Fix mac-then-encrypt test with enable-tls1_3 (54d028aa) · Commits · CYBER - Cyber Security / TS 103 523 MSP / ETS / ETS OpenSSL

test/recipes/80-test_ssl_new.t

+3 −0

Original line number	Diff line number	Diff line
		@@ -39,7 +39,9 @@ my $is_default_tls = (disabled("ssl3") && !disabled("tls1") &&

		my $is_default_dtls = (!disabled("dtls1") && !disabled("dtls1_2"));

		my @all_pre_tls1_3 = ("ssl3", "tls1", "tls1_1", "tls1_2");
		my $no_tls = alldisabled(available_protocols("tls"));
		my $no_pre_tls1_3 = alldisabled(@all_pre_tls1_3);
		my $no_dtls = alldisabled(available_protocols("dtls"));
		my $no_npn = disabled("nextprotoneg");
		my $no_ct = disabled("ct");
		@@ -76,6 +78,7 @@ my %skip = (
		"15-certstatus.conf" => $no_tls \|\| $no_ocsp,
		"16-dtls-certstatus.conf" => $no_dtls \|\| $no_ocsp,
		"18-dtls-renegotiate.conf" => $no_dtls,
		"19-mac-then-encrypt.conf" => $no_pre_tls1_3
		);

		foreach my $conf (@conf_files) {

test/ssl-tests/19-mac-then-encrypt.conf

+6 −0

Original line number	Diff line number	Diff line
		@@ -25,6 +25,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

		[0-disable-encrypt-then-mac-server-sha-client]
		CipherString = AES128-SHA
		MaxProtocol = TLSv1.2
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer

		@@ -48,6 +49,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

		[1-disable-encrypt-then-mac-client-sha-client]
		CipherString = AES128-SHA
		MaxProtocol = TLSv1.2
		Options = -EncryptThenMac
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer
		@@ -73,6 +75,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

		[2-disable-encrypt-then-mac-both-sha-client]
		CipherString = AES128-SHA
		MaxProtocol = TLSv1.2
		Options = -EncryptThenMac
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer
		@@ -93,6 +96,7 @@ client = 3-disable-encrypt-then-mac-server-sha2-client
		[3-disable-encrypt-then-mac-server-sha2-server]
		Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
		CipherString = DEFAULT
		MaxProtocol = TLSv1.2
		Options = -EncryptThenMac
		PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

		@@ -121,6 +125,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

		[4-disable-encrypt-then-mac-client-sha2-client]
		CipherString = AES128-SHA256
		MaxProtocol = TLSv1.2
		Options = -EncryptThenMac
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer
		@@ -146,6 +151,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem

		[5-disable-encrypt-then-mac-both-sha2-client]
		CipherString = AES128-SHA256
		MaxProtocol = TLSv1.2
		Options = -EncryptThenMac
		VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
		VerifyMode = Peer

test/ssl-tests/19-mac-then-encrypt.conf.in

+6 −0

Original line number	Diff line number	Diff line
		@@ -19,6 +19,7 @@ our @tests = (
		},
		client => {
		"CipherString" => "AES128-SHA",
		"MaxProtocol" => "TLSv1.2"
		},
		test => {
		"ExpectedResult" => "Success",
		@@ -31,6 +32,7 @@ our @tests = (
		client => {
		"CipherString" => "AES128-SHA",
		"Options" => "-EncryptThenMac",
		"MaxProtocol" => "TLSv1.2"
		},
		test => {
		"ExpectedResult" => "Success",
		@@ -44,6 +46,7 @@ our @tests = (
		client => {
		"CipherString" => "AES128-SHA",
		"Options" => "-EncryptThenMac",
		"MaxProtocol" => "TLSv1.2"
		},
		test => {
		"ExpectedResult" => "Success",
		@@ -53,6 +56,7 @@ our @tests = (
		name => "disable-encrypt-then-mac-server-sha2",
		server => {
		"Options" => "-EncryptThenMac",
		"MaxProtocol" => "TLSv1.2"
		},
		client => {
		"CipherString" => "AES128-SHA256",
		@@ -68,6 +72,7 @@ our @tests = (
		client => {
		"CipherString" => "AES128-SHA256",
		"Options" => "-EncryptThenMac",
		"MaxProtocol" => "TLSv1.2"
		},
		test => {
		"ExpectedResult" => "Success",
		@@ -81,6 +86,7 @@ our @tests = (
		client => {
		"CipherString" => "AES128-SHA256",
		"Options" => "-EncryptThenMac",
		"MaxProtocol" => "TLSv1.2"
		},
		test => {
		"ExpectedResult" => "Success",