029 1030# start_server <name> 1031# also saves name and command 1032start_server() { 1033 case $1 in 1034 [Oo]pen*) 1035 SERVER_CMD="$OPENSSL_CMD s_server $O_SERVER_ARGS" 1036 ;; 1037 [Gg]nu*) 1038 SERVER_CMD="$GNUTLS_SERV $G_SERVER_ARGS --priority $G_SERVER_PRIO" 1039 ;; 1040 mbed*) 1041 SERVER_CMD="$M_SRV $M_SERVER_ARGS" 1042 if [ "$MEMCHECK" -gt 0 ]; then 1043 SERVER_CMD="valgrind --leak-check=full $SERVER_CMD" 1044 fi 1045 ;; 1046 *) 1047 echo "error: invalid server name: $1" >&2 1048 exit 1 1049 ;; 1050 esac 1051 SERVER_NAME=$1 1052 1053 log "$SERVER_CMD" 1054 echo "$SERVER_CMD" > $SRV_OUT 1055 # for servers without -www or equivalent 1056 while :; do echo bla; sleep 1; done | $SERVER_CMD >> $SRV_OUT 2>&1 & 1057 PROCESS_ID=$! 1058 1059 wait_server_start "$PORT" "$PROCESS_ID" 1060} 1061 1062# terminate the running server 1063stop_server() { 1064 kill $PROCESS_ID 2>/dev/null 1065 wait $PROCESS_ID 2>/dev/null 1066 1067 if [ "$MEMCHECK" -gt 0 ]; then 1068 if is_mbedtls "$SERVER_CMD" && has_mem_err $SRV_OUT; then 1069 echo " ! Server had memory errors" 1070 SRVMEM=$(( $SRVMEM + 1 )) 1071 return 1072 fi 1073 fi 1074 1075 rm -f $SRV_OUT 1076} 1077 1078# kill the running server (used when killed by signal) 1079cleanup() { 1080 rm -f $SRV_OUT $CLI_OUT 1081 kill $PROCESS_ID >/dev/null 2>&1 1082 kill $WATCHDOG_PID >/dev/null 2>&1 1083 exit 1 1084} 1085 1086# wait for client to terminate and set EXIT 1087# must be called right after starting the client 1088wait_client_done() { 1089 CLI_PID=$! 1090 1091 ( sleep "$DOG_DELAY"; echo "TIMEOUT" >> $CLI_OUT; kill $CLI_PID ) & 1092 WATCHDOG_PID=$! 1093 1094 wait $CLI_PID 1095 EXIT=$? 1096 1097 kill $WATCHDOG_PID 1098 wait $WATCHDOG_PID 1099 1100 echo "EXIT: $EXIT" >> $CLI_OUT 1101} 1102 1103# run_client <name> <cipher> 1104run_client() { 1105 # announce what we're going to do 1106 TESTS=$(( $TESTS + 1 )) 1107 VERIF=$(echo $VERIFY | tr '[:upper:]' '[:lower:]') 1108 TITLE="`echo $1 | head -c1`->`echo $SERVER_NAME | head -c1`" 1109 TITLE="$TITLE $MODE,$VERIF $2" 1110 printf "%s " "$TITLE" 1111 LEN=$(( 72 - `echo "$TITLE" | wc -c` )) 1112 for i in `seq 1 $LEN`; do printf '.'; done; printf ' ' 1113 1114 # should we skip? 1115 if [ "X$SKIP_NEXT" = "XYES" ]; then 1116 SKIP_NEXT="NO" 1117 echo "SKIP" 1118 SKIPPED=$(( $SKIPPED + 1 )) 1119 return 1120 fi 1121 1122 # run the command and interpret result 1123 case $1 in 1124 [Oo]pen*) 1125 CLIENT_CMD="$OPENSSL_CMD s_client $O_CLIENT_ARGS -cipher $2" 1126 log "$CLIENT_CMD" 1127 echo "$CLIENT_CMD" > $CLI_OUT 1128 printf 'GET HTTP/1.0\r\n\r\n' | $CLIENT_CMD >> $CLI_OUT 2>&1 & 1129 wait_client_done 1130 1131 if [ $EXIT -eq 0 ]; then 1132 RESULT=0 1133 else 1134 # If the cipher isn't supported... 1135 if grep 'Cipher is (NONE)' $CLI_OUT >/dev/null; then 1136 RESULT=1 1137 else 1138 RESULT=2 1139 fi 1140 fi 1141 ;; 1142 1143 [Gg]nu*) 1144 # need to force IPv4 with UDP, but keep localhost for auth 1145 if is_dtls "$MODE"; then 1146 G_HOST="127.0.0.1" 1147 else 1148 G_HOST="localhost" 1149 fi 1150 CLIENT_CMD="$GNUTLS_CLI $G_CLIENT_ARGS --priority $G_PRIO_MODE:$2 $G_HOST" 1151 log "$CLIENT_CMD" 1152 echo "$CLIENT_CMD" > $CLI_OUT 1153 printf 'GET HTTP/1.0\r\n\r\n' | $CLIENT_CMD >> $CLI_OUT 2>&1 & 1154 wait_client_done 1155 1156 if [ $EXIT -eq 0 ]; then 1157 RESULT=0 1158 else 1159 RESULT=2 1160 # interpret early failure, with a handshake_failure alert 1161 # before the server hello, as "no ciphersuite in common" 1162 if grep -F 'Received alert [40]: Handshake failed' $CLI_OUT; then 1163 if grep -i 'SERVER HELLO .* was received' $CLI_OUT; then : 1164 else 1165 RESULT=1 1166 fi 1167 fi >/dev/null 1168 fi 1169 ;; 1170 1171 mbed*) 1172 CLIENT_CMD="$M_CLI $M_CLIENT_ARGS force_ciphersuite=$2" 1173 if [ "$MEMCHECK" -gt 0 ]; then 1174 CLIENT_CMD="valgrind --leak-check=full $CLIENT_CMD" 1175 fi 1176 log "$CLIENT_CMD" 1177 echo "$CLIENT_CMD" > $CLI_OUT 1178 $CLIENT_CMD >> $CLI_OUT 2>&1 & 1179 wait_client_done 1180 1181 case $EXIT in 1182 # Success 1183 "0") RESULT=0 ;; 1184 1185 # Ciphersuite not supported 1186 "2") RESULT=1 ;; 1187 1188 # Error 1189 *) RESULT=2 ;; 1190 esac 1191 1192 if [ "$MEMCHECK" -gt 0 ]; then 1193 if is_mbedtls "$CLIENT_CMD" && has_mem_err $CLI_OUT; then 1194 RESULT=2 1195 fi 1196 fi 1197 1198 ;; 1199 1200 *) 1201 echo "error: invalid client name: $1" >&2 1202 exit 1 1203 ;; 1204 esac 1205 1206 echo "EXIT: $EXIT" >> $CLI_OUT 1207 1208 # report and count result 1209 case $RESULT in 1210 "0") 1211 echo PASS 1212 ;; 1213 "1") 1214 echo SKIP 1215 SKIPPED=$(( $SKIPPED + 1 )) 1216 ;; 1217 "2") 1218 echo FAIL 1219 cp $SRV_OUT c-srv-${TESTS}.log 1220 cp $CLI_OUT c-cli-${TESTS}.log 1221 echo " ! outputs saved to c-srv-${TESTS}.log, c-cli-${TESTS}.log" 1222 1223 if [ "${LOG_FAILURE_ON_STDOUT:-0}" != 0 ]; then 1224 echo " ! server output:" 1225 cat c-srv-${TESTS}.log 1226 echo " ! ===================================================" 1227 echo " ! client output:" 1228 cat c-cli-${TESTS}.log 1229 fi 1230 1231 FAILED=$(( $FAILED + 1 )) 1232 ;; 1233 esac 1234 1235 rm -f $CLI_OUT 1236} 1237 1238# 1239# MAIN 1240# 1241 1242if cd $( dirname $0 ); then :; else 1243 echo "cd $( dirname $0 ) failed" >&2 1244 exit 1 1245fi 1246 1247get_options "$@" 1248 1249# sanity checks, avoid an avalanche of errors 1250if [ ! -x "$M_SRV" ]; then 1251 echo "Command '$M_SRV' is not an executable file" >&2 1252 exit 1 1253fi 1254if [ ! -x "$M_CLI" ]; then 1255 echo "Command '$M_CLI' is not an executable file" >&2 1256 exit 1 1257fi 1258 1259if echo "$PEERS" | grep -i openssl > /dev/null; then 1260 if which "$OPENSSL_CMD" >/dev/null 2>&1; then :; else 1261 echo "Command '$OPENSSL_CMD' not found" >&2 1262 exit 1 1263 fi 1264fi 1265 1266if echo "$PEERS" | grep -i gnutls > /dev/null; then 1267 for CMD in "$GNUTLS_CLI" "$GNUTLS_SERV"; do 1268 if which "$CMD" >/dev/null 2>&1; then :; else 1269 echo "Command '$CMD' not found" >&2 1270 exit 1 1271 fi 1272 done 1273fi 1274 1275for PEER in $PEERS; do 1276 case "$PEER" in 1277 mbed*|[Oo]pen*|[Gg]nu*) 1278 ;; 1279 *) 1280 echo "Unknown peers: $PEER" >&2 1281 exit 1 1282 esac 1283done 1284 1285# Pick a "unique" port in the range 10000-19999. 1286PORT="0000$$" 1287PORT="1$(echo $PORT | tail -c 5)" 1288 1289# Also pick a unique name for intermediate files 1290SRV_OUT="srv_out.$$" 1291CLI_OUT="cli_out.$$" 1292 1293# client timeout delay: be more patient with valgrind 1294if [ "$MEMCHECK" -gt 0 ]; then 1295 DOG_DELAY=30 1296else 1297 DOG_DELAY=10 1298fi 1299 1300SKIP_NEXT="NO" 1301 1302trap cleanup INT TERM HUP 1303 1304for VERIFY in $VERIFIES; do 1305 for MODE in $MODES; do 1306 for TYPE in $TYPES; do 1307 for PEER in $PEERS; do 1308 1309 setup_arguments 1310 1311 case "$PEER" in 1312 1313 [Oo]pen*) 1314 1315 if test "$OSSL_NO_DTLS" -gt 0 && is_dtls "$MODE"; then 1316 continue; 1317 fi 1318 1319 reset_ciphersuites 1320 add_common_ciphersuites 1321 add_openssl_ciphersuites 1322 filter_ciphersuites 1323 1324 if [ "X" != "X$M_CIPHERS" ]; then 1325 start_server "OpenSSL" 1326 for i in $M_CIPHERS; do 1327 check_openssl_server_bug $i 1328 run_client mbedTLS $i 1329 done 1330 stop_server 1331 fi 1332 1333 if [ "X" != "X$O_CIPHERS" ]; then 1334 start_server "mbedTLS" 1335 for i in $O_CIPHERS; do 1336 run_client OpenSSL $i 1337 done 1338 stop_server 1339 fi 1340 1341 ;; 1342 1343 [Gg]nu*) 1344 1345 reset_ciphersuites 1346 add_common_ciphersuites 1347 add_gnutls_ciphersuites 1348 filter_ciphersuites 1349 1350 if [ "X" != "X$M_CIPHERS" ]; then 1351 start_server "GnuTLS" 1352 for i in $M_CIPHERS; do 1353 run_client mbedTLS $i 1354 done 1355 stop_server 1356 fi 1357 1358 if [ "X" != "X$G_CIPHERS" ]; then 1359 start_server "mbedTLS" 1360 for i in $G_CIPHERS; do 1361 run_client GnuTLS $i 1362 done 1363 stop_server 1364 fi 1365 1366 ;; 1367 1368 mbed*) 1369 1370 reset_ciphersuites 1371 add_common_ciphersuites 1372 add_openssl_ciphersuites 1373 add_gnutls_ciphersuites 1374 add_mbedtls_ciphersuites 1375 filter_ciphersuites 1376 1377 if [ "X" != "X$M_CIPHERS" ]; then 1378 start_server "mbedTLS" 1379 for i in $M_CIPHERS; do 1380 run_client mbedTLS $i 1381 done 1382 stop_server 1383 fi 1384 1385 ;; 1386 1387 *) 1388 echo "Unknown peer: $PEER" >&2 1389 exit 1 1390 ;; 1391 1392 esac 1393 1394 done 1395 done 1396 done 1397done 1398 1399echo "------------------------------------------------------------------------" 1400 1401if [ $FAILED -ne 0 -o $SRVMEM -ne 0 ]; 1402then 1403 printf "FAILED" 1404else 1405 printf "PASSED" 1406fi 1407 1408if [ "$MEMCHECK" -gt 0 ]; then 1409 MEMREPORT=", $SRVMEM server memory errors" 1410else 1411 MEMREPORT="" 1412fi 1413 1414PASSED=$(( $TESTS - $FAILED )) 1415echo " ($PASSED / $TESTS tests ($SKIPPED skipped$MEMREPORT))" 1416 1417FAILED=$(( $FAILED + $SRVMEM )) 1418exit $FAILED 1419