Adjust ssl_test_new for SHA1 security level

SHA1 is now in security level 0. SHA1 is required for DTLSv1.1. Therefore
ssl_test_new needed some adjustments in the event that DTLSv1.2 is d

Adjust ssl_test_new for SHA1 security level

SHA1 is now in security level 0. SHA1 is required for DTLSv1.1. Therefore
ssl_test_new needed some adjustments in the event that DTLSv1.2 is disabled.

There are also adjustments required if using the FIPS module and DTLSv1.2
is disabled. The only DTLS version supported by the FIPS module is
DTLSv1.2.

Fixes #14956

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15047)

show more ...

Update copyright year

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14235)

Stop disabling TLSv1.3 if ec and dh are disabled

Even if EC and DH are disabled then we may still be able to use TLSv1.3
if we have groups that have been plugged in by an external provid

Stop disabling TLSv1.3 if ec and dh are disabled

Even if EC and DH are disabled then we may still be able to use TLSv1.3
if we have groups that have been plugged in by an external provider.

Fixes #13767

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13916)

show more ...

Reduce the security bits for MD5 and SHA1 based signatures in TLS

This has as effect that SHA1 and MD5+SHA1 are no longer supported at
security level 1, and that TLS < 1.2 is no longer s

Reduce the security bits for MD5 and SHA1 based signatures in TLS

This has as effect that SHA1 and MD5+SHA1 are no longer supported at
security level 1, and that TLS < 1.2 is no longer supported at the
default security level of 1, and that you need to set the security
level to 0 to use TLS < 1.2.

Reviewed-by: Tim Hudson <tjh@openssl.org>
GH: #10787

show more ...

Update copyright year

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11616)

Teach ssl_test_new how to test the FIPS module

We load the FIPS module and make sure it is configured before running
the ssl_test_new tests.

Reviewed-by: Shane Lontis <shane.lon

Teach ssl_test_new how to test the FIPS module

We load the FIPS module and make sure it is configured before running
the ssl_test_new tests.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11511)

show more ...

Allow TLSv1.3 in a no-ec build

Now that we have TLSv1.3 FFDHE support there is no reason why we should
not allow TLSv1.3 to be used in a no-ec build. This commit enables that
to happ

Allow TLSv1.3 in a no-ec build

Now that we have TLSv1.3 FFDHE support there is no reason why we should
not allow TLSv1.3 to be used in a no-ec build. This commit enables that
to happen.

It also fixes no-ec which was previously broken.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/9156)

show more ...

Following the license change, modify the boilerplates in test/

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7767)

Respect SSL_OP_NO_TICKET in TLSv1.3

Implement support for stateful TLSv1.3 tickets, and use them if
SSL_OP_NO_TICKET is set.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Revie

Respect SSL_OP_NO_TICKET in TLSv1.3

Implement support for stateful TLSv1.3 tickets, and use them if
SSL_OP_NO_TICKET is set.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6563)

show more ...

Update copyright year

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5689)

Split configuration of TLSv1.3 ciphers from older ciphers

With the current mechanism, old cipher strings that used to work in 1.1.0,
may inadvertently disable all TLSv1.3 ciphersuites ca

Split configuration of TLSv1.3 ciphers from older ciphers

With the current mechanism, old cipher strings that used to work in 1.1.0,
may inadvertently disable all TLSv1.3 ciphersuites causing connections to
fail. This is confusing for users.

In reality TLSv1.3 are quite different to older ciphers. They are much
simpler and there are only a small number of them so, arguably, they don't
need the same level of control that the older ciphers have.

This change splits the configuration of TLSv1.3 ciphers from older ones.
By default the TLSv1.3 ciphers are on, so you cannot inadvertently disable
them through your existing config.

Fixes #5359

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/5392)

show more ...

Add tests for version/ciphersuite sanity checks

The previous commits added sanity checks for where the max enabled protocol
version does not have any configured ciphersuites. We should c

Add tests for version/ciphersuite sanity checks

The previous commits added sanity checks for where the max enabled protocol
version does not have any configured ciphersuites. We should check that we
fail in those circumstances.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3316)

show more ...

Add SCTP testing for 11-dtls_resumption.conf

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3286)

Add SCTP testing to 07-dtls-protocol-version.conf

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3286)

Add support to test_ssl_new for testing with DTLS over SCTP

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3286)

Add a test for resumption after HRR

Make sure we actually test resumption where an HRR has occurred.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/o

Add a test for resumption after HRR

Make sure we actually test resumption where an HRR has occurred.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2996)

show more ...

Re-enable test_ssl_new resumption tests for TLSv1.3

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2259)

Send and Receive a TLSv1.3 format ServerHello

There are some minor differences in the format of a ServerHello in TLSv1.3.

Perl changes reviewed by Richard Levitte. Non-perl changes

Send and Receive a TLSv1.3 format ServerHello

There are some minor differences in the format of a ServerHello in TLSv1.3.

Perl changes reviewed by Richard Levitte. Non-perl changes reviewed by Rich
Salz

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>

show more ...

Look at the supported_versions extension even if the server <TLS1.3

If supported_versions is present it takes precedence.

Reviewed-by: Rich Salz <rsalz@openssl.org>

Update Configure to know about tls1_3

Also we disable TLS1.3 by default (use enable-tls1_3 to re-enable). This is
because this is a WIP and will not be interoperable with any other TLS1.

Update Configure to know about tls1_3

Also we disable TLS1.3 by default (use enable-tls1_3 to re-enable). This is
because this is a WIP and will not be interoperable with any other TLS1.3
implementation.

Finally, we fix some tests that started failing when TLS1.3 was disabled by
default.

Reviewed-by: Rich Salz <rsalz@openssl.org>

show more ...

Add the SSL_METHOD for TLSv1.3 and all other base changes required

Includes addition of the various options to s_server/s_client. Also adds
one of the new TLS1.3 ciphersuites.

T

Add the SSL_METHOD for TLSv1.3 and all other base changes required

Includes addition of the various options to s_server/s_client. Also adds
one of the new TLS1.3 ciphersuites.

This isn't "real" TLS1.3!! It's identical to TLS1.2 apart from the protocol
and the ciphersuite...and the ciphersuite is just a renamed TLS1.2 one (not
a "real" TLS1.3 ciphersuite).

Reviewed-by: Rich Salz <rsalz@openssl.org>

show more ...

Reorganize SSL test structures

Move custom server and client options from the test dictionary to an
"extra" section of each server/client. Rename test expectations to say
"Expected".

Reorganize SSL test structures

Move custom server and client options from the test dictionary to an
"extra" section of each server/client. Rename test expectations to say
"Expected".

This is a big but straightforward change. Primarily, this allows us to
specify multiple server and client contexts without redefining the
custom options for each of them. For example, instead of
"ServerNPNProtocols", "Server2NPNProtocols", "ResumeServerNPNProtocols",
we now have, "NPNProtocols".

This simplifies writing resumption and SNI tests. The first application
will be resumption tests for NPN and ALPN.

Regrouping the options also makes it clearer which options apply to the
server, which apply to the client, which configure the test, and which
are test expectations.

Reviewed-by: Richard Levitte <levitte@openssl.org>

show more ...

Test client-side resumption

Add tests for resuming with a different client version.

This happens in reality when clients persist sessions on disk through
upgrades.

Revi

Test client-side resumption

Add tests for resuming with a different client version.

This happens in reality when clients persist sessions on disk through
upgrades.

Reviewed-by: Rich Salz <rsalz@openssl.org>

show more ...

SSL test framework: port resumption tests

Systematically test every server-side version downgrade or upgrade.

Client version upgrade or downgrade could be tested analogously but wil

SSL test framework: port resumption tests

Systematically test every server-side version downgrade or upgrade.

Client version upgrade or downgrade could be tested analogously but will
be done in a later change.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>

show more ...

Port DTLS version negotiation tests

Reviewed-by: Rich Salz <rsalz@openssl.org>