diff options
author | Gilles Peskine <Gilles.Peskine@arm.com> | 2020-12-08 22:31:52 +0100 |
---|---|---|
committer | Gilles Peskine <Gilles.Peskine@arm.com> | 2021-04-01 14:18:31 +0200 |
commit | c6b0d96c31ce7989d5a30ac9f490544561d2bb48 (patch) | |
tree | 6860ebbacce81c0119944607c2e6fb307b2f5b8d /tests/data_files | |
parent | e93095fe6bdc99818f71197e808d20244cd1e41a (diff) | |
download | mbedtls-c6b0d96c31ce7989d5a30ac9f490544561d2bb48.zip mbedtls-c6b0d96c31ce7989d5a30ac9f490544561d2bb48.tar.gz mbedtls-c6b0d96c31ce7989d5a30ac9f490544561d2bb48.tar.bz2 |
More precise testing of dhm_min_len
An SSL client can be configured to insist on a minimum size for the
Diffie-Hellman (DHM) parameters sent by the server. Add several test
cases where the server sends parameters with exactly the minimum
size (must be accepted) or parameters that are one bit too short (must
be rejected). Make sure that there are test cases both where the
boundary is byte-aligned and where it isn't.
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
Diffstat (limited to 'tests/data_files')
-rw-r--r-- | tests/data_files/Makefile | 10 | ||||
-rw-r--r-- | tests/data_files/dh.998.pem | 17 | ||||
-rw-r--r-- | tests/data_files/dh.999.pem | 17 |
3 files changed, 44 insertions, 0 deletions
diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile index 0962898..f3cba5a 100644 --- a/tests/data_files/Makefile +++ b/tests/data_files/Makefile @@ -1132,6 +1132,16 @@ cert_md5.crt: cert_md5.csr all_final += cert_md5.crt ################################################################ +#### Diffie-Hellman parameters +################################################################ + +dh.998.pem: + $(OPENSSL) dhparam -out $@ -text 998 + +dh.999.pem: + $(OPENSSL) dhparam -out $@ -text 999 + +################################################################ #### Meta targets ################################################################ diff --git a/tests/data_files/dh.998.pem b/tests/data_files/dh.998.pem new file mode 100644 index 0000000..96d6cf2 --- /dev/null +++ b/tests/data_files/dh.998.pem @@ -0,0 +1,17 @@ + DH Parameters: (998 bit) + prime: + 39:5f:30:c0:7b:06:b7:6a:49:c6:c0:81:1f:39:77: + b3:35:e2:8d:66:fc:6a:6e:94:f3:df:97:f2:89:31: + 6c:75:39:08:16:d1:a4:b8:0c:68:c5:63:21:61:eb: + 48:2d:77:99:08:1d:67:38:37:0a:cd:cf:39:b6:3c: + 9d:8a:e5:85:3c:71:e3:4b:3e:1e:b9:80:e3:cc:7a: + fd:84:05:b0:df:36:15:29:4e:3e:23:3b:c3:ae:6b: + c7:11:b9:64:43:40:75:c7:4a:ef:a7:2d:00:e2:62: + 8f:93:78:96:8f:2c:25:8d:7d:1f:eb:5c:3c:bf:51: + de:f8:08:25:db + generator: 2 (0x2) +-----BEGIN DH PARAMETERS----- +MIGCAn05XzDAewa3aknGwIEfOXezNeKNZvxqbpTz35fyiTFsdTkIFtGkuAxoxWMh +YetILXeZCB1nODcKzc85tjydiuWFPHHjSz4euYDjzHr9hAWw3zYVKU4+IzvDrmvH +EblkQ0B1x0rvpy0A4mKPk3iWjywljX0f61w8v1He+Agl2wIBAg== +-----END DH PARAMETERS----- diff --git a/tests/data_files/dh.999.pem b/tests/data_files/dh.999.pem new file mode 100644 index 0000000..6e3ceb3 --- /dev/null +++ b/tests/data_files/dh.999.pem @@ -0,0 +1,17 @@ + DH Parameters: (999 bit) + prime: + 4f:b8:d2:d8:3c:b3:02:c9:64:f5:99:fe:61:cc:b3: + 69:1c:ba:bb:a2:33:db:38:2f:85:87:b7:12:fb:69: + 6e:a5:32:3e:ff:24:df:c4:61:07:0c:e1:88:72:fa: + 14:d4:22:65:18:66:09:7e:43:35:c4:5a:62:f7:0a: + 69:be:45:71:6e:ac:c5:56:d8:22:9e:c4:9c:23:2b: + bd:6d:3b:b6:02:4f:5d:12:a7:ac:90:b8:9e:be:93: + 82:bc:09:7c:cd:e1:09:21:1e:3d:69:2a:76:41:00: + 68:6d:b7:e8:e8:df:d6:1b:82:93:d9:21:4a:ea:71: + f2:e6:c4:94:03 + generator: 2 (0x2) +-----BEGIN DH PARAMETERS----- +MIGCAn1PuNLYPLMCyWT1mf5hzLNpHLq7ojPbOC+Fh7cS+2lupTI+/yTfxGEHDOGI +cvoU1CJlGGYJfkM1xFpi9wppvkVxbqzFVtginsScIyu9bTu2Ak9dEqeskLievpOC +vAl8zeEJIR49aSp2QQBobbfo6N/WG4KT2SFK6nHy5sSUAwIBAg== +-----END DH PARAMETERS----- |