TeamHepta/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2026-03-20 19:21:09 +01:00
Code Issues Packages Projects Releases Wiki Activity

ssl-opt: Updated documentation.

Browse Source 
Signed-off-by: Minos Galanakis <minos.galanakis@arm.com>
This commit is contained in:
Minos Galanakis
2025-02-18 17:28:27 +00:00
parent 36c81f5f05
commit d708a63857
1 changed files with 8 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
tests/ssl-opt.sh
View File

@@ -13873,6 +13873,11 @@ run_test "TLS 1.2 ClientHello indicating support for deflate compression meth
-s "dumping .client hello, compression. (2 bytes)"
# Handshake defragmentation testing
# To warrant that the handhake messages are large enough and need to be split
# into fragments, the tests require certificate authentication. The party in control
# of the fragmentation operations is OpenSSL and will always use server5.crt (548 Bytes)
# either from O_NEXT_SRV or test data.
requires_openssl_3_x
requires_protocol_version tls13
requires_certificate_authentication
@@ -13932,12 +13937,6 @@ run_test "Handshake defragmentation on client: len=513, TLS 1.2" \
-c "handshake fragment: 0 \\.\\. 513 of [0-9]\\+ msglen 513" \
-c "waiting for more fragments (513 of [0-9]\\+"
# OpenSSL does not allow max_send_frag to be less than 512
# so we use split_send_frag instead for tests lower than 512 below.
# There is an issue with OpenSSL when fragmenting with values less
# than 512 bytes in TLS 1.2 so we require TLS 1.3 with these values.
requires_openssl_3_x
requires_protocol_version tls13
requires_certificate_authentication
@@ -14405,11 +14404,13 @@ run_test "Handshake defragmentation on server: len=3, TLS 1.3" \
-s "handshake message too short: 3" \
-s "SSL - An invalid SSL record was received"
# Server-side ClientHello degfragmentation is only supported for MBEDTLS_SSL_PROTO_TLS1_3. For TLS 1.2 testing
# the server should suport both protocols and downgrade to client-requested TL1.2 after proccessing the ClientHello.
requires_openssl_3_x
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_2
requires_config_enabled MBEDTLS_SSL_PROTO_TLS1_3
requires_certificate_authentication
run_test "Handshake defragmentation on server: len=3, TLS 1.3" \
run_test "Handshake defragmentation on server: len=3, TLS 1.3 -> 1.2" \
"$P_SRV debug_level=4 auth_mode=required" \
"$O_NEXT_CLI -tls1_2 -split_send_frag 3 -cert $DATA_FILES_PATH/server5.crt -key $DATA_FILES_PATH/server5.key" \
1 \