Lines Matching +full:fine +full:- +full:ctr +full:- +full:bits
2 * Copyright 2016-2025 The OpenSSL Project Authors. All Rights Reserved.
53 * If we don't have ec or dh then there are no built-in groups that are usable
59 /* Defined in tls-provider.c */
166 if (client_log_buffer_index + line_length > sizeof(client_log_buffer) - 1) { in client_keylog_callback()
182 if (server_log_buffer_index + line_length > sizeof(server_log_buffer) - 1) { in server_keylog_callback()
238 * hex-encoded encrypted secret, then the hex-encoded pre-master in test_keylog_output()
255 * Master secret. Tokens should be: 64 ASCII bytes of hex-encoded in test_keylog_output()
256 * client random, then the hex-encoded master secret. in test_keylog_output()
293 * TLSv1.3 secret. Tokens should be: 64 ASCII bytes of hex-encoded in test_keylog_output()
294 * client random, and then the hex-encoded secret. In this case, in test_keylog_output()
338 expected->rsa_key_exchange_count) in test_keylog_output()
340 expected->master_secret_count) in test_keylog_output()
342 expected->client_early_secret_count) in test_keylog_output()
344 expected->client_handshake_secret_count) in test_keylog_output()
346 expected->server_handshake_secret_count) in test_keylog_output()
348 expected->client_application_secret_count) in test_keylog_output()
350 expected->server_application_secret_count) in test_keylog_output()
352 expected->early_exporter_secret_count) in test_keylog_output()
354 expected->exporter_secret_count)) in test_keylog_output()
385 /* We also want to ensure that we use RSA-based key exchange. */ in test_keylog()
661 char *leaf_chain = test_mk_file_path(certsdir, "leaf-chain.pem"); in test_ssl_build_cert_chain()
689 return -1; in get_password_cb()
691 memcpy(buf, pass, sizeof(pass) - 1); in get_password_cb()
692 return sizeof(pass) - 1; in get_password_cb()
699 char *skey = test_mk_file_path(certsdir, "leaf-encrypted.key"); in test_ssl_ctx_build_cert_chain()
700 char *leaf_chain = test_mk_file_path(certsdir, "leaf-chain.pem"); in test_ssl_ctx_build_cert_chain()
725 int *ctr = arg; in full_client_hello_callback() local
743 if ((*ctr)++ == 0) in full_client_hello_callback()
781 "AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384")) in test_client_hello_cb()
787 * Passing a -1 literal is a hack since in test_client_hello_cb()
790 || !TEST_int_eq(SSL_get_error(serverssl, -1), in test_client_hello_cb()
859 * Very focused test to exercise a single case in the server-side state
885 || !TEST_true(SSL_set_cipher_list(clientssl, "AES128-GCM-SHA256")) in test_ccs_change_cipher()
900 || !TEST_true(SSL_set_cipher_list(clientssl, "AES256-GCM-SHA384:AES128-GCM-SHA256")) in test_ccs_change_cipher()
919 || !TEST_true(SSL_set_cipher_list(clientssl, "AES128-GCM-SHA256")) in test_ccs_change_cipher()
923 || !TEST_true(SSL_set_cipher_list(clientssl, "AES256-GCM-SHA384")) in test_ccs_change_cipher()
1062 memcpy(crec_wseq_before, &clientsc->rlayer.wrl->sequence, SEQ_NUM_SIZE); in ping_pong_query()
1063 memcpy(srec_wseq_before, &serversc->rlayer.wrl->sequence, SEQ_NUM_SIZE); in ping_pong_query()
1064 memcpy(crec_rseq_before, &clientsc->rlayer.rrl->sequence, SEQ_NUM_SIZE); in ping_pong_query()
1065 memcpy(srec_rseq_before, &serversc->rlayer.rrl->sequence, SEQ_NUM_SIZE); in ping_pong_query()
1085 memcpy(crec_wseq_after, &clientsc->rlayer.wrl->sequence, SEQ_NUM_SIZE); in ping_pong_query()
1086 memcpy(srec_wseq_after, &serversc->rlayer.wrl->sequence, SEQ_NUM_SIZE); in ping_pong_query()
1087 memcpy(crec_rseq_after, &clientsc->rlayer.rrl->sequence, SEQ_NUM_SIZE); in ping_pong_query()
1088 memcpy(srec_rseq_after, &serversc->rlayer.rrl->sequence, SEQ_NUM_SIZE); in ping_pong_query()
1098 if (!BIO_get_ktls_send(clientsc->wbio)) { in ping_pong_query()
1108 if (!BIO_get_ktls_send(serversc->wbio)) { in ping_pong_query()
1118 if (!BIO_get_ktls_recv(clientsc->wbio)) { in ping_pong_query()
1128 if (!BIO_get_ktls_recv(serversc->wbio)) { in ping_pong_query()
1149 int cfd = -1, sfd = -1; in execute_test_ktls()
1171 /* Create a session based on SHA-256 */ in execute_test_ktls()
1215 if (!TEST_false(BIO_get_ktls_send(clientsc->wbio))) in execute_test_ktls()
1218 if (BIO_get_ktls_send(clientsc->wbio)) in execute_test_ktls()
1223 if (!TEST_false(BIO_get_ktls_send(serversc->wbio))) in execute_test_ktls()
1226 if (BIO_get_ktls_send(serversc->wbio)) in execute_test_ktls()
1236 if (!TEST_false(BIO_get_ktls_recv(clientsc->rbio))) in execute_test_ktls()
1239 if (BIO_get_ktls_send(clientsc->rbio)) in execute_test_ktls()
1244 if (!TEST_false(BIO_get_ktls_recv(serversc->rbio))) in execute_test_ktls()
1247 if (BIO_get_ktls_send(serversc->rbio)) in execute_test_ktls()
1276 ret = SSL_read(serverssl, buf + offset, bufsz - offset); in execute_test_ktls()
1305 if (cfd != -1) in execute_test_ktls()
1307 if (sfd != -1) in execute_test_ktls()
1323 int cfd = -1, sfd = -1, ffd, err; in execute_test_ktls_sendfile()
1347 /* Create a session based on SHA-256 */ in execute_test_ktls_sendfile()
1384 if (!BIO_get_ktls_send(serversc->wbio)) { in execute_test_ktls_sendfile()
1408 chunk_size = min(SENDFILE_CHUNK, SENDFILE_SZ - chunk_off); in execute_test_ktls_sendfile()
1449 if (cfd != -1) in execute_test_ktls_sendfile()
1451 if (sfd != -1) in execute_test_ktls_sendfile()
1464 { TLS1_2_VERSION, "AES128-GCM-SHA256" },
1467 { TLS1_2_VERSION, "AES128-CCM"},
1470 { TLS1_2_VERSION, "AES256-GCM-SHA384"},
1474 { TLS1_2_VERSION, "ECDHE-RSA-CHACHA20-POLY1305"},
1507 return execute_test_ktls(cis_ktls, sis_ktls, cipher->tls_version, in test_ktls()
1508 cipher->cipher); in test_ktls()
1519 return execute_test_ktls_sendfile(cipher->tls_version, cipher->cipher, in test_ktls_sendfile()
1651 /* Set whole buffer to all bits set */ in test_large_app_data()
1790 rr = serversc->rlayer.tlsrecs; in execute_cleanse_plaintext()
1792 zbuf = &rr->data[rr->off]; in execute_cleanse_plaintext()
1793 if (!TEST_int_eq(rr->length, sizeof(cbuf))) in execute_cleanse_plaintext()
1923 if (SSL_CTX_get_tlsext_status_type(cctx) != -1) in test_tlsext_status_type()
1931 if (!TEST_int_eq(SSL_get_tlsext_status_type(clientssl), -1) in test_tlsext_status_type()
2002 * We'll just use any old cert for this test - it doesn't have to be an OCSP in test_tlsext_status_type()
2051 * sess has been up-refed for us, but we don't actually need it so free it in new_session_cb()
2306 * SSL_CTX_remove_session() also marks the session as non-resumable. in execute_test_session()
2310 || !TEST_true(sess2->owner != NULL) in execute_test_session()
2311 || !TEST_true(tmp->owner == NULL) in execute_test_session()
2360 /* Don't care about results - cache should only be sess2 at end */ in execute_test_session()
2366 || !TEST_ptr(sess1->owner) in execute_test_session()
2367 || !TEST_ptr_null(sess2->owner)) in execute_test_session()
2538 /* After a post-handshake authentication we should get 1 new ticket */ in check_resumption()
2601 /* Stop caching sessions - just count them */ in test_tickets()
2632 /* After a post-handshake authentication we should get new tickets issued */ in test_tickets()
2643 /* Stop caching sessions - just count them */ in test_tickets()
2747 idx -= 3; in test_extra_tickets()
2823 * Use the always-retry BIO to exercise the logic that forces ticket in test_extra_tickets()
2852 /* Re-do the write; still no tickets sent */ in test_extra_tickets()
2941 * SSL_set_bio() functions correctly in the case where s->bbio is not NULL.
2963 idx -= TOTAL_NO_CONN_SSL_SET_BIO_TESTS; in test_ssl_set_bio()
3204 : &testsigalgs[idx - OSSL_NELEM(testsigalgs)]; in test_set_sigalgs()
3216 if (curr->list != NULL) in test_set_sigalgs()
3217 ret = SSL_CTX_set1_sigalgs(cctx, curr->list, curr->listlen); in test_set_sigalgs()
3219 ret = SSL_CTX_set1_sigalgs_list(cctx, curr->liststr); in test_set_sigalgs()
3222 if (curr->valid) in test_set_sigalgs()
3228 if (!curr->valid) { in test_set_sigalgs()
3229 TEST_info("Not-failed setting sigalgs in SSL_CTX (%d)\n", idx); in test_set_sigalgs()
3241 if (curr->list != NULL) in test_set_sigalgs()
3242 ret = SSL_set1_sigalgs(clientssl, curr->list, curr->listlen); in test_set_sigalgs()
3244 ret = SSL_set1_sigalgs_list(clientssl, curr->liststr); in test_set_sigalgs()
3246 if (curr->valid) in test_set_sigalgs()
3252 if (!curr->valid) in test_set_sigalgs()
3258 curr->connsuccess)) in test_set_sigalgs()
3428 artificial_ticket_time--; in ed_gen_cb()
3678 if (!TEST_true(BIO_write_ex(rbio, data + eoedlen, rawread - eoedlen, in test_early_data_read_write()
3680 || !TEST_size_t_eq(rawwritten, rawread - eoedlen)) in test_early_data_read_write()
3706 * post-handshake. We attempt reads which we do not expect to return any in test_early_data_read_write()
3802 * confopt == 0: Configure anti-replay directly
3803 * confopt == 1: Configure anti-replay using SSL_CONF
3833 if (!TEST_int_eq(SSL_CONF_cmd(confctx, "Options", "-AntiReplay"), in test_early_data_replay_int()
4006 if (!TEST_true(SSL_set1_groups_list(serverssl, "P-384"))) in early_data_skip_helper()
4021 if (!TEST_true(SSL_SESSION_set_time_ex(sess, time(NULL) - 20))) in early_data_skip_helper()
4098 /* Connection has failed - nothing more to do */ in early_data_skip_helper()
4204 /* Write some data - should block due to handshake with server */ in test_early_data_not_sent()
4304 * it in a resumption handshake - so it is not actually possible for a in test_early_data_psk()
4342 * is associated with each handshake - not the session. Therefore it in test_early_data_psk()
4378 GOODALPNLEN - 1)) in test_early_data_psk()
4393 BADALPNLEN - 1)) in test_early_data_psk()
4396 GOODALPNLEN - 1)) in test_early_data_psk()
4404 connectres = -1; in test_early_data_psk()
4528 * Integrity-only cipher do not provide any confidentiality. in test_early_data_psk_with_all_ciphers()
4673 /* Write some data - should block due to handshake with server */ in test_early_data_tls1_2()
4734 * Test 1: Set a non-default ciphersuite in the SSL_CTX (no explicit cipher_list)
4736 * Test 3: Set a non-default ciphersuite in the SSL (no explicit cipher_list)
4738 * Test 5: Set a non-default ciphersuite in the SSL_CTX (SSL_CTX cipher_list)
4740 * Test 7: Set a non-default ciphersuite in the SSL (SSL_CTX cipher_list)
4742 * Test 9: Set a non-default ciphersuite in the SSL (SSL cipher_list)
4759 if (!TEST_true(SSL_CTX_set_cipher_list(cctx, "AES256-GCM-SHA384"))) in test_set_ciphersuite()
4781 if (!TEST_true(SSL_set_cipher_list(clientssl, "AES256-GCM-SHA384"))) in test_set_ciphersuite()
4819 /* Create a session based on SHA-256 */ in test_ciphersuite_change()
4846 /* Check we can resume a session with a different SHA-256 ciphersuite */ in test_ciphersuite_change()
4866 * Check attempting to resume a SHA-256 session with no SHA-256 ciphersuites in test_ciphersuite_change()
4918 clntsess->cipher = aes_128_gcm_sha256; in test_ciphersuite_change()
4919 clntsess->cipher_id = clntsess->cipher->id; in test_ciphersuite_change()
4922 * Continue the previously started connection. Server has selected a SHA-384 in test_ciphersuite_change()
4923 * ciphersuite, but client thinks the session is for SHA-256, so it should in test_ciphersuite_change()
4958 * Test 12 = Test all ML-KEM with TLSv1.3 client and server
4965 * Test 19 = Test all ML-KEM with TLSv1.2 client and server
5129 return TEST_skip("ML-KEM not supported in this version of fips provider"); in test_key_exchange()
5181 * one in configured, except in the case of "all" FFDHE and "all" ML-KEM in test_key_exchange()
5270 /*-
5313 idx -= numec; in test_negotiated_group()
5399 /*- in test_negotiated_group()
5407 idx--; in test_negotiated_group()
5478 /* Integrity-only cipher do not provide any confidentiality */ in test_tls13_ciphersuite()
5762 if (!TEST_true(SSL_set1_groups_list(serverssl, "P-384"))) in test_tls13_psk()
5899 saved_session = sesscache[new_called - 1]; in test_tls13_no_dhe_kex()
5964 memcpy(cookie, cookie_magic_value, sizeof(cookie_magic_value) - 1); in generate_cookie_callback()
5965 *cookie_len = sizeof(cookie_magic_value) - 1; in generate_cookie_callback()
5973 if (cookie_len == sizeof(cookie_magic_value) - 1 in verify_cookie_callback()
6015 * This should fail with a -1 return because we have no callbacks in test_stateless()
6018 || !TEST_int_eq(SSL_stateless(serverssl), -1)) in test_stateless()
6106 return -1; in old_add_cb()
6133 return -1; in old_parse_cb()
6152 return -1; in new_add_cb()
6179 return -1; in new_parse_cb()
6474 const unsigned char *si = &serverinfo_custom_v1[len - 3]; in serverinfo_custom_parse_cb()
6638 sizeof(context) - 1, 1), 0)) in test_export_key_mat()
6653 sizeof(context) - 1, 1), 0)) in test_export_key_mat()
6669 sizeof(context) - 1, 1), 1) in test_export_key_mat()
6691 sizeof(context) -1, 1), in test_export_key_mat()
6797 sizeof(label) - 1, context, sizeof(context) - 1), 1) in test_export_key_mat_early()
6800 sizeof(label) - 1, emptycontext, 0), 1) in test_export_key_mat_early()
6803 sizeof(label) - 1, context, sizeof(context) - 1), 1) in test_export_key_mat_early()
6806 sizeof(label) - 1, emptycontext, 0), 1) in test_export_key_mat_early()
6942 if (!TEST_int_eq(SSL_write(peerwrite, mess, strlen(mess)), -1) in test_key_update_peer_in_write()
6952 /* Now read some data - we will read the key update */ in test_key_update_peer_in_write()
6953 if (!TEST_int_eq(SSL_read(peerwrite, buf, sizeof(buf)), -1) in test_key_update_peer_in_write()
7034 || !TEST_int_eq(SSL_write(local, lwbuf, sizeof(lwbuf)), -1) in test_key_update_peer_in_read()
7035 || !TEST_int_eq(SSL_get_error(local, -1), SSL_ERROR_WANT_WRITE)) in test_key_update_peer_in_read()
7042 if (!TEST_int_eq(SSL_read(peer, prbuf, sizeof(prbuf)), -1) in test_key_update_peer_in_read()
7043 || !TEST_int_eq(SSL_get_error(peer, -1), SSL_ERROR_WANT_READ)) in test_key_update_peer_in_read()
7046 /* Now write some data in peer - we will write the key update */ in test_key_update_peer_in_read()
7116 if (!TEST_int_eq(SSL_write(local, mess, strlen(mess)), -1) in test_key_update_local_in_write()
7117 || !TEST_int_eq(SSL_get_error(local, -1), SSL_ERROR_WANT_WRITE)) in test_key_update_local_in_write()
7141 * read data in peer - we will read the keyupdate msg in test_key_update_local_in_write()
7202 if (!TEST_int_eq(SSL_write(peer, pwbuf, sizeof(pwbuf)), -1) in test_key_update_local_in_read()
7203 || !TEST_int_eq(SSL_get_error(peer, -1), SSL_ERROR_WANT_WRITE)) in test_key_update_local_in_read()
7207 if (!TEST_int_eq(SSL_read(local, lrbuf, sizeof(lrbuf)), -1) in test_key_update_local_in_read()
7208 || !TEST_int_eq(SSL_get_error(local, -1), SSL_ERROR_WANT_READ)) in test_key_update_local_in_read()
7226 * read data in peer - we will read the key update in test_key_update_local_in_read()
7416 /* Maximum-Fragment-Length TLS extension mode to test */
7554 if (SSL_set_srp_server_param(s, user->N, user->g, user->s, user->v, in ssl_srp_cb()
7555 user->info) <= 0) { in ssl_srp_cb()
7637 lgN->N, lgN->g, libctx, NULL))) in create_new_vbase()
7644 user_pwd->N = lgN->N; in create_new_vbase()
7645 user_pwd->g = lgN->g; in create_new_vbase()
7646 user_pwd->id = OPENSSL_strdup(userid); in create_new_vbase()
7647 if (!TEST_ptr(user_pwd->id)) in create_new_vbase()
7650 user_pwd->v = verifier; in create_new_vbase()
7651 user_pwd->s = salt; in create_new_vbase()
7654 if (sk_SRP_user_pwd_insert(vbase->users_pwd, user_pwd, 0) == 0) in create_new_vbase()
7710 || !TEST_true(SSL_CTX_set_cipher_list(cctx, "SRP-AES-128-CBC-SHA")) in test_srp()
7753 static int info_cb_this_state = -1;
7959 info_cb_this_state = -1; in test_info_callback()
8122 || !TEST_int_eq(SSL_pending(clientssl), (int)(written - readbytes)) in test_ssl_pending()
8153 "AES128-SHA:AES256-SHA",
8155 "AES256-SHA:DHE-RSA-AES128-SHA",
8157 "AES256-SHA",
8158 "AES256-SHA"
8165 "AES128-SHA:ECDHE-RSA-CHACHA20-POLY1305",
8167 "AES128-SHA:ECDHE-RSA-CHACHA20-POLY1305",
8169 "AES128-SHA:ECDHE-RSA-CHACHA20-POLY1305",
8170 "AES128-SHA"
8175 "AES128-SHA:DHE-RSA-AES128-SHA:AES256-SHA",
8177 "AES128-SHA:DHE-RSA-AES256-SHA:AES256-SHA",
8179 "AES128-SHA:AES256-SHA",
8180 "AES128-SHA:AES256-SHA"
8184 "AES128-SHA:AES256-SHA",
8186 "AES128-SHA:DHE-RSA-AES128-SHA",
8188 "AES128-SHA",
8189 "AES128-SHA"
8200 "AES128-SHA:AES256-SHA",
8202 "AES256-SHA:AES128-SHA256",
8205 "TLS_AES_128_GCM_SHA256:AES256-SHA",
8206 "TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256:AES256-SHA"
8212 "AES128-SHA",
8214 "AES256-SHA",
8237 * loaded into it. We run the same tests twice - once with the client side in int_test_ssl_get_shared_ciphers()
8375 if (tick_key_renew == -1) in tick_key_cb()
8378 aes128cbc = EVP_CIPHER_fetch(libctx, "AES-128-CBC", NULL); in tick_key_cb()
8381 sha256 = EVP_MD_fetch(libctx, "SHA-256", NULL); in tick_key_cb()
8394 ret = -1; in tick_key_cb()
8417 if (tick_key_renew == -1) in tick_key_evp_cb()
8420 aes128cbc = EVP_CIPHER_fetch(libctx, "AES-128-CBC", NULL); in tick_key_evp_cb()
8433 ret = -1; in tick_key_evp_cb()
8492 tick_key_renew = -1; /* abort sending the ticket/0-length ticket */ in test_ticket_callbacks()
8531 * We only want sessions to resume from tickets - not the session cache. So in test_ticket_callbacks()
8587 || tick_key_renew == -1) { in test_ticket_callbacks()
8672 * Test bi-directional shutdown.
8817 if (!TEST_int_eq(SSL_shutdown(clientssl), -1) in test_shutdown()
8818 || !TEST_int_eq(SSL_get_error(clientssl, -1), SSL_ERROR_SSL)) in test_shutdown()
8873 if (!TEST_int_eq(SSL_shutdown(serverssl), -1) in test_async_shutdown()
8874 || !TEST_int_eq(SSL_get_error(serverssl, -1), SSL_ERROR_WANT_WRITE)) in test_async_shutdown()
8878 if (!TEST_int_eq(SSL_shutdown(serverssl), -1) in test_async_shutdown()
8879 || !TEST_int_eq(SSL_get_error(serverssl, -1), SSL_ERROR_WANT_WRITE)) in test_async_shutdown()
8958 return -1; in cert_cb()
8979 || !TEST_true(load_chain("ca-cert.pem", NULL, NULL, chain)) in cert_cb()
8980 || !TEST_true(load_chain("root-cert.pem", NULL, NULL, chain)) in cert_cb()
8981 || !TEST_true(load_chain("p256-ee-rsa-ca-cert.pem", NULL, in cert_cb()
8983 || !TEST_true(load_chain("p256-ee-rsa-ca-key.pem", &pkey, in cert_cb()
9014 * Test 1: Success - no SSL_set_SSL_CTX() in the callback
9015 * Test 2: Success - SSL_set_SSL_CTX() in the callback
9016 * Test 3: Success - Call SSL_check_chain from the callback
9017 * Test 4: Failure - SSL_check_chain fails from callback due to bad cert in the
9019 * Test 5: Failure - SSL_check_chain fails from callback due to bad ee cert
9028 /* We use an EC cert in these tests, so we skip in a no-ec build */ in test_cert_cb_int()
9041 cert_cb_cnt = -1; in test_cert_cb_int()
9080 && !TEST_int_eq((cert_cb_cnt - 2) * (cert_cb_cnt - 3), 0))) { in test_cert_cb_int()
9222 -1, -1, 0))) in test_ca_names_int()
9333 "AES128-SHA",
9334 "AES128-SHA256",
9335 "AES256-SHA",
9336 "AES256-SHA256",
9339 /* Reduce the fragment size - so the multiblock test buffer can be small */
9346 "AES-128-CBC-HMAC-SHA1", in test_multiblock_write()
9347 "AES-128-CBC-HMAC-SHA256", in test_multiblock_write()
9348 "AES-256-CBC-HMAC-SHA1", in test_multiblock_write()
9349 "AES-256-CBC-HMAC-SHA256" in test_multiblock_write()
9361 * Choose a buffer large enough to perform a multi-block operation in test_multiblock_write()
9396 /* settings to force it to use AES-CBC-HMAC_SHA */ in test_multiblock_write()
9413 len -= readbytes; in test_multiblock_write()
9452 early->session_id_length = SSL3_SSL_SESSION_ID_LENGTH; in test_session_timeout()
9453 memset(early->session_id, 1, SSL3_SSL_SESSION_ID_LENGTH); in test_session_timeout()
9454 middle->session_id_length = SSL3_SSL_SESSION_ID_LENGTH; in test_session_timeout()
9455 memset(middle->session_id, 2, SSL3_SSL_SESSION_ID_LENGTH); in test_session_timeout()
9456 late->session_id_length = SSL3_SSL_SESSION_ID_LENGTH; in test_session_timeout()
9457 memset(late->session_id, 3, SSL3_SSL_SESSION_ID_LENGTH); in test_session_timeout()
9465 if (!TEST_ptr(early->prev) in test_session_timeout()
9466 || !TEST_ptr(middle->prev) in test_session_timeout()
9467 || !TEST_ptr(late->prev)) in test_session_timeout()
9470 if (!TEST_time_t_ne(SSL_SESSION_set_time_ex(early, now - 10), 0) in test_session_timeout()
9481 if (!TEST_ptr(early->prev) in test_session_timeout()
9482 || !TEST_ptr(middle->prev) in test_session_timeout()
9483 || !TEST_ptr(late->prev)) in test_session_timeout()
9487 if (!TEST_ptr_eq(late->next, middle) in test_session_timeout()
9488 || !TEST_ptr_eq(middle->next, early) in test_session_timeout()
9489 || !TEST_ptr_eq(early->prev, middle) in test_session_timeout()
9490 || !TEST_ptr_eq(middle->prev, late)) in test_session_timeout()
9494 SSL_CTX_flush_sessions_ex(ctx, now + TIMEOUT - 1); in test_session_timeout()
9495 if (!TEST_ptr_null(early->prev) in test_session_timeout()
9496 || !TEST_ptr(middle->prev) in test_session_timeout()
9497 || !TEST_ptr(late->prev)) in test_session_timeout()
9502 if (!TEST_ptr_null(early->prev) in test_session_timeout()
9503 || !TEST_ptr_null(middle->prev) in test_session_timeout()
9504 || !TEST_ptr(late->prev)) in test_session_timeout()
9509 if (!TEST_ptr_null(early->prev) in test_session_timeout()
9510 || !TEST_ptr_null(middle->prev) in test_session_timeout()
9511 || !TEST_ptr_null(late->prev)) in test_session_timeout()
9521 if (!TEST_ptr(early->prev) in test_session_timeout()
9522 || !TEST_ptr(middle->prev) in test_session_timeout()
9523 || !TEST_ptr(late->prev)) in test_session_timeout()
9528 if (!TEST_ptr_null(early->prev) in test_session_timeout()
9529 || !TEST_ptr_null(middle->prev) in test_session_timeout()
9530 || !TEST_ptr_null(late->prev)) in test_session_timeout()
9537 now -= 10; in test_session_timeout()
9634 * internal cache - but we will return it anyway from our external cache. in test_session_cache_overflow()
9838 if (!TEST_size_t_eq(ctx->cert->conf_sigalgslen, 2) in test_unknown_sigalgs_groups()
9839 || !TEST_int_eq(ctx->cert->conf_sigalgs[0], TLSEXT_SIGALG_rsa_pkcs1_sha256) in test_unknown_sigalgs_groups()
9840 || !TEST_int_eq(ctx->cert->conf_sigalgs[1], TLSEXT_SIGALG_rsa_pkcs1_sha512)) in test_unknown_sigalgs_groups()
9847 if (!TEST_size_t_eq(ctx->cert->client_sigalgslen, 2) in test_unknown_sigalgs_groups()
9848 || !TEST_int_eq(ctx->cert->client_sigalgs[0], TLSEXT_SIGALG_rsa_pkcs1_sha256) in test_unknown_sigalgs_groups()
9849 || !TEST_int_eq(ctx->cert->client_sigalgs[1], TLSEXT_SIGALG_rsa_pkcs1_sha512)) in test_unknown_sigalgs_groups()
9864 "P-256:nonexistent"), in test_unknown_sigalgs_groups()
9869 "P-384:?nonexistent:?P-521"), in test_unknown_sigalgs_groups()
9872 if (!TEST_size_t_eq(ctx->ext.supportedgroups_len, 2) in test_unknown_sigalgs_groups()
9873 || !TEST_int_eq(ctx->ext.supportedgroups[0], OSSL_TLS_GROUP_ID_secp384r1) in test_unknown_sigalgs_groups()
9874 || !TEST_int_eq(ctx->ext.supportedgroups[1], OSSL_TLS_GROUP_ID_secp521r1)) in test_unknown_sigalgs_groups()
9893 groups_len = ctx->ext.supportedgroups_len; in test_configuration_of_groups()
9897 || !TEST_size_t_eq(ctx->ext.supportedgroups_len, groups_len)) in test_configuration_of_groups()
9900 if (!TEST_int_gt(SSL_CTX_set1_groups_list(ctx, "DEFAULT:-?P-256"), 0) in test_configuration_of_groups()
9902 || !TEST_size_t_eq(ctx->ext.supportedgroups_len, groups_len - 1) in test_configuration_of_groups()
9904 || !TEST_size_t_eq(ctx->ext.supportedgroups_len, groups_len) in test_configuration_of_groups()
9910 if (!TEST_int_gt(SSL_CTX_set1_groups_list(ctx, "?P-256:?P-521:-?P-256"), 0) in test_configuration_of_groups()
9911 || !TEST_size_t_eq(ctx->ext.supportedgroups_len, 1) in test_configuration_of_groups()
9912 || !TEST_int_eq(ctx->ext.supportedgroups[0], OSSL_TLS_GROUP_ID_secp521r1) in test_configuration_of_groups()
9931 * Test 1: The client only has SHA2-256: only SHA2-256 algorithms shared
9932 * Test 2: The server only has SHA2-256: only SHA2-256 algorithms shared
9962 * Only enable SHA2-256 so rsa_pss_rsae_sha384 should not be offered in test_sigalgs_available()
9964 * *requires* SHA2-256 to be available so we cannot disable that. We in test_sigalgs_available()
9968 "SHA2-256:SHA1"))) in test_sigalgs_available()
9994 /* Avoid MLKEM groups that depend on possibly filtered-out digests */ in test_sigalgs_available()
10010 /* ECDSA P-256 first server key */ in test_sigalgs_available()
10022 "ECDHE-RSA-AES128-GCM-SHA256"))) in test_sigalgs_available()
10026 "ECDHE-ECDSA-AES128-GCM-SHA256"))) in test_sigalgs_available()
10045 /* ECDSA P-256 second server key, unless already first */ in test_sigalgs_available()
10115 OSSL_PROVIDER *tlsprov = OSSL_PROVIDER_load(libctx, "tls-provider"); in test_pluggable_group()
10164 * of the artificial "xorhmacsig" algorithm implemented in tls-provider
10188 (unsigned char *)"CH", -1, -1, 0)) in create_cert_key()
10190 (unsigned char *)"test.org", -1, -1, 0)) in create_cert_key()
10192 (unsigned char *)"localhost", -1, -1, 0)) in create_cert_key()
10212 * Test 0: Signature algorithm with built-in hashing functionality: "xorhmacsig"
10214 * Test 2: Signature algorithm with built-in hashing configured via SSL_CONF_cmd
10225 OSSL_PROVIDER *tlsprov = OSSL_PROVIDER_load(libctx, "tls-provider"); in test_pluggable_signature()
10227 char *certfilename = "tls-prov-cert.pem"; in test_pluggable_signature()
10228 char *privkeyfilename = "tls-prov-key.pem"; in test_pluggable_signature()
10301 * via the tls-provider-implemented "hmacsig" algorithm, testing in test_pluggable_signature()
10415 * Test the session_secret_cb which is designed for use with EAP-FAST
10456 * No session ids for EAP-FAST - otherwise the state machine gets very in test_session_secret_cb()
10661 || !TEST_true(SSL_set_cipher_list(serverssl, "DHE-RSA-AES128-SHA"))) in test_set_tmp_dh()
10699 const char *ciphersuite = "DHE-RSA-AES128-SHA"; in test_dh_auto()
10706 /* The FIPS provider doesn't support this DH size - so we ignore it */ in test_dh_auto()
10740 /* The FIPS provider doesn't support this DH size - so we ignore it */ in test_dh_auto()
10745 ciphersuite = "ADH-AES128-SHA256:@SECLEVEL=0"; in test_dh_auto()
10749 ciphersuite = "ADH-AES256-SHA256:@SECLEVEL=0"; in test_dh_auto()
10945 /* the set_alpn functions return 0 (false) on success, non-zero (true) on failure */ in test_set_alpn()
11284 if (!TEST_true(SSL_read_ex(serverssl, buf, sizeof(buf) - 1, in test_read_ahead_key_change()
11313 return SSL3_RT_MAX_PLAIN_LENGTH - len; in record_pad_cb()
11316 * Exceeding the maximum padding should be fine. It should just pad to in record_pad_cb()
11319 return SSL3_RT_MAX_PLAIN_LENGTH + 1 - len; in record_pad_cb()
11410 * been applied to the record - just that we can continue to communicate in test_tls13_record_padding()
11418 if (!TEST_true(SSL_read_ex(serverssl, buf, sizeof(buf) - 1, in test_tls13_record_padding()
11497 if (!TEST_true(SSL_set_cipher_list(clientssl, "AES128-SHA"))) in test_pipelining()
11526 msglen -= 2; /* Send 2 less bytes */ in test_pipelining()
11528 msglen -= 12; /* Send 12 less bytes */ in test_pipelining()
11545 * (50 bytes in total). This is a ridiculously small number of bytes - in test_pipelining()
11562 * have been used - except in test 3 where only |numpipes - 1| pipelines in test_pipelining()
11563 * will be used. This will result in |numpipes| records (|numpipes - 1| for in test_pipelining()
11565 * expect this to be read in |numpipes| or |numpipes - 1| separate in test_pipelining()
11573 msglen - offset, &readbytes))) in test_pipelining()
11578 : (idx == 3 ? numpipes - 1 : numpipes); in test_pipelining()
11588 size_t sendlen = msglen - offset; in test_pipelining()
11598 * The data was written in |numpipes|, |numpipes - 1| or |numpipes + 1| in test_pipelining()
11612 msglen - readbytes, &readbytes2))) in test_pipelining()
11864 * to indicate retry via -1 - but sometimes BIOs don't do that.
11874 * Test 8-15: Repeat of above with TLSv1.2
11929 if (!TEST_int_eq(SSL_connect(clientssl), -1)) in test_handshake_retry()
11932 if (!TEST_int_eq(SSL_accept(serverssl), -1) in test_handshake_retry()
11933 || !TEST_int_eq(SSL_get_error(serverssl, -1), SSL_ERROR_WANT_WRITE)) in test_handshake_retry()
11951 set_always_retry_err_val(-1); in test_handshake_retry()
12034 while (SSL_read_ex(serverssl, outbuf + totread, sizeof(outbuf) - totread, in test_data_retry()
12061 * the same session - and mark the session as not_resuamble at the end
12069 if (cbdata->recurse) in resume_servername_cb()
12072 if ((cbdata->i % 3) != 1) in resume_servername_cb()
12075 cbdata->recurse = 1; in resume_servername_cb()
12077 if (!TEST_true(create_ssl_objects(cbdata->sctx, cbdata->cctx, &serverssl, in resume_servername_cb()
12079 || !TEST_true(SSL_set_session(clientssl, cbdata->sess))) in resume_servername_cb()
12084 * We expect this to fail - because the servername cb will fail. This will in resume_servername_cb()
12097 cbdata->recurse = 0; in resume_servername_cb()
12286 -1, { 0 },
12299 -1, { 0 },
12325 if (np->clientlen == -1) { in test_select_next_proto()
12329 client = np->client; in test_select_next_proto()
12330 clientlen = (unsigned int)np->clientlen; in test_select_next_proto()
12332 if (np->serverlen == -1) { in test_select_next_proto()
12336 server = np->server; in test_select_next_proto()
12337 serverlen = (unsigned int)np->serverlen; in test_select_next_proto()
12342 np->expected_ret)) in test_select_next_proto()
12345 if (np->selectedlen == 0) { in test_select_next_proto()
12349 if (!TEST_mem_eq(out, outlen, np->selected, np->selectedlen)) in test_select_next_proto()
12623 struct quic_tls_test_data *peer = data->peer; in crypto_send_cb()
12624 size_t max_len = sizeof(peer->rcd_data[data->wenc_level]) in crypto_send_cb()
12625 - peer->rcd_data_len[data->wenc_level]; in crypto_send_cb()
12628 data->err = 1; in crypto_send_cb()
12640 memcpy(peer->rcd_data[data->wenc_level] in crypto_send_cb()
12641 + peer->rcd_data_len[data->wenc_level], buf, buf_len); in crypto_send_cb()
12642 peer->rcd_data_len[data->wenc_level] += buf_len; in crypto_send_cb()
12653 data->err = 1; in crypto_recv_rcd_cb()
12657 *bytes_read = data->rcd_data_len[data->renc_level]; in crypto_recv_rcd_cb()
12658 *buf = data->rcd_data[data->renc_level]; in crypto_recv_rcd_cb()
12667 data->err = 1; in crypto_release_rcd_cb()
12672 if (data->forcefail) { in crypto_release_rcd_cb()
12673 data->forcefail = 0; in crypto_release_rcd_cb()
12674 data->err = 1; in crypto_release_rcd_cb()
12678 if (!TEST_size_t_eq(bytes_read, data->rcd_data_len[data->renc_level]) in crypto_release_rcd_cb()
12680 data->err = 1; in crypto_release_rcd_cb()
12683 data->rcd_data_len[data->renc_level] = 0; in crypto_release_rcd_cb()
12791 if (!TEST_size_t_le(secret_len, sizeof(data->rsecret))) in yield_secret_cb()
12793 data->renc_level = prot_level; in yield_secret_cb()
12794 memcpy(data->rsecret[prot_level - 1], secret, secret_len); in yield_secret_cb()
12795 data->rsecret_len[prot_level - 1] = secret_len; in yield_secret_cb()
12799 if (!TEST_size_t_le(secret_len, sizeof(data->wsecret))) in yield_secret_cb()
12801 data->wenc_level = prot_level; in yield_secret_cb()
12802 memcpy(data->wsecret[prot_level - 1], secret, secret_len); in yield_secret_cb()
12803 data->wsecret_len[prot_level - 1] = secret_len; in yield_secret_cb()
12814 secret_history[secret_history_idx].sm_generation = data->sm_count; in yield_secret_cb()
12818 data->err = 1; in yield_secret_cb()
12845 data->err = 1; in got_transport_params_cb()
12849 if (!TEST_size_t_le(params_len, sizeof(data->params))) { in got_transport_params_cb()
12850 data->err = 1; in got_transport_params_cb()
12854 memcpy(data->params, params, params_len); in got_transport_params_cb()
12855 data->params_len = params_len; in got_transport_params_cb()
12865 data->err = 1; in alert_cb()
12869 data->alert = 1; in alert_cb()
12992 for (i = OSSL_RECORD_PROTECTION_LEVEL_EARLY - 1; in test_quic_tls()
13136 if (!TEST_int_eq(SSL_connect(clientssl), -1) in test_quic_tls_early_data()
13137 || !TEST_int_eq(SSL_accept(serverssl), -1) in test_quic_tls_early_data()
13164 for (i = OSSL_RECORD_PROTECTION_LEVEL_EARLY - 1; in test_quic_tls_early_data()
13334 reffile = test_mk_file_path(datadir, "ssltraceref-zlib.txt"); in test_ssl_trace()
13420 * We add, but don't load the test "tls-provider". We'll load it when we in setup_tests()
13423 if (!TEST_true(OSSL_PROVIDER_add_builtin(libctx, "tls-provider", in setup_tests()
13452 cert2 = test_mk_file_path(certsdir, "server-ecdsa-cert.pem"); in setup_tests()
13456 privkey2 = test_mk_file_path(certsdir, "server-ecdsa-key.pem"); in setup_tests()
13460 cert1024 = test_mk_file_path(certsdir, "ee-cert-1024.pem"); in setup_tests()
13464 privkey1024 = test_mk_file_path(certsdir, "ee-key-1024.pem"); in setup_tests()
13468 cert3072 = test_mk_file_path(certsdir, "ee-cert-3072.pem"); in setup_tests()
13472 privkey3072 = test_mk_file_path(certsdir, "ee-key-3072.pem"); in setup_tests()
13476 cert4096 = test_mk_file_path(certsdir, "ee-cert-4096.pem"); in setup_tests()
13480 privkey4096 = test_mk_file_path(certsdir, "ee-key-4096.pem"); in setup_tests()
13484 cert8192 = test_mk_file_path(certsdir, "ee-cert-8192.pem"); in setup_tests()
13488 privkey8192 = test_mk_file_path(certsdir, "ee-key-8192.pem"); in setup_tests()