From c649d10d3fee9fe22e4ae6bdf7f8117b91b92b03 Mon Sep 17 00:00:00 2001 From: Todd Short Date: Wed, 5 Apr 2017 12:35:25 -0400 Subject: TLS1.3 Padding Add padding callback for application control Standard block_size callback Documentation and tests included Configuration file/s_client/s_srver option Reviewed-by: Tim Hudson Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/3130) --- test/recipes/80-test_ssl_new.t | 3 ++- test/ssl-tests/24-padding.conf | 34 ++++++++++++++++++++++++++++++++++ test/ssl-tests/24-padding.conf.in | 25 +++++++++++++++++++++++++ 3 files changed, 61 insertions(+), 1 deletion(-) create mode 100644 test/ssl-tests/24-padding.conf create mode 100644 test/ssl-tests/24-padding.conf.in (limited to 'test') diff --git a/test/recipes/80-test_ssl_new.t b/test/recipes/80-test_ssl_new.t index fbcb46a8fb..100b8528c8 100644 --- a/test/recipes/80-test_ssl_new.t +++ b/test/recipes/80-test_ssl_new.t @@ -29,7 +29,7 @@ map { s/\^// } @conf_files if $^O eq "VMS"; # We hard-code the number of tests to double-check that the globbing above # finds all files as expected. -plan tests => 23; # = scalar @conf_srcs +plan tests => 24; # = scalar @conf_srcs # Some test results depend on the configuration of enabled protocols. We only # verify generated sources in the default configuration. @@ -94,6 +94,7 @@ my %skip = ( "22-compression.conf" => disabled("zlib") || $no_tls, "23-srp.conf" => (disabled("tls1") && disabled ("tls1_1") && disabled("tls1_2")) || disabled("srp"), + "24-padding.conf" => disabled("tls1_3"), ); foreach my $conf (@conf_files) { diff --git a/test/ssl-tests/24-padding.conf b/test/ssl-tests/24-padding.conf new file mode 100644 index 0000000000..3c9f450102 --- /dev/null +++ b/test/ssl-tests/24-padding.conf @@ -0,0 +1,34 @@ +# Generated with generate_ssl_tests.pl + +num_tests = 1 + +test-0 = 0-default +# =========================================================== + +[0-default] +ssl_conf = 0-default-ssl + +[0-default-ssl] +server = 0-default-server +client = 0-default-client + +[0-default-server] +Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem +RecordPadding = 64 + +[0-default-client] +CipherString = DEFAULT +MaxProtocol = TLSv1.3 +MinProtocol = TLSv1.3 +RecordPadding = 11 +VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem +VerifyMode = Peer + +[test-0] +ExpectedResult = Success + + diff --git a/test/ssl-tests/24-padding.conf.in b/test/ssl-tests/24-padding.conf.in new file mode 100644 index 0000000000..7bf256c8db --- /dev/null +++ b/test/ssl-tests/24-padding.conf.in @@ -0,0 +1,25 @@ +# -*- mode: perl; -*- +# Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + + +## SSL test configurations + +package ssltests; + +our @tests = ( + { + name => "default", + server => { "RecordPadding" => 64, + "MaxProtocol" => "TLSv1.3", + "MinProtocol" => "TLSv1.3" }, + client => { "RecordPadding" => 11, + "MaxProtocol" => "TLSv1.3", + "MinProtocol" => "TLSv1.3" }, + test => { "ExpectedResult" => "Success" }, + }, +); -- cgit v1.2.3