projects / strongswan.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
tls-crypto: Add signature scheme config file filter
[strongswan.git] / src / libtls / tests / suites / test_socket.c
1 /*
2 * Copyright (C) 2020-2021 Pascal Knecht
3 * HSR Hochschule fuer Technik Rapperswil
4 *
5 * Copyright (C) 2014 Martin Willi
6 * Copyright (C) 2014 revosec AG
7 *
8 * This program is free software; you can redistribute it and/or modify it
9 * under the terms of the GNU General Public License as published by the
10 * Free Software Foundation; either version 2 of the License, or (at your
11 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
12 *
13 * This program is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
15 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
16 * for more details.
17 */
18
19 #include <test_suite.h>
20
21 #include <unistd.h>
22 #include <errno.h>
23
24 #include <processing/jobs/callback_job.h>
25 #include <credentials/sets/mem_cred.h>
26
27 #include "tls_socket.h"
28
29 /**
30 * Credentials for authentication
31 */
32 static mem_cred_t *creds;
33
34 /**
35 * RSA private key, 2048 bit
36 */
37 static char rsa[] = {
38 0x30,0x82,0x04,0xa4,0x02,0x01,0x00,0x02,0x82,0x01,0x01,0x00,0xee,0xa3,0x28,0xcc,
39 0x48,0xca,0x37,0xfc,0xb6,0xfa,0xfc,0x18,0x0d,0xa2,0x28,0x44,0xb4,0x16,0x56,0xf7,
40 0x97,0x5f,0x38,0x83,0xfc,0xd4,0x30,0xea,0xf7,0x5e,0xaa,0xd4,0x21,0x0e,0x71,0x49,
41 0x13,0x39,0xaf,0x89,0xa1,0x1d,0x1b,0x9a,0x08,0x44,0xff,0x0b,0xeb,0x4b,0xad,0x8e,
42 0xc4,0x6d,0x1e,0x0c,0x02,0xbb,0x17,0x59,0xc7,0x66,0xc7,0xff,0x4c,0x3c,0x11,0x40,
43 0x1a,0xe3,0xca,0x34,0xf8,0x41,0xe0,0x39,0x3e,0xce,0x72,0x9f,0x56,0x9e,0x69,0xad,
44 0x98,0x43,0x5f,0x35,0xc2,0xd0,0xd9,0xbc,0x8b,0xed,0xc6,0xc7,0x74,0x73,0x74,0x30,
45 0x92,0x86,0x39,0x26,0x3d,0xf1,0xd5,0x16,0x45,0x7d,0xcc,0x90,0x54,0xff,0x44,0x74,
46 0xf3,0xba,0x41,0x5c,0x58,0xa4,0x66,0xe6,0x9d,0x58,0xbe,0x7e,0x89,0xe1,0x7c,0xf7,
47 0x28,0xb0,0xde,0xe2,0x01,0x0a,0x89,0xc7,0x63,0x3f,0xef,0x2b,0xcb,0xef,0x65,0x89,
48 0x82,0x23,0x32,0xa7,0xa3,0x1c,0x0d,0xc6,0x8f,0x76,0x59,0x8b,0x55,0x65,0x9c,0x91,
49 0xd4,0x93,0x89,0xad,0x37,0x47,0x23,0x25,0xb3,0x53,0xea,0xef,0x73,0xeb,0x97,0xd3,
50 0xd7,0x74,0x38,0x73,0x8d,0x16,0x0d,0x6f,0xae,0x59,0x33,0x4e,0x24,0xe9,0x52,0xf6,
51 0x6f,0x8c,0x5c,0x13,0xcf,0x1d,0x0a,0xcc,0xb7,0x6a,0x88,0xce,0x91,0xe2,0xe0,0xcb,
52 0xc6,0xd2,0xfb,0x81,0xf6,0xd2,0x9f,0x0a,0x82,0x70,0x80,0xbf,0x93,0x70,0xc0,0x57,
53 0x23,0x6e,0x97,0x1c,0x9d,0x7d,0xf0,0xa3,0x54,0x86,0xec,0x40,0xae,0x09,0x20,0xed,
54 0x02,0x43,0xa3,0xf8,0x7e,0x0e,0x5b,0xd0,0x22,0x7b,0x74,0x39,0x02,0x03,0x01,0x00,
55 0x01,0x02,0x82,0x01,0x01,0x00,0xd9,0x5b,0x99,0x74,0x80,0xb4,0x57,0xcc,0x82,0x2a,
56 0x17,0x66,0x1d,0x3c,0xde,0xea,0xbd,0x11,0x40,0x03,0x62,0x47,0xe3,0xe5,0x2c,0x6b,
57 0x65,0x67,0x0f,0x0b,0x96,0x13,0x83,0x4c,0x71,0x58,0xfa,0xfe,0xe6,0xe9,0x37,0xeb,
58 0x98,0x51,0x73,0x48,0xcc,0xf9,0xe1,0x46,0x5b,0xfe,0x16,0xe1,0xc0,0xa5,0x75,0xf3,
59 0x4d,0x30,0x84,0x14,0x15,0x04,0x6f,0x3e,0xa3,0x03,0xbd,0xba,0x4f,0x5a,0x71,0xe9,
60 0x26,0xbf,0x5d,0x7a,0x93,0x22,0x98,0xb5,0xcf,0x51,0xc3,0xc7,0x51,0xb8,0x59,0x0a,
61 0xfb,0xd7,0xe5,0xa8,0x1d,0x0f,0x5c,0xfd,0x30,0x0e,0x71,0xd7,0x79,0xc4,0x60,0x55,
62 0x9e,0x1e,0x1c,0x0b,0x9a,0x40,0xb8,0x7a,0x8d,0xb2,0xec,0xb0,0x70,0x8a,0x19,0x5f,
63 0x1d,0x2e,0xde,0x90,0x8f,0x68,0x56,0x08,0xce,0x0c,0x08,0xde,0xc7,0xf8,0x13,0xef,
64 0xd2,0xbc,0x92,0xb6,0xfb,0xec,0xb6,0x04,0xf6,0x8f,0x7d,0x95,0xe9,0xeb,0xc7,0xfb,
65 0xcc,0x4f,0xad,0x41,0xf1,0x4c,0x79,0x07,0xdd,0x4b,0x40,0xb4,0x74,0x44,0x9a,0x06,
66 0x0a,0x0f,0xb2,0xda,0x12,0x46,0xe5,0xee,0x01,0x64,0xe5,0xf0,0x82,0x69,0xf9,0xf1,
67 0xe9,0x41,0x13,0x5a,0xee,0xc0,0x37,0x9a,0xbe,0x9a,0x9a,0x06,0x4b,0x52,0xd6,0xf3,
68 0x1b,0x30,0x64,0x93,0x3a,0x97,0xe1,0xdc,0x50,0x1f,0x46,0xc4,0x81,0x6a,0x17,0x52,
69 0x49,0x85,0xc6,0x85,0xb7,0x60,0xd4,0xf0,0xd1,0x6a,0xeb,0x50,0x8c,0xb7,0xeb,0x1f,
70 0x17,0x0e,0xf0,0xfd,0x67,0x03,0x7c,0x74,0x1a,0xac,0x66,0x81,0x00,0x45,0x5e,0xf3,
71 0xd9,0x9d,0x22,0x99,0xc4,0x11,0x02,0x81,0x81,0x00,0xfa,0x44,0x32,0x14,0xb2,0x82,
72 0x28,0x02,0x46,0x05,0xdd,0x8d,0xb1,0x9f,0x9e,0x6f,0x61,0xf2,0x01,0xa0,0x2b,0x76,
73 0xee,0x46,0xaa,0x2d,0x2d,0x5b,0xd2,0x67,0x90,0x36,0xbb,0xa0,0x07,0xdf,0x9b,0xad,
74 0x18,0x1e,0xa7,0xe6,0x36,0xc6,0x49,0xda,0xc5,0x0d,0x52,0x29,0x5a,0x40,0xcf,0xdf,
75 0x8d,0xd0,0xa3,0xc2,0x34,0x17,0x9f,0xb5,0xf1,0x67,0xac,0x29,0x10,0xc2,0x5c,0x62,
76 0xe3,0xe2,0x5c,0x9f,0x93,0xcc,0xb5,0xeb,0x16,0x64,0x44,0x9f,0x6b,0x5a,0xac,0x19,
77 0x09,0xff,0x4b,0x78,0x7f,0xec,0x5a,0xbd,0xe9,0xcb,0x74,0xbb,0x30,0x13,0xc5,0x25,
78 0x8b,0xac,0x8d,0xf9,0xa9,0x99,0x25,0xf5,0xce,0x07,0xb6,0x2b,0x1b,0x42,0xed,0x3a,
79 0x30,0x4a,0xfc,0x5f,0xf0,0xe2,0x26,0xa6,0x60,0x5d,0x02,0x81,0x81,0x00,0xf4,0x1a,
80 0xc2,0x7e,0xa0,0xa0,0xad,0x20,0x65,0x04,0xe8,0xf7,0xb0,0xb1,0x76,0x79,0x08,0x18,
81 0x58,0x93,0x21,0xf1,0x56,0x58,0x58,0x18,0x4a,0x5c,0x59,0x08,0x27,0x64,0x09,0xcb,
82 0x0b,0x0b,0x4e,0x26,0xc8,0x0b,0x87,0x67,0x40,0xc1,0xab,0x31,0x60,0xa6,0x78,0xdd,
83 0x78,0xc8,0x86,0x38,0xbd,0x19,0xde,0x0b,0x70,0x72,0xec,0x36,0x88,0x39,0x69,0x70,
84 0xda,0xa6,0x2e,0xf9,0x5c,0xd8,0x17,0xc5,0xfa,0xf8,0xa5,0xc9,0x9b,0xf0,0xfe,0x03,
85 0x71,0x57,0xfa,0x58,0x0f,0x33,0xc3,0xab,0xce,0xb0,0x5d,0xd0,0x40,0x07,0x9a,0x0b,
86 0xff,0xb9,0xaa,0x9d,0xc5,0x33,0x7f,0x5f,0x48,0x7e,0x54,0x82,0xd1,0xdf,0x75,0x69,
87 0xee,0xe5,0xf5,0x80,0x44,0xce,0x52,0x72,0x14,0x2c,0xe6,0xa7,0xd5,0x8d,0x02,0x81,
88 0x81,0x00,0xb8,0xf7,0x70,0x20,0x35,0xf2,0xd6,0x89,0x1f,0xa1,0xb4,0x26,0xc6,0x51,
89 0xd7,0xb2,0x30,0xac,0xc1,0xa0,0xd4,0x9e,0xf8,0xea,0x87,0x5a,0x0e,0x7d,0x1f,0xdb,
90 0xe5,0x0d,0x5e,0xcc,0x9f,0x25,0x18,0x14,0xed,0x8f,0xb2,0xbe,0x06,0x5b,0xb5,0x38,
91 0x18,0x8d,0x88,0xdd,0x01,0x54,0x87,0x8e,0x8d,0x6c,0xd7,0xab,0x6f,0xfe,0xc9,0xce,
92 0x9a,0x15,0xea,0x7b,0x0b,0x64,0xeb,0x0d,0x37,0xaa,0x14,0x94,0xe8,0x92,0xd3,0x1d,
93 0x66,0x16,0x43,0x55,0xa3,0xed,0x86,0xe6,0x96,0xa9,0xf5,0xe8,0xa0,0x7b,0x5a,0x71,
94 0xa4,0x7a,0xf7,0xd2,0x65,0x6d,0x27,0x37,0x61,0xac,0xed,0xdd,0xc9,0x08,0x64,0xb2,
95 0xf0,0x4c,0x68,0xca,0x21,0x42,0xec,0xbc,0x25,0xf7,0x35,0xe1,0xde,0xd1,0xf6,0x88,
96 0xdf,0x0d,0x02,0x81,0x80,0x44,0xb0,0xcb,0x0e,0x6b,0x11,0x0b,0xe6,0xd3,0xc6,0x7f,
97 0xf0,0x43,0x6e,0x8c,0xd2,0x1e,0x2f,0x0b,0xad,0xcb,0x9d,0x68,0x18,0xd0,0x21,0x75,
98 0xbb,0x6a,0xea,0x5a,0x7b,0x52,0x2e,0x2a,0xdb,0x71,0x90,0x84,0x36,0x8a,0x51,0xc9,
99 0xed,0x35,0xc9,0x5d,0x53,0x3b,0x2b,0xc7,0x73,0x56,0x21,0xdd,0x44,0xcc,0x31,0x17,
100 0xe1,0x9f,0x0a,0xf1,0x66,0x86,0x7f,0x55,0x67,0xf2,0x4c,0x05,0x8e,0x61,0x92,0x3a,
101 0xbf,0x81,0x97,0xac,0x24,0x32,0xb6,0xb1,0x4c,0x7a,0x8c,0x11,0x2b,0x15,0xe2,0xe0,
102 0xf4,0xcc,0x51,0x6f,0xd3,0x33,0xcc,0x30,0x98,0x04,0xa5,0x04,0xfb,0x2a,0xda,0x9b,
103 0x41,0xc1,0x72,0x56,0xb0,0xb5,0x0f,0xac,0x44,0x55,0xc3,0x54,0x99,0x62,0xa5,0xeb,
104 0x7b,0x7f,0x24,0xb7,0x79,0x02,0x81,0x80,0x0a,0x3b,0x9b,0x91,0x1d,0x9b,0x04,0x4e,
105 0xdf,0xd9,0xe6,0x47,0xf3,0x79,0xb7,0x17,0xcf,0x42,0xa5,0xde,0x94,0xf0,0xfe,0xed,
106 0x46,0xf6,0xaf,0x3e,0x6c,0x91,0x01,0x89,0x79,0x81,0xea,0x2b,0x82,0x68,0x0e,0xd8,
107 0x25,0xaf,0x79,0x8b,0x14,0xfd,0xf2,0x29,0x20,0x34,0x2d,0x0b,0x08,0x8c,0x3b,0x2b,
108 0xfc,0x75,0xe9,0x4e,0x21,0xa6,0xb2,0x35,0x67,0x8d,0x4c,0x90,0x94,0x02,0xd5,0x32,
109 0x23,0xc6,0xa0,0x92,0x2e,0xfa,0x97,0x48,0x5b,0x95,0xc3,0xf1,0xbc,0x6b,0xe8,0x4c,
110 0x92,0x6f,0x5e,0x3d,0xf9,0xbd,0x2c,0xf0,0x83,0x1c,0xe6,0xb3,0x45,0x68,0x32,0x8d,
111 0x85,0x20,0xcb,0x9d,0xd2,0x30,0x5a,0x57,0xa4,0x6e,0x27,0xb5,0x29,0x14,0xdb,0xf1,
112 0x4b,0x9a,0xc3,0xc1,0xc5,0x37,0x6d,0x1b,
113 };
114
115 /**
116 * ECDSA private key
117 */
118 static char ecdsa[] = {
119 0x30,0x81,0xa4,0x02,0x01,0x01,0x04,0x30,0xc0,0x1f,0xfd,0x65,0xc6,0xc4,0x4c,0xb8,
120 0xff,0x56,0x08,0xb5,0xbd,0xb8,0xf5,0x93,0xf7,0x51,0x0e,0x92,0x1f,0x06,0xbf,0xa6,
121 0xd9,0x1d,0xae,0xa3,0x16,0x0d,0x0f,0xc9,0xd5,0x97,0x90,0x46,0xf1,0x98,0xa8,0x18,
122 0x07,0xba,0xcf,0x91,0x8e,0x07,0xed,0x88,0xa0,0x07,0x06,0x05,0x2b,0x81,0x04,0x00,
123 0x22,0xa1,0x64,0x03,0x62,0x00,0x04,0xd6,0xba,0xe1,0xf0,0x09,0x22,0x21,0x12,0x69,
124 0xed,0x0e,0xd5,0x02,0x8c,0xb8,0x52,0xbb,0x57,0x68,0x0e,0xf3,0xdb,0xb9,0xb1,0xee,
125 0x9c,0x67,0xa0,0xb8,0xdc,0x13,0x1e,0x5b,0x44,0x71,0x04,0xef,0x4e,0xe3,0xdd,0xf4,
126 0xa6,0xc3,0xba,0x77,0x53,0xb8,0x28,0x5f,0xd2,0x97,0x05,0xa3,0x5b,0xe6,0xde,0x0a,
127 0xce,0x11,0xa8,0xaf,0x02,0xbd,0xfa,0x17,0xf9,0xa7,0x38,0x3e,0x5b,0x57,0xb0,0x01,
128 0xb3,0xc6,0x09,0x29,0x65,0xae,0xfb,0x87,0x92,0xa3,0xd7,0x3d,0x9a,0x1c,0x52,0x09,
129 0xb1,0x47,0xc8,0xf6,0x18,0xbb,0x97,
130 };
131
132 /**
133 * Ed25519 private key
134 * pki --gen --type ed25519
135 */
136 static char ed25519[] = {
137 0x30,0x2e,0x02,0x01,0x00,0x30,0x05,0x06,0x03,0x2b,0x65,0x70,0x04,0x22,0x04,0x20,
138 0x70,0x4b,0xca,0x70,0x1c,0xb1,0x75,0xf1,0xed,0xde,0xf1,0x99,0x8e,0x11,0x32,0x2d,
139 0x76,0x41,0x01,0x6c,0xd7,0xbc,0x79,0xa2,0x06,0x15,0x7e,0x44,0x28,0xf2,0x49,0x61,
140 };
141
142 /**
143 * Ed448 private key
144 * pki --gen --type ed448
145 */
146 static char ed448[] = {
147 0x30,0x47,0x02,0x01,0x00,0x30,0x05,0x06,0x03,0x2b,0x65,0x71,0x04,0x3b,0x04,0x39,
148 0xcf,0xb9,0xbe,0x75,0xdf,0x76,0x8b,0x9a,0xdf,0x56,0x52,0x5d,0x37,0x7d,0xb0,0xa8,
149 0x1f,0x19,0x44,0x30,0xbd,0x9d,0x0e,0xff,0x5f,0xc8,0xc3,0xec,0x60,0xd5,0xf6,0xa4,
150 0x3d,0x1f,0x0e,0xb5,0x65,0x6e,0xe6,0x62,0x4d,0xb7,0xe7,0x5c,0x88,0x7b,0xe8,0xdd,
151 0x02,0xd9,0x0f,0xaa,0xe7,0xfb,0x05,0x14,0x41,
152 };
153
154 /**
155 * TLS certificate for RSA key
156 * pki --self --in rsa.key --dn "C=CH, O=strongSwan, CN=tls-rsa" --san 127.0.0.1
157 */
158 static char rsa_crt[] = {
159 0x30,0x82,0x02,0xfd,0x30,0x82,0x01,0xe5,0xa0,0x03,0x02,0x01,0x02,0x02,0x08,0x78,
160 0x90,0x39,0xe2,0x1c,0x03,0x1f,0x05,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,
161 0x0d,0x01,0x01,0x0b,0x05,0x00,0x30,0x34,0x31,0x0b,0x30,0x09,0x06,0x03,0x55,0x04,
162 0x06,0x13,0x02,0x43,0x48,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x0a,0x13,0x0a,
163 0x73,0x74,0x72,0x6f,0x6e,0x67,0x53,0x77,0x61,0x6e,0x31,0x10,0x30,0x0e,0x06,0x03,
164 0x55,0x04,0x03,0x13,0x07,0x74,0x6c,0x73,0x2d,0x72,0x73,0x61,0x30,0x1e,0x17,0x0d,
165 0x32,0x30,0x30,0x33,0x32,0x35,0x31,0x34,0x32,0x39,0x32,0x37,0x5a,0x17,0x0d,0x32,
166 0x33,0x30,0x33,0x32,0x35,0x31,0x34,0x32,0x39,0x32,0x37,0x5a,0x30,0x34,0x31,0x0b,
167 0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x43,0x48,0x31,0x13,0x30,0x11,0x06,
168 0x03,0x55,0x04,0x0a,0x13,0x0a,0x73,0x74,0x72,0x6f,0x6e,0x67,0x53,0x77,0x61,0x6e,
169 0x31,0x10,0x30,0x0e,0x06,0x03,0x55,0x04,0x03,0x13,0x07,0x74,0x6c,0x73,0x2d,0x72,
170 0x73,0x61,0x30,0x82,0x01,0x22,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,
171 0x01,0x01,0x01,0x05,0x00,0x03,0x82,0x01,0x0f,0x00,0x30,0x82,0x01,0x0a,0x02,0x82,
172 0x01,0x01,0x00,0xee,0xa3,0x28,0xcc,0x48,0xca,0x37,0xfc,0xb6,0xfa,0xfc,0x18,0x0d,
173 0xa2,0x28,0x44,0xb4,0x16,0x56,0xf7,0x97,0x5f,0x38,0x83,0xfc,0xd4,0x30,0xea,0xf7,
174 0x5e,0xaa,0xd4,0x21,0x0e,0x71,0x49,0x13,0x39,0xaf,0x89,0xa1,0x1d,0x1b,0x9a,0x08,
175 0x44,0xff,0x0b,0xeb,0x4b,0xad,0x8e,0xc4,0x6d,0x1e,0x0c,0x02,0xbb,0x17,0x59,0xc7,
176 0x66,0xc7,0xff,0x4c,0x3c,0x11,0x40,0x1a,0xe3,0xca,0x34,0xf8,0x41,0xe0,0x39,0x3e,
177 0xce,0x72,0x9f,0x56,0x9e,0x69,0xad,0x98,0x43,0x5f,0x35,0xc2,0xd0,0xd9,0xbc,0x8b,
178 0xed,0xc6,0xc7,0x74,0x73,0x74,0x30,0x92,0x86,0x39,0x26,0x3d,0xf1,0xd5,0x16,0x45,
179 0x7d,0xcc,0x90,0x54,0xff,0x44,0x74,0xf3,0xba,0x41,0x5c,0x58,0xa4,0x66,0xe6,0x9d,
180 0x58,0xbe,0x7e,0x89,0xe1,0x7c,0xf7,0x28,0xb0,0xde,0xe2,0x01,0x0a,0x89,0xc7,0x63,
181 0x3f,0xef,0x2b,0xcb,0xef,0x65,0x89,0x82,0x23,0x32,0xa7,0xa3,0x1c,0x0d,0xc6,0x8f,
182 0x76,0x59,0x8b,0x55,0x65,0x9c,0x91,0xd4,0x93,0x89,0xad,0x37,0x47,0x23,0x25,0xb3,
183 0x53,0xea,0xef,0x73,0xeb,0x97,0xd3,0xd7,0x74,0x38,0x73,0x8d,0x16,0x0d,0x6f,0xae,
184 0x59,0x33,0x4e,0x24,0xe9,0x52,0xf6,0x6f,0x8c,0x5c,0x13,0xcf,0x1d,0x0a,0xcc,0xb7,
185 0x6a,0x88,0xce,0x91,0xe2,0xe0,0xcb,0xc6,0xd2,0xfb,0x81,0xf6,0xd2,0x9f,0x0a,0x82,
186 0x70,0x80,0xbf,0x93,0x70,0xc0,0x57,0x23,0x6e,0x97,0x1c,0x9d,0x7d,0xf0,0xa3,0x54,
187 0x86,0xec,0x40,0xae,0x09,0x20,0xed,0x02,0x43,0xa3,0xf8,0x7e,0x0e,0x5b,0xd0,0x22,
188 0x7b,0x74,0x39,0x02,0x03,0x01,0x00,0x01,0xa3,0x13,0x30,0x11,0x30,0x0f,0x06,0x03,
189 0x55,0x1d,0x11,0x04,0x08,0x30,0x06,0x87,0x04,0x7f,0x00,0x00,0x01,0x30,0x0d,0x06,
190 0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01,0x0b,0x05,0x00,0x03,0x82,0x01,0x01,
191 0x00,0x97,0xfb,0x1e,0xd8,0x78,0x65,0x65,0x23,0x15,0xf9,0x8a,0xcc,0x98,0x37,0x30,
192 0x05,0x34,0x76,0x6a,0x23,0x11,0x40,0x89,0x9f,0x26,0x33,0xd5,0x00,0xa9,0xf2,0x78,
193 0x42,0x99,0xa7,0xbd,0xda,0x31,0xa1,0xcd,0x56,0x46,0xfe,0xd1,0xa3,0x9c,0x86,0xfa,
194 0x0b,0x76,0xb2,0x13,0x8f,0x83,0x96,0x00,0x5a,0xa0,0xc5,0x63,0x72,0xd5,0xf8,0xbe,
195 0x61,0x57,0x3e,0xd4,0xaa,0x8c,0x87,0xdf,0x27,0xf3,0x6f,0xbe,0xbe,0x3c,0x50,0xa1,
196 0x7a,0x00,0xbd,0x0e,0x16,0x1a,0x1f,0xde,0xd9,0xf7,0x76,0xdd,0xc9,0xa9,0xff,0x82,
197 0xf7,0x59,0x03,0x2b,0x6e,0x19,0x7c,0xac,0x6d,0x29,0xe6,0xc8,0x83,0x35,0x91,0x04,
198 0xf2,0x6a,0x9b,0x3c,0x54,0xda,0x83,0x72,0x80,0x07,0xc3,0x8e,0x4c,0x1c,0x09,0xbf,
199 0x41,0x34,0xec,0xa1,0xac,0xc3,0xac,0x71,0x5d,0x64,0x1e,0x60,0x4b,0x98,0xaa,0x1f,
200 0x0c,0x7f,0x6d,0xf2,0xe1,0x56,0x28,0x48,0xf0,0xfd,0xe4,0xb0,0xb6,0xad,0xf3,0x49,
201 0x76,0x6b,0x23,0x35,0x73,0x38,0xd6,0x1c,0x6d,0x73,0xd4,0x0c,0x8e,0x1a,0x15,0x75,
202 0x90,0x76,0xee,0xe1,0x2d,0x90,0xf6,0x1a,0x49,0xb4,0x19,0xda,0xcd,0x89,0xd6,0x8d,
203 0x27,0xb0,0xeb,0x79,0x4e,0x9f,0xec,0xda,0xbf,0x27,0x84,0xf0,0xd5,0x5b,0xef,0x0b,
204 0xea,0xec,0x35,0x99,0x9b,0x39,0xe7,0x43,0x24,0xc6,0x71,0x4c,0xf8,0x6f,0x7a,0xc9,
205 0x4a,0x2e,0xbb,0x96,0x77,0x05,0xe3,0xb3,0xcf,0x1f,0x80,0xbe,0xd1,0xed,0xde,0x85,
206 0xaf,0xb4,0xe3,0x63,0x63,0xdc,0x70,0x4e,0x1e,0x0e,0x9a,0x10,0x2d,0xe5,0x86,0x6e,
207 0xbd,
208 };
209
210 /**
211 * TLS certificate for ECDSA key
212 * pki --self --in ecdsa.key --dn "C=CH, O=strongSwan, CN=tls-ecdsa" --san 127.0.0.1
213 */
214 static char ecdsa_crt[] = {
215 0x30,0x82,0x01,0xb1,0x30,0x82,0x01,0x38,0xa0,0x03,0x02,0x01,0x02,0x02,0x08,0x77,
216 0x8f,0x61,0x26,0xa2,0xae,0xe8,0x6c,0x30,0x0a,0x06,0x08,0x2a,0x86,0x48,0xce,0x3d,
217 0x04,0x03,0x03,0x30,0x36,0x31,0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,
218 0x43,0x48,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x0a,0x13,0x0a,0x73,0x74,0x72,
219 0x6f,0x6e,0x67,0x53,0x77,0x61,0x6e,0x31,0x12,0x30,0x10,0x06,0x03,0x55,0x04,0x03,
220 0x13,0x09,0x74,0x6c,0x73,0x2d,0x65,0x63,0x64,0x73,0x61,0x30,0x1e,0x17,0x0d,0x32,
221 0x30,0x30,0x33,0x32,0x35,0x31,0x34,0x33,0x30,0x32,0x34,0x5a,0x17,0x0d,0x32,0x33,
222 0x30,0x33,0x32,0x35,0x31,0x34,0x33,0x30,0x32,0x34,0x5a,0x30,0x36,0x31,0x0b,0x30,
223 0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x43,0x48,0x31,0x13,0x30,0x11,0x06,0x03,
224 0x55,0x04,0x0a,0x13,0x0a,0x73,0x74,0x72,0x6f,0x6e,0x67,0x53,0x77,0x61,0x6e,0x31,
225 0x12,0x30,0x10,0x06,0x03,0x55,0x04,0x03,0x13,0x09,0x74,0x6c,0x73,0x2d,0x65,0x63,
226 0x64,0x73,0x61,0x30,0x76,0x30,0x10,0x06,0x07,0x2a,0x86,0x48,0xce,0x3d,0x02,0x01,
227 0x06,0x05,0x2b,0x81,0x04,0x00,0x22,0x03,0x62,0x00,0x04,0xd6,0xba,0xe1,0xf0,0x09,
228 0x22,0x21,0x12,0x69,0xed,0x0e,0xd5,0x02,0x8c,0xb8,0x52,0xbb,0x57,0x68,0x0e,0xf3,
229 0xdb,0xb9,0xb1,0xee,0x9c,0x67,0xa0,0xb8,0xdc,0x13,0x1e,0x5b,0x44,0x71,0x04,0xef,
230 0x4e,0xe3,0xdd,0xf4,0xa6,0xc3,0xba,0x77,0x53,0xb8,0x28,0x5f,0xd2,0x97,0x05,0xa3,
231 0x5b,0xe6,0xde,0x0a,0xce,0x11,0xa8,0xaf,0x02,0xbd,0xfa,0x17,0xf9,0xa7,0x38,0x3e,
232 0x5b,0x57,0xb0,0x01,0xb3,0xc6,0x09,0x29,0x65,0xae,0xfb,0x87,0x92,0xa3,0xd7,0x3d,
233 0x9a,0x1c,0x52,0x09,0xb1,0x47,0xc8,0xf6,0x18,0xbb,0x97,0xa3,0x13,0x30,0x11,0x30,
234 0x0f,0x06,0x03,0x55,0x1d,0x11,0x04,0x08,0x30,0x06,0x87,0x04,0x7f,0x00,0x00,0x01,
235 0x30,0x0a,0x06,0x08,0x2a,0x86,0x48,0xce,0x3d,0x04,0x03,0x03,0x03,0x67,0x00,0x30,
236 0x64,0x02,0x30,0x68,0x6e,0x8e,0x65,0x7c,0x84,0x33,0x82,0x2c,0x2e,0xca,0x17,0xe5,
237 0x68,0xf7,0xbd,0x4b,0x6a,0xa2,0xa6,0xc3,0x40,0x21,0x4c,0xf0,0x00,0xd5,0xf7,0xfe,
238 0x87,0x54,0xe3,0x2a,0x6f,0xce,0x46,0xf0,0x2e,0x9e,0x22,0xc3,0x73,0x47,0xf4,0xce,
239 0x9b,0x03,0x0b,0x02,0x30,0x01,0x62,0x4c,0x6f,0x90,0x62,0x50,0x3b,0xe5,0x3f,0xdf,
240 0x70,0x70,0xf6,0x81,0xad,0x25,0x2f,0x99,0x2e,0x69,0x8a,0x47,0xcf,0x14,0x31,0x27,
241 0x1b,0x52,0xf4,0x91,0x78,0x0f,0x29,0x5b,0x33,0xca,0xb2,0x0c,0x45,0xee,0xc2,0x83,
242 0xac,0x36,0x08,0x14,0x29,
243 };
244
245 /**
246 * TLS certificate for Ed25519 key
247 * pki --self --in ed25519.key --dn "C=CH, O=strongSwan, CN=tls-ed25519" \
248 * --san 127.0.0.1
249 */
250 static char ed25519_crt[] = {
251 0x30,0x82,0x01,0x38,0x30,0x81,0xeb,0xa0,0x03,0x02,0x01,0x02,0x02,0x08,0x46,0x41,
252 0x12,0x0d,0xa4,0xbd,0x00,0x11,0x30,0x05,0x06,0x03,0x2b,0x65,0x70,0x30,0x38,0x31,
253 0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x43,0x48,0x31,0x13,0x30,0x11,
254 0x06,0x03,0x55,0x04,0x0a,0x13,0x0a,0x73,0x74,0x72,0x6f,0x6e,0x67,0x53,0x77,0x61,
255 0x6e,0x31,0x14,0x30,0x12,0x06,0x03,0x55,0x04,0x03,0x13,0x0b,0x74,0x6c,0x73,0x2d,
256 0x65,0x64,0x32,0x35,0x35,0x31,0x39,0x30,0x1e,0x17,0x0d,0x32,0x30,0x31,0x30,0x32,
257 0x32,0x31,0x34,0x30,0x31,0x30,0x30,0x5a,0x17,0x0d,0x32,0x33,0x31,0x30,0x32,0x32,
258 0x31,0x34,0x30,0x31,0x30,0x30,0x5a,0x30,0x38,0x31,0x0b,0x30,0x09,0x06,0x03,0x55,
259 0x04,0x06,0x13,0x02,0x43,0x48,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x0a,0x13,
260 0x0a,0x73,0x74,0x72,0x6f,0x6e,0x67,0x53,0x77,0x61,0x6e,0x31,0x14,0x30,0x12,0x06,
261 0x03,0x55,0x04,0x03,0x13,0x0b,0x74,0x6c,0x73,0x2d,0x65,0x64,0x32,0x35,0x35,0x31,
262 0x39,0x30,0x2a,0x30,0x05,0x06,0x03,0x2b,0x65,0x70,0x03,0x21,0x00,0xbd,0xbd,0xd2,
263 0x9d,0x90,0x2c,0x4f,0xb0,0x0d,0x88,0xe9,0x92,0xba,0x59,0x91,0x6c,0x0a,0x30,0xc3,
264 0x8e,0x7d,0x0d,0x55,0x67,0xf7,0xb0,0x37,0x39,0xfa,0x05,0x61,0xc3,0xa3,0x13,0x30,
265 0x11,0x30,0x0f,0x06,0x03,0x55,0x1d,0x11,0x04,0x08,0x30,0x06,0x87,0x04,0x7f,0x00,
266 0x00,0x01,0x30,0x05,0x06,0x03,0x2b,0x65,0x70,0x03,0x41,0x00,0x04,0xc6,0x12,0x57,
267 0xfa,0x69,0x74,0xd2,0x3a,0x7d,0x1b,0x23,0xde,0x64,0x08,0xa8,0x05,0x75,0xd3,0x15,
268 0xfb,0xd4,0x46,0xe0,0x4a,0x59,0x48,0x8e,0xee,0x4e,0x4d,0x72,0xbf,0xbc,0xdb,0x36,
269 0xda,0x39,0x23,0x9a,0x06,0x88,0xee,0x63,0xe5,0xb4,0x23,0xf9,0xa9,0x80,0x41,0x99,
270 0x3d,0x3f,0xb5,0x39,0x72,0x4b,0x62,0x86,0x4e,0x85,0x61,0x0b,
271 };
272
273 /**
274 * TLS certificate for Ed448 key
275 * pki --self --in ed448.key --dn "C=CH, O=strongSwan, CN=tls-ed448" \
276 * --san 127.0.0.1
277 */
278 static char ed448_crt[] = {
279 0x30,0x82,0x01,0x80,0x30,0x82,0x01,0x00,0xa0,0x03,0x02,0x01,0x02,0x02,0x08,0x71,
280 0xa9,0xa0,0xdd,0x5b,0xee,0xa0,0x5c,0x30,0x05,0x06,0x03,0x2b,0x65,0x71,0x30,0x36,
281 0x31,0x0b,0x30,0x09,0x06,0x03,0x55,0x04,0x06,0x13,0x02,0x43,0x48,0x31,0x13,0x30,
282 0x11,0x06,0x03,0x55,0x04,0x0a,0x13,0x0a,0x73,0x74,0x72,0x6f,0x6e,0x67,0x53,0x77,
283 0x61,0x6e,0x31,0x12,0x30,0x10,0x06,0x03,0x55,0x04,0x03,0x13,0x09,0x74,0x6c,0x73,
284 0x2d,0x65,0x64,0x34,0x34,0x38,0x30,0x1e,0x17,0x0d,0x32,0x30,0x31,0x30,0x32,0x33,
285 0x32,0x30,0x34,0x34,0x30,0x35,0x5a,0x17,0x0d,0x32,0x33,0x31,0x30,0x32,0x33,0x32,
286 0x30,0x34,0x34,0x30,0x35,0x5a,0x30,0x36,0x31,0x0b,0x30,0x09,0x06,0x03,0x55,0x04,
287 0x06,0x13,0x02,0x43,0x48,0x31,0x13,0x30,0x11,0x06,0x03,0x55,0x04,0x0a,0x13,0x0a,
288 0x73,0x74,0x72,0x6f,0x6e,0x67,0x53,0x77,0x61,0x6e,0x31,0x12,0x30,0x10,0x06,0x03,
289 0x55,0x04,0x03,0x13,0x09,0x74,0x6c,0x73,0x2d,0x65,0x64,0x34,0x34,0x38,0x30,0x43,
290 0x30,0x05,0x06,0x03,0x2b,0x65,0x71,0x03,0x3a,0x00,0xdd,0x5e,0x19,0xc8,0x67,0xa9,
291 0x93,0x53,0x5f,0x26,0xca,0x6f,0x2f,0xdf,0x9e,0x0f,0x48,0xb6,0x60,0x3e,0x56,0xa5,
292 0xaf,0xe8,0xf9,0x3f,0xe5,0x1c,0xeb,0xf2,0xf4,0x84,0xd1,0x48,0xa9,0xb1,0x92,0x6b,
293 0xa1,0x4d,0x47,0x86,0x8e,0xf9,0xcc,0xd2,0x58,0xd4,0x6f,0x8c,0x76,0x59,0xf4,0x77,
294 0x59,0xc8,0x00,0xa3,0x13,0x30,0x11,0x30,0x0f,0x06,0x03,0x55,0x1d,0x11,0x04,0x08,
295 0x30,0x06,0x87,0x04,0x7f,0x00,0x00,0x01,0x30,0x05,0x06,0x03,0x2b,0x65,0x71,0x03,
296 0x73,0x00,0xc6,0xf0,0x4e,0xf2,0x41,0xe0,0xb4,0xa0,0x0a,0x9f,0x73,0x67,0xcb,0x89,
297 0x97,0xf0,0x3a,0xfe,0x53,0xb2,0x1b,0x6c,0x37,0x24,0xbe,0x9e,0x2b,0x50,0x0c,0x98,
298 0xb3,0x15,0x65,0x79,0x37,0xd6,0xc2,0x92,0x89,0x96,0xf3,0x5f,0x2d,0x70,0xa5,0x49,
299 0xdd,0x7d,0x12,0x3d,0x17,0x28,0xd2,0x56,0x25,0xab,0x80,0x89,0x4d,0x6a,0xfa,0x32,
300 0x6a,0x16,0x7f,0xd2,0x12,0xb3,0x73,0xf5,0xe7,0x1f,0x89,0x0b,0x5e,0x05,0xbe,0x69,
301 0xb8,0x11,0x59,0xf9,0xdc,0x9c,0xca,0x68,0xe3,0x1f,0x7a,0x43,0x1a,0x72,0xfa,0x1f,
302 0x07,0xe0,0x58,0xc2,0x3a,0x18,0xb3,0x01,0x68,0x90,0x40,0x05,0x7d,0x35,0x1a,0x3f,
303 0xdc,0xc8,0x00,0x00
304 };
305
306 static void setup_credentials(chunk_t key_data, chunk_t cert_data)
307 {
308 private_key_t *key;
309 certificate_t *cert;
310
311 if (!creds)
312 {
313 creds = mem_cred_create();
314 lib->credmgr->add_set(lib->credmgr, &creds->set);
315 }
316
317 key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_RSA,
318 BUILD_BLOB, chunk_from_thing(rsa), BUILD_END);
319 if (key)
320 {
321 creds->add_key(creds, key);
322 }
323 key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_ANY,
324 BUILD_BLOB, key_data, BUILD_END);
325 if (key)
326 {
327 creds->add_key(creds, key);
328 }
329 cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
330 BUILD_BLOB, chunk_from_thing(rsa_crt), BUILD_END);
331 if (cert)
332 {
333 creds->add_cert(creds, TRUE, cert);
334 }
335 cert = lib->creds->create(lib->creds, CRED_CERTIFICATE, CERT_X509,
336 BUILD_BLOB, cert_data, BUILD_END);
337 if (cert)
338 {
339 creds->add_cert(creds, TRUE, cert);
340 }
341 }
342
343 START_SETUP(setup_creds)
344 {
345 setup_credentials(chunk_from_thing(ecdsa), chunk_from_thing(ecdsa_crt));
346 }
347 END_SETUP
348
349 START_SETUP(setup_ed25519_creds)
350 {
351 setup_credentials(chunk_from_thing(ed25519), chunk_from_thing(ed25519_crt));
352 }
353 END_SETUP
354
355 START_SETUP(setup_ed448_creds)
356 {
357 setup_credentials(chunk_from_thing(ed448), chunk_from_thing(ed448_crt));
358 }
359 END_SETUP
360
361 START_SETUP(setup_all_creds)
362 {
363 setup_credentials(chunk_from_thing(ecdsa), chunk_from_thing(ecdsa_crt));
364 setup_credentials(chunk_from_thing(ed25519), chunk_from_thing(ed25519_crt));
365 setup_credentials(chunk_from_thing(ed448), chunk_from_thing(ed448_crt));
366 }
367 END_SETUP
368
369 START_TEARDOWN(teardown_creds)
370 {
371 lib->credmgr->remove_set(lib->credmgr, &creds->set);
372 creds->destroy(creds);
373 creds = NULL;
374 }
375 END_TEARDOWN
376
377 /**
378 * Configuration for an echo server
379 */
380 typedef struct {
381 tls_version_t version;
382 uint16_t port;
383 char *addr;
384 chunk_t data;
385 int fd;
386 bool cauth;
387 } echo_server_config_t;
388
389 /**
390 * Run an echo server
391 */
392 static job_requeue_t serve_echo(echo_server_config_t *config)
393 {
394 tls_socket_t *tls;
395 int sfd, cfd;
396 identification_t *server, *client = NULL;
397 ssize_t len, total, done;
398 char buf[128];
399
400 server = identification_create_from_string(config->addr);
401 if (config->cauth)
402 {
403 client = server;
404 }
405 sfd = config->fd;
406 while (TRUE)
407 {
408 cfd = accept(sfd, NULL, NULL);
409 if (cfd < 0)
410 {
411 break;
412 }
413
414 tls = tls_socket_create(TRUE, server, client, cfd, NULL,
415 TLS_SUPPORTED_MIN, config->version, TRUE);
416 ck_assert(tls != NULL);
417
418 while (TRUE)
419 {
420 len = tls->read(tls, buf, sizeof(buf), TRUE);
421 if (len <= 0)
422 {
423 break;
424 }
425 total = 0;
426 while (total < len)
427 {
428 done = tls->write(tls, buf + total, len - total);
429 ck_assert_msg(done > 0, "%s", strerror(errno));
430 total += done;
431 }
432 }
433
434 tls->destroy(tls);
435 close(cfd);
436 }
437 server->destroy(server);
438
439 return JOB_REQUEUE_NONE;
440 }
441
442 /**
443 * Start a echo server using config
444 */
445 static void start_echo_server(echo_server_config_t *config)
446 {
447 host_t *host;
448 int on = 1;
449
450 host = host_create_from_string(config->addr, config->port);
451
452 config->fd = socket(AF_INET, SOCK_STREAM, 0);
453 ck_assert(config->fd != -1);
454 ck_assert(setsockopt(config->fd, SOL_SOCKET, SO_REUSEADDR,
455 (void*)&on, sizeof(on)) != -1);
456 ck_assert_msg(bind(config->fd, host->get_sockaddr(host),
457 *host->get_sockaddr_len(host)) != -1, "%s", strerror(errno));
458 host->destroy(host);
459 ck_assert(listen(config->fd, 1) != -1);
460
461 lib->processor->set_threads(lib->processor, 8);
462
463 lib->processor->queue_job(lib->processor, (job_t*)
464 callback_job_create((void*)serve_echo, config, NULL, NULL));
465 }
466
467 /**
468 * Run client to perform echo test
469 */
470 static void run_echo_client(echo_server_config_t *config)
471 {
472 tls_socket_t *tls;
473 ssize_t len, rd, wr;
474 int fd;
475 host_t *host;
476 identification_t *server, *client = NULL;
477 char buf[128];
478
479 host = host_create_from_string(config->addr, config->port);
480 server = identification_create_from_string(config->addr);
481 if (config->cauth)
482 {
483 client = server;
484 }
485
486 fd = socket(AF_INET, SOCK_STREAM, 0);
487 ck_assert(fd != -1);
488 ck_assert(connect(fd, host->get_sockaddr(host),
489 *host->get_sockaddr_len(host)) != -1);
490 tls = tls_socket_create(FALSE, server, client, fd, NULL,
491 TLS_SUPPORTED_MIN, config->version, TRUE);
492 ck_assert(tls != NULL);
493
494 wr = rd = 0;
495 while (rd < config->data.len)
496 {
497 len = tls->write(tls, config->data.ptr + wr, config->data.len - wr);
498 ck_assert(len >= 0);
499 wr += len;
500
501 len = tls->read(tls, buf, sizeof(buf), FALSE);
502 if (len == -1 && errno == EWOULDBLOCK)
503 {
504 continue;
505 }
506 if (len == 0)
507 {
508 ck_assert_int_eq(rd, config->data.len);
509 break;
510 }
511 ck_assert(len > 0);
512 ck_assert(rd + len <= config->data.len);
513 ck_assert(memeq(buf, config->data.ptr + rd, len));
514 rd += len;
515 }
516
517 tls->destroy(tls);
518 close(fd);
519 host->destroy(host);
520 server->destroy(server);
521 }
522
523 /**
524 * Create server/peer configuration
525 */
526 static echo_server_config_t *create_config(tls_version_t version, uint16_t port,
527 bool cauth)
528 {
529 echo_server_config_t *config;
530
531 INIT(config,
532 .version = version,
533 .addr = "127.0.0.1",
534 .port = port,
535 .cauth = cauth,
536 .data = chunk_from_chars(0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08),
537 );
538 return config;
539 }
540
541 /**
542 * Common test wrapper function for different test variants
543 */
544 static void test_tls(tls_version_t version, uint16_t port, bool cauth, u_int i)
545 {
546 echo_server_config_t *config;
547 tls_cipher_suite_t *suites;
548 char suite[128];
549 int count;
550
551 config = create_config(version, port, cauth);
552
553 start_echo_server(config);
554
555 count = tls_crypto_get_supported_suites(TRUE, version, &suites);
556 ck_assert(i < count);
557 snprintf(suite, sizeof(suite), "%N", tls_cipher_suite_names, suites[i]);
558 lib->settings->set_str(lib->settings, "%s.tls.suites", suite, lib->ns);
559
560 run_echo_client(config);
561
562 free(suites);
563
564 shutdown(config->fd, SHUT_RDWR);
565 close(config->fd);
566
567 free(config);
568 }
569
570 /**
571 * TLS curve test wrapper function
572 */
573 static void test_tls_ke_groups(tls_version_t version, uint16_t port, bool cauth,
574 u_int i)
575 {
576 echo_server_config_t *config;
577 diffie_hellman_group_t *groups;
578 char curve[128];
579 int count;
580
581 config = create_config(version, port, cauth);
582
583 start_echo_server(config);
584
585 count = tls_crypto_get_supported_groups(&groups);
586 ck_assert(i < count);
587 snprintf(curve, sizeof(curve), "%N", diffie_hellman_group_names_short,
588 groups[i]);
589 lib->settings->set_str(lib->settings, "%s.tls.ke_group", curve, lib->ns);
590
591 run_echo_client(config);
592
593 free(groups);
594
595 shutdown(config->fd, SHUT_RDWR);
596 close(config->fd);
597
598 free(config);
599 }
600
601 /**
602 * TLS signature test wrapper function
603 */
604 static void test_tls_signature_schemes(tls_version_t version, uint16_t port,
605 bool cauth, u_int i)
606 {
607 echo_server_config_t *config;
608 tls_signature_scheme_t *schemes;
609 char signature[128];
610 int count;
611
612 config = create_config(version, port, cauth);
613
614 start_echo_server(config);
615
616 count = tls_crypto_get_supported_signatures(version, &schemes);
617 ck_assert(i < count);
618 snprintf(signature, sizeof(signature), "%N", tls_signature_scheme_names,
619 schemes[i]);
620 lib->settings->set_str(lib->settings, "%s.tls.signature", signature, lib->ns);
621
622 run_echo_client(config);
623
624 free(schemes);
625
626 shutdown(config->fd, SHUT_RDWR);
627 close(config->fd);
628
629 free(config);
630 }
631
632 /**
633 * TLS server version test wrapper function
634 */
635 static void test_tls_server(tls_version_t version, uint16_t port, bool cauth,
636 u_int i)
637 {
638 echo_server_config_t *client, *server;
639
640 client = create_config(i, port, cauth);
641 server = create_config(version, port, cauth);
642
643 start_echo_server(server);
644
645 run_echo_client(client);
646
647 shutdown(client->fd, SHUT_RDWR);
648 close(client->fd);
649 shutdown(server->fd, SHUT_RDWR);
650 close(server->fd);
651
652 free(client);
653 free(server);
654 }
655
656 /**
657 * TLS client version test wrapper function
658 */
659 static void test_tls_client(tls_version_t version, uint16_t port, bool cauth,
660 u_int i)
661 {
662 echo_server_config_t *client, *server;
663
664 client = create_config(version, port, cauth);
665 server = create_config(i, port, cauth);
666
667 start_echo_server(server);
668
669 run_echo_client(client);
670
671 shutdown(client->fd, SHUT_RDWR);
672 close(client->fd);
673 shutdown(server->fd, SHUT_RDWR);
674 close(server->fd);
675
676 free(client);
677 free(server);
678 }
679
680 START_TEST(test_tls_12_server)
681 {
682 test_tls_server(TLS_1_2, 5661, FALSE, _i);
683 }
684 END_TEST
685
686 START_TEST(test_tls_13_server)
687 {
688 test_tls_server(TLS_1_3, 5662, FALSE, _i);
689 }
690 END_TEST
691
692 START_TEST(test_tls_13_client)
693 {
694 test_tls_client(TLS_1_3, 5663, FALSE, _i);
695 }
696 END_TEST
697
698 START_TEST(test_tls13_ke_groups)
699 {
700 test_tls_ke_groups(TLS_1_3, 5664, FALSE, _i);
701 }
702 END_TEST
703
704 START_TEST(test_tls13_signature_schemes)
705 {
706 test_tls_signature_schemes(TLS_1_3, 5665, FALSE, _i);
707 }
708 END_TEST
709
710 START_TEST(test_tls12_signature_schemes)
711 {
712 test_tls_signature_schemes(TLS_1_2, 5666, FALSE, _i);
713 }
714 END_TEST
715
716 START_TEST(test_tls11_signature_schemes)
717 {
718 test_tls_signature_schemes(TLS_1_1, 5667, FALSE, _i);
719 }
720 END_TEST
721
722 START_TEST(test_tls10_signature_schemes)
723 {
724 test_tls_signature_schemes(TLS_1_0, 5668, FALSE, _i);
725 }
726 END_TEST
727
728 START_TEST(test_tls13)
729 {
730 test_tls(TLS_1_3, 5669, FALSE, _i);
731 }
732 END_TEST
733
734 START_TEST(test_tls13_mutual)
735 {
736 test_tls(TLS_1_3, 5670, TRUE, _i);
737 }
738 END_TEST
739
740 START_TEST(test_tls12)
741 {
742 test_tls(TLS_1_2, 5671, FALSE, _i);
743 }
744 END_TEST
745
746 START_TEST(test_tls12_mutual)
747 {
748 test_tls(TLS_1_2, 5672, TRUE, _i);
749 }
750 END_TEST
751
752 START_TEST(test_tls11)
753 {
754 test_tls(TLS_1_1, 5673, FALSE, _i);
755 }
756 END_TEST
757
758 START_TEST(test_tls11_mutual)
759 {
760 test_tls(TLS_1_1, 5674, TRUE, _i);
761 }
762 END_TEST
763
764 START_TEST(test_tls10)
765 {
766 test_tls(TLS_1_0, 5675, FALSE, _i);
767 }
768 END_TEST
769
770 START_TEST(test_tls10_mutual)
771 {
772 test_tls(TLS_1_0, 5676, TRUE, _i);
773 }
774 END_TEST
775
776 #define add_tls_test(func, version) \
777 tcase_add_loop_test(tc, func, 0, \
778 tls_crypto_get_supported_suites(TRUE, version, NULL));
779
780 #define add_tls_versions_test(func, from, to) \
781 tcase_add_loop_test(tc, func, from, to+1);
782
783 Suite *socket_suite_create()
784 {
785 Suite *s;
786 TCase *tc;
787
788 s = suite_create("socket");
789
790 tc = tcase_create("TLS [1.0..1.3] client to TLS 1.3 server");
791 tcase_add_checked_fixture(tc, setup_creds, teardown_creds);
792 add_tls_versions_test(test_tls_13_server, TLS_1_0, TLS_1_3);
793 suite_add_tcase(s, tc);
794
795 tc = tcase_create("TLS 1.3 client to TLS [1.0..1.3] server");
796 tcase_add_checked_fixture(tc, setup_creds, teardown_creds);
797 add_tls_versions_test(test_tls_13_client, TLS_1_0, TLS_1_3);
798 suite_add_tcase(s, tc);
799
800 tc = tcase_create("TLS [1.0..1.3] client to TLS 1.2 server");
801 tcase_add_checked_fixture(tc, setup_creds, teardown_creds);
802 add_tls_versions_test(test_tls_12_server, TLS_1_0, TLS_1_3);
803 suite_add_tcase(s, tc);
804
805 tc = tcase_create("TLS 1.3/key exchange groups");
806 tcase_add_checked_fixture(tc, setup_creds, teardown_creds);
807 tcase_add_loop_test(tc, test_tls13_ke_groups, 0,
808 tls_crypto_get_supported_groups(NULL));
809 suite_add_tcase(s, tc);
810
811 tc = tcase_create("TLS 1.3/signature schemes");
812 tcase_add_checked_fixture(tc, setup_all_creds, teardown_creds);
813 tcase_add_loop_test(tc, test_tls13_signature_schemes, 0,
814 tls_crypto_get_supported_signatures(TLS_1_3, NULL));
815 suite_add_tcase(s, tc);
816
817 tc = tcase_create("TLS 1.2/signature schemes");
818 tcase_add_checked_fixture(tc, setup_all_creds, teardown_creds);
819 tcase_add_loop_test(tc, test_tls12_signature_schemes, 0,
820 tls_crypto_get_supported_signatures(TLS_1_2, NULL));
821 suite_add_tcase(s, tc);
822
823 tc = tcase_create("TLS 1.1/signature schemes");
824 tcase_add_checked_fixture(tc, setup_all_creds, teardown_creds);
825 tcase_add_loop_test(tc, test_tls11_signature_schemes, 0,
826 tls_crypto_get_supported_signatures(TLS_1_1, NULL));
827 suite_add_tcase(s, tc);
828
829 tc = tcase_create("TLS 1.0/signature schemes");
830 tcase_add_checked_fixture(tc, setup_all_creds, teardown_creds);
831 tcase_add_loop_test(tc, test_tls10_signature_schemes, 0,
832 tls_crypto_get_supported_signatures(TLS_1_0, NULL));
833 suite_add_tcase(s, tc);
834
835 tc = tcase_create("TLS 1.3/anon");
836 tcase_add_checked_fixture(tc, setup_creds, teardown_creds);
837 add_tls_test(test_tls13, TLS_1_3);
838 suite_add_tcase(s, tc);
839
840 tc = tcase_create("TLS 1.3/mutl");
841 tcase_add_checked_fixture(tc, setup_creds, teardown_creds);
842 add_tls_test(test_tls13_mutual, TLS_1_3);
843 suite_add_tcase(s, tc);
844
845 tc = tcase_create("TLS 1.2/anon");
846 tcase_add_checked_fixture(tc, setup_creds, teardown_creds);
847 add_tls_test(test_tls12, TLS_1_2);
848 suite_add_tcase(s, tc);
849
850 tc = tcase_create("TLS 1.2/mutl");
851 tcase_add_checked_fixture(tc, setup_creds, teardown_creds);
852 add_tls_test(test_tls12_mutual, TLS_1_2);
853 suite_add_tcase(s, tc);
854
855 tc = tcase_create("TLS 1.1/anon");
856 tcase_add_checked_fixture(tc, setup_creds, teardown_creds);
857 add_tls_test(test_tls11, TLS_1_1);
858 suite_add_tcase(s, tc);
859
860 tc = tcase_create("TLS 1.1/mutl");
861 tcase_add_checked_fixture(tc, setup_creds, teardown_creds);
862 add_tls_test(test_tls11_mutual, TLS_1_1);
863 suite_add_tcase(s, tc);
864
865 tc = tcase_create("TLS 1.0/anon");
866 tcase_add_checked_fixture(tc, setup_creds, teardown_creds);
867 add_tls_test(test_tls10, TLS_1_0);
868 suite_add_tcase(s, tc);
869
870 tc = tcase_create("TLS 1.0/mutl");
871 tcase_add_checked_fixture(tc, setup_creds, teardown_creds);
872 add_tls_test(test_tls10_mutual, TLS_1_0);
873 suite_add_tcase(s, tc);
874
875 return s;
876 }
877
878 Suite *socket_suite_ed25519_create()
879 {
880 Suite *s;
881 TCase *tc;
882
883 s = suite_create("socket ed25519");
884
885 tc = tcase_create("TLS 1.3/ed25519");
886 tcase_add_checked_fixture(tc, setup_ed25519_creds, teardown_creds);
887 add_tls_test(test_tls13, TLS_1_3);
888 suite_add_tcase(s, tc);
889
890 tc = tcase_create("TLS 1.2/ed25519");
891 tcase_add_checked_fixture(tc, setup_ed25519_creds, teardown_creds);
892 add_tls_test(test_tls12, TLS_1_2);
893 suite_add_tcase(s, tc);
894
895 tc = tcase_create("TLS 1.1/ed25519");
896 tcase_add_checked_fixture(tc, setup_ed25519_creds, teardown_creds);
897 add_tls_test(test_tls11, TLS_1_1);
898 suite_add_tcase(s, tc);
899
900 tc = tcase_create("TLS 1.0/ed25519");
901 tcase_add_checked_fixture(tc, setup_ed25519_creds, teardown_creds);
902 add_tls_test(test_tls10, TLS_1_0);
903 suite_add_tcase(s, tc);
904
905 return s;
906 }
907
908 Suite *socket_suite_ed448_create()
909 {
910 Suite *s;
911 TCase *tc;
912
913 s = suite_create("socket ed448");
914
915 tc = tcase_create("TLS 1.3/ed448");
916 tcase_add_checked_fixture(tc, setup_ed448_creds, teardown_creds);
917 add_tls_test(test_tls13, TLS_1_3);
918 suite_add_tcase(s, tc);
919
920 tc = tcase_create("TLS 1.2/ed448");
921 tcase_add_checked_fixture(tc, setup_ed448_creds, teardown_creds);
922 add_tls_test(test_tls12, TLS_1_2);
923 suite_add_tcase(s, tc);
924
925 tc = tcase_create("TLS 1.1/ed448");
926 tcase_add_checked_fixture(tc, setup_ed448_creds, teardown_creds);
927 add_tls_test(test_tls11, TLS_1_1);
928 suite_add_tcase(s, tc);
929
930 tc = tcase_create("TLS 1.0/ed448");
931 tcase_add_checked_fixture(tc, setup_ed448_creds, teardown_creds);
932 add_tls_test(test_tls10, TLS_1_0);
933 suite_add_tcase(s, tc);
934
935 return s;
936 }
strongSwan - IPsec VPN