Add tests for dhm_min_bitlen

parent 90966823
Recommended key length: 160 bits
generator:
23:84:3c:0d:55:8c:b9:7d:a9:d5:9a:80:82:fb:50:
89:29:71:8e:8e:a1:29:2e:df:db:01:34:41:e7:66:
fa:60:dc:bc:34:83:45:70:e0:61:e9:a6:25:23:c2:
77:33:a9:8a:90:94:21:ff:84:d2:7b:36:39:9b:e5:
f0:88:2b:35:98:64:28:58:27:be:fa:bf:e3:60:cc:
c4:61:60:59:78:a7:e1:a3:b3:a7:3e:7e:5b:a8:d7:
b7:ba:25:0e:b1:9e:79:03:b5:83:ba:43:34:b6:c1:
ce:45:66:72:07:64:8a:af:14:d8:ae:18:19:ba:25:
a6:d9:36:f8:8c:
prime:
9e:a4:a8:c4:29:fe:76:18:02:4f:76:c9:29:0e:f2:
ba:0d:92:08:9d:d9:b3:28:41:5d:88:4e:fe:3c:ae:
c1:d4:3e:7e:fb:d8:2c:bf:7b:63:70:99:9e:c4:ac:
d0:1e:7c:4e:22:07:d2:b5:f9:9a:9e:52:e2:97:9d:
c3:cb:0d:66:33:75:95:a7:96:6e:69:ec:16:bd:06:
4a:1a:dc:b2:d4:29:23:ab:2e:8f:7f:6a:84:1d:82:
23:6e:42:8c:1e:70:3d:21:bb:b9:b9:8f:f9:fd:9c:
53:08:e4:e8:5a:04:ca:5f:8f:73:55:ac:e1:41:20:
c7:43:fa:8f:99:
-----BEGIN DH PARAMETERS-----
MIIBAwJ+AJ6kqMQp/nYYAk92ySkO8roNkgid2bMoQV2ITv48rsHUPn772Cy/e2Nw
mZ7ErNAefE4iB9K1+ZqeUuKXncPLDWYzdZWnlm5p7Ba9Bkoa3LLUKSOrLo9/aoQd
giNuQowecD0hu7m5j/n9nFMI5OhaBMpfj3NVrOFBIMdD+o+ZAn0jhDwNVYy5fanV
moCC+1CJKXGOjqEpLt/bATRB52b6YNy8NINFcOBh6aYlI8J3M6mKkJQh/4TSezY5
m+XwiCs1mGQoWCe++r/jYMzEYWBZeKfho7OnPn5bqNe3uiUOsZ55A7WDukM0tsHO
RWZyB2SKrxTYrhgZuiWm2Tb4jAICAKA=
-----END DH PARAMETERS-----
......@@ -2304,6 +2304,43 @@ run_test "DHM parameters: other parameters" \
-c "value of 'DHM: P ' (1024 bits)" \
-c "value of 'DHM: G ' (2 bits)"
# Tests for DHM client-side size checking
run_test "DHM size: server default, client default, OK" \
"$P_SRV" \
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
debug_level=1" \
0 \
-C "DHM prime too short:"
run_test "DHM size: server default, client 2048, OK" \
"$P_SRV" \
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
debug_level=1 dhmlen=2048" \
0 \
-C "DHM prime too short:"
run_test "DHM size: server 1024, client default, OK" \
"$P_SRV dhm_file=data_files/dhparams.pem" \
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
debug_level=1" \
0 \
-C "DHM prime too short:"
run_test "DHM size: server 1000, client default, rejected" \
"$P_SRV dhm_file=data_files/dh.1000.pem" \
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
debug_level=1" \
1 \
-c "DHM prime too short:"
run_test "DHM size: server default, client 2049, rejected" \
"$P_SRV" \
"$P_CLI force_ciphersuite=TLS-DHE-RSA-WITH-AES-128-CBC-SHA \
debug_level=1 dhmlen=2049" \
1 \
-c "DHM prime too short:"
# Tests for PSK callback
run_test "PSK callback: psk, no callback" \
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment