starlight-apk/tiny_computer
1
0
Fork 0
mirror of https://github.com/Cateners/tiny_computer.git synced 2026-05-20 16:35:47 +08:00
Code Issues Packages Projects Releases Wiki Activity

Update code to v1.0.14 (10)

Browse Source
This commit is contained in:
Caten
2024-02-29 19:35:00 +08:00
parent c2ee3b694c
commit a956d26f6d
3188 changed files with 2317293 additions and 146 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
android/extern/wolfssl/tests/CONF_FILES_README.md vendored Normal file
View File

@@ -0,0 +1,4 @@
`suites.c` is a dynamicically written program where new test cases can be written
and added to as needed. When creating a new configure file for a test be sure
to use the exact formatting as the existing configure files. Reference `test.conf`
for an example.

19
android/extern/wolfssl/tests/NCONF_test.cnf vendored Normal file
View File

@@ -0,0 +1,19 @@
#
# This file is a sample configuration file that
# can be loaded with wolfSSL_NCONF_load
#
dir = ./test-dir
port = 1234
[ section1 ]
file1 = ./test-dir/file1 # test comment
file1_copy = $dir/file1
s1_dir = ./section1 # more comments
[section2]
fileName2 = file2
file_list = ${section1::file1}:$dir/file2:${section1::s1_dir}:$fileName2
port = 4321

1
android/extern/wolfssl/tests/README vendored Normal file
View File

@@ -0,0 +1 @@
Before creating any new configure files (.conf) read the CONF_FILES_README.md

33
android/extern/wolfssl/tests/TXT_DB.txt vendored Normal file
View File

@@ -0,0 +1,33 @@
# This file was generated by libest unit tests.
V 211015165802Z 12F8 unknown /CN=TestCase9
V 211015165748Z 12F6 unknown /CN=rsa doe
V 211015165732Z 12F4 unknown /CN=rsa doe
V 211015165716Z 12F2 unknown /CN=rsa doe
V 320926161828Z 12F0 unknown /CN=rsa doe
V 211014161800Z 12EE unknown /CN=us4880_test2
V 320926161718Z 12EC unknown /CN=TEST16-CN
V 320926161653Z 12EA unknown /CN=TC4752-13
V 320926161607Z 12E8 unknown /CN=TC4752-8
V 320926161541Z 12E6 unknown /CN=US4752-TC2
V 320926161515Z 12E4 unknown /CN=TCUS3612-3
V 211014161456Z 12E2 unknown /CN=TC2174-4
V 211014161456Z 12E0 unknown /CN=TC2174-4
V 211014161455Z 12DE unknown /CN=TC2174-4
V 320926161440Z 12DC unknown /CN=TC1883-7
V 320926161440Z 12DA unknown /CN=TC1883-6
V 320926161434Z 12D8 unknown /CN=rsa doe
V 320926161421Z 12D6 unknown /CN=TC1005-93
V 320926161410Z 12D4 unknown /CN=TC1005-10
V 320926161359Z 12D2 unknown /CN=TC1005-8
V 320926161349Z 12D0 unknown /CN=TC1005-6
V 320926161343Z 12CE unknown /CN=TC1005-3
V 320926161343Z 12CC unknown /CN=TC1005-1
V 320926161338Z 12CA unknown /CN=TestCase9
V 320926161332Z 12C8 unknown /CN=US903-test7 CN
V 320926161321Z 12C6 unknown /CN=dsa doe
V 320926161321Z 12C4 unknown /CN=rsa doe
V 320926161304Z 12C2 unknown /CN=dsa doe
V 320926161304Z 12C0 unknown /CN=rsa doe
V 320926161208Z 12BE unknown /serialNumber=PID:Widget SN:2/CN=req by client in demo step 2
V 320926161116Z 12BC unknown /serialNumber=PID:Widget SN:2/CN=req by client in demo step 2

60685
android/extern/wolfssl/tests/api.c vendored Normal file
View File

File diff suppressed because it is too large Load Diff

1056
android/extern/wolfssl/tests/hash.c vendored Normal file
View File

File diff suppressed because it is too large Load Diff

72
android/extern/wolfssl/tests/include.am vendored Normal file
View File

@@ -0,0 +1,72 @@
# vim:ft=automake
# included from Top Level Makefile.am
# All paths should be given relative to the root
if BUILD_TESTS
noinst_PROGRAMS += tests/unit.test
tests_unit_test_SOURCES = \
tests/unit.c \
tests/api.c \
tests/suites.c \
tests/hash.c \
tests/w64wrapper.c \
tests/srp.c \
tests/quic.c \
examples/client/client.c \
examples/server/server.c
tests_unit_test_CFLAGS = -DNO_MAIN_DRIVER $(AM_CFLAGS) $(WOLFSENTRY_INCLUDE)
tests_unit_test_LDADD = src/libwolfssl.la $(LIB_STATIC_ADD) $(WOLFSENTRY_LIB)
tests_unit_test_DEPENDENCIES = src/libwolfssl.la
endif
EXTRA_DIST += tests/unit.h \
tests/test.conf \
tests/test-sha2.conf \
tests/test-tls13.conf \
tests/test-tls13-down.conf \
tests/test-tls13-ecc.conf \
tests/test-tls13-psk.conf \
tests/test-tls13-pq.conf \
tests/test-tls13-pq-2.conf \
tests/test-dtls13-pq.conf \
tests/test-dtls13-pq-2.conf \
tests/test-psk.conf \
tests/test-psk-no-id.conf \
tests/test-psk-no-id-sha2.conf \
tests/test-dtls.conf \
tests/test-dtls-downgrade.conf \
tests/test-dtls-fails.conf \
tests/test-dtls-fails-cipher.conf \
tests/test-dtls-group.conf \
tests/test-dtls-mtu.conf \
tests/test-dtls-reneg-client.conf \
tests/test-dtls-reneg-server.conf \
tests/test-dtls-resume.conf \
tests/test-dtls-sha2.conf \
tests/test-dtls-srtp.conf \
tests/test-dtls-srtp-fails.conf \
tests/test-dtls13.conf \
tests/test-dtls13-downgrade.conf \
tests/test-dtls13-downgrade-fails.conf \
tests/test-dtls13-psk.conf \
tests/test-dtls13-cid.conf \
tests/test-sctp.conf \
tests/test-sctp-sha2.conf \
tests/test-sig.conf \
tests/test-rsapss.conf \
tests/test-ed25519.conf \
tests/test-ed448.conf \
tests/test-enckeys.conf \
tests/test-maxfrag.conf \
tests/test-maxfrag-dtls.conf \
tests/test-fails.conf \
tests/test-chains.conf \
tests/test-altchains.conf \
tests/test-trustpeer.conf \
tests/test-dhprime.conf \
tests/test-p521.conf \
tests/test-ecc-cust-curves.conf \
tests/NCONF_test.cnf \
tests/test-tls-downgrade.conf \
tests/TXT_DB.txt
DISTCLEANFILES+= tests/.libs/unit.test

1653
android/extern/wolfssl/tests/quic.c vendored Normal file
View File

File diff suppressed because it is too large Load Diff

839
android/extern/wolfssl/tests/srp.c vendored Normal file
View File

@@ -0,0 +1,839 @@
/* srp.c SRP unit tests
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <wolfssl/wolfcrypt/settings.h>
#include <tests/unit.h>
#include <wolfssl/wolfcrypt/sha512.h>
#include <wolfssl/wolfcrypt/srp.h>
#if defined(WOLFCRYPT_HAVE_SRP) && defined(WOLFSSL_SHA512)
static byte username[] = "user";
static word32 usernameSz = 4;
static byte password[] = "password";
static word32 passwordSz = 8;
static byte srp_N[] = {
0xD4, 0xC7, 0xF8, 0xA2, 0xB3, 0x2C, 0x11, 0xB8, 0xFB, 0xA9, 0x58, 0x1E,
0xC4, 0xBA, 0x4F, 0x1B, 0x04, 0x21, 0x56, 0x42, 0xEF, 0x73, 0x55, 0xE3,
0x7C, 0x0F, 0xC0, 0x44, 0x3E, 0xF7, 0x56, 0xEA, 0x2C, 0x6B, 0x8E, 0xEB,
0x75, 0x5A, 0x1C, 0x72, 0x30, 0x27, 0x66, 0x3C, 0xAA, 0x26, 0x5E, 0xF7,
0x85, 0xB8, 0xFF, 0x6A, 0x9B, 0x35, 0x22, 0x7A, 0x52, 0xD8, 0x66, 0x33,
0xDB, 0xDF, 0xCA, 0x43
};
static byte srp_g[] = {
0x02
};
static byte srp_salt[] = {
0x80, 0x66, 0x61, 0x5B, 0x7D, 0x33, 0xA2, 0x2E, 0x79, 0x18
};
static byte srp_verifier[] = {
0x24, 0x5F, 0xA5, 0x1B, 0x2A, 0x28, 0xF8, 0xFF, 0xE2, 0xA0, 0xF8, 0x61,
0x7B, 0x0F, 0x3C, 0x05, 0xD6, 0x4A, 0x55, 0xDF, 0x74, 0x31, 0x54, 0x47,
0xA1, 0xFA, 0x9D, 0x25, 0x7B, 0x02, 0x88, 0x0A, 0xE8, 0x5A, 0xBA, 0x8B,
0xA2, 0xD3, 0x8A, 0x62, 0x46, 0x8C, 0xEC, 0x52, 0xBE, 0xDE, 0xFC, 0x75,
0xF5, 0xDB, 0x9C, 0x8C, 0x9B, 0x34, 0x7A, 0xE7, 0x4A, 0x5F, 0xBB, 0x96,
0x38, 0x19, 0xAB, 0x24
};
static byte srp_a[] = {
0x37, 0x95, 0xF2, 0xA6, 0xF1, 0x6F, 0x0D, 0x58, 0xBF, 0xED, 0x44, 0x87,
0xE0, 0xB6, 0xCC, 0x1C, 0xA0, 0x50, 0xC6, 0x61, 0xBB, 0x36, 0xE0, 0x9A,
0xF3, 0xF7, 0x1E, 0x7A, 0x61, 0x86, 0x5A, 0xF5
};
static byte srp_A[] = {
0x8D, 0x28, 0xC5, 0x6A, 0x46, 0x5C, 0x82, 0xDB, 0xC7, 0xF6, 0x8B, 0x62,
0x1A, 0xAD, 0xA1, 0x76, 0x1B, 0x55, 0xFF, 0xAB, 0x10, 0x2F, 0xFF, 0x4A,
0xAA, 0x46, 0xAD, 0x33, 0x64, 0xDE, 0x28, 0x2E, 0x82, 0x7A, 0xBE, 0xEA,
0x32, 0xFC, 0xD6, 0x14, 0x01, 0x71, 0xE6, 0xC8, 0xC9, 0x53, 0x69, 0x55,
0xE1, 0xF8, 0x3D, 0xDD, 0xC7, 0xD5, 0x21, 0xCE, 0xFF, 0x17, 0xFC, 0x23,
0xBF, 0xCF, 0x2D, 0xB0
};
static byte srp_b[] = {
0x2B, 0xDD, 0x30, 0x30, 0x53, 0xAF, 0xD8, 0x3A, 0xE7, 0xE0, 0x17, 0x82,
0x39, 0x44, 0x2C, 0xDB, 0x30, 0x88, 0x0F, 0xC8, 0x88, 0xC2, 0xB2, 0xC1,
0x78, 0x43, 0x2F, 0xD5, 0x60, 0xD4, 0xDA, 0x43
};
static byte srp_B[] = {
0xB5, 0x80, 0x36, 0x7F, 0x50, 0x89, 0xC1, 0x04, 0x42, 0x98, 0xD7, 0x6A,
0x37, 0x8E, 0xF1, 0x81, 0x52, 0xC5, 0x7A, 0xA1, 0xD5, 0xB7, 0x66, 0x84,
0xA1, 0x3E, 0x32, 0x82, 0x2B, 0x3A, 0xB5, 0xD7, 0x3D, 0x50, 0xF1, 0x58,
0xBD, 0x89, 0x75, 0xC7, 0x51, 0xCF, 0x6C, 0x03, 0xD4, 0xCA, 0xD5, 0x6E,
0x97, 0x4D, 0xA3, 0x1E, 0x19, 0x0B, 0xF0, 0xAA, 0x7D, 0x14, 0x90, 0x80,
0x0E, 0xC7, 0x92, 0xAD
};
static byte srp_key[] = {
0x66, 0x00, 0x9D, 0x58, 0xB3, 0xD2, 0x0D, 0x4B, 0x69, 0x7F, 0xCF, 0x48,
0xFF, 0x8F, 0x15, 0x81, 0x4C, 0x4B, 0xFE, 0x9D, 0x85, 0x77, 0x88, 0x60,
0x1D, 0x1E, 0x51, 0xCF, 0x75, 0xCC, 0x58, 0x00, 0xE7, 0x8D, 0x22, 0x87,
0x13, 0x6C, 0x88, 0x55
};
static byte srp_client_proof[] = {
0x0D, 0x49, 0xE1, 0x9C, 0x3A, 0x88, 0x43, 0x15, 0x45, 0xA8, 0xAC, 0xAB,
0xEA, 0x15, 0x1A, 0xEE, 0xF9, 0x38, 0x4D, 0x21
};
static byte srp_server_proof[] = {
0xBD, 0xB1, 0x20, 0x70, 0x46, 0xC9, 0xD6, 0xCC, 0xE2, 0x1D, 0x75, 0xA2,
0xD0, 0xAF, 0xC5, 0xBC, 0xAE, 0x12, 0xFC, 0x75
};
static void test_SrpInit(void)
{
Srp srp;
/* invalid params */
AssertIntEQ(BAD_FUNC_ARG, wc_SrpInit(NULL, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpInit(&srp, (SrpType)255, SRP_CLIENT_SIDE));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpInit(&srp, SRP_TYPE_SHA, (SrpSide)255));
/* success */
AssertIntEQ(0, wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
wc_SrpTerm(&srp);
}
static void test_SrpSetUsername(void)
{
Srp srp;
AssertIntEQ(0, wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
/* invalid params */
AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetUsername(NULL, username, usernameSz));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetUsername(&srp, NULL, usernameSz));
/* success */
AssertIntEQ(0, wc_SrpSetUsername(&srp, username, usernameSz));
AssertIntEQ((int) usernameSz, srp.userSz);
AssertIntEQ(0, XMEMCMP(srp.user, username, usernameSz));
wc_SrpTerm(&srp);
}
static void test_SrpSetParams(void)
{
Srp srp;
AssertIntEQ(0, wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
/* invalid call order */
AssertIntEQ(SRP_CALL_ORDER_E, wc_SrpSetParams(&srp,
srp_N, sizeof(srp_N),
srp_g, sizeof(srp_g),
srp_salt, sizeof(srp_salt)));
/* fix call order */
AssertIntEQ(0, wc_SrpSetUsername(&srp, username, usernameSz));
/* invalid params */
AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetParams(NULL,
srp_N, sizeof(srp_N),
srp_g, sizeof(srp_g),
srp_salt, sizeof(srp_salt)));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetParams(&srp,
NULL, sizeof(srp_N),
srp_g, sizeof(srp_g),
srp_salt, sizeof(srp_salt)));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetParams(&srp,
srp_N, sizeof(srp_N),
NULL, sizeof(srp_g),
srp_salt, sizeof(srp_salt)));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetParams(&srp,
srp_N, sizeof(srp_N),
srp_g, sizeof(srp_g),
NULL, sizeof(srp_salt)));
/* success */
AssertIntEQ(0, wc_SrpSetParams(&srp, srp_N, sizeof(srp_N),
srp_g, sizeof(srp_g),
srp_salt, sizeof(srp_salt)));
AssertIntEQ(sizeof(srp_salt), srp.saltSz);
AssertIntEQ(0, XMEMCMP(srp.salt, srp_salt, srp.saltSz));
wc_SrpTerm(&srp);
}
static void test_SrpSetPassword(void)
{
Srp srp;
byte v[64];
word32 vSz = 0;
AssertIntEQ(0, wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
AssertIntEQ(0, wc_SrpSetUsername(&srp, username, usernameSz));
/* invalid call order */
AssertIntEQ(SRP_CALL_ORDER_E,
wc_SrpSetPassword(&srp, password, passwordSz));
AssertIntEQ(SRP_CALL_ORDER_E,
wc_SrpGetVerifier(&srp, v, &vSz));
/* fix call order */
AssertIntEQ(0, wc_SrpSetParams(&srp, srp_N, sizeof(srp_N),
srp_g, sizeof(srp_g),
srp_salt, sizeof(srp_salt)));
/* invalid params */
AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetPassword(NULL, password, passwordSz));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetPassword(&srp, NULL, passwordSz));
/* success */
AssertIntEQ(0, wc_SrpSetPassword(&srp, password, passwordSz));
/* invalid params */
AssertIntEQ(BAD_FUNC_ARG, wc_SrpGetVerifier(NULL, v, &vSz));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpGetVerifier(&srp, NULL, &vSz));
AssertIntEQ(BUFFER_E, wc_SrpGetVerifier(&srp, v, &vSz));
/* success */
vSz = sizeof(v);
AssertIntEQ(0, wc_SrpGetVerifier(&srp, v, &vSz));
AssertIntEQ(vSz, sizeof(srp_verifier));
AssertIntEQ(0, XMEMCMP(srp_verifier, v, vSz));
/* invalid params - client side srp */
AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetVerifier(&srp, v, vSz));
wc_SrpTerm(&srp);
AssertIntEQ(0, wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_SERVER_SIDE));
/* invalid params */
AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetVerifier(NULL, v, vSz));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpSetVerifier(&srp, NULL, vSz));
/* success */
AssertIntEQ(0, wc_SrpSetVerifier(&srp, v, vSz));
wc_SrpTerm(&srp);
}
static void test_SrpGetPublic(void)
{
Srp srp;
byte pub[64];
word32 pubSz = 0;
AssertIntEQ(0, wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
AssertIntEQ(0, wc_SrpSetUsername(&srp, username, usernameSz));
AssertIntEQ(0, wc_SrpSetParams(&srp, srp_N, sizeof(srp_N),
srp_g, sizeof(srp_g),
srp_salt, sizeof(srp_salt)));
/* invalid call order */
AssertIntEQ(SRP_CALL_ORDER_E, wc_SrpGetPublic(&srp, pub, &pubSz));
/* fix call order */
AssertIntEQ(0, wc_SrpSetPassword(&srp, password, passwordSz));
/* invalid params */
AssertIntEQ(BAD_FUNC_ARG, wc_SrpGetPublic(NULL, pub, &pubSz));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpGetPublic(&srp, NULL, &pubSz));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpGetPublic(&srp, pub, NULL));
AssertIntEQ(BUFFER_E, wc_SrpGetPublic(&srp, pub, &pubSz));
/* success */
pubSz = sizeof(pub);
AssertIntEQ(0, wc_SrpSetPrivate(&srp, srp_a, sizeof(srp_a)));
AssertIntEQ(0, wc_SrpGetPublic(&srp, pub, &pubSz));
AssertIntEQ(pubSz, sizeof(srp_A));
AssertIntEQ(0, XMEMCMP(pub, srp_A, pubSz));
wc_SrpTerm(&srp);
AssertIntEQ(0, wc_SrpInit(&srp, SRP_TYPE_SHA, SRP_SERVER_SIDE));
AssertIntEQ(0, wc_SrpSetUsername(&srp, username, usernameSz));
AssertIntEQ(0, wc_SrpSetParams(&srp, srp_N, sizeof(srp_N),
srp_g, sizeof(srp_g),
srp_salt, sizeof(srp_salt)));
/* invalid call order */
AssertIntEQ(SRP_CALL_ORDER_E, wc_SrpGetPublic(&srp, pub, &pubSz));
/* fix call order */
AssertIntEQ(0, wc_SrpSetVerifier(&srp, srp_verifier, sizeof(srp_verifier)));
/* success */
AssertIntEQ(0, wc_SrpSetPrivate(&srp, srp_b, sizeof(srp_b)));
AssertIntEQ(0, wc_SrpGetPublic(&srp, pub, &pubSz));
AssertIntEQ(pubSz, sizeof(srp_B));
AssertIntEQ(0, XMEMCMP(pub, srp_B, pubSz));
wc_SrpTerm(&srp);
}
static void test_SrpComputeKey(void)
{
Srp cli, srv;
byte clientPubKey[64];
byte serverPubKey[64];
word32 clientPubKeySz = 64;
word32 serverPubKeySz = 64;
AssertIntEQ(0, wc_SrpInit(&cli, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
AssertIntEQ(0, wc_SrpInit(&srv, SRP_TYPE_SHA, SRP_SERVER_SIDE));
/* invalid call order */
AssertIntEQ(SRP_CALL_ORDER_E, wc_SrpComputeKey(&cli,
clientPubKey, clientPubKeySz,
serverPubKey, serverPubKeySz));
/* fix call order */
AssertIntEQ(0, wc_SrpSetUsername(&cli, username, usernameSz));
AssertIntEQ(0, wc_SrpSetUsername(&srv, username, usernameSz));
AssertIntEQ(0, wc_SrpSetParams(&cli, srp_N, sizeof(srp_N),
srp_g, sizeof(srp_g),
srp_salt, sizeof(srp_salt)));
AssertIntEQ(0, wc_SrpSetParams(&srv, srp_N, sizeof(srp_N),
srp_g, sizeof(srp_g),
srp_salt, sizeof(srp_salt)));
AssertIntEQ(0, wc_SrpSetPassword(&cli, password, passwordSz));
AssertIntEQ(0, wc_SrpSetVerifier(&srv, srp_verifier, sizeof(srp_verifier)));
AssertIntEQ(0, wc_SrpSetPrivate(&cli, srp_a, sizeof(srp_a)));
AssertIntEQ(0, wc_SrpGetPublic(&cli, clientPubKey, &clientPubKeySz));
AssertIntEQ(0, XMEMCMP(clientPubKey, srp_A, clientPubKeySz));
AssertIntEQ(0, wc_SrpSetPrivate(&srv, srp_b, sizeof(srp_b)));
AssertIntEQ(0, wc_SrpGetPublic(&srv, serverPubKey, &serverPubKeySz));
AssertIntEQ(0, XMEMCMP(serverPubKey, srp_B, serverPubKeySz));
/* invalid params */
AssertIntEQ(BAD_FUNC_ARG, wc_SrpComputeKey(NULL,
clientPubKey, clientPubKeySz,
serverPubKey, serverPubKeySz));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpComputeKey(&cli,
NULL, clientPubKeySz,
serverPubKey, serverPubKeySz));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpComputeKey(&cli,
clientPubKey, 0,
serverPubKey, serverPubKeySz));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpComputeKey(&cli,
clientPubKey, clientPubKeySz,
NULL, serverPubKeySz));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpComputeKey(&cli,
clientPubKey, clientPubKeySz,
serverPubKey, 0));
/* success */
AssertIntEQ(0, wc_SrpComputeKey(&cli, clientPubKey, clientPubKeySz,
serverPubKey, serverPubKeySz));
AssertIntEQ(0, wc_SrpComputeKey(&srv, clientPubKey, clientPubKeySz,
serverPubKey, serverPubKeySz));
AssertIntEQ(0, XMEMCMP(cli.key, srp_key, sizeof(srp_key)));
AssertIntEQ(0, XMEMCMP(srv.key, srp_key, sizeof(srp_key)));
wc_SrpTerm(&cli);
wc_SrpTerm(&srv);
}
static void test_SrpGetProofAndVerify(void)
{
Srp cli, srv;
byte clientPubKey[64];
byte serverPubKey[64];
word32 clientPubKeySz = 64;
word32 serverPubKeySz = 64;
byte clientProof[SRP_MAX_DIGEST_SIZE];
byte serverProof[SRP_MAX_DIGEST_SIZE];
word32 clientProofSz = SRP_MAX_DIGEST_SIZE;
word32 serverProofSz = SRP_MAX_DIGEST_SIZE;
AssertIntEQ(0, wc_SrpInit(&cli, SRP_TYPE_SHA, SRP_CLIENT_SIDE));
AssertIntEQ(0, wc_SrpInit(&srv, SRP_TYPE_SHA, SRP_SERVER_SIDE));
AssertIntEQ(0, wc_SrpSetUsername(&cli, username, usernameSz));
AssertIntEQ(0, wc_SrpSetUsername(&srv, username, usernameSz));
AssertIntEQ(0, wc_SrpSetParams(&cli, srp_N, sizeof(srp_N),
srp_g, sizeof(srp_g),
srp_salt, sizeof(srp_salt)));
AssertIntEQ(0, wc_SrpSetParams(&srv, srp_N, sizeof(srp_N),
srp_g, sizeof(srp_g),
srp_salt, sizeof(srp_salt)));
AssertIntEQ(0, wc_SrpSetPassword(&cli, password, passwordSz));
AssertIntEQ(0, wc_SrpSetVerifier(&srv, srp_verifier, sizeof(srp_verifier)));
AssertIntEQ(0, wc_SrpSetPrivate(&cli, srp_a, sizeof(srp_a)));
AssertIntEQ(0, wc_SrpGetPublic(&cli, clientPubKey, &clientPubKeySz));
AssertIntEQ(0, XMEMCMP(clientPubKey, srp_A, clientPubKeySz));
AssertIntEQ(0, wc_SrpSetPrivate(&srv, srp_b, sizeof(srp_b)));
AssertIntEQ(0, wc_SrpGetPublic(&srv, serverPubKey, &serverPubKeySz));
AssertIntEQ(0, XMEMCMP(serverPubKey, srp_B, serverPubKeySz));
AssertIntEQ(0, wc_SrpComputeKey(&cli, clientPubKey, clientPubKeySz,
serverPubKey, serverPubKeySz));
AssertIntEQ(0, XMEMCMP(cli.key, srp_key, sizeof(srp_key)));
AssertIntEQ(0, wc_SrpComputeKey(&srv, clientPubKey, clientPubKeySz,
serverPubKey, serverPubKeySz));
AssertIntEQ(0, XMEMCMP(srv.key, srp_key, sizeof(srp_key)));
/* invalid params */
serverProofSz = 0;
AssertIntEQ(BAD_FUNC_ARG, wc_SrpGetProof(NULL, clientProof,&clientProofSz));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpGetProof(&cli, NULL, &clientProofSz));
AssertIntEQ(BAD_FUNC_ARG, wc_SrpGetProof(&cli, clientProof,NULL));
AssertIntEQ(BUFFER_E, wc_SrpGetProof(&srv, serverProof,&serverProofSz));
AssertIntEQ(BAD_FUNC_ARG,
wc_SrpVerifyPeersProof(NULL, clientProof, clientProofSz));
AssertIntEQ(BAD_FUNC_ARG,
wc_SrpVerifyPeersProof(&cli, NULL, clientProofSz));
AssertIntEQ(BUFFER_E,
wc_SrpVerifyPeersProof(&srv, serverProof, serverProofSz));
serverProofSz = SRP_MAX_DIGEST_SIZE;
/* success */
AssertIntEQ(0, wc_SrpGetProof(&cli, clientProof, &clientProofSz));
AssertIntEQ(0, XMEMCMP(clientProof, srp_client_proof,
sizeof(srp_client_proof)));
AssertIntEQ(0, wc_SrpVerifyPeersProof(&srv, clientProof, clientProofSz));
AssertIntEQ(0, wc_SrpGetProof(&srv, serverProof, &serverProofSz));
AssertIntEQ(0, XMEMCMP(serverProof, srp_server_proof,
sizeof(srp_server_proof)));
AssertIntEQ(0, wc_SrpVerifyPeersProof(&cli, serverProof, serverProofSz));
wc_SrpTerm(&cli);
wc_SrpTerm(&srv);
}
static int sha512_key_gen(Srp* srp, byte* secret, word32 size)
{
wc_Sha512 hash;
int r;
srp->key = (byte*)XMALLOC(WC_SHA512_DIGEST_SIZE, NULL, DYNAMIC_TYPE_SRP);
if (srp->key == NULL)
return MEMORY_E;
srp->keySz = WC_SHA512_DIGEST_SIZE;
r = wc_InitSha512(&hash);
if (!r) r = wc_Sha512Update(&hash, secret, size);
if (!r) r = wc_Sha512Final(&hash, srp->key);
wc_Sha512Free(&hash);
XMEMSET(&hash, 0, sizeof(wc_Sha512));
return r;
}
static void test_SrpKeyGenFunc_cb(void)
{
Srp cli, srv;
byte clientPubKey[1024];
byte serverPubKey[1024];
word32 clientPubKeySz = 1024;
word32 serverPubKeySz = 1024;
byte clientProof[SRP_MAX_DIGEST_SIZE];
byte serverProof[SRP_MAX_DIGEST_SIZE];
word32 clientProofSz = SRP_MAX_DIGEST_SIZE;
word32 serverProofSz = SRP_MAX_DIGEST_SIZE;
byte username_[] = "alice";
word32 usernameSz_ = 5;
byte password_[] = "password123";
word32 passwordSz_ = 11;
#if !defined(FP_MAX_BITS) || FP_MAX_BITS > 3072 * 2
byte N_[] = {
0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2,
0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6,
0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D,
0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9,
0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11,
0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D,
0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36,
0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F,
0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56,
0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D,
0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08,
0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B,
0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2,
0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9,
0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, 0x95, 0x49, 0x7C,
0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10,
0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D,
0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64,
0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A, 0xEA, 0x71, 0x57,
0x5D, 0x06, 0x0C, 0x7D, 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7,
0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0,
0x4A, 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B,
0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, 0x02, 0x73,
0x3E, 0xC8, 0x6A, 0x64, 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C,
0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, 0x77, 0x09, 0x88, 0xC0,
0xBA, 0xD9, 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31,
0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1, 0x20,
0xA9, 0x3A, 0xD2, 0xCA, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
};
byte g_[] = {
0x05
};
byte salt_[] = {
0xBE, 0xB2, 0x53, 0x79, 0xD1, 0xA8, 0x58, 0x1E, 0xB5, 0xA7, 0x27, 0x67,
0x3A, 0x24, 0x41, 0xEE
};
byte verifier_[] = {
0x9B, 0x5E, 0x06, 0x17, 0x01, 0xEA, 0x7A, 0xEB, 0x39, 0xCF, 0x6E, 0x35,
0x19, 0x65, 0x5A, 0x85, 0x3C, 0xF9, 0x4C, 0x75, 0xCA, 0xF2, 0x55, 0x5E,
0xF1, 0xFA, 0xF7, 0x59, 0xBB, 0x79, 0xCB, 0x47, 0x70, 0x14, 0xE0, 0x4A,
0x88, 0xD6, 0x8F, 0xFC, 0x05, 0x32, 0x38, 0x91, 0xD4, 0xC2, 0x05, 0xB8,
0xDE, 0x81, 0xC2, 0xF2, 0x03, 0xD8, 0xFA, 0xD1, 0xB2, 0x4D, 0x2C, 0x10,
0x97, 0x37, 0xF1, 0xBE, 0xBB, 0xD7, 0x1F, 0x91, 0x24, 0x47, 0xC4, 0xA0,
0x3C, 0x26, 0xB9, 0xFA, 0xD8, 0xED, 0xB3, 0xE7, 0x80, 0x77, 0x8E, 0x30,
0x25, 0x29, 0xED, 0x1E, 0xE1, 0x38, 0xCC, 0xFC, 0x36, 0xD4, 0xBA, 0x31,
0x3C, 0xC4, 0x8B, 0x14, 0xEA, 0x8C, 0x22, 0xA0, 0x18, 0x6B, 0x22, 0x2E,
0x65, 0x5F, 0x2D, 0xF5, 0x60, 0x3F, 0xD7, 0x5D, 0xF7, 0x6B, 0x3B, 0x08,
0xFF, 0x89, 0x50, 0x06, 0x9A, 0xDD, 0x03, 0xA7, 0x54, 0xEE, 0x4A, 0xE8,
0x85, 0x87, 0xCC, 0xE1, 0xBF, 0xDE, 0x36, 0x79, 0x4D, 0xBA, 0xE4, 0x59,
0x2B, 0x7B, 0x90, 0x4F, 0x44, 0x2B, 0x04, 0x1C, 0xB1, 0x7A, 0xEB, 0xAD,
0x1E, 0x3A, 0xEB, 0xE3, 0xCB, 0xE9, 0x9D, 0xE6, 0x5F, 0x4B, 0xB1, 0xFA,
0x00, 0xB0, 0xE7, 0xAF, 0x06, 0x86, 0x3D, 0xB5, 0x3B, 0x02, 0x25, 0x4E,
0xC6, 0x6E, 0x78, 0x1E, 0x3B, 0x62, 0xA8, 0x21, 0x2C, 0x86, 0xBE, 0xB0,
0xD5, 0x0B, 0x5B, 0xA6, 0xD0, 0xB4, 0x78, 0xD8, 0xC4, 0xE9, 0xBB, 0xCE,
0xC2, 0x17, 0x65, 0x32, 0x6F, 0xBD, 0x14, 0x05, 0x8D, 0x2B, 0xBD, 0xE2,
0xC3, 0x30, 0x45, 0xF0, 0x38, 0x73, 0xE5, 0x39, 0x48, 0xD7, 0x8B, 0x79,
0x4F, 0x07, 0x90, 0xE4, 0x8C, 0x36, 0xAE, 0xD6, 0xE8, 0x80, 0xF5, 0x57,
0x42, 0x7B, 0x2F, 0xC0, 0x6D, 0xB5, 0xE1, 0xE2, 0xE1, 0xD7, 0xE6, 0x61,
0xAC, 0x48, 0x2D, 0x18, 0xE5, 0x28, 0xD7, 0x29, 0x5E, 0xF7, 0x43, 0x72,
0x95, 0xFF, 0x1A, 0x72, 0xD4, 0x02, 0x77, 0x17, 0x13, 0xF1, 0x68, 0x76,
0xDD, 0x05, 0x0A, 0xE5, 0xB7, 0xAD, 0x53, 0xCC, 0xB9, 0x08, 0x55, 0xC9,
0x39, 0x56, 0x64, 0x83, 0x58, 0xAD, 0xFD, 0x96, 0x64, 0x22, 0xF5, 0x24,
0x98, 0x73, 0x2D, 0x68, 0xD1, 0xD7, 0xFB, 0xEF, 0x10, 0xD7, 0x80, 0x34,
0xAB, 0x8D, 0xCB, 0x6F, 0x0F, 0xCF, 0x88, 0x5C, 0xC2, 0xB2, 0xEA, 0x2C,
0x3E, 0x6A, 0xC8, 0x66, 0x09, 0xEA, 0x05, 0x8A, 0x9D, 0xA8, 0xCC, 0x63,
0x53, 0x1D, 0xC9, 0x15, 0x41, 0x4D, 0xF5, 0x68, 0xB0, 0x94, 0x82, 0xDD,
0xAC, 0x19, 0x54, 0xDE, 0xC7, 0xEB, 0x71, 0x4F, 0x6F, 0xF7, 0xD4, 0x4C,
0xD5, 0xB8, 0x6F, 0x6B, 0xD1, 0x15, 0x81, 0x09, 0x30, 0x63, 0x7C, 0x01,
0xD0, 0xF6, 0x01, 0x3B, 0xC9, 0x74, 0x0F, 0xA2, 0xC6, 0x33, 0xBA, 0x89
};
byte a_[] = {
0x60, 0x97, 0x55, 0x27, 0x03, 0x5C, 0xF2, 0xAD, 0x19, 0x89, 0x80, 0x6F,
0x04, 0x07, 0x21, 0x0B, 0xC8, 0x1E, 0xDC, 0x04, 0xE2, 0x76, 0x2A, 0x56,
0xAF, 0xD5, 0x29, 0xDD, 0xDA, 0x2D, 0x43, 0x93
};
byte A_[] = {
0xFA, 0xB6, 0xF5, 0xD2, 0x61, 0x5D, 0x1E, 0x32, 0x35, 0x12, 0xE7, 0x99,
0x1C, 0xC3, 0x74, 0x43, 0xF4, 0x87, 0xDA, 0x60, 0x4C, 0xA8, 0xC9, 0x23,
0x0F, 0xCB, 0x04, 0xE5, 0x41, 0xDC, 0xE6, 0x28, 0x0B, 0x27, 0xCA, 0x46,
0x80, 0xB0, 0x37, 0x4F, 0x17, 0x9D, 0xC3, 0xBD, 0xC7, 0x55, 0x3F, 0xE6,
0x24, 0x59, 0x79, 0x8C, 0x70, 0x1A, 0xD8, 0x64, 0xA9, 0x13, 0x90, 0xA2,
0x8C, 0x93, 0xB6, 0x44, 0xAD, 0xBF, 0x9C, 0x00, 0x74, 0x5B, 0x94, 0x2B,
0x79, 0xF9, 0x01, 0x2A, 0x21, 0xB9, 0xB7, 0x87, 0x82, 0x31, 0x9D, 0x83,
0xA1, 0xF8, 0x36, 0x28, 0x66, 0xFB, 0xD6, 0xF4, 0x6B, 0xFC, 0x0D, 0xDB,
0x2E, 0x1A, 0xB6, 0xE4, 0xB4, 0x5A, 0x99, 0x06, 0xB8, 0x2E, 0x37, 0xF0,
0x5D, 0x6F, 0x97, 0xF6, 0xA3, 0xEB, 0x6E, 0x18, 0x20, 0x79, 0x75, 0x9C,
0x4F, 0x68, 0x47, 0x83, 0x7B, 0x62, 0x32, 0x1A, 0xC1, 0xB4, 0xFA, 0x68,
0x64, 0x1F, 0xCB, 0x4B, 0xB9, 0x8D, 0xD6, 0x97, 0xA0, 0xC7, 0x36, 0x41,
0x38, 0x5F, 0x4B, 0xAB, 0x25, 0xB7, 0x93, 0x58, 0x4C, 0xC3, 0x9F, 0xC8,
0xD4, 0x8D, 0x4B, 0xD8, 0x67, 0xA9, 0xA3, 0xC1, 0x0F, 0x8E, 0xA1, 0x21,
0x70, 0x26, 0x8E, 0x34, 0xFE, 0x3B, 0xBE, 0x6F, 0xF8, 0x99, 0x98, 0xD6,
0x0D, 0xA2, 0xF3, 0xE4, 0x28, 0x3C, 0xBE, 0xC1, 0x39, 0x3D, 0x52, 0xAF,
0x72, 0x4A, 0x57, 0x23, 0x0C, 0x60, 0x4E, 0x9F, 0xBC, 0xE5, 0x83, 0xD7,
0x61, 0x3E, 0x6B, 0xFF, 0xD6, 0x75, 0x96, 0xAD, 0x12, 0x1A, 0x87, 0x07,
0xEE, 0xC4, 0x69, 0x44, 0x95, 0x70, 0x33, 0x68, 0x6A, 0x15, 0x5F, 0x64,
0x4D, 0x5C, 0x58, 0x63, 0xB4, 0x8F, 0x61, 0xBD, 0xBF, 0x19, 0xA5, 0x3E,
0xAB, 0x6D, 0xAD, 0x0A, 0x18, 0x6B, 0x8C, 0x15, 0x2E, 0x5F, 0x5D, 0x8C,
0xAD, 0x4B, 0x0E, 0xF8, 0xAA, 0x4E, 0xA5, 0x00, 0x88, 0x34, 0xC3, 0xCD,
0x34, 0x2E, 0x5E, 0x0F, 0x16, 0x7A, 0xD0, 0x45, 0x92, 0xCD, 0x8B, 0xD2,
0x79, 0x63, 0x93, 0x98, 0xEF, 0x9E, 0x11, 0x4D, 0xFA, 0xAA, 0xB9, 0x19,
0xE1, 0x4E, 0x85, 0x09, 0x89, 0x22, 0x4D, 0xDD, 0x98, 0x57, 0x6D, 0x79,
0x38, 0x5D, 0x22, 0x10, 0x90, 0x2E, 0x9F, 0x9B, 0x1F, 0x2D, 0x86, 0xCF,
0xA4, 0x7E, 0xE2, 0x44, 0x63, 0x54, 0x65, 0xF7, 0x10, 0x58, 0x42, 0x1A,
0x01, 0x84, 0xBE, 0x51, 0xDD, 0x10, 0xCC, 0x9D, 0x07, 0x9E, 0x6F, 0x16,
0x04, 0xE7, 0xAA, 0x9B, 0x7C, 0xF7, 0x88, 0x3C, 0x7D, 0x4C, 0xE1, 0x2B,
0x06, 0xEB, 0xE1, 0x60, 0x81, 0xE2, 0x3F, 0x27, 0xA2, 0x31, 0xD1, 0x84,
0x32, 0xD7, 0xD1, 0xBB, 0x55, 0xC2, 0x8A, 0xE2, 0x1F, 0xFC, 0xF0, 0x05,
0xF5, 0x75, 0x28, 0xD1, 0x5A, 0x88, 0x88, 0x1B, 0xB3, 0xBB, 0xB7, 0xFE
};
byte b_[] = {
0xE4, 0x87, 0xCB, 0x59, 0xD3, 0x1A, 0xC5, 0x50, 0x47, 0x1E, 0x81, 0xF0,
0x0F, 0x69, 0x28, 0xE0, 0x1D, 0xDA, 0x08, 0xE9, 0x74, 0xA0, 0x04, 0xF4,
0x9E, 0x61, 0xF5, 0xD1, 0x05, 0x28, 0x4D, 0x20
};
byte B_[] = {
0x40, 0xF5, 0x70, 0x88, 0xA4, 0x82, 0xD4, 0xC7, 0x73, 0x33, 0x84, 0xFE,
0x0D, 0x30, 0x1F, 0xDD, 0xCA, 0x90, 0x80, 0xAD, 0x7D, 0x4F, 0x6F, 0xDF,
0x09, 0xA0, 0x10, 0x06, 0xC3, 0xCB, 0x6D, 0x56, 0x2E, 0x41, 0x63, 0x9A,
0xE8, 0xFA, 0x21, 0xDE, 0x3B, 0x5D, 0xBA, 0x75, 0x85, 0xB2, 0x75, 0x58,
0x9B, 0xDB, 0x27, 0x98, 0x63, 0xC5, 0x62, 0x80, 0x7B, 0x2B, 0x99, 0x08,
0x3C, 0xD1, 0x42, 0x9C, 0xDB, 0xE8, 0x9E, 0x25, 0xBF, 0xBD, 0x7E, 0x3C,
0xAD, 0x31, 0x73, 0xB2, 0xE3, 0xC5, 0xA0, 0xB1, 0x74, 0xDA, 0x6D, 0x53,
0x91, 0xE6, 0xA0, 0x6E, 0x46, 0x5F, 0x03, 0x7A, 0x40, 0x06, 0x25, 0x48,
0x39, 0xA5, 0x6B, 0xF7, 0x6D, 0xA8, 0x4B, 0x1C, 0x94, 0xE0, 0xAE, 0x20,
0x85, 0x76, 0x15, 0x6F, 0xE5, 0xC1, 0x40, 0xA4, 0xBA, 0x4F, 0xFC, 0x9E,
0x38, 0xC3, 0xB0, 0x7B, 0x88, 0x84, 0x5F, 0xC6, 0xF7, 0xDD, 0xDA, 0x93,
0x38, 0x1F, 0xE0, 0xCA, 0x60, 0x84, 0xC4, 0xCD, 0x2D, 0x33, 0x6E, 0x54,
0x51, 0xC4, 0x64, 0xCC, 0xB6, 0xEC, 0x65, 0xE7, 0xD1, 0x6E, 0x54, 0x8A,
0x27, 0x3E, 0x82, 0x62, 0x84, 0xAF, 0x25, 0x59, 0xB6, 0x26, 0x42, 0x74,
0x21, 0x59, 0x60, 0xFF, 0xF4, 0x7B, 0xDD, 0x63, 0xD3, 0xAF, 0xF0, 0x64,
0xD6, 0x13, 0x7A, 0xF7, 0x69, 0x66, 0x1C, 0x9D, 0x4F, 0xEE, 0x47, 0x38,
0x26, 0x03, 0xC8, 0x8E, 0xAA, 0x09, 0x80, 0x58, 0x1D, 0x07, 0x75, 0x84,
0x61, 0xB7, 0x77, 0xE4, 0x35, 0x6D, 0xDA, 0x58, 0x35, 0x19, 0x8B, 0x51,
0xFE, 0xEA, 0x30, 0x8D, 0x70, 0xF7, 0x54, 0x50, 0xB7, 0x16, 0x75, 0xC0,
0x8C, 0x7D, 0x83, 0x02, 0xFD, 0x75, 0x39, 0xDD, 0x1F, 0xF2, 0xA1, 0x1C,
0xB4, 0x25, 0x8A, 0xA7, 0x0D, 0x23, 0x44, 0x36, 0xAA, 0x42, 0xB6, 0xA0,
0x61, 0x5F, 0x3F, 0x91, 0x5D, 0x55, 0xCC, 0x3B, 0x96, 0x6B, 0x27, 0x16,
0xB3, 0x6E, 0x4D, 0x1A, 0x06, 0xCE, 0x5E, 0x5D, 0x2E, 0xA3, 0xBE, 0xE5,
0xA1, 0x27, 0x0E, 0x87, 0x51, 0xDA, 0x45, 0xB6, 0x0B, 0x99, 0x7B, 0x0F,
0xFD, 0xB0, 0xF9, 0x96, 0x2F, 0xEE, 0x4F, 0x03, 0xBE, 0xE7, 0x80, 0xBA,
0x0A, 0x84, 0x5B, 0x1D, 0x92, 0x71, 0x42, 0x17, 0x83, 0xAE, 0x66, 0x01,
0xA6, 0x1E, 0xA2, 0xE3, 0x42, 0xE4, 0xF2, 0xE8, 0xBC, 0x93, 0x5A, 0x40,
0x9E, 0xAD, 0x19, 0xF2, 0x21, 0xBD, 0x1B, 0x74, 0xE2, 0x96, 0x4D, 0xD1,
0x9F, 0xC8, 0x45, 0xF6, 0x0E, 0xFC, 0x09, 0x33, 0x8B, 0x60, 0xB6, 0xB2,
0x56, 0xD8, 0xCA, 0xC8, 0x89, 0xCC, 0xA3, 0x06, 0xCC, 0x37, 0x0A, 0x0B,
0x18, 0xC8, 0xB8, 0x86, 0xE9, 0x5D, 0xA0, 0xAF, 0x52, 0x35, 0xFE, 0xF4,
0x39, 0x30, 0x20, 0xD2, 0xB7, 0xF3, 0x05, 0x69, 0x04, 0x75, 0x90, 0x42
};
byte key_[] = {
0x5C, 0xBC, 0x21, 0x9D, 0xB0, 0x52, 0x13, 0x8E, 0xE1, 0x14, 0x8C, 0x71,
0xCD, 0x44, 0x98, 0x96, 0x3D, 0x68, 0x25, 0x49, 0xCE, 0x91, 0xCA, 0x24,
0xF0, 0x98, 0x46, 0x8F, 0x06, 0x01, 0x5B, 0xEB, 0x6A, 0xF2, 0x45, 0xC2,
0x09, 0x3F, 0x98, 0xC3, 0x65, 0x1B, 0xCA, 0x83, 0xAB, 0x8C, 0xAB, 0x2B,
0x58, 0x0B, 0xBF, 0x02, 0x18, 0x4F, 0xEF, 0xDF, 0x26, 0x14, 0x2F, 0x73,
0xDF, 0x95, 0xAC, 0x50
};
#else
byte N_[] = {
0xAC, 0x6B, 0xDB, 0x41, 0x32, 0x4A, 0x9A, 0x9B, 0xF1, 0x66, 0xDE, 0x5E,
0x13, 0x89, 0x58, 0x2F, 0xAF, 0x72, 0xB6, 0x65, 0x19, 0x87, 0xEE, 0x07,
0xFC, 0x31, 0x92, 0x94, 0x3D, 0xB5, 0x60, 0x50, 0xA3, 0x73, 0x29, 0xCB,
0xB4, 0xA0, 0x99, 0xED, 0x81, 0x93, 0xE0, 0x75, 0x77, 0x67, 0xA1, 0x3D,
0xD5, 0x23, 0x12, 0xAB, 0x4B, 0x03, 0x31, 0x0D, 0xCD, 0x7F, 0x48, 0xA9,
0xDA, 0x04, 0xFD, 0x50, 0xE8, 0x08, 0x39, 0x69, 0xED, 0xB7, 0x67, 0xB0,
0xCF, 0x60, 0x95, 0x17, 0x9A, 0x16, 0x3A, 0xB3, 0x66, 0x1A, 0x05, 0xFB,
0xD5, 0xFA, 0xAA, 0xE8, 0x29, 0x18, 0xA9, 0x96, 0x2F, 0x0B, 0x93, 0xB8,
0x55, 0xF9, 0x79, 0x93, 0xEC, 0x97, 0x5E, 0xEA, 0xA8, 0x0D, 0x74, 0x0A,
0xDB, 0xF4, 0xFF, 0x74, 0x73, 0x59, 0xD0, 0x41, 0xD5, 0xC3, 0x3E, 0xA7,
0x1D, 0x28, 0x1E, 0x44, 0x6B, 0x14, 0x77, 0x3B, 0xCA, 0x97, 0xB4, 0x3A,
0x23, 0xFB, 0x80, 0x16, 0x76, 0xBD, 0x20, 0x7A, 0x43, 0x6C, 0x64, 0x81,
0xF1, 0xD2, 0xB9, 0x07, 0x87, 0x17, 0x46, 0x1A, 0x5B, 0x9D, 0x32, 0xE6,
0x88, 0xF8, 0x77, 0x48, 0x54, 0x45, 0x23, 0xB5, 0x24, 0xB0, 0xD5, 0x7D,
0x5E, 0xA7, 0x7A, 0x27, 0x75, 0xD2, 0xEC, 0xFA, 0x03, 0x2C, 0xFB, 0xDB,
0xF5, 0x2F, 0xB3, 0x78, 0x61, 0x60, 0x27, 0x90, 0x04, 0xE5, 0x7A, 0xE6,
0xAF, 0x87, 0x4E, 0x73, 0x03, 0xCE, 0x53, 0x29, 0x9C, 0xCC, 0x04, 0x1C,
0x7B, 0xC3, 0x08, 0xD8, 0x2A, 0x56, 0x98, 0xF3, 0xA8, 0xD0, 0xC3, 0x82,
0x71, 0xAE, 0x35, 0xF8, 0xE9, 0xDB, 0xFB, 0xB6, 0x94, 0xB5, 0xC8, 0x03,
0xD8, 0x9F, 0x7A, 0xE4, 0x35, 0xDE, 0x23, 0x6D, 0x52, 0x5F, 0x54, 0x75,
0x9B, 0x65, 0xE3, 0x72, 0xFC, 0xD6, 0x8E, 0xF2, 0x0F, 0xA7, 0x11, 0x1F,
0x9E, 0x4A, 0xFF, 0x73
};
byte g_[] = {
0x02
};
byte salt_[] = {
0xBE, 0xB2, 0x53, 0x79, 0xD1, 0xA8, 0x58, 0x1E, 0xB5, 0xA7, 0x27, 0x67,
0x3A, 0x24, 0x41, 0xEE
};
byte verifier_[] = {
0xab, 0x58, 0xc3, 0x49, 0x79, 0xda, 0x9c, 0x1c, 0x0c, 0x5f, 0x6a, 0xe8,
0xa1, 0xc4, 0x20, 0x78, 0x16, 0xe0, 0x29, 0x6f, 0xdc, 0x09, 0x62, 0xe7,
0x5d, 0x49, 0x09, 0xd2, 0xd3, 0x48, 0x0b, 0x03, 0xbb, 0xf4, 0x96, 0x58,
0x93, 0xa5, 0x69, 0xd4, 0x89, 0x10, 0x7f, 0xe2, 0x23, 0x73, 0xf2, 0x8c,
0xc6, 0x5b, 0x52, 0x5d, 0x2a, 0x2b, 0xa5, 0x23, 0x27, 0xa6, 0x5c, 0xf7,
0x8d, 0x65, 0x1f, 0xcf, 0x5e, 0x18, 0x70, 0xb7, 0xfd, 0x08, 0x4e, 0xa8,
0x42, 0xbe, 0x5f, 0x73, 0xf4, 0x8b, 0xa0, 0x4a, 0xf6, 0xfa, 0x85, 0xd2,
0xd7, 0xf6, 0x4f, 0xc0, 0xc5, 0xba, 0x42, 0x32, 0xc5, 0xbb, 0x57, 0xb2,
0x60, 0xdb, 0xc4, 0x27, 0x28, 0x4a, 0x7c, 0xdc, 0x5f, 0x64, 0x8a, 0xc2,
0x51, 0x47, 0x96, 0xd9, 0x9f, 0xd7, 0x64, 0x29, 0x30, 0xe3, 0x64, 0xfa,
0xd2, 0x42, 0xfa, 0x8b, 0xc9, 0xa0, 0x78, 0xc5, 0xcf, 0x3b, 0x1b, 0x60,
0x2a, 0xcd, 0x35, 0x8b, 0xfd, 0xbd, 0x62, 0xd6, 0x3b, 0x22, 0x29, 0x1d,
0xb0, 0xeb, 0xaa, 0x00, 0xdf, 0x99, 0x1f, 0x82, 0xef, 0x9d, 0x1a, 0xad,
0xe2, 0x4d, 0xa1, 0xca, 0xb2, 0x8f, 0x1d, 0xed, 0x5e, 0xc2, 0xbc, 0x48,
0xae, 0xe8, 0x5f, 0x52, 0xad, 0xb3, 0xcb, 0xa5, 0x4e, 0xff, 0x52, 0x8c,
0x9b, 0x11, 0x58, 0xe2, 0xd9, 0x94, 0xcd, 0x6c, 0x66, 0x87, 0xf8, 0xc1,
0x3c, 0x94, 0x87, 0xce, 0x2c, 0x4a, 0x05, 0x66, 0xc3, 0x20, 0x62, 0x67,
0x79, 0xc0, 0x33, 0xf1, 0x6e, 0x3f, 0xee, 0xc8, 0xbe, 0x8e, 0x56, 0xc6,
0x98, 0x72, 0x0e, 0x37, 0x4b, 0x89, 0x4c, 0xba, 0xd9, 0x45, 0xf4, 0x9e,
0x78, 0x7a, 0x6e, 0x1e, 0xdf, 0xff, 0x23, 0xcf, 0xef, 0xdc, 0x7d, 0x1c,
0xf1, 0x96, 0x70, 0x2a, 0xa8, 0x6c, 0x20, 0xde, 0xce, 0x6e, 0x3e, 0x89,
0x11, 0x44, 0x2b, 0x02
};
byte a_[] = {
0x60, 0x97, 0x55, 0x27, 0x03, 0x5C, 0xF2, 0xAD, 0x19, 0x89, 0x80, 0x6F,
0x04, 0x07, 0x21, 0x0B, 0xC8, 0x1E, 0xDC, 0x04, 0xE2, 0x76, 0x2A, 0x56,
0xAF, 0xD5, 0x29, 0xDD, 0xDA, 0x2D, 0x43, 0x93
};
byte A_[] = {
0x4b, 0x70, 0x0f, 0x8d, 0x48, 0xe6, 0x9c, 0x9a, 0xae, 0x40, 0xc6, 0x84,
0xac, 0x7c, 0x7c, 0x03, 0x12, 0x1e, 0x2b, 0x76, 0x02, 0xeb, 0x4c, 0x35,
0x14, 0x80, 0x4c, 0xca, 0xda, 0x0e, 0xd4, 0x01, 0x91, 0x93, 0xa3, 0x51,
0xec, 0xc6, 0x5a, 0x6f, 0x85, 0x4e, 0xde, 0x91, 0xeb, 0x09, 0x6e, 0x72,
0x1b, 0x22, 0xd7, 0x01, 0xc7, 0xad, 0xc6, 0x4e, 0x9c, 0xed, 0xac, 0xd7,
0x5f, 0x2e, 0x26, 0xbb, 0x2f, 0x5e, 0x45, 0xdd, 0x53, 0xdc, 0x8d, 0xbe,
0xaf, 0xff, 0xe8, 0x2a, 0xa4, 0x9f, 0xca, 0x05, 0x73, 0x44, 0x46, 0x91,
0x21, 0x25, 0x37, 0xa7, 0x3c, 0xf8, 0x0e, 0x25, 0x03, 0x92, 0x58, 0x20,
0x5a, 0x7e, 0xdf, 0x47, 0x49, 0xb3, 0x0a, 0xda, 0xf2, 0x58, 0x77, 0xc6,
0x2f, 0xcd, 0x09, 0xd6, 0x61, 0x35, 0x98, 0xbc, 0xd4, 0xba, 0xf2, 0xa9,
0x72, 0x7a, 0x53, 0x70, 0x6a, 0x27, 0x81, 0x48, 0x99, 0x2b, 0x2a, 0xbb,
0x23, 0xad, 0x5d, 0x51, 0x2d, 0x26, 0x9e, 0x16, 0xca, 0x11, 0xbc, 0x08,
0x95, 0xb5, 0xa3, 0xb5, 0xec, 0x47, 0x21, 0xcd, 0xe4, 0x0a, 0x8c, 0x39,
0xc7, 0x96, 0xe9, 0x4f, 0x0b, 0xe8, 0x6d, 0xbb, 0xeb, 0x33, 0xda, 0x70,
0x37, 0x01, 0x89, 0x83, 0x92, 0x1a, 0xba, 0x3f, 0x50, 0x53, 0x19, 0x5d,
0x5a, 0xc1, 0xda, 0x4e, 0x56, 0x7e, 0x3c, 0x0e, 0x75, 0xd9, 0xe0, 0x60,
0x9f, 0x92, 0xe8, 0x50, 0x65, 0x7b, 0x2b, 0xe4, 0x77, 0x1f, 0x41, 0x5b,
0x9c, 0xac, 0xc5, 0xc1, 0xec, 0xed, 0xc3, 0x01, 0x33, 0xbf, 0x64, 0x74,
0xf5, 0x02, 0x2c, 0x65, 0x19, 0xd7, 0x80, 0x76, 0x0c, 0xa4, 0xd8, 0xd3,
0xb9, 0x66, 0xb0, 0x34, 0xbd, 0x73, 0x87, 0x7c, 0x1b, 0x3b, 0x33, 0xf4,
0x74, 0xb9, 0xc3, 0xc5, 0x29, 0x9a, 0x19, 0x68, 0xf3, 0xe6, 0xcd, 0x3b,
0xfe, 0x84, 0x44, 0x5a
};
byte b_[] = {
0xE4, 0x87, 0xCB, 0x59, 0xD3, 0x1A, 0xC5, 0x50, 0x47, 0x1E, 0x81, 0xF0,
0x0F, 0x69, 0x28, 0xE0, 0x1D, 0xDA, 0x08, 0xE9, 0x74, 0xA0, 0x04, 0xF4,
0x9E, 0x61, 0xF5, 0xD1, 0x05, 0x28, 0x4D, 0x20
};
byte B_[] = {
0x03, 0xaf, 0xa6, 0xe2, 0x14, 0xf3, 0x63, 0x35, 0xf5, 0x51, 0x1d, 0xae,
0x57, 0x34, 0x24, 0xf4, 0xc2, 0x18, 0xaf, 0x11, 0xf8, 0xef, 0xc7, 0x14,
0x44, 0xa6, 0x52, 0x19, 0x7b, 0xae, 0x65, 0xe9, 0x86, 0x5f, 0x45, 0x33,
0xae, 0xeb, 0x71, 0xd3, 0xfe, 0xa9, 0x7d, 0x26, 0xe0, 0xc9, 0xc7, 0xf2,
0x2e, 0x4f, 0x95, 0xea, 0xb0, 0x83, 0x1d, 0xad, 0x77, 0xca, 0x32, 0x82,
0x01, 0x21, 0x00, 0xc5, 0x47, 0x52, 0x67, 0xf1, 0x1b, 0x5c, 0x64, 0xd3,
0xae, 0x61, 0x1a, 0x7d, 0x76, 0x0e, 0x7d, 0x23, 0x1e, 0x9c, 0xa0, 0x02,
0x7c, 0x44, 0xa8, 0x6f, 0xf9, 0x27, 0x52, 0xd0, 0xa9, 0xc7, 0xd4, 0xbb,
0x31, 0x69, 0x39, 0xfc, 0xb7, 0xa7, 0xcd, 0x86, 0xa1, 0x55, 0x71, 0x8a,
0xb7, 0x48, 0x02, 0x73, 0x16, 0xf5, 0x9d, 0x83, 0x2f, 0xa8, 0x7e, 0x08,
0x2f, 0x2d, 0xc4, 0xc3, 0xae, 0x6c, 0x65, 0x72, 0x42, 0xc1, 0x74, 0xd9,
0x95, 0xd0, 0x10, 0xa1, 0x25, 0x9c, 0x5a, 0xf9, 0xa5, 0x08, 0x0d, 0xa2,
0xed, 0x3a, 0xf1, 0xf7, 0x69, 0xc6, 0x29, 0xf4, 0x47, 0x43, 0x40, 0x7e,
0x6d, 0x8b, 0xff, 0xae, 0x04, 0xf0, 0x09, 0x1d, 0x5f, 0x64, 0xd4, 0x7c,
0xb8, 0x47, 0xf3, 0x84, 0xf2, 0x0f, 0x4a, 0x16, 0x32, 0xd1, 0xaf, 0x80,
0x5a, 0xd6, 0x0b, 0xd8, 0xc5, 0xa4, 0x07, 0x0e, 0xbe, 0x52, 0x35, 0x99,
0x9a, 0xa1, 0x4f, 0x44, 0x5d, 0xb7, 0x4d, 0x5d, 0xb1, 0xe2, 0xf9, 0x84,
0x33, 0x6c, 0x51, 0xd6, 0xff, 0x27, 0x64, 0x86, 0x45, 0x56, 0xab, 0x73,
0x1e, 0xb0, 0x21, 0x6e, 0x65, 0x19, 0x21, 0xf9, 0x97, 0x09, 0xb3, 0xec,
0x32, 0x38, 0x79, 0x28, 0xe2, 0xd2, 0x03, 0x3a, 0x8d, 0xed, 0x8b, 0x34,
0xa7, 0xf8, 0x0e, 0x26, 0x5b, 0x60, 0x20, 0x76, 0x43, 0x67, 0xe9, 0xea,
0x3b, 0x0b, 0xbf, 0x25
};
byte key_[] = {
0x25, 0x9f, 0xb6, 0xab, 0x17, 0xc4, 0xd8, 0x08, 0x07, 0x57, 0xa4, 0x90,
0x57, 0x5a, 0x31, 0xff, 0x15, 0x98, 0xb4, 0x2e, 0x86, 0x4e, 0x7a, 0xcd,
0xe3, 0x02, 0x58, 0x6f, 0xa8, 0x4b, 0x5c, 0xab, 0xcc, 0x91, 0xad, 0x8a,
0xbd, 0xbe, 0x49, 0x51, 0x75, 0xed, 0x2d, 0xe9, 0x15, 0x8c, 0xfe, 0x19,
0x68, 0x4a, 0xbf, 0x74, 0xf6, 0xe2, 0x60, 0xa7, 0xad, 0x89, 0x92, 0xdf,
0x9d, 0x6d, 0x66, 0x4c
};
#endif
AssertIntEQ(0, wc_SrpInit(&cli, SRP_TYPE_SHA512, SRP_CLIENT_SIDE));
AssertIntEQ(0, wc_SrpInit(&srv, SRP_TYPE_SHA512, SRP_SERVER_SIDE));
AssertIntEQ(0, wc_SrpSetUsername(&cli, username_, usernameSz_));
AssertIntEQ(0, wc_SrpSetUsername(&srv, username_, usernameSz_));
AssertIntEQ(0, wc_SrpSetParams(&cli, N_, sizeof(N_),
g_, sizeof(g_),
salt_, sizeof(salt_)));
AssertIntEQ(0, wc_SrpSetParams(&srv, N_, sizeof(N_),
g_, sizeof(g_),
salt_, sizeof(salt_)));
AssertIntEQ(0, wc_SrpSetPassword(&cli, password_, passwordSz_));
AssertIntEQ(0, wc_SrpSetVerifier(&srv, verifier_, sizeof(verifier_)));
AssertIntEQ(0, wc_SrpSetPrivate(&cli, a_, sizeof(a_)));
AssertIntEQ(0, wc_SrpGetPublic(&cli, clientPubKey, &clientPubKeySz));
AssertIntEQ(0, XMEMCMP(clientPubKey, A_, clientPubKeySz));
AssertIntEQ(0, wc_SrpSetPrivate(&srv, b_, sizeof(b_)));
AssertIntEQ(0, wc_SrpGetPublic(&srv, serverPubKey, &serverPubKeySz));
AssertIntEQ(0, XMEMCMP(serverPubKey, B_, serverPubKeySz));
cli.keyGenFunc_cb = sha512_key_gen;
AssertIntEQ(0, wc_SrpComputeKey(&cli, clientPubKey, clientPubKeySz,
serverPubKey, serverPubKeySz));
AssertIntEQ(0, XMEMCMP(cli.key, key_, sizeof(key_)));
srv.keyGenFunc_cb = sha512_key_gen;
AssertIntEQ(0, wc_SrpComputeKey(&srv, clientPubKey, clientPubKeySz,
serverPubKey, serverPubKeySz));
AssertIntEQ(0, XMEMCMP(srv.key, key_, sizeof(key_)));
AssertIntEQ(0, wc_SrpGetProof(&cli, clientProof, &clientProofSz));
AssertIntEQ(0, wc_SrpVerifyPeersProof(&srv, clientProof, clientProofSz));
AssertIntEQ(0, wc_SrpGetProof(&srv, serverProof, &serverProofSz));
AssertIntEQ(0, wc_SrpVerifyPeersProof(&cli, serverProof, serverProofSz));
wc_SrpTerm(&cli);
wc_SrpTerm(&srv);
}
#endif
void SrpTest(void)
{
#if defined(WOLFCRYPT_HAVE_SRP) && defined(WOLFSSL_SHA512)
wolfCrypt_Init();
test_SrpInit();
test_SrpSetUsername();
test_SrpSetParams();
test_SrpSetPassword();
test_SrpGetPublic();
test_SrpComputeKey();
test_SrpGetProofAndVerify();
test_SrpKeyGenFunc_cb();
wolfCrypt_Cleanup();
#endif
}

1417
android/extern/wolfssl/tests/suites.c vendored Normal file
View File

File diff suppressed because it is too large Load Diff

418
android/extern/wolfssl/tests/test-altchains.conf vendored Normal file
View File

@@ -0,0 +1,418 @@
# Tests using a longer certificate chain (with intermediate CA's)
# The tests with chains have the CRL checking disabled
# CRL's only load for trusted CA's, for a chain you must load the root and intermediate as trusted
# For these tests we are loading root and sending intermediate and peer certs
# server TLSv1.2 DHE-RSA-AES128-GCM-SHA256 RSA Chain
-v 3
-l DHE-RSA-AES128-GCM-SHA256
-A ./certs/ca-cert.pem
-k ./certs/server-key.pem
-c ./certs/intermediate/server-chain.pem
-V
# client TLSv1.2 DHE-RSA-AES128-GCM-SHA256 RSA Chain
-v 3
-l DHE-RSA-AES128-GCM-SHA256
-A ./certs/ca-cert.pem
-k ./certs/client-key.pem
-c ./certs/intermediate/client-chain.pem
-C
# server TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 RSA Chain
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-A ./certs/ca-cert.pem
-k ./certs/server-key.pem
-c ./certs/intermediate/server-chain.pem
-V
# client TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 RSA Chain
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-A ./certs/ca-cert.pem
-k ./certs/client-key.pem
-c ./certs/intermediate/client-chain.pem
-C
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 ECC Chain
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-A ./certs/ca-ecc-cert.pem
-k ./certs/ecc-key.pem
-c ./certs/intermediate/server-chain-ecc.pem
-V
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 ECC Chain
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-A ./certs/ca-ecc-cert.pem
-k ./certs/ecc-client-key.pem
-c ./certs/intermediate/client-chain-ecc.pem
-C
# server TLSv1.3 TLS13-AES128-GCM-SHA256 RSA Chain
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/ca-cert.pem
-k ./certs/server-key.pem
-c ./certs/intermediate/server-chain.pem
-V
# client TLSv1.3 TLS13-AES128-GCM-SHA256 RSA Chain
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/ca-cert.pem
-k ./certs/client-key.pem
-c ./certs/intermediate/client-chain.pem
-C
# server TLSv1.3 TLS13-AES128-GCM-SHA256 ECC Chain
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/ca-ecc-cert.pem
-k ./certs/ecc-key.pem
-c ./certs/intermediate/server-chain-ecc.pem
-V
# client TLSv1.3 TLS13-AES128-GCM-SHA256 ECC Chain
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/ca-ecc-cert.pem
-k ./certs/ecc-client-key.pem
-c ./certs/intermediate/client-chain-ecc.pem
-C
# Test will load intermediate CA as trusted and only present the peer cert (partial chain)
# server TLSv1.2 DHE-RSA-AES128-GCM-SHA256 RSA Partial Chain
-v 3
-l DHE-RSA-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-cert.pem
-k ./certs/server-key.pem
-c ./certs/intermediate/server-int-cert.pem
-V
# client TLSv1.2 DHE-RSA-AES128-GCM-SHA256 RSA Partial Chain
-v 3
-l DHE-RSA-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-cert.pem
-k ./certs/client-key.pem
-c ./certs/intermediate/client-int-cert.pem
-C
# server TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 RSA Partial Chain
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-cert.pem
-k ./certs/server-key.pem
-c ./certs/intermediate/server-int-cert.pem
-V
# client TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 RSA Partial Chain
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-cert.pem
-k ./certs/client-key.pem
-c ./certs/intermediate/client-int-cert.pem
-C
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 ECC Partial Chain
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-ecc-cert.pem
-k ./certs/ecc-key.pem
-c ./certs/intermediate/server-int-ecc-cert.pem
-V
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 ECC Partial Chain
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-ecc-cert.pem
-k ./certs/ecc-client-key.pem
-c ./certs/intermediate/client-int-ecc-cert.pem
-C
# server TLSv1.3 TLS13-AES128-GCM-SHA256 RSA Partial Chain
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-cert.pem
-k ./certs/server-key.pem
-c ./certs/intermediate/server-int-cert.pem
-V
# client TLSv1.3 TLS13-AES128-GCM-SHA256 RSA Partial Chain
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-cert.pem
-k ./certs/client-key.pem
-c ./certs/intermediate/client-int-cert.pem
-C
# server TLSv1.3 TLS13-AES128-GCM-SHA256 ECC Partial Chain
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-ecc-cert.pem
-k ./certs/ecc-key.pem
-c ./certs/intermediate/server-int-ecc-cert.pem
-V
# client TLSv1.3 TLS13-AES128-GCM-SHA256 ECC Partial Chain
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-ecc-cert.pem
-k ./certs/ecc-client-key.pem
-c ./certs/intermediate/client-int-ecc-cert.pem
-C
# Test will use alternate chain where chain contains extra cert
# server TLSv1.2 DHE-RSA-AES128-GCM-SHA256 RSA Alt Chain
-v 3
-l DHE-RSA-AES128-GCM-SHA256
-A ./certs/ca-cert.pem
-k ./certs/server-key.pem
-c ./certs/intermediate/server-chain-alt.pem
-V
# client TLSv1.2 DHE-RSA-AES128-GCM-SHA256 RSA Alt Chain
-v 3
-l DHE-RSA-AES128-GCM-SHA256
-A ./certs/ca-cert.pem
-k ./certs/client-key.pem
-c ./certs/intermediate/client-chain-alt.pem
-C
# server TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 RSA Alt Chain
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-A ./certs/ca-cert.pem
-k ./certs/server-key.pem
-c ./certs/intermediate/server-chain-alt.pem
-V
# client TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 RSA Alt Chain
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-A ./certs/ca-cert.pem
-k ./certs/client-key.pem
-c ./certs/intermediate/client-chain-alt.pem
-C
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 ECC Alt Chain
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-A ./certs/ca-ecc-cert.pem
-k ./certs/ecc-key.pem
-c ./certs/intermediate/server-chain-alt-ecc.pem
-V
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 ECC Alt Chain
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-A ./certs/ca-ecc-cert.pem
-k ./certs/ecc-client-key.pem
-c ./certs/intermediate/client-chain-alt-ecc.pem
-C
# server TLSv1.3 TLS13-AES128-GCM-SHA256 RSA Alt Chain
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/ca-cert.pem
-k ./certs/server-key.pem
-c ./certs/intermediate/server-chain-alt.pem
-V
# client TLSv1.3 TLS13-AES128-GCM-SHA256 RSA Alt Chain
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/ca-cert.pem
-k ./certs/client-key.pem
-c ./certs/intermediate/client-chain-alt.pem
-C
# server TLSv1.3 TLS13-AES128-GCM-SHA256 ECC Alt Chain
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/ca-ecc-cert.pem
-k ./certs/ecc-key.pem
-c ./certs/intermediate/server-chain-alt-ecc.pem
-V
# client TLSv1.3 TLS13-AES128-GCM-SHA256 ECC Alt Chain
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/ca-ecc-cert.pem
-k ./certs/ecc-client-key.pem
-c ./certs/intermediate/client-chain-alt-ecc.pem
-C
# Test will load intermediate2 CA as trusted and present full chain (where intermediate CA is not trusted)
# server TLSv1.2 DHE-RSA-AES128-GCM-SHA256 RSA Partial Trusted Chain
-v 3
-l DHE-RSA-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-cert.pem
-k ./certs/server-key.pem
-c ./certs/intermediate/server-chain.pem
-V
# client TLSv1.2 DHE-RSA-AES128-GCM-SHA256 RSA Partial Trusted Chain
-v 3
-l DHE-RSA-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-cert.pem
-k ./certs/client-key.pem
-c ./certs/intermediate/client-chain.pem
-C
# server TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 RSA Partial Trusted Chain
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-cert.pem
-k ./certs/server-key.pem
-c ./certs/intermediate/server-chain.pem
-V
# client TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 RSA Partial Trusted Chain
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-cert.pem
-k ./certs/client-key.pem
-c ./certs/intermediate/client-chain.pem
-C
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 ECC Partial Trusted Chain
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-ecc-cert.pem
-k ./certs/ecc-key.pem
-c ./certs/intermediate/server-chain-ecc.pem
-V
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 ECC Partial Trusted Chain
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-ecc-cert.pem
-k ./certs/ecc-client-key.pem
-c ./certs/intermediate/client-chain-ecc.pem
-C
# server TLSv1.3 TLS13-AES128-GCM-SHA256 RSA Partial Trusted Chain
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-cert.pem
-k ./certs/server-key.pem
-c ./certs/intermediate/server-chain.pem
-V
# client TLSv1.3 TLS13-AES128-GCM-SHA256 RSA Partial Trusted Chain
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-cert.pem
-k ./certs/client-key.pem
-c ./certs/intermediate/client-chain.pem
-C
# server TLSv1.3 TLS13-AES128-GCM-SHA256 ECC Partial Trusted Chain
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-ecc-cert.pem
-k ./certs/ecc-key.pem
-c ./certs/intermediate/server-chain-ecc.pem
-V
# client TLSv1.3 TLS13-AES128-GCM-SHA256 ECC Partial Trusted Chain
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-ecc-cert.pem
-k ./certs/ecc-client-key.pem
-c ./certs/intermediate/client-chain-ecc.pem
-C
# Test will load intermediate2 CA as trusted and present full chain (where intermediate CA is not trusted)
# These tests use the verify callback, but pass the preverify as result in myVerify callback
# server TLSv1.2 DHE-RSA-AES128-GCM-SHA256 RSA Partial Trusted Chain
-v 3
-l DHE-RSA-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-cert.pem
-k ./certs/server-key.pem
-c ./certs/intermediate/server-chain.pem
-V
# client TLSv1.2 DHE-RSA-AES128-GCM-SHA256 RSA Partial Trusted Chain
-v 3
-l DHE-RSA-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-cert.pem
-k ./certs/client-key.pem
-c ./certs/intermediate/client-chain.pem
-C
-H verifyInfo
# server TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 RSA Partial Trusted Chain
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-cert.pem
-k ./certs/server-key.pem
-c ./certs/intermediate/server-chain.pem
-V
# client TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 RSA Partial Trusted Chain
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-cert.pem
-k ./certs/client-key.pem
-c ./certs/intermediate/client-chain.pem
-C
-H verifyInfo
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 ECC Partial Trusted Chain
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-ecc-cert.pem
-k ./certs/ecc-key.pem
-c ./certs/intermediate/server-chain-ecc.pem
-V
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 ECC Partial Trusted Chain
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-ecc-cert.pem
-k ./certs/ecc-client-key.pem
-c ./certs/intermediate/client-chain-ecc.pem
-C
-H verifyInfo
# server TLSv1.3 TLS13-AES128-GCM-SHA256 RSA Partial Trusted Chain
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-cert.pem
-k ./certs/server-key.pem
-c ./certs/intermediate/server-chain.pem
-V
# client TLSv1.3 TLS13-AES128-GCM-SHA256 RSA Partial Trusted Chain
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-cert.pem
-k ./certs/client-key.pem
-c ./certs/intermediate/client-chain.pem
-C
-H verifyInfo
# server TLSv1.3 TLS13-AES128-GCM-SHA256 ECC Partial Trusted Chain
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-ecc-cert.pem
-k ./certs/ecc-key.pem
-c ./certs/intermediate/server-chain-ecc.pem
-V
# client TLSv1.3 TLS13-AES128-GCM-SHA256 ECC Partial Trusted Chain
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-ecc-cert.pem
-k ./certs/ecc-client-key.pem
-c ./certs/intermediate/client-chain-ecc.pem
-C
-H verifyInfo

384
android/extern/wolfssl/tests/test-chains.conf vendored Normal file
View File

@@ -0,0 +1,384 @@
# Tests will use complete chain with intermediate CA for testing
# The tests with chains have the CRL checking disabled
# CRL's only load for trusted CA's, for a chain you must load the root and intermediate as trusted
# For these tests we are loading root and sending intermediate and peer certs
# server TLSv1.2 DHE-RSA-AES128-GCM-SHA256 RSA Chain
-v 3
-l DHE-RSA-AES128-GCM-SHA256
-A ./certs/ca-cert.pem
-k ./certs/server-key.pem
-c ./certs/intermediate/server-chain.pem
-V
# client TLSv1.2 DHE-RSA-AES128-GCM-SHA256 RSA Chain
-v 3
-l DHE-RSA-AES128-GCM-SHA256
-A ./certs/ca-cert.pem
-k ./certs/client-key.pem
-c ./certs/intermediate/client-chain.pem
-C
# server TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 RSA Chain
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-A ./certs/ca-cert.pem
-k ./certs/server-key.pem
-c ./certs/intermediate/server-chain.pem
-V
# client TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 RSA Chain
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-A ./certs/ca-cert.pem
-k ./certs/client-key.pem
-c ./certs/intermediate/client-chain.pem
-C
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 ECC Chain
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-A ./certs/ca-ecc-cert.pem
-k ./certs/ecc-key.pem
-c ./certs/intermediate/server-chain-ecc.pem
-V
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 ECC Chain
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-A ./certs/ca-ecc-cert.pem
-k ./certs/ecc-client-key.pem
-c ./certs/intermediate/client-chain-ecc.pem
-C
# server TLSv1.2 pathLen constraint test
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-k ./certs/test-pathlen/chainA-entity-key.pem
-c ./certs/test-pathlen/chainA-assembled.pem
-V
# client TLSv1.2 pathLen constraint test
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-C
# server TLSv1.2 pathLen constraint test
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-k ./certs/test-pathlen/chainB-entity-key.pem
-c ./certs/test-pathlen/chainB-assembled.pem
-V
# client TLSv1.2 pathLen constraint test
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-C
# server TLSv1.2 pathLen constraint test
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-k ./certs/test-pathlen/chainC-entity-key.pem
-c ./certs/test-pathlen/chainC-assembled.pem
-V
# client TLSv1.2 pathLen constraint test
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-C
# server TLSv1.2 pathLen constraint test
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-k ./certs/test-pathlen/chainD-entity-key.pem
-c ./certs/test-pathlen/chainD-assembled.pem
-V
# client TLSv1.2 pathLen constraint test
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-C
# server TLSv1.2 pathLen constraint test
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-k ./certs/test-pathlen/chainE-entity-key.pem
-c ./certs/test-pathlen/chainE-assembled.pem
-H exitWithRet
-V
# client TLSv1.2 pathLen constraint test
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-H exitWithRet
-C
# server TLSv1.2 pathLen constraint test
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-k ./certs/test-pathlen/chainF-entity-key.pem
-c ./certs/test-pathlen/chainF-assembled.pem
-H exitWithRet
-V
# client TLSv1.2 pathLen constraint test
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-H exitWithRet
-C
# server TLSv1.2 pathLen constraint test
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-k ./certs/test-pathlen/chainG-entity-key.pem
-c ./certs/test-pathlen/chainG-assembled.pem
-V
# client TLSv1.2 pathLen constraint test
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-C
# server TLSv1.2 pathLen constraint test
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-k ./certs/test-pathlen/chainH-entity-key.pem
-c ./certs/test-pathlen/chainH-assembled.pem
-H exitWithRet
-V
# client TLSv1.2 pathLen constraint test
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-H exitWithRet
-C
# server TLSv1.2 pathLen constraint test
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-k ./certs/test-pathlen/chainI-entity-key.pem
-c ./certs/test-pathlen/chainI-assembled.pem
-V
# client TLSv1.2 pathLen constraint test
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-C
# server TLSv1.2 pathLen constraint test
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-k ./certs/test-pathlen/chainJ-entity-key.pem
-c ./certs/test-pathlen/chainJ-assembled.pem
-H exitWithRet
-V
# client TLSv1.2 pathLen constraint test
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-H exitWithRet
-C
# server TLSv1.3 TLS13-AES128-GCM-SHA256 RSA Chain
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/ca-cert.pem
-k ./certs/server-key.pem
-c ./certs/intermediate/server-chain.pem
-V
# client TLSv1.3 TLS13-AES128-GCM-SHA256 RSA Chain
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/ca-cert.pem
-k ./certs/client-key.pem
-c ./certs/intermediate/client-chain.pem
-C
# server TLSv1.3 TLS13-AES128-GCM-SHA256 ECC Chain
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/ca-ecc-cert.pem
-k ./certs/ecc-key.pem
-c ./certs/intermediate/server-chain-ecc.pem
-V
# client TLSv1.3 TLS13-AES128-GCM-SHA256 ECC Chain
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/ca-ecc-cert.pem
-k ./certs/ecc-client-key.pem
-c ./certs/intermediate/client-chain-ecc.pem
-C
# Test will load intermediate CA as trusted and only present the peer cert (partial chain)
# server TLSv1.2 DHE-RSA-AES128-GCM-SHA256 RSA Partial Chain
-v 3
-l DHE-RSA-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-cert.pem
-k ./certs/server-key.pem
-c ./certs/intermediate/server-int-cert.pem
-V
# client TLSv1.2 DHE-RSA-AES128-GCM-SHA256 RSA Partial Chain
-v 3
-l DHE-RSA-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-cert.pem
-k ./certs/client-key.pem
-c ./certs/intermediate/client-int-cert.pem
-C
# server TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 RSA Partial Chain
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-cert.pem
-k ./certs/server-key.pem
-c ./certs/intermediate/server-int-cert.pem
-V
# client TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 RSA Partial Chain
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-cert.pem
-k ./certs/client-key.pem
-c ./certs/intermediate/client-int-cert.pem
-C
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 ECC Partial Chain
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-ecc-cert.pem
-k ./certs/ecc-key.pem
-c ./certs/intermediate/server-int-ecc-cert.pem
-V
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 ECC Partial Chain
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-ecc-cert.pem
-k ./certs/ecc-client-key.pem
-c ./certs/intermediate/client-int-ecc-cert.pem
-C
# server TLSv1.3 TLS13-AES128-GCM-SHA256 RSA Partial Chain
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-cert.pem
-k ./certs/server-key.pem
-c ./certs/intermediate/server-int-cert.pem
-V
# client TLSv1.3 TLS13-AES128-GCM-SHA256 RSA Partial Chain
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-cert.pem
-k ./certs/client-key.pem
-c ./certs/intermediate/client-int-cert.pem
-C
# server TLSv1.3 TLS13-AES128-GCM-SHA256 ECC Partial Chain
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-ecc-cert.pem
-k ./certs/ecc-key.pem
-c ./certs/intermediate/server-int-ecc-cert.pem
-V
# client TLSv1.3 TLS13-AES128-GCM-SHA256 ECC Partial Chain
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/intermediate/ca-int2-ecc-cert.pem
-k ./certs/ecc-client-key.pem
-c ./certs/intermediate/client-int-ecc-cert.pem
-C
# Test will use alternate chain where chain contains extra cert
# These tests should fail
# server TLSv1.2 DHE-RSA-AES128-GCM-SHA256 RSA Alt Chain Fail
-v 3
-l DHE-RSA-AES128-GCM-SHA256
-A ./certs/ca-cert.pem
-k ./certs/server-key.pem
-c ./certs/intermediate/server-chain-alt.pem
-H exitWithRet
-V
# client TLSv1.2 DHE-RSA-AES128-GCM-SHA256 RSA Alt Chain Fail
-v 3
-l DHE-RSA-AES128-GCM-SHA256
-A ./certs/ca-cert.pem
-k ./certs/client-key.pem
-c ./certs/intermediate/client-chain-alt.pem
-H exitWithRet
-C
# server TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 RSA Alt Chain Fail
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-A ./certs/ca-cert.pem
-k ./certs/server-key.pem
-c ./certs/intermediate/server-chain-alt.pem
-H exitWithRet
-V
# client TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 RSA Alt Chain Fail
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-A ./certs/ca-cert.pem
-k ./certs/client-key.pem
-c ./certs/intermediate/client-chain-alt.pem
-H exitWithRet
-C
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 ECC Alt Chain Fail
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-A ./certs/ca-ecc-cert.pem
-k ./certs/ecc-key.pem
-c ./certs/intermediate/server-chain-alt-ecc.pem
-H exitWithRet
-V
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 ECC Alt Chain Fail
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-A ./certs/ca-ecc-cert.pem
-k ./certs/ecc-client-key.pem
-c ./certs/intermediate/client-chain-alt-ecc.pem
-H exitWithRet
-C
# server TLSv1.3 TLS13-AES128-GCM-SHA256 RSA Alt Chain Fail
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/ca-cert.pem
-k ./certs/server-key.pem
-c ./certs/intermediate/server-chain-alt.pem
-H exitWithRet
-V
# client TLSv1.3 TLS13-AES128-GCM-SHA256 RSA Alt Chain Fail
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/ca-cert.pem
-k ./certs/client-key.pem
-c ./certs/intermediate/client-chain-alt.pem
-H exitWithRet
-C
# server TLSv1.3 TLS13-AES128-GCM-SHA256 ECC Alt Chain Fail
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/ca-ecc-cert.pem
-k ./certs/ecc-key.pem
-c ./certs/intermediate/server-chain-alt-ecc.pem
-H exitWithRet
-V
# client TLSv1.3 TLS13-AES128-GCM-SHA256 ECC Alt Chain Fail
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/ca-ecc-cert.pem
-k ./certs/ecc-client-key.pem
-c ./certs/intermediate/client-chain-alt-ecc.pem
-H exitWithRet
-C

25
android/extern/wolfssl/tests/test-dhprime.conf vendored Normal file
View File

@@ -0,0 +1,25 @@
# server TLSv1.2 DHE AES128 (DHE prime test)
-v 3
-l DHE-RSA-AES128-SHA
# client TLSv1.2 DHE AES128 (DHE prime test)
-v 3
-l DHE-RSA-AES128-SHA
# server TLSv1.2 DHE AES256-SHA256 (DHE prime test)
-v 3
-l DHE-RSA-AES256-SHA256
# client TLSv1.2 DHE AES256-SHA256 (DHE prime test)
-v 3
-l DHE-RSA-AES256-SHA256
# server TLSv1.2 DHE-PSK-AES128-CBC-SHA256 (DHE prime test)
-s
-v 3
-l DHE-PSK-AES128-CBC-SHA256
# client TLSv1.2 DHE-PSK-AES128-CBC-SHA256 (DHE prime test)
-s
-v 3
-l DHE-PSK-AES128-CBC-SHA256

21
android/extern/wolfssl/tests/test-dtls-downgrade.conf vendored Normal file
View File

@@ -0,0 +1,21 @@
# server DTLS multiversion allow downgrading
-vd
-7 2
-u
-l TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
# client DTLSv1.0
-v 2
-u
-l TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
# server DTLSv1.0
-v 2
-u
-l TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
# client DTLS multiversion allow downgrading
-vd
-7 2
-u
-l TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

9
android/extern/wolfssl/tests/test-dtls-fails-cipher.conf vendored Normal file
View File

@@ -0,0 +1,9 @@
# server DTLSv1.2 cipher mismatch
-v 3
-u
-l DHE-RSA-AES128-SHA256
# client DTLSv1.2 cipher mismatch
-v 3
-u
-l DHE-RSA-AES256-SHA256

16
android/extern/wolfssl/tests/test-dtls-fails.conf vendored Normal file
View File

@@ -0,0 +1,16 @@
# DTLS test
# server DTLSv1.2 too big test
-v 3
-l ECDHE-ECDSA-AES128-SHA256
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
-u
-B 9000
# client DTLSv1.2 too big test
-v 3
-l ECDHE-ECDSA-AES128-SHA256
-A ./certs/ca-ecc-cert.pem
-u
-B 9000

1063
android/extern/wolfssl/tests/test-dtls-group.conf vendored Normal file
View File

File diff suppressed because it is too large Load Diff

3537
android/extern/wolfssl/tests/test-dtls-mtu.conf vendored Normal file
View File

File diff suppressed because it is too large Load Diff

1145
android/extern/wolfssl/tests/test-dtls-reneg-client.conf vendored Normal file
View File

File diff suppressed because it is too large Load Diff

1079
android/extern/wolfssl/tests/test-dtls-reneg-server.conf vendored Normal file
View File

File diff suppressed because it is too large Load Diff

1077
android/extern/wolfssl/tests/test-dtls-resume.conf vendored Normal file
View File

File diff suppressed because it is too large Load Diff

66
android/extern/wolfssl/tests/test-dtls-sha2.conf vendored Normal file
View File

@@ -0,0 +1,66 @@
# server DTLSv1 AES128-SHA256
-u
-v 2
-l AES128-SHA256
# client DTLSv1 AES128-SHA256
-u
-v 2
-l AES128-SHA256
# server DTLSv1 AES256-SHA256
-u
-v 2
-l AES256-SHA256
# client DTLSv1 AES256-SHA256
-u
-v 2
-l AES256-SHA256
# server TLSv1 ECDHE-PSK-AES128-SHA256
-s
-u
-v 1
-l ECDHE-PSK-AES128-SHA256
# client TLSv1 ECDHE-PSK-AES128-SHA256
-s
-u
-v 1
-l ECDHE-PSK-AES128-SHA256
# server TLSv1.1 ECDHE-PSK-AES128-SHA256
-s
-u
-v 2
-l ECDHE-PSK-AES128-SHA256
# client TLSv1.1 ECDHE-PSK-AES128-SHA256
-s
-u
-v 2
-l ECDHE-PSK-AES128-SHA256
# server TLSv1 ECDHE-PSK-NULL-SHA256
-s
-u
-v 1
-l ECDHE-PSK-NULL-SHA256
# client TLSv1 ECDHE-PSK-NULL-SHA256
-s
-u
-v 1
-l ECDHE-PSK-NULL-SHA256
# server TLSv1.1 ECDHE-PSK-NULL-SHA256
-s
-u
-v 2
-l ECDHE-PSK-NULL-SHA256
# client TLSv1.1 ECDHE-PSK-NULL-SHA256
-s
-u
-v 2
-l ECDHE-PSK-NULL-SHA256

11
android/extern/wolfssl/tests/test-dtls-srtp-fails.conf vendored Normal file
View File

@@ -0,0 +1,11 @@
# server DTLSv1.2 all but SRTP_AEAD_AES_256_GCM
-u
-d
-l ECDHE-RSA-AES256-GCM-SHA384
--srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32:SRTP_NULL_SHA1_80:SRTP_NULL_SHA1_32:SRTP_AEAD_AES_128_GCM
# client DTLSv1.2 SRTP_AEAD_AES_256_GCM profile
-u
-x
-l ECDHE-RSA-AES256-GCM-SHA384
--srtp SRTP_AEAD_AES_256_GCM

192
android/extern/wolfssl/tests/test-dtls-srtp.conf vendored Normal file
View File

@@ -0,0 +1,192 @@
# server DTLSv1.2 SRTP default profile
-u
-d
-l ECDHE-RSA-AES256-GCM-SHA384
--srtp
# client DTLSv1.2 SRTP default profile
-u
-x
--srtp
-l ECDHE-RSA-AES256-GCM-SHA384
# server DTLSv1.0 SRTP default profile
-u
-d
-v 2
-l TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
--srtp
# client DTLSv1.0 SRTP default profile
-u
-x
-v 2
-l TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
--srtp
# server DTLSv1.2 SRTP_AES128_CM_SHA1_32 profile
-u
-d
-l ECDHE-RSA-AES256-GCM-SHA384
--srtp SRTP_AES128_CM_SHA1_32
# client DTLSv1.2 SRTP_AES128_CM_SHA1_32 profile
-u
-x
-l ECDHE-RSA-AES256-GCM-SHA384
--srtp SRTP_AES128_CM_SHA1_32
# server DTLSv1.0 SRTP_AES128_CM_SHA1_32 profile
-u
-d
-v 2
-l TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
--srtp SRTP_AES128_CM_SHA1_32
# client DTLSv1.0 SRTP_AES128_CM_SHA1_32 profile
-u
-x
-v 2
-l TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
--srtp SRTP_AES128_CM_SHA1_32
# server DTLSv1.2 SRTP_NULL_SHA1_32 profile
-u
-d
-l ECDHE-RSA-AES256-GCM-SHA384
--srtp SRTP_NULL_SHA1_32
# client DTLSv1.2 SRTP_NULL_SHA1_32 profile
-u
-x
-l ECDHE-RSA-AES256-GCM-SHA384
--srtp SRTP_NULL_SHA1_32
# server DTLSv1.0 SRTP_NULL_SHA1_32 profile
-u
-d
-v 2
-l TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
--srtp SRTP_NULL_SHA1_32
# client DTLSv1.0 SRTP_NULL_SHA1_32 profile
-u
-x
-v 2
-l TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
--srtp SRTP_NULL_SHA1_32
# server DTLSv1.2 SRTP_NULL_SHA1_80 profile
-u
-d
-l ECDHE-RSA-AES256-GCM-SHA384
--srtp SRTP_NULL_SHA1_80
# client DTLSv1.2 SRTP_NULL_SHA1_80 profile
-u
-x
-l ECDHE-RSA-AES256-GCM-SHA384
--srtp SRTP_NULL_SHA1_80
# server DTLSv1.0 SRTP_NULL_SHA1_80 profile
-u
-d
-v 2
-l TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
--srtp SRTP_NULL_SHA1_80
# client DTLSv1.0 SRTP_NULL_SHA1_80 profile
-u
-x
-v 2
-l TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
--srtp SRTP_NULL_SHA1_80
# server DTLSv1.2 SRTP_AEAD_AES_128_GCM profile
-u
-d
-l ECDHE-RSA-AES256-GCM-SHA384
--srtp SRTP_AEAD_AES_128_GCM
# client DTLSv1.2 SRTP_AEAD_AES_128_GCM profile
-u
-x
-l ECDHE-RSA-AES256-GCM-SHA384
--srtp SRTP_AEAD_AES_128_GCM
# server DTLSv1.0 SRTP_AEAD_AES_128_GCM profile
-u
-d
-v 2
-l TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
--srtp SRTP_AEAD_AES_128_GCM
# client DTLSv1.0 SRTP_AEAD_AES_128_GCM profile
-u
-x
-v 2
-l TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
--srtp SRTP_AEAD_AES_128_GCM
# server DTLSv1.2 SRTP_AEAD_AES_256_GCM profile
-u
-d
-l ECDHE-RSA-AES256-GCM-SHA384
--srtp SRTP_AEAD_AES_256_GCM
# client DTLSv1.2 SRTP_AEAD_AES_256_GCM profile
-u
-x
-l ECDHE-RSA-AES256-GCM-SHA384
--srtp SRTP_AEAD_AES_256_GCM
# server DTLSv1.0 SRTP_AEAD_AES_256_GCM profile
-u
-d
-v 2
-l TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
--srtp SRTP_AEAD_AES_256_GCM
# client DTLSv1.0 SRTP_AEAD_AES_256_GCM profile
-u
-x
-v 2
-l TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
--srtp SRTP_AEAD_AES_256_GCM
# server DTLSv1.2 SRTP_AEAD_AES_256_GCM profile
-u
-d
-l ECDHE-RSA-AES256-GCM-SHA384
--srtp SRTP_AEAD_AES_256_GCM:SRTP_NULL_SHA1_32
# client DTLSv1.2 SRTP_AEAD_AES_256_GCM profile
-u
-x
-l ECDHE-RSA-AES256-GCM-SHA384
--srtp SRTP_NULL_SHA1_32
# server DTLSv1.2 SRTP_AEAD_AES_256_GCM profile
-u
-d
-l ECDHE-RSA-AES256-GCM-SHA384
--srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32:SRTP_NULL_SHA1_80:SRTP_NULL_SHA1_32:SRTP_AEAD_AES_128_GCM:SRTP_AEAD_AES_256_GCM
# client DTLSv1.2 SRTP_AEAD_AES_256_GCM profile
-u
-x
-l ECDHE-RSA-AES256-GCM-SHA384
--srtp SRTP_NULL_SHA1_32
# server DTLSv1.2 SRTP_AEAD_AES_256_GCM profile
-u
-d
-l ECDHE-RSA-AES256-GCM-SHA384
--srtp SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32:SRTP_NULL_SHA1_80:SRTP_NULL_SHA1_32:SRTP_AEAD_AES_128_GCM:SRTP_AEAD_AES_256_GCM
# client DTLSv1.2 SRTP_AEAD_AES_256_GCM profile
-u
-x
-l ECDHE-RSA-AES256-GCM-SHA384
--srtp SRTP_AEAD_AES_256_GCM

917
android/extern/wolfssl/tests/test-dtls.conf vendored Normal file
View File

@@ -0,0 +1,917 @@
# server DTLSv1.2 DHE-RSA-CHACHA20-POLY1305
-u
-v 3
-l DHE-RSA-CHACHA20-POLY1305
# client DTLSv1.2 DHE-RSA-CHACHA20-POLY1305
-u
-v 3
-l DHE-RSA-CHACHA20-POLY1305
# server DTLSv1.2 ECDHE-RSA-CHACHA20-POLY1305
-u
-v 3
-l ECDHE-RSA-CHACHA20-POLY1305
# client DTLSv1.2 ECDHE-RSA-CHACHA20-POLY1305
-u
-v 3
-l ECDHE-RSA-CHACHA20-POLY1305
# server DTLSv1.2 ECDHE-EDCSA-CHACHA20-POLY1305
-u
-v 3
-l ECDHE-ECDSA-CHACHA20-POLY1305
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305
-u
-v 3
-l ECDHE-ECDSA-CHACHA20-POLY1305
-A ./certs/ca-ecc-cert.pem
# server TLSv1.2 DHE-PSK-CHACHA20-POLY1305
-u
-v 3
-s
-l DHE-PSK-CHACHA20-POLY1305
# client TLSv1.2 DHE-PSK-CHACHA20-POLY1305
-u
-v 3
-s
-l DHE-PSK-CHACHA20-POLY1305
# server TLSv1.2 ECDHE-PSK-CHACHA20-POLY1305
-u
-v 3
-s
-l ECDHE-PSK-CHACHA20-POLY1305
# client TLSv1.2 ECDHE-PSK-CHACHA20-POLY1305
-u
-v 3
-s
-l ECDHE-PSK-CHACHA20-POLY1305
# server TLSv1.2 PSK-CHACHA20-POLY1305
-u
-v 3
-s
-l PSK-CHACHA20-POLY1305
# client TLSv1.2 PSK-CHACHA20-POLY1305
-u
-v 3
-s
-l PSK-CHACHA20-POLY1305
# server DTLSv1.2 DHE-RSA-CHACHA20-POLY1305-OLD
-u
-v 3
-l DHE-RSA-CHACHA20-POLY1305-OLD
# client DTLSv1.2 DHE-RSA-CHACHA20-POLY1305-OLD
-u
-v 3
-l DHE-RSA-CHACHA20-POLY1305-OLD
# server DTLSv1.2 ECDHE-RSA-CHACHA20-POLY1305-OLD
-u
-v 3
-l ECDHE-RSA-CHACHA20-POLY1305-OLD
# client DTLSv1.2 ECDHE-RSA-CHACHA20-POLY1305-OLD
-u
-v 3
-l ECDHE-RSA-CHACHA20-POLY1305-OLD
# server DTLSv1.2 ECDHE-EDCSA-CHACHA20-POLY1305-OLD
-u
-v 3
-l ECDHE-ECDSA-CHACHA20-POLY1305-OLD
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305-OLD
-u
-v 3
-l ECDHE-ECDSA-CHACHA20-POLY1305-OLD
-A ./certs/ca-ecc-cert.pem
# server DTLSv1 DES-CBC3-SHA
-u
-v 2
-l DES-CBC3-SHA
# client DTLSv1 DES-CBC3-SHA
-u
-v 2
-l DES-CBC3-SHA
# server DTLSv1.2 DES-CBC3-SHA
-u
-v 3
-l DES-CBC3-SHA
# client DTLSv1.2 DES-CBC3-SHA
-u
-v 3
-l DES-CBC3-SHA
# server DTLSv1 AES128-SHA
-u
-v 2
-l AES128-SHA
# client DTLSv1 AES128-SHA
-u
-v 2
-l AES128-SHA
# server DTLSv1.2 AES128-SHA
-u
-v 3
-l AES128-SHA
# client DTLSv1.2 AES128-SHA
-u
-v 3
-l AES128-SHA
# server DTLSv1 AES256-SHA
-u
-v 2
-l AES256-SHA
# client DTLSv1 AES256-SHA
-u
-v 2
-l AES256-SHA
# server DTLSv1.2 AES256-SHA
-u
-v 3
-l AES256-SHA
# client DTLSv1.2 AES256-SHA
-u
-v 3
-l AES256-SHA
# server DTLSv1.2 AES128-SHA256
-u
-v 3
-l AES128-SHA256
# client DTLSv1.2 AES128-SHA256
-u
-v 3
-l AES128-SHA256
# server DTLSv1.2 AES256-SHA256
-u
-v 3
-l AES256-SHA256
# client DTLSv1.2 AES256-SHA256
-u
-v 3
-l AES256-SHA256
# server DTLSv1.1 ECDHE-RSA-DES3
-u
-v 2
-l ECDHE-RSA-DES-CBC3-SHA
# client DTLSv1.1 ECDHE-RSA-DES3
-u
-v 2
-l ECDHE-RSA-DES-CBC3-SHA
# server DTLSv1.1 ECDHE-RSA-AES128
-u
-v 2
-l ECDHE-RSA-AES128-SHA
# client DTLSv1.1 ECDHE-RSA-AES128
-u
-v 2
-l ECDHE-RSA-AES128-SHA
# server DTLSv1.1 ECDHE-RSA-AES256
-u
-v 2
-l ECDHE-RSA-AES256-SHA
# client DTLSv1.1 ECDHE-RSA-AES256
-u
-v 2
-l ECDHE-RSA-AES256-SHA
# server DTLSv1.2 ECDHE-RSA-DES3
-u
-v 3
-l ECDHE-RSA-DES-CBC3-SHA
# client DTLSv1.2 ECDHE-RSA-DES3
-u
-v 3
-l ECDHE-RSA-DES-CBC3-SHA
# server DTLSv1.2 ECDHE-RSA-AES128
-u
-v 3
-l ECDHE-RSA-AES128-SHA
# client DTLSv1.2 ECDHE-RSA-AES128
-u
-v 3
-l ECDHE-RSA-AES128-SHA
# server DTLSv1.2 ECDHE-RSA-AES128-SHA256
-u
-v 3
-l ECDHE-RSA-AES128-SHA256
# client DTLSv1.2 ECDHE-RSA-AES128-SHA256
-u
-v 3
-l ECDHE-RSA-AES128-SHA256
# server DTLSv1.2 ECDHE-RSA-AES256
-u
-v 3
-l ECDHE-RSA-AES256-SHA
# client DTLSv1.2 ECDHE-RSA-AES256
-u
-v 3
-l ECDHE-RSA-AES256-SHA
# server TLSv1 ECDHE-ECDSA-NULL-SHA
-u
-v 1
-l ECDHE-ECDSA-NULL-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1 ECDHE-ECDSA-NULL-SHA
-u
-v 1
-l ECDHE-ECDSA-NULL-SHA
-A ./certs/ca-ecc-cert.pem
# server TLSv1.1 ECDHE-ECDSA-NULL-SHA
-u
-v 2
-l ECDHE-ECDSA-NULL-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1 ECDHE-ECDSA-NULL-SHA
-u
-v 2
-l ECDHE-ECDSA-NULL-SHA
-A ./certs/ca-ecc-cert.pem
# server TLSv1.2 ECDHE-ECDSA-NULL-SHA
-u
-v 3
-l ECDHE-ECDSA-NULL-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDHE-ECDSA-NULL-SHA
-u
-v 3
-l ECDHE-ECDSA-NULL-SHA
-A ./certs/ca-ecc-cert.pem
# server DTLSv1.1 ECDHE-ECDSA-DES3
-u
-v 2
-l ECDHE-ECDSA-DES-CBC3-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.1 ECDHE-ECDSA-DES3
-u
-v 2
-l ECDHE-ECDSA-DES-CBC3-SHA
-A ./certs/ca-ecc-cert.pem
# server DTLSv1.1 ECDHE-ECDSA-AES128
-u
-v 2
-l ECDHE-ECDSA-AES128-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.1 ECDHE-ECDSA-AES128
-u
-v 2
-l ECDHE-ECDSA-AES128-SHA
-A ./certs/ca-ecc-cert.pem
# server DTLSv1.1 ECDHE-ECDSA-AES256
-u
-v 2
-l ECDHE-ECDSA-AES256-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.1 ECDHE-ECDSA-AES256
-u
-v 2
-l ECDHE-ECDSA-AES256-SHA
-A ./certs/ca-ecc-cert.pem
# server DTLSv1.2 ECDHE-ECDSA-DES3
-u
-v 3
-l ECDHE-ECDSA-DES-CBC3-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDHE-ECDSA-DES3
-u
-v 3
-l ECDHE-ECDSA-DES-CBC3-SHA
-A ./certs/ca-ecc-cert.pem
# server DTLSv1.2 ECDHE-ECDSA-AES128
-u
-v 3
-l ECDHE-ECDSA-AES128-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDHE-ECDSA-AES128
-u
-v 3
-l ECDHE-ECDSA-AES128-SHA
-A ./certs/ca-ecc-cert.pem
# server DTLSv1.2 ECDHE-ECDSA-AES128-SHA256
-u
-v 3
-l ECDHE-ECDSA-AES128-SHA256
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDHE-ECDSA-AES128-SHA256
-u
-v 3
-l ECDHE-ECDSA-AES128-SHA256
-A ./certs/ca-ecc-cert.pem
# server DTLSv1.2 ECDHE-ECDSA-AES256
-u
-v 3
-l ECDHE-ECDSA-AES256-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDHE-ECDSA-AES256
-u
-v 3
-l ECDHE-ECDSA-AES256-SHA
-A ./certs/ca-ecc-cert.pem
# server DTLSv1.1 ECDH-RSA-DES3
-u
-v 2
-l ECDH-RSA-DES-CBC3-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client DTLSv1.1 ECDH-RSA-DES3
-u
-v 2
-l ECDH-RSA-DES-CBC3-SHA
# server DTLSv1.1 ECDH-RSA-AES128
-u
-v 2
-l ECDH-RSA-AES128-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client DTLSv1.1 ECDH-RSA-AES128
-u
-v 2
-l ECDH-RSA-AES128-SHA
# server DTLSv1.1 ECDH-RSA-AES256
-u
-v 2
-l ECDH-RSA-AES256-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client DTLSv1.1 ECDH-RSA-AES256
-u
-v 2
-l ECDH-RSA-AES256-SHA
# server DTLSv1.2 ECDH-RSA-DES3
-u
-v 3
-l ECDH-RSA-DES-CBC3-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDH-RSA-DES3
-u
-v 3
-l ECDH-RSA-DES-CBC3-SHA
# server DTLSv1.2 ECDH-RSA-AES128
-u
-v 3
-l ECDH-RSA-AES128-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDH-RSA-AES128
-u
-v 3
-l ECDH-RSA-AES128-SHA
# server DTLSv1.2 ECDH-RSA-AES128-SHA256
-u
-v 3
-l ECDH-RSA-AES128-SHA256
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDH-RSA-AES128-SHA256
-u
-v 3
-l ECDH-RSA-AES128-SHA256
# server DTLSv1.2 ECDH-RSA-AES256
-u
-v 3
-l ECDH-RSA-AES256-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDH-RSA-AES256
-u
-v 3
-l ECDH-RSA-AES256-SHA
# server DTLSv1.1 ECDH-ECDSA-DES3
-u
-v 2
-l ECDH-ECDSA-DES-CBC3-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.1 ECDH-ECDSA-DES3
-u
-v 2
-l ECDH-ECDSA-DES-CBC3-SHA
-A ./certs/ca-ecc-cert.pem
# server DTLSv1.1 ECDH-ECDSA-AES128
-u
-v 2
-l ECDH-ECDSA-AES128-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.1 ECDH-ECDSA-AES128
-u
-v 2
-l ECDH-ECDSA-AES128-SHA
-A ./certs/ca-ecc-cert.pem
# server DTLSv1.1 ECDH-ECDSA-AES256
-u
-v 2
-l ECDH-ECDSA-AES256-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.1 ECDH-ECDSA-AES256
-u
-v 2
-l ECDH-ECDSA-AES256-SHA
-A ./certs/ca-ecc-cert.pem
# server DTLSv1.2 ECDH-ECDSA-DES3
-u
-v 3
-l ECDH-ECDSA-DES-CBC3-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDH-ECDSA-DES3
-u
-v 3
-l ECDH-ECDSA-DES-CBC3-SHA
-A ./certs/ca-ecc-cert.pem
# server DTLSv1.2 ECDH-ECDSA-AES128
-u
-v 3
-l ECDH-ECDSA-AES128-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDH-ECDSA-AES128
-u
-v 3
-l ECDH-ECDSA-AES128-SHA
-A ./certs/ca-ecc-cert.pem
# server DTLSv1.2 ECDH-ECDSA-AES128-SHA256
-u
-v 3
-l ECDH-ECDSA-AES128-SHA256
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDH-ECDSA-AES128-SHA256
-u
-v 3
-l ECDH-ECDSA-AES128-SHA256
-A ./certs/ca-ecc-cert.pem
# server DTLSv1.2 ECDH-ECDSA-AES256
-u
-v 3
-l ECDH-ECDSA-AES256-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDH-ECDSA-AES256
-u
-v 3
-l ECDH-ECDSA-AES256-SHA
-A ./certs/ca-ecc-cert.pem
# server DTLSv1.2 ECDHE-RSA-AES256-SHA384
-u
-v 3
-l ECDHE-RSA-AES256-SHA384
# client DTLSv1.2 ECDHE-RSA-AES256-SHA384
-u
-v 3
-l ECDHE-RSA-AES256-SHA384
# server DTLSv1.2 ECDHE-ECDSA-AES256-SHA384
-u
-v 3
-l ECDHE-ECDSA-AES256-SHA384
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDHE-ECDSA-AES256-SHA384
-u
-v 3
-l ECDHE-ECDSA-AES256-SHA384
-A ./certs/ca-ecc-cert.pem
# server DTLSv1.2 ECDH-RSA-AES256-SHA384
-u
-v 3
-l ECDH-RSA-AES256-SHA384
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDH-RSA-AES256-SHA384
-u
-v 3
-l ECDH-RSA-AES256-SHA384
# server DTLSv1.2 ECDH-ECDSA-AES256-SHA384
-u
-v 3
-l ECDH-ECDSA-AES256-SHA384
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDH-ECDSA-AES256-SHA384
-u
-v 3
-l ECDH-ECDSA-AES256-SHA384
-A ./certs/ca-ecc-cert.pem
# server TLSv1.2 ECDHE-PSK-AES128-SHA256
-s
-u
-v 3
-l ECDHE-PSK-AES128-SHA256
# client TLSv1.2 ECDHE-PSK-AES128-SHA256
-s
-u
-v 3
-l ECDHE-PSK-AES128-SHA256
# server TLSv1.2 ECDHE-PSK-NULL-SHA256
-s
-u
-v 3
-l ECDHE-PSK-NULL-SHA256
# client TLSv1.2 ECDHE-PSK-NULL-SHA256
-s
-u
-v 3
-l ECDHE-PSK-NULL-SHA256
# server DTLSv1 PSK-AES128
-s
-u
-v 2
-l PSK-AES128-CBC-SHA
# client DTLSv1 PSK-AES128
-s
-u
-v 2
-l PSK-AES128-CBC-SHA
# server DTLSv1 PSK-AES256
-s
-u
-v 2
-l PSK-AES256-CBC-SHA
# client DTLSv1 PSK-AES256
-s
-u
-v 2
-l PSK-AES256-CBC-SHA
# server DTLSv1.2 PSK-AES128
-s
-u
-v 3
-l PSK-AES128-CBC-SHA
# client DTLSv1.2 PSK-AES128
-s
-u
-v 3
-l PSK-AES128-CBC-SHA
# server DTLSv1.2 PSK-AES256
-s
-u
-v 3
-l PSK-AES256-CBC-SHA
# client DTLSv1.2 PSK-AES256
-s
-u
-v 3
-l PSK-AES256-CBC-SHA
# server DTLSv1.2 PSK-AES128-SHA256
-s
-u
-v 3
-l PSK-AES128-CBC-SHA256
# client DTLSv1.2 PSK-AES128-SHA256
-s
-u
-v 3
-l PSK-AES128-CBC-SHA256
# server DTLSv1.2 PSK-AES256-SHA384
-s
-u
-v 3
-l PSK-AES256-CBC-SHA384
# client DTLSv1.2 PSK-AES256-SHA384
-s
-u
-v 3
-l PSK-AES256-CBC-SHA384
# server DTLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-u
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-u
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-A ./certs/ca-ecc-cert.pem
# server DTLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
-u
-v 3
-l ECDHE-ECDSA-AES256-GCM-SHA384
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
-u
-v 3
-l ECDHE-ECDSA-AES256-GCM-SHA384
-A ./certs/ca-ecc-cert.pem
# server DTLSv1.2 ECDH-ECDSA-AES128-GCM-SHA256
-u
-v 3
-l ECDH-ECDSA-AES128-GCM-SHA256
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDH-ECDSA-AES128-GCM-SHA256
-u
-v 3
-l ECDH-ECDSA-AES128-GCM-SHA256
-A ./certs/ca-ecc-cert.pem
# server DTLSv1.2 ECDH-ECDSA-AES256-GCM-SHA384
-u
-v 3
-l ECDH-ECDSA-AES256-GCM-SHA384
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDH-ECDSA-AES256-GCM-SHA384
-u
-v 3
-l ECDH-ECDSA-AES256-GCM-SHA384
-A ./certs/ca-ecc-cert.pem
# server DTLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
-u
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
# client DTLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
-u
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
# server DTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
-u
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
# client DTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
-u
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
# server DTLSv1.2 ECDH-RSA-AES128-GCM-SHA256
-u
-v 3
-l ECDH-RSA-AES128-GCM-SHA256
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDH-RSA-AES128-GCM-SHA256
-u
-v 3
-l ECDH-RSA-AES128-GCM-SHA256
# server DTLSv1.2 ECDH-RSA-AES256-GCM-SHA384
-u
-v 3
-l ECDH-RSA-AES256-GCM-SHA384
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDH-RSA-AES256-GCM-SHA384
-u
-v 3
-l ECDH-RSA-AES256-GCM-SHA384
# server DTLSv1.2 PSK-AES128-GCM-SHA256
-u
-s
-v 3
-l PSK-AES128-GCM-SHA256
# client DTLSv1.2 PSK-AES128-GCM-SHA256
-u
-s
-v 3
-l PSK-AES128-GCM-SHA256
# server DTLSv1.2 PSK-AES256-GCM-SHA384
-u
-s
-v 3
-l PSK-AES256-GCM-SHA384
# client DTLSv1.2 PSK-AES256-GCM-SHA384
-u
-s
-v 3
-l PSK-AES256-GCM-SHA384
# server DTLSv1.2 ECDHE-ECDSA-AES128-CCM
-u
-v 3
-l ECDHE-ECDSA-AES128-CCM
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDHE-ECDSA-AES128-CCM
-u
-v 3
-l ECDHE-ECDSA-AES128-CCM
-A ./certs/ca-ecc-cert.pem
# server DTLSv1.2 ECDHE-ECDSA-AES128-CCM-8
-u
-v 3
-l ECDHE-ECDSA-AES128-CCM-8
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDHE-ECDSA-AES128-CCM-8
-u
-v 3
-l ECDHE-ECDSA-AES128-CCM-8
-A ./certs/ca-ecc-cert.pem
# server DTLSv1.2 ECDHE-ECDSA-AES256-CCM-8
-u
-v 3
-l ECDHE-ECDSA-AES256-CCM-8
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDHE-ECDSA-AES256-CCM-8
-u
-v 3
-l ECDHE-ECDSA-AES256-CCM-8
-A ./certs/ca-ecc-cert.pem
# server DTLSv1.2 ECDHE-ECDSA-AES128-CCM8 (OpenSSL-compat alias)
-u
-v 3
-l ECDHE-ECDSA-AES128-CCM8
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDHE-ECDSA-AES128-CCM8 (OpenSSL-compat alias)
-u
-v 3
-l ECDHE-ECDSA-AES128-CCM8
-A ./certs/ca-ecc-cert.pem
# server DTLSv1.2 ECDHE-ECDSA-AES256-CCM8 (OpenSSL-compat alias)
-u
-v 3
-l ECDHE-ECDSA-AES256-CCM8
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDHE-ECDSA-AES256-CCM8 (OpenSSL-compat alias)
-u
-v 3
-l ECDHE-ECDSA-AES256-CCM8
-A ./certs/ca-ecc-cert.pem
# server DTLSv1.2 ADH-AES128-SHA
-u
-a
-v 3
-l ADH-AES128-SHA
# client DTLSv1.2 ADH-AES128-SHA
-u
-a
-v 3
-l ADH-AES128-SHA
# server DTLSv1.0 ADH-AES128-SHA
-u
-a
-v 2
-l ADH-AES128-SHA
# client DTLSv1.0 ADH-AES128-SHA
-u
-a
-v 2
-l ADH-AES128-SHA
# server with bidirectional shutdown
-l ECDHE-RSA-AES128-SHA256
-w
# client with bidirectional shutdown
-l ECDHE-RSA-AES128-SHA256
-w

80
android/extern/wolfssl/tests/test-dtls13-cid.conf vendored Normal file
View File

@@ -0,0 +1,80 @@
# server DTLSv1.3 empty CID
-v 4
-u
-l TLS_AES_128_GCM_SHA256
--cid
# client DTLSv1.3 empty CID
-v 4
-u
-l TLS_AES_128_GCM_SHA256
--cid
# server DTLSv1.3 A CID
-v 4
-u
-l TLS_AES_128_GCM_SHA256
--cid AA
# client DTLSv1.3 empty CID
-v 4
-u
-l TLS_AES_128_GCM_SHA256
--cid
# server DTLSv1.3 Empty CID
-v 4
-u
-l TLS_AES_128_GCM_SHA256
--cid
# client DTLSv1.3 B CID
-v 4
-u
-l TLS_AES_128_GCM_SHA256
--cid BB
# server DTLSv1.3 A CID
-v 4
-u
-l TLS_AES_128_GCM_SHA256
--cid AA
# client DTLSv1.3 B CID
-v 4
-u
-l TLS_AES_128_GCM_SHA256
--cid BB
# server DTLSv1.3 No CID support
-v 4
-u
-l TLS_AES_128_GCM_SHA256
# client DTLSv1.3 B CID
-v 4
-u
-l TLS_AES_128_GCM_SHA256
--cid B
# server DTLSv1.3 CID A
-v 4
-u
-l TLS_AES_128_GCM_SHA256
# client DTLSv1.3 No CID support
-v 4
-u
-l TLS_AES_128_GCM_SHA256
# server DTLSv1.3 CID 2 bytes
-v 4
-u
-l TLS_AES_128_GCM_SHA256
--cid AA
# client DTLSv1.3 CID 1 byte
-v 4
-u
-l TLS_AES_128_GCM_SHA256
--cid B

20
android/extern/wolfssl/tests/test-dtls13-downgrade-fails.conf vendored Normal file
View File

@@ -0,0 +1,20 @@
# server DTLSv1.3
-v4
-u
-l TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
# client DTLSv1.2
-v 3
-u
-l TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
# server DTLSv1.3
-vd
-7 3
-u
-l TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
# client DTLSv1.0
-v 2
-u
-l TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

43
android/extern/wolfssl/tests/test-dtls13-downgrade.conf vendored Normal file
View File

@@ -0,0 +1,43 @@
# server DTLS multiversion allow downgrade
-vd
-7 2
-u
-l TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
# client DTLSv1.2
-v 3
-u
-l TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
# server DTLS multiversion allow downgrade
-vd
-7 2
-u
-l TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
# client DTLSv1.0
-v 2
-u
-l TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
# server DTLSv1.0
-v 2
-u
-l TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
# client DTLS multiversion, allow downgrade
-vd
-7 2
-u
-l TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
# server DTLSv1.2
-v 3
-u
-l TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
# client DTLS multiversion, allow downgrade
-vd
-7 2
-u
-l TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

13
android/extern/wolfssl/tests/test-dtls13-pq-2.conf vendored Normal file
View File

@@ -0,0 +1,13 @@
# server DTLSv1.3 with post-quantum group
-u
-v 4
-l TLS13-AES256-GCM-SHA384
--pqc P256_KYBER_LEVEL1
# client DTLSv1.3 with post-quantum group
-u
-v 4
-l TLS13-AES256-GCM-SHA384
--pqc P256_KYBER_LEVEL1
# P384_KYBER_LEVEL3 and P521_KYBER_LEVEL5 would fragment the ClientHello.

13
android/extern/wolfssl/tests/test-dtls13-pq.conf vendored Normal file
View File

@@ -0,0 +1,13 @@
# server DTLSv1.3 with post-quantum group
-u
-v 4
-l TLS13-AES256-GCM-SHA384
--pqc KYBER_LEVEL1
# client DTLSv1.3 with post-quantum group
-u
-v 4
-l TLS13-AES256-GCM-SHA384
--pqc KYBER_LEVEL1
# KYBER_LEVEL3 and KYBER_LEVEL5 would fragment the ClientHello.

70
android/extern/wolfssl/tests/test-dtls13-psk.conf vendored Normal file
View File

@@ -0,0 +1,70 @@
# server TLSv1.3 PSK
# Use AES128-GCM and SHA256
-v 4
-u
-s
-l TLS13-AES128-GCM-SHA256
-d
# client TLSv1.3 PSK
# Use AES128-GCM and SHA256
-v 4
-u
-s
-l TLS13-AES128-GCM-SHA256
# server TLSv1.3 PSK plus
-v 4
-u
-j
-l TLS13-AES128-GCM-SHA256
-d
# client TLSv1.3 PSK
-v 4
-u
-s
-l TLS13-AES128-GCM-SHA256
# server TLSv1.3 PSK
-v 4
-u
-j
-l TLS13-AES128-GCM-SHA256
-d
# client TLSv1.3 not-PSK
-v 4
-u
-l TLS13-AES128-GCM-SHA256
# server TLSv1.3 PSK
# AES256-GCM and SHA384
-v 4
-u
-s
-l TLS13-AES256-GCM-SHA384
-d
# client TLSv1.3 PSK
# AES256-GCM and SHA384
-v 4
-u
-s
-l TLS13-AES256-GCM-SHA384
# server TLSv1.3 PSK and resumption
# AES256-GCM and SHA384
-v 4
-u
-s
-l TLS13-AES256-GCM-SHA384
-r
# client TLSv1.3 PSK
# AES256-GCM and SHA384
-v 4
-u
-s
-l TLS13-AES256-GCM-SHA384
-r

272
android/extern/wolfssl/tests/test-dtls13.conf vendored Normal file
View File

@@ -0,0 +1,272 @@
# server DTLSv1.3 defaults
-u
-v 4
-l TLS_AES_128_GCM_SHA256
# client DTLSv1.3 defaults
-u
-v 4
-l TLS_AES_128_GCM_SHA256
# server DTLSv1.3 defaults async I/O
-u
-v 4
-l TLS_AES_128_GCM_SHA256
-6
# client DTLSv1.3 defaults async I/O
-u
-v 4
-l TLS_AES_128_GCM_SHA256
-6
# server DTLSv1.3 TLS13-CHACHA20-POLY1305-SHA256
-u
-v 4
-l TLS13-CHACHA20-POLY1305-SHA256
# client DTLSv1.3 TLS13-CHACHA20-POLY1305-SHA256
-u
-v 4
-l TLS13-CHACHA20-POLY1305-SHA256
# server DTLSv1.3 TLS13-AES128-CCM-SHA256
-v 4
-u
-l TLS13-AES128-CCM-SHA256
# client DTLSv1.3 TLS13-AES128-CCM-SHA256
-u
-v 4
-u
-l TLS13-AES128-CCM-SHA256
# server DTLSv1.3 resumption
-v 4
-u
-l TLS13-AES128-GCM-SHA256
-r
# client DTLSv1.3 resumption
-v 4
-u
-l TLS13-AES128-GCM-SHA256
-r
# server DTLSv1.3 resumption - SHA384
-v 4
-u
-l TLS13-AES256-GCM-SHA384
-r
# client DTLSv1.3 resumption - SHA384
-v 4
-u
-l TLS13-AES256-GCM-SHA384
-r
# server DTLSv1.3 PSK without (EC)DHE
-v 4
-u
-l TLS13-AES128-GCM-SHA256
-r
# client DTLSv1.3 PSK without (EC)DHE
-v 4
-u
-l TLS13-AES128-GCM-SHA256
-r
-K
# server DTLSv1.3 accepting EarlyData
-u
-v 4
-l TLS13-AES128-GCM-SHA256
-r
-0
# client DTLSv1.3 sending EarlyData
-u
-v 4
-l TLS13-AES128-GCM-SHA256
-r
-0
# client DTLSv1.3 sending EarlyData
-u
-v 4
-l TLS13-AES128-GCM-SHA256
-r
-0
# server DTLSv1.3 not accepting EarlyData
-u
-v 4
-l TLS13-AES128-GCM-SHA256
-r
# server DTLSv1.3 accepting EarlyData
-u
-v 4
-l TLS13-AES128-GCM-SHA256
-r
-0
# client DTLSv1.3 not sending EarlyData
-u
-v 4
-l TLS13-AES128-GCM-SHA256
-r
# server DTLSv1.3
-u
-v 4
-l TLS13-AES128-GCM-SHA256
# client DTLSv1.3 HelloRetryRequest to negotiate Key Exchange algorithm
-u
-v 4
-l TLS13-AES128-GCM-SHA256
-J
# server DTLSv1.3 HelloRetryRequest with cookie
-v 4
-u
-l TLS13-AES128-GCM-SHA256
-J
# client DTLSv1.3
-v 4
-u
-l TLS13-AES128-GCM-SHA256
# server DTLSv1.3
-v 4
-u
-l TLS13-AES128-GCM-SHA256
# client DTLSv1.3 DH key exchange
-v 4
-u
-l TLS13-AES128-GCM-SHA256
-y
# server DTLSv1.3
-v 4
-l TLS13-AES128-GCM-SHA256
# client DTLSv1.3 ECC key exchange
-v 4
-l TLS13-AES128-GCM-SHA256
-Y
# server DTLSv1.3 multiple cipher suites
-v 4
-l TLS13-AES128-GCM-SHA256:TLS13-AES256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES128-CCM-SHA256:TLS13-AES128-CCM-8-SHA256
# client DTLSv1.3
-v 4
-l TLS13-AES128-GCM-SHA256:TLS13-AES256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES128-CCM-SHA256:TLS13-AES128-CCM-8-SHA256
# server DTLSv1.3 KeyUpdate
-v 4
-u
-l TLS13-AES128-GCM-SHA256
-U
# client DTLSv1.3 KeyUpdate
-v 4
-u
-l TLS13-AES128-GCM-SHA256
-I
# server DTLSv1.3 KeyUpdate
-v 4
-u
-l TLS13-AES128-GCM-SHA256
-U
# client DTLSv1.3 KeyUpdate
-v 4
-u
-l TLS13-AES128-GCM-SHA256
-I
# server DTLSv1.3 No session ticket
-v 4
-l TLS13-AES128-GCM-SHA256
-u
-T
# client DTLSv1.3 No session ticket
-v 4
-u
-l TLS13-AES128-GCM-SHA256
# server DTLSv1.3 No session ticket
-v 4
-l TLS13-AES128-GCM-SHA256
-u
# client DTLSv1.3 wait ticket
-v 4
-u
-l TLS13-AES128-GCM-SHA256
--waitTicket
# server DTLSv1.3 Post-Handshake Authentication
-v 4
-u
-l TLS13-AES128-GCM-SHA256
-Q
# client DTLSv1.3 Post-Handshake Authentication
-v 4
-u
-l TLS13-AES128-GCM-SHA256
-Q
# server DTLSv1.3 group messages
-v 4
-u
-l TLS13-AES128-GCM-SHA256
-f
# client DTLSv1.3 group message
-v 4
-u
-l TLS13-AES128-GCM-SHA256
-f
# server DTLSv1.3 group messages
-v 4
-u
-l TLS13-AES128-GCM-SHA256
-f
# client DTLSv1.3
-v 4
-u
-l TLS13-AES128-GCM-SHA256
# server DTLSv1.3
-v 4
-u
-l TLS13-AES128-GCM-SHA256
# client DTLSv1.3 group message
-v 4
-u
-l TLS13-AES128-GCM-SHA256
-f
# server DTLSv1.3 no HelloRetryRequest cookie
-u
-v 4
-l TLS_AES_128_GCM_SHA256
-J n
# client DTLSv1.3 defaults
-u
-v 4
-l TLS_AES_128_GCM_SHA256

181
android/extern/wolfssl/tests/test-ecc-cust-curves.conf vendored Normal file
View File

@@ -0,0 +1,181 @@
# ----- secp256k1 ------
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/ecc/server-secp256k1-cert.pem
-k ./certs/ecc/secp256k1-key.pem
-d
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-A ./certs/ecc/server-secp256k1-cert.pem
-x
-C
# server TLSv1.2 ECDH-ECDSA-AES128-GCM-SHA256 (static)
-v 3
-l ECDH-ECDSA-AES128-GCM-SHA256
-c ./certs/ecc/server-secp256k1-cert.pem
-k ./certs/ecc/secp256k1-key.pem
-d
# client TLSv1.2 ECDH-ECDSA-AES128-GCM-SHA256 (static)
-v 3
-l ECDH-ECDSA-AES128-GCM-SHA256
-A ./certs/ecc/server-secp256k1-cert.pem
-x
-C
# server TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-c ./certs/ecc/server-secp256k1-cert.pem
-k ./certs/ecc/secp256k1-key.pem
-d
# client TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/ecc/server-secp256k1-cert.pem
-x
-C
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 (mutual auth)
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/ecc/server-secp256k1-cert.pem
-k ./certs/ecc/secp256k1-key.pem
-A ./certs/ecc/client-secp256k1-cert.pem
-V
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 (mutal auth)
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/ecc/client-secp256k1-cert.pem
-k ./certs/ecc/secp256k1-key.pem
-A ./certs/ecc/server-secp256k1-cert.pem
-C
# server TLSv1.2 ECDH-ECDSA-AES128-GCM-SHA256 (static - mutual auth)
-v 3
-l ECDH-ECDSA-AES128-GCM-SHA256
-c ./certs/ecc/server-secp256k1-cert.pem
-k ./certs/ecc/secp256k1-key.pem
-A ./certs/ecc/client-secp256k1-cert.pem
-V
# client TLSv1.2 ECDH-ECDSA-AES128-GCM-SHA256 (static - mutal auth)
-v 3
-l ECDH-ECDSA-AES128-GCM-SHA256
-c ./certs/ecc/client-secp256k1-cert.pem
-k ./certs/ecc/secp256k1-key.pem
-A ./certs/ecc/server-secp256k1-cert.pem
-C
# server TLSv1.3 TLS13-AES128-GCM-SHA256 (mutal auth)
-v 4
-l TLS13-AES128-GCM-SHA256
-c ./certs/ecc/server-secp256k1-cert.pem
-k ./certs/ecc/secp256k1-key.pem
-A ./certs/ecc/client-secp256k1-cert.pem
-V
# client TLSv1.3 TLS13-AES128-GCM-SHA256 (mutal auth)
-v 4
-l TLS13-AES128-GCM-SHA256
-c ./certs/ecc/client-secp256k1-cert.pem
-k ./certs/ecc/secp256k1-key.pem
-A ./certs/ecc/server-secp256k1-cert.pem
-C
# ----- bp256r1 ------
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/ecc/server-bp256r1-cert.pem
-k ./certs/ecc/bp256r1-key.pem
-d
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-A ./certs/ecc/server-bp256r1-cert.pem
-x
-C
# server TLSv1.2 ECDH-ECDSA-AES128-GCM-SHA256 (static)
-v 3
-l ECDH-ECDSA-AES128-GCM-SHA256
-c ./certs/ecc/server-bp256r1-cert.pem
-k ./certs/ecc/bp256r1-key.pem
-d
# client TLSv1.2 ECDH-ECDSA-AES128-GCM-SHA256 (static)
-v 3
-l ECDH-ECDSA-AES128-GCM-SHA256
-A ./certs/ecc/server-bp256r1-cert.pem
-x
-C
# server TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-c ./certs/ecc/server-bp256r1-cert.pem
-k ./certs/ecc/bp256r1-key.pem
-d
# client TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/ecc/server-bp256r1-cert.pem
-x
-C
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 (mutual auth)
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/ecc/server-bp256r1-cert.pem
-k ./certs/ecc/bp256r1-key.pem
-A ./certs/ecc/client-bp256r1-cert.pem
-V
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 (mutal auth)
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/ecc/client-bp256r1-cert.pem
-k ./certs/ecc/bp256r1-key.pem
-A ./certs/ecc/server-bp256r1-cert.pem
-C
# server TLSv1.2 ECDH-ECDSA-AES128-GCM-SHA256 (static - mutual auth)
-v 3
-l ECDH-ECDSA-AES128-GCM-SHA256
-c ./certs/ecc/server-bp256r1-cert.pem
-k ./certs/ecc/bp256r1-key.pem
-A ./certs/ecc/client-bp256r1-cert.pem
-V
# client TLSv1.2 ECDH-ECDSA-AES128-GCM-SHA256 (static - mutal auth)
-v 3
-l ECDH-ECDSA-AES128-GCM-SHA256
-c ./certs/ecc/client-bp256r1-cert.pem
-k ./certs/ecc/bp256r1-key.pem
-A ./certs/ecc/server-bp256r1-cert.pem
-C
# server TLSv1.3 TLS13-AES128-GCM-SHA256 (mutal auth)
-v 4
-l TLS13-AES128-GCM-SHA256
-c ./certs/ecc/server-bp256r1-cert.pem
-k ./certs/ecc/bp256r1-key.pem
-A ./certs/ecc/client-bp256r1-cert.pem
-V
# client TLSv1.3 TLS13-AES128-GCM-SHA256 (mutal auth)
-v 4
-l TLS13-AES128-GCM-SHA256
-c ./certs/ecc/client-bp256r1-cert.pem
-k ./certs/ecc/bp256r1-key.pem
-A ./certs/ecc/server-bp256r1-cert.pem
-C

74
android/extern/wolfssl/tests/test-ed25519.conf vendored Normal file
View File

@@ -0,0 +1,74 @@
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/ed25519/server-ed25519.pem
-k ./certs/ed25519/server-ed25519-priv.pem
-d
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-A ./certs/ed25519/root-ed25519.pem
-C
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/ed25519/server-ed25519.pem
-k ./certs/ed25519/server-ed25519-priv.pem
-d
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-A ./certs/ed25519/root-ed25519.pem
-C
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/ed25519/server-ed25519.pem
-k ./certs/ed25519/server-ed25519-priv.pem
-A ./certs/ed25519/client-ed25519.pem
-V
# Remove -V when CRL for ED25519 certificates available.
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/ed25519/client-ed25519.pem
-k ./certs/ed25519/client-ed25519-priv.pem
-A ./certs/ed25519/root-ed25519.pem
-C
# server TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-c ./certs/ed25519/server-ed25519.pem
-k ./certs/ed25519/server-ed25519-priv.pem
-d
# client TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/ed25519/root-ed25519.pem
-C
# Enable when CRL for ED25519 certificates available.
# server TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-c ./certs/ed25519/server-ed25519.pem
-k ./certs/ed25519/server-ed25519-priv.pem
-A ./certs/ed25519/client-ed25519.pem
-V
# Remove -V when CRL for ED25519 certificates available.
# client TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-c ./certs/ed25519/client-ed25519.pem
-k ./certs/ed25519/client-ed25519-priv.pem
-A ./certs/ed25519/root-ed25519.pem
-C

61
android/extern/wolfssl/tests/test-ed448.conf vendored Normal file
View File

@@ -0,0 +1,61 @@
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/ed448/server-ed448.pem
-k ./certs/ed448/server-ed448-priv.pem
-d
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-A ./certs/ed448/root-ed448.pem
-C
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/ed448/server-ed448.pem
-k ./certs/ed448/server-ed448-priv.pem
-A ./certs/ed448/client-ed448.pem
-V
# Remove -V when CRL for ED448 certificates available.
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/ed448/client-ed448.pem
-k ./certs/ed448/client-ed448-priv.pem
-A ./certs/ed448/root-ed448.pem
-C
# server TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-c ./certs/ed448/server-ed448.pem
-k ./certs/ed448/server-ed448-priv.pem
-d
# client TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/ed448/root-ed448.pem
-C
# Enable when CRL for ED448 certificates available.
# server TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-c ./certs/ed448/server-ed448.pem
-k ./certs/ed448/server-ed448-priv.pem
-A ./certs/ed448/client-ed448.pem
-V
# Remove -V when CRL for ED448 certificates available.
# client TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-c ./certs/ed448/client-ed448.pem
-k ./certs/ed448/client-ed448-priv.pem
-A ./certs/ed448/root-ed448.pem
-C

42
android/extern/wolfssl/tests/test-enckeys.conf vendored Normal file
View File

@@ -0,0 +1,42 @@
# server RSA encrypted key
-v 3
-k ./certs/server-keyEnc.pem
# client RSA encrypted key
-v 3
-k ./certs/client-keyEnc.pem
# server RSA encrypted key PKCS8
-v 3
-k ./certs/server-keyPkcs8Enc.pem
# client RSA encrypted key
-v 3
-k ./certs/client-keyEnc.pem
# server RSA encrypted key PKCS8 2
-v 3
-k ./certs/server-keyPkcs8Enc2.pem
# client RSA encrypted key
-v 3
-k ./certs/client-keyEnc.pem
# server RSA encrypted key PKCS8 12
-v 3
-k ./certs/server-keyPkcs8Enc12.pem
# client RSA encrypted key
-v 3
-k ./certs/client-keyEnc.pem
# server TLSv1.2 ECDHE-ECDSA-AES128-SHA256 PKCS8 encrypted key
-v 3
-l ECDHE-ECDSA-AES128-SHA256
-c ./certs/server-ecc.pem
-k ./certs/ecc-keyPkcs8Enc.pem
# client TLSv1.2 ECDHE-ECDSA-AES128-SHA256
-v 3
-l ECDHE-ECDSA-AES128-SHA256
-A ./certs/ca-ecc-cert.pem

197
android/extern/wolfssl/tests/test-fails.conf vendored Normal file
View File

@@ -0,0 +1,197 @@
# server bad certificate common name has null
# DG: Have not found a way to properly encode null in common name
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-k ./certs/server-key.pem
-c ./certs/test/server-badcnnull.pem
-d
# client bad certificate common name has null
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-h localhost
-A ./certs/test/server-badcnnull.pem
-m
-x
# server bad certificate alternate name has null
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-k ./certs/server-key.pem
-c ./certs/test/server-badaltnull.pem
-d
# client bad certificate alternate name has null
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-h localhost
-A ./certs/test/server-badaltnull.pem
-m
-x
# server nomatch common name
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-k ./certs/server-key.pem
-c ./certs/test/server-badcn.pem
-d
# client nomatch common name
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-h localhost
-A ./certs/test/server-badcn.pem
-m
-x
# server nomatch alternate name
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-k ./certs/server-key.pem
-c ./certs/test/server-badaltname.pem
-d
# client nomatch alternate name
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-h localhost
-A ./certs/test/server-badaltname.pem
-m
-x
# server RSA no signer error
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
# client RSA no signer error
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-A ./certs/client-cert.pem
# server ECC no signer error
#-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client ECC no signer error
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-A ./certs/client-ecc-cert.pem
# server RSA bad sig error
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-c ./certs/test/server-cert-rsa-badsig.pem
# client RSA bad sig error
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
# server ECC bad sig error
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/test/server-cert-ecc-badsig.pem
# client ECC bad sig error
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
# server missing CN from alternate names list
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-c ./certs/test/server-garbage.pem
# client missing CN from alternate names list
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-h localhost
-A ./certs/test/server-garbage.pem
-m
# Verify Callback Failure Tests
# no error going into callback, return error
# server
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-H verifyFail
# client verify should fail
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-H verifyFail
# server verify should fail
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-H verifyFail
# client
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-H verifyFail
# server
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-H verifyFail
# client verify should fail
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-H verifyFail
# server verify should fail
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-H verifyFail
# client
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-H verifyFail
# error going into callback, return error
# server
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-c ./certs/test/server-cert-rsa-badsig.pem
-k ./certs/server-key.pem
-H verifyFail
# client verify should fail
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-H verifyFail
# server
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/test/server-cert-ecc-badsig.pem
-k ./certs/ecc-key.pem
-H verifyFail
# client verify should fail
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-H verifyFail
# server send alert on no mutual authentication
-v 3
-F
-H verifyFail
# client send alert on no mutual authentication
-v 3
-x
-H verifyFail
# server TLSv1.3 fail on no client certificate
# server always sets WOLFSSL_VERIFY_FAIL_IF_NO_PEER_CERT unless using -d
-v 4
-l TLS13-AES128-GCM-SHA256
# client TLSv1.3 no client certificate
-v 4
-l TLS13-AES128-GCM-SHA256
-x

215
android/extern/wolfssl/tests/test-maxfrag-dtls.conf vendored Normal file
View File

@@ -0,0 +1,215 @@
# server DTLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
-u
-v 3
-l ECDHE-ECDSA-AES256-GCM-SHA384
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
-u
-v 3
-l ECDHE-ECDSA-AES256-GCM-SHA384
-A ./certs/ca-ecc-cert.pem
-F 1
# server DTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
-u
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
# client DTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
-u
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
-F 1
# server DTLSv1.2 DHE-RSA-AES256-GCM-SHA384
-u
-v 3
-l DHE-RSA-AES256-GCM-SHA384
# client DTLSv1.2 DHE-RSA-AES256-GCM-SHA384
-u
-v 3
-l DHE-RSA-AES256-GCM-SHA384
-F 1
# server DTLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
-u
-v 3
-l ECDHE-ECDSA-AES256-GCM-SHA384
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
-u
-v 3
-l ECDHE-ECDSA-AES256-GCM-SHA384
-A ./certs/ca-ecc-cert.pem
-F 2
# server DTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
-u
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
# client DTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
-u
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
-F 2
# server DTLSv1.2 DHE-RSA-AES256-GCM-SHA384
-u
-v 3
-l DHE-RSA-AES256-GCM-SHA384
# client DTLSv1.2 DHE-RSA-AES256-GCM-SHA384
-u
-v 3
-l DHE-RSA-AES256-GCM-SHA384
-F 2
# server DTLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
-u
-v 3
-l ECDHE-ECDSA-AES256-GCM-SHA384
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
-u
-v 3
-l ECDHE-ECDSA-AES256-GCM-SHA384
-A ./certs/ca-ecc-cert.pem
-F 3
# server DTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
-u
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
# client DTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
-u
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
-F 3
# server DTLSv1.2 DHE-RSA-AES256-GCM-SHA384
-u
-v 3
-l DHE-RSA-AES256-GCM-SHA384
# client DTLSv1.2 DHE-RSA-AES256-GCM-SHA384
-u
-v 3
-l DHE-RSA-AES256-GCM-SHA384
-F 3
# server DTLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
-u
-v 3
-l ECDHE-ECDSA-AES256-GCM-SHA384
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
-u
-v 3
-l ECDHE-ECDSA-AES256-GCM-SHA384
-A ./certs/ca-ecc-cert.pem
-F 4
# server DTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
-u
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
# client DTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
-u
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
-F 4
# server DTLSv1.2 DHE-RSA-AES256-GCM-SHA384
-u
-v 3
-l DHE-RSA-AES256-GCM-SHA384
# client DTLSv1.2 DHE-RSA-AES256-GCM-SHA384
-u
-v 3
-l DHE-RSA-AES256-GCM-SHA384
-F 4
# server DTLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
-u
-v 3
-l ECDHE-ECDSA-AES256-GCM-SHA384
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
-u
-v 3
-l ECDHE-ECDSA-AES256-GCM-SHA384
-A ./certs/ca-ecc-cert.pem
-F 5
# server DTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
-u
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
# client DTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
-u
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
-F 5
# server DTLSv1.2 DHE-RSA-AES256-GCM-SHA384
-u
-v 3
-l DHE-RSA-AES256-GCM-SHA384
# client DTLSv1.2 DHE-RSA-AES256-GCM-SHA384
-u
-v 3
-l DHE-RSA-AES256-GCM-SHA384
-F 5
# server DTLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
-u
-v 3
-l ECDHE-ECDSA-AES256-GCM-SHA384
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client DTLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
-u
-v 3
-l ECDHE-ECDSA-AES256-GCM-SHA384
-A ./certs/ca-ecc-cert.pem
-F 6
# server DTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
-u
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
# client DTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
-u
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
-F 6
# server DTLSv1.2 DHE-RSA-AES256-GCM-SHA384
-u
-v 3
-l DHE-RSA-AES256-GCM-SHA384
# client DTLSv1.2 DHE-RSA-AES256-GCM-SHA384
-u
-v 3
-l DHE-RSA-AES256-GCM-SHA384
-F 6

190
android/extern/wolfssl/tests/test-maxfrag.conf vendored Normal file
View File

@@ -0,0 +1,190 @@
# server TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
-v 3
-l ECDHE-ECDSA-AES256-GCM-SHA384
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
-v 3
-l ECDHE-ECDSA-AES256-GCM-SHA384
-A ./certs/ca-ecc-cert.pem
-F 1
# server TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
# client TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
-F 1
# server TLSv1.2 DHE-RSA-AES256-GCM-SHA384
-v 3
-l DHE-RSA-AES256-GCM-SHA384
# client TLSv1.2 DHE-RSA-AES256-GCM-SHA384
-v 3
-l DHE-RSA-AES256-GCM-SHA384
-F 1
# server TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
-v 3
-l ECDHE-ECDSA-AES256-GCM-SHA384
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
-v 3
-l ECDHE-ECDSA-AES256-GCM-SHA384
-A ./certs/ca-ecc-cert.pem
-F 2
# server TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
# client TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
-F 2
# server TLSv1.2 DHE-RSA-AES256-GCM-SHA384
-v 3
-l DHE-RSA-AES256-GCM-SHA384
# client TLSv1.2 DHE-RSA-AES256-GCM-SHA384
-v 3
-l DHE-RSA-AES256-GCM-SHA384
-F 2
# server TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
-v 3
-l ECDHE-ECDSA-AES256-GCM-SHA384
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
-v 3
-l ECDHE-ECDSA-AES256-GCM-SHA384
-A ./certs/ca-ecc-cert.pem
-F 3
# server TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
# client TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
-F 3
# server TLSv1.2 DHE-RSA-AES256-GCM-SHA384
-v 3
-l DHE-RSA-AES256-GCM-SHA384
# client TLSv1.2 DHE-RSA-AES256-GCM-SHA384
-v 3
-l DHE-RSA-AES256-GCM-SHA384
-F 3
# server TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
-v 3
-l ECDHE-ECDSA-AES256-GCM-SHA384
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
-v 3
-l ECDHE-ECDSA-AES256-GCM-SHA384
-A ./certs/ca-ecc-cert.pem
-F 4
# server TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
# client TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
-F 4
# server TLSv1.2 DHE-RSA-AES256-GCM-SHA384
-v 3
-l DHE-RSA-AES256-GCM-SHA384
# client TLSv1.2 DHE-RSA-AES256-GCM-SHA384
-v 3
-l DHE-RSA-AES256-GCM-SHA384
-F 4
# server TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
-v 3
-l ECDHE-ECDSA-AES256-GCM-SHA384
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
-v 3
-l ECDHE-ECDSA-AES256-GCM-SHA384
-A ./certs/ca-ecc-cert.pem
-F 5
# server TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
# client TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
-F 5
# server TLSv1.2 DHE-RSA-AES256-GCM-SHA384
-v 3
-l DHE-RSA-AES256-GCM-SHA384
# client TLSv1.2 DHE-RSA-AES256-GCM-SHA384
-v 3
-l DHE-RSA-AES256-GCM-SHA384
-F 5
# server TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
-v 3
-l ECDHE-ECDSA-AES256-GCM-SHA384
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
-v 3
-l ECDHE-ECDSA-AES256-GCM-SHA384
-A ./certs/ca-ecc-cert.pem
-F 6
# server TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
# client TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
-F 6
# server TLSv1.2 DHE-RSA-AES256-GCM-SHA384
-v 3
-l DHE-RSA-AES256-GCM-SHA384
# client TLSv1.2 DHE-RSA-AES256-GCM-SHA384
-v 3
-l DHE-RSA-AES256-GCM-SHA384
-F 6
# server TLSv1.2 DHE-RSA-AES256-GCM-SHA384
-v 3
-l DHE-RSA-AES256-GCM-SHA384
-6
# client TLSv1.2 DHE-RSA-AES256-GCM-SHA384
-v 3
-l DHE-RSA-AES256-GCM-SHA384
-F 1
-6

61
android/extern/wolfssl/tests/test-p521.conf vendored Normal file
View File

@@ -0,0 +1,61 @@
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/p521/server-p521.pem
-k ./certs/p521/server-p521-priv.pem
-d
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-A ./certs/p521/root-p521.pem
-C
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/p521/server-p521.pem
-k ./certs/p521/server-p521-priv.pem
-A ./certs/p521/client-p521.pem
-V
# Remove -V when CRL for P-521 certificates available.
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/p521/client-p521.pem
-k ./certs/p521/client-p521-priv.pem
-A ./certs/p521/root-p521.pem
-C
# server TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-c ./certs/p521/server-p521.pem
-k ./certs/p521/server-p521-priv.pem
-d
# client TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/p521/root-p521.pem
-C
# Enable when CRL for P-521 certificates available.
# server TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-c ./certs/p521/server-p521.pem
-k ./certs/p521/server-p521-priv.pem
-A ./certs/p521/client-p521.pem
-V
# Remove -V when CRL for P-521 certificates available.
# client TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-c ./certs/p521/client-p521.pem
-k ./certs/p521/client-p521-priv.pem
-A ./certs/p521/root-p521.pem
-C

87
android/extern/wolfssl/tests/test-psk-no-id-sha2.conf vendored Normal file
View File

@@ -0,0 +1,87 @@
# No Hint server TLSv1 ECDHE-PSK-AES128-SHA256
-s
-I
-v 1
-l ECDHE-PSK-AES128-SHA256
# No Hint client TLSv1 ECDHE-PSK-AES128-SHA256
-s
-v 1
-l ECDHE-PSK-AES128-SHA256
# No Hint server TLSv1.1 ECDHE-PSK-AES128-SHA256
-s
-I
-v 2
-l ECDHE-PSK-AES128-SHA256
# No Hint client TLSv1.1 ECDHE-PSK-AES128-SHA256
-s
-v 2
-l ECDHE-PSK-AES128-SHA256
# No Hint server TLSv1 ECDHE-PSK-NULL-SHA256
-s
-I
-v 1
-l ECDHE-PSK-NULL-SHA256
# No Hint client TLSv1 ECDHE-PSK-NULL-SHA256
-s
-v 1
-l ECDHE-PSK-NULL-SHA256
# No Hint server TLSv1.1 ECDHE-PSK-NULL-SHA256
-s
-I
-v 2
-l ECDHE-PSK-NULL-SHA256
# No Hint client TLSv1.1 ECDHE-PSK-NULL-SHA256
-s
-v 2
-l ECDHE-PSK-NULL-SHA256
# No Hint server TLSv1.0 PSK-AES128-SHA256
-s
-I
-v 1
-l PSK-AES128-CBC-SHA256
# No Hint client TLSv1.0 PSK-AES128-SHA256
-s
-v 1
-l PSK-AES128-CBC-SHA256
# No Hint server TLSv1.1 PSK-AES128-SHA256
-s
-I
-v 2
-l PSK-AES128-CBC-SHA256
# No Hint client TLSv1.1 PSK-AES128-SHA256
-s
-v 2
-l PSK-AES128-CBC-SHA256
No Hint server TLSv1.0 PSK-AES256-SHA384
-s
-I
-v 1
-l PSK-AES256-CBC-SHA384
# No Hint client TLSv1.0 PSK-AES256-SHA384
-s
-v 1
-l PSK-AES256-CBC-SHA384
# No Hint server TLSv1.1 PSK-AES256-SHA384
-s
-I
-v 2
-l PSK-AES256-CBC-SHA384
# No Hint client TLSv1.1 PSK-AES256-SHA384
-s
-v 2
-l PSK-AES256-CBC-SHA384

214
android/extern/wolfssl/tests/test-psk-no-id.conf vendored Normal file
View File

@@ -0,0 +1,214 @@
# No Hint server TLSv1.2 PSK-CHACHA20-POLY1305
-s
-I
-v 3
-l PSK-CHACHA20-POLY1305
# No Hint client TLSv1.2 PSK-CHACHA20-POLY1305
-s
-v 3
-l PSK-CHACHA20-POLY1305
# No Hint server TLSv1.2 DHE-PSK-CHACHA20-POLY1305
-s
-I
-v 3
-l DHE-PSK-CHACHA20-POLY1305
# No Hint client TLSv1.2 DHE-PSK-CHACHA20-POLY1305
-s
-v 3
-l DHE-PSK-CHACHA20-POLY1305
# No Hint server TLSv1.2 ECDHE-PSK-CHACHA20-POLY1305
-s
-I
-v 3
-l ECDHE-PSK-CHACHA20-POLY1305
# No Hint client TLSv1.2 ECDHE-PSK-CHACHA20-POLY1305
-s
-v 3
-l ECDHE-PSK-CHACHA20-POLY1305
# No Hint server TLSv1.2 ECDHE-PSK-AES128-SHA256
-s
-I
-v 3
-l ECDHE-PSK-AES128-SHA256
# No Hint client TLSv1.2 ECDHE-PSK-AES128-SHA256
-s
-v 3
-l ECDHE-PSK-AES128-SHA256
# No Hint server TLSv1.2 ECDHE-PSK-NULL-SHA256
-s
-I
-v 3
-l ECDHE-PSK-NULL-SHA256
# No Hint client TLSv1.2 ECDHE-PSK-NULL-SHA256
-s
-v 3
-l ECDHE-PSK-NULL-SHA256
# No Hint server TLSv1 PSK-AES128
-s
-I
-v 1
-l PSK-AES128-CBC-SHA
# No Hint client TLSv1 PSK-AES128
-s
-v 1
-l PSK-AES128-CBC-SHA
# No Hint server TLSv1 PSK-AES256
-s
-I
-v 1
-l PSK-AES256-CBC-SHA
# No Hint client TLSv1 PSK-AES256
-s
-v 1
-l PSK-AES256-CBC-SHA
# No Hint server TLSv1.1 PSK-AES128
-s
-I
-v 2
-l PSK-AES128-CBC-SHA
# No Hint client TLSv1.1 PSK-AES128
-s
-v 2
-l PSK-AES128-CBC-SHA
# No Hint server TLSv1.1 PSK-AES256
-s
-I
-v 2
-l PSK-AES256-CBC-SHA
# No Hint client TLSv1.1 PSK-AES256
-s
-v 2
-l PSK-AES256-CBC-SHA
# No Hint server TLSv1.2 PSK-AES128
-s
-I
-v 3
-l PSK-AES128-CBC-SHA
# No Hint client TLSv1.2 PSK-AES128
-s
-v 3
-l PSK-AES128-CBC-SHA
# No Hint server TLSv1.2 PSK-AES256
-s
-I
-v 3
-l PSK-AES256-CBC-SHA
# No Hint client TLSv1.2 PSK-AES256
-s
-v 3
-l PSK-AES256-CBC-SHA
# No Hint server TLSv1.2 PSK-AES128-SHA256
-s
-I
-v 3
-l PSK-AES128-CBC-SHA256
# No Hint client TLSv1.2 PSK-AES128-SHA256
-s
-v 3
-l PSK-AES128-CBC-SHA256
# No Hint server TLSv1.2 PSK-AES256-SHA384
-s
-I
-v 3
-l PSK-AES256-CBC-SHA384
# No Hint client TLSv1.2 PSK-AES256-SHA384
-s
-v 3
-l PSK-AES256-CBC-SHA384
# server TLSv1.2 PSK-AES128-GCM-SHA256
-s
-I
-v 3
-l PSK-AES128-GCM-SHA256
# client TLSv1.2 PSK-AES128-GCM-SHA256
-s
-v 3
-l PSK-AES128-GCM-SHA256
# server TLSv1.2 PSK-AES256-GCM-SHA384
-s
-I
-v 3
-l PSK-AES256-GCM-SHA384
# client TLSv1.2 PSK-AES256-GCM-SHA384
-s
-v 3
-l PSK-AES256-GCM-SHA384
# server TLSv1.3 AES128-GCM-SHA256
-s
-v 4
-l TLS13-AES128-GCM-SHA256
# client TLSv1.3 AES128-GCM-SHA256
-s
-v 4
-l TLS13-AES128-GCM-SHA256
# server TLSv1.3 accepting EarlyData using PSK
-v 4
-l TLS13-AES128-GCM-SHA256
-r
-s
-0
# client TLSv1.3 sending EarlyData using PSK
-v 4
-l TLS13-AES128-GCM-SHA256
-r
-s
-0
# server TLSv1.3 not accepting EarlyData using PSK
-v 4
-l TLS13-AES128-GCM-SHA256
-r
-s
# client TLSv1.3 sending EarlyData using PSK
-v 4
-l TLS13-AES128-GCM-SHA256
-r
-s
-0
# server TLSv1.3 accepting EarlyData using PSK
-v 4
-l TLS13-AES128-GCM-SHA256
-r
-s
-0
# client TLSv1.3 not sending EarlyData using PSK
-v 4
-l TLS13-AES128-GCM-SHA256
-r
-s

15
android/extern/wolfssl/tests/test-psk.conf vendored Normal file
View File

@@ -0,0 +1,15 @@
# server - PSK plus certificates
-j
-l PSK-CHACHA20-POLY1305
# client- standard PSK
-s
-l PSK-CHACHA20-POLY1305
# server
-j
-l ECDHE-PSK-AES128-GCM-SHA256
# client
-s
-l ECDHE-PSK-AES128-GCM-SHA256

90
android/extern/wolfssl/tests/test-rsapss.conf vendored Normal file
View File

@@ -0,0 +1,90 @@
# server TLSv1.2 - RSA PSS SHA256 MGF1 SHA256
-v 3
-l DHE-RSA-AES128-GCM-SHA256
-c ./certs/rsapss/server-rsapss.pem
-k ./certs/rsapss/server-rsapss-priv.pem
-d
# client TLSv1.2 - RSA PSS SHA256 MGF1 SHA256
-v 3
-l DHE-RSA-AES128-GCM-SHA256
-A ./certs/rsapss/root-rsapss.pem
-C
# server TLSv1.2 - RSA PSS SHA256 MGF1 SHA256
-v 3
-l DHE-RSA-AES128-GCM-SHA256
-c ./certs/rsapss/server-rsapss.pem
-k ./certs/rsapss/server-rsapss-priv.pem
-A ./certs/rsapss/client-rsapss.pem
-V
# client TLSv1.2 - RSA PSS SHA256 MGF1 SHA256
-v 3
-l DHE-RSA-AES128-GCM-SHA256
-c ./certs/rsapss/client-rsapss.pem
-k ./certs/rsapss/client-rsapss-priv.pem
-A ./certs/rsapss/root-rsapss.pem
-C
# server TLSv1.2 - RSA PSS SHA384 MGF1 SHA384
-v 3
-l DHE-RSA-AES256-GCM-SHA384
-c ./certs/rsapss/server-3072-rsapss.pem
-k ./certs/rsapss/server-3072-rsapss-priv.pem
-A ./certs/rsapss/client-3072-rsapss.pem
-V
# client TLSv1.2 - RSA PSS SHA384 MGF1 SHA384
-v 3
-l DHE-RSA-AES256-GCM-SHA384
-c ./certs/rsapss/client-3072-rsapss.pem
-k ./certs/rsapss/client-3072-rsapss-priv.pem
-A ./certs/rsapss/root-3072-rsapss.pem
-C
# server TLSv1.3 - RSA PSS SHA384 MGF1 SHA384
-v 4
-l TLS13-AES256-GCM-SHA384
-c ./certs/rsapss/server-rsapss.pem
-k ./certs/rsapss/server-rsapss-priv.pem
-d
# client TLSv1.3 - RSA PSS SHA384 MGF1 SHA384
-v 4
-l TLS13-AES256-GCM-SHA384
-A ./certs/rsapss/root-rsapss.pem
-C
# server TLSv1.3 - RSA PSS SHA384 MGF1 SHA384
-v 4
-l TLS13-AES256-GCM-SHA384
-c ./certs/rsapss/server-rsapss.pem
-k ./certs/rsapss/server-rsapss-priv.pem
-A ./certs/rsapss/client-rsapss.pem
-V
# client TLSv1.3 - RSA PSS SHA384 MGF1 SHA384
-v 4
-l TLS13-AES256-GCM-SHA384
-c ./certs/rsapss/client-rsapss.pem
-k ./certs/rsapss/client-rsapss-priv.pem
-A ./certs/rsapss/root-rsapss.pem
-C
# server TLSv1.2 - RSA PSS SHA256 MGF1 SHA256
-v 3
-l DHE-RSA-AES128-GCM-SHA256
-c ./certs/rsapss/server-mixed-rsapss-cert.pem
-k ./certs/server-key.pem
-A ./certs/rsapss/client-rsapss.pem
-V
# client TLSv1.2 - RSA PSS SHA256 MGF1 SHA256
-v 3
-l DHE-RSA-AES128-GCM-SHA256
-c ./certs/rsapss/client-rsapss.pem
-k ./certs/rsapss/client-rsapss-priv.pem
-A ./certs/ca-cert.pem
-C

67
android/extern/wolfssl/tests/test-sctp-sha2.conf vendored Normal file
View File

@@ -0,0 +1,67 @@
# server DTLSv1 AES128-SHA256
-G
-v 2
-l AES128-SHA256
# client DTLSv1 AES128-SHA256
-G
-v 2
-l AES128-SHA256
# server DTLSv1 AES256-SHA256
-G
-v 2
-l AES256-SHA256
# client DTLSv1 AES256-SHA256
-G
-v 2
-l AES256-SHA256
# server DTLSv1 ECDHE-PSK-AES128-SHA256
-s
-G
-v 1
-l ECDHE-PSK-AES128-SHA256
# client DTLSv1 ECDHE-PSK-AES128-SHA256
-s
-G
-v 1
-l ECDHE-PSK-AES128-SHA256
# server DTLSv1.1 ECDHE-PSK-AES128-SHA256
-s
-G
-v 2
-l ECDHE-PSK-AES128-SHA256
# client DTLSv1.1 ECDHE-PSK-AES128-SHA256
-s
-G
-v 2
-l ECDHE-PSK-AES128-SHA256
# server DTLSv1 ECDHE-PSK-NULL-SHA256
-s
-G
-v 1
-l ECDHE-PSK-NULL-SHA256
# client DTLSv1 ECDHE-PSK-NULL-SHA256
-s
-G
-v 1
-l ECDHE-PSK-NULL-SHA256
# server DTLSv1.1 ECDHE-PSK-NULL-SHA256
-s
-G
-v 2
-l ECDHE-PSK-NULL-SHA256
# client DTLSv1.1 ECDHE-PSK-NULL-SHA256
-s
-G
-v 2
-l ECDHE-PSK-NULL-SHA256

1025
android/extern/wolfssl/tests/test-sctp.conf vendored Normal file
View File

File diff suppressed because it is too large Load Diff

403
android/extern/wolfssl/tests/test-sha2.conf vendored Normal file
View File

@@ -0,0 +1,403 @@
# server TLSv1 AES128-SHA256
-v 1
-l AES128-SHA256
# client TLSv1 AES128-SHA256
-v 1
-l AES128-SHA256
# server TLSv1 AES256-SHA256
-v 1
-l AES256-SHA256
# client TLSv1 AES256-SHA256
-v 1
-l AES256-SHA256
# server TLSv1.1 AES128-SHA256
-v 2
-l AES128-SHA256
# client TLSv1.1 AES128-SHA256
-v 2
-l AES128-SHA256
# server TLSv1.1 AES256-SHA256
-v 2
-l AES256-SHA256
# client TLSv1.1 AES256-SHA256
-v 2
-l AES256-SHA256
# server TLSv1 DHE AES128-SHA256
-v 1
-l DHE-RSA-AES128-SHA256
# client TLSv1 DHE AES128-SHA256
-v 1
-l DHE-RSA-AES128-SHA256
# server TLSv1 DHE AES256-SHA256
-v 1
-l DHE-RSA-AES256-SHA256
# client TLSv1 DHE AES256-SHA256
-v 1
-l DHE-RSA-AES256-SHA256
# server TLSv1.1 DHE AES128-SHA256
-v 2
-l DHE-RSA-AES128-SHA256
# client TLSv1.1 DHE AES128-SHA256
-v 2
-l DHE-RSA-AES128-SHA256
# server TLSv1.1 DHE AES256-SHA256
-v 2
-l DHE-RSA-AES256-SHA256
# client TLSv1.1 DHE AES256-SHA256
-v 2
-l DHE-RSA-AES256-SHA256
# server TLSv1 ECDHE-PSK-NULL-SHA256
-s
-v 1
-l ECDHE-PSK-NULL-SHA256
# client TLSv1 ECDHE-PSK-NULL-SHA256
-s
-v 1
-l ECDHE-PSK-NULL-SHA256
# server TLSv1.1 ECDHE-PSK-NULL-SHA256
-s
-v 2
-l ECDHE-PSK-NULL-SHA256
# client TLSv1.1 ECDHE-PSK-NULL-SHA256
-s
-v 2
-l ECDHE-PSK-NULL-SHA256
# server TLSv1 ECDHE-PSK-AES128-SHA256
-s
-v 1
-l ECDHE-PSK-AES128-SHA256
# client TLSv1 ECDHE-PSK-AES128-SHA256
-s
-v 1
-l ECDHE-PSK-AES128-SHA256
# server TLSv1.1 ECDHE-PSK-AES128-SHA256
-s
-v 2
-l ECDHE-PSK-AES128-SHA256
# client TLSv1.1 ECDHE-PSK-AES128-SHA256
-s
-v 2
-l ECDHE-PSK-AES128-SHA256
# server TLSv1.0 PSK-AES128-SHA256
-s
-v 1
-l PSK-AES128-CBC-SHA256
# client TLSv1.0 PSK-AES128-SHA256
-s
-v 1
-l PSK-AES128-CBC-SHA256
# server TLSv1.1 PSK-AES128-SHA256
-s
-v 2
-l PSK-AES128-CBC-SHA256
# client TLSv1.1 PSK-AES128-SHA256
-s
-v 2
-l PSK-AES128-CBC-SHA256
# server TLSv1.0 PSK-AES256-SHA384
-s
-v 1
-l PSK-AES256-CBC-SHA384
# client TLSv1.0 PSK-AES256-SHA384
-s
-v 1
-l PSK-AES256-CBC-SHA384
# server TLSv1.1 PSK-AES256-SHA384
-s
-v 2
-l PSK-AES256-CBC-SHA384
# client TLSv1.1 PSK-AES256-SHA384
-s
-v 2
-l PSK-AES256-CBC-SHA384
# server TLSv1.0 RSA-NULL-SHA256
-v 1
-l NULL-SHA256
# client TLSv1.0 RSA-NULL-SHA256
-v 1
-l NULL-SHA256
# server TLSv1.1 RSA-NULL-SHA256
-v 2
-l NULL-SHA256
# client TLSv1.1 RSA-NULL-SHA256
-v 2
-l NULL-SHA256
# server TLSv1 CAMELLIA128-SHA256
-v 1
-l CAMELLIA128-SHA256
# client TLSv1 CAMELLIA128-SHA256
-v 1
-l CAMELLIA128-SHA256
# server TLSv1 CAMELLIA256-SHA256
-v 1
-l CAMELLIA256-SHA256
# client TLSv1 CAMELLIA256-SHA256
-v 1
-l CAMELLIA256-SHA256
# server TLSv1.1 CAMELLIA128-SHA256
-v 2
-l CAMELLIA128-SHA256
# client TLSv1.1 CAMELLIA128-SHA256
-v 2
-l CAMELLIA128-SHA256
# server TLSv1.1 CAMELLIA256-SHA256
-v 2
-l CAMELLIA256-SHA256
# client TLSv1.1 CAMELLIA256-SHA256
-v 2
-l CAMELLIA256-SHA256
# server TLSv1 DHE-RSA-CAMELLIA128-SHA256
-v 1
-l DHE-RSA-CAMELLIA128-SHA256
# client TLSv1 DHE-RSA-CAMELLIA128-SHA256
-v 1
-l DHE-RSA-CAMELLIA128-SHA256
# server TLSv1 DHE-RSA-CAMELLIA256-SHA256
-v 1
-l DHE-RSA-CAMELLIA256-SHA256
# client TLSv1 DHE-RSA-CAMELLIA256-SHA256
-v 1
-l DHE-RSA-CAMELLIA256-SHA256
# server TLSv1.1 DHE-RSA-CAMELLIA128-SHA256
-v 2
-l DHE-RSA-CAMELLIA128-SHA256
# client TLSv1.1 DHE-RSA-CAMELLIA128-SHA256
-v 2
-l DHE-RSA-CAMELLIA128-SHA256
# server TLSv1.1 DHE-RSA-CAMELLIA256-SHA256
-v 2
-l DHE-RSA-CAMELLIA256-SHA256
# client TLSv1.1 DHE-RSA-CAMELLIA256-SHA256
-v 2
-l DHE-RSA-CAMELLIA256-SHA256
# server TLSv1.0 DHE-PSK-AES128-CBC-SHA256
-s
-v 1
-l DHE-PSK-AES128-CBC-SHA256
# client TLSv1.0 DHE-PSK-AES128-CBC-SHA256
-s
-v 1
-l DHE-PSK-AES128-CBC-SHA256
# server TLSv1.1 DHE-PSK-AES128-CBC-SHA256
-s
-v 2
-l DHE-PSK-AES128-CBC-SHA256
# client TLSv1.1 DHE-PSK-AES128-CBC-SHA256
-s
-v 2
-l DHE-PSK-AES128-CBC-SHA256
# server TLSv1.0 DHE-PSK-AES256-CBC-SHA384
-s
-v 1
-l DHE-PSK-AES256-CBC-SHA384
# client TLSv1.0 DHE-PSK-AES256-CBC-SHA384
-s
-v 1
-l DHE-PSK-AES256-CBC-SHA384
# server TLSv1.1 DHE-PSK-AES256-CBC-SHA384
-s
-v 2
-l DHE-PSK-AES256-CBC-SHA384
# client TLSv1.1 DHE-PSK-AES256-CBC-SHA384
-s
-v 2
-l DHE-PSK-AES256-CBC-SHA384
# server TLSv1.0 DHE-PSK-NULL-SHA256
-s
-v 1
-l DHE-PSK-NULL-SHA256
# client TLSv1.0 DHE-PSK-NULL-SHA256
-s
-v 1
-l DHE-PSK-NULL-SHA256
# server TLSv1.1 DHE-PSK-NULL-SHA256
-s
-v 2
-l DHE-PSK-NULL-SHA256
# client TLSv1.1 DHE-PSK-NULL-SHA256
-s
-v 2
-l DHE-PSK-NULL-SHA256
# server TLSv1.0 DHE-PSK-AES256-CBC-SHA384
-s
-v 1
-l DHE-PSK-AES256-CBC-SHA384
# client TLSv1.0 DHE-PSK-AES256-CBC-SHA384
-s
-v 1
-l DHE-PSK-AES256-CBC-SHA384
# server TLSv1.1 DHE-PSK-AES256-CBC-SHA384
-s
-v 2
-l DHE-PSK-AES256-CBC-SHA384
# client TLSv1.1 DHE-PSK-AES256-CBC-SHA384
-s
-v 2
-l DHE-PSK-AES256-CBC-SHA384
# server TLSv1.0 DHE-PSK-NULL-SHA256
-s
-v 1
-l DHE-PSK-NULL-SHA256
# client TLSv1.0 DHE-PSK-NULL-SHA256
-s
-v 1
-l DHE-PSK-NULL-SHA256
# server TLSv1.1 DHE-PSK-NULL-SHA256
-s
-v 2
-l DHE-PSK-NULL-SHA256
# client TLSv1.1 DHE-PSK-NULL-SHA256
-s
-v 2
-l DHE-PSK-NULL-SHA256
# server TLSv1.0 DHE-PSK-NULL-SHA384
-s
-v 1
-l DHE-PSK-NULL-SHA384
# client TLSv1.0 DHE-PSK-NULL-SHA384
-s
-v 1
-l DHE-PSK-NULL-SHA384
# server TLSv1.1 DHE-PSK-NULL-SHA384
-s
-v 2
-l DHE-PSK-NULL-SHA384
# client TLSv1.1 DHE-PSK-NULL-SHA384
-s
-v 2
-l DHE-PSK-NULL-SHA384
# server TLSv1.0 DHE-PSK-AES256-CBC-SHA384
-s
-v 1
-l DHE-PSK-AES256-CBC-SHA384
# client TLSv1.0 DHE-PSK-AES256-CBC-SHA384
-s
-v 1
-l DHE-PSK-AES256-CBC-SHA384
# server TLSv1.1 DHE-PSK-AES256-CBC-SHA384
-s
-v 2
-l DHE-PSK-AES256-CBC-SHA384
# client TLSv1.1 DHE-PSK-AES256-CBC-SHA384
-s
-v 2
-l DHE-PSK-AES256-CBC-SHA384
# server TLSv1.0 DHE-PSK-NULL-SHA256
-s
-v 1
-l DHE-PSK-NULL-SHA256
# client TLSv1.0 DHE-PSK-NULL-SHA256
-s
-v 1
-l DHE-PSK-NULL-SHA256
# server TLSv1.1 DHE-PSK-NULL-SHA256
-s
-v 2
-l DHE-PSK-NULL-SHA256
# client TLSv1.1 DHE-PSK-NULL-SHA256
-s
-v 2
-l DHE-PSK-NULL-SHA256
# server TLSv1.0 DHE-PSK-NULL-SHA384
-s
-v 1
-l DHE-PSK-NULL-SHA384
# client TLSv1.0 DHE-PSK-NULL-SHA384
-s
-v 1
-l DHE-PSK-NULL-SHA384
# server TLSv1.1 DHE-PSK-NULL-SHA384
-s
-v 2
-l DHE-PSK-NULL-SHA384
# client TLSv1.1 DHE-PSK-NULL-SHA384
-s
-v 2
-l DHE-PSK-NULL-SHA384

230
android/extern/wolfssl/tests/test-sig.conf vendored Normal file
View File

@@ -0,0 +1,230 @@
# server TLSv1 ECDHE-ECDSA-DES3
-v 1
-l ECDHE-ECDSA-DES-CBC3-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client TLSv1 ECDHE-ECDSA-DES3
-v 1
-l ECDHE-ECDSA-DES-CBC3-SHA
-A ./certs/ca-cert.pem
# server TLSv1 ECDHE-ECDSA-AES128
-v 1
-l ECDHE-ECDSA-AES128-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1 ECDHE-ECDSA-AES128
-v 1
-l ECDHE-ECDSA-AES128-SHA
-A ./certs/ca-ecc-cert.pem
# server TLSv1 ECDHE-ECDSA-AES128
-v 1
-l ECDHE-ECDSA-AES128-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client TLSv1 ECDHE-ECDSA-AES128
-v 1
-l ECDHE-ECDSA-AES128-SHA
-A ./certs/ca-cert.pem
# server TLSv1 ECDHE-ECDSA-AES256
-v 1
-l ECDHE-ECDSA-AES256-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client TLSv1 ECDHE-ECDSA-AES256
-v 1
-l ECDHE-ECDSA-AES256-SHA
-A ./certs/ca-cert.pem
# server TLSv1.1 ECDHE-ECDSA-DES3
-v 2
-l ECDHE-ECDSA-DES-CBC3-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client TLSv1.1 ECDHE-ECDSA-DES3
-v 2
-l ECDHE-ECDSA-DES-CBC3-SHA
-A ./certs/ca-cert.pem
# server TLSv1.1 ECDHE-ECDSA-AES128
-v 2
-l ECDHE-ECDSA-AES128-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.1 ECDHE-ECDSA-AES128
-v 2
-l ECDHE-ECDSA-AES128-SHA
-A ./certs/ca-ecc-cert.pem
# server TLSv1.1 ECDHE-ECDSA-AES128
-v 2
-l ECDHE-ECDSA-AES128-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client TLSv1.1 ECDHE-ECDSA-AES128
-v 2
-l ECDHE-ECDSA-AES128-SHA
-A ./certs/ca-cert.pem
# server TLSv1.1 ECDHE-ECDSA-AES256
-v 2
-l ECDHE-ECDSA-AES256-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client TLSv1.1 ECDHE-ECDSA-AES256
-v 2
-l ECDHE-ECDSA-AES256-SHA
-A ./certs/ca-cert.pem
# server TLSv1.2 ECDHE-ECDSA-DES3
-v 3
-l ECDHE-ECDSA-DES-CBC3-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDHE-ECDSA-DES3
-v 3
-l ECDHE-ECDSA-DES-CBC3-SHA
-A ./certs/ca-cert.pem
# server TLSv1.2 ECDHE-ECDSA-AES128
-v 3
-l ECDHE-ECDSA-AES128-SHA
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDHE-ECDSA-AES128
-v 3
-l ECDHE-ECDSA-AES128-SHA
-A ./certs/ca-ecc-cert.pem
# server TLSv1.2 ECDHE-ECDSA-AES128-SHA256
-v 3
-l ECDHE-ECDSA-AES128-SHA256
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDHE-ECDSA-AES128-SHA256
-v 3
-l ECDHE-ECDSA-AES128-SHA256
-A ./certs/ca-cert.pem
# server TLSv1.2 ECDHE-ECDSA-AES256
-v 3
-l ECDHE-ECDSA-AES256-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDHE-ECDSA-AES256
-v 3
-l ECDHE-ECDSA-AES256-SHA
-A ./certs/ca-cert.pem
# server TLSv1.2 ECDHE-EDCSA-CHACHA20-POLY1305
-v 3
-l ECDHE-ECDSA-CHACHA20-POLY1305
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305
-v 3
-l ECDHE-ECDSA-CHACHA20-POLY1305
-A ./certs/ca-cert.pem
# server TLSv1.2 ECDH-ECDSA-AES128-SHA256
-v 3
-l ECDH-ECDSA-AES128-SHA256
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDH-ECDSA-AES128-SHA256
-v 3
-l ECDH-ECDSA-AES128-SHA256
-A ./certs/ca-cert.pem
# server TLSv1.2 ECDH-ECDSA-AES256
-v 3
-l ECDH-ECDSA-AES256-SHA
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDH-ECDSA-AES256
-v 3
-l ECDH-ECDSA-AES256-SHA
-A ./certs/ca-cert.pem
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-A ./certs/ca-cert.pem
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-privkey.pem
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-A ./certs/ca-cert.pem
# server TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
-v 3
-l ECDHE-ECDSA-AES256-GCM-SHA384
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
-v 3
-l ECDHE-ECDSA-AES256-GCM-SHA384
-A ./certs/ca-cert.pem
# server TLSv1.2 ECDHE-ECDSA-AES128-CCM
-v 3
-l ECDHE-ECDSA-AES128-CCM
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDHE-ECDSA-AES128-CCM
-v 3
-l ECDHE-ECDSA-AES128-CCM
-A ./certs/ca-cert.pem
# server TLSv1.2 ECDHE-ECDSA-AES128-CCM-8
-v 3
-l ECDHE-ECDSA-AES128-CCM-8
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDHE-ECDSA-AES128-CCM-8
-v 3
-l ECDHE-ECDSA-AES128-CCM-8
-A ./certs/ca-cert.pem
# server TLSv1.2 ECDHE-ECDSA-AES128-CCM8 (OpenSSL-compat alias)
-v 3
-l ECDHE-ECDSA-AES128-CCM8
-c ./certs/server-ecc-rsa.pem
-k ./certs/ecc-key.pem
# client TLSv1.2 ECDHE-ECDSA-AES128-CCM8 (OpenSSL-compat alias)
-v 3
-l ECDHE-ECDSA-AES128-CCM8
-A ./certs/ca-cert.pem

30
android/extern/wolfssl/tests/test-tls-downgrade.conf vendored Normal file
View File

@@ -0,0 +1,30 @@
# server TLSv1.3
-v 4
-l ECDHE-RSA-AES256-GCM-SHA384
-H exitWithRet
# client TLSv1.2, should fail
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
-H exitWithRet
# server TLSv1.2
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
-H exitWithRet
# client TLSv1.3, should fail
-v 4
-l ECDHE-RSA-AES256-GCM-SHA384
-H exitWithRet
# server TLSv1.2
-v d 3
-l ECDHE-RSA-AES256-GCM-SHA384
-H exitWithRet
# client TLSv1.3 with downgrade option, set downgrade to TLSv1.3, should fail
-7 4
-v d 4
-l ECDHE-RSA-AES256-GCM-SHA384
-H exitWithRet

110
android/extern/wolfssl/tests/test-tls13-down.conf vendored Normal file
View File

@@ -0,0 +1,110 @@
# THIS TEST IS BROKEN
# server TLSv1.3 downgrade
#-v d
#-l TLS13-CHACHA20-POLY1305-SHA256
# client TLSv1.2
#-v 3
# server TLSv1.2
-v 3
# client TLSv1.3 downgrade
-v d
# server TLSv1.3 downgrade
-v d
# client TLSv1.3 downgrade
-v d
# server TLSv1.3 downgrade but don't and resume
-v d
-r
# client TLSv1.3 downgrade but don't and resume
-v d
-r
# server TLSv1.3 downgrade and resume
-v d
-r
# client TLSv1.2 and resume
-v 3
-r
# server TLSv1.2 and resume
-v d
-r
# cient TLSv1.3 downgrade and resume
-v 3
-r
# server TLSv1.3
-v 4
-l TLS13-AES128-GCM-SHA256
-H exitWithRet
# client TLSv1.2, should fail
-v 3
-H exitWithRet
# server TLSv1.2
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
-H exitWithRet
# client TLSv1.3, should fail
-v 4
-H exitWithRet
# server TLSv1.2
-v 3
-l ECDHE-RSA-AES256-GCM-SHA384
-H exitWithRet
# client
# enable downgrade
# minimum downgradable TLSv 1.3
# expect to be failure
-7 4
-v d
-H exitWithRet
# server
# enable downgrade
# minimum downgradable TLSv 1.3
-7 4
-v d
-l TLS13-AES128-GCM-SHA256
# client
# enable downgrade
# minimum downgradable TLSv 1.3
-7 4
-v d
# server
# enable downgrade
# minimum downgradable TLSv 1.2
-7 3
-v d
-l ECDHE-RSA-AES256-GCM-SHA384
# client TLSv 1.2
-v 3
# server
# enable downgrade
# minimum downgradable TLSv 1.3
# expect to be failure
-7 4
-v d
-l TLS13-AES128-GCM-SHA256
-H exitWithRet
# client TLSv 1.2
-v 3
-H exitWithRet

104
android/extern/wolfssl/tests/test-tls13-ecc.conf vendored Normal file
View File

@@ -0,0 +1,104 @@
# server TLSv1.3 TLS13-CHACHA20-POLY1305-SHA256
-v 4
-l TLS13-CHACHA20-POLY1305-SHA256
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.3 TLS13-CHACHA20-POLY1305-SHA256
-v 4
-l TLS13-CHACHA20-POLY1305-SHA256
-A ./certs/ca-ecc-cert.pem
# server TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/ca-ecc-cert.pem
# server TLSv1.3 TLS13-AES256-GCM-SHA384
-v 4
-l TLS13-AES256-GCM-SHA384
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.3 TLS13-AES256-GCM-SHA384
-v 4
-l TLS13-AES256-GCM-SHA384
-A ./certs/ca-ecc-cert.pem
# server TLSv1.3 TLS13-AES128-CCM-SHA256
-v 4
-l TLS13-AES128-CCM-SHA256
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.3 TLS13-AES128-CCM-SHA256
-v 4
-l TLS13-AES128-CCM-SHA256
-A ./certs/ca-ecc-cert.pem
# server TLSv1.3 TLS13-AES128-CCM-8-SHA256
-v 4
-l TLS13-AES128-CCM-8-SHA256
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.3 TLS13-AES128-CCM-8-SHA256
-v 4
-l TLS13-AES128-CCM-8-SHA256
-A ./certs/ca-ecc-cert.pem
# server TLSv1.3 TLS13-AES128-CCM8-SHA256 (OpenSSL-compat alias)
-v 4
-l TLS13-AES128-CCM8-SHA256
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
# client TLSv1.3 TLS13-AES128-CCM8-SHA256 (OpenSSL-compat alias)
-v 4
-l TLS13-AES128-CCM8-SHA256
-A ./certs/ca-ecc-cert.pem
# server TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
-t
# client TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/ca-ecc-cert.pem
-t
# server TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
-8
# client TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/ca-ecc-cert.pem
-8
# server TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-c ./certs/server-ecc.pem
-k ./certs/ecc-key.pem
-Y
# client TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-A ./certs/ca-ecc-cert.pem
-y

29
android/extern/wolfssl/tests/test-tls13-pq-2.conf vendored Normal file
View File

@@ -0,0 +1,29 @@
# server TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--pqc P256_KYBER_LEVEL1
# client TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--pqc P256_KYBER_LEVEL1
# server TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--pqc P384_KYBER_LEVEL3
# client TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--pqc P384_KYBER_LEVEL3
# server TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--pqc P521_KYBER_LEVEL5
# client TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--pqc P521_KYBER_LEVEL5

30
android/extern/wolfssl/tests/test-tls13-pq.conf vendored Normal file
View File

@@ -0,0 +1,30 @@
# server TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--pqc KYBER_LEVEL1
# client TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--pqc KYBER_LEVEL1
# server TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--pqc KYBER_LEVEL3
# client TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--pqc KYBER_LEVEL3
# server TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--pqc KYBER_LEVEL5
# client TLSv1.3 with post-quantum group
-v 4
-l TLS13-AES256-GCM-SHA384
--pqc KYBER_LEVEL5

83
android/extern/wolfssl/tests/test-tls13-psk.conf vendored Normal file
View File

@@ -0,0 +1,83 @@
# server TLSv1.3 PSK
# Use AES128-GCM and SHA256
-v 4
-s
-l TLS13-AES128-GCM-SHA256
-d
# client TLSv1.3 PSK
# Use AES128-GCM and SHA256
-v 4
-s
-l TLS13-AES128-GCM-SHA256
# server TLSv1.3 PSK plus
-v 4
-j
-l TLS13-AES128-GCM-SHA256
-d
# client TLSv1.3 PSK
-v 4
-s
-l TLS13-AES128-GCM-SHA256
# server TLSv1.3 PSK
-v 4
-j
-l TLS13-AES128-GCM-SHA256
-d
# client TLSv1.3 not-PSK
-v 4
-l TLS13-AES128-GCM-SHA256
# server TLSv1.3 PSK
# AES256-GCM and SHA384
-v 4
-s
-l TLS13-AES256-GCM-SHA384
-d
# client TLSv1.3 PSK
# AES256-GCM and SHA384
-v 4
-s
-l TLS13-AES256-GCM-SHA384
# Disabling ChaCha20 results in failures.
# server TLSv1.3 PSK
# CHACHA20 only supported
#-v 4
#-s
#-l TLS13-CHACHA20-POLY1305-SHA256
# client TLSv1.3 PSK
# AESGCM-SHA256 is first but CHACHA20 is negotiated as it is also SHA-256
#-v 4
#-s
#-l TLS13-AES128-GCM-SHA256:TLS13-CHACHA20-POLY1305-SHA256
# server TLSv1.3 PSK
# AESGCM-SHA256 is first but CHACHA20 is negotiated as it is also SHA-256
#-v 4
#-s
#-l TLS13-AES128-GCM-SHA256:TLS13-CHACHA20-POLY1305-SHA256
# client TLSv1.3 PSK
# CHACHA20 only supported
#-v 4
#-s
#-l TLS13-CHACHA20-POLY1305-SHA256
# server TLSv1.3 PSK
# AESGCM-SHA256 is first but CHACHA20 is negotiated as it is also SHA-256
#-v 4
#-s
#-l TLS13-AES128-GCM-SHA256:TLS13-CHACHA20-POLY1305-SHA256
# client TLSv1.3 PSK
# CHACHA20 only supported
#-v 4
#-s
#-l TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES128-GCM-SHA256

231
android/extern/wolfssl/tests/test-tls13.conf vendored Normal file
View File

@@ -0,0 +1,231 @@
# server TLSv1.3 TLS13-CHACHA20-POLY1305-SHA256
-v 4
-l TLS13-CHACHA20-POLY1305-SHA256
# client TLSv1.3 TLS13-CHACHA20-POLY1305-SHA256
-v 4
-l TLS13-CHACHA20-POLY1305-SHA256
# server TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-6
# client TLSv1.3 TLS13-AES128-GCM-SHA256
-v 4
-l TLS13-AES128-GCM-SHA256
-6
# server TLSv1.3 TLS13-AES256-GCM-SHA384
-v 4
-l TLS13-AES256-GCM-SHA384
# client TLSv1.3 TLS13-AES256-GCM-SHA384
-v 4
-l TLS13-AES256-GCM-SHA384
# server TLSv1.3 TLS13-AES128-CCM-SHA256
-v 4
-l TLS13-AES128-CCM-SHA256
# client TLSv1.3 TLS13-AES128-CCM-SHA256
-v 4
-l TLS13-AES128-CCM-SHA256
# server TLSv1.3 TLS13-AES128-CCM-8-SHA256
-v 4
-l TLS13-AES128-CCM-8-SHA256
# client TLSv1.3 TLS13-AES128-CCM-8-SHA256
-v 4
-l TLS13-AES128-CCM-8-SHA256
# server TLSv1.3 TLS13-AES128-CCM8-SHA256 (OpenSSL-compat alias)
-v 4
-l TLS13-AES128-CCM8-SHA256
# client TLSv1.3 TLS13-AES128-CCM8-SHA256 (OpenSSL-compat alias)
-v 4
-l TLS13-AES128-CCM8-SHA256
# server TLSv1.3 resumption
-v 4
-l TLS13-AES128-GCM-SHA256
-r
# client TLSv1.3 resumption
-v 4
-l TLS13-AES128-GCM-SHA256
-r
# server TLSv1.3 resumption - SHA384
-v 4
-l TLS13-AES256-GCM-SHA384
-r
# client TLSv1.3 resumption - SHA384
-v 4
-l TLS13-AES256-GCM-SHA384
-r
# server TLSv1.3 PSK without (EC)DHE
-v 4
-l TLS13-AES128-GCM-SHA256
-r
# client TLSv1.3 PSK without (EC)DHE
-v 4
-l TLS13-AES128-GCM-SHA256
-r
-K
# server TLSv1.3 accepting EarlyData
-v 4
-l TLS13-AES128-GCM-SHA256
-r
-0
# client TLSv1.3 sending EarlyData
-v 4
-l TLS13-AES128-GCM-SHA256
-r
-0
# server TLSv1.3 not accepting EarlyData
-v 4
-l TLS13-AES128-GCM-SHA256
-r
# client TLSv1.3 sending EarlyData
-v 4
-l TLS13-AES128-GCM-SHA256
-r
-0
# server TLSv1.3 accepting EarlyData
-v 4
-l TLS13-AES128-GCM-SHA256
-r
-0
# client TLSv1.3 not sending EarlyData
-v 4
-l TLS13-AES128-GCM-SHA256
-r
# server TLSv1.3
-v 4
-l TLS13-AES128-GCM-SHA256
# client TLSv1.3 Fragments
-v 4
-l TLS13-AES128-GCM-SHA256
-F 1
# server TLSv1.3
-v 4
-l TLS13-AES128-GCM-SHA256
# client TLSv1.3 HelloRetryRequest to negotiate Key Exchange algorithm
-v 4
-l TLS13-AES128-GCM-SHA256
-J
# server TLSv1.3
-v 4
-l TLS13-AES128-GCM-SHA256
-J
# client TLSv1.3 HelloRetryRequest with cookie
-v 4
-l TLS13-AES128-GCM-SHA256
-J
# server TLSv1.3
-v 4
-l TLS13-AES128-GCM-SHA256
# client TLSv1.3 DH key exchange
-v 4
-l TLS13-AES128-GCM-SHA256
-y
# server TLSv1.3
-v 4
-l TLS13-AES128-GCM-SHA256
# client TLSv1.3 ECC key exchange
-v 4
-l TLS13-AES128-GCM-SHA256
-Y
# server TLSv1.3
-v 4
-l TLS13-AES128-GCM-SHA256
# client TLSv1.3 ECC key exchange
-v 4
-l TLS13-AES128-GCM-SHA256
-Y
# server TLSv1.3 multiple cipher suites
-v 4
-l TLS13-AES128-GCM-SHA256:TLS13-AES256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES128-CCM-SHA256:TLS13-AES128-CCM-8-SHA256
# client TLSv1.3
-v 4
-l TLS13-AES128-GCM-SHA256:TLS13-AES256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES128-CCM-SHA256:TLS13-AES128-CCM-8-SHA256
# server TLSv1.3 KeyUpdate
-v 4
-l TLS13-AES128-GCM-SHA256
-U
# client TLSv1.3 KeyUpdate
-v 4
-l TLS13-AES128-GCM-SHA256
-I
# server TLSv1.3 No session ticket
-v 4
-l TLS13-AES128-GCM-SHA256
-T
# client TLSv1.3 No session ticket
-v 4
-l TLS13-AES128-GCM-SHA256
# server TLSv1.3 Post-Handshake Authentication
-v 4
-l TLS13-AES128-GCM-SHA256
-Q
# client TLSv1.3 Post-Handshake Authentication
-v 4
-l TLS13-AES128-GCM-SHA256
-Q
# server TLSv1.3 Send Ticket explicitly
-v 4
-l TLS13-AES128-GCM-SHA256
--send-ticket
# client TLSv1.3 Send Ticket explicitly
-v 4
-l TLS13-AES128-GCM-SHA256
# server TLSv1.3 Integrity-only SHA256
-v 4
-l TLS13-SHA256-SHA256
# client TLSv1.3 Integrity-only SHA256
-v 4
-l TLS13-SHA256-SHA256
# server TLSv1.3 Integrity-only SHA384
-v 4
-l TLS13-SHA384-SHA384
# client TLSv1.3 Integrity-only SHA384
-v 4
-l TLS13-SHA384-SHA384

113
android/extern/wolfssl/tests/test-trustpeer.conf vendored Normal file
View File

@@ -0,0 +1,113 @@
# Both client and server use -E [path] for trusted peer
# server TLSv1.2 DHE-RSA-AES128-GCM-SHA256 RSA Trusted Peer
-V
-v 3
-l DHE-RSA-AES128-GCM-SHA256
-E ./certs/intermediate/client-int-cert.pem
-k ./certs/server-key.pem
-c ./certs/intermediate/server-int-cert.pem
# client TLSv1.2 DHE-RSA-AES128-GCM-SHA256 RSA Trusted Peer
-C
-v 3
-l DHE-RSA-AES128-GCM-SHA256
-E ./certs/intermediate/server-int-cert.pem
-k ./certs/client-key.pem
-c ./certs/intermediate/client-int-cert.pem
# server TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 RSA Trusted Peer
-V
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-E ./certs/intermediate/client-int-cert.pem
-k ./certs/server-key.pem
-c ./certs/intermediate/server-int-cert.pem
# client TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 RSA Trusted Peer
-C
-v 3
-l ECDHE-RSA-AES128-GCM-SHA256
-E ./certs/intermediate/server-int-cert.pem
-k ./certs/client-key.pem
-c ./certs/intermediate/client-int-cert.pem
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 ECC Trusted Peer
-V
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-E ./certs/intermediate/client-int-ecc-cert.pem
-k ./certs/ecc-key.pem
-c ./certs/intermediate/server-int-ecc-cert.pem
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 ECC Trusted Peer
-C
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-E ./certs/intermediate/server-int-ecc-cert.pem
-k ./certs/ecc-client-key.pem
-c ./certs/intermediate/client-int-ecc-cert.pem
# server TLSv1.3 TLS13-AES128-GCM-SHA256 RSA Trusted Peer
-V
-v 4
-l TLS13-AES128-GCM-SHA256
-E ./certs/intermediate/client-int-cert.pem
-k ./certs/server-key.pem
-c ./certs/intermediate/server-int-cert.pem
# client TLSv1.3 TLS13-AES128-GCM-SHA256 RSA Trusted Peer
-C
-v 4
-l TLS13-AES128-GCM-SHA256
-E ./certs/intermediate/server-int-cert.pem
-k ./certs/client-key.pem
-c ./certs/intermediate/client-int-cert.pem
# server TLSv1.3 TLS13-AES128-GCM-SHA256 ECC Trusted Peer
-V
-v 4
-l TLS13-AES128-GCM-SHA256
-E ./certs/intermediate/client-int-ecc-cert.pem
-k ./certs/ecc-key.pem
-c ./certs/intermediate/server-int-ecc-cert.pem
# client TLSv1.3 TLS13-AES128-GCM-SHA256 ECC Trusted Peer
-C
-v 4
-l TLS13-AES128-GCM-SHA256
-E ./certs/intermediate/server-int-ecc-cert.pem
-k ./certs/ecc-client-key.pem
-c ./certs/intermediate/client-int-ecc-cert.pem
# Test for ECC self signed certificate as trusted peer
# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 ECC Trusted Peer (self signed)
-V
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-E ./certs/client-ecc-cert.pem
-k ./certs/ecc-key.pem
-c ./certs/server-ecc-self.pem
# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 ECC Trusted Peer (self signed)
-C
-v 3
-l ECDHE-ECDSA-AES128-GCM-SHA256
-E ./certs/server-ecc-self.pem
-k ./certs/ecc-client-key.pem
-c ./certs/client-ecc-cert.pem
# server TLSv1.3 TLS13-AES128-GCM-SHA256 ECC Trusted Peer (self signed)
-V
-v 4
-l TLS13-AES128-GCM-SHA256
-E ./certs/client-ecc-cert.pem
-k ./certs/ecc-key.pem
-c ./certs/server-ecc-self.pem
# client TLSv1.3 TLS13-AES128-GCM-SHA256 ECC Trusted Peer (self signed)
-C
-v 4
-l TLS13-AES128-GCM-SHA256
-E ./certs/server-ecc-self.pem
-k ./certs/ecc-client-key.pem
-c ./certs/client-ecc-cert.pem

2082
android/extern/wolfssl/tests/test.conf vendored Normal file
View File

File diff suppressed because it is too large Load Diff

334
android/extern/wolfssl/tests/unit.c vendored Normal file
View File

@@ -0,0 +1,334 @@
/* unit.c API unit tests driver
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* Name change compatibility layer no longer need to be included here */
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <wolfssl/wolfcrypt/settings.h>
#include <stdio.h>
#include <tests/unit.h>
#include <wolfssl/wolfcrypt/fips_test.h>
int allTesting = 1;
int myoptind = 0;
char* myoptarg = NULL;
int unit_test(int argc, char** argv);
#ifndef NO_TESTSUITE_MAIN_DRIVER
int main(int argc, char** argv)
{
return unit_test(argc, argv);
}
#endif
/* Print usage options for unit test.
*/
static void UnitTest_Usage(void)
{
printf("Usage: ./tests/unit.test <options>\n");
printf(" -?, --help Display this usage information.\n");
printf(" --list List the API tests.\n");
printf(" --api Only perform API tests.\n");
printf(" -<number> Run the API test identified by number.\n");
printf(" Can be specified multiple times.\n");
printf(" -<string> Run the API test identified by name.\n");
printf(" Can be specified multiple times.\n");
printf(" <filename> Name of cipher suite testing file.\n");
}
int unit_test(int argc, char** argv)
{
int ret = 0;
(void)argc;
(void)argv;
#ifdef WOLFSSL_FORCE_MALLOC_FAIL_TEST
if (argc > 1) {
int memFailCount = atoi(argv[1]);
fprintf(stderr, "\n--- SET RNG MALLOC FAIL AT %d---\n", memFailCount);
wolfSSL_SetMemFailCount(memFailCount);
}
#endif
printf("starting unit tests...\n");
fflush(stdout);
#if defined(DEBUG_WOLFSSL) && !defined(HAVE_VALGRIND)
wolfSSL_Debugging_ON();
#endif
#ifdef WC_RNG_SEED_CB
wc_SetSeed_Cb(wc_GenerateSeed);
#endif
#ifdef HAVE_WNR
if (wc_InitNetRandom(wnrConfig, NULL, 5000) != 0)
err_sys("Whitewood netRandom global config failed");
#endif /* HAVE_WNR */
#ifndef WOLFSSL_TIRTOS
ChangeToWolfRoot();
#endif
#if defined(HAVE_FIPS) && defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION == 5)
#if !defined(NO_AES) && !defined(NO_AES_CBC)
if (wc_RunCast_fips(FIPS_CAST_AES_CBC) != 0) {
err_sys("AES-CBC CAST failed");
}
#endif
#ifdef HAVE_AESGCM
if (wc_RunCast_fips(FIPS_CAST_AES_GCM) != 0) {
err_sys("AES-GCM CAST failed");
}
#endif
#ifndef NO_SHA
if (wc_RunCast_fips(FIPS_CAST_HMAC_SHA1) != 0) {
err_sys("HMAC-SHA1 CAST failed");
}
#endif
/* the only non-optional CAST */
if (wc_RunCast_fips(FIPS_CAST_HMAC_SHA2_256) != 0) {
err_sys("HMAC-SHA2-256 CAST failed");
}
#ifdef WOLFSSL_SHA512
if (wc_RunCast_fips(FIPS_CAST_HMAC_SHA2_512) != 0) {
err_sys("HMAC-SHA2-512 CAST failed");
}
#endif
#ifdef WOLFSSL_SHA3
if (wc_RunCast_fips(FIPS_CAST_HMAC_SHA3_256) != 0) {
err_sys("HMAC-SHA3-256 CAST failed");
}
#endif
#ifdef HAVE_HASHDRBG
if (wc_RunCast_fips(FIPS_CAST_DRBG) != 0) {
err_sys("Hash_DRBG CAST failed");
}
#endif
#ifndef NO_RSA
if (wc_RunCast_fips(FIPS_CAST_RSA_SIGN_PKCS1v15) != 0) {
err_sys("RSA sign CAST failed");
}
#endif
#if defined(HAVE_ECC_CDH) && defined(HAVE_ECC_CDH_CAST)
if (wc_RunCast_fips(FIPS_CAST_ECC_CDH) != 0) {
err_sys("RSA sign CAST failed");
}
#endif
#ifdef HAVE_ECC_DHE
if (wc_RunCast_fips(FIPS_CAST_ECC_PRIMITIVE_Z) != 0) {
err_sys("ECC Primitive Z CAST failed");
}
#endif
#ifdef HAVE_ECC
if (wc_RunCast_fips(FIPS_CAST_ECDSA) != 0) {
err_sys("ECDSA CAST failed");
}
#endif
#ifndef NO_DH
if (wc_RunCast_fips(FIPS_CAST_DH_PRIMITIVE_Z) != 0) {
err_sys("DH Primitive Z CAST failed");
}
#endif
#ifdef WOLFSSL_HAVE_PRF
if (wc_RunCast_fips(FIPS_CAST_KDF_TLS12) != 0) {
err_sys("KDF TLSv1.2 CAST failed");
}
#endif
#if defined(WOLFSSL_HAVE_PRF) && defined(WOLFSSL_TLS13)
if (wc_RunCast_fips(FIPS_CAST_KDF_TLS13) != 0) {
err_sys("KDF TLSv1.3 CAST failed");
}
#endif
#ifdef WOLFSSL_WOLFSSH
if (wc_RunCast_fips(FIPS_CAST_KDF_SSH) != 0) {
err_sys("KDF SSHv2.0 CAST failed");
}
#endif
#endif /* HAVE_FIPS && HAVE_FIPS_VERSION == 5 */
while (argc > 1) {
if (argv[1][0] != '-') {
break;
}
if (XSTRCMP(argv[1], "-?") == 0 || XSTRCMP(argv[1], "--help") == 0) {
UnitTest_Usage();
goto exit;
}
else if (XSTRCMP(argv[1], "--list") == 0) {
ApiTest_PrintTestCases();
goto exit;
}
else if (XSTRCMP(argv[1], "--api") == 0) {
}
else if (argv[1][1] >= '0' && argv[1][1] <= '9') {
ret = ApiTest_RunIdx(atoi(argv[1] + 1));
if (ret != 0) {
goto exit;
}
}
else {
ret = ApiTest_RunName(argv[1] + 1);
if (ret != 0) {
goto exit;
}
}
allTesting = 0;
argc--;
argv++;
}
#ifdef WOLFSSL_ALLOW_SKIP_UNIT_TESTS
if (argc == 1)
#endif
{
ApiTest();
if (!allTesting) {
goto exit;
}
if ((ret = HashTest()) != 0) {
fprintf(stderr, "hash test failed with %d\n", ret);
goto exit;
}
#ifdef WOLFSSL_W64_WRAPPER
if ((ret = w64wrapper_test()) != 0) {
fprintf(stderr, "w64wrapper test failed with %d\n", ret);
goto exit;
}
#endif /* WOLFSSL_W64_WRAPPER */
#ifdef WOLFSSL_QUIC
if ((ret = QuicTest()) != 0) {
printf("quic test failed with %d\n", ret);
goto exit;
}
#endif
SrpTest();
}
#ifndef NO_WOLFSSL_CIPHER_SUITE_TEST
#if !defined(NO_WOLFSSL_CLIENT) && !defined(NO_WOLFSSL_SERVER)
#ifndef SINGLE_THREADED
if ((ret = SuiteTest(argc, argv)) != 0) {
fprintf(stderr, "suite test failed with %d\n", ret);
goto exit;
}
#endif
#endif
#endif /* NO_WOLFSSL_CIPHER_SUITE_TEST */
exit:
#ifdef HAVE_WNR
if (wc_FreeNetRandom() < 0)
err_sys("Failed to free netRandom context");
#endif /* HAVE_WNR */
if (ret == 0) {
puts("\nunit_test: Success for all configured tests.");
fflush(stdout);
}
return ret;
}
void wait_tcp_ready(func_args* args)
{
#ifdef SINGLE_THREADED
(void)args;
#elif defined(_POSIX_THREADS) && !defined(__MINGW32__)
PTHREAD_CHECK_RET(pthread_mutex_lock(&args->signal->mutex));
if (!args->signal->ready)
PTHREAD_CHECK_RET(pthread_cond_wait(&args->signal->cond,
&args->signal->mutex));
args->signal->ready = 0; /* reset */
PTHREAD_CHECK_RET(pthread_mutex_unlock(&args->signal->mutex));
#else
(void)args;
#endif
}
void start_thread(THREAD_FUNC fun, func_args* args, THREAD_TYPE* thread)
{
#ifdef SINGLE_THREADED
(void)fun;
(void)args;
(void)thread;
#elif defined(_POSIX_THREADS) && !defined(__MINGW32__)
PTHREAD_CHECK_RET(pthread_create(thread, 0, fun, args));
return;
#elif defined (WOLFSSL_TIRTOS)
/* Initialize the defaults and set the parameters. */
Task_Params taskParams;
Task_Params_init(&taskParams);
taskParams.arg0 = (UArg)args;
taskParams.stackSize = 65535;
*thread = Task_create((Task_FuncPtr)fun, &taskParams, NULL);
if (*thread == NULL) {
fprintf(stderr, "Failed to create new Task\n");
}
Task_yield();
#else
*thread = (THREAD_TYPE)_beginthreadex(0, 0, fun, args, 0, 0);
#endif
}
void join_thread(THREAD_TYPE thread)
{
#ifdef SINGLE_THREADED
(void)thread;
#elif defined(_POSIX_THREADS) && !defined(__MINGW32__)
PTHREAD_CHECK_RET(pthread_join(thread, 0));
#elif defined (WOLFSSL_TIRTOS)
while(1) {
if (Task_getMode(thread) == Task_Mode_TERMINATED) {
Task_sleep(5);
break;
}
Task_yield();
}
#else
int res = WaitForSingleObject((HANDLE)thread, INFINITE);
assert(res == WAIT_OBJECT_0);
res = CloseHandle((HANDLE)thread);
assert(res);
(void)res; /* Suppress un-used variable warning */
#endif
}

125
android/extern/wolfssl/tests/unit.h vendored Normal file
View File

@@ -0,0 +1,125 @@
/* unit.c API unit tests driver
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef CyaSSL_UNIT_H
#define CyaSSL_UNIT_H
#include <wolfssl/ssl.h>
#include <wolfssl/test.h> /* thread and tcp stuff */
#ifdef WOLFSSL_FORCE_MALLOC_FAIL_TEST
#define XABORT()
#else
#define XABORT() abort()
#endif
#ifndef WOLFSSL_PASSTHRU_ERR
#define Fail(description, result) do { \
printf("\nERROR - %s line %d failed with:", __FILE__, __LINE__); \
fputs("\n expected: ", stdout); printf description; \
fputs("\n result: ", stdout); printf result; fputs("\n\n", stdout); \
fflush(stdout); \
XABORT(); \
} while(0)
#else
#define Fail(description, result) do { \
printf("\nERROR - %s line %d failed with:", __FILE__, __LINE__); \
fputs("\n expected: ", stdout); printf description; \
fputs("\n result: ", stdout); printf result; fputs("\n\n", stdout); \
fflush(stdout); \
} while (0)
#endif
#define Assert(test, description, result) if (!(test)) Fail(description, result)
#define AssertTrue(x) Assert( (x), ("%s is true", #x), (#x " => FALSE"))
#define AssertFalse(x) Assert(!(x), ("%s is false", #x), (#x " => TRUE"))
#define AssertNotNull(x) Assert( (x), ("%s is not null", #x), (#x " => NULL"))
#define AssertNull(x) do { \
PEDANTIC_EXTENSION void* _x = (void*)(x); \
Assert(!_x, ("%s is null", #x), (#x " => %p", _x)); \
} while(0)
#define AssertInt(x, y, op, er) do { \
int _x = (int)(x); \
int _y = (int)(y); \
Assert(_x op _y, ("%s " #op " %s", #x, #y), ("%d " #er " %d", _x, _y)); \
} while(0)
#define AssertIntEQ(x, y) AssertInt(x, y, ==, !=)
#define AssertIntNE(x, y) AssertInt(x, y, !=, ==)
#define AssertIntGT(x, y) AssertInt(x, y, >, <=)
#define AssertIntLT(x, y) AssertInt(x, y, <, >=)
#define AssertIntGE(x, y) AssertInt(x, y, >=, <)
#define AssertIntLE(x, y) AssertInt(x, y, <=, >)
#define AssertStr(x, y, op, er) do { \
const char* _x = (const char*)(x); \
const char* _y = (const char*)(y); \
int _z = (_x && _y) ? strcmp(_x, _y) : -1; \
Assert(_z op 0, ("%s " #op " %s", #x, #y), \
("\"%s\" " #er " \"%s\"", _x, _y));\
} while(0)
#define AssertStrEQ(x, y) AssertStr(x, y, ==, !=)
#define AssertStrNE(x, y) AssertStr(x, y, !=, ==)
#define AssertStrGT(x, y) AssertStr(x, y, >, <=)
#define AssertStrLT(x, y) AssertStr(x, y, <, >=)
#define AssertStrGE(x, y) AssertStr(x, y, >=, <)
#define AssertStrLE(x, y) AssertStr(x, y, <=, >)
#define AssertPtr(x, y, op, er) do { \
PRAGMA_GCC_DIAG_PUSH; \
/* remarkably, without this inhibition, */ \
/* the _Pragma()s make the declarations warn. */ \
PRAGMA_GCC("GCC diagnostic ignored \"-Wdeclaration-after-statement\""); \
/* inhibit "ISO C forbids conversion of function pointer */ \
/* to object pointer type [-Werror=pedantic]" */ \
PRAGMA_GCC("GCC diagnostic ignored \"-Wpedantic\""); \
void* _x = (void*)(x); \
void* _y = (void*)(y); \
Assert(_x op _y, ("%s " #op " %s", #x, #y), ("%p " #er " %p", _x, _y)); \
PRAGMA_GCC_DIAG_POP; \
} while(0)
#define AssertPtrEq(x, y) AssertPtr(x, y, ==, !=)
#define AssertPtrNE(x, y) AssertPtr(x, y, !=, ==)
#define AssertPtrGT(x, y) AssertPtr(x, y, >, <=)
#define AssertPtrLT(x, y) AssertPtr(x, y, <, >=)
#define AssertPtrGE(x, y) AssertPtr(x, y, >=, <)
#define AssertPtrLE(x, y) AssertPtr(x, y, <=, >)
void ApiTest_PrintTestCases(void);
int ApiTest_RunIdx(int idx);
int ApiTest_RunName(char* name);
void ApiTest(void);
int SuiteTest(int argc, char** argv);
int HashTest(void);
void SrpTest(void);
int w64wrapper_test(void);
int QuicTest(void);
#endif /* CyaSSL_UNIT_H */

218
android/extern/wolfssl/tests/w64wrapper.c vendored Normal file
View File

@@ -0,0 +1,218 @@
/* w64wrapper.c w64wrapper unit tests
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfSSL.
*
* wolfSSL is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfSSL is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <wolfssl/wolfcrypt/settings.h>
#include <tests/unit.h>
#ifdef WOLFSSL_W64_WRAPPER
#ifndef NO_INLINE
#define WOLFSSL_MISC_INCLUDED
#include <wolfcrypt/src/misc.c>
#else
#include <wolfssl/wolfcrypt/misc.h>
#endif
int w64wrapper_test(void)
{
w64wrapper a, b, c;
byte wrap, raw[8];
a = w64From32(0x01020304, 0x05060708);
#if defined(WORD64_AVAILABLE) && !defined(WOLFSSL_W64_WRAPPER_TEST)
if (a.n != 0x0102030405060708)
return -1;
#else
if (a.n[0] != 0x01020304 || a.n[1] != 0x05060708)
return -1;
#endif /* WORD64_AVAILABLE && WOLFSSL_W64_WRAPPER_TEST */
if (w64GetLow32(a) != 0x05060708)
return -2;
if (w64GetHigh32(a) != 0x01020304)
return -3;
w64SetLow32(&a, 0xabcdefff);
if (w64GetLow32(a) != 0xabcdefff || w64GetHigh32(a) != 0x01020304)
return -4;
a = w64From32(0,0);
w64Increment(&a);
if (w64GetLow32(a) != 1 || w64GetHigh32(a) != 0)
return -5;
a = w64From32(0, 0xffffffff);
w64Increment(&a);
if (w64GetLow32(a) != 0 || w64GetHigh32(a) != 1)
return -6;
a = w64From32(0,1);
w64Decrement(&a);
if (w64GetLow32(a) != 0 || w64GetHigh32(a) != 0)
return -7;
a = w64From32(1,0);
w64Decrement(&a);
if (w64GetLow32(a) != 0xffffffff || w64GetHigh32(a) != 0)
return -8;
a = w64From32(0xabcdef, 0xdeed);
b = w64From32(0xabcdef, 0xdeed);
if (!w64Equal(a, b))
return -9;
a = w64From32(1, 1);
b = w64From32(0, 1);
if (w64Equal(a, b))
return -10;
wrap = 0;
a = w64From32(0x0, 0x1);
b = w64Add32(a, 0x1, &wrap);
if (w64GetLow32(b) != 0x2 || w64GetHigh32(b) != 0x0 || wrap)
return -11;
wrap = 0;
a = w64From32(0x0, 0xffffffff);
b = w64Add32(a, 0x1, &wrap);
if (w64GetLow32(b) != 0x0 || w64GetHigh32(b) != 0x01 || wrap)
return -12;
wrap = 0;
a = w64From32(0xffffffff, 0xffffffff);
b = w64Add32(a, 0x1, &wrap);
if (w64GetLow32(b) != 0x0 || w64GetHigh32(b) != 0x00 || !wrap)
return -13;
wrap = 0;
a = w64From32(0x0, 0x1);
b = w64Sub32(a, 0x1, &wrap);
if (w64GetLow32(b) != 0x0 || w64GetHigh32(b) != 0x00 || wrap)
return -14;
wrap = 0;
a = w64From32(0xffffffff, 0x0);
b = w64Sub32(a, 0x1, &wrap);
if (w64GetLow32(b) != 0xffffffff ||
w64GetHigh32(b) != 0xfffffffe || wrap)
return -15;
wrap = 0;
a = w64From32(0x0, 0x0);
b = w64Sub32(a, 0x1, &wrap);
if (w64GetLow32(b) != 0xffffffff ||
w64GetHigh32(b) != 0xffffffff || !wrap)
return -16;
a = w64From32(0x0, 0x0);
b = w64From32(0x0, 0x0);
if (w64GT(a,b) || w64GT(b,a) || !w64GTE(a,b) || w64LT(a,b) || w64LT(b,a))
return -17;
a = w64From32(0x0, 0x1);
b = w64From32(0x0, 0x0);
if (!w64GT(a, b) || w64GT(b, a) || !w64GTE(a, b) || w64GTE(b, a) ||
w64LT(a, b) || !w64LT(b, a))
return -18;
a = w64From32(0x1, 0x0);
b = w64From32(0x0, 0x0);
if (!w64GT(a, b) || w64GT(b, a) || !w64GTE(a, b) || w64GTE(b, a) ||
!w64LT(b, a) || w64LT(a, b))
return -19;
a = w64From32(0x1, 0x0);
b = w64From32(0x1, 0x0);
if (w64GT(a,b) || w64GT(b,a) || !w64GTE(a,b) || w64LT(a,b))
return -20;
a = w64From32(0x1, 0x1);
b = w64From32(0x1, 0x0);
if (!w64GT(a, b) || w64GT(b, a) || !w64GTE(a, b) || w64GTE(b, a) ||
w64LT(a, b) || !w64LT(b, a))
return -21;
a = w64From32(0x2, 0x1);
b = w64From32(0x1, 0x3);
if (!w64GT(a, b) || w64GT(b, a) || !w64GTE(a, b) || w64GTE(b, a) ||
w64LT(a, b) || !w64LT(b, a))
return -22;
a = w64From32(0x0, 0x0);
if (!w64IsZero(a))
return -23;
a = w64From32(0x01020304, 0x05060708);
c64toa(&a, raw);
if (raw[0] != 0x01
||raw[1] != 0x02
||raw[2] != 0x03
||raw[3] != 0x04
||raw[4] != 0x05
||raw[5] != 0x06
||raw[6] != 0x07
||raw[7] != 0x08) {
return -24;
}
b = w64From32(0x0,0x0);
ato64(raw, &b);
if (w64GetHigh32(b) != 0x01020304 || w64GetLow32(b) != 0x05060708)
return -25;
w64Zero(&b);
if (w64GetHigh32(b) != 0x0 || w64GetLow32(b) != 0x0)
return -26;
b = w64From32(0x0, 0xffffffff);
w64Increment(&b);
if (w64GetHigh32(b) != 0x1 || w64GetLow32(b) != 0x0)
return -27;
b = w64From32(0xffffffff, 0xffffffff);
w64Increment(&b);
if (w64GetHigh32(b) != 0x0 || w64GetLow32(b) != 0x0)
return -28;
b = w64From32(0xffffffff, 0x0);
w64Decrement(&b);
if (w64GetHigh32(b) != 0xfffffffe || w64GetLow32(b) != 0xffffffff)
return -29;
a = w64From32(0x01, 0x20);
b = w64From32(0x01, 0x10);
c = w64Sub(a,b);
if (w64GetHigh32(c) != 0x0 || w64GetLow32(c) != 0x10)
return -30;
c = w64Sub(b,a);
if (w64GetHigh32(c) != 0xffffffff || w64GetLow32(c) != 0xfffffff0)
return -31;
a = w64From32(0x01, 0x10);
b = w64From32(0x00, 0x20);
c = w64Sub(a,b);
if (w64GetHigh32(c) != 0x00000000 || w64GetLow32(c) != 0xfffffff0)
return -32;
return 0;
}
#endif /* WOLFSSL_W64_WRAPPER */